From 038e4d2d9c553bd005aaedc4ef4252dd2b7cb73d Mon Sep 17 00:00:00 2001 From: Abhishek koserwal Date: Tue, 12 Nov 2019 15:18:58 +0530 Subject: [PATCH 01/73] Update README --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bc8876bb5..708d3e455 100644 --- a/README.md +++ b/README.md @@ -35,7 +35,7 @@ Building cfssl requires a ``` $ git clone git@github.com:cloudflare/cfssl.git $ cd cfssl -$ make +$ make install ``` The resulting binaries will be in the bin folder: From 2bc4eb0b45ebe4215d0de8706dbaf719dfa995a0 Mon Sep 17 00:00:00 2001 From: Abhishek koserwal Date: Tue, 12 Nov 2019 15:26:54 +0530 Subject: [PATCH 02/73] Update READMe updated build instructions --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 708d3e455..b7b94c98f 100644 --- a/README.md +++ b/README.md @@ -35,6 +35,7 @@ Building cfssl requires a ``` $ git clone git@github.com:cloudflare/cfssl.git $ cd cfssl +$ make $ make install ``` From 6f10f22d398ed8a9273d0344abe6b7e20e444252 Mon Sep 17 00:00:00 2001 From: Gabor Tanz Date: Sun, 24 Nov 2019 13:19:32 +0100 Subject: [PATCH 03/73] also output sha256 digest when generating certificate --- api/generator/generator.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/api/generator/generator.go b/api/generator/generator.go index c958f610d..6e6fba57c 100644 --- a/api/generator/generator.go +++ b/api/generator/generator.go @@ -4,6 +4,7 @@ package generator import ( "crypto/md5" "crypto/sha1" + "crypto/sha256" "crypto/x509" "encoding/json" "encoding/pem" @@ -35,6 +36,7 @@ specifically, section 10.2.3 ("Information Requirements").` type Sum struct { MD5 string `json:"md5"` SHA1 string `json:"sha-1"` + SHA256 string `json:"sha-256"` } // Validator is a type of function that contains the logic for validating @@ -97,8 +99,10 @@ func computeSum(in []byte) (sum Sum, err error) { md5Sum := md5.Sum(data) sha1Sum := sha1.Sum(data) + sha256Sum := sha256.Sum256(data) sum.MD5 = fmt.Sprintf("%X", md5Sum[:]) sum.SHA1 = fmt.Sprintf("%X", sha1Sum[:]) + sum.SHA256 = fmt.Sprintf("%X", sha256Sum[:]) return } From b41fd33b31f6d8620e76ce94563d77e6cae513db Mon Sep 17 00:00:00 2001 From: Gabor Tanz Date: Sun, 24 Nov 2019 13:43:37 +0100 Subject: [PATCH 04/73] update documentation with sha256 hashes --- doc/api/endpoint_newcert.txt | 6 ++++-- doc/api/endpoint_newkey.txt | 3 ++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/doc/api/endpoint_newcert.txt b/doc/api/endpoint_newcert.txt index c4ecb5408..3cde9b6a2 100644 --- a/doc/api/endpoint_newcert.txt +++ b/doc/api/endpoint_newcert.txt @@ -50,11 +50,13 @@ Example: "sums": { "certificate": { "md5": "E9308D1892F1B77E6721EA2F79C026BE", - "sha-1": "4640E6DEC2C40B74F46C409C1D31928EE0073D25" + "sha-1": "4640E6DEC2C40B74F46C409C1D31928EE0073D25", + "sha-256": "8812010B59EB8C00CDD9292078717216B131A710703F18A4DFB94AC166F507DF" }, "certificate_request": { "md5": "AA924136405006E36CEE39FED9CBA5D7", - "sha-1": "DF955A43DF669D38E07BF0479789D13881DC9024" + "sha-1": "DF955A43DF669D38E07BF0479789D13881DC9024", + "sha-256": "C7600A68BDB689346E2E4438A374606DFC3FFD3B6B9722E0A8CB32AA88FBA686" } } }, diff --git a/doc/api/endpoint_newkey.txt b/doc/api/endpoint_newkey.txt index 7256dd130..069129ee0 100644 --- a/doc/api/endpoint_newkey.txt +++ b/doc/api/endpoint_newkey.txt @@ -46,7 +46,8 @@ Example: "sums": { "certificate_request": { "md5": "95E25336DA65B58DA250C3B5FAA4B97F", - "sha-1": "5F1ACE9D14F55E95FAA246A80474873C14E0F42F" + "sha-1": "5F1ACE9D14F55E95FAA246A80474873C14E0F42F", + "sha-256": "EA8409AE9117FE62A91DBD64F2C7496DC4CF3A06C5D513D5811A1CC1E8B2D180" } } }, From 6e8b03168b08906a3e39b33f6779dfa9a9dab843 Mon Sep 17 00:00:00 2001 From: Nicky Semenza Date: Tue, 21 Mar 2023 16:17:15 -0700 Subject: [PATCH 05/73] push images to github/docker container registry relates to #1265 --- .github/workflows/docker-builds.yml | 39 +++++++++++++++++++++-------- Dockerfile | 5 +++- 2 files changed, 32 insertions(+), 12 deletions(-) diff --git a/.github/workflows/docker-builds.yml b/.github/workflows/docker-builds.yml index 18fb6d8d2..e59bb3334 100644 --- a/.github/workflows/docker-builds.yml +++ b/.github/workflows/docker-builds.yml @@ -1,26 +1,37 @@ -name: Build and publish cfssl docker image +name: cfssl docker on: + workflow_dispatch: push: + branches: + - "master" tags: - - 'v*.*.*' - + - "v*" jobs: build-and-push-image: runs-on: ubuntu-latest permissions: contents: read packages: write + strategy: + matrix: + include: + # github container registry + - registry: "ghcr.io" + username: ${{ github.actor }} + password_secret: GITHUB_TOKEN + image: ghcr.io/cloudflare/cfssl + # docker test publish, todo: switch to service account + - registry: "" + username: nicky + password_secret: DOCKER_REGISTRY_TOKEN_NICKY + image: cfssl/cfssl steps: - name: Checkout repository uses: actions/checkout@v3 with: fetch-depth: 0 - - name: Get tag - id: cfssl - run: echo "::set-output name=tag::$(git describe --tags HEAD)" - - name: Set up QEMU uses: docker/setup-qemu-action@v2 @@ -30,13 +41,19 @@ jobs: - name: Log in to the Docker hub uses: docker/login-action@v2 with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - + registry: ${{ matrix.registry }} + username: ${{ matrix.username }} + password: ${{ secrets[matrix.password_secret] }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@v4 + with: + images: ${{ matrix.image }} - name: Build and push uses: docker/build-push-action@v3 with: context: . platforms: linux/amd64,linux/arm64,linux/s390x push: true - tags: cfssl:${{ steps.cfssl.outputs.tag }} + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} diff --git a/Dockerfile b/Dockerfile index d22bf1946..21266f76e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,7 @@ -FROM --platform=${BUILDPLATFORM} golang:1.19.3 +FROM --platform=${BUILDPLATFORM} golang:1.20 + +LABEL org.opencontainers.image.source https://github.com/cloudflare/cfssl +LABEL org.opencontainers.image.description "Cloudflare's PKI toolkit" ARG TARGETOS ARG TARGETARCH From f7af124dff3e223ce82ff64d7a4ca9f96d604be1 Mon Sep 17 00:00:00 2001 From: Scott Hussey Date: Fri, 7 Apr 2023 11:27:21 -0500 Subject: [PATCH 06/73] Respect custom x509 ext in selfsign - No longer ignore specified x509 extensions in the CSR when generating a self-signed certificate. --- selfsign/selfsign.go | 1 + 1 file changed, 1 insertion(+) diff --git a/selfsign/selfsign.go b/selfsign/selfsign.go index c7f71d237..b77d4eb8a 100644 --- a/selfsign/selfsign.go +++ b/selfsign/selfsign.go @@ -46,6 +46,7 @@ func parseCertificateRequest(priv crypto.Signer, csrBytes []byte) (template *x50 EmailAddresses: csr.EmailAddresses, IPAddresses: csr.IPAddresses, URIs: csr.URIs, + ExtraExtensions: csr.Extensions, } return From 2fab338a5e797b5992a8a0cd85f2fe36b58df26b Mon Sep 17 00:00:00 2001 From: Nicky Semenza Date: Wed, 30 Nov 2022 09:04:17 -0800 Subject: [PATCH 07/73] add workflow to run goreleaser snapshot --- .github/workflows/snapshot.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) create mode 100644 .github/workflows/snapshot.yml diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml new file mode 100644 index 000000000..728ee3d96 --- /dev/null +++ b/.github/workflows/snapshot.yml @@ -0,0 +1,18 @@ +name: Image snapshots + +on: + push: + pull_request: + branches: [master] + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - run: make snapshot + - name: Archive snapshot artifacts + uses: actions/upload-artifact@v3 + with: + name: binaries + path: dist/ From 636ddf8b9e5073cd3ba80897edcbe7d6b11a8838 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patrick=20Jos=C3=A9=20Pereira?= Date: Tue, 18 Apr 2023 18:01:34 -0300 Subject: [PATCH 08/73] goreleaser: Add ARMv7 binaries MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Such boards are still available Signed-off-by: Patrick José Pereira --- .goreleaser.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.goreleaser.yml b/.goreleaser.yml index 2c4a76b0c..682bc6667 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -24,6 +24,7 @@ builds: - linux goarch: - amd64 + - arm - arm64 - s390x main: ./cmd/cfssl @@ -60,6 +61,7 @@ builds: - linux goarch: - amd64 + - arm - arm64 - s390x main: ./cmd/cfssl-bundle @@ -96,6 +98,7 @@ builds: - linux goarch: - amd64 + - arm - arm64 - s390x main: ./cmd/cfssl-certinfo @@ -132,6 +135,7 @@ builds: - linux goarch: - amd64 + - arm - arm64 - s390x main: ./cmd/cfssl-newkey @@ -168,6 +172,7 @@ builds: - linux goarch: - amd64 + - arm - arm64 - s390x main: ./cmd/cfssl-scan @@ -204,6 +209,7 @@ builds: - linux goarch: - amd64 + - arm - arm64 - s390x main: ./cmd/cfssljson @@ -240,6 +246,7 @@ builds: - linux goarch: - amd64 + - arm - arm64 - s390x main: ./cmd/mkbundle @@ -276,6 +283,7 @@ builds: - linux goarch: - amd64 + - arm - arm64 - s390x main: ./cmd/multirootca From 76629b56e45ca81359a377d22485ff8f214bf364 Mon Sep 17 00:00:00 2001 From: "K.B.Dharun Krishna" Date: Fri, 28 Apr 2023 11:50:46 +0530 Subject: [PATCH 09/73] snapshot.yml: update actions/checkout to v3 --- .github/workflows/snapshot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml index 728ee3d96..505e5433a 100644 --- a/.github/workflows/snapshot.yml +++ b/.github/workflows/snapshot.yml @@ -9,7 +9,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - run: make snapshot - name: Archive snapshot artifacts uses: actions/upload-artifact@v3 From e9d07906f1f5cf1a26fd1ffbe02747a4d7420e3c Mon Sep 17 00:00:00 2001 From: "K.B.Dharun Krishna" Date: Fri, 28 Apr 2023 11:53:13 +0530 Subject: [PATCH 10/73] go.yml: update actions/checkout to v3, actions/setup-go to v4 --- .github/workflows/go.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index e2aa5a0d6..4006e25e0 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -50,10 +50,10 @@ jobs: - run: psql -c 'create database certdb_development;' -U postgres; - run: mysql -e 'create database certdb_development;' -u root; - run: mysql -e 'SET global sql_mode = 0;' -u root; - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Go - uses: actions/setup-go@v2 + uses: actions/setup-go@v4 with: go-version: ${{ matrix.go }} @@ -70,7 +70,7 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/setup-go@v3 + - uses: actions/setup-go@v4 with: go-version: 1.18 - uses: actions/checkout@v3 From 5f34df79341ba7f3aa734926f7347078a02b2907 Mon Sep 17 00:00:00 2001 From: Nicky Semenza Date: Wed, 26 Apr 2023 10:35:05 -0700 Subject: [PATCH 11/73] fix architecture for docker builds it seems that specifing the platform arg is not needed / incorrect for github actions: https://github.com/docker/build-push-action/issues/668#issuecomment-1213063705 resolves #1287 --- Dockerfile | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 21266f76e..4b9e30a4c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,8 @@ -FROM --platform=${BUILDPLATFORM} golang:1.20 +FROM golang:1.20 + +ARG TARGETPLATFORM +ARG BUILDPLATFORM +RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" LABEL org.opencontainers.image.source https://github.com/cloudflare/cfssl LABEL org.opencontainers.image.description "Cloudflare's PKI toolkit" From f6cb3e8a12c79fd074c0ef514aba1d25e0f73436 Mon Sep 17 00:00:00 2001 From: Nicky Semenza Date: Thu, 11 May 2023 12:41:54 -0700 Subject: [PATCH 12/73] build pacakges with latest go disabling buildvcs for now, seems to be related to https://github.com/golang/go/issues/51253 --- .github/workflows/go.yml | 2 +- .goreleaser.yml | 48 ++++++++++++++++++++++++++++++++++++++++ Makefile | 4 ++-- 3 files changed, 51 insertions(+), 3 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 4006e25e0..8f85e0d9d 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - go: ["1.18", "1.19"] + go: [stable, oldstable] services: # Label used to access the service container postgres: diff --git a/.goreleaser.yml b/.goreleaser.yml index 682bc6667..d0f7aa0b1 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -18,6 +18,8 @@ builds: main: ./cmd/cfssl ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-linux binary: cfssl goos: @@ -30,6 +32,8 @@ builds: main: ./cmd/cfssl ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-windows binary: cfssl env: @@ -42,6 +46,8 @@ builds: main: ./cmd/cfssl ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-bundle-darwin binary: cfssl-bundle env: @@ -55,6 +61,8 @@ builds: main: ./cmd/cfssl-bundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-bundle-linux binary: cfssl-bundle goos: @@ -67,6 +75,8 @@ builds: main: ./cmd/cfssl-bundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-bundle-windows binary: cfssl-bundle env: @@ -79,6 +89,8 @@ builds: main: ./cmd/cfssl-bundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-certinfo-darwin binary: cfssl-certinfo env: @@ -92,6 +104,8 @@ builds: main: ./cmd/cfssl-certinfo ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-certinfo-linux binary: cfssl-certinfo goos: @@ -104,6 +118,8 @@ builds: main: ./cmd/cfssl-certinfo ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-certinfo-windows binary: cfssl-certinfo env: @@ -116,6 +132,8 @@ builds: main: ./cmd/cfssl-certinfo ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-newkey-darwin binary: cfssl-newkey env: @@ -129,6 +147,8 @@ builds: main: ./cmd/cfssl-newkey ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-newkey-linux binary: cfssl-newkey goos: @@ -141,6 +161,8 @@ builds: main: ./cmd/cfssl-newkey ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-newkey-windows binary: cfssl-newkey env: @@ -153,6 +175,8 @@ builds: main: ./cmd/cfssl-newkey ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-scan-darwin binary: cfssl-scan env: @@ -166,6 +190,8 @@ builds: main: ./cmd/cfssl-scan ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-scan-linux binary: cfssl-scan goos: @@ -178,6 +204,8 @@ builds: main: ./cmd/cfssl-scan ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssl-scan-windows binary: cfssl-scan env: @@ -190,6 +218,8 @@ builds: main: ./cmd/cfssl-scan ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssljson-darwin binary: cfssljson env: @@ -203,6 +233,8 @@ builds: main: ./cmd/cfssljson ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssljson-linux binary: cfssljson goos: @@ -215,6 +247,8 @@ builds: main: ./cmd/cfssljson ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: cfssljson-windows binary: cfssljson env: @@ -227,6 +261,8 @@ builds: main: ./cmd/cfssljson ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: mkbundle-darwin binary: mkbundle env: @@ -240,6 +276,8 @@ builds: main: ./cmd/mkbundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: mkbundle-linux binary: mkbundle goos: @@ -252,6 +290,8 @@ builds: main: ./cmd/mkbundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: mkbundle-windows binary: mkbundle env: @@ -264,6 +304,8 @@ builds: main: ./cmd/mkbundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: multirootca-darwin binary: multirootca env: @@ -277,6 +319,8 @@ builds: main: ./cmd/multirootca ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: multirootca-linux binary: multirootca goos: @@ -289,6 +333,8 @@ builds: main: ./cmd/multirootca ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false - id: multirootca-windows binary: multirootca env: @@ -301,6 +347,8 @@ builds: main: ./cmd/multirootca ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} + flags: + - -buildvcs=false archives: - format: binary allow_different_binary_count: true # https://github.com/goreleaser/goreleaser/pull/1841 diff --git a/Makefile b/Makefile index 6c72dc03b..fb1a9df2a 100644 --- a/Makefile +++ b/Makefile @@ -60,7 +60,7 @@ snapshot: --rm \ -v $(PWD):/cross \ -w /cross \ - ghcr.io/gythialy/golang-cross:v1.18 --rm-dist --snapshot --skip-publish + ghcr.io/gythialy/golang-cross:latest --clean --snapshot --skip-publish .PHONY: github-release github-release: @@ -71,7 +71,7 @@ github-release: -e GITHUB_TOKEN=$(GITHUB_TOKEN) \ -v $(PWD):/cross \ -w /cross \ - ghcr.io/gythialy/golang-cross:v1.18 --rm-dist + ghcr.io/gythialy/golang-cross:latest --clean .PHONY: docker-build docker-build: From 2b2dd1a75a3972bc1e9b9101f6096088ff4143db Mon Sep 17 00:00:00 2001 From: Benjamin Wang Date: Fri, 12 May 2023 13:03:50 +0800 Subject: [PATCH 13/73] configure dependabot Signed-off-by: Benjamin Wang --- .github/dependabot.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 000000000..dd954e576 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,12 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: / + schedule: + interval: weekly + + - package-ecosystem: gomod + directory: / + schedule: + interval: weekly + From e1d1777290871c186e482eaca1955569090c3b05 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 May 2023 15:45:34 +0000 Subject: [PATCH 14/73] build(deps): bump docker/build-push-action from 3 to 4 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3 to 4. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/docker-builds.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-builds.yml b/.github/workflows/docker-builds.yml index e59bb3334..d1d1d35cf 100644 --- a/.github/workflows/docker-builds.yml +++ b/.github/workflows/docker-builds.yml @@ -50,7 +50,7 @@ jobs: with: images: ${{ matrix.image }} - name: Build and push - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v4 with: context: . platforms: linux/amd64,linux/arm64,linux/s390x From e2461488a140d0814d702b0a6746c962afc6ff44 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 May 2023 15:45:42 +0000 Subject: [PATCH 15/73] build(deps): bump github.com/prometheus/client_golang Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.13.0 to 1.15.1. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.13.0...v1.15.1) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 21 +- go.sum | 58 +- vendor/github.com/cespare/xxhash/v2/README.md | 31 +- .../github.com/cespare/xxhash/v2/testall.sh | 10 + vendor/github.com/cespare/xxhash/v2/xxhash.go | 47 +- .../cespare/xxhash/v2/xxhash_amd64.s | 336 ++-- .../cespare/xxhash/v2/xxhash_arm64.s | 183 ++ .../v2/{xxhash_amd64.go => xxhash_asm.go} | 2 + .../cespare/xxhash/v2/xxhash_other.go | 22 +- .../cespare/xxhash/v2/xxhash_safe.go | 1 + .../cespare/xxhash/v2/xxhash_unsafe.go | 3 +- .../client_golang/prometheus/counter.go | 37 +- .../client_golang/prometheus/desc.go | 46 +- .../client_golang/prometheus/doc.go | 107 +- .../client_golang/prometheus/gauge.go | 32 +- .../prometheus/go_collector_latest.go | 7 +- .../client_golang/prometheus/histogram.go | 1009 ++++++++++- .../prometheus/internal/almost_equal.go | 60 + .../prometheus/internal/difflib.go | 13 +- .../client_golang/prometheus/labels.go | 75 +- .../client_golang/prometheus/metric.go | 8 +- .../client_golang/prometheus/promauto/auto.go | 170 +- .../prometheus/promhttp/instrument_client.go | 27 +- .../prometheus/promhttp/instrument_server.go | 109 +- .../prometheus/promhttp/option.go | 38 +- .../client_golang/prometheus/registry.go | 51 +- .../client_golang/prometheus/summary.go | 48 +- .../client_golang/prometheus/timer.go | 39 +- .../client_golang/prometheus/value.go | 10 +- .../client_golang/prometheus/vec.go | 54 +- .../client_golang/prometheus/vnext.go | 23 + .../client_golang/prometheus/wrap.go | 8 +- .../prometheus/client_model/go/metrics.pb.go | 333 +++- .../prometheus/common/expfmt/decode.go | 36 +- .../prometheus/common/expfmt/fuzz.go | 4 +- .../common/expfmt/openmetrics_create.go | 22 +- .../prometheus/common/expfmt/text_create.go | 3 +- .../prometheus/common/expfmt/text_parse.go | 10 +- .../bitbucket.org/ww/goautoneg/autoneg.go | 22 +- .../prometheus/common/model/time.go | 89 +- .../prometheus/common/model/value.go | 246 ++- .../prometheus/common/model/value_float.go | 100 ++ .../common/model/value_histogram.go | 178 ++ .../prometheus/common/model/value_type.go | 83 + .../prometheus/procfs/Makefile.common | 9 +- .../github.com/prometheus/procfs/cpuinfo.go | 36 + .../prometheus/procfs/cpuinfo_loong64.go | 19 + .../prometheus/procfs/cpuinfo_others.go | 4 +- vendor/github.com/prometheus/procfs/doc.go | 51 +- .../prometheus/procfs/mountstats.go | 3 +- .../prometheus/procfs/net_softnet.go | 70 +- .../github.com/prometheus/procfs/netstat.go | 53 +- .../prometheus/procfs/proc_cgroup.go | 2 +- .../prometheus/procfs/proc_interrupts.go | 98 ++ .../prometheus/procfs/proc_netstat.go | 491 +++--- .../github.com/prometheus/procfs/proc_snmp.go | 318 ++-- .../prometheus/procfs/proc_snmp6.go | 364 ++-- .../github.com/prometheus/procfs/proc_stat.go | 4 +- .../prometheus/procfs/proc_status.go | 6 +- vendor/github.com/prometheus/procfs/stat.go | 22 +- vendor/github.com/prometheus/procfs/thread.go | 79 + vendor/github.com/prometheus/procfs/vm.go | 4 +- .../testify/assert/assertion_compare.go | 76 +- .../assert/assertion_compare_can_convert.go | 16 + .../assert/assertion_compare_legacy.go | 16 + .../testify/assert/assertion_format.go | 22 + .../testify/assert/assertion_forward.go | 44 + .../testify/assert/assertion_order.go | 8 +- .../stretchr/testify/assert/assertions.go | 190 +- .../stretchr/testify/require/require.go | 56 + .../testify/require/require_forward.go | 44 + vendor/golang.org/x/sys/cpu/hwcap_linux.go | 15 + vendor/golang.org/x/sys/cpu/runtime_auxv.go | 16 + .../x/sys/cpu/runtime_auxv_go121.go | 19 + vendor/golang.org/x/sys/unix/ioctl.go | 17 +- vendor/golang.org/x/sys/unix/ioctl_zos.go | 8 +- vendor/golang.org/x/sys/unix/ptrace_darwin.go | 6 + vendor/golang.org/x/sys/unix/ptrace_ios.go | 6 + vendor/golang.org/x/sys/unix/syscall_aix.go | 5 +- vendor/golang.org/x/sys/unix/syscall_bsd.go | 3 +- .../golang.org/x/sys/unix/syscall_darwin.go | 12 +- .../x/sys/unix/syscall_darwin_amd64.go | 1 + .../x/sys/unix/syscall_darwin_arm64.go | 1 + .../x/sys/unix/syscall_dragonfly.go | 1 + .../golang.org/x/sys/unix/syscall_freebsd.go | 43 +- .../x/sys/unix/syscall_freebsd_386.go | 17 +- .../x/sys/unix/syscall_freebsd_amd64.go | 17 +- .../x/sys/unix/syscall_freebsd_arm.go | 15 +- .../x/sys/unix/syscall_freebsd_arm64.go | 15 +- .../x/sys/unix/syscall_freebsd_riscv64.go | 15 +- vendor/golang.org/x/sys/unix/syscall_hurd.go | 8 + vendor/golang.org/x/sys/unix/syscall_linux.go | 36 +- .../golang.org/x/sys/unix/syscall_netbsd.go | 5 +- .../golang.org/x/sys/unix/syscall_openbsd.go | 1 + .../golang.org/x/sys/unix/syscall_solaris.go | 21 +- .../x/sys/unix/syscall_zos_s390x.go | 4 +- vendor/golang.org/x/sys/unix/zerrors_linux.go | 10 +- .../x/sys/unix/zptrace_armnn_linux.go | 8 +- .../x/sys/unix/zptrace_linux_arm64.go | 4 +- .../x/sys/unix/zptrace_mipsnn_linux.go | 8 +- .../x/sys/unix/zptrace_mipsnnle_linux.go | 8 +- .../x/sys/unix/zptrace_x86_linux.go | 8 +- .../golang.org/x/sys/unix/zsyscall_aix_ppc.go | 10 + .../x/sys/unix/zsyscall_aix_ppc64.go | 10 + .../x/sys/unix/zsyscall_aix_ppc64_gc.go | 7 + .../x/sys/unix/zsyscall_aix_ppc64_gccgo.go | 8 + .../x/sys/unix/zsyscall_darwin_amd64.go | 16 + .../x/sys/unix/zsyscall_darwin_arm64.go | 16 + .../x/sys/unix/zsyscall_dragonfly_amd64.go | 10 + .../x/sys/unix/zsyscall_freebsd_386.go | 20 + .../x/sys/unix/zsyscall_freebsd_amd64.go | 20 + .../x/sys/unix/zsyscall_freebsd_arm.go | 20 + .../x/sys/unix/zsyscall_freebsd_arm64.go | 20 + .../x/sys/unix/zsyscall_freebsd_riscv64.go | 20 + .../golang.org/x/sys/unix/zsyscall_linux.go | 10 + .../x/sys/unix/zsyscall_netbsd_386.go | 10 + .../x/sys/unix/zsyscall_netbsd_amd64.go | 10 + .../x/sys/unix/zsyscall_netbsd_arm.go | 10 + .../x/sys/unix/zsyscall_netbsd_arm64.go | 10 + .../x/sys/unix/zsyscall_openbsd_386.go | 8 + .../x/sys/unix/zsyscall_openbsd_amd64.go | 8 + .../x/sys/unix/zsyscall_openbsd_arm.go | 8 + .../x/sys/unix/zsyscall_openbsd_arm64.go | 8 + .../x/sys/unix/zsyscall_openbsd_mips64.go | 8 + .../x/sys/unix/zsyscall_openbsd_ppc64.go | 8 + .../x/sys/unix/zsyscall_openbsd_riscv64.go | 8 + .../x/sys/unix/zsyscall_solaris_amd64.go | 11 + .../x/sys/unix/zsyscall_zos_s390x.go | 10 + .../x/sys/unix/ztypes_freebsd_386.go | 2 +- .../x/sys/unix/ztypes_freebsd_amd64.go | 2 +- .../x/sys/unix/ztypes_freebsd_arm.go | 2 +- .../x/sys/unix/ztypes_freebsd_arm64.go | 2 +- .../x/sys/unix/ztypes_freebsd_riscv64.go | 2 +- vendor/golang.org/x/sys/unix/ztypes_linux.go | 140 +- .../golang.org/x/sys/unix/ztypes_linux_386.go | 2 +- .../x/sys/unix/ztypes_linux_amd64.go | 2 +- .../golang.org/x/sys/unix/ztypes_linux_arm.go | 2 +- .../x/sys/unix/ztypes_linux_arm64.go | 2 +- .../x/sys/unix/ztypes_linux_loong64.go | 2 +- .../x/sys/unix/ztypes_linux_mips.go | 2 +- .../x/sys/unix/ztypes_linux_mips64.go | 2 +- .../x/sys/unix/ztypes_linux_mips64le.go | 2 +- .../x/sys/unix/ztypes_linux_mipsle.go | 2 +- .../golang.org/x/sys/unix/ztypes_linux_ppc.go | 2 +- .../x/sys/unix/ztypes_linux_ppc64.go | 2 +- .../x/sys/unix/ztypes_linux_ppc64le.go | 2 +- .../x/sys/unix/ztypes_linux_riscv64.go | 2 +- .../x/sys/unix/ztypes_linux_s390x.go | 2 +- .../x/sys/unix/ztypes_linux_sparc64.go | 2 +- .../x/sys/windows/syscall_windows.go | 6 +- .../golang.org/x/sys/windows/types_windows.go | 85 + .../x/sys/windows/zsyscall_windows.go | 27 + .../protobuf/encoding/protowire/wire.go | 8 +- .../protobuf/internal/encoding/text/decode.go | 5 +- .../internal/encoding/text/decode_number.go | 43 +- .../protobuf/internal/genid/descriptor_gen.go | 90 +- .../protobuf/internal/impl/convert.go | 1 - .../protobuf/internal/strs/strings_unsafe.go | 2 +- .../protobuf/internal/version/version.go | 4 +- .../google.golang.org/protobuf/proto/doc.go | 9 +- .../google.golang.org/protobuf/proto/equal.go | 172 +- .../reflect/protoreflect/source_gen.go | 14 + .../protobuf/reflect/protoreflect/value.go | 2 +- .../reflect/protoreflect/value_equal.go | 168 ++ .../reflect/protoreflect/value_union.go | 4 +- .../reflect/protoregistry/registry.go | 2 +- .../types/descriptorpb/descriptor.pb.go | 1547 +++++++++++------ .../types/known/timestamppb/timestamp.pb.go | 61 +- vendor/modules.txt | 26 +- 169 files changed, 6339 insertions(+), 2690 deletions(-) create mode 100644 vendor/github.com/cespare/xxhash/v2/testall.sh create mode 100644 vendor/github.com/cespare/xxhash/v2/xxhash_arm64.s rename vendor/github.com/cespare/xxhash/v2/{xxhash_amd64.go => xxhash_asm.go} (73%) create mode 100644 vendor/github.com/prometheus/client_golang/prometheus/internal/almost_equal.go create mode 100644 vendor/github.com/prometheus/client_golang/prometheus/vnext.go create mode 100644 vendor/github.com/prometheus/common/model/value_float.go create mode 100644 vendor/github.com/prometheus/common/model/value_histogram.go create mode 100644 vendor/github.com/prometheus/common/model/value_type.go create mode 100644 vendor/github.com/prometheus/procfs/cpuinfo_loong64.go create mode 100644 vendor/github.com/prometheus/procfs/proc_interrupts.go create mode 100644 vendor/github.com/prometheus/procfs/thread.go create mode 100644 vendor/github.com/stretchr/testify/assert/assertion_compare_can_convert.go create mode 100644 vendor/github.com/stretchr/testify/assert/assertion_compare_legacy.go create mode 100644 vendor/golang.org/x/sys/cpu/runtime_auxv.go create mode 100644 vendor/golang.org/x/sys/cpu/runtime_auxv_go121.go create mode 100644 vendor/google.golang.org/protobuf/reflect/protoreflect/value_equal.go diff --git a/go.mod b/go.mod index da6944dd9..c7f581b40 100644 --- a/go.mod +++ b/go.mod @@ -13,8 +13,8 @@ require ( github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46 github.com/lib/pq v1.10.1 github.com/mattn/go-sqlite3 v1.14.15 - github.com/prometheus/client_golang v1.13.0 - github.com/stretchr/testify v1.7.0 + github.com/prometheus/client_golang v1.15.1 + github.com/stretchr/testify v1.8.0 github.com/zmap/zcrypto v0.0.0-20210511125630-18f1e0152cfc github.com/zmap/zlint/v3 v3.1.0 golang.org/x/crypto v0.3.0 @@ -22,24 +22,25 @@ require ( require ( github.com/beorn7/perks v1.0.1 // indirect - github.com/cespare/xxhash/v2 v2.1.2 // indirect + github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/getsentry/sentry-go v0.11.0 // indirect github.com/go-logr/logr v1.2.0 // indirect - github.com/golang/protobuf v1.5.2 // indirect + github.com/golang/protobuf v1.5.3 // indirect github.com/kr/text v0.2.0 // indirect github.com/kylelemons/go-gypsy v1.0.0 // indirect - github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect + github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/client_model v0.2.0 // indirect - github.com/prometheus/common v0.37.0 // indirect - github.com/prometheus/procfs v0.8.0 // indirect + github.com/prometheus/client_model v0.3.0 // indirect + github.com/prometheus/common v0.42.0 // indirect + github.com/prometheus/procfs v0.9.0 // indirect + github.com/rogpeppe/go-internal v1.10.0 // indirect github.com/weppos/publicsuffix-go v0.15.1-0.20210511084619-b1f36a2d6c0b // indirect github.com/ziutek/mymysql v1.5.4 // indirect golang.org/x/net v0.7.0 // indirect - golang.org/x/sys v0.5.0 // indirect + golang.org/x/sys v0.6.0 // indirect golang.org/x/text v0.7.0 // indirect - google.golang.org/protobuf v1.28.1 // indirect + google.golang.org/protobuf v1.30.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/klog/v2 v2.80.1 // indirect ) diff --git a/go.sum b/go.sum index a53af1928..83955850d 100644 --- a/go.sum +++ b/go.sum @@ -54,8 +54,9 @@ github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= +github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= @@ -102,11 +103,9 @@ github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2 github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY= -github.com/go-kit/log v0.2.0/go.mod h1:NwTd00d/i8cPZ3xOwwiv2PO5MOcx78fFErGNcVmBjv0= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KEVveWlfTs= github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8= @@ -144,8 +143,9 @@ github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QD github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= -github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/gomodule/redigo v1.7.1-0.20190724094224-574c33c3df38/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -199,7 +199,6 @@ github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCV github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= @@ -221,6 +220,7 @@ github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxv github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= @@ -242,8 +242,8 @@ github.com/mattn/go-sqlite3 v1.14.15 h1:vfoHhTN1af61xCRSWzFIWzx2YskyMTwHLrExkBOj github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/matttproud/golang_protobuf_extensions v1.0.2 h1:hAHbPm5IJGijwng3PWk09JkG9WeqChjprR5s9bBZ+OM= -github.com/matttproud/golang_protobuf_extensions v1.0.2/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= +github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/mediocregopher/radix/v3 v3.4.2/go.mod h1:8FL3F6UQRXHXIBSPUs5h0RybMF8i4n7wVopoX3x7Bv8= github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/leAFZyRl6bYmGDlGc= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= @@ -252,7 +252,6 @@ github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ= github.com/mreiferson/go-httpclient v0.0.0-20160630210159-31f0106b4474/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= @@ -261,7 +260,6 @@ github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5Vgl github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzEE/Zbp4w= github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w= github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= -github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= @@ -279,29 +277,30 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0= -github.com/prometheus/client_golang v1.12.1/go.mod h1:3Z9XVyYiZYEO+YQWt3RD2R3jrbd179Rt297l4aS6nDY= -github.com/prometheus/client_golang v1.13.0 h1:b71QUfeo5M8gq2+evJdTPfZhYMAU0uKPkyPJ7TPsloU= -github.com/prometheus/client_golang v1.13.0/go.mod h1:vTeo+zgvILHsnnj/39Ou/1fPN5nJFOEMgftOUOmlvYQ= +github.com/prometheus/client_golang v1.15.1 h1:8tXpTmJbyH5lydzFPoxSIJ0J46jdh3tylbvM1xCv0LI= +github.com/prometheus/client_golang v1.15.1/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= +github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= +github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= github.com/prometheus/common v0.31.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.32.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls= -github.com/prometheus/common v0.37.0 h1:ccBbHCgIiT9uSoFY0vX8H3zsNR5eLt17/RQLUvn8pXE= -github.com/prometheus/common v0.37.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= +github.com/prometheus/common v0.42.0 h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM= +github.com/prometheus/common v0.42.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= -github.com/prometheus/procfs v0.8.0 h1:ODq8ZFEaYeCaZOJlZZdJA2AbQR98dSHSM1KW/You5mo= -github.com/prometheus/procfs v0.8.0/go.mod h1:z7EfXMXOkbkqb9IINtpCn86r/to3BnA0uaxHdg830/4= +github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI= +github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= +github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/schollz/closestmatch v2.1.0+incompatible/go.mod h1:RtP1ddjLong6gTkbtmuhtR2uUrrJOpYzYRvbcPAid+g= @@ -322,11 +321,13 @@ github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= @@ -442,8 +443,6 @@ golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81R golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220127200216-cd36cc0744dd/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= -golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk= golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -452,7 +451,6 @@ golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4Iltr golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A= -golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b/go.mod h1:DAh4E804XQdzx2j+YRIaUnCqCV2RuMz24cGBJ5QYIrc= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -507,13 +505,10 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220114195835-da31bd327af9/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -522,7 +517,6 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -651,13 +645,13 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= -google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng= +google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE= diff --git a/vendor/github.com/cespare/xxhash/v2/README.md b/vendor/github.com/cespare/xxhash/v2/README.md index 792b4a60b..8bf0e5b78 100644 --- a/vendor/github.com/cespare/xxhash/v2/README.md +++ b/vendor/github.com/cespare/xxhash/v2/README.md @@ -3,8 +3,7 @@ [![Go Reference](https://pkg.go.dev/badge/github.com/cespare/xxhash/v2.svg)](https://pkg.go.dev/github.com/cespare/xxhash/v2) [![Test](https://github.com/cespare/xxhash/actions/workflows/test.yml/badge.svg)](https://github.com/cespare/xxhash/actions/workflows/test.yml) -xxhash is a Go implementation of the 64-bit -[xxHash](http://cyan4973.github.io/xxHash/) algorithm, XXH64. This is a +xxhash is a Go implementation of the 64-bit [xxHash] algorithm, XXH64. This is a high-quality hashing algorithm that is much faster than anything in the Go standard library. @@ -25,8 +24,11 @@ func (*Digest) WriteString(string) (int, error) func (*Digest) Sum64() uint64 ``` -This implementation provides a fast pure-Go implementation and an even faster -assembly implementation for amd64. +The package is written with optimized pure Go and also contains even faster +assembly implementations for amd64 and arm64. If desired, the `purego` build tag +opts into using the Go code even on those architectures. + +[xxHash]: http://cyan4973.github.io/xxHash/ ## Compatibility @@ -45,19 +47,20 @@ I recommend using the latest release of Go. Here are some quick benchmarks comparing the pure-Go and assembly implementations of Sum64. -| input size | purego | asm | -| --- | --- | --- | -| 5 B | 979.66 MB/s | 1291.17 MB/s | -| 100 B | 7475.26 MB/s | 7973.40 MB/s | -| 4 KB | 17573.46 MB/s | 17602.65 MB/s | -| 10 MB | 17131.46 MB/s | 17142.16 MB/s | +| input size | purego | asm | +| ---------- | --------- | --------- | +| 4 B | 1.3 GB/s | 1.2 GB/s | +| 16 B | 2.9 GB/s | 3.5 GB/s | +| 100 B | 6.9 GB/s | 8.1 GB/s | +| 4 KB | 11.7 GB/s | 16.7 GB/s | +| 10 MB | 12.0 GB/s | 17.3 GB/s | -These numbers were generated on Ubuntu 18.04 with an Intel i7-8700K CPU using -the following commands under Go 1.11.2: +These numbers were generated on Ubuntu 20.04 with an Intel Xeon Platinum 8252C +CPU using the following commands under Go 1.19.2: ``` -$ go test -tags purego -benchtime 10s -bench '/xxhash,direct,bytes' -$ go test -benchtime 10s -bench '/xxhash,direct,bytes' +benchstat <(go test -tags purego -benchtime 500ms -count 15 -bench 'Sum64$') +benchstat <(go test -benchtime 500ms -count 15 -bench 'Sum64$') ``` ## Projects using this package diff --git a/vendor/github.com/cespare/xxhash/v2/testall.sh b/vendor/github.com/cespare/xxhash/v2/testall.sh new file mode 100644 index 000000000..94b9c4439 --- /dev/null +++ b/vendor/github.com/cespare/xxhash/v2/testall.sh @@ -0,0 +1,10 @@ +#!/bin/bash +set -eu -o pipefail + +# Small convenience script for running the tests with various combinations of +# arch/tags. This assumes we're running on amd64 and have qemu available. + +go test ./... +go test -tags purego ./... +GOARCH=arm64 go test +GOARCH=arm64 go test -tags purego diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash.go b/vendor/github.com/cespare/xxhash/v2/xxhash.go index 15c835d54..a9e0d45c9 100644 --- a/vendor/github.com/cespare/xxhash/v2/xxhash.go +++ b/vendor/github.com/cespare/xxhash/v2/xxhash.go @@ -16,19 +16,11 @@ const ( prime5 uint64 = 2870177450012600261 ) -// NOTE(caleb): I'm using both consts and vars of the primes. Using consts where -// possible in the Go code is worth a small (but measurable) performance boost -// by avoiding some MOVQs. Vars are needed for the asm and also are useful for -// convenience in the Go code in a few places where we need to intentionally -// avoid constant arithmetic (e.g., v1 := prime1 + prime2 fails because the -// result overflows a uint64). -var ( - prime1v = prime1 - prime2v = prime2 - prime3v = prime3 - prime4v = prime4 - prime5v = prime5 -) +// Store the primes in an array as well. +// +// The consts are used when possible in Go code to avoid MOVs but we need a +// contiguous array of the assembly code. +var primes = [...]uint64{prime1, prime2, prime3, prime4, prime5} // Digest implements hash.Hash64. type Digest struct { @@ -50,10 +42,10 @@ func New() *Digest { // Reset clears the Digest's state so that it can be reused. func (d *Digest) Reset() { - d.v1 = prime1v + prime2 + d.v1 = primes[0] + prime2 d.v2 = prime2 d.v3 = 0 - d.v4 = -prime1v + d.v4 = -primes[0] d.total = 0 d.n = 0 } @@ -69,21 +61,23 @@ func (d *Digest) Write(b []byte) (n int, err error) { n = len(b) d.total += uint64(n) + memleft := d.mem[d.n&(len(d.mem)-1):] + if d.n+n < 32 { // This new data doesn't even fill the current block. - copy(d.mem[d.n:], b) + copy(memleft, b) d.n += n return } if d.n > 0 { // Finish off the partial block. - copy(d.mem[d.n:], b) + c := copy(memleft, b) d.v1 = round(d.v1, u64(d.mem[0:8])) d.v2 = round(d.v2, u64(d.mem[8:16])) d.v3 = round(d.v3, u64(d.mem[16:24])) d.v4 = round(d.v4, u64(d.mem[24:32])) - b = b[32-d.n:] + b = b[c:] d.n = 0 } @@ -133,21 +127,20 @@ func (d *Digest) Sum64() uint64 { h += d.total - i, end := 0, d.n - for ; i+8 <= end; i += 8 { - k1 := round(0, u64(d.mem[i:i+8])) + b := d.mem[:d.n&(len(d.mem)-1)] + for ; len(b) >= 8; b = b[8:] { + k1 := round(0, u64(b[:8])) h ^= k1 h = rol27(h)*prime1 + prime4 } - if i+4 <= end { - h ^= uint64(u32(d.mem[i:i+4])) * prime1 + if len(b) >= 4 { + h ^= uint64(u32(b[:4])) * prime1 h = rol23(h)*prime2 + prime3 - i += 4 + b = b[4:] } - for i < end { - h ^= uint64(d.mem[i]) * prime5 + for ; len(b) > 0; b = b[1:] { + h ^= uint64(b[0]) * prime5 h = rol11(h) * prime1 - i++ } h ^= h >> 33 diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_amd64.s b/vendor/github.com/cespare/xxhash/v2/xxhash_amd64.s index be8db5bf7..3e8b13257 100644 --- a/vendor/github.com/cespare/xxhash/v2/xxhash_amd64.s +++ b/vendor/github.com/cespare/xxhash/v2/xxhash_amd64.s @@ -1,215 +1,209 @@ +//go:build !appengine && gc && !purego // +build !appengine // +build gc // +build !purego #include "textflag.h" -// Register allocation: -// AX h -// SI pointer to advance through b -// DX n -// BX loop end -// R8 v1, k1 -// R9 v2 -// R10 v3 -// R11 v4 -// R12 tmp -// R13 prime1v -// R14 prime2v -// DI prime4v - -// round reads from and advances the buffer pointer in SI. -// It assumes that R13 has prime1v and R14 has prime2v. -#define round(r) \ - MOVQ (SI), R12 \ - ADDQ $8, SI \ - IMULQ R14, R12 \ - ADDQ R12, r \ - ROLQ $31, r \ - IMULQ R13, r - -// mergeRound applies a merge round on the two registers acc and val. -// It assumes that R13 has prime1v, R14 has prime2v, and DI has prime4v. -#define mergeRound(acc, val) \ - IMULQ R14, val \ - ROLQ $31, val \ - IMULQ R13, val \ - XORQ val, acc \ - IMULQ R13, acc \ - ADDQ DI, acc +// Registers: +#define h AX +#define d AX +#define p SI // pointer to advance through b +#define n DX +#define end BX // loop end +#define v1 R8 +#define v2 R9 +#define v3 R10 +#define v4 R11 +#define x R12 +#define prime1 R13 +#define prime2 R14 +#define prime4 DI + +#define round(acc, x) \ + IMULQ prime2, x \ + ADDQ x, acc \ + ROLQ $31, acc \ + IMULQ prime1, acc + +// round0 performs the operation x = round(0, x). +#define round0(x) \ + IMULQ prime2, x \ + ROLQ $31, x \ + IMULQ prime1, x + +// mergeRound applies a merge round on the two registers acc and x. +// It assumes that prime1, prime2, and prime4 have been loaded. +#define mergeRound(acc, x) \ + round0(x) \ + XORQ x, acc \ + IMULQ prime1, acc \ + ADDQ prime4, acc + +// blockLoop processes as many 32-byte blocks as possible, +// updating v1, v2, v3, and v4. It assumes that there is at least one block +// to process. +#define blockLoop() \ +loop: \ + MOVQ +0(p), x \ + round(v1, x) \ + MOVQ +8(p), x \ + round(v2, x) \ + MOVQ +16(p), x \ + round(v3, x) \ + MOVQ +24(p), x \ + round(v4, x) \ + ADDQ $32, p \ + CMPQ p, end \ + JLE loop // func Sum64(b []byte) uint64 -TEXT ·Sum64(SB), NOSPLIT, $0-32 +TEXT ·Sum64(SB), NOSPLIT|NOFRAME, $0-32 // Load fixed primes. - MOVQ ·prime1v(SB), R13 - MOVQ ·prime2v(SB), R14 - MOVQ ·prime4v(SB), DI + MOVQ ·primes+0(SB), prime1 + MOVQ ·primes+8(SB), prime2 + MOVQ ·primes+24(SB), prime4 // Load slice. - MOVQ b_base+0(FP), SI - MOVQ b_len+8(FP), DX - LEAQ (SI)(DX*1), BX + MOVQ b_base+0(FP), p + MOVQ b_len+8(FP), n + LEAQ (p)(n*1), end // The first loop limit will be len(b)-32. - SUBQ $32, BX + SUBQ $32, end // Check whether we have at least one block. - CMPQ DX, $32 + CMPQ n, $32 JLT noBlocks // Set up initial state (v1, v2, v3, v4). - MOVQ R13, R8 - ADDQ R14, R8 - MOVQ R14, R9 - XORQ R10, R10 - XORQ R11, R11 - SUBQ R13, R11 - - // Loop until SI > BX. -blockLoop: - round(R8) - round(R9) - round(R10) - round(R11) - - CMPQ SI, BX - JLE blockLoop - - MOVQ R8, AX - ROLQ $1, AX - MOVQ R9, R12 - ROLQ $7, R12 - ADDQ R12, AX - MOVQ R10, R12 - ROLQ $12, R12 - ADDQ R12, AX - MOVQ R11, R12 - ROLQ $18, R12 - ADDQ R12, AX - - mergeRound(AX, R8) - mergeRound(AX, R9) - mergeRound(AX, R10) - mergeRound(AX, R11) + MOVQ prime1, v1 + ADDQ prime2, v1 + MOVQ prime2, v2 + XORQ v3, v3 + XORQ v4, v4 + SUBQ prime1, v4 + + blockLoop() + + MOVQ v1, h + ROLQ $1, h + MOVQ v2, x + ROLQ $7, x + ADDQ x, h + MOVQ v3, x + ROLQ $12, x + ADDQ x, h + MOVQ v4, x + ROLQ $18, x + ADDQ x, h + + mergeRound(h, v1) + mergeRound(h, v2) + mergeRound(h, v3) + mergeRound(h, v4) JMP afterBlocks noBlocks: - MOVQ ·prime5v(SB), AX + MOVQ ·primes+32(SB), h afterBlocks: - ADDQ DX, AX - - // Right now BX has len(b)-32, and we want to loop until SI > len(b)-8. - ADDQ $24, BX - - CMPQ SI, BX - JG fourByte - -wordLoop: - // Calculate k1. - MOVQ (SI), R8 - ADDQ $8, SI - IMULQ R14, R8 - ROLQ $31, R8 - IMULQ R13, R8 - - XORQ R8, AX - ROLQ $27, AX - IMULQ R13, AX - ADDQ DI, AX - - CMPQ SI, BX - JLE wordLoop - -fourByte: - ADDQ $4, BX - CMPQ SI, BX - JG singles - - MOVL (SI), R8 - ADDQ $4, SI - IMULQ R13, R8 - XORQ R8, AX - - ROLQ $23, AX - IMULQ R14, AX - ADDQ ·prime3v(SB), AX - -singles: - ADDQ $4, BX - CMPQ SI, BX + ADDQ n, h + + ADDQ $24, end + CMPQ p, end + JG try4 + +loop8: + MOVQ (p), x + ADDQ $8, p + round0(x) + XORQ x, h + ROLQ $27, h + IMULQ prime1, h + ADDQ prime4, h + + CMPQ p, end + JLE loop8 + +try4: + ADDQ $4, end + CMPQ p, end + JG try1 + + MOVL (p), x + ADDQ $4, p + IMULQ prime1, x + XORQ x, h + + ROLQ $23, h + IMULQ prime2, h + ADDQ ·primes+16(SB), h + +try1: + ADDQ $4, end + CMPQ p, end JGE finalize -singlesLoop: - MOVBQZX (SI), R12 - ADDQ $1, SI - IMULQ ·prime5v(SB), R12 - XORQ R12, AX +loop1: + MOVBQZX (p), x + ADDQ $1, p + IMULQ ·primes+32(SB), x + XORQ x, h + ROLQ $11, h + IMULQ prime1, h - ROLQ $11, AX - IMULQ R13, AX - - CMPQ SI, BX - JL singlesLoop + CMPQ p, end + JL loop1 finalize: - MOVQ AX, R12 - SHRQ $33, R12 - XORQ R12, AX - IMULQ R14, AX - MOVQ AX, R12 - SHRQ $29, R12 - XORQ R12, AX - IMULQ ·prime3v(SB), AX - MOVQ AX, R12 - SHRQ $32, R12 - XORQ R12, AX - - MOVQ AX, ret+24(FP) + MOVQ h, x + SHRQ $33, x + XORQ x, h + IMULQ prime2, h + MOVQ h, x + SHRQ $29, x + XORQ x, h + IMULQ ·primes+16(SB), h + MOVQ h, x + SHRQ $32, x + XORQ x, h + + MOVQ h, ret+24(FP) RET -// writeBlocks uses the same registers as above except that it uses AX to store -// the d pointer. - // func writeBlocks(d *Digest, b []byte) int -TEXT ·writeBlocks(SB), NOSPLIT, $0-40 +TEXT ·writeBlocks(SB), NOSPLIT|NOFRAME, $0-40 // Load fixed primes needed for round. - MOVQ ·prime1v(SB), R13 - MOVQ ·prime2v(SB), R14 + MOVQ ·primes+0(SB), prime1 + MOVQ ·primes+8(SB), prime2 // Load slice. - MOVQ b_base+8(FP), SI - MOVQ b_len+16(FP), DX - LEAQ (SI)(DX*1), BX - SUBQ $32, BX + MOVQ b_base+8(FP), p + MOVQ b_len+16(FP), n + LEAQ (p)(n*1), end + SUBQ $32, end // Load vN from d. - MOVQ d+0(FP), AX - MOVQ 0(AX), R8 // v1 - MOVQ 8(AX), R9 // v2 - MOVQ 16(AX), R10 // v3 - MOVQ 24(AX), R11 // v4 + MOVQ s+0(FP), d + MOVQ 0(d), v1 + MOVQ 8(d), v2 + MOVQ 16(d), v3 + MOVQ 24(d), v4 // We don't need to check the loop condition here; this function is // always called with at least one block of data to process. -blockLoop: - round(R8) - round(R9) - round(R10) - round(R11) - - CMPQ SI, BX - JLE blockLoop + blockLoop() // Copy vN back to d. - MOVQ R8, 0(AX) - MOVQ R9, 8(AX) - MOVQ R10, 16(AX) - MOVQ R11, 24(AX) - - // The number of bytes written is SI minus the old base pointer. - SUBQ b_base+8(FP), SI - MOVQ SI, ret+32(FP) + MOVQ v1, 0(d) + MOVQ v2, 8(d) + MOVQ v3, 16(d) + MOVQ v4, 24(d) + + // The number of bytes written is p minus the old base pointer. + SUBQ b_base+8(FP), p + MOVQ p, ret+32(FP) RET diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_arm64.s b/vendor/github.com/cespare/xxhash/v2/xxhash_arm64.s new file mode 100644 index 000000000..7e3145a22 --- /dev/null +++ b/vendor/github.com/cespare/xxhash/v2/xxhash_arm64.s @@ -0,0 +1,183 @@ +//go:build !appengine && gc && !purego +// +build !appengine +// +build gc +// +build !purego + +#include "textflag.h" + +// Registers: +#define digest R1 +#define h R2 // return value +#define p R3 // input pointer +#define n R4 // input length +#define nblocks R5 // n / 32 +#define prime1 R7 +#define prime2 R8 +#define prime3 R9 +#define prime4 R10 +#define prime5 R11 +#define v1 R12 +#define v2 R13 +#define v3 R14 +#define v4 R15 +#define x1 R20 +#define x2 R21 +#define x3 R22 +#define x4 R23 + +#define round(acc, x) \ + MADD prime2, acc, x, acc \ + ROR $64-31, acc \ + MUL prime1, acc + +// round0 performs the operation x = round(0, x). +#define round0(x) \ + MUL prime2, x \ + ROR $64-31, x \ + MUL prime1, x + +#define mergeRound(acc, x) \ + round0(x) \ + EOR x, acc \ + MADD acc, prime4, prime1, acc + +// blockLoop processes as many 32-byte blocks as possible, +// updating v1, v2, v3, and v4. It assumes that n >= 32. +#define blockLoop() \ + LSR $5, n, nblocks \ + PCALIGN $16 \ + loop: \ + LDP.P 16(p), (x1, x2) \ + LDP.P 16(p), (x3, x4) \ + round(v1, x1) \ + round(v2, x2) \ + round(v3, x3) \ + round(v4, x4) \ + SUB $1, nblocks \ + CBNZ nblocks, loop + +// func Sum64(b []byte) uint64 +TEXT ·Sum64(SB), NOSPLIT|NOFRAME, $0-32 + LDP b_base+0(FP), (p, n) + + LDP ·primes+0(SB), (prime1, prime2) + LDP ·primes+16(SB), (prime3, prime4) + MOVD ·primes+32(SB), prime5 + + CMP $32, n + CSEL LT, prime5, ZR, h // if n < 32 { h = prime5 } else { h = 0 } + BLT afterLoop + + ADD prime1, prime2, v1 + MOVD prime2, v2 + MOVD $0, v3 + NEG prime1, v4 + + blockLoop() + + ROR $64-1, v1, x1 + ROR $64-7, v2, x2 + ADD x1, x2 + ROR $64-12, v3, x3 + ROR $64-18, v4, x4 + ADD x3, x4 + ADD x2, x4, h + + mergeRound(h, v1) + mergeRound(h, v2) + mergeRound(h, v3) + mergeRound(h, v4) + +afterLoop: + ADD n, h + + TBZ $4, n, try8 + LDP.P 16(p), (x1, x2) + + round0(x1) + + // NOTE: here and below, sequencing the EOR after the ROR (using a + // rotated register) is worth a small but measurable speedup for small + // inputs. + ROR $64-27, h + EOR x1 @> 64-27, h, h + MADD h, prime4, prime1, h + + round0(x2) + ROR $64-27, h + EOR x2 @> 64-27, h, h + MADD h, prime4, prime1, h + +try8: + TBZ $3, n, try4 + MOVD.P 8(p), x1 + + round0(x1) + ROR $64-27, h + EOR x1 @> 64-27, h, h + MADD h, prime4, prime1, h + +try4: + TBZ $2, n, try2 + MOVWU.P 4(p), x2 + + MUL prime1, x2 + ROR $64-23, h + EOR x2 @> 64-23, h, h + MADD h, prime3, prime2, h + +try2: + TBZ $1, n, try1 + MOVHU.P 2(p), x3 + AND $255, x3, x1 + LSR $8, x3, x2 + + MUL prime5, x1 + ROR $64-11, h + EOR x1 @> 64-11, h, h + MUL prime1, h + + MUL prime5, x2 + ROR $64-11, h + EOR x2 @> 64-11, h, h + MUL prime1, h + +try1: + TBZ $0, n, finalize + MOVBU (p), x4 + + MUL prime5, x4 + ROR $64-11, h + EOR x4 @> 64-11, h, h + MUL prime1, h + +finalize: + EOR h >> 33, h + MUL prime2, h + EOR h >> 29, h + MUL prime3, h + EOR h >> 32, h + + MOVD h, ret+24(FP) + RET + +// func writeBlocks(d *Digest, b []byte) int +TEXT ·writeBlocks(SB), NOSPLIT|NOFRAME, $0-40 + LDP ·primes+0(SB), (prime1, prime2) + + // Load state. Assume v[1-4] are stored contiguously. + MOVD d+0(FP), digest + LDP 0(digest), (v1, v2) + LDP 16(digest), (v3, v4) + + LDP b_base+8(FP), (p, n) + + blockLoop() + + // Store updated state. + STP (v1, v2), 0(digest) + STP (v3, v4), 16(digest) + + BIC $31, n + MOVD n, ret+32(FP) + RET diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_amd64.go b/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go similarity index 73% rename from vendor/github.com/cespare/xxhash/v2/xxhash_amd64.go rename to vendor/github.com/cespare/xxhash/v2/xxhash_asm.go index ad14b807f..9216e0a40 100644 --- a/vendor/github.com/cespare/xxhash/v2/xxhash_amd64.go +++ b/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go @@ -1,3 +1,5 @@ +//go:build (amd64 || arm64) && !appengine && gc && !purego +// +build amd64 arm64 // +build !appengine // +build gc // +build !purego diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_other.go b/vendor/github.com/cespare/xxhash/v2/xxhash_other.go index 4a5a82160..26df13bba 100644 --- a/vendor/github.com/cespare/xxhash/v2/xxhash_other.go +++ b/vendor/github.com/cespare/xxhash/v2/xxhash_other.go @@ -1,4 +1,5 @@ -// +build !amd64 appengine !gc purego +//go:build (!amd64 && !arm64) || appengine || !gc || purego +// +build !amd64,!arm64 appengine !gc purego package xxhash @@ -14,10 +15,10 @@ func Sum64(b []byte) uint64 { var h uint64 if n >= 32 { - v1 := prime1v + prime2 + v1 := primes[0] + prime2 v2 := prime2 v3 := uint64(0) - v4 := -prime1v + v4 := -primes[0] for len(b) >= 32 { v1 = round(v1, u64(b[0:8:len(b)])) v2 = round(v2, u64(b[8:16:len(b)])) @@ -36,19 +37,18 @@ func Sum64(b []byte) uint64 { h += uint64(n) - i, end := 0, len(b) - for ; i+8 <= end; i += 8 { - k1 := round(0, u64(b[i:i+8:len(b)])) + for ; len(b) >= 8; b = b[8:] { + k1 := round(0, u64(b[:8])) h ^= k1 h = rol27(h)*prime1 + prime4 } - if i+4 <= end { - h ^= uint64(u32(b[i:i+4:len(b)])) * prime1 + if len(b) >= 4 { + h ^= uint64(u32(b[:4])) * prime1 h = rol23(h)*prime2 + prime3 - i += 4 + b = b[4:] } - for ; i < end; i++ { - h ^= uint64(b[i]) * prime5 + for ; len(b) > 0; b = b[1:] { + h ^= uint64(b[0]) * prime5 h = rol11(h) * prime1 } diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go b/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go index fc9bea7a3..e86f1b5fd 100644 --- a/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go +++ b/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go @@ -1,3 +1,4 @@ +//go:build appengine // +build appengine // This file contains the safe implementations of otherwise unsafe-using code. diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go b/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go index 376e0ca2e..1c1638fd8 100644 --- a/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go +++ b/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go @@ -1,3 +1,4 @@ +//go:build !appengine // +build !appengine // This file encapsulates usage of unsafe. @@ -11,7 +12,7 @@ import ( // In the future it's possible that compiler optimizations will make these // XxxString functions unnecessary by realizing that calls such as -// Sum64([]byte(s)) don't need to copy s. See https://golang.org/issue/2205. +// Sum64([]byte(s)) don't need to copy s. See https://go.dev/issue/2205. // If that happens, even if we keep these functions they can be replaced with // the trivial safe code. diff --git a/vendor/github.com/prometheus/client_golang/prometheus/counter.go b/vendor/github.com/prometheus/client_golang/prometheus/counter.go index de30de6da..62de4dc59 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/counter.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/counter.go @@ -59,6 +59,18 @@ type ExemplarAdder interface { // CounterOpts is an alias for Opts. See there for doc comments. type CounterOpts Opts +// CounterVecOpts bundles the options to create a CounterVec metric. +// It is mandatory to set CounterOpts, see there for mandatory fields. VariableLabels +// is optional and can safely be left to its default value. +type CounterVecOpts struct { + CounterOpts + + // VariableLabels are used to partition the metric vector by the given set + // of labels. Each label value will be constrained with the optional Contraint + // function, if provided. + VariableLabels ConstrainableLabels +} + // NewCounter creates a new Counter based on the provided CounterOpts. // // The returned implementation also implements ExemplarAdder. It is safe to @@ -140,12 +152,13 @@ func (c *counter) get() float64 { } func (c *counter) Write(out *dto.Metric) error { - val := c.get() - + // Read the Exemplar first and the value second. This is to avoid a race condition + // where users see an exemplar for a not-yet-existing observation. var exemplar *dto.Exemplar if e := c.exemplar.Load(); e != nil { exemplar = e.(*dto.Exemplar) } + val := c.get() return populateMetric(CounterValue, val, c.labelPairs, exemplar, out) } @@ -173,16 +186,24 @@ type CounterVec struct { // NewCounterVec creates a new CounterVec based on the provided CounterOpts and // partitioned by the given label names. func NewCounterVec(opts CounterOpts, labelNames []string) *CounterVec { - desc := NewDesc( + return V2.NewCounterVec(CounterVecOpts{ + CounterOpts: opts, + VariableLabels: UnconstrainedLabels(labelNames), + }) +} + +// NewCounterVec creates a new CounterVec based on the provided CounterVecOpts. +func (v2) NewCounterVec(opts CounterVecOpts) *CounterVec { + desc := V2.NewDesc( BuildFQName(opts.Namespace, opts.Subsystem, opts.Name), opts.Help, - labelNames, + opts.VariableLabels, opts.ConstLabels, ) return &CounterVec{ MetricVec: NewMetricVec(desc, func(lvs ...string) Metric { if len(lvs) != len(desc.variableLabels) { - panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels, lvs)) + panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.labelNames(), lvs)) } result := &counter{desc: desc, labelPairs: MakeLabelPairs(desc, lvs), now: time.Now} result.init(result) // Init self-collection. @@ -245,7 +266,8 @@ func (v *CounterVec) GetMetricWith(labels Labels) (Counter, error) { // WithLabelValues works as GetMetricWithLabelValues, but panics where // GetMetricWithLabelValues would have returned an error. Not returning an // error allows shortcuts like -// myVec.WithLabelValues("404", "GET").Add(42) +// +// myVec.WithLabelValues("404", "GET").Add(42) func (v *CounterVec) WithLabelValues(lvs ...string) Counter { c, err := v.GetMetricWithLabelValues(lvs...) if err != nil { @@ -256,7 +278,8 @@ func (v *CounterVec) WithLabelValues(lvs ...string) Counter { // With works as GetMetricWith, but panics where GetMetricWithLabels would have // returned an error. Not returning an error allows shortcuts like -// myVec.With(prometheus.Labels{"code": "404", "method": "GET"}).Add(42) +// +// myVec.With(prometheus.Labels{"code": "404", "method": "GET"}).Add(42) func (v *CounterVec) With(labels Labels) Counter { c, err := v.GetMetricWith(labels) if err != nil { diff --git a/vendor/github.com/prometheus/client_golang/prometheus/desc.go b/vendor/github.com/prometheus/client_golang/prometheus/desc.go index 8bc5e44e2..12331542d 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/desc.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/desc.go @@ -14,20 +14,16 @@ package prometheus import ( - "errors" "fmt" "sort" "strings" - "github.com/cespare/xxhash/v2" - "github.com/prometheus/client_golang/prometheus/internal" - //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility. - "github.com/golang/protobuf/proto" - "github.com/prometheus/common/model" - + "github.com/cespare/xxhash/v2" dto "github.com/prometheus/client_model/go" + "github.com/prometheus/common/model" + "google.golang.org/protobuf/proto" ) // Desc is the descriptor used by every Prometheus Metric. It is essentially @@ -54,9 +50,9 @@ type Desc struct { // constLabelPairs contains precalculated DTO label pairs based on // the constant labels. constLabelPairs []*dto.LabelPair - // variableLabels contains names of labels for which the metric - // maintains variable values. - variableLabels []string + // variableLabels contains names of labels and normalization function for + // which the metric maintains variable values. + variableLabels ConstrainedLabels // id is a hash of the values of the ConstLabels and fqName. This // must be unique among all registered descriptors and can therefore be // used as an identifier of the descriptor. @@ -80,10 +76,24 @@ type Desc struct { // For constLabels, the label values are constant. Therefore, they are fully // specified in the Desc. See the Collector example for a usage pattern. func NewDesc(fqName, help string, variableLabels []string, constLabels Labels) *Desc { + return V2.NewDesc(fqName, help, UnconstrainedLabels(variableLabels), constLabels) +} + +// NewDesc allocates and initializes a new Desc. Errors are recorded in the Desc +// and will be reported on registration time. variableLabels and constLabels can +// be nil if no such labels should be set. fqName must not be empty. +// +// variableLabels only contain the label names and normalization functions. Their +// label values are variable and therefore not part of the Desc. (They are managed +// within the Metric.) +// +// For constLabels, the label values are constant. Therefore, they are fully +// specified in the Desc. See the Collector example for a usage pattern. +func (v2) NewDesc(fqName, help string, variableLabels ConstrainableLabels, constLabels Labels) *Desc { d := &Desc{ fqName: fqName, help: help, - variableLabels: variableLabels, + variableLabels: variableLabels.constrainedLabels(), } if !model.IsValidMetricName(model.LabelValue(fqName)) { d.err = fmt.Errorf("%q is not a valid metric name", fqName) @@ -93,7 +103,7 @@ func NewDesc(fqName, help string, variableLabels []string, constLabels Labels) * // their sorted label names) plus the fqName (at position 0). labelValues := make([]string, 1, len(constLabels)+1) labelValues[0] = fqName - labelNames := make([]string, 0, len(constLabels)+len(variableLabels)) + labelNames := make([]string, 0, len(constLabels)+len(d.variableLabels)) labelNameSet := map[string]struct{}{} // First add only the const label names and sort them... for labelName := range constLabels { @@ -118,16 +128,16 @@ func NewDesc(fqName, help string, variableLabels []string, constLabels Labels) * // Now add the variable label names, but prefix them with something that // cannot be in a regular label name. That prevents matching the label // dimension with a different mix between preset and variable labels. - for _, labelName := range variableLabels { - if !checkLabelName(labelName) { - d.err = fmt.Errorf("%q is not a valid label name for metric %q", labelName, fqName) + for _, label := range d.variableLabels { + if !checkLabelName(label.Name) { + d.err = fmt.Errorf("%q is not a valid label name for metric %q", label.Name, fqName) return d } - labelNames = append(labelNames, "$"+labelName) - labelNameSet[labelName] = struct{}{} + labelNames = append(labelNames, "$"+label.Name) + labelNameSet[label.Name] = struct{}{} } if len(labelNames) != len(labelNameSet) { - d.err = errors.New("duplicate label names") + d.err = fmt.Errorf("duplicate label names in constant and variable labels for metric %q", fqName) return d } diff --git a/vendor/github.com/prometheus/client_golang/prometheus/doc.go b/vendor/github.com/prometheus/client_golang/prometheus/doc.go index 98450125d..962608f02 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/doc.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/doc.go @@ -21,55 +21,66 @@ // All exported functions and methods are safe to be used concurrently unless // specified otherwise. // -// A Basic Example +// # A Basic Example // // As a starting point, a very basic usage example: // -// package main -// -// import ( -// "log" -// "net/http" -// -// "github.com/prometheus/client_golang/prometheus" -// "github.com/prometheus/client_golang/prometheus/promhttp" -// ) -// -// var ( -// cpuTemp = prometheus.NewGauge(prometheus.GaugeOpts{ -// Name: "cpu_temperature_celsius", -// Help: "Current temperature of the CPU.", -// }) -// hdFailures = prometheus.NewCounterVec( -// prometheus.CounterOpts{ -// Name: "hd_errors_total", -// Help: "Number of hard-disk errors.", -// }, -// []string{"device"}, -// ) -// ) -// -// func init() { -// // Metrics have to be registered to be exposed: -// prometheus.MustRegister(cpuTemp) -// prometheus.MustRegister(hdFailures) -// } -// -// func main() { -// cpuTemp.Set(65.3) -// hdFailures.With(prometheus.Labels{"device":"/dev/sda"}).Inc() -// -// // The Handler function provides a default handler to expose metrics -// // via an HTTP server. "/metrics" is the usual endpoint for that. -// http.Handle("/metrics", promhttp.Handler()) -// log.Fatal(http.ListenAndServe(":8080", nil)) -// } -// +// package main +// +// import ( +// "log" +// "net/http" +// +// "github.com/prometheus/client_golang/prometheus" +// "github.com/prometheus/client_golang/prometheus/promhttp" +// ) +// +// type metrics struct { +// cpuTemp prometheus.Gauge +// hdFailures *prometheus.CounterVec +// } +// +// func NewMetrics(reg prometheus.Registerer) *metrics { +// m := &metrics{ +// cpuTemp: prometheus.NewGauge(prometheus.GaugeOpts{ +// Name: "cpu_temperature_celsius", +// Help: "Current temperature of the CPU.", +// }), +// hdFailures: prometheus.NewCounterVec( +// prometheus.CounterOpts{ +// Name: "hd_errors_total", +// Help: "Number of hard-disk errors.", +// }, +// []string{"device"}, +// ), +// } +// reg.MustRegister(m.cpuTemp) +// reg.MustRegister(m.hdFailures) +// return m +// } +// +// func main() { +// // Create a non-global registry. +// reg := prometheus.NewRegistry() +// +// // Create new metrics and register them using the custom registry. +// m := NewMetrics(reg) +// // Set values for the new created metrics. +// m.cpuTemp.Set(65.3) +// m.hdFailures.With(prometheus.Labels{"device":"/dev/sda"}).Inc() +// +// // Expose metrics and custom registry via an HTTP server +// // using the HandleFor function. "/metrics" is the usual endpoint for that. +// http.Handle("/metrics", promhttp.HandlerFor(reg, promhttp.HandlerOpts{Registry: reg})) +// log.Fatal(http.ListenAndServe(":8080", nil)) +// } // // This is a complete program that exports two metrics, a Gauge and a Counter, // the latter with a label attached to turn it into a (one-dimensional) vector. +// It register the metrics using a custom registry and exposes them via an HTTP server +// on the /metrics endpoint. // -// Metrics +// # Metrics // // The number of exported identifiers in this package might appear a bit // overwhelming. However, in addition to the basic plumbing shown in the example @@ -100,7 +111,7 @@ // To create instances of Metrics and their vector versions, you need a suitable // …Opts struct, i.e. GaugeOpts, CounterOpts, SummaryOpts, or HistogramOpts. // -// Custom Collectors and constant Metrics +// # Custom Collectors and constant Metrics // // While you could create your own implementations of Metric, most likely you // will only ever implement the Collector interface on your own. At a first @@ -141,7 +152,7 @@ // a metric, GaugeFunc, CounterFunc, or UntypedFunc might be interesting // shortcuts. // -// Advanced Uses of the Registry +// # Advanced Uses of the Registry // // While MustRegister is the by far most common way of registering a Collector, // sometimes you might want to handle the errors the registration might cause. @@ -176,23 +187,23 @@ // NewProcessCollector). With a custom registry, you are in control and decide // yourself about the Collectors to register. // -// HTTP Exposition +// # HTTP Exposition // // The Registry implements the Gatherer interface. The caller of the Gather // method can then expose the gathered metrics in some way. Usually, the metrics // are served via HTTP on the /metrics endpoint. That's happening in the example // above. The tools to expose metrics via HTTP are in the promhttp sub-package. // -// Pushing to the Pushgateway +// # Pushing to the Pushgateway // // Function for pushing to the Pushgateway can be found in the push sub-package. // -// Graphite Bridge +// # Graphite Bridge // // Functions and examples to push metrics from a Gatherer to Graphite can be // found in the graphite sub-package. // -// Other Means of Exposition +// # Other Means of Exposition // // More ways of exposing metrics can easily be added by following the approaches // of the existing implementations. diff --git a/vendor/github.com/prometheus/client_golang/prometheus/gauge.go b/vendor/github.com/prometheus/client_golang/prometheus/gauge.go index bd0733d6a..f1ea6c76f 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/gauge.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/gauge.go @@ -55,6 +55,18 @@ type Gauge interface { // GaugeOpts is an alias for Opts. See there for doc comments. type GaugeOpts Opts +// GaugeVecOpts bundles the options to create a GaugeVec metric. +// It is mandatory to set GaugeOpts, see there for mandatory fields. VariableLabels +// is optional and can safely be left to its default value. +type GaugeVecOpts struct { + GaugeOpts + + // VariableLabels are used to partition the metric vector by the given set + // of labels. Each label value will be constrained with the optional Contraint + // function, if provided. + VariableLabels ConstrainableLabels +} + // NewGauge creates a new Gauge based on the provided GaugeOpts. // // The returned implementation is optimized for a fast Set method. If you have a @@ -138,16 +150,24 @@ type GaugeVec struct { // NewGaugeVec creates a new GaugeVec based on the provided GaugeOpts and // partitioned by the given label names. func NewGaugeVec(opts GaugeOpts, labelNames []string) *GaugeVec { - desc := NewDesc( + return V2.NewGaugeVec(GaugeVecOpts{ + GaugeOpts: opts, + VariableLabels: UnconstrainedLabels(labelNames), + }) +} + +// NewGaugeVec creates a new GaugeVec based on the provided GaugeVecOpts. +func (v2) NewGaugeVec(opts GaugeVecOpts) *GaugeVec { + desc := V2.NewDesc( BuildFQName(opts.Namespace, opts.Subsystem, opts.Name), opts.Help, - labelNames, + opts.VariableLabels, opts.ConstLabels, ) return &GaugeVec{ MetricVec: NewMetricVec(desc, func(lvs ...string) Metric { if len(lvs) != len(desc.variableLabels) { - panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels, lvs)) + panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.labelNames(), lvs)) } result := &gauge{desc: desc, labelPairs: MakeLabelPairs(desc, lvs)} result.init(result) // Init self-collection. @@ -210,7 +230,8 @@ func (v *GaugeVec) GetMetricWith(labels Labels) (Gauge, error) { // WithLabelValues works as GetMetricWithLabelValues, but panics where // GetMetricWithLabelValues would have returned an error. Not returning an // error allows shortcuts like -// myVec.WithLabelValues("404", "GET").Add(42) +// +// myVec.WithLabelValues("404", "GET").Add(42) func (v *GaugeVec) WithLabelValues(lvs ...string) Gauge { g, err := v.GetMetricWithLabelValues(lvs...) if err != nil { @@ -221,7 +242,8 @@ func (v *GaugeVec) WithLabelValues(lvs ...string) Gauge { // With works as GetMetricWith, but panics where GetMetricWithLabels would have // returned an error. Not returning an error allows shortcuts like -// myVec.With(prometheus.Labels{"code": "404", "method": "GET"}).Add(42) +// +// myVec.With(prometheus.Labels{"code": "404", "method": "GET"}).Add(42) func (v *GaugeVec) With(labels Labels) Gauge { g, err := v.GetMetricWith(labels) if err != nil { diff --git a/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go b/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go index 3a2d55e84..2d8d9f64f 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go @@ -23,11 +23,10 @@ import ( "strings" "sync" - //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility. - "github.com/golang/protobuf/proto" - dto "github.com/prometheus/client_model/go" - "github.com/prometheus/client_golang/prometheus/internal" + + dto "github.com/prometheus/client_model/go" + "google.golang.org/protobuf/proto" ) const ( diff --git a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go index 0d47fecdc..5b69965b2 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go @@ -22,25 +22,221 @@ import ( "sync/atomic" "time" - //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility. - "github.com/golang/protobuf/proto" - dto "github.com/prometheus/client_model/go" + + "google.golang.org/protobuf/proto" ) +// nativeHistogramBounds for the frac of observed values. Only relevant for +// schema > 0. The position in the slice is the schema. (0 is never used, just +// here for convenience of using the schema directly as the index.) +// +// TODO(beorn7): Currently, we do a binary search into these slices. There are +// ways to turn it into a small number of simple array lookups. It probably only +// matters for schema 5 and beyond, but should be investigated. See this comment +// as a starting point: +// https://github.com/open-telemetry/opentelemetry-specification/issues/1776#issuecomment-870164310 +var nativeHistogramBounds = [][]float64{ + // Schema "0": + {0.5}, + // Schema 1: + {0.5, 0.7071067811865475}, + // Schema 2: + {0.5, 0.5946035575013605, 0.7071067811865475, 0.8408964152537144}, + // Schema 3: + { + 0.5, 0.5452538663326288, 0.5946035575013605, 0.6484197773255048, + 0.7071067811865475, 0.7711054127039704, 0.8408964152537144, 0.9170040432046711, + }, + // Schema 4: + { + 0.5, 0.5221368912137069, 0.5452538663326288, 0.5693943173783458, + 0.5946035575013605, 0.620928906036742, 0.6484197773255048, 0.6771277734684463, + 0.7071067811865475, 0.7384130729697496, 0.7711054127039704, 0.805245165974627, + 0.8408964152537144, 0.8781260801866495, 0.9170040432046711, 0.9576032806985735, + }, + // Schema 5: + { + 0.5, 0.5109485743270583, 0.5221368912137069, 0.5335702003384117, + 0.5452538663326288, 0.5571933712979462, 0.5693943173783458, 0.5818624293887887, + 0.5946035575013605, 0.6076236799902344, 0.620928906036742, 0.6345254785958666, + 0.6484197773255048, 0.6626183215798706, 0.6771277734684463, 0.6919549409819159, + 0.7071067811865475, 0.7225904034885232, 0.7384130729697496, 0.7545822137967112, + 0.7711054127039704, 0.7879904225539431, 0.805245165974627, 0.8228777390769823, + 0.8408964152537144, 0.8593096490612387, 0.8781260801866495, 0.8973545375015533, + 0.9170040432046711, 0.9370838170551498, 0.9576032806985735, 0.9785720620876999, + }, + // Schema 6: + { + 0.5, 0.5054446430258502, 0.5109485743270583, 0.5165124395106142, + 0.5221368912137069, 0.5278225891802786, 0.5335702003384117, 0.5393803988785598, + 0.5452538663326288, 0.5511912916539204, 0.5571933712979462, 0.5632608093041209, + 0.5693943173783458, 0.5755946149764913, 0.5818624293887887, 0.5881984958251406, + 0.5946035575013605, 0.6010783657263515, 0.6076236799902344, 0.6142402680534349, + 0.620928906036742, 0.6276903785123455, 0.6345254785958666, 0.6414350080393891, + 0.6484197773255048, 0.6554806057623822, 0.6626183215798706, 0.6698337620266515, + 0.6771277734684463, 0.6845012114872953, 0.6919549409819159, 0.6994898362691555, + 0.7071067811865475, 0.7148066691959849, 0.7225904034885232, 0.7304588970903234, + 0.7384130729697496, 0.7464538641456323, 0.7545822137967112, 0.762799075372269, + 0.7711054127039704, 0.7795022001189185, 0.7879904225539431, 0.7965710756711334, + 0.805245165974627, 0.8140137109286738, 0.8228777390769823, 0.8318382901633681, + 0.8408964152537144, 0.8500531768592616, 0.8593096490612387, 0.8686669176368529, + 0.8781260801866495, 0.8876882462632604, 0.8973545375015533, 0.9071260877501991, + 0.9170040432046711, 0.9269895625416926, 0.9370838170551498, 0.9472879907934827, + 0.9576032806985735, 0.9680308967461471, 0.9785720620876999, 0.9892280131939752, + }, + // Schema 7: + { + 0.5, 0.5027149505564014, 0.5054446430258502, 0.5081891574554764, + 0.5109485743270583, 0.5137229745593818, 0.5165124395106142, 0.5193170509806894, + 0.5221368912137069, 0.5249720429003435, 0.5278225891802786, 0.5306886136446309, + 0.5335702003384117, 0.5364674337629877, 0.5393803988785598, 0.5423091811066545, + 0.5452538663326288, 0.5482145409081883, 0.5511912916539204, 0.5541842058618393, + 0.5571933712979462, 0.5602188762048033, 0.5632608093041209, 0.5663192597993595, + 0.5693943173783458, 0.572486072215902, 0.5755946149764913, 0.5787200368168754, + 0.5818624293887887, 0.585021884841625, 0.5881984958251406, 0.5913923554921704, + 0.5946035575013605, 0.5978321960199137, 0.6010783657263515, 0.6043421618132907, + 0.6076236799902344, 0.6109230164863786, 0.6142402680534349, 0.6175755319684665, + 0.620928906036742, 0.6243004885946023, 0.6276903785123455, 0.6310986751971253, + 0.6345254785958666, 0.637970889198196, 0.6414350080393891, 0.6449179367033329, + 0.6484197773255048, 0.6519406325959679, 0.6554806057623822, 0.659039800633032, + 0.6626183215798706, 0.6662162735415805, 0.6698337620266515, 0.6734708931164728, + 0.6771277734684463, 0.6808045103191123, 0.6845012114872953, 0.688217985377265, + 0.6919549409819159, 0.6957121878859629, 0.6994898362691555, 0.7032879969095076, + 0.7071067811865475, 0.7109463010845827, 0.7148066691959849, 0.718687998724491, + 0.7225904034885232, 0.7265139979245261, 0.7304588970903234, 0.7344252166684908, + 0.7384130729697496, 0.7424225829363761, 0.7464538641456323, 0.7505070348132126, + 0.7545822137967112, 0.7586795205991071, 0.762799075372269, 0.7669409989204777, + 0.7711054127039704, 0.7752924388424999, 0.7795022001189185, 0.7837348199827764, + 0.7879904225539431, 0.7922691326262467, 0.7965710756711334, 0.8008963778413465, + 0.805245165974627, 0.8096175675974316, 0.8140137109286738, 0.8184337248834821, + 0.8228777390769823, 0.8273458838280969, 0.8318382901633681, 0.8363550898207981, + 0.8408964152537144, 0.8454623996346523, 0.8500531768592616, 0.8546688815502312, + 0.8593096490612387, 0.8639756154809185, 0.8686669176368529, 0.8733836930995842, + 0.8781260801866495, 0.8828942179666361, 0.8876882462632604, 0.8925083056594671, + 0.8973545375015533, 0.9022270839033115, 0.9071260877501991, 0.9120516927035263, + 0.9170040432046711, 0.9219832844793128, 0.9269895625416926, 0.9320230241988943, + 0.9370838170551498, 0.9421720895161669, 0.9472879907934827, 0.9524316709088368, + 0.9576032806985735, 0.9628029718180622, 0.9680308967461471, 0.9732872087896164, + 0.9785720620876999, 0.9838856116165875, 0.9892280131939752, 0.9945994234836328, + }, + // Schema 8: + { + 0.5, 0.5013556375251013, 0.5027149505564014, 0.5040779490592088, + 0.5054446430258502, 0.5068150424757447, 0.5081891574554764, 0.509566998038869, + 0.5109485743270583, 0.5123338964485679, 0.5137229745593818, 0.5151158188430205, + 0.5165124395106142, 0.5179128468009786, 0.5193170509806894, 0.520725062344158, + 0.5221368912137069, 0.5235525479396449, 0.5249720429003435, 0.526395386502313, + 0.5278225891802786, 0.5292536613972564, 0.5306886136446309, 0.5321274564422321, + 0.5335702003384117, 0.5350168559101208, 0.5364674337629877, 0.5379219445313954, + 0.5393803988785598, 0.5408428074966075, 0.5423091811066545, 0.5437795304588847, + 0.5452538663326288, 0.5467321995364429, 0.5482145409081883, 0.549700901315111, + 0.5511912916539204, 0.5526857228508706, 0.5541842058618393, 0.5556867516724088, + 0.5571933712979462, 0.5587040757836845, 0.5602188762048033, 0.5617377836665098, + 0.5632608093041209, 0.564787964283144, 0.5663192597993595, 0.5678547070789026, + 0.5693943173783458, 0.5709381019847808, 0.572486072215902, 0.5740382394200894, + 0.5755946149764913, 0.5771552102951081, 0.5787200368168754, 0.5802891060137493, + 0.5818624293887887, 0.5834400184762408, 0.585021884841625, 0.5866080400818185, + 0.5881984958251406, 0.5897932637314379, 0.5913923554921704, 0.5929957828304968, + 0.5946035575013605, 0.5962156912915756, 0.5978321960199137, 0.5994530835371903, + 0.6010783657263515, 0.6027080545025619, 0.6043421618132907, 0.6059806996384005, + 0.6076236799902344, 0.6092711149137041, 0.6109230164863786, 0.6125793968185725, + 0.6142402680534349, 0.6159056423670379, 0.6175755319684665, 0.6192499490999082, + 0.620928906036742, 0.622612415087629, 0.6243004885946023, 0.6259931389331581, + 0.6276903785123455, 0.6293922197748583, 0.6310986751971253, 0.6328097572894031, + 0.6345254785958666, 0.6362458516947014, 0.637970889198196, 0.6397006037528346, + 0.6414350080393891, 0.6431741147730128, 0.6449179367033329, 0.6466664866145447, + 0.6484197773255048, 0.6501778216898253, 0.6519406325959679, 0.6537082229673385, + 0.6554806057623822, 0.6572577939746774, 0.659039800633032, 0.6608266388015788, + 0.6626183215798706, 0.6644148621029772, 0.6662162735415805, 0.6680225691020727, + 0.6698337620266515, 0.6716498655934177, 0.6734708931164728, 0.6752968579460171, + 0.6771277734684463, 0.6789636531064505, 0.6808045103191123, 0.6826503586020058, + 0.6845012114872953, 0.6863570825438342, 0.688217985377265, 0.690083933630119, + 0.6919549409819159, 0.6938310211492645, 0.6957121878859629, 0.6975984549830999, + 0.6994898362691555, 0.7013863456101023, 0.7032879969095076, 0.7051948041086352, + 0.7071067811865475, 0.7090239421602076, 0.7109463010845827, 0.7128738720527471, + 0.7148066691959849, 0.7167447066838943, 0.718687998724491, 0.7206365595643126, + 0.7225904034885232, 0.7245495448210174, 0.7265139979245261, 0.7284837772007218, + 0.7304588970903234, 0.7324393720732029, 0.7344252166684908, 0.7364164454346837, + 0.7384130729697496, 0.7404151139112358, 0.7424225829363761, 0.7444354947621984, + 0.7464538641456323, 0.7484777058836176, 0.7505070348132126, 0.7525418658117031, + 0.7545822137967112, 0.7566280937263048, 0.7586795205991071, 0.7607365094544071, + 0.762799075372269, 0.7648672334736434, 0.7669409989204777, 0.7690203869158282, + 0.7711054127039704, 0.7731960915705107, 0.7752924388424999, 0.7773944698885442, + 0.7795022001189185, 0.7816156449856788, 0.7837348199827764, 0.7858597406461707, + 0.7879904225539431, 0.7901268813264122, 0.7922691326262467, 0.7944171921585818, + 0.7965710756711334, 0.7987307989543135, 0.8008963778413465, 0.8030678282083853, + 0.805245165974627, 0.8074284071024302, 0.8096175675974316, 0.8118126635086642, + 0.8140137109286738, 0.8162207259936375, 0.8184337248834821, 0.820652723822003, + 0.8228777390769823, 0.8251087869603088, 0.8273458838280969, 0.8295890460808079, + 0.8318382901633681, 0.8340936325652911, 0.8363550898207981, 0.8386226785089391, + 0.8408964152537144, 0.8431763167241966, 0.8454623996346523, 0.8477546807446661, + 0.8500531768592616, 0.8523579048290255, 0.8546688815502312, 0.8569861239649629, + 0.8593096490612387, 0.8616394738731368, 0.8639756154809185, 0.8663180910111553, + 0.8686669176368529, 0.871022112577578, 0.8733836930995842, 0.8757516765159389, + 0.8781260801866495, 0.8805069215187917, 0.8828942179666361, 0.8852879870317771, + 0.8876882462632604, 0.890095013257712, 0.8925083056594671, 0.8949281411607002, + 0.8973545375015533, 0.8997875124702672, 0.9022270839033115, 0.9046732696855155, + 0.9071260877501991, 0.909585556079304, 0.9120516927035263, 0.9145245157024483, + 0.9170040432046711, 0.9194902933879467, 0.9219832844793128, 0.9244830347552253, + 0.9269895625416926, 0.92950288621441, 0.9320230241988943, 0.9345499949706191, + 0.9370838170551498, 0.93962450902828, 0.9421720895161669, 0.9447265771954693, + 0.9472879907934827, 0.9498563490882775, 0.9524316709088368, 0.9550139751351947, + 0.9576032806985735, 0.9601996065815236, 0.9628029718180622, 0.9654133954938133, + 0.9680308967461471, 0.9706554947643201, 0.9732872087896164, 0.9759260581154889, + 0.9785720620876999, 0.9812252401044634, 0.9838856116165875, 0.9865531961276168, + 0.9892280131939752, 0.9919100824251095, 0.9945994234836328, 0.9972960560854698, + }, +} + +// The nativeHistogramBounds above can be generated with the code below. +// +// TODO(beorn7): It's tempting to actually use `go generate` to generate the +// code above. However, this could lead to slightly different numbers on +// different architectures. We still need to come to terms if we are fine with +// that, or if we might prefer to specify precise numbers in the standard. +// +// var nativeHistogramBounds [][]float64 = make([][]float64, 9) +// +// func init() { +// // Populate nativeHistogramBounds. +// numBuckets := 1 +// for i := range nativeHistogramBounds { +// bounds := []float64{0.5} +// factor := math.Exp2(math.Exp2(float64(-i))) +// for j := 0; j < numBuckets-1; j++ { +// var bound float64 +// if (j+1)%2 == 0 { +// // Use previously calculated value for increased precision. +// bound = nativeHistogramBounds[i-1][j/2+1] +// } else { +// bound = bounds[j] * factor +// } +// bounds = append(bounds, bound) +// } +// numBuckets *= 2 +// nativeHistogramBounds[i] = bounds +// } +// } + // A Histogram counts individual observations from an event or sample stream in -// configurable buckets. Similar to a summary, it also provides a sum of -// observations and an observation count. +// configurable static buckets (or in dynamic sparse buckets as part of the +// experimental Native Histograms, see below for more details). Similar to a +// Summary, it also provides a sum of observations and an observation count. // // On the Prometheus server, quantiles can be calculated from a Histogram using -// the histogram_quantile function in the query language. +// the histogram_quantile PromQL function. // -// Note that Histograms, in contrast to Summaries, can be aggregated with the -// Prometheus query language (see the documentation for detailed -// procedures). However, Histograms require the user to pre-define suitable -// buckets, and they are in general less accurate. The Observe method of a -// Histogram has a very low performance overhead in comparison with the Observe -// method of a Summary. +// Note that Histograms, in contrast to Summaries, can be aggregated in PromQL +// (see the documentation for detailed procedures). However, Histograms require +// the user to pre-define suitable buckets, and they are in general less +// accurate. (Both problems are addressed by the experimental Native +// Histograms. To use them, configure a NativeHistogramBucketFactor in the +// HistogramOpts. They also require a Prometheus server v2.40+ with the +// corresponding feature flag enabled.) +// +// The Observe method of a Histogram has a very low performance overhead in +// comparison with the Observe method of a Summary. // // To create Histogram instances, use NewHistogram. type Histogram interface { @@ -50,7 +246,8 @@ type Histogram interface { // Observe adds a single observation to the histogram. Observations are // usually positive or zero. Negative observations are accepted but // prevent current versions of Prometheus from properly detecting - // counter resets in the sum of observations. See + // counter resets in the sum of observations. (The experimental Native + // Histograms handle negative observations properly.) See // https://prometheus.io/docs/practices/histograms/#count-and-sum-of-observations // for details. Observe(float64) @@ -64,18 +261,28 @@ const bucketLabel = "le" // tailored to broadly measure the response time (in seconds) of a network // service. Most likely, however, you will be required to define buckets // customized to your use case. -var ( - DefBuckets = []float64{.005, .01, .025, .05, .1, .25, .5, 1, 2.5, 5, 10} +var DefBuckets = []float64{.005, .01, .025, .05, .1, .25, .5, 1, 2.5, 5, 10} - errBucketLabelNotAllowed = fmt.Errorf( - "%q is not allowed as label name in histograms", bucketLabel, - ) +// DefNativeHistogramZeroThreshold is the default value for +// NativeHistogramZeroThreshold in the HistogramOpts. +// +// The value is 2^-128 (or 0.5*2^-127 in the actual IEEE 754 representation), +// which is a bucket boundary at all possible resolutions. +const DefNativeHistogramZeroThreshold = 2.938735877055719e-39 + +// NativeHistogramZeroThresholdZero can be used as NativeHistogramZeroThreshold +// in the HistogramOpts to create a zero bucket of width zero, i.e. a zero +// bucket that only receives observations of precisely zero. +const NativeHistogramZeroThresholdZero = -1 + +var errBucketLabelNotAllowed = fmt.Errorf( + "%q is not allowed as label name in histograms", bucketLabel, ) -// LinearBuckets creates 'count' buckets, each 'width' wide, where the lowest -// bucket has an upper bound of 'start'. The final +Inf bucket is not counted -// and not included in the returned slice. The returned slice is meant to be -// used for the Buckets field of HistogramOpts. +// LinearBuckets creates 'count' regular buckets, each 'width' wide, where the +// lowest bucket has an upper bound of 'start'. The final +Inf bucket is not +// counted and not included in the returned slice. The returned slice is meant +// to be used for the Buckets field of HistogramOpts. // // The function panics if 'count' is zero or negative. func LinearBuckets(start, width float64, count int) []float64 { @@ -90,11 +297,11 @@ func LinearBuckets(start, width float64, count int) []float64 { return buckets } -// ExponentialBuckets creates 'count' buckets, where the lowest bucket has an -// upper bound of 'start' and each following bucket's upper bound is 'factor' -// times the previous bucket's upper bound. The final +Inf bucket is not counted -// and not included in the returned slice. The returned slice is meant to be -// used for the Buckets field of HistogramOpts. +// ExponentialBuckets creates 'count' regular buckets, where the lowest bucket +// has an upper bound of 'start' and each following bucket's upper bound is +// 'factor' times the previous bucket's upper bound. The final +Inf bucket is +// not counted and not included in the returned slice. The returned slice is +// meant to be used for the Buckets field of HistogramOpts. // // The function panics if 'count' is 0 or negative, if 'start' is 0 or negative, // or if 'factor' is less than or equal 1. @@ -180,8 +387,97 @@ type HistogramOpts struct { // element in the slice is the upper inclusive bound of a bucket. The // values must be sorted in strictly increasing order. There is no need // to add a highest bucket with +Inf bound, it will be added - // implicitly. The default value is DefBuckets. + // implicitly. If Buckets is left as nil or set to a slice of length + // zero, it is replaced by default buckets. The default buckets are + // DefBuckets if no buckets for a native histogram (see below) are used, + // otherwise the default is no buckets. (In other words, if you want to + // use both reguler buckets and buckets for a native histogram, you have + // to define the regular buckets here explicitly.) Buckets []float64 + + // If NativeHistogramBucketFactor is greater than one, so-called sparse + // buckets are used (in addition to the regular buckets, if defined + // above). A Histogram with sparse buckets will be ingested as a Native + // Histogram by a Prometheus server with that feature enabled (requires + // Prometheus v2.40+). Sparse buckets are exponential buckets covering + // the whole float64 range (with the exception of the “zero” bucket, see + // SparseBucketsZeroThreshold below). From any one bucket to the next, + // the width of the bucket grows by a constant + // factor. NativeHistogramBucketFactor provides an upper bound for this + // factor (exception see below). The smaller + // NativeHistogramBucketFactor, the more buckets will be used and thus + // the more costly the histogram will become. A generally good trade-off + // between cost and accuracy is a value of 1.1 (each bucket is at most + // 10% wider than the previous one), which will result in each power of + // two divided into 8 buckets (e.g. there will be 8 buckets between 1 + // and 2, same as between 2 and 4, and 4 and 8, etc.). + // + // Details about the actually used factor: The factor is calculated as + // 2^(2^n), where n is an integer number between (and including) -8 and + // 4. n is chosen so that the resulting factor is the largest that is + // still smaller or equal to NativeHistogramBucketFactor. Note that the + // smallest possible factor is therefore approx. 1.00271 (i.e. 2^(2^-8) + // ). If NativeHistogramBucketFactor is greater than 1 but smaller than + // 2^(2^-8), then the actually used factor is still 2^(2^-8) even though + // it is larger than the provided NativeHistogramBucketFactor. + // + // NOTE: Native Histograms are still an experimental feature. Their + // behavior might still change without a major version + // bump. Subsequently, all NativeHistogram... options here might still + // change their behavior or name (or might completely disappear) without + // a major version bump. + NativeHistogramBucketFactor float64 + // All observations with an absolute value of less or equal + // NativeHistogramZeroThreshold are accumulated into a “zero” + // bucket. For best results, this should be close to a bucket + // boundary. This is usually the case if picking a power of two. If + // NativeHistogramZeroThreshold is left at zero, + // DefSparseBucketsZeroThreshold is used as the threshold. To configure + // a zero bucket with an actual threshold of zero (i.e. only + // observations of precisely zero will go into the zero bucket), set + // NativeHistogramZeroThreshold to the NativeHistogramZeroThresholdZero + // constant (or any negative float value). + NativeHistogramZeroThreshold float64 + + // The remaining fields define a strategy to limit the number of + // populated sparse buckets. If NativeHistogramMaxBucketNumber is left + // at zero, the number of buckets is not limited. (Note that this might + // lead to unbounded memory consumption if the values observed by the + // Histogram are sufficiently wide-spread. In particular, this could be + // used as a DoS attack vector. Where the observed values depend on + // external inputs, it is highly recommended to set a + // NativeHistogramMaxBucketNumber.) Once the set + // NativeHistogramMaxBucketNumber is exceeded, the following strategy is + // enacted: First, if the last reset (or the creation) of the histogram + // is at least NativeHistogramMinResetDuration ago, then the whole + // histogram is reset to its initial state (including regular + // buckets). If less time has passed, or if + // NativeHistogramMinResetDuration is zero, no reset is + // performed. Instead, the zero threshold is increased sufficiently to + // reduce the number of buckets to or below + // NativeHistogramMaxBucketNumber, but not to more than + // NativeHistogramMaxZeroThreshold. Thus, if + // NativeHistogramMaxZeroThreshold is already at or below the current + // zero threshold, nothing happens at this step. After that, if the + // number of buckets still exceeds NativeHistogramMaxBucketNumber, the + // resolution of the histogram is reduced by doubling the width of the + // sparse buckets (up to a growth factor between one bucket to the next + // of 2^(2^4) = 65536, see above). + NativeHistogramMaxBucketNumber uint32 + NativeHistogramMinResetDuration time.Duration + NativeHistogramMaxZeroThreshold float64 +} + +// HistogramVecOpts bundles the options to create a HistogramVec metric. +// It is mandatory to set HistogramOpts, see there for mandatory fields. VariableLabels +// is optional and can safely be left to its default value. +type HistogramVecOpts struct { + HistogramOpts + + // VariableLabels are used to partition the metric vector by the given set + // of labels. Each label value will be constrained with the optional Contraint + // function, if provided. + VariableLabels ConstrainableLabels } // NewHistogram creates a new Histogram based on the provided HistogramOpts. It @@ -204,11 +500,11 @@ func NewHistogram(opts HistogramOpts) Histogram { func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogram { if len(desc.variableLabels) != len(labelValues) { - panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels, labelValues)) + panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.labelNames(), labelValues)) } for _, n := range desc.variableLabels { - if n == bucketLabel { + if n.Name == bucketLabel { panic(errBucketLabelNotAllowed) } } @@ -218,16 +514,29 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr } } - if len(opts.Buckets) == 0 { - opts.Buckets = DefBuckets - } - h := &histogram{ - desc: desc, - upperBounds: opts.Buckets, - labelPairs: MakeLabelPairs(desc, labelValues), - counts: [2]*histogramCounts{{}, {}}, - now: time.Now, + desc: desc, + upperBounds: opts.Buckets, + labelPairs: MakeLabelPairs(desc, labelValues), + nativeHistogramMaxBuckets: opts.NativeHistogramMaxBucketNumber, + nativeHistogramMaxZeroThreshold: opts.NativeHistogramMaxZeroThreshold, + nativeHistogramMinResetDuration: opts.NativeHistogramMinResetDuration, + lastResetTime: time.Now(), + now: time.Now, + } + if len(h.upperBounds) == 0 && opts.NativeHistogramBucketFactor <= 1 { + h.upperBounds = DefBuckets + } + if opts.NativeHistogramBucketFactor <= 1 { + h.nativeHistogramSchema = math.MinInt32 // To mark that there are no sparse buckets. + } else { + switch { + case opts.NativeHistogramZeroThreshold > 0: + h.nativeHistogramZeroThreshold = opts.NativeHistogramZeroThreshold + case opts.NativeHistogramZeroThreshold == 0: + h.nativeHistogramZeroThreshold = DefNativeHistogramZeroThreshold + } // Leave h.nativeHistogramZeroThreshold at 0 otherwise. + h.nativeHistogramSchema = pickSchema(opts.NativeHistogramBucketFactor) } for i, upperBound := range h.upperBounds { if i < len(h.upperBounds)-1 { @@ -246,8 +555,12 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr } // Finally we know the final length of h.upperBounds and can make buckets // for both counts as well as exemplars: - h.counts[0].buckets = make([]uint64, len(h.upperBounds)) - h.counts[1].buckets = make([]uint64, len(h.upperBounds)) + h.counts[0] = &histogramCounts{buckets: make([]uint64, len(h.upperBounds))} + atomic.StoreUint64(&h.counts[0].nativeHistogramZeroThresholdBits, math.Float64bits(h.nativeHistogramZeroThreshold)) + atomic.StoreInt32(&h.counts[0].nativeHistogramSchema, h.nativeHistogramSchema) + h.counts[1] = &histogramCounts{buckets: make([]uint64, len(h.upperBounds))} + atomic.StoreUint64(&h.counts[1].nativeHistogramZeroThresholdBits, math.Float64bits(h.nativeHistogramZeroThreshold)) + atomic.StoreInt32(&h.counts[1].nativeHistogramSchema, h.nativeHistogramSchema) h.exemplars = make([]atomic.Value, len(h.upperBounds)+1) h.init(h) // Init self-collection. @@ -255,13 +568,98 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr } type histogramCounts struct { + // Order in this struct matters for the alignment required by atomic + // operations, see http://golang.org/pkg/sync/atomic/#pkg-note-BUG + // sumBits contains the bits of the float64 representing the sum of all - // observations. sumBits and count have to go first in the struct to - // guarantee alignment for atomic operations. - // http://golang.org/pkg/sync/atomic/#pkg-note-BUG + // observations. sumBits uint64 count uint64 + + // nativeHistogramZeroBucket counts all (positive and negative) + // observations in the zero bucket (with an absolute value less or equal + // the current threshold, see next field. + nativeHistogramZeroBucket uint64 + // nativeHistogramZeroThresholdBits is the bit pattern of the current + // threshold for the zero bucket. It's initially equal to + // nativeHistogramZeroThreshold but may change according to the bucket + // count limitation strategy. + nativeHistogramZeroThresholdBits uint64 + // nativeHistogramSchema may change over time according to the bucket + // count limitation strategy and therefore has to be saved here. + nativeHistogramSchema int32 + // Number of (positive and negative) sparse buckets. + nativeHistogramBucketsNumber uint32 + + // Regular buckets. buckets []uint64 + + // The sparse buckets for native histograms are implemented with a + // sync.Map for now. A dedicated data structure will likely be more + // efficient. There are separate maps for negative and positive + // observations. The map's value is an *int64, counting observations in + // that bucket. (Note that we don't use uint64 as an int64 won't + // overflow in practice, and working with signed numbers from the + // beginning simplifies the handling of deltas.) The map's key is the + // index of the bucket according to the used + // nativeHistogramSchema. Index 0 is for an upper bound of 1. + nativeHistogramBucketsPositive, nativeHistogramBucketsNegative sync.Map +} + +// observe manages the parts of observe that only affects +// histogramCounts. doSparse is true if sparse buckets should be done, +// too. +func (hc *histogramCounts) observe(v float64, bucket int, doSparse bool) { + if bucket < len(hc.buckets) { + atomic.AddUint64(&hc.buckets[bucket], 1) + } + atomicAddFloat(&hc.sumBits, v) + if doSparse && !math.IsNaN(v) { + var ( + key int + schema = atomic.LoadInt32(&hc.nativeHistogramSchema) + zeroThreshold = math.Float64frombits(atomic.LoadUint64(&hc.nativeHistogramZeroThresholdBits)) + bucketCreated, isInf bool + ) + if math.IsInf(v, 0) { + // Pretend v is MaxFloat64 but later increment key by one. + if math.IsInf(v, +1) { + v = math.MaxFloat64 + } else { + v = -math.MaxFloat64 + } + isInf = true + } + frac, exp := math.Frexp(math.Abs(v)) + if schema > 0 { + bounds := nativeHistogramBounds[schema] + key = sort.SearchFloat64s(bounds, frac) + (exp-1)*len(bounds) + } else { + key = exp + if frac == 0.5 { + key-- + } + div := 1 << -schema + key = (key + div - 1) / div + } + if isInf { + key++ + } + switch { + case v > zeroThreshold: + bucketCreated = addToBucket(&hc.nativeHistogramBucketsPositive, key, 1) + case v < -zeroThreshold: + bucketCreated = addToBucket(&hc.nativeHistogramBucketsNegative, key, 1) + default: + atomic.AddUint64(&hc.nativeHistogramZeroBucket, 1) + } + if bucketCreated { + atomic.AddUint32(&hc.nativeHistogramBucketsNumber, 1) + } + } + // Increment count last as we take it as a signal that the observation + // is complete. + atomic.AddUint64(&hc.count, 1) } type histogram struct { @@ -276,7 +674,7 @@ type histogram struct { // perspective of the histogram) swap the hot–cold under the writeMtx // lock. A cooldown is awaited (while locked) by comparing the number of // observations with the initiation count. Once they match, then the - // last observation on the now cool one has completed. All cool fields must + // last observation on the now cool one has completed. All cold fields must // be merged into the new hot before releasing writeMtx. // // Fields with atomic access first! See alignment constraint: @@ -284,8 +682,10 @@ type histogram struct { countAndHotIdx uint64 selfCollector - desc *Desc - writeMtx sync.Mutex // Only used in the Write method. + desc *Desc + + // Only used in the Write method and for sparse bucket management. + mtx sync.Mutex // Two counts, one is "hot" for lock-free observations, the other is // "cold" for writing out a dto.Metric. It has to be an array of @@ -293,9 +693,15 @@ type histogram struct { // http://golang.org/pkg/sync/atomic/#pkg-note-BUG. counts [2]*histogramCounts - upperBounds []float64 - labelPairs []*dto.LabelPair - exemplars []atomic.Value // One more than buckets (to include +Inf), each a *dto.Exemplar. + upperBounds []float64 + labelPairs []*dto.LabelPair + exemplars []atomic.Value // One more than buckets (to include +Inf), each a *dto.Exemplar. + nativeHistogramSchema int32 // The initial schema. Set to math.MinInt32 if no sparse buckets are used. + nativeHistogramZeroThreshold float64 // The initial zero threshold. + nativeHistogramMaxZeroThreshold float64 + nativeHistogramMaxBuckets uint32 + nativeHistogramMinResetDuration time.Duration + lastResetTime time.Time // Protected by mtx. now func() time.Time // To mock out time.Now() for testing. } @@ -319,8 +725,8 @@ func (h *histogram) Write(out *dto.Metric) error { // the hot path, i.e. Observe is called much more often than Write. The // complication of making Write lock-free isn't worth it, if possible at // all. - h.writeMtx.Lock() - defer h.writeMtx.Unlock() + h.mtx.Lock() + defer h.mtx.Unlock() // Adding 1<<63 switches the hot index (from 0 to 1 or from 1 to 0) // without touching the count bits. See the struct comments for a full @@ -333,16 +739,16 @@ func (h *histogram) Write(out *dto.Metric) error { hotCounts := h.counts[n>>63] coldCounts := h.counts[(^n)>>63] - // Await cooldown. - for count != atomic.LoadUint64(&coldCounts.count) { - runtime.Gosched() // Let observations get work done. - } + waitForCooldown(count, coldCounts) his := &dto.Histogram{ Bucket: make([]*dto.Bucket, len(h.upperBounds)), SampleCount: proto.Uint64(count), SampleSum: proto.Float64(math.Float64frombits(atomic.LoadUint64(&coldCounts.sumBits))), } + out.Histogram = his + out.Label = h.labelPairs + var cumCount uint64 for i, upperBound := range h.upperBounds { cumCount += atomic.LoadUint64(&coldCounts.buckets[i]) @@ -363,25 +769,21 @@ func (h *histogram) Write(out *dto.Metric) error { } his.Bucket = append(his.Bucket, b) } - - out.Histogram = his - out.Label = h.labelPairs - - // Finally add all the cold counts to the new hot counts and reset the cold counts. - atomic.AddUint64(&hotCounts.count, count) - atomic.StoreUint64(&coldCounts.count, 0) - for { - oldBits := atomic.LoadUint64(&hotCounts.sumBits) - newBits := math.Float64bits(math.Float64frombits(oldBits) + his.GetSampleSum()) - if atomic.CompareAndSwapUint64(&hotCounts.sumBits, oldBits, newBits) { - atomic.StoreUint64(&coldCounts.sumBits, 0) - break - } - } - for i := range h.upperBounds { - atomic.AddUint64(&hotCounts.buckets[i], atomic.LoadUint64(&coldCounts.buckets[i])) - atomic.StoreUint64(&coldCounts.buckets[i], 0) + if h.nativeHistogramSchema > math.MinInt32 { + his.ZeroThreshold = proto.Float64(math.Float64frombits(atomic.LoadUint64(&coldCounts.nativeHistogramZeroThresholdBits))) + his.Schema = proto.Int32(atomic.LoadInt32(&coldCounts.nativeHistogramSchema)) + zeroBucket := atomic.LoadUint64(&coldCounts.nativeHistogramZeroBucket) + + defer func() { + coldCounts.nativeHistogramBucketsPositive.Range(addAndReset(&hotCounts.nativeHistogramBucketsPositive, &hotCounts.nativeHistogramBucketsNumber)) + coldCounts.nativeHistogramBucketsNegative.Range(addAndReset(&hotCounts.nativeHistogramBucketsNegative, &hotCounts.nativeHistogramBucketsNumber)) + }() + + his.ZeroCount = proto.Uint64(zeroBucket) + his.NegativeSpan, his.NegativeDelta = makeBuckets(&coldCounts.nativeHistogramBucketsNegative) + his.PositiveSpan, his.PositiveDelta = makeBuckets(&coldCounts.nativeHistogramBucketsPositive) } + addAndResetCounts(hotCounts, coldCounts) return nil } @@ -402,25 +804,216 @@ func (h *histogram) findBucket(v float64) int { // observe is the implementation for Observe without the findBucket part. func (h *histogram) observe(v float64, bucket int) { + // Do not add to sparse buckets for NaN observations. + doSparse := h.nativeHistogramSchema > math.MinInt32 && !math.IsNaN(v) // We increment h.countAndHotIdx so that the counter in the lower // 63 bits gets incremented. At the same time, we get the new value // back, which we can use to find the currently-hot counts. n := atomic.AddUint64(&h.countAndHotIdx, 1) hotCounts := h.counts[n>>63] + hotCounts.observe(v, bucket, doSparse) + if doSparse { + h.limitBuckets(hotCounts, v, bucket) + } +} - if bucket < len(h.upperBounds) { - atomic.AddUint64(&hotCounts.buckets[bucket], 1) +// limitSparsebuckets applies a strategy to limit the number of populated sparse +// buckets. It's generally best effort, and there are situations where the +// number can go higher (if even the lowest resolution isn't enough to reduce +// the number sufficiently, or if the provided counts aren't fully updated yet +// by a concurrently happening Write call). +func (h *histogram) limitBuckets(counts *histogramCounts, value float64, bucket int) { + if h.nativeHistogramMaxBuckets == 0 { + return // No limit configured. } - for { - oldBits := atomic.LoadUint64(&hotCounts.sumBits) - newBits := math.Float64bits(math.Float64frombits(oldBits) + v) - if atomic.CompareAndSwapUint64(&hotCounts.sumBits, oldBits, newBits) { - break + if h.nativeHistogramMaxBuckets >= atomic.LoadUint32(&counts.nativeHistogramBucketsNumber) { + return // Bucket limit not exceeded yet. + } + + h.mtx.Lock() + defer h.mtx.Unlock() + + // The hot counts might have been swapped just before we acquired the + // lock. Re-fetch the hot counts first... + n := atomic.LoadUint64(&h.countAndHotIdx) + hotIdx := n >> 63 + coldIdx := (^n) >> 63 + hotCounts := h.counts[hotIdx] + coldCounts := h.counts[coldIdx] + // ...and then check again if we really have to reduce the bucket count. + if h.nativeHistogramMaxBuckets >= atomic.LoadUint32(&hotCounts.nativeHistogramBucketsNumber) { + return // Bucket limit not exceeded after all. + } + // Try the various strategies in order. + if h.maybeReset(hotCounts, coldCounts, coldIdx, value, bucket) { + return + } + if h.maybeWidenZeroBucket(hotCounts, coldCounts) { + return + } + h.doubleBucketWidth(hotCounts, coldCounts) +} + +// maybeReset resests the whole histogram if at least h.nativeHistogramMinResetDuration +// has been passed. It returns true if the histogram has been reset. The caller +// must have locked h.mtx. +func (h *histogram) maybeReset(hot, cold *histogramCounts, coldIdx uint64, value float64, bucket int) bool { + // We are using the possibly mocked h.now() rather than + // time.Since(h.lastResetTime) to enable testing. + if h.nativeHistogramMinResetDuration == 0 || h.now().Sub(h.lastResetTime) < h.nativeHistogramMinResetDuration { + return false + } + // Completely reset coldCounts. + h.resetCounts(cold) + // Repeat the latest observation to not lose it completely. + cold.observe(value, bucket, true) + // Make coldCounts the new hot counts while ressetting countAndHotIdx. + n := atomic.SwapUint64(&h.countAndHotIdx, (coldIdx<<63)+1) + count := n & ((1 << 63) - 1) + waitForCooldown(count, hot) + // Finally, reset the formerly hot counts, too. + h.resetCounts(hot) + h.lastResetTime = h.now() + return true +} + +// maybeWidenZeroBucket widens the zero bucket until it includes the existing +// buckets closest to the zero bucket (which could be two, if an equidistant +// negative and a positive bucket exists, but usually it's only one bucket to be +// merged into the new wider zero bucket). h.nativeHistogramMaxZeroThreshold +// limits how far the zero bucket can be extended, and if that's not enough to +// include an existing bucket, the method returns false. The caller must have +// locked h.mtx. +func (h *histogram) maybeWidenZeroBucket(hot, cold *histogramCounts) bool { + currentZeroThreshold := math.Float64frombits(atomic.LoadUint64(&hot.nativeHistogramZeroThresholdBits)) + if currentZeroThreshold >= h.nativeHistogramMaxZeroThreshold { + return false + } + // Find the key of the bucket closest to zero. + smallestKey := findSmallestKey(&hot.nativeHistogramBucketsPositive) + smallestNegativeKey := findSmallestKey(&hot.nativeHistogramBucketsNegative) + if smallestNegativeKey < smallestKey { + smallestKey = smallestNegativeKey + } + if smallestKey == math.MaxInt32 { + return false + } + newZeroThreshold := getLe(smallestKey, atomic.LoadInt32(&hot.nativeHistogramSchema)) + if newZeroThreshold > h.nativeHistogramMaxZeroThreshold { + return false // New threshold would exceed the max threshold. + } + atomic.StoreUint64(&cold.nativeHistogramZeroThresholdBits, math.Float64bits(newZeroThreshold)) + // Remove applicable buckets. + if _, loaded := cold.nativeHistogramBucketsNegative.LoadAndDelete(smallestKey); loaded { + atomicDecUint32(&cold.nativeHistogramBucketsNumber) + } + if _, loaded := cold.nativeHistogramBucketsPositive.LoadAndDelete(smallestKey); loaded { + atomicDecUint32(&cold.nativeHistogramBucketsNumber) + } + // Make cold counts the new hot counts. + n := atomic.AddUint64(&h.countAndHotIdx, 1<<63) + count := n & ((1 << 63) - 1) + // Swap the pointer names to represent the new roles and make + // the rest less confusing. + hot, cold = cold, hot + waitForCooldown(count, cold) + // Add all the now cold counts to the new hot counts... + addAndResetCounts(hot, cold) + // ...adjust the new zero threshold in the cold counts, too... + atomic.StoreUint64(&cold.nativeHistogramZeroThresholdBits, math.Float64bits(newZeroThreshold)) + // ...and then merge the newly deleted buckets into the wider zero + // bucket. + mergeAndDeleteOrAddAndReset := func(hotBuckets, coldBuckets *sync.Map) func(k, v interface{}) bool { + return func(k, v interface{}) bool { + key := k.(int) + bucket := v.(*int64) + if key == smallestKey { + // Merge into hot zero bucket... + atomic.AddUint64(&hot.nativeHistogramZeroBucket, uint64(atomic.LoadInt64(bucket))) + // ...and delete from cold counts. + coldBuckets.Delete(key) + atomicDecUint32(&cold.nativeHistogramBucketsNumber) + } else { + // Add to corresponding hot bucket... + if addToBucket(hotBuckets, key, atomic.LoadInt64(bucket)) { + atomic.AddUint32(&hot.nativeHistogramBucketsNumber, 1) + } + // ...and reset cold bucket. + atomic.StoreInt64(bucket, 0) + } + return true } } - // Increment count last as we take it as a signal that the observation - // is complete. - atomic.AddUint64(&hotCounts.count, 1) + + cold.nativeHistogramBucketsPositive.Range(mergeAndDeleteOrAddAndReset(&hot.nativeHistogramBucketsPositive, &cold.nativeHistogramBucketsPositive)) + cold.nativeHistogramBucketsNegative.Range(mergeAndDeleteOrAddAndReset(&hot.nativeHistogramBucketsNegative, &cold.nativeHistogramBucketsNegative)) + return true +} + +// doubleBucketWidth doubles the bucket width (by decrementing the schema +// number). Note that very sparse buckets could lead to a low reduction of the +// bucket count (or even no reduction at all). The method does nothing if the +// schema is already -4. +func (h *histogram) doubleBucketWidth(hot, cold *histogramCounts) { + coldSchema := atomic.LoadInt32(&cold.nativeHistogramSchema) + if coldSchema == -4 { + return // Already at lowest resolution. + } + coldSchema-- + atomic.StoreInt32(&cold.nativeHistogramSchema, coldSchema) + // Play it simple and just delete all cold buckets. + atomic.StoreUint32(&cold.nativeHistogramBucketsNumber, 0) + deleteSyncMap(&cold.nativeHistogramBucketsNegative) + deleteSyncMap(&cold.nativeHistogramBucketsPositive) + // Make coldCounts the new hot counts. + n := atomic.AddUint64(&h.countAndHotIdx, 1<<63) + count := n & ((1 << 63) - 1) + // Swap the pointer names to represent the new roles and make + // the rest less confusing. + hot, cold = cold, hot + waitForCooldown(count, cold) + // Add all the now cold counts to the new hot counts... + addAndResetCounts(hot, cold) + // ...adjust the schema in the cold counts, too... + atomic.StoreInt32(&cold.nativeHistogramSchema, coldSchema) + // ...and then merge the cold buckets into the wider hot buckets. + merge := func(hotBuckets *sync.Map) func(k, v interface{}) bool { + return func(k, v interface{}) bool { + key := k.(int) + bucket := v.(*int64) + // Adjust key to match the bucket to merge into. + if key > 0 { + key++ + } + key /= 2 + // Add to corresponding hot bucket. + if addToBucket(hotBuckets, key, atomic.LoadInt64(bucket)) { + atomic.AddUint32(&hot.nativeHistogramBucketsNumber, 1) + } + return true + } + } + + cold.nativeHistogramBucketsPositive.Range(merge(&hot.nativeHistogramBucketsPositive)) + cold.nativeHistogramBucketsNegative.Range(merge(&hot.nativeHistogramBucketsNegative)) + // Play it simple again and just delete all cold buckets. + atomic.StoreUint32(&cold.nativeHistogramBucketsNumber, 0) + deleteSyncMap(&cold.nativeHistogramBucketsNegative) + deleteSyncMap(&cold.nativeHistogramBucketsPositive) +} + +func (h *histogram) resetCounts(counts *histogramCounts) { + atomic.StoreUint64(&counts.sumBits, 0) + atomic.StoreUint64(&counts.count, 0) + atomic.StoreUint64(&counts.nativeHistogramZeroBucket, 0) + atomic.StoreUint64(&counts.nativeHistogramZeroThresholdBits, math.Float64bits(h.nativeHistogramZeroThreshold)) + atomic.StoreInt32(&counts.nativeHistogramSchema, h.nativeHistogramSchema) + atomic.StoreUint32(&counts.nativeHistogramBucketsNumber, 0) + for i := range h.upperBounds { + atomic.StoreUint64(&counts.buckets[i], 0) + } + deleteSyncMap(&counts.nativeHistogramBucketsNegative) + deleteSyncMap(&counts.nativeHistogramBucketsPositive) } // updateExemplar replaces the exemplar for the provided bucket. With empty @@ -448,15 +1041,23 @@ type HistogramVec struct { // NewHistogramVec creates a new HistogramVec based on the provided HistogramOpts and // partitioned by the given label names. func NewHistogramVec(opts HistogramOpts, labelNames []string) *HistogramVec { - desc := NewDesc( + return V2.NewHistogramVec(HistogramVecOpts{ + HistogramOpts: opts, + VariableLabels: UnconstrainedLabels(labelNames), + }) +} + +// NewHistogramVec creates a new HistogramVec based on the provided HistogramVecOpts. +func (v2) NewHistogramVec(opts HistogramVecOpts) *HistogramVec { + desc := V2.NewDesc( BuildFQName(opts.Namespace, opts.Subsystem, opts.Name), opts.Help, - labelNames, + opts.VariableLabels, opts.ConstLabels, ) return &HistogramVec{ MetricVec: NewMetricVec(desc, func(lvs ...string) Metric { - return newHistogram(desc, opts, lvs...) + return newHistogram(desc, opts.HistogramOpts, lvs...) }), } } @@ -516,7 +1117,8 @@ func (v *HistogramVec) GetMetricWith(labels Labels) (Observer, error) { // WithLabelValues works as GetMetricWithLabelValues, but panics where // GetMetricWithLabelValues would have returned an error. Not returning an // error allows shortcuts like -// myVec.WithLabelValues("404", "GET").Observe(42.21) +// +// myVec.WithLabelValues("404", "GET").Observe(42.21) func (v *HistogramVec) WithLabelValues(lvs ...string) Observer { h, err := v.GetMetricWithLabelValues(lvs...) if err != nil { @@ -527,7 +1129,8 @@ func (v *HistogramVec) WithLabelValues(lvs ...string) Observer { // With works as GetMetricWith but panics where GetMetricWithLabels would have // returned an error. Not returning an error allows shortcuts like -// myVec.With(prometheus.Labels{"code": "404", "method": "GET"}).Observe(42.21) +// +// myVec.With(prometheus.Labels{"code": "404", "method": "GET"}).Observe(42.21) func (v *HistogramVec) With(labels Labels) Observer { h, err := v.GetMetricWith(labels) if err != nil { @@ -613,7 +1216,7 @@ func (h *constHistogram) Write(out *dto.Metric) error { // to send it to Prometheus in the Collect method. // // buckets is a map of upper bounds to cumulative counts, excluding the +Inf -// bucket. +// bucket. The +Inf bucket is implicit, and its value is equal to the provided count. // // NewConstHistogram returns an error if the length of labelValues is not // consistent with the variable labels in Desc or if Desc is invalid. @@ -668,3 +1271,229 @@ func (s buckSort) Swap(i, j int) { func (s buckSort) Less(i, j int) bool { return s[i].GetUpperBound() < s[j].GetUpperBound() } + +// pickSchema returns the largest number n between -4 and 8 such that +// 2^(2^-n) is less or equal the provided bucketFactor. +// +// Special cases: +// - bucketFactor <= 1: panics. +// - bucketFactor < 2^(2^-8) (but > 1): still returns 8. +func pickSchema(bucketFactor float64) int32 { + if bucketFactor <= 1 { + panic(fmt.Errorf("bucketFactor %f is <=1", bucketFactor)) + } + floor := math.Floor(math.Log2(math.Log2(bucketFactor))) + switch { + case floor <= -8: + return 8 + case floor >= 4: + return -4 + default: + return -int32(floor) + } +} + +func makeBuckets(buckets *sync.Map) ([]*dto.BucketSpan, []int64) { + var ii []int + buckets.Range(func(k, v interface{}) bool { + ii = append(ii, k.(int)) + return true + }) + sort.Ints(ii) + + if len(ii) == 0 { + return nil, nil + } + + var ( + spans []*dto.BucketSpan + deltas []int64 + prevCount int64 + nextI int + ) + + appendDelta := func(count int64) { + *spans[len(spans)-1].Length++ + deltas = append(deltas, count-prevCount) + prevCount = count + } + + for n, i := range ii { + v, _ := buckets.Load(i) + count := atomic.LoadInt64(v.(*int64)) + // Multiple spans with only small gaps in between are probably + // encoded more efficiently as one larger span with a few empty + // buckets. Needs some research to find the sweet spot. For now, + // we assume that gaps of one ore two buckets should not create + // a new span. + iDelta := int32(i - nextI) + if n == 0 || iDelta > 2 { + // We have to create a new span, either because we are + // at the very beginning, or because we have found a gap + // of more than two buckets. + spans = append(spans, &dto.BucketSpan{ + Offset: proto.Int32(iDelta), + Length: proto.Uint32(0), + }) + } else { + // We have found a small gap (or no gap at all). + // Insert empty buckets as needed. + for j := int32(0); j < iDelta; j++ { + appendDelta(0) + } + } + appendDelta(count) + nextI = i + 1 + } + return spans, deltas +} + +// addToBucket increments the sparse bucket at key by the provided amount. It +// returns true if a new sparse bucket had to be created for that. +func addToBucket(buckets *sync.Map, key int, increment int64) bool { + if existingBucket, ok := buckets.Load(key); ok { + // Fast path without allocation. + atomic.AddInt64(existingBucket.(*int64), increment) + return false + } + // Bucket doesn't exist yet. Slow path allocating new counter. + newBucket := increment // TODO(beorn7): Check if this is sufficient to not let increment escape. + if actualBucket, loaded := buckets.LoadOrStore(key, &newBucket); loaded { + // The bucket was created concurrently in another goroutine. + // Have to increment after all. + atomic.AddInt64(actualBucket.(*int64), increment) + return false + } + return true +} + +// addAndReset returns a function to be used with sync.Map.Range of spare +// buckets in coldCounts. It increments the buckets in the provided hotBuckets +// according to the buckets ranged through. It then resets all buckets ranged +// through to 0 (but leaves them in place so that they don't need to get +// recreated on the next scrape). +func addAndReset(hotBuckets *sync.Map, bucketNumber *uint32) func(k, v interface{}) bool { + return func(k, v interface{}) bool { + bucket := v.(*int64) + if addToBucket(hotBuckets, k.(int), atomic.LoadInt64(bucket)) { + atomic.AddUint32(bucketNumber, 1) + } + atomic.StoreInt64(bucket, 0) + return true + } +} + +func deleteSyncMap(m *sync.Map) { + m.Range(func(k, v interface{}) bool { + m.Delete(k) + return true + }) +} + +func findSmallestKey(m *sync.Map) int { + result := math.MaxInt32 + m.Range(func(k, v interface{}) bool { + key := k.(int) + if key < result { + result = key + } + return true + }) + return result +} + +func getLe(key int, schema int32) float64 { + // Here a bit of context about the behavior for the last bucket counting + // regular numbers (called simply "last bucket" below) and the bucket + // counting observations of ±Inf (called "inf bucket" below, with a key + // one higher than that of the "last bucket"): + // + // If we apply the usual formula to the last bucket, its upper bound + // would be calculated as +Inf. The reason is that the max possible + // regular float64 number (math.MaxFloat64) doesn't coincide with one of + // the calculated bucket boundaries. So the calculated boundary has to + // be larger than math.MaxFloat64, and the only float64 larger than + // math.MaxFloat64 is +Inf. However, we want to count actual + // observations of ±Inf in the inf bucket. Therefore, we have to treat + // the upper bound of the last bucket specially and set it to + // math.MaxFloat64. (The upper bound of the inf bucket, with its key + // being one higher than that of the last bucket, naturally comes out as + // +Inf by the usual formula. So that's fine.) + // + // math.MaxFloat64 has a frac of 0.9999999999999999 and an exp of + // 1024. If there were a float64 number following math.MaxFloat64, it + // would have a frac of 1.0 and an exp of 1024, or equivalently a frac + // of 0.5 and an exp of 1025. However, since frac must be smaller than + // 1, and exp must be smaller than 1025, either representation overflows + // a float64. (Which, in turn, is the reason that math.MaxFloat64 is the + // largest possible float64. Q.E.D.) However, the formula for + // calculating the upper bound from the idx and schema of the last + // bucket results in precisely that. It is either frac=1.0 & exp=1024 + // (for schema < 0) or frac=0.5 & exp=1025 (for schema >=0). (This is, + // by the way, a power of two where the exponent itself is a power of + // two, 2¹⁰ in fact, which coinicides with a bucket boundary in all + // schemas.) So these are the special cases we have to catch below. + if schema < 0 { + exp := key << -schema + if exp == 1024 { + // This is the last bucket before the overflow bucket + // (for ±Inf observations). Return math.MaxFloat64 as + // explained above. + return math.MaxFloat64 + } + return math.Ldexp(1, exp) + } + + fracIdx := key & ((1 << schema) - 1) + frac := nativeHistogramBounds[schema][fracIdx] + exp := (key >> schema) + 1 + if frac == 0.5 && exp == 1025 { + // This is the last bucket before the overflow bucket (for ±Inf + // observations). Return math.MaxFloat64 as explained above. + return math.MaxFloat64 + } + return math.Ldexp(frac, exp) +} + +// waitForCooldown returns after the count field in the provided histogramCounts +// has reached the provided count value. +func waitForCooldown(count uint64, counts *histogramCounts) { + for count != atomic.LoadUint64(&counts.count) { + runtime.Gosched() // Let observations get work done. + } +} + +// atomicAddFloat adds the provided float atomically to another float +// represented by the bit pattern the bits pointer is pointing to. +func atomicAddFloat(bits *uint64, v float64) { + for { + loadedBits := atomic.LoadUint64(bits) + newBits := math.Float64bits(math.Float64frombits(loadedBits) + v) + if atomic.CompareAndSwapUint64(bits, loadedBits, newBits) { + break + } + } +} + +// atomicDecUint32 atomically decrements the uint32 p points to. See +// https://pkg.go.dev/sync/atomic#AddUint32 to understand how this is done. +func atomicDecUint32(p *uint32) { + atomic.AddUint32(p, ^uint32(0)) +} + +// addAndResetCounts adds certain fields (count, sum, conventional buckets, zero +// bucket) from the cold counts to the corresponding fields in the hot +// counts. Those fields are then reset to 0 in the cold counts. +func addAndResetCounts(hot, cold *histogramCounts) { + atomic.AddUint64(&hot.count, atomic.LoadUint64(&cold.count)) + atomic.StoreUint64(&cold.count, 0) + coldSum := math.Float64frombits(atomic.LoadUint64(&cold.sumBits)) + atomicAddFloat(&hot.sumBits, coldSum) + atomic.StoreUint64(&cold.sumBits, 0) + for i := range hot.buckets { + atomic.AddUint64(&hot.buckets[i], atomic.LoadUint64(&cold.buckets[i])) + atomic.StoreUint64(&cold.buckets[i], 0) + } + atomic.AddUint64(&hot.nativeHistogramZeroBucket, atomic.LoadUint64(&cold.nativeHistogramZeroBucket)) + atomic.StoreUint64(&cold.nativeHistogramZeroBucket, 0) +} diff --git a/vendor/github.com/prometheus/client_golang/prometheus/internal/almost_equal.go b/vendor/github.com/prometheus/client_golang/prometheus/internal/almost_equal.go new file mode 100644 index 000000000..1ed5abe74 --- /dev/null +++ b/vendor/github.com/prometheus/client_golang/prometheus/internal/almost_equal.go @@ -0,0 +1,60 @@ +// Copyright (c) 2015 Björn Rabenstein +// +// Permission is hereby granted, free of charge, to any person obtaining a copy +// of this software and associated documentation files (the "Software"), to deal +// in the Software without restriction, including without limitation the rights +// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +// copies of the Software, and to permit persons to whom the Software is +// furnished to do so, subject to the following conditions: +// +// The above copyright notice and this permission notice shall be included in all +// copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +// SOFTWARE. +// +// The code in this package is copy/paste to avoid a dependency. Hence this file +// carries the copyright of the original repo. +// https://github.com/beorn7/floats +package internal + +import ( + "math" +) + +// minNormalFloat64 is the smallest positive normal value of type float64. +var minNormalFloat64 = math.Float64frombits(0x0010000000000000) + +// AlmostEqualFloat64 returns true if a and b are equal within a relative error +// of epsilon. See http://floating-point-gui.de/errors/comparison/ for the +// details of the applied method. +func AlmostEqualFloat64(a, b, epsilon float64) bool { + if a == b { + return true + } + absA := math.Abs(a) + absB := math.Abs(b) + diff := math.Abs(a - b) + if a == 0 || b == 0 || absA+absB < minNormalFloat64 { + return diff < epsilon*minNormalFloat64 + } + return diff/math.Min(absA+absB, math.MaxFloat64) < epsilon +} + +// AlmostEqualFloat64s is the slice form of AlmostEqualFloat64. +func AlmostEqualFloat64s(a, b []float64, epsilon float64) bool { + if len(a) != len(b) { + return false + } + for i := range a { + if !AlmostEqualFloat64(a[i], b[i], epsilon) { + return false + } + } + return true +} diff --git a/vendor/github.com/prometheus/client_golang/prometheus/internal/difflib.go b/vendor/github.com/prometheus/client_golang/prometheus/internal/difflib.go index fd45cadc0..fd0750f2c 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/internal/difflib.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/internal/difflib.go @@ -201,12 +201,15 @@ func (m *SequenceMatcher) isBJunk(s string) bool { // If IsJunk is not defined: // // Return (i,j,k) such that a[i:i+k] is equal to b[j:j+k], where -// alo <= i <= i+k <= ahi -// blo <= j <= j+k <= bhi +// +// alo <= i <= i+k <= ahi +// blo <= j <= j+k <= bhi +// // and for all (i',j',k') meeting those conditions, -// k >= k' -// i <= i' -// and if i == i', j <= j' +// +// k >= k' +// i <= i' +// and if i == i', j <= j' // // In other words, of all maximal matching blocks, return one that // starts earliest in a, and of all those maximal matching blocks that diff --git a/vendor/github.com/prometheus/client_golang/prometheus/labels.go b/vendor/github.com/prometheus/client_golang/prometheus/labels.go index 6eee198fe..63ff8683c 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/labels.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/labels.go @@ -25,12 +25,85 @@ import ( // Labels represents a collection of label name -> value mappings. This type is // commonly used with the With(Labels) and GetMetricWith(Labels) methods of // metric vector Collectors, e.g.: -// myVec.With(Labels{"code": "404", "method": "GET"}).Add(42) +// +// myVec.With(Labels{"code": "404", "method": "GET"}).Add(42) // // The other use-case is the specification of constant label pairs in Opts or to // create a Desc. type Labels map[string]string +// ConstrainedLabels represents a label name and its constrain function +// to normalize label values. This type is commonly used when constructing +// metric vector Collectors. +type ConstrainedLabel struct { + Name string + Constraint func(string) string +} + +func (cl ConstrainedLabel) Constrain(v string) string { + if cl.Constraint == nil { + return v + } + return cl.Constraint(v) +} + +// ConstrainableLabels is an interface that allows creating of labels that can +// be optionally constrained. +// +// prometheus.V2().NewCounterVec(CounterVecOpts{ +// CounterOpts: {...}, // Usual CounterOpts fields +// VariableLabels: []ConstrainedLabels{ +// {Name: "A"}, +// {Name: "B", Constraint: func(v string) string { ... }}, +// }, +// }) +type ConstrainableLabels interface { + constrainedLabels() ConstrainedLabels + labelNames() []string +} + +// ConstrainedLabels represents a collection of label name -> constrain function +// to normalize label values. This type is commonly used when constructing +// metric vector Collectors. +type ConstrainedLabels []ConstrainedLabel + +func (cls ConstrainedLabels) constrainedLabels() ConstrainedLabels { + return cls +} + +func (cls ConstrainedLabels) labelNames() []string { + names := make([]string, len(cls)) + for i, label := range cls { + names[i] = label.Name + } + return names +} + +// UnconstrainedLabels represents collection of label without any constraint on +// their value. Thus, it is simply a collection of label names. +// +// UnconstrainedLabels([]string{ "A", "B" }) +// +// is equivalent to +// +// ConstrainedLabels { +// { Name: "A" }, +// { Name: "B" }, +// } +type UnconstrainedLabels []string + +func (uls UnconstrainedLabels) constrainedLabels() ConstrainedLabels { + constrainedLabels := make([]ConstrainedLabel, len(uls)) + for i, l := range uls { + constrainedLabels[i] = ConstrainedLabel{Name: l} + } + return constrainedLabels +} + +func (uls UnconstrainedLabels) labelNames() []string { + return uls +} + // reservedLabelPrefix is a prefix which is not legal in user-supplied // label names. const reservedLabelPrefix = "__" diff --git a/vendor/github.com/prometheus/client_golang/prometheus/metric.go b/vendor/github.com/prometheus/client_golang/prometheus/metric.go index f0941f6f0..07bbc9d76 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/metric.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/metric.go @@ -20,11 +20,9 @@ import ( "strings" "time" - //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility. - "github.com/golang/protobuf/proto" - "github.com/prometheus/common/model" - dto "github.com/prometheus/client_model/go" + "github.com/prometheus/common/model" + "google.golang.org/protobuf/proto" ) var separatorByteSlice = []byte{model.SeparatorByte} // For convenient use with xxhash. @@ -187,7 +185,7 @@ func (m *withExemplarsMetric) Write(pb *dto.Metric) error { } else { // The +Inf bucket should be explicitly added if there is an exemplar for it, similar to non-const histogram logic in https://github.com/prometheus/client_golang/blob/main/prometheus/histogram.go#L357-L365. b := &dto.Bucket{ - CumulativeCount: proto.Uint64(pb.Histogram.Bucket[len(pb.Histogram.GetBucket())-1].GetCumulativeCount()), + CumulativeCount: proto.Uint64(pb.Histogram.GetSampleCount()), UpperBound: proto.Float64(math.Inf(1)), Exemplar: e, } diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promauto/auto.go b/vendor/github.com/prometheus/client_golang/prometheus/promauto/auto.go index f8d50d1f9..fa9011592 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/promauto/auto.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/promauto/auto.go @@ -14,114 +14,114 @@ // Package promauto provides alternative constructors for the fundamental // Prometheus metric types and their …Vec and …Func variants. The difference to // their counterparts in the prometheus package is that the promauto -// constructors return Collectors that are already registered with a -// registry. There are two sets of constructors. The constructors in the first -// set are top-level functions, while the constructors in the other set are -// methods of the Factory type. The top-level function return Collectors -// registered with the global registry (prometheus.DefaultRegisterer), while the -// methods return Collectors registered with the registry the Factory was -// constructed with. All constructors panic if the registration fails. +// constructors register the Collectors with a registry before returning them. +// There are two sets of constructors. The constructors in the first set are +// top-level functions, while the constructors in the other set are methods of +// the Factory type. The top-level function return Collectors registered with +// the global registry (prometheus.DefaultRegisterer), while the methods return +// Collectors registered with the registry the Factory was constructed with. All +// constructors panic if the registration fails. // // The following example is a complete program to create a histogram of normally // distributed random numbers from the math/rand package: // -// package main +// package main // -// import ( -// "math/rand" -// "net/http" +// import ( +// "math/rand" +// "net/http" // -// "github.com/prometheus/client_golang/prometheus" -// "github.com/prometheus/client_golang/prometheus/promauto" -// "github.com/prometheus/client_golang/prometheus/promhttp" -// ) +// "github.com/prometheus/client_golang/prometheus" +// "github.com/prometheus/client_golang/prometheus/promauto" +// "github.com/prometheus/client_golang/prometheus/promhttp" +// ) // -// var histogram = promauto.NewHistogram(prometheus.HistogramOpts{ -// Name: "random_numbers", -// Help: "A histogram of normally distributed random numbers.", -// Buckets: prometheus.LinearBuckets(-3, .1, 61), -// }) +// var histogram = promauto.NewHistogram(prometheus.HistogramOpts{ +// Name: "random_numbers", +// Help: "A histogram of normally distributed random numbers.", +// Buckets: prometheus.LinearBuckets(-3, .1, 61), +// }) // -// func Random() { -// for { -// histogram.Observe(rand.NormFloat64()) -// } -// } +// func Random() { +// for { +// histogram.Observe(rand.NormFloat64()) +// } +// } // -// func main() { -// go Random() -// http.Handle("/metrics", promhttp.Handler()) -// http.ListenAndServe(":1971", nil) -// } +// func main() { +// go Random() +// http.Handle("/metrics", promhttp.Handler()) +// http.ListenAndServe(":1971", nil) +// } // // Prometheus's version of a minimal hello-world program: // -// package main +// package main // -// import ( -// "fmt" -// "net/http" +// import ( +// "fmt" +// "net/http" // -// "github.com/prometheus/client_golang/prometheus" -// "github.com/prometheus/client_golang/prometheus/promauto" -// "github.com/prometheus/client_golang/prometheus/promhttp" -// ) +// "github.com/prometheus/client_golang/prometheus" +// "github.com/prometheus/client_golang/prometheus/promauto" +// "github.com/prometheus/client_golang/prometheus/promhttp" +// ) // -// func main() { -// http.Handle("/", promhttp.InstrumentHandlerCounter( -// promauto.NewCounterVec( -// prometheus.CounterOpts{ -// Name: "hello_requests_total", -// Help: "Total number of hello-world requests by HTTP code.", -// }, -// []string{"code"}, -// ), -// http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { -// fmt.Fprint(w, "Hello, world!") -// }), -// )) -// http.Handle("/metrics", promhttp.Handler()) -// http.ListenAndServe(":1971", nil) -// } +// func main() { +// http.Handle("/", promhttp.InstrumentHandlerCounter( +// promauto.NewCounterVec( +// prometheus.CounterOpts{ +// Name: "hello_requests_total", +// Help: "Total number of hello-world requests by HTTP code.", +// }, +// []string{"code"}, +// ), +// http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { +// fmt.Fprint(w, "Hello, world!") +// }), +// )) +// http.Handle("/metrics", promhttp.Handler()) +// http.ListenAndServe(":1971", nil) +// } // // A Factory is created with the With(prometheus.Registerer) function, which // enables two usage pattern. With(prometheus.Registerer) can be called once per // line: // -// var ( -// reg = prometheus.NewRegistry() -// randomNumbers = promauto.With(reg).NewHistogram(prometheus.HistogramOpts{ -// Name: "random_numbers", -// Help: "A histogram of normally distributed random numbers.", -// Buckets: prometheus.LinearBuckets(-3, .1, 61), -// }) -// requestCount = promauto.With(reg).NewCounterVec( -// prometheus.CounterOpts{ -// Name: "http_requests_total", -// Help: "Total number of HTTP requests by status code and method.", -// }, -// []string{"code", "method"}, -// ) -// ) +// var ( +// reg = prometheus.NewRegistry() +// randomNumbers = promauto.With(reg).NewHistogram(prometheus.HistogramOpts{ +// Name: "random_numbers", +// Help: "A histogram of normally distributed random numbers.", +// Buckets: prometheus.LinearBuckets(-3, .1, 61), +// }) +// requestCount = promauto.With(reg).NewCounterVec( +// prometheus.CounterOpts{ +// Name: "http_requests_total", +// Help: "Total number of HTTP requests by status code and method.", +// }, +// []string{"code", "method"}, +// ) +// ) // // Or it can be used to create a Factory once to be used multiple times: // -// var ( -// reg = prometheus.NewRegistry() -// factory = promauto.With(reg) -// randomNumbers = factory.NewHistogram(prometheus.HistogramOpts{ -// Name: "random_numbers", -// Help: "A histogram of normally distributed random numbers.", -// Buckets: prometheus.LinearBuckets(-3, .1, 61), -// }) -// requestCount = factory.NewCounterVec( -// prometheus.CounterOpts{ -// Name: "http_requests_total", -// Help: "Total number of HTTP requests by status code and method.", -// }, -// []string{"code", "method"}, -// ) -// ) +// var ( +// reg = prometheus.NewRegistry() +// factory = promauto.With(reg) +// randomNumbers = factory.NewHistogram(prometheus.HistogramOpts{ +// Name: "random_numbers", +// Help: "A histogram of normally distributed random numbers.", +// Buckets: prometheus.LinearBuckets(-3, .1, 61), +// }) +// requestCount = factory.NewCounterVec( +// prometheus.CounterOpts{ +// Name: "http_requests_total", +// Help: "Total number of HTTP requests by status code and method.", +// }, +// []string{"code", "method"}, +// ) +// ) // // This appears very handy. So why are these constructors locked away in a // separate package? diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_client.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_client.go index 097aff2df..d3482c40c 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_client.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_client.go @@ -68,17 +68,17 @@ func InstrumentRoundTripperCounter(counter *prometheus.CounterVec, next http.Rou o.apply(rtOpts) } - code, method := checkLabels(counter) + // Curry the counter with dynamic labels before checking the remaining labels. + code, method := checkLabels(counter.MustCurryWith(rtOpts.emptyDynamicLabels())) return func(r *http.Request) (*http.Response, error) { resp, err := next.RoundTrip(r) if err == nil { - exemplarAdd( - counter.With(labels(code, method, r.Method, resp.StatusCode, rtOpts.extraMethods...)), - 1, - rtOpts.getExemplarFn(r.Context()), - ) - counter.With(labels(code, method, r.Method, resp.StatusCode, rtOpts.extraMethods...)).Inc() + l := labels(code, method, r.Method, resp.StatusCode, rtOpts.extraMethods...) + for label, resolve := range rtOpts.extraLabelsFromCtx { + l[label] = resolve(resp.Request.Context()) + } + addWithExemplar(counter.With(l), 1, rtOpts.getExemplarFn(r.Context())) } return resp, err } @@ -111,17 +111,18 @@ func InstrumentRoundTripperDuration(obs prometheus.ObserverVec, next http.RoundT o.apply(rtOpts) } - code, method := checkLabels(obs) + // Curry the observer with dynamic labels before checking the remaining labels. + code, method := checkLabels(obs.MustCurryWith(rtOpts.emptyDynamicLabels())) return func(r *http.Request) (*http.Response, error) { start := time.Now() resp, err := next.RoundTrip(r) if err == nil { - exemplarObserve( - obs.With(labels(code, method, r.Method, resp.StatusCode, rtOpts.extraMethods...)), - time.Since(start).Seconds(), - rtOpts.getExemplarFn(r.Context()), - ) + l := labels(code, method, r.Method, resp.StatusCode, rtOpts.extraMethods...) + for label, resolve := range rtOpts.extraLabelsFromCtx { + l[label] = resolve(resp.Request.Context()) + } + observeWithExemplar(obs.With(l), time.Since(start).Seconds(), rtOpts.getExemplarFn(r.Context())) } return resp, err } diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go index bfe500987..3793036ad 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go @@ -28,7 +28,9 @@ import ( // magicString is used for the hacky label test in checkLabels. Remove once fixed. const magicString = "zZgWfBxLqvG8kc8IMv3POi2Bb0tZI3vAnBx+gBaFi9FyPzB/CzKUer1yufDa" -func exemplarObserve(obs prometheus.Observer, val float64, labels map[string]string) { +// observeWithExemplar is a wrapper for [prometheus.ExemplarAdder.ExemplarObserver], +// which falls back to [prometheus.Observer.Observe] if no labels are provided. +func observeWithExemplar(obs prometheus.Observer, val float64, labels map[string]string) { if labels == nil { obs.Observe(val) return @@ -36,7 +38,9 @@ func exemplarObserve(obs prometheus.Observer, val float64, labels map[string]str obs.(prometheus.ExemplarObserver).ObserveWithExemplar(val, labels) } -func exemplarAdd(obs prometheus.Counter, val float64, labels map[string]string) { +// addWithExemplar is a wrapper for [prometheus.ExemplarAdder.AddWithExemplar], +// which falls back to [prometheus.Counter.Add] if no labels are provided. +func addWithExemplar(obs prometheus.Counter, val float64, labels map[string]string) { if labels == nil { obs.Add(val) return @@ -83,7 +87,8 @@ func InstrumentHandlerDuration(obs prometheus.ObserverVec, next http.Handler, op o.apply(hOpts) } - code, method := checkLabels(obs) + // Curry the observer with dynamic labels before checking the remaining labels. + code, method := checkLabels(obs.MustCurryWith(hOpts.emptyDynamicLabels())) if code { return func(w http.ResponseWriter, r *http.Request) { @@ -91,23 +96,22 @@ func InstrumentHandlerDuration(obs prometheus.ObserverVec, next http.Handler, op d := newDelegator(w, nil) next.ServeHTTP(d, r) - exemplarObserve( - obs.With(labels(code, method, r.Method, d.Status(), hOpts.extraMethods...)), - time.Since(now).Seconds(), - hOpts.getExemplarFn(r.Context()), - ) + l := labels(code, method, r.Method, d.Status(), hOpts.extraMethods...) + for label, resolve := range hOpts.extraLabelsFromCtx { + l[label] = resolve(r.Context()) + } + observeWithExemplar(obs.With(l), time.Since(now).Seconds(), hOpts.getExemplarFn(r.Context())) } } return func(w http.ResponseWriter, r *http.Request) { now := time.Now() next.ServeHTTP(w, r) - - exemplarObserve( - obs.With(labels(code, method, r.Method, 0, hOpts.extraMethods...)), - time.Since(now).Seconds(), - hOpts.getExemplarFn(r.Context()), - ) + l := labels(code, method, r.Method, 0, hOpts.extraMethods...) + for label, resolve := range hOpts.extraLabelsFromCtx { + l[label] = resolve(r.Context()) + } + observeWithExemplar(obs.With(l), time.Since(now).Seconds(), hOpts.getExemplarFn(r.Context())) } } @@ -134,28 +138,30 @@ func InstrumentHandlerCounter(counter *prometheus.CounterVec, next http.Handler, o.apply(hOpts) } - code, method := checkLabels(counter) + // Curry the counter with dynamic labels before checking the remaining labels. + code, method := checkLabels(counter.MustCurryWith(hOpts.emptyDynamicLabels())) if code { return func(w http.ResponseWriter, r *http.Request) { d := newDelegator(w, nil) next.ServeHTTP(d, r) - exemplarAdd( - counter.With(labels(code, method, r.Method, d.Status(), hOpts.extraMethods...)), - 1, - hOpts.getExemplarFn(r.Context()), - ) + l := labels(code, method, r.Method, d.Status(), hOpts.extraMethods...) + for label, resolve := range hOpts.extraLabelsFromCtx { + l[label] = resolve(r.Context()) + } + addWithExemplar(counter.With(l), 1, hOpts.getExemplarFn(r.Context())) } } return func(w http.ResponseWriter, r *http.Request) { next.ServeHTTP(w, r) - exemplarAdd( - counter.With(labels(code, method, r.Method, 0, hOpts.extraMethods...)), - 1, - hOpts.getExemplarFn(r.Context()), - ) + + l := labels(code, method, r.Method, 0, hOpts.extraMethods...) + for label, resolve := range hOpts.extraLabelsFromCtx { + l[label] = resolve(r.Context()) + } + addWithExemplar(counter.With(l), 1, hOpts.getExemplarFn(r.Context())) } } @@ -187,16 +193,17 @@ func InstrumentHandlerTimeToWriteHeader(obs prometheus.ObserverVec, next http.Ha o.apply(hOpts) } - code, method := checkLabels(obs) + // Curry the observer with dynamic labels before checking the remaining labels. + code, method := checkLabels(obs.MustCurryWith(hOpts.emptyDynamicLabels())) return func(w http.ResponseWriter, r *http.Request) { now := time.Now() d := newDelegator(w, func(status int) { - exemplarObserve( - obs.With(labels(code, method, r.Method, status, hOpts.extraMethods...)), - time.Since(now).Seconds(), - hOpts.getExemplarFn(r.Context()), - ) + l := labels(code, method, r.Method, status, hOpts.extraMethods...) + for label, resolve := range hOpts.extraLabelsFromCtx { + l[label] = resolve(r.Context()) + } + observeWithExemplar(obs.With(l), time.Since(now).Seconds(), hOpts.getExemplarFn(r.Context())) }) next.ServeHTTP(d, r) } @@ -227,28 +234,32 @@ func InstrumentHandlerRequestSize(obs prometheus.ObserverVec, next http.Handler, o.apply(hOpts) } - code, method := checkLabels(obs) + // Curry the observer with dynamic labels before checking the remaining labels. + code, method := checkLabels(obs.MustCurryWith(hOpts.emptyDynamicLabels())) + if code { return func(w http.ResponseWriter, r *http.Request) { d := newDelegator(w, nil) next.ServeHTTP(d, r) size := computeApproximateRequestSize(r) - exemplarObserve( - obs.With(labels(code, method, r.Method, d.Status(), hOpts.extraMethods...)), - float64(size), - hOpts.getExemplarFn(r.Context()), - ) + + l := labels(code, method, r.Method, d.Status(), hOpts.extraMethods...) + for label, resolve := range hOpts.extraLabelsFromCtx { + l[label] = resolve(r.Context()) + } + observeWithExemplar(obs.With(l), float64(size), hOpts.getExemplarFn(r.Context())) } } return func(w http.ResponseWriter, r *http.Request) { next.ServeHTTP(w, r) size := computeApproximateRequestSize(r) - exemplarObserve( - obs.With(labels(code, method, r.Method, 0, hOpts.extraMethods...)), - float64(size), - hOpts.getExemplarFn(r.Context()), - ) + + l := labels(code, method, r.Method, 0, hOpts.extraMethods...) + for label, resolve := range hOpts.extraLabelsFromCtx { + l[label] = resolve(r.Context()) + } + observeWithExemplar(obs.With(l), float64(size), hOpts.getExemplarFn(r.Context())) } } @@ -277,16 +288,18 @@ func InstrumentHandlerResponseSize(obs prometheus.ObserverVec, next http.Handler o.apply(hOpts) } - code, method := checkLabels(obs) + // Curry the observer with dynamic labels before checking the remaining labels. + code, method := checkLabels(obs.MustCurryWith(hOpts.emptyDynamicLabels())) return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { d := newDelegator(w, nil) next.ServeHTTP(d, r) - exemplarObserve( - obs.With(labels(code, method, r.Method, d.Status(), hOpts.extraMethods...)), - float64(d.Written()), - hOpts.getExemplarFn(r.Context()), - ) + + l := labels(code, method, r.Method, d.Status(), hOpts.extraMethods...) + for label, resolve := range hOpts.extraLabelsFromCtx { + l[label] = resolve(r.Context()) + } + observeWithExemplar(obs.With(l), float64(d.Written()), hOpts.getExemplarFn(r.Context())) }) } diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/option.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/option.go index c590d912c..5d4383aa1 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/option.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/option.go @@ -24,14 +24,32 @@ type Option interface { apply(*options) } +// LabelValueFromCtx are used to compute the label value from request context. +// Context can be filled with values from request through middleware. +type LabelValueFromCtx func(ctx context.Context) string + // options store options for both a handler or round tripper. type options struct { - extraMethods []string - getExemplarFn func(requestCtx context.Context) prometheus.Labels + extraMethods []string + getExemplarFn func(requestCtx context.Context) prometheus.Labels + extraLabelsFromCtx map[string]LabelValueFromCtx } func defaultOptions() *options { - return &options{getExemplarFn: func(ctx context.Context) prometheus.Labels { return nil }} + return &options{ + getExemplarFn: func(ctx context.Context) prometheus.Labels { return nil }, + extraLabelsFromCtx: map[string]LabelValueFromCtx{}, + } +} + +func (o *options) emptyDynamicLabels() prometheus.Labels { + labels := prometheus.Labels{} + + for label := range o.extraLabelsFromCtx { + labels[label] = "" + } + + return labels } type optionApplyFunc func(*options) @@ -48,11 +66,19 @@ func WithExtraMethods(methods ...string) Option { }) } -// WithExemplarFromContext adds allows to put a hook to all counter and histogram metrics. -// If the hook function returns non-nil labels, exemplars will be added for that request, otherwise metric -// will get instrumented without exemplar. +// WithExemplarFromContext allows to inject function that will get exemplar from context that will be put to counter and histogram metrics. +// If the function returns nil labels or the metric does not support exemplars, no exemplar will be added (noop), but +// metric will continue to observe/increment. func WithExemplarFromContext(getExemplarFn func(requestCtx context.Context) prometheus.Labels) Option { return optionApplyFunc(func(o *options) { o.getExemplarFn = getExemplarFn }) } + +// WithLabelFromCtx registers a label for dynamic resolution with access to context. +// See the example for ExampleInstrumentHandlerWithLabelResolver for example usage +func WithLabelFromCtx(name string, valueFn LabelValueFromCtx) Option { + return optionApplyFunc(func(o *options) { + o.extraLabelsFromCtx[name] = valueFn + }) +} diff --git a/vendor/github.com/prometheus/client_golang/prometheus/registry.go b/vendor/github.com/prometheus/client_golang/prometheus/registry.go index 325f665ff..44da9433b 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/registry.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/registry.go @@ -21,18 +21,17 @@ import ( "path/filepath" "runtime" "sort" + "strconv" "strings" "sync" "unicode/utf8" - "github.com/cespare/xxhash/v2" - //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility. - "github.com/golang/protobuf/proto" - "github.com/prometheus/common/expfmt" + "github.com/prometheus/client_golang/prometheus/internal" + "github.com/cespare/xxhash/v2" dto "github.com/prometheus/client_model/go" - - "github.com/prometheus/client_golang/prometheus/internal" + "github.com/prometheus/common/expfmt" + "google.golang.org/protobuf/proto" ) const ( @@ -252,9 +251,12 @@ func (errs MultiError) MaybeUnwrap() error { } // Registry registers Prometheus collectors, collects their metrics, and gathers -// them into MetricFamilies for exposition. It implements both Registerer and -// Gatherer. The zero value is not usable. Create instances with NewRegistry or -// NewPedanticRegistry. +// them into MetricFamilies for exposition. It implements Registerer, Gatherer, +// and Collector. The zero value is not usable. Create instances with +// NewRegistry or NewPedanticRegistry. +// +// Registry implements Collector to allow it to be used for creating groups of +// metrics. See the Grouping example for how this can be done. type Registry struct { mtx sync.RWMutex collectorsByID map[uint64]Collector // ID is a hash of the descIDs. @@ -556,6 +558,31 @@ func (r *Registry) Gather() ([]*dto.MetricFamily, error) { return internal.NormalizeMetricFamilies(metricFamiliesByName), errs.MaybeUnwrap() } +// Describe implements Collector. +func (r *Registry) Describe(ch chan<- *Desc) { + r.mtx.RLock() + defer r.mtx.RUnlock() + + // Only report the checked Collectors; unchecked collectors don't report any + // Desc. + for _, c := range r.collectorsByID { + c.Describe(ch) + } +} + +// Collect implements Collector. +func (r *Registry) Collect(ch chan<- Metric) { + r.mtx.RLock() + defer r.mtx.RUnlock() + + for _, c := range r.collectorsByID { + c.Collect(ch) + } + for _, c := range r.uncheckedCollectors { + c.Collect(ch) + } +} + // WriteToTextfile calls Gather on the provided Gatherer, encodes the result in the // Prometheus text format, and writes it to a temporary file. Upon success, the // temporary file is renamed to the provided filename. @@ -905,6 +932,10 @@ func checkMetricConsistency( h.WriteString(lp.GetValue()) h.Write(separatorByteSlice) } + if dtoMetric.TimestampMs != nil { + h.WriteString(strconv.FormatInt(*(dtoMetric.TimestampMs), 10)) + h.Write(separatorByteSlice) + } hSum := h.Sum64() if _, exists := metricHashes[hSum]; exists { return fmt.Errorf( @@ -934,7 +965,7 @@ func checkDescConsistency( copy(lpsFromDesc, desc.constLabelPairs) for _, l := range desc.variableLabels { lpsFromDesc = append(lpsFromDesc, &dto.LabelPair{ - Name: proto.String(l), + Name: proto.String(l.Name), }) } if len(lpsFromDesc) != len(dtoMetric.Label) { diff --git a/vendor/github.com/prometheus/client_golang/prometheus/summary.go b/vendor/github.com/prometheus/client_golang/prometheus/summary.go index c5fa8ed7c..dd359264e 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/summary.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/summary.go @@ -22,11 +22,10 @@ import ( "sync/atomic" "time" - "github.com/beorn7/perks/quantile" - //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility. - "github.com/golang/protobuf/proto" - dto "github.com/prometheus/client_model/go" + + "github.com/beorn7/perks/quantile" + "google.golang.org/protobuf/proto" ) // quantileLabel is used for the label that defines the quantile in a @@ -148,6 +147,18 @@ type SummaryOpts struct { BufCap uint32 } +// SummaryVecOpts bundles the options to create a SummaryVec metric. +// It is mandatory to set SummaryOpts, see there for mandatory fields. VariableLabels +// is optional and can safely be left to its default value. +type SummaryVecOpts struct { + SummaryOpts + + // VariableLabels are used to partition the metric vector by the given set + // of labels. Each label value will be constrained with the optional Contraint + // function, if provided. + VariableLabels ConstrainableLabels +} + // Problem with the sliding-window decay algorithm... The Merge method of // perk/quantile is actually not working as advertised - and it might be // unfixable, as the underlying algorithm is apparently not capable of merging @@ -178,11 +189,11 @@ func NewSummary(opts SummaryOpts) Summary { func newSummary(desc *Desc, opts SummaryOpts, labelValues ...string) Summary { if len(desc.variableLabels) != len(labelValues) { - panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels, labelValues)) + panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.labelNames(), labelValues)) } for _, n := range desc.variableLabels { - if n == quantileLabel { + if n.Name == quantileLabel { panic(errQuantileLabelNotAllowed) } } @@ -530,20 +541,28 @@ type SummaryVec struct { // it is handled by the Prometheus server internally, “quantile” is an illegal // label name. NewSummaryVec will panic if this label name is used. func NewSummaryVec(opts SummaryOpts, labelNames []string) *SummaryVec { - for _, ln := range labelNames { + return V2.NewSummaryVec(SummaryVecOpts{ + SummaryOpts: opts, + VariableLabels: UnconstrainedLabels(labelNames), + }) +} + +// NewSummaryVec creates a new SummaryVec based on the provided SummaryVecOpts. +func (v2) NewSummaryVec(opts SummaryVecOpts) *SummaryVec { + for _, ln := range opts.VariableLabels.labelNames() { if ln == quantileLabel { panic(errQuantileLabelNotAllowed) } } - desc := NewDesc( + desc := V2.NewDesc( BuildFQName(opts.Namespace, opts.Subsystem, opts.Name), opts.Help, - labelNames, + opts.VariableLabels, opts.ConstLabels, ) return &SummaryVec{ MetricVec: NewMetricVec(desc, func(lvs ...string) Metric { - return newSummary(desc, opts, lvs...) + return newSummary(desc, opts.SummaryOpts, lvs...) }), } } @@ -603,7 +622,8 @@ func (v *SummaryVec) GetMetricWith(labels Labels) (Observer, error) { // WithLabelValues works as GetMetricWithLabelValues, but panics where // GetMetricWithLabelValues would have returned an error. Not returning an // error allows shortcuts like -// myVec.WithLabelValues("404", "GET").Observe(42.21) +// +// myVec.WithLabelValues("404", "GET").Observe(42.21) func (v *SummaryVec) WithLabelValues(lvs ...string) Observer { s, err := v.GetMetricWithLabelValues(lvs...) if err != nil { @@ -614,7 +634,8 @@ func (v *SummaryVec) WithLabelValues(lvs ...string) Observer { // With works as GetMetricWith, but panics where GetMetricWithLabels would have // returned an error. Not returning an error allows shortcuts like -// myVec.With(prometheus.Labels{"code": "404", "method": "GET"}).Observe(42.21) +// +// myVec.With(prometheus.Labels{"code": "404", "method": "GET"}).Observe(42.21) func (v *SummaryVec) With(labels Labels) Observer { s, err := v.GetMetricWith(labels) if err != nil { @@ -701,7 +722,8 @@ func (s *constSummary) Write(out *dto.Metric) error { // // quantiles maps ranks to quantile values. For example, a median latency of // 0.23s and a 99th percentile latency of 0.56s would be expressed as: -// map[float64]float64{0.5: 0.23, 0.99: 0.56} +// +// map[float64]float64{0.5: 0.23, 0.99: 0.56} // // NewConstSummary returns an error if the length of labelValues is not // consistent with the variable labels in Desc or if Desc is invalid. diff --git a/vendor/github.com/prometheus/client_golang/prometheus/timer.go b/vendor/github.com/prometheus/client_golang/prometheus/timer.go index 8d5f10523..52344fef5 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/timer.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/timer.go @@ -23,13 +23,24 @@ type Timer struct { } // NewTimer creates a new Timer. The provided Observer is used to observe a -// duration in seconds. Timer is usually used to time a function call in the +// duration in seconds. If the Observer implements ExemplarObserver, passing exemplar +// later on will be also supported. +// Timer is usually used to time a function call in the // following way: -// func TimeMe() { -// timer := NewTimer(myHistogram) -// defer timer.ObserveDuration() -// // Do actual work. -// } +// +// func TimeMe() { +// timer := NewTimer(myHistogram) +// defer timer.ObserveDuration() +// // Do actual work. +// } +// +// or +// +// func TimeMeWithExemplar() { +// timer := NewTimer(myHistogram) +// defer timer.ObserveDurationWithExemplar(exemplar) +// // Do actual work. +// } func NewTimer(o Observer) *Timer { return &Timer{ begin: time.Now(), @@ -52,3 +63,19 @@ func (t *Timer) ObserveDuration() time.Duration { } return d } + +// ObserveDurationWithExemplar is like ObserveDuration, but it will also +// observe exemplar with the duration unless exemplar is nil or provided Observer can't +// be casted to ExemplarObserver. +func (t *Timer) ObserveDurationWithExemplar(exemplar Labels) time.Duration { + d := time.Since(t.begin) + eo, ok := t.observer.(ExemplarObserver) + if ok && exemplar != nil { + eo.ObserveWithExemplar(d.Seconds(), exemplar) + return d + } + if t.observer != nil { + t.observer.Observe(d.Seconds()) + } + return d +} diff --git a/vendor/github.com/prometheus/client_golang/prometheus/value.go b/vendor/github.com/prometheus/client_golang/prometheus/value.go index 2d3abc1cb..5f6bb8001 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/value.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/value.go @@ -19,13 +19,11 @@ import ( "time" "unicode/utf8" - //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility. - "github.com/golang/protobuf/proto" - "google.golang.org/protobuf/types/known/timestamppb" - "github.com/prometheus/client_golang/prometheus/internal" dto "github.com/prometheus/client_model/go" + "google.golang.org/protobuf/proto" + "google.golang.org/protobuf/types/known/timestamppb" ) // ValueType is an enumeration of metric types that represent a simple value. @@ -188,9 +186,9 @@ func MakeLabelPairs(desc *Desc, labelValues []string) []*dto.LabelPair { return desc.constLabelPairs } labelPairs := make([]*dto.LabelPair, 0, totalLen) - for i, n := range desc.variableLabels { + for i, l := range desc.variableLabels { labelPairs = append(labelPairs, &dto.LabelPair{ - Name: proto.String(n), + Name: proto.String(l.Name), Value: proto.String(labelValues[i]), }) } diff --git a/vendor/github.com/prometheus/client_golang/prometheus/vec.go b/vendor/github.com/prometheus/client_golang/prometheus/vec.go index 7ae322590..386fb2d23 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/vec.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/vec.go @@ -72,6 +72,7 @@ func NewMetricVec(desc *Desc, newMetric func(lvs ...string) Metric) *MetricVec { // with a performance overhead (for creating and processing the Labels map). // See also the CounterVec example. func (m *MetricVec) DeleteLabelValues(lvs ...string) bool { + lvs = constrainLabelValues(m.desc, lvs, m.curry) h, err := m.hashLabelValues(lvs) if err != nil { return false @@ -91,6 +92,7 @@ func (m *MetricVec) DeleteLabelValues(lvs ...string) bool { // This method is used for the same purpose as DeleteLabelValues(...string). See // there for pros and cons of the two methods. func (m *MetricVec) Delete(labels Labels) bool { + labels = constrainLabels(m.desc, labels) h, err := m.hashLabels(labels) if err != nil { return false @@ -106,6 +108,7 @@ func (m *MetricVec) Delete(labels Labels) bool { // Note that curried labels will never be matched if deleting from the curried vector. // To match curried labels with DeletePartialMatch, it must be called on the base vector. func (m *MetricVec) DeletePartialMatch(labels Labels) int { + labels = constrainLabels(m.desc, labels) return m.metricMap.deleteByLabels(labels, m.curry) } @@ -145,10 +148,10 @@ func (m *MetricVec) CurryWith(labels Labels) (*MetricVec, error) { iCurry int ) for i, label := range m.desc.variableLabels { - val, ok := labels[label] + val, ok := labels[label.Name] if iCurry < len(oldCurry) && oldCurry[iCurry].index == i { if ok { - return nil, fmt.Errorf("label name %q is already curried", label) + return nil, fmt.Errorf("label name %q is already curried", label.Name) } newCurry = append(newCurry, oldCurry[iCurry]) iCurry++ @@ -156,7 +159,7 @@ func (m *MetricVec) CurryWith(labels Labels) (*MetricVec, error) { if !ok { continue // Label stays uncurried. } - newCurry = append(newCurry, curriedLabelValue{i, val}) + newCurry = append(newCurry, curriedLabelValue{i, label.Constrain(val)}) } } if l := len(oldCurry) + len(labels) - len(newCurry); l > 0 { @@ -199,6 +202,7 @@ func (m *MetricVec) CurryWith(labels Labels) (*MetricVec, error) { // a wrapper around MetricVec, implementing a vector for a specific Metric // implementation, for example GaugeVec. func (m *MetricVec) GetMetricWithLabelValues(lvs ...string) (Metric, error) { + lvs = constrainLabelValues(m.desc, lvs, m.curry) h, err := m.hashLabelValues(lvs) if err != nil { return nil, err @@ -224,6 +228,7 @@ func (m *MetricVec) GetMetricWithLabelValues(lvs ...string) (Metric, error) { // around MetricVec, implementing a vector for a specific Metric implementation, // for example GaugeVec. func (m *MetricVec) GetMetricWith(labels Labels) (Metric, error) { + labels = constrainLabels(m.desc, labels) h, err := m.hashLabels(labels) if err != nil { return nil, err @@ -266,16 +271,16 @@ func (m *MetricVec) hashLabels(labels Labels) (uint64, error) { iCurry int ) for i, label := range m.desc.variableLabels { - val, ok := labels[label] + val, ok := labels[label.Name] if iCurry < len(curry) && curry[iCurry].index == i { if ok { - return 0, fmt.Errorf("label name %q is already curried", label) + return 0, fmt.Errorf("label name %q is already curried", label.Name) } h = m.hashAdd(h, curry[iCurry].value) iCurry++ } else { if !ok { - return 0, fmt.Errorf("label name %q missing in label map", label) + return 0, fmt.Errorf("label name %q missing in label map", label.Name) } h = m.hashAdd(h, val) } @@ -453,7 +458,7 @@ func valueMatchesVariableOrCurriedValue(targetValue string, index int, values [] func matchPartialLabels(desc *Desc, values []string, labels Labels, curry []curriedLabelValue) bool { for l, v := range labels { // Check if the target label exists in our metrics and get the index. - varLabelIndex, validLabel := indexOf(l, desc.variableLabels) + varLabelIndex, validLabel := indexOf(l, desc.variableLabels.labelNames()) if validLabel { // Check the value of that label against the target value. // We don't consider curried values in partial matches. @@ -605,7 +610,7 @@ func matchLabels(desc *Desc, values []string, labels Labels, curry []curriedLabe iCurry++ continue } - if values[i] != labels[k] { + if values[i] != labels[k.Name] { return false } } @@ -621,7 +626,7 @@ func extractLabelValues(desc *Desc, labels Labels, curry []curriedLabelValue) [] iCurry++ continue } - labelValues[i] = labels[k] + labelValues[i] = labels[k.Name] } return labelValues } @@ -640,3 +645,34 @@ func inlineLabelValues(lvs []string, curry []curriedLabelValue) []string { } return labelValues } + +func constrainLabels(desc *Desc, labels Labels) Labels { + constrainedValues := make(Labels, len(labels)) + for l, v := range labels { + if i, ok := indexOf(l, desc.variableLabels.labelNames()); ok { + constrainedValues[l] = desc.variableLabels[i].Constrain(v) + continue + } + constrainedValues[l] = v + } + return constrainedValues +} + +func constrainLabelValues(desc *Desc, lvs []string, curry []curriedLabelValue) []string { + constrainedValues := make([]string, len(lvs)) + var iCurry, iLVs int + for i := 0; i < len(lvs)+len(curry); i++ { + if iCurry < len(curry) && curry[iCurry].index == i { + iCurry++ + continue + } + + if i < len(desc.variableLabels) { + constrainedValues[iLVs] = desc.variableLabels[i].Constrain(lvs[iLVs]) + } else { + constrainedValues[iLVs] = lvs[iLVs] + } + iLVs++ + } + return constrainedValues +} diff --git a/vendor/github.com/prometheus/client_golang/prometheus/vnext.go b/vendor/github.com/prometheus/client_golang/prometheus/vnext.go new file mode 100644 index 000000000..42bc3a8f0 --- /dev/null +++ b/vendor/github.com/prometheus/client_golang/prometheus/vnext.go @@ -0,0 +1,23 @@ +// Copyright 2022 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package prometheus + +type v2 struct{} + +// V2 is a struct that can be referenced to access experimental API that might +// be present in v2 of client golang someday. It offers extended functionality +// of v1 with slightly changed API. It is acceptable to use some pieces from v1 +// and e.g `prometheus.NewGauge` and some from v2 e.g. `prometheus.V2.NewDesc` +// in the same codebase. +var V2 = v2{} diff --git a/vendor/github.com/prometheus/client_golang/prometheus/wrap.go b/vendor/github.com/prometheus/client_golang/prometheus/wrap.go index 1498ee144..25da157f1 100644 --- a/vendor/github.com/prometheus/client_golang/prometheus/wrap.go +++ b/vendor/github.com/prometheus/client_golang/prometheus/wrap.go @@ -17,12 +17,10 @@ import ( "fmt" "sort" - //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility. - "github.com/golang/protobuf/proto" + "github.com/prometheus/client_golang/prometheus/internal" dto "github.com/prometheus/client_model/go" - - "github.com/prometheus/client_golang/prometheus/internal" + "google.golang.org/protobuf/proto" ) // WrapRegistererWith returns a Registerer wrapping the provided @@ -206,7 +204,7 @@ func wrapDesc(desc *Desc, prefix string, labels Labels) *Desc { constLabels[ln] = lv } // NewDesc will do remaining validations. - newDesc := NewDesc(prefix+desc.fqName, desc.help, desc.variableLabels, constLabels) + newDesc := V2.NewDesc(prefix+desc.fqName, desc.help, desc.variableLabels, constLabels) // Propagate errors if there was any. This will override any errer // created by NewDesc above, i.e. earlier errors get precedence. if desc.err != nil { diff --git a/vendor/github.com/prometheus/client_model/go/metrics.pb.go b/vendor/github.com/prometheus/client_model/go/metrics.pb.go index 2f4930d9d..35904ea19 100644 --- a/vendor/github.com/prometheus/client_model/go/metrics.pb.go +++ b/vendor/github.com/prometheus/client_model/go/metrics.pb.go @@ -1,5 +1,5 @@ // Code generated by protoc-gen-go. DO NOT EDIT. -// source: metrics.proto +// source: io/prometheus/client/metrics.proto package io_prometheus_client @@ -24,11 +24,18 @@ const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package type MetricType int32 const ( - MetricType_COUNTER MetricType = 0 - MetricType_GAUGE MetricType = 1 - MetricType_SUMMARY MetricType = 2 - MetricType_UNTYPED MetricType = 3 + // COUNTER must use the Metric field "counter". + MetricType_COUNTER MetricType = 0 + // GAUGE must use the Metric field "gauge". + MetricType_GAUGE MetricType = 1 + // SUMMARY must use the Metric field "summary". + MetricType_SUMMARY MetricType = 2 + // UNTYPED must use the Metric field "untyped". + MetricType_UNTYPED MetricType = 3 + // HISTOGRAM must use the Metric field "histogram". MetricType_HISTOGRAM MetricType = 4 + // GAUGE_HISTOGRAM must use the Metric field "histogram". + MetricType_GAUGE_HISTOGRAM MetricType = 5 ) var MetricType_name = map[int32]string{ @@ -37,14 +44,16 @@ var MetricType_name = map[int32]string{ 2: "SUMMARY", 3: "UNTYPED", 4: "HISTOGRAM", + 5: "GAUGE_HISTOGRAM", } var MetricType_value = map[string]int32{ - "COUNTER": 0, - "GAUGE": 1, - "SUMMARY": 2, - "UNTYPED": 3, - "HISTOGRAM": 4, + "COUNTER": 0, + "GAUGE": 1, + "SUMMARY": 2, + "UNTYPED": 3, + "HISTOGRAM": 4, + "GAUGE_HISTOGRAM": 5, } func (x MetricType) Enum() *MetricType { @@ -67,7 +76,7 @@ func (x *MetricType) UnmarshalJSON(data []byte) error { } func (MetricType) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{0} + return fileDescriptor_d1e5ddb18987a258, []int{0} } type LabelPair struct { @@ -82,7 +91,7 @@ func (m *LabelPair) Reset() { *m = LabelPair{} } func (m *LabelPair) String() string { return proto.CompactTextString(m) } func (*LabelPair) ProtoMessage() {} func (*LabelPair) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{0} + return fileDescriptor_d1e5ddb18987a258, []int{0} } func (m *LabelPair) XXX_Unmarshal(b []byte) error { @@ -128,7 +137,7 @@ func (m *Gauge) Reset() { *m = Gauge{} } func (m *Gauge) String() string { return proto.CompactTextString(m) } func (*Gauge) ProtoMessage() {} func (*Gauge) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{1} + return fileDescriptor_d1e5ddb18987a258, []int{1} } func (m *Gauge) XXX_Unmarshal(b []byte) error { @@ -168,7 +177,7 @@ func (m *Counter) Reset() { *m = Counter{} } func (m *Counter) String() string { return proto.CompactTextString(m) } func (*Counter) ProtoMessage() {} func (*Counter) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{2} + return fileDescriptor_d1e5ddb18987a258, []int{2} } func (m *Counter) XXX_Unmarshal(b []byte) error { @@ -215,7 +224,7 @@ func (m *Quantile) Reset() { *m = Quantile{} } func (m *Quantile) String() string { return proto.CompactTextString(m) } func (*Quantile) ProtoMessage() {} func (*Quantile) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{3} + return fileDescriptor_d1e5ddb18987a258, []int{3} } func (m *Quantile) XXX_Unmarshal(b []byte) error { @@ -263,7 +272,7 @@ func (m *Summary) Reset() { *m = Summary{} } func (m *Summary) String() string { return proto.CompactTextString(m) } func (*Summary) ProtoMessage() {} func (*Summary) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{4} + return fileDescriptor_d1e5ddb18987a258, []int{4} } func (m *Summary) XXX_Unmarshal(b []byte) error { @@ -316,7 +325,7 @@ func (m *Untyped) Reset() { *m = Untyped{} } func (m *Untyped) String() string { return proto.CompactTextString(m) } func (*Untyped) ProtoMessage() {} func (*Untyped) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{5} + return fileDescriptor_d1e5ddb18987a258, []int{5} } func (m *Untyped) XXX_Unmarshal(b []byte) error { @@ -345,9 +354,34 @@ func (m *Untyped) GetValue() float64 { } type Histogram struct { - SampleCount *uint64 `protobuf:"varint,1,opt,name=sample_count,json=sampleCount" json:"sample_count,omitempty"` - SampleSum *float64 `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum" json:"sample_sum,omitempty"` - Bucket []*Bucket `protobuf:"bytes,3,rep,name=bucket" json:"bucket,omitempty"` + SampleCount *uint64 `protobuf:"varint,1,opt,name=sample_count,json=sampleCount" json:"sample_count,omitempty"` + SampleCountFloat *float64 `protobuf:"fixed64,4,opt,name=sample_count_float,json=sampleCountFloat" json:"sample_count_float,omitempty"` + SampleSum *float64 `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum" json:"sample_sum,omitempty"` + // Buckets for the conventional histogram. + Bucket []*Bucket `protobuf:"bytes,3,rep,name=bucket" json:"bucket,omitempty"` + // schema defines the bucket schema. Currently, valid numbers are -4 <= n <= 8. + // They are all for base-2 bucket schemas, where 1 is a bucket boundary in each case, and + // then each power of two is divided into 2^n logarithmic buckets. + // Or in other words, each bucket boundary is the previous boundary times 2^(2^-n). + // In the future, more bucket schemas may be added using numbers < -4 or > 8. + Schema *int32 `protobuf:"zigzag32,5,opt,name=schema" json:"schema,omitempty"` + ZeroThreshold *float64 `protobuf:"fixed64,6,opt,name=zero_threshold,json=zeroThreshold" json:"zero_threshold,omitempty"` + ZeroCount *uint64 `protobuf:"varint,7,opt,name=zero_count,json=zeroCount" json:"zero_count,omitempty"` + ZeroCountFloat *float64 `protobuf:"fixed64,8,opt,name=zero_count_float,json=zeroCountFloat" json:"zero_count_float,omitempty"` + // Negative buckets for the native histogram. + NegativeSpan []*BucketSpan `protobuf:"bytes,9,rep,name=negative_span,json=negativeSpan" json:"negative_span,omitempty"` + // Use either "negative_delta" or "negative_count", the former for + // regular histograms with integer counts, the latter for float + // histograms. + NegativeDelta []int64 `protobuf:"zigzag64,10,rep,name=negative_delta,json=negativeDelta" json:"negative_delta,omitempty"` + NegativeCount []float64 `protobuf:"fixed64,11,rep,name=negative_count,json=negativeCount" json:"negative_count,omitempty"` + // Positive buckets for the native histogram. + PositiveSpan []*BucketSpan `protobuf:"bytes,12,rep,name=positive_span,json=positiveSpan" json:"positive_span,omitempty"` + // Use either "positive_delta" or "positive_count", the former for + // regular histograms with integer counts, the latter for float + // histograms. + PositiveDelta []int64 `protobuf:"zigzag64,13,rep,name=positive_delta,json=positiveDelta" json:"positive_delta,omitempty"` + PositiveCount []float64 `protobuf:"fixed64,14,rep,name=positive_count,json=positiveCount" json:"positive_count,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` XXX_unrecognized []byte `json:"-"` XXX_sizecache int32 `json:"-"` @@ -357,7 +391,7 @@ func (m *Histogram) Reset() { *m = Histogram{} } func (m *Histogram) String() string { return proto.CompactTextString(m) } func (*Histogram) ProtoMessage() {} func (*Histogram) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{6} + return fileDescriptor_d1e5ddb18987a258, []int{6} } func (m *Histogram) XXX_Unmarshal(b []byte) error { @@ -385,6 +419,13 @@ func (m *Histogram) GetSampleCount() uint64 { return 0 } +func (m *Histogram) GetSampleCountFloat() float64 { + if m != nil && m.SampleCountFloat != nil { + return *m.SampleCountFloat + } + return 0 +} + func (m *Histogram) GetSampleSum() float64 { if m != nil && m.SampleSum != nil { return *m.SampleSum @@ -399,8 +440,81 @@ func (m *Histogram) GetBucket() []*Bucket { return nil } +func (m *Histogram) GetSchema() int32 { + if m != nil && m.Schema != nil { + return *m.Schema + } + return 0 +} + +func (m *Histogram) GetZeroThreshold() float64 { + if m != nil && m.ZeroThreshold != nil { + return *m.ZeroThreshold + } + return 0 +} + +func (m *Histogram) GetZeroCount() uint64 { + if m != nil && m.ZeroCount != nil { + return *m.ZeroCount + } + return 0 +} + +func (m *Histogram) GetZeroCountFloat() float64 { + if m != nil && m.ZeroCountFloat != nil { + return *m.ZeroCountFloat + } + return 0 +} + +func (m *Histogram) GetNegativeSpan() []*BucketSpan { + if m != nil { + return m.NegativeSpan + } + return nil +} + +func (m *Histogram) GetNegativeDelta() []int64 { + if m != nil { + return m.NegativeDelta + } + return nil +} + +func (m *Histogram) GetNegativeCount() []float64 { + if m != nil { + return m.NegativeCount + } + return nil +} + +func (m *Histogram) GetPositiveSpan() []*BucketSpan { + if m != nil { + return m.PositiveSpan + } + return nil +} + +func (m *Histogram) GetPositiveDelta() []int64 { + if m != nil { + return m.PositiveDelta + } + return nil +} + +func (m *Histogram) GetPositiveCount() []float64 { + if m != nil { + return m.PositiveCount + } + return nil +} + +// A Bucket of a conventional histogram, each of which is treated as +// an individual counter-like time series by Prometheus. type Bucket struct { CumulativeCount *uint64 `protobuf:"varint,1,opt,name=cumulative_count,json=cumulativeCount" json:"cumulative_count,omitempty"` + CumulativeCountFloat *float64 `protobuf:"fixed64,4,opt,name=cumulative_count_float,json=cumulativeCountFloat" json:"cumulative_count_float,omitempty"` UpperBound *float64 `protobuf:"fixed64,2,opt,name=upper_bound,json=upperBound" json:"upper_bound,omitempty"` Exemplar *Exemplar `protobuf:"bytes,3,opt,name=exemplar" json:"exemplar,omitempty"` XXX_NoUnkeyedLiteral struct{} `json:"-"` @@ -412,7 +526,7 @@ func (m *Bucket) Reset() { *m = Bucket{} } func (m *Bucket) String() string { return proto.CompactTextString(m) } func (*Bucket) ProtoMessage() {} func (*Bucket) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{7} + return fileDescriptor_d1e5ddb18987a258, []int{7} } func (m *Bucket) XXX_Unmarshal(b []byte) error { @@ -440,6 +554,13 @@ func (m *Bucket) GetCumulativeCount() uint64 { return 0 } +func (m *Bucket) GetCumulativeCountFloat() float64 { + if m != nil && m.CumulativeCountFloat != nil { + return *m.CumulativeCountFloat + } + return 0 +} + func (m *Bucket) GetUpperBound() float64 { if m != nil && m.UpperBound != nil { return *m.UpperBound @@ -454,6 +575,59 @@ func (m *Bucket) GetExemplar() *Exemplar { return nil } +// A BucketSpan defines a number of consecutive buckets in a native +// histogram with their offset. Logically, it would be more +// straightforward to include the bucket counts in the Span. However, +// the protobuf representation is more compact in the way the data is +// structured here (with all the buckets in a single array separate +// from the Spans). +type BucketSpan struct { + Offset *int32 `protobuf:"zigzag32,1,opt,name=offset" json:"offset,omitempty"` + Length *uint32 `protobuf:"varint,2,opt,name=length" json:"length,omitempty"` + XXX_NoUnkeyedLiteral struct{} `json:"-"` + XXX_unrecognized []byte `json:"-"` + XXX_sizecache int32 `json:"-"` +} + +func (m *BucketSpan) Reset() { *m = BucketSpan{} } +func (m *BucketSpan) String() string { return proto.CompactTextString(m) } +func (*BucketSpan) ProtoMessage() {} +func (*BucketSpan) Descriptor() ([]byte, []int) { + return fileDescriptor_d1e5ddb18987a258, []int{8} +} + +func (m *BucketSpan) XXX_Unmarshal(b []byte) error { + return xxx_messageInfo_BucketSpan.Unmarshal(m, b) +} +func (m *BucketSpan) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { + return xxx_messageInfo_BucketSpan.Marshal(b, m, deterministic) +} +func (m *BucketSpan) XXX_Merge(src proto.Message) { + xxx_messageInfo_BucketSpan.Merge(m, src) +} +func (m *BucketSpan) XXX_Size() int { + return xxx_messageInfo_BucketSpan.Size(m) +} +func (m *BucketSpan) XXX_DiscardUnknown() { + xxx_messageInfo_BucketSpan.DiscardUnknown(m) +} + +var xxx_messageInfo_BucketSpan proto.InternalMessageInfo + +func (m *BucketSpan) GetOffset() int32 { + if m != nil && m.Offset != nil { + return *m.Offset + } + return 0 +} + +func (m *BucketSpan) GetLength() uint32 { + if m != nil && m.Length != nil { + return *m.Length + } + return 0 +} + type Exemplar struct { Label []*LabelPair `protobuf:"bytes,1,rep,name=label" json:"label,omitempty"` Value *float64 `protobuf:"fixed64,2,opt,name=value" json:"value,omitempty"` @@ -467,7 +641,7 @@ func (m *Exemplar) Reset() { *m = Exemplar{} } func (m *Exemplar) String() string { return proto.CompactTextString(m) } func (*Exemplar) ProtoMessage() {} func (*Exemplar) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{8} + return fileDescriptor_d1e5ddb18987a258, []int{9} } func (m *Exemplar) XXX_Unmarshal(b []byte) error { @@ -526,7 +700,7 @@ func (m *Metric) Reset() { *m = Metric{} } func (m *Metric) String() string { return proto.CompactTextString(m) } func (*Metric) ProtoMessage() {} func (*Metric) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{9} + return fileDescriptor_d1e5ddb18987a258, []int{10} } func (m *Metric) XXX_Unmarshal(b []byte) error { @@ -610,7 +784,7 @@ func (m *MetricFamily) Reset() { *m = MetricFamily{} } func (m *MetricFamily) String() string { return proto.CompactTextString(m) } func (*MetricFamily) ProtoMessage() {} func (*MetricFamily) Descriptor() ([]byte, []int) { - return fileDescriptor_6039342a2ba47b72, []int{10} + return fileDescriptor_d1e5ddb18987a258, []int{11} } func (m *MetricFamily) XXX_Unmarshal(b []byte) error { @@ -669,55 +843,72 @@ func init() { proto.RegisterType((*Untyped)(nil), "io.prometheus.client.Untyped") proto.RegisterType((*Histogram)(nil), "io.prometheus.client.Histogram") proto.RegisterType((*Bucket)(nil), "io.prometheus.client.Bucket") + proto.RegisterType((*BucketSpan)(nil), "io.prometheus.client.BucketSpan") proto.RegisterType((*Exemplar)(nil), "io.prometheus.client.Exemplar") proto.RegisterType((*Metric)(nil), "io.prometheus.client.Metric") proto.RegisterType((*MetricFamily)(nil), "io.prometheus.client.MetricFamily") } -func init() { proto.RegisterFile("metrics.proto", fileDescriptor_6039342a2ba47b72) } - -var fileDescriptor_6039342a2ba47b72 = []byte{ - // 665 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x54, 0xcd, 0x6e, 0xd3, 0x4c, - 0x14, 0xfd, 0xdc, 0x38, 0x3f, 0xbe, 0x69, 0x3f, 0xa2, 0x51, 0x17, 0x56, 0xa1, 0x24, 0x78, 0x55, - 0x58, 0x38, 0xa2, 0x6a, 0x05, 0x2a, 0xb0, 0x68, 0x4b, 0x48, 0x91, 0x48, 0x5b, 0x26, 0xc9, 0xa2, - 0xb0, 0x88, 0x1c, 0x77, 0x70, 0x2c, 0x3c, 0xb1, 0xb1, 0x67, 0x2a, 0xb2, 0x66, 0xc1, 0x16, 0x5e, - 0x81, 0x17, 0x05, 0xcd, 0x8f, 0x6d, 0x2a, 0xb9, 0x95, 0x40, 0xec, 0x66, 0xee, 0x3d, 0xe7, 0xfa, - 0xcc, 0xf8, 0x9c, 0x81, 0x0d, 0x4a, 0x58, 0x1a, 0xfa, 0x99, 0x9b, 0xa4, 0x31, 0x8b, 0xd1, 0x66, - 0x18, 0x8b, 0x15, 0x25, 0x6c, 0x41, 0x78, 0xe6, 0xfa, 0x51, 0x48, 0x96, 0x6c, 0xab, 0x1b, 0xc4, - 0x71, 0x10, 0x91, 0xbe, 0xc4, 0xcc, 0xf9, 0x87, 0x3e, 0x0b, 0x29, 0xc9, 0x98, 0x47, 0x13, 0x45, - 0x73, 0xf6, 0xc1, 0x7a, 0xe3, 0xcd, 0x49, 0x74, 0xee, 0x85, 0x29, 0x42, 0x60, 0x2e, 0x3d, 0x4a, - 0x6c, 0xa3, 0x67, 0xec, 0x58, 0x58, 0xae, 0xd1, 0x26, 0xd4, 0xaf, 0xbc, 0x88, 0x13, 0x7b, 0x4d, - 0x16, 0xd5, 0xc6, 0xd9, 0x86, 0xfa, 0xd0, 0xe3, 0xc1, 0x6f, 0x6d, 0xc1, 0x31, 0xf2, 0xf6, 0x7b, - 0x68, 0x1e, 0xc7, 0x7c, 0xc9, 0x48, 0x5a, 0x0d, 0x40, 0x07, 0xd0, 0x22, 0x9f, 0x09, 0x4d, 0x22, - 0x2f, 0x95, 0x83, 0xdb, 0xbb, 0xf7, 0xdd, 0xaa, 0x03, 0xb8, 0x03, 0x8d, 0xc2, 0x05, 0xde, 0x79, - 0x0e, 0xad, 0xb7, 0xdc, 0x5b, 0xb2, 0x30, 0x22, 0x68, 0x0b, 0x5a, 0x9f, 0xf4, 0x5a, 0x7f, 0xa0, - 0xd8, 0x5f, 0x57, 0x5e, 0x48, 0xfb, 0x6a, 0x40, 0x73, 0xcc, 0x29, 0xf5, 0xd2, 0x15, 0x7a, 0x00, - 0xeb, 0x99, 0x47, 0x93, 0x88, 0xcc, 0x7c, 0xa1, 0x56, 0x4e, 0x30, 0x71, 0x5b, 0xd5, 0xe4, 0x01, - 0xd0, 0x36, 0x80, 0x86, 0x64, 0x9c, 0xea, 0x49, 0x96, 0xaa, 0x8c, 0x39, 0x15, 0xe7, 0x28, 0xbe, - 0x5f, 0xeb, 0xd5, 0x6e, 0x3e, 0x47, 0xae, 0xb8, 0xd4, 0xe7, 0x74, 0xa1, 0x39, 0x5d, 0xb2, 0x55, - 0x42, 0x2e, 0x6f, 0xb8, 0xc5, 0x2f, 0x06, 0x58, 0x27, 0x61, 0xc6, 0xe2, 0x20, 0xf5, 0xe8, 0x3f, - 0x10, 0xbb, 0x07, 0x8d, 0x39, 0xf7, 0x3f, 0x12, 0xa6, 0xa5, 0xde, 0xab, 0x96, 0x7a, 0x24, 0x31, - 0x58, 0x63, 0x9d, 0x6f, 0x06, 0x34, 0x54, 0x09, 0x3d, 0x84, 0x8e, 0xcf, 0x29, 0x8f, 0x3c, 0x16, - 0x5e, 0x5d, 0x97, 0x71, 0xa7, 0xac, 0x2b, 0x29, 0x5d, 0x68, 0xf3, 0x24, 0x21, 0xe9, 0x6c, 0x1e, - 0xf3, 0xe5, 0xa5, 0xd6, 0x02, 0xb2, 0x74, 0x24, 0x2a, 0xd7, 0x1c, 0x50, 0xfb, 0x43, 0x07, 0x7c, - 0x37, 0xa0, 0x95, 0x97, 0xd1, 0x3e, 0xd4, 0x23, 0xe1, 0x60, 0xdb, 0x90, 0x87, 0xea, 0x56, 0x4f, - 0x29, 0x4c, 0x8e, 0x15, 0xba, 0xda, 0x1d, 0xe8, 0x29, 0x58, 0x45, 0x42, 0xb4, 0xac, 0x2d, 0x57, - 0x65, 0xc8, 0xcd, 0x33, 0xe4, 0x4e, 0x72, 0x04, 0x2e, 0xc1, 0xce, 0xcf, 0x35, 0x68, 0x8c, 0x64, - 0x22, 0xff, 0x56, 0xd1, 0x63, 0xa8, 0x07, 0x22, 0x53, 0x3a, 0x10, 0x77, 0xab, 0x69, 0x32, 0x76, - 0x58, 0x21, 0xd1, 0x13, 0x68, 0xfa, 0x2a, 0x67, 0x5a, 0xec, 0x76, 0x35, 0x49, 0x87, 0x11, 0xe7, - 0x68, 0x41, 0xcc, 0x54, 0x08, 0x6c, 0xf3, 0x36, 0xa2, 0x4e, 0x0a, 0xce, 0xd1, 0x82, 0xc8, 0x95, - 0x69, 0xed, 0xfa, 0x6d, 0x44, 0xed, 0x6c, 0x9c, 0xa3, 0xd1, 0x0b, 0xb0, 0x16, 0xb9, 0x97, 0xed, - 0xa6, 0xa4, 0xde, 0x70, 0x31, 0x85, 0xe5, 0x71, 0xc9, 0x10, 0xee, 0x2f, 0xee, 0x7a, 0x46, 0x33, - 0xbb, 0xd1, 0x33, 0x76, 0x6a, 0xb8, 0x5d, 0xd4, 0x46, 0x99, 0xf3, 0xc3, 0x80, 0x75, 0xf5, 0x07, - 0x5e, 0x79, 0x34, 0x8c, 0x56, 0x95, 0xcf, 0x19, 0x02, 0x73, 0x41, 0xa2, 0x44, 0xbf, 0x66, 0x72, - 0x8d, 0xf6, 0xc0, 0x14, 0x1a, 0xe5, 0x15, 0xfe, 0xbf, 0xdb, 0xab, 0x56, 0xa5, 0x26, 0x4f, 0x56, - 0x09, 0xc1, 0x12, 0x2d, 0xd2, 0xa4, 0x5e, 0x60, 0xdb, 0xbc, 0x2d, 0x4d, 0x8a, 0x87, 0x35, 0xf6, - 0xd1, 0x08, 0xa0, 0x9c, 0x84, 0xda, 0xd0, 0x3c, 0x3e, 0x9b, 0x9e, 0x4e, 0x06, 0xb8, 0xf3, 0x1f, - 0xb2, 0xa0, 0x3e, 0x3c, 0x9c, 0x0e, 0x07, 0x1d, 0x43, 0xd4, 0xc7, 0xd3, 0xd1, 0xe8, 0x10, 0x5f, - 0x74, 0xd6, 0xc4, 0x66, 0x7a, 0x3a, 0xb9, 0x38, 0x1f, 0xbc, 0xec, 0xd4, 0xd0, 0x06, 0x58, 0x27, - 0xaf, 0xc7, 0x93, 0xb3, 0x21, 0x3e, 0x1c, 0x75, 0xcc, 0x23, 0x0c, 0x95, 0xef, 0xfe, 0xbb, 0x83, - 0x20, 0x64, 0x0b, 0x3e, 0x77, 0xfd, 0x98, 0xf6, 0xcb, 0x6e, 0x5f, 0x75, 0x67, 0x34, 0xbe, 0x24, - 0x51, 0x3f, 0x88, 0x9f, 0x85, 0xf1, 0xac, 0xec, 0xce, 0x54, 0xf7, 0x57, 0x00, 0x00, 0x00, 0xff, - 0xff, 0xd0, 0x84, 0x91, 0x73, 0x59, 0x06, 0x00, 0x00, +func init() { + proto.RegisterFile("io/prometheus/client/metrics.proto", fileDescriptor_d1e5ddb18987a258) +} + +var fileDescriptor_d1e5ddb18987a258 = []byte{ + // 896 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x8e, 0xdb, 0x44, + 0x18, 0xc5, 0x9b, 0x5f, 0x7f, 0xd9, 0x6c, 0xd3, 0x61, 0x55, 0x59, 0x0b, 0xcb, 0x06, 0x4b, 0x48, + 0x0b, 0x42, 0x8e, 0x40, 0x5b, 0x81, 0x0a, 0x5c, 0xec, 0xb6, 0xe9, 0x16, 0x89, 0xb4, 0x65, 0x92, + 0x5c, 0x14, 0x2e, 0xac, 0x49, 0x32, 0xeb, 0x58, 0x78, 0x3c, 0xc6, 0x1e, 0x57, 0x2c, 0x2f, 0xc0, + 0x35, 0xaf, 0xc0, 0xc3, 0xf0, 0x22, 0x3c, 0x08, 0x68, 0xfe, 0xec, 0xdd, 0xe2, 0x94, 0xd2, 0x3b, + 0x7f, 0x67, 0xce, 0xf7, 0xcd, 0x39, 0xe3, 0xc9, 0x71, 0xc0, 0x8f, 0xf9, 0x24, 0xcb, 0x39, 0xa3, + 0x62, 0x4b, 0xcb, 0x62, 0xb2, 0x4e, 0x62, 0x9a, 0x8a, 0x09, 0xa3, 0x22, 0x8f, 0xd7, 0x45, 0x90, + 0xe5, 0x5c, 0x70, 0x74, 0x18, 0xf3, 0xa0, 0xe6, 0x04, 0x9a, 0x73, 0x74, 0x12, 0x71, 0x1e, 0x25, + 0x74, 0xa2, 0x38, 0xab, 0xf2, 0x6a, 0x22, 0x62, 0x46, 0x0b, 0x41, 0x58, 0xa6, 0xdb, 0xfc, 0xfb, + 0xe0, 0x7e, 0x47, 0x56, 0x34, 0x79, 0x4e, 0xe2, 0x1c, 0x21, 0x68, 0xa7, 0x84, 0x51, 0xcf, 0x19, + 0x3b, 0xa7, 0x2e, 0x56, 0xcf, 0xe8, 0x10, 0x3a, 0x2f, 0x49, 0x52, 0x52, 0x6f, 0x4f, 0x81, 0xba, + 0xf0, 0x8f, 0xa1, 0x73, 0x49, 0xca, 0xe8, 0xc6, 0xb2, 0xec, 0x71, 0xec, 0xf2, 0x8f, 0xd0, 0x7b, + 0xc8, 0xcb, 0x54, 0xd0, 0xbc, 0x99, 0x80, 0x1e, 0x40, 0x9f, 0xfe, 0x42, 0x59, 0x96, 0x90, 0x5c, + 0x0d, 0x1e, 0x7c, 0xfe, 0x41, 0xd0, 0x64, 0x20, 0x98, 0x1a, 0x16, 0xae, 0xf8, 0xfe, 0xd7, 0xd0, + 0xff, 0xbe, 0x24, 0xa9, 0x88, 0x13, 0x8a, 0x8e, 0xa0, 0xff, 0xb3, 0x79, 0x36, 0x1b, 0x54, 0xf5, + 0x6d, 0xe5, 0x95, 0xb4, 0xdf, 0x1c, 0xe8, 0xcd, 0x4b, 0xc6, 0x48, 0x7e, 0x8d, 0x3e, 0x84, 0xfd, + 0x82, 0xb0, 0x2c, 0xa1, 0xe1, 0x5a, 0xaa, 0x55, 0x13, 0xda, 0x78, 0xa0, 0x31, 0x65, 0x00, 0x1d, + 0x03, 0x18, 0x4a, 0x51, 0x32, 0x33, 0xc9, 0xd5, 0xc8, 0xbc, 0x64, 0xd2, 0x47, 0xb5, 0x7f, 0x6b, + 0xdc, 0xda, 0xed, 0xc3, 0x2a, 0xae, 0xf5, 0xf9, 0x27, 0xd0, 0x5b, 0xa6, 0xe2, 0x3a, 0xa3, 0x9b, + 0x1d, 0xa7, 0xf8, 0x57, 0x1b, 0xdc, 0x27, 0x71, 0x21, 0x78, 0x94, 0x13, 0xf6, 0x26, 0x62, 0x3f, + 0x05, 0x74, 0x93, 0x12, 0x5e, 0x25, 0x9c, 0x08, 0xaf, 0xad, 0x66, 0x8e, 0x6e, 0x10, 0x1f, 0x4b, + 0xfc, 0xbf, 0xac, 0x9d, 0x41, 0x77, 0x55, 0xae, 0x7f, 0xa2, 0xc2, 0x18, 0x7b, 0xbf, 0xd9, 0xd8, + 0x85, 0xe2, 0x60, 0xc3, 0x45, 0xf7, 0xa0, 0x5b, 0xac, 0xb7, 0x94, 0x11, 0xaf, 0x33, 0x76, 0x4e, + 0xef, 0x62, 0x53, 0xa1, 0x8f, 0xe0, 0xe0, 0x57, 0x9a, 0xf3, 0x50, 0x6c, 0x73, 0x5a, 0x6c, 0x79, + 0xb2, 0xf1, 0xba, 0x6a, 0xc3, 0xa1, 0x44, 0x17, 0x16, 0x94, 0x9a, 0x14, 0x4d, 0x5b, 0xec, 0x29, + 0x8b, 0xae, 0x44, 0xb4, 0xc1, 0x53, 0x18, 0xd5, 0xcb, 0xc6, 0x5e, 0x5f, 0xcd, 0x39, 0xa8, 0x48, + 0xda, 0xdc, 0x14, 0x86, 0x29, 0x8d, 0x88, 0x88, 0x5f, 0xd2, 0xb0, 0xc8, 0x48, 0xea, 0xb9, 0xca, + 0xc4, 0xf8, 0x75, 0x26, 0xe6, 0x19, 0x49, 0xf1, 0xbe, 0x6d, 0x93, 0x95, 0x94, 0x5d, 0x8d, 0xd9, + 0xd0, 0x44, 0x10, 0x0f, 0xc6, 0xad, 0x53, 0x84, 0xab, 0xe1, 0x8f, 0x24, 0x78, 0x8b, 0xa6, 0xa5, + 0x0f, 0xc6, 0x2d, 0xe9, 0xce, 0xa2, 0x5a, 0xfe, 0x14, 0x86, 0x19, 0x2f, 0xe2, 0x5a, 0xd4, 0xfe, + 0x9b, 0x8a, 0xb2, 0x6d, 0x56, 0x54, 0x35, 0x46, 0x8b, 0x1a, 0x6a, 0x51, 0x16, 0xad, 0x44, 0x55, + 0x34, 0x2d, 0xea, 0x40, 0x8b, 0xb2, 0xa8, 0x12, 0xe5, 0xff, 0xe9, 0x40, 0x57, 0x6f, 0x85, 0x3e, + 0x86, 0xd1, 0xba, 0x64, 0x65, 0x72, 0xd3, 0x88, 0xbe, 0x66, 0x77, 0x6a, 0x5c, 0x5b, 0x39, 0x83, + 0x7b, 0xaf, 0x52, 0x6f, 0x5d, 0xb7, 0xc3, 0x57, 0x1a, 0xf4, 0x5b, 0x39, 0x81, 0x41, 0x99, 0x65, + 0x34, 0x0f, 0x57, 0xbc, 0x4c, 0x37, 0xe6, 0xce, 0x81, 0x82, 0x2e, 0x24, 0x72, 0x2b, 0x17, 0x5a, + 0xff, 0x3b, 0x17, 0xa0, 0x3e, 0x32, 0x79, 0x11, 0xf9, 0xd5, 0x55, 0x41, 0xb5, 0x83, 0xbb, 0xd8, + 0x54, 0x12, 0x4f, 0x68, 0x1a, 0x89, 0xad, 0xda, 0x7d, 0x88, 0x4d, 0xe5, 0xff, 0xee, 0x40, 0xdf, + 0x0e, 0x45, 0xf7, 0xa1, 0x93, 0xc8, 0x54, 0xf4, 0x1c, 0xf5, 0x82, 0x4e, 0x9a, 0x35, 0x54, 0xc1, + 0x89, 0x35, 0xbb, 0x39, 0x71, 0xd0, 0x97, 0xe0, 0x56, 0xa9, 0x6b, 0x4c, 0x1d, 0x05, 0x3a, 0x97, + 0x03, 0x9b, 0xcb, 0xc1, 0xc2, 0x32, 0x70, 0x4d, 0xf6, 0xff, 0xde, 0x83, 0xee, 0x4c, 0xa5, 0xfc, + 0xdb, 0x2a, 0xfa, 0x0c, 0x3a, 0x91, 0xcc, 0x69, 0x13, 0xb2, 0xef, 0x35, 0xb7, 0xa9, 0x28, 0xc7, + 0x9a, 0x89, 0xbe, 0x80, 0xde, 0x5a, 0x67, 0xb7, 0x11, 0x7b, 0xdc, 0xdc, 0x64, 0x02, 0x1e, 0x5b, + 0xb6, 0x6c, 0x2c, 0x74, 0xb0, 0xaa, 0x3b, 0xb0, 0xb3, 0xd1, 0xa4, 0x2f, 0xb6, 0x6c, 0xd9, 0x58, + 0xea, 0x20, 0x54, 0xa1, 0xb1, 0xb3, 0xd1, 0xa4, 0x25, 0xb6, 0x6c, 0xf4, 0x0d, 0xb8, 0x5b, 0x9b, + 0x8f, 0x2a, 0x2c, 0x76, 0x1e, 0x4c, 0x15, 0xa3, 0xb8, 0xee, 0x90, 0x89, 0x5a, 0x9d, 0x75, 0xc8, + 0x0a, 0x95, 0x48, 0x2d, 0x3c, 0xa8, 0xb0, 0x59, 0xe1, 0xff, 0xe1, 0xc0, 0xbe, 0x7e, 0x03, 0x8f, + 0x09, 0x8b, 0x93, 0xeb, 0xc6, 0x4f, 0x24, 0x82, 0xf6, 0x96, 0x26, 0x99, 0xf9, 0x42, 0xaa, 0x67, + 0x74, 0x06, 0x6d, 0xa9, 0x51, 0x1d, 0xe1, 0xc1, 0xae, 0x5f, 0xb8, 0x9e, 0xbc, 0xb8, 0xce, 0x28, + 0x56, 0x6c, 0x99, 0xb9, 0xfa, 0xab, 0xee, 0xb5, 0x5f, 0x97, 0xb9, 0xba, 0x0f, 0x1b, 0xee, 0x27, + 0x2b, 0x80, 0x7a, 0x12, 0x1a, 0x40, 0xef, 0xe1, 0xb3, 0xe5, 0xd3, 0xc5, 0x14, 0x8f, 0xde, 0x41, + 0x2e, 0x74, 0x2e, 0xcf, 0x97, 0x97, 0xd3, 0x91, 0x23, 0xf1, 0xf9, 0x72, 0x36, 0x3b, 0xc7, 0x2f, + 0x46, 0x7b, 0xb2, 0x58, 0x3e, 0x5d, 0xbc, 0x78, 0x3e, 0x7d, 0x34, 0x6a, 0xa1, 0x21, 0xb8, 0x4f, + 0xbe, 0x9d, 0x2f, 0x9e, 0x5d, 0xe2, 0xf3, 0xd9, 0xa8, 0x8d, 0xde, 0x85, 0x3b, 0xaa, 0x27, 0xac, + 0xc1, 0xce, 0x05, 0x86, 0xc6, 0x3f, 0x18, 0x3f, 0x3c, 0x88, 0x62, 0xb1, 0x2d, 0x57, 0xc1, 0x9a, + 0xb3, 0x7f, 0xff, 0x45, 0x09, 0x19, 0xdf, 0xd0, 0x64, 0x12, 0xf1, 0xaf, 0x62, 0x1e, 0xd6, 0xab, + 0xa1, 0x5e, 0xfd, 0x27, 0x00, 0x00, 0xff, 0xff, 0x16, 0x77, 0x81, 0x98, 0xd7, 0x08, 0x00, 0x00, } diff --git a/vendor/github.com/prometheus/common/expfmt/decode.go b/vendor/github.com/prometheus/common/expfmt/decode.go index 7657f841d..f4fc88455 100644 --- a/vendor/github.com/prometheus/common/expfmt/decode.go +++ b/vendor/github.com/prometheus/common/expfmt/decode.go @@ -115,32 +115,28 @@ func (d *protoDecoder) Decode(v *dto.MetricFamily) error { // textDecoder implements the Decoder interface for the text protocol. type textDecoder struct { r io.Reader - p TextParser - fams []*dto.MetricFamily + fams map[string]*dto.MetricFamily + err error } // Decode implements the Decoder interface. func (d *textDecoder) Decode(v *dto.MetricFamily) error { - // TODO(fabxc): Wrap this as a line reader to make streaming safer. - if len(d.fams) == 0 { - // No cached metric families, read everything and parse metrics. - fams, err := d.p.TextToMetricFamilies(d.r) - if err != nil { - return err - } - if len(fams) == 0 { - return io.EOF - } - d.fams = make([]*dto.MetricFamily, 0, len(fams)) - for _, f := range fams { - d.fams = append(d.fams, f) + if d.err == nil { + // Read all metrics in one shot. + var p TextParser + d.fams, d.err = p.TextToMetricFamilies(d.r) + // If we don't get an error, store io.EOF for the end. + if d.err == nil { + d.err = io.EOF } } - - *v = *d.fams[0] - d.fams = d.fams[1:] - - return nil + // Pick off one MetricFamily per Decode until there's nothing left. + for key, fam := range d.fams { + *v = *fam + delete(d.fams, key) + return nil + } + return d.err } // SampleDecoder wraps a Decoder to extract samples from the metric families diff --git a/vendor/github.com/prometheus/common/expfmt/fuzz.go b/vendor/github.com/prometheus/common/expfmt/fuzz.go index f819e4f8b..dfac962a4 100644 --- a/vendor/github.com/prometheus/common/expfmt/fuzz.go +++ b/vendor/github.com/prometheus/common/expfmt/fuzz.go @@ -21,8 +21,8 @@ import "bytes" // Fuzz text metric parser with with github.com/dvyukov/go-fuzz: // -// go-fuzz-build github.com/prometheus/common/expfmt -// go-fuzz -bin expfmt-fuzz.zip -workdir fuzz +// go-fuzz-build github.com/prometheus/common/expfmt +// go-fuzz -bin expfmt-fuzz.zip -workdir fuzz // // Further input samples should go in the folder fuzz/corpus. func Fuzz(in []byte) int { diff --git a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go index 9d94ae9ef..21cdddcf0 100644 --- a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go +++ b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go @@ -46,20 +46,20 @@ import ( // missing features and peculiarities to avoid complications when switching from // Prometheus to OpenMetrics or vice versa: // -// - Counters are expected to have the `_total` suffix in their metric name. In -// the output, the suffix will be truncated from the `# TYPE` and `# HELP` -// line. A counter with a missing `_total` suffix is not an error. However, -// its type will be set to `unknown` in that case to avoid invalid OpenMetrics -// output. +// - Counters are expected to have the `_total` suffix in their metric name. In +// the output, the suffix will be truncated from the `# TYPE` and `# HELP` +// line. A counter with a missing `_total` suffix is not an error. However, +// its type will be set to `unknown` in that case to avoid invalid OpenMetrics +// output. // -// - No support for the following (optional) features: `# UNIT` line, `_created` -// line, info type, stateset type, gaugehistogram type. +// - No support for the following (optional) features: `# UNIT` line, `_created` +// line, info type, stateset type, gaugehistogram type. // -// - The size of exemplar labels is not checked (i.e. it's possible to create -// exemplars that are larger than allowed by the OpenMetrics specification). +// - The size of exemplar labels is not checked (i.e. it's possible to create +// exemplars that are larger than allowed by the OpenMetrics specification). // -// - The value of Counters is not checked. (OpenMetrics doesn't allow counters -// with a `NaN` value.) +// - The value of Counters is not checked. (OpenMetrics doesn't allow counters +// with a `NaN` value.) func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int, err error) { name := in.GetName() if name == "" { diff --git a/vendor/github.com/prometheus/common/expfmt/text_create.go b/vendor/github.com/prometheus/common/expfmt/text_create.go index 5ba503b06..2946b8f1a 100644 --- a/vendor/github.com/prometheus/common/expfmt/text_create.go +++ b/vendor/github.com/prometheus/common/expfmt/text_create.go @@ -17,7 +17,6 @@ import ( "bufio" "fmt" "io" - "io/ioutil" "math" "strconv" "strings" @@ -44,7 +43,7 @@ const ( var ( bufPool = sync.Pool{ New: func() interface{} { - return bufio.NewWriter(ioutil.Discard) + return bufio.NewWriter(io.Discard) }, } numBufPool = sync.Pool{ diff --git a/vendor/github.com/prometheus/common/expfmt/text_parse.go b/vendor/github.com/prometheus/common/expfmt/text_parse.go index 84be0643e..ac2482782 100644 --- a/vendor/github.com/prometheus/common/expfmt/text_parse.go +++ b/vendor/github.com/prometheus/common/expfmt/text_parse.go @@ -142,9 +142,13 @@ func (p *TextParser) reset(in io.Reader) { func (p *TextParser) startOfLine() stateFn { p.lineCount++ if p.skipBlankTab(); p.err != nil { - // End of input reached. This is the only case where - // that is not an error but a signal that we are done. - p.err = nil + // This is the only place that we expect to see io.EOF, + // which is not an error but the signal that we are done. + // Any other error that happens to align with the start of + // a line is still an error. + if p.err == io.EOF { + p.err = nil + } return nil } switch p.currentByte { diff --git a/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go b/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go index 26e92288c..a21b9d15d 100644 --- a/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go +++ b/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go @@ -11,18 +11,18 @@ Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: - Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. + Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. - Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in - the documentation and/or other materials provided with the - distribution. + Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. - Neither the name of the Open Knowledge Foundation Ltd. nor the - names of its contributors may be used to endorse or promote - products derived from this software without specific prior written - permission. + Neither the name of the Open Knowledge Foundation Ltd. nor the + names of its contributors may be used to endorse or promote + products derived from this software without specific prior written + permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT @@ -35,8 +35,6 @@ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - */ package goautoneg diff --git a/vendor/github.com/prometheus/common/model/time.go b/vendor/github.com/prometheus/common/model/time.go index c909b8aa8..5727452c1 100644 --- a/vendor/github.com/prometheus/common/model/time.go +++ b/vendor/github.com/prometheus/common/model/time.go @@ -18,7 +18,6 @@ import ( "errors" "fmt" "math" - "regexp" "strconv" "strings" "time" @@ -183,54 +182,78 @@ func (d *Duration) Type() string { return "duration" } -var durationRE = regexp.MustCompile("^(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?$") +func isdigit(c byte) bool { return c >= '0' && c <= '9' } + +// Units are required to go in order from biggest to smallest. +// This guards against confusion from "1m1d" being 1 minute + 1 day, not 1 month + 1 day. +var unitMap = map[string]struct { + pos int + mult uint64 +}{ + "ms": {7, uint64(time.Millisecond)}, + "s": {6, uint64(time.Second)}, + "m": {5, uint64(time.Minute)}, + "h": {4, uint64(time.Hour)}, + "d": {3, uint64(24 * time.Hour)}, + "w": {2, uint64(7 * 24 * time.Hour)}, + "y": {1, uint64(365 * 24 * time.Hour)}, +} // ParseDuration parses a string into a time.Duration, assuming that a year // always has 365d, a week always has 7d, and a day always has 24h. -func ParseDuration(durationStr string) (Duration, error) { - switch durationStr { +func ParseDuration(s string) (Duration, error) { + switch s { case "0": // Allow 0 without a unit. return 0, nil case "": return 0, errors.New("empty duration string") } - matches := durationRE.FindStringSubmatch(durationStr) - if matches == nil { - return 0, fmt.Errorf("not a valid duration string: %q", durationStr) - } - var dur time.Duration - // Parse the match at pos `pos` in the regex and use `mult` to turn that - // into ms, then add that value to the total parsed duration. - var overflowErr error - m := func(pos int, mult time.Duration) { - if matches[pos] == "" { - return + orig := s + var dur uint64 + lastUnitPos := 0 + + for s != "" { + if !isdigit(s[0]) { + return 0, fmt.Errorf("not a valid duration string: %q", orig) + } + // Consume [0-9]* + i := 0 + for ; i < len(s) && isdigit(s[i]); i++ { + } + v, err := strconv.ParseUint(s[:i], 10, 0) + if err != nil { + return 0, fmt.Errorf("not a valid duration string: %q", orig) } - n, _ := strconv.Atoi(matches[pos]) + s = s[i:] + // Consume unit. + for i = 0; i < len(s) && !isdigit(s[i]); i++ { + } + if i == 0 { + return 0, fmt.Errorf("not a valid duration string: %q", orig) + } + u := s[:i] + s = s[i:] + unit, ok := unitMap[u] + if !ok { + return 0, fmt.Errorf("unknown unit %q in duration %q", u, orig) + } + if unit.pos <= lastUnitPos { // Units must go in order from biggest to smallest. + return 0, fmt.Errorf("not a valid duration string: %q", orig) + } + lastUnitPos = unit.pos // Check if the provided duration overflows time.Duration (> ~ 290years). - if n > int((1<<63-1)/mult/time.Millisecond) { - overflowErr = errors.New("duration out of range") + if v > 1<<63/unit.mult { + return 0, errors.New("duration out of range") } - d := time.Duration(n) * time.Millisecond - dur += d * mult - - if dur < 0 { - overflowErr = errors.New("duration out of range") + dur += v * unit.mult + if dur > 1<<63-1 { + return 0, errors.New("duration out of range") } } - - m(2, 1000*60*60*24*365) // y - m(4, 1000*60*60*24*7) // w - m(6, 1000*60*60*24) // d - m(8, 1000*60*60) // h - m(10, 1000*60) // m - m(12, 1000) // s - m(14, 1) // ms - - return Duration(dur), overflowErr + return Duration(dur), nil } func (d Duration) String() string { diff --git a/vendor/github.com/prometheus/common/model/value.go b/vendor/github.com/prometheus/common/model/value.go index c9d8fb1a2..9eb440413 100644 --- a/vendor/github.com/prometheus/common/model/value.go +++ b/vendor/github.com/prometheus/common/model/value.go @@ -16,20 +16,12 @@ package model import ( "encoding/json" "fmt" - "math" "sort" "strconv" "strings" ) var ( - // ZeroSamplePair is the pseudo zero-value of SamplePair used to signal a - // non-existing sample pair. It is a SamplePair with timestamp Earliest and - // value 0.0. Note that the natural zero value of SamplePair has a timestamp - // of 0, which is possible to appear in a real SamplePair and thus not - // suitable to signal a non-existing SamplePair. - ZeroSamplePair = SamplePair{Timestamp: Earliest} - // ZeroSample is the pseudo zero-value of Sample used to signal a // non-existing sample. It is a Sample with timestamp Earliest, value 0.0, // and metric nil. Note that the natural zero value of Sample has a timestamp @@ -38,82 +30,14 @@ var ( ZeroSample = Sample{Timestamp: Earliest} ) -// A SampleValue is a representation of a value for a given sample at a given -// time. -type SampleValue float64 - -// MarshalJSON implements json.Marshaler. -func (v SampleValue) MarshalJSON() ([]byte, error) { - return json.Marshal(v.String()) -} - -// UnmarshalJSON implements json.Unmarshaler. -func (v *SampleValue) UnmarshalJSON(b []byte) error { - if len(b) < 2 || b[0] != '"' || b[len(b)-1] != '"' { - return fmt.Errorf("sample value must be a quoted string") - } - f, err := strconv.ParseFloat(string(b[1:len(b)-1]), 64) - if err != nil { - return err - } - *v = SampleValue(f) - return nil -} - -// Equal returns true if the value of v and o is equal or if both are NaN. Note -// that v==o is false if both are NaN. If you want the conventional float -// behavior, use == to compare two SampleValues. -func (v SampleValue) Equal(o SampleValue) bool { - if v == o { - return true - } - return math.IsNaN(float64(v)) && math.IsNaN(float64(o)) -} - -func (v SampleValue) String() string { - return strconv.FormatFloat(float64(v), 'f', -1, 64) -} - -// SamplePair pairs a SampleValue with a Timestamp. -type SamplePair struct { - Timestamp Time - Value SampleValue -} - -// MarshalJSON implements json.Marshaler. -func (s SamplePair) MarshalJSON() ([]byte, error) { - t, err := json.Marshal(s.Timestamp) - if err != nil { - return nil, err - } - v, err := json.Marshal(s.Value) - if err != nil { - return nil, err - } - return []byte(fmt.Sprintf("[%s,%s]", t, v)), nil -} - -// UnmarshalJSON implements json.Unmarshaler. -func (s *SamplePair) UnmarshalJSON(b []byte) error { - v := [...]json.Unmarshaler{&s.Timestamp, &s.Value} - return json.Unmarshal(b, &v) -} - -// Equal returns true if this SamplePair and o have equal Values and equal -// Timestamps. The semantics of Value equality is defined by SampleValue.Equal. -func (s *SamplePair) Equal(o *SamplePair) bool { - return s == o || (s.Value.Equal(o.Value) && s.Timestamp.Equal(o.Timestamp)) -} - -func (s SamplePair) String() string { - return fmt.Sprintf("%s @[%s]", s.Value, s.Timestamp) -} - -// Sample is a sample pair associated with a metric. +// Sample is a sample pair associated with a metric. A single sample must either +// define Value or Histogram but not both. Histogram == nil implies the Value +// field is used, otherwise it should be ignored. type Sample struct { - Metric Metric `json:"metric"` - Value SampleValue `json:"value"` - Timestamp Time `json:"timestamp"` + Metric Metric `json:"metric"` + Value SampleValue `json:"value"` + Timestamp Time `json:"timestamp"` + Histogram *SampleHistogram `json:"histogram"` } // Equal compares first the metrics, then the timestamp, then the value. The @@ -129,11 +53,19 @@ func (s *Sample) Equal(o *Sample) bool { if !s.Timestamp.Equal(o.Timestamp) { return false } - + if s.Histogram != nil { + return s.Histogram.Equal(o.Histogram) + } return s.Value.Equal(o.Value) } func (s Sample) String() string { + if s.Histogram != nil { + return fmt.Sprintf("%s => %s", s.Metric, SampleHistogramPair{ + Timestamp: s.Timestamp, + Histogram: s.Histogram, + }) + } return fmt.Sprintf("%s => %s", s.Metric, SamplePair{ Timestamp: s.Timestamp, Value: s.Value, @@ -142,6 +74,19 @@ func (s Sample) String() string { // MarshalJSON implements json.Marshaler. func (s Sample) MarshalJSON() ([]byte, error) { + if s.Histogram != nil { + v := struct { + Metric Metric `json:"metric"` + Histogram SampleHistogramPair `json:"histogram"` + }{ + Metric: s.Metric, + Histogram: SampleHistogramPair{ + Timestamp: s.Timestamp, + Histogram: s.Histogram, + }, + } + return json.Marshal(&v) + } v := struct { Metric Metric `json:"metric"` Value SamplePair `json:"value"` @@ -152,21 +97,25 @@ func (s Sample) MarshalJSON() ([]byte, error) { Value: s.Value, }, } - return json.Marshal(&v) } // UnmarshalJSON implements json.Unmarshaler. func (s *Sample) UnmarshalJSON(b []byte) error { v := struct { - Metric Metric `json:"metric"` - Value SamplePair `json:"value"` + Metric Metric `json:"metric"` + Value SamplePair `json:"value"` + Histogram SampleHistogramPair `json:"histogram"` }{ Metric: s.Metric, Value: SamplePair{ Timestamp: s.Timestamp, Value: s.Value, }, + Histogram: SampleHistogramPair{ + Timestamp: s.Timestamp, + Histogram: s.Histogram, + }, } if err := json.Unmarshal(b, &v); err != nil { @@ -174,8 +123,13 @@ func (s *Sample) UnmarshalJSON(b []byte) error { } s.Metric = v.Metric - s.Timestamp = v.Value.Timestamp - s.Value = v.Value.Value + if v.Histogram.Histogram != nil { + s.Timestamp = v.Histogram.Timestamp + s.Histogram = v.Histogram.Histogram + } else { + s.Timestamp = v.Value.Timestamp + s.Value = v.Value.Value + } return nil } @@ -221,80 +175,76 @@ func (s Samples) Equal(o Samples) bool { // SampleStream is a stream of Values belonging to an attached COWMetric. type SampleStream struct { - Metric Metric `json:"metric"` - Values []SamplePair `json:"values"` + Metric Metric `json:"metric"` + Values []SamplePair `json:"values"` + Histograms []SampleHistogramPair `json:"histograms"` } func (ss SampleStream) String() string { - vals := make([]string, len(ss.Values)) + valuesLength := len(ss.Values) + vals := make([]string, valuesLength+len(ss.Histograms)) for i, v := range ss.Values { vals[i] = v.String() } + for i, v := range ss.Histograms { + vals[i+valuesLength] = v.String() + } return fmt.Sprintf("%s =>\n%s", ss.Metric, strings.Join(vals, "\n")) } -// Value is a generic interface for values resulting from a query evaluation. -type Value interface { - Type() ValueType - String() string +func (ss SampleStream) MarshalJSON() ([]byte, error) { + if len(ss.Histograms) > 0 && len(ss.Values) > 0 { + v := struct { + Metric Metric `json:"metric"` + Values []SamplePair `json:"values"` + Histograms []SampleHistogramPair `json:"histograms"` + }{ + Metric: ss.Metric, + Values: ss.Values, + Histograms: ss.Histograms, + } + return json.Marshal(&v) + } else if len(ss.Histograms) > 0 { + v := struct { + Metric Metric `json:"metric"` + Histograms []SampleHistogramPair `json:"histograms"` + }{ + Metric: ss.Metric, + Histograms: ss.Histograms, + } + return json.Marshal(&v) + } else { + v := struct { + Metric Metric `json:"metric"` + Values []SamplePair `json:"values"` + }{ + Metric: ss.Metric, + Values: ss.Values, + } + return json.Marshal(&v) + } } -func (Matrix) Type() ValueType { return ValMatrix } -func (Vector) Type() ValueType { return ValVector } -func (*Scalar) Type() ValueType { return ValScalar } -func (*String) Type() ValueType { return ValString } - -type ValueType int - -const ( - ValNone ValueType = iota - ValScalar - ValVector - ValMatrix - ValString -) - -// MarshalJSON implements json.Marshaler. -func (et ValueType) MarshalJSON() ([]byte, error) { - return json.Marshal(et.String()) -} +func (ss *SampleStream) UnmarshalJSON(b []byte) error { + v := struct { + Metric Metric `json:"metric"` + Values []SamplePair `json:"values"` + Histograms []SampleHistogramPair `json:"histograms"` + }{ + Metric: ss.Metric, + Values: ss.Values, + Histograms: ss.Histograms, + } -func (et *ValueType) UnmarshalJSON(b []byte) error { - var s string - if err := json.Unmarshal(b, &s); err != nil { + if err := json.Unmarshal(b, &v); err != nil { return err } - switch s { - case "": - *et = ValNone - case "scalar": - *et = ValScalar - case "vector": - *et = ValVector - case "matrix": - *et = ValMatrix - case "string": - *et = ValString - default: - return fmt.Errorf("unknown value type %q", s) - } - return nil -} -func (e ValueType) String() string { - switch e { - case ValNone: - return "" - case ValScalar: - return "scalar" - case ValVector: - return "vector" - case ValMatrix: - return "matrix" - case ValString: - return "string" - } - panic("ValueType.String: unhandled value type") + ss.Metric = v.Metric + ss.Values = v.Values + ss.Histograms = v.Histograms + + return nil } // Scalar is a scalar value evaluated at the set timestamp. diff --git a/vendor/github.com/prometheus/common/model/value_float.go b/vendor/github.com/prometheus/common/model/value_float.go new file mode 100644 index 000000000..0f615a705 --- /dev/null +++ b/vendor/github.com/prometheus/common/model/value_float.go @@ -0,0 +1,100 @@ +// Copyright 2013 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package model + +import ( + "encoding/json" + "fmt" + "math" + "strconv" +) + +var ( + // ZeroSamplePair is the pseudo zero-value of SamplePair used to signal a + // non-existing sample pair. It is a SamplePair with timestamp Earliest and + // value 0.0. Note that the natural zero value of SamplePair has a timestamp + // of 0, which is possible to appear in a real SamplePair and thus not + // suitable to signal a non-existing SamplePair. + ZeroSamplePair = SamplePair{Timestamp: Earliest} +) + +// A SampleValue is a representation of a value for a given sample at a given +// time. +type SampleValue float64 + +// MarshalJSON implements json.Marshaler. +func (v SampleValue) MarshalJSON() ([]byte, error) { + return json.Marshal(v.String()) +} + +// UnmarshalJSON implements json.Unmarshaler. +func (v *SampleValue) UnmarshalJSON(b []byte) error { + if len(b) < 2 || b[0] != '"' || b[len(b)-1] != '"' { + return fmt.Errorf("sample value must be a quoted string") + } + f, err := strconv.ParseFloat(string(b[1:len(b)-1]), 64) + if err != nil { + return err + } + *v = SampleValue(f) + return nil +} + +// Equal returns true if the value of v and o is equal or if both are NaN. Note +// that v==o is false if both are NaN. If you want the conventional float +// behavior, use == to compare two SampleValues. +func (v SampleValue) Equal(o SampleValue) bool { + if v == o { + return true + } + return math.IsNaN(float64(v)) && math.IsNaN(float64(o)) +} + +func (v SampleValue) String() string { + return strconv.FormatFloat(float64(v), 'f', -1, 64) +} + +// SamplePair pairs a SampleValue with a Timestamp. +type SamplePair struct { + Timestamp Time + Value SampleValue +} + +func (s SamplePair) MarshalJSON() ([]byte, error) { + t, err := json.Marshal(s.Timestamp) + if err != nil { + return nil, err + } + v, err := json.Marshal(s.Value) + if err != nil { + return nil, err + } + return []byte(fmt.Sprintf("[%s,%s]", t, v)), nil +} + +// UnmarshalJSON implements json.Unmarshaler. +func (s *SamplePair) UnmarshalJSON(b []byte) error { + v := [...]json.Unmarshaler{&s.Timestamp, &s.Value} + return json.Unmarshal(b, &v) +} + +// Equal returns true if this SamplePair and o have equal Values and equal +// Timestamps. The semantics of Value equality is defined by SampleValue.Equal. +func (s *SamplePair) Equal(o *SamplePair) bool { + return s == o || (s.Value.Equal(o.Value) && s.Timestamp.Equal(o.Timestamp)) +} + +func (s SamplePair) String() string { + return fmt.Sprintf("%s @[%s]", s.Value, s.Timestamp) +} diff --git a/vendor/github.com/prometheus/common/model/value_histogram.go b/vendor/github.com/prometheus/common/model/value_histogram.go new file mode 100644 index 000000000..54bb038cf --- /dev/null +++ b/vendor/github.com/prometheus/common/model/value_histogram.go @@ -0,0 +1,178 @@ +// Copyright 2013 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package model + +import ( + "encoding/json" + "fmt" + "strconv" + "strings" +) + +type FloatString float64 + +func (v FloatString) String() string { + return strconv.FormatFloat(float64(v), 'f', -1, 64) +} + +func (v FloatString) MarshalJSON() ([]byte, error) { + return json.Marshal(v.String()) +} + +func (v *FloatString) UnmarshalJSON(b []byte) error { + if len(b) < 2 || b[0] != '"' || b[len(b)-1] != '"' { + return fmt.Errorf("float value must be a quoted string") + } + f, err := strconv.ParseFloat(string(b[1:len(b)-1]), 64) + if err != nil { + return err + } + *v = FloatString(f) + return nil +} + +type HistogramBucket struct { + Boundaries int32 + Lower FloatString + Upper FloatString + Count FloatString +} + +func (s HistogramBucket) MarshalJSON() ([]byte, error) { + b, err := json.Marshal(s.Boundaries) + if err != nil { + return nil, err + } + l, err := json.Marshal(s.Lower) + if err != nil { + return nil, err + } + u, err := json.Marshal(s.Upper) + if err != nil { + return nil, err + } + c, err := json.Marshal(s.Count) + if err != nil { + return nil, err + } + return []byte(fmt.Sprintf("[%s,%s,%s,%s]", b, l, u, c)), nil +} + +func (s *HistogramBucket) UnmarshalJSON(buf []byte) error { + tmp := []interface{}{&s.Boundaries, &s.Lower, &s.Upper, &s.Count} + wantLen := len(tmp) + if err := json.Unmarshal(buf, &tmp); err != nil { + return err + } + if gotLen := len(tmp); gotLen != wantLen { + return fmt.Errorf("wrong number of fields: %d != %d", gotLen, wantLen) + } + return nil +} + +func (s *HistogramBucket) Equal(o *HistogramBucket) bool { + return s == o || (s.Boundaries == o.Boundaries && s.Lower == o.Lower && s.Upper == o.Upper && s.Count == o.Count) +} + +func (b HistogramBucket) String() string { + var sb strings.Builder + lowerInclusive := b.Boundaries == 1 || b.Boundaries == 3 + upperInclusive := b.Boundaries == 0 || b.Boundaries == 3 + if lowerInclusive { + sb.WriteRune('[') + } else { + sb.WriteRune('(') + } + fmt.Fprintf(&sb, "%g,%g", b.Lower, b.Upper) + if upperInclusive { + sb.WriteRune(']') + } else { + sb.WriteRune(')') + } + fmt.Fprintf(&sb, ":%v", b.Count) + return sb.String() +} + +type HistogramBuckets []*HistogramBucket + +func (s HistogramBuckets) Equal(o HistogramBuckets) bool { + if len(s) != len(o) { + return false + } + + for i, bucket := range s { + if !bucket.Equal(o[i]) { + return false + } + } + return true +} + +type SampleHistogram struct { + Count FloatString `json:"count"` + Sum FloatString `json:"sum"` + Buckets HistogramBuckets `json:"buckets"` +} + +func (s SampleHistogram) String() string { + return fmt.Sprintf("Count: %f, Sum: %f, Buckets: %v", s.Count, s.Sum, s.Buckets) +} + +func (s *SampleHistogram) Equal(o *SampleHistogram) bool { + return s == o || (s.Count == o.Count && s.Sum == o.Sum && s.Buckets.Equal(o.Buckets)) +} + +type SampleHistogramPair struct { + Timestamp Time + // Histogram should never be nil, it's only stored as pointer for efficiency. + Histogram *SampleHistogram +} + +func (s SampleHistogramPair) MarshalJSON() ([]byte, error) { + if s.Histogram == nil { + return nil, fmt.Errorf("histogram is nil") + } + t, err := json.Marshal(s.Timestamp) + if err != nil { + return nil, err + } + v, err := json.Marshal(s.Histogram) + if err != nil { + return nil, err + } + return []byte(fmt.Sprintf("[%s,%s]", t, v)), nil +} + +func (s *SampleHistogramPair) UnmarshalJSON(buf []byte) error { + tmp := []interface{}{&s.Timestamp, &s.Histogram} + wantLen := len(tmp) + if err := json.Unmarshal(buf, &tmp); err != nil { + return err + } + if gotLen := len(tmp); gotLen != wantLen { + return fmt.Errorf("wrong number of fields: %d != %d", gotLen, wantLen) + } + if s.Histogram == nil { + return fmt.Errorf("histogram is null") + } + return nil +} + +func (s SampleHistogramPair) String() string { + return fmt.Sprintf("%s @[%s]", s.Histogram, s.Timestamp) +} + +func (s *SampleHistogramPair) Equal(o *SampleHistogramPair) bool { + return s == o || (s.Histogram.Equal(o.Histogram) && s.Timestamp.Equal(o.Timestamp)) +} diff --git a/vendor/github.com/prometheus/common/model/value_type.go b/vendor/github.com/prometheus/common/model/value_type.go new file mode 100644 index 000000000..726c50ee6 --- /dev/null +++ b/vendor/github.com/prometheus/common/model/value_type.go @@ -0,0 +1,83 @@ +// Copyright 2013 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package model + +import ( + "encoding/json" + "fmt" +) + +// Value is a generic interface for values resulting from a query evaluation. +type Value interface { + Type() ValueType + String() string +} + +func (Matrix) Type() ValueType { return ValMatrix } +func (Vector) Type() ValueType { return ValVector } +func (*Scalar) Type() ValueType { return ValScalar } +func (*String) Type() ValueType { return ValString } + +type ValueType int + +const ( + ValNone ValueType = iota + ValScalar + ValVector + ValMatrix + ValString +) + +// MarshalJSON implements json.Marshaler. +func (et ValueType) MarshalJSON() ([]byte, error) { + return json.Marshal(et.String()) +} + +func (et *ValueType) UnmarshalJSON(b []byte) error { + var s string + if err := json.Unmarshal(b, &s); err != nil { + return err + } + switch s { + case "": + *et = ValNone + case "scalar": + *et = ValScalar + case "vector": + *et = ValVector + case "matrix": + *et = ValMatrix + case "string": + *et = ValString + default: + return fmt.Errorf("unknown value type %q", s) + } + return nil +} + +func (e ValueType) String() string { + switch e { + case ValNone: + return "" + case ValScalar: + return "scalar" + case ValVector: + return "vector" + case ValMatrix: + return "matrix" + case ValString: + return "string" + } + panic("ValueType.String: unhandled value type") +} diff --git a/vendor/github.com/prometheus/procfs/Makefile.common b/vendor/github.com/prometheus/procfs/Makefile.common index 6c8e3e219..e358db69c 100644 --- a/vendor/github.com/prometheus/procfs/Makefile.common +++ b/vendor/github.com/prometheus/procfs/Makefile.common @@ -55,19 +55,22 @@ ifneq ($(shell which gotestsum),) endif endif -PROMU_VERSION ?= 0.13.0 +PROMU_VERSION ?= 0.14.0 PROMU_URL := https://github.com/prometheus/promu/releases/download/v$(PROMU_VERSION)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM).tar.gz +SKIP_GOLANGCI_LINT := GOLANGCI_LINT := GOLANGCI_LINT_OPTS ?= -GOLANGCI_LINT_VERSION ?= v1.45.2 +GOLANGCI_LINT_VERSION ?= v1.49.0 # golangci-lint only supports linux, darwin and windows platforms on i386/amd64. # windows isn't included here because of the path separator being different. ifeq ($(GOHOSTOS),$(filter $(GOHOSTOS),linux darwin)) ifeq ($(GOHOSTARCH),$(filter $(GOHOSTARCH),amd64 i386)) # If we're in CI and there is an Actions file, that means the linter # is being run in Actions, so we don't need to run it here. - ifeq (,$(CIRCLE_JOB)) + ifneq (,$(SKIP_GOLANGCI_LINT)) + GOLANGCI_LINT := + else ifeq (,$(CIRCLE_JOB)) GOLANGCI_LINT := $(FIRST_GOPATH)/bin/golangci-lint else ifeq (,$(wildcard .github/workflows/golangci-lint.yml)) GOLANGCI_LINT := $(FIRST_GOPATH)/bin/golangci-lint diff --git a/vendor/github.com/prometheus/procfs/cpuinfo.go b/vendor/github.com/prometheus/procfs/cpuinfo.go index ff6b927da..06968ca2e 100644 --- a/vendor/github.com/prometheus/procfs/cpuinfo.go +++ b/vendor/github.com/prometheus/procfs/cpuinfo.go @@ -380,6 +380,42 @@ func parseCPUInfoMips(info []byte) ([]CPUInfo, error) { return cpuinfo, nil } +func parseCPUInfoLoong(info []byte) ([]CPUInfo, error) { + scanner := bufio.NewScanner(bytes.NewReader(info)) + // find the first "processor" line + firstLine := firstNonEmptyLine(scanner) + if !strings.HasPrefix(firstLine, "system type") || !strings.Contains(firstLine, ":") { + return nil, errors.New("invalid cpuinfo file: " + firstLine) + } + field := strings.SplitN(firstLine, ": ", 2) + cpuinfo := []CPUInfo{} + systemType := field[1] + i := 0 + for scanner.Scan() { + line := scanner.Text() + if !strings.Contains(line, ":") { + continue + } + field := strings.SplitN(line, ": ", 2) + switch strings.TrimSpace(field[0]) { + case "processor": + v, err := strconv.ParseUint(field[1], 0, 32) + if err != nil { + return nil, err + } + i = int(v) + cpuinfo = append(cpuinfo, CPUInfo{}) // start of the next processor + cpuinfo[i].Processor = uint(v) + cpuinfo[i].VendorID = systemType + case "CPU Family": + cpuinfo[i].CPUFamily = field[1] + case "Model Name": + cpuinfo[i].ModelName = field[1] + } + } + return cpuinfo, nil +} + func parseCPUInfoPPC(info []byte) ([]CPUInfo, error) { scanner := bufio.NewScanner(bytes.NewReader(info)) diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_loong64.go b/vendor/github.com/prometheus/procfs/cpuinfo_loong64.go new file mode 100644 index 000000000..d88442f0e --- /dev/null +++ b/vendor/github.com/prometheus/procfs/cpuinfo_loong64.go @@ -0,0 +1,19 @@ +// Copyright 2022 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +//go:build linux +// +build linux + +package procfs + +var parseCPUInfo = parseCPUInfoLoong diff --git a/vendor/github.com/prometheus/procfs/cpuinfo_others.go b/vendor/github.com/prometheus/procfs/cpuinfo_others.go index ea41bf2ca..a6b2b3127 100644 --- a/vendor/github.com/prometheus/procfs/cpuinfo_others.go +++ b/vendor/github.com/prometheus/procfs/cpuinfo_others.go @@ -11,8 +11,8 @@ // See the License for the specific language governing permissions and // limitations under the License. -//go:build linux && !386 && !amd64 && !arm && !arm64 && !mips && !mips64 && !mips64le && !mipsle && !ppc64 && !ppc64le && !riscv64 && !s390x -// +build linux,!386,!amd64,!arm,!arm64,!mips,!mips64,!mips64le,!mipsle,!ppc64,!ppc64le,!riscv64,!s390x +//go:build linux && !386 && !amd64 && !arm && !arm64 && !loong64 && !mips && !mips64 && !mips64le && !mipsle && !ppc64 && !ppc64le && !riscv64 && !s390x +// +build linux,!386,!amd64,!arm,!arm64,!loong64,!mips,!mips64,!mips64le,!mipsle,!ppc64,!ppc64le,!riscv64,!s390x package procfs diff --git a/vendor/github.com/prometheus/procfs/doc.go b/vendor/github.com/prometheus/procfs/doc.go index d31a82600..f9d961e44 100644 --- a/vendor/github.com/prometheus/procfs/doc.go +++ b/vendor/github.com/prometheus/procfs/doc.go @@ -16,30 +16,29 @@ // // Example: // -// package main -// -// import ( -// "fmt" -// "log" -// -// "github.com/prometheus/procfs" -// ) -// -// func main() { -// p, err := procfs.Self() -// if err != nil { -// log.Fatalf("could not get process: %s", err) -// } -// -// stat, err := p.Stat() -// if err != nil { -// log.Fatalf("could not get process stat: %s", err) -// } -// -// fmt.Printf("command: %s\n", stat.Comm) -// fmt.Printf("cpu time: %fs\n", stat.CPUTime()) -// fmt.Printf("vsize: %dB\n", stat.VirtualMemory()) -// fmt.Printf("rss: %dB\n", stat.ResidentMemory()) -// } -// +// package main +// +// import ( +// "fmt" +// "log" +// +// "github.com/prometheus/procfs" +// ) +// +// func main() { +// p, err := procfs.Self() +// if err != nil { +// log.Fatalf("could not get process: %s", err) +// } +// +// stat, err := p.Stat() +// if err != nil { +// log.Fatalf("could not get process stat: %s", err) +// } +// +// fmt.Printf("command: %s\n", stat.Comm) +// fmt.Printf("cpu time: %fs\n", stat.CPUTime()) +// fmt.Printf("vsize: %dB\n", stat.VirtualMemory()) +// fmt.Printf("rss: %dB\n", stat.ResidentMemory()) +// } package procfs diff --git a/vendor/github.com/prometheus/procfs/mountstats.go b/vendor/github.com/prometheus/procfs/mountstats.go index f7a828bb1..0c482c18c 100644 --- a/vendor/github.com/prometheus/procfs/mountstats.go +++ b/vendor/github.com/prometheus/procfs/mountstats.go @@ -284,7 +284,8 @@ func parseMountStats(r io.Reader) ([]*Mount, error) { } // parseMount parses an entry in /proc/[pid]/mountstats in the format: -// device [device] mounted on [mount] with fstype [type] +// +// device [device] mounted on [mount] with fstype [type] func parseMount(ss []string) (*Mount, error) { if len(ss) < deviceEntryLen { return nil, fmt.Errorf("invalid device entry: %v", ss) diff --git a/vendor/github.com/prometheus/procfs/net_softnet.go b/vendor/github.com/prometheus/procfs/net_softnet.go index a94f86dc4..06b7b8f21 100644 --- a/vendor/github.com/prometheus/procfs/net_softnet.go +++ b/vendor/github.com/prometheus/procfs/net_softnet.go @@ -27,8 +27,9 @@ import ( // For the proc file format details, // See: // * Linux 2.6.23 https://elixir.bootlin.com/linux/v2.6.23/source/net/core/dev.c#L2343 -// * Linux 4.17 https://elixir.bootlin.com/linux/v4.17/source/net/core/net-procfs.c#L162 -// and https://elixir.bootlin.com/linux/v4.17/source/include/linux/netdevice.h#L2810. +// * Linux 2.6.39 https://elixir.bootlin.com/linux/v2.6.39/source/net/core/dev.c#L4086 +// * Linux 4.18 https://elixir.bootlin.com/linux/v4.18/source/net/core/net-procfs.c#L162 +// * Linux 5.14 https://elixir.bootlin.com/linux/v5.14/source/net/core/net-procfs.c#L169 // SoftnetStat contains a single row of data from /proc/net/softnet_stat. type SoftnetStat struct { @@ -38,6 +39,18 @@ type SoftnetStat struct { Dropped uint32 // Number of times processing packets ran out of quota. TimeSqueezed uint32 + // Number of collision occur while obtaining device lock while transmitting. + CPUCollision uint32 + // Number of times cpu woken up received_rps. + ReceivedRps uint32 + // number of times flow limit has been reached. + FlowLimitCount uint32 + // Softnet backlog status. + SoftnetBacklogLen uint32 + // CPU id owning this softnet_data. + Index uint32 + // softnet_data's Width. + Width int } var softNetProcFile = "net/softnet_stat" @@ -66,22 +79,57 @@ func parseSoftnet(r io.Reader) ([]SoftnetStat, error) { for s.Scan() { columns := strings.Fields(s.Text()) width := len(columns) + softnetStat := SoftnetStat{} if width < minColumns { return nil, fmt.Errorf("%d columns were detected, but at least %d were expected", width, minColumns) } - // We only parse the first three columns at the moment. - us, err := parseHexUint32s(columns[0:3]) - if err != nil { - return nil, err + // Linux 2.6.23 https://elixir.bootlin.com/linux/v2.6.23/source/net/core/dev.c#L2347 + if width >= minColumns { + us, err := parseHexUint32s(columns[0:9]) + if err != nil { + return nil, err + } + + softnetStat.Processed = us[0] + softnetStat.Dropped = us[1] + softnetStat.TimeSqueezed = us[2] + softnetStat.CPUCollision = us[8] + } + + // Linux 2.6.39 https://elixir.bootlin.com/linux/v2.6.39/source/net/core/dev.c#L4086 + if width >= 10 { + us, err := parseHexUint32s(columns[9:10]) + if err != nil { + return nil, err + } + + softnetStat.ReceivedRps = us[0] } - stats = append(stats, SoftnetStat{ - Processed: us[0], - Dropped: us[1], - TimeSqueezed: us[2], - }) + // Linux 4.18 https://elixir.bootlin.com/linux/v4.18/source/net/core/net-procfs.c#L162 + if width >= 11 { + us, err := parseHexUint32s(columns[10:11]) + if err != nil { + return nil, err + } + + softnetStat.FlowLimitCount = us[0] + } + + // Linux 5.14 https://elixir.bootlin.com/linux/v5.14/source/net/core/net-procfs.c#L169 + if width >= 13 { + us, err := parseHexUint32s(columns[11:13]) + if err != nil { + return nil, err + } + + softnetStat.SoftnetBacklogLen = us[0] + softnetStat.Index = us[1] + } + softnetStat.Width = width + stats = append(stats, softnetStat) } return stats, nil diff --git a/vendor/github.com/prometheus/procfs/netstat.go b/vendor/github.com/prometheus/procfs/netstat.go index dcea9c5a6..5cc40aef5 100644 --- a/vendor/github.com/prometheus/procfs/netstat.go +++ b/vendor/github.com/prometheus/procfs/netstat.go @@ -15,6 +15,7 @@ package procfs import ( "bufio" + "io" "os" "path/filepath" "strconv" @@ -42,27 +43,43 @@ func (fs FS) NetStat() ([]NetStat, error) { return nil, err } - netStatFile := NetStat{ - Filename: filepath.Base(filePath), - Stats: make(map[string][]uint64), + procNetstat, err := parseNetstat(file) + if err != nil { + return nil, err + } + procNetstat.Filename = filepath.Base(filePath) + + netStatsTotal = append(netStatsTotal, procNetstat) + } + return netStatsTotal, nil +} + +// parseNetstat parses the metrics from `/proc/net/stat/` file +// and returns a NetStat structure. +func parseNetstat(r io.Reader) (NetStat, error) { + var ( + scanner = bufio.NewScanner(r) + netStat = NetStat{ + Stats: make(map[string][]uint64), } - scanner := bufio.NewScanner(file) - scanner.Scan() - // First string is always a header for stats - var headers []string - headers = append(headers, strings.Fields(scanner.Text())...) + ) + + scanner.Scan() - // Other strings represent per-CPU counters - for scanner.Scan() { - for num, counter := range strings.Fields(scanner.Text()) { - value, err := strconv.ParseUint(counter, 16, 64) - if err != nil { - return nil, err - } - netStatFile.Stats[headers[num]] = append(netStatFile.Stats[headers[num]], value) + // First string is always a header for stats + var headers []string + headers = append(headers, strings.Fields(scanner.Text())...) + + // Other strings represent per-CPU counters + for scanner.Scan() { + for num, counter := range strings.Fields(scanner.Text()) { + value, err := strconv.ParseUint(counter, 16, 64) + if err != nil { + return NetStat{}, err } + netStat.Stats[headers[num]] = append(netStat.Stats[headers[num]], value) } - netStatsTotal = append(netStatsTotal, netStatFile) } - return netStatsTotal, nil + + return netStat, nil } diff --git a/vendor/github.com/prometheus/procfs/proc_cgroup.go b/vendor/github.com/prometheus/procfs/proc_cgroup.go index cca03327c..ea83a75ff 100644 --- a/vendor/github.com/prometheus/procfs/proc_cgroup.go +++ b/vendor/github.com/prometheus/procfs/proc_cgroup.go @@ -23,7 +23,7 @@ import ( "github.com/prometheus/procfs/internal/util" ) -// Cgroup models one line from /proc/[pid]/cgroup. Each Cgroup struct describes the the placement of a PID inside a +// Cgroup models one line from /proc/[pid]/cgroup. Each Cgroup struct describes the placement of a PID inside a // specific control hierarchy. The kernel has two cgroup APIs, v1 and v2. v1 has one hierarchy per available resource // controller, while v2 has one unified hierarchy shared by all controllers. Regardless of v1 or v2, all hierarchies // contain all running processes, so the question answerable with a Cgroup struct is 'where is this process in diff --git a/vendor/github.com/prometheus/procfs/proc_interrupts.go b/vendor/github.com/prometheus/procfs/proc_interrupts.go new file mode 100644 index 000000000..9df79c237 --- /dev/null +++ b/vendor/github.com/prometheus/procfs/proc_interrupts.go @@ -0,0 +1,98 @@ +// Copyright 2022 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package procfs + +import ( + "bufio" + "bytes" + "errors" + "fmt" + "io" + "strconv" + "strings" + + "github.com/prometheus/procfs/internal/util" +) + +// Interrupt represents a single interrupt line. +type Interrupt struct { + // Info is the type of interrupt. + Info string + // Devices is the name of the device that is located at that IRQ + Devices string + // Values is the number of interrupts per CPU. + Values []string +} + +// Interrupts models the content of /proc/interrupts. Key is the IRQ number. +// - https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/deployment_guide/s2-proc-interrupts +// - https://raspberrypi.stackexchange.com/questions/105802/explanation-of-proc-interrupts-output +type Interrupts map[string]Interrupt + +// Interrupts creates a new instance from a given Proc instance. +func (p Proc) Interrupts() (Interrupts, error) { + data, err := util.ReadFileNoStat(p.path("interrupts")) + if err != nil { + return nil, err + } + return parseInterrupts(bytes.NewReader(data)) +} + +func parseInterrupts(r io.Reader) (Interrupts, error) { + var ( + interrupts = Interrupts{} + scanner = bufio.NewScanner(r) + ) + + if !scanner.Scan() { + return nil, errors.New("interrupts empty") + } + cpuNum := len(strings.Fields(scanner.Text())) // one header per cpu + + for scanner.Scan() { + parts := strings.Fields(scanner.Text()) + if len(parts) == 0 { // skip empty lines + continue + } + if len(parts) < 2 { + return nil, fmt.Errorf("not enough fields in interrupts (expected at least 2 fields but got %d): %s", len(parts), parts) + } + intName := parts[0][:len(parts[0])-1] // remove trailing : + + if len(parts) == 2 { + interrupts[intName] = Interrupt{ + Info: "", + Devices: "", + Values: []string{ + parts[1], + }, + } + continue + } + + intr := Interrupt{ + Values: parts[1 : cpuNum+1], + } + + if _, err := strconv.Atoi(intName); err == nil { // numeral interrupt + intr.Info = parts[cpuNum+1] + intr.Devices = strings.Join(parts[cpuNum+2:], " ") + } else { + intr.Info = strings.Join(parts[cpuNum+1:], " ") + } + interrupts[intName] = intr + } + + return interrupts, scanner.Err() +} diff --git a/vendor/github.com/prometheus/procfs/proc_netstat.go b/vendor/github.com/prometheus/procfs/proc_netstat.go index 48b523819..6a43bb245 100644 --- a/vendor/github.com/prometheus/procfs/proc_netstat.go +++ b/vendor/github.com/prometheus/procfs/proc_netstat.go @@ -33,139 +33,140 @@ type ProcNetstat struct { } type TcpExt struct { // nolint:revive - SyncookiesSent float64 - SyncookiesRecv float64 - SyncookiesFailed float64 - EmbryonicRsts float64 - PruneCalled float64 - RcvPruned float64 - OfoPruned float64 - OutOfWindowIcmps float64 - LockDroppedIcmps float64 - ArpFilter float64 - TW float64 - TWRecycled float64 - TWKilled float64 - PAWSActive float64 - PAWSEstab float64 - DelayedACKs float64 - DelayedACKLocked float64 - DelayedACKLost float64 - ListenOverflows float64 - ListenDrops float64 - TCPHPHits float64 - TCPPureAcks float64 - TCPHPAcks float64 - TCPRenoRecovery float64 - TCPSackRecovery float64 - TCPSACKReneging float64 - TCPSACKReorder float64 - TCPRenoReorder float64 - TCPTSReorder float64 - TCPFullUndo float64 - TCPPartialUndo float64 - TCPDSACKUndo float64 - TCPLossUndo float64 - TCPLostRetransmit float64 - TCPRenoFailures float64 - TCPSackFailures float64 - TCPLossFailures float64 - TCPFastRetrans float64 - TCPSlowStartRetrans float64 - TCPTimeouts float64 - TCPLossProbes float64 - TCPLossProbeRecovery float64 - TCPRenoRecoveryFail float64 - TCPSackRecoveryFail float64 - TCPRcvCollapsed float64 - TCPDSACKOldSent float64 - TCPDSACKOfoSent float64 - TCPDSACKRecv float64 - TCPDSACKOfoRecv float64 - TCPAbortOnData float64 - TCPAbortOnClose float64 - TCPAbortOnMemory float64 - TCPAbortOnTimeout float64 - TCPAbortOnLinger float64 - TCPAbortFailed float64 - TCPMemoryPressures float64 - TCPMemoryPressuresChrono float64 - TCPSACKDiscard float64 - TCPDSACKIgnoredOld float64 - TCPDSACKIgnoredNoUndo float64 - TCPSpuriousRTOs float64 - TCPMD5NotFound float64 - TCPMD5Unexpected float64 - TCPMD5Failure float64 - TCPSackShifted float64 - TCPSackMerged float64 - TCPSackShiftFallback float64 - TCPBacklogDrop float64 - PFMemallocDrop float64 - TCPMinTTLDrop float64 - TCPDeferAcceptDrop float64 - IPReversePathFilter float64 - TCPTimeWaitOverflow float64 - TCPReqQFullDoCookies float64 - TCPReqQFullDrop float64 - TCPRetransFail float64 - TCPRcvCoalesce float64 - TCPOFOQueue float64 - TCPOFODrop float64 - TCPOFOMerge float64 - TCPChallengeACK float64 - TCPSYNChallenge float64 - TCPFastOpenActive float64 - TCPFastOpenActiveFail float64 - TCPFastOpenPassive float64 - TCPFastOpenPassiveFail float64 - TCPFastOpenListenOverflow float64 - TCPFastOpenCookieReqd float64 - TCPFastOpenBlackhole float64 - TCPSpuriousRtxHostQueues float64 - BusyPollRxPackets float64 - TCPAutoCorking float64 - TCPFromZeroWindowAdv float64 - TCPToZeroWindowAdv float64 - TCPWantZeroWindowAdv float64 - TCPSynRetrans float64 - TCPOrigDataSent float64 - TCPHystartTrainDetect float64 - TCPHystartTrainCwnd float64 - TCPHystartDelayDetect float64 - TCPHystartDelayCwnd float64 - TCPACKSkippedSynRecv float64 - TCPACKSkippedPAWS float64 - TCPACKSkippedSeq float64 - TCPACKSkippedFinWait2 float64 - TCPACKSkippedTimeWait float64 - TCPACKSkippedChallenge float64 - TCPWinProbe float64 - TCPKeepAlive float64 - TCPMTUPFail float64 - TCPMTUPSuccess float64 - TCPWqueueTooBig float64 + SyncookiesSent *float64 + SyncookiesRecv *float64 + SyncookiesFailed *float64 + EmbryonicRsts *float64 + PruneCalled *float64 + RcvPruned *float64 + OfoPruned *float64 + OutOfWindowIcmps *float64 + LockDroppedIcmps *float64 + ArpFilter *float64 + TW *float64 + TWRecycled *float64 + TWKilled *float64 + PAWSActive *float64 + PAWSEstab *float64 + DelayedACKs *float64 + DelayedACKLocked *float64 + DelayedACKLost *float64 + ListenOverflows *float64 + ListenDrops *float64 + TCPHPHits *float64 + TCPPureAcks *float64 + TCPHPAcks *float64 + TCPRenoRecovery *float64 + TCPSackRecovery *float64 + TCPSACKReneging *float64 + TCPSACKReorder *float64 + TCPRenoReorder *float64 + TCPTSReorder *float64 + TCPFullUndo *float64 + TCPPartialUndo *float64 + TCPDSACKUndo *float64 + TCPLossUndo *float64 + TCPLostRetransmit *float64 + TCPRenoFailures *float64 + TCPSackFailures *float64 + TCPLossFailures *float64 + TCPFastRetrans *float64 + TCPSlowStartRetrans *float64 + TCPTimeouts *float64 + TCPLossProbes *float64 + TCPLossProbeRecovery *float64 + TCPRenoRecoveryFail *float64 + TCPSackRecoveryFail *float64 + TCPRcvCollapsed *float64 + TCPDSACKOldSent *float64 + TCPDSACKOfoSent *float64 + TCPDSACKRecv *float64 + TCPDSACKOfoRecv *float64 + TCPAbortOnData *float64 + TCPAbortOnClose *float64 + TCPAbortOnMemory *float64 + TCPAbortOnTimeout *float64 + TCPAbortOnLinger *float64 + TCPAbortFailed *float64 + TCPMemoryPressures *float64 + TCPMemoryPressuresChrono *float64 + TCPSACKDiscard *float64 + TCPDSACKIgnoredOld *float64 + TCPDSACKIgnoredNoUndo *float64 + TCPSpuriousRTOs *float64 + TCPMD5NotFound *float64 + TCPMD5Unexpected *float64 + TCPMD5Failure *float64 + TCPSackShifted *float64 + TCPSackMerged *float64 + TCPSackShiftFallback *float64 + TCPBacklogDrop *float64 + PFMemallocDrop *float64 + TCPMinTTLDrop *float64 + TCPDeferAcceptDrop *float64 + IPReversePathFilter *float64 + TCPTimeWaitOverflow *float64 + TCPReqQFullDoCookies *float64 + TCPReqQFullDrop *float64 + TCPRetransFail *float64 + TCPRcvCoalesce *float64 + TCPRcvQDrop *float64 + TCPOFOQueue *float64 + TCPOFODrop *float64 + TCPOFOMerge *float64 + TCPChallengeACK *float64 + TCPSYNChallenge *float64 + TCPFastOpenActive *float64 + TCPFastOpenActiveFail *float64 + TCPFastOpenPassive *float64 + TCPFastOpenPassiveFail *float64 + TCPFastOpenListenOverflow *float64 + TCPFastOpenCookieReqd *float64 + TCPFastOpenBlackhole *float64 + TCPSpuriousRtxHostQueues *float64 + BusyPollRxPackets *float64 + TCPAutoCorking *float64 + TCPFromZeroWindowAdv *float64 + TCPToZeroWindowAdv *float64 + TCPWantZeroWindowAdv *float64 + TCPSynRetrans *float64 + TCPOrigDataSent *float64 + TCPHystartTrainDetect *float64 + TCPHystartTrainCwnd *float64 + TCPHystartDelayDetect *float64 + TCPHystartDelayCwnd *float64 + TCPACKSkippedSynRecv *float64 + TCPACKSkippedPAWS *float64 + TCPACKSkippedSeq *float64 + TCPACKSkippedFinWait2 *float64 + TCPACKSkippedTimeWait *float64 + TCPACKSkippedChallenge *float64 + TCPWinProbe *float64 + TCPKeepAlive *float64 + TCPMTUPFail *float64 + TCPMTUPSuccess *float64 + TCPWqueueTooBig *float64 } type IpExt struct { // nolint:revive - InNoRoutes float64 - InTruncatedPkts float64 - InMcastPkts float64 - OutMcastPkts float64 - InBcastPkts float64 - OutBcastPkts float64 - InOctets float64 - OutOctets float64 - InMcastOctets float64 - OutMcastOctets float64 - InBcastOctets float64 - OutBcastOctets float64 - InCsumErrors float64 - InNoECTPkts float64 - InECT1Pkts float64 - InECT0Pkts float64 - InCEPkts float64 - ReasmOverlaps float64 + InNoRoutes *float64 + InTruncatedPkts *float64 + InMcastPkts *float64 + OutMcastPkts *float64 + InBcastPkts *float64 + OutBcastPkts *float64 + InOctets *float64 + OutOctets *float64 + InMcastOctets *float64 + OutMcastOctets *float64 + InBcastOctets *float64 + OutBcastOctets *float64 + InCsumErrors *float64 + InNoECTPkts *float64 + InECT1Pkts *float64 + InECT0Pkts *float64 + InCEPkts *float64 + ReasmOverlaps *float64 } func (p Proc) Netstat() (ProcNetstat, error) { @@ -174,14 +175,14 @@ func (p Proc) Netstat() (ProcNetstat, error) { if err != nil { return ProcNetstat{PID: p.PID}, err } - procNetstat, err := parseNetstat(bytes.NewReader(data), filename) + procNetstat, err := parseProcNetstat(bytes.NewReader(data), filename) procNetstat.PID = p.PID return procNetstat, err } -// parseNetstat parses the metrics from proc//net/netstat file +// parseProcNetstat parses the metrics from proc//net/netstat file // and returns a ProcNetstat structure. -func parseNetstat(r io.Reader, fileName string) (ProcNetstat, error) { +func parseProcNetstat(r io.Reader, fileName string) (ProcNetstat, error) { var ( scanner = bufio.NewScanner(r) procNetstat = ProcNetstat{} @@ -208,230 +209,232 @@ func parseNetstat(r io.Reader, fileName string) (ProcNetstat, error) { case "TcpExt": switch key { case "SyncookiesSent": - procNetstat.TcpExt.SyncookiesSent = value + procNetstat.TcpExt.SyncookiesSent = &value case "SyncookiesRecv": - procNetstat.TcpExt.SyncookiesRecv = value + procNetstat.TcpExt.SyncookiesRecv = &value case "SyncookiesFailed": - procNetstat.TcpExt.SyncookiesFailed = value + procNetstat.TcpExt.SyncookiesFailed = &value case "EmbryonicRsts": - procNetstat.TcpExt.EmbryonicRsts = value + procNetstat.TcpExt.EmbryonicRsts = &value case "PruneCalled": - procNetstat.TcpExt.PruneCalled = value + procNetstat.TcpExt.PruneCalled = &value case "RcvPruned": - procNetstat.TcpExt.RcvPruned = value + procNetstat.TcpExt.RcvPruned = &value case "OfoPruned": - procNetstat.TcpExt.OfoPruned = value + procNetstat.TcpExt.OfoPruned = &value case "OutOfWindowIcmps": - procNetstat.TcpExt.OutOfWindowIcmps = value + procNetstat.TcpExt.OutOfWindowIcmps = &value case "LockDroppedIcmps": - procNetstat.TcpExt.LockDroppedIcmps = value + procNetstat.TcpExt.LockDroppedIcmps = &value case "ArpFilter": - procNetstat.TcpExt.ArpFilter = value + procNetstat.TcpExt.ArpFilter = &value case "TW": - procNetstat.TcpExt.TW = value + procNetstat.TcpExt.TW = &value case "TWRecycled": - procNetstat.TcpExt.TWRecycled = value + procNetstat.TcpExt.TWRecycled = &value case "TWKilled": - procNetstat.TcpExt.TWKilled = value + procNetstat.TcpExt.TWKilled = &value case "PAWSActive": - procNetstat.TcpExt.PAWSActive = value + procNetstat.TcpExt.PAWSActive = &value case "PAWSEstab": - procNetstat.TcpExt.PAWSEstab = value + procNetstat.TcpExt.PAWSEstab = &value case "DelayedACKs": - procNetstat.TcpExt.DelayedACKs = value + procNetstat.TcpExt.DelayedACKs = &value case "DelayedACKLocked": - procNetstat.TcpExt.DelayedACKLocked = value + procNetstat.TcpExt.DelayedACKLocked = &value case "DelayedACKLost": - procNetstat.TcpExt.DelayedACKLost = value + procNetstat.TcpExt.DelayedACKLost = &value case "ListenOverflows": - procNetstat.TcpExt.ListenOverflows = value + procNetstat.TcpExt.ListenOverflows = &value case "ListenDrops": - procNetstat.TcpExt.ListenDrops = value + procNetstat.TcpExt.ListenDrops = &value case "TCPHPHits": - procNetstat.TcpExt.TCPHPHits = value + procNetstat.TcpExt.TCPHPHits = &value case "TCPPureAcks": - procNetstat.TcpExt.TCPPureAcks = value + procNetstat.TcpExt.TCPPureAcks = &value case "TCPHPAcks": - procNetstat.TcpExt.TCPHPAcks = value + procNetstat.TcpExt.TCPHPAcks = &value case "TCPRenoRecovery": - procNetstat.TcpExt.TCPRenoRecovery = value + procNetstat.TcpExt.TCPRenoRecovery = &value case "TCPSackRecovery": - procNetstat.TcpExt.TCPSackRecovery = value + procNetstat.TcpExt.TCPSackRecovery = &value case "TCPSACKReneging": - procNetstat.TcpExt.TCPSACKReneging = value + procNetstat.TcpExt.TCPSACKReneging = &value case "TCPSACKReorder": - procNetstat.TcpExt.TCPSACKReorder = value + procNetstat.TcpExt.TCPSACKReorder = &value case "TCPRenoReorder": - procNetstat.TcpExt.TCPRenoReorder = value + procNetstat.TcpExt.TCPRenoReorder = &value case "TCPTSReorder": - procNetstat.TcpExt.TCPTSReorder = value + procNetstat.TcpExt.TCPTSReorder = &value case "TCPFullUndo": - procNetstat.TcpExt.TCPFullUndo = value + procNetstat.TcpExt.TCPFullUndo = &value case "TCPPartialUndo": - procNetstat.TcpExt.TCPPartialUndo = value + procNetstat.TcpExt.TCPPartialUndo = &value case "TCPDSACKUndo": - procNetstat.TcpExt.TCPDSACKUndo = value + procNetstat.TcpExt.TCPDSACKUndo = &value case "TCPLossUndo": - procNetstat.TcpExt.TCPLossUndo = value + procNetstat.TcpExt.TCPLossUndo = &value case "TCPLostRetransmit": - procNetstat.TcpExt.TCPLostRetransmit = value + procNetstat.TcpExt.TCPLostRetransmit = &value case "TCPRenoFailures": - procNetstat.TcpExt.TCPRenoFailures = value + procNetstat.TcpExt.TCPRenoFailures = &value case "TCPSackFailures": - procNetstat.TcpExt.TCPSackFailures = value + procNetstat.TcpExt.TCPSackFailures = &value case "TCPLossFailures": - procNetstat.TcpExt.TCPLossFailures = value + procNetstat.TcpExt.TCPLossFailures = &value case "TCPFastRetrans": - procNetstat.TcpExt.TCPFastRetrans = value + procNetstat.TcpExt.TCPFastRetrans = &value case "TCPSlowStartRetrans": - procNetstat.TcpExt.TCPSlowStartRetrans = value + procNetstat.TcpExt.TCPSlowStartRetrans = &value case "TCPTimeouts": - procNetstat.TcpExt.TCPTimeouts = value + procNetstat.TcpExt.TCPTimeouts = &value case "TCPLossProbes": - procNetstat.TcpExt.TCPLossProbes = value + procNetstat.TcpExt.TCPLossProbes = &value case "TCPLossProbeRecovery": - procNetstat.TcpExt.TCPLossProbeRecovery = value + procNetstat.TcpExt.TCPLossProbeRecovery = &value case "TCPRenoRecoveryFail": - procNetstat.TcpExt.TCPRenoRecoveryFail = value + procNetstat.TcpExt.TCPRenoRecoveryFail = &value case "TCPSackRecoveryFail": - procNetstat.TcpExt.TCPSackRecoveryFail = value + procNetstat.TcpExt.TCPSackRecoveryFail = &value case "TCPRcvCollapsed": - procNetstat.TcpExt.TCPRcvCollapsed = value + procNetstat.TcpExt.TCPRcvCollapsed = &value case "TCPDSACKOldSent": - procNetstat.TcpExt.TCPDSACKOldSent = value + procNetstat.TcpExt.TCPDSACKOldSent = &value case "TCPDSACKOfoSent": - procNetstat.TcpExt.TCPDSACKOfoSent = value + procNetstat.TcpExt.TCPDSACKOfoSent = &value case "TCPDSACKRecv": - procNetstat.TcpExt.TCPDSACKRecv = value + procNetstat.TcpExt.TCPDSACKRecv = &value case "TCPDSACKOfoRecv": - procNetstat.TcpExt.TCPDSACKOfoRecv = value + procNetstat.TcpExt.TCPDSACKOfoRecv = &value case "TCPAbortOnData": - procNetstat.TcpExt.TCPAbortOnData = value + procNetstat.TcpExt.TCPAbortOnData = &value case "TCPAbortOnClose": - procNetstat.TcpExt.TCPAbortOnClose = value + procNetstat.TcpExt.TCPAbortOnClose = &value case "TCPDeferAcceptDrop": - procNetstat.TcpExt.TCPDeferAcceptDrop = value + procNetstat.TcpExt.TCPDeferAcceptDrop = &value case "IPReversePathFilter": - procNetstat.TcpExt.IPReversePathFilter = value + procNetstat.TcpExt.IPReversePathFilter = &value case "TCPTimeWaitOverflow": - procNetstat.TcpExt.TCPTimeWaitOverflow = value + procNetstat.TcpExt.TCPTimeWaitOverflow = &value case "TCPReqQFullDoCookies": - procNetstat.TcpExt.TCPReqQFullDoCookies = value + procNetstat.TcpExt.TCPReqQFullDoCookies = &value case "TCPReqQFullDrop": - procNetstat.TcpExt.TCPReqQFullDrop = value + procNetstat.TcpExt.TCPReqQFullDrop = &value case "TCPRetransFail": - procNetstat.TcpExt.TCPRetransFail = value + procNetstat.TcpExt.TCPRetransFail = &value case "TCPRcvCoalesce": - procNetstat.TcpExt.TCPRcvCoalesce = value + procNetstat.TcpExt.TCPRcvCoalesce = &value + case "TCPRcvQDrop": + procNetstat.TcpExt.TCPRcvQDrop = &value case "TCPOFOQueue": - procNetstat.TcpExt.TCPOFOQueue = value + procNetstat.TcpExt.TCPOFOQueue = &value case "TCPOFODrop": - procNetstat.TcpExt.TCPOFODrop = value + procNetstat.TcpExt.TCPOFODrop = &value case "TCPOFOMerge": - procNetstat.TcpExt.TCPOFOMerge = value + procNetstat.TcpExt.TCPOFOMerge = &value case "TCPChallengeACK": - procNetstat.TcpExt.TCPChallengeACK = value + procNetstat.TcpExt.TCPChallengeACK = &value case "TCPSYNChallenge": - procNetstat.TcpExt.TCPSYNChallenge = value + procNetstat.TcpExt.TCPSYNChallenge = &value case "TCPFastOpenActive": - procNetstat.TcpExt.TCPFastOpenActive = value + procNetstat.TcpExt.TCPFastOpenActive = &value case "TCPFastOpenActiveFail": - procNetstat.TcpExt.TCPFastOpenActiveFail = value + procNetstat.TcpExt.TCPFastOpenActiveFail = &value case "TCPFastOpenPassive": - procNetstat.TcpExt.TCPFastOpenPassive = value + procNetstat.TcpExt.TCPFastOpenPassive = &value case "TCPFastOpenPassiveFail": - procNetstat.TcpExt.TCPFastOpenPassiveFail = value + procNetstat.TcpExt.TCPFastOpenPassiveFail = &value case "TCPFastOpenListenOverflow": - procNetstat.TcpExt.TCPFastOpenListenOverflow = value + procNetstat.TcpExt.TCPFastOpenListenOverflow = &value case "TCPFastOpenCookieReqd": - procNetstat.TcpExt.TCPFastOpenCookieReqd = value + procNetstat.TcpExt.TCPFastOpenCookieReqd = &value case "TCPFastOpenBlackhole": - procNetstat.TcpExt.TCPFastOpenBlackhole = value + procNetstat.TcpExt.TCPFastOpenBlackhole = &value case "TCPSpuriousRtxHostQueues": - procNetstat.TcpExt.TCPSpuriousRtxHostQueues = value + procNetstat.TcpExt.TCPSpuriousRtxHostQueues = &value case "BusyPollRxPackets": - procNetstat.TcpExt.BusyPollRxPackets = value + procNetstat.TcpExt.BusyPollRxPackets = &value case "TCPAutoCorking": - procNetstat.TcpExt.TCPAutoCorking = value + procNetstat.TcpExt.TCPAutoCorking = &value case "TCPFromZeroWindowAdv": - procNetstat.TcpExt.TCPFromZeroWindowAdv = value + procNetstat.TcpExt.TCPFromZeroWindowAdv = &value case "TCPToZeroWindowAdv": - procNetstat.TcpExt.TCPToZeroWindowAdv = value + procNetstat.TcpExt.TCPToZeroWindowAdv = &value case "TCPWantZeroWindowAdv": - procNetstat.TcpExt.TCPWantZeroWindowAdv = value + procNetstat.TcpExt.TCPWantZeroWindowAdv = &value case "TCPSynRetrans": - procNetstat.TcpExt.TCPSynRetrans = value + procNetstat.TcpExt.TCPSynRetrans = &value case "TCPOrigDataSent": - procNetstat.TcpExt.TCPOrigDataSent = value + procNetstat.TcpExt.TCPOrigDataSent = &value case "TCPHystartTrainDetect": - procNetstat.TcpExt.TCPHystartTrainDetect = value + procNetstat.TcpExt.TCPHystartTrainDetect = &value case "TCPHystartTrainCwnd": - procNetstat.TcpExt.TCPHystartTrainCwnd = value + procNetstat.TcpExt.TCPHystartTrainCwnd = &value case "TCPHystartDelayDetect": - procNetstat.TcpExt.TCPHystartDelayDetect = value + procNetstat.TcpExt.TCPHystartDelayDetect = &value case "TCPHystartDelayCwnd": - procNetstat.TcpExt.TCPHystartDelayCwnd = value + procNetstat.TcpExt.TCPHystartDelayCwnd = &value case "TCPACKSkippedSynRecv": - procNetstat.TcpExt.TCPACKSkippedSynRecv = value + procNetstat.TcpExt.TCPACKSkippedSynRecv = &value case "TCPACKSkippedPAWS": - procNetstat.TcpExt.TCPACKSkippedPAWS = value + procNetstat.TcpExt.TCPACKSkippedPAWS = &value case "TCPACKSkippedSeq": - procNetstat.TcpExt.TCPACKSkippedSeq = value + procNetstat.TcpExt.TCPACKSkippedSeq = &value case "TCPACKSkippedFinWait2": - procNetstat.TcpExt.TCPACKSkippedFinWait2 = value + procNetstat.TcpExt.TCPACKSkippedFinWait2 = &value case "TCPACKSkippedTimeWait": - procNetstat.TcpExt.TCPACKSkippedTimeWait = value + procNetstat.TcpExt.TCPACKSkippedTimeWait = &value case "TCPACKSkippedChallenge": - procNetstat.TcpExt.TCPACKSkippedChallenge = value + procNetstat.TcpExt.TCPACKSkippedChallenge = &value case "TCPWinProbe": - procNetstat.TcpExt.TCPWinProbe = value + procNetstat.TcpExt.TCPWinProbe = &value case "TCPKeepAlive": - procNetstat.TcpExt.TCPKeepAlive = value + procNetstat.TcpExt.TCPKeepAlive = &value case "TCPMTUPFail": - procNetstat.TcpExt.TCPMTUPFail = value + procNetstat.TcpExt.TCPMTUPFail = &value case "TCPMTUPSuccess": - procNetstat.TcpExt.TCPMTUPSuccess = value + procNetstat.TcpExt.TCPMTUPSuccess = &value case "TCPWqueueTooBig": - procNetstat.TcpExt.TCPWqueueTooBig = value + procNetstat.TcpExt.TCPWqueueTooBig = &value } case "IpExt": switch key { case "InNoRoutes": - procNetstat.IpExt.InNoRoutes = value + procNetstat.IpExt.InNoRoutes = &value case "InTruncatedPkts": - procNetstat.IpExt.InTruncatedPkts = value + procNetstat.IpExt.InTruncatedPkts = &value case "InMcastPkts": - procNetstat.IpExt.InMcastPkts = value + procNetstat.IpExt.InMcastPkts = &value case "OutMcastPkts": - procNetstat.IpExt.OutMcastPkts = value + procNetstat.IpExt.OutMcastPkts = &value case "InBcastPkts": - procNetstat.IpExt.InBcastPkts = value + procNetstat.IpExt.InBcastPkts = &value case "OutBcastPkts": - procNetstat.IpExt.OutBcastPkts = value + procNetstat.IpExt.OutBcastPkts = &value case "InOctets": - procNetstat.IpExt.InOctets = value + procNetstat.IpExt.InOctets = &value case "OutOctets": - procNetstat.IpExt.OutOctets = value + procNetstat.IpExt.OutOctets = &value case "InMcastOctets": - procNetstat.IpExt.InMcastOctets = value + procNetstat.IpExt.InMcastOctets = &value case "OutMcastOctets": - procNetstat.IpExt.OutMcastOctets = value + procNetstat.IpExt.OutMcastOctets = &value case "InBcastOctets": - procNetstat.IpExt.InBcastOctets = value + procNetstat.IpExt.InBcastOctets = &value case "OutBcastOctets": - procNetstat.IpExt.OutBcastOctets = value + procNetstat.IpExt.OutBcastOctets = &value case "InCsumErrors": - procNetstat.IpExt.InCsumErrors = value + procNetstat.IpExt.InCsumErrors = &value case "InNoECTPkts": - procNetstat.IpExt.InNoECTPkts = value + procNetstat.IpExt.InNoECTPkts = &value case "InECT1Pkts": - procNetstat.IpExt.InECT1Pkts = value + procNetstat.IpExt.InECT1Pkts = &value case "InECT0Pkts": - procNetstat.IpExt.InECT0Pkts = value + procNetstat.IpExt.InECT0Pkts = &value case "InCEPkts": - procNetstat.IpExt.InCEPkts = value + procNetstat.IpExt.InCEPkts = &value case "ReasmOverlaps": - procNetstat.IpExt.ReasmOverlaps = value + procNetstat.IpExt.ReasmOverlaps = &value } } } diff --git a/vendor/github.com/prometheus/procfs/proc_snmp.go b/vendor/github.com/prometheus/procfs/proc_snmp.go index ae191896c..6c46b7188 100644 --- a/vendor/github.com/prometheus/procfs/proc_snmp.go +++ b/vendor/github.com/prometheus/procfs/proc_snmp.go @@ -37,100 +37,100 @@ type ProcSnmp struct { } type Ip struct { // nolint:revive - Forwarding float64 - DefaultTTL float64 - InReceives float64 - InHdrErrors float64 - InAddrErrors float64 - ForwDatagrams float64 - InUnknownProtos float64 - InDiscards float64 - InDelivers float64 - OutRequests float64 - OutDiscards float64 - OutNoRoutes float64 - ReasmTimeout float64 - ReasmReqds float64 - ReasmOKs float64 - ReasmFails float64 - FragOKs float64 - FragFails float64 - FragCreates float64 + Forwarding *float64 + DefaultTTL *float64 + InReceives *float64 + InHdrErrors *float64 + InAddrErrors *float64 + ForwDatagrams *float64 + InUnknownProtos *float64 + InDiscards *float64 + InDelivers *float64 + OutRequests *float64 + OutDiscards *float64 + OutNoRoutes *float64 + ReasmTimeout *float64 + ReasmReqds *float64 + ReasmOKs *float64 + ReasmFails *float64 + FragOKs *float64 + FragFails *float64 + FragCreates *float64 } -type Icmp struct { - InMsgs float64 - InErrors float64 - InCsumErrors float64 - InDestUnreachs float64 - InTimeExcds float64 - InParmProbs float64 - InSrcQuenchs float64 - InRedirects float64 - InEchos float64 - InEchoReps float64 - InTimestamps float64 - InTimestampReps float64 - InAddrMasks float64 - InAddrMaskReps float64 - OutMsgs float64 - OutErrors float64 - OutDestUnreachs float64 - OutTimeExcds float64 - OutParmProbs float64 - OutSrcQuenchs float64 - OutRedirects float64 - OutEchos float64 - OutEchoReps float64 - OutTimestamps float64 - OutTimestampReps float64 - OutAddrMasks float64 - OutAddrMaskReps float64 +type Icmp struct { // nolint:revive + InMsgs *float64 + InErrors *float64 + InCsumErrors *float64 + InDestUnreachs *float64 + InTimeExcds *float64 + InParmProbs *float64 + InSrcQuenchs *float64 + InRedirects *float64 + InEchos *float64 + InEchoReps *float64 + InTimestamps *float64 + InTimestampReps *float64 + InAddrMasks *float64 + InAddrMaskReps *float64 + OutMsgs *float64 + OutErrors *float64 + OutDestUnreachs *float64 + OutTimeExcds *float64 + OutParmProbs *float64 + OutSrcQuenchs *float64 + OutRedirects *float64 + OutEchos *float64 + OutEchoReps *float64 + OutTimestamps *float64 + OutTimestampReps *float64 + OutAddrMasks *float64 + OutAddrMaskReps *float64 } type IcmpMsg struct { - InType3 float64 - OutType3 float64 + InType3 *float64 + OutType3 *float64 } type Tcp struct { // nolint:revive - RtoAlgorithm float64 - RtoMin float64 - RtoMax float64 - MaxConn float64 - ActiveOpens float64 - PassiveOpens float64 - AttemptFails float64 - EstabResets float64 - CurrEstab float64 - InSegs float64 - OutSegs float64 - RetransSegs float64 - InErrs float64 - OutRsts float64 - InCsumErrors float64 + RtoAlgorithm *float64 + RtoMin *float64 + RtoMax *float64 + MaxConn *float64 + ActiveOpens *float64 + PassiveOpens *float64 + AttemptFails *float64 + EstabResets *float64 + CurrEstab *float64 + InSegs *float64 + OutSegs *float64 + RetransSegs *float64 + InErrs *float64 + OutRsts *float64 + InCsumErrors *float64 } type Udp struct { // nolint:revive - InDatagrams float64 - NoPorts float64 - InErrors float64 - OutDatagrams float64 - RcvbufErrors float64 - SndbufErrors float64 - InCsumErrors float64 - IgnoredMulti float64 + InDatagrams *float64 + NoPorts *float64 + InErrors *float64 + OutDatagrams *float64 + RcvbufErrors *float64 + SndbufErrors *float64 + InCsumErrors *float64 + IgnoredMulti *float64 } type UdpLite struct { // nolint:revive - InDatagrams float64 - NoPorts float64 - InErrors float64 - OutDatagrams float64 - RcvbufErrors float64 - SndbufErrors float64 - InCsumErrors float64 - IgnoredMulti float64 + InDatagrams *float64 + NoPorts *float64 + InErrors *float64 + OutDatagrams *float64 + RcvbufErrors *float64 + SndbufErrors *float64 + InCsumErrors *float64 + IgnoredMulti *float64 } func (p Proc) Snmp() (ProcSnmp, error) { @@ -173,178 +173,178 @@ func parseSnmp(r io.Reader, fileName string) (ProcSnmp, error) { case "Ip": switch key { case "Forwarding": - procSnmp.Ip.Forwarding = value + procSnmp.Ip.Forwarding = &value case "DefaultTTL": - procSnmp.Ip.DefaultTTL = value + procSnmp.Ip.DefaultTTL = &value case "InReceives": - procSnmp.Ip.InReceives = value + procSnmp.Ip.InReceives = &value case "InHdrErrors": - procSnmp.Ip.InHdrErrors = value + procSnmp.Ip.InHdrErrors = &value case "InAddrErrors": - procSnmp.Ip.InAddrErrors = value + procSnmp.Ip.InAddrErrors = &value case "ForwDatagrams": - procSnmp.Ip.ForwDatagrams = value + procSnmp.Ip.ForwDatagrams = &value case "InUnknownProtos": - procSnmp.Ip.InUnknownProtos = value + procSnmp.Ip.InUnknownProtos = &value case "InDiscards": - procSnmp.Ip.InDiscards = value + procSnmp.Ip.InDiscards = &value case "InDelivers": - procSnmp.Ip.InDelivers = value + procSnmp.Ip.InDelivers = &value case "OutRequests": - procSnmp.Ip.OutRequests = value + procSnmp.Ip.OutRequests = &value case "OutDiscards": - procSnmp.Ip.OutDiscards = value + procSnmp.Ip.OutDiscards = &value case "OutNoRoutes": - procSnmp.Ip.OutNoRoutes = value + procSnmp.Ip.OutNoRoutes = &value case "ReasmTimeout": - procSnmp.Ip.ReasmTimeout = value + procSnmp.Ip.ReasmTimeout = &value case "ReasmReqds": - procSnmp.Ip.ReasmReqds = value + procSnmp.Ip.ReasmReqds = &value case "ReasmOKs": - procSnmp.Ip.ReasmOKs = value + procSnmp.Ip.ReasmOKs = &value case "ReasmFails": - procSnmp.Ip.ReasmFails = value + procSnmp.Ip.ReasmFails = &value case "FragOKs": - procSnmp.Ip.FragOKs = value + procSnmp.Ip.FragOKs = &value case "FragFails": - procSnmp.Ip.FragFails = value + procSnmp.Ip.FragFails = &value case "FragCreates": - procSnmp.Ip.FragCreates = value + procSnmp.Ip.FragCreates = &value } case "Icmp": switch key { case "InMsgs": - procSnmp.Icmp.InMsgs = value + procSnmp.Icmp.InMsgs = &value case "InErrors": - procSnmp.Icmp.InErrors = value + procSnmp.Icmp.InErrors = &value case "InCsumErrors": - procSnmp.Icmp.InCsumErrors = value + procSnmp.Icmp.InCsumErrors = &value case "InDestUnreachs": - procSnmp.Icmp.InDestUnreachs = value + procSnmp.Icmp.InDestUnreachs = &value case "InTimeExcds": - procSnmp.Icmp.InTimeExcds = value + procSnmp.Icmp.InTimeExcds = &value case "InParmProbs": - procSnmp.Icmp.InParmProbs = value + procSnmp.Icmp.InParmProbs = &value case "InSrcQuenchs": - procSnmp.Icmp.InSrcQuenchs = value + procSnmp.Icmp.InSrcQuenchs = &value case "InRedirects": - procSnmp.Icmp.InRedirects = value + procSnmp.Icmp.InRedirects = &value case "InEchos": - procSnmp.Icmp.InEchos = value + procSnmp.Icmp.InEchos = &value case "InEchoReps": - procSnmp.Icmp.InEchoReps = value + procSnmp.Icmp.InEchoReps = &value case "InTimestamps": - procSnmp.Icmp.InTimestamps = value + procSnmp.Icmp.InTimestamps = &value case "InTimestampReps": - procSnmp.Icmp.InTimestampReps = value + procSnmp.Icmp.InTimestampReps = &value case "InAddrMasks": - procSnmp.Icmp.InAddrMasks = value + procSnmp.Icmp.InAddrMasks = &value case "InAddrMaskReps": - procSnmp.Icmp.InAddrMaskReps = value + procSnmp.Icmp.InAddrMaskReps = &value case "OutMsgs": - procSnmp.Icmp.OutMsgs = value + procSnmp.Icmp.OutMsgs = &value case "OutErrors": - procSnmp.Icmp.OutErrors = value + procSnmp.Icmp.OutErrors = &value case "OutDestUnreachs": - procSnmp.Icmp.OutDestUnreachs = value + procSnmp.Icmp.OutDestUnreachs = &value case "OutTimeExcds": - procSnmp.Icmp.OutTimeExcds = value + procSnmp.Icmp.OutTimeExcds = &value case "OutParmProbs": - procSnmp.Icmp.OutParmProbs = value + procSnmp.Icmp.OutParmProbs = &value case "OutSrcQuenchs": - procSnmp.Icmp.OutSrcQuenchs = value + procSnmp.Icmp.OutSrcQuenchs = &value case "OutRedirects": - procSnmp.Icmp.OutRedirects = value + procSnmp.Icmp.OutRedirects = &value case "OutEchos": - procSnmp.Icmp.OutEchos = value + procSnmp.Icmp.OutEchos = &value case "OutEchoReps": - procSnmp.Icmp.OutEchoReps = value + procSnmp.Icmp.OutEchoReps = &value case "OutTimestamps": - procSnmp.Icmp.OutTimestamps = value + procSnmp.Icmp.OutTimestamps = &value case "OutTimestampReps": - procSnmp.Icmp.OutTimestampReps = value + procSnmp.Icmp.OutTimestampReps = &value case "OutAddrMasks": - procSnmp.Icmp.OutAddrMasks = value + procSnmp.Icmp.OutAddrMasks = &value case "OutAddrMaskReps": - procSnmp.Icmp.OutAddrMaskReps = value + procSnmp.Icmp.OutAddrMaskReps = &value } case "IcmpMsg": switch key { case "InType3": - procSnmp.IcmpMsg.InType3 = value + procSnmp.IcmpMsg.InType3 = &value case "OutType3": - procSnmp.IcmpMsg.OutType3 = value + procSnmp.IcmpMsg.OutType3 = &value } case "Tcp": switch key { case "RtoAlgorithm": - procSnmp.Tcp.RtoAlgorithm = value + procSnmp.Tcp.RtoAlgorithm = &value case "RtoMin": - procSnmp.Tcp.RtoMin = value + procSnmp.Tcp.RtoMin = &value case "RtoMax": - procSnmp.Tcp.RtoMax = value + procSnmp.Tcp.RtoMax = &value case "MaxConn": - procSnmp.Tcp.MaxConn = value + procSnmp.Tcp.MaxConn = &value case "ActiveOpens": - procSnmp.Tcp.ActiveOpens = value + procSnmp.Tcp.ActiveOpens = &value case "PassiveOpens": - procSnmp.Tcp.PassiveOpens = value + procSnmp.Tcp.PassiveOpens = &value case "AttemptFails": - procSnmp.Tcp.AttemptFails = value + procSnmp.Tcp.AttemptFails = &value case "EstabResets": - procSnmp.Tcp.EstabResets = value + procSnmp.Tcp.EstabResets = &value case "CurrEstab": - procSnmp.Tcp.CurrEstab = value + procSnmp.Tcp.CurrEstab = &value case "InSegs": - procSnmp.Tcp.InSegs = value + procSnmp.Tcp.InSegs = &value case "OutSegs": - procSnmp.Tcp.OutSegs = value + procSnmp.Tcp.OutSegs = &value case "RetransSegs": - procSnmp.Tcp.RetransSegs = value + procSnmp.Tcp.RetransSegs = &value case "InErrs": - procSnmp.Tcp.InErrs = value + procSnmp.Tcp.InErrs = &value case "OutRsts": - procSnmp.Tcp.OutRsts = value + procSnmp.Tcp.OutRsts = &value case "InCsumErrors": - procSnmp.Tcp.InCsumErrors = value + procSnmp.Tcp.InCsumErrors = &value } case "Udp": switch key { case "InDatagrams": - procSnmp.Udp.InDatagrams = value + procSnmp.Udp.InDatagrams = &value case "NoPorts": - procSnmp.Udp.NoPorts = value + procSnmp.Udp.NoPorts = &value case "InErrors": - procSnmp.Udp.InErrors = value + procSnmp.Udp.InErrors = &value case "OutDatagrams": - procSnmp.Udp.OutDatagrams = value + procSnmp.Udp.OutDatagrams = &value case "RcvbufErrors": - procSnmp.Udp.RcvbufErrors = value + procSnmp.Udp.RcvbufErrors = &value case "SndbufErrors": - procSnmp.Udp.SndbufErrors = value + procSnmp.Udp.SndbufErrors = &value case "InCsumErrors": - procSnmp.Udp.InCsumErrors = value + procSnmp.Udp.InCsumErrors = &value case "IgnoredMulti": - procSnmp.Udp.IgnoredMulti = value + procSnmp.Udp.IgnoredMulti = &value } case "UdpLite": switch key { case "InDatagrams": - procSnmp.UdpLite.InDatagrams = value + procSnmp.UdpLite.InDatagrams = &value case "NoPorts": - procSnmp.UdpLite.NoPorts = value + procSnmp.UdpLite.NoPorts = &value case "InErrors": - procSnmp.UdpLite.InErrors = value + procSnmp.UdpLite.InErrors = &value case "OutDatagrams": - procSnmp.UdpLite.OutDatagrams = value + procSnmp.UdpLite.OutDatagrams = &value case "RcvbufErrors": - procSnmp.UdpLite.RcvbufErrors = value + procSnmp.UdpLite.RcvbufErrors = &value case "SndbufErrors": - procSnmp.UdpLite.SndbufErrors = value + procSnmp.UdpLite.SndbufErrors = &value case "InCsumErrors": - procSnmp.UdpLite.InCsumErrors = value + procSnmp.UdpLite.InCsumErrors = &value case "IgnoredMulti": - procSnmp.UdpLite.IgnoredMulti = value + procSnmp.UdpLite.IgnoredMulti = &value } } } diff --git a/vendor/github.com/prometheus/procfs/proc_snmp6.go b/vendor/github.com/prometheus/procfs/proc_snmp6.go index f611992d5..3059cc6a1 100644 --- a/vendor/github.com/prometheus/procfs/proc_snmp6.go +++ b/vendor/github.com/prometheus/procfs/proc_snmp6.go @@ -36,106 +36,106 @@ type ProcSnmp6 struct { } type Ip6 struct { // nolint:revive - InReceives float64 - InHdrErrors float64 - InTooBigErrors float64 - InNoRoutes float64 - InAddrErrors float64 - InUnknownProtos float64 - InTruncatedPkts float64 - InDiscards float64 - InDelivers float64 - OutForwDatagrams float64 - OutRequests float64 - OutDiscards float64 - OutNoRoutes float64 - ReasmTimeout float64 - ReasmReqds float64 - ReasmOKs float64 - ReasmFails float64 - FragOKs float64 - FragFails float64 - FragCreates float64 - InMcastPkts float64 - OutMcastPkts float64 - InOctets float64 - OutOctets float64 - InMcastOctets float64 - OutMcastOctets float64 - InBcastOctets float64 - OutBcastOctets float64 - InNoECTPkts float64 - InECT1Pkts float64 - InECT0Pkts float64 - InCEPkts float64 + InReceives *float64 + InHdrErrors *float64 + InTooBigErrors *float64 + InNoRoutes *float64 + InAddrErrors *float64 + InUnknownProtos *float64 + InTruncatedPkts *float64 + InDiscards *float64 + InDelivers *float64 + OutForwDatagrams *float64 + OutRequests *float64 + OutDiscards *float64 + OutNoRoutes *float64 + ReasmTimeout *float64 + ReasmReqds *float64 + ReasmOKs *float64 + ReasmFails *float64 + FragOKs *float64 + FragFails *float64 + FragCreates *float64 + InMcastPkts *float64 + OutMcastPkts *float64 + InOctets *float64 + OutOctets *float64 + InMcastOctets *float64 + OutMcastOctets *float64 + InBcastOctets *float64 + OutBcastOctets *float64 + InNoECTPkts *float64 + InECT1Pkts *float64 + InECT0Pkts *float64 + InCEPkts *float64 } type Icmp6 struct { - InMsgs float64 - InErrors float64 - OutMsgs float64 - OutErrors float64 - InCsumErrors float64 - InDestUnreachs float64 - InPktTooBigs float64 - InTimeExcds float64 - InParmProblems float64 - InEchos float64 - InEchoReplies float64 - InGroupMembQueries float64 - InGroupMembResponses float64 - InGroupMembReductions float64 - InRouterSolicits float64 - InRouterAdvertisements float64 - InNeighborSolicits float64 - InNeighborAdvertisements float64 - InRedirects float64 - InMLDv2Reports float64 - OutDestUnreachs float64 - OutPktTooBigs float64 - OutTimeExcds float64 - OutParmProblems float64 - OutEchos float64 - OutEchoReplies float64 - OutGroupMembQueries float64 - OutGroupMembResponses float64 - OutGroupMembReductions float64 - OutRouterSolicits float64 - OutRouterAdvertisements float64 - OutNeighborSolicits float64 - OutNeighborAdvertisements float64 - OutRedirects float64 - OutMLDv2Reports float64 - InType1 float64 - InType134 float64 - InType135 float64 - InType136 float64 - InType143 float64 - OutType133 float64 - OutType135 float64 - OutType136 float64 - OutType143 float64 + InMsgs *float64 + InErrors *float64 + OutMsgs *float64 + OutErrors *float64 + InCsumErrors *float64 + InDestUnreachs *float64 + InPktTooBigs *float64 + InTimeExcds *float64 + InParmProblems *float64 + InEchos *float64 + InEchoReplies *float64 + InGroupMembQueries *float64 + InGroupMembResponses *float64 + InGroupMembReductions *float64 + InRouterSolicits *float64 + InRouterAdvertisements *float64 + InNeighborSolicits *float64 + InNeighborAdvertisements *float64 + InRedirects *float64 + InMLDv2Reports *float64 + OutDestUnreachs *float64 + OutPktTooBigs *float64 + OutTimeExcds *float64 + OutParmProblems *float64 + OutEchos *float64 + OutEchoReplies *float64 + OutGroupMembQueries *float64 + OutGroupMembResponses *float64 + OutGroupMembReductions *float64 + OutRouterSolicits *float64 + OutRouterAdvertisements *float64 + OutNeighborSolicits *float64 + OutNeighborAdvertisements *float64 + OutRedirects *float64 + OutMLDv2Reports *float64 + InType1 *float64 + InType134 *float64 + InType135 *float64 + InType136 *float64 + InType143 *float64 + OutType133 *float64 + OutType135 *float64 + OutType136 *float64 + OutType143 *float64 } type Udp6 struct { // nolint:revive - InDatagrams float64 - NoPorts float64 - InErrors float64 - OutDatagrams float64 - RcvbufErrors float64 - SndbufErrors float64 - InCsumErrors float64 - IgnoredMulti float64 + InDatagrams *float64 + NoPorts *float64 + InErrors *float64 + OutDatagrams *float64 + RcvbufErrors *float64 + SndbufErrors *float64 + InCsumErrors *float64 + IgnoredMulti *float64 } type UdpLite6 struct { // nolint:revive - InDatagrams float64 - NoPorts float64 - InErrors float64 - OutDatagrams float64 - RcvbufErrors float64 - SndbufErrors float64 - InCsumErrors float64 + InDatagrams *float64 + NoPorts *float64 + InErrors *float64 + OutDatagrams *float64 + RcvbufErrors *float64 + SndbufErrors *float64 + InCsumErrors *float64 } func (p Proc) Snmp6() (ProcSnmp6, error) { @@ -182,197 +182,197 @@ func parseSNMP6Stats(r io.Reader) (ProcSnmp6, error) { case "Ip6": switch key { case "InReceives": - procSnmp6.Ip6.InReceives = value + procSnmp6.Ip6.InReceives = &value case "InHdrErrors": - procSnmp6.Ip6.InHdrErrors = value + procSnmp6.Ip6.InHdrErrors = &value case "InTooBigErrors": - procSnmp6.Ip6.InTooBigErrors = value + procSnmp6.Ip6.InTooBigErrors = &value case "InNoRoutes": - procSnmp6.Ip6.InNoRoutes = value + procSnmp6.Ip6.InNoRoutes = &value case "InAddrErrors": - procSnmp6.Ip6.InAddrErrors = value + procSnmp6.Ip6.InAddrErrors = &value case "InUnknownProtos": - procSnmp6.Ip6.InUnknownProtos = value + procSnmp6.Ip6.InUnknownProtos = &value case "InTruncatedPkts": - procSnmp6.Ip6.InTruncatedPkts = value + procSnmp6.Ip6.InTruncatedPkts = &value case "InDiscards": - procSnmp6.Ip6.InDiscards = value + procSnmp6.Ip6.InDiscards = &value case "InDelivers": - procSnmp6.Ip6.InDelivers = value + procSnmp6.Ip6.InDelivers = &value case "OutForwDatagrams": - procSnmp6.Ip6.OutForwDatagrams = value + procSnmp6.Ip6.OutForwDatagrams = &value case "OutRequests": - procSnmp6.Ip6.OutRequests = value + procSnmp6.Ip6.OutRequests = &value case "OutDiscards": - procSnmp6.Ip6.OutDiscards = value + procSnmp6.Ip6.OutDiscards = &value case "OutNoRoutes": - procSnmp6.Ip6.OutNoRoutes = value + procSnmp6.Ip6.OutNoRoutes = &value case "ReasmTimeout": - procSnmp6.Ip6.ReasmTimeout = value + procSnmp6.Ip6.ReasmTimeout = &value case "ReasmReqds": - procSnmp6.Ip6.ReasmReqds = value + procSnmp6.Ip6.ReasmReqds = &value case "ReasmOKs": - procSnmp6.Ip6.ReasmOKs = value + procSnmp6.Ip6.ReasmOKs = &value case "ReasmFails": - procSnmp6.Ip6.ReasmFails = value + procSnmp6.Ip6.ReasmFails = &value case "FragOKs": - procSnmp6.Ip6.FragOKs = value + procSnmp6.Ip6.FragOKs = &value case "FragFails": - procSnmp6.Ip6.FragFails = value + procSnmp6.Ip6.FragFails = &value case "FragCreates": - procSnmp6.Ip6.FragCreates = value + procSnmp6.Ip6.FragCreates = &value case "InMcastPkts": - procSnmp6.Ip6.InMcastPkts = value + procSnmp6.Ip6.InMcastPkts = &value case "OutMcastPkts": - procSnmp6.Ip6.OutMcastPkts = value + procSnmp6.Ip6.OutMcastPkts = &value case "InOctets": - procSnmp6.Ip6.InOctets = value + procSnmp6.Ip6.InOctets = &value case "OutOctets": - procSnmp6.Ip6.OutOctets = value + procSnmp6.Ip6.OutOctets = &value case "InMcastOctets": - procSnmp6.Ip6.InMcastOctets = value + procSnmp6.Ip6.InMcastOctets = &value case "OutMcastOctets": - procSnmp6.Ip6.OutMcastOctets = value + procSnmp6.Ip6.OutMcastOctets = &value case "InBcastOctets": - procSnmp6.Ip6.InBcastOctets = value + procSnmp6.Ip6.InBcastOctets = &value case "OutBcastOctets": - procSnmp6.Ip6.OutBcastOctets = value + procSnmp6.Ip6.OutBcastOctets = &value case "InNoECTPkts": - procSnmp6.Ip6.InNoECTPkts = value + procSnmp6.Ip6.InNoECTPkts = &value case "InECT1Pkts": - procSnmp6.Ip6.InECT1Pkts = value + procSnmp6.Ip6.InECT1Pkts = &value case "InECT0Pkts": - procSnmp6.Ip6.InECT0Pkts = value + procSnmp6.Ip6.InECT0Pkts = &value case "InCEPkts": - procSnmp6.Ip6.InCEPkts = value + procSnmp6.Ip6.InCEPkts = &value } case "Icmp6": switch key { case "InMsgs": - procSnmp6.Icmp6.InMsgs = value + procSnmp6.Icmp6.InMsgs = &value case "InErrors": - procSnmp6.Icmp6.InErrors = value + procSnmp6.Icmp6.InErrors = &value case "OutMsgs": - procSnmp6.Icmp6.OutMsgs = value + procSnmp6.Icmp6.OutMsgs = &value case "OutErrors": - procSnmp6.Icmp6.OutErrors = value + procSnmp6.Icmp6.OutErrors = &value case "InCsumErrors": - procSnmp6.Icmp6.InCsumErrors = value + procSnmp6.Icmp6.InCsumErrors = &value case "InDestUnreachs": - procSnmp6.Icmp6.InDestUnreachs = value + procSnmp6.Icmp6.InDestUnreachs = &value case "InPktTooBigs": - procSnmp6.Icmp6.InPktTooBigs = value + procSnmp6.Icmp6.InPktTooBigs = &value case "InTimeExcds": - procSnmp6.Icmp6.InTimeExcds = value + procSnmp6.Icmp6.InTimeExcds = &value case "InParmProblems": - procSnmp6.Icmp6.InParmProblems = value + procSnmp6.Icmp6.InParmProblems = &value case "InEchos": - procSnmp6.Icmp6.InEchos = value + procSnmp6.Icmp6.InEchos = &value case "InEchoReplies": - procSnmp6.Icmp6.InEchoReplies = value + procSnmp6.Icmp6.InEchoReplies = &value case "InGroupMembQueries": - procSnmp6.Icmp6.InGroupMembQueries = value + procSnmp6.Icmp6.InGroupMembQueries = &value case "InGroupMembResponses": - procSnmp6.Icmp6.InGroupMembResponses = value + procSnmp6.Icmp6.InGroupMembResponses = &value case "InGroupMembReductions": - procSnmp6.Icmp6.InGroupMembReductions = value + procSnmp6.Icmp6.InGroupMembReductions = &value case "InRouterSolicits": - procSnmp6.Icmp6.InRouterSolicits = value + procSnmp6.Icmp6.InRouterSolicits = &value case "InRouterAdvertisements": - procSnmp6.Icmp6.InRouterAdvertisements = value + procSnmp6.Icmp6.InRouterAdvertisements = &value case "InNeighborSolicits": - procSnmp6.Icmp6.InNeighborSolicits = value + procSnmp6.Icmp6.InNeighborSolicits = &value case "InNeighborAdvertisements": - procSnmp6.Icmp6.InNeighborAdvertisements = value + procSnmp6.Icmp6.InNeighborAdvertisements = &value case "InRedirects": - procSnmp6.Icmp6.InRedirects = value + procSnmp6.Icmp6.InRedirects = &value case "InMLDv2Reports": - procSnmp6.Icmp6.InMLDv2Reports = value + procSnmp6.Icmp6.InMLDv2Reports = &value case "OutDestUnreachs": - procSnmp6.Icmp6.OutDestUnreachs = value + procSnmp6.Icmp6.OutDestUnreachs = &value case "OutPktTooBigs": - procSnmp6.Icmp6.OutPktTooBigs = value + procSnmp6.Icmp6.OutPktTooBigs = &value case "OutTimeExcds": - procSnmp6.Icmp6.OutTimeExcds = value + procSnmp6.Icmp6.OutTimeExcds = &value case "OutParmProblems": - procSnmp6.Icmp6.OutParmProblems = value + procSnmp6.Icmp6.OutParmProblems = &value case "OutEchos": - procSnmp6.Icmp6.OutEchos = value + procSnmp6.Icmp6.OutEchos = &value case "OutEchoReplies": - procSnmp6.Icmp6.OutEchoReplies = value + procSnmp6.Icmp6.OutEchoReplies = &value case "OutGroupMembQueries": - procSnmp6.Icmp6.OutGroupMembQueries = value + procSnmp6.Icmp6.OutGroupMembQueries = &value case "OutGroupMembResponses": - procSnmp6.Icmp6.OutGroupMembResponses = value + procSnmp6.Icmp6.OutGroupMembResponses = &value case "OutGroupMembReductions": - procSnmp6.Icmp6.OutGroupMembReductions = value + procSnmp6.Icmp6.OutGroupMembReductions = &value case "OutRouterSolicits": - procSnmp6.Icmp6.OutRouterSolicits = value + procSnmp6.Icmp6.OutRouterSolicits = &value case "OutRouterAdvertisements": - procSnmp6.Icmp6.OutRouterAdvertisements = value + procSnmp6.Icmp6.OutRouterAdvertisements = &value case "OutNeighborSolicits": - procSnmp6.Icmp6.OutNeighborSolicits = value + procSnmp6.Icmp6.OutNeighborSolicits = &value case "OutNeighborAdvertisements": - procSnmp6.Icmp6.OutNeighborAdvertisements = value + procSnmp6.Icmp6.OutNeighborAdvertisements = &value case "OutRedirects": - procSnmp6.Icmp6.OutRedirects = value + procSnmp6.Icmp6.OutRedirects = &value case "OutMLDv2Reports": - procSnmp6.Icmp6.OutMLDv2Reports = value + procSnmp6.Icmp6.OutMLDv2Reports = &value case "InType1": - procSnmp6.Icmp6.InType1 = value + procSnmp6.Icmp6.InType1 = &value case "InType134": - procSnmp6.Icmp6.InType134 = value + procSnmp6.Icmp6.InType134 = &value case "InType135": - procSnmp6.Icmp6.InType135 = value + procSnmp6.Icmp6.InType135 = &value case "InType136": - procSnmp6.Icmp6.InType136 = value + procSnmp6.Icmp6.InType136 = &value case "InType143": - procSnmp6.Icmp6.InType143 = value + procSnmp6.Icmp6.InType143 = &value case "OutType133": - procSnmp6.Icmp6.OutType133 = value + procSnmp6.Icmp6.OutType133 = &value case "OutType135": - procSnmp6.Icmp6.OutType135 = value + procSnmp6.Icmp6.OutType135 = &value case "OutType136": - procSnmp6.Icmp6.OutType136 = value + procSnmp6.Icmp6.OutType136 = &value case "OutType143": - procSnmp6.Icmp6.OutType143 = value + procSnmp6.Icmp6.OutType143 = &value } case "Udp6": switch key { case "InDatagrams": - procSnmp6.Udp6.InDatagrams = value + procSnmp6.Udp6.InDatagrams = &value case "NoPorts": - procSnmp6.Udp6.NoPorts = value + procSnmp6.Udp6.NoPorts = &value case "InErrors": - procSnmp6.Udp6.InErrors = value + procSnmp6.Udp6.InErrors = &value case "OutDatagrams": - procSnmp6.Udp6.OutDatagrams = value + procSnmp6.Udp6.OutDatagrams = &value case "RcvbufErrors": - procSnmp6.Udp6.RcvbufErrors = value + procSnmp6.Udp6.RcvbufErrors = &value case "SndbufErrors": - procSnmp6.Udp6.SndbufErrors = value + procSnmp6.Udp6.SndbufErrors = &value case "InCsumErrors": - procSnmp6.Udp6.InCsumErrors = value + procSnmp6.Udp6.InCsumErrors = &value case "IgnoredMulti": - procSnmp6.Udp6.IgnoredMulti = value + procSnmp6.Udp6.IgnoredMulti = &value } case "UdpLite6": switch key { case "InDatagrams": - procSnmp6.UdpLite6.InDatagrams = value + procSnmp6.UdpLite6.InDatagrams = &value case "NoPorts": - procSnmp6.UdpLite6.NoPorts = value + procSnmp6.UdpLite6.NoPorts = &value case "InErrors": - procSnmp6.UdpLite6.InErrors = value + procSnmp6.UdpLite6.InErrors = &value case "OutDatagrams": - procSnmp6.UdpLite6.OutDatagrams = value + procSnmp6.UdpLite6.OutDatagrams = &value case "RcvbufErrors": - procSnmp6.UdpLite6.RcvbufErrors = value + procSnmp6.UdpLite6.RcvbufErrors = &value case "SndbufErrors": - procSnmp6.UdpLite6.SndbufErrors = value + procSnmp6.UdpLite6.SndbufErrors = &value case "InCsumErrors": - procSnmp6.UdpLite6.InCsumErrors = value + procSnmp6.UdpLite6.InCsumErrors = &value } } } diff --git a/vendor/github.com/prometheus/procfs/proc_stat.go b/vendor/github.com/prometheus/procfs/proc_stat.go index 06c556ef9..b278eb2c2 100644 --- a/vendor/github.com/prometheus/procfs/proc_stat.go +++ b/vendor/github.com/prometheus/procfs/proc_stat.go @@ -102,6 +102,8 @@ type ProcStat struct { RSS int // Soft limit in bytes on the rss of the process. RSSLimit uint64 + // CPU number last executed on. + Processor uint // Real-time scheduling priority, a number in the range 1 to 99 for processes // scheduled under a real-time policy, or 0, for non-real-time processes. RTPriority uint @@ -184,7 +186,7 @@ func (p Proc) Stat() (ProcStat, error) { &ignoreUint64, &ignoreUint64, &ignoreInt64, - &ignoreInt64, + &s.Processor, &s.RTPriority, &s.Policy, &s.DelayAcctBlkIOTicks, diff --git a/vendor/github.com/prometheus/procfs/proc_status.go b/vendor/github.com/prometheus/procfs/proc_status.go index 594022ded..3d8c06439 100644 --- a/vendor/github.com/prometheus/procfs/proc_status.go +++ b/vendor/github.com/prometheus/procfs/proc_status.go @@ -96,10 +96,10 @@ func (p Proc) NewStatus() (ProcStatus, error) { kv := strings.SplitN(line, ":", 2) // removes spaces - k := string(strings.TrimSpace(kv[0])) - v := string(strings.TrimSpace(kv[1])) + k := strings.TrimSpace(kv[0]) + v := strings.TrimSpace(kv[1]) // removes "kB" - v = string(bytes.Trim([]byte(v), " kB")) + v = strings.TrimSuffix(v, " kB") // value to int when possible // we can skip error check here, 'cause vKBytes is not used when value is a string diff --git a/vendor/github.com/prometheus/procfs/stat.go b/vendor/github.com/prometheus/procfs/stat.go index 33f97caa0..586af48af 100644 --- a/vendor/github.com/prometheus/procfs/stat.go +++ b/vendor/github.com/prometheus/procfs/stat.go @@ -62,7 +62,7 @@ type Stat struct { // Summed up cpu statistics. CPUTotal CPUStat // Per-CPU statistics. - CPU []CPUStat + CPU map[int64]CPUStat // Number of times interrupts were handled, which contains numbered and unnumbered IRQs. IRQTotal uint64 // Number of times a numbered IRQ was triggered. @@ -170,10 +170,23 @@ func (fs FS) Stat() (Stat, error) { if err != nil { return Stat{}, err } + procStat, err := parseStat(bytes.NewReader(data), fileName) + if err != nil { + return Stat{}, err + } + return procStat, nil +} - stat := Stat{} +// parseStat parses the metrics from /proc/[pid]/stat. +func parseStat(r io.Reader, fileName string) (Stat, error) { + var ( + scanner = bufio.NewScanner(r) + stat = Stat{ + CPU: make(map[int64]CPUStat), + } + err error + ) - scanner := bufio.NewScanner(bytes.NewReader(data)) for scanner.Scan() { line := scanner.Text() parts := strings.Fields(scanner.Text()) @@ -228,9 +241,6 @@ func (fs FS) Stat() (Stat, error) { if cpuID == -1 { stat.CPUTotal = cpuStat } else { - for int64(len(stat.CPU)) <= cpuID { - stat.CPU = append(stat.CPU, CPUStat{}) - } stat.CPU[cpuID] = cpuStat } } diff --git a/vendor/github.com/prometheus/procfs/thread.go b/vendor/github.com/prometheus/procfs/thread.go new file mode 100644 index 000000000..f08bfc769 --- /dev/null +++ b/vendor/github.com/prometheus/procfs/thread.go @@ -0,0 +1,79 @@ +// Copyright 2022 The Prometheus Authors +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package procfs + +import ( + "fmt" + "os" + "strconv" + + fsi "github.com/prometheus/procfs/internal/fs" +) + +// Provide access to /proc/PID/task/TID files, for thread specific values. Since +// such files have the same structure as /proc/PID/ ones, the data structures +// and the parsers for the latter may be reused. + +// AllThreads returns a list of all currently available threads under /proc/PID. +func AllThreads(pid int) (Procs, error) { + fs, err := NewFS(DefaultMountPoint) + if err != nil { + return Procs{}, err + } + return fs.AllThreads(pid) +} + +// AllThreads returns a list of all currently available threads for PID. +func (fs FS) AllThreads(pid int) (Procs, error) { + taskPath := fs.proc.Path(strconv.Itoa(pid), "task") + d, err := os.Open(taskPath) + if err != nil { + return Procs{}, err + } + defer d.Close() + + names, err := d.Readdirnames(-1) + if err != nil { + return Procs{}, fmt.Errorf("could not read %q: %w", d.Name(), err) + } + + t := Procs{} + for _, n := range names { + tid, err := strconv.ParseInt(n, 10, 64) + if err != nil { + continue + } + t = append(t, Proc{PID: int(tid), fs: fsi.FS(taskPath)}) + } + + return t, nil +} + +// Thread returns a process for a given PID, TID. +func (fs FS) Thread(pid, tid int) (Proc, error) { + taskPath := fs.proc.Path(strconv.Itoa(pid), "task") + if _, err := os.Stat(taskPath); err != nil { + return Proc{}, err + } + return Proc{PID: tid, fs: fsi.FS(taskPath)}, nil +} + +// Thread returns a process for a given TID of Proc. +func (proc Proc) Thread(tid int) (Proc, error) { + tfs := fsi.FS(proc.path("task")) + if _, err := os.Stat(tfs.Path(strconv.Itoa(tid))); err != nil { + return Proc{}, err + } + return Proc{PID: tid, fs: tfs}, nil +} diff --git a/vendor/github.com/prometheus/procfs/vm.go b/vendor/github.com/prometheus/procfs/vm.go index 20ceb77e2..cdedcae99 100644 --- a/vendor/github.com/prometheus/procfs/vm.go +++ b/vendor/github.com/prometheus/procfs/vm.go @@ -26,7 +26,9 @@ import ( ) // The VM interface is described at -// https://www.kernel.org/doc/Documentation/sysctl/vm.txt +// +// https://www.kernel.org/doc/Documentation/sysctl/vm.txt +// // Each setting is exposed as a single file. // Each file contains one line with a single numerical value, except lowmem_reserve_ratio which holds an array // and numa_zonelist_order (deprecated) which is a string. diff --git a/vendor/github.com/stretchr/testify/assert/assertion_compare.go b/vendor/github.com/stretchr/testify/assert/assertion_compare.go index 41649d267..95d8e59da 100644 --- a/vendor/github.com/stretchr/testify/assert/assertion_compare.go +++ b/vendor/github.com/stretchr/testify/assert/assertion_compare.go @@ -1,8 +1,10 @@ package assert import ( + "bytes" "fmt" "reflect" + "time" ) type CompareType int @@ -30,6 +32,9 @@ var ( float64Type = reflect.TypeOf(float64(1)) stringType = reflect.TypeOf("") + + timeType = reflect.TypeOf(time.Time{}) + bytesType = reflect.TypeOf([]byte{}) ) func compare(obj1, obj2 interface{}, kind reflect.Kind) (CompareType, bool) { @@ -299,6 +304,47 @@ func compare(obj1, obj2 interface{}, kind reflect.Kind) (CompareType, bool) { return compareLess, true } } + // Check for known struct types we can check for compare results. + case reflect.Struct: + { + // All structs enter here. We're not interested in most types. + if !canConvert(obj1Value, timeType) { + break + } + + // time.Time can compared! + timeObj1, ok := obj1.(time.Time) + if !ok { + timeObj1 = obj1Value.Convert(timeType).Interface().(time.Time) + } + + timeObj2, ok := obj2.(time.Time) + if !ok { + timeObj2 = obj2Value.Convert(timeType).Interface().(time.Time) + } + + return compare(timeObj1.UnixNano(), timeObj2.UnixNano(), reflect.Int64) + } + case reflect.Slice: + { + // We only care about the []byte type. + if !canConvert(obj1Value, bytesType) { + break + } + + // []byte can be compared! + bytesObj1, ok := obj1.([]byte) + if !ok { + bytesObj1 = obj1Value.Convert(bytesType).Interface().([]byte) + + } + bytesObj2, ok := obj2.([]byte) + if !ok { + bytesObj2 = obj2Value.Convert(bytesType).Interface().([]byte) + } + + return CompareType(bytes.Compare(bytesObj1, bytesObj2)), true + } } return compareEqual, false @@ -310,7 +356,10 @@ func compare(obj1, obj2 interface{}, kind reflect.Kind) (CompareType, bool) { // assert.Greater(t, float64(2), float64(1)) // assert.Greater(t, "b", "a") func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { - return compareTwoValues(t, e1, e2, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs) + if h, ok := t.(tHelper); ok { + h.Helper() + } + return compareTwoValues(t, e1, e2, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs...) } // GreaterOrEqual asserts that the first element is greater than or equal to the second @@ -320,7 +369,10 @@ func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface // assert.GreaterOrEqual(t, "b", "a") // assert.GreaterOrEqual(t, "b", "b") func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { - return compareTwoValues(t, e1, e2, []CompareType{compareGreater, compareEqual}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs) + if h, ok := t.(tHelper); ok { + h.Helper() + } + return compareTwoValues(t, e1, e2, []CompareType{compareGreater, compareEqual}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs...) } // Less asserts that the first element is less than the second @@ -329,7 +381,10 @@ func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...in // assert.Less(t, float64(1), float64(2)) // assert.Less(t, "a", "b") func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { - return compareTwoValues(t, e1, e2, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs) + if h, ok := t.(tHelper); ok { + h.Helper() + } + return compareTwoValues(t, e1, e2, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs...) } // LessOrEqual asserts that the first element is less than or equal to the second @@ -339,7 +394,10 @@ func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) // assert.LessOrEqual(t, "a", "b") // assert.LessOrEqual(t, "b", "b") func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { - return compareTwoValues(t, e1, e2, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs) + if h, ok := t.(tHelper); ok { + h.Helper() + } + return compareTwoValues(t, e1, e2, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs...) } // Positive asserts that the specified element is positive @@ -347,8 +405,11 @@ func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...inter // assert.Positive(t, 1) // assert.Positive(t, 1.23) func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } zero := reflect.Zero(reflect.TypeOf(e)) - return compareTwoValues(t, e, zero.Interface(), []CompareType{compareGreater}, "\"%v\" is not positive", msgAndArgs) + return compareTwoValues(t, e, zero.Interface(), []CompareType{compareGreater}, "\"%v\" is not positive", msgAndArgs...) } // Negative asserts that the specified element is negative @@ -356,8 +417,11 @@ func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) bool { // assert.Negative(t, -1) // assert.Negative(t, -1.23) func Negative(t TestingT, e interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } zero := reflect.Zero(reflect.TypeOf(e)) - return compareTwoValues(t, e, zero.Interface(), []CompareType{compareLess}, "\"%v\" is not negative", msgAndArgs) + return compareTwoValues(t, e, zero.Interface(), []CompareType{compareLess}, "\"%v\" is not negative", msgAndArgs...) } func compareTwoValues(t TestingT, e1 interface{}, e2 interface{}, allowedComparesResults []CompareType, failMessage string, msgAndArgs ...interface{}) bool { diff --git a/vendor/github.com/stretchr/testify/assert/assertion_compare_can_convert.go b/vendor/github.com/stretchr/testify/assert/assertion_compare_can_convert.go new file mode 100644 index 000000000..da867903e --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/assertion_compare_can_convert.go @@ -0,0 +1,16 @@ +//go:build go1.17 +// +build go1.17 + +// TODO: once support for Go 1.16 is dropped, this file can be +// merged/removed with assertion_compare_go1.17_test.go and +// assertion_compare_legacy.go + +package assert + +import "reflect" + +// Wrapper around reflect.Value.CanConvert, for compatibility +// reasons. +func canConvert(value reflect.Value, to reflect.Type) bool { + return value.CanConvert(to) +} diff --git a/vendor/github.com/stretchr/testify/assert/assertion_compare_legacy.go b/vendor/github.com/stretchr/testify/assert/assertion_compare_legacy.go new file mode 100644 index 000000000..1701af2a3 --- /dev/null +++ b/vendor/github.com/stretchr/testify/assert/assertion_compare_legacy.go @@ -0,0 +1,16 @@ +//go:build !go1.17 +// +build !go1.17 + +// TODO: once support for Go 1.16 is dropped, this file can be +// merged/removed with assertion_compare_go1.17_test.go and +// assertion_compare_can_convert.go + +package assert + +import "reflect" + +// Older versions of Go does not have the reflect.Value.CanConvert +// method. +func canConvert(value reflect.Value, to reflect.Type) bool { + return false +} diff --git a/vendor/github.com/stretchr/testify/assert/assertion_format.go b/vendor/github.com/stretchr/testify/assert/assertion_format.go index 4dfd1229a..7880b8f94 100644 --- a/vendor/github.com/stretchr/testify/assert/assertion_format.go +++ b/vendor/github.com/stretchr/testify/assert/assertion_format.go @@ -123,6 +123,18 @@ func ErrorAsf(t TestingT, err error, target interface{}, msg string, args ...int return ErrorAs(t, err, target, append([]interface{}{msg}, args...)...) } +// ErrorContainsf asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// assert.ErrorContainsf(t, err, expectedErrorSubString, "error message %s", "formatted") +func ErrorContainsf(t TestingT, theError error, contains string, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return ErrorContains(t, theError, contains, append([]interface{}{msg}, args...)...) +} + // ErrorIsf asserts that at least one of the errors in err's chain matches target. // This is a wrapper for errors.Is. func ErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) bool { @@ -724,6 +736,16 @@ func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta tim return WithinDuration(t, expected, actual, delta, append([]interface{}{msg}, args...)...) } +// WithinRangef asserts that a time is within a time range (inclusive). +// +// assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +func WithinRangef(t TestingT, actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return WithinRange(t, actual, start, end, append([]interface{}{msg}, args...)...) +} + // YAMLEqf asserts that two YAML strings are equivalent. func YAMLEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { diff --git a/vendor/github.com/stretchr/testify/assert/assertion_forward.go b/vendor/github.com/stretchr/testify/assert/assertion_forward.go index 25337a6f0..339515b8b 100644 --- a/vendor/github.com/stretchr/testify/assert/assertion_forward.go +++ b/vendor/github.com/stretchr/testify/assert/assertion_forward.go @@ -222,6 +222,30 @@ func (a *Assertions) ErrorAsf(err error, target interface{}, msg string, args .. return ErrorAsf(a.t, err, target, msg, args...) } +// ErrorContains asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// a.ErrorContains(err, expectedErrorSubString) +func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ErrorContains(a.t, theError, contains, msgAndArgs...) +} + +// ErrorContainsf asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// a.ErrorContainsf(err, expectedErrorSubString, "error message %s", "formatted") +func (a *Assertions) ErrorContainsf(theError error, contains string, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return ErrorContainsf(a.t, theError, contains, msg, args...) +} + // ErrorIs asserts that at least one of the errors in err's chain matches target. // This is a wrapper for errors.Is. func (a *Assertions) ErrorIs(err error, target error, msgAndArgs ...interface{}) bool { @@ -1437,6 +1461,26 @@ func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta return WithinDurationf(a.t, expected, actual, delta, msg, args...) } +// WithinRange asserts that a time is within a time range (inclusive). +// +// a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return WithinRange(a.t, actual, start, end, msgAndArgs...) +} + +// WithinRangef asserts that a time is within a time range (inclusive). +// +// a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +func (a *Assertions) WithinRangef(actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return WithinRangef(a.t, actual, start, end, msg, args...) +} + // YAMLEq asserts that two YAML strings are equivalent. func (a *Assertions) YAMLEq(expected string, actual string, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { diff --git a/vendor/github.com/stretchr/testify/assert/assertion_order.go b/vendor/github.com/stretchr/testify/assert/assertion_order.go index 1c3b47182..759448783 100644 --- a/vendor/github.com/stretchr/testify/assert/assertion_order.go +++ b/vendor/github.com/stretchr/testify/assert/assertion_order.go @@ -50,7 +50,7 @@ func isOrdered(t TestingT, object interface{}, allowedComparesResults []CompareT // assert.IsIncreasing(t, []float{1, 2}) // assert.IsIncreasing(t, []string{"a", "b"}) func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { - return isOrdered(t, object, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs) + return isOrdered(t, object, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs...) } // IsNonIncreasing asserts that the collection is not increasing @@ -59,7 +59,7 @@ func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) boo // assert.IsNonIncreasing(t, []float{2, 1}) // assert.IsNonIncreasing(t, []string{"b", "a"}) func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { - return isOrdered(t, object, []CompareType{compareEqual, compareGreater}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs) + return isOrdered(t, object, []CompareType{compareEqual, compareGreater}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs...) } // IsDecreasing asserts that the collection is decreasing @@ -68,7 +68,7 @@ func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) // assert.IsDecreasing(t, []float{2, 1}) // assert.IsDecreasing(t, []string{"b", "a"}) func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { - return isOrdered(t, object, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs) + return isOrdered(t, object, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs...) } // IsNonDecreasing asserts that the collection is not decreasing @@ -77,5 +77,5 @@ func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) boo // assert.IsNonDecreasing(t, []float{1, 2}) // assert.IsNonDecreasing(t, []string{"a", "b"}) func IsNonDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { - return isOrdered(t, object, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs) + return isOrdered(t, object, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs...) } diff --git a/vendor/github.com/stretchr/testify/assert/assertions.go b/vendor/github.com/stretchr/testify/assert/assertions.go index bcac4401f..fa1245b18 100644 --- a/vendor/github.com/stretchr/testify/assert/assertions.go +++ b/vendor/github.com/stretchr/testify/assert/assertions.go @@ -8,6 +8,7 @@ import ( "fmt" "math" "os" + "path/filepath" "reflect" "regexp" "runtime" @@ -144,7 +145,8 @@ func CallerInfo() []string { if len(parts) > 1 { dir := parts[len(parts)-2] if (dir != "assert" && dir != "mock" && dir != "require") || file == "mock_test.go" { - callers = append(callers, fmt.Sprintf("%s:%d", file, line)) + path, _ := filepath.Abs(file) + callers = append(callers, fmt.Sprintf("%s:%d", path, line)) } } @@ -563,16 +565,17 @@ func isEmpty(object interface{}) bool { switch objValue.Kind() { // collection types are empty when they have no element - case reflect.Array, reflect.Chan, reflect.Map, reflect.Slice: + case reflect.Chan, reflect.Map, reflect.Slice: return objValue.Len() == 0 - // pointers are empty if nil or if the value they point to is empty + // pointers are empty if nil or if the value they point to is empty case reflect.Ptr: if objValue.IsNil() { return true } deref := objValue.Elem().Interface() return isEmpty(deref) - // for all other types, compare against the zero value + // for all other types, compare against the zero value + // array types are empty when they match their zero-initialized state default: zero := reflect.Zero(objValue.Type()) return reflect.DeepEqual(object, zero.Interface()) @@ -718,10 +721,14 @@ func NotEqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...inte // return (false, false) if impossible. // return (true, false) if element was not found. // return (true, true) if element was found. -func includeElement(list interface{}, element interface{}) (ok, found bool) { +func containsElement(list interface{}, element interface{}) (ok, found bool) { listValue := reflect.ValueOf(list) - listKind := reflect.TypeOf(list).Kind() + listType := reflect.TypeOf(list) + if listType == nil { + return false, false + } + listKind := listType.Kind() defer func() { if e := recover(); e != nil { ok = false @@ -764,7 +771,7 @@ func Contains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bo h.Helper() } - ok, found := includeElement(s, contains) + ok, found := containsElement(s, contains) if !ok { return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", s), msgAndArgs...) } @@ -787,7 +794,7 @@ func NotContains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) h.Helper() } - ok, found := includeElement(s, contains) + ok, found := containsElement(s, contains) if !ok { return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", s), msgAndArgs...) } @@ -811,7 +818,6 @@ func Subset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok return true // we consider nil to be equal to the nil set } - subsetValue := reflect.ValueOf(subset) defer func() { if e := recover(); e != nil { ok = false @@ -821,17 +827,35 @@ func Subset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok listKind := reflect.TypeOf(list).Kind() subsetKind := reflect.TypeOf(subset).Kind() - if listKind != reflect.Array && listKind != reflect.Slice { + if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...) } - if subsetKind != reflect.Array && subsetKind != reflect.Slice { + if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...) } + subsetValue := reflect.ValueOf(subset) + if subsetKind == reflect.Map && listKind == reflect.Map { + listValue := reflect.ValueOf(list) + subsetKeys := subsetValue.MapKeys() + + for i := 0; i < len(subsetKeys); i++ { + subsetKey := subsetKeys[i] + subsetElement := subsetValue.MapIndex(subsetKey).Interface() + listElement := listValue.MapIndex(subsetKey).Interface() + + if !ObjectsAreEqual(subsetElement, listElement) { + return Fail(t, fmt.Sprintf("\"%s\" does not contain \"%s\"", list, subsetElement), msgAndArgs...) + } + } + + return true + } + for i := 0; i < subsetValue.Len(); i++ { element := subsetValue.Index(i).Interface() - ok, found := includeElement(list, element) + ok, found := containsElement(list, element) if !ok { return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", list), msgAndArgs...) } @@ -852,10 +876,9 @@ func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) h.Helper() } if subset == nil { - return Fail(t, fmt.Sprintf("nil is the empty set which is a subset of every set"), msgAndArgs...) + return Fail(t, "nil is the empty set which is a subset of every set", msgAndArgs...) } - subsetValue := reflect.ValueOf(subset) defer func() { if e := recover(); e != nil { ok = false @@ -865,17 +888,35 @@ func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) listKind := reflect.TypeOf(list).Kind() subsetKind := reflect.TypeOf(subset).Kind() - if listKind != reflect.Array && listKind != reflect.Slice { + if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...) } - if subsetKind != reflect.Array && subsetKind != reflect.Slice { + if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...) } + subsetValue := reflect.ValueOf(subset) + if subsetKind == reflect.Map && listKind == reflect.Map { + listValue := reflect.ValueOf(list) + subsetKeys := subsetValue.MapKeys() + + for i := 0; i < len(subsetKeys); i++ { + subsetKey := subsetKeys[i] + subsetElement := subsetValue.MapIndex(subsetKey).Interface() + listElement := listValue.MapIndex(subsetKey).Interface() + + if !ObjectsAreEqual(subsetElement, listElement) { + return true + } + } + + return Fail(t, fmt.Sprintf("%q is a subset of %q", subset, list), msgAndArgs...) + } + for i := 0; i < subsetValue.Len(); i++ { element := subsetValue.Index(i).Interface() - ok, found := includeElement(list, element) + ok, found := containsElement(list, element) if !ok { return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", list), msgAndArgs...) } @@ -1000,27 +1041,21 @@ func Condition(t TestingT, comp Comparison, msgAndArgs ...interface{}) bool { type PanicTestFunc func() // didPanic returns true if the function passed to it panics. Otherwise, it returns false. -func didPanic(f PanicTestFunc) (bool, interface{}, string) { - - didPanic := false - var message interface{} - var stack string - func() { - - defer func() { - if message = recover(); message != nil { - didPanic = true - stack = string(debug.Stack()) - } - }() - - // call the target function - f() +func didPanic(f PanicTestFunc) (didPanic bool, message interface{}, stack string) { + didPanic = true + defer func() { + message = recover() + if didPanic { + stack = string(debug.Stack()) + } }() - return didPanic, message, stack + // call the target function + f() + didPanic = false + return } // Panics asserts that the code inside the specified PanicTestFunc panics. @@ -1111,6 +1146,27 @@ func WithinDuration(t TestingT, expected, actual time.Time, delta time.Duration, return true } +// WithinRange asserts that a time is within a time range (inclusive). +// +// assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +func WithinRange(t TestingT, actual, start, end time.Time, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + if end.Before(start) { + return Fail(t, "Start should be before end", msgAndArgs...) + } + + if actual.Before(start) { + return Fail(t, fmt.Sprintf("Time %v expected to be in time range %v to %v, but is before the range", actual, start, end), msgAndArgs...) + } else if actual.After(end) { + return Fail(t, fmt.Sprintf("Time %v expected to be in time range %v to %v, but is after the range", actual, start, end), msgAndArgs...) + } + + return true +} + func toFloat(x interface{}) (float64, bool) { var xf float64 xok := true @@ -1161,11 +1217,15 @@ func InDelta(t TestingT, expected, actual interface{}, delta float64, msgAndArgs bf, bok := toFloat(actual) if !aok || !bok { - return Fail(t, fmt.Sprintf("Parameters must be numerical"), msgAndArgs...) + return Fail(t, "Parameters must be numerical", msgAndArgs...) + } + + if math.IsNaN(af) && math.IsNaN(bf) { + return true } if math.IsNaN(af) { - return Fail(t, fmt.Sprintf("Expected must not be NaN"), msgAndArgs...) + return Fail(t, "Expected must not be NaN", msgAndArgs...) } if math.IsNaN(bf) { @@ -1188,7 +1248,7 @@ func InDeltaSlice(t TestingT, expected, actual interface{}, delta float64, msgAn if expected == nil || actual == nil || reflect.TypeOf(actual).Kind() != reflect.Slice || reflect.TypeOf(expected).Kind() != reflect.Slice { - return Fail(t, fmt.Sprintf("Parameters must be slice"), msgAndArgs...) + return Fail(t, "Parameters must be slice", msgAndArgs...) } actualSlice := reflect.ValueOf(actual) @@ -1250,8 +1310,12 @@ func InDeltaMapValues(t TestingT, expected, actual interface{}, delta float64, m func calcRelativeError(expected, actual interface{}) (float64, error) { af, aok := toFloat(expected) - if !aok { - return 0, fmt.Errorf("expected value %q cannot be converted to float", expected) + bf, bok := toFloat(actual) + if !aok || !bok { + return 0, fmt.Errorf("Parameters must be numerical") + } + if math.IsNaN(af) && math.IsNaN(bf) { + return 0, nil } if math.IsNaN(af) { return 0, errors.New("expected value must not be NaN") @@ -1259,10 +1323,6 @@ func calcRelativeError(expected, actual interface{}) (float64, error) { if af == 0 { return 0, fmt.Errorf("expected value must have a value other than zero to calculate the relative error") } - bf, bok := toFloat(actual) - if !bok { - return 0, fmt.Errorf("actual value %q cannot be converted to float", actual) - } if math.IsNaN(bf) { return 0, errors.New("actual value must not be NaN") } @@ -1298,7 +1358,7 @@ func InEpsilonSlice(t TestingT, expected, actual interface{}, epsilon float64, m if expected == nil || actual == nil || reflect.TypeOf(actual).Kind() != reflect.Slice || reflect.TypeOf(expected).Kind() != reflect.Slice { - return Fail(t, fmt.Sprintf("Parameters must be slice"), msgAndArgs...) + return Fail(t, "Parameters must be slice", msgAndArgs...) } actualSlice := reflect.ValueOf(actual) @@ -1375,6 +1435,27 @@ func EqualError(t TestingT, theError error, errString string, msgAndArgs ...inte return true } +// ErrorContains asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// assert.ErrorContains(t, err, expectedErrorSubString) +func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if !Error(t, theError, msgAndArgs...) { + return false + } + + actual := theError.Error() + if !strings.Contains(actual, contains) { + return Fail(t, fmt.Sprintf("Error %#v does not contain %#v", actual, contains), msgAndArgs...) + } + + return true +} + // matchRegexp return true if a specified regexp matches a string. func matchRegexp(rx interface{}, str interface{}) bool { @@ -1588,12 +1669,17 @@ func diff(expected interface{}, actual interface{}) string { } var e, a string - if et != reflect.TypeOf("") { - e = spewConfig.Sdump(expected) - a = spewConfig.Sdump(actual) - } else { + + switch et { + case reflect.TypeOf(""): e = reflect.ValueOf(expected).String() a = reflect.ValueOf(actual).String() + case reflect.TypeOf(time.Time{}): + e = spewConfigStringerEnabled.Sdump(expected) + a = spewConfigStringerEnabled.Sdump(actual) + default: + e = spewConfig.Sdump(expected) + a = spewConfig.Sdump(actual) } diff, _ := difflib.GetUnifiedDiffString(difflib.UnifiedDiff{ @@ -1625,6 +1711,14 @@ var spewConfig = spew.ConfigState{ MaxDepth: 10, } +var spewConfigStringerEnabled = spew.ConfigState{ + Indent: " ", + DisablePointerAddresses: true, + DisableCapacities: true, + SortKeys: true, + MaxDepth: 10, +} + type tHelper interface { Helper() } diff --git a/vendor/github.com/stretchr/testify/require/require.go b/vendor/github.com/stretchr/testify/require/require.go index 51820df2e..880853f5a 100644 --- a/vendor/github.com/stretchr/testify/require/require.go +++ b/vendor/github.com/stretchr/testify/require/require.go @@ -280,6 +280,36 @@ func ErrorAsf(t TestingT, err error, target interface{}, msg string, args ...int t.FailNow() } +// ErrorContains asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// assert.ErrorContains(t, err, expectedErrorSubString) +func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...interface{}) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if assert.ErrorContains(t, theError, contains, msgAndArgs...) { + return + } + t.FailNow() +} + +// ErrorContainsf asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// assert.ErrorContainsf(t, err, expectedErrorSubString, "error message %s", "formatted") +func ErrorContainsf(t TestingT, theError error, contains string, msg string, args ...interface{}) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if assert.ErrorContainsf(t, theError, contains, msg, args...) { + return + } + t.FailNow() +} + // ErrorIs asserts that at least one of the errors in err's chain matches target. // This is a wrapper for errors.Is. func ErrorIs(t TestingT, err error, target error, msgAndArgs ...interface{}) { @@ -1834,6 +1864,32 @@ func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta tim t.FailNow() } +// WithinRange asserts that a time is within a time range (inclusive). +// +// assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +func WithinRange(t TestingT, actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if assert.WithinRange(t, actual, start, end, msgAndArgs...) { + return + } + t.FailNow() +} + +// WithinRangef asserts that a time is within a time range (inclusive). +// +// assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +func WithinRangef(t TestingT, actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if assert.WithinRangef(t, actual, start, end, msg, args...) { + return + } + t.FailNow() +} + // YAMLEq asserts that two YAML strings are equivalent. func YAMLEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { diff --git a/vendor/github.com/stretchr/testify/require/require_forward.go b/vendor/github.com/stretchr/testify/require/require_forward.go index ed54a9d83..960bf6f2c 100644 --- a/vendor/github.com/stretchr/testify/require/require_forward.go +++ b/vendor/github.com/stretchr/testify/require/require_forward.go @@ -223,6 +223,30 @@ func (a *Assertions) ErrorAsf(err error, target interface{}, msg string, args .. ErrorAsf(a.t, err, target, msg, args...) } +// ErrorContains asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// a.ErrorContains(err, expectedErrorSubString) +func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs ...interface{}) { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + ErrorContains(a.t, theError, contains, msgAndArgs...) +} + +// ErrorContainsf asserts that a function returned an error (i.e. not `nil`) +// and that the error contains the specified substring. +// +// actualObj, err := SomeFunction() +// a.ErrorContainsf(err, expectedErrorSubString, "error message %s", "formatted") +func (a *Assertions) ErrorContainsf(theError error, contains string, msg string, args ...interface{}) { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + ErrorContainsf(a.t, theError, contains, msg, args...) +} + // ErrorIs asserts that at least one of the errors in err's chain matches target. // This is a wrapper for errors.Is. func (a *Assertions) ErrorIs(err error, target error, msgAndArgs ...interface{}) { @@ -1438,6 +1462,26 @@ func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta WithinDurationf(a.t, expected, actual, delta, msg, args...) } +// WithinRange asserts that a time is within a time range (inclusive). +// +// a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + WithinRange(a.t, actual, start, end, msgAndArgs...) +} + +// WithinRangef asserts that a time is within a time range (inclusive). +// +// a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +func (a *Assertions) WithinRangef(actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + WithinRangef(a.t, actual, start, end, msg, args...) +} + // YAMLEq asserts that two YAML strings are equivalent. func (a *Assertions) YAMLEq(expected string, actual string, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { diff --git a/vendor/golang.org/x/sys/cpu/hwcap_linux.go b/vendor/golang.org/x/sys/cpu/hwcap_linux.go index f3baa3793..1d9d91f3e 100644 --- a/vendor/golang.org/x/sys/cpu/hwcap_linux.go +++ b/vendor/golang.org/x/sys/cpu/hwcap_linux.go @@ -24,6 +24,21 @@ var hwCap uint var hwCap2 uint func readHWCAP() error { + // For Go 1.21+, get auxv from the Go runtime. + if a := getAuxv(); len(a) > 0 { + for len(a) >= 2 { + tag, val := a[0], uint(a[1]) + a = a[2:] + switch tag { + case _AT_HWCAP: + hwCap = val + case _AT_HWCAP2: + hwCap2 = val + } + } + return nil + } + buf, err := ioutil.ReadFile(procAuxv) if err != nil { // e.g. on android /proc/self/auxv is not accessible, so silently diff --git a/vendor/golang.org/x/sys/cpu/runtime_auxv.go b/vendor/golang.org/x/sys/cpu/runtime_auxv.go new file mode 100644 index 000000000..5f92ac9a2 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/runtime_auxv.go @@ -0,0 +1,16 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cpu + +// getAuxvFn is non-nil on Go 1.21+ (via runtime_auxv_go121.go init) +// on platforms that use auxv. +var getAuxvFn func() []uintptr + +func getAuxv() []uintptr { + if getAuxvFn == nil { + return nil + } + return getAuxvFn() +} diff --git a/vendor/golang.org/x/sys/cpu/runtime_auxv_go121.go b/vendor/golang.org/x/sys/cpu/runtime_auxv_go121.go new file mode 100644 index 000000000..b975ea2a0 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/runtime_auxv_go121.go @@ -0,0 +1,19 @@ +// Copyright 2023 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build go1.21 +// +build go1.21 + +package cpu + +import ( + _ "unsafe" // for linkname +) + +//go:linkname runtime_getAuxv runtime.getAuxv +func runtime_getAuxv() []uintptr + +func init() { + getAuxvFn = runtime_getAuxv +} diff --git a/vendor/golang.org/x/sys/unix/ioctl.go b/vendor/golang.org/x/sys/unix/ioctl.go index 1c51b0ec2..7ce8dd406 100644 --- a/vendor/golang.org/x/sys/unix/ioctl.go +++ b/vendor/golang.org/x/sys/unix/ioctl.go @@ -8,7 +8,6 @@ package unix import ( - "runtime" "unsafe" ) @@ -27,7 +26,7 @@ func IoctlSetInt(fd int, req uint, value int) error { // passing the integer value directly. func IoctlSetPointerInt(fd int, req uint, value int) error { v := int32(value) - return ioctl(fd, req, uintptr(unsafe.Pointer(&v))) + return ioctlPtr(fd, req, unsafe.Pointer(&v)) } // IoctlSetWinsize performs an ioctl on fd with a *Winsize argument. @@ -36,9 +35,7 @@ func IoctlSetPointerInt(fd int, req uint, value int) error { func IoctlSetWinsize(fd int, req uint, value *Winsize) error { // TODO: if we get the chance, remove the req parameter and // hardcode TIOCSWINSZ. - err := ioctl(fd, req, uintptr(unsafe.Pointer(value))) - runtime.KeepAlive(value) - return err + return ioctlPtr(fd, req, unsafe.Pointer(value)) } // IoctlSetTermios performs an ioctl on fd with a *Termios. @@ -46,9 +43,7 @@ func IoctlSetWinsize(fd int, req uint, value *Winsize) error { // The req value will usually be TCSETA or TIOCSETA. func IoctlSetTermios(fd int, req uint, value *Termios) error { // TODO: if we get the chance, remove the req parameter. - err := ioctl(fd, req, uintptr(unsafe.Pointer(value))) - runtime.KeepAlive(value) - return err + return ioctlPtr(fd, req, unsafe.Pointer(value)) } // IoctlGetInt performs an ioctl operation which gets an integer value @@ -58,18 +53,18 @@ func IoctlSetTermios(fd int, req uint, value *Termios) error { // for those, IoctlRetInt should be used instead of this function. func IoctlGetInt(fd int, req uint) (int, error) { var value int - err := ioctl(fd, req, uintptr(unsafe.Pointer(&value))) + err := ioctlPtr(fd, req, unsafe.Pointer(&value)) return value, err } func IoctlGetWinsize(fd int, req uint) (*Winsize, error) { var value Winsize - err := ioctl(fd, req, uintptr(unsafe.Pointer(&value))) + err := ioctlPtr(fd, req, unsafe.Pointer(&value)) return &value, err } func IoctlGetTermios(fd int, req uint) (*Termios, error) { var value Termios - err := ioctl(fd, req, uintptr(unsafe.Pointer(&value))) + err := ioctlPtr(fd, req, unsafe.Pointer(&value)) return &value, err } diff --git a/vendor/golang.org/x/sys/unix/ioctl_zos.go b/vendor/golang.org/x/sys/unix/ioctl_zos.go index 5384e7d91..6532f09af 100644 --- a/vendor/golang.org/x/sys/unix/ioctl_zos.go +++ b/vendor/golang.org/x/sys/unix/ioctl_zos.go @@ -27,9 +27,7 @@ func IoctlSetInt(fd int, req uint, value int) error { func IoctlSetWinsize(fd int, req uint, value *Winsize) error { // TODO: if we get the chance, remove the req parameter and // hardcode TIOCSWINSZ. - err := ioctl(fd, req, uintptr(unsafe.Pointer(value))) - runtime.KeepAlive(value) - return err + return ioctlPtr(fd, req, unsafe.Pointer(value)) } // IoctlSetTermios performs an ioctl on fd with a *Termios. @@ -51,13 +49,13 @@ func IoctlSetTermios(fd int, req uint, value *Termios) error { // for those, IoctlRetInt should be used instead of this function. func IoctlGetInt(fd int, req uint) (int, error) { var value int - err := ioctl(fd, req, uintptr(unsafe.Pointer(&value))) + err := ioctlPtr(fd, req, unsafe.Pointer(&value)) return value, err } func IoctlGetWinsize(fd int, req uint) (*Winsize, error) { var value Winsize - err := ioctl(fd, req, uintptr(unsafe.Pointer(&value))) + err := ioctlPtr(fd, req, unsafe.Pointer(&value)) return &value, err } diff --git a/vendor/golang.org/x/sys/unix/ptrace_darwin.go b/vendor/golang.org/x/sys/unix/ptrace_darwin.go index 463c3eff7..39dba6ca6 100644 --- a/vendor/golang.org/x/sys/unix/ptrace_darwin.go +++ b/vendor/golang.org/x/sys/unix/ptrace_darwin.go @@ -7,6 +7,12 @@ package unix +import "unsafe" + func ptrace(request int, pid int, addr uintptr, data uintptr) error { return ptrace1(request, pid, addr, data) } + +func ptracePtr(request int, pid int, addr uintptr, data unsafe.Pointer) error { + return ptrace1Ptr(request, pid, addr, data) +} diff --git a/vendor/golang.org/x/sys/unix/ptrace_ios.go b/vendor/golang.org/x/sys/unix/ptrace_ios.go index ed0509a01..9ea66330a 100644 --- a/vendor/golang.org/x/sys/unix/ptrace_ios.go +++ b/vendor/golang.org/x/sys/unix/ptrace_ios.go @@ -7,6 +7,12 @@ package unix +import "unsafe" + func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { return ENOTSUP } + +func ptracePtr(request int, pid int, addr uintptr, data unsafe.Pointer) (err error) { + return ENOTSUP +} diff --git a/vendor/golang.org/x/sys/unix/syscall_aix.go b/vendor/golang.org/x/sys/unix/syscall_aix.go index 2db1b51e9..d9f5544cc 100644 --- a/vendor/golang.org/x/sys/unix/syscall_aix.go +++ b/vendor/golang.org/x/sys/unix/syscall_aix.go @@ -292,9 +292,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { break } } - - bytes := (*[len(pp.Path)]byte)(unsafe.Pointer(&pp.Path[0]))[0:n] - sa.Name = string(bytes) + sa.Name = string(unsafe.Slice((*byte)(unsafe.Pointer(&pp.Path[0])), n)) return sa, nil case AF_INET: @@ -411,6 +409,7 @@ func (w WaitStatus) CoreDump() bool { return w&0x80 == 0x80 } func (w WaitStatus) TrapCause() int { return -1 } //sys ioctl(fd int, req uint, arg uintptr) (err error) +//sys ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) = ioctl // fcntl must never be called with cmd=F_DUP2FD because it doesn't work on AIX // There is no way to create a custom fcntl and to keep //sys fcntl easily, diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go index eda42671f..7705c3270 100644 --- a/vendor/golang.org/x/sys/unix/syscall_bsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go @@ -245,8 +245,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { break } } - bytes := (*[len(pp.Path)]byte)(unsafe.Pointer(&pp.Path[0]))[0:n] - sa.Name = string(bytes) + sa.Name = string(unsafe.Slice((*byte)(unsafe.Pointer(&pp.Path[0])), n)) return sa, nil case AF_INET: diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go index 192b071b3..7064d6eba 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go @@ -14,7 +14,6 @@ package unix import ( "fmt" - "runtime" "syscall" "unsafe" ) @@ -376,11 +375,10 @@ func Flistxattr(fd int, dest []byte) (sz int, err error) { func Kill(pid int, signum syscall.Signal) (err error) { return kill(pid, int(signum), 1) } //sys ioctl(fd int, req uint, arg uintptr) (err error) +//sys ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) = SYS_IOCTL func IoctlCtlInfo(fd int, ctlInfo *CtlInfo) error { - err := ioctl(fd, CTLIOCGINFO, uintptr(unsafe.Pointer(ctlInfo))) - runtime.KeepAlive(ctlInfo) - return err + return ioctlPtr(fd, CTLIOCGINFO, unsafe.Pointer(ctlInfo)) } // IfreqMTU is struct ifreq used to get or set a network device's MTU. @@ -394,16 +392,14 @@ type IfreqMTU struct { func IoctlGetIfreqMTU(fd int, ifname string) (*IfreqMTU, error) { var ifreq IfreqMTU copy(ifreq.Name[:], ifname) - err := ioctl(fd, SIOCGIFMTU, uintptr(unsafe.Pointer(&ifreq))) + err := ioctlPtr(fd, SIOCGIFMTU, unsafe.Pointer(&ifreq)) return &ifreq, err } // IoctlSetIfreqMTU performs the SIOCSIFMTU ioctl operation on fd to set the MTU // of the network device specified by ifreq.Name. func IoctlSetIfreqMTU(fd int, ifreq *IfreqMTU) error { - err := ioctl(fd, SIOCSIFMTU, uintptr(unsafe.Pointer(ifreq))) - runtime.KeepAlive(ifreq) - return err + return ioctlPtr(fd, SIOCSIFMTU, unsafe.Pointer(ifreq)) } //sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS_SYSCTL diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go index b37310ce9..9fa879806 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go @@ -47,5 +47,6 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, //sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64 //sys Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64 //sys ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace +//sys ptrace1Ptr(request int, pid int, addr unsafe.Pointer, data uintptr) (err error) = SYS_ptrace //sys Stat(path string, stat *Stat_t) (err error) = SYS_STAT64 //sys Statfs(path string, stat *Statfs_t) (err error) = SYS_STATFS64 diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go index d51ec9963..f17b8c526 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go @@ -47,5 +47,6 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, //sys getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT //sys Lstat(path string, stat *Stat_t) (err error) //sys ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace +//sys ptrace1Ptr(request int, pid int, addr unsafe.Pointer, data uintptr) (err error) = SYS_ptrace //sys Stat(path string, stat *Stat_t) (err error) //sys Statfs(path string, stat *Statfs_t) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go index a41111a79..221efc26b 100644 --- a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go +++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go @@ -172,6 +172,7 @@ func Getfsstat(buf []Statfs_t, flags int) (n int, err error) { } //sys ioctl(fd int, req uint, arg uintptr) (err error) +//sys ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) = SYS_IOCTL //sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd.go b/vendor/golang.org/x/sys/unix/syscall_freebsd.go index d50b9dc25..5bdde03e4 100644 --- a/vendor/golang.org/x/sys/unix/syscall_freebsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_freebsd.go @@ -161,7 +161,8 @@ func Getfsstat(buf []Statfs_t, flags int) (n int, err error) { return } -//sys ioctl(fd int, req uint, arg uintptr) (err error) +//sys ioctl(fd int, req uint, arg uintptr) (err error) = SYS_IOCTL +//sys ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) = SYS_IOCTL //sys sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL @@ -253,6 +254,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e } //sys ptrace(request int, pid int, addr uintptr, data int) (err error) +//sys ptracePtr(request int, pid int, addr unsafe.Pointer, data int) (err error) = SYS_PTRACE func PtraceAttach(pid int) (err error) { return ptrace(PT_ATTACH, pid, 0, 0) @@ -267,19 +269,36 @@ func PtraceDetach(pid int) (err error) { } func PtraceGetFpRegs(pid int, fpregsout *FpReg) (err error) { - return ptrace(PT_GETFPREGS, pid, uintptr(unsafe.Pointer(fpregsout)), 0) + return ptracePtr(PT_GETFPREGS, pid, unsafe.Pointer(fpregsout), 0) } func PtraceGetRegs(pid int, regsout *Reg) (err error) { - return ptrace(PT_GETREGS, pid, uintptr(unsafe.Pointer(regsout)), 0) + return ptracePtr(PT_GETREGS, pid, unsafe.Pointer(regsout), 0) +} + +func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) { + ioDesc := PtraceIoDesc{ + Op: int32(req), + Offs: offs, + } + if countin > 0 { + _ = out[:countin] // check bounds + ioDesc.Addr = &out[0] + } else if out != nil { + ioDesc.Addr = (*byte)(unsafe.Pointer(&_zero)) + } + ioDesc.SetLen(countin) + + err = ptracePtr(PT_IO, pid, unsafe.Pointer(&ioDesc), 0) + return int(ioDesc.Len), err } func PtraceLwpEvents(pid int, enable int) (err error) { return ptrace(PT_LWP_EVENTS, pid, 0, enable) } -func PtraceLwpInfo(pid int, info uintptr) (err error) { - return ptrace(PT_LWPINFO, pid, info, int(unsafe.Sizeof(PtraceLwpInfoStruct{}))) +func PtraceLwpInfo(pid int, info *PtraceLwpInfoStruct) (err error) { + return ptracePtr(PT_LWPINFO, pid, unsafe.Pointer(info), int(unsafe.Sizeof(*info))) } func PtracePeekData(pid int, addr uintptr, out []byte) (count int, err error) { @@ -299,13 +318,25 @@ func PtracePokeText(pid int, addr uintptr, data []byte) (count int, err error) { } func PtraceSetRegs(pid int, regs *Reg) (err error) { - return ptrace(PT_SETREGS, pid, uintptr(unsafe.Pointer(regs)), 0) + return ptracePtr(PT_SETREGS, pid, unsafe.Pointer(regs), 0) } func PtraceSingleStep(pid int) (err error) { return ptrace(PT_STEP, pid, 1, 0) } +func Dup3(oldfd, newfd, flags int) error { + if oldfd == newfd || flags&^O_CLOEXEC != 0 { + return EINVAL + } + how := F_DUP2FD + if flags&O_CLOEXEC != 0 { + how = F_DUP2FD_CLOEXEC + } + _, err := fcntl(oldfd, how, newfd) + return err +} + /* * Exposed directly */ diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go index 6a91d471d..b8da51004 100644 --- a/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go +++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go @@ -42,6 +42,10 @@ func (cmsg *Cmsghdr) SetLen(length int) { cmsg.Len = uint32(length) } +func (d *PtraceIoDesc) SetLen(length int) { + d.Len = uint32(length) +} + func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) { var writtenOut uint64 = 0 _, _, e1 := Syscall9(SYS_SENDFILE, uintptr(infd), uintptr(outfd), uintptr(*offset), uintptr((*offset)>>32), uintptr(count), 0, uintptr(unsafe.Pointer(&writtenOut)), 0, 0) @@ -57,16 +61,5 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) func PtraceGetFsBase(pid int, fsbase *int64) (err error) { - return ptrace(PT_GETFSBASE, pid, uintptr(unsafe.Pointer(fsbase)), 0) -} - -func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) { - ioDesc := PtraceIoDesc{ - Op: int32(req), - Offs: offs, - Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe. - Len: uint32(countin), - } - err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0) - return int(ioDesc.Len), err + return ptracePtr(PT_GETFSBASE, pid, unsafe.Pointer(fsbase), 0) } diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go index 48110a0ab..47155c483 100644 --- a/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go @@ -42,6 +42,10 @@ func (cmsg *Cmsghdr) SetLen(length int) { cmsg.Len = uint32(length) } +func (d *PtraceIoDesc) SetLen(length int) { + d.Len = uint64(length) +} + func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) { var writtenOut uint64 = 0 _, _, e1 := Syscall9(SYS_SENDFILE, uintptr(infd), uintptr(outfd), uintptr(*offset), uintptr(count), 0, uintptr(unsafe.Pointer(&writtenOut)), 0, 0, 0) @@ -57,16 +61,5 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) func PtraceGetFsBase(pid int, fsbase *int64) (err error) { - return ptrace(PT_GETFSBASE, pid, uintptr(unsafe.Pointer(fsbase)), 0) -} - -func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) { - ioDesc := PtraceIoDesc{ - Op: int32(req), - Offs: offs, - Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe. - Len: uint64(countin), - } - err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0) - return int(ioDesc.Len), err + return ptracePtr(PT_GETFSBASE, pid, unsafe.Pointer(fsbase), 0) } diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go index 52f1d4b75..08932093f 100644 --- a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go +++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go @@ -42,6 +42,10 @@ func (cmsg *Cmsghdr) SetLen(length int) { cmsg.Len = uint32(length) } +func (d *PtraceIoDesc) SetLen(length int) { + d.Len = uint32(length) +} + func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) { var writtenOut uint64 = 0 _, _, e1 := Syscall9(SYS_SENDFILE, uintptr(infd), uintptr(outfd), uintptr(*offset), uintptr((*offset)>>32), uintptr(count), 0, uintptr(unsafe.Pointer(&writtenOut)), 0, 0) @@ -55,14 +59,3 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e } func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) - -func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) { - ioDesc := PtraceIoDesc{ - Op: int32(req), - Offs: offs, - Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe. - Len: uint32(countin), - } - err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0) - return int(ioDesc.Len), err -} diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go index 5537ee4f2..d151a0d0e 100644 --- a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go @@ -42,6 +42,10 @@ func (cmsg *Cmsghdr) SetLen(length int) { cmsg.Len = uint32(length) } +func (d *PtraceIoDesc) SetLen(length int) { + d.Len = uint64(length) +} + func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) { var writtenOut uint64 = 0 _, _, e1 := Syscall9(SYS_SENDFILE, uintptr(infd), uintptr(outfd), uintptr(*offset), uintptr(count), 0, uintptr(unsafe.Pointer(&writtenOut)), 0, 0, 0) @@ -55,14 +59,3 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e } func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) - -func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) { - ioDesc := PtraceIoDesc{ - Op: int32(req), - Offs: offs, - Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe. - Len: uint64(countin), - } - err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0) - return int(ioDesc.Len), err -} diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go index 164abd5d2..d5cd64b37 100644 --- a/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go +++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go @@ -42,6 +42,10 @@ func (cmsg *Cmsghdr) SetLen(length int) { cmsg.Len = uint32(length) } +func (d *PtraceIoDesc) SetLen(length int) { + d.Len = uint64(length) +} + func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) { var writtenOut uint64 = 0 _, _, e1 := Syscall9(SYS_SENDFILE, uintptr(infd), uintptr(outfd), uintptr(*offset), uintptr(count), 0, uintptr(unsafe.Pointer(&writtenOut)), 0, 0, 0) @@ -55,14 +59,3 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e } func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err syscall.Errno) - -func PtraceIO(req int, pid int, offs uintptr, out []byte, countin int) (count int, err error) { - ioDesc := PtraceIoDesc{ - Op: int32(req), - Offs: offs, - Addr: uintptr(unsafe.Pointer(&out[0])), // TODO(#58351): this is not safe. - Len: uint64(countin), - } - err = ptrace(PT_IO, pid, uintptr(unsafe.Pointer(&ioDesc)), 0) - return int(ioDesc.Len), err -} diff --git a/vendor/golang.org/x/sys/unix/syscall_hurd.go b/vendor/golang.org/x/sys/unix/syscall_hurd.go index 4ffb64808..381fd4673 100644 --- a/vendor/golang.org/x/sys/unix/syscall_hurd.go +++ b/vendor/golang.org/x/sys/unix/syscall_hurd.go @@ -20,3 +20,11 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { } return } + +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + r0, er := C.ioctl(C.int(fd), C.ulong(req), C.uintptr_t(uintptr(arg))) + if r0 == -1 && er != nil { + err = er + } + return +} diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go index 5443dddd4..973533153 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -1015,8 +1015,7 @@ func anyToSockaddr(fd int, rsa *RawSockaddrAny) (Sockaddr, error) { for n < len(pp.Path) && pp.Path[n] != 0 { n++ } - bytes := (*[len(pp.Path)]byte)(unsafe.Pointer(&pp.Path[0]))[0:n] - sa.Name = string(bytes) + sa.Name = string(unsafe.Slice((*byte)(unsafe.Pointer(&pp.Path[0])), n)) return sa, nil case AF_INET: @@ -1365,6 +1364,10 @@ func SetsockoptTCPRepairOpt(fd, level, opt int, o []TCPRepairOpt) (err error) { return setsockopt(fd, level, opt, unsafe.Pointer(&o[0]), uintptr(SizeofTCPRepairOpt*len(o))) } +func SetsockoptTCPMD5Sig(fd, level, opt int, s *TCPMD5Sig) error { + return setsockopt(fd, level, opt, unsafe.Pointer(s), unsafe.Sizeof(*s)) +} + // Keyctl Commands (http://man7.org/linux/man-pages/man2/keyctl.2.html) // KeyctlInt calls keyctl commands in which each argument is an int. @@ -1579,6 +1582,7 @@ func BindToDevice(fd int, device string) (err error) { } //sys ptrace(request int, pid int, addr uintptr, data uintptr) (err error) +//sys ptracePtr(request int, pid int, addr uintptr, data unsafe.Pointer) (err error) = SYS_PTRACE func ptracePeek(req int, pid int, addr uintptr, out []byte) (count int, err error) { // The peek requests are machine-size oriented, so we wrap it @@ -1596,7 +1600,7 @@ func ptracePeek(req int, pid int, addr uintptr, out []byte) (count int, err erro // boundary. n := 0 if addr%SizeofPtr != 0 { - err = ptrace(req, pid, addr-addr%SizeofPtr, uintptr(unsafe.Pointer(&buf[0]))) + err = ptracePtr(req, pid, addr-addr%SizeofPtr, unsafe.Pointer(&buf[0])) if err != nil { return 0, err } @@ -1608,7 +1612,7 @@ func ptracePeek(req int, pid int, addr uintptr, out []byte) (count int, err erro for len(out) > 0 { // We use an internal buffer to guarantee alignment. // It's not documented if this is necessary, but we're paranoid. - err = ptrace(req, pid, addr+uintptr(n), uintptr(unsafe.Pointer(&buf[0]))) + err = ptracePtr(req, pid, addr+uintptr(n), unsafe.Pointer(&buf[0])) if err != nil { return n, err } @@ -1640,7 +1644,7 @@ func ptracePoke(pokeReq int, peekReq int, pid int, addr uintptr, data []byte) (c n := 0 if addr%SizeofPtr != 0 { var buf [SizeofPtr]byte - err = ptrace(peekReq, pid, addr-addr%SizeofPtr, uintptr(unsafe.Pointer(&buf[0]))) + err = ptracePtr(peekReq, pid, addr-addr%SizeofPtr, unsafe.Pointer(&buf[0])) if err != nil { return 0, err } @@ -1667,7 +1671,7 @@ func ptracePoke(pokeReq int, peekReq int, pid int, addr uintptr, data []byte) (c // Trailing edge. if len(data) > 0 { var buf [SizeofPtr]byte - err = ptrace(peekReq, pid, addr+uintptr(n), uintptr(unsafe.Pointer(&buf[0]))) + err = ptracePtr(peekReq, pid, addr+uintptr(n), unsafe.Pointer(&buf[0])) if err != nil { return n, err } @@ -1696,11 +1700,11 @@ func PtracePokeUser(pid int, addr uintptr, data []byte) (count int, err error) { } func PtraceGetRegs(pid int, regsout *PtraceRegs) (err error) { - return ptrace(PTRACE_GETREGS, pid, 0, uintptr(unsafe.Pointer(regsout))) + return ptracePtr(PTRACE_GETREGS, pid, 0, unsafe.Pointer(regsout)) } func PtraceSetRegs(pid int, regs *PtraceRegs) (err error) { - return ptrace(PTRACE_SETREGS, pid, 0, uintptr(unsafe.Pointer(regs))) + return ptracePtr(PTRACE_SETREGS, pid, 0, unsafe.Pointer(regs)) } func PtraceSetOptions(pid int, options int) (err error) { @@ -1709,7 +1713,7 @@ func PtraceSetOptions(pid int, options int) (err error) { func PtraceGetEventMsg(pid int) (msg uint, err error) { var data _C_long - err = ptrace(PTRACE_GETEVENTMSG, pid, 0, uintptr(unsafe.Pointer(&data))) + err = ptracePtr(PTRACE_GETEVENTMSG, pid, 0, unsafe.Pointer(&data)) msg = uint(data) return } @@ -2154,6 +2158,14 @@ func isGroupMember(gid int) bool { return false } +func isCapDacOverrideSet() bool { + hdr := CapUserHeader{Version: LINUX_CAPABILITY_VERSION_3} + data := [2]CapUserData{} + err := Capget(&hdr, &data[0]) + + return err == nil && data[0].Effective&(1< 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go index 77479d458..112906562 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go @@ -388,6 +388,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { var _p0 unsafe.Pointer if len(mib) > 0 { @@ -414,6 +424,16 @@ func ptrace(request int, pid int, addr uintptr, data int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ptracePtr(request int, pid int, addr unsafe.Pointer, data int) (err error) { + _, _, e1 := Syscall6(SYS_PTRACE, uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func Access(path string, mode uint32) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go index 2e966d4d7..55f5abfe5 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go @@ -388,6 +388,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { var _p0 unsafe.Pointer if len(mib) > 0 { @@ -414,6 +424,16 @@ func ptrace(request int, pid int, addr uintptr, data int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ptracePtr(request int, pid int, addr unsafe.Pointer, data int) (err error) { + _, _, e1 := Syscall6(SYS_PTRACE, uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func Access(path string, mode uint32) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go index d65a7c0fa..d39651c2b 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go @@ -388,6 +388,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { var _p0 unsafe.Pointer if len(mib) > 0 { @@ -414,6 +424,16 @@ func ptrace(request int, pid int, addr uintptr, data int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ptracePtr(request int, pid int, addr unsafe.Pointer, data int) (err error) { + _, _, e1 := Syscall6(SYS_PTRACE, uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func Access(path string, mode uint32) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go index 6f0b97c6d..ddb740868 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go @@ -388,6 +388,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { var _p0 unsafe.Pointer if len(mib) > 0 { @@ -414,6 +424,16 @@ func ptrace(request int, pid int, addr uintptr, data int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ptracePtr(request int, pid int, addr unsafe.Pointer, data int) (err error) { + _, _, e1 := Syscall6(SYS_PTRACE, uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func Access(path string, mode uint32) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go index e1c23b527..09a53a616 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go @@ -388,6 +388,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { var _p0 unsafe.Pointer if len(mib) > 0 { @@ -414,6 +424,16 @@ func ptrace(request int, pid int, addr uintptr, data int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ptracePtr(request int, pid int, addr unsafe.Pointer, data int) (err error) { + _, _, e1 := Syscall6(SYS_PTRACE, uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func Access(path string, mode uint32) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go index 36ea3a55b..430cb24de 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go @@ -379,6 +379,16 @@ func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ptracePtr(request int, pid int, addr uintptr, data unsafe.Pointer) (err error) { + _, _, e1 := Syscall6(SYS_PTRACE, uintptr(request), uintptr(pid), uintptr(addr), uintptr(data), 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func reboot(magic1 uint, magic2 uint, cmd int, arg string) (err error) { var _p0 *byte _p0, err = BytePtrFromString(arg) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go index 79f738996..8e1d9c8f6 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go @@ -405,6 +405,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { var _p0 unsafe.Pointer if len(mib) > 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go index fb161f3a2..21c695040 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go @@ -405,6 +405,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { var _p0 unsafe.Pointer if len(mib) > 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go index 4c8ac993a..298168f90 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go @@ -405,6 +405,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { var _p0 unsafe.Pointer if len(mib) > 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go index 76dd8ec4f..68b8bd492 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go @@ -405,6 +405,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) { var _p0 unsafe.Pointer if len(mib) > 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go index caeb807bd..0b0f910e1 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go @@ -527,6 +527,14 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { return } +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + var libc_ioctl_trampoline_addr uintptr //go:cgo_import_dynamic libc_ioctl ioctl "libc.so" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go index a05e5f4ff..48ff5de75 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go @@ -527,6 +527,14 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { return } +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + var libc_ioctl_trampoline_addr uintptr //go:cgo_import_dynamic libc_ioctl ioctl "libc.so" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go index b2da8e50c..2452a641d 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go @@ -527,6 +527,14 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { return } +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + var libc_ioctl_trampoline_addr uintptr //go:cgo_import_dynamic libc_ioctl ioctl "libc.so" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go index 048b2655e..5e35600a6 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go @@ -527,6 +527,14 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { return } +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + var libc_ioctl_trampoline_addr uintptr //go:cgo_import_dynamic libc_ioctl ioctl "libc.so" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go index 6f33e37e7..b04cef1a1 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go @@ -527,6 +527,14 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { return } +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + var libc_ioctl_trampoline_addr uintptr //go:cgo_import_dynamic libc_ioctl ioctl "libc.so" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go index 330cf7f7a..47a07ee0c 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go @@ -527,6 +527,14 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { return } +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + var libc_ioctl_trampoline_addr uintptr //go:cgo_import_dynamic libc_ioctl ioctl "libc.so" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go index 5f24de0d9..573378fdb 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go @@ -527,6 +527,14 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { return } +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + var libc_ioctl_trampoline_addr uintptr //go:cgo_import_dynamic libc_ioctl ioctl "libc.so" diff --git a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go index 78d4a4240..4873a1e5d 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go @@ -657,6 +657,17 @@ func ioctlRet(fd int, req uint, arg uintptr) (ret int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtrRet(fd int, req uint, arg unsafe.Pointer) (ret int, err error) { + r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procioctl)), 3, uintptr(fd), uintptr(req), uintptr(arg), 0, 0, 0) + ret = int(r0) + if e1 != 0 { + err = e1 + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func poll(fds *PollFd, nfds int, timeout int) (n int, err error) { r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procpoll)), 3, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout), 0, 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go index f2079457c..07bfe2ef9 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go @@ -267,6 +267,16 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { + _, _, e1 := syscall_syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func Access(path string, mode uint32) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go index d9c78cdcb..29dc48337 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go @@ -362,7 +362,7 @@ type FpExtendedPrecision struct{} type PtraceIoDesc struct { Op int32 Offs uintptr - Addr uintptr + Addr *byte Len uint32 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go index 26991b165..0a89b2890 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go @@ -367,7 +367,7 @@ type FpExtendedPrecision struct{} type PtraceIoDesc struct { Op int32 Offs uintptr - Addr uintptr + Addr *byte Len uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go index f8324e7e7..c8666bb15 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go @@ -350,7 +350,7 @@ type FpExtendedPrecision struct { type PtraceIoDesc struct { Op int32 Offs uintptr - Addr uintptr + Addr *byte Len uint32 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go index 4220411f3..88fb48a88 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go @@ -347,7 +347,7 @@ type FpExtendedPrecision struct{} type PtraceIoDesc struct { Op int32 Offs uintptr - Addr uintptr + Addr *byte Len uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go index 0660fd45c..698dc975e 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go @@ -348,7 +348,7 @@ type FpExtendedPrecision struct{} type PtraceIoDesc struct { Op int32 Offs uintptr - Addr uintptr + Addr *byte Len uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go index 7d9fc8f1c..ca84727cf 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -456,36 +456,60 @@ type Ucred struct { } type TCPInfo struct { - State uint8 - Ca_state uint8 - Retransmits uint8 - Probes uint8 - Backoff uint8 - Options uint8 - Rto uint32 - Ato uint32 - Snd_mss uint32 - Rcv_mss uint32 - Unacked uint32 - Sacked uint32 - Lost uint32 - Retrans uint32 - Fackets uint32 - Last_data_sent uint32 - Last_ack_sent uint32 - Last_data_recv uint32 - Last_ack_recv uint32 - Pmtu uint32 - Rcv_ssthresh uint32 - Rtt uint32 - Rttvar uint32 - Snd_ssthresh uint32 - Snd_cwnd uint32 - Advmss uint32 - Reordering uint32 - Rcv_rtt uint32 - Rcv_space uint32 - Total_retrans uint32 + State uint8 + Ca_state uint8 + Retransmits uint8 + Probes uint8 + Backoff uint8 + Options uint8 + Rto uint32 + Ato uint32 + Snd_mss uint32 + Rcv_mss uint32 + Unacked uint32 + Sacked uint32 + Lost uint32 + Retrans uint32 + Fackets uint32 + Last_data_sent uint32 + Last_ack_sent uint32 + Last_data_recv uint32 + Last_ack_recv uint32 + Pmtu uint32 + Rcv_ssthresh uint32 + Rtt uint32 + Rttvar uint32 + Snd_ssthresh uint32 + Snd_cwnd uint32 + Advmss uint32 + Reordering uint32 + Rcv_rtt uint32 + Rcv_space uint32 + Total_retrans uint32 + Pacing_rate uint64 + Max_pacing_rate uint64 + Bytes_acked uint64 + Bytes_received uint64 + Segs_out uint32 + Segs_in uint32 + Notsent_bytes uint32 + Min_rtt uint32 + Data_segs_in uint32 + Data_segs_out uint32 + Delivery_rate uint64 + Busy_time uint64 + Rwnd_limited uint64 + Sndbuf_limited uint64 + Delivered uint32 + Delivered_ce uint32 + Bytes_sent uint64 + Bytes_retrans uint64 + Dsack_dups uint32 + Reord_seen uint32 + Rcv_ooopack uint32 + Snd_wnd uint32 + Rcv_wnd uint32 + Rehash uint32 } type CanFilter struct { @@ -528,7 +552,7 @@ const ( SizeofIPv6MTUInfo = 0x20 SizeofICMPv6Filter = 0x20 SizeofUcred = 0xc - SizeofTCPInfo = 0x68 + SizeofTCPInfo = 0xf0 SizeofCanFilter = 0x8 SizeofTCPRepairOpt = 0x8 ) @@ -1043,6 +1067,7 @@ const ( PerfBitCommExec = CBitFieldMaskBit24 PerfBitUseClockID = CBitFieldMaskBit25 PerfBitContextSwitch = CBitFieldMaskBit26 + PerfBitWriteBackward = CBitFieldMaskBit27 ) const ( @@ -1239,7 +1264,7 @@ type TCPMD5Sig struct { Flags uint8 Prefixlen uint8 Keylen uint16 - _ uint32 + Ifindex int32 Key [80]uint8 } @@ -1939,7 +1964,11 @@ const ( NFT_MSG_GETOBJ = 0x13 NFT_MSG_DELOBJ = 0x14 NFT_MSG_GETOBJ_RESET = 0x15 - NFT_MSG_MAX = 0x19 + NFT_MSG_NEWFLOWTABLE = 0x16 + NFT_MSG_GETFLOWTABLE = 0x17 + NFT_MSG_DELFLOWTABLE = 0x18 + NFT_MSG_GETRULE_RESET = 0x19 + NFT_MSG_MAX = 0x1a NFTA_LIST_UNSPEC = 0x0 NFTA_LIST_ELEM = 0x1 NFTA_HOOK_UNSPEC = 0x0 @@ -2443,9 +2472,11 @@ const ( SOF_TIMESTAMPING_OPT_STATS = 0x1000 SOF_TIMESTAMPING_OPT_PKTINFO = 0x2000 SOF_TIMESTAMPING_OPT_TX_SWHW = 0x4000 + SOF_TIMESTAMPING_BIND_PHC = 0x8000 + SOF_TIMESTAMPING_OPT_ID_TCP = 0x10000 - SOF_TIMESTAMPING_LAST = 0x8000 - SOF_TIMESTAMPING_MASK = 0xffff + SOF_TIMESTAMPING_LAST = 0x10000 + SOF_TIMESTAMPING_MASK = 0x1ffff SCM_TSTAMP_SND = 0x0 SCM_TSTAMP_SCHED = 0x1 @@ -3265,7 +3296,7 @@ const ( DEVLINK_ATTR_LINECARD_SUPPORTED_TYPES = 0xae DEVLINK_ATTR_NESTED_DEVLINK = 0xaf DEVLINK_ATTR_SELFTESTS = 0xb0 - DEVLINK_ATTR_MAX = 0xb0 + DEVLINK_ATTR_MAX = 0xb3 DEVLINK_DPIPE_FIELD_MAPPING_TYPE_NONE = 0x0 DEVLINK_DPIPE_FIELD_MAPPING_TYPE_IFINDEX = 0x1 DEVLINK_DPIPE_MATCH_TYPE_FIELD_EXACT = 0x0 @@ -3281,7 +3312,8 @@ const ( DEVLINK_PORT_FUNCTION_ATTR_HW_ADDR = 0x1 DEVLINK_PORT_FN_ATTR_STATE = 0x2 DEVLINK_PORT_FN_ATTR_OPSTATE = 0x3 - DEVLINK_PORT_FUNCTION_ATTR_MAX = 0x3 + DEVLINK_PORT_FN_ATTR_CAPS = 0x4 + DEVLINK_PORT_FUNCTION_ATTR_MAX = 0x4 ) type FsverityDigest struct { @@ -3572,7 +3604,8 @@ const ( ETHTOOL_MSG_MODULE_SET = 0x23 ETHTOOL_MSG_PSE_GET = 0x24 ETHTOOL_MSG_PSE_SET = 0x25 - ETHTOOL_MSG_USER_MAX = 0x25 + ETHTOOL_MSG_RSS_GET = 0x26 + ETHTOOL_MSG_USER_MAX = 0x26 ETHTOOL_MSG_KERNEL_NONE = 0x0 ETHTOOL_MSG_STRSET_GET_REPLY = 0x1 ETHTOOL_MSG_LINKINFO_GET_REPLY = 0x2 @@ -3611,7 +3644,8 @@ const ( ETHTOOL_MSG_MODULE_GET_REPLY = 0x23 ETHTOOL_MSG_MODULE_NTF = 0x24 ETHTOOL_MSG_PSE_GET_REPLY = 0x25 - ETHTOOL_MSG_KERNEL_MAX = 0x25 + ETHTOOL_MSG_RSS_GET_REPLY = 0x26 + ETHTOOL_MSG_KERNEL_MAX = 0x26 ETHTOOL_A_HEADER_UNSPEC = 0x0 ETHTOOL_A_HEADER_DEV_INDEX = 0x1 ETHTOOL_A_HEADER_DEV_NAME = 0x2 @@ -3679,7 +3713,8 @@ const ( ETHTOOL_A_LINKSTATE_SQI_MAX = 0x4 ETHTOOL_A_LINKSTATE_EXT_STATE = 0x5 ETHTOOL_A_LINKSTATE_EXT_SUBSTATE = 0x6 - ETHTOOL_A_LINKSTATE_MAX = 0x6 + ETHTOOL_A_LINKSTATE_EXT_DOWN_CNT = 0x7 + ETHTOOL_A_LINKSTATE_MAX = 0x7 ETHTOOL_A_DEBUG_UNSPEC = 0x0 ETHTOOL_A_DEBUG_HEADER = 0x1 ETHTOOL_A_DEBUG_MSGMASK = 0x2 @@ -4409,7 +4444,7 @@ const ( NL80211_ATTR_MAC_HINT = 0xc8 NL80211_ATTR_MAC_MASK = 0xd7 NL80211_ATTR_MAX_AP_ASSOC_STA = 0xca - NL80211_ATTR_MAX = 0x140 + NL80211_ATTR_MAX = 0x141 NL80211_ATTR_MAX_CRIT_PROT_DURATION = 0xb4 NL80211_ATTR_MAX_CSA_COUNTERS = 0xce NL80211_ATTR_MAX_MATCH_SETS = 0x85 @@ -4552,6 +4587,7 @@ const ( NL80211_ATTR_SUPPORT_MESH_AUTH = 0x73 NL80211_ATTR_SURVEY_INFO = 0x54 NL80211_ATTR_SURVEY_RADIO_STATS = 0xda + NL80211_ATTR_TD_BITMAP = 0x141 NL80211_ATTR_TDLS_ACTION = 0x88 NL80211_ATTR_TDLS_DIALOG_TOKEN = 0x89 NL80211_ATTR_TDLS_EXTERNAL_SETUP = 0x8c @@ -5752,3 +5788,25 @@ const ( AUDIT_NLGRP_NONE = 0x0 AUDIT_NLGRP_READLOG = 0x1 ) + +const ( + TUN_F_CSUM = 0x1 + TUN_F_TSO4 = 0x2 + TUN_F_TSO6 = 0x4 + TUN_F_TSO_ECN = 0x8 + TUN_F_UFO = 0x10 +) + +const ( + VIRTIO_NET_HDR_F_NEEDS_CSUM = 0x1 + VIRTIO_NET_HDR_F_DATA_VALID = 0x2 + VIRTIO_NET_HDR_F_RSC_INFO = 0x4 +) + +const ( + VIRTIO_NET_HDR_GSO_NONE = 0x0 + VIRTIO_NET_HDR_GSO_TCPV4 = 0x1 + VIRTIO_NET_HDR_GSO_UDP = 0x3 + VIRTIO_NET_HDR_GSO_TCPV6 = 0x4 + VIRTIO_NET_HDR_GSO_ECN = 0x80 +) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go index 89c516a29..4ecc1495c 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go @@ -414,7 +414,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [122]int8 + Data [122]byte _ uint32 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go index 62b4fb269..34fddff96 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go @@ -427,7 +427,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]int8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go index e86b35893..3b14a6031 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go @@ -405,7 +405,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [122]uint8 + Data [122]byte _ uint32 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go index 6c6be4c91..0517651ab 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go @@ -406,7 +406,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]int8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go index 4982ea355..3b0c51813 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go @@ -407,7 +407,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]int8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go index 173141a67..fccdf4dd0 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go @@ -410,7 +410,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [122]int8 + Data [122]byte _ uint32 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go index 93ae4c516..500de8fc0 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go @@ -409,7 +409,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]int8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go index 4e4e510ca..d0434cd2c 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go @@ -409,7 +409,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]int8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go index 3f5ba013d..84206ba53 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go @@ -410,7 +410,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [122]int8 + Data [122]byte _ uint32 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go index 71dfe7cdb..ab078cf1f 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go @@ -417,7 +417,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [122]uint8 + Data [122]byte _ uint32 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go index 3a2b7f0a6..42eb2c4ce 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go @@ -416,7 +416,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]uint8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go index a52d62756..31304a4e8 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go @@ -416,7 +416,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]uint8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go index dfc007d8a..c311f9612 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go @@ -434,7 +434,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]uint8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go index b53cb9103..bba3cefac 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go @@ -429,7 +429,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]int8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go index fe0aa3547..ad8a01380 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go @@ -411,7 +411,7 @@ const ( type SockaddrStorage struct { Family uint16 - _ [118]int8 + Data [118]byte _ uint64 } diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go index 41cb3c01f..3723b2c22 100644 --- a/vendor/golang.org/x/sys/windows/syscall_windows.go +++ b/vendor/golang.org/x/sys/windows/syscall_windows.go @@ -824,6 +824,9 @@ const socket_error = uintptr(^uint32(0)) //sys WSAStartup(verreq uint32, data *WSAData) (sockerr error) = ws2_32.WSAStartup //sys WSACleanup() (err error) [failretval==socket_error] = ws2_32.WSACleanup //sys WSAIoctl(s Handle, iocc uint32, inbuf *byte, cbif uint32, outbuf *byte, cbob uint32, cbbr *uint32, overlapped *Overlapped, completionRoutine uintptr) (err error) [failretval==socket_error] = ws2_32.WSAIoctl +//sys WSALookupServiceBegin(querySet *WSAQUERYSET, flags uint32, handle *Handle) (err error) [failretval==socket_error] = ws2_32.WSALookupServiceBeginW +//sys WSALookupServiceNext(handle Handle, flags uint32, size *int32, querySet *WSAQUERYSET) (err error) [failretval==socket_error] = ws2_32.WSALookupServiceNextW +//sys WSALookupServiceEnd(handle Handle) (err error) [failretval==socket_error] = ws2_32.WSALookupServiceEnd //sys socket(af int32, typ int32, protocol int32) (handle Handle, err error) [failretval==InvalidHandle] = ws2_32.socket //sys sendto(s Handle, buf []byte, flags int32, to unsafe.Pointer, tolen int32) (err error) [failretval==socket_error] = ws2_32.sendto //sys recvfrom(s Handle, buf []byte, flags int32, from *RawSockaddrAny, fromlen *int32) (n int32, err error) [failretval==-1] = ws2_32.recvfrom @@ -1019,8 +1022,7 @@ func (rsa *RawSockaddrAny) Sockaddr() (Sockaddr, error) { for n < len(pp.Path) && pp.Path[n] != 0 { n++ } - bytes := (*[len(pp.Path)]byte)(unsafe.Pointer(&pp.Path[0]))[0:n] - sa.Name = string(bytes) + sa.Name = string(unsafe.Slice((*byte)(unsafe.Pointer(&pp.Path[0])), n)) return sa, nil case AF_INET: diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go index 0c4add974..857acf103 100644 --- a/vendor/golang.org/x/sys/windows/types_windows.go +++ b/vendor/golang.org/x/sys/windows/types_windows.go @@ -1243,6 +1243,51 @@ const ( DnsSectionAdditional = 0x0003 ) +const ( + // flags of WSALookupService + LUP_DEEP = 0x0001 + LUP_CONTAINERS = 0x0002 + LUP_NOCONTAINERS = 0x0004 + LUP_NEAREST = 0x0008 + LUP_RETURN_NAME = 0x0010 + LUP_RETURN_TYPE = 0x0020 + LUP_RETURN_VERSION = 0x0040 + LUP_RETURN_COMMENT = 0x0080 + LUP_RETURN_ADDR = 0x0100 + LUP_RETURN_BLOB = 0x0200 + LUP_RETURN_ALIASES = 0x0400 + LUP_RETURN_QUERY_STRING = 0x0800 + LUP_RETURN_ALL = 0x0FF0 + LUP_RES_SERVICE = 0x8000 + + LUP_FLUSHCACHE = 0x1000 + LUP_FLUSHPREVIOUS = 0x2000 + + LUP_NON_AUTHORITATIVE = 0x4000 + LUP_SECURE = 0x8000 + LUP_RETURN_PREFERRED_NAMES = 0x10000 + LUP_DNS_ONLY = 0x20000 + + LUP_ADDRCONFIG = 0x100000 + LUP_DUAL_ADDR = 0x200000 + LUP_FILESERVER = 0x400000 + LUP_DISABLE_IDN_ENCODING = 0x00800000 + LUP_API_ANSI = 0x01000000 + + LUP_RESOLUTION_HANDLE = 0x80000000 +) + +const ( + // values of WSAQUERYSET's namespace + NS_ALL = 0 + NS_DNS = 12 + NS_NLA = 15 + NS_BTH = 16 + NS_EMAIL = 37 + NS_PNRPNAME = 38 + NS_PNRPCLOUD = 39 +) + type DNSSRVData struct { Target *uint16 Priority uint16 @@ -3258,3 +3303,43 @@ const ( DWMWA_TEXT_COLOR = 36 DWMWA_VISIBLE_FRAME_BORDER_THICKNESS = 37 ) + +type WSAQUERYSET struct { + Size uint32 + ServiceInstanceName *uint16 + ServiceClassId *GUID + Version *WSAVersion + Comment *uint16 + NameSpace uint32 + NSProviderId *GUID + Context *uint16 + NumberOfProtocols uint32 + AfpProtocols *AFProtocols + QueryString *uint16 + NumberOfCsAddrs uint32 + SaBuffer *CSAddrInfo + OutputFlags uint32 + Blob *BLOB +} + +type WSAVersion struct { + Version uint32 + EnumerationOfComparison int32 +} + +type AFProtocols struct { + AddressFamily int32 + Protocol int32 +} + +type CSAddrInfo struct { + LocalAddr SocketAddress + RemoteAddr SocketAddress + SocketType int32 + Protocol int32 +} + +type BLOB struct { + Size uint32 + BlobData *byte +} diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go index ac60052e4..6d2a26853 100644 --- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go +++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go @@ -474,6 +474,9 @@ var ( procWSAEnumProtocolsW = modws2_32.NewProc("WSAEnumProtocolsW") procWSAGetOverlappedResult = modws2_32.NewProc("WSAGetOverlappedResult") procWSAIoctl = modws2_32.NewProc("WSAIoctl") + procWSALookupServiceBeginW = modws2_32.NewProc("WSALookupServiceBeginW") + procWSALookupServiceEnd = modws2_32.NewProc("WSALookupServiceEnd") + procWSALookupServiceNextW = modws2_32.NewProc("WSALookupServiceNextW") procWSARecv = modws2_32.NewProc("WSARecv") procWSARecvFrom = modws2_32.NewProc("WSARecvFrom") procWSASend = modws2_32.NewProc("WSASend") @@ -4067,6 +4070,30 @@ func WSAIoctl(s Handle, iocc uint32, inbuf *byte, cbif uint32, outbuf *byte, cbo return } +func WSALookupServiceBegin(querySet *WSAQUERYSET, flags uint32, handle *Handle) (err error) { + r1, _, e1 := syscall.Syscall(procWSALookupServiceBeginW.Addr(), 3, uintptr(unsafe.Pointer(querySet)), uintptr(flags), uintptr(unsafe.Pointer(handle))) + if r1 == socket_error { + err = errnoErr(e1) + } + return +} + +func WSALookupServiceEnd(handle Handle) (err error) { + r1, _, e1 := syscall.Syscall(procWSALookupServiceEnd.Addr(), 1, uintptr(handle), 0, 0) + if r1 == socket_error { + err = errnoErr(e1) + } + return +} + +func WSALookupServiceNext(handle Handle, flags uint32, size *int32, querySet *WSAQUERYSET) (err error) { + r1, _, e1 := syscall.Syscall6(procWSALookupServiceNextW.Addr(), 4, uintptr(handle), uintptr(flags), uintptr(unsafe.Pointer(size)), uintptr(unsafe.Pointer(querySet)), 0, 0) + if r1 == socket_error { + err = errnoErr(e1) + } + return +} + func WSARecv(s Handle, bufs *WSABuf, bufcnt uint32, recvd *uint32, flags *uint32, overlapped *Overlapped, croutine *byte) (err error) { r1, _, e1 := syscall.Syscall9(procWSARecv.Addr(), 7, uintptr(s), uintptr(unsafe.Pointer(bufs)), uintptr(bufcnt), uintptr(unsafe.Pointer(recvd)), uintptr(unsafe.Pointer(flags)), uintptr(unsafe.Pointer(overlapped)), uintptr(unsafe.Pointer(croutine)), 0, 0) if r1 == socket_error { diff --git a/vendor/google.golang.org/protobuf/encoding/protowire/wire.go b/vendor/google.golang.org/protobuf/encoding/protowire/wire.go index ce57f57eb..f4b4686cf 100644 --- a/vendor/google.golang.org/protobuf/encoding/protowire/wire.go +++ b/vendor/google.golang.org/protobuf/encoding/protowire/wire.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // Package protowire parses and formats the raw wire encoding. -// See https://developers.google.com/protocol-buffers/docs/encoding. +// See https://protobuf.dev/programming-guides/encoding. // // For marshaling and unmarshaling entire protobuf messages, // use the "google.golang.org/protobuf/proto" package instead. @@ -29,12 +29,8 @@ const ( ) // IsValid reports whether the field number is semantically valid. -// -// Note that while numbers within the reserved range are semantically invalid, -// they are syntactically valid in the wire format. -// Implementations may treat records with reserved field numbers as unknown. func (n Number) IsValid() bool { - return MinValidNumber <= n && n < FirstReservedNumber || LastReservedNumber < n && n <= MaxValidNumber + return MinValidNumber <= n && n <= MaxValidNumber } // Type represents the wire type. diff --git a/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go b/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go index 427c62d03..87853e786 100644 --- a/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go +++ b/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go @@ -412,12 +412,13 @@ func (d *Decoder) parseFieldName() (tok Token, err error) { // Field number. Identify if input is a valid number that is not negative // and is decimal integer within 32-bit range. if num := parseNumber(d.in); num.size > 0 { + str := num.string(d.in) if !num.neg && num.kind == numDec { - if _, err := strconv.ParseInt(string(d.in[:num.size]), 10, 32); err == nil { + if _, err := strconv.ParseInt(str, 10, 32); err == nil { return d.consumeToken(Name, num.size, uint8(FieldNumber)), nil } } - return Token{}, d.newSyntaxError("invalid field number: %s", d.in[:num.size]) + return Token{}, d.newSyntaxError("invalid field number: %s", str) } return Token{}, d.newSyntaxError("invalid field name: %s", errId(d.in)) diff --git a/vendor/google.golang.org/protobuf/internal/encoding/text/decode_number.go b/vendor/google.golang.org/protobuf/internal/encoding/text/decode_number.go index 81a5d8c86..45c81f029 100644 --- a/vendor/google.golang.org/protobuf/internal/encoding/text/decode_number.go +++ b/vendor/google.golang.org/protobuf/internal/encoding/text/decode_number.go @@ -15,17 +15,12 @@ func (d *Decoder) parseNumberValue() (Token, bool) { if num.neg { numAttrs |= isNegative } - strSize := num.size - last := num.size - 1 - if num.kind == numFloat && (d.in[last] == 'f' || d.in[last] == 'F') { - strSize = last - } tok := Token{ kind: Scalar, attrs: numberValue, pos: len(d.orig) - len(d.in), raw: d.in[:num.size], - str: string(d.in[:strSize]), + str: num.string(d.in), numAttrs: numAttrs, } d.consume(num.size) @@ -46,6 +41,27 @@ type number struct { kind uint8 neg bool size int + // if neg, this is the length of whitespace and comments between + // the minus sign and the rest fo the number literal + sep int +} + +func (num number) string(data []byte) string { + strSize := num.size + last := num.size - 1 + if num.kind == numFloat && (data[last] == 'f' || data[last] == 'F') { + strSize = last + } + if num.neg && num.sep > 0 { + // strip whitespace/comments between negative sign and the rest + strLen := strSize - num.sep + str := make([]byte, strLen) + str[0] = data[0] + copy(str[1:], data[num.sep+1:strSize]) + return string(str) + } + return string(data[:strSize]) + } // parseNumber constructs a number object from given input. It allows for the @@ -67,19 +83,22 @@ func parseNumber(input []byte) number { } // Optional - + var sep int if s[0] == '-' { neg = true s = s[1:] size++ + // Consume any whitespace or comments between the + // negative sign and the rest of the number + lenBefore := len(s) + s = consume(s, 0) + sep = lenBefore - len(s) + size += sep if len(s) == 0 { return number{} } } - // C++ allows for whitespace and comments in between the negative sign and - // the rest of the number. This logic currently does not but is consistent - // with v1. - switch { case s[0] == '0': if len(s) > 1 { @@ -116,7 +135,7 @@ func parseNumber(input []byte) number { if len(s) > 0 && !isDelim(s[0]) { return number{} } - return number{kind: kind, neg: neg, size: size} + return number{kind: kind, neg: neg, size: size, sep: sep} } } s = s[1:] @@ -188,5 +207,5 @@ func parseNumber(input []byte) number { return number{} } - return number{kind: kind, neg: neg, size: size} + return number{kind: kind, neg: neg, size: size, sep: sep} } diff --git a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go index e3cdf1c20..5c0e8f73f 100644 --- a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go +++ b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go @@ -50,6 +50,7 @@ const ( FileDescriptorProto_Options_field_name protoreflect.Name = "options" FileDescriptorProto_SourceCodeInfo_field_name protoreflect.Name = "source_code_info" FileDescriptorProto_Syntax_field_name protoreflect.Name = "syntax" + FileDescriptorProto_Edition_field_name protoreflect.Name = "edition" FileDescriptorProto_Name_field_fullname protoreflect.FullName = "google.protobuf.FileDescriptorProto.name" FileDescriptorProto_Package_field_fullname protoreflect.FullName = "google.protobuf.FileDescriptorProto.package" @@ -63,6 +64,7 @@ const ( FileDescriptorProto_Options_field_fullname protoreflect.FullName = "google.protobuf.FileDescriptorProto.options" FileDescriptorProto_SourceCodeInfo_field_fullname protoreflect.FullName = "google.protobuf.FileDescriptorProto.source_code_info" FileDescriptorProto_Syntax_field_fullname protoreflect.FullName = "google.protobuf.FileDescriptorProto.syntax" + FileDescriptorProto_Edition_field_fullname protoreflect.FullName = "google.protobuf.FileDescriptorProto.edition" ) // Field numbers for google.protobuf.FileDescriptorProto. @@ -79,6 +81,7 @@ const ( FileDescriptorProto_Options_field_number protoreflect.FieldNumber = 8 FileDescriptorProto_SourceCodeInfo_field_number protoreflect.FieldNumber = 9 FileDescriptorProto_Syntax_field_number protoreflect.FieldNumber = 12 + FileDescriptorProto_Edition_field_number protoreflect.FieldNumber = 13 ) // Names for google.protobuf.DescriptorProto. @@ -494,26 +497,29 @@ const ( // Field names for google.protobuf.MessageOptions. const ( - MessageOptions_MessageSetWireFormat_field_name protoreflect.Name = "message_set_wire_format" - MessageOptions_NoStandardDescriptorAccessor_field_name protoreflect.Name = "no_standard_descriptor_accessor" - MessageOptions_Deprecated_field_name protoreflect.Name = "deprecated" - MessageOptions_MapEntry_field_name protoreflect.Name = "map_entry" - MessageOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option" + MessageOptions_MessageSetWireFormat_field_name protoreflect.Name = "message_set_wire_format" + MessageOptions_NoStandardDescriptorAccessor_field_name protoreflect.Name = "no_standard_descriptor_accessor" + MessageOptions_Deprecated_field_name protoreflect.Name = "deprecated" + MessageOptions_MapEntry_field_name protoreflect.Name = "map_entry" + MessageOptions_DeprecatedLegacyJsonFieldConflicts_field_name protoreflect.Name = "deprecated_legacy_json_field_conflicts" + MessageOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option" - MessageOptions_MessageSetWireFormat_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.message_set_wire_format" - MessageOptions_NoStandardDescriptorAccessor_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.no_standard_descriptor_accessor" - MessageOptions_Deprecated_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.deprecated" - MessageOptions_MapEntry_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.map_entry" - MessageOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.uninterpreted_option" + MessageOptions_MessageSetWireFormat_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.message_set_wire_format" + MessageOptions_NoStandardDescriptorAccessor_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.no_standard_descriptor_accessor" + MessageOptions_Deprecated_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.deprecated" + MessageOptions_MapEntry_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.map_entry" + MessageOptions_DeprecatedLegacyJsonFieldConflicts_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.deprecated_legacy_json_field_conflicts" + MessageOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.uninterpreted_option" ) // Field numbers for google.protobuf.MessageOptions. const ( - MessageOptions_MessageSetWireFormat_field_number protoreflect.FieldNumber = 1 - MessageOptions_NoStandardDescriptorAccessor_field_number protoreflect.FieldNumber = 2 - MessageOptions_Deprecated_field_number protoreflect.FieldNumber = 3 - MessageOptions_MapEntry_field_number protoreflect.FieldNumber = 7 - MessageOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999 + MessageOptions_MessageSetWireFormat_field_number protoreflect.FieldNumber = 1 + MessageOptions_NoStandardDescriptorAccessor_field_number protoreflect.FieldNumber = 2 + MessageOptions_Deprecated_field_number protoreflect.FieldNumber = 3 + MessageOptions_MapEntry_field_number protoreflect.FieldNumber = 7 + MessageOptions_DeprecatedLegacyJsonFieldConflicts_field_number protoreflect.FieldNumber = 11 + MessageOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999 ) // Names for google.protobuf.FieldOptions. @@ -528,16 +534,24 @@ const ( FieldOptions_Packed_field_name protoreflect.Name = "packed" FieldOptions_Jstype_field_name protoreflect.Name = "jstype" FieldOptions_Lazy_field_name protoreflect.Name = "lazy" + FieldOptions_UnverifiedLazy_field_name protoreflect.Name = "unverified_lazy" FieldOptions_Deprecated_field_name protoreflect.Name = "deprecated" FieldOptions_Weak_field_name protoreflect.Name = "weak" + FieldOptions_DebugRedact_field_name protoreflect.Name = "debug_redact" + FieldOptions_Retention_field_name protoreflect.Name = "retention" + FieldOptions_Target_field_name protoreflect.Name = "target" FieldOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option" FieldOptions_Ctype_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.ctype" FieldOptions_Packed_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.packed" FieldOptions_Jstype_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.jstype" FieldOptions_Lazy_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.lazy" + FieldOptions_UnverifiedLazy_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.unverified_lazy" FieldOptions_Deprecated_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.deprecated" FieldOptions_Weak_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.weak" + FieldOptions_DebugRedact_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.debug_redact" + FieldOptions_Retention_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.retention" + FieldOptions_Target_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.target" FieldOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.uninterpreted_option" ) @@ -547,8 +561,12 @@ const ( FieldOptions_Packed_field_number protoreflect.FieldNumber = 2 FieldOptions_Jstype_field_number protoreflect.FieldNumber = 6 FieldOptions_Lazy_field_number protoreflect.FieldNumber = 5 + FieldOptions_UnverifiedLazy_field_number protoreflect.FieldNumber = 15 FieldOptions_Deprecated_field_number protoreflect.FieldNumber = 3 FieldOptions_Weak_field_number protoreflect.FieldNumber = 10 + FieldOptions_DebugRedact_field_number protoreflect.FieldNumber = 16 + FieldOptions_Retention_field_number protoreflect.FieldNumber = 17 + FieldOptions_Target_field_number protoreflect.FieldNumber = 18 FieldOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999 ) @@ -564,6 +582,18 @@ const ( FieldOptions_JSType_enum_name = "JSType" ) +// Full and short names for google.protobuf.FieldOptions.OptionRetention. +const ( + FieldOptions_OptionRetention_enum_fullname = "google.protobuf.FieldOptions.OptionRetention" + FieldOptions_OptionRetention_enum_name = "OptionRetention" +) + +// Full and short names for google.protobuf.FieldOptions.OptionTargetType. +const ( + FieldOptions_OptionTargetType_enum_fullname = "google.protobuf.FieldOptions.OptionTargetType" + FieldOptions_OptionTargetType_enum_name = "OptionTargetType" +) + // Names for google.protobuf.OneofOptions. const ( OneofOptions_message_name protoreflect.Name = "OneofOptions" @@ -590,20 +620,23 @@ const ( // Field names for google.protobuf.EnumOptions. const ( - EnumOptions_AllowAlias_field_name protoreflect.Name = "allow_alias" - EnumOptions_Deprecated_field_name protoreflect.Name = "deprecated" - EnumOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option" + EnumOptions_AllowAlias_field_name protoreflect.Name = "allow_alias" + EnumOptions_Deprecated_field_name protoreflect.Name = "deprecated" + EnumOptions_DeprecatedLegacyJsonFieldConflicts_field_name protoreflect.Name = "deprecated_legacy_json_field_conflicts" + EnumOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option" - EnumOptions_AllowAlias_field_fullname protoreflect.FullName = "google.protobuf.EnumOptions.allow_alias" - EnumOptions_Deprecated_field_fullname protoreflect.FullName = "google.protobuf.EnumOptions.deprecated" - EnumOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.EnumOptions.uninterpreted_option" + EnumOptions_AllowAlias_field_fullname protoreflect.FullName = "google.protobuf.EnumOptions.allow_alias" + EnumOptions_Deprecated_field_fullname protoreflect.FullName = "google.protobuf.EnumOptions.deprecated" + EnumOptions_DeprecatedLegacyJsonFieldConflicts_field_fullname protoreflect.FullName = "google.protobuf.EnumOptions.deprecated_legacy_json_field_conflicts" + EnumOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.EnumOptions.uninterpreted_option" ) // Field numbers for google.protobuf.EnumOptions. const ( - EnumOptions_AllowAlias_field_number protoreflect.FieldNumber = 2 - EnumOptions_Deprecated_field_number protoreflect.FieldNumber = 3 - EnumOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999 + EnumOptions_AllowAlias_field_number protoreflect.FieldNumber = 2 + EnumOptions_Deprecated_field_number protoreflect.FieldNumber = 3 + EnumOptions_DeprecatedLegacyJsonFieldConflicts_field_number protoreflect.FieldNumber = 6 + EnumOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999 ) // Names for google.protobuf.EnumValueOptions. @@ -813,11 +846,13 @@ const ( GeneratedCodeInfo_Annotation_SourceFile_field_name protoreflect.Name = "source_file" GeneratedCodeInfo_Annotation_Begin_field_name protoreflect.Name = "begin" GeneratedCodeInfo_Annotation_End_field_name protoreflect.Name = "end" + GeneratedCodeInfo_Annotation_Semantic_field_name protoreflect.Name = "semantic" GeneratedCodeInfo_Annotation_Path_field_fullname protoreflect.FullName = "google.protobuf.GeneratedCodeInfo.Annotation.path" GeneratedCodeInfo_Annotation_SourceFile_field_fullname protoreflect.FullName = "google.protobuf.GeneratedCodeInfo.Annotation.source_file" GeneratedCodeInfo_Annotation_Begin_field_fullname protoreflect.FullName = "google.protobuf.GeneratedCodeInfo.Annotation.begin" GeneratedCodeInfo_Annotation_End_field_fullname protoreflect.FullName = "google.protobuf.GeneratedCodeInfo.Annotation.end" + GeneratedCodeInfo_Annotation_Semantic_field_fullname protoreflect.FullName = "google.protobuf.GeneratedCodeInfo.Annotation.semantic" ) // Field numbers for google.protobuf.GeneratedCodeInfo.Annotation. @@ -826,4 +861,11 @@ const ( GeneratedCodeInfo_Annotation_SourceFile_field_number protoreflect.FieldNumber = 2 GeneratedCodeInfo_Annotation_Begin_field_number protoreflect.FieldNumber = 3 GeneratedCodeInfo_Annotation_End_field_number protoreflect.FieldNumber = 4 + GeneratedCodeInfo_Annotation_Semantic_field_number protoreflect.FieldNumber = 5 +) + +// Full and short names for google.protobuf.GeneratedCodeInfo.Annotation.Semantic. +const ( + GeneratedCodeInfo_Annotation_Semantic_enum_fullname = "google.protobuf.GeneratedCodeInfo.Annotation.Semantic" + GeneratedCodeInfo_Annotation_Semantic_enum_name = "Semantic" ) diff --git a/vendor/google.golang.org/protobuf/internal/impl/convert.go b/vendor/google.golang.org/protobuf/internal/impl/convert.go index 11a6128ba..185ef2efa 100644 --- a/vendor/google.golang.org/protobuf/internal/impl/convert.go +++ b/vendor/google.golang.org/protobuf/internal/impl/convert.go @@ -59,7 +59,6 @@ func NewConverter(t reflect.Type, fd protoreflect.FieldDescriptor) Converter { default: return newSingularConverter(t, fd) } - panic(fmt.Sprintf("invalid Go type %v for field %v", t, fd.FullName())) } var ( diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe.go b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe.go index fea589c45..61a84d341 100644 --- a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe.go +++ b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe.go @@ -87,7 +87,7 @@ func (sb *Builder) grow(n int) { // Unlike strings.Builder, we do not need to copy over the contents // of the old buffer since our builder provides no API for // retrieving previously created strings. - sb.buf = make([]byte, 2*(cap(sb.buf)+n)) + sb.buf = make([]byte, 0, 2*(cap(sb.buf)+n)) } func (sb *Builder) last(n int) string { diff --git a/vendor/google.golang.org/protobuf/internal/version/version.go b/vendor/google.golang.org/protobuf/internal/version/version.go index b480c5010..f7014cd51 100644 --- a/vendor/google.golang.org/protobuf/internal/version/version.go +++ b/vendor/google.golang.org/protobuf/internal/version/version.go @@ -51,8 +51,8 @@ import ( // 10. Send out the CL for review and submit it. const ( Major = 1 - Minor = 28 - Patch = 1 + Minor = 30 + Patch = 0 PreRelease = "" ) diff --git a/vendor/google.golang.org/protobuf/proto/doc.go b/vendor/google.golang.org/protobuf/proto/doc.go index 08d2a46f5..ec71e717f 100644 --- a/vendor/google.golang.org/protobuf/proto/doc.go +++ b/vendor/google.golang.org/protobuf/proto/doc.go @@ -5,16 +5,13 @@ // Package proto provides functions operating on protocol buffer messages. // // For documentation on protocol buffers in general, see: -// -// https://developers.google.com/protocol-buffers +// https://protobuf.dev. // // For a tutorial on using protocol buffers with Go, see: -// -// https://developers.google.com/protocol-buffers/docs/gotutorial +// https://protobuf.dev/getting-started/gotutorial. // // For a guide to generated Go protocol buffer code, see: -// -// https://developers.google.com/protocol-buffers/docs/reference/go-generated +// https://protobuf.dev/reference/go/go-generated. // // # Binary serialization // diff --git a/vendor/google.golang.org/protobuf/proto/equal.go b/vendor/google.golang.org/protobuf/proto/equal.go index 67948dd1d..1a0be1b03 100644 --- a/vendor/google.golang.org/protobuf/proto/equal.go +++ b/vendor/google.golang.org/protobuf/proto/equal.go @@ -5,30 +5,39 @@ package proto import ( - "bytes" - "math" "reflect" - "google.golang.org/protobuf/encoding/protowire" "google.golang.org/protobuf/reflect/protoreflect" ) -// Equal reports whether two messages are equal. -// If two messages marshal to the same bytes under deterministic serialization, -// then Equal is guaranteed to report true. +// Equal reports whether two messages are equal, +// by recursively comparing the fields of the message. // -// Two messages are equal if they belong to the same message descriptor, -// have the same set of populated known and extension field values, -// and the same set of unknown fields values. If either of the top-level -// messages are invalid, then Equal reports true only if both are invalid. +// - Bytes fields are equal if they contain identical bytes. +// Empty bytes (regardless of nil-ness) are considered equal. // -// Scalar values are compared with the equivalent of the == operator in Go, -// except bytes values which are compared using bytes.Equal and -// floating point values which specially treat NaNs as equal. -// Message values are compared by recursively calling Equal. -// Lists are equal if each element value is also equal. -// Maps are equal if they have the same set of keys, where the pair of values -// for each key is also equal. +// - Floating-point fields are equal if they contain the same value. +// Unlike the == operator, a NaN is equal to another NaN. +// +// - Other scalar fields are equal if they contain the same value. +// +// - Message fields are equal if they have +// the same set of populated known and extension field values, and +// the same set of unknown fields values. +// +// - Lists are equal if they are the same length and +// each corresponding element is equal. +// +// - Maps are equal if they have the same set of keys and +// the corresponding value for each key is equal. +// +// An invalid message is not equal to a valid message. +// An invalid message is only equal to another invalid message of the +// same type. An invalid message often corresponds to a nil pointer +// of the concrete message type. For example, (*pb.M)(nil) is not equal +// to &pb.M{}. +// If two valid messages marshal to the same bytes under deterministic +// serialization, then Equal is guaranteed to report true. func Equal(x, y Message) bool { if x == nil || y == nil { return x == nil && y == nil @@ -42,130 +51,7 @@ func Equal(x, y Message) bool { if mx.IsValid() != my.IsValid() { return false } - return equalMessage(mx, my) -} - -// equalMessage compares two messages. -func equalMessage(mx, my protoreflect.Message) bool { - if mx.Descriptor() != my.Descriptor() { - return false - } - - nx := 0 - equal := true - mx.Range(func(fd protoreflect.FieldDescriptor, vx protoreflect.Value) bool { - nx++ - vy := my.Get(fd) - equal = my.Has(fd) && equalField(fd, vx, vy) - return equal - }) - if !equal { - return false - } - ny := 0 - my.Range(func(fd protoreflect.FieldDescriptor, vx protoreflect.Value) bool { - ny++ - return true - }) - if nx != ny { - return false - } - - return equalUnknown(mx.GetUnknown(), my.GetUnknown()) -} - -// equalField compares two fields. -func equalField(fd protoreflect.FieldDescriptor, x, y protoreflect.Value) bool { - switch { - case fd.IsList(): - return equalList(fd, x.List(), y.List()) - case fd.IsMap(): - return equalMap(fd, x.Map(), y.Map()) - default: - return equalValue(fd, x, y) - } -} - -// equalMap compares two maps. -func equalMap(fd protoreflect.FieldDescriptor, x, y protoreflect.Map) bool { - if x.Len() != y.Len() { - return false - } - equal := true - x.Range(func(k protoreflect.MapKey, vx protoreflect.Value) bool { - vy := y.Get(k) - equal = y.Has(k) && equalValue(fd.MapValue(), vx, vy) - return equal - }) - return equal -} - -// equalList compares two lists. -func equalList(fd protoreflect.FieldDescriptor, x, y protoreflect.List) bool { - if x.Len() != y.Len() { - return false - } - for i := x.Len() - 1; i >= 0; i-- { - if !equalValue(fd, x.Get(i), y.Get(i)) { - return false - } - } - return true -} - -// equalValue compares two singular values. -func equalValue(fd protoreflect.FieldDescriptor, x, y protoreflect.Value) bool { - switch fd.Kind() { - case protoreflect.BoolKind: - return x.Bool() == y.Bool() - case protoreflect.EnumKind: - return x.Enum() == y.Enum() - case protoreflect.Int32Kind, protoreflect.Sint32Kind, - protoreflect.Int64Kind, protoreflect.Sint64Kind, - protoreflect.Sfixed32Kind, protoreflect.Sfixed64Kind: - return x.Int() == y.Int() - case protoreflect.Uint32Kind, protoreflect.Uint64Kind, - protoreflect.Fixed32Kind, protoreflect.Fixed64Kind: - return x.Uint() == y.Uint() - case protoreflect.FloatKind, protoreflect.DoubleKind: - fx := x.Float() - fy := y.Float() - if math.IsNaN(fx) || math.IsNaN(fy) { - return math.IsNaN(fx) && math.IsNaN(fy) - } - return fx == fy - case protoreflect.StringKind: - return x.String() == y.String() - case protoreflect.BytesKind: - return bytes.Equal(x.Bytes(), y.Bytes()) - case protoreflect.MessageKind, protoreflect.GroupKind: - return equalMessage(x.Message(), y.Message()) - default: - return x.Interface() == y.Interface() - } -} - -// equalUnknown compares unknown fields by direct comparison on the raw bytes -// of each individual field number. -func equalUnknown(x, y protoreflect.RawFields) bool { - if len(x) != len(y) { - return false - } - if bytes.Equal([]byte(x), []byte(y)) { - return true - } - - mx := make(map[protoreflect.FieldNumber]protoreflect.RawFields) - my := make(map[protoreflect.FieldNumber]protoreflect.RawFields) - for len(x) > 0 { - fnum, _, n := protowire.ConsumeField(x) - mx[fnum] = append(mx[fnum], x[:n]...) - x = x[n:] - } - for len(y) > 0 { - fnum, _, n := protowire.ConsumeField(y) - my[fnum] = append(my[fnum], y[:n]...) - y = y[n:] - } - return reflect.DeepEqual(mx, my) + vx := protoreflect.ValueOfMessage(mx) + vy := protoreflect.ValueOfMessage(my) + return vx.Equal(vy) } diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go index b03c1223c..54ce326df 100644 --- a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go +++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go @@ -35,6 +35,8 @@ func (p *SourcePath) appendFileDescriptorProto(b []byte) []byte { b = p.appendSingularField(b, "source_code_info", (*SourcePath).appendSourceCodeInfo) case 12: b = p.appendSingularField(b, "syntax", nil) + case 13: + b = p.appendSingularField(b, "edition", nil) } return b } @@ -236,6 +238,8 @@ func (p *SourcePath) appendMessageOptions(b []byte) []byte { b = p.appendSingularField(b, "deprecated", nil) case 7: b = p.appendSingularField(b, "map_entry", nil) + case 11: + b = p.appendSingularField(b, "deprecated_legacy_json_field_conflicts", nil) case 999: b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption) } @@ -279,6 +283,8 @@ func (p *SourcePath) appendEnumOptions(b []byte) []byte { b = p.appendSingularField(b, "allow_alias", nil) case 3: b = p.appendSingularField(b, "deprecated", nil) + case 6: + b = p.appendSingularField(b, "deprecated_legacy_json_field_conflicts", nil) case 999: b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption) } @@ -345,10 +351,18 @@ func (p *SourcePath) appendFieldOptions(b []byte) []byte { b = p.appendSingularField(b, "jstype", nil) case 5: b = p.appendSingularField(b, "lazy", nil) + case 15: + b = p.appendSingularField(b, "unverified_lazy", nil) case 3: b = p.appendSingularField(b, "deprecated", nil) case 10: b = p.appendSingularField(b, "weak", nil) + case 16: + b = p.appendSingularField(b, "debug_redact", nil) + case 17: + b = p.appendSingularField(b, "retention", nil) + case 18: + b = p.appendSingularField(b, "target", nil) case 999: b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption) } diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go index f31981077..37601b781 100644 --- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go +++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go @@ -148,7 +148,7 @@ type Message interface { // be preserved in marshaling or other operations. IsValid() bool - // ProtoMethods returns optional fast-path implementions of various operations. + // ProtoMethods returns optional fast-path implementations of various operations. // This method may return nil. // // The returned methods type is identical to diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_equal.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_equal.go new file mode 100644 index 000000000..591652541 --- /dev/null +++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_equal.go @@ -0,0 +1,168 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package protoreflect + +import ( + "bytes" + "fmt" + "math" + "reflect" + + "google.golang.org/protobuf/encoding/protowire" +) + +// Equal reports whether v1 and v2 are recursively equal. +// +// - Values of different types are always unequal. +// +// - Bytes values are equal if they contain identical bytes. +// Empty bytes (regardless of nil-ness) are considered equal. +// +// - Floating point values are equal if they contain the same value. +// Unlike the == operator, a NaN is equal to another NaN. +// +// - Enums are equal if they contain the same number. +// Since Value does not contain an enum descriptor, +// enum values do not consider the type of the enum. +// +// - Other scalar values are equal if they contain the same value. +// +// - Message values are equal if they belong to the same message descriptor, +// have the same set of populated known and extension field values, +// and the same set of unknown fields values. +// +// - Lists are equal if they are the same length and +// each corresponding element is equal. +// +// - Maps are equal if they have the same set of keys and +// the corresponding value for each key is equal. +func (v1 Value) Equal(v2 Value) bool { + return equalValue(v1, v2) +} + +func equalValue(x, y Value) bool { + eqType := x.typ == y.typ + switch x.typ { + case nilType: + return eqType + case boolType: + return eqType && x.Bool() == y.Bool() + case int32Type, int64Type: + return eqType && x.Int() == y.Int() + case uint32Type, uint64Type: + return eqType && x.Uint() == y.Uint() + case float32Type, float64Type: + return eqType && equalFloat(x.Float(), y.Float()) + case stringType: + return eqType && x.String() == y.String() + case bytesType: + return eqType && bytes.Equal(x.Bytes(), y.Bytes()) + case enumType: + return eqType && x.Enum() == y.Enum() + default: + switch x := x.Interface().(type) { + case Message: + y, ok := y.Interface().(Message) + return ok && equalMessage(x, y) + case List: + y, ok := y.Interface().(List) + return ok && equalList(x, y) + case Map: + y, ok := y.Interface().(Map) + return ok && equalMap(x, y) + default: + panic(fmt.Sprintf("unknown type: %T", x)) + } + } +} + +// equalFloat compares two floats, where NaNs are treated as equal. +func equalFloat(x, y float64) bool { + if math.IsNaN(x) || math.IsNaN(y) { + return math.IsNaN(x) && math.IsNaN(y) + } + return x == y +} + +// equalMessage compares two messages. +func equalMessage(mx, my Message) bool { + if mx.Descriptor() != my.Descriptor() { + return false + } + + nx := 0 + equal := true + mx.Range(func(fd FieldDescriptor, vx Value) bool { + nx++ + vy := my.Get(fd) + equal = my.Has(fd) && equalValue(vx, vy) + return equal + }) + if !equal { + return false + } + ny := 0 + my.Range(func(fd FieldDescriptor, vx Value) bool { + ny++ + return true + }) + if nx != ny { + return false + } + + return equalUnknown(mx.GetUnknown(), my.GetUnknown()) +} + +// equalList compares two lists. +func equalList(x, y List) bool { + if x.Len() != y.Len() { + return false + } + for i := x.Len() - 1; i >= 0; i-- { + if !equalValue(x.Get(i), y.Get(i)) { + return false + } + } + return true +} + +// equalMap compares two maps. +func equalMap(x, y Map) bool { + if x.Len() != y.Len() { + return false + } + equal := true + x.Range(func(k MapKey, vx Value) bool { + vy := y.Get(k) + equal = y.Has(k) && equalValue(vx, vy) + return equal + }) + return equal +} + +// equalUnknown compares unknown fields by direct comparison on the raw bytes +// of each individual field number. +func equalUnknown(x, y RawFields) bool { + if len(x) != len(y) { + return false + } + if bytes.Equal([]byte(x), []byte(y)) { + return true + } + + mx := make(map[FieldNumber]RawFields) + my := make(map[FieldNumber]RawFields) + for len(x) > 0 { + fnum, _, n := protowire.ConsumeField(x) + mx[fnum] = append(mx[fnum], x[:n]...) + x = x[n:] + } + for len(y) > 0 { + fnum, _, n := protowire.ConsumeField(y) + my[fnum] = append(my[fnum], y[:n]...) + y = y[n:] + } + return reflect.DeepEqual(mx, my) +} diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go index ca8e28c5b..08e5ef73f 100644 --- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go +++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go @@ -54,11 +54,11 @@ import ( // // Append a 0 to a "repeated int32" field. // // Since the Value returned by Mutable is guaranteed to alias // // the source message, modifying the Value modifies the message. -// message.Mutable(fieldDesc).(List).Append(protoreflect.ValueOfInt32(0)) +// message.Mutable(fieldDesc).List().Append(protoreflect.ValueOfInt32(0)) // // // Assign [0] to a "repeated int32" field by creating a new Value, // // modifying it, and assigning it. -// list := message.NewField(fieldDesc).(List) +// list := message.NewField(fieldDesc).List() // list.Append(protoreflect.ValueOfInt32(0)) // message.Set(fieldDesc, list) // // ERROR: Since it is not defined whether Set aliases the source, diff --git a/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go b/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go index 58352a697..aeb559774 100644 --- a/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go +++ b/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go @@ -46,7 +46,7 @@ var conflictPolicy = "panic" // "panic" | "warn" | "ignore" // It is a variable so that the behavior is easily overridden in another file. var ignoreConflict = func(d protoreflect.Descriptor, err error) bool { const env = "GOLANG_PROTOBUF_REGISTRATION_CONFLICT" - const faq = "https://developers.google.com/protocol-buffers/docs/reference/go/faq#namespace-conflict" + const faq = "https://protobuf.dev/reference/go/faq#namespace-conflict" policy := conflictPolicy if v := os.Getenv(env); v != "" { policy = v diff --git a/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go b/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go index abe4ab511..dac5671db 100644 --- a/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go +++ b/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go @@ -406,6 +406,152 @@ func (FieldOptions_JSType) EnumDescriptor() ([]byte, []int) { return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{12, 1} } +// If set to RETENTION_SOURCE, the option will be omitted from the binary. +// Note: as of January 2023, support for this is in progress and does not yet +// have an effect (b/264593489). +type FieldOptions_OptionRetention int32 + +const ( + FieldOptions_RETENTION_UNKNOWN FieldOptions_OptionRetention = 0 + FieldOptions_RETENTION_RUNTIME FieldOptions_OptionRetention = 1 + FieldOptions_RETENTION_SOURCE FieldOptions_OptionRetention = 2 +) + +// Enum value maps for FieldOptions_OptionRetention. +var ( + FieldOptions_OptionRetention_name = map[int32]string{ + 0: "RETENTION_UNKNOWN", + 1: "RETENTION_RUNTIME", + 2: "RETENTION_SOURCE", + } + FieldOptions_OptionRetention_value = map[string]int32{ + "RETENTION_UNKNOWN": 0, + "RETENTION_RUNTIME": 1, + "RETENTION_SOURCE": 2, + } +) + +func (x FieldOptions_OptionRetention) Enum() *FieldOptions_OptionRetention { + p := new(FieldOptions_OptionRetention) + *p = x + return p +} + +func (x FieldOptions_OptionRetention) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (FieldOptions_OptionRetention) Descriptor() protoreflect.EnumDescriptor { + return file_google_protobuf_descriptor_proto_enumTypes[5].Descriptor() +} + +func (FieldOptions_OptionRetention) Type() protoreflect.EnumType { + return &file_google_protobuf_descriptor_proto_enumTypes[5] +} + +func (x FieldOptions_OptionRetention) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Do not use. +func (x *FieldOptions_OptionRetention) UnmarshalJSON(b []byte) error { + num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b) + if err != nil { + return err + } + *x = FieldOptions_OptionRetention(num) + return nil +} + +// Deprecated: Use FieldOptions_OptionRetention.Descriptor instead. +func (FieldOptions_OptionRetention) EnumDescriptor() ([]byte, []int) { + return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{12, 2} +} + +// This indicates the types of entities that the field may apply to when used +// as an option. If it is unset, then the field may be freely used as an +// option on any kind of entity. Note: as of January 2023, support for this is +// in progress and does not yet have an effect (b/264593489). +type FieldOptions_OptionTargetType int32 + +const ( + FieldOptions_TARGET_TYPE_UNKNOWN FieldOptions_OptionTargetType = 0 + FieldOptions_TARGET_TYPE_FILE FieldOptions_OptionTargetType = 1 + FieldOptions_TARGET_TYPE_EXTENSION_RANGE FieldOptions_OptionTargetType = 2 + FieldOptions_TARGET_TYPE_MESSAGE FieldOptions_OptionTargetType = 3 + FieldOptions_TARGET_TYPE_FIELD FieldOptions_OptionTargetType = 4 + FieldOptions_TARGET_TYPE_ONEOF FieldOptions_OptionTargetType = 5 + FieldOptions_TARGET_TYPE_ENUM FieldOptions_OptionTargetType = 6 + FieldOptions_TARGET_TYPE_ENUM_ENTRY FieldOptions_OptionTargetType = 7 + FieldOptions_TARGET_TYPE_SERVICE FieldOptions_OptionTargetType = 8 + FieldOptions_TARGET_TYPE_METHOD FieldOptions_OptionTargetType = 9 +) + +// Enum value maps for FieldOptions_OptionTargetType. +var ( + FieldOptions_OptionTargetType_name = map[int32]string{ + 0: "TARGET_TYPE_UNKNOWN", + 1: "TARGET_TYPE_FILE", + 2: "TARGET_TYPE_EXTENSION_RANGE", + 3: "TARGET_TYPE_MESSAGE", + 4: "TARGET_TYPE_FIELD", + 5: "TARGET_TYPE_ONEOF", + 6: "TARGET_TYPE_ENUM", + 7: "TARGET_TYPE_ENUM_ENTRY", + 8: "TARGET_TYPE_SERVICE", + 9: "TARGET_TYPE_METHOD", + } + FieldOptions_OptionTargetType_value = map[string]int32{ + "TARGET_TYPE_UNKNOWN": 0, + "TARGET_TYPE_FILE": 1, + "TARGET_TYPE_EXTENSION_RANGE": 2, + "TARGET_TYPE_MESSAGE": 3, + "TARGET_TYPE_FIELD": 4, + "TARGET_TYPE_ONEOF": 5, + "TARGET_TYPE_ENUM": 6, + "TARGET_TYPE_ENUM_ENTRY": 7, + "TARGET_TYPE_SERVICE": 8, + "TARGET_TYPE_METHOD": 9, + } +) + +func (x FieldOptions_OptionTargetType) Enum() *FieldOptions_OptionTargetType { + p := new(FieldOptions_OptionTargetType) + *p = x + return p +} + +func (x FieldOptions_OptionTargetType) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (FieldOptions_OptionTargetType) Descriptor() protoreflect.EnumDescriptor { + return file_google_protobuf_descriptor_proto_enumTypes[6].Descriptor() +} + +func (FieldOptions_OptionTargetType) Type() protoreflect.EnumType { + return &file_google_protobuf_descriptor_proto_enumTypes[6] +} + +func (x FieldOptions_OptionTargetType) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Do not use. +func (x *FieldOptions_OptionTargetType) UnmarshalJSON(b []byte) error { + num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b) + if err != nil { + return err + } + *x = FieldOptions_OptionTargetType(num) + return nil +} + +// Deprecated: Use FieldOptions_OptionTargetType.Descriptor instead. +func (FieldOptions_OptionTargetType) EnumDescriptor() ([]byte, []int) { + return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{12, 3} +} + // Is this method side-effect-free (or safe in HTTP parlance), or idempotent, // or neither? HTTP based RPC implementation may choose GET verb for safe // methods, and PUT verb for idempotent methods instead of the default POST. @@ -442,11 +588,11 @@ func (x MethodOptions_IdempotencyLevel) String() string { } func (MethodOptions_IdempotencyLevel) Descriptor() protoreflect.EnumDescriptor { - return file_google_protobuf_descriptor_proto_enumTypes[5].Descriptor() + return file_google_protobuf_descriptor_proto_enumTypes[7].Descriptor() } func (MethodOptions_IdempotencyLevel) Type() protoreflect.EnumType { - return &file_google_protobuf_descriptor_proto_enumTypes[5] + return &file_google_protobuf_descriptor_proto_enumTypes[7] } func (x MethodOptions_IdempotencyLevel) Number() protoreflect.EnumNumber { @@ -468,6 +614,70 @@ func (MethodOptions_IdempotencyLevel) EnumDescriptor() ([]byte, []int) { return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{17, 0} } +// Represents the identified object's effect on the element in the original +// .proto file. +type GeneratedCodeInfo_Annotation_Semantic int32 + +const ( + // There is no effect or the effect is indescribable. + GeneratedCodeInfo_Annotation_NONE GeneratedCodeInfo_Annotation_Semantic = 0 + // The element is set or otherwise mutated. + GeneratedCodeInfo_Annotation_SET GeneratedCodeInfo_Annotation_Semantic = 1 + // An alias to the element is returned. + GeneratedCodeInfo_Annotation_ALIAS GeneratedCodeInfo_Annotation_Semantic = 2 +) + +// Enum value maps for GeneratedCodeInfo_Annotation_Semantic. +var ( + GeneratedCodeInfo_Annotation_Semantic_name = map[int32]string{ + 0: "NONE", + 1: "SET", + 2: "ALIAS", + } + GeneratedCodeInfo_Annotation_Semantic_value = map[string]int32{ + "NONE": 0, + "SET": 1, + "ALIAS": 2, + } +) + +func (x GeneratedCodeInfo_Annotation_Semantic) Enum() *GeneratedCodeInfo_Annotation_Semantic { + p := new(GeneratedCodeInfo_Annotation_Semantic) + *p = x + return p +} + +func (x GeneratedCodeInfo_Annotation_Semantic) String() string { + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) +} + +func (GeneratedCodeInfo_Annotation_Semantic) Descriptor() protoreflect.EnumDescriptor { + return file_google_protobuf_descriptor_proto_enumTypes[8].Descriptor() +} + +func (GeneratedCodeInfo_Annotation_Semantic) Type() protoreflect.EnumType { + return &file_google_protobuf_descriptor_proto_enumTypes[8] +} + +func (x GeneratedCodeInfo_Annotation_Semantic) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Do not use. +func (x *GeneratedCodeInfo_Annotation_Semantic) UnmarshalJSON(b []byte) error { + num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b) + if err != nil { + return err + } + *x = GeneratedCodeInfo_Annotation_Semantic(num) + return nil +} + +// Deprecated: Use GeneratedCodeInfo_Annotation_Semantic.Descriptor instead. +func (GeneratedCodeInfo_Annotation_Semantic) EnumDescriptor() ([]byte, []int) { + return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{20, 0, 0} +} + // The protocol compiler can output a FileDescriptorSet containing the .proto // files it parses. type FileDescriptorSet struct { @@ -544,8 +754,12 @@ type FileDescriptorProto struct { // development tools. SourceCodeInfo *SourceCodeInfo `protobuf:"bytes,9,opt,name=source_code_info,json=sourceCodeInfo" json:"source_code_info,omitempty"` // The syntax of the proto file. - // The supported values are "proto2" and "proto3". + // The supported values are "proto2", "proto3", and "editions". + // + // If `edition` is present, this value must be "editions". Syntax *string `protobuf:"bytes,12,opt,name=syntax" json:"syntax,omitempty"` + // The edition of the proto file, which is an opaque string. + Edition *string `protobuf:"bytes,13,opt,name=edition" json:"edition,omitempty"` } func (x *FileDescriptorProto) Reset() { @@ -664,6 +878,13 @@ func (x *FileDescriptorProto) GetSyntax() string { return "" } +func (x *FileDescriptorProto) GetEdition() string { + if x != nil && x.Edition != nil { + return *x.Edition + } + return "" +} + // Describes a message type. type DescriptorProto struct { state protoimpl.MessageState @@ -860,7 +1081,6 @@ type FieldDescriptorProto struct { // For booleans, "true" or "false". // For strings, contains the default text contents (not escaped in any way). // For bytes, contains the C escaped value. All bytes >= 128 are escaped. - // TODO(kenton): Base-64 encode? DefaultValue *string `protobuf:"bytes,7,opt,name=default_value,json=defaultValue" json:"default_value,omitempty"` // If set, gives the index of a oneof in the containing type's oneof_decl // list. This field is a member of that oneof. @@ -1382,22 +1602,22 @@ type FileOptions struct { // inappropriate because proto packages do not normally start with backwards // domain names. JavaPackage *string `protobuf:"bytes,1,opt,name=java_package,json=javaPackage" json:"java_package,omitempty"` - // If set, all the classes from the .proto file are wrapped in a single - // outer class with the given name. This applies to both Proto1 - // (equivalent to the old "--one_java_file" option) and Proto2 (where - // a .proto always translates to a single class, but you may want to - // explicitly choose the class name). + // Controls the name of the wrapper Java class generated for the .proto file. + // That class will always contain the .proto file's getDescriptor() method as + // well as any top-level extensions defined in the .proto file. + // If java_multiple_files is disabled, then all the other classes from the + // .proto file will be nested inside the single wrapper outer class. JavaOuterClassname *string `protobuf:"bytes,8,opt,name=java_outer_classname,json=javaOuterClassname" json:"java_outer_classname,omitempty"` - // If set true, then the Java code generator will generate a separate .java + // If enabled, then the Java code generator will generate a separate .java // file for each top-level message, enum, and service defined in the .proto - // file. Thus, these types will *not* be nested inside the outer class - // named by java_outer_classname. However, the outer class will still be + // file. Thus, these types will *not* be nested inside the wrapper class + // named by java_outer_classname. However, the wrapper class will still be // generated to contain the file's getDescriptor() method as well as any // top-level extensions defined in the file. JavaMultipleFiles *bool `protobuf:"varint,10,opt,name=java_multiple_files,json=javaMultipleFiles,def=0" json:"java_multiple_files,omitempty"` // This option does nothing. // - // Deprecated: Do not use. + // Deprecated: Marked as deprecated in google/protobuf/descriptor.proto. JavaGenerateEqualsAndHash *bool `protobuf:"varint,20,opt,name=java_generate_equals_and_hash,json=javaGenerateEqualsAndHash" json:"java_generate_equals_and_hash,omitempty"` // If set true, then the Java2 code generator will generate code that // throws an exception whenever an attempt is made to assign a non-UTF-8 @@ -1531,7 +1751,7 @@ func (x *FileOptions) GetJavaMultipleFiles() bool { return Default_FileOptions_JavaMultipleFiles } -// Deprecated: Do not use. +// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto. func (x *FileOptions) GetJavaGenerateEqualsAndHash() bool { if x != nil && x.JavaGenerateEqualsAndHash != nil { return *x.JavaGenerateEqualsAndHash @@ -1670,10 +1890,12 @@ type MessageOptions struct { // efficient, has fewer features, and is more complicated. // // The message must be defined exactly as follows: - // message Foo { - // option message_set_wire_format = true; - // extensions 4 to max; - // } + // + // message Foo { + // option message_set_wire_format = true; + // extensions 4 to max; + // } + // // Note that the message cannot have any defined fields; MessageSets only // have extensions. // @@ -1692,28 +1914,44 @@ type MessageOptions struct { // for the message, or it will be completely ignored; in the very least, // this is a formalization for deprecating messages. Deprecated *bool `protobuf:"varint,3,opt,name=deprecated,def=0" json:"deprecated,omitempty"` + // NOTE: Do not set the option in .proto files. Always use the maps syntax + // instead. The option should only be implicitly set by the proto compiler + // parser. + // // Whether the message is an automatically generated map entry type for the // maps field. // // For maps fields: - // map map_field = 1; + // + // map map_field = 1; + // // The parsed descriptor looks like: - // message MapFieldEntry { - // option map_entry = true; - // optional KeyType key = 1; - // optional ValueType value = 2; - // } - // repeated MapFieldEntry map_field = 1; + // + // message MapFieldEntry { + // option map_entry = true; + // optional KeyType key = 1; + // optional ValueType value = 2; + // } + // repeated MapFieldEntry map_field = 1; // // Implementations may choose not to generate the map_entry=true message, but // use a native map in the target language to hold the keys and values. // The reflection APIs in such implementations still need to work as // if the field is a repeated message field. - // - // NOTE: Do not set the option in .proto files. Always use the maps syntax - // instead. The option should only be implicitly set by the proto compiler - // parser. MapEntry *bool `protobuf:"varint,7,opt,name=map_entry,json=mapEntry" json:"map_entry,omitempty"` + // Enable the legacy handling of JSON field name conflicts. This lowercases + // and strips underscored from the fields before comparison in proto3 only. + // The new behavior takes `json_name` into account and applies to proto2 as + // well. + // + // This should only be used as a temporary measure against broken builds due + // to the change in behavior for JSON field name conflicts. + // + // TODO(b/261750190) This is legacy behavior we plan to remove once downstream + // teams have had time to migrate. + // + // Deprecated: Marked as deprecated in google/protobuf/descriptor.proto. + DeprecatedLegacyJsonFieldConflicts *bool `protobuf:"varint,11,opt,name=deprecated_legacy_json_field_conflicts,json=deprecatedLegacyJsonFieldConflicts" json:"deprecated_legacy_json_field_conflicts,omitempty"` // The parser stores options it doesn't recognize here. See above. UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"` } @@ -1785,6 +2023,14 @@ func (x *MessageOptions) GetMapEntry() bool { return false } +// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto. +func (x *MessageOptions) GetDeprecatedLegacyJsonFieldConflicts() bool { + if x != nil && x.DeprecatedLegacyJsonFieldConflicts != nil { + return *x.DeprecatedLegacyJsonFieldConflicts + } + return false +} + func (x *MessageOptions) GetUninterpretedOption() []*UninterpretedOption { if x != nil { return x.UninterpretedOption @@ -1838,7 +2084,6 @@ type FieldOptions struct { // call from multiple threads concurrently, while non-const methods continue // to require exclusive access. // - // // Note that implementations may choose not to check required fields within // a lazy sub-message. That is, calling IsInitialized() on the outer message // may return true even if the inner message has missing required fields. @@ -1849,7 +2094,14 @@ type FieldOptions struct { // implementation must either *always* check its required fields, or *never* // check its required fields, regardless of whether or not the message has // been parsed. + // + // As of May 2022, lazy verifies the contents of the byte stream during + // parsing. An invalid byte stream will cause the overall parsing to fail. Lazy *bool `protobuf:"varint,5,opt,name=lazy,def=0" json:"lazy,omitempty"` + // unverified_lazy does no correctness checks on the byte stream. This should + // only be used where lazy with verification is prohibitive for performance + // reasons. + UnverifiedLazy *bool `protobuf:"varint,15,opt,name=unverified_lazy,json=unverifiedLazy,def=0" json:"unverified_lazy,omitempty"` // Is this field deprecated? // Depending on the target platform, this can emit Deprecated annotations // for accessors, or it will be completely ignored; in the very least, this @@ -1857,17 +2109,24 @@ type FieldOptions struct { Deprecated *bool `protobuf:"varint,3,opt,name=deprecated,def=0" json:"deprecated,omitempty"` // For Google-internal migration only. Do not use. Weak *bool `protobuf:"varint,10,opt,name=weak,def=0" json:"weak,omitempty"` + // Indicate that the field value should not be printed out when using debug + // formats, e.g. when the field contains sensitive credentials. + DebugRedact *bool `protobuf:"varint,16,opt,name=debug_redact,json=debugRedact,def=0" json:"debug_redact,omitempty"` + Retention *FieldOptions_OptionRetention `protobuf:"varint,17,opt,name=retention,enum=google.protobuf.FieldOptions_OptionRetention" json:"retention,omitempty"` + Target *FieldOptions_OptionTargetType `protobuf:"varint,18,opt,name=target,enum=google.protobuf.FieldOptions_OptionTargetType" json:"target,omitempty"` // The parser stores options it doesn't recognize here. See above. UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"` } // Default values for FieldOptions fields. const ( - Default_FieldOptions_Ctype = FieldOptions_STRING - Default_FieldOptions_Jstype = FieldOptions_JS_NORMAL - Default_FieldOptions_Lazy = bool(false) - Default_FieldOptions_Deprecated = bool(false) - Default_FieldOptions_Weak = bool(false) + Default_FieldOptions_Ctype = FieldOptions_STRING + Default_FieldOptions_Jstype = FieldOptions_JS_NORMAL + Default_FieldOptions_Lazy = bool(false) + Default_FieldOptions_UnverifiedLazy = bool(false) + Default_FieldOptions_Deprecated = bool(false) + Default_FieldOptions_Weak = bool(false) + Default_FieldOptions_DebugRedact = bool(false) ) func (x *FieldOptions) Reset() { @@ -1930,6 +2189,13 @@ func (x *FieldOptions) GetLazy() bool { return Default_FieldOptions_Lazy } +func (x *FieldOptions) GetUnverifiedLazy() bool { + if x != nil && x.UnverifiedLazy != nil { + return *x.UnverifiedLazy + } + return Default_FieldOptions_UnverifiedLazy +} + func (x *FieldOptions) GetDeprecated() bool { if x != nil && x.Deprecated != nil { return *x.Deprecated @@ -1944,6 +2210,27 @@ func (x *FieldOptions) GetWeak() bool { return Default_FieldOptions_Weak } +func (x *FieldOptions) GetDebugRedact() bool { + if x != nil && x.DebugRedact != nil { + return *x.DebugRedact + } + return Default_FieldOptions_DebugRedact +} + +func (x *FieldOptions) GetRetention() FieldOptions_OptionRetention { + if x != nil && x.Retention != nil { + return *x.Retention + } + return FieldOptions_RETENTION_UNKNOWN +} + +func (x *FieldOptions) GetTarget() FieldOptions_OptionTargetType { + if x != nil && x.Target != nil { + return *x.Target + } + return FieldOptions_TARGET_TYPE_UNKNOWN +} + func (x *FieldOptions) GetUninterpretedOption() []*UninterpretedOption { if x != nil { return x.UninterpretedOption @@ -2014,6 +2301,15 @@ type EnumOptions struct { // for the enum, or it will be completely ignored; in the very least, this // is a formalization for deprecating enums. Deprecated *bool `protobuf:"varint,3,opt,name=deprecated,def=0" json:"deprecated,omitempty"` + // Enable the legacy handling of JSON field name conflicts. This lowercases + // and strips underscored from the fields before comparison in proto3 only. + // The new behavior takes `json_name` into account and applies to proto2 as + // well. + // TODO(b/261750190) Remove this legacy behavior once downstream teams have + // had time to migrate. + // + // Deprecated: Marked as deprecated in google/protobuf/descriptor.proto. + DeprecatedLegacyJsonFieldConflicts *bool `protobuf:"varint,6,opt,name=deprecated_legacy_json_field_conflicts,json=deprecatedLegacyJsonFieldConflicts" json:"deprecated_legacy_json_field_conflicts,omitempty"` // The parser stores options it doesn't recognize here. See above. UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"` } @@ -2069,6 +2365,14 @@ func (x *EnumOptions) GetDeprecated() bool { return Default_EnumOptions_Deprecated } +// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto. +func (x *EnumOptions) GetDeprecatedLegacyJsonFieldConflicts() bool { + if x != nil && x.DeprecatedLegacyJsonFieldConflicts != nil { + return *x.DeprecatedLegacyJsonFieldConflicts + } + return false +} + func (x *EnumOptions) GetUninterpretedOption() []*UninterpretedOption { if x != nil { return x.UninterpretedOption @@ -2399,43 +2703,48 @@ type SourceCodeInfo struct { // tools. // // For example, say we have a file like: - // message Foo { - // optional string foo = 1; - // } + // + // message Foo { + // optional string foo = 1; + // } + // // Let's look at just the field definition: - // optional string foo = 1; - // ^ ^^ ^^ ^ ^^^ - // a bc de f ghi + // + // optional string foo = 1; + // ^ ^^ ^^ ^ ^^^ + // a bc de f ghi + // // We have the following locations: - // span path represents - // [a,i) [ 4, 0, 2, 0 ] The whole field definition. - // [a,b) [ 4, 0, 2, 0, 4 ] The label (optional). - // [c,d) [ 4, 0, 2, 0, 5 ] The type (string). - // [e,f) [ 4, 0, 2, 0, 1 ] The name (foo). - // [g,h) [ 4, 0, 2, 0, 3 ] The number (1). + // + // span path represents + // [a,i) [ 4, 0, 2, 0 ] The whole field definition. + // [a,b) [ 4, 0, 2, 0, 4 ] The label (optional). + // [c,d) [ 4, 0, 2, 0, 5 ] The type (string). + // [e,f) [ 4, 0, 2, 0, 1 ] The name (foo). + // [g,h) [ 4, 0, 2, 0, 3 ] The number (1). // // Notes: - // - A location may refer to a repeated field itself (i.e. not to any - // particular index within it). This is used whenever a set of elements are - // logically enclosed in a single code segment. For example, an entire - // extend block (possibly containing multiple extension definitions) will - // have an outer location whose path refers to the "extensions" repeated - // field without an index. - // - Multiple locations may have the same path. This happens when a single - // logical declaration is spread out across multiple places. The most - // obvious example is the "extend" block again -- there may be multiple - // extend blocks in the same scope, each of which will have the same path. - // - A location's span is not always a subset of its parent's span. For - // example, the "extendee" of an extension declaration appears at the - // beginning of the "extend" block and is shared by all extensions within - // the block. - // - Just because a location's span is a subset of some other location's span - // does not mean that it is a descendant. For example, a "group" defines - // both a type and a field in a single declaration. Thus, the locations - // corresponding to the type and field and their components will overlap. - // - Code which tries to interpret locations should probably be designed to - // ignore those that it doesn't understand, as more types of locations could - // be recorded in the future. + // - A location may refer to a repeated field itself (i.e. not to any + // particular index within it). This is used whenever a set of elements are + // logically enclosed in a single code segment. For example, an entire + // extend block (possibly containing multiple extension definitions) will + // have an outer location whose path refers to the "extensions" repeated + // field without an index. + // - Multiple locations may have the same path. This happens when a single + // logical declaration is spread out across multiple places. The most + // obvious example is the "extend" block again -- there may be multiple + // extend blocks in the same scope, each of which will have the same path. + // - A location's span is not always a subset of its parent's span. For + // example, the "extendee" of an extension declaration appears at the + // beginning of the "extend" block and is shared by all extensions within + // the block. + // - Just because a location's span is a subset of some other location's span + // does not mean that it is a descendant. For example, a "group" defines + // both a type and a field in a single declaration. Thus, the locations + // corresponding to the type and field and their components will overlap. + // - Code which tries to interpret locations should probably be designed to + // ignore those that it doesn't understand, as more types of locations could + // be recorded in the future. Location []*SourceCodeInfo_Location `protobuf:"bytes,1,rep,name=location" json:"location,omitempty"` } @@ -2715,8 +3024,8 @@ func (x *EnumDescriptorProto_EnumReservedRange) GetEnd() int32 { // The name of the uninterpreted option. Each string represents a segment in // a dot-separated name. is_extension is true iff a segment represents an // extension (denoted with parentheses in options specs in .proto files). -// E.g.,{ ["foo", false], ["bar.baz", true], ["qux", false] } represents -// "foo.(bar.baz).qux". +// E.g.,{ ["foo", false], ["bar.baz", true], ["moo", false] } represents +// "foo.(bar.baz).moo". type UninterpretedOption_NamePart struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -2781,23 +3090,34 @@ type SourceCodeInfo_Location struct { // location. // // Each element is a field number or an index. They form a path from - // the root FileDescriptorProto to the place where the definition. For - // example, this path: - // [ 4, 3, 2, 7, 1 ] + // the root FileDescriptorProto to the place where the definition occurs. + // For example, this path: + // + // [ 4, 3, 2, 7, 1 ] + // // refers to: - // file.message_type(3) // 4, 3 - // .field(7) // 2, 7 - // .name() // 1 + // + // file.message_type(3) // 4, 3 + // .field(7) // 2, 7 + // .name() // 1 + // // This is because FileDescriptorProto.message_type has field number 4: - // repeated DescriptorProto message_type = 4; + // + // repeated DescriptorProto message_type = 4; + // // and DescriptorProto.field has field number 2: - // repeated FieldDescriptorProto field = 2; + // + // repeated FieldDescriptorProto field = 2; + // // and FieldDescriptorProto.name has field number 1: - // optional string name = 1; + // + // optional string name = 1; // // Thus, the above path gives the location of a field name. If we removed // the last element: - // [ 4, 3, 2, 7 ] + // + // [ 4, 3, 2, 7 ] + // // this path refers to the whole field declaration (from the beginning // of the label to the terminating semicolon). Path []int32 `protobuf:"varint,1,rep,packed,name=path" json:"path,omitempty"` @@ -2826,34 +3146,34 @@ type SourceCodeInfo_Location struct { // // Examples: // - // optional int32 foo = 1; // Comment attached to foo. - // // Comment attached to bar. - // optional int32 bar = 2; + // optional int32 foo = 1; // Comment attached to foo. + // // Comment attached to bar. + // optional int32 bar = 2; // - // optional string baz = 3; - // // Comment attached to baz. - // // Another line attached to baz. + // optional string baz = 3; + // // Comment attached to baz. + // // Another line attached to baz. // - // // Comment attached to qux. - // // - // // Another line attached to qux. - // optional double qux = 4; + // // Comment attached to moo. + // // + // // Another line attached to moo. + // optional double moo = 4; // - // // Detached comment for corge. This is not leading or trailing comments - // // to qux or corge because there are blank lines separating it from - // // both. + // // Detached comment for corge. This is not leading or trailing comments + // // to moo or corge because there are blank lines separating it from + // // both. // - // // Detached comment for corge paragraph 2. + // // Detached comment for corge paragraph 2. // - // optional string corge = 5; - // /* Block comment attached - // * to corge. Leading asterisks - // * will be removed. */ - // /* Block comment attached to - // * grault. */ - // optional int32 grault = 6; + // optional string corge = 5; + // /* Block comment attached + // * to corge. Leading asterisks + // * will be removed. */ + // /* Block comment attached to + // * grault. */ + // optional int32 grault = 6; // - // // ignored detached comments. + // // ignored detached comments. LeadingComments *string `protobuf:"bytes,3,opt,name=leading_comments,json=leadingComments" json:"leading_comments,omitempty"` TrailingComments *string `protobuf:"bytes,4,opt,name=trailing_comments,json=trailingComments" json:"trailing_comments,omitempty"` LeadingDetachedComments []string `protobuf:"bytes,6,rep,name=leading_detached_comments,json=leadingDetachedComments" json:"leading_detached_comments,omitempty"` @@ -2940,9 +3260,10 @@ type GeneratedCodeInfo_Annotation struct { // that relates to the identified object. Begin *int32 `protobuf:"varint,3,opt,name=begin" json:"begin,omitempty"` // Identifies the ending offset in bytes in the generated code that - // relates to the identified offset. The end offset should be one past + // relates to the identified object. The end offset should be one past // the last relevant byte (so the length of the text = end - begin). - End *int32 `protobuf:"varint,4,opt,name=end" json:"end,omitempty"` + End *int32 `protobuf:"varint,4,opt,name=end" json:"end,omitempty"` + Semantic *GeneratedCodeInfo_Annotation_Semantic `protobuf:"varint,5,opt,name=semantic,enum=google.protobuf.GeneratedCodeInfo_Annotation_Semantic" json:"semantic,omitempty"` } func (x *GeneratedCodeInfo_Annotation) Reset() { @@ -3005,6 +3326,13 @@ func (x *GeneratedCodeInfo_Annotation) GetEnd() int32 { return 0 } +func (x *GeneratedCodeInfo_Annotation) GetSemantic() GeneratedCodeInfo_Annotation_Semantic { + if x != nil && x.Semantic != nil { + return *x.Semantic + } + return GeneratedCodeInfo_Annotation_NONE +} + var File_google_protobuf_descriptor_proto protoreflect.FileDescriptor var file_google_protobuf_descriptor_proto_rawDesc = []byte{ @@ -3016,7 +3344,7 @@ var file_google_protobuf_descriptor_proto_rawDesc = []byte{ 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x6c, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x04, 0x66, 0x69, - 0x6c, 0x65, 0x22, 0xe4, 0x04, 0x0a, 0x13, 0x46, 0x69, 0x6c, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72, + 0x6c, 0x65, 0x22, 0xfe, 0x04, 0x0a, 0x13, 0x46, 0x69, 0x6c, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, @@ -3054,330 +3382,391 @@ var file_google_protobuf_descriptor_proto_rawDesc = []byte{ 0x75, 0x66, 0x2e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x52, 0x0e, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x79, 0x6e, 0x74, 0x61, 0x78, 0x18, 0x0c, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x06, 0x73, 0x79, 0x6e, 0x74, 0x61, 0x78, 0x22, 0xb9, 0x06, 0x0a, 0x0f, 0x44, 0x65, - 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, - 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, - 0x65, 0x12, 0x3b, 0x0a, 0x05, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, - 0x32, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, - 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, - 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x05, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x12, 0x43, - 0x0a, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, - 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, - 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, - 0x69, 0x6f, 0x6e, 0x12, 0x41, 0x0a, 0x0b, 0x6e, 0x65, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x74, 0x79, - 0x70, 0x65, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x65, 0x73, 0x63, 0x72, - 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x0a, 0x6e, 0x65, 0x73, 0x74, - 0x65, 0x64, 0x54, 0x79, 0x70, 0x65, 0x12, 0x41, 0x0a, 0x09, 0x65, 0x6e, 0x75, 0x6d, 0x5f, 0x74, - 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, - 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, - 0x08, 0x65, 0x6e, 0x75, 0x6d, 0x54, 0x79, 0x70, 0x65, 0x12, 0x58, 0x0a, 0x0f, 0x65, 0x78, 0x74, - 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x05, 0x20, 0x03, - 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x09, 0x52, 0x06, 0x73, 0x79, 0x6e, 0x74, 0x61, 0x78, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x64, 0x69, + 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x65, 0x64, 0x69, 0x74, + 0x69, 0x6f, 0x6e, 0x22, 0xb9, 0x06, 0x0a, 0x0f, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, + 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x05, 0x66, + 0x69, 0x65, 0x6c, 0x64, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x6f, 0x6f, + 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, + 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, + 0x6f, 0x52, 0x05, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x12, 0x43, 0x0a, 0x09, 0x65, 0x78, 0x74, 0x65, + 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, + 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, + 0x74, 0x6f, 0x52, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x41, 0x0a, + 0x0b, 0x6e, 0x65, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, - 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, - 0x6e, 0x67, 0x65, 0x52, 0x0e, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, - 0x6e, 0x67, 0x65, 0x12, 0x44, 0x0a, 0x0a, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x5f, 0x64, 0x65, 0x63, - 0x6c, 0x18, 0x08, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x44, - 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x09, - 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x44, 0x65, 0x63, 0x6c, 0x12, 0x39, 0x0a, 0x07, 0x6f, 0x70, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x73, - 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x55, 0x0a, 0x0e, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, - 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x67, + 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x0a, 0x6e, 0x65, 0x73, 0x74, 0x65, 0x64, 0x54, 0x79, 0x70, 0x65, + 0x12, 0x41, 0x0a, 0x09, 0x65, 0x6e, 0x75, 0x6d, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x08, 0x65, 0x6e, 0x75, 0x6d, 0x54, + 0x79, 0x70, 0x65, 0x12, 0x58, 0x0a, 0x0f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, + 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, - 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x52, - 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0d, 0x72, 0x65, - 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x72, - 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x0a, 0x20, 0x03, - 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x4e, 0x61, 0x6d, 0x65, - 0x1a, 0x7a, 0x0a, 0x0e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, - 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x12, 0x40, 0x0a, 0x07, 0x6f, 0x70, - 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, - 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x78, - 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, - 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x37, 0x0a, 0x0d, - 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, - 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, - 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, - 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22, 0x7c, 0x0a, 0x15, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, - 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, - 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, - 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, - 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, - 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, - 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, - 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, - 0x80, 0x80, 0x02, 0x22, 0xc1, 0x06, 0x0a, 0x14, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, - 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, - 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, - 0x12, 0x16, 0x0a, 0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, - 0x52, 0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x41, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, - 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, - 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x4c, - 0x61, 0x62, 0x65, 0x6c, 0x52, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x3e, 0x0a, 0x04, 0x74, - 0x79, 0x70, 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, - 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, - 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x74, - 0x79, 0x70, 0x65, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, - 0x74, 0x79, 0x70, 0x65, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x78, 0x74, 0x65, - 0x6e, 0x64, 0x65, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x65, 0x78, 0x74, 0x65, - 0x6e, 0x64, 0x65, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, - 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, - 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, 0x6e, 0x65, - 0x6f, 0x66, 0x5f, 0x69, 0x6e, 0x64, 0x65, 0x78, 0x18, 0x09, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, - 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x1b, 0x0a, 0x09, 0x6a, 0x73, - 0x6f, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6a, - 0x73, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, - 0x6e, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, - 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, - 0x12, 0x27, 0x0a, 0x0f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, - 0x6e, 0x61, 0x6c, 0x18, 0x11, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x33, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x22, 0xb6, 0x02, 0x0a, 0x04, 0x54, 0x79, - 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x44, 0x4f, 0x55, 0x42, 0x4c, - 0x45, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x4c, 0x4f, 0x41, - 0x54, 0x10, 0x02, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x36, - 0x34, 0x10, 0x03, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x49, 0x4e, 0x54, - 0x36, 0x34, 0x10, 0x04, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, - 0x33, 0x32, 0x10, 0x05, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x49, 0x58, - 0x45, 0x44, 0x36, 0x34, 0x10, 0x06, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, - 0x49, 0x58, 0x45, 0x44, 0x33, 0x32, 0x10, 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, - 0x5f, 0x42, 0x4f, 0x4f, 0x4c, 0x10, 0x08, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, - 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x10, 0x09, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, - 0x5f, 0x47, 0x52, 0x4f, 0x55, 0x50, 0x10, 0x0a, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, - 0x5f, 0x4d, 0x45, 0x53, 0x53, 0x41, 0x47, 0x45, 0x10, 0x0b, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, - 0x50, 0x45, 0x5f, 0x42, 0x59, 0x54, 0x45, 0x53, 0x10, 0x0c, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, - 0x50, 0x45, 0x5f, 0x55, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x0d, 0x12, 0x0d, 0x0a, 0x09, 0x54, - 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x10, 0x0e, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x59, - 0x50, 0x45, 0x5f, 0x53, 0x46, 0x49, 0x58, 0x45, 0x44, 0x33, 0x32, 0x10, 0x0f, 0x12, 0x11, 0x0a, - 0x0d, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x46, 0x49, 0x58, 0x45, 0x44, 0x36, 0x34, 0x10, 0x10, - 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, - 0x11, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x36, 0x34, - 0x10, 0x12, 0x22, 0x43, 0x0a, 0x05, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x12, 0x0a, 0x0e, 0x4c, - 0x41, 0x42, 0x45, 0x4c, 0x5f, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x41, 0x4c, 0x10, 0x01, 0x12, - 0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c, 0x5f, 0x52, 0x45, 0x51, 0x55, 0x49, 0x52, 0x45, - 0x44, 0x10, 0x02, 0x12, 0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c, 0x5f, 0x52, 0x45, 0x50, - 0x45, 0x41, 0x54, 0x45, 0x44, 0x10, 0x03, 0x22, 0x63, 0x0a, 0x14, 0x4f, 0x6e, 0x65, 0x6f, 0x66, - 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, - 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, - 0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, - 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, - 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x4f, 0x70, 0x74, 0x69, - 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xe3, 0x02, 0x0a, - 0x13, 0x45, 0x6e, 0x75, 0x6d, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, - 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3f, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, - 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, - 0x6c, 0x75, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, - 0x74, 0x6f, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x36, 0x0a, 0x07, 0x6f, 0x70, 0x74, - 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, - 0x6d, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, - 0x73, 0x12, 0x5d, 0x0a, 0x0e, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x72, 0x61, - 0x6e, 0x67, 0x65, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x67, 0x6f, 0x6f, 0x67, - 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, - 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, - 0x45, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, - 0x65, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, - 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x6e, 0x61, 0x6d, - 0x65, 0x18, 0x05, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, - 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0x3b, 0x0a, 0x11, 0x45, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, - 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, - 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, - 0x6e, 0x64, 0x22, 0x83, 0x01, 0x0a, 0x18, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, - 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, - 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, - 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x05, 0x52, 0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x07, 0x6f, - 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, - 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, - 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, - 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xa7, 0x01, 0x0a, 0x16, 0x53, 0x65, 0x72, - 0x76, 0x69, 0x63, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, - 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, - 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, - 0x64, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, - 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, - 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x12, 0x39, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, - 0x6e, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, - 0x63, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, - 0x6e, 0x73, 0x22, 0x89, 0x02, 0x0a, 0x15, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x44, 0x65, 0x73, - 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, - 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, - 0x12, 0x1d, 0x0a, 0x0a, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, - 0x1f, 0x0a, 0x0b, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, - 0x12, 0x38, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, - 0x0b, 0x32, 0x1e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, - 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x30, 0x0a, 0x10, 0x63, 0x6c, - 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x05, - 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x63, 0x6c, 0x69, - 0x65, 0x6e, 0x74, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x12, 0x30, 0x0a, 0x10, - 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, - 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x22, 0x91, - 0x09, 0x0a, 0x0b, 0x46, 0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x21, - 0x0a, 0x0c, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x01, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x6a, 0x61, 0x76, 0x61, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, - 0x65, 0x12, 0x30, 0x0a, 0x14, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x5f, - 0x63, 0x6c, 0x61, 0x73, 0x73, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x12, 0x6a, 0x61, 0x76, 0x61, 0x4f, 0x75, 0x74, 0x65, 0x72, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x6e, - 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x6d, 0x75, 0x6c, 0x74, - 0x69, 0x70, 0x6c, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, - 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x11, 0x6a, 0x61, 0x76, 0x61, 0x4d, 0x75, 0x6c, - 0x74, 0x69, 0x70, 0x6c, 0x65, 0x46, 0x69, 0x6c, 0x65, 0x73, 0x12, 0x44, 0x0a, 0x1d, 0x6a, 0x61, - 0x76, 0x61, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x65, 0x71, 0x75, 0x61, - 0x6c, 0x73, 0x5f, 0x61, 0x6e, 0x64, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x18, 0x14, 0x20, 0x01, 0x28, - 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x19, 0x6a, 0x61, 0x76, 0x61, 0x47, 0x65, 0x6e, 0x65, 0x72, - 0x61, 0x74, 0x65, 0x45, 0x71, 0x75, 0x61, 0x6c, 0x73, 0x41, 0x6e, 0x64, 0x48, 0x61, 0x73, 0x68, - 0x12, 0x3a, 0x0a, 0x16, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, - 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f, 0x75, 0x74, 0x66, 0x38, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x08, - 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x53, 0x74, 0x72, - 0x69, 0x6e, 0x67, 0x43, 0x68, 0x65, 0x63, 0x6b, 0x55, 0x74, 0x66, 0x38, 0x12, 0x53, 0x0a, 0x0c, - 0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x18, 0x09, 0x20, 0x01, - 0x28, 0x0e, 0x32, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, - 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x3a, 0x05, 0x53, - 0x50, 0x45, 0x45, 0x44, 0x52, 0x0b, 0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x46, 0x6f, - 0x72, 0x12, 0x1d, 0x0a, 0x0a, 0x67, 0x6f, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, - 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, 0x67, 0x6f, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, - 0x12, 0x35, 0x0a, 0x13, 0x63, 0x63, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, - 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x10, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, - 0x61, 0x6c, 0x73, 0x65, 0x52, 0x11, 0x63, 0x63, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, - 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x39, 0x0a, 0x15, 0x6a, 0x61, 0x76, 0x61, 0x5f, - 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, - 0x18, 0x11, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x13, 0x6a, - 0x61, 0x76, 0x61, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, - 0x65, 0x73, 0x12, 0x35, 0x0a, 0x13, 0x70, 0x79, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, - 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x12, 0x20, 0x01, 0x28, 0x08, 0x3a, - 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x11, 0x70, 0x79, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, - 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x37, 0x0a, 0x14, 0x70, 0x68, 0x70, + 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x45, + 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0e, 0x65, + 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x44, 0x0a, + 0x0a, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x5f, 0x64, 0x65, 0x63, 0x6c, 0x18, 0x08, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2e, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, + 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x09, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x44, + 0x65, 0x63, 0x6c, 0x12, 0x39, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x07, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x55, + 0x0a, 0x0e, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, + 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, + 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, + 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, + 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, + 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0x7a, 0x0a, 0x0e, 0x45, 0x78, + 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, + 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, + 0x03, 0x65, 0x6e, 0x64, 0x12, 0x40, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, + 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, + 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x37, 0x0a, 0x0d, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, + 0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22, + 0x7c, 0x0a, 0x15, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, + 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, + 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, + 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, + 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, + 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, + 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, + 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x22, 0xc1, 0x06, + 0x0a, 0x14, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, + 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x6e, 0x75, + 0x6d, 0x62, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x6e, 0x75, 0x6d, 0x62, + 0x65, 0x72, 0x12, 0x41, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, + 0x0e, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, + 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x52, 0x05, + 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x3e, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x05, 0x20, + 0x01, 0x28, 0x0e, 0x32, 0x2a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, + 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52, + 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x6e, 0x61, + 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x74, 0x79, 0x70, 0x65, 0x4e, 0x61, + 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x65, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x65, 0x12, 0x23, + 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, + 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61, + 0x6c, 0x75, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x5f, 0x69, 0x6e, 0x64, + 0x65, 0x78, 0x18, 0x09, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x49, + 0x6e, 0x64, 0x65, 0x78, 0x12, 0x1b, 0x0a, 0x09, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x6e, 0x61, 0x6d, + 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6a, 0x73, 0x6f, 0x6e, 0x4e, 0x61, 0x6d, + 0x65, 0x12, 0x37, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x08, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, + 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x27, 0x0a, 0x0f, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x33, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x18, 0x11, 0x20, + 0x01, 0x28, 0x08, 0x52, 0x0e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, 0x4f, 0x70, 0x74, 0x69, 0x6f, + 0x6e, 0x61, 0x6c, 0x22, 0xb6, 0x02, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b, + 0x54, 0x59, 0x50, 0x45, 0x5f, 0x44, 0x4f, 0x55, 0x42, 0x4c, 0x45, 0x10, 0x01, 0x12, 0x0e, 0x0a, + 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x4c, 0x4f, 0x41, 0x54, 0x10, 0x02, 0x12, 0x0e, 0x0a, + 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x03, 0x12, 0x0f, 0x0a, + 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x04, 0x12, 0x0e, + 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x05, 0x12, 0x10, + 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x49, 0x58, 0x45, 0x44, 0x36, 0x34, 0x10, 0x06, + 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x49, 0x58, 0x45, 0x44, 0x33, 0x32, + 0x10, 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x42, 0x4f, 0x4f, 0x4c, 0x10, + 0x08, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, + 0x10, 0x09, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x47, 0x52, 0x4f, 0x55, 0x50, + 0x10, 0x0a, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4d, 0x45, 0x53, 0x53, 0x41, + 0x47, 0x45, 0x10, 0x0b, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x42, 0x59, 0x54, + 0x45, 0x53, 0x10, 0x0c, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x49, 0x4e, + 0x54, 0x33, 0x32, 0x10, 0x0d, 0x12, 0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, + 0x55, 0x4d, 0x10, 0x0e, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x46, 0x49, + 0x58, 0x45, 0x44, 0x33, 0x32, 0x10, 0x0f, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x59, 0x50, 0x45, 0x5f, + 0x53, 0x46, 0x49, 0x58, 0x45, 0x44, 0x36, 0x34, 0x10, 0x10, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, + 0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x11, 0x12, 0x0f, 0x0a, 0x0b, 0x54, + 0x59, 0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x12, 0x22, 0x43, 0x0a, 0x05, + 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c, 0x5f, 0x4f, + 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x41, 0x4c, 0x10, 0x01, 0x12, 0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42, + 0x45, 0x4c, 0x5f, 0x52, 0x45, 0x51, 0x55, 0x49, 0x52, 0x45, 0x44, 0x10, 0x02, 0x12, 0x12, 0x0a, + 0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c, 0x5f, 0x52, 0x45, 0x50, 0x45, 0x41, 0x54, 0x45, 0x44, 0x10, + 0x03, 0x22, 0x63, 0x0a, 0x14, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a, + 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, + 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, + 0x2e, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xe3, 0x02, 0x0a, 0x13, 0x45, 0x6e, 0x75, 0x6d, 0x44, + 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, + 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, + 0x6d, 0x65, 0x12, 0x3f, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44, 0x65, 0x73, + 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x05, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x12, 0x36, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x4f, 0x70, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5d, 0x0a, 0x0e, 0x72, + 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x04, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x52, 0x65, + 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0d, 0x72, 0x65, 0x73, + 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, + 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x03, 0x28, + 0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x1a, + 0x3b, 0x0a, 0x11, 0x45, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, + 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, + 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, + 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22, 0x83, 0x01, 0x0a, + 0x18, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, + 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, + 0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x6e, + 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, + 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x22, 0xa7, 0x01, 0x0a, 0x16, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x44, 0x65, + 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, + 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, + 0x65, 0x12, 0x3e, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x02, 0x20, 0x03, 0x28, + 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, + 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, + 0x64, 0x12, 0x39, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4f, 0x70, 0x74, 0x69, + 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x89, 0x02, 0x0a, + 0x15, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, + 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x69, 0x6e, + 0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09, + 0x69, 0x6e, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, 0x75, 0x74, + 0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, + 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x38, 0x0a, 0x07, 0x6f, 0x70, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x67, 0x6f, + 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, + 0x74, 0x68, 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x30, 0x0a, 0x10, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73, + 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, + 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x72, + 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x12, 0x30, 0x0a, 0x10, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, + 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, + 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x53, + 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x22, 0x91, 0x09, 0x0a, 0x0b, 0x46, 0x69, 0x6c, + 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x6a, 0x61, 0x76, 0x61, + 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, + 0x6a, 0x61, 0x76, 0x61, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x6a, + 0x61, 0x76, 0x61, 0x5f, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x6e, + 0x61, 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6a, 0x61, 0x76, 0x61, 0x4f, + 0x75, 0x74, 0x65, 0x72, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a, + 0x13, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65, 0x5f, 0x66, + 0x69, 0x6c, 0x65, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, + 0x65, 0x52, 0x11, 0x6a, 0x61, 0x76, 0x61, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65, 0x46, + 0x69, 0x6c, 0x65, 0x73, 0x12, 0x44, 0x0a, 0x1d, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x67, 0x65, 0x6e, + 0x65, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x65, 0x71, 0x75, 0x61, 0x6c, 0x73, 0x5f, 0x61, 0x6e, 0x64, + 0x5f, 0x68, 0x61, 0x73, 0x68, 0x18, 0x14, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, + 0x19, 0x6a, 0x61, 0x76, 0x61, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x45, 0x71, 0x75, + 0x61, 0x6c, 0x73, 0x41, 0x6e, 0x64, 0x48, 0x61, 0x73, 0x68, 0x12, 0x3a, 0x0a, 0x16, 0x6a, 0x61, + 0x76, 0x61, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f, + 0x75, 0x74, 0x66, 0x38, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, + 0x65, 0x52, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x43, 0x68, 0x65, + 0x63, 0x6b, 0x55, 0x74, 0x66, 0x38, 0x12, 0x53, 0x0a, 0x0c, 0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69, + 0x7a, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e, 0x67, + 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, + 0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6d, + 0x69, 0x7a, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x3a, 0x05, 0x53, 0x50, 0x45, 0x45, 0x44, 0x52, 0x0b, + 0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x46, 0x6f, 0x72, 0x12, 0x1d, 0x0a, 0x0a, 0x67, + 0x6f, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x09, 0x67, 0x6f, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x35, 0x0a, 0x13, 0x63, 0x63, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, - 0x73, 0x18, 0x2a, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x12, - 0x70, 0x68, 0x70, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, - 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, - 0x18, 0x17, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, - 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x2e, 0x0a, 0x10, 0x63, 0x63, 0x5f, - 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x5f, 0x61, 0x72, 0x65, 0x6e, 0x61, 0x73, 0x18, 0x1f, 0x20, - 0x01, 0x28, 0x08, 0x3a, 0x04, 0x74, 0x72, 0x75, 0x65, 0x52, 0x0e, 0x63, 0x63, 0x45, 0x6e, 0x61, - 0x62, 0x6c, 0x65, 0x41, 0x72, 0x65, 0x6e, 0x61, 0x73, 0x12, 0x2a, 0x0a, 0x11, 0x6f, 0x62, 0x6a, - 0x63, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x24, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6f, 0x62, 0x6a, 0x63, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x50, - 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x73, 0x68, 0x61, 0x72, 0x70, 0x5f, - 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x25, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x0f, 0x63, 0x73, 0x68, 0x61, 0x72, 0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, - 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x77, 0x69, 0x66, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, - 0x18, 0x27, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x73, 0x77, 0x69, 0x66, 0x74, 0x50, 0x72, 0x65, - 0x66, 0x69, 0x78, 0x12, 0x28, 0x0a, 0x10, 0x70, 0x68, 0x70, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, - 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x28, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x70, - 0x68, 0x70, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x23, 0x0a, - 0x0d, 0x70, 0x68, 0x70, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x29, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x70, 0x68, 0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, - 0x63, 0x65, 0x12, 0x34, 0x0a, 0x16, 0x70, 0x68, 0x70, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, - 0x74, 0x61, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x2c, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x14, 0x70, 0x68, 0x70, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4e, - 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x75, 0x62, 0x79, - 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x2d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, - 0x72, 0x75, 0x62, 0x79, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x58, 0x0a, 0x14, 0x75, - 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, - 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, - 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, - 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, - 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, - 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x3a, 0x0a, 0x0c, 0x4f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, - 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x12, 0x09, 0x0a, 0x05, 0x53, 0x50, 0x45, 0x45, 0x44, 0x10, 0x01, - 0x12, 0x0d, 0x0a, 0x09, 0x43, 0x4f, 0x44, 0x45, 0x5f, 0x53, 0x49, 0x5a, 0x45, 0x10, 0x02, 0x12, - 0x10, 0x0a, 0x0c, 0x4c, 0x49, 0x54, 0x45, 0x5f, 0x52, 0x55, 0x4e, 0x54, 0x49, 0x4d, 0x45, 0x10, - 0x03, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, 0x26, - 0x10, 0x27, 0x22, 0xd1, 0x02, 0x0a, 0x0e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, - 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x3c, 0x0a, 0x17, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, - 0x5f, 0x73, 0x65, 0x74, 0x5f, 0x77, 0x69, 0x72, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x14, 0x6d, - 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x53, 0x65, 0x74, 0x57, 0x69, 0x72, 0x65, 0x46, 0x6f, 0x72, - 0x6d, 0x61, 0x74, 0x12, 0x4c, 0x0a, 0x1f, 0x6e, 0x6f, 0x5f, 0x73, 0x74, 0x61, 0x6e, 0x64, 0x61, - 0x72, 0x64, 0x5f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x63, - 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, - 0x6c, 0x73, 0x65, 0x52, 0x1c, 0x6e, 0x6f, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x44, - 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, - 0x72, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, - 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x6d, 0x61, 0x70, 0x5f, - 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x6d, 0x61, 0x70, - 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, + 0x73, 0x18, 0x10, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x11, + 0x63, 0x63, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, + 0x73, 0x12, 0x39, 0x0a, 0x15, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, + 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x11, 0x20, 0x01, 0x28, 0x08, + 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x47, 0x65, 0x6e, + 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x35, 0x0a, 0x13, + 0x70, 0x79, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, + 0x63, 0x65, 0x73, 0x18, 0x12, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, + 0x52, 0x11, 0x70, 0x79, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, + 0x63, 0x65, 0x73, 0x12, 0x37, 0x0a, 0x14, 0x70, 0x68, 0x70, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, + 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x2a, 0x20, 0x01, 0x28, + 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x12, 0x70, 0x68, 0x70, 0x47, 0x65, 0x6e, + 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0a, + 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x17, 0x20, 0x01, 0x28, 0x08, + 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, + 0x74, 0x65, 0x64, 0x12, 0x2e, 0x0a, 0x10, 0x63, 0x63, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65, + 0x5f, 0x61, 0x72, 0x65, 0x6e, 0x61, 0x73, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x04, 0x74, + 0x72, 0x75, 0x65, 0x52, 0x0e, 0x63, 0x63, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x72, 0x65, + 0x6e, 0x61, 0x73, 0x12, 0x2a, 0x0a, 0x11, 0x6f, 0x62, 0x6a, 0x63, 0x5f, 0x63, 0x6c, 0x61, 0x73, + 0x73, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x24, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, + 0x6f, 0x62, 0x6a, 0x63, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, + 0x29, 0x0a, 0x10, 0x63, 0x73, 0x68, 0x61, 0x72, 0x70, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, + 0x61, 0x63, 0x65, 0x18, 0x25, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x63, 0x73, 0x68, 0x61, 0x72, + 0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x77, + 0x69, 0x66, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x27, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0b, 0x73, 0x77, 0x69, 0x66, 0x74, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x28, 0x0a, + 0x10, 0x70, 0x68, 0x70, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, + 0x78, 0x18, 0x28, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x70, 0x68, 0x70, 0x43, 0x6c, 0x61, 0x73, + 0x73, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x23, 0x0a, 0x0d, 0x70, 0x68, 0x70, 0x5f, 0x6e, + 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x29, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, + 0x70, 0x68, 0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x34, 0x0a, 0x16, + 0x70, 0x68, 0x70, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x6e, 0x61, 0x6d, + 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x2c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x14, 0x70, 0x68, + 0x70, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, + 0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x75, 0x62, 0x79, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, + 0x67, 0x65, 0x18, 0x2d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x72, 0x75, 0x62, 0x79, 0x50, 0x61, + 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, - 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, - 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, - 0x4a, 0x04, 0x08, 0x09, 0x10, 0x0a, 0x22, 0xe2, 0x03, 0x0a, 0x0c, 0x46, 0x69, 0x65, 0x6c, 0x64, - 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x41, 0x0a, 0x05, 0x63, 0x74, 0x79, 0x70, 0x65, - 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, + 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, + 0x3a, 0x0a, 0x0c, 0x4f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x12, + 0x09, 0x0a, 0x05, 0x53, 0x50, 0x45, 0x45, 0x44, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x43, 0x4f, + 0x44, 0x45, 0x5f, 0x53, 0x49, 0x5a, 0x45, 0x10, 0x02, 0x12, 0x10, 0x0a, 0x0c, 0x4c, 0x49, 0x54, + 0x45, 0x5f, 0x52, 0x55, 0x4e, 0x54, 0x49, 0x4d, 0x45, 0x10, 0x03, 0x2a, 0x09, 0x08, 0xe8, 0x07, + 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, 0x26, 0x10, 0x27, 0x22, 0xbb, 0x03, 0x0a, + 0x0e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, + 0x3c, 0x0a, 0x17, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x65, 0x74, 0x5f, 0x77, + 0x69, 0x72, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, + 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x14, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, + 0x53, 0x65, 0x74, 0x57, 0x69, 0x72, 0x65, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x4c, 0x0a, + 0x1f, 0x6e, 0x6f, 0x5f, 0x73, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x5f, 0x64, 0x65, 0x73, + 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, + 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x1c, 0x6e, + 0x6f, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, + 0x74, 0x6f, 0x72, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, 0x12, 0x25, 0x0a, 0x0a, 0x64, + 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x3a, + 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, + 0x65, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x6d, 0x61, 0x70, 0x5f, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18, + 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x6d, 0x61, 0x70, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12, + 0x56, 0x0a, 0x26, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x6c, 0x65, + 0x67, 0x61, 0x63, 0x79, 0x5f, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x5f, + 0x63, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08, 0x42, + 0x02, 0x18, 0x01, 0x52, 0x22, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x4c, + 0x65, 0x67, 0x61, 0x63, 0x79, 0x4a, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x43, 0x6f, + 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, + 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, + 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, + 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, + 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, + 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, 0x04, + 0x10, 0x05, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x06, 0x10, 0x07, 0x4a, 0x04, + 0x08, 0x08, 0x10, 0x09, 0x4a, 0x04, 0x08, 0x09, 0x10, 0x0a, 0x22, 0xb7, 0x08, 0x0a, 0x0c, 0x46, + 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x41, 0x0a, 0x05, 0x63, + 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, 0x2e, 0x67, 0x6f, 0x6f, + 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, + 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x43, 0x54, 0x79, 0x70, 0x65, 0x3a, + 0x06, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x52, 0x05, 0x63, 0x74, 0x79, 0x70, 0x65, 0x12, 0x16, + 0x0a, 0x06, 0x70, 0x61, 0x63, 0x6b, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, + 0x70, 0x61, 0x63, 0x6b, 0x65, 0x64, 0x12, 0x47, 0x0a, 0x06, 0x6a, 0x73, 0x74, 0x79, 0x70, 0x65, + 0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, - 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x43, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x06, 0x53, 0x54, 0x52, - 0x49, 0x4e, 0x47, 0x52, 0x05, 0x63, 0x74, 0x79, 0x70, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, - 0x63, 0x6b, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06, 0x70, 0x61, 0x63, 0x6b, - 0x65, 0x64, 0x12, 0x47, 0x0a, 0x06, 0x6a, 0x73, 0x74, 0x79, 0x70, 0x65, 0x18, 0x06, 0x20, 0x01, - 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, - 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, - 0x73, 0x2e, 0x4a, 0x53, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x09, 0x4a, 0x53, 0x5f, 0x4e, 0x4f, 0x52, - 0x4d, 0x41, 0x4c, 0x52, 0x06, 0x6a, 0x73, 0x74, 0x79, 0x70, 0x65, 0x12, 0x19, 0x0a, 0x04, 0x6c, - 0x61, 0x7a, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, - 0x52, 0x04, 0x6c, 0x61, 0x7a, 0x79, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, - 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, - 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x19, 0x0a, - 0x04, 0x77, 0x65, 0x61, 0x6b, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, - 0x73, 0x65, 0x52, 0x04, 0x77, 0x65, 0x61, 0x6b, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, - 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, - 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, - 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, - 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, - 0x6f, 0x6e, 0x22, 0x2f, 0x0a, 0x05, 0x43, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0a, 0x0a, 0x06, 0x53, - 0x54, 0x52, 0x49, 0x4e, 0x47, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x43, 0x4f, 0x52, 0x44, 0x10, - 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x5f, 0x50, 0x49, 0x45, 0x43, - 0x45, 0x10, 0x02, 0x22, 0x35, 0x0a, 0x06, 0x4a, 0x53, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0d, 0x0a, - 0x09, 0x4a, 0x53, 0x5f, 0x4e, 0x4f, 0x52, 0x4d, 0x41, 0x4c, 0x10, 0x00, 0x12, 0x0d, 0x0a, 0x09, - 0x4a, 0x53, 0x5f, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x4a, - 0x53, 0x5f, 0x4e, 0x55, 0x4d, 0x42, 0x45, 0x52, 0x10, 0x02, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, - 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, 0x04, 0x10, 0x05, 0x22, 0x73, 0x0a, 0x0c, 0x4f, - 0x6e, 0x65, 0x6f, 0x66, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, + 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4a, 0x53, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x09, 0x4a, 0x53, + 0x5f, 0x4e, 0x4f, 0x52, 0x4d, 0x41, 0x4c, 0x52, 0x06, 0x6a, 0x73, 0x74, 0x79, 0x70, 0x65, 0x12, + 0x19, 0x0a, 0x04, 0x6c, 0x61, 0x7a, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, + 0x61, 0x6c, 0x73, 0x65, 0x52, 0x04, 0x6c, 0x61, 0x7a, 0x79, 0x12, 0x2e, 0x0a, 0x0f, 0x75, 0x6e, + 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x5f, 0x6c, 0x61, 0x7a, 0x79, 0x18, 0x0f, 0x20, + 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0e, 0x75, 0x6e, 0x76, 0x65, + 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x4c, 0x61, 0x7a, 0x79, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, + 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, + 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, + 0x64, 0x12, 0x19, 0x0a, 0x04, 0x77, 0x65, 0x61, 0x6b, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x3a, + 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x04, 0x77, 0x65, 0x61, 0x6b, 0x12, 0x28, 0x0a, 0x0c, + 0x64, 0x65, 0x62, 0x75, 0x67, 0x5f, 0x72, 0x65, 0x64, 0x61, 0x63, 0x74, 0x18, 0x10, 0x20, 0x01, + 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0b, 0x64, 0x65, 0x62, 0x75, 0x67, + 0x52, 0x65, 0x64, 0x61, 0x63, 0x74, 0x12, 0x4b, 0x0a, 0x09, 0x72, 0x65, 0x74, 0x65, 0x6e, 0x74, + 0x69, 0x6f, 0x6e, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, + 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, + 0x65, 0x74, 0x65, 0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x09, 0x72, 0x65, 0x74, 0x65, 0x6e, 0x74, + 0x69, 0x6f, 0x6e, 0x12, 0x46, 0x0a, 0x06, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x18, 0x12, 0x20, + 0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, + 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x54, + 0x79, 0x70, 0x65, 0x52, 0x06, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, - 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, - 0x22, 0xc0, 0x01, 0x0a, 0x0b, 0x45, 0x6e, 0x75, 0x6d, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, - 0x12, 0x1f, 0x0a, 0x0b, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x5f, 0x61, 0x6c, 0x69, 0x61, 0x73, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x41, 0x6c, 0x69, 0x61, - 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, - 0x03, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, - 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, - 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, - 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, - 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, - 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, - 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, - 0x05, 0x10, 0x06, 0x22, 0x9e, 0x01, 0x0a, 0x10, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x2f, 0x0a, 0x05, 0x43, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0a, + 0x0a, 0x06, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x43, 0x4f, + 0x52, 0x44, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x5f, 0x50, + 0x49, 0x45, 0x43, 0x45, 0x10, 0x02, 0x22, 0x35, 0x0a, 0x06, 0x4a, 0x53, 0x54, 0x79, 0x70, 0x65, + 0x12, 0x0d, 0x0a, 0x09, 0x4a, 0x53, 0x5f, 0x4e, 0x4f, 0x52, 0x4d, 0x41, 0x4c, 0x10, 0x00, 0x12, + 0x0d, 0x0a, 0x09, 0x4a, 0x53, 0x5f, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x0d, + 0x0a, 0x09, 0x4a, 0x53, 0x5f, 0x4e, 0x55, 0x4d, 0x42, 0x45, 0x52, 0x10, 0x02, 0x22, 0x55, 0x0a, + 0x0f, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x74, 0x65, 0x6e, 0x74, 0x69, 0x6f, 0x6e, + 0x12, 0x15, 0x0a, 0x11, 0x52, 0x45, 0x54, 0x45, 0x4e, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e, + 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x15, 0x0a, 0x11, 0x52, 0x45, 0x54, 0x45, 0x4e, + 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x52, 0x55, 0x4e, 0x54, 0x49, 0x4d, 0x45, 0x10, 0x01, 0x12, 0x14, + 0x0a, 0x10, 0x52, 0x45, 0x54, 0x45, 0x4e, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x4f, 0x55, 0x52, + 0x43, 0x45, 0x10, 0x02, 0x22, 0x8c, 0x02, 0x0a, 0x10, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, + 0x61, 0x72, 0x67, 0x65, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x52, + 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, + 0x10, 0x00, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, + 0x45, 0x5f, 0x46, 0x49, 0x4c, 0x45, 0x10, 0x01, 0x12, 0x1f, 0x0a, 0x1b, 0x54, 0x41, 0x52, 0x47, + 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x58, 0x54, 0x45, 0x4e, 0x53, 0x49, 0x4f, + 0x4e, 0x5f, 0x52, 0x41, 0x4e, 0x47, 0x45, 0x10, 0x02, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x52, + 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4d, 0x45, 0x53, 0x53, 0x41, 0x47, 0x45, + 0x10, 0x03, 0x12, 0x15, 0x0a, 0x11, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, + 0x45, 0x5f, 0x46, 0x49, 0x45, 0x4c, 0x44, 0x10, 0x04, 0x12, 0x15, 0x0a, 0x11, 0x54, 0x41, 0x52, + 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4f, 0x4e, 0x45, 0x4f, 0x46, 0x10, 0x05, + 0x12, 0x14, 0x0a, 0x10, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, + 0x45, 0x4e, 0x55, 0x4d, 0x10, 0x06, 0x12, 0x1a, 0x0a, 0x16, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54, + 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x45, 0x4e, 0x54, 0x52, 0x59, + 0x10, 0x07, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, + 0x45, 0x5f, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43, 0x45, 0x10, 0x08, 0x12, 0x16, 0x0a, 0x12, 0x54, + 0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4d, 0x45, 0x54, 0x48, 0x4f, + 0x44, 0x10, 0x09, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, + 0x08, 0x04, 0x10, 0x05, 0x22, 0x73, 0x0a, 0x0c, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x4f, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, + 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, + 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, + 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, + 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0x09, + 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x22, 0x98, 0x02, 0x0a, 0x0b, 0x45, 0x6e, + 0x75, 0x6d, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x61, 0x6c, 0x6c, + 0x6f, 0x77, 0x5f, 0x61, 0x6c, 0x69, 0x61, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a, + 0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x41, 0x6c, 0x69, 0x61, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, + 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, + 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, + 0x64, 0x12, 0x56, 0x0a, 0x26, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f, + 0x6c, 0x65, 0x67, 0x61, 0x63, 0x79, 0x5f, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x65, 0x6c, + 0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, + 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x22, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, + 0x64, 0x4c, 0x65, 0x67, 0x61, 0x63, 0x79, 0x4a, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x65, 0x6c, 0x64, + 0x43, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, + 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, + 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, + 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, + 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, + 0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, + 0x08, 0x05, 0x10, 0x06, 0x22, 0x9e, 0x01, 0x0a, 0x10, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, + 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, + 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, + 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, + 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, + 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, + 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, + 0x80, 0x80, 0x80, 0x80, 0x02, 0x22, 0x9c, 0x01, 0x0a, 0x0e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, - 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, + 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x21, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, @@ -3385,97 +3774,95 @@ var file_google_protobuf_descriptor_proto_rawDesc = []byte{ 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, - 0x80, 0x80, 0x80, 0x02, 0x22, 0x9c, 0x01, 0x0a, 0x0e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, - 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, - 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x21, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, - 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x58, - 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, - 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, + 0x80, 0x80, 0x80, 0x02, 0x22, 0xe0, 0x02, 0x0a, 0x0d, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4f, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, + 0x61, 0x74, 0x65, 0x64, 0x18, 0x21, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, + 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x71, 0x0a, + 0x11, 0x69, 0x64, 0x65, 0x6d, 0x70, 0x6f, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x5f, 0x6c, 0x65, 0x76, + 0x65, 0x6c, 0x18, 0x22, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, + 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x49, 0x64, 0x65, 0x6d, 0x70, 0x6f, 0x74, + 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x3a, 0x13, 0x49, 0x44, 0x45, 0x4d, 0x50, + 0x4f, 0x54, 0x45, 0x4e, 0x43, 0x59, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x52, 0x10, + 0x69, 0x64, 0x65, 0x6d, 0x70, 0x6f, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, + 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, + 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, + 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, + 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, + 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x50, 0x0a, 0x10, 0x49, 0x64, + 0x65, 0x6d, 0x70, 0x6f, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x17, + 0x0a, 0x13, 0x49, 0x44, 0x45, 0x4d, 0x50, 0x4f, 0x54, 0x45, 0x4e, 0x43, 0x59, 0x5f, 0x55, 0x4e, + 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x13, 0x0a, 0x0f, 0x4e, 0x4f, 0x5f, 0x53, 0x49, + 0x44, 0x45, 0x5f, 0x45, 0x46, 0x46, 0x45, 0x43, 0x54, 0x53, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, + 0x49, 0x44, 0x45, 0x4d, 0x50, 0x4f, 0x54, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x2a, 0x09, 0x08, 0xe8, + 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x22, 0x9a, 0x03, 0x0a, 0x13, 0x55, 0x6e, 0x69, 0x6e, + 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, + 0x41, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, - 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, - 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, - 0x80, 0x80, 0x02, 0x22, 0xe0, 0x02, 0x0a, 0x0d, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4f, 0x70, - 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, - 0x74, 0x65, 0x64, 0x18, 0x21, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, - 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x71, 0x0a, 0x11, - 0x69, 0x64, 0x65, 0x6d, 0x70, 0x6f, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x5f, 0x6c, 0x65, 0x76, 0x65, - 0x6c, 0x18, 0x22, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, - 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x49, 0x64, 0x65, 0x6d, 0x70, 0x6f, 0x74, 0x65, - 0x6e, 0x63, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x3a, 0x13, 0x49, 0x44, 0x45, 0x4d, 0x50, 0x4f, - 0x54, 0x45, 0x4e, 0x43, 0x59, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x52, 0x10, 0x69, - 0x64, 0x65, 0x6d, 0x70, 0x6f, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12, - 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, - 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, - 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, - 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, - 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, - 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x50, 0x0a, 0x10, 0x49, 0x64, 0x65, - 0x6d, 0x70, 0x6f, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x17, 0x0a, - 0x13, 0x49, 0x44, 0x45, 0x4d, 0x50, 0x4f, 0x54, 0x45, 0x4e, 0x43, 0x59, 0x5f, 0x55, 0x4e, 0x4b, - 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x13, 0x0a, 0x0f, 0x4e, 0x4f, 0x5f, 0x53, 0x49, 0x44, - 0x45, 0x5f, 0x45, 0x46, 0x46, 0x45, 0x43, 0x54, 0x53, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x49, - 0x44, 0x45, 0x4d, 0x50, 0x4f, 0x54, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x2a, 0x09, 0x08, 0xe8, 0x07, - 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x22, 0x9a, 0x03, 0x0a, 0x13, 0x55, 0x6e, 0x69, 0x6e, 0x74, - 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x41, - 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x67, - 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, - 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, - 0x6f, 0x6e, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x50, 0x61, 0x72, 0x74, 0x52, 0x04, 0x6e, 0x61, 0x6d, - 0x65, 0x12, 0x29, 0x0a, 0x10, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x5f, - 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x69, 0x64, 0x65, - 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x2c, 0x0a, 0x12, - 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61, 0x6c, - 0x75, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x10, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, - 0x76, 0x65, 0x49, 0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x2c, 0x0a, 0x12, 0x6e, 0x65, - 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, - 0x18, 0x05, 0x20, 0x01, 0x28, 0x03, 0x52, 0x10, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, - 0x49, 0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x64, 0x6f, 0x75, 0x62, - 0x6c, 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0b, - 0x64, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x73, - 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, - 0x0c, 0x52, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x27, - 0x0a, 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x75, - 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, - 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0x4a, 0x0a, 0x08, 0x4e, 0x61, 0x6d, 0x65, 0x50, - 0x61, 0x72, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x70, 0x61, 0x72, 0x74, - 0x18, 0x01, 0x20, 0x02, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x61, 0x6d, 0x65, 0x50, 0x61, 0x72, 0x74, - 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x73, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, - 0x18, 0x02, 0x20, 0x02, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x73, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, - 0x69, 0x6f, 0x6e, 0x22, 0xa7, 0x02, 0x0a, 0x0e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6f, - 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x44, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, - 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x6f, 0x75, 0x72, 0x63, - 0x65, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x52, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0xce, 0x01, 0x0a, - 0x08, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x04, 0x70, 0x61, 0x74, - 0x68, 0x18, 0x01, 0x20, 0x03, 0x28, 0x05, 0x42, 0x02, 0x10, 0x01, 0x52, 0x04, 0x70, 0x61, 0x74, - 0x68, 0x12, 0x16, 0x0a, 0x04, 0x73, 0x70, 0x61, 0x6e, 0x18, 0x02, 0x20, 0x03, 0x28, 0x05, 0x42, - 0x02, 0x10, 0x01, 0x52, 0x04, 0x73, 0x70, 0x61, 0x6e, 0x12, 0x29, 0x0a, 0x10, 0x6c, 0x65, 0x61, - 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x03, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6c, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6d, 0x6d, - 0x65, 0x6e, 0x74, 0x73, 0x12, 0x2b, 0x0a, 0x11, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x69, 0x6e, 0x67, - 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x10, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, - 0x73, 0x12, 0x3a, 0x0a, 0x19, 0x6c, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x64, 0x65, 0x74, - 0x61, 0x63, 0x68, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x06, - 0x20, 0x03, 0x28, 0x09, 0x52, 0x17, 0x6c, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x44, 0x65, 0x74, - 0x61, 0x63, 0x68, 0x65, 0x64, 0x43, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x22, 0xd1, 0x01, - 0x0a, 0x11, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x64, 0x65, 0x49, - 0x6e, 0x66, 0x6f, 0x12, 0x4d, 0x0a, 0x0a, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, - 0x6e, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, - 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, - 0x74, 0x65, 0x64, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x41, 0x6e, 0x6e, 0x6f, - 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, - 0x6f, 0x6e, 0x1a, 0x6d, 0x0a, 0x0a, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x12, 0x16, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x03, 0x28, 0x05, 0x42, 0x02, - 0x10, 0x01, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x6f, 0x75, 0x72, - 0x63, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x73, - 0x6f, 0x75, 0x72, 0x63, 0x65, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x62, 0x65, 0x67, - 0x69, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x62, 0x65, 0x67, 0x69, 0x6e, 0x12, - 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, - 0x64, 0x42, 0x7e, 0x0a, 0x13, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, + 0x69, 0x6f, 0x6e, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x50, 0x61, 0x72, 0x74, 0x52, 0x04, 0x6e, 0x61, + 0x6d, 0x65, 0x12, 0x29, 0x0a, 0x10, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, + 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x69, 0x64, + 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x2c, 0x0a, + 0x12, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61, + 0x6c, 0x75, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x10, 0x70, 0x6f, 0x73, 0x69, 0x74, + 0x69, 0x76, 0x65, 0x49, 0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x2c, 0x0a, 0x12, 0x6e, + 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, + 0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x03, 0x52, 0x10, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, + 0x65, 0x49, 0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x64, 0x6f, 0x75, + 0x62, 0x6c, 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x01, 0x52, + 0x0b, 0x64, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x21, 0x0a, 0x0c, + 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x07, 0x20, 0x01, + 0x28, 0x0c, 0x52, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, + 0x27, 0x0a, 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x5f, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, + 0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0x4a, 0x0a, 0x08, 0x4e, 0x61, 0x6d, 0x65, + 0x50, 0x61, 0x72, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x70, 0x61, 0x72, + 0x74, 0x18, 0x01, 0x20, 0x02, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x61, 0x6d, 0x65, 0x50, 0x61, 0x72, + 0x74, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x73, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, + 0x6e, 0x18, 0x02, 0x20, 0x02, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x73, 0x45, 0x78, 0x74, 0x65, 0x6e, + 0x73, 0x69, 0x6f, 0x6e, 0x22, 0xa7, 0x02, 0x0a, 0x0e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, + 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x44, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x52, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0xce, 0x01, + 0x0a, 0x08, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x04, 0x70, 0x61, + 0x74, 0x68, 0x18, 0x01, 0x20, 0x03, 0x28, 0x05, 0x42, 0x02, 0x10, 0x01, 0x52, 0x04, 0x70, 0x61, + 0x74, 0x68, 0x12, 0x16, 0x0a, 0x04, 0x73, 0x70, 0x61, 0x6e, 0x18, 0x02, 0x20, 0x03, 0x28, 0x05, + 0x42, 0x02, 0x10, 0x01, 0x52, 0x04, 0x73, 0x70, 0x61, 0x6e, 0x12, 0x29, 0x0a, 0x10, 0x6c, 0x65, + 0x61, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x03, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6c, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6d, + 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x2b, 0x0a, 0x11, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x69, 0x6e, + 0x67, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x10, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, + 0x74, 0x73, 0x12, 0x3a, 0x0a, 0x19, 0x6c, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x64, 0x65, + 0x74, 0x61, 0x63, 0x68, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, + 0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x17, 0x6c, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x44, 0x65, + 0x74, 0x61, 0x63, 0x68, 0x65, 0x64, 0x43, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x22, 0xd0, + 0x02, 0x0a, 0x11, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x64, 0x65, + 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x4d, 0x0a, 0x0a, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, + 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, + 0x61, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x41, 0x6e, 0x6e, + 0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x1a, 0xeb, 0x01, 0x0a, 0x0a, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69, + 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x03, 0x28, 0x05, + 0x42, 0x02, 0x10, 0x01, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x6f, + 0x75, 0x72, 0x63, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, + 0x0a, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x62, + 0x65, 0x67, 0x69, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x62, 0x65, 0x67, 0x69, + 0x6e, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, + 0x65, 0x6e, 0x64, 0x12, 0x52, 0x0a, 0x08, 0x73, 0x65, 0x6d, 0x61, 0x6e, 0x74, 0x69, 0x63, 0x18, + 0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x36, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, + 0x64, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, + 0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x6d, 0x61, 0x6e, 0x74, 0x69, 0x63, 0x52, 0x08, 0x73, + 0x65, 0x6d, 0x61, 0x6e, 0x74, 0x69, 0x63, 0x22, 0x28, 0x0a, 0x08, 0x53, 0x65, 0x6d, 0x61, 0x6e, + 0x74, 0x69, 0x63, 0x12, 0x08, 0x0a, 0x04, 0x4e, 0x4f, 0x4e, 0x45, 0x10, 0x00, 0x12, 0x07, 0x0a, + 0x03, 0x53, 0x45, 0x54, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x4c, 0x49, 0x41, 0x53, 0x10, + 0x02, 0x42, 0x7e, 0x0a, 0x13, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x42, 0x10, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x73, 0x48, 0x01, 0x5a, 0x2d, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f, @@ -3498,7 +3885,7 @@ func file_google_protobuf_descriptor_proto_rawDescGZIP() []byte { return file_google_protobuf_descriptor_proto_rawDescData } -var file_google_protobuf_descriptor_proto_enumTypes = make([]protoimpl.EnumInfo, 6) +var file_google_protobuf_descriptor_proto_enumTypes = make([]protoimpl.EnumInfo, 9) var file_google_protobuf_descriptor_proto_msgTypes = make([]protoimpl.MessageInfo, 27) var file_google_protobuf_descriptor_proto_goTypes = []interface{}{ (FieldDescriptorProto_Type)(0), // 0: google.protobuf.FieldDescriptorProto.Type @@ -3506,84 +3893,90 @@ var file_google_protobuf_descriptor_proto_goTypes = []interface{}{ (FileOptions_OptimizeMode)(0), // 2: google.protobuf.FileOptions.OptimizeMode (FieldOptions_CType)(0), // 3: google.protobuf.FieldOptions.CType (FieldOptions_JSType)(0), // 4: google.protobuf.FieldOptions.JSType - (MethodOptions_IdempotencyLevel)(0), // 5: google.protobuf.MethodOptions.IdempotencyLevel - (*FileDescriptorSet)(nil), // 6: google.protobuf.FileDescriptorSet - (*FileDescriptorProto)(nil), // 7: google.protobuf.FileDescriptorProto - (*DescriptorProto)(nil), // 8: google.protobuf.DescriptorProto - (*ExtensionRangeOptions)(nil), // 9: google.protobuf.ExtensionRangeOptions - (*FieldDescriptorProto)(nil), // 10: google.protobuf.FieldDescriptorProto - (*OneofDescriptorProto)(nil), // 11: google.protobuf.OneofDescriptorProto - (*EnumDescriptorProto)(nil), // 12: google.protobuf.EnumDescriptorProto - (*EnumValueDescriptorProto)(nil), // 13: google.protobuf.EnumValueDescriptorProto - (*ServiceDescriptorProto)(nil), // 14: google.protobuf.ServiceDescriptorProto - (*MethodDescriptorProto)(nil), // 15: google.protobuf.MethodDescriptorProto - (*FileOptions)(nil), // 16: google.protobuf.FileOptions - (*MessageOptions)(nil), // 17: google.protobuf.MessageOptions - (*FieldOptions)(nil), // 18: google.protobuf.FieldOptions - (*OneofOptions)(nil), // 19: google.protobuf.OneofOptions - (*EnumOptions)(nil), // 20: google.protobuf.EnumOptions - (*EnumValueOptions)(nil), // 21: google.protobuf.EnumValueOptions - (*ServiceOptions)(nil), // 22: google.protobuf.ServiceOptions - (*MethodOptions)(nil), // 23: google.protobuf.MethodOptions - (*UninterpretedOption)(nil), // 24: google.protobuf.UninterpretedOption - (*SourceCodeInfo)(nil), // 25: google.protobuf.SourceCodeInfo - (*GeneratedCodeInfo)(nil), // 26: google.protobuf.GeneratedCodeInfo - (*DescriptorProto_ExtensionRange)(nil), // 27: google.protobuf.DescriptorProto.ExtensionRange - (*DescriptorProto_ReservedRange)(nil), // 28: google.protobuf.DescriptorProto.ReservedRange - (*EnumDescriptorProto_EnumReservedRange)(nil), // 29: google.protobuf.EnumDescriptorProto.EnumReservedRange - (*UninterpretedOption_NamePart)(nil), // 30: google.protobuf.UninterpretedOption.NamePart - (*SourceCodeInfo_Location)(nil), // 31: google.protobuf.SourceCodeInfo.Location - (*GeneratedCodeInfo_Annotation)(nil), // 32: google.protobuf.GeneratedCodeInfo.Annotation + (FieldOptions_OptionRetention)(0), // 5: google.protobuf.FieldOptions.OptionRetention + (FieldOptions_OptionTargetType)(0), // 6: google.protobuf.FieldOptions.OptionTargetType + (MethodOptions_IdempotencyLevel)(0), // 7: google.protobuf.MethodOptions.IdempotencyLevel + (GeneratedCodeInfo_Annotation_Semantic)(0), // 8: google.protobuf.GeneratedCodeInfo.Annotation.Semantic + (*FileDescriptorSet)(nil), // 9: google.protobuf.FileDescriptorSet + (*FileDescriptorProto)(nil), // 10: google.protobuf.FileDescriptorProto + (*DescriptorProto)(nil), // 11: google.protobuf.DescriptorProto + (*ExtensionRangeOptions)(nil), // 12: google.protobuf.ExtensionRangeOptions + (*FieldDescriptorProto)(nil), // 13: google.protobuf.FieldDescriptorProto + (*OneofDescriptorProto)(nil), // 14: google.protobuf.OneofDescriptorProto + (*EnumDescriptorProto)(nil), // 15: google.protobuf.EnumDescriptorProto + (*EnumValueDescriptorProto)(nil), // 16: google.protobuf.EnumValueDescriptorProto + (*ServiceDescriptorProto)(nil), // 17: google.protobuf.ServiceDescriptorProto + (*MethodDescriptorProto)(nil), // 18: google.protobuf.MethodDescriptorProto + (*FileOptions)(nil), // 19: google.protobuf.FileOptions + (*MessageOptions)(nil), // 20: google.protobuf.MessageOptions + (*FieldOptions)(nil), // 21: google.protobuf.FieldOptions + (*OneofOptions)(nil), // 22: google.protobuf.OneofOptions + (*EnumOptions)(nil), // 23: google.protobuf.EnumOptions + (*EnumValueOptions)(nil), // 24: google.protobuf.EnumValueOptions + (*ServiceOptions)(nil), // 25: google.protobuf.ServiceOptions + (*MethodOptions)(nil), // 26: google.protobuf.MethodOptions + (*UninterpretedOption)(nil), // 27: google.protobuf.UninterpretedOption + (*SourceCodeInfo)(nil), // 28: google.protobuf.SourceCodeInfo + (*GeneratedCodeInfo)(nil), // 29: google.protobuf.GeneratedCodeInfo + (*DescriptorProto_ExtensionRange)(nil), // 30: google.protobuf.DescriptorProto.ExtensionRange + (*DescriptorProto_ReservedRange)(nil), // 31: google.protobuf.DescriptorProto.ReservedRange + (*EnumDescriptorProto_EnumReservedRange)(nil), // 32: google.protobuf.EnumDescriptorProto.EnumReservedRange + (*UninterpretedOption_NamePart)(nil), // 33: google.protobuf.UninterpretedOption.NamePart + (*SourceCodeInfo_Location)(nil), // 34: google.protobuf.SourceCodeInfo.Location + (*GeneratedCodeInfo_Annotation)(nil), // 35: google.protobuf.GeneratedCodeInfo.Annotation } var file_google_protobuf_descriptor_proto_depIdxs = []int32{ - 7, // 0: google.protobuf.FileDescriptorSet.file:type_name -> google.protobuf.FileDescriptorProto - 8, // 1: google.protobuf.FileDescriptorProto.message_type:type_name -> google.protobuf.DescriptorProto - 12, // 2: google.protobuf.FileDescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto - 14, // 3: google.protobuf.FileDescriptorProto.service:type_name -> google.protobuf.ServiceDescriptorProto - 10, // 4: google.protobuf.FileDescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto - 16, // 5: google.protobuf.FileDescriptorProto.options:type_name -> google.protobuf.FileOptions - 25, // 6: google.protobuf.FileDescriptorProto.source_code_info:type_name -> google.protobuf.SourceCodeInfo - 10, // 7: google.protobuf.DescriptorProto.field:type_name -> google.protobuf.FieldDescriptorProto - 10, // 8: google.protobuf.DescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto - 8, // 9: google.protobuf.DescriptorProto.nested_type:type_name -> google.protobuf.DescriptorProto - 12, // 10: google.protobuf.DescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto - 27, // 11: google.protobuf.DescriptorProto.extension_range:type_name -> google.protobuf.DescriptorProto.ExtensionRange - 11, // 12: google.protobuf.DescriptorProto.oneof_decl:type_name -> google.protobuf.OneofDescriptorProto - 17, // 13: google.protobuf.DescriptorProto.options:type_name -> google.protobuf.MessageOptions - 28, // 14: google.protobuf.DescriptorProto.reserved_range:type_name -> google.protobuf.DescriptorProto.ReservedRange - 24, // 15: google.protobuf.ExtensionRangeOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption + 10, // 0: google.protobuf.FileDescriptorSet.file:type_name -> google.protobuf.FileDescriptorProto + 11, // 1: google.protobuf.FileDescriptorProto.message_type:type_name -> google.protobuf.DescriptorProto + 15, // 2: google.protobuf.FileDescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto + 17, // 3: google.protobuf.FileDescriptorProto.service:type_name -> google.protobuf.ServiceDescriptorProto + 13, // 4: google.protobuf.FileDescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto + 19, // 5: google.protobuf.FileDescriptorProto.options:type_name -> google.protobuf.FileOptions + 28, // 6: google.protobuf.FileDescriptorProto.source_code_info:type_name -> google.protobuf.SourceCodeInfo + 13, // 7: google.protobuf.DescriptorProto.field:type_name -> google.protobuf.FieldDescriptorProto + 13, // 8: google.protobuf.DescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto + 11, // 9: google.protobuf.DescriptorProto.nested_type:type_name -> google.protobuf.DescriptorProto + 15, // 10: google.protobuf.DescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto + 30, // 11: google.protobuf.DescriptorProto.extension_range:type_name -> google.protobuf.DescriptorProto.ExtensionRange + 14, // 12: google.protobuf.DescriptorProto.oneof_decl:type_name -> google.protobuf.OneofDescriptorProto + 20, // 13: google.protobuf.DescriptorProto.options:type_name -> google.protobuf.MessageOptions + 31, // 14: google.protobuf.DescriptorProto.reserved_range:type_name -> google.protobuf.DescriptorProto.ReservedRange + 27, // 15: google.protobuf.ExtensionRangeOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption 1, // 16: google.protobuf.FieldDescriptorProto.label:type_name -> google.protobuf.FieldDescriptorProto.Label 0, // 17: google.protobuf.FieldDescriptorProto.type:type_name -> google.protobuf.FieldDescriptorProto.Type - 18, // 18: google.protobuf.FieldDescriptorProto.options:type_name -> google.protobuf.FieldOptions - 19, // 19: google.protobuf.OneofDescriptorProto.options:type_name -> google.protobuf.OneofOptions - 13, // 20: google.protobuf.EnumDescriptorProto.value:type_name -> google.protobuf.EnumValueDescriptorProto - 20, // 21: google.protobuf.EnumDescriptorProto.options:type_name -> google.protobuf.EnumOptions - 29, // 22: google.protobuf.EnumDescriptorProto.reserved_range:type_name -> google.protobuf.EnumDescriptorProto.EnumReservedRange - 21, // 23: google.protobuf.EnumValueDescriptorProto.options:type_name -> google.protobuf.EnumValueOptions - 15, // 24: google.protobuf.ServiceDescriptorProto.method:type_name -> google.protobuf.MethodDescriptorProto - 22, // 25: google.protobuf.ServiceDescriptorProto.options:type_name -> google.protobuf.ServiceOptions - 23, // 26: google.protobuf.MethodDescriptorProto.options:type_name -> google.protobuf.MethodOptions + 21, // 18: google.protobuf.FieldDescriptorProto.options:type_name -> google.protobuf.FieldOptions + 22, // 19: google.protobuf.OneofDescriptorProto.options:type_name -> google.protobuf.OneofOptions + 16, // 20: google.protobuf.EnumDescriptorProto.value:type_name -> google.protobuf.EnumValueDescriptorProto + 23, // 21: google.protobuf.EnumDescriptorProto.options:type_name -> google.protobuf.EnumOptions + 32, // 22: google.protobuf.EnumDescriptorProto.reserved_range:type_name -> google.protobuf.EnumDescriptorProto.EnumReservedRange + 24, // 23: google.protobuf.EnumValueDescriptorProto.options:type_name -> google.protobuf.EnumValueOptions + 18, // 24: google.protobuf.ServiceDescriptorProto.method:type_name -> google.protobuf.MethodDescriptorProto + 25, // 25: google.protobuf.ServiceDescriptorProto.options:type_name -> google.protobuf.ServiceOptions + 26, // 26: google.protobuf.MethodDescriptorProto.options:type_name -> google.protobuf.MethodOptions 2, // 27: google.protobuf.FileOptions.optimize_for:type_name -> google.protobuf.FileOptions.OptimizeMode - 24, // 28: google.protobuf.FileOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption - 24, // 29: google.protobuf.MessageOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption + 27, // 28: google.protobuf.FileOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption + 27, // 29: google.protobuf.MessageOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption 3, // 30: google.protobuf.FieldOptions.ctype:type_name -> google.protobuf.FieldOptions.CType 4, // 31: google.protobuf.FieldOptions.jstype:type_name -> google.protobuf.FieldOptions.JSType - 24, // 32: google.protobuf.FieldOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption - 24, // 33: google.protobuf.OneofOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption - 24, // 34: google.protobuf.EnumOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption - 24, // 35: google.protobuf.EnumValueOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption - 24, // 36: google.protobuf.ServiceOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption - 5, // 37: google.protobuf.MethodOptions.idempotency_level:type_name -> google.protobuf.MethodOptions.IdempotencyLevel - 24, // 38: google.protobuf.MethodOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption - 30, // 39: google.protobuf.UninterpretedOption.name:type_name -> google.protobuf.UninterpretedOption.NamePart - 31, // 40: google.protobuf.SourceCodeInfo.location:type_name -> google.protobuf.SourceCodeInfo.Location - 32, // 41: google.protobuf.GeneratedCodeInfo.annotation:type_name -> google.protobuf.GeneratedCodeInfo.Annotation - 9, // 42: google.protobuf.DescriptorProto.ExtensionRange.options:type_name -> google.protobuf.ExtensionRangeOptions - 43, // [43:43] is the sub-list for method output_type - 43, // [43:43] is the sub-list for method input_type - 43, // [43:43] is the sub-list for extension type_name - 43, // [43:43] is the sub-list for extension extendee - 0, // [0:43] is the sub-list for field type_name + 5, // 32: google.protobuf.FieldOptions.retention:type_name -> google.protobuf.FieldOptions.OptionRetention + 6, // 33: google.protobuf.FieldOptions.target:type_name -> google.protobuf.FieldOptions.OptionTargetType + 27, // 34: google.protobuf.FieldOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption + 27, // 35: google.protobuf.OneofOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption + 27, // 36: google.protobuf.EnumOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption + 27, // 37: google.protobuf.EnumValueOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption + 27, // 38: google.protobuf.ServiceOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption + 7, // 39: google.protobuf.MethodOptions.idempotency_level:type_name -> google.protobuf.MethodOptions.IdempotencyLevel + 27, // 40: google.protobuf.MethodOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption + 33, // 41: google.protobuf.UninterpretedOption.name:type_name -> google.protobuf.UninterpretedOption.NamePart + 34, // 42: google.protobuf.SourceCodeInfo.location:type_name -> google.protobuf.SourceCodeInfo.Location + 35, // 43: google.protobuf.GeneratedCodeInfo.annotation:type_name -> google.protobuf.GeneratedCodeInfo.Annotation + 12, // 44: google.protobuf.DescriptorProto.ExtensionRange.options:type_name -> google.protobuf.ExtensionRangeOptions + 8, // 45: google.protobuf.GeneratedCodeInfo.Annotation.semantic:type_name -> google.protobuf.GeneratedCodeInfo.Annotation.Semantic + 46, // [46:46] is the sub-list for method output_type + 46, // [46:46] is the sub-list for method input_type + 46, // [46:46] is the sub-list for extension type_name + 46, // [46:46] is the sub-list for extension extendee + 0, // [0:46] is the sub-list for field type_name } func init() { file_google_protobuf_descriptor_proto_init() } @@ -3940,7 +4333,7 @@ func file_google_protobuf_descriptor_proto_init() { File: protoimpl.DescBuilder{ GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_google_protobuf_descriptor_proto_rawDesc, - NumEnums: 6, + NumEnums: 9, NumMessages: 27, NumExtensions: 0, NumServices: 0, diff --git a/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go b/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go index c9ae92132..61f69fc11 100644 --- a/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go +++ b/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go @@ -36,8 +36,7 @@ // The Timestamp message represents a timestamp, // an instant in time since the Unix epoch (January 1st, 1970). // -// -// Conversion to a Go Time +// # Conversion to a Go Time // // The AsTime method can be used to convert a Timestamp message to a // standard Go time.Time value in UTC: @@ -59,8 +58,7 @@ // ... // handle error // } // -// -// Conversion from a Go Time +// # Conversion from a Go Time // // The timestamppb.New function can be used to construct a Timestamp message // from a standard Go time.Time value: @@ -72,7 +70,6 @@ // // ts := timestamppb.Now() // ... // make use of ts as a *timestamppb.Timestamp -// package timestamppb import ( @@ -101,52 +98,50 @@ import ( // // Example 1: Compute Timestamp from POSIX `time()`. // -// Timestamp timestamp; -// timestamp.set_seconds(time(NULL)); -// timestamp.set_nanos(0); +// Timestamp timestamp; +// timestamp.set_seconds(time(NULL)); +// timestamp.set_nanos(0); // // Example 2: Compute Timestamp from POSIX `gettimeofday()`. // -// struct timeval tv; -// gettimeofday(&tv, NULL); +// struct timeval tv; +// gettimeofday(&tv, NULL); // -// Timestamp timestamp; -// timestamp.set_seconds(tv.tv_sec); -// timestamp.set_nanos(tv.tv_usec * 1000); +// Timestamp timestamp; +// timestamp.set_seconds(tv.tv_sec); +// timestamp.set_nanos(tv.tv_usec * 1000); // // Example 3: Compute Timestamp from Win32 `GetSystemTimeAsFileTime()`. // -// FILETIME ft; -// GetSystemTimeAsFileTime(&ft); -// UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime; +// FILETIME ft; +// GetSystemTimeAsFileTime(&ft); +// UINT64 ticks = (((UINT64)ft.dwHighDateTime) << 32) | ft.dwLowDateTime; // -// // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z -// // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z. -// Timestamp timestamp; -// timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL)); -// timestamp.set_nanos((INT32) ((ticks % 10000000) * 100)); +// // A Windows tick is 100 nanoseconds. Windows epoch 1601-01-01T00:00:00Z +// // is 11644473600 seconds before Unix epoch 1970-01-01T00:00:00Z. +// Timestamp timestamp; +// timestamp.set_seconds((INT64) ((ticks / 10000000) - 11644473600LL)); +// timestamp.set_nanos((INT32) ((ticks % 10000000) * 100)); // // Example 4: Compute Timestamp from Java `System.currentTimeMillis()`. // -// long millis = System.currentTimeMillis(); -// -// Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000) -// .setNanos((int) ((millis % 1000) * 1000000)).build(); +// long millis = System.currentTimeMillis(); // +// Timestamp timestamp = Timestamp.newBuilder().setSeconds(millis / 1000) +// .setNanos((int) ((millis % 1000) * 1000000)).build(); // // Example 5: Compute Timestamp from Java `Instant.now()`. // -// Instant now = Instant.now(); -// -// Timestamp timestamp = -// Timestamp.newBuilder().setSeconds(now.getEpochSecond()) -// .setNanos(now.getNano()).build(); +// Instant now = Instant.now(); // +// Timestamp timestamp = +// Timestamp.newBuilder().setSeconds(now.getEpochSecond()) +// .setNanos(now.getNano()).build(); // // Example 6: Compute Timestamp from current time in Python. // -// timestamp = Timestamp() -// timestamp.GetCurrentTime() +// timestamp = Timestamp() +// timestamp.GetCurrentTime() // // # JSON Mapping // @@ -174,8 +169,6 @@ import ( // the Joda Time's [`ISODateTimeFormat.dateTime()`]( // http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D // ) to obtain a formatter capable of generating timestamps in this format. -// -// type Timestamp struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache diff --git a/vendor/modules.txt b/vendor/modules.txt index 7138777e5..b6625590b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -5,7 +5,7 @@ bitbucket.org/liamstask/goose/lib/goose # github.com/beorn7/perks v1.0.1 ## explicit; go 1.11 github.com/beorn7/perks/quantile -# github.com/cespare/xxhash/v2 v2.1.2 +# github.com/cespare/xxhash/v2 v2.2.0 ## explicit; go 1.11 github.com/cespare/xxhash/v2 # github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a @@ -42,7 +42,7 @@ github.com/go-logr/logr # github.com/go-sql-driver/mysql v1.6.0 ## explicit; go 1.10 github.com/go-sql-driver/mysql -# github.com/golang/protobuf v1.5.2 +# github.com/golang/protobuf v1.5.3 ## explicit; go 1.9 github.com/golang/protobuf/proto github.com/golang/protobuf/ptypes/timestamp @@ -80,32 +80,34 @@ github.com/lib/pq/scram # github.com/mattn/go-sqlite3 v1.14.15 ## explicit; go 1.16 github.com/mattn/go-sqlite3 -# github.com/matttproud/golang_protobuf_extensions v1.0.2 +# github.com/matttproud/golang_protobuf_extensions v1.0.4 ## explicit; go 1.9 github.com/matttproud/golang_protobuf_extensions/pbutil # github.com/pmezard/go-difflib v1.0.0 ## explicit github.com/pmezard/go-difflib/difflib -# github.com/prometheus/client_golang v1.13.0 +# github.com/prometheus/client_golang v1.15.1 ## explicit; go 1.17 github.com/prometheus/client_golang/prometheus github.com/prometheus/client_golang/prometheus/internal github.com/prometheus/client_golang/prometheus/promauto github.com/prometheus/client_golang/prometheus/promhttp -# github.com/prometheus/client_model v0.2.0 +# github.com/prometheus/client_model v0.3.0 ## explicit; go 1.9 github.com/prometheus/client_model/go -# github.com/prometheus/common v0.37.0 -## explicit; go 1.16 +# github.com/prometheus/common v0.42.0 +## explicit; go 1.18 github.com/prometheus/common/expfmt github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg github.com/prometheus/common/model -# github.com/prometheus/procfs v0.8.0 -## explicit; go 1.17 +# github.com/prometheus/procfs v0.9.0 +## explicit; go 1.18 github.com/prometheus/procfs github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/util -# github.com/stretchr/testify v1.7.0 +# github.com/rogpeppe/go-internal v1.10.0 +## explicit; go 1.19 +# github.com/stretchr/testify v1.8.0 ## explicit; go 1.13 github.com/stretchr/testify/assert github.com/stretchr/testify/require @@ -160,7 +162,7 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf ## explicit; go 1.17 golang.org/x/net/context/ctxhttp golang.org/x/net/idna -# golang.org/x/sys v0.5.0 +# golang.org/x/sys v0.6.0 ## explicit; go 1.17 golang.org/x/sys/cpu golang.org/x/sys/internal/unsafeheader @@ -172,7 +174,7 @@ golang.org/x/text/secure/bidirule golang.org/x/text/transform golang.org/x/text/unicode/bidi golang.org/x/text/unicode/norm -# google.golang.org/protobuf v1.28.1 +# google.golang.org/protobuf v1.30.0 ## explicit; go 1.11 google.golang.org/protobuf/encoding/prototext google.golang.org/protobuf/encoding/protowire From 03a86ea2cddbcb84900d462c6ac6597ddd883e95 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 May 2023 15:45:58 +0000 Subject: [PATCH 16/73] build(deps): bump github.com/jmoiron/sqlx from 1.3.3 to 1.3.5 Bumps [github.com/jmoiron/sqlx](https://github.com/jmoiron/sqlx) from 1.3.3 to 1.3.5. - [Commits](https://github.com/jmoiron/sqlx/compare/v1.3.3...v1.3.5) --- updated-dependencies: - dependency-name: github.com/jmoiron/sqlx dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 5 ++- vendor/github.com/jmoiron/sqlx/.travis.yml | 5 ++- vendor/github.com/jmoiron/sqlx/bind.go | 2 +- vendor/github.com/jmoiron/sqlx/named.go | 42 +++++++++++++++------- vendor/github.com/jmoiron/sqlx/sqlx.go | 8 +++-- vendor/modules.txt | 2 +- 7 files changed, 42 insertions(+), 24 deletions(-) diff --git a/go.mod b/go.mod index da6944dd9..368f0efbc 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/go-sql-driver/mysql v1.6.0 github.com/google/certificate-transparency-go v1.1.4 github.com/jmhodges/clock v1.2.0 - github.com/jmoiron/sqlx v1.3.3 + github.com/jmoiron/sqlx v1.3.5 github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46 github.com/lib/pq v1.10.1 github.com/mattn/go-sqlite3 v1.14.15 diff --git a/go.sum b/go.sum index a53af1928..6e78ce7ab 100644 --- a/go.sum +++ b/go.sum @@ -110,7 +110,6 @@ github.com/go-logfmt/logfmt v0.5.1/go.mod h1:WYhtIu8zTZfxdn5+rREduYbwxfcBr/Vr6KE github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8= -github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= @@ -192,8 +191,8 @@ github.com/iris-contrib/pongo2 v0.0.1/go.mod h1:Ssh+00+3GAZqSQb30AvBRNxBx7rf0Gqw github.com/iris-contrib/schema v0.0.1/go.mod h1:urYA3uvUNG1TIIjOSCzHr9/LmbQo8LrOcOqfqxa4hXw= github.com/jmhodges/clock v1.2.0 h1:eq4kys+NI0PLngzaHEe7AmPT90XMGIEySD1JfV1PDIs= github.com/jmhodges/clock v1.2.0/go.mod h1:qKjhA7x7u/lQpPB1XAqX1b1lCI/w3/fNuYpI/ZjLynI= -github.com/jmoiron/sqlx v1.3.3 h1:j82X0bf7oQ27XeqxicSZsTU5suPwKElg3oyxNn43iTk= -github.com/jmoiron/sqlx v1.3.3/go.mod h1:2BljVx/86SuTyjE+aPYlHCTNvZrnJXghYGpNiXLBMCQ= +github.com/jmoiron/sqlx v1.3.5 h1:vFFPA71p1o5gAeqtEAwLU4dnX2napprKtHr7PYIcN3g= +github.com/jmoiron/sqlx v1.3.5/go.mod h1:nRVWtLre0KfCLJvgxzCsLVMogSvQ1zNJtpYr2Ccp0mQ= github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= diff --git a/vendor/github.com/jmoiron/sqlx/.travis.yml b/vendor/github.com/jmoiron/sqlx/.travis.yml index d7281526e..1cfa28cb3 100644 --- a/vendor/github.com/jmoiron/sqlx/.travis.yml +++ b/vendor/github.com/jmoiron/sqlx/.travis.yml @@ -18,9 +18,8 @@ before_install: # go versions to test go: - - "1.10.x" - - "1.11.x" - - "1.12.x" + - "1.15.x" + - "1.16.x" # run tests w/ coverage script: diff --git a/vendor/github.com/jmoiron/sqlx/bind.go b/vendor/github.com/jmoiron/sqlx/bind.go index 369d73b2e..ec0da4e72 100644 --- a/vendor/github.com/jmoiron/sqlx/bind.go +++ b/vendor/github.com/jmoiron/sqlx/bind.go @@ -24,7 +24,7 @@ const ( var defaultBinds = map[int][]string{ DOLLAR: []string{"postgres", "pgx", "pq-timeouts", "cloudsqlpostgres", "ql", "nrpostgres", "cockroach"}, QUESTION: []string{"mysql", "sqlite3", "nrmysql", "nrsqlite3"}, - NAMED: []string{"oci8", "ora", "goracle"}, + NAMED: []string{"oci8", "ora", "goracle", "godror"}, AT: []string{"sqlserver"}, } diff --git a/vendor/github.com/jmoiron/sqlx/named.go b/vendor/github.com/jmoiron/sqlx/named.go index 1f4161217..728aa04d0 100644 --- a/vendor/github.com/jmoiron/sqlx/named.go +++ b/vendor/github.com/jmoiron/sqlx/named.go @@ -224,29 +224,47 @@ func bindStruct(bindType int, query string, arg interface{}, m *reflectx.Mapper) return bound, arglist, nil } -var valueBracketReg = regexp.MustCompile(`(?i)VALUES\s*(\([^(]*.[^(]\))`) +var valuesReg = regexp.MustCompile(`\)\s*(?i)VALUES\s*\(`) -func fixBound(bound string, loop int) string { +func findMatchingClosingBracketIndex(s string) int { + count := 0 + for i, ch := range s { + if ch == '(' { + count++ + } + if ch == ')' { + count-- + if count == 0 { + return i + } + } + } + return 0 +} - loc := valueBracketReg.FindAllStringSubmatchIndex(bound, -1) - // Either no VALUES () found or more than one found?? - if len(loc) != 1 { +func fixBound(bound string, loop int) string { + loc := valuesReg.FindStringIndex(bound) + // defensive guard when "VALUES (...)" not found + if len(loc) < 2 { return bound } - // defensive guard. loc should be len 4 representing the starting and - // ending index for the whole regex match and the starting + ending - // index for the single inside group - if len(loc[0]) != 4 { + + openingBracketIndex := loc[1] - 1 + index := findMatchingClosingBracketIndex(bound[openingBracketIndex:]) + // defensive guard. must have closing bracket + if index == 0 { return bound } + closingBracketIndex := openingBracketIndex + index + 1 + var buffer bytes.Buffer - buffer.WriteString(bound[0:loc[0][1]]) + buffer.WriteString(bound[0:closingBracketIndex]) for i := 0; i < loop-1; i++ { buffer.WriteString(",") - buffer.WriteString(bound[loc[0][2]:loc[0][3]]) + buffer.WriteString(bound[openingBracketIndex:closingBracketIndex]) } - buffer.WriteString(bound[loc[0][1]:]) + buffer.WriteString(bound[closingBracketIndex:]) return buffer.String() } diff --git a/vendor/github.com/jmoiron/sqlx/sqlx.go b/vendor/github.com/jmoiron/sqlx/sqlx.go index 112ef70e9..f7b287683 100644 --- a/vendor/github.com/jmoiron/sqlx/sqlx.go +++ b/vendor/github.com/jmoiron/sqlx/sqlx.go @@ -878,9 +878,10 @@ func structOnlyError(t reflect.Type) error { } // scanAll scans all rows into a destination, which must be a slice of any -// type. If the destination slice type is a Struct, then StructScan will be -// used on each row. If the destination is some other kind of base type, then -// each row must only have one column which can scan into that type. This +// type. It resets the slice length to zero before appending each element to +// the slice. If the destination slice type is a Struct, then StructScan will +// be used on each row. If the destination is some other kind of base type, +// then each row must only have one column which can scan into that type. This // allows you to do something like: // // rows, _ := db.Query("select id from people;") @@ -910,6 +911,7 @@ func scanAll(rows rowsi, dest interface{}, structOnly bool) error { if err != nil { return err } + direct.SetLen(0) isPtr := slice.Elem().Kind() == reflect.Ptr base := reflectx.Deref(slice.Elem()) diff --git a/vendor/modules.txt b/vendor/modules.txt index 7138777e5..810c8b2f7 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -59,7 +59,7 @@ github.com/google/certificate-transparency-go/x509/pkix # github.com/jmhodges/clock v1.2.0 ## explicit; go 1.17 github.com/jmhodges/clock -# github.com/jmoiron/sqlx v1.3.3 +# github.com/jmoiron/sqlx v1.3.5 ## explicit; go 1.10 github.com/jmoiron/sqlx github.com/jmoiron/sqlx/reflectx From 04f6d3e068bdc95b0c7b60911ff6f1760e1703f6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 May 2023 16:07:05 +0000 Subject: [PATCH 17/73] build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.7.1 Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.6.0 to 1.7.1. - [Release notes](https://github.com/go-sql-driver/mysql/releases) - [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md) - [Commits](https://github.com/go-sql-driver/mysql/compare/v1.6.0...v1.7.1) --- updated-dependencies: - dependency-name: github.com/go-sql-driver/mysql dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 3 +- vendor/github.com/go-sql-driver/mysql/AUTHORS | 9 ++ .../go-sql-driver/mysql/CHANGELOG.md | 34 +++++ .../github.com/go-sql-driver/mysql/README.md | 21 ++- .../go-sql-driver/mysql/atomic_bool.go | 19 +++ .../go-sql-driver/mysql/atomic_bool_go118.go | 47 +++++++ vendor/github.com/go-sql-driver/mysql/auth.go | 56 ++++---- .../go-sql-driver/mysql/collations.go | 3 +- .../go-sql-driver/mysql/conncheck.go | 1 + .../go-sql-driver/mysql/conncheck_dummy.go | 1 + .../go-sql-driver/mysql/connection.go | 26 ++-- .../github.com/go-sql-driver/mysql/const.go | 2 +- .../github.com/go-sql-driver/mysql/driver.go | 6 +- vendor/github.com/go-sql-driver/mysql/dsn.go | 73 +++++++---- .../github.com/go-sql-driver/mysql/errors.go | 18 ++- .../github.com/go-sql-driver/mysql/fields.go | 14 +- vendor/github.com/go-sql-driver/mysql/fuzz.go | 1 + .../github.com/go-sql-driver/mysql/infile.go | 32 ++--- .../go-sql-driver/mysql/nulltime.go | 21 +++ .../go-sql-driver/mysql/nulltime_go113.go | 40 ------ .../go-sql-driver/mysql/nulltime_legacy.go | 39 ------ .../github.com/go-sql-driver/mysql/packets.go | 90 ++++++------- .../go-sql-driver/mysql/statement.go | 8 +- .../go-sql-driver/mysql/transaction.go | 4 +- .../github.com/go-sql-driver/mysql/utils.go | 122 +++++++----------- vendor/modules.txt | 4 +- 27 files changed, 391 insertions(+), 305 deletions(-) create mode 100644 vendor/github.com/go-sql-driver/mysql/atomic_bool.go create mode 100644 vendor/github.com/go-sql-driver/mysql/atomic_bool_go118.go delete mode 100644 vendor/github.com/go-sql-driver/mysql/nulltime_go113.go delete mode 100644 vendor/github.com/go-sql-driver/mysql/nulltime_legacy.go diff --git a/go.mod b/go.mod index 556a3d355..b3cf4ca74 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ require ( bitbucket.org/liamstask/goose v0.0.0-20150115234039-8488cc47d90c github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a github.com/cloudflare/redoctober v0.0.0-20211013234631-6a74ccc611f6 - github.com/go-sql-driver/mysql v1.6.0 + github.com/go-sql-driver/mysql v1.7.1 github.com/google/certificate-transparency-go v1.1.4 github.com/jmhodges/clock v1.2.0 github.com/jmoiron/sqlx v1.3.5 diff --git a/go.sum b/go.sum index ca331aeae..d44ba9284 100644 --- a/go.sum +++ b/go.sum @@ -109,8 +109,9 @@ github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8= -github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= +github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= +github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo= github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= diff --git a/vendor/github.com/go-sql-driver/mysql/AUTHORS b/vendor/github.com/go-sql-driver/mysql/AUTHORS index 50afa2c85..fb1478c3b 100644 --- a/vendor/github.com/go-sql-driver/mysql/AUTHORS +++ b/vendor/github.com/go-sql-driver/mysql/AUTHORS @@ -23,6 +23,7 @@ Asta Xie Bulat Gaifullin Caine Jette Carlos Nieto +Chris Kirkland Chris Moos Craig Wilson Daniel Montoya @@ -45,6 +46,7 @@ Ilia Cimpoes INADA Naoki Jacek Szwec James Harr +Janek Vedock Jeff Hodges Jeffrey Charles Jerome Meyer @@ -59,12 +61,14 @@ Kamil Dziedzic Kei Kamikawa Kevin Malachowski Kieron Woodhouse +Lance Tian Lennart Rudolph Leonardo YongUk Kim Linh Tran Tuan Lion Yang Luca Looz Lucas Liu +Lunny Xiao Luke Scott Maciej Zimnoch Michael Woolnough @@ -74,11 +78,14 @@ Olivier Mengué oscarzhao Paul Bonser Peter Schultz +Phil Porada Rebecca Chin Reed Allman Richard Wilkes Robert Russell Runrioter Wung +Samantha Frank +Santhosh Kumar Tekuri Sho Iizuka Sho Ikeda Shuode Li @@ -99,12 +106,14 @@ Xiuming Chen Xuehong Chan Zhenye Xie Zhixin Wen +Ziheng Lyu # Organizations Barracuda Networks, Inc. Counting Ltd. DigitalOcean Inc. +dyves labs AG Facebook Inc. GitHub Inc. Google Inc. diff --git a/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md b/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md index 72a738ed5..5166e4adb 100644 --- a/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md +++ b/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md @@ -1,3 +1,37 @@ +## Version 1.7.1 (2023-04-25) + +Changes: + + - bump actions/checkout@v3 and actions/setup-go@v3 (#1375) + - Add go1.20 and mariadb10.11 to the testing matrix (#1403) + - Increase default maxAllowedPacket size. (#1411) + +Bugfixes: + + - Use SET syntax as specified in the MySQL documentation (#1402) + + +## Version 1.7 (2022-11-29) + +Changes: + + - Drop support of Go 1.12 (#1211) + - Refactoring `(*textRows).readRow` in a more clear way (#1230) + - util: Reduce boundary check in escape functions. (#1316) + - enhancement for mysqlConn handleAuthResult (#1250) + +New Features: + + - support Is comparison on MySQLError (#1210) + - return unsigned in database type name when necessary (#1238) + - Add API to express like a --ssl-mode=PREFERRED MySQL client (#1370) + - Add SQLState to MySQLError (#1321) + +Bugfixes: + + - Fix parsing 0 year. (#1257) + + ## Version 1.6 (2021-04-01) Changes: diff --git a/vendor/github.com/go-sql-driver/mysql/README.md b/vendor/github.com/go-sql-driver/mysql/README.md index 0b13154fc..3b5d229aa 100644 --- a/vendor/github.com/go-sql-driver/mysql/README.md +++ b/vendor/github.com/go-sql-driver/mysql/README.md @@ -40,7 +40,7 @@ A MySQL-Driver for Go's [database/sql](https://golang.org/pkg/database/sql/) pac * Optional placeholder interpolation ## Requirements - * Go 1.10 or higher. We aim to support the 3 latest versions of Go. + * Go 1.13 or higher. We aim to support the 3 latest versions of Go. * MySQL (4.1+), MariaDB, Percona Server, Google CloudSQL or Sphinx (2.2.3+) --------------------------------------- @@ -85,7 +85,7 @@ db.SetMaxIdleConns(10) `db.SetMaxOpenConns()` is highly recommended to limit the number of connection used by the application. There is no recommended limit number because it depends on application and MySQL server. -`db.SetMaxIdleConns()` is recommended to be set same to (or greater than) `db.SetMaxOpenConns()`. When it is smaller than `SetMaxOpenConns()`, connections can be opened and closed very frequently than you expect. Idle connections can be closed by the `db.SetConnMaxLifetime()`. If you want to close idle connections more rapidly, you can use `db.SetConnMaxIdleTime()` since Go 1.15. +`db.SetMaxIdleConns()` is recommended to be set same to `db.SetMaxOpenConns()`. When it is smaller than `SetMaxOpenConns()`, connections can be opened and closed much more frequently than you expect. Idle connections can be closed by the `db.SetConnMaxLifetime()`. If you want to close idle connections more rapidly, you can use `db.SetConnMaxIdleTime()` since Go 1.15. ### DSN (Data Source Name) @@ -157,6 +157,17 @@ Default: false `allowCleartextPasswords=true` allows using the [cleartext client side plugin](https://dev.mysql.com/doc/en/cleartext-pluggable-authentication.html) if required by an account, such as one defined with the [PAM authentication plugin](http://dev.mysql.com/doc/en/pam-authentication-plugin.html). Sending passwords in clear text may be a security problem in some configurations. To avoid problems if there is any possibility that the password would be intercepted, clients should connect to MySQL Server using a method that protects the password. Possibilities include [TLS / SSL](#tls), IPsec, or a private network. + +##### `allowFallbackToPlaintext` + +``` +Type: bool +Valid Values: true, false +Default: false +``` + +`allowFallbackToPlaintext=true` acts like a `--ssl-mode=PREFERRED` MySQL client as described in [Command Options for Connecting to the Server](https://dev.mysql.com/doc/refman/5.7/en/connection-options.html#option_general_ssl-mode) + ##### `allowNativePasswords` ``` @@ -271,10 +282,10 @@ Please keep in mind, that param values must be [url.QueryEscape](https://golang. ##### `maxAllowedPacket` ``` Type: decimal number -Default: 4194304 +Default: 64*1024*1024 ``` -Max packet size allowed in bytes. The default value is 4 MiB and should be adjusted to match the server settings. `maxAllowedPacket=0` can be used to automatically fetch the `max_allowed_packet` variable from server *on every connection*. +Max packet size allowed in bytes. The default value is 64 MiB and should be adjusted to match the server settings. `maxAllowedPacket=0` can be used to automatically fetch the `max_allowed_packet` variable from server *on every connection*. ##### `multiStatements` @@ -454,7 +465,7 @@ user:password@/ The connection pool is managed by Go's database/sql package. For details on how to configure the size of the pool and how long connections stay in the pool see `*DB.SetMaxOpenConns`, `*DB.SetMaxIdleConns`, and `*DB.SetConnMaxLifetime` in the [database/sql documentation](https://golang.org/pkg/database/sql/). The read, write, and dial timeouts for each individual connection are configured with the DSN parameters [`readTimeout`](#readtimeout), [`writeTimeout`](#writetimeout), and [`timeout`](#timeout), respectively. ## `ColumnType` Support -This driver supports the [`ColumnType` interface](https://golang.org/pkg/database/sql/#ColumnType) introduced in Go 1.8, with the exception of [`ColumnType.Length()`](https://golang.org/pkg/database/sql/#ColumnType.Length), which is currently not supported. +This driver supports the [`ColumnType` interface](https://golang.org/pkg/database/sql/#ColumnType) introduced in Go 1.8, with the exception of [`ColumnType.Length()`](https://golang.org/pkg/database/sql/#ColumnType.Length), which is currently not supported. All Unsigned database type names will be returned `UNSIGNED ` with `INT`, `TINYINT`, `SMALLINT`, `BIGINT`. ## `context.Context` Support Go 1.8 added `database/sql` support for `context.Context`. This driver supports query timeouts and cancellation via contexts. diff --git a/vendor/github.com/go-sql-driver/mysql/atomic_bool.go b/vendor/github.com/go-sql-driver/mysql/atomic_bool.go new file mode 100644 index 000000000..1b7e19f3e --- /dev/null +++ b/vendor/github.com/go-sql-driver/mysql/atomic_bool.go @@ -0,0 +1,19 @@ +// Go MySQL Driver - A MySQL-Driver for Go's database/sql package. +// +// Copyright 2022 The Go-MySQL-Driver Authors. All rights reserved. +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this file, +// You can obtain one at http://mozilla.org/MPL/2.0/. +//go:build go1.19 +// +build go1.19 + +package mysql + +import "sync/atomic" + +/****************************************************************************** +* Sync utils * +******************************************************************************/ + +type atomicBool = atomic.Bool diff --git a/vendor/github.com/go-sql-driver/mysql/atomic_bool_go118.go b/vendor/github.com/go-sql-driver/mysql/atomic_bool_go118.go new file mode 100644 index 000000000..2e9a7f0b6 --- /dev/null +++ b/vendor/github.com/go-sql-driver/mysql/atomic_bool_go118.go @@ -0,0 +1,47 @@ +// Go MySQL Driver - A MySQL-Driver for Go's database/sql package. +// +// Copyright 2022 The Go-MySQL-Driver Authors. All rights reserved. +// +// This Source Code Form is subject to the terms of the Mozilla Public +// License, v. 2.0. If a copy of the MPL was not distributed with this file, +// You can obtain one at http://mozilla.org/MPL/2.0/. +//go:build !go1.19 +// +build !go1.19 + +package mysql + +import "sync/atomic" + +/****************************************************************************** +* Sync utils * +******************************************************************************/ + +// atomicBool is an implementation of atomic.Bool for older version of Go. +// it is a wrapper around uint32 for usage as a boolean value with +// atomic access. +type atomicBool struct { + _ noCopy + value uint32 +} + +// Load returns whether the current boolean value is true +func (ab *atomicBool) Load() bool { + return atomic.LoadUint32(&ab.value) > 0 +} + +// Store sets the value of the bool regardless of the previous value +func (ab *atomicBool) Store(value bool) { + if value { + atomic.StoreUint32(&ab.value, 1) + } else { + atomic.StoreUint32(&ab.value, 0) + } +} + +// Swap sets the value of the bool and returns the old value. +func (ab *atomicBool) Swap(value bool) bool { + if value { + return atomic.SwapUint32(&ab.value, 1) > 0 + } + return atomic.SwapUint32(&ab.value, 0) > 0 +} diff --git a/vendor/github.com/go-sql-driver/mysql/auth.go b/vendor/github.com/go-sql-driver/mysql/auth.go index b2f19e8f0..1ff203e57 100644 --- a/vendor/github.com/go-sql-driver/mysql/auth.go +++ b/vendor/github.com/go-sql-driver/mysql/auth.go @@ -33,27 +33,26 @@ var ( // Note: The provided rsa.PublicKey instance is exclusively owned by the driver // after registering it and may not be modified. // -// data, err := ioutil.ReadFile("mykey.pem") -// if err != nil { -// log.Fatal(err) -// } +// data, err := ioutil.ReadFile("mykey.pem") +// if err != nil { +// log.Fatal(err) +// } // -// block, _ := pem.Decode(data) -// if block == nil || block.Type != "PUBLIC KEY" { -// log.Fatal("failed to decode PEM block containing public key") -// } +// block, _ := pem.Decode(data) +// if block == nil || block.Type != "PUBLIC KEY" { +// log.Fatal("failed to decode PEM block containing public key") +// } // -// pub, err := x509.ParsePKIXPublicKey(block.Bytes) -// if err != nil { -// log.Fatal(err) -// } -// -// if rsaPubKey, ok := pub.(*rsa.PublicKey); ok { -// mysql.RegisterServerPubKey("mykey", rsaPubKey) -// } else { -// log.Fatal("not a RSA public key") -// } +// pub, err := x509.ParsePKIXPublicKey(block.Bytes) +// if err != nil { +// log.Fatal(err) +// } // +// if rsaPubKey, ok := pub.(*rsa.PublicKey); ok { +// mysql.RegisterServerPubKey("mykey", rsaPubKey) +// } else { +// log.Fatal("not a RSA public key") +// } func RegisterServerPubKey(name string, pubKey *rsa.PublicKey) { serverPubKeyLock.Lock() if serverPubKeyRegistry == nil { @@ -274,7 +273,9 @@ func (mc *mysqlConn) auth(authData []byte, plugin string) ([]byte, error) { if len(mc.cfg.Passwd) == 0 { return []byte{0}, nil } - if mc.cfg.tls != nil || mc.cfg.Net == "unix" { + // unlike caching_sha2_password, sha256_password does not accept + // cleartext password on unix transport. + if mc.cfg.TLS != nil { // write cleartext auth packet return append([]byte(mc.cfg.Passwd), 0), nil } @@ -350,7 +351,7 @@ func (mc *mysqlConn) handleAuthResult(oldAuthData []byte, plugin string) error { } case cachingSha2PasswordPerformFullAuthentication: - if mc.cfg.tls != nil || mc.cfg.Net == "unix" { + if mc.cfg.TLS != nil || mc.cfg.Net == "unix" { // write cleartext auth packet err = mc.writeAuthSwitchPacket(append([]byte(mc.cfg.Passwd), 0)) if err != nil { @@ -365,13 +366,20 @@ func (mc *mysqlConn) handleAuthResult(oldAuthData []byte, plugin string) error { return err } data[4] = cachingSha2PasswordRequestPublicKey - mc.writePacket(data) + err = mc.writePacket(data) + if err != nil { + return err + } - // parse public key if data, err = mc.readPacket(); err != nil { return err } + if data[0] != iAuthMoreData { + return fmt.Errorf("unexpect resp from server for caching_sha2_password perform full authentication") + } + + // parse public key block, rest := pem.Decode(data[1:]) if block == nil { return fmt.Errorf("No Pem data found, data: %s", rest) @@ -404,6 +412,10 @@ func (mc *mysqlConn) handleAuthResult(oldAuthData []byte, plugin string) error { return nil // auth successful default: block, _ := pem.Decode(authData) + if block == nil { + return fmt.Errorf("no Pem data found, data: %s", authData) + } + pub, err := x509.ParsePKIXPublicKey(block.Bytes) if err != nil { return err diff --git a/vendor/github.com/go-sql-driver/mysql/collations.go b/vendor/github.com/go-sql-driver/mysql/collations.go index 326a9f7fa..295bfbe52 100644 --- a/vendor/github.com/go-sql-driver/mysql/collations.go +++ b/vendor/github.com/go-sql-driver/mysql/collations.go @@ -13,7 +13,8 @@ const binaryCollation = "binary" // A list of available collations mapped to the internal ID. // To update this map use the following MySQL query: -// SELECT COLLATION_NAME, ID FROM information_schema.COLLATIONS WHERE ID<256 ORDER BY ID +// +// SELECT COLLATION_NAME, ID FROM information_schema.COLLATIONS WHERE ID<256 ORDER BY ID // // Handshake packet have only 1 byte for collation_id. So we can't use collations with ID > 255. // diff --git a/vendor/github.com/go-sql-driver/mysql/conncheck.go b/vendor/github.com/go-sql-driver/mysql/conncheck.go index 024eb2858..0ea721720 100644 --- a/vendor/github.com/go-sql-driver/mysql/conncheck.go +++ b/vendor/github.com/go-sql-driver/mysql/conncheck.go @@ -6,6 +6,7 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this file, // You can obtain one at http://mozilla.org/MPL/2.0/. +//go:build linux || darwin || dragonfly || freebsd || netbsd || openbsd || solaris || illumos // +build linux darwin dragonfly freebsd netbsd openbsd solaris illumos package mysql diff --git a/vendor/github.com/go-sql-driver/mysql/conncheck_dummy.go b/vendor/github.com/go-sql-driver/mysql/conncheck_dummy.go index ea7fb607a..a56c138f2 100644 --- a/vendor/github.com/go-sql-driver/mysql/conncheck_dummy.go +++ b/vendor/github.com/go-sql-driver/mysql/conncheck_dummy.go @@ -6,6 +6,7 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this file, // You can obtain one at http://mozilla.org/MPL/2.0/. +//go:build !linux && !darwin && !dragonfly && !freebsd && !netbsd && !openbsd && !solaris && !illumos // +build !linux,!darwin,!dragonfly,!freebsd,!netbsd,!openbsd,!solaris,!illumos package mysql diff --git a/vendor/github.com/go-sql-driver/mysql/connection.go b/vendor/github.com/go-sql-driver/mysql/connection.go index 835f89729..947a883e3 100644 --- a/vendor/github.com/go-sql-driver/mysql/connection.go +++ b/vendor/github.com/go-sql-driver/mysql/connection.go @@ -71,10 +71,10 @@ func (mc *mysqlConn) handleParams() (err error) { cmdSet.Grow(4 + len(param) + 1 + len(val) + 30*(len(mc.cfg.Params)-1)) cmdSet.WriteString("SET ") } else { - cmdSet.WriteByte(',') + cmdSet.WriteString(", ") } cmdSet.WriteString(param) - cmdSet.WriteByte('=') + cmdSet.WriteString(" = ") cmdSet.WriteString(val) } } @@ -104,7 +104,7 @@ func (mc *mysqlConn) Begin() (driver.Tx, error) { } func (mc *mysqlConn) begin(readOnly bool) (driver.Tx, error) { - if mc.closed.IsSet() { + if mc.closed.Load() { errLog.Print(ErrInvalidConn) return nil, driver.ErrBadConn } @@ -123,7 +123,7 @@ func (mc *mysqlConn) begin(readOnly bool) (driver.Tx, error) { func (mc *mysqlConn) Close() (err error) { // Makes Close idempotent - if !mc.closed.IsSet() { + if !mc.closed.Load() { err = mc.writeCommandPacket(comQuit) } @@ -137,7 +137,7 @@ func (mc *mysqlConn) Close() (err error) { // is called before auth or on auth failure because MySQL will have already // closed the network connection. func (mc *mysqlConn) cleanup() { - if !mc.closed.TrySet(true) { + if mc.closed.Swap(true) { return } @@ -152,7 +152,7 @@ func (mc *mysqlConn) cleanup() { } func (mc *mysqlConn) error() error { - if mc.closed.IsSet() { + if mc.closed.Load() { if err := mc.canceled.Value(); err != nil { return err } @@ -162,7 +162,7 @@ func (mc *mysqlConn) error() error { } func (mc *mysqlConn) Prepare(query string) (driver.Stmt, error) { - if mc.closed.IsSet() { + if mc.closed.Load() { errLog.Print(ErrInvalidConn) return nil, driver.ErrBadConn } @@ -295,7 +295,7 @@ func (mc *mysqlConn) interpolateParams(query string, args []driver.Value) (strin } func (mc *mysqlConn) Exec(query string, args []driver.Value) (driver.Result, error) { - if mc.closed.IsSet() { + if mc.closed.Load() { errLog.Print(ErrInvalidConn) return nil, driver.ErrBadConn } @@ -356,7 +356,7 @@ func (mc *mysqlConn) Query(query string, args []driver.Value) (driver.Rows, erro } func (mc *mysqlConn) query(query string, args []driver.Value) (*textRows, error) { - if mc.closed.IsSet() { + if mc.closed.Load() { errLog.Print(ErrInvalidConn) return nil, driver.ErrBadConn } @@ -450,7 +450,7 @@ func (mc *mysqlConn) finish() { // Ping implements driver.Pinger interface func (mc *mysqlConn) Ping(ctx context.Context) (err error) { - if mc.closed.IsSet() { + if mc.closed.Load() { errLog.Print(ErrInvalidConn) return driver.ErrBadConn } @@ -469,7 +469,7 @@ func (mc *mysqlConn) Ping(ctx context.Context) (err error) { // BeginTx implements driver.ConnBeginTx interface func (mc *mysqlConn) BeginTx(ctx context.Context, opts driver.TxOptions) (driver.Tx, error) { - if mc.closed.IsSet() { + if mc.closed.Load() { return nil, driver.ErrBadConn } @@ -636,7 +636,7 @@ func (mc *mysqlConn) CheckNamedValue(nv *driver.NamedValue) (err error) { // ResetSession implements driver.SessionResetter. // (From Go 1.10) func (mc *mysqlConn) ResetSession(ctx context.Context) error { - if mc.closed.IsSet() { + if mc.closed.Load() { return driver.ErrBadConn } mc.reset = true @@ -646,5 +646,5 @@ func (mc *mysqlConn) ResetSession(ctx context.Context) error { // IsValid implements driver.Validator interface // (From Go 1.15) func (mc *mysqlConn) IsValid() bool { - return !mc.closed.IsSet() + return !mc.closed.Load() } diff --git a/vendor/github.com/go-sql-driver/mysql/const.go b/vendor/github.com/go-sql-driver/mysql/const.go index b1e6b85ef..64e2bced6 100644 --- a/vendor/github.com/go-sql-driver/mysql/const.go +++ b/vendor/github.com/go-sql-driver/mysql/const.go @@ -10,7 +10,7 @@ package mysql const ( defaultAuthPlugin = "mysql_native_password" - defaultMaxAllowedPacket = 4 << 20 // 4 MiB + defaultMaxAllowedPacket = 64 << 20 // 64 MiB. See https://github.com/go-sql-driver/mysql/issues/1355 minProtocolVersion = 10 maxPacketSize = 1<<24 - 1 timeFormat = "2006-01-02 15:04:05.999999" diff --git a/vendor/github.com/go-sql-driver/mysql/driver.go b/vendor/github.com/go-sql-driver/mysql/driver.go index c1bdf1199..ad7aec215 100644 --- a/vendor/github.com/go-sql-driver/mysql/driver.go +++ b/vendor/github.com/go-sql-driver/mysql/driver.go @@ -8,10 +8,10 @@ // // The driver should be used via the database/sql package: // -// import "database/sql" -// import _ "github.com/go-sql-driver/mysql" +// import "database/sql" +// import _ "github.com/go-sql-driver/mysql" // -// db, err := sql.Open("mysql", "user:password@/dbname") +// db, err := sql.Open("mysql", "user:password@/dbname") // // See https://github.com/go-sql-driver/mysql#usage for details package mysql diff --git a/vendor/github.com/go-sql-driver/mysql/dsn.go b/vendor/github.com/go-sql-driver/mysql/dsn.go index 93f3548cb..4b71aaab0 100644 --- a/vendor/github.com/go-sql-driver/mysql/dsn.go +++ b/vendor/github.com/go-sql-driver/mysql/dsn.go @@ -46,22 +46,23 @@ type Config struct { ServerPubKey string // Server public key name pubKey *rsa.PublicKey // Server public key TLSConfig string // TLS configuration name - tls *tls.Config // TLS configuration + TLS *tls.Config // TLS configuration, its priority is higher than TLSConfig Timeout time.Duration // Dial timeout ReadTimeout time.Duration // I/O read timeout WriteTimeout time.Duration // I/O write timeout - AllowAllFiles bool // Allow all files to be used with LOAD DATA LOCAL INFILE - AllowCleartextPasswords bool // Allows the cleartext client side plugin - AllowNativePasswords bool // Allows the native password authentication method - AllowOldPasswords bool // Allows the old insecure password method - CheckConnLiveness bool // Check connections for liveness before using them - ClientFoundRows bool // Return number of matching rows instead of rows changed - ColumnsWithAlias bool // Prepend table alias to column names - InterpolateParams bool // Interpolate placeholders into query string - MultiStatements bool // Allow multiple statements in one query - ParseTime bool // Parse time values to time.Time - RejectReadOnly bool // Reject read-only connections + AllowAllFiles bool // Allow all files to be used with LOAD DATA LOCAL INFILE + AllowCleartextPasswords bool // Allows the cleartext client side plugin + AllowFallbackToPlaintext bool // Allows fallback to unencrypted connection if server does not support TLS + AllowNativePasswords bool // Allows the native password authentication method + AllowOldPasswords bool // Allows the old insecure password method + CheckConnLiveness bool // Check connections for liveness before using them + ClientFoundRows bool // Return number of matching rows instead of rows changed + ColumnsWithAlias bool // Prepend table alias to column names + InterpolateParams bool // Interpolate placeholders into query string + MultiStatements bool // Allow multiple statements in one query + ParseTime bool // Parse time values to time.Time + RejectReadOnly bool // Reject read-only connections } // NewConfig creates a new Config and sets default values. @@ -77,8 +78,8 @@ func NewConfig() *Config { func (cfg *Config) Clone() *Config { cp := *cfg - if cp.tls != nil { - cp.tls = cfg.tls.Clone() + if cp.TLS != nil { + cp.TLS = cfg.TLS.Clone() } if len(cp.Params) > 0 { cp.Params = make(map[string]string, len(cfg.Params)) @@ -119,24 +120,29 @@ func (cfg *Config) normalize() error { cfg.Addr = ensureHavePort(cfg.Addr) } - switch cfg.TLSConfig { - case "false", "": - // don't set anything - case "true": - cfg.tls = &tls.Config{} - case "skip-verify", "preferred": - cfg.tls = &tls.Config{InsecureSkipVerify: true} - default: - cfg.tls = getTLSConfigClone(cfg.TLSConfig) - if cfg.tls == nil { - return errors.New("invalid value / unknown config name: " + cfg.TLSConfig) + if cfg.TLS == nil { + switch cfg.TLSConfig { + case "false", "": + // don't set anything + case "true": + cfg.TLS = &tls.Config{} + case "skip-verify": + cfg.TLS = &tls.Config{InsecureSkipVerify: true} + case "preferred": + cfg.TLS = &tls.Config{InsecureSkipVerify: true} + cfg.AllowFallbackToPlaintext = true + default: + cfg.TLS = getTLSConfigClone(cfg.TLSConfig) + if cfg.TLS == nil { + return errors.New("invalid value / unknown config name: " + cfg.TLSConfig) + } } } - if cfg.tls != nil && cfg.tls.ServerName == "" && !cfg.tls.InsecureSkipVerify { + if cfg.TLS != nil && cfg.TLS.ServerName == "" && !cfg.TLS.InsecureSkipVerify { host, _, err := net.SplitHostPort(cfg.Addr) if err == nil { - cfg.tls.ServerName = host + cfg.TLS.ServerName = host } } @@ -204,6 +210,10 @@ func (cfg *Config) FormatDSN() string { writeDSNParam(&buf, &hasParam, "allowCleartextPasswords", "true") } + if cfg.AllowFallbackToPlaintext { + writeDSNParam(&buf, &hasParam, "allowFallbackToPlaintext", "true") + } + if !cfg.AllowNativePasswords { writeDSNParam(&buf, &hasParam, "allowNativePasswords", "false") } @@ -391,6 +401,14 @@ func parseDSNParams(cfg *Config, params string) (err error) { return errors.New("invalid bool value: " + value) } + // Allow fallback to unencrypted connection if server does not support TLS + case "allowFallbackToPlaintext": + var isBool bool + cfg.AllowFallbackToPlaintext, isBool = readBool(value) + if !isBool { + return errors.New("invalid bool value: " + value) + } + // Use native password authentication case "allowNativePasswords": var isBool bool @@ -426,7 +444,6 @@ func parseDSNParams(cfg *Config, params string) (err error) { // Collation case "collation": cfg.Collation = value - break case "columnsWithAlias": var isBool bool diff --git a/vendor/github.com/go-sql-driver/mysql/errors.go b/vendor/github.com/go-sql-driver/mysql/errors.go index 760782ff2..ff9a8f088 100644 --- a/vendor/github.com/go-sql-driver/mysql/errors.go +++ b/vendor/github.com/go-sql-driver/mysql/errors.go @@ -27,7 +27,7 @@ var ( ErrOldProtocol = errors.New("MySQL server does not support required protocol 41+") ErrPktSync = errors.New("commands out of sync. You can't run this command now") ErrPktSyncMul = errors.New("commands out of sync. Did you run multiple statements at once?") - ErrPktTooLarge = errors.New("packet for query is too large. Try adjusting the 'max_allowed_packet' variable on the server") + ErrPktTooLarge = errors.New("packet for query is too large. Try adjusting the `Config.MaxAllowedPacket`") ErrBusyBuffer = errors.New("busy buffer") // errBadConnNoWrite is used for connection errors where nothing was sent to the database yet. @@ -56,10 +56,22 @@ func SetLogger(logger Logger) error { // MySQLError is an error type which represents a single MySQL error type MySQLError struct { - Number uint16 - Message string + Number uint16 + SQLState [5]byte + Message string } func (me *MySQLError) Error() string { + if me.SQLState != [5]byte{} { + return fmt.Sprintf("Error %d (%s): %s", me.Number, me.SQLState, me.Message) + } + return fmt.Sprintf("Error %d: %s", me.Number, me.Message) } + +func (me *MySQLError) Is(err error) bool { + if merr, ok := err.(*MySQLError); ok { + return merr.Number == me.Number + } + return false +} diff --git a/vendor/github.com/go-sql-driver/mysql/fields.go b/vendor/github.com/go-sql-driver/mysql/fields.go index ed6c7a37d..e0654a83d 100644 --- a/vendor/github.com/go-sql-driver/mysql/fields.go +++ b/vendor/github.com/go-sql-driver/mysql/fields.go @@ -41,6 +41,9 @@ func (mf *mysqlField) typeDatabaseName() string { case fieldTypeJSON: return "JSON" case fieldTypeLong: + if mf.flags&flagUnsigned != 0 { + return "UNSIGNED INT" + } return "INT" case fieldTypeLongBLOB: if mf.charSet != collations[binaryCollation] { @@ -48,6 +51,9 @@ func (mf *mysqlField) typeDatabaseName() string { } return "LONGBLOB" case fieldTypeLongLong: + if mf.flags&flagUnsigned != 0 { + return "UNSIGNED BIGINT" + } return "BIGINT" case fieldTypeMediumBLOB: if mf.charSet != collations[binaryCollation] { @@ -63,6 +69,9 @@ func (mf *mysqlField) typeDatabaseName() string { case fieldTypeSet: return "SET" case fieldTypeShort: + if mf.flags&flagUnsigned != 0 { + return "UNSIGNED SMALLINT" + } return "SMALLINT" case fieldTypeString: if mf.charSet == collations[binaryCollation] { @@ -74,6 +83,9 @@ func (mf *mysqlField) typeDatabaseName() string { case fieldTypeTimestamp: return "TIMESTAMP" case fieldTypeTiny: + if mf.flags&flagUnsigned != 0 { + return "UNSIGNED TINYINT" + } return "TINYINT" case fieldTypeTinyBLOB: if mf.charSet != collations[binaryCollation] { @@ -106,7 +118,7 @@ var ( scanTypeInt64 = reflect.TypeOf(int64(0)) scanTypeNullFloat = reflect.TypeOf(sql.NullFloat64{}) scanTypeNullInt = reflect.TypeOf(sql.NullInt64{}) - scanTypeNullTime = reflect.TypeOf(nullTime{}) + scanTypeNullTime = reflect.TypeOf(sql.NullTime{}) scanTypeUint8 = reflect.TypeOf(uint8(0)) scanTypeUint16 = reflect.TypeOf(uint16(0)) scanTypeUint32 = reflect.TypeOf(uint32(0)) diff --git a/vendor/github.com/go-sql-driver/mysql/fuzz.go b/vendor/github.com/go-sql-driver/mysql/fuzz.go index fa75adf6a..3a4ec25a9 100644 --- a/vendor/github.com/go-sql-driver/mysql/fuzz.go +++ b/vendor/github.com/go-sql-driver/mysql/fuzz.go @@ -6,6 +6,7 @@ // License, v. 2.0. If a copy of the MPL was not distributed with this file, // You can obtain one at http://mozilla.org/MPL/2.0/. +//go:build gofuzz // +build gofuzz package mysql diff --git a/vendor/github.com/go-sql-driver/mysql/infile.go b/vendor/github.com/go-sql-driver/mysql/infile.go index 60effdfc2..3279dcffd 100644 --- a/vendor/github.com/go-sql-driver/mysql/infile.go +++ b/vendor/github.com/go-sql-driver/mysql/infile.go @@ -28,12 +28,11 @@ var ( // Alternatively you can allow the use of all local files with // the DSN parameter 'allowAllFiles=true' // -// filePath := "/home/gopher/data.csv" -// mysql.RegisterLocalFile(filePath) -// err := db.Exec("LOAD DATA LOCAL INFILE '" + filePath + "' INTO TABLE foo") -// if err != nil { -// ... -// +// filePath := "/home/gopher/data.csv" +// mysql.RegisterLocalFile(filePath) +// err := db.Exec("LOAD DATA LOCAL INFILE '" + filePath + "' INTO TABLE foo") +// if err != nil { +// ... func RegisterLocalFile(filePath string) { fileRegisterLock.Lock() // lazy map init @@ -58,15 +57,14 @@ func DeregisterLocalFile(filePath string) { // If the handler returns a io.ReadCloser Close() is called when the // request is finished. // -// mysql.RegisterReaderHandler("data", func() io.Reader { -// var csvReader io.Reader // Some Reader that returns CSV data -// ... // Open Reader here -// return csvReader -// }) -// err := db.Exec("LOAD DATA LOCAL INFILE 'Reader::data' INTO TABLE foo") -// if err != nil { -// ... -// +// mysql.RegisterReaderHandler("data", func() io.Reader { +// var csvReader io.Reader // Some Reader that returns CSV data +// ... // Open Reader here +// return csvReader +// }) +// err := db.Exec("LOAD DATA LOCAL INFILE 'Reader::data' INTO TABLE foo") +// if err != nil { +// ... func RegisterReaderHandler(name string, handler func() io.Reader) { readerRegisterLock.Lock() // lazy map init @@ -93,10 +91,12 @@ func deferredClose(err *error, closer io.Closer) { } } +const defaultPacketSize = 16 * 1024 // 16KB is small enough for disk readahead and large enough for TCP + func (mc *mysqlConn) handleInFileRequest(name string) (err error) { var rdr io.Reader var data []byte - packetSize := 16 * 1024 // 16KB is small enough for disk readahead and large enough for TCP + packetSize := defaultPacketSize if mc.maxWriteSize < packetSize { packetSize = mc.maxWriteSize } diff --git a/vendor/github.com/go-sql-driver/mysql/nulltime.go b/vendor/github.com/go-sql-driver/mysql/nulltime.go index 651723a96..36c8a42c5 100644 --- a/vendor/github.com/go-sql-driver/mysql/nulltime.go +++ b/vendor/github.com/go-sql-driver/mysql/nulltime.go @@ -9,11 +9,32 @@ package mysql import ( + "database/sql" "database/sql/driver" "fmt" "time" ) +// NullTime represents a time.Time that may be NULL. +// NullTime implements the Scanner interface so +// it can be used as a scan destination: +// +// var nt NullTime +// err := db.QueryRow("SELECT time FROM foo WHERE id=?", id).Scan(&nt) +// ... +// if nt.Valid { +// // use nt.Time +// } else { +// // NULL value +// } +// +// # This NullTime implementation is not driver-specific +// +// Deprecated: NullTime doesn't honor the loc DSN parameter. +// NullTime.Scan interprets a time as UTC, not the loc DSN parameter. +// Use sql.NullTime instead. +type NullTime sql.NullTime + // Scan implements the Scanner interface. // The value type must be time.Time or string / []byte (formatted time-string), // otherwise Scan fails. diff --git a/vendor/github.com/go-sql-driver/mysql/nulltime_go113.go b/vendor/github.com/go-sql-driver/mysql/nulltime_go113.go deleted file mode 100644 index 453b4b394..000000000 --- a/vendor/github.com/go-sql-driver/mysql/nulltime_go113.go +++ /dev/null @@ -1,40 +0,0 @@ -// Go MySQL Driver - A MySQL-Driver for Go's database/sql package -// -// Copyright 2013 The Go-MySQL-Driver Authors. All rights reserved. -// -// This Source Code Form is subject to the terms of the Mozilla Public -// License, v. 2.0. If a copy of the MPL was not distributed with this file, -// You can obtain one at http://mozilla.org/MPL/2.0/. - -// +build go1.13 - -package mysql - -import ( - "database/sql" -) - -// NullTime represents a time.Time that may be NULL. -// NullTime implements the Scanner interface so -// it can be used as a scan destination: -// -// var nt NullTime -// err := db.QueryRow("SELECT time FROM foo WHERE id=?", id).Scan(&nt) -// ... -// if nt.Valid { -// // use nt.Time -// } else { -// // NULL value -// } -// -// This NullTime implementation is not driver-specific -// -// Deprecated: NullTime doesn't honor the loc DSN parameter. -// NullTime.Scan interprets a time as UTC, not the loc DSN parameter. -// Use sql.NullTime instead. -type NullTime sql.NullTime - -// for internal use. -// the mysql package uses sql.NullTime if it is available. -// if not, the package uses mysql.NullTime. -type nullTime = sql.NullTime // sql.NullTime is available diff --git a/vendor/github.com/go-sql-driver/mysql/nulltime_legacy.go b/vendor/github.com/go-sql-driver/mysql/nulltime_legacy.go deleted file mode 100644 index 9f7ae27a8..000000000 --- a/vendor/github.com/go-sql-driver/mysql/nulltime_legacy.go +++ /dev/null @@ -1,39 +0,0 @@ -// Go MySQL Driver - A MySQL-Driver for Go's database/sql package -// -// Copyright 2013 The Go-MySQL-Driver Authors. All rights reserved. -// -// This Source Code Form is subject to the terms of the Mozilla Public -// License, v. 2.0. If a copy of the MPL was not distributed with this file, -// You can obtain one at http://mozilla.org/MPL/2.0/. - -// +build !go1.13 - -package mysql - -import ( - "time" -) - -// NullTime represents a time.Time that may be NULL. -// NullTime implements the Scanner interface so -// it can be used as a scan destination: -// -// var nt NullTime -// err := db.QueryRow("SELECT time FROM foo WHERE id=?", id).Scan(&nt) -// ... -// if nt.Valid { -// // use nt.Time -// } else { -// // NULL value -// } -// -// This NullTime implementation is not driver-specific -type NullTime struct { - Time time.Time - Valid bool // Valid is true if Time is not NULL -} - -// for internal use. -// the mysql package uses sql.NullTime if it is available. -// if not, the package uses mysql.NullTime. -type nullTime = NullTime // sql.NullTime is not available diff --git a/vendor/github.com/go-sql-driver/mysql/packets.go b/vendor/github.com/go-sql-driver/mysql/packets.go index 6664e5ae5..ee05c95a8 100644 --- a/vendor/github.com/go-sql-driver/mysql/packets.go +++ b/vendor/github.com/go-sql-driver/mysql/packets.go @@ -110,14 +110,13 @@ func (mc *mysqlConn) writePacket(data []byte) error { conn = mc.rawConn } var err error - // If this connection has a ReadTimeout which we've been setting on - // reads, reset it to its default value before we attempt a non-blocking - // read, otherwise the scheduler will just time us out before we can read - if mc.cfg.ReadTimeout != 0 { - err = conn.SetReadDeadline(time.Time{}) - } - if err == nil && mc.cfg.CheckConnLiveness { - err = connCheck(conn) + if mc.cfg.CheckConnLiveness { + if mc.cfg.ReadTimeout != 0 { + err = conn.SetReadDeadline(time.Now().Add(mc.cfg.ReadTimeout)) + } + if err == nil { + err = connCheck(conn) + } } if err != nil { errLog.Print("closing bad idle connection: ", err) @@ -223,9 +222,9 @@ func (mc *mysqlConn) readHandshakePacket() (data []byte, plugin string, err erro if mc.flags&clientProtocol41 == 0 { return nil, "", ErrOldProtocol } - if mc.flags&clientSSL == 0 && mc.cfg.tls != nil { - if mc.cfg.TLSConfig == "preferred" { - mc.cfg.tls = nil + if mc.flags&clientSSL == 0 && mc.cfg.TLS != nil { + if mc.cfg.AllowFallbackToPlaintext { + mc.cfg.TLS = nil } else { return nil, "", ErrNoTLS } @@ -293,7 +292,7 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string } // To enable TLS / SSL - if mc.cfg.tls != nil { + if mc.cfg.TLS != nil { clientFlags |= clientSSL } @@ -357,14 +356,14 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string // SSL Connection Request Packet // http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::SSLRequest - if mc.cfg.tls != nil { + if mc.cfg.TLS != nil { // Send TLS / SSL request packet if err := mc.writePacket(data[:(4+4+1+23)+4]); err != nil { return err } // Switch to TLS - tlsConn := tls.Client(mc.netConn, mc.cfg.tls) + tlsConn := tls.Client(mc.netConn, mc.cfg.TLS) if err := tlsConn.Handshake(); err != nil { return err } @@ -588,19 +587,20 @@ func (mc *mysqlConn) handleErrorPacket(data []byte) error { return driver.ErrBadConn } + me := &MySQLError{Number: errno} + pos := 3 // SQL State [optional: # + 5bytes string] if data[3] == 0x23 { - //sqlstate := string(data[4 : 4+5]) + copy(me.SQLState[:], data[4:4+5]) pos = 9 } // Error Message [string] - return &MySQLError{ - Number: errno, - Message: string(data[pos:]), - } + me.Message = string(data[pos:]) + + return me } func readStatus(b []byte) statusFlag { @@ -761,40 +761,40 @@ func (rows *textRows) readRow(dest []driver.Value) error { } // RowSet Packet - var n int - var isNull bool - pos := 0 + var ( + n int + isNull bool + pos int = 0 + ) for i := range dest { // Read bytes and convert to string dest[i], isNull, n, err = readLengthEncodedString(data[pos:]) pos += n - if err == nil { - if !isNull { - if !mc.parseTime { - continue - } else { - switch rows.rs.columns[i].fieldType { - case fieldTypeTimestamp, fieldTypeDateTime, - fieldTypeDate, fieldTypeNewDate: - dest[i], err = parseDateTime( - dest[i].([]byte), - mc.cfg.Loc, - ) - if err == nil { - continue - } - default: - continue - } - } - } else { - dest[i] = nil - continue + if err != nil { + return err + } + + if isNull { + dest[i] = nil + continue + } + + if !mc.parseTime { + continue + } + + // Parse time field + switch rows.rs.columns[i].fieldType { + case fieldTypeTimestamp, + fieldTypeDateTime, + fieldTypeDate, + fieldTypeNewDate: + if dest[i], err = parseDateTime(dest[i].([]byte), mc.cfg.Loc); err != nil { + return err } } - return err // err != nil } return nil diff --git a/vendor/github.com/go-sql-driver/mysql/statement.go b/vendor/github.com/go-sql-driver/mysql/statement.go index 18a3ae498..10ece8bd6 100644 --- a/vendor/github.com/go-sql-driver/mysql/statement.go +++ b/vendor/github.com/go-sql-driver/mysql/statement.go @@ -23,7 +23,7 @@ type mysqlStmt struct { } func (stmt *mysqlStmt) Close() error { - if stmt.mc == nil || stmt.mc.closed.IsSet() { + if stmt.mc == nil || stmt.mc.closed.Load() { // driver.Stmt.Close can be called more than once, thus this function // has to be idempotent. // See also Issue #450 and golang/go#16019. @@ -50,7 +50,7 @@ func (stmt *mysqlStmt) CheckNamedValue(nv *driver.NamedValue) (err error) { } func (stmt *mysqlStmt) Exec(args []driver.Value) (driver.Result, error) { - if stmt.mc.closed.IsSet() { + if stmt.mc.closed.Load() { errLog.Print(ErrInvalidConn) return nil, driver.ErrBadConn } @@ -98,7 +98,7 @@ func (stmt *mysqlStmt) Query(args []driver.Value) (driver.Rows, error) { } func (stmt *mysqlStmt) query(args []driver.Value) (*binaryRows, error) { - if stmt.mc.closed.IsSet() { + if stmt.mc.closed.Load() { errLog.Print(ErrInvalidConn) return nil, driver.ErrBadConn } @@ -157,7 +157,7 @@ func (c converter) ConvertValue(v interface{}) (driver.Value, error) { if driver.IsValue(sv) { return sv, nil } - // A value returend from the Valuer interface can be "a type handled by + // A value returned from the Valuer interface can be "a type handled by // a database driver's NamedValueChecker interface" so we should accept // uint64 here as well. if u, ok := sv.(uint64); ok { diff --git a/vendor/github.com/go-sql-driver/mysql/transaction.go b/vendor/github.com/go-sql-driver/mysql/transaction.go index 417d72793..4a4b61001 100644 --- a/vendor/github.com/go-sql-driver/mysql/transaction.go +++ b/vendor/github.com/go-sql-driver/mysql/transaction.go @@ -13,7 +13,7 @@ type mysqlTx struct { } func (tx *mysqlTx) Commit() (err error) { - if tx.mc == nil || tx.mc.closed.IsSet() { + if tx.mc == nil || tx.mc.closed.Load() { return ErrInvalidConn } err = tx.mc.exec("COMMIT") @@ -22,7 +22,7 @@ func (tx *mysqlTx) Commit() (err error) { } func (tx *mysqlTx) Rollback() (err error) { - if tx.mc == nil || tx.mc.closed.IsSet() { + if tx.mc == nil || tx.mc.closed.Load() { return ErrInvalidConn } err = tx.mc.exec("ROLLBACK") diff --git a/vendor/github.com/go-sql-driver/mysql/utils.go b/vendor/github.com/go-sql-driver/mysql/utils.go index d6545f5be..15dbd8d16 100644 --- a/vendor/github.com/go-sql-driver/mysql/utils.go +++ b/vendor/github.com/go-sql-driver/mysql/utils.go @@ -35,26 +35,25 @@ var ( // Note: The provided tls.Config is exclusively owned by the driver after // registering it. // -// rootCertPool := x509.NewCertPool() -// pem, err := ioutil.ReadFile("/path/ca-cert.pem") -// if err != nil { -// log.Fatal(err) -// } -// if ok := rootCertPool.AppendCertsFromPEM(pem); !ok { -// log.Fatal("Failed to append PEM.") -// } -// clientCert := make([]tls.Certificate, 0, 1) -// certs, err := tls.LoadX509KeyPair("/path/client-cert.pem", "/path/client-key.pem") -// if err != nil { -// log.Fatal(err) -// } -// clientCert = append(clientCert, certs) -// mysql.RegisterTLSConfig("custom", &tls.Config{ -// RootCAs: rootCertPool, -// Certificates: clientCert, -// }) -// db, err := sql.Open("mysql", "user@tcp(localhost:3306)/test?tls=custom") -// +// rootCertPool := x509.NewCertPool() +// pem, err := ioutil.ReadFile("/path/ca-cert.pem") +// if err != nil { +// log.Fatal(err) +// } +// if ok := rootCertPool.AppendCertsFromPEM(pem); !ok { +// log.Fatal("Failed to append PEM.") +// } +// clientCert := make([]tls.Certificate, 0, 1) +// certs, err := tls.LoadX509KeyPair("/path/client-cert.pem", "/path/client-key.pem") +// if err != nil { +// log.Fatal(err) +// } +// clientCert = append(clientCert, certs) +// mysql.RegisterTLSConfig("custom", &tls.Config{ +// RootCAs: rootCertPool, +// Certificates: clientCert, +// }) +// db, err := sql.Open("mysql", "user@tcp(localhost:3306)/test?tls=custom") func RegisterTLSConfig(key string, config *tls.Config) error { if _, isBool := readBool(key); isBool || strings.ToLower(key) == "skip-verify" || strings.ToLower(key) == "preferred" { return fmt.Errorf("key '%s' is reserved", key) @@ -118,10 +117,6 @@ func parseDateTime(b []byte, loc *time.Location) (time.Time, error) { if err != nil { return time.Time{}, err } - if year <= 0 { - year = 1 - } - if b[4] != '-' { return time.Time{}, fmt.Errorf("bad value for field: `%c`", b[4]) } @@ -130,9 +125,6 @@ func parseDateTime(b []byte, loc *time.Location) (time.Time, error) { if err != nil { return time.Time{}, err } - if m <= 0 { - m = 1 - } month := time.Month(m) if b[7] != '-' { @@ -143,9 +135,6 @@ func parseDateTime(b []byte, loc *time.Location) (time.Time, error) { if err != nil { return time.Time{}, err } - if day <= 0 { - day = 1 - } if len(b) == 10 { return time.Date(year, month, day, 0, 0, 0, 0, loc), nil } @@ -199,7 +188,7 @@ func parseByteYear(b []byte) (int, error) { return 0, err } year += v * n - n = n / 10 + n /= 10 } return year, nil } @@ -542,7 +531,7 @@ func stringToInt(b []byte) int { return val } -// returns the string read as a bytes slice, wheter the value is NULL, +// returns the string read as a bytes slice, whether the value is NULL, // the number of bytes read and an error, in case the string is longer than // the input slice func readLengthEncodedString(b []byte) ([]byte, bool, int, error) { @@ -652,32 +641,32 @@ func escapeBytesBackslash(buf, v []byte) []byte { for _, c := range v { switch c { case '\x00': - buf[pos] = '\\' buf[pos+1] = '0' + buf[pos] = '\\' pos += 2 case '\n': - buf[pos] = '\\' buf[pos+1] = 'n' + buf[pos] = '\\' pos += 2 case '\r': - buf[pos] = '\\' buf[pos+1] = 'r' + buf[pos] = '\\' pos += 2 case '\x1a': - buf[pos] = '\\' buf[pos+1] = 'Z' + buf[pos] = '\\' pos += 2 case '\'': - buf[pos] = '\\' buf[pos+1] = '\'' + buf[pos] = '\\' pos += 2 case '"': - buf[pos] = '\\' buf[pos+1] = '"' + buf[pos] = '\\' pos += 2 case '\\': - buf[pos] = '\\' buf[pos+1] = '\\' + buf[pos] = '\\' pos += 2 default: buf[pos] = c @@ -697,32 +686,32 @@ func escapeStringBackslash(buf []byte, v string) []byte { c := v[i] switch c { case '\x00': - buf[pos] = '\\' buf[pos+1] = '0' + buf[pos] = '\\' pos += 2 case '\n': - buf[pos] = '\\' buf[pos+1] = 'n' + buf[pos] = '\\' pos += 2 case '\r': - buf[pos] = '\\' buf[pos+1] = 'r' + buf[pos] = '\\' pos += 2 case '\x1a': - buf[pos] = '\\' buf[pos+1] = 'Z' + buf[pos] = '\\' pos += 2 case '\'': - buf[pos] = '\\' buf[pos+1] = '\'' + buf[pos] = '\\' pos += 2 case '"': - buf[pos] = '\\' buf[pos+1] = '"' + buf[pos] = '\\' pos += 2 case '\\': - buf[pos] = '\\' buf[pos+1] = '\\' + buf[pos] = '\\' pos += 2 default: buf[pos] = c @@ -744,8 +733,8 @@ func escapeBytesQuotes(buf, v []byte) []byte { for _, c := range v { if c == '\'' { - buf[pos] = '\'' buf[pos+1] = '\'' + buf[pos] = '\'' pos += 2 } else { buf[pos] = c @@ -764,8 +753,8 @@ func escapeStringQuotes(buf []byte, v string) []byte { for i := 0; i < len(v); i++ { c := v[i] if c == '\'' { - buf[pos] = '\'' buf[pos+1] = '\'' + buf[pos] = '\'' pos += 2 } else { buf[pos] = c @@ -790,39 +779,16 @@ type noCopy struct{} // Lock is a no-op used by -copylocks checker from `go vet`. func (*noCopy) Lock() {} -// atomicBool is a wrapper around uint32 for usage as a boolean value with -// atomic access. -type atomicBool struct { - _noCopy noCopy - value uint32 -} - -// IsSet returns whether the current boolean value is true -func (ab *atomicBool) IsSet() bool { - return atomic.LoadUint32(&ab.value) > 0 -} - -// Set sets the value of the bool regardless of the previous value -func (ab *atomicBool) Set(value bool) { - if value { - atomic.StoreUint32(&ab.value, 1) - } else { - atomic.StoreUint32(&ab.value, 0) - } -} - -// TrySet sets the value of the bool and returns whether the value changed -func (ab *atomicBool) TrySet(value bool) bool { - if value { - return atomic.SwapUint32(&ab.value, 1) == 0 - } - return atomic.SwapUint32(&ab.value, 0) > 0 -} +// Unlock is a no-op used by -copylocks checker from `go vet`. +// noCopy should implement sync.Locker from Go 1.11 +// https://github.com/golang/go/commit/c2eba53e7f80df21d51285879d51ab81bcfbf6bc +// https://github.com/golang/go/issues/26165 +func (*noCopy) Unlock() {} // atomicError is a wrapper for atomically accessed error values type atomicError struct { - _noCopy noCopy - value atomic.Value + _ noCopy + value atomic.Value } // Set sets the error value regardless of the previous value. diff --git a/vendor/modules.txt b/vendor/modules.txt index 32a6fe87a..470d38622 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -39,8 +39,8 @@ github.com/getsentry/sentry-go/internal/ratelimit # github.com/go-logr/logr v1.2.0 ## explicit; go 1.16 github.com/go-logr/logr -# github.com/go-sql-driver/mysql v1.6.0 -## explicit; go 1.10 +# github.com/go-sql-driver/mysql v1.7.1 +## explicit; go 1.13 github.com/go-sql-driver/mysql # github.com/golang/protobuf v1.5.3 ## explicit; go 1.9 From be9f3a384d4cfe0f00e54431bfb534c2889bb5ad Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 May 2023 16:07:32 +0000 Subject: [PATCH 18/73] build(deps): bump github.com/lib/pq from 1.10.1 to 1.10.9 Bumps [github.com/lib/pq](https://github.com/lib/pq) from 1.10.1 to 1.10.9. - [Release notes](https://github.com/lib/pq/releases) - [Commits](https://github.com/lib/pq/compare/v1.10.1...v1.10.9) --- updated-dependencies: - dependency-name: github.com/lib/pq dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 +- vendor/github.com/lib/pq/.travis.sh | 73 ----- vendor/github.com/lib/pq/.travis.yml | 45 --- vendor/github.com/lib/pq/README.md | 8 +- vendor/github.com/lib/pq/array.go | 4 +- vendor/github.com/lib/pq/conn.go | 301 ++++++++++++-------- vendor/github.com/lib/pq/conn_go115.go | 8 + vendor/github.com/lib/pq/conn_go18.go | 89 +++++- vendor/github.com/lib/pq/connector.go | 5 + vendor/github.com/lib/pq/copy.go | 149 ++++++---- vendor/github.com/lib/pq/encode.go | 24 +- vendor/github.com/lib/pq/error.go | 19 +- vendor/github.com/lib/pq/notice.go | 1 + vendor/github.com/lib/pq/ssl.go | 11 + vendor/github.com/lib/pq/ssl_permissions.go | 81 +++++- vendor/github.com/lib/pq/ssl_windows.go | 1 + vendor/github.com/lib/pq/user_other.go | 10 + vendor/github.com/lib/pq/user_posix.go | 3 +- vendor/modules.txt | 2 +- 20 files changed, 521 insertions(+), 319 deletions(-) delete mode 100644 vendor/github.com/lib/pq/.travis.sh delete mode 100644 vendor/github.com/lib/pq/.travis.yml create mode 100644 vendor/github.com/lib/pq/conn_go115.go create mode 100644 vendor/github.com/lib/pq/user_other.go diff --git a/go.mod b/go.mod index 556a3d355..c2d672229 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/jmhodges/clock v1.2.0 github.com/jmoiron/sqlx v1.3.5 github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46 - github.com/lib/pq v1.10.1 + github.com/lib/pq v1.10.9 github.com/mattn/go-sqlite3 v1.14.15 github.com/prometheus/client_golang v1.15.1 github.com/stretchr/testify v1.8.0 diff --git a/go.sum b/go.sum index ca331aeae..b6437e7f3 100644 --- a/go.sum +++ b/go.sum @@ -229,8 +229,8 @@ github.com/kylelemons/go-gypsy v1.0.0/go.mod h1:chkXM0zjdpXOiqkCW1XcCHDfjfk14PH2 github.com/labstack/echo/v4 v4.1.11/go.mod h1:i541M3Fj6f76NZtHSj7TXnyM8n2gaodfvfxNnFqi74g= github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k= github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= -github.com/lib/pq v1.10.1 h1:6VXZrLU0jHBYyAqrSPa+MgPfnSvTPuMgK+k0o5kVFWo= -github.com/lib/pq v1.10.1/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= +github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw= +github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= diff --git a/vendor/github.com/lib/pq/.travis.sh b/vendor/github.com/lib/pq/.travis.sh deleted file mode 100644 index ebf447030..000000000 --- a/vendor/github.com/lib/pq/.travis.sh +++ /dev/null @@ -1,73 +0,0 @@ -#!/bin/bash - -set -eu - -client_configure() { - sudo chmod 600 $PQSSLCERTTEST_PATH/postgresql.key -} - -pgdg_repository() { - local sourcelist='sources.list.d/postgresql.list' - - curl -sS 'https://www.postgresql.org/media/keys/ACCC4CF8.asc' | sudo apt-key add - - echo deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main $PGVERSION | sudo tee "/etc/apt/$sourcelist" - sudo apt-get -o Dir::Etc::sourcelist="$sourcelist" -o Dir::Etc::sourceparts='-' -o APT::Get::List-Cleanup='0' update -} - -postgresql_configure() { - sudo tee /etc/postgresql/$PGVERSION/main/pg_hba.conf > /dev/null <<-config - local all all trust - hostnossl all pqgossltest 127.0.0.1/32 reject - hostnossl all pqgosslcert 127.0.0.1/32 reject - hostssl all pqgossltest 127.0.0.1/32 trust - hostssl all pqgosslcert 127.0.0.1/32 cert - host all all 127.0.0.1/32 trust - hostnossl all pqgossltest ::1/128 reject - hostnossl all pqgosslcert ::1/128 reject - hostssl all pqgossltest ::1/128 trust - hostssl all pqgosslcert ::1/128 cert - host all all ::1/128 trust - config - - xargs sudo install -o postgres -g postgres -m 600 -t /var/lib/postgresql/$PGVERSION/main/ <<-certificates - certs/root.crt - certs/server.crt - certs/server.key - certificates - - sort -VCu <<-versions || - $PGVERSION - 9.2 - versions - sudo tee -a /etc/postgresql/$PGVERSION/main/postgresql.conf > /dev/null <<-config - ssl_ca_file = 'root.crt' - ssl_cert_file = 'server.crt' - ssl_key_file = 'server.key' - config - - echo 127.0.0.1 postgres | sudo tee -a /etc/hosts > /dev/null - - sudo service postgresql restart -} - -postgresql_install() { - xargs sudo apt-get -y -o Dpkg::Options::='--force-confdef' -o Dpkg::Options::='--force-confnew' install <<-packages - postgresql-$PGVERSION - postgresql-server-dev-$PGVERSION - postgresql-contrib-$PGVERSION - packages -} - -postgresql_uninstall() { - sudo service postgresql stop - xargs sudo apt-get -y --purge remove <<-packages - libpq-dev - libpq5 - postgresql - postgresql-client-common - postgresql-common - packages - sudo rm -rf /var/lib/postgresql -} - -$1 diff --git a/vendor/github.com/lib/pq/.travis.yml b/vendor/github.com/lib/pq/.travis.yml deleted file mode 100644 index f378207f2..000000000 --- a/vendor/github.com/lib/pq/.travis.yml +++ /dev/null @@ -1,45 +0,0 @@ -language: go - -go: - - 1.14.x - - 1.15.x - - master - -sudo: true - -env: - global: - - PGUSER=postgres - - PQGOSSLTESTS=1 - - PQSSLCERTTEST_PATH=$PWD/certs - - PGHOST=127.0.0.1 - - GODEBUG=x509ignoreCN=0 - matrix: - - PGVERSION=10 - - PGVERSION=9.6 - - PGVERSION=9.5 - - PGVERSION=9.4 - -before_install: - - ./.travis.sh postgresql_uninstall - - ./.travis.sh pgdg_repository - - ./.travis.sh postgresql_install - - ./.travis.sh postgresql_configure - - ./.travis.sh client_configure - - go get golang.org/x/tools/cmd/goimports - - go get golang.org/x/lint/golint - - GO111MODULE=on go get honnef.co/go/tools/cmd/staticcheck@2020.1.3 - -before_script: - - createdb pqgotest - - createuser -DRS pqgossltest - - createuser -DRS pqgosslcert - -script: - - > - goimports -d -e $(find -name '*.go') | awk '{ print } END { exit NR == 0 ? 0 : 1 }' - - go vet ./... - - staticcheck -go 1.13 ./... - - golint ./... - - PQTEST_BINARY_PARAMETERS=no go test -race -v ./... - - PQTEST_BINARY_PARAMETERS=yes go test -race -v ./... diff --git a/vendor/github.com/lib/pq/README.md b/vendor/github.com/lib/pq/README.md index c972a86a5..126ee5d35 100644 --- a/vendor/github.com/lib/pq/README.md +++ b/vendor/github.com/lib/pq/README.md @@ -27,4 +27,10 @@ ## Status -This package is effectively in maintenance mode and is not actively developed. Small patches and features are only rarely reviewed and merged. We recommend using [pgx](https://github.com/jackc/pgx) which is actively maintained. +This package is currently in maintenance mode, which means: +1. It generally does not accept new features. +2. It does accept bug fixes and version compatability changes provided by the community. +3. Maintainers usually do not resolve reported issues. +4. Community members are encouraged to help each other with reported issues. + +For users that require new features or reliable resolution of reported bugs, we recommend using [pgx](https://github.com/jackc/pgx) which is under active development. diff --git a/vendor/github.com/lib/pq/array.go b/vendor/github.com/lib/pq/array.go index 7806a31f3..39c8f7e2e 100644 --- a/vendor/github.com/lib/pq/array.go +++ b/vendor/github.com/lib/pq/array.go @@ -587,8 +587,8 @@ func (a *Int32Array) scanBytes(src []byte) error { } else { b := make(Int32Array, len(elems)) for i, v := range elems { - var x int - if x, err = strconv.Atoi(string(v)); err != nil { + x, err := strconv.ParseInt(string(v), 10, 32) + if err != nil { return fmt.Errorf("pq: parsing array element index %d: %v", i, err) } b[i] = int32(x) diff --git a/vendor/github.com/lib/pq/conn.go b/vendor/github.com/lib/pq/conn.go index b09a17047..da4ff9de6 100644 --- a/vendor/github.com/lib/pq/conn.go +++ b/vendor/github.com/lib/pq/conn.go @@ -2,6 +2,7 @@ package pq import ( "bufio" + "bytes" "context" "crypto/md5" "crypto/sha256" @@ -18,7 +19,7 @@ import ( "path/filepath" "strconv" "strings" - "sync/atomic" + "sync" "time" "unicode" @@ -31,8 +32,10 @@ var ( ErrNotSupported = errors.New("pq: Unsupported command") ErrInFailedTransaction = errors.New("pq: Could not complete operation in a failed transaction") ErrSSLNotSupported = errors.New("pq: SSL is not enabled on the server") - ErrSSLKeyHasWorldPermissions = errors.New("pq: Private key file has group or world access. Permissions should be u=rw (0600) or less") - ErrCouldNotDetectUsername = errors.New("pq: Could not detect default username. Please provide one explicitly") + ErrSSLKeyUnknownOwnership = errors.New("pq: Could not get owner information for private key, may not be properly protected") + ErrSSLKeyHasWorldPermissions = errors.New("pq: Private key has world access. Permissions should be u=rw,g=r (0640) if owned by root, or u=rw (0600), or less") + + ErrCouldNotDetectUsername = errors.New("pq: Could not detect default username. Please provide one explicitly") errUnexpectedReady = errors.New("unexpected ReadyForQuery") errNoRowsAffected = errors.New("no RowsAffected available after the empty statement") @@ -110,7 +113,9 @@ type defaultDialer struct { func (d defaultDialer) Dial(network, address string) (net.Conn, error) { return d.d.Dial(network, address) } -func (d defaultDialer) DialTimeout(network, address string, timeout time.Duration) (net.Conn, error) { +func (d defaultDialer) DialTimeout( + network, address string, timeout time.Duration, +) (net.Conn, error) { ctx, cancel := context.WithTimeout(context.Background(), timeout) defer cancel() return d.DialContext(ctx, network, address) @@ -140,9 +145,10 @@ type conn struct { saveMessageType byte saveMessageBuffer []byte - // If true, this connection is bad and all public-facing functions should - // return ErrBadConn. - bad *atomic.Value + // If an error is set, this connection is bad and all public-facing + // functions should return the appropriate error by calling get() + // (ErrBadConn) or getForNext(). + err syncErr // If set, this connection should never use the binary format when // receiving query results from prepared statements. Only provided for @@ -166,6 +172,40 @@ type conn struct { gss GSS } +type syncErr struct { + err error + sync.Mutex +} + +// Return ErrBadConn if connection is bad. +func (e *syncErr) get() error { + e.Lock() + defer e.Unlock() + if e.err != nil { + return driver.ErrBadConn + } + return nil +} + +// Return the error set on the connection. Currently only used by rows.Next. +func (e *syncErr) getForNext() error { + e.Lock() + defer e.Unlock() + return e.err +} + +// Set error, only if it isn't set yet. +func (e *syncErr) set(err error) { + if err == nil { + panic("attempt to set nil err") + } + e.Lock() + defer e.Unlock() + if e.err == nil { + e.err = err + } +} + // Handle driver-side settings in parsed connection string. func (cn *conn) handleDriverSettings(o values) (err error) { boolSetting := func(key string, val *bool) error { @@ -223,47 +263,56 @@ func (cn *conn) handlePgpass(o values) { } defer file.Close() scanner := bufio.NewScanner(io.Reader(file)) + // From: https://github.com/tg/pgpass/blob/master/reader.go + for scanner.Scan() { + if scanText(scanner.Text(), o) { + break + } + } +} + +// GetFields is a helper function for scanText. +func getFields(s string) []string { + fs := make([]string, 0, 5) + f := make([]rune, 0, len(s)) + + var esc bool + for _, c := range s { + switch { + case esc: + f = append(f, c) + esc = false + case c == '\\': + esc = true + case c == ':': + fs = append(fs, string(f)) + f = f[:0] + default: + f = append(f, c) + } + } + return append(fs, string(f)) +} + +// ScanText assists HandlePgpass in it's objective. +func scanText(line string, o values) bool { hostname := o["host"] ntw, _ := network(o) port := o["port"] db := o["dbname"] username := o["user"] - // From: https://github.com/tg/pgpass/blob/master/reader.go - getFields := func(s string) []string { - fs := make([]string, 0, 5) - f := make([]rune, 0, len(s)) - - var esc bool - for _, c := range s { - switch { - case esc: - f = append(f, c) - esc = false - case c == '\\': - esc = true - case c == ':': - fs = append(fs, string(f)) - f = f[:0] - default: - f = append(f, c) - } - } - return append(fs, string(f)) + if len(line) == 0 || line[0] == '#' { + return false } - for scanner.Scan() { - line := scanner.Text() - if len(line) == 0 || line[0] == '#' { - continue - } - split := getFields(line) - if len(split) != 5 { - continue - } - if (split[0] == "*" || split[0] == hostname || (split[0] == "localhost" && (hostname == "" || ntw == "unix"))) && (split[1] == "*" || split[1] == port) && (split[2] == "*" || split[2] == db) && (split[3] == "*" || split[3] == username) { - o["password"] = split[4] - return - } + split := getFields(line) + if len(split) != 5 { + return false + } + if (split[0] == "*" || split[0] == hostname || (split[0] == "localhost" && (hostname == "" || ntw == "unix"))) && (split[1] == "*" || split[1] == port) && (split[2] == "*" || split[2] == db) && (split[3] == "*" || split[3] == username) { + o["password"] = split[4] + return true } + return false } func (cn *conn) writeBuf(b byte) *writeBuf { @@ -287,7 +336,7 @@ func DialOpen(d Dialer, dsn string) (_ driver.Conn, err error) { if err != nil { return nil, err } - c.dialer = d + c.Dialer(d) return c.open(context.Background()) } @@ -306,12 +355,9 @@ func (c *Connector) open(ctx context.Context) (cn *conn, err error) { o[k] = v } - bad := &atomic.Value{} - bad.Store(false) cn = &conn{ opts: o, dialer: c.dialer, - bad: bad, } err = cn.handleDriverSettings(o) if err != nil { @@ -516,22 +562,9 @@ func (cn *conn) isInTransaction() bool { cn.txnStatus == txnStatusInFailedTransaction } -func (cn *conn) setBad() { - if cn.bad != nil { - cn.bad.Store(true) - } -} - -func (cn *conn) getBad() bool { - if cn.bad != nil { - return cn.bad.Load().(bool) - } - return false -} - func (cn *conn) checkIsInTransaction(intxn bool) { if cn.isInTransaction() != intxn { - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected transaction status %v", cn.txnStatus) } } @@ -541,8 +574,8 @@ func (cn *conn) Begin() (_ driver.Tx, err error) { } func (cn *conn) begin(mode string) (_ driver.Tx, err error) { - if cn.getBad() { - return nil, driver.ErrBadConn + if err := cn.err.get(); err != nil { + return nil, err } defer cn.errRecover(&err) @@ -552,11 +585,11 @@ func (cn *conn) begin(mode string) (_ driver.Tx, err error) { return nil, err } if commandTag != "BEGIN" { - cn.setBad() + cn.err.set(driver.ErrBadConn) return nil, fmt.Errorf("unexpected command tag %s", commandTag) } if cn.txnStatus != txnStatusIdleInTransaction { - cn.setBad() + cn.err.set(driver.ErrBadConn) return nil, fmt.Errorf("unexpected transaction status %v", cn.txnStatus) } return cn, nil @@ -570,8 +603,8 @@ func (cn *conn) closeTxn() { func (cn *conn) Commit() (err error) { defer cn.closeTxn() - if cn.getBad() { - return driver.ErrBadConn + if err := cn.err.get(); err != nil { + return err } defer cn.errRecover(&err) @@ -592,12 +625,12 @@ func (cn *conn) Commit() (err error) { _, commandTag, err := cn.simpleExec("COMMIT") if err != nil { if cn.isInTransaction() { - cn.setBad() + cn.err.set(driver.ErrBadConn) } return err } if commandTag != "COMMIT" { - cn.setBad() + cn.err.set(driver.ErrBadConn) return fmt.Errorf("unexpected command tag %s", commandTag) } cn.checkIsInTransaction(false) @@ -606,8 +639,8 @@ func (cn *conn) Commit() (err error) { func (cn *conn) Rollback() (err error) { defer cn.closeTxn() - if cn.getBad() { - return driver.ErrBadConn + if err := cn.err.get(); err != nil { + return err } defer cn.errRecover(&err) return cn.rollback() @@ -618,7 +651,7 @@ func (cn *conn) rollback() (err error) { _, commandTag, err := cn.simpleExec("ROLLBACK") if err != nil { if cn.isInTransaction() { - cn.setBad() + cn.err.set(driver.ErrBadConn) } return err } @@ -658,7 +691,7 @@ func (cn *conn) simpleExec(q string) (res driver.Result, commandTag string, err case 'T', 'D': // ignore any results default: - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unknown response for simple query: %q", t) } } @@ -680,7 +713,7 @@ func (cn *conn) simpleQuery(q string) (res *rows, err error) { // the user can close, though, to avoid connections from being // leaked. A "rows" with done=true works fine for that purpose. if err != nil { - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected message %q in simple query execution", t) } if res == nil { @@ -707,7 +740,7 @@ func (cn *conn) simpleQuery(q string) (res *rows, err error) { err = parseError(r) case 'D': if res == nil { - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected DataRow in simple query execution") } // the query didn't fail; kick off to Next @@ -722,7 +755,7 @@ func (cn *conn) simpleQuery(q string) (res *rows, err error) { // To work around a bug in QueryRow in Go 1.2 and earlier, wait // until the first DataRow has been received. default: - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unknown response for simple query: %q", t) } } @@ -744,7 +777,9 @@ func (noRows) RowsAffected() (int64, error) { // Decides which column formats to use for a prepared statement. The input is // an array of type oids, one element per result column. -func decideColumnFormats(colTyps []fieldDesc, forceText bool) (colFmts []format, colFmtData []byte) { +func decideColumnFormats( + colTyps []fieldDesc, forceText bool, +) (colFmts []format, colFmtData []byte) { if len(colTyps) == 0 { return nil, colFmtDataAllText } @@ -815,8 +850,8 @@ func (cn *conn) prepareTo(q, stmtName string) *stmt { } func (cn *conn) Prepare(q string) (_ driver.Stmt, err error) { - if cn.getBad() { - return nil, driver.ErrBadConn + if err := cn.err.get(); err != nil { + return nil, err } defer cn.errRecover(&err) @@ -854,8 +889,8 @@ func (cn *conn) Query(query string, args []driver.Value) (driver.Rows, error) { } func (cn *conn) query(query string, args []driver.Value) (_ *rows, err error) { - if cn.getBad() { - return nil, driver.ErrBadConn + if err := cn.err.get(); err != nil { + return nil, err } if cn.inCopy { return nil, errCopyInProgress @@ -888,8 +923,8 @@ func (cn *conn) query(query string, args []driver.Value) (_ *rows, err error) { // Implement the optional "Execer" interface for one-shot queries func (cn *conn) Exec(query string, args []driver.Value) (res driver.Result, err error) { - if cn.getBad() { - return nil, driver.ErrBadConn + if err := cn.err.get(); err != nil { + return nil, err } defer cn.errRecover(&err) @@ -960,7 +995,7 @@ func (cn *conn) sendSimpleMessage(typ byte) (err error) { // the message yourself. func (cn *conn) saveMessage(typ byte, buf *readBuf) { if cn.saveMessageType != 0 { - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected saveMessageType %d", cn.saveMessageType) } cn.saveMessageType = typ @@ -1106,7 +1141,7 @@ func isDriverSetting(key string) bool { return true case "password": return true - case "sslmode", "sslcert", "sslkey", "sslrootcert", "sslinline": + case "sslmode", "sslcert", "sslkey", "sslrootcert", "sslinline", "sslsni": return true case "fallback_application_name": return true @@ -1330,8 +1365,8 @@ func (st *stmt) Close() (err error) { if st.closed { return nil } - if st.cn.getBad() { - return driver.ErrBadConn + if err := st.cn.err.get(); err != nil { + return err } defer st.cn.errRecover(&err) @@ -1344,14 +1379,14 @@ func (st *stmt) Close() (err error) { t, _ := st.cn.recv1() if t != '3' { - st.cn.setBad() + st.cn.err.set(driver.ErrBadConn) errorf("unexpected close response: %q", t) } st.closed = true t, r := st.cn.recv1() if t != 'Z' { - st.cn.setBad() + st.cn.err.set(driver.ErrBadConn) errorf("expected ready for query, but got: %q", t) } st.cn.processReadyForQuery(r) @@ -1360,8 +1395,12 @@ func (st *stmt) Close() (err error) { } func (st *stmt) Query(v []driver.Value) (r driver.Rows, err error) { - if st.cn.getBad() { - return nil, driver.ErrBadConn + return st.query(v) +} + +func (st *stmt) query(v []driver.Value) (r *rows, err error) { + if err := st.cn.err.get(); err != nil { + return nil, err } defer st.cn.errRecover(&err) @@ -1373,8 +1412,8 @@ func (st *stmt) Query(v []driver.Value) (r driver.Rows, err error) { } func (st *stmt) Exec(v []driver.Value) (res driver.Result, err error) { - if st.cn.getBad() { - return nil, driver.ErrBadConn + if err := st.cn.err.get(); err != nil { + return nil, err } defer st.cn.errRecover(&err) @@ -1460,7 +1499,7 @@ func (cn *conn) parseComplete(commandTag string) (driver.Result, string) { if affectedRows == nil && strings.HasPrefix(commandTag, "INSERT ") { parts := strings.Split(commandTag, " ") if len(parts) != 3 { - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected INSERT command tag %s", commandTag) } affectedRows = &parts[len(parts)-1] @@ -1472,7 +1511,7 @@ func (cn *conn) parseComplete(commandTag string) (driver.Result, string) { } n, err := strconv.ParseInt(*affectedRows, 10, 64) if err != nil { - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("could not parse commandTag: %s", err) } return driver.RowsAffected(n), commandTag @@ -1539,8 +1578,8 @@ func (rs *rows) Next(dest []driver.Value) (err error) { } conn := rs.cn - if conn.getBad() { - return driver.ErrBadConn + if err := conn.err.getForNext(); err != nil { + return err } defer conn.errRecover(&err) @@ -1564,7 +1603,7 @@ func (rs *rows) Next(dest []driver.Value) (err error) { case 'D': n := rs.rb.int16() if err != nil { - conn.setBad() + conn.err.set(driver.ErrBadConn) errorf("unexpected DataRow after error %s", err) } if n < len(dest) { @@ -1606,10 +1645,10 @@ func (rs *rows) NextResultSet() error { // QuoteIdentifier quotes an "identifier" (e.g. a table or a column name) to be // used as part of an SQL statement. For example: // -// tblname := "my_table" -// data := "my_data" -// quoted := pq.QuoteIdentifier(tblname) -// err := db.Exec(fmt.Sprintf("INSERT INTO %s VALUES ($1)", quoted), data) +// tblname := "my_table" +// data := "my_data" +// quoted := pq.QuoteIdentifier(tblname) +// err := db.Exec(fmt.Sprintf("INSERT INTO %s VALUES ($1)", quoted), data) // // Any double quotes in name will be escaped. The quoted identifier will be // case sensitive when used in a query. If the input string contains a zero @@ -1622,12 +1661,24 @@ func QuoteIdentifier(name string) string { return `"` + strings.Replace(name, `"`, `""`, -1) + `"` } +// BufferQuoteIdentifier satisfies the same purpose as QuoteIdentifier, but backed by a +// byte buffer. +func BufferQuoteIdentifier(name string, buffer *bytes.Buffer) { + end := strings.IndexRune(name, 0) + if end > -1 { + name = name[:end] + } + buffer.WriteRune('"') + buffer.WriteString(strings.Replace(name, `"`, `""`, -1)) + buffer.WriteRune('"') +} + // QuoteLiteral quotes a 'literal' (e.g. a parameter, often used to pass literal // to DDL and other statements that do not accept parameters) to be used as part // of an SQL statement. For example: // -// exp_date := pq.QuoteLiteral("2023-01-05 15:00:00Z") -// err := db.Exec(fmt.Sprintf("CREATE ROLE my_user VALID UNTIL %s", exp_date)) +// exp_date := pq.QuoteLiteral("2023-01-05 15:00:00Z") +// err := db.Exec(fmt.Sprintf("CREATE ROLE my_user VALID UNTIL %s", exp_date)) // // Any single quotes in name will be escaped. Any backslashes (i.e. "\") will be // replaced by two backslashes (i.e. "\\") and the C-style escape identifier @@ -1758,7 +1809,7 @@ func (cn *conn) readReadyForQuery() { cn.processReadyForQuery(r) return default: - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected message %q; expected ReadyForQuery", t) } } @@ -1778,12 +1829,16 @@ func (cn *conn) readParseResponse() { cn.readReadyForQuery() panic(err) default: - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected Parse response %q", t) } } -func (cn *conn) readStatementDescribeResponse() (paramTyps []oid.Oid, colNames []string, colTyps []fieldDesc) { +func (cn *conn) readStatementDescribeResponse() ( + paramTyps []oid.Oid, + colNames []string, + colTyps []fieldDesc, +) { for { t, r := cn.recv1() switch t { @@ -1803,7 +1858,7 @@ func (cn *conn) readStatementDescribeResponse() (paramTyps []oid.Oid, colNames [ cn.readReadyForQuery() panic(err) default: - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected Describe statement response %q", t) } } @@ -1821,7 +1876,7 @@ func (cn *conn) readPortalDescribeResponse() rowsHeader { cn.readReadyForQuery() panic(err) default: - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected Describe response %q", t) } panic("not reached") @@ -1837,7 +1892,7 @@ func (cn *conn) readBindResponse() { cn.readReadyForQuery() panic(err) default: - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected Bind response %q", t) } } @@ -1864,20 +1919,22 @@ func (cn *conn) postExecuteWorkaround() { cn.saveMessage(t, r) return default: - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected message during extended query execution: %q", t) } } } // Only for Exec(), since we ignore the returned data -func (cn *conn) readExecuteResponse(protocolState string) (res driver.Result, commandTag string, err error) { +func (cn *conn) readExecuteResponse( + protocolState string, +) (res driver.Result, commandTag string, err error) { for { t, r := cn.recv1() switch t { case 'C': if err != nil { - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected CommandComplete after error %s", err) } res, commandTag = cn.parseComplete(r.string()) @@ -1891,7 +1948,7 @@ func (cn *conn) readExecuteResponse(protocolState string) (res driver.Result, co err = parseError(r) case 'T', 'D', 'I': if err != nil { - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unexpected %q after error %s", t, err) } if t == 'I' { @@ -1899,7 +1956,7 @@ func (cn *conn) readExecuteResponse(protocolState string) (res driver.Result, co } // ignore any results default: - cn.setBad() + cn.err.set(driver.ErrBadConn) errorf("unknown %s response: %q", protocolState, t) } } @@ -1995,6 +2052,8 @@ func parseEnviron(env []string) (out map[string]string) { accrue("sslkey") case "PGSSLROOTCERT": accrue("sslrootcert") + case "PGSSLSNI": + accrue("sslsni") case "PGREQUIRESSL", "PGSSLCRL": unsupported() case "PGREQUIREPEER": @@ -2035,3 +2094,19 @@ func alnumLowerASCII(ch rune) rune { } return -1 // discard } + +// The database/sql/driver package says: +// All Conn implementations should implement the following interfaces: Pinger, SessionResetter, and Validator. +var _ driver.Pinger = &conn{} +var _ driver.SessionResetter = &conn{} + +func (cn *conn) ResetSession(ctx context.Context) error { + // Ensure bad connections are reported: From database/sql/driver: + // If a connection is never returned to the connection pool but immediately reused, then + // ResetSession is called prior to reuse but IsValid is not called. + return cn.err.get() +} + +func (cn *conn) IsValid() bool { + return cn.err.get() == nil +} diff --git a/vendor/github.com/lib/pq/conn_go115.go b/vendor/github.com/lib/pq/conn_go115.go new file mode 100644 index 000000000..f4ef030f9 --- /dev/null +++ b/vendor/github.com/lib/pq/conn_go115.go @@ -0,0 +1,8 @@ +//go:build go1.15 +// +build go1.15 + +package pq + +import "database/sql/driver" + +var _ driver.Validator = &conn{} diff --git a/vendor/github.com/lib/pq/conn_go18.go b/vendor/github.com/lib/pq/conn_go18.go index 2b9a9599e..63d4ca6aa 100644 --- a/vendor/github.com/lib/pq/conn_go18.go +++ b/vendor/github.com/lib/pq/conn_go18.go @@ -7,10 +7,13 @@ import ( "fmt" "io" "io/ioutil" - "sync/atomic" "time" ) +const ( + watchCancelDialContextTimeout = time.Second * 10 +) + // Implement the "QueryerContext" interface func (cn *conn) QueryContext(ctx context.Context, query string, args []driver.NamedValue) (driver.Rows, error) { list := make([]driver.Value, len(args)) @@ -43,6 +46,14 @@ func (cn *conn) ExecContext(ctx context.Context, query string, args []driver.Nam return cn.Exec(query, list) } +// Implement the "ConnPrepareContext" interface +func (cn *conn) PrepareContext(ctx context.Context, query string) (driver.Stmt, error) { + if finish := cn.watchCancel(ctx); finish != nil { + defer finish() + } + return cn.Prepare(query) +} + // Implement the "ConnBeginTx" interface func (cn *conn) BeginTx(ctx context.Context, opts driver.TxOptions) (driver.Tx, error) { var mode string @@ -103,13 +114,13 @@ func (cn *conn) watchCancel(ctx context.Context) func() { } // Set the connection state to bad so it does not get reused. - cn.setBad() + cn.err.set(ctx.Err()) // At this point the function level context is canceled, // so it must not be used for the additional network // request to cancel the query. // Create a new context to pass into the dial. - ctxCancel, cancel := context.WithTimeout(context.Background(), time.Second*10) + ctxCancel, cancel := context.WithTimeout(context.Background(), watchCancelDialContextTimeout) defer cancel() _ = cn.cancel(ctxCancel) @@ -119,7 +130,7 @@ func (cn *conn) watchCancel(ctx context.Context) func() { return func() { select { case <-finished: - cn.setBad() + cn.err.set(ctx.Err()) cn.Close() case finished <- struct{}{}: } @@ -145,11 +156,8 @@ func (cn *conn) cancel(ctx context.Context) error { defer c.Close() { - bad := &atomic.Value{} - bad.Store(false) can := conn{ - c: c, - bad: bad, + c: c, } err = can.ssl(o) if err != nil { @@ -172,3 +180,68 @@ func (cn *conn) cancel(ctx context.Context) error { return err } } + +// Implement the "StmtQueryContext" interface +func (st *stmt) QueryContext(ctx context.Context, args []driver.NamedValue) (driver.Rows, error) { + list := make([]driver.Value, len(args)) + for i, nv := range args { + list[i] = nv.Value + } + finish := st.watchCancel(ctx) + r, err := st.query(list) + if err != nil { + if finish != nil { + finish() + } + return nil, err + } + r.finish = finish + return r, nil +} + +// Implement the "StmtExecContext" interface +func (st *stmt) ExecContext(ctx context.Context, args []driver.NamedValue) (driver.Result, error) { + list := make([]driver.Value, len(args)) + for i, nv := range args { + list[i] = nv.Value + } + + if finish := st.watchCancel(ctx); finish != nil { + defer finish() + } + + return st.Exec(list) +} + +// watchCancel is implemented on stmt in order to not mark the parent conn as bad +func (st *stmt) watchCancel(ctx context.Context) func() { + if done := ctx.Done(); done != nil { + finished := make(chan struct{}) + go func() { + select { + case <-done: + // At this point the function level context is canceled, + // so it must not be used for the additional network + // request to cancel the query. + // Create a new context to pass into the dial. + ctxCancel, cancel := context.WithTimeout(context.Background(), watchCancelDialContextTimeout) + defer cancel() + + _ = st.cancel(ctxCancel) + finished <- struct{}{} + case <-finished: + } + }() + return func() { + select { + case <-finished: + case finished <- struct{}{}: + } + } + } + return nil +} + +func (st *stmt) cancel(ctx context.Context) error { + return st.cn.cancel(ctx) +} diff --git a/vendor/github.com/lib/pq/connector.go b/vendor/github.com/lib/pq/connector.go index d7d472615..1145e1225 100644 --- a/vendor/github.com/lib/pq/connector.go +++ b/vendor/github.com/lib/pq/connector.go @@ -27,6 +27,11 @@ func (c *Connector) Connect(ctx context.Context) (driver.Conn, error) { return c.open(ctx) } +// Dialer allows change the dialer used to open connections. +func (c *Connector) Dialer(dialer Dialer) { + c.dialer = dialer +} + // Driver returns the underlying driver of this Connector. func (c *Connector) Driver() driver.Driver { return &Driver{} diff --git a/vendor/github.com/lib/pq/copy.go b/vendor/github.com/lib/pq/copy.go index bb3cbd7b9..a8f16b2b2 100644 --- a/vendor/github.com/lib/pq/copy.go +++ b/vendor/github.com/lib/pq/copy.go @@ -1,6 +1,8 @@ package pq import ( + "bytes" + "context" "database/sql/driver" "encoding/binary" "errors" @@ -19,29 +21,35 @@ var ( // CopyIn creates a COPY FROM statement which can be prepared with // Tx.Prepare(). The target table should be visible in search_path. func CopyIn(table string, columns ...string) string { - stmt := "COPY " + QuoteIdentifier(table) + " (" + buffer := bytes.NewBufferString("COPY ") + BufferQuoteIdentifier(table, buffer) + buffer.WriteString(" (") + makeStmt(buffer, columns...) + return buffer.String() +} + +// MakeStmt makes the stmt string for CopyIn and CopyInSchema. +func makeStmt(buffer *bytes.Buffer, columns ...string) { + //s := bytes.NewBufferString() for i, col := range columns { if i != 0 { - stmt += ", " + buffer.WriteString(", ") } - stmt += QuoteIdentifier(col) + BufferQuoteIdentifier(col, buffer) } - stmt += ") FROM STDIN" - return stmt + buffer.WriteString(") FROM STDIN") } // CopyInSchema creates a COPY FROM statement which can be prepared with // Tx.Prepare(). func CopyInSchema(schema, table string, columns ...string) string { - stmt := "COPY " + QuoteIdentifier(schema) + "." + QuoteIdentifier(table) + " (" - for i, col := range columns { - if i != 0 { - stmt += ", " - } - stmt += QuoteIdentifier(col) - } - stmt += ") FROM STDIN" - return stmt + buffer := bytes.NewBufferString("COPY ") + BufferQuoteIdentifier(schema, buffer) + buffer.WriteRune('.') + BufferQuoteIdentifier(table, buffer) + buffer.WriteString(" (") + makeStmt(buffer, columns...) + return buffer.String() } type copyin struct { @@ -49,12 +57,14 @@ type copyin struct { buffer []byte rowData chan []byte done chan bool - driver.Result closed bool - sync.Mutex // guards err - err error + mu struct { + sync.Mutex + err error + driver.Result + } } const ciBufferSize = 64 * 1024 @@ -98,13 +108,13 @@ awaitCopyInResponse: err = parseError(r) case 'Z': if err == nil { - ci.setBad() + ci.setBad(driver.ErrBadConn) errorf("unexpected ReadyForQuery in response to COPY") } cn.processReadyForQuery(r) return nil, err default: - ci.setBad() + ci.setBad(driver.ErrBadConn) errorf("unknown response for copy query: %q", t) } } @@ -123,7 +133,7 @@ awaitCopyInResponse: cn.processReadyForQuery(r) return nil, err default: - ci.setBad() + ci.setBad(driver.ErrBadConn) errorf("unknown response for CopyFail: %q", t) } } @@ -144,7 +154,7 @@ func (ci *copyin) resploop() { var r readBuf t, err := ci.cn.recvMessage(&r) if err != nil { - ci.setBad() + ci.setBad(driver.ErrBadConn) ci.setError(err) ci.done <- true return @@ -166,7 +176,7 @@ func (ci *copyin) resploop() { err := parseError(&r) ci.setError(err) default: - ci.setBad() + ci.setBad(driver.ErrBadConn) ci.setError(fmt.Errorf("unknown response during CopyIn: %q", t)) ci.done <- true return @@ -174,46 +184,41 @@ func (ci *copyin) resploop() { } } -func (ci *copyin) setBad() { - ci.Lock() - ci.cn.setBad() - ci.Unlock() +func (ci *copyin) setBad(err error) { + ci.cn.err.set(err) } -func (ci *copyin) isBad() bool { - ci.Lock() - b := ci.cn.getBad() - ci.Unlock() - return b +func (ci *copyin) getBad() error { + return ci.cn.err.get() } -func (ci *copyin) isErrorSet() bool { - ci.Lock() - isSet := (ci.err != nil) - ci.Unlock() - return isSet +func (ci *copyin) err() error { + ci.mu.Lock() + err := ci.mu.err + ci.mu.Unlock() + return err } // setError() sets ci.err if one has not been set already. Caller must not be // holding ci.Mutex. func (ci *copyin) setError(err error) { - ci.Lock() - if ci.err == nil { - ci.err = err + ci.mu.Lock() + if ci.mu.err == nil { + ci.mu.err = err } - ci.Unlock() + ci.mu.Unlock() } func (ci *copyin) setResult(result driver.Result) { - ci.Lock() - ci.Result = result - ci.Unlock() + ci.mu.Lock() + ci.mu.Result = result + ci.mu.Unlock() } func (ci *copyin) getResult() driver.Result { - ci.Lock() - result := ci.Result - ci.Unlock() + ci.mu.Lock() + result := ci.mu.Result + ci.mu.Unlock() if result == nil { return driver.RowsAffected(0) } @@ -240,13 +245,13 @@ func (ci *copyin) Exec(v []driver.Value) (r driver.Result, err error) { return nil, errCopyInClosed } - if ci.isBad() { - return nil, driver.ErrBadConn + if err := ci.getBad(); err != nil { + return nil, err } defer ci.cn.errRecover(&err) - if ci.isErrorSet() { - return nil, ci.err + if err := ci.err(); err != nil { + return nil, err } if len(v) == 0 { @@ -276,14 +281,51 @@ func (ci *copyin) Exec(v []driver.Value) (r driver.Result, err error) { return driver.RowsAffected(0), nil } +// CopyData inserts a raw string into the COPY stream. The insert is +// asynchronous and CopyData can return errors from previous CopyData calls to +// the same COPY stmt. +// +// You need to call Exec(nil) to sync the COPY stream and to get any +// errors from pending data, since Stmt.Close() doesn't return errors +// to the user. +func (ci *copyin) CopyData(ctx context.Context, line string) (r driver.Result, err error) { + if ci.closed { + return nil, errCopyInClosed + } + + if finish := ci.cn.watchCancel(ctx); finish != nil { + defer finish() + } + + if err := ci.getBad(); err != nil { + return nil, err + } + defer ci.cn.errRecover(&err) + + if err := ci.err(); err != nil { + return nil, err + } + + ci.buffer = append(ci.buffer, []byte(line)...) + ci.buffer = append(ci.buffer, '\n') + + if len(ci.buffer) > ciBufferFlushSize { + ci.flush(ci.buffer) + // reset buffer, keep bytes for message identifier and length + ci.buffer = ci.buffer[:5] + } + + return driver.RowsAffected(0), nil +} + func (ci *copyin) Close() (err error) { if ci.closed { // Don't do anything, we're already closed return nil } ci.closed = true - if ci.isBad() { - return driver.ErrBadConn + if err := ci.getBad(); err != nil { + return err } defer ci.cn.errRecover(&err) @@ -299,8 +341,7 @@ func (ci *copyin) Close() (err error) { <-ci.done ci.cn.inCopy = false - if ci.isErrorSet() { - err = ci.err + if err := ci.err(); err != nil { return err } return nil diff --git a/vendor/github.com/lib/pq/encode.go b/vendor/github.com/lib/pq/encode.go index c4dafe270..bffe6096a 100644 --- a/vendor/github.com/lib/pq/encode.go +++ b/vendor/github.com/lib/pq/encode.go @@ -200,11 +200,17 @@ func appendEscapedText(buf []byte, text string) []byte { func mustParse(f string, typ oid.Oid, s []byte) time.Time { str := string(s) - // check for a 30-minute-offset timezone - if (typ == oid.T_timestamptz || typ == oid.T_timetz) && - str[len(str)-3] == ':' { - f += ":00" + // Check for a minute and second offset in the timezone. + if typ == oid.T_timestamptz || typ == oid.T_timetz { + for i := 3; i <= 6; i += 3 { + if str[len(str)-i] == ':' { + f += ":00" + continue + } + break + } } + // Special case for 24:00 time. // Unfortunately, golang does not parse 24:00 as a proper time. // In this case, we want to try "round to the next day", to differentiate. @@ -416,7 +422,7 @@ func ParseTimestamp(currentLocation *time.Location, str string) (time.Time, erro if remainderIdx < len(str) && str[remainderIdx] == '.' { fracStart := remainderIdx + 1 - fracOff := strings.IndexAny(str[fracStart:], "-+ ") + fracOff := strings.IndexAny(str[fracStart:], "-+Z ") if fracOff < 0 { fracOff = len(str) - fracStart } @@ -426,7 +432,7 @@ func ParseTimestamp(currentLocation *time.Location, str string) (time.Time, erro remainderIdx += fracOff + 1 } if tzStart := remainderIdx; tzStart < len(str) && (str[tzStart] == '-' || str[tzStart] == '+') { - // time zone separator is always '-' or '+' (UTC is +00) + // time zone separator is always '-' or '+' or 'Z' (UTC is +00) var tzSign int switch c := str[tzStart]; c { case '-': @@ -448,7 +454,11 @@ func ParseTimestamp(currentLocation *time.Location, str string) (time.Time, erro remainderIdx += 3 } tzOff = tzSign * ((tzHours * 60 * 60) + (tzMin * 60) + tzSec) + } else if tzStart < len(str) && str[tzStart] == 'Z' { + // time zone Z separator indicates UTC is +00 + remainderIdx += 1 } + var isoYear int if isBC { @@ -553,7 +563,7 @@ func parseBytea(s []byte) (result []byte, err error) { if len(s) < 4 { return nil, fmt.Errorf("invalid bytea sequence %v", s) } - r, err := strconv.ParseInt(string(s[1:4]), 8, 9) + r, err := strconv.ParseUint(string(s[1:4]), 8, 8) if err != nil { return nil, fmt.Errorf("could not parse bytea value: %s", err.Error()) } diff --git a/vendor/github.com/lib/pq/error.go b/vendor/github.com/lib/pq/error.go index c19c349f1..f67c5a5fa 100644 --- a/vendor/github.com/lib/pq/error.go +++ b/vendor/github.com/lib/pq/error.go @@ -402,6 +402,11 @@ func (err *Error) Fatal() bool { return err.Severity == Efatal } +// SQLState returns the SQLState of the error. +func (err *Error) SQLState() string { + return string(err.Code) +} + // Get implements the legacy PGError interface. New code should use the fields // of the Error struct directly. func (err *Error) Get(k byte) (v string) { @@ -444,7 +449,7 @@ func (err *Error) Get(k byte) (v string) { return "" } -func (err Error) Error() string { +func (err *Error) Error() string { return "pq: " + err.Message } @@ -484,7 +489,7 @@ func (cn *conn) errRecover(err *error) { case nil: // Do nothing case runtime.Error: - cn.setBad() + cn.err.set(driver.ErrBadConn) panic(v) case *Error: if v.Fatal() { @@ -493,26 +498,26 @@ func (cn *conn) errRecover(err *error) { *err = v } case *net.OpError: - cn.setBad() + cn.err.set(driver.ErrBadConn) *err = v case *safeRetryError: - cn.setBad() + cn.err.set(driver.ErrBadConn) *err = driver.ErrBadConn case error: - if v == io.EOF || v.(error).Error() == "remote error: handshake failure" { + if v == io.EOF || v.Error() == "remote error: handshake failure" { *err = driver.ErrBadConn } else { *err = v } default: - cn.setBad() + cn.err.set(driver.ErrBadConn) panic(fmt.Sprintf("unknown error: %#v", e)) } // Any time we return ErrBadConn, we need to remember it since *Tx doesn't // mark the connection bad in database/sql. if *err == driver.ErrBadConn { - cn.setBad() + cn.err.set(driver.ErrBadConn) } } diff --git a/vendor/github.com/lib/pq/notice.go b/vendor/github.com/lib/pq/notice.go index 01dd8c723..70ad122a7 100644 --- a/vendor/github.com/lib/pq/notice.go +++ b/vendor/github.com/lib/pq/notice.go @@ -1,3 +1,4 @@ +//go:build go1.10 // +build go1.10 package pq diff --git a/vendor/github.com/lib/pq/ssl.go b/vendor/github.com/lib/pq/ssl.go index e5eb92895..36b61ba45 100644 --- a/vendor/github.com/lib/pq/ssl.go +++ b/vendor/github.com/lib/pq/ssl.go @@ -8,6 +8,7 @@ import ( "os" "os/user" "path/filepath" + "strings" ) // ssl generates a function to upgrade a net.Conn based on the "sslmode" and @@ -50,6 +51,16 @@ func ssl(o values) (func(net.Conn) (net.Conn, error), error) { return nil, fmterrorf(`unsupported sslmode %q; only "require" (default), "verify-full", "verify-ca", and "disable" supported`, mode) } + // Set Server Name Indication (SNI), if enabled by connection parameters. + // By default SNI is on, any value which is not starting with "1" disables + // SNI -- that is the same check vanilla libpq uses. + if sslsni := o["sslsni"]; sslsni == "" || strings.HasPrefix(sslsni, "1") { + // RFC 6066 asks to not set SNI if the host is a literal IP address (IPv4 + // or IPv6). This check is coded already crypto.tls.hostnameInSNI, so + // just always set ServerName here and let crypto/tls do the filtering. + tlsConf.ServerName = o["host"] + } + err := sslClientCertificates(&tlsConf, o) if err != nil { return nil, err diff --git a/vendor/github.com/lib/pq/ssl_permissions.go b/vendor/github.com/lib/pq/ssl_permissions.go index 3b7c3a2a3..d587f102e 100644 --- a/vendor/github.com/lib/pq/ssl_permissions.go +++ b/vendor/github.com/lib/pq/ssl_permissions.go @@ -1,8 +1,30 @@ +//go:build !windows // +build !windows package pq -import "os" +import ( + "errors" + "os" + "syscall" +) + +const ( + rootUserID = uint32(0) + + // The maximum permissions that a private key file owned by a regular user + // is allowed to have. This translates to u=rw. + maxUserOwnedKeyPermissions os.FileMode = 0600 + + // The maximum permissions that a private key file owned by root is allowed + // to have. This translates to u=rw,g=r. + maxRootOwnedKeyPermissions os.FileMode = 0640 +) + +var ( + errSSLKeyHasUnacceptableUserPermissions = errors.New("permissions for files not owned by root should be u=rw (0600) or less") + errSSLKeyHasUnacceptableRootPermissions = errors.New("permissions for root owned files should be u=rw,g=r (0640) or less") +) // sslKeyPermissions checks the permissions on user-supplied ssl key files. // The key file should have very little access. @@ -13,8 +35,59 @@ func sslKeyPermissions(sslkey string) error { if err != nil { return err } - if info.Mode().Perm()&0077 != 0 { - return ErrSSLKeyHasWorldPermissions + + err = hasCorrectPermissions(info) + + // return ErrSSLKeyHasWorldPermissions for backwards compatability with + // existing code. + if err == errSSLKeyHasUnacceptableUserPermissions || err == errSSLKeyHasUnacceptableRootPermissions { + err = ErrSSLKeyHasWorldPermissions } - return nil + return err +} + +// hasCorrectPermissions checks the file info (and the unix-specific stat_t +// output) to verify that the permissions on the file are correct. +// +// If the file is owned by the same user the process is running as, +// the file should only have 0600 (u=rw). If the file is owned by root, +// and the group matches the group that the process is running in, the +// permissions cannot be more than 0640 (u=rw,g=r). The file should +// never have world permissions. +// +// Returns an error when the permission check fails. +func hasCorrectPermissions(info os.FileInfo) error { + // if file's permission matches 0600, allow access. + userPermissionMask := (os.FileMode(0777) ^ maxUserOwnedKeyPermissions) + + // regardless of if we're running as root or not, 0600 is acceptable, + // so we return if we match the regular user permission mask. + if info.Mode().Perm()&userPermissionMask == 0 { + return nil + } + + // We need to pull the Unix file information to get the file's owner. + // If we can't access it, there's some sort of operating system level error + // and we should fail rather than attempting to use faulty information. + sysInfo := info.Sys() + if sysInfo == nil { + return ErrSSLKeyUnknownOwnership + } + + unixStat, ok := sysInfo.(*syscall.Stat_t) + if !ok { + return ErrSSLKeyUnknownOwnership + } + + // if the file is owned by root, we allow 0640 (u=rw,g=r) to match what + // Postgres does. + if unixStat.Uid == rootUserID { + rootPermissionMask := (os.FileMode(0777) ^ maxRootOwnedKeyPermissions) + if info.Mode().Perm()&rootPermissionMask != 0 { + return errSSLKeyHasUnacceptableRootPermissions + } + return nil + } + + return errSSLKeyHasUnacceptableUserPermissions } diff --git a/vendor/github.com/lib/pq/ssl_windows.go b/vendor/github.com/lib/pq/ssl_windows.go index 5d2c763ce..73663c8f1 100644 --- a/vendor/github.com/lib/pq/ssl_windows.go +++ b/vendor/github.com/lib/pq/ssl_windows.go @@ -1,3 +1,4 @@ +//go:build windows // +build windows package pq diff --git a/vendor/github.com/lib/pq/user_other.go b/vendor/github.com/lib/pq/user_other.go new file mode 100644 index 000000000..3dae8f557 --- /dev/null +++ b/vendor/github.com/lib/pq/user_other.go @@ -0,0 +1,10 @@ +// Package pq is a pure Go Postgres driver for the database/sql package. + +//go:build js || android || hurd || zos +// +build js android hurd zos + +package pq + +func userCurrent() (string, error) { + return "", ErrCouldNotDetectUsername +} diff --git a/vendor/github.com/lib/pq/user_posix.go b/vendor/github.com/lib/pq/user_posix.go index a51019205..5f2d439bc 100644 --- a/vendor/github.com/lib/pq/user_posix.go +++ b/vendor/github.com/lib/pq/user_posix.go @@ -1,6 +1,7 @@ // Package pq is a pure Go Postgres driver for the database/sql package. -// +build aix darwin dragonfly freebsd linux nacl netbsd openbsd plan9 solaris rumprun +//go:build aix || darwin || dragonfly || freebsd || (linux && !android) || nacl || netbsd || openbsd || plan9 || solaris || rumprun || illumos +// +build aix darwin dragonfly freebsd linux,!android nacl netbsd openbsd plan9 solaris rumprun illumos package pq diff --git a/vendor/modules.txt b/vendor/modules.txt index 32a6fe87a..3e0b1aeb2 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -72,7 +72,7 @@ github.com/kisielk/sqlstruct # github.com/kylelemons/go-gypsy v1.0.0 ## explicit; go 1.5 github.com/kylelemons/go-gypsy/yaml -# github.com/lib/pq v1.10.1 +# github.com/lib/pq v1.10.9 ## explicit; go 1.13 github.com/lib/pq github.com/lib/pq/oid From 4a5a64d7e29d14d2aa947cf377ffe166ccf57954 Mon Sep 17 00:00:00 2001 From: Benjamin Wang Date: Fri, 12 May 2023 12:58:29 +0800 Subject: [PATCH 19/73] bump github.com/zmap/zlint/v3 from 3.1.0 to 3.4.1 Signed-off-by: Benjamin Wang --- go.mod | 8 +- go.sum | 21 +- .../pelletier/go-toml/.dockerignore | 2 + .../github.com/pelletier/go-toml/.gitignore | 5 + .../pelletier/go-toml/CONTRIBUTING.md | 132 ++ .../github.com/pelletier/go-toml/Dockerfile | 11 + vendor/github.com/pelletier/go-toml/LICENSE | 247 ++++ vendor/github.com/pelletier/go-toml/Makefile | 29 + .../go-toml/PULL_REQUEST_TEMPLATE.md | 5 + vendor/github.com/pelletier/go-toml/README.md | 176 +++ .../pelletier/go-toml/azure-pipelines.yml | 188 +++ .../github.com/pelletier/go-toml/benchmark.sh | 35 + vendor/github.com/pelletier/go-toml/doc.go | 23 + .../pelletier/go-toml/example-crlf.toml | 30 + .../github.com/pelletier/go-toml/example.toml | 30 + vendor/github.com/pelletier/go-toml/fuzz.go | 31 + vendor/github.com/pelletier/go-toml/fuzz.sh | 15 + .../pelletier/go-toml/keysparsing.go | 112 ++ vendor/github.com/pelletier/go-toml/lexer.go | 1031 +++++++++++++ .../github.com/pelletier/go-toml/localtime.go | 287 ++++ .../github.com/pelletier/go-toml/marshal.go | 1308 +++++++++++++++++ .../go-toml/marshal_OrderPreserve_test.toml | 39 + .../pelletier/go-toml/marshal_test.toml | 39 + vendor/github.com/pelletier/go-toml/parser.go | 508 +++++++ .../github.com/pelletier/go-toml/position.go | 29 + vendor/github.com/pelletier/go-toml/token.go | 136 ++ vendor/github.com/pelletier/go-toml/toml.go | 533 +++++++ .../github.com/pelletier/go-toml/tomlpub.go | 71 + .../pelletier/go-toml/tomltree_create.go | 155 ++ .../pelletier/go-toml/tomltree_write.go | 552 +++++++ .../pelletier/go-toml/tomltree_writepub.go | 6 + .../publicsuffix-go/publicsuffix/rules.go | 390 +++-- .../zmap/zcrypto/cryptobyte/NOTICE.md | 2 + .../zmap/zcrypto/cryptobyte/asn1.go | 752 ++++++++++ .../zmap/zcrypto/cryptobyte/asn1/asn1.go | 46 + .../zmap/zcrypto/cryptobyte/builder.go | 337 +++++ .../zmap/zcrypto/cryptobyte/string.go | 161 ++ .../zmap/zcrypto/encoding/asn1/README.md | 1 + .../zmap/zcrypto/encoding/asn1/asn1.go | 1146 +++++++++++++++ .../zmap/zcrypto/encoding/asn1/common.go | 192 +++ .../zmap/zcrypto/encoding/asn1/marshal.go | 747 ++++++++++ .../zmap/zcrypto/x509/extended_key_usage.go | 2 +- .../zmap/zcrypto/x509/extensions.go | 2 +- vendor/github.com/zmap/zcrypto/x509/json.go | 11 +- vendor/github.com/zmap/zcrypto/x509/pkcs1.go | 3 +- vendor/github.com/zmap/zcrypto/x509/pkcs8.go | 3 +- .../github.com/zmap/zcrypto/x509/pkix/json.go | 3 +- .../github.com/zmap/zcrypto/x509/pkix/oid.go | 3 +- .../github.com/zmap/zcrypto/x509/pkix/pkix.go | 270 ++-- .../zmap/zcrypto/x509/qc_statements.go | 3 +- vendor/github.com/zmap/zcrypto/x509/sec1.go | 3 +- .../zcrypto/x509/tor_service_descriptor.go | 2 +- vendor/github.com/zmap/zcrypto/x509/x509.go | 122 +- vendor/github.com/zmap/zlint/v3/lint/base.go | 66 +- .../zmap/zlint/v3/lint/configuration.go | 248 ++++ .../zlint/v3/lint/global_configurations.go | 155 ++ .../zmap/zlint/v3/lint/registration.go | 101 +- .../github.com/zmap/zlint/v3/lint/result.go | 1 + .../github.com/zmap/zlint/v3/lint/source.go | 5 +- .../lint_ct_sct_policy_count_unsatisfied.go | 9 +- ...er_cert_valid_time_longer_than_398_days.go | 6 +- ...er_cert_valid_time_longer_than_397_days.go | 6 +- .../cabf_br/lint_ca_common_name_missing.go | 6 +- .../cabf_br/lint_ca_country_name_invalid.go | 6 +- .../cabf_br/lint_ca_country_name_missing.go | 6 +- .../lints/cabf_br/lint_ca_crl_sign_not_set.go | 6 +- .../lint_ca_digital_signature_not_set.go | 6 +- .../zlint/v3/lints/cabf_br/lint_ca_is_ca.go | 13 +- .../cabf_br/lint_ca_key_cert_sign_not_set.go | 6 +- .../cabf_br/lint_ca_key_usage_missing.go | 6 +- .../cabf_br/lint_ca_key_usage_not_critical.go | 6 +- .../lint_ca_organization_name_missing.go | 6 +- .../lint_cab_dv_conflicts_with_locality.go | 28 +- .../cabf_br/lint_cab_dv_conflicts_with_org.go | 6 +- .../lint_cab_dv_conflicts_with_postal.go | 6 +- .../lint_cab_dv_conflicts_with_province.go | 6 +- .../lint_cab_dv_conflicts_with_street.go | 6 +- .../lint_cab_iv_requires_personal_name.go | 6 +- .../lints/cabf_br/lint_cab_ov_requires_org.go | 6 +- .../lint_cert_policy_iv_requires_country.go | 6 +- ...policy_iv_requires_province_or_locality.go | 6 +- .../lint_cert_policy_ov_requires_country.go | 6 +- ...policy_ov_requires_province_or_locality.go | 6 +- .../lints/cabf_br/lint_dh_params_missing.go | 19 +- .../lint_dnsname_bad_character_in_label.go | 12 +- .../lint_dnsname_check_left_label_wildcard.go | 6 +- .../lint_dnsname_contains_bare_iana_suffix.go | 6 +- .../lint_dnsname_contains_empty_label.go | 6 +- ...name_contains_prohibited_reserved_label.go | 58 + .../cabf_br/lint_dnsname_hyphen_in_sld.go | 6 +- .../cabf_br/lint_dnsname_label_too_long.go | 6 +- .../lint_dnsname_right_label_valid_tld.go | 6 +- .../cabf_br/lint_dnsname_underscore_in_sld.go | 6 +- .../cabf_br/lint_dnsname_underscore_in_trd.go | 6 +- ..._dnsname_wildcard_left_of_public_suffix.go | 6 +- ...int_dnsname_wildcard_only_in_left_label.go | 6 +- .../lint_dsa_correct_order_in_subgroup.go | 9 +- ...nt_dsa_improper_modulus_or_divisor_size.go | 8 +- .../lint_dsa_shorter_than_2048_bits.go | 8 +- .../lint_dsa_unique_correct_representation.go | 9 +- ...issing.go => lint_e_sub_ca_aia_missing.go} | 17 +- .../lints/cabf_br/lint_ec_improper_curves.go | 6 +- .../lint_ext_nc_intersects_reserved_ip.go | 6 +- .../lint_ext_san_contains_reserved_ip.go | 6 +- .../lint_ext_san_critical_with_subject_dn.go | 6 +- .../lint_ext_san_directory_name_present.go | 6 +- .../lint_ext_san_edi_party_name_present.go | 6 +- .../v3/lints/cabf_br/lint_ext_san_missing.go | 6 +- .../lint_ext_san_other_name_present.go | 6 +- .../lint_ext_san_registered_id_present.go | 6 +- .../lint_ext_san_rfc822_name_present.go | 6 +- ...san_uniform_resource_identifier_present.go | 6 +- ...ext_tor_service_descriptor_hash_invalid.go | 10 +- .../lint_extra_subject_common_names.go | 6 +- .../lint_invalid_certificate_version.go | 6 +- .../lint_no_underscores_before_1_6_2.go | 58 + ...sp_nocheck_ext_not_included_server_auth.go | 6 +- ...old_root_ca_rsa_mod_less_than_2048_bits.go | 6 +- ..._old_sub_ca_rsa_mod_less_than_1024_bits.go | 6 +- ...ld_sub_cert_rsa_mod_less_than_1024_bits.go | 6 +- ...int_organizational_unit_name_prohibited.go | 50 + .../lints/cabf_br/lint_prohibit_dsa_usage.go | 50 + .../lint_public_key_type_not_allowed.go | 6 +- ...aints_path_len_constraint_field_present.go | 9 +- .../lint_root_ca_contains_cert_policy.go | 6 +- ...lint_root_ca_extended_key_usage_present.go | 6 +- ...lint_root_ca_key_usage_must_be_critical.go | 6 +- .../cabf_br/lint_root_ca_key_usage_present.go | 6 +- ...t_rsa_mod_factors_smaller_than_752_bits.go | 6 +- .../lint_rsa_mod_less_than_2048_bits.go | 8 +- .../v3/lints/cabf_br/lint_rsa_mod_not_odd.go | 6 +- .../lint_rsa_public_exponent_not_in_range.go | 11 +- .../lint_rsa_public_exponent_not_odd.go | 6 +- .../lint_rsa_public_exponent_too_small.go | 6 +- .../lint_san_dns_name_onion_invalid.go | 6 +- .../lint_san_dns_name_onion_not_ev_cert.go | 6 +- .../lint_signature_algorithm_not_supported.go | 6 +- ..._ca_aia_does_not_contain_issuing_ca_url.go | 6 +- .../lint_sub_ca_aia_marked_critical.go | 6 +- ...ca_certificate_policies_marked_critical.go | 6 +- ...int_sub_ca_certificate_policies_missing.go | 6 +- ...istribution_points_does_not_contain_url.go | 6 +- ...crl_distribution_points_marked_critical.go | 6 +- ..._sub_ca_crl_distribution_points_missing.go | 6 +- .../lints/cabf_br/lint_sub_ca_eku_critical.go | 6 +- .../lints/cabf_br/lint_sub_ca_eku_missing.go | 6 +- .../cabf_br/lint_sub_ca_eku_valid_fields.go | 6 +- ...nt_sub_ca_name_constraints_not_critical.go | 6 +- ...ert_aia_does_not_contain_issuing_ca_url.go | 6 +- ..._sub_cert_aia_does_not_contain_ocsp_url.go | 6 +- .../lint_sub_cert_aia_marked_critical.go | 6 +- .../cabf_br/lint_sub_cert_aia_missing.go | 6 +- .../lint_sub_cert_cert_policy_empty.go | 6 +- ...rt_certificate_policies_marked_critical.go | 6 +- ...t_sub_cert_certificate_policies_missing.go | 6 +- .../lint_sub_cert_country_name_must_appear.go | 6 +- ...istribution_points_does_not_contain_url.go | 6 +- ...crl_distribution_points_marked_critical.go | 6 +- .../cabf_br/lint_sub_cert_eku_extra_values.go | 6 +- .../cabf_br/lint_sub_cert_eku_missing.go | 6 +- ...ert_eku_server_auth_client_auth_missing.go | 6 +- .../lint_sub_cert_gn_sn_contains_policy.go | 6 +- .../v3/lints/cabf_br/lint_sub_cert_is_ca.go | 9 +- ...nt_sub_cert_key_usage_cert_sign_bit_set.go | 6 +- ...int_sub_cert_key_usage_crl_sign_bit_set.go | 6 +- ...lint_sub_cert_locality_name_must_appear.go | 6 +- ..._sub_cert_locality_name_must_not_appear.go | 6 +- .../lint_sub_cert_or_sub_ca_using_sha1.go | 6 +- .../lint_sub_cert_postal_code_prohibited.go | 6 +- .../lint_sub_cert_province_must_appear.go | 6 +- .../lint_sub_cert_province_must_not_appear.go | 6 +- .../lint_sub_cert_sha1_expiration_too_long.go | 12 +- ...ub_cert_street_address_should_not_exist.go | 6 +- ...b_cert_valid_time_longer_than_39_months.go | 6 +- ...ub_cert_valid_time_longer_than_825_days.go | 6 +- .../lint_subject_common_name_included.go | 6 +- ...ubject_common_name_not_exactly_from_san.go | 82 ++ .../lint_subject_common_name_not_from_san.go | 17 +- ...lint_subject_contains_malformed_arpa_ip.go | 9 +- ...subject_contains_noninformational_value.go | 6 +- ...onal_unit_name_and_no_organization_name.go | 60 + .../lint_subject_contains_reserved_arpa_ip.go | 9 +- .../lint_subject_contains_reserved_ip.go | 6 +- .../cabf_br/lint_subject_country_not_iso.go | 6 +- ...er_algorithm_object_identifier_encoding.go | 88 ++ ...t_underscore_not_permissible_in_dnsname.go | 54 + .../cabf_br/lint_w_sub_ca_aia_missing.go | 58 + .../lint_ev_business_category_missing.go | 6 +- .../cabf_ev/lint_ev_country_name_missing.go | 6 +- .../v3/lints/cabf_ev/lint_ev_not_wildcard.go | 58 + .../lint_ev_organization_id_missing.go | 6 +- .../lint_ev_organization_name_missing.go | 6 +- .../cabf_ev/lint_ev_san_ip_address_present.go | 49 + .../cabf_ev/lint_ev_serial_number_missing.go | 6 +- .../cabf_ev/lint_ev_valid_time_too_long.go | 6 +- ...t_onion_subject_validity_time_too_large.go | 9 +- .../lints/community/lint_ian_bare_wildcard.go | 6 +- .../lint_ian_dns_name_includes_null_char.go | 6 +- .../lint_ian_dns_name_starts_with_period.go | 6 +- .../lint_ian_iana_pub_suffix_empty.go | 6 +- .../community/lint_ian_wildcard_not_first.go | 6 +- .../lints/community/lint_is_redacted_cert.go | 6 +- .../lint_issuer_dn_leading_whitespace.go | 6 +- .../lint_issuer_dn_trailing_whitespace.go | 6 +- .../community/lint_issuer_multiple_rdn.go | 9 +- .../lints/community/lint_rsa_exp_negative.go | 6 +- .../lint_rsa_fermat_factorization.go | 121 ++ .../lints/community/lint_rsa_no_public_key.go | 6 +- .../lints/community/lint_san_bare_wildcard.go | 6 +- .../community/lint_san_dns_name_duplicate.go | 6 +- .../lint_san_dns_name_includes_null_char.go | 6 +- .../lint_san_dns_name_starts_with_period.go | 6 +- .../lint_san_iana_pub_suffix_empty.go | 6 +- .../community/lint_san_wildcard_not_first.go | 6 +- .../lint_subject_dn_leading_whitespace.go | 6 +- .../lint_subject_dn_trailing_whitespace.go | 6 +- .../community/lint_subject_multiple_rdn.go | 9 +- .../lint_validity_time_not_positive.go | 6 +- ...lint_qcstatem_etsi_present_qcs_critical.go | 6 +- .../etsi/lint_qcstatem_etsi_type_as_statem.go | 8 +- .../lint_qcstatem_mandatory_etsi_statems.go | 9 +- .../etsi/lint_qcstatem_qccompliance_valid.go | 13 +- .../etsi/lint_qcstatem_qclimitvalue_valid.go | 12 +- .../etsi/lint_qcstatem_qcpds_lang_case.go | 12 +- .../lints/etsi/lint_qcstatem_qcpds_valid.go | 12 +- .../lint_qcstatem_qcretentionperiod_valid.go | 13 +- .../lints/etsi/lint_qcstatem_qcsscd_valid.go | 13 +- .../lints/etsi/lint_qcstatem_qctype_valid.go | 12 +- .../v3/lints/etsi/lint_qcstatem_qctype_web.go | 12 +- .../mozilla/lint_e_prohibit_dsa_usage.go | 62 + .../v3/lints/mozilla/lint_mp_allowed_eku.go | 8 +- ...int_mp_authority_key_identifier_correct.go | 8 +- .../lint_mp_ecdsa_pub_key_encoding_correct.go | 10 +- ...int_mp_ecdsa_signature_encoding_correct.go | 6 +- .../mozilla/lint_mp_exponent_cannot_be_one.go | 6 +- ...nt_mp_modulus_must_be_2048_bits_or_more.go | 6 +- .../lint_mp_modulus_must_be_divisible_by_8.go | 6 +- ...lint_mp_pss_parameters_encoding_correct.go | 10 +- .../mozilla/lint_mp_rsassa-pss_in_spki.go | 6 +- .../lint_basic_constraints_not_critical.go | 6 +- .../lints/rfc/lint_ca_subject_field_empty.go | 6 +- .../lint_cert_contains_unique_identifier.go | 6 +- .../rfc/lint_cert_extensions_version_not_3.go | 6 +- ...rt_unique_identifier_version_not_2_or_3.go | 6 +- .../rfc/lint_distribution_point_incomplete.go | 9 +- ..._distribution_point_missing_ldap_or_uri.go | 6 +- .../rfc/lint_dnsname_contains_empty_label.go | 63 + .../lints/rfc/lint_dnsname_hyphen_in_sld.go | 58 + .../lints/rfc/lint_dnsname_label_too_long.go | 64 + .../rfc/lint_dnsname_underscore_in_sld.go | 57 + .../rfc/lint_dnsname_underscore_in_trd.go | 58 + .../v3/lints/rfc/lint_ecdsa_allowed_ku.go | 91 ++ .../v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go | 9 +- .../lints/rfc/lint_eku_critical_improperly.go | 6 +- .../lint_ext_aia_access_location_missing.go | 6 +- .../lints/rfc/lint_ext_aia_marked_critical.go | 6 +- ...t_ext_authority_key_identifier_critical.go | 6 +- ...nt_ext_authority_key_identifier_missing.go | 6 +- ...hority_key_identifier_no_key_identifier.go | 6 +- ...lint_ext_cert_policy_contains_noticeref.go | 6 +- ..._policy_disallowed_any_policy_qualifier.go | 6 +- .../rfc/lint_ext_cert_policy_duplicate.go | 6 +- ...xt_cert_policy_explicit_text_ia5_string.go | 6 +- ...t_policy_explicit_text_includes_control.go | 7 +- ...t_ext_cert_policy_explicit_text_not_nfc.go | 6 +- ..._ext_cert_policy_explicit_text_not_utf8.go | 6 +- ..._ext_cert_policy_explicit_text_too_long.go | 10 +- ...nt_ext_crl_distribution_marked_critical.go | 6 +- .../lints/rfc/lint_ext_duplicate_extension.go | 6 +- .../lint_ext_freshest_crl_marked_critical.go | 6 +- .../v3/lints/rfc/lint_ext_ian_critical.go | 6 +- .../rfc/lint_ext_ian_dns_not_ia5_string.go | 6 +- .../v3/lints/rfc/lint_ext_ian_empty_name.go | 9 +- .../v3/lints/rfc/lint_ext_ian_no_entries.go | 6 +- .../rfc/lint_ext_ian_rfc822_format_invalid.go | 6 +- .../lints/rfc/lint_ext_ian_space_dns_name.go | 6 +- .../rfc/lint_ext_ian_uri_format_invalid.go | 6 +- .../lint_ext_ian_uri_host_not_fqdn_or_ip.go | 6 +- .../v3/lints/rfc/lint_ext_ian_uri_not_ia5.go | 6 +- .../v3/lints/rfc/lint_ext_ian_uri_relative.go | 6 +- ...lint_ext_key_usage_cert_sign_without_ca.go | 6 +- .../rfc/lint_ext_key_usage_not_critical.go | 6 +- .../rfc/lint_ext_key_usage_without_bits.go | 6 +- .../lint_ext_name_constraints_not_critical.go | 8 +- .../lint_ext_name_constraints_not_in_ca.go | 6 +- .../rfc/lint_ext_policy_constraints_empty.go | 9 +- ...int_ext_policy_constraints_not_critical.go | 6 +- .../rfc/lint_ext_policy_map_any_policy.go | 6 +- .../rfc/lint_ext_policy_map_not_critical.go | 6 +- .../lint_ext_policy_map_not_in_cert_policy.go | 6 +- .../rfc/lint_ext_san_dns_name_too_long.go | 6 +- .../rfc/lint_ext_san_dns_not_ia5_string.go | 6 +- .../v3/lints/rfc/lint_ext_san_empty_name.go | 9 +- .../v3/lints/rfc/lint_ext_san_no_entries.go | 6 +- ...nt_ext_san_not_critical_without_subject.go | 6 +- .../rfc/lint_ext_san_rfc822_format_invalid.go | 6 +- .../lints/rfc/lint_ext_san_space_dns_name.go | 6 +- .../rfc/lint_ext_san_uri_format_invalid.go | 6 +- .../lint_ext_san_uri_host_not_fqdn_or_ip.go | 6 +- .../v3/lints/rfc/lint_ext_san_uri_not_ia5.go | 6 +- .../v3/lints/rfc/lint_ext_san_uri_relative.go | 6 +- ...int_ext_subject_directory_attr_critical.go | 6 +- ...int_ext_subject_key_identifier_critical.go | 6 +- ...t_ext_subject_key_identifier_missing_ca.go | 6 +- ...subject_key_identifier_missing_sub_cert.go | 6 +- ...neralized_time_does_not_include_seconds.go | 9 +- ...eralized_time_includes_fraction_seconds.go | 9 +- .../rfc/lint_generalized_time_not_in_zulu.go | 6 +- .../rfc/lint_idn_dnsname_malformed_unicode.go | 13 +- .../lints/rfc/lint_idn_dnsname_must_be_nfc.go | 13 +- .../lints/rfc/lint_incorrect_ku_encoding.go | 80 + .../lint_inhibit_any_policy_not_critical.go | 6 +- ..._issuer_dn_country_not_printable_string.go | 9 +- .../v3/lints/rfc/lint_issuer_field_empty.go | 6 +- .../rfc/lint_key_usage_incorrect_length.go | 67 + .../lints/rfc/lint_name_constraint_empty.go | 9 +- ...lint_name_constraint_maximum_not_absent.go | 6 +- .../lint_name_constraint_minimum_non_zero.go | 7 +- .../rfc/lint_name_constraint_not_fqdn.go | 6 +- .../lint_name_constraint_on_edi_party_name.go | 6 +- .../lint_name_constraint_on_registered_id.go | 6 +- .../lints/rfc/lint_name_constraint_on_x400.go | 6 +- ...path_len_constraint_improperly_included.go | 9 +- .../lint_path_len_constraint_zero_or_less.go | 9 +- .../v3/lints/rfc/lint_rsa_allowed_ku_ca.go | 94 ++ .../v3/lints/rfc/lint_rsa_allowed_ku_ee.go | 92 ++ .../lint_rsa_allowed_ku_no_encipherment_ca.go | 71 + ...int_serial_number_longer_than_20_octets.go | 8 +- .../rfc/lint_serial_number_not_positive.go | 10 +- ..._spki_rsa_encryption_parameter_not_null.go | 6 +- .../lint_subject_common_name_max_length.go | 6 +- ...subject_dn_country_not_printable_string.go | 9 +- ...int_subject_dn_not_printable_characters.go | 8 +- ...int_subject_dn_serial_number_max_length.go | 6 +- ...t_dn_serial_number_not_printable_string.go | 9 +- .../rfc/lint_subject_email_max_length.go | 6 +- .../rfc/lint_subject_empty_without_san.go | 6 +- .../rfc/lint_subject_given_name_max_length.go | 37 +- ...bject_given_name_recommended_max_length.go | 62 + ...int_subject_info_access_marked_critical.go | 6 +- .../lint_subject_locality_name_max_length.go | 6 +- .../zlint/v3/lints/rfc/lint_subject_not_dn.go | 6 +- ...nt_subject_organization_name_max_length.go | 6 +- ...ect_organizational_unit_name_max_length.go | 6 +- .../lint_subject_postal_code_max_length.go | 6 +- .../lint_subject_printable_string_badalpha.go | 32 +- .../rfc/lint_subject_state_name_max_length.go | 6 +- .../lint_subject_street_address_max_length.go | 6 +- .../rfc/lint_subject_surname_max_length.go | 37 +- ..._subject_surname_recommended_max_length.go | 62 + .../lints/rfc/lint_superfluous_ku_encoding.go | 61 + ...ignature_alg_matches_cert_signature_alg.go | 6 +- ...ature_rsa_encryption_parameter_not_null.go | 6 +- .../lint_utc_time_does_not_include_seconds.go | 6 +- .../v3/lints/rfc/lint_utc_time_not_in_zulu.go | 6 +- .../rfc/lint_wrong_time_format_pre2050.go | 8 +- vendor/github.com/zmap/zlint/v3/makefile | 16 +- vendor/github.com/zmap/zlint/v3/newLint.sh | 1 + vendor/github.com/zmap/zlint/v3/resultset.go | 2 +- vendor/github.com/zmap/zlint/v3/template | 28 +- .../zlint/v3/util/algorithm_identifier.go | 7 +- .../zmap/zlint/v3/util/encodings.go | 2 +- vendor/github.com/zmap/zlint/v3/util/ev.go | 3 +- .../github.com/zmap/zlint/v3/util/gtld_map.go | 57 +- vendor/github.com/zmap/zlint/v3/util/idna.go | 60 + vendor/github.com/zmap/zlint/v3/util/ku.go | 18 + vendor/github.com/zmap/zlint/v3/util/names.go | 3 +- vendor/github.com/zmap/zlint/v3/util/oid.go | 3 +- vendor/github.com/zmap/zlint/v3/util/onion.go | 104 ++ .../github.com/zmap/zlint/v3/util/qc_stmt.go | 3 +- vendor/github.com/zmap/zlint/v3/util/rdn.go | 2 +- vendor/github.com/zmap/zlint/v3/util/time.go | 61 +- vendor/modules.txt | 16 +- 373 files changed, 13386 insertions(+), 1367 deletions(-) create mode 100644 vendor/github.com/pelletier/go-toml/.dockerignore create mode 100644 vendor/github.com/pelletier/go-toml/.gitignore create mode 100644 vendor/github.com/pelletier/go-toml/CONTRIBUTING.md create mode 100644 vendor/github.com/pelletier/go-toml/Dockerfile create mode 100644 vendor/github.com/pelletier/go-toml/LICENSE create mode 100644 vendor/github.com/pelletier/go-toml/Makefile create mode 100644 vendor/github.com/pelletier/go-toml/PULL_REQUEST_TEMPLATE.md create mode 100644 vendor/github.com/pelletier/go-toml/README.md create mode 100644 vendor/github.com/pelletier/go-toml/azure-pipelines.yml create mode 100644 vendor/github.com/pelletier/go-toml/benchmark.sh create mode 100644 vendor/github.com/pelletier/go-toml/doc.go create mode 100644 vendor/github.com/pelletier/go-toml/example-crlf.toml create mode 100644 vendor/github.com/pelletier/go-toml/example.toml create mode 100644 vendor/github.com/pelletier/go-toml/fuzz.go create mode 100644 vendor/github.com/pelletier/go-toml/fuzz.sh create mode 100644 vendor/github.com/pelletier/go-toml/keysparsing.go create mode 100644 vendor/github.com/pelletier/go-toml/lexer.go create mode 100644 vendor/github.com/pelletier/go-toml/localtime.go create mode 100644 vendor/github.com/pelletier/go-toml/marshal.go create mode 100644 vendor/github.com/pelletier/go-toml/marshal_OrderPreserve_test.toml create mode 100644 vendor/github.com/pelletier/go-toml/marshal_test.toml create mode 100644 vendor/github.com/pelletier/go-toml/parser.go create mode 100644 vendor/github.com/pelletier/go-toml/position.go create mode 100644 vendor/github.com/pelletier/go-toml/token.go create mode 100644 vendor/github.com/pelletier/go-toml/toml.go create mode 100644 vendor/github.com/pelletier/go-toml/tomlpub.go create mode 100644 vendor/github.com/pelletier/go-toml/tomltree_create.go create mode 100644 vendor/github.com/pelletier/go-toml/tomltree_write.go create mode 100644 vendor/github.com/pelletier/go-toml/tomltree_writepub.go create mode 100644 vendor/github.com/zmap/zcrypto/cryptobyte/NOTICE.md create mode 100644 vendor/github.com/zmap/zcrypto/cryptobyte/asn1.go create mode 100644 vendor/github.com/zmap/zcrypto/cryptobyte/asn1/asn1.go create mode 100644 vendor/github.com/zmap/zcrypto/cryptobyte/builder.go create mode 100644 vendor/github.com/zmap/zcrypto/cryptobyte/string.go create mode 100644 vendor/github.com/zmap/zcrypto/encoding/asn1/README.md create mode 100644 vendor/github.com/zmap/zcrypto/encoding/asn1/asn1.go create mode 100644 vendor/github.com/zmap/zcrypto/encoding/asn1/common.go create mode 100644 vendor/github.com/zmap/zcrypto/encoding/asn1/marshal.go create mode 100644 vendor/github.com/zmap/zlint/v3/lint/configuration.go create mode 100644 vendor/github.com/zmap/zlint/v3/lint/global_configurations.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_prohibited_reserved_label.go rename vendor/github.com/zmap/zlint/v3/lints/cabf_br/{lint_sub_ca_aia_missing.go => lint_e_sub_ca_aia_missing.go} (78%) create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_no_underscores_before_1_6_2.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_organizational_unit_name_prohibited.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_prohibit_dsa_usage.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_exactly_from_san.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_organizational_unit_name_and_no_organization_name.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_public_key_info_improper_algorithm_object_identifier_encoding.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_underscore_not_permissible_in_dnsname.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_w_sub_ca_aia_missing.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_not_wildcard.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_san_ip_address_present.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_fermat_factorization.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_e_prohibit_dsa_usage.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_contains_empty_label.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_hyphen_in_sld.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_label_too_long.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_sld.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_trd.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_allowed_ku.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_incorrect_ku_encoding.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_key_usage_incorrect_length.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ca.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ee.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_no_encipherment_ca.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_recommended_max_length.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_recommended_max_length.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_superfluous_ku_encoding.go create mode 100644 vendor/github.com/zmap/zlint/v3/util/idna.go create mode 100644 vendor/github.com/zmap/zlint/v3/util/onion.go diff --git a/go.mod b/go.mod index 556a3d355..f6a37c7f8 100644 --- a/go.mod +++ b/go.mod @@ -15,8 +15,8 @@ require ( github.com/mattn/go-sqlite3 v1.14.15 github.com/prometheus/client_golang v1.15.1 github.com/stretchr/testify v1.8.0 - github.com/zmap/zcrypto v0.0.0-20210511125630-18f1e0152cfc - github.com/zmap/zlint/v3 v3.1.0 + github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac + github.com/zmap/zlint/v3 v3.4.1 golang.org/x/crypto v0.3.0 ) @@ -27,15 +27,15 @@ require ( github.com/getsentry/sentry-go v0.11.0 // indirect github.com/go-logr/logr v1.2.0 // indirect github.com/golang/protobuf v1.5.3 // indirect - github.com/kr/text v0.2.0 // indirect github.com/kylelemons/go-gypsy v1.0.0 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect + github.com/pelletier/go-toml v1.9.3 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_model v0.3.0 // indirect github.com/prometheus/common v0.42.0 // indirect github.com/prometheus/procfs v0.9.0 // indirect github.com/rogpeppe/go-internal v1.10.0 // indirect - github.com/weppos/publicsuffix-go v0.15.1-0.20210511084619-b1f36a2d6c0b // indirect + github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236 // indirect github.com/ziutek/mymysql v1.5.4 // indirect golang.org/x/net v0.7.0 // indirect golang.org/x/sys v0.6.0 // indirect diff --git a/go.sum b/go.sum index ca331aeae..b97425dd8 100644 --- a/go.sum +++ b/go.sum @@ -72,7 +72,6 @@ github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8Nz github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -223,7 +222,6 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/go-gypsy v1.0.0 h1:7/wQ7A3UL1bnqRMnZ6T8cwCOArfZCxFmb1iTxaOOo1s= github.com/kylelemons/go-gypsy v1.0.0/go.mod h1:chkXM0zjdpXOiqkCW1XcCHDfjfk14PH2KKkQWxfJUcU= github.com/labstack/echo/v4 v4.1.11/go.mod h1:i541M3Fj6f76NZtHSj7TXnyM8n2gaodfvfxNnFqi74g= @@ -264,6 +262,8 @@ github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+ github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= +github.com/pelletier/go-toml v1.9.3 h1:zeC5b1GviRUyKYd6OJPvBU/mcVDVoL1OhT17FCt5dSQ= +github.com/pelletier/go-toml v1.9.3/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pingcap/errors v0.11.4 h1:lFuQV/oaUMGcD2tqt+01ROSmJs75VG1ToEOkZIZ4nE4= github.com/pingcap/errors v0.11.4/go.mod h1:Oi8TUi2kEtXXLMJk9l1cGmz20kV3TaQ0usTwv5KuLY8= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -309,7 +309,6 @@ github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPx github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= @@ -336,9 +335,8 @@ github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyC github.com/valyala/fasthttp v1.6.0/go.mod h1:FstJa9V+Pj9vQ7OJie2qMHdwemEDaDiSdBnvPM1Su9w= github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio= -github.com/weppos/publicsuffix-go v0.13.1-0.20210123135404-5fd73613514e/go.mod h1:HYux0V0Zi04bHNwOHy4cXJVz/TQjYonnF6aoYhj+3QE= -github.com/weppos/publicsuffix-go v0.15.1-0.20210511084619-b1f36a2d6c0b h1:FsyNrX12e5BkplJq7wKOLk0+C6LZ+KGXvuEcKUYm5ss= -github.com/weppos/publicsuffix-go v0.15.1-0.20210511084619-b1f36a2d6c0b/go.mod h1:HYux0V0Zi04bHNwOHy4cXJVz/TQjYonnF6aoYhj+3QE= +github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236 h1:vMJBP3PQViZsF6cOINtvyMC8ptpLsyJ4EwyFnzuWNxc= +github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236/go.mod h1:HYux0V0Zi04bHNwOHy4cXJVz/TQjYonnF6aoYhj+3QE= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= @@ -354,11 +352,10 @@ github.com/ziutek/mymysql v1.5.4 h1:GB0qdRGsTwQSBVYuVShFBKaXSnSnYYC2d9knnE1LHFs= github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0= github.com/zmap/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE= github.com/zmap/zcertificate v0.0.0-20180516150559-0e3d58b1bac4/go.mod h1:5iU54tB79AMBcySS0R2XIyZBAVmeHranShAFELYx7is= -github.com/zmap/zcrypto v0.0.0-20210123152837-9cf5beac6d91/go.mod h1:R/deQh6+tSWlgI9tb4jNmXxn8nSCabl5ZQsBX9//I/E= -github.com/zmap/zcrypto v0.0.0-20210511125630-18f1e0152cfc h1:zkGwegkOW709y0oiAraH/3D8njopUR/pARHv4tZZ6pw= -github.com/zmap/zcrypto v0.0.0-20210511125630-18f1e0152cfc/go.mod h1:FM4U1E3NzlNMRnSUTU3P1UdukWhYGifqEsjk9fn7BCk= -github.com/zmap/zlint/v3 v3.1.0 h1:WjVytZo79m/L1+/Mlphl09WBob6YTGljN5IGWZFpAv0= -github.com/zmap/zlint/v3 v3.1.0/go.mod h1:L7t8s3sEKkb0A2BxGy1IWrxt1ZATa1R4QfJZaQOD3zU= +github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac h1:+nr36qrZEH0RIYNjcUEnOrCUdcSG3om2ANaFA6iSVWA= +github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac/go.mod h1:egdRkzUylATvPkWMpebZbXhv0FMEMJGX/ur0D3Csk2s= +github.com/zmap/zlint/v3 v3.4.1 h1:zhGB2Q1oPNS+bODC5tTPlKDOnLfDGyxejgAEp1SfFiQ= +github.com/zmap/zlint/v3 v3.4.1/go.mod h1:WgepL2QqxyMHnrOWJ54NqrgfMtOyuXr52wEE0tcfo9k= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -498,7 +495,6 @@ golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= @@ -514,7 +510,6 @@ golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= diff --git a/vendor/github.com/pelletier/go-toml/.dockerignore b/vendor/github.com/pelletier/go-toml/.dockerignore new file mode 100644 index 000000000..7b5883475 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/.dockerignore @@ -0,0 +1,2 @@ +cmd/tomll/tomll +cmd/tomljson/tomljson diff --git a/vendor/github.com/pelletier/go-toml/.gitignore b/vendor/github.com/pelletier/go-toml/.gitignore new file mode 100644 index 000000000..e6ba63a5c --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/.gitignore @@ -0,0 +1,5 @@ +test_program/test_program_bin +fuzz/ +cmd/tomll/tomll +cmd/tomljson/tomljson +cmd/tomltestgen/tomltestgen diff --git a/vendor/github.com/pelletier/go-toml/CONTRIBUTING.md b/vendor/github.com/pelletier/go-toml/CONTRIBUTING.md new file mode 100644 index 000000000..98b9893d3 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/CONTRIBUTING.md @@ -0,0 +1,132 @@ +## Contributing + +Thank you for your interest in go-toml! We appreciate you considering +contributing to go-toml! + +The main goal is the project is to provide an easy-to-use TOML +implementation for Go that gets the job done and gets out of your way – +dealing with TOML is probably not the central piece of your project. + +As the single maintainer of go-toml, time is scarce. All help, big or +small, is more than welcomed! + +### Ask questions + +Any question you may have, somebody else might have it too. Always feel +free to ask them on the [issues tracker][issues-tracker]. We will try to +answer them as clearly and quickly as possible, time permitting. + +Asking questions also helps us identify areas where the documentation needs +improvement, or new features that weren't envisioned before. Sometimes, a +seemingly innocent question leads to the fix of a bug. Don't hesitate and +ask away! + +### Improve the documentation + +The best way to share your knowledge and experience with go-toml is to +improve the documentation. Fix a typo, clarify an interface, add an +example, anything goes! + +The documentation is present in the [README][readme] and thorough the +source code. On release, it gets updated on [pkg.go.dev][pkg.go.dev]. To make a +change to the documentation, create a pull request with your proposed +changes. For simple changes like that, the easiest way to go is probably +the "Fork this project and edit the file" button on Github, displayed at +the top right of the file. Unless it's a trivial change (for example a +typo), provide a little bit of context in your pull request description or +commit message. + +### Report a bug + +Found a bug! Sorry to hear that :(. Help us and other track them down and +fix by reporting it. [File a new bug report][bug-report] on the [issues +tracker][issues-tracker]. The template should provide enough guidance on +what to include. When in doubt: add more details! By reducing ambiguity and +providing more information, it decreases back and forth and saves everyone +time. + +### Code changes + +Want to contribute a patch? Very happy to hear that! + +First, some high-level rules: + +* A short proposal with some POC code is better than a lengthy piece of + text with no code. Code speaks louder than words. +* No backward-incompatible patch will be accepted unless discussed. + Sometimes it's hard, and Go's lack of versioning by default does not + help, but we try not to break people's programs unless we absolutely have + to. +* If you are writing a new feature or extending an existing one, make sure + to write some documentation. +* Bug fixes need to be accompanied with regression tests. +* New code needs to be tested. +* Your commit messages need to explain why the change is needed, even if + already included in the PR description. + +It does sound like a lot, but those best practices are here to save time +overall and continuously improve the quality of the project, which is +something everyone benefits from. + +#### Get started + +The fairly standard code contribution process looks like that: + +1. [Fork the project][fork]. +2. Make your changes, commit on any branch you like. +3. [Open up a pull request][pull-request] +4. Review, potential ask for changes. +5. Merge. You're in! + +Feel free to ask for help! You can create draft pull requests to gather +some early feedback! + +#### Run the tests + +You can run tests for go-toml using Go's test tool: `go test ./...`. +When creating a pull requests, all tests will be ran on Linux on a few Go +versions (Travis CI), and on Windows using the latest Go version +(AppVeyor). + +#### Style + +Try to look around and follow the same format and structure as the rest of +the code. We enforce using `go fmt` on the whole code base. + +--- + +### Maintainers-only + +#### Merge pull request + +Checklist: + +* Passing CI. +* Does not introduce backward-incompatible changes (unless discussed). +* Has relevant doc changes. +* Has relevant unit tests. + +1. Merge using "squash and merge". +2. Make sure to edit the commit message to keep all the useful information + nice and clean. +3. Make sure the commit title is clear and contains the PR number (#123). + +#### New release + +1. Go to [releases][releases]. Click on "X commits to master since this + release". +2. Make note of all the changes. Look for backward incompatible changes, + new features, and bug fixes. +3. Pick the new version using the above and semver. +4. Create a [new release][new-release]. +5. Follow the same format as [1.1.0][release-110]. + +[issues-tracker]: https://github.com/pelletier/go-toml/issues +[bug-report]: https://github.com/pelletier/go-toml/issues/new?template=bug_report.md +[pkg.go.dev]: https://pkg.go.dev/github.com/pelletier/go-toml +[readme]: ./README.md +[fork]: https://help.github.com/articles/fork-a-repo +[pull-request]: https://help.github.com/en/articles/creating-a-pull-request +[releases]: https://github.com/pelletier/go-toml/releases +[new-release]: https://github.com/pelletier/go-toml/releases/new +[release-110]: https://github.com/pelletier/go-toml/releases/tag/v1.1.0 diff --git a/vendor/github.com/pelletier/go-toml/Dockerfile b/vendor/github.com/pelletier/go-toml/Dockerfile new file mode 100644 index 000000000..fffdb0166 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/Dockerfile @@ -0,0 +1,11 @@ +FROM golang:1.12-alpine3.9 as builder +WORKDIR /go/src/github.com/pelletier/go-toml +COPY . . +ENV CGO_ENABLED=0 +ENV GOOS=linux +RUN go install ./... + +FROM scratch +COPY --from=builder /go/bin/tomll /usr/bin/tomll +COPY --from=builder /go/bin/tomljson /usr/bin/tomljson +COPY --from=builder /go/bin/jsontoml /usr/bin/jsontoml diff --git a/vendor/github.com/pelletier/go-toml/LICENSE b/vendor/github.com/pelletier/go-toml/LICENSE new file mode 100644 index 000000000..f414553c2 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/LICENSE @@ -0,0 +1,247 @@ +The bulk of github.com/pelletier/go-toml is distributed under the MIT license +(see below), with the exception of localtime.go and localtime.test.go. +Those two files have been copied over from Google's civil library at revision +ed46f5086358513cf8c25f8e3f022cb838a49d66, and are distributed under the Apache +2.0 license (see below). + + +github.com/pelletier/go-toml: + + +The MIT License (MIT) + +Copyright (c) 2013 - 2021 Thomas Pelletier, Eric Anderton + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + + +localtime.go, localtime_test.go: + +Originals: + https://raw.githubusercontent.com/googleapis/google-cloud-go/ed46f5086358513cf8c25f8e3f022cb838a49d66/civil/civil.go + https://raw.githubusercontent.com/googleapis/google-cloud-go/ed46f5086358513cf8c25f8e3f022cb838a49d66/civil/civil_test.go +Changes: + * Renamed files from civil* to localtime*. + * Package changed from civil to toml. + * 'Local' prefix added to all structs. +License: + https://raw.githubusercontent.com/googleapis/google-cloud-go/ed46f5086358513cf8c25f8e3f022cb838a49d66/LICENSE + + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/pelletier/go-toml/Makefile b/vendor/github.com/pelletier/go-toml/Makefile new file mode 100644 index 000000000..9e4503aea --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/Makefile @@ -0,0 +1,29 @@ +export CGO_ENABLED=0 +go := go +go.goos ?= $(shell echo `go version`|cut -f4 -d ' '|cut -d '/' -f1) +go.goarch ?= $(shell echo `go version`|cut -f4 -d ' '|cut -d '/' -f2) + +out.tools := tomll tomljson jsontoml +out.dist := $(out.tools:=_$(go.goos)_$(go.goarch).tar.xz) +sources := $(wildcard **/*.go) + + +.PHONY: +tools: $(out.tools) + +$(out.tools): $(sources) + GOOS=$(go.goos) GOARCH=$(go.goarch) $(go) build ./cmd/$@ + +.PHONY: +dist: $(out.dist) + +$(out.dist):%_$(go.goos)_$(go.goarch).tar.xz: % + if [ "$(go.goos)" = "windows" ]; then \ + tar -cJf $@ $^.exe; \ + else \ + tar -cJf $@ $^; \ + fi + +.PHONY: +clean: + rm -rf $(out.tools) $(out.dist) diff --git a/vendor/github.com/pelletier/go-toml/PULL_REQUEST_TEMPLATE.md b/vendor/github.com/pelletier/go-toml/PULL_REQUEST_TEMPLATE.md new file mode 100644 index 000000000..041cdc4a2 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/PULL_REQUEST_TEMPLATE.md @@ -0,0 +1,5 @@ +**Issue:** add link to pelletier/go-toml issue here + +Explanation of what this pull request does. + +More detailed description of the decisions being made and the reasons why (if the patch is non-trivial). diff --git a/vendor/github.com/pelletier/go-toml/README.md b/vendor/github.com/pelletier/go-toml/README.md new file mode 100644 index 000000000..6c061712b --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/README.md @@ -0,0 +1,176 @@ +# go-toml + +Go library for the [TOML](https://toml.io/) format. + +This library supports TOML version +[v1.0.0-rc.3](https://toml.io/en/v1.0.0-rc.3) + +[![Go Reference](https://pkg.go.dev/badge/github.com/pelletier/go-toml.svg)](https://pkg.go.dev/github.com/pelletier/go-toml) +[![license](https://img.shields.io/github/license/pelletier/go-toml.svg)](https://github.com/pelletier/go-toml/blob/master/LICENSE) +[![Build Status](https://dev.azure.com/pelletierthomas/go-toml-ci/_apis/build/status/pelletier.go-toml?branchName=master)](https://dev.azure.com/pelletierthomas/go-toml-ci/_build/latest?definitionId=1&branchName=master) +[![codecov](https://codecov.io/gh/pelletier/go-toml/branch/master/graph/badge.svg)](https://codecov.io/gh/pelletier/go-toml) +[![Go Report Card](https://goreportcard.com/badge/github.com/pelletier/go-toml)](https://goreportcard.com/report/github.com/pelletier/go-toml) +[![FOSSA Status](https://app.fossa.io/api/projects/git%2Bgithub.com%2Fpelletier%2Fgo-toml.svg?type=shield)](https://app.fossa.io/projects/git%2Bgithub.com%2Fpelletier%2Fgo-toml?ref=badge_shield) + + +## Development status + +**ℹ️ Consider go-toml v2!** + +The next version of go-toml is in [active development][v2-dev], and +[nearing completion][v2-map]. + +Though technically in beta, v2 is already more tested, [fixes bugs][v1-bugs], +and [much faster][v2-bench]. If you only need reading and writing TOML documents +(majority of cases), those features are implemented and the API unlikely to +change. + +The remaining features (Document structure editing and tooling) will be added +shortly. While pull-requests are welcome on v1, no active development is +expected on it. When v2.0.0 is released, v1 will be deprecated. + +👉 [go-toml v2][v2] + +[v2]: https://github.com/pelletier/go-toml/tree/v2 +[v2-map]: https://github.com/pelletier/go-toml/discussions/506 +[v2-dev]: https://github.com/pelletier/go-toml/tree/v2 +[v1-bugs]: https://github.com/pelletier/go-toml/issues?q=is%3Aissue+is%3Aopen+label%3Av2-fixed +[v2-bench]: https://github.com/pelletier/go-toml/tree/v2#benchmarks + +## Features + +Go-toml provides the following features for using data parsed from TOML documents: + +* Load TOML documents from files and string data +* Easily navigate TOML structure using Tree +* Marshaling and unmarshaling to and from data structures +* Line & column position data for all parsed elements +* [Query support similar to JSON-Path](query/) +* Syntax errors contain line and column numbers + +## Import + +```go +import "github.com/pelletier/go-toml" +``` + +## Usage example + +Read a TOML document: + +```go +config, _ := toml.Load(` +[postgres] +user = "pelletier" +password = "mypassword"`) +// retrieve data directly +user := config.Get("postgres.user").(string) + +// or using an intermediate object +postgresConfig := config.Get("postgres").(*toml.Tree) +password := postgresConfig.Get("password").(string) +``` + +Or use Unmarshal: + +```go +type Postgres struct { + User string + Password string +} +type Config struct { + Postgres Postgres +} + +doc := []byte(` +[Postgres] +User = "pelletier" +Password = "mypassword"`) + +config := Config{} +toml.Unmarshal(doc, &config) +fmt.Println("user=", config.Postgres.User) +``` + +Or use a query: + +```go +// use a query to gather elements without walking the tree +q, _ := query.Compile("$..[user,password]") +results := q.Execute(config) +for ii, item := range results.Values() { + fmt.Printf("Query result %d: %v\n", ii, item) +} +``` + +## Documentation + +The documentation and additional examples are available at +[pkg.go.dev](https://pkg.go.dev/github.com/pelletier/go-toml). + +## Tools + +Go-toml provides three handy command line tools: + +* `tomll`: Reads TOML files and lints them. + + ``` + go install github.com/pelletier/go-toml/cmd/tomll + tomll --help + ``` +* `tomljson`: Reads a TOML file and outputs its JSON representation. + + ``` + go install github.com/pelletier/go-toml/cmd/tomljson + tomljson --help + ``` + + * `jsontoml`: Reads a JSON file and outputs a TOML representation. + + ``` + go install github.com/pelletier/go-toml/cmd/jsontoml + jsontoml --help + ``` + +### Docker image + +Those tools are also available as a Docker image from +[dockerhub](https://hub.docker.com/r/pelletier/go-toml). For example, to +use `tomljson`: + +``` +docker run -v $PWD:/workdir pelletier/go-toml tomljson /workdir/example.toml +``` + +Only master (`latest`) and tagged versions are published to dockerhub. You +can build your own image as usual: + +``` +docker build -t go-toml . +``` + +## Contribute + +Feel free to report bugs and patches using GitHub's pull requests system on +[pelletier/go-toml](https://github.com/pelletier/go-toml). Any feedback would be +much appreciated! + +### Run tests + +`go test ./...` + +### Fuzzing + +The script `./fuzz.sh` is available to +run [go-fuzz](https://github.com/dvyukov/go-fuzz) on go-toml. + +## Versioning + +Go-toml follows [Semantic Versioning](http://semver.org/). The supported version +of [TOML](https://github.com/toml-lang/toml) is indicated at the beginning of +this document. The last two major versions of Go are supported +(see [Go Release Policy](https://golang.org/doc/devel/release.html#policy)). + +## License + +The MIT License (MIT) + Apache 2.0. Read [LICENSE](LICENSE). diff --git a/vendor/github.com/pelletier/go-toml/azure-pipelines.yml b/vendor/github.com/pelletier/go-toml/azure-pipelines.yml new file mode 100644 index 000000000..4af198b4d --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/azure-pipelines.yml @@ -0,0 +1,188 @@ +trigger: +- master + +stages: +- stage: run_checks + displayName: "Check" + dependsOn: [] + jobs: + - job: fmt + displayName: "fmt" + pool: + vmImage: ubuntu-latest + steps: + - task: GoTool@0 + displayName: "Install Go 1.16" + inputs: + version: "1.16" + - task: Go@0 + displayName: "go fmt ./..." + inputs: + command: 'custom' + customCommand: 'fmt' + arguments: './...' + - job: coverage + displayName: "coverage" + pool: + vmImage: ubuntu-latest + steps: + - task: GoTool@0 + displayName: "Install Go 1.16" + inputs: + version: "1.16" + - task: Go@0 + displayName: "Generate coverage" + inputs: + command: 'test' + arguments: "-race -coverprofile=coverage.txt -covermode=atomic" + - task: Bash@3 + inputs: + targetType: 'inline' + script: 'bash <(curl -s https://codecov.io/bash) -t ${CODECOV_TOKEN}' + env: + CODECOV_TOKEN: $(CODECOV_TOKEN) + - job: benchmark + displayName: "benchmark" + pool: + vmImage: ubuntu-latest + steps: + - task: GoTool@0 + displayName: "Install Go 1.16" + inputs: + version: "1.16" + - script: echo "##vso[task.setvariable variable=PATH]${PATH}:/home/vsts/go/bin/" + - task: Bash@3 + inputs: + filePath: './benchmark.sh' + arguments: "master $(Build.Repository.Uri)" + + - job: go_unit_tests + displayName: "unit tests" + strategy: + matrix: + linux 1.16: + goVersion: '1.16' + imageName: 'ubuntu-latest' + mac 1.16: + goVersion: '1.16' + imageName: 'macOS-latest' + windows 1.16: + goVersion: '1.16' + imageName: 'windows-latest' + linux 1.15: + goVersion: '1.15' + imageName: 'ubuntu-latest' + mac 1.15: + goVersion: '1.15' + imageName: 'macOS-latest' + windows 1.15: + goVersion: '1.15' + imageName: 'windows-latest' + pool: + vmImage: $(imageName) + steps: + - task: GoTool@0 + displayName: "Install Go $(goVersion)" + inputs: + version: $(goVersion) + - task: Go@0 + displayName: "go test ./..." + inputs: + command: 'test' + arguments: './...' +- stage: build_binaries + displayName: "Build binaries" + dependsOn: run_checks + jobs: + - job: build_binary + displayName: "Build binary" + strategy: + matrix: + linux_amd64: + GOOS: linux + GOARCH: amd64 + darwin_amd64: + GOOS: darwin + GOARCH: amd64 + windows_amd64: + GOOS: windows + GOARCH: amd64 + pool: + vmImage: ubuntu-latest + steps: + - task: GoTool@0 + displayName: "Install Go" + inputs: + version: 1.16 + - task: Bash@3 + inputs: + targetType: inline + script: "make dist" + env: + go.goos: $(GOOS) + go.goarch: $(GOARCH) + - task: CopyFiles@2 + inputs: + sourceFolder: '$(Build.SourcesDirectory)' + contents: '*.tar.xz' + TargetFolder: '$(Build.ArtifactStagingDirectory)' + - task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: '$(Build.ArtifactStagingDirectory)' + artifactName: binaries +- stage: build_binaries_manifest + displayName: "Build binaries manifest" + dependsOn: build_binaries + jobs: + - job: build_manifest + displayName: "Build binaries manifest" + steps: + - task: DownloadBuildArtifacts@0 + inputs: + buildType: 'current' + downloadType: 'single' + artifactName: 'binaries' + downloadPath: '$(Build.SourcesDirectory)' + - task: Bash@3 + inputs: + targetType: inline + script: "cd binaries && sha256sum --binary *.tar.xz | tee $(Build.ArtifactStagingDirectory)/sha256sums.txt" + - task: PublishBuildArtifacts@1 + inputs: + pathtoPublish: '$(Build.ArtifactStagingDirectory)' + artifactName: manifest + +- stage: build_docker_image + displayName: "Build Docker image" + dependsOn: run_checks + jobs: + - job: build + displayName: "Build" + pool: + vmImage: ubuntu-latest + steps: + - task: Docker@2 + inputs: + command: 'build' + Dockerfile: 'Dockerfile' + buildContext: '.' + addPipelineData: false + +- stage: publish_docker_image + displayName: "Publish Docker image" + dependsOn: build_docker_image + condition: and(succeeded(), eq(variables['Build.SourceBranchName'], 'master')) + jobs: + - job: publish + displayName: "Publish" + pool: + vmImage: ubuntu-latest + steps: + - task: Docker@2 + inputs: + containerRegistry: 'DockerHub' + repository: 'pelletier/go-toml' + command: 'buildAndPush' + Dockerfile: 'Dockerfile' + buildContext: '.' + tags: 'latest' diff --git a/vendor/github.com/pelletier/go-toml/benchmark.sh b/vendor/github.com/pelletier/go-toml/benchmark.sh new file mode 100644 index 000000000..a69d3040f --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/benchmark.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +set -ex + +reference_ref=${1:-master} +reference_git=${2:-.} + +if ! `hash benchstat 2>/dev/null`; then + echo "Installing benchstat" + go get golang.org/x/perf/cmd/benchstat +fi + +tempdir=`mktemp -d /tmp/go-toml-benchmark-XXXXXX` +ref_tempdir="${tempdir}/ref" +ref_benchmark="${ref_tempdir}/benchmark-`echo -n ${reference_ref}|tr -s '/' '-'`.txt" +local_benchmark="`pwd`/benchmark-local.txt" + +echo "=== ${reference_ref} (${ref_tempdir})" +git clone ${reference_git} ${ref_tempdir} >/dev/null 2>/dev/null +pushd ${ref_tempdir} >/dev/null +git checkout ${reference_ref} >/dev/null 2>/dev/null +go test -bench=. -benchmem | tee ${ref_benchmark} +cd benchmark +go test -bench=. -benchmem | tee -a ${ref_benchmark} +popd >/dev/null + +echo "" +echo "=== local" +go test -bench=. -benchmem | tee ${local_benchmark} +cd benchmark +go test -bench=. -benchmem | tee -a ${local_benchmark} + +echo "" +echo "=== diff" +benchstat -delta-test=none ${ref_benchmark} ${local_benchmark} diff --git a/vendor/github.com/pelletier/go-toml/doc.go b/vendor/github.com/pelletier/go-toml/doc.go new file mode 100644 index 000000000..a1406a32b --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/doc.go @@ -0,0 +1,23 @@ +// Package toml is a TOML parser and manipulation library. +// +// This version supports the specification as described in +// https://github.com/toml-lang/toml/blob/master/versions/en/toml-v0.5.0.md +// +// Marshaling +// +// Go-toml can marshal and unmarshal TOML documents from and to data +// structures. +// +// TOML document as a tree +// +// Go-toml can operate on a TOML document as a tree. Use one of the Load* +// functions to parse TOML data and obtain a Tree instance, then one of its +// methods to manipulate the tree. +// +// JSONPath-like queries +// +// The package github.com/pelletier/go-toml/query implements a system +// similar to JSONPath to quickly retrieve elements of a TOML document using a +// single expression. See the package documentation for more information. +// +package toml diff --git a/vendor/github.com/pelletier/go-toml/example-crlf.toml b/vendor/github.com/pelletier/go-toml/example-crlf.toml new file mode 100644 index 000000000..780d9c68f --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/example-crlf.toml @@ -0,0 +1,30 @@ +# This is a TOML document. Boom. + +title = "TOML Example" + +[owner] +name = "Tom Preston-Werner" +organization = "GitHub" +bio = "GitHub Cofounder & CEO\nLikes tater tots and beer." +dob = 1979-05-27T07:32:00Z # First class dates? Why not? + +[database] +server = "192.168.1.1" +ports = [ 8001, 8001, 8002 ] +connection_max = 5000 +enabled = true + +[servers] + + # You can indent as you please. Tabs or spaces. TOML don't care. + [servers.alpha] + ip = "10.0.0.1" + dc = "eqdc10" + + [servers.beta] + ip = "10.0.0.2" + dc = "eqdc10" + +[clients] +data = [ ["gamma", "delta"], [1, 2] ] # just an update to make sure parsers support it +score = 4e-08 # to make sure leading zeroes in exponent parts of floats are supported \ No newline at end of file diff --git a/vendor/github.com/pelletier/go-toml/example.toml b/vendor/github.com/pelletier/go-toml/example.toml new file mode 100644 index 000000000..f45bf88b8 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/example.toml @@ -0,0 +1,30 @@ +# This is a TOML document. Boom. + +title = "TOML Example" + +[owner] +name = "Tom Preston-Werner" +organization = "GitHub" +bio = "GitHub Cofounder & CEO\nLikes tater tots and beer." +dob = 1979-05-27T07:32:00Z # First class dates? Why not? + +[database] +server = "192.168.1.1" +ports = [ 8001, 8001, 8002 ] +connection_max = 5000 +enabled = true + +[servers] + + # You can indent as you please. Tabs or spaces. TOML don't care. + [servers.alpha] + ip = "10.0.0.1" + dc = "eqdc10" + + [servers.beta] + ip = "10.0.0.2" + dc = "eqdc10" + +[clients] +data = [ ["gamma", "delta"], [1, 2] ] # just an update to make sure parsers support it +score = 4e-08 # to make sure leading zeroes in exponent parts of floats are supported \ No newline at end of file diff --git a/vendor/github.com/pelletier/go-toml/fuzz.go b/vendor/github.com/pelletier/go-toml/fuzz.go new file mode 100644 index 000000000..14570c8d3 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/fuzz.go @@ -0,0 +1,31 @@ +// +build gofuzz + +package toml + +func Fuzz(data []byte) int { + tree, err := LoadBytes(data) + if err != nil { + if tree != nil { + panic("tree must be nil if there is an error") + } + return 0 + } + + str, err := tree.ToTomlString() + if err != nil { + if str != "" { + panic(`str must be "" if there is an error`) + } + panic(err) + } + + tree, err = Load(str) + if err != nil { + if tree != nil { + panic("tree must be nil if there is an error") + } + return 0 + } + + return 1 +} diff --git a/vendor/github.com/pelletier/go-toml/fuzz.sh b/vendor/github.com/pelletier/go-toml/fuzz.sh new file mode 100644 index 000000000..3204b4c44 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/fuzz.sh @@ -0,0 +1,15 @@ +#! /bin/sh +set -eu + +go get github.com/dvyukov/go-fuzz/go-fuzz +go get github.com/dvyukov/go-fuzz/go-fuzz-build + +if [ ! -e toml-fuzz.zip ]; then + go-fuzz-build github.com/pelletier/go-toml +fi + +rm -fr fuzz +mkdir -p fuzz/corpus +cp *.toml fuzz/corpus + +go-fuzz -bin=toml-fuzz.zip -workdir=fuzz diff --git a/vendor/github.com/pelletier/go-toml/keysparsing.go b/vendor/github.com/pelletier/go-toml/keysparsing.go new file mode 100644 index 000000000..e091500b2 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/keysparsing.go @@ -0,0 +1,112 @@ +// Parsing keys handling both bare and quoted keys. + +package toml + +import ( + "errors" + "fmt" +) + +// Convert the bare key group string to an array. +// The input supports double quotation and single quotation, +// but escape sequences are not supported. Lexers must unescape them beforehand. +func parseKey(key string) ([]string, error) { + runes := []rune(key) + var groups []string + + if len(key) == 0 { + return nil, errors.New("empty key") + } + + idx := 0 + for idx < len(runes) { + for ; idx < len(runes) && isSpace(runes[idx]); idx++ { + // skip leading whitespace + } + if idx >= len(runes) { + break + } + r := runes[idx] + if isValidBareChar(r) { + // parse bare key + startIdx := idx + endIdx := -1 + idx++ + for idx < len(runes) { + r = runes[idx] + if isValidBareChar(r) { + idx++ + } else if r == '.' { + endIdx = idx + break + } else if isSpace(r) { + endIdx = idx + for ; idx < len(runes) && isSpace(runes[idx]); idx++ { + // skip trailing whitespace + } + if idx < len(runes) && runes[idx] != '.' { + return nil, fmt.Errorf("invalid key character after whitespace: %c", runes[idx]) + } + break + } else { + return nil, fmt.Errorf("invalid bare key character: %c", r) + } + } + if endIdx == -1 { + endIdx = idx + } + groups = append(groups, string(runes[startIdx:endIdx])) + } else if r == '\'' { + // parse single quoted key + idx++ + startIdx := idx + for { + if idx >= len(runes) { + return nil, fmt.Errorf("unclosed single-quoted key") + } + r = runes[idx] + if r == '\'' { + groups = append(groups, string(runes[startIdx:idx])) + idx++ + break + } + idx++ + } + } else if r == '"' { + // parse double quoted key + idx++ + startIdx := idx + for { + if idx >= len(runes) { + return nil, fmt.Errorf("unclosed double-quoted key") + } + r = runes[idx] + if r == '"' { + groups = append(groups, string(runes[startIdx:idx])) + idx++ + break + } + idx++ + } + } else if r == '.' { + idx++ + if idx >= len(runes) { + return nil, fmt.Errorf("unexpected end of key") + } + r = runes[idx] + if !isValidBareChar(r) && r != '\'' && r != '"' && r != ' ' { + return nil, fmt.Errorf("expecting key part after dot") + } + } else { + return nil, fmt.Errorf("invalid key character: %c", r) + } + } + if len(groups) == 0 { + return nil, fmt.Errorf("empty key") + } + return groups, nil +} + +func isValidBareChar(r rune) bool { + return isAlphanumeric(r) || r == '-' || isDigit(r) +} diff --git a/vendor/github.com/pelletier/go-toml/lexer.go b/vendor/github.com/pelletier/go-toml/lexer.go new file mode 100644 index 000000000..313908e3e --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/lexer.go @@ -0,0 +1,1031 @@ +// TOML lexer. +// +// Written using the principles developed by Rob Pike in +// http://www.youtube.com/watch?v=HxaD_trXwRE + +package toml + +import ( + "bytes" + "errors" + "fmt" + "strconv" + "strings" +) + +// Define state functions +type tomlLexStateFn func() tomlLexStateFn + +// Define lexer +type tomlLexer struct { + inputIdx int + input []rune // Textual source + currentTokenStart int + currentTokenStop int + tokens []token + brackets []rune + line int + col int + endbufferLine int + endbufferCol int +} + +// Basic read operations on input + +func (l *tomlLexer) read() rune { + r := l.peek() + if r == '\n' { + l.endbufferLine++ + l.endbufferCol = 1 + } else { + l.endbufferCol++ + } + l.inputIdx++ + return r +} + +func (l *tomlLexer) next() rune { + r := l.read() + + if r != eof { + l.currentTokenStop++ + } + return r +} + +func (l *tomlLexer) ignore() { + l.currentTokenStart = l.currentTokenStop + l.line = l.endbufferLine + l.col = l.endbufferCol +} + +func (l *tomlLexer) skip() { + l.next() + l.ignore() +} + +func (l *tomlLexer) fastForward(n int) { + for i := 0; i < n; i++ { + l.next() + } +} + +func (l *tomlLexer) emitWithValue(t tokenType, value string) { + l.tokens = append(l.tokens, token{ + Position: Position{l.line, l.col}, + typ: t, + val: value, + }) + l.ignore() +} + +func (l *tomlLexer) emit(t tokenType) { + l.emitWithValue(t, string(l.input[l.currentTokenStart:l.currentTokenStop])) +} + +func (l *tomlLexer) peek() rune { + if l.inputIdx >= len(l.input) { + return eof + } + return l.input[l.inputIdx] +} + +func (l *tomlLexer) peekString(size int) string { + maxIdx := len(l.input) + upperIdx := l.inputIdx + size // FIXME: potential overflow + if upperIdx > maxIdx { + upperIdx = maxIdx + } + return string(l.input[l.inputIdx:upperIdx]) +} + +func (l *tomlLexer) follow(next string) bool { + return next == l.peekString(len(next)) +} + +// Error management + +func (l *tomlLexer) errorf(format string, args ...interface{}) tomlLexStateFn { + l.tokens = append(l.tokens, token{ + Position: Position{l.line, l.col}, + typ: tokenError, + val: fmt.Sprintf(format, args...), + }) + return nil +} + +// State functions + +func (l *tomlLexer) lexVoid() tomlLexStateFn { + for { + next := l.peek() + switch next { + case '}': // after '{' + return l.lexRightCurlyBrace + case '[': + return l.lexTableKey + case '#': + return l.lexComment(l.lexVoid) + case '=': + return l.lexEqual + case '\r': + fallthrough + case '\n': + l.skip() + continue + } + + if isSpace(next) { + l.skip() + } + + if isKeyStartChar(next) { + return l.lexKey + } + + if next == eof { + l.next() + break + } + } + + l.emit(tokenEOF) + return nil +} + +func (l *tomlLexer) lexRvalue() tomlLexStateFn { + for { + next := l.peek() + switch next { + case '.': + return l.errorf("cannot start float with a dot") + case '=': + return l.lexEqual + case '[': + return l.lexLeftBracket + case ']': + return l.lexRightBracket + case '{': + return l.lexLeftCurlyBrace + case '}': + return l.lexRightCurlyBrace + case '#': + return l.lexComment(l.lexRvalue) + case '"': + return l.lexString + case '\'': + return l.lexLiteralString + case ',': + return l.lexComma + case '\r': + fallthrough + case '\n': + l.skip() + if len(l.brackets) > 0 && l.brackets[len(l.brackets)-1] == '[' { + return l.lexRvalue + } + return l.lexVoid + } + + if l.follow("true") { + return l.lexTrue + } + + if l.follow("false") { + return l.lexFalse + } + + if l.follow("inf") { + return l.lexInf + } + + if l.follow("nan") { + return l.lexNan + } + + if isSpace(next) { + l.skip() + continue + } + + if next == eof { + l.next() + break + } + + if next == '+' || next == '-' { + return l.lexNumber + } + + if isDigit(next) { + return l.lexDateTimeOrNumber + } + + return l.errorf("no value can start with %c", next) + } + + l.emit(tokenEOF) + return nil +} + +func (l *tomlLexer) lexDateTimeOrNumber() tomlLexStateFn { + // Could be either a date/time, or a digit. + // The options for date/times are: + // YYYY-... => date or date-time + // HH:... => time + // Anything else should be a number. + + lookAhead := l.peekString(5) + if len(lookAhead) < 3 { + return l.lexNumber() + } + + for idx, r := range lookAhead { + if !isDigit(r) { + if idx == 2 && r == ':' { + return l.lexDateTimeOrTime() + } + if idx == 4 && r == '-' { + return l.lexDateTimeOrTime() + } + return l.lexNumber() + } + } + return l.lexNumber() +} + +func (l *tomlLexer) lexLeftCurlyBrace() tomlLexStateFn { + l.next() + l.emit(tokenLeftCurlyBrace) + l.brackets = append(l.brackets, '{') + return l.lexVoid +} + +func (l *tomlLexer) lexRightCurlyBrace() tomlLexStateFn { + l.next() + l.emit(tokenRightCurlyBrace) + if len(l.brackets) == 0 || l.brackets[len(l.brackets)-1] != '{' { + return l.errorf("cannot have '}' here") + } + l.brackets = l.brackets[:len(l.brackets)-1] + return l.lexRvalue +} + +func (l *tomlLexer) lexDateTimeOrTime() tomlLexStateFn { + // Example matches: + // 1979-05-27T07:32:00Z + // 1979-05-27T00:32:00-07:00 + // 1979-05-27T00:32:00.999999-07:00 + // 1979-05-27 07:32:00Z + // 1979-05-27 00:32:00-07:00 + // 1979-05-27 00:32:00.999999-07:00 + // 1979-05-27T07:32:00 + // 1979-05-27T00:32:00.999999 + // 1979-05-27 07:32:00 + // 1979-05-27 00:32:00.999999 + // 1979-05-27 + // 07:32:00 + // 00:32:00.999999 + + // we already know those two are digits + l.next() + l.next() + + // Got 2 digits. At that point it could be either a time or a date(-time). + + r := l.next() + if r == ':' { + return l.lexTime() + } + + return l.lexDateTime() +} + +func (l *tomlLexer) lexDateTime() tomlLexStateFn { + // This state accepts an offset date-time, a local date-time, or a local date. + // + // v--- cursor + // 1979-05-27T07:32:00Z + // 1979-05-27T00:32:00-07:00 + // 1979-05-27T00:32:00.999999-07:00 + // 1979-05-27 07:32:00Z + // 1979-05-27 00:32:00-07:00 + // 1979-05-27 00:32:00.999999-07:00 + // 1979-05-27T07:32:00 + // 1979-05-27T00:32:00.999999 + // 1979-05-27 07:32:00 + // 1979-05-27 00:32:00.999999 + // 1979-05-27 + + // date + + // already checked by lexRvalue + l.next() // digit + l.next() // - + + for i := 0; i < 2; i++ { + r := l.next() + if !isDigit(r) { + return l.errorf("invalid month digit in date: %c", r) + } + } + + r := l.next() + if r != '-' { + return l.errorf("expected - to separate month of a date, not %c", r) + } + + for i := 0; i < 2; i++ { + r := l.next() + if !isDigit(r) { + return l.errorf("invalid day digit in date: %c", r) + } + } + + l.emit(tokenLocalDate) + + r = l.peek() + + if r == eof { + + return l.lexRvalue + } + + if r != ' ' && r != 'T' { + return l.errorf("incorrect date/time separation character: %c", r) + } + + if r == ' ' { + lookAhead := l.peekString(3)[1:] + if len(lookAhead) < 2 { + return l.lexRvalue + } + for _, r := range lookAhead { + if !isDigit(r) { + return l.lexRvalue + } + } + } + + l.skip() // skip the T or ' ' + + // time + + for i := 0; i < 2; i++ { + r := l.next() + if !isDigit(r) { + return l.errorf("invalid hour digit in time: %c", r) + } + } + + r = l.next() + if r != ':' { + return l.errorf("time hour/minute separator should be :, not %c", r) + } + + for i := 0; i < 2; i++ { + r := l.next() + if !isDigit(r) { + return l.errorf("invalid minute digit in time: %c", r) + } + } + + r = l.next() + if r != ':' { + return l.errorf("time minute/second separator should be :, not %c", r) + } + + for i := 0; i < 2; i++ { + r := l.next() + if !isDigit(r) { + return l.errorf("invalid second digit in time: %c", r) + } + } + + r = l.peek() + if r == '.' { + l.next() + r := l.next() + if !isDigit(r) { + return l.errorf("expected at least one digit in time's fraction, not %c", r) + } + + for { + r := l.peek() + if !isDigit(r) { + break + } + l.next() + } + } + + l.emit(tokenLocalTime) + + return l.lexTimeOffset + +} + +func (l *tomlLexer) lexTimeOffset() tomlLexStateFn { + // potential offset + + // Z + // -07:00 + // +07:00 + // nothing + + r := l.peek() + + if r == 'Z' { + l.next() + l.emit(tokenTimeOffset) + } else if r == '+' || r == '-' { + l.next() + + for i := 0; i < 2; i++ { + r := l.next() + if !isDigit(r) { + return l.errorf("invalid hour digit in time offset: %c", r) + } + } + + r = l.next() + if r != ':' { + return l.errorf("time offset hour/minute separator should be :, not %c", r) + } + + for i := 0; i < 2; i++ { + r := l.next() + if !isDigit(r) { + return l.errorf("invalid minute digit in time offset: %c", r) + } + } + + l.emit(tokenTimeOffset) + } + + return l.lexRvalue +} + +func (l *tomlLexer) lexTime() tomlLexStateFn { + // v--- cursor + // 07:32:00 + // 00:32:00.999999 + + for i := 0; i < 2; i++ { + r := l.next() + if !isDigit(r) { + return l.errorf("invalid minute digit in time: %c", r) + } + } + + r := l.next() + if r != ':' { + return l.errorf("time minute/second separator should be :, not %c", r) + } + + for i := 0; i < 2; i++ { + r := l.next() + if !isDigit(r) { + return l.errorf("invalid second digit in time: %c", r) + } + } + + r = l.peek() + if r == '.' { + l.next() + r := l.next() + if !isDigit(r) { + return l.errorf("expected at least one digit in time's fraction, not %c", r) + } + + for { + r := l.peek() + if !isDigit(r) { + break + } + l.next() + } + } + + l.emit(tokenLocalTime) + return l.lexRvalue + +} + +func (l *tomlLexer) lexTrue() tomlLexStateFn { + l.fastForward(4) + l.emit(tokenTrue) + return l.lexRvalue +} + +func (l *tomlLexer) lexFalse() tomlLexStateFn { + l.fastForward(5) + l.emit(tokenFalse) + return l.lexRvalue +} + +func (l *tomlLexer) lexInf() tomlLexStateFn { + l.fastForward(3) + l.emit(tokenInf) + return l.lexRvalue +} + +func (l *tomlLexer) lexNan() tomlLexStateFn { + l.fastForward(3) + l.emit(tokenNan) + return l.lexRvalue +} + +func (l *tomlLexer) lexEqual() tomlLexStateFn { + l.next() + l.emit(tokenEqual) + return l.lexRvalue +} + +func (l *tomlLexer) lexComma() tomlLexStateFn { + l.next() + l.emit(tokenComma) + if len(l.brackets) > 0 && l.brackets[len(l.brackets)-1] == '{' { + return l.lexVoid + } + return l.lexRvalue +} + +// Parse the key and emits its value without escape sequences. +// bare keys, basic string keys and literal string keys are supported. +func (l *tomlLexer) lexKey() tomlLexStateFn { + var sb strings.Builder + + for r := l.peek(); isKeyChar(r) || r == '\n' || r == '\r'; r = l.peek() { + if r == '"' { + l.next() + str, err := l.lexStringAsString(`"`, false, true) + if err != nil { + return l.errorf(err.Error()) + } + sb.WriteString("\"") + sb.WriteString(str) + sb.WriteString("\"") + l.next() + continue + } else if r == '\'' { + l.next() + str, err := l.lexLiteralStringAsString(`'`, false) + if err != nil { + return l.errorf(err.Error()) + } + sb.WriteString("'") + sb.WriteString(str) + sb.WriteString("'") + l.next() + continue + } else if r == '\n' { + return l.errorf("keys cannot contain new lines") + } else if isSpace(r) { + var str strings.Builder + str.WriteString(" ") + + // skip trailing whitespace + l.next() + for r = l.peek(); isSpace(r); r = l.peek() { + str.WriteRune(r) + l.next() + } + // break loop if not a dot + if r != '.' { + break + } + str.WriteString(".") + // skip trailing whitespace after dot + l.next() + for r = l.peek(); isSpace(r); r = l.peek() { + str.WriteRune(r) + l.next() + } + sb.WriteString(str.String()) + continue + } else if r == '.' { + // skip + } else if !isValidBareChar(r) { + return l.errorf("keys cannot contain %c character", r) + } + sb.WriteRune(r) + l.next() + } + l.emitWithValue(tokenKey, sb.String()) + return l.lexVoid +} + +func (l *tomlLexer) lexComment(previousState tomlLexStateFn) tomlLexStateFn { + return func() tomlLexStateFn { + for next := l.peek(); next != '\n' && next != eof; next = l.peek() { + if next == '\r' && l.follow("\r\n") { + break + } + l.next() + } + l.ignore() + return previousState + } +} + +func (l *tomlLexer) lexLeftBracket() tomlLexStateFn { + l.next() + l.emit(tokenLeftBracket) + l.brackets = append(l.brackets, '[') + return l.lexRvalue +} + +func (l *tomlLexer) lexLiteralStringAsString(terminator string, discardLeadingNewLine bool) (string, error) { + var sb strings.Builder + + if discardLeadingNewLine { + if l.follow("\r\n") { + l.skip() + l.skip() + } else if l.peek() == '\n' { + l.skip() + } + } + + // find end of string + for { + if l.follow(terminator) { + return sb.String(), nil + } + + next := l.peek() + if next == eof { + break + } + sb.WriteRune(l.next()) + } + + return "", errors.New("unclosed string") +} + +func (l *tomlLexer) lexLiteralString() tomlLexStateFn { + l.skip() + + // handle special case for triple-quote + terminator := "'" + discardLeadingNewLine := false + if l.follow("''") { + l.skip() + l.skip() + terminator = "'''" + discardLeadingNewLine = true + } + + str, err := l.lexLiteralStringAsString(terminator, discardLeadingNewLine) + if err != nil { + return l.errorf(err.Error()) + } + + l.emitWithValue(tokenString, str) + l.fastForward(len(terminator)) + l.ignore() + return l.lexRvalue +} + +// Lex a string and return the results as a string. +// Terminator is the substring indicating the end of the token. +// The resulting string does not include the terminator. +func (l *tomlLexer) lexStringAsString(terminator string, discardLeadingNewLine, acceptNewLines bool) (string, error) { + var sb strings.Builder + + if discardLeadingNewLine { + if l.follow("\r\n") { + l.skip() + l.skip() + } else if l.peek() == '\n' { + l.skip() + } + } + + for { + if l.follow(terminator) { + return sb.String(), nil + } + + if l.follow("\\") { + l.next() + switch l.peek() { + case '\r': + fallthrough + case '\n': + fallthrough + case '\t': + fallthrough + case ' ': + // skip all whitespace chars following backslash + for strings.ContainsRune("\r\n\t ", l.peek()) { + l.next() + } + case '"': + sb.WriteString("\"") + l.next() + case 'n': + sb.WriteString("\n") + l.next() + case 'b': + sb.WriteString("\b") + l.next() + case 'f': + sb.WriteString("\f") + l.next() + case '/': + sb.WriteString("/") + l.next() + case 't': + sb.WriteString("\t") + l.next() + case 'r': + sb.WriteString("\r") + l.next() + case '\\': + sb.WriteString("\\") + l.next() + case 'u': + l.next() + var code strings.Builder + for i := 0; i < 4; i++ { + c := l.peek() + if !isHexDigit(c) { + return "", errors.New("unfinished unicode escape") + } + l.next() + code.WriteRune(c) + } + intcode, err := strconv.ParseInt(code.String(), 16, 32) + if err != nil { + return "", errors.New("invalid unicode escape: \\u" + code.String()) + } + sb.WriteRune(rune(intcode)) + case 'U': + l.next() + var code strings.Builder + for i := 0; i < 8; i++ { + c := l.peek() + if !isHexDigit(c) { + return "", errors.New("unfinished unicode escape") + } + l.next() + code.WriteRune(c) + } + intcode, err := strconv.ParseInt(code.String(), 16, 64) + if err != nil { + return "", errors.New("invalid unicode escape: \\U" + code.String()) + } + sb.WriteRune(rune(intcode)) + default: + return "", errors.New("invalid escape sequence: \\" + string(l.peek())) + } + } else { + r := l.peek() + + if 0x00 <= r && r <= 0x1F && r != '\t' && !(acceptNewLines && (r == '\n' || r == '\r')) { + return "", fmt.Errorf("unescaped control character %U", r) + } + l.next() + sb.WriteRune(r) + } + + if l.peek() == eof { + break + } + } + + return "", errors.New("unclosed string") +} + +func (l *tomlLexer) lexString() tomlLexStateFn { + l.skip() + + // handle special case for triple-quote + terminator := `"` + discardLeadingNewLine := false + acceptNewLines := false + if l.follow(`""`) { + l.skip() + l.skip() + terminator = `"""` + discardLeadingNewLine = true + acceptNewLines = true + } + + str, err := l.lexStringAsString(terminator, discardLeadingNewLine, acceptNewLines) + if err != nil { + return l.errorf(err.Error()) + } + + l.emitWithValue(tokenString, str) + l.fastForward(len(terminator)) + l.ignore() + return l.lexRvalue +} + +func (l *tomlLexer) lexTableKey() tomlLexStateFn { + l.next() + + if l.peek() == '[' { + // token '[[' signifies an array of tables + l.next() + l.emit(tokenDoubleLeftBracket) + return l.lexInsideTableArrayKey + } + // vanilla table key + l.emit(tokenLeftBracket) + return l.lexInsideTableKey +} + +// Parse the key till "]]", but only bare keys are supported +func (l *tomlLexer) lexInsideTableArrayKey() tomlLexStateFn { + for r := l.peek(); r != eof; r = l.peek() { + switch r { + case ']': + if l.currentTokenStop > l.currentTokenStart { + l.emit(tokenKeyGroupArray) + } + l.next() + if l.peek() != ']' { + break + } + l.next() + l.emit(tokenDoubleRightBracket) + return l.lexVoid + case '[': + return l.errorf("table array key cannot contain ']'") + default: + l.next() + } + } + return l.errorf("unclosed table array key") +} + +// Parse the key till "]" but only bare keys are supported +func (l *tomlLexer) lexInsideTableKey() tomlLexStateFn { + for r := l.peek(); r != eof; r = l.peek() { + switch r { + case ']': + if l.currentTokenStop > l.currentTokenStart { + l.emit(tokenKeyGroup) + } + l.next() + l.emit(tokenRightBracket) + return l.lexVoid + case '[': + return l.errorf("table key cannot contain ']'") + default: + l.next() + } + } + return l.errorf("unclosed table key") +} + +func (l *tomlLexer) lexRightBracket() tomlLexStateFn { + l.next() + l.emit(tokenRightBracket) + if len(l.brackets) == 0 || l.brackets[len(l.brackets)-1] != '[' { + return l.errorf("cannot have ']' here") + } + l.brackets = l.brackets[:len(l.brackets)-1] + return l.lexRvalue +} + +type validRuneFn func(r rune) bool + +func isValidHexRune(r rune) bool { + return r >= 'a' && r <= 'f' || + r >= 'A' && r <= 'F' || + r >= '0' && r <= '9' || + r == '_' +} + +func isValidOctalRune(r rune) bool { + return r >= '0' && r <= '7' || r == '_' +} + +func isValidBinaryRune(r rune) bool { + return r == '0' || r == '1' || r == '_' +} + +func (l *tomlLexer) lexNumber() tomlLexStateFn { + r := l.peek() + + if r == '0' { + follow := l.peekString(2) + if len(follow) == 2 { + var isValidRune validRuneFn + switch follow[1] { + case 'x': + isValidRune = isValidHexRune + case 'o': + isValidRune = isValidOctalRune + case 'b': + isValidRune = isValidBinaryRune + default: + if follow[1] >= 'a' && follow[1] <= 'z' || follow[1] >= 'A' && follow[1] <= 'Z' { + return l.errorf("unknown number base: %s. possible options are x (hex) o (octal) b (binary)", string(follow[1])) + } + } + + if isValidRune != nil { + l.next() + l.next() + digitSeen := false + for { + next := l.peek() + if !isValidRune(next) { + break + } + digitSeen = true + l.next() + } + + if !digitSeen { + return l.errorf("number needs at least one digit") + } + + l.emit(tokenInteger) + + return l.lexRvalue + } + } + } + + if r == '+' || r == '-' { + l.next() + if l.follow("inf") { + return l.lexInf + } + if l.follow("nan") { + return l.lexNan + } + } + + pointSeen := false + expSeen := false + digitSeen := false + for { + next := l.peek() + if next == '.' { + if pointSeen { + return l.errorf("cannot have two dots in one float") + } + l.next() + if !isDigit(l.peek()) { + return l.errorf("float cannot end with a dot") + } + pointSeen = true + } else if next == 'e' || next == 'E' { + expSeen = true + l.next() + r := l.peek() + if r == '+' || r == '-' { + l.next() + } + } else if isDigit(next) { + digitSeen = true + l.next() + } else if next == '_' { + l.next() + } else { + break + } + if pointSeen && !digitSeen { + return l.errorf("cannot start float with a dot") + } + } + + if !digitSeen { + return l.errorf("no digit in that number") + } + if pointSeen || expSeen { + l.emit(tokenFloat) + } else { + l.emit(tokenInteger) + } + return l.lexRvalue +} + +func (l *tomlLexer) run() { + for state := l.lexVoid; state != nil; { + state = state() + } +} + +// Entry point +func lexToml(inputBytes []byte) []token { + runes := bytes.Runes(inputBytes) + l := &tomlLexer{ + input: runes, + tokens: make([]token, 0, 256), + line: 1, + col: 1, + endbufferLine: 1, + endbufferCol: 1, + } + l.run() + return l.tokens +} diff --git a/vendor/github.com/pelletier/go-toml/localtime.go b/vendor/github.com/pelletier/go-toml/localtime.go new file mode 100644 index 000000000..9dfe4b9e6 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/localtime.go @@ -0,0 +1,287 @@ +// Implementation of TOML's local date/time. +// +// Copied over from Google's civil to avoid pulling all the Google dependencies. +// Originals: +// https://raw.githubusercontent.com/googleapis/google-cloud-go/ed46f5086358513cf8c25f8e3f022cb838a49d66/civil/civil.go +// Changes: +// * Renamed files from civil* to localtime*. +// * Package changed from civil to toml. +// * 'Local' prefix added to all structs. +// +// Copyright 2016 Google LLC +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// Package civil implements types for civil time, a time-zone-independent +// representation of time that follows the rules of the proleptic +// Gregorian calendar with exactly 24-hour days, 60-minute hours, and 60-second +// minutes. +// +// Because they lack location information, these types do not represent unique +// moments or intervals of time. Use time.Time for that purpose. +package toml + +import ( + "fmt" + "time" +) + +// A LocalDate represents a date (year, month, day). +// +// This type does not include location information, and therefore does not +// describe a unique 24-hour timespan. +type LocalDate struct { + Year int // Year (e.g., 2014). + Month time.Month // Month of the year (January = 1, ...). + Day int // Day of the month, starting at 1. +} + +// LocalDateOf returns the LocalDate in which a time occurs in that time's location. +func LocalDateOf(t time.Time) LocalDate { + var d LocalDate + d.Year, d.Month, d.Day = t.Date() + return d +} + +// ParseLocalDate parses a string in RFC3339 full-date format and returns the date value it represents. +func ParseLocalDate(s string) (LocalDate, error) { + t, err := time.Parse("2006-01-02", s) + if err != nil { + return LocalDate{}, err + } + return LocalDateOf(t), nil +} + +// String returns the date in RFC3339 full-date format. +func (d LocalDate) String() string { + return fmt.Sprintf("%04d-%02d-%02d", d.Year, d.Month, d.Day) +} + +// IsValid reports whether the date is valid. +func (d LocalDate) IsValid() bool { + return LocalDateOf(d.In(time.UTC)) == d +} + +// In returns the time corresponding to time 00:00:00 of the date in the location. +// +// In is always consistent with time.LocalDate, even when time.LocalDate returns a time +// on a different day. For example, if loc is America/Indiana/Vincennes, then both +// time.LocalDate(1955, time.May, 1, 0, 0, 0, 0, loc) +// and +// civil.LocalDate{Year: 1955, Month: time.May, Day: 1}.In(loc) +// return 23:00:00 on April 30, 1955. +// +// In panics if loc is nil. +func (d LocalDate) In(loc *time.Location) time.Time { + return time.Date(d.Year, d.Month, d.Day, 0, 0, 0, 0, loc) +} + +// AddDays returns the date that is n days in the future. +// n can also be negative to go into the past. +func (d LocalDate) AddDays(n int) LocalDate { + return LocalDateOf(d.In(time.UTC).AddDate(0, 0, n)) +} + +// DaysSince returns the signed number of days between the date and s, not including the end day. +// This is the inverse operation to AddDays. +func (d LocalDate) DaysSince(s LocalDate) (days int) { + // We convert to Unix time so we do not have to worry about leap seconds: + // Unix time increases by exactly 86400 seconds per day. + deltaUnix := d.In(time.UTC).Unix() - s.In(time.UTC).Unix() + return int(deltaUnix / 86400) +} + +// Before reports whether d1 occurs before d2. +func (d1 LocalDate) Before(d2 LocalDate) bool { + if d1.Year != d2.Year { + return d1.Year < d2.Year + } + if d1.Month != d2.Month { + return d1.Month < d2.Month + } + return d1.Day < d2.Day +} + +// After reports whether d1 occurs after d2. +func (d1 LocalDate) After(d2 LocalDate) bool { + return d2.Before(d1) +} + +// MarshalText implements the encoding.TextMarshaler interface. +// The output is the result of d.String(). +func (d LocalDate) MarshalText() ([]byte, error) { + return []byte(d.String()), nil +} + +// UnmarshalText implements the encoding.TextUnmarshaler interface. +// The date is expected to be a string in a format accepted by ParseLocalDate. +func (d *LocalDate) UnmarshalText(data []byte) error { + var err error + *d, err = ParseLocalDate(string(data)) + return err +} + +// A LocalTime represents a time with nanosecond precision. +// +// This type does not include location information, and therefore does not +// describe a unique moment in time. +// +// This type exists to represent the TIME type in storage-based APIs like BigQuery. +// Most operations on Times are unlikely to be meaningful. Prefer the LocalDateTime type. +type LocalTime struct { + Hour int // The hour of the day in 24-hour format; range [0-23] + Minute int // The minute of the hour; range [0-59] + Second int // The second of the minute; range [0-59] + Nanosecond int // The nanosecond of the second; range [0-999999999] +} + +// LocalTimeOf returns the LocalTime representing the time of day in which a time occurs +// in that time's location. It ignores the date. +func LocalTimeOf(t time.Time) LocalTime { + var tm LocalTime + tm.Hour, tm.Minute, tm.Second = t.Clock() + tm.Nanosecond = t.Nanosecond() + return tm +} + +// ParseLocalTime parses a string and returns the time value it represents. +// ParseLocalTime accepts an extended form of the RFC3339 partial-time format. After +// the HH:MM:SS part of the string, an optional fractional part may appear, +// consisting of a decimal point followed by one to nine decimal digits. +// (RFC3339 admits only one digit after the decimal point). +func ParseLocalTime(s string) (LocalTime, error) { + t, err := time.Parse("15:04:05.999999999", s) + if err != nil { + return LocalTime{}, err + } + return LocalTimeOf(t), nil +} + +// String returns the date in the format described in ParseLocalTime. If Nanoseconds +// is zero, no fractional part will be generated. Otherwise, the result will +// end with a fractional part consisting of a decimal point and nine digits. +func (t LocalTime) String() string { + s := fmt.Sprintf("%02d:%02d:%02d", t.Hour, t.Minute, t.Second) + if t.Nanosecond == 0 { + return s + } + return s + fmt.Sprintf(".%09d", t.Nanosecond) +} + +// IsValid reports whether the time is valid. +func (t LocalTime) IsValid() bool { + // Construct a non-zero time. + tm := time.Date(2, 2, 2, t.Hour, t.Minute, t.Second, t.Nanosecond, time.UTC) + return LocalTimeOf(tm) == t +} + +// MarshalText implements the encoding.TextMarshaler interface. +// The output is the result of t.String(). +func (t LocalTime) MarshalText() ([]byte, error) { + return []byte(t.String()), nil +} + +// UnmarshalText implements the encoding.TextUnmarshaler interface. +// The time is expected to be a string in a format accepted by ParseLocalTime. +func (t *LocalTime) UnmarshalText(data []byte) error { + var err error + *t, err = ParseLocalTime(string(data)) + return err +} + +// A LocalDateTime represents a date and time. +// +// This type does not include location information, and therefore does not +// describe a unique moment in time. +type LocalDateTime struct { + Date LocalDate + Time LocalTime +} + +// Note: We deliberately do not embed LocalDate into LocalDateTime, to avoid promoting AddDays and Sub. + +// LocalDateTimeOf returns the LocalDateTime in which a time occurs in that time's location. +func LocalDateTimeOf(t time.Time) LocalDateTime { + return LocalDateTime{ + Date: LocalDateOf(t), + Time: LocalTimeOf(t), + } +} + +// ParseLocalDateTime parses a string and returns the LocalDateTime it represents. +// ParseLocalDateTime accepts a variant of the RFC3339 date-time format that omits +// the time offset but includes an optional fractional time, as described in +// ParseLocalTime. Informally, the accepted format is +// YYYY-MM-DDTHH:MM:SS[.FFFFFFFFF] +// where the 'T' may be a lower-case 't'. +func ParseLocalDateTime(s string) (LocalDateTime, error) { + t, err := time.Parse("2006-01-02T15:04:05.999999999", s) + if err != nil { + t, err = time.Parse("2006-01-02t15:04:05.999999999", s) + if err != nil { + return LocalDateTime{}, err + } + } + return LocalDateTimeOf(t), nil +} + +// String returns the date in the format described in ParseLocalDate. +func (dt LocalDateTime) String() string { + return dt.Date.String() + "T" + dt.Time.String() +} + +// IsValid reports whether the datetime is valid. +func (dt LocalDateTime) IsValid() bool { + return dt.Date.IsValid() && dt.Time.IsValid() +} + +// In returns the time corresponding to the LocalDateTime in the given location. +// +// If the time is missing or ambigous at the location, In returns the same +// result as time.LocalDate. For example, if loc is America/Indiana/Vincennes, then +// both +// time.LocalDate(1955, time.May, 1, 0, 30, 0, 0, loc) +// and +// civil.LocalDateTime{ +// civil.LocalDate{Year: 1955, Month: time.May, Day: 1}}, +// civil.LocalTime{Minute: 30}}.In(loc) +// return 23:30:00 on April 30, 1955. +// +// In panics if loc is nil. +func (dt LocalDateTime) In(loc *time.Location) time.Time { + return time.Date(dt.Date.Year, dt.Date.Month, dt.Date.Day, dt.Time.Hour, dt.Time.Minute, dt.Time.Second, dt.Time.Nanosecond, loc) +} + +// Before reports whether dt1 occurs before dt2. +func (dt1 LocalDateTime) Before(dt2 LocalDateTime) bool { + return dt1.In(time.UTC).Before(dt2.In(time.UTC)) +} + +// After reports whether dt1 occurs after dt2. +func (dt1 LocalDateTime) After(dt2 LocalDateTime) bool { + return dt2.Before(dt1) +} + +// MarshalText implements the encoding.TextMarshaler interface. +// The output is the result of dt.String(). +func (dt LocalDateTime) MarshalText() ([]byte, error) { + return []byte(dt.String()), nil +} + +// UnmarshalText implements the encoding.TextUnmarshaler interface. +// The datetime is expected to be a string in a format accepted by ParseLocalDateTime +func (dt *LocalDateTime) UnmarshalText(data []byte) error { + var err error + *dt, err = ParseLocalDateTime(string(data)) + return err +} diff --git a/vendor/github.com/pelletier/go-toml/marshal.go b/vendor/github.com/pelletier/go-toml/marshal.go new file mode 100644 index 000000000..3443c3545 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/marshal.go @@ -0,0 +1,1308 @@ +package toml + +import ( + "bytes" + "encoding" + "errors" + "fmt" + "io" + "reflect" + "sort" + "strconv" + "strings" + "time" +) + +const ( + tagFieldName = "toml" + tagFieldComment = "comment" + tagCommented = "commented" + tagMultiline = "multiline" + tagLiteral = "literal" + tagDefault = "default" +) + +type tomlOpts struct { + name string + nameFromTag bool + comment string + commented bool + multiline bool + literal bool + include bool + omitempty bool + defaultValue string +} + +type encOpts struct { + quoteMapKeys bool + arraysOneElementPerLine bool +} + +var encOptsDefaults = encOpts{ + quoteMapKeys: false, +} + +type annotation struct { + tag string + comment string + commented string + multiline string + literal string + defaultValue string +} + +var annotationDefault = annotation{ + tag: tagFieldName, + comment: tagFieldComment, + commented: tagCommented, + multiline: tagMultiline, + literal: tagLiteral, + defaultValue: tagDefault, +} + +type MarshalOrder int + +// Orders the Encoder can write the fields to the output stream. +const ( + // Sort fields alphabetically. + OrderAlphabetical MarshalOrder = iota + 1 + // Preserve the order the fields are encountered. For example, the order of fields in + // a struct. + OrderPreserve +) + +var timeType = reflect.TypeOf(time.Time{}) +var marshalerType = reflect.TypeOf(new(Marshaler)).Elem() +var unmarshalerType = reflect.TypeOf(new(Unmarshaler)).Elem() +var textMarshalerType = reflect.TypeOf(new(encoding.TextMarshaler)).Elem() +var textUnmarshalerType = reflect.TypeOf(new(encoding.TextUnmarshaler)).Elem() +var localDateType = reflect.TypeOf(LocalDate{}) +var localTimeType = reflect.TypeOf(LocalTime{}) +var localDateTimeType = reflect.TypeOf(LocalDateTime{}) +var mapStringInterfaceType = reflect.TypeOf(map[string]interface{}{}) + +// Check if the given marshal type maps to a Tree primitive +func isPrimitive(mtype reflect.Type) bool { + switch mtype.Kind() { + case reflect.Ptr: + return isPrimitive(mtype.Elem()) + case reflect.Bool: + return true + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + return true + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + return true + case reflect.Float32, reflect.Float64: + return true + case reflect.String: + return true + case reflect.Struct: + return isTimeType(mtype) + default: + return false + } +} + +func isTimeType(mtype reflect.Type) bool { + return mtype == timeType || mtype == localDateType || mtype == localDateTimeType || mtype == localTimeType +} + +// Check if the given marshal type maps to a Tree slice or array +func isTreeSequence(mtype reflect.Type) bool { + switch mtype.Kind() { + case reflect.Ptr: + return isTreeSequence(mtype.Elem()) + case reflect.Slice, reflect.Array: + return isTree(mtype.Elem()) + default: + return false + } +} + +// Check if the given marshal type maps to a slice or array of a custom marshaler type +func isCustomMarshalerSequence(mtype reflect.Type) bool { + switch mtype.Kind() { + case reflect.Ptr: + return isCustomMarshalerSequence(mtype.Elem()) + case reflect.Slice, reflect.Array: + return isCustomMarshaler(mtype.Elem()) || isCustomMarshaler(reflect.New(mtype.Elem()).Type()) + default: + return false + } +} + +// Check if the given marshal type maps to a slice or array of a text marshaler type +func isTextMarshalerSequence(mtype reflect.Type) bool { + switch mtype.Kind() { + case reflect.Ptr: + return isTextMarshalerSequence(mtype.Elem()) + case reflect.Slice, reflect.Array: + return isTextMarshaler(mtype.Elem()) || isTextMarshaler(reflect.New(mtype.Elem()).Type()) + default: + return false + } +} + +// Check if the given marshal type maps to a non-Tree slice or array +func isOtherSequence(mtype reflect.Type) bool { + switch mtype.Kind() { + case reflect.Ptr: + return isOtherSequence(mtype.Elem()) + case reflect.Slice, reflect.Array: + return !isTreeSequence(mtype) + default: + return false + } +} + +// Check if the given marshal type maps to a Tree +func isTree(mtype reflect.Type) bool { + switch mtype.Kind() { + case reflect.Ptr: + return isTree(mtype.Elem()) + case reflect.Map: + return true + case reflect.Struct: + return !isPrimitive(mtype) + default: + return false + } +} + +func isCustomMarshaler(mtype reflect.Type) bool { + return mtype.Implements(marshalerType) +} + +func callCustomMarshaler(mval reflect.Value) ([]byte, error) { + return mval.Interface().(Marshaler).MarshalTOML() +} + +func isTextMarshaler(mtype reflect.Type) bool { + return mtype.Implements(textMarshalerType) && !isTimeType(mtype) +} + +func callTextMarshaler(mval reflect.Value) ([]byte, error) { + return mval.Interface().(encoding.TextMarshaler).MarshalText() +} + +func isCustomUnmarshaler(mtype reflect.Type) bool { + return mtype.Implements(unmarshalerType) +} + +func callCustomUnmarshaler(mval reflect.Value, tval interface{}) error { + return mval.Interface().(Unmarshaler).UnmarshalTOML(tval) +} + +func isTextUnmarshaler(mtype reflect.Type) bool { + return mtype.Implements(textUnmarshalerType) +} + +func callTextUnmarshaler(mval reflect.Value, text []byte) error { + return mval.Interface().(encoding.TextUnmarshaler).UnmarshalText(text) +} + +// Marshaler is the interface implemented by types that +// can marshal themselves into valid TOML. +type Marshaler interface { + MarshalTOML() ([]byte, error) +} + +// Unmarshaler is the interface implemented by types that +// can unmarshal a TOML description of themselves. +type Unmarshaler interface { + UnmarshalTOML(interface{}) error +} + +/* +Marshal returns the TOML encoding of v. Behavior is similar to the Go json +encoder, except that there is no concept of a Marshaler interface or MarshalTOML +function for sub-structs, and currently only definite types can be marshaled +(i.e. no `interface{}`). + +The following struct annotations are supported: + + toml:"Field" Overrides the field's name to output. + omitempty When set, empty values and groups are not emitted. + comment:"comment" Emits a # comment on the same line. This supports new lines. + commented:"true" Emits the value as commented. + +Note that pointers are automatically assigned the "omitempty" option, as TOML +explicitly does not handle null values (saying instead the label should be +dropped). + +Tree structural types and corresponding marshal types: + + *Tree (*)struct, (*)map[string]interface{} + []*Tree (*)[](*)struct, (*)[](*)map[string]interface{} + []interface{} (as interface{}) (*)[]primitive, (*)[]([]interface{}) + interface{} (*)primitive + +Tree primitive types and corresponding marshal types: + + uint64 uint, uint8-uint64, pointers to same + int64 int, int8-uint64, pointers to same + float64 float32, float64, pointers to same + string string, pointers to same + bool bool, pointers to same + time.LocalTime time.LocalTime{}, pointers to same + +For additional flexibility, use the Encoder API. +*/ +func Marshal(v interface{}) ([]byte, error) { + return NewEncoder(nil).marshal(v) +} + +// Encoder writes TOML values to an output stream. +type Encoder struct { + w io.Writer + encOpts + annotation + line int + col int + order MarshalOrder + promoteAnon bool + compactComments bool + indentation string +} + +// NewEncoder returns a new encoder that writes to w. +func NewEncoder(w io.Writer) *Encoder { + return &Encoder{ + w: w, + encOpts: encOptsDefaults, + annotation: annotationDefault, + line: 0, + col: 1, + order: OrderAlphabetical, + indentation: " ", + } +} + +// Encode writes the TOML encoding of v to the stream. +// +// See the documentation for Marshal for details. +func (e *Encoder) Encode(v interface{}) error { + b, err := e.marshal(v) + if err != nil { + return err + } + if _, err := e.w.Write(b); err != nil { + return err + } + return nil +} + +// QuoteMapKeys sets up the encoder to encode +// maps with string type keys with quoted TOML keys. +// +// This relieves the character limitations on map keys. +func (e *Encoder) QuoteMapKeys(v bool) *Encoder { + e.quoteMapKeys = v + return e +} + +// ArraysWithOneElementPerLine sets up the encoder to encode arrays +// with more than one element on multiple lines instead of one. +// +// For example: +// +// A = [1,2,3] +// +// Becomes +// +// A = [ +// 1, +// 2, +// 3, +// ] +func (e *Encoder) ArraysWithOneElementPerLine(v bool) *Encoder { + e.arraysOneElementPerLine = v + return e +} + +// Order allows to change in which order fields will be written to the output stream. +func (e *Encoder) Order(ord MarshalOrder) *Encoder { + e.order = ord + return e +} + +// Indentation allows to change indentation when marshalling. +func (e *Encoder) Indentation(indent string) *Encoder { + e.indentation = indent + return e +} + +// SetTagName allows changing default tag "toml" +func (e *Encoder) SetTagName(v string) *Encoder { + e.tag = v + return e +} + +// SetTagComment allows changing default tag "comment" +func (e *Encoder) SetTagComment(v string) *Encoder { + e.comment = v + return e +} + +// SetTagCommented allows changing default tag "commented" +func (e *Encoder) SetTagCommented(v string) *Encoder { + e.commented = v + return e +} + +// SetTagMultiline allows changing default tag "multiline" +func (e *Encoder) SetTagMultiline(v string) *Encoder { + e.multiline = v + return e +} + +// PromoteAnonymous allows to change how anonymous struct fields are marshaled. +// Usually, they are marshaled as if the inner exported fields were fields in +// the outer struct. However, if an anonymous struct field is given a name in +// its TOML tag, it is treated like a regular struct field with that name. +// rather than being anonymous. +// +// In case anonymous promotion is enabled, all anonymous structs are promoted +// and treated like regular struct fields. +func (e *Encoder) PromoteAnonymous(promote bool) *Encoder { + e.promoteAnon = promote + return e +} + +// CompactComments removes the new line before each comment in the tree. +func (e *Encoder) CompactComments(cc bool) *Encoder { + e.compactComments = cc + return e +} + +func (e *Encoder) marshal(v interface{}) ([]byte, error) { + // Check if indentation is valid + for _, char := range e.indentation { + if !isSpace(char) { + return []byte{}, fmt.Errorf("invalid indentation: must only contains space or tab characters") + } + } + + mtype := reflect.TypeOf(v) + if mtype == nil { + return []byte{}, errors.New("nil cannot be marshaled to TOML") + } + + switch mtype.Kind() { + case reflect.Struct, reflect.Map: + case reflect.Ptr: + if mtype.Elem().Kind() != reflect.Struct { + return []byte{}, errors.New("Only pointer to struct can be marshaled to TOML") + } + if reflect.ValueOf(v).IsNil() { + return []byte{}, errors.New("nil pointer cannot be marshaled to TOML") + } + default: + return []byte{}, errors.New("Only a struct or map can be marshaled to TOML") + } + + sval := reflect.ValueOf(v) + if isCustomMarshaler(mtype) { + return callCustomMarshaler(sval) + } + if isTextMarshaler(mtype) { + return callTextMarshaler(sval) + } + t, err := e.valueToTree(mtype, sval) + if err != nil { + return []byte{}, err + } + + var buf bytes.Buffer + _, err = t.writeToOrdered(&buf, "", "", 0, e.arraysOneElementPerLine, e.order, e.indentation, e.compactComments, false) + + return buf.Bytes(), err +} + +// Create next tree with a position based on Encoder.line +func (e *Encoder) nextTree() *Tree { + return newTreeWithPosition(Position{Line: e.line, Col: 1}) +} + +// Convert given marshal struct or map value to toml tree +func (e *Encoder) valueToTree(mtype reflect.Type, mval reflect.Value) (*Tree, error) { + if mtype.Kind() == reflect.Ptr { + return e.valueToTree(mtype.Elem(), mval.Elem()) + } + tval := e.nextTree() + switch mtype.Kind() { + case reflect.Struct: + switch mval.Interface().(type) { + case Tree: + reflect.ValueOf(tval).Elem().Set(mval) + default: + for i := 0; i < mtype.NumField(); i++ { + mtypef, mvalf := mtype.Field(i), mval.Field(i) + opts := tomlOptions(mtypef, e.annotation) + if opts.include && ((mtypef.Type.Kind() != reflect.Interface && !opts.omitempty) || !isZero(mvalf)) { + val, err := e.valueToToml(mtypef.Type, mvalf) + if err != nil { + return nil, err + } + if tree, ok := val.(*Tree); ok && mtypef.Anonymous && !opts.nameFromTag && !e.promoteAnon { + e.appendTree(tval, tree) + } else { + val = e.wrapTomlValue(val, tval) + tval.SetPathWithOptions([]string{opts.name}, SetOptions{ + Comment: opts.comment, + Commented: opts.commented, + Multiline: opts.multiline, + Literal: opts.literal, + }, val) + } + } + } + } + case reflect.Map: + keys := mval.MapKeys() + if e.order == OrderPreserve && len(keys) > 0 { + // Sorting []reflect.Value is not straight forward. + // + // OrderPreserve will support deterministic results when string is used + // as the key to maps. + typ := keys[0].Type() + kind := keys[0].Kind() + if kind == reflect.String { + ikeys := make([]string, len(keys)) + for i := range keys { + ikeys[i] = keys[i].Interface().(string) + } + sort.Strings(ikeys) + for i := range ikeys { + keys[i] = reflect.ValueOf(ikeys[i]).Convert(typ) + } + } + } + for _, key := range keys { + mvalf := mval.MapIndex(key) + if (mtype.Elem().Kind() == reflect.Ptr || mtype.Elem().Kind() == reflect.Interface) && mvalf.IsNil() { + continue + } + val, err := e.valueToToml(mtype.Elem(), mvalf) + if err != nil { + return nil, err + } + val = e.wrapTomlValue(val, tval) + if e.quoteMapKeys { + keyStr, err := tomlValueStringRepresentation(key.String(), "", "", e.order, e.arraysOneElementPerLine) + if err != nil { + return nil, err + } + tval.SetPath([]string{keyStr}, val) + } else { + tval.SetPath([]string{key.String()}, val) + } + } + } + return tval, nil +} + +// Convert given marshal slice to slice of Toml trees +func (e *Encoder) valueToTreeSlice(mtype reflect.Type, mval reflect.Value) ([]*Tree, error) { + tval := make([]*Tree, mval.Len(), mval.Len()) + for i := 0; i < mval.Len(); i++ { + val, err := e.valueToTree(mtype.Elem(), mval.Index(i)) + if err != nil { + return nil, err + } + tval[i] = val + } + return tval, nil +} + +// Convert given marshal slice to slice of toml values +func (e *Encoder) valueToOtherSlice(mtype reflect.Type, mval reflect.Value) (interface{}, error) { + tval := make([]interface{}, mval.Len(), mval.Len()) + for i := 0; i < mval.Len(); i++ { + val, err := e.valueToToml(mtype.Elem(), mval.Index(i)) + if err != nil { + return nil, err + } + tval[i] = val + } + return tval, nil +} + +// Convert given marshal value to toml value +func (e *Encoder) valueToToml(mtype reflect.Type, mval reflect.Value) (interface{}, error) { + if mtype.Kind() == reflect.Ptr { + switch { + case isCustomMarshaler(mtype): + return callCustomMarshaler(mval) + case isTextMarshaler(mtype): + b, err := callTextMarshaler(mval) + return string(b), err + default: + return e.valueToToml(mtype.Elem(), mval.Elem()) + } + } + if mtype.Kind() == reflect.Interface { + return e.valueToToml(mval.Elem().Type(), mval.Elem()) + } + switch { + case isCustomMarshaler(mtype): + return callCustomMarshaler(mval) + case isTextMarshaler(mtype): + b, err := callTextMarshaler(mval) + return string(b), err + case isTree(mtype): + return e.valueToTree(mtype, mval) + case isOtherSequence(mtype), isCustomMarshalerSequence(mtype), isTextMarshalerSequence(mtype): + return e.valueToOtherSlice(mtype, mval) + case isTreeSequence(mtype): + return e.valueToTreeSlice(mtype, mval) + default: + switch mtype.Kind() { + case reflect.Bool: + return mval.Bool(), nil + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + if mtype.Kind() == reflect.Int64 && mtype == reflect.TypeOf(time.Duration(1)) { + return fmt.Sprint(mval), nil + } + return mval.Int(), nil + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + return mval.Uint(), nil + case reflect.Float32, reflect.Float64: + return mval.Float(), nil + case reflect.String: + return mval.String(), nil + case reflect.Struct: + return mval.Interface(), nil + default: + return nil, fmt.Errorf("Marshal can't handle %v(%v)", mtype, mtype.Kind()) + } + } +} + +func (e *Encoder) appendTree(t, o *Tree) error { + for key, value := range o.values { + if _, ok := t.values[key]; ok { + continue + } + if tomlValue, ok := value.(*tomlValue); ok { + tomlValue.position.Col = t.position.Col + } + t.values[key] = value + } + return nil +} + +// Create a toml value with the current line number as the position line +func (e *Encoder) wrapTomlValue(val interface{}, parent *Tree) interface{} { + _, isTree := val.(*Tree) + _, isTreeS := val.([]*Tree) + if isTree || isTreeS { + e.line++ + return val + } + + ret := &tomlValue{ + value: val, + position: Position{ + e.line, + parent.position.Col, + }, + } + e.line++ + return ret +} + +// Unmarshal attempts to unmarshal the Tree into a Go struct pointed by v. +// Neither Unmarshaler interfaces nor UnmarshalTOML functions are supported for +// sub-structs, and only definite types can be unmarshaled. +func (t *Tree) Unmarshal(v interface{}) error { + d := Decoder{tval: t, tagName: tagFieldName} + return d.unmarshal(v) +} + +// Marshal returns the TOML encoding of Tree. +// See Marshal() documentation for types mapping table. +func (t *Tree) Marshal() ([]byte, error) { + var buf bytes.Buffer + _, err := t.WriteTo(&buf) + if err != nil { + return nil, err + } + return buf.Bytes(), nil +} + +// Unmarshal parses the TOML-encoded data and stores the result in the value +// pointed to by v. Behavior is similar to the Go json encoder, except that there +// is no concept of an Unmarshaler interface or UnmarshalTOML function for +// sub-structs, and currently only definite types can be unmarshaled to (i.e. no +// `interface{}`). +// +// The following struct annotations are supported: +// +// toml:"Field" Overrides the field's name to map to. +// default:"foo" Provides a default value. +// +// For default values, only fields of the following types are supported: +// * string +// * bool +// * int +// * int64 +// * float64 +// +// See Marshal() documentation for types mapping table. +func Unmarshal(data []byte, v interface{}) error { + t, err := LoadReader(bytes.NewReader(data)) + if err != nil { + return err + } + return t.Unmarshal(v) +} + +// Decoder reads and decodes TOML values from an input stream. +type Decoder struct { + r io.Reader + tval *Tree + encOpts + tagName string + strict bool + visitor visitorState +} + +// NewDecoder returns a new decoder that reads from r. +func NewDecoder(r io.Reader) *Decoder { + return &Decoder{ + r: r, + encOpts: encOptsDefaults, + tagName: tagFieldName, + } +} + +// Decode reads a TOML-encoded value from it's input +// and unmarshals it in the value pointed at by v. +// +// See the documentation for Marshal for details. +func (d *Decoder) Decode(v interface{}) error { + var err error + d.tval, err = LoadReader(d.r) + if err != nil { + return err + } + return d.unmarshal(v) +} + +// SetTagName allows changing default tag "toml" +func (d *Decoder) SetTagName(v string) *Decoder { + d.tagName = v + return d +} + +// Strict allows changing to strict decoding. Any fields that are found in the +// input data and do not have a corresponding struct member cause an error. +func (d *Decoder) Strict(strict bool) *Decoder { + d.strict = strict + return d +} + +func (d *Decoder) unmarshal(v interface{}) error { + mtype := reflect.TypeOf(v) + if mtype == nil { + return errors.New("nil cannot be unmarshaled from TOML") + } + if mtype.Kind() != reflect.Ptr { + return errors.New("only a pointer to struct or map can be unmarshaled from TOML") + } + + elem := mtype.Elem() + + switch elem.Kind() { + case reflect.Struct, reflect.Map: + case reflect.Interface: + elem = mapStringInterfaceType + default: + return errors.New("only a pointer to struct or map can be unmarshaled from TOML") + } + + if reflect.ValueOf(v).IsNil() { + return errors.New("nil pointer cannot be unmarshaled from TOML") + } + + vv := reflect.ValueOf(v).Elem() + + if d.strict { + d.visitor = newVisitorState(d.tval) + } + + sval, err := d.valueFromTree(elem, d.tval, &vv) + if err != nil { + return err + } + if err := d.visitor.validate(); err != nil { + return err + } + reflect.ValueOf(v).Elem().Set(sval) + return nil +} + +// Convert toml tree to marshal struct or map, using marshal type. When mval1 +// is non-nil, merge fields into the given value instead of allocating a new one. +func (d *Decoder) valueFromTree(mtype reflect.Type, tval *Tree, mval1 *reflect.Value) (reflect.Value, error) { + if mtype.Kind() == reflect.Ptr { + return d.unwrapPointer(mtype, tval, mval1) + } + + // Check if pointer to value implements the Unmarshaler interface. + if mvalPtr := reflect.New(mtype); isCustomUnmarshaler(mvalPtr.Type()) { + d.visitor.visitAll() + + if tval == nil { + return mvalPtr.Elem(), nil + } + + if err := callCustomUnmarshaler(mvalPtr, tval.ToMap()); err != nil { + return reflect.ValueOf(nil), fmt.Errorf("unmarshal toml: %v", err) + } + return mvalPtr.Elem(), nil + } + + var mval reflect.Value + switch mtype.Kind() { + case reflect.Struct: + if mval1 != nil { + mval = *mval1 + } else { + mval = reflect.New(mtype).Elem() + } + + switch mval.Interface().(type) { + case Tree: + mval.Set(reflect.ValueOf(tval).Elem()) + default: + for i := 0; i < mtype.NumField(); i++ { + mtypef := mtype.Field(i) + an := annotation{tag: d.tagName} + opts := tomlOptions(mtypef, an) + if !opts.include { + continue + } + baseKey := opts.name + keysToTry := []string{ + baseKey, + strings.ToLower(baseKey), + strings.ToTitle(baseKey), + strings.ToLower(string(baseKey[0])) + baseKey[1:], + } + + found := false + if tval != nil { + for _, key := range keysToTry { + exists := tval.HasPath([]string{key}) + if !exists { + continue + } + + d.visitor.push(key) + val := tval.GetPath([]string{key}) + fval := mval.Field(i) + mvalf, err := d.valueFromToml(mtypef.Type, val, &fval) + if err != nil { + return mval, formatError(err, tval.GetPositionPath([]string{key})) + } + mval.Field(i).Set(mvalf) + found = true + d.visitor.pop() + break + } + } + + if !found && opts.defaultValue != "" { + mvalf := mval.Field(i) + var val interface{} + var err error + switch mvalf.Kind() { + case reflect.String: + val = opts.defaultValue + case reflect.Bool: + val, err = strconv.ParseBool(opts.defaultValue) + case reflect.Uint: + val, err = strconv.ParseUint(opts.defaultValue, 10, 0) + case reflect.Uint8: + val, err = strconv.ParseUint(opts.defaultValue, 10, 8) + case reflect.Uint16: + val, err = strconv.ParseUint(opts.defaultValue, 10, 16) + case reflect.Uint32: + val, err = strconv.ParseUint(opts.defaultValue, 10, 32) + case reflect.Uint64: + val, err = strconv.ParseUint(opts.defaultValue, 10, 64) + case reflect.Int: + val, err = strconv.ParseInt(opts.defaultValue, 10, 0) + case reflect.Int8: + val, err = strconv.ParseInt(opts.defaultValue, 10, 8) + case reflect.Int16: + val, err = strconv.ParseInt(opts.defaultValue, 10, 16) + case reflect.Int32: + val, err = strconv.ParseInt(opts.defaultValue, 10, 32) + case reflect.Int64: + // Check if the provided number has a non-numeric extension. + var hasExtension bool + if len(opts.defaultValue) > 0 { + lastChar := opts.defaultValue[len(opts.defaultValue)-1] + if lastChar < '0' || lastChar > '9' { + hasExtension = true + } + } + // If the value is a time.Duration with extension, parse as duration. + // If the value is an int64 or a time.Duration without extension, parse as number. + if hasExtension && mvalf.Type().String() == "time.Duration" { + val, err = time.ParseDuration(opts.defaultValue) + } else { + val, err = strconv.ParseInt(opts.defaultValue, 10, 64) + } + case reflect.Float32: + val, err = strconv.ParseFloat(opts.defaultValue, 32) + case reflect.Float64: + val, err = strconv.ParseFloat(opts.defaultValue, 64) + default: + return mvalf, fmt.Errorf("unsupported field type for default option") + } + + if err != nil { + return mvalf, err + } + mvalf.Set(reflect.ValueOf(val).Convert(mvalf.Type())) + } + + // save the old behavior above and try to check structs + if !found && opts.defaultValue == "" && mtypef.Type.Kind() == reflect.Struct { + tmpTval := tval + if !mtypef.Anonymous { + tmpTval = nil + } + fval := mval.Field(i) + v, err := d.valueFromTree(mtypef.Type, tmpTval, &fval) + if err != nil { + return v, err + } + mval.Field(i).Set(v) + } + } + } + case reflect.Map: + mval = reflect.MakeMap(mtype) + for _, key := range tval.Keys() { + d.visitor.push(key) + // TODO: path splits key + val := tval.GetPath([]string{key}) + mvalf, err := d.valueFromToml(mtype.Elem(), val, nil) + if err != nil { + return mval, formatError(err, tval.GetPositionPath([]string{key})) + } + mval.SetMapIndex(reflect.ValueOf(key).Convert(mtype.Key()), mvalf) + d.visitor.pop() + } + } + return mval, nil +} + +// Convert toml value to marshal struct/map slice, using marshal type +func (d *Decoder) valueFromTreeSlice(mtype reflect.Type, tval []*Tree) (reflect.Value, error) { + mval, err := makeSliceOrArray(mtype, len(tval)) + if err != nil { + return mval, err + } + + for i := 0; i < len(tval); i++ { + d.visitor.push(strconv.Itoa(i)) + val, err := d.valueFromTree(mtype.Elem(), tval[i], nil) + if err != nil { + return mval, err + } + mval.Index(i).Set(val) + d.visitor.pop() + } + return mval, nil +} + +// Convert toml value to marshal primitive slice, using marshal type +func (d *Decoder) valueFromOtherSlice(mtype reflect.Type, tval []interface{}) (reflect.Value, error) { + mval, err := makeSliceOrArray(mtype, len(tval)) + if err != nil { + return mval, err + } + + for i := 0; i < len(tval); i++ { + val, err := d.valueFromToml(mtype.Elem(), tval[i], nil) + if err != nil { + return mval, err + } + mval.Index(i).Set(val) + } + return mval, nil +} + +// Convert toml value to marshal primitive slice, using marshal type +func (d *Decoder) valueFromOtherSliceI(mtype reflect.Type, tval interface{}) (reflect.Value, error) { + val := reflect.ValueOf(tval) + length := val.Len() + + mval, err := makeSliceOrArray(mtype, length) + if err != nil { + return mval, err + } + + for i := 0; i < length; i++ { + val, err := d.valueFromToml(mtype.Elem(), val.Index(i).Interface(), nil) + if err != nil { + return mval, err + } + mval.Index(i).Set(val) + } + return mval, nil +} + +// Create a new slice or a new array with specified length +func makeSliceOrArray(mtype reflect.Type, tLength int) (reflect.Value, error) { + var mval reflect.Value + switch mtype.Kind() { + case reflect.Slice: + mval = reflect.MakeSlice(mtype, tLength, tLength) + case reflect.Array: + mval = reflect.New(reflect.ArrayOf(mtype.Len(), mtype.Elem())).Elem() + if tLength > mtype.Len() { + return mval, fmt.Errorf("unmarshal: TOML array length (%v) exceeds destination array length (%v)", tLength, mtype.Len()) + } + } + return mval, nil +} + +// Convert toml value to marshal value, using marshal type. When mval1 is non-nil +// and the given type is a struct value, merge fields into it. +func (d *Decoder) valueFromToml(mtype reflect.Type, tval interface{}, mval1 *reflect.Value) (reflect.Value, error) { + if mtype.Kind() == reflect.Ptr { + return d.unwrapPointer(mtype, tval, mval1) + } + + switch t := tval.(type) { + case *Tree: + var mval11 *reflect.Value + if mtype.Kind() == reflect.Struct { + mval11 = mval1 + } + + if isTree(mtype) { + return d.valueFromTree(mtype, t, mval11) + } + + if mtype.Kind() == reflect.Interface { + if mval1 == nil || mval1.IsNil() { + return d.valueFromTree(reflect.TypeOf(map[string]interface{}{}), t, nil) + } else { + return d.valueFromToml(mval1.Elem().Type(), t, nil) + } + } + + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to a tree", tval, tval) + case []*Tree: + if isTreeSequence(mtype) { + return d.valueFromTreeSlice(mtype, t) + } + if mtype.Kind() == reflect.Interface { + if mval1 == nil || mval1.IsNil() { + return d.valueFromTreeSlice(reflect.TypeOf([]map[string]interface{}{}), t) + } else { + ival := mval1.Elem() + return d.valueFromToml(mval1.Elem().Type(), t, &ival) + } + } + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to trees", tval, tval) + case []interface{}: + d.visitor.visit() + if isOtherSequence(mtype) { + return d.valueFromOtherSlice(mtype, t) + } + if mtype.Kind() == reflect.Interface { + if mval1 == nil || mval1.IsNil() { + return d.valueFromOtherSlice(reflect.TypeOf([]interface{}{}), t) + } else { + ival := mval1.Elem() + return d.valueFromToml(mval1.Elem().Type(), t, &ival) + } + } + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to a slice", tval, tval) + default: + d.visitor.visit() + mvalPtr := reflect.New(mtype) + + // Check if pointer to value implements the Unmarshaler interface. + if isCustomUnmarshaler(mvalPtr.Type()) { + if err := callCustomUnmarshaler(mvalPtr, tval); err != nil { + return reflect.ValueOf(nil), fmt.Errorf("unmarshal toml: %v", err) + } + return mvalPtr.Elem(), nil + } + + // Check if pointer to value implements the encoding.TextUnmarshaler. + if isTextUnmarshaler(mvalPtr.Type()) && !isTimeType(mtype) { + if err := d.unmarshalText(tval, mvalPtr); err != nil { + return reflect.ValueOf(nil), fmt.Errorf("unmarshal text: %v", err) + } + return mvalPtr.Elem(), nil + } + + switch mtype.Kind() { + case reflect.Bool, reflect.Struct: + val := reflect.ValueOf(tval) + + switch val.Type() { + case localDateType: + localDate := val.Interface().(LocalDate) + switch mtype { + case timeType: + return reflect.ValueOf(time.Date(localDate.Year, localDate.Month, localDate.Day, 0, 0, 0, 0, time.Local)), nil + } + case localDateTimeType: + localDateTime := val.Interface().(LocalDateTime) + switch mtype { + case timeType: + return reflect.ValueOf(time.Date( + localDateTime.Date.Year, + localDateTime.Date.Month, + localDateTime.Date.Day, + localDateTime.Time.Hour, + localDateTime.Time.Minute, + localDateTime.Time.Second, + localDateTime.Time.Nanosecond, + time.Local)), nil + } + } + + // if this passes for when mtype is reflect.Struct, tval is a time.LocalTime + if !val.Type().ConvertibleTo(mtype) { + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to %v", tval, tval, mtype.String()) + } + + return val.Convert(mtype), nil + case reflect.String: + val := reflect.ValueOf(tval) + // stupidly, int64 is convertible to string. So special case this. + if !val.Type().ConvertibleTo(mtype) || val.Kind() == reflect.Int64 { + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to %v", tval, tval, mtype.String()) + } + + return val.Convert(mtype), nil + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + val := reflect.ValueOf(tval) + if mtype.Kind() == reflect.Int64 && mtype == reflect.TypeOf(time.Duration(1)) && val.Kind() == reflect.String { + d, err := time.ParseDuration(val.String()) + if err != nil { + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to %v. %s", tval, tval, mtype.String(), err) + } + return reflect.ValueOf(d), nil + } + if !val.Type().ConvertibleTo(mtype) || val.Kind() == reflect.Float64 { + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to %v", tval, tval, mtype.String()) + } + if reflect.Indirect(reflect.New(mtype)).OverflowInt(val.Convert(reflect.TypeOf(int64(0))).Int()) { + return reflect.ValueOf(nil), fmt.Errorf("%v(%T) would overflow %v", tval, tval, mtype.String()) + } + + return val.Convert(mtype), nil + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr: + val := reflect.ValueOf(tval) + if !val.Type().ConvertibleTo(mtype) || val.Kind() == reflect.Float64 { + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to %v", tval, tval, mtype.String()) + } + + if val.Convert(reflect.TypeOf(int(1))).Int() < 0 { + return reflect.ValueOf(nil), fmt.Errorf("%v(%T) is negative so does not fit in %v", tval, tval, mtype.String()) + } + if reflect.Indirect(reflect.New(mtype)).OverflowUint(val.Convert(reflect.TypeOf(uint64(0))).Uint()) { + return reflect.ValueOf(nil), fmt.Errorf("%v(%T) would overflow %v", tval, tval, mtype.String()) + } + + return val.Convert(mtype), nil + case reflect.Float32, reflect.Float64: + val := reflect.ValueOf(tval) + if !val.Type().ConvertibleTo(mtype) || val.Kind() == reflect.Int64 { + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to %v", tval, tval, mtype.String()) + } + if reflect.Indirect(reflect.New(mtype)).OverflowFloat(val.Convert(reflect.TypeOf(float64(0))).Float()) { + return reflect.ValueOf(nil), fmt.Errorf("%v(%T) would overflow %v", tval, tval, mtype.String()) + } + + return val.Convert(mtype), nil + case reflect.Interface: + if mval1 == nil || mval1.IsNil() { + return reflect.ValueOf(tval), nil + } else { + ival := mval1.Elem() + return d.valueFromToml(mval1.Elem().Type(), t, &ival) + } + case reflect.Slice, reflect.Array: + if isOtherSequence(mtype) && isOtherSequence(reflect.TypeOf(t)) { + return d.valueFromOtherSliceI(mtype, t) + } + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to %v(%v)", tval, tval, mtype, mtype.Kind()) + default: + return reflect.ValueOf(nil), fmt.Errorf("Can't convert %v(%T) to %v(%v)", tval, tval, mtype, mtype.Kind()) + } + } +} + +func (d *Decoder) unwrapPointer(mtype reflect.Type, tval interface{}, mval1 *reflect.Value) (reflect.Value, error) { + var melem *reflect.Value + + if mval1 != nil && !mval1.IsNil() && (mtype.Elem().Kind() == reflect.Struct || mtype.Elem().Kind() == reflect.Interface) { + elem := mval1.Elem() + melem = &elem + } + + val, err := d.valueFromToml(mtype.Elem(), tval, melem) + if err != nil { + return reflect.ValueOf(nil), err + } + mval := reflect.New(mtype.Elem()) + mval.Elem().Set(val) + return mval, nil +} + +func (d *Decoder) unmarshalText(tval interface{}, mval reflect.Value) error { + var buf bytes.Buffer + fmt.Fprint(&buf, tval) + return callTextUnmarshaler(mval, buf.Bytes()) +} + +func tomlOptions(vf reflect.StructField, an annotation) tomlOpts { + tag := vf.Tag.Get(an.tag) + parse := strings.Split(tag, ",") + var comment string + if c := vf.Tag.Get(an.comment); c != "" { + comment = c + } + commented, _ := strconv.ParseBool(vf.Tag.Get(an.commented)) + multiline, _ := strconv.ParseBool(vf.Tag.Get(an.multiline)) + literal, _ := strconv.ParseBool(vf.Tag.Get(an.literal)) + defaultValue := vf.Tag.Get(tagDefault) + result := tomlOpts{ + name: vf.Name, + nameFromTag: false, + comment: comment, + commented: commented, + multiline: multiline, + literal: literal, + include: true, + omitempty: false, + defaultValue: defaultValue, + } + if parse[0] != "" { + if parse[0] == "-" && len(parse) == 1 { + result.include = false + } else { + result.name = strings.Trim(parse[0], " ") + result.nameFromTag = true + } + } + if vf.PkgPath != "" { + result.include = false + } + if len(parse) > 1 && strings.Trim(parse[1], " ") == "omitempty" { + result.omitempty = true + } + if vf.Type.Kind() == reflect.Ptr { + result.omitempty = true + } + return result +} + +func isZero(val reflect.Value) bool { + switch val.Type().Kind() { + case reflect.Slice, reflect.Array, reflect.Map: + return val.Len() == 0 + default: + return reflect.DeepEqual(val.Interface(), reflect.Zero(val.Type()).Interface()) + } +} + +func formatError(err error, pos Position) error { + if err.Error()[0] == '(' { // Error already contains position information + return err + } + return fmt.Errorf("%s: %s", pos, err) +} + +// visitorState keeps track of which keys were unmarshaled. +type visitorState struct { + tree *Tree + path []string + keys map[string]struct{} + active bool +} + +func newVisitorState(tree *Tree) visitorState { + path, result := []string{}, map[string]struct{}{} + insertKeys(path, result, tree) + return visitorState{ + tree: tree, + path: path[:0], + keys: result, + active: true, + } +} + +func (s *visitorState) push(key string) { + if s.active { + s.path = append(s.path, key) + } +} + +func (s *visitorState) pop() { + if s.active { + s.path = s.path[:len(s.path)-1] + } +} + +func (s *visitorState) visit() { + if s.active { + delete(s.keys, strings.Join(s.path, ".")) + } +} + +func (s *visitorState) visitAll() { + if s.active { + for k := range s.keys { + if strings.HasPrefix(k, strings.Join(s.path, ".")) { + delete(s.keys, k) + } + } + } +} + +func (s *visitorState) validate() error { + if !s.active { + return nil + } + undecoded := make([]string, 0, len(s.keys)) + for key := range s.keys { + undecoded = append(undecoded, key) + } + sort.Strings(undecoded) + if len(undecoded) > 0 { + return fmt.Errorf("undecoded keys: %q", undecoded) + } + return nil +} + +func insertKeys(path []string, m map[string]struct{}, tree *Tree) { + for k, v := range tree.values { + switch node := v.(type) { + case []*Tree: + for i, item := range node { + insertKeys(append(path, k, strconv.Itoa(i)), m, item) + } + case *Tree: + insertKeys(append(path, k), m, node) + case *tomlValue: + m[strings.Join(append(path, k), ".")] = struct{}{} + } + } +} diff --git a/vendor/github.com/pelletier/go-toml/marshal_OrderPreserve_test.toml b/vendor/github.com/pelletier/go-toml/marshal_OrderPreserve_test.toml new file mode 100644 index 000000000..792b72ed7 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/marshal_OrderPreserve_test.toml @@ -0,0 +1,39 @@ +title = "TOML Marshal Testing" + +[basic_lists] + floats = [12.3,45.6,78.9] + bools = [true,false,true] + dates = [1979-05-27T07:32:00Z,1980-05-27T07:32:00Z] + ints = [8001,8001,8002] + uints = [5002,5003] + strings = ["One","Two","Three"] + +[[subdocptrs]] + name = "Second" + +[basic_map] + one = "one" + two = "two" + +[subdoc] + + [subdoc.second] + name = "Second" + + [subdoc.first] + name = "First" + +[basic] + uint = 5001 + bool = true + float = 123.4 + float64 = 123.456782132399 + int = 5000 + string = "Bite me" + date = 1979-05-27T07:32:00Z + +[[subdoclist]] + name = "List.First" + +[[subdoclist]] + name = "List.Second" diff --git a/vendor/github.com/pelletier/go-toml/marshal_test.toml b/vendor/github.com/pelletier/go-toml/marshal_test.toml new file mode 100644 index 000000000..ba5e110bf --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/marshal_test.toml @@ -0,0 +1,39 @@ +title = "TOML Marshal Testing" + +[basic] + bool = true + date = 1979-05-27T07:32:00Z + float = 123.4 + float64 = 123.456782132399 + int = 5000 + string = "Bite me" + uint = 5001 + +[basic_lists] + bools = [true,false,true] + dates = [1979-05-27T07:32:00Z,1980-05-27T07:32:00Z] + floats = [12.3,45.6,78.9] + ints = [8001,8001,8002] + strings = ["One","Two","Three"] + uints = [5002,5003] + +[basic_map] + one = "one" + two = "two" + +[subdoc] + + [subdoc.first] + name = "First" + + [subdoc.second] + name = "Second" + +[[subdoclist]] + name = "List.First" + +[[subdoclist]] + name = "List.Second" + +[[subdocptrs]] + name = "Second" diff --git a/vendor/github.com/pelletier/go-toml/parser.go b/vendor/github.com/pelletier/go-toml/parser.go new file mode 100644 index 000000000..f5e1a44fb --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/parser.go @@ -0,0 +1,508 @@ +// TOML Parser. + +package toml + +import ( + "errors" + "fmt" + "math" + "reflect" + "strconv" + "strings" + "time" +) + +type tomlParser struct { + flowIdx int + flow []token + tree *Tree + currentTable []string + seenTableKeys []string +} + +type tomlParserStateFn func() tomlParserStateFn + +// Formats and panics an error message based on a token +func (p *tomlParser) raiseError(tok *token, msg string, args ...interface{}) { + panic(tok.Position.String() + ": " + fmt.Sprintf(msg, args...)) +} + +func (p *tomlParser) run() { + for state := p.parseStart; state != nil; { + state = state() + } +} + +func (p *tomlParser) peek() *token { + if p.flowIdx >= len(p.flow) { + return nil + } + return &p.flow[p.flowIdx] +} + +func (p *tomlParser) assume(typ tokenType) { + tok := p.getToken() + if tok == nil { + p.raiseError(tok, "was expecting token %s, but token stream is empty", tok) + } + if tok.typ != typ { + p.raiseError(tok, "was expecting token %s, but got %s instead", typ, tok) + } +} + +func (p *tomlParser) getToken() *token { + tok := p.peek() + if tok == nil { + return nil + } + p.flowIdx++ + return tok +} + +func (p *tomlParser) parseStart() tomlParserStateFn { + tok := p.peek() + + // end of stream, parsing is finished + if tok == nil { + return nil + } + + switch tok.typ { + case tokenDoubleLeftBracket: + return p.parseGroupArray + case tokenLeftBracket: + return p.parseGroup + case tokenKey: + return p.parseAssign + case tokenEOF: + return nil + case tokenError: + p.raiseError(tok, "parsing error: %s", tok.String()) + default: + p.raiseError(tok, "unexpected token %s", tok.typ) + } + return nil +} + +func (p *tomlParser) parseGroupArray() tomlParserStateFn { + startToken := p.getToken() // discard the [[ + key := p.getToken() + if key.typ != tokenKeyGroupArray { + p.raiseError(key, "unexpected token %s, was expecting a table array key", key) + } + + // get or create table array element at the indicated part in the path + keys, err := parseKey(key.val) + if err != nil { + p.raiseError(key, "invalid table array key: %s", err) + } + p.tree.createSubTree(keys[:len(keys)-1], startToken.Position) // create parent entries + destTree := p.tree.GetPath(keys) + var array []*Tree + if destTree == nil { + array = make([]*Tree, 0) + } else if target, ok := destTree.([]*Tree); ok && target != nil { + array = destTree.([]*Tree) + } else { + p.raiseError(key, "key %s is already assigned and not of type table array", key) + } + p.currentTable = keys + + // add a new tree to the end of the table array + newTree := newTree() + newTree.position = startToken.Position + array = append(array, newTree) + p.tree.SetPath(p.currentTable, array) + + // remove all keys that were children of this table array + prefix := key.val + "." + found := false + for ii := 0; ii < len(p.seenTableKeys); { + tableKey := p.seenTableKeys[ii] + if strings.HasPrefix(tableKey, prefix) { + p.seenTableKeys = append(p.seenTableKeys[:ii], p.seenTableKeys[ii+1:]...) + } else { + found = (tableKey == key.val) + ii++ + } + } + + // keep this key name from use by other kinds of assignments + if !found { + p.seenTableKeys = append(p.seenTableKeys, key.val) + } + + // move to next parser state + p.assume(tokenDoubleRightBracket) + return p.parseStart +} + +func (p *tomlParser) parseGroup() tomlParserStateFn { + startToken := p.getToken() // discard the [ + key := p.getToken() + if key.typ != tokenKeyGroup { + p.raiseError(key, "unexpected token %s, was expecting a table key", key) + } + for _, item := range p.seenTableKeys { + if item == key.val { + p.raiseError(key, "duplicated tables") + } + } + + p.seenTableKeys = append(p.seenTableKeys, key.val) + keys, err := parseKey(key.val) + if err != nil { + p.raiseError(key, "invalid table array key: %s", err) + } + if err := p.tree.createSubTree(keys, startToken.Position); err != nil { + p.raiseError(key, "%s", err) + } + destTree := p.tree.GetPath(keys) + if target, ok := destTree.(*Tree); ok && target != nil && target.inline { + p.raiseError(key, "could not re-define exist inline table or its sub-table : %s", + strings.Join(keys, ".")) + } + p.assume(tokenRightBracket) + p.currentTable = keys + return p.parseStart +} + +func (p *tomlParser) parseAssign() tomlParserStateFn { + key := p.getToken() + p.assume(tokenEqual) + + parsedKey, err := parseKey(key.val) + if err != nil { + p.raiseError(key, "invalid key: %s", err.Error()) + } + + value := p.parseRvalue() + var tableKey []string + if len(p.currentTable) > 0 { + tableKey = p.currentTable + } else { + tableKey = []string{} + } + + prefixKey := parsedKey[0 : len(parsedKey)-1] + tableKey = append(tableKey, prefixKey...) + + // find the table to assign, looking out for arrays of tables + var targetNode *Tree + switch node := p.tree.GetPath(tableKey).(type) { + case []*Tree: + targetNode = node[len(node)-1] + case *Tree: + targetNode = node + case nil: + // create intermediate + if err := p.tree.createSubTree(tableKey, key.Position); err != nil { + p.raiseError(key, "could not create intermediate group: %s", err) + } + targetNode = p.tree.GetPath(tableKey).(*Tree) + default: + p.raiseError(key, "Unknown table type for path: %s", + strings.Join(tableKey, ".")) + } + + if targetNode.inline { + p.raiseError(key, "could not add key or sub-table to exist inline table or its sub-table : %s", + strings.Join(tableKey, ".")) + } + + // assign value to the found table + keyVal := parsedKey[len(parsedKey)-1] + localKey := []string{keyVal} + finalKey := append(tableKey, keyVal) + if targetNode.GetPath(localKey) != nil { + p.raiseError(key, "The following key was defined twice: %s", + strings.Join(finalKey, ".")) + } + var toInsert interface{} + + switch value.(type) { + case *Tree, []*Tree: + toInsert = value + default: + toInsert = &tomlValue{value: value, position: key.Position} + } + targetNode.values[keyVal] = toInsert + return p.parseStart +} + +var errInvalidUnderscore = errors.New("invalid use of _ in number") + +func numberContainsInvalidUnderscore(value string) error { + // For large numbers, you may use underscores between digits to enhance + // readability. Each underscore must be surrounded by at least one digit on + // each side. + + hasBefore := false + for idx, r := range value { + if r == '_' { + if !hasBefore || idx+1 >= len(value) { + // can't end with an underscore + return errInvalidUnderscore + } + } + hasBefore = isDigit(r) + } + return nil +} + +var errInvalidUnderscoreHex = errors.New("invalid use of _ in hex number") + +func hexNumberContainsInvalidUnderscore(value string) error { + hasBefore := false + for idx, r := range value { + if r == '_' { + if !hasBefore || idx+1 >= len(value) { + // can't end with an underscore + return errInvalidUnderscoreHex + } + } + hasBefore = isHexDigit(r) + } + return nil +} + +func cleanupNumberToken(value string) string { + cleanedVal := strings.Replace(value, "_", "", -1) + return cleanedVal +} + +func (p *tomlParser) parseRvalue() interface{} { + tok := p.getToken() + if tok == nil || tok.typ == tokenEOF { + p.raiseError(tok, "expecting a value") + } + + switch tok.typ { + case tokenString: + return tok.val + case tokenTrue: + return true + case tokenFalse: + return false + case tokenInf: + if tok.val[0] == '-' { + return math.Inf(-1) + } + return math.Inf(1) + case tokenNan: + return math.NaN() + case tokenInteger: + cleanedVal := cleanupNumberToken(tok.val) + var err error + var val int64 + if len(cleanedVal) >= 3 && cleanedVal[0] == '0' { + switch cleanedVal[1] { + case 'x': + err = hexNumberContainsInvalidUnderscore(tok.val) + if err != nil { + p.raiseError(tok, "%s", err) + } + val, err = strconv.ParseInt(cleanedVal[2:], 16, 64) + case 'o': + err = numberContainsInvalidUnderscore(tok.val) + if err != nil { + p.raiseError(tok, "%s", err) + } + val, err = strconv.ParseInt(cleanedVal[2:], 8, 64) + case 'b': + err = numberContainsInvalidUnderscore(tok.val) + if err != nil { + p.raiseError(tok, "%s", err) + } + val, err = strconv.ParseInt(cleanedVal[2:], 2, 64) + default: + panic("invalid base") // the lexer should catch this first + } + } else { + err = numberContainsInvalidUnderscore(tok.val) + if err != nil { + p.raiseError(tok, "%s", err) + } + val, err = strconv.ParseInt(cleanedVal, 10, 64) + } + if err != nil { + p.raiseError(tok, "%s", err) + } + return val + case tokenFloat: + err := numberContainsInvalidUnderscore(tok.val) + if err != nil { + p.raiseError(tok, "%s", err) + } + cleanedVal := cleanupNumberToken(tok.val) + val, err := strconv.ParseFloat(cleanedVal, 64) + if err != nil { + p.raiseError(tok, "%s", err) + } + return val + case tokenLocalTime: + val, err := ParseLocalTime(tok.val) + if err != nil { + p.raiseError(tok, "%s", err) + } + return val + case tokenLocalDate: + // a local date may be followed by: + // * nothing: this is a local date + // * a local time: this is a local date-time + + next := p.peek() + if next == nil || next.typ != tokenLocalTime { + val, err := ParseLocalDate(tok.val) + if err != nil { + p.raiseError(tok, "%s", err) + } + return val + } + + localDate := tok + localTime := p.getToken() + + next = p.peek() + if next == nil || next.typ != tokenTimeOffset { + v := localDate.val + "T" + localTime.val + val, err := ParseLocalDateTime(v) + if err != nil { + p.raiseError(tok, "%s", err) + } + return val + } + + offset := p.getToken() + + layout := time.RFC3339Nano + v := localDate.val + "T" + localTime.val + offset.val + val, err := time.ParseInLocation(layout, v, time.UTC) + if err != nil { + p.raiseError(tok, "%s", err) + } + return val + case tokenLeftBracket: + return p.parseArray() + case tokenLeftCurlyBrace: + return p.parseInlineTable() + case tokenEqual: + p.raiseError(tok, "cannot have multiple equals for the same key") + case tokenError: + p.raiseError(tok, "%s", tok) + default: + panic(fmt.Errorf("unhandled token: %v", tok)) + } + + return nil +} + +func tokenIsComma(t *token) bool { + return t != nil && t.typ == tokenComma +} + +func (p *tomlParser) parseInlineTable() *Tree { + tree := newTree() + var previous *token +Loop: + for { + follow := p.peek() + if follow == nil || follow.typ == tokenEOF { + p.raiseError(follow, "unterminated inline table") + } + switch follow.typ { + case tokenRightCurlyBrace: + p.getToken() + break Loop + case tokenKey, tokenInteger, tokenString: + if !tokenIsComma(previous) && previous != nil { + p.raiseError(follow, "comma expected between fields in inline table") + } + key := p.getToken() + p.assume(tokenEqual) + + parsedKey, err := parseKey(key.val) + if err != nil { + p.raiseError(key, "invalid key: %s", err) + } + + value := p.parseRvalue() + tree.SetPath(parsedKey, value) + case tokenComma: + if tokenIsComma(previous) { + p.raiseError(follow, "need field between two commas in inline table") + } + p.getToken() + default: + p.raiseError(follow, "unexpected token type in inline table: %s", follow.String()) + } + previous = follow + } + if tokenIsComma(previous) { + p.raiseError(previous, "trailing comma at the end of inline table") + } + tree.inline = true + return tree +} + +func (p *tomlParser) parseArray() interface{} { + var array []interface{} + arrayType := reflect.TypeOf(newTree()) + for { + follow := p.peek() + if follow == nil || follow.typ == tokenEOF { + p.raiseError(follow, "unterminated array") + } + if follow.typ == tokenRightBracket { + p.getToken() + break + } + val := p.parseRvalue() + if reflect.TypeOf(val) != arrayType { + arrayType = nil + } + array = append(array, val) + follow = p.peek() + if follow == nil || follow.typ == tokenEOF { + p.raiseError(follow, "unterminated array") + } + if follow.typ != tokenRightBracket && follow.typ != tokenComma { + p.raiseError(follow, "missing comma") + } + if follow.typ == tokenComma { + p.getToken() + } + } + + // if the array is a mixed-type array or its length is 0, + // don't convert it to a table array + if len(array) <= 0 { + arrayType = nil + } + // An array of Trees is actually an array of inline + // tables, which is a shorthand for a table array. If the + // array was not converted from []interface{} to []*Tree, + // the two notations would not be equivalent. + if arrayType == reflect.TypeOf(newTree()) { + tomlArray := make([]*Tree, len(array)) + for i, v := range array { + tomlArray[i] = v.(*Tree) + } + return tomlArray + } + return array +} + +func parseToml(flow []token) *Tree { + result := newTree() + result.position = Position{1, 1} + parser := &tomlParser{ + flowIdx: 0, + flow: flow, + tree: result, + currentTable: make([]string, 0), + seenTableKeys: make([]string, 0), + } + parser.run() + return result +} diff --git a/vendor/github.com/pelletier/go-toml/position.go b/vendor/github.com/pelletier/go-toml/position.go new file mode 100644 index 000000000..c17bff87b --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/position.go @@ -0,0 +1,29 @@ +// Position support for go-toml + +package toml + +import ( + "fmt" +) + +// Position of a document element within a TOML document. +// +// Line and Col are both 1-indexed positions for the element's line number and +// column number, respectively. Values of zero or less will cause Invalid(), +// to return true. +type Position struct { + Line int // line within the document + Col int // column within the line +} + +// String representation of the position. +// Displays 1-indexed line and column numbers. +func (p Position) String() string { + return fmt.Sprintf("(%d, %d)", p.Line, p.Col) +} + +// Invalid returns whether or not the position is valid (i.e. with negative or +// null values) +func (p Position) Invalid() bool { + return p.Line <= 0 || p.Col <= 0 +} diff --git a/vendor/github.com/pelletier/go-toml/token.go b/vendor/github.com/pelletier/go-toml/token.go new file mode 100644 index 000000000..b437fdd3b --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/token.go @@ -0,0 +1,136 @@ +package toml + +import "fmt" + +// Define tokens +type tokenType int + +const ( + eof = -(iota + 1) +) + +const ( + tokenError tokenType = iota + tokenEOF + tokenComment + tokenKey + tokenString + tokenInteger + tokenTrue + tokenFalse + tokenFloat + tokenInf + tokenNan + tokenEqual + tokenLeftBracket + tokenRightBracket + tokenLeftCurlyBrace + tokenRightCurlyBrace + tokenLeftParen + tokenRightParen + tokenDoubleLeftBracket + tokenDoubleRightBracket + tokenLocalDate + tokenLocalTime + tokenTimeOffset + tokenKeyGroup + tokenKeyGroupArray + tokenComma + tokenColon + tokenDollar + tokenStar + tokenQuestion + tokenDot + tokenDotDot + tokenEOL +) + +var tokenTypeNames = []string{ + "Error", + "EOF", + "Comment", + "Key", + "String", + "Integer", + "True", + "False", + "Float", + "Inf", + "NaN", + "=", + "[", + "]", + "{", + "}", + "(", + ")", + "]]", + "[[", + "LocalDate", + "LocalTime", + "TimeOffset", + "KeyGroup", + "KeyGroupArray", + ",", + ":", + "$", + "*", + "?", + ".", + "..", + "EOL", +} + +type token struct { + Position + typ tokenType + val string +} + +func (tt tokenType) String() string { + idx := int(tt) + if idx < len(tokenTypeNames) { + return tokenTypeNames[idx] + } + return "Unknown" +} + +func (t token) String() string { + switch t.typ { + case tokenEOF: + return "EOF" + case tokenError: + return t.val + } + + return fmt.Sprintf("%q", t.val) +} + +func isSpace(r rune) bool { + return r == ' ' || r == '\t' +} + +func isAlphanumeric(r rune) bool { + return 'a' <= r && r <= 'z' || 'A' <= r && r <= 'Z' || r == '_' +} + +func isKeyChar(r rune) bool { + // Keys start with the first character that isn't whitespace or [ and end + // with the last non-whitespace character before the equals sign. Keys + // cannot contain a # character." + return !(r == '\r' || r == '\n' || r == eof || r == '=') +} + +func isKeyStartChar(r rune) bool { + return !(isSpace(r) || r == '\r' || r == '\n' || r == eof || r == '[') +} + +func isDigit(r rune) bool { + return '0' <= r && r <= '9' +} + +func isHexDigit(r rune) bool { + return isDigit(r) || + (r >= 'a' && r <= 'f') || + (r >= 'A' && r <= 'F') +} diff --git a/vendor/github.com/pelletier/go-toml/toml.go b/vendor/github.com/pelletier/go-toml/toml.go new file mode 100644 index 000000000..6d82587c4 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/toml.go @@ -0,0 +1,533 @@ +package toml + +import ( + "errors" + "fmt" + "io" + "io/ioutil" + "os" + "runtime" + "strings" +) + +type tomlValue struct { + value interface{} // string, int64, uint64, float64, bool, time.Time, [] of any of this list + comment string + commented bool + multiline bool + literal bool + position Position +} + +// Tree is the result of the parsing of a TOML file. +type Tree struct { + values map[string]interface{} // string -> *tomlValue, *Tree, []*Tree + comment string + commented bool + inline bool + position Position +} + +func newTree() *Tree { + return newTreeWithPosition(Position{}) +} + +func newTreeWithPosition(pos Position) *Tree { + return &Tree{ + values: make(map[string]interface{}), + position: pos, + } +} + +// TreeFromMap initializes a new Tree object using the given map. +func TreeFromMap(m map[string]interface{}) (*Tree, error) { + result, err := toTree(m) + if err != nil { + return nil, err + } + return result.(*Tree), nil +} + +// Position returns the position of the tree. +func (t *Tree) Position() Position { + return t.position +} + +// Has returns a boolean indicating if the given key exists. +func (t *Tree) Has(key string) bool { + if key == "" { + return false + } + return t.HasPath(strings.Split(key, ".")) +} + +// HasPath returns true if the given path of keys exists, false otherwise. +func (t *Tree) HasPath(keys []string) bool { + return t.GetPath(keys) != nil +} + +// Keys returns the keys of the toplevel tree (does not recurse). +func (t *Tree) Keys() []string { + keys := make([]string, len(t.values)) + i := 0 + for k := range t.values { + keys[i] = k + i++ + } + return keys +} + +// Get the value at key in the Tree. +// Key is a dot-separated path (e.g. a.b.c) without single/double quoted strings. +// If you need to retrieve non-bare keys, use GetPath. +// Returns nil if the path does not exist in the tree. +// If keys is of length zero, the current tree is returned. +func (t *Tree) Get(key string) interface{} { + if key == "" { + return t + } + return t.GetPath(strings.Split(key, ".")) +} + +// GetPath returns the element in the tree indicated by 'keys'. +// If keys is of length zero, the current tree is returned. +func (t *Tree) GetPath(keys []string) interface{} { + if len(keys) == 0 { + return t + } + subtree := t + for _, intermediateKey := range keys[:len(keys)-1] { + value, exists := subtree.values[intermediateKey] + if !exists { + return nil + } + switch node := value.(type) { + case *Tree: + subtree = node + case []*Tree: + // go to most recent element + if len(node) == 0 { + return nil + } + subtree = node[len(node)-1] + default: + return nil // cannot navigate through other node types + } + } + // branch based on final node type + switch node := subtree.values[keys[len(keys)-1]].(type) { + case *tomlValue: + return node.value + default: + return node + } +} + +// GetArray returns the value at key in the Tree. +// It returns []string, []int64, etc type if key has homogeneous lists +// Key is a dot-separated path (e.g. a.b.c) without single/double quoted strings. +// Returns nil if the path does not exist in the tree. +// If keys is of length zero, the current tree is returned. +func (t *Tree) GetArray(key string) interface{} { + if key == "" { + return t + } + return t.GetArrayPath(strings.Split(key, ".")) +} + +// GetArrayPath returns the element in the tree indicated by 'keys'. +// If keys is of length zero, the current tree is returned. +func (t *Tree) GetArrayPath(keys []string) interface{} { + if len(keys) == 0 { + return t + } + subtree := t + for _, intermediateKey := range keys[:len(keys)-1] { + value, exists := subtree.values[intermediateKey] + if !exists { + return nil + } + switch node := value.(type) { + case *Tree: + subtree = node + case []*Tree: + // go to most recent element + if len(node) == 0 { + return nil + } + subtree = node[len(node)-1] + default: + return nil // cannot navigate through other node types + } + } + // branch based on final node type + switch node := subtree.values[keys[len(keys)-1]].(type) { + case *tomlValue: + switch n := node.value.(type) { + case []interface{}: + return getArray(n) + default: + return node.value + } + default: + return node + } +} + +// if homogeneous array, then return slice type object over []interface{} +func getArray(n []interface{}) interface{} { + var s []string + var i64 []int64 + var f64 []float64 + var bl []bool + for _, value := range n { + switch v := value.(type) { + case string: + s = append(s, v) + case int64: + i64 = append(i64, v) + case float64: + f64 = append(f64, v) + case bool: + bl = append(bl, v) + default: + return n + } + } + if len(s) == len(n) { + return s + } else if len(i64) == len(n) { + return i64 + } else if len(f64) == len(n) { + return f64 + } else if len(bl) == len(n) { + return bl + } + return n +} + +// GetPosition returns the position of the given key. +func (t *Tree) GetPosition(key string) Position { + if key == "" { + return t.position + } + return t.GetPositionPath(strings.Split(key, ".")) +} + +// SetPositionPath sets the position of element in the tree indicated by 'keys'. +// If keys is of length zero, the current tree position is set. +func (t *Tree) SetPositionPath(keys []string, pos Position) { + if len(keys) == 0 { + t.position = pos + return + } + subtree := t + for _, intermediateKey := range keys[:len(keys)-1] { + value, exists := subtree.values[intermediateKey] + if !exists { + return + } + switch node := value.(type) { + case *Tree: + subtree = node + case []*Tree: + // go to most recent element + if len(node) == 0 { + return + } + subtree = node[len(node)-1] + default: + return + } + } + // branch based on final node type + switch node := subtree.values[keys[len(keys)-1]].(type) { + case *tomlValue: + node.position = pos + return + case *Tree: + node.position = pos + return + case []*Tree: + // go to most recent element + if len(node) == 0 { + return + } + node[len(node)-1].position = pos + return + } +} + +// GetPositionPath returns the element in the tree indicated by 'keys'. +// If keys is of length zero, the current tree is returned. +func (t *Tree) GetPositionPath(keys []string) Position { + if len(keys) == 0 { + return t.position + } + subtree := t + for _, intermediateKey := range keys[:len(keys)-1] { + value, exists := subtree.values[intermediateKey] + if !exists { + return Position{0, 0} + } + switch node := value.(type) { + case *Tree: + subtree = node + case []*Tree: + // go to most recent element + if len(node) == 0 { + return Position{0, 0} + } + subtree = node[len(node)-1] + default: + return Position{0, 0} + } + } + // branch based on final node type + switch node := subtree.values[keys[len(keys)-1]].(type) { + case *tomlValue: + return node.position + case *Tree: + return node.position + case []*Tree: + // go to most recent element + if len(node) == 0 { + return Position{0, 0} + } + return node[len(node)-1].position + default: + return Position{0, 0} + } +} + +// GetDefault works like Get but with a default value +func (t *Tree) GetDefault(key string, def interface{}) interface{} { + val := t.Get(key) + if val == nil { + return def + } + return val +} + +// SetOptions arguments are supplied to the SetWithOptions and SetPathWithOptions functions to modify marshalling behaviour. +// The default values within the struct are valid default options. +type SetOptions struct { + Comment string + Commented bool + Multiline bool + Literal bool +} + +// SetWithOptions is the same as Set, but allows you to provide formatting +// instructions to the key, that will be used by Marshal(). +func (t *Tree) SetWithOptions(key string, opts SetOptions, value interface{}) { + t.SetPathWithOptions(strings.Split(key, "."), opts, value) +} + +// SetPathWithOptions is the same as SetPath, but allows you to provide +// formatting instructions to the key, that will be reused by Marshal(). +func (t *Tree) SetPathWithOptions(keys []string, opts SetOptions, value interface{}) { + subtree := t + for i, intermediateKey := range keys[:len(keys)-1] { + nextTree, exists := subtree.values[intermediateKey] + if !exists { + nextTree = newTreeWithPosition(Position{Line: t.position.Line + i, Col: t.position.Col}) + subtree.values[intermediateKey] = nextTree // add new element here + } + switch node := nextTree.(type) { + case *Tree: + subtree = node + case []*Tree: + // go to most recent element + if len(node) == 0 { + // create element if it does not exist + node = append(node, newTreeWithPosition(Position{Line: t.position.Line + i, Col: t.position.Col})) + subtree.values[intermediateKey] = node + } + subtree = node[len(node)-1] + } + } + + var toInsert interface{} + + switch v := value.(type) { + case *Tree: + v.comment = opts.Comment + v.commented = opts.Commented + toInsert = value + case []*Tree: + for i := range v { + v[i].commented = opts.Commented + } + toInsert = value + case *tomlValue: + v.comment = opts.Comment + v.commented = opts.Commented + v.multiline = opts.Multiline + v.literal = opts.Literal + toInsert = v + default: + toInsert = &tomlValue{value: value, + comment: opts.Comment, + commented: opts.Commented, + multiline: opts.Multiline, + literal: opts.Literal, + position: Position{Line: subtree.position.Line + len(subtree.values) + 1, Col: subtree.position.Col}} + } + + subtree.values[keys[len(keys)-1]] = toInsert +} + +// Set an element in the tree. +// Key is a dot-separated path (e.g. a.b.c). +// Creates all necessary intermediate trees, if needed. +func (t *Tree) Set(key string, value interface{}) { + t.SetWithComment(key, "", false, value) +} + +// SetWithComment is the same as Set, but allows you to provide comment +// information to the key, that will be reused by Marshal(). +func (t *Tree) SetWithComment(key string, comment string, commented bool, value interface{}) { + t.SetPathWithComment(strings.Split(key, "."), comment, commented, value) +} + +// SetPath sets an element in the tree. +// Keys is an array of path elements (e.g. {"a","b","c"}). +// Creates all necessary intermediate trees, if needed. +func (t *Tree) SetPath(keys []string, value interface{}) { + t.SetPathWithComment(keys, "", false, value) +} + +// SetPathWithComment is the same as SetPath, but allows you to provide comment +// information to the key, that will be reused by Marshal(). +func (t *Tree) SetPathWithComment(keys []string, comment string, commented bool, value interface{}) { + t.SetPathWithOptions(keys, SetOptions{Comment: comment, Commented: commented}, value) +} + +// Delete removes a key from the tree. +// Key is a dot-separated path (e.g. a.b.c). +func (t *Tree) Delete(key string) error { + keys, err := parseKey(key) + if err != nil { + return err + } + return t.DeletePath(keys) +} + +// DeletePath removes a key from the tree. +// Keys is an array of path elements (e.g. {"a","b","c"}). +func (t *Tree) DeletePath(keys []string) error { + keyLen := len(keys) + if keyLen == 1 { + delete(t.values, keys[0]) + return nil + } + tree := t.GetPath(keys[:keyLen-1]) + item := keys[keyLen-1] + switch node := tree.(type) { + case *Tree: + delete(node.values, item) + return nil + } + return errors.New("no such key to delete") +} + +// createSubTree takes a tree and a key and create the necessary intermediate +// subtrees to create a subtree at that point. In-place. +// +// e.g. passing a.b.c will create (assuming tree is empty) tree[a], tree[a][b] +// and tree[a][b][c] +// +// Returns nil on success, error object on failure +func (t *Tree) createSubTree(keys []string, pos Position) error { + subtree := t + for i, intermediateKey := range keys { + nextTree, exists := subtree.values[intermediateKey] + if !exists { + tree := newTreeWithPosition(Position{Line: t.position.Line + i, Col: t.position.Col}) + tree.position = pos + tree.inline = subtree.inline + subtree.values[intermediateKey] = tree + nextTree = tree + } + + switch node := nextTree.(type) { + case []*Tree: + subtree = node[len(node)-1] + case *Tree: + subtree = node + default: + return fmt.Errorf("unknown type for path %s (%s): %T (%#v)", + strings.Join(keys, "."), intermediateKey, nextTree, nextTree) + } + } + return nil +} + +// LoadBytes creates a Tree from a []byte. +func LoadBytes(b []byte) (tree *Tree, err error) { + defer func() { + if r := recover(); r != nil { + if _, ok := r.(runtime.Error); ok { + panic(r) + } + err = errors.New(r.(string)) + } + }() + + if len(b) >= 4 && (hasUTF32BigEndianBOM4(b) || hasUTF32LittleEndianBOM4(b)) { + b = b[4:] + } else if len(b) >= 3 && hasUTF8BOM3(b) { + b = b[3:] + } else if len(b) >= 2 && (hasUTF16BigEndianBOM2(b) || hasUTF16LittleEndianBOM2(b)) { + b = b[2:] + } + + tree = parseToml(lexToml(b)) + return +} + +func hasUTF16BigEndianBOM2(b []byte) bool { + return b[0] == 0xFE && b[1] == 0xFF +} + +func hasUTF16LittleEndianBOM2(b []byte) bool { + return b[0] == 0xFF && b[1] == 0xFE +} + +func hasUTF8BOM3(b []byte) bool { + return b[0] == 0xEF && b[1] == 0xBB && b[2] == 0xBF +} + +func hasUTF32BigEndianBOM4(b []byte) bool { + return b[0] == 0x00 && b[1] == 0x00 && b[2] == 0xFE && b[3] == 0xFF +} + +func hasUTF32LittleEndianBOM4(b []byte) bool { + return b[0] == 0xFF && b[1] == 0xFE && b[2] == 0x00 && b[3] == 0x00 +} + +// LoadReader creates a Tree from any io.Reader. +func LoadReader(reader io.Reader) (tree *Tree, err error) { + inputBytes, err := ioutil.ReadAll(reader) + if err != nil { + return + } + tree, err = LoadBytes(inputBytes) + return +} + +// Load creates a Tree from a string. +func Load(content string) (tree *Tree, err error) { + return LoadBytes([]byte(content)) +} + +// LoadFile creates a Tree from a file. +func LoadFile(path string) (tree *Tree, err error) { + file, err := os.Open(path) + if err != nil { + return nil, err + } + defer file.Close() + return LoadReader(file) +} diff --git a/vendor/github.com/pelletier/go-toml/tomlpub.go b/vendor/github.com/pelletier/go-toml/tomlpub.go new file mode 100644 index 000000000..4136b4625 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/tomlpub.go @@ -0,0 +1,71 @@ +package toml + +// PubTOMLValue wrapping tomlValue in order to access all properties from outside. +type PubTOMLValue = tomlValue + +func (ptv *PubTOMLValue) Value() interface{} { + return ptv.value +} +func (ptv *PubTOMLValue) Comment() string { + return ptv.comment +} +func (ptv *PubTOMLValue) Commented() bool { + return ptv.commented +} +func (ptv *PubTOMLValue) Multiline() bool { + return ptv.multiline +} +func (ptv *PubTOMLValue) Position() Position { + return ptv.position +} + +func (ptv *PubTOMLValue) SetValue(v interface{}) { + ptv.value = v +} +func (ptv *PubTOMLValue) SetComment(s string) { + ptv.comment = s +} +func (ptv *PubTOMLValue) SetCommented(c bool) { + ptv.commented = c +} +func (ptv *PubTOMLValue) SetMultiline(m bool) { + ptv.multiline = m +} +func (ptv *PubTOMLValue) SetPosition(p Position) { + ptv.position = p +} + +// PubTree wrapping Tree in order to access all properties from outside. +type PubTree = Tree + +func (pt *PubTree) Values() map[string]interface{} { + return pt.values +} + +func (pt *PubTree) Comment() string { + return pt.comment +} + +func (pt *PubTree) Commented() bool { + return pt.commented +} + +func (pt *PubTree) Inline() bool { + return pt.inline +} + +func (pt *PubTree) SetValues(v map[string]interface{}) { + pt.values = v +} + +func (pt *PubTree) SetComment(c string) { + pt.comment = c +} + +func (pt *PubTree) SetCommented(c bool) { + pt.commented = c +} + +func (pt *PubTree) SetInline(i bool) { + pt.inline = i +} diff --git a/vendor/github.com/pelletier/go-toml/tomltree_create.go b/vendor/github.com/pelletier/go-toml/tomltree_create.go new file mode 100644 index 000000000..80353500a --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/tomltree_create.go @@ -0,0 +1,155 @@ +package toml + +import ( + "fmt" + "reflect" + "time" +) + +var kindToType = [reflect.String + 1]reflect.Type{ + reflect.Bool: reflect.TypeOf(true), + reflect.String: reflect.TypeOf(""), + reflect.Float32: reflect.TypeOf(float64(1)), + reflect.Float64: reflect.TypeOf(float64(1)), + reflect.Int: reflect.TypeOf(int64(1)), + reflect.Int8: reflect.TypeOf(int64(1)), + reflect.Int16: reflect.TypeOf(int64(1)), + reflect.Int32: reflect.TypeOf(int64(1)), + reflect.Int64: reflect.TypeOf(int64(1)), + reflect.Uint: reflect.TypeOf(uint64(1)), + reflect.Uint8: reflect.TypeOf(uint64(1)), + reflect.Uint16: reflect.TypeOf(uint64(1)), + reflect.Uint32: reflect.TypeOf(uint64(1)), + reflect.Uint64: reflect.TypeOf(uint64(1)), +} + +// typeFor returns a reflect.Type for a reflect.Kind, or nil if none is found. +// supported values: +// string, bool, int64, uint64, float64, time.Time, int, int8, int16, int32, uint, uint8, uint16, uint32, float32 +func typeFor(k reflect.Kind) reflect.Type { + if k > 0 && int(k) < len(kindToType) { + return kindToType[k] + } + return nil +} + +func simpleValueCoercion(object interface{}) (interface{}, error) { + switch original := object.(type) { + case string, bool, int64, uint64, float64, time.Time: + return original, nil + case int: + return int64(original), nil + case int8: + return int64(original), nil + case int16: + return int64(original), nil + case int32: + return int64(original), nil + case uint: + return uint64(original), nil + case uint8: + return uint64(original), nil + case uint16: + return uint64(original), nil + case uint32: + return uint64(original), nil + case float32: + return float64(original), nil + case fmt.Stringer: + return original.String(), nil + case []interface{}: + value := reflect.ValueOf(original) + length := value.Len() + arrayValue := reflect.MakeSlice(value.Type(), 0, length) + for i := 0; i < length; i++ { + val := value.Index(i).Interface() + simpleValue, err := simpleValueCoercion(val) + if err != nil { + return nil, err + } + arrayValue = reflect.Append(arrayValue, reflect.ValueOf(simpleValue)) + } + return arrayValue.Interface(), nil + default: + return nil, fmt.Errorf("cannot convert type %T to Tree", object) + } +} + +func sliceToTree(object interface{}) (interface{}, error) { + // arrays are a bit tricky, since they can represent either a + // collection of simple values, which is represented by one + // *tomlValue, or an array of tables, which is represented by an + // array of *Tree. + + // holding the assumption that this function is called from toTree only when value.Kind() is Array or Slice + value := reflect.ValueOf(object) + insideType := value.Type().Elem() + length := value.Len() + if length > 0 { + insideType = reflect.ValueOf(value.Index(0).Interface()).Type() + } + if insideType.Kind() == reflect.Map { + // this is considered as an array of tables + tablesArray := make([]*Tree, 0, length) + for i := 0; i < length; i++ { + table := value.Index(i) + tree, err := toTree(table.Interface()) + if err != nil { + return nil, err + } + tablesArray = append(tablesArray, tree.(*Tree)) + } + return tablesArray, nil + } + + sliceType := typeFor(insideType.Kind()) + if sliceType == nil { + sliceType = insideType + } + + arrayValue := reflect.MakeSlice(reflect.SliceOf(sliceType), 0, length) + + for i := 0; i < length; i++ { + val := value.Index(i).Interface() + simpleValue, err := simpleValueCoercion(val) + if err != nil { + return nil, err + } + arrayValue = reflect.Append(arrayValue, reflect.ValueOf(simpleValue)) + } + return &tomlValue{value: arrayValue.Interface(), position: Position{}}, nil +} + +func toTree(object interface{}) (interface{}, error) { + value := reflect.ValueOf(object) + + if value.Kind() == reflect.Map { + values := map[string]interface{}{} + keys := value.MapKeys() + for _, key := range keys { + if key.Kind() != reflect.String { + if _, ok := key.Interface().(string); !ok { + return nil, fmt.Errorf("map key needs to be a string, not %T (%v)", key.Interface(), key.Kind()) + } + } + + v := value.MapIndex(key) + newValue, err := toTree(v.Interface()) + if err != nil { + return nil, err + } + values[key.String()] = newValue + } + return &Tree{values: values, position: Position{}}, nil + } + + if value.Kind() == reflect.Array || value.Kind() == reflect.Slice { + return sliceToTree(object) + } + + simpleValue, err := simpleValueCoercion(object) + if err != nil { + return nil, err + } + return &tomlValue{value: simpleValue, position: Position{}}, nil +} diff --git a/vendor/github.com/pelletier/go-toml/tomltree_write.go b/vendor/github.com/pelletier/go-toml/tomltree_write.go new file mode 100644 index 000000000..c9afbdab7 --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/tomltree_write.go @@ -0,0 +1,552 @@ +package toml + +import ( + "bytes" + "fmt" + "io" + "math" + "math/big" + "reflect" + "sort" + "strconv" + "strings" + "time" +) + +type valueComplexity int + +const ( + valueSimple valueComplexity = iota + 1 + valueComplex +) + +type sortNode struct { + key string + complexity valueComplexity +} + +// Encodes a string to a TOML-compliant multi-line string value +// This function is a clone of the existing encodeTomlString function, except that whitespace characters +// are preserved. Quotation marks and backslashes are also not escaped. +func encodeMultilineTomlString(value string, commented string) string { + var b bytes.Buffer + adjacentQuoteCount := 0 + + b.WriteString(commented) + for i, rr := range value { + if rr != '"' { + adjacentQuoteCount = 0 + } else { + adjacentQuoteCount++ + } + switch rr { + case '\b': + b.WriteString(`\b`) + case '\t': + b.WriteString("\t") + case '\n': + b.WriteString("\n" + commented) + case '\f': + b.WriteString(`\f`) + case '\r': + b.WriteString("\r") + case '"': + if adjacentQuoteCount >= 3 || i == len(value)-1 { + adjacentQuoteCount = 0 + b.WriteString(`\"`) + } else { + b.WriteString(`"`) + } + case '\\': + b.WriteString(`\`) + default: + intRr := uint16(rr) + if intRr < 0x001F { + b.WriteString(fmt.Sprintf("\\u%0.4X", intRr)) + } else { + b.WriteRune(rr) + } + } + } + return b.String() +} + +// Encodes a string to a TOML-compliant string value +func encodeTomlString(value string) string { + var b bytes.Buffer + + for _, rr := range value { + switch rr { + case '\b': + b.WriteString(`\b`) + case '\t': + b.WriteString(`\t`) + case '\n': + b.WriteString(`\n`) + case '\f': + b.WriteString(`\f`) + case '\r': + b.WriteString(`\r`) + case '"': + b.WriteString(`\"`) + case '\\': + b.WriteString(`\\`) + default: + intRr := uint16(rr) + if intRr < 0x001F { + b.WriteString(fmt.Sprintf("\\u%0.4X", intRr)) + } else { + b.WriteRune(rr) + } + } + } + return b.String() +} + +func tomlTreeStringRepresentation(t *Tree, ord MarshalOrder) (string, error) { + var orderedVals []sortNode + switch ord { + case OrderPreserve: + orderedVals = sortByLines(t) + default: + orderedVals = sortAlphabetical(t) + } + + var values []string + for _, node := range orderedVals { + k := node.key + v := t.values[k] + + repr, err := tomlValueStringRepresentation(v, "", "", ord, false) + if err != nil { + return "", err + } + values = append(values, quoteKeyIfNeeded(k)+" = "+repr) + } + return "{ " + strings.Join(values, ", ") + " }", nil +} + +func tomlValueStringRepresentation(v interface{}, commented string, indent string, ord MarshalOrder, arraysOneElementPerLine bool) (string, error) { + // this interface check is added to dereference the change made in the writeTo function. + // That change was made to allow this function to see formatting options. + tv, ok := v.(*tomlValue) + if ok { + v = tv.value + } else { + tv = &tomlValue{} + } + + switch value := v.(type) { + case uint64: + return strconv.FormatUint(value, 10), nil + case int64: + return strconv.FormatInt(value, 10), nil + case float64: + // Default bit length is full 64 + bits := 64 + // Float panics if nan is used + if !math.IsNaN(value) { + // if 32 bit accuracy is enough to exactly show, use 32 + _, acc := big.NewFloat(value).Float32() + if acc == big.Exact { + bits = 32 + } + } + if math.Trunc(value) == value { + return strings.ToLower(strconv.FormatFloat(value, 'f', 1, bits)), nil + } + return strings.ToLower(strconv.FormatFloat(value, 'f', -1, bits)), nil + case string: + if tv.multiline { + if tv.literal { + b := strings.Builder{} + b.WriteString("'''\n") + b.Write([]byte(value)) + b.WriteString("\n'''") + return b.String(), nil + } else { + return "\"\"\"\n" + encodeMultilineTomlString(value, commented) + "\"\"\"", nil + } + } + return "\"" + encodeTomlString(value) + "\"", nil + case []byte: + b, _ := v.([]byte) + return string(b), nil + case bool: + if value { + return "true", nil + } + return "false", nil + case time.Time: + return value.Format(time.RFC3339), nil + case LocalDate: + return value.String(), nil + case LocalDateTime: + return value.String(), nil + case LocalTime: + return value.String(), nil + case *Tree: + return tomlTreeStringRepresentation(value, ord) + case nil: + return "", nil + } + + rv := reflect.ValueOf(v) + + if rv.Kind() == reflect.Slice { + var values []string + for i := 0; i < rv.Len(); i++ { + item := rv.Index(i).Interface() + itemRepr, err := tomlValueStringRepresentation(item, commented, indent, ord, arraysOneElementPerLine) + if err != nil { + return "", err + } + values = append(values, itemRepr) + } + if arraysOneElementPerLine && len(values) > 1 { + stringBuffer := bytes.Buffer{} + valueIndent := indent + ` ` // TODO: move that to a shared encoder state + + stringBuffer.WriteString("[\n") + + for _, value := range values { + stringBuffer.WriteString(valueIndent) + stringBuffer.WriteString(commented + value) + stringBuffer.WriteString(`,`) + stringBuffer.WriteString("\n") + } + + stringBuffer.WriteString(indent + commented + "]") + + return stringBuffer.String(), nil + } + return "[" + strings.Join(values, ", ") + "]", nil + } + return "", fmt.Errorf("unsupported value type %T: %v", v, v) +} + +func getTreeArrayLine(trees []*Tree) (line int) { + // Prevent returning 0 for empty trees + line = int(^uint(0) >> 1) + // get lowest line number >= 0 + for _, tv := range trees { + if tv.position.Line < line || line == 0 { + line = tv.position.Line + } + } + return +} + +func sortByLines(t *Tree) (vals []sortNode) { + var ( + line int + lines []int + tv *Tree + tom *tomlValue + node sortNode + ) + vals = make([]sortNode, 0) + m := make(map[int]sortNode) + + for k := range t.values { + v := t.values[k] + switch v.(type) { + case *Tree: + tv = v.(*Tree) + line = tv.position.Line + node = sortNode{key: k, complexity: valueComplex} + case []*Tree: + line = getTreeArrayLine(v.([]*Tree)) + node = sortNode{key: k, complexity: valueComplex} + default: + tom = v.(*tomlValue) + line = tom.position.Line + node = sortNode{key: k, complexity: valueSimple} + } + lines = append(lines, line) + vals = append(vals, node) + m[line] = node + } + sort.Ints(lines) + + for i, line := range lines { + vals[i] = m[line] + } + + return vals +} + +func sortAlphabetical(t *Tree) (vals []sortNode) { + var ( + node sortNode + simpVals []string + compVals []string + ) + vals = make([]sortNode, 0) + m := make(map[string]sortNode) + + for k := range t.values { + v := t.values[k] + switch v.(type) { + case *Tree, []*Tree: + node = sortNode{key: k, complexity: valueComplex} + compVals = append(compVals, node.key) + default: + node = sortNode{key: k, complexity: valueSimple} + simpVals = append(simpVals, node.key) + } + vals = append(vals, node) + m[node.key] = node + } + + // Simples first to match previous implementation + sort.Strings(simpVals) + i := 0 + for _, key := range simpVals { + vals[i] = m[key] + i++ + } + + sort.Strings(compVals) + for _, key := range compVals { + vals[i] = m[key] + i++ + } + + return vals +} + +func (t *Tree) writeTo(w io.Writer, indent, keyspace string, bytesCount int64, arraysOneElementPerLine bool) (int64, error) { + return t.writeToOrdered(w, indent, keyspace, bytesCount, arraysOneElementPerLine, OrderAlphabetical, " ", false, false) +} + +func (t *Tree) writeToOrdered(w io.Writer, indent, keyspace string, bytesCount int64, arraysOneElementPerLine bool, ord MarshalOrder, indentString string, compactComments, parentCommented bool) (int64, error) { + var orderedVals []sortNode + + switch ord { + case OrderPreserve: + orderedVals = sortByLines(t) + default: + orderedVals = sortAlphabetical(t) + } + + for _, node := range orderedVals { + switch node.complexity { + case valueComplex: + k := node.key + v := t.values[k] + + combinedKey := quoteKeyIfNeeded(k) + if keyspace != "" { + combinedKey = keyspace + "." + combinedKey + } + + switch node := v.(type) { + // node has to be of those two types given how keys are sorted above + case *Tree: + tv, ok := t.values[k].(*Tree) + if !ok { + return bytesCount, fmt.Errorf("invalid value type at %s: %T", k, t.values[k]) + } + if tv.comment != "" { + comment := strings.Replace(tv.comment, "\n", "\n"+indent+"#", -1) + start := "# " + if strings.HasPrefix(comment, "#") { + start = "" + } + writtenBytesCountComment, errc := writeStrings(w, "\n", indent, start, comment) + bytesCount += int64(writtenBytesCountComment) + if errc != nil { + return bytesCount, errc + } + } + + var commented string + if parentCommented || t.commented || tv.commented { + commented = "# " + } + writtenBytesCount, err := writeStrings(w, "\n", indent, commented, "[", combinedKey, "]\n") + bytesCount += int64(writtenBytesCount) + if err != nil { + return bytesCount, err + } + bytesCount, err = node.writeToOrdered(w, indent+indentString, combinedKey, bytesCount, arraysOneElementPerLine, ord, indentString, compactComments, parentCommented || t.commented || tv.commented) + if err != nil { + return bytesCount, err + } + case []*Tree: + for _, subTree := range node { + var commented string + if parentCommented || t.commented || subTree.commented { + commented = "# " + } + writtenBytesCount, err := writeStrings(w, "\n", indent, commented, "[[", combinedKey, "]]\n") + bytesCount += int64(writtenBytesCount) + if err != nil { + return bytesCount, err + } + + bytesCount, err = subTree.writeToOrdered(w, indent+indentString, combinedKey, bytesCount, arraysOneElementPerLine, ord, indentString, compactComments, parentCommented || t.commented || subTree.commented) + if err != nil { + return bytesCount, err + } + } + } + default: // Simple + k := node.key + v, ok := t.values[k].(*tomlValue) + if !ok { + return bytesCount, fmt.Errorf("invalid value type at %s: %T", k, t.values[k]) + } + + var commented string + if parentCommented || t.commented || v.commented { + commented = "# " + } + repr, err := tomlValueStringRepresentation(v, commented, indent, ord, arraysOneElementPerLine) + if err != nil { + return bytesCount, err + } + + if v.comment != "" { + comment := strings.Replace(v.comment, "\n", "\n"+indent+"#", -1) + start := "# " + if strings.HasPrefix(comment, "#") { + start = "" + } + if !compactComments { + writtenBytesCountComment, errc := writeStrings(w, "\n") + bytesCount += int64(writtenBytesCountComment) + if errc != nil { + return bytesCount, errc + } + } + writtenBytesCountComment, errc := writeStrings(w, indent, start, comment, "\n") + bytesCount += int64(writtenBytesCountComment) + if errc != nil { + return bytesCount, errc + } + } + + quotedKey := quoteKeyIfNeeded(k) + writtenBytesCount, err := writeStrings(w, indent, commented, quotedKey, " = ", repr, "\n") + bytesCount += int64(writtenBytesCount) + if err != nil { + return bytesCount, err + } + } + } + + return bytesCount, nil +} + +// quote a key if it does not fit the bare key format (A-Za-z0-9_-) +// quoted keys use the same rules as strings +func quoteKeyIfNeeded(k string) string { + // when encoding a map with the 'quoteMapKeys' option enabled, the tree will contain + // keys that have already been quoted. + // not an ideal situation, but good enough of a stop gap. + if len(k) >= 2 && k[0] == '"' && k[len(k)-1] == '"' { + return k + } + isBare := true + for _, r := range k { + if !isValidBareChar(r) { + isBare = false + break + } + } + if isBare { + return k + } + return quoteKey(k) +} + +func quoteKey(k string) string { + return "\"" + encodeTomlString(k) + "\"" +} + +func writeStrings(w io.Writer, s ...string) (int, error) { + var n int + for i := range s { + b, err := io.WriteString(w, s[i]) + n += b + if err != nil { + return n, err + } + } + return n, nil +} + +// WriteTo encode the Tree as Toml and writes it to the writer w. +// Returns the number of bytes written in case of success, or an error if anything happened. +func (t *Tree) WriteTo(w io.Writer) (int64, error) { + return t.writeTo(w, "", "", 0, false) +} + +// ToTomlString generates a human-readable representation of the current tree. +// Output spans multiple lines, and is suitable for ingest by a TOML parser. +// If the conversion cannot be performed, ToString returns a non-nil error. +func (t *Tree) ToTomlString() (string, error) { + b, err := t.Marshal() + if err != nil { + return "", err + } + return string(b), nil +} + +// String generates a human-readable representation of the current tree. +// Alias of ToString. Present to implement the fmt.Stringer interface. +func (t *Tree) String() string { + result, _ := t.ToTomlString() + return result +} + +// ToMap recursively generates a representation of the tree using Go built-in structures. +// The following types are used: +// +// * bool +// * float64 +// * int64 +// * string +// * uint64 +// * time.Time +// * map[string]interface{} (where interface{} is any of this list) +// * []interface{} (where interface{} is any of this list) +func (t *Tree) ToMap() map[string]interface{} { + result := map[string]interface{}{} + + for k, v := range t.values { + switch node := v.(type) { + case []*Tree: + var array []interface{} + for _, item := range node { + array = append(array, item.ToMap()) + } + result[k] = array + case *Tree: + result[k] = node.ToMap() + case *tomlValue: + result[k] = tomlValueToGo(node.value) + } + } + return result +} + +func tomlValueToGo(v interface{}) interface{} { + if tree, ok := v.(*Tree); ok { + return tree.ToMap() + } + + rv := reflect.ValueOf(v) + + if rv.Kind() != reflect.Slice { + return v + } + values := make([]interface{}, rv.Len()) + for i := 0; i < rv.Len(); i++ { + item := rv.Index(i).Interface() + values[i] = tomlValueToGo(item) + } + return values +} diff --git a/vendor/github.com/pelletier/go-toml/tomltree_writepub.go b/vendor/github.com/pelletier/go-toml/tomltree_writepub.go new file mode 100644 index 000000000..fa326308c --- /dev/null +++ b/vendor/github.com/pelletier/go-toml/tomltree_writepub.go @@ -0,0 +1,6 @@ +package toml + +// ValueStringRepresentation transforms an interface{} value into its toml string representation. +func ValueStringRepresentation(v interface{}, commented string, indent string, ord MarshalOrder, arraysOneElementPerLine bool) (string, error) { + return tomlValueStringRepresentation(v, commented, indent, ord, arraysOneElementPerLine) +} diff --git a/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go b/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go index 1514f9c5f..a3f887e00 100644 --- a/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go +++ b/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go @@ -3,13 +3,13 @@ package publicsuffix -const defaultListVersion = "PSL version 598c63 (Thu May 6 04:03:10 2021)" +const defaultListVersion = "PSL version fd5650 (Sun Mar 27 15:19:06 2022)" -func DefaultRules() [9169]Rule { +func DefaultRules() [9333]Rule { return r } -var r = [9169]Rule{ +var r = [9333]Rule{ {1, "ac", 1, false}, {1, "com.ac", 2, false}, {1, "edu.ac", 2, false}, @@ -153,15 +153,19 @@ var r = [9169]Rule{ {1, "it.ao", 2, false}, {1, "aq", 1, false}, {1, "ar", 1, false}, + {1, "bet.ar", 2, false}, {1, "com.ar", 2, false}, + {1, "coop.ar", 2, false}, {1, "edu.ar", 2, false}, {1, "gob.ar", 2, false}, {1, "gov.ar", 2, false}, {1, "int.ar", 2, false}, {1, "mil.ar", 2, false}, {1, "musica.ar", 2, false}, + {1, "mutual.ar", 2, false}, {1, "net.ar", 2, false}, {1, "org.ar", 2, false}, + {1, "senasa.ar", 2, false}, {1, "tur.ar", 2, false}, {1, "arpa", 1, false}, {1, "e164.arpa", 2, false}, @@ -598,7 +602,6 @@ var r = [9169]Rule{ {2, "ck", 2, false}, {3, "www.ck", 2, false}, {1, "cl", 1, false}, - {1, "aprendemas.cl", 2, false}, {1, "co.cl", 2, false}, {1, "gob.cl", 2, false}, {1, "gov.cl", 2, false}, @@ -685,6 +688,11 @@ var r = [9169]Rule{ {1, "gov.cu", 2, false}, {1, "inf.cu", 2, false}, {1, "cv", 1, false}, + {1, "com.cv", 2, false}, + {1, "edu.cv", 2, false}, + {1, "int.cv", 2, false}, + {1, "nome.cv", 2, false}, + {1, "org.cv", 2, false}, {1, "cw", 1, false}, {1, "com.cw", 2, false}, {1, "edu.cw", 2, false}, @@ -699,10 +707,9 @@ var r = [9169]Rule{ {1, "ekloges.cy", 2, false}, {1, "gov.cy", 2, false}, {1, "ltd.cy", 2, false}, - {1, "name.cy", 2, false}, + {1, "mil.cy", 2, false}, {1, "net.cy", 2, false}, {1, "org.cy", 2, false}, - {1, "parliament.cy", 2, false}, {1, "press.cy", 2, false}, {1, "pro.cy", 2, false}, {1, "tm.cy", 2, false}, @@ -3387,11 +3394,10 @@ var r = [9169]Rule{ {1, "net.kw", 2, false}, {1, "org.kw", 2, false}, {1, "ky", 1, false}, - {1, "edu.ky", 2, false}, - {1, "gov.ky", 2, false}, {1, "com.ky", 2, false}, - {1, "org.ky", 2, false}, + {1, "edu.ky", 2, false}, {1, "net.ky", 2, false}, + {1, "org.ky", 2, false}, {1, "kz", 1, false}, {1, "org.kz", 2, false}, {1, "edu.kz", 2, false}, @@ -5567,21 +5573,14 @@ var r = [9169]Rule{ {1, "fin.tn", 2, false}, {1, "gov.tn", 2, false}, {1, "ind.tn", 2, false}, + {1, "info.tn", 2, false}, {1, "intl.tn", 2, false}, + {1, "mincom.tn", 2, false}, {1, "nat.tn", 2, false}, {1, "net.tn", 2, false}, {1, "org.tn", 2, false}, - {1, "info.tn", 2, false}, {1, "perso.tn", 2, false}, {1, "tourism.tn", 2, false}, - {1, "edunet.tn", 2, false}, - {1, "rnrt.tn", 2, false}, - {1, "rns.tn", 2, false}, - {1, "rnu.tn", 2, false}, - {1, "mincom.tn", 2, false}, - {1, "agrinet.tn", 2, false}, - {1, "defense.tn", 2, false}, - {1, "turen.tn", 2, false}, {1, "to", 1, false}, {1, "com.to", 2, false}, {1, "gov.to", 2, false}, @@ -6008,6 +6007,7 @@ var r = [9169]Rule{ {1, "edu.vc", 2, false}, {1, "ve", 1, false}, {1, "arts.ve", 2, false}, + {1, "bib.ve", 2, false}, {1, "co.ve", 2, false}, {1, "com.ve", 2, false}, {1, "e12.ve", 2, false}, @@ -6019,7 +6019,9 @@ var r = [9169]Rule{ {1, "int.ve", 2, false}, {1, "mil.ve", 2, false}, {1, "net.ve", 2, false}, + {1, "nom.ve", 2, false}, {1, "org.ve", 2, false}, + {1, "rar.ve", 2, false}, {1, "rec.ve", 2, false}, {1, "store.ve", 2, false}, {1, "tec.ve", 2, false}, @@ -6209,7 +6211,6 @@ var r = [9169]Rule{ {1, "adult", 1, false}, {1, "aeg", 1, false}, {1, "aetna", 1, false}, - {1, "afamilycompany", 1, false}, {1, "afl", 1, false}, {1, "africa", 1, false}, {1, "agakhan", 1, false}, @@ -6330,7 +6331,6 @@ var r = [9169]Rule{ {1, "broker", 1, false}, {1, "brother", 1, false}, {1, "brussels", 1, false}, - {1, "budapest", 1, false}, {1, "bugatti", 1, false}, {1, "build", 1, false}, {1, "builders", 1, false}, @@ -6434,7 +6434,6 @@ var r = [9169]Rule{ {1, "crs", 1, false}, {1, "cruise", 1, false}, {1, "cruises", 1, false}, - {1, "csc", 1, false}, {1, "cuisinella", 1, false}, {1, "cymru", 1, false}, {1, "cyou", 1, false}, @@ -6482,7 +6481,6 @@ var r = [9169]Rule{ {1, "drive", 1, false}, {1, "dtv", 1, false}, {1, "dubai", 1, false}, - {1, "duck", 1, false}, {1, "dunlop", 1, false}, {1, "dupont", 1, false}, {1, "durban", 1, false}, @@ -6592,7 +6590,6 @@ var r = [9169]Rule{ {1, "gifts", 1, false}, {1, "gives", 1, false}, {1, "giving", 1, false}, - {1, "glade", 1, false}, {1, "glass", 1, false}, {1, "gle", 1, false}, {1, "global", 1, false}, @@ -6718,6 +6715,7 @@ var r = [9169]Rule{ {1, "kerryproperties", 1, false}, {1, "kfh", 1, false}, {1, "kia", 1, false}, + {1, "kids", 1, false}, {1, "kim", 1, false}, {1, "kinder", 1, false}, {1, "kindle", 1, false}, @@ -6769,7 +6767,6 @@ var r = [9169]Rule{ {1, "lipsy", 1, false}, {1, "live", 1, false}, {1, "living", 1, false}, - {1, "lixil", 1, false}, {1, "llc", 1, false}, {1, "llp", 1, false}, {1, "loan", 1, false}, @@ -6843,6 +6840,7 @@ var r = [9169]Rule{ {1, "msd", 1, false}, {1, "mtn", 1, false}, {1, "mtr", 1, false}, + {1, "music", 1, false}, {1, "mutual", 1, false}, {1, "nab", 1, false}, {1, "nagoya", 1, false}, @@ -6880,7 +6878,6 @@ var r = [9169]Rule{ {1, "nyc", 1, false}, {1, "obi", 1, false}, {1, "observer", 1, false}, - {1, "off", 1, false}, {1, "office", 1, false}, {1, "okinawa", 1, false}, {1, "olayan", 1, false}, @@ -6960,10 +6957,8 @@ var r = [9169]Rule{ {1, "qpon", 1, false}, {1, "quebec", 1, false}, {1, "quest", 1, false}, - {1, "qvc", 1, false}, {1, "racing", 1, false}, {1, "radio", 1, false}, - {1, "raid", 1, false}, {1, "read", 1, false}, {1, "realestate", 1, false}, {1, "realtor", 1, false}, @@ -6994,7 +6989,6 @@ var r = [9169]Rule{ {1, "ril", 1, false}, {1, "rio", 1, false}, {1, "rip", 1, false}, - {1, "rmit", 1, false}, {1, "rocher", 1, false}, {1, "rocks", 1, false}, {1, "rodeo", 1, false}, @@ -7033,7 +7027,6 @@ var r = [9169]Rule{ {1, "schule", 1, false}, {1, "schwarz", 1, false}, {1, "science", 1, false}, - {1, "scjohnson", 1, false}, {1, "scot", 1, false}, {1, "search", 1, false}, {1, "seat", 1, false}, @@ -7110,7 +7103,6 @@ var r = [9169]Rule{ {1, "surgery", 1, false}, {1, "suzuki", 1, false}, {1, "swatch", 1, false}, - {1, "swiftcover", 1, false}, {1, "swiss", 1, false}, {1, "sydney", 1, false}, {1, "systems", 1, false}, @@ -7250,7 +7242,6 @@ var r = [9169]Rule{ {1, "xn--30rr7y", 1, false}, {1, "xn--3bst00m", 1, false}, {1, "xn--3ds443g", 1, false}, - {1, "xn--3oq18vl8pn36a", 1, false}, {1, "xn--3pxu8k", 1, false}, {1, "xn--42c2d9a", 1, false}, {1, "xn--45q11c", 1, false}, @@ -7361,9 +7352,16 @@ var r = [9169]Rule{ {1, "graphox.us", 2, true}, {2, "devcdnaccesso.com", 3, true}, {1, "adobeaemcloud.com", 2, true}, - {1, "adobeaemcloud.net", 2, true}, {2, "dev.adobeaemcloud.com", 4, true}, + {1, "hlx.live", 2, true}, + {1, "adobeaemcloud.net", 2, true}, + {1, "hlx.page", 2, true}, + {1, "hlx3.page", 2, true}, {1, "beep.pl", 2, true}, + {1, "airkitapps.com", 2, true}, + {1, "airkitapps-au.com", 2, true}, + {1, "airkitapps.eu", 2, true}, + {1, "aivencloud.com", 2, true}, {1, "barsy.ca", 2, true}, {2, "compute.estate", 3, true}, {2, "alces.network", 3, true}, @@ -7452,12 +7450,13 @@ var r = [9169]Rule{ {1, "s3-website.eu-west-2.amazonaws.com", 4, true}, {1, "s3-website.eu-west-3.amazonaws.com", 4, true}, {1, "s3-website.us-east-2.amazonaws.com", 4, true}, - {1, "amsw.nl", 2, true}, {1, "t3l3p0rt.net", 2, true}, {1, "tele.amune.org", 3, true}, {1, "apigee.io", 2, true}, + {1, "siiites.com", 2, true}, {1, "appspacehosted.com", 2, true}, {1, "appspaceusercontent.com", 2, true}, + {1, "appudo.net", 2, true}, {1, "on-aptible.com", 2, true}, {1, "user.aseinet.ne.jp", 4, true}, {1, "gv.vc", 2, true}, @@ -7468,19 +7467,37 @@ var r = [9169]Rule{ {1, "potager.org", 2, true}, {1, "sweetpepper.org", 2, true}, {1, "myasustor.com", 2, true}, + {1, "cdn.prod.atlassian-dev.net", 4, true}, + {1, "translated.page", 2, true}, {1, "myfritz.net", 2, true}, + {1, "onavstack.net", 2, true}, {2, "awdev.ca", 3, true}, {2, "advisor.ws", 3, true}, + {1, "ecommerce-shop.pl", 2, true}, {1, "b-data.io", 2, true}, {1, "backplaneapp.io", 2, true}, {1, "balena-devices.com", 2, true}, + {1, "rs.ba", 2, true}, {2, "banzai.cloud", 3, true}, {1, "app.banzaicloud.io", 3, true}, {2, "backyards.banzaicloud.io", 4, true}, + {1, "base.ec", 2, true}, + {1, "official.ec", 2, true}, + {1, "buyshop.jp", 2, true}, + {1, "fashionstore.jp", 2, true}, + {1, "handcrafted.jp", 2, true}, + {1, "kawaiishop.jp", 2, true}, + {1, "supersale.jp", 2, true}, + {1, "theshop.jp", 2, true}, + {1, "shopselect.net", 2, true}, + {1, "base.shop", 2, true}, + {2, "beget.app", 3, true}, {1, "betainabox.com", 2, true}, {1, "bnr.la", 2, true}, + {1, "bitbucket.io", 2, true}, {1, "blackbaudcdn.net", 2, true}, {1, "of.je", 2, true}, + {1, "bluebite.io", 2, true}, {1, "boomla.net", 2, true}, {1, "boutir.com", 2, true}, {1, "boxfuse.io", 2, true}, @@ -7490,15 +7507,18 @@ var r = [9169]Rule{ {1, "square7.de", 2, true}, {1, "bplaced.net", 2, true}, {1, "square7.net", 2, true}, + {1, "shop.brendly.rs", 3, true}, {1, "browsersafetymark.io", 2, true}, {1, "uk0.bigv.io", 3, true}, {1, "dh.bytemark.co.uk", 4, true}, {1, "vm.bytemark.co.uk", 4, true}, {1, "cafjs.com", 2, true}, {1, "mycd.eu", 2, true}, + {1, "drr.ac", 2, true}, + {1, "uwu.ai", 2, true}, {1, "carrd.co", 2, true}, {1, "crd.co", 2, true}, - {1, "uwu.ai", 2, true}, + {1, "ju.mp", 2, true}, {1, "ae.org", 2, true}, {1, "br.com", 2, true}, {1, "cn.com", 2, true}, @@ -7520,7 +7540,6 @@ var r = [9169]Rule{ {1, "za.bz", 2, true}, {1, "za.com", 2, true}, {1, "ar.com", 2, true}, - {1, "gb.com", 2, true}, {1, "hu.com", 2, true}, {1, "kr.com", 2, true}, {1, "no.com", 2, true}, @@ -7541,13 +7560,13 @@ var r = [9169]Rule{ {1, "cx.ua", 2, true}, {1, "discourse.group", 2, true}, {1, "discourse.team", 2, true}, - {1, "virtueeldomein.nl", 2, true}, {1, "cleverapps.io", 2, true}, + {1, "clerk.app", 2, true}, + {1, "clerkstage.app", 2, true}, {2, "lcl.dev", 3, true}, {2, "lclstage.dev", 3, true}, {2, "stg.dev", 3, true}, {2, "stgstage.dev", 3, true}, - {1, "clic2000.net", 2, true}, {1, "clickrising.net", 2, true}, {1, "c66.me", 2, true}, {1, "cloud66.ws", 2, true}, @@ -7559,7 +7578,7 @@ var r = [9169]Rule{ {1, "cloudaccess.net", 2, true}, {1, "cloudcontrolled.com", 2, true}, {1, "cloudcontrolapp.com", 2, true}, - {1, "cloudera.site", 2, true}, + {2, "cloudera.site", 3, true}, {1, "pages.dev", 2, true}, {1, "trycloudflare.com", 2, true}, {1, "workers.dev", 2, true}, @@ -7584,6 +7603,7 @@ var r = [9169]Rule{ {1, "cloudns.pw", 2, true}, {1, "cloudns.us", 2, true}, {1, "cnpy.gdn", 2, true}, + {1, "codeberg.page", 2, true}, {1, "co.nl", 2, true}, {1, "co.no", 2, true}, {1, "webhosting.be", 2, true}, @@ -7607,8 +7627,6 @@ var r = [9169]Rule{ {2, "cryptonomic.net", 3, true}, {1, "cupcake.is", 2, true}, {1, "curv.dev", 2, true}, - {1, "multibaas.app", 2, true}, - {1, "multibaas.com", 2, true}, {2, "customer-oci.com", 3, true}, {2, "oci.customer-oci.com", 4, true}, {2, "ocp.customer-oci.com", 4, true}, @@ -7635,11 +7653,20 @@ var r = [9169]Rule{ {2, "dapps.earth", 3, true}, {2, "bzz.dapps.earth", 4, true}, {1, "builtwithdark.com", 2, true}, + {1, "demo.datadetect.com", 3, true}, + {1, "instance.datadetect.com", 3, true}, {1, "edgestack.me", 2, true}, + {1, "ddns5.com", 2, true}, {1, "debian.net", 2, true}, {1, "deno.dev", 2, true}, {1, "deno-staging.dev", 2, true}, {1, "dedyn.io", 2, true}, + {1, "deta.app", 2, true}, + {1, "deta.dev", 2, true}, + {2, "rss.my.id", 4, true}, + {2, "diher.solutions", 3, true}, + {1, "discordsays.com", 2, true}, + {1, "discordsez.com", 2, true}, {1, "jozi.biz", 2, true}, {1, "dnshome.de", 2, true}, {1, "online.th", 2, true}, @@ -7946,6 +7973,7 @@ var r = [9169]Rule{ {1, "definima.net", 2, true}, {1, "definima.io", 2, true}, {1, "ondigitalocean.app", 2, true}, + {2, "digitaloceanspaces.com", 3, true}, {1, "bci.dnstrace.pro", 3, true}, {1, "ddnsfree.com", 2, true}, {1, "ddnsgeek.com", 2, true}, @@ -7966,13 +7994,18 @@ var r = [9169]Rule{ {1, "blogsite.xyz", 2, true}, {1, "dynv6.net", 2, true}, {1, "e4.cz", 2, true}, + {1, "eero.online", 2, true}, + {1, "eero-stage.online", 2, true}, + {1, "elementor.cloud", 2, true}, + {1, "elementor.cool", 2, true}, {1, "en-root.fr", 2, true}, {1, "mytuleap.com", 2, true}, + {1, "tuleap-partners.com", 2, true}, + {1, "encr.app", 2, true}, + {1, "encoreapi.com", 2, true}, {1, "onred.one", 2, true}, {1, "staging.onred.one", 3, true}, - {1, "service.one", 2, true}, - {1, "enonic.io", 2, true}, - {1, "customer.enonic.io", 3, true}, + {1, "eu.encoway.cloud", 3, true}, {1, "eu.org", 2, true}, {1, "al.eu.org", 3, true}, {1, "asso.eu.org", 3, true}, @@ -8140,8 +8173,6 @@ var r = [9169]Rule{ {1, "cloud.fedoraproject.org", 3, true}, {1, "app.os.fedoraproject.org", 4, true}, {1, "app.os.stg.fedoraproject.org", 5, true}, - {1, "couk.me", 2, true}, - {1, "ukco.me", 2, true}, {1, "conn.uk", 2, true}, {1, "copro.uk", 2, true}, {1, "hosp.uk", 2, true}, @@ -8157,14 +8188,17 @@ var r = [9169]Rule{ {1, "firebaseapp.com", 2, true}, {1, "fireweb.app", 2, true}, {1, "flap.id", 2, true}, + {1, "onflashdrive.app", 2, true}, + {1, "fldrv.com", 2, true}, {1, "fly.dev", 2, true}, {1, "edgeapp.net", 2, true}, {1, "shw.io", 2, true}, {1, "flynnhosting.net", 2, true}, {1, "forgeblocks.com", 2, true}, - {2, "id.forgerock.io", 4, true}, + {1, "id.forgerock.io", 3, true}, {1, "framer.app", 2, true}, {1, "framercanvas.com", 2, true}, + {2, "frusky.de", 3, true}, {1, "ravpage.co.il", 3, true}, {1, "0e.vc", 2, true}, {1, "freebox-os.com", 2, true}, @@ -8184,7 +8218,16 @@ var r = [9169]Rule{ {2, "ex.ortsinfo.at", 4, true}, {2, "kunden.ortsinfo.at", 4, true}, {2, "statics.cloud", 3, true}, + {1, "independent-commission.uk", 2, true}, + {1, "independent-inquest.uk", 2, true}, + {1, "independent-inquiry.uk", 2, true}, + {1, "independent-panel.uk", 2, true}, + {1, "independent-review.uk", 2, true}, + {1, "public-inquiry.uk", 2, true}, + {1, "royal-commission.uk", 2, true}, + {1, "campaign.gov.uk", 3, true}, {1, "service.gov.uk", 3, true}, + {1, "api.gov.uk", 3, true}, {1, "gehirn.ne.jp", 3, true}, {1, "usercontent.jp", 2, true}, {1, "gentapps.com", 2, true}, @@ -8194,16 +8237,121 @@ var r = [9169]Rule{ {1, "ghost.io", 2, true}, {1, "gsj.bz", 2, true}, {1, "githubusercontent.com", 2, true}, - {1, "github.dev", 2, true}, {1, "githubpreview.dev", 2, true}, {1, "github.io", 2, true}, {1, "gitlab.io", 2, true}, {1, "gitapp.si", 2, true}, {1, "gitpage.si", 2, true}, {1, "glitch.me", 2, true}, + {1, "nog.community", 2, true}, {1, "co.ro", 2, true}, {1, "shop.ro", 2, true}, {1, "lolipop.io", 2, true}, + {1, "angry.jp", 2, true}, + {1, "babyblue.jp", 2, true}, + {1, "babymilk.jp", 2, true}, + {1, "backdrop.jp", 2, true}, + {1, "bambina.jp", 2, true}, + {1, "bitter.jp", 2, true}, + {1, "blush.jp", 2, true}, + {1, "boo.jp", 2, true}, + {1, "boy.jp", 2, true}, + {1, "boyfriend.jp", 2, true}, + {1, "but.jp", 2, true}, + {1, "candypop.jp", 2, true}, + {1, "capoo.jp", 2, true}, + {1, "catfood.jp", 2, true}, + {1, "cheap.jp", 2, true}, + {1, "chicappa.jp", 2, true}, + {1, "chillout.jp", 2, true}, + {1, "chips.jp", 2, true}, + {1, "chowder.jp", 2, true}, + {1, "chu.jp", 2, true}, + {1, "ciao.jp", 2, true}, + {1, "cocotte.jp", 2, true}, + {1, "coolblog.jp", 2, true}, + {1, "cranky.jp", 2, true}, + {1, "cutegirl.jp", 2, true}, + {1, "daa.jp", 2, true}, + {1, "deca.jp", 2, true}, + {1, "deci.jp", 2, true}, + {1, "digick.jp", 2, true}, + {1, "egoism.jp", 2, true}, + {1, "fakefur.jp", 2, true}, + {1, "fem.jp", 2, true}, + {1, "flier.jp", 2, true}, + {1, "floppy.jp", 2, true}, + {1, "fool.jp", 2, true}, + {1, "frenchkiss.jp", 2, true}, + {1, "girlfriend.jp", 2, true}, + {1, "girly.jp", 2, true}, + {1, "gloomy.jp", 2, true}, + {1, "gonna.jp", 2, true}, + {1, "greater.jp", 2, true}, + {1, "hacca.jp", 2, true}, + {1, "heavy.jp", 2, true}, + {1, "her.jp", 2, true}, + {1, "hiho.jp", 2, true}, + {1, "hippy.jp", 2, true}, + {1, "holy.jp", 2, true}, + {1, "hungry.jp", 2, true}, + {1, "icurus.jp", 2, true}, + {1, "itigo.jp", 2, true}, + {1, "jellybean.jp", 2, true}, + {1, "kikirara.jp", 2, true}, + {1, "kill.jp", 2, true}, + {1, "kilo.jp", 2, true}, + {1, "kuron.jp", 2, true}, + {1, "littlestar.jp", 2, true}, + {1, "lolitapunk.jp", 2, true}, + {1, "lomo.jp", 2, true}, + {1, "lovepop.jp", 2, true}, + {1, "lovesick.jp", 2, true}, + {1, "main.jp", 2, true}, + {1, "mods.jp", 2, true}, + {1, "mond.jp", 2, true}, + {1, "mongolian.jp", 2, true}, + {1, "moo.jp", 2, true}, + {1, "namaste.jp", 2, true}, + {1, "nikita.jp", 2, true}, + {1, "nobushi.jp", 2, true}, + {1, "noor.jp", 2, true}, + {1, "oops.jp", 2, true}, + {1, "parallel.jp", 2, true}, + {1, "parasite.jp", 2, true}, + {1, "pecori.jp", 2, true}, + {1, "peewee.jp", 2, true}, + {1, "penne.jp", 2, true}, + {1, "pepper.jp", 2, true}, + {1, "perma.jp", 2, true}, + {1, "pigboat.jp", 2, true}, + {1, "pinoko.jp", 2, true}, + {1, "punyu.jp", 2, true}, + {1, "pupu.jp", 2, true}, + {1, "pussycat.jp", 2, true}, + {1, "pya.jp", 2, true}, + {1, "raindrop.jp", 2, true}, + {1, "readymade.jp", 2, true}, + {1, "sadist.jp", 2, true}, + {1, "schoolbus.jp", 2, true}, + {1, "secret.jp", 2, true}, + {1, "staba.jp", 2, true}, + {1, "stripper.jp", 2, true}, + {1, "sub.jp", 2, true}, + {1, "sunnyday.jp", 2, true}, + {1, "thick.jp", 2, true}, + {1, "tonkotsu.jp", 2, true}, + {1, "under.jp", 2, true}, + {1, "upper.jp", 2, true}, + {1, "velvet.jp", 2, true}, + {1, "verse.jp", 2, true}, + {1, "versus.jp", 2, true}, + {1, "vivian.jp", 2, true}, + {1, "watson.jp", 2, true}, + {1, "weblike.jp", 2, true}, + {1, "whitesnow.jp", 2, true}, + {1, "zombie.jp", 2, true}, + {1, "heteml.net", 2, true}, {1, "cloudapps.digital", 2, true}, {1, "london.cloudapps.digital", 3, true}, {1, "pymnt.uk", 2, true}, @@ -8226,6 +8374,7 @@ var r = [9169]Rule{ {2, "gateway.dev", 3, true}, {1, "cloud.goog", 2, true}, {1, "translate.goog", 2, true}, + {2, "usercontent.goog", 3, true}, {1, "cloudfunctions.net", 2, true}, {1, "blogspot.ae", 2, true}, {1, "blogspot.al", 2, true}, @@ -8315,15 +8464,19 @@ var r = [9169]Rule{ {1, "hashbang.sh", 2, true}, {1, "hasura.app", 2, true}, {1, "hasura-app.io", 2, true}, + {1, "pages.it.hs-heilbronn.de", 4, true}, {1, "hepforge.org", 2, true}, {1, "herokuapp.com", 2, true}, {1, "herokussl.com", 2, true}, + {1, "ravendb.cloud", 2, true}, {1, "myravendb.com", 2, true}, {1, "ravendb.community", 2, true}, {1, "ravendb.me", 2, true}, {1, "development.run", 2, true}, {1, "ravendb.run", 2, true}, + {1, "homesklep.pl", 2, true}, {1, "secaas.hk", 2, true}, + {1, "hoplix.shop", 2, true}, {1, "orx.biz", 2, true}, {1, "biz.gl", 2, true}, {1, "col.ng", 2, true}, @@ -8483,15 +8636,19 @@ var r = [9169]Rule{ {2, "landing.myjino.ru", 4, true}, {2, "spectrum.myjino.ru", 4, true}, {2, "vps.myjino.ru", 4, true}, + {1, "jotelulu.cloud", 2, true}, {2, "triton.zone", 3, true}, {2, "cns.joyent.com", 4, true}, {1, "js.org", 2, true}, {1, "kaas.gg", 2, true}, {1, "khplay.nl", 2, true}, + {1, "ktistory.com", 2, true}, + {1, "kapsi.fi", 2, true}, {1, "keymachine.de", 2, true}, {1, "kinghost.net", 2, true}, {1, "uni5.net", 2, true}, {1, "knightpoint.systems", 2, true}, + {1, "koobin.events", 2, true}, {1, "oya.to", 2, true}, {1, "kuleuven.cloud", 2, true}, {1, "ezproxy.kuleuven.be", 3, true}, @@ -8519,13 +8676,16 @@ var r = [9169]Rule{ {1, "members.linode.com", 3, true}, {2, "nodebalancer.linode.com", 4, true}, {2, "linodeobjects.com", 3, true}, + {1, "ip.linodeusercontent.com", 3, true}, {1, "we.bs", 2, true}, + {2, "user.localcert.dev", 4, true}, {1, "localzone.xyz", 2, true}, {1, "loginline.app", 2, true}, {1, "loginline.dev", 2, true}, {1, "loginline.io", 2, true}, {1, "loginline.services", 2, true}, {1, "loginline.site", 2, true}, + {1, "servers.run", 2, true}, {1, "lohmus.me", 2, true}, {1, "krasnik.pl", 2, true}, {1, "leczna.pl", 2, true}, @@ -8555,6 +8715,7 @@ var r = [9169]Rule{ {1, "barsy.org", 2, true}, {1, "barsy.pro", 2, true}, {1, "barsy.pub", 2, true}, + {1, "barsy.ro", 2, true}, {1, "barsy.shop", 2, true}, {1, "barsy.site", 2, true}, {1, "barsy.support", 2, true}, @@ -8570,6 +8731,8 @@ var r = [9169]Rule{ {1, "mcdir.ru", 2, true}, {1, "mcpre.ru", 2, true}, {1, "vps.mcdir.ru", 3, true}, + {1, "mediatech.by", 2, true}, + {1, "mediatech.dev", 2, true}, {1, "hra.health", 2, true}, {1, "miniserver.com", 2, true}, {1, "memset.net", 2, true}, @@ -8628,7 +8791,7 @@ var r = [9169]Rule{ {1, "that.win", 2, true}, {1, "from.work", 2, true}, {1, "to.work", 2, true}, - {1, "nctu.me", 2, true}, + {1, "cloud.nospamproxy.com", 3, true}, {1, "netlify.app", 2, true}, {1, "4u.com", 2, true}, {1, "ngrok.io", 2, true}, @@ -8637,7 +8800,10 @@ var r = [9169]Rule{ {2, "developer.app", 3, true}, {1, "noop.app", 2, true}, {2, "northflank.app", 3, true}, + {2, "build.run", 3, true}, {2, "code.run", 3, true}, + {2, "database.run", 3, true}, + {2, "migration.run", 3, true}, {1, "noticeable.news", 2, true}, {1, "dnsking.ch", 2, true}, {1, "mypi.co", 2, true}, @@ -8752,71 +8918,20 @@ var r = [9169]Rule{ {1, "webhop.me", 2, true}, {1, "zapto.org", 2, true}, {1, "stage.nodeart.io", 3, true}, - {1, "nodum.co", 2, true}, - {1, "nodum.io", 2, true}, {1, "pcloud.host", 2, true}, {1, "nyc.mn", 2, true}, - {1, "nom.ae", 2, true}, - {1, "nom.af", 2, true}, - {1, "nom.ai", 2, true}, - {1, "nom.al", 2, true}, - {1, "nym.by", 2, true}, - {1, "nom.bz", 2, true}, - {1, "nym.bz", 2, true}, - {1, "nom.cl", 2, true}, - {1, "nym.ec", 2, true}, - {1, "nom.gd", 2, true}, - {1, "nom.ge", 2, true}, - {1, "nom.gl", 2, true}, - {1, "nym.gr", 2, true}, - {1, "nom.gt", 2, true}, - {1, "nym.gy", 2, true}, - {1, "nym.hk", 2, true}, - {1, "nom.hn", 2, true}, - {1, "nym.ie", 2, true}, - {1, "nom.im", 2, true}, - {1, "nom.ke", 2, true}, - {1, "nym.kz", 2, true}, - {1, "nym.la", 2, true}, - {1, "nym.lc", 2, true}, - {1, "nom.li", 2, true}, - {1, "nym.li", 2, true}, - {1, "nym.lt", 2, true}, - {1, "nym.lu", 2, true}, - {1, "nom.lv", 2, true}, - {1, "nym.me", 2, true}, - {1, "nom.mk", 2, true}, - {1, "nym.mn", 2, true}, - {1, "nym.mx", 2, true}, - {1, "nom.nu", 2, true}, - {1, "nym.nz", 2, true}, - {1, "nym.pe", 2, true}, - {1, "nym.pt", 2, true}, - {1, "nom.pw", 2, true}, - {1, "nom.qa", 2, true}, - {1, "nym.ro", 2, true}, - {1, "nom.rs", 2, true}, - {1, "nom.si", 2, true}, - {1, "nym.sk", 2, true}, - {1, "nom.st", 2, true}, - {1, "nym.su", 2, true}, - {1, "nym.sx", 2, true}, - {1, "nom.tj", 2, true}, - {1, "nym.tw", 2, true}, - {1, "nom.ug", 2, true}, - {1, "nom.uy", 2, true}, - {1, "nom.vc", 2, true}, - {1, "nom.vg", 2, true}, {1, "static.observableusercontent.com", 3, true}, {1, "cya.gg", 2, true}, {1, "omg.lol", 2, true}, {1, "cloudycluster.net", 2, true}, {1, "omniwe.site", 2, true}, + {1, "service.one", 2, true}, {1, "nid.io", 2, true}, {1, "opensocial.site", 2, true}, {1, "opencraft.hosting", 2, true}, {1, "orsites.com", 2, true}, {1, "operaunite.com", 2, true}, + {1, "tech.orange", 2, true}, {1, "authgear-staging.com", 2, true}, {1, "authgearapps.com", 2, true}, {1, "skygearapp.com", 2, true}, @@ -8847,8 +8962,6 @@ var r = [9169]Rule{ {1, "mypep.link", 2, true}, {1, "perspecta.cloud", 2, true}, {1, "lk3.ru", 2, true}, - {1, "ra-ru.ru", 2, true}, - {1, "zsew.ru", 2, true}, {1, "on-web.fr", 2, true}, {1, "bc.platform.sh", 3, true}, {1, "ent.platform.sh", 3, true}, @@ -8863,7 +8976,13 @@ var r = [9169]Rule{ {1, "plesk.page", 2, true}, {1, "pleskns.com", 2, true}, {1, "dyn53.io", 2, true}, + {1, "onporter.run", 2, true}, {1, "co.bn", 2, true}, + {1, "postman-echo.com", 2, true}, + {1, "pstmn.io", 2, true}, + {1, "mock.pstmn.io", 3, true}, + {1, "httpbin.org", 2, true}, + {1, "prequalifyme.today", 2, true}, {1, "xen.prgmr.com", 3, true}, {1, "priv.at", 2, true}, {1, "prvcy.page", 2, true}, @@ -8878,6 +8997,7 @@ var r = [9169]Rule{ {1, "qualifioapp.com", 2, true}, {1, "qbuser.com", 2, true}, {1, "cloudsite.builders", 2, true}, + {1, "instances.spawn.cc", 3, true}, {1, "instantcloud.cn", 2, true}, {1, "ras.ru", 2, true}, {1, "qa2.com", 2, true}, @@ -8907,7 +9027,10 @@ var r = [9169]Rule{ {1, "hzc.io", 2, true}, {1, "wellbeingzone.eu", 2, true}, {1, "wellbeingzone.co.uk", 3, true}, + {1, "adimo.co.uk", 3, true}, + {1, "itcouldbewor.se", 2, true}, {1, "git-pages.rit.edu", 3, true}, + {1, "rocky.page", 2, true}, {1, "xn--90amc.xn--p1acf", 2, true}, {1, "xn--j1aef.xn--p1acf", 2, true}, {1, "xn--j1ael8b.xn--p1acf", 2, true}, @@ -8936,7 +9059,9 @@ var r = [9169]Rule{ {1, "myfirewall.org", 2, true}, {1, "spdns.org", 2, true}, {1, "seidat.net", 2, true}, + {1, "sellfy.store", 2, true}, {1, "senseering.net", 2, true}, + {1, "minisite.ms", 2, true}, {1, "magnet.page", 2, true}, {1, "biz.ua", 2, true}, {1, "co.ua", 2, true}, @@ -8959,9 +9084,12 @@ var r = [9169]Rule{ {1, "alpha.bounty-full.com", 3, true}, {1, "beta.bounty-full.com", 3, true}, {1, "small-web.org", 2, true}, + {1, "vp4.me", 2, true}, {1, "try-snowplow.com", 2, true}, {1, "srht.site", 2, true}, {1, "stackhero-network.com", 2, true}, + {1, "musician.io", 2, true}, + {1, "novecore.site", 2, true}, {1, "static.land", 2, true}, {1, "dev.static.land", 3, true}, {1, "sites.static.land", 3, true}, @@ -8975,12 +9103,35 @@ var r = [9169]Rule{ {2, "stolos.io", 3, true}, {1, "spacekit.io", 2, true}, {1, "customer.speedpartner.de", 3, true}, + {1, "myspreadshop.at", 2, true}, + {1, "myspreadshop.com.au", 3, true}, + {1, "myspreadshop.be", 2, true}, + {1, "myspreadshop.ca", 2, true}, + {1, "myspreadshop.ch", 2, true}, + {1, "myspreadshop.com", 2, true}, + {1, "myspreadshop.de", 2, true}, + {1, "myspreadshop.dk", 2, true}, + {1, "myspreadshop.es", 2, true}, + {1, "myspreadshop.fi", 2, true}, + {1, "myspreadshop.fr", 2, true}, + {1, "myspreadshop.ie", 2, true}, + {1, "myspreadshop.it", 2, true}, + {1, "myspreadshop.net", 2, true}, + {1, "myspreadshop.nl", 2, true}, + {1, "myspreadshop.no", 2, true}, + {1, "myspreadshop.pl", 2, true}, + {1, "myspreadshop.se", 2, true}, + {1, "myspreadshop.co.uk", 3, true}, {1, "api.stdlib.com", 3, true}, {1, "storj.farm", 2, true}, {1, "utwente.io", 2, true}, {1, "soc.srcf.net", 3, true}, {1, "user.srcf.net", 3, true}, {1, "temp-dns.com", 2, true}, + {1, "supabase.co", 2, true}, + {1, "supabase.in", 2, true}, + {1, "supabase.net", 2, true}, + {1, "su.paba.se", 3, true}, {2, "s5y.io", 3, true}, {2, "sensiosite.cloud", 3, true}, {1, "syncloud.it", 2, true}, @@ -8999,24 +9150,34 @@ var r = [9169]Rule{ {1, "synology.me", 2, true}, {1, "vpnplus.to", 2, true}, {1, "direct.quickconnect.to", 3, true}, + {1, "tabitorder.co.il", 3, true}, {1, "taifun-dns.de", 2, true}, + {1, "beta.tailscale.net", 3, true}, + {1, "ts.net", 2, true}, {1, "gda.pl", 2, true}, {1, "gdansk.pl", 2, true}, {1, "gdynia.pl", 2, true}, {1, "med.pl", 2, true}, {1, "sopot.pl", 2, true}, - {1, "edugit.org", 2, true}, + {1, "site.tb-hosting.com", 3, true}, + {1, "edugit.io", 2, true}, + {1, "s3.teckids.org", 3, true}, {1, "telebit.app", 2, true}, {1, "telebit.io", 2, true}, {2, "telebit.xyz", 3, true}, {1, "gwiddle.co.uk", 3, true}, + {2, "firenet.ch", 3, true}, + {2, "svc.firenet.ch", 4, true}, + {1, "reservd.com", 2, true}, {1, "thingdustdata.com", 2, true}, {1, "cust.dev.thingdust.io", 4, true}, {1, "cust.disrec.thingdust.io", 4, true}, {1, "cust.prod.thingdust.io", 4, true}, {1, "cust.testing.thingdust.io", 4, true}, - {2, "firenet.ch", 3, true}, - {2, "svc.firenet.ch", 4, true}, + {1, "reservd.dev.thingdust.io", 4, true}, + {1, "reservd.disrec.thingdust.io", 4, true}, + {1, "reservd.testing.thingdust.io", 4, true}, + {1, "tickets.io", 2, true}, {1, "arvo.network", 2, true}, {1, "azimuth.network", 2, true}, {1, "tlon.network", 2, true}, @@ -9047,6 +9208,7 @@ var r = [9169]Rule{ {2, "transurl.be", 3, true}, {2, "transurl.eu", 3, true}, {2, "transurl.nl", 3, true}, + {1, "site.transip.me", 3, true}, {1, "tuxfamily.org", 2, true}, {1, "dd-dns.de", 2, true}, {1, "diskstation.eu", 2, true}, @@ -9061,6 +9223,8 @@ var r = [9169]Rule{ {1, "syno-ds.de", 2, true}, {1, "synology-diskstation.de", 2, true}, {1, "synology-ds.de", 2, true}, + {1, "typedream.app", 2, true}, + {1, "pro.typeform.com", 3, true}, {1, "uber.space", 2, true}, {2, "uberspace.de", 3, true}, {1, "hk.com", 2, true}, @@ -9069,6 +9233,7 @@ var r = [9169]Rule{ {1, "inc.hk", 2, true}, {1, "virtualuser.de", 2, true}, {1, "virtual-user.de", 2, true}, + {1, "upli.io", 2, true}, {1, "urown.cloud", 2, true}, {1, "dnsupdate.info", 2, true}, {1, "lib.de.us", 3, true}, @@ -9108,7 +9273,6 @@ var r = [9169]Rule{ {1, "de.md", 2, true}, {1, "jp.md", 2, true}, {1, "to.md", 2, true}, - {1, "uwu.nu", 2, true}, {1, "indie.porn", 2, true}, {1, "vxl.sh", 2, true}, {1, "ch.tc", 2, true}, @@ -9120,13 +9284,8 @@ var r = [9169]Rule{ {1, "dev.vu", 2, true}, {1, "me.vu", 2, true}, {1, "v.ua", 2, true}, + {2, "vultrobjects.com", 3, true}, {1, "wafflecell.com", 2, true}, - {1, "idnblogger.com", 2, true}, - {1, "indowapblog.com", 2, true}, - {1, "bloger.id", 2, true}, - {1, "wblog.id", 2, true}, - {1, "wbq.me", 2, true}, - {1, "fastblog.net", 2, true}, {2, "webhare.dev", 3, true}, {1, "reserve-online.net", 2, true}, {1, "reserve-online.com", 2, true}, @@ -9142,12 +9301,16 @@ var r = [9169]Rule{ {1, "wmcloud.org", 2, true}, {1, "panel.gg", 2, true}, {1, "daemon.panel.gg", 3, true}, + {1, "messwithdns.com", 2, true}, {1, "woltlab-demo.com", 2, true}, {1, "myforum.community", 2, true}, {1, "community-pro.de", 2, true}, {1, "diskussionsbereich.de", 2, true}, {1, "community-pro.net", 2, true}, {1, "meinforum.net", 2, true}, + {1, "affinitylottery.org.uk", 3, true}, + {1, "raffleentry.org.uk", 3, true}, + {1, "weeklylottery.org.uk", 3, true}, {1, "wpenginepowered.com", 2, true}, {1, "js.wpenginepowered.com", 3, true}, {1, "wixsite.com", 2, true}, @@ -9171,6 +9334,7 @@ var r = [9169]Rule{ {1, "ybo.review", 2, true}, {1, "ybo.science", 2, true}, {1, "ybo.trade", 2, true}, + {1, "ynh.fr", 2, true}, {1, "nohost.me", 2, true}, {1, "noho.st", 2, true}, {1, "za.net", 2, true}, diff --git a/vendor/github.com/zmap/zcrypto/cryptobyte/NOTICE.md b/vendor/github.com/zmap/zcrypto/cryptobyte/NOTICE.md new file mode 100644 index 000000000..fce84acf9 --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/cryptobyte/NOTICE.md @@ -0,0 +1,2 @@ +Forked from golang.org/x/crypto/cryptobyte in order to support +permissive asn1 parsing. \ No newline at end of file diff --git a/vendor/github.com/zmap/zcrypto/cryptobyte/asn1.go b/vendor/github.com/zmap/zcrypto/cryptobyte/asn1.go new file mode 100644 index 000000000..a755e56ea --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/cryptobyte/asn1.go @@ -0,0 +1,752 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cryptobyte + +import ( + "fmt" + "math/big" + "reflect" + "time" + + "github.com/zmap/zcrypto/cryptobyte/asn1" + encoding_asn1 "github.com/zmap/zcrypto/encoding/asn1" +) + +// This file contains ASN.1-related methods for String and Builder. + +// Builder + +// AddASN1Int64 appends a DER-encoded ASN.1 INTEGER. +func (b *Builder) AddASN1Int64(v int64) { + b.addASN1Signed(asn1.INTEGER, v) +} + +// AddASN1Int64WithTag appends a DER-encoded ASN.1 INTEGER with the +// given tag. +func (b *Builder) AddASN1Int64WithTag(v int64, tag asn1.Tag) { + b.addASN1Signed(tag, v) +} + +// AddASN1Enum appends a DER-encoded ASN.1 ENUMERATION. +func (b *Builder) AddASN1Enum(v int64) { + b.addASN1Signed(asn1.ENUM, v) +} + +func (b *Builder) addASN1Signed(tag asn1.Tag, v int64) { + b.AddASN1(tag, func(c *Builder) { + length := 1 + for i := v; i >= 0x80 || i < -0x80; i >>= 8 { + length++ + } + + for ; length > 0; length-- { + i := v >> uint((length-1)*8) & 0xff + c.AddUint8(uint8(i)) + } + }) +} + +// AddASN1Uint64 appends a DER-encoded ASN.1 INTEGER. +func (b *Builder) AddASN1Uint64(v uint64) { + b.AddASN1(asn1.INTEGER, func(c *Builder) { + length := 1 + for i := v; i >= 0x80; i >>= 8 { + length++ + } + + for ; length > 0; length-- { + i := v >> uint((length-1)*8) & 0xff + c.AddUint8(uint8(i)) + } + }) +} + +// AddASN1BigInt appends a DER-encoded ASN.1 INTEGER. +func (b *Builder) AddASN1BigInt(n *big.Int) { + if b.err != nil { + return + } + + b.AddASN1(asn1.INTEGER, func(c *Builder) { + if n.Sign() < 0 { + // A negative number has to be converted to two's-complement form. So we + // invert and subtract 1. If the most-significant-bit isn't set then + // we'll need to pad the beginning with 0xff in order to keep the number + // negative. + nMinus1 := new(big.Int).Neg(n) + nMinus1.Sub(nMinus1, bigOne) + bytes := nMinus1.Bytes() + for i := range bytes { + bytes[i] ^= 0xff + } + if len(bytes) == 0 || bytes[0]&0x80 == 0 { + c.add(0xff) + } + c.add(bytes...) + } else if n.Sign() == 0 { + c.add(0) + } else { + bytes := n.Bytes() + if bytes[0]&0x80 != 0 { + c.add(0) + } + c.add(bytes...) + } + }) +} + +// AddASN1OctetString appends a DER-encoded ASN.1 OCTET STRING. +func (b *Builder) AddASN1OctetString(bytes []byte) { + b.AddASN1(asn1.OCTET_STRING, func(c *Builder) { + c.AddBytes(bytes) + }) +} + +const generalizedTimeFormatStr = "20060102150405Z0700" + +// AddASN1GeneralizedTime appends a DER-encoded ASN.1 GENERALIZEDTIME. +func (b *Builder) AddASN1GeneralizedTime(t time.Time) { + if t.Year() < 0 || t.Year() > 9999 { + b.err = fmt.Errorf("cryptobyte: cannot represent %v as a GeneralizedTime", t) + return + } + b.AddASN1(asn1.GeneralizedTime, func(c *Builder) { + c.AddBytes([]byte(t.Format(generalizedTimeFormatStr))) + }) +} + +// AddASN1BitString appends a DER-encoded ASN.1 BIT STRING. This does not +// support BIT STRINGs that are not a whole number of bytes. +func (b *Builder) AddASN1BitString(data []byte) { + b.AddASN1(asn1.BIT_STRING, func(b *Builder) { + b.AddUint8(0) + b.AddBytes(data) + }) +} + +func (b *Builder) addBase128Int(n int64) { + var length int + if n == 0 { + length = 1 + } else { + for i := n; i > 0; i >>= 7 { + length++ + } + } + + for i := length - 1; i >= 0; i-- { + o := byte(n >> uint(i*7)) + o &= 0x7f + if i != 0 { + o |= 0x80 + } + + b.add(o) + } +} + +func isValidOID(oid encoding_asn1.ObjectIdentifier) bool { + if len(oid) < 2 { + return false + } + + if oid[0] > 2 || (oid[0] <= 1 && oid[1] >= 40) { + return false + } + + for _, v := range oid { + if v < 0 { + return false + } + } + + return true +} + +func (b *Builder) AddASN1ObjectIdentifier(oid encoding_asn1.ObjectIdentifier) { + b.AddASN1(asn1.OBJECT_IDENTIFIER, func(b *Builder) { + if !isValidOID(oid) { + b.err = fmt.Errorf("cryptobyte: invalid OID: %v", oid) + return + } + + b.addBase128Int(int64(oid[0])*40 + int64(oid[1])) + for _, v := range oid[2:] { + b.addBase128Int(int64(v)) + } + }) +} + +func (b *Builder) AddASN1Boolean(v bool) { + b.AddASN1(asn1.BOOLEAN, func(b *Builder) { + if v { + b.AddUint8(0xff) + } else { + b.AddUint8(0) + } + }) +} + +func (b *Builder) AddASN1NULL() { + b.add(uint8(asn1.NULL), 0) +} + +// MarshalASN1 calls encoding_asn1.Marshal on its input and appends the result if +// successful or records an error if one occurred. +func (b *Builder) MarshalASN1(v interface{}) { + // NOTE(martinkr): This is somewhat of a hack to allow propagation of + // encoding_asn1.Marshal errors into Builder.err. N.B. if you call MarshalASN1 with a + // value embedded into a struct, its tag information is lost. + if b.err != nil { + return + } + bytes, err := encoding_asn1.Marshal(v) + if err != nil { + b.err = err + return + } + b.AddBytes(bytes) +} + +// AddASN1 appends an ASN.1 object. The object is prefixed with the given tag. +// Tags greater than 30 are not supported and result in an error (i.e. +// low-tag-number form only). The child builder passed to the +// BuilderContinuation can be used to build the content of the ASN.1 object. +func (b *Builder) AddASN1(tag asn1.Tag, f BuilderContinuation) { + if b.err != nil { + return + } + // Identifiers with the low five bits set indicate high-tag-number format + // (two or more octets), which we don't support. + if tag&0x1f == 0x1f { + b.err = fmt.Errorf("cryptobyte: high-tag number identifier octects not supported: 0x%x", tag) + return + } + b.AddUint8(uint8(tag)) + b.addLengthPrefixed(1, true, f) +} + +// String + +// ReadASN1Boolean decodes an ASN.1 BOOLEAN and converts it to a boolean +// representation into out and advances. It reports whether the read +// was successful. +func (s *String) ReadASN1Boolean(out *bool) bool { + var bytes String + if !s.ReadASN1(&bytes, asn1.BOOLEAN) || len(bytes) != 1 { + return false + } + + switch bytes[0] { + case 0: + *out = false + case 0xff: + *out = true + default: + return false + } + + return true +} + +var bigIntType = reflect.TypeOf((*big.Int)(nil)).Elem() + +// ReadASN1Integer decodes an ASN.1 INTEGER into out and advances. If out does +// not point to an integer or to a big.Int, it panics. It reports whether the +// read was successful. +func (s *String) ReadASN1Integer(out interface{}) bool { + if reflect.TypeOf(out).Kind() != reflect.Ptr { + panic("out is not a pointer") + } + switch reflect.ValueOf(out).Elem().Kind() { + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + var i int64 + if !s.readASN1Int64(&i) || reflect.ValueOf(out).Elem().OverflowInt(i) { + return false + } + reflect.ValueOf(out).Elem().SetInt(i) + return true + case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + var u uint64 + if !s.readASN1Uint64(&u) || reflect.ValueOf(out).Elem().OverflowUint(u) { + return false + } + reflect.ValueOf(out).Elem().SetUint(u) + return true + case reflect.Struct: + if reflect.TypeOf(out).Elem() == bigIntType { + return s.readASN1BigInt(out.(*big.Int)) + } + } + panic("out does not point to an integer type") +} + +func checkASN1Integer(bytes []byte) bool { + if len(bytes) == 0 { + // An INTEGER is encoded with at least one octet. + return false + } + if len(bytes) == 1 { + return true + } + if bytes[0] == 0 && bytes[1]&0x80 == 0 || bytes[0] == 0xff && bytes[1]&0x80 == 0x80 { + // Value is not minimally encoded. + return false + } + return true +} + +var bigOne = big.NewInt(1) + +func (s *String) readASN1BigInt(out *big.Int) bool { + var bytes String + if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) { + return false + } + if bytes[0]&0x80 == 0x80 { + // Negative number. + neg := make([]byte, len(bytes)) + for i, b := range bytes { + neg[i] = ^b + } + out.SetBytes(neg) + out.Add(out, bigOne) + out.Neg(out) + } else { + out.SetBytes(bytes) + } + return true +} + +func (s *String) readASN1Int64(out *int64) bool { + var bytes String + if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) || !asn1Signed(out, bytes) { + return false + } + return true +} + +func asn1Signed(out *int64, n []byte) bool { + length := len(n) + if length > 8 { + return false + } + for i := 0; i < length; i++ { + *out <<= 8 + *out |= int64(n[i]) + } + // Shift up and down in order to sign extend the result. + *out <<= 64 - uint8(length)*8 + *out >>= 64 - uint8(length)*8 + return true +} + +func (s *String) readASN1Uint64(out *uint64) bool { + var bytes String + if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) || !asn1Unsigned(out, bytes) { + return false + } + return true +} + +func asn1Unsigned(out *uint64, n []byte) bool { + length := len(n) + if length > 9 || length == 9 && n[0] != 0 { + // Too large for uint64. + return false + } + if n[0]&0x80 != 0 { + // Negative number. + return false + } + for i := 0; i < length; i++ { + *out <<= 8 + *out |= uint64(n[i]) + } + return true +} + +// ReadASN1Int64WithTag decodes an ASN.1 INTEGER with the given tag into out +// and advances. It reports whether the read was successful and resulted in a +// value that can be represented in an int64. +func (s *String) ReadASN1Int64WithTag(out *int64, tag asn1.Tag) bool { + var bytes String + return s.ReadASN1(&bytes, tag) && checkASN1Integer(bytes) && asn1Signed(out, bytes) +} + +// ReadASN1Enum decodes an ASN.1 ENUMERATION into out and advances. It reports +// whether the read was successful. +func (s *String) ReadASN1Enum(out *int) bool { + var bytes String + var i int64 + if !s.ReadASN1(&bytes, asn1.ENUM) || !checkASN1Integer(bytes) || !asn1Signed(&i, bytes) { + return false + } + if int64(int(i)) != i { + return false + } + *out = int(i) + return true +} + +func (s *String) readBase128Int(out *int) bool { + ret := 0 + for i := 0; len(*s) > 0; i++ { + if i == 4 { + return false + } + ret <<= 7 + b := s.read(1)[0] + ret |= int(b & 0x7f) + if b&0x80 == 0 { + *out = ret + return true + } + } + return false // truncated +} + +// ReadASN1ObjectIdentifier decodes an ASN.1 OBJECT IDENTIFIER into out and +// advances. It reports whether the read was successful. +func (s *String) ReadASN1ObjectIdentifier(out *encoding_asn1.ObjectIdentifier) bool { + var bytes String + if !s.ReadASN1(&bytes, asn1.OBJECT_IDENTIFIER) || len(bytes) == 0 { + return false + } + + // In the worst case, we get two elements from the first byte (which is + // encoded differently) and then every varint is a single byte long. + components := make([]int, len(bytes)+1) + + // The first varint is 40*value1 + value2: + // According to this packing, value1 can take the values 0, 1 and 2 only. + // When value1 = 0 or value1 = 1, then value2 is <= 39. When value1 = 2, + // then there are no restrictions on value2. + var v int + if !bytes.readBase128Int(&v) { + return false + } + if v < 80 { + components[0] = v / 40 + components[1] = v % 40 + } else { + components[0] = 2 + components[1] = v - 80 + } + + i := 2 + for ; len(bytes) > 0; i++ { + if !bytes.readBase128Int(&v) { + return false + } + components[i] = v + } + *out = components[:i] + return true +} + +// ReadASN1GeneralizedTime decodes an ASN.1 GENERALIZEDTIME into out and +// advances. It reports whether the read was successful. +func (s *String) ReadASN1GeneralizedTime(out *time.Time) bool { + var bytes String + if !s.ReadASN1(&bytes, asn1.GeneralizedTime) { + return false + } + t := string(bytes) + res, err := time.Parse(generalizedTimeFormatStr, t) + if err != nil { + return false + } + if serialized := res.Format(generalizedTimeFormatStr); serialized != t { + return false + } + *out = res + return true +} + +// ReadASN1BitString decodes an ASN.1 BIT STRING into out and advances. +// It reports whether the read was successful. +func (s *String) ReadASN1BitString(out *encoding_asn1.BitString) bool { + var bytes String + if !s.ReadASN1(&bytes, asn1.BIT_STRING) || len(bytes) == 0 || + len(bytes)*8/8 != len(bytes) { + return false + } + + paddingBits := uint8(bytes[0]) + bytes = bytes[1:] + if paddingBits > 7 || + len(bytes) == 0 && paddingBits != 0 || + len(bytes) > 0 && bytes[len(bytes)-1]&(1< 4 || len(*s) < int(2+lenLen) { + return false + } + + lenBytes := String((*s)[2 : 2+lenLen]) + if !lenBytes.readUnsigned(&len32, int(lenLen)) { + return false + } + + // ITU-T X.690 section 10.1 (DER length forms) requires encoding the length + // with the minimum number of octets. + if len32 < 128 { + // Length should have used short-form encoding. + return false + } + if len32>>((lenLen-1)*8) == 0 { + // Leading octet is 0. Length should have been at least one byte shorter. + return false + } + + headerLen = 2 + uint32(lenLen) + if headerLen+len32 < len32 { + // Overflow. + return false + } + length = headerLen + len32 + } + + if int(length) < 0 || !s.ReadBytes((*[]byte)(out), int(length)) { + return false + } + if skipHeader && !out.Skip(int(headerLen)) { + panic("cryptobyte: internal error") + } + + return true +} diff --git a/vendor/github.com/zmap/zcrypto/cryptobyte/asn1/asn1.go b/vendor/github.com/zmap/zcrypto/cryptobyte/asn1/asn1.go new file mode 100644 index 000000000..90ef6a241 --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/cryptobyte/asn1/asn1.go @@ -0,0 +1,46 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package asn1 contains supporting types for parsing and building ASN.1 +// messages with the cryptobyte package. +package asn1 + +// Tag represents an ASN.1 identifier octet, consisting of a tag number +// (indicating a type) and class (such as context-specific or constructed). +// +// Methods in the cryptobyte package only support the low-tag-number form, i.e. +// a single identifier octet with bits 7-8 encoding the class and bits 1-6 +// encoding the tag number. +type Tag uint8 + +const ( + classConstructed = 0x20 + classContextSpecific = 0x80 +) + +// Constructed returns t with the constructed class bit set. +func (t Tag) Constructed() Tag { return t | classConstructed } + +// ContextSpecific returns t with the context-specific class bit set. +func (t Tag) ContextSpecific() Tag { return t | classContextSpecific } + +// The following is a list of standard tag and class combinations. +const ( + BOOLEAN = Tag(1) + INTEGER = Tag(2) + BIT_STRING = Tag(3) + OCTET_STRING = Tag(4) + NULL = Tag(5) + OBJECT_IDENTIFIER = Tag(6) + ENUM = Tag(10) + UTF8String = Tag(12) + SEQUENCE = Tag(16 | classConstructed) + SET = Tag(17 | classConstructed) + PrintableString = Tag(19) + T61String = Tag(20) + IA5String = Tag(22) + UTCTime = Tag(23) + GeneralizedTime = Tag(24) + GeneralString = Tag(27) +) diff --git a/vendor/github.com/zmap/zcrypto/cryptobyte/builder.go b/vendor/github.com/zmap/zcrypto/cryptobyte/builder.go new file mode 100644 index 000000000..ca7b1db5c --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/cryptobyte/builder.go @@ -0,0 +1,337 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package cryptobyte + +import ( + "errors" + "fmt" +) + +// A Builder builds byte strings from fixed-length and length-prefixed values. +// Builders either allocate space as needed, or are ‘fixed’, which means that +// they write into a given buffer and produce an error if it's exhausted. +// +// The zero value is a usable Builder that allocates space as needed. +// +// Simple values are marshaled and appended to a Builder using methods on the +// Builder. Length-prefixed values are marshaled by providing a +// BuilderContinuation, which is a function that writes the inner contents of +// the value to a given Builder. See the documentation for BuilderContinuation +// for details. +type Builder struct { + err error + result []byte + fixedSize bool + child *Builder + offset int + pendingLenLen int + pendingIsASN1 bool + inContinuation *bool +} + +// NewBuilder creates a Builder that appends its output to the given buffer. +// Like append(), the slice will be reallocated if its capacity is exceeded. +// Use Bytes to get the final buffer. +func NewBuilder(buffer []byte) *Builder { + return &Builder{ + result: buffer, + } +} + +// NewFixedBuilder creates a Builder that appends its output into the given +// buffer. This builder does not reallocate the output buffer. Writes that +// would exceed the buffer's capacity are treated as an error. +func NewFixedBuilder(buffer []byte) *Builder { + return &Builder{ + result: buffer, + fixedSize: true, + } +} + +// SetError sets the value to be returned as the error from Bytes. Writes +// performed after calling SetError are ignored. +func (b *Builder) SetError(err error) { + b.err = err +} + +// Bytes returns the bytes written by the builder or an error if one has +// occurred during building. +func (b *Builder) Bytes() ([]byte, error) { + if b.err != nil { + return nil, b.err + } + return b.result[b.offset:], nil +} + +// BytesOrPanic returns the bytes written by the builder or panics if an error +// has occurred during building. +func (b *Builder) BytesOrPanic() []byte { + if b.err != nil { + panic(b.err) + } + return b.result[b.offset:] +} + +// AddUint8 appends an 8-bit value to the byte string. +func (b *Builder) AddUint8(v uint8) { + b.add(byte(v)) +} + +// AddUint16 appends a big-endian, 16-bit value to the byte string. +func (b *Builder) AddUint16(v uint16) { + b.add(byte(v>>8), byte(v)) +} + +// AddUint24 appends a big-endian, 24-bit value to the byte string. The highest +// byte of the 32-bit input value is silently truncated. +func (b *Builder) AddUint24(v uint32) { + b.add(byte(v>>16), byte(v>>8), byte(v)) +} + +// AddUint32 appends a big-endian, 32-bit value to the byte string. +func (b *Builder) AddUint32(v uint32) { + b.add(byte(v>>24), byte(v>>16), byte(v>>8), byte(v)) +} + +// AddBytes appends a sequence of bytes to the byte string. +func (b *Builder) AddBytes(v []byte) { + b.add(v...) +} + +// BuilderContinuation is a continuation-passing interface for building +// length-prefixed byte sequences. Builder methods for length-prefixed +// sequences (AddUint8LengthPrefixed etc) will invoke the BuilderContinuation +// supplied to them. The child builder passed to the continuation can be used +// to build the content of the length-prefixed sequence. For example: +// +// parent := cryptobyte.NewBuilder() +// parent.AddUint8LengthPrefixed(func (child *Builder) { +// child.AddUint8(42) +// child.AddUint8LengthPrefixed(func (grandchild *Builder) { +// grandchild.AddUint8(5) +// }) +// }) +// +// It is an error to write more bytes to the child than allowed by the reserved +// length prefix. After the continuation returns, the child must be considered +// invalid, i.e. users must not store any copies or references of the child +// that outlive the continuation. +// +// If the continuation panics with a value of type BuildError then the inner +// error will be returned as the error from Bytes. If the child panics +// otherwise then Bytes will repanic with the same value. +type BuilderContinuation func(child *Builder) + +// BuildError wraps an error. If a BuilderContinuation panics with this value, +// the panic will be recovered and the inner error will be returned from +// Builder.Bytes. +type BuildError struct { + Err error +} + +// AddUint8LengthPrefixed adds a 8-bit length-prefixed byte sequence. +func (b *Builder) AddUint8LengthPrefixed(f BuilderContinuation) { + b.addLengthPrefixed(1, false, f) +} + +// AddUint16LengthPrefixed adds a big-endian, 16-bit length-prefixed byte sequence. +func (b *Builder) AddUint16LengthPrefixed(f BuilderContinuation) { + b.addLengthPrefixed(2, false, f) +} + +// AddUint24LengthPrefixed adds a big-endian, 24-bit length-prefixed byte sequence. +func (b *Builder) AddUint24LengthPrefixed(f BuilderContinuation) { + b.addLengthPrefixed(3, false, f) +} + +// AddUint32LengthPrefixed adds a big-endian, 32-bit length-prefixed byte sequence. +func (b *Builder) AddUint32LengthPrefixed(f BuilderContinuation) { + b.addLengthPrefixed(4, false, f) +} + +func (b *Builder) callContinuation(f BuilderContinuation, arg *Builder) { + if !*b.inContinuation { + *b.inContinuation = true + + defer func() { + *b.inContinuation = false + + r := recover() + if r == nil { + return + } + + if buildError, ok := r.(BuildError); ok { + b.err = buildError.Err + } else { + panic(r) + } + }() + } + + f(arg) +} + +func (b *Builder) addLengthPrefixed(lenLen int, isASN1 bool, f BuilderContinuation) { + // Subsequent writes can be ignored if the builder has encountered an error. + if b.err != nil { + return + } + + offset := len(b.result) + b.add(make([]byte, lenLen)...) + + if b.inContinuation == nil { + b.inContinuation = new(bool) + } + + b.child = &Builder{ + result: b.result, + fixedSize: b.fixedSize, + offset: offset, + pendingLenLen: lenLen, + pendingIsASN1: isASN1, + inContinuation: b.inContinuation, + } + + b.callContinuation(f, b.child) + b.flushChild() + if b.child != nil { + panic("cryptobyte: internal error") + } +} + +func (b *Builder) flushChild() { + if b.child == nil { + return + } + b.child.flushChild() + child := b.child + b.child = nil + + if child.err != nil { + b.err = child.err + return + } + + length := len(child.result) - child.pendingLenLen - child.offset + + if length < 0 { + panic("cryptobyte: internal error") // result unexpectedly shrunk + } + + if child.pendingIsASN1 { + // For ASN.1, we reserved a single byte for the length. If that turned out + // to be incorrect, we have to move the contents along in order to make + // space. + if child.pendingLenLen != 1 { + panic("cryptobyte: internal error") + } + var lenLen, lenByte uint8 + if int64(length) > 0xfffffffe { + b.err = errors.New("pending ASN.1 child too long") + return + } else if length > 0xffffff { + lenLen = 5 + lenByte = 0x80 | 4 + } else if length > 0xffff { + lenLen = 4 + lenByte = 0x80 | 3 + } else if length > 0xff { + lenLen = 3 + lenByte = 0x80 | 2 + } else if length > 0x7f { + lenLen = 2 + lenByte = 0x80 | 1 + } else { + lenLen = 1 + lenByte = uint8(length) + length = 0 + } + + // Insert the initial length byte, make space for successive length bytes, + // and adjust the offset. + child.result[child.offset] = lenByte + extraBytes := int(lenLen - 1) + if extraBytes != 0 { + child.add(make([]byte, extraBytes)...) + childStart := child.offset + child.pendingLenLen + copy(child.result[childStart+extraBytes:], child.result[childStart:]) + } + child.offset++ + child.pendingLenLen = extraBytes + } + + l := length + for i := child.pendingLenLen - 1; i >= 0; i-- { + child.result[child.offset+i] = uint8(l) + l >>= 8 + } + if l != 0 { + b.err = fmt.Errorf("cryptobyte: pending child length %d exceeds %d-byte length prefix", length, child.pendingLenLen) + return + } + + if b.fixedSize && &b.result[0] != &child.result[0] { + panic("cryptobyte: BuilderContinuation reallocated a fixed-size buffer") + } + + b.result = child.result +} + +func (b *Builder) add(bytes ...byte) { + if b.err != nil { + return + } + if b.child != nil { + panic("cryptobyte: attempted write while child is pending") + } + if len(b.result)+len(bytes) < len(bytes) { + b.err = errors.New("cryptobyte: length overflow") + } + if b.fixedSize && len(b.result)+len(bytes) > cap(b.result) { + b.err = errors.New("cryptobyte: Builder is exceeding its fixed-size buffer") + return + } + b.result = append(b.result, bytes...) +} + +// Unwrite rolls back n bytes written directly to the Builder. An attempt by a +// child builder passed to a continuation to unwrite bytes from its parent will +// panic. +func (b *Builder) Unwrite(n int) { + if b.err != nil { + return + } + if b.child != nil { + panic("cryptobyte: attempted unwrite while child is pending") + } + length := len(b.result) - b.pendingLenLen - b.offset + if length < 0 { + panic("cryptobyte: internal error") + } + if n > length { + panic("cryptobyte: attempted to unwrite more than was written") + } + b.result = b.result[:len(b.result)-n] +} + +// A MarshalingValue marshals itself into a Builder. +type MarshalingValue interface { + // Marshal is called by Builder.AddValue. It receives a pointer to a builder + // to marshal itself into. It may return an error that occurred during + // marshaling, such as unset or invalid values. + Marshal(b *Builder) error +} + +// AddValue calls Marshal on v, passing a pointer to the builder to append to. +// If Marshal returns an error, it is set on the Builder so that subsequent +// appends don't have an effect. +func (b *Builder) AddValue(v MarshalingValue) { + err := v.Marshal(b) + if err != nil { + b.err = err + } +} diff --git a/vendor/github.com/zmap/zcrypto/cryptobyte/string.go b/vendor/github.com/zmap/zcrypto/cryptobyte/string.go new file mode 100644 index 000000000..a3ecf6382 --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/cryptobyte/string.go @@ -0,0 +1,161 @@ +// Copyright 2017 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package cryptobyte contains types that help with parsing and constructing +// length-prefixed, binary messages, including ASN.1 DER. (The asn1 subpackage +// contains useful ASN.1 constants.) +// +// The String type is for parsing. It wraps a []byte slice and provides helper +// functions for consuming structures, value by value. +// +// The Builder type is for constructing messages. It providers helper functions +// for appending values and also for appending length-prefixed submessages – +// without having to worry about calculating the length prefix ahead of time. +// +// See the documentation and examples for the Builder and String types to get +// started. +package cryptobyte + +// String represents a string of bytes. It provides methods for parsing +// fixed-length and length-prefixed values from it. +type String []byte + +// read advances a String by n bytes and returns them. If less than n bytes +// remain, it returns nil. +func (s *String) read(n int) []byte { + if len(*s) < n || n < 0 { + return nil + } + v := (*s)[:n] + *s = (*s)[n:] + return v +} + +// Skip advances the String by n byte and reports whether it was successful. +func (s *String) Skip(n int) bool { + return s.read(n) != nil +} + +// ReadUint8 decodes an 8-bit value into out and advances over it. +// It reports whether the read was successful. +func (s *String) ReadUint8(out *uint8) bool { + v := s.read(1) + if v == nil { + return false + } + *out = uint8(v[0]) + return true +} + +// ReadUint16 decodes a big-endian, 16-bit value into out and advances over it. +// It reports whether the read was successful. +func (s *String) ReadUint16(out *uint16) bool { + v := s.read(2) + if v == nil { + return false + } + *out = uint16(v[0])<<8 | uint16(v[1]) + return true +} + +// ReadUint24 decodes a big-endian, 24-bit value into out and advances over it. +// It reports whether the read was successful. +func (s *String) ReadUint24(out *uint32) bool { + v := s.read(3) + if v == nil { + return false + } + *out = uint32(v[0])<<16 | uint32(v[1])<<8 | uint32(v[2]) + return true +} + +// ReadUint32 decodes a big-endian, 32-bit value into out and advances over it. +// It reports whether the read was successful. +func (s *String) ReadUint32(out *uint32) bool { + v := s.read(4) + if v == nil { + return false + } + *out = uint32(v[0])<<24 | uint32(v[1])<<16 | uint32(v[2])<<8 | uint32(v[3]) + return true +} + +func (s *String) readUnsigned(out *uint32, length int) bool { + v := s.read(length) + if v == nil { + return false + } + var result uint32 + for i := 0; i < length; i++ { + result <<= 8 + result |= uint32(v[i]) + } + *out = result + return true +} + +func (s *String) readLengthPrefixed(lenLen int, outChild *String) bool { + lenBytes := s.read(lenLen) + if lenBytes == nil { + return false + } + var length uint32 + for _, b := range lenBytes { + length = length << 8 + length = length | uint32(b) + } + v := s.read(int(length)) + if v == nil { + return false + } + *outChild = v + return true +} + +// ReadUint8LengthPrefixed reads the content of an 8-bit length-prefixed value +// into out and advances over it. It reports whether the read was successful. +func (s *String) ReadUint8LengthPrefixed(out *String) bool { + return s.readLengthPrefixed(1, out) +} + +// ReadUint16LengthPrefixed reads the content of a big-endian, 16-bit +// length-prefixed value into out and advances over it. It reports whether the +// read was successful. +func (s *String) ReadUint16LengthPrefixed(out *String) bool { + return s.readLengthPrefixed(2, out) +} + +// ReadUint24LengthPrefixed reads the content of a big-endian, 24-bit +// length-prefixed value into out and advances over it. It reports whether +// the read was successful. +func (s *String) ReadUint24LengthPrefixed(out *String) bool { + return s.readLengthPrefixed(3, out) +} + +// ReadBytes reads n bytes into out and advances over them. It reports +// whether the read was successful. +func (s *String) ReadBytes(out *[]byte, n int) bool { + v := s.read(n) + if v == nil { + return false + } + *out = v + return true +} + +// CopyBytes copies len(out) bytes into out and advances over them. It reports +// whether the copy operation was successful +func (s *String) CopyBytes(out []byte) bool { + n := len(out) + v := s.read(n) + if v == nil { + return false + } + return copy(out, v) == n +} + +// Empty reports whether the string does not contain any bytes. +func (s String) Empty() bool { + return len(s) == 0 +} diff --git a/vendor/github.com/zmap/zcrypto/encoding/asn1/README.md b/vendor/github.com/zmap/zcrypto/encoding/asn1/README.md new file mode 100644 index 000000000..41d78f3fe --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/encoding/asn1/README.md @@ -0,0 +1 @@ +Forked from standard "encoding/asn1" to allow more permissive decoding \ No newline at end of file diff --git a/vendor/github.com/zmap/zcrypto/encoding/asn1/asn1.go b/vendor/github.com/zmap/zcrypto/encoding/asn1/asn1.go new file mode 100644 index 000000000..87b9eddb3 --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/encoding/asn1/asn1.go @@ -0,0 +1,1146 @@ +// Copyright 2009 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// Package asn1 implements parsing of DER-encoded ASN.1 data structures, +// as defined in ITU-T Rec X.690. +// +// See also ``A Layman's Guide to a Subset of ASN.1, BER, and DER,'' +// http://luca.ntop.org/Teaching/Appunti/asn1.html. +package asn1 + +// ASN.1 is a syntax for specifying abstract objects and BER, DER, PER, XER etc +// are different encoding formats for those objects. Here, we'll be dealing +// with DER, the Distinguished Encoding Rules. DER is used in X.509 because +// it's fast to parse and, unlike BER, has a unique encoding for every object. +// When calculating hashes over objects, it's important that the resulting +// bytes be the same at both ends and DER removes this margin of error. +// +// ASN.1 is very complex and this package doesn't attempt to implement +// everything by any means. + +import ( + "errors" + "fmt" + "math" + "math/big" + "reflect" + "strconv" + "time" + "unicode/utf16" + "unicode/utf8" +) + +// AllowPermissiveParsing is a custom ZCrypto option to allow permissive parsing for X509 certificates +var AllowPermissiveParsing = false + +// A StructuralError suggests that the ASN.1 data is valid, but the Go type +// which is receiving it doesn't match. +type StructuralError struct { + Msg string +} + +func (e StructuralError) Error() string { return "asn1: structure error: " + e.Msg } + +// A SyntaxError suggests that the ASN.1 data is invalid. +type SyntaxError struct { + Msg string +} + +func (e SyntaxError) Error() string { return "asn1: syntax error: " + e.Msg } + +// We start by dealing with each of the primitive types in turn. + +// BOOLEAN + +func parseBool(bytes []byte) (ret bool, err error) { + if len(bytes) != 1 { + err = SyntaxError{"invalid boolean"} + return + } + + // DER demands that "If the encoding represents the boolean value TRUE, + // its single contents octet shall have all eight bits set to one." + // Thus only 0 and 255 are valid encoded values. + switch bytes[0] { + case 0: + ret = false + case 0xff: + ret = true + default: + err = SyntaxError{"invalid boolean"} + } + + return +} + +// INTEGER + +// checkInteger returns nil if the given bytes are a valid DER-encoded +// INTEGER and an error otherwise. +func checkInteger(bytes []byte) error { + if len(bytes) == 0 { + return StructuralError{"empty integer"} + } + if len(bytes) == 1 { + return nil + } + if !AllowPermissiveParsing { + if (bytes[0] == 0 && bytes[1]&0x80 == 0) || (bytes[0] == 0xff && bytes[1]&0x80 == 0x80) { + return StructuralError{"integer not minimally-encoded"} + } + } + return nil +} + +// parseInt64 treats the given bytes as a big-endian, signed integer and +// returns the result. +func parseInt64(bytes []byte) (ret int64, err error) { + err = checkInteger(bytes) + if err != nil { + return + } + if len(bytes) > 8 { + // We'll overflow an int64 in this case. + err = StructuralError{"integer too large"} + return + } + for bytesRead := 0; bytesRead < len(bytes); bytesRead++ { + ret <<= 8 + ret |= int64(bytes[bytesRead]) + } + + // Shift up and down in order to sign extend the result. + ret <<= 64 - uint8(len(bytes))*8 + ret >>= 64 - uint8(len(bytes))*8 + return +} + +// parseInt treats the given bytes as a big-endian, signed integer and returns +// the result. +func parseInt32(bytes []byte) (int32, error) { + if err := checkInteger(bytes); err != nil { + return 0, err + } + ret64, err := parseInt64(bytes) + if err != nil { + return 0, err + } + if ret64 != int64(int32(ret64)) { + return 0, StructuralError{"integer too large"} + } + return int32(ret64), nil +} + +var bigOne = big.NewInt(1) + +// parseBigInt treats the given bytes as a big-endian, signed integer and returns +// the result. +func parseBigInt(bytes []byte) (*big.Int, error) { + if err := checkInteger(bytes); err != nil { + return nil, err + } + ret := new(big.Int) + if len(bytes) > 0 && bytes[0]&0x80 == 0x80 { + // This is a negative number. + notBytes := make([]byte, len(bytes)) + for i := range notBytes { + notBytes[i] = ^bytes[i] + } + ret.SetBytes(notBytes) + ret.Add(ret, bigOne) + ret.Neg(ret) + return ret, nil + } + ret.SetBytes(bytes) + return ret, nil +} + +// BIT STRING + +// BitString is the structure to use when you want an ASN.1 BIT STRING type. A +// bit string is padded up to the nearest byte in memory and the number of +// valid bits is recorded. Padding bits will be zero. +type BitString struct { + Bytes []byte // bits packed into bytes. + BitLength int // length in bits. +} + +// At returns the bit at the given index. If the index is out of range it +// returns false. +func (b BitString) At(i int) int { + if i < 0 || i >= b.BitLength { + return 0 + } + x := i / 8 + y := 7 - uint(i%8) + return int(b.Bytes[x]>>y) & 1 +} + +// RightAlign returns a slice where the padding bits are at the beginning. The +// slice may share memory with the BitString. +func (b BitString) RightAlign() []byte { + shift := uint(8 - (b.BitLength % 8)) + if shift == 8 || len(b.Bytes) == 0 { + return b.Bytes + } + + a := make([]byte, len(b.Bytes)) + a[0] = b.Bytes[0] >> shift + for i := 1; i < len(b.Bytes); i++ { + a[i] = b.Bytes[i-1] << (8 - shift) + a[i] |= b.Bytes[i] >> shift + } + + return a +} + +// parseBitString parses an ASN.1 bit string from the given byte slice and returns it. +func parseBitString(bytes []byte) (ret BitString, err error) { + if len(bytes) == 0 { + err = SyntaxError{"zero length BIT STRING"} + return + } + paddingBits := int(bytes[0]) + if paddingBits > 7 || + len(bytes) == 1 && paddingBits > 0 || + bytes[len(bytes)-1]&((1< 0 { + s += "." + } + s += strconv.Itoa(v) + } + + return s +} + +// parseObjectIdentifier parses an OBJECT IDENTIFIER from the given bytes and +// returns it. An object identifier is a sequence of variable length integers +// that are assigned in a hierarchy. +func parseObjectIdentifier(bytes []byte) (s ObjectIdentifier, err error) { + if len(bytes) == 0 { + err = SyntaxError{"zero length OBJECT IDENTIFIER"} + return + } + + // In the worst case, we get two elements from the first byte (which is + // encoded differently) and then every varint is a single byte long. + s = make([]int, len(bytes)+1) + + // The first varint is 40*value1 + value2: + // According to this packing, value1 can take the values 0, 1 and 2 only. + // When value1 = 0 or value1 = 1, then value2 is <= 39. When value1 = 2, + // then there are no restrictions on value2. + v, offset, err := parseBase128Int(bytes, 0) + if err != nil { + return + } + if v < 80 { + s[0] = v / 40 + s[1] = v % 40 + } else { + s[0] = 2 + s[1] = v - 80 + } + + i := 2 + for ; offset < len(bytes); i++ { + v, offset, err = parseBase128Int(bytes, offset) + if err != nil { + return + } + s[i] = v + } + s = s[0:i] + return +} + +// ENUMERATED + +// An Enumerated is represented as a plain int. +type Enumerated int + +// FLAG + +// A Flag accepts any data and is set to true if present. +type Flag bool + +// parseBase128Int parses a base-128 encoded int from the given offset in the +// given byte slice. It returns the value and the new offset. +func parseBase128Int(bytes []byte, initOffset int) (ret, offset int, err error) { + offset = initOffset + var ret64 int64 + for shifted := 0; offset < len(bytes); shifted++ { + // 5 * 7 bits per byte == 35 bits of data + // Thus the representation is either non-minimal or too large for an int32 + if shifted == 5 { + err = StructuralError{"base 128 integer too large"} + return + } + ret64 <<= 7 + b := bytes[offset] + // integers should be minimally encoded, so the leading octet should + // never be 0x80 + if shifted == 0 && b == 0x80 { + err = SyntaxError{"integer is not minimally encoded"} + return + } + ret64 |= int64(b & 0x7f) + offset++ + if b&0x80 == 0 { + ret = int(ret64) + // Ensure that the returned value fits in an int on all platforms + if ret64 > math.MaxInt32 { + err = StructuralError{"base 128 integer too large"} + } + return + } + } + err = SyntaxError{"truncated base 128 integer"} + return +} + +// UTCTime + +func parseUTCTime(bytes []byte) (ret time.Time, err error) { + s := string(bytes) + + formatStr := "0601021504Z0700" + ret, err = time.Parse(formatStr, s) + if err != nil { + formatStr = "060102150405Z0700" + ret, err = time.Parse(formatStr, s) + } + if err != nil { + return + } + + // ZCrypto: Allow to parse + if !AllowPermissiveParsing { + if serialized := ret.Format(formatStr); serialized != s { + err = fmt.Errorf("asn1: time did not serialize back to the original value and may be invalid: given %q, but serialized as %q", s, serialized) + return + } + } + + if ret.Year() >= 2050 { + // UTCTime only encodes times prior to 2050. See https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 + ret = ret.AddDate(-100, 0, 0) + } + + return +} + +// parseGeneralizedTime parses the GeneralizedTime from the given byte slice +// and returns the resulting time. +func parseGeneralizedTime(bytes []byte) (ret time.Time, err error) { + const formatStr = "20060102150405Z0700" + s := string(bytes) + + if ret, err = time.Parse(formatStr, s); err != nil { + return + } + + // ZCrypto: Allow to parse + if !AllowPermissiveParsing { + if serialized := ret.Format(formatStr); serialized != s { + err = fmt.Errorf("asn1: time did not serialize back to the original value and may be invalid: given %q, but serialized as %q", s, serialized) + } + } + return +} + +// NumericString + +// parseNumericString parses an ASN.1 NumericString from the given byte array +// and returns it. +func parseNumericString(bytes []byte) (ret string, err error) { + if !AllowPermissiveParsing { + for _, b := range bytes { + if !isNumeric(b) { + return "", SyntaxError{"NumericString contains invalid character"} + } + } + } + return string(bytes), nil +} + +// isNumeric reports whether the given b is in the ASN.1 NumericString set. +func isNumeric(b byte) bool { + return '0' <= b && b <= '9' || + b == ' ' +} + +// PrintableString + +// parsePrintableString parses an ASN.1 PrintableString from the given byte +// array and returns it. +func parsePrintableString(bytes []byte) (ret string, err error) { + // ZCrypto: allow to parse some non-printable characters + if !AllowPermissiveParsing { + for _, b := range bytes { + if !isPrintable(b, allowAsterisk, allowAmpersand) { + err = SyntaxError{"PrintableString contains invalid character"} + return + } + } + } + ret = string(bytes) + return +} + +type asteriskFlag bool +type ampersandFlag bool + +const ( + allowAsterisk asteriskFlag = true + rejectAsterisk asteriskFlag = false + + allowAmpersand ampersandFlag = true + rejectAmpersand ampersandFlag = false +) + +// isPrintable reports whether the given b is in the ASN.1 PrintableString set. +// If asterisk is allowAsterisk then '*' is also allowed, reflecting existing +// practice. If ampersand is allowAmpersand then '&' is allowed as well. +func isPrintable(b byte, asterisk asteriskFlag, ampersand ampersandFlag) bool { + return 'a' <= b && b <= 'z' || + 'A' <= b && b <= 'Z' || + '0' <= b && b <= '9' || + '\'' <= b && b <= ')' || + '+' <= b && b <= '/' || + b == ' ' || + b == ':' || + b == '=' || + b == '?' || + // This is technically not allowed in a PrintableString. + // However, x509 certificates with wildcard strings don't + // always use the correct string type so we permit it. + (bool(asterisk) && b == '*') || + // This is not technically allowed either. However, not + // only is it relatively common, but there are also a + // handful of CA certificates that contain it. At least + // one of which will not expire until 2027. + (bool(ampersand) && b == '&') +} + +// IA5String + +// parseIA5String parses an ASN.1 IA5String (ASCII string) from the given +// byte slice and returns it. +func parseIA5String(bytes []byte) (ret string, err error) { + if !AllowPermissiveParsing { + for _, b := range bytes { + if b >= utf8.RuneSelf { + err = SyntaxError{"IA5String contains invalid character"} + return + } + } + } + ret = string(bytes) + return +} + +// T61String + +// parseT61String parses an ASN.1 T61String (8-bit clean string) from the given +// byte slice and returns it. +func parseT61String(bytes []byte) (ret string, err error) { + return string(bytes), nil +} + +// UTF8String + +// parseUTF8String parses an ASN.1 UTF8String (raw UTF-8) from the given byte +// array and returns it. +func parseUTF8String(bytes []byte) (ret string, err error) { + if !utf8.Valid(bytes) { + if !AllowPermissiveParsing { + return "", errors.New("asn1: invalid UTF-8 string") + } + } + return string(bytes), nil +} + +// BMPString + +// parseBMPString parses an ASN.1 BMPString (Basic Multilingual Plane of +// ISO/IEC/ITU 10646-1) from the given byte slice and returns it. +func parseBMPString(bmpString []byte) (string, error) { + if len(bmpString)%2 != 0 { + return "", errors.New("pkcs12: odd-length BMP string") + } + + // Strip terminator if present. + if l := len(bmpString); l >= 2 && bmpString[l-1] == 0 && bmpString[l-2] == 0 { + bmpString = bmpString[:l-2] + } + + s := make([]uint16, 0, len(bmpString)/2) + for len(bmpString) > 0 { + s = append(s, uint16(bmpString[0])<<8+uint16(bmpString[1])) + bmpString = bmpString[2:] + } + + return string(utf16.Decode(s)), nil +} + +// A RawValue represents an undecoded ASN.1 object. +type RawValue struct { + Class, Tag int + IsCompound bool + Bytes []byte + FullBytes []byte // includes the tag and length +} + +// RawContent is used to signal that the undecoded, DER data needs to be +// preserved for a struct. To use it, the first field of the struct must have +// this type. It's an error for any of the other fields to have this type. +type RawContent []byte + +// Tagging + +// parseTagAndLength parses an ASN.1 tag and length pair from the given offset +// into a byte slice. It returns the parsed data and the new offset. SET and +// SET OF (tag 17) are mapped to SEQUENCE and SEQUENCE OF (tag 16) since we +// don't distinguish between ordered and unordered objects in this code. +func parseTagAndLength(bytes []byte, initOffset int) (ret tagAndLength, offset int, err error) { + offset = initOffset + // parseTagAndLength should not be called without at least a single + // byte to read. Thus this check is for robustness: + if offset >= len(bytes) { + err = errors.New("asn1: internal error in parseTagAndLength") + return + } + b := bytes[offset] + offset++ + ret.class = int(b >> 6) + ret.isCompound = b&0x20 == 0x20 + ret.tag = int(b & 0x1f) + + // If the bottom five bits are set, then the tag number is actually base 128 + // encoded afterwards + if ret.tag == 0x1f { + ret.tag, offset, err = parseBase128Int(bytes, offset) + if err != nil { + return + } + // Tags should be encoded in minimal form. + if ret.tag < 0x1f { + err = SyntaxError{"non-minimal tag"} + return + } + } + if offset >= len(bytes) { + err = SyntaxError{"truncated tag or length"} + return + } + b = bytes[offset] + offset++ + if b&0x80 == 0 { + // The length is encoded in the bottom 7 bits. + ret.length = int(b & 0x7f) + } else { + // Bottom 7 bits give the number of length bytes to follow. + numBytes := int(b & 0x7f) + if numBytes == 0 { + err = SyntaxError{"indefinite length found (not DER)"} + return + } + ret.length = 0 + for i := 0; i < numBytes; i++ { + if offset >= len(bytes) { + err = SyntaxError{"truncated tag or length"} + return + } + b = bytes[offset] + offset++ + if ret.length >= 1<<23 { + // We can't shift ret.length up without + // overflowing. + err = StructuralError{"length too large"} + return + } + ret.length <<= 8 + ret.length |= int(b) + if ret.length == 0 { + // DER requires that lengths be minimal. + err = StructuralError{"superfluous leading zeros in length"} + return + } + } + + if !AllowPermissiveParsing { + // Short lengths must be encoded in short form. + if ret.length < 0x80 { + err = StructuralError{"non-minimal length"} + return + } + } + } + + return +} + +// parseSequenceOf is used for SEQUENCE OF and SET OF values. It tries to parse +// a number of ASN.1 values from the given byte slice and returns them as a +// slice of Go values of the given type. +func parseSequenceOf(bytes []byte, sliceType reflect.Type, elemType reflect.Type) (ret reflect.Value, err error) { + matchAny, expectedTag, compoundType, ok := getUniversalType(elemType) + if !ok { + err = StructuralError{"unknown Go type for slice"} + return + } + + // First we iterate over the input and count the number of elements, + // checking that the types are correct in each case. + numElements := 0 + for offset := 0; offset < len(bytes); { + var t tagAndLength + t, offset, err = parseTagAndLength(bytes, offset) + if err != nil { + return + } + switch t.tag { + case TagIA5String, TagGeneralString, TagT61String, TagUTF8String, TagNumericString, TagBMPString: + // We pretend that various other string types are + // PRINTABLE STRINGs so that a sequence of them can be + // parsed into a []string. + t.tag = TagPrintableString + case TagGeneralizedTime, TagUTCTime: + // Likewise, both time types are treated the same. + t.tag = TagUTCTime + } + + if !matchAny && (t.class != ClassUniversal || t.isCompound != compoundType || t.tag != expectedTag) { + err = StructuralError{"sequence tag mismatch"} + return + } + if invalidLength(offset, t.length, len(bytes)) { + err = SyntaxError{"truncated sequence"} + return + } + offset += t.length + numElements++ + } + ret = reflect.MakeSlice(sliceType, numElements, numElements) + params := fieldParameters{} + offset := 0 + for i := 0; i < numElements; i++ { + offset, err = parseField(ret.Index(i), bytes, offset, params) + if err != nil { + return + } + } + return +} + +var ( + bitStringType = reflect.TypeOf(BitString{}) + objectIdentifierType = reflect.TypeOf(ObjectIdentifier{}) + enumeratedType = reflect.TypeOf(Enumerated(0)) + flagType = reflect.TypeOf(Flag(false)) + timeType = reflect.TypeOf(time.Time{}) + rawValueType = reflect.TypeOf(RawValue{}) + rawContentsType = reflect.TypeOf(RawContent(nil)) + bigIntType = reflect.TypeOf(new(big.Int)) +) + +// invalidLength reports whether offset + length > sliceLength, or if the +// addition would overflow. +func invalidLength(offset, length, sliceLength int) bool { + return offset+length < offset || offset+length > sliceLength +} + +// parseField is the main parsing function. Given a byte slice and an offset +// into the array, it will try to parse a suitable ASN.1 value out and store it +// in the given Value. +func parseField(v reflect.Value, bytes []byte, initOffset int, params fieldParameters) (offset int, err error) { + offset = initOffset + fieldType := v.Type() + + // log.Printf("field: %x\ntype: %v, %s\n\n", bytes, fieldType, v.Type().Name()) + + // If we have run out of data, it may be that there are optional elements at the end. + if offset == len(bytes) { + if !setDefaultValue(v, params) { + err = SyntaxError{"sequence truncated"} + } + return + } + + // Deal with the ANY type. + if ifaceType := fieldType; ifaceType.Kind() == reflect.Interface && ifaceType.NumMethod() == 0 { + var t tagAndLength + t, offset, err = parseTagAndLength(bytes, offset) + if err != nil { + return + } + if invalidLength(offset, t.length, len(bytes)) { + err = SyntaxError{"data truncated"} + return + } + var result interface{} + if !t.isCompound && t.class == ClassUniversal { + innerBytes := bytes[offset : offset+t.length] + switch t.tag { + case TagPrintableString: + result, err = parsePrintableString(innerBytes) + case TagNumericString: + result, err = parseNumericString(innerBytes) + case TagIA5String: + result, err = parseIA5String(innerBytes) + case TagT61String: + result, err = parseT61String(innerBytes) + case TagUTF8String: + result, err = parseUTF8String(innerBytes) + case TagInteger: + result, err = parseInt64(innerBytes) + case TagBitString: + result, err = parseBitString(innerBytes) + case TagOID: + result, err = parseObjectIdentifier(innerBytes) + case TagUTCTime: + result, err = parseUTCTime(innerBytes) + case TagGeneralizedTime: + result, err = parseGeneralizedTime(innerBytes) + case TagOctetString: + result = innerBytes + case TagBMPString: + result, err = parseBMPString(innerBytes) + default: + // If we don't know how to handle the type, we just leave Value as nil. + } + } + offset += t.length + if err != nil { + return + } + if result != nil { + v.Set(reflect.ValueOf(result)) + } + return + } + + t, offset, err := parseTagAndLength(bytes, offset) + if err != nil { + return + } + if params.explicit { + expectedClass := ClassContextSpecific + if params.application { + expectedClass = ClassApplication + } + if offset == len(bytes) { + err = StructuralError{"explicit tag has no child"} + return + } + if t.class == expectedClass && t.tag == *params.tag && (t.length == 0 || t.isCompound) { + if fieldType == rawValueType { + // The inner element should not be parsed for RawValues. + } else if t.length > 0 { + t, offset, err = parseTagAndLength(bytes, offset) + if err != nil { + return + } + } else { + if fieldType != flagType { + err = StructuralError{"zero length explicit tag was not an asn1.Flag"} + return + } + v.SetBool(true) + return + } + } else { + // The tags didn't match, it might be an optional element. + ok := setDefaultValue(v, params) + if ok { + offset = initOffset + } else { + err = StructuralError{"explicitly tagged member didn't match"} + } + return + } + } + + matchAny, universalTag, compoundType, ok1 := getUniversalType(fieldType) + if !ok1 { + err = StructuralError{fmt.Sprintf("unknown Go type: %v", fieldType)} + return + } + + // Special case for strings: all the ASN.1 string types map to the Go + // type string. getUniversalType returns the tag for PrintableString + // when it sees a string, so if we see a different string type on the + // wire, we change the universal type to match. + if universalTag == TagPrintableString { + if t.class == ClassUniversal { + switch t.tag { + case TagIA5String, TagGeneralString, TagT61String, TagUTF8String, TagNumericString, TagBMPString: + universalTag = t.tag + } + } else if params.stringType != 0 { + universalTag = params.stringType + } + } + + // Special case for time: UTCTime and GeneralizedTime both map to the + // Go type time.Time. + if universalTag == TagUTCTime && t.tag == TagGeneralizedTime && t.class == ClassUniversal { + universalTag = TagGeneralizedTime + } + + if params.set { + universalTag = TagSet + } + + matchAnyClassAndTag := matchAny + expectedClass := ClassUniversal + expectedTag := universalTag + + if !params.explicit && params.tag != nil { + expectedClass = ClassContextSpecific + expectedTag = *params.tag + matchAnyClassAndTag = false + } + + if !params.explicit && params.application && params.tag != nil { + expectedClass = ClassApplication + expectedTag = *params.tag + matchAnyClassAndTag = false + } + + if !params.explicit && params.private && params.tag != nil { + expectedClass = ClassPrivate + expectedTag = *params.tag + matchAnyClassAndTag = false + } + + // We have unwrapped any explicit tagging at this point. + if !matchAnyClassAndTag && (t.class != expectedClass || t.tag != expectedTag) || + (!matchAny && t.isCompound != compoundType) { + // Tags don't match. Again, it could be an optional element. + ok := setDefaultValue(v, params) + if ok { + offset = initOffset + } else { + err = StructuralError{fmt.Sprintf("tags don't match (%d vs %+v) %+v %s @%d", expectedTag, t, params, fieldType.Name(), offset)} + } + return + } + if invalidLength(offset, t.length, len(bytes)) { + err = SyntaxError{"data truncated"} + return + } + innerBytes := bytes[offset : offset+t.length] + offset += t.length + + // We deal with the structures defined in this package first. + switch v := v.Addr().Interface().(type) { + case *RawValue: + *v = RawValue{t.class, t.tag, t.isCompound, innerBytes, bytes[initOffset:offset]} + return + case *ObjectIdentifier: + *v, err = parseObjectIdentifier(innerBytes) + return + case *BitString: + *v, err = parseBitString(innerBytes) + return + case *time.Time: + if universalTag == TagUTCTime { + *v, err = parseUTCTime(innerBytes) + return + } + *v, err = parseGeneralizedTime(innerBytes) + return + case *Enumerated: + parsedInt, err1 := parseInt32(innerBytes) + if err1 == nil { + *v = Enumerated(parsedInt) + } + err = err1 + return + case *Flag: + *v = true + return + case **big.Int: + parsedInt, err1 := parseBigInt(innerBytes) + if err1 == nil { + *v = parsedInt + } + err = err1 + return + } + switch val := v; val.Kind() { + case reflect.Bool: + parsedBool, err1 := parseBool(innerBytes) + if err1 == nil { + val.SetBool(parsedBool) + } + err = err1 + return + case reflect.Int, reflect.Int32, reflect.Int64: + if val.Type().Size() == 4 { + parsedInt, err1 := parseInt32(innerBytes) + if err1 == nil { + val.SetInt(int64(parsedInt)) + } + err = err1 + } else { + parsedInt, err1 := parseInt64(innerBytes) + if err1 == nil { + val.SetInt(parsedInt) + } + err = err1 + } + return + // TODO(dfc) Add support for the remaining integer types + case reflect.Struct: + structType := fieldType + + for i := 0; i < structType.NumField(); i++ { + if structType.Field(i).PkgPath != "" { + err = StructuralError{"struct contains unexported fields"} + return + } + } + + if structType.NumField() > 0 && + structType.Field(0).Type == rawContentsType { + bytes := bytes[initOffset:offset] + val.Field(0).Set(reflect.ValueOf(RawContent(bytes))) + } + + innerOffset := 0 + for i := 0; i < structType.NumField(); i++ { + field := structType.Field(i) + if i == 0 && field.Type == rawContentsType { + continue + } + innerOffset, err = parseField(val.Field(i), innerBytes, innerOffset, parseFieldParameters(field.Tag.Get("asn1"))) + if err != nil { + return + } + } + // We allow extra bytes at the end of the SEQUENCE because + // adding elements to the end has been used in X.509 as the + // version numbers have increased. + return + case reflect.Slice: + sliceType := fieldType + if sliceType.Elem().Kind() == reflect.Uint8 { + val.Set(reflect.MakeSlice(sliceType, len(innerBytes), len(innerBytes))) + reflect.Copy(val, reflect.ValueOf(innerBytes)) + return + } + newSlice, err1 := parseSequenceOf(innerBytes, sliceType, sliceType.Elem()) + if err1 == nil { + val.Set(newSlice) + } + err = err1 + return + case reflect.String: + var v string + switch universalTag { + case TagPrintableString: + v, err = parsePrintableString(innerBytes) + case TagNumericString: + v, err = parseNumericString(innerBytes) + case TagIA5String: + v, err = parseIA5String(innerBytes) + case TagT61String: + v, err = parseT61String(innerBytes) + case TagUTF8String: + v, err = parseUTF8String(innerBytes) + case TagGeneralString: + // GeneralString is specified in ISO-2022/ECMA-35, + // A brief review suggests that it includes structures + // that allow the encoding to change midstring and + // such. We give up and pass it as an 8-bit string. + v, err = parseT61String(innerBytes) + case TagBMPString: + v, err = parseBMPString(innerBytes) + + default: + err = SyntaxError{fmt.Sprintf("internal error: unknown string type %d", universalTag)} + } + if err == nil { + val.SetString(v) + } + return + } + err = StructuralError{"unsupported: " + v.Type().String()} + return +} + +// canHaveDefaultValue reports whether k is a Kind that we will set a default +// value for. (A signed integer, essentially.) +func canHaveDefaultValue(k reflect.Kind) bool { + switch k { + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + return true + } + + return false +} + +// setDefaultValue is used to install a default value, from a tag string, into +// a Value. It is successful if the field was optional, even if a default value +// wasn't provided or it failed to install it into the Value. +func setDefaultValue(v reflect.Value, params fieldParameters) (ok bool) { + if !params.optional { + return + } + ok = true + if params.defaultValue == nil { + return + } + if canHaveDefaultValue(v.Kind()) { + v.SetInt(*params.defaultValue) + } + return +} + +// Unmarshal parses the DER-encoded ASN.1 data structure b +// and uses the reflect package to fill in an arbitrary value pointed at by val. +// Because Unmarshal uses the reflect package, the structs +// being written to must use upper case field names. If val +// is nil or not a pointer, Unmarshal returns an error. +// +// After parsing b, any bytes that were leftover and not used to fill +// val will be returned in rest. When parsing a SEQUENCE into a struct, +// any trailing elements of the SEQUENCE that do not have matching +// fields in val will not be included in rest, as these are considered +// valid elements of the SEQUENCE and not trailing data. +// +// An ASN.1 INTEGER can be written to an int, int32, int64, +// or *big.Int (from the math/big package). +// If the encoded value does not fit in the Go type, +// Unmarshal returns a parse error. +// +// An ASN.1 BIT STRING can be written to a BitString. +// +// An ASN.1 OCTET STRING can be written to a []byte. +// +// An ASN.1 OBJECT IDENTIFIER can be written to an +// ObjectIdentifier. +// +// An ASN.1 ENUMERATED can be written to an Enumerated. +// +// An ASN.1 UTCTIME or GENERALIZEDTIME can be written to a time.Time. +// +// An ASN.1 PrintableString, IA5String, or NumericString can be written to a string. +// +// Any of the above ASN.1 values can be written to an interface{}. +// The value stored in the interface has the corresponding Go type. +// For integers, that type is int64. +// +// An ASN.1 SEQUENCE OF x or SET OF x can be written +// to a slice if an x can be written to the slice's element type. +// +// An ASN.1 SEQUENCE or SET can be written to a struct +// if each of the elements in the sequence can be +// written to the corresponding element in the struct. +// +// The following tags on struct fields have special meaning to Unmarshal: +// +// application specifies that an APPLICATION tag is used +// private specifies that a PRIVATE tag is used +// default:x sets the default value for optional integer fields (only used if optional is also present) +// explicit specifies that an additional, explicit tag wraps the implicit one +// optional marks the field as ASN.1 OPTIONAL +// set causes a SET, rather than a SEQUENCE type to be expected +// tag:x specifies the ASN.1 tag number; implies ASN.1 CONTEXT SPECIFIC +// +// When decoding an ASN.1 value with an IMPLICIT tag into a string field, +// Unmarshal will default to a PrintableString, which doesn't support +// characters such as '@' and '&'. To force other encodings, use the following +// tags: +// +// ia5 causes strings to be unmarshaled as ASN.1 IA5String values +// numeric causes strings to be unmarshaled as ASN.1 NumericString values +// utf8 causes strings to be unmarshaled as ASN.1 UTF8String values +// +// If the type of the first field of a structure is RawContent then the raw +// ASN1 contents of the struct will be stored in it. +// +// If the name of a slice type ends with "SET" then it's treated as if +// the "set" tag was set on it. This results in interpreting the type as a +// SET OF x rather than a SEQUENCE OF x. This can be used with nested slices +// where a struct tag cannot be given. +// +// Other ASN.1 types are not supported; if it encounters them, +// Unmarshal returns a parse error. +func Unmarshal(b []byte, val interface{}) (rest []byte, err error) { + return UnmarshalWithParams(b, val, "") +} + +// An invalidUnmarshalError describes an invalid argument passed to Unmarshal. +// (The argument to Unmarshal must be a non-nil pointer.) +type invalidUnmarshalError struct { + Type reflect.Type +} + +func (e *invalidUnmarshalError) Error() string { + if e.Type == nil { + return "asn1: Unmarshal recipient value is nil" + } + + if e.Type.Kind() != reflect.Ptr { + return "asn1: Unmarshal recipient value is non-pointer " + e.Type.String() + } + return "asn1: Unmarshal recipient value is nil " + e.Type.String() +} + +// UnmarshalWithParams allows field parameters to be specified for the +// top-level element. The form of the params is the same as the field tags. +func UnmarshalWithParams(b []byte, val interface{}, params string) (rest []byte, err error) { + v := reflect.ValueOf(val) + if v.Kind() != reflect.Ptr || v.IsNil() { + return nil, &invalidUnmarshalError{reflect.TypeOf(val)} + } + offset, err := parseField(v.Elem(), b, 0, parseFieldParameters(params)) + if err != nil { + return nil, err + } + return b[offset:], nil +} diff --git a/vendor/github.com/zmap/zcrypto/encoding/asn1/common.go b/vendor/github.com/zmap/zcrypto/encoding/asn1/common.go new file mode 100644 index 000000000..1c712e1ef --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/encoding/asn1/common.go @@ -0,0 +1,192 @@ +// Copyright 2009 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package asn1 + +import ( + "reflect" + "strconv" + "strings" +) + +// ASN.1 objects have metadata preceding them: +// the tag: the type of the object +// a flag denoting if this object is compound or not +// the class type: the namespace of the tag +// the length of the object, in bytes + +// Here are some standard tags and classes + +// ASN.1 tags represent the type of the following object. +const ( + TagBoolean = 1 + TagInteger = 2 + TagBitString = 3 + TagOctetString = 4 + TagNull = 5 + TagOID = 6 + TagEnum = 10 + TagUTF8String = 12 + TagSequence = 16 + TagSet = 17 + TagNumericString = 18 + TagPrintableString = 19 + TagT61String = 20 + TagIA5String = 22 + TagUTCTime = 23 + TagGeneralizedTime = 24 + TagGeneralString = 27 + TagBMPString = 30 +) + +// ASN.1 class types represent the namespace of the tag. +const ( + ClassUniversal = 0 + ClassApplication = 1 + ClassContextSpecific = 2 + ClassPrivate = 3 +) + +type tagAndLength struct { + class, tag, length int + isCompound bool +} + +// ASN.1 has IMPLICIT and EXPLICIT tags, which can be translated as "instead +// of" and "in addition to". When not specified, every primitive type has a +// default tag in the UNIVERSAL class. +// +// For example: a BIT STRING is tagged [UNIVERSAL 3] by default (although ASN.1 +// doesn't actually have a UNIVERSAL keyword). However, by saying [IMPLICIT +// CONTEXT-SPECIFIC 42], that means that the tag is replaced by another. +// +// On the other hand, if it said [EXPLICIT CONTEXT-SPECIFIC 10], then an +// /additional/ tag would wrap the default tag. This explicit tag will have the +// compound flag set. +// +// (This is used in order to remove ambiguity with optional elements.) +// +// You can layer EXPLICIT and IMPLICIT tags to an arbitrary depth, however we +// don't support that here. We support a single layer of EXPLICIT or IMPLICIT +// tagging with tag strings on the fields of a structure. + +// fieldParameters is the parsed representation of tag string from a structure field. +type fieldParameters struct { + optional bool // true iff the field is OPTIONAL + explicit bool // true iff an EXPLICIT tag is in use. + application bool // true iff an APPLICATION tag is in use. + private bool // true iff a PRIVATE tag is in use. + defaultValue *int64 // a default value for INTEGER typed fields (maybe nil). + tag *int // the EXPLICIT or IMPLICIT tag (maybe nil). + stringType int // the string tag to use when marshaling. + timeType int // the time tag to use when marshaling. + set bool // true iff this should be encoded as a SET + omitEmpty bool // true iff this should be omitted if empty when marshaling. + + // Invariants: + // if explicit is set, tag is non-nil. +} + +// Given a tag string with the format specified in the package comment, +// parseFieldParameters will parse it into a fieldParameters structure, +// ignoring unknown parts of the string. +func parseFieldParameters(str string) (ret fieldParameters) { + var part string + for len(str) > 0 { + // This loop uses IndexByte and explicit slicing + // instead of strings.Split(str, ",") to reduce allocations. + i := strings.IndexByte(str, ',') + if i < 0 { + part, str = str, "" + } else { + part, str = str[:i], str[i+1:] + } + switch { + case part == "optional": + ret.optional = true + case part == "explicit": + ret.explicit = true + if ret.tag == nil { + ret.tag = new(int) + } + case part == "generalized": + ret.timeType = TagGeneralizedTime + case part == "utc": + ret.timeType = TagUTCTime + case part == "ia5": + ret.stringType = TagIA5String + case part == "printable": + ret.stringType = TagPrintableString + case part == "numeric": + ret.stringType = TagNumericString + case part == "utf8": + ret.stringType = TagUTF8String + case strings.HasPrefix(part, "default:"): + i, err := strconv.ParseInt(part[8:], 10, 64) + if err == nil { + ret.defaultValue = new(int64) + *ret.defaultValue = i + } + case strings.HasPrefix(part, "tag:"): + i, err := strconv.Atoi(part[4:]) + if err == nil { + ret.tag = new(int) + *ret.tag = i + } + case part == "set": + ret.set = true + case part == "application": + ret.application = true + if ret.tag == nil { + ret.tag = new(int) + } + case part == "private": + ret.private = true + if ret.tag == nil { + ret.tag = new(int) + } + case part == "omitempty": + ret.omitEmpty = true + } + } + return +} + +// Given a reflected Go type, getUniversalType returns the default tag number +// and expected compound flag. +func getUniversalType(t reflect.Type) (matchAny bool, tagNumber int, isCompound, ok bool) { + switch t { + case rawValueType: + return true, -1, false, true + case objectIdentifierType: + return false, TagOID, false, true + case bitStringType: + return false, TagBitString, false, true + case timeType: + return false, TagUTCTime, false, true + case enumeratedType: + return false, TagEnum, false, true + case bigIntType: + return false, TagInteger, false, true + } + switch t.Kind() { + case reflect.Bool: + return false, TagBoolean, false, true + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + return false, TagInteger, false, true + case reflect.Struct: + return false, TagSequence, true, true + case reflect.Slice: + if t.Elem().Kind() == reflect.Uint8 { + return false, TagOctetString, false, true + } + if strings.HasSuffix(t.Name(), "SET") { + return false, TagSet, true, true + } + return false, TagSequence, true, true + case reflect.String: + return false, TagPrintableString, false, true + } + return false, 0, false, false +} diff --git a/vendor/github.com/zmap/zcrypto/encoding/asn1/marshal.go b/vendor/github.com/zmap/zcrypto/encoding/asn1/marshal.go new file mode 100644 index 000000000..0d34d5aa1 --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/encoding/asn1/marshal.go @@ -0,0 +1,747 @@ +// Copyright 2009 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package asn1 + +import ( + "bytes" + "errors" + "fmt" + "math/big" + "reflect" + "sort" + "time" + "unicode/utf8" +) + +var ( + byte00Encoder encoder = byteEncoder(0x00) + byteFFEncoder encoder = byteEncoder(0xff) +) + +// encoder represents an ASN.1 element that is waiting to be marshaled. +type encoder interface { + // Len returns the number of bytes needed to marshal this element. + Len() int + // Encode encodes this element by writing Len() bytes to dst. + Encode(dst []byte) +} + +type byteEncoder byte + +func (c byteEncoder) Len() int { + return 1 +} + +func (c byteEncoder) Encode(dst []byte) { + dst[0] = byte(c) +} + +type bytesEncoder []byte + +func (b bytesEncoder) Len() int { + return len(b) +} + +func (b bytesEncoder) Encode(dst []byte) { + if copy(dst, b) != len(b) { + panic("internal error") + } +} + +type stringEncoder string + +func (s stringEncoder) Len() int { + return len(s) +} + +func (s stringEncoder) Encode(dst []byte) { + if copy(dst, s) != len(s) { + panic("internal error") + } +} + +type multiEncoder []encoder + +func (m multiEncoder) Len() int { + var size int + for _, e := range m { + size += e.Len() + } + return size +} + +func (m multiEncoder) Encode(dst []byte) { + var off int + for _, e := range m { + e.Encode(dst[off:]) + off += e.Len() + } +} + +type setEncoder []encoder + +func (s setEncoder) Len() int { + var size int + for _, e := range s { + size += e.Len() + } + return size +} + +func (s setEncoder) Encode(dst []byte) { + // Per X690 Section 11.6: The encodings of the component values of a + // set-of value shall appear in ascending order, the encodings being + // compared as octet strings with the shorter components being padded + // at their trailing end with 0-octets. + // + // First we encode each element to its TLV encoding and then use + // octetSort to get the ordering expected by X690 DER rules before + // writing the sorted encodings out to dst. + l := make([][]byte, len(s)) + for i, e := range s { + l[i] = make([]byte, e.Len()) + e.Encode(l[i]) + } + + sort.Slice(l, func(i, j int) bool { + // Since we are using bytes.Compare to compare TLV encodings we + // don't need to right pad s[i] and s[j] to the same length as + // suggested in X690. If len(s[i]) < len(s[j]) the length octet of + // s[i], which is the first determining byte, will inherently be + // smaller than the length octet of s[j]. This lets us skip the + // padding step. + return bytes.Compare(l[i], l[j]) < 0 + }) + + var off int + for _, b := range l { + copy(dst[off:], b) + off += len(b) + } +} + +type taggedEncoder struct { + // scratch contains temporary space for encoding the tag and length of + // an element in order to avoid extra allocations. + scratch [8]byte + tag encoder + body encoder +} + +func (t *taggedEncoder) Len() int { + return t.tag.Len() + t.body.Len() +} + +func (t *taggedEncoder) Encode(dst []byte) { + t.tag.Encode(dst) + t.body.Encode(dst[t.tag.Len():]) +} + +type int64Encoder int64 + +func (i int64Encoder) Len() int { + n := 1 + + for i > 127 { + n++ + i >>= 8 + } + + for i < -128 { + n++ + i >>= 8 + } + + return n +} + +func (i int64Encoder) Encode(dst []byte) { + n := i.Len() + + for j := 0; j < n; j++ { + dst[j] = byte(i >> uint((n-1-j)*8)) + } +} + +func base128IntLength(n int64) int { + if n == 0 { + return 1 + } + + l := 0 + for i := n; i > 0; i >>= 7 { + l++ + } + + return l +} + +func appendBase128Int(dst []byte, n int64) []byte { + l := base128IntLength(n) + + for i := l - 1; i >= 0; i-- { + o := byte(n >> uint(i*7)) + o &= 0x7f + if i != 0 { + o |= 0x80 + } + + dst = append(dst, o) + } + + return dst +} + +func makeBigInt(n *big.Int) (encoder, error) { + if n == nil { + return nil, StructuralError{"empty integer"} + } + + if n.Sign() < 0 { + // A negative number has to be converted to two's-complement + // form. So we'll invert and subtract 1. If the + // most-significant-bit isn't set then we'll need to pad the + // beginning with 0xff in order to keep the number negative. + nMinus1 := new(big.Int).Neg(n) + nMinus1.Sub(nMinus1, bigOne) + bytes := nMinus1.Bytes() + for i := range bytes { + bytes[i] ^= 0xff + } + if len(bytes) == 0 || bytes[0]&0x80 == 0 { + return multiEncoder([]encoder{byteFFEncoder, bytesEncoder(bytes)}), nil + } + return bytesEncoder(bytes), nil + } else if n.Sign() == 0 { + // Zero is written as a single 0 zero rather than no bytes. + return byte00Encoder, nil + } else { + bytes := n.Bytes() + if len(bytes) > 0 && bytes[0]&0x80 != 0 { + // We'll have to pad this with 0x00 in order to stop it + // looking like a negative number. + return multiEncoder([]encoder{byte00Encoder, bytesEncoder(bytes)}), nil + } + return bytesEncoder(bytes), nil + } +} + +func appendLength(dst []byte, i int) []byte { + n := lengthLength(i) + + for ; n > 0; n-- { + dst = append(dst, byte(i>>uint((n-1)*8))) + } + + return dst +} + +func lengthLength(i int) (numBytes int) { + numBytes = 1 + for i > 255 { + numBytes++ + i >>= 8 + } + return +} + +func appendTagAndLength(dst []byte, t tagAndLength) []byte { + b := uint8(t.class) << 6 + if t.isCompound { + b |= 0x20 + } + if t.tag >= 31 { + b |= 0x1f + dst = append(dst, b) + dst = appendBase128Int(dst, int64(t.tag)) + } else { + b |= uint8(t.tag) + dst = append(dst, b) + } + + if t.length >= 128 { + l := lengthLength(t.length) + dst = append(dst, 0x80|byte(l)) + dst = appendLength(dst, t.length) + } else { + dst = append(dst, byte(t.length)) + } + + return dst +} + +type bitStringEncoder BitString + +func (b bitStringEncoder) Len() int { + return len(b.Bytes) + 1 +} + +func (b bitStringEncoder) Encode(dst []byte) { + dst[0] = byte((8 - b.BitLength%8) % 8) + if copy(dst[1:], b.Bytes) != len(b.Bytes) { + panic("internal error") + } +} + +type oidEncoder []int + +func (oid oidEncoder) Len() int { + l := base128IntLength(int64(oid[0]*40 + oid[1])) + for i := 2; i < len(oid); i++ { + l += base128IntLength(int64(oid[i])) + } + return l +} + +func (oid oidEncoder) Encode(dst []byte) { + dst = appendBase128Int(dst[:0], int64(oid[0]*40+oid[1])) + for i := 2; i < len(oid); i++ { + dst = appendBase128Int(dst, int64(oid[i])) + } +} + +func makeObjectIdentifier(oid []int) (e encoder, err error) { + if len(oid) < 2 || oid[0] > 2 || (oid[0] < 2 && oid[1] >= 40) { + return nil, StructuralError{"invalid object identifier"} + } + + return oidEncoder(oid), nil +} + +func makePrintableString(s string) (e encoder, err error) { + for i := 0; i < len(s); i++ { + // The asterisk is often used in PrintableString, even though + // it is invalid. If a PrintableString was specifically + // requested then the asterisk is permitted by this code. + // Ampersand is allowed in parsing due a handful of CA + // certificates, however when making new certificates + // it is rejected. + if !isPrintable(s[i], allowAsterisk, rejectAmpersand) { + return nil, StructuralError{"PrintableString contains invalid character"} + } + } + + return stringEncoder(s), nil +} + +func makeIA5String(s string) (e encoder, err error) { + for i := 0; i < len(s); i++ { + if s[i] > 127 { + return nil, StructuralError{"IA5String contains invalid character"} + } + } + + return stringEncoder(s), nil +} + +func makeNumericString(s string) (e encoder, err error) { + for i := 0; i < len(s); i++ { + if !isNumeric(s[i]) { + return nil, StructuralError{"NumericString contains invalid character"} + } + } + + return stringEncoder(s), nil +} + +func makeUTF8String(s string) encoder { + return stringEncoder(s) +} + +func appendTwoDigits(dst []byte, v int) []byte { + return append(dst, byte('0'+(v/10)%10), byte('0'+v%10)) +} + +func appendFourDigits(dst []byte, v int) []byte { + var bytes [4]byte + for i := range bytes { + bytes[3-i] = '0' + byte(v%10) + v /= 10 + } + return append(dst, bytes[:]...) +} + +func outsideUTCRange(t time.Time) bool { + year := t.Year() + return year < 1950 || year >= 2050 +} + +func makeUTCTime(t time.Time) (e encoder, err error) { + dst := make([]byte, 0, 18) + + dst, err = appendUTCTime(dst, t) + if err != nil { + return nil, err + } + + return bytesEncoder(dst), nil +} + +func makeGeneralizedTime(t time.Time) (e encoder, err error) { + dst := make([]byte, 0, 20) + + dst, err = appendGeneralizedTime(dst, t) + if err != nil { + return nil, err + } + + return bytesEncoder(dst), nil +} + +func appendUTCTime(dst []byte, t time.Time) (ret []byte, err error) { + year := t.Year() + + switch { + case 1950 <= year && year < 2000: + dst = appendTwoDigits(dst, year-1900) + case 2000 <= year && year < 2050: + dst = appendTwoDigits(dst, year-2000) + default: + return nil, StructuralError{"cannot represent time as UTCTime"} + } + + return appendTimeCommon(dst, t), nil +} + +func appendGeneralizedTime(dst []byte, t time.Time) (ret []byte, err error) { + year := t.Year() + if year < 0 || year > 9999 { + return nil, StructuralError{"cannot represent time as GeneralizedTime"} + } + + dst = appendFourDigits(dst, year) + + return appendTimeCommon(dst, t), nil +} + +func appendTimeCommon(dst []byte, t time.Time) []byte { + _, month, day := t.Date() + + dst = appendTwoDigits(dst, int(month)) + dst = appendTwoDigits(dst, day) + + hour, min, sec := t.Clock() + + dst = appendTwoDigits(dst, hour) + dst = appendTwoDigits(dst, min) + dst = appendTwoDigits(dst, sec) + + _, offset := t.Zone() + + switch { + case offset/60 == 0: + return append(dst, 'Z') + case offset > 0: + dst = append(dst, '+') + case offset < 0: + dst = append(dst, '-') + } + + offsetMinutes := offset / 60 + if offsetMinutes < 0 { + offsetMinutes = -offsetMinutes + } + + dst = appendTwoDigits(dst, offsetMinutes/60) + dst = appendTwoDigits(dst, offsetMinutes%60) + + return dst +} + +func stripTagAndLength(in []byte) []byte { + _, offset, err := parseTagAndLength(in, 0) + if err != nil { + return in + } + return in[offset:] +} + +func makeBody(value reflect.Value, params fieldParameters) (e encoder, err error) { + switch value.Type() { + case flagType: + return bytesEncoder(nil), nil + case timeType: + t := value.Interface().(time.Time) + if params.timeType == TagGeneralizedTime || outsideUTCRange(t) { + return makeGeneralizedTime(t) + } + return makeUTCTime(t) + case bitStringType: + return bitStringEncoder(value.Interface().(BitString)), nil + case objectIdentifierType: + return makeObjectIdentifier(value.Interface().(ObjectIdentifier)) + case bigIntType: + return makeBigInt(value.Interface().(*big.Int)) + } + + switch v := value; v.Kind() { + case reflect.Bool: + if v.Bool() { + return byteFFEncoder, nil + } + return byte00Encoder, nil + case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + return int64Encoder(v.Int()), nil + case reflect.Struct: + t := v.Type() + + for i := 0; i < t.NumField(); i++ { + if t.Field(i).PkgPath != "" { + return nil, StructuralError{"struct contains unexported fields"} + } + } + + startingField := 0 + + n := t.NumField() + if n == 0 { + return bytesEncoder(nil), nil + } + + // If the first element of the structure is a non-empty + // RawContents, then we don't bother serializing the rest. + if t.Field(0).Type == rawContentsType { + s := v.Field(0) + if s.Len() > 0 { + bytes := s.Bytes() + /* The RawContents will contain the tag and + * length fields but we'll also be writing + * those ourselves, so we strip them out of + * bytes */ + return bytesEncoder(stripTagAndLength(bytes)), nil + } + + startingField = 1 + } + + switch n1 := n - startingField; n1 { + case 0: + return bytesEncoder(nil), nil + case 1: + return makeField(v.Field(startingField), parseFieldParameters(t.Field(startingField).Tag.Get("asn1"))) + default: + m := make([]encoder, n1) + for i := 0; i < n1; i++ { + m[i], err = makeField(v.Field(i+startingField), parseFieldParameters(t.Field(i+startingField).Tag.Get("asn1"))) + if err != nil { + return nil, err + } + } + + return multiEncoder(m), nil + } + case reflect.Slice: + sliceType := v.Type() + if sliceType.Elem().Kind() == reflect.Uint8 { + return bytesEncoder(v.Bytes()), nil + } + + var fp fieldParameters + + switch l := v.Len(); l { + case 0: + return bytesEncoder(nil), nil + case 1: + return makeField(v.Index(0), fp) + default: + m := make([]encoder, l) + + for i := 0; i < l; i++ { + m[i], err = makeField(v.Index(i), fp) + if err != nil { + return nil, err + } + } + + if params.set { + return setEncoder(m), nil + } + return multiEncoder(m), nil + } + case reflect.String: + switch params.stringType { + case TagIA5String: + return makeIA5String(v.String()) + case TagPrintableString: + return makePrintableString(v.String()) + case TagNumericString: + return makeNumericString(v.String()) + default: + return makeUTF8String(v.String()), nil + } + } + + return nil, StructuralError{"unknown Go type"} +} + +func makeField(v reflect.Value, params fieldParameters) (e encoder, err error) { + if !v.IsValid() { + return nil, fmt.Errorf("asn1: cannot marshal nil value") + } + // If the field is an interface{} then recurse into it. + if v.Kind() == reflect.Interface && v.Type().NumMethod() == 0 { + return makeField(v.Elem(), params) + } + + if v.Kind() == reflect.Slice && v.Len() == 0 && params.omitEmpty { + return bytesEncoder(nil), nil + } + + if params.optional && params.defaultValue != nil && canHaveDefaultValue(v.Kind()) { + defaultValue := reflect.New(v.Type()).Elem() + defaultValue.SetInt(*params.defaultValue) + + if reflect.DeepEqual(v.Interface(), defaultValue.Interface()) { + return bytesEncoder(nil), nil + } + } + + // If no default value is given then the zero value for the type is + // assumed to be the default value. This isn't obviously the correct + // behavior, but it's what Go has traditionally done. + if params.optional && params.defaultValue == nil { + if reflect.DeepEqual(v.Interface(), reflect.Zero(v.Type()).Interface()) { + return bytesEncoder(nil), nil + } + } + + if v.Type() == rawValueType { + rv := v.Interface().(RawValue) + if len(rv.FullBytes) != 0 { + return bytesEncoder(rv.FullBytes), nil + } + + t := new(taggedEncoder) + + t.tag = bytesEncoder(appendTagAndLength(t.scratch[:0], tagAndLength{rv.Class, rv.Tag, len(rv.Bytes), rv.IsCompound})) + t.body = bytesEncoder(rv.Bytes) + + return t, nil + } + + matchAny, tag, isCompound, ok := getUniversalType(v.Type()) + if !ok || matchAny { + return nil, StructuralError{fmt.Sprintf("unknown Go type: %v", v.Type())} + } + + if params.timeType != 0 && tag != TagUTCTime { + return nil, StructuralError{"explicit time type given to non-time member"} + } + + if params.stringType != 0 && tag != TagPrintableString { + return nil, StructuralError{"explicit string type given to non-string member"} + } + + switch tag { + case TagPrintableString: + if params.stringType == 0 { + // This is a string without an explicit string type. We'll use + // a PrintableString if the character set in the string is + // sufficiently limited, otherwise we'll use a UTF8String. + for _, r := range v.String() { + if r >= utf8.RuneSelf || !isPrintable(byte(r), rejectAsterisk, rejectAmpersand) { + if !utf8.ValidString(v.String()) { + return nil, errors.New("asn1: string not valid UTF-8") + } + tag = TagUTF8String + break + } + } + } else { + tag = params.stringType + } + case TagUTCTime: + if params.timeType == TagGeneralizedTime || outsideUTCRange(v.Interface().(time.Time)) { + tag = TagGeneralizedTime + } + } + + if params.set { + if tag != TagSequence { + return nil, StructuralError{"non sequence tagged as set"} + } + tag = TagSet + } + + // makeField can be called for a slice that should be treated as a SET + // but doesn't have params.set set, for instance when using a slice + // with the SET type name suffix. In this case getUniversalType returns + // TagSet, but makeBody doesn't know about that so will treat the slice + // as a sequence. To work around this we set params.set. + if tag == TagSet && !params.set { + params.set = true + } + + t := new(taggedEncoder) + + t.body, err = makeBody(v, params) + if err != nil { + return nil, err + } + + bodyLen := t.body.Len() + + class := ClassUniversal + if params.tag != nil { + if params.application { + class = ClassApplication + } else if params.private { + class = ClassPrivate + } else { + class = ClassContextSpecific + } + + if params.explicit { + t.tag = bytesEncoder(appendTagAndLength(t.scratch[:0], tagAndLength{ClassUniversal, tag, bodyLen, isCompound})) + + tt := new(taggedEncoder) + + tt.body = t + + tt.tag = bytesEncoder(appendTagAndLength(tt.scratch[:0], tagAndLength{ + class: class, + tag: *params.tag, + length: bodyLen + t.tag.Len(), + isCompound: true, + })) + + return tt, nil + } + + // implicit tag. + tag = *params.tag + } + + t.tag = bytesEncoder(appendTagAndLength(t.scratch[:0], tagAndLength{class, tag, bodyLen, isCompound})) + + return t, nil +} + +// Marshal returns the ASN.1 encoding of val. +// +// In addition to the struct tags recognised by Unmarshal, the following can be +// used: +// +// ia5: causes strings to be marshaled as ASN.1, IA5String values +// omitempty: causes empty slices to be skipped +// printable: causes strings to be marshaled as ASN.1, PrintableString values +// utf8: causes strings to be marshaled as ASN.1, UTF8String values +// utc: causes time.Time to be marshaled as ASN.1, UTCTime values +// generalized: causes time.Time to be marshaled as ASN.1, GeneralizedTime values +func Marshal(val interface{}) ([]byte, error) { + return MarshalWithParams(val, "") +} + +// MarshalWithParams allows field parameters to be specified for the +// top-level element. The form of the params is the same as the field tags. +func MarshalWithParams(val interface{}, params string) ([]byte, error) { + e, err := makeField(reflect.ValueOf(val), parseFieldParameters(params)) + if err != nil { + return nil, err + } + b := make([]byte, e.Len()) + e.Encode(b) + return b, nil +} diff --git a/vendor/github.com/zmap/zcrypto/x509/extended_key_usage.go b/vendor/github.com/zmap/zcrypto/x509/extended_key_usage.go index 4b66fc522..cde3a8e05 100644 --- a/vendor/github.com/zmap/zcrypto/x509/extended_key_usage.go +++ b/vendor/github.com/zmap/zcrypto/x509/extended_key_usage.go @@ -7,7 +7,7 @@ package x509 import ( - "encoding/asn1" + "github.com/zmap/zcrypto/encoding/asn1" ) const ( diff --git a/vendor/github.com/zmap/zcrypto/x509/extensions.go b/vendor/github.com/zmap/zcrypto/x509/extensions.go index 3c15216e3..b1edaf26e 100644 --- a/vendor/github.com/zmap/zcrypto/x509/extensions.go +++ b/vendor/github.com/zmap/zcrypto/x509/extensions.go @@ -5,13 +5,13 @@ package x509 import ( - "encoding/asn1" "encoding/hex" "encoding/json" "net" "strconv" "strings" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509/ct" "github.com/zmap/zcrypto/x509/pkix" ) diff --git a/vendor/github.com/zmap/zcrypto/x509/json.go b/vendor/github.com/zmap/zcrypto/x509/json.go index 936f28f3f..af26c4958 100644 --- a/vendor/github.com/zmap/zcrypto/x509/json.go +++ b/vendor/github.com/zmap/zcrypto/x509/json.go @@ -7,17 +7,15 @@ package x509 import ( "crypto/ecdsa" "crypto/rsa" - "encoding/asn1" "encoding/json" "errors" "net" "sort" - - "github.com/zmap/zcrypto/dsa" - "strings" "time" + "github.com/zmap/zcrypto/dsa" + "github.com/zmap/zcrypto/encoding/asn1" jsonKeys "github.com/zmap/zcrypto/json" "github.com/zmap/zcrypto/util" "github.com/zmap/zcrypto/x509/pkix" @@ -27,7 +25,7 @@ var kMinTime, kMaxTime time.Time func init() { var err error - kMinTime, err = time.Parse(time.RFC3339, "1970-01-01T00:00:00Z") + kMinTime, err = time.Parse(time.RFC3339, "0001-01-01T00:00:00Z") if err != nil { panic(err) } @@ -220,7 +218,7 @@ func (v *validity) MarshalJSON() ([]byte, error) { aux := auxValidity{ Start: clampTime(v.NotBefore.UTC()).Format(time.RFC3339), End: clampTime(v.NotAfter.UTC()).Format(time.RFC3339), - ValidityPeriod: int(v.NotAfter.Sub(v.NotBefore).Seconds()), + ValidityPeriod: int(v.NotAfter.Unix() - v.NotBefore.Unix()), } return json.Marshal(&aux) } @@ -237,7 +235,6 @@ func (v *validity) UnmarshalJSON(b []byte) error { if v.NotAfter, err = time.Parse(time.RFC3339, aux.End); err != nil { return err } - return nil } diff --git a/vendor/github.com/zmap/zcrypto/x509/pkcs1.go b/vendor/github.com/zmap/zcrypto/x509/pkcs1.go index 73bc7623a..008112ec5 100644 --- a/vendor/github.com/zmap/zcrypto/x509/pkcs1.go +++ b/vendor/github.com/zmap/zcrypto/x509/pkcs1.go @@ -6,9 +6,10 @@ package x509 import ( "crypto/rsa" - "encoding/asn1" "errors" "math/big" + + "github.com/zmap/zcrypto/encoding/asn1" ) // pkcs1PrivateKey is a structure which mirrors the PKCS#1 ASN.1 for an RSA private key. diff --git a/vendor/github.com/zmap/zcrypto/x509/pkcs8.go b/vendor/github.com/zmap/zcrypto/x509/pkcs8.go index d69049fae..4f4d12a9c 100644 --- a/vendor/github.com/zmap/zcrypto/x509/pkcs8.go +++ b/vendor/github.com/zmap/zcrypto/x509/pkcs8.go @@ -5,9 +5,10 @@ package x509 import ( - "encoding/asn1" "errors" "fmt" + + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509/pkix" ) diff --git a/vendor/github.com/zmap/zcrypto/x509/pkix/json.go b/vendor/github.com/zmap/zcrypto/x509/pkix/json.go index 3000f977e..b7041a67e 100644 --- a/vendor/github.com/zmap/zcrypto/x509/pkix/json.go +++ b/vendor/github.com/zmap/zcrypto/x509/pkix/json.go @@ -5,11 +5,12 @@ package pkix import ( - "encoding/asn1" "encoding/json" "errors" "strconv" "strings" + + "github.com/zmap/zcrypto/encoding/asn1" ) type auxAttributeTypeAndValue struct { diff --git a/vendor/github.com/zmap/zcrypto/x509/pkix/oid.go b/vendor/github.com/zmap/zcrypto/x509/pkix/oid.go index 314ab7b58..444b3afff 100644 --- a/vendor/github.com/zmap/zcrypto/x509/pkix/oid.go +++ b/vendor/github.com/zmap/zcrypto/x509/pkix/oid.go @@ -5,11 +5,12 @@ package pkix import ( - "encoding/asn1" "encoding/json" "fmt" "strconv" "strings" + + "github.com/zmap/zcrypto/encoding/asn1" ) // AuxOID behaves similar to asn1.ObjectIdentifier, except encodes to JSON as a diff --git a/vendor/github.com/zmap/zcrypto/x509/pkix/pkix.go b/vendor/github.com/zmap/zcrypto/x509/pkix/pkix.go index 5f3f013c6..176b6c44a 100644 --- a/vendor/github.com/zmap/zcrypto/x509/pkix/pkix.go +++ b/vendor/github.com/zmap/zcrypto/x509/pkix/pkix.go @@ -7,12 +7,18 @@ package pkix import ( - "encoding/asn1" + "encoding/hex" + "fmt" "math/big" - "strings" "time" + + "github.com/zmap/zcrypto/encoding/asn1" ) +// LegacyNameString allows to specify legacy ZCrypto behaviour +// for X509Name.String() in reverse order +var LegacyNameString = false + // AlgorithmIdentifier represents the ASN.1 structure of the same name. See RFC // 5280, section 4.1.1.2. type AlgorithmIdentifier struct { @@ -25,7 +31,7 @@ type RDNSequence []RelativeDistinguishedNameSET type RelativeDistinguishedNameSET []AttributeTypeAndValue // AttributeTypeAndValue mirrors the ASN.1 structure of the same name in -// http://tools.ietf.org/html/rfc5280#section-4.1.2.4 +// RFC 5280, Section 4.1.2.4. type AttributeTypeAndValue struct { Type asn1.ObjectIdentifier `json:"type"` Value interface{} `json:"value"` @@ -47,7 +53,9 @@ type Extension struct { } // Name represents an X.509 distinguished name. This only includes the common -// elements of a DN. Additional elements in the name are ignored. +// elements of a DN. Note that Name is only an approximation of the X.509 +// structure. If an accurate representation is needed, asn1.Unmarshal the raw +// subject or issuer as an RDNSequence. type Name struct { Country, Organization, OrganizationalUnit []string Locality, Province []string @@ -60,71 +68,81 @@ type Name struct { // EV Components JurisdictionLocality, JurisdictionProvince, JurisdictionCountry []string - Names []AttributeTypeAndValue - ExtraNames []AttributeTypeAndValue + // Names contains all parsed attributes. When parsing distinguished names, + // this can be used to extract non-standard attributes that are not parsed + // by this package. When marshaling to RDNSequences, the Names field is + // ignored, see ExtraNames. + Names []AttributeTypeAndValue + // ExtraNames contains attributes to be copied, raw, into any marshaled + // distinguished names. Values override any attributes with the same OID. + // The ExtraNames field is not populated when parsing, see Names. + ExtraNames []AttributeTypeAndValue // OriginalRDNS is saved if the name is populated using FillFromRDNSequence. // Additionally, if OriginalRDNS is non-nil, the String and ToRDNSequence // methods will simply use this. OriginalRDNS RDNSequence } -// FillFromRDNSequence populates n based on the AttributeTypeAndValueSETs in the -// RDNSequence. It save the sequence as OriginalRDNS. +// FillFromRDNSequence populates n from the provided RDNSequence. +// Multi-entry RDNs are flattened, all entries are added to the +// relevant n fields, and the grouping is not preserved. func (n *Name) FillFromRDNSequence(rdns *RDNSequence) { n.OriginalRDNS = *rdns for _, rdn := range *rdns { if len(rdn) == 0 { continue } - atv := rdn[0] - n.Names = append(n.Names, atv) - value, ok := atv.Value.(string) - if !ok { - continue - } - t := atv.Type - if len(t) == 4 && t[0] == 2 && t[1] == 5 && t[2] == 4 { - switch t[3] { - case 3: - n.CommonName = value - n.CommonNames = append(n.CommonNames, value) - case 4: - n.Surname = append(n.Surname, value) - case 5: - n.SerialNumber = value - n.SerialNumbers = append(n.SerialNumbers, value) - case 6: - n.Country = append(n.Country, value) - case 7: - n.Locality = append(n.Locality, value) - case 8: - n.Province = append(n.Province, value) - case 9: - n.StreetAddress = append(n.StreetAddress, value) - case 10: - n.Organization = append(n.Organization, value) - case 11: - n.OrganizationalUnit = append(n.OrganizationalUnit, value) - case 17: - n.PostalCode = append(n.PostalCode, value) - case 42: - n.GivenName = append(n.GivenName, value) - case 97: - n.OrganizationIDs = append(n.OrganizationIDs, value) + for _, atv := range rdn { + n.Names = append(n.Names, atv) + value, ok := atv.Value.(string) + if !ok { + continue + } + + t := atv.Type + if len(t) == 4 && t[0] == 2 && t[1] == 5 && t[2] == 4 { + switch t[3] { + case 3: + n.CommonName = value + n.CommonNames = append(n.CommonNames, value) + case 4: + n.Surname = append(n.Surname, value) + case 5: + n.SerialNumber = value + n.SerialNumbers = append(n.SerialNumbers, value) + case 6: + n.Country = append(n.Country, value) + case 7: + n.Locality = append(n.Locality, value) + case 8: + n.Province = append(n.Province, value) + case 9: + n.StreetAddress = append(n.StreetAddress, value) + case 10: + n.Organization = append(n.Organization, value) + case 11: + n.OrganizationalUnit = append(n.OrganizationalUnit, value) + case 17: + n.PostalCode = append(n.PostalCode, value) + case 42: + n.GivenName = append(n.GivenName, value) + case 97: + n.OrganizationIDs = append(n.OrganizationIDs, value) + } + } else if t.Equal(oidDomainComponent) { + n.DomainComponent = append(n.DomainComponent, value) + } else if t.Equal(oidDNEmailAddress) { + // Deprecated, see RFC 5280 Section 4.1.2.6 + n.EmailAddress = append(n.EmailAddress, value) + } else if t.Equal(oidJurisdictionLocality) { + n.JurisdictionLocality = append(n.JurisdictionLocality, value) + } else if t.Equal(oidJurisdictionProvince) { + n.JurisdictionProvince = append(n.JurisdictionProvince, value) + } else if t.Equal(oidJurisdictionCountry) { + n.JurisdictionCountry = append(n.JurisdictionCountry, value) } - } else if t.Equal(oidDomainComponent) { - n.DomainComponent = append(n.DomainComponent, value) - } else if t.Equal(oidDNEmailAddress) { - // Deprecated, see RFC 5280 Section 4.1.2.6 - n.EmailAddress = append(n.EmailAddress, value) - } else if t.Equal(oidJurisdictionLocality) { - n.JurisdictionLocality = append(n.JurisdictionLocality, value) - } else if t.Equal(oidJurisdictionProvince) { - n.JurisdictionProvince = append(n.JurisdictionProvince, value) - } else if t.Equal(oidJurisdictionCountry) { - n.JurisdictionCountry = append(n.JurisdictionCountry, value) } } } @@ -171,39 +189,82 @@ func (n Name) appendRDNs(in RDNSequence, values []string, oid asn1.ObjectIdentif return append(in, s) } -// String returns an RDNSequence as comma seperated list of -// AttributeTypeAndValues in canonical form. -func (seq RDNSequence) String() string { - out := make([]string, 0, len(seq)) - // An RDNSequence is effectively an [][]AttributeTypeAndValue - for _, atvSet := range seq { - for _, atv := range atvSet { - // Convert each individual AttributeTypeAndValue to X=Y - attrParts := make([]string, 0, 2) - oidString := atv.Type.String() - oidName, ok := oidDotNotationToNames[oidString] - if ok { - attrParts = append(attrParts, oidName.ShortName) - } else { - attrParts = append(attrParts, oidString) +// String returns a string representation of the sequence r, +// roughly following the RFC 2253 Distinguished Names syntax. +func (r RDNSequence) String() string { + s := "" + for i := 0; i < len(r); i++ { + idx := len(r) - 1 - i + if LegacyNameString { + idx = i + } + rdn := r[idx] + if i > 0 { + s += ", " + } + for j, tv := range rdn { + if j > 0 { + s += ", " } - switch value := atv.Value.(type) { - case string: - attrParts = append(attrParts, value) - case []byte: - attrParts = append(attrParts, string(value)) - default: - continue + + oidString := tv.Type.String() + var typeName string + if oidName, ok := oidDotNotationToNames[oidString]; ok { + typeName = oidName.ShortName } - attrString := strings.Join(attrParts, "=") - out = append(out, attrString) + if typeName == "" { + derBytes, err := asn1.Marshal(tv.Value) + if err == nil { + s += oidString + "=#" + hex.EncodeToString(derBytes) + continue // No value escaping necessary. + } + + typeName = oidString + } + + valueString := fmt.Sprint(tv.Value) + escaped := make([]rune, 0, len(valueString)) + + for k, c := range valueString { + escape := false + + switch c { + case ',', '+', '"', '\\', '<', '>', ';': + escape = true + + case ' ': + escape = k == 0 || k == len(valueString)-1 + + case '#': + escape = k == 0 + } + + if escape { + escaped = append(escaped, '\\', c) + } else { + escaped = append(escaped, c) + } + } + + s += typeName + "=" + string(escaped) } } - return strings.Join(out, ", ") + + return s } -// ToRDNSequence returns OriginalRDNS is populated. Otherwise, it builds an -// RDNSequence in canonical order. +// ToRDNSequence converts n into a single RDNSequence. The following +// attributes are encoded as multi-value RDNs: +// +// - Country +// - Organization +// - OrganizationalUnit +// - Locality +// - Province +// - StreetAddress +// - PostalCode +// +// Each ExtraNames entry is encoded as an individual RDN. func (n Name) ToRDNSequence() (ret RDNSequence) { if n.OriginalRDNS != nil { return n.OriginalRDNS @@ -228,19 +289,11 @@ func (n Name) ToRDNSequence() (ret RDNSequence) { if len(n.SerialNumber) > 0 { ret = n.appendRDNs(ret, []string{n.SerialNumber}, oidSerialNumber) } - ret = append(ret, n.ExtraNames) - return ret -} - -// oidInAttributeTypeAndValue returns whether a type with the given OID exists -// in atv. -func oidInAttributeTypeAndValue(oid asn1.ObjectIdentifier, atv []AttributeTypeAndValue) bool { - for _, a := range atv { - if a.Type.Equal(oid) { - return true - } + for _, atv := range n.ExtraNames { + ret = append(ret, []AttributeTypeAndValue{atv}) } - return false + + return ret } // CertificateList represents the ASN.1 structure of the same name. See RFC @@ -252,15 +305,34 @@ type CertificateList struct { SignatureValue asn1.BitString } -// HasExpired reports whether now is past the expiry time of certList. +// HasExpired reports whether certList should have been updated by now. func (certList *CertificateList) HasExpired(now time.Time) bool { - return now.After(certList.TBSCertList.NextUpdate) + return !now.Before(certList.TBSCertList.NextUpdate) } -// String returns a canonical representation of a DistinguishedName -func (n *Name) String() string { - seq := n.ToRDNSequence() - return seq.String() +// String returns the string form of n, roughly following +// the RFC 2253 Distinguished Names syntax. +func (n Name) String() string { + var rdns RDNSequence + // If there are no ExtraNames, surface the parsed value (all entries in + // Names) instead. + if n.ExtraNames == nil { + for _, atv := range n.Names { + t := atv.Type + if len(t) == 4 && t[0] == 2 && t[1] == 5 && t[2] == 4 { + switch t[3] { + case 3, 5, 6, 7, 8, 9, 10, 11, 17: + // These attributes were already parsed into named fields. + continue + } + } + // Place non-standard parsed values at the beginning of the sequence + // so they will be at the end of the string. See Issue 39924. + rdns = append(rdns, []AttributeTypeAndValue{atv}) + } + } + rdns = append(rdns, n.ToRDNSequence()...) + return rdns.String() } // OtherName represents the ASN.1 structure of the same name. See RFC diff --git a/vendor/github.com/zmap/zcrypto/x509/qc_statements.go b/vendor/github.com/zmap/zcrypto/x509/qc_statements.go index 3adecd5c7..4eeb5d731 100644 --- a/vendor/github.com/zmap/zcrypto/x509/qc_statements.go +++ b/vendor/github.com/zmap/zcrypto/x509/qc_statements.go @@ -1,9 +1,10 @@ package x509 import ( - "encoding/asn1" "encoding/json" "errors" + + "github.com/zmap/zcrypto/encoding/asn1" ) type QCStatementASN struct { diff --git a/vendor/github.com/zmap/zcrypto/x509/sec1.go b/vendor/github.com/zmap/zcrypto/x509/sec1.go index 33f376c07..4ef211ff9 100644 --- a/vendor/github.com/zmap/zcrypto/x509/sec1.go +++ b/vendor/github.com/zmap/zcrypto/x509/sec1.go @@ -7,10 +7,11 @@ package x509 import ( "crypto/ecdsa" "crypto/elliptic" - "encoding/asn1" "errors" "fmt" "math/big" + + "github.com/zmap/zcrypto/encoding/asn1" ) const ecPrivKeyVersion = 1 diff --git a/vendor/github.com/zmap/zcrypto/x509/tor_service_descriptor.go b/vendor/github.com/zmap/zcrypto/x509/tor_service_descriptor.go index 366bd9591..27220f874 100644 --- a/vendor/github.com/zmap/zcrypto/x509/tor_service_descriptor.go +++ b/vendor/github.com/zmap/zcrypto/x509/tor_service_descriptor.go @@ -1,7 +1,7 @@ package x509 import ( - "encoding/asn1" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509/pkix" ) diff --git a/vendor/github.com/zmap/zcrypto/x509/x509.go b/vendor/github.com/zmap/zcrypto/x509/x509.go index 160fca3df..8057b0b0a 100644 --- a/vendor/github.com/zmap/zcrypto/x509/x509.go +++ b/vendor/github.com/zmap/zcrypto/x509/x509.go @@ -27,7 +27,6 @@ import ( _ "crypto/sha1" _ "crypto/sha256" _ "crypto/sha512" - "encoding/asn1" "encoding/pem" "errors" "fmt" @@ -36,9 +35,9 @@ import ( "strconv" "time" - "github.com/zmap/zcrypto/dsa" - "github.com/weppos/publicsuffix-go/publicsuffix" + "github.com/zmap/zcrypto/dsa" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509/ct" "github.com/zmap/zcrypto/x509/pkix" "golang.org/x/crypto/ed25519" @@ -838,6 +837,10 @@ type Certificate struct { PermittedX400Addresses []GeneralSubtreeRaw ExcludedX400Addresses []GeneralSubtreeRaw + // FailedToParseNames contains values that are failed to parse, + // without returning an error. + FailedToParseNames []asn1.RawValue + // CRL Distribution Points CRLDistributionPoints []string @@ -1298,11 +1301,15 @@ func parsePublicKey(algo PublicKeyAlgorithm, keyData *publicKeyInfo) (interface{ return nil, errors.New("x509: trailing data after RSA public key") } - if p.N.Sign() <= 0 { - return nil, errors.New("x509: RSA modulus is not a positive number") - } - if p.E <= 0 { - return nil, errors.New("x509: RSA public exponent is not a positive number") + // ZCrypto: Allow to parse + if !asn1.AllowPermissiveParsing { + + if p.N.Sign() <= 0 { + return nil, errors.New("x509: RSA modulus is not a positive number") + } + if p.E <= 0 { + return nil, errors.New("x509: RSA public exponent is not a positive number") + } } pub := &rsa.PublicKey{ @@ -1442,7 +1449,7 @@ func parseSANExtension(value []byte) (dnsNames, emailAddresses []string, ipAddre return } -func parseGeneralNames(value []byte) (otherNames []pkix.OtherName, dnsNames, emailAddresses, URIs []string, directoryNames []pkix.Name, ediPartyNames []pkix.EDIPartyName, ipAddresses []net.IP, registeredIDs []asn1.ObjectIdentifier, err error) { +func parseGeneralNames(value []byte) (otherNames []pkix.OtherName, dnsNames, emailAddresses, URIs []string, directoryNames []pkix.Name, ediPartyNames []pkix.EDIPartyName, ipAddresses []net.IP, registeredIDs []asn1.ObjectIdentifier, failedToParse []asn1.RawValue, err error) { // RFC 5280, 4.2.1.6 // SubjectAltName ::= GeneralNames @@ -1478,8 +1485,13 @@ func parseGeneralNames(value []byte) (otherNames []pkix.OtherName, dnsNames, ema switch v.Tag { case 0: var oName pkix.OtherName - _, err = asn1.UnmarshalWithParams(v.FullBytes, &oName, "tag:0") - if err != nil { + _, perr := asn1.UnmarshalWithParams(v.FullBytes, &oName, "tag:0") + if perr != nil { + if asn1.AllowPermissiveParsing { + failedToParse = append(failedToParse, v) + continue + } + err = perr return } otherNames = append(otherNames, oName) @@ -1489,8 +1501,13 @@ func parseGeneralNames(value []byte) (otherNames []pkix.OtherName, dnsNames, ema dnsNames = append(dnsNames, string(v.Bytes)) case 4: var rdn pkix.RDNSequence - _, err = asn1.Unmarshal(v.Bytes, &rdn) - if err != nil { + _, perr := asn1.Unmarshal(v.Bytes, &rdn) + if perr != nil { + if asn1.AllowPermissiveParsing { + failedToParse = append(failedToParse, v) + continue + } + err = perr return } var dir pkix.Name @@ -1498,8 +1515,13 @@ func parseGeneralNames(value []byte) (otherNames []pkix.OtherName, dnsNames, ema directoryNames = append(directoryNames, dir) case 5: var ediName pkix.EDIPartyName - _, err = asn1.UnmarshalWithParams(v.FullBytes, &ediName, "tag:5") - if err != nil { + _, perr := asn1.UnmarshalWithParams(v.FullBytes, &ediName, "tag:5") + if perr != nil { + if asn1.AllowPermissiveParsing { + failedToParse = append(failedToParse, v) + continue + } + err = perr return } ediPartyNames = append(ediPartyNames, ediName) @@ -1510,13 +1532,22 @@ func parseGeneralNames(value []byte) (otherNames []pkix.OtherName, dnsNames, ema case net.IPv4len, net.IPv6len: ipAddresses = append(ipAddresses, v.Bytes) default: - err = errors.New("x509: certificate contained IP address of length " + strconv.Itoa(len(v.Bytes))) - return + if asn1.AllowPermissiveParsing { + failedToParse = append(failedToParse, v) + } else { + err = errors.New("x509: certificate contained IP address of length " + strconv.Itoa(len(v.Bytes))) + return + } } case 8: var id asn1.ObjectIdentifier - _, err = asn1.UnmarshalWithParams(v.FullBytes, &id, "tag:8") - if err != nil { + _, perr := asn1.UnmarshalWithParams(v.FullBytes, &id, "tag:8") + if perr != nil { + if asn1.AllowPermissiveParsing { + failedToParse = append(failedToParse, v) + continue + } + err = perr return } registeredIDs = append(registeredIDs, id) @@ -1656,7 +1687,9 @@ func parseCertificate(in *certificate) (*Certificate, error) { continue } case 17: - out.OtherNames, out.DNSNames, out.EmailAddresses, out.URIs, out.DirectoryNames, out.EDIPartyNames, out.IPAddresses, out.RegisteredIDs, err = parseGeneralNames(e.Value) + out.OtherNames, out.DNSNames, out.EmailAddresses, + out.URIs, out.DirectoryNames, out.EDIPartyNames, + out.IPAddresses, out.RegisteredIDs, out.FailedToParseNames, err = parseGeneralNames(e.Value) if err != nil { return nil, err } @@ -1667,7 +1700,9 @@ func parseCertificate(in *certificate) (*Certificate, error) { // If we didn't parse any of the names then we // fall through to the critical check below. case 18: - out.IANOtherNames, out.IANDNSNames, out.IANEmailAddresses, out.IANURIs, out.IANDirectoryNames, out.IANEDIPartyNames, out.IANIPAddresses, out.IANRegisteredIDs, err = parseGeneralNames(e.Value) + out.IANOtherNames, out.IANDNSNames, out.IANEmailAddresses, + out.IANURIs, out.IANDirectoryNames, out.IANEDIPartyNames, + out.IANIPAddresses, out.IANRegisteredIDs, out.FailedToParseNames, err = parseGeneralNames(e.Value) if err != nil { return nil, err } @@ -1735,7 +1770,9 @@ func parseCertificate(in *certificate) (*Certificate, error) { ip := net.IPNet{IP: subtree.Value.Bytes[:net.IPv6len], Mask: subtree.Value.Bytes[net.IPv6len:]} out.PermittedIPAddresses = append(out.PermittedIPAddresses, GeneralSubtreeIP{Data: ip, Max: subtree.Max, Min: subtree.Min}) default: - return out, errors.New("x509: certificate name constraint contained IP address range of length " + strconv.Itoa(len(subtree.Value.Bytes))) + if !asn1.AllowPermissiveParsing { + return out, errors.New("x509: certificate name constraint contained IP address range of length " + strconv.Itoa(len(subtree.Value.Bytes))) + } } case 8: var id asn1.ObjectIdentifier @@ -1780,7 +1817,9 @@ func parseCertificate(in *certificate) (*Certificate, error) { ip := net.IPNet{IP: subtree.Value.Bytes[:net.IPv6len], Mask: subtree.Value.Bytes[net.IPv6len:]} out.ExcludedIPAddresses = append(out.ExcludedIPAddresses, GeneralSubtreeIP{Data: ip, Max: subtree.Max, Min: subtree.Min}) default: - return out, errors.New("x509: certificate name constraint contained IP address range of length " + strconv.Itoa(len(subtree.Value.Bytes))) + if !asn1.AllowPermissiveParsing { + return out, errors.New("x509: certificate name constraint contained IP address range of length " + strconv.Itoa(len(subtree.Value.Bytes))) + } } case 8: var id asn1.ObjectIdentifier @@ -1860,7 +1899,10 @@ func parseCertificate(in *certificate) (*Certificate, error) { var keyUsage []asn1.ObjectIdentifier _, err = asn1.Unmarshal(e.Value, &keyUsage) if err != nil { - return nil, err + if !asn1.AllowPermissiveParsing { + return nil, err + } + continue } for _, u := range keyUsage { @@ -1907,25 +1949,31 @@ func parseCertificate(in *certificate) (*Certificate, error) { cpsURIOID := asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 2, 1} if qualifier.PolicyQualifierId.Equal(userNoticeOID) { var un userNotice - if _, err = asn1.Unmarshal(qualifier.Qualifier.FullBytes, &un); err != nil { + _, err := asn1.Unmarshal(qualifier.Qualifier.FullBytes, &un) + if err != nil && !asn1.AllowPermissiveParsing { return nil, err } - if len(un.ExplicitText.Bytes) != 0 { - out.ExplicitTexts[i] = append(out.ExplicitTexts[i], un.ExplicitText) - out.ParsedExplicitTexts[i] = append(out.ParsedExplicitTexts[i], string(un.ExplicitText.Bytes)) - } - if un.NoticeRef.Organization.Bytes != nil || un.NoticeRef.NoticeNumbers != nil { - out.NoticeRefOrgnization[i] = append(out.NoticeRefOrgnization[i], un.NoticeRef.Organization) - out.NoticeRefNumbers[i] = append(out.NoticeRefNumbers[i], un.NoticeRef.NoticeNumbers) - out.ParsedNoticeRefOrganization[i] = append(out.ParsedNoticeRefOrganization[i], string(un.NoticeRef.Organization.Bytes)) + if err == nil { + if len(un.ExplicitText.Bytes) != 0 { + out.ExplicitTexts[i] = append(out.ExplicitTexts[i], un.ExplicitText) + out.ParsedExplicitTexts[i] = append(out.ParsedExplicitTexts[i], string(un.ExplicitText.Bytes)) + } + if un.NoticeRef.Organization.Bytes != nil || un.NoticeRef.NoticeNumbers != nil { + out.NoticeRefOrgnization[i] = append(out.NoticeRefOrgnization[i], un.NoticeRef.Organization) + out.NoticeRefNumbers[i] = append(out.NoticeRefNumbers[i], un.NoticeRef.NoticeNumbers) + out.ParsedNoticeRefOrganization[i] = append(out.ParsedNoticeRefOrganization[i], string(un.NoticeRef.Organization.Bytes)) + } } } if qualifier.PolicyQualifierId.Equal(cpsURIOID) { var cpsURIRaw asn1.RawValue - if _, err = asn1.Unmarshal(qualifier.Qualifier.FullBytes, &cpsURIRaw); err != nil { + _, err = asn1.Unmarshal(qualifier.Qualifier.FullBytes, &cpsURIRaw) + if err != nil && !asn1.AllowPermissiveParsing { return nil, err } - out.CPSuri[i] = append(out.CPSuri[i], string(cpsURIRaw.Bytes)) + if err == nil { + out.CPSuri[i] = append(out.CPSuri[i], string(cpsURIRaw.Bytes)) + } } } } @@ -1974,7 +2022,9 @@ func parseCertificate(in *certificate) (*Certificate, error) { out.IsPrecert = true continue } else { - return nil, UnhandledCriticalExtension{e.Id, "Malformed precert poison"} + if !asn1.AllowPermissiveParsing { + return nil, UnhandledCriticalExtension{e.Id, "Malformed precert poison"} + } } } else if e.Id.Equal(oidBRTorServiceDescriptor) { descs, err := parseTorServiceDescriptorSyntax(e) diff --git a/vendor/github.com/zmap/zlint/v3/lint/base.go b/vendor/github.com/zmap/zlint/v3/lint/base.go index efecfa97e..c5afe8a31 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/base.go +++ b/vendor/github.com/zmap/zlint/v3/lint/base.go @@ -15,6 +15,7 @@ package lint */ import ( + "fmt" "time" "github.com/zmap/zcrypto/x509" @@ -22,10 +23,7 @@ import ( ) // LintInterface is implemented by each Lint. -type LintInterface interface { - // Initialize runs once per-lint. It is called during RegisterLint(). - Initialize() error - +type LintInterface interface { //nolint:revive // CheckApplies runs once per certificate. It returns true if the Lint should // run on the given certificate. If CheckApplies returns false, the Lint // result is automatically set to NA without calling CheckEffective() or @@ -37,6 +35,11 @@ type LintInterface interface { Execute(c *x509.Certificate) *LintResult } +// Configurable lints return a pointer into a struct that they wish to receive their configuration into. +type Configurable interface { + Configure() interface{} +} + // A Lint struct represents a single lint, e.g. // "e_basic_constraints_not_critical". It contains an implementation of LintInterface. type Lint struct { @@ -58,20 +61,31 @@ type Lint struct { // Lints automatically returns NE for all certificates where CheckApplies() is // true but with NotBefore < EffectiveDate. This check is bypassed if - // EffectiveDate is zero. + // EffectiveDate is zero. Please see CheckEffective for more information. EffectiveDate time.Time `json:"-"` - // The implementation of the lint logic. - Lint LintInterface `json:"-"` + // Lints automatically returns NE for all certificates where CheckApplies() is + // true but with NotBefore >= IneffectiveDate. This check is bypassed if + // IneffectiveDate is zero. Please see CheckEffective for more information. + IneffectiveDate time.Time `json:"-"` + + // A constructor which returns the implementation of the lint logic. + Lint func() LintInterface `json:"-"` } -// CheckEffective returns true if c was issued on or after the EffectiveDate. If -// EffectiveDate is zero, CheckEffective always returns true. +// CheckEffective returns true if c was issued on or after the EffectiveDate +// AND before (but not on) the Ineffective date. That is, CheckEffective +// returns true if... +// +// c.NotBefore in [EffectiveDate, IneffectiveDate) +// +// If EffectiveDate is zero, then only IneffectiveDate is checked. Conversely, +// if IneffectiveDate is zero then only EffectiveDate is checked. If both EffectiveDate +// and IneffectiveDate are zero then CheckEffective always returns true. func (l *Lint) CheckEffective(c *x509.Certificate) bool { - if l.EffectiveDate.IsZero() || !l.EffectiveDate.After(c.NotBefore) { - return true - } - return false + onOrAfterEffective := l.EffectiveDate.IsZero() || util.OnOrAfter(c.NotBefore, l.EffectiveDate) + strictlyBeforeIneffective := l.IneffectiveDate.IsZero() || c.NotBefore.Before(l.IneffectiveDate) + return onOrAfterEffective && strictlyBeforeIneffective } // Execute runs the lint against a certificate. For lints that are @@ -79,18 +93,38 @@ func (l *Lint) CheckEffective(c *x509.Certificate) bool { // if they are within the purview of the BRs. See LintInterface for details // about the other methods called. The ordering is as follows: // +// Configure() ----> only if the lint implements Configurable // CheckApplies() // CheckEffective() // Execute() -func (l *Lint) Execute(cert *x509.Certificate) *LintResult { +func (l *Lint) Execute(cert *x509.Certificate, config Configuration) *LintResult { if l.Source == CABFBaselineRequirements && !util.IsServerAuthCert(cert) { return &LintResult{Status: NA} } - if !l.Lint.CheckApplies(cert) { + return l.execute(l.Lint(), cert, config) +} + +func (l *Lint) execute(lint LintInterface, cert *x509.Certificate, config Configuration) *LintResult { + configurable, ok := lint.(Configurable) + if ok { + err := config.Configure(configurable.Configure(), l.Name) + if err != nil { + details := fmt.Sprintf( + "A fatal error occurred while attempting to configure %s. Please visit the [%s] section of "+ + "your provided configuration and compare it with the output of `zlint -exampleConfig`. Error: %s", + l.Name, + l.Name, + err.Error()) + return &LintResult{ + Status: Fatal, + Details: details} + } + } + if !lint.CheckApplies(cert) { return &LintResult{Status: NA} } else if !l.CheckEffective(cert) { return &LintResult{Status: NE} } - res := l.Lint.Execute(cert) + res := lint.Execute(cert) return res } diff --git a/vendor/github.com/zmap/zlint/v3/lint/configuration.go b/vendor/github.com/zmap/zlint/v3/lint/configuration.go new file mode 100644 index 000000000..d60f3aec7 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lint/configuration.go @@ -0,0 +1,248 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package lint + +import ( + "fmt" + "io" + "os" + "reflect" + "strings" + + "github.com/pelletier/go-toml" +) + +// Configuration is a ZLint configuration which serves as a target +// to hold the full TOML tree that is a physical ZLint configuration./ +type Configuration struct { + tree *toml.Tree +} + +// Configure attempts to deserialize the provided namespace into the provided empty interface. +// +// For example, let's say that the name of your lint is MyLint, then the configuration +// file might look something like the following... +// +// ``` +// [MyLint] +// A = 1 +// B = 2 +// ``` +// +// Given this, our target struct may look like the following... +// +// ``` +// type MytLint struct { +// A int +// B uint +// } +// ``` +// +// So deserializing into this struct would look like... +// +// ``` +// configuration.Configure(&myLint, myLint.Name()) +// ``` +func (c Configuration) Configure(lint interface{}, namespace string) error { + return c.deserializeConfigInto(lint, namespace) +} + +// NewConfig attempts to instantiate a configuration by consuming the contents of the provided reader. +// +// The contents of the provided reader MUST be in a valid TOML format. The caller of this function +// is responsible for closing the reader, if appropriate. +func NewConfig(r io.Reader) (Configuration, error) { + tree, err := toml.LoadReader(r) + if err != nil { + return Configuration{}, err + } + return Configuration{tree}, nil +} + +// NewConfigFromFile attempts to instantiate a configuration from the provided filesystem path. +// +// The file pointed to by `path` MUST be valid TOML file. If `path` is the empty string then +// an empty configuration is returned. +func NewConfigFromFile(path string) (Configuration, error) { + if path == "" { + return NewEmptyConfig(), nil + } + f, err := os.Open(path) + if err != nil { + return Configuration{}, fmt.Errorf("failed to open the provided configuration at %s. Error: %s", path, err.Error()) + } + defer f.Close() + return NewConfig(f) +} + +// NewConfigFromString attempts to instantiate a configuration from the provided string. +// +// The provided string MUST be in a valid TOML format. +func NewConfigFromString(config string) (Configuration, error) { + return NewConfig(strings.NewReader(config)) +} + +// NewEmptyConfig returns a configuration that is backed by an entirely empty TOML tree. +// +// This is useful if no particular configuration is set at all by the user of ZLint as +// any attempt to resolve a namespace in `deserializeConfigInto` fails and thus results +// in all defaults for all lints being maintained. +func NewEmptyConfig() Configuration { + cfg, _ := NewConfigFromString("") + return cfg +} + +// deserializeConfigInto deserializes the section labeled by the provided `namespace` +// into the provided target `interface{}`. +// +// For example, given the following configuration... +// +// ``` +// [e_some_lint] +// field = 1 +// flag = false +// +// [w_some_other_lint] +// is_web_pki = true +// ``` +// +// And the following struct definition... +// +// ``` +// type SomeOtherLint { +// IsWebPKI bool `toml:"is_web_pki"` +// } +// ``` +// +// Then the invocation of this function should be... +// +// ``` +// lint := &SomeOtherLint{} +// deserializeConfigInto(lint, "w_some_other_lint") +// ``` +// +// If there is no such namespace found in this configuration then provided the namespace specific data encoded +// within `target` is left unmodified. However, configuration of higher scoped fields will still be attempted. +func (c Configuration) deserializeConfigInto(target interface{}, namespace string) error { + if tree := c.tree.Get(namespace); tree != nil { + err := tree.(*toml.Tree).Unmarshal(target) + if err != nil { + return err + } + } + return c.resolveHigherScopedReferences(target) +} + +// resolveHigherScopeReferences takes in an interface{} value and attempts to +// find any field within its inner value that is either a struct or a pointer +// to a struct that is one of our global configurable types. If such a field +// exists then that higher scoped configuration will be copied into the value +// held by the provided interface{}. +// +// This procedure is recursive. +func (c Configuration) resolveHigherScopedReferences(i interface{}) error { + value := reflect.Indirect(reflect.ValueOf(i)) + if value.Kind() != reflect.Struct { + // Our target higher scoped configurations are either structs + // or are fields of structs. Any other Kind simply cannot + // be a target for deserialization here. For example, an interface + // does not make sense since an interface cannot have fields nor + // are any of our higher scoped configurations interfaces themselves. + // + // For a comprehensive list of Kinds, please see `type.go` in the `reflect` package. + return nil + } + // Iterate through every field within the struct held by the provided interface{}. + // If the field is either one of our higher scoped configurations (or a pointer to one) + // then deserialize that higher scoped configuration into that field. If the field + // is not one of our higher scoped configurations then recursively pass it to this function + // in an attempt to resolve it. + for field := 0; field < value.NumField(); field++ { + field := value.Field(field) + if !field.CanSet() { + // This skips fields that are either not addressable or are private data members. + continue + } + if _, ok := field.Interface().(GlobalConfiguration); ok { + // It's one of our higher level configurations, so we need to pull out a different + // subtree from our TOML document and inject it int othis struct. + config := initializePtr(field).Interface().(GlobalConfiguration) + err := c.deserializeConfigInto(config, config.namespace()) + if err != nil { + return err + } + field.Set(reflect.ValueOf(config)) + } else { + // This is just another member of some kind that is not one of our higher level configurations. + err := c.resolveHigherScopedReferences(field.Addr().Interface()) + if err != nil { + return err + } + } + } + return nil +} + +// stripGlobalsFromExample takes in an interface{} and returns a mapping that is +// the provided struct but with all references to higher scoped configurations scrubbed. +// +// This is intended only for use when constructing an example configuration file via the +// `-exampleConfig` flag. This is to avoid visually redundant, and possibly incorrect, +// examples such as the following... +// +// ``` +// [Global] +// something = false +// something_else = "" +// +// [e_some_lint] +// my_data = 0 +// my_flag = false +// globals = { something = false, something_else = "" } +// ``` +// +// Notice how the above has Global effectively listed twice - once externally and once internally, which +// defeats the whole point of having globals to begin with. +func stripGlobalsFromExample(i interface{}) interface{} { + value := reflect.Indirect(reflect.ValueOf(i)) + if value.Kind() != reflect.Struct { + return i + } + m := map[string]interface{}{} + for field := 0; field < value.NumField(); field++ { + name := value.Type().Field(field).Name + field := value.Field(field) + if !field.CanInterface() { + continue + } + if _, ok := field.Interface().(GlobalConfiguration); ok { + continue + } + field = initializePtr(field) + m[name] = stripGlobalsFromExample(field.Interface()) + } + return m +} + +// initializePtr checks whether the provided reflect.Value is a pointer type and is nil. If so, it returns +// a new reflect.Value that has an initialized pointer. +// +// If the provided reflect.Value is not a nil pointer, then the original reflect.Value is returned. +func initializePtr(value reflect.Value) reflect.Value { + if value.Kind() == reflect.Ptr && value.IsZero() { + return reflect.New(value.Type().Elem()) + } + return value +} diff --git a/vendor/github.com/zmap/zlint/v3/lint/global_configurations.go b/vendor/github.com/zmap/zlint/v3/lint/global_configurations.go new file mode 100644 index 000000000..826734ed3 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lint/global_configurations.go @@ -0,0 +1,155 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package lint + +// Global is what one would intuitive think of as being the global context of the configuration file. +// That is, given the following configuration... +// +// some_flag = true +// some_string = "the greatest song in the world" +// +// [e_some_lint] +// some_other_flag = false +// +// The fields `some_flag` and `some_string` will be targeted to land into this struct. +type Global struct{} + +func (g Global) namespace() string { + return "Global" +} + +// RFC5280Config is the higher scoped configuration which services as the deserialization target for... +// +// [RFC5280Config] +// ... +// ... +type RFC5280Config struct{} + +func (r RFC5280Config) namespace() string { + return "RFC5280Config" +} + +// RFC5480Config is the higher scoped configuration which services as the deserialization target for... +// +// [RFC5480Config] +// ... +// ... +type RFC5480Config struct{} + +func (r RFC5480Config) namespace() string { + return "RFC5480Config" +} + +// RFC5891Config is the higher scoped configuration which services as the deserialization target for... +// +// [RFC5891Config] +// ... +// ... +type RFC5891Config struct{} + +func (r RFC5891Config) namespace() string { + return "RFC5891Config" +} + +// CABFBaselineRequirementsConfig is the higher scoped configuration which services as the deserialization target for... +// +// [CABFBaselineRequirementsConfig] +// ... +// ... +type CABFBaselineRequirementsConfig struct{} + +func (c CABFBaselineRequirementsConfig) namespace() string { + return "CABFBaselineRequirementsConfig" +} + +// CABFEVGuidelinesConfig is the higher scoped configuration which services as the deserialization target for... +// +// [CABFEVGuidelinesConfig] +// ... +// ... +type CABFEVGuidelinesConfig struct{} + +func (c CABFEVGuidelinesConfig) namespace() string { + return "CABFEVGuidelinesConfig" +} + +// MozillaRootStorePolicyConfig is the higher scoped configuration which services as the deserialization target for... +// +// [MozillaRootStorePolicyConfig] +// ... +// ... +type MozillaRootStorePolicyConfig struct{} + +func (m MozillaRootStorePolicyConfig) namespace() string { + return "MozillaRootStorePolicyConfig" +} + +// AppleRootStorePolicyConfig is the higher scoped configuration which services as the deserialization target for... +// +// [AppleRootStorePolicyConfig] +// ... +// ... +type AppleRootStorePolicyConfig struct{} + +func (a AppleRootStorePolicyConfig) namespace() string { + return "AppleRootStorePolicyConfig" +} + +// CommunityConfig is the higher scoped configuration which services as the deserialization target for... +// +// [CommunityConfig] +// ... +// ... +type CommunityConfig struct{} + +func (c CommunityConfig) namespace() string { + return "CommunityConfig" +} + +// EtsiEsiConfig is the higher scoped configuration which services as the deserialization target for... +// +// [EtsiEsiConfig] +// ... +// ... +type EtsiEsiConfig struct{} + +func (e EtsiEsiConfig) namespace() string { + return "EtsiEsiConfig" +} + +// GlobalConfiguration acts both as an interface that can be used to obtain the TOML namespace of configuration +// as well as a way to mark a fielf in a struct as one of our own, higher scoped, configurations. +// +// the interface itself is public, however the singular `namespace` method is package private, meaning that +// normal lint struct cannot accidentally implement this. +type GlobalConfiguration interface { + namespace() string +} + +// defaultGlobals are used by other locations in the codebase that may want to iterate over all currently know +// global configuration types. Most notably, Registry.DefaultConfiguration uses it because it wants to print +// out a TOML document that is the full default configuration for ZLint. +var defaultGlobals = []GlobalConfiguration{ + &Global{}, + &CABFBaselineRequirementsConfig{}, + &RFC5280Config{}, + &RFC5480Config{}, + &RFC5891Config{}, + &CABFBaselineRequirementsConfig{}, + &CABFEVGuidelinesConfig{}, + &MozillaRootStorePolicyConfig{}, + &AppleRootStorePolicyConfig{}, + &CommunityConfig{}, +} diff --git a/vendor/github.com/zmap/zlint/v3/lint/registration.go b/vendor/github.com/zmap/zlint/v3/lint/registration.go index 694ae1faa..2d6d96939 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/registration.go +++ b/vendor/github.com/zmap/zlint/v3/lint/registration.go @@ -15,6 +15,7 @@ package lint import ( + "bytes" "encoding/json" "errors" "fmt" @@ -23,6 +24,8 @@ import ( "sort" "strings" "sync" + + "github.com/pelletier/go-toml" ) // FilterOptions is a struct used by Registry.Filter to create a sub registry @@ -75,6 +78,8 @@ type Registry interface { // Sources returns a SourceList of registered LintSources. The list is not // sorted but can be sorted by the caller with sort.Sort() if required. Sources() SourceList + // @TODO + DefaultConfiguration() ([]byte, error) // ByName returns a pointer to the registered lint with the given name, or nil // if there is no such lint registered in the registry. ByName(name string) *Lint @@ -87,6 +92,8 @@ type Registry interface { // WriteJSON writes a description of each registered lint as // a JSON object, one object per line, to the provided writer. WriteJSON(w io.Writer) + SetConfiguration(config Configuration) + GetConfiguration() Configuration } // registryImpl implements the Registry interface to provide a global collection @@ -102,6 +109,7 @@ type registryImpl struct { // lintsBySource is a map of all registered lints by source category. Lints // are added to the lintsBySource map by RegisterLint. lintsBySource map[LintSource][]*Lint + configuration Configuration } var ( @@ -127,29 +135,16 @@ func (e errDuplicateName) Error() string { e.lintName) } -// errBadInit is returned from registry.Register if the provided lint's -// Initialize function returned an error. -type errBadInit struct { - lintName string - err error -} - -func (e errBadInit) Error() string { - return fmt.Sprintf( - "failed to register lint with name %q - failed to Initialize: %q", - e.lintName, e.err) -} - // register adds the provided lint to the Registry. If initialize is true then // the lint's Initialize() function will be called before registering the lint. // // An error is returned if the lint or lint's Lint pointer is nil, if the Lint // has an empty Name or if the Name was previously registered. -func (r *registryImpl) register(l *Lint, initialize bool) error { +func (r *registryImpl) register(l *Lint) error { if l == nil { return errNilLint } - if l.Lint == nil { + if l.Lint() == nil { return errNilLintPtr } if l.Name == "" { @@ -158,11 +153,6 @@ func (r *registryImpl) register(l *Lint, initialize bool) error { if existing := r.ByName(l.Name); existing != nil { return &errDuplicateName{l.Name} } - if initialize { - if err := l.Lint.Initialize(); err != nil { - return &errBadInit{l.Name, err} - } - } r.Lock() defer r.Unlock() r.lintNames = append(r.lintNames, l.Name) @@ -243,6 +233,7 @@ func sourceListToMap(sources SourceList) map[LintSource]bool { // // FilterOptions are applied in the following order of precedence: // ExcludeSources > IncludeSources > NameFilter > ExcludeNames > IncludeNames +//nolint:cyclop func (r *registryImpl) Filter(opts FilterOptions) (Registry, error) { // If there's no filtering to be done, return the existing Registry. if opts.Empty() { @@ -250,6 +241,7 @@ func (r *registryImpl) Filter(opts FilterOptions) (Registry, error) { } filteredRegistry := NewRegistry() + filteredRegistry.SetConfiguration(r.configuration) sourceExcludes := sourceListToMap(opts.ExcludeSources) sourceIncludes := sourceListToMap(opts.IncludeSources) @@ -290,7 +282,7 @@ func (r *registryImpl) Filter(opts FilterOptions) (Registry, error) { // when adding lints to a filtered registry we do not want Initialize() to // be called a second time, so provide false as the initialize argument. - if err := filteredRegistry.register(l, false); err != nil { + if err := filteredRegistry.register(l); err != nil { return nil, err } } @@ -304,22 +296,83 @@ func (r *registryImpl) WriteJSON(w io.Writer) { enc := json.NewEncoder(w) enc.SetEscapeHTML(false) for _, name := range r.Names() { + //nolint:errchkjson _ = enc.Encode(r.ByName(name)) } } +func (r *registryImpl) SetConfiguration(cfg Configuration) { + r.configuration = cfg +} + +func (r *registryImpl) GetConfiguration() Configuration { + return r.configuration +} + +// DefaultConfiguration returns a serialized copy of the default configuration for ZLint. +// +// This is especially useful combined with the -exampleConfig CLI argument which prints this +// to stdout. In this way, operators can quickly see what lints are configurable and what their +// fields are without having to dig through documentation or, even worse, code. +func (r *registryImpl) DefaultConfiguration() ([]byte, error) { + return r.defaultConfiguration(defaultGlobals) +} + +// defaultConfiguration is abstracted out to a private function that takes in a slice of globals +// for the sake of making unit testing easier. +func (r *registryImpl) defaultConfiguration(globals []GlobalConfiguration) ([]byte, error) { + configurables := map[string]interface{}{} + for name, lint := range r.lintsByName { + switch configurable := lint.Lint().(type) { + case Configurable: + configurables[name] = stripGlobalsFromExample(configurable.Configure()) + default: + } + } + for _, config := range globals { + switch config.(type) { + case *Global: + // We're just using stripGlobalsFromExample here as a convenient way to + // recursively turn the `Global` struct type into a map. + // + // We have to do this because if we simply followed the pattern above and did... + // + // configurables["Global"] = &Global{} + // + // ...then we would end up with a [Global] section in the resulting configuration, + // which is not what we are looking for (we simply want it to be flattened out into + // the top most context of the configuration file). + for k, v := range stripGlobalsFromExample(config).(map[string]interface{}) { + configurables[k] = v + } + default: + configurables[config.namespace()] = config + } + + } + w := &bytes.Buffer{} + err := toml.NewEncoder(w).Indentation("").CompactComments(true).Encode(configurables) + if err != nil { + return nil, err + } + return w.Bytes(), nil +} + // NewRegistry constructs a Registry implementation that can be used to register // lints. +//nolint:revive func NewRegistry() *registryImpl { - return ®istryImpl{ + registry := ®istryImpl{ lintsByName: make(map[string]*Lint), lintsBySource: make(map[LintSource][]*Lint), } + registry.SetConfiguration(NewEmptyConfig()) + return registry } // globalRegistry is the Registry used by all loaded lints that call // RegisterLint(). -var globalRegistry *registryImpl = NewRegistry() +var globalRegistry = NewRegistry() // RegisterLint must be called once for each lint to be executed. Normally, // RegisterLint is called from the Go init() function of a lint implementation. @@ -335,7 +388,7 @@ func RegisterLint(l *Lint) { // RegisterLint always sets initialize to true. It's assumed this is called by // the package init() functions and therefore must be doing the first // initialization of a lint. - if err := globalRegistry.register(l, true); err != nil { + if err := globalRegistry.register(l); err != nil { panic(fmt.Sprintf("RegisterLint error: %v\n", err.Error())) } } diff --git a/vendor/github.com/zmap/zlint/v3/lint/result.go b/vendor/github.com/zmap/zlint/v3/lint/result.go index 71b43be9c..726d5743f 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/result.go +++ b/vendor/github.com/zmap/zlint/v3/lint/result.go @@ -21,6 +21,7 @@ import ( ) // LintStatus is an enum returned by lints inside of a LintResult. +//nolint:revive type LintStatus int // Known LintStatus values diff --git a/vendor/github.com/zmap/zlint/v3/lint/source.go b/vendor/github.com/zmap/zlint/v3/lint/source.go index 226a7c0d5..b978ea8b6 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/source.go +++ b/vendor/github.com/zmap/zlint/v3/lint/source.go @@ -7,7 +7,7 @@ import ( ) /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2022 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -22,13 +22,16 @@ import ( // LintSource is a type representing a known lint source that lints cite // requirements from. +//nolint:revive type LintSource string const ( UnknownLintSource LintSource = "Unknown" + RFC3279 LintSource = "RFC3279" RFC5280 LintSource = "RFC5280" RFC5480 LintSource = "RFC5480" RFC5891 LintSource = "RFC5891" + RFC8813 LintSource = "RFC8813" CABFBaselineRequirements LintSource = "CABF_BR" CABFEVGuidelines LintSource = "CABF_EV" MozillaRootStorePolicy LintSource = "Mozilla" diff --git a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_ct_sct_policy_count_unsatisfied.go b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_ct_sct_policy_count_unsatisfied.go index cf77a6f20..37f4dc041 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_ct_sct_policy_count_unsatisfied.go +++ b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_ct_sct_policy_count_unsatisfied.go @@ -33,15 +33,16 @@ func init() { Citation: "https://support.apple.com/en-us/HT205280", Source: lint.AppleRootStorePolicy, EffectiveDate: util.AppleCTPolicyDate, - Lint: &sctPolicyCount{}, + Lint: NewSctPolicyCount, }) } -// Initialize for a sctPolicyCount instance does nothing. -func (l *sctPolicyCount) Initialize() error { - return nil +func NewSctPolicyCount() lint.LintInterface { + return &sctPolicyCount{} } +// Initialize for a sctPolicyCount instance does nothing. + // CheckApplies returns true for any subscriber certificates that are not // precertificates (e.g. that do not have the CT poison extension defined in RFC // 6962. diff --git a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_e_server_cert_valid_time_longer_than_398_days.go b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_e_server_cert_valid_time_longer_than_398_days.go index b6077bff7..0902bb176 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_e_server_cert_valid_time_longer_than_398_days.go +++ b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_e_server_cert_valid_time_longer_than_398_days.go @@ -32,12 +32,12 @@ func init() { Citation: "https://support.apple.com/en-us/HT211025", Source: lint.AppleRootStorePolicy, EffectiveDate: util.AppleReducedLifetimeDate, - Lint: &serverCertValidityTooLong{}, + Lint: NewServerCertValidityTooLong, }) } -func (l *serverCertValidityTooLong) Initialize() error { - return nil +func NewServerCertValidityTooLong() lint.LintInterface { + return &serverCertValidityTooLong{} } func (l *serverCertValidityTooLong) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_w_server_cert_valid_time_longer_than_397_days.go b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_w_server_cert_valid_time_longer_than_397_days.go index 26a483fbe..c80c185ba 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_w_server_cert_valid_time_longer_than_397_days.go +++ b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_w_server_cert_valid_time_longer_than_397_days.go @@ -32,12 +32,12 @@ func init() { Citation: "https://support.apple.com/en-us/HT211025", Source: lint.AppleRootStorePolicy, EffectiveDate: util.AppleReducedLifetimeDate, - Lint: &serverCertValidityAlmostTooLong{}, + Lint: NewServerCertValidityAlmostTooLong, }) } -func (l *serverCertValidityAlmostTooLong) Initialize() error { - return nil +func NewServerCertValidityAlmostTooLong() lint.LintInterface { + return &serverCertValidityAlmostTooLong{} } func (l *serverCertValidityAlmostTooLong) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_common_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_common_name_missing.go index e5918f29f..cded5cb8c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_common_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_common_name_missing.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.3.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV148Date, - Lint: &caCommonNameMissing{}, + Lint: NewCaCommonNameMissing, }) } -func (l *caCommonNameMissing) Initialize() error { - return nil +func NewCaCommonNameMissing() lint.LintInterface { + return &caCommonNameMissing{} } func (l *caCommonNameMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_invalid.go index 6fa2acbf7..ba34eea9d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_invalid.go @@ -37,12 +37,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &caCountryNameInvalid{}, + Lint: NewCaCountryNameInvalid, }) } -func (l *caCountryNameInvalid) Initialize() error { - return nil +func NewCaCountryNameInvalid() lint.LintInterface { + return &caCountryNameInvalid{} } func (l *caCountryNameInvalid) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_missing.go index 3472daa21..a0a112b2b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_missing.go @@ -37,12 +37,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &caCountryNameMissing{}, + Lint: NewCaCountryNameMissing, }) } -func (l *caCountryNameMissing) Initialize() error { - return nil +func NewCaCountryNameMissing() lint.LintInterface { + return &caCountryNameMissing{} } func (l *caCountryNameMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_crl_sign_not_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_crl_sign_not_set.go index d842f4712..863a7ea40 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_crl_sign_not_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_crl_sign_not_set.go @@ -36,12 +36,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &caCRLSignNotSet{}, + Lint: NewCaCRLSignNotSet, }) } -func (l *caCRLSignNotSet) Initialize() error { - return nil +func NewCaCRLSignNotSet() lint.LintInterface { + return &caCRLSignNotSet{} } func (l *caCRLSignNotSet) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_digital_signature_not_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_digital_signature_not_set.go index 057f42032..64fc07c28 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_digital_signature_not_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_digital_signature_not_set.go @@ -39,12 +39,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &caDigSignNotSet{}, + Lint: NewCaDigSignNotSet, }) } -func (l *caDigSignNotSet) Initialize() error { - return nil +func NewCaDigSignNotSet() lint.LintInterface { + return &caDigSignNotSet{} } func (l *caDigSignNotSet) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_is_ca.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_is_ca.go index 838c0a700..5bec46cec 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_is_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_is_ca.go @@ -15,8 +15,7 @@ package cabf_br */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -31,19 +30,19 @@ func init() { Citation: "BRs: 7.1.2.1, BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &caIsCA{}, + Lint: NewCaIsCA, }) } +func NewCaIsCA() lint.LintInterface { + return &caIsCA{} +} + type basicConstraints struct { IsCA bool `asn1:"optional"` MaxPathLen int `asn1:"optional,default:-1"` } -func (l *caIsCA) Initialize() error { - return nil -} - func (l *caIsCA) CheckApplies(c *x509.Certificate) bool { return util.IsExtInCert(c, util.KeyUsageOID) && c.KeyUsage&x509.KeyUsageCertSign != 0 && util.IsExtInCert(c, util.BasicConstOID) } diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_cert_sign_not_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_cert_sign_not_set.go index 86206b774..1861e3a41 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_cert_sign_not_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_cert_sign_not_set.go @@ -35,12 +35,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &caKeyCertSignNotSet{}, + Lint: NewCaKeyCertSignNotSet, }) } -func (l *caKeyCertSignNotSet) Initialize() error { - return nil +func NewCaKeyCertSignNotSet() lint.LintInterface { + return &caKeyCertSignNotSet{} } func (l *caKeyCertSignNotSet) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_missing.go index 4264e92e7..551a9a831 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_missing.go @@ -37,12 +37,12 @@ func init() { Citation: "BRs: 7.1.2.1, RFC 5280: 4.2.1.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.RFC3280Date, - Lint: &caKeyUsageMissing{}, + Lint: NewCaKeyUsageMissing, }) } -func (l *caKeyUsageMissing) Initialize() error { - return nil +func NewCaKeyUsageMissing() lint.LintInterface { + return &caKeyUsageMissing{} } func (l *caKeyUsageMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_not_critical.go index 375b22c53..1af5c0942 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_not_critical.go @@ -35,12 +35,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &caKeyUsageNotCrit{}, + Lint: NewCaKeyUsageNotCrit, }) } -func (l *caKeyUsageNotCrit) Initialize() error { - return nil +func NewCaKeyUsageNotCrit() lint.LintInterface { + return &caKeyUsageNotCrit{} } func (l *caKeyUsageNotCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_organization_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_organization_name_missing.go index 98bc43cf0..38d702e6d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_organization_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_organization_name_missing.go @@ -34,12 +34,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &caOrganizationNameMissing{}, + Lint: NewCaOrganizationNameMissing, }) } -func (l *caOrganizationNameMissing) Initialize() error { - return nil +func NewCaOrganizationNameMissing() lint.LintInterface { + return &caOrganizationNameMissing{} } func (l *caOrganizationNameMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_locality.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_locality.go index 992fe0ecb..7b290e49a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_locality.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_locality.go @@ -23,12 +23,23 @@ import ( "github.com/zmap/zlint/v3/util" ) -type certPolicyConflictsWithLocality struct{} +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_cab_dv_conflicts_with_locality", + Description: "If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, locality name MUST NOT be included in subject", + Citation: "BRs: 7.1.6.1", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABEffectiveDate, + Lint: NewCertPolicyConflictsWithLocality, + }) +} -func (l *certPolicyConflictsWithLocality) Initialize() error { - return nil +func NewCertPolicyConflictsWithLocality() lint.LintInterface { + return &certPolicyConflictsWithLocality{} } +type certPolicyConflictsWithLocality struct{} + func (l *certPolicyConflictsWithLocality) CheckApplies(cert *x509.Certificate) bool { return util.SliceContainsOID(cert.PolicyIdentifiers, util.BRDomainValidatedOID) && !util.IsCACert(cert) } @@ -39,14 +50,3 @@ func (l *certPolicyConflictsWithLocality) Execute(cert *x509.Certificate) *lint. } return &lint.LintResult{Status: lint.Pass} } - -func init() { - lint.RegisterLint(&lint.Lint{ - Name: "e_cab_dv_conflicts_with_locality", - Description: "If certificate policy 2.23.140.1.2.1 (CA/B BR domain validated) is included, locality name MUST NOT be included in subject", - Citation: "BRs: 7.1.6.1", - Source: lint.CABFBaselineRequirements, - EffectiveDate: util.CABEffectiveDate, - Lint: &certPolicyConflictsWithLocality{}, - }) -} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_org.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_org.go index a9cc3f4c4..c32b5ae96 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_org.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_org.go @@ -39,12 +39,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &certPolicyConflictsWithOrg{}, + Lint: NewCertPolicyConflictsWithOrg, }) } -func (l *certPolicyConflictsWithOrg) Initialize() error { - return nil +func NewCertPolicyConflictsWithOrg() lint.LintInterface { + return &certPolicyConflictsWithOrg{} } func (l *certPolicyConflictsWithOrg) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_postal.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_postal.go index 5ad1b85a5..2b9d26abb 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_postal.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_postal.go @@ -39,12 +39,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &certPolicyConflictsWithPostal{}, + Lint: NewCertPolicyConflictsWithPostal, }) } -func (l *certPolicyConflictsWithPostal) Initialize() error { - return nil +func NewCertPolicyConflictsWithPostal() lint.LintInterface { + return &certPolicyConflictsWithPostal{} } func (l *certPolicyConflictsWithPostal) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_province.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_province.go index b0e4b7de3..656c80767 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_province.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_province.go @@ -39,12 +39,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &certPolicyConflictsWithProvince{}, + Lint: NewCertPolicyConflictsWithProvince, }) } -func (l *certPolicyConflictsWithProvince) Initialize() error { - return nil +func NewCertPolicyConflictsWithProvince() lint.LintInterface { + return &certPolicyConflictsWithProvince{} } func (l *certPolicyConflictsWithProvince) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_street.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_street.go index ed217c4d4..314278a61 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_street.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_street.go @@ -39,12 +39,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &certPolicyConflictsWithStreet{}, + Lint: NewCertPolicyConflictsWithStreet, }) } -func (l *certPolicyConflictsWithStreet) Initialize() error { - return nil +func NewCertPolicyConflictsWithStreet() lint.LintInterface { + return &certPolicyConflictsWithStreet{} } func (l *certPolicyConflictsWithStreet) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_iv_requires_personal_name.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_iv_requires_personal_name.go index 5da044fe6..8f81fdc8a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_iv_requires_personal_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_iv_requires_personal_name.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV131Date, - Lint: &CertPolicyRequiresPersonalName{}, + Lint: NewCertPolicyRequiresPersonalName, }) } -func (l *CertPolicyRequiresPersonalName) Initialize() error { - return nil +func NewCertPolicyRequiresPersonalName() lint.LintInterface { + return &CertPolicyRequiresPersonalName{} } func (l *CertPolicyRequiresPersonalName) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_ov_requires_org.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_ov_requires_org.go index fcfe4e6f6..b39c0512e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_ov_requires_org.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_ov_requires_org.go @@ -39,12 +39,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &CertPolicyRequiresOrg{}, + Lint: NewCertPolicyRequiresOrg, }) } -func (l *CertPolicyRequiresOrg) Initialize() error { - return nil +func NewCertPolicyRequiresOrg() lint.LintInterface { + return &CertPolicyRequiresOrg{} } func (l *CertPolicyRequiresOrg) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_country.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_country.go index 5a05e49d3..75ca58834 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_country.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_country.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV131Date, - Lint: &CertPolicyIVRequiresCountry{}, + Lint: NewCertPolicyIVRequiresCountry, }) } -func (l *CertPolicyIVRequiresCountry) Initialize() error { - return nil +func NewCertPolicyIVRequiresCountry() lint.LintInterface { + return &CertPolicyIVRequiresCountry{} } func (l *CertPolicyIVRequiresCountry) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_province_or_locality.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_province_or_locality.go index 23a7c48b9..cfeac1b91 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_province_or_locality.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_province_or_locality.go @@ -41,12 +41,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV131Date, - Lint: &CertPolicyIVRequiresProvinceOrLocal{}, + Lint: NewCertPolicyIVRequiresProvinceOrLocal, }) } -func (l *CertPolicyIVRequiresProvinceOrLocal) Initialize() error { - return nil +func NewCertPolicyIVRequiresProvinceOrLocal() lint.LintInterface { + return &CertPolicyIVRequiresProvinceOrLocal{} } func (l *CertPolicyIVRequiresProvinceOrLocal) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_country.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_country.go index fb8cae0cd..ef81bd934 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_country.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_country.go @@ -39,12 +39,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &CertPolicyOVRequiresCountry{}, + Lint: NewCertPolicyOVRequiresCountry, }) } -func (l *CertPolicyOVRequiresCountry) Initialize() error { - return nil +func NewCertPolicyOVRequiresCountry() lint.LintInterface { + return &CertPolicyOVRequiresCountry{} } func (l *CertPolicyOVRequiresCountry) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_province_or_locality.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_province_or_locality.go index 7a219ddb3..e3ed9aae8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_province_or_locality.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_province_or_locality.go @@ -41,12 +41,12 @@ func init() { Citation: "BRs: 7.1.6.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &CertPolicyOVRequiresProvinceOrLocal{}, + Lint: NewCertPolicyOVRequiresProvinceOrLocal, }) } -func (l *CertPolicyOVRequiresProvinceOrLocal) Initialize() error { - return nil +func NewCertPolicyOVRequiresProvinceOrLocal() lint.LintInterface { + return &CertPolicyOVRequiresProvinceOrLocal{} } func (l *CertPolicyOVRequiresProvinceOrLocal) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dh_params_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dh_params_missing.go index 2ea2193c0..1c38628f0 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dh_params_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dh_params_missing.go @@ -15,7 +15,7 @@ package cabf_br */ import ( - "crypto/dsa" + "github.com/zmap/zcrypto/dsa" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" @@ -26,17 +26,18 @@ type dsaParamsMissing struct{} func init() { lint.RegisterLint(&lint.Lint{ - Name: "e_dsa_params_missing", - Description: "DSA: Certificates MUST include all domain parameters", - Citation: "BRs v1.7.0: 6.1.6", - Source: lint.CABFBaselineRequirements, - EffectiveDate: util.CABEffectiveDate, - Lint: &dsaParamsMissing{}, + Name: "e_dsa_params_missing", + Description: "DSA: Certificates MUST include all domain parameters", + Citation: "BRs v1.7.0: 6.1.6", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABEffectiveDate, + IneffectiveDate: util.CABFBRs_1_7_1_Date, + Lint: NewDsaParamsMissing, }) } -func (l *dsaParamsMissing) Initialize() error { - return nil +func NewDsaParamsMissing() lint.LintInterface { + return &dsaParamsMissing{} } func (l *dsaParamsMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_bad_character_in_label.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_bad_character_in_label.go index 838a6ef1a..8f70133e6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_bad_character_in_label.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_bad_character_in_label.go @@ -33,16 +33,14 @@ func init() { Citation: "BRs: 7.1.4.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &DNSNameProperCharacters{}, + Lint: NewDNSNameProperCharacters, }) } -func (l *DNSNameProperCharacters) Initialize() error { - const dnsNameRegexp = `^(\*\.)?(\?\.)*([A-Za-z0-9*_-]+\.)*[A-Za-z0-9*_-]*$` - var err error - l.CompiledExpression, err = regexp.Compile(dnsNameRegexp) - - return err +func NewDNSNameProperCharacters() lint.LintInterface { + return &DNSNameProperCharacters{ + CompiledExpression: regexp.MustCompile(`^(\*\.)?(\?\.)*([A-Za-z0-9*_-]+\.)*[A-Za-z0-9*_-]*$`), + } } func (l *DNSNameProperCharacters) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_check_left_label_wildcard.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_check_left_label_wildcard.go index 3c9c6c26d..2700c4854 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_check_left_label_wildcard.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_check_left_label_wildcard.go @@ -31,12 +31,12 @@ func init() { Citation: "BRs: 1.6.1, Wildcard Certificate and Wildcard Domain Name", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &DNSNameLeftLabelWildcardCheck{}, + Lint: NewDNSNameLeftLabelWildcardCheck, }) } -func (l *DNSNameLeftLabelWildcardCheck) Initialize() error { - return nil +func NewDNSNameLeftLabelWildcardCheck() lint.LintInterface { + return &DNSNameLeftLabelWildcardCheck{} } func (l *DNSNameLeftLabelWildcardCheck) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_bare_iana_suffix.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_bare_iana_suffix.go index bbf31a53b..ce914657a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_bare_iana_suffix.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_bare_iana_suffix.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 1.6.1, Base Domain Name", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &dnsNameContainsBareIANASuffix{}, + Lint: NewDnsNameContainsBareIANASuffix, }) } -func (l *dnsNameContainsBareIANASuffix) Initialize() error { - return nil +func NewDnsNameContainsBareIANASuffix() lint.LintInterface { + return &dnsNameContainsBareIANASuffix{} } func (l *dnsNameContainsBareIANASuffix) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_empty_label.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_empty_label.go index c617460fe..6fa57d2f1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_empty_label.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_empty_label.go @@ -31,12 +31,12 @@ func init() { Citation: "BRs: 7.1.4.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &DNSNameEmptyLabel{}, + Lint: NewDNSNameEmptyLabel, }) } -func (l *DNSNameEmptyLabel) Initialize() error { - return nil +func NewDNSNameEmptyLabel() lint.LintInterface { + return &DNSNameEmptyLabel{} } func (l *DNSNameEmptyLabel) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_prohibited_reserved_label.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_prohibited_reserved_label.go new file mode 100644 index 000000000..2c3983eff --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_prohibited_reserved_label.go @@ -0,0 +1,58 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package cabf_br + +import ( + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_dnsname_contains_prohibited_reserved_label", + Description: "FQDNs MUST consist solely of Domain Labels that are P‐Labels or Non‐Reserved LDH Labels", + Citation: "BRs: 7.1.4.2.1", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.NoReservedDomainLabelsDate, + Lint: NewDNSNameContainsProhibitedReservedLabel, + }) +} + +type DNSNameContainsProhibitedReservedLabel struct{} + +func NewDNSNameContainsProhibitedReservedLabel() lint.LintInterface { + return &DNSNameContainsProhibitedReservedLabel{} +} + +func (l *DNSNameContainsProhibitedReservedLabel) CheckApplies(c *x509.Certificate) bool { + return util.IsSubscriberCert(c) && util.DNSNamesExist(c) +} + +func (l *DNSNameContainsProhibitedReservedLabel) Execute(c *x509.Certificate) *lint.LintResult { + for _, dns := range c.DNSNames { + labels := strings.Split(dns, ".") + + for _, label := range labels { + if util.HasReservedLabelPrefix(label) && !util.HasXNLabelPrefix(label) { + return &lint.LintResult{Status: lint.Error} + } + } + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_hyphen_in_sld.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_hyphen_in_sld.go index f2687edc5..f894fa006 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_hyphen_in_sld.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_hyphen_in_sld.go @@ -31,12 +31,12 @@ func init() { Citation: "BRs 7.1.4.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.RFC5280Date, - Lint: &DNSNameHyphenInSLD{}, + Lint: NewDNSNameHyphenInSLD, }) } -func (l *DNSNameHyphenInSLD) Initialize() error { - return nil +func NewDNSNameHyphenInSLD() lint.LintInterface { + return &DNSNameHyphenInSLD{} } func (l *DNSNameHyphenInSLD) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_label_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_label_too_long.go index f13f93358..700e9ab8b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_label_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_label_too_long.go @@ -31,12 +31,12 @@ func init() { Citation: "RFC 1035", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &DNSNameLabelLengthTooLong{}, + Lint: NewDNSNameLabelLengthTooLong, }) } -func (l *DNSNameLabelLengthTooLong) Initialize() error { - return nil +func NewDNSNameLabelLengthTooLong() lint.LintInterface { + return &DNSNameLabelLengthTooLong{} } func (l *DNSNameLabelLengthTooLong) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_right_label_valid_tld.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_right_label_valid_tld.go index 23998b5b8..eee0fab14 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_right_label_valid_tld.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_right_label_valid_tld.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 3.2.2.4", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &DNSNameValidTLD{}, + Lint: NewDNSNameValidTLD, }) } -func (l *DNSNameValidTLD) Initialize() error { - return nil +func NewDNSNameValidTLD() lint.LintInterface { + return &DNSNameValidTLD{} } func (l *DNSNameValidTLD) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_sld.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_sld.go index f02a86f02..1c3ec26f1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_sld.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_sld.go @@ -31,12 +31,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.RFC5280Date, - Lint: &DNSNameUnderscoreInSLD{}, + Lint: NewDNSNameUnderscoreInSLD, }) } -func (l *DNSNameUnderscoreInSLD) Initialize() error { - return nil +func NewDNSNameUnderscoreInSLD() lint.LintInterface { + return &DNSNameUnderscoreInSLD{} } func (l *DNSNameUnderscoreInSLD) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_trd.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_trd.go index 0e8e02e59..6da9f1f8f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_trd.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_trd.go @@ -31,12 +31,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.RFC5280Date, - Lint: &DNSNameUnderscoreInTRD{}, + Lint: NewDNSNameUnderscoreInTRD, }) } -func (l *DNSNameUnderscoreInTRD) Initialize() error { - return nil +func NewDNSNameUnderscoreInTRD() lint.LintInterface { + return &DNSNameUnderscoreInTRD{} } func (l *DNSNameUnderscoreInTRD) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_left_of_public_suffix.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_left_of_public_suffix.go index a2d0eb927..b1c67c8f2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_left_of_public_suffix.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_left_of_public_suffix.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 3.2.2.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &DNSNameWildcardLeftofPublicSuffix{}, + Lint: NewDNSNameWildcardLeftofPublicSuffix, }) } -func (l *DNSNameWildcardLeftofPublicSuffix) Initialize() error { - return nil +func NewDNSNameWildcardLeftofPublicSuffix() lint.LintInterface { + return &DNSNameWildcardLeftofPublicSuffix{} } func (l *DNSNameWildcardLeftofPublicSuffix) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_only_in_left_label.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_only_in_left_label.go index 1bcc08021..da3320ee3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_only_in_left_label.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_only_in_left_label.go @@ -31,12 +31,12 @@ func init() { Citation: "BRs: 1.6.1, Wildcard Domain Name", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &DNSNameWildcardOnlyInLeftlabel{}, + Lint: NewDNSNameWildcardOnlyInLeftlabel, }) } -func (l *DNSNameWildcardOnlyInLeftlabel) Initialize() error { - return nil +func NewDNSNameWildcardOnlyInLeftlabel() lint.LintInterface { + return &DNSNameWildcardOnlyInLeftlabel{} } func (l *DNSNameWildcardOnlyInLeftlabel) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_correct_order_in_subgroup.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_correct_order_in_subgroup.go index 5109a5787..0def57863 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_correct_order_in_subgroup.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_correct_order_in_subgroup.go @@ -15,9 +15,10 @@ package cabf_br */ import ( - "crypto/dsa" "math/big" + "github.com/zmap/zcrypto/dsa" + "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -32,12 +33,12 @@ func init() { Citation: "BRs v1.7.0: 6.1.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &dsaSubgroup{}, + Lint: NewDsaSubgroup, }) } -func (l *dsaSubgroup) Initialize() error { - return nil +func NewDsaSubgroup() lint.LintInterface { + return &dsaSubgroup{} } func (l *dsaSubgroup) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_improper_modulus_or_divisor_size.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_improper_modulus_or_divisor_size.go index d991d872b..123ce672f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_improper_modulus_or_divisor_size.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_improper_modulus_or_divisor_size.go @@ -15,7 +15,7 @@ package cabf_br */ import ( - "crypto/dsa" + "github.com/zmap/zcrypto/dsa" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" @@ -31,12 +31,12 @@ func init() { Citation: "BRs v1.7.0: 6.1.5", Source: lint.CABFBaselineRequirements, EffectiveDate: util.ZeroDate, - Lint: &dsaImproperSize{}, + Lint: NewDsaImproperSize, }) } -func (l *dsaImproperSize) Initialize() error { - return nil +func NewDsaImproperSize() lint.LintInterface { + return &dsaImproperSize{} } func (l *dsaImproperSize) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_shorter_than_2048_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_shorter_than_2048_bits.go index bbf7b4f60..f9e9cd7d7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_shorter_than_2048_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_shorter_than_2048_bits.go @@ -15,7 +15,7 @@ package cabf_br */ import ( - "crypto/dsa" + "github.com/zmap/zcrypto/dsa" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" @@ -32,12 +32,12 @@ func init() { // Refer to BRs: 6.1.5, taking the statement "Before 31 Dec 2010" literally Source: lint.CABFBaselineRequirements, EffectiveDate: util.ZeroDate, - Lint: &dsaTooShort{}, + Lint: NewDsaTooShort, }) } -func (l *dsaTooShort) Initialize() error { - return nil +func NewDsaTooShort() lint.LintInterface { + return &dsaTooShort{} } func (l *dsaTooShort) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_unique_correct_representation.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_unique_correct_representation.go index da36d97d6..de64fbbff 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_unique_correct_representation.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_unique_correct_representation.go @@ -15,9 +15,10 @@ package cabf_br */ import ( - "crypto/dsa" "math/big" + "github.com/zmap/zcrypto/dsa" + "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -32,12 +33,12 @@ func init() { Citation: "BRs v1.7.0: 6.1.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &dsaUniqueCorrectRepresentation{}, + Lint: NewDsaUniqueCorrectRepresentation, }) } -func (l *dsaUniqueCorrectRepresentation) Initialize() error { - return nil +func NewDsaUniqueCorrectRepresentation() lint.LintInterface { + return &dsaUniqueCorrectRepresentation{} } func (l *dsaUniqueCorrectRepresentation) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_e_sub_ca_aia_missing.go similarity index 78% rename from vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_missing.go rename to vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_e_sub_ca_aia_missing.go index 14c70565e..defe83064 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_e_sub_ca_aia_missing.go @@ -32,17 +32,18 @@ marked critical, and it MUST contain the HTTP URL of the Issuing CA’s OCSP res func init() { lint.RegisterLint(&lint.Lint{ - Name: "e_sub_ca_aia_missing", - Description: "Subordinate CA Certificate: authorityInformationAccess MUST be present, with the exception of stapling.", - Citation: "BRs: 7.1.2.2", - Source: lint.CABFBaselineRequirements, - EffectiveDate: util.CABEffectiveDate, - Lint: &caAiaMissing{}, + Name: "e_sub_ca_aia_missing", + Description: "Subordinate CA Certificate: authorityInformationAccess MUST be present, with the exception of stapling.", + Citation: "BRs: 7.1.2.2", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABEffectiveDate, + IneffectiveDate: util.CABFBRs_1_7_1_Date, + Lint: NewCaAiaMissing, }) } -func (l *caAiaMissing) Initialize() error { - return nil +func NewCaAiaMissing() lint.LintInterface { + return &caAiaMissing{} } func (l *caAiaMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ec_improper_curves.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ec_improper_curves.go index 9e894b4b7..5b995d403 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ec_improper_curves.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ec_improper_curves.go @@ -38,12 +38,12 @@ func init() { Source: lint.CABFBaselineRequirements, // Refer to BRs: 6.1.5, taking the statement "Before 31 Dec 2010" literally EffectiveDate: util.ZeroDate, - Lint: &ecImproperCurves{}, + Lint: NewEcImproperCurves, }) } -func (l *ecImproperCurves) Initialize() error { - return nil +func NewEcImproperCurves() lint.LintInterface { + return &ecImproperCurves{} } func (l *ecImproperCurves) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_nc_intersects_reserved_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_nc_intersects_reserved_ip.go index df33ab21a..6a5961bf8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_nc_intersects_reserved_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_nc_intersects_reserved_ip.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.5 / 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &NCReservedIPNet{}, + Lint: NewNCReservedIPNet, }) } -func (l *NCReservedIPNet) Initialize() error { - return nil +func NewNCReservedIPNet() lint.LintInterface { + return &NCReservedIPNet{} } func (l *NCReservedIPNet) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_contains_reserved_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_contains_reserved_ip.go index 727085745..5f6c91716 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_contains_reserved_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_contains_reserved_ip.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &SANReservedIP{}, + Lint: NewSANReservedIP, }) } -func (l *SANReservedIP) Initialize() error { - return nil +func NewSANReservedIP() lint.LintInterface { + return &SANReservedIP{} } func (l *SANReservedIP) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_critical_with_subject_dn.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_critical_with_subject_dn.go index ccb3d325d..04a44e5a4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_critical_with_subject_dn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_critical_with_subject_dn.go @@ -40,12 +40,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.RFC5280Date, - Lint: &ExtSANCriticalWithSubjectDN{}, + Lint: NewExtSANCriticalWithSubjectDN, }) } -func (l *ExtSANCriticalWithSubjectDN) Initialize() error { - return nil +func NewExtSANCriticalWithSubjectDN() lint.LintInterface { + return &ExtSANCriticalWithSubjectDN{} } func (l *ExtSANCriticalWithSubjectDN) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_directory_name_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_directory_name_present.go index 6d1aa5920..bcfb9cf21 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_directory_name_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_directory_name_present.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &SANDirName{}, + Lint: NewSANDirName, }) } -func (l *SANDirName) Initialize() error { - return nil +func NewSANDirName() lint.LintInterface { + return &SANDirName{} } func (l *SANDirName) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_edi_party_name_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_edi_party_name_present.go index 42c193dc4..bd6e2f050 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_edi_party_name_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_edi_party_name_present.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &SANEDI{}, + Lint: NewSANEDI, }) } -func (l *SANEDI) Initialize() error { - return nil +func NewSANEDI() lint.LintInterface { + return &SANEDI{} } func (l *SANEDI) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_missing.go index 59aae44c2..a43af6099 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_missing.go @@ -36,12 +36,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &SANMissing{}, + Lint: NewSANMissing, }) } -func (l *SANMissing) Initialize() error { - return nil +func NewSANMissing() lint.LintInterface { + return &SANMissing{} } func (l *SANMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_other_name_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_other_name_present.go index fa6f90d5f..1752d00b3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_other_name_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_other_name_present.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &SANOtherName{}, + Lint: NewSANOtherName, }) } -func (l *SANOtherName) Initialize() error { - return nil +func NewSANOtherName() lint.LintInterface { + return &SANOtherName{} } func (l *SANOtherName) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_registered_id_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_registered_id_present.go index ef9bea512..dd6a5ec66 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_registered_id_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_registered_id_present.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &SANRegId{}, + Lint: NewSANRegId, }) } -func (l *SANRegId) Initialize() error { - return nil +func NewSANRegId() lint.LintInterface { + return &SANRegId{} } func (l *SANRegId) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_rfc822_name_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_rfc822_name_present.go index 27e1b401f..1aedbcfc4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_rfc822_name_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_rfc822_name_present.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &SANRfc822{}, + Lint: NewSANRfc822, }) } -func (l *SANRfc822) Initialize() error { - return nil +func NewSANRfc822() lint.LintInterface { + return &SANRfc822{} } func (l *SANRfc822) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_uniform_resource_identifier_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_uniform_resource_identifier_present.go index 203c7cd6e..5a011e710 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_uniform_resource_identifier_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_uniform_resource_identifier_present.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &SANURI{}, + Lint: NewSANURI, }) } -func (l *SANURI) Initialize() error { - return nil +func NewSANURI() lint.LintInterface { + return &SANURI{} } func (l *SANURI) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_tor_service_descriptor_hash_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_tor_service_descriptor_hash_invalid.go index aa550b1a2..b70573268 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_tor_service_descriptor_hash_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_tor_service_descriptor_hash_invalid.go @@ -33,10 +33,14 @@ func init() { Citation: "BRs: Ballot 201, Ballot SC27", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV201Date, - Lint: &torServiceDescHashInvalid{}, + Lint: NewTorServiceDescHashInvalid, }) } +func NewTorServiceDescHashInvalid() lint.LintInterface { + return &torServiceDescHashInvalid{} +} + func (l *torServiceDescHashInvalid) Initialize() error { // There is nothing to initialize for a torServiceDescHashInvalid linter. return nil @@ -49,7 +53,8 @@ func (l *torServiceDescHashInvalid) CheckApplies(c *x509.Certificate) bool { ext := util.GetExtFromCert(c, util.BRTorServiceDescriptor) return ext != nil || (util.IsSubscriberCert(c) && util.CertificateSubjInTLD(c, util.OnionTLD) && - util.IsEV(c.PolicyIdentifiers)) + util.IsEV(c.PolicyIdentifiers)) && + util.IsOnionV2Cert(c) } // failResult is a small utility function for creating a failed lint result. @@ -108,6 +113,7 @@ func lintOnionURL(onion string) *lint.LintResult { // an onion subject in the cert. // 6) There is an onion subject in the cert that doesn't correspond to // a TorServiceDescriptorHash, if required. +//nolint:cyclop func (l *torServiceDescHashInvalid) Execute(c *x509.Certificate) *lint.LintResult { // If the certificate is EV, the BRTorServiceDescriptor extension is required. // We know that `CheckApplies` will only apply if the certificate has the diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_extra_subject_common_names.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_extra_subject_common_names.go index 43c1ebd1b..3d17bca22 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_extra_subject_common_names.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_extra_subject_common_names.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &extraSubjectCommonNames{}, + Lint: NewExtraSubjectCommonNames, }) } -func (l *extraSubjectCommonNames) Initialize() error { - return nil +func NewExtraSubjectCommonNames() lint.LintInterface { + return &extraSubjectCommonNames{} } func (l *extraSubjectCommonNames) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_invalid_certificate_version.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_invalid_certificate_version.go index 24e63be41..67c5b5705 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_invalid_certificate_version.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_invalid_certificate_version.go @@ -33,12 +33,12 @@ func init() { Citation: "BRs: 7.1.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV130Date, - Lint: &InvalidCertificateVersion{}, + Lint: NewInvalidCertificateVersion, }) } -func (l *InvalidCertificateVersion) Initialize() error { - return nil +func NewInvalidCertificateVersion() lint.LintInterface { + return &InvalidCertificateVersion{} } func (l *InvalidCertificateVersion) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_no_underscores_before_1_6_2.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_no_underscores_before_1_6_2.go new file mode 100644 index 000000000..865244253 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_no_underscores_before_1_6_2.go @@ -0,0 +1,58 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package cabf_br + +import ( + "fmt" + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_no_underscores_before_1_6_2", + Description: "Before explicitly stating as such in CABF 1.6.2, the stance of RFC5280 is adopted that DNSNames MUST NOT contain an underscore character.", + Citation: "BR 7.1.4.2.1", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.ZeroDate, + IneffectiveDate: util.CABFBRs_1_6_2_Date, + Lint: func() lint.LintInterface { return &NoUnderscoreBefore1_6_2{} }, + }) +} + +type NoUnderscoreBefore1_6_2 struct{} + +func NewNoUnderscoreBefore1_6_2() lint.LintInterface { + return &NoUnderscoreBefore1_6_2{} +} + +func (l *NoUnderscoreBefore1_6_2) CheckApplies(c *x509.Certificate) bool { + return util.IsSubscriberCert(c) && util.DNSNamesExist(c) +} + +func (l *NoUnderscoreBefore1_6_2) Execute(c *x509.Certificate) *lint.LintResult { + for _, dns := range c.DNSNames { + if strings.Contains(dns, "_") { + return &lint.LintResult{ + Status: lint.Error, + Details: fmt.Sprintf("The DNS name '%s' contains an underscore (_) character", dns), + } + } + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ocsp_id_pkix_ocsp_nocheck_ext_not_included_server_auth.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ocsp_id_pkix_ocsp_nocheck_ext_not_included_server_auth.go index 94c315977..6fd53b783 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ocsp_id_pkix_ocsp_nocheck_ext_not_included_server_auth.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ocsp_id_pkix_ocsp_nocheck_ext_not_included_server_auth.go @@ -30,12 +30,12 @@ func init() { Citation: "BRs: 4.9.9", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &OCSPIDPKIXOCSPNocheckExtNotIncludedServerAuth{}, + Lint: NewOCSPIDPKIXOCSPNocheckExtNotIncludedServerAuth, }) } -func (l *OCSPIDPKIXOCSPNocheckExtNotIncludedServerAuth) Initialize() error { - return nil +func NewOCSPIDPKIXOCSPNocheckExtNotIncludedServerAuth() lint.LintInterface { + return &OCSPIDPKIXOCSPNocheckExtNotIncludedServerAuth{} } func (l *OCSPIDPKIXOCSPNocheckExtNotIncludedServerAuth) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_root_ca_rsa_mod_less_than_2048_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_root_ca_rsa_mod_less_than_2048_bits.go index bff217863..9d9cc782e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_root_ca_rsa_mod_less_than_2048_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_root_ca_rsa_mod_less_than_2048_bits.go @@ -31,12 +31,12 @@ func init() { Citation: "BRs: 6.1.5", Source: lint.CABFBaselineRequirements, EffectiveDate: util.ZeroDate, - Lint: &rootCaModSize{}, + Lint: NewRootCaModSize, }) } -func (l *rootCaModSize) Initialize() error { - return nil +func NewRootCaModSize() lint.LintInterface { + return &rootCaModSize{} } func (l *rootCaModSize) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_ca_rsa_mod_less_than_1024_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_ca_rsa_mod_less_than_1024_bits.go index 974ef8c8d..0895100f6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_ca_rsa_mod_less_than_1024_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_ca_rsa_mod_less_than_1024_bits.go @@ -34,12 +34,12 @@ func init() { Source: lint.CABFBaselineRequirements, // since effective date should be checked against end date in this specific case, putting time check into checkApplies instead, ZeroDate here to automatically pass NE test EffectiveDate: util.ZeroDate, - Lint: &subCaModSize{}, + Lint: NewSubCaModSize, }) } -func (l *subCaModSize) Initialize() error { - return nil +func NewSubCaModSize() lint.LintInterface { + return &subCaModSize{} } func (l *subCaModSize) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_cert_rsa_mod_less_than_1024_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_cert_rsa_mod_less_than_1024_bits.go index 989f3ab42..e0fc1d586 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_cert_rsa_mod_less_than_1024_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_cert_rsa_mod_less_than_1024_bits.go @@ -32,12 +32,12 @@ func init() { Source: lint.CABFBaselineRequirements, // since effective date should be checked against end date in this specific case, putting time check into checkApplies instead, ZeroDate here to automatically pass NE test EffectiveDate: util.ZeroDate, - Lint: &subModSize{}, + Lint: NewSubModSize, }) } -func (l *subModSize) Initialize() error { - return nil +func NewSubModSize() lint.LintInterface { + return &subModSize{} } func (l *subModSize) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_organizational_unit_name_prohibited.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_organizational_unit_name_prohibited.go new file mode 100644 index 000000000..610ea156a --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_organizational_unit_name_prohibited.go @@ -0,0 +1,50 @@ +package cabf_br + +/* + * ZLint Copyright 2022 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_organizational_unit_name_prohibited", + Description: "OrganizationalUnitName is prohibited if...the certificate was issued on or after September 1, 2022", + Citation: "BRs: 7.1.4.2.2-i", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABFBRs_OU_Prohibited_Date, + Lint: NewOrganizationalUnitNameProhibited, + }) +} + +type OrganizationalUnitNameProhibited struct{} + +func NewOrganizationalUnitNameProhibited() lint.LintInterface { + return &OrganizationalUnitNameProhibited{} +} + +func (l *OrganizationalUnitNameProhibited) CheckApplies(c *x509.Certificate) bool { + return !c.IsCA +} + +func (l *OrganizationalUnitNameProhibited) Execute(c *x509.Certificate) *lint.LintResult { + if c.Subject.OrganizationalUnit != nil { + return &lint.LintResult{Status: lint.Error} + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_prohibit_dsa_usage.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_prohibit_dsa_usage.go new file mode 100644 index 000000000..0a9e9a2c0 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_prohibit_dsa_usage.go @@ -0,0 +1,50 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package cabf_br + +import ( + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type prohibitDSAUsage struct{} + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_br_prohibit_dsa_usage", + Description: "DSA was removed from the Baseline Requirements as a valid signature algorithm in 1.7.1.", + Citation: "BRs: v1.7.1", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABFBRs_1_7_1_Date, + Lint: NewProhibitDSAUsage, + }) +} + +func NewProhibitDSAUsage() lint.LintInterface { + return &prohibitDSAUsage{} +} + +func (l *prohibitDSAUsage) CheckApplies(c *x509.Certificate) bool { + return true +} + +func (l *prohibitDSAUsage) Execute(c *x509.Certificate) *lint.LintResult { + if c.PublicKeyAlgorithm == x509.DSA { + return &lint.LintResult{Status: lint.Error} + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_public_key_type_not_allowed.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_public_key_type_not_allowed.go index dcc9cc7f5..026f51f2c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_public_key_type_not_allowed.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_public_key_type_not_allowed.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 6.1.5", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &publicKeyAllowed{}, + Lint: NewPublicKeyAllowed, }) } -func (l *publicKeyAllowed) Initialize() error { - return nil +func NewPublicKeyAllowed() lint.LintInterface { + return &publicKeyAllowed{} } func (l *publicKeyAllowed) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_basic_constraints_path_len_constraint_field_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_basic_constraints_path_len_constraint_field_present.go index d62f41fd1..91efa0ce5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_basic_constraints_path_len_constraint_field_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_basic_constraints_path_len_constraint_field_present.go @@ -15,8 +15,7 @@ package cabf_br */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -37,12 +36,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &rootCaPathLenPresent{}, + Lint: NewRootCaPathLenPresent, }) } -func (l *rootCaPathLenPresent) Initialize() error { - return nil +func NewRootCaPathLenPresent() lint.LintInterface { + return &rootCaPathLenPresent{} } func (l *rootCaPathLenPresent) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_contains_cert_policy.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_contains_cert_policy.go index 170772616..078455a6b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_contains_cert_policy.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_contains_cert_policy.go @@ -34,12 +34,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &rootCAContainsCertPolicy{}, + Lint: NewRootCAContainsCertPolicy, }) } -func (l *rootCAContainsCertPolicy) Initialize() error { - return nil +func NewRootCAContainsCertPolicy() lint.LintInterface { + return &rootCAContainsCertPolicy{} } func (l *rootCAContainsCertPolicy) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_extended_key_usage_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_extended_key_usage_present.go index 843a2e89a..1d54b8a5c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_extended_key_usage_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_extended_key_usage_present.go @@ -34,12 +34,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &rootCAContainsEKU{}, + Lint: NewRootCAContainsEKU, }) } -func (l *rootCAContainsEKU) Initialize() error { - return nil +func NewRootCAContainsEKU() lint.LintInterface { + return &rootCAContainsEKU{} } func (l *rootCAContainsEKU) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_must_be_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_must_be_critical.go index 23167e8d9..023405150 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_must_be_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_must_be_critical.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.RFC2459Date, - Lint: &rootCAKeyUsageMustBeCritical{}, + Lint: NewRootCAKeyUsageMustBeCritical, }) } -func (l *rootCAKeyUsageMustBeCritical) Initialize() error { - return nil +func NewRootCAKeyUsageMustBeCritical() lint.LintInterface { + return &rootCAKeyUsageMustBeCritical{} } func (l *rootCAKeyUsageMustBeCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_present.go index 0fc91f40d..7dccd4ff4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_present.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.RFC2459Date, - Lint: &rootCAKeyUsagePresent{}, + Lint: NewRootCAKeyUsagePresent, }) } -func (l *rootCAKeyUsagePresent) Initialize() error { - return nil +func NewRootCAKeyUsagePresent() lint.LintInterface { + return &rootCAKeyUsagePresent{} } func (l *rootCAKeyUsagePresent) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_factors_smaller_than_752_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_factors_smaller_than_752_bits.go index 856a9882c..89954519f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_factors_smaller_than_752_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_factors_smaller_than_752_bits.go @@ -36,12 +36,12 @@ func init() { Citation: "BRs: 6.1.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV113Date, - Lint: &rsaModSmallFactor{}, + Lint: NewRsaModSmallFactor, }) } -func (l *rsaModSmallFactor) Initialize() error { - return nil +func NewRsaModSmallFactor() lint.LintInterface { + return &rsaModSmallFactor{} } func (l *rsaModSmallFactor) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_less_than_2048_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_less_than_2048_bits.go index 6e1fee4fd..3769f998c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_less_than_2048_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_less_than_2048_bits.go @@ -31,17 +31,17 @@ func init() { Citation: "BRs: 6.1.5", Source: lint.CABFBaselineRequirements, EffectiveDate: util.ZeroDate, - Lint: &rsaParsedTestsKeySize{}, + Lint: NewRsaParsedTestsKeySize, }) } -func (l *rsaParsedTestsKeySize) Initialize() error { - return nil +func NewRsaParsedTestsKeySize() lint.LintInterface { + return &rsaParsedTestsKeySize{} } func (l *rsaParsedTestsKeySize) CheckApplies(c *x509.Certificate) bool { _, ok := c.PublicKey.(*rsa.PublicKey) - return ok && c.PublicKeyAlgorithm == x509.RSA && c.NotAfter.After(util.NoRSA1024Date.Add(-1)) + return ok && c.PublicKeyAlgorithm == x509.RSA && util.OnOrAfter(c.NotAfter, util.NoRSA1024Date) } func (l *rsaParsedTestsKeySize) Execute(c *x509.Certificate) *lint.LintResult { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_not_odd.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_not_odd.go index 910d77d60..8ebbae7b6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_not_odd.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_not_odd.go @@ -37,12 +37,12 @@ func init() { Citation: "BRs: 6.1.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV113Date, - Lint: &rsaParsedTestsKeyModOdd{}, + Lint: NewRsaParsedTestsKeyModOdd, }) } -func (l *rsaParsedTestsKeyModOdd) Initialize() error { - return nil +func NewRsaParsedTestsKeyModOdd() lint.LintInterface { + return &rsaParsedTestsKeyModOdd{} } func (l *rsaParsedTestsKeyModOdd) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_in_range.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_in_range.go index 9015140bd..375718875 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_in_range.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_in_range.go @@ -39,14 +39,15 @@ func init() { Citation: "BRs: 6.1.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV113Date, - Lint: &rsaParsedTestsExpInRange{}, + Lint: NewRsaParsedTestsExpInRange, }) } -func (l *rsaParsedTestsExpInRange) Initialize() error { +func NewRsaParsedTestsExpInRange() lint.LintInterface { + l := &rsaParsedTestsExpInRange{} l.upperBound = &big.Int{} l.upperBound.Exp(big.NewInt(2), big.NewInt(256), nil) - return nil + return l } func (l *rsaParsedTestsExpInRange) CheckApplies(c *x509.Certificate) bool { @@ -57,8 +58,8 @@ func (l *rsaParsedTestsExpInRange) CheckApplies(c *x509.Certificate) bool { func (l *rsaParsedTestsExpInRange) Execute(c *x509.Certificate) *lint.LintResult { key := c.PublicKey.(*rsa.PublicKey) exponent := key.E - const lowerBound = 65536 // 2^16 + 1 - if exponent > lowerBound && l.upperBound.Cmp(big.NewInt(int64(exponent))) == 1 { + const lowerBound = 65537 // 2^16 + 1 + if exponent >= lowerBound && l.upperBound.Cmp(big.NewInt(int64(exponent))) == 1 { return &lint.LintResult{Status: lint.Pass} } return &lint.LintResult{Status: lint.Warn} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_odd.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_odd.go index 9b39ca649..fd669fec5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_odd.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_odd.go @@ -36,12 +36,12 @@ func init() { Citation: "BRs: 6.1.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV113Date, - Lint: &rsaParsedTestsKeyExpOdd{}, + Lint: NewRsaParsedTestsKeyExpOdd, }) } -func (l *rsaParsedTestsKeyExpOdd) Initialize() error { - return nil +func NewRsaParsedTestsKeyExpOdd() lint.LintInterface { + return &rsaParsedTestsKeyExpOdd{} } func (l *rsaParsedTestsKeyExpOdd) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_too_small.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_too_small.go index 76620a8b0..5735c9b96 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_too_small.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_too_small.go @@ -36,12 +36,12 @@ func init() { Citation: "BRs: 6.1.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV113Date, - Lint: &rsaParsedTestsExpBounds{}, + Lint: NewRsaParsedTestsExpBounds, }) } -func (l *rsaParsedTestsExpBounds) Initialize() error { - return nil +func NewRsaParsedTestsExpBounds() lint.LintInterface { + return &rsaParsedTestsExpBounds{} } func (l *rsaParsedTestsExpBounds) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_invalid.go index f3e2f8e60..59c89556c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_invalid.go @@ -84,12 +84,12 @@ func init() { Citation: "RFC 7686, EVGs v1.7.2: Appendix F, BRs v1.6.9: Appendix C", Source: lint.CABFBaselineRequirements, EffectiveDate: util.OnionOnlyEVDate, - Lint: &onionNotValid{}, + Lint: NewOnionNotValid, }) } -func (l *onionNotValid) Initialize() error { - return nil +func NewOnionNotValid() lint.LintInterface { + return &onionNotValid{} } // CheckApplies returns true if the certificate contains one or more subject diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_not_ev_cert.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_not_ev_cert.go index d26a277ed..ae6fbb7e0 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_not_ev_cert.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_not_ev_cert.go @@ -31,12 +31,12 @@ func init() { Citation: "CABF Ballot 144", Source: lint.CABFBaselineRequirements, EffectiveDate: util.OnionOnlyEVDate, - Lint: &onionNotEV{}, + Lint: NewOnionNotEV, }) } -func (l *onionNotEV) Initialize() error { - return nil +func NewOnionNotEV() lint.LintInterface { + return &onionNotEV{} } // This lint only applies for certificates issued before CA/Browser Forum diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_signature_algorithm_not_supported.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_signature_algorithm_not_supported.go index 2e25a3b78..fee64fc1c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_signature_algorithm_not_supported.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_signature_algorithm_not_supported.go @@ -61,12 +61,12 @@ func init() { Citation: "BRs: 6.1.5", Source: lint.CABFBaselineRequirements, EffectiveDate: util.ZeroDate, - Lint: &signatureAlgorithmNotSupported{}, + Lint: NewSignatureAlgorithmNotSupported, }) } -func (l *signatureAlgorithmNotSupported) Initialize() error { - return nil +func NewSignatureAlgorithmNotSupported() lint.LintInterface { + return &signatureAlgorithmNotSupported{} } func (l *signatureAlgorithmNotSupported) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_does_not_contain_issuing_ca_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_does_not_contain_issuing_ca_url.go index 0a4e7b14a..4b30db332 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_does_not_contain_issuing_ca_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_does_not_contain_issuing_ca_url.go @@ -39,12 +39,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCaIssuerUrl{}, + Lint: NewSubCaIssuerUrl, }) } -func (l *subCaIssuerUrl) Initialize() error { - return nil +func NewSubCaIssuerUrl() lint.LintInterface { + return &subCaIssuerUrl{} } func (l *subCaIssuerUrl) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_marked_critical.go index 247a1b8bc..15379bf3f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_marked_critical.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.ZeroDate, - Lint: &subCaAIAMarkedCritical{}, + Lint: NewSubCaAIAMarkedCritical, }) } -func (l *subCaAIAMarkedCritical) Initialize() error { - return nil +func NewSubCaAIAMarkedCritical() lint.LintInterface { + return &subCaAIAMarkedCritical{} } func (l *subCaAIAMarkedCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_marked_critical.go index a0932fc24..0358ccff4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_marked_critical.go @@ -34,12 +34,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCACertPolicyCrit{}, + Lint: NewSubCACertPolicyCrit, }) } -func (l *subCACertPolicyCrit) Initialize() error { - return nil +func NewSubCACertPolicyCrit() lint.LintInterface { + return &subCACertPolicyCrit{} } func (l *subCACertPolicyCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_missing.go index 636274e3e..e025c01e2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_missing.go @@ -34,12 +34,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCACertPolicyMissing{}, + Lint: NewSubCACertPolicyMissing, }) } -func (l *subCACertPolicyMissing) Initialize() error { - return nil +func NewSubCACertPolicyMissing() lint.LintInterface { + return &subCACertPolicyMissing{} } func (l *subCACertPolicyMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_does_not_contain_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_does_not_contain_url.go index 7e377534c..5544a966b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_does_not_contain_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_does_not_contain_url.go @@ -37,12 +37,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCACRLDistNoUrl{}, + Lint: NewSubCACRLDistNoUrl, }) } -func (l *subCACRLDistNoUrl) Initialize() error { - return nil +func NewSubCACRLDistNoUrl() lint.LintInterface { + return &subCACRLDistNoUrl{} } func (l *subCACRLDistNoUrl) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_marked_critical.go index a04c39f76..884f791d9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_marked_critical.go @@ -35,12 +35,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCACRLDistCrit{}, + Lint: NewSubCACRLDistCrit, }) } -func (l *subCACRLDistCrit) Initialize() error { - return nil +func NewSubCACRLDistCrit() lint.LintInterface { + return &subCACRLDistCrit{} } func (l *subCACRLDistCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_missing.go index 7f1236183..91244962d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_missing.go @@ -35,12 +35,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCACRLDistMissing{}, + Lint: NewSubCACRLDistMissing, }) } -func (l *subCACRLDistMissing) Initialize() error { - return nil +func NewSubCACRLDistMissing() lint.LintInterface { + return &subCACRLDistMissing{} } func (l *subCACRLDistMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_critical.go index 5bb416d41..9cae37883 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_critical.go @@ -37,12 +37,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV116Date, - Lint: &subCAEKUCrit{}, + Lint: NewSubCAEKUCrit, }) } -func (l *subCAEKUCrit) Initialize() error { - return nil +func NewSubCAEKUCrit() lint.LintInterface { + return &subCAEKUCrit{} } func (l *subCAEKUCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_missing.go index 31add62b3..93c2f7385 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_missing.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.5", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCAEKUMissing{}, + Lint: NewSubCAEKUMissing, }) } -func (l *subCAEKUMissing) Initialize() error { - return nil +func NewSubCAEKUMissing() lint.LintInterface { + return &subCAEKUMissing{} } func (l *subCAEKUMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_valid_fields.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_valid_fields.go index 1893dfcb2..875fd22c7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_valid_fields.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_valid_fields.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV116Date, - Lint: &subCAEKUValidFields{}, + Lint: NewSubCAEKUValidFields, }) } -func (l *subCAEKUValidFields) Initialize() error { - return nil +func NewSubCAEKUValidFields() lint.LintInterface { + return &subCAEKUValidFields{} } func (l *subCAEKUValidFields) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_name_constraints_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_name_constraints_not_critical.go index 24fb89932..fe6479e4b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_name_constraints_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_name_constraints_not_critical.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABV102Date, - Lint: &SubCANameConstraintsNotCritical{}, + Lint: NewSubCANameConstraintsNotCritical, }) } -func (l *SubCANameConstraintsNotCritical) Initialize() error { - return nil +func NewSubCANameConstraintsNotCritical() lint.LintInterface { + return &SubCANameConstraintsNotCritical{} } func (l *SubCANameConstraintsNotCritical) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_issuing_ca_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_issuing_ca_url.go index 2d8b98e34..c43a467e7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_issuing_ca_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_issuing_ca_url.go @@ -38,12 +38,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCertIssuerUrl{}, + Lint: NewSubCertIssuerUrl, }) } -func (l *subCertIssuerUrl) Initialize() error { - return nil +func NewSubCertIssuerUrl() lint.LintInterface { + return &subCertIssuerUrl{} } func (l *subCertIssuerUrl) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_ocsp_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_ocsp_url.go index 3bbd9bb05..ad0bf1f42 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_ocsp_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_ocsp_url.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCertOcspUrl{}, + Lint: NewSubCertOcspUrl, }) } -func (l *subCertOcspUrl) Initialize() error { - return nil +func NewSubCertOcspUrl() lint.LintInterface { + return &subCertOcspUrl{} } func (l *subCertOcspUrl) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_marked_critical.go index 7429b758e..aff407d1b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_marked_critical.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCertAiaMarkedCritical{}, + Lint: NewSubCertAiaMarkedCritical, }) } -func (l *subCertAiaMarkedCritical) Initialize() error { - return nil +func NewSubCertAiaMarkedCritical() lint.LintInterface { + return &subCertAiaMarkedCritical{} } func (l *subCertAiaMarkedCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_missing.go index 90278c403..2d4fb3d1f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_missing.go @@ -38,12 +38,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCertAiaMissing{}, + Lint: NewSubCertAiaMissing, }) } -func (l *subCertAiaMissing) Initialize() error { - return nil +func NewSubCertAiaMissing() lint.LintInterface { + return &subCertAiaMissing{} } func (l *subCertAiaMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_cert_policy_empty.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_cert_policy_empty.go index 5da91655f..aad92ba16 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_cert_policy_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_cert_policy_empty.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCertPolicyEmpty{}, + Lint: NewSubCertPolicyEmpty, }) } -func (l *subCertPolicyEmpty) Initialize() error { - return nil +func NewSubCertPolicyEmpty() lint.LintInterface { + return &subCertPolicyEmpty{} } func (l *subCertPolicyEmpty) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_marked_critical.go index da89e0f5e..4169b0f8d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_marked_critical.go @@ -35,12 +35,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCertPolicyCrit{}, + Lint: NewSubCertPolicyCrit, }) } -func (l *subCertPolicyCrit) Initialize() error { - return nil +func NewSubCertPolicyCrit() lint.LintInterface { + return &subCertPolicyCrit{} } func (l *subCertPolicyCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_missing.go index 95dbb20e8..ad1966447 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_missing.go @@ -35,12 +35,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCertPolicy{}, + Lint: NewSubCertPolicy, }) } -func (l *subCertPolicy) Initialize() error { - return nil +func NewSubCertPolicy() lint.LintInterface { + return &subCertPolicy{} } func (l *subCertPolicy) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_country_name_must_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_country_name_must_appear.go index 033407bc3..04dae16ce 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_country_name_must_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_country_name_must_appear.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABGivenNameDate, - Lint: &subCertCountryNameMustAppear{}, + Lint: NewSubCertCountryNameMustAppear, }) } -func (l *subCertCountryNameMustAppear) Initialize() error { - return nil +func NewSubCertCountryNameMustAppear() lint.LintInterface { + return &subCertCountryNameMustAppear{} } func (l *subCertCountryNameMustAppear) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_does_not_contain_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_does_not_contain_url.go index 7e81f60b8..1daf79dce 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_does_not_contain_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_does_not_contain_url.go @@ -38,12 +38,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCRLDistNoURL{}, + Lint: NewSubCRLDistNoURL, }) } -func (l *subCRLDistNoURL) Initialize() error { - return nil +func NewSubCRLDistNoURL() lint.LintInterface { + return &subCRLDistNoURL{} } func (l *subCRLDistNoURL) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_marked_critical.go index aa4cc8caa..e97969276 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_marked_critical.go @@ -36,12 +36,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCrlDistCrit{}, + Lint: NewSubCrlDistCrit, }) } -func (l *subCrlDistCrit) Initialize() error { - return nil +func NewSubCrlDistCrit() lint.LintInterface { + return &subCrlDistCrit{} } func (l *subCrlDistCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_extra_values.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_extra_values.go index cd75f5958..197809a56 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_extra_values.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_extra_values.go @@ -38,12 +38,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subExtKeyUsageLegalUsage{}, + Lint: NewSubExtKeyUsageLegalUsage, }) } -func (l *subExtKeyUsageLegalUsage) Initialize() error { - return nil +func NewSubExtKeyUsageLegalUsage() lint.LintInterface { + return &subExtKeyUsageLegalUsage{} } func (l *subExtKeyUsageLegalUsage) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_missing.go index b18bbad87..e769230fe 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_missing.go @@ -37,12 +37,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subExtKeyUsage{}, + Lint: NewSubExtKeyUsage, }) } -func (l *subExtKeyUsage) Initialize() error { - return nil +func NewSubExtKeyUsage() lint.LintInterface { + return &subExtKeyUsage{} } func (l *subExtKeyUsage) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_server_auth_client_auth_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_server_auth_client_auth_missing.go index 2ef26e02b..112824728 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_server_auth_client_auth_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_server_auth_client_auth_missing.go @@ -38,12 +38,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subExtKeyUsageClientOrServer{}, + Lint: NewSubExtKeyUsageClientOrServer, }) } -func (l *subExtKeyUsageClientOrServer) Initialize() error { - return nil +func NewSubExtKeyUsageClientOrServer() lint.LintInterface { + return &subExtKeyUsageClientOrServer{} } func (l *subExtKeyUsageClientOrServer) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_gn_sn_contains_policy.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_gn_sn_contains_policy.go index e8d49a5a9..04625aca4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_gn_sn_contains_policy.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_gn_sn_contains_policy.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABGivenNameDate, - Lint: &subCertSubjectGnOrSnContainsPolicy{}, + Lint: NewSubCertSubjectGnOrSnContainsPolicy, }) } -func (l *subCertSubjectGnOrSnContainsPolicy) Initialize() error { - return nil +func NewSubCertSubjectGnOrSnContainsPolicy() lint.LintInterface { + return &subCertSubjectGnOrSnContainsPolicy{} } func (l *subCertSubjectGnOrSnContainsPolicy) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_is_ca.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_is_ca.go index 0c014483d..c92d6522b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_is_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_is_ca.go @@ -15,8 +15,7 @@ package cabf_br */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -31,12 +30,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCertNotCA{}, + Lint: NewSubCertNotCA, }) } -func (l *subCertNotCA) Initialize() error { - return nil +func NewSubCertNotCA() lint.LintInterface { + return &subCertNotCA{} } func (l *subCertNotCA) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_cert_sign_bit_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_cert_sign_bit_set.go index 584b8a9fb..5ba2ea32c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_cert_sign_bit_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_cert_sign_bit_set.go @@ -35,12 +35,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCertKeyUsageBitSet{}, + Lint: NewSubCertKeyUsageBitSet, }) } -func (l *subCertKeyUsageBitSet) Initialize() error { - return nil +func NewSubCertKeyUsageBitSet() lint.LintInterface { + return &subCertKeyUsageBitSet{} } func (l *subCertKeyUsageBitSet) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_crl_sign_bit_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_crl_sign_bit_set.go index fb44f79ba..e802927d4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_crl_sign_bit_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_crl_sign_bit_set.go @@ -35,12 +35,12 @@ func init() { Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subCrlSignAllowed{}, + Lint: NewSubCrlSignAllowed, }) } -func (l *subCrlSignAllowed) Initialize() error { - return nil +func NewSubCrlSignAllowed() lint.LintInterface { + return &subCrlSignAllowed{} } func (l *subCrlSignAllowed) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_appear.go index 6333100d5..179bd3c3b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_appear.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABGivenNameDate, - Lint: &subCertLocalityNameMustAppear{}, + Lint: NewSubCertLocalityNameMustAppear, }) } -func (l *subCertLocalityNameMustAppear) Initialize() error { - return nil +func NewSubCertLocalityNameMustAppear() lint.LintInterface { + return &subCertLocalityNameMustAppear{} } func (l *subCertLocalityNameMustAppear) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_not_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_not_appear.go index eca2b8539..a55098115 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_not_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_not_appear.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABGivenNameDate, - Lint: &subCertLocalityNameMustNotAppear{}, + Lint: NewSubCertLocalityNameMustNotAppear, }) } -func (l *subCertLocalityNameMustNotAppear) Initialize() error { - return nil +func NewSubCertLocalityNameMustNotAppear() lint.LintInterface { + return &subCertLocalityNameMustNotAppear{} } func (l *subCertLocalityNameMustNotAppear) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_or_sub_ca_using_sha1.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_or_sub_ca_using_sha1.go index 157ce654e..dcecee34c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_or_sub_ca_using_sha1.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_or_sub_ca_using_sha1.go @@ -34,12 +34,12 @@ func init() { Citation: "BRs: 7.1.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.NO_SHA1, - Lint: &sigAlgTestsSHA1{}, + Lint: NewSigAlgTestsSHA1, }) } -func (l *sigAlgTestsSHA1) Initialize() error { - return nil +func NewSigAlgTestsSHA1() lint.LintInterface { + return &sigAlgTestsSHA1{} } func (l *sigAlgTestsSHA1) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_postal_code_prohibited.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_postal_code_prohibited.go index f62129005..16f5c3d81 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_postal_code_prohibited.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_postal_code_prohibited.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABGivenNameDate, - Lint: &subCertPostalCodeMustNotAppear{}, + Lint: NewSubCertPostalCodeMustNotAppear, }) } -func (l *subCertPostalCodeMustNotAppear) Initialize() error { - return nil +func NewSubCertPostalCodeMustNotAppear() lint.LintInterface { + return &subCertPostalCodeMustNotAppear{} } func (l *subCertPostalCodeMustNotAppear) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_appear.go index ec4603930..81ba9aabf 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_appear.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABGivenNameDate, - Lint: &subCertProvinceMustAppear{}, + Lint: NewSubCertProvinceMustAppear, }) } -func (l *subCertProvinceMustAppear) Initialize() error { - return nil +func NewSubCertProvinceMustAppear() lint.LintInterface { + return &subCertProvinceMustAppear{} } func (l *subCertProvinceMustAppear) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_not_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_not_appear.go index b61fdca2e..c0bd32dd4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_not_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_not_appear.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABGivenNameDate, - Lint: &subCertProvinceMustNotAppear{}, + Lint: NewSubCertProvinceMustNotAppear, }) } -func (l *subCertProvinceMustNotAppear) Initialize() error { - return nil +func NewSubCertProvinceMustNotAppear() lint.LintInterface { + return &subCertProvinceMustNotAppear{} } func (l *subCertProvinceMustNotAppear) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_sha1_expiration_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_sha1_expiration_too_long.go index 533584d17..69efa499d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_sha1_expiration_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_sha1_expiration_too_long.go @@ -37,13 +37,13 @@ func init() { Description: "Subscriber certificates using the SHA-1 algorithm SHOULD NOT have an expiration date later than 1 Jan 2017", Citation: "BRs: 7.1.3", Source: lint.CABFBaselineRequirements, - EffectiveDate: time.Date(2015, time.January, 16, 0, 0, 0, 0, time.UTC), - Lint: &sha1ExpireLong{}, + EffectiveDate: util.CABFBRs_1_2_1_Date, + Lint: NewSha1ExpireLong, }) } -func (l *sha1ExpireLong) Initialize() error { - return nil +func NewSha1ExpireLong() lint.LintInterface { + return &sha1ExpireLong{} } func (l *sha1ExpireLong) CheckApplies(c *x509.Certificate) bool { @@ -52,8 +52,10 @@ func (l *sha1ExpireLong) CheckApplies(c *x509.Certificate) bool { c.SignatureAlgorithm == x509.ECDSAWithSHA1) } +var sha1SunsetDate = time.Date(2017, time.January, 1, 0, 0, 0, 0, time.UTC) + func (l *sha1ExpireLong) Execute(c *x509.Certificate) *lint.LintResult { - if c.NotAfter.After(time.Date(2017, time.January, 1, 0, 0, 0, 0, time.UTC)) { + if c.NotAfter.After(sha1SunsetDate) { return &lint.LintResult{Status: lint.Warn} } else { return &lint.LintResult{Status: lint.Pass} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_street_address_should_not_exist.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_street_address_should_not_exist.go index 9f3b39c7a..3ce211338 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_street_address_should_not_exist.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_street_address_should_not_exist.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABGivenNameDate, - Lint: &subCertStreetAddressShouldNotExist{}, + Lint: NewSubCertStreetAddressShouldNotExist, }) } -func (l *subCertStreetAddressShouldNotExist) Initialize() error { - return nil +func NewSubCertStreetAddressShouldNotExist() lint.LintInterface { + return &subCertStreetAddressShouldNotExist{} } func (l *subCertStreetAddressShouldNotExist) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_39_months.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_39_months.go index 9a2e8d8fd..00d8a76d5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_39_months.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_39_months.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 6.3.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.SubCert39Month, - Lint: &subCertValidTimeLongerThan39Months{}, + Lint: NewSubCertValidTimeLongerThan39Months, }) } -func (l *subCertValidTimeLongerThan39Months) Initialize() error { - return nil +func NewSubCertValidTimeLongerThan39Months() lint.LintInterface { + return &subCertValidTimeLongerThan39Months{} } func (l *subCertValidTimeLongerThan39Months) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_825_days.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_825_days.go index 687a1c50e..4c1644071 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_825_days.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_825_days.go @@ -29,12 +29,12 @@ func init() { Citation: "BRs: 6.3.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.SubCert825Days, - Lint: &subCertValidTimeLongerThan825Days{}, + Lint: NewSubCertValidTimeLongerThan825Days, }) } -func (l *subCertValidTimeLongerThan825Days) Initialize() error { - return nil +func NewSubCertValidTimeLongerThan825Days() lint.LintInterface { + return &subCertValidTimeLongerThan825Days{} } func (l *subCertValidTimeLongerThan825Days) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_included.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_included.go index 9ded4d9b9..03f194e02 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_included.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_included.go @@ -34,12 +34,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &commonNames{}, + Lint: NewCommonNames, }) } -func (l *commonNames) Initialize() error { - return nil +func NewCommonNames() lint.LintInterface { + return &commonNames{} } func (l *commonNames) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_exactly_from_san.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_exactly_from_san.go new file mode 100644 index 000000000..0c6acfdee --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_exactly_from_san.go @@ -0,0 +1,82 @@ +package cabf_br + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "fmt" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type subjectCommonNameNotExactlyFromSAN struct{} + +/************************************************ +If present, this field MUST contain exactly one entry that is one of the values contained +in the Certificate's `subjectAltName` extension + +If the [subject:commonName] is a Fully-Qualified Domain Name or Wildcard Domain Name, then +the value MUST be encoded as a character-for-character copy of the dNSName entry value from +the subjectAltName extension. +************************************************/ + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_subject_common_name_not_exactly_from_san", + Description: "The common name field in subscriber certificates must include only names from the SAN extension", + Citation: "BRs: 7.1.4.2.2", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABFBRs_1_8_0_Date, + Lint: NewSubjectCommonNameNotExactlyFromSAN, + }) +} + +func NewSubjectCommonNameNotExactlyFromSAN() lint.LintInterface { + return &subjectCommonNameNotExactlyFromSAN{} +} + +func (l *subjectCommonNameNotExactlyFromSAN) CheckApplies(c *x509.Certificate) bool { + return len(c.Subject.CommonNames) > 0 && !util.IsCACert(c) +} + +func (l *subjectCommonNameNotExactlyFromSAN) Execute(c *x509.Certificate) *lint.LintResult { + for _, cn := range c.Subject.CommonNames { + var cnFound = false + for _, dn := range c.DNSNames { + if cn == dn { + cnFound = true + break + } + } + if cnFound { + continue + } + + for _, ip := range c.IPAddresses { + if cn == ip.String() { + cnFound = true + break + } + } + if cnFound { + continue + } + + return &lint.LintResult{Status: lint.Error, Details: fmt.Sprintf("Missing common name, '%s'", cn)} + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_from_san.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_from_san.go index ae8f382b8..305f17189 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_from_san.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_from_san.go @@ -33,17 +33,18 @@ contained in the Certificate’s subjectAltName extension (see Section 7.1.4.2.1 func init() { lint.RegisterLint(&lint.Lint{ - Name: "e_subject_common_name_not_from_san", - Description: "The common name field in subscriber certificates must include only names from the SAN extension", - Citation: "BRs: 7.1.4.2.2", - Source: lint.CABFBaselineRequirements, - EffectiveDate: util.CABEffectiveDate, - Lint: &subjectCommonNameNotFromSAN{}, + Name: "e_subject_common_name_not_from_san", + Description: "The common name field in subscriber certificates must include only names from the SAN extension", + Citation: "BRs: 7.1.4.2.2", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABEffectiveDate, + IneffectiveDate: util.CABFBRs_1_8_0_Date, + Lint: NewSubjectCommonNameNotFromSAN, }) } -func (l *subjectCommonNameNotFromSAN) Initialize() error { - return nil +func NewSubjectCommonNameNotFromSAN() lint.LintInterface { + return &subjectCommonNameNotFromSAN{} } func (l *subjectCommonNameNotFromSAN) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_malformed_arpa_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_malformed_arpa_ip.go index 6ecea2ff0..fac5422d6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_malformed_arpa_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_malformed_arpa_ip.go @@ -48,15 +48,16 @@ func init() { Citation: "BRs: 3.2.2.6", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &arpaMalformedIP{}, + Lint: NewArpaMalformedIP, }) } +func NewArpaMalformedIP() lint.LintInterface { + return &arpaMalformedIP{} +} + // Initialize for an arpaMalformedIP linter is a NOP to statisfy linting // interfaces. -func (l *arpaMalformedIP) Initialize() error { - return nil -} // CheckApplies returns true if the certificate contains any names that end in // one of the two designated zones for reverse DNS: in-addr.arpa or ip6.arpa. diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_noninformational_value.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_noninformational_value.go index fefe63e20..f622e5312 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_noninformational_value.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_noninformational_value.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &illegalChar{}, + Lint: NewIllegalChar, }) } -func (l *illegalChar) Initialize() error { - return nil +func NewIllegalChar() lint.LintInterface { + return &illegalChar{} } func (l *illegalChar) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_organizational_unit_name_and_no_organization_name.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_organizational_unit_name_and_no_organization_name.go new file mode 100644 index 000000000..9f49f8e10 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_organizational_unit_name_and_no_organization_name.go @@ -0,0 +1,60 @@ +package cabf_br + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type SubjectContainsOrganizationalUnitNameButNoOrganizationName struct{} + +/************************************************ +BRs: 7.1.4.2.2 +Certificate Field: subject:organizationalUnitName (OID: 2.5.4.11) +Required/Optional: Deprecated. Prohibited if the +subject:organizationName is absent or the certificate is issued on or after +September 1, 2022. +This lint check the first requirement, i.e.: Prohibited if the subject:organizationName is absent. +************************************************/ + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_subject_contains_organizational_unit_name_and_no_organization_name", + Description: "If a subject organization name is absent then an organizational unit name MUST NOT be included in subject", + Citation: "BRs: 7.1.4.2.2", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABFBRs_1_7_9_Date, + Lint: NewSubjectContainsOrganizationalUnitNameButNoOrganizationName, + }) +} + +func NewSubjectContainsOrganizationalUnitNameButNoOrganizationName() lint.LintInterface { + return &SubjectContainsOrganizationalUnitNameButNoOrganizationName{} +} + +func (l *SubjectContainsOrganizationalUnitNameButNoOrganizationName) CheckApplies(cert *x509.Certificate) bool { + return util.TypeInName(&cert.Subject, util.OrganizationalUnitNameOID) +} + +func (l *SubjectContainsOrganizationalUnitNameButNoOrganizationName) Execute(cert *x509.Certificate) *lint.LintResult { + + if !util.TypeInName(&cert.Subject, util.OrganizationNameOID) { + return &lint.LintResult{Status: lint.Error, Details: "subject:organizationalUnitName is prohibited if subject:organizationName is absent"} + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_arpa_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_arpa_ip.go index 37b2d69f7..3410cec12 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_arpa_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_arpa_ip.go @@ -61,15 +61,16 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &arpaReservedIP{}, + Lint: NewArpaReservedIP, }) } +func NewArpaReservedIP() lint.LintInterface { + return &arpaReservedIP{} +} + // Initialize for an arpaReservedIP linter is a NOP to statisfy linting // interfaces. -func (l *arpaReservedIP) Initialize() error { - return nil -} // CheckApplies returns true if the certificate contains any names that end in // one of the two designated zones for reverse DNS: in-addr.arpa or ip6.arpa. diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_ip.go index 6547857bc..e35c9d849 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_ip.go @@ -40,12 +40,12 @@ func init() { Citation: "BRs: 7.1.4.2.1", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &subjectReservedIP{}, + Lint: NewSubjectReservedIP, }) } -func (l *subjectReservedIP) Initialize() error { - return nil +func NewSubjectReservedIP() lint.LintInterface { + return &subjectReservedIP{} } func (l *subjectReservedIP) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_country_not_iso.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_country_not_iso.go index 71389890f..306193dad 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_country_not_iso.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_country_not_iso.go @@ -39,12 +39,12 @@ func init() { Citation: "BRs: 7.1.4.2.2", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, - Lint: &countryNotIso{}, + Lint: NewCountryNotIso, }) } -func (l *countryNotIso) Initialize() error { - return nil +func NewCountryNotIso() lint.LintInterface { + return &countryNotIso{} } func (l *countryNotIso) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_public_key_info_improper_algorithm_object_identifier_encoding.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_public_key_info_improper_algorithm_object_identifier_encoding.go new file mode 100644 index 000000000..315580135 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_public_key_info_improper_algorithm_object_identifier_encoding.go @@ -0,0 +1,88 @@ +package cabf_br + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "bytes" + "encoding/hex" + "fmt" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type algorithmObjectIdentifierEncoding struct{} + +/************************************************ +This lint refers to CAB Baseline Requirements (Version 1.7.4) chapter 7.1.3.1, which defines the +required encodings of AlgorithmObjectIdentifiers inside a SubjectPublicKeyInfo field. + +Section 7.1.3.1.1: When encoded, the AlgorithmIdentifier for RSA keys MUST be byte‐for‐byte +identical with the following hex‐encoded bytes: 300d06092a864886f70d0101010500 + +Section 7.1.3.1.2: When encoded, the AlgorithmIdentifier for ECDSA keys MUST be +byte‐for‐byte identical with the following hex‐encoded bytes: +For P‐256 keys: 301306072a8648ce3d020106082a8648ce3d030107 +For P‐384 keys: 301006072a8648ce3d020106052b81040022 +For P‐521 keys: 301006072a8648ce3d020106052b81040023 +************************************************/ +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_algorithm_identifier_improper_encoding", + Description: "Encoded AlgorithmObjectIdentifier objects inside a SubjectPublicKeyInfo field " + + "MUST comply with specified byte sequences.", + Citation: "BRs: 7.1.3.1", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABFBRs_1_7_1_Date, + Lint: NewAlgorithmObjectIdentifierEncoding, + }) +} + +func NewAlgorithmObjectIdentifierEncoding() lint.LintInterface { + return &algorithmObjectIdentifierEncoding{} +} + +var allowedPublicKeyEncodings = [4][]byte{ + // encoded AlgorithmIdentifier for an RSA key + {0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00}, + // encoded AlgorithmIdentifier for a P-256 key + {0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07}, + // encoded AlgorithmIdentifier for a P-384 key + {0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22}, + // encoded AlgorithmIdentifier for a P-521 key + {0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x23}, +} + +func (l *algorithmObjectIdentifierEncoding) CheckApplies(c *x509.Certificate) bool { + // always check if the public key is one of the four explicitly specified encodings + return true +} + +func (l *algorithmObjectIdentifierEncoding) Execute(c *x509.Certificate) *lint.LintResult { + + rawAlgorithmIdentifier, err := util.GetPublicKeyAidEncoded(c) + if err != nil { + return &lint.LintResult{Status: lint.Fatal, Details: "error parsing SubjectPublicKeyInfo"} + } + + for _, encoding := range allowedPublicKeyEncodings { + if bytes.Equal(rawAlgorithmIdentifier, encoding) { + return &lint.LintResult{Status: lint.Pass} + } + } + + return &lint.LintResult{Status: lint.Error, Details: fmt.Sprintf("The encoded AlgorithmObjectIdentifier %q inside the SubjectPublicKeyInfo field is not allowed", hex.EncodeToString(rawAlgorithmIdentifier))} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_underscore_not_permissible_in_dnsname.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_underscore_not_permissible_in_dnsname.go new file mode 100644 index 000000000..a81b1ba3a --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_underscore_not_permissible_in_dnsname.go @@ -0,0 +1,54 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package cabf_br + +import ( + "fmt" + "strings" + + "github.com/zmap/zlint/v3/util" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" +) + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_underscore_not_permissible_in_dnsname", + Description: "DNSNames MUST NOT contain underscore characters", + Citation: "BR 7.1.4.2.1", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABFBRs_1_6_2_UnderscorePermissibilitySunsetDate, + Lint: func() lint.LintInterface { return &UnderscoreNotPermissibleInDNSName{} }, + }) +} + +type UnderscoreNotPermissibleInDNSName struct{} + +func (l *UnderscoreNotPermissibleInDNSName) CheckApplies(c *x509.Certificate) bool { + return util.IsSubscriberCert(c) && util.DNSNamesExist(c) +} + +func (l *UnderscoreNotPermissibleInDNSName) Execute(c *x509.Certificate) *lint.LintResult { + for _, dns := range c.DNSNames { + if strings.Contains(dns, "_") { + return &lint.LintResult{ + Status: lint.Error, + Details: fmt.Sprintf("The DNS name '%s' contains an underscore (_) character", dns), + } + } + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_w_sub_ca_aia_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_w_sub_ca_aia_missing.go new file mode 100644 index 000000000..6b09cb6e4 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_w_sub_ca_aia_missing.go @@ -0,0 +1,58 @@ +package cabf_br + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type caAiaShouldNotBeMissing struct{} + +/*********************************************** +CAB BR 1.7.1 Section 7.1.2.2c - authorityInformationAccess +This extension SHOULD be present. It MUST NOT be marked critical. +It SHOULD contain the HTTP URL of the Issuing CA’s certificate (accessMethod = +1.3.6.1.5.5.7.48.2). It MAY contain the HTTP URL of the Issuing CA’s OCSP responder +(accessMethod = 1.3.6.1.5.5.7.48.1). +************************************************/ + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "w_sub_ca_aia_missing", + Description: "Subordinate CA Certificate: authorityInformationAccess SHOULD be present.", + Citation: "BRs: 7.1.2.2", + Source: lint.CABFBaselineRequirements, + EffectiveDate: util.CABFBRs_1_7_1_Date, + Lint: NewCaAiaShouldNotBeMissing, + }) +} + +func NewCaAiaShouldNotBeMissing() lint.LintInterface { + return &caAiaShouldNotBeMissing{} +} + +func (l *caAiaShouldNotBeMissing) CheckApplies(c *x509.Certificate) bool { + return util.IsCACert(c) && !util.IsRootCA(c) +} + +func (l *caAiaShouldNotBeMissing) Execute(c *x509.Certificate) *lint.LintResult { + if util.IsExtInCert(c, util.AiaOID) { + return &lint.LintResult{Status: lint.Pass} + } else { + return &lint.LintResult{Status: lint.Warn} + } +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_business_category_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_business_category_missing.go index 469b12c3e..1e16216a2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_business_category_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_business_category_missing.go @@ -29,12 +29,12 @@ func init() { Citation: "EVGs: 9.2.3", Source: lint.CABFEVGuidelines, EffectiveDate: util.ZeroDate, - Lint: &evNoBiz{}, + Lint: NewEvNoBiz, }) } -func (l *evNoBiz) Initialize() error { - return nil +func NewEvNoBiz() lint.LintInterface { + return &evNoBiz{} } func (l *evNoBiz) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_country_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_country_name_missing.go index fe9d71557..6763501f7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_country_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_country_name_missing.go @@ -29,12 +29,12 @@ func init() { Citation: "EVGs: 9.2.4", Source: lint.CABFEVGuidelines, EffectiveDate: util.ZeroDate, - Lint: &evCountryMissing{}, + Lint: NewEvCountryMissing, }) } -func (l *evCountryMissing) Initialize() error { - return nil +func NewEvCountryMissing() lint.LintInterface { + return &evCountryMissing{} } func (l *evCountryMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_not_wildcard.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_not_wildcard.go new file mode 100644 index 000000000..12c55ec6d --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_not_wildcard.go @@ -0,0 +1,58 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package cabf_ev + +import ( + "fmt" + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_ev_not_wildcard", + Description: "Wildcard certificates are not allowed for EV Certificates except for those with .onion as the TLD.", + Citation: "CABF EV Guidelines 1.7.8 Section 9.8.1", + Source: lint.CABFEVGuidelines, + EffectiveDate: util.OnionOnlyEVDate, + Lint: NewEvNotWildCard, + }) +} + +type EvNotWildCard struct{} + +func NewEvNotWildCard() lint.LintInterface { + return &EvNotWildCard{} +} + +func (l *EvNotWildCard) CheckApplies(c *x509.Certificate) bool { + return util.IsEV(c.PolicyIdentifiers) +} + +func (l *EvNotWildCard) Execute(c *x509.Certificate) *lint.LintResult { + names := append(c.GetParsedDNSNames(false), c.GetParsedSubjectCommonName(false)) + for _, name := range names { + if name.ParseError != nil { + continue + } + if strings.Contains(name.DomainString, "*") && !strings.HasSuffix(name.DomainString, util.OnionTLD) { + return &lint.LintResult{Status: lint.Error, Details: fmt.Sprintf("'%s' appears to be a wildcard domain", name.DomainString)} + } + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_id_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_id_missing.go index fca799b72..26cacc80f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_id_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_id_missing.go @@ -30,12 +30,12 @@ func init() { Citation: "CA/Browser Forum EV Guidelines v1.7.0, Sec. 9.8.2", Source: lint.CABFEVGuidelines, EffectiveDate: util.CABFEV_9_8_2, - Lint: &evOrgIdExtMissing{}, + Lint: NewEvOrgIdExtMissing, }) } -func (l *evOrgIdExtMissing) Initialize() error { - return nil +func NewEvOrgIdExtMissing() lint.LintInterface { + return &evOrgIdExtMissing{} } func (l *evOrgIdExtMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_name_missing.go index 34ceb20bf..ecd64eac8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_name_missing.go @@ -29,12 +29,12 @@ func init() { Citation: "EVGs: 9.2.1", Source: lint.CABFEVGuidelines, EffectiveDate: util.ZeroDate, - Lint: &evOrgMissing{}, + Lint: NewEvOrgMissing, }) } -func (l *evOrgMissing) Initialize() error { - return nil +func NewEvOrgMissing() lint.LintInterface { + return &evOrgMissing{} } func (l *evOrgMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_san_ip_address_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_san_ip_address_present.go new file mode 100644 index 000000000..7e9deafe8 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_san_ip_address_present.go @@ -0,0 +1,49 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package cabf_ev + +import ( + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_ev_san_ip_address_present", + Description: "The Subject Alternate Name extension MUST contain only 'dnsName' name types.", + Citation: "CABF EV Guidelines 1.7.8 Section 9.8.1", + Source: lint.CABFEVGuidelines, + EffectiveDate: util.ZeroDate, + Lint: NewEvSanIpAddressPresent, + }) +} + +type EvSanIpAddressPresent struct{} + +func NewEvSanIpAddressPresent() lint.LintInterface { + return &EvSanIpAddressPresent{} +} + +func (l *EvSanIpAddressPresent) CheckApplies(c *x509.Certificate) bool { + return util.IsEV(c.PolicyIdentifiers) +} + +func (l *EvSanIpAddressPresent) Execute(c *x509.Certificate) *lint.LintResult { + if len(c.IPAddresses) > 0 { + return &lint.LintResult{Status: lint.Error} + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_serial_number_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_serial_number_missing.go index bfbfb04ad..bb0a5bca4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_serial_number_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_serial_number_missing.go @@ -29,12 +29,12 @@ func init() { Citation: "EVGs: 9.2.6", Source: lint.CABFEVGuidelines, EffectiveDate: util.ZeroDate, - Lint: &evSNMissing{}, + Lint: NewEvSNMissing, }) } -func (l *evSNMissing) Initialize() error { - return nil +func NewEvSNMissing() lint.LintInterface { + return &evSNMissing{} } func (l *evSNMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_valid_time_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_valid_time_too_long.go index e796a443a..67b4cded4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_valid_time_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_valid_time_too_long.go @@ -29,12 +29,12 @@ func init() { Citation: "EVGs 1.0: 8(a), EVGs 1.6.1: 9.4", Source: lint.CABFEVGuidelines, EffectiveDate: util.ZeroDate, - Lint: &evValidTooLong{}, + Lint: NewEvValidTooLong, }) } -func (l *evValidTooLong) Initialize() error { - return nil +func NewEvValidTooLong() lint.LintInterface { + return &evValidTooLong{} } func (l *evValidTooLong) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_onion_subject_validity_time_too_large.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_onion_subject_validity_time_too_large.go index 1efedcb00..83672ee42 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_onion_subject_validity_time_too_large.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_onion_subject_validity_time_too_large.go @@ -41,15 +41,16 @@ func init() { Citation: "EVGs: Appendix F", Source: lint.CABFEVGuidelines, EffectiveDate: util.OnionOnlyEVDate, - Lint: &torValidityTooLarge{}, + Lint: NewTorValidityTooLarge, }) } -// Initialize for a torValidityTooLarge linter is a NOP. -func (l *torValidityTooLarge) Initialize() error { - return nil +func NewTorValidityTooLarge() lint.LintInterface { + return &torValidityTooLarge{} } +// Initialize for a torValidityTooLarge linter is a NOP. + // CheckApplies returns true if the certificate is a subscriber certificate that // contains a subject name ending in `.onion`. func (l *torValidityTooLarge) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_bare_wildcard.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_bare_wildcard.go index 6629efb37..29870e50b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_bare_wildcard.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_bare_wildcard.go @@ -31,12 +31,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &brIANBareWildcard{}, + Lint: NewBrIANBareWildcard, }) } -func (l *brIANBareWildcard) Initialize() error { - return nil +func NewBrIANBareWildcard() lint.LintInterface { + return &brIANBareWildcard{} } func (l *brIANBareWildcard) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_includes_null_char.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_includes_null_char.go index 9e29904b6..5b21e7dfc 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_includes_null_char.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_includes_null_char.go @@ -29,12 +29,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &IANDNSNull{}, + Lint: NewIANDNSNull, }) } -func (l *IANDNSNull) Initialize() error { - return nil +func NewIANDNSNull() lint.LintInterface { + return &IANDNSNull{} } func (l *IANDNSNull) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_starts_with_period.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_starts_with_period.go index e42fd7756..d81e57c10 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_starts_with_period.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_starts_with_period.go @@ -31,12 +31,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &IANDNSPeriod{}, + Lint: NewIANDNSPeriod, }) } -func (l *IANDNSPeriod) Initialize() error { - return nil +func NewIANDNSPeriod() lint.LintInterface { + return &IANDNSPeriod{} } func (l *IANDNSPeriod) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_iana_pub_suffix_empty.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_iana_pub_suffix_empty.go index 290425045..e733445c5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_iana_pub_suffix_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_iana_pub_suffix_empty.go @@ -31,12 +31,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &IANPubSuffix{}, + Lint: NewIANPubSuffix, }) } -func (l *IANPubSuffix) Initialize() error { - return nil +func NewIANPubSuffix() lint.LintInterface { + return &IANPubSuffix{} } func (l *IANPubSuffix) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_wildcard_not_first.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_wildcard_not_first.go index e9a4693b9..b93f9de1c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_wildcard_not_first.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_wildcard_not_first.go @@ -29,12 +29,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &brIANWildcardFirst{}, + Lint: NewBrIANWildcardFirst, }) } -func (l *brIANWildcardFirst) Initialize() error { - return nil +func NewBrIANWildcardFirst() lint.LintInterface { + return &brIANWildcardFirst{} } func (l *brIANWildcardFirst) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_is_redacted_cert.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_is_redacted_cert.go index 74910d67a..0612a3bec 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_is_redacted_cert.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_is_redacted_cert.go @@ -31,12 +31,12 @@ func init() { Source: lint.Community, Citation: "IETF Draft: https://tools.ietf.org/id/draft-strad-trans-redaction-00.html", EffectiveDate: util.ZeroDate, - Lint: &DNSNameRedacted{}, + Lint: NewDNSNameRedacted, }) } -func (l *DNSNameRedacted) Initialize() error { - return nil +func NewDNSNameRedacted() lint.LintInterface { + return &DNSNameRedacted{} } func (l *DNSNameRedacted) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_leading_whitespace.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_leading_whitespace.go index 7c87b5195..6fe3646ed 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_leading_whitespace.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_leading_whitespace.go @@ -29,12 +29,12 @@ func init() { Citation: "lint.AWSLabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &IssuerDNLeadingSpace{}, + Lint: NewIssuerDNLeadingSpace, }) } -func (l *IssuerDNLeadingSpace) Initialize() error { - return nil +func NewIssuerDNLeadingSpace() lint.LintInterface { + return &IssuerDNLeadingSpace{} } func (l *IssuerDNLeadingSpace) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_trailing_whitespace.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_trailing_whitespace.go index 67c69206b..3f24a3bfc 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_trailing_whitespace.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_trailing_whitespace.go @@ -29,12 +29,12 @@ func init() { Citation: "lint.AWSLabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &IssuerDNTrailingSpace{}, + Lint: NewIssuerDNTrailingSpace, }) } -func (l *IssuerDNTrailingSpace) Initialize() error { - return nil +func NewIssuerDNTrailingSpace() lint.LintInterface { + return &IssuerDNTrailingSpace{} } func (l *IssuerDNTrailingSpace) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_multiple_rdn.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_multiple_rdn.go index 780e65100..56b20cc08 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_multiple_rdn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_multiple_rdn.go @@ -15,8 +15,7 @@ package community */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zcrypto/x509/pkix" "github.com/zmap/zlint/v3/lint" @@ -32,12 +31,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &IssuerRDNHasMultipleAttribute{}, + Lint: NewIssuerRDNHasMultipleAttribute, }) } -func (l *IssuerRDNHasMultipleAttribute) Initialize() error { - return nil +func NewIssuerRDNHasMultipleAttribute() lint.LintInterface { + return &IssuerRDNHasMultipleAttribute{} } func (l *IssuerRDNHasMultipleAttribute) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_exp_negative.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_exp_negative.go index 03e948715..870fad637 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_exp_negative.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_exp_negative.go @@ -31,12 +31,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &rsaExpNegative{}, + Lint: NewRsaExpNegative, }) } -func (l *rsaExpNegative) Initialize() error { - return nil +func NewRsaExpNegative() lint.LintInterface { + return &rsaExpNegative{} } func (l *rsaExpNegative) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_fermat_factorization.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_fermat_factorization.go new file mode 100644 index 000000000..76ed8c526 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_fermat_factorization.go @@ -0,0 +1,121 @@ +package community + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "crypto/rsa" + "fmt" + "math/big" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type fermatFactorization struct { + Rounds int `comment:"The number of iterations to attempt Fermat factorization. Note that when executing this lint against many (tens of thousands of certificates) that this configuration may have a profound affect on performance. For more information, please see https://fermatattack.secvuln.info/"` +} + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_rsa_fermat_factorization", + Description: "RSA key pairs that are too close to each other are susceptible to the Fermat Factorization " + + "Method (for more information please see https://en.wikipedia.org/wiki/Fermat%27s_factorization_method " + + "and https://fermatattack.secvuln.info/)", + Citation: "Pierre de Fermat", + Source: lint.Community, + EffectiveDate: util.ZeroDate, + Lint: NewFermatFactorization, + }) +} + +func NewFermatFactorization() lint.LintInterface { + return &fermatFactorization{Rounds: 100} +} + +func (l *fermatFactorization) Configure() interface{} { + return l +} + +func (l *fermatFactorization) CheckApplies(c *x509.Certificate) bool { + _, ok := c.PublicKey.(*rsa.PublicKey) + return ok && c.PublicKeyAlgorithm == x509.RSA +} + +func (l *fermatFactorization) Execute(c *x509.Certificate) *lint.LintResult { + err := checkPrimeFactorsTooClose(c.PublicKey.(*rsa.PublicKey).N, l.Rounds) + if err != nil { + return &lint.LintResult{ + Status: lint.Error, + Details: fmt.Sprintf("this certificate's RSA key pair is susceptible to Fermat factorization, %s", err.Error())} + } else { + return &lint.LintResult{Status: lint.Pass} + } +} + +// Source: Let's Encrypt, Boulder +// Author: Aaron Gable (https://github.com/aarongable) +// Commit: https://github.com/letsencrypt/boulder/commit/89000bd61cfc6f373cb48b6f046d4fce7df5468e +// +// Returns an error if the modulus n is able to be factored into primes p and q +// via Fermat's factorization method. This method relies on the two primes being +// very close together, which means that they were almost certainly not picked +// independently from a uniform random distribution. Basically, if we can factor +// the key this easily, so can anyone else. +func checkPrimeFactorsTooClose(n *big.Int, rounds int) error { + // Pre-allocate some big numbers that we'll use a lot down below. + one := big.NewInt(1) + bb := new(big.Int) + + // Any odd integer is equal to a difference of squares of integers: + // n = a^2 - b^2 = (a + b)(a - b) + // Any RSA public key modulus is equal to a product of two primes: + // n = pq + // Here we try to find values for a and b, since doing so also gives us the + // prime factors p = (a + b) and q = (a - b). + + // We start with a close to the square root of the modulus n, to start with + // two candidate prime factors that are as close together as possible and + // work our way out from there. Specifically, we set a = ceil(sqrt(n)), the + // first integer greater than the square root of n. Unfortunately, big.Int's + // built-in square root function takes the floor, so we have to add one to get + // the ceil. + a := new(big.Int) + a.Sqrt(n).Add(a, one) + + // We calculate b2 to see if it is a perfect square (i.e. b^2), and therefore + // b is an integer. Specifically, b2 = a^2 - n. + b2 := new(big.Int) + b2.Mul(a, a).Sub(b2, n) + + for i := 0; i < rounds; i++ { + // To see if b2 is a perfect square, we take its square root, square that, + // and check to see if we got the same result back. + bb.Sqrt(b2).Mul(bb, bb) + if b2.Cmp(bb) == 0 { + // b2 is a perfect square, so we've found integer values of a and b, + // and can easily compute p and q as their sum and difference. + bb.Sqrt(bb) + p := new(big.Int).Add(a, bb) + q := new(big.Int).Sub(a, bb) + return fmt.Errorf("public modulus n = pq factored into p: %s; q: %s", p, q) + } + + // Set up the next iteration by incrementing a by one and recalculating b2. + a.Add(a, one) + b2.Mul(a, a).Sub(b2, n) + } + return nil +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_no_public_key.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_no_public_key.go index 9b2eb1442..c53256719 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_no_public_key.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_no_public_key.go @@ -31,12 +31,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &rsaParsedPubKeyExist{}, + Lint: NewRsaParsedPubKeyExist, }) } -func (l *rsaParsedPubKeyExist) Initialize() error { - return nil +func NewRsaParsedPubKeyExist() lint.LintInterface { + return &rsaParsedPubKeyExist{} } func (l *rsaParsedPubKeyExist) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_bare_wildcard.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_bare_wildcard.go index 8dc7568d6..083495f57 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_bare_wildcard.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_bare_wildcard.go @@ -31,12 +31,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &brSANBareWildcard{}, + Lint: NewBrSANBareWildcard, }) } -func (l *brSANBareWildcard) Initialize() error { - return nil +func NewBrSANBareWildcard() lint.LintInterface { + return &brSANBareWildcard{} } func (l *brSANBareWildcard) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_duplicate.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_duplicate.go index fb36c261e..2d3476712 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_duplicate.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_duplicate.go @@ -31,12 +31,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &SANDNSDuplicate{}, + Lint: NewSANDNSDuplicate, }) } -func (l *SANDNSDuplicate) Initialize() error { - return nil +func NewSANDNSDuplicate() lint.LintInterface { + return &SANDNSDuplicate{} } func (l *SANDNSDuplicate) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_includes_null_char.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_includes_null_char.go index b486d77f5..6e023d036 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_includes_null_char.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_includes_null_char.go @@ -29,12 +29,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &SANDNSNull{}, + Lint: NewSANDNSNull, }) } -func (l *SANDNSNull) Initialize() error { - return nil +func NewSANDNSNull() lint.LintInterface { + return &SANDNSNull{} } func (l *SANDNSNull) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_starts_with_period.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_starts_with_period.go index 394362003..54e1ba870 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_starts_with_period.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_starts_with_period.go @@ -31,12 +31,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &SANDNSPeriod{}, + Lint: NewSANDNSPeriod, }) } -func (l *SANDNSPeriod) Initialize() error { - return nil +func NewSANDNSPeriod() lint.LintInterface { + return &SANDNSPeriod{} } func (l *SANDNSPeriod) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_iana_pub_suffix_empty.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_iana_pub_suffix_empty.go index 53be114dc..ee91b6f50 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_iana_pub_suffix_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_iana_pub_suffix_empty.go @@ -32,12 +32,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &pubSuffix{}, + Lint: NewPubSuffix, }) } -func (l *pubSuffix) Initialize() error { - return nil +func NewPubSuffix() lint.LintInterface { + return &pubSuffix{} } func (l *pubSuffix) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_wildcard_not_first.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_wildcard_not_first.go index b94c7a07f..2d5526fbe 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_wildcard_not_first.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_wildcard_not_first.go @@ -29,12 +29,12 @@ func init() { Citation: "awslabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &SANWildCardFirst{}, + Lint: NewSANWildCardFirst, }) } -func (l *SANWildCardFirst) Initialize() error { - return nil +func NewSANWildCardFirst() lint.LintInterface { + return &SANWildCardFirst{} } func (l *SANWildCardFirst) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_leading_whitespace.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_leading_whitespace.go index fcd132860..354b25732 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_leading_whitespace.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_leading_whitespace.go @@ -29,12 +29,12 @@ func init() { Citation: "lint.AWSLabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &SubjectDNLeadingSpace{}, + Lint: NewSubjectDNLeadingSpace, }) } -func (l *SubjectDNLeadingSpace) Initialize() error { - return nil +func NewSubjectDNLeadingSpace() lint.LintInterface { + return &SubjectDNLeadingSpace{} } func (l *SubjectDNLeadingSpace) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_trailing_whitespace.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_trailing_whitespace.go index 99ed4ea53..7cd411d4f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_trailing_whitespace.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_trailing_whitespace.go @@ -29,12 +29,12 @@ func init() { Citation: "lint.AWSLabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &SubjectDNTrailingSpace{}, + Lint: NewSubjectDNTrailingSpace, }) } -func (l *SubjectDNTrailingSpace) Initialize() error { - return nil +func NewSubjectDNTrailingSpace() lint.LintInterface { + return &SubjectDNTrailingSpace{} } func (l *SubjectDNTrailingSpace) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_multiple_rdn.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_multiple_rdn.go index e40b3e0fc..2e3336637 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_multiple_rdn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_multiple_rdn.go @@ -15,8 +15,7 @@ package community */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zcrypto/x509/pkix" "github.com/zmap/zlint/v3/lint" @@ -32,12 +31,12 @@ func init() { Citation: "lint.AWSLabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &SubjectRDNHasMultipleAttribute{}, + Lint: NewSubjectRDNHasMultipleAttribute, }) } -func (l *SubjectRDNHasMultipleAttribute) Initialize() error { - return nil +func NewSubjectRDNHasMultipleAttribute() lint.LintInterface { + return &SubjectRDNHasMultipleAttribute{} } func (l *SubjectRDNHasMultipleAttribute) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_validity_time_not_positive.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_validity_time_not_positive.go index 3a931ff5c..e9f420ed3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_validity_time_not_positive.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_validity_time_not_positive.go @@ -29,12 +29,12 @@ func init() { Citation: "lint.AWSLabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, - Lint: &validityNegative{}, + Lint: NewValidityNegative, }) } -func (l *validityNegative) Initialize() error { - return nil +func NewValidityNegative() lint.LintInterface { + return &validityNegative{} } func (l *validityNegative) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_present_qcs_critical.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_present_qcs_critical.go index f7ddd7cb9..a568f976e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_present_qcs_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_present_qcs_critical.go @@ -29,12 +29,12 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.1", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQcEtsiPresentQcsCritical{}, + Lint: NewQcStatemQcEtsiPresentQcsCritical, }) } -func (l *qcStatemQcEtsiPresentQcsCritical) Initialize() error { - return nil +func NewQcStatemQcEtsiPresentQcsCritical() lint.LintInterface { + return &qcStatemQcEtsiPresentQcsCritical{} } func (l *qcStatemQcEtsiPresentQcsCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_type_as_statem.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_type_as_statem.go index d93ebd169..b2ca72336 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_type_as_statem.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_type_as_statem.go @@ -15,9 +15,9 @@ package etsi import ( - "encoding/asn1" "fmt" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -32,12 +32,12 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.2.3", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemEtsiTypeAsStatem{}, + Lint: NewQcStatemEtsiTypeAsStatem, }) } -func (l *qcStatemEtsiTypeAsStatem) Initialize() error { - return nil +func NewQcStatemEtsiTypeAsStatem() lint.LintInterface { + return &qcStatemEtsiTypeAsStatem{} } func (l *qcStatemEtsiTypeAsStatem) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_mandatory_etsi_statems.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_mandatory_etsi_statems.go index 37d9b8650..ec67f7a27 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_mandatory_etsi_statems.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_mandatory_etsi_statems.go @@ -15,8 +15,7 @@ package etsi import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -31,12 +30,12 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 5", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQcmandatoryEtsiStatems{}, + Lint: NewQcStatemQcmandatoryEtsiStatems, }) } -func (l *qcStatemQcmandatoryEtsiStatems) Initialize() error { - return nil +func NewQcStatemQcmandatoryEtsiStatems() lint.LintInterface { + return &qcStatemQcmandatoryEtsiStatems{} } func (l *qcStatemQcmandatoryEtsiStatems) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qccompliance_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qccompliance_valid.go index 2494268e5..31d3ce835 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qccompliance_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qccompliance_valid.go @@ -15,8 +15,7 @@ package etsi import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -31,16 +30,16 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.2.1", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQcComplianceValid{}, + Lint: NewQcStatemQcComplianceValid, }) } -func (this *qcStatemQcComplianceValid) getStatementOid() *asn1.ObjectIdentifier { - return &util.IdEtsiQcsQcCompliance +func NewQcStatemQcComplianceValid() lint.LintInterface { + return &qcStatemQcComplianceValid{} } -func (l *qcStatemQcComplianceValid) Initialize() error { - return nil +func (this *qcStatemQcComplianceValid) getStatementOid() *asn1.ObjectIdentifier { + return &util.IdEtsiQcsQcCompliance } func (l *qcStatemQcComplianceValid) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qclimitvalue_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qclimitvalue_valid.go index 27678b99c..bc31e6431 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qclimitvalue_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qclimitvalue_valid.go @@ -15,9 +15,9 @@ package etsi import ( - "encoding/asn1" "unicode" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -32,16 +32,16 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.3.2", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQcLimitValueValid{}, + Lint: NewQcStatemQcLimitValueValid, }) } -func (this *qcStatemQcLimitValueValid) getStatementOid() *asn1.ObjectIdentifier { - return &util.IdEtsiQcsQcLimitValue +func NewQcStatemQcLimitValueValid() lint.LintInterface { + return &qcStatemQcLimitValueValid{} } -func (l *qcStatemQcLimitValueValid) Initialize() error { - return nil +func (this *qcStatemQcLimitValueValid) getStatementOid() *asn1.ObjectIdentifier { + return &util.IdEtsiQcsQcLimitValue } func (l *qcStatemQcLimitValueValid) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_lang_case.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_lang_case.go index 8aa87c944..82f87772e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_lang_case.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_lang_case.go @@ -15,10 +15,10 @@ package etsi import ( - "encoding/asn1" "fmt" "unicode" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -33,16 +33,16 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.3.4", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQcPdsLangCase{}, + Lint: NewQcStatemQcPdsLangCase, }) } -func (this *qcStatemQcPdsLangCase) getStatementOid() *asn1.ObjectIdentifier { - return &util.IdEtsiQcsQcEuPDS +func NewQcStatemQcPdsLangCase() lint.LintInterface { + return &qcStatemQcPdsLangCase{} } -func (l *qcStatemQcPdsLangCase) Initialize() error { - return nil +func (this *qcStatemQcPdsLangCase) getStatementOid() *asn1.ObjectIdentifier { + return &util.IdEtsiQcsQcEuPDS } func (l *qcStatemQcPdsLangCase) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_valid.go index 5f0fda22e..2df626891 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_valid.go @@ -15,10 +15,10 @@ package etsi import ( - "encoding/asn1" "fmt" "strings" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -33,16 +33,16 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.3.4", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQcPdsValid{}, + Lint: NewQcStatemQcPdsValid, }) } -func (this *qcStatemQcPdsValid) getStatementOid() *asn1.ObjectIdentifier { - return &util.IdEtsiQcsQcEuPDS +func NewQcStatemQcPdsValid() lint.LintInterface { + return &qcStatemQcPdsValid{} } -func (l *qcStatemQcPdsValid) Initialize() error { - return nil +func (this *qcStatemQcPdsValid) getStatementOid() *asn1.ObjectIdentifier { + return &util.IdEtsiQcsQcEuPDS } func (l *qcStatemQcPdsValid) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcretentionperiod_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcretentionperiod_valid.go index 626b53279..7ae39557f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcretentionperiod_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcretentionperiod_valid.go @@ -15,8 +15,7 @@ package etsi import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -31,16 +30,16 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11)/ Section 4.3.3", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQcRetentionPeriodValid{}, + Lint: NewQcStatemQcRetentionPeriodValid, }) } -func (this *qcStatemQcRetentionPeriodValid) getStatementOid() *asn1.ObjectIdentifier { - return &util.IdEtsiQcsQcRetentionPeriod +func NewQcStatemQcRetentionPeriodValid() lint.LintInterface { + return &qcStatemQcRetentionPeriodValid{} } -func (l *qcStatemQcRetentionPeriodValid) Initialize() error { - return nil +func (this *qcStatemQcRetentionPeriodValid) getStatementOid() *asn1.ObjectIdentifier { + return &util.IdEtsiQcsQcRetentionPeriod } func (l *qcStatemQcRetentionPeriodValid) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcsscd_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcsscd_valid.go index 199fdba40..cc08b6839 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcsscd_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcsscd_valid.go @@ -15,8 +15,7 @@ package etsi import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -31,16 +30,16 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.2.2", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQcSscdValid{}, + Lint: NewQcStatemQcSscdValid, }) } -func (this *qcStatemQcSscdValid) getStatementOid() *asn1.ObjectIdentifier { - return &util.IdEtsiQcsQcSSCD +func NewQcStatemQcSscdValid() lint.LintInterface { + return &qcStatemQcSscdValid{} } -func (l *qcStatemQcSscdValid) Initialize() error { - return nil +func (this *qcStatemQcSscdValid) getStatementOid() *asn1.ObjectIdentifier { + return &util.IdEtsiQcsQcSSCD } func (l *qcStatemQcSscdValid) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_valid.go index ed382d26f..cf957bde2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_valid.go @@ -15,9 +15,9 @@ package etsi import ( - "encoding/asn1" "fmt" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -32,16 +32,16 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.2.3", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQctypeValid{}, + Lint: NewQcStatemQctypeValid, }) } -func (this *qcStatemQctypeValid) getStatementOid() *asn1.ObjectIdentifier { - return &util.IdEtsiQcsQcType +func NewQcStatemQctypeValid() lint.LintInterface { + return &qcStatemQctypeValid{} } -func (l *qcStatemQctypeValid) Initialize() error { - return nil +func (this *qcStatemQctypeValid) getStatementOid() *asn1.ObjectIdentifier { + return &util.IdEtsiQcsQcType } func (l *qcStatemQctypeValid) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_web.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_web.go index 71a75c9cb..a2b152239 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_web.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_web.go @@ -15,9 +15,9 @@ package etsi import ( - "encoding/asn1" "fmt" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -32,16 +32,16 @@ func init() { Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.2.3", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, - Lint: &qcStatemQctypeWeb{}, + Lint: NewQcStatemQctypeWeb, }) } -func (this *qcStatemQctypeWeb) getStatementOid() *asn1.ObjectIdentifier { - return &util.IdEtsiQcsQcType +func NewQcStatemQctypeWeb() lint.LintInterface { + return &qcStatemQctypeWeb{} } -func (l *qcStatemQctypeWeb) Initialize() error { - return nil +func (this *qcStatemQctypeWeb) getStatementOid() *asn1.ObjectIdentifier { + return &util.IdEtsiQcsQcType } func (l *qcStatemQctypeWeb) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_e_prohibit_dsa_usage.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_e_prohibit_dsa_usage.go new file mode 100644 index 000000000..bfe87f0a6 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_e_prohibit_dsa_usage.go @@ -0,0 +1,62 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package mozilla + +import ( + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type prohibitDSAUsage struct{} + +/************************************************ +https://www.mozilla.org/en-US/about/governance/policies/security-group/certs/policy/ + +Subsection 5.1 Algorithms +Root certificates in our root program, and any certificate which chains up to them, MUST use only algorithms and key sizes from the following set: + +- RSA keys whose modulus size in bits is divisible by 8, and is at least 2048. +- ECDSA keys using one of the following curves: + + P-256 + + P-384 +************************************************/ + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_prohibit_dsa_usage", + Description: "DSA is not an explicitly allowed signature algorithm, therefore it is forbidden.", + Citation: "Mozilla Root Store Policy / Section 5.1", + Source: lint.MozillaRootStorePolicy, + EffectiveDate: util.MozillaPolicy241Date, + Lint: NewProhibitDSAUsage, + }) +} + +func NewProhibitDSAUsage() lint.LintInterface { + return &prohibitDSAUsage{} +} + +func (l *prohibitDSAUsage) CheckApplies(c *x509.Certificate) bool { + return true +} + +func (l *prohibitDSAUsage) Execute(c *x509.Certificate) *lint.LintResult { + if c.PublicKeyAlgorithm == x509.DSA { + return &lint.LintResult{Status: lint.Error} + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_allowed_eku.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_allowed_eku.go index 774bf4675..7fd70ed94 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_allowed_eku.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_allowed_eku.go @@ -39,16 +39,16 @@ intermediates. func init() { lint.RegisterLint(&lint.Lint{ Name: "n_mp_allowed_eku", - Description: "A SubCA certificate must not have key usage that allows for both server auth and email protection, and must not use anyKeyUsage", + Description: "A SubCA certificate must not have key usage that allows for both server auth and email protection, and must not use anyExtendedKeyUsage", Citation: "Mozilla Root Store Policy / Section 5.3", Source: lint.MozillaRootStorePolicy, EffectiveDate: time.Date(2019, time.January, 1, 0, 0, 0, 0, time.UTC), - Lint: &allowedEKU{}, + Lint: NewAllowedEKU, }) } -func (l *allowedEKU) Initialize() error { - return nil +func NewAllowedEKU() lint.LintInterface { + return &allowedEKU{} } func (l *allowedEKU) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_authority_key_identifier_correct.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_authority_key_identifier_correct.go index 004f01284..017ded94b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_authority_key_identifier_correct.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_authority_key_identifier_correct.go @@ -15,9 +15,9 @@ package mozilla import ( - "encoding/asn1" "fmt" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -45,12 +45,12 @@ func init() { Citation: "Mozilla Root Store Policy / Section 5.2", Source: lint.MozillaRootStorePolicy, EffectiveDate: util.MozillaPolicy22Date, - Lint: &authorityKeyIdentifierCorrect{}, + Lint: NewAuthorityKeyIdentifierCorrect, }) } -func (l *authorityKeyIdentifierCorrect) Initialize() error { - return nil +func NewAuthorityKeyIdentifierCorrect() lint.LintInterface { + return &authorityKeyIdentifierCorrect{} } func (l *authorityKeyIdentifierCorrect) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_pub_key_encoding_correct.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_pub_key_encoding_correct.go index 92b7ebbcb..9a13db7ce 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_pub_key_encoding_correct.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_pub_key_encoding_correct.go @@ -50,10 +50,14 @@ func init() { Citation: "Mozilla Root Store Policy / Section 5.1.2", Source: lint.MozillaRootStorePolicy, EffectiveDate: util.MozillaPolicy27Date, - Lint: &ecdsaPubKeyAidEncoding{}, + Lint: NewEcdsaPubKeyAidEncoding, }) } +func NewEcdsaPubKeyAidEncoding() lint.LintInterface { + return &ecdsaPubKeyAidEncoding{} +} + var acceptedAlgIDEncodingsDER = [2][]byte{ // encoded AlgorithmIdentifier for a P-256 key {0x30, 0x13, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07}, @@ -61,10 +65,6 @@ var acceptedAlgIDEncodingsDER = [2][]byte{ {0x30, 0x10, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x02, 0x01, 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x22}, } -func (l *ecdsaPubKeyAidEncoding) Initialize() error { - return nil -} - func (l *ecdsaPubKeyAidEncoding) CheckApplies(c *x509.Certificate) bool { return c.PublicKeyAlgorithm == x509.ECDSA } diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_signature_encoding_correct.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_signature_encoding_correct.go index 71dd0d8ea..2339d05a0 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_signature_encoding_correct.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_signature_encoding_correct.go @@ -51,12 +51,12 @@ func init() { Citation: "Mozilla Root Store Policy / Section 5.1.2", Source: lint.MozillaRootStorePolicy, EffectiveDate: util.MozillaPolicy27Date, - Lint: &ecdsaSignatureAidEncoding{}, + Lint: NewEcdsaSignatureAidEncoding, }) } -func (l *ecdsaSignatureAidEncoding) Initialize() error { - return nil +func NewEcdsaSignatureAidEncoding() lint.LintInterface { + return &ecdsaSignatureAidEncoding{} } func (l *ecdsaSignatureAidEncoding) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_exponent_cannot_be_one.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_exponent_cannot_be_one.go index 42bae8c31..9e51d9e41 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_exponent_cannot_be_one.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_exponent_cannot_be_one.go @@ -37,12 +37,12 @@ func init() { Citation: "Mozilla Root Store Policy / Section 5.2", Source: lint.MozillaRootStorePolicy, EffectiveDate: util.MozillaPolicy24Date, - Lint: &exponentCannotBeOne{}, + Lint: NewExponentCannotBeOne, }) } -func (l *exponentCannotBeOne) Initialize() error { - return nil +func NewExponentCannotBeOne() lint.LintInterface { + return &exponentCannotBeOne{} } func (l *exponentCannotBeOne) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_2048_bits_or_more.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_2048_bits_or_more.go index b6689a1f1..4dd21ffef 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_2048_bits_or_more.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_2048_bits_or_more.go @@ -36,12 +36,12 @@ func init() { Citation: "Mozilla Root Store Policy / Section 5.1", Source: lint.MozillaRootStorePolicy, EffectiveDate: util.MozillaPolicy24Date, - Lint: &modulus2048OrMore{}, + Lint: NewModulus2048OrMore, }) } -func (l *modulus2048OrMore) Initialize() error { - return nil +func NewModulus2048OrMore() lint.LintInterface { + return &modulus2048OrMore{} } func (l *modulus2048OrMore) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_divisible_by_8.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_divisible_by_8.go index e21b9faf5..96f129f49 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_divisible_by_8.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_divisible_by_8.go @@ -36,12 +36,12 @@ func init() { Citation: "Mozilla Root Store Policy / Section 5.1", Source: lint.MozillaRootStorePolicy, EffectiveDate: util.MozillaPolicy24Date, - Lint: &modulusDivisibleBy8{}, + Lint: NewModulusDivisibleBy8, }) } -func (l *modulusDivisibleBy8) Initialize() error { - return nil +func NewModulusDivisibleBy8() lint.LintInterface { + return &modulusDivisibleBy8{} } func (l *modulusDivisibleBy8) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_pss_parameters_encoding_correct.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_pss_parameters_encoding_correct.go index f1d0fc91b..cdf56a429 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_pss_parameters_encoding_correct.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_pss_parameters_encoding_correct.go @@ -64,10 +64,14 @@ func init() { Citation: "Mozilla Root Store Policy / Section 5.1.1", Source: lint.MozillaRootStorePolicy, EffectiveDate: util.MozillaPolicy27Date, - Lint: &rsaPssAidEncoding{}, + Lint: NewRsaPssAidEncoding, }) } +func NewRsaPssAidEncoding() lint.LintInterface { + return &rsaPssAidEncoding{} +} + var RSASSAPSSAlgorithmIDToDER = [3][]byte{ // RSASSA-PSS with SHA-256, MGF-1 with SHA-256, salt length 32 bytes {0x30, 0x41, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0a, 0x30, 0x34, 0xa0, 0x0f, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0xa1, 0x1c, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x08, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0xa2, 0x03, 0x02, 0x01, 0x20}, @@ -77,10 +81,6 @@ var RSASSAPSSAlgorithmIDToDER = [3][]byte{ {0x30, 0x41, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0a, 0x30, 0x34, 0xa0, 0x0f, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0xa1, 0x1c, 0x30, 0x1a, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x08, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0xa2, 0x03, 0x02, 0x01, 0x40}, } -func (l *rsaPssAidEncoding) Initialize() error { - return nil -} - func (l *rsaPssAidEncoding) CheckApplies(c *x509.Certificate) bool { return c.SignatureAlgorithmOID.Equal(util.OidRSASSAPSS) } diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_rsassa-pss_in_spki.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_rsassa-pss_in_spki.go index b978cce4c..f7fdfd03d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_rsassa-pss_in_spki.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_rsassa-pss_in_spki.go @@ -39,12 +39,12 @@ func init() { Citation: "Mozilla Root Store Policy / Section 5.1.1", Source: lint.MozillaRootStorePolicy, EffectiveDate: util.MozillaPolicy27Date, - Lint: &rsaPssInSPKI{}, + Lint: NewRsaPssInSPKI, }) } -func (l *rsaPssInSPKI) Initialize() error { - return nil +func NewRsaPssInSPKI() lint.LintInterface { + return &rsaPssInSPKI{} } func (l *rsaPssInSPKI) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_basic_constraints_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_basic_constraints_not_critical.go index 55866ec44..3e0b70933 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_basic_constraints_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_basic_constraints_not_critical.go @@ -41,12 +41,12 @@ func init() { Citation: "RFC 5280: 4.2.1.9", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &basicConstCrit{}, + Lint: NewBasicConstCrit, }) } -func (l *basicConstCrit) Initialize() error { - return nil +func NewBasicConstCrit() lint.LintInterface { + return &basicConstCrit{} } func (l *basicConstCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ca_subject_field_empty.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ca_subject_field_empty.go index f6a55d781..3d5478221 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ca_subject_field_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ca_subject_field_empty.go @@ -41,12 +41,12 @@ func init() { Citation: "RFC 5280: 4.1.2.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &caSubjectEmpty{}, + Lint: NewCaSubjectEmpty, }) } -func (l *caSubjectEmpty) Initialize() error { - return nil +func NewCaSubjectEmpty() lint.LintInterface { + return &caSubjectEmpty{} } func (l *caSubjectEmpty) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_contains_unique_identifier.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_contains_unique_identifier.go index 13d5f5e79..dbb51c5b7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_contains_unique_identifier.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_contains_unique_identifier.go @@ -42,12 +42,12 @@ func init() { Source: lint.RFC5280, Citation: "RFC 5280: 4.1.2.8", EffectiveDate: util.RFC5280Date, - Lint: &CertContainsUniqueIdentifier{}, + Lint: NewCertContainsUniqueIdentifier, }) } -func (l *CertContainsUniqueIdentifier) Initialize() error { - return nil +func NewCertContainsUniqueIdentifier() lint.LintInterface { + return &CertContainsUniqueIdentifier{} } func (l *CertContainsUniqueIdentifier) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_extensions_version_not_3.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_extensions_version_not_3.go index 18a82c627..73b5d5658 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_extensions_version_not_3.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_extensions_version_not_3.go @@ -48,12 +48,12 @@ func init() { Citation: "RFC 5280: 4.1.2.9", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &CertExtensionsVersonNot3{}, + Lint: NewCertExtensionsVersonNot3, }) } -func (l *CertExtensionsVersonNot3) Initialize() error { - return nil +func NewCertExtensionsVersonNot3() lint.LintInterface { + return &CertExtensionsVersonNot3{} } func (l *CertExtensionsVersonNot3) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_unique_identifier_version_not_2_or_3.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_unique_identifier_version_not_2_or_3.go index 476d88932..f6c982b7c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_unique_identifier_version_not_2_or_3.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_unique_identifier_version_not_2_or_3.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 5280: 4.1.2.8", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &certUniqueIdVersion{}, + Lint: NewCertUniqueIdVersion, }) } -func (l *certUniqueIdVersion) Initialize() error { - return nil +func NewCertUniqueIdVersion() lint.LintInterface { + return &certUniqueIdVersion{} } func (l *certUniqueIdVersion) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_incomplete.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_incomplete.go index 32ccb9475..75766eb9d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_incomplete.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_incomplete.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zcrypto/x509/pkix" "github.com/zmap/zlint/v3/lint" @@ -56,12 +55,12 @@ func init() { Citation: "RFC 5280: 4.2.1.13", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &dpIncomplete{}, + Lint: NewDpIncomplete, }) } -func (l *dpIncomplete) Initialize() error { - return nil +func NewDpIncomplete() lint.LintInterface { + return &dpIncomplete{} } func (l *dpIncomplete) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_missing_ldap_or_uri.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_missing_ldap_or_uri.go index 1ad537db0..8a15bd9ee 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_missing_ldap_or_uri.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_missing_ldap_or_uri.go @@ -36,12 +36,12 @@ func init() { Citation: "RFC 5280: 4.2.1.13", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &distribNoLDAPorURI{}, + Lint: NewDistribNoLDAPorURI, }) } -func (l *distribNoLDAPorURI) Initialize() error { - return nil +func NewDistribNoLDAPorURI() lint.LintInterface { + return &distribNoLDAPorURI{} } func (l *distribNoLDAPorURI) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_contains_empty_label.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_contains_empty_label.go new file mode 100644 index 000000000..88eb1fb19 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_contains_empty_label.go @@ -0,0 +1,63 @@ +package rfc + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type DNSNameEmptyLabel struct{} + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_rfc_dnsname_empty_label", + Description: "DNSNames should not have an empty label.", + Citation: "RFC5280: 4.2.1.6", + Source: lint.RFC5280, + EffectiveDate: util.RFC5280Date, + Lint: NewDNSNameEmptyLabel, + }) +} + +func NewDNSNameEmptyLabel() lint.LintInterface { + return &DNSNameEmptyLabel{} +} + +func (l *DNSNameEmptyLabel) CheckApplies(c *x509.Certificate) bool { + return util.IsSubscriberCert(c) && util.DNSNamesExist(c) +} + +func domainHasEmptyLabel(domain string) bool { + labels := strings.Split(domain, ".") + for _, elem := range labels { + if elem == "" { + return true + } + } + return false +} + +func (l *DNSNameEmptyLabel) Execute(c *x509.Certificate) *lint.LintResult { + for _, dns := range c.DNSNames { + if domainHasEmptyLabel(dns) { + return &lint.LintResult{Status: lint.Error} + } + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_hyphen_in_sld.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_hyphen_in_sld.go new file mode 100644 index 000000000..a92ccda7e --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_hyphen_in_sld.go @@ -0,0 +1,58 @@ +package rfc + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type DNSNameHyphenInSLD struct{} + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_rfc_dnsname_hyphen_in_sld", + Description: "DNSName should not have a hyphen beginning or ending the SLD", + Citation: "RFC5280: 4.2.1.6", + Source: lint.RFC5280, + EffectiveDate: util.RFC5280Date, + Lint: NewDNSNameHyphenInSLD, + }) +} + +func NewDNSNameHyphenInSLD() lint.LintInterface { + return &DNSNameHyphenInSLD{} +} + +func (l *DNSNameHyphenInSLD) CheckApplies(c *x509.Certificate) bool { + return util.IsSubscriberCert(c) && util.DNSNamesExist(c) +} + +func (l *DNSNameHyphenInSLD) Execute(c *x509.Certificate) *lint.LintResult { + parsedSANDNSNames := c.GetParsedDNSNames(false) + for i := range c.GetParsedDNSNames(false) { + if parsedSANDNSNames[i].ParseError != nil { + return &lint.LintResult{Status: lint.NA} + } + if strings.HasPrefix(parsedSANDNSNames[i].ParsedDomain.SLD, "-") || + strings.HasSuffix(parsedSANDNSNames[i].ParsedDomain.SLD, "-") { + return &lint.LintResult{Status: lint.Error} + } + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_label_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_label_too_long.go new file mode 100644 index 000000000..25782be04 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_label_too_long.go @@ -0,0 +1,64 @@ +package rfc + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type DNSNameLabelLengthTooLong struct{} + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_rfc_dnsname_label_too_long", + Description: "DNSName labels MUST be less than or equal to 63 characters", + Citation: "RFC 5280: 4.2.1.6, citing RFC 1035", + Source: lint.RFC5280, + EffectiveDate: util.RFC5280Date, + Lint: NewDNSNameLabelLengthTooLong, + }) +} + +func NewDNSNameLabelLengthTooLong() lint.LintInterface { + return &DNSNameLabelLengthTooLong{} +} + +func (l *DNSNameLabelLengthTooLong) CheckApplies(c *x509.Certificate) bool { + return util.IsSubscriberCert(c) && util.DNSNamesExist(c) +} + +func labelLengthTooLong(domain string) bool { + labels := strings.Split(domain, ".") + for _, label := range labels { + if len(label) > 63 { + return true + } + } + return false +} + +func (l *DNSNameLabelLengthTooLong) Execute(c *x509.Certificate) *lint.LintResult { + for _, dns := range c.DNSNames { + labelTooLong := labelLengthTooLong(dns) + if labelTooLong { + return &lint.LintResult{Status: lint.Error} + } + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_sld.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_sld.go new file mode 100644 index 000000000..3efa8d264 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_sld.go @@ -0,0 +1,57 @@ +package rfc + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type DNSNameUnderscoreInSLD struct{} + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_rfc_dnsname_underscore_in_sld", + Description: "DNSName MUST NOT contain underscore characters", + Citation: "RFC5280: 4.2.1.6", + Source: lint.RFC5280, + EffectiveDate: util.RFC5280Date, + Lint: NewDNSNameUnderscoreInSLD, + }) +} + +func NewDNSNameUnderscoreInSLD() lint.LintInterface { + return &DNSNameUnderscoreInSLD{} +} + +func (l *DNSNameUnderscoreInSLD) CheckApplies(c *x509.Certificate) bool { + return util.IsSubscriberCert(c) && util.DNSNamesExist(c) +} + +func (l *DNSNameUnderscoreInSLD) Execute(c *x509.Certificate) *lint.LintResult { + parsedSANDNSNames := c.GetParsedDNSNames(false) + for i := range c.GetParsedDNSNames(false) { + if parsedSANDNSNames[i].ParseError != nil { + return &lint.LintResult{Status: lint.NA} + } + if strings.Contains(parsedSANDNSNames[i].ParsedDomain.SLD, "_") { + return &lint.LintResult{Status: lint.Error} + } + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_trd.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_trd.go new file mode 100644 index 000000000..3e07d6b86 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_trd.go @@ -0,0 +1,58 @@ +package rfc + +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type DNSNameUnderscoreInTRD struct{} + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "w_rfc_dnsname_underscore_in_trd", + Description: "DNSName MUST NOT contain underscore characters", + Citation: "RFC5280: 4.1.2.6", + Source: lint.RFC5280, + EffectiveDate: util.RFC5280Date, + Lint: NewDNSNameUnderscoreInTRD, + }) +} + +func NewDNSNameUnderscoreInTRD() lint.LintInterface { + return &DNSNameUnderscoreInTRD{} +} + +func (l *DNSNameUnderscoreInTRD) CheckApplies(c *x509.Certificate) bool { + return util.IsSubscriberCert(c) && util.DNSNamesExist(c) +} + +func (l *DNSNameUnderscoreInTRD) Execute(c *x509.Certificate) *lint.LintResult { + parsedSANDNSNames := c.GetParsedDNSNames(false) + for i := range c.GetParsedDNSNames(false) { + if parsedSANDNSNames[i].ParseError != nil { + return &lint.LintResult{Status: lint.NA} + } + if strings.Contains(parsedSANDNSNames[i].ParsedDomain.TRD, "_") { + return &lint.LintResult{Status: lint.Warn} + } + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_allowed_ku.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_allowed_ku.go new file mode 100644 index 000000000..14e15605d --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_allowed_ku.go @@ -0,0 +1,91 @@ +/* + * ZLint Copyright 2022 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package rfc + +import ( + "fmt" + "sort" + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type ecdsaAllowedKU struct{} + +/************************************************ +RFC 8813: 3. Updates to Section 3 +If the keyUsage extension is present in a certificate that indicates + id-ecPublicKey in SubjectPublicKeyInfo, then the following values + MUST NOT be present: + + keyEncipherment; and + dataEncipherment. +************************************************/ +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_ecdsa_allowed_ku", + Description: "Key usage values keyEncipherment or dataEncipherment MUST NOT be present in certificates with ECDSA public keys", + Citation: "RFC 8813 Section 3", + Source: lint.RFC8813, + EffectiveDate: util.RFC8813Date, + Lint: NewEcdsaAllowedKU, + }) +} + +func NewEcdsaAllowedKU() lint.LintInterface { + return &ecdsaAllowedKU{} +} + +// CheckApplies returns true when the certificate has an ECDSA public key and a key usage extension. +func (l *ecdsaAllowedKU) CheckApplies(c *x509.Certificate) bool { + return c.PublicKeyAlgorithm == x509.ECDSA && util.HasKeyUsageOID(c) +} + +// Execute returns an Error level lint.LintResult if the ECDSA certificate +// being linted has the following Key Usage bits set: keyEncipherment or dataEncipherment. +func (l *ecdsaAllowedKU) Execute(c *x509.Certificate) *lint.LintResult { + // RFC 8813, Section 3 "Updates to Section 3" reads: + // + // If the keyUsage extension is present in a certificate that indicates + // id-ecPublicKey in SubjectPublicKeyInfo, then the following values + // MUST NOT be present: + // + // keyEncipherment; and + // dataEncipherment. + + var invalidKUs []string + + if util.HasKeyUsage(c, x509.KeyUsageKeyEncipherment) { + invalidKUs = append(invalidKUs, util.KeyUsageToString[x509.KeyUsageKeyEncipherment]) + } + + if util.HasKeyUsage(c, x509.KeyUsageDataEncipherment) { + invalidKUs = append(invalidKUs, util.KeyUsageToString[x509.KeyUsageDataEncipherment]) + } + + if len(invalidKUs) > 0 { + // Sort the invalid KUs to allow consistent ordering of Details messages for + // unit testing + sort.Strings(invalidKUs) + return &lint.LintResult{ + Status: lint.Error, + Details: fmt.Sprintf("Certificate contains invalid key usage(s): %s", strings.Join(invalidKUs, ", ")), + } + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go index be191d1ac..600d02da9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go @@ -33,15 +33,16 @@ func init() { Citation: "RFC 5480 Section 3", Source: lint.RFC5480, EffectiveDate: util.CABEffectiveDate, - Lint: &ecdsaInvalidKU{}, + Lint: NewEcdsaInvalidKU, }) } -// Initialize is a no-op for this lint. -func (l *ecdsaInvalidKU) Initialize() error { - return nil +func NewEcdsaInvalidKU() lint.LintInterface { + return &ecdsaInvalidKU{} } +// Initialize is a no-op for this lint. + // CheckApplies returns true when the certificate is a subscriber cert using an // ECDSA public key algorithm. func (l *ecdsaInvalidKU) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_eku_critical_improperly.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_eku_critical_improperly.go index d6051db4e..f23e934f6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_eku_critical_improperly.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_eku_critical_improperly.go @@ -42,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2.1.12", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &ekuBadCritical{}, + Lint: NewEkuBadCritical, }) } -func (l *ekuBadCritical) Initialize() error { - return nil +func NewEkuBadCritical() lint.LintInterface { + return &ekuBadCritical{} } func (l *ekuBadCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_access_location_missing.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_access_location_missing.go index df2e41a9b..784b36e46 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_access_location_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_access_location_missing.go @@ -42,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2.2.1", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &aiaNoHTTPorLDAP{}, + Lint: NewAiaNoHTTPorLDAP, }) } -func (l *aiaNoHTTPorLDAP) Initialize() error { - return nil +func NewAiaNoHTTPorLDAP() lint.LintInterface { + return &aiaNoHTTPorLDAP{} } func (l *aiaNoHTTPorLDAP) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_marked_critical.go index dce31de95..8c236821d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_marked_critical.go @@ -35,12 +35,12 @@ func init() { Citation: "RFC 5280: 4.2.2.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &ExtAiaMarkedCritical{}, + Lint: NewExtAiaMarkedCritical, }) } -func (l *ExtAiaMarkedCritical) Initialize() error { - return nil +func NewExtAiaMarkedCritical() lint.LintInterface { + return &ExtAiaMarkedCritical{} } func (l *ExtAiaMarkedCritical) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_critical.go index 768a47492..e0856d8db 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_critical.go @@ -34,12 +34,12 @@ func init() { Citation: "RFC 5280: 4.2.1.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &authorityKeyIdCritical{}, + Lint: NewAuthorityKeyIdCritical, }) } -func (l *authorityKeyIdCritical) Initialize() error { - return nil +func NewAuthorityKeyIdCritical() lint.LintInterface { + return &authorityKeyIdCritical{} } func (l *authorityKeyIdCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_missing.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_missing.go index 76488f76a..711b2b960 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_missing.go @@ -44,12 +44,12 @@ func init() { Citation: "RFC 5280: 4.2 & 4.2.1.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &authorityKeyIdMissing{}, + Lint: NewAuthorityKeyIdMissing, }) } -func (l *authorityKeyIdMissing) Initialize() error { - return nil +func NewAuthorityKeyIdMissing() lint.LintInterface { + return &authorityKeyIdMissing{} } func (l *authorityKeyIdMissing) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_no_key_identifier.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_no_key_identifier.go index fdf2a2add..82c62f928 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_no_key_identifier.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_no_key_identifier.go @@ -44,12 +44,12 @@ func init() { Citation: "RFC 5280: 4.2.1.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &authorityKeyIdNoKeyIdField{}, + Lint: NewAuthorityKeyIdNoKeyIdField, }) } -func (l *authorityKeyIdNoKeyIdField) Initialize() error { - return nil +func NewAuthorityKeyIdNoKeyIdField() lint.LintInterface { + return &authorityKeyIdNoKeyIdField{} } func (l *authorityKeyIdNoKeyIdField) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_contains_noticeref.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_contains_noticeref.go index f64aab142..17313d29c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_contains_noticeref.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_contains_noticeref.go @@ -35,12 +35,12 @@ func init() { Citation: "RFC 5280: 4.2.1.4", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: ¬iceRefPres{}, + Lint: NewNoticeRefPres, }) } -func (l *noticeRefPres) Initialize() error { - return nil +func NewNoticeRefPres() lint.LintInterface { + return ¬iceRefPres{} } func (l *noticeRefPres) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_disallowed_any_policy_qualifier.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_disallowed_any_policy_qualifier.go index 042e5798d..d050929ea 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_disallowed_any_policy_qualifier.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_disallowed_any_policy_qualifier.go @@ -40,12 +40,12 @@ func init() { Citation: "RFC 5280: 4.2.1.4", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &unrecommendedQualifier{}, + Lint: NewUnrecommendedQualifier, }) } -func (l *unrecommendedQualifier) Initialize() error { - return nil +func NewUnrecommendedQualifier() lint.LintInterface { + return &unrecommendedQualifier{} } func (l *unrecommendedQualifier) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_duplicate.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_duplicate.go index cffa718d4..3cd736dca 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_duplicate.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_duplicate.go @@ -37,12 +37,12 @@ func init() { Citation: "RFC 5280: 4.2.1.4", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &ExtCertPolicyDuplicate{}, + Lint: NewExtCertPolicyDuplicate, }) } -func (l *ExtCertPolicyDuplicate) Initialize() error { - return nil +func NewExtCertPolicyDuplicate() lint.LintInterface { + return &ExtCertPolicyDuplicate{} } func (l *ExtCertPolicyDuplicate) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_ia5_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_ia5_string.go index d5233cd44..57dd2c2ca 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_ia5_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_ia5_string.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 6818: 3", Source: lint.RFC5280, EffectiveDate: util.RFC6818Date, - Lint: &explicitTextIA5String{}, + Lint: NewExplicitTextIA5String, }) } -func (l *explicitTextIA5String) Initialize() error { - return nil +func NewExplicitTextIA5String() lint.LintInterface { + return &explicitTextIA5String{} } func (l *explicitTextIA5String) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_includes_control.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_includes_control.go index 41e752740..360b43220 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_includes_control.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_includes_control.go @@ -41,12 +41,12 @@ func init() { Citation: "RFC 6818: 3", Source: lint.RFC5280, EffectiveDate: util.RFC6818Date, - Lint: &controlChar{}, + Lint: NewControlChar, }) } -func (l *controlChar) Initialize() error { - return nil +func NewControlChar() lint.LintInterface { + return &controlChar{} } func (l *controlChar) CheckApplies(c *x509.Certificate) bool { @@ -59,6 +59,7 @@ func (l *controlChar) CheckApplies(c *x509.Certificate) bool { } //nolint:nestif +//nolint:cyclop func (l *controlChar) Execute(c *x509.Certificate) *lint.LintResult { for _, firstLvl := range c.ExplicitTexts { for _, text := range firstLvl { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_nfc.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_nfc.go index 7d68b8f0b..0ad63817f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_nfc.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_nfc.go @@ -35,12 +35,12 @@ func init() { Citation: "RFC6181 3", Source: lint.RFC5280, EffectiveDate: util.RFC6818Date, - Lint: &ExtCertPolicyExplicitTextNotNFC{}, + Lint: NewExtCertPolicyExplicitTextNotNFC, }) } -func (l *ExtCertPolicyExplicitTextNotNFC) Initialize() error { - return nil +func NewExtCertPolicyExplicitTextNotNFC() lint.LintInterface { + return &ExtCertPolicyExplicitTextNotNFC{} } func (l *ExtCertPolicyExplicitTextNotNFC) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_utf8.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_utf8.go index 7c283b207..3c0201b98 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_utf8.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_utf8.go @@ -44,12 +44,12 @@ func init() { Citation: "RFC 6818: 3", Source: lint.RFC5280, EffectiveDate: util.RFC6818Date, - Lint: &explicitTextUtf8{}, + Lint: NewExplicitTextUtf8, }) } -func (l *explicitTextUtf8) Initialize() error { - return nil +func NewExplicitTextUtf8() lint.LintInterface { + return &explicitTextUtf8{} } func (l *explicitTextUtf8) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_too_long.go index b728daea6..2e044c854 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_too_long.go @@ -42,16 +42,16 @@ func init() { Citation: "RFC 6818: 3", Source: lint.RFC5280, EffectiveDate: util.RFC6818Date, - Lint: &explicitTextTooLong{}, + Lint: NewExplicitTextTooLong, }) } -const tagBMPString int = 30 - -func (l *explicitTextTooLong) Initialize() error { - return nil +func NewExplicitTextTooLong() lint.LintInterface { + return &explicitTextTooLong{} } +const tagBMPString int = 30 + func (l *explicitTextTooLong) CheckApplies(c *x509.Certificate) bool { for _, text := range c.ExplicitTexts { if text != nil { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_crl_distribution_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_crl_distribution_marked_critical.go index 8016b419c..0a4e9b7a6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_crl_distribution_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_crl_distribution_marked_critical.go @@ -33,12 +33,12 @@ func init() { Citation: "RFC 5280: 4.2.1.13", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &ExtCrlDistributionMarkedCritical{}, + Lint: NewExtCrlDistributionMarkedCritical, }) } -func (l *ExtCrlDistributionMarkedCritical) Initialize() error { - return nil +func NewExtCrlDistributionMarkedCritical() lint.LintInterface { + return &ExtCrlDistributionMarkedCritical{} } func (l *ExtCrlDistributionMarkedCritical) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_duplicate_extension.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_duplicate_extension.go index 8eb32ee6b..fcbfa77a9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_duplicate_extension.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_duplicate_extension.go @@ -36,12 +36,12 @@ func init() { Citation: "RFC 5280: 4.2", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &extDuplicateExtension{}, + Lint: NewExtDuplicateExtension, }) } -func (l *extDuplicateExtension) Initialize() error { - return nil +func NewExtDuplicateExtension() lint.LintInterface { + return &extDuplicateExtension{} } func (l *extDuplicateExtension) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_freshest_crl_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_freshest_crl_marked_critical.go index 0417c4c8d..71d8e9d52 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_freshest_crl_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_freshest_crl_marked_critical.go @@ -34,12 +34,12 @@ func init() { Citation: "RFC 5280: 4.2.1.15", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &ExtFreshestCrlMarkedCritical{}, + Lint: NewExtFreshestCrlMarkedCritical, }) } -func (l *ExtFreshestCrlMarkedCritical) Initialize() error { - return nil +func NewExtFreshestCrlMarkedCritical() lint.LintInterface { + return &ExtFreshestCrlMarkedCritical{} } func (l *ExtFreshestCrlMarkedCritical) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_critical.go index 75eb2427b..f32665806 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_critical.go @@ -35,12 +35,12 @@ func init() { Citation: "RFC 5280: 4.2.1.7", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &ExtIANCritical{}, + Lint: NewExtIANCritical, }) } -func (l *ExtIANCritical) Initialize() error { - return nil +func NewExtIANCritical() lint.LintInterface { + return &ExtIANCritical{} } func (l *ExtIANCritical) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_dns_not_ia5_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_dns_not_ia5_string.go index 1d440f092..15c45ccf5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_dns_not_ia5_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_dns_not_ia5_string.go @@ -45,12 +45,12 @@ func init() { Citation: "RFC 5280: 4.2.1.7", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &IANDNSNotIA5String{}, + Lint: NewIANDNSNotIA5String, }) } -func (l *IANDNSNotIA5String) Initialize() error { - return nil +func NewIANDNSNotIA5String() lint.LintInterface { + return &IANDNSNotIA5String{} } func (l *IANDNSNotIA5String) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_empty_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_empty_name.go index a2dc53e0e..757984aa2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_empty_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_empty_name.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -43,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2.1.7", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &IANEmptyName{}, + Lint: NewIANEmptyName, }) } -func (l *IANEmptyName) Initialize() error { - return nil +func NewIANEmptyName() lint.LintInterface { + return &IANEmptyName{} } func (l *IANEmptyName) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_no_entries.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_no_entries.go index b23f7f839..eadb3b9fa 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_no_entries.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_no_entries.go @@ -41,12 +41,12 @@ func init() { Citation: "RFC 5280: 4.2.1.7", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &IANNoEntry{}, + Lint: NewIANNoEntry, }) } -func (l *IANNoEntry) Initialize() error { - return nil +func NewIANNoEntry() lint.LintInterface { + return &IANNoEntry{} } func (l *IANNoEntry) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_rfc822_format_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_rfc822_format_invalid.go index 122f2010d..46165145d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_rfc822_format_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_rfc822_format_invalid.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 5280: 4.2.1.7", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &IANEmail{}, + Lint: NewIANEmail, }) } -func (l *IANEmail) Initialize() error { - return nil +func NewIANEmail() lint.LintInterface { + return &IANEmail{} } func (l *IANEmail) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_space_dns_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_space_dns_name.go index 6311236c2..495b82c7d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_space_dns_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_space_dns_name.go @@ -45,12 +45,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &IANSpace{}, + Lint: NewIANSpace, }) } -func (l *IANSpace) Initialize() error { - return nil +func NewIANSpace() lint.LintInterface { + return &IANSpace{} } func (l *IANSpace) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_format_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_format_invalid.go index e461d5bd4..31b20a0dd 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_format_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_format_invalid.go @@ -36,12 +36,12 @@ func init() { Citation: "RFC5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &IANURIFormat{}, + Lint: NewIANURIFormat, }) } -func (l *IANURIFormat) Initialize() error { - return nil +func NewIANURIFormat() lint.LintInterface { + return &IANURIFormat{} } func (l *IANURIFormat) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_host_not_fqdn_or_ip.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_host_not_fqdn_or_ip.go index 70eabf2d5..23afb908c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_host_not_fqdn_or_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_host_not_fqdn_or_ip.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &IANURIFQDNOrIP{}, + Lint: NewIANURIFQDNOrIP, }) } -func (l *IANURIFQDNOrIP) Initialize() error { - return nil +func NewIANURIFQDNOrIP() lint.LintInterface { + return &IANURIFQDNOrIP{} } func (l *IANURIFQDNOrIP) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_not_ia5.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_not_ia5.go index 6fe028648..41004ea36 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_not_ia5.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_not_ia5.go @@ -36,12 +36,12 @@ func init() { Citation: "RFC5280: 4.2.1.7", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &IANURIIA5String{}, + Lint: NewIANURIIA5String, }) } -func (l *IANURIIA5String) Initialize() error { - return nil +func NewIANURIIA5String() lint.LintInterface { + return &IANURIIA5String{} } func (l *IANURIIA5String) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_relative.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_relative.go index 0a14d22f4..7d1112d71 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_relative.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_relative.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 5280: 4.2.1.7", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &uriRelative{}, + Lint: NewUriRelative, }) } -func (l *uriRelative) Initialize() error { - return nil +func NewUriRelative() lint.LintInterface { + return &uriRelative{} } func (l *uriRelative) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_cert_sign_without_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_cert_sign_without_ca.go index 4e2e853fc..655b46ffc 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_cert_sign_without_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_cert_sign_without_ca.go @@ -40,12 +40,12 @@ func init() { Citation: "RFC 5280: 4.2.1.3 & 4.2.1.9", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &keyUsageCertSignNoCa{}, + Lint: NewKeyUsageCertSignNoCa, }) } -func (l *keyUsageCertSignNoCa) Initialize() error { - return nil +func NewKeyUsageCertSignNoCa() lint.LintInterface { + return &keyUsageCertSignNoCa{} } func (l *keyUsageCertSignNoCa) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_not_critical.go index 6bc654694..3a48341fe 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_not_critical.go @@ -31,12 +31,12 @@ func init() { Citation: "RFC 5280: 4.2.1.3", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &checkKeyUsageCritical{}, + Lint: NewCheckKeyUsageCritical, }) } -func (l *checkKeyUsageCritical) Initialize() error { - return nil +func NewCheckKeyUsageCritical() lint.LintInterface { + return &checkKeyUsageCritical{} } func (l *checkKeyUsageCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_without_bits.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_without_bits.go index 4da1b36c9..fe5a918c1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_without_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_without_bits.go @@ -38,12 +38,12 @@ func init() { Citation: "RFC 5280: 4.2.1.3", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &keyUsageBitsSet{}, + Lint: NewKeyUsageBitsSet, }) } -func (l *keyUsageBitsSet) Initialize() error { - return nil +func NewKeyUsageBitsSet() lint.LintInterface { + return &keyUsageBitsSet{} } func (l *keyUsageBitsSet) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_critical.go index 17272b702..81da91dd9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_critical.go @@ -37,16 +37,16 @@ Restrictions are defined in terms of permitted or excluded name func init() { lint.RegisterLint(&lint.Lint{ Name: "e_ext_name_constraints_not_critical", - Description: "If it is included, conforming CAs MUST mark the name constrains extension as critical", + Description: "If it is included, conforming CAs MUST mark the name constraints extension as critical", Citation: "RFC 5280: 4.2.1.10", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &nameConstraintCrit{}, + Lint: NewNameConstraintCrit, }) } -func (l *nameConstraintCrit) Initialize() error { - return nil +func NewNameConstraintCrit() lint.LintInterface { + return &nameConstraintCrit{} } func (l *nameConstraintCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_in_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_in_ca.go index 18c0b7e72..eaedbf6f5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_in_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_in_ca.go @@ -40,12 +40,12 @@ func init() { Citation: "RFC 5280: 4.2.1.10", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &nameConstraintNotCa{}, + Lint: NewNameConstraintNotCa, }) } -func (l *nameConstraintNotCa) Initialize() error { - return nil +func NewNameConstraintNotCa() lint.LintInterface { + return &nameConstraintNotCa{} } func (l *nameConstraintNotCa) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_empty.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_empty.go index d4797f7b0..d7bed987a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_empty.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -40,12 +39,12 @@ func init() { Citation: "RFC 5280: 4.2.1.11", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &policyConstraintsContents{}, + Lint: NewPolicyConstraintsContents, }) } -func (l *policyConstraintsContents) Initialize() error { - return nil +func NewPolicyConstraintsContents() lint.LintInterface { + return &policyConstraintsContents{} } func (l *policyConstraintsContents) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_not_critical.go index 307abff69..6c2f2c40e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_not_critical.go @@ -34,12 +34,12 @@ func init() { Citation: "RFC 5280: 4.2.1.11", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &policyConstraintsCritical{}, + Lint: NewPolicyConstraintsCritical, }) } -func (l *policyConstraintsCritical) Initialize() error { - return nil +func NewPolicyConstraintsCritical() lint.LintInterface { + return &policyConstraintsCritical{} } func (l *policyConstraintsCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_any_policy.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_any_policy.go index 9fb661c37..a25e66d7b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_any_policy.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_any_policy.go @@ -37,12 +37,12 @@ func init() { Citation: "RFC 5280: 4.2.1.5", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &policyMapAnyPolicy{}, + Lint: NewPolicyMapAnyPolicy, }) } -func (l *policyMapAnyPolicy) Initialize() error { - return nil +func NewPolicyMapAnyPolicy() lint.LintInterface { + return &policyMapAnyPolicy{} } func (l *policyMapAnyPolicy) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_critical.go index 4d5d98011..49a4efbb5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_critical.go @@ -35,12 +35,12 @@ func init() { Citation: "RFC 5280: 4.2.1.5", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &policyMapCritical{}, + Lint: NewPolicyMapCritical, }) } -func (l *policyMapCritical) Initialize() error { - return nil +func NewPolicyMapCritical() lint.LintInterface { + return &policyMapCritical{} } func (l *policyMapCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_in_cert_policy.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_in_cert_policy.go index 8906cedc6..1555eec75 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_in_cert_policy.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_in_cert_policy.go @@ -37,12 +37,12 @@ func init() { Citation: "RFC 5280: 4.2.1.5", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &policyMapMatchesCertPolicy{}, + Lint: NewPolicyMapMatchesCertPolicy, }) } -func (l *policyMapMatchesCertPolicy) Initialize() error { - return nil +func NewPolicyMapMatchesCertPolicy() lint.LintInterface { + return &policyMapMatchesCertPolicy{} } func (l *policyMapMatchesCertPolicy) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_name_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_name_too_long.go index daaea49cc..f55b0bff3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_name_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_name_too_long.go @@ -29,12 +29,12 @@ func init() { Citation: "RFC 5280", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &SANDNSTooLong{}, + Lint: NewSANDNSTooLong, }) } -func (l *SANDNSTooLong) Initialize() error { - return nil +func NewSANDNSTooLong() lint.LintInterface { + return &SANDNSTooLong{} } func (l *SANDNSTooLong) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_not_ia5_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_not_ia5_string.go index 46d006845..8dc456bc8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_not_ia5_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_not_ia5_string.go @@ -45,12 +45,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &SANDNSNotIA5String{}, + Lint: NewSANDNSNotIA5String, }) } -func (l *SANDNSNotIA5String) Initialize() error { - return nil +func NewSANDNSNotIA5String() lint.LintInterface { + return &SANDNSNotIA5String{} } func (l *SANDNSNotIA5String) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_empty_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_empty_name.go index 8f1b15229..47256b9b6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_empty_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_empty_name.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -43,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &SANEmptyName{}, + Lint: NewSANEmptyName, }) } -func (l *SANEmptyName) Initialize() error { - return nil +func NewSANEmptyName() lint.LintInterface { + return &SANEmptyName{} } func (l *SANEmptyName) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_no_entries.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_no_entries.go index dae062c72..fef7d8fde 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_no_entries.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_no_entries.go @@ -41,12 +41,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &SANNoEntry{}, + Lint: NewSANNoEntry, }) } -func (l *SANNoEntry) Initialize() error { - return nil +func NewSANNoEntry() lint.LintInterface { + return &SANNoEntry{} } func (l *SANNoEntry) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_not_critical_without_subject.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_not_critical_without_subject.go index 99cf835c1..91e729a94 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_not_critical_without_subject.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_not_critical_without_subject.go @@ -42,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &extSANNotCritNoSubject{}, + Lint: NewExtSANNotCritNoSubject, }) } -func (l *extSANNotCritNoSubject) Initialize() error { - return nil +func NewExtSANNotCritNoSubject() lint.LintInterface { + return &extSANNotCritNoSubject{} } func (l *extSANNotCritNoSubject) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_rfc822_format_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_rfc822_format_invalid.go index 2797f60c2..9364a496d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_rfc822_format_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_rfc822_format_invalid.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &invalidEmail{}, + Lint: NewInvalidEmail, }) } -func (l *invalidEmail) Initialize() error { - return nil +func NewInvalidEmail() lint.LintInterface { + return &invalidEmail{} } func (l *invalidEmail) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_space_dns_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_space_dns_name.go index 8fb6f2197..4b59e987d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_space_dns_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_space_dns_name.go @@ -45,12 +45,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &SANIsSpaceDNS{}, + Lint: NewSANIsSpaceDNS, }) } -func (l *SANIsSpaceDNS) Initialize() error { - return nil +func NewSANIsSpaceDNS() lint.LintInterface { + return &SANIsSpaceDNS{} } func (l *SANIsSpaceDNS) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_format_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_format_invalid.go index de462c86f..6b727d457 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_format_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_format_invalid.go @@ -36,12 +36,12 @@ func init() { Citation: "RFC5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &extSANURIFormatInvalid{}, + Lint: NewExtSANURIFormatInvalid, }) } -func (l *extSANURIFormatInvalid) Initialize() error { - return nil +func NewExtSANURIFormatInvalid() lint.LintInterface { + return &extSANURIFormatInvalid{} } func (l *extSANURIFormatInvalid) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_host_not_fqdn_or_ip.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_host_not_fqdn_or_ip.go index 929e70a91..94d9bd2a1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_host_not_fqdn_or_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_host_not_fqdn_or_ip.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 5280: 4.2.1.7", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &SANURIHost{}, + Lint: NewSANURIHost, }) } -func (l *SANURIHost) Initialize() error { - return nil +func NewSANURIHost() lint.LintInterface { + return &SANURIHost{} } func (l *SANURIHost) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_not_ia5.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_not_ia5.go index ff75b29fc..5e6183655 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_not_ia5.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_not_ia5.go @@ -36,12 +36,12 @@ func init() { Citation: "RFC5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &extSANURINotIA5{}, + Lint: NewExtSANURINotIA5, }) } -func (l *extSANURINotIA5) Initialize() error { - return nil +func NewExtSANURINotIA5() lint.LintInterface { + return &extSANURINotIA5{} } func (l *extSANURINotIA5) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_relative.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_relative.go index 3abfd7095..901cd0a17 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_relative.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_relative.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 5280: 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &extSANURIRelative{}, + Lint: NewExtSANURIRelative, }) } -func (l *extSANURIRelative) Initialize() error { - return nil +func NewExtSANURIRelative() lint.LintInterface { + return &extSANURIRelative{} } func (l *extSANURIRelative) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_directory_attr_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_directory_attr_critical.go index f24fe5c08..f1dbf9f53 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_directory_attr_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_directory_attr_critical.go @@ -37,12 +37,12 @@ func init() { Citation: "RFC 5280: 4.2.1.8", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subDirAttrCrit{}, + Lint: NewSubDirAttrCrit, }) } -func (l *subDirAttrCrit) Initialize() error { - return nil +func NewSubDirAttrCrit() lint.LintInterface { + return &subDirAttrCrit{} } func (l *subDirAttrCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_critical.go index 8979ef13c..9351893ba 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_critical.go @@ -34,12 +34,12 @@ func init() { Citation: "RFC 5280: 4.2.1.2", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectKeyIdCritical{}, + Lint: NewSubjectKeyIdCritical, }) } -func (l *subjectKeyIdCritical) Initialize() error { - return nil +func NewSubjectKeyIdCritical() lint.LintInterface { + return &subjectKeyIdCritical{} } func (l *subjectKeyIdCritical) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_ca.go index 87e1f524e..dc7754cca 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_ca.go @@ -49,12 +49,12 @@ func init() { Citation: "RFC 5280: 4.2 & 4.2.1.2", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectKeyIdMissingCA{}, + Lint: NewSubjectKeyIdMissingCA, }) } -func (l *subjectKeyIdMissingCA) Initialize() error { - return nil +func NewSubjectKeyIdMissingCA() lint.LintInterface { + return &subjectKeyIdMissingCA{} } func (l *subjectKeyIdMissingCA) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_sub_cert.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_sub_cert.go index 9e8932613..791460619 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_sub_cert.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_sub_cert.go @@ -49,12 +49,12 @@ func init() { Citation: "RFC 5280: 4.2 & 4.2.1.2", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectKeyIdMissingSubscriber{}, + Lint: NewSubjectKeyIdMissingSubscriber, }) } -func (l *subjectKeyIdMissingSubscriber) Initialize() error { - return nil +func NewSubjectKeyIdMissingSubscriber() lint.LintInterface { + return &subjectKeyIdMissingSubscriber{} } func (l *subjectKeyIdMissingSubscriber) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_does_not_include_seconds.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_does_not_include_seconds.go index 702e2f703..b6839f8ec 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_does_not_include_seconds.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_does_not_include_seconds.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -45,12 +44,12 @@ func init() { Citation: "RFC 5280: 4.1.2.5.2", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &generalizedNoSeconds{}, + Lint: NewGeneralizedNoSeconds, }) } -func (l *generalizedNoSeconds) Initialize() error { - return nil +func NewGeneralizedNoSeconds() lint.LintInterface { + return &generalizedNoSeconds{} } func (l *generalizedNoSeconds) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_includes_fraction_seconds.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_includes_fraction_seconds.go index 0fb591118..eb0590ce8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_includes_fraction_seconds.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_includes_fraction_seconds.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -45,12 +44,12 @@ func init() { Citation: "RFC 5280: 4.1.2.5.2", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &generalizedTimeFraction{}, + Lint: NewGeneralizedTimeFraction, }) } -func (l *generalizedTimeFraction) Initialize() error { - return nil +func NewGeneralizedTimeFraction() lint.LintInterface { + return &generalizedTimeFraction{} } func (l *generalizedTimeFraction) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_not_in_zulu.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_not_in_zulu.go index 353d7f99f..efdb79519 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_not_in_zulu.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_not_in_zulu.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 5280: 4.1.2.5.2", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &generalizedNotZulu{}, + Lint: NewGeneralizedNotZulu, }) } -func (l *generalizedNotZulu) Initialize() error { - return nil +func NewGeneralizedNotZulu() lint.LintInterface { + return &generalizedNotZulu{} } func (l *generalizedNotZulu) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_malformed_unicode.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_malformed_unicode.go index 65322734b..347d5900d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_malformed_unicode.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_malformed_unicode.go @@ -20,7 +20,6 @@ import ( "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" - "golang.org/x/net/idna" ) type IDNMalformedUnicode struct{} @@ -28,16 +27,16 @@ type IDNMalformedUnicode struct{} func init() { lint.RegisterLint(&lint.Lint{ Name: "e_international_dns_name_not_unicode", - Description: "Internationalized DNSNames punycode not valid unicode", + Description: "Internationalized DNSNames punycode not valid Unicode", Citation: "RFC 3490", EffectiveDate: util.RFC3490Date, Source: lint.RFC5280, - Lint: &IDNMalformedUnicode{}, + Lint: NewIDNMalformedUnicode, }) } -func (l *IDNMalformedUnicode) Initialize() error { - return nil +func NewIDNMalformedUnicode() lint.LintInterface { + return &IDNMalformedUnicode{} } func (l *IDNMalformedUnicode) CheckApplies(c *x509.Certificate) bool { @@ -48,8 +47,8 @@ func (l *IDNMalformedUnicode) Execute(c *x509.Certificate) *lint.LintResult { for _, dns := range c.DNSNames { labels := strings.Split(dns, ".") for _, label := range labels { - if strings.HasPrefix(label, "xn--") { - _, err := idna.ToUnicode(label) + if util.HasXNLabelPrefix(label) { + _, err := util.IdnaToUnicode(label) if err != nil { return &lint.LintResult{Status: lint.Error} } diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_must_be_nfc.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_must_be_nfc.go index 13b69762c..09b7b5e5b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_must_be_nfc.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_must_be_nfc.go @@ -20,7 +20,6 @@ import ( "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" - "golang.org/x/net/idna" "golang.org/x/text/unicode/norm" ) @@ -29,16 +28,16 @@ type IDNNotNFC struct{} func init() { lint.RegisterLint(&lint.Lint{ Name: "e_international_dns_name_not_nfc", - Description: "Internationalized DNSNames must be normalized by unicode normalization form C", + Description: "Internationalized DNSNames must be normalized by Unicode normalization form C", Citation: "RFC 8399", Source: lint.RFC5891, EffectiveDate: util.RFC8399Date, - Lint: &IDNNotNFC{}, + Lint: NewIDNNotNFC, }) } -func (l *IDNNotNFC) Initialize() error { - return nil +func NewIDNNotNFC() lint.LintInterface { + return &IDNNotNFC{} } func (l *IDNNotNFC) CheckApplies(c *x509.Certificate) bool { @@ -49,8 +48,8 @@ func (l *IDNNotNFC) Execute(c *x509.Certificate) *lint.LintResult { for _, dns := range c.DNSNames { labels := strings.Split(dns, ".") for _, label := range labels { - if strings.HasPrefix(label, "xn--") { - unicodeLabel, err := idna.ToUnicode(label) + if util.HasXNLabelPrefix(label) { + unicodeLabel, err := util.IdnaToUnicode(label) if err != nil { return &lint.LintResult{Status: lint.NA} } diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_incorrect_ku_encoding.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_incorrect_ku_encoding.go new file mode 100644 index 000000000..877792556 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_incorrect_ku_encoding.go @@ -0,0 +1,80 @@ +/* + * ZLint Copyright 2022 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package rfc + +import ( + "fmt" + "math/big" + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_incorrect_ku_encoding", + Description: "RFC 5280 Section 4.2.1.3 describes the value of a KeyUsage to be a DER encoded BitString, which itself defines that all trailing 0 bits be counted as being \"unused\".", + Citation: "Where ITU-T Rec. X.680 | ISO/IEC 8824-1, 21.7, applies, the bitstring shall have all trailing 0 bits removed before it is encoded.", + Source: lint.RFC5280, + EffectiveDate: util.ZeroDate, + Lint: func() lint.LintInterface { return &incorrectKuEncoding{} }, + }) +} + +type incorrectKuEncoding struct{} + +func NewIncorrectKuEncoding() lint.LintInterface { + return &incorrectKuEncoding{} +} + +func (l *incorrectKuEncoding) CheckApplies(c *x509.Certificate) bool { + ku := util.GetExtFromCert(c, util.KeyUsageOID) + return ku != nil && len(ku.Value) > 0 +} + +func (l *incorrectKuEncoding) Execute(c *x509.Certificate) *lint.LintResult { + ku := util.GetExtFromCert(c, util.KeyUsageOID).Value + if len(ku) < 4 { + return &lint.LintResult{ + Status: lint.Fatal, + Details: fmt.Sprintf("KeyUsage encodings must be at least four bytes long. Got %d bytes", len(ku)), + } + } + // Byte 0: Tag + // Byte 1: Length + // Byte 2: Unused bits + // Bytes 3..n: KeyUsage + declaredUnused := uint(ku[2]) + actualUnused := big.NewInt(0).SetBytes(ku[3:]).TrailingZeroBits() + if declaredUnused == actualUnused { + return &lint.LintResult{Status: lint.Pass} + } + // Just a bit of formatting to a visualized binary form so + // it's easier for users to see what the exact binary that + // we're referring to so that they can debug their own certs. + binary := make([]string, len(ku)) + for i, b := range ku { + binary[i] = fmt.Sprintf("%08b", b) + } + return &lint.LintResult{ + Status: lint.Error, + Details: fmt.Sprintf( + "KeyUsage contains an inefficient encoding wherein the number of 'unused bits' is declared to be "+ + "%d, but it should be %d. Raw Bytes: %v, Raw Binary: [%s]", + declaredUnused, actualUnused, ku, strings.Join(binary, " "), + )} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_inhibit_any_policy_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_inhibit_any_policy_not_critical.go index 93cb4b654..4473eeae1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_inhibit_any_policy_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_inhibit_any_policy_not_critical.go @@ -44,12 +44,12 @@ func init() { Citation: "RFC 5280: 4.2.1.14", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &InhibitAnyPolicyNotCritical{}, + Lint: NewInhibitAnyPolicyNotCritical, }) } -func (l *InhibitAnyPolicyNotCritical) Initialize() error { - return nil +func NewInhibitAnyPolicyNotCritical() lint.LintInterface { + return &InhibitAnyPolicyNotCritical{} } func (l *InhibitAnyPolicyNotCritical) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_dn_country_not_printable_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_dn_country_not_printable_string.go index 504a36d33..09895f94f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_dn_country_not_printable_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_dn_country_not_printable_string.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -31,12 +30,12 @@ func init() { Citation: "RFC 5280: Appendix A", Source: lint.RFC5280, EffectiveDate: util.ZeroDate, - Lint: &IssuerDNCountryNotPrintableString{}, + Lint: NewIssuerDNCountryNotPrintableString, }) } -func (l *IssuerDNCountryNotPrintableString) Initialize() error { - return nil +func NewIssuerDNCountryNotPrintableString() lint.LintInterface { + return &IssuerDNCountryNotPrintableString{} } func (l *IssuerDNCountryNotPrintableString) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_field_empty.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_field_empty.go index f13c26ad0..312cf4c5b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_field_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_field_empty.go @@ -37,12 +37,12 @@ func init() { Citation: "RFC 5280: 4.1.2.4", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &issuerFieldEmpty{}, + Lint: NewIssuerFieldEmpty, }) } -func (l *issuerFieldEmpty) Initialize() error { - return nil +func NewIssuerFieldEmpty() lint.LintInterface { + return &issuerFieldEmpty{} } func (l *issuerFieldEmpty) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_key_usage_incorrect_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_key_usage_incorrect_length.go new file mode 100644 index 000000000..47bd9041c --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_key_usage_incorrect_length.go @@ -0,0 +1,67 @@ +package rfc + +/* + * ZLint Copyright 2022 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "encoding/asn1" + "fmt" + "math/big" + + "golang.org/x/crypto/cryptobyte" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type keyUsageIncorrectLength struct{} + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_key_usage_incorrect_length", + Description: "The key usage is a bit string with exactly nine possible flags", + Citation: "RFC 5280: 4.2.1.3", + Source: lint.RFC5280, + EffectiveDate: util.RFC5280Date, + Lint: NewKeyUsageIncorrectLength, + }) +} + +func NewKeyUsageIncorrectLength() lint.LintInterface { + return &keyUsageIncorrectLength{} +} + +func (l *keyUsageIncorrectLength) CheckApplies(c *x509.Certificate) bool { + return util.IsExtInCert(c, util.KeyUsageOID) +} + +func keyUsageIncorrectLengthBytes(kuBytes []byte) *lint.LintResult { + keyUsageExt := cryptobyte.String(kuBytes) + var keyUsageVal asn1.BitString + ok := keyUsageExt.ReadASN1BitString(&keyUsageVal) + if !ok { + return &lint.LintResult{Status: lint.Error, Details: fmt.Sprintf("the key usage (%v) extension is not parseable.", kuBytes)} + } + unused := kuBytes[2] + kuBig := big.NewInt(0).SetBytes(keyUsageVal.Bytes) + if !kuBig.IsInt64() || kuBig.Int64()>>unused >= 512 { + return &lint.LintResult{Status: lint.Error, Details: fmt.Sprintf("the key usage (%v) contains a value that is out of bounds of the range of possible KU values. (raw ASN: %v)", keyUsageVal.Bytes, kuBytes)} + } + return &lint.LintResult{Status: lint.Pass} +} + +func (l *keyUsageIncorrectLength) Execute(c *x509.Certificate) *lint.LintResult { + return keyUsageIncorrectLengthBytes(util.GetExtFromCert(c, util.KeyUsageOID).Value) +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_empty.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_empty.go index 958bca660..7815ee099 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_empty.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -43,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2.1.10", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &nameConstraintEmpty{}, + Lint: NewNameConstraintEmpty, }) } -func (l *nameConstraintEmpty) Initialize() error { - return nil +func NewNameConstraintEmpty() lint.LintInterface { + return &nameConstraintEmpty{} } func (l *nameConstraintEmpty) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_maximum_not_absent.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_maximum_not_absent.go index 2a5c653f2..c8a25c9ec 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_maximum_not_absent.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_maximum_not_absent.go @@ -40,12 +40,12 @@ func init() { Citation: "RFC 5280: 4.2.1.10", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &nameConstraintMax{}, + Lint: NewNameConstraintMax, }) } -func (l *nameConstraintMax) Initialize() error { - return nil +func NewNameConstraintMax() lint.LintInterface { + return &nameConstraintMax{} } func (l *nameConstraintMax) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_minimum_non_zero.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_minimum_non_zero.go index a64a67b64..1393ac743 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_minimum_non_zero.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_minimum_non_zero.go @@ -40,12 +40,12 @@ func init() { Citation: "RFC 5280: 4.2.1.10", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &nameConstMin{}, + Lint: NewNameConstMin, }) } -func (l *nameConstMin) Initialize() error { - return nil +func NewNameConstMin() lint.LintInterface { + return &nameConstMin{} } func (l *nameConstMin) CheckApplies(c *x509.Certificate) bool { @@ -53,6 +53,7 @@ func (l *nameConstMin) CheckApplies(c *x509.Certificate) bool { } //nolint:gocyclo +//nolint:cyclop func (l *nameConstMin) Execute(c *x509.Certificate) *lint.LintResult { for _, i := range c.PermittedDNSNames { if i.Min != 0 { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_not_fqdn.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_not_fqdn.go index ae283df50..1775472af 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_not_fqdn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_not_fqdn.go @@ -43,12 +43,12 @@ func init() { Citation: "RFC 5280: 4.2.1.10", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &nameConstraintNotFQDN{}, + Lint: NewNameConstraintNotFQDN, }) } -func (l *nameConstraintNotFQDN) Initialize() error { - return nil +func NewNameConstraintNotFQDN() lint.LintInterface { + return &nameConstraintNotFQDN{} } func (l *nameConstraintNotFQDN) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_edi_party_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_edi_party_name.go index 13150c7cd..7aee6c9d1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_edi_party_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_edi_party_name.go @@ -42,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2.1.10", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &nameConstraintOnEDI{}, + Lint: NewNameConstraintOnEDI, }) } -func (l *nameConstraintOnEDI) Initialize() error { - return nil +func NewNameConstraintOnEDI() lint.LintInterface { + return &nameConstraintOnEDI{} } func (l *nameConstraintOnEDI) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_registered_id.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_registered_id.go index 583c680fb..e626d55c3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_registered_id.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_registered_id.go @@ -42,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2.1.10", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &nameConstraintOnRegisteredId{}, + Lint: NewNameConstraintOnRegisteredId, }) } -func (l *nameConstraintOnRegisteredId) Initialize() error { - return nil +func NewNameConstraintOnRegisteredId() lint.LintInterface { + return &nameConstraintOnRegisteredId{} } func (l *nameConstraintOnRegisteredId) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_x400.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_x400.go index 1bfb012c0..42fb5c67c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_x400.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_x400.go @@ -42,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2.1.10", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &nameConstraintOnX400{}, + Lint: NewNameConstraintOnX400, }) } -func (l *nameConstraintOnX400) Initialize() error { - return nil +func NewNameConstraintOnX400() lint.LintInterface { + return &nameConstraintOnX400{} } func (l *nameConstraintOnX400) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_improperly_included.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_improperly_included.go index 7fc68a799..7d08aff28 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_improperly_included.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_improperly_included.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -38,12 +37,12 @@ func init() { Citation: "RFC 5280: 4.2.1.9", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &pathLenIncluded{}, + Lint: NewPathLenIncluded, }) } -func (l *pathLenIncluded) Initialize() error { - return nil +func NewPathLenIncluded() lint.LintInterface { + return &pathLenIncluded{} } func (l *pathLenIncluded) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_zero_or_less.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_zero_or_less.go index 0bc2d0892..44f20bde2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_zero_or_less.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_zero_or_less.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -53,12 +52,12 @@ func init() { Citation: "RFC 5280: 4.2.1.9", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &pathLenNonPositive{}, + Lint: NewPathLenNonPositive, }) } -func (l *pathLenNonPositive) Initialize() error { - return nil +func NewPathLenNonPositive() lint.LintInterface { + return &pathLenNonPositive{} } func (l *pathLenNonPositive) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ca.go new file mode 100644 index 000000000..158c055ab --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ca.go @@ -0,0 +1,94 @@ +/* + * ZLint Copyright 2022 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package rfc + +import ( + "fmt" + "sort" + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type rsaAllowedKUCa struct{} + +/************************************************ +RFC 3279: 2.3.1 RSA Keys + If the keyUsage extension is present in a CA or CRL issuer + certificate which conveys an RSA public key, any combination of the + following values MAY be present: + + digitalSignature; + nonRepudiation; + keyEncipherment; + dataEncipherment; + keyCertSign; and + cRLSign. +************************************************/ + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_rsa_allowed_ku_ca", + Description: "Key usage values digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyCertSign, and cRLSign may only be present in a CA certificate with an RSA key", + Citation: "RFC 3279: 2.3.1", + Source: lint.RFC3279, + EffectiveDate: util.RFC3279Date, + Lint: NewRsaAllowedKUCa, + }) +} + +func NewRsaAllowedKUCa() lint.LintInterface { + return &rsaAllowedKUCa{} +} + +func (l *rsaAllowedKUCa) CheckApplies(c *x509.Certificate) bool { + return c.PublicKeyAlgorithm == x509.RSA && util.HasKeyUsageOID(c) && util.IsCACert(c) +} + +func (l *rsaAllowedKUCa) Execute(c *x509.Certificate) *lint.LintResult { + + //KeyUsageDigitalSignature: allowed + //KeyUsageContentCommitment: allowed + //KeyUsageKeyEncipherment: allowed + //KeyUsageDataEncipherment: allowed + //KeyUsageKeyAgreement: not allowed + //KeyUsageCertSign: allowed + //KeyUsageCRLSign: allowed + //KeyUsageEncipherOnly: not allowed + //KeyUsageDecipherOnly: not allowed + + var invalidKUs []string + + disallowedKUs := [3]x509.KeyUsage{x509.KeyUsageKeyAgreement, x509.KeyUsageEncipherOnly, x509.KeyUsageDecipherOnly} + + for _, disallowedKU := range disallowedKUs { + if util.HasKeyUsage(c, disallowedKU) { + invalidKUs = append(invalidKUs, util.KeyUsageToString[disallowedKU]) + } + } + + if len(invalidKUs) > 0 { + // Sort the invalid KUs to allow consistent ordering of Details messages for unit testing + sort.Strings(invalidKUs) + return &lint.LintResult{ + Status: lint.Error, + Details: fmt.Sprintf("CA certificate with an RSA key contains invalid key usage(s): %s", strings.Join(invalidKUs, ", ")), + } + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ee.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ee.go new file mode 100644 index 000000000..4902a758a --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ee.go @@ -0,0 +1,92 @@ +/* + * ZLint Copyright 2022 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package rfc + +import ( + "fmt" + "sort" + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type rsaAllowedKUEe struct{} + +/************************************************ +RFC 3279: 2.3.1 RSA Keys + If the keyUsage extension is present in an end entity certificate + which conveys an RSA public key, any combination of the following + values MAY be present: + + digitalSignature; + nonRepudiation; + keyEncipherment; and + dataEncipherment. +************************************************/ + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_rsa_allowed_ku_ee", + Description: "Key usage values digitalSignature, nonRepudiation, keyEncipherment, and dataEncipherment may only be present in an end entity certificate with an RSA key", + Citation: "RFC 3279: 2.3.1", + Source: lint.RFC3279, + EffectiveDate: util.RFC3279Date, + Lint: NewRsaAllowedKUEe, + }) +} + +func NewRsaAllowedKUEe() lint.LintInterface { + return &rsaAllowedKUEe{} +} + +func (l *rsaAllowedKUEe) CheckApplies(c *x509.Certificate) bool { + return c.PublicKeyAlgorithm == x509.RSA && util.HasKeyUsageOID(c) && util.IsSubscriberCert(c) +} + +func (l *rsaAllowedKUEe) Execute(c *x509.Certificate) *lint.LintResult { + + //KeyUsageDigitalSignature: allowed + //KeyUsageContentCommitment: allowed + //KeyUsageKeyEncipherment: allowed + //KeyUsageDataEncipherment: allowed + //KeyUsageKeyAgreement: not allowed + //KeyUsageCertSign: not allowed + //KeyUsageCRLSign: not allowed + //KeyUsageEncipherOnly: not allowed + //KeyUsageDecipherOnly: not allowed + + var invalidKUs []string + + disallowedKUs := [5]x509.KeyUsage{x509.KeyUsageKeyAgreement, x509.KeyUsageCertSign, x509.KeyUsageCRLSign, x509.KeyUsageEncipherOnly, x509.KeyUsageDecipherOnly} + + for _, disallowedKU := range disallowedKUs { + if util.HasKeyUsage(c, disallowedKU) { + invalidKUs = append(invalidKUs, util.KeyUsageToString[disallowedKU]) + } + } + + if len(invalidKUs) > 0 { + // Sort the invalid KUs to allow consistent ordering of Details messages for unit testing + sort.Strings(invalidKUs) + return &lint.LintResult{ + Status: lint.Error, + Details: fmt.Sprintf("Subscriber certificate with an RSA key contains invalid key usage(s): %s", strings.Join(invalidKUs, ", ")), + } + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_no_encipherment_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_no_encipherment_ca.go new file mode 100644 index 000000000..a8d74bf57 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_no_encipherment_ca.go @@ -0,0 +1,71 @@ +/* + * ZLint Copyright 2022 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package rfc + +import ( + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type rsaAllowedKUCaNoEncipherment struct{} + +/************************************************ +RFC 3279: 2.3.1 RSA Keys + If the keyUsage extension is present in a CA or CRL issuer + certificate which conveys an RSA public key, any combination of the + following values MAY be present: + + digitalSignature; + nonRepudiation; + keyEncipherment; + dataEncipherment; + keyCertSign; and + cRLSign. + + However, this specification RECOMMENDS that if keyCertSign or cRLSign + is present, both keyEncipherment and dataEncipherment SHOULD NOT be + present. +************************************************/ + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_rsa_allowed_ku_no_encipherment_ca", + Description: "If Key usage value keyCertSign or cRLSign is present in a CA certificate both keyEncipherment and dataEncipherment SHOULD NOT be present", + Citation: "RFC 3279: 2.3.1", + Source: lint.RFC3279, + EffectiveDate: util.RFC3279Date, + Lint: NewRsaAllowedKUCaNoEncipherment, + }) +} + +func NewRsaAllowedKUCaNoEncipherment() lint.LintInterface { + return &rsaAllowedKUCaNoEncipherment{} +} + +func (l *rsaAllowedKUCaNoEncipherment) CheckApplies(c *x509.Certificate) bool { + return c.PublicKeyAlgorithm == x509.RSA && util.HasKeyUsageOID(c) && util.IsCACert(c) +} + +func (l *rsaAllowedKUCaNoEncipherment) Execute(c *x509.Certificate) *lint.LintResult { + + if util.HasKeyUsage(c, x509.KeyUsageCertSign) || util.HasKeyUsage(c, x509.KeyUsageCRLSign) { + if util.HasKeyUsage(c, x509.KeyUsageKeyEncipherment) || util.HasKeyUsage(c, x509.KeyUsageDataEncipherment) { + return &lint.LintResult{Status: lint.Error, Details: "CA certificate with an RSA key and key usage keyCertSign and/or cRLSign has additionally keyEncipherment and/or dataEncipherment key usage"} + } + } + + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_longer_than_20_octets.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_longer_than_20_octets.go index 71f661b71..0e490c60a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_longer_than_20_octets.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_longer_than_20_octets.go @@ -15,9 +15,9 @@ package rfc */ import ( - "encoding/asn1" "fmt" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -49,12 +49,12 @@ func init() { Citation: "RFC 5280: 4.1.2.2", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &serialNumberTooLong{}, + Lint: NewSerialNumberTooLong, }) } -func (l *serialNumberTooLong) Initialize() error { - return nil +func NewSerialNumberTooLong() lint.LintInterface { + return &serialNumberTooLong{} } func (l *serialNumberTooLong) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_not_positive.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_not_positive.go index c2cc41900..de3d2848f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_not_positive.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_not_positive.go @@ -46,12 +46,12 @@ func init() { Citation: "RFC 5280: 4.1.2.2", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &SerialNumberNotPositive{}, + Lint: NewSerialNumberNotPositive, }) } -func (l *SerialNumberNotPositive) Initialize() error { - return nil +func NewSerialNumberNotPositive() lint.LintInterface { + return &SerialNumberNotPositive{} } func (l *SerialNumberNotPositive) CheckApplies(cert *x509.Certificate) bool { @@ -59,7 +59,9 @@ func (l *SerialNumberNotPositive) CheckApplies(cert *x509.Certificate) bool { } func (l *SerialNumberNotPositive) Execute(cert *x509.Certificate) *lint.LintResult { - if cert.SerialNumber.Sign() == -1 { // -1 Means negative when using big.Sign() + // -1 Means negative when using big.Sign() + // As per the BitLen docs, "The bit length of 0 is 0." + if cert.SerialNumber.Sign() == -1 || cert.SerialNumber.BitLen() == 0 { return &lint.LintResult{Status: lint.Error} } else { return &lint.LintResult{Status: lint.Pass} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_spki_rsa_encryption_parameter_not_null.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_spki_rsa_encryption_parameter_not_null.go index b4c6a0fbc..af73101ab 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_spki_rsa_encryption_parameter_not_null.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_spki_rsa_encryption_parameter_not_null.go @@ -36,12 +36,12 @@ func init() { Citation: "RFC 4055, Section 1.2", Source: lint.RFC5280, // RFC4055 is referenced in lint.RFC5280, Section 1 EffectiveDate: util.RFC5280Date, - Lint: &rsaSPKIEncryptionParamNotNULL{}, + Lint: NewRsaSPKIEncryptionParamNotNULL, }) } -func (l *rsaSPKIEncryptionParamNotNULL) Initialize() error { - return nil +func NewRsaSPKIEncryptionParamNotNULL() lint.LintInterface { + return &rsaSPKIEncryptionParamNotNULL{} } func (l *rsaSPKIEncryptionParamNotNULL) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_common_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_common_name_max_length.go index 7a6daeef0..1fdf5f2ec 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_common_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_common_name_max_length.go @@ -38,12 +38,12 @@ func init() { Citation: "RFC 5280: A.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectCommonNameMaxLength{}, + Lint: NewSubjectCommonNameMaxLength, }) } -func (l *subjectCommonNameMaxLength) Initialize() error { - return nil +func NewSubjectCommonNameMaxLength() lint.LintInterface { + return &subjectCommonNameMaxLength{} } func (l *subjectCommonNameMaxLength) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_country_not_printable_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_country_not_printable_string.go index e1ad97aa7..22efb3d4a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_country_not_printable_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_country_not_printable_string.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -31,12 +30,12 @@ func init() { Citation: "RFC 5280: Appendix A", Source: lint.RFC5280, EffectiveDate: util.ZeroDate, - Lint: &SubjectDNCountryNotPrintableString{}, + Lint: NewSubjectDNCountryNotPrintableString, }) } -func (l *SubjectDNCountryNotPrintableString) Initialize() error { - return nil +func NewSubjectDNCountryNotPrintableString() lint.LintInterface { + return &SubjectDNCountryNotPrintableString{} } func (l *SubjectDNCountryNotPrintableString) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_not_printable_characters.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_not_printable_characters.go index f5f97e5e5..2a6b710da 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_not_printable_characters.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_not_printable_characters.go @@ -15,9 +15,9 @@ package rfc import ( - "encoding/asn1" "unicode/utf8" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -32,12 +32,12 @@ func init() { Citation: "RFC 5280: Appendix A", Source: lint.RFC5280, EffectiveDate: util.ZeroDate, - Lint: &subjectDNNotPrintableCharacters{}, + Lint: NewSubjectDNNotPrintableCharacters, }) } -func (l *subjectDNNotPrintableCharacters) Initialize() error { - return nil +func NewSubjectDNNotPrintableCharacters() lint.LintInterface { + return &subjectDNNotPrintableCharacters{} } func (l *subjectDNNotPrintableCharacters) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_max_length.go index f84855e62..66bf32635 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_max_length.go @@ -31,12 +31,12 @@ func init() { Citation: "RFC 5280: Appendix A", Source: lint.RFC5280, EffectiveDate: util.ZeroDate, - Lint: &SubjectDNSerialNumberMaxLength{}, + Lint: NewSubjectDNSerialNumberMaxLength, }) } -func (l *SubjectDNSerialNumberMaxLength) Initialize() error { - return nil +func NewSubjectDNSerialNumberMaxLength() lint.LintInterface { + return &SubjectDNSerialNumberMaxLength{} } func (l *SubjectDNSerialNumberMaxLength) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_not_printable_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_not_printable_string.go index 18b54c57e..ee904cb92 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_not_printable_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_not_printable_string.go @@ -15,8 +15,7 @@ package rfc */ import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -31,12 +30,12 @@ func init() { Citation: "RFC 5280: Appendix A", Source: lint.RFC5280, EffectiveDate: util.ZeroDate, - Lint: &SubjectDNSerialNumberNotPrintableString{}, + Lint: NewSubjectDNSerialNumberNotPrintableString, }) } -func (l *SubjectDNSerialNumberNotPrintableString) Initialize() error { - return nil +func NewSubjectDNSerialNumberNotPrintableString() lint.LintInterface { + return &SubjectDNSerialNumberNotPrintableString{} } func (l *SubjectDNSerialNumberNotPrintableString) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_email_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_email_max_length.go index 88259b731..1e2721f8d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_email_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_email_max_length.go @@ -45,12 +45,12 @@ func init() { Citation: "RFC 5280: A.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectEmailMaxLength{}, + Lint: NewSubjectEmailMaxLength, }) } -func (l *subjectEmailMaxLength) Initialize() error { - return nil +func NewSubjectEmailMaxLength() lint.LintInterface { + return &subjectEmailMaxLength{} } func (l *subjectEmailMaxLength) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_empty_without_san.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_empty_without_san.go index 17649ea5a..ff830bf49 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_empty_without_san.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_empty_without_san.go @@ -42,12 +42,12 @@ func init() { Citation: "RFC 5280: 4.2 & 4.2.1.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &emptyWithoutSAN{}, + Lint: NewEmptyWithoutSAN, }) } -func (l *emptyWithoutSAN) Initialize() error { - return nil +func NewEmptyWithoutSAN() lint.LintInterface { + return &emptyWithoutSAN{} } func (l *emptyWithoutSAN) CheckApplies(cert *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_max_length.go index 2de691db6..1c06daf54 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_max_length.go @@ -26,25 +26,42 @@ type subjectGivenNameMaxLength struct{} /************************************************ RFC 5280: A.1 - * In this Appendix, there is a list of upperbounds - for fields in a x509 Certificate. * - ub-given-name-length INTEGER ::= 16 +-- Naming attributes of type X520name +id-at-givenName AttributeType ::= { id-at 42 } + +-- Naming attributes of type X520Name: +-- X520name ::= DirectoryString (SIZE (1..ub-name)) +-- +-- Expanded to avoid parameterized type: +X520name ::= CHOICE { + teletexString TeletexString (SIZE (1..ub-name)), + printableString PrintableString (SIZE (1..ub-name)), + universalString UniversalString (SIZE (1..ub-name)), + utf8String UTF8String (SIZE (1..ub-name)), + bmpString BMPString (SIZE (1..ub-name)) } + +-- specifications of Upper Bounds MUST be regarded as mandatory +-- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter +-- Upper Bounds + +-- Upper Bounds +ub-name INTEGER ::= 32768 ************************************************/ func init() { lint.RegisterLint(&lint.Lint{ Name: "e_subject_given_name_max_length", - Description: "The 'GivenName' field of the subject MUST be less than 17 characters", + Description: "The 'GivenName' field of the subject MUST be less than 32769 characters", Citation: "RFC 5280: A.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectGivenNameMaxLength{}, + Lint: NewSubjectGivenNameMaxLength, }) } -func (l *subjectGivenNameMaxLength) Initialize() error { - return nil +func NewSubjectGivenNameMaxLength() lint.LintInterface { + return &subjectGivenNameMaxLength{} } func (l *subjectGivenNameMaxLength) CheckApplies(c *x509.Certificate) bool { @@ -52,11 +69,11 @@ func (l *subjectGivenNameMaxLength) CheckApplies(c *x509.Certificate) bool { } func (l *subjectGivenNameMaxLength) Execute(c *x509.Certificate) *lint.LintResult { - for _, j := range c.Subject.GivenName { - if utf8.RuneCountInString(j) > 16 { + for _, givenName := range c.Subject.GivenName { + characters := utf8.RuneCountInString(givenName) + if characters > 32768 { return &lint.LintResult{Status: lint.Error} } } - return &lint.LintResult{Status: lint.Pass} } diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_recommended_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_recommended_max_length.go new file mode 100644 index 000000000..1c6cb2c08 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_recommended_max_length.go @@ -0,0 +1,62 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package rfc + +import ( + "unicode/utf8" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +/************************************************ +RFC 5280: A.1 +-- specifications of Upper Bounds MUST be regarded as mandatory +-- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter +-- Upper Bounds +************************************************/ + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "w_subject_given_name_recommended_max_length", + Description: "X.411 (1988) describes ub-common-name-length to be 64 bytes long. As systems may have " + + "targeted this length, for compatibility purposes it may be prudent to limit given names to this length.", + Citation: "ITU-T Rec. X.411 (11/1988), Annex B Reference Definition of MTS Parameter Upper Bounds", + Source: lint.RFC5280, + EffectiveDate: util.RFC2459Date, + Lint: NewSubjectGivenNameRecommendedMaxLength, + }) +} + +func NewSubjectGivenNameRecommendedMaxLength() lint.LintInterface { + return &SubjectGivenNameRecommendedMaxLength{} +} + +type SubjectGivenNameRecommendedMaxLength struct{} + +func (l *SubjectGivenNameRecommendedMaxLength) CheckApplies(c *x509.Certificate) bool { + return true +} + +func (l *SubjectGivenNameRecommendedMaxLength) Execute(c *x509.Certificate) *lint.LintResult { + for _, givenName := range c.Subject.GivenName { + characters := utf8.RuneCountInString(givenName) + if characters > 64 { + return &lint.LintResult{Status: lint.Warn} + } + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_info_access_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_info_access_marked_critical.go index 9cc46945b..8e5ef2e04 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_info_access_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_info_access_marked_critical.go @@ -33,12 +33,12 @@ func init() { Citation: "RFC 5280: 4.2.2.2", Source: lint.RFC5280, EffectiveDate: util.RFC3280Date, - Lint: &siaCrit{}, + Lint: NewSiaCrit, }) } -func (l *siaCrit) Initialize() error { - return nil +func NewSiaCrit() lint.LintInterface { + return &siaCrit{} } func (l *siaCrit) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_locality_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_locality_name_max_length.go index 7268f3f01..d9a95bd2b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_locality_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_locality_name_max_length.go @@ -38,12 +38,12 @@ func init() { Citation: "RFC 5280: A.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectLocalityNameMaxLength{}, + Lint: NewSubjectLocalityNameMaxLength, }) } -func (l *subjectLocalityNameMaxLength) Initialize() error { - return nil +func NewSubjectLocalityNameMaxLength() lint.LintInterface { + return &subjectLocalityNameMaxLength{} } func (l *subjectLocalityNameMaxLength) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_not_dn.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_not_dn.go index e0ad56e57..53b8cae94 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_not_dn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_not_dn.go @@ -41,12 +41,12 @@ func init() { Citation: "RFC 5280: 4.1.2.6", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectDN{}, + Lint: NewSubjectDN, }) } -func (l *subjectDN) Initialize() error { - return nil +func NewSubjectDN() lint.LintInterface { + return &subjectDN{} } func (l *subjectDN) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organization_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organization_name_max_length.go index 7a18e338d..32bef29b9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organization_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organization_name_max_length.go @@ -38,12 +38,12 @@ func init() { Citation: "RFC 5280: A.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectOrganizationNameMaxLength{}, + Lint: NewSubjectOrganizationNameMaxLength, }) } -func (l *subjectOrganizationNameMaxLength) Initialize() error { - return nil +func NewSubjectOrganizationNameMaxLength() lint.LintInterface { + return &subjectOrganizationNameMaxLength{} } func (l *subjectOrganizationNameMaxLength) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organizational_unit_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organizational_unit_name_max_length.go index 2b7a0b659..33704853d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organizational_unit_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organizational_unit_name_max_length.go @@ -38,12 +38,12 @@ func init() { Citation: "RFC 5280: A.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectOrganizationalUnitNameMaxLength{}, + Lint: NewSubjectOrganizationalUnitNameMaxLength, }) } -func (l *subjectOrganizationalUnitNameMaxLength) Initialize() error { - return nil +func NewSubjectOrganizationalUnitNameMaxLength() lint.LintInterface { + return &subjectOrganizationalUnitNameMaxLength{} } func (l *subjectOrganizationalUnitNameMaxLength) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_postal_code_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_postal_code_max_length.go index f23770dfd..62837d2b4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_postal_code_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_postal_code_max_length.go @@ -39,12 +39,12 @@ func init() { Citation: "RFC 5280: A.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectPostalCodeMaxLength{}, + Lint: NewSubjectPostalCodeMaxLength, }) } -func (l *subjectPostalCodeMaxLength) Initialize() error { - return nil +func NewSubjectPostalCodeMaxLength() lint.LintInterface { + return &subjectPostalCodeMaxLength{} } func (l *subjectPostalCodeMaxLength) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_printable_string_badalpha.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_printable_string_badalpha.go index 801fa92fc..b54b5b7a5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_printable_string_badalpha.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_printable_string_badalpha.go @@ -15,16 +15,31 @@ package rfc import ( - "encoding/asn1" "errors" "fmt" "regexp" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" ) +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_subject_printable_string_badalpha", + Description: "PrintableString type's alphabet only includes a-z, A-Z, 0-9, and 11 special characters", + Citation: "RFC 5280: Appendix B. ASN.1 Notes", + Source: lint.RFC5280, + EffectiveDate: util.RFC2459Date, + Lint: NewSubjectPrintableStringBadAlpha, + }) +} + +func NewSubjectPrintableStringBadAlpha() lint.LintInterface { + return &subjectPrintableStringBadAlpha{} +} + var ( // Per RFC 5280, Appendix B. ASN.1 Notes: // The character string type PrintableString supports a very basic Latin @@ -46,21 +61,6 @@ func validatePrintableString(rawPS []byte) error { type subjectPrintableStringBadAlpha struct { } -func init() { - lint.RegisterLint(&lint.Lint{ - Name: "e_subject_printable_string_badalpha", - Description: "PrintableString type's alphabet only includes a-z, A-Z, 0-9, and 11 special characters", - Citation: "RFC 5280: Appendix B. ASN.1 Notes", - Source: lint.RFC5280, - EffectiveDate: util.RFC2459Date, - Lint: &subjectPrintableStringBadAlpha{}, - }) -} - -func (l *subjectPrintableStringBadAlpha) Initialize() error { - return nil -} - // CheckApplies returns true for any certificate with a non-empty RawSubject. func (l *subjectPrintableStringBadAlpha) CheckApplies(c *x509.Certificate) bool { return len(c.RawSubject) > 0 diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_state_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_state_name_max_length.go index 172aea8a3..479e0d0e5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_state_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_state_name_max_length.go @@ -38,12 +38,12 @@ func init() { Citation: "RFC 5280: A.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectStateNameMaxLength{}, + Lint: NewSubjectStateNameMaxLength, }) } -func (l *subjectStateNameMaxLength) Initialize() error { - return nil +func NewSubjectStateNameMaxLength() lint.LintInterface { + return &subjectStateNameMaxLength{} } func (l *subjectStateNameMaxLength) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_street_address_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_street_address_max_length.go index 5459853e5..8b003fd56 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_street_address_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_street_address_max_length.go @@ -37,12 +37,12 @@ func init() { Citation: "ITU-T X.520 (02/2001) UpperBounds", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectStreetAddressMaxLength{}, + Lint: NewSubjectStreetAddressMaxLength, }) } -func (l *subjectStreetAddressMaxLength) Initialize() error { - return nil +func NewSubjectStreetAddressMaxLength() lint.LintInterface { + return &subjectStreetAddressMaxLength{} } func (l *subjectStreetAddressMaxLength) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_max_length.go index 0053127da..4dfa67a82 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_max_length.go @@ -26,25 +26,42 @@ type subjectSurnameMaxLength struct{} /************************************************ RFC 5280: A.1 - * In this Appendix, there is a list of upperbounds - for fields in a x509 Certificate. * - ub-surname-length INTEGER ::= 40 +-- Naming attributes of type X520name +id-at-surname AttributeType ::= { id-at 4 } + +-- Naming attributes of type X520Name: +-- X520name ::= DirectoryString (SIZE (1..ub-name)) +-- +-- Expanded to avoid parameterized type: +X520name ::= CHOICE { + teletexString TeletexString (SIZE (1..ub-name)), + printableString PrintableString (SIZE (1..ub-name)), + universalString UniversalString (SIZE (1..ub-name)), + utf8String UTF8String (SIZE (1..ub-name)), + bmpString BMPString (SIZE (1..ub-name)) } + +-- specifications of Upper Bounds MUST be regarded as mandatory +-- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter +-- Upper Bounds + +-- Upper Bounds +ub-name INTEGER ::= 32768 ************************************************/ func init() { lint.RegisterLint(&lint.Lint{ Name: "e_subject_surname_max_length", - Description: "The 'Surname' field of the subject MUST be less than 41 characters", + Description: "The 'Surname' field of the subject MUST be less than 32769 characters", Citation: "RFC 5280: A.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &subjectSurnameMaxLength{}, + Lint: NewSubjectSurnameMaxLength, }) } -func (l *subjectSurnameMaxLength) Initialize() error { - return nil +func NewSubjectSurnameMaxLength() lint.LintInterface { + return &subjectSurnameMaxLength{} } func (l *subjectSurnameMaxLength) CheckApplies(c *x509.Certificate) bool { @@ -52,11 +69,11 @@ func (l *subjectSurnameMaxLength) CheckApplies(c *x509.Certificate) bool { } func (l *subjectSurnameMaxLength) Execute(c *x509.Certificate) *lint.LintResult { - for _, j := range c.Subject.Surname { - if utf8.RuneCountInString(j) > 40 { + for _, surname := range c.Subject.Surname { + characters := utf8.RuneCountInString(surname) + if characters > 32768 { return &lint.LintResult{Status: lint.Error} } } - return &lint.LintResult{Status: lint.Pass} } diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_recommended_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_recommended_max_length.go new file mode 100644 index 000000000..8d40faed3 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_recommended_max_length.go @@ -0,0 +1,62 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package rfc + +import ( + "unicode/utf8" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +/************************************************ +RFC 5280: A.1 +-- specifications of Upper Bounds MUST be regarded as mandatory +-- from Annex B of ITU-T X.411 Reference Definition of MTS Parameter +-- Upper Bounds +************************************************/ + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "w_subject_surname_recommended_max_length", + Description: "X.411 (1988) describes ub-common-name-length to be 64 bytes long. As systems may have " + + "targeted this length, for compatibility purposes it may be prudent to limit surnames to this length.", + Citation: "ITU-T Rec. X.411 (11/1988), Annex B Reference Definition of MTS Parameter Upper Bounds", + Source: lint.RFC5280, + EffectiveDate: util.RFC2459Date, + Lint: NewSubjectSurnameRecommendedMaxLength, + }) +} + +func NewSubjectSurnameRecommendedMaxLength() lint.LintInterface { + return &SubjectSurnameRecommendedMaxLength{} +} + +type SubjectSurnameRecommendedMaxLength struct{} + +func (l *SubjectSurnameRecommendedMaxLength) CheckApplies(c *x509.Certificate) bool { + return true +} + +func (l *SubjectSurnameRecommendedMaxLength) Execute(c *x509.Certificate) *lint.LintResult { + for _, givenName := range c.Subject.Surname { + characters := utf8.RuneCountInString(givenName) + if characters > 64 { + return &lint.LintResult{Status: lint.Warn} + } + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_superfluous_ku_encoding.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_superfluous_ku_encoding.go new file mode 100644 index 000000000..72ef76df7 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_superfluous_ku_encoding.go @@ -0,0 +1,61 @@ +/* + * ZLint Copyright 2022 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package rfc + +import ( + "fmt" + "strings" + + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "e_superfluous_ku_encoding", + Description: "RFC 5280 Section 4.2.1.3 describes the value of a KeyUsage to be a DER encoded BitString, which itself must not have unnecessary trailing 00 bytes.", + Citation: "1.2.2 Where Rec. ITU-T X.680 | ISO/IEC 8824-1, 22.7, applies, the bitstring shall have all trailing 0 bits removed before it is encoded.", + Source: lint.RFC5280, + EffectiveDate: util.ZeroDate, + Lint: func() lint.LintInterface { return &superfluousKuEncoding{} }, + }) +} + +type superfluousKuEncoding struct{} + +func NewSuperfluousKuEncoding() lint.LintInterface { + return &superfluousKuEncoding{} +} + +func (l *superfluousKuEncoding) CheckApplies(c *x509.Certificate) bool { + ku := util.GetExtFromCert(c, util.KeyUsageOID) + return ku != nil && len(ku.Value) > 0 +} + +func (l *superfluousKuEncoding) Execute(c *x509.Certificate) *lint.LintResult { + ku := util.GetExtFromCert(c, util.KeyUsageOID).Value + if ku[len(ku)-1] != 0 { + return &lint.LintResult{Status: lint.Pass} + } + binary := make([]string, len(ku)) + for i, b := range ku { + binary[i] = fmt.Sprintf("%08b", b) + } + // E.G. KeyUsage contains superfluous trailing 00 byte. Bytes: [3 3 7 6 0], Binary: [00000011 00000011 00000111 00000110 00000000] + return &lint.LintResult{Status: lint.Error, Details: fmt.Sprintf( + "KeyUsage contains superfluous trailing 00 byte. Bytes: %v, Binary: [%s]", ku, strings.Join(binary, " "), + )} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_alg_matches_cert_signature_alg.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_alg_matches_cert_signature_alg.go index 28a8aa586..e0e9b857e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_alg_matches_cert_signature_alg.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_alg_matches_cert_signature_alg.go @@ -40,12 +40,12 @@ func init() { Citation: "RFC 5280, Section 4.1.1.2", Source: lint.RFC5280, EffectiveDate: util.RFC5280Date, - Lint: &mismatchingSigAlg{}, + Lint: NewMismatchingSigAlg, }) } -func (l *mismatchingSigAlg) Initialize() error { - return nil +func NewMismatchingSigAlg() lint.LintInterface { + return &mismatchingSigAlg{} } func (l *mismatchingSigAlg) CheckApplies(_ *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_rsa_encryption_parameter_not_null.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_rsa_encryption_parameter_not_null.go index f80bb6a6a..58c5359f5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_rsa_encryption_parameter_not_null.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_rsa_encryption_parameter_not_null.go @@ -38,12 +38,12 @@ func init() { Citation: "RFC 4055, Section 5", Source: lint.RFC5280, // RFC4055 is referenced in RFC5280, Section 1 EffectiveDate: util.RFC5280Date, - Lint: &rsaTBSSignatureEncryptionParamNotNULL{}, + Lint: NewRsaTBSSignatureEncryptionParamNotNULL, }) } -func (l *rsaTBSSignatureEncryptionParamNotNULL) Initialize() error { - return nil +func NewRsaTBSSignatureEncryptionParamNotNULL() lint.LintInterface { + return &rsaTBSSignatureEncryptionParamNotNULL{} } func (l *rsaTBSSignatureEncryptionParamNotNULL) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_does_not_include_seconds.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_does_not_include_seconds.go index 851d247b9..c8cd431d1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_does_not_include_seconds.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_does_not_include_seconds.go @@ -47,12 +47,12 @@ func init() { Citation: "RFC 5280: 4.1.2.5.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &utcNoSecond{}, + Lint: NewUtcNoSecond, }) } -func (l *utcNoSecond) Initialize() error { - return nil +func NewUtcNoSecond() lint.LintInterface { + return &utcNoSecond{} } func (l *utcNoSecond) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_not_in_zulu.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_not_in_zulu.go index 648f78256..bc39becb2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_not_in_zulu.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_not_in_zulu.go @@ -50,12 +50,12 @@ func init() { Citation: "RFC 5280: 4.1.2.5.1", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &utcTimeGMT{}, + Lint: NewUtcTimeGMT, }) } -func (l *utcTimeGMT) Initialize() error { - return nil +func NewUtcTimeGMT() lint.LintInterface { + return &utcTimeGMT{} } func (l *utcTimeGMT) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_wrong_time_format_pre2050.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_wrong_time_format_pre2050.go index 3edaaf2bb..5bd27fa39 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_wrong_time_format_pre2050.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_wrong_time_format_pre2050.go @@ -15,9 +15,9 @@ package rfc */ import ( - "encoding/asn1" "time" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/lint" "github.com/zmap/zlint/v3/util" @@ -40,12 +40,12 @@ func init() { Citation: "RFC 5280: 4.1.2.5", Source: lint.RFC5280, EffectiveDate: util.RFC2459Date, - Lint: &generalizedPre2050{}, + Lint: NewGeneralizedPre2050, }) } -func (l *generalizedPre2050) Initialize() error { - return nil +func NewGeneralizedPre2050() lint.LintInterface { + return &generalizedPre2050{} } func (l *generalizedPre2050) CheckApplies(c *x509.Certificate) bool { diff --git a/vendor/github.com/zmap/zlint/v3/makefile b/vendor/github.com/zmap/zlint/v3/makefile index 6fb343ddb..8943a8d57 100644 --- a/vendor/github.com/zmap/zlint/v3/makefile +++ b/vendor/github.com/zmap/zlint/v3/makefile @@ -10,11 +10,13 @@ PARALLELISM := 5 # make integration INT_FLAGS="-includeSources='Mozilla,ETSI_ESI' -config small.config.json" INT_FLAGS := +GIT_VERSION := "$(shell git describe --abbrev=8)" + CMDS = zlint zlint-gtld-update CMD_PREFIX = ./cmd/ -BUILD = $(GO_ENV) go build +BUILD = $(GO_ENV) go build --ldflags="-X 'main.version=$(GIT_VERSION)'" TEST = $(GO_ENV) GORACE=halt_on_error=1 go test -race -INT_TEST = $(GO_ENV) go test -v -tags integration -timeout 20m ./integration/... -parallelism $(PARALLELISM) $(INT_FLAGS) +INT_TEST = $(GO_ENV) go test -v -tags integration -timeout 20m ./integration/. -parallelism $(PARALLELISM) $(INT_FLAGS) all: $(CMDS) @@ -34,9 +36,15 @@ integration: $(INT_TEST) code-lint: - golangci-lint run + # Skip these two directories as they contain Go files that are tests for custom + # code linting framework and there is no expectation of those files conforming to anything. + golangci-lint run --skip-dirs lints/lints/testdata/,lints/testdata + +custom-code-lint: + (cd integration/lints/ && go run main.go ../../lints) + (cd integration/lints/ && go run main.go ../../cmd/genTestCerts) testdata-lint: ./test/prepend_testcerts_openssl.sh && git diff --exit-code testdata/ -.PHONY: clean zlint zlint-gtld-update test integration code-lint testdata-lint +.PHONY: clean zlint zlint-gtld-update test integration code-lint testdata-lint custom-code-lint diff --git a/vendor/github.com/zmap/zlint/v3/newLint.sh b/vendor/github.com/zmap/zlint/v3/newLint.sh index 9bfd13ad7..fde173dc4 100644 --- a/vendor/github.com/zmap/zlint/v3/newLint.sh +++ b/vendor/github.com/zmap/zlint/v3/newLint.sh @@ -44,6 +44,7 @@ FILENAME=${LINTNAME:2} STRUCTNAME=$3 sed -e "s/PACKAGE/${PATHNAME}/" \ + -e "s/PASCAL_CASE_SUBST/${STRUCTNAME^}/g" \ -e "s/SUBST/${STRUCTNAME}/g" \ -e "s/SUBTEST/${LINTNAME}/g" template > lints/${PATHNAME}/lint_${FILENAME}.go diff --git a/vendor/github.com/zmap/zlint/v3/resultset.go b/vendor/github.com/zmap/zlint/v3/resultset.go index f1e4db3c9..0fb3c7594 100644 --- a/vendor/github.com/zmap/zlint/v3/resultset.go +++ b/vendor/github.com/zmap/zlint/v3/resultset.go @@ -38,7 +38,7 @@ func (z *ResultSet) execute(cert *x509.Certificate, registry lint.Registry) { z.Results = make(map[string]*lint.LintResult, len(registry.Names())) // Run each lints from the registry. for _, name := range registry.Names() { - res := registry.ByName(name).Execute(cert) + res := registry.ByName(name).Execute(cert, registry.GetConfiguration()) z.Results[name] = res z.updateErrorStatePresent(res) } diff --git a/vendor/github.com/zmap/zlint/v3/template b/vendor/github.com/zmap/zlint/v3/template index 77311118c..1ae2a6738 100644 --- a/vendor/github.com/zmap/zlint/v3/template +++ b/vendor/github.com/zmap/zlint/v3/template @@ -16,13 +16,24 @@ package PACKAGE import ( "github.com/zmap/zcrypto/x509" - "github.com/zmap/zlint/v2/lint" + "github.com/zmap/zlint/v3/lint" ) +func init() { + lint.RegisterLint(&lint.Lint{ + Name: "SUBTEST", + Description: "Fill this in...", + Citation: "Fill this in...", + Source: UnknownLintSource, + EffectiveDate: "Change this...", + Lint: func() lint.LintInterface { return &SUBST{} }, + }) +} + type SUBST struct{} -func (l *SUBST) Initialize() error { - return nil +func NewPASCAL_CASE_SUBST() lint.LintInterface { + return &SUBST{} } func (l *SUBST) CheckApplies(c *x509.Certificate) bool { @@ -32,14 +43,3 @@ func (l *SUBST) CheckApplies(c *x509.Certificate) bool { func (l *SUBST) Execute(c *x509.Certificate) *lint.LintResult { // Add actual lint here } - -func init() { - lint.RegisterLint(&lint.Lint{ - Name: "SUBTEST", - Description: "Fill this in...", - Citation: "Fill this in...", - Source: UnknownLintSource, - EffectiveDate: "Change this...", - Lint: &SUBST{}, - }) -} diff --git a/vendor/github.com/zmap/zlint/v3/util/algorithm_identifier.go b/vendor/github.com/zmap/zlint/v3/util/algorithm_identifier.go index 07df3a4e9..cb6d2f0f4 100644 --- a/vendor/github.com/zmap/zlint/v3/util/algorithm_identifier.go +++ b/vendor/github.com/zmap/zlint/v3/util/algorithm_identifier.go @@ -2,13 +2,13 @@ package util import ( "bytes" - "encoding/asn1" "errors" "fmt" + "github.com/zmap/zcrypto/cryptobyte" + cryptobyte_asn1 "github.com/zmap/zcrypto/cryptobyte/asn1" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" - "golang.org/x/crypto/cryptobyte" - cryptobyte_asn1 "golang.org/x/crypto/cryptobyte/asn1" ) // additional OIDs not provided by the x509 package. @@ -39,6 +39,7 @@ var RSAAlgorithmIDToDER = map[string][]byte{ // CheckAlgorithmIDParamNotNULL parses an AlgorithmIdentifier with algorithm OID rsaEncryption to check the Param field is asn1.NULL // Expects DER-encoded AlgorithmIdentifier including tag and length. +//nolint:cyclop func CheckAlgorithmIDParamNotNULL(algorithmIdentifier []byte, requiredAlgoID asn1.ObjectIdentifier) error { expectedAlgoIDBytes, ok := RSAAlgorithmIDToDER[requiredAlgoID.String()] if !ok { diff --git a/vendor/github.com/zmap/zlint/v3/util/encodings.go b/vendor/github.com/zmap/zlint/v3/util/encodings.go index fc28c350f..80efdbb4f 100644 --- a/vendor/github.com/zmap/zlint/v3/util/encodings.go +++ b/vendor/github.com/zmap/zlint/v3/util/encodings.go @@ -16,13 +16,13 @@ package util import ( "bytes" - "encoding/asn1" "errors" "regexp" "strings" "unicode" "unicode/utf16" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509/pkix" ) diff --git a/vendor/github.com/zmap/zlint/v3/util/ev.go b/vendor/github.com/zmap/zlint/v3/util/ev.go index 68ef5df3a..d5b0abb72 100644 --- a/vendor/github.com/zmap/zlint/v3/util/ev.go +++ b/vendor/github.com/zmap/zlint/v3/util/ev.go @@ -15,10 +15,11 @@ package util import ( - "encoding/asn1" + "github.com/zmap/zcrypto/encoding/asn1" ) var evoids = map[string]bool{ + "2.23.140.1.1": true, "1.3.159.1.17.1": true, "1.3.6.1.4.1.34697.2.1": true, "1.3.6.1.4.1.34697.2.2": true, diff --git a/vendor/github.com/zmap/zlint/v3/util/gtld_map.go b/vendor/github.com/zmap/zlint/v3/util/gtld_map.go index 7137627d4..9a5f1713c 100644 --- a/vendor/github.com/zmap/zlint/v3/util/gtld_map.go +++ b/vendor/github.com/zmap/zlint/v3/util/gtld_map.go @@ -156,7 +156,7 @@ var tldMap = map[string]GTLDPeriod{ "afamilycompany": { GTLD: "afamilycompany", DelegationDate: "2016-07-31", - RemovalDate: "", + RemovalDate: "2021-12-03", }, "afl": { GTLD: "afl", @@ -936,7 +936,7 @@ var tldMap = map[string]GTLDPeriod{ "budapest": { GTLD: "budapest", DelegationDate: "2014-09-23", - RemovalDate: "", + RemovalDate: "2022-02-17", }, "bugatti": { GTLD: "bugatti", @@ -1041,7 +1041,7 @@ var tldMap = map[string]GTLDPeriod{ "cancerresearch": { GTLD: "cancerresearch", DelegationDate: "2014-07-03", - RemovalDate: "", + RemovalDate: "2022-10-05", }, "canon": { GTLD: "canon", @@ -1116,7 +1116,7 @@ var tldMap = map[string]GTLDPeriod{ "caseih": { GTLD: "caseih", DelegationDate: "2016-10-30", - RemovalDate: "", + RemovalDate: "2021-02-19", }, "cash": { GTLD: "cash", @@ -1581,7 +1581,7 @@ var tldMap = map[string]GTLDPeriod{ "csc": { GTLD: "csc", DelegationDate: "2015-09-01", - RemovalDate: "", + RemovalDate: "2022-02-01", }, "cu": { GTLD: "cu", @@ -1891,7 +1891,7 @@ var tldMap = map[string]GTLDPeriod{ "duck": { GTLD: "duck", DelegationDate: "2016-07-21", - RemovalDate: "", + RemovalDate: "2021-12-03", }, "dunlop": { GTLD: "dunlop", @@ -2416,7 +2416,7 @@ var tldMap = map[string]GTLDPeriod{ "fujixerox": { GTLD: "fujixerox", DelegationDate: "2016-07-15", - RemovalDate: "", + RemovalDate: "2021-03-26", }, "fun": { GTLD: "fun", @@ -2591,7 +2591,7 @@ var tldMap = map[string]GTLDPeriod{ "glade": { GTLD: "glade", DelegationDate: "2016-07-28", - RemovalDate: "", + RemovalDate: "2021-12-03", }, "glass": { GTLD: "glass", @@ -3276,7 +3276,7 @@ var tldMap = map[string]GTLDPeriod{ "iveco": { GTLD: "iveco", DelegationDate: "2016-10-30", - RemovalDate: "", + RemovalDate: "2021-04-21", }, "iwc": { GTLD: "iwc", @@ -3458,6 +3458,11 @@ var tldMap = map[string]GTLDPeriod{ DelegationDate: "2015-09-26", RemovalDate: "", }, + "kids": { + GTLD: "kids", + DelegationDate: "2022-04-04", + RemovalDate: "", + }, "kim": { GTLD: "kim", DelegationDate: "2014-01-23", @@ -3786,7 +3791,7 @@ var tldMap = map[string]GTLDPeriod{ "lixil": { GTLD: "lixil", DelegationDate: "2015-07-30", - RemovalDate: "", + RemovalDate: "2021-12-29", }, "lk": { GTLD: "lk", @@ -4338,6 +4343,11 @@ var tldMap = map[string]GTLDPeriod{ DelegationDate: "2001-11-01", RemovalDate: "", }, + "music": { + GTLD: "music", + DelegationDate: "2021-10-29", + RemovalDate: "", + }, "mutual": { GTLD: "mutual", DelegationDate: "2016-04-05", @@ -4401,7 +4411,7 @@ var tldMap = map[string]GTLDPeriod{ "nationwide": { GTLD: "nationwide", DelegationDate: "2016-07-15", - RemovalDate: "", + RemovalDate: "2021-04-16", }, "natura": { GTLD: "natura", @@ -4466,7 +4476,7 @@ var tldMap = map[string]GTLDPeriod{ "newholland": { GTLD: "newholland", DelegationDate: "2016-10-30", - RemovalDate: "", + RemovalDate: "2021-02-19", }, "news": { GTLD: "news", @@ -4641,7 +4651,7 @@ var tldMap = map[string]GTLDPeriod{ "off": { GTLD: "off", DelegationDate: "2016-07-21", - RemovalDate: "", + RemovalDate: "2021-12-03", }, "office": { GTLD: "office", @@ -4706,7 +4716,7 @@ var tldMap = map[string]GTLDPeriod{ "onyourside": { GTLD: "onyourside", DelegationDate: "2016-07-15", - RemovalDate: "", + RemovalDate: "2021-04-16", }, "ooo": { GTLD: "ooo", @@ -5161,7 +5171,7 @@ var tldMap = map[string]GTLDPeriod{ "qvc": { GTLD: "qvc", DelegationDate: "2016-08-04", - RemovalDate: "", + RemovalDate: "2021-10-07", }, "racing": { GTLD: "racing", @@ -5176,7 +5186,7 @@ var tldMap = map[string]GTLDPeriod{ "raid": { GTLD: "raid", DelegationDate: "2016-07-21", - RemovalDate: "", + RemovalDate: "2021-12-03", }, "re": { GTLD: "re", @@ -5341,7 +5351,7 @@ var tldMap = map[string]GTLDPeriod{ "rmit": { GTLD: "rmit", DelegationDate: "2016-11-24", - RemovalDate: "", + RemovalDate: "2021-09-27", }, "ro": { GTLD: "ro", @@ -5576,7 +5586,7 @@ var tldMap = map[string]GTLDPeriod{ "scjohnson": { GTLD: "scjohnson", DelegationDate: "2016-07-21", - RemovalDate: "", + RemovalDate: "2021-12-03", }, "scor": { GTLD: "scor", @@ -5916,7 +5926,7 @@ var tldMap = map[string]GTLDPeriod{ "spreadbetting": { GTLD: "spreadbetting", DelegationDate: "2015-03-13", - RemovalDate: "", + RemovalDate: "2021-04-21", }, "sr": { GTLD: "sr", @@ -6076,7 +6086,7 @@ var tldMap = map[string]GTLDPeriod{ "swiftcover": { GTLD: "swiftcover", DelegationDate: "2016-07-21", - RemovalDate: "", + RemovalDate: "2021-10-05", }, "swiss": { GTLD: "swiss", @@ -7006,7 +7016,7 @@ var tldMap = map[string]GTLDPeriod{ "xn--3oq18vl8pn36a": { GTLD: "xn--3oq18vl8pn36a", DelegationDate: "2016-08-16", - RemovalDate: "", + RemovalDate: "2021-10-27", }, "xn--3pxu8k": { GTLD: "xn--3pxu8k", @@ -7033,6 +7043,11 @@ var tldMap = map[string]GTLDPeriod{ DelegationDate: "2014-11-17", RemovalDate: "", }, + "xn--4dbrk0ce": { + GTLD: "xn--4dbrk0ce", + DelegationDate: "1985-01-01", + RemovalDate: "", + }, "xn--4gbrim": { GTLD: "xn--4gbrim", DelegationDate: "2014-05-28", diff --git a/vendor/github.com/zmap/zlint/v3/util/idna.go b/vendor/github.com/zmap/zlint/v3/util/idna.go new file mode 100644 index 000000000..5e2543efb --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/util/idna.go @@ -0,0 +1,60 @@ +/* + * ZLint Copyright 2021 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package util + +import ( + "regexp" + + "golang.org/x/net/idna" +) + +var reservedLabelPrefix = regexp.MustCompile(`^..--`) + +var xnLabelPrefix = regexp.MustCompile(`(?i)^xn--`) + +// HasReservedLabelPrefix checks whether the given string (presumably +// a domain label) has hyphens ("-") as the third and fourth characters. Domain +// labels with hyphens in these positions are considered to be "Reserved Labels" +// per RFC 5890, section 2.3.1. +// (https://datatracker.ietf.org/doc/html/rfc5890#section-2.3.1) +func HasReservedLabelPrefix(s string) bool { + return reservedLabelPrefix.MatchString(s) +} + +// HasXNLabelPrefix checks whether the given string (presumably a +// domain label) is prefixed with the case-insensitive string "xn--" (the +// IDNA ACE prefix). +// +// This check is useful given the bug following bug report for IDNA wherein +// the ACE prefix incorrectly taken to be case-sensitive. +// +// https://github.com/golang/go/issues/48778 +func HasXNLabelPrefix(s string) bool { + return xnLabelPrefix.MatchString(s) +} + +// IdnaToUnicode is a wrapper around idna.ToUnicode. +// +// If the provided string starts with the IDNA ACE prefix ("xn--", case +// insensitive), then that ACE prefix is coerced to a lowercase "xn--" before +// processing by the idna package. +// +// This is only necessary due to the bug at https://github.com/golang/go/issues/48778 +func IdnaToUnicode(s string) (string, error) { + if HasXNLabelPrefix(s) { + s = "xn--" + s[4:] + } + return idna.ToUnicode(s) +} diff --git a/vendor/github.com/zmap/zlint/v3/util/ku.go b/vendor/github.com/zmap/zlint/v3/util/ku.go index 31a828fb4..529e4c355 100644 --- a/vendor/github.com/zmap/zlint/v3/util/ku.go +++ b/vendor/github.com/zmap/zlint/v3/util/ku.go @@ -16,3 +16,21 @@ var ( x509.KeyUsageDecipherOnly: "KeyUsageDecipherOnly", } ) + +// HasKeyUsageOID returns whether-or-not the OID 2.5.29.15 is present in the given certificate's extensions. +func HasKeyUsageOID(c *x509.Certificate) bool { + return IsExtInCert(c, KeyUsageOID) +} + +// HasKeyUsage returns whether-or-not the given x509.KeyUsage is present within the +// given certificate's KeyUsage bitmap. The certificate, however, is NOT checked for +// whether-or-not it actually has a key usage OID. If you wish to check for the presence +// of the key usage OID, please use HasKeyUsageOID. +func HasKeyUsage(c *x509.Certificate, usage x509.KeyUsage) bool { + return KeyUsageIsPresent(c.KeyUsage, usage) +} + +// KeyUsageIsPresent checks the provided bitmap (keyUsages) for presence of the provided x509.KeyUsage. +func KeyUsageIsPresent(keyUsages x509.KeyUsage, usage x509.KeyUsage) bool { + return keyUsages&usage != 0 +} diff --git a/vendor/github.com/zmap/zlint/v3/util/names.go b/vendor/github.com/zmap/zlint/v3/util/names.go index f8e4936f1..7792f13dc 100644 --- a/vendor/github.com/zmap/zlint/v3/util/names.go +++ b/vendor/github.com/zmap/zlint/v3/util/names.go @@ -15,8 +15,7 @@ package util import ( - "encoding/asn1" - + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509/pkix" ) diff --git a/vendor/github.com/zmap/zlint/v3/util/oid.go b/vendor/github.com/zmap/zlint/v3/util/oid.go index 652bd60d2..a7892b6b4 100644 --- a/vendor/github.com/zmap/zlint/v3/util/oid.go +++ b/vendor/github.com/zmap/zlint/v3/util/oid.go @@ -15,9 +15,9 @@ package util import ( - "encoding/asn1" "errors" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" "github.com/zmap/zcrypto/x509/pkix" ) @@ -110,7 +110,6 @@ func IsExtInCert(cert *x509.Certificate, oid asn1.ObjectIdentifier) bool { // GetExtFromCert returns the extension with the matching OID, if present. If // the extension if not present, it returns nil. -//nolint:interfacer func GetExtFromCert(cert *x509.Certificate, oid asn1.ObjectIdentifier) *pkix.Extension { // Since this function is called by many Lint CheckApplies functions we use // the x509.Certificate.ExtensionsMap field added by zcrypto to check for diff --git a/vendor/github.com/zmap/zlint/v3/util/onion.go b/vendor/github.com/zmap/zlint/v3/util/onion.go new file mode 100644 index 000000000..45cb6013e --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/util/onion.go @@ -0,0 +1,104 @@ +package util + +import ( + "encoding/base32" + "strings" + + "github.com/zmap/zcrypto/x509" +) + +// An onion address is base32 encoded, however Tor believes that the standard base32 encoding +// is lowercase while the Go standard library believes that the standard base32 encoding is uppercase. +// +// onionBase32Encoding is simply base32.StdEncoding but lowercase instead of uppercase in order +// to work with the above mismatch. +var onionBase32Encoding = base32.NewEncoding("abcdefghijklmnopqrstuvwxyz234567") + +// IsOnionV3Address returns whether or not the provided DNS name is an Onion V3 encoded address. +// +// In order to be an Onion V3 encoded address, the DNS name must satisfy the following: +// 1. Contain at least two labels. +// 2. The right most label MUST be "onion". +// 3. The second to the right most label MUST be exactly 56 characters long. +// 4. The second to the right most label MUST be base32 encoded against the lowercase standard encoding. +// 5. The final byte of the decoded result from #4 MUST be equal to 0x03. +func IsOnionV3Address(dnsName string) bool { + labels := strings.Split(dnsName, ".") + if len(labels) < 2 || labels[len(labels)-1] != "onion" { + return false + } + address := labels[len(labels)-2] + if len(address) != 56 { + return false + } + raw, err := onionBase32Encoding.DecodeString(address) + if err != nil { + return false + } + return raw[len(raw)-1] == 0x03 +} + +// IsOnionV2Address returns whether-or-not the give address appears to be an Onion V2 address. +// +// In order to be an Onion V2 encoded address, the DNS name must satisfy the following: +// 1. The address has at least two labels. +// 2. The right most label is the .onion TLD. +// 3. The second-to-the-right most label is a 16 character long, base32. +func IsOnionV2Address(dnsName string) bool { + if !strings.HasSuffix(dnsName, "onion") { + return false + } + labels := strings.Split(dnsName, ".") + if len(labels) < 2 { + return false + } + if len(labels[0]) != 16 { + return false + } + _, err := onionBase32Encoding.DecodeString(labels[0]) + if err != nil { + return false + } + return true +} + +// IsOnionV3Cert returns whether-or-not at least one of the provided certificates subject common name, +// or any of its DNS names, are version 3 Onion addresses. +func IsOnionV3Cert(c *x509.Certificate) bool { + return anyAreOnionVX(append(c.DNSNames, c.Subject.CommonName), IsOnionV3Address) +} + +// IsOnionV2Cert returns whether-or-not at least one of the provided certificates subject common name, +// or any of its DNS names, are version 2 Onion addresses. +func IsOnionV2Cert(c *x509.Certificate) bool { + return anyAreOnionVX(append(c.DNSNames, c.Subject.CommonName), IsOnionV2Address) +} + +// anyAreOnionVX returns whether-or-not there is at least one item +// within the given slice that satisfies the given predicate. +// +// An empty slice always returns `false`. +// +// @TODO once we commit to forcing the library users onto Go 1.18 this should migrate to a generic function. +func anyAreOnionVX(slice []string, predicate func(string) bool) bool { + for _, item := range slice { + if predicate(item) { + return true + } + } + return false +} + +// allAreOnionVX returns whether-or-not all items within the given slice +// satisfy the given predicate. +// +// An empty slice always returns `true`. This may seem counterintuitive, +// however it is due to being what is called a "vacuous truth". For +// more information, please see https://en.wikipedia.org/wiki/Vacuous_truth. +// +// @TODO once we commit to forcing the library users onto Go 1.18 this should migrate to a generic function. +func allAreOnionVX(slice []string, predicate func(string) bool) bool { + return !anyAreOnionVX(slice, func(item string) bool { + return !predicate(item) + }) +} diff --git a/vendor/github.com/zmap/zlint/v3/util/qc_stmt.go b/vendor/github.com/zmap/zlint/v3/util/qc_stmt.go index 97af7faf6..3b8183f72 100644 --- a/vendor/github.com/zmap/zlint/v3/util/qc_stmt.go +++ b/vendor/github.com/zmap/zlint/v3/util/qc_stmt.go @@ -16,9 +16,10 @@ package util import ( "bytes" - "encoding/asn1" "fmt" "reflect" + + "github.com/zmap/zcrypto/encoding/asn1" ) type anyContent struct { diff --git a/vendor/github.com/zmap/zlint/v3/util/rdn.go b/vendor/github.com/zmap/zlint/v3/util/rdn.go index cb076a91b..b07a989c6 100644 --- a/vendor/github.com/zmap/zlint/v3/util/rdn.go +++ b/vendor/github.com/zmap/zlint/v3/util/rdn.go @@ -14,7 +14,7 @@ package util -import "encoding/asn1" +import "github.com/zmap/zcrypto/encoding/asn1" type AttributeTypeAndRawValue struct { Type asn1.ObjectIdentifier diff --git a/vendor/github.com/zmap/zlint/v3/util/time.go b/vendor/github.com/zmap/zlint/v3/util/time.go index ba47b2d3b..e3313970e 100644 --- a/vendor/github.com/zmap/zlint/v3/util/time.go +++ b/vendor/github.com/zmap/zlint/v3/util/time.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2022 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -15,9 +15,9 @@ package util import ( - "encoding/asn1" "time" + "github.com/zmap/zcrypto/encoding/asn1" "github.com/zmap/zcrypto/x509" ) @@ -25,6 +25,7 @@ var ( ZeroDate = time.Date(0000, time.January, 1, 0, 0, 0, 0, time.UTC) RFC1035Date = time.Date(1987, time.January, 1, 0, 0, 0, 0, time.UTC) RFC2459Date = time.Date(1999, time.January, 1, 0, 0, 0, 0, time.UTC) + RFC3279Date = time.Date(2002, time.April, 1, 0, 0, 0, 0, time.UTC) RFC3280Date = time.Date(2002, time.April, 1, 0, 0, 0, 0, time.UTC) RFC3490Date = time.Date(2003, time.March, 1, 0, 0, 0, 0, time.UTC) RFC8399Date = time.Date(2018, time.May, 1, 0, 0, 0, 0, time.UTC) @@ -32,6 +33,7 @@ var ( RFC4630Date = time.Date(2006, time.August, 1, 0, 0, 0, 0, time.UTC) RFC5280Date = time.Date(2008, time.May, 1, 0, 0, 0, 0, time.UTC) RFC6818Date = time.Date(2013, time.January, 1, 0, 0, 0, 0, time.UTC) + RFC8813Date = time.Date(2020, time.August, 1, 0, 0, 0, 0, time.UTC) CABEffectiveDate = time.Date(2012, time.July, 1, 0, 0, 0, 0, time.UTC) CABReservedIPDate = time.Date(2016, time.October, 1, 0, 0, 0, 0, time.UTC) CABGivenNameDate = time.Date(2016, time.September, 7, 0, 0, 0, 0, time.UTC) @@ -43,24 +45,33 @@ var ( CABV130Date = time.Date(2015, time.April, 16, 0, 0, 0, 0, time.UTC) CABV131Date = time.Date(2015, time.September, 28, 0, 0, 0, 0, time.UTC) // https://cabforum.org/wp-content/uploads/CA-Browser-Forum-EV-Guidelines-v1.7.0.pdf - CABV170Date = time.Date(2020, time.January, 31, 0, 0, 0, 0, time.UTC) - NO_SHA1 = time.Date(2016, time.January, 1, 0, 0, 0, 0, time.UTC) - NoRSA1024RootDate = time.Date(2011, time.January, 1, 0, 0, 0, 0, time.UTC) - NoRSA1024Date = time.Date(2014, time.January, 1, 0, 0, 0, 0, time.UTC) - GeneralizedDate = time.Date(2050, time.January, 1, 0, 0, 0, 0, time.UTC) - NoReservedIP = time.Date(2015, time.November, 1, 0, 0, 0, 0, time.UTC) - SubCert39Month = time.Date(2016, time.July, 2, 0, 0, 0, 0, time.UTC) - SubCert825Days = time.Date(2018, time.March, 2, 0, 0, 0, 0, time.UTC) - CABV148Date = time.Date(2017, time.June, 8, 0, 0, 0, 0, time.UTC) - EtsiEn319_412_5_V2_2_1_Date = time.Date(2017, time.November, 1, 0, 0, 0, 0, time.UTC) - OnionOnlyEVDate = time.Date(2015, time.May, 1, 0, 0, 0, 0, time.UTC) - CABV201Date = time.Date(2017, time.July, 28, 0, 0, 0, 0, time.UTC) - AppleCTPolicyDate = time.Date(2018, time.October, 15, 0, 0, 0, 0, time.UTC) - MozillaPolicy22Date = time.Date(2013, time.July, 26, 0, 0, 0, 0, time.UTC) - MozillaPolicy24Date = time.Date(2017, time.February, 28, 0, 0, 0, 0, time.UTC) - MozillaPolicy27Date = time.Date(2020, time.January, 1, 0, 0, 0, 0, time.UTC) - CABFBRs_1_6_9_Date = time.Date(2020, time.March, 27, 0, 0, 0, 0, time.UTC) - AppleReducedLifetimeDate = time.Date(2020, time.September, 1, 0, 0, 0, 0, time.UTC) + CABV170Date = time.Date(2020, time.January, 31, 0, 0, 0, 0, time.UTC) + NO_SHA1 = time.Date(2016, time.January, 1, 0, 0, 0, 0, time.UTC) + NoRSA1024RootDate = time.Date(2011, time.January, 1, 0, 0, 0, 0, time.UTC) + NoRSA1024Date = time.Date(2014, time.January, 1, 0, 0, 0, 0, time.UTC) + GeneralizedDate = time.Date(2050, time.January, 1, 0, 0, 0, 0, time.UTC) + NoReservedIP = time.Date(2015, time.November, 1, 0, 0, 0, 0, time.UTC) + SubCert39Month = time.Date(2016, time.July, 2, 0, 0, 0, 0, time.UTC) + SubCert825Days = time.Date(2018, time.March, 2, 0, 0, 0, 0, time.UTC) + CABV148Date = time.Date(2017, time.June, 8, 0, 0, 0, 0, time.UTC) + EtsiEn319_412_5_V2_2_1_Date = time.Date(2017, time.November, 1, 0, 0, 0, 0, time.UTC) + OnionOnlyEVDate = time.Date(2015, time.May, 1, 0, 0, 0, 0, time.UTC) + CABV201Date = time.Date(2017, time.July, 28, 0, 0, 0, 0, time.UTC) + AppleCTPolicyDate = time.Date(2018, time.October, 15, 0, 0, 0, 0, time.UTC) + MozillaPolicy22Date = time.Date(2013, time.July, 26, 0, 0, 0, 0, time.UTC) + MozillaPolicy24Date = time.Date(2017, time.February, 28, 0, 0, 0, 0, time.UTC) + MozillaPolicy241Date = time.Date(2017, time.March, 31, 0, 0, 0, 0, time.UTC) + MozillaPolicy27Date = time.Date(2020, time.January, 1, 0, 0, 0, 0, time.UTC) + CABFBRs_1_6_2_UnderscorePermissibilitySunsetDate = time.Date(2019, time.April, 1, 0, 0, 0, 0, time.UTC) + CABFBRs_1_6_2_Date = time.Date(2018, time.December, 10, 0, 0, 0, 0, time.UTC) + CABFBRs_1_2_1_Date = time.Date(2015, time.January, 16, 0, 0, 0, 0, time.UTC) + CABFBRs_1_6_9_Date = time.Date(2020, time.March, 27, 0, 0, 0, 0, time.UTC) + CABFBRs_1_7_1_Date = time.Date(2020, time.August, 20, 0, 0, 0, 0, time.UTC) + AppleReducedLifetimeDate = time.Date(2020, time.September, 1, 0, 0, 0, 0, time.UTC) + CABFBRs_1_7_9_Date = time.Date(2021, time.August, 16, 0, 0, 0, 0, time.UTC) + CABFBRs_1_8_0_Date = time.Date(2021, time.August, 25, 0, 0, 0, 0, time.UTC) + NoReservedDomainLabelsDate = time.Date(2021, time.October, 1, 0, 0, 0, 0, time.UTC) + CABFBRs_OU_Prohibited_Date = time.Date(2022, time.September, 1, 0, 0, 0, 0, time.UTC) ) var ( @@ -116,3 +127,13 @@ func GetTimes(cert *x509.Certificate) (asn1.RawValue, asn1.RawValue) { } return firstDate, secondDate } + +// BeforeOrOn returns whether left is before or strictly equal to right. +func BeforeOrOn(left, right time.Time) bool { + return !left.After(right) +} + +// OnOrAfter returns whether left is after or strictly equal to right. +func OnOrAfter(left, right time.Time) bool { + return !left.Before(right) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 32a6fe87a..24f84bc68 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -67,8 +67,6 @@ github.com/jmoiron/sqlx/types # github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46 ## explicit github.com/kisielk/sqlstruct -# github.com/kr/text v0.2.0 -## explicit # github.com/kylelemons/go-gypsy v1.0.0 ## explicit; go 1.5 github.com/kylelemons/go-gypsy/yaml @@ -83,6 +81,9 @@ github.com/mattn/go-sqlite3 # github.com/matttproud/golang_protobuf_extensions v1.0.4 ## explicit; go 1.9 github.com/matttproud/golang_protobuf_extensions/pbutil +# github.com/pelletier/go-toml v1.9.3 +## explicit; go 1.12 +github.com/pelletier/go-toml # github.com/pmezard/go-difflib v1.0.0 ## explicit github.com/pmezard/go-difflib/difflib @@ -111,7 +112,7 @@ github.com/prometheus/procfs/internal/util ## explicit; go 1.13 github.com/stretchr/testify/assert github.com/stretchr/testify/require -# github.com/weppos/publicsuffix-go v0.15.1-0.20210511084619-b1f36a2d6c0b +# github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236 ## explicit; go 1.11 github.com/weppos/publicsuffix-go/publicsuffix # github.com/ziutek/mymysql v1.5.4 @@ -119,17 +120,20 @@ github.com/weppos/publicsuffix-go/publicsuffix github.com/ziutek/mymysql/godrv github.com/ziutek/mymysql/mysql github.com/ziutek/mymysql/native -# github.com/zmap/zcrypto v0.0.0-20210511125630-18f1e0152cfc +# github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac ## explicit; go 1.16 +github.com/zmap/zcrypto/cryptobyte +github.com/zmap/zcrypto/cryptobyte/asn1 github.com/zmap/zcrypto/dsa +github.com/zmap/zcrypto/encoding/asn1 github.com/zmap/zcrypto/internal/randutil github.com/zmap/zcrypto/json github.com/zmap/zcrypto/util github.com/zmap/zcrypto/x509 github.com/zmap/zcrypto/x509/ct github.com/zmap/zcrypto/x509/pkix -# github.com/zmap/zlint/v3 v3.1.0 -## explicit; go 1.15 +# github.com/zmap/zlint/v3 v3.4.1 +## explicit; go 1.18 github.com/zmap/zlint/v3 github.com/zmap/zlint/v3/lint github.com/zmap/zlint/v3/lints/apple From bf9636a01e88945b1b2fbae19b37d37a9b6a30fe Mon Sep 17 00:00:00 2001 From: Nicky Semenza Date: Fri, 12 May 2023 09:34:41 -0700 Subject: [PATCH 20/73] update lint test for bumped zlint --- signer/local/local_test.go | 31 +++++++++++-------------------- 1 file changed, 11 insertions(+), 20 deletions(-) diff --git a/signer/local/local_test.go b/signer/local/local_test.go index a17ef4786..041e25486 100644 --- a/signer/local/local_test.go +++ b/signer/local/local_test.go @@ -31,8 +31,9 @@ import ( "github.com/cloudflare/cfssl/helpers" "github.com/cloudflare/cfssl/log" "github.com/cloudflare/cfssl/signer" + "github.com/stretchr/testify/require" - "github.com/google/certificate-transparency-go" + ct "github.com/google/certificate-transparency-go" "github.com/zmap/zlint/v3/lint" ) @@ -1540,6 +1541,7 @@ func TestLint(t *testing.T) { ignoredLintSourcesRegistry, err := lint.GlobalRegistry().Filter(lint.FilterOptions{ ExcludeSources: lint.SourceList{lint.CABFBaselineRequirements}, + ExcludeNames: []string{"e_ecdsa_allowed_ku"}, }) if err != nil { t.Fatalf("failed to construct ignoredLintSourcesRegistry: %v", err) @@ -1567,20 +1569,22 @@ func TestLint(t *testing.T) { name: "lint results above err level", signer: lintSigner, lintErrLevel: lint.Notice, - expectedErr: errors.New("pre-issuance linting found 2 error results"), + expectedErr: errors.New("pre-issuance linting found 3 error results"), expectedErrResults: map[string]lint.LintResult{ "e_sub_cert_aia_does_not_contain_ocsp_url": {Status: 6}, "e_dnsname_not_valid_tld": {Status: 6}, + "e_ecdsa_allowed_ku": {Status: 6, Details: "Certificate contains invalid key usage(s): KeyUsageKeyEncipherment"}, }, }, { name: "lint results below err level", signer: lintSigner, lintErrLevel: lint.Warn, - expectedErr: errors.New("pre-issuance linting found 2 error results"), + expectedErr: errors.New("pre-issuance linting found 3 error results"), expectedErrResults: map[string]lint.LintResult{ "e_sub_cert_aia_does_not_contain_ocsp_url": {Status: 6}, "e_dnsname_not_valid_tld": {Status: 6}, + "e_ecdsa_allowed_ku": {Status: 6, Details: "Certificate contains invalid key usage(s): KeyUsageKeyEncipherment"}, }, }, { @@ -1588,9 +1592,10 @@ func TestLint(t *testing.T) { signer: lintSigner, lintErrLevel: lint.Notice, lintRegistry: ignoredLintNameRegistry, - expectedErr: errors.New("pre-issuance linting found 1 error results"), + expectedErr: errors.New("pre-issuance linting found 2 error results"), expectedErrResults: map[string]lint.LintResult{ "e_sub_cert_aia_does_not_contain_ocsp_url": {Status: 6}, + "e_ecdsa_allowed_ku": {Status: 6, Details: "Certificate contains invalid key usage(s): KeyUsageKeyEncipherment"}, }, }, { @@ -1611,27 +1616,13 @@ func TestLint(t *testing.T) { } else if err != nil && tc.expectedErr != nil { actual := err.Error() expected := tc.expectedErr.Error() - if actual != expected { - t.Errorf("Expected err %q got %q", expected, actual) - } + require.Equal(t, expected, actual) if len(tc.expectedErrResults) > 0 { le, ok := err.(*LintError) if !ok { t.Fatalf("expected LintError type err, got %v", err) } - if count := len(le.ErrorResults); count != len(tc.expectedErrResults) { - t.Fatalf("expected %d LintError results, got %d", len(tc.expectedErrResults), len(le.ErrorResults)) - } - for name, result := range le.ErrorResults { - if result.Status != tc.expectedErrResults[name].Status { - t.Errorf("expected error from lint %q to have status %d not %d", - name, tc.expectedErrResults[name].Status, result.Status) - } - if result.Details != tc.expectedErrResults[name].Details { - t.Errorf("expected error from lint %q to have details %q not %q", - name, tc.expectedErrResults[name].Details, result.Details) - } - } + require.EqualValues(t, tc.expectedErrResults, le.ErrorResults) } } }) From 372ef3d8c256e7e423c4ddbe6b5650a36520313a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 May 2023 17:12:34 +0000 Subject: [PATCH 21/73] build(deps): bump github.com/google/certificate-transparency-go Bumps [github.com/google/certificate-transparency-go](https://github.com/google/certificate-transparency-go) from 1.1.4 to 1.1.6. - [Release notes](https://github.com/google/certificate-transparency-go/releases) - [Changelog](https://github.com/google/certificate-transparency-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/google/certificate-transparency-go/compare/v1.1.4...v1.1.6) --- updated-dependencies: - dependency-name: github.com/google/certificate-transparency-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 18 +- go.sum | 37 +- vendor/github.com/go-logr/logr/README.md | 4 + vendor/github.com/go-logr/logr/logr.go | 20 +- .../protobuf/ptypes/timestamp/timestamp.pb.go | 64 - .../.golangci.yaml | 24 +- .../certificate-transparency-go/AUTHORS | 1 + .../certificate-transparency-go/CHANGELOG.md | 61 +- .../certificate-transparency-go/CONTRIBUTORS | 1 + .../certificate-transparency-go/README.md | 14 +- .../client/configpb/multilog.pb.go | 2 +- .../cloudbuild.yaml | 17 +- .../cloudbuild_master.yaml | 17 +- .../cloudbuild_tag.yaml | 9 +- .../jsonclient/client.go | 2 + .../tls/signature.go | 4 +- vendor/github.com/mattn/go-sqlite3/README.md | 16 +- .../mattn/go-sqlite3/sqlite3-binding.c | 307 ++-- .../mattn/go-sqlite3/sqlite3-binding.h | 6 +- vendor/github.com/mattn/go-sqlite3/sqlite3.go | 6 +- .../go-sqlite3/sqlite3_opt_math_functions.go | 14 + .../mattn/go-sqlite3/sqlite3_opt_os_trace.go | 15 + .../mattn/go-sqlite3/sqlite3_windows.go | 1 - .../prometheus/client_model/go/metrics.pb.go | 1530 +++++++++++------ vendor/golang.org/x/crypto/cryptobyte/asn1.go | 75 +- .../golang.org/x/crypto/cryptobyte/builder.go | 9 +- .../x/crypto/curve25519/curve25519.go | 99 +- .../x/crypto/curve25519/curve25519_compat.go | 105 ++ .../x/crypto/curve25519/curve25519_go120.go | 46 + .../curve25519/internal/field/fe_generic.go | 2 +- vendor/golang.org/x/crypto/ssh/cipher.go | 3 +- vendor/golang.org/x/crypto/ssh/common.go | 9 +- vendor/golang.org/x/crypto/ssh/connection.go | 2 +- vendor/golang.org/x/crypto/ssh/handshake.go | 48 +- vendor/golang.org/x/crypto/ssh/keys.go | 6 +- vendor/golang.org/x/crypto/ssh/transport.go | 3 +- vendor/golang.org/x/sys/unix/ioctl_signed.go | 70 + .../sys/unix/{ioctl.go => ioctl_unsigned.go} | 4 +- vendor/golang.org/x/sys/unix/ioctl_zos.go | 12 +- vendor/golang.org/x/sys/unix/mkerrors.sh | 5 +- vendor/golang.org/x/sys/unix/syscall_aix.go | 4 +- .../golang.org/x/sys/unix/syscall_aix_ppc.go | 1 - .../x/sys/unix/syscall_aix_ppc64.go | 1 - .../golang.org/x/sys/unix/syscall_darwin.go | 3 +- .../x/sys/unix/syscall_dragonfly.go | 1 - .../golang.org/x/sys/unix/syscall_freebsd.go | 1 - vendor/golang.org/x/sys/unix/syscall_linux.go | 10 +- .../x/sys/unix/syscall_linux_386.go | 27 - .../x/sys/unix/syscall_linux_amd64.go | 1 - .../x/sys/unix/syscall_linux_arm.go | 27 - .../x/sys/unix/syscall_linux_arm64.go | 10 - .../x/sys/unix/syscall_linux_loong64.go | 5 - .../x/sys/unix/syscall_linux_mips64x.go | 1 - .../x/sys/unix/syscall_linux_mipsx.go | 27 - .../x/sys/unix/syscall_linux_ppc.go | 27 - .../x/sys/unix/syscall_linux_ppc64x.go | 1 - .../x/sys/unix/syscall_linux_riscv64.go | 1 - .../x/sys/unix/syscall_linux_s390x.go | 1 - .../x/sys/unix/syscall_linux_sparc64.go | 1 - .../golang.org/x/sys/unix/syscall_netbsd.go | 2 - .../golang.org/x/sys/unix/syscall_openbsd.go | 1 - .../golang.org/x/sys/unix/syscall_solaris.go | 21 +- vendor/golang.org/x/sys/unix/syscall_unix.go | 7 + .../x/sys/unix/syscall_zos_s390x.go | 4 +- .../x/sys/unix/zerrors_darwin_amd64.go | 19 + .../x/sys/unix/zerrors_darwin_arm64.go | 19 + vendor/golang.org/x/sys/unix/zerrors_linux.go | 14 + .../golang.org/x/sys/unix/zsyscall_aix_ppc.go | 15 +- .../x/sys/unix/zsyscall_aix_ppc64.go | 18 +- .../x/sys/unix/zsyscall_aix_ppc64_gc.go | 10 - .../x/sys/unix/zsyscall_aix_ppc64_gccgo.go | 10 +- .../x/sys/unix/zsyscall_darwin_amd64.go | 39 +- .../x/sys/unix/zsyscall_darwin_amd64.s | 11 +- .../x/sys/unix/zsyscall_darwin_arm64.go | 39 +- .../x/sys/unix/zsyscall_darwin_arm64.s | 11 +- .../x/sys/unix/zsyscall_dragonfly_amd64.go | 10 - .../x/sys/unix/zsyscall_freebsd_386.go | 10 - .../x/sys/unix/zsyscall_freebsd_amd64.go | 10 - .../x/sys/unix/zsyscall_freebsd_arm.go | 10 - .../x/sys/unix/zsyscall_freebsd_arm64.go | 10 - .../x/sys/unix/zsyscall_freebsd_riscv64.go | 10 - .../golang.org/x/sys/unix/zsyscall_linux.go | 10 - .../x/sys/unix/zsyscall_linux_386.go | 10 - .../x/sys/unix/zsyscall_linux_amd64.go | 10 - .../x/sys/unix/zsyscall_linux_arm.go | 10 - .../x/sys/unix/zsyscall_linux_arm64.go | 10 - .../x/sys/unix/zsyscall_linux_mips.go | 10 - .../x/sys/unix/zsyscall_linux_mips64.go | 10 - .../x/sys/unix/zsyscall_linux_mips64le.go | 10 - .../x/sys/unix/zsyscall_linux_mipsle.go | 10 - .../x/sys/unix/zsyscall_linux_ppc.go | 10 - .../x/sys/unix/zsyscall_linux_ppc64.go | 10 - .../x/sys/unix/zsyscall_linux_ppc64le.go | 10 - .../x/sys/unix/zsyscall_linux_riscv64.go | 10 - .../x/sys/unix/zsyscall_linux_s390x.go | 10 - .../x/sys/unix/zsyscall_linux_sparc64.go | 10 - .../x/sys/unix/zsyscall_netbsd_386.go | 10 - .../x/sys/unix/zsyscall_netbsd_amd64.go | 10 - .../x/sys/unix/zsyscall_netbsd_arm.go | 10 - .../x/sys/unix/zsyscall_netbsd_arm64.go | 10 - .../x/sys/unix/zsyscall_openbsd_386.go | 14 - .../x/sys/unix/zsyscall_openbsd_386.s | 5 - .../x/sys/unix/zsyscall_openbsd_amd64.go | 14 - .../x/sys/unix/zsyscall_openbsd_amd64.s | 5 - .../x/sys/unix/zsyscall_openbsd_arm.go | 14 - .../x/sys/unix/zsyscall_openbsd_arm.s | 5 - .../x/sys/unix/zsyscall_openbsd_arm64.go | 14 - .../x/sys/unix/zsyscall_openbsd_arm64.s | 5 - .../x/sys/unix/zsyscall_openbsd_mips64.go | 14 - .../x/sys/unix/zsyscall_openbsd_mips64.s | 5 - .../x/sys/unix/zsyscall_openbsd_ppc64.go | 14 - .../x/sys/unix/zsyscall_openbsd_ppc64.s | 6 - .../x/sys/unix/zsyscall_openbsd_riscv64.go | 14 - .../x/sys/unix/zsyscall_openbsd_riscv64.s | 5 - .../x/sys/unix/zsyscall_solaris_amd64.go | 17 +- .../x/sys/unix/zsyscall_zos_s390x.go | 4 +- .../x/sys/unix/ztypes_darwin_amd64.go | 11 + .../x/sys/unix/ztypes_darwin_arm64.go | 11 + .../golang.org/x/sys/windows/env_windows.go | 6 +- .../golang.org/x/sys/windows/exec_windows.go | 7 +- vendor/golang.org/x/sys/windows/service.go | 7 + .../golang.org/x/sys/windows/types_windows.go | 10 +- .../x/sys/windows/zsyscall_windows.go | 9 + .../x/text/unicode/norm/forminfo.go | 2 +- vendor/k8s.io/klog/v2/contextual.go | 30 +- vendor/k8s.io/klog/v2/format.go | 65 + .../k8s.io/klog/v2/internal/buffer/buffer.go | 75 +- .../klog/v2/internal/serialize/keyvalues.go | 232 ++- vendor/k8s.io/klog/v2/k8s_references.go | 78 +- vendor/k8s.io/klog/v2/klog.go | 148 +- vendor/k8s.io/klog/v2/klogr.go | 12 +- vendor/modules.txt | 23 +- 132 files changed, 2385 insertions(+), 1824 deletions(-) delete mode 100644 vendor/github.com/golang/protobuf/ptypes/timestamp/timestamp.pb.go create mode 100644 vendor/github.com/mattn/go-sqlite3/sqlite3_opt_math_functions.go create mode 100644 vendor/github.com/mattn/go-sqlite3/sqlite3_opt_os_trace.go create mode 100644 vendor/golang.org/x/crypto/curve25519/curve25519_compat.go create mode 100644 vendor/golang.org/x/crypto/curve25519/curve25519_go120.go create mode 100644 vendor/golang.org/x/sys/unix/ioctl_signed.go rename vendor/golang.org/x/sys/unix/{ioctl.go => ioctl_unsigned.go} (92%) create mode 100644 vendor/k8s.io/klog/v2/format.go diff --git a/go.mod b/go.mod index 5422e75e8..25955da92 100644 --- a/go.mod +++ b/go.mod @@ -7,17 +7,17 @@ require ( github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a github.com/cloudflare/redoctober v0.0.0-20211013234631-6a74ccc611f6 github.com/go-sql-driver/mysql v1.7.1 - github.com/google/certificate-transparency-go v1.1.4 + github.com/google/certificate-transparency-go v1.1.6 github.com/jmhodges/clock v1.2.0 github.com/jmoiron/sqlx v1.3.5 github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46 github.com/lib/pq v1.10.9 - github.com/mattn/go-sqlite3 v1.14.15 + github.com/mattn/go-sqlite3 v1.14.16 github.com/prometheus/client_golang v1.15.1 github.com/stretchr/testify v1.8.0 github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac github.com/zmap/zlint/v3 v3.4.1 - golang.org/x/crypto v0.3.0 + golang.org/x/crypto v0.8.0 ) require ( @@ -25,22 +25,22 @@ require ( github.com/cespare/xxhash/v2 v2.2.0 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/getsentry/sentry-go v0.11.0 // indirect - github.com/go-logr/logr v1.2.0 // indirect + github.com/go-logr/logr v1.2.3 // indirect github.com/golang/protobuf v1.5.3 // indirect github.com/kylelemons/go-gypsy v1.0.0 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/pelletier/go-toml v1.9.3 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect - github.com/prometheus/client_model v0.3.0 // indirect + github.com/prometheus/client_model v0.4.0 // indirect github.com/prometheus/common v0.42.0 // indirect github.com/prometheus/procfs v0.9.0 // indirect github.com/rogpeppe/go-internal v1.10.0 // indirect github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236 // indirect github.com/ziutek/mymysql v1.5.4 // indirect - golang.org/x/net v0.7.0 // indirect - golang.org/x/sys v0.6.0 // indirect - golang.org/x/text v0.7.0 // indirect + golang.org/x/net v0.10.0 // indirect + golang.org/x/sys v0.8.0 // indirect + golang.org/x/text v0.9.0 // indirect google.golang.org/protobuf v1.30.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/klog/v2 v2.80.1 // indirect + k8s.io/klog/v2 v2.100.1 // indirect ) diff --git a/go.sum b/go.sum index 89f6b6d76..da836c52d 100644 --- a/go.sum +++ b/go.sum @@ -105,8 +105,9 @@ github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vb github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A= -github.com/go-logr/logr v1.2.0 h1:QK40JKJyMdUDz+h+xvCsru/bJhvG0UxvePV0ufL/AcE= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0= +github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8= github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg= github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI= @@ -148,8 +149,8 @@ github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu github.com/gomodule/redigo v1.7.1-0.20190724094224-574c33c3df38/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= -github.com/google/certificate-transparency-go v1.1.4 h1:hCyXHDbtqlr/lMXU0D4WgbalXL0Zk4dSWWMbPV8VrqY= -github.com/google/certificate-transparency-go v1.1.4/go.mod h1:D6lvbfwckhNrbM9WVl1EVeMOyzC19mpIjMOI4nxBHtQ= +github.com/google/certificate-transparency-go v1.1.6 h1:SW5K3sr7ptST/pIvNkSVWMiJqemRmkjJPPT0jzXdOOY= +github.com/google/certificate-transparency-go v1.1.6/go.mod h1:0OJjOsOk+wj6aYQgP7FU0ioQ0AJUmnWPFMqTjQeazPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= @@ -236,8 +237,8 @@ github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= -github.com/mattn/go-sqlite3 v1.14.15 h1:vfoHhTN1af61xCRSWzFIWzx2YskyMTwHLrExkBOjvxI= -github.com/mattn/go-sqlite3 v1.14.15/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= +github.com/mattn/go-sqlite3 v1.14.16 h1:yOQRA0RpS5PFz/oikGwBEqvAWhWg5ufRz4ETLjwpU1Y= +github.com/mattn/go-sqlite3 v1.14.16/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= @@ -283,8 +284,8 @@ github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1: github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.3.0 h1:UBgGFHqYdG/TPFD1B1ogZywDqEkwp3fBMvqdiQ7Xew4= -github.com/prometheus/client_model v0.3.0/go.mod h1:LDGWKZIo7rky3hgvBe+caln+Dr3dPggB5dvjtD7w9+w= +github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY= +github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= @@ -373,8 +374,8 @@ golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.3.0 h1:a06MkbcxBrEFc0w0QIZWXrH/9cCX6KJyWbBOIwAn+7A= -golang.org/x/crypto v0.3.0/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= +golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ= +golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -440,8 +441,8 @@ golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81R golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g= -golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= +golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -501,19 +502,19 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ= -golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= +golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY= +golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= +golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -671,8 +672,8 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -k8s.io/klog/v2 v2.80.1 h1:atnLQ121W371wYYFawwYx1aEY2eUfs4l3J72wtgAwV4= -k8s.io/klog/v2 v2.80.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= +k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/vendor/github.com/go-logr/logr/README.md b/vendor/github.com/go-logr/logr/README.md index ad825f5f0..ab5931181 100644 --- a/vendor/github.com/go-logr/logr/README.md +++ b/vendor/github.com/go-logr/logr/README.md @@ -105,14 +105,18 @@ with higher verbosity means more (and less important) logs will be generated. There are implementations for the following logging libraries: - **a function** (can bridge to non-structured libraries): [funcr](https://github.com/go-logr/logr/tree/master/funcr) +- **a testing.T** (for use in Go tests, with JSON-like output): [testr](https://github.com/go-logr/logr/tree/master/testr) - **github.com/google/glog**: [glogr](https://github.com/go-logr/glogr) - **k8s.io/klog** (for Kubernetes): [klogr](https://git.k8s.io/klog/klogr) +- **a testing.T** (with klog-like text output): [ktesting](https://git.k8s.io/klog/ktesting) - **go.uber.org/zap**: [zapr](https://github.com/go-logr/zapr) - **log** (the Go standard library logger): [stdr](https://github.com/go-logr/stdr) - **github.com/sirupsen/logrus**: [logrusr](https://github.com/bombsimon/logrusr) - **github.com/wojas/genericr**: [genericr](https://github.com/wojas/genericr) (makes it easy to implement your own backend) - **logfmt** (Heroku style [logging](https://www.brandur.org/logfmt)): [logfmtr](https://github.com/iand/logfmtr) - **github.com/rs/zerolog**: [zerologr](https://github.com/go-logr/zerologr) +- **github.com/go-kit/log**: [gokitlogr](https://github.com/tonglil/gokitlogr) (also compatible with github.com/go-kit/kit/log since v0.12.0) +- **bytes.Buffer** (writing to a buffer): [bufrlogr](https://github.com/tonglil/buflogr) (useful for ensuring values were logged, like during testing) ## FAQ diff --git a/vendor/github.com/go-logr/logr/logr.go b/vendor/github.com/go-logr/logr/logr.go index 44cd398c9..c3b56b3d2 100644 --- a/vendor/github.com/go-logr/logr/logr.go +++ b/vendor/github.com/go-logr/logr/logr.go @@ -43,7 +43,9 @@ limitations under the License. // // Info() and Error() are very similar, but they are separate methods so that // LogSink implementations can choose to do things like attach additional -// information (such as stack traces) on calls to Error(). +// information (such as stack traces) on calls to Error(). Error() messages are +// always logged, regardless of the current verbosity. If there is no error +// instance available, passing nil is valid. // // Verbosity // @@ -53,6 +55,7 @@ limitations under the License. // Log-lines with V-levels that are not enabled (as per the LogSink) will not // be written. Level V(0) is the default, and logger.V(0).Info() has the same // meaning as logger.Info(). Negative V-levels have the same meaning as V(0). +// Error messages do not have a verbosity level and are always logged. // // Where we might have written: // if flVerbose >= 2 { @@ -112,6 +115,15 @@ limitations under the License. // may be any Go value, but how the value is formatted is determined by the // LogSink implementation. // +// Logger instances are meant to be passed around by value. Code that receives +// such a value can call its methods without having to check whether the +// instance is ready for use. +// +// Calling methods with the null logger (Logger{}) as instance will crash +// because it has no LogSink. Therefore this null logger should never be passed +// around. For cases where passing a logger is optional, a pointer to Logger +// should be used. +// // Key Naming Conventions // // Keys are not strictly required to conform to any specification or regex, but @@ -253,11 +265,13 @@ func (l Logger) Info(msg string, keysAndValues ...interface{}) { // Error logs an error, with the given message and key/value pairs as context. // It functions similarly to Info, but may have unique behavior, and should be // preferred for logging errors (see the package documentations for more -// information). +// information). The log message will always be emitted, regardless of +// verbosity level. // // The msg argument should be used to add context to any underlying error, // while the err argument should be used to attach the actual error that -// triggered this log line, if present. +// triggered this log line, if present. The err parameter is optional +// and nil may be passed instead of an error instance. func (l Logger) Error(err error, msg string, keysAndValues ...interface{}) { if withHelper, ok := l.sink.(CallStackHelperLogSink); ok { withHelper.GetCallStackHelper()() diff --git a/vendor/github.com/golang/protobuf/ptypes/timestamp/timestamp.pb.go b/vendor/github.com/golang/protobuf/ptypes/timestamp/timestamp.pb.go deleted file mode 100644 index a76f80760..000000000 --- a/vendor/github.com/golang/protobuf/ptypes/timestamp/timestamp.pb.go +++ /dev/null @@ -1,64 +0,0 @@ -// Code generated by protoc-gen-go. DO NOT EDIT. -// source: github.com/golang/protobuf/ptypes/timestamp/timestamp.proto - -package timestamp - -import ( - protoreflect "google.golang.org/protobuf/reflect/protoreflect" - protoimpl "google.golang.org/protobuf/runtime/protoimpl" - timestamppb "google.golang.org/protobuf/types/known/timestamppb" - reflect "reflect" -) - -// Symbols defined in public import of google/protobuf/timestamp.proto. - -type Timestamp = timestamppb.Timestamp - -var File_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto protoreflect.FileDescriptor - -var file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_rawDesc = []byte{ - 0x0a, 0x3b, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x6f, 0x6c, - 0x61, 0x6e, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x70, 0x74, 0x79, - 0x70, 0x65, 0x73, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2f, 0x74, 0x69, - 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1f, 0x67, - 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, - 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x42, 0x37, - 0x5a, 0x35, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x6f, 0x6c, - 0x61, 0x6e, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x70, 0x74, 0x79, - 0x70, 0x65, 0x73, 0x2f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x3b, 0x74, 0x69, - 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x50, 0x00, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x33, -} - -var file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_goTypes = []interface{}{} -var file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_depIdxs = []int32{ - 0, // [0:0] is the sub-list for method output_type - 0, // [0:0] is the sub-list for method input_type - 0, // [0:0] is the sub-list for extension type_name - 0, // [0:0] is the sub-list for extension extendee - 0, // [0:0] is the sub-list for field type_name -} - -func init() { file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_init() } -func file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_init() { - if File_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto != nil { - return - } - type x struct{} - out := protoimpl.TypeBuilder{ - File: protoimpl.DescBuilder{ - GoPackagePath: reflect.TypeOf(x{}).PkgPath(), - RawDescriptor: file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_rawDesc, - NumEnums: 0, - NumMessages: 0, - NumExtensions: 0, - NumServices: 0, - }, - GoTypes: file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_goTypes, - DependencyIndexes: file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_depIdxs, - }.Build() - File_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto = out.File - file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_rawDesc = nil - file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_goTypes = nil - file_github_com_golang_protobuf_ptypes_timestamp_timestamp_proto_depIdxs = nil -} diff --git a/vendor/github.com/google/certificate-transparency-go/.golangci.yaml b/vendor/github.com/google/certificate-transparency-go/.golangci.yaml index 34c803a8c..6cd9695e1 100644 --- a/vendor/github.com/google/certificate-transparency-go/.golangci.yaml +++ b/vendor/github.com/google/certificate-transparency-go/.golangci.yaml @@ -7,7 +7,7 @@ run: linters-settings: gocyclo: - min-complexity: 40 + min-complexity: 25 depguard: list-type: blacklist packages: @@ -16,23 +16,7 @@ linters-settings: - encoding/asn1 - crypto/x509 -linters: - disable-all: true - enable: - - deadcode - - depguard - - gocyclo - - gofmt - - goimports - - govet - - ineffassign - - megacheck - - misspell - - revive - - varcheck - # TODO(gbelvin): write license linter and commit to upstream. - # ./scripts/check_license.sh is run by ./scripts/presubmit.sh - issues: - # Don't turn off any checks by default. We can do this explicitly if needed. - exclude-use-default: false + exclude-use-default: false + exclude: + - "Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*printf?|os\\.(Un)?Setenv). is not checked" diff --git a/vendor/github.com/google/certificate-transparency-go/AUTHORS b/vendor/github.com/google/certificate-transparency-go/AUTHORS index 5b048dddf..942cec9b3 100644 --- a/vendor/github.com/google/certificate-transparency-go/AUTHORS +++ b/vendor/github.com/google/certificate-transparency-go/AUTHORS @@ -8,6 +8,7 @@ # # Please keep the list sorted. +Alex Cohn Comodo CA Limited Ed Maste Fiaz Hossain diff --git a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md index 813fc2221..4bff3ed0f 100644 --- a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md +++ b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md @@ -2,6 +2,54 @@ ## HEAD +## v1.1.6 + +## Dependency update + + * Bump Trillian to v1.5.2 + * Bump Prometheus to v0.43.1 + +## v1.1.5 + +### Public/Private Key Consistency + + * #1044: If a public key has been configured for a log, check that it is consistent with the private key. + * #1046: Ensure that no two logs in the CTFE configuration use the same private key. + +### Cleanup + + * Remove v2 log list package files. + + ### Misc + + * Updated golangci-lint to v1.51.1 (developers should update to this version). + * Bump Go version from 1.17 to 1.19. + +## v1.1.4 + +[Published 2022-10-21](https://github.com/google/certificate-transparency-go/releases/tag/v1.1.4) + +### Cleanup + + * Remove log list v1 package and its dependencies. + +### Migrillian + + * #960: Skip consistency check when root is size zero. + +### Misc + + * Update Trillian to [0a389c4](https://github.com/google/trillian/commit/0a389c4bb8d97fb3be8f55d7e5b428cf4304986f) + * Migrate loglist dependency from v1 to v3 in ctclient cmd. + * Migrate loglist dependency from v1 to v3 in ctutil/loginfo.go + * Migrate loglist dependency from v1 to v3 in ctutil/sctscan.go + * Migrate loglist dependency from v1 to v3 in trillian/integration/ct_hammer/main.go + * Downgrade 429 errors to verbosity 2 + +## v1.1.3 + +[Published 2022-05-14](https://github.com/google/certificate-transparency-go/releases/tag/v1.1.3) + ### Integration * Breaking change to API for `integration.HammerCTLog`: @@ -16,11 +64,6 @@ * `WithBalancerName` is deprecated and removed, using the recommended way. * `ctfe.PEMCertPool` type has been moved to `x509util.PEMCertPool` to reduce dependencies (#903). - * Remove log list v1 package and its dependencies. - -### Migrillian - -* #960: Skip consistency check when root is size zero. ### Misc @@ -29,14 +72,11 @@ * `ctclient` tool now uses Cobra for better CLI experience (#901). * #800: Remove dependency from `ratelimit`. * #927: Add read-only mode to CTFE config. - * Update Trillian to [0a389c4](https://github.com/google/trillian/commit/0a389c4bb8d97fb3be8f55d7e5b428cf4304986f) - * Migrate loglist dependency from v1 to v3 in ctclient cmd. - * Migrate loglist dependency from v1 to v3 in ctutil/loginfo.go - * Migrate loglist dependency from v1 to v3 in ctutil/sctscan.go - * Migrate loglist dependency from v1 to v3 in trillian/integration/ct_hammer/main.go ## v1.1.2 +[Published 2021-09-21](https://github.com/google/certificate-transparency-go/releases/tag/v1.1.2) + ### CTFE * Removed the `-by_range` flag. @@ -47,6 +87,7 @@ * protobuf to v2 ## v1.1.1 + [Published 2020-10-06](https://github.com/google/certificate-transparency-go/releases/tag/v1.1.1) ### Tools diff --git a/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS b/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS index e2c0451bf..4d04dc6a3 100644 --- a/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS +++ b/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS @@ -24,6 +24,7 @@ Adam Eijdenberg Al Cutter +Alex Cohn Ben Laurie Chris Kennelly David Drysdale diff --git a/vendor/github.com/google/certificate-transparency-go/README.md b/vendor/github.com/google/certificate-transparency-go/README.md index 7284bb86d..fc015ed70 100644 --- a/vendor/github.com/google/certificate-transparency-go/README.md +++ b/vendor/github.com/google/certificate-transparency-go/README.md @@ -1,19 +1,18 @@ # Certificate Transparency: Go Code -[![Build Status](https://travis-ci.org/google/certificate-transparency-go.svg?branch=master)](https://travis-ci.org/google/certificate-transparency-go) [![Go Report Card](https://goreportcard.com/badge/github.com/google/certificate-transparency-go)](https://goreportcard.com/report/github.com/google/certificate-transparency-go) [![GoDoc](https://godoc.org/github.com/google/certificate-transparency-go?status.svg)](https://godoc.org/github.com/google/certificate-transparency-go) +![CodeQL workflow](https://github.com/google/certificate-transparency-go/actions/workflows/codeql.yml/badge.svg) This repository holds Go code related to [Certificate Transparency](https://www.certificate-transparency.org/) (CT). The -repository requires Go version 1.17. +repository requires Go version 1.19. - [Repository Structure](#repository-structure) - [Trillian CT Personality](#trillian-ct-personality) - [Working on the Code](#working-on-the-code) - [Running Codebase Checks](#running-codebase-checks) - [Rebuilding Generated Code](#rebuilding-generated-code) - - [Updating Vendor Code](#updating-vendor-code) ## Repository Structure @@ -72,10 +71,7 @@ and is [documented separately](trillian/README.md). ## Working on the Code Developers who want to make changes to the codebase need some additional -dependencies and tools, described in the following sections. The -[Travis configuration](.travis.yml) for the codebase is also useful reference -for the required tools and scripts, as it may be more up-to-date than this -document. +dependencies and tools, described in the following sections. ### Running Codebase Checks @@ -85,7 +81,7 @@ pull requests for review. ```bash # Install golangci-lint -go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.46.1 +go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.51.1 # Run code generation, build, test and linters ./scripts/presubmit.sh @@ -111,7 +107,7 @@ the original files; if you do, you'll need to install the prerequisites: - tools written in `go` can be installed with a single run of `go install` (courtesy of [`tools.go`](./tools/tools.go) and `go.mod`). -- `protoc` tool: you'll need [version 3.12.4](https://github.com/protocolbuffers/protobuf/releases/tag/v3.12.4) installed, and `PATH` updated to include its `bin/` directory. +- `protoc` tool: you'll need [version 3.20.1](https://github.com/protocolbuffers/protobuf/releases/tag/v3.20.1) installed, and `PATH` updated to include its `bin/` directory. With tools installed, run the following: diff --git a/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go b/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go index 826b7253e..125cb4c79 100644 --- a/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go +++ b/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go @@ -14,7 +14,7 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.28.0 +// protoc-gen-go v1.28.1 // protoc v3.20.1 // source: client/configpb/multilog.proto diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml index 37610aae2..93888a209 100644 --- a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml +++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml @@ -23,6 +23,9 @@ substitutions: _CLUSTER_NAME: trillian-opensource-ci _MASTER_ZONE: us-central1-a +# Cloud Build logs sent to GCS bucket +logsBucket: 'gs://trillian-cloudbuild-logs' + steps: # First build a "ct_testbase" docker image which contains most of the tools we need for the later steps: - name: 'gcr.io/cloud-builders/docker' @@ -73,10 +76,13 @@ steps: go.etcd.io/etcd/v3 go.etcd.io/etcd/etcdctl/v3 \ github.com/fullstorydev/grpcurl/cmd/grpcurl + # Generate all protoc and mockgen files + go generate -run="protoc" ./... + go generate -run="mockgen" ./... # Cache all the modules we'll need too go mod download - go test -i ./... + go test ./... # Wait for trillian logserver to be up until nc -z deployment_trillian-log-server_1 8090; do echo .; sleep 5; done @@ -87,6 +93,7 @@ steps: id: 'default_test' env: - 'GOFLAGS=' + - 'PRESUBMIT_OPTS=--no-generate' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' waitFor: ['ci-ready'] @@ -95,7 +102,7 @@ steps: id: 'race_detection' env: - 'GOFLAGS=-race' - - 'PRESUBMIT_OPTS=--no-linters' + - 'PRESUBMIT_OPTS=--no-linters --no-generate' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' waitFor: ['ci-ready'] @@ -104,7 +111,7 @@ steps: id: 'etcd_with_coverage' env: - 'GOFLAGS=' - - 'PRESUBMIT_OPTS=--no-linters --coverage' + - 'PRESUBMIT_OPTS=--no-linters --no-generate --coverage' - 'WITH_ETCD=true' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' @@ -114,7 +121,7 @@ steps: id: 'etcd_with_race' env: - 'GOFLAGS=-race' - - 'PRESUBMIT_OPTS=--no-linters' + - 'PRESUBMIT_OPTS=--no-linters --no-generate' - 'WITH_ETCD=true' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' @@ -124,7 +131,7 @@ steps: id: 'with_pkcs11_and_race' env: - 'GOFLAGS=-race --tags=pkcs11' - - 'PRESUBMIT_OPTS=--no-linters' + - 'PRESUBMIT_OPTS=--no-linters --no-generate' - 'WITH_PKCS11=true' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml index 6b902c351..238c8eda4 100644 --- a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml +++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml @@ -23,6 +23,9 @@ substitutions: _CLUSTER_NAME: trillian-opensource-ci _MASTER_ZONE: us-central1-a +# Cloud Build logs sent to GCS bucket +logsBucket: 'gs://trillian-cloudbuild-logs' + steps: # First build a "ct_testbase" docker image which contains most of the tools we need for the later steps: - name: 'gcr.io/cloud-builders/docker' @@ -73,10 +76,13 @@ steps: go.etcd.io/etcd/v3 go.etcd.io/etcd/etcdctl/v3 \ github.com/fullstorydev/grpcurl/cmd/grpcurl + # Generate all protoc and mockgen files + go generate -run="protoc" ./... + go generate -run="mockgen" ./... # Cache all the modules we'll need too go mod download - go test -i ./... + go test ./... # Wait for trillian logserver to be up until nc -z deployment_trillian-log-server_1 8090; do echo .; sleep 5; done @@ -87,6 +93,7 @@ steps: id: 'default_test' env: - 'GOFLAGS=' + - 'PRESUBMIT_OPTS=--no-generate' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' waitFor: ['ci-ready'] @@ -95,7 +102,7 @@ steps: id: 'race_detection' env: - 'GOFLAGS=-race' - - 'PRESUBMIT_OPTS=--no-linters' + - 'PRESUBMIT_OPTS=--no-linters --no-generate' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' waitFor: ['ci-ready'] @@ -104,7 +111,7 @@ steps: id: 'etcd_with_coverage' env: - 'GOFLAGS=' - - 'PRESUBMIT_OPTS=--no-linters --coverage' + - 'PRESUBMIT_OPTS=--no-linters --no-generate --coverage' - 'WITH_ETCD=true' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' @@ -114,7 +121,7 @@ steps: id: 'etcd_with_race' env: - 'GOFLAGS=-race' - - 'PRESUBMIT_OPTS=--no-linters' + - 'PRESUBMIT_OPTS=--no-linters --no-generate' - 'WITH_ETCD=true' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' @@ -124,7 +131,7 @@ steps: id: 'with_pkcs11_and_race' env: - 'GOFLAGS=-race --tags=pkcs11' - - 'PRESUBMIT_OPTS=--no-linters' + - 'PRESUBMIT_OPTS=--no-linters --no-generate' - 'WITH_PKCS11=true' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml index 33585255f..f1182ecd9 100644 --- a/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml +++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml @@ -23,6 +23,9 @@ substitutions: _CLUSTER_NAME: trillian-opensource-ci _MASTER_ZONE: us-central1-a +# Cloud Build logs sent to GCS bucket +logsBucket: 'gs://trillian-cloudbuild-logs' + steps: # First build a "ct_testbase" docker image which contains most of the tools we need for the later steps: - name: 'gcr.io/cloud-builders/docker' @@ -73,10 +76,13 @@ steps: go.etcd.io/etcd/v3 go.etcd.io/etcd/etcdctl/v3 \ github.com/fullstorydev/grpcurl/cmd/grpcurl + # Generate all protoc and mockgen files + go generate -run="protoc" ./... + go generate -run="mockgen" ./... # Cache all the modules we'll need too go mod download - go test -i ./... + go test ./... # Wait for trillian logserver to be up until nc -z deployment_trillian-log-server_1 8090; do echo .; sleep 5; done @@ -87,6 +93,7 @@ steps: id: 'default_test' env: - 'GOFLAGS=' + - 'PRESUBMIT_OPTS=--no-generate' - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090' - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090' waitFor: ['ci-ready'] diff --git a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go index c3cf8515d..46d5dde80 100644 --- a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go +++ b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go @@ -12,6 +12,8 @@ // See the License for the specific language governing permissions and // limitations under the License. +// Package jsonclient provides a simple client for fetching and parsing +// JSON CT structures from a log. package jsonclient import ( diff --git a/vendor/github.com/google/certificate-transparency-go/tls/signature.go b/vendor/github.com/google/certificate-transparency-go/tls/signature.go index c02b29827..bc174df21 100644 --- a/vendor/github.com/google/certificate-transparency-go/tls/signature.go +++ b/vendor/github.com/google/certificate-transparency-go/tls/signature.go @@ -89,7 +89,7 @@ func VerifySignature(pubKey crypto.PublicKey, data []byte, sig DigitallySigned) return fmt.Errorf("failed to unmarshal DSA signature: %v", err) } if len(rest) != 0 { - log.Printf("Garbage following signature %v", rest) + log.Printf("Garbage following signature %q", rest) } if dsaSig.R.Sign() <= 0 || dsaSig.S.Sign() <= 0 { return errors.New("DSA signature contained zero or negative values") @@ -108,7 +108,7 @@ func VerifySignature(pubKey crypto.PublicKey, data []byte, sig DigitallySigned) return fmt.Errorf("failed to unmarshal ECDSA signature: %v", err) } if len(rest) != 0 { - log.Printf("Garbage following signature %v", rest) + log.Printf("Garbage following signature %q", rest) } if ecdsaSig.R.Sign() <= 0 || ecdsaSig.S.Sign() <= 0 { return errors.New("ECDSA signature contained zero or negative values") diff --git a/vendor/github.com/mattn/go-sqlite3/README.md b/vendor/github.com/mattn/go-sqlite3/README.md index e455133fc..931b02e3e 100644 --- a/vendor/github.com/mattn/go-sqlite3/README.md +++ b/vendor/github.com/mattn/go-sqlite3/README.md @@ -1,7 +1,7 @@ go-sqlite3 ========== -[![GoDoc Reference](https://godoc.org/github.com/mattn/go-sqlite3?status.svg)](http://godoc.org/github.com/mattn/go-sqlite3) +[![Go Reference](https://pkg.go.dev/badge/github.com/mattn/go-sqlite3.svg)](https://pkg.go.dev/github.com/mattn/go-sqlite3) [![GitHub Actions](https://github.com/mattn/go-sqlite3/workflows/Go/badge.svg)](https://github.com/mattn/go-sqlite3/actions?query=workflow%3AGo) [![Financial Contributors on Open Collective](https://opencollective.com/mattn-go-sqlite3/all/badge.svg?label=financial+contributors)](https://opencollective.com/mattn-go-sqlite3) [![codecov](https://codecov.io/gh/mattn/go-sqlite3/branch/master/graph/badge.svg)](https://codecov.io/gh/mattn/go-sqlite3) @@ -172,15 +172,18 @@ go build --tags "icu json1 fts5 secure_delete" | International Components for Unicode | sqlite_icu | This option causes the International Components for Unicode or "ICU" extension to SQLite to be added to the build | | Introspect PRAGMAS | sqlite_introspect | This option adds some extra PRAGMA statements.
  • PRAGMA function_list
  • PRAGMA module_list
  • PRAGMA pragma_list
| | JSON SQL Functions | sqlite_json | When this option is defined in the amalgamation, the JSON SQL functions are added to the build automatically | +| Math Functions | sqlite_math_functions | This compile-time option enables built-in scalar math functions. For more information see [Built-In Mathematical SQL Functions](https://www.sqlite.org/lang_mathfunc.html) | +| OS Trace | sqlite_os_trace | This option enables OSTRACE() debug logging. This can be verbose and should not be used in production. | | Pre Update Hook | sqlite_preupdate_hook | Registers a callback function that is invoked prior to each INSERT, UPDATE, and DELETE operation on a database table. | | Secure Delete | sqlite_secure_delete | This compile-time option changes the default setting of the secure_delete pragma.

When this option is not used, secure_delete defaults to off. When this option is present, secure_delete defaults to on.

The secure_delete setting causes deleted content to be overwritten with zeros. There is a small performance penalty since additional I/O must occur.

On the other hand, secure_delete can prevent fragments of sensitive information from lingering in unused parts of the database file after it has been deleted. See the documentation on the secure_delete pragma for additional information | | Secure Delete (FAST) | sqlite_secure_delete_fast | For more information see [PRAGMA secure_delete](https://www.sqlite.org/pragma.html#pragma_secure_delete) | | Tracing / Debug | sqlite_trace | Activate trace functions | | User Authentication | sqlite_userauth | SQLite User Authentication see [User Authentication](#user-authentication) for more information. | +| Virtual Tables | sqlite_vtable | SQLite Virtual Tables see [SQLite Official VTABLE Documentation](https://www.sqlite.org/vtab.html) for more information, and a [full example here](https://github.com/mattn/go-sqlite3/tree/master/_example/vtable) | # Compilation -This package requires the `CGO_ENABLED=1` ennvironment variable if not set by default, and the presence of the `gcc` compiler. +This package requires the `CGO_ENABLED=1` environment variable if not set by default, and the presence of the `gcc` compiler. If you need to add additional CFLAGS or LDFLAGS to the build command, and do not want to modify this package, then this can be achieved by using the `CGO_CFLAGS` and `CGO_LDFLAGS` environment variables. @@ -216,14 +219,13 @@ This library can be cross-compiled. In some cases you are required to the `CC` environment variable with the cross compiler. ## Cross Compiling from MAC OSX -The simplest way to cross compile from OSX is to use [xgo](https://github.com/karalabe/xgo). +The simplest way to cross compile from OSX is to use [musl-cross](https://github.com/FiloSottile/homebrew-musl-cross). Steps: -- Install [xgo](https://github.com/karalabe/xgo) (`go get github.com/karalabe/xgo`). -- Ensure that your project is within your `GOPATH`. -- Run `xgo local/path/to/project`. +- Install [musl-cross](https://github.com/FiloSottile/homebrew-musl-cross) (`brew install FiloSottile/musl-cross/musl-cross`). +- Run `CC=x86_64-linux-musl-gcc CXX=x86_64-linux-musl-g++ GOARCH=amd64 GOOS=linux CGO_ENABLED=1 go build -ldflags "-linkmode external -extldflags -static"`. -Please refer to the project's [README](https://github.com/karalabe/xgo/blob/master/README.md) for further information. +Please refer to the project's [README](https://github.com/FiloSottile/homebrew-musl-cross#readme) for further information. # Google Cloud Platform diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c index df04099d8..dd05f5751 100644 --- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c +++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c @@ -1,7 +1,7 @@ #ifndef USE_LIBSQLITE3 /****************************************************************************** ** This file is an amalgamation of many separate C source files from SQLite -** version 3.39.2. By combining all the individual C code files into this +** version 3.39.4. By combining all the individual C code files into this ** single large file, the entire code can be compiled as a single translation ** unit. This allows many compilers to do optimizations that would not be ** possible if the files were compiled separately. Performance improvements @@ -453,9 +453,9 @@ extern "C" { ** [sqlite3_libversion_number()], [sqlite3_sourceid()], ** [sqlite_version()] and [sqlite_source_id()]. */ -#define SQLITE_VERSION "3.39.2" -#define SQLITE_VERSION_NUMBER 3039002 -#define SQLITE_SOURCE_ID "2022-07-21 15:24:47 698edb77537b67c41adc68f9b892db56bcf9a55e00371a61420f3ddd668e6603" +#define SQLITE_VERSION "3.39.4" +#define SQLITE_VERSION_NUMBER 3039004 +#define SQLITE_SOURCE_ID "2022-09-29 15:55:41 a29f9949895322123f7c38fbe94c649a9d6e6c9cd0c3b41c96d694552f26b309" /* ** CAPI3REF: Run-Time Library Version Numbers @@ -13145,6 +13145,11 @@ struct fts5_api { /************** End of sqlite3.h *********************************************/ /************** Continuing where we left off in sqliteInt.h ******************/ +/* +** Reuse the STATIC_LRU for mutex access to sqlite3_temp_directory. +*/ +#define SQLITE_MUTEX_STATIC_TEMPDIR SQLITE_MUTEX_STATIC_VFS1 + /* ** Include the configuration header output by 'configure' if we're using the ** autoconf-based build @@ -29564,8 +29569,13 @@ SQLITE_PRIVATE void *sqlite3OomFault(sqlite3 *db){ } DisableLookaside; if( db->pParse ){ + Parse *pParse; sqlite3ErrorMsg(db->pParse, "out of memory"); db->pParse->rc = SQLITE_NOMEM_BKPT; + for(pParse=db->pParse->pOuterParse; pParse; pParse = pParse->pOuterParse){ + pParse->nErr++; + pParse->rc = SQLITE_NOMEM; + } } } return 0; @@ -33460,7 +33470,7 @@ SQLITE_PRIVATE void sqlite3ErrorMsg(Parse *pParse, const char *zFormat, ...){ va_list ap; sqlite3 *db = pParse->db; assert( db!=0 ); - assert( db->pParse==pParse ); + assert( db->pParse==pParse || db->pParse->pToplevel==pParse ); db->errByteOffset = -2; va_start(ap, zFormat); zMsg = sqlite3VMPrintf(db, zFormat, ap); @@ -41321,6 +41331,7 @@ static const char *unixTempFileDir(void){ static int unixGetTempname(int nBuf, char *zBuf){ const char *zDir; int iLimit = 0; + int rc = SQLITE_OK; /* It's odd to simulate an io-error here, but really this is just ** using the io-error infrastructure to test that SQLite handles this @@ -41329,18 +41340,26 @@ static int unixGetTempname(int nBuf, char *zBuf){ zBuf[0] = 0; SimulateIOError( return SQLITE_IOERR ); + sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); zDir = unixTempFileDir(); - if( zDir==0 ) return SQLITE_IOERR_GETTEMPPATH; - do{ - u64 r; - sqlite3_randomness(sizeof(r), &r); - assert( nBuf>2 ); - zBuf[nBuf-2] = 0; - sqlite3_snprintf(nBuf, zBuf, "%s/"SQLITE_TEMP_FILE_PREFIX"%llx%c", - zDir, r, 0); - if( zBuf[nBuf-2]!=0 || (iLimit++)>10 ) return SQLITE_ERROR; - }while( osAccess(zBuf,0)==0 ); - return SQLITE_OK; + if( zDir==0 ){ + rc = SQLITE_IOERR_GETTEMPPATH; + }else{ + do{ + u64 r; + sqlite3_randomness(sizeof(r), &r); + assert( nBuf>2 ); + zBuf[nBuf-2] = 0; + sqlite3_snprintf(nBuf, zBuf, "%s/"SQLITE_TEMP_FILE_PREFIX"%llx%c", + zDir, r, 0); + if( zBuf[nBuf-2]!=0 || (iLimit++)>10 ){ + rc = SQLITE_ERROR; + break; + } + }while( osAccess(zBuf,0)==0 ); + } + sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); + return rc; } #if SQLITE_ENABLE_LOCKING_STYLE && defined(__APPLE__) @@ -45479,10 +45498,12 @@ SQLITE_API int sqlite3_win32_set_directory8( const char *zValue /* New value for directory being set or reset */ ){ char **ppDirectory = 0; + int rc; #ifndef SQLITE_OMIT_AUTOINIT - int rc = sqlite3_initialize(); + rc = sqlite3_initialize(); if( rc ) return rc; #endif + sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); if( type==SQLITE_WIN32_DATA_DIRECTORY_TYPE ){ ppDirectory = &sqlite3_data_directory; }else if( type==SQLITE_WIN32_TEMP_DIRECTORY_TYPE ){ @@ -45497,14 +45518,19 @@ SQLITE_API int sqlite3_win32_set_directory8( if( zValue && zValue[0] ){ zCopy = sqlite3_mprintf("%s", zValue); if ( zCopy==0 ){ - return SQLITE_NOMEM_BKPT; + rc = SQLITE_NOMEM_BKPT; + goto set_directory8_done; } } sqlite3_free(*ppDirectory); *ppDirectory = zCopy; - return SQLITE_OK; + rc = SQLITE_OK; + }else{ + rc = SQLITE_ERROR; } - return SQLITE_ERROR; +set_directory8_done: + sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); + return rc; } /* @@ -48278,6 +48304,18 @@ static int winMakeEndInDirSep(int nBuf, char *zBuf){ return 0; } +/* +** If sqlite3_temp_directory is not, take the mutex and return true. +** +** If sqlite3_temp_directory is NULL, omit the mutex and return false. +*/ +static int winTempDirDefined(void){ + sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); + if( sqlite3_temp_directory!=0 ) return 1; + sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); + return 0; +} + /* ** Create a temporary file name and store the resulting pointer into pzBuf. ** The pointer returned in pzBuf must be freed via sqlite3_free(). @@ -48314,20 +48352,23 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){ */ nDir = nMax - (nPre + 15); assert( nDir>0 ); - if( sqlite3_temp_directory ){ + if( winTempDirDefined() ){ int nDirLen = sqlite3Strlen30(sqlite3_temp_directory); if( nDirLen>0 ){ if( !winIsDirSep(sqlite3_temp_directory[nDirLen-1]) ){ nDirLen++; } if( nDirLen>nDir ){ + sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); sqlite3_free(zBuf); OSTRACE(("TEMP-FILENAME rc=SQLITE_ERROR\n")); return winLogError(SQLITE_ERROR, 0, "winGetTempname1", 0); } sqlite3_snprintf(nMax, zBuf, "%s", sqlite3_temp_directory); } + sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); } + #if defined(__CYGWIN__) else{ static const char *azDirs[] = { @@ -49116,7 +49157,7 @@ static BOOL winIsVerbatimPathname( ** pathname into zOut[]. zOut[] will be at least pVfs->mxPathname ** bytes in size. */ -static int winFullPathname( +static int winFullPathnameNoMutex( sqlite3_vfs *pVfs, /* Pointer to vfs object */ const char *zRelative, /* Possibly relative input path */ int nFull, /* Size of output buffer in bytes */ @@ -49295,6 +49336,19 @@ static int winFullPathname( } #endif } +static int winFullPathname( + sqlite3_vfs *pVfs, /* Pointer to vfs object */ + const char *zRelative, /* Possibly relative input path */ + int nFull, /* Size of output buffer in bytes */ + char *zFull /* Output buffer */ +){ + int rc; + sqlite3_mutex *pMutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR); + sqlite3_mutex_enter(pMutex); + rc = winFullPathnameNoMutex(pVfs, zRelative, nFull, zFull); + sqlite3_mutex_leave(pMutex); + return rc; +} #ifndef SQLITE_OMIT_LOAD_EXTENSION /* @@ -51639,14 +51693,24 @@ SQLITE_PRIVATE void sqlite3PcacheClearSyncFlags(PCache *pCache){ */ SQLITE_PRIVATE void sqlite3PcacheMove(PgHdr *p, Pgno newPgno){ PCache *pCache = p->pCache; + sqlite3_pcache_page *pOther; assert( p->nRef>0 ); assert( newPgno>0 ); assert( sqlite3PcachePageSanity(p) ); pcacheTrace(("%p.MOVE %d -> %d\n",pCache,p->pgno,newPgno)); + pOther = sqlite3GlobalConfig.pcache2.xFetch(pCache->pCache, newPgno, 0); + if( pOther ){ + PgHdr *pXPage = (PgHdr*)pOther->pExtra; + assert( pXPage->nRef==0 ); + pXPage->nRef++; + pCache->nRefSum++; + sqlite3PcacheDrop(pXPage); + } sqlite3GlobalConfig.pcache2.xRekey(pCache->pCache, p->pPage, p->pgno,newPgno); p->pgno = newPgno; if( (p->flags&PGHDR_DIRTY) && (p->flags&PGHDR_NEED_SYNC) ){ pcacheManageDirtyList(p, PCACHE_DIRTYLIST_FRONT); + assert( sqlite3PcachePageSanity(p) ); } } @@ -53028,23 +53092,26 @@ static void pcache1Rekey( PCache1 *pCache = (PCache1 *)p; PgHdr1 *pPage = (PgHdr1 *)pPg; PgHdr1 **pp; - unsigned int h; + unsigned int hOld, hNew; assert( pPage->iKey==iOld ); assert( pPage->pCache==pCache ); + assert( iOld!=iNew ); /* The page number really is changing */ pcache1EnterMutex(pCache->pGroup); - h = iOld%pCache->nHash; - pp = &pCache->apHash[h]; + assert( pcache1FetchNoMutex(p, iOld, 0)==pPage ); /* pPg really is iOld */ + hOld = iOld%pCache->nHash; + pp = &pCache->apHash[hOld]; while( (*pp)!=pPage ){ pp = &(*pp)->pNext; } *pp = pPage->pNext; - h = iNew%pCache->nHash; + assert( pcache1FetchNoMutex(p, iNew, 0)==0 ); /* iNew not in cache */ + hNew = iNew%pCache->nHash; pPage->iKey = iNew; - pPage->pNext = pCache->apHash[h]; - pCache->apHash[h] = pPage; + pPage->pNext = pCache->apHash[hNew]; + pCache->apHash[hNew] = pPage; if( iNew>pCache->iMaxKey ){ pCache->iMaxKey = iNew; } @@ -59677,6 +59744,7 @@ static int pager_open_journal(Pager *pPager){ if( rc!=SQLITE_OK ){ sqlite3BitvecDestroy(pPager->pInJournal); pPager->pInJournal = 0; + pPager->journalOff = 0; }else{ assert( pPager->eState==PAGER_WRITER_LOCKED ); pPager->eState = PAGER_WRITER_CACHEMOD; @@ -61232,7 +61300,7 @@ SQLITE_PRIVATE int sqlite3PagerGetJournalMode(Pager *pPager){ SQLITE_PRIVATE int sqlite3PagerOkToChangeJournalMode(Pager *pPager){ assert( assert_pager_state(pPager) ); if( pPager->eState>=PAGER_WRITER_CACHEMOD ) return 0; - if( NEVER(isOpen(pPager->jfd) && pPager->journalOff>0) ) return 0; + if( isOpen(pPager->jfd) && pPager->journalOff>0 ) return 0; return 1; } @@ -68347,7 +68415,7 @@ static int defragmentPage(MemPage *pPage, int nMaxFrag){ if( iFree2+sz2 > usableSize ) return SQLITE_CORRUPT_PAGE(pPage); memmove(&data[iFree+sz+sz2], &data[iFree+sz], iFree2-(iFree+sz)); sz += sz2; - }else if( NEVER(iFree+sz>usableSize) ){ + }else if( iFree+sz>usableSize ){ return SQLITE_CORRUPT_PAGE(pPage); } @@ -74703,8 +74771,6 @@ static int balance_nonroot( Pgno pgno; /* Temp var to store a page number in */ u8 abDone[NB+2]; /* True after i'th new page is populated */ Pgno aPgno[NB+2]; /* Page numbers of new pages before shuffling */ - Pgno aPgOrder[NB+2]; /* Copy of aPgno[] used for sorting pages */ - u16 aPgFlags[NB+2]; /* flags field of new pages before shuffling */ CellArray b; /* Parsed information on cells being balanced */ memset(abDone, 0, sizeof(abDone)); @@ -75128,42 +75194,39 @@ static int balance_nonroot( ** of the table is closer to a linear scan through the file. That in turn ** helps the operating system to deliver pages from the disk more rapidly. ** - ** An O(n^2) insertion sort algorithm is used, but since n is never more - ** than (NB+2) (a small constant), that should not be a problem. + ** An O(N*N) sort algorithm is used, but since N is never more than NB+2 + ** (5), that is not a performance concern. ** ** When NB==3, this one optimization makes the database about 25% faster ** for large insertions and deletions. */ for(i=0; ipgno; - aPgFlags[i] = apNew[i]->pDbPage->flags; - for(j=0; jpgno; + assert( apNew[i]->pDbPage->flags & PGHDR_WRITEABLE ); + assert( apNew[i]->pDbPage->flags & PGHDR_DIRTY ); } - for(i=0; ipgno < apNew[iB]->pgno ) iB = j; } - pgno = aPgOrder[iBest]; - aPgOrder[iBest] = 0xffffffff; - if( iBest!=i ){ - if( iBest>i ){ - sqlite3PagerRekey(apNew[iBest]->pDbPage, pBt->nPage+iBest+1, 0); - } - sqlite3PagerRekey(apNew[i]->pDbPage, pgno, aPgFlags[iBest]); - apNew[i]->pgno = pgno; + + /* If apNew[i] has a page number that is bigger than any of the + ** subsequence apNew[i] entries, then swap apNew[i] with the subsequent + ** entry that has the smallest page number (which we know to be + ** entry apNew[iB]). + */ + if( iB!=i ){ + Pgno pgnoA = apNew[i]->pgno; + Pgno pgnoB = apNew[iB]->pgno; + Pgno pgnoTemp = (PENDING_BYTE/pBt->pageSize)+1; + u16 fgA = apNew[i]->pDbPage->flags; + u16 fgB = apNew[iB]->pDbPage->flags; + sqlite3PagerRekey(apNew[i]->pDbPage, pgnoTemp, fgB); + sqlite3PagerRekey(apNew[iB]->pDbPage, pgnoA, fgA); + sqlite3PagerRekey(apNew[i]->pDbPage, pgnoB, fgB); + apNew[i]->pgno = pgnoB; + apNew[iB]->pgno = pgnoA; } } @@ -81036,6 +81099,7 @@ SQLITE_PRIVATE int sqlite3VdbeAddFunctionCall( addr = sqlite3VdbeAddOp4(v, eCallCtx ? OP_PureFunc : OP_Function, p1, p2, p3, (char*)pCtx, P4_FUNCCTX); sqlite3VdbeChangeP5(v, eCallCtx & NC_SelfRef); + sqlite3MayAbort(pParse); return addr; } @@ -81371,6 +81435,7 @@ SQLITE_PRIVATE int sqlite3VdbeAssertMayAbort(Vdbe *v, int mayAbort){ || opcode==OP_VDestroy || opcode==OP_VCreate || opcode==OP_ParseSchema + || opcode==OP_Function || opcode==OP_PureFunc || ((opcode==OP_Halt || opcode==OP_HaltIfNull) && ((pOp->p1)!=SQLITE_OK && pOp->p2==OE_Abort)) ){ @@ -132705,6 +132770,7 @@ SQLITE_PRIVATE void sqlite3Pragma( ** */ case PragTyp_TEMP_STORE_DIRECTORY: { + sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); if( !zRight ){ returnSingleText(v, sqlite3_temp_directory); }else{ @@ -132714,6 +132780,7 @@ SQLITE_PRIVATE void sqlite3Pragma( rc = sqlite3OsAccess(db->pVfs, zRight, SQLITE_ACCESS_READWRITE, &res); if( rc!=SQLITE_OK || res==0 ){ sqlite3ErrorMsg(pParse, "not a writable directory"); + sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); goto pragma_out; } } @@ -132731,6 +132798,7 @@ SQLITE_PRIVATE void sqlite3Pragma( } #endif /* SQLITE_OMIT_WSD */ } + sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); break; } @@ -132749,6 +132817,7 @@ SQLITE_PRIVATE void sqlite3Pragma( ** */ case PragTyp_DATA_STORE_DIRECTORY: { + sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); if( !zRight ){ returnSingleText(v, sqlite3_data_directory); }else{ @@ -132758,6 +132827,7 @@ SQLITE_PRIVATE void sqlite3Pragma( rc = sqlite3OsAccess(db->pVfs, zRight, SQLITE_ACCESS_READWRITE, &res); if( rc!=SQLITE_OK || res==0 ){ sqlite3ErrorMsg(pParse, "not a writable directory"); + sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); goto pragma_out; } } @@ -132769,6 +132839,7 @@ SQLITE_PRIVATE void sqlite3Pragma( } #endif /* SQLITE_OMIT_WSD */ } + sqlite3_mutex_leave(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR)); break; } #endif @@ -137214,7 +137285,7 @@ static void generateSortTail( if( addrOnce ) sqlite3VdbeJumpHere(v, addrOnce); addr = 1 + sqlite3VdbeAddOp2(v, OP_SorterSort, iTab, addrBreak); VdbeCoverage(v); - codeOffset(v, p->iOffset, addrContinue); + assert( p->iLimit==0 && p->iOffset==0 ); sqlite3VdbeAddOp3(v, OP_SorterData, iTab, regSortOut, iSortTab); bSeq = 0; }else{ @@ -137222,6 +137293,9 @@ static void generateSortTail( codeOffset(v, p->iOffset, addrContinue); iSortTab = iTab; bSeq = 1; + if( p->iOffset>0 ){ + sqlite3VdbeAddOp2(v, OP_AddImm, p->iLimit, -1); + } } for(i=0, iCol=nKey+bSeq-1; ipPrior ){ - sqlite3SelectDelete(db, pSplit->pPrior); + sqlite3ParserAddCleanup(pParse, + (void(*)(sqlite3*,void*))sqlite3SelectDelete, pSplit->pPrior); } pSplit->pPrior = pPrior; pPrior->pNext = pSplit; @@ -140736,6 +140811,7 @@ static Table *isSimpleCount(Select *p, AggInfo *pAggInfo){ || p->pSrc->nSrc!=1 || p->pSrc->a[0].pSelect || pAggInfo->nFunc!=1 + || p->pHaving ){ return 0; } @@ -143973,6 +144049,23 @@ SQLITE_PRIVATE void sqlite3FinishTrigger( Vdbe *v; char *z; + /* If this is a new CREATE TABLE statement, and if shadow tables + ** are read-only, and the trigger makes a change to a shadow table, + ** then raise an error - do not allow the trigger to be created. */ + if( sqlite3ReadOnlyShadowTables(db) ){ + TriggerStep *pStep; + for(pStep=pTrig->step_list; pStep; pStep=pStep->pNext){ + if( pStep->zTarget!=0 + && sqlite3ShadowTableName(db, pStep->zTarget) + ){ + sqlite3ErrorMsg(pParse, + "trigger \"%s\" may not write to shadow table \"%s\"", + pTrig->zName, pStep->zTarget); + goto triggerfinish_cleanup; + } + } + } + /* Make an entry in the sqlite_schema table */ v = sqlite3GetVdbe(pParse); if( v==0 ) goto triggerfinish_cleanup; @@ -149784,7 +149877,8 @@ static int codeEqualityTerm( } sqlite3ExprDelete(db, pX); }else{ - aiMap = (int*)sqlite3DbMallocZero(pParse->db, sizeof(int)*nEq); + int n = sqlite3ExprVectorSize(pX->pLeft); + aiMap = (int*)sqlite3DbMallocZero(pParse->db, sizeof(int)*MAX(nEq,n)); eType = sqlite3FindInIndex(pParse, pX, IN_INDEX_LOOP, 0, aiMap, &iTab); } pX = pExpr; @@ -176937,7 +177031,7 @@ struct Fts3MultiSegReader { int nAdvance; /* How many seg-readers to advance */ Fts3SegFilter *pFilter; /* Pointer to filter object */ char *aBuffer; /* Buffer to merge doclists in */ - int nBuffer; /* Allocated size of aBuffer[] in bytes */ + i64 nBuffer; /* Allocated size of aBuffer[] in bytes */ int iColFilter; /* If >=0, filter for this column */ int bRestart; @@ -179633,7 +179727,7 @@ static int fts3TermSelectMerge( ** ** Similar padding is added in the fts3DoclistOrMerge() function. */ - pTS->aaOutput[0] = sqlite3_malloc(nDoclist + FTS3_VARINT_MAX + 1); + pTS->aaOutput[0] = sqlite3_malloc64((i64)nDoclist + FTS3_VARINT_MAX + 1); pTS->anOutput[0] = nDoclist; if( pTS->aaOutput[0] ){ memcpy(pTS->aaOutput[0], aDoclist, nDoclist); @@ -181121,7 +181215,7 @@ static int fts3EvalDeferredPhrase(Fts3Cursor *pCsr, Fts3Phrase *pPhrase){ nDistance = iPrev - nMaxUndeferred; } - aOut = (char *)sqlite3_malloc(nPoslist+8); + aOut = (char *)sqlite3Fts3MallocZero(nPoslist+FTS3_BUFFER_PADDING); if( !aOut ){ sqlite3_free(aPoslist); return SQLITE_NOMEM; @@ -181490,7 +181584,7 @@ static int fts3EvalIncrPhraseNext( if( bEof==0 ){ int nList = 0; int nByte = a[p->nToken-1].nList; - char *aDoclist = sqlite3_malloc(nByte+FTS3_BUFFER_PADDING); + char *aDoclist = sqlite3_malloc64((i64)nByte+FTS3_BUFFER_PADDING); if( !aDoclist ) return SQLITE_NOMEM; memcpy(aDoclist, a[p->nToken-1].pList, nByte+1); memset(&aDoclist[nByte], 0, FTS3_BUFFER_PADDING); @@ -185726,7 +185820,7 @@ static int porterNext( if( n>c->nAllocated ){ char *pNew; c->nAllocated = n+20; - pNew = sqlite3_realloc(c->zToken, c->nAllocated); + pNew = sqlite3_realloc64(c->zToken, c->nAllocated); if( !pNew ) return SQLITE_NOMEM; c->zToken = pNew; } @@ -186478,7 +186572,7 @@ static int simpleNext( if( n>c->nTokenAllocated ){ char *pNew; c->nTokenAllocated = n+20; - pNew = sqlite3_realloc(c->pToken, c->nTokenAllocated); + pNew = sqlite3_realloc64(c->pToken, c->nTokenAllocated); if( !pNew ) return SQLITE_NOMEM; c->pToken = pNew; } @@ -187640,7 +187734,7 @@ static int fts3PendingListAppendVarint( /* Allocate or grow the PendingList as required. */ if( !p ){ - p = sqlite3_malloc(sizeof(*p) + 100); + p = sqlite3_malloc64(sizeof(*p) + 100); if( !p ){ return SQLITE_NOMEM; } @@ -187649,14 +187743,14 @@ static int fts3PendingListAppendVarint( p->nData = 0; } else if( p->nData+FTS3_VARINT_MAX+1>p->nSpace ){ - int nNew = p->nSpace * 2; - p = sqlite3_realloc(p, sizeof(*p) + nNew); + i64 nNew = p->nSpace * 2; + p = sqlite3_realloc64(p, sizeof(*p) + nNew); if( !p ){ sqlite3_free(*pp); *pp = 0; return SQLITE_NOMEM; } - p->nSpace = nNew; + p->nSpace = (int)nNew; p->aData = (char *)&p[1]; } @@ -188213,7 +188307,7 @@ SQLITE_PRIVATE int sqlite3Fts3ReadBlock( int nByte = sqlite3_blob_bytes(p->pSegments); *pnBlob = nByte; if( paBlob ){ - char *aByte = sqlite3_malloc(nByte + FTS3_NODE_PADDING); + char *aByte = sqlite3_malloc64((i64)nByte + FTS3_NODE_PADDING); if( !aByte ){ rc = SQLITE_NOMEM; }else{ @@ -188330,7 +188424,7 @@ static int fts3SegReaderNext( int nTerm = fts3HashKeysize(pElem); if( (nTerm+1)>pReader->nTermAlloc ){ sqlite3_free(pReader->zTerm); - pReader->zTerm = (char*)sqlite3_malloc((nTerm+1)*2); + pReader->zTerm = (char*)sqlite3_malloc64(((i64)nTerm+1)*2); if( !pReader->zTerm ) return SQLITE_NOMEM; pReader->nTermAlloc = (nTerm+1)*2; } @@ -188338,7 +188432,7 @@ static int fts3SegReaderNext( pReader->zTerm[nTerm] = '\0'; pReader->nTerm = nTerm; - aCopy = (char*)sqlite3_malloc(nCopy); + aCopy = (char*)sqlite3_malloc64(nCopy); if( !aCopy ) return SQLITE_NOMEM; memcpy(aCopy, pList->aData, nCopy); pReader->nNode = pReader->nDoclist = nCopy; @@ -188625,7 +188719,7 @@ SQLITE_PRIVATE int sqlite3Fts3SegReaderNew( nExtra = nRoot + FTS3_NODE_PADDING; } - pReader = (Fts3SegReader *)sqlite3_malloc(sizeof(Fts3SegReader) + nExtra); + pReader = (Fts3SegReader *)sqlite3_malloc64(sizeof(Fts3SegReader) + nExtra); if( !pReader ){ return SQLITE_NOMEM; } @@ -188717,7 +188811,7 @@ SQLITE_PRIVATE int sqlite3Fts3SegReaderPending( if( nElem==nAlloc ){ Fts3HashElem **aElem2; nAlloc += 16; - aElem2 = (Fts3HashElem **)sqlite3_realloc( + aElem2 = (Fts3HashElem **)sqlite3_realloc64( aElem, nAlloc*sizeof(Fts3HashElem *) ); if( !aElem2 ){ @@ -189051,7 +189145,7 @@ static int fts3NodeAddTerm( ** this is not expected to be a serious problem. */ assert( pTree->aData==(char *)&pTree[1] ); - pTree->aData = (char *)sqlite3_malloc(nReq); + pTree->aData = (char *)sqlite3_malloc64(nReq); if( !pTree->aData ){ return SQLITE_NOMEM; } @@ -189069,7 +189163,7 @@ static int fts3NodeAddTerm( if( isCopyTerm ){ if( pTree->nMalloczMalloc, nTerm*2); + char *zNew = sqlite3_realloc64(pTree->zMalloc, (i64)nTerm*2); if( !zNew ){ return SQLITE_NOMEM; } @@ -189095,7 +189189,7 @@ static int fts3NodeAddTerm( ** now. Instead, the term is inserted into the parent of pTree. If pTree ** has no parent, one is created here. */ - pNew = (SegmentNode *)sqlite3_malloc(sizeof(SegmentNode) + p->nNodeSize); + pNew = (SegmentNode *)sqlite3_malloc64(sizeof(SegmentNode) + p->nNodeSize); if( !pNew ){ return SQLITE_NOMEM; } @@ -189233,7 +189327,7 @@ static int fts3SegWriterAdd( ){ int nPrefix; /* Size of term prefix in bytes */ int nSuffix; /* Size of term suffix in bytes */ - int nReq; /* Number of bytes required on leaf page */ + i64 nReq; /* Number of bytes required on leaf page */ int nData; SegmentWriter *pWriter = *ppWriter; @@ -189242,13 +189336,13 @@ static int fts3SegWriterAdd( sqlite3_stmt *pStmt; /* Allocate the SegmentWriter structure */ - pWriter = (SegmentWriter *)sqlite3_malloc(sizeof(SegmentWriter)); + pWriter = (SegmentWriter *)sqlite3_malloc64(sizeof(SegmentWriter)); if( !pWriter ) return SQLITE_NOMEM; memset(pWriter, 0, sizeof(SegmentWriter)); *ppWriter = pWriter; /* Allocate a buffer in which to accumulate data */ - pWriter->aData = (char *)sqlite3_malloc(p->nNodeSize); + pWriter->aData = (char *)sqlite3_malloc64(p->nNodeSize); if( !pWriter->aData ) return SQLITE_NOMEM; pWriter->nSize = p->nNodeSize; @@ -189323,7 +189417,7 @@ static int fts3SegWriterAdd( ** the buffer to make it large enough. */ if( nReq>pWriter->nSize ){ - char *aNew = sqlite3_realloc(pWriter->aData, nReq); + char *aNew = sqlite3_realloc64(pWriter->aData, nReq); if( !aNew ) return SQLITE_NOMEM; pWriter->aData = aNew; pWriter->nSize = nReq; @@ -189348,7 +189442,7 @@ static int fts3SegWriterAdd( */ if( isCopyTerm ){ if( nTerm>pWriter->nMalloc ){ - char *zNew = sqlite3_realloc(pWriter->zMalloc, nTerm*2); + char *zNew = sqlite3_realloc64(pWriter->zMalloc, (i64)nTerm*2); if( !zNew ){ return SQLITE_NOMEM; } @@ -189656,12 +189750,12 @@ static void fts3ColumnFilter( static int fts3MsrBufferData( Fts3MultiSegReader *pMsr, /* Multi-segment-reader handle */ char *pList, - int nList + i64 nList ){ if( nList>pMsr->nBuffer ){ char *pNew; pMsr->nBuffer = nList*2; - pNew = (char *)sqlite3_realloc(pMsr->aBuffer, pMsr->nBuffer); + pNew = (char *)sqlite3_realloc64(pMsr->aBuffer, pMsr->nBuffer); if( !pNew ) return SQLITE_NOMEM; pMsr->aBuffer = pNew; } @@ -189717,7 +189811,7 @@ SQLITE_PRIVATE int sqlite3Fts3MsrIncrNext( fts3SegReaderSort(pMsr->apSegment, nMerge, j, xCmp); if( nList>0 && fts3SegReaderIsPending(apSegment[0]) ){ - rc = fts3MsrBufferData(pMsr, pList, nList+1); + rc = fts3MsrBufferData(pMsr, pList, (i64)nList+1); if( rc!=SQLITE_OK ) return rc; assert( (pMsr->aBuffer[nList] & 0xFE)==0x00 ); pList = pMsr->aBuffer; @@ -189854,11 +189948,11 @@ SQLITE_PRIVATE int sqlite3Fts3MsrIncrRestart(Fts3MultiSegReader *pCsr){ return SQLITE_OK; } -static int fts3GrowSegReaderBuffer(Fts3MultiSegReader *pCsr, int nReq){ +static int fts3GrowSegReaderBuffer(Fts3MultiSegReader *pCsr, i64 nReq){ if( nReq>pCsr->nBuffer ){ char *aNew; pCsr->nBuffer = nReq*2; - aNew = sqlite3_realloc(pCsr->aBuffer, pCsr->nBuffer); + aNew = sqlite3_realloc64(pCsr->aBuffer, pCsr->nBuffer); if( !aNew ){ return SQLITE_NOMEM; } @@ -189949,7 +190043,8 @@ SQLITE_PRIVATE int sqlite3Fts3SegReaderStep( ){ pCsr->nDoclist = apSegment[0]->nDoclist; if( fts3SegReaderIsPending(apSegment[0]) ){ - rc = fts3MsrBufferData(pCsr, apSegment[0]->aDoclist, pCsr->nDoclist); + rc = fts3MsrBufferData(pCsr, apSegment[0]->aDoclist, + (i64)pCsr->nDoclist); pCsr->aDoclist = pCsr->aBuffer; }else{ pCsr->aDoclist = apSegment[0]->aDoclist; @@ -190002,7 +190097,8 @@ SQLITE_PRIVATE int sqlite3Fts3SegReaderStep( nByte = sqlite3Fts3VarintLen(iDelta) + (isRequirePos?nList+1:0); - rc = fts3GrowSegReaderBuffer(pCsr, nByte+nDoclist+FTS3_NODE_PADDING); + rc = fts3GrowSegReaderBuffer(pCsr, + (i64)nByte+nDoclist+FTS3_NODE_PADDING); if( rc ) return rc; if( isFirst ){ @@ -190028,7 +190124,7 @@ SQLITE_PRIVATE int sqlite3Fts3SegReaderStep( fts3SegReaderSort(apSegment, nMerge, j, xCmp); } if( nDoclist>0 ){ - rc = fts3GrowSegReaderBuffer(pCsr, nDoclist+FTS3_NODE_PADDING); + rc = fts3GrowSegReaderBuffer(pCsr, (i64)nDoclist+FTS3_NODE_PADDING); if( rc ) return rc; memset(&pCsr->aBuffer[nDoclist], 0, FTS3_NODE_PADDING); pCsr->aDoclist = pCsr->aBuffer; @@ -190741,7 +190837,7 @@ struct NodeReader { static void blobGrowBuffer(Blob *pBlob, int nMin, int *pRc){ if( *pRc==SQLITE_OK && nMin>pBlob->nAlloc ){ int nAlloc = nMin; - char *a = (char *)sqlite3_realloc(pBlob->a, nAlloc); + char *a = (char *)sqlite3_realloc64(pBlob->a, nAlloc); if( a ){ pBlob->nAlloc = nAlloc; pBlob->a = a; @@ -191538,7 +191634,7 @@ static int fts3RepackSegdirLevel( if( nIdx>=nAlloc ){ int *aNew; nAlloc += 16; - aNew = sqlite3_realloc(aIdx, nAlloc*sizeof(int)); + aNew = sqlite3_realloc64(aIdx, nAlloc*sizeof(int)); if( !aNew ){ rc = SQLITE_NOMEM; break; @@ -191912,7 +192008,7 @@ SQLITE_PRIVATE int sqlite3Fts3Incrmerge(Fts3Table *p, int nMerge, int nMin){ /* Allocate space for the cursor, filter and writer objects */ const int nAlloc = sizeof(*pCsr) + sizeof(*pFilter) + sizeof(*pWriter); - pWriter = (IncrmergeWriter *)sqlite3_malloc(nAlloc); + pWriter = (IncrmergeWriter *)sqlite3_malloc64(nAlloc); if( !pWriter ) return SQLITE_NOMEM; pFilter = (Fts3SegFilter *)&pWriter[1]; pCsr = (Fts3MultiSegReader *)&pFilter[1]; @@ -192548,7 +192644,7 @@ SQLITE_PRIVATE int sqlite3Fts3DeferredTokenList( return SQLITE_OK; } - pRet = (char *)sqlite3_malloc(p->pList->nData); + pRet = (char *)sqlite3_malloc64(p->pList->nData); if( !pRet ) return SQLITE_NOMEM; nSkip = sqlite3Fts3GetVarint(p->pList->aData, &dummy); @@ -192568,7 +192664,7 @@ SQLITE_PRIVATE int sqlite3Fts3DeferToken( int iCol /* Column that token must appear in (or -1) */ ){ Fts3DeferredToken *pDeferred; - pDeferred = sqlite3_malloc(sizeof(*pDeferred)); + pDeferred = sqlite3_malloc64(sizeof(*pDeferred)); if( !pDeferred ){ return SQLITE_NOMEM; } @@ -204147,7 +204243,7 @@ static int geopolyUpdate( sqlite3_free(p); nChange = 1; } - for(jj=1; jjnAux; jj++){ + for(jj=1; jj. +// +// Use of this source code is governed by an MIT-style +// license that can be found in the LICENSE file. + +// +build sqlite_math_functions + +package sqlite3 + +/* +#cgo CFLAGS: -DSQLITE_ENABLE_MATH_FUNCTIONS +#cgo LDFLAGS: -lm +*/ +import "C" diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_os_trace.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_os_trace.go new file mode 100644 index 000000000..9a30566b3 --- /dev/null +++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_os_trace.go @@ -0,0 +1,15 @@ +// Copyright (C) 2022 Yasuhiro Matsumoto . +// +// Use of this source code is governed by an MIT-style +// license that can be found in the LICENSE file. + +//go:build sqlite_os_trace +// +build sqlite_os_trace + +package sqlite3 + +/* +#cgo CFLAGS: -DSQLITE_FORCE_OS_TRACE=1 +#cgo CFLAGS: -DSQLITE_DEBUG_OS_TRACE=1 +*/ +import "C" diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_windows.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_windows.go index 9df196145..81aa2abde 100644 --- a/vendor/github.com/mattn/go-sqlite3/sqlite3_windows.go +++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_windows.go @@ -12,7 +12,6 @@ package sqlite3 #cgo CFLAGS: -fno-stack-check #cgo CFLAGS: -fno-stack-protector #cgo CFLAGS: -mno-stack-arg-probe -#cgo LDFLAGS: -lmingwex -lmingw32 #cgo windows,386 CFLAGS: -D_USE_32BIT_TIME_T */ import "C" diff --git a/vendor/github.com/prometheus/client_model/go/metrics.pb.go b/vendor/github.com/prometheus/client_model/go/metrics.pb.go index 35904ea19..2b5bca4b9 100644 --- a/vendor/github.com/prometheus/client_model/go/metrics.pb.go +++ b/vendor/github.com/prometheus/client_model/go/metrics.pb.go @@ -1,25 +1,38 @@ +// Copyright 2013 Prometheus Team +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // Code generated by protoc-gen-go. DO NOT EDIT. +// versions: +// protoc-gen-go v1.30.0 +// protoc v3.20.3 // source: io/prometheus/client/metrics.proto package io_prometheus_client import ( - fmt "fmt" - proto "github.com/golang/protobuf/proto" - timestamp "github.com/golang/protobuf/ptypes/timestamp" - math "math" + protoreflect "google.golang.org/protobuf/reflect/protoreflect" + protoimpl "google.golang.org/protobuf/runtime/protoimpl" + timestamppb "google.golang.org/protobuf/types/known/timestamppb" + reflect "reflect" + sync "sync" ) -// Reference imports to suppress errors if they are not otherwise used. -var _ = proto.Marshal -var _ = fmt.Errorf -var _ = math.Inf - -// This is a compile-time assertion to ensure that this generated file -// is compatible with the proto package it is being compiled against. -// A compilation error at this line likely means your copy of the -// proto package needs to be updated. -const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package +const ( + // Verify that this generated code is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(20 - protoimpl.MinVersion) + // Verify that runtime/protoimpl is sufficiently up-to-date. + _ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20) +) type MetricType int32 @@ -38,23 +51,25 @@ const ( MetricType_GAUGE_HISTOGRAM MetricType = 5 ) -var MetricType_name = map[int32]string{ - 0: "COUNTER", - 1: "GAUGE", - 2: "SUMMARY", - 3: "UNTYPED", - 4: "HISTOGRAM", - 5: "GAUGE_HISTOGRAM", -} - -var MetricType_value = map[string]int32{ - "COUNTER": 0, - "GAUGE": 1, - "SUMMARY": 2, - "UNTYPED": 3, - "HISTOGRAM": 4, - "GAUGE_HISTOGRAM": 5, -} +// Enum value maps for MetricType. +var ( + MetricType_name = map[int32]string{ + 0: "COUNTER", + 1: "GAUGE", + 2: "SUMMARY", + 3: "UNTYPED", + 4: "HISTOGRAM", + 5: "GAUGE_HISTOGRAM", + } + MetricType_value = map[string]int32{ + "COUNTER": 0, + "GAUGE": 1, + "SUMMARY": 2, + "UNTYPED": 3, + "HISTOGRAM": 4, + "GAUGE_HISTOGRAM": 5, + } +) func (x MetricType) Enum() *MetricType { p := new(MetricType) @@ -63,449 +78,519 @@ func (x MetricType) Enum() *MetricType { } func (x MetricType) String() string { - return proto.EnumName(MetricType_name, int32(x)) + return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x)) } -func (x *MetricType) UnmarshalJSON(data []byte) error { - value, err := proto.UnmarshalJSONEnum(MetricType_value, data, "MetricType") +func (MetricType) Descriptor() protoreflect.EnumDescriptor { + return file_io_prometheus_client_metrics_proto_enumTypes[0].Descriptor() +} + +func (MetricType) Type() protoreflect.EnumType { + return &file_io_prometheus_client_metrics_proto_enumTypes[0] +} + +func (x MetricType) Number() protoreflect.EnumNumber { + return protoreflect.EnumNumber(x) +} + +// Deprecated: Do not use. +func (x *MetricType) UnmarshalJSON(b []byte) error { + num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b) if err != nil { return err } - *x = MetricType(value) + *x = MetricType(num) return nil } +// Deprecated: Use MetricType.Descriptor instead. func (MetricType) EnumDescriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{0} + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{0} } type LabelPair struct { - Name *string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"` - Value *string `protobuf:"bytes,2,opt,name=value" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *LabelPair) Reset() { *m = LabelPair{} } -func (m *LabelPair) String() string { return proto.CompactTextString(m) } -func (*LabelPair) ProtoMessage() {} -func (*LabelPair) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{0} + Name *string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"` + Value *string `protobuf:"bytes,2,opt,name=value" json:"value,omitempty"` } -func (m *LabelPair) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_LabelPair.Unmarshal(m, b) -} -func (m *LabelPair) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_LabelPair.Marshal(b, m, deterministic) -} -func (m *LabelPair) XXX_Merge(src proto.Message) { - xxx_messageInfo_LabelPair.Merge(m, src) +func (x *LabelPair) Reset() { + *x = LabelPair{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[0] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *LabelPair) XXX_Size() int { - return xxx_messageInfo_LabelPair.Size(m) + +func (x *LabelPair) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *LabelPair) XXX_DiscardUnknown() { - xxx_messageInfo_LabelPair.DiscardUnknown(m) + +func (*LabelPair) ProtoMessage() {} + +func (x *LabelPair) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[0] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_LabelPair proto.InternalMessageInfo +// Deprecated: Use LabelPair.ProtoReflect.Descriptor instead. +func (*LabelPair) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{0} +} -func (m *LabelPair) GetName() string { - if m != nil && m.Name != nil { - return *m.Name +func (x *LabelPair) GetName() string { + if x != nil && x.Name != nil { + return *x.Name } return "" } -func (m *LabelPair) GetValue() string { - if m != nil && m.Value != nil { - return *m.Value +func (x *LabelPair) GetValue() string { + if x != nil && x.Value != nil { + return *x.Value } return "" } type Gauge struct { - Value *float64 `protobuf:"fixed64,1,opt,name=value" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *Gauge) Reset() { *m = Gauge{} } -func (m *Gauge) String() string { return proto.CompactTextString(m) } -func (*Gauge) ProtoMessage() {} -func (*Gauge) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{1} + Value *float64 `protobuf:"fixed64,1,opt,name=value" json:"value,omitempty"` } -func (m *Gauge) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Gauge.Unmarshal(m, b) -} -func (m *Gauge) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Gauge.Marshal(b, m, deterministic) -} -func (m *Gauge) XXX_Merge(src proto.Message) { - xxx_messageInfo_Gauge.Merge(m, src) +func (x *Gauge) Reset() { + *x = Gauge{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[1] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Gauge) XXX_Size() int { - return xxx_messageInfo_Gauge.Size(m) + +func (x *Gauge) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Gauge) XXX_DiscardUnknown() { - xxx_messageInfo_Gauge.DiscardUnknown(m) + +func (*Gauge) ProtoMessage() {} + +func (x *Gauge) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[1] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Gauge proto.InternalMessageInfo +// Deprecated: Use Gauge.ProtoReflect.Descriptor instead. +func (*Gauge) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{1} +} -func (m *Gauge) GetValue() float64 { - if m != nil && m.Value != nil { - return *m.Value +func (x *Gauge) GetValue() float64 { + if x != nil && x.Value != nil { + return *x.Value } return 0 } type Counter struct { - Value *float64 `protobuf:"fixed64,1,opt,name=value" json:"value,omitempty"` - Exemplar *Exemplar `protobuf:"bytes,2,opt,name=exemplar" json:"exemplar,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *Counter) Reset() { *m = Counter{} } -func (m *Counter) String() string { return proto.CompactTextString(m) } -func (*Counter) ProtoMessage() {} -func (*Counter) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{2} + Value *float64 `protobuf:"fixed64,1,opt,name=value" json:"value,omitempty"` + Exemplar *Exemplar `protobuf:"bytes,2,opt,name=exemplar" json:"exemplar,omitempty"` } -func (m *Counter) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Counter.Unmarshal(m, b) -} -func (m *Counter) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Counter.Marshal(b, m, deterministic) -} -func (m *Counter) XXX_Merge(src proto.Message) { - xxx_messageInfo_Counter.Merge(m, src) +func (x *Counter) Reset() { + *x = Counter{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[2] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Counter) XXX_Size() int { - return xxx_messageInfo_Counter.Size(m) + +func (x *Counter) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Counter) XXX_DiscardUnknown() { - xxx_messageInfo_Counter.DiscardUnknown(m) + +func (*Counter) ProtoMessage() {} + +func (x *Counter) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[2] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Counter proto.InternalMessageInfo +// Deprecated: Use Counter.ProtoReflect.Descriptor instead. +func (*Counter) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{2} +} -func (m *Counter) GetValue() float64 { - if m != nil && m.Value != nil { - return *m.Value +func (x *Counter) GetValue() float64 { + if x != nil && x.Value != nil { + return *x.Value } return 0 } -func (m *Counter) GetExemplar() *Exemplar { - if m != nil { - return m.Exemplar +func (x *Counter) GetExemplar() *Exemplar { + if x != nil { + return x.Exemplar } return nil } type Quantile struct { - Quantile *float64 `protobuf:"fixed64,1,opt,name=quantile" json:"quantile,omitempty"` - Value *float64 `protobuf:"fixed64,2,opt,name=value" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *Quantile) Reset() { *m = Quantile{} } -func (m *Quantile) String() string { return proto.CompactTextString(m) } -func (*Quantile) ProtoMessage() {} -func (*Quantile) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{3} + Quantile *float64 `protobuf:"fixed64,1,opt,name=quantile" json:"quantile,omitempty"` + Value *float64 `protobuf:"fixed64,2,opt,name=value" json:"value,omitempty"` } -func (m *Quantile) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Quantile.Unmarshal(m, b) -} -func (m *Quantile) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Quantile.Marshal(b, m, deterministic) -} -func (m *Quantile) XXX_Merge(src proto.Message) { - xxx_messageInfo_Quantile.Merge(m, src) +func (x *Quantile) Reset() { + *x = Quantile{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[3] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Quantile) XXX_Size() int { - return xxx_messageInfo_Quantile.Size(m) + +func (x *Quantile) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Quantile) XXX_DiscardUnknown() { - xxx_messageInfo_Quantile.DiscardUnknown(m) + +func (*Quantile) ProtoMessage() {} + +func (x *Quantile) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[3] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Quantile proto.InternalMessageInfo +// Deprecated: Use Quantile.ProtoReflect.Descriptor instead. +func (*Quantile) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{3} +} -func (m *Quantile) GetQuantile() float64 { - if m != nil && m.Quantile != nil { - return *m.Quantile +func (x *Quantile) GetQuantile() float64 { + if x != nil && x.Quantile != nil { + return *x.Quantile } return 0 } -func (m *Quantile) GetValue() float64 { - if m != nil && m.Value != nil { - return *m.Value +func (x *Quantile) GetValue() float64 { + if x != nil && x.Value != nil { + return *x.Value } return 0 } type Summary struct { - SampleCount *uint64 `protobuf:"varint,1,opt,name=sample_count,json=sampleCount" json:"sample_count,omitempty"` - SampleSum *float64 `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum" json:"sample_sum,omitempty"` - Quantile []*Quantile `protobuf:"bytes,3,rep,name=quantile" json:"quantile,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *Summary) Reset() { *m = Summary{} } -func (m *Summary) String() string { return proto.CompactTextString(m) } -func (*Summary) ProtoMessage() {} -func (*Summary) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{4} + SampleCount *uint64 `protobuf:"varint,1,opt,name=sample_count,json=sampleCount" json:"sample_count,omitempty"` + SampleSum *float64 `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum" json:"sample_sum,omitempty"` + Quantile []*Quantile `protobuf:"bytes,3,rep,name=quantile" json:"quantile,omitempty"` } -func (m *Summary) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Summary.Unmarshal(m, b) -} -func (m *Summary) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Summary.Marshal(b, m, deterministic) -} -func (m *Summary) XXX_Merge(src proto.Message) { - xxx_messageInfo_Summary.Merge(m, src) +func (x *Summary) Reset() { + *x = Summary{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[4] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Summary) XXX_Size() int { - return xxx_messageInfo_Summary.Size(m) + +func (x *Summary) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Summary) XXX_DiscardUnknown() { - xxx_messageInfo_Summary.DiscardUnknown(m) + +func (*Summary) ProtoMessage() {} + +func (x *Summary) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[4] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Summary proto.InternalMessageInfo +// Deprecated: Use Summary.ProtoReflect.Descriptor instead. +func (*Summary) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{4} +} -func (m *Summary) GetSampleCount() uint64 { - if m != nil && m.SampleCount != nil { - return *m.SampleCount +func (x *Summary) GetSampleCount() uint64 { + if x != nil && x.SampleCount != nil { + return *x.SampleCount } return 0 } -func (m *Summary) GetSampleSum() float64 { - if m != nil && m.SampleSum != nil { - return *m.SampleSum +func (x *Summary) GetSampleSum() float64 { + if x != nil && x.SampleSum != nil { + return *x.SampleSum } return 0 } -func (m *Summary) GetQuantile() []*Quantile { - if m != nil { - return m.Quantile +func (x *Summary) GetQuantile() []*Quantile { + if x != nil { + return x.Quantile } return nil } type Untyped struct { - Value *float64 `protobuf:"fixed64,1,opt,name=value" json:"value,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *Untyped) Reset() { *m = Untyped{} } -func (m *Untyped) String() string { return proto.CompactTextString(m) } -func (*Untyped) ProtoMessage() {} -func (*Untyped) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{5} + Value *float64 `protobuf:"fixed64,1,opt,name=value" json:"value,omitempty"` } -func (m *Untyped) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Untyped.Unmarshal(m, b) -} -func (m *Untyped) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Untyped.Marshal(b, m, deterministic) -} -func (m *Untyped) XXX_Merge(src proto.Message) { - xxx_messageInfo_Untyped.Merge(m, src) +func (x *Untyped) Reset() { + *x = Untyped{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Untyped) XXX_Size() int { - return xxx_messageInfo_Untyped.Size(m) + +func (x *Untyped) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Untyped) XXX_DiscardUnknown() { - xxx_messageInfo_Untyped.DiscardUnknown(m) + +func (*Untyped) ProtoMessage() {} + +func (x *Untyped) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Untyped proto.InternalMessageInfo +// Deprecated: Use Untyped.ProtoReflect.Descriptor instead. +func (*Untyped) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{5} +} -func (m *Untyped) GetValue() float64 { - if m != nil && m.Value != nil { - return *m.Value +func (x *Untyped) GetValue() float64 { + if x != nil && x.Value != nil { + return *x.Value } return 0 } type Histogram struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + SampleCount *uint64 `protobuf:"varint,1,opt,name=sample_count,json=sampleCount" json:"sample_count,omitempty"` - SampleCountFloat *float64 `protobuf:"fixed64,4,opt,name=sample_count_float,json=sampleCountFloat" json:"sample_count_float,omitempty"` + SampleCountFloat *float64 `protobuf:"fixed64,4,opt,name=sample_count_float,json=sampleCountFloat" json:"sample_count_float,omitempty"` // Overrides sample_count if > 0. SampleSum *float64 `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum" json:"sample_sum,omitempty"` // Buckets for the conventional histogram. - Bucket []*Bucket `protobuf:"bytes,3,rep,name=bucket" json:"bucket,omitempty"` + Bucket []*Bucket `protobuf:"bytes,3,rep,name=bucket" json:"bucket,omitempty"` // Ordered in increasing order of upper_bound, +Inf bucket is optional. // schema defines the bucket schema. Currently, valid numbers are -4 <= n <= 8. // They are all for base-2 bucket schemas, where 1 is a bucket boundary in each case, and // then each power of two is divided into 2^n logarithmic buckets. // Or in other words, each bucket boundary is the previous boundary times 2^(2^-n). // In the future, more bucket schemas may be added using numbers < -4 or > 8. Schema *int32 `protobuf:"zigzag32,5,opt,name=schema" json:"schema,omitempty"` - ZeroThreshold *float64 `protobuf:"fixed64,6,opt,name=zero_threshold,json=zeroThreshold" json:"zero_threshold,omitempty"` - ZeroCount *uint64 `protobuf:"varint,7,opt,name=zero_count,json=zeroCount" json:"zero_count,omitempty"` - ZeroCountFloat *float64 `protobuf:"fixed64,8,opt,name=zero_count_float,json=zeroCountFloat" json:"zero_count_float,omitempty"` + ZeroThreshold *float64 `protobuf:"fixed64,6,opt,name=zero_threshold,json=zeroThreshold" json:"zero_threshold,omitempty"` // Breadth of the zero bucket. + ZeroCount *uint64 `protobuf:"varint,7,opt,name=zero_count,json=zeroCount" json:"zero_count,omitempty"` // Count in zero bucket. + ZeroCountFloat *float64 `protobuf:"fixed64,8,opt,name=zero_count_float,json=zeroCountFloat" json:"zero_count_float,omitempty"` // Overrides sb_zero_count if > 0. // Negative buckets for the native histogram. NegativeSpan []*BucketSpan `protobuf:"bytes,9,rep,name=negative_span,json=negativeSpan" json:"negative_span,omitempty"` // Use either "negative_delta" or "negative_count", the former for // regular histograms with integer counts, the latter for float // histograms. - NegativeDelta []int64 `protobuf:"zigzag64,10,rep,name=negative_delta,json=negativeDelta" json:"negative_delta,omitempty"` - NegativeCount []float64 `protobuf:"fixed64,11,rep,name=negative_count,json=negativeCount" json:"negative_count,omitempty"` + NegativeDelta []int64 `protobuf:"zigzag64,10,rep,name=negative_delta,json=negativeDelta" json:"negative_delta,omitempty"` // Count delta of each bucket compared to previous one (or to zero for 1st bucket). + NegativeCount []float64 `protobuf:"fixed64,11,rep,name=negative_count,json=negativeCount" json:"negative_count,omitempty"` // Absolute count of each bucket. // Positive buckets for the native histogram. PositiveSpan []*BucketSpan `protobuf:"bytes,12,rep,name=positive_span,json=positiveSpan" json:"positive_span,omitempty"` // Use either "positive_delta" or "positive_count", the former for // regular histograms with integer counts, the latter for float // histograms. - PositiveDelta []int64 `protobuf:"zigzag64,13,rep,name=positive_delta,json=positiveDelta" json:"positive_delta,omitempty"` - PositiveCount []float64 `protobuf:"fixed64,14,rep,name=positive_count,json=positiveCount" json:"positive_count,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` + PositiveDelta []int64 `protobuf:"zigzag64,13,rep,name=positive_delta,json=positiveDelta" json:"positive_delta,omitempty"` // Count delta of each bucket compared to previous one (or to zero for 1st bucket). + PositiveCount []float64 `protobuf:"fixed64,14,rep,name=positive_count,json=positiveCount" json:"positive_count,omitempty"` // Absolute count of each bucket. } -func (m *Histogram) Reset() { *m = Histogram{} } -func (m *Histogram) String() string { return proto.CompactTextString(m) } -func (*Histogram) ProtoMessage() {} -func (*Histogram) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{6} +func (x *Histogram) Reset() { + *x = Histogram{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[6] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Histogram) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Histogram.Unmarshal(m, b) +func (x *Histogram) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Histogram) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Histogram.Marshal(b, m, deterministic) -} -func (m *Histogram) XXX_Merge(src proto.Message) { - xxx_messageInfo_Histogram.Merge(m, src) -} -func (m *Histogram) XXX_Size() int { - return xxx_messageInfo_Histogram.Size(m) -} -func (m *Histogram) XXX_DiscardUnknown() { - xxx_messageInfo_Histogram.DiscardUnknown(m) + +func (*Histogram) ProtoMessage() {} + +func (x *Histogram) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[6] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Histogram proto.InternalMessageInfo +// Deprecated: Use Histogram.ProtoReflect.Descriptor instead. +func (*Histogram) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{6} +} -func (m *Histogram) GetSampleCount() uint64 { - if m != nil && m.SampleCount != nil { - return *m.SampleCount +func (x *Histogram) GetSampleCount() uint64 { + if x != nil && x.SampleCount != nil { + return *x.SampleCount } return 0 } -func (m *Histogram) GetSampleCountFloat() float64 { - if m != nil && m.SampleCountFloat != nil { - return *m.SampleCountFloat +func (x *Histogram) GetSampleCountFloat() float64 { + if x != nil && x.SampleCountFloat != nil { + return *x.SampleCountFloat } return 0 } -func (m *Histogram) GetSampleSum() float64 { - if m != nil && m.SampleSum != nil { - return *m.SampleSum +func (x *Histogram) GetSampleSum() float64 { + if x != nil && x.SampleSum != nil { + return *x.SampleSum } return 0 } -func (m *Histogram) GetBucket() []*Bucket { - if m != nil { - return m.Bucket +func (x *Histogram) GetBucket() []*Bucket { + if x != nil { + return x.Bucket } return nil } -func (m *Histogram) GetSchema() int32 { - if m != nil && m.Schema != nil { - return *m.Schema +func (x *Histogram) GetSchema() int32 { + if x != nil && x.Schema != nil { + return *x.Schema } return 0 } -func (m *Histogram) GetZeroThreshold() float64 { - if m != nil && m.ZeroThreshold != nil { - return *m.ZeroThreshold +func (x *Histogram) GetZeroThreshold() float64 { + if x != nil && x.ZeroThreshold != nil { + return *x.ZeroThreshold } return 0 } -func (m *Histogram) GetZeroCount() uint64 { - if m != nil && m.ZeroCount != nil { - return *m.ZeroCount +func (x *Histogram) GetZeroCount() uint64 { + if x != nil && x.ZeroCount != nil { + return *x.ZeroCount } return 0 } -func (m *Histogram) GetZeroCountFloat() float64 { - if m != nil && m.ZeroCountFloat != nil { - return *m.ZeroCountFloat +func (x *Histogram) GetZeroCountFloat() float64 { + if x != nil && x.ZeroCountFloat != nil { + return *x.ZeroCountFloat } return 0 } -func (m *Histogram) GetNegativeSpan() []*BucketSpan { - if m != nil { - return m.NegativeSpan +func (x *Histogram) GetNegativeSpan() []*BucketSpan { + if x != nil { + return x.NegativeSpan } return nil } -func (m *Histogram) GetNegativeDelta() []int64 { - if m != nil { - return m.NegativeDelta +func (x *Histogram) GetNegativeDelta() []int64 { + if x != nil { + return x.NegativeDelta } return nil } -func (m *Histogram) GetNegativeCount() []float64 { - if m != nil { - return m.NegativeCount +func (x *Histogram) GetNegativeCount() []float64 { + if x != nil { + return x.NegativeCount } return nil } -func (m *Histogram) GetPositiveSpan() []*BucketSpan { - if m != nil { - return m.PositiveSpan +func (x *Histogram) GetPositiveSpan() []*BucketSpan { + if x != nil { + return x.PositiveSpan } return nil } -func (m *Histogram) GetPositiveDelta() []int64 { - if m != nil { - return m.PositiveDelta +func (x *Histogram) GetPositiveDelta() []int64 { + if x != nil { + return x.PositiveDelta } return nil } -func (m *Histogram) GetPositiveCount() []float64 { - if m != nil { - return m.PositiveCount +func (x *Histogram) GetPositiveCount() []float64 { + if x != nil { + return x.PositiveCount } return nil } @@ -513,64 +598,72 @@ func (m *Histogram) GetPositiveCount() []float64 { // A Bucket of a conventional histogram, each of which is treated as // an individual counter-like time series by Prometheus. type Bucket struct { - CumulativeCount *uint64 `protobuf:"varint,1,opt,name=cumulative_count,json=cumulativeCount" json:"cumulative_count,omitempty"` - CumulativeCountFloat *float64 `protobuf:"fixed64,4,opt,name=cumulative_count_float,json=cumulativeCountFloat" json:"cumulative_count_float,omitempty"` - UpperBound *float64 `protobuf:"fixed64,2,opt,name=upper_bound,json=upperBound" json:"upper_bound,omitempty"` + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + CumulativeCount *uint64 `protobuf:"varint,1,opt,name=cumulative_count,json=cumulativeCount" json:"cumulative_count,omitempty"` // Cumulative in increasing order. + CumulativeCountFloat *float64 `protobuf:"fixed64,4,opt,name=cumulative_count_float,json=cumulativeCountFloat" json:"cumulative_count_float,omitempty"` // Overrides cumulative_count if > 0. + UpperBound *float64 `protobuf:"fixed64,2,opt,name=upper_bound,json=upperBound" json:"upper_bound,omitempty"` // Inclusive. Exemplar *Exemplar `protobuf:"bytes,3,opt,name=exemplar" json:"exemplar,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` } -func (m *Bucket) Reset() { *m = Bucket{} } -func (m *Bucket) String() string { return proto.CompactTextString(m) } -func (*Bucket) ProtoMessage() {} -func (*Bucket) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{7} +func (x *Bucket) Reset() { + *x = Bucket{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[7] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Bucket) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Bucket.Unmarshal(m, b) -} -func (m *Bucket) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Bucket.Marshal(b, m, deterministic) -} -func (m *Bucket) XXX_Merge(src proto.Message) { - xxx_messageInfo_Bucket.Merge(m, src) -} -func (m *Bucket) XXX_Size() int { - return xxx_messageInfo_Bucket.Size(m) +func (x *Bucket) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Bucket) XXX_DiscardUnknown() { - xxx_messageInfo_Bucket.DiscardUnknown(m) + +func (*Bucket) ProtoMessage() {} + +func (x *Bucket) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[7] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Bucket proto.InternalMessageInfo +// Deprecated: Use Bucket.ProtoReflect.Descriptor instead. +func (*Bucket) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{7} +} -func (m *Bucket) GetCumulativeCount() uint64 { - if m != nil && m.CumulativeCount != nil { - return *m.CumulativeCount +func (x *Bucket) GetCumulativeCount() uint64 { + if x != nil && x.CumulativeCount != nil { + return *x.CumulativeCount } return 0 } -func (m *Bucket) GetCumulativeCountFloat() float64 { - if m != nil && m.CumulativeCountFloat != nil { - return *m.CumulativeCountFloat +func (x *Bucket) GetCumulativeCountFloat() float64 { + if x != nil && x.CumulativeCountFloat != nil { + return *x.CumulativeCountFloat } return 0 } -func (m *Bucket) GetUpperBound() float64 { - if m != nil && m.UpperBound != nil { - return *m.UpperBound +func (x *Bucket) GetUpperBound() float64 { + if x != nil && x.UpperBound != nil { + return *x.UpperBound } return 0 } -func (m *Bucket) GetExemplar() *Exemplar { - if m != nil { - return m.Exemplar +func (x *Bucket) GetExemplar() *Exemplar { + if x != nil { + return x.Exemplar } return nil } @@ -582,333 +675,658 @@ func (m *Bucket) GetExemplar() *Exemplar { // structured here (with all the buckets in a single array separate // from the Spans). type BucketSpan struct { - Offset *int32 `protobuf:"zigzag32,1,opt,name=offset" json:"offset,omitempty"` - Length *uint32 `protobuf:"varint,2,opt,name=length" json:"length,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *BucketSpan) Reset() { *m = BucketSpan{} } -func (m *BucketSpan) String() string { return proto.CompactTextString(m) } -func (*BucketSpan) ProtoMessage() {} -func (*BucketSpan) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{8} + Offset *int32 `protobuf:"zigzag32,1,opt,name=offset" json:"offset,omitempty"` // Gap to previous span, or starting point for 1st span (which can be negative). + Length *uint32 `protobuf:"varint,2,opt,name=length" json:"length,omitempty"` // Length of consecutive buckets. } -func (m *BucketSpan) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_BucketSpan.Unmarshal(m, b) -} -func (m *BucketSpan) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_BucketSpan.Marshal(b, m, deterministic) -} -func (m *BucketSpan) XXX_Merge(src proto.Message) { - xxx_messageInfo_BucketSpan.Merge(m, src) +func (x *BucketSpan) Reset() { + *x = BucketSpan{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[8] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *BucketSpan) XXX_Size() int { - return xxx_messageInfo_BucketSpan.Size(m) + +func (x *BucketSpan) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *BucketSpan) XXX_DiscardUnknown() { - xxx_messageInfo_BucketSpan.DiscardUnknown(m) + +func (*BucketSpan) ProtoMessage() {} + +func (x *BucketSpan) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[8] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_BucketSpan proto.InternalMessageInfo +// Deprecated: Use BucketSpan.ProtoReflect.Descriptor instead. +func (*BucketSpan) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{8} +} -func (m *BucketSpan) GetOffset() int32 { - if m != nil && m.Offset != nil { - return *m.Offset +func (x *BucketSpan) GetOffset() int32 { + if x != nil && x.Offset != nil { + return *x.Offset } return 0 } -func (m *BucketSpan) GetLength() uint32 { - if m != nil && m.Length != nil { - return *m.Length +func (x *BucketSpan) GetLength() uint32 { + if x != nil && x.Length != nil { + return *x.Length } return 0 } type Exemplar struct { - Label []*LabelPair `protobuf:"bytes,1,rep,name=label" json:"label,omitempty"` - Value *float64 `protobuf:"fixed64,2,opt,name=value" json:"value,omitempty"` - Timestamp *timestamp.Timestamp `protobuf:"bytes,3,opt,name=timestamp" json:"timestamp,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields -func (m *Exemplar) Reset() { *m = Exemplar{} } -func (m *Exemplar) String() string { return proto.CompactTextString(m) } -func (*Exemplar) ProtoMessage() {} -func (*Exemplar) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{9} + Label []*LabelPair `protobuf:"bytes,1,rep,name=label" json:"label,omitempty"` + Value *float64 `protobuf:"fixed64,2,opt,name=value" json:"value,omitempty"` + Timestamp *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=timestamp" json:"timestamp,omitempty"` // OpenMetrics-style. } -func (m *Exemplar) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Exemplar.Unmarshal(m, b) -} -func (m *Exemplar) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Exemplar.Marshal(b, m, deterministic) -} -func (m *Exemplar) XXX_Merge(src proto.Message) { - xxx_messageInfo_Exemplar.Merge(m, src) +func (x *Exemplar) Reset() { + *x = Exemplar{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[9] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Exemplar) XXX_Size() int { - return xxx_messageInfo_Exemplar.Size(m) + +func (x *Exemplar) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Exemplar) XXX_DiscardUnknown() { - xxx_messageInfo_Exemplar.DiscardUnknown(m) + +func (*Exemplar) ProtoMessage() {} + +func (x *Exemplar) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[9] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Exemplar proto.InternalMessageInfo +// Deprecated: Use Exemplar.ProtoReflect.Descriptor instead. +func (*Exemplar) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{9} +} -func (m *Exemplar) GetLabel() []*LabelPair { - if m != nil { - return m.Label +func (x *Exemplar) GetLabel() []*LabelPair { + if x != nil { + return x.Label } return nil } -func (m *Exemplar) GetValue() float64 { - if m != nil && m.Value != nil { - return *m.Value +func (x *Exemplar) GetValue() float64 { + if x != nil && x.Value != nil { + return *x.Value } return 0 } -func (m *Exemplar) GetTimestamp() *timestamp.Timestamp { - if m != nil { - return m.Timestamp +func (x *Exemplar) GetTimestamp() *timestamppb.Timestamp { + if x != nil { + return x.Timestamp } return nil } type Metric struct { - Label []*LabelPair `protobuf:"bytes,1,rep,name=label" json:"label,omitempty"` - Gauge *Gauge `protobuf:"bytes,2,opt,name=gauge" json:"gauge,omitempty"` - Counter *Counter `protobuf:"bytes,3,opt,name=counter" json:"counter,omitempty"` - Summary *Summary `protobuf:"bytes,4,opt,name=summary" json:"summary,omitempty"` - Untyped *Untyped `protobuf:"bytes,5,opt,name=untyped" json:"untyped,omitempty"` - Histogram *Histogram `protobuf:"bytes,7,opt,name=histogram" json:"histogram,omitempty"` - TimestampMs *int64 `protobuf:"varint,6,opt,name=timestamp_ms,json=timestampMs" json:"timestamp_ms,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *Metric) Reset() { *m = Metric{} } -func (m *Metric) String() string { return proto.CompactTextString(m) } -func (*Metric) ProtoMessage() {} -func (*Metric) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{10} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Label []*LabelPair `protobuf:"bytes,1,rep,name=label" json:"label,omitempty"` + Gauge *Gauge `protobuf:"bytes,2,opt,name=gauge" json:"gauge,omitempty"` + Counter *Counter `protobuf:"bytes,3,opt,name=counter" json:"counter,omitempty"` + Summary *Summary `protobuf:"bytes,4,opt,name=summary" json:"summary,omitempty"` + Untyped *Untyped `protobuf:"bytes,5,opt,name=untyped" json:"untyped,omitempty"` + Histogram *Histogram `protobuf:"bytes,7,opt,name=histogram" json:"histogram,omitempty"` + TimestampMs *int64 `protobuf:"varint,6,opt,name=timestamp_ms,json=timestampMs" json:"timestamp_ms,omitempty"` +} + +func (x *Metric) Reset() { + *x = Metric{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[10] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *Metric) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_Metric.Unmarshal(m, b) +func (x *Metric) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *Metric) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_Metric.Marshal(b, m, deterministic) -} -func (m *Metric) XXX_Merge(src proto.Message) { - xxx_messageInfo_Metric.Merge(m, src) -} -func (m *Metric) XXX_Size() int { - return xxx_messageInfo_Metric.Size(m) -} -func (m *Metric) XXX_DiscardUnknown() { - xxx_messageInfo_Metric.DiscardUnknown(m) + +func (*Metric) ProtoMessage() {} + +func (x *Metric) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[10] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_Metric proto.InternalMessageInfo +// Deprecated: Use Metric.ProtoReflect.Descriptor instead. +func (*Metric) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{10} +} -func (m *Metric) GetLabel() []*LabelPair { - if m != nil { - return m.Label +func (x *Metric) GetLabel() []*LabelPair { + if x != nil { + return x.Label } return nil } -func (m *Metric) GetGauge() *Gauge { - if m != nil { - return m.Gauge +func (x *Metric) GetGauge() *Gauge { + if x != nil { + return x.Gauge } return nil } -func (m *Metric) GetCounter() *Counter { - if m != nil { - return m.Counter +func (x *Metric) GetCounter() *Counter { + if x != nil { + return x.Counter } return nil } -func (m *Metric) GetSummary() *Summary { - if m != nil { - return m.Summary +func (x *Metric) GetSummary() *Summary { + if x != nil { + return x.Summary } return nil } -func (m *Metric) GetUntyped() *Untyped { - if m != nil { - return m.Untyped +func (x *Metric) GetUntyped() *Untyped { + if x != nil { + return x.Untyped } return nil } -func (m *Metric) GetHistogram() *Histogram { - if m != nil { - return m.Histogram +func (x *Metric) GetHistogram() *Histogram { + if x != nil { + return x.Histogram } return nil } -func (m *Metric) GetTimestampMs() int64 { - if m != nil && m.TimestampMs != nil { - return *m.TimestampMs +func (x *Metric) GetTimestampMs() int64 { + if x != nil && x.TimestampMs != nil { + return *x.TimestampMs } return 0 } type MetricFamily struct { - Name *string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"` - Help *string `protobuf:"bytes,2,opt,name=help" json:"help,omitempty"` - Type *MetricType `protobuf:"varint,3,opt,name=type,enum=io.prometheus.client.MetricType" json:"type,omitempty"` - Metric []*Metric `protobuf:"bytes,4,rep,name=metric" json:"metric,omitempty"` - XXX_NoUnkeyedLiteral struct{} `json:"-"` - XXX_unrecognized []byte `json:"-"` - XXX_sizecache int32 `json:"-"` -} - -func (m *MetricFamily) Reset() { *m = MetricFamily{} } -func (m *MetricFamily) String() string { return proto.CompactTextString(m) } -func (*MetricFamily) ProtoMessage() {} -func (*MetricFamily) Descriptor() ([]byte, []int) { - return fileDescriptor_d1e5ddb18987a258, []int{11} + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + Name *string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"` + Help *string `protobuf:"bytes,2,opt,name=help" json:"help,omitempty"` + Type *MetricType `protobuf:"varint,3,opt,name=type,enum=io.prometheus.client.MetricType" json:"type,omitempty"` + Metric []*Metric `protobuf:"bytes,4,rep,name=metric" json:"metric,omitempty"` +} + +func (x *MetricFamily) Reset() { + *x = MetricFamily{} + if protoimpl.UnsafeEnabled { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[11] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } } -func (m *MetricFamily) XXX_Unmarshal(b []byte) error { - return xxx_messageInfo_MetricFamily.Unmarshal(m, b) -} -func (m *MetricFamily) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) { - return xxx_messageInfo_MetricFamily.Marshal(b, m, deterministic) -} -func (m *MetricFamily) XXX_Merge(src proto.Message) { - xxx_messageInfo_MetricFamily.Merge(m, src) -} -func (m *MetricFamily) XXX_Size() int { - return xxx_messageInfo_MetricFamily.Size(m) +func (x *MetricFamily) String() string { + return protoimpl.X.MessageStringOf(x) } -func (m *MetricFamily) XXX_DiscardUnknown() { - xxx_messageInfo_MetricFamily.DiscardUnknown(m) + +func (*MetricFamily) ProtoMessage() {} + +func (x *MetricFamily) ProtoReflect() protoreflect.Message { + mi := &file_io_prometheus_client_metrics_proto_msgTypes[11] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) } -var xxx_messageInfo_MetricFamily proto.InternalMessageInfo +// Deprecated: Use MetricFamily.ProtoReflect.Descriptor instead. +func (*MetricFamily) Descriptor() ([]byte, []int) { + return file_io_prometheus_client_metrics_proto_rawDescGZIP(), []int{11} +} -func (m *MetricFamily) GetName() string { - if m != nil && m.Name != nil { - return *m.Name +func (x *MetricFamily) GetName() string { + if x != nil && x.Name != nil { + return *x.Name } return "" } -func (m *MetricFamily) GetHelp() string { - if m != nil && m.Help != nil { - return *m.Help +func (x *MetricFamily) GetHelp() string { + if x != nil && x.Help != nil { + return *x.Help } return "" } -func (m *MetricFamily) GetType() MetricType { - if m != nil && m.Type != nil { - return *m.Type +func (x *MetricFamily) GetType() MetricType { + if x != nil && x.Type != nil { + return *x.Type } return MetricType_COUNTER } -func (m *MetricFamily) GetMetric() []*Metric { - if m != nil { - return m.Metric +func (x *MetricFamily) GetMetric() []*Metric { + if x != nil { + return x.Metric } return nil } -func init() { - proto.RegisterEnum("io.prometheus.client.MetricType", MetricType_name, MetricType_value) - proto.RegisterType((*LabelPair)(nil), "io.prometheus.client.LabelPair") - proto.RegisterType((*Gauge)(nil), "io.prometheus.client.Gauge") - proto.RegisterType((*Counter)(nil), "io.prometheus.client.Counter") - proto.RegisterType((*Quantile)(nil), "io.prometheus.client.Quantile") - proto.RegisterType((*Summary)(nil), "io.prometheus.client.Summary") - proto.RegisterType((*Untyped)(nil), "io.prometheus.client.Untyped") - proto.RegisterType((*Histogram)(nil), "io.prometheus.client.Histogram") - proto.RegisterType((*Bucket)(nil), "io.prometheus.client.Bucket") - proto.RegisterType((*BucketSpan)(nil), "io.prometheus.client.BucketSpan") - proto.RegisterType((*Exemplar)(nil), "io.prometheus.client.Exemplar") - proto.RegisterType((*Metric)(nil), "io.prometheus.client.Metric") - proto.RegisterType((*MetricFamily)(nil), "io.prometheus.client.MetricFamily") -} - -func init() { - proto.RegisterFile("io/prometheus/client/metrics.proto", fileDescriptor_d1e5ddb18987a258) -} - -var fileDescriptor_d1e5ddb18987a258 = []byte{ - // 896 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x8e, 0xdb, 0x44, - 0x18, 0xc5, 0x9b, 0x5f, 0x7f, 0xd9, 0x6c, 0xd3, 0x61, 0x55, 0x59, 0x0b, 0xcb, 0x06, 0x4b, 0x48, - 0x0b, 0x42, 0x8e, 0x40, 0x5b, 0x81, 0x0a, 0x5c, 0xec, 0xb6, 0xe9, 0x16, 0x89, 0xb4, 0x65, 0x92, - 0x5c, 0x14, 0x2e, 0xac, 0x49, 0x32, 0xeb, 0x58, 0x78, 0x3c, 0xc6, 0x1e, 0x57, 0x2c, 0x2f, 0xc0, - 0x35, 0xaf, 0xc0, 0xc3, 0xf0, 0x22, 0x3c, 0x08, 0x68, 0xfe, 0xec, 0xdd, 0xe2, 0x94, 0xd2, 0x3b, - 0x7f, 0x67, 0xce, 0xf7, 0xcd, 0x39, 0xe3, 0xc9, 0x71, 0xc0, 0x8f, 0xf9, 0x24, 0xcb, 0x39, 0xa3, - 0x62, 0x4b, 0xcb, 0x62, 0xb2, 0x4e, 0x62, 0x9a, 0x8a, 0x09, 0xa3, 0x22, 0x8f, 0xd7, 0x45, 0x90, - 0xe5, 0x5c, 0x70, 0x74, 0x18, 0xf3, 0xa0, 0xe6, 0x04, 0x9a, 0x73, 0x74, 0x12, 0x71, 0x1e, 0x25, - 0x74, 0xa2, 0x38, 0xab, 0xf2, 0x6a, 0x22, 0x62, 0x46, 0x0b, 0x41, 0x58, 0xa6, 0xdb, 0xfc, 0xfb, - 0xe0, 0x7e, 0x47, 0x56, 0x34, 0x79, 0x4e, 0xe2, 0x1c, 0x21, 0x68, 0xa7, 0x84, 0x51, 0xcf, 0x19, - 0x3b, 0xa7, 0x2e, 0x56, 0xcf, 0xe8, 0x10, 0x3a, 0x2f, 0x49, 0x52, 0x52, 0x6f, 0x4f, 0x81, 0xba, - 0xf0, 0x8f, 0xa1, 0x73, 0x49, 0xca, 0xe8, 0xc6, 0xb2, 0xec, 0x71, 0xec, 0xf2, 0x8f, 0xd0, 0x7b, - 0xc8, 0xcb, 0x54, 0xd0, 0xbc, 0x99, 0x80, 0x1e, 0x40, 0x9f, 0xfe, 0x42, 0x59, 0x96, 0x90, 0x5c, - 0x0d, 0x1e, 0x7c, 0xfe, 0x41, 0xd0, 0x64, 0x20, 0x98, 0x1a, 0x16, 0xae, 0xf8, 0xfe, 0xd7, 0xd0, - 0xff, 0xbe, 0x24, 0xa9, 0x88, 0x13, 0x8a, 0x8e, 0xa0, 0xff, 0xb3, 0x79, 0x36, 0x1b, 0x54, 0xf5, - 0x6d, 0xe5, 0x95, 0xb4, 0xdf, 0x1c, 0xe8, 0xcd, 0x4b, 0xc6, 0x48, 0x7e, 0x8d, 0x3e, 0x84, 0xfd, - 0x82, 0xb0, 0x2c, 0xa1, 0xe1, 0x5a, 0xaa, 0x55, 0x13, 0xda, 0x78, 0xa0, 0x31, 0x65, 0x00, 0x1d, - 0x03, 0x18, 0x4a, 0x51, 0x32, 0x33, 0xc9, 0xd5, 0xc8, 0xbc, 0x64, 0xd2, 0x47, 0xb5, 0x7f, 0x6b, - 0xdc, 0xda, 0xed, 0xc3, 0x2a, 0xae, 0xf5, 0xf9, 0x27, 0xd0, 0x5b, 0xa6, 0xe2, 0x3a, 0xa3, 0x9b, - 0x1d, 0xa7, 0xf8, 0x57, 0x1b, 0xdc, 0x27, 0x71, 0x21, 0x78, 0x94, 0x13, 0xf6, 0x26, 0x62, 0x3f, - 0x05, 0x74, 0x93, 0x12, 0x5e, 0x25, 0x9c, 0x08, 0xaf, 0xad, 0x66, 0x8e, 0x6e, 0x10, 0x1f, 0x4b, - 0xfc, 0xbf, 0xac, 0x9d, 0x41, 0x77, 0x55, 0xae, 0x7f, 0xa2, 0xc2, 0x18, 0x7b, 0xbf, 0xd9, 0xd8, - 0x85, 0xe2, 0x60, 0xc3, 0x45, 0xf7, 0xa0, 0x5b, 0xac, 0xb7, 0x94, 0x11, 0xaf, 0x33, 0x76, 0x4e, - 0xef, 0x62, 0x53, 0xa1, 0x8f, 0xe0, 0xe0, 0x57, 0x9a, 0xf3, 0x50, 0x6c, 0x73, 0x5a, 0x6c, 0x79, - 0xb2, 0xf1, 0xba, 0x6a, 0xc3, 0xa1, 0x44, 0x17, 0x16, 0x94, 0x9a, 0x14, 0x4d, 0x5b, 0xec, 0x29, - 0x8b, 0xae, 0x44, 0xb4, 0xc1, 0x53, 0x18, 0xd5, 0xcb, 0xc6, 0x5e, 0x5f, 0xcd, 0x39, 0xa8, 0x48, - 0xda, 0xdc, 0x14, 0x86, 0x29, 0x8d, 0x88, 0x88, 0x5f, 0xd2, 0xb0, 0xc8, 0x48, 0xea, 0xb9, 0xca, - 0xc4, 0xf8, 0x75, 0x26, 0xe6, 0x19, 0x49, 0xf1, 0xbe, 0x6d, 0x93, 0x95, 0x94, 0x5d, 0x8d, 0xd9, - 0xd0, 0x44, 0x10, 0x0f, 0xc6, 0xad, 0x53, 0x84, 0xab, 0xe1, 0x8f, 0x24, 0x78, 0x8b, 0xa6, 0xa5, - 0x0f, 0xc6, 0x2d, 0xe9, 0xce, 0xa2, 0x5a, 0xfe, 0x14, 0x86, 0x19, 0x2f, 0xe2, 0x5a, 0xd4, 0xfe, - 0x9b, 0x8a, 0xb2, 0x6d, 0x56, 0x54, 0x35, 0x46, 0x8b, 0x1a, 0x6a, 0x51, 0x16, 0xad, 0x44, 0x55, - 0x34, 0x2d, 0xea, 0x40, 0x8b, 0xb2, 0xa8, 0x12, 0xe5, 0xff, 0xe9, 0x40, 0x57, 0x6f, 0x85, 0x3e, - 0x86, 0xd1, 0xba, 0x64, 0x65, 0x72, 0xd3, 0x88, 0xbe, 0x66, 0x77, 0x6a, 0x5c, 0x5b, 0x39, 0x83, - 0x7b, 0xaf, 0x52, 0x6f, 0x5d, 0xb7, 0xc3, 0x57, 0x1a, 0xf4, 0x5b, 0x39, 0x81, 0x41, 0x99, 0x65, - 0x34, 0x0f, 0x57, 0xbc, 0x4c, 0x37, 0xe6, 0xce, 0x81, 0x82, 0x2e, 0x24, 0x72, 0x2b, 0x17, 0x5a, - 0xff, 0x3b, 0x17, 0xa0, 0x3e, 0x32, 0x79, 0x11, 0xf9, 0xd5, 0x55, 0x41, 0xb5, 0x83, 0xbb, 0xd8, - 0x54, 0x12, 0x4f, 0x68, 0x1a, 0x89, 0xad, 0xda, 0x7d, 0x88, 0x4d, 0xe5, 0xff, 0xee, 0x40, 0xdf, - 0x0e, 0x45, 0xf7, 0xa1, 0x93, 0xc8, 0x54, 0xf4, 0x1c, 0xf5, 0x82, 0x4e, 0x9a, 0x35, 0x54, 0xc1, - 0x89, 0x35, 0xbb, 0x39, 0x71, 0xd0, 0x97, 0xe0, 0x56, 0xa9, 0x6b, 0x4c, 0x1d, 0x05, 0x3a, 0x97, - 0x03, 0x9b, 0xcb, 0xc1, 0xc2, 0x32, 0x70, 0x4d, 0xf6, 0xff, 0xde, 0x83, 0xee, 0x4c, 0xa5, 0xfc, - 0xdb, 0x2a, 0xfa, 0x0c, 0x3a, 0x91, 0xcc, 0x69, 0x13, 0xb2, 0xef, 0x35, 0xb7, 0xa9, 0x28, 0xc7, - 0x9a, 0x89, 0xbe, 0x80, 0xde, 0x5a, 0x67, 0xb7, 0x11, 0x7b, 0xdc, 0xdc, 0x64, 0x02, 0x1e, 0x5b, - 0xb6, 0x6c, 0x2c, 0x74, 0xb0, 0xaa, 0x3b, 0xb0, 0xb3, 0xd1, 0xa4, 0x2f, 0xb6, 0x6c, 0xd9, 0x58, - 0xea, 0x20, 0x54, 0xa1, 0xb1, 0xb3, 0xd1, 0xa4, 0x25, 0xb6, 0x6c, 0xf4, 0x0d, 0xb8, 0x5b, 0x9b, - 0x8f, 0x2a, 0x2c, 0x76, 0x1e, 0x4c, 0x15, 0xa3, 0xb8, 0xee, 0x90, 0x89, 0x5a, 0x9d, 0x75, 0xc8, - 0x0a, 0x95, 0x48, 0x2d, 0x3c, 0xa8, 0xb0, 0x59, 0xe1, 0xff, 0xe1, 0xc0, 0xbe, 0x7e, 0x03, 0x8f, - 0x09, 0x8b, 0x93, 0xeb, 0xc6, 0x4f, 0x24, 0x82, 0xf6, 0x96, 0x26, 0x99, 0xf9, 0x42, 0xaa, 0x67, - 0x74, 0x06, 0x6d, 0xa9, 0x51, 0x1d, 0xe1, 0xc1, 0xae, 0x5f, 0xb8, 0x9e, 0xbc, 0xb8, 0xce, 0x28, - 0x56, 0x6c, 0x99, 0xb9, 0xfa, 0xab, 0xee, 0xb5, 0x5f, 0x97, 0xb9, 0xba, 0x0f, 0x1b, 0xee, 0x27, - 0x2b, 0x80, 0x7a, 0x12, 0x1a, 0x40, 0xef, 0xe1, 0xb3, 0xe5, 0xd3, 0xc5, 0x14, 0x8f, 0xde, 0x41, - 0x2e, 0x74, 0x2e, 0xcf, 0x97, 0x97, 0xd3, 0x91, 0x23, 0xf1, 0xf9, 0x72, 0x36, 0x3b, 0xc7, 0x2f, - 0x46, 0x7b, 0xb2, 0x58, 0x3e, 0x5d, 0xbc, 0x78, 0x3e, 0x7d, 0x34, 0x6a, 0xa1, 0x21, 0xb8, 0x4f, - 0xbe, 0x9d, 0x2f, 0x9e, 0x5d, 0xe2, 0xf3, 0xd9, 0xa8, 0x8d, 0xde, 0x85, 0x3b, 0xaa, 0x27, 0xac, - 0xc1, 0xce, 0x05, 0x86, 0xc6, 0x3f, 0x18, 0x3f, 0x3c, 0x88, 0x62, 0xb1, 0x2d, 0x57, 0xc1, 0x9a, - 0xb3, 0x7f, 0xff, 0x45, 0x09, 0x19, 0xdf, 0xd0, 0x64, 0x12, 0xf1, 0xaf, 0x62, 0x1e, 0xd6, 0xab, - 0xa1, 0x5e, 0xfd, 0x27, 0x00, 0x00, 0xff, 0xff, 0x16, 0x77, 0x81, 0x98, 0xd7, 0x08, 0x00, 0x00, +var File_io_prometheus_client_metrics_proto protoreflect.FileDescriptor + +var file_io_prometheus_client_metrics_proto_rawDesc = []byte{ + 0x0a, 0x22, 0x69, 0x6f, 0x2f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2f, + 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2f, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x73, 0x2e, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x14, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, + 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x1a, 0x1f, 0x67, 0x6f, 0x6f, 0x67, + 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x69, 0x6d, 0x65, + 0x73, 0x74, 0x61, 0x6d, 0x70, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0x35, 0x0a, 0x09, 0x4c, + 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, 0x72, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, + 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x14, 0x0a, 0x05, + 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x22, 0x1d, 0x0a, 0x05, 0x47, 0x61, 0x75, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, + 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, + 0x65, 0x22, 0x5b, 0x0a, 0x07, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x12, 0x14, 0x0a, 0x05, + 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, + 0x75, 0x65, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x18, 0x02, + 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, + 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x78, 0x65, 0x6d, + 0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x22, 0x3c, + 0x0a, 0x08, 0x51, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x71, 0x75, + 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x08, 0x71, 0x75, + 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x87, 0x01, 0x0a, + 0x07, 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x61, 0x6d, 0x70, + 0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, + 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x73, + 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x5f, 0x73, 0x75, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, + 0x09, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x53, 0x75, 0x6d, 0x12, 0x3a, 0x0a, 0x08, 0x71, 0x75, + 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, + 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, + 0x65, 0x6e, 0x74, 0x2e, 0x51, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x52, 0x08, 0x71, 0x75, + 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x22, 0x1f, 0x0a, 0x07, 0x55, 0x6e, 0x74, 0x79, 0x70, 0x65, + 0x64, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, + 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xe3, 0x04, 0x0a, 0x09, 0x48, 0x69, 0x73, 0x74, + 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x5f, + 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, 0x73, 0x61, 0x6d, + 0x70, 0x6c, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x2c, 0x0a, 0x12, 0x73, 0x61, 0x6d, 0x70, + 0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x04, + 0x20, 0x01, 0x28, 0x01, 0x52, 0x10, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x43, 0x6f, 0x75, 0x6e, + 0x74, 0x46, 0x6c, 0x6f, 0x61, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, + 0x5f, 0x73, 0x75, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x09, 0x73, 0x61, 0x6d, 0x70, + 0x6c, 0x65, 0x53, 0x75, 0x6d, 0x12, 0x34, 0x0a, 0x06, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x18, + 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, + 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x42, 0x75, 0x63, + 0x6b, 0x65, 0x74, 0x52, 0x06, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, + 0x63, 0x68, 0x65, 0x6d, 0x61, 0x18, 0x05, 0x20, 0x01, 0x28, 0x11, 0x52, 0x06, 0x73, 0x63, 0x68, + 0x65, 0x6d, 0x61, 0x12, 0x25, 0x0a, 0x0e, 0x7a, 0x65, 0x72, 0x6f, 0x5f, 0x74, 0x68, 0x72, 0x65, + 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0d, 0x7a, 0x65, 0x72, + 0x6f, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x7a, 0x65, + 0x72, 0x6f, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x04, 0x52, 0x09, + 0x7a, 0x65, 0x72, 0x6f, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x28, 0x0a, 0x10, 0x7a, 0x65, 0x72, + 0x6f, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x08, 0x20, + 0x01, 0x28, 0x01, 0x52, 0x0e, 0x7a, 0x65, 0x72, 0x6f, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x46, 0x6c, + 0x6f, 0x61, 0x74, 0x12, 0x45, 0x0a, 0x0d, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, + 0x73, 0x70, 0x61, 0x6e, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x69, 0x6f, 0x2e, + 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, + 0x74, 0x2e, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, 0x6e, 0x52, 0x0c, 0x6e, 0x65, + 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x53, 0x70, 0x61, 0x6e, 0x12, 0x25, 0x0a, 0x0e, 0x6e, 0x65, + 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x64, 0x65, 0x6c, 0x74, 0x61, 0x18, 0x0a, 0x20, 0x03, + 0x28, 0x12, 0x52, 0x0d, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x44, 0x65, 0x6c, 0x74, + 0x61, 0x12, 0x25, 0x0a, 0x0e, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f, + 0x75, 0x6e, 0x74, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x01, 0x52, 0x0d, 0x6e, 0x65, 0x67, 0x61, 0x74, + 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x45, 0x0a, 0x0d, 0x70, 0x6f, 0x73, 0x69, + 0x74, 0x69, 0x76, 0x65, 0x5f, 0x73, 0x70, 0x61, 0x6e, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x0b, 0x32, + 0x20, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, + 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, + 0x6e, 0x52, 0x0c, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x53, 0x70, 0x61, 0x6e, 0x12, + 0x25, 0x0a, 0x0e, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x64, 0x65, 0x6c, 0x74, + 0x61, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x12, 0x52, 0x0d, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, + 0x65, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x12, 0x25, 0x0a, 0x0e, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, + 0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0e, 0x20, 0x03, 0x28, 0x01, 0x52, 0x0d, + 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xc6, 0x01, + 0x0a, 0x06, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x75, 0x6d, 0x75, + 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x04, 0x52, 0x0f, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, + 0x75, 0x6e, 0x74, 0x12, 0x34, 0x0a, 0x16, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, + 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x04, 0x20, + 0x01, 0x28, 0x01, 0x52, 0x14, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, + 0x6f, 0x75, 0x6e, 0x74, 0x46, 0x6c, 0x6f, 0x61, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x75, 0x70, 0x70, + 0x65, 0x72, 0x5f, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0a, + 0x75, 0x70, 0x70, 0x65, 0x72, 0x42, 0x6f, 0x75, 0x6e, 0x64, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78, + 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, + 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, + 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78, + 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x22, 0x3c, 0x0a, 0x0a, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, + 0x53, 0x70, 0x61, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x11, 0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, + 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x6c, 0x65, + 0x6e, 0x67, 0x74, 0x68, 0x22, 0x91, 0x01, 0x0a, 0x08, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, + 0x72, 0x12, 0x35, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, + 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, + 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, + 0x72, 0x52, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, + 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x38, + 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, + 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0xff, 0x02, 0x0a, 0x06, 0x4d, 0x65, 0x74, + 0x72, 0x69, 0x63, 0x12, 0x35, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, + 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, + 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, + 0x61, 0x69, 0x72, 0x52, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x31, 0x0a, 0x05, 0x67, 0x61, + 0x75, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x69, 0x6f, 0x2e, 0x70, + 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, + 0x2e, 0x47, 0x61, 0x75, 0x67, 0x65, 0x52, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x12, 0x37, 0x0a, + 0x07, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, + 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, + 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x52, 0x07, 0x63, + 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x12, 0x37, 0x0a, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, + 0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, + 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x53, + 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x52, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, + 0x37, 0x0a, 0x07, 0x75, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, + 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, + 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x55, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x52, + 0x07, 0x75, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x12, 0x3d, 0x0a, 0x09, 0x68, 0x69, 0x73, 0x74, + 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, + 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, + 0x6e, 0x74, 0x2e, 0x48, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x52, 0x09, 0x68, 0x69, + 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x73, + 0x74, 0x61, 0x6d, 0x70, 0x5f, 0x6d, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x74, + 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x4d, 0x73, 0x22, 0xa2, 0x01, 0x0a, 0x0c, 0x4d, + 0x65, 0x74, 0x72, 0x69, 0x63, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e, + 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, + 0x12, 0x0a, 0x04, 0x68, 0x65, 0x6c, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, + 0x65, 0x6c, 0x70, 0x12, 0x34, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, + 0x0e, 0x32, 0x20, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, + 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, + 0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x34, 0x0a, 0x06, 0x6d, 0x65, 0x74, + 0x72, 0x69, 0x63, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70, + 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, + 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x2a, + 0x62, 0x0a, 0x0a, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, + 0x07, 0x43, 0x4f, 0x55, 0x4e, 0x54, 0x45, 0x52, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x47, 0x41, + 0x55, 0x47, 0x45, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x53, 0x55, 0x4d, 0x4d, 0x41, 0x52, 0x59, + 0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x54, 0x59, 0x50, 0x45, 0x44, 0x10, 0x03, 0x12, + 0x0d, 0x0a, 0x09, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x04, 0x12, 0x13, + 0x0a, 0x0f, 0x47, 0x41, 0x55, 0x47, 0x45, 0x5f, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, + 0x4d, 0x10, 0x05, 0x42, 0x52, 0x0a, 0x14, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, + 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5a, 0x3a, 0x67, 0x69, 0x74, + 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, + 0x75, 0x73, 0x2f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x2f, + 0x67, 0x6f, 0x3b, 0x69, 0x6f, 0x5f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, + 0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, +} + +var ( + file_io_prometheus_client_metrics_proto_rawDescOnce sync.Once + file_io_prometheus_client_metrics_proto_rawDescData = file_io_prometheus_client_metrics_proto_rawDesc +) + +func file_io_prometheus_client_metrics_proto_rawDescGZIP() []byte { + file_io_prometheus_client_metrics_proto_rawDescOnce.Do(func() { + file_io_prometheus_client_metrics_proto_rawDescData = protoimpl.X.CompressGZIP(file_io_prometheus_client_metrics_proto_rawDescData) + }) + return file_io_prometheus_client_metrics_proto_rawDescData +} + +var file_io_prometheus_client_metrics_proto_enumTypes = make([]protoimpl.EnumInfo, 1) +var file_io_prometheus_client_metrics_proto_msgTypes = make([]protoimpl.MessageInfo, 12) +var file_io_prometheus_client_metrics_proto_goTypes = []interface{}{ + (MetricType)(0), // 0: io.prometheus.client.MetricType + (*LabelPair)(nil), // 1: io.prometheus.client.LabelPair + (*Gauge)(nil), // 2: io.prometheus.client.Gauge + (*Counter)(nil), // 3: io.prometheus.client.Counter + (*Quantile)(nil), // 4: io.prometheus.client.Quantile + (*Summary)(nil), // 5: io.prometheus.client.Summary + (*Untyped)(nil), // 6: io.prometheus.client.Untyped + (*Histogram)(nil), // 7: io.prometheus.client.Histogram + (*Bucket)(nil), // 8: io.prometheus.client.Bucket + (*BucketSpan)(nil), // 9: io.prometheus.client.BucketSpan + (*Exemplar)(nil), // 10: io.prometheus.client.Exemplar + (*Metric)(nil), // 11: io.prometheus.client.Metric + (*MetricFamily)(nil), // 12: io.prometheus.client.MetricFamily + (*timestamppb.Timestamp)(nil), // 13: google.protobuf.Timestamp +} +var file_io_prometheus_client_metrics_proto_depIdxs = []int32{ + 10, // 0: io.prometheus.client.Counter.exemplar:type_name -> io.prometheus.client.Exemplar + 4, // 1: io.prometheus.client.Summary.quantile:type_name -> io.prometheus.client.Quantile + 8, // 2: io.prometheus.client.Histogram.bucket:type_name -> io.prometheus.client.Bucket + 9, // 3: io.prometheus.client.Histogram.negative_span:type_name -> io.prometheus.client.BucketSpan + 9, // 4: io.prometheus.client.Histogram.positive_span:type_name -> io.prometheus.client.BucketSpan + 10, // 5: io.prometheus.client.Bucket.exemplar:type_name -> io.prometheus.client.Exemplar + 1, // 6: io.prometheus.client.Exemplar.label:type_name -> io.prometheus.client.LabelPair + 13, // 7: io.prometheus.client.Exemplar.timestamp:type_name -> google.protobuf.Timestamp + 1, // 8: io.prometheus.client.Metric.label:type_name -> io.prometheus.client.LabelPair + 2, // 9: io.prometheus.client.Metric.gauge:type_name -> io.prometheus.client.Gauge + 3, // 10: io.prometheus.client.Metric.counter:type_name -> io.prometheus.client.Counter + 5, // 11: io.prometheus.client.Metric.summary:type_name -> io.prometheus.client.Summary + 6, // 12: io.prometheus.client.Metric.untyped:type_name -> io.prometheus.client.Untyped + 7, // 13: io.prometheus.client.Metric.histogram:type_name -> io.prometheus.client.Histogram + 0, // 14: io.prometheus.client.MetricFamily.type:type_name -> io.prometheus.client.MetricType + 11, // 15: io.prometheus.client.MetricFamily.metric:type_name -> io.prometheus.client.Metric + 16, // [16:16] is the sub-list for method output_type + 16, // [16:16] is the sub-list for method input_type + 16, // [16:16] is the sub-list for extension type_name + 16, // [16:16] is the sub-list for extension extendee + 0, // [0:16] is the sub-list for field type_name +} + +func init() { file_io_prometheus_client_metrics_proto_init() } +func file_io_prometheus_client_metrics_proto_init() { + if File_io_prometheus_client_metrics_proto != nil { + return + } + if !protoimpl.UnsafeEnabled { + file_io_prometheus_client_metrics_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*LabelPair); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Gauge); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Counter); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Quantile); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Summary); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Untyped); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Histogram); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Bucket); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*BucketSpan); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Exemplar); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Metric); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_io_prometheus_client_metrics_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*MetricFamily); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + } + type x struct{} + out := protoimpl.TypeBuilder{ + File: protoimpl.DescBuilder{ + GoPackagePath: reflect.TypeOf(x{}).PkgPath(), + RawDescriptor: file_io_prometheus_client_metrics_proto_rawDesc, + NumEnums: 1, + NumMessages: 12, + NumExtensions: 0, + NumServices: 0, + }, + GoTypes: file_io_prometheus_client_metrics_proto_goTypes, + DependencyIndexes: file_io_prometheus_client_metrics_proto_depIdxs, + EnumInfos: file_io_prometheus_client_metrics_proto_enumTypes, + MessageInfos: file_io_prometheus_client_metrics_proto_msgTypes, + }.Build() + File_io_prometheus_client_metrics_proto = out.File + file_io_prometheus_client_metrics_proto_rawDesc = nil + file_io_prometheus_client_metrics_proto_goTypes = nil + file_io_prometheus_client_metrics_proto_depIdxs = nil } diff --git a/vendor/golang.org/x/crypto/cryptobyte/asn1.go b/vendor/golang.org/x/crypto/cryptobyte/asn1.go index a64c1d752..3141a7f1b 100644 --- a/vendor/golang.org/x/crypto/cryptobyte/asn1.go +++ b/vendor/golang.org/x/crypto/cryptobyte/asn1.go @@ -264,36 +264,35 @@ func (s *String) ReadASN1Boolean(out *bool) bool { return true } -var bigIntType = reflect.TypeOf((*big.Int)(nil)).Elem() - // ReadASN1Integer decodes an ASN.1 INTEGER into out and advances. If out does -// not point to an integer or to a big.Int, it panics. It reports whether the -// read was successful. +// not point to an integer, to a big.Int, or to a []byte it panics. Only +// positive and zero values can be decoded into []byte, and they are returned as +// big-endian binary values that share memory with s. Positive values will have +// no leading zeroes, and zero will be returned as a single zero byte. +// ReadASN1Integer reports whether the read was successful. func (s *String) ReadASN1Integer(out interface{}) bool { - if reflect.TypeOf(out).Kind() != reflect.Ptr { - panic("out is not a pointer") - } - switch reflect.ValueOf(out).Elem().Kind() { - case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64: + switch out := out.(type) { + case *int, *int8, *int16, *int32, *int64: var i int64 if !s.readASN1Int64(&i) || reflect.ValueOf(out).Elem().OverflowInt(i) { return false } reflect.ValueOf(out).Elem().SetInt(i) return true - case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + case *uint, *uint8, *uint16, *uint32, *uint64: var u uint64 if !s.readASN1Uint64(&u) || reflect.ValueOf(out).Elem().OverflowUint(u) { return false } reflect.ValueOf(out).Elem().SetUint(u) return true - case reflect.Struct: - if reflect.TypeOf(out).Elem() == bigIntType { - return s.readASN1BigInt(out.(*big.Int)) - } + case *big.Int: + return s.readASN1BigInt(out) + case *[]byte: + return s.readASN1Bytes(out) + default: + panic("out does not point to an integer type") } - panic("out does not point to an integer type") } func checkASN1Integer(bytes []byte) bool { @@ -333,6 +332,21 @@ func (s *String) readASN1BigInt(out *big.Int) bool { return true } +func (s *String) readASN1Bytes(out *[]byte) bool { + var bytes String + if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) { + return false + } + if bytes[0]&0x80 == 0x80 { + return false + } + for len(bytes) > 1 && bytes[0] == 0 { + bytes = bytes[1:] + } + *out = bytes + return true +} + func (s *String) readASN1Int64(out *int64) bool { var bytes String if !s.ReadASN1(&bytes, asn1.INTEGER) || !checkASN1Integer(bytes) || !asn1Signed(out, bytes) { @@ -545,7 +559,7 @@ func (s *String) ReadASN1BitString(out *encoding_asn1.BitString) bool { return true } -// ReadASN1BitString decodes an ASN.1 BIT STRING into out and advances. It is +// ReadASN1BitStringAsBytes decodes an ASN.1 BIT STRING into out and advances. It is // an error if the BIT STRING is not a whole number of bytes. It reports // whether the read was successful. func (s *String) ReadASN1BitStringAsBytes(out *[]byte) bool { @@ -654,34 +668,27 @@ func (s *String) SkipOptionalASN1(tag asn1.Tag) bool { return s.ReadASN1(&unused, tag) } -// ReadOptionalASN1Integer attempts to read an optional ASN.1 INTEGER -// explicitly tagged with tag into out and advances. If no element with a -// matching tag is present, it writes defaultValue into out instead. If out -// does not point to an integer or to a big.Int, it panics. It reports -// whether the read was successful. +// ReadOptionalASN1Integer attempts to read an optional ASN.1 INTEGER explicitly +// tagged with tag into out and advances. If no element with a matching tag is +// present, it writes defaultValue into out instead. Otherwise, it behaves like +// ReadASN1Integer. func (s *String) ReadOptionalASN1Integer(out interface{}, tag asn1.Tag, defaultValue interface{}) bool { - if reflect.TypeOf(out).Kind() != reflect.Ptr { - panic("out is not a pointer") - } var present bool var i String if !s.ReadOptionalASN1(&i, &present, tag) { return false } if !present { - switch reflect.ValueOf(out).Elem().Kind() { - case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, - reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64: + switch out.(type) { + case *int, *int8, *int16, *int32, *int64, + *uint, *uint8, *uint16, *uint32, *uint64, *[]byte: reflect.ValueOf(out).Elem().Set(reflect.ValueOf(defaultValue)) - case reflect.Struct: - if reflect.TypeOf(out).Elem() != bigIntType { - panic("invalid integer type") - } - if reflect.TypeOf(defaultValue).Kind() != reflect.Ptr || - reflect.TypeOf(defaultValue).Elem() != bigIntType { + case *big.Int: + if defaultValue, ok := defaultValue.(*big.Int); ok { + out.(*big.Int).Set(defaultValue) + } else { panic("out points to big.Int, but defaultValue does not") } - out.(*big.Int).Set(defaultValue.(*big.Int)) default: panic("invalid integer type") } diff --git a/vendor/golang.org/x/crypto/cryptobyte/builder.go b/vendor/golang.org/x/crypto/cryptobyte/builder.go index 2a90c592d..c05ac7d16 100644 --- a/vendor/golang.org/x/crypto/cryptobyte/builder.go +++ b/vendor/golang.org/x/crypto/cryptobyte/builder.go @@ -303,9 +303,9 @@ func (b *Builder) add(bytes ...byte) { b.result = append(b.result, bytes...) } -// Unwrite rolls back n bytes written directly to the Builder. An attempt by a -// child builder passed to a continuation to unwrite bytes from its parent will -// panic. +// Unwrite rolls back non-negative n bytes written directly to the Builder. +// An attempt by a child builder passed to a continuation to unwrite bytes +// from its parent will panic. func (b *Builder) Unwrite(n int) { if b.err != nil { return @@ -317,6 +317,9 @@ func (b *Builder) Unwrite(n int) { if length < 0 { panic("cryptobyte: internal error") } + if n < 0 { + panic("cryptobyte: attempted to unwrite negative number of bytes") + } if n > length { panic("cryptobyte: attempted to unwrite more than was written") } diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519.go b/vendor/golang.org/x/crypto/curve25519/curve25519.go index bc62161d6..00f963ea2 100644 --- a/vendor/golang.org/x/crypto/curve25519/curve25519.go +++ b/vendor/golang.org/x/crypto/curve25519/curve25519.go @@ -5,71 +5,18 @@ // Package curve25519 provides an implementation of the X25519 function, which // performs scalar multiplication on the elliptic curve known as Curve25519. // See RFC 7748. +// +// Starting in Go 1.20, this package is a wrapper for the X25519 implementation +// in the crypto/ecdh package. package curve25519 // import "golang.org/x/crypto/curve25519" -import ( - "crypto/subtle" - "errors" - "strconv" - - "golang.org/x/crypto/curve25519/internal/field" -) - // ScalarMult sets dst to the product scalar * point. // // Deprecated: when provided a low-order point, ScalarMult will set dst to all // zeroes, irrespective of the scalar. Instead, use the X25519 function, which // will return an error. func ScalarMult(dst, scalar, point *[32]byte) { - var e [32]byte - - copy(e[:], scalar[:]) - e[0] &= 248 - e[31] &= 127 - e[31] |= 64 - - var x1, x2, z2, x3, z3, tmp0, tmp1 field.Element - x1.SetBytes(point[:]) - x2.One() - x3.Set(&x1) - z3.One() - - swap := 0 - for pos := 254; pos >= 0; pos-- { - b := e[pos/8] >> uint(pos&7) - b &= 1 - swap ^= int(b) - x2.Swap(&x3, swap) - z2.Swap(&z3, swap) - swap = int(b) - - tmp0.Subtract(&x3, &z3) - tmp1.Subtract(&x2, &z2) - x2.Add(&x2, &z2) - z2.Add(&x3, &z3) - z3.Multiply(&tmp0, &x2) - z2.Multiply(&z2, &tmp1) - tmp0.Square(&tmp1) - tmp1.Square(&x2) - x3.Add(&z3, &z2) - z2.Subtract(&z3, &z2) - x2.Multiply(&tmp1, &tmp0) - tmp1.Subtract(&tmp1, &tmp0) - z2.Square(&z2) - - z3.Mult32(&tmp1, 121666) - x3.Square(&x3) - tmp0.Add(&tmp0, &z3) - z3.Multiply(&x1, &z2) - z2.Multiply(&tmp1, &tmp0) - } - - x2.Swap(&x3, swap) - z2.Swap(&z3, swap) - - z2.Invert(&z2) - x2.Multiply(&x2, &z2) - copy(dst[:], x2.Bytes()) + scalarMult(dst, scalar, point) } // ScalarBaseMult sets dst to the product scalar * base where base is the @@ -78,7 +25,7 @@ func ScalarMult(dst, scalar, point *[32]byte) { // It is recommended to use the X25519 function with Basepoint instead, as // copying into fixed size arrays can lead to unexpected bugs. func ScalarBaseMult(dst, scalar *[32]byte) { - ScalarMult(dst, scalar, &basePoint) + scalarBaseMult(dst, scalar) } const ( @@ -91,21 +38,10 @@ const ( // Basepoint is the canonical Curve25519 generator. var Basepoint []byte -var basePoint = [32]byte{9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} +var basePoint = [32]byte{9} func init() { Basepoint = basePoint[:] } -func checkBasepoint() { - if subtle.ConstantTimeCompare(Basepoint, []byte{ - 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - }) != 1 { - panic("curve25519: global Basepoint value was modified") - } -} - // X25519 returns the result of the scalar multiplication (scalar * point), // according to RFC 7748, Section 5. scalar, point and the return value are // slices of 32 bytes. @@ -121,26 +57,3 @@ func X25519(scalar, point []byte) ([]byte, error) { var dst [32]byte return x25519(&dst, scalar, point) } - -func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) { - var in [32]byte - if l := len(scalar); l != 32 { - return nil, errors.New("bad scalar length: " + strconv.Itoa(l) + ", expected 32") - } - if l := len(point); l != 32 { - return nil, errors.New("bad point length: " + strconv.Itoa(l) + ", expected 32") - } - copy(in[:], scalar) - if &point[0] == &Basepoint[0] { - checkBasepoint() - ScalarBaseMult(dst, &in) - } else { - var base, zero [32]byte - copy(base[:], point) - ScalarMult(dst, &in, &base) - if subtle.ConstantTimeCompare(dst[:], zero[:]) == 1 { - return nil, errors.New("bad input point: low order point") - } - } - return dst[:], nil -} diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519_compat.go b/vendor/golang.org/x/crypto/curve25519/curve25519_compat.go new file mode 100644 index 000000000..ba647e8d7 --- /dev/null +++ b/vendor/golang.org/x/crypto/curve25519/curve25519_compat.go @@ -0,0 +1,105 @@ +// Copyright 2019 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !go1.20 + +package curve25519 + +import ( + "crypto/subtle" + "errors" + "strconv" + + "golang.org/x/crypto/curve25519/internal/field" +) + +func scalarMult(dst, scalar, point *[32]byte) { + var e [32]byte + + copy(e[:], scalar[:]) + e[0] &= 248 + e[31] &= 127 + e[31] |= 64 + + var x1, x2, z2, x3, z3, tmp0, tmp1 field.Element + x1.SetBytes(point[:]) + x2.One() + x3.Set(&x1) + z3.One() + + swap := 0 + for pos := 254; pos >= 0; pos-- { + b := e[pos/8] >> uint(pos&7) + b &= 1 + swap ^= int(b) + x2.Swap(&x3, swap) + z2.Swap(&z3, swap) + swap = int(b) + + tmp0.Subtract(&x3, &z3) + tmp1.Subtract(&x2, &z2) + x2.Add(&x2, &z2) + z2.Add(&x3, &z3) + z3.Multiply(&tmp0, &x2) + z2.Multiply(&z2, &tmp1) + tmp0.Square(&tmp1) + tmp1.Square(&x2) + x3.Add(&z3, &z2) + z2.Subtract(&z3, &z2) + x2.Multiply(&tmp1, &tmp0) + tmp1.Subtract(&tmp1, &tmp0) + z2.Square(&z2) + + z3.Mult32(&tmp1, 121666) + x3.Square(&x3) + tmp0.Add(&tmp0, &z3) + z3.Multiply(&x1, &z2) + z2.Multiply(&tmp1, &tmp0) + } + + x2.Swap(&x3, swap) + z2.Swap(&z3, swap) + + z2.Invert(&z2) + x2.Multiply(&x2, &z2) + copy(dst[:], x2.Bytes()) +} + +func scalarBaseMult(dst, scalar *[32]byte) { + checkBasepoint() + scalarMult(dst, scalar, &basePoint) +} + +func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) { + var in [32]byte + if l := len(scalar); l != 32 { + return nil, errors.New("bad scalar length: " + strconv.Itoa(l) + ", expected 32") + } + if l := len(point); l != 32 { + return nil, errors.New("bad point length: " + strconv.Itoa(l) + ", expected 32") + } + copy(in[:], scalar) + if &point[0] == &Basepoint[0] { + scalarBaseMult(dst, &in) + } else { + var base, zero [32]byte + copy(base[:], point) + scalarMult(dst, &in, &base) + if subtle.ConstantTimeCompare(dst[:], zero[:]) == 1 { + return nil, errors.New("bad input point: low order point") + } + } + return dst[:], nil +} + +func checkBasepoint() { + if subtle.ConstantTimeCompare(Basepoint, []byte{ + 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + }) != 1 { + panic("curve25519: global Basepoint value was modified") + } +} diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519_go120.go b/vendor/golang.org/x/crypto/curve25519/curve25519_go120.go new file mode 100644 index 000000000..627df4972 --- /dev/null +++ b/vendor/golang.org/x/crypto/curve25519/curve25519_go120.go @@ -0,0 +1,46 @@ +// Copyright 2022 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build go1.20 + +package curve25519 + +import "crypto/ecdh" + +func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) { + curve := ecdh.X25519() + pub, err := curve.NewPublicKey(point) + if err != nil { + return nil, err + } + priv, err := curve.NewPrivateKey(scalar) + if err != nil { + return nil, err + } + out, err := priv.ECDH(pub) + if err != nil { + return nil, err + } + copy(dst[:], out) + return dst[:], nil +} + +func scalarMult(dst, scalar, point *[32]byte) { + if _, err := x25519(dst, scalar[:], point[:]); err != nil { + // The only error condition for x25519 when the inputs are 32 bytes long + // is if the output would have been the all-zero value. + for i := range dst { + dst[i] = 0 + } + } +} + +func scalarBaseMult(dst, scalar *[32]byte) { + curve := ecdh.X25519() + priv, err := curve.NewPrivateKey(scalar[:]) + if err != nil { + panic("curve25519: internal error: scalarBaseMult was not 32 bytes") + } + copy(dst[:], priv.PublicKey().Bytes()) +} diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go index 7b5b78cbd..2671217da 100644 --- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go +++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go @@ -245,7 +245,7 @@ func feSquareGeneric(v, a *Element) { v.carryPropagate() } -// carryPropagate brings the limbs below 52 bits by applying the reduction +// carryPropagateGeneric brings the limbs below 52 bits by applying the reduction // identity (a * 2²⁵⁵ + b = a * 19 + b) to the l4 carry. TODO inline func (v *Element) carryPropagateGeneric() *Element { c0 := v.l0 >> 51 diff --git a/vendor/golang.org/x/crypto/ssh/cipher.go b/vendor/golang.org/x/crypto/ssh/cipher.go index 87f48552c..741e984f3 100644 --- a/vendor/golang.org/x/crypto/ssh/cipher.go +++ b/vendor/golang.org/x/crypto/ssh/cipher.go @@ -114,7 +114,8 @@ var cipherModes = map[string]*cipherMode{ "arcfour": {16, 0, streamCipherMode(0, newRC4)}, // AEAD ciphers - gcmCipherID: {16, 12, newGCMCipher}, + gcm128CipherID: {16, 12, newGCMCipher}, + gcm256CipherID: {32, 12, newGCMCipher}, chacha20Poly1305ID: {64, 0, newChaCha20Cipher}, // CBC mode is insecure and so is not included in the default config. diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go index c7964275d..e6a77f26a 100644 --- a/vendor/golang.org/x/crypto/ssh/common.go +++ b/vendor/golang.org/x/crypto/ssh/common.go @@ -28,7 +28,7 @@ const ( // supportedCiphers lists ciphers we support but might not recommend. var supportedCiphers = []string{ "aes128-ctr", "aes192-ctr", "aes256-ctr", - "aes128-gcm@openssh.com", + "aes128-gcm@openssh.com", gcm256CipherID, chacha20Poly1305ID, "arcfour256", "arcfour128", "arcfour", aes128cbcID, @@ -37,7 +37,7 @@ var supportedCiphers = []string{ // preferredCiphers specifies the default preference for ciphers. var preferredCiphers = []string{ - "aes128-gcm@openssh.com", + "aes128-gcm@openssh.com", gcm256CipherID, chacha20Poly1305ID, "aes128-ctr", "aes192-ctr", "aes256-ctr", } @@ -168,7 +168,7 @@ func (a *directionAlgorithms) rekeyBytes() int64 { // 2^(BLOCKSIZE/4) blocks. For all AES flavors BLOCKSIZE is // 128. switch a.Cipher { - case "aes128-ctr", "aes192-ctr", "aes256-ctr", gcmCipherID, aes128cbcID: + case "aes128-ctr", "aes192-ctr", "aes256-ctr", gcm128CipherID, gcm256CipherID, aes128cbcID: return 16 * (1 << 32) } @@ -178,7 +178,8 @@ func (a *directionAlgorithms) rekeyBytes() int64 { } var aeadCiphers = map[string]bool{ - gcmCipherID: true, + gcm128CipherID: true, + gcm256CipherID: true, chacha20Poly1305ID: true, } diff --git a/vendor/golang.org/x/crypto/ssh/connection.go b/vendor/golang.org/x/crypto/ssh/connection.go index 35661a52b..8f345ee92 100644 --- a/vendor/golang.org/x/crypto/ssh/connection.go +++ b/vendor/golang.org/x/crypto/ssh/connection.go @@ -97,7 +97,7 @@ func (c *connection) Close() error { return c.sshConn.conn.Close() } -// sshconn provides net.Conn metadata, but disallows direct reads and +// sshConn provides net.Conn metadata, but disallows direct reads and // writes. type sshConn struct { conn net.Conn diff --git a/vendor/golang.org/x/crypto/ssh/handshake.go b/vendor/golang.org/x/crypto/ssh/handshake.go index 2b84c3571..07a1843e0 100644 --- a/vendor/golang.org/x/crypto/ssh/handshake.go +++ b/vendor/golang.org/x/crypto/ssh/handshake.go @@ -58,11 +58,13 @@ type handshakeTransport struct { incoming chan []byte readError error - mu sync.Mutex - writeError error - sentInitPacket []byte - sentInitMsg *kexInitMsg - pendingPackets [][]byte // Used when a key exchange is in progress. + mu sync.Mutex + writeError error + sentInitPacket []byte + sentInitMsg *kexInitMsg + pendingPackets [][]byte // Used when a key exchange is in progress. + writePacketsLeft uint32 + writeBytesLeft int64 // If the read loop wants to schedule a kex, it pings this // channel, and the write loop will send out a kex @@ -71,7 +73,8 @@ type handshakeTransport struct { // If the other side requests or confirms a kex, its kexInit // packet is sent here for the write loop to find it. - startKex chan *pendingKex + startKex chan *pendingKex + kexLoopDone chan struct{} // closed (with writeError non-nil) when kexLoop exits // data for host key checking hostKeyCallback HostKeyCallback @@ -86,12 +89,10 @@ type handshakeTransport struct { // Algorithms agreed in the last key exchange. algorithms *algorithms + // Counters exclusively owned by readLoop. readPacketsLeft uint32 readBytesLeft int64 - writePacketsLeft uint32 - writeBytesLeft int64 - // The session ID or nil if first kex did not complete yet. sessionID []byte } @@ -108,7 +109,8 @@ func newHandshakeTransport(conn keyingTransport, config *Config, clientVersion, clientVersion: clientVersion, incoming: make(chan []byte, chanSize), requestKex: make(chan struct{}, 1), - startKex: make(chan *pendingKex, 1), + startKex: make(chan *pendingKex), + kexLoopDone: make(chan struct{}), config: config, } @@ -340,16 +342,17 @@ write: t.mu.Unlock() } + // Unblock reader. + t.conn.Close() + // drain startKex channel. We don't service t.requestKex // because nobody does blocking sends there. - go func() { - for init := range t.startKex { - init.done <- t.writeError - } - }() + for request := range t.startKex { + request.done <- t.getWriteError() + } - // Unblock reader. - t.conn.Close() + // Mark that the loop is done so that Close can return. + close(t.kexLoopDone) } // The protocol uses uint32 for packet counters, so we can't let them @@ -545,7 +548,16 @@ func (t *handshakeTransport) writePacket(p []byte) error { } func (t *handshakeTransport) Close() error { - return t.conn.Close() + // Close the connection. This should cause the readLoop goroutine to wake up + // and close t.startKex, which will shut down kexLoop if running. + err := t.conn.Close() + + // Wait for the kexLoop goroutine to complete. + // At that point we know that the readLoop goroutine is complete too, + // because kexLoop itself waits for readLoop to close the startKex channel. + <-t.kexLoopDone + + return err } func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error { diff --git a/vendor/golang.org/x/crypto/ssh/keys.go b/vendor/golang.org/x/crypto/ssh/keys.go index 729698041..dac8ee724 100644 --- a/vendor/golang.org/x/crypto/ssh/keys.go +++ b/vendor/golang.org/x/crypto/ssh/keys.go @@ -1087,9 +1087,9 @@ func (*PassphraseMissingError) Error() string { return "ssh: this private key is passphrase protected" } -// ParseRawPrivateKey returns a private key from a PEM encoded private key. It -// supports RSA (PKCS#1), PKCS#8, DSA (OpenSSL), and ECDSA private keys. If the -// private key is encrypted, it will return a PassphraseMissingError. +// ParseRawPrivateKey returns a private key from a PEM encoded private key. It supports +// RSA, DSA, ECDSA, and Ed25519 private keys in PKCS#1, PKCS#8, OpenSSL, and OpenSSH +// formats. If the private key is encrypted, it will return a PassphraseMissingError. func ParseRawPrivateKey(pemBytes []byte) (interface{}, error) { block, _ := pem.Decode(pemBytes) if block == nil { diff --git a/vendor/golang.org/x/crypto/ssh/transport.go b/vendor/golang.org/x/crypto/ssh/transport.go index acf5a21bb..da015801e 100644 --- a/vendor/golang.org/x/crypto/ssh/transport.go +++ b/vendor/golang.org/x/crypto/ssh/transport.go @@ -17,7 +17,8 @@ import ( const debugTransport = false const ( - gcmCipherID = "aes128-gcm@openssh.com" + gcm128CipherID = "aes128-gcm@openssh.com" + gcm256CipherID = "aes256-gcm@openssh.com" aes128cbcID = "aes128-cbc" tripledescbcID = "3des-cbc" ) diff --git a/vendor/golang.org/x/sys/unix/ioctl_signed.go b/vendor/golang.org/x/sys/unix/ioctl_signed.go new file mode 100644 index 000000000..7def9580e --- /dev/null +++ b/vendor/golang.org/x/sys/unix/ioctl_signed.go @@ -0,0 +1,70 @@ +// Copyright 2018 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build aix || solaris +// +build aix solaris + +package unix + +import ( + "unsafe" +) + +// ioctl itself should not be exposed directly, but additional get/set +// functions for specific types are permissible. + +// IoctlSetInt performs an ioctl operation which sets an integer value +// on fd, using the specified request number. +func IoctlSetInt(fd int, req int, value int) error { + return ioctl(fd, req, uintptr(value)) +} + +// IoctlSetPointerInt performs an ioctl operation which sets an +// integer value on fd, using the specified request number. The ioctl +// argument is called with a pointer to the integer value, rather than +// passing the integer value directly. +func IoctlSetPointerInt(fd int, req int, value int) error { + v := int32(value) + return ioctlPtr(fd, req, unsafe.Pointer(&v)) +} + +// IoctlSetWinsize performs an ioctl on fd with a *Winsize argument. +// +// To change fd's window size, the req argument should be TIOCSWINSZ. +func IoctlSetWinsize(fd int, req int, value *Winsize) error { + // TODO: if we get the chance, remove the req parameter and + // hardcode TIOCSWINSZ. + return ioctlPtr(fd, req, unsafe.Pointer(value)) +} + +// IoctlSetTermios performs an ioctl on fd with a *Termios. +// +// The req value will usually be TCSETA or TIOCSETA. +func IoctlSetTermios(fd int, req int, value *Termios) error { + // TODO: if we get the chance, remove the req parameter. + return ioctlPtr(fd, req, unsafe.Pointer(value)) +} + +// IoctlGetInt performs an ioctl operation which gets an integer value +// from fd, using the specified request number. +// +// A few ioctl requests use the return value as an output parameter; +// for those, IoctlRetInt should be used instead of this function. +func IoctlGetInt(fd int, req int) (int, error) { + var value int + err := ioctlPtr(fd, req, unsafe.Pointer(&value)) + return value, err +} + +func IoctlGetWinsize(fd int, req int) (*Winsize, error) { + var value Winsize + err := ioctlPtr(fd, req, unsafe.Pointer(&value)) + return &value, err +} + +func IoctlGetTermios(fd int, req int) (*Termios, error) { + var value Termios + err := ioctlPtr(fd, req, unsafe.Pointer(&value)) + return &value, err +} diff --git a/vendor/golang.org/x/sys/unix/ioctl.go b/vendor/golang.org/x/sys/unix/ioctl_unsigned.go similarity index 92% rename from vendor/golang.org/x/sys/unix/ioctl.go rename to vendor/golang.org/x/sys/unix/ioctl_unsigned.go index 7ce8dd406..649913d1e 100644 --- a/vendor/golang.org/x/sys/unix/ioctl.go +++ b/vendor/golang.org/x/sys/unix/ioctl_unsigned.go @@ -2,8 +2,8 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build aix || darwin || dragonfly || freebsd || hurd || linux || netbsd || openbsd || solaris -// +build aix darwin dragonfly freebsd hurd linux netbsd openbsd solaris +//go:build darwin || dragonfly || freebsd || hurd || linux || netbsd || openbsd +// +build darwin dragonfly freebsd hurd linux netbsd openbsd package unix diff --git a/vendor/golang.org/x/sys/unix/ioctl_zos.go b/vendor/golang.org/x/sys/unix/ioctl_zos.go index 6532f09af..cdc21bf76 100644 --- a/vendor/golang.org/x/sys/unix/ioctl_zos.go +++ b/vendor/golang.org/x/sys/unix/ioctl_zos.go @@ -17,14 +17,14 @@ import ( // IoctlSetInt performs an ioctl operation which sets an integer value // on fd, using the specified request number. -func IoctlSetInt(fd int, req uint, value int) error { +func IoctlSetInt(fd int, req int, value int) error { return ioctl(fd, req, uintptr(value)) } // IoctlSetWinsize performs an ioctl on fd with a *Winsize argument. // // To change fd's window size, the req argument should be TIOCSWINSZ. -func IoctlSetWinsize(fd int, req uint, value *Winsize) error { +func IoctlSetWinsize(fd int, req int, value *Winsize) error { // TODO: if we get the chance, remove the req parameter and // hardcode TIOCSWINSZ. return ioctlPtr(fd, req, unsafe.Pointer(value)) @@ -33,7 +33,7 @@ func IoctlSetWinsize(fd int, req uint, value *Winsize) error { // IoctlSetTermios performs an ioctl on fd with a *Termios. // // The req value is expected to be TCSETS, TCSETSW, or TCSETSF -func IoctlSetTermios(fd int, req uint, value *Termios) error { +func IoctlSetTermios(fd int, req int, value *Termios) error { if (req != TCSETS) && (req != TCSETSW) && (req != TCSETSF) { return ENOSYS } @@ -47,13 +47,13 @@ func IoctlSetTermios(fd int, req uint, value *Termios) error { // // A few ioctl requests use the return value as an output parameter; // for those, IoctlRetInt should be used instead of this function. -func IoctlGetInt(fd int, req uint) (int, error) { +func IoctlGetInt(fd int, req int) (int, error) { var value int err := ioctlPtr(fd, req, unsafe.Pointer(&value)) return value, err } -func IoctlGetWinsize(fd int, req uint) (*Winsize, error) { +func IoctlGetWinsize(fd int, req int) (*Winsize, error) { var value Winsize err := ioctlPtr(fd, req, unsafe.Pointer(&value)) return &value, err @@ -62,7 +62,7 @@ func IoctlGetWinsize(fd int, req uint) (*Winsize, error) { // IoctlGetTermios performs an ioctl on fd with a *Termios. // // The req value is expected to be TCGETS -func IoctlGetTermios(fd int, req uint) (*Termios, error) { +func IoctlGetTermios(fd int, req int) (*Termios, error) { var value Termios if req != TCGETS { return &value, ENOSYS diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh index 7456d9ddd..be0423e68 100644 --- a/vendor/golang.org/x/sys/unix/mkerrors.sh +++ b/vendor/golang.org/x/sys/unix/mkerrors.sh @@ -66,6 +66,7 @@ includes_Darwin=' #include #include #include +#include #include #include #include @@ -203,6 +204,7 @@ struct ltchars { #include #include #include +#include #include #include #include @@ -517,10 +519,11 @@ ccflags="$@" $2 ~ /^LOCK_(SH|EX|NB|UN)$/ || $2 ~ /^LO_(KEY|NAME)_SIZE$/ || $2 ~ /^LOOP_(CLR|CTL|GET|SET)_/ || - $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT)_/ || + $2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ || $2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ || $2 ~ /^NFC_.*_(MAX)?SIZE$/ || $2 ~ /^RAW_PAYLOAD_/ || + $2 ~ /^[US]F_/ || $2 ~ /^TP_STATUS_/ || $2 ~ /^FALLOC_/ || $2 ~ /^ICMPV?6?_(FILTER|SEC)/ || diff --git a/vendor/golang.org/x/sys/unix/syscall_aix.go b/vendor/golang.org/x/sys/unix/syscall_aix.go index d9f5544cc..c406ae00f 100644 --- a/vendor/golang.org/x/sys/unix/syscall_aix.go +++ b/vendor/golang.org/x/sys/unix/syscall_aix.go @@ -408,8 +408,8 @@ func (w WaitStatus) CoreDump() bool { return w&0x80 == 0x80 } func (w WaitStatus) TrapCause() int { return -1 } -//sys ioctl(fd int, req uint, arg uintptr) (err error) -//sys ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) = ioctl +//sys ioctl(fd int, req int, arg uintptr) (err error) +//sys ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) = ioctl // fcntl must never be called with cmd=F_DUP2FD because it doesn't work on AIX // There is no way to create a custom fcntl and to keep //sys fcntl easily, diff --git a/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go b/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go index e92a0be16..f2871fa95 100644 --- a/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go +++ b/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go @@ -8,7 +8,6 @@ package unix //sysnb Getrlimit(resource int, rlim *Rlimit) (err error) = getrlimit64 -//sysnb Setrlimit(resource int, rlim *Rlimit) (err error) = setrlimit64 //sys Seek(fd int, offset int64, whence int) (off int64, err error) = lseek64 //sys mmap(addr uintptr, length uintptr, prot int, flags int, fd int, offset int64) (xaddr uintptr, err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go b/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go index 16eed1709..75718ec0f 100644 --- a/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go +++ b/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go @@ -8,7 +8,6 @@ package unix //sysnb Getrlimit(resource int, rlim *Rlimit) (err error) -//sysnb Setrlimit(resource int, rlim *Rlimit) (err error) //sys Seek(fd int, offset int64, whence int) (off int64, err error) = lseek //sys mmap(addr uintptr, length uintptr, prot int, flags int, fd int, offset int64) (xaddr uintptr, err error) = mmap64 diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go index 7064d6eba..206921504 100644 --- a/vendor/golang.org/x/sys/unix/syscall_darwin.go +++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go @@ -613,6 +613,7 @@ func SysctlKinfoProcSlice(name string, args ...int) ([]KinfoProc, error) { //sys Rmdir(path string) (err error) //sys Seek(fd int, offset int64, whence int) (newoffset int64, err error) = SYS_LSEEK //sys Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err error) +//sys Setattrlist(path string, attrlist *Attrlist, attrBuf []byte, options int) (err error) //sys Setegid(egid int) (err error) //sysnb Seteuid(euid int) (err error) //sysnb Setgid(gid int) (err error) @@ -622,7 +623,6 @@ func SysctlKinfoProcSlice(name string, args ...int) ([]KinfoProc, error) { //sys Setprivexec(flag int) (err error) //sysnb Setregid(rgid int, egid int) (err error) //sysnb Setreuid(ruid int, euid int) (err error) -//sysnb Setrlimit(which int, lim *Rlimit) (err error) //sysnb Setsid() (pid int, err error) //sysnb Settimeofday(tp *Timeval) (err error) //sysnb Setuid(uid int) (err error) @@ -676,7 +676,6 @@ func SysctlKinfoProcSlice(name string, args ...int) ([]KinfoProc, error) { // Kqueue_from_portset_np // Kqueue_portset // Getattrlist -// Setattrlist // Getdirentriesattr // Searchfs // Delete diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go index 221efc26b..d4ce988e7 100644 --- a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go +++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go @@ -326,7 +326,6 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e //sysnb Setreuid(ruid int, euid int) (err error) //sysnb Setresgid(rgid int, egid int, sgid int) (err error) //sysnb Setresuid(ruid int, euid int, suid int) (err error) -//sysnb Setrlimit(which int, lim *Rlimit) (err error) //sysnb Setsid() (pid int, err error) //sysnb Settimeofday(tp *Timeval) (err error) //sysnb Setuid(uid int) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd.go b/vendor/golang.org/x/sys/unix/syscall_freebsd.go index 5bdde03e4..afb10106f 100644 --- a/vendor/golang.org/x/sys/unix/syscall_freebsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_freebsd.go @@ -433,7 +433,6 @@ func Dup3(oldfd, newfd, flags int) error { //sysnb Setreuid(ruid int, euid int) (err error) //sysnb Setresgid(rgid int, egid int, sgid int) (err error) //sysnb Setresuid(ruid int, euid int, suid int) (err error) -//sysnb Setrlimit(which int, lim *Rlimit) (err error) //sysnb Setsid() (pid int, err error) //sysnb Settimeofday(tp *Timeval) (err error) //sysnb Setuid(uid int) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go index 973533153..fbaeb5fff 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux.go @@ -1873,7 +1873,6 @@ func Getpgrp() (pid int) { //sys OpenTree(dfd int, fileName string, flags uint) (r int, err error) //sys PerfEventOpen(attr *PerfEventAttr, pid int, cpu int, groupFd int, flags int) (fd int, err error) //sys PivotRoot(newroot string, putold string) (err error) = SYS_PIVOT_ROOT -//sysnb Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) = SYS_PRLIMIT64 //sys Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) //sys Pselect(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timespec, sigmask *Sigset_t) (n int, err error) = SYS_PSELECT6 //sys read(fd int, p []byte) (n int, err error) @@ -1887,6 +1886,15 @@ func Getpgrp() (pid int) { //sysnb Settimeofday(tv *Timeval) (err error) //sys Setns(fd int, nstype int) (err error) +//go:linkname syscall_prlimit syscall.prlimit +func syscall_prlimit(pid, resource int, newlimit, old *syscall.Rlimit) error + +func Prlimit(pid, resource int, newlimit, old *Rlimit) error { + // Just call the syscall version, because as of Go 1.21 + // it will affect starting a new process. + return syscall_prlimit(pid, resource, (*syscall.Rlimit)(newlimit), (*syscall.Rlimit)(old)) +} + // PrctlRetInt performs a prctl operation specified by option and further // optional arguments arg2 through arg5 depending on option. It returns a // non-negative integer that is returned by the prctl syscall. diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_386.go index ff5b5899d..c7d9945ea 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_386.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_386.go @@ -97,33 +97,6 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) { return } -//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT - -func Setrlimit(resource int, rlim *Rlimit) (err error) { - err = Prlimit(0, resource, rlim, nil) - if err != ENOSYS { - return err - } - - rl := rlimit32{} - if rlim.Cur == rlimInf64 { - rl.Cur = rlimInf32 - } else if rlim.Cur < uint64(rlimInf32) { - rl.Cur = uint32(rlim.Cur) - } else { - return EINVAL - } - if rlim.Max == rlimInf64 { - rl.Max = rlimInf32 - } else if rlim.Max < uint64(rlimInf32) { - rl.Max = uint32(rlim.Max) - } else { - return EINVAL - } - - return setrlimit(resource, &rl) -} - func Seek(fd int, offset int64, whence int) (newoffset int64, err error) { newoffset, errno := seek(fd, offset, whence) if errno != 0 { diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go index 9b2703532..5b21fcfd7 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go @@ -46,7 +46,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err //sys sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) //sys setfsgid(gid int) (prev int, err error) //sys setfsuid(uid int) (prev int, err error) -//sysnb Setrlimit(resource int, rlim *Rlimit) (err error) //sys Shutdown(fd int, how int) (err error) //sys Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int64, err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go index 856ad1d63..da2986415 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go @@ -171,33 +171,6 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) { return } -//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT - -func Setrlimit(resource int, rlim *Rlimit) (err error) { - err = Prlimit(0, resource, rlim, nil) - if err != ENOSYS { - return err - } - - rl := rlimit32{} - if rlim.Cur == rlimInf64 { - rl.Cur = rlimInf32 - } else if rlim.Cur < uint64(rlimInf32) { - rl.Cur = uint32(rlim.Cur) - } else { - return EINVAL - } - if rlim.Max == rlimInf64 { - rl.Max = rlimInf32 - } else if rlim.Max < uint64(rlimInf32) { - rl.Max = uint32(rlim.Max) - } else { - return EINVAL - } - - return setrlimit(resource, &rl) -} - func (r *PtraceRegs) PC() uint64 { return uint64(r.Uregs[15]) } func (r *PtraceRegs) SetPC(pc uint64) { r.Uregs[15] = uint32(pc) } diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go index 6422704bc..a81f5742b 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go @@ -39,7 +39,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err //sys sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) //sys setfsgid(gid int) (prev int, err error) //sys setfsuid(uid int) (prev int, err error) -//sysnb setrlimit(resource int, rlim *Rlimit) (err error) //sys Shutdown(fd int, how int) (err error) //sys Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int64, err error) @@ -143,15 +142,6 @@ func Getrlimit(resource int, rlim *Rlimit) error { return getrlimit(resource, rlim) } -// Setrlimit prefers the prlimit64 system call. See issue 38604. -func Setrlimit(resource int, rlim *Rlimit) error { - err := Prlimit(0, resource, rlim, nil) - if err != ENOSYS { - return err - } - return setrlimit(resource, rlim) -} - func (r *PtraceRegs) PC() uint64 { return r.Pc } func (r *PtraceRegs) SetPC(pc uint64) { r.Pc = pc } diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go index 59dab510e..69d2d7c3d 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go @@ -126,11 +126,6 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) { return } -func Setrlimit(resource int, rlim *Rlimit) (err error) { - err = Prlimit(0, resource, rlim, nil) - return -} - func futimesat(dirfd int, path string, tv *[2]Timeval) (err error) { if tv == nil { return utimensat(dirfd, path, nil, 0) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go index bfef09a39..76d564095 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go @@ -37,7 +37,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err //sys sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) //sys setfsgid(gid int) (prev int, err error) //sys setfsuid(uid int) (prev int, err error) -//sysnb Setrlimit(resource int, rlim *Rlimit) (err error) //sys Shutdown(fd int, how int) (err error) //sys Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int64, err error) //sys Statfs(path string, buf *Statfs_t) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go index ab3025096..aae7f0ffd 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go @@ -151,33 +151,6 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) { return } -//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT - -func Setrlimit(resource int, rlim *Rlimit) (err error) { - err = Prlimit(0, resource, rlim, nil) - if err != ENOSYS { - return err - } - - rl := rlimit32{} - if rlim.Cur == rlimInf64 { - rl.Cur = rlimInf32 - } else if rlim.Cur < uint64(rlimInf32) { - rl.Cur = uint32(rlim.Cur) - } else { - return EINVAL - } - if rlim.Max == rlimInf64 { - rl.Max = rlimInf32 - } else if rlim.Max < uint64(rlimInf32) { - rl.Max = uint32(rlim.Max) - } else { - return EINVAL - } - - return setrlimit(resource, &rl) -} - func (r *PtraceRegs) PC() uint64 { return r.Epc } func (r *PtraceRegs) SetPC(pc uint64) { r.Epc = pc } diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go index eac1cf1ac..66eff19a3 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go @@ -159,33 +159,6 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) { return } -//sysnb setrlimit(resource int, rlim *rlimit32) (err error) = SYS_SETRLIMIT - -func Setrlimit(resource int, rlim *Rlimit) (err error) { - err = Prlimit(0, resource, rlim, nil) - if err != ENOSYS { - return err - } - - rl := rlimit32{} - if rlim.Cur == rlimInf64 { - rl.Cur = rlimInf32 - } else if rlim.Cur < uint64(rlimInf32) { - rl.Cur = uint32(rlim.Cur) - } else { - return EINVAL - } - if rlim.Max == rlimInf64 { - rl.Max = rlimInf32 - } else if rlim.Max < uint64(rlimInf32) { - rl.Max = uint32(rlim.Max) - } else { - return EINVAL - } - - return setrlimit(resource, &rl) -} - func (r *PtraceRegs) PC() uint32 { return r.Nip } func (r *PtraceRegs) SetPC(pc uint32) { r.Nip = pc } diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go index 4df56616b..806aa2574 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go @@ -34,7 +34,6 @@ package unix //sys sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) //sys setfsgid(gid int) (prev int, err error) //sys setfsuid(uid int) (prev int, err error) -//sysnb Setrlimit(resource int, rlim *Rlimit) (err error) //sys Shutdown(fd int, how int) (err error) //sys Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int64, err error) //sys Stat(path string, stat *Stat_t) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go index 5f4243dea..35851ef70 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go @@ -38,7 +38,6 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err //sys sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) //sys setfsgid(gid int) (prev int, err error) //sys setfsuid(uid int) (prev int, err error) -//sysnb Setrlimit(resource int, rlim *Rlimit) (err error) //sys Shutdown(fd int, how int) (err error) //sys Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int64, err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go b/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go index d0a7d4066..2f89e8f5d 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go @@ -34,7 +34,6 @@ import ( //sys sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) //sys setfsgid(gid int) (prev int, err error) //sys setfsuid(uid int) (prev int, err error) -//sysnb Setrlimit(resource int, rlim *Rlimit) (err error) //sys Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int64, err error) //sys Stat(path string, stat *Stat_t) (err error) //sys Statfs(path string, buf *Statfs_t) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go b/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go index f5c793be2..7ca064ae7 100644 --- a/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go @@ -31,7 +31,6 @@ package unix //sys sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) //sys setfsgid(gid int) (prev int, err error) //sys setfsuid(uid int) (prev int, err error) -//sysnb Setrlimit(resource int, rlim *Rlimit) (err error) //sys Shutdown(fd int, how int) (err error) //sys Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int64, err error) //sys Stat(path string, stat *Stat_t) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd.go b/vendor/golang.org/x/sys/unix/syscall_netbsd.go index e66865dcc..018d7d478 100644 --- a/vendor/golang.org/x/sys/unix/syscall_netbsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_netbsd.go @@ -340,7 +340,6 @@ func Statvfs(path string, buf *Statvfs_t) (err error) { //sys Setpriority(which int, who int, prio int) (err error) //sysnb Setregid(rgid int, egid int) (err error) //sysnb Setreuid(ruid int, euid int) (err error) -//sysnb Setrlimit(which int, lim *Rlimit) (err error) //sysnb Setsid() (pid int, err error) //sysnb Settimeofday(tp *Timeval) (err error) //sysnb Setuid(uid int) (err error) @@ -501,7 +500,6 @@ func Statvfs(path string, buf *Statvfs_t) (err error) { // compat_43_osendmsg // compat_43_osethostid // compat_43_osethostname -// compat_43_osetrlimit // compat_43_osigblock // compat_43_osigsetmask // compat_43_osigstack diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go index 5e9de23ae..f9c7a9663 100644 --- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go +++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go @@ -294,7 +294,6 @@ func Uname(uname *Utsname) error { //sysnb Setreuid(ruid int, euid int) (err error) //sysnb Setresgid(rgid int, egid int, sgid int) (err error) //sysnb Setresuid(ruid int, euid int, suid int) (err error) -//sysnb Setrlimit(which int, lim *Rlimit) (err error) //sysnb Setrtable(rtable int) (err error) //sysnb Setsid() (pid int, err error) //sysnb Settimeofday(tp *Timeval) (err error) diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go index d3444b64d..b600a289d 100644 --- a/vendor/golang.org/x/sys/unix/syscall_solaris.go +++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go @@ -545,24 +545,24 @@ func Minor(dev uint64) uint32 { * Expose the ioctl function */ -//sys ioctlRet(fd int, req uint, arg uintptr) (ret int, err error) = libc.ioctl -//sys ioctlPtrRet(fd int, req uint, arg unsafe.Pointer) (ret int, err error) = libc.ioctl +//sys ioctlRet(fd int, req int, arg uintptr) (ret int, err error) = libc.ioctl +//sys ioctlPtrRet(fd int, req int, arg unsafe.Pointer) (ret int, err error) = libc.ioctl -func ioctl(fd int, req uint, arg uintptr) (err error) { +func ioctl(fd int, req int, arg uintptr) (err error) { _, err = ioctlRet(fd, req, arg) return err } -func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { +func ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) { _, err = ioctlPtrRet(fd, req, arg) return err } -func IoctlSetTermio(fd int, req uint, value *Termio) error { +func IoctlSetTermio(fd int, req int, value *Termio) error { return ioctlPtr(fd, req, unsafe.Pointer(value)) } -func IoctlGetTermio(fd int, req uint) (*Termio, error) { +func IoctlGetTermio(fd int, req int) (*Termio, error) { var value Termio err := ioctlPtr(fd, req, unsafe.Pointer(&value)) return &value, err @@ -665,7 +665,6 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e //sys Setpriority(which int, who int, prio int) (err error) //sysnb Setregid(rgid int, egid int) (err error) //sysnb Setreuid(ruid int, euid int) (err error) -//sysnb Setrlimit(which int, lim *Rlimit) (err error) //sysnb Setsid() (pid int, err error) //sysnb Setuid(uid int) (err error) //sys Shutdown(s int, how int) (err error) = libsocket.shutdown @@ -1080,11 +1079,11 @@ func Getmsg(fd int, cl []byte, data []byte) (retCl []byte, retData []byte, flags return retCl, retData, flags, nil } -func IoctlSetIntRetInt(fd int, req uint, arg int) (int, error) { +func IoctlSetIntRetInt(fd int, req int, arg int) (int, error) { return ioctlRet(fd, req, uintptr(arg)) } -func IoctlSetString(fd int, req uint, val string) error { +func IoctlSetString(fd int, req int, val string) error { bs := make([]byte, len(val)+1) copy(bs[:len(bs)-1], val) err := ioctlPtr(fd, req, unsafe.Pointer(&bs[0])) @@ -1120,7 +1119,7 @@ func (l *Lifreq) GetLifruUint() uint { return *(*uint)(unsafe.Pointer(&l.Lifru[0])) } -func IoctlLifreq(fd int, req uint, l *Lifreq) error { +func IoctlLifreq(fd int, req int, l *Lifreq) error { return ioctlPtr(fd, req, unsafe.Pointer(l)) } @@ -1131,6 +1130,6 @@ func (s *Strioctl) SetInt(i int) { s.Dp = (*int8)(unsafe.Pointer(&i)) } -func IoctlSetStrioctlRetInt(fd int, req uint, s *Strioctl) (int, error) { +func IoctlSetStrioctlRetInt(fd int, req int, s *Strioctl) (int, error) { return ioctlPtrRet(fd, req, unsafe.Pointer(s)) } diff --git a/vendor/golang.org/x/sys/unix/syscall_unix.go b/vendor/golang.org/x/sys/unix/syscall_unix.go index 00f0aa375..8e48c29ec 100644 --- a/vendor/golang.org/x/sys/unix/syscall_unix.go +++ b/vendor/golang.org/x/sys/unix/syscall_unix.go @@ -587,3 +587,10 @@ func emptyIovecs(iov []Iovec) bool { } return true } + +// Setrlimit sets a resource limit. +func Setrlimit(resource int, rlim *Rlimit) error { + // Just call the syscall version, because as of Go 1.21 + // it will affect starting a new process. + return syscall.Setrlimit(resource, (*syscall.Rlimit)(rlim)) +} diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go index b295497ae..d3d49ec3e 100644 --- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go +++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go @@ -212,8 +212,8 @@ func (cmsg *Cmsghdr) SetLen(length int) { //sys sendmsg(s int, msg *Msghdr, flags int) (n int, err error) = SYS___SENDMSG_A //sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) = SYS_MMAP //sys munmap(addr uintptr, length uintptr) (err error) = SYS_MUNMAP -//sys ioctl(fd int, req uint, arg uintptr) (err error) = SYS_IOCTL -//sys ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) = SYS_IOCTL +//sys ioctl(fd int, req int, arg uintptr) (err error) = SYS_IOCTL +//sys ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) = SYS_IOCTL //sys Access(path string, mode uint32) (err error) = SYS___ACCESS_A //sys Chdir(path string) (err error) = SYS___CHDIR_A diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go index 476a1c7e7..143007627 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go @@ -1270,6 +1270,16 @@ const ( SEEK_END = 0x2 SEEK_HOLE = 0x3 SEEK_SET = 0x0 + SF_APPEND = 0x40000 + SF_ARCHIVED = 0x10000 + SF_DATALESS = 0x40000000 + SF_FIRMLINK = 0x800000 + SF_IMMUTABLE = 0x20000 + SF_NOUNLINK = 0x100000 + SF_RESTRICTED = 0x80000 + SF_SETTABLE = 0x3fff0000 + SF_SUPPORTED = 0x9f0000 + SF_SYNTHETIC = 0xc0000000 SHUT_RD = 0x0 SHUT_RDWR = 0x2 SHUT_WR = 0x1 @@ -1543,6 +1553,15 @@ const ( TIOCTIMESTAMP = 0x40107459 TIOCUCNTL = 0x80047466 TOSTOP = 0x400000 + UF_APPEND = 0x4 + UF_COMPRESSED = 0x20 + UF_DATAVAULT = 0x80 + UF_HIDDEN = 0x8000 + UF_IMMUTABLE = 0x2 + UF_NODUMP = 0x1 + UF_OPAQUE = 0x8 + UF_SETTABLE = 0xffff + UF_TRACKED = 0x40 VDISCARD = 0xf VDSUSP = 0xb VEOF = 0x0 diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go index e36f5178d..ab044a742 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go @@ -1270,6 +1270,16 @@ const ( SEEK_END = 0x2 SEEK_HOLE = 0x3 SEEK_SET = 0x0 + SF_APPEND = 0x40000 + SF_ARCHIVED = 0x10000 + SF_DATALESS = 0x40000000 + SF_FIRMLINK = 0x800000 + SF_IMMUTABLE = 0x20000 + SF_NOUNLINK = 0x100000 + SF_RESTRICTED = 0x80000 + SF_SETTABLE = 0x3fff0000 + SF_SUPPORTED = 0x9f0000 + SF_SYNTHETIC = 0xc0000000 SHUT_RD = 0x0 SHUT_RDWR = 0x2 SHUT_WR = 0x1 @@ -1543,6 +1553,15 @@ const ( TIOCTIMESTAMP = 0x40107459 TIOCUCNTL = 0x80047466 TOSTOP = 0x400000 + UF_APPEND = 0x4 + UF_COMPRESSED = 0x20 + UF_DATAVAULT = 0x80 + UF_HIDDEN = 0x8000 + UF_IMMUTABLE = 0x2 + UF_NODUMP = 0x1 + UF_OPAQUE = 0x8 + UF_SETTABLE = 0xffff + UF_TRACKED = 0x40 VDISCARD = 0xf VDSUSP = 0xb VEOF = 0x0 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go index 398c37e52..de936b677 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go @@ -2967,6 +2967,7 @@ const ( SOL_TCP = 0x6 SOL_TIPC = 0x10f SOL_TLS = 0x11a + SOL_UDP = 0x11 SOL_X25 = 0x106 SOL_XDP = 0x11b SOMAXCONN = 0x1000 @@ -3251,6 +3252,19 @@ const ( TRACEFS_MAGIC = 0x74726163 TS_COMM_LEN = 0x20 UDF_SUPER_MAGIC = 0x15013346 + UDP_CORK = 0x1 + UDP_ENCAP = 0x64 + UDP_ENCAP_ESPINUDP = 0x2 + UDP_ENCAP_ESPINUDP_NON_IKE = 0x1 + UDP_ENCAP_GTP0 = 0x4 + UDP_ENCAP_GTP1U = 0x5 + UDP_ENCAP_L2TPINUDP = 0x3 + UDP_GRO = 0x68 + UDP_NO_CHECK6_RX = 0x66 + UDP_NO_CHECK6_TX = 0x65 + UDP_SEGMENT = 0x67 + UDP_V4_FLOW = 0x2 + UDP_V6_FLOW = 0x6 UMOUNT_NOFOLLOW = 0x8 USBDEVICE_SUPER_MAGIC = 0x9fa2 UTIME_NOW = 0x3fffffff diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go index ef9dcd1be..9a257219d 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go @@ -124,7 +124,6 @@ int utime(uintptr_t, uintptr_t); unsigned long long getsystemcfg(int); int umount(uintptr_t); int getrlimit64(int, uintptr_t); -int setrlimit64(int, uintptr_t); long long lseek64(int, long long, int); uintptr_t mmap(uintptr_t, uintptr_t, int, int, int, long long); @@ -213,7 +212,7 @@ func wait4(pid Pid_t, status *_C_int, options int, rusage *Rusage) (wpid Pid_t, // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ioctl(fd int, req uint, arg uintptr) (err error) { +func ioctl(fd int, req int, arg uintptr) (err error) { r0, er := C.ioctl(C.int(fd), C.int(req), C.uintptr_t(arg)) if r0 == -1 && er != nil { err = er @@ -223,7 +222,7 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { +func ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) { r0, er := C.ioctl(C.int(fd), C.int(req), C.uintptr_t(uintptr(arg))) if r0 == -1 && er != nil { err = er @@ -1464,16 +1463,6 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - r0, er := C.setrlimit64(C.int(resource), C.uintptr_t(uintptr(unsafe.Pointer(rlim)))) - if r0 == -1 && er != nil { - err = er - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Seek(fd int, offset int64, whence int) (off int64, err error) { r0, er := C.lseek64(C.int(fd), C.longlong(offset), C.int(whence)) off = int64(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go index f86a94592..6de80c20c 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go @@ -93,8 +93,8 @@ func wait4(pid Pid_t, status *_C_int, options int, rusage *Rusage) (wpid Pid_t, // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ioctl(fd int, req uint, arg uintptr) (err error) { - _, e1 := callioctl(fd, int(req), arg) +func ioctl(fd int, req int, arg uintptr) (err error) { + _, e1 := callioctl(fd, req, arg) if e1 != 0 { err = errnoErr(e1) } @@ -103,8 +103,8 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { - _, e1 := callioctl_ptr(fd, int(req), arg) +func ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) { + _, e1 := callioctl_ptr(fd, req, arg) if e1 != 0 { err = errnoErr(e1) } @@ -1422,16 +1422,6 @@ func Getrlimit(resource int, rlim *Rlimit) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - _, e1 := callsetrlimit(resource, uintptr(unsafe.Pointer(rlim))) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Seek(fd int, offset int64, whence int) (off int64, err error) { r0, e1 := calllseek(fd, offset, whence) off = int64(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go index d32a84cae..c4d50ae50 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go @@ -124,7 +124,6 @@ import ( //go:cgo_import_dynamic libc_getsystemcfg getsystemcfg "libc.a/shr_64.o" //go:cgo_import_dynamic libc_umount umount "libc.a/shr_64.o" //go:cgo_import_dynamic libc_getrlimit getrlimit "libc.a/shr_64.o" -//go:cgo_import_dynamic libc_setrlimit setrlimit "libc.a/shr_64.o" //go:cgo_import_dynamic libc_lseek lseek "libc.a/shr_64.o" //go:cgo_import_dynamic libc_mmap64 mmap64 "libc.a/shr_64.o" @@ -242,7 +241,6 @@ import ( //go:linkname libc_getsystemcfg libc_getsystemcfg //go:linkname libc_umount libc_umount //go:linkname libc_getrlimit libc_getrlimit -//go:linkname libc_setrlimit libc_setrlimit //go:linkname libc_lseek libc_lseek //go:linkname libc_mmap64 libc_mmap64 @@ -363,7 +361,6 @@ var ( libc_getsystemcfg, libc_umount, libc_getrlimit, - libc_setrlimit, libc_lseek, libc_mmap64 syscallFunc ) @@ -1179,13 +1176,6 @@ func callgetrlimit(resource int, rlim uintptr) (r1 uintptr, e1 Errno) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func callsetrlimit(resource int, rlim uintptr) (r1 uintptr, e1 Errno) { - r1, _, e1 = rawSyscall6(uintptr(unsafe.Pointer(&libc_setrlimit)), 2, uintptr(resource), rlim, 0, 0, 0, 0) - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func calllseek(fd int, offset int64, whence int) (r1 uintptr, e1 Errno) { r1, _, e1 = syscall6(uintptr(unsafe.Pointer(&libc_lseek)), 3, uintptr(fd), uintptr(offset), uintptr(whence), 0, 0, 0) return diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go index d7d8baf81..6903d3b09 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go @@ -123,7 +123,6 @@ int utime(uintptr_t, uintptr_t); unsigned long long getsystemcfg(int); int umount(uintptr_t); int getrlimit(int, uintptr_t); -int setrlimit(int, uintptr_t); long long lseek(int, long long, int); uintptr_t mmap64(uintptr_t, uintptr_t, int, int, int, long long); @@ -131,6 +130,7 @@ uintptr_t mmap64(uintptr_t, uintptr_t, int, int, int, long long); import "C" import ( "syscall" + "unsafe" ) // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT @@ -1055,14 +1055,6 @@ func callgetrlimit(resource int, rlim uintptr) (r1 uintptr, e1 Errno) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func callsetrlimit(resource int, rlim uintptr) (r1 uintptr, e1 Errno) { - r1 = uintptr(C.setrlimit(C.int(resource), C.uintptr_t(rlim))) - e1 = syscall.GetErrno() - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func calllseek(fd int, offset int64, whence int) (r1 uintptr, e1 Errno) { r1 = uintptr(C.lseek(C.int(fd), C.longlong(offset), C.int(whence))) e1 = syscall.GetErrno() diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go index a29ffdd56..4037ccf7a 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go @@ -1992,6 +1992,31 @@ var libc_select_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func Setattrlist(path string, attrlist *Attrlist, attrBuf []byte, options int) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + var _p1 unsafe.Pointer + if len(attrBuf) > 0 { + _p1 = unsafe.Pointer(&attrBuf[0]) + } else { + _p1 = unsafe.Pointer(&_zero) + } + _, _, e1 := syscall_syscall6(libc_setattrlist_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(attrlist)), uintptr(_p1), uintptr(len(attrBuf)), uintptr(options), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_setattrlist_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func Setegid(egid int) (err error) { _, _, e1 := syscall_syscall(libc_setegid_trampoline_addr, uintptr(egid), 0, 0) if e1 != 0 { @@ -2123,20 +2148,6 @@ var libc_setreuid_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -var libc_setrlimit_trampoline_addr uintptr - -//go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := syscall_rawSyscall(libc_setsid_trampoline_addr, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s index 95fe4c0eb..4baaed0bc 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s @@ -705,6 +705,11 @@ TEXT libc_select_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_select_trampoline_addr(SB), RODATA, $8 DATA ·libc_select_trampoline_addr(SB)/8, $libc_select_trampoline<>(SB) +TEXT libc_setattrlist_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_setattrlist(SB) +GLOBL ·libc_setattrlist_trampoline_addr(SB), RODATA, $8 +DATA ·libc_setattrlist_trampoline_addr(SB)/8, $libc_setattrlist_trampoline<>(SB) + TEXT libc_setegid_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setegid(SB) @@ -759,12 +764,6 @@ TEXT libc_setreuid_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_setreuid_trampoline_addr(SB), RODATA, $8 DATA ·libc_setreuid_trampoline_addr(SB)/8, $libc_setreuid_trampoline<>(SB) -TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0 - JMP libc_setrlimit(SB) - -GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $8 -DATA ·libc_setrlimit_trampoline_addr(SB)/8, $libc_setrlimit_trampoline<>(SB) - TEXT libc_setsid_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setsid(SB) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go index 2fd4590bb..51d6f3fb2 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go @@ -1992,6 +1992,31 @@ var libc_select_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func Setattrlist(path string, attrlist *Attrlist, attrBuf []byte, options int) (err error) { + var _p0 *byte + _p0, err = BytePtrFromString(path) + if err != nil { + return + } + var _p1 unsafe.Pointer + if len(attrBuf) > 0 { + _p1 = unsafe.Pointer(&attrBuf[0]) + } else { + _p1 = unsafe.Pointer(&_zero) + } + _, _, e1 := syscall_syscall6(libc_setattrlist_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(attrlist)), uintptr(_p1), uintptr(len(attrBuf)), uintptr(options), 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +var libc_setattrlist_trampoline_addr uintptr + +//go:cgo_import_dynamic libc_setattrlist setattrlist "/usr/lib/libSystem.B.dylib" + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func Setegid(egid int) (err error) { _, _, e1 := syscall_syscall(libc_setegid_trampoline_addr, uintptr(egid), 0, 0) if e1 != 0 { @@ -2123,20 +2148,6 @@ var libc_setreuid_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -var libc_setrlimit_trampoline_addr uintptr - -//go:cgo_import_dynamic libc_setrlimit setrlimit "/usr/lib/libSystem.B.dylib" - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := syscall_rawSyscall(libc_setsid_trampoline_addr, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s index efa5b4c98..c3b82c037 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s @@ -705,6 +705,11 @@ TEXT libc_select_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_select_trampoline_addr(SB), RODATA, $8 DATA ·libc_select_trampoline_addr(SB)/8, $libc_select_trampoline<>(SB) +TEXT libc_setattrlist_trampoline<>(SB),NOSPLIT,$0-0 + JMP libc_setattrlist(SB) +GLOBL ·libc_setattrlist_trampoline_addr(SB), RODATA, $8 +DATA ·libc_setattrlist_trampoline_addr(SB)/8, $libc_setattrlist_trampoline<>(SB) + TEXT libc_setegid_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setegid(SB) @@ -759,12 +764,6 @@ TEXT libc_setreuid_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_setreuid_trampoline_addr(SB), RODATA, $8 DATA ·libc_setreuid_trampoline_addr(SB)/8, $libc_setreuid_trampoline<>(SB) -TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0 - JMP libc_setrlimit(SB) - -GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $8 -DATA ·libc_setrlimit_trampoline_addr(SB)/8, $libc_setrlimit_trampoline<>(SB) - TEXT libc_setsid_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setsid(SB) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go index 3b8513470..0eabac7ad 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go @@ -1410,16 +1410,6 @@ func Setresuid(ruid int, euid int, suid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go index 112906562..ee313eb00 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go @@ -1645,16 +1645,6 @@ func Setresuid(ruid int, euid int, suid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go index 55f5abfe5..4c986e448 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go @@ -1645,16 +1645,6 @@ func Setresuid(ruid int, euid int, suid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go index d39651c2b..555216944 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go @@ -1645,16 +1645,6 @@ func Setresuid(ruid int, euid int, suid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go index ddb740868..67a226fbf 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go @@ -1645,16 +1645,6 @@ func Setresuid(ruid int, euid int, suid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go index 09a53a616..f0b9ddaaa 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go @@ -1645,16 +1645,6 @@ func Setresuid(ruid int, euid int, suid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go index 430cb24de..da63d9d78 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go @@ -1346,16 +1346,6 @@ func PivotRoot(newroot string, putold string) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) { - _, _, e1 := RawSyscall6(SYS_PRLIMIT64, uintptr(pid), uintptr(resource), uintptr(unsafe.Pointer(newlimit)), uintptr(unsafe.Pointer(old)), 0, 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) { _, _, e1 := Syscall6(SYS_PRCTL, uintptr(option), uintptr(arg2), uintptr(arg3), uintptr(arg4), uintptr(arg5), 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go index c81b0ad47..07b549cc2 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go @@ -411,16 +411,6 @@ func getrlimit(resource int, rlim *rlimit32) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func setrlimit(resource int, rlim *rlimit32) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func futimesat(dirfd int, path string, times *[2]Timeval) (err error) { var _p0 *byte _p0, err = BytePtrFromString(path) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go index 2206bce7f..5f481bf83 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go @@ -334,16 +334,6 @@ func setfsuid(uid int) (prev int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Shutdown(fd int, how int) (err error) { _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go index edf6b39f1..824cd52c7 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go @@ -578,16 +578,6 @@ func getrlimit(resource int, rlim *rlimit32) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func setrlimit(resource int, rlim *rlimit32) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func armSyncFileRange(fd int, flags int, off int64, n int64) (err error) { _, _, e1 := Syscall6(SYS_ARM_SYNC_FILE_RANGE, uintptr(fd), uintptr(flags), uintptr(off), uintptr(off>>32), uintptr(n), uintptr(n>>32)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go index 190609f21..e77aecfe9 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go @@ -289,16 +289,6 @@ func setfsuid(uid int) (prev int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func setrlimit(resource int, rlim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Shutdown(fd int, how int) (err error) { _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go index 5f984cbb1..961a3afb7 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go @@ -644,16 +644,6 @@ func getrlimit(resource int, rlim *rlimit32) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func setrlimit(resource int, rlim *rlimit32) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Alarm(seconds uint) (remaining uint, err error) { r0, _, e1 := Syscall(SYS_ALARM, uintptr(seconds), 0, 0) remaining = uint(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go index 46fc380a4..ed05005e9 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go @@ -278,16 +278,6 @@ func setfsuid(uid int) (prev int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Shutdown(fd int, how int) (err error) { _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go index cbd0d4dad..d365b718f 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go @@ -278,16 +278,6 @@ func setfsuid(uid int) (prev int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Shutdown(fd int, how int) (err error) { _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go index 0c13d15f0..c3f1b8bbd 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go @@ -644,16 +644,6 @@ func getrlimit(resource int, rlim *rlimit32) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func setrlimit(resource int, rlim *rlimit32) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Alarm(seconds uint) (remaining uint, err error) { r0, _, e1 := Syscall(SYS_ALARM, uintptr(seconds), 0, 0) remaining = uint(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go index e01432aed..a6574cf98 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go @@ -624,16 +624,6 @@ func getrlimit(resource int, rlim *rlimit32) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func setrlimit(resource int, rlim *rlimit32) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func syncFileRange2(fd int, flags int, off int64, n int64) (err error) { _, _, e1 := Syscall6(SYS_SYNC_FILE_RANGE2, uintptr(fd), uintptr(flags), uintptr(off>>32), uintptr(off), uintptr(n>>32), uintptr(n)) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go index 13c7ee7ba..f40990264 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go @@ -349,16 +349,6 @@ func setfsuid(uid int) (prev int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Shutdown(fd int, how int) (err error) { _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go index 02d0c0fd6..9dfcc2997 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go @@ -349,16 +349,6 @@ func setfsuid(uid int) (prev int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Shutdown(fd int, how int) (err error) { _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go index 9fee3b1d2..0b2923958 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go @@ -269,16 +269,6 @@ func setfsuid(uid int) (prev int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Shutdown(fd int, how int) (err error) { _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go index 647bbfecd..6cde32237 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go @@ -319,16 +319,6 @@ func setfsuid(uid int) (prev int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Splice(rfd int, roff *int64, wfd int, woff *int64, len int, flags int) (n int64, err error) { r0, _, e1 := Syscall6(SYS_SPLICE, uintptr(rfd), uintptr(unsafe.Pointer(roff)), uintptr(wfd), uintptr(unsafe.Pointer(woff)), uintptr(len), uintptr(flags)) n = int64(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go index ada057f89..5253d65bf 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go @@ -329,16 +329,6 @@ func setfsuid(uid int) (prev int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(resource int, rlim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Shutdown(fd int, how int) (err error) { _, _, e1 := Syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go index 8e1d9c8f6..cdb2af5ae 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go @@ -1607,16 +1607,6 @@ func Setreuid(ruid int, euid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go index 21c695040..9d25f76b0 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go @@ -1607,16 +1607,6 @@ func Setreuid(ruid int, euid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go index 298168f90..d3f803516 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go @@ -1607,16 +1607,6 @@ func Setreuid(ruid int, euid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go index 68b8bd492..887188a52 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go @@ -1607,16 +1607,6 @@ func Setreuid(ruid int, euid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := RawSyscall(SYS_SETRLIMIT, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := RawSyscall(SYS_SETSID, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go index 0b0f910e1..6699a783e 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go @@ -1894,20 +1894,6 @@ var libc_setresuid_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -var libc_setrlimit_trampoline_addr uintptr - -//go:cgo_import_dynamic libc_setrlimit setrlimit "libc.so" - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setrtable(rtable int) (err error) { _, _, e1 := syscall_rawSyscall(libc_setrtable_trampoline_addr, uintptr(rtable), 0, 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s index 087444250..04f0de34b 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s @@ -573,11 +573,6 @@ TEXT libc_setresuid_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_setresuid_trampoline_addr(SB), RODATA, $4 DATA ·libc_setresuid_trampoline_addr(SB)/4, $libc_setresuid_trampoline<>(SB) -TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0 - JMP libc_setrlimit(SB) -GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $4 -DATA ·libc_setrlimit_trampoline_addr(SB)/4, $libc_setrlimit_trampoline<>(SB) - TEXT libc_setrtable_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setrtable(SB) GLOBL ·libc_setrtable_trampoline_addr(SB), RODATA, $4 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go index 48ff5de75..1e775fe05 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go @@ -1894,20 +1894,6 @@ var libc_setresuid_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -var libc_setrlimit_trampoline_addr uintptr - -//go:cgo_import_dynamic libc_setrlimit setrlimit "libc.so" - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setrtable(rtable int) (err error) { _, _, e1 := syscall_rawSyscall(libc_setrtable_trampoline_addr, uintptr(rtable), 0, 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s index 5782cd108..27b6f4df7 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s @@ -573,11 +573,6 @@ TEXT libc_setresuid_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_setresuid_trampoline_addr(SB), RODATA, $8 DATA ·libc_setresuid_trampoline_addr(SB)/8, $libc_setresuid_trampoline<>(SB) -TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0 - JMP libc_setrlimit(SB) -GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $8 -DATA ·libc_setrlimit_trampoline_addr(SB)/8, $libc_setrlimit_trampoline<>(SB) - TEXT libc_setrtable_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setrtable(SB) GLOBL ·libc_setrtable_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go index 2452a641d..7f6427899 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go @@ -1894,20 +1894,6 @@ var libc_setresuid_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -var libc_setrlimit_trampoline_addr uintptr - -//go:cgo_import_dynamic libc_setrlimit setrlimit "libc.so" - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setrtable(rtable int) (err error) { _, _, e1 := syscall_rawSyscall(libc_setrtable_trampoline_addr, uintptr(rtable), 0, 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s index cf310420c..b797045fd 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s @@ -573,11 +573,6 @@ TEXT libc_setresuid_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_setresuid_trampoline_addr(SB), RODATA, $4 DATA ·libc_setresuid_trampoline_addr(SB)/4, $libc_setresuid_trampoline<>(SB) -TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0 - JMP libc_setrlimit(SB) -GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $4 -DATA ·libc_setrlimit_trampoline_addr(SB)/4, $libc_setrlimit_trampoline<>(SB) - TEXT libc_setrtable_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setrtable(SB) GLOBL ·libc_setrtable_trampoline_addr(SB), RODATA, $4 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go index 5e35600a6..756ef7b17 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go @@ -1894,20 +1894,6 @@ var libc_setresuid_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -var libc_setrlimit_trampoline_addr uintptr - -//go:cgo_import_dynamic libc_setrlimit setrlimit "libc.so" - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setrtable(rtable int) (err error) { _, _, e1 := syscall_rawSyscall(libc_setrtable_trampoline_addr, uintptr(rtable), 0, 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s index 484bb42e0..a87126622 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s @@ -573,11 +573,6 @@ TEXT libc_setresuid_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_setresuid_trampoline_addr(SB), RODATA, $8 DATA ·libc_setresuid_trampoline_addr(SB)/8, $libc_setresuid_trampoline<>(SB) -TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0 - JMP libc_setrlimit(SB) -GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $8 -DATA ·libc_setrlimit_trampoline_addr(SB)/8, $libc_setrlimit_trampoline<>(SB) - TEXT libc_setrtable_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setrtable(SB) GLOBL ·libc_setrtable_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go index b04cef1a1..7bc2e24eb 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go @@ -1894,20 +1894,6 @@ var libc_setresuid_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -var libc_setrlimit_trampoline_addr uintptr - -//go:cgo_import_dynamic libc_setrlimit setrlimit "libc.so" - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setrtable(rtable int) (err error) { _, _, e1 := syscall_rawSyscall(libc_setrtable_trampoline_addr, uintptr(rtable), 0, 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s index 55af27263..05d4bffd7 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s @@ -573,11 +573,6 @@ TEXT libc_setresuid_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_setresuid_trampoline_addr(SB), RODATA, $8 DATA ·libc_setresuid_trampoline_addr(SB)/8, $libc_setresuid_trampoline<>(SB) -TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0 - JMP libc_setrlimit(SB) -GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $8 -DATA ·libc_setrlimit_trampoline_addr(SB)/8, $libc_setrlimit_trampoline<>(SB) - TEXT libc_setrtable_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setrtable(SB) GLOBL ·libc_setrtable_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go index 47a07ee0c..739be6217 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go @@ -1894,20 +1894,6 @@ var libc_setresuid_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -var libc_setrlimit_trampoline_addr uintptr - -//go:cgo_import_dynamic libc_setrlimit setrlimit "libc.so" - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setrtable(rtable int) (err error) { _, _, e1 := syscall_rawSyscall(libc_setrtable_trampoline_addr, uintptr(rtable), 0, 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s index 4028255b0..74a25f8d6 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s @@ -687,12 +687,6 @@ TEXT libc_setresuid_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_setresuid_trampoline_addr(SB), RODATA, $8 DATA ·libc_setresuid_trampoline_addr(SB)/8, $libc_setresuid_trampoline<>(SB) -TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0 - CALL libc_setrlimit(SB) - RET -GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $8 -DATA ·libc_setrlimit_trampoline_addr(SB)/8, $libc_setrlimit_trampoline<>(SB) - TEXT libc_setrtable_trampoline<>(SB),NOSPLIT,$0-0 CALL libc_setrtable(SB) RET diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go index 573378fdb..7d95a1978 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go @@ -1894,20 +1894,6 @@ var libc_setresuid_trampoline_addr uintptr // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := syscall_rawSyscall(libc_setrlimit_trampoline_addr, uintptr(which), uintptr(unsafe.Pointer(lim)), 0) - if e1 != 0 { - err = errnoErr(e1) - } - return -} - -var libc_setrlimit_trampoline_addr uintptr - -//go:cgo_import_dynamic libc_setrlimit setrlimit "libc.so" - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setrtable(rtable int) (err error) { _, _, e1 := syscall_rawSyscall(libc_setrtable_trampoline_addr, uintptr(rtable), 0, 0) if e1 != 0 { diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s index e1fbd4dfa..990be2457 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s +++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s @@ -573,11 +573,6 @@ TEXT libc_setresuid_trampoline<>(SB),NOSPLIT,$0-0 GLOBL ·libc_setresuid_trampoline_addr(SB), RODATA, $8 DATA ·libc_setresuid_trampoline_addr(SB)/8, $libc_setresuid_trampoline<>(SB) -TEXT libc_setrlimit_trampoline<>(SB),NOSPLIT,$0-0 - JMP libc_setrlimit(SB) -GLOBL ·libc_setrlimit_trampoline_addr(SB), RODATA, $8 -DATA ·libc_setrlimit_trampoline_addr(SB)/8, $libc_setrlimit_trampoline<>(SB) - TEXT libc_setrtable_trampoline<>(SB),NOSPLIT,$0-0 JMP libc_setrtable(SB) GLOBL ·libc_setrtable_trampoline_addr(SB), RODATA, $8 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go index 4873a1e5d..609d1c598 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go @@ -110,7 +110,6 @@ import ( //go:cgo_import_dynamic libc_setpriority setpriority "libc.so" //go:cgo_import_dynamic libc_setregid setregid "libc.so" //go:cgo_import_dynamic libc_setreuid setreuid "libc.so" -//go:cgo_import_dynamic libc_setrlimit setrlimit "libc.so" //go:cgo_import_dynamic libc_setsid setsid "libc.so" //go:cgo_import_dynamic libc_setuid setuid "libc.so" //go:cgo_import_dynamic libc_shutdown shutdown "libsocket.so" @@ -250,7 +249,6 @@ import ( //go:linkname procSetpriority libc_setpriority //go:linkname procSetregid libc_setregid //go:linkname procSetreuid libc_setreuid -//go:linkname procSetrlimit libc_setrlimit //go:linkname procSetsid libc_setsid //go:linkname procSetuid libc_setuid //go:linkname procshutdown libc_shutdown @@ -391,7 +389,6 @@ var ( procSetpriority, procSetregid, procSetreuid, - procSetrlimit, procSetsid, procSetuid, procshutdown, @@ -646,7 +643,7 @@ func __minor(version int, dev uint64) (val uint) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ioctlRet(fd int, req uint, arg uintptr) (ret int, err error) { +func ioctlRet(fd int, req int, arg uintptr) (ret int, err error) { r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procioctl)), 3, uintptr(fd), uintptr(req), uintptr(arg), 0, 0, 0) ret = int(r0) if e1 != 0 { @@ -657,7 +654,7 @@ func ioctlRet(fd int, req uint, arg uintptr) (ret int, err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ioctlPtrRet(fd int, req uint, arg unsafe.Pointer) (ret int, err error) { +func ioctlPtrRet(fd int, req int, arg unsafe.Pointer) (ret int, err error) { r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procioctl)), 3, uintptr(fd), uintptr(req), uintptr(arg), 0, 0, 0) ret = int(r0) if e1 != 0 { @@ -1650,16 +1647,6 @@ func Setreuid(ruid int, euid int) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func Setrlimit(which int, lim *Rlimit) (err error) { - _, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetrlimit)), 2, uintptr(which), uintptr(unsafe.Pointer(lim)), 0, 0, 0, 0) - if e1 != 0 { - err = e1 - } - return -} - -// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT - func Setsid() (pid int, err error) { r0, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetsid)), 0, 0, 0, 0, 0, 0, 0) pid = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go index 07bfe2ef9..c31681743 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go @@ -257,7 +257,7 @@ func munmap(addr uintptr, length uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ioctl(fd int, req uint, arg uintptr) (err error) { +func ioctl(fd int, req int, arg uintptr) (err error) { _, _, e1 := syscall_syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) if e1 != 0 { err = errnoErr(e1) @@ -267,7 +267,7 @@ func ioctl(fd int, req uint, arg uintptr) (err error) { // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT -func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) { +func ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) { _, _, e1 := syscall_syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg)) if e1 != 0 { err = errnoErr(e1) diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go index e2a64f099..690cefc3d 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go @@ -151,6 +151,16 @@ type Dirent struct { _ [3]byte } +type Attrlist struct { + Bitmapcount uint16 + Reserved uint16 + Commonattr uint32 + Volattr uint32 + Dirattr uint32 + Fileattr uint32 + Forkattr uint32 +} + const ( PathMax = 0x400 ) @@ -610,6 +620,7 @@ const ( AT_REMOVEDIR = 0x80 AT_SYMLINK_FOLLOW = 0x40 AT_SYMLINK_NOFOLLOW = 0x20 + AT_EACCESS = 0x10 ) type PollFd struct { diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go index 34aa77521..5bffc10ea 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go +++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go @@ -151,6 +151,16 @@ type Dirent struct { _ [3]byte } +type Attrlist struct { + Bitmapcount uint16 + Reserved uint16 + Commonattr uint32 + Volattr uint32 + Dirattr uint32 + Fileattr uint32 + Forkattr uint32 +} + const ( PathMax = 0x400 ) @@ -610,6 +620,7 @@ const ( AT_REMOVEDIR = 0x80 AT_SYMLINK_FOLLOW = 0x40 AT_SYMLINK_NOFOLLOW = 0x20 + AT_EACCESS = 0x10 ) type PollFd struct { diff --git a/vendor/golang.org/x/sys/windows/env_windows.go b/vendor/golang.org/x/sys/windows/env_windows.go index 92ac05ff4..b8ad19250 100644 --- a/vendor/golang.org/x/sys/windows/env_windows.go +++ b/vendor/golang.org/x/sys/windows/env_windows.go @@ -37,14 +37,14 @@ func (token Token) Environ(inheritExisting bool) (env []string, err error) { return nil, err } defer DestroyEnvironmentBlock(block) - blockp := uintptr(unsafe.Pointer(block)) + blockp := unsafe.Pointer(block) for { - entry := UTF16PtrToString((*uint16)(unsafe.Pointer(blockp))) + entry := UTF16PtrToString((*uint16)(blockp)) if len(entry) == 0 { break } env = append(env, entry) - blockp += 2 * (uintptr(len(entry)) + 1) + blockp = unsafe.Add(blockp, 2*(len(entry)+1)) } return env, nil } diff --git a/vendor/golang.org/x/sys/windows/exec_windows.go b/vendor/golang.org/x/sys/windows/exec_windows.go index 75980fd44..a52e0331d 100644 --- a/vendor/golang.org/x/sys/windows/exec_windows.go +++ b/vendor/golang.org/x/sys/windows/exec_windows.go @@ -95,12 +95,17 @@ func ComposeCommandLine(args []string) string { // DecomposeCommandLine breaks apart its argument command line into unescaped parts using CommandLineToArgv, // as gathered from GetCommandLine, QUERY_SERVICE_CONFIG's BinaryPathName argument, or elsewhere that // command lines are passed around. +// DecomposeCommandLine returns error if commandLine contains NUL. func DecomposeCommandLine(commandLine string) ([]string, error) { if len(commandLine) == 0 { return []string{}, nil } + utf16CommandLine, err := UTF16FromString(commandLine) + if err != nil { + return nil, errorspkg.New("string with NUL passed to DecomposeCommandLine") + } var argc int32 - argv, err := CommandLineToArgv(StringToUTF16Ptr(commandLine), &argc) + argv, err := CommandLineToArgv(&utf16CommandLine[0], &argc) if err != nil { return nil, err } diff --git a/vendor/golang.org/x/sys/windows/service.go b/vendor/golang.org/x/sys/windows/service.go index f8deca839..c964b6848 100644 --- a/vendor/golang.org/x/sys/windows/service.go +++ b/vendor/golang.org/x/sys/windows/service.go @@ -141,6 +141,12 @@ const ( SERVICE_DYNAMIC_INFORMATION_LEVEL_START_REASON = 1 ) +type ENUM_SERVICE_STATUS struct { + ServiceName *uint16 + DisplayName *uint16 + ServiceStatus SERVICE_STATUS +} + type SERVICE_STATUS struct { ServiceType uint32 CurrentState uint32 @@ -245,3 +251,4 @@ type QUERY_SERVICE_LOCK_STATUS struct { //sys UnsubscribeServiceChangeNotifications(subscription uintptr) = sechost.UnsubscribeServiceChangeNotifications? //sys RegisterServiceCtrlHandlerEx(serviceName *uint16, handlerProc uintptr, context uintptr) (handle Handle, err error) = advapi32.RegisterServiceCtrlHandlerExW //sys QueryServiceDynamicInformation(service Handle, infoLevel uint32, dynamicInfo unsafe.Pointer) (err error) = advapi32.QueryServiceDynamicInformation? +//sys EnumDependentServices(service Handle, activityState uint32, services *ENUM_SERVICE_STATUS, buffSize uint32, bytesNeeded *uint32, servicesReturned *uint32) (err error) = advapi32.EnumDependentServicesW diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go index 857acf103..88e62a638 100644 --- a/vendor/golang.org/x/sys/windows/types_windows.go +++ b/vendor/golang.org/x/sys/windows/types_windows.go @@ -2220,19 +2220,23 @@ type JOBOBJECT_BASIC_UI_RESTRICTIONS struct { } const ( - // JobObjectInformationClass + // JobObjectInformationClass for QueryInformationJobObject and SetInformationJobObject JobObjectAssociateCompletionPortInformation = 7 + JobObjectBasicAccountingInformation = 1 + JobObjectBasicAndIoAccountingInformation = 8 JobObjectBasicLimitInformation = 2 + JobObjectBasicProcessIdList = 3 JobObjectBasicUIRestrictions = 4 JobObjectCpuRateControlInformation = 15 JobObjectEndOfJobTimeInformation = 6 JobObjectExtendedLimitInformation = 9 JobObjectGroupInformation = 11 JobObjectGroupInformationEx = 14 - JobObjectLimitViolationInformation2 = 35 + JobObjectLimitViolationInformation = 13 + JobObjectLimitViolationInformation2 = 34 JobObjectNetRateControlInformation = 32 JobObjectNotificationLimitInformation = 12 - JobObjectNotificationLimitInformation2 = 34 + JobObjectNotificationLimitInformation2 = 33 JobObjectSecurityLimitInformation = 5 ) diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go index 6d2a26853..a81ea2c70 100644 --- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go +++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go @@ -86,6 +86,7 @@ var ( procDeleteService = modadvapi32.NewProc("DeleteService") procDeregisterEventSource = modadvapi32.NewProc("DeregisterEventSource") procDuplicateTokenEx = modadvapi32.NewProc("DuplicateTokenEx") + procEnumDependentServicesW = modadvapi32.NewProc("EnumDependentServicesW") procEnumServicesStatusExW = modadvapi32.NewProc("EnumServicesStatusExW") procEqualSid = modadvapi32.NewProc("EqualSid") procFreeSid = modadvapi32.NewProc("FreeSid") @@ -734,6 +735,14 @@ func DuplicateTokenEx(existingToken Token, desiredAccess uint32, tokenAttributes return } +func EnumDependentServices(service Handle, activityState uint32, services *ENUM_SERVICE_STATUS, buffSize uint32, bytesNeeded *uint32, servicesReturned *uint32) (err error) { + r1, _, e1 := syscall.Syscall6(procEnumDependentServicesW.Addr(), 6, uintptr(service), uintptr(activityState), uintptr(unsafe.Pointer(services)), uintptr(buffSize), uintptr(unsafe.Pointer(bytesNeeded)), uintptr(unsafe.Pointer(servicesReturned))) + if r1 == 0 { + err = errnoErr(e1) + } + return +} + func EnumServicesStatusEx(mgr Handle, infoLevel uint32, serviceType uint32, serviceState uint32, services *byte, bufSize uint32, bytesNeeded *uint32, servicesReturned *uint32, resumeHandle *uint32, groupName *uint16) (err error) { r1, _, e1 := syscall.Syscall12(procEnumServicesStatusExW.Addr(), 10, uintptr(mgr), uintptr(infoLevel), uintptr(serviceType), uintptr(serviceState), uintptr(unsafe.Pointer(services)), uintptr(bufSize), uintptr(unsafe.Pointer(bytesNeeded)), uintptr(unsafe.Pointer(servicesReturned)), uintptr(unsafe.Pointer(resumeHandle)), uintptr(unsafe.Pointer(groupName)), 0, 0) if r1 == 0 { diff --git a/vendor/golang.org/x/text/unicode/norm/forminfo.go b/vendor/golang.org/x/text/unicode/norm/forminfo.go index d69ccb4f9..487335d14 100644 --- a/vendor/golang.org/x/text/unicode/norm/forminfo.go +++ b/vendor/golang.org/x/text/unicode/norm/forminfo.go @@ -13,7 +13,7 @@ import "encoding/binary" // a rune to a uint16. The values take two forms. For v >= 0x8000: // bits // 15: 1 (inverse of NFD_QC bit of qcInfo) -// 13..7: qcInfo (see below). isYesD is always true (no decompostion). +// 13..7: qcInfo (see below). isYesD is always true (no decomposition). // 6..0: ccc (compressed CCC value). // For v < 0x8000, the respective rune has a decomposition and v is an index // into a byte array of UTF-8 decomposition sequences and additional info and diff --git a/vendor/k8s.io/klog/v2/contextual.go b/vendor/k8s.io/klog/v2/contextual.go index 2428963c0..005513f2a 100644 --- a/vendor/k8s.io/klog/v2/contextual.go +++ b/vendor/k8s.io/klog/v2/contextual.go @@ -70,11 +70,14 @@ func SetLogger(logger logr.Logger) { // routing log entries through klogr into klog and then into the actual Logger // backend. func SetLoggerWithOptions(logger logr.Logger, opts ...LoggerOption) { - logging.logger = &logger logging.loggerOptions = loggerOptions{} for _, opt := range opts { opt(&logging.loggerOptions) } + logging.logger = &logWriter{ + Logger: logger, + writeKlogBuffer: logging.loggerOptions.writeKlogBuffer, + } } // ContextualLogger determines whether the logger passed to @@ -93,6 +96,22 @@ func FlushLogger(flush func()) LoggerOption { } } +// WriteKlogBuffer sets a callback that will be invoked by klog to write output +// produced by non-structured log calls like Infof. +// +// The buffer will contain exactly the same data that klog normally would write +// into its own output stream(s). In particular this includes the header, if +// klog is configured to write one. The callback then can divert that data into +// its own output streams. The buffer may or may not end in a line break. +// +// Without such a callback, klog will call the logger's Info or Error method +// with just the message string (i.e. no header). +func WriteKlogBuffer(write func([]byte)) LoggerOption { + return func(o *loggerOptions) { + o.writeKlogBuffer = write + } +} + // LoggerOption implements the functional parameter paradigm for // SetLoggerWithOptions. type LoggerOption func(o *loggerOptions) @@ -100,6 +119,13 @@ type LoggerOption func(o *loggerOptions) type loggerOptions struct { contextualLogger bool flush func() + writeKlogBuffer func([]byte) +} + +// logWriter combines a logger (always set) with a write callback (optional). +type logWriter struct { + Logger + writeKlogBuffer func([]byte) } // ClearLogger removes a backing Logger implementation if one was set earlier @@ -152,7 +178,7 @@ func Background() Logger { if logging.loggerOptions.contextualLogger { // Is non-nil because logging.loggerOptions.contextualLogger is // only true if a logger was set. - return *logging.logger + return logging.logger.Logger } return klogLogger diff --git a/vendor/k8s.io/klog/v2/format.go b/vendor/k8s.io/klog/v2/format.go new file mode 100644 index 000000000..63995ca6d --- /dev/null +++ b/vendor/k8s.io/klog/v2/format.go @@ -0,0 +1,65 @@ +/* +Copyright 2023 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package klog + +import ( + "encoding/json" + "fmt" + "strings" + + "github.com/go-logr/logr" +) + +// Format wraps a value of an arbitrary type and implement fmt.Stringer and +// logr.Marshaler for them. Stringer returns pretty-printed JSON. MarshalLog +// returns the original value with a type that has no special methods, in +// particular no MarshalLog or MarshalJSON. +// +// Wrapping values like that is useful when the value has a broken +// implementation of these special functions (for example, a type which +// inherits String from TypeMeta, but then doesn't re-implement String) or the +// implementation produces output that is less readable or unstructured (for +// example, the generated String functions for Kubernetes API types). +func Format(obj interface{}) interface{} { + return formatAny{Object: obj} +} + +type formatAny struct { + Object interface{} +} + +func (f formatAny) String() string { + var buffer strings.Builder + encoder := json.NewEncoder(&buffer) + encoder.SetIndent("", " ") + if err := encoder.Encode(&f.Object); err != nil { + return fmt.Sprintf("error marshaling %T to JSON: %v", f, err) + } + return buffer.String() +} + +func (f formatAny) MarshalLog() interface{} { + // Returning a pointer to a pointer ensures that zapr doesn't find a + // fmt.Stringer or logr.Marshaler when it checks the type of the + // value. It then falls back to reflection, which dumps the value being + // pointed to (JSON doesn't have pointers). + ptr := &f.Object + return &ptr +} + +var _ fmt.Stringer = formatAny{} +var _ logr.Marshaler = formatAny{} diff --git a/vendor/k8s.io/klog/v2/internal/buffer/buffer.go b/vendor/k8s.io/klog/v2/internal/buffer/buffer.go index ac88682a2..f325ded5e 100644 --- a/vendor/k8s.io/klog/v2/internal/buffer/buffer.go +++ b/vendor/k8s.io/klog/v2/internal/buffer/buffer.go @@ -40,44 +40,33 @@ type Buffer struct { next *Buffer } -// Buffers manages the reuse of individual buffer instances. It is thread-safe. -type Buffers struct { - // mu protects the free list. It is separate from the main mutex - // so buffers can be grabbed and printed to without holding the main lock, - // for better parallelization. - mu sync.Mutex - - // freeList is a list of byte buffers, maintained under mu. - freeList *Buffer +var buffers = sync.Pool{ + New: func() interface{} { + return new(Buffer) + }, } // GetBuffer returns a new, ready-to-use buffer. -func (bl *Buffers) GetBuffer() *Buffer { - bl.mu.Lock() - b := bl.freeList - if b != nil { - bl.freeList = b.next - } - bl.mu.Unlock() - if b == nil { - b = new(Buffer) - } else { - b.next = nil - b.Reset() - } +func GetBuffer() *Buffer { + b := buffers.Get().(*Buffer) + b.Reset() return b } // PutBuffer returns a buffer to the free list. -func (bl *Buffers) PutBuffer(b *Buffer) { +func PutBuffer(b *Buffer) { if b.Len() >= 256 { - // Let big buffers die a natural death. + // Let big buffers die a natural death, without relying on + // sync.Pool behavior. The documentation implies that items may + // get deallocated while stored there ("If the Pool holds the + // only reference when this [= be removed automatically] + // happens, the item might be deallocated."), but + // https://github.com/golang/go/issues/23199 leans more towards + // having such a size limit. return } - bl.mu.Lock() - b.next = bl.freeList - bl.freeList = b - bl.mu.Unlock() + + buffers.Put(b) } // Some custom tiny helper functions to print the log header efficiently. @@ -121,7 +110,8 @@ func (buf *Buffer) someDigits(i, d int) int { return copy(buf.Tmp[i:], buf.Tmp[j:]) } -// FormatHeader formats a log header using the provided file name and line number. +// FormatHeader formats a log header using the provided file name and line number +// and writes it into the buffer. func (buf *Buffer) FormatHeader(s severity.Severity, file string, line int, now time.Time) { if line < 0 { line = 0 // not a real line number, but acceptable to someDigits @@ -157,3 +147,30 @@ func (buf *Buffer) FormatHeader(s severity.Severity, file string, line int, now buf.Tmp[n+2] = ' ' buf.Write(buf.Tmp[:n+3]) } + +// SprintHeader formats a log header and returns a string. This is a simpler +// version of FormatHeader for use in ktesting. +func (buf *Buffer) SprintHeader(s severity.Severity, now time.Time) string { + if s > severity.FatalLog { + s = severity.InfoLog // for safety. + } + + // Avoid Fprintf, for speed. The format is so simple that we can do it quickly by hand. + // It's worth about 3X. Fprintf is hard. + _, month, day := now.Date() + hour, minute, second := now.Clock() + // Lmmdd hh:mm:ss.uuuuuu threadid file:line] + buf.Tmp[0] = severity.Char[s] + buf.twoDigits(1, int(month)) + buf.twoDigits(3, day) + buf.Tmp[5] = ' ' + buf.twoDigits(6, hour) + buf.Tmp[8] = ':' + buf.twoDigits(9, minute) + buf.Tmp[11] = ':' + buf.twoDigits(12, second) + buf.Tmp[14] = '.' + buf.nDigits(6, 15, now.Nanosecond()/1000, '0') + buf.Tmp[21] = ']' + return string(buf.Tmp[:22]) +} diff --git a/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go index ad6bf1116..bcdf5f8ee 100644 --- a/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go +++ b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go @@ -18,12 +18,17 @@ package serialize import ( "bytes" + "encoding/json" "fmt" "strconv" "github.com/go-logr/logr" ) +type textWriter interface { + WriteText(*bytes.Buffer) +} + // WithValues implements LogSink.WithValues. The old key/value pairs are // assumed to be well-formed, the new ones are checked and padded if // necessary. It returns a new slice. @@ -91,11 +96,66 @@ func MergeKVs(first, second []interface{}) []interface{} { return merged } +type Formatter struct { + AnyToStringHook AnyToStringFunc +} + +type AnyToStringFunc func(v interface{}) string + +// MergeKVsInto is a variant of MergeKVs which directly formats the key/value +// pairs into a buffer. +func (f Formatter) MergeAndFormatKVs(b *bytes.Buffer, first, second []interface{}) { + if len(first) == 0 && len(second) == 0 { + // Nothing to do at all. + return + } + + if len(first) == 0 && len(second)%2 == 0 { + // Nothing to be overridden, second slice is well-formed + // and can be used directly. + for i := 0; i < len(second); i += 2 { + f.KVFormat(b, second[i], second[i+1]) + } + return + } + + // Determine which keys are in the second slice so that we can skip + // them when iterating over the first one. The code intentionally + // favors performance over completeness: we assume that keys are string + // constants and thus compare equal when the string values are equal. A + // string constant being overridden by, for example, a fmt.Stringer is + // not handled. + overrides := map[interface{}]bool{} + for i := 0; i < len(second); i += 2 { + overrides[second[i]] = true + } + for i := 0; i < len(first); i += 2 { + key := first[i] + if overrides[key] { + continue + } + f.KVFormat(b, key, first[i+1]) + } + // Round down. + l := len(second) + l = l / 2 * 2 + for i := 1; i < l; i += 2 { + f.KVFormat(b, second[i-1], second[i]) + } + if len(second)%2 == 1 { + f.KVFormat(b, second[len(second)-1], missingValue) + } +} + +func MergeAndFormatKVs(b *bytes.Buffer, first, second []interface{}) { + Formatter{}.MergeAndFormatKVs(b, first, second) +} + const missingValue = "(MISSING)" // KVListFormat serializes all key/value pairs into the provided buffer. // A space gets inserted before the first pair and between each pair. -func KVListFormat(b *bytes.Buffer, keysAndValues ...interface{}) { +func (f Formatter) KVListFormat(b *bytes.Buffer, keysAndValues ...interface{}) { for i := 0; i < len(keysAndValues); i += 2 { var v interface{} k := keysAndValues[i] @@ -104,67 +164,104 @@ func KVListFormat(b *bytes.Buffer, keysAndValues ...interface{}) { } else { v = missingValue } - b.WriteByte(' ') - // Keys are assumed to be well-formed according to - // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/migration-to-structured-logging.md#name-arguments - // for the sake of performance. Keys with spaces, - // special characters, etc. will break parsing. - if sK, ok := k.(string); ok { - // Avoid one allocation when the key is a string, which - // normally it should be. - b.WriteString(sK) - } else { - b.WriteString(fmt.Sprintf("%s", k)) - } + f.KVFormat(b, k, v) + } +} + +func KVListFormat(b *bytes.Buffer, keysAndValues ...interface{}) { + Formatter{}.KVListFormat(b, keysAndValues...) +} + +// KVFormat serializes one key/value pair into the provided buffer. +// A space gets inserted before the pair. +func (f Formatter) KVFormat(b *bytes.Buffer, k, v interface{}) { + b.WriteByte(' ') + // Keys are assumed to be well-formed according to + // https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/migration-to-structured-logging.md#name-arguments + // for the sake of performance. Keys with spaces, + // special characters, etc. will break parsing. + if sK, ok := k.(string); ok { + // Avoid one allocation when the key is a string, which + // normally it should be. + b.WriteString(sK) + } else { + b.WriteString(fmt.Sprintf("%s", k)) + } - // The type checks are sorted so that more frequently used ones - // come first because that is then faster in the common - // cases. In Kubernetes, ObjectRef (a Stringer) is more common - // than plain strings - // (https://github.com/kubernetes/kubernetes/pull/106594#issuecomment-975526235). - switch v := v.(type) { - case fmt.Stringer: - writeStringValue(b, true, StringerToString(v)) + // The type checks are sorted so that more frequently used ones + // come first because that is then faster in the common + // cases. In Kubernetes, ObjectRef (a Stringer) is more common + // than plain strings + // (https://github.com/kubernetes/kubernetes/pull/106594#issuecomment-975526235). + switch v := v.(type) { + case textWriter: + writeTextWriterValue(b, v) + case fmt.Stringer: + writeStringValue(b, StringerToString(v)) + case string: + writeStringValue(b, v) + case error: + writeStringValue(b, ErrorToString(v)) + case logr.Marshaler: + value := MarshalerToValue(v) + // A marshaler that returns a string is useful for + // delayed formatting of complex values. We treat this + // case like a normal string. This is useful for + // multi-line support. + // + // We could do this by recursively formatting a value, + // but that comes with the risk of infinite recursion + // if a marshaler returns itself. Instead we call it + // only once and rely on it returning the intended + // value directly. + switch value := value.(type) { case string: - writeStringValue(b, true, v) - case error: - writeStringValue(b, true, ErrorToString(v)) - case logr.Marshaler: - value := MarshalerToValue(v) - // A marshaler that returns a string is useful for - // delayed formatting of complex values. We treat this - // case like a normal string. This is useful for - // multi-line support. - // - // We could do this by recursively formatting a value, - // but that comes with the risk of infinite recursion - // if a marshaler returns itself. Instead we call it - // only once and rely on it returning the intended - // value directly. - switch value := value.(type) { - case string: - writeStringValue(b, true, value) - default: - writeStringValue(b, false, fmt.Sprintf("%+v", value)) - } - case []byte: - // In https://github.com/kubernetes/klog/pull/237 it was decided - // to format byte slices with "%+q". The advantages of that are: - // - readable output if the bytes happen to be printable - // - non-printable bytes get represented as unicode escape - // sequences (\uxxxx) - // - // The downsides are that we cannot use the faster - // strconv.Quote here and that multi-line output is not - // supported. If developers know that a byte array is - // printable and they want multi-line output, they can - // convert the value to string before logging it. - b.WriteByte('=') - b.WriteString(fmt.Sprintf("%+q", v)) + writeStringValue(b, value) default: - writeStringValue(b, false, fmt.Sprintf("%+v", v)) + f.formatAny(b, value) } + case []byte: + // In https://github.com/kubernetes/klog/pull/237 it was decided + // to format byte slices with "%+q". The advantages of that are: + // - readable output if the bytes happen to be printable + // - non-printable bytes get represented as unicode escape + // sequences (\uxxxx) + // + // The downsides are that we cannot use the faster + // strconv.Quote here and that multi-line output is not + // supported. If developers know that a byte array is + // printable and they want multi-line output, they can + // convert the value to string before logging it. + b.WriteByte('=') + b.WriteString(fmt.Sprintf("%+q", v)) + default: + f.formatAny(b, v) + } +} + +func KVFormat(b *bytes.Buffer, k, v interface{}) { + Formatter{}.KVFormat(b, k, v) +} + +// formatAny is the fallback formatter for a value. It supports a hook (for +// example, for YAML encoding) and itself uses JSON encoding. +func (f Formatter) formatAny(b *bytes.Buffer, v interface{}) { + b.WriteRune('=') + if f.AnyToStringHook != nil { + b.WriteString(f.AnyToStringHook(v)) + return + } + encoder := json.NewEncoder(b) + l := b.Len() + if err := encoder.Encode(v); err != nil { + // This shouldn't happen. We discard whatever the encoder + // wrote and instead dump an error string. + b.Truncate(l) + b.WriteString(fmt.Sprintf(`""`, err)) + return } + // Remove trailing newline. + b.Truncate(b.Len() - 1) } // StringerToString converts a Stringer to a string, @@ -203,18 +300,23 @@ func ErrorToString(err error) (ret string) { return } -func writeStringValue(b *bytes.Buffer, quote bool, v string) { +func writeTextWriterValue(b *bytes.Buffer, v textWriter) { + b.WriteByte('=') + defer func() { + if err := recover(); err != nil { + fmt.Fprintf(b, `""`, err) + } + }() + v.WriteText(b) +} + +func writeStringValue(b *bytes.Buffer, v string) { data := []byte(v) index := bytes.IndexByte(data, '\n') if index == -1 { b.WriteByte('=') - if quote { - // Simple string, quote quotation marks and non-printable characters. - b.WriteString(strconv.Quote(v)) - return - } - // Non-string with no line breaks. - b.WriteString(v) + // Simple string, quote quotation marks and non-printable characters. + b.WriteString(strconv.Quote(v)) return } diff --git a/vendor/k8s.io/klog/v2/k8s_references.go b/vendor/k8s.io/klog/v2/k8s_references.go index 2c218f698..786af74bf 100644 --- a/vendor/k8s.io/klog/v2/k8s_references.go +++ b/vendor/k8s.io/klog/v2/k8s_references.go @@ -17,8 +17,10 @@ limitations under the License. package klog import ( + "bytes" "fmt" "reflect" + "strings" "github.com/go-logr/logr" ) @@ -31,11 +33,30 @@ type ObjectRef struct { func (ref ObjectRef) String() string { if ref.Namespace != "" { - return fmt.Sprintf("%s/%s", ref.Namespace, ref.Name) + var builder strings.Builder + builder.Grow(len(ref.Namespace) + len(ref.Name) + 1) + builder.WriteString(ref.Namespace) + builder.WriteRune('/') + builder.WriteString(ref.Name) + return builder.String() } return ref.Name } +func (ref ObjectRef) WriteText(out *bytes.Buffer) { + out.WriteRune('"') + ref.writeUnquoted(out) + out.WriteRune('"') +} + +func (ref ObjectRef) writeUnquoted(out *bytes.Buffer) { + if ref.Namespace != "" { + out.WriteString(ref.Namespace) + out.WriteRune('/') + } + out.WriteString(ref.Name) +} + // MarshalLog ensures that loggers with support for structured output will log // as a struct by removing the String method via a custom type. func (ref ObjectRef) MarshalLog() interface{} { @@ -117,31 +138,31 @@ var _ fmt.Stringer = kobjSlice{} var _ logr.Marshaler = kobjSlice{} func (ks kobjSlice) String() string { - objectRefs, err := ks.process() - if err != nil { - return err.Error() + objectRefs, errStr := ks.process() + if errStr != "" { + return errStr } return fmt.Sprintf("%v", objectRefs) } func (ks kobjSlice) MarshalLog() interface{} { - objectRefs, err := ks.process() - if err != nil { - return err.Error() + objectRefs, errStr := ks.process() + if errStr != "" { + return errStr } return objectRefs } -func (ks kobjSlice) process() ([]interface{}, error) { +func (ks kobjSlice) process() (objs []interface{}, err string) { s := reflect.ValueOf(ks.arg) switch s.Kind() { case reflect.Invalid: // nil parameter, print as nil. - return nil, nil + return nil, "" case reflect.Slice: // Okay, handle below. default: - return nil, fmt.Errorf("", ks.arg) + return nil, fmt.Sprintf("", ks.arg) } objectRefs := make([]interface{}, 0, s.Len()) for i := 0; i < s.Len(); i++ { @@ -151,8 +172,41 @@ func (ks kobjSlice) process() ([]interface{}, error) { } else if v, ok := item.(KMetadata); ok { objectRefs = append(objectRefs, KObj(v)) } else { - return nil, fmt.Errorf("", item) + return nil, fmt.Sprintf("", item) + } + } + return objectRefs, "" +} + +var nilToken = []byte("null") + +func (ks kobjSlice) WriteText(out *bytes.Buffer) { + s := reflect.ValueOf(ks.arg) + switch s.Kind() { + case reflect.Invalid: + // nil parameter, print as null. + out.Write(nilToken) + return + case reflect.Slice: + // Okay, handle below. + default: + fmt.Fprintf(out, `""`, ks.arg) + return + } + out.Write([]byte{'['}) + defer out.Write([]byte{']'}) + for i := 0; i < s.Len(); i++ { + if i > 0 { + out.Write([]byte{','}) + } + item := s.Index(i).Interface() + if item == nil { + out.Write(nilToken) + } else if v, ok := item.(KMetadata); ok { + KObj(v).WriteText(out) + } else { + fmt.Fprintf(out, `""`, item) + return } } - return objectRefs, nil } diff --git a/vendor/k8s.io/klog/v2/klog.go b/vendor/k8s.io/klog/v2/klog.go index 1bd11b675..152f8a6bd 100644 --- a/vendor/k8s.io/klog/v2/klog.go +++ b/vendor/k8s.io/klog/v2/klog.go @@ -91,8 +91,6 @@ import ( "sync/atomic" "time" - "github.com/go-logr/logr" - "k8s.io/klog/v2/internal/buffer" "k8s.io/klog/v2/internal/clock" "k8s.io/klog/v2/internal/dbg" @@ -453,7 +451,7 @@ type settings struct { // logger is the global Logger chosen by users of klog, nil if // none is available. - logger *Logger + logger *logWriter // loggerOptions contains the options that were supplied for // globalLogger. @@ -525,6 +523,11 @@ func (s settings) deepCopy() settings { } s.vmodule.filter = filter + if s.logger != nil { + logger := *s.logger + s.logger = &logger + } + return s } @@ -532,11 +535,6 @@ func (s settings) deepCopy() settings { type loggingT struct { settings - // bufferCache maintains the free list. It uses its own mutex - // so buffers can be grabbed and printed to without holding the main lock, - // for better parallelization. - bufferCache buffer.Buffers - // flushD holds a flushDaemon that frequently flushes log file buffers. // Uses its own mutex. flushD *flushDaemon @@ -664,7 +662,7 @@ func (l *loggingT) header(s severity.Severity, depth int) (*buffer.Buffer, strin // formatHeader formats a log header using the provided file name and line number. func (l *loggingT) formatHeader(s severity.Severity, file string, line int) *buffer.Buffer { - buf := l.bufferCache.GetBuffer() + buf := buffer.GetBuffer() if l.skipHeaders { return buf } @@ -673,17 +671,18 @@ func (l *loggingT) formatHeader(s severity.Severity, file string, line int) *buf return buf } -func (l *loggingT) println(s severity.Severity, logger *logr.Logger, filter LogFilter, args ...interface{}) { +func (l *loggingT) println(s severity.Severity, logger *logWriter, filter LogFilter, args ...interface{}) { l.printlnDepth(s, logger, filter, 1, args...) } -func (l *loggingT) printlnDepth(s severity.Severity, logger *logr.Logger, filter LogFilter, depth int, args ...interface{}) { +func (l *loggingT) printlnDepth(s severity.Severity, logger *logWriter, filter LogFilter, depth int, args ...interface{}) { buf, file, line := l.header(s, depth) - // if logger is set, we clear the generated header as we rely on the backing - // logger implementation to print headers - if logger != nil { - l.bufferCache.PutBuffer(buf) - buf = l.bufferCache.GetBuffer() + // If a logger is set and doesn't support writing a formatted buffer, + // we clear the generated header as we rely on the backing + // logger implementation to print headers. + if logger != nil && logger.writeKlogBuffer == nil { + buffer.PutBuffer(buf) + buf = buffer.GetBuffer() } if filter != nil { args = filter.Filter(args) @@ -692,17 +691,18 @@ func (l *loggingT) printlnDepth(s severity.Severity, logger *logr.Logger, filter l.output(s, logger, buf, depth, file, line, false) } -func (l *loggingT) print(s severity.Severity, logger *logr.Logger, filter LogFilter, args ...interface{}) { +func (l *loggingT) print(s severity.Severity, logger *logWriter, filter LogFilter, args ...interface{}) { l.printDepth(s, logger, filter, 1, args...) } -func (l *loggingT) printDepth(s severity.Severity, logger *logr.Logger, filter LogFilter, depth int, args ...interface{}) { +func (l *loggingT) printDepth(s severity.Severity, logger *logWriter, filter LogFilter, depth int, args ...interface{}) { buf, file, line := l.header(s, depth) - // if logr is set, we clear the generated header as we rely on the backing - // logr implementation to print headers - if logger != nil { - l.bufferCache.PutBuffer(buf) - buf = l.bufferCache.GetBuffer() + // If a logger is set and doesn't support writing a formatted buffer, + // we clear the generated header as we rely on the backing + // logger implementation to print headers. + if logger != nil && logger.writeKlogBuffer == nil { + buffer.PutBuffer(buf) + buf = buffer.GetBuffer() } if filter != nil { args = filter.Filter(args) @@ -714,17 +714,18 @@ func (l *loggingT) printDepth(s severity.Severity, logger *logr.Logger, filter L l.output(s, logger, buf, depth, file, line, false) } -func (l *loggingT) printf(s severity.Severity, logger *logr.Logger, filter LogFilter, format string, args ...interface{}) { +func (l *loggingT) printf(s severity.Severity, logger *logWriter, filter LogFilter, format string, args ...interface{}) { l.printfDepth(s, logger, filter, 1, format, args...) } -func (l *loggingT) printfDepth(s severity.Severity, logger *logr.Logger, filter LogFilter, depth int, format string, args ...interface{}) { +func (l *loggingT) printfDepth(s severity.Severity, logger *logWriter, filter LogFilter, depth int, format string, args ...interface{}) { buf, file, line := l.header(s, depth) - // if logr is set, we clear the generated header as we rely on the backing - // logr implementation to print headers - if logger != nil { - l.bufferCache.PutBuffer(buf) - buf = l.bufferCache.GetBuffer() + // If a logger is set and doesn't support writing a formatted buffer, + // we clear the generated header as we rely on the backing + // logger implementation to print headers. + if logger != nil && logger.writeKlogBuffer == nil { + buffer.PutBuffer(buf) + buf = buffer.GetBuffer() } if filter != nil { format, args = filter.FilterF(format, args) @@ -739,13 +740,14 @@ func (l *loggingT) printfDepth(s severity.Severity, logger *logr.Logger, filter // printWithFileLine behaves like print but uses the provided file and line number. If // alsoLogToStderr is true, the log message always appears on standard error; it // will also appear in the log file unless --logtostderr is set. -func (l *loggingT) printWithFileLine(s severity.Severity, logger *logr.Logger, filter LogFilter, file string, line int, alsoToStderr bool, args ...interface{}) { +func (l *loggingT) printWithFileLine(s severity.Severity, logger *logWriter, filter LogFilter, file string, line int, alsoToStderr bool, args ...interface{}) { buf := l.formatHeader(s, file, line) - // if logr is set, we clear the generated header as we rely on the backing - // logr implementation to print headers - if logger != nil { - l.bufferCache.PutBuffer(buf) - buf = l.bufferCache.GetBuffer() + // If a logger is set and doesn't support writing a formatted buffer, + // we clear the generated header as we rely on the backing + // logger implementation to print headers. + if logger != nil && logger.writeKlogBuffer == nil { + buffer.PutBuffer(buf) + buf = buffer.GetBuffer() } if filter != nil { args = filter.Filter(args) @@ -758,7 +760,7 @@ func (l *loggingT) printWithFileLine(s severity.Severity, logger *logr.Logger, f } // if loggr is specified, will call loggr.Error, otherwise output with logging module. -func (l *loggingT) errorS(err error, logger *logr.Logger, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) { +func (l *loggingT) errorS(err error, logger *logWriter, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) { if filter != nil { msg, keysAndValues = filter.FilterS(msg, keysAndValues) } @@ -770,7 +772,7 @@ func (l *loggingT) errorS(err error, logger *logr.Logger, filter LogFilter, dept } // if loggr is specified, will call loggr.Info, otherwise output with logging module. -func (l *loggingT) infoS(logger *logr.Logger, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) { +func (l *loggingT) infoS(logger *logWriter, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) { if filter != nil { msg, keysAndValues = filter.FilterS(msg, keysAndValues) } @@ -785,7 +787,7 @@ func (l *loggingT) infoS(logger *logr.Logger, filter LogFilter, depth int, msg s // set log severity by s func (l *loggingT) printS(err error, s severity.Severity, depth int, msg string, keysAndValues ...interface{}) { // Only create a new buffer if we don't have one cached. - b := l.bufferCache.GetBuffer() + b := buffer.GetBuffer() // The message is always quoted, even if it contains line breaks. // If developers want multi-line output, they should use a small, fixed // message and put the multi-line output into a value. @@ -796,7 +798,7 @@ func (l *loggingT) printS(err error, s severity.Severity, depth int, msg string, serialize.KVListFormat(&b.Buffer, keysAndValues...) l.printDepth(s, logging.logger, nil, depth+1, &b.Buffer) // Make the buffer available for reuse. - l.bufferCache.PutBuffer(b) + buffer.PutBuffer(b) } // redirectBuffer is used to set an alternate destination for the logs @@ -851,7 +853,7 @@ func LogToStderr(stderr bool) { } // output writes the data to the log files and releases the buffer. -func (l *loggingT) output(s severity.Severity, log *logr.Logger, buf *buffer.Buffer, depth int, file string, line int, alsoToStderr bool) { +func (l *loggingT) output(s severity.Severity, logger *logWriter, buf *buffer.Buffer, depth int, file string, line int, alsoToStderr bool) { var isLocked = true l.mu.Lock() defer func() { @@ -867,13 +869,17 @@ func (l *loggingT) output(s severity.Severity, log *logr.Logger, buf *buffer.Buf } } data := buf.Bytes() - if log != nil { - // TODO: set 'severity' and caller information as structured log info - // keysAndValues := []interface{}{"severity", severityName[s], "file", file, "line", line} - if s == severity.ErrorLog { - logging.logger.WithCallDepth(depth+3).Error(nil, string(data)) + if logger != nil { + if logger.writeKlogBuffer != nil { + logger.writeKlogBuffer(data) } else { - log.WithCallDepth(depth + 3).Info(string(data)) + // TODO: set 'severity' and caller information as structured log info + // keysAndValues := []interface{}{"severity", severityName[s], "file", file, "line", line} + if s == severity.ErrorLog { + logger.WithCallDepth(depth+3).Error(nil, string(data)) + } else { + logger.WithCallDepth(depth + 3).Info(string(data)) + } } } else if l.toStderr { os.Stderr.Write(data) @@ -948,7 +954,7 @@ func (l *loggingT) output(s severity.Severity, log *logr.Logger, buf *buffer.Buf timeoutFlush(ExitFlushTimeout) OsExit(255) // C++ uses -1, which is silly because it's anded with 255 anyway. } - l.bufferCache.PutBuffer(buf) + buffer.PutBuffer(buf) if stats := severityStats[s]; stats != nil { atomic.AddInt64(&stats.lines, 1) @@ -1222,6 +1228,19 @@ func CopyStandardLogTo(name string) { stdLog.SetOutput(logBridge(sev)) } +// NewStandardLogger returns a Logger that writes to the klog logs for the +// named and lower severities. +// +// Valid names are "INFO", "WARNING", "ERROR", and "FATAL". If the name is not +// recognized, NewStandardLogger panics. +func NewStandardLogger(name string) *stdLog.Logger { + sev, ok := severity.ByName(name) + if !ok { + panic(fmt.Sprintf("klog.NewStandardLogger(%q): unknown severity", name)) + } + return stdLog.New(logBridge(sev), "", stdLog.Lshortfile) +} + // logBridge provides the Write method that enables CopyStandardLogTo to connect // Go's standard logs to the logs provided by this package. type logBridge severity.Severity @@ -1282,7 +1301,7 @@ func (l *loggingT) setV(pc uintptr) Level { // See the documentation of V for more information. type Verbose struct { enabled bool - logr *logr.Logger + logger *logWriter } func newVerbose(level Level, b bool) Verbose { @@ -1290,7 +1309,7 @@ func newVerbose(level Level, b bool) Verbose { return Verbose{b, nil} } v := logging.logger.V(int(level)) - return Verbose{b, &v} + return Verbose{b, &logWriter{Logger: v, writeKlogBuffer: logging.loggerOptions.writeKlogBuffer}} } // V reports whether verbosity at the call site is at least the requested level. @@ -1313,6 +1332,13 @@ func newVerbose(level Level, b bool) Verbose { // less than or equal to the value of the -vmodule pattern matching the source file // containing the call. func V(level Level) Verbose { + return VDepth(1, level) +} + +// VDepth is a variant of V that accepts a number of stack frames that will be +// skipped when checking the -vmodule patterns. VDepth(0) is equivalent to +// V(). +func VDepth(depth int, level Level) Verbose { // This function tries hard to be cheap unless there's work to do. // The fast path is two atomic loads and compares. @@ -1329,7 +1355,7 @@ func V(level Level) Verbose { // but if V logging is enabled we're slow anyway. logging.mu.Lock() defer logging.mu.Unlock() - if runtime.Callers(2, logging.pcs[:]) == 0 { + if runtime.Callers(2+depth, logging.pcs[:]) == 0 { return newVerbose(level, false) } // runtime.Callers returns "return PCs", but we want @@ -1357,7 +1383,7 @@ func (v Verbose) Enabled() bool { // See the documentation of V for usage. func (v Verbose) Info(args ...interface{}) { if v.enabled { - logging.print(severity.InfoLog, v.logr, logging.filter, args...) + logging.print(severity.InfoLog, v.logger, logging.filter, args...) } } @@ -1365,7 +1391,7 @@ func (v Verbose) Info(args ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfoDepth(depth int, args ...interface{}) { if v.enabled { - logging.printDepth(severity.InfoLog, v.logr, logging.filter, depth, args...) + logging.printDepth(severity.InfoLog, v.logger, logging.filter, depth, args...) } } @@ -1373,7 +1399,7 @@ func (v Verbose) InfoDepth(depth int, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) Infoln(args ...interface{}) { if v.enabled { - logging.println(severity.InfoLog, v.logr, logging.filter, args...) + logging.println(severity.InfoLog, v.logger, logging.filter, args...) } } @@ -1381,7 +1407,7 @@ func (v Verbose) Infoln(args ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfolnDepth(depth int, args ...interface{}) { if v.enabled { - logging.printlnDepth(severity.InfoLog, v.logr, logging.filter, depth, args...) + logging.printlnDepth(severity.InfoLog, v.logger, logging.filter, depth, args...) } } @@ -1389,7 +1415,7 @@ func (v Verbose) InfolnDepth(depth int, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) Infof(format string, args ...interface{}) { if v.enabled { - logging.printf(severity.InfoLog, v.logr, logging.filter, format, args...) + logging.printf(severity.InfoLog, v.logger, logging.filter, format, args...) } } @@ -1397,7 +1423,7 @@ func (v Verbose) Infof(format string, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfofDepth(depth int, format string, args ...interface{}) { if v.enabled { - logging.printfDepth(severity.InfoLog, v.logr, logging.filter, depth, format, args...) + logging.printfDepth(severity.InfoLog, v.logger, logging.filter, depth, format, args...) } } @@ -1405,7 +1431,7 @@ func (v Verbose) InfofDepth(depth int, format string, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfoS(msg string, keysAndValues ...interface{}) { if v.enabled { - logging.infoS(v.logr, logging.filter, 0, msg, keysAndValues...) + logging.infoS(v.logger, logging.filter, 0, msg, keysAndValues...) } } @@ -1419,14 +1445,14 @@ func InfoSDepth(depth int, msg string, keysAndValues ...interface{}) { // See the documentation of V for usage. func (v Verbose) InfoSDepth(depth int, msg string, keysAndValues ...interface{}) { if v.enabled { - logging.infoS(v.logr, logging.filter, depth, msg, keysAndValues...) + logging.infoS(v.logger, logging.filter, depth, msg, keysAndValues...) } } // Deprecated: Use ErrorS instead. func (v Verbose) Error(err error, msg string, args ...interface{}) { if v.enabled { - logging.errorS(err, v.logr, logging.filter, 0, msg, args...) + logging.errorS(err, v.logger, logging.filter, 0, msg, args...) } } @@ -1434,7 +1460,7 @@ func (v Verbose) Error(err error, msg string, args ...interface{}) { // See the documentation of V for usage. func (v Verbose) ErrorS(err error, msg string, keysAndValues ...interface{}) { if v.enabled { - logging.errorS(err, v.logr, logging.filter, 0, msg, keysAndValues...) + logging.errorS(err, v.logger, logging.filter, 0, msg, keysAndValues...) } } diff --git a/vendor/k8s.io/klog/v2/klogr.go b/vendor/k8s.io/klog/v2/klogr.go index 027a4014a..15de00e21 100644 --- a/vendor/k8s.io/klog/v2/klogr.go +++ b/vendor/k8s.io/klog/v2/klogr.go @@ -42,19 +42,21 @@ func (l *klogger) Init(info logr.RuntimeInfo) { l.callDepth += info.CallDepth } -func (l klogger) Info(level int, msg string, kvList ...interface{}) { +func (l *klogger) Info(level int, msg string, kvList ...interface{}) { merged := serialize.MergeKVs(l.values, kvList) if l.prefix != "" { msg = l.prefix + ": " + msg } - V(Level(level)).InfoSDepth(l.callDepth+1, msg, merged...) + // Skip this function. + VDepth(l.callDepth+1, Level(level)).InfoSDepth(l.callDepth+1, msg, merged...) } -func (l klogger) Enabled(level int) bool { - return V(Level(level)).Enabled() +func (l *klogger) Enabled(level int) bool { + // Skip this function and logr.Logger.Info where Enabled is called. + return VDepth(l.callDepth+2, Level(level)).Enabled() } -func (l klogger) Error(err error, msg string, kvList ...interface{}) { +func (l *klogger) Error(err error, msg string, kvList ...interface{}) { merged := serialize.MergeKVs(l.values, kvList) if l.prefix != "" { msg = l.prefix + ": " + msg diff --git a/vendor/modules.txt b/vendor/modules.txt index 091151fb7..a1a77fc65 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -36,7 +36,7 @@ github.com/getsentry/sentry-go github.com/getsentry/sentry-go/internal/crypto/randutil github.com/getsentry/sentry-go/internal/debug github.com/getsentry/sentry-go/internal/ratelimit -# github.com/go-logr/logr v1.2.0 +# github.com/go-logr/logr v1.2.3 ## explicit; go 1.16 github.com/go-logr/logr # github.com/go-sql-driver/mysql v1.7.1 @@ -45,9 +45,8 @@ github.com/go-sql-driver/mysql # github.com/golang/protobuf v1.5.3 ## explicit; go 1.9 github.com/golang/protobuf/proto -github.com/golang/protobuf/ptypes/timestamp -# github.com/google/certificate-transparency-go v1.1.4 -## explicit; go 1.17 +# github.com/google/certificate-transparency-go v1.1.6 +## explicit; go 1.19 github.com/google/certificate-transparency-go github.com/google/certificate-transparency-go/asn1 github.com/google/certificate-transparency-go/client @@ -75,7 +74,7 @@ github.com/kylelemons/go-gypsy/yaml github.com/lib/pq github.com/lib/pq/oid github.com/lib/pq/scram -# github.com/mattn/go-sqlite3 v1.14.15 +# github.com/mattn/go-sqlite3 v1.14.16 ## explicit; go 1.16 github.com/mattn/go-sqlite3 # github.com/matttproud/golang_protobuf_extensions v1.0.4 @@ -93,8 +92,8 @@ github.com/prometheus/client_golang/prometheus github.com/prometheus/client_golang/prometheus/internal github.com/prometheus/client_golang/prometheus/promauto github.com/prometheus/client_golang/prometheus/promhttp -# github.com/prometheus/client_model v0.3.0 -## explicit; go 1.9 +# github.com/prometheus/client_model v0.4.0 +## explicit; go 1.18 github.com/prometheus/client_model/go # github.com/prometheus/common v0.42.0 ## explicit; go 1.18 @@ -144,7 +143,7 @@ github.com/zmap/zlint/v3/lints/etsi github.com/zmap/zlint/v3/lints/mozilla github.com/zmap/zlint/v3/lints/rfc github.com/zmap/zlint/v3/util -# golang.org/x/crypto v0.3.0 +# golang.org/x/crypto v0.8.0 ## explicit; go 1.17 golang.org/x/crypto/blowfish golang.org/x/crypto/chacha20 @@ -162,17 +161,17 @@ golang.org/x/crypto/pkcs12/internal/rc2 golang.org/x/crypto/scrypt golang.org/x/crypto/ssh golang.org/x/crypto/ssh/internal/bcrypt_pbkdf -# golang.org/x/net v0.7.0 +# golang.org/x/net v0.10.0 ## explicit; go 1.17 golang.org/x/net/context/ctxhttp golang.org/x/net/idna -# golang.org/x/sys v0.6.0 +# golang.org/x/sys v0.8.0 ## explicit; go 1.17 golang.org/x/sys/cpu golang.org/x/sys/internal/unsafeheader golang.org/x/sys/unix golang.org/x/sys/windows -# golang.org/x/text v0.7.0 +# golang.org/x/text v0.9.0 ## explicit; go 1.17 golang.org/x/text/secure/bidirule golang.org/x/text/transform @@ -211,7 +210,7 @@ google.golang.org/protobuf/types/known/timestamppb # gopkg.in/yaml.v3 v3.0.1 ## explicit gopkg.in/yaml.v3 -# k8s.io/klog/v2 v2.80.1 +# k8s.io/klog/v2 v2.100.1 ## explicit; go 1.13 k8s.io/klog/v2 k8s.io/klog/v2/internal/buffer From 7479ed6d29ba27e8e26cb4aa270d18c777d07932 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 May 2023 03:59:26 +0000 Subject: [PATCH 22/73] build(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.2 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.0 to 1.8.2. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.0...v1.8.2) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 +- .../stretchr/testify/assert/assertions.go | 78 ++++++++----------- vendor/modules.txt | 2 +- 4 files changed, 38 insertions(+), 48 deletions(-) diff --git a/go.mod b/go.mod index 25955da92..da916c361 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/lib/pq v1.10.9 github.com/mattn/go-sqlite3 v1.14.16 github.com/prometheus/client_golang v1.15.1 - github.com/stretchr/testify v1.8.0 + github.com/stretchr/testify v1.8.2 github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac github.com/zmap/zlint/v3 v3.4.1 golang.org/x/crypto v0.8.0 diff --git a/go.sum b/go.sum index da836c52d..27546b834 100644 --- a/go.sum +++ b/go.sum @@ -322,12 +322,14 @@ github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DM github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= +github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= diff --git a/vendor/github.com/stretchr/testify/assert/assertions.go b/vendor/github.com/stretchr/testify/assert/assertions.go index fa1245b18..2924cf3a1 100644 --- a/vendor/github.com/stretchr/testify/assert/assertions.go +++ b/vendor/github.com/stretchr/testify/assert/assertions.go @@ -8,7 +8,6 @@ import ( "fmt" "math" "os" - "path/filepath" "reflect" "regexp" "runtime" @@ -141,12 +140,11 @@ func CallerInfo() []string { } parts := strings.Split(file, "/") - file = parts[len(parts)-1] if len(parts) > 1 { + filename := parts[len(parts)-1] dir := parts[len(parts)-2] - if (dir != "assert" && dir != "mock" && dir != "require") || file == "mock_test.go" { - path, _ := filepath.Abs(file) - callers = append(callers, fmt.Sprintf("%s:%d", path, line)) + if (dir != "assert" && dir != "mock" && dir != "require") || filename == "mock_test.go" { + callers = append(callers, fmt.Sprintf("%s:%d", file, line)) } } @@ -530,7 +528,7 @@ func isNil(object interface{}) bool { []reflect.Kind{ reflect.Chan, reflect.Func, reflect.Interface, reflect.Map, - reflect.Ptr, reflect.Slice}, + reflect.Ptr, reflect.Slice, reflect.UnsafePointer}, kind) if isNilableKind && value.IsNil() { @@ -818,49 +816,44 @@ func Subset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok return true // we consider nil to be equal to the nil set } - defer func() { - if e := recover(); e != nil { - ok = false - } - }() - listKind := reflect.TypeOf(list).Kind() - subsetKind := reflect.TypeOf(subset).Kind() - if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...) } + subsetKind := reflect.TypeOf(subset).Kind() if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...) } - subsetValue := reflect.ValueOf(subset) if subsetKind == reflect.Map && listKind == reflect.Map { - listValue := reflect.ValueOf(list) - subsetKeys := subsetValue.MapKeys() + subsetMap := reflect.ValueOf(subset) + actualMap := reflect.ValueOf(list) - for i := 0; i < len(subsetKeys); i++ { - subsetKey := subsetKeys[i] - subsetElement := subsetValue.MapIndex(subsetKey).Interface() - listElement := listValue.MapIndex(subsetKey).Interface() + for _, k := range subsetMap.MapKeys() { + ev := subsetMap.MapIndex(k) + av := actualMap.MapIndex(k) - if !ObjectsAreEqual(subsetElement, listElement) { - return Fail(t, fmt.Sprintf("\"%s\" does not contain \"%s\"", list, subsetElement), msgAndArgs...) + if !av.IsValid() { + return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...) + } + if !ObjectsAreEqual(ev.Interface(), av.Interface()) { + return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...) } } return true } - for i := 0; i < subsetValue.Len(); i++ { - element := subsetValue.Index(i).Interface() + subsetList := reflect.ValueOf(subset) + for i := 0; i < subsetList.Len(); i++ { + element := subsetList.Index(i).Interface() ok, found := containsElement(list, element) if !ok { - return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", list), msgAndArgs...) + return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", list), msgAndArgs...) } if !found { - return Fail(t, fmt.Sprintf("\"%s\" does not contain \"%s\"", list, element), msgAndArgs...) + return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, element), msgAndArgs...) } } @@ -879,34 +872,28 @@ func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) return Fail(t, "nil is the empty set which is a subset of every set", msgAndArgs...) } - defer func() { - if e := recover(); e != nil { - ok = false - } - }() - listKind := reflect.TypeOf(list).Kind() - subsetKind := reflect.TypeOf(subset).Kind() - if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...) } + subsetKind := reflect.TypeOf(subset).Kind() if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map { return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...) } - subsetValue := reflect.ValueOf(subset) if subsetKind == reflect.Map && listKind == reflect.Map { - listValue := reflect.ValueOf(list) - subsetKeys := subsetValue.MapKeys() + subsetMap := reflect.ValueOf(subset) + actualMap := reflect.ValueOf(list) - for i := 0; i < len(subsetKeys); i++ { - subsetKey := subsetKeys[i] - subsetElement := subsetValue.MapIndex(subsetKey).Interface() - listElement := listValue.MapIndex(subsetKey).Interface() + for _, k := range subsetMap.MapKeys() { + ev := subsetMap.MapIndex(k) + av := actualMap.MapIndex(k) - if !ObjectsAreEqual(subsetElement, listElement) { + if !av.IsValid() { + return true + } + if !ObjectsAreEqual(ev.Interface(), av.Interface()) { return true } } @@ -914,8 +901,9 @@ func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) return Fail(t, fmt.Sprintf("%q is a subset of %q", subset, list), msgAndArgs...) } - for i := 0; i < subsetValue.Len(); i++ { - element := subsetValue.Index(i).Interface() + subsetList := reflect.ValueOf(subset) + for i := 0; i < subsetList.Len(); i++ { + element := subsetList.Index(i).Interface() ok, found := containsElement(list, element) if !ok { return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", list), msgAndArgs...) diff --git a/vendor/modules.txt b/vendor/modules.txt index a1a77fc65..674dcc228 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -107,7 +107,7 @@ github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/util # github.com/rogpeppe/go-internal v1.10.0 ## explicit; go 1.19 -# github.com/stretchr/testify v1.8.0 +# github.com/stretchr/testify v1.8.2 ## explicit; go 1.13 github.com/stretchr/testify/assert github.com/stretchr/testify/require From 21c13ab91a1a408559bac83af8989423cc62cfce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 May 2023 03:59:39 +0000 Subject: [PATCH 23/73] build(deps): bump golang.org/x/crypto from 0.8.0 to 0.9.0 Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.8.0 to 0.9.0. - [Commits](https://github.com/golang/crypto/compare/v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- vendor/golang.org/x/crypto/cryptobyte/asn1.go | 8 ++++++++ vendor/modules.txt | 2 +- 4 files changed, 12 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 25955da92..5d4827b68 100644 --- a/go.mod +++ b/go.mod @@ -17,7 +17,7 @@ require ( github.com/stretchr/testify v1.8.0 github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac github.com/zmap/zlint/v3 v3.4.1 - golang.org/x/crypto v0.8.0 + golang.org/x/crypto v0.9.0 ) require ( diff --git a/go.sum b/go.sum index da836c52d..e29b3399c 100644 --- a/go.sum +++ b/go.sum @@ -374,8 +374,8 @@ golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ= -golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE= +golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= +golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= diff --git a/vendor/golang.org/x/crypto/cryptobyte/asn1.go b/vendor/golang.org/x/crypto/cryptobyte/asn1.go index 3141a7f1b..6fc2838a3 100644 --- a/vendor/golang.org/x/crypto/cryptobyte/asn1.go +++ b/vendor/golang.org/x/crypto/cryptobyte/asn1.go @@ -431,6 +431,14 @@ func (s *String) readBase128Int(out *int) bool { } ret <<= 7 b := s.read(1)[0] + + // ITU-T X.690, section 8.19.2: + // The subidentifier shall be encoded in the fewest possible octets, + // that is, the leading octet of the subidentifier shall not have the value 0x80. + if i == 0 && b == 0x80 { + return false + } + ret |= int(b & 0x7f) if b&0x80 == 0 { *out = ret diff --git a/vendor/modules.txt b/vendor/modules.txt index a1a77fc65..d612269c7 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -143,7 +143,7 @@ github.com/zmap/zlint/v3/lints/etsi github.com/zmap/zlint/v3/lints/mozilla github.com/zmap/zlint/v3/lints/rfc github.com/zmap/zlint/v3/util -# golang.org/x/crypto v0.8.0 +# golang.org/x/crypto v0.9.0 ## explicit; go 1.17 golang.org/x/crypto/blowfish golang.org/x/crypto/chacha20 From b946db1ac1082b8a810d84535abb6566b9dda42b Mon Sep 17 00:00:00 2001 From: Nicky Semenza Date: Fri, 19 May 2023 13:44:28 -0700 Subject: [PATCH 24/73] reenable vcs stamping with docker image that supports it followup from #1290 --- .goreleaser.yml | 48 ------------------------------------------------ Makefile | 4 ++-- 2 files changed, 2 insertions(+), 50 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index d0f7aa0b1..682bc6667 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -18,8 +18,6 @@ builds: main: ./cmd/cfssl ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-linux binary: cfssl goos: @@ -32,8 +30,6 @@ builds: main: ./cmd/cfssl ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-windows binary: cfssl env: @@ -46,8 +42,6 @@ builds: main: ./cmd/cfssl ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-bundle-darwin binary: cfssl-bundle env: @@ -61,8 +55,6 @@ builds: main: ./cmd/cfssl-bundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-bundle-linux binary: cfssl-bundle goos: @@ -75,8 +67,6 @@ builds: main: ./cmd/cfssl-bundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-bundle-windows binary: cfssl-bundle env: @@ -89,8 +79,6 @@ builds: main: ./cmd/cfssl-bundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-certinfo-darwin binary: cfssl-certinfo env: @@ -104,8 +92,6 @@ builds: main: ./cmd/cfssl-certinfo ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-certinfo-linux binary: cfssl-certinfo goos: @@ -118,8 +104,6 @@ builds: main: ./cmd/cfssl-certinfo ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-certinfo-windows binary: cfssl-certinfo env: @@ -132,8 +116,6 @@ builds: main: ./cmd/cfssl-certinfo ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-newkey-darwin binary: cfssl-newkey env: @@ -147,8 +129,6 @@ builds: main: ./cmd/cfssl-newkey ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-newkey-linux binary: cfssl-newkey goos: @@ -161,8 +141,6 @@ builds: main: ./cmd/cfssl-newkey ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-newkey-windows binary: cfssl-newkey env: @@ -175,8 +153,6 @@ builds: main: ./cmd/cfssl-newkey ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-scan-darwin binary: cfssl-scan env: @@ -190,8 +166,6 @@ builds: main: ./cmd/cfssl-scan ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-scan-linux binary: cfssl-scan goos: @@ -204,8 +178,6 @@ builds: main: ./cmd/cfssl-scan ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssl-scan-windows binary: cfssl-scan env: @@ -218,8 +190,6 @@ builds: main: ./cmd/cfssl-scan ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssljson-darwin binary: cfssljson env: @@ -233,8 +203,6 @@ builds: main: ./cmd/cfssljson ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssljson-linux binary: cfssljson goos: @@ -247,8 +215,6 @@ builds: main: ./cmd/cfssljson ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: cfssljson-windows binary: cfssljson env: @@ -261,8 +227,6 @@ builds: main: ./cmd/cfssljson ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: mkbundle-darwin binary: mkbundle env: @@ -276,8 +240,6 @@ builds: main: ./cmd/mkbundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: mkbundle-linux binary: mkbundle goos: @@ -290,8 +252,6 @@ builds: main: ./cmd/mkbundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: mkbundle-windows binary: mkbundle env: @@ -304,8 +264,6 @@ builds: main: ./cmd/mkbundle ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: multirootca-darwin binary: multirootca env: @@ -319,8 +277,6 @@ builds: main: ./cmd/multirootca ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: multirootca-linux binary: multirootca goos: @@ -333,8 +289,6 @@ builds: main: ./cmd/multirootca ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false - id: multirootca-windows binary: multirootca env: @@ -347,8 +301,6 @@ builds: main: ./cmd/multirootca ldflags: - -s -w -X github.com/cloudflare/cfssl/cli/version.version={{.Version}} - flags: - - -buildvcs=false archives: - format: binary allow_different_binary_count: true # https://github.com/goreleaser/goreleaser/pull/1841 diff --git a/Makefile b/Makefile index fb1a9df2a..ca617b1a1 100644 --- a/Makefile +++ b/Makefile @@ -60,7 +60,7 @@ snapshot: --rm \ -v $(PWD):/cross \ -w /cross \ - ghcr.io/gythialy/golang-cross:latest --clean --snapshot --skip-publish + ghcr.io/goreleaser/goreleaser-cross:latest --clean --snapshot --skip-publish .PHONY: github-release github-release: @@ -71,7 +71,7 @@ github-release: -e GITHUB_TOKEN=$(GITHUB_TOKEN) \ -v $(PWD):/cross \ -w /cross \ - ghcr.io/gythialy/golang-cross:latest --clean + ghcr.io/goreleaser/goreleaser-cross:latest --clean .PHONY: docker-build docker-build: From 726dc22885143cf193c09beb89a06b2cce2cb768 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 May 2023 03:59:49 +0000 Subject: [PATCH 25/73] build(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 9 +- .../testify/assert/assertion_compare.go | 36 +- .../testify/assert/assertion_format.go | 216 +++++---- .../testify/assert/assertion_forward.go | 432 ++++++++++------- .../testify/assert/assertion_order.go | 24 +- .../stretchr/testify/assert/assertions.go | 306 +++++++++--- .../github.com/stretchr/testify/assert/doc.go | 43 +- .../testify/assert/http_assertions.go | 12 +- .../stretchr/testify/require/doc.go | 23 +- .../stretchr/testify/require/require.go | 444 +++++++++++------- .../testify/require/require_forward.go | 432 ++++++++++------- vendor/modules.txt | 4 +- 13 files changed, 1242 insertions(+), 741 deletions(-) diff --git a/go.mod b/go.mod index a23e8b1ff..71a80fd4c 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/lib/pq v1.10.9 github.com/mattn/go-sqlite3 v1.14.16 github.com/prometheus/client_golang v1.15.1 - github.com/stretchr/testify v1.8.2 + github.com/stretchr/testify v1.8.3 github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac github.com/zmap/zlint/v3 v3.4.1 golang.org/x/crypto v0.9.0 diff --git a/go.sum b/go.sum index f40a373d5..ee6cab168 100644 --- a/go.sum +++ b/go.sum @@ -321,15 +321,11 @@ github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8= -github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= +github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= @@ -664,7 +660,6 @@ gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20191120175047-4206685974f2/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/vendor/github.com/stretchr/testify/assert/assertion_compare.go b/vendor/github.com/stretchr/testify/assert/assertion_compare.go index 95d8e59da..b774da88d 100644 --- a/vendor/github.com/stretchr/testify/assert/assertion_compare.go +++ b/vendor/github.com/stretchr/testify/assert/assertion_compare.go @@ -352,9 +352,9 @@ func compare(obj1, obj2 interface{}, kind reflect.Kind) (CompareType, bool) { // Greater asserts that the first element is greater than the second // -// assert.Greater(t, 2, 1) -// assert.Greater(t, float64(2), float64(1)) -// assert.Greater(t, "b", "a") +// assert.Greater(t, 2, 1) +// assert.Greater(t, float64(2), float64(1)) +// assert.Greater(t, "b", "a") func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -364,10 +364,10 @@ func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface // GreaterOrEqual asserts that the first element is greater than or equal to the second // -// assert.GreaterOrEqual(t, 2, 1) -// assert.GreaterOrEqual(t, 2, 2) -// assert.GreaterOrEqual(t, "b", "a") -// assert.GreaterOrEqual(t, "b", "b") +// assert.GreaterOrEqual(t, 2, 1) +// assert.GreaterOrEqual(t, 2, 2) +// assert.GreaterOrEqual(t, "b", "a") +// assert.GreaterOrEqual(t, "b", "b") func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -377,9 +377,9 @@ func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...in // Less asserts that the first element is less than the second // -// assert.Less(t, 1, 2) -// assert.Less(t, float64(1), float64(2)) -// assert.Less(t, "a", "b") +// assert.Less(t, 1, 2) +// assert.Less(t, float64(1), float64(2)) +// assert.Less(t, "a", "b") func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -389,10 +389,10 @@ func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) // LessOrEqual asserts that the first element is less than or equal to the second // -// assert.LessOrEqual(t, 1, 2) -// assert.LessOrEqual(t, 2, 2) -// assert.LessOrEqual(t, "a", "b") -// assert.LessOrEqual(t, "b", "b") +// assert.LessOrEqual(t, 1, 2) +// assert.LessOrEqual(t, 2, 2) +// assert.LessOrEqual(t, "a", "b") +// assert.LessOrEqual(t, "b", "b") func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -402,8 +402,8 @@ func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...inter // Positive asserts that the specified element is positive // -// assert.Positive(t, 1) -// assert.Positive(t, 1.23) +// assert.Positive(t, 1) +// assert.Positive(t, 1.23) func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -414,8 +414,8 @@ func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) bool { // Negative asserts that the specified element is negative // -// assert.Negative(t, -1) -// assert.Negative(t, -1.23) +// assert.Negative(t, -1) +// assert.Negative(t, -1.23) func Negative(t TestingT, e interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() diff --git a/vendor/github.com/stretchr/testify/assert/assertion_format.go b/vendor/github.com/stretchr/testify/assert/assertion_format.go index 7880b8f94..84dbd6c79 100644 --- a/vendor/github.com/stretchr/testify/assert/assertion_format.go +++ b/vendor/github.com/stretchr/testify/assert/assertion_format.go @@ -22,9 +22,9 @@ func Conditionf(t TestingT, comp Comparison, msg string, args ...interface{}) bo // Containsf asserts that the specified string, list(array, slice...) or map contains the // specified substring or element. // -// assert.Containsf(t, "Hello World", "World", "error message %s", "formatted") -// assert.Containsf(t, ["Hello", "World"], "World", "error message %s", "formatted") -// assert.Containsf(t, {"Hello": "World"}, "Hello", "error message %s", "formatted") +// assert.Containsf(t, "Hello World", "World", "error message %s", "formatted") +// assert.Containsf(t, ["Hello", "World"], "World", "error message %s", "formatted") +// assert.Containsf(t, {"Hello": "World"}, "Hello", "error message %s", "formatted") func Containsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -56,7 +56,7 @@ func ElementsMatchf(t TestingT, listA interface{}, listB interface{}, msg string // Emptyf asserts that the specified object is empty. I.e. nil, "", false, 0 or either // a slice or a channel with len == 0. // -// assert.Emptyf(t, obj, "error message %s", "formatted") +// assert.Emptyf(t, obj, "error message %s", "formatted") func Emptyf(t TestingT, object interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -66,7 +66,7 @@ func Emptyf(t TestingT, object interface{}, msg string, args ...interface{}) boo // Equalf asserts that two objects are equal. // -// assert.Equalf(t, 123, 123, "error message %s", "formatted") +// assert.Equalf(t, 123, 123, "error message %s", "formatted") // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). Function equality @@ -81,8 +81,8 @@ func Equalf(t TestingT, expected interface{}, actual interface{}, msg string, ar // EqualErrorf asserts that a function returned an error (i.e. not `nil`) // and that it is equal to the provided error. // -// actualObj, err := SomeFunction() -// assert.EqualErrorf(t, err, expectedErrorString, "error message %s", "formatted") +// actualObj, err := SomeFunction() +// assert.EqualErrorf(t, err, expectedErrorString, "error message %s", "formatted") func EqualErrorf(t TestingT, theError error, errString string, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -90,10 +90,27 @@ func EqualErrorf(t TestingT, theError error, errString string, msg string, args return EqualError(t, theError, errString, append([]interface{}{msg}, args...)...) } +// EqualExportedValuesf asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// assert.EqualExportedValuesf(t, S{1, 2}, S{1, 3}, "error message %s", "formatted") => true +// assert.EqualExportedValuesf(t, S{1, 2}, S{2, 3}, "error message %s", "formatted") => false +func EqualExportedValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return EqualExportedValues(t, expected, actual, append([]interface{}{msg}, args...)...) +} + // EqualValuesf asserts that two objects are equal or convertable to the same types // and equal. // -// assert.EqualValuesf(t, uint32(123), int32(123), "error message %s", "formatted") +// assert.EqualValuesf(t, uint32(123), int32(123), "error message %s", "formatted") func EqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -103,10 +120,10 @@ func EqualValuesf(t TestingT, expected interface{}, actual interface{}, msg stri // Errorf asserts that a function returned an error (i.e. not `nil`). // -// actualObj, err := SomeFunction() -// if assert.Errorf(t, err, "error message %s", "formatted") { -// assert.Equal(t, expectedErrorf, err) -// } +// actualObj, err := SomeFunction() +// if assert.Errorf(t, err, "error message %s", "formatted") { +// assert.Equal(t, expectedErrorf, err) +// } func Errorf(t TestingT, err error, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -126,8 +143,8 @@ func ErrorAsf(t TestingT, err error, target interface{}, msg string, args ...int // ErrorContainsf asserts that a function returned an error (i.e. not `nil`) // and that the error contains the specified substring. // -// actualObj, err := SomeFunction() -// assert.ErrorContainsf(t, err, expectedErrorSubString, "error message %s", "formatted") +// actualObj, err := SomeFunction() +// assert.ErrorContainsf(t, err, expectedErrorSubString, "error message %s", "formatted") func ErrorContainsf(t TestingT, theError error, contains string, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -147,7 +164,7 @@ func ErrorIsf(t TestingT, err error, target error, msg string, args ...interface // Eventuallyf asserts that given condition will be met in waitFor time, // periodically checking target function each tick. // -// assert.Eventuallyf(t, func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +// assert.Eventuallyf(t, func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") func Eventuallyf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -155,9 +172,34 @@ func Eventuallyf(t TestingT, condition func() bool, waitFor time.Duration, tick return Eventually(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...) } +// EventuallyWithTf asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// assert.EventuallyWithTf(t, func(c *assert.CollectT, "error message %s", "formatted") { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func EventuallyWithTf(t TestingT, condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + return EventuallyWithT(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...) +} + // Exactlyf asserts that two objects are equal in value and type. // -// assert.Exactlyf(t, int32(123), int64(123), "error message %s", "formatted") +// assert.Exactlyf(t, int32(123), int64(123), "error message %s", "formatted") func Exactlyf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -183,7 +225,7 @@ func FailNowf(t TestingT, failureMessage string, msg string, args ...interface{} // Falsef asserts that the specified value is false. // -// assert.Falsef(t, myBool, "error message %s", "formatted") +// assert.Falsef(t, myBool, "error message %s", "formatted") func Falsef(t TestingT, value bool, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -202,9 +244,9 @@ func FileExistsf(t TestingT, path string, msg string, args ...interface{}) bool // Greaterf asserts that the first element is greater than the second // -// assert.Greaterf(t, 2, 1, "error message %s", "formatted") -// assert.Greaterf(t, float64(2), float64(1), "error message %s", "formatted") -// assert.Greaterf(t, "b", "a", "error message %s", "formatted") +// assert.Greaterf(t, 2, 1, "error message %s", "formatted") +// assert.Greaterf(t, float64(2), float64(1), "error message %s", "formatted") +// assert.Greaterf(t, "b", "a", "error message %s", "formatted") func Greaterf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -214,10 +256,10 @@ func Greaterf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...in // GreaterOrEqualf asserts that the first element is greater than or equal to the second // -// assert.GreaterOrEqualf(t, 2, 1, "error message %s", "formatted") -// assert.GreaterOrEqualf(t, 2, 2, "error message %s", "formatted") -// assert.GreaterOrEqualf(t, "b", "a", "error message %s", "formatted") -// assert.GreaterOrEqualf(t, "b", "b", "error message %s", "formatted") +// assert.GreaterOrEqualf(t, 2, 1, "error message %s", "formatted") +// assert.GreaterOrEqualf(t, 2, 2, "error message %s", "formatted") +// assert.GreaterOrEqualf(t, "b", "a", "error message %s", "formatted") +// assert.GreaterOrEqualf(t, "b", "b", "error message %s", "formatted") func GreaterOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -228,7 +270,7 @@ func GreaterOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, arg // HTTPBodyContainsf asserts that a specified handler returns a // body that contains a string. // -// assert.HTTPBodyContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// assert.HTTPBodyContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func HTTPBodyContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool { @@ -241,7 +283,7 @@ func HTTPBodyContainsf(t TestingT, handler http.HandlerFunc, method string, url // HTTPBodyNotContainsf asserts that a specified handler returns a // body that does not contain a string. // -// assert.HTTPBodyNotContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// assert.HTTPBodyNotContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func HTTPBodyNotContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool { @@ -253,7 +295,7 @@ func HTTPBodyNotContainsf(t TestingT, handler http.HandlerFunc, method string, u // HTTPErrorf asserts that a specified handler returns an error status code. // -// assert.HTTPErrorf(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// assert.HTTPErrorf(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func HTTPErrorf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { @@ -265,7 +307,7 @@ func HTTPErrorf(t TestingT, handler http.HandlerFunc, method string, url string, // HTTPRedirectf asserts that a specified handler returns a redirect status code. // -// assert.HTTPRedirectf(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// assert.HTTPRedirectf(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func HTTPRedirectf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { @@ -277,7 +319,7 @@ func HTTPRedirectf(t TestingT, handler http.HandlerFunc, method string, url stri // HTTPStatusCodef asserts that a specified handler returns a specified status code. // -// assert.HTTPStatusCodef(t, myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") +// assert.HTTPStatusCodef(t, myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func HTTPStatusCodef(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) bool { @@ -289,7 +331,7 @@ func HTTPStatusCodef(t TestingT, handler http.HandlerFunc, method string, url st // HTTPSuccessf asserts that a specified handler returns a success status code. // -// assert.HTTPSuccessf(t, myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") +// assert.HTTPSuccessf(t, myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func HTTPSuccessf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { @@ -301,7 +343,7 @@ func HTTPSuccessf(t TestingT, handler http.HandlerFunc, method string, url strin // Implementsf asserts that an object is implemented by the specified interface. // -// assert.Implementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted") +// assert.Implementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted") func Implementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -311,7 +353,7 @@ func Implementsf(t TestingT, interfaceObject interface{}, object interface{}, ms // InDeltaf asserts that the two numerals are within delta of each other. // -// assert.InDeltaf(t, math.Pi, 22/7.0, 0.01, "error message %s", "formatted") +// assert.InDeltaf(t, math.Pi, 22/7.0, 0.01, "error message %s", "formatted") func InDeltaf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -353,9 +395,9 @@ func InEpsilonSlicef(t TestingT, expected interface{}, actual interface{}, epsil // IsDecreasingf asserts that the collection is decreasing // -// assert.IsDecreasingf(t, []int{2, 1, 0}, "error message %s", "formatted") -// assert.IsDecreasingf(t, []float{2, 1}, "error message %s", "formatted") -// assert.IsDecreasingf(t, []string{"b", "a"}, "error message %s", "formatted") +// assert.IsDecreasingf(t, []int{2, 1, 0}, "error message %s", "formatted") +// assert.IsDecreasingf(t, []float{2, 1}, "error message %s", "formatted") +// assert.IsDecreasingf(t, []string{"b", "a"}, "error message %s", "formatted") func IsDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -365,9 +407,9 @@ func IsDecreasingf(t TestingT, object interface{}, msg string, args ...interface // IsIncreasingf asserts that the collection is increasing // -// assert.IsIncreasingf(t, []int{1, 2, 3}, "error message %s", "formatted") -// assert.IsIncreasingf(t, []float{1, 2}, "error message %s", "formatted") -// assert.IsIncreasingf(t, []string{"a", "b"}, "error message %s", "formatted") +// assert.IsIncreasingf(t, []int{1, 2, 3}, "error message %s", "formatted") +// assert.IsIncreasingf(t, []float{1, 2}, "error message %s", "formatted") +// assert.IsIncreasingf(t, []string{"a", "b"}, "error message %s", "formatted") func IsIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -377,9 +419,9 @@ func IsIncreasingf(t TestingT, object interface{}, msg string, args ...interface // IsNonDecreasingf asserts that the collection is not decreasing // -// assert.IsNonDecreasingf(t, []int{1, 1, 2}, "error message %s", "formatted") -// assert.IsNonDecreasingf(t, []float{1, 2}, "error message %s", "formatted") -// assert.IsNonDecreasingf(t, []string{"a", "b"}, "error message %s", "formatted") +// assert.IsNonDecreasingf(t, []int{1, 1, 2}, "error message %s", "formatted") +// assert.IsNonDecreasingf(t, []float{1, 2}, "error message %s", "formatted") +// assert.IsNonDecreasingf(t, []string{"a", "b"}, "error message %s", "formatted") func IsNonDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -389,9 +431,9 @@ func IsNonDecreasingf(t TestingT, object interface{}, msg string, args ...interf // IsNonIncreasingf asserts that the collection is not increasing // -// assert.IsNonIncreasingf(t, []int{2, 1, 1}, "error message %s", "formatted") -// assert.IsNonIncreasingf(t, []float{2, 1}, "error message %s", "formatted") -// assert.IsNonIncreasingf(t, []string{"b", "a"}, "error message %s", "formatted") +// assert.IsNonIncreasingf(t, []int{2, 1, 1}, "error message %s", "formatted") +// assert.IsNonIncreasingf(t, []float{2, 1}, "error message %s", "formatted") +// assert.IsNonIncreasingf(t, []string{"b", "a"}, "error message %s", "formatted") func IsNonIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -409,7 +451,7 @@ func IsTypef(t TestingT, expectedType interface{}, object interface{}, msg strin // JSONEqf asserts that two JSON strings are equivalent. // -// assert.JSONEqf(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") +// assert.JSONEqf(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") func JSONEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -420,7 +462,7 @@ func JSONEqf(t TestingT, expected string, actual string, msg string, args ...int // Lenf asserts that the specified object has specific length. // Lenf also fails if the object has a type that len() not accept. // -// assert.Lenf(t, mySlice, 3, "error message %s", "formatted") +// assert.Lenf(t, mySlice, 3, "error message %s", "formatted") func Lenf(t TestingT, object interface{}, length int, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -430,9 +472,9 @@ func Lenf(t TestingT, object interface{}, length int, msg string, args ...interf // Lessf asserts that the first element is less than the second // -// assert.Lessf(t, 1, 2, "error message %s", "formatted") -// assert.Lessf(t, float64(1), float64(2), "error message %s", "formatted") -// assert.Lessf(t, "a", "b", "error message %s", "formatted") +// assert.Lessf(t, 1, 2, "error message %s", "formatted") +// assert.Lessf(t, float64(1), float64(2), "error message %s", "formatted") +// assert.Lessf(t, "a", "b", "error message %s", "formatted") func Lessf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -442,10 +484,10 @@ func Lessf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...inter // LessOrEqualf asserts that the first element is less than or equal to the second // -// assert.LessOrEqualf(t, 1, 2, "error message %s", "formatted") -// assert.LessOrEqualf(t, 2, 2, "error message %s", "formatted") -// assert.LessOrEqualf(t, "a", "b", "error message %s", "formatted") -// assert.LessOrEqualf(t, "b", "b", "error message %s", "formatted") +// assert.LessOrEqualf(t, 1, 2, "error message %s", "formatted") +// assert.LessOrEqualf(t, 2, 2, "error message %s", "formatted") +// assert.LessOrEqualf(t, "a", "b", "error message %s", "formatted") +// assert.LessOrEqualf(t, "b", "b", "error message %s", "formatted") func LessOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -455,8 +497,8 @@ func LessOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args . // Negativef asserts that the specified element is negative // -// assert.Negativef(t, -1, "error message %s", "formatted") -// assert.Negativef(t, -1.23, "error message %s", "formatted") +// assert.Negativef(t, -1, "error message %s", "formatted") +// assert.Negativef(t, -1.23, "error message %s", "formatted") func Negativef(t TestingT, e interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -467,7 +509,7 @@ func Negativef(t TestingT, e interface{}, msg string, args ...interface{}) bool // Neverf asserts that the given condition doesn't satisfy in waitFor time, // periodically checking the target function each tick. // -// assert.Neverf(t, func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +// assert.Neverf(t, func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") func Neverf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -477,7 +519,7 @@ func Neverf(t TestingT, condition func() bool, waitFor time.Duration, tick time. // Nilf asserts that the specified object is nil. // -// assert.Nilf(t, err, "error message %s", "formatted") +// assert.Nilf(t, err, "error message %s", "formatted") func Nilf(t TestingT, object interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -496,10 +538,10 @@ func NoDirExistsf(t TestingT, path string, msg string, args ...interface{}) bool // NoErrorf asserts that a function returned no error (i.e. `nil`). // -// actualObj, err := SomeFunction() -// if assert.NoErrorf(t, err, "error message %s", "formatted") { -// assert.Equal(t, expectedObj, actualObj) -// } +// actualObj, err := SomeFunction() +// if assert.NoErrorf(t, err, "error message %s", "formatted") { +// assert.Equal(t, expectedObj, actualObj) +// } func NoErrorf(t TestingT, err error, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -519,9 +561,9 @@ func NoFileExistsf(t TestingT, path string, msg string, args ...interface{}) boo // NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the // specified substring or element. // -// assert.NotContainsf(t, "Hello World", "Earth", "error message %s", "formatted") -// assert.NotContainsf(t, ["Hello", "World"], "Earth", "error message %s", "formatted") -// assert.NotContainsf(t, {"Hello": "World"}, "Earth", "error message %s", "formatted") +// assert.NotContainsf(t, "Hello World", "Earth", "error message %s", "formatted") +// assert.NotContainsf(t, ["Hello", "World"], "Earth", "error message %s", "formatted") +// assert.NotContainsf(t, {"Hello": "World"}, "Earth", "error message %s", "formatted") func NotContainsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -532,9 +574,9 @@ func NotContainsf(t TestingT, s interface{}, contains interface{}, msg string, a // NotEmptyf asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either // a slice or a channel with len == 0. // -// if assert.NotEmptyf(t, obj, "error message %s", "formatted") { -// assert.Equal(t, "two", obj[1]) -// } +// if assert.NotEmptyf(t, obj, "error message %s", "formatted") { +// assert.Equal(t, "two", obj[1]) +// } func NotEmptyf(t TestingT, object interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -544,7 +586,7 @@ func NotEmptyf(t TestingT, object interface{}, msg string, args ...interface{}) // NotEqualf asserts that the specified values are NOT equal. // -// assert.NotEqualf(t, obj1, obj2, "error message %s", "formatted") +// assert.NotEqualf(t, obj1, obj2, "error message %s", "formatted") // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). @@ -557,7 +599,7 @@ func NotEqualf(t TestingT, expected interface{}, actual interface{}, msg string, // NotEqualValuesf asserts that two objects are not equal even when converted to the same type // -// assert.NotEqualValuesf(t, obj1, obj2, "error message %s", "formatted") +// assert.NotEqualValuesf(t, obj1, obj2, "error message %s", "formatted") func NotEqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -576,7 +618,7 @@ func NotErrorIsf(t TestingT, err error, target error, msg string, args ...interf // NotNilf asserts that the specified object is not nil. // -// assert.NotNilf(t, err, "error message %s", "formatted") +// assert.NotNilf(t, err, "error message %s", "formatted") func NotNilf(t TestingT, object interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -586,7 +628,7 @@ func NotNilf(t TestingT, object interface{}, msg string, args ...interface{}) bo // NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic. // -// assert.NotPanicsf(t, func(){ RemainCalm() }, "error message %s", "formatted") +// assert.NotPanicsf(t, func(){ RemainCalm() }, "error message %s", "formatted") func NotPanicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -596,8 +638,8 @@ func NotPanicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bo // NotRegexpf asserts that a specified regexp does not match a string. // -// assert.NotRegexpf(t, regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") -// assert.NotRegexpf(t, "^start", "it's not starting", "error message %s", "formatted") +// assert.NotRegexpf(t, regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") +// assert.NotRegexpf(t, "^start", "it's not starting", "error message %s", "formatted") func NotRegexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -607,7 +649,7 @@ func NotRegexpf(t TestingT, rx interface{}, str interface{}, msg string, args .. // NotSamef asserts that two pointers do not reference the same object. // -// assert.NotSamef(t, ptr1, ptr2, "error message %s", "formatted") +// assert.NotSamef(t, ptr1, ptr2, "error message %s", "formatted") // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -621,7 +663,7 @@ func NotSamef(t TestingT, expected interface{}, actual interface{}, msg string, // NotSubsetf asserts that the specified list(array, slice...) contains not all // elements given in the specified subset(array, slice...). // -// assert.NotSubsetf(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted") +// assert.NotSubsetf(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted") func NotSubsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -639,7 +681,7 @@ func NotZerof(t TestingT, i interface{}, msg string, args ...interface{}) bool { // Panicsf asserts that the code inside the specified PanicTestFunc panics. // -// assert.Panicsf(t, func(){ GoCrazy() }, "error message %s", "formatted") +// assert.Panicsf(t, func(){ GoCrazy() }, "error message %s", "formatted") func Panicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -651,7 +693,7 @@ func Panicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bool // panics, and that the recovered panic value is an error that satisfies the // EqualError comparison. // -// assert.PanicsWithErrorf(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +// assert.PanicsWithErrorf(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") func PanicsWithErrorf(t TestingT, errString string, f PanicTestFunc, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -662,7 +704,7 @@ func PanicsWithErrorf(t TestingT, errString string, f PanicTestFunc, msg string, // PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that // the recovered panic value equals the expected panic value. // -// assert.PanicsWithValuef(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +// assert.PanicsWithValuef(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") func PanicsWithValuef(t TestingT, expected interface{}, f PanicTestFunc, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -672,8 +714,8 @@ func PanicsWithValuef(t TestingT, expected interface{}, f PanicTestFunc, msg str // Positivef asserts that the specified element is positive // -// assert.Positivef(t, 1, "error message %s", "formatted") -// assert.Positivef(t, 1.23, "error message %s", "formatted") +// assert.Positivef(t, 1, "error message %s", "formatted") +// assert.Positivef(t, 1.23, "error message %s", "formatted") func Positivef(t TestingT, e interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -683,8 +725,8 @@ func Positivef(t TestingT, e interface{}, msg string, args ...interface{}) bool // Regexpf asserts that a specified regexp matches a string. // -// assert.Regexpf(t, regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") -// assert.Regexpf(t, "start...$", "it's not starting", "error message %s", "formatted") +// assert.Regexpf(t, regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") +// assert.Regexpf(t, "start...$", "it's not starting", "error message %s", "formatted") func Regexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -694,7 +736,7 @@ func Regexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...in // Samef asserts that two pointers reference the same object. // -// assert.Samef(t, ptr1, ptr2, "error message %s", "formatted") +// assert.Samef(t, ptr1, ptr2, "error message %s", "formatted") // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -708,7 +750,7 @@ func Samef(t TestingT, expected interface{}, actual interface{}, msg string, arg // Subsetf asserts that the specified list(array, slice...) contains all // elements given in the specified subset(array, slice...). // -// assert.Subsetf(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted") +// assert.Subsetf(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted") func Subsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -718,7 +760,7 @@ func Subsetf(t TestingT, list interface{}, subset interface{}, msg string, args // Truef asserts that the specified value is true. // -// assert.Truef(t, myBool, "error message %s", "formatted") +// assert.Truef(t, myBool, "error message %s", "formatted") func Truef(t TestingT, value bool, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -728,7 +770,7 @@ func Truef(t TestingT, value bool, msg string, args ...interface{}) bool { // WithinDurationf asserts that the two times are within duration delta of each other. // -// assert.WithinDurationf(t, time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") +// assert.WithinDurationf(t, time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -738,7 +780,7 @@ func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta tim // WithinRangef asserts that a time is within a time range (inclusive). // -// assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +// assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") func WithinRangef(t TestingT, actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() diff --git a/vendor/github.com/stretchr/testify/assert/assertion_forward.go b/vendor/github.com/stretchr/testify/assert/assertion_forward.go index 339515b8b..b1d94aec5 100644 --- a/vendor/github.com/stretchr/testify/assert/assertion_forward.go +++ b/vendor/github.com/stretchr/testify/assert/assertion_forward.go @@ -30,9 +30,9 @@ func (a *Assertions) Conditionf(comp Comparison, msg string, args ...interface{} // Contains asserts that the specified string, list(array, slice...) or map contains the // specified substring or element. // -// a.Contains("Hello World", "World") -// a.Contains(["Hello", "World"], "World") -// a.Contains({"Hello": "World"}, "Hello") +// a.Contains("Hello World", "World") +// a.Contains(["Hello", "World"], "World") +// a.Contains({"Hello": "World"}, "Hello") func (a *Assertions) Contains(s interface{}, contains interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -43,9 +43,9 @@ func (a *Assertions) Contains(s interface{}, contains interface{}, msgAndArgs .. // Containsf asserts that the specified string, list(array, slice...) or map contains the // specified substring or element. // -// a.Containsf("Hello World", "World", "error message %s", "formatted") -// a.Containsf(["Hello", "World"], "World", "error message %s", "formatted") -// a.Containsf({"Hello": "World"}, "Hello", "error message %s", "formatted") +// a.Containsf("Hello World", "World", "error message %s", "formatted") +// a.Containsf(["Hello", "World"], "World", "error message %s", "formatted") +// a.Containsf({"Hello": "World"}, "Hello", "error message %s", "formatted") func (a *Assertions) Containsf(s interface{}, contains interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -98,7 +98,7 @@ func (a *Assertions) ElementsMatchf(listA interface{}, listB interface{}, msg st // Empty asserts that the specified object is empty. I.e. nil, "", false, 0 or either // a slice or a channel with len == 0. // -// a.Empty(obj) +// a.Empty(obj) func (a *Assertions) Empty(object interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -109,7 +109,7 @@ func (a *Assertions) Empty(object interface{}, msgAndArgs ...interface{}) bool { // Emptyf asserts that the specified object is empty. I.e. nil, "", false, 0 or either // a slice or a channel with len == 0. // -// a.Emptyf(obj, "error message %s", "formatted") +// a.Emptyf(obj, "error message %s", "formatted") func (a *Assertions) Emptyf(object interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -119,7 +119,7 @@ func (a *Assertions) Emptyf(object interface{}, msg string, args ...interface{}) // Equal asserts that two objects are equal. // -// a.Equal(123, 123) +// a.Equal(123, 123) // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). Function equality @@ -134,8 +134,8 @@ func (a *Assertions) Equal(expected interface{}, actual interface{}, msgAndArgs // EqualError asserts that a function returned an error (i.e. not `nil`) // and that it is equal to the provided error. // -// actualObj, err := SomeFunction() -// a.EqualError(err, expectedErrorString) +// actualObj, err := SomeFunction() +// a.EqualError(err, expectedErrorString) func (a *Assertions) EqualError(theError error, errString string, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -146,8 +146,8 @@ func (a *Assertions) EqualError(theError error, errString string, msgAndArgs ... // EqualErrorf asserts that a function returned an error (i.e. not `nil`) // and that it is equal to the provided error. // -// actualObj, err := SomeFunction() -// a.EqualErrorf(err, expectedErrorString, "error message %s", "formatted") +// actualObj, err := SomeFunction() +// a.EqualErrorf(err, expectedErrorString, "error message %s", "formatted") func (a *Assertions) EqualErrorf(theError error, errString string, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -155,10 +155,44 @@ func (a *Assertions) EqualErrorf(theError error, errString string, msg string, a return EqualErrorf(a.t, theError, errString, msg, args...) } +// EqualExportedValues asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// a.EqualExportedValues(S{1, 2}, S{1, 3}) => true +// a.EqualExportedValues(S{1, 2}, S{2, 3}) => false +func (a *Assertions) EqualExportedValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EqualExportedValues(a.t, expected, actual, msgAndArgs...) +} + +// EqualExportedValuesf asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// a.EqualExportedValuesf(S{1, 2}, S{1, 3}, "error message %s", "formatted") => true +// a.EqualExportedValuesf(S{1, 2}, S{2, 3}, "error message %s", "formatted") => false +func (a *Assertions) EqualExportedValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EqualExportedValuesf(a.t, expected, actual, msg, args...) +} + // EqualValues asserts that two objects are equal or convertable to the same types // and equal. // -// a.EqualValues(uint32(123), int32(123)) +// a.EqualValues(uint32(123), int32(123)) func (a *Assertions) EqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -169,7 +203,7 @@ func (a *Assertions) EqualValues(expected interface{}, actual interface{}, msgAn // EqualValuesf asserts that two objects are equal or convertable to the same types // and equal. // -// a.EqualValuesf(uint32(123), int32(123), "error message %s", "formatted") +// a.EqualValuesf(uint32(123), int32(123), "error message %s", "formatted") func (a *Assertions) EqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -179,7 +213,7 @@ func (a *Assertions) EqualValuesf(expected interface{}, actual interface{}, msg // Equalf asserts that two objects are equal. // -// a.Equalf(123, 123, "error message %s", "formatted") +// a.Equalf(123, 123, "error message %s", "formatted") // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). Function equality @@ -193,10 +227,10 @@ func (a *Assertions) Equalf(expected interface{}, actual interface{}, msg string // Error asserts that a function returned an error (i.e. not `nil`). // -// actualObj, err := SomeFunction() -// if a.Error(err) { -// assert.Equal(t, expectedError, err) -// } +// actualObj, err := SomeFunction() +// if a.Error(err) { +// assert.Equal(t, expectedError, err) +// } func (a *Assertions) Error(err error, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -225,8 +259,8 @@ func (a *Assertions) ErrorAsf(err error, target interface{}, msg string, args .. // ErrorContains asserts that a function returned an error (i.e. not `nil`) // and that the error contains the specified substring. // -// actualObj, err := SomeFunction() -// a.ErrorContains(err, expectedErrorSubString) +// actualObj, err := SomeFunction() +// a.ErrorContains(err, expectedErrorSubString) func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -237,8 +271,8 @@ func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs . // ErrorContainsf asserts that a function returned an error (i.e. not `nil`) // and that the error contains the specified substring. // -// actualObj, err := SomeFunction() -// a.ErrorContainsf(err, expectedErrorSubString, "error message %s", "formatted") +// actualObj, err := SomeFunction() +// a.ErrorContainsf(err, expectedErrorSubString, "error message %s", "formatted") func (a *Assertions) ErrorContainsf(theError error, contains string, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -266,10 +300,10 @@ func (a *Assertions) ErrorIsf(err error, target error, msg string, args ...inter // Errorf asserts that a function returned an error (i.e. not `nil`). // -// actualObj, err := SomeFunction() -// if a.Errorf(err, "error message %s", "formatted") { -// assert.Equal(t, expectedErrorf, err) -// } +// actualObj, err := SomeFunction() +// if a.Errorf(err, "error message %s", "formatted") { +// assert.Equal(t, expectedErrorf, err) +// } func (a *Assertions) Errorf(err error, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -280,7 +314,7 @@ func (a *Assertions) Errorf(err error, msg string, args ...interface{}) bool { // Eventually asserts that given condition will be met in waitFor time, // periodically checking target function each tick. // -// a.Eventually(func() bool { return true; }, time.Second, 10*time.Millisecond) +// a.Eventually(func() bool { return true; }, time.Second, 10*time.Millisecond) func (a *Assertions) Eventually(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -288,10 +322,60 @@ func (a *Assertions) Eventually(condition func() bool, waitFor time.Duration, ti return Eventually(a.t, condition, waitFor, tick, msgAndArgs...) } +// EventuallyWithT asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// a.EventuallyWithT(func(c *assert.CollectT) { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func (a *Assertions) EventuallyWithT(condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EventuallyWithT(a.t, condition, waitFor, tick, msgAndArgs...) +} + +// EventuallyWithTf asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// a.EventuallyWithTf(func(c *assert.CollectT, "error message %s", "formatted") { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func (a *Assertions) EventuallyWithTf(condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + return EventuallyWithTf(a.t, condition, waitFor, tick, msg, args...) +} + // Eventuallyf asserts that given condition will be met in waitFor time, // periodically checking target function each tick. // -// a.Eventuallyf(func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +// a.Eventuallyf(func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") func (a *Assertions) Eventuallyf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -301,7 +385,7 @@ func (a *Assertions) Eventuallyf(condition func() bool, waitFor time.Duration, t // Exactly asserts that two objects are equal in value and type. // -// a.Exactly(int32(123), int64(123)) +// a.Exactly(int32(123), int64(123)) func (a *Assertions) Exactly(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -311,7 +395,7 @@ func (a *Assertions) Exactly(expected interface{}, actual interface{}, msgAndArg // Exactlyf asserts that two objects are equal in value and type. // -// a.Exactlyf(int32(123), int64(123), "error message %s", "formatted") +// a.Exactlyf(int32(123), int64(123), "error message %s", "formatted") func (a *Assertions) Exactlyf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -353,7 +437,7 @@ func (a *Assertions) Failf(failureMessage string, msg string, args ...interface{ // False asserts that the specified value is false. // -// a.False(myBool) +// a.False(myBool) func (a *Assertions) False(value bool, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -363,7 +447,7 @@ func (a *Assertions) False(value bool, msgAndArgs ...interface{}) bool { // Falsef asserts that the specified value is false. // -// a.Falsef(myBool, "error message %s", "formatted") +// a.Falsef(myBool, "error message %s", "formatted") func (a *Assertions) Falsef(value bool, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -391,9 +475,9 @@ func (a *Assertions) FileExistsf(path string, msg string, args ...interface{}) b // Greater asserts that the first element is greater than the second // -// a.Greater(2, 1) -// a.Greater(float64(2), float64(1)) -// a.Greater("b", "a") +// a.Greater(2, 1) +// a.Greater(float64(2), float64(1)) +// a.Greater("b", "a") func (a *Assertions) Greater(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -403,10 +487,10 @@ func (a *Assertions) Greater(e1 interface{}, e2 interface{}, msgAndArgs ...inter // GreaterOrEqual asserts that the first element is greater than or equal to the second // -// a.GreaterOrEqual(2, 1) -// a.GreaterOrEqual(2, 2) -// a.GreaterOrEqual("b", "a") -// a.GreaterOrEqual("b", "b") +// a.GreaterOrEqual(2, 1) +// a.GreaterOrEqual(2, 2) +// a.GreaterOrEqual("b", "a") +// a.GreaterOrEqual("b", "b") func (a *Assertions) GreaterOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -416,10 +500,10 @@ func (a *Assertions) GreaterOrEqual(e1 interface{}, e2 interface{}, msgAndArgs . // GreaterOrEqualf asserts that the first element is greater than or equal to the second // -// a.GreaterOrEqualf(2, 1, "error message %s", "formatted") -// a.GreaterOrEqualf(2, 2, "error message %s", "formatted") -// a.GreaterOrEqualf("b", "a", "error message %s", "formatted") -// a.GreaterOrEqualf("b", "b", "error message %s", "formatted") +// a.GreaterOrEqualf(2, 1, "error message %s", "formatted") +// a.GreaterOrEqualf(2, 2, "error message %s", "formatted") +// a.GreaterOrEqualf("b", "a", "error message %s", "formatted") +// a.GreaterOrEqualf("b", "b", "error message %s", "formatted") func (a *Assertions) GreaterOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -429,9 +513,9 @@ func (a *Assertions) GreaterOrEqualf(e1 interface{}, e2 interface{}, msg string, // Greaterf asserts that the first element is greater than the second // -// a.Greaterf(2, 1, "error message %s", "formatted") -// a.Greaterf(float64(2), float64(1), "error message %s", "formatted") -// a.Greaterf("b", "a", "error message %s", "formatted") +// a.Greaterf(2, 1, "error message %s", "formatted") +// a.Greaterf(float64(2), float64(1), "error message %s", "formatted") +// a.Greaterf("b", "a", "error message %s", "formatted") func (a *Assertions) Greaterf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -442,7 +526,7 @@ func (a *Assertions) Greaterf(e1 interface{}, e2 interface{}, msg string, args . // HTTPBodyContains asserts that a specified handler returns a // body that contains a string. // -// a.HTTPBodyContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// a.HTTPBodyContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPBodyContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool { @@ -455,7 +539,7 @@ func (a *Assertions) HTTPBodyContains(handler http.HandlerFunc, method string, u // HTTPBodyContainsf asserts that a specified handler returns a // body that contains a string. // -// a.HTTPBodyContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// a.HTTPBodyContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPBodyContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool { @@ -468,7 +552,7 @@ func (a *Assertions) HTTPBodyContainsf(handler http.HandlerFunc, method string, // HTTPBodyNotContains asserts that a specified handler returns a // body that does not contain a string. // -// a.HTTPBodyNotContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// a.HTTPBodyNotContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPBodyNotContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool { @@ -481,7 +565,7 @@ func (a *Assertions) HTTPBodyNotContains(handler http.HandlerFunc, method string // HTTPBodyNotContainsf asserts that a specified handler returns a // body that does not contain a string. // -// a.HTTPBodyNotContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// a.HTTPBodyNotContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPBodyNotContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool { @@ -493,7 +577,7 @@ func (a *Assertions) HTTPBodyNotContainsf(handler http.HandlerFunc, method strin // HTTPError asserts that a specified handler returns an error status code. // -// a.HTTPError(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// a.HTTPError(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPError(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool { @@ -505,7 +589,7 @@ func (a *Assertions) HTTPError(handler http.HandlerFunc, method string, url stri // HTTPErrorf asserts that a specified handler returns an error status code. // -// a.HTTPErrorf(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// a.HTTPErrorf(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPErrorf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { @@ -517,7 +601,7 @@ func (a *Assertions) HTTPErrorf(handler http.HandlerFunc, method string, url str // HTTPRedirect asserts that a specified handler returns a redirect status code. // -// a.HTTPRedirect(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// a.HTTPRedirect(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPRedirect(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool { @@ -529,7 +613,7 @@ func (a *Assertions) HTTPRedirect(handler http.HandlerFunc, method string, url s // HTTPRedirectf asserts that a specified handler returns a redirect status code. // -// a.HTTPRedirectf(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// a.HTTPRedirectf(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPRedirectf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { @@ -541,7 +625,7 @@ func (a *Assertions) HTTPRedirectf(handler http.HandlerFunc, method string, url // HTTPStatusCode asserts that a specified handler returns a specified status code. // -// a.HTTPStatusCode(myHandler, "GET", "/notImplemented", nil, 501) +// a.HTTPStatusCode(myHandler, "GET", "/notImplemented", nil, 501) // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPStatusCode(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) bool { @@ -553,7 +637,7 @@ func (a *Assertions) HTTPStatusCode(handler http.HandlerFunc, method string, url // HTTPStatusCodef asserts that a specified handler returns a specified status code. // -// a.HTTPStatusCodef(myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") +// a.HTTPStatusCodef(myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPStatusCodef(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) bool { @@ -565,7 +649,7 @@ func (a *Assertions) HTTPStatusCodef(handler http.HandlerFunc, method string, ur // HTTPSuccess asserts that a specified handler returns a success status code. // -// a.HTTPSuccess(myHandler, "POST", "http://www.google.com", nil) +// a.HTTPSuccess(myHandler, "POST", "http://www.google.com", nil) // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPSuccess(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool { @@ -577,7 +661,7 @@ func (a *Assertions) HTTPSuccess(handler http.HandlerFunc, method string, url st // HTTPSuccessf asserts that a specified handler returns a success status code. // -// a.HTTPSuccessf(myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") +// a.HTTPSuccessf(myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPSuccessf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool { @@ -589,7 +673,7 @@ func (a *Assertions) HTTPSuccessf(handler http.HandlerFunc, method string, url s // Implements asserts that an object is implemented by the specified interface. // -// a.Implements((*MyInterface)(nil), new(MyObject)) +// a.Implements((*MyInterface)(nil), new(MyObject)) func (a *Assertions) Implements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -599,7 +683,7 @@ func (a *Assertions) Implements(interfaceObject interface{}, object interface{}, // Implementsf asserts that an object is implemented by the specified interface. // -// a.Implementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted") +// a.Implementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted") func (a *Assertions) Implementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -609,7 +693,7 @@ func (a *Assertions) Implementsf(interfaceObject interface{}, object interface{} // InDelta asserts that the two numerals are within delta of each other. // -// a.InDelta(math.Pi, 22/7.0, 0.01) +// a.InDelta(math.Pi, 22/7.0, 0.01) func (a *Assertions) InDelta(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -651,7 +735,7 @@ func (a *Assertions) InDeltaSlicef(expected interface{}, actual interface{}, del // InDeltaf asserts that the two numerals are within delta of each other. // -// a.InDeltaf(math.Pi, 22/7.0, 0.01, "error message %s", "formatted") +// a.InDeltaf(math.Pi, 22/7.0, 0.01, "error message %s", "formatted") func (a *Assertions) InDeltaf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -693,9 +777,9 @@ func (a *Assertions) InEpsilonf(expected interface{}, actual interface{}, epsilo // IsDecreasing asserts that the collection is decreasing // -// a.IsDecreasing([]int{2, 1, 0}) -// a.IsDecreasing([]float{2, 1}) -// a.IsDecreasing([]string{"b", "a"}) +// a.IsDecreasing([]int{2, 1, 0}) +// a.IsDecreasing([]float{2, 1}) +// a.IsDecreasing([]string{"b", "a"}) func (a *Assertions) IsDecreasing(object interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -705,9 +789,9 @@ func (a *Assertions) IsDecreasing(object interface{}, msgAndArgs ...interface{}) // IsDecreasingf asserts that the collection is decreasing // -// a.IsDecreasingf([]int{2, 1, 0}, "error message %s", "formatted") -// a.IsDecreasingf([]float{2, 1}, "error message %s", "formatted") -// a.IsDecreasingf([]string{"b", "a"}, "error message %s", "formatted") +// a.IsDecreasingf([]int{2, 1, 0}, "error message %s", "formatted") +// a.IsDecreasingf([]float{2, 1}, "error message %s", "formatted") +// a.IsDecreasingf([]string{"b", "a"}, "error message %s", "formatted") func (a *Assertions) IsDecreasingf(object interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -717,9 +801,9 @@ func (a *Assertions) IsDecreasingf(object interface{}, msg string, args ...inter // IsIncreasing asserts that the collection is increasing // -// a.IsIncreasing([]int{1, 2, 3}) -// a.IsIncreasing([]float{1, 2}) -// a.IsIncreasing([]string{"a", "b"}) +// a.IsIncreasing([]int{1, 2, 3}) +// a.IsIncreasing([]float{1, 2}) +// a.IsIncreasing([]string{"a", "b"}) func (a *Assertions) IsIncreasing(object interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -729,9 +813,9 @@ func (a *Assertions) IsIncreasing(object interface{}, msgAndArgs ...interface{}) // IsIncreasingf asserts that the collection is increasing // -// a.IsIncreasingf([]int{1, 2, 3}, "error message %s", "formatted") -// a.IsIncreasingf([]float{1, 2}, "error message %s", "formatted") -// a.IsIncreasingf([]string{"a", "b"}, "error message %s", "formatted") +// a.IsIncreasingf([]int{1, 2, 3}, "error message %s", "formatted") +// a.IsIncreasingf([]float{1, 2}, "error message %s", "formatted") +// a.IsIncreasingf([]string{"a", "b"}, "error message %s", "formatted") func (a *Assertions) IsIncreasingf(object interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -741,9 +825,9 @@ func (a *Assertions) IsIncreasingf(object interface{}, msg string, args ...inter // IsNonDecreasing asserts that the collection is not decreasing // -// a.IsNonDecreasing([]int{1, 1, 2}) -// a.IsNonDecreasing([]float{1, 2}) -// a.IsNonDecreasing([]string{"a", "b"}) +// a.IsNonDecreasing([]int{1, 1, 2}) +// a.IsNonDecreasing([]float{1, 2}) +// a.IsNonDecreasing([]string{"a", "b"}) func (a *Assertions) IsNonDecreasing(object interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -753,9 +837,9 @@ func (a *Assertions) IsNonDecreasing(object interface{}, msgAndArgs ...interface // IsNonDecreasingf asserts that the collection is not decreasing // -// a.IsNonDecreasingf([]int{1, 1, 2}, "error message %s", "formatted") -// a.IsNonDecreasingf([]float{1, 2}, "error message %s", "formatted") -// a.IsNonDecreasingf([]string{"a", "b"}, "error message %s", "formatted") +// a.IsNonDecreasingf([]int{1, 1, 2}, "error message %s", "formatted") +// a.IsNonDecreasingf([]float{1, 2}, "error message %s", "formatted") +// a.IsNonDecreasingf([]string{"a", "b"}, "error message %s", "formatted") func (a *Assertions) IsNonDecreasingf(object interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -765,9 +849,9 @@ func (a *Assertions) IsNonDecreasingf(object interface{}, msg string, args ...in // IsNonIncreasing asserts that the collection is not increasing // -// a.IsNonIncreasing([]int{2, 1, 1}) -// a.IsNonIncreasing([]float{2, 1}) -// a.IsNonIncreasing([]string{"b", "a"}) +// a.IsNonIncreasing([]int{2, 1, 1}) +// a.IsNonIncreasing([]float{2, 1}) +// a.IsNonIncreasing([]string{"b", "a"}) func (a *Assertions) IsNonIncreasing(object interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -777,9 +861,9 @@ func (a *Assertions) IsNonIncreasing(object interface{}, msgAndArgs ...interface // IsNonIncreasingf asserts that the collection is not increasing // -// a.IsNonIncreasingf([]int{2, 1, 1}, "error message %s", "formatted") -// a.IsNonIncreasingf([]float{2, 1}, "error message %s", "formatted") -// a.IsNonIncreasingf([]string{"b", "a"}, "error message %s", "formatted") +// a.IsNonIncreasingf([]int{2, 1, 1}, "error message %s", "formatted") +// a.IsNonIncreasingf([]float{2, 1}, "error message %s", "formatted") +// a.IsNonIncreasingf([]string{"b", "a"}, "error message %s", "formatted") func (a *Assertions) IsNonIncreasingf(object interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -805,7 +889,7 @@ func (a *Assertions) IsTypef(expectedType interface{}, object interface{}, msg s // JSONEq asserts that two JSON strings are equivalent. // -// a.JSONEq(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) +// a.JSONEq(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) func (a *Assertions) JSONEq(expected string, actual string, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -815,7 +899,7 @@ func (a *Assertions) JSONEq(expected string, actual string, msgAndArgs ...interf // JSONEqf asserts that two JSON strings are equivalent. // -// a.JSONEqf(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") +// a.JSONEqf(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") func (a *Assertions) JSONEqf(expected string, actual string, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -826,7 +910,7 @@ func (a *Assertions) JSONEqf(expected string, actual string, msg string, args .. // Len asserts that the specified object has specific length. // Len also fails if the object has a type that len() not accept. // -// a.Len(mySlice, 3) +// a.Len(mySlice, 3) func (a *Assertions) Len(object interface{}, length int, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -837,7 +921,7 @@ func (a *Assertions) Len(object interface{}, length int, msgAndArgs ...interface // Lenf asserts that the specified object has specific length. // Lenf also fails if the object has a type that len() not accept. // -// a.Lenf(mySlice, 3, "error message %s", "formatted") +// a.Lenf(mySlice, 3, "error message %s", "formatted") func (a *Assertions) Lenf(object interface{}, length int, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -847,9 +931,9 @@ func (a *Assertions) Lenf(object interface{}, length int, msg string, args ...in // Less asserts that the first element is less than the second // -// a.Less(1, 2) -// a.Less(float64(1), float64(2)) -// a.Less("a", "b") +// a.Less(1, 2) +// a.Less(float64(1), float64(2)) +// a.Less("a", "b") func (a *Assertions) Less(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -859,10 +943,10 @@ func (a *Assertions) Less(e1 interface{}, e2 interface{}, msgAndArgs ...interfac // LessOrEqual asserts that the first element is less than or equal to the second // -// a.LessOrEqual(1, 2) -// a.LessOrEqual(2, 2) -// a.LessOrEqual("a", "b") -// a.LessOrEqual("b", "b") +// a.LessOrEqual(1, 2) +// a.LessOrEqual(2, 2) +// a.LessOrEqual("a", "b") +// a.LessOrEqual("b", "b") func (a *Assertions) LessOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -872,10 +956,10 @@ func (a *Assertions) LessOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...i // LessOrEqualf asserts that the first element is less than or equal to the second // -// a.LessOrEqualf(1, 2, "error message %s", "formatted") -// a.LessOrEqualf(2, 2, "error message %s", "formatted") -// a.LessOrEqualf("a", "b", "error message %s", "formatted") -// a.LessOrEqualf("b", "b", "error message %s", "formatted") +// a.LessOrEqualf(1, 2, "error message %s", "formatted") +// a.LessOrEqualf(2, 2, "error message %s", "formatted") +// a.LessOrEqualf("a", "b", "error message %s", "formatted") +// a.LessOrEqualf("b", "b", "error message %s", "formatted") func (a *Assertions) LessOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -885,9 +969,9 @@ func (a *Assertions) LessOrEqualf(e1 interface{}, e2 interface{}, msg string, ar // Lessf asserts that the first element is less than the second // -// a.Lessf(1, 2, "error message %s", "formatted") -// a.Lessf(float64(1), float64(2), "error message %s", "formatted") -// a.Lessf("a", "b", "error message %s", "formatted") +// a.Lessf(1, 2, "error message %s", "formatted") +// a.Lessf(float64(1), float64(2), "error message %s", "formatted") +// a.Lessf("a", "b", "error message %s", "formatted") func (a *Assertions) Lessf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -897,8 +981,8 @@ func (a *Assertions) Lessf(e1 interface{}, e2 interface{}, msg string, args ...i // Negative asserts that the specified element is negative // -// a.Negative(-1) -// a.Negative(-1.23) +// a.Negative(-1) +// a.Negative(-1.23) func (a *Assertions) Negative(e interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -908,8 +992,8 @@ func (a *Assertions) Negative(e interface{}, msgAndArgs ...interface{}) bool { // Negativef asserts that the specified element is negative // -// a.Negativef(-1, "error message %s", "formatted") -// a.Negativef(-1.23, "error message %s", "formatted") +// a.Negativef(-1, "error message %s", "formatted") +// a.Negativef(-1.23, "error message %s", "formatted") func (a *Assertions) Negativef(e interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -920,7 +1004,7 @@ func (a *Assertions) Negativef(e interface{}, msg string, args ...interface{}) b // Never asserts that the given condition doesn't satisfy in waitFor time, // periodically checking the target function each tick. // -// a.Never(func() bool { return false; }, time.Second, 10*time.Millisecond) +// a.Never(func() bool { return false; }, time.Second, 10*time.Millisecond) func (a *Assertions) Never(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -931,7 +1015,7 @@ func (a *Assertions) Never(condition func() bool, waitFor time.Duration, tick ti // Neverf asserts that the given condition doesn't satisfy in waitFor time, // periodically checking the target function each tick. // -// a.Neverf(func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +// a.Neverf(func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") func (a *Assertions) Neverf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -941,7 +1025,7 @@ func (a *Assertions) Neverf(condition func() bool, waitFor time.Duration, tick t // Nil asserts that the specified object is nil. // -// a.Nil(err) +// a.Nil(err) func (a *Assertions) Nil(object interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -951,7 +1035,7 @@ func (a *Assertions) Nil(object interface{}, msgAndArgs ...interface{}) bool { // Nilf asserts that the specified object is nil. // -// a.Nilf(err, "error message %s", "formatted") +// a.Nilf(err, "error message %s", "formatted") func (a *Assertions) Nilf(object interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -979,10 +1063,10 @@ func (a *Assertions) NoDirExistsf(path string, msg string, args ...interface{}) // NoError asserts that a function returned no error (i.e. `nil`). // -// actualObj, err := SomeFunction() -// if a.NoError(err) { -// assert.Equal(t, expectedObj, actualObj) -// } +// actualObj, err := SomeFunction() +// if a.NoError(err) { +// assert.Equal(t, expectedObj, actualObj) +// } func (a *Assertions) NoError(err error, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -992,10 +1076,10 @@ func (a *Assertions) NoError(err error, msgAndArgs ...interface{}) bool { // NoErrorf asserts that a function returned no error (i.e. `nil`). // -// actualObj, err := SomeFunction() -// if a.NoErrorf(err, "error message %s", "formatted") { -// assert.Equal(t, expectedObj, actualObj) -// } +// actualObj, err := SomeFunction() +// if a.NoErrorf(err, "error message %s", "formatted") { +// assert.Equal(t, expectedObj, actualObj) +// } func (a *Assertions) NoErrorf(err error, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1024,9 +1108,9 @@ func (a *Assertions) NoFileExistsf(path string, msg string, args ...interface{}) // NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the // specified substring or element. // -// a.NotContains("Hello World", "Earth") -// a.NotContains(["Hello", "World"], "Earth") -// a.NotContains({"Hello": "World"}, "Earth") +// a.NotContains("Hello World", "Earth") +// a.NotContains(["Hello", "World"], "Earth") +// a.NotContains({"Hello": "World"}, "Earth") func (a *Assertions) NotContains(s interface{}, contains interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1037,9 +1121,9 @@ func (a *Assertions) NotContains(s interface{}, contains interface{}, msgAndArgs // NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the // specified substring or element. // -// a.NotContainsf("Hello World", "Earth", "error message %s", "formatted") -// a.NotContainsf(["Hello", "World"], "Earth", "error message %s", "formatted") -// a.NotContainsf({"Hello": "World"}, "Earth", "error message %s", "formatted") +// a.NotContainsf("Hello World", "Earth", "error message %s", "formatted") +// a.NotContainsf(["Hello", "World"], "Earth", "error message %s", "formatted") +// a.NotContainsf({"Hello": "World"}, "Earth", "error message %s", "formatted") func (a *Assertions) NotContainsf(s interface{}, contains interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1050,9 +1134,9 @@ func (a *Assertions) NotContainsf(s interface{}, contains interface{}, msg strin // NotEmpty asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either // a slice or a channel with len == 0. // -// if a.NotEmpty(obj) { -// assert.Equal(t, "two", obj[1]) -// } +// if a.NotEmpty(obj) { +// assert.Equal(t, "two", obj[1]) +// } func (a *Assertions) NotEmpty(object interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1063,9 +1147,9 @@ func (a *Assertions) NotEmpty(object interface{}, msgAndArgs ...interface{}) boo // NotEmptyf asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either // a slice or a channel with len == 0. // -// if a.NotEmptyf(obj, "error message %s", "formatted") { -// assert.Equal(t, "two", obj[1]) -// } +// if a.NotEmptyf(obj, "error message %s", "formatted") { +// assert.Equal(t, "two", obj[1]) +// } func (a *Assertions) NotEmptyf(object interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1075,7 +1159,7 @@ func (a *Assertions) NotEmptyf(object interface{}, msg string, args ...interface // NotEqual asserts that the specified values are NOT equal. // -// a.NotEqual(obj1, obj2) +// a.NotEqual(obj1, obj2) // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). @@ -1088,7 +1172,7 @@ func (a *Assertions) NotEqual(expected interface{}, actual interface{}, msgAndAr // NotEqualValues asserts that two objects are not equal even when converted to the same type // -// a.NotEqualValues(obj1, obj2) +// a.NotEqualValues(obj1, obj2) func (a *Assertions) NotEqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1098,7 +1182,7 @@ func (a *Assertions) NotEqualValues(expected interface{}, actual interface{}, ms // NotEqualValuesf asserts that two objects are not equal even when converted to the same type // -// a.NotEqualValuesf(obj1, obj2, "error message %s", "formatted") +// a.NotEqualValuesf(obj1, obj2, "error message %s", "formatted") func (a *Assertions) NotEqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1108,7 +1192,7 @@ func (a *Assertions) NotEqualValuesf(expected interface{}, actual interface{}, m // NotEqualf asserts that the specified values are NOT equal. // -// a.NotEqualf(obj1, obj2, "error message %s", "formatted") +// a.NotEqualf(obj1, obj2, "error message %s", "formatted") // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). @@ -1139,7 +1223,7 @@ func (a *Assertions) NotErrorIsf(err error, target error, msg string, args ...in // NotNil asserts that the specified object is not nil. // -// a.NotNil(err) +// a.NotNil(err) func (a *Assertions) NotNil(object interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1149,7 +1233,7 @@ func (a *Assertions) NotNil(object interface{}, msgAndArgs ...interface{}) bool // NotNilf asserts that the specified object is not nil. // -// a.NotNilf(err, "error message %s", "formatted") +// a.NotNilf(err, "error message %s", "formatted") func (a *Assertions) NotNilf(object interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1159,7 +1243,7 @@ func (a *Assertions) NotNilf(object interface{}, msg string, args ...interface{} // NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic. // -// a.NotPanics(func(){ RemainCalm() }) +// a.NotPanics(func(){ RemainCalm() }) func (a *Assertions) NotPanics(f PanicTestFunc, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1169,7 +1253,7 @@ func (a *Assertions) NotPanics(f PanicTestFunc, msgAndArgs ...interface{}) bool // NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic. // -// a.NotPanicsf(func(){ RemainCalm() }, "error message %s", "formatted") +// a.NotPanicsf(func(){ RemainCalm() }, "error message %s", "formatted") func (a *Assertions) NotPanicsf(f PanicTestFunc, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1179,8 +1263,8 @@ func (a *Assertions) NotPanicsf(f PanicTestFunc, msg string, args ...interface{} // NotRegexp asserts that a specified regexp does not match a string. // -// a.NotRegexp(regexp.MustCompile("starts"), "it's starting") -// a.NotRegexp("^start", "it's not starting") +// a.NotRegexp(regexp.MustCompile("starts"), "it's starting") +// a.NotRegexp("^start", "it's not starting") func (a *Assertions) NotRegexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1190,8 +1274,8 @@ func (a *Assertions) NotRegexp(rx interface{}, str interface{}, msgAndArgs ...in // NotRegexpf asserts that a specified regexp does not match a string. // -// a.NotRegexpf(regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") -// a.NotRegexpf("^start", "it's not starting", "error message %s", "formatted") +// a.NotRegexpf(regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") +// a.NotRegexpf("^start", "it's not starting", "error message %s", "formatted") func (a *Assertions) NotRegexpf(rx interface{}, str interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1201,7 +1285,7 @@ func (a *Assertions) NotRegexpf(rx interface{}, str interface{}, msg string, arg // NotSame asserts that two pointers do not reference the same object. // -// a.NotSame(ptr1, ptr2) +// a.NotSame(ptr1, ptr2) // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1214,7 +1298,7 @@ func (a *Assertions) NotSame(expected interface{}, actual interface{}, msgAndArg // NotSamef asserts that two pointers do not reference the same object. // -// a.NotSamef(ptr1, ptr2, "error message %s", "formatted") +// a.NotSamef(ptr1, ptr2, "error message %s", "formatted") // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1228,7 +1312,7 @@ func (a *Assertions) NotSamef(expected interface{}, actual interface{}, msg stri // NotSubset asserts that the specified list(array, slice...) contains not all // elements given in the specified subset(array, slice...). // -// a.NotSubset([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]") +// a.NotSubset([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]") func (a *Assertions) NotSubset(list interface{}, subset interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1239,7 +1323,7 @@ func (a *Assertions) NotSubset(list interface{}, subset interface{}, msgAndArgs // NotSubsetf asserts that the specified list(array, slice...) contains not all // elements given in the specified subset(array, slice...). // -// a.NotSubsetf([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted") +// a.NotSubsetf([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted") func (a *Assertions) NotSubsetf(list interface{}, subset interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1265,7 +1349,7 @@ func (a *Assertions) NotZerof(i interface{}, msg string, args ...interface{}) bo // Panics asserts that the code inside the specified PanicTestFunc panics. // -// a.Panics(func(){ GoCrazy() }) +// a.Panics(func(){ GoCrazy() }) func (a *Assertions) Panics(f PanicTestFunc, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1277,7 +1361,7 @@ func (a *Assertions) Panics(f PanicTestFunc, msgAndArgs ...interface{}) bool { // panics, and that the recovered panic value is an error that satisfies the // EqualError comparison. // -// a.PanicsWithError("crazy error", func(){ GoCrazy() }) +// a.PanicsWithError("crazy error", func(){ GoCrazy() }) func (a *Assertions) PanicsWithError(errString string, f PanicTestFunc, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1289,7 +1373,7 @@ func (a *Assertions) PanicsWithError(errString string, f PanicTestFunc, msgAndAr // panics, and that the recovered panic value is an error that satisfies the // EqualError comparison. // -// a.PanicsWithErrorf("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +// a.PanicsWithErrorf("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") func (a *Assertions) PanicsWithErrorf(errString string, f PanicTestFunc, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1300,7 +1384,7 @@ func (a *Assertions) PanicsWithErrorf(errString string, f PanicTestFunc, msg str // PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that // the recovered panic value equals the expected panic value. // -// a.PanicsWithValue("crazy error", func(){ GoCrazy() }) +// a.PanicsWithValue("crazy error", func(){ GoCrazy() }) func (a *Assertions) PanicsWithValue(expected interface{}, f PanicTestFunc, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1311,7 +1395,7 @@ func (a *Assertions) PanicsWithValue(expected interface{}, f PanicTestFunc, msgA // PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that // the recovered panic value equals the expected panic value. // -// a.PanicsWithValuef("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +// a.PanicsWithValuef("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") func (a *Assertions) PanicsWithValuef(expected interface{}, f PanicTestFunc, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1321,7 +1405,7 @@ func (a *Assertions) PanicsWithValuef(expected interface{}, f PanicTestFunc, msg // Panicsf asserts that the code inside the specified PanicTestFunc panics. // -// a.Panicsf(func(){ GoCrazy() }, "error message %s", "formatted") +// a.Panicsf(func(){ GoCrazy() }, "error message %s", "formatted") func (a *Assertions) Panicsf(f PanicTestFunc, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1331,8 +1415,8 @@ func (a *Assertions) Panicsf(f PanicTestFunc, msg string, args ...interface{}) b // Positive asserts that the specified element is positive // -// a.Positive(1) -// a.Positive(1.23) +// a.Positive(1) +// a.Positive(1.23) func (a *Assertions) Positive(e interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1342,8 +1426,8 @@ func (a *Assertions) Positive(e interface{}, msgAndArgs ...interface{}) bool { // Positivef asserts that the specified element is positive // -// a.Positivef(1, "error message %s", "formatted") -// a.Positivef(1.23, "error message %s", "formatted") +// a.Positivef(1, "error message %s", "formatted") +// a.Positivef(1.23, "error message %s", "formatted") func (a *Assertions) Positivef(e interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1353,8 +1437,8 @@ func (a *Assertions) Positivef(e interface{}, msg string, args ...interface{}) b // Regexp asserts that a specified regexp matches a string. // -// a.Regexp(regexp.MustCompile("start"), "it's starting") -// a.Regexp("start...$", "it's not starting") +// a.Regexp(regexp.MustCompile("start"), "it's starting") +// a.Regexp("start...$", "it's not starting") func (a *Assertions) Regexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1364,8 +1448,8 @@ func (a *Assertions) Regexp(rx interface{}, str interface{}, msgAndArgs ...inter // Regexpf asserts that a specified regexp matches a string. // -// a.Regexpf(regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") -// a.Regexpf("start...$", "it's not starting", "error message %s", "formatted") +// a.Regexpf(regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") +// a.Regexpf("start...$", "it's not starting", "error message %s", "formatted") func (a *Assertions) Regexpf(rx interface{}, str interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1375,7 +1459,7 @@ func (a *Assertions) Regexpf(rx interface{}, str interface{}, msg string, args . // Same asserts that two pointers reference the same object. // -// a.Same(ptr1, ptr2) +// a.Same(ptr1, ptr2) // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1388,7 +1472,7 @@ func (a *Assertions) Same(expected interface{}, actual interface{}, msgAndArgs . // Samef asserts that two pointers reference the same object. // -// a.Samef(ptr1, ptr2, "error message %s", "formatted") +// a.Samef(ptr1, ptr2, "error message %s", "formatted") // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1402,7 +1486,7 @@ func (a *Assertions) Samef(expected interface{}, actual interface{}, msg string, // Subset asserts that the specified list(array, slice...) contains all // elements given in the specified subset(array, slice...). // -// a.Subset([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]") +// a.Subset([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]") func (a *Assertions) Subset(list interface{}, subset interface{}, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1413,7 +1497,7 @@ func (a *Assertions) Subset(list interface{}, subset interface{}, msgAndArgs ... // Subsetf asserts that the specified list(array, slice...) contains all // elements given in the specified subset(array, slice...). // -// a.Subsetf([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted") +// a.Subsetf([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted") func (a *Assertions) Subsetf(list interface{}, subset interface{}, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1423,7 +1507,7 @@ func (a *Assertions) Subsetf(list interface{}, subset interface{}, msg string, a // True asserts that the specified value is true. // -// a.True(myBool) +// a.True(myBool) func (a *Assertions) True(value bool, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1433,7 +1517,7 @@ func (a *Assertions) True(value bool, msgAndArgs ...interface{}) bool { // Truef asserts that the specified value is true. // -// a.Truef(myBool, "error message %s", "formatted") +// a.Truef(myBool, "error message %s", "formatted") func (a *Assertions) Truef(value bool, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1443,7 +1527,7 @@ func (a *Assertions) Truef(value bool, msg string, args ...interface{}) bool { // WithinDuration asserts that the two times are within duration delta of each other. // -// a.WithinDuration(time.Now(), time.Now(), 10*time.Second) +// a.WithinDuration(time.Now(), time.Now(), 10*time.Second) func (a *Assertions) WithinDuration(expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1453,7 +1537,7 @@ func (a *Assertions) WithinDuration(expected time.Time, actual time.Time, delta // WithinDurationf asserts that the two times are within duration delta of each other. // -// a.WithinDurationf(time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") +// a.WithinDurationf(time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1463,7 +1547,7 @@ func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta // WithinRange asserts that a time is within a time range (inclusive). // -// a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +// a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1473,7 +1557,7 @@ func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Tim // WithinRangef asserts that a time is within a time range (inclusive). // -// a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +// a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") func (a *Assertions) WithinRangef(actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool { if h, ok := a.t.(tHelper); ok { h.Helper() diff --git a/vendor/github.com/stretchr/testify/assert/assertion_order.go b/vendor/github.com/stretchr/testify/assert/assertion_order.go index 759448783..00df62a05 100644 --- a/vendor/github.com/stretchr/testify/assert/assertion_order.go +++ b/vendor/github.com/stretchr/testify/assert/assertion_order.go @@ -46,36 +46,36 @@ func isOrdered(t TestingT, object interface{}, allowedComparesResults []CompareT // IsIncreasing asserts that the collection is increasing // -// assert.IsIncreasing(t, []int{1, 2, 3}) -// assert.IsIncreasing(t, []float{1, 2}) -// assert.IsIncreasing(t, []string{"a", "b"}) +// assert.IsIncreasing(t, []int{1, 2, 3}) +// assert.IsIncreasing(t, []float{1, 2}) +// assert.IsIncreasing(t, []string{"a", "b"}) func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { return isOrdered(t, object, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs...) } // IsNonIncreasing asserts that the collection is not increasing // -// assert.IsNonIncreasing(t, []int{2, 1, 1}) -// assert.IsNonIncreasing(t, []float{2, 1}) -// assert.IsNonIncreasing(t, []string{"b", "a"}) +// assert.IsNonIncreasing(t, []int{2, 1, 1}) +// assert.IsNonIncreasing(t, []float{2, 1}) +// assert.IsNonIncreasing(t, []string{"b", "a"}) func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { return isOrdered(t, object, []CompareType{compareEqual, compareGreater}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs...) } // IsDecreasing asserts that the collection is decreasing // -// assert.IsDecreasing(t, []int{2, 1, 0}) -// assert.IsDecreasing(t, []float{2, 1}) -// assert.IsDecreasing(t, []string{"b", "a"}) +// assert.IsDecreasing(t, []int{2, 1, 0}) +// assert.IsDecreasing(t, []float{2, 1}) +// assert.IsDecreasing(t, []string{"b", "a"}) func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { return isOrdered(t, object, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs...) } // IsNonDecreasing asserts that the collection is not decreasing // -// assert.IsNonDecreasing(t, []int{1, 1, 2}) -// assert.IsNonDecreasing(t, []float{1, 2}) -// assert.IsNonDecreasing(t, []string{"a", "b"}) +// assert.IsNonDecreasing(t, []int{1, 1, 2}) +// assert.IsNonDecreasing(t, []float{1, 2}) +// assert.IsNonDecreasing(t, []string{"a", "b"}) func IsNonDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { return isOrdered(t, object, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs...) } diff --git a/vendor/github.com/stretchr/testify/assert/assertions.go b/vendor/github.com/stretchr/testify/assert/assertions.go index 2924cf3a1..a55d1bba9 100644 --- a/vendor/github.com/stretchr/testify/assert/assertions.go +++ b/vendor/github.com/stretchr/testify/assert/assertions.go @@ -75,6 +75,77 @@ func ObjectsAreEqual(expected, actual interface{}) bool { return bytes.Equal(exp, act) } +// copyExportedFields iterates downward through nested data structures and creates a copy +// that only contains the exported struct fields. +func copyExportedFields(expected interface{}) interface{} { + if isNil(expected) { + return expected + } + + expectedType := reflect.TypeOf(expected) + expectedKind := expectedType.Kind() + expectedValue := reflect.ValueOf(expected) + + switch expectedKind { + case reflect.Struct: + result := reflect.New(expectedType).Elem() + for i := 0; i < expectedType.NumField(); i++ { + field := expectedType.Field(i) + isExported := field.IsExported() + if isExported { + fieldValue := expectedValue.Field(i) + if isNil(fieldValue) || isNil(fieldValue.Interface()) { + continue + } + newValue := copyExportedFields(fieldValue.Interface()) + result.Field(i).Set(reflect.ValueOf(newValue)) + } + } + return result.Interface() + + case reflect.Ptr: + result := reflect.New(expectedType.Elem()) + unexportedRemoved := copyExportedFields(expectedValue.Elem().Interface()) + result.Elem().Set(reflect.ValueOf(unexportedRemoved)) + return result.Interface() + + case reflect.Array, reflect.Slice: + result := reflect.MakeSlice(expectedType, expectedValue.Len(), expectedValue.Len()) + for i := 0; i < expectedValue.Len(); i++ { + index := expectedValue.Index(i) + if isNil(index) { + continue + } + unexportedRemoved := copyExportedFields(index.Interface()) + result.Index(i).Set(reflect.ValueOf(unexportedRemoved)) + } + return result.Interface() + + case reflect.Map: + result := reflect.MakeMap(expectedType) + for _, k := range expectedValue.MapKeys() { + index := expectedValue.MapIndex(k) + unexportedRemoved := copyExportedFields(index.Interface()) + result.SetMapIndex(k, reflect.ValueOf(unexportedRemoved)) + } + return result.Interface() + + default: + return expected + } +} + +// ObjectsExportedFieldsAreEqual determines if the exported (public) fields of two objects are +// considered equal. This comparison of only exported fields is applied recursively to nested data +// structures. +// +// This function does no assertion of any kind. +func ObjectsExportedFieldsAreEqual(expected, actual interface{}) bool { + expectedCleaned := copyExportedFields(expected) + actualCleaned := copyExportedFields(actual) + return ObjectsAreEqualValues(expectedCleaned, actualCleaned) +} + // ObjectsAreEqualValues gets whether two objects are equal, or if their // values are equal. func ObjectsAreEqualValues(expected, actual interface{}) bool { @@ -271,7 +342,7 @@ type labeledContent struct { // labeledOutput returns a string consisting of the provided labeledContent. Each labeled output is appended in the following manner: // -// \t{{label}}:{{align_spaces}}\t{{content}}\n +// \t{{label}}:{{align_spaces}}\t{{content}}\n // // The initial carriage return is required to undo/erase any padding added by testing.T.Errorf. The "\t{{label}}:" is for the label. // If a label is shorter than the longest label provided, padding spaces are added to make all the labels match in length. Once this @@ -294,7 +365,7 @@ func labeledOutput(content ...labeledContent) string { // Implements asserts that an object is implemented by the specified interface. // -// assert.Implements(t, (*MyInterface)(nil), new(MyObject)) +// assert.Implements(t, (*MyInterface)(nil), new(MyObject)) func Implements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -326,7 +397,7 @@ func IsType(t TestingT, expectedType interface{}, object interface{}, msgAndArgs // Equal asserts that two objects are equal. // -// assert.Equal(t, 123, 123) +// assert.Equal(t, 123, 123) // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). Function equality @@ -367,7 +438,7 @@ func validateEqualArgs(expected, actual interface{}) error { // Same asserts that two pointers reference the same object. // -// assert.Same(t, ptr1, ptr2) +// assert.Same(t, ptr1, ptr2) // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -387,7 +458,7 @@ func Same(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) b // NotSame asserts that two pointers do not reference the same object. // -// assert.NotSame(t, ptr1, ptr2) +// assert.NotSame(t, ptr1, ptr2) // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -455,7 +526,7 @@ func truncatingFormat(data interface{}) string { // EqualValues asserts that two objects are equal or convertable to the same types // and equal. // -// assert.EqualValues(t, uint32(123), int32(123)) +// assert.EqualValues(t, uint32(123), int32(123)) func EqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -473,9 +544,53 @@ func EqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...interfa } +// EqualExportedValues asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// assert.EqualExportedValues(t, S{1, 2}, S{1, 3}) => true +// assert.EqualExportedValues(t, S{1, 2}, S{2, 3}) => false +func EqualExportedValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + aType := reflect.TypeOf(expected) + bType := reflect.TypeOf(actual) + + if aType != bType { + return Fail(t, fmt.Sprintf("Types expected to match exactly\n\t%v != %v", aType, bType), msgAndArgs...) + } + + if aType.Kind() != reflect.Struct { + return Fail(t, fmt.Sprintf("Types expected to both be struct \n\t%v != %v", aType.Kind(), reflect.Struct), msgAndArgs...) + } + + if bType.Kind() != reflect.Struct { + return Fail(t, fmt.Sprintf("Types expected to both be struct \n\t%v != %v", bType.Kind(), reflect.Struct), msgAndArgs...) + } + + expected = copyExportedFields(expected) + actual = copyExportedFields(actual) + + if !ObjectsAreEqualValues(expected, actual) { + diff := diff(expected, actual) + expected, actual = formatUnequalValues(expected, actual) + return Fail(t, fmt.Sprintf("Not equal (comparing only exported fields): \n"+ + "expected: %s\n"+ + "actual : %s%s", expected, actual, diff), msgAndArgs...) + } + + return true +} + // Exactly asserts that two objects are equal in value and type. // -// assert.Exactly(t, int32(123), int64(123)) +// assert.Exactly(t, int32(123), int64(123)) func Exactly(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -494,7 +609,7 @@ func Exactly(t TestingT, expected, actual interface{}, msgAndArgs ...interface{} // NotNil asserts that the specified object is not nil. // -// assert.NotNil(t, err) +// assert.NotNil(t, err) func NotNil(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { if !isNil(object) { return true @@ -540,7 +655,7 @@ func isNil(object interface{}) bool { // Nil asserts that the specified object is nil. // -// assert.Nil(t, err) +// assert.Nil(t, err) func Nil(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { if isNil(object) { return true @@ -583,7 +698,7 @@ func isEmpty(object interface{}) bool { // Empty asserts that the specified object is empty. I.e. nil, "", false, 0 or either // a slice or a channel with len == 0. // -// assert.Empty(t, obj) +// assert.Empty(t, obj) func Empty(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { pass := isEmpty(object) if !pass { @@ -600,9 +715,9 @@ func Empty(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { // NotEmpty asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either // a slice or a channel with len == 0. // -// if assert.NotEmpty(t, obj) { -// assert.Equal(t, "two", obj[1]) -// } +// if assert.NotEmpty(t, obj) { +// assert.Equal(t, "two", obj[1]) +// } func NotEmpty(t TestingT, object interface{}, msgAndArgs ...interface{}) bool { pass := !isEmpty(object) if !pass { @@ -631,7 +746,7 @@ func getLen(x interface{}) (ok bool, length int) { // Len asserts that the specified object has specific length. // Len also fails if the object has a type that len() not accept. // -// assert.Len(t, mySlice, 3) +// assert.Len(t, mySlice, 3) func Len(t TestingT, object interface{}, length int, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -649,7 +764,7 @@ func Len(t TestingT, object interface{}, length int, msgAndArgs ...interface{}) // True asserts that the specified value is true. // -// assert.True(t, myBool) +// assert.True(t, myBool) func True(t TestingT, value bool, msgAndArgs ...interface{}) bool { if !value { if h, ok := t.(tHelper); ok { @@ -664,7 +779,7 @@ func True(t TestingT, value bool, msgAndArgs ...interface{}) bool { // False asserts that the specified value is false. // -// assert.False(t, myBool) +// assert.False(t, myBool) func False(t TestingT, value bool, msgAndArgs ...interface{}) bool { if value { if h, ok := t.(tHelper); ok { @@ -679,7 +794,7 @@ func False(t TestingT, value bool, msgAndArgs ...interface{}) bool { // NotEqual asserts that the specified values are NOT equal. // -// assert.NotEqual(t, obj1, obj2) +// assert.NotEqual(t, obj1, obj2) // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). @@ -702,7 +817,7 @@ func NotEqual(t TestingT, expected, actual interface{}, msgAndArgs ...interface{ // NotEqualValues asserts that two objects are not equal even when converted to the same type // -// assert.NotEqualValues(t, obj1, obj2) +// assert.NotEqualValues(t, obj1, obj2) func NotEqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -761,9 +876,9 @@ func containsElement(list interface{}, element interface{}) (ok, found bool) { // Contains asserts that the specified string, list(array, slice...) or map contains the // specified substring or element. // -// assert.Contains(t, "Hello World", "World") -// assert.Contains(t, ["Hello", "World"], "World") -// assert.Contains(t, {"Hello": "World"}, "Hello") +// assert.Contains(t, "Hello World", "World") +// assert.Contains(t, ["Hello", "World"], "World") +// assert.Contains(t, {"Hello": "World"}, "Hello") func Contains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -784,9 +899,9 @@ func Contains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bo // NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the // specified substring or element. // -// assert.NotContains(t, "Hello World", "Earth") -// assert.NotContains(t, ["Hello", "World"], "Earth") -// assert.NotContains(t, {"Hello": "World"}, "Earth") +// assert.NotContains(t, "Hello World", "Earth") +// assert.NotContains(t, ["Hello", "World"], "Earth") +// assert.NotContains(t, {"Hello": "World"}, "Earth") func NotContains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -794,10 +909,10 @@ func NotContains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) ok, found := containsElement(s, contains) if !ok { - return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", s), msgAndArgs...) + return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", s), msgAndArgs...) } if found { - return Fail(t, fmt.Sprintf("\"%s\" should not contain \"%s\"", s, contains), msgAndArgs...) + return Fail(t, fmt.Sprintf("%#v should not contain %#v", s, contains), msgAndArgs...) } return true @@ -807,7 +922,7 @@ func NotContains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) // Subset asserts that the specified list(array, slice...) contains all // elements given in the specified subset(array, slice...). // -// assert.Subset(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]") +// assert.Subset(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]") func Subset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok bool) { if h, ok := t.(tHelper); ok { h.Helper() @@ -863,7 +978,7 @@ func Subset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok // NotSubset asserts that the specified list(array, slice...) contains not all // elements given in the specified subset(array, slice...). // -// assert.NotSubset(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]") +// assert.NotSubset(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]") func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok bool) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1048,7 +1163,7 @@ func didPanic(f PanicTestFunc) (didPanic bool, message interface{}, stack string // Panics asserts that the code inside the specified PanicTestFunc panics. // -// assert.Panics(t, func(){ GoCrazy() }) +// assert.Panics(t, func(){ GoCrazy() }) func Panics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1064,7 +1179,7 @@ func Panics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool { // PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that // the recovered panic value equals the expected panic value. // -// assert.PanicsWithValue(t, "crazy error", func(){ GoCrazy() }) +// assert.PanicsWithValue(t, "crazy error", func(){ GoCrazy() }) func PanicsWithValue(t TestingT, expected interface{}, f PanicTestFunc, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1085,7 +1200,7 @@ func PanicsWithValue(t TestingT, expected interface{}, f PanicTestFunc, msgAndAr // panics, and that the recovered panic value is an error that satisfies the // EqualError comparison. // -// assert.PanicsWithError(t, "crazy error", func(){ GoCrazy() }) +// assert.PanicsWithError(t, "crazy error", func(){ GoCrazy() }) func PanicsWithError(t TestingT, errString string, f PanicTestFunc, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1105,7 +1220,7 @@ func PanicsWithError(t TestingT, errString string, f PanicTestFunc, msgAndArgs . // NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic. // -// assert.NotPanics(t, func(){ RemainCalm() }) +// assert.NotPanics(t, func(){ RemainCalm() }) func NotPanics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1120,7 +1235,7 @@ func NotPanics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool { // WithinDuration asserts that the two times are within duration delta of each other. // -// assert.WithinDuration(t, time.Now(), time.Now(), 10*time.Second) +// assert.WithinDuration(t, time.Now(), time.Now(), 10*time.Second) func WithinDuration(t TestingT, expected, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1136,7 +1251,7 @@ func WithinDuration(t TestingT, expected, actual time.Time, delta time.Duration, // WithinRange asserts that a time is within a time range (inclusive). // -// assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +// assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) func WithinRange(t TestingT, actual, start, end time.Time, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1195,7 +1310,7 @@ func toFloat(x interface{}) (float64, bool) { // InDelta asserts that the two numerals are within delta of each other. // -// assert.InDelta(t, math.Pi, 22/7.0, 0.01) +// assert.InDelta(t, math.Pi, 22/7.0, 0.01) func InDelta(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1368,10 +1483,10 @@ func InEpsilonSlice(t TestingT, expected, actual interface{}, epsilon float64, m // NoError asserts that a function returned no error (i.e. `nil`). // -// actualObj, err := SomeFunction() -// if assert.NoError(t, err) { -// assert.Equal(t, expectedObj, actualObj) -// } +// actualObj, err := SomeFunction() +// if assert.NoError(t, err) { +// assert.Equal(t, expectedObj, actualObj) +// } func NoError(t TestingT, err error, msgAndArgs ...interface{}) bool { if err != nil { if h, ok := t.(tHelper); ok { @@ -1385,10 +1500,10 @@ func NoError(t TestingT, err error, msgAndArgs ...interface{}) bool { // Error asserts that a function returned an error (i.e. not `nil`). // -// actualObj, err := SomeFunction() -// if assert.Error(t, err) { -// assert.Equal(t, expectedError, err) -// } +// actualObj, err := SomeFunction() +// if assert.Error(t, err) { +// assert.Equal(t, expectedError, err) +// } func Error(t TestingT, err error, msgAndArgs ...interface{}) bool { if err == nil { if h, ok := t.(tHelper); ok { @@ -1403,8 +1518,8 @@ func Error(t TestingT, err error, msgAndArgs ...interface{}) bool { // EqualError asserts that a function returned an error (i.e. not `nil`) // and that it is equal to the provided error. // -// actualObj, err := SomeFunction() -// assert.EqualError(t, err, expectedErrorString) +// actualObj, err := SomeFunction() +// assert.EqualError(t, err, expectedErrorString) func EqualError(t TestingT, theError error, errString string, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1426,8 +1541,8 @@ func EqualError(t TestingT, theError error, errString string, msgAndArgs ...inte // ErrorContains asserts that a function returned an error (i.e. not `nil`) // and that the error contains the specified substring. // -// actualObj, err := SomeFunction() -// assert.ErrorContains(t, err, expectedErrorSubString) +// actualObj, err := SomeFunction() +// assert.ErrorContains(t, err, expectedErrorSubString) func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1460,8 +1575,8 @@ func matchRegexp(rx interface{}, str interface{}) bool { // Regexp asserts that a specified regexp matches a string. // -// assert.Regexp(t, regexp.MustCompile("start"), "it's starting") -// assert.Regexp(t, "start...$", "it's not starting") +// assert.Regexp(t, regexp.MustCompile("start"), "it's starting") +// assert.Regexp(t, "start...$", "it's not starting") func Regexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1478,8 +1593,8 @@ func Regexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface // NotRegexp asserts that a specified regexp does not match a string. // -// assert.NotRegexp(t, regexp.MustCompile("starts"), "it's starting") -// assert.NotRegexp(t, "^start", "it's not starting") +// assert.NotRegexp(t, regexp.MustCompile("starts"), "it's starting") +// assert.NotRegexp(t, "^start", "it's not starting") func NotRegexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1591,7 +1706,7 @@ func NoDirExists(t TestingT, path string, msgAndArgs ...interface{}) bool { // JSONEq asserts that two JSON strings are equivalent. // -// assert.JSONEq(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) +// assert.JSONEq(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) func JSONEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1714,7 +1829,7 @@ type tHelper interface { // Eventually asserts that given condition will be met in waitFor time, // periodically checking target function each tick. // -// assert.Eventually(t, func() bool { return true; }, time.Second, 10*time.Millisecond) +// assert.Eventually(t, func() bool { return true; }, time.Second, 10*time.Millisecond) func Eventually(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() @@ -1744,10 +1859,93 @@ func Eventually(t TestingT, condition func() bool, waitFor time.Duration, tick t } } +// CollectT implements the TestingT interface and collects all errors. +type CollectT struct { + errors []error +} + +// Errorf collects the error. +func (c *CollectT) Errorf(format string, args ...interface{}) { + c.errors = append(c.errors, fmt.Errorf(format, args...)) +} + +// FailNow panics. +func (c *CollectT) FailNow() { + panic("Assertion failed") +} + +// Reset clears the collected errors. +func (c *CollectT) Reset() { + c.errors = nil +} + +// Copy copies the collected errors to the supplied t. +func (c *CollectT) Copy(t TestingT) { + if tt, ok := t.(tHelper); ok { + tt.Helper() + } + for _, err := range c.errors { + t.Errorf("%v", err) + } +} + +// EventuallyWithT asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// assert.EventuallyWithT(t, func(c *assert.CollectT) { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func EventuallyWithT(t TestingT, condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { + if h, ok := t.(tHelper); ok { + h.Helper() + } + + collect := new(CollectT) + ch := make(chan bool, 1) + + timer := time.NewTimer(waitFor) + defer timer.Stop() + + ticker := time.NewTicker(tick) + defer ticker.Stop() + + for tick := ticker.C; ; { + select { + case <-timer.C: + collect.Copy(t) + return Fail(t, "Condition never satisfied", msgAndArgs...) + case <-tick: + tick = nil + collect.Reset() + go func() { + condition(collect) + ch <- len(collect.errors) == 0 + }() + case v := <-ch: + if v { + return true + } + tick = ticker.C + } + } +} + // Never asserts that the given condition doesn't satisfy in waitFor time, // periodically checking the target function each tick. // -// assert.Never(t, func() bool { return false; }, time.Second, 10*time.Millisecond) +// assert.Never(t, func() bool { return false; }, time.Second, 10*time.Millisecond) func Never(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool { if h, ok := t.(tHelper); ok { h.Helper() diff --git a/vendor/github.com/stretchr/testify/assert/doc.go b/vendor/github.com/stretchr/testify/assert/doc.go index c9dccc4d6..4953981d3 100644 --- a/vendor/github.com/stretchr/testify/assert/doc.go +++ b/vendor/github.com/stretchr/testify/assert/doc.go @@ -1,39 +1,40 @@ // Package assert provides a set of comprehensive testing tools for use with the normal Go testing system. // -// Example Usage +// # Example Usage // // The following is a complete example using assert in a standard test function: -// import ( -// "testing" -// "github.com/stretchr/testify/assert" -// ) // -// func TestSomething(t *testing.T) { +// import ( +// "testing" +// "github.com/stretchr/testify/assert" +// ) // -// var a string = "Hello" -// var b string = "Hello" +// func TestSomething(t *testing.T) { // -// assert.Equal(t, a, b, "The two words should be the same.") +// var a string = "Hello" +// var b string = "Hello" // -// } +// assert.Equal(t, a, b, "The two words should be the same.") +// +// } // // if you assert many times, use the format below: // -// import ( -// "testing" -// "github.com/stretchr/testify/assert" -// ) +// import ( +// "testing" +// "github.com/stretchr/testify/assert" +// ) // -// func TestSomething(t *testing.T) { -// assert := assert.New(t) +// func TestSomething(t *testing.T) { +// assert := assert.New(t) // -// var a string = "Hello" -// var b string = "Hello" +// var a string = "Hello" +// var b string = "Hello" // -// assert.Equal(a, b, "The two words should be the same.") -// } +// assert.Equal(a, b, "The two words should be the same.") +// } // -// Assertions +// # Assertions // // Assertions allow you to easily write test code, and are global funcs in the `assert` package. // All assertion functions take, as the first argument, the `*testing.T` object provided by the diff --git a/vendor/github.com/stretchr/testify/assert/http_assertions.go b/vendor/github.com/stretchr/testify/assert/http_assertions.go index 4ed341dd2..d8038c28a 100644 --- a/vendor/github.com/stretchr/testify/assert/http_assertions.go +++ b/vendor/github.com/stretchr/testify/assert/http_assertions.go @@ -23,7 +23,7 @@ func httpCode(handler http.HandlerFunc, method, url string, values url.Values) ( // HTTPSuccess asserts that a specified handler returns a success status code. // -// assert.HTTPSuccess(t, myHandler, "POST", "http://www.google.com", nil) +// assert.HTTPSuccess(t, myHandler, "POST", "http://www.google.com", nil) // // Returns whether the assertion was successful (true) or not (false). func HTTPSuccess(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool { @@ -45,7 +45,7 @@ func HTTPSuccess(t TestingT, handler http.HandlerFunc, method, url string, value // HTTPRedirect asserts that a specified handler returns a redirect status code. // -// assert.HTTPRedirect(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// assert.HTTPRedirect(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func HTTPRedirect(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool { @@ -67,7 +67,7 @@ func HTTPRedirect(t TestingT, handler http.HandlerFunc, method, url string, valu // HTTPError asserts that a specified handler returns an error status code. // -// assert.HTTPError(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// assert.HTTPError(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func HTTPError(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool { @@ -89,7 +89,7 @@ func HTTPError(t TestingT, handler http.HandlerFunc, method, url string, values // HTTPStatusCode asserts that a specified handler returns a specified status code. // -// assert.HTTPStatusCode(t, myHandler, "GET", "/notImplemented", nil, 501) +// assert.HTTPStatusCode(t, myHandler, "GET", "/notImplemented", nil, 501) // // Returns whether the assertion was successful (true) or not (false). func HTTPStatusCode(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) bool { @@ -124,7 +124,7 @@ func HTTPBody(handler http.HandlerFunc, method, url string, values url.Values) s // HTTPBodyContains asserts that a specified handler returns a // body that contains a string. // -// assert.HTTPBodyContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// assert.HTTPBodyContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") // // Returns whether the assertion was successful (true) or not (false). func HTTPBodyContains(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool { @@ -144,7 +144,7 @@ func HTTPBodyContains(t TestingT, handler http.HandlerFunc, method, url string, // HTTPBodyNotContains asserts that a specified handler returns a // body that does not contain a string. // -// assert.HTTPBodyNotContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// assert.HTTPBodyNotContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") // // Returns whether the assertion was successful (true) or not (false). func HTTPBodyNotContains(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool { diff --git a/vendor/github.com/stretchr/testify/require/doc.go b/vendor/github.com/stretchr/testify/require/doc.go index 169de3922..968434724 100644 --- a/vendor/github.com/stretchr/testify/require/doc.go +++ b/vendor/github.com/stretchr/testify/require/doc.go @@ -1,24 +1,25 @@ // Package require implements the same assertions as the `assert` package but // stops test execution when a test fails. // -// Example Usage +// # Example Usage // // The following is a complete example using require in a standard test function: -// import ( -// "testing" -// "github.com/stretchr/testify/require" -// ) // -// func TestSomething(t *testing.T) { +// import ( +// "testing" +// "github.com/stretchr/testify/require" +// ) // -// var a string = "Hello" -// var b string = "Hello" +// func TestSomething(t *testing.T) { // -// require.Equal(t, a, b, "The two words should be the same.") +// var a string = "Hello" +// var b string = "Hello" // -// } +// require.Equal(t, a, b, "The two words should be the same.") // -// Assertions +// } +// +// # Assertions // // The `require` package have same global functions as in the `assert` package, // but instead of returning a boolean result they call `t.FailNow()`. diff --git a/vendor/github.com/stretchr/testify/require/require.go b/vendor/github.com/stretchr/testify/require/require.go index 880853f5a..63f852147 100644 --- a/vendor/github.com/stretchr/testify/require/require.go +++ b/vendor/github.com/stretchr/testify/require/require.go @@ -37,9 +37,9 @@ func Conditionf(t TestingT, comp assert.Comparison, msg string, args ...interfac // Contains asserts that the specified string, list(array, slice...) or map contains the // specified substring or element. // -// assert.Contains(t, "Hello World", "World") -// assert.Contains(t, ["Hello", "World"], "World") -// assert.Contains(t, {"Hello": "World"}, "Hello") +// assert.Contains(t, "Hello World", "World") +// assert.Contains(t, ["Hello", "World"], "World") +// assert.Contains(t, {"Hello": "World"}, "Hello") func Contains(t TestingT, s interface{}, contains interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -53,9 +53,9 @@ func Contains(t TestingT, s interface{}, contains interface{}, msgAndArgs ...int // Containsf asserts that the specified string, list(array, slice...) or map contains the // specified substring or element. // -// assert.Containsf(t, "Hello World", "World", "error message %s", "formatted") -// assert.Containsf(t, ["Hello", "World"], "World", "error message %s", "formatted") -// assert.Containsf(t, {"Hello": "World"}, "Hello", "error message %s", "formatted") +// assert.Containsf(t, "Hello World", "World", "error message %s", "formatted") +// assert.Containsf(t, ["Hello", "World"], "World", "error message %s", "formatted") +// assert.Containsf(t, {"Hello": "World"}, "Hello", "error message %s", "formatted") func Containsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -123,7 +123,7 @@ func ElementsMatchf(t TestingT, listA interface{}, listB interface{}, msg string // Empty asserts that the specified object is empty. I.e. nil, "", false, 0 or either // a slice or a channel with len == 0. // -// assert.Empty(t, obj) +// assert.Empty(t, obj) func Empty(t TestingT, object interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -137,7 +137,7 @@ func Empty(t TestingT, object interface{}, msgAndArgs ...interface{}) { // Emptyf asserts that the specified object is empty. I.e. nil, "", false, 0 or either // a slice or a channel with len == 0. // -// assert.Emptyf(t, obj, "error message %s", "formatted") +// assert.Emptyf(t, obj, "error message %s", "formatted") func Emptyf(t TestingT, object interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -150,7 +150,7 @@ func Emptyf(t TestingT, object interface{}, msg string, args ...interface{}) { // Equal asserts that two objects are equal. // -// assert.Equal(t, 123, 123) +// assert.Equal(t, 123, 123) // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). Function equality @@ -168,8 +168,8 @@ func Equal(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...i // EqualError asserts that a function returned an error (i.e. not `nil`) // and that it is equal to the provided error. // -// actualObj, err := SomeFunction() -// assert.EqualError(t, err, expectedErrorString) +// actualObj, err := SomeFunction() +// assert.EqualError(t, err, expectedErrorString) func EqualError(t TestingT, theError error, errString string, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -183,8 +183,8 @@ func EqualError(t TestingT, theError error, errString string, msgAndArgs ...inte // EqualErrorf asserts that a function returned an error (i.e. not `nil`) // and that it is equal to the provided error. // -// actualObj, err := SomeFunction() -// assert.EqualErrorf(t, err, expectedErrorString, "error message %s", "formatted") +// actualObj, err := SomeFunction() +// assert.EqualErrorf(t, err, expectedErrorString, "error message %s", "formatted") func EqualErrorf(t TestingT, theError error, errString string, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -195,10 +195,50 @@ func EqualErrorf(t TestingT, theError error, errString string, msg string, args t.FailNow() } +// EqualExportedValues asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// assert.EqualExportedValues(t, S{1, 2}, S{1, 3}) => true +// assert.EqualExportedValues(t, S{1, 2}, S{2, 3}) => false +func EqualExportedValues(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if assert.EqualExportedValues(t, expected, actual, msgAndArgs...) { + return + } + t.FailNow() +} + +// EqualExportedValuesf asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// assert.EqualExportedValuesf(t, S{1, 2}, S{1, 3}, "error message %s", "formatted") => true +// assert.EqualExportedValuesf(t, S{1, 2}, S{2, 3}, "error message %s", "formatted") => false +func EqualExportedValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if assert.EqualExportedValuesf(t, expected, actual, msg, args...) { + return + } + t.FailNow() +} + // EqualValues asserts that two objects are equal or convertable to the same types // and equal. // -// assert.EqualValues(t, uint32(123), int32(123)) +// assert.EqualValues(t, uint32(123), int32(123)) func EqualValues(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -212,7 +252,7 @@ func EqualValues(t TestingT, expected interface{}, actual interface{}, msgAndArg // EqualValuesf asserts that two objects are equal or convertable to the same types // and equal. // -// assert.EqualValuesf(t, uint32(123), int32(123), "error message %s", "formatted") +// assert.EqualValuesf(t, uint32(123), int32(123), "error message %s", "formatted") func EqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -225,7 +265,7 @@ func EqualValuesf(t TestingT, expected interface{}, actual interface{}, msg stri // Equalf asserts that two objects are equal. // -// assert.Equalf(t, 123, 123, "error message %s", "formatted") +// assert.Equalf(t, 123, 123, "error message %s", "formatted") // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). Function equality @@ -242,10 +282,10 @@ func Equalf(t TestingT, expected interface{}, actual interface{}, msg string, ar // Error asserts that a function returned an error (i.e. not `nil`). // -// actualObj, err := SomeFunction() -// if assert.Error(t, err) { -// assert.Equal(t, expectedError, err) -// } +// actualObj, err := SomeFunction() +// if assert.Error(t, err) { +// assert.Equal(t, expectedError, err) +// } func Error(t TestingT, err error, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -283,8 +323,8 @@ func ErrorAsf(t TestingT, err error, target interface{}, msg string, args ...int // ErrorContains asserts that a function returned an error (i.e. not `nil`) // and that the error contains the specified substring. // -// actualObj, err := SomeFunction() -// assert.ErrorContains(t, err, expectedErrorSubString) +// actualObj, err := SomeFunction() +// assert.ErrorContains(t, err, expectedErrorSubString) func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -298,8 +338,8 @@ func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...in // ErrorContainsf asserts that a function returned an error (i.e. not `nil`) // and that the error contains the specified substring. // -// actualObj, err := SomeFunction() -// assert.ErrorContainsf(t, err, expectedErrorSubString, "error message %s", "formatted") +// actualObj, err := SomeFunction() +// assert.ErrorContainsf(t, err, expectedErrorSubString, "error message %s", "formatted") func ErrorContainsf(t TestingT, theError error, contains string, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -336,10 +376,10 @@ func ErrorIsf(t TestingT, err error, target error, msg string, args ...interface // Errorf asserts that a function returned an error (i.e. not `nil`). // -// actualObj, err := SomeFunction() -// if assert.Errorf(t, err, "error message %s", "formatted") { -// assert.Equal(t, expectedErrorf, err) -// } +// actualObj, err := SomeFunction() +// if assert.Errorf(t, err, "error message %s", "formatted") { +// assert.Equal(t, expectedErrorf, err) +// } func Errorf(t TestingT, err error, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -353,7 +393,7 @@ func Errorf(t TestingT, err error, msg string, args ...interface{}) { // Eventually asserts that given condition will be met in waitFor time, // periodically checking target function each tick. // -// assert.Eventually(t, func() bool { return true; }, time.Second, 10*time.Millisecond) +// assert.Eventually(t, func() bool { return true; }, time.Second, 10*time.Millisecond) func Eventually(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -364,10 +404,66 @@ func Eventually(t TestingT, condition func() bool, waitFor time.Duration, tick t t.FailNow() } +// EventuallyWithT asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// assert.EventuallyWithT(t, func(c *assert.CollectT) { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func EventuallyWithT(t TestingT, condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if assert.EventuallyWithT(t, condition, waitFor, tick, msgAndArgs...) { + return + } + t.FailNow() +} + +// EventuallyWithTf asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// assert.EventuallyWithTf(t, func(c *assert.CollectT, "error message %s", "formatted") { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func EventuallyWithTf(t TestingT, condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) { + if h, ok := t.(tHelper); ok { + h.Helper() + } + if assert.EventuallyWithTf(t, condition, waitFor, tick, msg, args...) { + return + } + t.FailNow() +} + // Eventuallyf asserts that given condition will be met in waitFor time, // periodically checking target function each tick. // -// assert.Eventuallyf(t, func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +// assert.Eventuallyf(t, func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") func Eventuallyf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -380,7 +476,7 @@ func Eventuallyf(t TestingT, condition func() bool, waitFor time.Duration, tick // Exactly asserts that two objects are equal in value and type. // -// assert.Exactly(t, int32(123), int64(123)) +// assert.Exactly(t, int32(123), int64(123)) func Exactly(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -393,7 +489,7 @@ func Exactly(t TestingT, expected interface{}, actual interface{}, msgAndArgs .. // Exactlyf asserts that two objects are equal in value and type. // -// assert.Exactlyf(t, int32(123), int64(123), "error message %s", "formatted") +// assert.Exactlyf(t, int32(123), int64(123), "error message %s", "formatted") func Exactlyf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -450,7 +546,7 @@ func Failf(t TestingT, failureMessage string, msg string, args ...interface{}) { // False asserts that the specified value is false. // -// assert.False(t, myBool) +// assert.False(t, myBool) func False(t TestingT, value bool, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -463,7 +559,7 @@ func False(t TestingT, value bool, msgAndArgs ...interface{}) { // Falsef asserts that the specified value is false. // -// assert.Falsef(t, myBool, "error message %s", "formatted") +// assert.Falsef(t, myBool, "error message %s", "formatted") func Falsef(t TestingT, value bool, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -500,9 +596,9 @@ func FileExistsf(t TestingT, path string, msg string, args ...interface{}) { // Greater asserts that the first element is greater than the second // -// assert.Greater(t, 2, 1) -// assert.Greater(t, float64(2), float64(1)) -// assert.Greater(t, "b", "a") +// assert.Greater(t, 2, 1) +// assert.Greater(t, float64(2), float64(1)) +// assert.Greater(t, "b", "a") func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -515,10 +611,10 @@ func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface // GreaterOrEqual asserts that the first element is greater than or equal to the second // -// assert.GreaterOrEqual(t, 2, 1) -// assert.GreaterOrEqual(t, 2, 2) -// assert.GreaterOrEqual(t, "b", "a") -// assert.GreaterOrEqual(t, "b", "b") +// assert.GreaterOrEqual(t, 2, 1) +// assert.GreaterOrEqual(t, 2, 2) +// assert.GreaterOrEqual(t, "b", "a") +// assert.GreaterOrEqual(t, "b", "b") func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -531,10 +627,10 @@ func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...in // GreaterOrEqualf asserts that the first element is greater than or equal to the second // -// assert.GreaterOrEqualf(t, 2, 1, "error message %s", "formatted") -// assert.GreaterOrEqualf(t, 2, 2, "error message %s", "formatted") -// assert.GreaterOrEqualf(t, "b", "a", "error message %s", "formatted") -// assert.GreaterOrEqualf(t, "b", "b", "error message %s", "formatted") +// assert.GreaterOrEqualf(t, 2, 1, "error message %s", "formatted") +// assert.GreaterOrEqualf(t, 2, 2, "error message %s", "formatted") +// assert.GreaterOrEqualf(t, "b", "a", "error message %s", "formatted") +// assert.GreaterOrEqualf(t, "b", "b", "error message %s", "formatted") func GreaterOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -547,9 +643,9 @@ func GreaterOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, arg // Greaterf asserts that the first element is greater than the second // -// assert.Greaterf(t, 2, 1, "error message %s", "formatted") -// assert.Greaterf(t, float64(2), float64(1), "error message %s", "formatted") -// assert.Greaterf(t, "b", "a", "error message %s", "formatted") +// assert.Greaterf(t, 2, 1, "error message %s", "formatted") +// assert.Greaterf(t, float64(2), float64(1), "error message %s", "formatted") +// assert.Greaterf(t, "b", "a", "error message %s", "formatted") func Greaterf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -563,7 +659,7 @@ func Greaterf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...in // HTTPBodyContains asserts that a specified handler returns a // body that contains a string. // -// assert.HTTPBodyContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// assert.HTTPBodyContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") // // Returns whether the assertion was successful (true) or not (false). func HTTPBodyContains(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) { @@ -579,7 +675,7 @@ func HTTPBodyContains(t TestingT, handler http.HandlerFunc, method string, url s // HTTPBodyContainsf asserts that a specified handler returns a // body that contains a string. // -// assert.HTTPBodyContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// assert.HTTPBodyContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func HTTPBodyContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) { @@ -595,7 +691,7 @@ func HTTPBodyContainsf(t TestingT, handler http.HandlerFunc, method string, url // HTTPBodyNotContains asserts that a specified handler returns a // body that does not contain a string. // -// assert.HTTPBodyNotContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// assert.HTTPBodyNotContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") // // Returns whether the assertion was successful (true) or not (false). func HTTPBodyNotContains(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) { @@ -611,7 +707,7 @@ func HTTPBodyNotContains(t TestingT, handler http.HandlerFunc, method string, ur // HTTPBodyNotContainsf asserts that a specified handler returns a // body that does not contain a string. // -// assert.HTTPBodyNotContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// assert.HTTPBodyNotContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func HTTPBodyNotContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) { @@ -626,7 +722,7 @@ func HTTPBodyNotContainsf(t TestingT, handler http.HandlerFunc, method string, u // HTTPError asserts that a specified handler returns an error status code. // -// assert.HTTPError(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// assert.HTTPError(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func HTTPError(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) { @@ -641,7 +737,7 @@ func HTTPError(t TestingT, handler http.HandlerFunc, method string, url string, // HTTPErrorf asserts that a specified handler returns an error status code. // -// assert.HTTPErrorf(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// assert.HTTPErrorf(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func HTTPErrorf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) { @@ -656,7 +752,7 @@ func HTTPErrorf(t TestingT, handler http.HandlerFunc, method string, url string, // HTTPRedirect asserts that a specified handler returns a redirect status code. // -// assert.HTTPRedirect(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// assert.HTTPRedirect(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func HTTPRedirect(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) { @@ -671,7 +767,7 @@ func HTTPRedirect(t TestingT, handler http.HandlerFunc, method string, url strin // HTTPRedirectf asserts that a specified handler returns a redirect status code. // -// assert.HTTPRedirectf(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// assert.HTTPRedirectf(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func HTTPRedirectf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) { @@ -686,7 +782,7 @@ func HTTPRedirectf(t TestingT, handler http.HandlerFunc, method string, url stri // HTTPStatusCode asserts that a specified handler returns a specified status code. // -// assert.HTTPStatusCode(t, myHandler, "GET", "/notImplemented", nil, 501) +// assert.HTTPStatusCode(t, myHandler, "GET", "/notImplemented", nil, 501) // // Returns whether the assertion was successful (true) or not (false). func HTTPStatusCode(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) { @@ -701,7 +797,7 @@ func HTTPStatusCode(t TestingT, handler http.HandlerFunc, method string, url str // HTTPStatusCodef asserts that a specified handler returns a specified status code. // -// assert.HTTPStatusCodef(t, myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") +// assert.HTTPStatusCodef(t, myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func HTTPStatusCodef(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) { @@ -716,7 +812,7 @@ func HTTPStatusCodef(t TestingT, handler http.HandlerFunc, method string, url st // HTTPSuccess asserts that a specified handler returns a success status code. // -// assert.HTTPSuccess(t, myHandler, "POST", "http://www.google.com", nil) +// assert.HTTPSuccess(t, myHandler, "POST", "http://www.google.com", nil) // // Returns whether the assertion was successful (true) or not (false). func HTTPSuccess(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) { @@ -731,7 +827,7 @@ func HTTPSuccess(t TestingT, handler http.HandlerFunc, method string, url string // HTTPSuccessf asserts that a specified handler returns a success status code. // -// assert.HTTPSuccessf(t, myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") +// assert.HTTPSuccessf(t, myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func HTTPSuccessf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) { @@ -746,7 +842,7 @@ func HTTPSuccessf(t TestingT, handler http.HandlerFunc, method string, url strin // Implements asserts that an object is implemented by the specified interface. // -// assert.Implements(t, (*MyInterface)(nil), new(MyObject)) +// assert.Implements(t, (*MyInterface)(nil), new(MyObject)) func Implements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -759,7 +855,7 @@ func Implements(t TestingT, interfaceObject interface{}, object interface{}, msg // Implementsf asserts that an object is implemented by the specified interface. // -// assert.Implementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted") +// assert.Implementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted") func Implementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -772,7 +868,7 @@ func Implementsf(t TestingT, interfaceObject interface{}, object interface{}, ms // InDelta asserts that the two numerals are within delta of each other. // -// assert.InDelta(t, math.Pi, 22/7.0, 0.01) +// assert.InDelta(t, math.Pi, 22/7.0, 0.01) func InDelta(t TestingT, expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -829,7 +925,7 @@ func InDeltaSlicef(t TestingT, expected interface{}, actual interface{}, delta f // InDeltaf asserts that the two numerals are within delta of each other. // -// assert.InDeltaf(t, math.Pi, 22/7.0, 0.01, "error message %s", "formatted") +// assert.InDeltaf(t, math.Pi, 22/7.0, 0.01, "error message %s", "formatted") func InDeltaf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -886,9 +982,9 @@ func InEpsilonf(t TestingT, expected interface{}, actual interface{}, epsilon fl // IsDecreasing asserts that the collection is decreasing // -// assert.IsDecreasing(t, []int{2, 1, 0}) -// assert.IsDecreasing(t, []float{2, 1}) -// assert.IsDecreasing(t, []string{"b", "a"}) +// assert.IsDecreasing(t, []int{2, 1, 0}) +// assert.IsDecreasing(t, []float{2, 1}) +// assert.IsDecreasing(t, []string{"b", "a"}) func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -901,9 +997,9 @@ func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) { // IsDecreasingf asserts that the collection is decreasing // -// assert.IsDecreasingf(t, []int{2, 1, 0}, "error message %s", "formatted") -// assert.IsDecreasingf(t, []float{2, 1}, "error message %s", "formatted") -// assert.IsDecreasingf(t, []string{"b", "a"}, "error message %s", "formatted") +// assert.IsDecreasingf(t, []int{2, 1, 0}, "error message %s", "formatted") +// assert.IsDecreasingf(t, []float{2, 1}, "error message %s", "formatted") +// assert.IsDecreasingf(t, []string{"b", "a"}, "error message %s", "formatted") func IsDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -916,9 +1012,9 @@ func IsDecreasingf(t TestingT, object interface{}, msg string, args ...interface // IsIncreasing asserts that the collection is increasing // -// assert.IsIncreasing(t, []int{1, 2, 3}) -// assert.IsIncreasing(t, []float{1, 2}) -// assert.IsIncreasing(t, []string{"a", "b"}) +// assert.IsIncreasing(t, []int{1, 2, 3}) +// assert.IsIncreasing(t, []float{1, 2}) +// assert.IsIncreasing(t, []string{"a", "b"}) func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -931,9 +1027,9 @@ func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) { // IsIncreasingf asserts that the collection is increasing // -// assert.IsIncreasingf(t, []int{1, 2, 3}, "error message %s", "formatted") -// assert.IsIncreasingf(t, []float{1, 2}, "error message %s", "formatted") -// assert.IsIncreasingf(t, []string{"a", "b"}, "error message %s", "formatted") +// assert.IsIncreasingf(t, []int{1, 2, 3}, "error message %s", "formatted") +// assert.IsIncreasingf(t, []float{1, 2}, "error message %s", "formatted") +// assert.IsIncreasingf(t, []string{"a", "b"}, "error message %s", "formatted") func IsIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -946,9 +1042,9 @@ func IsIncreasingf(t TestingT, object interface{}, msg string, args ...interface // IsNonDecreasing asserts that the collection is not decreasing // -// assert.IsNonDecreasing(t, []int{1, 1, 2}) -// assert.IsNonDecreasing(t, []float{1, 2}) -// assert.IsNonDecreasing(t, []string{"a", "b"}) +// assert.IsNonDecreasing(t, []int{1, 1, 2}) +// assert.IsNonDecreasing(t, []float{1, 2}) +// assert.IsNonDecreasing(t, []string{"a", "b"}) func IsNonDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -961,9 +1057,9 @@ func IsNonDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) // IsNonDecreasingf asserts that the collection is not decreasing // -// assert.IsNonDecreasingf(t, []int{1, 1, 2}, "error message %s", "formatted") -// assert.IsNonDecreasingf(t, []float{1, 2}, "error message %s", "formatted") -// assert.IsNonDecreasingf(t, []string{"a", "b"}, "error message %s", "formatted") +// assert.IsNonDecreasingf(t, []int{1, 1, 2}, "error message %s", "formatted") +// assert.IsNonDecreasingf(t, []float{1, 2}, "error message %s", "formatted") +// assert.IsNonDecreasingf(t, []string{"a", "b"}, "error message %s", "formatted") func IsNonDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -976,9 +1072,9 @@ func IsNonDecreasingf(t TestingT, object interface{}, msg string, args ...interf // IsNonIncreasing asserts that the collection is not increasing // -// assert.IsNonIncreasing(t, []int{2, 1, 1}) -// assert.IsNonIncreasing(t, []float{2, 1}) -// assert.IsNonIncreasing(t, []string{"b", "a"}) +// assert.IsNonIncreasing(t, []int{2, 1, 1}) +// assert.IsNonIncreasing(t, []float{2, 1}) +// assert.IsNonIncreasing(t, []string{"b", "a"}) func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -991,9 +1087,9 @@ func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) // IsNonIncreasingf asserts that the collection is not increasing // -// assert.IsNonIncreasingf(t, []int{2, 1, 1}, "error message %s", "formatted") -// assert.IsNonIncreasingf(t, []float{2, 1}, "error message %s", "formatted") -// assert.IsNonIncreasingf(t, []string{"b", "a"}, "error message %s", "formatted") +// assert.IsNonIncreasingf(t, []int{2, 1, 1}, "error message %s", "formatted") +// assert.IsNonIncreasingf(t, []float{2, 1}, "error message %s", "formatted") +// assert.IsNonIncreasingf(t, []string{"b", "a"}, "error message %s", "formatted") func IsNonIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1028,7 +1124,7 @@ func IsTypef(t TestingT, expectedType interface{}, object interface{}, msg strin // JSONEq asserts that two JSON strings are equivalent. // -// assert.JSONEq(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) +// assert.JSONEq(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) func JSONEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1041,7 +1137,7 @@ func JSONEq(t TestingT, expected string, actual string, msgAndArgs ...interface{ // JSONEqf asserts that two JSON strings are equivalent. // -// assert.JSONEqf(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") +// assert.JSONEqf(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") func JSONEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1055,7 +1151,7 @@ func JSONEqf(t TestingT, expected string, actual string, msg string, args ...int // Len asserts that the specified object has specific length. // Len also fails if the object has a type that len() not accept. // -// assert.Len(t, mySlice, 3) +// assert.Len(t, mySlice, 3) func Len(t TestingT, object interface{}, length int, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1069,7 +1165,7 @@ func Len(t TestingT, object interface{}, length int, msgAndArgs ...interface{}) // Lenf asserts that the specified object has specific length. // Lenf also fails if the object has a type that len() not accept. // -// assert.Lenf(t, mySlice, 3, "error message %s", "formatted") +// assert.Lenf(t, mySlice, 3, "error message %s", "formatted") func Lenf(t TestingT, object interface{}, length int, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1082,9 +1178,9 @@ func Lenf(t TestingT, object interface{}, length int, msg string, args ...interf // Less asserts that the first element is less than the second // -// assert.Less(t, 1, 2) -// assert.Less(t, float64(1), float64(2)) -// assert.Less(t, "a", "b") +// assert.Less(t, 1, 2) +// assert.Less(t, float64(1), float64(2)) +// assert.Less(t, "a", "b") func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1097,10 +1193,10 @@ func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) // LessOrEqual asserts that the first element is less than or equal to the second // -// assert.LessOrEqual(t, 1, 2) -// assert.LessOrEqual(t, 2, 2) -// assert.LessOrEqual(t, "a", "b") -// assert.LessOrEqual(t, "b", "b") +// assert.LessOrEqual(t, 1, 2) +// assert.LessOrEqual(t, 2, 2) +// assert.LessOrEqual(t, "a", "b") +// assert.LessOrEqual(t, "b", "b") func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1113,10 +1209,10 @@ func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...inter // LessOrEqualf asserts that the first element is less than or equal to the second // -// assert.LessOrEqualf(t, 1, 2, "error message %s", "formatted") -// assert.LessOrEqualf(t, 2, 2, "error message %s", "formatted") -// assert.LessOrEqualf(t, "a", "b", "error message %s", "formatted") -// assert.LessOrEqualf(t, "b", "b", "error message %s", "formatted") +// assert.LessOrEqualf(t, 1, 2, "error message %s", "formatted") +// assert.LessOrEqualf(t, 2, 2, "error message %s", "formatted") +// assert.LessOrEqualf(t, "a", "b", "error message %s", "formatted") +// assert.LessOrEqualf(t, "b", "b", "error message %s", "formatted") func LessOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1129,9 +1225,9 @@ func LessOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args . // Lessf asserts that the first element is less than the second // -// assert.Lessf(t, 1, 2, "error message %s", "formatted") -// assert.Lessf(t, float64(1), float64(2), "error message %s", "formatted") -// assert.Lessf(t, "a", "b", "error message %s", "formatted") +// assert.Lessf(t, 1, 2, "error message %s", "formatted") +// assert.Lessf(t, float64(1), float64(2), "error message %s", "formatted") +// assert.Lessf(t, "a", "b", "error message %s", "formatted") func Lessf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1144,8 +1240,8 @@ func Lessf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...inter // Negative asserts that the specified element is negative // -// assert.Negative(t, -1) -// assert.Negative(t, -1.23) +// assert.Negative(t, -1) +// assert.Negative(t, -1.23) func Negative(t TestingT, e interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1158,8 +1254,8 @@ func Negative(t TestingT, e interface{}, msgAndArgs ...interface{}) { // Negativef asserts that the specified element is negative // -// assert.Negativef(t, -1, "error message %s", "formatted") -// assert.Negativef(t, -1.23, "error message %s", "formatted") +// assert.Negativef(t, -1, "error message %s", "formatted") +// assert.Negativef(t, -1.23, "error message %s", "formatted") func Negativef(t TestingT, e interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1173,7 +1269,7 @@ func Negativef(t TestingT, e interface{}, msg string, args ...interface{}) { // Never asserts that the given condition doesn't satisfy in waitFor time, // periodically checking the target function each tick. // -// assert.Never(t, func() bool { return false; }, time.Second, 10*time.Millisecond) +// assert.Never(t, func() bool { return false; }, time.Second, 10*time.Millisecond) func Never(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1187,7 +1283,7 @@ func Never(t TestingT, condition func() bool, waitFor time.Duration, tick time.D // Neverf asserts that the given condition doesn't satisfy in waitFor time, // periodically checking the target function each tick. // -// assert.Neverf(t, func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +// assert.Neverf(t, func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") func Neverf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1200,7 +1296,7 @@ func Neverf(t TestingT, condition func() bool, waitFor time.Duration, tick time. // Nil asserts that the specified object is nil. // -// assert.Nil(t, err) +// assert.Nil(t, err) func Nil(t TestingT, object interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1213,7 +1309,7 @@ func Nil(t TestingT, object interface{}, msgAndArgs ...interface{}) { // Nilf asserts that the specified object is nil. // -// assert.Nilf(t, err, "error message %s", "formatted") +// assert.Nilf(t, err, "error message %s", "formatted") func Nilf(t TestingT, object interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1250,10 +1346,10 @@ func NoDirExistsf(t TestingT, path string, msg string, args ...interface{}) { // NoError asserts that a function returned no error (i.e. `nil`). // -// actualObj, err := SomeFunction() -// if assert.NoError(t, err) { -// assert.Equal(t, expectedObj, actualObj) -// } +// actualObj, err := SomeFunction() +// if assert.NoError(t, err) { +// assert.Equal(t, expectedObj, actualObj) +// } func NoError(t TestingT, err error, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1266,10 +1362,10 @@ func NoError(t TestingT, err error, msgAndArgs ...interface{}) { // NoErrorf asserts that a function returned no error (i.e. `nil`). // -// actualObj, err := SomeFunction() -// if assert.NoErrorf(t, err, "error message %s", "formatted") { -// assert.Equal(t, expectedObj, actualObj) -// } +// actualObj, err := SomeFunction() +// if assert.NoErrorf(t, err, "error message %s", "formatted") { +// assert.Equal(t, expectedObj, actualObj) +// } func NoErrorf(t TestingT, err error, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1307,9 +1403,9 @@ func NoFileExistsf(t TestingT, path string, msg string, args ...interface{}) { // NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the // specified substring or element. // -// assert.NotContains(t, "Hello World", "Earth") -// assert.NotContains(t, ["Hello", "World"], "Earth") -// assert.NotContains(t, {"Hello": "World"}, "Earth") +// assert.NotContains(t, "Hello World", "Earth") +// assert.NotContains(t, ["Hello", "World"], "Earth") +// assert.NotContains(t, {"Hello": "World"}, "Earth") func NotContains(t TestingT, s interface{}, contains interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1323,9 +1419,9 @@ func NotContains(t TestingT, s interface{}, contains interface{}, msgAndArgs ... // NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the // specified substring or element. // -// assert.NotContainsf(t, "Hello World", "Earth", "error message %s", "formatted") -// assert.NotContainsf(t, ["Hello", "World"], "Earth", "error message %s", "formatted") -// assert.NotContainsf(t, {"Hello": "World"}, "Earth", "error message %s", "formatted") +// assert.NotContainsf(t, "Hello World", "Earth", "error message %s", "formatted") +// assert.NotContainsf(t, ["Hello", "World"], "Earth", "error message %s", "formatted") +// assert.NotContainsf(t, {"Hello": "World"}, "Earth", "error message %s", "formatted") func NotContainsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1339,9 +1435,9 @@ func NotContainsf(t TestingT, s interface{}, contains interface{}, msg string, a // NotEmpty asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either // a slice or a channel with len == 0. // -// if assert.NotEmpty(t, obj) { -// assert.Equal(t, "two", obj[1]) -// } +// if assert.NotEmpty(t, obj) { +// assert.Equal(t, "two", obj[1]) +// } func NotEmpty(t TestingT, object interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1355,9 +1451,9 @@ func NotEmpty(t TestingT, object interface{}, msgAndArgs ...interface{}) { // NotEmptyf asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either // a slice or a channel with len == 0. // -// if assert.NotEmptyf(t, obj, "error message %s", "formatted") { -// assert.Equal(t, "two", obj[1]) -// } +// if assert.NotEmptyf(t, obj, "error message %s", "formatted") { +// assert.Equal(t, "two", obj[1]) +// } func NotEmptyf(t TestingT, object interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1370,7 +1466,7 @@ func NotEmptyf(t TestingT, object interface{}, msg string, args ...interface{}) // NotEqual asserts that the specified values are NOT equal. // -// assert.NotEqual(t, obj1, obj2) +// assert.NotEqual(t, obj1, obj2) // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). @@ -1386,7 +1482,7 @@ func NotEqual(t TestingT, expected interface{}, actual interface{}, msgAndArgs . // NotEqualValues asserts that two objects are not equal even when converted to the same type // -// assert.NotEqualValues(t, obj1, obj2) +// assert.NotEqualValues(t, obj1, obj2) func NotEqualValues(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1399,7 +1495,7 @@ func NotEqualValues(t TestingT, expected interface{}, actual interface{}, msgAnd // NotEqualValuesf asserts that two objects are not equal even when converted to the same type // -// assert.NotEqualValuesf(t, obj1, obj2, "error message %s", "formatted") +// assert.NotEqualValuesf(t, obj1, obj2, "error message %s", "formatted") func NotEqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1412,7 +1508,7 @@ func NotEqualValuesf(t TestingT, expected interface{}, actual interface{}, msg s // NotEqualf asserts that the specified values are NOT equal. // -// assert.NotEqualf(t, obj1, obj2, "error message %s", "formatted") +// assert.NotEqualf(t, obj1, obj2, "error message %s", "formatted") // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). @@ -1452,7 +1548,7 @@ func NotErrorIsf(t TestingT, err error, target error, msg string, args ...interf // NotNil asserts that the specified object is not nil. // -// assert.NotNil(t, err) +// assert.NotNil(t, err) func NotNil(t TestingT, object interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1465,7 +1561,7 @@ func NotNil(t TestingT, object interface{}, msgAndArgs ...interface{}) { // NotNilf asserts that the specified object is not nil. // -// assert.NotNilf(t, err, "error message %s", "formatted") +// assert.NotNilf(t, err, "error message %s", "formatted") func NotNilf(t TestingT, object interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1478,7 +1574,7 @@ func NotNilf(t TestingT, object interface{}, msg string, args ...interface{}) { // NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic. // -// assert.NotPanics(t, func(){ RemainCalm() }) +// assert.NotPanics(t, func(){ RemainCalm() }) func NotPanics(t TestingT, f assert.PanicTestFunc, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1491,7 +1587,7 @@ func NotPanics(t TestingT, f assert.PanicTestFunc, msgAndArgs ...interface{}) { // NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic. // -// assert.NotPanicsf(t, func(){ RemainCalm() }, "error message %s", "formatted") +// assert.NotPanicsf(t, func(){ RemainCalm() }, "error message %s", "formatted") func NotPanicsf(t TestingT, f assert.PanicTestFunc, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1504,8 +1600,8 @@ func NotPanicsf(t TestingT, f assert.PanicTestFunc, msg string, args ...interfac // NotRegexp asserts that a specified regexp does not match a string. // -// assert.NotRegexp(t, regexp.MustCompile("starts"), "it's starting") -// assert.NotRegexp(t, "^start", "it's not starting") +// assert.NotRegexp(t, regexp.MustCompile("starts"), "it's starting") +// assert.NotRegexp(t, "^start", "it's not starting") func NotRegexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1518,8 +1614,8 @@ func NotRegexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interf // NotRegexpf asserts that a specified regexp does not match a string. // -// assert.NotRegexpf(t, regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") -// assert.NotRegexpf(t, "^start", "it's not starting", "error message %s", "formatted") +// assert.NotRegexpf(t, regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") +// assert.NotRegexpf(t, "^start", "it's not starting", "error message %s", "formatted") func NotRegexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1532,7 +1628,7 @@ func NotRegexpf(t TestingT, rx interface{}, str interface{}, msg string, args .. // NotSame asserts that two pointers do not reference the same object. // -// assert.NotSame(t, ptr1, ptr2) +// assert.NotSame(t, ptr1, ptr2) // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1548,7 +1644,7 @@ func NotSame(t TestingT, expected interface{}, actual interface{}, msgAndArgs .. // NotSamef asserts that two pointers do not reference the same object. // -// assert.NotSamef(t, ptr1, ptr2, "error message %s", "formatted") +// assert.NotSamef(t, ptr1, ptr2, "error message %s", "formatted") // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1565,7 +1661,7 @@ func NotSamef(t TestingT, expected interface{}, actual interface{}, msg string, // NotSubset asserts that the specified list(array, slice...) contains not all // elements given in the specified subset(array, slice...). // -// assert.NotSubset(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]") +// assert.NotSubset(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]") func NotSubset(t TestingT, list interface{}, subset interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1579,7 +1675,7 @@ func NotSubset(t TestingT, list interface{}, subset interface{}, msgAndArgs ...i // NotSubsetf asserts that the specified list(array, slice...) contains not all // elements given in the specified subset(array, slice...). // -// assert.NotSubsetf(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted") +// assert.NotSubsetf(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted") func NotSubsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1614,7 +1710,7 @@ func NotZerof(t TestingT, i interface{}, msg string, args ...interface{}) { // Panics asserts that the code inside the specified PanicTestFunc panics. // -// assert.Panics(t, func(){ GoCrazy() }) +// assert.Panics(t, func(){ GoCrazy() }) func Panics(t TestingT, f assert.PanicTestFunc, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1629,7 +1725,7 @@ func Panics(t TestingT, f assert.PanicTestFunc, msgAndArgs ...interface{}) { // panics, and that the recovered panic value is an error that satisfies the // EqualError comparison. // -// assert.PanicsWithError(t, "crazy error", func(){ GoCrazy() }) +// assert.PanicsWithError(t, "crazy error", func(){ GoCrazy() }) func PanicsWithError(t TestingT, errString string, f assert.PanicTestFunc, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1644,7 +1740,7 @@ func PanicsWithError(t TestingT, errString string, f assert.PanicTestFunc, msgAn // panics, and that the recovered panic value is an error that satisfies the // EqualError comparison. // -// assert.PanicsWithErrorf(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +// assert.PanicsWithErrorf(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") func PanicsWithErrorf(t TestingT, errString string, f assert.PanicTestFunc, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1658,7 +1754,7 @@ func PanicsWithErrorf(t TestingT, errString string, f assert.PanicTestFunc, msg // PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that // the recovered panic value equals the expected panic value. // -// assert.PanicsWithValue(t, "crazy error", func(){ GoCrazy() }) +// assert.PanicsWithValue(t, "crazy error", func(){ GoCrazy() }) func PanicsWithValue(t TestingT, expected interface{}, f assert.PanicTestFunc, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1672,7 +1768,7 @@ func PanicsWithValue(t TestingT, expected interface{}, f assert.PanicTestFunc, m // PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that // the recovered panic value equals the expected panic value. // -// assert.PanicsWithValuef(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +// assert.PanicsWithValuef(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted") func PanicsWithValuef(t TestingT, expected interface{}, f assert.PanicTestFunc, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1685,7 +1781,7 @@ func PanicsWithValuef(t TestingT, expected interface{}, f assert.PanicTestFunc, // Panicsf asserts that the code inside the specified PanicTestFunc panics. // -// assert.Panicsf(t, func(){ GoCrazy() }, "error message %s", "formatted") +// assert.Panicsf(t, func(){ GoCrazy() }, "error message %s", "formatted") func Panicsf(t TestingT, f assert.PanicTestFunc, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1698,8 +1794,8 @@ func Panicsf(t TestingT, f assert.PanicTestFunc, msg string, args ...interface{} // Positive asserts that the specified element is positive // -// assert.Positive(t, 1) -// assert.Positive(t, 1.23) +// assert.Positive(t, 1) +// assert.Positive(t, 1.23) func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1712,8 +1808,8 @@ func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) { // Positivef asserts that the specified element is positive // -// assert.Positivef(t, 1, "error message %s", "formatted") -// assert.Positivef(t, 1.23, "error message %s", "formatted") +// assert.Positivef(t, 1, "error message %s", "formatted") +// assert.Positivef(t, 1.23, "error message %s", "formatted") func Positivef(t TestingT, e interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1726,8 +1822,8 @@ func Positivef(t TestingT, e interface{}, msg string, args ...interface{}) { // Regexp asserts that a specified regexp matches a string. // -// assert.Regexp(t, regexp.MustCompile("start"), "it's starting") -// assert.Regexp(t, "start...$", "it's not starting") +// assert.Regexp(t, regexp.MustCompile("start"), "it's starting") +// assert.Regexp(t, "start...$", "it's not starting") func Regexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1740,8 +1836,8 @@ func Regexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface // Regexpf asserts that a specified regexp matches a string. // -// assert.Regexpf(t, regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") -// assert.Regexpf(t, "start...$", "it's not starting", "error message %s", "formatted") +// assert.Regexpf(t, regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") +// assert.Regexpf(t, "start...$", "it's not starting", "error message %s", "formatted") func Regexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1754,7 +1850,7 @@ func Regexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...in // Same asserts that two pointers reference the same object. // -// assert.Same(t, ptr1, ptr2) +// assert.Same(t, ptr1, ptr2) // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1770,7 +1866,7 @@ func Same(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...in // Samef asserts that two pointers reference the same object. // -// assert.Samef(t, ptr1, ptr2, "error message %s", "formatted") +// assert.Samef(t, ptr1, ptr2, "error message %s", "formatted") // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1787,7 +1883,7 @@ func Samef(t TestingT, expected interface{}, actual interface{}, msg string, arg // Subset asserts that the specified list(array, slice...) contains all // elements given in the specified subset(array, slice...). // -// assert.Subset(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]") +// assert.Subset(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]") func Subset(t TestingT, list interface{}, subset interface{}, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1801,7 +1897,7 @@ func Subset(t TestingT, list interface{}, subset interface{}, msgAndArgs ...inte // Subsetf asserts that the specified list(array, slice...) contains all // elements given in the specified subset(array, slice...). // -// assert.Subsetf(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted") +// assert.Subsetf(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted") func Subsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1814,7 +1910,7 @@ func Subsetf(t TestingT, list interface{}, subset interface{}, msg string, args // True asserts that the specified value is true. // -// assert.True(t, myBool) +// assert.True(t, myBool) func True(t TestingT, value bool, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1827,7 +1923,7 @@ func True(t TestingT, value bool, msgAndArgs ...interface{}) { // Truef asserts that the specified value is true. // -// assert.Truef(t, myBool, "error message %s", "formatted") +// assert.Truef(t, myBool, "error message %s", "formatted") func Truef(t TestingT, value bool, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1840,7 +1936,7 @@ func Truef(t TestingT, value bool, msg string, args ...interface{}) { // WithinDuration asserts that the two times are within duration delta of each other. // -// assert.WithinDuration(t, time.Now(), time.Now(), 10*time.Second) +// assert.WithinDuration(t, time.Now(), time.Now(), 10*time.Second) func WithinDuration(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1853,7 +1949,7 @@ func WithinDuration(t TestingT, expected time.Time, actual time.Time, delta time // WithinDurationf asserts that the two times are within duration delta of each other. // -// assert.WithinDurationf(t, time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") +// assert.WithinDurationf(t, time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1866,7 +1962,7 @@ func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta tim // WithinRange asserts that a time is within a time range (inclusive). // -// assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +// assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) func WithinRange(t TestingT, actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() @@ -1879,7 +1975,7 @@ func WithinRange(t TestingT, actual time.Time, start time.Time, end time.Time, m // WithinRangef asserts that a time is within a time range (inclusive). // -// assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +// assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") func WithinRangef(t TestingT, actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) { if h, ok := t.(tHelper); ok { h.Helper() diff --git a/vendor/github.com/stretchr/testify/require/require_forward.go b/vendor/github.com/stretchr/testify/require/require_forward.go index 960bf6f2c..3b5b09330 100644 --- a/vendor/github.com/stretchr/testify/require/require_forward.go +++ b/vendor/github.com/stretchr/testify/require/require_forward.go @@ -31,9 +31,9 @@ func (a *Assertions) Conditionf(comp assert.Comparison, msg string, args ...inte // Contains asserts that the specified string, list(array, slice...) or map contains the // specified substring or element. // -// a.Contains("Hello World", "World") -// a.Contains(["Hello", "World"], "World") -// a.Contains({"Hello": "World"}, "Hello") +// a.Contains("Hello World", "World") +// a.Contains(["Hello", "World"], "World") +// a.Contains({"Hello": "World"}, "Hello") func (a *Assertions) Contains(s interface{}, contains interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -44,9 +44,9 @@ func (a *Assertions) Contains(s interface{}, contains interface{}, msgAndArgs .. // Containsf asserts that the specified string, list(array, slice...) or map contains the // specified substring or element. // -// a.Containsf("Hello World", "World", "error message %s", "formatted") -// a.Containsf(["Hello", "World"], "World", "error message %s", "formatted") -// a.Containsf({"Hello": "World"}, "Hello", "error message %s", "formatted") +// a.Containsf("Hello World", "World", "error message %s", "formatted") +// a.Containsf(["Hello", "World"], "World", "error message %s", "formatted") +// a.Containsf({"Hello": "World"}, "Hello", "error message %s", "formatted") func (a *Assertions) Containsf(s interface{}, contains interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -99,7 +99,7 @@ func (a *Assertions) ElementsMatchf(listA interface{}, listB interface{}, msg st // Empty asserts that the specified object is empty. I.e. nil, "", false, 0 or either // a slice or a channel with len == 0. // -// a.Empty(obj) +// a.Empty(obj) func (a *Assertions) Empty(object interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -110,7 +110,7 @@ func (a *Assertions) Empty(object interface{}, msgAndArgs ...interface{}) { // Emptyf asserts that the specified object is empty. I.e. nil, "", false, 0 or either // a slice or a channel with len == 0. // -// a.Emptyf(obj, "error message %s", "formatted") +// a.Emptyf(obj, "error message %s", "formatted") func (a *Assertions) Emptyf(object interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -120,7 +120,7 @@ func (a *Assertions) Emptyf(object interface{}, msg string, args ...interface{}) // Equal asserts that two objects are equal. // -// a.Equal(123, 123) +// a.Equal(123, 123) // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). Function equality @@ -135,8 +135,8 @@ func (a *Assertions) Equal(expected interface{}, actual interface{}, msgAndArgs // EqualError asserts that a function returned an error (i.e. not `nil`) // and that it is equal to the provided error. // -// actualObj, err := SomeFunction() -// a.EqualError(err, expectedErrorString) +// actualObj, err := SomeFunction() +// a.EqualError(err, expectedErrorString) func (a *Assertions) EqualError(theError error, errString string, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -147,8 +147,8 @@ func (a *Assertions) EqualError(theError error, errString string, msgAndArgs ... // EqualErrorf asserts that a function returned an error (i.e. not `nil`) // and that it is equal to the provided error. // -// actualObj, err := SomeFunction() -// a.EqualErrorf(err, expectedErrorString, "error message %s", "formatted") +// actualObj, err := SomeFunction() +// a.EqualErrorf(err, expectedErrorString, "error message %s", "formatted") func (a *Assertions) EqualErrorf(theError error, errString string, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -156,10 +156,44 @@ func (a *Assertions) EqualErrorf(theError error, errString string, msg string, a EqualErrorf(a.t, theError, errString, msg, args...) } +// EqualExportedValues asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// a.EqualExportedValues(S{1, 2}, S{1, 3}) => true +// a.EqualExportedValues(S{1, 2}, S{2, 3}) => false +func (a *Assertions) EqualExportedValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + EqualExportedValues(a.t, expected, actual, msgAndArgs...) +} + +// EqualExportedValuesf asserts that the types of two objects are equal and their public +// fields are also equal. This is useful for comparing structs that have private fields +// that could potentially differ. +// +// type S struct { +// Exported int +// notExported int +// } +// a.EqualExportedValuesf(S{1, 2}, S{1, 3}, "error message %s", "formatted") => true +// a.EqualExportedValuesf(S{1, 2}, S{2, 3}, "error message %s", "formatted") => false +func (a *Assertions) EqualExportedValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + EqualExportedValuesf(a.t, expected, actual, msg, args...) +} + // EqualValues asserts that two objects are equal or convertable to the same types // and equal. // -// a.EqualValues(uint32(123), int32(123)) +// a.EqualValues(uint32(123), int32(123)) func (a *Assertions) EqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -170,7 +204,7 @@ func (a *Assertions) EqualValues(expected interface{}, actual interface{}, msgAn // EqualValuesf asserts that two objects are equal or convertable to the same types // and equal. // -// a.EqualValuesf(uint32(123), int32(123), "error message %s", "formatted") +// a.EqualValuesf(uint32(123), int32(123), "error message %s", "formatted") func (a *Assertions) EqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -180,7 +214,7 @@ func (a *Assertions) EqualValuesf(expected interface{}, actual interface{}, msg // Equalf asserts that two objects are equal. // -// a.Equalf(123, 123, "error message %s", "formatted") +// a.Equalf(123, 123, "error message %s", "formatted") // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). Function equality @@ -194,10 +228,10 @@ func (a *Assertions) Equalf(expected interface{}, actual interface{}, msg string // Error asserts that a function returned an error (i.e. not `nil`). // -// actualObj, err := SomeFunction() -// if a.Error(err) { -// assert.Equal(t, expectedError, err) -// } +// actualObj, err := SomeFunction() +// if a.Error(err) { +// assert.Equal(t, expectedError, err) +// } func (a *Assertions) Error(err error, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -226,8 +260,8 @@ func (a *Assertions) ErrorAsf(err error, target interface{}, msg string, args .. // ErrorContains asserts that a function returned an error (i.e. not `nil`) // and that the error contains the specified substring. // -// actualObj, err := SomeFunction() -// a.ErrorContains(err, expectedErrorSubString) +// actualObj, err := SomeFunction() +// a.ErrorContains(err, expectedErrorSubString) func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -238,8 +272,8 @@ func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs . // ErrorContainsf asserts that a function returned an error (i.e. not `nil`) // and that the error contains the specified substring. // -// actualObj, err := SomeFunction() -// a.ErrorContainsf(err, expectedErrorSubString, "error message %s", "formatted") +// actualObj, err := SomeFunction() +// a.ErrorContainsf(err, expectedErrorSubString, "error message %s", "formatted") func (a *Assertions) ErrorContainsf(theError error, contains string, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -267,10 +301,10 @@ func (a *Assertions) ErrorIsf(err error, target error, msg string, args ...inter // Errorf asserts that a function returned an error (i.e. not `nil`). // -// actualObj, err := SomeFunction() -// if a.Errorf(err, "error message %s", "formatted") { -// assert.Equal(t, expectedErrorf, err) -// } +// actualObj, err := SomeFunction() +// if a.Errorf(err, "error message %s", "formatted") { +// assert.Equal(t, expectedErrorf, err) +// } func (a *Assertions) Errorf(err error, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -281,7 +315,7 @@ func (a *Assertions) Errorf(err error, msg string, args ...interface{}) { // Eventually asserts that given condition will be met in waitFor time, // periodically checking target function each tick. // -// a.Eventually(func() bool { return true; }, time.Second, 10*time.Millisecond) +// a.Eventually(func() bool { return true; }, time.Second, 10*time.Millisecond) func (a *Assertions) Eventually(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -289,10 +323,60 @@ func (a *Assertions) Eventually(condition func() bool, waitFor time.Duration, ti Eventually(a.t, condition, waitFor, tick, msgAndArgs...) } +// EventuallyWithT asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// a.EventuallyWithT(func(c *assert.CollectT) { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func (a *Assertions) EventuallyWithT(condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + EventuallyWithT(a.t, condition, waitFor, tick, msgAndArgs...) +} + +// EventuallyWithTf asserts that given condition will be met in waitFor time, +// periodically checking target function each tick. In contrast to Eventually, +// it supplies a CollectT to the condition function, so that the condition +// function can use the CollectT to call other assertions. +// The condition is considered "met" if no errors are raised in a tick. +// The supplied CollectT collects all errors from one tick (if there are any). +// If the condition is not met before waitFor, the collected errors of +// the last tick are copied to t. +// +// externalValue := false +// go func() { +// time.Sleep(8*time.Second) +// externalValue = true +// }() +// a.EventuallyWithTf(func(c *assert.CollectT, "error message %s", "formatted") { +// // add assertions as needed; any assertion failure will fail the current tick +// assert.True(c, externalValue, "expected 'externalValue' to be true") +// }, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false") +func (a *Assertions) EventuallyWithTf(condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) { + if h, ok := a.t.(tHelper); ok { + h.Helper() + } + EventuallyWithTf(a.t, condition, waitFor, tick, msg, args...) +} + // Eventuallyf asserts that given condition will be met in waitFor time, // periodically checking target function each tick. // -// a.Eventuallyf(func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +// a.Eventuallyf(func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") func (a *Assertions) Eventuallyf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -302,7 +386,7 @@ func (a *Assertions) Eventuallyf(condition func() bool, waitFor time.Duration, t // Exactly asserts that two objects are equal in value and type. // -// a.Exactly(int32(123), int64(123)) +// a.Exactly(int32(123), int64(123)) func (a *Assertions) Exactly(expected interface{}, actual interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -312,7 +396,7 @@ func (a *Assertions) Exactly(expected interface{}, actual interface{}, msgAndArg // Exactlyf asserts that two objects are equal in value and type. // -// a.Exactlyf(int32(123), int64(123), "error message %s", "formatted") +// a.Exactlyf(int32(123), int64(123), "error message %s", "formatted") func (a *Assertions) Exactlyf(expected interface{}, actual interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -354,7 +438,7 @@ func (a *Assertions) Failf(failureMessage string, msg string, args ...interface{ // False asserts that the specified value is false. // -// a.False(myBool) +// a.False(myBool) func (a *Assertions) False(value bool, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -364,7 +448,7 @@ func (a *Assertions) False(value bool, msgAndArgs ...interface{}) { // Falsef asserts that the specified value is false. // -// a.Falsef(myBool, "error message %s", "formatted") +// a.Falsef(myBool, "error message %s", "formatted") func (a *Assertions) Falsef(value bool, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -392,9 +476,9 @@ func (a *Assertions) FileExistsf(path string, msg string, args ...interface{}) { // Greater asserts that the first element is greater than the second // -// a.Greater(2, 1) -// a.Greater(float64(2), float64(1)) -// a.Greater("b", "a") +// a.Greater(2, 1) +// a.Greater(float64(2), float64(1)) +// a.Greater("b", "a") func (a *Assertions) Greater(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -404,10 +488,10 @@ func (a *Assertions) Greater(e1 interface{}, e2 interface{}, msgAndArgs ...inter // GreaterOrEqual asserts that the first element is greater than or equal to the second // -// a.GreaterOrEqual(2, 1) -// a.GreaterOrEqual(2, 2) -// a.GreaterOrEqual("b", "a") -// a.GreaterOrEqual("b", "b") +// a.GreaterOrEqual(2, 1) +// a.GreaterOrEqual(2, 2) +// a.GreaterOrEqual("b", "a") +// a.GreaterOrEqual("b", "b") func (a *Assertions) GreaterOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -417,10 +501,10 @@ func (a *Assertions) GreaterOrEqual(e1 interface{}, e2 interface{}, msgAndArgs . // GreaterOrEqualf asserts that the first element is greater than or equal to the second // -// a.GreaterOrEqualf(2, 1, "error message %s", "formatted") -// a.GreaterOrEqualf(2, 2, "error message %s", "formatted") -// a.GreaterOrEqualf("b", "a", "error message %s", "formatted") -// a.GreaterOrEqualf("b", "b", "error message %s", "formatted") +// a.GreaterOrEqualf(2, 1, "error message %s", "formatted") +// a.GreaterOrEqualf(2, 2, "error message %s", "formatted") +// a.GreaterOrEqualf("b", "a", "error message %s", "formatted") +// a.GreaterOrEqualf("b", "b", "error message %s", "formatted") func (a *Assertions) GreaterOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -430,9 +514,9 @@ func (a *Assertions) GreaterOrEqualf(e1 interface{}, e2 interface{}, msg string, // Greaterf asserts that the first element is greater than the second // -// a.Greaterf(2, 1, "error message %s", "formatted") -// a.Greaterf(float64(2), float64(1), "error message %s", "formatted") -// a.Greaterf("b", "a", "error message %s", "formatted") +// a.Greaterf(2, 1, "error message %s", "formatted") +// a.Greaterf(float64(2), float64(1), "error message %s", "formatted") +// a.Greaterf("b", "a", "error message %s", "formatted") func (a *Assertions) Greaterf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -443,7 +527,7 @@ func (a *Assertions) Greaterf(e1 interface{}, e2 interface{}, msg string, args . // HTTPBodyContains asserts that a specified handler returns a // body that contains a string. // -// a.HTTPBodyContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// a.HTTPBodyContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPBodyContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) { @@ -456,7 +540,7 @@ func (a *Assertions) HTTPBodyContains(handler http.HandlerFunc, method string, u // HTTPBodyContainsf asserts that a specified handler returns a // body that contains a string. // -// a.HTTPBodyContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// a.HTTPBodyContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPBodyContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) { @@ -469,7 +553,7 @@ func (a *Assertions) HTTPBodyContainsf(handler http.HandlerFunc, method string, // HTTPBodyNotContains asserts that a specified handler returns a // body that does not contain a string. // -// a.HTTPBodyNotContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") +// a.HTTPBodyNotContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPBodyNotContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) { @@ -482,7 +566,7 @@ func (a *Assertions) HTTPBodyNotContains(handler http.HandlerFunc, method string // HTTPBodyNotContainsf asserts that a specified handler returns a // body that does not contain a string. // -// a.HTTPBodyNotContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") +// a.HTTPBodyNotContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPBodyNotContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) { @@ -494,7 +578,7 @@ func (a *Assertions) HTTPBodyNotContainsf(handler http.HandlerFunc, method strin // HTTPError asserts that a specified handler returns an error status code. // -// a.HTTPError(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// a.HTTPError(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPError(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) { @@ -506,7 +590,7 @@ func (a *Assertions) HTTPError(handler http.HandlerFunc, method string, url stri // HTTPErrorf asserts that a specified handler returns an error status code. // -// a.HTTPErrorf(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// a.HTTPErrorf(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPErrorf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) { @@ -518,7 +602,7 @@ func (a *Assertions) HTTPErrorf(handler http.HandlerFunc, method string, url str // HTTPRedirect asserts that a specified handler returns a redirect status code. // -// a.HTTPRedirect(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// a.HTTPRedirect(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPRedirect(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) { @@ -530,7 +614,7 @@ func (a *Assertions) HTTPRedirect(handler http.HandlerFunc, method string, url s // HTTPRedirectf asserts that a specified handler returns a redirect status code. // -// a.HTTPRedirectf(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} +// a.HTTPRedirectf(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}} // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPRedirectf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) { @@ -542,7 +626,7 @@ func (a *Assertions) HTTPRedirectf(handler http.HandlerFunc, method string, url // HTTPStatusCode asserts that a specified handler returns a specified status code. // -// a.HTTPStatusCode(myHandler, "GET", "/notImplemented", nil, 501) +// a.HTTPStatusCode(myHandler, "GET", "/notImplemented", nil, 501) // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPStatusCode(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) { @@ -554,7 +638,7 @@ func (a *Assertions) HTTPStatusCode(handler http.HandlerFunc, method string, url // HTTPStatusCodef asserts that a specified handler returns a specified status code. // -// a.HTTPStatusCodef(myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") +// a.HTTPStatusCodef(myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPStatusCodef(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) { @@ -566,7 +650,7 @@ func (a *Assertions) HTTPStatusCodef(handler http.HandlerFunc, method string, ur // HTTPSuccess asserts that a specified handler returns a success status code. // -// a.HTTPSuccess(myHandler, "POST", "http://www.google.com", nil) +// a.HTTPSuccess(myHandler, "POST", "http://www.google.com", nil) // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPSuccess(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) { @@ -578,7 +662,7 @@ func (a *Assertions) HTTPSuccess(handler http.HandlerFunc, method string, url st // HTTPSuccessf asserts that a specified handler returns a success status code. // -// a.HTTPSuccessf(myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") +// a.HTTPSuccessf(myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted") // // Returns whether the assertion was successful (true) or not (false). func (a *Assertions) HTTPSuccessf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) { @@ -590,7 +674,7 @@ func (a *Assertions) HTTPSuccessf(handler http.HandlerFunc, method string, url s // Implements asserts that an object is implemented by the specified interface. // -// a.Implements((*MyInterface)(nil), new(MyObject)) +// a.Implements((*MyInterface)(nil), new(MyObject)) func (a *Assertions) Implements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -600,7 +684,7 @@ func (a *Assertions) Implements(interfaceObject interface{}, object interface{}, // Implementsf asserts that an object is implemented by the specified interface. // -// a.Implementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted") +// a.Implementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted") func (a *Assertions) Implementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -610,7 +694,7 @@ func (a *Assertions) Implementsf(interfaceObject interface{}, object interface{} // InDelta asserts that the two numerals are within delta of each other. // -// a.InDelta(math.Pi, 22/7.0, 0.01) +// a.InDelta(math.Pi, 22/7.0, 0.01) func (a *Assertions) InDelta(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -652,7 +736,7 @@ func (a *Assertions) InDeltaSlicef(expected interface{}, actual interface{}, del // InDeltaf asserts that the two numerals are within delta of each other. // -// a.InDeltaf(math.Pi, 22/7.0, 0.01, "error message %s", "formatted") +// a.InDeltaf(math.Pi, 22/7.0, 0.01, "error message %s", "formatted") func (a *Assertions) InDeltaf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -694,9 +778,9 @@ func (a *Assertions) InEpsilonf(expected interface{}, actual interface{}, epsilo // IsDecreasing asserts that the collection is decreasing // -// a.IsDecreasing([]int{2, 1, 0}) -// a.IsDecreasing([]float{2, 1}) -// a.IsDecreasing([]string{"b", "a"}) +// a.IsDecreasing([]int{2, 1, 0}) +// a.IsDecreasing([]float{2, 1}) +// a.IsDecreasing([]string{"b", "a"}) func (a *Assertions) IsDecreasing(object interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -706,9 +790,9 @@ func (a *Assertions) IsDecreasing(object interface{}, msgAndArgs ...interface{}) // IsDecreasingf asserts that the collection is decreasing // -// a.IsDecreasingf([]int{2, 1, 0}, "error message %s", "formatted") -// a.IsDecreasingf([]float{2, 1}, "error message %s", "formatted") -// a.IsDecreasingf([]string{"b", "a"}, "error message %s", "formatted") +// a.IsDecreasingf([]int{2, 1, 0}, "error message %s", "formatted") +// a.IsDecreasingf([]float{2, 1}, "error message %s", "formatted") +// a.IsDecreasingf([]string{"b", "a"}, "error message %s", "formatted") func (a *Assertions) IsDecreasingf(object interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -718,9 +802,9 @@ func (a *Assertions) IsDecreasingf(object interface{}, msg string, args ...inter // IsIncreasing asserts that the collection is increasing // -// a.IsIncreasing([]int{1, 2, 3}) -// a.IsIncreasing([]float{1, 2}) -// a.IsIncreasing([]string{"a", "b"}) +// a.IsIncreasing([]int{1, 2, 3}) +// a.IsIncreasing([]float{1, 2}) +// a.IsIncreasing([]string{"a", "b"}) func (a *Assertions) IsIncreasing(object interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -730,9 +814,9 @@ func (a *Assertions) IsIncreasing(object interface{}, msgAndArgs ...interface{}) // IsIncreasingf asserts that the collection is increasing // -// a.IsIncreasingf([]int{1, 2, 3}, "error message %s", "formatted") -// a.IsIncreasingf([]float{1, 2}, "error message %s", "formatted") -// a.IsIncreasingf([]string{"a", "b"}, "error message %s", "formatted") +// a.IsIncreasingf([]int{1, 2, 3}, "error message %s", "formatted") +// a.IsIncreasingf([]float{1, 2}, "error message %s", "formatted") +// a.IsIncreasingf([]string{"a", "b"}, "error message %s", "formatted") func (a *Assertions) IsIncreasingf(object interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -742,9 +826,9 @@ func (a *Assertions) IsIncreasingf(object interface{}, msg string, args ...inter // IsNonDecreasing asserts that the collection is not decreasing // -// a.IsNonDecreasing([]int{1, 1, 2}) -// a.IsNonDecreasing([]float{1, 2}) -// a.IsNonDecreasing([]string{"a", "b"}) +// a.IsNonDecreasing([]int{1, 1, 2}) +// a.IsNonDecreasing([]float{1, 2}) +// a.IsNonDecreasing([]string{"a", "b"}) func (a *Assertions) IsNonDecreasing(object interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -754,9 +838,9 @@ func (a *Assertions) IsNonDecreasing(object interface{}, msgAndArgs ...interface // IsNonDecreasingf asserts that the collection is not decreasing // -// a.IsNonDecreasingf([]int{1, 1, 2}, "error message %s", "formatted") -// a.IsNonDecreasingf([]float{1, 2}, "error message %s", "formatted") -// a.IsNonDecreasingf([]string{"a", "b"}, "error message %s", "formatted") +// a.IsNonDecreasingf([]int{1, 1, 2}, "error message %s", "formatted") +// a.IsNonDecreasingf([]float{1, 2}, "error message %s", "formatted") +// a.IsNonDecreasingf([]string{"a", "b"}, "error message %s", "formatted") func (a *Assertions) IsNonDecreasingf(object interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -766,9 +850,9 @@ func (a *Assertions) IsNonDecreasingf(object interface{}, msg string, args ...in // IsNonIncreasing asserts that the collection is not increasing // -// a.IsNonIncreasing([]int{2, 1, 1}) -// a.IsNonIncreasing([]float{2, 1}) -// a.IsNonIncreasing([]string{"b", "a"}) +// a.IsNonIncreasing([]int{2, 1, 1}) +// a.IsNonIncreasing([]float{2, 1}) +// a.IsNonIncreasing([]string{"b", "a"}) func (a *Assertions) IsNonIncreasing(object interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -778,9 +862,9 @@ func (a *Assertions) IsNonIncreasing(object interface{}, msgAndArgs ...interface // IsNonIncreasingf asserts that the collection is not increasing // -// a.IsNonIncreasingf([]int{2, 1, 1}, "error message %s", "formatted") -// a.IsNonIncreasingf([]float{2, 1}, "error message %s", "formatted") -// a.IsNonIncreasingf([]string{"b", "a"}, "error message %s", "formatted") +// a.IsNonIncreasingf([]int{2, 1, 1}, "error message %s", "formatted") +// a.IsNonIncreasingf([]float{2, 1}, "error message %s", "formatted") +// a.IsNonIncreasingf([]string{"b", "a"}, "error message %s", "formatted") func (a *Assertions) IsNonIncreasingf(object interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -806,7 +890,7 @@ func (a *Assertions) IsTypef(expectedType interface{}, object interface{}, msg s // JSONEq asserts that two JSON strings are equivalent. // -// a.JSONEq(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) +// a.JSONEq(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`) func (a *Assertions) JSONEq(expected string, actual string, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -816,7 +900,7 @@ func (a *Assertions) JSONEq(expected string, actual string, msgAndArgs ...interf // JSONEqf asserts that two JSON strings are equivalent. // -// a.JSONEqf(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") +// a.JSONEqf(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted") func (a *Assertions) JSONEqf(expected string, actual string, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -827,7 +911,7 @@ func (a *Assertions) JSONEqf(expected string, actual string, msg string, args .. // Len asserts that the specified object has specific length. // Len also fails if the object has a type that len() not accept. // -// a.Len(mySlice, 3) +// a.Len(mySlice, 3) func (a *Assertions) Len(object interface{}, length int, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -838,7 +922,7 @@ func (a *Assertions) Len(object interface{}, length int, msgAndArgs ...interface // Lenf asserts that the specified object has specific length. // Lenf also fails if the object has a type that len() not accept. // -// a.Lenf(mySlice, 3, "error message %s", "formatted") +// a.Lenf(mySlice, 3, "error message %s", "formatted") func (a *Assertions) Lenf(object interface{}, length int, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -848,9 +932,9 @@ func (a *Assertions) Lenf(object interface{}, length int, msg string, args ...in // Less asserts that the first element is less than the second // -// a.Less(1, 2) -// a.Less(float64(1), float64(2)) -// a.Less("a", "b") +// a.Less(1, 2) +// a.Less(float64(1), float64(2)) +// a.Less("a", "b") func (a *Assertions) Less(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -860,10 +944,10 @@ func (a *Assertions) Less(e1 interface{}, e2 interface{}, msgAndArgs ...interfac // LessOrEqual asserts that the first element is less than or equal to the second // -// a.LessOrEqual(1, 2) -// a.LessOrEqual(2, 2) -// a.LessOrEqual("a", "b") -// a.LessOrEqual("b", "b") +// a.LessOrEqual(1, 2) +// a.LessOrEqual(2, 2) +// a.LessOrEqual("a", "b") +// a.LessOrEqual("b", "b") func (a *Assertions) LessOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -873,10 +957,10 @@ func (a *Assertions) LessOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...i // LessOrEqualf asserts that the first element is less than or equal to the second // -// a.LessOrEqualf(1, 2, "error message %s", "formatted") -// a.LessOrEqualf(2, 2, "error message %s", "formatted") -// a.LessOrEqualf("a", "b", "error message %s", "formatted") -// a.LessOrEqualf("b", "b", "error message %s", "formatted") +// a.LessOrEqualf(1, 2, "error message %s", "formatted") +// a.LessOrEqualf(2, 2, "error message %s", "formatted") +// a.LessOrEqualf("a", "b", "error message %s", "formatted") +// a.LessOrEqualf("b", "b", "error message %s", "formatted") func (a *Assertions) LessOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -886,9 +970,9 @@ func (a *Assertions) LessOrEqualf(e1 interface{}, e2 interface{}, msg string, ar // Lessf asserts that the first element is less than the second // -// a.Lessf(1, 2, "error message %s", "formatted") -// a.Lessf(float64(1), float64(2), "error message %s", "formatted") -// a.Lessf("a", "b", "error message %s", "formatted") +// a.Lessf(1, 2, "error message %s", "formatted") +// a.Lessf(float64(1), float64(2), "error message %s", "formatted") +// a.Lessf("a", "b", "error message %s", "formatted") func (a *Assertions) Lessf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -898,8 +982,8 @@ func (a *Assertions) Lessf(e1 interface{}, e2 interface{}, msg string, args ...i // Negative asserts that the specified element is negative // -// a.Negative(-1) -// a.Negative(-1.23) +// a.Negative(-1) +// a.Negative(-1.23) func (a *Assertions) Negative(e interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -909,8 +993,8 @@ func (a *Assertions) Negative(e interface{}, msgAndArgs ...interface{}) { // Negativef asserts that the specified element is negative // -// a.Negativef(-1, "error message %s", "formatted") -// a.Negativef(-1.23, "error message %s", "formatted") +// a.Negativef(-1, "error message %s", "formatted") +// a.Negativef(-1.23, "error message %s", "formatted") func (a *Assertions) Negativef(e interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -921,7 +1005,7 @@ func (a *Assertions) Negativef(e interface{}, msg string, args ...interface{}) { // Never asserts that the given condition doesn't satisfy in waitFor time, // periodically checking the target function each tick. // -// a.Never(func() bool { return false; }, time.Second, 10*time.Millisecond) +// a.Never(func() bool { return false; }, time.Second, 10*time.Millisecond) func (a *Assertions) Never(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -932,7 +1016,7 @@ func (a *Assertions) Never(condition func() bool, waitFor time.Duration, tick ti // Neverf asserts that the given condition doesn't satisfy in waitFor time, // periodically checking the target function each tick. // -// a.Neverf(func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") +// a.Neverf(func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted") func (a *Assertions) Neverf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -942,7 +1026,7 @@ func (a *Assertions) Neverf(condition func() bool, waitFor time.Duration, tick t // Nil asserts that the specified object is nil. // -// a.Nil(err) +// a.Nil(err) func (a *Assertions) Nil(object interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -952,7 +1036,7 @@ func (a *Assertions) Nil(object interface{}, msgAndArgs ...interface{}) { // Nilf asserts that the specified object is nil. // -// a.Nilf(err, "error message %s", "formatted") +// a.Nilf(err, "error message %s", "formatted") func (a *Assertions) Nilf(object interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -980,10 +1064,10 @@ func (a *Assertions) NoDirExistsf(path string, msg string, args ...interface{}) // NoError asserts that a function returned no error (i.e. `nil`). // -// actualObj, err := SomeFunction() -// if a.NoError(err) { -// assert.Equal(t, expectedObj, actualObj) -// } +// actualObj, err := SomeFunction() +// if a.NoError(err) { +// assert.Equal(t, expectedObj, actualObj) +// } func (a *Assertions) NoError(err error, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -993,10 +1077,10 @@ func (a *Assertions) NoError(err error, msgAndArgs ...interface{}) { // NoErrorf asserts that a function returned no error (i.e. `nil`). // -// actualObj, err := SomeFunction() -// if a.NoErrorf(err, "error message %s", "formatted") { -// assert.Equal(t, expectedObj, actualObj) -// } +// actualObj, err := SomeFunction() +// if a.NoErrorf(err, "error message %s", "formatted") { +// assert.Equal(t, expectedObj, actualObj) +// } func (a *Assertions) NoErrorf(err error, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1025,9 +1109,9 @@ func (a *Assertions) NoFileExistsf(path string, msg string, args ...interface{}) // NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the // specified substring or element. // -// a.NotContains("Hello World", "Earth") -// a.NotContains(["Hello", "World"], "Earth") -// a.NotContains({"Hello": "World"}, "Earth") +// a.NotContains("Hello World", "Earth") +// a.NotContains(["Hello", "World"], "Earth") +// a.NotContains({"Hello": "World"}, "Earth") func (a *Assertions) NotContains(s interface{}, contains interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1038,9 +1122,9 @@ func (a *Assertions) NotContains(s interface{}, contains interface{}, msgAndArgs // NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the // specified substring or element. // -// a.NotContainsf("Hello World", "Earth", "error message %s", "formatted") -// a.NotContainsf(["Hello", "World"], "Earth", "error message %s", "formatted") -// a.NotContainsf({"Hello": "World"}, "Earth", "error message %s", "formatted") +// a.NotContainsf("Hello World", "Earth", "error message %s", "formatted") +// a.NotContainsf(["Hello", "World"], "Earth", "error message %s", "formatted") +// a.NotContainsf({"Hello": "World"}, "Earth", "error message %s", "formatted") func (a *Assertions) NotContainsf(s interface{}, contains interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1051,9 +1135,9 @@ func (a *Assertions) NotContainsf(s interface{}, contains interface{}, msg strin // NotEmpty asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either // a slice or a channel with len == 0. // -// if a.NotEmpty(obj) { -// assert.Equal(t, "two", obj[1]) -// } +// if a.NotEmpty(obj) { +// assert.Equal(t, "two", obj[1]) +// } func (a *Assertions) NotEmpty(object interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1064,9 +1148,9 @@ func (a *Assertions) NotEmpty(object interface{}, msgAndArgs ...interface{}) { // NotEmptyf asserts that the specified object is NOT empty. I.e. not nil, "", false, 0 or either // a slice or a channel with len == 0. // -// if a.NotEmptyf(obj, "error message %s", "formatted") { -// assert.Equal(t, "two", obj[1]) -// } +// if a.NotEmptyf(obj, "error message %s", "formatted") { +// assert.Equal(t, "two", obj[1]) +// } func (a *Assertions) NotEmptyf(object interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1076,7 +1160,7 @@ func (a *Assertions) NotEmptyf(object interface{}, msg string, args ...interface // NotEqual asserts that the specified values are NOT equal. // -// a.NotEqual(obj1, obj2) +// a.NotEqual(obj1, obj2) // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). @@ -1089,7 +1173,7 @@ func (a *Assertions) NotEqual(expected interface{}, actual interface{}, msgAndAr // NotEqualValues asserts that two objects are not equal even when converted to the same type // -// a.NotEqualValues(obj1, obj2) +// a.NotEqualValues(obj1, obj2) func (a *Assertions) NotEqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1099,7 +1183,7 @@ func (a *Assertions) NotEqualValues(expected interface{}, actual interface{}, ms // NotEqualValuesf asserts that two objects are not equal even when converted to the same type // -// a.NotEqualValuesf(obj1, obj2, "error message %s", "formatted") +// a.NotEqualValuesf(obj1, obj2, "error message %s", "formatted") func (a *Assertions) NotEqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1109,7 +1193,7 @@ func (a *Assertions) NotEqualValuesf(expected interface{}, actual interface{}, m // NotEqualf asserts that the specified values are NOT equal. // -// a.NotEqualf(obj1, obj2, "error message %s", "formatted") +// a.NotEqualf(obj1, obj2, "error message %s", "formatted") // // Pointer variable equality is determined based on the equality of the // referenced values (as opposed to the memory addresses). @@ -1140,7 +1224,7 @@ func (a *Assertions) NotErrorIsf(err error, target error, msg string, args ...in // NotNil asserts that the specified object is not nil. // -// a.NotNil(err) +// a.NotNil(err) func (a *Assertions) NotNil(object interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1150,7 +1234,7 @@ func (a *Assertions) NotNil(object interface{}, msgAndArgs ...interface{}) { // NotNilf asserts that the specified object is not nil. // -// a.NotNilf(err, "error message %s", "formatted") +// a.NotNilf(err, "error message %s", "formatted") func (a *Assertions) NotNilf(object interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1160,7 +1244,7 @@ func (a *Assertions) NotNilf(object interface{}, msg string, args ...interface{} // NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic. // -// a.NotPanics(func(){ RemainCalm() }) +// a.NotPanics(func(){ RemainCalm() }) func (a *Assertions) NotPanics(f assert.PanicTestFunc, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1170,7 +1254,7 @@ func (a *Assertions) NotPanics(f assert.PanicTestFunc, msgAndArgs ...interface{} // NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic. // -// a.NotPanicsf(func(){ RemainCalm() }, "error message %s", "formatted") +// a.NotPanicsf(func(){ RemainCalm() }, "error message %s", "formatted") func (a *Assertions) NotPanicsf(f assert.PanicTestFunc, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1180,8 +1264,8 @@ func (a *Assertions) NotPanicsf(f assert.PanicTestFunc, msg string, args ...inte // NotRegexp asserts that a specified regexp does not match a string. // -// a.NotRegexp(regexp.MustCompile("starts"), "it's starting") -// a.NotRegexp("^start", "it's not starting") +// a.NotRegexp(regexp.MustCompile("starts"), "it's starting") +// a.NotRegexp("^start", "it's not starting") func (a *Assertions) NotRegexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1191,8 +1275,8 @@ func (a *Assertions) NotRegexp(rx interface{}, str interface{}, msgAndArgs ...in // NotRegexpf asserts that a specified regexp does not match a string. // -// a.NotRegexpf(regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") -// a.NotRegexpf("^start", "it's not starting", "error message %s", "formatted") +// a.NotRegexpf(regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted") +// a.NotRegexpf("^start", "it's not starting", "error message %s", "formatted") func (a *Assertions) NotRegexpf(rx interface{}, str interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1202,7 +1286,7 @@ func (a *Assertions) NotRegexpf(rx interface{}, str interface{}, msg string, arg // NotSame asserts that two pointers do not reference the same object. // -// a.NotSame(ptr1, ptr2) +// a.NotSame(ptr1, ptr2) // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1215,7 +1299,7 @@ func (a *Assertions) NotSame(expected interface{}, actual interface{}, msgAndArg // NotSamef asserts that two pointers do not reference the same object. // -// a.NotSamef(ptr1, ptr2, "error message %s", "formatted") +// a.NotSamef(ptr1, ptr2, "error message %s", "formatted") // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1229,7 +1313,7 @@ func (a *Assertions) NotSamef(expected interface{}, actual interface{}, msg stri // NotSubset asserts that the specified list(array, slice...) contains not all // elements given in the specified subset(array, slice...). // -// a.NotSubset([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]") +// a.NotSubset([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]") func (a *Assertions) NotSubset(list interface{}, subset interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1240,7 +1324,7 @@ func (a *Assertions) NotSubset(list interface{}, subset interface{}, msgAndArgs // NotSubsetf asserts that the specified list(array, slice...) contains not all // elements given in the specified subset(array, slice...). // -// a.NotSubsetf([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted") +// a.NotSubsetf([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted") func (a *Assertions) NotSubsetf(list interface{}, subset interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1266,7 +1350,7 @@ func (a *Assertions) NotZerof(i interface{}, msg string, args ...interface{}) { // Panics asserts that the code inside the specified PanicTestFunc panics. // -// a.Panics(func(){ GoCrazy() }) +// a.Panics(func(){ GoCrazy() }) func (a *Assertions) Panics(f assert.PanicTestFunc, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1278,7 +1362,7 @@ func (a *Assertions) Panics(f assert.PanicTestFunc, msgAndArgs ...interface{}) { // panics, and that the recovered panic value is an error that satisfies the // EqualError comparison. // -// a.PanicsWithError("crazy error", func(){ GoCrazy() }) +// a.PanicsWithError("crazy error", func(){ GoCrazy() }) func (a *Assertions) PanicsWithError(errString string, f assert.PanicTestFunc, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1290,7 +1374,7 @@ func (a *Assertions) PanicsWithError(errString string, f assert.PanicTestFunc, m // panics, and that the recovered panic value is an error that satisfies the // EqualError comparison. // -// a.PanicsWithErrorf("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +// a.PanicsWithErrorf("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") func (a *Assertions) PanicsWithErrorf(errString string, f assert.PanicTestFunc, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1301,7 +1385,7 @@ func (a *Assertions) PanicsWithErrorf(errString string, f assert.PanicTestFunc, // PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that // the recovered panic value equals the expected panic value. // -// a.PanicsWithValue("crazy error", func(){ GoCrazy() }) +// a.PanicsWithValue("crazy error", func(){ GoCrazy() }) func (a *Assertions) PanicsWithValue(expected interface{}, f assert.PanicTestFunc, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1312,7 +1396,7 @@ func (a *Assertions) PanicsWithValue(expected interface{}, f assert.PanicTestFun // PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that // the recovered panic value equals the expected panic value. // -// a.PanicsWithValuef("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") +// a.PanicsWithValuef("crazy error", func(){ GoCrazy() }, "error message %s", "formatted") func (a *Assertions) PanicsWithValuef(expected interface{}, f assert.PanicTestFunc, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1322,7 +1406,7 @@ func (a *Assertions) PanicsWithValuef(expected interface{}, f assert.PanicTestFu // Panicsf asserts that the code inside the specified PanicTestFunc panics. // -// a.Panicsf(func(){ GoCrazy() }, "error message %s", "formatted") +// a.Panicsf(func(){ GoCrazy() }, "error message %s", "formatted") func (a *Assertions) Panicsf(f assert.PanicTestFunc, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1332,8 +1416,8 @@ func (a *Assertions) Panicsf(f assert.PanicTestFunc, msg string, args ...interfa // Positive asserts that the specified element is positive // -// a.Positive(1) -// a.Positive(1.23) +// a.Positive(1) +// a.Positive(1.23) func (a *Assertions) Positive(e interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1343,8 +1427,8 @@ func (a *Assertions) Positive(e interface{}, msgAndArgs ...interface{}) { // Positivef asserts that the specified element is positive // -// a.Positivef(1, "error message %s", "formatted") -// a.Positivef(1.23, "error message %s", "formatted") +// a.Positivef(1, "error message %s", "formatted") +// a.Positivef(1.23, "error message %s", "formatted") func (a *Assertions) Positivef(e interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1354,8 +1438,8 @@ func (a *Assertions) Positivef(e interface{}, msg string, args ...interface{}) { // Regexp asserts that a specified regexp matches a string. // -// a.Regexp(regexp.MustCompile("start"), "it's starting") -// a.Regexp("start...$", "it's not starting") +// a.Regexp(regexp.MustCompile("start"), "it's starting") +// a.Regexp("start...$", "it's not starting") func (a *Assertions) Regexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1365,8 +1449,8 @@ func (a *Assertions) Regexp(rx interface{}, str interface{}, msgAndArgs ...inter // Regexpf asserts that a specified regexp matches a string. // -// a.Regexpf(regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") -// a.Regexpf("start...$", "it's not starting", "error message %s", "formatted") +// a.Regexpf(regexp.MustCompile("start"), "it's starting", "error message %s", "formatted") +// a.Regexpf("start...$", "it's not starting", "error message %s", "formatted") func (a *Assertions) Regexpf(rx interface{}, str interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1376,7 +1460,7 @@ func (a *Assertions) Regexpf(rx interface{}, str interface{}, msg string, args . // Same asserts that two pointers reference the same object. // -// a.Same(ptr1, ptr2) +// a.Same(ptr1, ptr2) // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1389,7 +1473,7 @@ func (a *Assertions) Same(expected interface{}, actual interface{}, msgAndArgs . // Samef asserts that two pointers reference the same object. // -// a.Samef(ptr1, ptr2, "error message %s", "formatted") +// a.Samef(ptr1, ptr2, "error message %s", "formatted") // // Both arguments must be pointer variables. Pointer variable sameness is // determined based on the equality of both type and value. @@ -1403,7 +1487,7 @@ func (a *Assertions) Samef(expected interface{}, actual interface{}, msg string, // Subset asserts that the specified list(array, slice...) contains all // elements given in the specified subset(array, slice...). // -// a.Subset([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]") +// a.Subset([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]") func (a *Assertions) Subset(list interface{}, subset interface{}, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1414,7 +1498,7 @@ func (a *Assertions) Subset(list interface{}, subset interface{}, msgAndArgs ... // Subsetf asserts that the specified list(array, slice...) contains all // elements given in the specified subset(array, slice...). // -// a.Subsetf([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted") +// a.Subsetf([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted") func (a *Assertions) Subsetf(list interface{}, subset interface{}, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1424,7 +1508,7 @@ func (a *Assertions) Subsetf(list interface{}, subset interface{}, msg string, a // True asserts that the specified value is true. // -// a.True(myBool) +// a.True(myBool) func (a *Assertions) True(value bool, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1434,7 +1518,7 @@ func (a *Assertions) True(value bool, msgAndArgs ...interface{}) { // Truef asserts that the specified value is true. // -// a.Truef(myBool, "error message %s", "formatted") +// a.Truef(myBool, "error message %s", "formatted") func (a *Assertions) Truef(value bool, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1444,7 +1528,7 @@ func (a *Assertions) Truef(value bool, msg string, args ...interface{}) { // WithinDuration asserts that the two times are within duration delta of each other. // -// a.WithinDuration(time.Now(), time.Now(), 10*time.Second) +// a.WithinDuration(time.Now(), time.Now(), 10*time.Second) func (a *Assertions) WithinDuration(expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1454,7 +1538,7 @@ func (a *Assertions) WithinDuration(expected time.Time, actual time.Time, delta // WithinDurationf asserts that the two times are within duration delta of each other. // -// a.WithinDurationf(time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") +// a.WithinDurationf(time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted") func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1464,7 +1548,7 @@ func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta // WithinRange asserts that a time is within a time range (inclusive). // -// a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) +// a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second)) func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() @@ -1474,7 +1558,7 @@ func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Tim // WithinRangef asserts that a time is within a time range (inclusive). // -// a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") +// a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted") func (a *Assertions) WithinRangef(actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) { if h, ok := a.t.(tHelper); ok { h.Helper() diff --git a/vendor/modules.txt b/vendor/modules.txt index 80b81165c..4de368a1d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -107,8 +107,8 @@ github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/util # github.com/rogpeppe/go-internal v1.10.0 ## explicit; go 1.19 -# github.com/stretchr/testify v1.8.2 -## explicit; go 1.13 +# github.com/stretchr/testify v1.8.3 +## explicit; go 1.20 github.com/stretchr/testify/assert github.com/stretchr/testify/require # github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236 From 5e37590af1c202ba2af4dd8b2921d31729974274 Mon Sep 17 00:00:00 2001 From: guoguangwu Date: Wed, 31 May 2023 14:09:20 +0800 Subject: [PATCH 26/73] code optimization --- bundler/bundler.go | 5 +---- config/config.go | 17 +++++------------ csr/csr.go | 13 +++---------- helpers/derhelpers/derhelpers.go | 8 ++++---- helpers/helpers.go | 5 +---- helpers/testsuite/testing_helpers.go | 2 +- initca/initca.go | 2 +- 7 files changed, 16 insertions(+), 36 deletions(-) diff --git a/bundler/bundler.go b/bundler/bundler.go index a2014c58c..a8e7212d2 100644 --- a/bundler/bundler.go +++ b/bundler/bundler.go @@ -398,10 +398,7 @@ func isSelfSigned(cert *x509.Certificate) bool { } func isChainRootNode(cert *x509.Certificate) bool { - if isSelfSigned(cert) { - return true - } - return false + return isSelfSigned(cert) } func (b *Bundler) verifyChain(chain []*fetchedIntermediate) bool { diff --git a/config/config.go b/config/config.go index f97d64698..438276f69 100644 --- a/config/config.go +++ b/config/config.go @@ -19,6 +19,7 @@ import ( "github.com/cloudflare/cfssl/helpers" "github.com/cloudflare/cfssl/log" ocspConfig "github.com/cloudflare/cfssl/ocsp/config" + // empty import of zlint/v3 required to have lints registered. _ "github.com/zmap/zlint/v3" "github.com/zmap/zlint/v3/lint" @@ -296,7 +297,7 @@ func (p *SigningProfile) populate(cfg *Config) error { if p.AuthRemote.AuthKeyName != "" { log.Debug("match auth remote key in profile to auth_keys section") - if key, ok := cfg.AuthKeys[p.AuthRemote.AuthKeyName]; ok == true { + if key, ok := cfg.AuthKeys[p.AuthRemote.AuthKeyName]; ok { if key.Type == "standard" { p.RemoteProvider, err = auth.New(key.Key, nil) if err != nil { @@ -441,11 +442,7 @@ func (p *Signing) NeedsRemoteSigner() bool { } } - if p.Default.RemoteServer != "" { - return true - } - - return false + return p.Default.RemoteServer != "" } // NeedsLocalSigner returns true if one of the profiles doe not have a remote set @@ -456,11 +453,7 @@ func (p *Signing) NeedsLocalSigner() bool { } } - if p.Default.RemoteServer == "" { - return true - } - - return false + return p.Default.RemoteServer == "" } // Usages parses the list of key uses in the profile, translating them @@ -559,7 +552,7 @@ func (p *SigningProfile) hasLocalConfig() bool { p.OCSP != "" || p.ExpiryString != "" || p.BackdateString != "" || - p.CAConstraint.IsCA != false || + p.CAConstraint.IsCA || !p.NotBefore.IsZero() || !p.NotAfter.IsZero() || p.NameWhitelistString != "" || diff --git a/csr/csr.go b/csr/csr.go index 0ca250994..d0966b824 100644 --- a/csr/csr.go +++ b/csr/csr.go @@ -289,16 +289,11 @@ func getHosts(cert *x509.Certificate) []string { for _, ip := range cert.IPAddresses { hosts = append(hosts, ip.String()) } - for _, dns := range cert.DNSNames { - hosts = append(hosts, dns) - } - for _, email := range cert.EmailAddresses { - hosts = append(hosts, email) - } + hosts = append(hosts, cert.DNSNames...) + hosts = append(hosts, cert.EmailAddresses...) for _, uri := range cert.URIs { hosts = append(hosts, uri.String()) } - return hosts } @@ -482,8 +477,6 @@ func appendCAInfoToCSR(reqConf *CAConfig, csr *x509.CertificateRequest) error { // appendCAInfoToCSR appends user-defined extension to a CSR func appendExtensionsToCSR(extensions []pkix.Extension, csr *x509.CertificateRequest) error { - for _, extension := range extensions { - csr.ExtraExtensions = append(csr.ExtraExtensions, extension) - } + csr.ExtraExtensions = append(csr.ExtraExtensions, extensions...) return nil } diff --git a/helpers/derhelpers/derhelpers.go b/helpers/derhelpers/derhelpers.go index 561691be2..8fe25aad5 100644 --- a/helpers/derhelpers/derhelpers.go +++ b/helpers/derhelpers/derhelpers.go @@ -34,13 +34,13 @@ func ParsePrivateKeyDER(keyDER []byte) (key crypto.Signer, err error) { } } - switch generalKey.(type) { + switch generalKey := generalKey.(type) { case *rsa.PrivateKey: - return generalKey.(*rsa.PrivateKey), nil + return generalKey, nil case *ecdsa.PrivateKey: - return generalKey.(*ecdsa.PrivateKey), nil + return generalKey, nil case ed25519.PrivateKey: - return generalKey.(ed25519.PrivateKey), nil + return generalKey, nil } // should never reach here diff --git a/helpers/helpers.go b/helpers/helpers.go index f45e63a3d..4de2a871b 100644 --- a/helpers/helpers.go +++ b/helpers/helpers.go @@ -120,10 +120,7 @@ func ValidExpiry(c *x509.Certificate) bool { maxMonths = 120 } - if MonthsValid(c) > maxMonths { - return false - } - return true + return MonthsValid(c) <= maxMonths } // SignatureString returns the TLS signature string corresponding to diff --git a/helpers/testsuite/testing_helpers.go b/helpers/testsuite/testing_helpers.go index a6f7c6513..a1de2a36e 100644 --- a/helpers/testsuite/testing_helpers.go +++ b/helpers/testsuite/testing_helpers.go @@ -352,7 +352,7 @@ func cleanCLIOutput(CLIOutput []byte, item string) (cleanedOutput []byte, err er eligibleSearchIndex := strings.Index(outputString, "{") outputString = outputString[eligibleSearchIndex:] // Make sure the item is present in the output. - if strings.Index(outputString, itemString) == -1 { + if !strings.Contains(outputString, itemString) { return nil, errors.New("Item " + item + " not found in CLI Output") } // We add 2 for the [:"] that follows the item diff --git a/initca/initca.go b/initca/initca.go index 40a608502..6767ec10e 100644 --- a/initca/initca.go +++ b/initca/initca.go @@ -157,7 +157,7 @@ func NewFromSigner(req *csr.CertificateRequest, priv crypto.Signer) (cert, csrPE } policy.Default.CAConstraint.MaxPathLen = req.CA.PathLength - if req.CA.PathLength != 0 && req.CA.PathLenZero == true { + if req.CA.PathLength != 0 && req.CA.PathLenZero { log.Infof("ignore invalid 'pathlenzero' value") } else { policy.Default.CAConstraint.MaxPathLenZero = req.CA.PathLenZero From c46cc2b2c398d703c60d6a52d80de31d47552805 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Jun 2023 03:59:38 +0000 Subject: [PATCH 27/73] build(deps): bump github.com/zmap/zlint/v3 from 3.4.1 to 3.5.0 Bumps [github.com/zmap/zlint/v3](https://github.com/zmap/zlint) from 3.4.1 to 3.5.0. - [Release notes](https://github.com/zmap/zlint/releases) - [Commits](https://github.com/zmap/zlint/compare/v3.4.1...v3.5.0) --- updated-dependencies: - dependency-name: github.com/zmap/zlint/v3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 6 +- go.sum | 53 ++- .../weppos/publicsuffix-go/LICENSE.txt | 2 +- .../publicsuffix/publicsuffix.go | 4 +- .../publicsuffix-go/publicsuffix/rules.go | 378 +++++++++++----- .../zmap/zcrypto/cryptobyte/asn1.go | 39 ++ .../zmap/zcrypto/cryptobyte/builder.go | 14 +- .../zmap/zcrypto/encoding/asn1/asn1.go | 2 +- vendor/github.com/zmap/zcrypto/json/ecdhe.go | 2 +- .../zmap/zcrypto/x509/crl_parser.go | 409 ++++++++++++++++++ .../zmap/zcrypto/x509/extended_key_usage.go | 10 + .../zmap/zcrypto/x509/extensions.go | 39 +- .../github.com/zmap/zcrypto/x509/pkix/pkix.go | 14 +- vendor/github.com/zmap/zcrypto/x509/sec1.go | 6 +- vendor/github.com/zmap/zcrypto/x509/x509.go | 355 ++++++++++++++- vendor/github.com/zmap/zlint/v3/lint/base.go | 230 ++++++++-- .../zmap/zlint/v3/lint/configuration.go | 41 +- .../zlint/v3/lint/global_configurations.go | 2 +- .../zmap/zlint/v3/lint/lint_lookup.go | 217 ++++++++++ .../github.com/zmap/zlint/v3/lint/profile.go | 59 +++ .../zmap/zlint/v3/lint/registration.go | 247 ++++++++--- .../github.com/zmap/zlint/v3/lint/result.go | 3 +- .../github.com/zmap/zlint/v3/lint/source.go | 3 +- .../lint_ct_sct_policy_count_unsatisfied.go | 2 +- ...er_cert_valid_time_longer_than_398_days.go | 2 +- ...er_cert_valid_time_longer_than_397_days.go | 2 +- .../zmap/zlint/v3/lints/apple/time.go | 5 +- .../cabf_br/lint_ca_common_name_missing.go | 2 +- .../cabf_br/lint_ca_country_name_invalid.go | 2 +- .../cabf_br/lint_ca_country_name_missing.go | 2 +- .../lints/cabf_br/lint_ca_crl_sign_not_set.go | 2 +- .../lint_ca_digital_signature_not_set.go | 2 +- .../zlint/v3/lints/cabf_br/lint_ca_is_ca.go | 2 +- .../cabf_br/lint_ca_key_cert_sign_not_set.go | 2 +- .../cabf_br/lint_ca_key_usage_missing.go | 2 +- .../cabf_br/lint_ca_key_usage_not_critical.go | 2 +- .../lint_ca_organization_name_missing.go | 2 +- .../lint_cab_dv_conflicts_with_locality.go | 2 +- .../cabf_br/lint_cab_dv_conflicts_with_org.go | 2 +- .../lint_cab_dv_conflicts_with_postal.go | 2 +- .../lint_cab_dv_conflicts_with_province.go | 2 +- .../lint_cab_dv_conflicts_with_street.go | 2 +- .../lint_cab_iv_requires_personal_name.go | 2 +- .../lints/cabf_br/lint_cab_ov_requires_org.go | 2 +- .../lint_cert_policy_iv_requires_country.go | 2 +- ...policy_iv_requires_province_or_locality.go | 2 +- .../lint_cert_policy_ov_requires_country.go | 2 +- ...policy_ov_requires_province_or_locality.go | 2 +- .../lints/cabf_br/lint_dh_params_missing.go | 2 +- .../lint_dnsname_bad_character_in_label.go | 2 +- .../lint_dnsname_check_left_label_wildcard.go | 2 +- .../lint_dnsname_contains_bare_iana_suffix.go | 2 +- .../lint_dnsname_contains_empty_label.go | 2 +- ...name_contains_prohibited_reserved_label.go | 2 +- .../cabf_br/lint_dnsname_hyphen_in_sld.go | 2 +- .../cabf_br/lint_dnsname_label_too_long.go | 2 +- .../lint_dnsname_right_label_valid_tld.go | 2 +- .../cabf_br/lint_dnsname_underscore_in_sld.go | 2 +- .../cabf_br/lint_dnsname_underscore_in_trd.go | 2 +- ..._dnsname_wildcard_left_of_public_suffix.go | 2 +- ...int_dnsname_wildcard_only_in_left_label.go | 2 +- .../lint_dsa_correct_order_in_subgroup.go | 2 +- ...nt_dsa_improper_modulus_or_divisor_size.go | 2 +- .../lint_dsa_shorter_than_2048_bits.go | 2 +- .../lint_dsa_unique_correct_representation.go | 2 +- .../cabf_br/lint_e_sub_ca_aia_missing.go | 2 +- .../lints/cabf_br/lint_ec_improper_curves.go | 2 +- .../lint_ext_nc_intersects_reserved_ip.go | 2 +- .../lint_ext_san_contains_reserved_ip.go | 2 +- .../lint_ext_san_critical_with_subject_dn.go | 2 +- .../lint_ext_san_directory_name_present.go | 2 +- .../lint_ext_san_edi_party_name_present.go | 2 +- .../v3/lints/cabf_br/lint_ext_san_missing.go | 2 +- .../lint_ext_san_other_name_present.go | 2 +- .../lint_ext_san_registered_id_present.go | 2 +- .../lint_ext_san_rfc822_name_present.go | 2 +- ...san_uniform_resource_identifier_present.go | 2 +- ...ext_tor_service_descriptor_hash_invalid.go | 21 +- .../lint_extra_subject_common_names.go | 2 +- .../lint_invalid_certificate_version.go | 2 +- .../lint_no_underscores_before_1_6_2.go | 2 +- ...sp_nocheck_ext_not_included_server_auth.go | 2 +- ...old_root_ca_rsa_mod_less_than_2048_bits.go | 2 +- ..._old_sub_ca_rsa_mod_less_than_1024_bits.go | 2 +- ...ld_sub_cert_rsa_mod_less_than_1024_bits.go | 2 +- ...int_organizational_unit_name_prohibited.go | 2 +- .../lints/cabf_br/lint_prohibit_dsa_usage.go | 2 +- .../lint_public_key_type_not_allowed.go | 2 +- ...aints_path_len_constraint_field_present.go | 2 +- .../lint_root_ca_contains_cert_policy.go | 2 +- ...lint_root_ca_extended_key_usage_present.go | 2 +- ...lint_root_ca_key_usage_must_be_critical.go | 2 +- .../cabf_br/lint_root_ca_key_usage_present.go | 2 +- ...t_rsa_mod_factors_smaller_than_752_bits.go | 2 +- .../lint_rsa_mod_less_than_2048_bits.go | 2 +- .../v3/lints/cabf_br/lint_rsa_mod_not_odd.go | 2 +- .../lint_rsa_public_exponent_not_in_range.go | 2 +- .../lint_rsa_public_exponent_not_odd.go | 2 +- .../lint_rsa_public_exponent_too_small.go | 2 +- .../lint_san_dns_name_onion_invalid.go | 6 +- .../lint_san_dns_name_onion_not_ev_cert.go | 2 +- .../lint_signature_algorithm_not_supported.go | 2 +- ..._ca_aia_does_not_contain_issuing_ca_url.go | 2 +- .../lint_sub_ca_aia_marked_critical.go | 2 +- ...ca_certificate_policies_marked_critical.go | 2 +- ...int_sub_ca_certificate_policies_missing.go | 2 +- ...istribution_points_does_not_contain_url.go | 2 +- ...crl_distribution_points_marked_critical.go | 2 +- ..._sub_ca_crl_distribution_points_missing.go | 2 +- .../lints/cabf_br/lint_sub_ca_eku_critical.go | 2 +- .../lints/cabf_br/lint_sub_ca_eku_missing.go | 2 +- .../cabf_br/lint_sub_ca_eku_valid_fields.go | 2 +- ...nt_sub_ca_name_constraints_not_critical.go | 2 +- ...ert_aia_does_not_contain_issuing_ca_url.go | 2 +- ..._sub_cert_aia_does_not_contain_ocsp_url.go | 2 +- .../lint_sub_cert_aia_marked_critical.go | 2 +- .../cabf_br/lint_sub_cert_aia_missing.go | 2 +- .../lint_sub_cert_cert_policy_empty.go | 2 +- ...rt_certificate_policies_marked_critical.go | 2 +- ...t_sub_cert_certificate_policies_missing.go | 2 +- .../lint_sub_cert_country_name_must_appear.go | 2 +- ...istribution_points_does_not_contain_url.go | 2 +- ...crl_distribution_points_marked_critical.go | 2 +- .../cabf_br/lint_sub_cert_eku_extra_values.go | 2 +- .../cabf_br/lint_sub_cert_eku_missing.go | 2 +- ...ert_eku_server_auth_client_auth_missing.go | 4 +- .../lint_sub_cert_gn_sn_contains_policy.go | 2 +- .../v3/lints/cabf_br/lint_sub_cert_is_ca.go | 2 +- ...nt_sub_cert_key_usage_cert_sign_bit_set.go | 2 +- ...int_sub_cert_key_usage_crl_sign_bit_set.go | 2 +- ...lint_sub_cert_locality_name_must_appear.go | 2 +- ..._sub_cert_locality_name_must_not_appear.go | 2 +- .../lint_sub_cert_or_sub_ca_using_sha1.go | 2 +- .../lint_sub_cert_postal_code_prohibited.go | 2 +- .../lint_sub_cert_province_must_appear.go | 2 +- .../lint_sub_cert_province_must_not_appear.go | 2 +- .../lint_sub_cert_sha1_expiration_too_long.go | 2 +- ...ub_cert_street_address_should_not_exist.go | 2 +- ...b_cert_valid_time_longer_than_39_months.go | 2 +- ...ub_cert_valid_time_longer_than_825_days.go | 2 +- .../lint_subject_common_name_included.go | 2 +- ...ubject_common_name_not_exactly_from_san.go | 2 +- .../lint_subject_common_name_not_from_san.go | 2 +- ...lint_subject_contains_malformed_arpa_ip.go | 2 +- ...subject_contains_noninformational_value.go | 2 +- ...onal_unit_name_and_no_organization_name.go | 2 +- .../lint_subject_contains_reserved_arpa_ip.go | 8 +- .../lint_subject_contains_reserved_ip.go | 2 +- .../cabf_br/lint_subject_country_not_iso.go | 2 +- ...er_algorithm_object_identifier_encoding.go | 8 +- ...t_underscore_not_permissible_in_dnsname.go | 2 +- .../cabf_br/lint_w_sub_ca_aia_missing.go | 2 +- .../lint_ev_business_category_missing.go | 2 +- .../cabf_ev/lint_ev_country_name_missing.go | 2 +- .../v3/lints/cabf_ev/lint_ev_not_wildcard.go | 2 +- .../lint_ev_organization_id_missing.go | 2 +- .../lint_ev_organization_name_missing.go | 2 +- .../cabf_ev/lint_ev_san_ip_address_present.go | 2 +- .../cabf_ev/lint_ev_serial_number_missing.go | 2 +- .../cabf_ev/lint_ev_valid_time_too_long.go | 2 +- ...t_onion_subject_validity_time_too_large.go | 2 +- .../lints/community/lint_ian_bare_wildcard.go | 2 +- .../lint_ian_dns_name_includes_null_char.go | 2 +- .../lint_ian_dns_name_starts_with_period.go | 2 +- .../lint_ian_iana_pub_suffix_empty.go | 2 +- .../community/lint_ian_wildcard_not_first.go | 2 +- .../lints/community/lint_is_redacted_cert.go | 2 +- .../lint_issuer_dn_leading_whitespace.go | 2 +- .../lint_issuer_dn_trailing_whitespace.go | 2 +- .../community/lint_issuer_multiple_rdn.go | 2 +- .../lints/community/lint_rsa_exp_negative.go | 2 +- .../lint_rsa_fermat_factorization.go | 2 +- .../lints/community/lint_rsa_no_public_key.go | 2 +- .../lints/community/lint_san_bare_wildcard.go | 2 +- .../community/lint_san_dns_name_duplicate.go | 2 +- .../lint_san_dns_name_includes_null_char.go | 2 +- .../lint_san_dns_name_starts_with_period.go | 2 +- .../lint_san_iana_pub_suffix_empty.go | 2 +- .../community/lint_san_wildcard_not_first.go | 2 +- .../lint_subject_dn_leading_whitespace.go | 2 +- .../lint_subject_dn_trailing_whitespace.go | 2 +- .../community/lint_subject_multiple_rdn.go | 4 +- .../lint_validity_time_not_positive.go | 2 +- ...lint_qcstatem_etsi_present_qcs_critical.go | 2 +- .../etsi/lint_qcstatem_etsi_type_as_statem.go | 2 +- .../lint_qcstatem_mandatory_etsi_statems.go | 2 +- .../etsi/lint_qcstatem_qccompliance_valid.go | 2 +- .../etsi/lint_qcstatem_qclimitvalue_valid.go | 2 +- .../etsi/lint_qcstatem_qcpds_lang_case.go | 2 +- .../lints/etsi/lint_qcstatem_qcpds_valid.go | 2 +- .../lint_qcstatem_qcretentionperiod_valid.go | 2 +- .../lints/etsi/lint_qcstatem_qcsscd_valid.go | 2 +- .../lints/etsi/lint_qcstatem_qctype_valid.go | 2 +- .../v3/lints/etsi/lint_qcstatem_qctype_web.go | 4 +- .../mozilla/lint_e_prohibit_dsa_usage.go | 2 +- .../v3/lints/mozilla/lint_mp_allowed_eku.go | 2 +- ...int_mp_authority_key_identifier_correct.go | 2 +- .../lint_mp_ecdsa_pub_key_encoding_correct.go | 2 +- ...int_mp_ecdsa_signature_encoding_correct.go | 2 +- .../mozilla/lint_mp_exponent_cannot_be_one.go | 2 +- ...nt_mp_modulus_must_be_2048_bits_or_more.go | 2 +- .../lint_mp_modulus_must_be_divisible_by_8.go | 2 +- ...lint_mp_pss_parameters_encoding_correct.go | 2 +- .../mozilla/lint_mp_rsassa-pss_in_spki.go | 2 +- .../lint_basic_constraints_not_critical.go | 2 +- .../lints/rfc/lint_ca_subject_field_empty.go | 2 +- .../lint_cert_contains_unique_identifier.go | 2 +- .../rfc/lint_cert_extensions_version_not_3.go | 2 +- ...rt_unique_identifier_version_not_2_or_3.go | 6 +- .../v3/lints/rfc/lint_crl_has_next_update.go | 56 +++ .../rfc/lint_distribution_point_incomplete.go | 2 +- ..._distribution_point_missing_ldap_or_uri.go | 2 +- .../rfc/lint_dnsname_contains_empty_label.go | 2 +- .../lints/rfc/lint_dnsname_hyphen_in_sld.go | 2 +- .../lints/rfc/lint_dnsname_label_too_long.go | 2 +- .../rfc/lint_dnsname_underscore_in_sld.go | 2 +- .../rfc/lint_dnsname_underscore_in_trd.go | 2 +- .../v3/lints/rfc/lint_ecdsa_allowed_ku.go | 18 +- .../v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go | 2 +- .../lints/rfc/lint_eku_critical_improperly.go | 2 +- .../lint_ext_aia_access_location_missing.go | 2 +- .../lints/rfc/lint_ext_aia_marked_critical.go | 2 +- ...t_ext_authority_key_identifier_critical.go | 2 +- ...nt_ext_authority_key_identifier_missing.go | 2 +- ...hority_key_identifier_no_key_identifier.go | 2 +- ...lint_ext_cert_policy_contains_noticeref.go | 2 +- ..._policy_disallowed_any_policy_qualifier.go | 2 +- .../rfc/lint_ext_cert_policy_duplicate.go | 2 +- ...xt_cert_policy_explicit_text_ia5_string.go | 2 +- ...t_policy_explicit_text_includes_control.go | 2 +- ...t_ext_cert_policy_explicit_text_not_nfc.go | 2 +- ..._ext_cert_policy_explicit_text_not_utf8.go | 2 +- ..._ext_cert_policy_explicit_text_too_long.go | 2 +- ...nt_ext_crl_distribution_marked_critical.go | 2 +- .../lints/rfc/lint_ext_duplicate_extension.go | 2 +- .../lint_ext_freshest_crl_marked_critical.go | 2 +- .../v3/lints/rfc/lint_ext_ian_critical.go | 2 +- .../rfc/lint_ext_ian_dns_not_ia5_string.go | 2 +- .../v3/lints/rfc/lint_ext_ian_empty_name.go | 2 +- .../v3/lints/rfc/lint_ext_ian_no_entries.go | 2 +- .../rfc/lint_ext_ian_rfc822_format_invalid.go | 2 +- .../lints/rfc/lint_ext_ian_space_dns_name.go | 2 +- .../rfc/lint_ext_ian_uri_format_invalid.go | 2 +- .../lint_ext_ian_uri_host_not_fqdn_or_ip.go | 2 +- .../v3/lints/rfc/lint_ext_ian_uri_not_ia5.go | 2 +- .../v3/lints/rfc/lint_ext_ian_uri_relative.go | 2 +- ...lint_ext_key_usage_cert_sign_without_ca.go | 2 +- .../rfc/lint_ext_key_usage_not_critical.go | 2 +- .../rfc/lint_ext_key_usage_without_bits.go | 2 +- .../lint_ext_name_constraints_not_critical.go | 2 +- .../lint_ext_name_constraints_not_in_ca.go | 2 +- .../rfc/lint_ext_policy_constraints_empty.go | 2 +- ...int_ext_policy_constraints_not_critical.go | 2 +- .../rfc/lint_ext_policy_map_any_policy.go | 2 +- .../rfc/lint_ext_policy_map_not_critical.go | 2 +- .../lint_ext_policy_map_not_in_cert_policy.go | 2 +- .../rfc/lint_ext_san_dns_name_too_long.go | 2 +- .../rfc/lint_ext_san_dns_not_ia5_string.go | 2 +- .../v3/lints/rfc/lint_ext_san_empty_name.go | 2 +- .../v3/lints/rfc/lint_ext_san_no_entries.go | 2 +- ...nt_ext_san_not_critical_without_subject.go | 2 +- .../rfc/lint_ext_san_rfc822_format_invalid.go | 2 +- .../lints/rfc/lint_ext_san_space_dns_name.go | 2 +- .../rfc/lint_ext_san_uri_format_invalid.go | 2 +- .../lint_ext_san_uri_host_not_fqdn_or_ip.go | 2 +- .../v3/lints/rfc/lint_ext_san_uri_not_ia5.go | 2 +- .../v3/lints/rfc/lint_ext_san_uri_relative.go | 2 +- ...int_ext_subject_directory_attr_critical.go | 2 +- ...int_ext_subject_key_identifier_critical.go | 2 +- ...t_ext_subject_key_identifier_missing_ca.go | 2 +- ...subject_key_identifier_missing_sub_cert.go | 2 +- ...neralized_time_does_not_include_seconds.go | 2 +- ...eralized_time_includes_fraction_seconds.go | 2 +- .../rfc/lint_generalized_time_not_in_zulu.go | 2 +- .../rfc/lint_idn_dnsname_malformed_unicode.go | 2 +- .../lints/rfc/lint_idn_dnsname_must_be_nfc.go | 2 +- .../lints/rfc/lint_incorrect_ku_encoding.go | 2 +- .../lint_inhibit_any_policy_not_critical.go | 2 +- ..._issuer_dn_country_not_printable_string.go | 2 +- .../v3/lints/rfc/lint_issuer_field_empty.go | 2 +- .../rfc/lint_key_usage_incorrect_length.go | 2 +- .../lints/rfc/lint_name_constraint_empty.go | 2 +- ...lint_name_constraint_maximum_not_absent.go | 2 +- .../lint_name_constraint_minimum_non_zero.go | 2 +- .../rfc/lint_name_constraint_not_fqdn.go | 2 +- .../lint_name_constraint_on_edi_party_name.go | 2 +- .../lint_name_constraint_on_registered_id.go | 2 +- .../lints/rfc/lint_name_constraint_on_x400.go | 2 +- ...path_len_constraint_improperly_included.go | 2 +- .../lint_path_len_constraint_zero_or_less.go | 2 +- .../v3/lints/rfc/lint_rsa_allowed_ku_ca.go | 2 +- .../v3/lints/rfc/lint_rsa_allowed_ku_ee.go | 2 +- .../lint_rsa_allowed_ku_no_encipherment_ca.go | 2 +- ...int_serial_number_longer_than_20_octets.go | 2 +- .../rfc/lint_serial_number_not_positive.go | 2 +- ..._spki_rsa_encryption_parameter_not_null.go | 2 +- .../lint_subject_common_name_max_length.go | 2 +- ...subject_dn_country_not_printable_string.go | 2 +- ...int_subject_dn_not_printable_characters.go | 2 +- ...int_subject_dn_serial_number_max_length.go | 2 +- ...t_dn_serial_number_not_printable_string.go | 2 +- .../rfc/lint_subject_email_max_length.go | 2 +- .../rfc/lint_subject_empty_without_san.go | 2 +- .../rfc/lint_subject_given_name_max_length.go | 2 +- ...bject_given_name_recommended_max_length.go | 2 +- ...int_subject_info_access_marked_critical.go | 2 +- .../lint_subject_locality_name_max_length.go | 2 +- .../zlint/v3/lints/rfc/lint_subject_not_dn.go | 2 +- ...nt_subject_organization_name_max_length.go | 2 +- ...ect_organizational_unit_name_max_length.go | 2 +- .../lint_subject_postal_code_max_length.go | 2 +- .../lint_subject_printable_string_badalpha.go | 2 +- .../rfc/lint_subject_state_name_max_length.go | 2 +- .../lint_subject_street_address_max_length.go | 2 +- .../rfc/lint_subject_surname_max_length.go | 2 +- ..._subject_surname_recommended_max_length.go | 2 +- .../lints/rfc/lint_superfluous_ku_encoding.go | 2 +- ...ignature_alg_matches_cert_signature_alg.go | 2 +- ...ature_rsa_encryption_parameter_not_null.go | 2 +- .../lint_utc_time_does_not_include_seconds.go | 2 +- .../v3/lints/rfc/lint_utc_time_not_in_zulu.go | 2 +- .../rfc/lint_wrong_time_format_pre2050.go | 2 +- vendor/github.com/zmap/zlint/v3/newProfile.sh | 30 ++ .../github.com/zmap/zlint/v3/profileTemplate | 27 ++ vendor/github.com/zmap/zlint/v3/resultset.go | 25 +- vendor/github.com/zmap/zlint/v3/template | 2 +- .../zlint/v3/util/algorithm_identifier.go | 45 +- vendor/github.com/zmap/zlint/v3/util/ca.go | 2 +- .../zmap/zlint/v3/util/countries.go | 2 +- .../zmap/zlint/v3/util/encodings.go | 2 +- vendor/github.com/zmap/zlint/v3/util/ev.go | 2 +- vendor/github.com/zmap/zlint/v3/util/fqdn.go | 2 +- vendor/github.com/zmap/zlint/v3/util/gtld.go | 2 +- .../github.com/zmap/zlint/v3/util/gtld_map.go | 4 +- vendor/github.com/zmap/zlint/v3/util/idna.go | 2 +- vendor/github.com/zmap/zlint/v3/util/ip.go | 15 +- vendor/github.com/zmap/zlint/v3/util/names.go | 2 +- vendor/github.com/zmap/zlint/v3/util/oid.go | 4 +- vendor/github.com/zmap/zlint/v3/util/onion.go | 11 +- .../github.com/zmap/zlint/v3/util/primes.go | 2 +- .../github.com/zmap/zlint/v3/util/qc_stmt.go | 2 +- vendor/github.com/zmap/zlint/v3/util/rdn.go | 2 +- vendor/github.com/zmap/zlint/v3/util/time.go | 2 +- vendor/github.com/zmap/zlint/v3/zlint.go | 32 +- vendor/modules.txt | 8 +- 345 files changed, 2408 insertions(+), 670 deletions(-) create mode 100644 vendor/github.com/zmap/zcrypto/x509/crl_parser.go create mode 100644 vendor/github.com/zmap/zlint/v3/lint/lint_lookup.go create mode 100644 vendor/github.com/zmap/zlint/v3/lint/profile.go create mode 100644 vendor/github.com/zmap/zlint/v3/lints/rfc/lint_crl_has_next_update.go create mode 100644 vendor/github.com/zmap/zlint/v3/newProfile.sh create mode 100644 vendor/github.com/zmap/zlint/v3/profileTemplate diff --git a/go.mod b/go.mod index 71a80fd4c..f4bcaa156 100644 --- a/go.mod +++ b/go.mod @@ -15,8 +15,8 @@ require ( github.com/mattn/go-sqlite3 v1.14.16 github.com/prometheus/client_golang v1.15.1 github.com/stretchr/testify v1.8.3 - github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac - github.com/zmap/zlint/v3 v3.4.1 + github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 + github.com/zmap/zlint/v3 v3.5.0 golang.org/x/crypto v0.9.0 ) @@ -35,7 +35,7 @@ require ( github.com/prometheus/common v0.42.0 // indirect github.com/prometheus/procfs v0.9.0 // indirect github.com/rogpeppe/go-internal v1.10.0 // indirect - github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236 // indirect + github.com/weppos/publicsuffix-go v0.30.0 // indirect github.com/ziutek/mymysql v1.5.4 // indirect golang.org/x/net v0.10.0 // indirect golang.org/x/sys v0.8.0 // indirect diff --git a/go.sum b/go.sum index ee6cab168..b99f43a89 100644 --- a/go.sum +++ b/go.sum @@ -161,6 +161,7 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= @@ -253,6 +254,7 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ= github.com/mreiferson/go-httpclient v0.0.0-20160630210159-31f0106b4474/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8= +github.com/mreiferson/go-httpclient v0.0.0-20201222173833-5e475fde3a4d/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg= @@ -311,6 +313,8 @@ github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPx github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= +github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= +github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= @@ -324,6 +328,7 @@ github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= @@ -335,8 +340,11 @@ github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyC github.com/valyala/fasthttp v1.6.0/go.mod h1:FstJa9V+Pj9vQ7OJie2qMHdwemEDaDiSdBnvPM1Su9w= github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio= -github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236 h1:vMJBP3PQViZsF6cOINtvyMC8ptpLsyJ4EwyFnzuWNxc= -github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236/go.mod h1:HYux0V0Zi04bHNwOHy4cXJVz/TQjYonnF6aoYhj+3QE= +github.com/weppos/publicsuffix-go v0.12.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= +github.com/weppos/publicsuffix-go v0.13.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= +github.com/weppos/publicsuffix-go v0.30.0 h1:QHPZ2GRu/YE7cvejH9iyavPOkVCB4dNxp2ZvtT+vQLY= +github.com/weppos/publicsuffix-go v0.30.0/go.mod h1:kBi8zwYnR0zrbm8RcuN1o9Fzgpnnn+btVN8uWPMyXAY= +github.com/weppos/publicsuffix-go/publicsuffix/generator v0.0.0-20220927085643-dc0d00c92642/go.mod h1:GHfoeIdZLdZmLjMlzBftbTDntahTttUMWjxZwQJhULE= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= @@ -348,14 +356,20 @@ github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/ziutek/mymysql v1.5.4 h1:GB0qdRGsTwQSBVYuVShFBKaXSnSnYYC2d9knnE1LHFs= github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0= github.com/zmap/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE= +github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE= github.com/zmap/zcertificate v0.0.0-20180516150559-0e3d58b1bac4/go.mod h1:5iU54tB79AMBcySS0R2XIyZBAVmeHranShAFELYx7is= -github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac h1:+nr36qrZEH0RIYNjcUEnOrCUdcSG3om2ANaFA6iSVWA= -github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac/go.mod h1:egdRkzUylATvPkWMpebZbXhv0FMEMJGX/ur0D3Csk2s= -github.com/zmap/zlint/v3 v3.4.1 h1:zhGB2Q1oPNS+bODC5tTPlKDOnLfDGyxejgAEp1SfFiQ= -github.com/zmap/zlint/v3 v3.4.1/go.mod h1:WgepL2QqxyMHnrOWJ54NqrgfMtOyuXr52wEE0tcfo9k= +github.com/zmap/zcertificate v0.0.1/go.mod h1:q0dlN54Jm4NVSSuzisusQY0hqDWvu92C+TWveAxiVWk= +github.com/zmap/zcrypto v0.0.0-20201128221613-3719af1573cf/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= +github.com/zmap/zcrypto v0.0.0-20201211161100-e54a5822fb7e/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ= +github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 h1:DZH5n7L3L8RxKdSyJHZt7WePgwdhHnPhQFdQSJaHF+o= +github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300/go.mod h1:mOd4yUMgn2fe2nV9KXsa9AyQBFZGzygVPovsZR+Rl5w= +github.com/zmap/zlint/v3 v3.0.0/go.mod h1:paGwFySdHIBEMJ61YjoqT4h7Ge+fdYG4sUQhnTb1lJ8= +github.com/zmap/zlint/v3 v3.5.0 h1:Eh2B5t6VKgVH0DFmTwOqE50POvyDhUaU9T2mJOe1vfQ= +github.com/zmap/zlint/v3 v3.5.0/go.mod h1:JkNSrsDJ8F4VRtBZcYUQSvnWFL7utcjDIn+FE64mlBI= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= @@ -371,7 +385,9 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= +golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g= golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -404,6 +420,8 @@ golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= +golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -437,8 +455,13 @@ golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81R golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210525063256-abc453219eb5/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= +golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= +golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= +golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -456,6 +479,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -495,22 +520,35 @@ golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211013075003-97ac67df715c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= +golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= +golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= +golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= +golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= +golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -559,6 +597,8 @@ golang.org/x/tools v0.0.0-20200618134242-20370b0cb4b2/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA= +golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= +golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -660,6 +700,7 @@ gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20191120175047-4206685974f2/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/vendor/github.com/weppos/publicsuffix-go/LICENSE.txt b/vendor/github.com/weppos/publicsuffix-go/LICENSE.txt index 079a934f9..9c05936bd 100644 --- a/vendor/github.com/weppos/publicsuffix-go/LICENSE.txt +++ b/vendor/github.com/weppos/publicsuffix-go/LICENSE.txt @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2016-2020 Simone Carletti +Copyright (c) 2016-2022 Simone Carletti Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/vendor/github.com/weppos/publicsuffix-go/publicsuffix/publicsuffix.go b/vendor/github.com/weppos/publicsuffix-go/publicsuffix/publicsuffix.go index 689a89f26..69422e9db 100644 --- a/vendor/github.com/weppos/publicsuffix-go/publicsuffix/publicsuffix.go +++ b/vendor/github.com/weppos/publicsuffix-go/publicsuffix/publicsuffix.go @@ -20,7 +20,7 @@ const ( // Version identifies the current library version. // This is a pro forma convention given that Go dependencies // tends to be fetched directly from the repo. - Version = "0.15.0" + Version = "0.30.0" // NormalType represents a normal rule such as "com" NormalType = 1 @@ -540,5 +540,5 @@ func (l cookiejarList) PublicSuffix(domain string) string { // PublicSuffix implements cookiejar.String. func (cookiejarList) String() string { - return defaultListVersion + return ListVersion } diff --git a/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go b/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go index a3f887e00..99df464c7 100644 --- a/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go +++ b/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go @@ -3,13 +3,13 @@ package publicsuffix -const defaultListVersion = "PSL version fd5650 (Sun Mar 27 15:19:06 2022)" +const ListVersion = "PSL version 8ec4d3 (Thu Feb 16 18:32:38 2023)" -func DefaultRules() [9333]Rule { +func DefaultRules() [9507]Rule { return r } -var r = [9333]Rule{ +var r = [9507]Rule{ {1, "ac", 1, false}, {1, "com.ac", 2, false}, {1, "edu.ac", 2, false}, @@ -307,9 +307,26 @@ var r = [9333]Rule{ {1, "org.bi", 2, false}, {1, "biz", 1, false}, {1, "bj", 1, false}, - {1, "asso.bj", 2, false}, - {1, "barreau.bj", 2, false}, - {1, "gouv.bj", 2, false}, + {1, "africa.bj", 2, false}, + {1, "agro.bj", 2, false}, + {1, "architectes.bj", 2, false}, + {1, "assur.bj", 2, false}, + {1, "avocats.bj", 2, false}, + {1, "co.bj", 2, false}, + {1, "com.bj", 2, false}, + {1, "eco.bj", 2, false}, + {1, "econo.bj", 2, false}, + {1, "edu.bj", 2, false}, + {1, "info.bj", 2, false}, + {1, "loisirs.bj", 2, false}, + {1, "money.bj", 2, false}, + {1, "net.bj", 2, false}, + {1, "org.bj", 2, false}, + {1, "ote.bj", 2, false}, + {1, "resto.bj", 2, false}, + {1, "restaurant.bj", 2, false}, + {1, "tourism.bj", 2, false}, + {1, "univ.bj", 2, false}, {1, "bm", 1, false}, {1, "com.bm", 2, false}, {1, "edu.bm", 2, false}, @@ -1034,6 +1051,11 @@ var r = [9333]Rule{ {1, "muni.il", 2, false}, {1, "net.il", 2, false}, {1, "org.il", 2, false}, + {1, "xn--4dbrk0ce", 1, false}, + {1, "xn--4dbgdty6c.xn--4dbrk0ce", 2, false}, + {1, "xn--5dbhl8d.xn--4dbrk0ce", 2, false}, + {1, "xn--8dbq2a.xn--4dbrk0ce", 2, false}, + {1, "xn--hebda8b.xn--4dbrk0ce", 2, false}, {1, "im", 1, false}, {1, "ac.im", 2, false}, {1, "co.im", 2, false}, @@ -1045,18 +1067,47 @@ var r = [9333]Rule{ {1, "tt.im", 2, false}, {1, "tv.im", 2, false}, {1, "in", 1, false}, + {1, "5g.in", 2, false}, + {1, "6g.in", 2, false}, + {1, "ac.in", 2, false}, + {1, "ai.in", 2, false}, + {1, "am.in", 2, false}, + {1, "bihar.in", 2, false}, + {1, "biz.in", 2, false}, + {1, "business.in", 2, false}, + {1, "ca.in", 2, false}, + {1, "cn.in", 2, false}, {1, "co.in", 2, false}, + {1, "com.in", 2, false}, + {1, "coop.in", 2, false}, + {1, "cs.in", 2, false}, + {1, "delhi.in", 2, false}, + {1, "dr.in", 2, false}, + {1, "edu.in", 2, false}, + {1, "er.in", 2, false}, {1, "firm.in", 2, false}, - {1, "net.in", 2, false}, - {1, "org.in", 2, false}, {1, "gen.in", 2, false}, + {1, "gov.in", 2, false}, + {1, "gujarat.in", 2, false}, {1, "ind.in", 2, false}, + {1, "info.in", 2, false}, + {1, "int.in", 2, false}, + {1, "internet.in", 2, false}, + {1, "io.in", 2, false}, + {1, "me.in", 2, false}, + {1, "mil.in", 2, false}, + {1, "net.in", 2, false}, {1, "nic.in", 2, false}, - {1, "ac.in", 2, false}, - {1, "edu.in", 2, false}, + {1, "org.in", 2, false}, + {1, "pg.in", 2, false}, + {1, "post.in", 2, false}, + {1, "pro.in", 2, false}, {1, "res.in", 2, false}, - {1, "gov.in", 2, false}, - {1, "mil.in", 2, false}, + {1, "travel.in", 2, false}, + {1, "tv.in", 2, false}, + {1, "uk.in", 2, false}, + {1, "up.in", 2, false}, + {1, "us.in", 2, false}, {1, "info", 1, false}, {1, "int", 1, false}, {1, "eu.int", 2, false}, @@ -6206,7 +6257,6 @@ var r = [9333]Rule{ {1, "accountants", 1, false}, {1, "aco", 1, false}, {1, "actor", 1, false}, - {1, "adac", 1, false}, {1, "ads", 1, false}, {1, "adult", 1, false}, {1, "aeg", 1, false}, @@ -6331,7 +6381,6 @@ var r = [9333]Rule{ {1, "broker", 1, false}, {1, "brother", 1, false}, {1, "brussels", 1, false}, - {1, "bugatti", 1, false}, {1, "build", 1, false}, {1, "builders", 1, false}, {1, "business", 1, false}, @@ -6346,7 +6395,6 @@ var r = [9333]Rule{ {1, "cam", 1, false}, {1, "camera", 1, false}, {1, "camp", 1, false}, - {1, "cancerresearch", 1, false}, {1, "canon", 1, false}, {1, "capetown", 1, false}, {1, "capital", 1, false}, @@ -6773,7 +6821,6 @@ var r = [9333]Rule{ {1, "loans", 1, false}, {1, "locker", 1, false}, {1, "locus", 1, false}, - {1, "loft", 1, false}, {1, "lol", 1, false}, {1, "london", 1, false}, {1, "lotte", 1, false}, @@ -7036,7 +7083,6 @@ var r = [9333]Rule{ {1, "select", 1, false}, {1, "sener", 1, false}, {1, "services", 1, false}, - {1, "ses", 1, false}, {1, "seven", 1, false}, {1, "sew", 1, false}, {1, "sex", 1, false}, @@ -7289,7 +7335,6 @@ var r = [9333]Rule{ {1, "xn--io0a7i", 1, false}, {1, "xn--j1aef", 1, false}, {1, "xn--jlq480n2rg", 1, false}, - {1, "xn--jlq61u9w7b", 1, false}, {1, "xn--jvr189m", 1, false}, {1, "xn--kcrx77d1x4a", 1, false}, {1, "xn--kput3i", 1, false}, @@ -7351,51 +7396,71 @@ var r = [9333]Rule{ {1, "611.to", 2, true}, {1, "graphox.us", 2, true}, {2, "devcdnaccesso.com", 3, true}, + {2, "on-acorn.io", 3, true}, + {1, "activetrail.biz", 2, true}, {1, "adobeaemcloud.com", 2, true}, {2, "dev.adobeaemcloud.com", 4, true}, {1, "hlx.live", 2, true}, {1, "adobeaemcloud.net", 2, true}, {1, "hlx.page", 2, true}, {1, "hlx3.page", 2, true}, + {1, "adobeio-static.net", 2, true}, + {1, "adobeioruntime.net", 2, true}, {1, "beep.pl", 2, true}, {1, "airkitapps.com", 2, true}, {1, "airkitapps-au.com", 2, true}, {1, "airkitapps.eu", 2, true}, {1, "aivencloud.com", 2, true}, + {1, "akadns.net", 2, true}, + {1, "akamai.net", 2, true}, + {1, "akamai-staging.net", 2, true}, + {1, "akamaiedge.net", 2, true}, + {1, "akamaiedge-staging.net", 2, true}, + {1, "akamaihd.net", 2, true}, + {1, "akamaihd-staging.net", 2, true}, + {1, "akamaiorigin.net", 2, true}, + {1, "akamaiorigin-staging.net", 2, true}, + {1, "akamaized.net", 2, true}, + {1, "akamaized-staging.net", 2, true}, + {1, "edgekey.net", 2, true}, + {1, "edgekey-staging.net", 2, true}, + {1, "edgesuite.net", 2, true}, + {1, "edgesuite-staging.net", 2, true}, {1, "barsy.ca", 2, true}, {2, "compute.estate", 3, true}, {2, "alces.network", 3, true}, {1, "kasserver.com", 2, true}, {1, "altervista.org", 2, true}, {1, "alwaysdata.net", 2, true}, + {1, "myamaze.net", 2, true}, {1, "cloudfront.net", 2, true}, {2, "compute.amazonaws.com", 4, true}, {2, "compute-1.amazonaws.com", 4, true}, {2, "compute.amazonaws.com.cn", 5, true}, {1, "us-east-1.amazonaws.com", 3, true}, - {1, "cn-north-1.eb.amazonaws.com.cn", 5, true}, - {1, "cn-northwest-1.eb.amazonaws.com.cn", 5, true}, - {1, "elasticbeanstalk.com", 2, true}, - {1, "ap-northeast-1.elasticbeanstalk.com", 3, true}, - {1, "ap-northeast-2.elasticbeanstalk.com", 3, true}, - {1, "ap-northeast-3.elasticbeanstalk.com", 3, true}, - {1, "ap-south-1.elasticbeanstalk.com", 3, true}, - {1, "ap-southeast-1.elasticbeanstalk.com", 3, true}, - {1, "ap-southeast-2.elasticbeanstalk.com", 3, true}, - {1, "ca-central-1.elasticbeanstalk.com", 3, true}, - {1, "eu-central-1.elasticbeanstalk.com", 3, true}, - {1, "eu-west-1.elasticbeanstalk.com", 3, true}, - {1, "eu-west-2.elasticbeanstalk.com", 3, true}, - {1, "eu-west-3.elasticbeanstalk.com", 3, true}, - {1, "sa-east-1.elasticbeanstalk.com", 3, true}, - {1, "us-east-1.elasticbeanstalk.com", 3, true}, - {1, "us-east-2.elasticbeanstalk.com", 3, true}, - {1, "us-gov-west-1.elasticbeanstalk.com", 3, true}, - {1, "us-west-1.elasticbeanstalk.com", 3, true}, - {1, "us-west-2.elasticbeanstalk.com", 3, true}, - {2, "elb.amazonaws.com", 4, true}, - {2, "elb.amazonaws.com.cn", 5, true}, - {1, "awsglobalaccelerator.com", 2, true}, + {1, "s3.cn-north-1.amazonaws.com.cn", 5, true}, + {1, "s3.dualstack.ap-northeast-1.amazonaws.com", 5, true}, + {1, "s3.dualstack.ap-northeast-2.amazonaws.com", 5, true}, + {1, "s3.ap-northeast-2.amazonaws.com", 4, true}, + {1, "s3-website.ap-northeast-2.amazonaws.com", 4, true}, + {1, "s3.dualstack.ap-south-1.amazonaws.com", 5, true}, + {1, "s3.ap-south-1.amazonaws.com", 4, true}, + {1, "s3-website.ap-south-1.amazonaws.com", 4, true}, + {1, "s3.dualstack.ap-southeast-1.amazonaws.com", 5, true}, + {1, "s3.dualstack.ap-southeast-2.amazonaws.com", 5, true}, + {1, "s3.dualstack.ca-central-1.amazonaws.com", 5, true}, + {1, "s3.ca-central-1.amazonaws.com", 4, true}, + {1, "s3-website.ca-central-1.amazonaws.com", 4, true}, + {1, "s3.dualstack.eu-central-1.amazonaws.com", 5, true}, + {1, "s3.eu-central-1.amazonaws.com", 4, true}, + {1, "s3-website.eu-central-1.amazonaws.com", 4, true}, + {1, "s3.dualstack.eu-west-1.amazonaws.com", 5, true}, + {1, "s3.dualstack.eu-west-2.amazonaws.com", 5, true}, + {1, "s3.eu-west-2.amazonaws.com", 4, true}, + {1, "s3-website.eu-west-2.amazonaws.com", 4, true}, + {1, "s3.dualstack.eu-west-3.amazonaws.com", 5, true}, + {1, "s3.eu-west-3.amazonaws.com", 4, true}, + {1, "s3-website.eu-west-3.amazonaws.com", 4, true}, {1, "s3.amazonaws.com", 3, true}, {1, "s3-ap-northeast-1.amazonaws.com", 3, true}, {1, "s3-ap-northeast-2.amazonaws.com", 3, true}, @@ -7410,46 +7475,90 @@ var r = [9333]Rule{ {1, "s3-external-1.amazonaws.com", 3, true}, {1, "s3-fips-us-gov-west-1.amazonaws.com", 3, true}, {1, "s3-sa-east-1.amazonaws.com", 3, true}, - {1, "s3-us-gov-west-1.amazonaws.com", 3, true}, {1, "s3-us-east-2.amazonaws.com", 3, true}, + {1, "s3-us-gov-west-1.amazonaws.com", 3, true}, {1, "s3-us-west-1.amazonaws.com", 3, true}, {1, "s3-us-west-2.amazonaws.com", 3, true}, - {1, "s3.ap-northeast-2.amazonaws.com", 4, true}, - {1, "s3.ap-south-1.amazonaws.com", 4, true}, - {1, "s3.cn-north-1.amazonaws.com.cn", 5, true}, - {1, "s3.ca-central-1.amazonaws.com", 4, true}, - {1, "s3.eu-central-1.amazonaws.com", 4, true}, - {1, "s3.eu-west-2.amazonaws.com", 4, true}, - {1, "s3.eu-west-3.amazonaws.com", 4, true}, - {1, "s3.us-east-2.amazonaws.com", 4, true}, - {1, "s3.dualstack.ap-northeast-1.amazonaws.com", 5, true}, - {1, "s3.dualstack.ap-northeast-2.amazonaws.com", 5, true}, - {1, "s3.dualstack.ap-south-1.amazonaws.com", 5, true}, - {1, "s3.dualstack.ap-southeast-1.amazonaws.com", 5, true}, - {1, "s3.dualstack.ap-southeast-2.amazonaws.com", 5, true}, - {1, "s3.dualstack.ca-central-1.amazonaws.com", 5, true}, - {1, "s3.dualstack.eu-central-1.amazonaws.com", 5, true}, - {1, "s3.dualstack.eu-west-1.amazonaws.com", 5, true}, - {1, "s3.dualstack.eu-west-2.amazonaws.com", 5, true}, - {1, "s3.dualstack.eu-west-3.amazonaws.com", 5, true}, - {1, "s3.dualstack.sa-east-1.amazonaws.com", 5, true}, - {1, "s3.dualstack.us-east-1.amazonaws.com", 5, true}, - {1, "s3.dualstack.us-east-2.amazonaws.com", 5, true}, - {1, "s3-website-us-east-1.amazonaws.com", 3, true}, - {1, "s3-website-us-west-1.amazonaws.com", 3, true}, - {1, "s3-website-us-west-2.amazonaws.com", 3, true}, {1, "s3-website-ap-northeast-1.amazonaws.com", 3, true}, {1, "s3-website-ap-southeast-1.amazonaws.com", 3, true}, {1, "s3-website-ap-southeast-2.amazonaws.com", 3, true}, {1, "s3-website-eu-west-1.amazonaws.com", 3, true}, {1, "s3-website-sa-east-1.amazonaws.com", 3, true}, - {1, "s3-website.ap-northeast-2.amazonaws.com", 4, true}, - {1, "s3-website.ap-south-1.amazonaws.com", 4, true}, - {1, "s3-website.ca-central-1.amazonaws.com", 4, true}, - {1, "s3-website.eu-central-1.amazonaws.com", 4, true}, - {1, "s3-website.eu-west-2.amazonaws.com", 4, true}, - {1, "s3-website.eu-west-3.amazonaws.com", 4, true}, + {1, "s3-website-us-east-1.amazonaws.com", 3, true}, + {1, "s3-website-us-west-1.amazonaws.com", 3, true}, + {1, "s3-website-us-west-2.amazonaws.com", 3, true}, + {1, "s3.dualstack.sa-east-1.amazonaws.com", 5, true}, + {1, "s3.dualstack.us-east-1.amazonaws.com", 5, true}, + {1, "s3.dualstack.us-east-2.amazonaws.com", 5, true}, + {1, "s3.us-east-2.amazonaws.com", 4, true}, {1, "s3-website.us-east-2.amazonaws.com", 4, true}, + {1, "vfs.cloud9.af-south-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.af-south-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.ap-east-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.ap-east-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.ap-northeast-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.ap-northeast-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.ap-northeast-2.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.ap-northeast-2.amazonaws.com", 5, true}, + {1, "vfs.cloud9.ap-northeast-3.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.ap-northeast-3.amazonaws.com", 5, true}, + {1, "vfs.cloud9.ap-south-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.ap-south-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.ap-southeast-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.ap-southeast-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.ap-southeast-2.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.ap-southeast-2.amazonaws.com", 5, true}, + {1, "vfs.cloud9.ca-central-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.ca-central-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.eu-central-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.eu-central-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.eu-north-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.eu-north-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.eu-south-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.eu-south-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.eu-west-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.eu-west-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.eu-west-2.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.eu-west-2.amazonaws.com", 5, true}, + {1, "vfs.cloud9.eu-west-3.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.eu-west-3.amazonaws.com", 5, true}, + {1, "vfs.cloud9.me-south-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.me-south-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.sa-east-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.sa-east-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.us-east-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.us-east-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.us-east-2.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.us-east-2.amazonaws.com", 5, true}, + {1, "vfs.cloud9.us-west-1.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.us-west-1.amazonaws.com", 5, true}, + {1, "vfs.cloud9.us-west-2.amazonaws.com", 5, true}, + {1, "webview-assets.cloud9.us-west-2.amazonaws.com", 5, true}, + {1, "cn-north-1.eb.amazonaws.com.cn", 5, true}, + {1, "cn-northwest-1.eb.amazonaws.com.cn", 5, true}, + {1, "elasticbeanstalk.com", 2, true}, + {1, "ap-northeast-1.elasticbeanstalk.com", 3, true}, + {1, "ap-northeast-2.elasticbeanstalk.com", 3, true}, + {1, "ap-northeast-3.elasticbeanstalk.com", 3, true}, + {1, "ap-south-1.elasticbeanstalk.com", 3, true}, + {1, "ap-southeast-1.elasticbeanstalk.com", 3, true}, + {1, "ap-southeast-2.elasticbeanstalk.com", 3, true}, + {1, "ca-central-1.elasticbeanstalk.com", 3, true}, + {1, "eu-central-1.elasticbeanstalk.com", 3, true}, + {1, "eu-west-1.elasticbeanstalk.com", 3, true}, + {1, "eu-west-2.elasticbeanstalk.com", 3, true}, + {1, "eu-west-3.elasticbeanstalk.com", 3, true}, + {1, "sa-east-1.elasticbeanstalk.com", 3, true}, + {1, "us-east-1.elasticbeanstalk.com", 3, true}, + {1, "us-east-2.elasticbeanstalk.com", 3, true}, + {1, "us-gov-west-1.elasticbeanstalk.com", 3, true}, + {1, "us-west-1.elasticbeanstalk.com", 3, true}, + {1, "us-west-2.elasticbeanstalk.com", 3, true}, + {2, "elb.amazonaws.com.cn", 5, true}, + {2, "elb.amazonaws.com", 4, true}, + {1, "awsglobalaccelerator.com", 2, true}, + {1, "eero.online", 2, true}, + {1, "eero-stage.online", 2, true}, {1, "t3l3p0rt.net", 2, true}, {1, "tele.amune.org", 3, true}, {1, "apigee.io", 2, true}, @@ -7469,6 +7578,7 @@ var r = [9333]Rule{ {1, "myasustor.com", 2, true}, {1, "cdn.prod.atlassian-dev.net", 4, true}, {1, "translated.page", 2, true}, + {1, "autocode.dev", 2, true}, {1, "myfritz.net", 2, true}, {1, "onavstack.net", 2, true}, {2, "awdev.ca", 3, true}, @@ -7491,6 +7601,7 @@ var r = [9333]Rule{ {1, "theshop.jp", 2, true}, {1, "shopselect.net", 2, true}, {1, "base.shop", 2, true}, + {1, "beagleboard.io", 2, true}, {2, "beget.app", 3, true}, {1, "betainabox.com", 2, true}, {1, "bnr.la", 2, true}, @@ -7514,6 +7625,8 @@ var r = [9333]Rule{ {1, "vm.bytemark.co.uk", 4, true}, {1, "cafjs.com", 2, true}, {1, "mycd.eu", 2, true}, + {1, "canva-apps.cn", 2, true}, + {1, "canva-apps.com", 2, true}, {1, "drr.ac", 2, true}, {1, "uwu.ai", 2, true}, {1, "carrd.co", 2, true}, @@ -7579,8 +7692,11 @@ var r = [9333]Rule{ {1, "cloudcontrolled.com", 2, true}, {1, "cloudcontrolapp.com", 2, true}, {2, "cloudera.site", 3, true}, - {1, "pages.dev", 2, true}, + {1, "cf-ipfs.com", 2, true}, + {1, "cloudflare-ipfs.com", 2, true}, {1, "trycloudflare.com", 2, true}, + {1, "pages.dev", 2, true}, + {1, "r2.dev", 2, true}, {1, "workers.dev", 2, true}, {1, "wnext.app", 2, true}, {1, "co.ca", 2, true}, @@ -7994,8 +8110,8 @@ var r = [9333]Rule{ {1, "blogsite.xyz", 2, true}, {1, "dynv6.net", 2, true}, {1, "e4.cz", 2, true}, - {1, "eero.online", 2, true}, - {1, "eero-stage.online", 2, true}, + {1, "easypanel.app", 2, true}, + {1, "easypanel.host", 2, true}, {1, "elementor.cloud", 2, true}, {1, "elementor.cool", 2, true}, {1, "en-root.fr", 2, true}, @@ -8153,6 +8269,7 @@ var r = [9333]Rule{ {1, "channelsdvr.net", 2, true}, {1, "u.channelsdvr.net", 3, true}, {1, "edgecompute.app", 2, true}, + {1, "fastly-edge.com", 2, true}, {1, "fastly-terrarium.com", 2, true}, {1, "fastlylb.net", 2, true}, {1, "map.fastlylb.net", 3, true}, @@ -8163,6 +8280,7 @@ var r = [9333]Rule{ {1, "a.ssl.fastly.net", 4, true}, {1, "b.ssl.fastly.net", 4, true}, {1, "global.ssl.fastly.net", 4, true}, + {2, "user.fm", 3, true}, {1, "fastvps-server.com", 2, true}, {1, "fastvps.host", 2, true}, {1, "myfast.host", 2, true}, @@ -8198,6 +8316,10 @@ var r = [9333]Rule{ {1, "id.forgerock.io", 3, true}, {1, "framer.app", 2, true}, {1, "framercanvas.com", 2, true}, + {1, "framer.media", 2, true}, + {1, "framer.photos", 2, true}, + {1, "framer.website", 2, true}, + {1, "framer.wiki", 2, true}, {2, "frusky.de", 3, true}, {1, "ravpage.co.il", 3, true}, {1, "0e.vc", 2, true}, @@ -8303,6 +8425,7 @@ var r = [9333]Rule{ {1, "kilo.jp", 2, true}, {1, "kuron.jp", 2, true}, {1, "littlestar.jp", 2, true}, + {1, "lolipopmc.jp", 2, true}, {1, "lolitapunk.jp", 2, true}, {1, "lomo.jp", 2, true}, {1, "lovepop.jp", 2, true}, @@ -8451,6 +8574,7 @@ var r = [9333]Rule{ {1, "blogspot.ug", 2, true}, {1, "blogspot.vn", 2, true}, {1, "goupile.fr", 2, true}, + {1, "gov.nl", 2, true}, {1, "awsmppl.com", 2, true}, {1, "xn--gnstigbestellen-zvb.de", 2, true}, {1, "xn--gnstigliefern-wob.de", 2, true}, @@ -8469,7 +8593,6 @@ var r = [9333]Rule{ {1, "herokuapp.com", 2, true}, {1, "herokussl.com", 2, true}, {1, "ravendb.cloud", 2, true}, - {1, "myravendb.com", 2, true}, {1, "ravendb.community", 2, true}, {1, "ravendb.me", 2, true}, {1, "development.run", 2, true}, @@ -8486,12 +8609,13 @@ var r = [9333]Rule{ {1, "ngo.ng", 2, true}, {1, "edu.scot", 2, true}, {1, "sch.so", 2, true}, - {1, "org.yt", 2, true}, {1, "hostyhosting.io", 2, true}, {1, "xn--hkkinen-5wa.fi", 2, true}, {2, "moonscale.io", 3, true}, {1, "moonscale.net", 2, true}, {1, "iki.fi", 2, true}, + {1, "ibxos.it", 2, true}, + {1, "iliadboxos.it", 2, true}, {1, "impertrixcdn.com", 2, true}, {1, "impertrix.com", 2, true}, {1, "smushcdn.com", 2, true}, @@ -8543,7 +8667,9 @@ var r = [9333]Rule{ {1, "na4u.ru", 2, true}, {1, "iopsys.se", 2, true}, {1, "ipifony.net", 2, true}, + {1, "iservschule.de", 2, true}, {1, "mein-iserv.de", 2, true}, + {1, "schulplattform.de", 2, true}, {1, "schulserver.de", 2, true}, {1, "test-iserv.de", 2, true}, {1, "iserv.dev", 2, true}, @@ -8736,6 +8862,7 @@ var r = [9333]Rule{ {1, "hra.health", 2, true}, {1, "miniserver.com", 2, true}, {1, "memset.net", 2, true}, + {1, "messerli.app", 2, true}, {2, "cloud.metacentrum.cz", 4, true}, {1, "custom.metacentrum.cz", 3, true}, {1, "flt.cloud.muni.cz", 4, true}, @@ -8748,6 +8875,9 @@ var r = [9333]Rule{ {1, "azure-mobile.net", 2, true}, {1, "cloudapp.net", 2, true}, {1, "azurestaticapps.net", 2, true}, + {1, "1.azurestaticapps.net", 3, true}, + {1, "2.azurestaticapps.net", 3, true}, + {1, "3.azurestaticapps.net", 3, true}, {1, "centralus.azurestaticapps.net", 3, true}, {1, "eastasia.azurestaticapps.net", 3, true}, {1, "eastus2.azurestaticapps.net", 3, true}, @@ -8775,22 +8905,6 @@ var r = [9333]Rule{ {1, "yali.mythic-beasts.com", 3, true}, {1, "cust.retrosnub.co.uk", 4, true}, {1, "ui.nabu.casa", 3, true}, - {1, "pony.club", 2, true}, - {1, "of.fashion", 2, true}, - {1, "in.london", 2, true}, - {1, "of.london", 2, true}, - {1, "from.marketing", 2, true}, - {1, "with.marketing", 2, true}, - {1, "for.men", 2, true}, - {1, "repair.men", 2, true}, - {1, "and.mom", 2, true}, - {1, "for.mom", 2, true}, - {1, "for.one", 2, true}, - {1, "under.one", 2, true}, - {1, "for.sale", 2, true}, - {1, "that.win", 2, true}, - {1, "from.work", 2, true}, - {1, "to.work", 2, true}, {1, "cloud.nospamproxy.com", 3, true}, {1, "netlify.app", 2, true}, {1, "4u.com", 2, true}, @@ -8925,7 +9039,26 @@ var r = [9333]Rule{ {1, "omg.lol", 2, true}, {1, "cloudycluster.net", 2, true}, {1, "omniwe.site", 2, true}, + {1, "123hjemmeside.dk", 2, true}, + {1, "123hjemmeside.no", 2, true}, + {1, "123homepage.it", 2, true}, + {1, "123kotisivu.fi", 2, true}, + {1, "123minsida.se", 2, true}, + {1, "123miweb.es", 2, true}, + {1, "123paginaweb.pt", 2, true}, + {1, "123sait.ru", 2, true}, + {1, "123siteweb.fr", 2, true}, + {1, "123webseite.at", 2, true}, + {1, "123webseite.de", 2, true}, + {1, "123website.be", 2, true}, + {1, "123website.ch", 2, true}, + {1, "123website.lu", 2, true}, + {1, "123website.nl", 2, true}, {1, "service.one", 2, true}, + {1, "simplesite.com", 2, true}, + {1, "simplesite.com.br", 3, true}, + {1, "simplesite.gr", 2, true}, + {1, "simplesite.pl", 2, true}, {1, "nid.io", 2, true}, {1, "opensocial.site", 2, true}, {1, "opencraft.hosting", 2, true}, @@ -9019,6 +9152,8 @@ var r = [9333]Rule{ {1, "rhcloud.com", 2, true}, {1, "app.render.com", 3, true}, {1, "onrender.com", 2, true}, + {1, "firewalledreplit.co", 2, true}, + {1, "id.firewalledreplit.co", 3, true}, {1, "repl.co", 2, true}, {1, "id.repl.co", 3, true}, {1, "repl.run", 2, true}, @@ -9041,9 +9176,37 @@ var r = [9333]Rule{ {1, "xn--h1aliz.xn--p1acf", 2, true}, {1, "xn--90a1af.xn--p1acf", 2, true}, {1, "xn--41a.xn--p1acf", 2, true}, + {2, "builder.code.com", 4, true}, + {2, "dev-builder.code.com", 4, true}, + {2, "stg-builder.code.com", 4, true}, {1, "sandcats.io", 2, true}, {1, "logoip.de", 2, true}, {1, "logoip.com", 2, true}, + {1, "fr-par-1.baremetal.scw.cloud", 4, true}, + {1, "fr-par-2.baremetal.scw.cloud", 4, true}, + {1, "nl-ams-1.baremetal.scw.cloud", 4, true}, + {1, "fnc.fr-par.scw.cloud", 4, true}, + {1, "functions.fnc.fr-par.scw.cloud", 5, true}, + {1, "k8s.fr-par.scw.cloud", 4, true}, + {1, "nodes.k8s.fr-par.scw.cloud", 5, true}, + {1, "s3.fr-par.scw.cloud", 4, true}, + {1, "s3-website.fr-par.scw.cloud", 4, true}, + {1, "whm.fr-par.scw.cloud", 4, true}, + {1, "priv.instances.scw.cloud", 4, true}, + {1, "pub.instances.scw.cloud", 4, true}, + {1, "k8s.scw.cloud", 3, true}, + {1, "k8s.nl-ams.scw.cloud", 4, true}, + {1, "nodes.k8s.nl-ams.scw.cloud", 5, true}, + {1, "s3.nl-ams.scw.cloud", 4, true}, + {1, "s3-website.nl-ams.scw.cloud", 4, true}, + {1, "whm.nl-ams.scw.cloud", 4, true}, + {1, "k8s.pl-waw.scw.cloud", 4, true}, + {1, "nodes.k8s.pl-waw.scw.cloud", 5, true}, + {1, "s3.pl-waw.scw.cloud", 4, true}, + {1, "s3-website.pl-waw.scw.cloud", 4, true}, + {1, "scalebook.scw.cloud", 3, true}, + {1, "smartlabeling.scw.cloud", 3, true}, + {1, "dedibox.fr", 2, true}, {1, "schokokeks.net", 2, true}, {1, "gov.scot", 2, true}, {1, "service.gov.scot", 3, true}, @@ -9085,6 +9248,10 @@ var r = [9333]Rule{ {1, "beta.bounty-full.com", 3, true}, {1, "small-web.org", 2, true}, {1, "vp4.me", 2, true}, + {1, "snowflake.app", 2, true}, + {1, "privatelink.snowflake.app", 3, true}, + {1, "streamlit.app", 2, true}, + {1, "streamlitapp.com", 2, true}, {1, "try-snowplow.com", 2, true}, {1, "srht.site", 2, true}, {1, "stackhero-network.com", 2, true}, @@ -9135,22 +9302,25 @@ var r = [9333]Rule{ {2, "s5y.io", 3, true}, {2, "sensiosite.cloud", 3, true}, {1, "syncloud.it", 2, true}, - {1, "diskstation.me", 2, true}, {1, "dscloud.biz", 2, true}, - {1, "dscloud.me", 2, true}, - {1, "dscloud.mobi", 2, true}, + {1, "direct.quickconnect.cn", 3, true}, {1, "dsmynas.com", 2, true}, - {1, "dsmynas.net", 2, true}, - {1, "dsmynas.org", 2, true}, {1, "familyds.com", 2, true}, - {1, "familyds.net", 2, true}, - {1, "familyds.org", 2, true}, + {1, "diskstation.me", 2, true}, + {1, "dscloud.me", 2, true}, {1, "i234.me", 2, true}, {1, "myds.me", 2, true}, {1, "synology.me", 2, true}, + {1, "dscloud.mobi", 2, true}, + {1, "dsmynas.net", 2, true}, + {1, "familyds.net", 2, true}, + {1, "dsmynas.org", 2, true}, + {1, "familyds.org", 2, true}, {1, "vpnplus.to", 2, true}, {1, "direct.quickconnect.to", 3, true}, {1, "tabitorder.co.il", 3, true}, + {1, "mytabit.co.il", 3, true}, + {1, "mytabit.com", 2, true}, {1, "taifun-dns.de", 2, true}, {1, "beta.tailscale.net", 3, true}, {1, "ts.net", 2, true}, @@ -9165,7 +9335,6 @@ var r = [9333]Rule{ {1, "telebit.app", 2, true}, {1, "telebit.io", 2, true}, {2, "telebit.xyz", 3, true}, - {1, "gwiddle.co.uk", 3, true}, {2, "firenet.ch", 3, true}, {2, "svc.firenet.ch", 4, true}, {1, "reservd.com", 2, true}, @@ -9185,7 +9354,6 @@ var r = [9333]Rule{ {1, "pages.torproject.net", 3, true}, {1, "bloxcms.com", 2, true}, {1, "townnews-staging.com", 2, true}, - {1, "tbits.me", 2, true}, {1, "12hp.at", 2, true}, {1, "2ix.at", 2, true}, {1, "4lima.at", 2, true}, @@ -9231,6 +9399,12 @@ var r = [9333]Rule{ {1, "hk.org", 2, true}, {1, "ltd.hk", 2, true}, {1, "inc.hk", 2, true}, + {1, "it.com", 2, true}, + {1, "name.pm", 2, true}, + {1, "sch.tf", 2, true}, + {1, "biz.wf", 2, true}, + {1, "sch.wf", 2, true}, + {1, "org.yt", 2, true}, {1, "virtualuser.de", 2, true}, {1, "virtual-user.de", 2, true}, {1, "upli.io", 2, true}, diff --git a/vendor/github.com/zmap/zcrypto/cryptobyte/asn1.go b/vendor/github.com/zmap/zcrypto/cryptobyte/asn1.go index a755e56ea..af771301b 100644 --- a/vendor/github.com/zmap/zcrypto/cryptobyte/asn1.go +++ b/vendor/github.com/zmap/zcrypto/cryptobyte/asn1.go @@ -750,3 +750,42 @@ func (s *String) readASN1(out *String, outTag *asn1.Tag, skipHeader bool) bool { return true } + +const defaultUTCTimeFormatStr = "060102150405Z0700" + +// ReadASN1UTCTime decodes an ASN.1 UTCTime into out and advances. +// It reports whether the read was successful. +func (s *String) ReadASN1UTCTime(out *time.Time) bool { + var bytes String + if !s.ReadASN1(&bytes, asn1.UTCTime) { + return false + } + t := string(bytes) + + formatStr := defaultUTCTimeFormatStr + var err error + res, err := time.Parse(formatStr, t) + if err != nil { + // Fallback to minute precision if we can't parse second + // precision. If we are following X.509 or X.690 we shouldn't + // support this, but we do. + formatStr = "0601021504Z0700" + res, err = time.Parse(formatStr, t) + } + if err != nil { + return false + } + + if serialized := res.Format(formatStr); serialized != t { + return false + } + + if res.Year() >= 2050 { + // UTCTime interprets the low order digits 50-99 as 1950-99. + // This only applies to its use in the X.509 profile. + // See https://tools.ietf.org/html/rfc5280#section-4.1.2.5.1 + res = res.AddDate(-100, 0, 0) + } + *out = res + return true +} diff --git a/vendor/github.com/zmap/zcrypto/cryptobyte/builder.go b/vendor/github.com/zmap/zcrypto/cryptobyte/builder.go index ca7b1db5c..c7ded7577 100644 --- a/vendor/github.com/zmap/zcrypto/cryptobyte/builder.go +++ b/vendor/github.com/zmap/zcrypto/cryptobyte/builder.go @@ -106,13 +106,13 @@ func (b *Builder) AddBytes(v []byte) { // supplied to them. The child builder passed to the continuation can be used // to build the content of the length-prefixed sequence. For example: // -// parent := cryptobyte.NewBuilder() -// parent.AddUint8LengthPrefixed(func (child *Builder) { -// child.AddUint8(42) -// child.AddUint8LengthPrefixed(func (grandchild *Builder) { -// grandchild.AddUint8(5) -// }) -// }) +// parent := cryptobyte.NewBuilder() +// parent.AddUint8LengthPrefixed(func (child *Builder) { +// child.AddUint8(42) +// child.AddUint8LengthPrefixed(func (grandchild *Builder) { +// grandchild.AddUint8(5) +// }) +// }) // // It is an error to write more bytes to the child than allowed by the reserved // length prefix. After the continuation returns, the child must be considered diff --git a/vendor/github.com/zmap/zcrypto/encoding/asn1/asn1.go b/vendor/github.com/zmap/zcrypto/encoding/asn1/asn1.go index 87b9eddb3..212ef9c3c 100644 --- a/vendor/github.com/zmap/zcrypto/encoding/asn1/asn1.go +++ b/vendor/github.com/zmap/zcrypto/encoding/asn1/asn1.go @@ -5,7 +5,7 @@ // Package asn1 implements parsing of DER-encoded ASN.1 data structures, // as defined in ITU-T Rec X.690. // -// See also ``A Layman's Guide to a Subset of ASN.1, BER, and DER,'' +// See also “A Layman's Guide to a Subset of ASN.1, BER, and DER,” // http://luca.ntop.org/Teaching/Appunti/asn1.html. package asn1 diff --git a/vendor/github.com/zmap/zcrypto/json/ecdhe.go b/vendor/github.com/zmap/zcrypto/json/ecdhe.go index 5d3d19179..aa808ab1c 100644 --- a/vendor/github.com/zmap/zcrypto/json/ecdhe.go +++ b/vendor/github.com/zmap/zcrypto/json/ecdhe.go @@ -94,7 +94,7 @@ func (c *TLSCurveID) MarshalJSON() ([]byte, error) { return json.Marshal(&aux) } -//UnmarshalJSON implements the json.Unmarshaler interface +// UnmarshalJSON implements the json.Unmarshaler interface func (c *TLSCurveID) UnmarshalJSON(b []byte) error { aux := struct { ID uint16 `json:"id"` diff --git a/vendor/github.com/zmap/zcrypto/x509/crl_parser.go b/vendor/github.com/zmap/zcrypto/x509/crl_parser.go new file mode 100644 index 000000000..b33404f6a --- /dev/null +++ b/vendor/github.com/zmap/zcrypto/x509/crl_parser.go @@ -0,0 +1,409 @@ +package x509 + +import ( + "bytes" + "errors" + "fmt" + "math/big" + "time" + "unicode/utf16" + "unicode/utf8" + + "github.com/zmap/zcrypto/cryptobyte" + cryptobyte_asn1 "github.com/zmap/zcrypto/cryptobyte/asn1" + "github.com/zmap/zcrypto/encoding/asn1" + "github.com/zmap/zcrypto/x509/pkix" +) + +const x509v2Version = 1 + +// RevokedCertificate represents an entry in the revokedCertificates sequence of +// a CRL. +// STARTBLOCK: This type does not exist in upstream. +type RevokedCertificate struct { + // Raw contains the raw bytes of the revokedCertificates entry. It is set when + // parsing a CRL; it is ignored when generating a CRL. + Raw []byte + + // SerialNumber represents the serial number of a revoked certificate. It is + // both used when creating a CRL and populated when parsing a CRL. It MUST NOT + // be nil. + SerialNumber *big.Int + // RevocationTime represents the time at which the certificate was revoked. It + // is both used when creating a CRL and populated when parsing a CRL. It MUST + // NOT be nil. + RevocationTime time.Time + // ReasonCode represents the reason for revocation, using the integer enum + // values specified in RFC 5280 Section 5.3.1. When creating a CRL, a value of + // nil or zero will result in the reasonCode extension being omitted. When + // parsing a CRL, a value of nil represents a no reasonCode extension, while a + // value of 0 represents a reasonCode extension containing enum value 0 (this + // SHOULD NOT happen, but can and does). + ReasonCode *int + + // Extensions contains raw X.509 extensions. When creating a CRL, the + // Extensions field is ignored, see ExtraExtensions. + Extensions []pkix.Extension + // ExtraExtensions contains any additional extensions to add directly to the + // revokedCertificate entry. It is up to the caller to ensure that this field + // does not contain any extensions which duplicate extensions created by this + // package (currently, the reasonCode extension). The ExtraExtensions field is + // not populated when parsing a CRL, see Extensions. + ExtraExtensions []pkix.Extension +} + +// ENDBLOCK + +// ParseRevocationList parses a X509 v2 Certificate Revocation List from the given +// ASN.1 DER data. +func ParseRevocationList(der []byte) (*RevocationList, error) { + rl := &RevocationList{} + + input := cryptobyte.String(der) + // we read the SEQUENCE including length and tag bytes so that + // we can populate RevocationList.Raw, before unwrapping the + // SEQUENCE so it can be operated on + if !input.ReadASN1Element(&input, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed crl") + } + rl.Raw = input + if !input.ReadASN1(&input, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed crl") + } + + var tbs cryptobyte.String + // do the same trick again as above to extract the raw + // bytes for Certificate.RawTBSCertificate + if !input.ReadASN1Element(&tbs, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed tbs crl") + } + rl.RawTBSRevocationList = tbs + if !tbs.ReadASN1(&tbs, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed tbs crl") + } + + var version int + if !tbs.PeekASN1Tag(cryptobyte_asn1.INTEGER) { + return nil, errors.New("x509: unsupported crl version") + } + if !tbs.ReadASN1Integer(&version) { + return nil, errors.New("x509: malformed crl") + } + if version != x509v2Version { + return nil, fmt.Errorf("x509: unsupported crl version: %d", version) + } + + var sigAISeq cryptobyte.String + if !tbs.ReadASN1(&sigAISeq, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed signature algorithm identifier") + } + // Before parsing the inner algorithm identifier, extract + // the outer algorithm identifier and make sure that they + // match. + var outerSigAISeq cryptobyte.String + if !input.ReadASN1(&outerSigAISeq, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed algorithm identifier") + } + if !bytes.Equal(outerSigAISeq, sigAISeq) { + return nil, errors.New("x509: inner and outer signature algorithm identifiers don't match") + } + sigAI, err := parseAI(sigAISeq) + if err != nil { + return nil, err + } + rl.SignatureAlgorithm = getSignatureAlgorithmFromAI(sigAI) + + var signature asn1.BitString + if !input.ReadASN1BitString(&signature) { + return nil, errors.New("x509: malformed signature") + } + rl.Signature = signature.RightAlign() + + var issuerSeq cryptobyte.String + if !tbs.ReadASN1Element(&issuerSeq, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed issuer") + } + rl.RawIssuer = issuerSeq + issuerRDNs, err := parseName(issuerSeq) + if err != nil { + return nil, err + } + rl.Issuer.FillFromRDNSequence(issuerRDNs) + + rl.ThisUpdate, err = parseTime(&tbs) + if err != nil { + return nil, err + } + if tbs.PeekASN1Tag(cryptobyte_asn1.GeneralizedTime) || tbs.PeekASN1Tag(cryptobyte_asn1.UTCTime) { + rl.NextUpdate, err = parseTime(&tbs) + if err != nil { + return nil, err + } + } + + if tbs.PeekASN1Tag(cryptobyte_asn1.SEQUENCE) { + // NOTE: The block does not exist in upstream. + rcs := make([]RevokedCertificate, 0) + // ENDBLOCK + var revokedSeq cryptobyte.String + if !tbs.ReadASN1(&revokedSeq, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed crl") + } + for !revokedSeq.Empty() { + var certSeq cryptobyte.String + // NOTE: The block is different from upstream. Upstream: ReadASN1 + if !revokedSeq.ReadASN1Element(&certSeq, cryptobyte_asn1.SEQUENCE) { + // ENDBLOCK + return nil, errors.New("x509: malformed crl") + } + rc := RevokedCertificate{Raw: certSeq} + if !certSeq.ReadASN1(&certSeq, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed crl") + } + rc.SerialNumber = new(big.Int) + if !certSeq.ReadASN1Integer(rc.SerialNumber) { + return nil, errors.New("x509: malformed serial number") + } + rc.RevocationTime, err = parseTime(&certSeq) + if err != nil { + return nil, err + } + var extensions cryptobyte.String + var present bool + if !certSeq.ReadOptionalASN1(&extensions, &present, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed extensions") + } + if present { + for !extensions.Empty() { + var extension cryptobyte.String + if !extensions.ReadASN1(&extension, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed extension") + } + ext, err := parseExtension(extension) + if err != nil { + return nil, err + } + // STARTBLOCK: This block does not exist in upstream. + if ext.Id.Equal(oidExtensionReasonCode) { + val := cryptobyte.String(ext.Value) + rc.ReasonCode = new(int) + if !val.ReadASN1Enum(rc.ReasonCode) { + return nil, fmt.Errorf("x509: malformed reasonCode extension") + } + } + // ENDBLOCK + rc.Extensions = append(rc.Extensions, ext) + } + } + // STARTBLOCK: The block does not exist in upstream. + rcs = append(rcs, rc) + // ENDBLOCK + } + rl.RevokedCertificates = rcs + } + + var extensions cryptobyte.String + var present bool + if !tbs.ReadOptionalASN1(&extensions, &present, cryptobyte_asn1.Tag(0).Constructed().ContextSpecific()) { + return nil, errors.New("x509: malformed extensions") + } + if present { + if !extensions.ReadASN1(&extensions, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed extensions") + } + for !extensions.Empty() { + var extension cryptobyte.String + if !extensions.ReadASN1(&extension, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: malformed extension") + } + ext, err := parseExtension(extension) + if err != nil { + return nil, err + } + if ext.Id.Equal(oidExtensionAuthorityKeyId) { + rl.AuthorityKeyId = ext.Value + } else if ext.Id.Equal(oidExtensionCRLNumber) { + value := cryptobyte.String(ext.Value) + rl.Number = new(big.Int) + if !value.ReadASN1Integer(rl.Number) { + return nil, errors.New("x509: malformed crl number") + } + } + rl.Extensions = append(rl.Extensions, ext) + } + } + + return rl, nil +} + +// isPrintable reports whether the given b is in the ASN.1 PrintableString set. +// This is a simplified version of encoding/asn1.isPrintable. +func isPrintable(b byte) bool { + return 'a' <= b && b <= 'z' || + 'A' <= b && b <= 'Z' || + '0' <= b && b <= '9' || + '\'' <= b && b <= ')' || + '+' <= b && b <= '/' || + b == ' ' || + b == ':' || + b == '=' || + b == '?' || + // This is technically not allowed in a PrintableString. + // However, x509 certificates with wildcard strings don't + // always use the correct string type so we permit it. + b == '*' || + // This is not technically allowed either. However, not + // only is it relatively common, but there are also a + // handful of CA certificates that contain it. At least + // one of which will not expire until 2027. + b == '&' +} + +// parseASN1String parses the ASN.1 string types T61String, PrintableString, +// UTF8String, BMPString, IA5String, and NumericString. This is mostly copied +// from the respective encoding/asn1.parse... methods, rather than just +// increasing the API surface of that package. +func parseASN1String(tag cryptobyte_asn1.Tag, value []byte) (string, error) { + switch tag { + case cryptobyte_asn1.T61String: + return string(value), nil + case cryptobyte_asn1.PrintableString: + for _, b := range value { + if !isPrintable(b) { + return "", errors.New("invalid PrintableString") + } + } + return string(value), nil + case cryptobyte_asn1.UTF8String: + if !utf8.Valid(value) { + return "", errors.New("invalid UTF-8 string") + } + return string(value), nil + case cryptobyte_asn1.Tag(asn1.TagBMPString): + if len(value)%2 != 0 { + return "", errors.New("invalid BMPString") + } + + // Strip terminator if present. + if l := len(value); l >= 2 && value[l-1] == 0 && value[l-2] == 0 { + value = value[:l-2] + } + + s := make([]uint16, 0, len(value)/2) + for len(value) > 0 { + s = append(s, uint16(value[0])<<8+uint16(value[1])) + value = value[2:] + } + + return string(utf16.Decode(s)), nil + case cryptobyte_asn1.IA5String: + s := string(value) + if isIA5String(s) != nil { + return "", errors.New("invalid IA5String") + } + return s, nil + case cryptobyte_asn1.Tag(asn1.TagNumericString): + for _, b := range value { + if !('0' <= b && b <= '9' || b == ' ') { + return "", errors.New("invalid NumericString") + } + } + return string(value), nil + } + return "", fmt.Errorf("unsupported string type: %v", tag) +} + +// parseName parses a DER encoded Name as defined in RFC 5280. We may +// want to export this function in the future for use in crypto/tls. +func parseName(raw cryptobyte.String) (*pkix.RDNSequence, error) { + if !raw.ReadASN1(&raw, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: invalid RDNSequence") + } + + var rdnSeq pkix.RDNSequence + for !raw.Empty() { + var rdnSet pkix.RelativeDistinguishedNameSET + var set cryptobyte.String + if !raw.ReadASN1(&set, cryptobyte_asn1.SET) { + return nil, errors.New("x509: invalid RDNSequence") + } + for !set.Empty() { + var atav cryptobyte.String + if !set.ReadASN1(&atav, cryptobyte_asn1.SEQUENCE) { + return nil, errors.New("x509: invalid RDNSequence: invalid attribute") + } + var attr pkix.AttributeTypeAndValue + if !atav.ReadASN1ObjectIdentifier(&attr.Type) { + return nil, errors.New("x509: invalid RDNSequence: invalid attribute type") + } + var rawValue cryptobyte.String + var valueTag cryptobyte_asn1.Tag + if !atav.ReadAnyASN1(&rawValue, &valueTag) { + return nil, errors.New("x509: invalid RDNSequence: invalid attribute value") + } + var err error + attr.Value, err = parseASN1String(valueTag, rawValue) + if err != nil { + return nil, fmt.Errorf("x509: invalid RDNSequence: invalid attribute value: %s", err) + } + rdnSet = append(rdnSet, attr) + } + + rdnSeq = append(rdnSeq, rdnSet) + } + + return &rdnSeq, nil +} + +func parseAI(der cryptobyte.String) (pkix.AlgorithmIdentifier, error) { + ai := pkix.AlgorithmIdentifier{} + if !der.ReadASN1ObjectIdentifier(&ai.Algorithm) { + return ai, errors.New("x509: malformed OID") + } + if der.Empty() { + return ai, nil + } + var params cryptobyte.String + var tag cryptobyte_asn1.Tag + if !der.ReadAnyASN1Element(¶ms, &tag) { + return ai, errors.New("x509: malformed parameters") + } + ai.Parameters.Tag = int(tag) + ai.Parameters.FullBytes = params + return ai, nil +} + +func parseTime(der *cryptobyte.String) (time.Time, error) { + var t time.Time + switch { + case der.PeekASN1Tag(cryptobyte_asn1.UTCTime): + if !der.ReadASN1UTCTime(&t) { + return t, errors.New("x509: malformed UTCTime") + } + case der.PeekASN1Tag(cryptobyte_asn1.GeneralizedTime): + if !der.ReadASN1GeneralizedTime(&t) { + return t, errors.New("x509: malformed GeneralizedTime") + } + default: + return t, errors.New("x509: unsupported time format") + } + return t, nil +} + +func parseExtension(der cryptobyte.String) (pkix.Extension, error) { + var ext pkix.Extension + if !der.ReadASN1ObjectIdentifier(&ext.Id) { + return ext, errors.New("x509: malformed extension OID field") + } + if der.PeekASN1Tag(cryptobyte_asn1.BOOLEAN) { + if !der.ReadASN1Boolean(&ext.Critical) { + return ext, errors.New("x509: malformed extension critical field") + } + } + var val cryptobyte.String + if !der.ReadASN1(&val, cryptobyte_asn1.OCTET_STRING) { + return ext, errors.New("x509: malformed extension value field") + } + ext.Value = val + return ext, nil +} diff --git a/vendor/github.com/zmap/zcrypto/x509/extended_key_usage.go b/vendor/github.com/zmap/zcrypto/x509/extended_key_usage.go index cde3a8e05..85ea4a726 100644 --- a/vendor/github.com/zmap/zcrypto/x509/extended_key_usage.go +++ b/vendor/github.com/zmap/zcrypto/x509/extended_key_usage.go @@ -29,6 +29,7 @@ const ( OID_EKU_APPLE_CRYPTO_TIER1_QOS = "1.2.840.113635.100.4.6.2" OID_EKU_APPLE_CRYPTO_TIER2_QOS = "1.2.840.113635.100.4.6.3" OID_EKU_APPLE_CRYPTO_TIER3_QOS = "1.2.840.113635.100.4.6.4" + OID_EKU_ADOBE_AUTHENTIC_DOCUMENT_TRUST = "1.2.840.113583.1.1.5" OID_EKU_MICROSOFT_CERT_TRUST_LIST_SIGNING = "1.3.6.1.4.1.311.10.3.1" OID_EKU_MICROSOFT_QUALIFIED_SUBORDINATE = "1.3.6.1.4.1.311.10.3.10" OID_EKU_MICROSOFT_KEY_RECOVERY_3 = "1.3.6.1.4.1.311.10.3.11" @@ -95,6 +96,7 @@ var ( oidExtKeyUsageAppleCryptoTier1Qos = asn1.ObjectIdentifier{1, 2, 840, 113635, 100, 4, 6, 2} oidExtKeyUsageAppleCryptoTier2Qos = asn1.ObjectIdentifier{1, 2, 840, 113635, 100, 4, 6, 3} oidExtKeyUsageAppleCryptoTier3Qos = asn1.ObjectIdentifier{1, 2, 840, 113635, 100, 4, 6, 4} + oidExtKeyUsageAdobeAuthenticDocumentTrust = asn1.ObjectIdentifier{1, 2, 840, 113583, 1, 1, 5} oidExtKeyUsageMicrosoftCertTrustListSigning = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 10, 3, 1} oidExtKeyUsageMicrosoftQualifiedSubordinate = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 10, 3, 10} oidExtKeyUsageMicrosoftKeyRecovery3 = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 311, 10, 3, 11} @@ -161,6 +163,7 @@ const ( ExtKeyUsageAppleCryptoTier1Qos ExtKeyUsageAppleCryptoTier2Qos ExtKeyUsageAppleCryptoTier3Qos + ExtKeyUsageAdobeAuthenticDocumentTrust ExtKeyUsageMicrosoftCertTrustListSigning ExtKeyUsageMicrosoftQualifiedSubordinate ExtKeyUsageMicrosoftKeyRecovery3 @@ -227,6 +230,7 @@ type auxExtendedKeyUsage struct { AppleCryptoTier1Qos bool `json:"apple_crypto_tier1_qos,omitempty" oid:"1.2.840.113635.100.4.6.2"` AppleCryptoTier2Qos bool `json:"apple_crypto_tier2_qos,omitempty" oid:"1.2.840.113635.100.4.6.3"` AppleCryptoTier3Qos bool `json:"apple_crypto_tier3_qos,omitempty" oid:"1.2.840.113635.100.4.6.4"` + AdobeAuthenticDocumentTrust bool `json:"adobe_authentic_document_trust,omitempty" oid:"1.2.840.113583.1.1.5"` MicrosoftCertTrustListSigning bool `json:"microsoft_cert_trust_list_signing,omitempty" oid:"1.3.6.1.4.1.311.10.3.1"` MicrosoftQualifiedSubordinate bool `json:"microsoft_qualified_subordinate,omitempty" oid:"1.3.6.1.4.1.311.10.3.10"` MicrosoftKeyRecovery3 bool `json:"microsoft_key_recovery_3,omitempty" oid:"1.3.6.1.4.1.311.10.3.11"` @@ -314,6 +318,8 @@ func (aux *auxExtendedKeyUsage) populateFromASN1(oid asn1.ObjectIdentifier) { aux.AppleCryptoTier2Qos = true case OID_EKU_APPLE_CRYPTO_TIER3_QOS: aux.AppleCryptoTier3Qos = true + case OID_EKU_ADOBE_AUTHENTIC_DOCUMENT_TRUST: + aux.AdobeAuthenticDocumentTrust = true case OID_EKU_MICROSOFT_CERT_TRUST_LIST_SIGNING: aux.MicrosoftCertTrustListSigning = true case OID_EKU_MICROSOFT_QUALIFIED_SUBORDINATE: @@ -447,6 +453,8 @@ func (aux *auxExtendedKeyUsage) populateFromExtKeyUsage(eku ExtKeyUsage) { aux.AppleCryptoTier2Qos = true case ExtKeyUsageAppleCryptoTier3Qos: aux.AppleCryptoTier3Qos = true + case ExtKeyUsageAdobeAuthenticDocumentTrust: + aux.AdobeAuthenticDocumentTrust = true case ExtKeyUsageMicrosoftCertTrustListSigning: aux.MicrosoftCertTrustListSigning = true case ExtKeyUsageMicrosoftQualifiedSubordinate: @@ -566,6 +574,7 @@ func init() { ekuOIDs[OID_EKU_APPLE_CRYPTO_TIER1_QOS] = oidExtKeyUsageAppleCryptoTier1Qos ekuOIDs[OID_EKU_APPLE_CRYPTO_TIER2_QOS] = oidExtKeyUsageAppleCryptoTier2Qos ekuOIDs[OID_EKU_APPLE_CRYPTO_TIER3_QOS] = oidExtKeyUsageAppleCryptoTier3Qos + ekuOIDs[OID_EKU_ADOBE_AUTHENTIC_DOCUMENT_TRUST] = oidExtKeyUsageAdobeAuthenticDocumentTrust ekuOIDs[OID_EKU_MICROSOFT_CERT_TRUST_LIST_SIGNING] = oidExtKeyUsageMicrosoftCertTrustListSigning ekuOIDs[OID_EKU_MICROSOFT_QUALIFIED_SUBORDINATE] = oidExtKeyUsageMicrosoftQualifiedSubordinate ekuOIDs[OID_EKU_MICROSOFT_KEY_RECOVERY_3] = oidExtKeyUsageMicrosoftKeyRecovery3 @@ -631,6 +640,7 @@ func init() { ekuConstants[OID_EKU_APPLE_CRYPTO_TIER1_QOS] = ExtKeyUsageAppleCryptoTier1Qos ekuConstants[OID_EKU_APPLE_CRYPTO_TIER2_QOS] = ExtKeyUsageAppleCryptoTier2Qos ekuConstants[OID_EKU_APPLE_CRYPTO_TIER3_QOS] = ExtKeyUsageAppleCryptoTier3Qos + ekuConstants[OID_EKU_ADOBE_AUTHENTIC_DOCUMENT_TRUST] = ExtKeyUsageAdobeAuthenticDocumentTrust ekuConstants[OID_EKU_MICROSOFT_CERT_TRUST_LIST_SIGNING] = ExtKeyUsageMicrosoftCertTrustListSigning ekuConstants[OID_EKU_MICROSOFT_QUALIFIED_SUBORDINATE] = ExtKeyUsageMicrosoftQualifiedSubordinate ekuConstants[OID_EKU_MICROSOFT_KEY_RECOVERY_3] = ExtKeyUsageMicrosoftKeyRecovery3 diff --git a/vendor/github.com/zmap/zcrypto/x509/extensions.go b/vendor/github.com/zmap/zcrypto/x509/extensions.go index b1edaf26e..ffb87a265 100644 --- a/vendor/github.com/zmap/zcrypto/x509/extensions.go +++ b/vendor/github.com/zmap/zcrypto/x509/extensions.go @@ -27,6 +27,8 @@ var ( oidExtSubjectKeyId = asn1.ObjectIdentifier{2, 5, 29, 14} oidExtExtendedKeyUsage = asn1.ObjectIdentifier{2, 5, 29, 37} oidExtCertificatePolicy = asn1.ObjectIdentifier{2, 5, 29, 32} + oidExtensionCRLNumber = asn1.ObjectIdentifier{2, 5, 29, 20} + oidExtensionReasonCode = asn1.ObjectIdentifier{2, 5, 29, 21} oidExtAuthorityInfoAccess = oidExtensionAuthorityInfoAccess oidExtensionCTPrecertificatePoison = asn1.ObjectIdentifier{1, 3, 6, 1, 4, 1, 11129, 2, 4, 3} @@ -121,16 +123,16 @@ func (cp *CertificatePoliciesData) MarshalJSON() ([]byte, error) { // GeneralNames corresponds an X.509 GeneralName defined in // Section 4.2.1.6 of RFC 5280. // -// GeneralName ::= CHOICE { -// otherName [0] AnotherName, -// rfc822Name [1] IA5String, -// dNSName [2] IA5String, -// x400Address [3] ORAddress, -// directoryName [4] Name, -// ediPartyName [5] EDIPartyName, -// uniformResourceIdentifier [6] IA5String, -// iPAddress [7] OCTET STRING, -// registeredID [8] OBJECT IDENTIFIER } +// GeneralName ::= CHOICE { +// otherName [0] AnotherName, +// rfc822Name [1] IA5String, +// dNSName [2] IA5String, +// x400Address [3] ORAddress, +// directoryName [4] Name, +// ediPartyName [5] EDIPartyName, +// uniformResourceIdentifier [6] IA5String, +// iPAddress [7] OCTET STRING, +// registeredID [8] OBJECT IDENTIFIER } type GeneralNames struct { DirectoryNames []pkix.Name DNSNames []string @@ -404,6 +406,7 @@ func (e *ExtendedKeyUsageExtension) UnmarshalJSON(b []byte) error { // The string functions for CertValidationLevel are auto-generated via // `go generate ` or running `go generate` in the package directory +// //go:generate stringer -type=CertValidationLevel -output=generated_certvalidationlevel_string.go type CertValidationLevel int @@ -694,21 +697,21 @@ type AuthorityInfoAccess struct { } /* - id-CABFOrganizationIdentifier OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) international-organizations(23) ca-browser-forum(140) certificate-extensions(3) cabf-organization-identifier(1) } + id-CABFOrganizationIdentifier OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) international-organizations(23) ca-browser-forum(140) certificate-extensions(3) cabf-organization-identifier(1) } - ext-CABFOrganizationIdentifier EXTENSION ::= { SYNTAX CABFOrganizationIdentifier IDENTIFIED BY id-CABFOrganizationIdentifier } + ext-CABFOrganizationIdentifier EXTENSION ::= { SYNTAX CABFOrganizationIdentifier IDENTIFIED BY id-CABFOrganizationIdentifier } - CABFOrganizationIdentifier ::= SEQUENCE { + CABFOrganizationIdentifier ::= SEQUENCE { - registrationSchemeIdentifier PrintableString (SIZE(3)), + registrationSchemeIdentifier PrintableString (SIZE(3)), - registrationCountry PrintableString (SIZE(2)), + registrationCountry PrintableString (SIZE(2)), - registrationStateOrProvince [0] IMPLICIT PrintableString OPTIONAL (SIZE(0..128)), + registrationStateOrProvince [0] IMPLICIT PrintableString OPTIONAL (SIZE(0..128)), - registrationReference UTF8String + registrationReference UTF8String - } + } */ type CABFOrganizationIDASN struct { RegistrationSchemeIdentifier string `asn1:"printable"` diff --git a/vendor/github.com/zmap/zcrypto/x509/pkix/pkix.go b/vendor/github.com/zmap/zcrypto/x509/pkix/pkix.go index 176b6c44a..92994fd0a 100644 --- a/vendor/github.com/zmap/zcrypto/x509/pkix/pkix.go +++ b/vendor/github.com/zmap/zcrypto/x509/pkix/pkix.go @@ -256,13 +256,13 @@ func (r RDNSequence) String() string { // ToRDNSequence converts n into a single RDNSequence. The following // attributes are encoded as multi-value RDNs: // -// - Country -// - Organization -// - OrganizationalUnit -// - Locality -// - Province -// - StreetAddress -// - PostalCode +// - Country +// - Organization +// - OrganizationalUnit +// - Locality +// - Province +// - StreetAddress +// - PostalCode // // Each ExtraNames entry is encoded as an individual RDN. func (n Name) ToRDNSequence() (ret RDNSequence) { diff --git a/vendor/github.com/zmap/zcrypto/x509/sec1.go b/vendor/github.com/zmap/zcrypto/x509/sec1.go index 4ef211ff9..8d5c1657b 100644 --- a/vendor/github.com/zmap/zcrypto/x509/sec1.go +++ b/vendor/github.com/zmap/zcrypto/x509/sec1.go @@ -18,8 +18,10 @@ const ecPrivKeyVersion = 1 // ecPrivateKey reflects an ASN.1 Elliptic Curve Private Key Structure. // References: -// RFC 5915 -// SEC1 - http://www.secg.org/sec1-v2.pdf +// +// RFC 5915 +// SEC1 - http://www.secg.org/sec1-v2.pdf +// // Per RFC 5915 the NamedCurveOID is marked as ASN.1 OPTIONAL, however in // most cases it is not. type ecPrivateKey struct { diff --git a/vendor/github.com/zmap/zcrypto/x509/x509.go b/vendor/github.com/zmap/zcrypto/x509/x509.go index 8057b0b0a..750285243 100644 --- a/vendor/github.com/zmap/zcrypto/x509/x509.go +++ b/vendor/github.com/zmap/zcrypto/x509/x509.go @@ -18,6 +18,7 @@ import ( _ "crypto/sha512" "io" "strings" + "unicode" "bytes" "crypto" @@ -26,7 +27,6 @@ import ( "crypto/rsa" _ "crypto/sha1" _ "crypto/sha256" - _ "crypto/sha512" "encoding/pem" "errors" "fmt" @@ -336,6 +336,7 @@ var ( oidSignatureECDSAWithSHA256 = asn1.ObjectIdentifier{1, 2, 840, 10045, 4, 3, 2} oidSignatureECDSAWithSHA384 = asn1.ObjectIdentifier{1, 2, 840, 10045, 4, 3, 3} oidSignatureECDSAWithSHA512 = asn1.ObjectIdentifier{1, 2, 840, 10045, 4, 3, 4} + oidSignatureEd25519 = asn1.ObjectIdentifier{1, 3, 101, 112} oidSHA256 = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 2, 1} oidSHA384 = asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 2, 2} @@ -492,17 +493,19 @@ func GetSignatureAlgorithmFromAI(ai pkix.AlgorithmIdentifier) SignatureAlgorithm // RFC 3279, 2.3 Public Key Algorithms // // pkcs-1 OBJECT IDENTIFIER ::== { iso(1) member-body(2) us(840) -// rsadsi(113549) pkcs(1) 1 } +// +// rsadsi(113549) pkcs(1) 1 } // // rsaEncryption OBJECT IDENTIFIER ::== { pkcs1-1 1 } // // id-dsa OBJECT IDENTIFIER ::== { iso(1) member-body(2) us(840) -// x9-57(10040) x9cm(4) 1 } // -// RFC 5480, 2.1.1 Unrestricted Algorithm Identifier and Parameters +// x9-57(10040) x9cm(4) 1 } +// +// # RFC 5480, 2.1.1 Unrestricted Algorithm Identifier and Parameters // -// id-ecPublicKey OBJECT IDENTIFIER ::= { -// iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } +// id-ecPublicKey OBJECT IDENTIFIER ::= { +// iso(1) member-body(2) us(840) ansi-X9-62(10045) keyType(2) 1 } var ( oidPublicKeyRSA = asn1.ObjectIdentifier{1, 2, 840, 113549, 1, 1, 1} oidPublicKeyDSA = asn1.ObjectIdentifier{1, 2, 840, 10040, 4, 1} @@ -527,18 +530,18 @@ func getPublicKeyAlgorithmFromOID(oid asn1.ObjectIdentifier) PublicKeyAlgorithm // RFC 5480, 2.1.1.1. Named Curve // -// secp224r1 OBJECT IDENTIFIER ::= { -// iso(1) identified-organization(3) certicom(132) curve(0) 33 } +// secp224r1 OBJECT IDENTIFIER ::= { +// iso(1) identified-organization(3) certicom(132) curve(0) 33 } // -// secp256r1 OBJECT IDENTIFIER ::= { -// iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) -// prime(1) 7 } +// secp256r1 OBJECT IDENTIFIER ::= { +// iso(1) member-body(2) us(840) ansi-X9-62(10045) curves(3) +// prime(1) 7 } // -// secp384r1 OBJECT IDENTIFIER ::= { -// iso(1) identified-organization(3) certicom(132) curve(0) 34 } +// secp384r1 OBJECT IDENTIFIER ::= { +// iso(1) identified-organization(3) certicom(132) curve(0) 34 } // -// secp521r1 OBJECT IDENTIFIER ::= { -// iso(1) identified-organization(3) certicom(132) curve(0) 35 } +// secp521r1 OBJECT IDENTIFIER ::= { +// iso(1) identified-organization(3) certicom(132) curve(0) 35 } // // NB: secp256r1 is equivalent to prime256v1 var ( @@ -1557,7 +1560,7 @@ func parseGeneralNames(value []byte) (otherNames []pkix.OtherName, dnsNames, ema return } -//TODO +// TODO func parseCertificate(in *certificate) (*Certificate, error) { out := new(Certificate) out.Raw = in.Raw @@ -3090,3 +3093,323 @@ func parseCertificateRequest(in *certificateRequest) (*CertificateRequest, error func (c *CertificateRequest) CheckSignature() error { return CheckSignatureFromKey(c.PublicKey, c.SignatureAlgorithm, c.RawTBSCertificateRequest, c.Signature) } + +// RevocationList contains the fields used to create an X.509 v2 Certificate +// Revocation list with CreateRevocationList. +type RevocationList struct { + // Raw contains the complete ASN.1 DER content of the CRL (tbsCertList, + // signatureAlgorithm, and signatureValue.) + Raw []byte + // RawTBSRevocationList contains just the tbsCertList portion of the ASN.1 + // DER. + RawTBSRevocationList []byte + // RawIssuer contains the DER encoded Issuer. + RawIssuer []byte + + // Issuer contains the DN of the issuing certificate. + Issuer pkix.Name + // AuthorityKeyId is used to identify the public key associated with the + // issuing certificate. It is populated from the authorityKeyIdentifier + // extension when parsing a CRL. It is ignored when creating a CRL; the + // extension is populated from the issuing certificate itself. + AuthorityKeyId []byte + + Signature []byte + // SignatureAlgorithm is used to determine the signature algorithm to be + // used when signing the CRL. If 0 the default algorithm for the signing + // key will be used. + SignatureAlgorithm SignatureAlgorithm + + // RevokedCertificates is used to populate the revokedCertificates + // sequence in the CRL, it may be empty. RevokedCertificates may be nil, + // in which case an empty CRL will be created. + RevokedCertificates []RevokedCertificate + + // Number is used to populate the X.509 v2 cRLNumber extension in the CRL, + // which should be a monotonically increasing sequence number for a given + // CRL scope and CRL issuer. It is also populated from the cRLNumber + // extension when parsing a CRL. + Number *big.Int + + // ThisUpdate is used to populate the thisUpdate field in the CRL, which + // indicates the issuance date of the CRL. + ThisUpdate time.Time + // NextUpdate is used to populate the nextUpdate field in the CRL, which + // indicates the date by which the next CRL will be issued. NextUpdate + // must be greater than ThisUpdate. + NextUpdate time.Time + + // Extensions contains raw X.509 extensions. When creating a CRL, + // the Extensions field is ignored, see ExtraExtensions. + Extensions []pkix.Extension + + // ExtraExtensions contains any additional extensions to add directly to + // the CRL. + ExtraExtensions []pkix.Extension +} + +// These structures reflect the ASN.1 structure of X.509 CRLs better than +// the existing crypto/x509/pkix variants do. These mirror the existing +// certificate structs in this file. +// +// Notably, we include issuer as an asn1.RawValue, mirroring the behavior of +// tbsCertificate and allowing raw (unparsed) subjects to be passed cleanly. +type certificateList struct { + TBSCertList tbsCertificateList + SignatureAlgorithm pkix.AlgorithmIdentifier + SignatureValue asn1.BitString +} + +type tbsCertificateList struct { + Raw asn1.RawContent + Version int `asn1:"optional,default:0"` + Signature pkix.AlgorithmIdentifier + Issuer asn1.RawValue + ThisUpdate time.Time + NextUpdate time.Time `asn1:"optional"` + RevokedCertificates []pkix.RevokedCertificate `asn1:"optional"` + Extensions []pkix.Extension `asn1:"tag:0,optional,explicit"` +} + +func isIA5String(s string) error { + for _, r := range s { + // Per RFC5280 "IA5String is limited to the set of ASCII characters" + if r > unicode.MaxASCII { + return fmt.Errorf("x509: %q cannot be encoded as an IA5String", s) + } + } + + return nil +} + +func getSignatureAlgorithmFromAI(ai pkix.AlgorithmIdentifier) SignatureAlgorithm { + if ai.Algorithm.Equal(oidSignatureEd25519) { + // RFC 8410, Section 3 + // > For all of the OIDs, the parameters MUST be absent. + if len(ai.Parameters.FullBytes) != 0 { + return UnknownSignatureAlgorithm + } + } + + if !ai.Algorithm.Equal(oidSignatureRSAPSS) { + for _, details := range signatureAlgorithmDetails { + if ai.Algorithm.Equal(details.oid) { + return details.algo + } + } + return UnknownSignatureAlgorithm + } + + // RSA PSS is special because it encodes important parameters + // in the Parameters. + + var params pssParameters + if _, err := asn1.Unmarshal(ai.Parameters.FullBytes, ¶ms); err != nil { + return UnknownSignatureAlgorithm + } + + var mgf1HashFunc pkix.AlgorithmIdentifier + if _, err := asn1.Unmarshal(params.MGF.Parameters.FullBytes, &mgf1HashFunc); err != nil { + return UnknownSignatureAlgorithm + } + + // PSS is greatly overburdened with options. This code forces them into + // three buckets by requiring that the MGF1 hash function always match the + // message hash function (as recommended in RFC 3447, Section 8.1), that the + // salt length matches the hash length, and that the trailer field has the + // default value. + if (len(params.Hash.Parameters.FullBytes) != 0 && !bytes.Equal(params.Hash.Parameters.FullBytes, asn1.NullBytes)) || + !params.MGF.Algorithm.Equal(oidMGF1) || + !mgf1HashFunc.Algorithm.Equal(params.Hash.Algorithm) || + (len(mgf1HashFunc.Parameters.FullBytes) != 0 && !bytes.Equal(mgf1HashFunc.Parameters.FullBytes, asn1.NullBytes)) || + params.TrailerField != 1 { + return UnknownSignatureAlgorithm + } + + switch { + case params.Hash.Algorithm.Equal(oidSHA256) && params.SaltLength == 32: + return SHA256WithRSAPSS + case params.Hash.Algorithm.Equal(oidSHA384) && params.SaltLength == 48: + return SHA384WithRSAPSS + case params.Hash.Algorithm.Equal(oidSHA512) && params.SaltLength == 64: + return SHA512WithRSAPSS + } + + return UnknownSignatureAlgorithm +} + +// CreateRevocationList creates a new X.509 v2 Certificate Revocation List, +// according to RFC 5280, based on template. +// +// The CRL is signed by priv which should be the private key associated with +// the public key in the issuer certificate. +// +// The issuer may not be nil, and the crlSign bit must be set in KeyUsage in +// order to use it as a CRL issuer. +// +// The issuer distinguished name CRL field and authority key identifier +// extension are populated using the issuer certificate. issuer must have +// SubjectKeyId set. +func CreateRevocationList(rand io.Reader, template *RevocationList, issuer *Certificate, priv crypto.Signer) ([]byte, error) { + if template == nil { + return nil, errors.New("x509: template can not be nil") + } + if issuer == nil { + return nil, errors.New("x509: issuer can not be nil") + } + if (issuer.KeyUsage & KeyUsageCRLSign) == 0 { + return nil, errors.New("x509: issuer must have the crlSign key usage bit set") + } + if len(issuer.SubjectKeyId) == 0 { + return nil, errors.New("x509: issuer certificate doesn't contain a subject key identifier") + } + if template.NextUpdate.Before(template.ThisUpdate) { + return nil, errors.New("x509: template.ThisUpdate is after template.NextUpdate") + } + if template.Number == nil { + return nil, errors.New("x509: template contains nil Number field") + } + + hashFunc, signatureAlgorithm, err := signingParamsForPublicKey(priv.Public(), template.SignatureAlgorithm) + if err != nil { + return nil, err + } + + // Convert the ReasonCode field to a proper extension, and force revocation + // times to UTC per RFC 5280. + // STARTBLOCK: This block differs from upstream. Upstream: revokedCertsUTC := make([]pkix.RevokedCertificate, len(template.RevokedCertificates)) + revokedCerts := make([]pkix.RevokedCertificate, len(template.RevokedCertificates)) + for i, rc := range template.RevokedCertificates { + prc := pkix.RevokedCertificate{ + SerialNumber: rc.SerialNumber, + RevocationTime: rc.RevocationTime.UTC(), + } + + // Copy over any extra extensions, except for a Reason Code extension, + // because we'll synthesize that ourselves to ensure it is correct. + exts := make([]pkix.Extension, 0) + for _, ext := range rc.ExtraExtensions { + if ext.Id.Equal(oidExtensionReasonCode) { + continue + } + exts = append(exts, ext) + } + + // Only add a reasonCode extension if the reason is non-zero, as per + // RFC 5280 Section 5.3.1. + if rc.ReasonCode != nil && *rc.ReasonCode != 0 { + reasonBytes, err := asn1.Marshal(asn1.Enumerated(*rc.ReasonCode)) + if err != nil { + return nil, err + } + + exts = append(exts, pkix.Extension{ + Id: oidExtensionReasonCode, + Value: reasonBytes, + }) + } + + if len(exts) > 0 { + prc.Extensions = exts + } + revokedCerts[i] = prc + } + // ENDBLOCK + + aki, err := asn1.Marshal(authKeyId{Id: issuer.SubjectKeyId}) + if err != nil { + return nil, err + } + + if numBytes := template.Number.Bytes(); len(numBytes) > 20 || (len(numBytes) == 20 && numBytes[0]&0x80 != 0) { + return nil, errors.New("x509: CRL number exceeds 20 octets") + } + crlNum, err := asn1.Marshal(template.Number) + if err != nil { + return nil, err + } + + // Correctly use the issuer's subject sequence if one is specified. + issuerSubject, err := subjectBytes(issuer) + if err != nil { + return nil, err + } + + tbsCertList := tbsCertificateList{ + Version: 1, // v2 + Signature: signatureAlgorithm, + Issuer: asn1.RawValue{FullBytes: issuerSubject}, + ThisUpdate: template.ThisUpdate.UTC(), + NextUpdate: template.NextUpdate.UTC(), + Extensions: []pkix.Extension{ + { + Id: oidExtensionAuthorityKeyId, + Value: aki, + }, + { + Id: oidExtensionCRLNumber, + Value: crlNum, + }, + }, + } + if len(revokedCerts) > 0 { + tbsCertList.RevokedCertificates = revokedCerts + } + + if len(template.ExtraExtensions) > 0 { + tbsCertList.Extensions = append(tbsCertList.Extensions, template.ExtraExtensions...) + } + + tbsCertListContents, err := asn1.Marshal(tbsCertList) + if err != nil { + return nil, err + } + + // Optimization to only marshal this struct once, when signing and + // then embedding in certificateList below. + tbsCertList.Raw = tbsCertListContents + + input := tbsCertListContents + if hashFunc != 0 { + h := hashFunc.New() + h.Write(tbsCertListContents) + input = h.Sum(nil) + } + var signerOpts crypto.SignerOpts = hashFunc + if template.SignatureAlgorithm.isRSAPSS() { + signerOpts = &rsa.PSSOptions{ + SaltLength: rsa.PSSSaltLengthEqualsHash, + Hash: hashFunc, + } + } + + signature, err := priv.Sign(rand, input, signerOpts) + if err != nil { + return nil, err + } + + return asn1.Marshal(certificateList{ + TBSCertList: tbsCertList, + SignatureAlgorithm: signatureAlgorithm, + SignatureValue: asn1.BitString{Bytes: signature, BitLength: len(signature) * 8}, + }) +} + +// CheckSignatureFrom verifies that the signature on rl is a valid signature +// from issuer. +func (rl *RevocationList) CheckSignatureFrom(parent *Certificate) error { + if parent.Version == 3 && !parent.BasicConstraintsValid || + parent.BasicConstraintsValid && !parent.IsCA { + return ConstraintViolationError{} + } + + if parent.KeyUsage != 0 && parent.KeyUsage&KeyUsageCRLSign == 0 { + return ConstraintViolationError{} + } + + if parent.PublicKeyAlgorithm == UnknownPublicKeyAlgorithm { + return ErrUnsupportedAlgorithm + } + + return parent.CheckSignature(rl.SignatureAlgorithm, rl.RawTBSRevocationList, rl.Signature) +} diff --git a/vendor/github.com/zmap/zlint/v3/lint/base.go b/vendor/github.com/zmap/zlint/v3/lint/base.go index c5afe8a31..6c6e5f514 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/base.go +++ b/vendor/github.com/zmap/zlint/v3/lint/base.go @@ -1,7 +1,7 @@ package lint /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -15,23 +15,40 @@ package lint */ import ( - "fmt" "time" "github.com/zmap/zcrypto/x509" "github.com/zmap/zlint/v3/util" ) -// LintInterface is implemented by each Lint. -type LintInterface interface { //nolint:revive +// LintInterface is implemented by each certificate linter. +// +// @deprecated - use CertificateLintInterface instead. +type LintInterface = CertificateLintInterface + +// RevocationListLintInterface is implemented by each revocation list linter. +type RevocationListLintInterface interface { + // CheckApplies runs once per revocation list. It returns true if the + // Lint should run on the given certificate. If CheckApplies returns + // false, the Lint result is automatically set to NA without calling + // CheckEffective() or Run(). + CheckApplies(r *x509.RevocationList) bool + + // Execute is the body of the lint. It is called for every revocation list + // for which CheckApplies returns true. + Execute(r *x509.RevocationList) *LintResult +} + +// CertificateLintInterface is implemented by each certificate linter. +type CertificateLintInterface interface { // CheckApplies runs once per certificate. It returns true if the Lint should // run on the given certificate. If CheckApplies returns false, the Lint // result is automatically set to NA without calling CheckEffective() or // Run(). CheckApplies(c *x509.Certificate) bool - // Execute() is the body of the lint. It is called for every certificate for - // which CheckApplies() returns true. + // Execute is the body of the lint. It is called for every certificate for + // which CheckApplies returns true. Execute(c *x509.Certificate) *LintResult } @@ -40,10 +57,45 @@ type Configurable interface { Configure() interface{} } +// LintMetadata represents the metadata that are broadly associated across all types of lints. +// +// That is, all lints (irrespective of being a certificate lint, a CRL lint, and OCSP, etc.) +// have a Name, a Description, a Citation, and so on. +// +// In this way, this struct may be embedded in any linting type in order to maintain this +// data, while each individual linting type provides the behavior over this data. +type LintMetadata struct { + // Name is a lowercase underscore-separated string describing what a given + // Lint checks. If Name beings with "w", the lint MUST NOT return Error, only + // Warn. If Name beings with "e", the Lint MUST NOT return Warn, only Error. + Name string `json:"name,omitempty"` + + // A human-readable description of what the Lint checks. Usually copied + // directly from the CA/B Baseline Requirements or RFC 5280. + Description string `json:"description,omitempty"` + + // The source of the check, e.g. "BRs: 6.1.6" or "RFC 5280: 4.1.2.6". + Citation string `json:"citation,omitempty"` + + // Programmatic source of the check, BRs, RFC5280, or ZLint + Source LintSource `json:"source"` + + // Lints automatically returns NE for all certificates where CheckApplies() is + // true but with NotBefore < EffectiveDate. This check is bypassed if + // EffectiveDate is zero. Please see CheckEffective for more information. + EffectiveDate time.Time `json:"-"` + + // Lints automatically returns NE for all certificates where CheckApplies() is + // true but with NotBefore >= IneffectiveDate. This check is bypassed if + // IneffectiveDate is zero. Please see CheckEffective for more information. + IneffectiveDate time.Time `json:"-"` +} + // A Lint struct represents a single lint, e.g. // "e_basic_constraints_not_critical". It contains an implementation of LintInterface. +// +// @deprecated - use CertificateLint instead. type Lint struct { - // Name is a lowercase underscore-separated string describing what a given // Lint checks. If Name beings with "w", the lint MUST NOT return Error, only // Warn. If Name beings with "e", the Lint MUST NOT return Warn, only Error. @@ -68,24 +120,40 @@ type Lint struct { // true but with NotBefore >= IneffectiveDate. This check is bypassed if // IneffectiveDate is zero. Please see CheckEffective for more information. IneffectiveDate time.Time `json:"-"` - // A constructor which returns the implementation of the lint logic. Lint func() LintInterface `json:"-"` } +// toCertificateLint converts a Lint to a CertificateLint for backwards compatibility. +// +// @deprecated - Use CertificateLint directly. +func (l *Lint) toCertificateLint() *CertificateLint { + return &CertificateLint{ + LintMetadata: LintMetadata{ + Name: l.Name, + Description: l.Description, + Citation: l.Citation, + Source: l.Source, + EffectiveDate: l.EffectiveDate, + IneffectiveDate: l.IneffectiveDate, + }, + Lint: l.Lint, + } +} + // CheckEffective returns true if c was issued on or after the EffectiveDate // AND before (but not on) the Ineffective date. That is, CheckEffective // returns true if... // -// c.NotBefore in [EffectiveDate, IneffectiveDate) +// c.NotBefore in [EffectiveDate, IneffectiveDate) // // If EffectiveDate is zero, then only IneffectiveDate is checked. Conversely, // if IneffectiveDate is zero then only EffectiveDate is checked. If both EffectiveDate // and IneffectiveDate are zero then CheckEffective always returns true. +// +// @deprecated - use CertificateLint instead. func (l *Lint) CheckEffective(c *x509.Certificate) bool { - onOrAfterEffective := l.EffectiveDate.IsZero() || util.OnOrAfter(c.NotBefore, l.EffectiveDate) - strictlyBeforeIneffective := l.IneffectiveDate.IsZero() || c.NotBefore.Before(l.IneffectiveDate) - return onOrAfterEffective && strictlyBeforeIneffective + return l.toCertificateLint().CheckEffective(c) } // Execute runs the lint against a certificate. For lints that are @@ -97,34 +165,132 @@ func (l *Lint) CheckEffective(c *x509.Certificate) bool { // CheckApplies() // CheckEffective() // Execute() +// +// @deprecated - use CertificateLint instead func (l *Lint) Execute(cert *x509.Certificate, config Configuration) *LintResult { + return l.toCertificateLint().Execute(cert, config) +} + +// CertificateLint represents a single x509 certificate linter. +type CertificateLint struct { + // Metadata associated with the linter. + LintMetadata + // A constructor which returns the implementation of the linter. + Lint func() CertificateLintInterface `json:"-"` +} + +// toLint converts a CertificateLint to Lint for backwards compatibility +// +// @deprecated - use CertificateLint directly. +func (l *CertificateLint) toLint() *Lint { + return &Lint{ + Name: l.Name, + Description: l.Description, + Citation: l.Citation, + Source: l.Source, + EffectiveDate: l.EffectiveDate, + IneffectiveDate: l.IneffectiveDate, + Lint: l.Lint, + } +} + +// CheckEffective returns true if c was issued on or after the EffectiveDate +// AND before (but not on) the Ineffective date. That is, CheckEffective +// returns true if... +// +// c.NotBefore in [EffectiveDate, IneffectiveDate) +// +// If EffectiveDate is zero, then only IneffectiveDate is checked. Conversely, +// if IneffectiveDate is zero then only EffectiveDate is checked. If both EffectiveDate +// and IneffectiveDate are zero then CheckEffective always returns true. +func (l *CertificateLint) CheckEffective(c *x509.Certificate) bool { + return checkEffective(l.EffectiveDate, l.IneffectiveDate, c.NotBefore) +} + +// Execute runs the lint against a certificate. For lints that are +// sourced from the CA/B Forum Baseline Requirements, we first determine +// if they are within the purview of the BRs. See CertificateLintInterface +// for details about the other methods called. +// The ordering is as follows: +// +// Configure() ----> only if the lint implements Configurable +// CheckApplies() +// CheckEffective() +// Execute() +func (l *CertificateLint) Execute(cert *x509.Certificate, config Configuration) *LintResult { if l.Source == CABFBaselineRequirements && !util.IsServerAuthCert(cert) { return &LintResult{Status: NA} } - return l.execute(l.Lint(), cert, config) -} - -func (l *Lint) execute(lint LintInterface, cert *x509.Certificate, config Configuration) *LintResult { - configurable, ok := lint.(Configurable) - if ok { - err := config.Configure(configurable.Configure(), l.Name) - if err != nil { - details := fmt.Sprintf( - "A fatal error occurred while attempting to configure %s. Please visit the [%s] section of "+ - "your provided configuration and compare it with the output of `zlint -exampleConfig`. Error: %s", - l.Name, - l.Name, - err.Error()) - return &LintResult{ - Status: Fatal, - Details: details} - } + lint := l.Lint() + err := config.MaybeConfigure(lint, l.Name) + if err != nil { + return &LintResult{ + Status: Fatal, + Details: err.Error()} } if !lint.CheckApplies(cert) { return &LintResult{Status: NA} } else if !l.CheckEffective(cert) { return &LintResult{Status: NE} } - res := lint.Execute(cert) - return res + return lint.Execute(cert) +} + +// RevocationListLint represents a single x509 CRL linter. +type RevocationListLint struct { + // Metadata associated with the linter. + LintMetadata + // A constructor which returns the implementation of the linter. + Lint func() RevocationListLintInterface `json:"-"` +} + +// CheckEffective returns true if r was generated on or after the EffectiveDate +// AND before (but not on) the Ineffective date. That is, CheckEffective +// returns true if... +// +// r.ThisUpdate in [EffectiveDate, IneffectiveDate) +// +// If EffectiveDate is zero, then only IneffectiveDate is checked. Conversely, +// if IneffectiveDate is zero then only EffectiveDate is checked. If both EffectiveDate +// and IneffectiveDate are zero then CheckEffective always returns true. +func (l *RevocationListLint) CheckEffective(r *x509.RevocationList) bool { + return checkEffective(l.EffectiveDate, l.IneffectiveDate, r.ThisUpdate) +} + +// Execute runs the lint against a revocation list. +// The ordering is as follows: +// +// Configure() ----> only if the lint implements Configurable +// CheckApplies() +// CheckEffective() +// Execute() +func (l *RevocationListLint) Execute(r *x509.RevocationList, config Configuration) *LintResult { + lint := l.Lint() + err := config.MaybeConfigure(lint, l.Name) + if err != nil { + return &LintResult{ + Status: Fatal, + Details: err.Error()} + } + if !lint.CheckApplies(r) { + return &LintResult{Status: NA} + } else if !l.CheckEffective(r) { + return &LintResult{Status: NE} + } + return lint.Execute(r) +} + +// checkEffective returns true if target was generated on or after the EffectiveDate +// AND before (but not on) the Ineffective date. That is, CheckEffective +// returns true if... +// +// target in [effective, ineffective) +// +// If effective is zero, then only ineffective is checked. Conversely, +// if ineffective is zero then only effect is checked. If both effective +// and ineffective are zero then checkEffective always returns true. +func checkEffective(effective, ineffective, target time.Time) bool { + onOrAfterEffective := effective.IsZero() || util.OnOrAfter(target, effective) + strictlyBeforeIneffective := ineffective.IsZero() || target.Before(ineffective) + return onOrAfterEffective && strictlyBeforeIneffective } diff --git a/vendor/github.com/zmap/zlint/v3/lint/configuration.go b/vendor/github.com/zmap/zlint/v3/lint/configuration.go index d60f3aec7..0ace959be 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/configuration.go +++ b/vendor/github.com/zmap/zlint/v3/lint/configuration.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -15,6 +15,7 @@ package lint import ( + "errors" "fmt" "io" "os" @@ -30,24 +31,42 @@ type Configuration struct { tree *toml.Tree } +// MaybeConfigure is a thin wrapper over Configure. +// +// If the provided lint object does not implement the Configurable interface +// then this function is a noop and nil is always returned. +// +// Otherwise, configuration of the provided lint is attempted. +func (c Configuration) MaybeConfigure(lint interface{}, namespace string) error { + configurable, ok := lint.(Configurable) + if !ok { + return nil + } + return c.Configure(configurable.Configure(), namespace) +} + // Configure attempts to deserialize the provided namespace into the provided empty interface. // // For example, let's say that the name of your lint is MyLint, then the configuration // file might look something like the following... // // ``` +// // [MyLint] // A = 1 // B = 2 +// // ``` // // Given this, our target struct may look like the following... // // ``` +// // type MytLint struct { // A int // B uint // } +// // ``` // // So deserializing into this struct would look like... @@ -56,7 +75,17 @@ type Configuration struct { // configuration.Configure(&myLint, myLint.Name()) // ``` func (c Configuration) Configure(lint interface{}, namespace string) error { - return c.deserializeConfigInto(lint, namespace) + err := c.deserializeConfigInto(lint, namespace) + if err != nil { + details := fmt.Sprintf( + "A fatal error occurred while attempting to configure %s. Please visit the [%s] section of "+ + "your provided configuration and compare it with the output of `zlint -exampleConfig`. Error: %s", + namespace, + namespace, + err.Error()) + err = errors.New(details) + } + return err } // NewConfig attempts to instantiate a configuration by consuming the contents of the provided reader. @@ -121,9 +150,11 @@ func NewEmptyConfig() Configuration { // And the following struct definition... // // ``` -// type SomeOtherLint { -// IsWebPKI bool `toml:"is_web_pki"` -// } +// +// type SomeOtherLint { +// IsWebPKI bool `toml:"is_web_pki"` +// } +// // ``` // // Then the invocation of this function should be... diff --git a/vendor/github.com/zmap/zlint/v3/lint/global_configurations.go b/vendor/github.com/zmap/zlint/v3/lint/global_configurations.go index 826734ed3..0438fab33 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/global_configurations.go +++ b/vendor/github.com/zmap/zlint/v3/lint/global_configurations.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lint/lint_lookup.go b/vendor/github.com/zmap/zlint/v3/lint/lint_lookup.go new file mode 100644 index 000000000..91d723606 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lint/lint_lookup.go @@ -0,0 +1,217 @@ +/* + * ZLint Copyright 2023 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package lint + +import ( + "sort" + "sync" +) + +var ( + // Verify that the interface holds + _ linterLookup = &linterLookupImpl{} + _ CertificateLinterLookup = &certificateLinterLookupImpl{} + _ RevocationListLinterLookup = &revocationListLinterLookupImpl{} +) + +type linterLookup interface { + // Names returns a list of all lint names that have been registered. + // The returned list is sorted by lexicographical ordering. + Names() []string + // Sources returns a SourceList of registered LintSources. The list is not + // sorted but can be sorted by the caller with sort.Sort() if required. + Sources() SourceList +} + +type linterLookupImpl struct { + sync.RWMutex + // lintNames is a sorted list of all registered lint names. It is + // equivalent to collecting the keys from lintsByName into a slice and sorting + // them lexicographically. + lintNames []string + sources map[LintSource]struct{} +} + +// Names returns the list of lint names registered for the lint type T. +func (lookup *linterLookupImpl) Names() []string { + lookup.RLock() + defer lookup.RUnlock() + return lookup.lintNames +} + +// Sources returns a SourceList of registered LintSources. The list is not +// sorted but can be sorted by the caller with sort.Sort() if required. +func (lookup *linterLookupImpl) Sources() SourceList { + lookup.RLock() + defer lookup.RUnlock() + var list SourceList + for lintSource := range lookup.sources { + list = append(list, lintSource) + } + return list +} + +func newLinterLookup() linterLookupImpl { + return linterLookupImpl{ + lintNames: make([]string, 0), + sources: map[LintSource]struct{}{}, + } +} + +// CertificateLinterLookup is an interface describing how registered certificate lints can be looked up. +type CertificateLinterLookup interface { + linterLookup + // ByName returns a pointer to the registered lint with the given name, or nil + // if there is no such lint registered in the registry. + ByName(name string) *CertificateLint + // BySource returns a list of registered lints that have the same LintSource as + // provided (or nil if there were no such lints in the registry). + BySource(s LintSource) []*CertificateLint + // Lints returns a list of all the lints registered. + Lints() []*CertificateLint +} + +type certificateLinterLookupImpl struct { + linterLookupImpl + // lintsByName is a map of all registered lints by name. + lintsByName map[string]*CertificateLint + lintsBySource map[LintSource][]*CertificateLint + lints []*CertificateLint +} + +// ByName returns the Lint previously registered under the given name with +// Register, or nil if no matching lint name has been registered. +func (lookup *certificateLinterLookupImpl) ByName(name string) *CertificateLint { + lookup.RLock() + defer lookup.RUnlock() + return lookup.lintsByName[name] +} + +// BySource returns a list of registered lints that have the same LintSource as +// provided (or nil if there were no such lints). +func (lookup *certificateLinterLookupImpl) BySource(s LintSource) []*CertificateLint { + lookup.RLock() + defer lookup.RUnlock() + return lookup.lintsBySource[s] +} + +// Lints returns a list of registered lints. +func (lookup *certificateLinterLookupImpl) Lints() []*CertificateLint { + lookup.RLock() + defer lookup.RUnlock() + return lookup.lints +} + +func (lookup *certificateLinterLookupImpl) register(lint *CertificateLint, name string, source LintSource) error { + if name == "" { + return errEmptyName + } + lookup.RLock() + defer lookup.RUnlock() + + if existing := lookup.lintsByName[name]; existing != nil { + return &errDuplicateName{name} + } + lookup.lints = append(lookup.lints, lint) + lookup.lintNames = append(lookup.lintNames, name) + lookup.lintsByName[name] = lint + + lookup.sources[source] = struct{}{} + lookup.lintsBySource[source] = append(lookup.lintsBySource[source], lint) + sort.Strings(lookup.lintNames) + return nil +} + +func newCertificateLintLookup() certificateLinterLookupImpl { + return certificateLinterLookupImpl{ + linterLookupImpl: newLinterLookup(), + lintsByName: make(map[string]*CertificateLint), + lintsBySource: make(map[LintSource][]*CertificateLint), + lints: make([]*CertificateLint, 0), + } +} + +// RevocationListLinterLookup is an interface describing how registered revocation list lints can be looked up. +type RevocationListLinterLookup interface { + linterLookup + // ByName returns a pointer to the registered lint with the given name, or nil + // if there is no such lint registered in the registry. + ByName(name string) *RevocationListLint + // BySource returns a list of registered lints that have the same LintSource as + // provided (or nil if there were no such lints in the registry). + BySource(s LintSource) []*RevocationListLint + // Lints returns a list of all the lints registered. + Lints() []*RevocationListLint +} + +type revocationListLinterLookupImpl struct { + linterLookupImpl + // lintsByName is a map of all registered lints by name. + lintsByName map[string]*RevocationListLint + lintsBySource map[LintSource][]*RevocationListLint + lints []*RevocationListLint +} + +// ByName returns the Lint previously registered under the given name with +// Register, or nil if no matching lint name has been registered. +func (lookup *revocationListLinterLookupImpl) ByName(name string) *RevocationListLint { + lookup.RLock() + defer lookup.RUnlock() + return lookup.lintsByName[name] +} + +// BySource returns a list of registered lints that have the same LintSource as +// provided (or nil if there were no such lints). +func (lookup *revocationListLinterLookupImpl) BySource(s LintSource) []*RevocationListLint { + lookup.RLock() + defer lookup.RUnlock() + return lookup.lintsBySource[s] +} + +// Lints returns a list of registered lints. +func (lookup *revocationListLinterLookupImpl) Lints() []*RevocationListLint { + lookup.RLock() + defer lookup.RUnlock() + return lookup.lints +} + +func (lookup *revocationListLinterLookupImpl) register(lint *RevocationListLint, name string, source LintSource) error { + if name == "" { + return errEmptyName + } + lookup.RLock() + defer lookup.RUnlock() + + if existing := lookup.lintsByName[name]; existing != nil { + return &errDuplicateName{name} + } + lookup.lints = append(lookup.lints, lint) + lookup.lintNames = append(lookup.lintNames, name) + lookup.lintsByName[name] = lint + + lookup.sources[source] = struct{}{} + lookup.lintsBySource[source] = append(lookup.lintsBySource[source], lint) + sort.Strings(lookup.lintNames) + return nil +} + +func newRevocationListLintLookup() revocationListLinterLookupImpl { + return revocationListLinterLookupImpl{ + linterLookupImpl: newLinterLookup(), + lintsByName: make(map[string]*RevocationListLint), + lintsBySource: make(map[LintSource][]*RevocationListLint), + lints: make([]*RevocationListLint, 0), + } +} diff --git a/vendor/github.com/zmap/zlint/v3/lint/profile.go b/vendor/github.com/zmap/zlint/v3/lint/profile.go new file mode 100644 index 000000000..d94c94c03 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lint/profile.go @@ -0,0 +1,59 @@ +/* + * ZLint Copyright 2023 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package lint + +type Profile struct { + // Name is a lowercase underscore-separated string describing what a given + // profile aggregates. + Name string `json:"name"` + + // A human-readable description of what the Profile checks. Usually copied + // directly from the CA/B Baseline Requirements, RFC 5280, or other published + // document. + Description string `json:"description,omitempty"` + + // The source of the check, e.g. "BRs: 6.1.6" or "RFC 5280: 4.1.2.6". + Citation string `json:"citation,omitempty"` + + // Programmatic source of the check, BRs, RFC5280, or ZLint + Source LintSource `json:"source,omitempty"` + + // The names of the lints that compromise this profile. These names + // MUST be the exact same found within Lint.Name. + LintNames []string `json:"lints"` +} + +var profiles = map[string]Profile{} + +// RegisterProfile registered the provided profile into the global profile mapping. +func RegisterProfile(profile Profile) { + profiles[profile.Name] = profile +} + +// GetProfile returns the Profile for which the provided name matches Profile.Name. +// If no such Profile exists then the `ok` returns false, else true. +func GetProfile(name string) (profile Profile, ok bool) { + profile, ok = profiles[name] + return profile, ok +} + +// AllProfiles returns a slice of all Profiles currently registered globally. +func AllProfiles() []Profile { + p := make([]Profile, 0) + for _, profile := range profiles { + p = append(p, profile) + } + return p +} diff --git a/vendor/github.com/zmap/zlint/v3/lint/registration.go b/vendor/github.com/zmap/zlint/v3/lint/registration.go index 2d6d96939..9e77ebf8c 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/registration.go +++ b/vendor/github.com/zmap/zlint/v3/lint/registration.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -23,7 +23,6 @@ import ( "regexp" "sort" "strings" - "sync" "github.com/pelletier/go-toml" ) @@ -56,12 +55,21 @@ type FilterOptions struct { // Empty returns true if the FilterOptions is empty and does not specify any // elements to filter by. -func (opts FilterOptions) Empty() bool { - return opts.NameFilter == nil && - len(opts.IncludeNames) == 0 && - len(opts.ExcludeNames) == 0 && - len(opts.IncludeSources) == 0 && - len(opts.ExcludeSources) == 0 +func (f FilterOptions) Empty() bool { + return f.NameFilter == nil && + len(f.IncludeNames) == 0 && + len(f.ExcludeNames) == 0 && + len(f.IncludeSources) == 0 && + len(f.ExcludeSources) == 0 +} + +// AddProfile takes in a Profile and appends all Profile.LintNames +// into FilterOptions.IncludeNames. +func (f *FilterOptions) AddProfile(profile Profile) { + if f.IncludeNames == nil { + f.IncludeNames = make([]string, 0) + } + f.IncludeNames = append(f.IncludeNames, profile.LintNames...) } // Registry is an interface describing a collection of registered lints. @@ -71,7 +79,7 @@ func (opts FilterOptions) Empty() bool { // Typically users will interact with the global Registry returned by // GlobalRegistry(), or a filtered Registry created by applying FilterOptions to // the GlobalRegistry()'s Filter function. -type Registry interface { +type Registry interface { //nolint: interfacebloat // Somewhat unavoidable here. // Names returns a list of all of the lint names that have been registered // in string sorted order. Names() []string @@ -82,9 +90,13 @@ type Registry interface { DefaultConfiguration() ([]byte, error) // ByName returns a pointer to the registered lint with the given name, or nil // if there is no such lint registered in the registry. + // + // @deprecated - use CertificateLints instead. ByName(name string) *Lint // BySource returns a list of registered lints that have the same LintSource as // provided (or nil if there were no such lints in the registry). + // + // @deprecated - use CertificateLints instead. BySource(s LintSource) []*Lint // Filter returns a new Registry containing only lints that match the // FilterOptions criteria. @@ -94,22 +106,18 @@ type Registry interface { WriteJSON(w io.Writer) SetConfiguration(config Configuration) GetConfiguration() Configuration + // CertificateLints returns an interface used to lookup CertificateLints. + CertificateLints() CertificateLinterLookup + // RevocationListLitns returns an interface used to lookup RevocationListLints. + RevocationListLints() RevocationListLinterLookup } // registryImpl implements the Registry interface to provide a global collection // of Lints that have been registered. type registryImpl struct { - sync.RWMutex - // lintsByName is a map of all registered lints by name. - lintsByName map[string]*Lint - // lintNames is a sorted list of all of the registered lint names. It is - // equivalent to collecting the keys from lintsByName into a slice and sorting - // them lexicographically. - lintNames []string - // lintsBySource is a map of all registered lints by source category. Lints - // are added to the lintsBySource map by RegisterLint. - lintsBySource map[LintSource][]*Lint - configuration Configuration + certificateLints certificateLinterLookupImpl + revocationListLints revocationListLinterLookupImpl + configuration Configuration } var ( @@ -135,67 +143,106 @@ func (e errDuplicateName) Error() string { e.lintName) } -// register adds the provided lint to the Registry. If initialize is true then -// the lint's Initialize() function will be called before registering the lint. +// registerLint registers a lint to the registry. +// +// @deprecated - use registerCertificateLint instead. +func (r *registryImpl) register(l *Lint) error { + if l == nil { + return errNilLint + } + if l.Lint() == nil { + return errNilLintPtr + } + + return r.registerCertificateLint(l.toCertificateLint()) +} + +// registerCertificateLint registers a CertificateLint to the registry. // // An error is returned if the lint or lint's Lint pointer is nil, if the Lint // has an empty Name or if the Name was previously registered. -func (r *registryImpl) register(l *Lint) error { +func (r *registryImpl) registerCertificateLint(l *CertificateLint) error { if l == nil { return errNilLint } if l.Lint() == nil { return errNilLintPtr } - if l.Name == "" { - return errEmptyName + return r.certificateLints.register(l, l.Name, l.Source) +} + +// registerCertificateLint registers a CertificateLint to the registry. +// +// An error is returned if the lint or lint's Lint pointer is nil, if the Lint +// has an empty Name or if the Name was previously registered. +func (r *registryImpl) registerRevocationListLint(l *RevocationListLint) error { + if l == nil { + return errNilLint } - if existing := r.ByName(l.Name); existing != nil { - return &errDuplicateName{l.Name} + if l.Lint() == nil { + return errNilLintPtr } - r.Lock() - defer r.Unlock() - r.lintNames = append(r.lintNames, l.Name) - r.lintsByName[l.Name] = l - r.lintsBySource[l.Source] = append(r.lintsBySource[l.Source], l) - sort.Strings(r.lintNames) - return nil + return r.revocationListLints.register(l, l.Name, l.Source) } // ByName returns the Lint previously registered under the given name with // Register, or nil if no matching lint name has been registered. +// +// @deprecated - use r.CertificateLints.ByName() instead. func (r *registryImpl) ByName(name string) *Lint { - r.RLock() - defer r.RUnlock() - return r.lintsByName[name] + certificateLint := r.certificateLints.ByName(name) + if certificateLint == nil { + return nil + } + + return certificateLint.toLint() } // Names returns a list of all of the lint names that have been registered // in string sorted order. func (r *registryImpl) Names() []string { - r.RLock() - defer r.RUnlock() - return r.lintNames + var names []string + names = append(names, r.certificateLints.lintNames...) + names = append(names, r.revocationListLints.lintNames...) + + sort.Strings(names) + return names } // BySource returns a list of registered lints that have the same LintSource as // provided (or nil if there were no such lints). +// +// @deprecated use r.CertificateLints().BySource() instead. func (r *registryImpl) BySource(s LintSource) []*Lint { - r.RLock() - defer r.RUnlock() - return r.lintsBySource[s] + var lints []*Lint + + certificateLints := r.certificateLints.BySource(s) + for _, l := range certificateLints { + if l == nil { + continue + } + lints = append(lints, l.toLint()) + } + + return lints } // Sources returns a SourceList of registered LintSources. The list is not // sorted but can be sorted by the caller with sort.Sort() if required. func (r *registryImpl) Sources() SourceList { - r.RLock() - defer r.RUnlock() - var results SourceList - for k := range r.lintsBySource { - results = append(results, k) - } - return results + var sources SourceList + + sources = append(sources, r.certificateLints.Sources()...) + sources = append(sources, r.revocationListLints.Sources()...) + return sources +} + +func (r *registryImpl) CertificateLints() CertificateLinterLookup { + return &r.certificateLints +} + +func (r *registryImpl) RevocationListLints() RevocationListLinterLookup { + return &r.revocationListLints } // lintNamesToMap converts a list of lit names into a bool hashmap useful for @@ -209,10 +256,15 @@ func (r *registryImpl) lintNamesToMap(names []string) (map[string]bool, error) { namesMap := make(map[string]bool, len(names)) for _, n := range names { n = strings.TrimSpace(n) - if l := r.ByName(n); l == nil { - return nil, fmt.Errorf("unknown lint name %q", n) + if l := r.certificateLints.ByName(n); l != nil { + namesMap[n] = true + continue } - namesMap[n] = true + if l := r.revocationListLints.ByName(n); l != nil { + namesMap[n] = true + continue + } + return nil, fmt.Errorf("unknown lint name %q", n) } return namesMap, nil } @@ -232,7 +284,9 @@ func sourceListToMap(sources SourceList) map[LintSource]bool { // criteria included. // // FilterOptions are applied in the following order of precedence: -// ExcludeSources > IncludeSources > NameFilter > ExcludeNames > IncludeNames +// +// ExcludeSources > IncludeSources > NameFilter > ExcludeNames > IncludeNames +// //nolint:cyclop func (r *registryImpl) Filter(opts FilterOptions) (Registry, error) { // If there's no filtering to be done, return the existing Registry. @@ -262,12 +316,25 @@ func (r *registryImpl) Filter(opts FilterOptions) (Registry, error) { } for _, name := range r.Names() { - l := r.ByName(name) + var meta LintMetadata + var registerFunc func() error - if sourceExcludes != nil && sourceExcludes[l.Source] { + if l := r.certificateLints.ByName(name); l != nil { + meta = l.LintMetadata + registerFunc = func() error { + return filteredRegistry.registerCertificateLint(l) + } + } else if l := r.revocationListLints.ByName(name); l != nil { + meta = l.LintMetadata + registerFunc = func() error { + return filteredRegistry.registerRevocationListLint(l) + } + } + + if sourceExcludes != nil && sourceExcludes[meta.Source] { continue } - if sourceIncludes != nil && !sourceIncludes[l.Source] { + if sourceIncludes != nil && !sourceIncludes[meta.Source] { continue } if opts.NameFilter != nil && !opts.NameFilter.MatchString(name) { @@ -280,9 +347,7 @@ func (r *registryImpl) Filter(opts FilterOptions) (Registry, error) { continue } - // when adding lints to a filtered registry we do not want Initialize() to - // be called a second time, so provide false as the initialize argument. - if err := filteredRegistry.register(l); err != nil { + if err := registerFunc(); err != nil { return nil, err } } @@ -295,9 +360,14 @@ func (r *registryImpl) Filter(opts FilterOptions) (Registry, error) { func (r *registryImpl) WriteJSON(w io.Writer) { enc := json.NewEncoder(w) enc.SetEscapeHTML(false) - for _, name := range r.Names() { + for _, lint := range r.certificateLints.Lints() { //nolint:errchkjson - _ = enc.Encode(r.ByName(name)) + _ = enc.Encode(lint) + } + + for _, lint := range r.revocationListLints.Lints() { + //nolint:errchkjson + _ = enc.Encode(lint) } } @@ -322,13 +392,22 @@ func (r *registryImpl) DefaultConfiguration() ([]byte, error) { // for the sake of making unit testing easier. func (r *registryImpl) defaultConfiguration(globals []GlobalConfiguration) ([]byte, error) { configurables := map[string]interface{}{} - for name, lint := range r.lintsByName { + for name, lint := range r.certificateLints.lintsByName { + switch configurable := lint.Lint().(type) { + case Configurable: + configurables[name] = stripGlobalsFromExample(configurable.Configure()) + default: + } + } + + for name, lint := range r.revocationListLints.lintsByName { switch configurable := lint.Lint().(type) { case Configurable: configurables[name] = stripGlobalsFromExample(configurable.Configure()) default: } } + for _, config := range globals { switch config.(type) { case *Global: @@ -360,11 +439,12 @@ func (r *registryImpl) defaultConfiguration(globals []GlobalConfiguration) ([]by // NewRegistry constructs a Registry implementation that can be used to register // lints. +// //nolint:revive func NewRegistry() *registryImpl { registry := ®istryImpl{ - lintsByName: make(map[string]*Lint), - lintsBySource: make(map[LintSource][]*Lint), + certificateLints: newCertificateLintLookup(), + revocationListLints: newRevocationListLintLookup(), } registry.SetConfiguration(NewEmptyConfig()) return registry @@ -377,18 +457,41 @@ var globalRegistry = NewRegistry() // RegisterLint must be called once for each lint to be executed. Normally, // RegisterLint is called from the Go init() function of a lint implementation. // -// RegsterLint will call l.Lint's Initialize() function as part of the -// registration process. -// // IMPORTANT: RegisterLint will panic if given a nil lint, or a lint with a nil -// Lint pointer, or if the lint's Initialize function errors, or if the lint -// name matches a previously registered lint's name. These conditions all -// indicate a bug that should be addressed by a developer. +// Lint pointer, or if the lint name matches a previously registered lint's +// name. These conditions all indicate a bug that should be addressed by a +// developer. +// +// @deprecated - use RegisterCertificateLint instead. func RegisterLint(l *Lint) { + RegisterCertificateLint(l.toCertificateLint()) +} + +// RegisterCertificateLint must be called once for each CertificateLint to be executed. +// Normally, RegisterCertificateLint is called from the Go init() function of a lint implementation. +// +// IMPORTANT: RegisterCertificateLint will panic if given a nil lint, or a lint +// with a nil Lint pointer, or if the lint name matches a previously registered +// lint's name. These conditions all indicate a bug that should be addressed by +// a developer. +func RegisterCertificateLint(l *CertificateLint) { + if err := globalRegistry.registerCertificateLint(l); err != nil { + panic(fmt.Sprintf("RegisterLint error: %v\n", err.Error())) + } +} + +// RegisterRevocationListLint must be called once for each RevocationListLint to be executed. +// Normally, RegisterRevocationListLint is called from the Go init() function of a lint implementation. +// +// IMPORTANT: RegisterRevocationListLint will panic if given a nil lint, or a +// lint with a nil Lint pointer, or if the lint name matches a previously +// registered lint's name. These conditions all indicate a bug that should be +// addressed by a developer. +func RegisterRevocationListLint(l *RevocationListLint) { // RegisterLint always sets initialize to true. It's assumed this is called by // the package init() functions and therefore must be doing the first // initialization of a lint. - if err := globalRegistry.register(l); err != nil { + if err := globalRegistry.registerRevocationListLint(l); err != nil { panic(fmt.Sprintf("RegisterLint error: %v\n", err.Error())) } } diff --git a/vendor/github.com/zmap/zlint/v3/lint/result.go b/vendor/github.com/zmap/zlint/v3/lint/result.go index 726d5743f..ca3d6db0e 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/result.go +++ b/vendor/github.com/zmap/zlint/v3/lint/result.go @@ -1,7 +1,7 @@ package lint /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -21,6 +21,7 @@ import ( ) // LintStatus is an enum returned by lints inside of a LintResult. +// //nolint:revive type LintStatus int diff --git a/vendor/github.com/zmap/zlint/v3/lint/source.go b/vendor/github.com/zmap/zlint/v3/lint/source.go index b978ea8b6..c1808c063 100644 --- a/vendor/github.com/zmap/zlint/v3/lint/source.go +++ b/vendor/github.com/zmap/zlint/v3/lint/source.go @@ -7,7 +7,7 @@ import ( ) /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -22,6 +22,7 @@ import ( // LintSource is a type representing a known lint source that lints cite // requirements from. +// //nolint:revive type LintSource string diff --git a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_ct_sct_policy_count_unsatisfied.go b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_ct_sct_policy_count_unsatisfied.go index 37f4dc041..0f2eb822b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_ct_sct_policy_count_unsatisfied.go +++ b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_ct_sct_policy_count_unsatisfied.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_e_server_cert_valid_time_longer_than_398_days.go b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_e_server_cert_valid_time_longer_than_398_days.go index 0902bb176..b953c1b74 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_e_server_cert_valid_time_longer_than_398_days.go +++ b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_e_server_cert_valid_time_longer_than_398_days.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_w_server_cert_valid_time_longer_than_397_days.go b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_w_server_cert_valid_time_longer_than_397_days.go index c80c185ba..532b84683 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/apple/lint_w_server_cert_valid_time_longer_than_397_days.go +++ b/vendor/github.com/zmap/zlint/v3/lints/apple/lint_w_server_cert_valid_time_longer_than_397_days.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/apple/time.go b/vendor/github.com/zmap/zlint/v3/lints/apple/time.go index cd56e8790..2b4e632f2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/apple/time.go +++ b/vendor/github.com/zmap/zlint/v3/lints/apple/time.go @@ -4,8 +4,9 @@ import "time" // In the context of a root policy update on trusted certificate lifetimes[0] // Apple provided an unambiguous definition for the length of a day: -// "398 days is measured with a day being equal to 86,400 seconds. Any time -// greater than this indicates an additional day of validity." +// +// "398 days is measured with a day being equal to 86,400 seconds. Any time +// greater than this indicates an additional day of validity." // // We provide that value as a constant here for lints to use. // diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_common_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_common_name_missing.go index cded5cb8c..4a350a245 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_common_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_common_name_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_invalid.go index ba34eea9d..0c1ce0534 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_invalid.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_missing.go index a0a112b2b..a5fdb48f2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_country_name_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_crl_sign_not_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_crl_sign_not_set.go index 863a7ea40..fac3e3e90 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_crl_sign_not_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_crl_sign_not_set.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_digital_signature_not_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_digital_signature_not_set.go index 64fc07c28..f76531643 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_digital_signature_not_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_digital_signature_not_set.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_is_ca.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_is_ca.go index 5bec46cec..170beb261 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_is_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_is_ca.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_cert_sign_not_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_cert_sign_not_set.go index 1861e3a41..9fe92b638 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_cert_sign_not_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_cert_sign_not_set.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_missing.go index 551a9a831..84e0a9db5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_not_critical.go index 1af5c0942..11a03b78e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_key_usage_not_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_organization_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_organization_name_missing.go index 38d702e6d..e4a686c7d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_organization_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ca_organization_name_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_locality.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_locality.go index 7b290e49a..e4776b6b1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_locality.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_locality.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_org.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_org.go index c32b5ae96..648cb03a8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_org.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_org.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_postal.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_postal.go index 2b9d26abb..27e1997e3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_postal.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_postal.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_province.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_province.go index 656c80767..f26fdbc49 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_province.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_province.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_street.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_street.go index 314278a61..e842d6d5d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_street.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_dv_conflicts_with_street.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_iv_requires_personal_name.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_iv_requires_personal_name.go index 8f81fdc8a..4c7a758d4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_iv_requires_personal_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_iv_requires_personal_name.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_ov_requires_org.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_ov_requires_org.go index b39c0512e..c73b7665b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_ov_requires_org.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cab_ov_requires_org.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_country.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_country.go index 75ca58834..a33dcaa55 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_country.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_country.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_province_or_locality.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_province_or_locality.go index cfeac1b91..5e423bb0e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_province_or_locality.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_iv_requires_province_or_locality.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_country.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_country.go index ef81bd934..7ef68f93e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_country.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_country.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_province_or_locality.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_province_or_locality.go index e3ed9aae8..99cfb6d46 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_province_or_locality.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_cert_policy_ov_requires_province_or_locality.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dh_params_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dh_params_missing.go index 1c38628f0..244d2376c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dh_params_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dh_params_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_bad_character_in_label.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_bad_character_in_label.go index 8f70133e6..ebf317840 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_bad_character_in_label.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_bad_character_in_label.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_check_left_label_wildcard.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_check_left_label_wildcard.go index 2700c4854..b829d19e0 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_check_left_label_wildcard.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_check_left_label_wildcard.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_bare_iana_suffix.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_bare_iana_suffix.go index ce914657a..57405f324 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_bare_iana_suffix.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_bare_iana_suffix.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_empty_label.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_empty_label.go index 6fa57d2f1..e5be883f9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_empty_label.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_empty_label.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_prohibited_reserved_label.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_prohibited_reserved_label.go index 2c3983eff..ef9d4a191 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_prohibited_reserved_label.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_contains_prohibited_reserved_label.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_hyphen_in_sld.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_hyphen_in_sld.go index f894fa006..83c00642c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_hyphen_in_sld.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_hyphen_in_sld.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_label_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_label_too_long.go index 700e9ab8b..e103b7c4a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_label_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_label_too_long.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_right_label_valid_tld.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_right_label_valid_tld.go index eee0fab14..7d36e69d1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_right_label_valid_tld.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_right_label_valid_tld.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_sld.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_sld.go index 1c3ec26f1..f024ace59 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_sld.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_sld.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_trd.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_trd.go index 6da9f1f8f..b6266573a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_trd.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_underscore_in_trd.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_left_of_public_suffix.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_left_of_public_suffix.go index b1c67c8f2..3277e3e6d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_left_of_public_suffix.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_left_of_public_suffix.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_only_in_left_label.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_only_in_left_label.go index da3320ee3..4d6338d39 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_only_in_left_label.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dnsname_wildcard_only_in_left_label.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_correct_order_in_subgroup.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_correct_order_in_subgroup.go index 0def57863..03183614f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_correct_order_in_subgroup.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_correct_order_in_subgroup.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_improper_modulus_or_divisor_size.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_improper_modulus_or_divisor_size.go index 123ce672f..149373cb3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_improper_modulus_or_divisor_size.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_improper_modulus_or_divisor_size.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_shorter_than_2048_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_shorter_than_2048_bits.go index f9e9cd7d7..f7084b79e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_shorter_than_2048_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_shorter_than_2048_bits.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_unique_correct_representation.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_unique_correct_representation.go index de64fbbff..8ed63b848 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_unique_correct_representation.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_dsa_unique_correct_representation.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_e_sub_ca_aia_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_e_sub_ca_aia_missing.go index defe83064..8d8e038b2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_e_sub_ca_aia_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_e_sub_ca_aia_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ec_improper_curves.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ec_improper_curves.go index 5b995d403..711c11a09 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ec_improper_curves.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ec_improper_curves.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_nc_intersects_reserved_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_nc_intersects_reserved_ip.go index 6a5961bf8..47b3e714a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_nc_intersects_reserved_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_nc_intersects_reserved_ip.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_contains_reserved_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_contains_reserved_ip.go index 5f6c91716..74cf1ae16 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_contains_reserved_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_contains_reserved_ip.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_critical_with_subject_dn.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_critical_with_subject_dn.go index 04a44e5a4..eb965fc95 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_critical_with_subject_dn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_critical_with_subject_dn.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_directory_name_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_directory_name_present.go index bcfb9cf21..5f402c7c5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_directory_name_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_directory_name_present.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_edi_party_name_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_edi_party_name_present.go index bd6e2f050..4c9196f3c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_edi_party_name_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_edi_party_name_present.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_missing.go index a43af6099..d97caf02a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_other_name_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_other_name_present.go index 1752d00b3..7b792ded5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_other_name_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_other_name_present.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_registered_id_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_registered_id_present.go index dd6a5ec66..37fcee954 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_registered_id_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_registered_id_present.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_rfc822_name_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_rfc822_name_present.go index 1aedbcfc4..caf2ca23d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_rfc822_name_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_rfc822_name_present.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_uniform_resource_identifier_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_uniform_resource_identifier_present.go index 5a011e710..707ee7e00 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_uniform_resource_identifier_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_san_uniform_resource_identifier_present.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_tor_service_descriptor_hash_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_tor_service_descriptor_hash_invalid.go index b70573268..4d63e7776 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_tor_service_descriptor_hash_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ext_tor_service_descriptor_hash_invalid.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -104,15 +104,16 @@ func lintOnionURL(onion string) *lint.LintResult { // Execute will lint the provided certificate. An lint.Error lint.LintResult will be // returned if: // -// 1) There is no TorServiceDescriptor extension present and it's required -// 2) There were no TorServiceDescriptors parsed by zcrypto -// 3) There are TorServiceDescriptorHash entries with an invalid Onion URL. -// 4) There are TorServiceDescriptorHash entries with an unknown hash -// algorithm or incorrect hash bit length. -// 5) There is a TorServiceDescriptorHash entry that doesn't correspond to -// an onion subject in the cert. -// 6) There is an onion subject in the cert that doesn't correspond to -// a TorServiceDescriptorHash, if required. +// 1. There is no TorServiceDescriptor extension present and it's required +// 2. There were no TorServiceDescriptors parsed by zcrypto +// 3. There are TorServiceDescriptorHash entries with an invalid Onion URL. +// 4. There are TorServiceDescriptorHash entries with an unknown hash +// algorithm or incorrect hash bit length. +// 5. There is a TorServiceDescriptorHash entry that doesn't correspond to +// an onion subject in the cert. +// 6. There is an onion subject in the cert that doesn't correspond to +// a TorServiceDescriptorHash, if required. +// //nolint:cyclop func (l *torServiceDescHashInvalid) Execute(c *x509.Certificate) *lint.LintResult { // If the certificate is EV, the BRTorServiceDescriptor extension is required. diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_extra_subject_common_names.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_extra_subject_common_names.go index 3d17bca22..03cc2a2a6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_extra_subject_common_names.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_extra_subject_common_names.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_invalid_certificate_version.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_invalid_certificate_version.go index 67c5b5705..f66f6b4de 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_invalid_certificate_version.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_invalid_certificate_version.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_no_underscores_before_1_6_2.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_no_underscores_before_1_6_2.go index 865244253..316c835b4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_no_underscores_before_1_6_2.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_no_underscores_before_1_6_2.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ocsp_id_pkix_ocsp_nocheck_ext_not_included_server_auth.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ocsp_id_pkix_ocsp_nocheck_ext_not_included_server_auth.go index 6fd53b783..8601321ee 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ocsp_id_pkix_ocsp_nocheck_ext_not_included_server_auth.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_ocsp_id_pkix_ocsp_nocheck_ext_not_included_server_auth.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_root_ca_rsa_mod_less_than_2048_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_root_ca_rsa_mod_less_than_2048_bits.go index 9d9cc782e..527f8c94c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_root_ca_rsa_mod_less_than_2048_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_root_ca_rsa_mod_less_than_2048_bits.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_ca_rsa_mod_less_than_1024_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_ca_rsa_mod_less_than_1024_bits.go index 0895100f6..dfe5c41de 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_ca_rsa_mod_less_than_1024_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_ca_rsa_mod_less_than_1024_bits.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_cert_rsa_mod_less_than_1024_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_cert_rsa_mod_less_than_1024_bits.go index e0fc1d586..3d742fe19 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_cert_rsa_mod_less_than_1024_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_old_sub_cert_rsa_mod_less_than_1024_bits.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_organizational_unit_name_prohibited.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_organizational_unit_name_prohibited.go index 610ea156a..e485adea5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_organizational_unit_name_prohibited.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_organizational_unit_name_prohibited.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_prohibit_dsa_usage.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_prohibit_dsa_usage.go index 0a9e9a2c0..95c06d3ea 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_prohibit_dsa_usage.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_prohibit_dsa_usage.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_public_key_type_not_allowed.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_public_key_type_not_allowed.go index 026f51f2c..83146b83f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_public_key_type_not_allowed.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_public_key_type_not_allowed.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_basic_constraints_path_len_constraint_field_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_basic_constraints_path_len_constraint_field_present.go index 91efa0ce5..6360e6f0f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_basic_constraints_path_len_constraint_field_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_basic_constraints_path_len_constraint_field_present.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_contains_cert_policy.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_contains_cert_policy.go index 078455a6b..655a190fa 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_contains_cert_policy.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_contains_cert_policy.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_extended_key_usage_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_extended_key_usage_present.go index 1d54b8a5c..adf06b02f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_extended_key_usage_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_extended_key_usage_present.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_must_be_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_must_be_critical.go index 023405150..89e181a3a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_must_be_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_must_be_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_present.go index 7dccd4ff4..7fdf2468d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_root_ca_key_usage_present.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_factors_smaller_than_752_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_factors_smaller_than_752_bits.go index 89954519f..7b6700839 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_factors_smaller_than_752_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_factors_smaller_than_752_bits.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_less_than_2048_bits.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_less_than_2048_bits.go index 3769f998c..9431e7a16 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_less_than_2048_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_less_than_2048_bits.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_not_odd.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_not_odd.go index 8ebbae7b6..6f71c19fc 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_not_odd.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_mod_not_odd.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_in_range.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_in_range.go index 375718875..79e1d3a3c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_in_range.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_in_range.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_odd.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_odd.go index fd669fec5..597a3efd6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_odd.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_not_odd.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_too_small.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_too_small.go index 5735c9b96..7750879d5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_too_small.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_rsa_public_exponent_too_small.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_invalid.go index 59c89556c..c169e55a8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_invalid.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -103,9 +103,9 @@ func (l *onionNotValid) CheckApplies(c *x509.Certificate) bool { // Execute will lint the provided certificate. A lint.Error lint.LintResult will // be returned if: // -// 1) The certificate contains a Tor Rendezvous Spec v2 address and is not an +// 1. The certificate contains a Tor Rendezvous Spec v2 address and is not an // EV certificate (BRs: Appendix C). -// 2) The certificate contains a `.onion` subject name/SAN that is neither a +// 2. The certificate contains a `.onion` subject name/SAN that is neither a // Rendezvous Spec v2 or v3 address. func (l *onionNotValid) Execute(c *x509.Certificate) *lint.LintResult { for _, subj := range append(c.DNSNames, c.Subject.CommonName) { diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_not_ev_cert.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_not_ev_cert.go index ae6fbb7e0..806496396 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_not_ev_cert.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_san_dns_name_onion_not_ev_cert.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_signature_algorithm_not_supported.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_signature_algorithm_not_supported.go index fee64fc1c..045f6a06f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_signature_algorithm_not_supported.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_signature_algorithm_not_supported.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_does_not_contain_issuing_ca_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_does_not_contain_issuing_ca_url.go index 4b30db332..44a5569ed 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_does_not_contain_issuing_ca_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_does_not_contain_issuing_ca_url.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_marked_critical.go index 15379bf3f..7cc7f0342 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_aia_marked_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_marked_critical.go index 0358ccff4..fab68b54a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_marked_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_missing.go index e025c01e2..74829dc41 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_certificate_policies_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_does_not_contain_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_does_not_contain_url.go index 5544a966b..78a4e4ac7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_does_not_contain_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_does_not_contain_url.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_marked_critical.go index 884f791d9..5c7314565 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_marked_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_missing.go index 91244962d..f6d58a77f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_crl_distribution_points_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_critical.go index 9cae37883..8210ee8be 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_missing.go index 93c2f7385..913005eda 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_valid_fields.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_valid_fields.go index 875fd22c7..6cecabb37 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_valid_fields.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_eku_valid_fields.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_name_constraints_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_name_constraints_not_critical.go index fe6479e4b..9df044f06 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_name_constraints_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_ca_name_constraints_not_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_issuing_ca_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_issuing_ca_url.go index c43a467e7..3c1b6de60 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_issuing_ca_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_issuing_ca_url.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_ocsp_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_ocsp_url.go index ad0bf1f42..6c7812c8e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_ocsp_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_does_not_contain_ocsp_url.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_marked_critical.go index aff407d1b..2b626eb7f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_marked_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_missing.go index 2d4fb3d1f..86303f65a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_aia_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_cert_policy_empty.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_cert_policy_empty.go index aad92ba16..740d96b16 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_cert_policy_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_cert_policy_empty.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_marked_critical.go index 4169b0f8d..b89fb0c60 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_marked_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_missing.go index ad1966447..012a32d57 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_certificate_policies_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_country_name_must_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_country_name_must_appear.go index 04dae16ce..1b6a6499d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_country_name_must_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_country_name_must_appear.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_does_not_contain_url.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_does_not_contain_url.go index 1daf79dce..d81ae5fb6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_does_not_contain_url.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_does_not_contain_url.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_marked_critical.go index e97969276..074472a94 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_crl_distribution_points_marked_critical.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_extra_values.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_extra_values.go index 197809a56..5c13ca7ff 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_extra_values.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_extra_values.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_missing.go index e769230fe..b3ac8a7e9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_server_auth_client_auth_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_server_auth_client_auth_missing.go index 112824728..1173e594a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_server_auth_client_auth_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_eku_server_auth_client_auth_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -34,7 +34,7 @@ present. func init() { lint.RegisterLint(&lint.Lint{ Name: "e_sub_cert_eku_server_auth_client_auth_missing", - Description: "Subscriber certificates MUST have have either id-kp-serverAuth or id-kp-clientAuth or both present in extKeyUsage", + Description: "Subscriber certificates MUST have either id-kp-serverAuth or id-kp-clientAuth or both present in extKeyUsage", Citation: "BRs: 7.1.2.3", Source: lint.CABFBaselineRequirements, EffectiveDate: util.CABEffectiveDate, diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_gn_sn_contains_policy.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_gn_sn_contains_policy.go index 04625aca4..2bb02bcc8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_gn_sn_contains_policy.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_gn_sn_contains_policy.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_is_ca.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_is_ca.go index c92d6522b..67359e5a0 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_is_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_is_ca.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_cert_sign_bit_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_cert_sign_bit_set.go index 5ba2ea32c..499c7b084 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_cert_sign_bit_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_cert_sign_bit_set.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_crl_sign_bit_set.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_crl_sign_bit_set.go index e802927d4..dc67297b8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_crl_sign_bit_set.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_key_usage_crl_sign_bit_set.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_appear.go index 179bd3c3b..8744f1855 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_appear.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_not_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_not_appear.go index a55098115..ea2f96f57 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_not_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_locality_name_must_not_appear.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_or_sub_ca_using_sha1.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_or_sub_ca_using_sha1.go index dcecee34c..df6e4774a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_or_sub_ca_using_sha1.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_or_sub_ca_using_sha1.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_postal_code_prohibited.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_postal_code_prohibited.go index 16f5c3d81..aae8d28e7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_postal_code_prohibited.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_postal_code_prohibited.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_appear.go index 81ba9aabf..0dd5a7076 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_appear.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_not_appear.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_not_appear.go index c0bd32dd4..d33d85644 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_not_appear.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_province_must_not_appear.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_sha1_expiration_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_sha1_expiration_too_long.go index 69efa499d..5f4a59f2a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_sha1_expiration_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_sha1_expiration_too_long.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_street_address_should_not_exist.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_street_address_should_not_exist.go index 3ce211338..4c09cd1a6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_street_address_should_not_exist.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_street_address_should_not_exist.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_39_months.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_39_months.go index 00d8a76d5..fbba31e95 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_39_months.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_39_months.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_825_days.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_825_days.go index 4c1644071..eb8ae16a3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_825_days.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_sub_cert_valid_time_longer_than_825_days.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_included.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_included.go index 03f194e02..bf7f1d04d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_included.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_included.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_exactly_from_san.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_exactly_from_san.go index 0c6acfdee..ceb77fe71 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_exactly_from_san.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_exactly_from_san.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_from_san.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_from_san.go index 305f17189..4f6fe3fde 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_from_san.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_common_name_not_from_san.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_malformed_arpa_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_malformed_arpa_ip.go index fac5422d6..d2f6a2752 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_malformed_arpa_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_malformed_arpa_ip.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_noninformational_value.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_noninformational_value.go index f622e5312..00ae9daa7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_noninformational_value.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_noninformational_value.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_organizational_unit_name_and_no_organization_name.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_organizational_unit_name_and_no_organization_name.go index 9f49f8e10..b5aced626 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_organizational_unit_name_and_no_organization_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_organizational_unit_name_and_no_organization_name.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_arpa_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_arpa_ip.go index 3410cec12..df93f9c26 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_arpa_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_arpa_ip.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -170,9 +170,9 @@ func reversedLabelsToIPv6(labels []string) net.IP { // address under the respective ARPA zone based on the address class. An error // is returned if: // -// 1. The IP address labels parse as an IP of the wrong address class for the -// arpa suffix the name is using. -// 2. The IP address is within an IANA reserved range. +// 1. The IP address labels parse as an IP of the wrong address class for the +// arpa suffix the name is using. +// 2. The IP address is within an IANA reserved range. func lintReversedIPAddress(name string, ipv6 bool) error { numRequiredLabels := rdnsIPv4Labels zoneSuffix := rdnsIPv4Suffix diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_ip.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_ip.go index e35c9d849..39cba99e7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_contains_reserved_ip.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_country_not_iso.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_country_not_iso.go index 306193dad..8d1aff75f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_country_not_iso.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_country_not_iso.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_public_key_info_improper_algorithm_object_identifier_encoding.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_public_key_info_improper_algorithm_object_identifier_encoding.go index 315580135..a8c017581 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_public_key_info_improper_algorithm_object_identifier_encoding.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_subject_public_key_info_improper_algorithm_object_identifier_encoding.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -26,7 +26,8 @@ import ( type algorithmObjectIdentifierEncoding struct{} -/************************************************ +/* +*********************************************** This lint refers to CAB Baseline Requirements (Version 1.7.4) chapter 7.1.3.1, which defines the required encodings of AlgorithmObjectIdentifiers inside a SubjectPublicKeyInfo field. @@ -38,7 +39,8 @@ byte‐for‐byte identical with the following hex‐encoded bytes: For P‐256 keys: 301306072a8648ce3d020106082a8648ce3d030107 For P‐384 keys: 301006072a8648ce3d020106052b81040022 For P‐521 keys: 301006072a8648ce3d020106052b81040023 -************************************************/ +*********************************************** +*/ func init() { lint.RegisterLint(&lint.Lint{ Name: "e_algorithm_identifier_improper_encoding", diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_underscore_not_permissible_in_dnsname.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_underscore_not_permissible_in_dnsname.go index a81b1ba3a..525fff4a6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_underscore_not_permissible_in_dnsname.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_underscore_not_permissible_in_dnsname.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_w_sub_ca_aia_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_w_sub_ca_aia_missing.go index 6b09cb6e4..c366a815e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_w_sub_ca_aia_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_br/lint_w_sub_ca_aia_missing.go @@ -1,7 +1,7 @@ package cabf_br /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_business_category_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_business_category_missing.go index 1e16216a2..ece50bfac 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_business_category_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_business_category_missing.go @@ -1,7 +1,7 @@ package cabf_ev /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_country_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_country_name_missing.go index 6763501f7..869089954 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_country_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_country_name_missing.go @@ -1,7 +1,7 @@ package cabf_ev /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_not_wildcard.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_not_wildcard.go index 12c55ec6d..da1e8c845 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_not_wildcard.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_not_wildcard.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_id_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_id_missing.go index 26cacc80f..50ed6dab8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_id_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_id_missing.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_name_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_name_missing.go index ecd64eac8..c3d877acc 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_name_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_organization_name_missing.go @@ -1,7 +1,7 @@ package cabf_ev /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_san_ip_address_present.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_san_ip_address_present.go index 7e9deafe8..591715f15 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_san_ip_address_present.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_san_ip_address_present.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_serial_number_missing.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_serial_number_missing.go index bb0a5bca4..f9938da7d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_serial_number_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_serial_number_missing.go @@ -1,7 +1,7 @@ package cabf_ev /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_valid_time_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_valid_time_too_long.go index 67b4cded4..b207d027c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_valid_time_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_ev_valid_time_too_long.go @@ -1,7 +1,7 @@ package cabf_ev /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_onion_subject_validity_time_too_large.go b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_onion_subject_validity_time_too_large.go index 83672ee42..40f619616 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_onion_subject_validity_time_too_large.go +++ b/vendor/github.com/zmap/zlint/v3/lints/cabf_ev/lint_onion_subject_validity_time_too_large.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_bare_wildcard.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_bare_wildcard.go index 29870e50b..5a25d8d9a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_bare_wildcard.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_bare_wildcard.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_includes_null_char.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_includes_null_char.go index 5b21e7dfc..d6f10fca3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_includes_null_char.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_includes_null_char.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_starts_with_period.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_starts_with_period.go index d81e57c10..afa9085de 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_starts_with_period.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_dns_name_starts_with_period.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_iana_pub_suffix_empty.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_iana_pub_suffix_empty.go index e733445c5..cfbcd04d4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_iana_pub_suffix_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_iana_pub_suffix_empty.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_wildcard_not_first.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_wildcard_not_first.go index b93f9de1c..807c20ef5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_wildcard_not_first.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_ian_wildcard_not_first.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_is_redacted_cert.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_is_redacted_cert.go index 0612a3bec..686f08a62 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_is_redacted_cert.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_is_redacted_cert.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_leading_whitespace.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_leading_whitespace.go index 6fe3646ed..aa99a67a2 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_leading_whitespace.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_leading_whitespace.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_trailing_whitespace.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_trailing_whitespace.go index 3f24a3bfc..39122541f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_trailing_whitespace.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_dn_trailing_whitespace.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_multiple_rdn.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_multiple_rdn.go index 56b20cc08..9affa1473 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_multiple_rdn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_issuer_multiple_rdn.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_exp_negative.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_exp_negative.go index 870fad637..f4ff1f236 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_exp_negative.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_exp_negative.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_fermat_factorization.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_fermat_factorization.go index 76ed8c526..3a9be265b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_fermat_factorization.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_fermat_factorization.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_no_public_key.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_no_public_key.go index c53256719..255114773 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_no_public_key.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_rsa_no_public_key.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_bare_wildcard.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_bare_wildcard.go index 083495f57..5bc95ff57 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_bare_wildcard.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_bare_wildcard.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_duplicate.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_duplicate.go index 2d3476712..bc3205e91 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_duplicate.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_duplicate.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_includes_null_char.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_includes_null_char.go index 6e023d036..a1a35a11f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_includes_null_char.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_includes_null_char.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_starts_with_period.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_starts_with_period.go index 54e1ba870..9e0388804 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_starts_with_period.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_dns_name_starts_with_period.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_iana_pub_suffix_empty.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_iana_pub_suffix_empty.go index ee91b6f50..5749c4987 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_iana_pub_suffix_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_iana_pub_suffix_empty.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_wildcard_not_first.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_wildcard_not_first.go index 2d5526fbe..49a2c6f0a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_wildcard_not_first.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_san_wildcard_not_first.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_leading_whitespace.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_leading_whitespace.go index 354b25732..57683e517 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_leading_whitespace.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_leading_whitespace.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_trailing_whitespace.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_trailing_whitespace.go index 7cd411d4f..1aadefe28 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_trailing_whitespace.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_dn_trailing_whitespace.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_multiple_rdn.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_multiple_rdn.go index 2e3336637..32b255042 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_multiple_rdn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_subject_multiple_rdn.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -27,7 +27,7 @@ type SubjectRDNHasMultipleAttribute struct{} func init() { lint.RegisterLint(&lint.Lint{ Name: "n_multiple_subject_rdn", - Description: "Certificates typically do not have have multiple attributes in a single RDN (subject). This may be an error.", + Description: "Certificates typically do not have multiple attributes in a single RDN (subject). This may be an error.", Citation: "lint.AWSLabs certlint", Source: lint.Community, EffectiveDate: util.ZeroDate, diff --git a/vendor/github.com/zmap/zlint/v3/lints/community/lint_validity_time_not_positive.go b/vendor/github.com/zmap/zlint/v3/lints/community/lint_validity_time_not_positive.go index e9f420ed3..02c61ff7d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/community/lint_validity_time_not_positive.go +++ b/vendor/github.com/zmap/zlint/v3/lints/community/lint_validity_time_not_positive.go @@ -1,7 +1,7 @@ package community /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_present_qcs_critical.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_present_qcs_critical.go index a568f976e..1e465a8a9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_present_qcs_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_present_qcs_critical.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_type_as_statem.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_type_as_statem.go index b2ca72336..2952aa72b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_type_as_statem.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_etsi_type_as_statem.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_mandatory_etsi_statems.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_mandatory_etsi_statems.go index ec67f7a27..099f244d6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_mandatory_etsi_statems.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_mandatory_etsi_statems.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qccompliance_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qccompliance_valid.go index 31d3ce835..61a3fae1a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qccompliance_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qccompliance_valid.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qclimitvalue_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qclimitvalue_valid.go index bc31e6431..a589ed6bf 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qclimitvalue_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qclimitvalue_valid.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_lang_case.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_lang_case.go index 82f87772e..63111891e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_lang_case.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_lang_case.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_valid.go index 2df626891..b10d75e2d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcpds_valid.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcretentionperiod_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcretentionperiod_valid.go index 7ae39557f..27700805a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcretentionperiod_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcretentionperiod_valid.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcsscd_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcsscd_valid.go index cc08b6839..70efac551 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcsscd_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qcsscd_valid.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_valid.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_valid.go index cf957bde2..5e63b86c4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_valid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_valid.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_web.go b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_web.go index a2b152239..d6969a5fd 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_web.go +++ b/vendor/github.com/zmap/zlint/v3/lints/etsi/lint_qcstatem_qctype_web.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -28,7 +28,7 @@ type qcStatemQctypeWeb struct{} func init() { lint.RegisterLint(&lint.Lint{ Name: "w_qcstatem_qctype_web", - Description: "Checks that a QC Statement of the type Id-etsi-qcs-QcType features features at least the type IdEtsiQcsQctWeb", + Description: "Checks that a QC Statement of the type Id-etsi-qcs-QcType features at least the type IdEtsiQcsQctWeb", Citation: "ETSI EN 319 412 - 5 V2.2.1 (2017 - 11) / Section 4.2.3", Source: lint.EtsiEsi, EffectiveDate: util.EtsiEn319_412_5_V2_2_1_Date, diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_e_prohibit_dsa_usage.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_e_prohibit_dsa_usage.go index bfe87f0a6..3382f92b7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_e_prohibit_dsa_usage.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_e_prohibit_dsa_usage.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_allowed_eku.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_allowed_eku.go index 7fd70ed94..fe586cb02 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_allowed_eku.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_allowed_eku.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_authority_key_identifier_correct.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_authority_key_identifier_correct.go index 017ded94b..1e2ae7eb6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_authority_key_identifier_correct.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_authority_key_identifier_correct.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_pub_key_encoding_correct.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_pub_key_encoding_correct.go index 9a13db7ce..9dc5f2505 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_pub_key_encoding_correct.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_pub_key_encoding_correct.go @@ -1,7 +1,7 @@ package mozilla /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_signature_encoding_correct.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_signature_encoding_correct.go index 2339d05a0..9c97622b7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_signature_encoding_correct.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_ecdsa_signature_encoding_correct.go @@ -1,7 +1,7 @@ package mozilla /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_exponent_cannot_be_one.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_exponent_cannot_be_one.go index 9e51d9e41..010741499 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_exponent_cannot_be_one.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_exponent_cannot_be_one.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_2048_bits_or_more.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_2048_bits_or_more.go index 4dd21ffef..bd0da2470 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_2048_bits_or_more.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_2048_bits_or_more.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_divisible_by_8.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_divisible_by_8.go index 96f129f49..aed4a8d50 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_divisible_by_8.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_modulus_must_be_divisible_by_8.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_pss_parameters_encoding_correct.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_pss_parameters_encoding_correct.go index cdf56a429..03ba32b00 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_pss_parameters_encoding_correct.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_pss_parameters_encoding_correct.go @@ -1,7 +1,7 @@ package mozilla /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_rsassa-pss_in_spki.go b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_rsassa-pss_in_spki.go index f7fdfd03d..9a4e842c6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_rsassa-pss_in_spki.go +++ b/vendor/github.com/zmap/zlint/v3/lints/mozilla/lint_mp_rsassa-pss_in_spki.go @@ -1,7 +1,7 @@ package mozilla /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_basic_constraints_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_basic_constraints_not_critical.go index 3e0b70933..4d6b8dabf 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_basic_constraints_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_basic_constraints_not_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ca_subject_field_empty.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ca_subject_field_empty.go index 3d5478221..55ddd8833 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ca_subject_field_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ca_subject_field_empty.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_contains_unique_identifier.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_contains_unique_identifier.go index dbb51c5b7..0184d4496 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_contains_unique_identifier.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_contains_unique_identifier.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_extensions_version_not_3.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_extensions_version_not_3.go index 73b5d5658..48ada489a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_extensions_version_not_3.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_extensions_version_not_3.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_unique_identifier_version_not_2_or_3.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_unique_identifier_version_not_2_or_3.go index f6c982b7c..01bbef59b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_unique_identifier_version_not_2_or_3.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_cert_unique_identifier_version_not_2_or_3.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -52,11 +52,11 @@ func NewCertUniqueIdVersion() lint.LintInterface { } func (l *certUniqueIdVersion) CheckApplies(c *x509.Certificate) bool { - return c.IssuerUniqueId.Bytes != nil || c.SubjectUniqueId.Bytes != nil + return true } func (l *certUniqueIdVersion) Execute(c *x509.Certificate) *lint.LintResult { - if (c.Version) != 2 && (c.Version) != 3 { + if (c.IssuerUniqueId.Bytes != nil || c.SubjectUniqueId.Bytes != nil) && (c.Version) != 2 && (c.Version) != 3 { return &lint.LintResult{Status: lint.Error} } else { return &lint.LintResult{Status: lint.Pass} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_crl_has_next_update.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_crl_has_next_update.go new file mode 100644 index 000000000..70dd461dd --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_crl_has_next_update.go @@ -0,0 +1,56 @@ +package rfc + +/* + * ZLint Copyright 2023 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +import ( + "github.com/zmap/zcrypto/x509" + "github.com/zmap/zlint/v3/lint" + "github.com/zmap/zlint/v3/util" +) + +type crlHasNextUpdate struct{} + +/************************************************ +RFC 5280: 5.1.2.5 +Conforming CRL issuers MUST include the nextUpdate field in all CRLs. +************************************************/ + +func init() { + lint.RegisterRevocationListLint(&lint.RevocationListLint{ + LintMetadata: lint.LintMetadata{ + Name: "e_crl_has_next_update", + Description: "Conforming CRL issuers MUST include the nextUpdate field in all CRLs.", + Citation: "RFC 5280: 5.1.2.5", + Source: lint.RFC5280, + EffectiveDate: util.RFC5280Date, + }, + Lint: NewCrlHasNextUpdate, + }) +} + +func NewCrlHasNextUpdate() lint.RevocationListLintInterface { + return &crlHasNextUpdate{} +} + +func (l *crlHasNextUpdate) CheckApplies(c *x509.RevocationList) bool { + return true +} + +func (l *crlHasNextUpdate) Execute(c *x509.RevocationList) *lint.LintResult { + if c.NextUpdate.IsZero() { + return &lint.LintResult{Status: lint.Error, Details: "Confoming CRL issuers MUST include the nextUpdate field in all CRLs."} + } + return &lint.LintResult{Status: lint.Pass} +} diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_incomplete.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_incomplete.go index 75766eb9d..5a7324919 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_incomplete.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_incomplete.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_missing_ldap_or_uri.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_missing_ldap_or_uri.go index 8a15bd9ee..f381a1fe9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_missing_ldap_or_uri.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_distribution_point_missing_ldap_or_uri.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_contains_empty_label.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_contains_empty_label.go index 88eb1fb19..4e094e45f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_contains_empty_label.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_contains_empty_label.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_hyphen_in_sld.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_hyphen_in_sld.go index a92ccda7e..11e8db068 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_hyphen_in_sld.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_hyphen_in_sld.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_label_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_label_too_long.go index 25782be04..23d33441b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_label_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_label_too_long.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_sld.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_sld.go index 3efa8d264..1c2686167 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_sld.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_sld.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_trd.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_trd.go index 3e07d6b86..c5e404206 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_trd.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_dnsname_underscore_in_trd.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_allowed_ku.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_allowed_ku.go index 14e15605d..46e5f5c9d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_allowed_ku.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_allowed_ku.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -26,15 +26,19 @@ import ( type ecdsaAllowedKU struct{} -/************************************************ +/* +*********************************************** RFC 8813: 3. Updates to Section 3 If the keyUsage extension is present in a certificate that indicates - id-ecPublicKey in SubjectPublicKeyInfo, then the following values - MUST NOT be present: - keyEncipherment; and - dataEncipherment. -************************************************/ + id-ecPublicKey in SubjectPublicKeyInfo, then the following values + MUST NOT be present: + + keyEncipherment; and + dataEncipherment. + +*********************************************** +*/ func init() { lint.RegisterLint(&lint.Lint{ Name: "e_ecdsa_allowed_ku", diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go index 600d02da9..05811eb28 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ecdsa_ee_invalid_ku.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_eku_critical_improperly.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_eku_critical_improperly.go index f23e934f6..4d4536092 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_eku_critical_improperly.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_eku_critical_improperly.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_access_location_missing.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_access_location_missing.go index 784b36e46..fd39686cd 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_access_location_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_access_location_missing.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_marked_critical.go index 8c236821d..df491a346 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_aia_marked_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_critical.go index e0856d8db..a15092077 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_missing.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_missing.go index 711b2b960..663c23b15 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_missing.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_missing.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_no_key_identifier.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_no_key_identifier.go index 82c62f928..115287660 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_no_key_identifier.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_authority_key_identifier_no_key_identifier.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_contains_noticeref.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_contains_noticeref.go index 17313d29c..79e4b468b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_contains_noticeref.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_contains_noticeref.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_disallowed_any_policy_qualifier.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_disallowed_any_policy_qualifier.go index d050929ea..d67cd3ebd 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_disallowed_any_policy_qualifier.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_disallowed_any_policy_qualifier.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_duplicate.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_duplicate.go index 3cd736dca..e1da6d26a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_duplicate.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_duplicate.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_ia5_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_ia5_string.go index 57dd2c2ca..08e28247d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_ia5_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_ia5_string.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_includes_control.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_includes_control.go index 360b43220..89316938c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_includes_control.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_includes_control.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_nfc.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_nfc.go index 0ad63817f..9b22a8fc7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_nfc.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_nfc.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_utf8.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_utf8.go index 3c0201b98..e7334c520 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_utf8.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_not_utf8.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_too_long.go index 2e044c854..bbea96b3d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_cert_policy_explicit_text_too_long.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_crl_distribution_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_crl_distribution_marked_critical.go index 0a4e9b7a6..7b56a22a5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_crl_distribution_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_crl_distribution_marked_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_duplicate_extension.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_duplicate_extension.go index fcbfa77a9..8f036eec8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_duplicate_extension.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_duplicate_extension.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_freshest_crl_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_freshest_crl_marked_critical.go index 71d8e9d52..a6d34ae68 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_freshest_crl_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_freshest_crl_marked_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_critical.go index f32665806..6479d5722 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_dns_not_ia5_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_dns_not_ia5_string.go index 15c45ccf5..f1d31d876 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_dns_not_ia5_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_dns_not_ia5_string.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_empty_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_empty_name.go index 757984aa2..2d812a843 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_empty_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_empty_name.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_no_entries.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_no_entries.go index eadb3b9fa..63995b387 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_no_entries.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_no_entries.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_rfc822_format_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_rfc822_format_invalid.go index 46165145d..7266a8ac1 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_rfc822_format_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_rfc822_format_invalid.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_space_dns_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_space_dns_name.go index 495b82c7d..3f7f88a1f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_space_dns_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_space_dns_name.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_format_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_format_invalid.go index 31b20a0dd..c5afd3745 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_format_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_format_invalid.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_host_not_fqdn_or_ip.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_host_not_fqdn_or_ip.go index 23afb908c..2ee7450ca 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_host_not_fqdn_or_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_host_not_fqdn_or_ip.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_not_ia5.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_not_ia5.go index 41004ea36..4d4602b8e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_not_ia5.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_not_ia5.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_relative.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_relative.go index 7d1112d71..bf5e2d7c7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_relative.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_ian_uri_relative.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_cert_sign_without_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_cert_sign_without_ca.go index 655b46ffc..226da4f46 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_cert_sign_without_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_cert_sign_without_ca.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_not_critical.go index 3a48341fe..0b11d39d5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_not_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_without_bits.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_without_bits.go index fe5a918c1..dc93976a7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_without_bits.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_key_usage_without_bits.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_critical.go index 81da91dd9..ea5e456a7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_in_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_in_ca.go index eaedbf6f5..1f1ba618d 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_in_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_name_constraints_not_in_ca.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_empty.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_empty.go index d7bed987a..e9d0d2096 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_empty.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_not_critical.go index 6c2f2c40e..df3a03508 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_constraints_not_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_any_policy.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_any_policy.go index a25e66d7b..9d009bbb7 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_any_policy.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_any_policy.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_critical.go index 49a4efbb5..ce9e87e2e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_in_cert_policy.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_in_cert_policy.go index 1555eec75..c9efdc466 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_in_cert_policy.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_policy_map_not_in_cert_policy.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_name_too_long.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_name_too_long.go index f55b0bff3..612c3de33 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_name_too_long.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_name_too_long.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_not_ia5_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_not_ia5_string.go index 8dc456bc8..31fa30470 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_not_ia5_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_dns_not_ia5_string.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_empty_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_empty_name.go index 47256b9b6..0c4911466 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_empty_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_empty_name.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_no_entries.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_no_entries.go index fef7d8fde..25495715b 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_no_entries.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_no_entries.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_not_critical_without_subject.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_not_critical_without_subject.go index 91e729a94..cd2686727 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_not_critical_without_subject.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_not_critical_without_subject.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_rfc822_format_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_rfc822_format_invalid.go index 9364a496d..0a09cd560 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_rfc822_format_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_rfc822_format_invalid.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_space_dns_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_space_dns_name.go index 4b59e987d..b58d5c835 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_space_dns_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_space_dns_name.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_format_invalid.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_format_invalid.go index 6b727d457..dac113af8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_format_invalid.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_format_invalid.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_host_not_fqdn_or_ip.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_host_not_fqdn_or_ip.go index 94d9bd2a1..b1a72bab9 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_host_not_fqdn_or_ip.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_host_not_fqdn_or_ip.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_not_ia5.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_not_ia5.go index 5e6183655..d91812421 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_not_ia5.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_not_ia5.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_relative.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_relative.go index 901cd0a17..0e9db95f6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_relative.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_san_uri_relative.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_directory_attr_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_directory_attr_critical.go index f1dbf9f53..82925fde0 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_directory_attr_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_directory_attr_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_critical.go index 9351893ba..15cd21839 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_ca.go index dc7754cca..7adae089e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_ca.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_sub_cert.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_sub_cert.go index 791460619..c8ba38a12 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_sub_cert.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_ext_subject_key_identifier_missing_sub_cert.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_does_not_include_seconds.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_does_not_include_seconds.go index b6839f8ec..c3496008a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_does_not_include_seconds.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_does_not_include_seconds.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_includes_fraction_seconds.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_includes_fraction_seconds.go index eb0590ce8..57221f928 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_includes_fraction_seconds.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_includes_fraction_seconds.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_not_in_zulu.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_not_in_zulu.go index efdb79519..289ee4ae0 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_not_in_zulu.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_generalized_time_not_in_zulu.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_malformed_unicode.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_malformed_unicode.go index 347d5900d..daaf1e473 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_malformed_unicode.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_malformed_unicode.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_must_be_nfc.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_must_be_nfc.go index 09b7b5e5b..74c64f33c 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_must_be_nfc.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_idn_dnsname_must_be_nfc.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_incorrect_ku_encoding.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_incorrect_ku_encoding.go index 877792556..6c0342261 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_incorrect_ku_encoding.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_incorrect_ku_encoding.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_inhibit_any_policy_not_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_inhibit_any_policy_not_critical.go index 4473eeae1..4bd5a23e0 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_inhibit_any_policy_not_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_inhibit_any_policy_not_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_dn_country_not_printable_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_dn_country_not_printable_string.go index 09895f94f..5a85d5923 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_dn_country_not_printable_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_dn_country_not_printable_string.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_field_empty.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_field_empty.go index 312cf4c5b..9429101ac 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_field_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_issuer_field_empty.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_key_usage_incorrect_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_key_usage_incorrect_length.go index 47bd9041c..1f85c1a82 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_key_usage_incorrect_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_key_usage_incorrect_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_empty.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_empty.go index 7815ee099..a82cce491 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_empty.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_empty.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_maximum_not_absent.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_maximum_not_absent.go index c8a25c9ec..b24ec5f9f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_maximum_not_absent.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_maximum_not_absent.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_minimum_non_zero.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_minimum_non_zero.go index 1393ac743..c52467411 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_minimum_non_zero.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_minimum_non_zero.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_not_fqdn.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_not_fqdn.go index 1775472af..d9ca2cd71 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_not_fqdn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_not_fqdn.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_edi_party_name.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_edi_party_name.go index 7aee6c9d1..b1111aae4 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_edi_party_name.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_edi_party_name.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_registered_id.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_registered_id.go index e626d55c3..0e2912a80 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_registered_id.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_registered_id.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_x400.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_x400.go index 42fb5c67c..b9d2dae56 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_x400.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_name_constraint_on_x400.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_improperly_included.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_improperly_included.go index 7d08aff28..465c967ca 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_improperly_included.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_improperly_included.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_zero_or_less.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_zero_or_less.go index 44f20bde2..51a613890 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_zero_or_less.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_path_len_constraint_zero_or_less.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ca.go index 158c055ab..931620bfc 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ca.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ee.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ee.go index 4902a758a..85e9e3269 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ee.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_ee.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_no_encipherment_ca.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_no_encipherment_ca.go index a8d74bf57..7df5b2020 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_no_encipherment_ca.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_rsa_allowed_ku_no_encipherment_ca.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_longer_than_20_octets.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_longer_than_20_octets.go index 0e490c60a..2c86528fa 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_longer_than_20_octets.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_longer_than_20_octets.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_not_positive.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_not_positive.go index de3d2848f..4493b4bd5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_not_positive.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_serial_number_not_positive.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_spki_rsa_encryption_parameter_not_null.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_spki_rsa_encryption_parameter_not_null.go index af73101ab..0aff82047 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_spki_rsa_encryption_parameter_not_null.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_spki_rsa_encryption_parameter_not_null.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_common_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_common_name_max_length.go index 1fdf5f2ec..49cc4eded 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_common_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_common_name_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_country_not_printable_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_country_not_printable_string.go index 22efb3d4a..bf7b2e3bd 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_country_not_printable_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_country_not_printable_string.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_not_printable_characters.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_not_printable_characters.go index 2a6b710da..5e75ae9e0 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_not_printable_characters.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_not_printable_characters.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_max_length.go index 66bf32635..0095cdbc3 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_not_printable_string.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_not_printable_string.go index ee904cb92..4f1bf6e42 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_not_printable_string.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_dn_serial_number_not_printable_string.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_email_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_email_max_length.go index 1e2721f8d..351951782 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_email_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_email_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_empty_without_san.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_empty_without_san.go index ff830bf49..c8b92ef20 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_empty_without_san.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_empty_without_san.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_max_length.go index 1c06daf54..96f21dd00 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_recommended_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_recommended_max_length.go index 1c6cb2c08..8fa32c78e 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_recommended_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_given_name_recommended_max_length.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_info_access_marked_critical.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_info_access_marked_critical.go index 8e5ef2e04..52d3b5ccb 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_info_access_marked_critical.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_info_access_marked_critical.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_locality_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_locality_name_max_length.go index d9a95bd2b..a317fc4ec 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_locality_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_locality_name_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_not_dn.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_not_dn.go index 53b8cae94..43be8a466 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_not_dn.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_not_dn.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organization_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organization_name_max_length.go index 32bef29b9..9e77e3cfd 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organization_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organization_name_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organizational_unit_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organizational_unit_name_max_length.go index 33704853d..ef3a9e428 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organizational_unit_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_organizational_unit_name_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_postal_code_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_postal_code_max_length.go index 62837d2b4..26ee9e910 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_postal_code_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_postal_code_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_printable_string_badalpha.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_printable_string_badalpha.go index b54b5b7a5..b52a9ef5f 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_printable_string_badalpha.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_printable_string_badalpha.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_state_name_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_state_name_max_length.go index 479e0d0e5..616ee8b92 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_state_name_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_state_name_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_street_address_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_street_address_max_length.go index 8b003fd56..a65340699 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_street_address_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_street_address_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_max_length.go index 4dfa67a82..a27fd9b37 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_max_length.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_recommended_max_length.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_recommended_max_length.go index 8d40faed3..537cd3f0a 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_recommended_max_length.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_subject_surname_recommended_max_length.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_superfluous_ku_encoding.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_superfluous_ku_encoding.go index 72ef76df7..e8f9f50ff 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_superfluous_ku_encoding.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_superfluous_ku_encoding.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_alg_matches_cert_signature_alg.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_alg_matches_cert_signature_alg.go index e0e9b857e..2bbd0b2a8 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_alg_matches_cert_signature_alg.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_alg_matches_cert_signature_alg.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_rsa_encryption_parameter_not_null.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_rsa_encryption_parameter_not_null.go index 58c5359f5..0d79731f5 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_rsa_encryption_parameter_not_null.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_tbs_signature_rsa_encryption_parameter_not_null.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_does_not_include_seconds.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_does_not_include_seconds.go index c8cd431d1..913c329b6 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_does_not_include_seconds.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_does_not_include_seconds.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_not_in_zulu.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_not_in_zulu.go index bc39becb2..4db76b0da 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_not_in_zulu.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_utc_time_not_in_zulu.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_wrong_time_format_pre2050.go b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_wrong_time_format_pre2050.go index 5bd27fa39..7ecc63158 100644 --- a/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_wrong_time_format_pre2050.go +++ b/vendor/github.com/zmap/zlint/v3/lints/rfc/lint_wrong_time_format_pre2050.go @@ -1,7 +1,7 @@ package rfc /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/newProfile.sh b/vendor/github.com/zmap/zlint/v3/newProfile.sh new file mode 100644 index 000000000..086744188 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/newProfile.sh @@ -0,0 +1,30 @@ +# Script to create new profile from template + +USAGE="Usage: $0 + +ARG1: file_name" + +if [ $# -eq 0 ]; then + echo "No arguments provided..." + echo "$USAGE" + exit 1 +fi + +if [ ! -d profiles ] +then + echo "Directory 'profiles' does not exist. Can't make new file." + exit 1 +fi + + +if [ -e profiles/profile_$1.go ] +then + echo "File already exists. Can't make new file." + exit 1 +fi + +PROFILE=$1 + +sed -e "s/PROFILE/${PROFILE}/" profileTemplate > profiles/profile_${PROFILE}.go + +echo "Created file profiles/lint_${PROFILE}.go" diff --git a/vendor/github.com/zmap/zlint/v3/profileTemplate b/vendor/github.com/zmap/zlint/v3/profileTemplate new file mode 100644 index 000000000..109dc7d25 --- /dev/null +++ b/vendor/github.com/zmap/zlint/v3/profileTemplate @@ -0,0 +1,27 @@ +/* + * ZLint Copyright 2023 Regents of the University of Michigan + * + * Licensed under the Apache License, Version 2.0 (the "License"); you may not + * use this file except in compliance with the License. You may obtain a copy + * of the License at http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + * implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package profiles + +import "github.com/zmap/zlint/v3/lint" + +func init() { + lint.RegisterProfile(lint.Profile{ + Name: "PROFILE", + Description: "Fill this in...", + Citation: "Fill this in...", + Source: lint.UnknownLintSource, + LintNames: []string{}, + }) +} diff --git a/vendor/github.com/zmap/zlint/v3/resultset.go b/vendor/github.com/zmap/zlint/v3/resultset.go index 0fb3c7594..9701e146c 100644 --- a/vendor/github.com/zmap/zlint/v3/resultset.go +++ b/vendor/github.com/zmap/zlint/v3/resultset.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -31,15 +31,28 @@ type ResultSet struct { FatalsPresent bool `json:"fatals_present"` } -// Execute lints the given certificate with all of the lints in the provided +// Execute lints on the given certificate with all of the lints in the provided // registry. The ResultSet is mutated to trace the lint results obtained from // linting the certificate. -func (z *ResultSet) execute(cert *x509.Certificate, registry lint.Registry) { +func (z *ResultSet) executeCertificate(o *x509.Certificate, registry lint.Registry) { + z.Results = make(map[string]*lint.LintResult, len(registry.Names())) + // Run each lint from the registry. + for _, lint := range registry.CertificateLints().Lints() { + res := lint.Execute(o, registry.GetConfiguration()) + z.Results[lint.Name] = res + z.updateErrorStatePresent(res) + } +} + +// Execute lints on the given CRL with all of the lints in the provided +// registry. The ResultSet is mutated to trace the lint results obtained from +// linting the CRL. +func (z *ResultSet) executeRevocationList(o *x509.RevocationList, registry lint.Registry) { z.Results = make(map[string]*lint.LintResult, len(registry.Names())) // Run each lints from the registry. - for _, name := range registry.Names() { - res := registry.ByName(name).Execute(cert, registry.GetConfiguration()) - z.Results[name] = res + for _, lint := range registry.RevocationListLints().Lints() { + res := lint.Execute(o, registry.GetConfiguration()) + z.Results[lint.Name] = res z.updateErrorStatePresent(res) } } diff --git a/vendor/github.com/zmap/zlint/v3/template b/vendor/github.com/zmap/zlint/v3/template index 1ae2a6738..c474cc41e 100644 --- a/vendor/github.com/zmap/zlint/v3/template +++ b/vendor/github.com/zmap/zlint/v3/template @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/algorithm_identifier.go b/vendor/github.com/zmap/zlint/v3/util/algorithm_identifier.go index cb6d2f0f4..d84954375 100644 --- a/vendor/github.com/zmap/zlint/v3/util/algorithm_identifier.go +++ b/vendor/github.com/zmap/zlint/v3/util/algorithm_identifier.go @@ -39,6 +39,7 @@ var RSAAlgorithmIDToDER = map[string][]byte{ // CheckAlgorithmIDParamNotNULL parses an AlgorithmIdentifier with algorithm OID rsaEncryption to check the Param field is asn1.NULL // Expects DER-encoded AlgorithmIdentifier including tag and length. +// //nolint:cyclop func CheckAlgorithmIDParamNotNULL(algorithmIdentifier []byte, requiredAlgoID asn1.ObjectIdentifier) error { expectedAlgoIDBytes, ok := RSAAlgorithmIDToDER[requiredAlgoID.String()] @@ -96,21 +97,21 @@ func CheckAlgorithmIDParamNotNULL(algorithmIdentifier []byte, requiredAlgoID asn // Returns the signature field of the tbsCertificate of this certificate in a DER encoded form or an error // if the signature field could not be extracted. The encoded form contains the tag and the length. // -// TBSCertificate ::= SEQUENCE { -// version [0] EXPLICIT Version DEFAULT v1, -// serialNumber CertificateSerialNumber, -// signature AlgorithmIdentifier, -// issuer Name, -// validity Validity, -// subject Name, -// subjectPublicKeyInfo SubjectPublicKeyInfo, -// issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, -// -- If present, version MUST be v2 or v3 -// subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, -// -- If present, version MUST be v2 or v3 -// extensions [3] EXPLICIT Extensions OPTIONAL -// -- If present, version MUST be v3 -// } +// TBSCertificate ::= SEQUENCE { +// version [0] EXPLICIT Version DEFAULT v1, +// serialNumber CertificateSerialNumber, +// signature AlgorithmIdentifier, +// issuer Name, +// validity Validity, +// subject Name, +// subjectPublicKeyInfo SubjectPublicKeyInfo, +// issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, +// -- If present, version MUST be v2 or v3 +// subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, +// -- If present, version MUST be v2 or v3 +// extensions [3] EXPLICIT Extensions OPTIONAL +// -- If present, version MUST be v3 +// } func GetSignatureAlgorithmInTBSEncoded(c *x509.Certificate) ([]byte, error) { input := cryptobyte.String(c.RawTBSCertificate) @@ -140,10 +141,9 @@ func GetSignatureAlgorithmInTBSEncoded(c *x509.Certificate) ([]byte, error) { // Returns the algorithm field of the SubjectPublicKeyInfo of the certificate or an error // if the algorithm field could not be extracted. // -// SubjectPublicKeyInfo ::= SEQUENCE { -// algorithm AlgorithmIdentifier, -// subjectPublicKey BIT STRING } -// +// SubjectPublicKeyInfo ::= SEQUENCE { +// algorithm AlgorithmIdentifier, +// subjectPublicKey BIT STRING } func GetPublicKeyOID(c *x509.Certificate) (asn1.ObjectIdentifier, error) { input := cryptobyte.String(c.RawSubjectPublicKeyInfo) @@ -168,10 +168,9 @@ func GetPublicKeyOID(c *x509.Certificate) (asn1.ObjectIdentifier, error) { // Returns the algorithm field of the SubjectPublicKeyInfo of the certificate in its encoded form (containing Tag // and Length) or an error if the algorithm field could not be extracted. // -// SubjectPublicKeyInfo ::= SEQUENCE { -// algorithm AlgorithmIdentifier, -// subjectPublicKey BIT STRING } -// +// SubjectPublicKeyInfo ::= SEQUENCE { +// algorithm AlgorithmIdentifier, +// subjectPublicKey BIT STRING } func GetPublicKeyAidEncoded(c *x509.Certificate) ([]byte, error) { input := cryptobyte.String(c.RawSubjectPublicKeyInfo) var spkiContent cryptobyte.String diff --git a/vendor/github.com/zmap/zlint/v3/util/ca.go b/vendor/github.com/zmap/zlint/v3/util/ca.go index 43e2755b0..c24634811 100644 --- a/vendor/github.com/zmap/zlint/v3/util/ca.go +++ b/vendor/github.com/zmap/zlint/v3/util/ca.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/countries.go b/vendor/github.com/zmap/zlint/v3/util/countries.go index 66dfa7242..2ec04aee9 100644 --- a/vendor/github.com/zmap/zlint/v3/util/countries.go +++ b/vendor/github.com/zmap/zlint/v3/util/countries.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/encodings.go b/vendor/github.com/zmap/zlint/v3/util/encodings.go index 80efdbb4f..316217440 100644 --- a/vendor/github.com/zmap/zlint/v3/util/encodings.go +++ b/vendor/github.com/zmap/zlint/v3/util/encodings.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/ev.go b/vendor/github.com/zmap/zlint/v3/util/ev.go index d5b0abb72..54729f7dc 100644 --- a/vendor/github.com/zmap/zlint/v3/util/ev.go +++ b/vendor/github.com/zmap/zlint/v3/util/ev.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/fqdn.go b/vendor/github.com/zmap/zlint/v3/util/fqdn.go index 705104912..4be2ffb9f 100644 --- a/vendor/github.com/zmap/zlint/v3/util/fqdn.go +++ b/vendor/github.com/zmap/zlint/v3/util/fqdn.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/gtld.go b/vendor/github.com/zmap/zlint/v3/util/gtld.go index 3bc325ce8..6a7fb64f3 100644 --- a/vendor/github.com/zmap/zlint/v3/util/gtld.go +++ b/vendor/github.com/zmap/zlint/v3/util/gtld.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/gtld_map.go b/vendor/github.com/zmap/zlint/v3/util/gtld_map.go index 9a5f1713c..22613c3b2 100644 --- a/vendor/github.com/zmap/zlint/v3/util/gtld_map.go +++ b/vendor/github.com/zmap/zlint/v3/util/gtld_map.go @@ -2,7 +2,7 @@ // This file was generated by zlint-gtld-update. /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -941,7 +941,7 @@ var tldMap = map[string]GTLDPeriod{ "bugatti": { GTLD: "bugatti", DelegationDate: "2015-11-25", - RemovalDate: "", + RemovalDate: "2022-10-07", }, "build": { GTLD: "build", diff --git a/vendor/github.com/zmap/zlint/v3/util/idna.go b/vendor/github.com/zmap/zlint/v3/util/idna.go index 5e2543efb..45d14daab 100644 --- a/vendor/github.com/zmap/zlint/v3/util/idna.go +++ b/vendor/github.com/zmap/zlint/v3/util/idna.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/ip.go b/vendor/github.com/zmap/zlint/v3/util/ip.go index c171eb4ca..7aefe6797 100644 --- a/vendor/github.com/zmap/zlint/v3/util/ip.go +++ b/vendor/github.com/zmap/zlint/v3/util/ip.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -53,12 +53,13 @@ const ( var reservedNetworks []*net.IPNet // IsIANAReserved checks IP validity as per IANA reserved IPs -// IPv4 -// https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml -// https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml -// IPv6 -// https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml -// https://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xhtml +// +// IPv4 +// https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml +// https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xml +// IPv6 +// https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml +// https://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xhtml func IsIANAReserved(ip net.IP) bool { if !ip.IsGlobalUnicast() { return true diff --git a/vendor/github.com/zmap/zlint/v3/util/names.go b/vendor/github.com/zmap/zlint/v3/util/names.go index 7792f13dc..e8fc5c49e 100644 --- a/vendor/github.com/zmap/zlint/v3/util/names.go +++ b/vendor/github.com/zmap/zlint/v3/util/names.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/oid.go b/vendor/github.com/zmap/zlint/v3/util/oid.go index a7892b6b4..a8f976538 100644 --- a/vendor/github.com/zmap/zlint/v3/util/oid.go +++ b/vendor/github.com/zmap/zlint/v3/util/oid.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -141,7 +141,7 @@ func TypeInName(name *pkix.Name, oid asn1.ObjectIdentifier) bool { return false } -//helper function to parse policyMapping extensions, returns slices of CertPolicyIds separated by domain +// helper function to parse policyMapping extensions, returns slices of CertPolicyIds separated by domain func GetMappedPolicies(polMap *pkix.Extension) ([][2]asn1.ObjectIdentifier, error) { if polMap == nil { return nil, errors.New("policyMap: null pointer") diff --git a/vendor/github.com/zmap/zlint/v3/util/onion.go b/vendor/github.com/zmap/zlint/v3/util/onion.go index 45cb6013e..1fb8ad51c 100644 --- a/vendor/github.com/zmap/zlint/v3/util/onion.go +++ b/vendor/github.com/zmap/zlint/v3/util/onion.go @@ -41,9 +41,9 @@ func IsOnionV3Address(dnsName string) bool { // IsOnionV2Address returns whether-or-not the give address appears to be an Onion V2 address. // // In order to be an Onion V2 encoded address, the DNS name must satisfy the following: -// 1. The address has at least two labels. -// 2. The right most label is the .onion TLD. -// 3. The second-to-the-right most label is a 16 character long, base32. +// 1. The address has at least two labels. +// 2. The right most label is the .onion TLD. +// 3. The second-to-the-right most label is a 16 character long, base32. func IsOnionV2Address(dnsName string) bool { if !strings.HasSuffix(dnsName, "onion") { return false @@ -56,10 +56,7 @@ func IsOnionV2Address(dnsName string) bool { return false } _, err := onionBase32Encoding.DecodeString(labels[0]) - if err != nil { - return false - } - return true + return err == nil } // IsOnionV3Cert returns whether-or-not at least one of the provided certificates subject common name, diff --git a/vendor/github.com/zmap/zlint/v3/util/primes.go b/vendor/github.com/zmap/zlint/v3/util/primes.go index def1e631b..20b04f8df 100644 --- a/vendor/github.com/zmap/zlint/v3/util/primes.go +++ b/vendor/github.com/zmap/zlint/v3/util/primes.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/qc_stmt.go b/vendor/github.com/zmap/zlint/v3/util/qc_stmt.go index 3b8183f72..a8f7c0a5e 100644 --- a/vendor/github.com/zmap/zlint/v3/util/qc_stmt.go +++ b/vendor/github.com/zmap/zlint/v3/util/qc_stmt.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/rdn.go b/vendor/github.com/zmap/zlint/v3/util/rdn.go index b07a989c6..3ce4dd989 100644 --- a/vendor/github.com/zmap/zlint/v3/util/rdn.go +++ b/vendor/github.com/zmap/zlint/v3/util/rdn.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/util/time.go b/vendor/github.com/zmap/zlint/v3/util/time.go index e3313970e..04dfeddb6 100644 --- a/vendor/github.com/zmap/zlint/v3/util/time.go +++ b/vendor/github.com/zmap/zlint/v3/util/time.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2022 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy diff --git a/vendor/github.com/zmap/zlint/v3/zlint.go b/vendor/github.com/zmap/zlint/v3/zlint.go index 56e1d405e..18119340f 100644 --- a/vendor/github.com/zmap/zlint/v3/zlint.go +++ b/vendor/github.com/zmap/zlint/v3/zlint.go @@ -1,5 +1,5 @@ /* - * ZLint Copyright 2021 Regents of the University of Michigan + * ZLint Copyright 2023 Regents of the University of Michigan * * Licensed under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. You may obtain a copy @@ -55,7 +55,35 @@ func LintCertificateEx(c *x509.Certificate, registry lint.Registry) *ResultSet { registry = lint.GlobalRegistry() } res := new(ResultSet) - res.execute(c, registry) + res.executeCertificate(c, registry) + res.Version = Version + res.Timestamp = time.Now().Unix() + return res +} + +// LintRevocationList runs all registered lints on r using default options, +// producing a ResultSet. +// +// Using LintRevocationList(r) is equivalent to calling LintRevocationListEx(r, nil). +func LintRevocationList(r *x509.RevocationList) *ResultSet { + return LintRevocationListEx(r, nil) +} + +// LintRevocationListEx runs lints from the provided registry on r producing +// a ResultSet. Providing an explicit registry allows the caller to filter the +// lints that will be run. (See lint.Registry.Filter()) +// +// If registry is nil then the global registry of all lints is used and this +// function is equivalent to calling LintRevocationListEx(r). +func LintRevocationListEx(r *x509.RevocationList, registry lint.Registry) *ResultSet { + if r == nil { + return nil + } + if registry == nil { + registry = lint.GlobalRegistry() + } + res := new(ResultSet) + res.executeRevocationList(r, registry) res.Version = Version res.Timestamp = time.Now().Unix() return res diff --git a/vendor/modules.txt b/vendor/modules.txt index 4de368a1d..126501e71 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -111,15 +111,15 @@ github.com/prometheus/procfs/internal/util ## explicit; go 1.20 github.com/stretchr/testify/assert github.com/stretchr/testify/require -# github.com/weppos/publicsuffix-go v0.15.1-0.20220329081811-9a40b608a236 -## explicit; go 1.11 +# github.com/weppos/publicsuffix-go v0.30.0 +## explicit; go 1.16 github.com/weppos/publicsuffix-go/publicsuffix # github.com/ziutek/mymysql v1.5.4 ## explicit github.com/ziutek/mymysql/godrv github.com/ziutek/mymysql/mysql github.com/ziutek/mymysql/native -# github.com/zmap/zcrypto v0.0.0-20220402174210-599ec18ecbac +# github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 ## explicit; go 1.16 github.com/zmap/zcrypto/cryptobyte github.com/zmap/zcrypto/cryptobyte/asn1 @@ -131,7 +131,7 @@ github.com/zmap/zcrypto/util github.com/zmap/zcrypto/x509 github.com/zmap/zcrypto/x509/ct github.com/zmap/zcrypto/x509/pkix -# github.com/zmap/zlint/v3 v3.4.1 +# github.com/zmap/zlint/v3 v3.5.0 ## explicit; go 1.18 github.com/zmap/zlint/v3 github.com/zmap/zlint/v3/lint From 9a0778d6d82759913a58e4ecd04270bdc38491b5 Mon Sep 17 00:00:00 2001 From: Gabor Tanz Date: Mon, 12 Jun 2023 17:15:52 +0200 Subject: [PATCH 28/73] Add support for generating ed25519 keys and certs (#1061) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Luke Valenta Co-authored-by: Sofía Celi --- bundler/bundle.go | 7 + bundler/bundle_from_file_test.go | 4 +- bundler/bundler.go | 17 +- cmd/multirootca/ca.go | 3 +- csr/csr.go | 24 +- csr/csr_test.go | 47 +++ errors/error.go | 8 +- errors/error_test.go | 2 +- helpers/helpers.go | 13 +- helpers/helpers_test.go | 17 + initca/initca.go | 14 +- initca/initca_test.go | 47 ++- initca/testdata/5min-ed25519-key.pem | 3 + initca/testdata/5min-ed25519.pem | 13 + initca/testdata/README.md | 13 +- initca/testdata/ca_csr_ed25519.json | 17 + initca/testdata/ed25519.csr | 8 + scan/crypto/tls/generate_cert.go | 14 + signer/local/local_test.go | 6 + signer/local/testdata/ed25519.csr | 8 + signer/signer.go | 3 + transport/kp/key_provider.go | 27 +- transport/kp/key_provider_test.go | 10 + vendor/github.com/cloudflare/circl/LICENSE | 57 +++ .../cloudflare/circl/internal/conv/conv.go | 89 +++++ .../cloudflare/circl/math/fp25519/fp.go | 205 ++++++++++ .../cloudflare/circl/math/fp25519/fp_amd64.go | 44 +++ .../cloudflare/circl/math/fp25519/fp_amd64.h | 350 ++++++++++++++++++ .../cloudflare/circl/math/fp25519/fp_amd64.s | 111 ++++++ .../circl/math/fp25519/fp_generic.go | 248 +++++++++++++ .../cloudflare/circl/math/fp25519/fp_noasm.go | 12 + .../github.com/cloudflare/circl/math/wnaf.go | 84 +++++ .../cloudflare/circl/sign/ed25519/ed25519.go | 178 +++++++++ .../cloudflare/circl/sign/ed25519/modular.go | 175 +++++++++ .../cloudflare/circl/sign/ed25519/mult.go | 179 +++++++++ .../cloudflare/circl/sign/ed25519/point.go | 193 ++++++++++ .../cloudflare/circl/sign/ed25519/tables.go | 213 +++++++++++ vendor/golang.org/x/sys/AUTHORS | 3 + vendor/golang.org/x/sys/CONTRIBUTORS | 3 + vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go | 34 ++ vendor/golang.org/x/sys/cpu/cpu_gccgo.c | 43 +++ vendor/golang.org/x/sys/cpu/cpu_gccgo.go | 26 ++ 42 files changed, 2549 insertions(+), 23 deletions(-) create mode 100644 initca/testdata/5min-ed25519-key.pem create mode 100644 initca/testdata/5min-ed25519.pem create mode 100644 initca/testdata/ca_csr_ed25519.json create mode 100644 initca/testdata/ed25519.csr create mode 100644 signer/local/testdata/ed25519.csr create mode 100644 vendor/github.com/cloudflare/circl/LICENSE create mode 100644 vendor/github.com/cloudflare/circl/internal/conv/conv.go create mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp.go create mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go create mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h create mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.s create mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_generic.go create mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go create mode 100644 vendor/github.com/cloudflare/circl/math/wnaf.go create mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go create mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/modular.go create mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/mult.go create mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/point.go create mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/tables.go create mode 100644 vendor/golang.org/x/sys/AUTHORS create mode 100644 vendor/golang.org/x/sys/CONTRIBUTORS create mode 100644 vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go create mode 100644 vendor/golang.org/x/sys/cpu/cpu_gccgo.c create mode 100644 vendor/golang.org/x/sys/cpu/cpu_gccgo.go diff --git a/bundler/bundle.go b/bundler/bundle.go index 4a00076ec..f13e51db5 100644 --- a/bundler/bundle.go +++ b/bundler/bundle.go @@ -3,6 +3,7 @@ package bundler import ( "bytes" "crypto/ecdsa" + "crypto/ed25519" "crypto/rsa" "crypto/x509" "crypto/x509/pkix" @@ -13,6 +14,7 @@ import ( "time" "github.com/cloudflare/cfssl/helpers" + "github.com/cloudflare/cfssl/helpers/derhelpers" ) // A Bundle contains a certificate and its trust chain. It is intended @@ -108,6 +110,8 @@ func (b *Bundle) MarshalJSON() ([]byte, error) { keyType = fmt.Sprintf("%d-bit RSA", keyLength) case x509.DSA: keyType = "DSA" + case x509.Ed25519: + keyType = "Ed25519" default: keyType = "Unknown" } @@ -119,6 +123,9 @@ func (b *Bundle) MarshalJSON() ([]byte, error) { case *ecdsa.PrivateKey: keyBytes, _ = x509.MarshalECPrivateKey(key) keyString = PemBlockToString(&pem.Block{Type: "EC PRIVATE KEY", Bytes: keyBytes}) + case ed25519.PrivateKey: + keyBytes, _ = derhelpers.MarshalEd25519PrivateKey(key) + keyString = PemBlockToString(&pem.Block{Type: "Ed25519 PRIVATE KEY", Bytes: keyBytes}) case fmt.Stringer: keyString = key.String() } diff --git a/bundler/bundle_from_file_test.go b/bundler/bundle_from_file_test.go index 1e5bc1685..a750540c3 100644 --- a/bundler/bundle_from_file_test.go +++ b/bundler/bundle_from_file_test.go @@ -260,12 +260,12 @@ var fileTests = []fileTest{ }, // DSA is NOT supported. - // Keyless bundling, expect private key error "NotRSAOrECC" + // Keyless bundling, expect private key error "NotRSAOrECCOrEd25519" { cert: certDSA2048, caBundleFile: testCFSSLRootBundle, intBundleFile: testCFSSLIntBundle, - errorCallback: ExpectErrorMessages([]string{`"code":2200,`, `"message":"Private key algorithm is not RSA or ECC"`}), + errorCallback: ExpectErrorMessages([]string{`"code":2200,`, `"message":"Private key algorithm is not RSA or ECC or Ed25519"`}), }, // Bundling with DSA private key, expect error "Failed to parse private key" { diff --git a/bundler/bundler.go b/bundler/bundler.go index a2014c58c..b5b2fbc56 100644 --- a/bundler/bundler.go +++ b/bundler/bundler.go @@ -6,6 +6,7 @@ import ( "bytes" "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/rsa" "crypto/tls" "crypto/x509" @@ -555,7 +556,7 @@ func (b *Bundler) fetchIntermediates(certs []*x509.Certificate) (err error) { // Bundle takes an X509 certificate (already in the // Certificate structure), a private key as crypto.Signer in one of the appropriate -// formats (i.e. *rsa.PrivateKey or *ecdsa.PrivateKey, or even a opaque key), using them to +// formats (i.e. *rsa.PrivateKey, *ecdsa.PrivateKey or ed25519.PrivateKey, or even a opaque key), using them to // build a certificate bundle. func (b *Bundler) Bundle(certs []*x509.Certificate, key crypto.Signer, flavor BundleFlavor) (*Bundle, error) { log.Infof("bundling certificate for %+v", certs[0].Subject) @@ -576,7 +577,6 @@ func (b *Bundler) Bundle(certs []*x509.Certificate, key crypto.Signer, flavor Bu if key != nil { switch { case cert.PublicKeyAlgorithm == x509.RSA: - var rsaPublicKey *rsa.PublicKey if rsaPublicKey, ok = key.Public().(*rsa.PublicKey); !ok { return nil, errors.New(errors.PrivateKeyError, errors.KeyMismatch) @@ -592,15 +592,24 @@ func (b *Bundler) Bundle(certs []*x509.Certificate, key crypto.Signer, flavor Bu if cert.PublicKey.(*ecdsa.PublicKey).X.Cmp(ecdsaPublicKey.X) != 0 { return nil, errors.New(errors.PrivateKeyError, errors.KeyMismatch) } + case cert.PublicKeyAlgorithm == x509.Ed25519: + var ed25519PublicKey ed25519.PublicKey + if ed25519PublicKey, ok = key.Public().(ed25519.PublicKey); !ok { + return nil, errors.New(errors.PrivateKeyError, errors.KeyMismatch) + } + if !(bytes.Equal(cert.PublicKey.(ed25519.PublicKey), ed25519PublicKey)) { + return nil, errors.New(errors.PrivateKeyError, errors.KeyMismatch) + } default: - return nil, errors.New(errors.PrivateKeyError, errors.NotRSAOrECC) + return nil, errors.New(errors.PrivateKeyError, errors.NotRSAOrECCOrEd25519) } } else { switch { case cert.PublicKeyAlgorithm == x509.RSA: case cert.PublicKeyAlgorithm == x509.ECDSA: + case cert.PublicKeyAlgorithm == x509.Ed25519: default: - return nil, errors.New(errors.PrivateKeyError, errors.NotRSAOrECC) + return nil, errors.New(errors.PrivateKeyError, errors.NotRSAOrECCOrEd25519) } } diff --git a/cmd/multirootca/ca.go b/cmd/multirootca/ca.go index 3689032f5..93f5cc937 100644 --- a/cmd/multirootca/ca.go +++ b/cmd/multirootca/ca.go @@ -2,6 +2,7 @@ package main import ( "crypto/ecdsa" + "crypto/ed25519" "crypto/rsa" "errors" "flag" @@ -25,7 +26,7 @@ import ( func parseSigner(root *config.Root) (signer.Signer, error) { privateKey := root.PrivateKey switch priv := privateKey.(type) { - case *rsa.PrivateKey, *ecdsa.PrivateKey: + case *rsa.PrivateKey, *ecdsa.PrivateKey, ed25519.PrivateKey: s, err := local.NewSigner(priv, root.Certificate, signer.DefaultSigAlgo(priv), nil) if err != nil { return nil, err diff --git a/csr/csr.go b/csr/csr.go index 0ca250994..e8d899285 100644 --- a/csr/csr.go +++ b/csr/csr.go @@ -4,6 +4,7 @@ package csr import ( "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/elliptic" "crypto/rand" "crypto/rsa" @@ -13,6 +14,7 @@ import ( "encoding/pem" "errors" "fmt" + "io" "net" "net/mail" "net/url" @@ -21,6 +23,7 @@ import ( cferr "github.com/cloudflare/cfssl/errors" "github.com/cloudflare/cfssl/helpers" + "github.com/cloudflare/cfssl/helpers/derhelpers" "github.com/cloudflare/cfssl/log" ) @@ -64,7 +67,7 @@ func (kr *KeyRequest) Size() int { } // Generate generates a key as specified in the request. Currently, -// only ECDSA and RSA are supported. +// only ECDSA, RSA and ed25519 algorithms are supported. func (kr *KeyRequest) Generate() (crypto.PrivateKey, error) { log.Debugf("generate key from request: algo=%s, size=%d", kr.Algo(), kr.Size()) switch kr.Algo() { @@ -89,6 +92,12 @@ func (kr *KeyRequest) Generate() (crypto.PrivateKey, error) { return nil, errors.New("invalid curve") } return ecdsa.GenerateKey(curve, rand.Reader) + case "ed25519": + seed := make([]byte, ed25519.SeedSize) + if _, err := io.ReadFull(rand.Reader, seed); err != nil { + return nil, err + } + return ed25519.NewKeyFromSeed(seed), nil default: return nil, errors.New("invalid algorithm") } @@ -120,6 +129,8 @@ func (kr *KeyRequest) SigAlgo() x509.SignatureAlgorithm { default: return x509.ECDSAWithSHA1 } + case "ed25519": + return x509.PureEd25519 default: return x509.UnknownSignatureAlgorithm } @@ -249,6 +260,17 @@ func ParseRequest(req *CertificateRequest) (csr, key []byte, err error) { Bytes: key, } key = pem.EncodeToMemory(&block) + case ed25519.PrivateKey: + key, err = derhelpers.MarshalEd25519PrivateKey(priv) + if err != nil { + err = cferr.Wrap(cferr.PrivateKeyError, cferr.Unknown, err) + return + } + block := pem.Block{ + Type: "Ed25519 PRIVATE KEY", + Bytes: key, + } + key = pem.EncodeToMemory(&block) default: panic("Generate should have failed to produce a valid key.") } diff --git a/csr/csr_test.go b/csr/csr_test.go index f6cd54f34..e125ac0a0 100644 --- a/csr/csr_test.go +++ b/csr/csr_test.go @@ -3,6 +3,7 @@ package csr import ( "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/elliptic" "crypto/rsa" "crypto/x509" @@ -42,6 +43,10 @@ func TestKeyRequest(t *testing.T) { if kr.Algo() != "ecdsa" { t.Fatal("ECDSA key generated, but expected", kr.Algo()) } + case ed25519.PrivateKey: + if kr.Algo() != "ed25519" { + t.Fatal("Ed25519 key generated, but expected", kr.Algo()) + } } } @@ -311,6 +316,21 @@ func TestECGeneration(t *testing.T) { } } +func TestED25519Generation(t *testing.T) { + kr := &KeyRequest{A: "ed25519"} + priv, err := kr.Generate() + if err != nil { + t.Fatalf("%v", err) + } + _, ok := priv.(ed25519.PrivateKey) + if !ok { + t.Fatal("Expected ed25519 key") + } + if sa := kr.SigAlgo(); sa == x509.UnknownSignatureAlgorithm { + t.Fatal("Invalid signature algorithm!") + } +} + func TestRSAKeyGeneration(t *testing.T) { var rsakey *rsa.PrivateKey @@ -404,6 +424,10 @@ func TestDefaultKeyRequest(t *testing.T) { if DefaultKeyRequest.Algo() != "ecdsa" { t.Fatal("Invalid default key request.") } + case "Ed25519 PRIVATE KEY": + if DefaultKeyRequest.Algo() != "ed25519" { + t.Fatal("Invalid default key request.") + } } } @@ -430,6 +454,29 @@ func TestRSACertRequest(t *testing.T) { } } +// TestED25519CertRequest validates parsing a certificate request with an +// ED25519 key. +func TestED25519CertRequest(t *testing.T) { + var req = &CertificateRequest{ + Names: []Name{ + { + C: "US", + ST: "California", + L: "San Francisco", + O: "CloudFlare", + OU: "Systems Engineering", + }, + }, + CN: "cloudflare.com", + Hosts: []string{"cloudflare.com", "www.cloudflare.com", "jdoe@example.com", "https://www.cloudflare.com"}, + KeyRequest: &KeyRequest{A: "ed25519"}, + } + _, _, err := ParseRequest(req) + if err != nil { + t.Fatalf("%v", err) + } +} + // TestBadCertRequest checks for failure conditions of ParseRequest. func TestBadCertRequest(t *testing.T) { var req = &CertificateRequest{ diff --git a/errors/error.go b/errors/error.go index 9715a7cfb..22850931e 100644 --- a/errors/error.go +++ b/errors/error.go @@ -113,10 +113,10 @@ const ( // these keys. Encrypted Reason = 100 * (iota + 1) //21XX - // NotRSAOrECC indicates that they key is not an RSA or ECC + // NotRSAOrECCOrEd25519 indicates that they key is not an RSA or ECC or Ed25519 // private key; these are the only two private key types supported // at this time by CFSSL. - NotRSAOrECC //22XX + NotRSAOrECCOrEd25519 //22XX // KeyMismatch indicates that the private key does not match // the public key or certificate being presented with the key. @@ -273,8 +273,8 @@ func New(category Category, reason Reason) *Error { msg = "Failed to parse private key" case Encrypted: msg = "Private key is encrypted." - case NotRSAOrECC: - msg = "Private key algorithm is not RSA or ECC" + case NotRSAOrECCOrEd25519: + msg = "Private key algorithm is not RSA or ECC or Ed25519" case KeyMismatch: msg = "Private key does not match public key" case GenerationFailed: diff --git a/errors/error_test.go b/errors/error_test.go index 51bdf7d37..330793368 100644 --- a/errors/error_test.go +++ b/errors/error_test.go @@ -87,7 +87,7 @@ func TestNew(t *testing.T) { if code != 2100 { t.Fatal("Improper error code") } - code = New(PrivateKeyError, NotRSAOrECC).ErrorCode + code = New(PrivateKeyError, NotRSAOrECCOrEd25519).ErrorCode if code != 2200 { t.Fatal("Improper error code") } diff --git a/helpers/helpers.go b/helpers/helpers.go index f45e63a3d..5ab26bfb1 100644 --- a/helpers/helpers.go +++ b/helpers/helpers.go @@ -6,6 +6,7 @@ import ( "bytes" "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/elliptic" "crypto/rsa" "crypto/tls" @@ -61,7 +62,7 @@ var Jul2012 = InclusiveDate(2012, time.July, 01) // issuing certificates valid for more than 39 months. var Apr2015 = InclusiveDate(2015, time.April, 01) -// KeyLength returns the bit size of ECDSA or RSA PublicKey +// KeyLength returns the bit size of ECDSA, RSA or Ed25519 PublicKey func KeyLength(key interface{}) int { if key == nil { return 0 @@ -70,6 +71,8 @@ func KeyLength(key interface{}) int { return ecdsaKey.Curve.Params().BitSize } else if rsaKey, ok := key.(*rsa.PublicKey); ok { return rsaKey.N.BitLen() + } else if _, ok := key.(ed25519.PublicKey); ok { + return ed25519.PublicKeySize } return 0 @@ -154,12 +157,14 @@ func SignatureString(alg x509.SignatureAlgorithm) string { return "ECDSAWithSHA384" case x509.ECDSAWithSHA512: return "ECDSAWithSHA512" + case x509.PureEd25519: + return "Ed25519" default: return "Unknown Signature" } } -// HashAlgoString returns the hash algorithm name contains in the signature +// HashAlgoString returns the hash algorithm name contained in the signature // method. func HashAlgoString(alg x509.SignatureAlgorithm) string { switch alg { @@ -187,6 +192,8 @@ func HashAlgoString(alg x509.SignatureAlgorithm) string { return "SHA384" case x509.ECDSAWithSHA512: return "SHA512" + case x509.PureEd25519: + return "Ed25519" default: return "Unknown Hash Algorithm" } @@ -479,6 +486,8 @@ func SignerAlgo(priv crypto.Signer) x509.SignatureAlgorithm { default: return x509.ECDSAWithSHA1 } + case ed25519.PublicKey: + return x509.PureEd25519 default: return x509.UnknownSignatureAlgorithm } diff --git a/helpers/helpers_test.go b/helpers/helpers_test.go index dc59bf2c6..bbc74d38e 100644 --- a/helpers/helpers_test.go +++ b/helpers/helpers_test.go @@ -3,6 +3,7 @@ package helpers import ( "bytes" "crypto/ecdsa" + "crypto/ed25519" "crypto/elliptic" "crypto/rand" "crypto/rsa" @@ -106,6 +107,16 @@ func TestKeyLength(t *testing.T) { if expRsa != outRsa { t.Fatal("KeyLength malfunctioning on rsa input") } + + //test the ed25519 branch + _, ed25519priv, _ := ed25519.GenerateKey(rand.Reader) + ed25519In, _ := ed25519priv.Public().(ed25519.PublicKey) + expEd25519 := len(ed25519In) + outEd25519 := KeyLength(ed25519In) + if expEd25519 != outEd25519 { + t.Fatal("KeyLength malfunctioning on ed25519 input") + } + } func TestExpiryTime(t *testing.T) { @@ -219,6 +230,9 @@ func TestHashAlgoString(t *testing.T) { if HashAlgoString(x509.ECDSAWithSHA512) != "SHA512" { t.Fatal("standin") } + if HashAlgoString(x509.PureEd25519) != "Ed25519" { + t.Fatal("standin") + } if HashAlgoString(math.MaxInt32) != "Unknown Hash Algorithm" { t.Fatal("standin") } @@ -261,6 +275,9 @@ func TestSignatureString(t *testing.T) { if SignatureString(x509.ECDSAWithSHA512) != "ECDSAWithSHA512" { t.Fatal("Signature String functioning improperly") } + if SignatureString(x509.PureEd25519) != "Ed25519" { + t.Fatal("Signature String functioning improperly") + } if SignatureString(math.MaxInt32) != "Unknown Signature" { t.Fatal("Signature String functioning improperly") } diff --git a/initca/initca.go b/initca/initca.go index 40a608502..0ba8f715d 100644 --- a/initca/initca.go +++ b/initca/initca.go @@ -3,8 +3,10 @@ package initca import ( + "bytes" "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/rand" "crypto/rsa" "crypto/x509" @@ -97,7 +99,6 @@ func New(req *csr.CertificateRequest) (cert, csrPEM, key []byte, err error) { cert, err = s.Sign(signReq) return - } // NewFromPEM creates a new root certificate from the key file passed in. @@ -210,8 +211,17 @@ func RenewFromSigner(ca *x509.Certificate, priv crypto.Signer) ([]byte, error) { if ca.PublicKey.(*ecdsa.PublicKey).X.Cmp(ecdsaPublicKey.X) != 0 { return nil, cferr.New(cferr.PrivateKeyError, cferr.KeyMismatch) } + case ca.PublicKeyAlgorithm == x509.Ed25519: + var ed25519PublicKey ed25519.PublicKey + var ok bool + if ed25519PublicKey, ok = priv.Public().(ed25519.PublicKey); !ok { + return nil, cferr.New(cferr.PrivateKeyError, cferr.KeyMismatch) + } + if !(bytes.Equal(ca.PublicKey.(ed25519.PublicKey), ed25519PublicKey)) { + return nil, cferr.New(cferr.PrivateKeyError, cferr.KeyMismatch) + } default: - return nil, cferr.New(cferr.PrivateKeyError, cferr.NotRSAOrECC) + return nil, cferr.New(cferr.PrivateKeyError, cferr.NotRSAOrECCOrEd25519) } req := csr.ExtractCertificateRequest(ca) diff --git a/initca/initca_test.go b/initca/initca_test.go index 154021ac8..c46c208b9 100644 --- a/initca/initca_test.go +++ b/initca/initca_test.go @@ -23,6 +23,7 @@ var validKeyParams = []csr.KeyRequest{ {A: "ecdsa", S: 256}, {A: "ecdsa", S: 384}, {A: "ecdsa", S: 521}, + {A: "ed25519"}, } var validCAConfigs = []csr.CAConfig{ @@ -46,12 +47,15 @@ var csrFiles = []string{ "testdata/ecdsa256.csr", "testdata/ecdsa384.csr", "testdata/ecdsa521.csr", + "testdata/ed25519.csr", } var testRSACAFile = "testdata/5min-rsa.pem" var testRSACAKeyFile = "testdata/5min-rsa-key.pem" var testECDSACAFile = "testdata/5min-ecdsa.pem" var testECDSACAKeyFile = "testdata/5min-ecdsa-key.pem" +var testED25519CAFile = "testdata/5min-ed25519.pem" +var testED25519CAKeyFile = "testdata/5min-ed25519-key.pem" var invalidCryptoParams = []csr.KeyRequest{ // Weak Key @@ -160,7 +164,7 @@ func TestInitCA(t *testing.T) { } s.SetPolicy(CAPolicy()) - // Sign RSA and ECDSA customer CSRs. + // Sign RSA, ECDSA and ed25519 customer CSRs. for _, csrFile := range csrFiles { csrBytes, err := os.ReadFile(csrFile) if err != nil { @@ -209,7 +213,7 @@ func TestInvalidCAConfig(t *testing.T) { _, _, _, err := New(req) if err == nil { - t.Fatal("InitCA with bad CAConfig should fail:", err) + t.Fatalf("InitCA with bad CAConfig should fail: %v", invalidCAConfig) } } func TestInvalidCryptoParams(t *testing.T) { @@ -232,7 +236,7 @@ func TestInvalidCryptoParams(t *testing.T) { } _, _, _, err := New(req) if err == nil { - t.Fatal("InitCA with bad params should fail:", err) + t.Fatalf("InitCA with bad CAConfig should fail: %v", invalidCAConfig) } if !strings.Contains(err.Error(), `"code":2400`) { @@ -311,6 +315,43 @@ func TestRenewRSA(t *testing.T) { } } +func TestRenewED25519(t *testing.T) { + certPEM, err := RenewFromPEM(testED25519CAFile, testED25519CAKeyFile) + if err != nil { + t.Fatal(err) + } + + // must parse ok + cert, err := helpers.ParseCertificatePEM(certPEM) + if err != nil { + t.Fatal(err) + } + + if !cert.IsCA { + t.Fatal("renewed CA certificate is not CA") + } + + // cert expiry must be 5 minutes + expiry := cert.NotAfter.Sub(cert.NotBefore).Seconds() + if expiry >= 301 || expiry <= 299 { + t.Fatal("expiry is not correct:", expiry) + } + + // check subject + + if cert.Subject.CommonName != "" { + t.Fatal("Bad CommonName") + } + + if len(cert.Subject.Country) != 1 || cert.Subject.Country[0] != "US" { + t.Fatal("Bad Subject") + } + + if len(cert.Subject.Organization) != 1 || cert.Subject.Organization[0] != "CloudFlare, Inc." { + t.Fatal("Bad Subject") + } +} + func TestRenewECDSA(t *testing.T) { certPEM, err := RenewFromPEM(testECDSACAFile, testECDSACAKeyFile) if err != nil { diff --git a/initca/testdata/5min-ed25519-key.pem b/initca/testdata/5min-ed25519-key.pem new file mode 100644 index 000000000..8521ed701 --- /dev/null +++ b/initca/testdata/5min-ed25519-key.pem @@ -0,0 +1,3 @@ +-----BEGIN Ed25519 PRIVATE KEY----- +MC4CAQAwBQYDK2VwBCIEIO23h+PSszCu1BdPNn2HnmPexKh9p3HA3QxTOZ3cXQqx +-----END Ed25519 PRIVATE KEY----- diff --git a/initca/testdata/5min-ed25519.pem b/initca/testdata/5min-ed25519.pem new file mode 100644 index 000000000..4d99bddb1 --- /dev/null +++ b/initca/testdata/5min-ed25519.pem @@ -0,0 +1,13 @@ +-----BEGIN CERTIFICATE----- +MIIB+DCCAaqgAwIBAgIUa7gAfTYxGHeXpbZBr25VR3IlEkAwBQYDK2VwMHoxCzAJ +BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1TYW4gRnJh +bmNpc2NvMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMSMwIQYDVQQLExpUZXN0 +IENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0yMDA1MTYwNjE3MDBaFw0yMDA1MTYw +NjIyMDBaMHoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYD +VQQHEw1TYW4gRnJhbmNpc2NvMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMSMw +IQYDVQQLExpUZXN0IENlcnRpZmljYXRlIEF1dGhvcml0eTAqMAUGAytlcAMhAFYw +MXENHjM4ubp76CZbd8PNJEc5ElerX/gYhrACB6GNo0IwQDAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUQIiayHREptI7YAr87AMfj8qB +Tl8wBQYDK2VwA0EAnH3WcTatTHQ/jfCjVwsDmB+1SUoUz9mlPuttW+ZgVOAxTaQ3 +pdbTDE0jKRZI/8fjf6BTwkGqodDAfHojdcEUCA== +-----END CERTIFICATE----- diff --git a/initca/testdata/README.md b/initca/testdata/README.md index e34ad2af6..e4fade9e4 100644 --- a/initca/testdata/README.md +++ b/initca/testdata/README.md @@ -1,11 +1,20 @@ 1. To generate 5min-rsa.pem and 5min-rsa-key.pem + ``` $ cfssl gencert -initca ca_csr_rsa.json | cfssljson -bare 5min-rsa ``` + 2. To generate 5min-ecdsa.pem and 5min-ecdsa-key.pem + ``` $ cfssl gencert -initca ca_csr_ecdsa.json | cfssljson -bare 5min-ecdsa ``` -The above commands will generate 5min-rsa.csr and 5min-ecdsa.csr as well, but those -files can be ignored. +2. To generate 5min-ed25519.pem and 5min-ed25519-key.pem + +``` +$ cfssl gencert -initca ca_csr_ed25519.json | cfssljson -bare 5min-ed25519 +``` + +The above commands will generate 5min-rsa.csr, 5min-ecdsa.csr 5min-ed25519.csr +accordingly, but those files can be ignored. diff --git a/initca/testdata/ca_csr_ed25519.json b/initca/testdata/ca_csr_ed25519.json new file mode 100644 index 000000000..461011d8c --- /dev/null +++ b/initca/testdata/ca_csr_ed25519.json @@ -0,0 +1,17 @@ +{ + "key": { + "algo": "ed25519" + }, + "names": [ + { + "C": "US", + "L": "San Francisco", + "ST": "California", + "O": "CloudFlare, Inc.", + "OU": "Test Certificate Authority" + } + ], + "ca": { + "expiry": "5m" + } +} diff --git a/initca/testdata/ed25519.csr b/initca/testdata/ed25519.csr new file mode 100644 index 000000000..a4b49b262 --- /dev/null +++ b/initca/testdata/ed25519.csr @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBFzCBygIBADBqMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW +MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGDAW +BgNVBAMTD3d3dy5leGFtcGxlLmNvbTAqMAUGAytlcAMhAIvEIdwMxpLmXW+ZKI+u +hb4/H/1qaEOCSbWmWF95m1HzoC0wKwYJKoZIhvcNAQkOMR4wHDAaBgNVHREEEzAR +gg93d3cuZXhhbXBsZS5jb20wBQYDK2VwA0EA/FCjbBOJT6z5wdBLgCJb3WrQGO9E +lOizNutfEk9NlGJliNKkdZO3SZP9Uw/pKHiyxH+vWfUJ3E1DbtTVzmH8DA== +-----END CERTIFICATE REQUEST----- diff --git a/scan/crypto/tls/generate_cert.go b/scan/crypto/tls/generate_cert.go index 8eaa452ad..559cdc822 100644 --- a/scan/crypto/tls/generate_cert.go +++ b/scan/crypto/tls/generate_cert.go @@ -12,6 +12,7 @@ package main import ( "crypto/ecdsa" + "crypto/ed25519" "crypto/elliptic" "crypto/rand" "crypto/rsa" @@ -26,6 +27,8 @@ import ( "os" "strings" "time" + + "github.com/cloudflare/cfssl/helpers/derhelpers" ) var ( @@ -41,6 +44,8 @@ func publicKey(priv interface{}) interface{} { switch k := priv.(type) { case *rsa.PrivateKey: return &k.PublicKey + case *ed25519.PrivateKey: + return &k.Public() case *ecdsa.PrivateKey: return &k.PublicKey default: @@ -52,6 +57,13 @@ func pemBlockForKey(priv interface{}) *pem.Block { switch k := priv.(type) { case *rsa.PrivateKey: return &pem.Block{Type: "RSA PRIVATE KEY", Bytes: x509.MarshalPKCS1PrivateKey(k)} + case *ed25519.PrivateKey: + b, err := derhelpers.MarshalEd25519PrivateKey(priv) + if err != nil { + fmt.Fprintf(os.Stderr, "Unable to marshal ED25519 private key: %v", err) + os.Exit(2) + } + return &pem.Block{Type: "Ed25519 PRIVATE KEY", Bytes: b} case *ecdsa.PrivateKey: b, err := x509.MarshalECPrivateKey(k) if err != nil { @@ -76,6 +88,8 @@ func main() { switch *ecdsaCurve { case "": priv, err = rsa.GenerateKey(rand.Reader, *rsaBits) + case "ED25519": + _, priv, err = ed25519.GenerateKey(rand.Reader) case "P224": priv, err = ecdsa.GenerateKey(elliptic.P224(), rand.Reader) case "P256": diff --git a/signer/local/local_test.go b/signer/local/local_test.go index 041e25486..51cdcf54f 100644 --- a/signer/local/local_test.go +++ b/signer/local/local_test.go @@ -365,6 +365,12 @@ var csrTests = []csrTest{ keyLen: 2048, errorCallback: nil, }, + { + file: "testdata/ed25519.csr", + keyAlgo: "ed25519", + keyLen: 256, + errorCallback: nil, + }, } func TestSignCSRs(t *testing.T) { diff --git a/signer/local/testdata/ed25519.csr b/signer/local/testdata/ed25519.csr new file mode 100644 index 000000000..a4b49b262 --- /dev/null +++ b/signer/local/testdata/ed25519.csr @@ -0,0 +1,8 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIBFzCBygIBADBqMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEW +MBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIGA1UEChMLZXhhbXBsZS5jb20xGDAW +BgNVBAMTD3d3dy5leGFtcGxlLmNvbTAqMAUGAytlcAMhAIvEIdwMxpLmXW+ZKI+u +hb4/H/1qaEOCSbWmWF95m1HzoC0wKwYJKoZIhvcNAQkOMR4wHDAaBgNVHREEEzAR +gg93d3cuZXhhbXBsZS5jb20wBQYDK2VwA0EA/FCjbBOJT6z5wdBLgCJb3WrQGO9E +lOizNutfEk9NlGJliNKkdZO3SZP9Uw/pKHiyxH+vWfUJ3E1DbtTVzmH8DA== +-----END CERTIFICATE REQUEST----- diff --git a/signer/signer.go b/signer/signer.go index ea650bd6d..d5b1f96f0 100644 --- a/signer/signer.go +++ b/signer/signer.go @@ -4,6 +4,7 @@ package signer import ( "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/elliptic" "crypto/rsa" "crypto/sha1" @@ -168,6 +169,8 @@ func DefaultSigAlgo(priv crypto.Signer) x509.SignatureAlgorithm { default: return x509.ECDSAWithSHA1 } + case ed25519.PublicKey: + return x509.PureEd25519 default: return x509.UnknownSignatureAlgorithm } diff --git a/transport/kp/key_provider.go b/transport/kp/key_provider.go index 7663bad56..dc1fd6a3c 100644 --- a/transport/kp/key_provider.go +++ b/transport/kp/key_provider.go @@ -15,6 +15,7 @@ package kp import ( "crypto" "crypto/ecdsa" + "crypto/ed25519" "crypto/elliptic" "crypto/rand" "crypto/rsa" @@ -22,11 +23,13 @@ import ( "crypto/x509" "encoding/pem" "errors" + "io" "os" "strings" "github.com/cloudflare/cfssl/csr" "github.com/cloudflare/cfssl/helpers" + "github.com/cloudflare/cfssl/helpers/derhelpers" "github.com/cloudflare/cfssl/transport/core" ) @@ -241,9 +244,26 @@ func (sp *StandardProvider) Generate(algo string, size int) (err error) { } sp.internal.keyPEM = pem.EncodeToMemory(p) + sp.internal.priv = priv + case "ed25519": + seed := make([]byte, ed25519.SeedSize) + if _, err := io.ReadFull(rand.Reader, seed); err != nil { + return err + } + priv := ed25519.NewKeyFromSeed(seed) + + keyPEM, err := derhelpers.MarshalEd25519PrivateKey(priv) + if err != nil { + return err + } + p := &pem.Block{ + Type: "Ed25519 PRIVATE KEY", + Bytes: keyPEM, + } + sp.internal.keyPEM = pem.EncodeToMemory(p) sp.internal.priv = priv default: - return errors.New("transport: invalid key algorithm; only RSA and ECDSA are supported") + return errors.New("transport: invalid key algorithm; only RSA, Ed25519 and ECDSA are supported") } return nil @@ -324,6 +344,11 @@ func (sp *StandardProvider) Load() (err error) { err = errors.New("transport: PEM type " + p.Type + " is invalid for an ECDSA key") return } + case ed25519.PublicKey: + if p.Type != "Ed25519 PRIVATE KEY" { + err = errors.New("transport: PEM type" + p.Type + "is invalid for an Ed25519 key") + return + } default: err = errors.New("transport: invalid public key type") } diff --git a/transport/kp/key_provider_test.go b/transport/kp/key_provider_test.go index fe3218817..0ec04fb63 100644 --- a/transport/kp/key_provider_test.go +++ b/transport/kp/key_provider_test.go @@ -82,8 +82,18 @@ func TestGenerate(t *testing.T) { t.Fatal("key provider shouldn't have a key yet") } + err = kp.Generate("rsa", 2048) + if err != nil { + t.Fatalf("key provider couldn't generate key: %v", err) + } + err = kp.Generate("ecdsa", 256) if err != nil { t.Fatalf("key provider couldn't generate key: %v", err) } + + err = kp.Generate("ed25519", 256) // ed25519 key size is ignored + if err != nil { + t.Fatalf("key provider couldn't generate key: %v", err) + } } diff --git a/vendor/github.com/cloudflare/circl/LICENSE b/vendor/github.com/cloudflare/circl/LICENSE new file mode 100644 index 000000000..67edaa90a --- /dev/null +++ b/vendor/github.com/cloudflare/circl/LICENSE @@ -0,0 +1,57 @@ +Copyright (c) 2019 Cloudflare. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Cloudflare nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +======================================================================== + +Copyright (c) 2009 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/cloudflare/circl/internal/conv/conv.go b/vendor/github.com/cloudflare/circl/internal/conv/conv.go new file mode 100644 index 000000000..b4a4f0b16 --- /dev/null +++ b/vendor/github.com/cloudflare/circl/internal/conv/conv.go @@ -0,0 +1,89 @@ +package conv + +import ( + "fmt" + "math/big" + "strings" +) + +// BytesLe2Hex returns an hexadecimal string of a number stored in a +// little-endian order slice x. +func BytesLe2Hex(x []byte) string { + b := &strings.Builder{} + b.Grow(2*len(x) + 2) + fmt.Fprint(b, "0x") + if len(x) == 0 { + fmt.Fprint(b, "00") + } + for i := len(x) - 1; i >= 0; i-- { + fmt.Fprintf(b, "%02x", x[i]) + } + return b.String() +} + +// BytesLe2BigInt converts a little-endian slice x into a big-endian +// math/big.Int. +func BytesLe2BigInt(x []byte) *big.Int { + n := len(x) + b := new(big.Int) + if len(x) > 0 { + y := make([]byte, n) + for i := 0; i < n; i++ { + y[n-1-i] = x[i] + } + b.SetBytes(y) + } + return b +} + +// BigInt2BytesLe stores a positive big.Int number x into a little-endian slice z. +// The slice is modified if the bitlength of x <= 8*len(z) (padding with zeros). +// If x does not fit in the slice or is negative, z is not modified. +func BigInt2BytesLe(z []byte, x *big.Int) { + xLen := (x.BitLen() + 7) >> 3 + zLen := len(z) + if zLen >= xLen && x.Sign() >= 0 { + y := x.Bytes() + for i := 0; i < xLen; i++ { + z[i] = y[xLen-1-i] + } + for i := xLen; i < zLen; i++ { + z[i] = 0 + } + } +} + +// Uint64Le2BigInt converts a llitle-endian slice x into a big number. +func Uint64Le2BigInt(x []uint64) *big.Int { + n := len(x) + b := new(big.Int) + var bi big.Int + for i := n - 1; i >= 0; i-- { + bi.SetUint64(x[i]) + b.Lsh(b, 64) + b.Add(b, &bi) + } + return b +} + +// BigInt2Uint64Le stores a positive big.Int number x into a little-endian slice z. +// The slice is modified if the bitlength of x <= 8*len(z) (padding with zeros). +// If x does not fit in the slice or is negative, z is not modified. +func BigInt2Uint64Le(z []uint64, x *big.Int) { + xLen := (x.BitLen() + 63) >> 6 // number of 64-bit words + zLen := len(z) + if zLen >= xLen && x.Sign() > 0 { + var y, yi big.Int + y.Set(x) + two64 := big.NewInt(1) + two64.Lsh(two64, 64).Sub(two64, big.NewInt(1)) + for i := 0; i < xLen; i++ { + yi.And(&y, two64) + z[i] = yi.Uint64() + y.Rsh(&y, 64) + } + } + for i := xLen; i < zLen; i++ { + z[i] = 0 + } +} diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp.go new file mode 100644 index 000000000..496287ec5 --- /dev/null +++ b/vendor/github.com/cloudflare/circl/math/fp25519/fp.go @@ -0,0 +1,205 @@ +// Package fp25519 provides prime field arithmetic over GF(2^255-19). +package fp25519 + +import ( + "errors" + + "github.com/cloudflare/circl/internal/conv" +) + +// Size in bytes of an element. +const Size = 32 + +// Elt is a prime field element. +type Elt [Size]byte + +func (e Elt) String() string { return conv.BytesLe2Hex(e[:]) } + +// p is the prime modulus 2^255-19. +var p = Elt{ + 0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, +} + +// P returns the prime modulus 2^255-19. +func P() Elt { return p } + +// ToBytes stores in b the little-endian byte representation of x. +func ToBytes(b []byte, x *Elt) error { + if len(b) != Size { + return errors.New("wrong size") + } + Modp(x) + copy(b, x[:]) + return nil +} + +// IsZero returns true if x is equal to 0. +func IsZero(x *Elt) bool { Modp(x); return *x == Elt{} } + +// SetOne assigns x=1. +func SetOne(x *Elt) { *x = Elt{}; x[0] = 1 } + +// Neg calculates z = -x. +func Neg(z, x *Elt) { Sub(z, &p, x) } + +// InvSqrt calculates z = sqrt(x/y) iff x/y is a quadratic-residue, which is +// indicated by returning isQR = true. Otherwise, when x/y is a quadratic +// non-residue, z will have an undetermined value and isQR = false. +func InvSqrt(z, x, y *Elt) (isQR bool) { + sqrtMinusOne := &Elt{ + 0xb0, 0xa0, 0x0e, 0x4a, 0x27, 0x1b, 0xee, 0xc4, + 0x78, 0xe4, 0x2f, 0xad, 0x06, 0x18, 0x43, 0x2f, + 0xa7, 0xd7, 0xfb, 0x3d, 0x99, 0x00, 0x4d, 0x2b, + 0x0b, 0xdf, 0xc1, 0x4f, 0x80, 0x24, 0x83, 0x2b, + } + t0, t1, t2, t3 := &Elt{}, &Elt{}, &Elt{}, &Elt{} + + Mul(t0, x, y) // t0 = u*v + Sqr(t1, y) // t1 = v^2 + Mul(t2, t0, t1) // t2 = u*v^3 + Sqr(t0, t1) // t0 = v^4 + Mul(t1, t0, t2) // t1 = u*v^7 + + var Tab [4]*Elt + Tab[0] = &Elt{} + Tab[1] = &Elt{} + Tab[2] = t3 + Tab[3] = t1 + + *Tab[0] = *t1 + Sqr(Tab[0], Tab[0]) + Sqr(Tab[1], Tab[0]) + Sqr(Tab[1], Tab[1]) + Mul(Tab[1], Tab[1], Tab[3]) + Mul(Tab[0], Tab[0], Tab[1]) + Sqr(Tab[0], Tab[0]) + Mul(Tab[0], Tab[0], Tab[1]) + Sqr(Tab[1], Tab[0]) + for i := 0; i < 4; i++ { + Sqr(Tab[1], Tab[1]) + } + Mul(Tab[1], Tab[1], Tab[0]) + Sqr(Tab[2], Tab[1]) + for i := 0; i < 4; i++ { + Sqr(Tab[2], Tab[2]) + } + Mul(Tab[2], Tab[2], Tab[0]) + Sqr(Tab[1], Tab[2]) + for i := 0; i < 14; i++ { + Sqr(Tab[1], Tab[1]) + } + Mul(Tab[1], Tab[1], Tab[2]) + Sqr(Tab[2], Tab[1]) + for i := 0; i < 29; i++ { + Sqr(Tab[2], Tab[2]) + } + Mul(Tab[2], Tab[2], Tab[1]) + Sqr(Tab[1], Tab[2]) + for i := 0; i < 59; i++ { + Sqr(Tab[1], Tab[1]) + } + Mul(Tab[1], Tab[1], Tab[2]) + for i := 0; i < 5; i++ { + Sqr(Tab[1], Tab[1]) + } + Mul(Tab[1], Tab[1], Tab[0]) + Sqr(Tab[2], Tab[1]) + for i := 0; i < 124; i++ { + Sqr(Tab[2], Tab[2]) + } + Mul(Tab[2], Tab[2], Tab[1]) + Sqr(Tab[2], Tab[2]) + Sqr(Tab[2], Tab[2]) + Mul(Tab[2], Tab[2], Tab[3]) + + Mul(z, t3, t2) // z = xy^(p+3)/8 = xy^3*(xy^7)^(p-5)/8 + // Checking whether y z^2 == x + Sqr(t0, z) // t0 = z^2 + Mul(t0, t0, y) // t0 = yz^2 + Sub(t1, t0, x) // t1 = t0-u + Add(t2, t0, x) // t2 = t0+u + if IsZero(t1) { + return true + } else if IsZero(t2) { + Mul(z, z, sqrtMinusOne) // z = z*sqrt(-1) + return true + } else { + return false + } +} + +// Inv calculates z = 1/x mod p. +func Inv(z, x *Elt) { + x0, x1, x2 := &Elt{}, &Elt{}, &Elt{} + Sqr(x1, x) + Sqr(x0, x1) + Sqr(x0, x0) + Mul(x0, x0, x) + Mul(z, x0, x1) + Sqr(x1, z) + Mul(x0, x0, x1) + Sqr(x1, x0) + for i := 0; i < 4; i++ { + Sqr(x1, x1) + } + Mul(x0, x0, x1) + Sqr(x1, x0) + for i := 0; i < 9; i++ { + Sqr(x1, x1) + } + Mul(x1, x1, x0) + Sqr(x2, x1) + for i := 0; i < 19; i++ { + Sqr(x2, x2) + } + Mul(x2, x2, x1) + for i := 0; i < 10; i++ { + Sqr(x2, x2) + } + Mul(x2, x2, x0) + Sqr(x0, x2) + for i := 0; i < 49; i++ { + Sqr(x0, x0) + } + Mul(x0, x0, x2) + Sqr(x1, x0) + for i := 0; i < 99; i++ { + Sqr(x1, x1) + } + Mul(x1, x1, x0) + for i := 0; i < 50; i++ { + Sqr(x1, x1) + } + Mul(x1, x1, x2) + for i := 0; i < 5; i++ { + Sqr(x1, x1) + } + Mul(z, z, x1) +} + +// Cmov assigns y to x if n is 1. +func Cmov(x, y *Elt, n uint) { cmov(x, y, n) } + +// Cswap interchages x and y if n is 1. +func Cswap(x, y *Elt, n uint) { cswap(x, y, n) } + +// Add calculates z = x+y mod p. +func Add(z, x, y *Elt) { add(z, x, y) } + +// Sub calculates z = x-y mod p. +func Sub(z, x, y *Elt) { sub(z, x, y) } + +// AddSub calculates (x,y) = (x+y mod p, x-y mod p). +func AddSub(x, y *Elt) { addsub(x, y) } + +// Mul calculates z = x*y mod p. +func Mul(z, x, y *Elt) { mul(z, x, y) } + +// Sqr calculates z = x^2 mod p. +func Sqr(z, x *Elt) { sqr(z, x) } + +// Modp ensures that z is between [0,p-1]. +func Modp(z *Elt) { modp(z) } diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go new file mode 100644 index 000000000..1c35c0079 --- /dev/null +++ b/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go @@ -0,0 +1,44 @@ +// +build amd64,!purego + +package fp25519 + +import ( + "golang.org/x/sys/cpu" +) + +var hasBmi2Adx = cpu.X86.HasBMI2 && cpu.X86.HasADX + +var _ = hasBmi2Adx + +func cmov(x, y *Elt, n uint) { cmovAmd64(x, y, n) } +func cswap(x, y *Elt, n uint) { cswapAmd64(x, y, n) } +func add(z, x, y *Elt) { addAmd64(z, x, y) } +func sub(z, x, y *Elt) { subAmd64(z, x, y) } +func addsub(x, y *Elt) { addsubAmd64(x, y) } +func mul(z, x, y *Elt) { mulAmd64(z, x, y) } +func sqr(z, x *Elt) { sqrAmd64(z, x) } +func modp(z *Elt) { modpAmd64(z) } + +//go:noescape +func cmovAmd64(x, y *Elt, n uint) + +//go:noescape +func cswapAmd64(x, y *Elt, n uint) + +//go:noescape +func addAmd64(z, x, y *Elt) + +//go:noescape +func subAmd64(z, x, y *Elt) + +//go:noescape +func addsubAmd64(x, y *Elt) + +//go:noescape +func mulAmd64(z, x, y *Elt) + +//go:noescape +func sqrAmd64(z, x *Elt) + +//go:noescape +func modpAmd64(z *Elt) diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h b/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h new file mode 100644 index 000000000..7b25f16e4 --- /dev/null +++ b/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h @@ -0,0 +1,350 @@ +// This code was imported from https://github.com/armfazh/rfc7748_precomputed + +// CHECK_BMI2ADX triggers bmi2adx if supported, +// otherwise it fallbacks to legacy code. +#define CHECK_BMI2ADX(label, legacy, bmi2adx) \ + CMPB ·hasBmi2Adx(SB), $0 \ + JE label \ + bmi2adx \ + RET \ + label: \ + legacy \ + RET + +// cselect is a conditional move +// if b=1: it copies y into x; +// if b=0: x remains with the same value; +// if b<> 0,1: undefined. +// Uses: AX, DX, FLAGS +// Instr: x86_64, cmov +#define cselect(x,y,b) \ + TESTQ b, b \ + MOVQ 0+x, AX; MOVQ 0+y, DX; CMOVQNE DX, AX; MOVQ AX, 0+x; \ + MOVQ 8+x, AX; MOVQ 8+y, DX; CMOVQNE DX, AX; MOVQ AX, 8+x; \ + MOVQ 16+x, AX; MOVQ 16+y, DX; CMOVQNE DX, AX; MOVQ AX, 16+x; \ + MOVQ 24+x, AX; MOVQ 24+y, DX; CMOVQNE DX, AX; MOVQ AX, 24+x; + +// cswap is a conditional swap +// if b=1: x,y <- y,x; +// if b=0: x,y remain with the same values; +// if b<> 0,1: undefined. +// Uses: AX, DX, R8, FLAGS +// Instr: x86_64, cmov +#define cswap(x,y,b) \ + TESTQ b, b \ + MOVQ 0+x, AX; MOVQ AX, R8; MOVQ 0+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 0+x; MOVQ DX, 0+y; \ + MOVQ 8+x, AX; MOVQ AX, R8; MOVQ 8+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 8+x; MOVQ DX, 8+y; \ + MOVQ 16+x, AX; MOVQ AX, R8; MOVQ 16+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 16+x; MOVQ DX, 16+y; \ + MOVQ 24+x, AX; MOVQ AX, R8; MOVQ 24+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 24+x; MOVQ DX, 24+y; + +// additionLeg adds x and y and stores in z +// Uses: AX, DX, R8-R11, FLAGS +// Instr: x86_64, cmov +#define additionLeg(z,x,y) \ + MOVL $38, AX; \ + MOVL $0, DX; \ + MOVQ 0+x, R8; ADDQ 0+y, R8; \ + MOVQ 8+x, R9; ADCQ 8+y, R9; \ + MOVQ 16+x, R10; ADCQ 16+y, R10; \ + MOVQ 24+x, R11; ADCQ 24+y, R11; \ + CMOVQCS AX, DX; \ + ADDQ DX, R8; \ + ADCQ $0, R9; MOVQ R9, 8+z; \ + ADCQ $0, R10; MOVQ R10, 16+z; \ + ADCQ $0, R11; MOVQ R11, 24+z; \ + MOVL $0, DX; \ + CMOVQCS AX, DX; \ + ADDQ DX, R8; MOVQ R8, 0+z; + +// additionAdx adds x and y and stores in z +// Uses: AX, DX, R8-R11, FLAGS +// Instr: x86_64, cmov, adx +#define additionAdx(z,x,y) \ + MOVL $38, AX; \ + XORL DX, DX; \ + MOVQ 0+x, R8; ADCXQ 0+y, R8; \ + MOVQ 8+x, R9; ADCXQ 8+y, R9; \ + MOVQ 16+x, R10; ADCXQ 16+y, R10; \ + MOVQ 24+x, R11; ADCXQ 24+y, R11; \ + CMOVQCS AX, DX ; \ + XORL AX, AX; \ + ADCXQ DX, R8; \ + ADCXQ AX, R9; MOVQ R9, 8+z; \ + ADCXQ AX, R10; MOVQ R10, 16+z; \ + ADCXQ AX, R11; MOVQ R11, 24+z; \ + MOVL $38, DX; \ + CMOVQCS DX, AX; \ + ADDQ AX, R8; MOVQ R8, 0+z; + +// subtraction subtracts y from x and stores in z +// Uses: AX, DX, R8-R11, FLAGS +// Instr: x86_64, cmov +#define subtraction(z,x,y) \ + MOVL $38, AX; \ + MOVQ 0+x, R8; SUBQ 0+y, R8; \ + MOVQ 8+x, R9; SBBQ 8+y, R9; \ + MOVQ 16+x, R10; SBBQ 16+y, R10; \ + MOVQ 24+x, R11; SBBQ 24+y, R11; \ + MOVL $0, DX; \ + CMOVQCS AX, DX; \ + SUBQ DX, R8; \ + SBBQ $0, R9; MOVQ R9, 8+z; \ + SBBQ $0, R10; MOVQ R10, 16+z; \ + SBBQ $0, R11; MOVQ R11, 24+z; \ + MOVL $0, DX; \ + CMOVQCS AX, DX; \ + SUBQ DX, R8; MOVQ R8, 0+z; + +// integerMulAdx multiplies x and y and stores in z +// Uses: AX, DX, R8-R15, FLAGS +// Instr: x86_64, bmi2, adx +#define integerMulAdx(z,x,y) \ + MOVQ 0+y, DX; XORL AX, AX; \ + MULXQ 0+x, AX, R8; MOVQ AX, 0+z; \ + MULXQ 8+x, AX, R9; ADCXQ AX, R8; \ + MULXQ 16+x, AX, R10; ADCXQ AX, R9; \ + MULXQ 24+x, AX, R11; ADCXQ AX, R10; \ + MOVL $0, AX;;;;;;;;; ADCXQ AX, R11; \ + MOVQ 8+y, DX; XORL AX, AX; \ + MULXQ 0+x, AX, R12; ADCXQ R8, AX; MOVQ AX, 8+z; \ + MULXQ 8+x, AX, R13; ADCXQ R9, R12; ADOXQ AX, R12; \ + MULXQ 16+x, AX, R14; ADCXQ R10, R13; ADOXQ AX, R13; \ + MULXQ 24+x, AX, R15; ADCXQ R11, R14; ADOXQ AX, R14; \ + MOVL $0, AX;;;;;;;;; ADCXQ AX, R15; ADOXQ AX, R15; \ + MOVQ 16+y, DX; XORL AX, AX; \ + MULXQ 0+x, AX, R8; ADCXQ R12, AX; MOVQ AX, 16+z; \ + MULXQ 8+x, AX, R9; ADCXQ R13, R8; ADOXQ AX, R8; \ + MULXQ 16+x, AX, R10; ADCXQ R14, R9; ADOXQ AX, R9; \ + MULXQ 24+x, AX, R11; ADCXQ R15, R10; ADOXQ AX, R10; \ + MOVL $0, AX;;;;;;;;; ADCXQ AX, R11; ADOXQ AX, R11; \ + MOVQ 24+y, DX; XORL AX, AX; \ + MULXQ 0+x, AX, R12; ADCXQ R8, AX; MOVQ AX, 24+z; \ + MULXQ 8+x, AX, R13; ADCXQ R9, R12; ADOXQ AX, R12; MOVQ R12, 32+z; \ + MULXQ 16+x, AX, R14; ADCXQ R10, R13; ADOXQ AX, R13; MOVQ R13, 40+z; \ + MULXQ 24+x, AX, R15; ADCXQ R11, R14; ADOXQ AX, R14; MOVQ R14, 48+z; \ + MOVL $0, AX;;;;;;;;; ADCXQ AX, R15; ADOXQ AX, R15; MOVQ R15, 56+z; + +// integerMulLeg multiplies x and y and stores in z +// Uses: AX, DX, R8-R15, FLAGS +// Instr: x86_64 +#define integerMulLeg(z,x,y) \ + MOVQ 0+y, R8; \ + MOVQ 0+x, AX; MULQ R8; MOVQ AX, 0+z; MOVQ DX, R15; \ + MOVQ 8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \ + MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \ + MOVQ 24+x, AX; MULQ R8; \ + ADDQ R13, R15; \ + ADCQ R14, R10; MOVQ R10, 16+z; \ + ADCQ AX, R11; MOVQ R11, 24+z; \ + ADCQ $0, DX; MOVQ DX, 32+z; \ + MOVQ 8+y, R8; \ + MOVQ 0+x, AX; MULQ R8; MOVQ AX, R12; MOVQ DX, R9; \ + MOVQ 8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \ + MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \ + MOVQ 24+x, AX; MULQ R8; \ + ADDQ R12, R15; MOVQ R15, 8+z; \ + ADCQ R13, R9; \ + ADCQ R14, R10; \ + ADCQ AX, R11; \ + ADCQ $0, DX; \ + ADCQ 16+z, R9; MOVQ R9, R15; \ + ADCQ 24+z, R10; MOVQ R10, 24+z; \ + ADCQ 32+z, R11; MOVQ R11, 32+z; \ + ADCQ $0, DX; MOVQ DX, 40+z; \ + MOVQ 16+y, R8; \ + MOVQ 0+x, AX; MULQ R8; MOVQ AX, R12; MOVQ DX, R9; \ + MOVQ 8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \ + MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \ + MOVQ 24+x, AX; MULQ R8; \ + ADDQ R12, R15; MOVQ R15, 16+z; \ + ADCQ R13, R9; \ + ADCQ R14, R10; \ + ADCQ AX, R11; \ + ADCQ $0, DX; \ + ADCQ 24+z, R9; MOVQ R9, R15; \ + ADCQ 32+z, R10; MOVQ R10, 32+z; \ + ADCQ 40+z, R11; MOVQ R11, 40+z; \ + ADCQ $0, DX; MOVQ DX, 48+z; \ + MOVQ 24+y, R8; \ + MOVQ 0+x, AX; MULQ R8; MOVQ AX, R12; MOVQ DX, R9; \ + MOVQ 8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \ + MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \ + MOVQ 24+x, AX; MULQ R8; \ + ADDQ R12, R15; MOVQ R15, 24+z; \ + ADCQ R13, R9; \ + ADCQ R14, R10; \ + ADCQ AX, R11; \ + ADCQ $0, DX; \ + ADCQ 32+z, R9; MOVQ R9, 32+z; \ + ADCQ 40+z, R10; MOVQ R10, 40+z; \ + ADCQ 48+z, R11; MOVQ R11, 48+z; \ + ADCQ $0, DX; MOVQ DX, 56+z; + +// integerSqrLeg squares x and stores in z +// Uses: AX, CX, DX, R8-R15, FLAGS +// Instr: x86_64 +#define integerSqrLeg(z,x) \ + MOVQ 0+x, R8; \ + MOVQ 8+x, AX; MULQ R8; MOVQ AX, R9; MOVQ DX, R10; /* A[0]*A[1] */ \ + MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; /* A[0]*A[2] */ \ + MOVQ 24+x, AX; MULQ R8; MOVQ AX, R15; MOVQ DX, R12; /* A[0]*A[3] */ \ + MOVQ 24+x, R8; \ + MOVQ 8+x, AX; MULQ R8; MOVQ AX, CX; MOVQ DX, R13; /* A[3]*A[1] */ \ + MOVQ 16+x, AX; MULQ R8; /* A[3]*A[2] */ \ + \ + ADDQ R14, R10;\ + ADCQ R15, R11; MOVL $0, R15;\ + ADCQ CX, R12;\ + ADCQ AX, R13;\ + ADCQ $0, DX; MOVQ DX, R14;\ + MOVQ 8+x, AX; MULQ 16+x;\ + \ + ADDQ AX, R11;\ + ADCQ DX, R12;\ + ADCQ $0, R13;\ + ADCQ $0, R14;\ + ADCQ $0, R15;\ + \ + SHLQ $1, R14, R15; MOVQ R15, 56+z;\ + SHLQ $1, R13, R14; MOVQ R14, 48+z;\ + SHLQ $1, R12, R13; MOVQ R13, 40+z;\ + SHLQ $1, R11, R12; MOVQ R12, 32+z;\ + SHLQ $1, R10, R11; MOVQ R11, 24+z;\ + SHLQ $1, R9, R10; MOVQ R10, 16+z;\ + SHLQ $1, R9; MOVQ R9, 8+z;\ + \ + MOVQ 0+x,AX; MULQ AX; MOVQ AX, 0+z; MOVQ DX, R9;\ + MOVQ 8+x,AX; MULQ AX; MOVQ AX, R10; MOVQ DX, R11;\ + MOVQ 16+x,AX; MULQ AX; MOVQ AX, R12; MOVQ DX, R13;\ + MOVQ 24+x,AX; MULQ AX; MOVQ AX, R14; MOVQ DX, R15;\ + \ + ADDQ 8+z, R9; MOVQ R9, 8+z;\ + ADCQ 16+z, R10; MOVQ R10, 16+z;\ + ADCQ 24+z, R11; MOVQ R11, 24+z;\ + ADCQ 32+z, R12; MOVQ R12, 32+z;\ + ADCQ 40+z, R13; MOVQ R13, 40+z;\ + ADCQ 48+z, R14; MOVQ R14, 48+z;\ + ADCQ 56+z, R15; MOVQ R15, 56+z; + +// integerSqrAdx squares x and stores in z +// Uses: AX, CX, DX, R8-R15, FLAGS +// Instr: x86_64, bmi2, adx +#define integerSqrAdx(z,x) \ + MOVQ 0+x, DX; /* A[0] */ \ + MULXQ 8+x, R8, R14; /* A[1]*A[0] */ XORL R15, R15; \ + MULXQ 16+x, R9, R10; /* A[2]*A[0] */ ADCXQ R14, R9; \ + MULXQ 24+x, AX, CX; /* A[3]*A[0] */ ADCXQ AX, R10; \ + MOVQ 24+x, DX; /* A[3] */ \ + MULXQ 8+x, R11, R12; /* A[1]*A[3] */ ADCXQ CX, R11; \ + MULXQ 16+x, AX, R13; /* A[2]*A[3] */ ADCXQ AX, R12; \ + MOVQ 8+x, DX; /* A[1] */ ADCXQ R15, R13; \ + MULXQ 16+x, AX, CX; /* A[2]*A[1] */ MOVL $0, R14; \ + ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ADCXQ R15, R14; \ + XORL R15, R15; \ + ADOXQ AX, R10; ADCXQ R8, R8; \ + ADOXQ CX, R11; ADCXQ R9, R9; \ + ADOXQ R15, R12; ADCXQ R10, R10; \ + ADOXQ R15, R13; ADCXQ R11, R11; \ + ADOXQ R15, R14; ADCXQ R12, R12; \ + ;;;;;;;;;;;;;;; ADCXQ R13, R13; \ + ;;;;;;;;;;;;;;; ADCXQ R14, R14; \ + MOVQ 0+x, DX; MULXQ DX, AX, CX; /* A[0]^2 */ \ + ;;;;;;;;;;;;;;; MOVQ AX, 0+z; \ + ADDQ CX, R8; MOVQ R8, 8+z; \ + MOVQ 8+x, DX; MULXQ DX, AX, CX; /* A[1]^2 */ \ + ADCQ AX, R9; MOVQ R9, 16+z; \ + ADCQ CX, R10; MOVQ R10, 24+z; \ + MOVQ 16+x, DX; MULXQ DX, AX, CX; /* A[2]^2 */ \ + ADCQ AX, R11; MOVQ R11, 32+z; \ + ADCQ CX, R12; MOVQ R12, 40+z; \ + MOVQ 24+x, DX; MULXQ DX, AX, CX; /* A[3]^2 */ \ + ADCQ AX, R13; MOVQ R13, 48+z; \ + ADCQ CX, R14; MOVQ R14, 56+z; + +// reduceFromDouble finds z congruent to x modulo p such that 0> 63) + // PUT BIT 255 IN CARRY FLAG AND CLEAR + x3 &^= 1 << 63 + + x0, c0 := bits.Add64(xx[0], cx, 0) + x1, c1 := bits.Add64(xx[1], 0, c0) + x2, c2 := bits.Add64(xx[2], 0, c1) + x3, _ = bits.Add64(x3, 0, c2) + + // TEST FOR BIT 255 AGAIN; ONLY TRIGGERED ON OVERFLOW MODULO 2^255-19 + // cx = C[255] ? 0 : 19 + cx = uint64(19) &^ (-(x3 >> 63)) + // CLEAR BIT 255 + x3 &^= 1 << 63 + + xx[0], c0 = bits.Sub64(x0, cx, 0) + xx[1], c1 = bits.Sub64(x1, 0, c0) + xx[2], c2 = bits.Sub64(x2, 0, c1) + xx[3], _ = bits.Sub64(x3, 0, c2) +} + +func red64(z, h *elt64) { + h0, l0 := bits.Mul64(h[0], 38) + h1, l1 := bits.Mul64(h[1], 38) + h2, l2 := bits.Mul64(h[2], 38) + h3, l3 := bits.Mul64(h[3], 38) + + l1, c0 := bits.Add64(h0, l1, 0) + l2, c1 := bits.Add64(h1, l2, c0) + l3, c2 := bits.Add64(h2, l3, c1) + l4, _ := bits.Add64(h3, 0, c2) + + l0, c0 = bits.Add64(l0, z[0], 0) + l1, c1 = bits.Add64(l1, z[1], c0) + l2, c2 = bits.Add64(l2, z[2], c1) + l3, c3 := bits.Add64(l3, z[3], c2) + l4, _ = bits.Add64(l4, 0, c3) + + _, l4 = bits.Mul64(l4, 38) + l0, c0 = bits.Add64(l0, l4, 0) + z[1], c1 = bits.Add64(l1, 0, c0) + z[2], c2 = bits.Add64(l2, 0, c1) + z[3], c3 = bits.Add64(l3, 0, c2) + z[0], _ = bits.Add64(l0, (-c3)&38, 0) +} diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go new file mode 100644 index 000000000..08a07b667 --- /dev/null +++ b/vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go @@ -0,0 +1,12 @@ +// +build !amd64 purego + +package fp25519 + +func cmov(x, y *Elt, n uint) { cmovGeneric(x, y, n) } +func cswap(x, y *Elt, n uint) { cswapGeneric(x, y, n) } +func add(z, x, y *Elt) { addGeneric(z, x, y) } +func sub(z, x, y *Elt) { subGeneric(z, x, y) } +func addsub(x, y *Elt) { addsubGeneric(x, y) } +func mul(z, x, y *Elt) { mulGeneric(z, x, y) } +func sqr(z, x *Elt) { sqrGeneric(z, x) } +func modp(z *Elt) { modpGeneric(z) } diff --git a/vendor/github.com/cloudflare/circl/math/wnaf.go b/vendor/github.com/cloudflare/circl/math/wnaf.go new file mode 100644 index 000000000..df7a9c9ba --- /dev/null +++ b/vendor/github.com/cloudflare/circl/math/wnaf.go @@ -0,0 +1,84 @@ +// Package math provides some utility functions for big integers. +package math + +import "math/big" + +// SignedDigit obtains the signed-digit recoding of n and returns a list L of +// digits such that n = sum( L[i]*2^(i*(w-1)) ), and each L[i] is an odd number +// in the set {±1, ±3, ..., ±2^(w-1)-1}. The third parameter ensures that the +// output has ceil(l/(w-1)) digits. +// +// Restrictions: +// - n is odd and n > 0. +// - 1 < w < 32. +// - l >= bit length of n. +// +// References: +// - Alg.6 in "Exponent Recoding and Regular Exponentiation Algorithms" +// by Joye-Tunstall. http://doi.org/10.1007/978-3-642-02384-2_21 +// - Alg.6 in "Selecting Elliptic Curves for Cryptography: An Efficiency and +// Security Analysis" by Bos et al. http://doi.org/10.1007/s13389-015-0097-y +func SignedDigit(n *big.Int, w, l uint) []int32 { + if n.Sign() <= 0 || n.Bit(0) == 0 { + panic("n must be non-zero, odd, and positive") + } + if w <= 1 || w >= 32 { + panic("Verify that 1 < w < 32") + } + if uint(n.BitLen()) > l { + panic("n is too big to fit in l digits") + } + lenN := (l + (w - 1) - 1) / (w - 1) // ceil(l/(w-1)) + L := make([]int32, lenN+1) + var k, v big.Int + k.Set(n) + + var i uint + for i = 0; i < lenN; i++ { + words := k.Bits() + value := int32(words[0] & ((1 << w) - 1)) + value -= int32(1) << (w - 1) + L[i] = value + v.SetInt64(int64(value)) + k.Sub(&k, &v) + k.Rsh(&k, w-1) + } + L[i] = int32(k.Int64()) + return L +} + +// OmegaNAF obtains the window-w Non-Adjacent Form of a positive number n and +// 1 < w < 32. The returned slice L holds n = sum( L[i]*2^i ). +// +// Reference: +// - Alg.9 "Efficient arithmetic on Koblitz curves" by Solinas. +// http://doi.org/10.1023/A:1008306223194 +func OmegaNAF(n *big.Int, w uint) (L []int32) { + if n.Sign() < 0 { + panic("n must be positive") + } + if w <= 1 || w >= 32 { + panic("Verify that 1 < w < 32") + } + + L = make([]int32, n.BitLen()+1) + var k, v big.Int + k.Set(n) + + i := 0 + for ; k.Sign() > 0; i++ { + value := int32(0) + if k.Bit(0) == 1 { + words := k.Bits() + value = int32(words[0] & ((1 << w) - 1)) + if value >= (int32(1) << (w - 1)) { + value -= int32(1) << w + } + v.SetInt64(int64(value)) + k.Sub(&k, &v) + } + L[i] = value + k.Rsh(&k, 1) + } + return L[:i] +} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go b/vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go new file mode 100644 index 000000000..b94b09bf1 --- /dev/null +++ b/vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go @@ -0,0 +1,178 @@ +// Package ed25519 implements Ed25519 signature scheme as described in RFC-8032. +// +// References: +// - RFC8032 https://rfc-editor.org/rfc/rfc8032.txt +// - Ed25519 https://ed25519.cr.yp.to/ +// - High-speed high-security signatures. https://doi.org/10.1007/s13389-012-0027-1 +package ed25519 + +import ( + "bytes" + "crypto" + cryptoRand "crypto/rand" + "crypto/sha512" + "errors" + "io" +) + +const ( + // PublicKeySize is the length in bytes of Ed25519 public keys. + PublicKeySize = 32 + // PrivateKeySize is the length in bytes of Ed25519 private keys. + PrivateKeySize = 32 + // SignatureSize is the length in bytes of signatures. + SignatureSize = 64 +) +const ( + paramB = 256 / 8 // Size of keys in bytes. +) + +// PublicKey represents a public key of Ed25519. +type PublicKey []byte + +// PrivateKey represents a private key of Ed25519. +type PrivateKey []byte + +// KeyPair implements crypto.Signer (golang.org/pkg/crypto/#Signer) interface. +type KeyPair struct { + private [PrivateKeySize]byte + public [PublicKeySize]byte +} + +// GetPrivate returns a copy of the private key. +func (kp *KeyPair) GetPrivate() PrivateKey { z := kp.private; return z[:] } + +// GetPublic returns a copy of the public key. +func (kp *KeyPair) GetPublic() PublicKey { z := kp.public; return z[:] } + +// Seed returns the private key seed. +func (kp *KeyPair) Seed() []byte { return kp.GetPrivate() } + +// Public returns a crypto.PublicKey. +func (kp *KeyPair) Public() crypto.PublicKey { return kp.GetPublic() } + +// Sign creates a signature of a message given a key pair. +// Ed25519 performs two passes over messages to be signed and therefore cannot +// handle pre-hashed messages. +// The opts.HashFunc() must return zero to indicate the message hasn't been +// hashed. This can be achieved by passing crypto.Hash(0) as the value for opts. +func (kp *KeyPair) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) ([]byte, error) { + if opts.HashFunc() != crypto.Hash(0) { + return nil, errors.New("ed25519: cannot sign hashed message") + } + return kp.SignPure(message) +} + +// GenerateKey produces public and private keys using entropy from rand. +// If rand is nil, crypto/rand.Reader will be used. +func GenerateKey(rand io.Reader) (*KeyPair, error) { + if rand == nil { + rand = cryptoRand.Reader + } + seed := make(PrivateKey, PrivateKeySize) + if _, err := io.ReadFull(rand, seed); err != nil { + return nil, err + } + return NewKeyFromSeed(seed), nil +} + +// NewKeyFromSeed generates a pair of Ed25519 keys given a private key. +func NewKeyFromSeed(seed PrivateKey) *KeyPair { + if len(seed) != PrivateKeySize { + panic("ed25519: bad private key length") + } + var P pointR1 + k := sha512.Sum512(seed) + clamp(k[:]) + reduceModOrder(k[:paramB], false) + P.fixedMult(k[:paramB]) + + pair := &KeyPair{} + copy(pair.private[:], seed) + _ = P.ToBytes(pair.public[:]) + return pair +} + +// SignPure creates a signature of a message. +func (kp *KeyPair) SignPure(message []byte) ([]byte, error) { + // 1. Hash the 32-byte private key using SHA-512. + H := sha512.New() + _, _ = H.Write(kp.private[:]) + h := H.Sum(nil) + clamp(h[:]) + prefix, s := h[paramB:], h[:paramB] + + // 2. Compute SHA-512(dom2(F, C) || prefix || PH(M)) + H.Reset() + _, _ = H.Write(prefix) + _, _ = H.Write(message) + r := H.Sum(nil) + reduceModOrder(r[:], true) + + // 3. Compute the point [r]B. + var P pointR1 + P.fixedMult(r[:paramB]) + R := (&[paramB]byte{})[:] + err := P.ToBytes(R) + + // 4. Compute SHA512(dom2(F, C) || R || A || PH(M)). + H.Reset() + _, _ = H.Write(R) + _, _ = H.Write(kp.public[:]) + _, _ = H.Write(message) + hRAM := H.Sum(nil) + + reduceModOrder(hRAM[:], true) + // 5. Compute S = (r + k * s) mod order. + S := (&[paramB]byte{})[:] + calculateS(S, r[:paramB], hRAM[:paramB], s) + + // 6. The signature is the concatenation of R and S. + var signature [SignatureSize]byte + copy(signature[:paramB], R[:]) + copy(signature[paramB:], S[:]) + return signature[:], err +} + +// Verify returns true if the signature is valid. Failure cases are invalid +// signature, or when the public key cannot be decoded. +func Verify(public PublicKey, message, signature []byte) bool { + if len(public) != PublicKeySize || + len(signature) != SignatureSize || + !isLessThanOrder(signature[paramB:]) { + return false + } + var P pointR1 + if ok := P.FromBytes(public); !ok { + return false + } + + R := signature[:paramB] + H := sha512.New() + _, _ = H.Write(R) + _, _ = H.Write(public) + _, _ = H.Write(message) + hRAM := H.Sum(nil) + reduceModOrder(hRAM[:], true) + + var Q pointR1 + encR := (&[paramB]byte{})[:] + P.neg() + Q.doubleMult(&P, signature[paramB:], hRAM[:paramB]) + _ = Q.ToBytes(encR) + return bytes.Equal(R, encR) +} + +func clamp(k []byte) { + k[0] &= 248 + k[paramB-1] = (k[paramB-1] & 127) | 64 +} + +// isLessThanOrder returns true if 0 <= x < order. +func isLessThanOrder(x []byte) bool { + i := len(order) - 1 + for i > 0 && x[i] == order[i] { + i-- + } + return x[i] < order[i] +} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/modular.go b/vendor/github.com/cloudflare/circl/sign/ed25519/modular.go new file mode 100644 index 000000000..10efafdca --- /dev/null +++ b/vendor/github.com/cloudflare/circl/sign/ed25519/modular.go @@ -0,0 +1,175 @@ +package ed25519 + +import ( + "encoding/binary" + "math/bits" +) + +var order = [paramB]byte{ + 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, + 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, +} + +// isLessThan returns true if 0 <= x < y, and assumes that slices have the same length. +func isLessThan(x, y []byte) bool { + i := len(x) - 1 + for i > 0 && x[i] == y[i] { + i-- + } + return x[i] < y[i] +} + +// reduceModOrder calculates k = k mod order of the curve. +func reduceModOrder(k []byte, is512Bit bool) { + var X [((2 * paramB) * 8) / 64]uint64 + numWords := len(k) >> 3 + for i := 0; i < numWords; i++ { + X[i] = binary.LittleEndian.Uint64(k[i*8 : (i+1)*8]) + } + red512(&X, is512Bit) + for i := 0; i < numWords; i++ { + binary.LittleEndian.PutUint64(k[i*8:(i+1)*8], X[i]) + } +} + +// red512 calculates x = x mod Order of the curve. +func red512(x *[8]uint64, full bool) { + // Implementation of Algs.(14.47)+(14.52) of Handbook of Applied + // Cryptography, by A. Menezes, P. van Oorschot, and S. Vanstone. + const ( + ell0 = uint64(0x5812631a5cf5d3ed) + ell1 = uint64(0x14def9dea2f79cd6) + ell160 = uint64(0x812631a5cf5d3ed0) + ell161 = uint64(0x4def9dea2f79cd65) + ell162 = uint64(0x0000000000000001) + ) + + var c0, c1, c2, c3 uint64 + r0, r1, r2, r3, r4 := x[0], x[1], x[2], x[3], uint64(0) + + if full { + q0, q1, q2, q3 := x[4], x[5], x[6], x[7] + + for i := 0; i < 3; i++ { + h0, s0 := bits.Mul64(q0, ell160) + h1, s1 := bits.Mul64(q1, ell160) + h2, s2 := bits.Mul64(q2, ell160) + h3, s3 := bits.Mul64(q3, ell160) + + s1, c0 = bits.Add64(h0, s1, 0) + s2, c1 = bits.Add64(h1, s2, c0) + s3, c2 = bits.Add64(h2, s3, c1) + s4, _ := bits.Add64(h3, 0, c2) + + h0, l0 := bits.Mul64(q0, ell161) + h1, l1 := bits.Mul64(q1, ell161) + h2, l2 := bits.Mul64(q2, ell161) + h3, l3 := bits.Mul64(q3, ell161) + + l1, c0 = bits.Add64(h0, l1, 0) + l2, c1 = bits.Add64(h1, l2, c0) + l3, c2 = bits.Add64(h2, l3, c1) + l4, _ := bits.Add64(h3, 0, c2) + + s1, c0 = bits.Add64(s1, l0, 0) + s2, c1 = bits.Add64(s2, l1, c0) + s3, c2 = bits.Add64(s3, l2, c1) + s4, c3 = bits.Add64(s4, l3, c2) + s5, s6 := bits.Add64(l4, 0, c3) + + s2, c0 = bits.Add64(s2, q0, 0) + s3, c1 = bits.Add64(s3, q1, c0) + s4, c2 = bits.Add64(s4, q2, c1) + s5, c3 = bits.Add64(s5, q3, c2) + s6, s7 := bits.Add64(s6, 0, c3) + + q := q0 | q1 | q2 | q3 + m := -((q | -q) >> 63) // if q=0 then m=0...0 else m=1..1 + s0 &= m + s1 &= m + s2 &= m + s3 &= m + q0, q1, q2, q3 = s4, s5, s6, s7 + + if (i+1)%2 == 0 { + r0, c0 = bits.Add64(r0, s0, 0) + r1, c1 = bits.Add64(r1, s1, c0) + r2, c2 = bits.Add64(r2, s2, c1) + r3, c3 = bits.Add64(r3, s3, c2) + r4, _ = bits.Add64(r4, 0, c3) + } else { + r0, c0 = bits.Sub64(r0, s0, 0) + r1, c1 = bits.Sub64(r1, s1, c0) + r2, c2 = bits.Sub64(r2, s2, c1) + r3, c3 = bits.Sub64(r3, s3, c2) + r4, _ = bits.Sub64(r4, 0, c3) + } + } + + m := -(r4 >> 63) + r0, c0 = bits.Add64(r0, m&ell160, 0) + r1, c1 = bits.Add64(r1, m&ell161, c0) + r2, c2 = bits.Add64(r2, m&ell162, c1) + r3, c3 = bits.Add64(r3, 0, c2) + r4, _ = bits.Add64(r4, m&1, c3) + x[4], x[5], x[6], x[7] = 0, 0, 0, 0 + } + + q0 := (r4 << 4) | (r3 >> 60) + r3 &= (uint64(1) << 60) - 1 + + h0, s0 := bits.Mul64(ell0, q0) + h1, s1 := bits.Mul64(ell1, q0) + s1, c0 = bits.Add64(h0, s1, 0) + s2, _ := bits.Add64(h1, 0, c0) + + r0, c0 = bits.Sub64(r0, s0, 0) + r1, c1 = bits.Sub64(r1, s1, c0) + r2, c2 = bits.Sub64(r2, s2, c1) + r3, _ = bits.Sub64(r3, 0, c2) + + x[0], x[1], x[2], x[3] = r0, r1, r2, r3 +} + +// calculateS performs s = r+k*a mod Order of the curve. +func calculateS(s, r, k, a []byte) { + K := [4]uint64{ + binary.LittleEndian.Uint64(k[0*8 : 1*8]), + binary.LittleEndian.Uint64(k[1*8 : 2*8]), + binary.LittleEndian.Uint64(k[2*8 : 3*8]), + binary.LittleEndian.Uint64(k[3*8 : 4*8]), + } + S := [8]uint64{ + binary.LittleEndian.Uint64(r[0*8 : 1*8]), + binary.LittleEndian.Uint64(r[1*8 : 2*8]), + binary.LittleEndian.Uint64(r[2*8 : 3*8]), + binary.LittleEndian.Uint64(r[3*8 : 4*8]), + } + var c3 uint64 + for i := range K { + ai := binary.LittleEndian.Uint64(a[i*8 : (i+1)*8]) + + h0, l0 := bits.Mul64(K[0], ai) + h1, l1 := bits.Mul64(K[1], ai) + h2, l2 := bits.Mul64(K[2], ai) + h3, l3 := bits.Mul64(K[3], ai) + + l1, c0 := bits.Add64(h0, l1, 0) + l2, c1 := bits.Add64(h1, l2, c0) + l3, c2 := bits.Add64(h2, l3, c1) + l4, _ := bits.Add64(h3, 0, c2) + + S[i+0], c0 = bits.Add64(S[i+0], l0, 0) + S[i+1], c1 = bits.Add64(S[i+1], l1, c0) + S[i+2], c2 = bits.Add64(S[i+2], l2, c1) + S[i+3], c3 = bits.Add64(S[i+3], l3, c2) + S[i+4], _ = bits.Add64(S[i+4], l4, c3) + } + red512(&S, true) + binary.LittleEndian.PutUint64(s[0*8:1*8], S[0]) + binary.LittleEndian.PutUint64(s[1*8:2*8], S[1]) + binary.LittleEndian.PutUint64(s[2*8:3*8], S[2]) + binary.LittleEndian.PutUint64(s[3*8:4*8], S[3]) +} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/mult.go b/vendor/github.com/cloudflare/circl/sign/ed25519/mult.go new file mode 100644 index 000000000..ddcd71a39 --- /dev/null +++ b/vendor/github.com/cloudflare/circl/sign/ed25519/mult.go @@ -0,0 +1,179 @@ +package ed25519 + +import ( + "crypto/subtle" + "encoding/binary" + "math/bits" + + "github.com/cloudflare/circl/internal/conv" + "github.com/cloudflare/circl/math" + fp "github.com/cloudflare/circl/math/fp25519" +) + +var paramD = fp.Elt{ + 0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75, + 0xab, 0xd8, 0x41, 0x41, 0x4d, 0x0a, 0x70, 0x00, + 0x98, 0xe8, 0x79, 0x77, 0x79, 0x40, 0xc7, 0x8c, + 0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52, +} + +// mLSBRecoding parameters. +const ( + fxT = 257 + fxV = 2 + fxW = 3 + fx2w1 = 1 << (uint(fxW) - 1) + numWords64 = (paramB * 8 / 64) +) + +// mLSBRecoding is the odd-only modified LSB-set. +// +// Reference: +// "Efficient and secure algorithms for GLV-based scalar multiplication and +// their implementation on GLV–GLS curves" by (Faz-Hernandez et al.) +// http://doi.org/10.1007/s13389-014-0085-7. +func mLSBRecoding(L []int8, k []byte) { + const ee = (fxT + fxW*fxV - 1) / (fxW * fxV) + const dd = ee * fxV + const ll = dd * fxW + if len(L) == (ll + 1) { + var m [numWords64 + 1]uint64 + for i := 0; i < numWords64; i++ { + m[i] = binary.LittleEndian.Uint64(k[8*i : 8*i+8]) + } + condAddOrderN(&m) + L[dd-1] = 1 + for i := 0; i < dd-1; i++ { + kip1 := (m[(i+1)/64] >> (uint(i+1) % 64)) & 0x1 + L[i] = int8(kip1<<1) - 1 + } + { // right-shift by d + right := uint(dd % 64) + left := uint(64) - right + lim := ((numWords64+1)*64 - dd) / 64 + j := dd / 64 + for i := 0; i < lim; i++ { + m[i] = (m[i+j] >> right) | (m[i+j+1] << left) + } + m[lim] = m[lim+j] >> right + } + for i := dd; i < ll; i++ { + L[i] = L[i%dd] * int8(m[0]&0x1) + div2subY(m[:], int64(L[i]>>1), numWords64) + } + L[ll] = int8(m[0]) + } +} + +// absolute returns always a positive value. +func absolute(x int32) int32 { + mask := x >> 31 + return (x + mask) ^ mask +} + +// condAddOrderN updates x = x+order if x is even, otherwise x remains unchanged. +func condAddOrderN(x *[numWords64 + 1]uint64) { + isOdd := (x[0] & 0x1) - 1 + c := uint64(0) + for i := 0; i < numWords64; i++ { + orderWord := binary.LittleEndian.Uint64(order[8*i : 8*i+8]) + o := isOdd & orderWord + x0, c0 := bits.Add64(x[i], o, c) + x[i] = x0 + c = c0 + } + x[numWords64], _ = bits.Add64(x[numWords64], 0, c) +} + +// div2subY update x = (x/2) - y. +func div2subY(x []uint64, y int64, l int) { + s := uint64(y >> 63) + for i := 0; i < l-1; i++ { + x[i] = (x[i] >> 1) | (x[i+1] << 63) + } + x[l-1] = (x[l-1] >> 1) + + b := uint64(0) + x0, b0 := bits.Sub64(x[0], uint64(y), b) + x[0] = x0 + b = b0 + for i := 1; i < l-1; i++ { + x0, b0 := bits.Sub64(x[i], s, b) + x[i] = x0 + b = b0 + } + x[l-1], _ = bits.Sub64(x[l-1], s, b) +} + +func (P *pointR1) fixedMult(scalar []byte) { + if len(scalar) != paramB { + panic("wrong scalar size") + } + const ee = (fxT + fxW*fxV - 1) / (fxW * fxV) + const dd = ee * fxV + const ll = dd * fxW + + L := make([]int8, ll+1) + mLSBRecoding(L[:], scalar) + S := &pointR3{} + P.SetIdentity() + for ii := ee - 1; ii >= 0; ii-- { + P.double() + for j := 0; j < fxV; j++ { + dig := L[fxW*dd-j*ee+ii-ee] + for i := (fxW-1)*dd - j*ee + ii - ee; i >= (2*dd - j*ee + ii - ee); i = i - dd { + dig = 2*dig + L[i] + } + idx := absolute(int32(dig)) + sig := L[dd-j*ee+ii-ee] + Tabj := &tabSign[fxV-j-1] + for k := 0; k < fx2w1; k++ { + S.cmov(&Tabj[k], subtle.ConstantTimeEq(int32(k), idx)) + } + S.cneg(subtle.ConstantTimeEq(int32(sig), -1)) + P.mixAdd(S) + } + } +} + +const ( + omegaFix = 7 + omegaVar = 5 +) + +// doubleMult returns P=mG+nQ. +func (P *pointR1) doubleMult(Q *pointR1, m, n []byte) { + nafFix := math.OmegaNAF(conv.BytesLe2BigInt(m), omegaFix) + nafVar := math.OmegaNAF(conv.BytesLe2BigInt(n), omegaVar) + + if len(nafFix) > len(nafVar) { + nafVar = append(nafVar, make([]int32, len(nafFix)-len(nafVar))...) + } else if len(nafFix) < len(nafVar) { + nafFix = append(nafFix, make([]int32, len(nafVar)-len(nafFix))...) + } + + var TabQ [1 << (omegaVar - 2)]pointR2 + Q.oddMultiples(TabQ[:]) + P.SetIdentity() + for i := len(nafFix) - 1; i >= 0; i-- { + P.double() + // Generator point + if nafFix[i] != 0 { + idxM := absolute(nafFix[i]) >> 1 + R := tabVerif[idxM] + if nafFix[i] < 0 { + R.neg() + } + P.mixAdd(&R) + } + // Variable input point + if nafVar[i] != 0 { + idxN := absolute(nafVar[i]) >> 1 + S := TabQ[idxN] + if nafVar[i] < 0 { + S.neg() + } + P.add(&S) + } + } +} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/point.go b/vendor/github.com/cloudflare/circl/sign/ed25519/point.go new file mode 100644 index 000000000..73505a6fd --- /dev/null +++ b/vendor/github.com/cloudflare/circl/sign/ed25519/point.go @@ -0,0 +1,193 @@ +package ed25519 + +import fp "github.com/cloudflare/circl/math/fp25519" + +type pointR1 struct{ x, y, z, ta, tb fp.Elt } +type pointR2 struct { + pointR3 + z2 fp.Elt +} +type pointR3 struct{ addYX, subYX, dt2 fp.Elt } + +func (P *pointR1) neg() { + fp.Neg(&P.x, &P.x) + fp.Neg(&P.ta, &P.ta) +} + +func (P *pointR1) SetIdentity() { + P.x = fp.Elt{} + fp.SetOne(&P.y) + fp.SetOne(&P.z) + P.ta = fp.Elt{} + P.tb = fp.Elt{} +} + +func (P *pointR1) toAffine() { + fp.Inv(&P.z, &P.z) + fp.Mul(&P.x, &P.x, &P.z) + fp.Mul(&P.y, &P.y, &P.z) + fp.Modp(&P.x) + fp.Modp(&P.y) + fp.SetOne(&P.z) + P.ta = P.x + P.tb = P.y +} + +func (P *pointR1) ToBytes(k []byte) error { + P.toAffine() + var x [fp.Size]byte + err := fp.ToBytes(k[:fp.Size], &P.y) + if err != nil { + return err + } + err = fp.ToBytes(x[:], &P.x) + if err != nil { + return err + } + b := x[0] & 1 + k[paramB-1] = k[paramB-1] | (b << 7) + return nil +} + +func (P *pointR1) FromBytes(k []byte) bool { + if len(k) != paramB { + panic("wrong size") + } + signX := k[paramB-1] >> 7 + copy(P.y[:], k[:fp.Size]) + P.y[fp.Size-1] &= 0x7F + p := fp.P() + if !isLessThan(P.y[:], p[:]) { + return false + } + + one, u, v := &fp.Elt{}, &fp.Elt{}, &fp.Elt{} + fp.SetOne(one) + fp.Sqr(u, &P.y) // u = y^2 + fp.Mul(v, u, ¶mD) // v = dy^2 + fp.Sub(u, u, one) // u = y^2-1 + fp.Add(v, v, one) // v = dy^2+1 + isQR := fp.InvSqrt(&P.x, u, v) // x = sqrt(u/v) + if !isQR { + return false + } + fp.Modp(&P.x) // x = x mod p + if fp.IsZero(&P.x) && signX == 1 { + return false + } + if signX != (P.x[0] & 1) { + fp.Neg(&P.x, &P.x) + } + P.ta = P.x + P.tb = P.y + fp.SetOne(&P.z) + return true +} + +// double calculates 2P for curves with A=-1. +func (P *pointR1) double() { + Px, Py, Pz, Pta, Ptb := &P.x, &P.y, &P.z, &P.ta, &P.tb + a, b, c, e, f, g, h := Px, Py, Pz, Pta, Px, Py, Ptb + fp.Add(e, Px, Py) // x+y + fp.Sqr(a, Px) // A = x^2 + fp.Sqr(b, Py) // B = y^2 + fp.Sqr(c, Pz) // z^2 + fp.Add(c, c, c) // C = 2*z^2 + fp.Add(h, a, b) // H = A+B + fp.Sqr(e, e) // (x+y)^2 + fp.Sub(e, e, h) // E = (x+y)^2-A-B + fp.Sub(g, b, a) // G = B-A + fp.Sub(f, c, g) // F = C-G + fp.Mul(Pz, f, g) // Z = F * G + fp.Mul(Px, e, f) // X = E * F + fp.Mul(Py, g, h) // Y = G * H, T = E * H +} + +func (P *pointR1) mixAdd(Q *pointR3) { + fp.Add(&P.z, &P.z, &P.z) // D = 2*z1 + P.coreAddition(Q) +} + +func (P *pointR1) add(Q *pointR2) { + fp.Mul(&P.z, &P.z, &Q.z2) // D = 2*z1*z2 + P.coreAddition(&Q.pointR3) +} + +// coreAddition calculates P=P+Q for curves with A=-1. +func (P *pointR1) coreAddition(Q *pointR3) { + Px, Py, Pz, Pta, Ptb := &P.x, &P.y, &P.z, &P.ta, &P.tb + addYX2, subYX2, dt2 := &Q.addYX, &Q.subYX, &Q.dt2 + a, b, c, d, e, f, g, h := Px, Py, &fp.Elt{}, Pz, Pta, Px, Py, Ptb + fp.Mul(c, Pta, Ptb) // t1 = ta*tb + fp.Sub(h, Py, Px) // y1-x1 + fp.Add(b, Py, Px) // y1+x1 + fp.Mul(a, h, subYX2) // A = (y1-x1)*(y2-x2) + fp.Mul(b, b, addYX2) // B = (y1+x1)*(y2+x2) + fp.Mul(c, c, dt2) // C = 2*D*t1*t2 + fp.Sub(e, b, a) // E = B-A + fp.Add(h, b, a) // H = B+A + fp.Sub(f, d, c) // F = D-C + fp.Add(g, d, c) // G = D+C + fp.Mul(Pz, f, g) // Z = F * G + fp.Mul(Px, e, f) // X = E * F + fp.Mul(Py, g, h) // Y = G * H, T = E * H +} + +func (P *pointR1) oddMultiples(T []pointR2) { + var R pointR2 + n := len(T) + T[0].fromR1(P) + _2P := *P + _2P.double() + R.fromR1(&_2P) + for i := 1; i < n; i++ { + P.add(&R) + T[i].fromR1(P) + } +} + +func (P *pointR1) isEqual(Q *pointR1) bool { + l, r := &fp.Elt{}, &fp.Elt{} + fp.Mul(l, &P.x, &Q.z) + fp.Mul(r, &Q.x, &P.z) + fp.Sub(l, l, r) + b := fp.IsZero(l) + fp.Mul(l, &P.y, &Q.z) + fp.Mul(r, &Q.y, &P.z) + fp.Sub(l, l, r) + b = b && fp.IsZero(l) + fp.Mul(l, &P.ta, &P.tb) + fp.Mul(l, l, &Q.z) + fp.Mul(r, &Q.ta, &Q.tb) + fp.Mul(r, r, &P.z) + fp.Sub(l, l, r) + b = b && fp.IsZero(l) + return b +} + +func (P *pointR3) neg() { + P.addYX, P.subYX = P.subYX, P.addYX + fp.Neg(&P.dt2, &P.dt2) +} + +func (P *pointR2) fromR1(Q *pointR1) { + fp.Add(&P.addYX, &Q.y, &Q.x) + fp.Sub(&P.subYX, &Q.y, &Q.x) + fp.Mul(&P.dt2, &Q.ta, &Q.tb) + fp.Mul(&P.dt2, &P.dt2, ¶mD) + fp.Add(&P.dt2, &P.dt2, &P.dt2) + fp.Add(&P.z2, &Q.z, &Q.z) +} + +func (P *pointR3) cneg(b int) { + t := &fp.Elt{} + fp.Cswap(&P.addYX, &P.subYX, uint(b)) + fp.Neg(t, &P.dt2) + fp.Cmov(&P.dt2, t, uint(b)) +} + +func (P *pointR3) cmov(Q *pointR3, b int) { + fp.Cmov(&P.addYX, &Q.addYX, uint(b)) + fp.Cmov(&P.subYX, &Q.subYX, uint(b)) + fp.Cmov(&P.dt2, &Q.dt2, uint(b)) +} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/tables.go b/vendor/github.com/cloudflare/circl/sign/ed25519/tables.go new file mode 100644 index 000000000..8763b426f --- /dev/null +++ b/vendor/github.com/cloudflare/circl/sign/ed25519/tables.go @@ -0,0 +1,213 @@ +package ed25519 + +import fp "github.com/cloudflare/circl/math/fp25519" + +var tabSign = [fxV][fx2w1]pointR3{ + { + pointR3{ + addYX: fp.Elt{0x85, 0x3b, 0x8c, 0xf5, 0xc6, 0x93, 0xbc, 0x2f, 0x19, 0x0e, 0x8c, 0xfb, 0xc6, 0x2d, 0x93, 0xcf, 0xc2, 0x42, 0x3d, 0x64, 0x98, 0x48, 0x0b, 0x27, 0x65, 0xba, 0xd4, 0x33, 0x3a, 0x9d, 0xcf, 0x07}, + subYX: fp.Elt{0x3e, 0x91, 0x40, 0xd7, 0x05, 0x39, 0x10, 0x9d, 0xb3, 0xbe, 0x40, 0xd1, 0x05, 0x9f, 0x39, 0xfd, 0x09, 0x8a, 0x8f, 0x68, 0x34, 0x84, 0xc1, 0xa5, 0x67, 0x12, 0xf8, 0x98, 0x92, 0x2f, 0xfd, 0x44}, + dt2: fp.Elt{0x68, 0xaa, 0x7a, 0x87, 0x05, 0x12, 0xc9, 0xab, 0x9e, 0xc4, 0xaa, 0xcc, 0x23, 0xe8, 0xd9, 0x26, 0x8c, 0x59, 0x43, 0xdd, 0xcb, 0x7d, 0x1b, 0x5a, 0xa8, 0x65, 0x0c, 0x9f, 0x68, 0x7b, 0x11, 0x6f}, + }, + { + addYX: fp.Elt{0x7c, 0xb0, 0x9e, 0xe6, 0xc5, 0xbf, 0xfa, 0x13, 0x8e, 0x0d, 0x22, 0xde, 0xc8, 0xd1, 0xce, 0x52, 0x02, 0xd5, 0x62, 0x31, 0x71, 0x0e, 0x8e, 0x9d, 0xb0, 0xd6, 0x00, 0xa5, 0x5a, 0x0e, 0xce, 0x72}, + subYX: fp.Elt{0x1a, 0x8e, 0x5c, 0xdc, 0xa4, 0xb3, 0x6c, 0x51, 0x18, 0xa0, 0x09, 0x80, 0x9a, 0x46, 0x33, 0xd5, 0xe0, 0x3c, 0x4d, 0x3b, 0xfc, 0x49, 0xa2, 0x43, 0x29, 0xe1, 0x29, 0xa9, 0x93, 0xea, 0x7c, 0x35}, + dt2: fp.Elt{0x08, 0x46, 0x6f, 0x68, 0x7f, 0x0b, 0x7c, 0x9e, 0xad, 0xba, 0x07, 0x61, 0x74, 0x83, 0x2f, 0xfc, 0x26, 0xd6, 0x09, 0xb9, 0x00, 0x34, 0x36, 0x4f, 0x01, 0xf3, 0x48, 0xdb, 0x43, 0xba, 0x04, 0x44}, + }, + { + addYX: fp.Elt{0x4c, 0xda, 0x0d, 0x13, 0x66, 0xfd, 0x82, 0x84, 0x9f, 0x75, 0x5b, 0xa2, 0x17, 0xfe, 0x34, 0xbf, 0x1f, 0xcb, 0xba, 0x90, 0x55, 0x80, 0x83, 0xfd, 0x63, 0xb9, 0x18, 0xf8, 0x5b, 0x5d, 0x94, 0x1e}, + subYX: fp.Elt{0xb9, 0xdb, 0x6c, 0x04, 0x88, 0x22, 0xd8, 0x79, 0x83, 0x2f, 0x8d, 0x65, 0x6b, 0xd2, 0xab, 0x1b, 0xdd, 0x65, 0xe5, 0x93, 0x63, 0xf8, 0xa2, 0xd8, 0x3c, 0xf1, 0x4b, 0xc5, 0x99, 0xd1, 0xf2, 0x12}, + dt2: fp.Elt{0x05, 0x4c, 0xb8, 0x3b, 0xfe, 0xf5, 0x9f, 0x2e, 0xd1, 0xb2, 0xb8, 0xff, 0xfe, 0x6d, 0xd9, 0x37, 0xe0, 0xae, 0xb4, 0x5a, 0x51, 0x80, 0x7e, 0x9b, 0x1d, 0xd1, 0x8d, 0x8c, 0x56, 0xb1, 0x84, 0x35}, + }, + { + addYX: fp.Elt{0x39, 0x71, 0x43, 0x34, 0xe3, 0x42, 0x45, 0xa1, 0xf2, 0x68, 0x71, 0xa7, 0xe8, 0x23, 0xfd, 0x9f, 0x86, 0x48, 0xff, 0xe5, 0x96, 0x74, 0xcf, 0x05, 0x49, 0xe2, 0xb3, 0x6c, 0x17, 0x77, 0x2f, 0x6d}, + subYX: fp.Elt{0x73, 0x3f, 0xc1, 0xc7, 0x6a, 0x66, 0xa1, 0x20, 0xdd, 0x11, 0xfb, 0x7a, 0x6e, 0xa8, 0x51, 0xb8, 0x3f, 0x9d, 0xa2, 0x97, 0x84, 0xb5, 0xc7, 0x90, 0x7c, 0xab, 0x48, 0xd6, 0x84, 0xa3, 0xd5, 0x1a}, + dt2: fp.Elt{0x63, 0x27, 0x3c, 0x49, 0x4b, 0xfc, 0x22, 0xf2, 0x0b, 0x50, 0xc2, 0x0f, 0xb4, 0x1f, 0x31, 0x0c, 0x2f, 0x53, 0xab, 0xaa, 0x75, 0x6f, 0xe0, 0x69, 0x39, 0x56, 0xe0, 0x3b, 0xb7, 0xa8, 0xbf, 0x45}, + }, + }, + { + { + addYX: fp.Elt{0x00, 0x45, 0xd9, 0x0d, 0x58, 0x03, 0xfc, 0x29, 0x93, 0xec, 0xbb, 0x6f, 0xa4, 0x7a, 0xd2, 0xec, 0xf8, 0xa7, 0xe2, 0xc2, 0x5f, 0x15, 0x0a, 0x13, 0xd5, 0xa1, 0x06, 0xb7, 0x1a, 0x15, 0x6b, 0x41}, + subYX: fp.Elt{0x85, 0x8c, 0xb2, 0x17, 0xd6, 0x3b, 0x0a, 0xd3, 0xea, 0x3b, 0x77, 0x39, 0xb7, 0x77, 0xd3, 0xc5, 0xbf, 0x5c, 0x6a, 0x1e, 0x8c, 0xe7, 0xc6, 0xc6, 0xc4, 0xb7, 0x2a, 0x8b, 0xf7, 0xb8, 0x61, 0x0d}, + dt2: fp.Elt{0xb0, 0x36, 0xc1, 0xe9, 0xef, 0xd7, 0xa8, 0x56, 0x20, 0x4b, 0xe4, 0x58, 0xcd, 0xe5, 0x07, 0xbd, 0xab, 0xe0, 0x57, 0x1b, 0xda, 0x2f, 0xe6, 0xaf, 0xd2, 0xe8, 0x77, 0x42, 0xf7, 0x2a, 0x1a, 0x19}, + }, + { + addYX: fp.Elt{0x6a, 0x6d, 0x6d, 0xd1, 0xfa, 0xf5, 0x03, 0x30, 0xbd, 0x6d, 0xc2, 0xc8, 0xf5, 0x38, 0x80, 0x4f, 0xb2, 0xbe, 0xa1, 0x76, 0x50, 0x1a, 0x73, 0xf2, 0x78, 0x2b, 0x8e, 0x3a, 0x1e, 0x34, 0x47, 0x7b}, + subYX: fp.Elt{0xc3, 0x2c, 0x36, 0xdc, 0xc5, 0x45, 0xbc, 0xef, 0x1b, 0x64, 0xd6, 0x65, 0x28, 0xe9, 0xda, 0x84, 0x13, 0xbe, 0x27, 0x8e, 0x3f, 0x98, 0x2a, 0x37, 0xee, 0x78, 0x97, 0xd6, 0xc0, 0x6f, 0xb4, 0x53}, + dt2: fp.Elt{0x58, 0x5d, 0xa7, 0xa3, 0x68, 0xbb, 0x20, 0x30, 0x2e, 0x03, 0xe9, 0xb1, 0xd4, 0x90, 0x72, 0xe3, 0x71, 0xb2, 0x36, 0x3e, 0x73, 0xa0, 0x2e, 0x3d, 0xd1, 0x85, 0x33, 0x62, 0x4e, 0xa7, 0x7b, 0x31}, + }, + { + addYX: fp.Elt{0xbf, 0xc4, 0x38, 0x53, 0xfb, 0x68, 0xa9, 0x77, 0xce, 0x55, 0xf9, 0x05, 0xcb, 0xeb, 0xfb, 0x8c, 0x46, 0xc2, 0x32, 0x7c, 0xf0, 0xdb, 0xd7, 0x2c, 0x62, 0x8e, 0xdd, 0x54, 0x75, 0xcf, 0x3f, 0x33}, + subYX: fp.Elt{0x49, 0x50, 0x1f, 0x4e, 0x6e, 0x55, 0x55, 0xde, 0x8c, 0x4e, 0x77, 0x96, 0x38, 0x3b, 0xfe, 0xb6, 0x43, 0x3c, 0x86, 0x69, 0xc2, 0x72, 0x66, 0x1f, 0x6b, 0xf9, 0x87, 0xbc, 0x4f, 0x37, 0x3e, 0x3c}, + dt2: fp.Elt{0xd2, 0x2f, 0x06, 0x6b, 0x08, 0x07, 0x69, 0x77, 0xc0, 0x94, 0xcc, 0xae, 0x43, 0x00, 0x59, 0x6e, 0xa3, 0x63, 0xa8, 0xdd, 0xfa, 0x24, 0x18, 0xd0, 0x35, 0xc7, 0x78, 0xf7, 0x0d, 0xd4, 0x5a, 0x1e}, + }, + { + addYX: fp.Elt{0x45, 0xc1, 0x17, 0x51, 0xf8, 0xed, 0x7e, 0xc7, 0xa9, 0x1a, 0x11, 0x6e, 0x2d, 0xef, 0x0b, 0xd5, 0x3f, 0x98, 0xb0, 0xa3, 0x9d, 0x65, 0xf1, 0xcd, 0x53, 0x4a, 0x8a, 0x18, 0x70, 0x0a, 0x7f, 0x23}, + subYX: fp.Elt{0xdd, 0xef, 0xbe, 0x3a, 0x31, 0xe0, 0xbc, 0xbe, 0x6d, 0x5d, 0x79, 0x87, 0xd6, 0xbe, 0x68, 0xe3, 0x59, 0x76, 0x8c, 0x86, 0x0e, 0x7a, 0x92, 0x13, 0x14, 0x8f, 0x67, 0xb3, 0xcb, 0x1a, 0x76, 0x76}, + dt2: fp.Elt{0x56, 0x7a, 0x1c, 0x9d, 0xca, 0x96, 0xf9, 0xf9, 0x03, 0x21, 0xd4, 0xe8, 0xb3, 0xd5, 0xe9, 0x52, 0xc8, 0x54, 0x1e, 0x1b, 0x13, 0xb6, 0xfd, 0x47, 0x7d, 0x02, 0x32, 0x33, 0x27, 0xe2, 0x1f, 0x19}, + }, + }, +} + +var tabVerif = [1 << (omegaFix - 2)]pointR3{ + { /* 1P */ + addYX: fp.Elt{0x85, 0x3b, 0x8c, 0xf5, 0xc6, 0x93, 0xbc, 0x2f, 0x19, 0x0e, 0x8c, 0xfb, 0xc6, 0x2d, 0x93, 0xcf, 0xc2, 0x42, 0x3d, 0x64, 0x98, 0x48, 0x0b, 0x27, 0x65, 0xba, 0xd4, 0x33, 0x3a, 0x9d, 0xcf, 0x07}, + subYX: fp.Elt{0x3e, 0x91, 0x40, 0xd7, 0x05, 0x39, 0x10, 0x9d, 0xb3, 0xbe, 0x40, 0xd1, 0x05, 0x9f, 0x39, 0xfd, 0x09, 0x8a, 0x8f, 0x68, 0x34, 0x84, 0xc1, 0xa5, 0x67, 0x12, 0xf8, 0x98, 0x92, 0x2f, 0xfd, 0x44}, + dt2: fp.Elt{0x68, 0xaa, 0x7a, 0x87, 0x05, 0x12, 0xc9, 0xab, 0x9e, 0xc4, 0xaa, 0xcc, 0x23, 0xe8, 0xd9, 0x26, 0x8c, 0x59, 0x43, 0xdd, 0xcb, 0x7d, 0x1b, 0x5a, 0xa8, 0x65, 0x0c, 0x9f, 0x68, 0x7b, 0x11, 0x6f}, + }, + { /* 3P */ + addYX: fp.Elt{0x30, 0x97, 0xee, 0x4c, 0xa8, 0xb0, 0x25, 0xaf, 0x8a, 0x4b, 0x86, 0xe8, 0x30, 0x84, 0x5a, 0x02, 0x32, 0x67, 0x01, 0x9f, 0x02, 0x50, 0x1b, 0xc1, 0xf4, 0xf8, 0x80, 0x9a, 0x1b, 0x4e, 0x16, 0x7a}, + subYX: fp.Elt{0x65, 0xd2, 0xfc, 0xa4, 0xe8, 0x1f, 0x61, 0x56, 0x7d, 0xba, 0xc1, 0xe5, 0xfd, 0x53, 0xd3, 0x3b, 0xbd, 0xd6, 0x4b, 0x21, 0x1a, 0xf3, 0x31, 0x81, 0x62, 0xda, 0x5b, 0x55, 0x87, 0x15, 0xb9, 0x2a}, + dt2: fp.Elt{0x89, 0xd8, 0xd0, 0x0d, 0x3f, 0x93, 0xae, 0x14, 0x62, 0xda, 0x35, 0x1c, 0x22, 0x23, 0x94, 0x58, 0x4c, 0xdb, 0xf2, 0x8c, 0x45, 0xe5, 0x70, 0xd1, 0xc6, 0xb4, 0xb9, 0x12, 0xaf, 0x26, 0x28, 0x5a}, + }, + { /* 5P */ + addYX: fp.Elt{0x33, 0xbb, 0xa5, 0x08, 0x44, 0xbc, 0x12, 0xa2, 0x02, 0xed, 0x5e, 0xc7, 0xc3, 0x48, 0x50, 0x8d, 0x44, 0xec, 0xbf, 0x5a, 0x0c, 0xeb, 0x1b, 0xdd, 0xeb, 0x06, 0xe2, 0x46, 0xf1, 0xcc, 0x45, 0x29}, + subYX: fp.Elt{0xba, 0xd6, 0x47, 0xa4, 0xc3, 0x82, 0x91, 0x7f, 0xb7, 0x29, 0x27, 0x4b, 0xd1, 0x14, 0x00, 0xd5, 0x87, 0xa0, 0x64, 0xb8, 0x1c, 0xf1, 0x3c, 0xe3, 0xf3, 0x55, 0x1b, 0xeb, 0x73, 0x7e, 0x4a, 0x15}, + dt2: fp.Elt{0x85, 0x82, 0x2a, 0x81, 0xf1, 0xdb, 0xbb, 0xbc, 0xfc, 0xd1, 0xbd, 0xd0, 0x07, 0x08, 0x0e, 0x27, 0x2d, 0xa7, 0xbd, 0x1b, 0x0b, 0x67, 0x1b, 0xb4, 0x9a, 0xb6, 0x3b, 0x6b, 0x69, 0xbe, 0xaa, 0x43}, + }, + { /* 7P */ + addYX: fp.Elt{0xbf, 0xa3, 0x4e, 0x94, 0xd0, 0x5c, 0x1a, 0x6b, 0xd2, 0xc0, 0x9d, 0xb3, 0x3a, 0x35, 0x70, 0x74, 0x49, 0x2e, 0x54, 0x28, 0x82, 0x52, 0xb2, 0x71, 0x7e, 0x92, 0x3c, 0x28, 0x69, 0xea, 0x1b, 0x46}, + subYX: fp.Elt{0xb1, 0x21, 0x32, 0xaa, 0x9a, 0x2c, 0x6f, 0xba, 0xa7, 0x23, 0xba, 0x3b, 0x53, 0x21, 0xa0, 0x6c, 0x3a, 0x2c, 0x19, 0x92, 0x4f, 0x76, 0xea, 0x9d, 0xe0, 0x17, 0x53, 0x2e, 0x5d, 0xdd, 0x6e, 0x1d}, + dt2: fp.Elt{0xa2, 0xb3, 0xb8, 0x01, 0xc8, 0x6d, 0x83, 0xf1, 0x9a, 0xa4, 0x3e, 0x05, 0x47, 0x5f, 0x03, 0xb3, 0xf3, 0xad, 0x77, 0x58, 0xba, 0x41, 0x9c, 0x52, 0xa7, 0x90, 0x0f, 0x6a, 0x1c, 0xbb, 0x9f, 0x7a}, + }, + { /* 9P */ + addYX: fp.Elt{0x2f, 0x63, 0xa8, 0xa6, 0x8a, 0x67, 0x2e, 0x9b, 0xc5, 0x46, 0xbc, 0x51, 0x6f, 0x9e, 0x50, 0xa6, 0xb5, 0xf5, 0x86, 0xc6, 0xc9, 0x33, 0xb2, 0xce, 0x59, 0x7f, 0xdd, 0x8a, 0x33, 0xed, 0xb9, 0x34}, + subYX: fp.Elt{0x64, 0x80, 0x9d, 0x03, 0x7e, 0x21, 0x6e, 0xf3, 0x9b, 0x41, 0x20, 0xf5, 0xb6, 0x81, 0xa0, 0x98, 0x44, 0xb0, 0x5e, 0xe7, 0x08, 0xc6, 0xcb, 0x96, 0x8f, 0x9c, 0xdc, 0xfa, 0x51, 0x5a, 0xc0, 0x49}, + dt2: fp.Elt{0x1b, 0xaf, 0x45, 0x90, 0xbf, 0xe8, 0xb4, 0x06, 0x2f, 0xd2, 0x19, 0xa7, 0xe8, 0x83, 0xff, 0xe2, 0x16, 0xcf, 0xd4, 0x93, 0x29, 0xfc, 0xf6, 0xaa, 0x06, 0x8b, 0x00, 0x1b, 0x02, 0x72, 0xc1, 0x73}, + }, + { /* 11P */ + addYX: fp.Elt{0xde, 0x2a, 0x80, 0x8a, 0x84, 0x00, 0xbf, 0x2f, 0x27, 0x2e, 0x30, 0x02, 0xcf, 0xfe, 0xd9, 0xe5, 0x06, 0x34, 0x70, 0x17, 0x71, 0x84, 0x3e, 0x11, 0xaf, 0x8f, 0x6d, 0x54, 0xe2, 0xaa, 0x75, 0x42}, + subYX: fp.Elt{0x48, 0x43, 0x86, 0x49, 0x02, 0x5b, 0x5f, 0x31, 0x81, 0x83, 0x08, 0x77, 0x69, 0xb3, 0xd6, 0x3e, 0x95, 0xeb, 0x8d, 0x6a, 0x55, 0x75, 0xa0, 0xa3, 0x7f, 0xc7, 0xd5, 0x29, 0x80, 0x59, 0xab, 0x18}, + dt2: fp.Elt{0xe9, 0x89, 0x60, 0xfd, 0xc5, 0x2c, 0x2b, 0xd8, 0xa4, 0xe4, 0x82, 0x32, 0xa1, 0xb4, 0x1e, 0x03, 0x22, 0x86, 0x1a, 0xb5, 0x99, 0x11, 0x31, 0x44, 0x48, 0xf9, 0x3d, 0xb5, 0x22, 0x55, 0xc6, 0x3d}, + }, + { /* 13P */ + addYX: fp.Elt{0x6d, 0x7f, 0x00, 0xa2, 0x22, 0xc2, 0x70, 0xbf, 0xdb, 0xde, 0xbc, 0xb5, 0x9a, 0xb3, 0x84, 0xbf, 0x07, 0xba, 0x07, 0xfb, 0x12, 0x0e, 0x7a, 0x53, 0x41, 0xf2, 0x46, 0xc3, 0xee, 0xd7, 0x4f, 0x23}, + subYX: fp.Elt{0x93, 0xbf, 0x7f, 0x32, 0x3b, 0x01, 0x6f, 0x50, 0x6b, 0x6f, 0x77, 0x9b, 0xc9, 0xeb, 0xfc, 0xae, 0x68, 0x59, 0xad, 0xaa, 0x32, 0xb2, 0x12, 0x9d, 0xa7, 0x24, 0x60, 0x17, 0x2d, 0x88, 0x67, 0x02}, + dt2: fp.Elt{0x78, 0xa3, 0x2e, 0x73, 0x19, 0xa1, 0x60, 0x53, 0x71, 0xd4, 0x8d, 0xdf, 0xb1, 0xe6, 0x37, 0x24, 0x33, 0xe5, 0xa7, 0x91, 0xf8, 0x37, 0xef, 0xa2, 0x63, 0x78, 0x09, 0xaa, 0xfd, 0xa6, 0x7b, 0x49}, + }, + { /* 15P */ + addYX: fp.Elt{0xa0, 0xea, 0xcf, 0x13, 0x03, 0xcc, 0xce, 0x24, 0x6d, 0x24, 0x9c, 0x18, 0x8d, 0xc2, 0x48, 0x86, 0xd0, 0xd4, 0xf2, 0xc1, 0xfa, 0xbd, 0xbd, 0x2d, 0x2b, 0xe7, 0x2d, 0xf1, 0x17, 0x29, 0xe2, 0x61}, + subYX: fp.Elt{0x0b, 0xcf, 0x8c, 0x46, 0x86, 0xcd, 0x0b, 0x04, 0xd6, 0x10, 0x99, 0x2a, 0xa4, 0x9b, 0x82, 0xd3, 0x92, 0x51, 0xb2, 0x07, 0x08, 0x30, 0x08, 0x75, 0xbf, 0x5e, 0xd0, 0x18, 0x42, 0xcd, 0xb5, 0x43}, + dt2: fp.Elt{0x16, 0xb5, 0xd0, 0x9b, 0x2f, 0x76, 0x9a, 0x5d, 0xee, 0xde, 0x3f, 0x37, 0x4e, 0xaf, 0x38, 0xeb, 0x70, 0x42, 0xd6, 0x93, 0x7d, 0x5a, 0x2e, 0x03, 0x42, 0xd8, 0xe4, 0x0a, 0x21, 0x61, 0x1d, 0x51}, + }, + { /* 17P */ + addYX: fp.Elt{0x81, 0x9d, 0x0e, 0x95, 0xef, 0x76, 0xc6, 0x92, 0x4f, 0x04, 0xd7, 0xc0, 0xcd, 0x20, 0x46, 0xa5, 0x48, 0x12, 0x8f, 0x6f, 0x64, 0x36, 0x9b, 0xaa, 0xe3, 0x55, 0xb8, 0xdd, 0x24, 0x59, 0x32, 0x6d}, + subYX: fp.Elt{0x87, 0xde, 0x20, 0x44, 0x48, 0x86, 0x13, 0x08, 0xb4, 0xed, 0x92, 0xb5, 0x16, 0xf0, 0x1c, 0x8a, 0x25, 0x2d, 0x94, 0x29, 0x27, 0x4e, 0xfa, 0x39, 0x10, 0x28, 0x48, 0xe2, 0x6f, 0xfe, 0xa7, 0x71}, + dt2: fp.Elt{0x54, 0xc8, 0xc8, 0xa5, 0xb8, 0x82, 0x71, 0x6c, 0x03, 0x2a, 0x5f, 0xfe, 0x79, 0x14, 0xfd, 0x33, 0x0c, 0x8d, 0x77, 0x83, 0x18, 0x59, 0xcf, 0x72, 0xa9, 0xea, 0x9e, 0x55, 0xb6, 0xc4, 0x46, 0x47}, + }, + { /* 19P */ + addYX: fp.Elt{0x2b, 0x9a, 0xc6, 0x6d, 0x3c, 0x7b, 0x77, 0xd3, 0x17, 0xf6, 0x89, 0x6f, 0x27, 0xb2, 0xfa, 0xde, 0xb5, 0x16, 0x3a, 0xb5, 0xf7, 0x1c, 0x65, 0x45, 0xb7, 0x9f, 0xfe, 0x34, 0xde, 0x51, 0x9a, 0x5c}, + subYX: fp.Elt{0x47, 0x11, 0x74, 0x64, 0xc8, 0x46, 0x85, 0x34, 0x49, 0xc8, 0xfc, 0x0e, 0xdd, 0xae, 0x35, 0x7d, 0x32, 0xa3, 0x72, 0x06, 0x76, 0x9a, 0x93, 0xff, 0xd6, 0xe6, 0xb5, 0x7d, 0x49, 0x63, 0x96, 0x21}, + dt2: fp.Elt{0x67, 0x0e, 0xf1, 0x79, 0xcf, 0xf1, 0x10, 0xf5, 0x5b, 0x51, 0x58, 0xe6, 0xa1, 0xda, 0xdd, 0xff, 0x77, 0x22, 0x14, 0x10, 0x17, 0xa7, 0xc3, 0x09, 0xbb, 0x23, 0x82, 0x60, 0x3c, 0x50, 0x04, 0x48}, + }, + { /* 21P */ + addYX: fp.Elt{0xc7, 0x7f, 0xa3, 0x2c, 0xd0, 0x9e, 0x24, 0xc4, 0xab, 0xac, 0x15, 0xa6, 0xe3, 0xa0, 0x59, 0xa0, 0x23, 0x0e, 0x6e, 0xc9, 0xd7, 0x6e, 0xa9, 0x88, 0x6d, 0x69, 0x50, 0x16, 0xa5, 0x98, 0x33, 0x55}, + subYX: fp.Elt{0x75, 0xd1, 0x36, 0x3a, 0xd2, 0x21, 0x68, 0x3b, 0x32, 0x9e, 0x9b, 0xe9, 0xa7, 0x0a, 0xb4, 0xbb, 0x47, 0x8a, 0x83, 0x20, 0xe4, 0x5c, 0x9e, 0x5d, 0x5e, 0x4c, 0xde, 0x58, 0x88, 0x09, 0x1e, 0x77}, + dt2: fp.Elt{0xdf, 0x1e, 0x45, 0x78, 0xd2, 0xf5, 0x12, 0x9a, 0xcb, 0x9c, 0x89, 0x85, 0x79, 0x5d, 0xda, 0x3a, 0x08, 0x95, 0xa5, 0x9f, 0x2d, 0x4a, 0x7f, 0x47, 0x11, 0xa6, 0xf5, 0x8f, 0xd6, 0xd1, 0x5e, 0x5a}, + }, + { /* 23P */ + addYX: fp.Elt{0x83, 0x0e, 0x15, 0xfe, 0x2a, 0x12, 0x95, 0x11, 0xd8, 0x35, 0x4b, 0x7e, 0x25, 0x9a, 0x20, 0xcf, 0x20, 0x1e, 0x71, 0x1e, 0x29, 0xf8, 0x87, 0x73, 0xf0, 0x92, 0xbf, 0xd8, 0x97, 0xb8, 0xac, 0x44}, + subYX: fp.Elt{0x59, 0x73, 0x52, 0x58, 0xc5, 0xe0, 0xe5, 0xba, 0x7e, 0x9d, 0xdb, 0xca, 0x19, 0x5c, 0x2e, 0x39, 0xe9, 0xab, 0x1c, 0xda, 0x1e, 0x3c, 0x65, 0x28, 0x44, 0xdc, 0xef, 0x5f, 0x13, 0x60, 0x9b, 0x01}, + dt2: fp.Elt{0x83, 0x4b, 0x13, 0x5e, 0x14, 0x68, 0x60, 0x1e, 0x16, 0x4c, 0x30, 0x24, 0x4f, 0xe6, 0xf5, 0xc4, 0xd7, 0x3e, 0x1a, 0xfc, 0xa8, 0x88, 0x6e, 0x50, 0x92, 0x2f, 0xad, 0xe6, 0xfd, 0x49, 0x0c, 0x15}, + }, + { /* 25P */ + addYX: fp.Elt{0x38, 0x11, 0x47, 0x09, 0x95, 0xf2, 0x7b, 0x8e, 0x51, 0xa6, 0x75, 0x4f, 0x39, 0xef, 0x6f, 0x5d, 0xad, 0x08, 0xa7, 0x25, 0xc4, 0x79, 0xaf, 0x10, 0x22, 0x99, 0xb9, 0x5b, 0x07, 0x5a, 0x2b, 0x6b}, + subYX: fp.Elt{0x68, 0xa8, 0xdc, 0x9c, 0x3c, 0x86, 0x49, 0xb8, 0xd0, 0x4a, 0x71, 0xb8, 0xdb, 0x44, 0x3f, 0xc8, 0x8d, 0x16, 0x36, 0x0c, 0x56, 0xe3, 0x3e, 0xfe, 0xc1, 0xfb, 0x05, 0x1e, 0x79, 0xd7, 0xa6, 0x78}, + dt2: fp.Elt{0x76, 0xb9, 0xa0, 0x47, 0x4b, 0x70, 0xbf, 0x58, 0xd5, 0x48, 0x17, 0x74, 0x55, 0xb3, 0x01, 0xa6, 0x90, 0xf5, 0x42, 0xd5, 0xb1, 0x1f, 0x2b, 0xaa, 0x00, 0x5d, 0xd5, 0x4a, 0xfc, 0x7f, 0x5c, 0x72}, + }, + { /* 27P */ + addYX: fp.Elt{0xb2, 0x99, 0xcf, 0xd1, 0x15, 0x67, 0x42, 0xe4, 0x34, 0x0d, 0xa2, 0x02, 0x11, 0xd5, 0x52, 0x73, 0x9f, 0x10, 0x12, 0x8b, 0x7b, 0x15, 0xd1, 0x23, 0xa3, 0xf3, 0xb1, 0x7c, 0x27, 0xc9, 0x4c, 0x79}, + subYX: fp.Elt{0xc0, 0x98, 0xd0, 0x1c, 0xf7, 0x2b, 0x80, 0x91, 0x66, 0x63, 0x5e, 0xed, 0xa4, 0x6c, 0x41, 0xfe, 0x4c, 0x99, 0x02, 0x49, 0x71, 0x5d, 0x58, 0xdf, 0xe7, 0xfa, 0x55, 0xf8, 0x25, 0x46, 0xd5, 0x4c}, + dt2: fp.Elt{0x53, 0x50, 0xac, 0xc2, 0x26, 0xc4, 0xf6, 0x4a, 0x58, 0x72, 0xf6, 0x32, 0xad, 0xed, 0x9a, 0xbc, 0x21, 0x10, 0x31, 0x0a, 0xf1, 0x32, 0xd0, 0x2a, 0x85, 0x8e, 0xcc, 0x6f, 0x7b, 0x35, 0x08, 0x70}, + }, + { /* 29P */ + addYX: fp.Elt{0x01, 0x3f, 0x77, 0x38, 0x27, 0x67, 0x88, 0x0b, 0xfb, 0xcc, 0xfb, 0x95, 0xfa, 0xc8, 0xcc, 0xb8, 0xb6, 0x29, 0xad, 0xb9, 0xa3, 0xd5, 0x2d, 0x8d, 0x6a, 0x0f, 0xad, 0x51, 0x98, 0x7e, 0xef, 0x06}, + subYX: fp.Elt{0x34, 0x4a, 0x58, 0x82, 0xbb, 0x9f, 0x1b, 0xd0, 0x2b, 0x79, 0xb4, 0xd2, 0x63, 0x64, 0xab, 0x47, 0x02, 0x62, 0x53, 0x48, 0x9c, 0x63, 0x31, 0xb6, 0x28, 0xd4, 0xd6, 0x69, 0x36, 0x2a, 0xa9, 0x13}, + dt2: fp.Elt{0xe5, 0x7d, 0x57, 0xc0, 0x1c, 0x77, 0x93, 0xca, 0x5c, 0xdc, 0x35, 0x50, 0x1e, 0xe4, 0x40, 0x75, 0x71, 0xe0, 0x02, 0xd8, 0x01, 0x0f, 0x68, 0x24, 0x6a, 0xf8, 0x2a, 0x8a, 0xdf, 0x6d, 0x29, 0x3c}, + }, + { /* 31P */ + addYX: fp.Elt{0x13, 0xa7, 0x14, 0xd9, 0xf9, 0x15, 0xad, 0xae, 0x12, 0xf9, 0x8f, 0x8c, 0xf9, 0x7b, 0x2f, 0xa9, 0x30, 0xd7, 0x53, 0x9f, 0x17, 0x23, 0xf8, 0xaf, 0xba, 0x77, 0x0c, 0x49, 0x93, 0xd3, 0x99, 0x7a}, + subYX: fp.Elt{0x41, 0x25, 0x1f, 0xbb, 0x2e, 0x4d, 0xeb, 0xfc, 0x1f, 0xb9, 0xad, 0x40, 0xc7, 0x10, 0x95, 0xb8, 0x05, 0xad, 0xa1, 0xd0, 0x7d, 0xa3, 0x71, 0xfc, 0x7b, 0x71, 0x47, 0x07, 0x70, 0x2c, 0x89, 0x0a}, + dt2: fp.Elt{0xe8, 0xa3, 0xbd, 0x36, 0x24, 0xed, 0x52, 0x8f, 0x94, 0x07, 0xe8, 0x57, 0x41, 0xc8, 0xa8, 0x77, 0xe0, 0x9c, 0x2f, 0x26, 0x63, 0x65, 0xa9, 0xa5, 0xd2, 0xf7, 0x02, 0x83, 0xd2, 0x62, 0x67, 0x28}, + }, + { /* 33P */ + addYX: fp.Elt{0x25, 0x5b, 0xe3, 0x3c, 0x09, 0x36, 0x78, 0x4e, 0x97, 0xaa, 0x6b, 0xb2, 0x1d, 0x18, 0xe1, 0x82, 0x3f, 0xb8, 0xc7, 0xcb, 0xd3, 0x92, 0xc1, 0x0c, 0x3a, 0x9d, 0x9d, 0x6a, 0x04, 0xda, 0xf1, 0x32}, + subYX: fp.Elt{0xbd, 0xf5, 0x2e, 0xce, 0x2b, 0x8e, 0x55, 0x7c, 0x63, 0xbc, 0x47, 0x67, 0xb4, 0x6c, 0x98, 0xe4, 0xb8, 0x89, 0xbb, 0x3b, 0x9f, 0x17, 0x4a, 0x15, 0x7a, 0x76, 0xf1, 0xd6, 0xa3, 0xf2, 0x86, 0x76}, + dt2: fp.Elt{0x6a, 0x7c, 0x59, 0x6d, 0xa6, 0x12, 0x8d, 0xaa, 0x2b, 0x85, 0xd3, 0x04, 0x03, 0x93, 0x11, 0x8f, 0x22, 0xb0, 0x09, 0xc2, 0x73, 0xdc, 0x91, 0x3f, 0xa6, 0x28, 0xad, 0xa9, 0xf8, 0x05, 0x13, 0x56}, + }, + { /* 35P */ + addYX: fp.Elt{0xd1, 0xae, 0x92, 0xec, 0x8d, 0x97, 0x0c, 0x10, 0xe5, 0x73, 0x6d, 0x4d, 0x43, 0xd5, 0x43, 0xca, 0x48, 0xba, 0x47, 0xd8, 0x22, 0x1b, 0x13, 0x83, 0x2c, 0x4d, 0x5d, 0xe3, 0x53, 0xec, 0xaa}, + subYX: fp.Elt{0xd5, 0xc0, 0xb0, 0xe7, 0x28, 0xcc, 0x22, 0x67, 0x53, 0x5c, 0x07, 0xdb, 0xbb, 0xe9, 0x9d, 0x70, 0x61, 0x0a, 0x01, 0xd7, 0xa7, 0x8d, 0xf6, 0xca, 0x6c, 0xcc, 0x57, 0x2c, 0xef, 0x1a, 0x0a, 0x03}, + dt2: fp.Elt{0xaa, 0xd2, 0x3a, 0x00, 0x73, 0xf7, 0xb1, 0x7b, 0x08, 0x66, 0x21, 0x2b, 0x80, 0x29, 0x3f, 0x0b, 0x3e, 0xd2, 0x0e, 0x52, 0x86, 0xdc, 0x21, 0x78, 0x80, 0x54, 0x06, 0x24, 0x1c, 0x9c, 0xbe, 0x20}, + }, + { /* 37P */ + addYX: fp.Elt{0xa6, 0x73, 0x96, 0x24, 0xd8, 0x87, 0x53, 0xe1, 0x93, 0xe4, 0x46, 0xf5, 0x2d, 0xbc, 0x43, 0x59, 0xb5, 0x63, 0x6f, 0xc3, 0x81, 0x9a, 0x7f, 0x1c, 0xde, 0xc1, 0x0a, 0x1f, 0x36, 0xb3, 0x0a, 0x75}, + subYX: fp.Elt{0x60, 0x5e, 0x02, 0xe2, 0x4a, 0xe4, 0xe0, 0x20, 0x38, 0xb9, 0xdc, 0xcb, 0x2f, 0x3b, 0x3b, 0xb0, 0x1c, 0x0d, 0x5a, 0xf9, 0x9c, 0x63, 0x5d, 0x10, 0x11, 0xe3, 0x67, 0x50, 0x54, 0x4c, 0x76, 0x69}, + dt2: fp.Elt{0x37, 0x10, 0xf8, 0xa2, 0x83, 0x32, 0x8a, 0x1e, 0xf1, 0xcb, 0x7f, 0xbd, 0x23, 0xda, 0x2e, 0x6f, 0x63, 0x25, 0x2e, 0xac, 0x5b, 0xd1, 0x2f, 0xb7, 0x40, 0x50, 0x07, 0xb7, 0x3f, 0x6b, 0xf9, 0x54}, + }, + { /* 39P */ + addYX: fp.Elt{0x79, 0x92, 0x66, 0x29, 0x04, 0xf2, 0xad, 0x0f, 0x4a, 0x72, 0x7d, 0x7d, 0x04, 0xa2, 0xdd, 0x3a, 0xf1, 0x60, 0x57, 0x8c, 0x82, 0x94, 0x3d, 0x6f, 0x9e, 0x53, 0xb7, 0x2b, 0xc5, 0xe9, 0x7f, 0x3d}, + subYX: fp.Elt{0xcd, 0x1e, 0xb1, 0x16, 0xc6, 0xaf, 0x7d, 0x17, 0x79, 0x64, 0x57, 0xfa, 0x9c, 0x4b, 0x76, 0x89, 0x85, 0xe7, 0xec, 0xe6, 0x10, 0xa1, 0xa8, 0xb7, 0xf0, 0xdb, 0x85, 0xbe, 0x9f, 0x83, 0xe6, 0x78}, + dt2: fp.Elt{0x6b, 0x85, 0xb8, 0x37, 0xf7, 0x2d, 0x33, 0x70, 0x8a, 0x17, 0x1a, 0x04, 0x43, 0x5d, 0xd0, 0x75, 0x22, 0x9e, 0xe5, 0xa0, 0x4a, 0xf7, 0x0f, 0x32, 0x42, 0x82, 0x08, 0x50, 0xf3, 0x68, 0xf2, 0x70}, + }, + { /* 41P */ + addYX: fp.Elt{0x47, 0x5f, 0x80, 0xb1, 0x83, 0x45, 0x86, 0x66, 0x19, 0x7c, 0xdd, 0x60, 0xd1, 0xc5, 0x35, 0xf5, 0x06, 0xb0, 0x4c, 0x1e, 0xb7, 0x4e, 0x87, 0xe9, 0xd9, 0x89, 0xd8, 0xfa, 0x5c, 0x34, 0x0d, 0x7c}, + subYX: fp.Elt{0x55, 0xf3, 0xdc, 0x70, 0x20, 0x11, 0x24, 0x23, 0x17, 0xe1, 0xfc, 0xe7, 0x7e, 0xc9, 0x0c, 0x38, 0x98, 0xb6, 0x52, 0x35, 0xed, 0xde, 0x1d, 0xb3, 0xb9, 0xc4, 0xb8, 0x39, 0xc0, 0x56, 0x4e, 0x40}, + dt2: fp.Elt{0x8a, 0x33, 0x78, 0x8c, 0x4b, 0x1f, 0x1f, 0x59, 0xe1, 0xb5, 0xe0, 0x67, 0xb1, 0x6a, 0x36, 0xa0, 0x44, 0x3d, 0x5f, 0xb4, 0x52, 0x41, 0xbc, 0x5c, 0x77, 0xc7, 0xae, 0x2a, 0x76, 0x54, 0xd7, 0x20}, + }, + { /* 43P */ + addYX: fp.Elt{0x58, 0xb7, 0x3b, 0xc7, 0x6f, 0xc3, 0x8f, 0x5e, 0x9a, 0xbb, 0x3c, 0x36, 0xa5, 0x43, 0xe5, 0xac, 0x22, 0xc9, 0x3b, 0x90, 0x7d, 0x4a, 0x93, 0xa9, 0x62, 0xec, 0xce, 0xf3, 0x46, 0x1e, 0x8f, 0x2b}, + subYX: fp.Elt{0x43, 0xf5, 0xb9, 0x35, 0xb1, 0xfe, 0x74, 0x9d, 0x6c, 0x95, 0x8c, 0xde, 0xf1, 0x7d, 0xb3, 0x84, 0xa9, 0x8b, 0x13, 0x57, 0x07, 0x2b, 0x32, 0xe9, 0xe1, 0x4c, 0x0b, 0x79, 0xa8, 0xad, 0xb8, 0x38}, + dt2: fp.Elt{0x5d, 0xf9, 0x51, 0xdf, 0x9c, 0x4a, 0xc0, 0xb5, 0xac, 0xde, 0x1f, 0xcb, 0xae, 0x52, 0x39, 0x2b, 0xda, 0x66, 0x8b, 0x32, 0x8b, 0x6d, 0x10, 0x1d, 0x53, 0x19, 0xba, 0xce, 0x32, 0xeb, 0x9a, 0x04}, + }, + { /* 45P */ + addYX: fp.Elt{0x31, 0x79, 0xfc, 0x75, 0x0b, 0x7d, 0x50, 0xaa, 0xd3, 0x25, 0x67, 0x7a, 0x4b, 0x92, 0xef, 0x0f, 0x30, 0x39, 0x6b, 0x39, 0x2b, 0x54, 0x82, 0x1d, 0xfc, 0x74, 0xf6, 0x30, 0x75, 0xe1, 0x5e, 0x79}, + subYX: fp.Elt{0x7e, 0xfe, 0xdc, 0x63, 0x3c, 0x7d, 0x76, 0xd7, 0x40, 0x6e, 0x85, 0x97, 0x48, 0x59, 0x9c, 0x20, 0x13, 0x7c, 0x4f, 0xe1, 0x61, 0x68, 0x67, 0xb6, 0xfc, 0x25, 0xd6, 0xc8, 0xe0, 0x65, 0xc6, 0x51}, + dt2: fp.Elt{0x81, 0xbd, 0xec, 0x52, 0x0a, 0x5b, 0x4a, 0x25, 0xe7, 0xaf, 0x34, 0xe0, 0x6e, 0x1f, 0x41, 0x5d, 0x31, 0x4a, 0xee, 0xca, 0x0d, 0x4d, 0xa2, 0xe6, 0x77, 0x44, 0xc5, 0x9d, 0xf4, 0x9b, 0xd1, 0x6c}, + }, + { /* 47P */ + addYX: fp.Elt{0x86, 0xc3, 0xaf, 0x65, 0x21, 0x61, 0xfe, 0x1f, 0x10, 0x1b, 0xd5, 0xb8, 0x88, 0x2a, 0x2a, 0x08, 0xaa, 0x0b, 0x99, 0x20, 0x7e, 0x62, 0xf6, 0x76, 0xe7, 0x43, 0x9e, 0x42, 0xa7, 0xb3, 0x01, 0x5e}, + subYX: fp.Elt{0xa3, 0x9c, 0x17, 0x52, 0x90, 0x61, 0x87, 0x7e, 0x85, 0x9f, 0x2c, 0x0b, 0x06, 0x0a, 0x1d, 0x57, 0x1e, 0x71, 0x99, 0x84, 0xa8, 0xba, 0xa2, 0x80, 0x38, 0xe6, 0xb2, 0x40, 0xdb, 0xf3, 0x20, 0x75}, + dt2: fp.Elt{0xa1, 0x57, 0x93, 0xd3, 0xe3, 0x0b, 0xb5, 0x3d, 0xa5, 0x94, 0x9e, 0x59, 0xdd, 0x6c, 0x7b, 0x96, 0x6e, 0x1e, 0x31, 0xdf, 0x64, 0x9a, 0x30, 0x1a, 0x86, 0xc9, 0xf3, 0xce, 0x9c, 0x2c, 0x09, 0x71}, + }, + { /* 49P */ + addYX: fp.Elt{0xcf, 0x1d, 0x05, 0x74, 0xac, 0xd8, 0x6b, 0x85, 0x1e, 0xaa, 0xb7, 0x55, 0x08, 0xa4, 0xf6, 0x03, 0xeb, 0x3c, 0x74, 0xc9, 0xcb, 0xe7, 0x4a, 0x3a, 0xde, 0xab, 0x37, 0x71, 0xbb, 0xa5, 0x73, 0x41}, + subYX: fp.Elt{0x8c, 0x91, 0x64, 0x03, 0x3f, 0x52, 0xd8, 0x53, 0x1c, 0x6b, 0xab, 0x3f, 0xf4, 0x04, 0xb4, 0xa2, 0xa4, 0xe5, 0x81, 0x66, 0x9e, 0x4a, 0x0b, 0x08, 0xa7, 0x7b, 0x25, 0xd0, 0x03, 0x5b, 0xa1, 0x0e}, + dt2: fp.Elt{0x8a, 0x21, 0xf9, 0xf0, 0x31, 0x6e, 0xc5, 0x17, 0x08, 0x47, 0xfc, 0x1a, 0x2b, 0x6e, 0x69, 0x5a, 0x76, 0xf1, 0xb2, 0xf4, 0x68, 0x16, 0x93, 0xf7, 0x67, 0x3a, 0x4e, 0x4a, 0x61, 0x65, 0xc5, 0x5f}, + }, + { /* 51P */ + addYX: fp.Elt{0x8e, 0x98, 0x90, 0x77, 0xe6, 0xe1, 0x92, 0x48, 0x22, 0xd7, 0x5c, 0x1c, 0x0f, 0x95, 0xd5, 0x01, 0xed, 0x3e, 0x92, 0xe5, 0x9a, 0x81, 0xb0, 0xe3, 0x1b, 0x65, 0x46, 0x9d, 0x40, 0xc7, 0x14, 0x32}, + subYX: fp.Elt{0xe5, 0x7a, 0x6d, 0xc4, 0x0d, 0x57, 0x6e, 0x13, 0x8f, 0xdc, 0xf8, 0x54, 0xcc, 0xaa, 0xd0, 0x0f, 0x86, 0xad, 0x0d, 0x31, 0x03, 0x9f, 0x54, 0x59, 0xa1, 0x4a, 0x45, 0x4c, 0x41, 0x1c, 0x71, 0x62}, + dt2: fp.Elt{0x70, 0x17, 0x65, 0x06, 0x74, 0x82, 0x29, 0x13, 0x36, 0x94, 0x27, 0x8a, 0x66, 0xa0, 0xa4, 0x3b, 0x3c, 0x22, 0x5d, 0x18, 0xec, 0xb8, 0xb6, 0xd9, 0x3c, 0x83, 0xcb, 0x3e, 0x07, 0x94, 0xea, 0x5b}, + }, + { /* 53P */ + addYX: fp.Elt{0xf8, 0xd2, 0x43, 0xf3, 0x63, 0xce, 0x70, 0xb4, 0xf1, 0xe8, 0x43, 0x05, 0x8f, 0xba, 0x67, 0x00, 0x6f, 0x7b, 0x11, 0xa2, 0xa1, 0x51, 0xda, 0x35, 0x2f, 0xbd, 0xf1, 0x44, 0x59, 0x78, 0xd0, 0x4a}, + subYX: fp.Elt{0xe4, 0x9b, 0xc8, 0x12, 0x09, 0xbf, 0x1d, 0x64, 0x9c, 0x57, 0x6e, 0x7d, 0x31, 0x8b, 0xf3, 0xac, 0x65, 0xb0, 0x97, 0xf6, 0x02, 0x9e, 0xfe, 0xab, 0xec, 0x1e, 0xf6, 0x48, 0xc1, 0xd5, 0xac, 0x3a}, + dt2: fp.Elt{0x01, 0x83, 0x31, 0xc3, 0x34, 0x3b, 0x8e, 0x85, 0x26, 0x68, 0x31, 0x07, 0x47, 0xc0, 0x99, 0xdc, 0x8c, 0xa8, 0x9d, 0xd3, 0x2e, 0x5b, 0x08, 0x34, 0x3d, 0x85, 0x02, 0xd9, 0xb1, 0x0c, 0xff, 0x3a}, + }, + { /* 55P */ + addYX: fp.Elt{0x05, 0x35, 0xc5, 0xf4, 0x0b, 0x43, 0x26, 0x92, 0x83, 0x22, 0x1f, 0x26, 0x13, 0x9c, 0xe4, 0x68, 0xc6, 0x27, 0xd3, 0x8f, 0x78, 0x33, 0xef, 0x09, 0x7f, 0x9e, 0xd9, 0x2b, 0x73, 0x9f, 0xcf, 0x2c}, + subYX: fp.Elt{0x5e, 0x40, 0x20, 0x3a, 0xeb, 0xc7, 0xc5, 0x87, 0xc9, 0x56, 0xad, 0xed, 0xef, 0x11, 0xe3, 0x8e, 0xf9, 0xd5, 0x29, 0xad, 0x48, 0x2e, 0x25, 0x29, 0x1d, 0x25, 0xcd, 0xf4, 0x86, 0x7e, 0x0e, 0x11}, + dt2: fp.Elt{0xe4, 0xf5, 0x03, 0xd6, 0x9e, 0xd8, 0xc0, 0x57, 0x0c, 0x20, 0xb0, 0xf0, 0x28, 0x86, 0x88, 0x12, 0xb7, 0x3b, 0x2e, 0xa0, 0x09, 0x27, 0x17, 0x53, 0x37, 0x3a, 0x69, 0xb9, 0xe0, 0x57, 0xc5, 0x05}, + }, + { /* 57P */ + addYX: fp.Elt{0xb0, 0x0e, 0xc2, 0x89, 0xb0, 0xbb, 0x76, 0xf7, 0x5c, 0xd8, 0x0f, 0xfa, 0xf6, 0x5b, 0xf8, 0x61, 0xfb, 0x21, 0x44, 0x63, 0x4e, 0x3f, 0xb9, 0xb6, 0x05, 0x12, 0x86, 0x41, 0x08, 0xef, 0x9f, 0x28}, + subYX: fp.Elt{0x6f, 0x7e, 0xc9, 0x1f, 0x31, 0xce, 0xf9, 0xd8, 0xae, 0xfd, 0xf9, 0x11, 0x30, 0x26, 0x3f, 0x7a, 0xdd, 0x25, 0xed, 0x8b, 0xa0, 0x7e, 0x5b, 0xe1, 0x5a, 0x87, 0xe9, 0x8f, 0x17, 0x4c, 0x15, 0x6e}, + dt2: fp.Elt{0xbf, 0x9a, 0xd6, 0xfe, 0x36, 0x63, 0x61, 0xcf, 0x4f, 0xc9, 0x35, 0x83, 0xe7, 0xe4, 0x16, 0x9b, 0xe7, 0x7f, 0x3a, 0x75, 0x65, 0x97, 0x78, 0x13, 0x19, 0xa3, 0x5c, 0xa9, 0x42, 0xf6, 0xfb, 0x6a}, + }, + { /* 59P */ + addYX: fp.Elt{0xcc, 0xa8, 0x13, 0xf9, 0x70, 0x50, 0xe5, 0x5d, 0x61, 0xf5, 0x0c, 0x2b, 0x7b, 0x16, 0x1d, 0x7d, 0x89, 0xd4, 0xea, 0x90, 0xb6, 0x56, 0x29, 0xda, 0xd9, 0x1e, 0x80, 0xdb, 0xce, 0x93, 0xc0, 0x12}, + subYX: fp.Elt{0xc1, 0xd2, 0xf5, 0x62, 0x0c, 0xde, 0xa8, 0x7d, 0x9a, 0x7b, 0x0e, 0xb0, 0xa4, 0x3d, 0xfc, 0x98, 0xe0, 0x70, 0xad, 0x0d, 0xda, 0x6a, 0xeb, 0x7d, 0xc4, 0x38, 0x50, 0xb9, 0x51, 0xb8, 0xb4, 0x0d}, + dt2: fp.Elt{0x0f, 0x19, 0xb8, 0x08, 0x93, 0x7f, 0x14, 0xfc, 0x10, 0xe3, 0x1a, 0xa1, 0xa0, 0x9d, 0x96, 0x06, 0xfd, 0xd7, 0xc7, 0xda, 0x72, 0x55, 0xe7, 0xce, 0xe6, 0x5c, 0x63, 0xc6, 0x99, 0x87, 0xaa, 0x33}, + }, + { /* 61P */ + addYX: fp.Elt{0xb1, 0x6c, 0x15, 0xfc, 0x88, 0xf5, 0x48, 0x83, 0x27, 0x6d, 0x0a, 0x1a, 0x9b, 0xba, 0xa2, 0x6d, 0xb6, 0x5a, 0xca, 0x87, 0x5c, 0x2d, 0x26, 0xe2, 0xa6, 0x89, 0xd5, 0xc8, 0xc1, 0xd0, 0x2c, 0x21}, + subYX: fp.Elt{0xf2, 0x5c, 0x08, 0xbd, 0x1e, 0xf5, 0x0f, 0xaf, 0x1f, 0x3f, 0xd3, 0x67, 0x89, 0x1a, 0xf5, 0x78, 0x3c, 0x03, 0x60, 0x50, 0xe1, 0xbf, 0xc2, 0x6e, 0x86, 0x1a, 0xe2, 0xe8, 0x29, 0x6f, 0x3c, 0x23}, + dt2: fp.Elt{0x81, 0xc7, 0x18, 0x7f, 0x10, 0xd5, 0xf4, 0xd2, 0x28, 0x9d, 0x7e, 0x52, 0xf2, 0xcd, 0x2e, 0x12, 0x41, 0x33, 0x3d, 0x3d, 0x2a, 0x86, 0x0a, 0xa7, 0xe3, 0x4c, 0x91, 0x11, 0x89, 0x77, 0xb7, 0x1d}, + }, + { /* 63P */ + addYX: fp.Elt{0xb6, 0x1a, 0x70, 0xdd, 0x69, 0x47, 0x39, 0xb3, 0xa5, 0x8d, 0xcf, 0x19, 0xd4, 0xde, 0xb8, 0xe2, 0x52, 0xc8, 0x2a, 0xfd, 0x61, 0x41, 0xdf, 0x15, 0xbe, 0x24, 0x7d, 0x01, 0x8a, 0xca, 0xe2, 0x7a}, + subYX: fp.Elt{0x6f, 0xc2, 0x6b, 0x7c, 0x39, 0x52, 0xf3, 0xdd, 0x13, 0x01, 0xd5, 0x53, 0xcc, 0xe2, 0x97, 0x7a, 0x30, 0xa3, 0x79, 0xbf, 0x3a, 0xf4, 0x74, 0x7c, 0xfc, 0xad, 0xe2, 0x26, 0xad, 0x97, 0xad, 0x31}, + dt2: fp.Elt{0x62, 0xb9, 0x20, 0x09, 0xed, 0x17, 0xe8, 0xb7, 0x9d, 0xda, 0x19, 0x3f, 0xcc, 0x18, 0x85, 0x1e, 0x64, 0x0a, 0x56, 0x25, 0x4f, 0xc1, 0x91, 0xe4, 0x83, 0x2c, 0x62, 0xa6, 0x53, 0xfc, 0xd1, 0x1e}, + }, +} diff --git a/vendor/golang.org/x/sys/AUTHORS b/vendor/golang.org/x/sys/AUTHORS new file mode 100644 index 000000000..15167cd74 --- /dev/null +++ b/vendor/golang.org/x/sys/AUTHORS @@ -0,0 +1,3 @@ +# This source code refers to The Go Authors for copyright purposes. +# The master list of authors is in the main Go distribution, +# visible at http://tip.golang.org/AUTHORS. diff --git a/vendor/golang.org/x/sys/CONTRIBUTORS b/vendor/golang.org/x/sys/CONTRIBUTORS new file mode 100644 index 000000000..1c4577e96 --- /dev/null +++ b/vendor/golang.org/x/sys/CONTRIBUTORS @@ -0,0 +1,3 @@ +# This source code was written by the Go contributors. +# The master list of contributors is in the main Go distribution, +# visible at http://tip.golang.org/CONTRIBUTORS. diff --git a/vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go b/vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go new file mode 100644 index 000000000..be6027224 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go @@ -0,0 +1,34 @@ +// Copyright 2019 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build aix,ppc64 + +package cpu + +const cacheLineSize = 128 + +const ( + // getsystemcfg constants + _SC_IMPL = 2 + _IMPL_POWER8 = 0x10000 + _IMPL_POWER9 = 0x20000 +) + +func init() { + impl := getsystemcfg(_SC_IMPL) + if impl&_IMPL_POWER8 != 0 { + PPC64.IsPOWER8 = true + } + if impl&_IMPL_POWER9 != 0 { + PPC64.IsPOWER9 = true + } + + Initialized = true +} + +func getsystemcfg(label int) (n uint64) { + r0, _ := callgetsystemcfg(label) + n = uint64(r0) + return +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo.c b/vendor/golang.org/x/sys/cpu/cpu_gccgo.c new file mode 100644 index 000000000..e363c7d13 --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo.c @@ -0,0 +1,43 @@ +// Copyright 2018 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build 386 amd64 amd64p32 +// +build gccgo + +#include +#include + +// Need to wrap __get_cpuid_count because it's declared as static. +int +gccgoGetCpuidCount(uint32_t leaf, uint32_t subleaf, + uint32_t *eax, uint32_t *ebx, + uint32_t *ecx, uint32_t *edx) +{ + return __get_cpuid_count(leaf, subleaf, eax, ebx, ecx, edx); +} + +// xgetbv reads the contents of an XCR (Extended Control Register) +// specified in the ECX register into registers EDX:EAX. +// Currently, the only supported value for XCR is 0. +// +// TODO: Replace with a better alternative: +// +// #include +// +// #pragma GCC target("xsave") +// +// void gccgoXgetbv(uint32_t *eax, uint32_t *edx) { +// unsigned long long x = _xgetbv(0); +// *eax = x & 0xffffffff; +// *edx = (x >> 32) & 0xffffffff; +// } +// +// Note that _xgetbv is defined starting with GCC 8. +void +gccgoXgetbv(uint32_t *eax, uint32_t *edx) +{ + __asm(" xorl %%ecx, %%ecx\n" + " xgetbv" + : "=a"(*eax), "=d"(*edx)); +} diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo.go new file mode 100644 index 000000000..ba49b91bd --- /dev/null +++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo.go @@ -0,0 +1,26 @@ +// Copyright 2018 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +// +build 386 amd64 amd64p32 +// +build gccgo + +package cpu + +//extern gccgoGetCpuidCount +func gccgoGetCpuidCount(eaxArg, ecxArg uint32, eax, ebx, ecx, edx *uint32) + +func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32) { + var a, b, c, d uint32 + gccgoGetCpuidCount(eaxArg, ecxArg, &a, &b, &c, &d) + return a, b, c, d +} + +//extern gccgoXgetbv +func gccgoXgetbv(eax, edx *uint32) + +func xgetbv() (eax, edx uint32) { + var a, d uint32 + gccgoXgetbv(&a, &d) + return a, d +} From c1a100a5b7d586689884229afc3b31789c733a32 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Jun 2023 15:18:15 +0000 Subject: [PATCH 29/73] build(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.3 to 1.8.4. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.3...v1.8.4) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 +- vendor/github.com/cloudflare/circl/LICENSE | 57 --- .../cloudflare/circl/internal/conv/conv.go | 89 ----- .../cloudflare/circl/math/fp25519/fp.go | 205 ---------- .../cloudflare/circl/math/fp25519/fp_amd64.go | 44 --- .../cloudflare/circl/math/fp25519/fp_amd64.h | 350 ------------------ .../cloudflare/circl/math/fp25519/fp_amd64.s | 111 ------ .../circl/math/fp25519/fp_generic.go | 248 ------------- .../cloudflare/circl/math/fp25519/fp_noasm.go | 12 - .../github.com/cloudflare/circl/math/wnaf.go | 84 ----- .../cloudflare/circl/sign/ed25519/ed25519.go | 178 --------- .../cloudflare/circl/sign/ed25519/modular.go | 175 --------- .../cloudflare/circl/sign/ed25519/mult.go | 179 --------- .../cloudflare/circl/sign/ed25519/point.go | 193 ---------- .../cloudflare/circl/sign/ed25519/tables.go | 213 ----------- vendor/golang.org/x/sys/AUTHORS | 3 - vendor/golang.org/x/sys/CONTRIBUTORS | 3 - vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go | 34 -- vendor/golang.org/x/sys/cpu/cpu_gccgo.c | 43 --- vendor/golang.org/x/sys/cpu/cpu_gccgo.go | 26 -- vendor/modules.txt | 2 +- 22 files changed, 4 insertions(+), 2251 deletions(-) delete mode 100644 vendor/github.com/cloudflare/circl/LICENSE delete mode 100644 vendor/github.com/cloudflare/circl/internal/conv/conv.go delete mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp.go delete mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go delete mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h delete mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.s delete mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_generic.go delete mode 100644 vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go delete mode 100644 vendor/github.com/cloudflare/circl/math/wnaf.go delete mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go delete mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/modular.go delete mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/mult.go delete mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/point.go delete mode 100644 vendor/github.com/cloudflare/circl/sign/ed25519/tables.go delete mode 100644 vendor/golang.org/x/sys/AUTHORS delete mode 100644 vendor/golang.org/x/sys/CONTRIBUTORS delete mode 100644 vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go delete mode 100644 vendor/golang.org/x/sys/cpu/cpu_gccgo.c delete mode 100644 vendor/golang.org/x/sys/cpu/cpu_gccgo.go diff --git a/go.mod b/go.mod index f4bcaa156..9e13e1e34 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/lib/pq v1.10.9 github.com/mattn/go-sqlite3 v1.14.16 github.com/prometheus/client_golang v1.15.1 - github.com/stretchr/testify v1.8.3 + github.com/stretchr/testify v1.8.4 github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 github.com/zmap/zlint/v3 v3.5.0 golang.org/x/crypto v0.9.0 diff --git a/go.sum b/go.sum index b99f43a89..e2c44c69f 100644 --- a/go.sum +++ b/go.sum @@ -329,8 +329,8 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= -github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= diff --git a/vendor/github.com/cloudflare/circl/LICENSE b/vendor/github.com/cloudflare/circl/LICENSE deleted file mode 100644 index 67edaa90a..000000000 --- a/vendor/github.com/cloudflare/circl/LICENSE +++ /dev/null @@ -1,57 +0,0 @@ -Copyright (c) 2019 Cloudflare. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Cloudflare nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -======================================================================== - -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/cloudflare/circl/internal/conv/conv.go b/vendor/github.com/cloudflare/circl/internal/conv/conv.go deleted file mode 100644 index b4a4f0b16..000000000 --- a/vendor/github.com/cloudflare/circl/internal/conv/conv.go +++ /dev/null @@ -1,89 +0,0 @@ -package conv - -import ( - "fmt" - "math/big" - "strings" -) - -// BytesLe2Hex returns an hexadecimal string of a number stored in a -// little-endian order slice x. -func BytesLe2Hex(x []byte) string { - b := &strings.Builder{} - b.Grow(2*len(x) + 2) - fmt.Fprint(b, "0x") - if len(x) == 0 { - fmt.Fprint(b, "00") - } - for i := len(x) - 1; i >= 0; i-- { - fmt.Fprintf(b, "%02x", x[i]) - } - return b.String() -} - -// BytesLe2BigInt converts a little-endian slice x into a big-endian -// math/big.Int. -func BytesLe2BigInt(x []byte) *big.Int { - n := len(x) - b := new(big.Int) - if len(x) > 0 { - y := make([]byte, n) - for i := 0; i < n; i++ { - y[n-1-i] = x[i] - } - b.SetBytes(y) - } - return b -} - -// BigInt2BytesLe stores a positive big.Int number x into a little-endian slice z. -// The slice is modified if the bitlength of x <= 8*len(z) (padding with zeros). -// If x does not fit in the slice or is negative, z is not modified. -func BigInt2BytesLe(z []byte, x *big.Int) { - xLen := (x.BitLen() + 7) >> 3 - zLen := len(z) - if zLen >= xLen && x.Sign() >= 0 { - y := x.Bytes() - for i := 0; i < xLen; i++ { - z[i] = y[xLen-1-i] - } - for i := xLen; i < zLen; i++ { - z[i] = 0 - } - } -} - -// Uint64Le2BigInt converts a llitle-endian slice x into a big number. -func Uint64Le2BigInt(x []uint64) *big.Int { - n := len(x) - b := new(big.Int) - var bi big.Int - for i := n - 1; i >= 0; i-- { - bi.SetUint64(x[i]) - b.Lsh(b, 64) - b.Add(b, &bi) - } - return b -} - -// BigInt2Uint64Le stores a positive big.Int number x into a little-endian slice z. -// The slice is modified if the bitlength of x <= 8*len(z) (padding with zeros). -// If x does not fit in the slice or is negative, z is not modified. -func BigInt2Uint64Le(z []uint64, x *big.Int) { - xLen := (x.BitLen() + 63) >> 6 // number of 64-bit words - zLen := len(z) - if zLen >= xLen && x.Sign() > 0 { - var y, yi big.Int - y.Set(x) - two64 := big.NewInt(1) - two64.Lsh(two64, 64).Sub(two64, big.NewInt(1)) - for i := 0; i < xLen; i++ { - yi.And(&y, two64) - z[i] = yi.Uint64() - y.Rsh(&y, 64) - } - } - for i := xLen; i < zLen; i++ { - z[i] = 0 - } -} diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp.go deleted file mode 100644 index 496287ec5..000000000 --- a/vendor/github.com/cloudflare/circl/math/fp25519/fp.go +++ /dev/null @@ -1,205 +0,0 @@ -// Package fp25519 provides prime field arithmetic over GF(2^255-19). -package fp25519 - -import ( - "errors" - - "github.com/cloudflare/circl/internal/conv" -) - -// Size in bytes of an element. -const Size = 32 - -// Elt is a prime field element. -type Elt [Size]byte - -func (e Elt) String() string { return conv.BytesLe2Hex(e[:]) } - -// p is the prime modulus 2^255-19. -var p = Elt{ - 0xed, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0x7f, -} - -// P returns the prime modulus 2^255-19. -func P() Elt { return p } - -// ToBytes stores in b the little-endian byte representation of x. -func ToBytes(b []byte, x *Elt) error { - if len(b) != Size { - return errors.New("wrong size") - } - Modp(x) - copy(b, x[:]) - return nil -} - -// IsZero returns true if x is equal to 0. -func IsZero(x *Elt) bool { Modp(x); return *x == Elt{} } - -// SetOne assigns x=1. -func SetOne(x *Elt) { *x = Elt{}; x[0] = 1 } - -// Neg calculates z = -x. -func Neg(z, x *Elt) { Sub(z, &p, x) } - -// InvSqrt calculates z = sqrt(x/y) iff x/y is a quadratic-residue, which is -// indicated by returning isQR = true. Otherwise, when x/y is a quadratic -// non-residue, z will have an undetermined value and isQR = false. -func InvSqrt(z, x, y *Elt) (isQR bool) { - sqrtMinusOne := &Elt{ - 0xb0, 0xa0, 0x0e, 0x4a, 0x27, 0x1b, 0xee, 0xc4, - 0x78, 0xe4, 0x2f, 0xad, 0x06, 0x18, 0x43, 0x2f, - 0xa7, 0xd7, 0xfb, 0x3d, 0x99, 0x00, 0x4d, 0x2b, - 0x0b, 0xdf, 0xc1, 0x4f, 0x80, 0x24, 0x83, 0x2b, - } - t0, t1, t2, t3 := &Elt{}, &Elt{}, &Elt{}, &Elt{} - - Mul(t0, x, y) // t0 = u*v - Sqr(t1, y) // t1 = v^2 - Mul(t2, t0, t1) // t2 = u*v^3 - Sqr(t0, t1) // t0 = v^4 - Mul(t1, t0, t2) // t1 = u*v^7 - - var Tab [4]*Elt - Tab[0] = &Elt{} - Tab[1] = &Elt{} - Tab[2] = t3 - Tab[3] = t1 - - *Tab[0] = *t1 - Sqr(Tab[0], Tab[0]) - Sqr(Tab[1], Tab[0]) - Sqr(Tab[1], Tab[1]) - Mul(Tab[1], Tab[1], Tab[3]) - Mul(Tab[0], Tab[0], Tab[1]) - Sqr(Tab[0], Tab[0]) - Mul(Tab[0], Tab[0], Tab[1]) - Sqr(Tab[1], Tab[0]) - for i := 0; i < 4; i++ { - Sqr(Tab[1], Tab[1]) - } - Mul(Tab[1], Tab[1], Tab[0]) - Sqr(Tab[2], Tab[1]) - for i := 0; i < 4; i++ { - Sqr(Tab[2], Tab[2]) - } - Mul(Tab[2], Tab[2], Tab[0]) - Sqr(Tab[1], Tab[2]) - for i := 0; i < 14; i++ { - Sqr(Tab[1], Tab[1]) - } - Mul(Tab[1], Tab[1], Tab[2]) - Sqr(Tab[2], Tab[1]) - for i := 0; i < 29; i++ { - Sqr(Tab[2], Tab[2]) - } - Mul(Tab[2], Tab[2], Tab[1]) - Sqr(Tab[1], Tab[2]) - for i := 0; i < 59; i++ { - Sqr(Tab[1], Tab[1]) - } - Mul(Tab[1], Tab[1], Tab[2]) - for i := 0; i < 5; i++ { - Sqr(Tab[1], Tab[1]) - } - Mul(Tab[1], Tab[1], Tab[0]) - Sqr(Tab[2], Tab[1]) - for i := 0; i < 124; i++ { - Sqr(Tab[2], Tab[2]) - } - Mul(Tab[2], Tab[2], Tab[1]) - Sqr(Tab[2], Tab[2]) - Sqr(Tab[2], Tab[2]) - Mul(Tab[2], Tab[2], Tab[3]) - - Mul(z, t3, t2) // z = xy^(p+3)/8 = xy^3*(xy^7)^(p-5)/8 - // Checking whether y z^2 == x - Sqr(t0, z) // t0 = z^2 - Mul(t0, t0, y) // t0 = yz^2 - Sub(t1, t0, x) // t1 = t0-u - Add(t2, t0, x) // t2 = t0+u - if IsZero(t1) { - return true - } else if IsZero(t2) { - Mul(z, z, sqrtMinusOne) // z = z*sqrt(-1) - return true - } else { - return false - } -} - -// Inv calculates z = 1/x mod p. -func Inv(z, x *Elt) { - x0, x1, x2 := &Elt{}, &Elt{}, &Elt{} - Sqr(x1, x) - Sqr(x0, x1) - Sqr(x0, x0) - Mul(x0, x0, x) - Mul(z, x0, x1) - Sqr(x1, z) - Mul(x0, x0, x1) - Sqr(x1, x0) - for i := 0; i < 4; i++ { - Sqr(x1, x1) - } - Mul(x0, x0, x1) - Sqr(x1, x0) - for i := 0; i < 9; i++ { - Sqr(x1, x1) - } - Mul(x1, x1, x0) - Sqr(x2, x1) - for i := 0; i < 19; i++ { - Sqr(x2, x2) - } - Mul(x2, x2, x1) - for i := 0; i < 10; i++ { - Sqr(x2, x2) - } - Mul(x2, x2, x0) - Sqr(x0, x2) - for i := 0; i < 49; i++ { - Sqr(x0, x0) - } - Mul(x0, x0, x2) - Sqr(x1, x0) - for i := 0; i < 99; i++ { - Sqr(x1, x1) - } - Mul(x1, x1, x0) - for i := 0; i < 50; i++ { - Sqr(x1, x1) - } - Mul(x1, x1, x2) - for i := 0; i < 5; i++ { - Sqr(x1, x1) - } - Mul(z, z, x1) -} - -// Cmov assigns y to x if n is 1. -func Cmov(x, y *Elt, n uint) { cmov(x, y, n) } - -// Cswap interchages x and y if n is 1. -func Cswap(x, y *Elt, n uint) { cswap(x, y, n) } - -// Add calculates z = x+y mod p. -func Add(z, x, y *Elt) { add(z, x, y) } - -// Sub calculates z = x-y mod p. -func Sub(z, x, y *Elt) { sub(z, x, y) } - -// AddSub calculates (x,y) = (x+y mod p, x-y mod p). -func AddSub(x, y *Elt) { addsub(x, y) } - -// Mul calculates z = x*y mod p. -func Mul(z, x, y *Elt) { mul(z, x, y) } - -// Sqr calculates z = x^2 mod p. -func Sqr(z, x *Elt) { sqr(z, x) } - -// Modp ensures that z is between [0,p-1]. -func Modp(z *Elt) { modp(z) } diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go deleted file mode 100644 index 1c35c0079..000000000 --- a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.go +++ /dev/null @@ -1,44 +0,0 @@ -// +build amd64,!purego - -package fp25519 - -import ( - "golang.org/x/sys/cpu" -) - -var hasBmi2Adx = cpu.X86.HasBMI2 && cpu.X86.HasADX - -var _ = hasBmi2Adx - -func cmov(x, y *Elt, n uint) { cmovAmd64(x, y, n) } -func cswap(x, y *Elt, n uint) { cswapAmd64(x, y, n) } -func add(z, x, y *Elt) { addAmd64(z, x, y) } -func sub(z, x, y *Elt) { subAmd64(z, x, y) } -func addsub(x, y *Elt) { addsubAmd64(x, y) } -func mul(z, x, y *Elt) { mulAmd64(z, x, y) } -func sqr(z, x *Elt) { sqrAmd64(z, x) } -func modp(z *Elt) { modpAmd64(z) } - -//go:noescape -func cmovAmd64(x, y *Elt, n uint) - -//go:noescape -func cswapAmd64(x, y *Elt, n uint) - -//go:noescape -func addAmd64(z, x, y *Elt) - -//go:noescape -func subAmd64(z, x, y *Elt) - -//go:noescape -func addsubAmd64(x, y *Elt) - -//go:noescape -func mulAmd64(z, x, y *Elt) - -//go:noescape -func sqrAmd64(z, x *Elt) - -//go:noescape -func modpAmd64(z *Elt) diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h b/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h deleted file mode 100644 index 7b25f16e4..000000000 --- a/vendor/github.com/cloudflare/circl/math/fp25519/fp_amd64.h +++ /dev/null @@ -1,350 +0,0 @@ -// This code was imported from https://github.com/armfazh/rfc7748_precomputed - -// CHECK_BMI2ADX triggers bmi2adx if supported, -// otherwise it fallbacks to legacy code. -#define CHECK_BMI2ADX(label, legacy, bmi2adx) \ - CMPB ·hasBmi2Adx(SB), $0 \ - JE label \ - bmi2adx \ - RET \ - label: \ - legacy \ - RET - -// cselect is a conditional move -// if b=1: it copies y into x; -// if b=0: x remains with the same value; -// if b<> 0,1: undefined. -// Uses: AX, DX, FLAGS -// Instr: x86_64, cmov -#define cselect(x,y,b) \ - TESTQ b, b \ - MOVQ 0+x, AX; MOVQ 0+y, DX; CMOVQNE DX, AX; MOVQ AX, 0+x; \ - MOVQ 8+x, AX; MOVQ 8+y, DX; CMOVQNE DX, AX; MOVQ AX, 8+x; \ - MOVQ 16+x, AX; MOVQ 16+y, DX; CMOVQNE DX, AX; MOVQ AX, 16+x; \ - MOVQ 24+x, AX; MOVQ 24+y, DX; CMOVQNE DX, AX; MOVQ AX, 24+x; - -// cswap is a conditional swap -// if b=1: x,y <- y,x; -// if b=0: x,y remain with the same values; -// if b<> 0,1: undefined. -// Uses: AX, DX, R8, FLAGS -// Instr: x86_64, cmov -#define cswap(x,y,b) \ - TESTQ b, b \ - MOVQ 0+x, AX; MOVQ AX, R8; MOVQ 0+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 0+x; MOVQ DX, 0+y; \ - MOVQ 8+x, AX; MOVQ AX, R8; MOVQ 8+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 8+x; MOVQ DX, 8+y; \ - MOVQ 16+x, AX; MOVQ AX, R8; MOVQ 16+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 16+x; MOVQ DX, 16+y; \ - MOVQ 24+x, AX; MOVQ AX, R8; MOVQ 24+y, DX; CMOVQNE DX, AX; CMOVQNE R8, DX; MOVQ AX, 24+x; MOVQ DX, 24+y; - -// additionLeg adds x and y and stores in z -// Uses: AX, DX, R8-R11, FLAGS -// Instr: x86_64, cmov -#define additionLeg(z,x,y) \ - MOVL $38, AX; \ - MOVL $0, DX; \ - MOVQ 0+x, R8; ADDQ 0+y, R8; \ - MOVQ 8+x, R9; ADCQ 8+y, R9; \ - MOVQ 16+x, R10; ADCQ 16+y, R10; \ - MOVQ 24+x, R11; ADCQ 24+y, R11; \ - CMOVQCS AX, DX; \ - ADDQ DX, R8; \ - ADCQ $0, R9; MOVQ R9, 8+z; \ - ADCQ $0, R10; MOVQ R10, 16+z; \ - ADCQ $0, R11; MOVQ R11, 24+z; \ - MOVL $0, DX; \ - CMOVQCS AX, DX; \ - ADDQ DX, R8; MOVQ R8, 0+z; - -// additionAdx adds x and y and stores in z -// Uses: AX, DX, R8-R11, FLAGS -// Instr: x86_64, cmov, adx -#define additionAdx(z,x,y) \ - MOVL $38, AX; \ - XORL DX, DX; \ - MOVQ 0+x, R8; ADCXQ 0+y, R8; \ - MOVQ 8+x, R9; ADCXQ 8+y, R9; \ - MOVQ 16+x, R10; ADCXQ 16+y, R10; \ - MOVQ 24+x, R11; ADCXQ 24+y, R11; \ - CMOVQCS AX, DX ; \ - XORL AX, AX; \ - ADCXQ DX, R8; \ - ADCXQ AX, R9; MOVQ R9, 8+z; \ - ADCXQ AX, R10; MOVQ R10, 16+z; \ - ADCXQ AX, R11; MOVQ R11, 24+z; \ - MOVL $38, DX; \ - CMOVQCS DX, AX; \ - ADDQ AX, R8; MOVQ R8, 0+z; - -// subtraction subtracts y from x and stores in z -// Uses: AX, DX, R8-R11, FLAGS -// Instr: x86_64, cmov -#define subtraction(z,x,y) \ - MOVL $38, AX; \ - MOVQ 0+x, R8; SUBQ 0+y, R8; \ - MOVQ 8+x, R9; SBBQ 8+y, R9; \ - MOVQ 16+x, R10; SBBQ 16+y, R10; \ - MOVQ 24+x, R11; SBBQ 24+y, R11; \ - MOVL $0, DX; \ - CMOVQCS AX, DX; \ - SUBQ DX, R8; \ - SBBQ $0, R9; MOVQ R9, 8+z; \ - SBBQ $0, R10; MOVQ R10, 16+z; \ - SBBQ $0, R11; MOVQ R11, 24+z; \ - MOVL $0, DX; \ - CMOVQCS AX, DX; \ - SUBQ DX, R8; MOVQ R8, 0+z; - -// integerMulAdx multiplies x and y and stores in z -// Uses: AX, DX, R8-R15, FLAGS -// Instr: x86_64, bmi2, adx -#define integerMulAdx(z,x,y) \ - MOVQ 0+y, DX; XORL AX, AX; \ - MULXQ 0+x, AX, R8; MOVQ AX, 0+z; \ - MULXQ 8+x, AX, R9; ADCXQ AX, R8; \ - MULXQ 16+x, AX, R10; ADCXQ AX, R9; \ - MULXQ 24+x, AX, R11; ADCXQ AX, R10; \ - MOVL $0, AX;;;;;;;;; ADCXQ AX, R11; \ - MOVQ 8+y, DX; XORL AX, AX; \ - MULXQ 0+x, AX, R12; ADCXQ R8, AX; MOVQ AX, 8+z; \ - MULXQ 8+x, AX, R13; ADCXQ R9, R12; ADOXQ AX, R12; \ - MULXQ 16+x, AX, R14; ADCXQ R10, R13; ADOXQ AX, R13; \ - MULXQ 24+x, AX, R15; ADCXQ R11, R14; ADOXQ AX, R14; \ - MOVL $0, AX;;;;;;;;; ADCXQ AX, R15; ADOXQ AX, R15; \ - MOVQ 16+y, DX; XORL AX, AX; \ - MULXQ 0+x, AX, R8; ADCXQ R12, AX; MOVQ AX, 16+z; \ - MULXQ 8+x, AX, R9; ADCXQ R13, R8; ADOXQ AX, R8; \ - MULXQ 16+x, AX, R10; ADCXQ R14, R9; ADOXQ AX, R9; \ - MULXQ 24+x, AX, R11; ADCXQ R15, R10; ADOXQ AX, R10; \ - MOVL $0, AX;;;;;;;;; ADCXQ AX, R11; ADOXQ AX, R11; \ - MOVQ 24+y, DX; XORL AX, AX; \ - MULXQ 0+x, AX, R12; ADCXQ R8, AX; MOVQ AX, 24+z; \ - MULXQ 8+x, AX, R13; ADCXQ R9, R12; ADOXQ AX, R12; MOVQ R12, 32+z; \ - MULXQ 16+x, AX, R14; ADCXQ R10, R13; ADOXQ AX, R13; MOVQ R13, 40+z; \ - MULXQ 24+x, AX, R15; ADCXQ R11, R14; ADOXQ AX, R14; MOVQ R14, 48+z; \ - MOVL $0, AX;;;;;;;;; ADCXQ AX, R15; ADOXQ AX, R15; MOVQ R15, 56+z; - -// integerMulLeg multiplies x and y and stores in z -// Uses: AX, DX, R8-R15, FLAGS -// Instr: x86_64 -#define integerMulLeg(z,x,y) \ - MOVQ 0+y, R8; \ - MOVQ 0+x, AX; MULQ R8; MOVQ AX, 0+z; MOVQ DX, R15; \ - MOVQ 8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \ - MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \ - MOVQ 24+x, AX; MULQ R8; \ - ADDQ R13, R15; \ - ADCQ R14, R10; MOVQ R10, 16+z; \ - ADCQ AX, R11; MOVQ R11, 24+z; \ - ADCQ $0, DX; MOVQ DX, 32+z; \ - MOVQ 8+y, R8; \ - MOVQ 0+x, AX; MULQ R8; MOVQ AX, R12; MOVQ DX, R9; \ - MOVQ 8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \ - MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \ - MOVQ 24+x, AX; MULQ R8; \ - ADDQ R12, R15; MOVQ R15, 8+z; \ - ADCQ R13, R9; \ - ADCQ R14, R10; \ - ADCQ AX, R11; \ - ADCQ $0, DX; \ - ADCQ 16+z, R9; MOVQ R9, R15; \ - ADCQ 24+z, R10; MOVQ R10, 24+z; \ - ADCQ 32+z, R11; MOVQ R11, 32+z; \ - ADCQ $0, DX; MOVQ DX, 40+z; \ - MOVQ 16+y, R8; \ - MOVQ 0+x, AX; MULQ R8; MOVQ AX, R12; MOVQ DX, R9; \ - MOVQ 8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \ - MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \ - MOVQ 24+x, AX; MULQ R8; \ - ADDQ R12, R15; MOVQ R15, 16+z; \ - ADCQ R13, R9; \ - ADCQ R14, R10; \ - ADCQ AX, R11; \ - ADCQ $0, DX; \ - ADCQ 24+z, R9; MOVQ R9, R15; \ - ADCQ 32+z, R10; MOVQ R10, 32+z; \ - ADCQ 40+z, R11; MOVQ R11, 40+z; \ - ADCQ $0, DX; MOVQ DX, 48+z; \ - MOVQ 24+y, R8; \ - MOVQ 0+x, AX; MULQ R8; MOVQ AX, R12; MOVQ DX, R9; \ - MOVQ 8+x, AX; MULQ R8; MOVQ AX, R13; MOVQ DX, R10; \ - MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; \ - MOVQ 24+x, AX; MULQ R8; \ - ADDQ R12, R15; MOVQ R15, 24+z; \ - ADCQ R13, R9; \ - ADCQ R14, R10; \ - ADCQ AX, R11; \ - ADCQ $0, DX; \ - ADCQ 32+z, R9; MOVQ R9, 32+z; \ - ADCQ 40+z, R10; MOVQ R10, 40+z; \ - ADCQ 48+z, R11; MOVQ R11, 48+z; \ - ADCQ $0, DX; MOVQ DX, 56+z; - -// integerSqrLeg squares x and stores in z -// Uses: AX, CX, DX, R8-R15, FLAGS -// Instr: x86_64 -#define integerSqrLeg(z,x) \ - MOVQ 0+x, R8; \ - MOVQ 8+x, AX; MULQ R8; MOVQ AX, R9; MOVQ DX, R10; /* A[0]*A[1] */ \ - MOVQ 16+x, AX; MULQ R8; MOVQ AX, R14; MOVQ DX, R11; /* A[0]*A[2] */ \ - MOVQ 24+x, AX; MULQ R8; MOVQ AX, R15; MOVQ DX, R12; /* A[0]*A[3] */ \ - MOVQ 24+x, R8; \ - MOVQ 8+x, AX; MULQ R8; MOVQ AX, CX; MOVQ DX, R13; /* A[3]*A[1] */ \ - MOVQ 16+x, AX; MULQ R8; /* A[3]*A[2] */ \ - \ - ADDQ R14, R10;\ - ADCQ R15, R11; MOVL $0, R15;\ - ADCQ CX, R12;\ - ADCQ AX, R13;\ - ADCQ $0, DX; MOVQ DX, R14;\ - MOVQ 8+x, AX; MULQ 16+x;\ - \ - ADDQ AX, R11;\ - ADCQ DX, R12;\ - ADCQ $0, R13;\ - ADCQ $0, R14;\ - ADCQ $0, R15;\ - \ - SHLQ $1, R14, R15; MOVQ R15, 56+z;\ - SHLQ $1, R13, R14; MOVQ R14, 48+z;\ - SHLQ $1, R12, R13; MOVQ R13, 40+z;\ - SHLQ $1, R11, R12; MOVQ R12, 32+z;\ - SHLQ $1, R10, R11; MOVQ R11, 24+z;\ - SHLQ $1, R9, R10; MOVQ R10, 16+z;\ - SHLQ $1, R9; MOVQ R9, 8+z;\ - \ - MOVQ 0+x,AX; MULQ AX; MOVQ AX, 0+z; MOVQ DX, R9;\ - MOVQ 8+x,AX; MULQ AX; MOVQ AX, R10; MOVQ DX, R11;\ - MOVQ 16+x,AX; MULQ AX; MOVQ AX, R12; MOVQ DX, R13;\ - MOVQ 24+x,AX; MULQ AX; MOVQ AX, R14; MOVQ DX, R15;\ - \ - ADDQ 8+z, R9; MOVQ R9, 8+z;\ - ADCQ 16+z, R10; MOVQ R10, 16+z;\ - ADCQ 24+z, R11; MOVQ R11, 24+z;\ - ADCQ 32+z, R12; MOVQ R12, 32+z;\ - ADCQ 40+z, R13; MOVQ R13, 40+z;\ - ADCQ 48+z, R14; MOVQ R14, 48+z;\ - ADCQ 56+z, R15; MOVQ R15, 56+z; - -// integerSqrAdx squares x and stores in z -// Uses: AX, CX, DX, R8-R15, FLAGS -// Instr: x86_64, bmi2, adx -#define integerSqrAdx(z,x) \ - MOVQ 0+x, DX; /* A[0] */ \ - MULXQ 8+x, R8, R14; /* A[1]*A[0] */ XORL R15, R15; \ - MULXQ 16+x, R9, R10; /* A[2]*A[0] */ ADCXQ R14, R9; \ - MULXQ 24+x, AX, CX; /* A[3]*A[0] */ ADCXQ AX, R10; \ - MOVQ 24+x, DX; /* A[3] */ \ - MULXQ 8+x, R11, R12; /* A[1]*A[3] */ ADCXQ CX, R11; \ - MULXQ 16+x, AX, R13; /* A[2]*A[3] */ ADCXQ AX, R12; \ - MOVQ 8+x, DX; /* A[1] */ ADCXQ R15, R13; \ - MULXQ 16+x, AX, CX; /* A[2]*A[1] */ MOVL $0, R14; \ - ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ADCXQ R15, R14; \ - XORL R15, R15; \ - ADOXQ AX, R10; ADCXQ R8, R8; \ - ADOXQ CX, R11; ADCXQ R9, R9; \ - ADOXQ R15, R12; ADCXQ R10, R10; \ - ADOXQ R15, R13; ADCXQ R11, R11; \ - ADOXQ R15, R14; ADCXQ R12, R12; \ - ;;;;;;;;;;;;;;; ADCXQ R13, R13; \ - ;;;;;;;;;;;;;;; ADCXQ R14, R14; \ - MOVQ 0+x, DX; MULXQ DX, AX, CX; /* A[0]^2 */ \ - ;;;;;;;;;;;;;;; MOVQ AX, 0+z; \ - ADDQ CX, R8; MOVQ R8, 8+z; \ - MOVQ 8+x, DX; MULXQ DX, AX, CX; /* A[1]^2 */ \ - ADCQ AX, R9; MOVQ R9, 16+z; \ - ADCQ CX, R10; MOVQ R10, 24+z; \ - MOVQ 16+x, DX; MULXQ DX, AX, CX; /* A[2]^2 */ \ - ADCQ AX, R11; MOVQ R11, 32+z; \ - ADCQ CX, R12; MOVQ R12, 40+z; \ - MOVQ 24+x, DX; MULXQ DX, AX, CX; /* A[3]^2 */ \ - ADCQ AX, R13; MOVQ R13, 48+z; \ - ADCQ CX, R14; MOVQ R14, 56+z; - -// reduceFromDouble finds z congruent to x modulo p such that 0> 63) - // PUT BIT 255 IN CARRY FLAG AND CLEAR - x3 &^= 1 << 63 - - x0, c0 := bits.Add64(xx[0], cx, 0) - x1, c1 := bits.Add64(xx[1], 0, c0) - x2, c2 := bits.Add64(xx[2], 0, c1) - x3, _ = bits.Add64(x3, 0, c2) - - // TEST FOR BIT 255 AGAIN; ONLY TRIGGERED ON OVERFLOW MODULO 2^255-19 - // cx = C[255] ? 0 : 19 - cx = uint64(19) &^ (-(x3 >> 63)) - // CLEAR BIT 255 - x3 &^= 1 << 63 - - xx[0], c0 = bits.Sub64(x0, cx, 0) - xx[1], c1 = bits.Sub64(x1, 0, c0) - xx[2], c2 = bits.Sub64(x2, 0, c1) - xx[3], _ = bits.Sub64(x3, 0, c2) -} - -func red64(z, h *elt64) { - h0, l0 := bits.Mul64(h[0], 38) - h1, l1 := bits.Mul64(h[1], 38) - h2, l2 := bits.Mul64(h[2], 38) - h3, l3 := bits.Mul64(h[3], 38) - - l1, c0 := bits.Add64(h0, l1, 0) - l2, c1 := bits.Add64(h1, l2, c0) - l3, c2 := bits.Add64(h2, l3, c1) - l4, _ := bits.Add64(h3, 0, c2) - - l0, c0 = bits.Add64(l0, z[0], 0) - l1, c1 = bits.Add64(l1, z[1], c0) - l2, c2 = bits.Add64(l2, z[2], c1) - l3, c3 := bits.Add64(l3, z[3], c2) - l4, _ = bits.Add64(l4, 0, c3) - - _, l4 = bits.Mul64(l4, 38) - l0, c0 = bits.Add64(l0, l4, 0) - z[1], c1 = bits.Add64(l1, 0, c0) - z[2], c2 = bits.Add64(l2, 0, c1) - z[3], c3 = bits.Add64(l3, 0, c2) - z[0], _ = bits.Add64(l0, (-c3)&38, 0) -} diff --git a/vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go b/vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go deleted file mode 100644 index 08a07b667..000000000 --- a/vendor/github.com/cloudflare/circl/math/fp25519/fp_noasm.go +++ /dev/null @@ -1,12 +0,0 @@ -// +build !amd64 purego - -package fp25519 - -func cmov(x, y *Elt, n uint) { cmovGeneric(x, y, n) } -func cswap(x, y *Elt, n uint) { cswapGeneric(x, y, n) } -func add(z, x, y *Elt) { addGeneric(z, x, y) } -func sub(z, x, y *Elt) { subGeneric(z, x, y) } -func addsub(x, y *Elt) { addsubGeneric(x, y) } -func mul(z, x, y *Elt) { mulGeneric(z, x, y) } -func sqr(z, x *Elt) { sqrGeneric(z, x) } -func modp(z *Elt) { modpGeneric(z) } diff --git a/vendor/github.com/cloudflare/circl/math/wnaf.go b/vendor/github.com/cloudflare/circl/math/wnaf.go deleted file mode 100644 index df7a9c9ba..000000000 --- a/vendor/github.com/cloudflare/circl/math/wnaf.go +++ /dev/null @@ -1,84 +0,0 @@ -// Package math provides some utility functions for big integers. -package math - -import "math/big" - -// SignedDigit obtains the signed-digit recoding of n and returns a list L of -// digits such that n = sum( L[i]*2^(i*(w-1)) ), and each L[i] is an odd number -// in the set {±1, ±3, ..., ±2^(w-1)-1}. The third parameter ensures that the -// output has ceil(l/(w-1)) digits. -// -// Restrictions: -// - n is odd and n > 0. -// - 1 < w < 32. -// - l >= bit length of n. -// -// References: -// - Alg.6 in "Exponent Recoding and Regular Exponentiation Algorithms" -// by Joye-Tunstall. http://doi.org/10.1007/978-3-642-02384-2_21 -// - Alg.6 in "Selecting Elliptic Curves for Cryptography: An Efficiency and -// Security Analysis" by Bos et al. http://doi.org/10.1007/s13389-015-0097-y -func SignedDigit(n *big.Int, w, l uint) []int32 { - if n.Sign() <= 0 || n.Bit(0) == 0 { - panic("n must be non-zero, odd, and positive") - } - if w <= 1 || w >= 32 { - panic("Verify that 1 < w < 32") - } - if uint(n.BitLen()) > l { - panic("n is too big to fit in l digits") - } - lenN := (l + (w - 1) - 1) / (w - 1) // ceil(l/(w-1)) - L := make([]int32, lenN+1) - var k, v big.Int - k.Set(n) - - var i uint - for i = 0; i < lenN; i++ { - words := k.Bits() - value := int32(words[0] & ((1 << w) - 1)) - value -= int32(1) << (w - 1) - L[i] = value - v.SetInt64(int64(value)) - k.Sub(&k, &v) - k.Rsh(&k, w-1) - } - L[i] = int32(k.Int64()) - return L -} - -// OmegaNAF obtains the window-w Non-Adjacent Form of a positive number n and -// 1 < w < 32. The returned slice L holds n = sum( L[i]*2^i ). -// -// Reference: -// - Alg.9 "Efficient arithmetic on Koblitz curves" by Solinas. -// http://doi.org/10.1023/A:1008306223194 -func OmegaNAF(n *big.Int, w uint) (L []int32) { - if n.Sign() < 0 { - panic("n must be positive") - } - if w <= 1 || w >= 32 { - panic("Verify that 1 < w < 32") - } - - L = make([]int32, n.BitLen()+1) - var k, v big.Int - k.Set(n) - - i := 0 - for ; k.Sign() > 0; i++ { - value := int32(0) - if k.Bit(0) == 1 { - words := k.Bits() - value = int32(words[0] & ((1 << w) - 1)) - if value >= (int32(1) << (w - 1)) { - value -= int32(1) << w - } - v.SetInt64(int64(value)) - k.Sub(&k, &v) - } - L[i] = value - k.Rsh(&k, 1) - } - return L[:i] -} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go b/vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go deleted file mode 100644 index b94b09bf1..000000000 --- a/vendor/github.com/cloudflare/circl/sign/ed25519/ed25519.go +++ /dev/null @@ -1,178 +0,0 @@ -// Package ed25519 implements Ed25519 signature scheme as described in RFC-8032. -// -// References: -// - RFC8032 https://rfc-editor.org/rfc/rfc8032.txt -// - Ed25519 https://ed25519.cr.yp.to/ -// - High-speed high-security signatures. https://doi.org/10.1007/s13389-012-0027-1 -package ed25519 - -import ( - "bytes" - "crypto" - cryptoRand "crypto/rand" - "crypto/sha512" - "errors" - "io" -) - -const ( - // PublicKeySize is the length in bytes of Ed25519 public keys. - PublicKeySize = 32 - // PrivateKeySize is the length in bytes of Ed25519 private keys. - PrivateKeySize = 32 - // SignatureSize is the length in bytes of signatures. - SignatureSize = 64 -) -const ( - paramB = 256 / 8 // Size of keys in bytes. -) - -// PublicKey represents a public key of Ed25519. -type PublicKey []byte - -// PrivateKey represents a private key of Ed25519. -type PrivateKey []byte - -// KeyPair implements crypto.Signer (golang.org/pkg/crypto/#Signer) interface. -type KeyPair struct { - private [PrivateKeySize]byte - public [PublicKeySize]byte -} - -// GetPrivate returns a copy of the private key. -func (kp *KeyPair) GetPrivate() PrivateKey { z := kp.private; return z[:] } - -// GetPublic returns a copy of the public key. -func (kp *KeyPair) GetPublic() PublicKey { z := kp.public; return z[:] } - -// Seed returns the private key seed. -func (kp *KeyPair) Seed() []byte { return kp.GetPrivate() } - -// Public returns a crypto.PublicKey. -func (kp *KeyPair) Public() crypto.PublicKey { return kp.GetPublic() } - -// Sign creates a signature of a message given a key pair. -// Ed25519 performs two passes over messages to be signed and therefore cannot -// handle pre-hashed messages. -// The opts.HashFunc() must return zero to indicate the message hasn't been -// hashed. This can be achieved by passing crypto.Hash(0) as the value for opts. -func (kp *KeyPair) Sign(rand io.Reader, message []byte, opts crypto.SignerOpts) ([]byte, error) { - if opts.HashFunc() != crypto.Hash(0) { - return nil, errors.New("ed25519: cannot sign hashed message") - } - return kp.SignPure(message) -} - -// GenerateKey produces public and private keys using entropy from rand. -// If rand is nil, crypto/rand.Reader will be used. -func GenerateKey(rand io.Reader) (*KeyPair, error) { - if rand == nil { - rand = cryptoRand.Reader - } - seed := make(PrivateKey, PrivateKeySize) - if _, err := io.ReadFull(rand, seed); err != nil { - return nil, err - } - return NewKeyFromSeed(seed), nil -} - -// NewKeyFromSeed generates a pair of Ed25519 keys given a private key. -func NewKeyFromSeed(seed PrivateKey) *KeyPair { - if len(seed) != PrivateKeySize { - panic("ed25519: bad private key length") - } - var P pointR1 - k := sha512.Sum512(seed) - clamp(k[:]) - reduceModOrder(k[:paramB], false) - P.fixedMult(k[:paramB]) - - pair := &KeyPair{} - copy(pair.private[:], seed) - _ = P.ToBytes(pair.public[:]) - return pair -} - -// SignPure creates a signature of a message. -func (kp *KeyPair) SignPure(message []byte) ([]byte, error) { - // 1. Hash the 32-byte private key using SHA-512. - H := sha512.New() - _, _ = H.Write(kp.private[:]) - h := H.Sum(nil) - clamp(h[:]) - prefix, s := h[paramB:], h[:paramB] - - // 2. Compute SHA-512(dom2(F, C) || prefix || PH(M)) - H.Reset() - _, _ = H.Write(prefix) - _, _ = H.Write(message) - r := H.Sum(nil) - reduceModOrder(r[:], true) - - // 3. Compute the point [r]B. - var P pointR1 - P.fixedMult(r[:paramB]) - R := (&[paramB]byte{})[:] - err := P.ToBytes(R) - - // 4. Compute SHA512(dom2(F, C) || R || A || PH(M)). - H.Reset() - _, _ = H.Write(R) - _, _ = H.Write(kp.public[:]) - _, _ = H.Write(message) - hRAM := H.Sum(nil) - - reduceModOrder(hRAM[:], true) - // 5. Compute S = (r + k * s) mod order. - S := (&[paramB]byte{})[:] - calculateS(S, r[:paramB], hRAM[:paramB], s) - - // 6. The signature is the concatenation of R and S. - var signature [SignatureSize]byte - copy(signature[:paramB], R[:]) - copy(signature[paramB:], S[:]) - return signature[:], err -} - -// Verify returns true if the signature is valid. Failure cases are invalid -// signature, or when the public key cannot be decoded. -func Verify(public PublicKey, message, signature []byte) bool { - if len(public) != PublicKeySize || - len(signature) != SignatureSize || - !isLessThanOrder(signature[paramB:]) { - return false - } - var P pointR1 - if ok := P.FromBytes(public); !ok { - return false - } - - R := signature[:paramB] - H := sha512.New() - _, _ = H.Write(R) - _, _ = H.Write(public) - _, _ = H.Write(message) - hRAM := H.Sum(nil) - reduceModOrder(hRAM[:], true) - - var Q pointR1 - encR := (&[paramB]byte{})[:] - P.neg() - Q.doubleMult(&P, signature[paramB:], hRAM[:paramB]) - _ = Q.ToBytes(encR) - return bytes.Equal(R, encR) -} - -func clamp(k []byte) { - k[0] &= 248 - k[paramB-1] = (k[paramB-1] & 127) | 64 -} - -// isLessThanOrder returns true if 0 <= x < order. -func isLessThanOrder(x []byte) bool { - i := len(order) - 1 - for i > 0 && x[i] == order[i] { - i-- - } - return x[i] < order[i] -} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/modular.go b/vendor/github.com/cloudflare/circl/sign/ed25519/modular.go deleted file mode 100644 index 10efafdca..000000000 --- a/vendor/github.com/cloudflare/circl/sign/ed25519/modular.go +++ /dev/null @@ -1,175 +0,0 @@ -package ed25519 - -import ( - "encoding/binary" - "math/bits" -) - -var order = [paramB]byte{ - 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58, - 0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, -} - -// isLessThan returns true if 0 <= x < y, and assumes that slices have the same length. -func isLessThan(x, y []byte) bool { - i := len(x) - 1 - for i > 0 && x[i] == y[i] { - i-- - } - return x[i] < y[i] -} - -// reduceModOrder calculates k = k mod order of the curve. -func reduceModOrder(k []byte, is512Bit bool) { - var X [((2 * paramB) * 8) / 64]uint64 - numWords := len(k) >> 3 - for i := 0; i < numWords; i++ { - X[i] = binary.LittleEndian.Uint64(k[i*8 : (i+1)*8]) - } - red512(&X, is512Bit) - for i := 0; i < numWords; i++ { - binary.LittleEndian.PutUint64(k[i*8:(i+1)*8], X[i]) - } -} - -// red512 calculates x = x mod Order of the curve. -func red512(x *[8]uint64, full bool) { - // Implementation of Algs.(14.47)+(14.52) of Handbook of Applied - // Cryptography, by A. Menezes, P. van Oorschot, and S. Vanstone. - const ( - ell0 = uint64(0x5812631a5cf5d3ed) - ell1 = uint64(0x14def9dea2f79cd6) - ell160 = uint64(0x812631a5cf5d3ed0) - ell161 = uint64(0x4def9dea2f79cd65) - ell162 = uint64(0x0000000000000001) - ) - - var c0, c1, c2, c3 uint64 - r0, r1, r2, r3, r4 := x[0], x[1], x[2], x[3], uint64(0) - - if full { - q0, q1, q2, q3 := x[4], x[5], x[6], x[7] - - for i := 0; i < 3; i++ { - h0, s0 := bits.Mul64(q0, ell160) - h1, s1 := bits.Mul64(q1, ell160) - h2, s2 := bits.Mul64(q2, ell160) - h3, s3 := bits.Mul64(q3, ell160) - - s1, c0 = bits.Add64(h0, s1, 0) - s2, c1 = bits.Add64(h1, s2, c0) - s3, c2 = bits.Add64(h2, s3, c1) - s4, _ := bits.Add64(h3, 0, c2) - - h0, l0 := bits.Mul64(q0, ell161) - h1, l1 := bits.Mul64(q1, ell161) - h2, l2 := bits.Mul64(q2, ell161) - h3, l3 := bits.Mul64(q3, ell161) - - l1, c0 = bits.Add64(h0, l1, 0) - l2, c1 = bits.Add64(h1, l2, c0) - l3, c2 = bits.Add64(h2, l3, c1) - l4, _ := bits.Add64(h3, 0, c2) - - s1, c0 = bits.Add64(s1, l0, 0) - s2, c1 = bits.Add64(s2, l1, c0) - s3, c2 = bits.Add64(s3, l2, c1) - s4, c3 = bits.Add64(s4, l3, c2) - s5, s6 := bits.Add64(l4, 0, c3) - - s2, c0 = bits.Add64(s2, q0, 0) - s3, c1 = bits.Add64(s3, q1, c0) - s4, c2 = bits.Add64(s4, q2, c1) - s5, c3 = bits.Add64(s5, q3, c2) - s6, s7 := bits.Add64(s6, 0, c3) - - q := q0 | q1 | q2 | q3 - m := -((q | -q) >> 63) // if q=0 then m=0...0 else m=1..1 - s0 &= m - s1 &= m - s2 &= m - s3 &= m - q0, q1, q2, q3 = s4, s5, s6, s7 - - if (i+1)%2 == 0 { - r0, c0 = bits.Add64(r0, s0, 0) - r1, c1 = bits.Add64(r1, s1, c0) - r2, c2 = bits.Add64(r2, s2, c1) - r3, c3 = bits.Add64(r3, s3, c2) - r4, _ = bits.Add64(r4, 0, c3) - } else { - r0, c0 = bits.Sub64(r0, s0, 0) - r1, c1 = bits.Sub64(r1, s1, c0) - r2, c2 = bits.Sub64(r2, s2, c1) - r3, c3 = bits.Sub64(r3, s3, c2) - r4, _ = bits.Sub64(r4, 0, c3) - } - } - - m := -(r4 >> 63) - r0, c0 = bits.Add64(r0, m&ell160, 0) - r1, c1 = bits.Add64(r1, m&ell161, c0) - r2, c2 = bits.Add64(r2, m&ell162, c1) - r3, c3 = bits.Add64(r3, 0, c2) - r4, _ = bits.Add64(r4, m&1, c3) - x[4], x[5], x[6], x[7] = 0, 0, 0, 0 - } - - q0 := (r4 << 4) | (r3 >> 60) - r3 &= (uint64(1) << 60) - 1 - - h0, s0 := bits.Mul64(ell0, q0) - h1, s1 := bits.Mul64(ell1, q0) - s1, c0 = bits.Add64(h0, s1, 0) - s2, _ := bits.Add64(h1, 0, c0) - - r0, c0 = bits.Sub64(r0, s0, 0) - r1, c1 = bits.Sub64(r1, s1, c0) - r2, c2 = bits.Sub64(r2, s2, c1) - r3, _ = bits.Sub64(r3, 0, c2) - - x[0], x[1], x[2], x[3] = r0, r1, r2, r3 -} - -// calculateS performs s = r+k*a mod Order of the curve. -func calculateS(s, r, k, a []byte) { - K := [4]uint64{ - binary.LittleEndian.Uint64(k[0*8 : 1*8]), - binary.LittleEndian.Uint64(k[1*8 : 2*8]), - binary.LittleEndian.Uint64(k[2*8 : 3*8]), - binary.LittleEndian.Uint64(k[3*8 : 4*8]), - } - S := [8]uint64{ - binary.LittleEndian.Uint64(r[0*8 : 1*8]), - binary.LittleEndian.Uint64(r[1*8 : 2*8]), - binary.LittleEndian.Uint64(r[2*8 : 3*8]), - binary.LittleEndian.Uint64(r[3*8 : 4*8]), - } - var c3 uint64 - for i := range K { - ai := binary.LittleEndian.Uint64(a[i*8 : (i+1)*8]) - - h0, l0 := bits.Mul64(K[0], ai) - h1, l1 := bits.Mul64(K[1], ai) - h2, l2 := bits.Mul64(K[2], ai) - h3, l3 := bits.Mul64(K[3], ai) - - l1, c0 := bits.Add64(h0, l1, 0) - l2, c1 := bits.Add64(h1, l2, c0) - l3, c2 := bits.Add64(h2, l3, c1) - l4, _ := bits.Add64(h3, 0, c2) - - S[i+0], c0 = bits.Add64(S[i+0], l0, 0) - S[i+1], c1 = bits.Add64(S[i+1], l1, c0) - S[i+2], c2 = bits.Add64(S[i+2], l2, c1) - S[i+3], c3 = bits.Add64(S[i+3], l3, c2) - S[i+4], _ = bits.Add64(S[i+4], l4, c3) - } - red512(&S, true) - binary.LittleEndian.PutUint64(s[0*8:1*8], S[0]) - binary.LittleEndian.PutUint64(s[1*8:2*8], S[1]) - binary.LittleEndian.PutUint64(s[2*8:3*8], S[2]) - binary.LittleEndian.PutUint64(s[3*8:4*8], S[3]) -} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/mult.go b/vendor/github.com/cloudflare/circl/sign/ed25519/mult.go deleted file mode 100644 index ddcd71a39..000000000 --- a/vendor/github.com/cloudflare/circl/sign/ed25519/mult.go +++ /dev/null @@ -1,179 +0,0 @@ -package ed25519 - -import ( - "crypto/subtle" - "encoding/binary" - "math/bits" - - "github.com/cloudflare/circl/internal/conv" - "github.com/cloudflare/circl/math" - fp "github.com/cloudflare/circl/math/fp25519" -) - -var paramD = fp.Elt{ - 0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75, - 0xab, 0xd8, 0x41, 0x41, 0x4d, 0x0a, 0x70, 0x00, - 0x98, 0xe8, 0x79, 0x77, 0x79, 0x40, 0xc7, 0x8c, - 0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52, -} - -// mLSBRecoding parameters. -const ( - fxT = 257 - fxV = 2 - fxW = 3 - fx2w1 = 1 << (uint(fxW) - 1) - numWords64 = (paramB * 8 / 64) -) - -// mLSBRecoding is the odd-only modified LSB-set. -// -// Reference: -// "Efficient and secure algorithms for GLV-based scalar multiplication and -// their implementation on GLV–GLS curves" by (Faz-Hernandez et al.) -// http://doi.org/10.1007/s13389-014-0085-7. -func mLSBRecoding(L []int8, k []byte) { - const ee = (fxT + fxW*fxV - 1) / (fxW * fxV) - const dd = ee * fxV - const ll = dd * fxW - if len(L) == (ll + 1) { - var m [numWords64 + 1]uint64 - for i := 0; i < numWords64; i++ { - m[i] = binary.LittleEndian.Uint64(k[8*i : 8*i+8]) - } - condAddOrderN(&m) - L[dd-1] = 1 - for i := 0; i < dd-1; i++ { - kip1 := (m[(i+1)/64] >> (uint(i+1) % 64)) & 0x1 - L[i] = int8(kip1<<1) - 1 - } - { // right-shift by d - right := uint(dd % 64) - left := uint(64) - right - lim := ((numWords64+1)*64 - dd) / 64 - j := dd / 64 - for i := 0; i < lim; i++ { - m[i] = (m[i+j] >> right) | (m[i+j+1] << left) - } - m[lim] = m[lim+j] >> right - } - for i := dd; i < ll; i++ { - L[i] = L[i%dd] * int8(m[0]&0x1) - div2subY(m[:], int64(L[i]>>1), numWords64) - } - L[ll] = int8(m[0]) - } -} - -// absolute returns always a positive value. -func absolute(x int32) int32 { - mask := x >> 31 - return (x + mask) ^ mask -} - -// condAddOrderN updates x = x+order if x is even, otherwise x remains unchanged. -func condAddOrderN(x *[numWords64 + 1]uint64) { - isOdd := (x[0] & 0x1) - 1 - c := uint64(0) - for i := 0; i < numWords64; i++ { - orderWord := binary.LittleEndian.Uint64(order[8*i : 8*i+8]) - o := isOdd & orderWord - x0, c0 := bits.Add64(x[i], o, c) - x[i] = x0 - c = c0 - } - x[numWords64], _ = bits.Add64(x[numWords64], 0, c) -} - -// div2subY update x = (x/2) - y. -func div2subY(x []uint64, y int64, l int) { - s := uint64(y >> 63) - for i := 0; i < l-1; i++ { - x[i] = (x[i] >> 1) | (x[i+1] << 63) - } - x[l-1] = (x[l-1] >> 1) - - b := uint64(0) - x0, b0 := bits.Sub64(x[0], uint64(y), b) - x[0] = x0 - b = b0 - for i := 1; i < l-1; i++ { - x0, b0 := bits.Sub64(x[i], s, b) - x[i] = x0 - b = b0 - } - x[l-1], _ = bits.Sub64(x[l-1], s, b) -} - -func (P *pointR1) fixedMult(scalar []byte) { - if len(scalar) != paramB { - panic("wrong scalar size") - } - const ee = (fxT + fxW*fxV - 1) / (fxW * fxV) - const dd = ee * fxV - const ll = dd * fxW - - L := make([]int8, ll+1) - mLSBRecoding(L[:], scalar) - S := &pointR3{} - P.SetIdentity() - for ii := ee - 1; ii >= 0; ii-- { - P.double() - for j := 0; j < fxV; j++ { - dig := L[fxW*dd-j*ee+ii-ee] - for i := (fxW-1)*dd - j*ee + ii - ee; i >= (2*dd - j*ee + ii - ee); i = i - dd { - dig = 2*dig + L[i] - } - idx := absolute(int32(dig)) - sig := L[dd-j*ee+ii-ee] - Tabj := &tabSign[fxV-j-1] - for k := 0; k < fx2w1; k++ { - S.cmov(&Tabj[k], subtle.ConstantTimeEq(int32(k), idx)) - } - S.cneg(subtle.ConstantTimeEq(int32(sig), -1)) - P.mixAdd(S) - } - } -} - -const ( - omegaFix = 7 - omegaVar = 5 -) - -// doubleMult returns P=mG+nQ. -func (P *pointR1) doubleMult(Q *pointR1, m, n []byte) { - nafFix := math.OmegaNAF(conv.BytesLe2BigInt(m), omegaFix) - nafVar := math.OmegaNAF(conv.BytesLe2BigInt(n), omegaVar) - - if len(nafFix) > len(nafVar) { - nafVar = append(nafVar, make([]int32, len(nafFix)-len(nafVar))...) - } else if len(nafFix) < len(nafVar) { - nafFix = append(nafFix, make([]int32, len(nafVar)-len(nafFix))...) - } - - var TabQ [1 << (omegaVar - 2)]pointR2 - Q.oddMultiples(TabQ[:]) - P.SetIdentity() - for i := len(nafFix) - 1; i >= 0; i-- { - P.double() - // Generator point - if nafFix[i] != 0 { - idxM := absolute(nafFix[i]) >> 1 - R := tabVerif[idxM] - if nafFix[i] < 0 { - R.neg() - } - P.mixAdd(&R) - } - // Variable input point - if nafVar[i] != 0 { - idxN := absolute(nafVar[i]) >> 1 - S := TabQ[idxN] - if nafVar[i] < 0 { - S.neg() - } - P.add(&S) - } - } -} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/point.go b/vendor/github.com/cloudflare/circl/sign/ed25519/point.go deleted file mode 100644 index 73505a6fd..000000000 --- a/vendor/github.com/cloudflare/circl/sign/ed25519/point.go +++ /dev/null @@ -1,193 +0,0 @@ -package ed25519 - -import fp "github.com/cloudflare/circl/math/fp25519" - -type pointR1 struct{ x, y, z, ta, tb fp.Elt } -type pointR2 struct { - pointR3 - z2 fp.Elt -} -type pointR3 struct{ addYX, subYX, dt2 fp.Elt } - -func (P *pointR1) neg() { - fp.Neg(&P.x, &P.x) - fp.Neg(&P.ta, &P.ta) -} - -func (P *pointR1) SetIdentity() { - P.x = fp.Elt{} - fp.SetOne(&P.y) - fp.SetOne(&P.z) - P.ta = fp.Elt{} - P.tb = fp.Elt{} -} - -func (P *pointR1) toAffine() { - fp.Inv(&P.z, &P.z) - fp.Mul(&P.x, &P.x, &P.z) - fp.Mul(&P.y, &P.y, &P.z) - fp.Modp(&P.x) - fp.Modp(&P.y) - fp.SetOne(&P.z) - P.ta = P.x - P.tb = P.y -} - -func (P *pointR1) ToBytes(k []byte) error { - P.toAffine() - var x [fp.Size]byte - err := fp.ToBytes(k[:fp.Size], &P.y) - if err != nil { - return err - } - err = fp.ToBytes(x[:], &P.x) - if err != nil { - return err - } - b := x[0] & 1 - k[paramB-1] = k[paramB-1] | (b << 7) - return nil -} - -func (P *pointR1) FromBytes(k []byte) bool { - if len(k) != paramB { - panic("wrong size") - } - signX := k[paramB-1] >> 7 - copy(P.y[:], k[:fp.Size]) - P.y[fp.Size-1] &= 0x7F - p := fp.P() - if !isLessThan(P.y[:], p[:]) { - return false - } - - one, u, v := &fp.Elt{}, &fp.Elt{}, &fp.Elt{} - fp.SetOne(one) - fp.Sqr(u, &P.y) // u = y^2 - fp.Mul(v, u, ¶mD) // v = dy^2 - fp.Sub(u, u, one) // u = y^2-1 - fp.Add(v, v, one) // v = dy^2+1 - isQR := fp.InvSqrt(&P.x, u, v) // x = sqrt(u/v) - if !isQR { - return false - } - fp.Modp(&P.x) // x = x mod p - if fp.IsZero(&P.x) && signX == 1 { - return false - } - if signX != (P.x[0] & 1) { - fp.Neg(&P.x, &P.x) - } - P.ta = P.x - P.tb = P.y - fp.SetOne(&P.z) - return true -} - -// double calculates 2P for curves with A=-1. -func (P *pointR1) double() { - Px, Py, Pz, Pta, Ptb := &P.x, &P.y, &P.z, &P.ta, &P.tb - a, b, c, e, f, g, h := Px, Py, Pz, Pta, Px, Py, Ptb - fp.Add(e, Px, Py) // x+y - fp.Sqr(a, Px) // A = x^2 - fp.Sqr(b, Py) // B = y^2 - fp.Sqr(c, Pz) // z^2 - fp.Add(c, c, c) // C = 2*z^2 - fp.Add(h, a, b) // H = A+B - fp.Sqr(e, e) // (x+y)^2 - fp.Sub(e, e, h) // E = (x+y)^2-A-B - fp.Sub(g, b, a) // G = B-A - fp.Sub(f, c, g) // F = C-G - fp.Mul(Pz, f, g) // Z = F * G - fp.Mul(Px, e, f) // X = E * F - fp.Mul(Py, g, h) // Y = G * H, T = E * H -} - -func (P *pointR1) mixAdd(Q *pointR3) { - fp.Add(&P.z, &P.z, &P.z) // D = 2*z1 - P.coreAddition(Q) -} - -func (P *pointR1) add(Q *pointR2) { - fp.Mul(&P.z, &P.z, &Q.z2) // D = 2*z1*z2 - P.coreAddition(&Q.pointR3) -} - -// coreAddition calculates P=P+Q for curves with A=-1. -func (P *pointR1) coreAddition(Q *pointR3) { - Px, Py, Pz, Pta, Ptb := &P.x, &P.y, &P.z, &P.ta, &P.tb - addYX2, subYX2, dt2 := &Q.addYX, &Q.subYX, &Q.dt2 - a, b, c, d, e, f, g, h := Px, Py, &fp.Elt{}, Pz, Pta, Px, Py, Ptb - fp.Mul(c, Pta, Ptb) // t1 = ta*tb - fp.Sub(h, Py, Px) // y1-x1 - fp.Add(b, Py, Px) // y1+x1 - fp.Mul(a, h, subYX2) // A = (y1-x1)*(y2-x2) - fp.Mul(b, b, addYX2) // B = (y1+x1)*(y2+x2) - fp.Mul(c, c, dt2) // C = 2*D*t1*t2 - fp.Sub(e, b, a) // E = B-A - fp.Add(h, b, a) // H = B+A - fp.Sub(f, d, c) // F = D-C - fp.Add(g, d, c) // G = D+C - fp.Mul(Pz, f, g) // Z = F * G - fp.Mul(Px, e, f) // X = E * F - fp.Mul(Py, g, h) // Y = G * H, T = E * H -} - -func (P *pointR1) oddMultiples(T []pointR2) { - var R pointR2 - n := len(T) - T[0].fromR1(P) - _2P := *P - _2P.double() - R.fromR1(&_2P) - for i := 1; i < n; i++ { - P.add(&R) - T[i].fromR1(P) - } -} - -func (P *pointR1) isEqual(Q *pointR1) bool { - l, r := &fp.Elt{}, &fp.Elt{} - fp.Mul(l, &P.x, &Q.z) - fp.Mul(r, &Q.x, &P.z) - fp.Sub(l, l, r) - b := fp.IsZero(l) - fp.Mul(l, &P.y, &Q.z) - fp.Mul(r, &Q.y, &P.z) - fp.Sub(l, l, r) - b = b && fp.IsZero(l) - fp.Mul(l, &P.ta, &P.tb) - fp.Mul(l, l, &Q.z) - fp.Mul(r, &Q.ta, &Q.tb) - fp.Mul(r, r, &P.z) - fp.Sub(l, l, r) - b = b && fp.IsZero(l) - return b -} - -func (P *pointR3) neg() { - P.addYX, P.subYX = P.subYX, P.addYX - fp.Neg(&P.dt2, &P.dt2) -} - -func (P *pointR2) fromR1(Q *pointR1) { - fp.Add(&P.addYX, &Q.y, &Q.x) - fp.Sub(&P.subYX, &Q.y, &Q.x) - fp.Mul(&P.dt2, &Q.ta, &Q.tb) - fp.Mul(&P.dt2, &P.dt2, ¶mD) - fp.Add(&P.dt2, &P.dt2, &P.dt2) - fp.Add(&P.z2, &Q.z, &Q.z) -} - -func (P *pointR3) cneg(b int) { - t := &fp.Elt{} - fp.Cswap(&P.addYX, &P.subYX, uint(b)) - fp.Neg(t, &P.dt2) - fp.Cmov(&P.dt2, t, uint(b)) -} - -func (P *pointR3) cmov(Q *pointR3, b int) { - fp.Cmov(&P.addYX, &Q.addYX, uint(b)) - fp.Cmov(&P.subYX, &Q.subYX, uint(b)) - fp.Cmov(&P.dt2, &Q.dt2, uint(b)) -} diff --git a/vendor/github.com/cloudflare/circl/sign/ed25519/tables.go b/vendor/github.com/cloudflare/circl/sign/ed25519/tables.go deleted file mode 100644 index 8763b426f..000000000 --- a/vendor/github.com/cloudflare/circl/sign/ed25519/tables.go +++ /dev/null @@ -1,213 +0,0 @@ -package ed25519 - -import fp "github.com/cloudflare/circl/math/fp25519" - -var tabSign = [fxV][fx2w1]pointR3{ - { - pointR3{ - addYX: fp.Elt{0x85, 0x3b, 0x8c, 0xf5, 0xc6, 0x93, 0xbc, 0x2f, 0x19, 0x0e, 0x8c, 0xfb, 0xc6, 0x2d, 0x93, 0xcf, 0xc2, 0x42, 0x3d, 0x64, 0x98, 0x48, 0x0b, 0x27, 0x65, 0xba, 0xd4, 0x33, 0x3a, 0x9d, 0xcf, 0x07}, - subYX: fp.Elt{0x3e, 0x91, 0x40, 0xd7, 0x05, 0x39, 0x10, 0x9d, 0xb3, 0xbe, 0x40, 0xd1, 0x05, 0x9f, 0x39, 0xfd, 0x09, 0x8a, 0x8f, 0x68, 0x34, 0x84, 0xc1, 0xa5, 0x67, 0x12, 0xf8, 0x98, 0x92, 0x2f, 0xfd, 0x44}, - dt2: fp.Elt{0x68, 0xaa, 0x7a, 0x87, 0x05, 0x12, 0xc9, 0xab, 0x9e, 0xc4, 0xaa, 0xcc, 0x23, 0xe8, 0xd9, 0x26, 0x8c, 0x59, 0x43, 0xdd, 0xcb, 0x7d, 0x1b, 0x5a, 0xa8, 0x65, 0x0c, 0x9f, 0x68, 0x7b, 0x11, 0x6f}, - }, - { - addYX: fp.Elt{0x7c, 0xb0, 0x9e, 0xe6, 0xc5, 0xbf, 0xfa, 0x13, 0x8e, 0x0d, 0x22, 0xde, 0xc8, 0xd1, 0xce, 0x52, 0x02, 0xd5, 0x62, 0x31, 0x71, 0x0e, 0x8e, 0x9d, 0xb0, 0xd6, 0x00, 0xa5, 0x5a, 0x0e, 0xce, 0x72}, - subYX: fp.Elt{0x1a, 0x8e, 0x5c, 0xdc, 0xa4, 0xb3, 0x6c, 0x51, 0x18, 0xa0, 0x09, 0x80, 0x9a, 0x46, 0x33, 0xd5, 0xe0, 0x3c, 0x4d, 0x3b, 0xfc, 0x49, 0xa2, 0x43, 0x29, 0xe1, 0x29, 0xa9, 0x93, 0xea, 0x7c, 0x35}, - dt2: fp.Elt{0x08, 0x46, 0x6f, 0x68, 0x7f, 0x0b, 0x7c, 0x9e, 0xad, 0xba, 0x07, 0x61, 0x74, 0x83, 0x2f, 0xfc, 0x26, 0xd6, 0x09, 0xb9, 0x00, 0x34, 0x36, 0x4f, 0x01, 0xf3, 0x48, 0xdb, 0x43, 0xba, 0x04, 0x44}, - }, - { - addYX: fp.Elt{0x4c, 0xda, 0x0d, 0x13, 0x66, 0xfd, 0x82, 0x84, 0x9f, 0x75, 0x5b, 0xa2, 0x17, 0xfe, 0x34, 0xbf, 0x1f, 0xcb, 0xba, 0x90, 0x55, 0x80, 0x83, 0xfd, 0x63, 0xb9, 0x18, 0xf8, 0x5b, 0x5d, 0x94, 0x1e}, - subYX: fp.Elt{0xb9, 0xdb, 0x6c, 0x04, 0x88, 0x22, 0xd8, 0x79, 0x83, 0x2f, 0x8d, 0x65, 0x6b, 0xd2, 0xab, 0x1b, 0xdd, 0x65, 0xe5, 0x93, 0x63, 0xf8, 0xa2, 0xd8, 0x3c, 0xf1, 0x4b, 0xc5, 0x99, 0xd1, 0xf2, 0x12}, - dt2: fp.Elt{0x05, 0x4c, 0xb8, 0x3b, 0xfe, 0xf5, 0x9f, 0x2e, 0xd1, 0xb2, 0xb8, 0xff, 0xfe, 0x6d, 0xd9, 0x37, 0xe0, 0xae, 0xb4, 0x5a, 0x51, 0x80, 0x7e, 0x9b, 0x1d, 0xd1, 0x8d, 0x8c, 0x56, 0xb1, 0x84, 0x35}, - }, - { - addYX: fp.Elt{0x39, 0x71, 0x43, 0x34, 0xe3, 0x42, 0x45, 0xa1, 0xf2, 0x68, 0x71, 0xa7, 0xe8, 0x23, 0xfd, 0x9f, 0x86, 0x48, 0xff, 0xe5, 0x96, 0x74, 0xcf, 0x05, 0x49, 0xe2, 0xb3, 0x6c, 0x17, 0x77, 0x2f, 0x6d}, - subYX: fp.Elt{0x73, 0x3f, 0xc1, 0xc7, 0x6a, 0x66, 0xa1, 0x20, 0xdd, 0x11, 0xfb, 0x7a, 0x6e, 0xa8, 0x51, 0xb8, 0x3f, 0x9d, 0xa2, 0x97, 0x84, 0xb5, 0xc7, 0x90, 0x7c, 0xab, 0x48, 0xd6, 0x84, 0xa3, 0xd5, 0x1a}, - dt2: fp.Elt{0x63, 0x27, 0x3c, 0x49, 0x4b, 0xfc, 0x22, 0xf2, 0x0b, 0x50, 0xc2, 0x0f, 0xb4, 0x1f, 0x31, 0x0c, 0x2f, 0x53, 0xab, 0xaa, 0x75, 0x6f, 0xe0, 0x69, 0x39, 0x56, 0xe0, 0x3b, 0xb7, 0xa8, 0xbf, 0x45}, - }, - }, - { - { - addYX: fp.Elt{0x00, 0x45, 0xd9, 0x0d, 0x58, 0x03, 0xfc, 0x29, 0x93, 0xec, 0xbb, 0x6f, 0xa4, 0x7a, 0xd2, 0xec, 0xf8, 0xa7, 0xe2, 0xc2, 0x5f, 0x15, 0x0a, 0x13, 0xd5, 0xa1, 0x06, 0xb7, 0x1a, 0x15, 0x6b, 0x41}, - subYX: fp.Elt{0x85, 0x8c, 0xb2, 0x17, 0xd6, 0x3b, 0x0a, 0xd3, 0xea, 0x3b, 0x77, 0x39, 0xb7, 0x77, 0xd3, 0xc5, 0xbf, 0x5c, 0x6a, 0x1e, 0x8c, 0xe7, 0xc6, 0xc6, 0xc4, 0xb7, 0x2a, 0x8b, 0xf7, 0xb8, 0x61, 0x0d}, - dt2: fp.Elt{0xb0, 0x36, 0xc1, 0xe9, 0xef, 0xd7, 0xa8, 0x56, 0x20, 0x4b, 0xe4, 0x58, 0xcd, 0xe5, 0x07, 0xbd, 0xab, 0xe0, 0x57, 0x1b, 0xda, 0x2f, 0xe6, 0xaf, 0xd2, 0xe8, 0x77, 0x42, 0xf7, 0x2a, 0x1a, 0x19}, - }, - { - addYX: fp.Elt{0x6a, 0x6d, 0x6d, 0xd1, 0xfa, 0xf5, 0x03, 0x30, 0xbd, 0x6d, 0xc2, 0xc8, 0xf5, 0x38, 0x80, 0x4f, 0xb2, 0xbe, 0xa1, 0x76, 0x50, 0x1a, 0x73, 0xf2, 0x78, 0x2b, 0x8e, 0x3a, 0x1e, 0x34, 0x47, 0x7b}, - subYX: fp.Elt{0xc3, 0x2c, 0x36, 0xdc, 0xc5, 0x45, 0xbc, 0xef, 0x1b, 0x64, 0xd6, 0x65, 0x28, 0xe9, 0xda, 0x84, 0x13, 0xbe, 0x27, 0x8e, 0x3f, 0x98, 0x2a, 0x37, 0xee, 0x78, 0x97, 0xd6, 0xc0, 0x6f, 0xb4, 0x53}, - dt2: fp.Elt{0x58, 0x5d, 0xa7, 0xa3, 0x68, 0xbb, 0x20, 0x30, 0x2e, 0x03, 0xe9, 0xb1, 0xd4, 0x90, 0x72, 0xe3, 0x71, 0xb2, 0x36, 0x3e, 0x73, 0xa0, 0x2e, 0x3d, 0xd1, 0x85, 0x33, 0x62, 0x4e, 0xa7, 0x7b, 0x31}, - }, - { - addYX: fp.Elt{0xbf, 0xc4, 0x38, 0x53, 0xfb, 0x68, 0xa9, 0x77, 0xce, 0x55, 0xf9, 0x05, 0xcb, 0xeb, 0xfb, 0x8c, 0x46, 0xc2, 0x32, 0x7c, 0xf0, 0xdb, 0xd7, 0x2c, 0x62, 0x8e, 0xdd, 0x54, 0x75, 0xcf, 0x3f, 0x33}, - subYX: fp.Elt{0x49, 0x50, 0x1f, 0x4e, 0x6e, 0x55, 0x55, 0xde, 0x8c, 0x4e, 0x77, 0x96, 0x38, 0x3b, 0xfe, 0xb6, 0x43, 0x3c, 0x86, 0x69, 0xc2, 0x72, 0x66, 0x1f, 0x6b, 0xf9, 0x87, 0xbc, 0x4f, 0x37, 0x3e, 0x3c}, - dt2: fp.Elt{0xd2, 0x2f, 0x06, 0x6b, 0x08, 0x07, 0x69, 0x77, 0xc0, 0x94, 0xcc, 0xae, 0x43, 0x00, 0x59, 0x6e, 0xa3, 0x63, 0xa8, 0xdd, 0xfa, 0x24, 0x18, 0xd0, 0x35, 0xc7, 0x78, 0xf7, 0x0d, 0xd4, 0x5a, 0x1e}, - }, - { - addYX: fp.Elt{0x45, 0xc1, 0x17, 0x51, 0xf8, 0xed, 0x7e, 0xc7, 0xa9, 0x1a, 0x11, 0x6e, 0x2d, 0xef, 0x0b, 0xd5, 0x3f, 0x98, 0xb0, 0xa3, 0x9d, 0x65, 0xf1, 0xcd, 0x53, 0x4a, 0x8a, 0x18, 0x70, 0x0a, 0x7f, 0x23}, - subYX: fp.Elt{0xdd, 0xef, 0xbe, 0x3a, 0x31, 0xe0, 0xbc, 0xbe, 0x6d, 0x5d, 0x79, 0x87, 0xd6, 0xbe, 0x68, 0xe3, 0x59, 0x76, 0x8c, 0x86, 0x0e, 0x7a, 0x92, 0x13, 0x14, 0x8f, 0x67, 0xb3, 0xcb, 0x1a, 0x76, 0x76}, - dt2: fp.Elt{0x56, 0x7a, 0x1c, 0x9d, 0xca, 0x96, 0xf9, 0xf9, 0x03, 0x21, 0xd4, 0xe8, 0xb3, 0xd5, 0xe9, 0x52, 0xc8, 0x54, 0x1e, 0x1b, 0x13, 0xb6, 0xfd, 0x47, 0x7d, 0x02, 0x32, 0x33, 0x27, 0xe2, 0x1f, 0x19}, - }, - }, -} - -var tabVerif = [1 << (omegaFix - 2)]pointR3{ - { /* 1P */ - addYX: fp.Elt{0x85, 0x3b, 0x8c, 0xf5, 0xc6, 0x93, 0xbc, 0x2f, 0x19, 0x0e, 0x8c, 0xfb, 0xc6, 0x2d, 0x93, 0xcf, 0xc2, 0x42, 0x3d, 0x64, 0x98, 0x48, 0x0b, 0x27, 0x65, 0xba, 0xd4, 0x33, 0x3a, 0x9d, 0xcf, 0x07}, - subYX: fp.Elt{0x3e, 0x91, 0x40, 0xd7, 0x05, 0x39, 0x10, 0x9d, 0xb3, 0xbe, 0x40, 0xd1, 0x05, 0x9f, 0x39, 0xfd, 0x09, 0x8a, 0x8f, 0x68, 0x34, 0x84, 0xc1, 0xa5, 0x67, 0x12, 0xf8, 0x98, 0x92, 0x2f, 0xfd, 0x44}, - dt2: fp.Elt{0x68, 0xaa, 0x7a, 0x87, 0x05, 0x12, 0xc9, 0xab, 0x9e, 0xc4, 0xaa, 0xcc, 0x23, 0xe8, 0xd9, 0x26, 0x8c, 0x59, 0x43, 0xdd, 0xcb, 0x7d, 0x1b, 0x5a, 0xa8, 0x65, 0x0c, 0x9f, 0x68, 0x7b, 0x11, 0x6f}, - }, - { /* 3P */ - addYX: fp.Elt{0x30, 0x97, 0xee, 0x4c, 0xa8, 0xb0, 0x25, 0xaf, 0x8a, 0x4b, 0x86, 0xe8, 0x30, 0x84, 0x5a, 0x02, 0x32, 0x67, 0x01, 0x9f, 0x02, 0x50, 0x1b, 0xc1, 0xf4, 0xf8, 0x80, 0x9a, 0x1b, 0x4e, 0x16, 0x7a}, - subYX: fp.Elt{0x65, 0xd2, 0xfc, 0xa4, 0xe8, 0x1f, 0x61, 0x56, 0x7d, 0xba, 0xc1, 0xe5, 0xfd, 0x53, 0xd3, 0x3b, 0xbd, 0xd6, 0x4b, 0x21, 0x1a, 0xf3, 0x31, 0x81, 0x62, 0xda, 0x5b, 0x55, 0x87, 0x15, 0xb9, 0x2a}, - dt2: fp.Elt{0x89, 0xd8, 0xd0, 0x0d, 0x3f, 0x93, 0xae, 0x14, 0x62, 0xda, 0x35, 0x1c, 0x22, 0x23, 0x94, 0x58, 0x4c, 0xdb, 0xf2, 0x8c, 0x45, 0xe5, 0x70, 0xd1, 0xc6, 0xb4, 0xb9, 0x12, 0xaf, 0x26, 0x28, 0x5a}, - }, - { /* 5P */ - addYX: fp.Elt{0x33, 0xbb, 0xa5, 0x08, 0x44, 0xbc, 0x12, 0xa2, 0x02, 0xed, 0x5e, 0xc7, 0xc3, 0x48, 0x50, 0x8d, 0x44, 0xec, 0xbf, 0x5a, 0x0c, 0xeb, 0x1b, 0xdd, 0xeb, 0x06, 0xe2, 0x46, 0xf1, 0xcc, 0x45, 0x29}, - subYX: fp.Elt{0xba, 0xd6, 0x47, 0xa4, 0xc3, 0x82, 0x91, 0x7f, 0xb7, 0x29, 0x27, 0x4b, 0xd1, 0x14, 0x00, 0xd5, 0x87, 0xa0, 0x64, 0xb8, 0x1c, 0xf1, 0x3c, 0xe3, 0xf3, 0x55, 0x1b, 0xeb, 0x73, 0x7e, 0x4a, 0x15}, - dt2: fp.Elt{0x85, 0x82, 0x2a, 0x81, 0xf1, 0xdb, 0xbb, 0xbc, 0xfc, 0xd1, 0xbd, 0xd0, 0x07, 0x08, 0x0e, 0x27, 0x2d, 0xa7, 0xbd, 0x1b, 0x0b, 0x67, 0x1b, 0xb4, 0x9a, 0xb6, 0x3b, 0x6b, 0x69, 0xbe, 0xaa, 0x43}, - }, - { /* 7P */ - addYX: fp.Elt{0xbf, 0xa3, 0x4e, 0x94, 0xd0, 0x5c, 0x1a, 0x6b, 0xd2, 0xc0, 0x9d, 0xb3, 0x3a, 0x35, 0x70, 0x74, 0x49, 0x2e, 0x54, 0x28, 0x82, 0x52, 0xb2, 0x71, 0x7e, 0x92, 0x3c, 0x28, 0x69, 0xea, 0x1b, 0x46}, - subYX: fp.Elt{0xb1, 0x21, 0x32, 0xaa, 0x9a, 0x2c, 0x6f, 0xba, 0xa7, 0x23, 0xba, 0x3b, 0x53, 0x21, 0xa0, 0x6c, 0x3a, 0x2c, 0x19, 0x92, 0x4f, 0x76, 0xea, 0x9d, 0xe0, 0x17, 0x53, 0x2e, 0x5d, 0xdd, 0x6e, 0x1d}, - dt2: fp.Elt{0xa2, 0xb3, 0xb8, 0x01, 0xc8, 0x6d, 0x83, 0xf1, 0x9a, 0xa4, 0x3e, 0x05, 0x47, 0x5f, 0x03, 0xb3, 0xf3, 0xad, 0x77, 0x58, 0xba, 0x41, 0x9c, 0x52, 0xa7, 0x90, 0x0f, 0x6a, 0x1c, 0xbb, 0x9f, 0x7a}, - }, - { /* 9P */ - addYX: fp.Elt{0x2f, 0x63, 0xa8, 0xa6, 0x8a, 0x67, 0x2e, 0x9b, 0xc5, 0x46, 0xbc, 0x51, 0x6f, 0x9e, 0x50, 0xa6, 0xb5, 0xf5, 0x86, 0xc6, 0xc9, 0x33, 0xb2, 0xce, 0x59, 0x7f, 0xdd, 0x8a, 0x33, 0xed, 0xb9, 0x34}, - subYX: fp.Elt{0x64, 0x80, 0x9d, 0x03, 0x7e, 0x21, 0x6e, 0xf3, 0x9b, 0x41, 0x20, 0xf5, 0xb6, 0x81, 0xa0, 0x98, 0x44, 0xb0, 0x5e, 0xe7, 0x08, 0xc6, 0xcb, 0x96, 0x8f, 0x9c, 0xdc, 0xfa, 0x51, 0x5a, 0xc0, 0x49}, - dt2: fp.Elt{0x1b, 0xaf, 0x45, 0x90, 0xbf, 0xe8, 0xb4, 0x06, 0x2f, 0xd2, 0x19, 0xa7, 0xe8, 0x83, 0xff, 0xe2, 0x16, 0xcf, 0xd4, 0x93, 0x29, 0xfc, 0xf6, 0xaa, 0x06, 0x8b, 0x00, 0x1b, 0x02, 0x72, 0xc1, 0x73}, - }, - { /* 11P */ - addYX: fp.Elt{0xde, 0x2a, 0x80, 0x8a, 0x84, 0x00, 0xbf, 0x2f, 0x27, 0x2e, 0x30, 0x02, 0xcf, 0xfe, 0xd9, 0xe5, 0x06, 0x34, 0x70, 0x17, 0x71, 0x84, 0x3e, 0x11, 0xaf, 0x8f, 0x6d, 0x54, 0xe2, 0xaa, 0x75, 0x42}, - subYX: fp.Elt{0x48, 0x43, 0x86, 0x49, 0x02, 0x5b, 0x5f, 0x31, 0x81, 0x83, 0x08, 0x77, 0x69, 0xb3, 0xd6, 0x3e, 0x95, 0xeb, 0x8d, 0x6a, 0x55, 0x75, 0xa0, 0xa3, 0x7f, 0xc7, 0xd5, 0x29, 0x80, 0x59, 0xab, 0x18}, - dt2: fp.Elt{0xe9, 0x89, 0x60, 0xfd, 0xc5, 0x2c, 0x2b, 0xd8, 0xa4, 0xe4, 0x82, 0x32, 0xa1, 0xb4, 0x1e, 0x03, 0x22, 0x86, 0x1a, 0xb5, 0x99, 0x11, 0x31, 0x44, 0x48, 0xf9, 0x3d, 0xb5, 0x22, 0x55, 0xc6, 0x3d}, - }, - { /* 13P */ - addYX: fp.Elt{0x6d, 0x7f, 0x00, 0xa2, 0x22, 0xc2, 0x70, 0xbf, 0xdb, 0xde, 0xbc, 0xb5, 0x9a, 0xb3, 0x84, 0xbf, 0x07, 0xba, 0x07, 0xfb, 0x12, 0x0e, 0x7a, 0x53, 0x41, 0xf2, 0x46, 0xc3, 0xee, 0xd7, 0x4f, 0x23}, - subYX: fp.Elt{0x93, 0xbf, 0x7f, 0x32, 0x3b, 0x01, 0x6f, 0x50, 0x6b, 0x6f, 0x77, 0x9b, 0xc9, 0xeb, 0xfc, 0xae, 0x68, 0x59, 0xad, 0xaa, 0x32, 0xb2, 0x12, 0x9d, 0xa7, 0x24, 0x60, 0x17, 0x2d, 0x88, 0x67, 0x02}, - dt2: fp.Elt{0x78, 0xa3, 0x2e, 0x73, 0x19, 0xa1, 0x60, 0x53, 0x71, 0xd4, 0x8d, 0xdf, 0xb1, 0xe6, 0x37, 0x24, 0x33, 0xe5, 0xa7, 0x91, 0xf8, 0x37, 0xef, 0xa2, 0x63, 0x78, 0x09, 0xaa, 0xfd, 0xa6, 0x7b, 0x49}, - }, - { /* 15P */ - addYX: fp.Elt{0xa0, 0xea, 0xcf, 0x13, 0x03, 0xcc, 0xce, 0x24, 0x6d, 0x24, 0x9c, 0x18, 0x8d, 0xc2, 0x48, 0x86, 0xd0, 0xd4, 0xf2, 0xc1, 0xfa, 0xbd, 0xbd, 0x2d, 0x2b, 0xe7, 0x2d, 0xf1, 0x17, 0x29, 0xe2, 0x61}, - subYX: fp.Elt{0x0b, 0xcf, 0x8c, 0x46, 0x86, 0xcd, 0x0b, 0x04, 0xd6, 0x10, 0x99, 0x2a, 0xa4, 0x9b, 0x82, 0xd3, 0x92, 0x51, 0xb2, 0x07, 0x08, 0x30, 0x08, 0x75, 0xbf, 0x5e, 0xd0, 0x18, 0x42, 0xcd, 0xb5, 0x43}, - dt2: fp.Elt{0x16, 0xb5, 0xd0, 0x9b, 0x2f, 0x76, 0x9a, 0x5d, 0xee, 0xde, 0x3f, 0x37, 0x4e, 0xaf, 0x38, 0xeb, 0x70, 0x42, 0xd6, 0x93, 0x7d, 0x5a, 0x2e, 0x03, 0x42, 0xd8, 0xe4, 0x0a, 0x21, 0x61, 0x1d, 0x51}, - }, - { /* 17P */ - addYX: fp.Elt{0x81, 0x9d, 0x0e, 0x95, 0xef, 0x76, 0xc6, 0x92, 0x4f, 0x04, 0xd7, 0xc0, 0xcd, 0x20, 0x46, 0xa5, 0x48, 0x12, 0x8f, 0x6f, 0x64, 0x36, 0x9b, 0xaa, 0xe3, 0x55, 0xb8, 0xdd, 0x24, 0x59, 0x32, 0x6d}, - subYX: fp.Elt{0x87, 0xde, 0x20, 0x44, 0x48, 0x86, 0x13, 0x08, 0xb4, 0xed, 0x92, 0xb5, 0x16, 0xf0, 0x1c, 0x8a, 0x25, 0x2d, 0x94, 0x29, 0x27, 0x4e, 0xfa, 0x39, 0x10, 0x28, 0x48, 0xe2, 0x6f, 0xfe, 0xa7, 0x71}, - dt2: fp.Elt{0x54, 0xc8, 0xc8, 0xa5, 0xb8, 0x82, 0x71, 0x6c, 0x03, 0x2a, 0x5f, 0xfe, 0x79, 0x14, 0xfd, 0x33, 0x0c, 0x8d, 0x77, 0x83, 0x18, 0x59, 0xcf, 0x72, 0xa9, 0xea, 0x9e, 0x55, 0xb6, 0xc4, 0x46, 0x47}, - }, - { /* 19P */ - addYX: fp.Elt{0x2b, 0x9a, 0xc6, 0x6d, 0x3c, 0x7b, 0x77, 0xd3, 0x17, 0xf6, 0x89, 0x6f, 0x27, 0xb2, 0xfa, 0xde, 0xb5, 0x16, 0x3a, 0xb5, 0xf7, 0x1c, 0x65, 0x45, 0xb7, 0x9f, 0xfe, 0x34, 0xde, 0x51, 0x9a, 0x5c}, - subYX: fp.Elt{0x47, 0x11, 0x74, 0x64, 0xc8, 0x46, 0x85, 0x34, 0x49, 0xc8, 0xfc, 0x0e, 0xdd, 0xae, 0x35, 0x7d, 0x32, 0xa3, 0x72, 0x06, 0x76, 0x9a, 0x93, 0xff, 0xd6, 0xe6, 0xb5, 0x7d, 0x49, 0x63, 0x96, 0x21}, - dt2: fp.Elt{0x67, 0x0e, 0xf1, 0x79, 0xcf, 0xf1, 0x10, 0xf5, 0x5b, 0x51, 0x58, 0xe6, 0xa1, 0xda, 0xdd, 0xff, 0x77, 0x22, 0x14, 0x10, 0x17, 0xa7, 0xc3, 0x09, 0xbb, 0x23, 0x82, 0x60, 0x3c, 0x50, 0x04, 0x48}, - }, - { /* 21P */ - addYX: fp.Elt{0xc7, 0x7f, 0xa3, 0x2c, 0xd0, 0x9e, 0x24, 0xc4, 0xab, 0xac, 0x15, 0xa6, 0xe3, 0xa0, 0x59, 0xa0, 0x23, 0x0e, 0x6e, 0xc9, 0xd7, 0x6e, 0xa9, 0x88, 0x6d, 0x69, 0x50, 0x16, 0xa5, 0x98, 0x33, 0x55}, - subYX: fp.Elt{0x75, 0xd1, 0x36, 0x3a, 0xd2, 0x21, 0x68, 0x3b, 0x32, 0x9e, 0x9b, 0xe9, 0xa7, 0x0a, 0xb4, 0xbb, 0x47, 0x8a, 0x83, 0x20, 0xe4, 0x5c, 0x9e, 0x5d, 0x5e, 0x4c, 0xde, 0x58, 0x88, 0x09, 0x1e, 0x77}, - dt2: fp.Elt{0xdf, 0x1e, 0x45, 0x78, 0xd2, 0xf5, 0x12, 0x9a, 0xcb, 0x9c, 0x89, 0x85, 0x79, 0x5d, 0xda, 0x3a, 0x08, 0x95, 0xa5, 0x9f, 0x2d, 0x4a, 0x7f, 0x47, 0x11, 0xa6, 0xf5, 0x8f, 0xd6, 0xd1, 0x5e, 0x5a}, - }, - { /* 23P */ - addYX: fp.Elt{0x83, 0x0e, 0x15, 0xfe, 0x2a, 0x12, 0x95, 0x11, 0xd8, 0x35, 0x4b, 0x7e, 0x25, 0x9a, 0x20, 0xcf, 0x20, 0x1e, 0x71, 0x1e, 0x29, 0xf8, 0x87, 0x73, 0xf0, 0x92, 0xbf, 0xd8, 0x97, 0xb8, 0xac, 0x44}, - subYX: fp.Elt{0x59, 0x73, 0x52, 0x58, 0xc5, 0xe0, 0xe5, 0xba, 0x7e, 0x9d, 0xdb, 0xca, 0x19, 0x5c, 0x2e, 0x39, 0xe9, 0xab, 0x1c, 0xda, 0x1e, 0x3c, 0x65, 0x28, 0x44, 0xdc, 0xef, 0x5f, 0x13, 0x60, 0x9b, 0x01}, - dt2: fp.Elt{0x83, 0x4b, 0x13, 0x5e, 0x14, 0x68, 0x60, 0x1e, 0x16, 0x4c, 0x30, 0x24, 0x4f, 0xe6, 0xf5, 0xc4, 0xd7, 0x3e, 0x1a, 0xfc, 0xa8, 0x88, 0x6e, 0x50, 0x92, 0x2f, 0xad, 0xe6, 0xfd, 0x49, 0x0c, 0x15}, - }, - { /* 25P */ - addYX: fp.Elt{0x38, 0x11, 0x47, 0x09, 0x95, 0xf2, 0x7b, 0x8e, 0x51, 0xa6, 0x75, 0x4f, 0x39, 0xef, 0x6f, 0x5d, 0xad, 0x08, 0xa7, 0x25, 0xc4, 0x79, 0xaf, 0x10, 0x22, 0x99, 0xb9, 0x5b, 0x07, 0x5a, 0x2b, 0x6b}, - subYX: fp.Elt{0x68, 0xa8, 0xdc, 0x9c, 0x3c, 0x86, 0x49, 0xb8, 0xd0, 0x4a, 0x71, 0xb8, 0xdb, 0x44, 0x3f, 0xc8, 0x8d, 0x16, 0x36, 0x0c, 0x56, 0xe3, 0x3e, 0xfe, 0xc1, 0xfb, 0x05, 0x1e, 0x79, 0xd7, 0xa6, 0x78}, - dt2: fp.Elt{0x76, 0xb9, 0xa0, 0x47, 0x4b, 0x70, 0xbf, 0x58, 0xd5, 0x48, 0x17, 0x74, 0x55, 0xb3, 0x01, 0xa6, 0x90, 0xf5, 0x42, 0xd5, 0xb1, 0x1f, 0x2b, 0xaa, 0x00, 0x5d, 0xd5, 0x4a, 0xfc, 0x7f, 0x5c, 0x72}, - }, - { /* 27P */ - addYX: fp.Elt{0xb2, 0x99, 0xcf, 0xd1, 0x15, 0x67, 0x42, 0xe4, 0x34, 0x0d, 0xa2, 0x02, 0x11, 0xd5, 0x52, 0x73, 0x9f, 0x10, 0x12, 0x8b, 0x7b, 0x15, 0xd1, 0x23, 0xa3, 0xf3, 0xb1, 0x7c, 0x27, 0xc9, 0x4c, 0x79}, - subYX: fp.Elt{0xc0, 0x98, 0xd0, 0x1c, 0xf7, 0x2b, 0x80, 0x91, 0x66, 0x63, 0x5e, 0xed, 0xa4, 0x6c, 0x41, 0xfe, 0x4c, 0x99, 0x02, 0x49, 0x71, 0x5d, 0x58, 0xdf, 0xe7, 0xfa, 0x55, 0xf8, 0x25, 0x46, 0xd5, 0x4c}, - dt2: fp.Elt{0x53, 0x50, 0xac, 0xc2, 0x26, 0xc4, 0xf6, 0x4a, 0x58, 0x72, 0xf6, 0x32, 0xad, 0xed, 0x9a, 0xbc, 0x21, 0x10, 0x31, 0x0a, 0xf1, 0x32, 0xd0, 0x2a, 0x85, 0x8e, 0xcc, 0x6f, 0x7b, 0x35, 0x08, 0x70}, - }, - { /* 29P */ - addYX: fp.Elt{0x01, 0x3f, 0x77, 0x38, 0x27, 0x67, 0x88, 0x0b, 0xfb, 0xcc, 0xfb, 0x95, 0xfa, 0xc8, 0xcc, 0xb8, 0xb6, 0x29, 0xad, 0xb9, 0xa3, 0xd5, 0x2d, 0x8d, 0x6a, 0x0f, 0xad, 0x51, 0x98, 0x7e, 0xef, 0x06}, - subYX: fp.Elt{0x34, 0x4a, 0x58, 0x82, 0xbb, 0x9f, 0x1b, 0xd0, 0x2b, 0x79, 0xb4, 0xd2, 0x63, 0x64, 0xab, 0x47, 0x02, 0x62, 0x53, 0x48, 0x9c, 0x63, 0x31, 0xb6, 0x28, 0xd4, 0xd6, 0x69, 0x36, 0x2a, 0xa9, 0x13}, - dt2: fp.Elt{0xe5, 0x7d, 0x57, 0xc0, 0x1c, 0x77, 0x93, 0xca, 0x5c, 0xdc, 0x35, 0x50, 0x1e, 0xe4, 0x40, 0x75, 0x71, 0xe0, 0x02, 0xd8, 0x01, 0x0f, 0x68, 0x24, 0x6a, 0xf8, 0x2a, 0x8a, 0xdf, 0x6d, 0x29, 0x3c}, - }, - { /* 31P */ - addYX: fp.Elt{0x13, 0xa7, 0x14, 0xd9, 0xf9, 0x15, 0xad, 0xae, 0x12, 0xf9, 0x8f, 0x8c, 0xf9, 0x7b, 0x2f, 0xa9, 0x30, 0xd7, 0x53, 0x9f, 0x17, 0x23, 0xf8, 0xaf, 0xba, 0x77, 0x0c, 0x49, 0x93, 0xd3, 0x99, 0x7a}, - subYX: fp.Elt{0x41, 0x25, 0x1f, 0xbb, 0x2e, 0x4d, 0xeb, 0xfc, 0x1f, 0xb9, 0xad, 0x40, 0xc7, 0x10, 0x95, 0xb8, 0x05, 0xad, 0xa1, 0xd0, 0x7d, 0xa3, 0x71, 0xfc, 0x7b, 0x71, 0x47, 0x07, 0x70, 0x2c, 0x89, 0x0a}, - dt2: fp.Elt{0xe8, 0xa3, 0xbd, 0x36, 0x24, 0xed, 0x52, 0x8f, 0x94, 0x07, 0xe8, 0x57, 0x41, 0xc8, 0xa8, 0x77, 0xe0, 0x9c, 0x2f, 0x26, 0x63, 0x65, 0xa9, 0xa5, 0xd2, 0xf7, 0x02, 0x83, 0xd2, 0x62, 0x67, 0x28}, - }, - { /* 33P */ - addYX: fp.Elt{0x25, 0x5b, 0xe3, 0x3c, 0x09, 0x36, 0x78, 0x4e, 0x97, 0xaa, 0x6b, 0xb2, 0x1d, 0x18, 0xe1, 0x82, 0x3f, 0xb8, 0xc7, 0xcb, 0xd3, 0x92, 0xc1, 0x0c, 0x3a, 0x9d, 0x9d, 0x6a, 0x04, 0xda, 0xf1, 0x32}, - subYX: fp.Elt{0xbd, 0xf5, 0x2e, 0xce, 0x2b, 0x8e, 0x55, 0x7c, 0x63, 0xbc, 0x47, 0x67, 0xb4, 0x6c, 0x98, 0xe4, 0xb8, 0x89, 0xbb, 0x3b, 0x9f, 0x17, 0x4a, 0x15, 0x7a, 0x76, 0xf1, 0xd6, 0xa3, 0xf2, 0x86, 0x76}, - dt2: fp.Elt{0x6a, 0x7c, 0x59, 0x6d, 0xa6, 0x12, 0x8d, 0xaa, 0x2b, 0x85, 0xd3, 0x04, 0x03, 0x93, 0x11, 0x8f, 0x22, 0xb0, 0x09, 0xc2, 0x73, 0xdc, 0x91, 0x3f, 0xa6, 0x28, 0xad, 0xa9, 0xf8, 0x05, 0x13, 0x56}, - }, - { /* 35P */ - addYX: fp.Elt{0xd1, 0xae, 0x92, 0xec, 0x8d, 0x97, 0x0c, 0x10, 0xe5, 0x73, 0x6d, 0x4d, 0x43, 0xd5, 0x43, 0xca, 0x48, 0xba, 0x47, 0xd8, 0x22, 0x1b, 0x13, 0x83, 0x2c, 0x4d, 0x5d, 0xe3, 0x53, 0xec, 0xaa}, - subYX: fp.Elt{0xd5, 0xc0, 0xb0, 0xe7, 0x28, 0xcc, 0x22, 0x67, 0x53, 0x5c, 0x07, 0xdb, 0xbb, 0xe9, 0x9d, 0x70, 0x61, 0x0a, 0x01, 0xd7, 0xa7, 0x8d, 0xf6, 0xca, 0x6c, 0xcc, 0x57, 0x2c, 0xef, 0x1a, 0x0a, 0x03}, - dt2: fp.Elt{0xaa, 0xd2, 0x3a, 0x00, 0x73, 0xf7, 0xb1, 0x7b, 0x08, 0x66, 0x21, 0x2b, 0x80, 0x29, 0x3f, 0x0b, 0x3e, 0xd2, 0x0e, 0x52, 0x86, 0xdc, 0x21, 0x78, 0x80, 0x54, 0x06, 0x24, 0x1c, 0x9c, 0xbe, 0x20}, - }, - { /* 37P */ - addYX: fp.Elt{0xa6, 0x73, 0x96, 0x24, 0xd8, 0x87, 0x53, 0xe1, 0x93, 0xe4, 0x46, 0xf5, 0x2d, 0xbc, 0x43, 0x59, 0xb5, 0x63, 0x6f, 0xc3, 0x81, 0x9a, 0x7f, 0x1c, 0xde, 0xc1, 0x0a, 0x1f, 0x36, 0xb3, 0x0a, 0x75}, - subYX: fp.Elt{0x60, 0x5e, 0x02, 0xe2, 0x4a, 0xe4, 0xe0, 0x20, 0x38, 0xb9, 0xdc, 0xcb, 0x2f, 0x3b, 0x3b, 0xb0, 0x1c, 0x0d, 0x5a, 0xf9, 0x9c, 0x63, 0x5d, 0x10, 0x11, 0xe3, 0x67, 0x50, 0x54, 0x4c, 0x76, 0x69}, - dt2: fp.Elt{0x37, 0x10, 0xf8, 0xa2, 0x83, 0x32, 0x8a, 0x1e, 0xf1, 0xcb, 0x7f, 0xbd, 0x23, 0xda, 0x2e, 0x6f, 0x63, 0x25, 0x2e, 0xac, 0x5b, 0xd1, 0x2f, 0xb7, 0x40, 0x50, 0x07, 0xb7, 0x3f, 0x6b, 0xf9, 0x54}, - }, - { /* 39P */ - addYX: fp.Elt{0x79, 0x92, 0x66, 0x29, 0x04, 0xf2, 0xad, 0x0f, 0x4a, 0x72, 0x7d, 0x7d, 0x04, 0xa2, 0xdd, 0x3a, 0xf1, 0x60, 0x57, 0x8c, 0x82, 0x94, 0x3d, 0x6f, 0x9e, 0x53, 0xb7, 0x2b, 0xc5, 0xe9, 0x7f, 0x3d}, - subYX: fp.Elt{0xcd, 0x1e, 0xb1, 0x16, 0xc6, 0xaf, 0x7d, 0x17, 0x79, 0x64, 0x57, 0xfa, 0x9c, 0x4b, 0x76, 0x89, 0x85, 0xe7, 0xec, 0xe6, 0x10, 0xa1, 0xa8, 0xb7, 0xf0, 0xdb, 0x85, 0xbe, 0x9f, 0x83, 0xe6, 0x78}, - dt2: fp.Elt{0x6b, 0x85, 0xb8, 0x37, 0xf7, 0x2d, 0x33, 0x70, 0x8a, 0x17, 0x1a, 0x04, 0x43, 0x5d, 0xd0, 0x75, 0x22, 0x9e, 0xe5, 0xa0, 0x4a, 0xf7, 0x0f, 0x32, 0x42, 0x82, 0x08, 0x50, 0xf3, 0x68, 0xf2, 0x70}, - }, - { /* 41P */ - addYX: fp.Elt{0x47, 0x5f, 0x80, 0xb1, 0x83, 0x45, 0x86, 0x66, 0x19, 0x7c, 0xdd, 0x60, 0xd1, 0xc5, 0x35, 0xf5, 0x06, 0xb0, 0x4c, 0x1e, 0xb7, 0x4e, 0x87, 0xe9, 0xd9, 0x89, 0xd8, 0xfa, 0x5c, 0x34, 0x0d, 0x7c}, - subYX: fp.Elt{0x55, 0xf3, 0xdc, 0x70, 0x20, 0x11, 0x24, 0x23, 0x17, 0xe1, 0xfc, 0xe7, 0x7e, 0xc9, 0x0c, 0x38, 0x98, 0xb6, 0x52, 0x35, 0xed, 0xde, 0x1d, 0xb3, 0xb9, 0xc4, 0xb8, 0x39, 0xc0, 0x56, 0x4e, 0x40}, - dt2: fp.Elt{0x8a, 0x33, 0x78, 0x8c, 0x4b, 0x1f, 0x1f, 0x59, 0xe1, 0xb5, 0xe0, 0x67, 0xb1, 0x6a, 0x36, 0xa0, 0x44, 0x3d, 0x5f, 0xb4, 0x52, 0x41, 0xbc, 0x5c, 0x77, 0xc7, 0xae, 0x2a, 0x76, 0x54, 0xd7, 0x20}, - }, - { /* 43P */ - addYX: fp.Elt{0x58, 0xb7, 0x3b, 0xc7, 0x6f, 0xc3, 0x8f, 0x5e, 0x9a, 0xbb, 0x3c, 0x36, 0xa5, 0x43, 0xe5, 0xac, 0x22, 0xc9, 0x3b, 0x90, 0x7d, 0x4a, 0x93, 0xa9, 0x62, 0xec, 0xce, 0xf3, 0x46, 0x1e, 0x8f, 0x2b}, - subYX: fp.Elt{0x43, 0xf5, 0xb9, 0x35, 0xb1, 0xfe, 0x74, 0x9d, 0x6c, 0x95, 0x8c, 0xde, 0xf1, 0x7d, 0xb3, 0x84, 0xa9, 0x8b, 0x13, 0x57, 0x07, 0x2b, 0x32, 0xe9, 0xe1, 0x4c, 0x0b, 0x79, 0xa8, 0xad, 0xb8, 0x38}, - dt2: fp.Elt{0x5d, 0xf9, 0x51, 0xdf, 0x9c, 0x4a, 0xc0, 0xb5, 0xac, 0xde, 0x1f, 0xcb, 0xae, 0x52, 0x39, 0x2b, 0xda, 0x66, 0x8b, 0x32, 0x8b, 0x6d, 0x10, 0x1d, 0x53, 0x19, 0xba, 0xce, 0x32, 0xeb, 0x9a, 0x04}, - }, - { /* 45P */ - addYX: fp.Elt{0x31, 0x79, 0xfc, 0x75, 0x0b, 0x7d, 0x50, 0xaa, 0xd3, 0x25, 0x67, 0x7a, 0x4b, 0x92, 0xef, 0x0f, 0x30, 0x39, 0x6b, 0x39, 0x2b, 0x54, 0x82, 0x1d, 0xfc, 0x74, 0xf6, 0x30, 0x75, 0xe1, 0x5e, 0x79}, - subYX: fp.Elt{0x7e, 0xfe, 0xdc, 0x63, 0x3c, 0x7d, 0x76, 0xd7, 0x40, 0x6e, 0x85, 0x97, 0x48, 0x59, 0x9c, 0x20, 0x13, 0x7c, 0x4f, 0xe1, 0x61, 0x68, 0x67, 0xb6, 0xfc, 0x25, 0xd6, 0xc8, 0xe0, 0x65, 0xc6, 0x51}, - dt2: fp.Elt{0x81, 0xbd, 0xec, 0x52, 0x0a, 0x5b, 0x4a, 0x25, 0xe7, 0xaf, 0x34, 0xe0, 0x6e, 0x1f, 0x41, 0x5d, 0x31, 0x4a, 0xee, 0xca, 0x0d, 0x4d, 0xa2, 0xe6, 0x77, 0x44, 0xc5, 0x9d, 0xf4, 0x9b, 0xd1, 0x6c}, - }, - { /* 47P */ - addYX: fp.Elt{0x86, 0xc3, 0xaf, 0x65, 0x21, 0x61, 0xfe, 0x1f, 0x10, 0x1b, 0xd5, 0xb8, 0x88, 0x2a, 0x2a, 0x08, 0xaa, 0x0b, 0x99, 0x20, 0x7e, 0x62, 0xf6, 0x76, 0xe7, 0x43, 0x9e, 0x42, 0xa7, 0xb3, 0x01, 0x5e}, - subYX: fp.Elt{0xa3, 0x9c, 0x17, 0x52, 0x90, 0x61, 0x87, 0x7e, 0x85, 0x9f, 0x2c, 0x0b, 0x06, 0x0a, 0x1d, 0x57, 0x1e, 0x71, 0x99, 0x84, 0xa8, 0xba, 0xa2, 0x80, 0x38, 0xe6, 0xb2, 0x40, 0xdb, 0xf3, 0x20, 0x75}, - dt2: fp.Elt{0xa1, 0x57, 0x93, 0xd3, 0xe3, 0x0b, 0xb5, 0x3d, 0xa5, 0x94, 0x9e, 0x59, 0xdd, 0x6c, 0x7b, 0x96, 0x6e, 0x1e, 0x31, 0xdf, 0x64, 0x9a, 0x30, 0x1a, 0x86, 0xc9, 0xf3, 0xce, 0x9c, 0x2c, 0x09, 0x71}, - }, - { /* 49P */ - addYX: fp.Elt{0xcf, 0x1d, 0x05, 0x74, 0xac, 0xd8, 0x6b, 0x85, 0x1e, 0xaa, 0xb7, 0x55, 0x08, 0xa4, 0xf6, 0x03, 0xeb, 0x3c, 0x74, 0xc9, 0xcb, 0xe7, 0x4a, 0x3a, 0xde, 0xab, 0x37, 0x71, 0xbb, 0xa5, 0x73, 0x41}, - subYX: fp.Elt{0x8c, 0x91, 0x64, 0x03, 0x3f, 0x52, 0xd8, 0x53, 0x1c, 0x6b, 0xab, 0x3f, 0xf4, 0x04, 0xb4, 0xa2, 0xa4, 0xe5, 0x81, 0x66, 0x9e, 0x4a, 0x0b, 0x08, 0xa7, 0x7b, 0x25, 0xd0, 0x03, 0x5b, 0xa1, 0x0e}, - dt2: fp.Elt{0x8a, 0x21, 0xf9, 0xf0, 0x31, 0x6e, 0xc5, 0x17, 0x08, 0x47, 0xfc, 0x1a, 0x2b, 0x6e, 0x69, 0x5a, 0x76, 0xf1, 0xb2, 0xf4, 0x68, 0x16, 0x93, 0xf7, 0x67, 0x3a, 0x4e, 0x4a, 0x61, 0x65, 0xc5, 0x5f}, - }, - { /* 51P */ - addYX: fp.Elt{0x8e, 0x98, 0x90, 0x77, 0xe6, 0xe1, 0x92, 0x48, 0x22, 0xd7, 0x5c, 0x1c, 0x0f, 0x95, 0xd5, 0x01, 0xed, 0x3e, 0x92, 0xe5, 0x9a, 0x81, 0xb0, 0xe3, 0x1b, 0x65, 0x46, 0x9d, 0x40, 0xc7, 0x14, 0x32}, - subYX: fp.Elt{0xe5, 0x7a, 0x6d, 0xc4, 0x0d, 0x57, 0x6e, 0x13, 0x8f, 0xdc, 0xf8, 0x54, 0xcc, 0xaa, 0xd0, 0x0f, 0x86, 0xad, 0x0d, 0x31, 0x03, 0x9f, 0x54, 0x59, 0xa1, 0x4a, 0x45, 0x4c, 0x41, 0x1c, 0x71, 0x62}, - dt2: fp.Elt{0x70, 0x17, 0x65, 0x06, 0x74, 0x82, 0x29, 0x13, 0x36, 0x94, 0x27, 0x8a, 0x66, 0xa0, 0xa4, 0x3b, 0x3c, 0x22, 0x5d, 0x18, 0xec, 0xb8, 0xb6, 0xd9, 0x3c, 0x83, 0xcb, 0x3e, 0x07, 0x94, 0xea, 0x5b}, - }, - { /* 53P */ - addYX: fp.Elt{0xf8, 0xd2, 0x43, 0xf3, 0x63, 0xce, 0x70, 0xb4, 0xf1, 0xe8, 0x43, 0x05, 0x8f, 0xba, 0x67, 0x00, 0x6f, 0x7b, 0x11, 0xa2, 0xa1, 0x51, 0xda, 0x35, 0x2f, 0xbd, 0xf1, 0x44, 0x59, 0x78, 0xd0, 0x4a}, - subYX: fp.Elt{0xe4, 0x9b, 0xc8, 0x12, 0x09, 0xbf, 0x1d, 0x64, 0x9c, 0x57, 0x6e, 0x7d, 0x31, 0x8b, 0xf3, 0xac, 0x65, 0xb0, 0x97, 0xf6, 0x02, 0x9e, 0xfe, 0xab, 0xec, 0x1e, 0xf6, 0x48, 0xc1, 0xd5, 0xac, 0x3a}, - dt2: fp.Elt{0x01, 0x83, 0x31, 0xc3, 0x34, 0x3b, 0x8e, 0x85, 0x26, 0x68, 0x31, 0x07, 0x47, 0xc0, 0x99, 0xdc, 0x8c, 0xa8, 0x9d, 0xd3, 0x2e, 0x5b, 0x08, 0x34, 0x3d, 0x85, 0x02, 0xd9, 0xb1, 0x0c, 0xff, 0x3a}, - }, - { /* 55P */ - addYX: fp.Elt{0x05, 0x35, 0xc5, 0xf4, 0x0b, 0x43, 0x26, 0x92, 0x83, 0x22, 0x1f, 0x26, 0x13, 0x9c, 0xe4, 0x68, 0xc6, 0x27, 0xd3, 0x8f, 0x78, 0x33, 0xef, 0x09, 0x7f, 0x9e, 0xd9, 0x2b, 0x73, 0x9f, 0xcf, 0x2c}, - subYX: fp.Elt{0x5e, 0x40, 0x20, 0x3a, 0xeb, 0xc7, 0xc5, 0x87, 0xc9, 0x56, 0xad, 0xed, 0xef, 0x11, 0xe3, 0x8e, 0xf9, 0xd5, 0x29, 0xad, 0x48, 0x2e, 0x25, 0x29, 0x1d, 0x25, 0xcd, 0xf4, 0x86, 0x7e, 0x0e, 0x11}, - dt2: fp.Elt{0xe4, 0xf5, 0x03, 0xd6, 0x9e, 0xd8, 0xc0, 0x57, 0x0c, 0x20, 0xb0, 0xf0, 0x28, 0x86, 0x88, 0x12, 0xb7, 0x3b, 0x2e, 0xa0, 0x09, 0x27, 0x17, 0x53, 0x37, 0x3a, 0x69, 0xb9, 0xe0, 0x57, 0xc5, 0x05}, - }, - { /* 57P */ - addYX: fp.Elt{0xb0, 0x0e, 0xc2, 0x89, 0xb0, 0xbb, 0x76, 0xf7, 0x5c, 0xd8, 0x0f, 0xfa, 0xf6, 0x5b, 0xf8, 0x61, 0xfb, 0x21, 0x44, 0x63, 0x4e, 0x3f, 0xb9, 0xb6, 0x05, 0x12, 0x86, 0x41, 0x08, 0xef, 0x9f, 0x28}, - subYX: fp.Elt{0x6f, 0x7e, 0xc9, 0x1f, 0x31, 0xce, 0xf9, 0xd8, 0xae, 0xfd, 0xf9, 0x11, 0x30, 0x26, 0x3f, 0x7a, 0xdd, 0x25, 0xed, 0x8b, 0xa0, 0x7e, 0x5b, 0xe1, 0x5a, 0x87, 0xe9, 0x8f, 0x17, 0x4c, 0x15, 0x6e}, - dt2: fp.Elt{0xbf, 0x9a, 0xd6, 0xfe, 0x36, 0x63, 0x61, 0xcf, 0x4f, 0xc9, 0x35, 0x83, 0xe7, 0xe4, 0x16, 0x9b, 0xe7, 0x7f, 0x3a, 0x75, 0x65, 0x97, 0x78, 0x13, 0x19, 0xa3, 0x5c, 0xa9, 0x42, 0xf6, 0xfb, 0x6a}, - }, - { /* 59P */ - addYX: fp.Elt{0xcc, 0xa8, 0x13, 0xf9, 0x70, 0x50, 0xe5, 0x5d, 0x61, 0xf5, 0x0c, 0x2b, 0x7b, 0x16, 0x1d, 0x7d, 0x89, 0xd4, 0xea, 0x90, 0xb6, 0x56, 0x29, 0xda, 0xd9, 0x1e, 0x80, 0xdb, 0xce, 0x93, 0xc0, 0x12}, - subYX: fp.Elt{0xc1, 0xd2, 0xf5, 0x62, 0x0c, 0xde, 0xa8, 0x7d, 0x9a, 0x7b, 0x0e, 0xb0, 0xa4, 0x3d, 0xfc, 0x98, 0xe0, 0x70, 0xad, 0x0d, 0xda, 0x6a, 0xeb, 0x7d, 0xc4, 0x38, 0x50, 0xb9, 0x51, 0xb8, 0xb4, 0x0d}, - dt2: fp.Elt{0x0f, 0x19, 0xb8, 0x08, 0x93, 0x7f, 0x14, 0xfc, 0x10, 0xe3, 0x1a, 0xa1, 0xa0, 0x9d, 0x96, 0x06, 0xfd, 0xd7, 0xc7, 0xda, 0x72, 0x55, 0xe7, 0xce, 0xe6, 0x5c, 0x63, 0xc6, 0x99, 0x87, 0xaa, 0x33}, - }, - { /* 61P */ - addYX: fp.Elt{0xb1, 0x6c, 0x15, 0xfc, 0x88, 0xf5, 0x48, 0x83, 0x27, 0x6d, 0x0a, 0x1a, 0x9b, 0xba, 0xa2, 0x6d, 0xb6, 0x5a, 0xca, 0x87, 0x5c, 0x2d, 0x26, 0xe2, 0xa6, 0x89, 0xd5, 0xc8, 0xc1, 0xd0, 0x2c, 0x21}, - subYX: fp.Elt{0xf2, 0x5c, 0x08, 0xbd, 0x1e, 0xf5, 0x0f, 0xaf, 0x1f, 0x3f, 0xd3, 0x67, 0x89, 0x1a, 0xf5, 0x78, 0x3c, 0x03, 0x60, 0x50, 0xe1, 0xbf, 0xc2, 0x6e, 0x86, 0x1a, 0xe2, 0xe8, 0x29, 0x6f, 0x3c, 0x23}, - dt2: fp.Elt{0x81, 0xc7, 0x18, 0x7f, 0x10, 0xd5, 0xf4, 0xd2, 0x28, 0x9d, 0x7e, 0x52, 0xf2, 0xcd, 0x2e, 0x12, 0x41, 0x33, 0x3d, 0x3d, 0x2a, 0x86, 0x0a, 0xa7, 0xe3, 0x4c, 0x91, 0x11, 0x89, 0x77, 0xb7, 0x1d}, - }, - { /* 63P */ - addYX: fp.Elt{0xb6, 0x1a, 0x70, 0xdd, 0x69, 0x47, 0x39, 0xb3, 0xa5, 0x8d, 0xcf, 0x19, 0xd4, 0xde, 0xb8, 0xe2, 0x52, 0xc8, 0x2a, 0xfd, 0x61, 0x41, 0xdf, 0x15, 0xbe, 0x24, 0x7d, 0x01, 0x8a, 0xca, 0xe2, 0x7a}, - subYX: fp.Elt{0x6f, 0xc2, 0x6b, 0x7c, 0x39, 0x52, 0xf3, 0xdd, 0x13, 0x01, 0xd5, 0x53, 0xcc, 0xe2, 0x97, 0x7a, 0x30, 0xa3, 0x79, 0xbf, 0x3a, 0xf4, 0x74, 0x7c, 0xfc, 0xad, 0xe2, 0x26, 0xad, 0x97, 0xad, 0x31}, - dt2: fp.Elt{0x62, 0xb9, 0x20, 0x09, 0xed, 0x17, 0xe8, 0xb7, 0x9d, 0xda, 0x19, 0x3f, 0xcc, 0x18, 0x85, 0x1e, 0x64, 0x0a, 0x56, 0x25, 0x4f, 0xc1, 0x91, 0xe4, 0x83, 0x2c, 0x62, 0xa6, 0x53, 0xfc, 0xd1, 0x1e}, - }, -} diff --git a/vendor/golang.org/x/sys/AUTHORS b/vendor/golang.org/x/sys/AUTHORS deleted file mode 100644 index 15167cd74..000000000 --- a/vendor/golang.org/x/sys/AUTHORS +++ /dev/null @@ -1,3 +0,0 @@ -# This source code refers to The Go Authors for copyright purposes. -# The master list of authors is in the main Go distribution, -# visible at http://tip.golang.org/AUTHORS. diff --git a/vendor/golang.org/x/sys/CONTRIBUTORS b/vendor/golang.org/x/sys/CONTRIBUTORS deleted file mode 100644 index 1c4577e96..000000000 --- a/vendor/golang.org/x/sys/CONTRIBUTORS +++ /dev/null @@ -1,3 +0,0 @@ -# This source code was written by the Go contributors. -# The master list of contributors is in the main Go distribution, -# visible at http://tip.golang.org/CONTRIBUTORS. diff --git a/vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go b/vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go deleted file mode 100644 index be6027224..000000000 --- a/vendor/golang.org/x/sys/cpu/cpu_aix_ppc64.go +++ /dev/null @@ -1,34 +0,0 @@ -// Copyright 2019 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build aix,ppc64 - -package cpu - -const cacheLineSize = 128 - -const ( - // getsystemcfg constants - _SC_IMPL = 2 - _IMPL_POWER8 = 0x10000 - _IMPL_POWER9 = 0x20000 -) - -func init() { - impl := getsystemcfg(_SC_IMPL) - if impl&_IMPL_POWER8 != 0 { - PPC64.IsPOWER8 = true - } - if impl&_IMPL_POWER9 != 0 { - PPC64.IsPOWER9 = true - } - - Initialized = true -} - -func getsystemcfg(label int) (n uint64) { - r0, _ := callgetsystemcfg(label) - n = uint64(r0) - return -} diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo.c b/vendor/golang.org/x/sys/cpu/cpu_gccgo.c deleted file mode 100644 index e363c7d13..000000000 --- a/vendor/golang.org/x/sys/cpu/cpu_gccgo.c +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build 386 amd64 amd64p32 -// +build gccgo - -#include -#include - -// Need to wrap __get_cpuid_count because it's declared as static. -int -gccgoGetCpuidCount(uint32_t leaf, uint32_t subleaf, - uint32_t *eax, uint32_t *ebx, - uint32_t *ecx, uint32_t *edx) -{ - return __get_cpuid_count(leaf, subleaf, eax, ebx, ecx, edx); -} - -// xgetbv reads the contents of an XCR (Extended Control Register) -// specified in the ECX register into registers EDX:EAX. -// Currently, the only supported value for XCR is 0. -// -// TODO: Replace with a better alternative: -// -// #include -// -// #pragma GCC target("xsave") -// -// void gccgoXgetbv(uint32_t *eax, uint32_t *edx) { -// unsigned long long x = _xgetbv(0); -// *eax = x & 0xffffffff; -// *edx = (x >> 32) & 0xffffffff; -// } -// -// Note that _xgetbv is defined starting with GCC 8. -void -gccgoXgetbv(uint32_t *eax, uint32_t *edx) -{ - __asm(" xorl %%ecx, %%ecx\n" - " xgetbv" - : "=a"(*eax), "=d"(*edx)); -} diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo.go deleted file mode 100644 index ba49b91bd..000000000 --- a/vendor/golang.org/x/sys/cpu/cpu_gccgo.go +++ /dev/null @@ -1,26 +0,0 @@ -// Copyright 2018 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build 386 amd64 amd64p32 -// +build gccgo - -package cpu - -//extern gccgoGetCpuidCount -func gccgoGetCpuidCount(eaxArg, ecxArg uint32, eax, ebx, ecx, edx *uint32) - -func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32) { - var a, b, c, d uint32 - gccgoGetCpuidCount(eaxArg, ecxArg, &a, &b, &c, &d) - return a, b, c, d -} - -//extern gccgoXgetbv -func gccgoXgetbv(eax, edx *uint32) - -func xgetbv() (eax, edx uint32) { - var a, d uint32 - gccgoXgetbv(&a, &d) - return a, d -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 126501e71..51820d04b 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -107,7 +107,7 @@ github.com/prometheus/procfs/internal/fs github.com/prometheus/procfs/internal/util # github.com/rogpeppe/go-internal v1.10.0 ## explicit; go 1.19 -# github.com/stretchr/testify v1.8.3 +# github.com/stretchr/testify v1.8.4 ## explicit; go 1.20 github.com/stretchr/testify/assert github.com/stretchr/testify/require From 1ba4686498a79e057a0a8d259779237e788325ec Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Jun 2023 15:46:27 +0000 Subject: [PATCH 30/73] build(deps): bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.16 to 1.14.17. - [Release notes](https://github.com/mattn/go-sqlite3/releases) - [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.16...v1.14.17) --- updated-dependencies: - dependency-name: github.com/mattn/go-sqlite3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 +- vendor/github.com/mattn/go-sqlite3/README.md | 40 +- .../mattn/go-sqlite3/sqlite3-binding.c | 15555 +++++++++++----- .../mattn/go-sqlite3/sqlite3-binding.h | 526 +- vendor/github.com/mattn/go-sqlite3/sqlite3.go | 38 +- .../mattn/go-sqlite3/sqlite3_go18.go | 24 +- .../mattn/go-sqlite3/sqlite3_libsqlite3.go | 6 +- .../mattn/go-sqlite3/sqlite3_opt_icu.go | 6 +- .../mattn/go-sqlite3/sqlite3_opt_serialize.go | 82 + .../go-sqlite3/sqlite3_opt_serialize_omit.go | 20 + .../github.com/mattn/go-sqlite3/sqlite3ext.h | 12 +- vendor/modules.txt | 2 +- 13 files changed, 11282 insertions(+), 5035 deletions(-) create mode 100644 vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize.go create mode 100644 vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize_omit.go diff --git a/go.mod b/go.mod index 9e13e1e34..b74776c6d 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/jmoiron/sqlx v1.3.5 github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46 github.com/lib/pq v1.10.9 - github.com/mattn/go-sqlite3 v1.14.16 + github.com/mattn/go-sqlite3 v1.14.17 github.com/prometheus/client_golang v1.15.1 github.com/stretchr/testify v1.8.4 github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300 diff --git a/go.sum b/go.sum index e2c44c69f..d08948273 100644 --- a/go.sum +++ b/go.sum @@ -238,8 +238,8 @@ github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU= -github.com/mattn/go-sqlite3 v1.14.16 h1:yOQRA0RpS5PFz/oikGwBEqvAWhWg5ufRz4ETLjwpU1Y= -github.com/mattn/go-sqlite3 v1.14.16/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= +github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM= +github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg= github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo= diff --git a/vendor/github.com/mattn/go-sqlite3/README.md b/vendor/github.com/mattn/go-sqlite3/README.md index 931b02e3e..1804a89ad 100644 --- a/vendor/github.com/mattn/go-sqlite3/README.md +++ b/vendor/github.com/mattn/go-sqlite3/README.md @@ -40,7 +40,7 @@ This package follows the official [Golang Release Policy](https://golang.org/doc - [Alpine](#alpine) - [Fedora](#fedora) - [Ubuntu](#ubuntu) - - [Mac OSX](#mac-osx) + - [macOS](#mac-osx) - [Windows](#windows) - [Errors](#errors) - [User Authentication](#user-authentication) @@ -72,7 +72,7 @@ _go-sqlite3_ is *cgo* package. If you want to build your app using go-sqlite3, you need gcc. However, after you have built and installed _go-sqlite3_ with `go install github.com/mattn/go-sqlite3` (which requires gcc), you can build your app without relying on gcc in future. -***Important: because this is a `CGO` enabled package, you are required to set the environment variable `CGO_ENABLED=1` and have a `gcc` compile present within your path.*** +***Important: because this is a `CGO` enabled package, you are required to set the environment variable `CGO_ENABLED=1` and have a `gcc` compiler present within your path.*** # API Reference @@ -145,7 +145,7 @@ Click [here](https://golang.org/pkg/go/build/#hdr-Build_Constraints) for more in If you wish to build this library with additional extensions / features, use the following command: ```bash -go build --tags "" +go build -tags "" ``` For available features, see the extension list. @@ -154,7 +154,7 @@ When using multiple build tags, all the different tags should be space delimited Example: ```bash -go build --tags "icu json1 fts5 secure_delete" +go build -tags "icu json1 fts5 secure_delete" ``` ### Feature / Extension List @@ -165,6 +165,7 @@ go build --tags "icu json1 fts5 secure_delete" | Allow URI Authority | sqlite_allow_uri_authority | URI filenames normally throws an error if the authority section is not either empty or "localhost".

However, if SQLite is compiled with the SQLITE_ALLOW_URI_AUTHORITY compile-time option, then the URI is converted into a Uniform Naming Convention (UNC) filename and passed down to the underlying operating system that way | | App Armor | sqlite_app_armor | When defined, this C-preprocessor macro activates extra code that attempts to detect misuse of the SQLite API, such as passing in NULL pointers to required parameters or using objects after they have been destroyed.

App Armor is not available under `Windows`. | | Disable Load Extensions | sqlite_omit_load_extension | Loading of external extensions is enabled by default.

To disable extension loading add the build tag `sqlite_omit_load_extension`. | +| Enable Serialization with `libsqlite3` | sqlite_serialize | Serialization and deserialization of a SQLite database is available by default, unless the build tag `libsqlite3` is set.

To enable this functionality even if `libsqlite3` is set, add the build tag `sqlite_serialize`. | | Foreign Keys | sqlite_foreign_keys | This macro determines whether enforcement of foreign key constraints is enabled or disabled by default for new database connections.

Each database connection can always turn enforcement of foreign key constraints on and off and run-time using the foreign_keys pragma.

Enforcement of foreign key constraints is normally off by default, but if this compile-time parameter is set to 1, enforcement of foreign key constraints will be on by default | | Full Auto Vacuum | sqlite_vacuum_full | Set the default auto vacuum to full | | Incremental Auto Vacuum | sqlite_vacuum_incr | Set the default auto vacuum to incremental | @@ -193,7 +194,7 @@ This package can be compiled for android. Compile with: ```bash -go build --tags "android" +go build -tags "android" ``` For more information see [#201](https://github.com/mattn/go-sqlite3/issues/201) @@ -218,8 +219,8 @@ This library can be cross-compiled. In some cases you are required to the `CC` environment variable with the cross compiler. -## Cross Compiling from MAC OSX -The simplest way to cross compile from OSX is to use [musl-cross](https://github.com/FiloSottile/homebrew-musl-cross). +## Cross Compiling from macOS +The simplest way to cross compile from macOS is to use [xgo](https://github.com/karalabe/xgo). Steps: - Install [musl-cross](https://github.com/FiloSottile/homebrew-musl-cross) (`brew install FiloSottile/musl-cross/musl-cross`). @@ -240,13 +241,13 @@ To compile this package on Linux, you must install the development tools for you To compile under linux use the build tag `linux`. ```bash -go build --tags "linux" +go build -tags "linux" ``` If you wish to link directly to libsqlite3 then you can use the `libsqlite3` build tag. ``` -go build --tags "libsqlite3 linux" +go build -tags "libsqlite3 linux" ``` ### Alpine @@ -269,9 +270,9 @@ sudo yum groupinstall "Development Tools" "Development Libraries" sudo apt-get install build-essential ``` -## Mac OSX +## macOS -OSX should have all the tools present to compile this package. If not, install XCode to add all the developers tools. +macOS should have all the tools present to compile this package. If not, install XCode to add all the developers tools. Required dependency: @@ -279,7 +280,7 @@ Required dependency: brew install sqlite3 ``` -For OSX, there is an additional package to install which is required if you wish to build the `icu` extension. +For macOS, there is an additional package to install which is required if you wish to build the `icu` extension. This additional package can be installed with `homebrew`: @@ -287,16 +288,25 @@ This additional package can be installed with `homebrew`: brew upgrade icu4c ``` -To compile for Mac OSX: +To compile for macOS on x86: ```bash -go build --tags "darwin" +go build -tags "darwin amd64" +``` + +To compile for macOS on ARM chips: + +```bash +go build -tags "darwin arm64" ``` If you wish to link directly to libsqlite3, use the `libsqlite3` build tag: ``` -go build --tags "libsqlite3 darwin" +# x86 +go build -tags "libsqlite3 darwin amd64" +# ARM +go build -tags "libsqlite3 darwin arm64" ``` Additional information: diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c index dd05f5751..a1d6a285d 100644 --- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c +++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c @@ -1,7 +1,7 @@ #ifndef USE_LIBSQLITE3 /****************************************************************************** ** This file is an amalgamation of many separate C source files from SQLite -** version 3.39.4. By combining all the individual C code files into this +** version 3.42.0. By combining all the individual C code files into this ** single large file, the entire code can be compiled as a single translation ** unit. This allows many compilers to do optimizations that would not be ** possible if the files were compiled separately. Performance improvements @@ -124,6 +124,10 @@ #define SQLITE_4_BYTE_ALIGNED_MALLOC #endif /* defined(_MSC_VER) && !defined(_WIN64) */ +#if !defined(HAVE_LOG2) && defined(_MSC_VER) && _MSC_VER<1800 +#define HAVE_LOG2 0 +#endif /* !defined(HAVE_LOG2) && defined(_MSC_VER) && _MSC_VER<1800 */ + #endif /* SQLITE_MSVC_H */ /************** End of msvc.h ************************************************/ @@ -453,9 +457,9 @@ extern "C" { ** [sqlite3_libversion_number()], [sqlite3_sourceid()], ** [sqlite_version()] and [sqlite_source_id()]. */ -#define SQLITE_VERSION "3.39.4" -#define SQLITE_VERSION_NUMBER 3039004 -#define SQLITE_SOURCE_ID "2022-09-29 15:55:41 a29f9949895322123f7c38fbe94c649a9d6e6c9cd0c3b41c96d694552f26b309" +#define SQLITE_VERSION "3.42.0" +#define SQLITE_VERSION_NUMBER 3042000 +#define SQLITE_SOURCE_ID "2023-05-16 12:36:15 831d0fb2836b71c9bc51067c49fee4b8f18047814f2ff22d817d25195cf350b0" /* ** CAPI3REF: Run-Time Library Version Numbers @@ -870,6 +874,7 @@ SQLITE_API int sqlite3_exec( #define SQLITE_CONSTRAINT_DATATYPE (SQLITE_CONSTRAINT |(12<<8)) #define SQLITE_NOTICE_RECOVER_WAL (SQLITE_NOTICE | (1<<8)) #define SQLITE_NOTICE_RECOVER_ROLLBACK (SQLITE_NOTICE | (2<<8)) +#define SQLITE_NOTICE_RBU (SQLITE_NOTICE | (3<<8)) #define SQLITE_WARNING_AUTOINDEX (SQLITE_WARNING | (1<<8)) #define SQLITE_AUTH_USER (SQLITE_AUTH | (1<<8)) #define SQLITE_OK_LOAD_PERMANENTLY (SQLITE_OK | (1<<8)) @@ -977,13 +982,17 @@ SQLITE_API int sqlite3_exec( ** ** SQLite uses one of these integer values as the second ** argument to calls it makes to the xLock() and xUnlock() methods -** of an [sqlite3_io_methods] object. +** of an [sqlite3_io_methods] object. These values are ordered from +** lest restrictive to most restrictive. +** +** The argument to xLock() is always SHARED or higher. The argument to +** xUnlock is either SHARED or NONE. */ -#define SQLITE_LOCK_NONE 0 -#define SQLITE_LOCK_SHARED 1 -#define SQLITE_LOCK_RESERVED 2 -#define SQLITE_LOCK_PENDING 3 -#define SQLITE_LOCK_EXCLUSIVE 4 +#define SQLITE_LOCK_NONE 0 /* xUnlock() only */ +#define SQLITE_LOCK_SHARED 1 /* xLock() or xUnlock() */ +#define SQLITE_LOCK_RESERVED 2 /* xLock() only */ +#define SQLITE_LOCK_PENDING 3 /* xLock() only */ +#define SQLITE_LOCK_EXCLUSIVE 4 /* xLock() only */ /* ** CAPI3REF: Synchronization Type Flags @@ -1061,7 +1070,14 @@ struct sqlite3_file { **
  • [SQLITE_LOCK_PENDING], or **
  • [SQLITE_LOCK_EXCLUSIVE]. ** -** xLock() increases the lock. xUnlock() decreases the lock. +** xLock() upgrades the database file lock. In other words, xLock() moves the +** database file lock in the direction NONE toward EXCLUSIVE. The argument to +** xLock() is always on of SHARED, RESERVED, PENDING, or EXCLUSIVE, never +** SQLITE_LOCK_NONE. If the database file lock is already at or above the +** requested lock, then the call to xLock() is a no-op. +** xUnlock() downgrades the database file lock to either SHARED or NONE. +* If the lock is already at or below the requested lock state, then the call +** to xUnlock() is a no-op. ** The xCheckReservedLock() method checks whether any database connection, ** either in this process or in some other process, is holding a RESERVED, ** PENDING, or EXCLUSIVE lock on the file. It returns true @@ -1166,9 +1182,8 @@ struct sqlite3_io_methods { ** opcode causes the xFileControl method to write the current state of ** the lock (one of [SQLITE_LOCK_NONE], [SQLITE_LOCK_SHARED], ** [SQLITE_LOCK_RESERVED], [SQLITE_LOCK_PENDING], or [SQLITE_LOCK_EXCLUSIVE]) -** into an integer that the pArg argument points to. This capability -** is used during testing and is only available when the SQLITE_TEST -** compile-time option is used. +** into an integer that the pArg argument points to. +** This capability is only available if SQLite is compiled with [SQLITE_DEBUG]. ** **
  • [[SQLITE_FCNTL_SIZE_HINT]] ** The [SQLITE_FCNTL_SIZE_HINT] opcode is used by SQLite to give the VFS @@ -1472,7 +1487,6 @@ struct sqlite3_io_methods { ** in wal mode after the client has finished copying pages from the wal ** file to the database file, but before the *-shm file is updated to ** record the fact that the pages have been checkpointed. -** ** **
  • [[SQLITE_FCNTL_EXTERNAL_READER]] ** The EXPERIMENTAL [SQLITE_FCNTL_EXTERNAL_READER] opcode is used to detect @@ -1485,10 +1499,16 @@ struct sqlite3_io_methods { ** the database is not a wal-mode db, or if there is no such connection in any ** other process. This opcode cannot be used to detect transactions opened ** by clients within the current process, only within other processes. -** ** **
  • [[SQLITE_FCNTL_CKSM_FILE]] -** Used by the cksmvfs VFS module only. +** The [SQLITE_FCNTL_CKSM_FILE] opcode is for use interally by the +** [checksum VFS shim] only. +** +**
  • [[SQLITE_FCNTL_RESET_CACHE]] +** If there is currently no transaction open on the database, and the +** database is not a temp db, then the [SQLITE_FCNTL_RESET_CACHE] file-control +** purges the contents of the in-memory page cache. If there is an open +** transaction, or if the db is a temp-db, this opcode is a no-op, not an error. ** */ #define SQLITE_FCNTL_LOCKSTATE 1 @@ -1531,6 +1551,7 @@ struct sqlite3_io_methods { #define SQLITE_FCNTL_CKPT_START 39 #define SQLITE_FCNTL_EXTERNAL_READER 40 #define SQLITE_FCNTL_CKSM_FILE 41 +#define SQLITE_FCNTL_RESET_CACHE 42 /* deprecated names */ #define SQLITE_GET_LOCKPROXYFILE SQLITE_FCNTL_GET_LOCKPROXYFILE @@ -1560,6 +1581,26 @@ typedef struct sqlite3_mutex sqlite3_mutex; */ typedef struct sqlite3_api_routines sqlite3_api_routines; +/* +** CAPI3REF: File Name +** +** Type [sqlite3_filename] is used by SQLite to pass filenames to the +** xOpen method of a [VFS]. It may be cast to (const char*) and treated +** as a normal, nul-terminated, UTF-8 buffer containing the filename, but +** may also be passed to special APIs such as: +** +**
      +**
    • sqlite3_filename_database() +**
    • sqlite3_filename_journal() +**
    • sqlite3_filename_wal() +**
    • sqlite3_uri_parameter() +**
    • sqlite3_uri_boolean() +**
    • sqlite3_uri_int64() +**
    • sqlite3_uri_key() +**
    +*/ +typedef const char *sqlite3_filename; + /* ** CAPI3REF: OS Interface Object ** @@ -1738,7 +1779,7 @@ struct sqlite3_vfs { sqlite3_vfs *pNext; /* Next registered VFS */ const char *zName; /* Name of this virtual file system */ void *pAppData; /* Pointer to application-specific data */ - int (*xOpen)(sqlite3_vfs*, const char *zName, sqlite3_file*, + int (*xOpen)(sqlite3_vfs*, sqlite3_filename zName, sqlite3_file*, int flags, int *pOutFlags); int (*xDelete)(sqlite3_vfs*, const char *zName, int syncDir); int (*xAccess)(sqlite3_vfs*, const char *zName, int flags, int *pResOut); @@ -1925,20 +1966,23 @@ SQLITE_API int sqlite3_os_end(void); ** must ensure that no other SQLite interfaces are invoked by other ** threads while sqlite3_config() is running. ** -** The sqlite3_config() interface -** may only be invoked prior to library initialization using -** [sqlite3_initialize()] or after shutdown by [sqlite3_shutdown()]. -** ^If sqlite3_config() is called after [sqlite3_initialize()] and before -** [sqlite3_shutdown()] then it will return SQLITE_MISUSE. -** Note, however, that ^sqlite3_config() can be called as part of the -** implementation of an application-defined [sqlite3_os_init()]. -** ** The first argument to sqlite3_config() is an integer ** [configuration option] that determines ** what property of SQLite is to be configured. Subsequent arguments ** vary depending on the [configuration option] ** in the first argument. ** +** For most configuration options, the sqlite3_config() interface +** may only be invoked prior to library initialization using +** [sqlite3_initialize()] or after shutdown by [sqlite3_shutdown()]. +** The exceptional configuration options that may be invoked at any time +** are called "anytime configuration options". +** ^If sqlite3_config() is called after [sqlite3_initialize()] and before +** [sqlite3_shutdown()] with a first argument that is not an anytime +** configuration option, then the sqlite3_config() call will return SQLITE_MISUSE. +** Note, however, that ^sqlite3_config() can be called as part of the +** implementation of an application-defined [sqlite3_os_init()]. +** ** ^When a configuration option is set, sqlite3_config() returns [SQLITE_OK]. ** ^If the option is unknown or SQLite is unable to set the option ** then this routine returns a non-zero [error code]. @@ -2046,6 +2090,23 @@ struct sqlite3_mem_methods { ** These constants are the available integer configuration options that ** can be passed as the first argument to the [sqlite3_config()] interface. ** +** Most of the configuration options for sqlite3_config() +** will only work if invoked prior to [sqlite3_initialize()] or after +** [sqlite3_shutdown()]. The few exceptions to this rule are called +** "anytime configuration options". +** ^Calling [sqlite3_config()] with a first argument that is not an +** anytime configuration option in between calls to [sqlite3_initialize()] and +** [sqlite3_shutdown()] is a no-op that returns SQLITE_MISUSE. +** +** The set of anytime configuration options can change (by insertions +** and/or deletions) from one release of SQLite to the next. +** As of SQLite version 3.42.0, the complete set of anytime configuration +** options is: +**
      +**
    • SQLITE_CONFIG_LOG +**
    • SQLITE_CONFIG_PCACHE_HDRSZ +**
    +** ** New configuration options may be added in future releases of SQLite. ** Existing configuration options might be discontinued. Applications ** should check the return code from [sqlite3_config()] to make sure that @@ -2392,28 +2453,28 @@ struct sqlite3_mem_methods { ** compile-time option is not set, then the default maximum is 1073741824. ** */ -#define SQLITE_CONFIG_SINGLETHREAD 1 /* nil */ -#define SQLITE_CONFIG_MULTITHREAD 2 /* nil */ -#define SQLITE_CONFIG_SERIALIZED 3 /* nil */ -#define SQLITE_CONFIG_MALLOC 4 /* sqlite3_mem_methods* */ -#define SQLITE_CONFIG_GETMALLOC 5 /* sqlite3_mem_methods* */ -#define SQLITE_CONFIG_SCRATCH 6 /* No longer used */ -#define SQLITE_CONFIG_PAGECACHE 7 /* void*, int sz, int N */ -#define SQLITE_CONFIG_HEAP 8 /* void*, int nByte, int min */ -#define SQLITE_CONFIG_MEMSTATUS 9 /* boolean */ -#define SQLITE_CONFIG_MUTEX 10 /* sqlite3_mutex_methods* */ -#define SQLITE_CONFIG_GETMUTEX 11 /* sqlite3_mutex_methods* */ -/* previously SQLITE_CONFIG_CHUNKALLOC 12 which is now unused. */ -#define SQLITE_CONFIG_LOOKASIDE 13 /* int int */ -#define SQLITE_CONFIG_PCACHE 14 /* no-op */ -#define SQLITE_CONFIG_GETPCACHE 15 /* no-op */ -#define SQLITE_CONFIG_LOG 16 /* xFunc, void* */ -#define SQLITE_CONFIG_URI 17 /* int */ -#define SQLITE_CONFIG_PCACHE2 18 /* sqlite3_pcache_methods2* */ -#define SQLITE_CONFIG_GETPCACHE2 19 /* sqlite3_pcache_methods2* */ +#define SQLITE_CONFIG_SINGLETHREAD 1 /* nil */ +#define SQLITE_CONFIG_MULTITHREAD 2 /* nil */ +#define SQLITE_CONFIG_SERIALIZED 3 /* nil */ +#define SQLITE_CONFIG_MALLOC 4 /* sqlite3_mem_methods* */ +#define SQLITE_CONFIG_GETMALLOC 5 /* sqlite3_mem_methods* */ +#define SQLITE_CONFIG_SCRATCH 6 /* No longer used */ +#define SQLITE_CONFIG_PAGECACHE 7 /* void*, int sz, int N */ +#define SQLITE_CONFIG_HEAP 8 /* void*, int nByte, int min */ +#define SQLITE_CONFIG_MEMSTATUS 9 /* boolean */ +#define SQLITE_CONFIG_MUTEX 10 /* sqlite3_mutex_methods* */ +#define SQLITE_CONFIG_GETMUTEX 11 /* sqlite3_mutex_methods* */ +/* previously SQLITE_CONFIG_CHUNKALLOC 12 which is now unused. */ +#define SQLITE_CONFIG_LOOKASIDE 13 /* int int */ +#define SQLITE_CONFIG_PCACHE 14 /* no-op */ +#define SQLITE_CONFIG_GETPCACHE 15 /* no-op */ +#define SQLITE_CONFIG_LOG 16 /* xFunc, void* */ +#define SQLITE_CONFIG_URI 17 /* int */ +#define SQLITE_CONFIG_PCACHE2 18 /* sqlite3_pcache_methods2* */ +#define SQLITE_CONFIG_GETPCACHE2 19 /* sqlite3_pcache_methods2* */ #define SQLITE_CONFIG_COVERING_INDEX_SCAN 20 /* int */ -#define SQLITE_CONFIG_SQLLOG 21 /* xSqllog, void* */ -#define SQLITE_CONFIG_MMAP_SIZE 22 /* sqlite3_int64, sqlite3_int64 */ +#define SQLITE_CONFIG_SQLLOG 21 /* xSqllog, void* */ +#define SQLITE_CONFIG_MMAP_SIZE 22 /* sqlite3_int64, sqlite3_int64 */ #define SQLITE_CONFIG_WIN32_HEAPSIZE 23 /* int nByte */ #define SQLITE_CONFIG_PCACHE_HDRSZ 24 /* int *psz */ #define SQLITE_CONFIG_PMASZ 25 /* unsigned int szPma */ @@ -2454,7 +2515,7 @@ struct sqlite3_mem_methods { ** configuration for a database connection can only be changed when that ** connection is not currently using lookaside memory, or in other words ** when the "current value" returned by -** [sqlite3_db_status](D,[SQLITE_CONFIG_LOOKASIDE],...) is zero. +** [sqlite3_db_status](D,[SQLITE_DBSTATUS_LOOKASIDE_USED],...) is zero. ** Any attempt to change the lookaside memory configuration when lookaside ** memory is in use leaves the configuration unchanged and returns ** [SQLITE_BUSY].)^ @@ -2604,8 +2665,12 @@ struct sqlite3_mem_methods { **
  • sqlite3_db_config(db, SQLITE_DBCONFIG_RESET_DATABASE, 0, 0); ** ** Because resetting a database is destructive and irreversible, the -** process requires the use of this obscure API and multiple steps to help -** ensure that it does not happen by accident. +** process requires the use of this obscure API and multiple steps to +** help ensure that it does not happen by accident. Because this +** feature must be capable of resetting corrupt databases, and +** shutting down virtual tables may require access to that corrupt +** storage, the library must abandon any installed virtual tables +** without calling their xDestroy() methods. ** ** [[SQLITE_DBCONFIG_DEFENSIVE]]
    SQLITE_DBCONFIG_DEFENSIVE
    **
    The SQLITE_DBCONFIG_DEFENSIVE option activates or deactivates the @@ -2616,6 +2681,7 @@ struct sqlite3_mem_methods { **
      **
    • The [PRAGMA writable_schema=ON] statement. **
    • The [PRAGMA journal_mode=OFF] statement. +**
    • The [PRAGMA schema_version=N] statement. **
    • Writes to the [sqlite_dbpage] virtual table. **
    • Direct writes to [shadow tables]. **
    @@ -2643,7 +2709,7 @@ struct sqlite3_mem_methods { **
    ** ** [[SQLITE_DBCONFIG_DQS_DML]] -**
    SQLITE_DBCONFIG_DQS_DML +**
    SQLITE_DBCONFIG_DQS_DML
    **
    The SQLITE_DBCONFIG_DQS_DML option activates or deactivates ** the legacy [double-quoted string literal] misfeature for DML statements ** only, that is DELETE, INSERT, SELECT, and UPDATE statements. The @@ -2652,7 +2718,7 @@ struct sqlite3_mem_methods { **
    ** ** [[SQLITE_DBCONFIG_DQS_DDL]] -**
    SQLITE_DBCONFIG_DQS_DDL +**
    SQLITE_DBCONFIG_DQS_DDL
    **
    The SQLITE_DBCONFIG_DQS option activates or deactivates ** the legacy [double-quoted string literal] misfeature for DDL statements, ** such as CREATE TABLE and CREATE INDEX. The @@ -2661,7 +2727,7 @@ struct sqlite3_mem_methods { **
    ** ** [[SQLITE_DBCONFIG_TRUSTED_SCHEMA]] -**
    SQLITE_DBCONFIG_TRUSTED_SCHEMA +**
    SQLITE_DBCONFIG_TRUSTED_SCHEMA
    **
    The SQLITE_DBCONFIG_TRUSTED_SCHEMA option tells SQLite to ** assume that database schemas are untainted by malicious content. ** When the SQLITE_DBCONFIG_TRUSTED_SCHEMA option is disabled, SQLite @@ -2681,7 +2747,7 @@ struct sqlite3_mem_methods { **
    ** ** [[SQLITE_DBCONFIG_LEGACY_FILE_FORMAT]] -**
    SQLITE_DBCONFIG_LEGACY_FILE_FORMAT +**
    SQLITE_DBCONFIG_LEGACY_FILE_FORMAT
    **
    The SQLITE_DBCONFIG_LEGACY_FILE_FORMAT option activates or deactivates ** the legacy file format flag. When activated, this flag causes all newly ** created database file to have a schema format version number (the 4-byte @@ -2690,7 +2756,7 @@ struct sqlite3_mem_methods { ** any SQLite version back to 3.0.0 ([dateof:3.0.0]). Without this setting, ** newly created databases are generally not understandable by SQLite versions ** prior to 3.3.0 ([dateof:3.3.0]). As these words are written, there -** is now scarcely any need to generated database files that are compatible +** is now scarcely any need to generate database files that are compatible ** all the way back to version 3.0.0, and so this setting is of little ** practical use, but is provided so that SQLite can continue to claim the ** ability to generate new database files that are compatible with version @@ -2701,6 +2767,38 @@ struct sqlite3_mem_methods { ** not considered a bug since SQLite versions 3.3.0 and earlier do not support ** either generated columns or decending indexes. **
    +** +** [[SQLITE_DBCONFIG_STMT_SCANSTATUS]] +**
    SQLITE_DBCONFIG_STMT_SCANSTATUS
    +**
    The SQLITE_DBCONFIG_STMT_SCANSTATUS option is only useful in +** SQLITE_ENABLE_STMT_SCANSTATUS builds. In this case, it sets or clears +** a flag that enables collection of the sqlite3_stmt_scanstatus_v2() +** statistics. For statistics to be collected, the flag must be set on +** the database handle both when the SQL statement is prepared and when it +** is stepped. The flag is set (collection of statistics is enabled) +** by default. This option takes two arguments: an integer and a pointer to +** an integer.. The first argument is 1, 0, or -1 to enable, disable, or +** leave unchanged the statement scanstatus option. If the second argument +** is not NULL, then the value of the statement scanstatus setting after +** processing the first argument is written into the integer that the second +** argument points to. +**
    +** +** [[SQLITE_DBCONFIG_REVERSE_SCANORDER]] +**
    SQLITE_DBCONFIG_REVERSE_SCANORDER
    +**
    The SQLITE_DBCONFIG_REVERSE_SCANORDER option changes the default order +** in which tables and indexes are scanned so that the scans start at the end +** and work toward the beginning rather than starting at the beginning and +** working toward the end. Setting SQLITE_DBCONFIG_REVERSE_SCANORDER is the +** same as setting [PRAGMA reverse_unordered_selects]. This option takes +** two arguments which are an integer and a pointer to an integer. The first +** argument is 1, 0, or -1 to enable, disable, or leave unchanged the +** reverse scan order flag, respectively. If the second argument is not NULL, +** then 0 or 1 is written into the integer that the second argument points to +** depending on if the reverse scan order flag is set after processing the +** first argument. +**
    +** ** */ #define SQLITE_DBCONFIG_MAINDBNAME 1000 /* const char* */ @@ -2721,7 +2819,9 @@ struct sqlite3_mem_methods { #define SQLITE_DBCONFIG_ENABLE_VIEW 1015 /* int int* */ #define SQLITE_DBCONFIG_LEGACY_FILE_FORMAT 1016 /* int int* */ #define SQLITE_DBCONFIG_TRUSTED_SCHEMA 1017 /* int int* */ -#define SQLITE_DBCONFIG_MAX 1017 /* Largest DBCONFIG */ +#define SQLITE_DBCONFIG_STMT_SCANSTATUS 1018 /* int int* */ +#define SQLITE_DBCONFIG_REVERSE_SCANORDER 1019 /* int int* */ +#define SQLITE_DBCONFIG_MAX 1019 /* Largest DBCONFIG */ /* ** CAPI3REF: Enable Or Disable Extended Result Codes @@ -2943,8 +3043,12 @@ SQLITE_API sqlite3_int64 sqlite3_total_changes64(sqlite3*); ** ^A call to sqlite3_interrupt(D) that occurs when there are no running ** SQL statements is a no-op and has no effect on SQL statements ** that are started after the sqlite3_interrupt() call returns. +** +** ^The [sqlite3_is_interrupted(D)] interface can be used to determine whether +** or not an interrupt is currently in effect for [database connection] D. */ SQLITE_API void sqlite3_interrupt(sqlite3*); +SQLITE_API int sqlite3_is_interrupted(sqlite3*); /* ** CAPI3REF: Determine If An SQL Statement Is Complete @@ -3562,8 +3666,8 @@ SQLITE_API SQLITE_DEPRECATED void *sqlite3_profile(sqlite3*, **
    ^An SQLITE_TRACE_PROFILE callback provides approximately the same ** information as is provided by the [sqlite3_profile()] callback. ** ^The P argument is a pointer to the [prepared statement] and the -** X argument points to a 64-bit integer which is the estimated of -** the number of nanosecond that the prepared statement took to run. +** X argument points to a 64-bit integer which is approximately +** the number of nanoseconds that the prepared statement took to run. ** ^The SQLITE_TRACE_PROFILE callback is invoked when the statement finishes. ** ** [[SQLITE_TRACE_ROW]]
    SQLITE_TRACE_ROW
    @@ -3626,7 +3730,7 @@ SQLITE_API int sqlite3_trace_v2( ** ** ^The sqlite3_progress_handler(D,N,X,P) interface causes the callback ** function X to be invoked periodically during long running calls to -** [sqlite3_exec()], [sqlite3_step()] and [sqlite3_get_table()] for +** [sqlite3_step()] and [sqlite3_prepare()] and similar for ** database connection D. An example use for this ** interface is to keep a GUI updated during a large query. ** @@ -3651,6 +3755,13 @@ SQLITE_API int sqlite3_trace_v2( ** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their ** database connections for the meaning of "modify" in this paragraph. ** +** The progress handler callback would originally only be invoked from the +** bytecode engine. It still might be invoked during [sqlite3_prepare()] +** and similar because those routines might force a reparse of the schema +** which involves running the bytecode engine. However, beginning with +** SQLite version 3.41.0, the progress handler callback might also be +** invoked directly from [sqlite3_prepare()] while analyzing and generating +** code for complex queries. */ SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*); @@ -3687,13 +3798,18 @@ SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*); ** **
    ** ^(
    [SQLITE_OPEN_READONLY]
    -**
    The database is opened in read-only mode. If the database does not -** already exist, an error is returned.
    )^ +**
    The database is opened in read-only mode. If the database does +** not already exist, an error is returned.
    )^ ** ** ^(
    [SQLITE_OPEN_READWRITE]
    -**
    The database is opened for reading and writing if possible, or reading -** only if the file is write protected by the operating system. In either -** case the database must already exist, otherwise an error is returned.
    )^ +**
    The database is opened for reading and writing if possible, or +** reading only if the file is write protected by the operating +** system. In either case the database must already exist, otherwise +** an error is returned. For historical reasons, if opening in +** read-write mode fails due to OS-level permissions, an attempt is +** made to open it in read-only mode. [sqlite3_db_readonly()] can be +** used to determine whether the database is actually +** read-write.
    )^ ** ** ^(
    [SQLITE_OPEN_READWRITE] | [SQLITE_OPEN_CREATE]
    **
    The database is opened for reading and writing, and is created if @@ -3731,6 +3847,9 @@ SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*); **
    The database is opened [shared cache] enabled, overriding ** the default shared cache setting provided by ** [sqlite3_enable_shared_cache()].)^ +** The [use of shared cache mode is discouraged] and hence shared cache +** capabilities may be omitted from many builds of SQLite. In such cases, +** this option is a no-op. ** ** ^(
    [SQLITE_OPEN_PRIVATECACHE]
    **
    The database is opened [shared cache] disabled, overriding @@ -3746,7 +3865,7 @@ SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*); ** to return an extended result code.
    ** ** [[OPEN_NOFOLLOW]] ^(
    [SQLITE_OPEN_NOFOLLOW]
    -**
    The database filename is not allowed to be a symbolic link
    +**
    The database filename is not allowed to contain a symbolic link
    **
    )^ ** ** If the 3rd parameter to sqlite3_open_v2() is not one of the @@ -4005,10 +4124,10 @@ SQLITE_API int sqlite3_open_v2( ** ** See the [URI filename] documentation for additional information. */ -SQLITE_API const char *sqlite3_uri_parameter(const char *zFilename, const char *zParam); -SQLITE_API int sqlite3_uri_boolean(const char *zFile, const char *zParam, int bDefault); -SQLITE_API sqlite3_int64 sqlite3_uri_int64(const char*, const char*, sqlite3_int64); -SQLITE_API const char *sqlite3_uri_key(const char *zFilename, int N); +SQLITE_API const char *sqlite3_uri_parameter(sqlite3_filename z, const char *zParam); +SQLITE_API int sqlite3_uri_boolean(sqlite3_filename z, const char *zParam, int bDefault); +SQLITE_API sqlite3_int64 sqlite3_uri_int64(sqlite3_filename, const char*, sqlite3_int64); +SQLITE_API const char *sqlite3_uri_key(sqlite3_filename z, int N); /* ** CAPI3REF: Translate filenames @@ -4037,9 +4156,9 @@ SQLITE_API const char *sqlite3_uri_key(const char *zFilename, int N); ** return value from [sqlite3_db_filename()], then the result is ** undefined and is likely a memory access violation. */ -SQLITE_API const char *sqlite3_filename_database(const char*); -SQLITE_API const char *sqlite3_filename_journal(const char*); -SQLITE_API const char *sqlite3_filename_wal(const char*); +SQLITE_API const char *sqlite3_filename_database(sqlite3_filename); +SQLITE_API const char *sqlite3_filename_journal(sqlite3_filename); +SQLITE_API const char *sqlite3_filename_wal(sqlite3_filename); /* ** CAPI3REF: Database File Corresponding To A Journal @@ -4105,14 +4224,14 @@ SQLITE_API sqlite3_file *sqlite3_database_file_object(const char*); ** then the corresponding [sqlite3_module.xClose() method should also be ** invoked prior to calling sqlite3_free_filename(Y). */ -SQLITE_API char *sqlite3_create_filename( +SQLITE_API sqlite3_filename sqlite3_create_filename( const char *zDatabase, const char *zJournal, const char *zWal, int nParam, const char **azParam ); -SQLITE_API void sqlite3_free_filename(char*); +SQLITE_API void sqlite3_free_filename(sqlite3_filename); /* ** CAPI3REF: Error Codes And Messages @@ -5671,10 +5790,21 @@ SQLITE_API int sqlite3_create_window_function( ** from top-level SQL, and cannot be used in VIEWs or TRIGGERs nor in ** schema structures such as [CHECK constraints], [DEFAULT clauses], ** [expression indexes], [partial indexes], or [generated columns]. -** The SQLITE_DIRECTONLY flags is a security feature which is recommended -** for all [application-defined SQL functions], and especially for functions -** that have side-effects or that could potentially leak sensitive -** information. +**

    +** The SQLITE_DIRECTONLY flag is recommended for any +** [application-defined SQL function] +** that has side-effects or that could potentially leak sensitive information. +** This will prevent attacks in which an application is tricked +** into using a database file that has had its schema surreptiously +** modified to invoke the application-defined function in ways that are +** harmful. +**

    +** Some people say it is good practice to set SQLITE_DIRECTONLY on all +** [application-defined SQL functions], regardless of whether or not they +** are security sensitive, as doing so prevents those functions from being used +** inside of the database schema, and thus ensures that the database +** can be inspected and modified using generic tools (such as the [CLI]) +** that do not have access to the application-defined functions. ** ** ** [[SQLITE_INNOCUOUS]]

    SQLITE_INNOCUOUS
    @@ -5880,6 +6010,28 @@ SQLITE_API int sqlite3_value_numeric_type(sqlite3_value*); SQLITE_API int sqlite3_value_nochange(sqlite3_value*); SQLITE_API int sqlite3_value_frombind(sqlite3_value*); +/* +** CAPI3REF: Report the internal text encoding state of an sqlite3_value object +** METHOD: sqlite3_value +** +** ^(The sqlite3_value_encoding(X) interface returns one of [SQLITE_UTF8], +** [SQLITE_UTF16BE], or [SQLITE_UTF16LE] according to the current text encoding +** of the value X, assuming that X has type TEXT.)^ If sqlite3_value_type(X) +** returns something other than SQLITE_TEXT, then the return value from +** sqlite3_value_encoding(X) is meaningless. ^Calls to +** [sqlite3_value_text(X)], [sqlite3_value_text16(X)], [sqlite3_value_text16be(X)], +** [sqlite3_value_text16le(X)], [sqlite3_value_bytes(X)], or +** [sqlite3_value_bytes16(X)] might change the encoding of the value X and +** thus change the return from subsequent calls to sqlite3_value_encoding(X). +** +** This routine is intended for used by applications that test and validate +** the SQLite implementation. This routine is inquiring about the opaque +** internal state of an [sqlite3_value] object. Ordinary applications should +** not need to know what the internal state of an sqlite3_value object is and +** hence should not need to use this interface. +*/ +SQLITE_API int sqlite3_value_encoding(sqlite3_value*); + /* ** CAPI3REF: Finding The Subtype Of SQL Values ** METHOD: sqlite3_value @@ -5932,7 +6084,7 @@ SQLITE_API void sqlite3_value_free(sqlite3_value*); ** ** ^The sqlite3_aggregate_context(C,N) routine returns a NULL pointer ** when first called if N is less than or equal to zero or if a memory -** allocate error occurs. +** allocation error occurs. ** ** ^(The amount of space allocated by sqlite3_aggregate_context(C,N) is ** determined by the N parameter on first successful call. Changing the @@ -6137,9 +6289,10 @@ typedef void (*sqlite3_destructor_type)(void*); ** of [SQLITE_UTF8], [SQLITE_UTF16], [SQLITE_UTF16BE], or [SQLITE_UTF16LE]. ** ^SQLite takes the text result from the application from ** the 2nd parameter of the sqlite3_result_text* interfaces. -** ^If the 3rd parameter to the sqlite3_result_text* interfaces -** is negative, then SQLite takes result text from the 2nd parameter -** through the first zero character. +** ^If the 3rd parameter to any of the sqlite3_result_text* interfaces +** other than sqlite3_result_text64() is negative, then SQLite computes +** the string length itself by searching the 2nd parameter for the first +** zero character. ** ^If the 3rd parameter to the sqlite3_result_text* interfaces ** is non-negative, then as many bytes (not characters) of the text ** pointed to by the 2nd parameter are taken as the application-defined @@ -6413,6 +6566,13 @@ SQLITE_API void sqlite3_activate_cerod( ** of the default VFS is not implemented correctly, or not implemented at ** all, then the behavior of sqlite3_sleep() may deviate from the description ** in the previous paragraphs. +** +** If a negative argument is passed to sqlite3_sleep() the results vary by +** VFS and operating system. Some system treat a negative argument as an +** instruction to sleep forever. Others understand it to mean do not sleep +** at all. ^In SQLite version 3.42.0 and later, a negative +** argument passed into sqlite3_sleep() is changed to zero before it is relayed +** down into the xSleep method of the VFS. */ SQLITE_API int sqlite3_sleep(int); @@ -6635,7 +6795,7 @@ SQLITE_API const char *sqlite3_db_name(sqlite3 *db, int N); **
  • [sqlite3_filename_wal()] ** */ -SQLITE_API const char *sqlite3_db_filename(sqlite3 *db, const char *zDbName); +SQLITE_API sqlite3_filename sqlite3_db_filename(sqlite3 *db, const char *zDbName); /* ** CAPI3REF: Determine if a database is read-only @@ -6772,7 +6932,7 @@ SQLITE_API void *sqlite3_rollback_hook(sqlite3*, void(*)(void *), void*); ** function C that is invoked prior to each autovacuum of the database ** file. ^The callback is passed a copy of the generic data pointer (P), ** the schema-name of the attached database that is being autovacuumed, -** the the size of the database file in pages, the number of free pages, +** the size of the database file in pages, the number of free pages, ** and the number of bytes per page, respectively. The callback should ** return the number of free pages that should be removed by the ** autovacuum. ^If the callback returns zero, then no autovacuum happens. @@ -6893,6 +7053,11 @@ SQLITE_API void *sqlite3_update_hook( ** to the same database. Sharing is enabled if the argument is true ** and disabled if the argument is false.)^ ** +** This interface is omitted if SQLite is compiled with +** [-DSQLITE_OMIT_SHARED_CACHE]. The [-DSQLITE_OMIT_SHARED_CACHE] +** compile-time option is recommended because the +** [use of shared cache mode is discouraged]. +** ** ^Cache sharing is enabled and disabled for an entire process. ** This is a change as of SQLite [version 3.5.0] ([dateof:3.5.0]). ** In prior versions of SQLite, @@ -6991,7 +7156,7 @@ SQLITE_API int sqlite3_db_release_memory(sqlite3*); ** ^The soft heap limit may not be greater than the hard heap limit. ** ^If the hard heap limit is enabled and if sqlite3_soft_heap_limit(N) ** is invoked with a value of N that is greater than the hard heap limit, -** the the soft heap limit is set to the value of the hard heap limit. +** the soft heap limit is set to the value of the hard heap limit. ** ^The soft heap limit is automatically enabled whenever the hard heap ** limit is enabled. ^When sqlite3_hard_heap_limit64(N) is invoked and ** the soft heap limit is outside the range of 1..N, then the soft heap @@ -7252,15 +7417,6 @@ SQLITE_API int sqlite3_cancel_auto_extension(void(*xEntryPoint)(void)); */ SQLITE_API void sqlite3_reset_auto_extension(void); -/* -** The interface to the virtual-table mechanism is currently considered -** to be experimental. The interface might change in incompatible ways. -** If this is a problem for you, do not use the interface at this time. -** -** When the virtual-table mechanism stabilizes, we will declare the -** interface fixed, support it indefinitely, and remove this comment. -*/ - /* ** Structures used by the virtual table interface */ @@ -7379,10 +7535,10 @@ struct sqlite3_module { ** when the omit flag is true there is no guarantee that the constraint will ** not be checked again using byte code.)^ ** -** ^The idxNum and idxPtr values are recorded and passed into the +** ^The idxNum and idxStr values are recorded and passed into the ** [xFilter] method. -** ^[sqlite3_free()] is used to free idxPtr if and only if -** needToFreeIdxPtr is true. +** ^[sqlite3_free()] is used to free idxStr if and only if +** needToFreeIdxStr is true. ** ** ^The orderByConsumed means that output from [xFilter]/[xNext] will occur in ** the correct order to satisfy the ORDER BY clause so that no separate @@ -7502,7 +7658,7 @@ struct sqlite3_index_info { ** the [sqlite3_vtab_collation()] interface. For most real-world virtual ** tables, the collating sequence of constraints does not matter (for example ** because the constraints are numeric) and so the sqlite3_vtab_collation() -** interface is no commonly needed. +** interface is not commonly needed. */ #define SQLITE_INDEX_CONSTRAINT_EQ 2 #define SQLITE_INDEX_CONSTRAINT_GT 4 @@ -7661,16 +7817,6 @@ SQLITE_API int sqlite3_declare_vtab(sqlite3*, const char *zSQL); */ SQLITE_API int sqlite3_overload_function(sqlite3*, const char *zFuncName, int nArg); -/* -** The interface to the virtual-table mechanism defined above (back up -** to a comment remarkably similar to this one) is currently considered -** to be experimental. The interface might change in incompatible ways. -** If this is a problem for you, do not use the interface at this time. -** -** When the virtual-table mechanism stabilizes, we will declare the -** interface fixed, support it indefinitely, and remove this comment. -*/ - /* ** CAPI3REF: A Handle To An Open BLOB ** KEYWORDS: {BLOB handle} {BLOB handles} @@ -8054,9 +8200,9 @@ SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*); ** is undefined if the mutex is not currently entered by the ** calling thread or is not currently allocated. ** -** ^If the argument to sqlite3_mutex_enter(), sqlite3_mutex_try(), or -** sqlite3_mutex_leave() is a NULL pointer, then all three routines -** behave as no-ops. +** ^If the argument to sqlite3_mutex_enter(), sqlite3_mutex_try(), +** sqlite3_mutex_leave(), or sqlite3_mutex_free() is a NULL pointer, +** then any of the four routines behaves as a no-op. ** ** See also: [sqlite3_mutex_held()] and [sqlite3_mutex_notheld()]. */ @@ -9286,7 +9432,7 @@ typedef struct sqlite3_backup sqlite3_backup; ** if the application incorrectly accesses the destination [database connection] ** and so no error code is reported, but the operations may malfunction ** nevertheless. Use of the destination database connection while a -** backup is in progress might also also cause a mutex deadlock. +** backup is in progress might also cause a mutex deadlock. ** ** If running in [shared cache mode], the application must ** guarantee that the shared cache used by the destination database @@ -9714,7 +9860,7 @@ SQLITE_API int sqlite3_wal_checkpoint_v2( */ #define SQLITE_CHECKPOINT_PASSIVE 0 /* Do as much as possible w/o blocking */ #define SQLITE_CHECKPOINT_FULL 1 /* Wait for writers, then checkpoint */ -#define SQLITE_CHECKPOINT_RESTART 2 /* Like FULL but wait for for readers */ +#define SQLITE_CHECKPOINT_RESTART 2 /* Like FULL but wait for readers */ #define SQLITE_CHECKPOINT_TRUNCATE 3 /* Like RESTART but also truncate WAL */ /* @@ -9790,18 +9936,28 @@ SQLITE_API int sqlite3_vtab_config(sqlite3*, int op, ...); ** [[SQLITE_VTAB_INNOCUOUS]]
    SQLITE_VTAB_INNOCUOUS
    **
    Calls of the form ** [sqlite3_vtab_config](db,SQLITE_VTAB_INNOCUOUS) from within the -** the [xConnect] or [xCreate] methods of a [virtual table] implmentation +** the [xConnect] or [xCreate] methods of a [virtual table] implementation ** identify that virtual table as being safe to use from within triggers ** and views. Conceptually, the SQLITE_VTAB_INNOCUOUS tag means that the ** virtual table can do no serious harm even if it is controlled by a ** malicious hacker. Developers should avoid setting the SQLITE_VTAB_INNOCUOUS ** flag unless absolutely necessary. **
    +** +** [[SQLITE_VTAB_USES_ALL_SCHEMAS]]
    SQLITE_VTAB_USES_ALL_SCHEMAS
    +**
    Calls of the form +** [sqlite3_vtab_config](db,SQLITE_VTAB_USES_ALL_SCHEMA) from within the +** the [xConnect] or [xCreate] methods of a [virtual table] implementation +** instruct the query planner to begin at least a read transaction on +** all schemas ("main", "temp", and any ATTACH-ed databases) whenever the +** virtual table is used. +**
    ** */ #define SQLITE_VTAB_CONSTRAINT_SUPPORT 1 #define SQLITE_VTAB_INNOCUOUS 2 #define SQLITE_VTAB_DIRECTONLY 3 +#define SQLITE_VTAB_USES_ALL_SCHEMAS 4 /* ** CAPI3REF: Determine The Virtual Table Conflict Policy @@ -9874,7 +10030,7 @@ SQLITE_API int sqlite3_vtab_nochange(sqlite3_context*); **

  • Otherwise, "BINARY" is returned. ** */ -SQLITE_API SQLITE_EXPERIMENTAL const char *sqlite3_vtab_collation(sqlite3_index_info*,int); +SQLITE_API const char *sqlite3_vtab_collation(sqlite3_index_info*,int); /* ** CAPI3REF: Determine if a virtual table query is DISTINCT @@ -10031,21 +10187,20 @@ SQLITE_API int sqlite3_vtab_in(sqlite3_index_info*, int iCons, int bHandle); ** is undefined and probably harmful. ** ** The X parameter in a call to sqlite3_vtab_in_first(X,P) or -** sqlite3_vtab_in_next(X,P) must be one of the parameters to the +** sqlite3_vtab_in_next(X,P) should be one of the parameters to the ** xFilter method which invokes these routines, and specifically ** a parameter that was previously selected for all-at-once IN constraint ** processing use the [sqlite3_vtab_in()] interface in the ** [xBestIndex|xBestIndex method]. ^(If the X parameter is not ** an xFilter argument that was selected for all-at-once IN constraint -** processing, then these routines return [SQLITE_MISUSE])^ or perhaps -** exhibit some other undefined or harmful behavior. +** processing, then these routines return [SQLITE_ERROR].)^ ** ** ^(Use these routines to access all values on the right-hand side ** of the IN constraint using code like the following: ** ** 

     **    for(rc=sqlite3_vtab_in_first(pList, &pVal);
-**        rc==SQLITE_OK && pVal
+**        rc==SQLITE_OK && pVal;
 **        rc=sqlite3_vtab_in_next(pList, &pVal)
 **    ){
 **      // do something with pVal
@@ -10143,6 +10298,10 @@ SQLITE_API int sqlite3_vtab_rhs_value(sqlite3_index_info*, int, sqlite3_value **
 ** managed by the prepared statement S and will be automatically freed when
 ** S is finalized.
 **
+** Not all values are available for all query elements. When a value is
+** not available, the output variable is set to -1 if the value is numeric,
+** or to NULL if it is a string (SQLITE_SCANSTAT_NAME).
+**
 ** 
    
 ** [[SQLITE_SCANSTAT_NLOOP]] 
    SQLITE_SCANSTAT_NLOOP
    
 ** 
    ^The [sqlite3_int64] variable pointed to by the V parameter will be
@@ -10170,12 +10329,24 @@ SQLITE_API int sqlite3_vtab_rhs_value(sqlite3_index_info*, int, sqlite3_value **
 ** to a zero-terminated UTF-8 string containing the [EXPLAIN QUERY PLAN]
 ** description for the X-th loop.
 **
-** [[SQLITE_SCANSTAT_SELECTID]] 
    SQLITE_SCANSTAT_SELECT
    
+** [[SQLITE_SCANSTAT_SELECTID]] 
    SQLITE_SCANSTAT_SELECTID
    
 ** 
    ^The "int" variable pointed to by the V parameter will be set to the
-** "select-id" for the X-th loop.  The select-id identifies which query or
-** subquery the loop is part of.  The main query has a select-id of zero.
-** The select-id is the same value as is output in the first column
-** of an [EXPLAIN QUERY PLAN] query.
+** id for the X-th query plan element. The id value is unique within the
+** statement. The select-id is the same value as is output in the first
+** column of an [EXPLAIN QUERY PLAN] query.
+**
+** [[SQLITE_SCANSTAT_PARENTID]] 
    SQLITE_SCANSTAT_PARENTID
    
+** 
    The "int" variable pointed to by the V parameter will be set to the
+** the id of the parent of the current query element, if applicable, or
+** to zero if the query element has no parent. This is the same value as
+** returned in the second column of an [EXPLAIN QUERY PLAN] query.
+**
+** [[SQLITE_SCANSTAT_NCYCLE]] 
    SQLITE_SCANSTAT_NCYCLE
    
+** 
    The sqlite3_int64 output value is set to the number of cycles,
+** according to the processor time-stamp counter, that elapsed while the
+** query element was being processed. This value is not available for
+** all query elements - if it is unavailable the output variable is
+** set to -1.
 ** 
    
 */
 #define SQLITE_SCANSTAT_NLOOP    0
@@ -10184,12 +10355,14 @@ SQLITE_API int sqlite3_vtab_rhs_value(sqlite3_index_info*, int, sqlite3_value **
 #define SQLITE_SCANSTAT_NAME     3
 #define SQLITE_SCANSTAT_EXPLAIN  4
 #define SQLITE_SCANSTAT_SELECTID 5
+#define SQLITE_SCANSTAT_PARENTID 6
+#define SQLITE_SCANSTAT_NCYCLE   7
 
 /*
 ** CAPI3REF: Prepared Statement Scan Status
 ** METHOD: sqlite3_stmt
 **
-** This interface returns information about the predicted and measured
+** These interfaces return information about the predicted and measured
 ** performance for pStmt.  Advanced applications can use this
 ** interface to compare the predicted and the measured performance and
 ** issue warnings and/or rerun [ANALYZE] if discrepancies are found.
@@ -10200,19 +10373,25 @@ SQLITE_API int sqlite3_vtab_rhs_value(sqlite3_index_info*, int, sqlite3_value **
 **
 ** The "iScanStatusOp" parameter determines which status information to return.
 ** The "iScanStatusOp" must be one of the [scanstatus options] or the behavior
-** of this interface is undefined.
-** ^The requested measurement is written into a variable pointed to by
-** the "pOut" parameter.
-** Parameter "idx" identifies the specific loop to retrieve statistics for.
-** Loops are numbered starting from zero. ^If idx is out of range - less than
-** zero or greater than or equal to the total number of loops used to implement
-** the statement - a non-zero value is returned and the variable that pOut
-** points to is unchanged.
-**
-** ^Statistics might not be available for all loops in all statements. ^In cases
-** where there exist loops with no available statistics, this function behaves
-** as if the loop did not exist - it returns non-zero and leave the variable
-** that pOut points to unchanged.
+** of this interface is undefined. ^The requested measurement is written into
+** a variable pointed to by the "pOut" parameter.
+**
+** The "flags" parameter must be passed a mask of flags. At present only
+** one flag is defined - SQLITE_SCANSTAT_COMPLEX. If SQLITE_SCANSTAT_COMPLEX
+** is specified, then status information is available for all elements
+** of a query plan that are reported by "EXPLAIN QUERY PLAN" output. If
+** SQLITE_SCANSTAT_COMPLEX is not specified, then only query plan elements
+** that correspond to query loops (the "SCAN..." and "SEARCH..." elements of
+** the EXPLAIN QUERY PLAN output) are available. Invoking API
+** sqlite3_stmt_scanstatus() is equivalent to calling
+** sqlite3_stmt_scanstatus_v2() with a zeroed flags parameter.
+**
+** Parameter "idx" identifies the specific query element to retrieve statistics
+** for. Query elements are numbered starting from zero. A value of -1 may be
+** to query for statistics regarding the entire query. ^If idx is out of range
+** - less than -1 or greater than or equal to the total number of query
+** elements used to implement the statement - a non-zero value is returned and
+** the variable that pOut points to is unchanged.
 **
 ** See also: [sqlite3_stmt_scanstatus_reset()]
 */
@@ -10222,6 +10401,19 @@ SQLITE_API int sqlite3_stmt_scanstatus(
   int iScanStatusOp,        /* Information desired.  SQLITE_SCANSTAT_* */
   void *pOut                /* Result written here */
 );
+SQLITE_API int sqlite3_stmt_scanstatus_v2(
+  sqlite3_stmt *pStmt,      /* Prepared statement for which info desired */
+  int idx,                  /* Index of loop to report on */
+  int iScanStatusOp,        /* Information desired.  SQLITE_SCANSTAT_* */
+  int flags,                /* Mask of flags defined below */
+  void *pOut                /* Result written here */
+);
+
+/*
+** CAPI3REF: Prepared Statement Scan Status
+** KEYWORDS: {scan status flags}
+*/
+#define SQLITE_SCANSTAT_COMPLEX 0x0001
 
 /*
 ** CAPI3REF: Zero Scan-Status Counters
@@ -10312,6 +10504,10 @@ SQLITE_API int sqlite3_db_cacheflush(sqlite3*);
 ** function is not defined for operations on WITHOUT ROWID tables, or for
 ** DELETE operations on rowid tables.
 **
+** ^The sqlite3_preupdate_hook(D,C,P) function returns the P argument from
+** the previous call on the same [database connection] D, or NULL for
+** the first call on D.
+**
 ** The [sqlite3_preupdate_old()], [sqlite3_preupdate_new()],
 ** [sqlite3_preupdate_count()], and [sqlite3_preupdate_depth()] interfaces
 ** provide additional information about a preupdate event. These routines
@@ -10717,6 +10913,19 @@ SQLITE_API int sqlite3_deserialize(
 # undef double
 #endif
 
+#if defined(__wasi__)
+# undef SQLITE_WASI
+# define SQLITE_WASI 1
+# undef SQLITE_OMIT_WAL
+# define SQLITE_OMIT_WAL 1/* because it requires shared memory APIs */
+# ifndef SQLITE_OMIT_LOAD_EXTENSION
+#  define SQLITE_OMIT_LOAD_EXTENSION
+# endif
+# ifndef SQLITE_THREADSAFE
+#  define SQLITE_THREADSAFE 0
+# endif
+#endif
+
 #if 0
 }  /* End of the 'extern "C"' block */
 #endif
@@ -10923,16 +11132,20 @@ SQLITE_API int sqlite3session_create(
 SQLITE_API void sqlite3session_delete(sqlite3_session *pSession);
 
 /*
-** CAPIREF: Conigure a Session Object
+** CAPI3REF: Configure a Session Object
 ** METHOD: sqlite3_session
 **
 ** This method is used to configure a session object after it has been
-** created. At present the only valid value for the second parameter is
-** [SQLITE_SESSION_OBJCONFIG_SIZE].
+** created. At present the only valid values for the second parameter are
+** [SQLITE_SESSION_OBJCONFIG_SIZE] and [SQLITE_SESSION_OBJCONFIG_ROWID].
 **
-** Arguments for sqlite3session_object_config()
+*/
+SQLITE_API int sqlite3session_object_config(sqlite3_session*, int op, void *pArg);
+
+/*
+** CAPI3REF: Options for sqlite3session_object_config
 **
-** The following values may passed as the the 4th parameter to
+** The following values may passed as the the 2nd parameter to
 ** sqlite3session_object_config().
 **
 ** 
    SQLITE_SESSION_OBJCONFIG_SIZE 
    
@@ -10948,12 +11161,21 @@ SQLITE_API void sqlite3session_delete(sqlite3_session *pSession);
 **
 **   It is an error (SQLITE_MISUSE) to attempt to modify this setting after
 **   the first table has been attached to the session object.
+**
+** 
    SQLITE_SESSION_OBJCONFIG_ROWID 
    
+**   This option is used to set, clear or query the flag that enables
+**   collection of data for tables with no explicit PRIMARY KEY.
+**
+**   Normally, tables with no explicit PRIMARY KEY are simply ignored
+**   by the sessions module. However, if this flag is set, it behaves
+**   as if such tables have a column "_rowid_ INTEGER PRIMARY KEY" inserted
+**   as their leftmost columns.
+**
+**   It is an error (SQLITE_MISUSE) to attempt to modify this setting after
+**   the first table has been attached to the session object.
 */
-SQLITE_API int sqlite3session_object_config(sqlite3_session*, int op, void *pArg);
-
-/*
-*/
-#define SQLITE_SESSION_OBJCONFIG_SIZE 1
+#define SQLITE_SESSION_OBJCONFIG_SIZE  1
+#define SQLITE_SESSION_OBJCONFIG_ROWID 2
 
 /*
 ** CAPI3REF: Enable Or Disable A Session Object
@@ -12086,9 +12308,23 @@ SQLITE_API int sqlite3changeset_apply_v2(
 **   Invert the changeset before applying it. This is equivalent to inverting
 **   a changeset using sqlite3changeset_invert() before applying it. It is
 **   an error to specify this flag with a patchset.
+**
+** 
    SQLITE_CHANGESETAPPLY_IGNORENOOP 
    
+**   Do not invoke the conflict handler callback for any changes that
+**   would not actually modify the database even if they were applied.
+**   Specifically, this means that the conflict handler is not invoked
+**   for:
+**    
      
+**    
    • a delete change if the row being deleted cannot be found,
+**    
    • an update change if the modified fields are already set to
+**        their new values in the conflicting row, or
+**    
    • an insert change if all fields of the conflicting row match
+**        the row being inserted.
+**    
    
 */
 #define SQLITE_CHANGESETAPPLY_NOSAVEPOINT   0x0001
 #define SQLITE_CHANGESETAPPLY_INVERT        0x0002
+#define SQLITE_CHANGESETAPPLY_IGNORENOOP    0x0004
 
 /*
 ** CAPI3REF: Constants Passed To The Conflict Handler
@@ -13155,7 +13391,7 @@ struct fts5_api {
 ** autoconf-based build
 */
 #if defined(_HAVE_SQLITE_CONFIG_H) && !defined(SQLITECONFIG_H)
-#include "config.h"
+#include "sqlite_cfg.h"
 #define SQLITECONFIG_H 1
 #endif
 
@@ -13385,8 +13621,8 @@ struct fts5_api {
 #endif
 
 /*
-** WAL mode depends on atomic aligned 32-bit loads and stores in a few
-** places.  The following macros try to make this explicit.
+** A few places in the code require atomic load/store of aligned
+** integer values.
 */
 #ifndef __has_extension
 # define __has_extension(x) 0     /* compatibility with non-clang compilers */
@@ -13442,15 +13678,22 @@ struct fts5_api {
 #endif
 
 /*
-** A macro to hint to the compiler that a function should not be
+** Macros to hint to the compiler that a function should or should not be
 ** inlined.
 */
 #if defined(__GNUC__)
 #  define SQLITE_NOINLINE  __attribute__((noinline))
+#  define SQLITE_INLINE    __attribute__((always_inline)) inline
 #elif defined(_MSC_VER) && _MSC_VER>=1310
 #  define SQLITE_NOINLINE  __declspec(noinline)
+#  define SQLITE_INLINE    __forceinline
 #else
 #  define SQLITE_NOINLINE
+#  define SQLITE_INLINE
+#endif
+#if defined(SQLITE_COVERAGE_TEST) || defined(__STRICT_ANSI__)
+# undef SQLITE_INLINE
+# define SQLITE_INLINE
 #endif
 
 /*
@@ -14268,15 +14511,9 @@ typedef INT8_TYPE i8;              /* 1-byte signed integer */
 
 /*
 ** The datatype used to store estimates of the number of rows in a
-** table or index.  This is an unsigned integer type.  For 99.9% of
-** the world, a 32-bit integer is sufficient.  But a 64-bit integer
-** can be used at compile-time if desired.
+** table or index.
 */
-#ifdef SQLITE_64BIT_STATS
- typedef u64 tRowcnt;    /* 64-bit only if requested at compile-time */
-#else
- typedef u32 tRowcnt;    /* 32-bit is the default */
-#endif
+typedef u64 tRowcnt;
 
 /*
 ** Estimated quantities used for query planning are stored as 16-bit
@@ -14422,9 +14659,9 @@ typedef INT16_TYPE LogEst;
 ** pointers.  In that case, only verify 4-byte alignment.
 */
 #ifdef SQLITE_4_BYTE_ALIGNED_MALLOC
-# define EIGHT_BYTE_ALIGNMENT(X)   ((((char*)(X) - (char*)0)&3)==0)
+# define EIGHT_BYTE_ALIGNMENT(X)   ((((uptr)(X) - (uptr)0)&3)==0)
 #else
-# define EIGHT_BYTE_ALIGNMENT(X)   ((((char*)(X) - (char*)0)&7)==0)
+# define EIGHT_BYTE_ALIGNMENT(X)   ((((uptr)(X) - (uptr)0)&7)==0)
 #endif
 
 /*
@@ -14478,15 +14715,38 @@ SQLITE_PRIVATE u32 sqlite3TreeTrace;
     && (defined(SQLITE_TEST) || defined(SQLITE_ENABLE_SELECTTRACE) \
                              || defined(SQLITE_ENABLE_TREETRACE))
 # define TREETRACE_ENABLED 1
-# define SELECTTRACE(K,P,S,X)  \
+# define TREETRACE(K,P,S,X)  \
   if(sqlite3TreeTrace&(K))   \
     sqlite3DebugPrintf("%u/%d/%p: ",(S)->selId,(P)->addrExplain,(S)),\
     sqlite3DebugPrintf X
 #else
-# define SELECTTRACE(K,P,S,X)
+# define TREETRACE(K,P,S,X)
 # define TREETRACE_ENABLED 0
 #endif
 
+/* TREETRACE flag meanings:
+**
+**   0x00000001     Beginning and end of SELECT processing
+**   0x00000002     WHERE clause processing
+**   0x00000004     Query flattener
+**   0x00000008     Result-set wildcard expansion
+**   0x00000010     Query name resolution
+**   0x00000020     Aggregate analysis
+**   0x00000040     Window functions
+**   0x00000080     Generated column names
+**   0x00000100     Move HAVING terms into WHERE
+**   0x00000200     Count-of-view optimization
+**   0x00000400     Compound SELECT processing
+**   0x00000800     Drop superfluous ORDER BY
+**   0x00001000     LEFT JOIN simplifies to JOIN
+**   0x00002000     Constant propagation
+**   0x00004000     Push-down optimization
+**   0x00008000     After all FROM-clause analysis
+**   0x00010000     Beginning of DELETE/INSERT/UPDATE processing
+**   0x00020000     Transform DISTINCT into GROUP BY
+**   0x00040000     SELECT tree dump after all code has been generated
+*/
+
 /*
 ** Macros for "wheretrace"
 */
@@ -14499,6 +14759,36 @@ SQLITE_PRIVATE u32 sqlite3WhereTrace;
 # define WHERETRACE(K,X)
 #endif
 
+/*
+** Bits for the sqlite3WhereTrace mask:
+**
+** (---any--)   Top-level block structure
+** 0x-------F   High-level debug messages
+** 0x----FFF-   More detail
+** 0xFFFF----   Low-level debug messages
+**
+** 0x00000001   Code generation
+** 0x00000002   Solver
+** 0x00000004   Solver costs
+** 0x00000008   WhereLoop inserts
+**
+** 0x00000010   Display sqlite3_index_info xBestIndex calls
+** 0x00000020   Range an equality scan metrics
+** 0x00000040   IN operator decisions
+** 0x00000080   WhereLoop cost adjustements
+** 0x00000100
+** 0x00000200   Covering index decisions
+** 0x00000400   OR optimization
+** 0x00000800   Index scanner
+** 0x00001000   More details associated with code generation
+** 0x00002000
+** 0x00004000   Show all WHERE terms at key points
+** 0x00008000   Show the full SELECT statement at key places
+**
+** 0x00010000   Show more detail when printing WHERE terms
+** 0x00020000   Show WHERE terms returned from whereScanNext()
+*/
+
 
 /*
 ** An instance of the following structure is used to store the busy-handler
@@ -14638,6 +14928,7 @@ typedef struct FuncDef FuncDef;
 typedef struct FuncDefHash FuncDefHash;
 typedef struct IdList IdList;
 typedef struct Index Index;
+typedef struct IndexedExpr IndexedExpr;
 typedef struct IndexSample IndexSample;
 typedef struct KeyClass KeyClass;
 typedef struct KeyInfo KeyInfo;
@@ -14703,6 +14994,7 @@ typedef struct With With;
 #define MASKBIT32(n)  (((unsigned int)1)<<(n))
 #define SMASKBIT32(n) ((n)<=31?((unsigned int)1)<<(n):0)
 #define ALLBITS       ((Bitmask)-1)
+#define TOPBIT        (((Bitmask)1)<<(BMS-1))
 
 /* A VList object records a mapping between parameters/variables/wildcards
 ** in the SQL statement (such as $abc, @pqr, or :xyz) and the integer
@@ -14717,6 +15009,331 @@ typedef int VList;
 ** "BusyHandler" typedefs. vdbe.h also requires a few of the opaque
 ** pointer types (i.e. FuncDef) defined above.
 */
+/************** Include os.h in the middle of sqliteInt.h ********************/
+/************** Begin file os.h **********************************************/
+/*
+** 2001 September 16
+**
+** The author disclaims copyright to this source code.  In place of
+** a legal notice, here is a blessing:
+**
+**    May you do good and not evil.
+**    May you find forgiveness for yourself and forgive others.
+**    May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This header file (together with is companion C source-code file
+** "os.c") attempt to abstract the underlying operating system so that
+** the SQLite library will work on both POSIX and windows systems.
+**
+** This header file is #include-ed by sqliteInt.h and thus ends up
+** being included by every source file.
+*/
+#ifndef _SQLITE_OS_H_
+#define _SQLITE_OS_H_
+
+/*
+** Attempt to automatically detect the operating system and setup the
+** necessary pre-processor macros for it.
+*/
+/************** Include os_setup.h in the middle of os.h *********************/
+/************** Begin file os_setup.h ****************************************/
+/*
+** 2013 November 25
+**
+** The author disclaims copyright to this source code.  In place of
+** a legal notice, here is a blessing:
+**
+**    May you do good and not evil.
+**    May you find forgiveness for yourself and forgive others.
+**    May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains pre-processor directives related to operating system
+** detection and/or setup.
+*/
+#ifndef SQLITE_OS_SETUP_H
+#define SQLITE_OS_SETUP_H
+
+/*
+** Figure out if we are dealing with Unix, Windows, or some other operating
+** system.
+**
+** After the following block of preprocess macros, all of
+**
+**    SQLITE_OS_KV
+**    SQLITE_OS_OTHER
+**    SQLITE_OS_UNIX
+**    SQLITE_OS_WIN
+**
+** will defined to either 1 or 0. One of them will be 1. The others will be 0.
+** If none of the macros are initially defined, then select either
+** SQLITE_OS_UNIX or SQLITE_OS_WIN depending on the target platform.
+**
+** If SQLITE_OS_OTHER=1 is specified at compile-time, then the application
+** must provide its own VFS implementation together with sqlite3_os_init()
+** and sqlite3_os_end() routines.
+*/
+#if !defined(SQLITE_OS_KV) && !defined(SQLITE_OS_OTHER) && \
+       !defined(SQLITE_OS_UNIX) && !defined(SQLITE_OS_WIN)
+#  if defined(_WIN32) || defined(WIN32) || defined(__CYGWIN__) || \
+          defined(__MINGW32__) || defined(__BORLANDC__)
+#    define SQLITE_OS_WIN 1
+#    define SQLITE_OS_UNIX 0
+#  else
+#    define SQLITE_OS_WIN 0
+#    define SQLITE_OS_UNIX 1
+#  endif
+#endif
+#if SQLITE_OS_OTHER+1>1
+#  undef SQLITE_OS_KV
+#  define SQLITE_OS_KV 0
+#  undef SQLITE_OS_UNIX
+#  define SQLITE_OS_UNIX 0
+#  undef SQLITE_OS_WIN
+#  define SQLITE_OS_WIN 0
+#endif
+#if SQLITE_OS_KV+1>1
+#  undef SQLITE_OS_OTHER
+#  define SQLITE_OS_OTHER 0
+#  undef SQLITE_OS_UNIX
+#  define SQLITE_OS_UNIX 0
+#  undef SQLITE_OS_WIN
+#  define SQLITE_OS_WIN 0
+#  define SQLITE_OMIT_LOAD_EXTENSION 1
+#  define SQLITE_OMIT_WAL 1
+#  define SQLITE_OMIT_DEPRECATED 1
+#  undef SQLITE_TEMP_STORE
+#  define SQLITE_TEMP_STORE 3  /* Always use memory for temporary storage */
+#  define SQLITE_DQS 0
+#  define SQLITE_OMIT_SHARED_CACHE 1
+#  define SQLITE_OMIT_AUTOINIT 1
+#endif
+#if SQLITE_OS_UNIX+1>1
+#  undef SQLITE_OS_KV
+#  define SQLITE_OS_KV 0
+#  undef SQLITE_OS_OTHER
+#  define SQLITE_OS_OTHER 0
+#  undef SQLITE_OS_WIN
+#  define SQLITE_OS_WIN 0
+#endif
+#if SQLITE_OS_WIN+1>1
+#  undef SQLITE_OS_KV
+#  define SQLITE_OS_KV 0
+#  undef SQLITE_OS_OTHER
+#  define SQLITE_OS_OTHER 0
+#  undef SQLITE_OS_UNIX
+#  define SQLITE_OS_UNIX 0
+#endif
+
+
+#endif /* SQLITE_OS_SETUP_H */
+
+/************** End of os_setup.h ********************************************/
+/************** Continuing where we left off in os.h *************************/
+
+/* If the SET_FULLSYNC macro is not defined above, then make it
+** a no-op
+*/
+#ifndef SET_FULLSYNC
+# define SET_FULLSYNC(x,y)
+#endif
+
+/* Maximum pathname length.  Note: FILENAME_MAX defined by stdio.h
+*/
+#ifndef SQLITE_MAX_PATHLEN
+# define SQLITE_MAX_PATHLEN FILENAME_MAX
+#endif
+
+/* Maximum number of symlinks that will be resolved while trying to
+** expand a filename in xFullPathname() in the VFS.
+*/
+#ifndef SQLITE_MAX_SYMLINK
+# define SQLITE_MAX_SYMLINK 200
+#endif
+
+/*
+** The default size of a disk sector
+*/
+#ifndef SQLITE_DEFAULT_SECTOR_SIZE
+# define SQLITE_DEFAULT_SECTOR_SIZE 4096
+#endif
+
+/*
+** Temporary files are named starting with this prefix followed by 16 random
+** alphanumeric characters, and no file extension. They are stored in the
+** OS's standard temporary file directory, and are deleted prior to exit.
+** If sqlite is being embedded in another program, you may wish to change the
+** prefix to reflect your program's name, so that if your program exits
+** prematurely, old temporary files can be easily identified. This can be done
+** using -DSQLITE_TEMP_FILE_PREFIX=myprefix_ on the compiler command line.
+**
+** 2006-10-31:  The default prefix used to be "sqlite_".  But then
+** Mcafee started using SQLite in their anti-virus product and it
+** started putting files with the "sqlite" name in the c:/temp folder.
+** This annoyed many windows users.  Those users would then do a
+** Google search for "sqlite", find the telephone numbers of the
+** developers and call to wake them up at night and complain.
+** For this reason, the default name prefix is changed to be "sqlite"
+** spelled backwards.  So the temp files are still identified, but
+** anybody smart enough to figure out the code is also likely smart
+** enough to know that calling the developer will not help get rid
+** of the file.
+*/
+#ifndef SQLITE_TEMP_FILE_PREFIX
+# define SQLITE_TEMP_FILE_PREFIX "etilqs_"
+#endif
+
+/*
+** The following values may be passed as the second argument to
+** sqlite3OsLock(). The various locks exhibit the following semantics:
+**
+** SHARED:    Any number of processes may hold a SHARED lock simultaneously.
+** RESERVED:  A single process may hold a RESERVED lock on a file at
+**            any time. Other processes may hold and obtain new SHARED locks.
+** PENDING:   A single process may hold a PENDING lock on a file at
+**            any one time. Existing SHARED locks may persist, but no new
+**            SHARED locks may be obtained by other processes.
+** EXCLUSIVE: An EXCLUSIVE lock precludes all other locks.
+**
+** PENDING_LOCK may not be passed directly to sqlite3OsLock(). Instead, a
+** process that requests an EXCLUSIVE lock may actually obtain a PENDING
+** lock. This can be upgraded to an EXCLUSIVE lock by a subsequent call to
+** sqlite3OsLock().
+*/
+#define NO_LOCK         0
+#define SHARED_LOCK     1
+#define RESERVED_LOCK   2
+#define PENDING_LOCK    3
+#define EXCLUSIVE_LOCK  4
+
+/*
+** File Locking Notes:  (Mostly about windows but also some info for Unix)
+**
+** We cannot use LockFileEx() or UnlockFileEx() on Win95/98/ME because
+** those functions are not available.  So we use only LockFile() and
+** UnlockFile().
+**
+** LockFile() prevents not just writing but also reading by other processes.
+** A SHARED_LOCK is obtained by locking a single randomly-chosen
+** byte out of a specific range of bytes. The lock byte is obtained at
+** random so two separate readers can probably access the file at the
+** same time, unless they are unlucky and choose the same lock byte.
+** An EXCLUSIVE_LOCK is obtained by locking all bytes in the range.
+** There can only be one writer.  A RESERVED_LOCK is obtained by locking
+** a single byte of the file that is designated as the reserved lock byte.
+** A PENDING_LOCK is obtained by locking a designated byte different from
+** the RESERVED_LOCK byte.
+**
+** On WinNT/2K/XP systems, LockFileEx() and UnlockFileEx() are available,
+** which means we can use reader/writer locks.  When reader/writer locks
+** are used, the lock is placed on the same range of bytes that is used
+** for probabilistic locking in Win95/98/ME.  Hence, the locking scheme
+** will support two or more Win95 readers or two or more WinNT readers.
+** But a single Win95 reader will lock out all WinNT readers and a single
+** WinNT reader will lock out all other Win95 readers.
+**
+** The following #defines specify the range of bytes used for locking.
+** SHARED_SIZE is the number of bytes available in the pool from which
+** a random byte is selected for a shared lock.  The pool of bytes for
+** shared locks begins at SHARED_FIRST.
+**
+** The same locking strategy and
+** byte ranges are used for Unix.  This leaves open the possibility of having
+** clients on win95, winNT, and unix all talking to the same shared file
+** and all locking correctly.  To do so would require that samba (or whatever
+** tool is being used for file sharing) implements locks correctly between
+** windows and unix.  I'm guessing that isn't likely to happen, but by
+** using the same locking range we are at least open to the possibility.
+**
+** Locking in windows is manditory.  For this reason, we cannot store
+** actual data in the bytes used for locking.  The pager never allocates
+** the pages involved in locking therefore.  SHARED_SIZE is selected so
+** that all locks will fit on a single page even at the minimum page size.
+** PENDING_BYTE defines the beginning of the locks.  By default PENDING_BYTE
+** is set high so that we don't have to allocate an unused page except
+** for very large databases.  But one should test the page skipping logic
+** by setting PENDING_BYTE low and running the entire regression suite.
+**
+** Changing the value of PENDING_BYTE results in a subtly incompatible
+** file format.  Depending on how it is changed, you might not notice
+** the incompatibility right away, even running a full regression test.
+** The default location of PENDING_BYTE is the first byte past the
+** 1GB boundary.
+**
+*/
+#ifdef SQLITE_OMIT_WSD
+# define PENDING_BYTE     (0x40000000)
+#else
+# define PENDING_BYTE      sqlite3PendingByte
+#endif
+#define RESERVED_BYTE     (PENDING_BYTE+1)
+#define SHARED_FIRST      (PENDING_BYTE+2)
+#define SHARED_SIZE       510
+
+/*
+** Wrapper around OS specific sqlite3_os_init() function.
+*/
+SQLITE_PRIVATE int sqlite3OsInit(void);
+
+/*
+** Functions for accessing sqlite3_file methods
+*/
+SQLITE_PRIVATE void sqlite3OsClose(sqlite3_file*);
+SQLITE_PRIVATE int sqlite3OsRead(sqlite3_file*, void*, int amt, i64 offset);
+SQLITE_PRIVATE int sqlite3OsWrite(sqlite3_file*, const void*, int amt, i64 offset);
+SQLITE_PRIVATE int sqlite3OsTruncate(sqlite3_file*, i64 size);
+SQLITE_PRIVATE int sqlite3OsSync(sqlite3_file*, int);
+SQLITE_PRIVATE int sqlite3OsFileSize(sqlite3_file*, i64 *pSize);
+SQLITE_PRIVATE int sqlite3OsLock(sqlite3_file*, int);
+SQLITE_PRIVATE int sqlite3OsUnlock(sqlite3_file*, int);
+SQLITE_PRIVATE int sqlite3OsCheckReservedLock(sqlite3_file *id, int *pResOut);
+SQLITE_PRIVATE int sqlite3OsFileControl(sqlite3_file*,int,void*);
+SQLITE_PRIVATE void sqlite3OsFileControlHint(sqlite3_file*,int,void*);
+#define SQLITE_FCNTL_DB_UNCHANGED 0xca093fa0
+SQLITE_PRIVATE int sqlite3OsSectorSize(sqlite3_file *id);
+SQLITE_PRIVATE int sqlite3OsDeviceCharacteristics(sqlite3_file *id);
+#ifndef SQLITE_OMIT_WAL
+SQLITE_PRIVATE int sqlite3OsShmMap(sqlite3_file *,int,int,int,void volatile **);
+SQLITE_PRIVATE int sqlite3OsShmLock(sqlite3_file *id, int, int, int);
+SQLITE_PRIVATE void sqlite3OsShmBarrier(sqlite3_file *id);
+SQLITE_PRIVATE int sqlite3OsShmUnmap(sqlite3_file *id, int);
+#endif /* SQLITE_OMIT_WAL */
+SQLITE_PRIVATE int sqlite3OsFetch(sqlite3_file *id, i64, int, void **);
+SQLITE_PRIVATE int sqlite3OsUnfetch(sqlite3_file *, i64, void *);
+
+
+/*
+** Functions for accessing sqlite3_vfs methods
+*/
+SQLITE_PRIVATE int sqlite3OsOpen(sqlite3_vfs *, const char *, sqlite3_file*, int, int *);
+SQLITE_PRIVATE int sqlite3OsDelete(sqlite3_vfs *, const char *, int);
+SQLITE_PRIVATE int sqlite3OsAccess(sqlite3_vfs *, const char *, int, int *pResOut);
+SQLITE_PRIVATE int sqlite3OsFullPathname(sqlite3_vfs *, const char *, int, char *);
+#ifndef SQLITE_OMIT_LOAD_EXTENSION
+SQLITE_PRIVATE void *sqlite3OsDlOpen(sqlite3_vfs *, const char *);
+SQLITE_PRIVATE void sqlite3OsDlError(sqlite3_vfs *, int, char *);
+SQLITE_PRIVATE void (*sqlite3OsDlSym(sqlite3_vfs *, void *, const char *))(void);
+SQLITE_PRIVATE void sqlite3OsDlClose(sqlite3_vfs *, void *);
+#endif /* SQLITE_OMIT_LOAD_EXTENSION */
+SQLITE_PRIVATE int sqlite3OsRandomness(sqlite3_vfs *, int, char *);
+SQLITE_PRIVATE int sqlite3OsSleep(sqlite3_vfs *, int);
+SQLITE_PRIVATE int sqlite3OsGetLastError(sqlite3_vfs*);
+SQLITE_PRIVATE int sqlite3OsCurrentTimeInt64(sqlite3_vfs *, sqlite3_int64*);
+
+/*
+** Convenience functions for opening and closing files using
+** sqlite3_malloc() to obtain space for the file-handle structure.
+*/
+SQLITE_PRIVATE int sqlite3OsOpenMalloc(sqlite3_vfs *, const char *, sqlite3_file **, int,int*);
+SQLITE_PRIVATE void sqlite3OsCloseFree(sqlite3_file *);
+
+#endif /* _SQLITE_OS_H_ */
+
+/************** End of os.h **************************************************/
+/************** Continuing where we left off in sqliteInt.h ******************/
 /************** Include pager.h in the middle of sqliteInt.h *****************/
 /************** Begin file pager.h *******************************************/
 /*
@@ -15152,7 +15769,7 @@ SQLITE_PRIVATE int sqlite3BtreeNewDb(Btree *p);
 **     reduce network bandwidth.
 **
 ** Note that BTREE_HINT_FLAGS with BTREE_BULKLOAD is the only hint used by
-** standard SQLite.  The other hints are provided for extentions that use
+** standard SQLite.  The other hints are provided for extensions that use
 ** the SQLite parser and code generator but substitute their own storage
 ** engine.
 */
@@ -15298,7 +15915,15 @@ SQLITE_PRIVATE const void *sqlite3BtreePayloadFetch(BtCursor*, u32 *pAmt);
 SQLITE_PRIVATE u32 sqlite3BtreePayloadSize(BtCursor*);
 SQLITE_PRIVATE sqlite3_int64 sqlite3BtreeMaxRecordSize(BtCursor*);
 
-SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(sqlite3*,Btree*,Pgno*aRoot,int nRoot,int,int*);
+SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
+  sqlite3 *db,  /* Database connection that is running the check */
+  Btree *p,     /* The btree to be checked */
+  Pgno *aRoot,  /* An array of root pages numbers for individual trees */
+  int nRoot,    /* Number of entries in aRoot[] */
+  int mxErr,    /* Stop reporting errors after this many */
+  int *pnErr,   /* OUT: Write number of errors seen to this variable */
+  char **pzOut  /* OUT: Write the error message string here */
+);
 SQLITE_PRIVATE struct Pager *sqlite3BtreePager(Btree*);
 SQLITE_PRIVATE i64 sqlite3BtreeRowCountEst(BtCursor*);
 
@@ -15337,6 +15962,8 @@ SQLITE_PRIVATE   int sqlite3BtreeCheckpoint(Btree*, int, int *, int *);
 
 SQLITE_PRIVATE int sqlite3BtreeTransferRow(BtCursor*, BtCursor*, i64);
 
+SQLITE_PRIVATE void sqlite3BtreeClearCache(Btree*);
+
 /*
 ** If we are not using shared cache, then there is no need to
 ** use mutexes to access the BtShared structures.  So make the
@@ -15453,14 +16080,14 @@ struct VdbeOp {
 #ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
   char *zComment;          /* Comment to improve readability */
 #endif
-#ifdef VDBE_PROFILE
-  u32 cnt;                 /* Number of times this instruction was executed */
-  u64 cycles;              /* Total time spent executing this instruction */
-#endif
 #ifdef SQLITE_VDBE_COVERAGE
   u32 iSrcLine;            /* Source-code line that generated this opcode
                            ** with flags in the upper 8 bits */
 #endif
+#if defined(SQLITE_ENABLE_STMT_SCANSTATUS) || defined(VDBE_PROFILE)
+  u64 nExec;
+  u64 nCycle;
+#endif
 };
 typedef struct VdbeOp VdbeOp;
 
@@ -15561,48 +16188,48 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_Vacuum          5
 #define OP_VFilter         6 /* jump, synopsis: iplan=r[P3] zplan='P4'     */
 #define OP_VUpdate         7 /* synopsis: data=r[P3@P2]                    */
-#define OP_Goto            8 /* jump                                       */
-#define OP_Gosub           9 /* jump                                       */
-#define OP_InitCoroutine  10 /* jump                                       */
-#define OP_Yield          11 /* jump                                       */
-#define OP_MustBeInt      12 /* jump                                       */
-#define OP_Jump           13 /* jump                                       */
-#define OP_Once           14 /* jump                                       */
-#define OP_If             15 /* jump                                       */
-#define OP_IfNot          16 /* jump                                       */
-#define OP_IsNullOrType   17 /* jump, synopsis: if typeof(r[P1]) IN (P3,5) goto P2 */
-#define OP_IfNullRow      18 /* jump, synopsis: if P1.nullRow then r[P3]=NULL, goto P2 */
+#define OP_Init            8 /* jump, synopsis: Start at P2                */
+#define OP_Goto            9 /* jump                                       */
+#define OP_Gosub          10 /* jump                                       */
+#define OP_InitCoroutine  11 /* jump                                       */
+#define OP_Yield          12 /* jump                                       */
+#define OP_MustBeInt      13 /* jump                                       */
+#define OP_Jump           14 /* jump                                       */
+#define OP_Once           15 /* jump                                       */
+#define OP_If             16 /* jump                                       */
+#define OP_IfNot          17 /* jump                                       */
+#define OP_IsType         18 /* jump, synopsis: if typeof(P1.P3) in P5 goto P2 */
 #define OP_Not            19 /* same as TK_NOT, synopsis: r[P2]= !r[P1]    */
-#define OP_SeekLT         20 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_SeekLE         21 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_SeekGE         22 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_SeekGT         23 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_IfNotOpen      24 /* jump, synopsis: if( !csr[P1] ) goto P2     */
-#define OP_IfNoHope       25 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_NoConflict     26 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_NotFound       27 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_Found          28 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_SeekRowid      29 /* jump, synopsis: intkey=r[P3]               */
-#define OP_NotExists      30 /* jump, synopsis: intkey=r[P3]               */
-#define OP_Last           31 /* jump                                       */
-#define OP_IfSmaller      32 /* jump                                       */
-#define OP_SorterSort     33 /* jump                                       */
-#define OP_Sort           34 /* jump                                       */
-#define OP_Rewind         35 /* jump                                       */
-#define OP_SorterNext     36 /* jump                                       */
-#define OP_Prev           37 /* jump                                       */
-#define OP_Next           38 /* jump                                       */
-#define OP_IdxLE          39 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_IdxGT          40 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_IdxLT          41 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_IdxGE          42 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_IfNullRow      20 /* jump, synopsis: if P1.nullRow then r[P3]=NULL, goto P2 */
+#define OP_SeekLT         21 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_SeekLE         22 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_SeekGE         23 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_SeekGT         24 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_IfNotOpen      25 /* jump, synopsis: if( !csr[P1] ) goto P2     */
+#define OP_IfNoHope       26 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_NoConflict     27 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_NotFound       28 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_Found          29 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_SeekRowid      30 /* jump, synopsis: intkey=r[P3]               */
+#define OP_NotExists      31 /* jump, synopsis: intkey=r[P3]               */
+#define OP_Last           32 /* jump                                       */
+#define OP_IfSmaller      33 /* jump                                       */
+#define OP_SorterSort     34 /* jump                                       */
+#define OP_Sort           35 /* jump                                       */
+#define OP_Rewind         36 /* jump                                       */
+#define OP_SorterNext     37 /* jump                                       */
+#define OP_Prev           38 /* jump                                       */
+#define OP_Next           39 /* jump                                       */
+#define OP_IdxLE          40 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_IdxGT          41 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_IdxLT          42 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_Or             43 /* same as TK_OR, synopsis: r[P3]=(r[P1] || r[P2]) */
 #define OP_And            44 /* same as TK_AND, synopsis: r[P3]=(r[P1] && r[P2]) */
-#define OP_RowSetRead     45 /* jump, synopsis: r[P3]=rowset(P1)           */
-#define OP_RowSetTest     46 /* jump, synopsis: if r[P3] in rowset(P1) goto P2 */
-#define OP_Program        47 /* jump                                       */
-#define OP_FkIfZero       48 /* jump, synopsis: if fkctr[P1]==0 goto P2    */
-#define OP_IfPos          49 /* jump, synopsis: if r[P1]>0 then r[P1]-=P3, goto P2 */
+#define OP_IdxGE          45 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_RowSetRead     46 /* jump, synopsis: r[P3]=rowset(P1)           */
+#define OP_RowSetTest     47 /* jump, synopsis: if r[P3] in rowset(P1) goto P2 */
+#define OP_Program        48 /* jump                                       */
+#define OP_FkIfZero       49 /* jump, synopsis: if fkctr[P1]==0 goto P2    */
 #define OP_IsNull         50 /* jump, same as TK_ISNULL, synopsis: if r[P1]==NULL goto P2 */
 #define OP_NotNull        51 /* jump, same as TK_NOTNULL, synopsis: if r[P1]!=NULL goto P2 */
 #define OP_Ne             52 /* jump, same as TK_NE, synopsis: IF r[P3]!=r[P1] */
@@ -15612,12 +16239,12 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_Lt             56 /* jump, same as TK_LT, synopsis: IF r[P3]=r[P1] */
 #define OP_ElseEq         58 /* jump, same as TK_ESCAPE                    */
-#define OP_IfNotZero      59 /* jump, synopsis: if r[P1]!=0 then r[P1]--, goto P2 */
-#define OP_DecrJumpZero   60 /* jump, synopsis: if (--r[P1])==0 goto P2    */
-#define OP_IncrVacuum     61 /* jump                                       */
-#define OP_VNext          62 /* jump                                       */
-#define OP_Filter         63 /* jump, synopsis: if key(P3@P4) not in filter(P1) goto P2 */
-#define OP_Init           64 /* jump, synopsis: Start at P2                */
+#define OP_IfPos          59 /* jump, synopsis: if r[P1]>0 then r[P1]-=P3, goto P2 */
+#define OP_IfNotZero      60 /* jump, synopsis: if r[P1]!=0 then r[P1]--, goto P2 */
+#define OP_DecrJumpZero   61 /* jump, synopsis: if (--r[P1])==0 goto P2    */
+#define OP_IncrVacuum     62 /* jump                                       */
+#define OP_VNext          63 /* jump                                       */
+#define OP_Filter         64 /* jump, synopsis: if key(P3@P4) not in filter(P1) goto P2 */
 #define OP_PureFunc       65 /* synopsis: r[P3]=func(r[P2@NP])             */
 #define OP_Function       66 /* synopsis: r[P3]=func(r[P2@NP])             */
 #define OP_Return         67
@@ -15751,29 +16378,30 @@ typedef struct VdbeOpList VdbeOpList;
 #define OPFLG_IN3         0x08  /* in3:   P3 is an input */
 #define OPFLG_OUT2        0x10  /* out2:  P2 is an output */
 #define OPFLG_OUT3        0x20  /* out3:  P3 is an output */
+#define OPFLG_NCYCLE      0x40  /* ncycle:Cycles count against P1 */
 #define OPFLG_INITIALIZER {\
-/*   0 */ 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x01, 0x00,\
-/*   8 */ 0x01, 0x01, 0x01, 0x03, 0x03, 0x01, 0x01, 0x03,\
-/*  16 */ 0x03, 0x03, 0x01, 0x12, 0x09, 0x09, 0x09, 0x09,\
-/*  24 */ 0x01, 0x09, 0x09, 0x09, 0x09, 0x09, 0x09, 0x01,\
-/*  32 */ 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,\
-/*  40 */ 0x01, 0x01, 0x01, 0x26, 0x26, 0x23, 0x0b, 0x01,\
-/*  48 */ 0x01, 0x03, 0x03, 0x03, 0x0b, 0x0b, 0x0b, 0x0b,\
-/*  56 */ 0x0b, 0x0b, 0x01, 0x03, 0x03, 0x01, 0x01, 0x01,\
+/*   0 */ 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x41, 0x00,\
+/*   8 */ 0x01, 0x01, 0x01, 0x01, 0x03, 0x03, 0x01, 0x01,\
+/*  16 */ 0x03, 0x03, 0x01, 0x12, 0x01, 0x49, 0x49, 0x49,\
+/*  24 */ 0x49, 0x01, 0x49, 0x49, 0x49, 0x49, 0x49, 0x49,\
+/*  32 */ 0x41, 0x01, 0x01, 0x01, 0x41, 0x01, 0x41, 0x41,\
+/*  40 */ 0x41, 0x41, 0x41, 0x26, 0x26, 0x41, 0x23, 0x0b,\
+/*  48 */ 0x01, 0x01, 0x03, 0x03, 0x0b, 0x0b, 0x0b, 0x0b,\
+/*  56 */ 0x0b, 0x0b, 0x01, 0x03, 0x03, 0x03, 0x01, 0x41,\
 /*  64 */ 0x01, 0x00, 0x00, 0x02, 0x02, 0x08, 0x00, 0x10,\
 /*  72 */ 0x10, 0x10, 0x00, 0x10, 0x00, 0x10, 0x10, 0x00,\
 /*  80 */ 0x00, 0x10, 0x10, 0x00, 0x00, 0x00, 0x02, 0x02,\
-/*  88 */ 0x02, 0x00, 0x00, 0x12, 0x1e, 0x20, 0x00, 0x00,\
-/*  96 */ 0x00, 0x00, 0x10, 0x10, 0x00, 0x00, 0x26, 0x26,\
+/*  88 */ 0x02, 0x00, 0x00, 0x12, 0x1e, 0x20, 0x40, 0x00,\
+/*  96 */ 0x00, 0x00, 0x10, 0x10, 0x00, 0x40, 0x26, 0x26,\
 /* 104 */ 0x26, 0x26, 0x26, 0x26, 0x26, 0x26, 0x26, 0x26,\
-/* 112 */ 0x00, 0x00, 0x12, 0x00, 0x00, 0x10, 0x00, 0x00,\
-/* 120 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x10,\
-/* 128 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10,\
-/* 136 */ 0x00, 0x00, 0x04, 0x04, 0x00, 0x00, 0x10, 0x00,\
+/* 112 */ 0x40, 0x00, 0x12, 0x40, 0x40, 0x10, 0x40, 0x00,\
+/* 120 */ 0x00, 0x00, 0x40, 0x00, 0x40, 0x40, 0x10, 0x10,\
+/* 128 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50,\
+/* 136 */ 0x00, 0x40, 0x04, 0x04, 0x00, 0x40, 0x50, 0x40,\
 /* 144 */ 0x10, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00,\
 /* 152 */ 0x00, 0x10, 0x00, 0x00, 0x06, 0x10, 0x00, 0x04,\
 /* 160 */ 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\
-/* 168 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00,\
+/* 168 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x50, 0x40,\
 /* 176 */ 0x00, 0x10, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00,\
 /* 184 */ 0x00, 0x00, 0x00,}
 
@@ -15828,14 +16456,20 @@ SQLITE_PRIVATE   void sqlite3VdbeNoJumpsOutsideSubrtn(Vdbe*,int,int,int);
 #endif
 SQLITE_PRIVATE VdbeOp *sqlite3VdbeAddOpList(Vdbe*, int nOp, VdbeOpList const *aOp,int iLineno);
 #ifndef SQLITE_OMIT_EXPLAIN
-SQLITE_PRIVATE   void sqlite3VdbeExplain(Parse*,u8,const char*,...);
+SQLITE_PRIVATE   int sqlite3VdbeExplain(Parse*,u8,const char*,...);
 SQLITE_PRIVATE   void sqlite3VdbeExplainPop(Parse*);
 SQLITE_PRIVATE   int sqlite3VdbeExplainParent(Parse*);
 # define ExplainQueryPlan(P)        sqlite3VdbeExplain P
+# ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+#  define ExplainQueryPlan2(V,P)     (V = sqlite3VdbeExplain P)
+# else
+#  define ExplainQueryPlan2(V,P)     ExplainQueryPlan(P)
+# endif
 # define ExplainQueryPlanPop(P)     sqlite3VdbeExplainPop(P)
 # define ExplainQueryPlanParent(P)  sqlite3VdbeExplainParent(P)
 #else
 # define ExplainQueryPlan(P)
+# define ExplainQueryPlan2(V,P)
 # define ExplainQueryPlanPop(P)
 # define ExplainQueryPlanParent(P) 0
 # define sqlite3ExplainBreakpoint(A,B) /*no-op*/
@@ -15851,6 +16485,7 @@ SQLITE_PRIVATE void sqlite3VdbeChangeP1(Vdbe*, int addr, int P1);
 SQLITE_PRIVATE void sqlite3VdbeChangeP2(Vdbe*, int addr, int P2);
 SQLITE_PRIVATE void sqlite3VdbeChangeP3(Vdbe*, int addr, int P3);
 SQLITE_PRIVATE void sqlite3VdbeChangeP5(Vdbe*, u16 P5);
+SQLITE_PRIVATE void sqlite3VdbeTypeofColumn(Vdbe*, int);
 SQLITE_PRIVATE void sqlite3VdbeJumpHere(Vdbe*, int addr);
 SQLITE_PRIVATE void sqlite3VdbeJumpHereOrPopInst(Vdbe*, int addr);
 SQLITE_PRIVATE int sqlite3VdbeChangeToNoop(Vdbe*, int addr);
@@ -15865,6 +16500,7 @@ SQLITE_PRIVATE void sqlite3VdbeAppendP4(Vdbe*, void *pP4, int p4type);
 SQLITE_PRIVATE void sqlite3VdbeSetP4KeyInfo(Parse*, Index*);
 SQLITE_PRIVATE void sqlite3VdbeUsesBtree(Vdbe*, int);
 SQLITE_PRIVATE VdbeOp *sqlite3VdbeGetOp(Vdbe*, int);
+SQLITE_PRIVATE VdbeOp *sqlite3VdbeGetLastOp(Vdbe*);
 SQLITE_PRIVATE int sqlite3VdbeMakeLabel(Parse*);
 SQLITE_PRIVATE void sqlite3VdbeRunOnlyOnce(Vdbe*);
 SQLITE_PRIVATE void sqlite3VdbeReusable(Vdbe*);
@@ -16006,14 +16642,22 @@ SQLITE_PRIVATE   void sqlite3VdbeSetLineNumber(Vdbe*,int);
 
 #ifdef SQLITE_ENABLE_STMT_SCANSTATUS
 SQLITE_PRIVATE void sqlite3VdbeScanStatus(Vdbe*, int, int, int, LogEst, const char*);
+SQLITE_PRIVATE void sqlite3VdbeScanStatusRange(Vdbe*, int, int, int);
+SQLITE_PRIVATE void sqlite3VdbeScanStatusCounters(Vdbe*, int, int, int);
 #else
-# define sqlite3VdbeScanStatus(a,b,c,d,e)
+# define sqlite3VdbeScanStatus(a,b,c,d,e,f)
+# define sqlite3VdbeScanStatusRange(a,b,c,d)
+# define sqlite3VdbeScanStatusCounters(a,b,c,d)
 #endif
 
 #if defined(SQLITE_DEBUG) || defined(VDBE_PROFILE)
 SQLITE_PRIVATE void sqlite3VdbePrintOp(FILE*, int, VdbeOp*);
 #endif
 
+#if defined(SQLITE_ENABLE_CURSOR_HINTS) && defined(SQLITE_DEBUG)
+SQLITE_PRIVATE int sqlite3CursorRangeHintExprCheck(Walker *pWalker, Expr *pExpr);
+#endif
+
 #endif /* SQLITE_VDBE_H */
 
 /************** End of vdbe.h ************************************************/
@@ -16062,7 +16706,7 @@ struct PgHdr {
   ** private to pcache.c and should not be accessed by other modules.
   ** pCache is grouped with the public elements for efficiency.
   */
-  i16 nRef;                      /* Number of users of this page */
+  i64 nRef;                      /* Number of users of this page */
   PgHdr *pDirtyNext;             /* Next element in list of dirty pages */
   PgHdr *pDirtyPrev;             /* Previous element in list of dirty pages */
                           /* NB: pDirtyNext and pDirtyPrev are undefined if the
@@ -16143,12 +16787,12 @@ SQLITE_PRIVATE void sqlite3PcacheClearSyncFlags(PCache *);
 SQLITE_PRIVATE void sqlite3PcacheClear(PCache*);
 
 /* Return the total number of outstanding page references */
-SQLITE_PRIVATE int sqlite3PcacheRefCount(PCache*);
+SQLITE_PRIVATE i64 sqlite3PcacheRefCount(PCache*);
 
 /* Increment the reference count of an existing page */
 SQLITE_PRIVATE void sqlite3PcacheRef(PgHdr*);
 
-SQLITE_PRIVATE int sqlite3PcachePageRefcount(PgHdr*);
+SQLITE_PRIVATE i64 sqlite3PcachePageRefcount(PgHdr*);
 
 /* Return the total number of pages stored in the cache */
 SQLITE_PRIVATE int sqlite3PcachePagecount(PCache*);
@@ -16213,297 +16857,6 @@ SQLITE_PRIVATE int sqlite3PCacheIsDirty(PCache *pCache);
 
 /************** End of pcache.h **********************************************/
 /************** Continuing where we left off in sqliteInt.h ******************/
-/************** Include os.h in the middle of sqliteInt.h ********************/
-/************** Begin file os.h **********************************************/
-/*
-** 2001 September 16
-**
-** The author disclaims copyright to this source code.  In place of
-** a legal notice, here is a blessing:
-**
-**    May you do good and not evil.
-**    May you find forgiveness for yourself and forgive others.
-**    May you share freely, never taking more than you give.
-**
-******************************************************************************
-**
-** This header file (together with is companion C source-code file
-** "os.c") attempt to abstract the underlying operating system so that
-** the SQLite library will work on both POSIX and windows systems.
-**
-** This header file is #include-ed by sqliteInt.h and thus ends up
-** being included by every source file.
-*/
-#ifndef _SQLITE_OS_H_
-#define _SQLITE_OS_H_
-
-/*
-** Attempt to automatically detect the operating system and setup the
-** necessary pre-processor macros for it.
-*/
-/************** Include os_setup.h in the middle of os.h *********************/
-/************** Begin file os_setup.h ****************************************/
-/*
-** 2013 November 25
-**
-** The author disclaims copyright to this source code.  In place of
-** a legal notice, here is a blessing:
-**
-**    May you do good and not evil.
-**    May you find forgiveness for yourself and forgive others.
-**    May you share freely, never taking more than you give.
-**
-******************************************************************************
-**
-** This file contains pre-processor directives related to operating system
-** detection and/or setup.
-*/
-#ifndef SQLITE_OS_SETUP_H
-#define SQLITE_OS_SETUP_H
-
-/*
-** Figure out if we are dealing with Unix, Windows, or some other operating
-** system.
-**
-** After the following block of preprocess macros, all of SQLITE_OS_UNIX,
-** SQLITE_OS_WIN, and SQLITE_OS_OTHER will defined to either 1 or 0.  One of
-** the three will be 1.  The other two will be 0.
-*/
-#if defined(SQLITE_OS_OTHER)
-#  if SQLITE_OS_OTHER==1
-#    undef SQLITE_OS_UNIX
-#    define SQLITE_OS_UNIX 0
-#    undef SQLITE_OS_WIN
-#    define SQLITE_OS_WIN 0
-#  else
-#    undef SQLITE_OS_OTHER
-#  endif
-#endif
-#if !defined(SQLITE_OS_UNIX) && !defined(SQLITE_OS_OTHER)
-#  define SQLITE_OS_OTHER 0
-#  ifndef SQLITE_OS_WIN
-#    if defined(_WIN32) || defined(WIN32) || defined(__CYGWIN__) || \
-        defined(__MINGW32__) || defined(__BORLANDC__)
-#      define SQLITE_OS_WIN 1
-#      define SQLITE_OS_UNIX 0
-#    else
-#      define SQLITE_OS_WIN 0
-#      define SQLITE_OS_UNIX 1
-#    endif
-#  else
-#    define SQLITE_OS_UNIX 0
-#  endif
-#else
-#  ifndef SQLITE_OS_WIN
-#    define SQLITE_OS_WIN 0
-#  endif
-#endif
-
-#endif /* SQLITE_OS_SETUP_H */
-
-/************** End of os_setup.h ********************************************/
-/************** Continuing where we left off in os.h *************************/
-
-/* If the SET_FULLSYNC macro is not defined above, then make it
-** a no-op
-*/
-#ifndef SET_FULLSYNC
-# define SET_FULLSYNC(x,y)
-#endif
-
-/* Maximum pathname length.  Note: FILENAME_MAX defined by stdio.h
-*/
-#ifndef SQLITE_MAX_PATHLEN
-# define SQLITE_MAX_PATHLEN FILENAME_MAX
-#endif
-
-/* Maximum number of symlinks that will be resolved while trying to
-** expand a filename in xFullPathname() in the VFS.
-*/
-#ifndef SQLITE_MAX_SYMLINK
-# define SQLITE_MAX_SYMLINK 200
-#endif
-
-/*
-** The default size of a disk sector
-*/
-#ifndef SQLITE_DEFAULT_SECTOR_SIZE
-# define SQLITE_DEFAULT_SECTOR_SIZE 4096
-#endif
-
-/*
-** Temporary files are named starting with this prefix followed by 16 random
-** alphanumeric characters, and no file extension. They are stored in the
-** OS's standard temporary file directory, and are deleted prior to exit.
-** If sqlite is being embedded in another program, you may wish to change the
-** prefix to reflect your program's name, so that if your program exits
-** prematurely, old temporary files can be easily identified. This can be done
-** using -DSQLITE_TEMP_FILE_PREFIX=myprefix_ on the compiler command line.
-**
-** 2006-10-31:  The default prefix used to be "sqlite_".  But then
-** Mcafee started using SQLite in their anti-virus product and it
-** started putting files with the "sqlite" name in the c:/temp folder.
-** This annoyed many windows users.  Those users would then do a
-** Google search for "sqlite", find the telephone numbers of the
-** developers and call to wake them up at night and complain.
-** For this reason, the default name prefix is changed to be "sqlite"
-** spelled backwards.  So the temp files are still identified, but
-** anybody smart enough to figure out the code is also likely smart
-** enough to know that calling the developer will not help get rid
-** of the file.
-*/
-#ifndef SQLITE_TEMP_FILE_PREFIX
-# define SQLITE_TEMP_FILE_PREFIX "etilqs_"
-#endif
-
-/*
-** The following values may be passed as the second argument to
-** sqlite3OsLock(). The various locks exhibit the following semantics:
-**
-** SHARED:    Any number of processes may hold a SHARED lock simultaneously.
-** RESERVED:  A single process may hold a RESERVED lock on a file at
-**            any time. Other processes may hold and obtain new SHARED locks.
-** PENDING:   A single process may hold a PENDING lock on a file at
-**            any one time. Existing SHARED locks may persist, but no new
-**            SHARED locks may be obtained by other processes.
-** EXCLUSIVE: An EXCLUSIVE lock precludes all other locks.
-**
-** PENDING_LOCK may not be passed directly to sqlite3OsLock(). Instead, a
-** process that requests an EXCLUSIVE lock may actually obtain a PENDING
-** lock. This can be upgraded to an EXCLUSIVE lock by a subsequent call to
-** sqlite3OsLock().
-*/
-#define NO_LOCK         0
-#define SHARED_LOCK     1
-#define RESERVED_LOCK   2
-#define PENDING_LOCK    3
-#define EXCLUSIVE_LOCK  4
-
-/*
-** File Locking Notes:  (Mostly about windows but also some info for Unix)
-**
-** We cannot use LockFileEx() or UnlockFileEx() on Win95/98/ME because
-** those functions are not available.  So we use only LockFile() and
-** UnlockFile().
-**
-** LockFile() prevents not just writing but also reading by other processes.
-** A SHARED_LOCK is obtained by locking a single randomly-chosen
-** byte out of a specific range of bytes. The lock byte is obtained at
-** random so two separate readers can probably access the file at the
-** same time, unless they are unlucky and choose the same lock byte.
-** An EXCLUSIVE_LOCK is obtained by locking all bytes in the range.
-** There can only be one writer.  A RESERVED_LOCK is obtained by locking
-** a single byte of the file that is designated as the reserved lock byte.
-** A PENDING_LOCK is obtained by locking a designated byte different from
-** the RESERVED_LOCK byte.
-**
-** On WinNT/2K/XP systems, LockFileEx() and UnlockFileEx() are available,
-** which means we can use reader/writer locks.  When reader/writer locks
-** are used, the lock is placed on the same range of bytes that is used
-** for probabilistic locking in Win95/98/ME.  Hence, the locking scheme
-** will support two or more Win95 readers or two or more WinNT readers.
-** But a single Win95 reader will lock out all WinNT readers and a single
-** WinNT reader will lock out all other Win95 readers.
-**
-** The following #defines specify the range of bytes used for locking.
-** SHARED_SIZE is the number of bytes available in the pool from which
-** a random byte is selected for a shared lock.  The pool of bytes for
-** shared locks begins at SHARED_FIRST.
-**
-** The same locking strategy and
-** byte ranges are used for Unix.  This leaves open the possibility of having
-** clients on win95, winNT, and unix all talking to the same shared file
-** and all locking correctly.  To do so would require that samba (or whatever
-** tool is being used for file sharing) implements locks correctly between
-** windows and unix.  I'm guessing that isn't likely to happen, but by
-** using the same locking range we are at least open to the possibility.
-**
-** Locking in windows is manditory.  For this reason, we cannot store
-** actual data in the bytes used for locking.  The pager never allocates
-** the pages involved in locking therefore.  SHARED_SIZE is selected so
-** that all locks will fit on a single page even at the minimum page size.
-** PENDING_BYTE defines the beginning of the locks.  By default PENDING_BYTE
-** is set high so that we don't have to allocate an unused page except
-** for very large databases.  But one should test the page skipping logic
-** by setting PENDING_BYTE low and running the entire regression suite.
-**
-** Changing the value of PENDING_BYTE results in a subtly incompatible
-** file format.  Depending on how it is changed, you might not notice
-** the incompatibility right away, even running a full regression test.
-** The default location of PENDING_BYTE is the first byte past the
-** 1GB boundary.
-**
-*/
-#ifdef SQLITE_OMIT_WSD
-# define PENDING_BYTE     (0x40000000)
-#else
-# define PENDING_BYTE      sqlite3PendingByte
-#endif
-#define RESERVED_BYTE     (PENDING_BYTE+1)
-#define SHARED_FIRST      (PENDING_BYTE+2)
-#define SHARED_SIZE       510
-
-/*
-** Wrapper around OS specific sqlite3_os_init() function.
-*/
-SQLITE_PRIVATE int sqlite3OsInit(void);
-
-/*
-** Functions for accessing sqlite3_file methods
-*/
-SQLITE_PRIVATE void sqlite3OsClose(sqlite3_file*);
-SQLITE_PRIVATE int sqlite3OsRead(sqlite3_file*, void*, int amt, i64 offset);
-SQLITE_PRIVATE int sqlite3OsWrite(sqlite3_file*, const void*, int amt, i64 offset);
-SQLITE_PRIVATE int sqlite3OsTruncate(sqlite3_file*, i64 size);
-SQLITE_PRIVATE int sqlite3OsSync(sqlite3_file*, int);
-SQLITE_PRIVATE int sqlite3OsFileSize(sqlite3_file*, i64 *pSize);
-SQLITE_PRIVATE int sqlite3OsLock(sqlite3_file*, int);
-SQLITE_PRIVATE int sqlite3OsUnlock(sqlite3_file*, int);
-SQLITE_PRIVATE int sqlite3OsCheckReservedLock(sqlite3_file *id, int *pResOut);
-SQLITE_PRIVATE int sqlite3OsFileControl(sqlite3_file*,int,void*);
-SQLITE_PRIVATE void sqlite3OsFileControlHint(sqlite3_file*,int,void*);
-#define SQLITE_FCNTL_DB_UNCHANGED 0xca093fa0
-SQLITE_PRIVATE int sqlite3OsSectorSize(sqlite3_file *id);
-SQLITE_PRIVATE int sqlite3OsDeviceCharacteristics(sqlite3_file *id);
-#ifndef SQLITE_OMIT_WAL
-SQLITE_PRIVATE int sqlite3OsShmMap(sqlite3_file *,int,int,int,void volatile **);
-SQLITE_PRIVATE int sqlite3OsShmLock(sqlite3_file *id, int, int, int);
-SQLITE_PRIVATE void sqlite3OsShmBarrier(sqlite3_file *id);
-SQLITE_PRIVATE int sqlite3OsShmUnmap(sqlite3_file *id, int);
-#endif /* SQLITE_OMIT_WAL */
-SQLITE_PRIVATE int sqlite3OsFetch(sqlite3_file *id, i64, int, void **);
-SQLITE_PRIVATE int sqlite3OsUnfetch(sqlite3_file *, i64, void *);
-
-
-/*
-** Functions for accessing sqlite3_vfs methods
-*/
-SQLITE_PRIVATE int sqlite3OsOpen(sqlite3_vfs *, const char *, sqlite3_file*, int, int *);
-SQLITE_PRIVATE int sqlite3OsDelete(sqlite3_vfs *, const char *, int);
-SQLITE_PRIVATE int sqlite3OsAccess(sqlite3_vfs *, const char *, int, int *pResOut);
-SQLITE_PRIVATE int sqlite3OsFullPathname(sqlite3_vfs *, const char *, int, char *);
-#ifndef SQLITE_OMIT_LOAD_EXTENSION
-SQLITE_PRIVATE void *sqlite3OsDlOpen(sqlite3_vfs *, const char *);
-SQLITE_PRIVATE void sqlite3OsDlError(sqlite3_vfs *, int, char *);
-SQLITE_PRIVATE void (*sqlite3OsDlSym(sqlite3_vfs *, void *, const char *))(void);
-SQLITE_PRIVATE void sqlite3OsDlClose(sqlite3_vfs *, void *);
-#endif /* SQLITE_OMIT_LOAD_EXTENSION */
-SQLITE_PRIVATE int sqlite3OsRandomness(sqlite3_vfs *, int, char *);
-SQLITE_PRIVATE int sqlite3OsSleep(sqlite3_vfs *, int);
-SQLITE_PRIVATE int sqlite3OsGetLastError(sqlite3_vfs*);
-SQLITE_PRIVATE int sqlite3OsCurrentTimeInt64(sqlite3_vfs *, sqlite3_int64*);
-
-/*
-** Convenience functions for opening and closing files using
-** sqlite3_malloc() to obtain space for the file-handle structure.
-*/
-SQLITE_PRIVATE int sqlite3OsOpenMalloc(sqlite3_vfs *, const char *, sqlite3_file **, int,int*);
-SQLITE_PRIVATE void sqlite3OsCloseFree(sqlite3_file *);
-
-#endif /* _SQLITE_OS_H_ */
-
-/************** End of os.h **************************************************/
-/************** Continuing where we left off in sqliteInt.h ******************/
 /************** Include mutex.h in the middle of sqliteInt.h *****************/
 /************** Begin file mutex.h *******************************************/
 /*
@@ -16749,6 +17102,7 @@ struct Lookaside {
 #endif /* SQLITE_OMIT_TWOSIZE_LOOKASIDE */
   void *pStart;           /* First byte of available memory space */
   void *pEnd;             /* First byte past end of available space */
+  void *pTrueEnd;         /* True value of pEnd, when db->pnBytesFreed!=0 */
 };
 struct LookasideSlot {
   LookasideSlot *pNext;    /* Next buffer in the list of free buffers */
@@ -17013,7 +17367,7 @@ struct sqlite3 {
 #define SQLITE_NullCallback   0x00000100  /* Invoke the callback once if the */
                                           /*   result set is empty */
 #define SQLITE_IgnoreChecks   0x00000200  /* Do not enforce check constraints */
-#define SQLITE_ReadUncommit   0x00000400  /* READ UNCOMMITTED in shared-cache */
+#define SQLITE_StmtScanStatus 0x00000400  /* Enable stmt_scanstats() counters */
 #define SQLITE_NoCkptOnClose  0x00000800  /* No checkpoint on close()/DETACH */
 #define SQLITE_ReverseOrder   0x00001000  /* Reverse unordered SELECTs */
 #define SQLITE_RecTriggers    0x00002000  /* Enable recursive triggers */
@@ -17039,6 +17393,7 @@ struct sqlite3 {
                                           /*   DELETE, or UPDATE and return */
                                           /*   the count using a callback. */
 #define SQLITE_CorruptRdOnly  HI(0x00002) /* Prohibit writes due to error */
+#define SQLITE_ReadUncommit   HI(0x00004) /* READ UNCOMMITTED in shared-cache */
 
 /* Flags used only if debugging */
 #ifdef SQLITE_DEBUG
@@ -17093,6 +17448,9 @@ struct sqlite3 {
 #define SQLITE_ReleaseReg     0x00400000 /* Use OP_ReleaseReg for testing */
 #define SQLITE_FlttnUnionAll  0x00800000 /* Disable the UNION ALL flattener */
    /* TH3 expects this value  ^^^^^^^^^^ See flatten04.test */
+#define SQLITE_IndexedExpr    0x01000000 /* Pull exprs from index when able */
+#define SQLITE_Coroutines     0x02000000 /* Co-routines for subqueries */
+#define SQLITE_NullUnusedCols 0x04000000 /* NULL unused columns in subqueries */
 #define SQLITE_AllOpts        0xffffffff /* All optimizations */
 
 /*
@@ -17177,8 +17535,14 @@ struct FuncDestructor {
 **     SQLITE_FUNC_TYPEOF      ==  OPFLAG_TYPEOFARG
 **     SQLITE_FUNC_CONSTANT    ==  SQLITE_DETERMINISTIC from the API
 **     SQLITE_FUNC_DIRECT      ==  SQLITE_DIRECTONLY from the API
-**     SQLITE_FUNC_UNSAFE      ==  SQLITE_INNOCUOUS
+**     SQLITE_FUNC_UNSAFE      ==  SQLITE_INNOCUOUS  -- opposite meanings!!!
 **     SQLITE_FUNC_ENCMASK   depends on SQLITE_UTF* macros in the API
+**
+** Note that even though SQLITE_FUNC_UNSAFE and SQLITE_INNOCUOUS have the
+** same bit value, their meanings are inverted.  SQLITE_FUNC_UNSAFE is
+** used internally and if set means tha the function has side effects.
+** SQLITE_INNOCUOUS is used by application code and means "not unsafe".
+** See multiple instances of tag-20230109-1.
 */
 #define SQLITE_FUNC_ENCMASK  0x0003 /* SQLITE_UTF8, SQLITE_UTF16BE or UTF16LE */
 #define SQLITE_FUNC_LIKE     0x0004 /* Candidate for the LIKE optimization */
@@ -17295,7 +17659,7 @@ struct FuncDestructor {
   {nArg, SQLITE_FUNC_BUILTIN|SQLITE_FUNC_CONSTANT|SQLITE_UTF8, \
    xPtr, 0, xFunc, 0, 0, 0, #zName, {0} }
 #define JFUNCTION(zName, nArg, iArg, xFunc) \
-  {nArg, SQLITE_FUNC_BUILTIN|SQLITE_DETERMINISTIC|SQLITE_INNOCUOUS|\
+  {nArg, SQLITE_FUNC_BUILTIN|SQLITE_DETERMINISTIC|\
    SQLITE_FUNC_CONSTANT|SQLITE_UTF8, \
    SQLITE_INT_TO_PTR(iArg), 0, xFunc, 0, 0, 0, #zName, {0} }
 #define INLINE_FUNC(zName, nArg, iArg, mFlags) \
@@ -17487,6 +17851,7 @@ struct CollSeq {
 #define SQLITE_AFF_NUMERIC  0x43  /* 'C' */
 #define SQLITE_AFF_INTEGER  0x44  /* 'D' */
 #define SQLITE_AFF_REAL     0x45  /* 'E' */
+#define SQLITE_AFF_FLEXNUM  0x46  /* 'F' */
 
 #define sqlite3IsNumericAffinity(X)  ((X)>=SQLITE_AFF_NUMERIC)
 
@@ -17557,6 +17922,7 @@ struct VTable {
   sqlite3_vtab *pVtab;      /* Pointer to vtab instance */
   int nRef;                 /* Number of pointers to this structure */
   u8 bConstraint;           /* True if constraints are supported */
+  u8 bAllSchemas;           /* True if might use any attached schema */
   u8 eVtabRisk;             /* Riskiness of allowing hacker access */
   int iSavepoint;           /* Depth of the SAVEPOINT stack */
   VTable *pNext;            /* Next in linked list (see above) */
@@ -17665,7 +18031,7 @@ struct Table {
 #ifndef SQLITE_OMIT_VIRTUALTABLE
 #  define IsVirtual(X)      ((X)->eTabType==TABTYP_VTAB)
 #  define ExprIsVtab(X)  \
-    ((X)->op==TK_COLUMN && (X)->y.pTab!=0 && (X)->y.pTab->eTabType==TABTYP_VTAB)
+   ((X)->op==TK_COLUMN && (X)->y.pTab->eTabType==TABTYP_VTAB)
 #else
 #  define IsVirtual(X)      0
 #  define ExprIsVtab(X)     0
@@ -17882,10 +18248,22 @@ struct UnpackedRecord {
 ** The Index.onError field determines whether or not the indexed columns
 ** must be unique and what to do if they are not.  When Index.onError=OE_None,
 ** it means this is not a unique index.  Otherwise it is a unique index
-** and the value of Index.onError indicate the which conflict resolution
-** algorithm to employ whenever an attempt is made to insert a non-unique
+** and the value of Index.onError indicates which conflict resolution
+** algorithm to employ when an attempt is made to insert a non-unique
 ** element.
 **
+** The colNotIdxed bitmask is used in combination with SrcItem.colUsed
+** for a fast test to see if an index can serve as a covering index.
+** colNotIdxed has a 1 bit for every column of the original table that
+** is *not* available in the index.  Thus the expression
+** "colUsed & colNotIdxed" will be non-zero if the index is not a
+** covering index.  The most significant bit of of colNotIdxed will always
+** be true (note-20221022-a).  If a column beyond the 63rd column of the
+** table is used, the "colUsed & colNotIdxed" test will always be non-zero
+** and we have to assume either that the index is not covering, or use
+** an alternative (slower) algorithm to determine whether or not
+** the index is covering.
+**
 ** While parsing a CREATE TABLE or CREATE INDEX statement in order to
 ** generate VDBE code (as opposed to parsing one read from an sqlite_schema
 ** table as part of parsing an existing database schema), transient instances
@@ -17921,15 +18299,18 @@ struct Index {
   unsigned bNoQuery:1;     /* Do not use this index to optimize queries */
   unsigned bAscKeyBug:1;   /* True if the bba7b69f9849b5bf bug applies */
   unsigned bHasVCol:1;     /* Index references one or more VIRTUAL columns */
+  unsigned bHasExpr:1;     /* Index contains an expression, either a literal
+                           ** expression, or a reference to a VIRTUAL column */
 #ifdef SQLITE_ENABLE_STAT4
   int nSample;             /* Number of elements in aSample[] */
+  int mxSample;            /* Number of slots allocated to aSample[] */
   int nSampleCol;          /* Size of IndexSample.anEq[] and so on */
   tRowcnt *aAvgEq;         /* Average nEq values for keys not in aSample */
   IndexSample *aSample;    /* Samples of the left-most key */
   tRowcnt *aiRowEst;       /* Non-logarithmic stat1 data for this index */
   tRowcnt nRowEst0;        /* Non-logarithmic number of rows in the index */
 #endif
-  Bitmask colNotIdxed;     /* 0 for unindexed columns in pTab */
+  Bitmask colNotIdxed;     /* Unindexed columns in pTab */
 };
 
 /*
@@ -18004,16 +18385,15 @@ struct AggInfo {
                           ** from source tables rather than from accumulators */
   u8 useSortingIdx;       /* In direct mode, reference the sorting index rather
                           ** than the source table */
+  u16 nSortingColumn;     /* Number of columns in the sorting index */
   int sortingIdx;         /* Cursor number of the sorting index */
   int sortingIdxPTab;     /* Cursor number of pseudo-table */
-  int nSortingColumn;     /* Number of columns in the sorting index */
-  int mnReg, mxReg;       /* Range of registers allocated for aCol and aFunc */
+  int iFirstReg;          /* First register in range for aCol[] and aFunc[] */
   ExprList *pGroupBy;     /* The group by clause */
   struct AggInfo_col {    /* For each column used in source tables */
     Table *pTab;             /* Source table */
     Expr *pCExpr;            /* The original expression */
     int iTable;              /* Cursor number of the source table */
-    int iMem;                /* Memory location that acts as accumulator */
     i16 iColumn;             /* Column number within the source table */
     i16 iSorterColumn;       /* Column number in the sorting index */
   } *aCol;
@@ -18024,14 +18404,27 @@ struct AggInfo {
   struct AggInfo_func {   /* For each aggregate function */
     Expr *pFExpr;            /* Expression encoding the function */
     FuncDef *pFunc;          /* The aggregate function implementation */
-    int iMem;                /* Memory location that acts as accumulator */
     int iDistinct;           /* Ephemeral table used to enforce DISTINCT */
     int iDistAddr;           /* Address of OP_OpenEphemeral */
   } *aFunc;
   int nFunc;              /* Number of entries in aFunc[] */
   u32 selId;              /* Select to which this AggInfo belongs */
+#ifdef SQLITE_DEBUG
+  Select *pSelect;        /* SELECT statement that this AggInfo supports */
+#endif
 };
 
+/*
+** Macros to compute aCol[] and aFunc[] register numbers.
+**
+** These macros should not be used prior to the call to
+** assignAggregateRegisters() that computes the value of pAggInfo->iFirstReg.
+** The assert()s that are part of this macro verify that constraint.
+*/
+#define AggInfoColumnReg(A,I)  (assert((A)->iFirstReg),(A)->iFirstReg+(I))
+#define AggInfoFuncReg(A,I)    \
+                      (assert((A)->iFirstReg),(A)->iFirstReg+(A)->nColumn+(I))
+
 /*
 ** The datatype ynVar is a signed integer, either 16-bit or 32-bit.
 ** Usually it is 16-bits.  But if SQLITE_MAX_VARIABLE_NUMBER is greater
@@ -18197,7 +18590,7 @@ struct Expr {
 #define EP_Reduced    0x004000 /* Expr struct EXPR_REDUCEDSIZE bytes only */
 #define EP_Win        0x008000 /* Contains window functions */
 #define EP_TokenOnly  0x010000 /* Expr struct EXPR_TOKENONLYSIZE bytes only */
-#define EP_MemToken   0x020000 /* Need to sqlite3DbFree() Expr.zToken */
+                   /* 0x020000 // Available for reuse */
 #define EP_IfNullRow  0x040000 /* The TK_IF_NULL_ROW opcode */
 #define EP_Unlikely   0x080000 /* unlikely() or likelihood() function */
 #define EP_ConstFunc  0x100000 /* A SQLITE_FUNC_CONSTANT or _SLOCHNG function */
@@ -18382,6 +18775,14 @@ struct IdList {
 ** The SrcItem object represents a single term in the FROM clause of a query.
 ** The SrcList object is mostly an array of SrcItems.
 **
+** The jointype starts out showing the join type between the current table
+** and the next table on the list.  The parser builds the list this way.
+** But sqlite3SrcListShiftJoinType() later shifts the jointypes so that each
+** jointype expresses the join between the table and the previous table.
+**
+** In the colUsed field, the high-order bit (bit 63) is set if the table
+** contains more than 63 columns and the 64-th or later column is used.
+**
 ** Union member validity:
 **
 **    u1.zIndexedBy          fg.isIndexedBy && !fg.isTabFunc
@@ -18421,14 +18822,14 @@ struct SrcItem {
     Expr *pOn;        /* fg.isUsing==0 =>  The ON clause of a join */
     IdList *pUsing;   /* fg.isUsing==1 =>  The USING clause of a join */
   } u3;
-  Bitmask colUsed;  /* Bit N (1<62 */
   union {
     char *zIndexedBy;    /* Identifier from "INDEXED BY " clause */
     ExprList *pFuncArg;  /* Arguments to table-valued-function */
   } u1;
   union {
     Index *pIBIndex;  /* Index structure corresponding to u1.zIndexedBy */
-    CteUse *pCteUse;  /* CTE Usage info info fg.isCte is true */
+    CteUse *pCteUse;  /* CTE Usage info when fg.isCte is true */
   } u2;
 };
 
@@ -18442,23 +18843,11 @@ struct OnOrUsing {
 };
 
 /*
-** The following structure describes the FROM clause of a SELECT statement.
-** Each table or subquery in the FROM clause is a separate element of
-** the SrcList.a[] array.
-**
-** With the addition of multiple database support, the following structure
-** can also be used to describe a particular table such as the table that
-** is modified by an INSERT, DELETE, or UPDATE statement.  In standard SQL,
-** such a table must be a simple name: ID.  But in SQLite, the table can
-** now be identified by a database name, a dot, then the table name: ID.ID.
+** This object represents one or more tables that are the source of
+** content for an SQL statement.  For example, a single SrcList object
+** is used to hold the FROM clause of a SELECT statement.  SrcList also
+** represents the target tables for DELETE, INSERT, and UPDATE statements.
 **
-** The jointype starts out showing the join type between the current table
-** and the next table on the list.  The parser builds the list this way.
-** But sqlite3SrcListShiftJoinType() later shifts the jointypes so that each
-** jointype expresses the join between the table and the previous table.
-**
-** In the colUsed field, the high-order bit (bit 63) is set if the table
-** contains more than 63 columns and the 64-th or later column is used.
 */
 struct SrcList {
   int nSrc;        /* Number of tables or subqueries in the FROM clause */
@@ -18566,7 +18955,7 @@ struct NameContext {
 #define NC_HasAgg    0x000010 /* One or more aggregate functions seen */
 #define NC_IdxExpr   0x000020 /* True if resolving columns of CREATE INDEX */
 #define NC_SelfRef   0x00002e /* Combo: PartIdx, isCheck, GenCol, and IdxExpr */
-#define NC_VarSelect 0x000040 /* A correlated subquery has been seen */
+#define NC_Subquery  0x000040 /* A subquery has been seen */
 #define NC_UEList    0x000080 /* True if uNC.pEList is used */
 #define NC_UAggInfo  0x000100 /* True if uNC.pAggInfo is used */
 #define NC_UUpsert   0x000200 /* True if uNC.pUpsert is used */
@@ -18695,6 +19084,7 @@ struct Select {
 #define SF_MultiPart     0x2000000 /* Has multiple incompatible PARTITIONs */
 #define SF_CopyCte       0x4000000 /* SELECT statement is a copy of a CTE */
 #define SF_OrderByReqd   0x8000000 /* The ORDER BY clause may not be omitted */
+#define SF_UpdateFrom   0x10000000 /* Query originates with UPDATE FROM */
 
 /* True if S exists and has SF_NestedFrom */
 #define IsNestedFrom(S) ((S)!=0 && ((S)->selFlags&SF_NestedFrom)!=0)
@@ -18803,7 +19193,7 @@ struct SelectDest {
   int iSDParm2;        /* A second parameter for the eDest disposal method */
   int iSdst;           /* Base register where results are written */
   int nSdst;           /* Number of registers allocated */
-  char *zAffSdst;      /* Affinity used when eDest==SRT_Set */
+  char *zAffSdst;      /* Affinity used for SRT_Set */
   ExprList *pOrderBy;  /* Key columns for SRT_Queue and SRT_DistQueue */
 };
 
@@ -18862,11 +19252,34 @@ struct TriggerPrg {
 #else
   typedef unsigned int yDbMask;
 # define DbMaskTest(M,I)    (((M)&(((yDbMask)1)<<(I)))!=0)
-# define DbMaskZero(M)      (M)=0
-# define DbMaskSet(M,I)     (M)|=(((yDbMask)1)<<(I))
-# define DbMaskAllZero(M)   (M)==0
-# define DbMaskNonZero(M)   (M)!=0
+# define DbMaskZero(M)      ((M)=0)
+# define DbMaskSet(M,I)     ((M)|=(((yDbMask)1)<<(I)))
+# define DbMaskAllZero(M)   ((M)==0)
+# define DbMaskNonZero(M)   ((M)!=0)
+#endif
+
+/*
+** For each index X that has as one of its arguments either an expression
+** or the name of a virtual generated column, and if X is in scope such that
+** the value of the expression can simply be read from the index, then
+** there is an instance of this object on the Parse.pIdxExpr list.
+**
+** During code generation, while generating code to evaluate expressions,
+** this list is consulted and if a matching expression is found, the value
+** is read from the index rather than being recomputed.
+*/
+struct IndexedExpr {
+  Expr *pExpr;            /* The expression contained in the index */
+  int iDataCur;           /* The data cursor associated with the index */
+  int iIdxCur;            /* The index cursor */
+  int iIdxCol;            /* The index column that contains value of pExpr */
+  u8 bMaybeNullRow;       /* True if we need an OP_IfNullRow check */
+  u8 aff;                 /* Affinity of the pExpr expression */
+  IndexedExpr *pIENext;   /* Next in a list of all indexed expressions */
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+  const char *zIdxName;   /* Name of index, used only for bytecode comments */
 #endif
+};
 
 /*
 ** An instance of the ParseCleanup object specifies an operation that
@@ -18909,10 +19322,13 @@ struct Parse {
   u8 hasCompound;      /* Need to invoke convertCompoundSelectToSubquery() */
   u8 okConstFactor;    /* OK to factor out constants */
   u8 disableLookaside; /* Number of times lookaside has been disabled */
-  u8 disableVtab;      /* Disable all virtual tables for this parse */
+  u8 prepFlags;        /* SQLITE_PREPARE_* flags */
   u8 withinRJSubrtn;   /* Nesting level for RIGHT JOIN body subroutines */
 #if defined(SQLITE_DEBUG) || defined(SQLITE_COVERAGE_TEST)
   u8 earlyCleanup;     /* OOM inside sqlite3ParserAddCleanup() */
+#endif
+#ifdef SQLITE_DEBUG
+  u8 ifNotExists;      /* Might be true if IF NOT EXISTS.  Assert()s only */
 #endif
   int nRangeReg;       /* Size of the temporary register block */
   int iRangeReg;       /* First register in temporary register block */
@@ -18926,6 +19342,7 @@ struct Parse {
   int nLabelAlloc;     /* Number of slots in aLabel */
   int *aLabel;         /* Space to hold the labels */
   ExprList *pConstExpr;/* Constant expressions */
+  IndexedExpr *pIdxEpr;/* List of expressions used by active indexes */
   Token constraintName;/* Name of the constraint currently being parsed */
   yDbMask writeMask;   /* Start a write transaction on these databases */
   yDbMask cookieMask;  /* Bitmask of schema verified databases */
@@ -18949,6 +19366,9 @@ struct Parse {
   u32 nQueryLoop;      /* Est number of iterations of a query (10*log2(N)) */
   u32 oldmask;         /* Mask of old.* columns referenced */
   u32 newmask;         /* Mask of new.* columns referenced */
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+  u32 nProgressSteps;  /* xProgress steps taken during sqlite3_prepare() */
+#endif
   u8 eTriggerOp;       /* TK_UPDATE, TK_INSERT or TK_DELETE */
   u8 bReturning;       /* Coding a RETURNING trigger */
   u8 eOrconf;          /* Default ON CONFLICT policy for trigger steps */
@@ -19361,15 +19781,16 @@ struct Walker {
     struct RefSrcList *pRefSrcList;           /* sqlite3ReferencesSrcList() */
     int *aiCol;                               /* array of column indexes */
     struct IdxCover *pIdxCover;               /* Check for index coverage */
-    struct IdxExprTrans *pIdxTrans;           /* Convert idxed expr to column */
     ExprList *pGroupBy;                       /* GROUP BY clause */
     Select *pSelect;                          /* HAVING to WHERE clause ctx */
     struct WindowRewrite *pRewrite;           /* Window rewrite context */
     struct WhereConst *pConst;                /* WHERE clause constants */
     struct RenameCtx *pRename;                /* RENAME COLUMN context */
     struct Table *pTab;                       /* Table of generated column */
+    struct CoveringIndexCheck *pCovIdxCk;     /* Check for covering index */
     SrcItem *pSrcItem;                        /* A single FROM clause item */
-    DbFixer *pFix;
+    DbFixer *pFix;                            /* See sqlite3FixSelect() */
+    Mem *aMem;                                /* See sqlite3BtreeCursorHint() */
   } u;
 };
 
@@ -19639,6 +20060,8 @@ SQLITE_PRIVATE   int sqlite3CorruptPgnoError(int,Pgno);
 # define sqlite3Isxdigit(x)  (sqlite3CtypeMap[(unsigned char)(x)]&0x08)
 # define sqlite3Tolower(x)   (sqlite3UpperToLower[(unsigned char)(x)])
 # define sqlite3Isquote(x)   (sqlite3CtypeMap[(unsigned char)(x)]&0x80)
+# define sqlite3JsonId1(x)   (sqlite3CtypeMap[(unsigned char)(x)]&0x42)
+# define sqlite3JsonId2(x)   (sqlite3CtypeMap[(unsigned char)(x)]&0x46)
 #else
 # define sqlite3Toupper(x)   toupper((unsigned char)(x))
 # define sqlite3Isspace(x)   isspace((unsigned char)(x))
@@ -19648,6 +20071,8 @@ SQLITE_PRIVATE   int sqlite3CorruptPgnoError(int,Pgno);
 # define sqlite3Isxdigit(x)  isxdigit((unsigned char)(x))
 # define sqlite3Tolower(x)   tolower((unsigned char)(x))
 # define sqlite3Isquote(x)   ((x)=='"'||(x)=='\''||(x)=='['||(x)=='`')
+# define sqlite3JsonId1(x)   (sqlite3IsIdChar(x)&&(x)<'0')
+# define sqlite3JsonId2(x)   sqlite3IsIdChar(x)
 #endif
 SQLITE_PRIVATE int sqlite3IsIdChar(u8);
 
@@ -19675,6 +20100,7 @@ SQLITE_PRIVATE void *sqlite3DbReallocOrFree(sqlite3 *, void *, u64);
 SQLITE_PRIVATE void *sqlite3DbRealloc(sqlite3 *, void *, u64);
 SQLITE_PRIVATE void sqlite3DbFree(sqlite3*, void*);
 SQLITE_PRIVATE void sqlite3DbFreeNN(sqlite3*, void*);
+SQLITE_PRIVATE void sqlite3DbNNFreeNN(sqlite3*, void*);
 SQLITE_PRIVATE int sqlite3MallocSize(const void*);
 SQLITE_PRIVATE int sqlite3DbMallocSize(sqlite3*, const void*);
 SQLITE_PRIVATE void *sqlite3PageMalloc(int);
@@ -19695,12 +20121,14 @@ SQLITE_PRIVATE int sqlite3HeapNearlyFull(void);
 */
 #ifdef SQLITE_USE_ALLOCA
 # define sqlite3StackAllocRaw(D,N)   alloca(N)
-# define sqlite3StackAllocZero(D,N)  memset(alloca(N), 0, N)
+# define sqlite3StackAllocRawNN(D,N) alloca(N)
 # define sqlite3StackFree(D,P)
+# define sqlite3StackFreeNN(D,P)
 #else
 # define sqlite3StackAllocRaw(D,N)   sqlite3DbMallocRaw(D,N)
-# define sqlite3StackAllocZero(D,N)  sqlite3DbMallocZero(D,N)
+# define sqlite3StackAllocRawNN(D,N) sqlite3DbMallocRawNN(D,N)
 # define sqlite3StackFree(D,P)       sqlite3DbFree(D,P)
+# define sqlite3StackFreeNN(D,P)     sqlite3DbFreeNN(D,P)
 #endif
 
 /* Do not allow both MEMSYS5 and MEMSYS3 to be defined together.  If they
@@ -19823,6 +20251,7 @@ SQLITE_PRIVATE   void sqlite3ShowWinFunc(const Window*);
 #endif
 
 SQLITE_PRIVATE void sqlite3SetString(char **, sqlite3*, const char*);
+SQLITE_PRIVATE void sqlite3ProgressCheck(Parse*);
 SQLITE_PRIVATE void sqlite3ErrorMsg(Parse*, const char*, ...);
 SQLITE_PRIVATE int sqlite3ErrorToParser(sqlite3*,int);
 SQLITE_PRIVATE void sqlite3Dequote(char*);
@@ -19837,6 +20266,10 @@ SQLITE_PRIVATE void sqlite3ReleaseTempReg(Parse*,int);
 SQLITE_PRIVATE int sqlite3GetTempRange(Parse*,int);
 SQLITE_PRIVATE void sqlite3ReleaseTempRange(Parse*,int,int);
 SQLITE_PRIVATE void sqlite3ClearTempRegCache(Parse*);
+SQLITE_PRIVATE void sqlite3TouchRegister(Parse*,int);
+#if defined(SQLITE_ENABLE_STAT4) || defined(SQLITE_DEBUG)
+SQLITE_PRIVATE int sqlite3FirstAvailableRegister(Parse*,int);
+#endif
 #ifdef SQLITE_DEBUG
 SQLITE_PRIVATE int sqlite3NoTempsInRange(Parse*,int,int);
 #endif
@@ -19880,7 +20313,7 @@ SQLITE_PRIVATE const char *sqlite3ColumnColl(Column*);
 SQLITE_PRIVATE void sqlite3DeleteColumnNames(sqlite3*,Table*);
 SQLITE_PRIVATE void sqlite3GenerateColumnNames(Parse *pParse, Select *pSelect);
 SQLITE_PRIVATE int sqlite3ColumnsFromExprList(Parse*,ExprList*,i16*,Column**);
-SQLITE_PRIVATE void sqlite3SelectAddColumnTypeAndCollation(Parse*,Table*,Select*,char);
+SQLITE_PRIVATE void sqlite3SubqueryColumnTypes(Parse*,Table*,Select*,char);
 SQLITE_PRIVATE Table *sqlite3ResultSetOfSelect(Parse*,Select*,char);
 SQLITE_PRIVATE void sqlite3OpenSchemaTable(Parse *, int);
 SQLITE_PRIVATE Index *sqlite3PrimaryKeyIndex(Table*);
@@ -19987,7 +20420,7 @@ SQLITE_PRIVATE Select *sqlite3SelectNew(Parse*,ExprList*,SrcList*,Expr*,ExprList
                          Expr*,ExprList*,u32,Expr*);
 SQLITE_PRIVATE void sqlite3SelectDelete(sqlite3*, Select*);
 SQLITE_PRIVATE Table *sqlite3SrcListLookup(Parse*, SrcList*);
-SQLITE_PRIVATE int sqlite3IsReadOnly(Parse*, Table*, int);
+SQLITE_PRIVATE int sqlite3IsReadOnly(Parse*, Table*, Trigger*);
 SQLITE_PRIVATE void sqlite3OpenTable(Parse*, int iCur, int iDb, Table*, int);
 #if defined(SQLITE_ENABLE_UPDATE_DELETE_LIMIT) && !defined(SQLITE_OMIT_SUBQUERY)
 SQLITE_PRIVATE Expr *sqlite3LimitWhere(Parse*,SrcList*,Expr*,ExprList*,Expr*,char*);
@@ -20076,7 +20509,7 @@ SQLITE_PRIVATE int sqlite3ExprIsConstantNotJoin(Expr*);
 SQLITE_PRIVATE int sqlite3ExprIsConstantOrFunction(Expr*, u8);
 SQLITE_PRIVATE int sqlite3ExprIsConstantOrGroupBy(Parse*, Expr*, ExprList*);
 SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr*,int);
-SQLITE_PRIVATE int sqlite3ExprIsTableConstraint(Expr*,const SrcItem*);
+SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(Expr*,const SrcList*,int);
 #ifdef SQLITE_ENABLE_CURSOR_HINTS
 SQLITE_PRIVATE int sqlite3ExprContainsSubquery(Expr*);
 #endif
@@ -20199,7 +20632,8 @@ SQLITE_PRIVATE int sqlite3FixSelect(DbFixer*, Select*);
 SQLITE_PRIVATE int sqlite3FixExpr(DbFixer*, Expr*);
 SQLITE_PRIVATE int sqlite3FixTriggerStep(DbFixer*, TriggerStep*);
 SQLITE_PRIVATE int sqlite3RealSameAsInt(double,sqlite3_int64);
-SQLITE_PRIVATE void sqlite3Int64ToText(i64,char*);
+SQLITE_PRIVATE i64 sqlite3RealToI64(double);
+SQLITE_PRIVATE int sqlite3Int64ToText(i64,char*);
 SQLITE_PRIVATE int sqlite3AtoF(const char *z, double*, int, u8);
 SQLITE_PRIVATE int sqlite3GetInt32(const char *, int*);
 SQLITE_PRIVATE int sqlite3GetUInt32(const char*, u32*);
@@ -20244,11 +20678,13 @@ SQLITE_PRIVATE int sqlite3VarintLen(u64 v);
 
 
 SQLITE_PRIVATE const char *sqlite3IndexAffinityStr(sqlite3*, Index*);
+SQLITE_PRIVATE char *sqlite3TableAffinityStr(sqlite3*,const Table*);
 SQLITE_PRIVATE void sqlite3TableAffinity(Vdbe*, Table*, int);
 SQLITE_PRIVATE char sqlite3CompareAffinity(const Expr *pExpr, char aff2);
 SQLITE_PRIVATE int sqlite3IndexAffinityOk(const Expr *pExpr, char idx_affinity);
 SQLITE_PRIVATE char sqlite3TableColumnAffinity(const Table*,int);
 SQLITE_PRIVATE char sqlite3ExprAffinity(const Expr *pExpr);
+SQLITE_PRIVATE int sqlite3ExprDataType(const Expr *pExpr);
 SQLITE_PRIVATE int sqlite3Atoi64(const char*, i64*, int, u8);
 SQLITE_PRIVATE int sqlite3DecOrHexToI64(const char*, i64*);
 SQLITE_PRIVATE void sqlite3ErrorWithMsg(sqlite3*, int, const char*,...);
@@ -20265,6 +20701,9 @@ SQLITE_PRIVATE const char *sqlite3ErrName(int);
 
 #ifndef SQLITE_OMIT_DESERIALIZE
 SQLITE_PRIVATE int sqlite3MemdbInit(void);
+SQLITE_PRIVATE int sqlite3IsMemdb(const sqlite3_vfs*);
+#else
+# define sqlite3IsMemdb(X) 0
 #endif
 
 SQLITE_PRIVATE const char *sqlite3ErrStr(int);
@@ -20315,7 +20754,6 @@ SQLITE_PRIVATE const unsigned char sqlite3OpcodeProperty[];
 SQLITE_PRIVATE const char sqlite3StrBINARY[];
 SQLITE_PRIVATE const unsigned char sqlite3StdTypeLen[];
 SQLITE_PRIVATE const char sqlite3StdTypeAffinity[];
-SQLITE_PRIVATE const char sqlite3StdTypeMap[];
 SQLITE_PRIVATE const char *sqlite3StdType[];
 SQLITE_PRIVATE const unsigned char sqlite3UpperToLower[];
 SQLITE_PRIVATE const unsigned char *sqlite3aLTb;
@@ -20405,7 +20843,7 @@ SQLITE_PRIVATE int sqlite3ApiExit(sqlite3 *db, int);
 SQLITE_PRIVATE int sqlite3OpenTempDatabase(Parse *);
 
 SQLITE_PRIVATE void sqlite3StrAccumInit(StrAccum*, sqlite3*, char*, int, int);
-SQLITE_PRIVATE int sqlite3StrAccumEnlarge(StrAccum*, int);
+SQLITE_PRIVATE int sqlite3StrAccumEnlarge(StrAccum*, i64);
 SQLITE_PRIVATE char *sqlite3StrAccumFinish(StrAccum*);
 SQLITE_PRIVATE void sqlite3StrAccumSetError(StrAccum*, u8);
 SQLITE_PRIVATE void sqlite3ResultStrAccum(sqlite3_context*,StrAccum*);
@@ -20519,10 +20957,7 @@ SQLITE_PRIVATE int sqlite3VtabCallDestroy(sqlite3*, int, const char *);
 SQLITE_PRIVATE int sqlite3VtabBegin(sqlite3 *, VTable *);
 
 SQLITE_PRIVATE FuncDef *sqlite3VtabOverloadFunction(sqlite3 *,FuncDef*, int nArg, Expr*);
-#if (defined(SQLITE_ENABLE_DBPAGE_VTAB) || defined(SQLITE_TEST)) \
-    && !defined(SQLITE_OMIT_VIRTUALTABLE)
-SQLITE_PRIVATE   void sqlite3VtabUsesAllSchemas(sqlite3_index_info*);
-#endif
+SQLITE_PRIVATE void sqlite3VtabUsesAllSchemas(Parse*);
 SQLITE_PRIVATE sqlite3_int64 sqlite3StmtCurrentTime(sqlite3_context*);
 SQLITE_PRIVATE int sqlite3VdbeParameterIndex(Vdbe*, const char*, int);
 SQLITE_PRIVATE int sqlite3TransferBindings(sqlite3_stmt *, sqlite3_stmt *);
@@ -20759,6 +21194,22 @@ SQLITE_PRIVATE void sqlite3VectorErrorMsg(Parse*, Expr*);
 SQLITE_PRIVATE const char **sqlite3CompileOptions(int *pnOpt);
 #endif
 
+#if SQLITE_OS_UNIX && defined(SQLITE_OS_KV_OPTIONAL)
+SQLITE_PRIVATE int sqlite3KvvfsInit(void);
+#endif
+
+#if defined(VDBE_PROFILE) \
+ || defined(SQLITE_PERFORMANCE_TRACE) \
+ || defined(SQLITE_ENABLE_STMT_SCANSTATUS)
+SQLITE_PRIVATE sqlite3_uint64 sqlite3Hwtime(void);
+#endif
+
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+# define IS_STMT_SCANSTATUS(db) (db->flags & SQLITE_StmtScanStatus)
+#else
+# define IS_STMT_SCANSTATUS(db) 0
+#endif
+
 #endif /* SQLITEINT_H */
 
 /************** End of sqliteInt.h *******************************************/
@@ -20800,101 +21251,6 @@ SQLITE_PRIVATE const char **sqlite3CompileOptions(int *pnOpt);
 */
 #ifdef SQLITE_PERFORMANCE_TRACE
 
-/*
-** hwtime.h contains inline assembler code for implementing
-** high-performance timing routines.
-*/
-/************** Include hwtime.h in the middle of os_common.h ****************/
-/************** Begin file hwtime.h ******************************************/
-/*
-** 2008 May 27
-**
-** The author disclaims copyright to this source code.  In place of
-** a legal notice, here is a blessing:
-**
-**    May you do good and not evil.
-**    May you find forgiveness for yourself and forgive others.
-**    May you share freely, never taking more than you give.
-**
-******************************************************************************
-**
-** This file contains inline asm code for retrieving "high-performance"
-** counters for x86 and x86_64 class CPUs.
-*/
-#ifndef SQLITE_HWTIME_H
-#define SQLITE_HWTIME_H
-
-/*
-** The following routine only works on pentium-class (or newer) processors.
-** It uses the RDTSC opcode to read the cycle count value out of the
-** processor and returns that value.  This can be used for high-res
-** profiling.
-*/
-#if !defined(__STRICT_ANSI__) && \
-    (defined(__GNUC__) || defined(_MSC_VER)) && \
-    (defined(i386) || defined(__i386__) || defined(_M_IX86))
-
-  #if defined(__GNUC__)
-
-  __inline__ sqlite_uint64 sqlite3Hwtime(void){
-     unsigned int lo, hi;
-     __asm__ __volatile__ ("rdtsc" : "=a" (lo), "=d" (hi));
-     return (sqlite_uint64)hi << 32 | lo;
-  }
-
-  #elif defined(_MSC_VER)
-
-  __declspec(naked) __inline sqlite_uint64 __cdecl sqlite3Hwtime(void){
-     __asm {
-        rdtsc
-        ret       ; return value at EDX:EAX
-     }
-  }
-
-  #endif
-
-#elif !defined(__STRICT_ANSI__) && (defined(__GNUC__) && defined(__x86_64__))
-
-  __inline__ sqlite_uint64 sqlite3Hwtime(void){
-      unsigned long val;
-      __asm__ __volatile__ ("rdtsc" : "=A" (val));
-      return val;
-  }
-
-#elif !defined(__STRICT_ANSI__) && (defined(__GNUC__) && defined(__ppc__))
-
-  __inline__ sqlite_uint64 sqlite3Hwtime(void){
-      unsigned long long retval;
-      unsigned long junk;
-      __asm__ __volatile__ ("\n\
-          1:      mftbu   %1\n\
-                  mftb    %L0\n\
-                  mftbu   %0\n\
-                  cmpw    %0,%1\n\
-                  bne     1b"
-                  : "=r" (retval), "=r" (junk));
-      return retval;
-  }
-
-#else
-
-  /*
-  ** asm() is needed for hardware timing support.  Without asm(),
-  ** disable the sqlite3Hwtime() routine.
-  **
-  ** sqlite3Hwtime() is only used for some obscure debugging
-  ** and analysis configurations, not in any deliverable, so this
-  ** should not be a great loss.
-  */
-SQLITE_PRIVATE   sqlite_uint64 sqlite3Hwtime(void){ return ((sqlite_uint64)0); }
-
-#endif
-
-#endif /* !defined(SQLITE_HWTIME_H) */
-
-/************** End of hwtime.h **********************************************/
-/************** Continuing where we left off in os_common.h ******************/
-
 static sqlite_uint64 g_start;
 static sqlite_uint64 g_elapsed;
 #define TIMER_START       g_start=sqlite3Hwtime()
@@ -20990,7 +21346,7 @@ SQLITE_API extern int sqlite3_open_file_count;
 ** autoconf-based build
 */
 #if defined(_HAVE_SQLITE_CONFIG_H) && !defined(SQLITECONFIG_H)
-/* #include "config.h" */
+/* #include "sqlite_cfg.h" */
 #define SQLITECONFIG_H 1
 #endif
 
@@ -21155,6 +21511,9 @@ static const char * const sqlite3azCompileOpt[] = {
 #ifdef SQLITE_DISABLE_SKIPAHEAD_DISTINCT
   "DISABLE_SKIPAHEAD_DISTINCT",
 #endif
+#ifdef SQLITE_DQS
+  "DQS=" CTIMEOPT_VAL(SQLITE_DQS),
+#endif
 #ifdef SQLITE_ENABLE_8_3_NAMES
   "ENABLE_8_3_NAMES=" CTIMEOPT_VAL(SQLITE_ENABLE_8_3_NAMES),
 #endif
@@ -21645,9 +22004,6 @@ static const char * const sqlite3azCompileOpt[] = {
 #ifdef SQLITE_OMIT_XFER_OPT
   "OMIT_XFER_OPT",
 #endif
-#ifdef SQLITE_PCACHE_SEPARATE_HEADER
-  "PCACHE_SEPARATE_HEADER",
-#endif
 #ifdef SQLITE_PERFORMANCE_TRACE
   "PERFORMANCE_TRACE",
 #endif
@@ -21849,7 +22205,7 @@ SQLITE_PRIVATE const unsigned char *sqlite3aGTb = &sqlite3UpperToLower[256+12-OP
 **   isalnum()                        0x06
 **   isxdigit()                       0x08
 **   toupper()                        0x20
-**   SQLite identifier character      0x40
+**   SQLite identifier character      0x40   $, _, or non-ascii
 **   Quote character                  0x80
 **
 ** Bit 0x20 is set if the mapped character requires translation to upper
@@ -22043,7 +22399,7 @@ SQLITE_PRIVATE SQLITE_WSD struct Sqlite3Config sqlite3Config = {
    SQLITE_DEFAULT_SORTERREF_SIZE,   /* szSorterRef */
    0,                         /* iPrngSeed */
 #ifdef SQLITE_DEBUG
-   {0,0,0,0,0,0}              /* aTune */
+   {0,0,0,0,0,0},             /* aTune */
 #endif
 };
 
@@ -22127,10 +22483,6 @@ SQLITE_PRIVATE const char sqlite3StrBINARY[] = "BINARY";
 **
 **    sqlite3StdTypeAffinity[]    The affinity associated with each entry
 **                                in sqlite3StdType[].
-**
-**    sqlite3StdTypeMap[]         The type value (as returned from
-**                                sqlite3_column_type() or sqlite3_value_type())
-**                                for each entry in sqlite3StdType[].
 */
 SQLITE_PRIVATE const unsigned char sqlite3StdTypeLen[] = { 3, 4, 3, 7, 4, 4 };
 SQLITE_PRIVATE const char sqlite3StdTypeAffinity[] = {
@@ -22141,14 +22493,6 @@ SQLITE_PRIVATE const char sqlite3StdTypeAffinity[] = {
   SQLITE_AFF_REAL,
   SQLITE_AFF_TEXT
 };
-SQLITE_PRIVATE const char sqlite3StdTypeMap[] = {
-  0,
-  SQLITE_BLOB,
-  SQLITE_INTEGER,
-  SQLITE_INTEGER,
-  SQLITE_FLOAT,
-  SQLITE_TEXT
-};
 SQLITE_PRIVATE const char *sqlite3StdType[] = {
   "ANY",
   "BLOB",
@@ -22351,7 +22695,6 @@ struct VdbeFrame {
   Vdbe *v;                /* VM this frame belongs to */
   VdbeFrame *pParent;     /* Parent of this frame, or NULL if parent is main */
   Op *aOp;                /* Program instructions for parent frame */
-  i64 *anExec;            /* Event counters from parent frame */
   Mem *aMem;              /* Array of memory cells for parent frame */
   VdbeCursor **apCsr;     /* Array of Vdbe cursors for parent frame */
   u8 *aOnce;              /* Bitmask used by OP_Once */
@@ -22567,10 +22910,19 @@ typedef unsigned bft;  /* Bit Field Type */
 
 /* The ScanStatus object holds a single value for the
 ** sqlite3_stmt_scanstatus() interface.
+**
+** aAddrRange[]:
+**   This array is used by ScanStatus elements associated with EQP
+**   notes that make an SQLITE_SCANSTAT_NCYCLE value available. It is
+**   an array of up to 3 ranges of VM addresses for which the Vdbe.anCycle[]
+**   values should be summed to calculate the NCYCLE value. Each pair of
+**   integer addresses is a start and end address (both inclusive) for a range
+**   instructions. A start value of 0 indicates an empty range.
 */
 typedef struct ScanStatus ScanStatus;
 struct ScanStatus {
   int addrExplain;                /* OP_Explain for loop */
+  int aAddrRange[6];
   int addrLoop;                   /* Address of "loops" counter */
   int addrVisit;                  /* Address of "rows visited" counter */
   int iSelectID;                  /* The "Select-ID" for this loop */
@@ -22600,7 +22952,7 @@ struct DblquoteStr {
 */
 struct Vdbe {
   sqlite3 *db;            /* The database connection that owns this statement */
-  Vdbe *pPrev,*pNext;     /* Linked list of VDBEs with the same Vdbe.db */
+  Vdbe **ppVPrev,*pVNext; /* Linked list of VDBEs with the same Vdbe.db */
   Parse *pParse;          /* Parsing context used to create this Vdbe */
   ynVar nVar;             /* Number of entries in aVar[] */
   int nMem;               /* Number of memory locations currently allocated */
@@ -22626,7 +22978,7 @@ struct Vdbe {
   int nOp;                /* Number of instructions in the program */
   int nOpAlloc;           /* Slots allocated for aOp[] */
   Mem *aColName;          /* Column names to return */
-  Mem *pResultSet;        /* Pointer to an array of results */
+  Mem *pResultRow;        /* Current output row */
   char *zErrMsg;          /* Error message written here */
   VList *pVList;          /* Name of variables */
 #ifndef SQLITE_OMIT_TRACE
@@ -22663,7 +23015,6 @@ struct Vdbe {
   SubProgram *pProgram;   /* Linked list of all sub-programs used by VM */
   AuxData *pAuxData;      /* Linked list of auxdata allocations */
 #ifdef SQLITE_ENABLE_STMT_SCANSTATUS
-  i64 *anExec;            /* Number of times each op has been executed */
   int nScan;              /* Entries in aScan[] */
   ScanStatus *aScan;      /* Scan definitions for sqlite3_stmt_scanstatus() */
 #endif
@@ -22830,6 +23181,8 @@ SQLITE_PRIVATE int sqlite3VdbeSorterRewind(const VdbeCursor *, int *);
 SQLITE_PRIVATE int sqlite3VdbeSorterWrite(const VdbeCursor *, Mem *);
 SQLITE_PRIVATE int sqlite3VdbeSorterCompare(const VdbeCursor *, Mem *, int, int *);
 
+SQLITE_PRIVATE void sqlite3VdbeValueListFree(void*);
+
 #ifdef SQLITE_DEBUG
 SQLITE_PRIVATE   void sqlite3VdbeIncrWriteCounter(Vdbe*, VdbeCursor*);
 SQLITE_PRIVATE   void sqlite3VdbeAssertAbortable(Vdbe*);
@@ -23158,6 +23511,8 @@ SQLITE_API int sqlite3_db_status(
 
       sqlite3BtreeEnterAll(db);
       db->pnBytesFreed = &nByte;
+      assert( db->lookaside.pEnd==db->lookaside.pTrueEnd );
+      db->lookaside.pEnd = db->lookaside.pStart;
       for(i=0; inDb; i++){
         Schema *pSchema = db->aDb[i].pSchema;
         if( ALWAYS(pSchema!=0) ){
@@ -23183,6 +23538,7 @@ SQLITE_API int sqlite3_db_status(
         }
       }
       db->pnBytesFreed = 0;
+      db->lookaside.pEnd = db->lookaside.pTrueEnd;
       sqlite3BtreeLeaveAll(db);
 
       *pHighwater = 0;
@@ -23200,9 +23556,12 @@ SQLITE_API int sqlite3_db_status(
       int nByte = 0;              /* Used to accumulate return value */
 
       db->pnBytesFreed = &nByte;
-      for(pVdbe=db->pVdbe; pVdbe; pVdbe=pVdbe->pNext){
+      assert( db->lookaside.pEnd==db->lookaside.pTrueEnd );
+      db->lookaside.pEnd = db->lookaside.pStart;
+      for(pVdbe=db->pVdbe; pVdbe; pVdbe=pVdbe->pVNext){
         sqlite3VdbeDelete(pVdbe);
       }
+      db->lookaside.pEnd = db->lookaside.pTrueEnd;
       db->pnBytesFreed = 0;
 
       *pHighwater = 0;  /* IMP: R-64479-57858 */
@@ -23339,6 +23698,7 @@ struct DateTime {
   char validTZ;       /* True (1) if tz is valid */
   char tzSet;         /* Timezone was set explicitly */
   char isError;       /* An overflow has occurred */
+  char useSubsec;     /* Display subsecond precision */
 };
 
 
@@ -23538,7 +23898,7 @@ static void computeJD(DateTime *p){
   p->iJD = (sqlite3_int64)((X1 + X2 + D + B - 1524.5 ) * 86400000);
   p->validJD = 1;
   if( p->validHMS ){
-    p->iJD += p->h*3600000 + p->m*60000 + (sqlite3_int64)(p->s*1000);
+    p->iJD += p->h*3600000 + p->m*60000 + (sqlite3_int64)(p->s*1000 + 0.5);
     if( p->validTZ ){
       p->iJD -= p->tz*60000;
       p->validYMD = 0;
@@ -23653,6 +24013,11 @@ static int parseDateOrTime(
   }else if( sqlite3AtoF(zDate, &r, sqlite3Strlen30(zDate), SQLITE_UTF8)>0 ){
     setRawDateNumber(p, r);
     return 0;
+  }else if( (sqlite3StrICmp(zDate,"subsec")==0
+             || sqlite3StrICmp(zDate,"subsecond")==0)
+           && sqlite3NotPureFunc(context) ){
+    p->useSubsec = 1;
+    return setDateTimeToCurrent(context, p);
   }
   return 1;
 }
@@ -24011,7 +24376,7 @@ static int parseModifier(
           i64 iOrigJD;              /* Original localtime */
           i64 iGuess;               /* Guess at the corresponding utc time */
           int cnt = 0;              /* Safety to prevent infinite loop */
-          int iErr;                 /* Guess is off by this much */
+          i64 iErr;                 /* Guess is off by this much */
 
           computeJD(p);
           iGuess = iOrigJD = p->iJD;
@@ -24047,7 +24412,7 @@ static int parseModifier(
       */
       if( sqlite3_strnicmp(z, "weekday ", 8)==0
                && sqlite3AtoF(&z[8], &r, sqlite3Strlen30(&z[8]), SQLITE_UTF8)>0
-               && (n=(int)r)==r && n>=0 && r<7 ){
+               && r>=0.0 && r<7.0 && (n=(int)r)==r ){
         sqlite3_int64 Z;
         computeYMD_HMS(p);
         p->validTZ = 0;
@@ -24067,8 +24432,22 @@ static int parseModifier(
       **
       ** Move the date backwards to the beginning of the current day,
       ** or month or year.
+      **
+      **    subsecond
+      **    subsec
+      **
+      ** Show subsecond precision in the output of datetime() and
+      ** unixepoch() and strftime('%s').
       */
-      if( sqlite3_strnicmp(z, "start of ", 9)!=0 ) break;
+      if( sqlite3_strnicmp(z, "start of ", 9)!=0 ){
+        if( sqlite3_stricmp(z, "subsec")==0
+         || sqlite3_stricmp(z, "subsecond")==0
+        ){
+          p->useSubsec = 1;
+          rc = 0;
+        }
+        break;
+      }
       if( !p->validJD && !p->validYMD && !p->validHMS ) break;
       z += 9;
       computeYMD(p);
@@ -24266,7 +24645,11 @@ static void unixepochFunc(
   DateTime x;
   if( isDate(context, argc, argv, &x)==0 ){
     computeJD(&x);
-    sqlite3_result_int64(context, x.iJD/1000 - 21086676*(i64)10000);
+    if( x.useSubsec ){
+      sqlite3_result_double(context, (x.iJD - 21086676*(i64)10000000)/1000.0);
+    }else{
+      sqlite3_result_int64(context, x.iJD/1000 - 21086676*(i64)10000);
+    }
   }
 }
 
@@ -24282,8 +24665,8 @@ static void datetimeFunc(
 ){
   DateTime x;
   if( isDate(context, argc, argv, &x)==0 ){
-    int Y, s;
-    char zBuf[24];
+    int Y, s, n;
+    char zBuf[32];
     computeYMD_HMS(&x);
     Y = x.Y;
     if( Y<0 ) Y = -Y;
@@ -24304,15 +24687,28 @@ static void datetimeFunc(
     zBuf[15] = '0' + (x.m/10)%10;
     zBuf[16] = '0' + (x.m)%10;
     zBuf[17] = ':';
-    s = (int)x.s;
-    zBuf[18] = '0' + (s/10)%10;
-    zBuf[19] = '0' + (s)%10;
-    zBuf[20] = 0;
+    if( x.useSubsec ){
+      s = (int)1000.0*x.s;
+      zBuf[18] = '0' + (s/10000)%10;
+      zBuf[19] = '0' + (s/1000)%10;
+      zBuf[20] = '.';
+      zBuf[21] = '0' + (s/100)%10;
+      zBuf[22] = '0' + (s/10)%10;
+      zBuf[23] = '0' + (s)%10;
+      zBuf[24] = 0;
+      n = 24;
+    }else{
+      s = (int)x.s;
+      zBuf[18] = '0' + (s/10)%10;
+      zBuf[19] = '0' + (s)%10;
+      zBuf[20] = 0;
+      n = 20;
+    }
     if( x.Y<0 ){
       zBuf[0] = '-';
-      sqlite3_result_text(context, zBuf, 20, SQLITE_TRANSIENT);
+      sqlite3_result_text(context, zBuf, n, SQLITE_TRANSIENT);
     }else{
-      sqlite3_result_text(context, &zBuf[1], 19, SQLITE_TRANSIENT);
+      sqlite3_result_text(context, &zBuf[1], n-1, SQLITE_TRANSIENT);
     }
   }
 }
@@ -24329,7 +24725,7 @@ static void timeFunc(
 ){
   DateTime x;
   if( isDate(context, argc, argv, &x)==0 ){
-    int s;
+    int s, n;
     char zBuf[16];
     computeHMS(&x);
     zBuf[0] = '0' + (x.h/10)%10;
@@ -24338,11 +24734,24 @@ static void timeFunc(
     zBuf[3] = '0' + (x.m/10)%10;
     zBuf[4] = '0' + (x.m)%10;
     zBuf[5] = ':';
-    s = (int)x.s;
-    zBuf[6] = '0' + (s/10)%10;
-    zBuf[7] = '0' + (s)%10;
-    zBuf[8] = 0;
-    sqlite3_result_text(context, zBuf, 8, SQLITE_TRANSIENT);
+    if( x.useSubsec ){
+      s = (int)1000.0*x.s;
+      zBuf[6] = '0' + (s/10000)%10;
+      zBuf[7] = '0' + (s/1000)%10;
+      zBuf[8] = '.';
+      zBuf[9] = '0' + (s/100)%10;
+      zBuf[10] = '0' + (s/10)%10;
+      zBuf[11] = '0' + (s)%10;
+      zBuf[12] = 0;
+      n = 12;
+    }else{
+      s = (int)x.s;
+      zBuf[6] = '0' + (s/10)%10;
+      zBuf[7] = '0' + (s)%10;
+      zBuf[8] = 0;
+      n = 8;
+    }
+    sqlite3_result_text(context, zBuf, n, SQLITE_TRANSIENT);
   }
 }
 
@@ -24473,8 +24882,13 @@ static void strftimeFunc(
         break;
       }
       case 's': {
-        i64 iS = (i64)(x.iJD/1000 - 21086676*(i64)10000);
-        sqlite3_str_appendf(&sRes,"%lld",iS);
+        if( x.useSubsec ){
+          sqlite3_str_appendf(&sRes,"%.3f",
+                (x.iJD - 21086676*(i64)10000000)/1000.0);
+        }else{
+          i64 iS = (i64)(x.iJD/1000 - 21086676*(i64)10000);
+          sqlite3_str_appendf(&sRes,"%lld",iS);
+        }
         break;
       }
       case 'S': {
@@ -24728,9 +25142,11 @@ SQLITE_PRIVATE int sqlite3OsFileSize(sqlite3_file *id, i64 *pSize){
 }
 SQLITE_PRIVATE int sqlite3OsLock(sqlite3_file *id, int lockType){
   DO_OS_MALLOC_TEST(id);
+  assert( lockType>=SQLITE_LOCK_SHARED && lockType<=SQLITE_LOCK_EXCLUSIVE );
   return id->pMethods->xLock(id, lockType);
 }
 SQLITE_PRIVATE int sqlite3OsUnlock(sqlite3_file *id, int lockType){
+  assert( lockType==SQLITE_LOCK_NONE || lockType==SQLITE_LOCK_SHARED );
   return id->pMethods->xUnlock(id, lockType);
 }
 SQLITE_PRIVATE int sqlite3OsCheckReservedLock(sqlite3_file *id, int *pResOut){
@@ -24845,6 +25261,7 @@ SQLITE_PRIVATE int sqlite3OsOpen(
   ** down into the VFS layer.  Some SQLITE_OPEN_ flags (for example,
   ** SQLITE_OPEN_FULLMUTEX or SQLITE_OPEN_SHAREDCACHE) are blocked before
   ** reaching the VFS. */
+  assert( zPath || (flags & SQLITE_OPEN_EXCLUSIVE) );
   rc = pVfs->xOpen(pVfs, zPath, pFile, flags & 0x1087f7f, pFlagsOut);
   assert( rc==SQLITE_OK || pFile->pMethods==0 );
   return rc;
@@ -27160,9 +27577,13 @@ static int memsys5Roundup(int n){
     if( n<=mem5.szAtom ) return mem5.szAtom;
     return mem5.szAtom*2;
   }
-  if( n>0x40000000 ) return 0;
+  if( n>0x10000000 ){
+    if( n>0x40000000 ) return 0;
+    if( n>0x20000000 ) return 0x40000000;
+    return 0x20000000;
+  }
   for(iFullSz=mem5.szAtom*8; iFullSz=n ) return iFullSz/2;
+  if( (iFullSz/2)>=(i64)n ) return iFullSz/2;
   return iFullSz;
 }
 
@@ -29063,18 +29484,34 @@ static void mallocWithAlarm(int n, void **pp){
   *pp = p;
 }
 
+/*
+** Maximum size of any single memory allocation.
+**
+** This is not a limit on the total amount of memory used.  This is
+** a limit on the size parameter to sqlite3_malloc() and sqlite3_realloc().
+**
+** The upper bound is slightly less than 2GiB:  0x7ffffeff == 2,147,483,391
+** This provides a 256-byte safety margin for defense against 32-bit
+** signed integer overflow bugs when computing memory allocation sizes.
+** Paranoid applications might want to reduce the maximum allocation size
+** further for an even larger safety margin.  0x3fffffff or 0x0fffffff
+** or even smaller would be reasonable upper bounds on the size of a memory
+** allocations for most applications.
+*/
+#ifndef SQLITE_MAX_ALLOCATION_SIZE
+# define SQLITE_MAX_ALLOCATION_SIZE  2147483391
+#endif
+#if SQLITE_MAX_ALLOCATION_SIZE>2147483391
+# error Maximum size for SQLITE_MAX_ALLOCATION_SIZE is 2147483391
+#endif
+
 /*
 ** Allocate memory.  This routine is like sqlite3_malloc() except that it
 ** assumes the memory subsystem has already been initialized.
 */
 SQLITE_PRIVATE void *sqlite3Malloc(u64 n){
   void *p;
-  if( n==0 || n>=0x7fffff00 ){
-    /* A memory allocation of a number of bytes which is near the maximum
-    ** signed integer value might cause an integer overflow inside of the
-    ** xMalloc().  Hence we limit the maximum size to 0x7fffff00, giving
-    ** 255 bytes of overhead.  SQLite itself will never use anything near
-    ** this amount.  The only way to reach the limit is with sqlite3_malloc() */
+  if( n==0 || n>SQLITE_MAX_ALLOCATION_SIZE ){
     p = 0;
   }else if( sqlite3GlobalConfig.bMemstat ){
     sqlite3_mutex_enter(mem0.mutex);
@@ -29110,7 +29547,7 @@ SQLITE_API void *sqlite3_malloc64(sqlite3_uint64 n){
 */
 #ifndef SQLITE_OMIT_LOOKASIDE
 static int isLookaside(sqlite3 *db, const void *p){
-  return SQLITE_WITHIN(p, db->lookaside.pStart, db->lookaside.pEnd);
+  return SQLITE_WITHIN(p, db->lookaside.pStart, db->lookaside.pTrueEnd);
 }
 #else
 #define isLookaside(A,B) 0
@@ -29134,18 +29571,16 @@ static int lookasideMallocSize(sqlite3 *db, const void *p){
 SQLITE_PRIVATE int sqlite3DbMallocSize(sqlite3 *db, const void *p){
   assert( p!=0 );
 #ifdef SQLITE_DEBUG
-  if( db==0 || !isLookaside(db,p) ){
-    if( db==0 ){
-      assert( sqlite3MemdebugNoType(p, (u8)~MEMTYPE_HEAP) );
-      assert( sqlite3MemdebugHasType(p, MEMTYPE_HEAP) );
-    }else{
-      assert( sqlite3MemdebugHasType(p, (MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
-      assert( sqlite3MemdebugNoType(p, (u8)~(MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
-    }
+  if( db==0 ){
+    assert( sqlite3MemdebugNoType(p, (u8)~MEMTYPE_HEAP) );
+    assert( sqlite3MemdebugHasType(p, MEMTYPE_HEAP) );
+  }else if( !isLookaside(db,p) ){
+    assert( sqlite3MemdebugHasType(p, (MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
+    assert( sqlite3MemdebugNoType(p, (u8)~(MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
   }
 #endif
   if( db ){
-    if( ((uptr)p)<(uptr)(db->lookaside.pEnd) ){
+    if( ((uptr)p)<(uptr)(db->lookaside.pTrueEnd) ){
 #ifndef SQLITE_OMIT_TWOSIZE_LOOKASIDE
       if( ((uptr)p)>=(uptr)(db->lookaside.pMiddle) ){
         assert( sqlite3_mutex_held(db->mutex) );
@@ -29201,14 +29636,11 @@ SQLITE_PRIVATE void sqlite3DbFreeNN(sqlite3 *db, void *p){
   assert( db==0 || sqlite3_mutex_held(db->mutex) );
   assert( p!=0 );
   if( db ){
-    if( db->pnBytesFreed ){
-      measureAllocationSize(db, p);
-      return;
-    }
     if( ((uptr)p)<(uptr)(db->lookaside.pEnd) ){
 #ifndef SQLITE_OMIT_TWOSIZE_LOOKASIDE
       if( ((uptr)p)>=(uptr)(db->lookaside.pMiddle) ){
         LookasideSlot *pBuf = (LookasideSlot*)p;
+        assert( db->pnBytesFreed==0 );
 #ifdef SQLITE_DEBUG
         memset(p, 0xaa, LOOKASIDE_SMALL);  /* Trash freed content */
 #endif
@@ -29219,6 +29651,7 @@ SQLITE_PRIVATE void sqlite3DbFreeNN(sqlite3 *db, void *p){
 #endif /* SQLITE_OMIT_TWOSIZE_LOOKASIDE */
       if( ((uptr)p)>=(uptr)(db->lookaside.pStart) ){
         LookasideSlot *pBuf = (LookasideSlot*)p;
+        assert( db->pnBytesFreed==0 );
 #ifdef SQLITE_DEBUG
         memset(p, 0xaa, db->lookaside.szTrue);  /* Trash freed content */
 #endif
@@ -29227,6 +29660,10 @@ SQLITE_PRIVATE void sqlite3DbFreeNN(sqlite3 *db, void *p){
         return;
       }
     }
+    if( db->pnBytesFreed ){
+      measureAllocationSize(db, p);
+      return;
+    }
   }
   assert( sqlite3MemdebugHasType(p, (MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
   assert( sqlite3MemdebugNoType(p, (u8)~(MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
@@ -29234,6 +29671,43 @@ SQLITE_PRIVATE void sqlite3DbFreeNN(sqlite3 *db, void *p){
   sqlite3MemdebugSetType(p, MEMTYPE_HEAP);
   sqlite3_free(p);
 }
+SQLITE_PRIVATE void sqlite3DbNNFreeNN(sqlite3 *db, void *p){
+  assert( db!=0 );
+  assert( sqlite3_mutex_held(db->mutex) );
+  assert( p!=0 );
+  if( ((uptr)p)<(uptr)(db->lookaside.pEnd) ){
+#ifndef SQLITE_OMIT_TWOSIZE_LOOKASIDE
+    if( ((uptr)p)>=(uptr)(db->lookaside.pMiddle) ){
+      LookasideSlot *pBuf = (LookasideSlot*)p;
+      assert( db->pnBytesFreed==0 );
+#ifdef SQLITE_DEBUG
+      memset(p, 0xaa, LOOKASIDE_SMALL);  /* Trash freed content */
+#endif
+      pBuf->pNext = db->lookaside.pSmallFree;
+      db->lookaside.pSmallFree = pBuf;
+      return;
+    }
+#endif /* SQLITE_OMIT_TWOSIZE_LOOKASIDE */
+    if( ((uptr)p)>=(uptr)(db->lookaside.pStart) ){
+      LookasideSlot *pBuf = (LookasideSlot*)p;
+      assert( db->pnBytesFreed==0 );
+#ifdef SQLITE_DEBUG
+      memset(p, 0xaa, db->lookaside.szTrue);  /* Trash freed content */
+#endif
+      pBuf->pNext = db->lookaside.pFree;
+      db->lookaside.pFree = pBuf;
+      return;
+    }
+  }
+  if( db->pnBytesFreed ){
+    measureAllocationSize(db, p);
+    return;
+  }
+  assert( sqlite3MemdebugHasType(p, (MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
+  assert( sqlite3MemdebugNoType(p, (u8)~(MEMTYPE_LOOKASIDE|MEMTYPE_HEAP)) );
+  sqlite3MemdebugSetType(p, MEMTYPE_HEAP);
+  sqlite3_free(p);
+}
 SQLITE_PRIVATE void sqlite3DbFree(sqlite3 *db, void *p){
   assert( db==0 || sqlite3_mutex_held(db->mutex) );
   if( p ) sqlite3DbFreeNN(db, p);
@@ -29533,9 +30007,14 @@ SQLITE_PRIVATE char *sqlite3DbStrNDup(sqlite3 *db, const char *z, u64 n){
 */
 SQLITE_PRIVATE char *sqlite3DbSpanDup(sqlite3 *db, const char *zStart, const char *zEnd){
   int n;
+#ifdef SQLITE_DEBUG
+  /* Because of the way the parser works, the span is guaranteed to contain
+  ** at least one non-space character */
+  for(n=0; sqlite3Isspace(zStart[n]); n++){ assert( &zStart[n]0) && sqlite3Isspace(zStart[n-1]) ) n--;
+  while( sqlite3Isspace(zStart[n-1]) ) n--;
   return sqlite3DbStrNDup(db, zStart, n);
 }
 
@@ -29780,6 +30259,20 @@ static char et_getdigit(LONGDOUBLE_TYPE *val, int *cnt){
 }
 #endif /* SQLITE_OMIT_FLOATING_POINT */
 
+#ifndef SQLITE_OMIT_FLOATING_POINT
+/*
+** "*val" is a u64.  *msd is a divisor used to extract the
+** most significant digit of *val.  Extract that most significant
+** digit and return it.
+*/
+static char et_getdigit_int(u64 *val, u64 *msd){
+  u64 x = (*val)/(*msd);
+  *val -= x*(*msd);
+  if( *msd>=10 ) *msd /= 10;
+  return '0' + (char)(x & 15);
+}
+#endif /* SQLITE_OMIT_FLOATING_POINT */
+
 /*
 ** Set the StrAccum object to an error mode.
 */
@@ -29872,6 +30365,8 @@ SQLITE_API void sqlite3_str_vappendf(
   char prefix;               /* Prefix character.  "+" or "-" or " " or '\0'. */
   sqlite_uint64 longvalue;   /* Value for integer types */
   LONGDOUBLE_TYPE realvalue; /* Value for real types */
+  sqlite_uint64 msd;         /* Divisor to get most-significant-digit
+                             ** of longvalue */
   const et_info *infop;      /* Pointer to the appropriate info structure */
   char *zOut;                /* Rendering buffer */
   int nOut;                  /* Size of the rendering buffer */
@@ -30178,52 +30673,78 @@ SQLITE_API void sqlite3_str_vappendf(
         }else{
           prefix = flag_prefix;
         }
+        exp = 0;
         if( xtype==etGENERIC && precision>0 ) precision--;
         testcase( precision>0xfff );
-        idx = precision & 0xfff;
-        rounder = arRound[idx%10];
-        while( idx>=10 ){ rounder *= 1.0e-10; idx -= 10; }
-        if( xtype==etFLOAT ){
-          double rx = (double)realvalue;
-          sqlite3_uint64 u;
-          int ex;
-          memcpy(&u, &rx, sizeof(u));
-          ex = -1023 + (int)((u>>52)&0x7ff);
-          if( precision+(ex/3) < 15 ) rounder += realvalue*3e-16;
-          realvalue += rounder;
-        }
-        /* Normalize realvalue to within 10.0 > realvalue >= 1.0 */
-        exp = 0;
-        if( sqlite3IsNaN((double)realvalue) ){
-          bufpt = "NaN";
-          length = 3;
-          break;
-        }
-        if( realvalue>0.0 ){
-          LONGDOUBLE_TYPE scale = 1.0;
-          while( realvalue>=1e100*scale && exp<=350 ){ scale *= 1e100;exp+=100;}
-          while( realvalue>=1e10*scale && exp<=350 ){ scale *= 1e10; exp+=10; }
-          while( realvalue>=10.0*scale && exp<=350 ){ scale *= 10.0; exp++; }
-          realvalue /= scale;
-          while( realvalue<1e-8 ){ realvalue *= 1e8; exp-=8; }
-          while( realvalue<1.0 ){ realvalue *= 10.0; exp--; }
-          if( exp>350 ){
-            bufpt = buf;
-            buf[0] = prefix;
-            memcpy(buf+(prefix!=0),"Inf",4);
-            length = 3+(prefix!=0);
+        if( realvalue<1.0e+16
+         && realvalue==(LONGDOUBLE_TYPE)(longvalue = (u64)realvalue)
+        ){
+          /* Number is a pure integer that can be represented as u64 */
+          for(msd=1; msd*10<=longvalue; msd *= 10, exp++){}
+          if( exp>precision && xtype!=etFLOAT ){
+            u64 rnd = msd/2;
+            int kk = precision;
+            while( kk-- > 0 ){  rnd /= 10; }
+            longvalue += rnd;
+          }
+        }else{
+          msd = 0;
+          longvalue = 0;  /* To prevent a compiler warning */
+          idx = precision & 0xfff;
+          rounder = arRound[idx%10];
+          while( idx>=10 ){ rounder *= 1.0e-10; idx -= 10; }
+          if( xtype==etFLOAT ){
+            double rx = (double)realvalue;
+            sqlite3_uint64 u;
+            int ex;
+            memcpy(&u, &rx, sizeof(u));
+            ex = -1023 + (int)((u>>52)&0x7ff);
+            if( precision+(ex/3) < 15 ) rounder += realvalue*3e-16;
+            realvalue += rounder;
+          }
+          if( sqlite3IsNaN((double)realvalue) ){
+            if( flag_zeropad ){
+              bufpt = "null";
+              length = 4;
+            }else{
+              bufpt = "NaN";
+              length = 3;
+            }
             break;
           }
+
+          /* Normalize realvalue to within 10.0 > realvalue >= 1.0 */
+          if( ALWAYS(realvalue>0.0) ){
+            LONGDOUBLE_TYPE scale = 1.0;
+            while( realvalue>=1e100*scale && exp<=350){ scale*=1e100;exp+=100;}
+            while( realvalue>=1e10*scale && exp<=350 ){ scale*=1e10; exp+=10; }
+            while( realvalue>=10.0*scale && exp<=350 ){ scale *= 10.0; exp++; }
+            realvalue /= scale;
+            while( realvalue<1e-8 ){ realvalue *= 1e8; exp-=8; }
+            while( realvalue<1.0 ){ realvalue *= 10.0; exp--; }
+            if( exp>350 ){
+              if( flag_zeropad ){
+                realvalue = 9.0;
+                exp = 999;
+              }else{
+                bufpt = buf;
+                buf[0] = prefix;
+                memcpy(buf+(prefix!=0),"Inf",4);
+                length = 3+(prefix!=0);
+                break;
+              }
+            }
+            if( xtype!=etFLOAT ){
+              realvalue += rounder;
+              if( realvalue>=10.0 ){ realvalue *= 0.1; exp++; }
+            }
+          }
         }
-        bufpt = buf;
+
         /*
         ** If the field type is etGENERIC, then convert to either etEXP
         ** or etFLOAT, as appropriate.
         */
-        if( xtype!=etFLOAT ){
-          realvalue += rounder;
-          if( realvalue>=10.0 ){ realvalue *= 0.1; exp++; }
-        }
         if( xtype==etGENERIC ){
           flag_rtz = !flag_alternateform;
           if( exp<-4 || exp>precision ){
@@ -30240,16 +30761,18 @@ SQLITE_API void sqlite3_str_vappendf(
         }else{
           e2 = exp;
         }
+        nsd = 16 + flag_altform2*10;
+        bufpt = buf;
         {
           i64 szBufNeeded;           /* Size of a temporary buffer needed */
           szBufNeeded = MAX(e2,0)+(i64)precision+(i64)width+15;
+          if( cThousand && e2>0 ) szBufNeeded += (e2+2)/3;
           if( szBufNeeded > etBUFSIZE ){
             bufpt = zExtra = printfTempBuf(pAccum, szBufNeeded);
             if( bufpt==0 ) return;
           }
         }
         zOut = bufpt;
-        nsd = 16 + flag_altform2*10;
         flag_dp = (precision>0 ?1:0) | flag_alternateform | flag_altform2;
         /* The sign in front of the number */
         if( prefix ){
@@ -30258,9 +30781,15 @@ SQLITE_API void sqlite3_str_vappendf(
         /* Digits prior to the decimal point */
         if( e2<0 ){
           *(bufpt++) = '0';
+        }else if( msd>0 ){
+          for(; e2>=0; e2--){
+            *(bufpt++) = et_getdigit_int(&longvalue,&msd);
+            if( cThousand && (e2%3)==0 && e2>1 ) *(bufpt++) = ',';
+          }
         }else{
           for(; e2>=0; e2--){
             *(bufpt++) = et_getdigit(&realvalue,&nsd);
+            if( cThousand && (e2%3)==0 && e2>1 ) *(bufpt++) = ',';
           }
         }
         /* The decimal point */
@@ -30274,8 +30803,14 @@ SQLITE_API void sqlite3_str_vappendf(
           *(bufpt++) = '0';
         }
         /* Significant digits after the decimal point */
-        while( (precision--)>0 ){
-          *(bufpt++) = et_getdigit(&realvalue,&nsd);
+        if( msd>0 ){
+          while( (precision--)>0 ){
+            *(bufpt++) = et_getdigit_int(&longvalue,&msd);
+          }
+        }else{
+          while( (precision--)>0 ){
+            *(bufpt++) = et_getdigit(&realvalue,&nsd);
+          }
         }
         /* Remove trailing zeros and the "." if no digits follow the "." */
         if( flag_rtz && flag_dp ){
@@ -30374,13 +30909,26 @@ SQLITE_API void sqlite3_str_vappendf(
           }
         }
         if( precision>1 ){
+          i64 nPrior = 1;
           width -= precision-1;
           if( width>1 && !flag_leftjustify ){
             sqlite3_str_appendchar(pAccum, width-1, ' ');
             width = 0;
           }
-          while( precision-- > 1 ){
-            sqlite3_str_append(pAccum, buf, length);
+          sqlite3_str_append(pAccum, buf, length);
+          precision--;
+          while( precision > 1 ){
+            i64 nCopyBytes;
+            if( nPrior > precision-1 ) nPrior = precision - 1;
+            nCopyBytes = length*nPrior;
+            if( nCopyBytes + pAccum->nChar >= pAccum->nAlloc ){
+              sqlite3StrAccumEnlarge(pAccum, nCopyBytes);
+            }
+            if( pAccum->accError ) break;
+            sqlite3_str_append(pAccum,
+                 &pAccum->zText[pAccum->nChar-nCopyBytes], nCopyBytes);
+            precision -= nPrior;
+            nPrior *= 2;
           }
         }
         bufpt = buf;
@@ -30608,9 +31156,9 @@ SQLITE_PRIVATE void sqlite3RecordErrorOffsetOfExpr(sqlite3 *db, const Expr *pExp
 ** Return the number of bytes of text that StrAccum is able to accept
 ** after the attempted enlargement.  The value returned might be zero.
 */
-SQLITE_PRIVATE int sqlite3StrAccumEnlarge(StrAccum *p, int N){
+SQLITE_PRIVATE int sqlite3StrAccumEnlarge(StrAccum *p, i64 N){
   char *zNew;
-  assert( p->nChar+(i64)N >= p->nAlloc ); /* Only called if really needed */
+  assert( p->nChar+N >= p->nAlloc ); /* Only called if really needed */
   if( p->accError ){
     testcase(p->accError==SQLITE_TOOBIG);
     testcase(p->accError==SQLITE_NOMEM);
@@ -30621,8 +31169,7 @@ SQLITE_PRIVATE int sqlite3StrAccumEnlarge(StrAccum *p, int N){
     return p->nAlloc - p->nChar - 1;
   }else{
     char *zOld = isMalloced(p) ? p->zText : 0;
-    i64 szNew = p->nChar;
-    szNew += (sqlite3_int64)N + 1;
+    i64 szNew = p->nChar + N + 1;
     if( szNew+p->nChar<=p->mxAlloc ){
       /* Force exponential buffer size growth as long as it does not overflow,
       ** to avoid having to call this routine too often */
@@ -30652,7 +31199,8 @@ SQLITE_PRIVATE int sqlite3StrAccumEnlarge(StrAccum *p, int N){
       return 0;
     }
   }
-  return N;
+  assert( N>=0 && N<=0x7fffffff );
+  return (int)N;
 }
 
 /*
@@ -30943,12 +31491,22 @@ SQLITE_API char *sqlite3_vsnprintf(int n, char *zBuf, const char *zFormat, va_li
   return zBuf;
 }
 SQLITE_API char *sqlite3_snprintf(int n, char *zBuf, const char *zFormat, ...){
-  char *z;
+  StrAccum acc;
   va_list ap;
+  if( n<=0 ) return zBuf;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( zBuf==0 || zFormat==0 ) {
+    (void)SQLITE_MISUSE_BKPT;
+    if( zBuf ) zBuf[0] = 0;
+    return zBuf;
+  }
+#endif
+  sqlite3StrAccumInit(&acc, 0, zBuf, n, 0);
   va_start(ap,zFormat);
-  z = sqlite3_vsnprintf(n, zBuf, zFormat, ap);
+  sqlite3_str_vappendf(&acc, zFormat, ap);
   va_end(ap);
-  return z;
+  zBuf[acc.nChar] = 0;
+  return zBuf;
 }
 
 /*
@@ -31248,6 +31806,13 @@ SQLITE_PRIVATE void sqlite3TreeViewSrcList(TreeView *pView, const SrcList *pSrc)
     if( pItem->fg.isOn || (pItem->fg.isUsing==0 && pItem->u3.pOn!=0) ){
       sqlite3_str_appendf(&x, " ON");
     }
+    if( pItem->fg.isTabFunc )      sqlite3_str_appendf(&x, " isTabFunc");
+    if( pItem->fg.isCorrelated )   sqlite3_str_appendf(&x, " isCorrelated");
+    if( pItem->fg.isMaterialized ) sqlite3_str_appendf(&x, " isMaterialized");
+    if( pItem->fg.viaCoroutine )   sqlite3_str_appendf(&x, " viaCoroutine");
+    if( pItem->fg.notCte )         sqlite3_str_appendf(&x, " notCte");
+    if( pItem->fg.isNestedFrom )   sqlite3_str_appendf(&x, " isNestedFrom");
+
     sqlite3StrAccumFinish(&x);
     sqlite3TreeViewItem(pView, zLine, inSrc-1);
     n = 0;
@@ -31517,7 +32082,7 @@ SQLITE_PRIVATE void sqlite3TreeViewExpr(TreeView *pView, const Expr *pExpr, u8 m
     sqlite3TreeViewPop(&pView);
     return;
   }
-  if( pExpr->flags || pExpr->affExpr || pExpr->vvaFlags ){
+  if( pExpr->flags || pExpr->affExpr || pExpr->vvaFlags || pExpr->pAggInfo ){
     StrAccum x;
     sqlite3StrAccumInit(&x, 0, zFlgs, sizeof(zFlgs), 0);
     sqlite3_str_appendf(&x, " fg.af=%x.%c",
@@ -31534,6 +32099,9 @@ SQLITE_PRIVATE void sqlite3TreeViewExpr(TreeView *pView, const Expr *pExpr, u8 m
     if( ExprHasVVAProperty(pExpr, EP_Immutable) ){
       sqlite3_str_appendf(&x, " IMMUTABLE");
     }
+    if( pExpr->pAggInfo!=0 ){
+      sqlite3_str_appendf(&x, " agg-column[%d]", pExpr->iAgg);
+    }
     sqlite3StrAccumFinish(&x);
   }else{
     zFlgs[0] = 0;
@@ -32345,16 +32913,41 @@ SQLITE_PRIVATE void sqlite3ShowWinFunc(const Window *p){ sqlite3TreeViewWinFunc(
 ** This structure is the current state of the generator.
 */
 static SQLITE_WSD struct sqlite3PrngType {
-  unsigned char isInit;          /* True if initialized */
-  unsigned char i, j;            /* State variables */
-  unsigned char s[256];          /* State variables */
+  u32 s[16];                 /* 64 bytes of chacha20 state */
+  u8 out[64];                /* Output bytes */
+  u8 n;                      /* Output bytes remaining */
 } sqlite3Prng;
 
+
+/* The RFC-7539 ChaCha20 block function
+*/
+#define ROTL(a,b) (((a) << (b)) | ((a) >> (32 - (b))))
+#define QR(a, b, c, d) ( \
+    a += b, d ^= a, d = ROTL(d,16), \
+    c += d, b ^= c, b = ROTL(b,12), \
+    a += b, d ^= a, d = ROTL(d, 8), \
+    c += d, b ^= c, b = ROTL(b, 7))
+static void chacha_block(u32 *out, const u32 *in){
+  int i;
+  u32 x[16];
+  memcpy(x, in, 64);
+  for(i=0; i<10; i++){
+    QR(x[0], x[4], x[ 8], x[12]);
+    QR(x[1], x[5], x[ 9], x[13]);
+    QR(x[2], x[6], x[10], x[14]);
+    QR(x[3], x[7], x[11], x[15]);
+    QR(x[0], x[5], x[10], x[15]);
+    QR(x[1], x[6], x[11], x[12]);
+    QR(x[2], x[7], x[ 8], x[13]);
+    QR(x[3], x[4], x[ 9], x[14]);
+  }
+  for(i=0; i<16; i++) out[i] = x[i]+in[i];
+}
+
 /*
 ** Return N random bytes.
 */
 SQLITE_API void sqlite3_randomness(int N, void *pBuf){
-  unsigned char t;
   unsigned char *zBuf = pBuf;
 
   /* The "wsdPrng" macro will resolve to the pseudo-random number generator
@@ -32384,53 +32977,46 @@ SQLITE_API void sqlite3_randomness(int N, void *pBuf){
 
   sqlite3_mutex_enter(mutex);
   if( N<=0 || pBuf==0 ){
-    wsdPrng.isInit = 0;
+    wsdPrng.s[0] = 0;
     sqlite3_mutex_leave(mutex);
     return;
   }
 
   /* Initialize the state of the random number generator once,
-  ** the first time this routine is called.  The seed value does
-  ** not need to contain a lot of randomness since we are not
-  ** trying to do secure encryption or anything like that...
-  **
-  ** Nothing in this file or anywhere else in SQLite does any kind of
-  ** encryption.  The RC4 algorithm is being used as a PRNG (pseudo-random
-  ** number generator) not as an encryption device.
+  ** the first time this routine is called.
   */
-  if( !wsdPrng.isInit ){
+  if( wsdPrng.s[0]==0 ){
     sqlite3_vfs *pVfs = sqlite3_vfs_find(0);
-    int i;
-    char k[256];
-    wsdPrng.j = 0;
-    wsdPrng.i = 0;
+    static const u32 chacha20_init[] = {
+      0x61707865, 0x3320646e, 0x79622d32, 0x6b206574
+    };
+    memcpy(&wsdPrng.s[0], chacha20_init, 16);
     if( NEVER(pVfs==0) ){
-      memset(k, 0, sizeof(k));
+      memset(&wsdPrng.s[4], 0, 44);
     }else{
-      sqlite3OsRandomness(pVfs, 256, k);
-    }
-    for(i=0; i<256; i++){
-      wsdPrng.s[i] = (u8)i;
-    }
-    for(i=0; i<256; i++){
-      wsdPrng.j += wsdPrng.s[i] + k[i];
-      t = wsdPrng.s[wsdPrng.j];
-      wsdPrng.s[wsdPrng.j] = wsdPrng.s[i];
-      wsdPrng.s[i] = t;
+      sqlite3OsRandomness(pVfs, 44, (char*)&wsdPrng.s[4]);
     }
-    wsdPrng.isInit = 1;
+    wsdPrng.s[15] = wsdPrng.s[12];
+    wsdPrng.s[12] = 0;
+    wsdPrng.n = 0;
   }
 
   assert( N>0 );
-  do{
-    wsdPrng.i++;
-    t = wsdPrng.s[wsdPrng.i];
-    wsdPrng.j += t;
-    wsdPrng.s[wsdPrng.i] = wsdPrng.s[wsdPrng.j];
-    wsdPrng.s[wsdPrng.j] = t;
-    t += wsdPrng.s[wsdPrng.i];
-    *(zBuf++) = wsdPrng.s[t];
-  }while( --N );
+  while( 1 /* exit by break */ ){
+    if( N<=wsdPrng.n ){
+      memcpy(zBuf, &wsdPrng.out[wsdPrng.n-N], N);
+      wsdPrng.n -= N;
+      break;
+    }
+    if( wsdPrng.n>0 ){
+      memcpy(zBuf, wsdPrng.out, wsdPrng.n);
+      N -= wsdPrng.n;
+      zBuf += wsdPrng.n;
+    }
+    wsdPrng.s[12]++;
+    chacha_block((u32*)wsdPrng.out, wsdPrng.s);
+    wsdPrng.n = 64;
+  }
   sqlite3_mutex_leave(mutex);
 }
 
@@ -33455,6 +34041,26 @@ SQLITE_PRIVATE void sqlite3ErrorWithMsg(sqlite3 *db, int err_code, const char *z
   }
 }
 
+/*
+** Check for interrupts and invoke progress callback.
+*/
+SQLITE_PRIVATE void sqlite3ProgressCheck(Parse *p){
+  sqlite3 *db = p->db;
+  if( AtomicLoad(&db->u1.isInterrupted) ){
+    p->nErr++;
+    p->rc = SQLITE_INTERRUPT;
+  }
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+  if( db->xProgress && (++p->nProgressSteps)>=db->nProgressOps ){
+    if( db->xProgress(db->pProgressArg) ){
+      p->nErr++;
+      p->rc = SQLITE_INTERRUPT;
+    }
+    p->nProgressSteps = 0;
+  }
+#endif
+}
+
 /*
 ** Add an error message to pParse->zErrMsg and increment pParse->nErr.
 **
@@ -33912,11 +34518,14 @@ SQLITE_PRIVATE int sqlite3AtoF(const char *z, double *pResult, int length, u8 en
 #endif
 
 /*
-** Render an signed 64-bit integer as text.  Store the result in zOut[].
+** Render an signed 64-bit integer as text.  Store the result in zOut[] and
+** return the length of the string that was stored, in bytes.  The value
+** returned does not include the zero terminator at the end of the output
+** string.
 **
 ** The caller must ensure that zOut[] is at least 21 bytes in size.
 */
-SQLITE_PRIVATE void sqlite3Int64ToText(i64 v, char *zOut){
+SQLITE_PRIVATE int sqlite3Int64ToText(i64 v, char *zOut){
   int i;
   u64 x;
   char zTemp[22];
@@ -33927,12 +34536,15 @@ SQLITE_PRIVATE void sqlite3Int64ToText(i64 v, char *zOut){
   }
   i = sizeof(zTemp)-2;
   zTemp[sizeof(zTemp)-1] = 0;
-  do{
-    zTemp[i--] = (x%10) + '0';
+  while( 1 /*exit-by-break*/ ){
+    zTemp[i] = (x%10) + '0';
     x = x/10;
-  }while( x );
-  if( v<0 ) zTemp[i--] = '-';
-  memcpy(zOut, &zTemp[i+1], sizeof(zTemp)-1-i);
+    if( x==0 ) break;
+    i--;
+  };
+  if( v<0 ) zTemp[--i] = '-';
+  memcpy(zOut, &zTemp[i], sizeof(zTemp)-i);
+  return sizeof(zTemp)-1-i;
 }
 
 /*
@@ -34097,7 +34709,9 @@ SQLITE_PRIVATE int sqlite3DecOrHexToI64(const char *z, i64 *pOut){
       u = u*16 + sqlite3HexToInt(z[k]);
     }
     memcpy(pOut, &u, 8);
-    return (z[k]==0 && k-i<=16) ? 0 : 2;
+    if( k-i>16 ) return 2;
+    if( z[k]!=0 ) return 1;
+    return 0;
   }else
 #endif /* SQLITE_OMIT_HEX_INTEGER */
   {
@@ -34133,7 +34747,7 @@ SQLITE_PRIVATE int sqlite3GetInt32(const char *zNum, int *pValue){
     u32 u = 0;
     zNum += 2;
     while( zNum[0]=='0' ) zNum++;
-    for(i=0; sqlite3Isxdigit(zNum[i]) && i<8; i++){
+    for(i=0; i<8 && sqlite3Isxdigit(zNum[i]); i++){
       u = u*16 + sqlite3HexToInt(zNum[i]);
     }
     if( (u&0x80000000)==0 && sqlite3Isxdigit(zNum[i])==0 ){
@@ -34994,6 +35608,104 @@ SQLITE_PRIVATE int sqlite3VListNameToNum(VList *pIn, const char *zName, int nNam
   return 0;
 }
 
+/*
+** High-resolution hardware timer used for debugging and testing only.
+*/
+#if defined(VDBE_PROFILE)  \
+ || defined(SQLITE_PERFORMANCE_TRACE) \
+ || defined(SQLITE_ENABLE_STMT_SCANSTATUS)
+/************** Include hwtime.h in the middle of util.c *********************/
+/************** Begin file hwtime.h ******************************************/
+/*
+** 2008 May 27
+**
+** The author disclaims copyright to this source code.  In place of
+** a legal notice, here is a blessing:
+**
+**    May you do good and not evil.
+**    May you find forgiveness for yourself and forgive others.
+**    May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains inline asm code for retrieving "high-performance"
+** counters for x86 and x86_64 class CPUs.
+*/
+#ifndef SQLITE_HWTIME_H
+#define SQLITE_HWTIME_H
+
+/*
+** The following routine only works on pentium-class (or newer) processors.
+** It uses the RDTSC opcode to read the cycle count value out of the
+** processor and returns that value.  This can be used for high-res
+** profiling.
+*/
+#if !defined(__STRICT_ANSI__) && \
+    (defined(__GNUC__) || defined(_MSC_VER)) && \
+    (defined(i386) || defined(__i386__) || defined(_M_IX86))
+
+  #if defined(__GNUC__)
+
+  __inline__ sqlite_uint64 sqlite3Hwtime(void){
+     unsigned int lo, hi;
+     __asm__ __volatile__ ("rdtsc" : "=a" (lo), "=d" (hi));
+     return (sqlite_uint64)hi << 32 | lo;
+  }
+
+  #elif defined(_MSC_VER)
+
+  __declspec(naked) __inline sqlite_uint64 __cdecl sqlite3Hwtime(void){
+     __asm {
+        rdtsc
+        ret       ; return value at EDX:EAX
+     }
+  }
+
+  #endif
+
+#elif !defined(__STRICT_ANSI__) && (defined(__GNUC__) && defined(__x86_64__))
+
+  __inline__ sqlite_uint64 sqlite3Hwtime(void){
+     unsigned int lo, hi;
+     __asm__ __volatile__ ("rdtsc" : "=a" (lo), "=d" (hi));
+     return (sqlite_uint64)hi << 32 | lo;
+  }
+
+#elif !defined(__STRICT_ANSI__) && (defined(__GNUC__) && defined(__ppc__))
+
+  __inline__ sqlite_uint64 sqlite3Hwtime(void){
+      unsigned long long retval;
+      unsigned long junk;
+      __asm__ __volatile__ ("\n\
+          1:      mftbu   %1\n\
+                  mftb    %L0\n\
+                  mftbu   %0\n\
+                  cmpw    %0,%1\n\
+                  bne     1b"
+                  : "=r" (retval), "=r" (junk));
+      return retval;
+  }
+
+#else
+
+  /*
+  ** asm() is needed for hardware timing support.  Without asm(),
+  ** disable the sqlite3Hwtime() routine.
+  **
+  ** sqlite3Hwtime() is only used for some obscure debugging
+  ** and analysis configurations, not in any deliverable, so this
+  ** should not be a great loss.
+  */
+SQLITE_PRIVATE   sqlite_uint64 sqlite3Hwtime(void){ return ((sqlite_uint64)0); }
+
+#endif
+
+#endif /* !defined(SQLITE_HWTIME_H) */
+
+/************** End of hwtime.h **********************************************/
+/************** Continuing where we left off in util.c ***********************/
+#endif
+
 /************** End of util.c ************************************************/
 /************** Begin file hash.c ********************************************/
 /*
@@ -35164,12 +35876,13 @@ static HashElem *findElementWithHash(
     count = pH->count;
   }
   if( pHash ) *pHash = h;
-  while( count-- ){
+  while( count ){
     assert( elem!=0 );
     if( sqlite3StrICmp(elem->pKey,pKey)==0 ){
       return elem;
     }
     elem = elem->next;
+    count--;
   }
   return &nullElement;
 }
@@ -35288,48 +36001,48 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
     /*   5 */ "Vacuum"           OpHelp(""),
     /*   6 */ "VFilter"          OpHelp("iplan=r[P3] zplan='P4'"),
     /*   7 */ "VUpdate"          OpHelp("data=r[P3@P2]"),
-    /*   8 */ "Goto"             OpHelp(""),
-    /*   9 */ "Gosub"            OpHelp(""),
-    /*  10 */ "InitCoroutine"    OpHelp(""),
-    /*  11 */ "Yield"            OpHelp(""),
-    /*  12 */ "MustBeInt"        OpHelp(""),
-    /*  13 */ "Jump"             OpHelp(""),
-    /*  14 */ "Once"             OpHelp(""),
-    /*  15 */ "If"               OpHelp(""),
-    /*  16 */ "IfNot"            OpHelp(""),
-    /*  17 */ "IsNullOrType"     OpHelp("if typeof(r[P1]) IN (P3,5) goto P2"),
-    /*  18 */ "IfNullRow"        OpHelp("if P1.nullRow then r[P3]=NULL, goto P2"),
+    /*   8 */ "Init"             OpHelp("Start at P2"),
+    /*   9 */ "Goto"             OpHelp(""),
+    /*  10 */ "Gosub"            OpHelp(""),
+    /*  11 */ "InitCoroutine"    OpHelp(""),
+    /*  12 */ "Yield"            OpHelp(""),
+    /*  13 */ "MustBeInt"        OpHelp(""),
+    /*  14 */ "Jump"             OpHelp(""),
+    /*  15 */ "Once"             OpHelp(""),
+    /*  16 */ "If"               OpHelp(""),
+    /*  17 */ "IfNot"            OpHelp(""),
+    /*  18 */ "IsType"           OpHelp("if typeof(P1.P3) in P5 goto P2"),
     /*  19 */ "Not"              OpHelp("r[P2]= !r[P1]"),
-    /*  20 */ "SeekLT"           OpHelp("key=r[P3@P4]"),
-    /*  21 */ "SeekLE"           OpHelp("key=r[P3@P4]"),
-    /*  22 */ "SeekGE"           OpHelp("key=r[P3@P4]"),
-    /*  23 */ "SeekGT"           OpHelp("key=r[P3@P4]"),
-    /*  24 */ "IfNotOpen"        OpHelp("if( !csr[P1] ) goto P2"),
-    /*  25 */ "IfNoHope"         OpHelp("key=r[P3@P4]"),
-    /*  26 */ "NoConflict"       OpHelp("key=r[P3@P4]"),
-    /*  27 */ "NotFound"         OpHelp("key=r[P3@P4]"),
-    /*  28 */ "Found"            OpHelp("key=r[P3@P4]"),
-    /*  29 */ "SeekRowid"        OpHelp("intkey=r[P3]"),
-    /*  30 */ "NotExists"        OpHelp("intkey=r[P3]"),
-    /*  31 */ "Last"             OpHelp(""),
-    /*  32 */ "IfSmaller"        OpHelp(""),
-    /*  33 */ "SorterSort"       OpHelp(""),
-    /*  34 */ "Sort"             OpHelp(""),
-    /*  35 */ "Rewind"           OpHelp(""),
-    /*  36 */ "SorterNext"       OpHelp(""),
-    /*  37 */ "Prev"             OpHelp(""),
-    /*  38 */ "Next"             OpHelp(""),
-    /*  39 */ "IdxLE"            OpHelp("key=r[P3@P4]"),
-    /*  40 */ "IdxGT"            OpHelp("key=r[P3@P4]"),
-    /*  41 */ "IdxLT"            OpHelp("key=r[P3@P4]"),
-    /*  42 */ "IdxGE"            OpHelp("key=r[P3@P4]"),
+    /*  20 */ "IfNullRow"        OpHelp("if P1.nullRow then r[P3]=NULL, goto P2"),
+    /*  21 */ "SeekLT"           OpHelp("key=r[P3@P4]"),
+    /*  22 */ "SeekLE"           OpHelp("key=r[P3@P4]"),
+    /*  23 */ "SeekGE"           OpHelp("key=r[P3@P4]"),
+    /*  24 */ "SeekGT"           OpHelp("key=r[P3@P4]"),
+    /*  25 */ "IfNotOpen"        OpHelp("if( !csr[P1] ) goto P2"),
+    /*  26 */ "IfNoHope"         OpHelp("key=r[P3@P4]"),
+    /*  27 */ "NoConflict"       OpHelp("key=r[P3@P4]"),
+    /*  28 */ "NotFound"         OpHelp("key=r[P3@P4]"),
+    /*  29 */ "Found"            OpHelp("key=r[P3@P4]"),
+    /*  30 */ "SeekRowid"        OpHelp("intkey=r[P3]"),
+    /*  31 */ "NotExists"        OpHelp("intkey=r[P3]"),
+    /*  32 */ "Last"             OpHelp(""),
+    /*  33 */ "IfSmaller"        OpHelp(""),
+    /*  34 */ "SorterSort"       OpHelp(""),
+    /*  35 */ "Sort"             OpHelp(""),
+    /*  36 */ "Rewind"           OpHelp(""),
+    /*  37 */ "SorterNext"       OpHelp(""),
+    /*  38 */ "Prev"             OpHelp(""),
+    /*  39 */ "Next"             OpHelp(""),
+    /*  40 */ "IdxLE"            OpHelp("key=r[P3@P4]"),
+    /*  41 */ "IdxGT"            OpHelp("key=r[P3@P4]"),
+    /*  42 */ "IdxLT"            OpHelp("key=r[P3@P4]"),
     /*  43 */ "Or"               OpHelp("r[P3]=(r[P1] || r[P2])"),
     /*  44 */ "And"              OpHelp("r[P3]=(r[P1] && r[P2])"),
-    /*  45 */ "RowSetRead"       OpHelp("r[P3]=rowset(P1)"),
-    /*  46 */ "RowSetTest"       OpHelp("if r[P3] in rowset(P1) goto P2"),
-    /*  47 */ "Program"          OpHelp(""),
-    /*  48 */ "FkIfZero"         OpHelp("if fkctr[P1]==0 goto P2"),
-    /*  49 */ "IfPos"            OpHelp("if r[P1]>0 then r[P1]-=P3, goto P2"),
+    /*  45 */ "IdxGE"            OpHelp("key=r[P3@P4]"),
+    /*  46 */ "RowSetRead"       OpHelp("r[P3]=rowset(P1)"),
+    /*  47 */ "RowSetTest"       OpHelp("if r[P3] in rowset(P1) goto P2"),
+    /*  48 */ "Program"          OpHelp(""),
+    /*  49 */ "FkIfZero"         OpHelp("if fkctr[P1]==0 goto P2"),
     /*  50 */ "IsNull"           OpHelp("if r[P1]==NULL goto P2"),
     /*  51 */ "NotNull"          OpHelp("if r[P1]!=NULL goto P2"),
     /*  52 */ "Ne"               OpHelp("IF r[P3]!=r[P1]"),
@@ -35339,12 +36052,12 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
     /*  56 */ "Lt"               OpHelp("IF r[P3]=r[P1]"),
     /*  58 */ "ElseEq"           OpHelp(""),
-    /*  59 */ "IfNotZero"        OpHelp("if r[P1]!=0 then r[P1]--, goto P2"),
-    /*  60 */ "DecrJumpZero"     OpHelp("if (--r[P1])==0 goto P2"),
-    /*  61 */ "IncrVacuum"       OpHelp(""),
-    /*  62 */ "VNext"            OpHelp(""),
-    /*  63 */ "Filter"           OpHelp("if key(P3@P4) not in filter(P1) goto P2"),
-    /*  64 */ "Init"             OpHelp("Start at P2"),
+    /*  59 */ "IfPos"            OpHelp("if r[P1]>0 then r[P1]-=P3, goto P2"),
+    /*  60 */ "IfNotZero"        OpHelp("if r[P1]!=0 then r[P1]--, goto P2"),
+    /*  61 */ "DecrJumpZero"     OpHelp("if (--r[P1])==0 goto P2"),
+    /*  62 */ "IncrVacuum"       OpHelp(""),
+    /*  63 */ "VNext"            OpHelp(""),
+    /*  64 */ "Filter"           OpHelp("if key(P3@P4) not in filter(P1) goto P2"),
     /*  65 */ "PureFunc"         OpHelp("r[P3]=func(r[P2@NP])"),
     /*  66 */ "Function"         OpHelp("r[P3]=func(r[P2@NP])"),
     /*  67 */ "Return"           OpHelp(""),
@@ -35473,6 +36186,988 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
 #endif
 
 /************** End of opcodes.c *********************************************/
+/************** Begin file os_kv.c *******************************************/
+/*
+** 2022-09-06
+**
+** The author disclaims copyright to this source code.  In place of
+** a legal notice, here is a blessing:
+**
+**    May you do good and not evil.
+**    May you find forgiveness for yourself and forgive others.
+**    May you share freely, never taking more than you give.
+**
+******************************************************************************
+**
+** This file contains an experimental VFS layer that operates on a
+** Key/Value storage engine where both keys and values must be pure
+** text.
+*/
+/* #include  */
+#if SQLITE_OS_KV || (SQLITE_OS_UNIX && defined(SQLITE_OS_KV_OPTIONAL))
+
+/*****************************************************************************
+** Debugging logic
+*/
+
+/* SQLITE_KV_TRACE() is used for tracing calls to kvstorage routines. */
+#if 0
+#define SQLITE_KV_TRACE(X)  printf X
+#else
+#define SQLITE_KV_TRACE(X)
+#endif
+
+/* SQLITE_KV_LOG() is used for tracing calls to the VFS interface */
+#if 0
+#define SQLITE_KV_LOG(X)  printf X
+#else
+#define SQLITE_KV_LOG(X)
+#endif
+
+
+/*
+** Forward declaration of objects used by this VFS implementation
+*/
+typedef struct KVVfsFile KVVfsFile;
+
+/* A single open file.  There are only two files represented by this
+** VFS - the database and the rollback journal.
+*/
+struct KVVfsFile {
+  sqlite3_file base;              /* IO methods */
+  const char *zClass;             /* Storage class */
+  int isJournal;                  /* True if this is a journal file */
+  unsigned int nJrnl;             /* Space allocated for aJrnl[] */
+  char *aJrnl;                    /* Journal content */
+  int szPage;                     /* Last known page size */
+  sqlite3_int64 szDb;             /* Database file size.  -1 means unknown */
+  char *aData;                    /* Buffer to hold page data */
+};
+#define SQLITE_KVOS_SZ 133073
+
+/*
+** Methods for KVVfsFile
+*/
+static int kvvfsClose(sqlite3_file*);
+static int kvvfsReadDb(sqlite3_file*, void*, int iAmt, sqlite3_int64 iOfst);
+static int kvvfsReadJrnl(sqlite3_file*, void*, int iAmt, sqlite3_int64 iOfst);
+static int kvvfsWriteDb(sqlite3_file*,const void*,int iAmt, sqlite3_int64);
+static int kvvfsWriteJrnl(sqlite3_file*,const void*,int iAmt, sqlite3_int64);
+static int kvvfsTruncateDb(sqlite3_file*, sqlite3_int64 size);
+static int kvvfsTruncateJrnl(sqlite3_file*, sqlite3_int64 size);
+static int kvvfsSyncDb(sqlite3_file*, int flags);
+static int kvvfsSyncJrnl(sqlite3_file*, int flags);
+static int kvvfsFileSizeDb(sqlite3_file*, sqlite3_int64 *pSize);
+static int kvvfsFileSizeJrnl(sqlite3_file*, sqlite3_int64 *pSize);
+static int kvvfsLock(sqlite3_file*, int);
+static int kvvfsUnlock(sqlite3_file*, int);
+static int kvvfsCheckReservedLock(sqlite3_file*, int *pResOut);
+static int kvvfsFileControlDb(sqlite3_file*, int op, void *pArg);
+static int kvvfsFileControlJrnl(sqlite3_file*, int op, void *pArg);
+static int kvvfsSectorSize(sqlite3_file*);
+static int kvvfsDeviceCharacteristics(sqlite3_file*);
+
+/*
+** Methods for sqlite3_vfs
+*/
+static int kvvfsOpen(sqlite3_vfs*, const char *, sqlite3_file*, int , int *);
+static int kvvfsDelete(sqlite3_vfs*, const char *zName, int syncDir);
+static int kvvfsAccess(sqlite3_vfs*, const char *zName, int flags, int *);
+static int kvvfsFullPathname(sqlite3_vfs*, const char *zName, int, char *zOut);
+static void *kvvfsDlOpen(sqlite3_vfs*, const char *zFilename);
+static int kvvfsRandomness(sqlite3_vfs*, int nByte, char *zOut);
+static int kvvfsSleep(sqlite3_vfs*, int microseconds);
+static int kvvfsCurrentTime(sqlite3_vfs*, double*);
+static int kvvfsCurrentTimeInt64(sqlite3_vfs*, sqlite3_int64*);
+
+static sqlite3_vfs sqlite3OsKvvfsObject = {
+  1,                              /* iVersion */
+  sizeof(KVVfsFile),              /* szOsFile */
+  1024,                           /* mxPathname */
+  0,                              /* pNext */
+  "kvvfs",                        /* zName */
+  0,                              /* pAppData */
+  kvvfsOpen,                      /* xOpen */
+  kvvfsDelete,                    /* xDelete */
+  kvvfsAccess,                    /* xAccess */
+  kvvfsFullPathname,              /* xFullPathname */
+  kvvfsDlOpen,                    /* xDlOpen */
+  0,                              /* xDlError */
+  0,                              /* xDlSym */
+  0,                              /* xDlClose */
+  kvvfsRandomness,                /* xRandomness */
+  kvvfsSleep,                     /* xSleep */
+  kvvfsCurrentTime,               /* xCurrentTime */
+  0,                              /* xGetLastError */
+  kvvfsCurrentTimeInt64           /* xCurrentTimeInt64 */
+};
+
+/* Methods for sqlite3_file objects referencing a database file
+*/
+static sqlite3_io_methods kvvfs_db_io_methods = {
+  1,                              /* iVersion */
+  kvvfsClose,                     /* xClose */
+  kvvfsReadDb,                    /* xRead */
+  kvvfsWriteDb,                   /* xWrite */
+  kvvfsTruncateDb,                /* xTruncate */
+  kvvfsSyncDb,                    /* xSync */
+  kvvfsFileSizeDb,                /* xFileSize */
+  kvvfsLock,                      /* xLock */
+  kvvfsUnlock,                    /* xUnlock */
+  kvvfsCheckReservedLock,         /* xCheckReservedLock */
+  kvvfsFileControlDb,             /* xFileControl */
+  kvvfsSectorSize,                /* xSectorSize */
+  kvvfsDeviceCharacteristics,     /* xDeviceCharacteristics */
+  0,                              /* xShmMap */
+  0,                              /* xShmLock */
+  0,                              /* xShmBarrier */
+  0,                              /* xShmUnmap */
+  0,                              /* xFetch */
+  0                               /* xUnfetch */
+};
+
+/* Methods for sqlite3_file objects referencing a rollback journal
+*/
+static sqlite3_io_methods kvvfs_jrnl_io_methods = {
+  1,                              /* iVersion */
+  kvvfsClose,                     /* xClose */
+  kvvfsReadJrnl,                  /* xRead */
+  kvvfsWriteJrnl,                 /* xWrite */
+  kvvfsTruncateJrnl,              /* xTruncate */
+  kvvfsSyncJrnl,                  /* xSync */
+  kvvfsFileSizeJrnl,              /* xFileSize */
+  kvvfsLock,                      /* xLock */
+  kvvfsUnlock,                    /* xUnlock */
+  kvvfsCheckReservedLock,         /* xCheckReservedLock */
+  kvvfsFileControlJrnl,           /* xFileControl */
+  kvvfsSectorSize,                /* xSectorSize */
+  kvvfsDeviceCharacteristics,     /* xDeviceCharacteristics */
+  0,                              /* xShmMap */
+  0,                              /* xShmLock */
+  0,                              /* xShmBarrier */
+  0,                              /* xShmUnmap */
+  0,                              /* xFetch */
+  0                               /* xUnfetch */
+};
+
+/****** Storage subsystem **************************************************/
+#include 
+#include 
+#include 
+
+/* Forward declarations for the low-level storage engine
+*/
+static int kvstorageWrite(const char*, const char *zKey, const char *zData);
+static int kvstorageDelete(const char*, const char *zKey);
+static int kvstorageRead(const char*, const char *zKey, char *zBuf, int nBuf);
+#define KVSTORAGE_KEY_SZ  32
+
+/* Expand the key name with an appropriate prefix and put the result
+** zKeyOut[].  The zKeyOut[] buffer is assumed to hold at least
+** KVSTORAGE_KEY_SZ bytes.
+*/
+static void kvstorageMakeKey(
+  const char *zClass,
+  const char *zKeyIn,
+  char *zKeyOut
+){
+  sqlite3_snprintf(KVSTORAGE_KEY_SZ, zKeyOut, "kvvfs-%s-%s", zClass, zKeyIn);
+}
+
+/* Write content into a key.  zClass is the particular namespace of the
+** underlying key/value store to use - either "local" or "session".
+**
+** Both zKey and zData are zero-terminated pure text strings.
+**
+** Return the number of errors.
+*/
+static int kvstorageWrite(
+  const char *zClass,
+  const char *zKey,
+  const char *zData
+){
+  FILE *fd;
+  char zXKey[KVSTORAGE_KEY_SZ];
+  kvstorageMakeKey(zClass, zKey, zXKey);
+  fd = fopen(zXKey, "wb");
+  if( fd ){
+    SQLITE_KV_TRACE(("KVVFS-WRITE  %-15s (%d) %.50s%s\n", zXKey,
+                 (int)strlen(zData), zData,
+                 strlen(zData)>50 ? "..." : ""));
+    fputs(zData, fd);
+    fclose(fd);
+    return 0;
+  }else{
+    return 1;
+  }
+}
+
+/* Delete a key (with its corresponding data) from the key/value
+** namespace given by zClass.  If the key does not previously exist,
+** this routine is a no-op.
+*/
+static int kvstorageDelete(const char *zClass, const char *zKey){
+  char zXKey[KVSTORAGE_KEY_SZ];
+  kvstorageMakeKey(zClass, zKey, zXKey);
+  unlink(zXKey);
+  SQLITE_KV_TRACE(("KVVFS-DELETE %-15s\n", zXKey));
+  return 0;
+}
+
+/* Read the value associated with a zKey from the key/value namespace given
+** by zClass and put the text data associated with that key in the first
+** nBuf bytes of zBuf[].  The value might be truncated if zBuf is not large
+** enough to hold it all.  The value put into zBuf must always be zero
+** terminated, even if it gets truncated because nBuf is not large enough.
+**
+** Return the total number of bytes in the data, without truncation, and
+** not counting the final zero terminator.   Return -1 if the key does
+** not exist.
+**
+** If nBuf<=0 then this routine simply returns the size of the data without
+** actually reading it.
+*/
+static int kvstorageRead(
+  const char *zClass,
+  const char *zKey,
+  char *zBuf,
+  int nBuf
+){
+  FILE *fd;
+  struct stat buf;
+  char zXKey[KVSTORAGE_KEY_SZ];
+  kvstorageMakeKey(zClass, zKey, zXKey);
+  if( access(zXKey, R_OK)!=0
+   || stat(zXKey, &buf)!=0
+   || !S_ISREG(buf.st_mode)
+  ){
+    SQLITE_KV_TRACE(("KVVFS-READ   %-15s (-1)\n", zXKey));
+    return -1;
+  }
+  if( nBuf<=0 ){
+    return (int)buf.st_size;
+  }else if( nBuf==1 ){
+    zBuf[0] = 0;
+    SQLITE_KV_TRACE(("KVVFS-READ   %-15s (%d)\n", zXKey,
+                 (int)buf.st_size));
+    return (int)buf.st_size;
+  }
+  if( nBuf > buf.st_size + 1 ){
+    nBuf = buf.st_size + 1;
+  }
+  fd = fopen(zXKey, "rb");
+  if( fd==0 ){
+    SQLITE_KV_TRACE(("KVVFS-READ   %-15s (-1)\n", zXKey));
+    return -1;
+  }else{
+    sqlite3_int64 n = fread(zBuf, 1, nBuf-1, fd);
+    fclose(fd);
+    zBuf[n] = 0;
+    SQLITE_KV_TRACE(("KVVFS-READ   %-15s (%lld) %.50s%s\n", zXKey,
+                 n, zBuf, n>50 ? "..." : ""));
+    return (int)n;
+  }
+}
+
+/*
+** An internal level of indirection which enables us to replace the
+** kvvfs i/o methods with JavaScript implementations in WASM builds.
+** Maintenance reminder: if this struct changes in any way, the JSON
+** rendering of its structure must be updated in
+** sqlite3_wasm_enum_json(). There are no binary compatibility
+** concerns, so it does not need an iVersion member. This file is
+** necessarily always compiled together with sqlite3_wasm_enum_json(),
+** and JS code dynamically creates the mapping of members based on
+** that JSON description.
+*/
+typedef struct sqlite3_kvvfs_methods sqlite3_kvvfs_methods;
+struct sqlite3_kvvfs_methods {
+  int (*xRead)(const char *zClass, const char *zKey, char *zBuf, int nBuf);
+  int (*xWrite)(const char *zClass, const char *zKey, const char *zData);
+  int (*xDelete)(const char *zClass, const char *zKey);
+  const int nKeySize;
+};
+
+/*
+** This object holds the kvvfs I/O methods which may be swapped out
+** for JavaScript-side implementations in WASM builds. In such builds
+** it cannot be const, but in native builds it should be so that
+** the compiler can hopefully optimize this level of indirection out.
+** That said, kvvfs is intended primarily for use in WASM builds.
+**
+** Note that this is not explicitly flagged as static because the
+** amalgamation build will tag it with SQLITE_PRIVATE.
+*/
+#ifndef SQLITE_WASM
+const
+#endif
+SQLITE_PRIVATE sqlite3_kvvfs_methods sqlite3KvvfsMethods = {
+kvstorageRead,
+kvstorageWrite,
+kvstorageDelete,
+KVSTORAGE_KEY_SZ
+};
+
+/****** Utility subroutines ************************************************/
+
+/*
+** Encode binary into the text encoded used to persist on disk.
+** The output text is stored in aOut[], which must be at least
+** nData+1 bytes in length.
+**
+** Return the actual length of the encoded text, not counting the
+** zero terminator at the end.
+**
+** Encoding format
+** ---------------
+**
+**   *  Non-zero bytes are encoded as upper-case hexadecimal
+**
+**   *  A sequence of one or more zero-bytes that are not at the
+**      beginning of the buffer are encoded as a little-endian
+**      base-26 number using a..z.  "a" means 0.  "b" means 1,
+**      "z" means 25.  "ab" means 26.  "ac" means 52.  And so forth.
+**
+**   *  Because there is no overlap between the encoding characters
+**      of hexadecimal and base-26 numbers, it is always clear where
+**      one stops and the next begins.
+*/
+static int kvvfsEncode(const char *aData, int nData, char *aOut){
+  int i, j;
+  const unsigned char *a = (const unsigned char*)aData;
+  for(i=j=0; i>4];
+      aOut[j++] = "0123456789ABCDEF"[c&0xf];
+    }else{
+      /* A sequence of 1 or more zeros is stored as a little-endian
+      ** base-26 number using a..z as the digits. So one zero is "b".
+      ** Two zeros is "c". 25 zeros is "z", 26 zeros is "ab", 27 is "bb",
+      ** and so forth.
+      */
+      int k;
+      for(k=1; i+k0 ){
+        aOut[j++] = 'a'+(k%26);
+        k /= 26;
+      }
+    }
+  }
+  aOut[j] = 0;
+  return j;
+}
+
+static const signed char kvvfsHexValue[256] = {
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+   0,  1,  2,  3,  4,  5,  6,  7,    8,  9, -1, -1, -1, -1, -1, -1,
+  -1, 10, 11, 12, 13, 14, 15, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1,
+  -1, -1, -1, -1, -1, -1, -1, -1,   -1, -1, -1, -1, -1, -1, -1, -1
+};
+
+/*
+** Decode the text encoding back to binary.  The binary content is
+** written into pOut, which must be at least nOut bytes in length.
+**
+** The return value is the number of bytes actually written into aOut[].
+*/
+static int kvvfsDecode(const char *a, char *aOut, int nOut){
+  int i, j;
+  int c;
+  const unsigned char *aIn = (const unsigned char*)a;
+  i = 0;
+  j = 0;
+  while( 1 ){
+    c = kvvfsHexValue[aIn[i]];
+    if( c<0 ){
+      int n = 0;
+      int mult = 1;
+      c = aIn[i];
+      if( c==0 ) break;
+      while( c>='a' && c<='z' ){
+        n += (c - 'a')*mult;
+        mult *= 26;
+        c = aIn[++i];
+      }
+      if( j+n>nOut ) return -1;
+      memset(&aOut[j], 0, n);
+      j += n;
+      if( c==0 || mult==1 ) break; /* progress stalled if mult==1 */
+    }else{
+      aOut[j] = c<<4;
+      c = kvvfsHexValue[aIn[++i]];
+      if( c<0 ) break;
+      aOut[j++] += c;
+      i++;
+    }
+  }
+  return j;
+}
+
+/*
+** Decode a complete journal file.  Allocate space in pFile->aJrnl
+** and store the decoding there.  Or leave pFile->aJrnl set to NULL
+** if an error is encountered.
+**
+** The first few characters of the text encoding will be a little-endian
+** base-26 number (digits a..z) that is the total number of bytes
+** in the decoded journal file image.  This base-26 number is followed
+** by a single space, then the encoding of the journal.  The space
+** separator is required to act as a terminator for the base-26 number.
+*/
+static void kvvfsDecodeJournal(
+  KVVfsFile *pFile,      /* Store decoding in pFile->aJrnl */
+  const char *zTxt,      /* Text encoding.  Zero-terminated */
+  int nTxt               /* Bytes in zTxt, excluding zero terminator */
+){
+  unsigned int n = 0;
+  int c, i, mult;
+  i = 0;
+  mult = 1;
+  while( (c = zTxt[i++])>='a' && c<='z' ){
+    n += (zTxt[i] - 'a')*mult;
+    mult *= 26;
+  }
+  sqlite3_free(pFile->aJrnl);
+  pFile->aJrnl = sqlite3_malloc64( n );
+  if( pFile->aJrnl==0 ){
+    pFile->nJrnl = 0;
+    return;
+  }
+  pFile->nJrnl = n;
+  n = kvvfsDecode(zTxt+i, pFile->aJrnl, pFile->nJrnl);
+  if( nnJrnl ){
+    sqlite3_free(pFile->aJrnl);
+    pFile->aJrnl = 0;
+    pFile->nJrnl = 0;
+  }
+}
+
+/*
+** Read or write the "sz" element, containing the database file size.
+*/
+static sqlite3_int64 kvvfsReadFileSize(KVVfsFile *pFile){
+  char zData[50];
+  zData[0] = 0;
+  sqlite3KvvfsMethods.xRead(pFile->zClass, "sz", zData, sizeof(zData)-1);
+  return strtoll(zData, 0, 0);
+}
+static int kvvfsWriteFileSize(KVVfsFile *pFile, sqlite3_int64 sz){
+  char zData[50];
+  sqlite3_snprintf(sizeof(zData), zData, "%lld", sz);
+  return sqlite3KvvfsMethods.xWrite(pFile->zClass, "sz", zData);
+}
+
+/****** sqlite3_io_methods methods ******************************************/
+
+/*
+** Close an kvvfs-file.
+*/
+static int kvvfsClose(sqlite3_file *pProtoFile){
+  KVVfsFile *pFile = (KVVfsFile *)pProtoFile;
+
+  SQLITE_KV_LOG(("xClose %s %s\n", pFile->zClass,
+             pFile->isJournal ? "journal" : "db"));
+  sqlite3_free(pFile->aJrnl);
+  sqlite3_free(pFile->aData);
+  return SQLITE_OK;
+}
+
+/*
+** Read from the -journal file.
+*/
+static int kvvfsReadJrnl(
+  sqlite3_file *pProtoFile,
+  void *zBuf,
+  int iAmt,
+  sqlite_int64 iOfst
+){
+  KVVfsFile *pFile = (KVVfsFile*)pProtoFile;
+  assert( pFile->isJournal );
+  SQLITE_KV_LOG(("xRead('%s-journal',%d,%lld)\n", pFile->zClass, iAmt, iOfst));
+  if( pFile->aJrnl==0 ){
+    int szTxt = kvstorageRead(pFile->zClass, "jrnl", 0, 0);
+    char *aTxt;
+    if( szTxt<=4 ){
+      return SQLITE_IOERR;
+    }
+    aTxt = sqlite3_malloc64( szTxt+1 );
+    if( aTxt==0 ) return SQLITE_NOMEM;
+    kvstorageRead(pFile->zClass, "jrnl", aTxt, szTxt+1);
+    kvvfsDecodeJournal(pFile, aTxt, szTxt);
+    sqlite3_free(aTxt);
+    if( pFile->aJrnl==0 ) return SQLITE_IOERR;
+  }
+  if( iOfst+iAmt>pFile->nJrnl ){
+    return SQLITE_IOERR_SHORT_READ;
+  }
+  memcpy(zBuf, pFile->aJrnl+iOfst, iAmt);
+  return SQLITE_OK;
+}
+
+/*
+** Read from the database file.
+*/
+static int kvvfsReadDb(
+  sqlite3_file *pProtoFile,
+  void *zBuf,
+  int iAmt,
+  sqlite_int64 iOfst
+){
+  KVVfsFile *pFile = (KVVfsFile*)pProtoFile;
+  unsigned int pgno;
+  int got, n;
+  char zKey[30];
+  char *aData = pFile->aData;
+  assert( iOfst>=0 );
+  assert( iAmt>=0 );
+  SQLITE_KV_LOG(("xRead('%s-db',%d,%lld)\n", pFile->zClass, iAmt, iOfst));
+  if( iOfst+iAmt>=512 ){
+    if( (iOfst % iAmt)!=0 ){
+      return SQLITE_IOERR_READ;
+    }
+    if( (iAmt & (iAmt-1))!=0 || iAmt<512 || iAmt>65536 ){
+      return SQLITE_IOERR_READ;
+    }
+    pFile->szPage = iAmt;
+    pgno = 1 + iOfst/iAmt;
+  }else{
+    pgno = 1;
+  }
+  sqlite3_snprintf(sizeof(zKey), zKey, "%u", pgno);
+  got = sqlite3KvvfsMethods.xRead(pFile->zClass, zKey,
+                                  aData, SQLITE_KVOS_SZ-1);
+  if( got<0 ){
+    n = 0;
+  }else{
+    aData[got] = 0;
+    if( iOfst+iAmt<512 ){
+      int k = iOfst+iAmt;
+      aData[k*2] = 0;
+      n = kvvfsDecode(aData, &aData[2000], SQLITE_KVOS_SZ-2000);
+      if( n>=iOfst+iAmt ){
+        memcpy(zBuf, &aData[2000+iOfst], iAmt);
+        n = iAmt;
+      }else{
+        n = 0;
+      }
+    }else{
+      n = kvvfsDecode(aData, zBuf, iAmt);
+    }
+  }
+  if( nzClass, iAmt, iOfst));
+  if( iEnd>=0x10000000 ) return SQLITE_FULL;
+  if( pFile->aJrnl==0 || pFile->nJrnlaJrnl, iEnd);
+    if( aNew==0 ){
+      return SQLITE_IOERR_NOMEM;
+    }
+    pFile->aJrnl = aNew;
+    if( pFile->nJrnlaJrnl+pFile->nJrnl, 0, iOfst-pFile->nJrnl);
+    }
+    pFile->nJrnl = iEnd;
+  }
+  memcpy(pFile->aJrnl+iOfst, zBuf, iAmt);
+  return SQLITE_OK;
+}
+
+/*
+** Write into the database file.
+*/
+static int kvvfsWriteDb(
+  sqlite3_file *pProtoFile,
+  const void *zBuf,
+  int iAmt,
+  sqlite_int64 iOfst
+){
+  KVVfsFile *pFile = (KVVfsFile*)pProtoFile;
+  unsigned int pgno;
+  char zKey[30];
+  char *aData = pFile->aData;
+  SQLITE_KV_LOG(("xWrite('%s-db',%d,%lld)\n", pFile->zClass, iAmt, iOfst));
+  assert( iAmt>=512 && iAmt<=65536 );
+  assert( (iAmt & (iAmt-1))==0 );
+  assert( pFile->szPage<0 || pFile->szPage==iAmt );
+  pFile->szPage = iAmt;
+  pgno = 1 + iOfst/iAmt;
+  sqlite3_snprintf(sizeof(zKey), zKey, "%u", pgno);
+  kvvfsEncode(zBuf, iAmt, aData);
+  if( sqlite3KvvfsMethods.xWrite(pFile->zClass, zKey, aData) ){
+    return SQLITE_IOERR;
+  }
+  if( iOfst+iAmt > pFile->szDb ){
+    pFile->szDb = iOfst + iAmt;
+  }
+  return SQLITE_OK;
+}
+
+/*
+** Truncate an kvvfs-file.
+*/
+static int kvvfsTruncateJrnl(sqlite3_file *pProtoFile, sqlite_int64 size){
+  KVVfsFile *pFile = (KVVfsFile *)pProtoFile;
+  SQLITE_KV_LOG(("xTruncate('%s-journal',%lld)\n", pFile->zClass, size));
+  assert( size==0 );
+  sqlite3KvvfsMethods.xDelete(pFile->zClass, "jrnl");
+  sqlite3_free(pFile->aJrnl);
+  pFile->aJrnl = 0;
+  pFile->nJrnl = 0;
+  return SQLITE_OK;
+}
+static int kvvfsTruncateDb(sqlite3_file *pProtoFile, sqlite_int64 size){
+  KVVfsFile *pFile = (KVVfsFile *)pProtoFile;
+  if( pFile->szDb>size
+   && pFile->szPage>0
+   && (size % pFile->szPage)==0
+  ){
+    char zKey[50];
+    unsigned int pgno, pgnoMax;
+    SQLITE_KV_LOG(("xTruncate('%s-db',%lld)\n", pFile->zClass, size));
+    pgno = 1 + size/pFile->szPage;
+    pgnoMax = 2 + pFile->szDb/pFile->szPage;
+    while( pgno<=pgnoMax ){
+      sqlite3_snprintf(sizeof(zKey), zKey, "%u", pgno);
+      sqlite3KvvfsMethods.xDelete(pFile->zClass, zKey);
+      pgno++;
+    }
+    pFile->szDb = size;
+    return kvvfsWriteFileSize(pFile, size) ? SQLITE_IOERR : SQLITE_OK;
+  }
+  return SQLITE_IOERR;
+}
+
+/*
+** Sync an kvvfs-file.
+*/
+static int kvvfsSyncJrnl(sqlite3_file *pProtoFile, int flags){
+  int i, n;
+  KVVfsFile *pFile = (KVVfsFile *)pProtoFile;
+  char *zOut;
+  SQLITE_KV_LOG(("xSync('%s-journal')\n", pFile->zClass));
+  if( pFile->nJrnl<=0 ){
+    return kvvfsTruncateJrnl(pProtoFile, 0);
+  }
+  zOut = sqlite3_malloc64( pFile->nJrnl*2 + 50 );
+  if( zOut==0 ){
+    return SQLITE_IOERR_NOMEM;
+  }
+  n = pFile->nJrnl;
+  i = 0;
+  do{
+    zOut[i++] = 'a' + (n%26);
+    n /= 26;
+  }while( n>0 );
+  zOut[i++] = ' ';
+  kvvfsEncode(pFile->aJrnl, pFile->nJrnl, &zOut[i]);
+  i = sqlite3KvvfsMethods.xWrite(pFile->zClass, "jrnl", zOut);
+  sqlite3_free(zOut);
+  return i ? SQLITE_IOERR : SQLITE_OK;
+}
+static int kvvfsSyncDb(sqlite3_file *pProtoFile, int flags){
+  return SQLITE_OK;
+}
+
+/*
+** Return the current file-size of an kvvfs-file.
+*/
+static int kvvfsFileSizeJrnl(sqlite3_file *pProtoFile, sqlite_int64 *pSize){
+  KVVfsFile *pFile = (KVVfsFile *)pProtoFile;
+  SQLITE_KV_LOG(("xFileSize('%s-journal')\n", pFile->zClass));
+  *pSize = pFile->nJrnl;
+  return SQLITE_OK;
+}
+static int kvvfsFileSizeDb(sqlite3_file *pProtoFile, sqlite_int64 *pSize){
+  KVVfsFile *pFile = (KVVfsFile *)pProtoFile;
+  SQLITE_KV_LOG(("xFileSize('%s-db')\n", pFile->zClass));
+  if( pFile->szDb>=0 ){
+    *pSize = pFile->szDb;
+  }else{
+    *pSize = kvvfsReadFileSize(pFile);
+  }
+  return SQLITE_OK;
+}
+
+/*
+** Lock an kvvfs-file.
+*/
+static int kvvfsLock(sqlite3_file *pProtoFile, int eLock){
+  KVVfsFile *pFile = (KVVfsFile *)pProtoFile;
+  assert( !pFile->isJournal );
+  SQLITE_KV_LOG(("xLock(%s,%d)\n", pFile->zClass, eLock));
+
+  if( eLock!=SQLITE_LOCK_NONE ){
+    pFile->szDb = kvvfsReadFileSize(pFile);
+  }
+  return SQLITE_OK;
+}
+
+/*
+** Unlock an kvvfs-file.
+*/
+static int kvvfsUnlock(sqlite3_file *pProtoFile, int eLock){
+  KVVfsFile *pFile = (KVVfsFile *)pProtoFile;
+  assert( !pFile->isJournal );
+  SQLITE_KV_LOG(("xUnlock(%s,%d)\n", pFile->zClass, eLock));
+  if( eLock==SQLITE_LOCK_NONE ){
+    pFile->szDb = -1;
+  }
+  return SQLITE_OK;
+}
+
+/*
+** Check if another file-handle holds a RESERVED lock on an kvvfs-file.
+*/
+static int kvvfsCheckReservedLock(sqlite3_file *pProtoFile, int *pResOut){
+  SQLITE_KV_LOG(("xCheckReservedLock\n"));
+  *pResOut = 0;
+  return SQLITE_OK;
+}
+
+/*
+** File control method. For custom operations on an kvvfs-file.
+*/
+static int kvvfsFileControlJrnl(sqlite3_file *pProtoFile, int op, void *pArg){
+  SQLITE_KV_LOG(("xFileControl(%d) on journal\n", op));
+  return SQLITE_NOTFOUND;
+}
+static int kvvfsFileControlDb(sqlite3_file *pProtoFile, int op, void *pArg){
+  SQLITE_KV_LOG(("xFileControl(%d) on database\n", op));
+  if( op==SQLITE_FCNTL_SYNC ){
+    KVVfsFile *pFile = (KVVfsFile *)pProtoFile;
+    int rc = SQLITE_OK;
+    SQLITE_KV_LOG(("xSync('%s-db')\n", pFile->zClass));
+    if( pFile->szDb>0 && 0!=kvvfsWriteFileSize(pFile, pFile->szDb) ){
+      rc = SQLITE_IOERR;
+    }
+    return rc;
+  }
+  return SQLITE_NOTFOUND;
+}
+
+/*
+** Return the sector-size in bytes for an kvvfs-file.
+*/
+static int kvvfsSectorSize(sqlite3_file *pFile){
+  return 512;
+}
+
+/*
+** Return the device characteristic flags supported by an kvvfs-file.
+*/
+static int kvvfsDeviceCharacteristics(sqlite3_file *pProtoFile){
+  return 0;
+}
+
+/****** sqlite3_vfs methods *************************************************/
+
+/*
+** Open an kvvfs file handle.
+*/
+static int kvvfsOpen(
+  sqlite3_vfs *pProtoVfs,
+  const char *zName,
+  sqlite3_file *pProtoFile,
+  int flags,
+  int *pOutFlags
+){
+  KVVfsFile *pFile = (KVVfsFile*)pProtoFile;
+  if( zName==0 ) zName = "";
+  SQLITE_KV_LOG(("xOpen(\"%s\")\n", zName));
+  if( strcmp(zName, "local")==0
+   || strcmp(zName, "session")==0
+  ){
+    pFile->isJournal = 0;
+    pFile->base.pMethods = &kvvfs_db_io_methods;
+  }else
+  if( strcmp(zName, "local-journal")==0
+   || strcmp(zName, "session-journal")==0
+  ){
+    pFile->isJournal = 1;
+    pFile->base.pMethods = &kvvfs_jrnl_io_methods;
+  }else{
+    return SQLITE_CANTOPEN;
+  }
+  if( zName[0]=='s' ){
+    pFile->zClass = "session";
+  }else{
+    pFile->zClass = "local";
+  }
+  pFile->aData = sqlite3_malloc64(SQLITE_KVOS_SZ);
+  if( pFile->aData==0 ){
+    return SQLITE_NOMEM;
+  }
+  pFile->aJrnl = 0;
+  pFile->nJrnl = 0;
+  pFile->szPage = -1;
+  pFile->szDb = -1;
+  return SQLITE_OK;
+}
+
+/*
+** Delete the file located at zPath. If the dirSync argument is true,
+** ensure the file-system modifications are synced to disk before
+** returning.
+*/
+static int kvvfsDelete(sqlite3_vfs *pVfs, const char *zPath, int dirSync){
+  if( strcmp(zPath, "local-journal")==0 ){
+    sqlite3KvvfsMethods.xDelete("local", "jrnl");
+  }else
+  if( strcmp(zPath, "session-journal")==0 ){
+    sqlite3KvvfsMethods.xDelete("session", "jrnl");
+  }
+  return SQLITE_OK;
+}
+
+/*
+** Test for access permissions. Return true if the requested permission
+** is available, or false otherwise.
+*/
+static int kvvfsAccess(
+  sqlite3_vfs *pProtoVfs,
+  const char *zPath,
+  int flags,
+  int *pResOut
+){
+  SQLITE_KV_LOG(("xAccess(\"%s\")\n", zPath));
+  if( strcmp(zPath, "local-journal")==0 ){
+    *pResOut = sqlite3KvvfsMethods.xRead("local", "jrnl", 0, 0)>0;
+  }else
+  if( strcmp(zPath, "session-journal")==0 ){
+    *pResOut = sqlite3KvvfsMethods.xRead("session", "jrnl", 0, 0)>0;
+  }else
+  if( strcmp(zPath, "local")==0 ){
+    *pResOut = sqlite3KvvfsMethods.xRead("local", "sz", 0, 0)>0;
+  }else
+  if( strcmp(zPath, "session")==0 ){
+    *pResOut = sqlite3KvvfsMethods.xRead("session", "sz", 0, 0)>0;
+  }else
+  {
+    *pResOut = 0;
+  }
+  SQLITE_KV_LOG(("xAccess returns %d\n",*pResOut));
+  return SQLITE_OK;
+}
+
+/*
+** Populate buffer zOut with the full canonical pathname corresponding
+** to the pathname in zPath. zOut is guaranteed to point to a buffer
+** of at least (INST_MAX_PATHNAME+1) bytes.
+*/
+static int kvvfsFullPathname(
+  sqlite3_vfs *pVfs,
+  const char *zPath,
+  int nOut,
+  char *zOut
+){
+  size_t nPath;
+#ifdef SQLITE_OS_KV_ALWAYS_LOCAL
+  zPath = "local";
+#endif
+  nPath = strlen(zPath);
+  SQLITE_KV_LOG(("xFullPathname(\"%s\")\n", zPath));
+  if( nOut
+static int kvvfsCurrentTimeInt64(sqlite3_vfs *pVfs, sqlite3_int64 *pTimeOut){
+  static const sqlite3_int64 unixEpoch = 24405875*(sqlite3_int64)8640000;
+  struct timeval sNow;
+  (void)gettimeofday(&sNow, 0);  /* Cannot fail given valid arguments */
+  *pTimeOut = unixEpoch + 1000*(sqlite3_int64)sNow.tv_sec + sNow.tv_usec/1000;
+  return SQLITE_OK;
+}
+#endif /* SQLITE_OS_KV || SQLITE_OS_UNIX */
+
+#if SQLITE_OS_KV
+/*
+** This routine is called initialize the KV-vfs as the default VFS.
+*/
+SQLITE_API int sqlite3_os_init(void){
+  return sqlite3_vfs_register(&sqlite3OsKvvfsObject, 1);
+}
+SQLITE_API int sqlite3_os_end(void){
+  return SQLITE_OK;
+}
+#endif /* SQLITE_OS_KV */
+
+#if SQLITE_OS_UNIX && defined(SQLITE_OS_KV_OPTIONAL)
+SQLITE_PRIVATE int sqlite3KvvfsInit(void){
+  return sqlite3_vfs_register(&sqlite3OsKvvfsObject, 0);
+}
+#endif
+
+/************** End of os_kv.c ***********************************************/
 /************** Begin file os_unix.c *****************************************/
 /*
 ** 2004 May 22
@@ -35548,7 +37243,7 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
 #endif
 
 /* Use pread() and pwrite() if they are available */
-#if defined(__APPLE__)
+#if defined(__APPLE__) || defined(__linux__)
 # define HAVE_PREAD 1
 # define HAVE_PWRITE 1
 #endif
@@ -35563,15 +37258,16 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
 /*
 ** standard include files.
 */
-#include 
-#include 
+#include    /* amalgamator: keep */
+#include     /* amalgamator: keep */
 #include 
 #include 
-#include 
+#include       /* amalgamator: keep */
 /* #include  */
-#include 
+#include     /* amalgamator: keep */
 #include 
-#if !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0
+#if (!defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0) \
+  && !defined(SQLITE_WASI)
 # include 
 #endif
 
@@ -35659,9 +37355,46 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
 */
 #define SQLITE_MAX_SYMLINKS 100
 
+/*
+** Remove and stub certain info for WASI (WebAssembly System
+** Interface) builds.
+*/
+#ifdef SQLITE_WASI
+# undef HAVE_FCHMOD
+# undef HAVE_FCHOWN
+# undef HAVE_MREMAP
+# define HAVE_MREMAP 0
+# ifndef SQLITE_DEFAULT_UNIX_VFS
+#  define SQLITE_DEFAULT_UNIX_VFS "unix-dotfile"
+   /* ^^^ should SQLITE_DEFAULT_UNIX_VFS be "unix-none"? */
+# endif
+# ifndef F_RDLCK
+#  define F_RDLCK 0
+#  define F_WRLCK 1
+#  define F_UNLCK 2
+#  if __LONG_MAX == 0x7fffffffL
+#   define F_GETLK 12
+#   define F_SETLK 13
+#   define F_SETLKW 14
+#  else
+#   define F_GETLK 5
+#   define F_SETLK 6
+#   define F_SETLKW 7
+#  endif
+# endif
+#else /* !SQLITE_WASI */
+# ifndef HAVE_FCHMOD
+#  define HAVE_FCHMOD
+# endif
+#endif /* SQLITE_WASI */
+
+#ifdef SQLITE_WASI
+# define osGetpid(X) (pid_t)1
+#else
 /* Always cast the getpid() return type for compatibility with
 ** kernel modules in VxWorks. */
-#define osGetpid(X) (pid_t)getpid()
+# define osGetpid(X) (pid_t)getpid()
+#endif
 
 /*
 ** Only set the lastErrno if the error code is a real error and not
@@ -35933,7 +37666,11 @@ static struct unix_syscall {
 #define osPwrite64  ((ssize_t(*)(int,const void*,size_t,off64_t))\
                     aSyscall[13].pCurrent)
 
+#if defined(HAVE_FCHMOD)
   { "fchmod",       (sqlite3_syscall_ptr)fchmod,          0  },
+#else
+  { "fchmod",       (sqlite3_syscall_ptr)0,               0  },
+#endif
 #define osFchmod    ((int(*)(int,mode_t))aSyscall[14].pCurrent)
 
 #if defined(HAVE_POSIX_FALLOCATE) && HAVE_POSIX_FALLOCATE
@@ -35969,14 +37706,16 @@ static struct unix_syscall {
 #endif
 #define osGeteuid   ((uid_t(*)(void))aSyscall[21].pCurrent)
 
-#if !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0
+#if (!defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0) \
+  && !defined(SQLITE_WASI)
   { "mmap",         (sqlite3_syscall_ptr)mmap,            0 },
 #else
   { "mmap",         (sqlite3_syscall_ptr)0,               0 },
 #endif
 #define osMmap ((void*(*)(void*,size_t,int,int,int,off_t))aSyscall[22].pCurrent)
 
-#if !defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0
+#if (!defined(SQLITE_OMIT_WAL) || SQLITE_MAX_MMAP_SIZE>0) \
+  && !defined(SQLITE_WASI)
   { "munmap",       (sqlite3_syscall_ptr)munmap,          0 },
 #else
   { "munmap",       (sqlite3_syscall_ptr)0,               0 },
@@ -36162,6 +37901,9 @@ static int robust_open(const char *z, int f, mode_t m){
       break;
     }
     if( fd>=SQLITE_MINIMUM_FILE_DESCRIPTOR ) break;
+    if( (f & (O_EXCL|O_CREAT))==(O_EXCL|O_CREAT) ){
+      (void)osUnlink(z);
+    }
     osClose(fd);
     sqlite3_log(SQLITE_WARNING,
                 "attempt to open \"%s\" as file descriptor %d", z, fd);
@@ -37124,7 +38866,7 @@ static int unixFileLock(unixFile *pFile, struct flock *pLock){
 **
 **    UNLOCKED -> SHARED
 **    SHARED -> RESERVED
-**    SHARED -> (PENDING) -> EXCLUSIVE
+**    SHARED -> EXCLUSIVE
 **    RESERVED -> (PENDING) -> EXCLUSIVE
 **    PENDING -> EXCLUSIVE
 **
@@ -37157,19 +38899,20 @@ static int unixLock(sqlite3_file *id, int eFileLock){
   ** A RESERVED lock is implemented by grabbing a write-lock on the
   ** 'reserved byte'.
   **
-  ** A process may only obtain a PENDING lock after it has obtained a
-  ** SHARED lock. A PENDING lock is implemented by obtaining a write-lock
-  ** on the 'pending byte'. This ensures that no new SHARED locks can be
-  ** obtained, but existing SHARED locks are allowed to persist. A process
-  ** does not have to obtain a RESERVED lock on the way to a PENDING lock.
-  ** This property is used by the algorithm for rolling back a journal file
-  ** after a crash.
+  ** An EXCLUSIVE lock may only be requested after either a SHARED or
+  ** RESERVED lock is held. An EXCLUSIVE lock is implemented by obtaining
+  ** a write-lock on the entire 'shared byte range'. Since all other locks
+  ** require a read-lock on one of the bytes within this range, this ensures
+  ** that no other locks are held on the database.
   **
-  ** An EXCLUSIVE lock, obtained after a PENDING lock is held, is
-  ** implemented by obtaining a write-lock on the entire 'shared byte
-  ** range'. Since all other locks require a read-lock on one of the bytes
-  ** within this range, this ensures that no other locks are held on the
-  ** database.
+  ** If a process that holds a RESERVED lock requests an EXCLUSIVE, then
+  ** a PENDING lock is obtained first. A PENDING lock is implemented by
+  ** obtaining a write-lock on the 'pending byte'. This ensures that no new
+  ** SHARED locks can be obtained, but existing SHARED locks are allowed to
+  ** persist. If the call to this function fails to obtain the EXCLUSIVE
+  ** lock in this case, it holds the PENDING lock intead. The client may
+  ** then re-attempt the EXCLUSIVE lock later on, after existing SHARED
+  ** locks have cleared.
   */
   int rc = SQLITE_OK;
   unixFile *pFile = (unixFile*)id;
@@ -37240,7 +38983,7 @@ static int unixLock(sqlite3_file *id, int eFileLock){
   lock.l_len = 1L;
   lock.l_whence = SEEK_SET;
   if( eFileLock==SHARED_LOCK
-      || (eFileLock==EXCLUSIVE_LOCK && pFile->eFileLockeFileLock==RESERVED_LOCK)
   ){
     lock.l_type = (eFileLock==SHARED_LOCK?F_RDLCK:F_WRLCK);
     lock.l_start = PENDING_BYTE;
@@ -37251,6 +38994,9 @@ static int unixLock(sqlite3_file *id, int eFileLock){
         storeLastErrno(pFile, tErrno);
       }
       goto end_lock;
+    }else if( eFileLock==EXCLUSIVE_LOCK ){
+      pFile->eFileLock = PENDING_LOCK;
+      pInode->eFileLock = PENDING_LOCK;
     }
   }
 
@@ -37338,13 +39084,9 @@ static int unixLock(sqlite3_file *id, int eFileLock){
   }
 #endif
 
-
   if( rc==SQLITE_OK ){
     pFile->eFileLock = eFileLock;
     pInode->eFileLock = eFileLock;
-  }else if( eFileLock==EXCLUSIVE_LOCK ){
-    pFile->eFileLock = PENDING_LOCK;
-    pInode->eFileLock = PENDING_LOCK;
   }
 
 end_lock:
@@ -38751,12 +40493,6 @@ static int nfsUnlock(sqlite3_file *id, int eFileLock){
 ** Seek to the offset passed as the second argument, then read cnt
 ** bytes into pBuf. Return the number of bytes actually read.
 **
-** NB:  If you define USE_PREAD or USE_PREAD64, then it might also
-** be necessary to define _XOPEN_SOURCE to be 500.  This varies from
-** one system to another.  Since SQLite does not define USE_PREAD
-** in any form by default, we will not attempt to define _XOPEN_SOURCE.
-** See tickets #2741 and #2681.
-**
 ** To avoid stomping the errno value on a failed read the lastErrno value
 ** is set before returning.
 */
@@ -41935,12 +43671,10 @@ static void appendOnePathElement(
   if( zName[0]=='.' ){
     if( nName==1 ) return;
     if( zName[1]=='.' && nName==2 ){
-      if( pPath->nUsed<=1 ){
-        pPath->rc = SQLITE_ERROR;
-        return;
+      if( pPath->nUsed>1 ){
+        assert( pPath->zOut[0]=='/' );
+        while( pPath->zOut[--pPath->nUsed]!='/' ){}
       }
-      assert( pPath->zOut[0]=='/' );
-      while( pPath->zOut[--pPath->nUsed]!='/' ){}
       return;
     }
   }
@@ -42152,7 +43886,7 @@ static int unixRandomness(sqlite3_vfs *NotUsed, int nBuf, char *zBuf){
 ** than the argument.
 */
 static int unixSleep(sqlite3_vfs *NotUsed, int microseconds){
-#if OS_VXWORKS
+#if OS_VXWORKS || _POSIX_C_SOURCE >= 199309L
   struct timespec sp;
 
   sp.tv_sec = microseconds / 1000000;
@@ -43534,8 +45268,16 @@ SQLITE_API int sqlite3_os_init(void){
 
   /* Register all VFSes defined in the aVfs[] array */
   for(i=0; i<(sizeof(aVfs)/sizeof(sqlite3_vfs)); i++){
+#ifdef SQLITE_DEFAULT_UNIX_VFS
+    sqlite3_vfs_register(&aVfs[i],
+           0==strcmp(aVfs[i].zName,SQLITE_DEFAULT_UNIX_VFS));
+#else
     sqlite3_vfs_register(&aVfs[i], i==0);
+#endif
   }
+#ifdef SQLITE_OS_KV_OPTIONAL
+  sqlite3KvvfsInit();
+#endif
   unixBigLock = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_VFS1);
 
 #ifndef SQLITE_OMIT_WAL
@@ -48305,9 +50047,10 @@ static int winMakeEndInDirSep(int nBuf, char *zBuf){
 }
 
 /*
-** If sqlite3_temp_directory is not, take the mutex and return true.
+** If sqlite3_temp_directory is defined, take the mutex and return true.
 **
-** If sqlite3_temp_directory is NULL, omit the mutex and return false.
+** If sqlite3_temp_directory is NULL (undefined), omit the mutex and
+** return false.
 */
 static int winTempDirDefined(void){
   sqlite3_mutex_enter(sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR));
@@ -48776,7 +50519,7 @@ static int winOpen(
       if( isReadWrite ){
         int rc2, isRO = 0;
         sqlite3BeginBenignMalloc();
-        rc2 = winAccess(pVfs, zName, SQLITE_ACCESS_READ, &isRO);
+        rc2 = winAccess(pVfs, zUtf8Name, SQLITE_ACCESS_READ, &isRO);
         sqlite3EndBenignMalloc();
         if( rc2==SQLITE_OK && isRO ) break;
       }
@@ -48793,7 +50536,7 @@ static int winOpen(
       if( isReadWrite ){
         int rc2, isRO = 0;
         sqlite3BeginBenignMalloc();
-        rc2 = winAccess(pVfs, zName, SQLITE_ACCESS_READ, &isRO);
+        rc2 = winAccess(pVfs, zUtf8Name, SQLITE_ACCESS_READ, &isRO);
         sqlite3EndBenignMalloc();
         if( rc2==SQLITE_OK && isRO ) break;
       }
@@ -48813,7 +50556,7 @@ static int winOpen(
       if( isReadWrite ){
         int rc2, isRO = 0;
         sqlite3BeginBenignMalloc();
-        rc2 = winAccess(pVfs, zName, SQLITE_ACCESS_READ, &isRO);
+        rc2 = winAccess(pVfs, zUtf8Name, SQLITE_ACCESS_READ, &isRO);
         sqlite3EndBenignMalloc();
         if( rc2==SQLITE_OK && isRO ) break;
       }
@@ -49036,6 +50779,13 @@ static int winAccess(
   OSTRACE(("ACCESS name=%s, flags=%x, pResOut=%p\n",
            zFilename, flags, pResOut));
 
+  if( zFilename==0 ){
+    *pResOut = 0;
+    OSTRACE(("ACCESS name=%s, pResOut=%p, *pResOut=%d, rc=SQLITE_OK\n",
+             zFilename, pResOut, *pResOut));
+    return SQLITE_OK;
+  }
+
   zConverted = winConvertFromUtf8Filename(zFilename);
   if( zConverted==0 ){
     OSTRACE(("ACCESS name=%s, rc=SQLITE_IOERR_NOMEM\n", zFilename));
@@ -49343,7 +51093,8 @@ static int winFullPathname(
   char *zFull                   /* Output buffer */
 ){
   int rc;
-  sqlite3_mutex *pMutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR);
+  MUTEX_LOGIC( sqlite3_mutex *pMutex; )
+  MUTEX_LOGIC( pMutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_TEMPDIR); )
   sqlite3_mutex_enter(pMutex);
   rc = winFullPathnameNoMutex(pVfs, zRelative, nFull, zFull);
   sqlite3_mutex_leave(pMutex);
@@ -49885,6 +51636,7 @@ static int memdbTruncate(sqlite3_file*, sqlite3_int64 size);
 static int memdbSync(sqlite3_file*, int flags);
 static int memdbFileSize(sqlite3_file*, sqlite3_int64 *pSize);
 static int memdbLock(sqlite3_file*, int);
+static int memdbUnlock(sqlite3_file*, int);
 /* static int memdbCheckReservedLock(sqlite3_file*, int *pResOut);// not used */
 static int memdbFileControl(sqlite3_file*, int op, void *pArg);
 /* static int memdbSectorSize(sqlite3_file*); // not used */
@@ -49943,7 +51695,7 @@ static const sqlite3_io_methods memdb_io_methods = {
   memdbSync,                       /* xSync */
   memdbFileSize,                   /* xFileSize */
   memdbLock,                       /* xLock */
-  memdbLock,                       /* xUnlock - same as xLock in this case */
+  memdbUnlock,                     /* xUnlock */
   0, /* memdbCheckReservedLock, */ /* xCheckReservedLock */
   memdbFileControl,                /* xFileControl */
   0, /* memdbSectorSize,*/         /* xSectorSize */
@@ -50144,39 +51896,81 @@ static int memdbLock(sqlite3_file *pFile, int eLock){
   MemFile *pThis = (MemFile*)pFile;
   MemStore *p = pThis->pStore;
   int rc = SQLITE_OK;
-  if( eLock==pThis->eLock ) return SQLITE_OK;
+  if( eLock<=pThis->eLock ) return SQLITE_OK;
   memdbEnter(p);
-  if( eLock>SQLITE_LOCK_SHARED ){
-    if( p->mFlags & SQLITE_DESERIALIZE_READONLY ){
-      rc = SQLITE_READONLY;
-    }else if( pThis->eLock<=SQLITE_LOCK_SHARED ){
-      if( p->nWrLock ){
-        rc = SQLITE_BUSY;
-      }else{
-        p->nWrLock = 1;
+
+  assert( p->nWrLock==0 || p->nWrLock==1 );
+  assert( pThis->eLock<=SQLITE_LOCK_SHARED || p->nWrLock==1 );
+  assert( pThis->eLock==SQLITE_LOCK_NONE || p->nRdLock>=1 );
+
+  if( eLock>SQLITE_LOCK_SHARED && (p->mFlags & SQLITE_DESERIALIZE_READONLY) ){
+    rc = SQLITE_READONLY;
+  }else{
+    switch( eLock ){
+      case SQLITE_LOCK_SHARED: {
+        assert( pThis->eLock==SQLITE_LOCK_NONE );
+        if( p->nWrLock>0 ){
+          rc = SQLITE_BUSY;
+        }else{
+          p->nRdLock++;
+        }
+        break;
+      };
+
+      case SQLITE_LOCK_RESERVED:
+      case SQLITE_LOCK_PENDING: {
+        assert( pThis->eLock>=SQLITE_LOCK_SHARED );
+        if( ALWAYS(pThis->eLock==SQLITE_LOCK_SHARED) ){
+          if( p->nWrLock>0 ){
+            rc = SQLITE_BUSY;
+          }else{
+            p->nWrLock = 1;
+          }
+        }
+        break;
+      }
+
+      default: {
+        assert(  eLock==SQLITE_LOCK_EXCLUSIVE );
+        assert( pThis->eLock>=SQLITE_LOCK_SHARED );
+        if( p->nRdLock>1 ){
+          rc = SQLITE_BUSY;
+        }else if( pThis->eLock==SQLITE_LOCK_SHARED ){
+          p->nWrLock = 1;
+        }
+        break;
       }
     }
-  }else if( eLock==SQLITE_LOCK_SHARED ){
-    if( pThis->eLock > SQLITE_LOCK_SHARED ){
-      assert( p->nWrLock==1 );
-      p->nWrLock = 0;
-    }else if( p->nWrLock ){
-      rc = SQLITE_BUSY;
-    }else{
-      p->nRdLock++;
+  }
+  if( rc==SQLITE_OK ) pThis->eLock = eLock;
+  memdbLeave(p);
+  return rc;
+}
+
+/*
+** Unlock an memdb-file.
+*/
+static int memdbUnlock(sqlite3_file *pFile, int eLock){
+  MemFile *pThis = (MemFile*)pFile;
+  MemStore *p = pThis->pStore;
+  if( eLock>=pThis->eLock ) return SQLITE_OK;
+  memdbEnter(p);
+
+  assert( eLock==SQLITE_LOCK_SHARED || eLock==SQLITE_LOCK_NONE );
+  if( eLock==SQLITE_LOCK_SHARED ){
+    if( ALWAYS(pThis->eLock>SQLITE_LOCK_SHARED) ){
+      p->nWrLock--;
     }
   }else{
-    assert( eLock==SQLITE_LOCK_NONE );
     if( pThis->eLock>SQLITE_LOCK_SHARED ){
-      assert( p->nWrLock==1 );
-      p->nWrLock = 0;
+      p->nWrLock--;
     }
-    assert( p->nRdLock>0 );
     p->nRdLock--;
   }
-  if( rc==SQLITE_OK ) pThis->eLock = eLock;
+
+  pThis->eLock = eLock;
   memdbLeave(p);
-  return rc;
+  return SQLITE_OK;
 }
 
 #if 0
@@ -50286,7 +52080,7 @@ static int memdbOpen(
 
   memset(pFile, 0, sizeof(*pFile));
   szName = sqlite3Strlen30(zName);
-  if( szName>1 && zName[0]=='/' ){
+  if( szName>1 && (zName[0]=='/' || zName[0]=='\\') ){
     int i;
 #ifndef SQLITE_MUTEX_OMIT
     sqlite3_mutex *pVfsMutex = sqlite3MutexAlloc(SQLITE_MUTEX_STATIC_VFS1);
@@ -50633,6 +52427,13 @@ SQLITE_API int sqlite3_deserialize(
   return rc;
 }
 
+/*
+** Return true if the VFS is the memvfs.
+*/
+SQLITE_PRIVATE int sqlite3IsMemdb(const sqlite3_vfs *pVfs){
+  return pVfs==&memdb_vfs;
+}
+
 /*
 ** This routine is called when the extension is loaded.
 ** Register the new VFS.
@@ -51112,7 +52913,7 @@ SQLITE_PRIVATE int sqlite3BitvecBuiltinTest(int sz, int *aOp){
 struct PCache {
   PgHdr *pDirty, *pDirtyTail;         /* List of dirty pages in LRU order */
   PgHdr *pSynced;                     /* Last synced page in dirty page list */
-  int nRefSum;                        /* Sum of ref counts over all pages */
+  i64 nRefSum;                        /* Sum of ref counts over all pages */
   int szCache;                        /* Configured cache size */
   int szSpill;                        /* Size before spilling occurs */
   int szPage;                         /* Size of every page in this cache */
@@ -51137,12 +52938,24 @@ struct PCache {
   int sqlite3PcacheTrace = 2;       /* 0: off  1: simple  2: cache dumps */
   int sqlite3PcacheMxDump = 9999;   /* Max cache entries for pcacheDump() */
 # define pcacheTrace(X) if(sqlite3PcacheTrace){sqlite3DebugPrintf X;}
-  void pcacheDump(PCache *pCache){
-    int N;
-    int i, j;
-    sqlite3_pcache_page *pLower;
+  static void pcachePageTrace(int i, sqlite3_pcache_page *pLower){
     PgHdr *pPg;
     unsigned char *a;
+    int j;
+    if( pLower==0 ){
+      printf("%3d: NULL\n", i);
+    }else{
+      pPg = (PgHdr*)pLower->pExtra;
+      printf("%3d: nRef %2lld flgs %02x data ", i, pPg->nRef, pPg->flags);
+      a = (unsigned char *)pLower->pBuf;
+      for(j=0; j<12; j++) printf("%02x", a[j]);
+      printf(" ptr %p\n", pPg);
+    }
+  }
+  static void pcacheDump(PCache *pCache){
+    int N;
+    int i;
+    sqlite3_pcache_page *pLower;
 
     if( sqlite3PcacheTrace<2 ) return;
     if( pCache->pCache==0 ) return;
@@ -51150,22 +52963,32 @@ struct PCache {
     if( N>sqlite3PcacheMxDump ) N = sqlite3PcacheMxDump;
     for(i=1; i<=N; i++){
        pLower = sqlite3GlobalConfig.pcache2.xFetch(pCache->pCache, i, 0);
-       if( pLower==0 ) continue;
-       pPg = (PgHdr*)pLower->pExtra;
-       printf("%3d: nRef %2d flgs %02x data ", i, pPg->nRef, pPg->flags);
-       a = (unsigned char *)pLower->pBuf;
-       for(j=0; j<12; j++) printf("%02x", a[j]);
-       printf("\n");
-       if( pPg->pPage==0 ){
+       pcachePageTrace(i, pLower);
+       if( pLower && ((PgHdr*)pLower)->pPage==0 ){
          sqlite3GlobalConfig.pcache2.xUnpin(pCache->pCache, pLower, 0);
        }
     }
   }
-  #else
+#else
 # define pcacheTrace(X)
+# define pcachePageTrace(PGNO, X)
 # define pcacheDump(X)
 #endif
 
+/*
+** Return 1 if pPg is on the dirty list for pCache.  Return 0 if not.
+** This routine runs inside of assert() statements only.
+*/
+#ifdef SQLITE_DEBUG
+static int pageOnDirtyList(PCache *pCache, PgHdr *pPg){
+  PgHdr *p;
+  for(p=pCache->pDirty; p; p=p->pDirtyNext){
+    if( p==pPg ) return 1;
+  }
+  return 0;
+}
+#endif
+
 /*
 ** Check invariants on a PgHdr entry.  Return true if everything is OK.
 ** Return false if any invariant is violated.
@@ -51184,8 +53007,13 @@ SQLITE_PRIVATE int sqlite3PcachePageSanity(PgHdr *pPg){
   assert( pCache!=0 );      /* Every page has an associated PCache */
   if( pPg->flags & PGHDR_CLEAN ){
     assert( (pPg->flags & PGHDR_DIRTY)==0 );/* Cannot be both CLEAN and DIRTY */
-    assert( pCache->pDirty!=pPg );          /* CLEAN pages not on dirty list */
-    assert( pCache->pDirtyTail!=pPg );
+    assert( !pageOnDirtyList(pCache, pPg) );/* CLEAN pages not on dirty list */
+  }else{
+    assert( (pPg->flags & PGHDR_DIRTY)!=0 );/* If not CLEAN must be DIRTY */
+    assert( pPg->pDirtyNext==0 || pPg->pDirtyNext->pDirtyPrev==pPg );
+    assert( pPg->pDirtyPrev==0 || pPg->pDirtyPrev->pDirtyNext==pPg );
+    assert( pPg->pDirtyPrev!=0 || pCache->pDirty==pPg );
+    assert( pageOnDirtyList(pCache, pPg) );
   }
   /* WRITEABLE pages must also be DIRTY */
   if( pPg->flags & PGHDR_WRITEABLE ){
@@ -51459,8 +53287,9 @@ SQLITE_PRIVATE sqlite3_pcache_page *sqlite3PcacheFetch(
   assert( createFlag==0 || pCache->eCreate==eCreate );
   assert( createFlag==0 || eCreate==1+(!pCache->bPurgeable||!pCache->pDirty) );
   pRes = sqlite3GlobalConfig.pcache2.xFetch(pCache->pCache, pgno, eCreate);
-  pcacheTrace(("%p.FETCH %d%s (result: %p)\n",pCache,pgno,
+  pcacheTrace(("%p.FETCH %d%s (result: %p) ",pCache,pgno,
                createFlag?" create":"",pRes));
+  pcachePageTrace(pgno, pRes);
   return pRes;
 }
 
@@ -51588,6 +53417,7 @@ SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3PcacheRelease(PgHdr *p){
       pcacheUnpin(p);
     }else{
       pcacheManageDirtyList(p, PCACHE_DIRTYLIST_FRONT);
+      assert( sqlite3PcachePageSanity(p) );
     }
   }
 }
@@ -51631,6 +53461,7 @@ SQLITE_PRIVATE void sqlite3PcacheMakeDirty(PgHdr *p){
       pcacheTrace(("%p.DIRTY %d\n",p->pCache,p->pgno));
       assert( (p->flags & (PGHDR_DIRTY|PGHDR_CLEAN))==PGHDR_DIRTY );
       pcacheManageDirtyList(p, PCACHE_DIRTYLIST_ADD);
+      assert( sqlite3PcachePageSanity(p) );
     }
     assert( sqlite3PcachePageSanity(p) );
   }
@@ -51859,14 +53690,14 @@ SQLITE_PRIVATE PgHdr *sqlite3PcacheDirtyList(PCache *pCache){
 ** This is not the total number of pages referenced, but the sum of the
 ** reference count for all pages.
 */
-SQLITE_PRIVATE int sqlite3PcacheRefCount(PCache *pCache){
+SQLITE_PRIVATE i64 sqlite3PcacheRefCount(PCache *pCache){
   return pCache->nRefSum;
 }
 
 /*
 ** Return the number of references to the page supplied as an argument.
 */
-SQLITE_PRIVATE int sqlite3PcachePageRefcount(PgHdr *p){
+SQLITE_PRIVATE i64 sqlite3PcachePageRefcount(PgHdr *p){
   return p->nRef;
 }
 
@@ -52008,12 +53839,13 @@ SQLITE_PRIVATE void sqlite3PcacheIterateDirty(PCache *pCache, void (*xIter)(PgHd
 ** size can vary according to architecture, compile-time options, and
 ** SQLite library version number.
 **
-** If SQLITE_PCACHE_SEPARATE_HEADER is defined, then the extension is obtained
-** using a separate memory allocation from the database page content.  This
-** seeks to overcome the "clownshoe" problem (also called "internal
-** fragmentation" in academic literature) of allocating a few bytes more
-** than a power of two with the memory allocator rounding up to the next
-** power of two, and leaving the rounded-up space unused.
+** Historical note:  It used to be that if the SQLITE_PCACHE_SEPARATE_HEADER
+** was defined, then the page content would be held in a separate memory
+** allocation from the PgHdr1.  This was intended to avoid clownshoe memory
+** allocations.  However, the btree layer needs a small (16-byte) overrun
+** area after the page content buffer.  The header serves as that overrun
+** area.  Therefore SQLITE_PCACHE_SEPARATE_HEADER was discontinued to avoid
+** any possibility of a memory error.
 **
 ** This module tracks pointers to PgHdr1 objects.  Only pcache.c communicates
 ** with this module.  Information is passed back and forth as PgHdr1 pointers.
@@ -52058,30 +53890,40 @@ typedef struct PGroup PGroup;
 
 /*
 ** Each cache entry is represented by an instance of the following
-** structure. Unless SQLITE_PCACHE_SEPARATE_HEADER is defined, a buffer of
-** PgHdr1.pCache->szPage bytes is allocated directly before this structure
-** in memory.
+** structure. A buffer of PgHdr1.pCache->szPage bytes is allocated
+** directly before this structure and is used to cache the page content.
+**
+** When reading a corrupt database file, it is possible that SQLite might
+** read a few bytes (no more than 16 bytes) past the end of the page buffer.
+** It will only read past the end of the page buffer, never write.  This
+** object is positioned immediately after the page buffer to serve as an
+** overrun area, so that overreads are harmless.
 **
-** Note: Variables isBulkLocal and isAnchor were once type "u8". That works,
+** Variables isBulkLocal and isAnchor were once type "u8". That works,
 ** but causes a 2-byte gap in the structure for most architectures (since
 ** pointers must be either 4 or 8-byte aligned). As this structure is located
 ** in memory directly after the associated page data, if the database is
 ** corrupt, code at the b-tree layer may overread the page buffer and
 ** read part of this structure before the corruption is detected. This
 ** can cause a valgrind error if the unitialized gap is accessed. Using u16
-** ensures there is no such gap, and therefore no bytes of unitialized memory
-** in the structure.
+** ensures there is no such gap, and therefore no bytes of uninitialized
+** memory in the structure.
+**
+** The pLruNext and pLruPrev pointers form a double-linked circular list
+** of all pages that are unpinned.  The PGroup.lru element (which should be
+** the only element on the list with PgHdr1.isAnchor set to 1) forms the
+** beginning and the end of the list.
 */
 struct PgHdr1 {
-  sqlite3_pcache_page page;      /* Base class. Must be first. pBuf & pExtra */
-  unsigned int iKey;             /* Key value (page number) */
-  u16 isBulkLocal;               /* This page from bulk local storage */
-  u16 isAnchor;                  /* This is the PGroup.lru element */
-  PgHdr1 *pNext;                 /* Next in hash table chain */
-  PCache1 *pCache;               /* Cache that currently owns this page */
-  PgHdr1 *pLruNext;              /* Next in LRU list of unpinned pages */
-  PgHdr1 *pLruPrev;              /* Previous in LRU list of unpinned pages */
-                                 /* NB: pLruPrev is only valid if pLruNext!=0 */
+  sqlite3_pcache_page page; /* Base class. Must be first. pBuf & pExtra */
+  unsigned int iKey;        /* Key value (page number) */
+  u16 isBulkLocal;          /* This page from bulk local storage */
+  u16 isAnchor;             /* This is the PGroup.lru element */
+  PgHdr1 *pNext;            /* Next in hash table chain */
+  PCache1 *pCache;          /* Cache that currently owns this page */
+  PgHdr1 *pLruNext;         /* Next in circular LRU list of unpinned pages */
+  PgHdr1 *pLruPrev;         /* Previous in LRU list of unpinned pages */
+                            /* NB: pLruPrev is only valid if pLruNext!=0 */
 };
 
 /*
@@ -52407,25 +54249,13 @@ static PgHdr1 *pcache1AllocPage(PCache1 *pCache, int benignMalloc){
     pcache1LeaveMutex(pCache->pGroup);
 #endif
     if( benignMalloc ){ sqlite3BeginBenignMalloc(); }
-#ifdef SQLITE_PCACHE_SEPARATE_HEADER
-    pPg = pcache1Alloc(pCache->szPage);
-    p = sqlite3Malloc(sizeof(PgHdr1) + pCache->szExtra);
-    if( !pPg || !p ){
-      pcache1Free(pPg);
-      sqlite3_free(p);
-      pPg = 0;
-    }
-#else
     pPg = pcache1Alloc(pCache->szAlloc);
-#endif
     if( benignMalloc ){ sqlite3EndBenignMalloc(); }
 #ifdef SQLITE_ENABLE_MEMORY_MANAGEMENT
     pcache1EnterMutex(pCache->pGroup);
 #endif
     if( pPg==0 ) return 0;
-#ifndef SQLITE_PCACHE_SEPARATE_HEADER
     p = (PgHdr1 *)&((u8 *)pPg)[pCache->szPage];
-#endif
     p->page.pBuf = pPg;
     p->page.pExtra = &p[1];
     p->isBulkLocal = 0;
@@ -52449,9 +54279,6 @@ static void pcache1FreePage(PgHdr1 *p){
     pCache->pFree = p;
   }else{
     pcache1Free(p->page.pBuf);
-#ifdef SQLITE_PCACHE_SEPARATE_HEADER
-    sqlite3_free(p);
-#endif
   }
   (*pCache->pnPurgeable)--;
 }
@@ -53218,9 +55045,6 @@ SQLITE_PRIVATE int sqlite3PcacheReleaseMemory(int nReq){
        &&  p->isAnchor==0
     ){
       nFree += pcache1MemSize(p->page.pBuf);
-#ifdef SQLITE_PCACHE_SEPARATE_HEADER
-      nFree += sqlite3MemSize(p);
-#endif
       assert( PAGE_IS_UNPINNED(p) );
       pcache1PinPage(p);
       pcache1RemoveFromHash(p, 1);
@@ -56528,6 +58352,8 @@ static int pager_truncate(Pager *pPager, Pgno nPage){
   int rc = SQLITE_OK;
   assert( pPager->eState!=PAGER_ERROR );
   assert( pPager->eState!=PAGER_READER );
+  PAGERTRACE(("Truncate %d npage %u\n", PAGERID(pPager), nPage));
+
 
   if( isOpen(pPager->fd)
    && (pPager->eState>=PAGER_WRITER_DBMOD || pPager->eState==PAGER_OPEN)
@@ -56858,7 +58684,7 @@ static int pager_playback(Pager *pPager, int isHot){
     ** see if it is possible to delete the super-journal.
     */
     assert( zSuper==&pPager->pTmpSpace[4] );
-    memset(&zSuper[-4], 0, 4);
+    memset(pPager->pTmpSpace, 0, 4);
     rc = pager_delsuper(pPager, zSuper);
     testcase( rc!=SQLITE_OK );
   }
@@ -57479,7 +59305,6 @@ SQLITE_PRIVATE void sqlite3PagerShrink(Pager *pPager){
 ** Numeric values associated with these states are OFF==1, NORMAL=2,
 ** and FULL=3.
 */
-#ifndef SQLITE_OMIT_PAGER_PRAGMAS
 SQLITE_PRIVATE void sqlite3PagerSetFlags(
   Pager *pPager,        /* The pager to set safety level for */
   unsigned pgFlags      /* Various flags */
@@ -57514,7 +59339,6 @@ SQLITE_PRIVATE void sqlite3PagerSetFlags(
     pPager->doNotSpill |= SPILLFLAG_OFF;
   }
 }
-#endif
 
 /*
 ** The following global variable is incremented whenever the library
@@ -58616,7 +60440,6 @@ SQLITE_PRIVATE int sqlite3PagerOpen(
   u32 szPageDflt = SQLITE_DEFAULT_PAGE_SIZE;  /* Default page size */
   const char *zUri = 0;    /* URI args to copy */
   int nUriByte = 1;        /* Number of bytes of URI args at *zUri */
-  int nUri = 0;            /* Number of URI parameters */
 
   /* Figure out how much space is required for each journal file-handle
   ** (there are two of them, the main journal and the sub-journal).  */
@@ -58664,7 +60487,6 @@ SQLITE_PRIVATE int sqlite3PagerOpen(
     while( *z ){
       z += strlen(z)+1;
       z += strlen(z)+1;
-      nUri++;
     }
     nUriByte = (int)(&z[1] - zUri);
     assert( nUriByte>=1 );
@@ -58920,18 +60742,7 @@ SQLITE_PRIVATE int sqlite3PagerOpen(
   pPager->memDb = (u8)memDb;
   pPager->readOnly = (u8)readOnly;
   assert( useJournal || pPager->tempFile );
-  pPager->noSync = pPager->tempFile;
-  if( pPager->noSync ){
-    assert( pPager->fullSync==0 );
-    assert( pPager->extraSync==0 );
-    assert( pPager->syncFlags==0 );
-    assert( pPager->walSyncFlags==0 );
-  }else{
-    pPager->fullSync = 1;
-    pPager->extraSync = 0;
-    pPager->syncFlags = SQLITE_SYNC_NORMAL;
-    pPager->walSyncFlags = SQLITE_SYNC_NORMAL | (SQLITE_SYNC_NORMAL<<2);
-  }
+  sqlite3PagerSetFlags(pPager, (SQLITE_DEFAULT_SYNCHRONOUS+1)|PAGER_CACHESPILL);
   /* pPager->pFirst = 0; */
   /* pPager->pFirstSynced = 0; */
   /* pPager->pLast = 0; */
@@ -59460,6 +61271,10 @@ static int getPageNormal(
     if( !isOpen(pPager->fd) || pPager->dbSizepPager->mxPgno ){
         rc = SQLITE_FULL;
+        if( pgno<=pPager->dbSize ){
+          sqlite3PcacheRelease(pPg);
+          pPg = 0;
+        }
         goto pager_acquire_err;
       }
       if( noContent ){
@@ -59624,10 +61439,12 @@ SQLITE_PRIVATE DbPage *sqlite3PagerLookup(Pager *pPager, Pgno pgno){
 /*
 ** Release a page reference.
 **
-** The sqlite3PagerUnref() and sqlite3PagerUnrefNotNull() may only be
-** used if we know that the page being released is not the last page.
+** The sqlite3PagerUnref() and sqlite3PagerUnrefNotNull() may only be used
+** if we know that the page being released is not the last reference to page1.
 ** The btree layer always holds page1 open until the end, so these first
-** to routines can be used to release any page other than BtShared.pPage1.
+** two routines can be used to release any page other than BtShared.pPage1.
+** The assert() at tag-20230419-2 proves that this constraint is always
+** honored.
 **
 ** Use sqlite3PagerUnrefPageOne() to release page1.  This latter routine
 ** checks the total number of outstanding pages and if the number of
@@ -59643,7 +61460,7 @@ SQLITE_PRIVATE void sqlite3PagerUnrefNotNull(DbPage *pPg){
     sqlite3PcacheRelease(pPg);
   }
   /* Do not use this routine to release the last reference to page1 */
-  assert( sqlite3PcacheRefCount(pPager->pPCache)>0 );
+  assert( sqlite3PcacheRefCount(pPager->pPCache)>0 ); /* tag-20230419-2 */
 }
 SQLITE_PRIVATE void sqlite3PagerUnref(DbPage *pPg){
   if( pPg ) sqlite3PagerUnrefNotNull(pPg);
@@ -59709,6 +61526,7 @@ static int pager_open_journal(Pager *pPager){
 
         if( pPager->tempFile ){
           flags |= (SQLITE_OPEN_DELETEONCLOSE|SQLITE_OPEN_TEMP_JOURNAL);
+          flags |= SQLITE_OPEN_EXCLUSIVE;
           nSpill = sqlite3Config.nStmtSpill;
         }else{
           flags |= SQLITE_OPEN_MAIN_JOURNAL;
@@ -60191,7 +62009,7 @@ static int pager_incr_changecounter(Pager *pPager, int isDirectMode){
 # define DIRECT_MODE isDirectMode
 #endif
 
-  if( !pPager->changeCountDone && ALWAYS(pPager->dbSize>0) ){
+  if( !pPager->changeCountDone && pPager->dbSize>0 ){
     PgHdr *pPgHdr;                /* Reference to page 1 */
 
     assert( !pPager->tempFile && isOpen(pPager->fd) );
@@ -60931,7 +62749,11 @@ SQLITE_PRIVATE int sqlite3PagerSavepoint(Pager *pPager, int op, int iSavepoint){
 */
 SQLITE_PRIVATE const char *sqlite3PagerFilename(const Pager *pPager, int nullIfMemDb){
   static const char zFake[8] = { 0, 0, 0, 0, 0, 0, 0, 0 };
-  return (nullIfMemDb && pPager->memDb) ? &zFake[4] : pPager->zFilename;
+  if( nullIfMemDb && (pPager->memDb || sqlite3IsMemdb(pPager->pVfs)) ){
+    return &zFake[4];
+  }else{
+    return pPager->zFilename;
+  }
 }
 
 /*
@@ -61300,7 +63122,7 @@ SQLITE_PRIVATE int sqlite3PagerGetJournalMode(Pager *pPager){
 SQLITE_PRIVATE int sqlite3PagerOkToChangeJournalMode(Pager *pPager){
   assert( assert_pager_state(pPager) );
   if( pPager->eState>=PAGER_WRITER_CACHEMOD ) return 0;
-  if( isOpen(pPager->jfd) && pPager->journalOff>0 ) return 0;
+  if( NEVER(isOpen(pPager->jfd) && pPager->journalOff>0) ) return 0;
   return 1;
 }
 
@@ -61398,13 +63220,15 @@ SQLITE_PRIVATE int sqlite3PagerWalSupported(Pager *pPager){
 */
 static int pagerExclusiveLock(Pager *pPager){
   int rc;                         /* Return code */
+  u8 eOrigLock;                   /* Original lock */
 
-  assert( pPager->eLock==SHARED_LOCK || pPager->eLock==EXCLUSIVE_LOCK );
+  assert( pPager->eLock>=SHARED_LOCK );
+  eOrigLock = pPager->eLock;
   rc = pagerLockDb(pPager, EXCLUSIVE_LOCK);
   if( rc!=SQLITE_OK ){
     /* If the attempt to grab the exclusive lock failed, release the
     ** pending lock that may have been obtained instead.  */
-    pagerUnlockDb(pPager, SHARED_LOCK);
+    pagerUnlockDb(pPager, eOrigLock);
   }
 
   return rc;
@@ -62409,19 +64233,40 @@ static void walChecksumBytes(
   assert( nByte>=8 );
   assert( (nByte&0x00000007)==0 );
   assert( nByte<=65536 );
+  assert( nByte%4==0 );
 
-  if( nativeCksum ){
+  if( !nativeCksum ){
+    do {
+      s1 += BYTESWAP32(aData[0]) + s2;
+      s2 += BYTESWAP32(aData[1]) + s1;
+      aData += 2;
+    }while( aDataszPage==szPage );
+  if( (int)pWal->szPage!=szPage ){
+    return SQLITE_CORRUPT_BKPT;  /* TH3 test case: cov1/corrupt155.test */
+  }
 
   /* Setup information needed to write frames into the WAL */
   w.pWal = pWal;
@@ -66012,7 +67859,7 @@ SQLITE_PRIVATE sqlite3_file *sqlite3WalFile(Wal *pWal){
 ** byte are used.  The integer consists of all bytes that have bit 8 set and
 ** the first byte with bit 8 clear.  The most significant byte of the integer
 ** appears first.  A variable-length integer may not be more than 9 bytes long.
-** As a special case, all 8 bytes of the 9th byte are used as data.  This
+** As a special case, all 8 bits of the 9th byte are used as data.  This
 ** allows a 64-bit integer to be encoded in 9 bytes.
 **
 **    0x00                      becomes  0x00000000
@@ -66396,7 +68243,7 @@ struct BtCursor {
 #define BTCF_WriteFlag    0x01   /* True if a write cursor */
 #define BTCF_ValidNKey    0x02   /* True if info.nKey is valid */
 #define BTCF_ValidOvfl    0x04   /* True if aOverflow is valid */
-#define BTCF_AtLast       0x08   /* Cursor is pointing ot the last entry */
+#define BTCF_AtLast       0x08   /* Cursor is pointing to the last entry */
 #define BTCF_Incrblob     0x10   /* True if an incremental I/O handle */
 #define BTCF_Multiple     0x20   /* Maybe another cursor on the same btree */
 #define BTCF_Pinned       0x40   /* Cursor is busy and cannot be moved */
@@ -66514,15 +68361,15 @@ struct BtCursor {
 ** So, this macro is defined instead.
 */
 #ifndef SQLITE_OMIT_AUTOVACUUM
-#define ISAUTOVACUUM (pBt->autoVacuum)
+#define ISAUTOVACUUM(pBt) (pBt->autoVacuum)
 #else
-#define ISAUTOVACUUM 0
+#define ISAUTOVACUUM(pBt) 0
 #endif
 
 
 /*
-** This structure is passed around through all the sanity checking routines
-** in order to keep track of some global state information.
+** This structure is passed around through all the PRAGMA integrity_check
+** checking routines in order to keep track of some global state information.
 **
 ** The aRef[] array is allocated so that there is 1 bit for each page in
 ** the database. As the integrity-check proceeds, for each page used in
@@ -66538,10 +68385,12 @@ struct IntegrityCk {
   Pgno nPage;       /* Number of pages in the database */
   int mxErr;        /* Stop accumulating errors when this reaches zero */
   int nErr;         /* Number of messages written to zErrMsg so far */
-  int bOomFault;    /* A memory allocation error has occurred */
+  int rc;           /* SQLITE_OK, SQLITE_NOMEM, or SQLITE_INTERRUPT */
+  u32 nStep;        /* Number of steps into the integrity_check process */
   const char *zPfx; /* Error message prefix */
-  Pgno v1;          /* Value for first %u substitution in zPfx */
-  int v2;           /* Value for second %d substitution in zPfx */
+  Pgno v0;          /* Value for first %u substitution in zPfx (root page) */
+  Pgno v1;          /* Value for second %u substitution in zPfx (current pg) */
+  int v2;           /* Value for third %d substitution in zPfx */
   StrAccum errMsg;  /* Accumulate the error message text here */
   u32 *heap;        /* Min-heap used for analyzing cell coverage */
   sqlite3 *db;      /* Database connection running the check */
@@ -66808,6 +68657,7 @@ SQLITE_PRIVATE int sqlite3BtreeHoldsAllMutexes(sqlite3 *db){
 SQLITE_PRIVATE int sqlite3SchemaMutexHeld(sqlite3 *db, int iDb, Schema *pSchema){
   Btree *p;
   assert( db!=0 );
+  if( db->pVfs==0 && db->nDb==0 ) return 1;
   if( pSchema ) iDb = sqlite3SchemaToIndex(db, pSchema);
   assert( iDb>=0 && iDbnDb );
   if( !sqlite3_mutex_held(db->mutex) ) return 0;
@@ -67003,8 +68853,8 @@ SQLITE_PRIVATE sqlite3_uint64 sqlite3BtreeSeekCount(Btree *pBt){
 int corruptPageError(int lineno, MemPage *p){
   char *zMsg;
   sqlite3BeginBenignMalloc();
-  zMsg = sqlite3_mprintf("database corruption page %d of %s",
-      (int)p->pgno, sqlite3PagerFilename(p->pBt->pPager, 0)
+  zMsg = sqlite3_mprintf("database corruption page %u of %s",
+             p->pgno, sqlite3PagerFilename(p->pBt->pPager, 0)
   );
   sqlite3EndBenignMalloc();
   if( zMsg ){
@@ -67813,8 +69663,25 @@ SQLITE_PRIVATE int sqlite3BtreeCursorRestore(BtCursor *pCur, int *pDifferentRow)
 */
 SQLITE_PRIVATE void sqlite3BtreeCursorHint(BtCursor *pCur, int eHintType, ...){
   /* Used only by system that substitute their own storage engine */
+#ifdef SQLITE_DEBUG
+  if( ALWAYS(eHintType==BTREE_HINT_RANGE) ){
+    va_list ap;
+    Expr *pExpr;
+    Walker w;
+    memset(&w, 0, sizeof(w));
+    w.xExprCallback = sqlite3CursorRangeHintExprCheck;
+    va_start(ap, eHintType);
+    pExpr = va_arg(ap, Expr*);
+    w.u.aMem = va_arg(ap, Mem*);
+    va_end(ap);
+    assert( pExpr!=0 );
+    assert( w.u.aMem!=0 );
+    sqlite3WalkExpr(&w, pExpr);
+  }
+#endif /* SQLITE_DEBUG */
 }
-#endif
+#endif /* SQLITE_ENABLE_CURSOR_HINTS */
+
 
 /*
 ** Provide flag hints to the cursor.
@@ -67899,7 +69766,7 @@ static void ptrmapPut(BtShared *pBt, Pgno key, u8 eType, Pgno parent, int *pRC){
   pPtrmap = (u8 *)sqlite3PagerGetData(pDbPage);
 
   if( eType!=pPtrmap[offset] || get4byte(&pPtrmap[offset+1])!=parent ){
-    TRACE(("PTRMAP_UPDATE: %d->(%d,%d)\n", key, eType, parent));
+    TRACE(("PTRMAP_UPDATE: %u->(%u,%u)\n", key, eType, parent));
     *pRC= rc = sqlite3PagerWrite(pDbPage);
     if( rc==SQLITE_OK ){
       pPtrmap[offset] = eType;
@@ -68098,27 +69965,31 @@ static void btreeParseCellPtr(
   iKey = *pIter;
   if( iKey>=0x80 ){
     u8 x;
-    iKey = ((iKey&0x7f)<<7) | ((x = *++pIter) & 0x7f);
+    iKey = (iKey<<7) ^ (x = *++pIter);
     if( x>=0x80 ){
-      iKey = (iKey<<7) | ((x =*++pIter) & 0x7f);
+      iKey = (iKey<<7) ^ (x = *++pIter);
       if( x>=0x80 ){
-        iKey = (iKey<<7) | ((x = *++pIter) & 0x7f);
+        iKey = (iKey<<7) ^ 0x10204000 ^ (x = *++pIter);
         if( x>=0x80 ){
-          iKey = (iKey<<7) | ((x = *++pIter) & 0x7f);
+          iKey = (iKey<<7) ^ 0x4000 ^ (x = *++pIter);
           if( x>=0x80 ){
-            iKey = (iKey<<7) | ((x = *++pIter) & 0x7f);
+            iKey = (iKey<<7) ^ 0x4000 ^ (x = *++pIter);
             if( x>=0x80 ){
-              iKey = (iKey<<7) | ((x = *++pIter) & 0x7f);
+              iKey = (iKey<<7) ^ 0x4000 ^ (x = *++pIter);
               if( x>=0x80 ){
-                iKey = (iKey<<7) | ((x = *++pIter) & 0x7f);
+                iKey = (iKey<<7) ^ 0x4000 ^ (x = *++pIter);
                 if( x>=0x80 ){
-                  iKey = (iKey<<8) | (*++pIter);
+                  iKey = (iKey<<8) ^ 0x8000 ^ (*++pIter);
                 }
               }
             }
           }
         }
+      }else{
+        iKey ^= 0x204000;
       }
+    }else{
+      iKey ^= 0x4000;
     }
   }
   pIter++;
@@ -68195,10 +70066,53 @@ static void btreeParseCell(
 **
 ** cellSizePtrNoPayload()    =>   table internal nodes
 ** cellSizePtrTableLeaf()    =>   table leaf nodes
-** cellSizePtr()             =>   all index nodes & table leaf nodes
+** cellSizePtr()             =>   index internal nodes
+** cellSizeIdxLeaf()         =>   index leaf nodes
 */
 static u16 cellSizePtr(MemPage *pPage, u8 *pCell){
-  u8 *pIter = pCell + pPage->childPtrSize; /* For looping over bytes of pCell */
+  u8 *pIter = pCell + 4;                   /* For looping over bytes of pCell */
+  u8 *pEnd;                                /* End mark for a varint */
+  u32 nSize;                               /* Size value to return */
+
+#ifdef SQLITE_DEBUG
+  /* The value returned by this function should always be the same as
+  ** the (CellInfo.nSize) value found by doing a full parse of the
+  ** cell. If SQLITE_DEBUG is defined, an assert() at the bottom of
+  ** this function verifies that this invariant is not violated. */
+  CellInfo debuginfo;
+  pPage->xParseCell(pPage, pCell, &debuginfo);
+#endif
+
+  assert( pPage->childPtrSize==4 );
+  nSize = *pIter;
+  if( nSize>=0x80 ){
+    pEnd = &pIter[8];
+    nSize &= 0x7f;
+    do{
+      nSize = (nSize<<7) | (*++pIter & 0x7f);
+    }while( *(pIter)>=0x80 && pItermaxLocal );
+  testcase( nSize==(u32)pPage->maxLocal+1 );
+  if( nSize<=pPage->maxLocal ){
+    nSize += (u32)(pIter - pCell);
+    assert( nSize>4 );
+  }else{
+    int minLocal = pPage->minLocal;
+    nSize = minLocal + (nSize - minLocal) % (pPage->pBt->usableSize - 4);
+    testcase( nSize==pPage->maxLocal );
+    testcase( nSize==(u32)pPage->maxLocal+1 );
+    if( nSize>pPage->maxLocal ){
+      nSize = minLocal;
+    }
+    nSize += 4 + (u16)(pIter - pCell);
+  }
+  assert( nSize==debuginfo.nSize || CORRUPT_DB );
+  return (u16)nSize;
+}
+static u16 cellSizePtrIdxLeaf(MemPage *pPage, u8 *pCell){
+  u8 *pIter = pCell;                       /* For looping over bytes of pCell */
   u8 *pEnd;                                /* End mark for a varint */
   u32 nSize;                               /* Size value to return */
 
@@ -68211,6 +70125,7 @@ static u16 cellSizePtr(MemPage *pPage, u8 *pCell){
   pPage->xParseCell(pPage, pCell, &debuginfo);
 #endif
 
+  assert( pPage->childPtrSize==0 );
   nSize = *pIter;
   if( nSize>=0x80 ){
     pEnd = &pIter[8];
@@ -68380,8 +70295,7 @@ static int defragmentPage(MemPage *pPage, int nMaxFrag){
   assert( pPage->pBt->usableSize <= SQLITE_MAX_PAGE_SIZE );
   assert( pPage->nOverflow==0 );
   assert( sqlite3_mutex_held(pPage->pBt->mutex) );
-  temp = 0;
-  src = data = pPage->aData;
+  data = pPage->aData;
   hdr = pPage->hdrOffset;
   cellOffset = pPage->cellOffset;
   nCell = pPage->nCell;
@@ -68435,39 +70349,38 @@ static int defragmentPage(MemPage *pPage, int nMaxFrag){
   cbrk = usableSize;
   iCellLast = usableSize - 4;
   iCellStart = get2byte(&data[hdr+5]);
-  for(i=0; iiCellLast ){
-      return SQLITE_CORRUPT_PAGE(pPage);
-    }
-    assert( pc>=iCellStart && pc<=iCellLast );
-    size = pPage->xCellSize(pPage, &src[pc]);
-    cbrk -= size;
-    if( cbrkusableSize ){
-      return SQLITE_CORRUPT_PAGE(pPage);
-    }
-    assert( cbrk+size<=usableSize && cbrk>=iCellStart );
-    testcase( cbrk+size==usableSize );
-    testcase( pc+size==usableSize );
-    put2byte(pAddr, cbrk);
-    if( temp==0 ){
-      if( cbrk==pc ) continue;
-      temp = sqlite3PagerTempSpace(pPage->pBt->pPager);
-      memcpy(&temp[iCellStart], &data[iCellStart], usableSize - iCellStart);
-      src = temp;
+  if( nCell>0 ){
+    temp = sqlite3PagerTempSpace(pPage->pBt->pPager);
+    memcpy(&temp[iCellStart], &data[iCellStart], usableSize - iCellStart);
+    src = temp;
+    for(i=0; iiCellLast ){
+        return SQLITE_CORRUPT_PAGE(pPage);
+      }
+      assert( pc>=0 && pc<=iCellLast );
+      size = pPage->xCellSize(pPage, &src[pc]);
+      cbrk -= size;
+      if( cbrkusableSize ){
+        return SQLITE_CORRUPT_PAGE(pPage);
+      }
+      assert( cbrk+size<=usableSize && cbrk>=iCellStart );
+      testcase( cbrk+size==usableSize );
+      testcase( pc+size==usableSize );
+      put2byte(pAddr, cbrk);
+      memcpy(&data[cbrk], &src[pc], size);
     }
-    memcpy(&data[cbrk], &src[pc], size);
   }
   data[hdr+7] = 0;
 
- defragment_out:
+defragment_out:
   assert( pPage->nFree>=0 );
   if( data[hdr+7]+cbrk-iCellFirst!=pPage->nFree ){
     return SQLITE_CORRUPT_PAGE(pPage);
@@ -68524,7 +70437,6 @@ static u8 *pageFindSlot(MemPage *pPg, int nByte, int *pRc){
         ** fragmented bytes within the page. */
         memcpy(&aData[iAddr], &aData[pc], 2);
         aData[hdr+7] += (u8)x;
-        testcase( pc+x>maxPC );
         return &aData[pc];
       }else if( x+pc > maxPC ){
         /* This slot extends off the end of the usable part of the page */
@@ -68540,9 +70452,9 @@ static u8 *pageFindSlot(MemPage *pPg, int nByte, int *pRc){
     iAddr = pc;
     pTmp = &aData[pc];
     pc = get2byte(pTmp);
-    if( pc<=iAddr+size ){
+    if( pc<=iAddr ){
       if( pc ){
-        /* The next slot in the chain is not past the end of the current slot */
+        /* The next slot in the chain comes before the current slot */
         *pRc = SQLITE_CORRUPT_PAGE(pPg);
       }
       return 0;
@@ -68568,7 +70480,7 @@ static u8 *pageFindSlot(MemPage *pPg, int nByte, int *pRc){
 ** allocation is being made in order to insert a new cell, so we will
 ** also end up needing a new cell pointer.
 */
-static int allocateSpace(MemPage *pPage, int nByte, int *pIdx){
+static SQLITE_INLINE int allocateSpace(MemPage *pPage, int nByte, int *pIdx){
   const int hdr = pPage->hdrOffset;    /* Local cache of pPage->hdrOffset */
   u8 * const data = pPage->aData;      /* Local cache of pPage->aData */
   int top;                             /* First byte of cell content area */
@@ -68594,13 +70506,14 @@ static int allocateSpace(MemPage *pPage, int nByte, int *pIdx){
   ** integer, so a value of 0 is used in its place. */
   pTmp = &data[hdr+5];
   top = get2byte(pTmp);
-  assert( top<=(int)pPage->pBt->usableSize ); /* by btreeComputeFreeSpace() */
   if( gap>top ){
     if( top==0 && pPage->pBt->usableSize==65536 ){
       top = 65536;
     }else{
       return SQLITE_CORRUPT_PAGE(pPage);
     }
+  }else if( top>(int)pPage->pBt->usableSize ){
+    return SQLITE_CORRUPT_PAGE(pPage);
   }
 
   /* If there is enough space between gap and top for one more cell pointer,
@@ -68683,7 +70596,7 @@ static int freeSpace(MemPage *pPage, u16 iStart, u16 iSize){
   assert( CORRUPT_DB || iEnd <= pPage->pBt->usableSize );
   assert( sqlite3_mutex_held(pPage->pBt->mutex) );
   assert( iSize>=4 );   /* Minimum cell size is 4 */
-  assert( iStart<=pPage->pBt->usableSize-4 );
+  assert( CORRUPT_DB || iStart<=pPage->pBt->usableSize-4 );
 
   /* The list of freeblocks must be in ascending order.  Find the
   ** spot on the list where iStart should be inserted.
@@ -68694,7 +70607,7 @@ static int freeSpace(MemPage *pPage, u16 iStart, u16 iSize){
     iFreeBlk = 0;  /* Shortcut for the case when the freelist is empty */
   }else{
     while( (iFreeBlk = get2byte(&data[iPtr]))pBt->btsFlags & BTS_FAST_SECURE ){
+    /* Overwrite deleted information with zeros when the secure_delete
+    ** option is enabled */
+    memset(&data[iStart], 0, iSize);
+  }
   if( iStart<=x ){
     /* The new freeblock is at the beginning of the cell content area,
     ** so just extend the cell content area rather than create another
@@ -68751,14 +70669,9 @@ static int freeSpace(MemPage *pPage, u16 iStart, u16 iSize){
   }else{
     /* Insert the new freeblock into the freelist */
     put2byte(&data[iPtr], iStart);
+    put2byte(&data[iStart], iFreeBlk);
+    put2byte(&data[iStart+2], iSize);
   }
-  if( pPage->pBt->btsFlags & BTS_FAST_SECURE ){
-    /* Overwrite deleted information with zeros when the secure_delete
-    ** option is enabled */
-    memset(&data[iStart], 0, iSize);
-  }
-  put2byte(&data[iStart], iFreeBlk);
-  put2byte(&data[iStart+2], iSize);
   pPage->nFree += iOrigSize;
   return SQLITE_OK;
 }
@@ -68770,62 +70683,67 @@ static int freeSpace(MemPage *pPage, u16 iStart, u16 iSize){
 ** Only the following combinations are supported.  Anything different
 ** indicates a corrupt database files:
 **
-**         PTF_ZERODATA
-**         PTF_ZERODATA | PTF_LEAF
-**         PTF_LEAFDATA | PTF_INTKEY
-**         PTF_LEAFDATA | PTF_INTKEY | PTF_LEAF
+**         PTF_ZERODATA                             (0x02,  2)
+**         PTF_LEAFDATA | PTF_INTKEY                (0x05,  5)
+**         PTF_ZERODATA | PTF_LEAF                  (0x0a, 10)
+**         PTF_LEAFDATA | PTF_INTKEY | PTF_LEAF     (0x0d, 13)
 */
 static int decodeFlags(MemPage *pPage, int flagByte){
   BtShared *pBt;     /* A copy of pPage->pBt */
 
   assert( pPage->hdrOffset==(pPage->pgno==1 ? 100 : 0) );
   assert( sqlite3_mutex_held(pPage->pBt->mutex) );
-  pPage->leaf = (u8)(flagByte>>3);  assert( PTF_LEAF == 1<<3 );
-  flagByte &= ~PTF_LEAF;
-  pPage->childPtrSize = 4-4*pPage->leaf;
   pBt = pPage->pBt;
-  if( flagByte==(PTF_LEAFDATA | PTF_INTKEY) ){
-    /* EVIDENCE-OF: R-07291-35328 A value of 5 (0x05) means the page is an
-    ** interior table b-tree page. */
-    assert( (PTF_LEAFDATA|PTF_INTKEY)==5 );
-    /* EVIDENCE-OF: R-26900-09176 A value of 13 (0x0d) means the page is a
-    ** leaf table b-tree page. */
-    assert( (PTF_LEAFDATA|PTF_INTKEY|PTF_LEAF)==13 );
-    pPage->intKey = 1;
-    if( pPage->leaf ){
+  pPage->max1bytePayload = pBt->max1bytePayload;
+  if( flagByte>=(PTF_ZERODATA | PTF_LEAF) ){
+    pPage->childPtrSize = 0;
+    pPage->leaf = 1;
+    if( flagByte==(PTF_LEAFDATA | PTF_INTKEY | PTF_LEAF) ){
       pPage->intKeyLeaf = 1;
       pPage->xCellSize = cellSizePtrTableLeaf;
       pPage->xParseCell = btreeParseCellPtr;
+      pPage->intKey = 1;
+      pPage->maxLocal = pBt->maxLeaf;
+      pPage->minLocal = pBt->minLeaf;
+    }else if( flagByte==(PTF_ZERODATA | PTF_LEAF) ){
+      pPage->intKey = 0;
+      pPage->intKeyLeaf = 0;
+      pPage->xCellSize = cellSizePtrIdxLeaf;
+      pPage->xParseCell = btreeParseCellPtrIndex;
+      pPage->maxLocal = pBt->maxLocal;
+      pPage->minLocal = pBt->minLocal;
     }else{
+      pPage->intKey = 0;
+      pPage->intKeyLeaf = 0;
+      pPage->xCellSize = cellSizePtrIdxLeaf;
+      pPage->xParseCell = btreeParseCellPtrIndex;
+      return SQLITE_CORRUPT_PAGE(pPage);
+    }
+  }else{
+    pPage->childPtrSize = 4;
+    pPage->leaf = 0;
+    if( flagByte==(PTF_ZERODATA) ){
+      pPage->intKey = 0;
+      pPage->intKeyLeaf = 0;
+      pPage->xCellSize = cellSizePtr;
+      pPage->xParseCell = btreeParseCellPtrIndex;
+      pPage->maxLocal = pBt->maxLocal;
+      pPage->minLocal = pBt->minLocal;
+    }else if( flagByte==(PTF_LEAFDATA | PTF_INTKEY) ){
       pPage->intKeyLeaf = 0;
       pPage->xCellSize = cellSizePtrNoPayload;
       pPage->xParseCell = btreeParseCellPtrNoPayload;
+      pPage->intKey = 1;
+      pPage->maxLocal = pBt->maxLeaf;
+      pPage->minLocal = pBt->minLeaf;
+    }else{
+      pPage->intKey = 0;
+      pPage->intKeyLeaf = 0;
+      pPage->xCellSize = cellSizePtr;
+      pPage->xParseCell = btreeParseCellPtrIndex;
+      return SQLITE_CORRUPT_PAGE(pPage);
     }
-    pPage->maxLocal = pBt->maxLeaf;
-    pPage->minLocal = pBt->minLeaf;
-  }else if( flagByte==PTF_ZERODATA ){
-    /* EVIDENCE-OF: R-43316-37308 A value of 2 (0x02) means the page is an
-    ** interior index b-tree page. */
-    assert( (PTF_ZERODATA)==2 );
-    /* EVIDENCE-OF: R-59615-42828 A value of 10 (0x0a) means the page is a
-    ** leaf index b-tree page. */
-    assert( (PTF_ZERODATA|PTF_LEAF)==10 );
-    pPage->intKey = 0;
-    pPage->intKeyLeaf = 0;
-    pPage->xCellSize = cellSizePtr;
-    pPage->xParseCell = btreeParseCellPtrIndex;
-    pPage->maxLocal = pBt->maxLocal;
-    pPage->minLocal = pBt->minLocal;
-  }else{
-    /* EVIDENCE-OF: R-47608-56469 Any other value for the b-tree page type is
-    ** an error. */
-    pPage->intKey = 0;
-    pPage->intKeyLeaf = 0;
-    pPage->xCellSize = cellSizePtr;
-    pPage->xParseCell = btreeParseCellPtrIndex;
-    return SQLITE_CORRUPT_PAGE(pPage);
   }
-  pPage->max1bytePayload = pBt->max1bytePayload;
   return SQLITE_OK;
 }
 
@@ -69176,9 +71094,7 @@ static int getAndInitPage(
     pCur->pPage = pCur->apPage[pCur->iPage];
   }
   testcase( pgno==0 );
-  assert( pgno!=0 || rc==SQLITE_CORRUPT
-                  || rc==SQLITE_IOERR_NOMEM
-                  || rc==SQLITE_NOMEM );
+  assert( pgno!=0 || rc!=SQLITE_OK );
   return rc;
 }
 
@@ -70614,6 +72530,9 @@ static int modifyPagePointer(MemPage *pPage, Pgno iFrom, Pgno iTo, u8 eType){
           }
         }
       }else{
+        if( pCell+4 > pPage->aData+pPage->pBt->usableSize ){
+          return SQLITE_CORRUPT_PAGE(pPage);
+        }
         if( get4byte(pCell)==iFrom ){
           put4byte(pCell, iTo);
           break;
@@ -70662,7 +72581,7 @@ static int relocatePage(
   if( iDbPage<3 ) return SQLITE_CORRUPT_BKPT;
 
   /* Move page iDbPage from its current location to page number iFreePage */
-  TRACE(("AUTOVACUUM: Moving %d to free page %d (ptr page %d type %d)\n",
+  TRACE(("AUTOVACUUM: Moving %u to free page %u (ptr page %u type %u)\n",
       iDbPage, iFreePage, iPtrPage, eType));
   rc = sqlite3PagerMovepage(pPager, pDbPage->pDbPage, iFreePage, isCommit);
   if( rc!=SQLITE_OK ){
@@ -72120,8 +74039,6 @@ SQLITE_PRIVATE const void *sqlite3BtreePayloadFetch(BtCursor *pCur, u32 *pAmt){
 ** vice-versa).
 */
 static int moveToChild(BtCursor *pCur, u32 newPgno){
-  BtShared *pBt = pCur->pBt;
-
   assert( cursorOwnsBtShared(pCur) );
   assert( pCur->eState==CURSOR_VALID );
   assert( pCur->iPageapPage[pCur->iPage] = pCur->pPage;
   pCur->ix = 0;
   pCur->iPage++;
-  return getAndInitPage(pBt, newPgno, &pCur->pPage, pCur, pCur->curPagerFlags);
+  return getAndInitPage(pCur->pBt, newPgno, &pCur->pPage, pCur,
+                        pCur->curPagerFlags);
 }
 
 #ifdef SQLITE_DEBUG
@@ -72241,7 +74159,7 @@ static int moveToRoot(BtCursor *pCur){
       }
       sqlite3BtreeClearCursor(pCur);
     }
-    rc = getAndInitPage(pCur->pBtree->pBt, pCur->pgnoRoot, &pCur->pPage,
+    rc = getAndInitPage(pCur->pBt, pCur->pgnoRoot, &pCur->pPage,
                         0, pCur->curPagerFlags);
     if( rc!=SQLITE_OK ){
       pCur->eState = CURSOR_INVALID;
@@ -72365,9 +74283,25 @@ SQLITE_PRIVATE int sqlite3BtreeFirst(BtCursor *pCur, int *pRes){
 ** on success.  Set *pRes to 0 if the cursor actually points to something
 ** or set *pRes to 1 if the table is empty.
 */
+static SQLITE_NOINLINE int btreeLast(BtCursor *pCur, int *pRes){
+  int rc = moveToRoot(pCur);
+  if( rc==SQLITE_OK ){
+    assert( pCur->eState==CURSOR_VALID );
+    *pRes = 0;
+    rc = moveToRightmost(pCur);
+    if( rc==SQLITE_OK ){
+      pCur->curFlags |= BTCF_AtLast;
+    }else{
+      pCur->curFlags &= ~BTCF_AtLast;
+    }
+  }else if( rc==SQLITE_EMPTY ){
+    assert( pCur->pgnoRoot==0 || pCur->pPage->nCell==0 );
+    *pRes = 1;
+    rc = SQLITE_OK;
+  }
+  return rc;
+}
 SQLITE_PRIVATE int sqlite3BtreeLast(BtCursor *pCur, int *pRes){
-  int rc;
-
   assert( cursorOwnsBtShared(pCur) );
   assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
 
@@ -72388,23 +74322,7 @@ SQLITE_PRIVATE int sqlite3BtreeLast(BtCursor *pCur, int *pRes){
     *pRes = 0;
     return SQLITE_OK;
   }
-
-  rc = moveToRoot(pCur);
-  if( rc==SQLITE_OK ){
-    assert( pCur->eState==CURSOR_VALID );
-    *pRes = 0;
-    rc = moveToRightmost(pCur);
-    if( rc==SQLITE_OK ){
-      pCur->curFlags |= BTCF_AtLast;
-    }else{
-      pCur->curFlags &= ~BTCF_AtLast;
-    }
-  }else if( rc==SQLITE_EMPTY ){
-    assert( pCur->pgnoRoot==0 || pCur->pPage->nCell==0 );
-    *pRes = 1;
-    rc = SQLITE_OK;
-  }
-  return rc;
+  return btreeLast(pCur, pRes);
 }
 
 /* Move the cursor so that it points to an entry in a table (a.k.a INTKEY)
@@ -72949,14 +74867,8 @@ static SQLITE_NOINLINE int btreeNext(BtCursor *pCur){
 
   pPage = pCur->pPage;
   idx = ++pCur->ix;
-  if( !pPage->isInit || sqlite3FaultSim(412) ){
-    /* The only known way for this to happen is for there to be a
-    ** recursive SQL function that does a DELETE operation as part of a
-    ** SELECT which deletes content out from under an active cursor
-    ** in a corrupt database file where the table being DELETE-ed from
-    ** has pages in common with the table being queried.  See TH3
-    ** module cov1/btree78.test testcase 220 (2018-06-08) for an
-    ** example. */
+  if( sqlite3FaultSim(412) ) pPage->isInit = 0;
+  if( !pPage->isInit ){
     return SQLITE_CORRUPT_BKPT;
   }
 
@@ -73132,8 +75044,8 @@ static int allocateBtreePage(
   assert( eMode==BTALLOC_ANY || (nearby>0 && IfNotOmitAV(pBt->autoVacuum)) );
   pPage1 = pBt->pPage1;
   mxPage = btreePagecount(pBt);
-  /* EVIDENCE-OF: R-05119-02637 The 4-byte big-endian integer at offset 36
-  ** stores stores the total number of pages on the freelist. */
+  /* EVIDENCE-OF: R-21003-45125 The 4-byte big-endian integer at offset 36
+  ** stores the total number of pages on the freelist. */
   n = get4byte(&pPage1->aData[36]);
   testcase( n==mxPage-1 );
   if( n>=mxPage ){
@@ -73219,7 +75131,7 @@ static int allocateBtreePage(
         memcpy(&pPage1->aData[32], &pTrunk->aData[0], 4);
         *ppPage = pTrunk;
         pTrunk = 0;
-        TRACE(("ALLOCATE: %d trunk - %d free pages left\n", *pPgno, n-1));
+        TRACE(("ALLOCATE: %u trunk - %u free pages left\n", *pPgno, n-1));
       }else if( k>(u32)(pBt->usableSize/4 - 2) ){
         /* Value of k is out of range.  Database corruption */
         rc = SQLITE_CORRUPT_PGNO(iTrunk);
@@ -73285,7 +75197,7 @@ static int allocateBtreePage(
           }
         }
         pTrunk = 0;
-        TRACE(("ALLOCATE: %d trunk - %d free pages left\n", *pPgno, n-1));
+        TRACE(("ALLOCATE: %u trunk - %u free pages left\n", *pPgno, n-1));
 #endif
       }else if( k>0 ){
         /* Extract a leaf from the trunk */
@@ -73330,8 +75242,8 @@ static int allocateBtreePage(
         ){
           int noContent;
           *pPgno = iPage;
-          TRACE(("ALLOCATE: %d was leaf %d of %d on trunk %d"
-                 ": %d more free pages\n",
+          TRACE(("ALLOCATE: %u was leaf %u of %u on trunk %u"
+                 ": %u more free pages\n",
                  *pPgno, closest+1, k, pTrunk->pgno, n-1));
           rc = sqlite3PagerWrite(pTrunk->pDbPage);
           if( rc ) goto end_allocate_page;
@@ -73387,7 +75299,7 @@ static int allocateBtreePage(
       ** becomes a new pointer-map page, the second is used by the caller.
       */
       MemPage *pPg = 0;
-      TRACE(("ALLOCATE: %d from end of file (pointer-map page)\n", pBt->nPage));
+      TRACE(("ALLOCATE: %u from end of file (pointer-map page)\n", pBt->nPage));
       assert( pBt->nPage!=PENDING_BYTE_PAGE(pBt) );
       rc = btreeGetUnusedPage(pBt, pBt->nPage, &pPg, bNoContent);
       if( rc==SQLITE_OK ){
@@ -73410,7 +75322,7 @@ static int allocateBtreePage(
       releasePage(*ppPage);
       *ppPage = 0;
     }
-    TRACE(("ALLOCATE: %d from end of file\n", *pPgno));
+    TRACE(("ALLOCATE: %u from end of file\n", *pPgno));
   }
 
   assert( CORRUPT_DB || *pPgno!=PENDING_BYTE_PAGE(pBt) );
@@ -73478,7 +75390,7 @@ static int freePage2(BtShared *pBt, MemPage *pMemPage, Pgno iPage){
   /* If the database supports auto-vacuum, write an entry in the pointer-map
   ** to indicate that the page is free.
   */
-  if( ISAUTOVACUUM ){
+  if( ISAUTOVACUUM(pBt) ){
     ptrmapPut(pBt, iPage, PTRMAP_FREEPAGE, 0, &rc);
     if( rc ) goto freepage_out;
   }
@@ -73538,7 +75450,7 @@ static int freePage2(BtShared *pBt, MemPage *pMemPage, Pgno iPage){
         }
         rc = btreeSetHasContent(pBt, iPage);
       }
-      TRACE(("FREE-PAGE: %d leaf on trunk page %d\n",pPage->pgno,pTrunk->pgno));
+      TRACE(("FREE-PAGE: %u leaf on trunk page %u\n",pPage->pgno,pTrunk->pgno));
       goto freepage_out;
     }
   }
@@ -73559,7 +75471,7 @@ static int freePage2(BtShared *pBt, MemPage *pMemPage, Pgno iPage){
   put4byte(pPage->aData, iTrunk);
   put4byte(&pPage->aData[4], 0);
   put4byte(&pPage1->aData[32], iPage);
-  TRACE(("FREE-PAGE: %d new trunk page replacing %d\n", pPage->pgno, iTrunk));
+  TRACE(("FREE-PAGE: %u new trunk page replacing %u\n", pPage->pgno, iTrunk));
 
 freepage_out:
   if( pPage ){
@@ -73882,12 +75794,6 @@ static void dropCell(MemPage *pPage, int idx, int sz, int *pRC){
   assert( pPage->pBt->usableSize > (u32)(ptr-data) );
   pc = get2byte(ptr);
   hdr = pPage->hdrOffset;
-#if 0  /* Not required.  Omit for efficiency */
-  if( pcnCell*2 ){
-    *pRC = SQLITE_CORRUPT_BKPT;
-    return;
-  }
-#endif
   testcase( pc==(u32)get2byte(&data[hdr+5]) );
   testcase( pc+sz==pPage->pBt->usableSize );
   if( pc+sz > pPage->pBt->usableSize ){
@@ -73925,23 +75831,27 @@ static void dropCell(MemPage *pPage, int idx, int sz, int *pRC){
 ** Allocating a new entry in pPage->aCell[] implies that
 ** pPage->nOverflow is incremented.
 **
-** *pRC must be SQLITE_OK when this routine is called.
+** The insertCellFast() routine below works exactly the same as
+** insertCell() except that it lacks the pTemp and iChild parameters
+** which are assumed zero.  Other than that, the two routines are the
+** same.
+**
+** Fixes or enhancements to this routine should be reflected in
+** insertCellFast()!
 */
-static void insertCell(
+static int insertCell(
   MemPage *pPage,   /* Page into which we are copying */
   int i,            /* New cell becomes the i-th cell of the page */
   u8 *pCell,        /* Content of the new cell */
   int sz,           /* Bytes of content in pCell */
   u8 *pTemp,        /* Temp storage space for pCell, if needed */
-  Pgno iChild,      /* If non-zero, replace first 4 bytes with this value */
-  int *pRC          /* Read and write return code from here */
+  Pgno iChild       /* If non-zero, replace first 4 bytes with this value */
 ){
   int idx = 0;      /* Where to write new cell content in data[] */
   int j;            /* Loop counter */
   u8 *data;         /* The content of the whole page */
   u8 *pIns;         /* The point in pPage->aCellIdx[] where no cell inserted */
 
-  assert( *pRC==SQLITE_OK );
   assert( i>=0 && i<=pPage->nCell+pPage->nOverflow );
   assert( MX_CELL(pPage->pBt)<=10921 );
   assert( pPage->nCell<=MX_CELL(pPage->pBt) || CORRUPT_DB );
@@ -73950,14 +75860,103 @@ static void insertCell(
   assert( sqlite3_mutex_held(pPage->pBt->mutex) );
   assert( sz==pPage->xCellSize(pPage, pCell) || CORRUPT_DB );
   assert( pPage->nFree>=0 );
+  assert( iChild>0 );
   if( pPage->nOverflow || sz+2>pPage->nFree ){
     if( pTemp ){
       memcpy(pTemp, pCell, sz);
       pCell = pTemp;
     }
-    if( iChild ){
-      put4byte(pCell, iChild);
+    put4byte(pCell, iChild);
+    j = pPage->nOverflow++;
+    /* Comparison against ArraySize-1 since we hold back one extra slot
+    ** as a contingency.  In other words, never need more than 3 overflow
+    ** slots but 4 are allocated, just to be safe. */
+    assert( j < ArraySize(pPage->apOvfl)-1 );
+    pPage->apOvfl[j] = pCell;
+    pPage->aiOvfl[j] = (u16)i;
+
+    /* When multiple overflows occur, they are always sequential and in
+    ** sorted order.  This invariants arise because multiple overflows can
+    ** only occur when inserting divider cells into the parent page during
+    ** balancing, and the dividers are adjacent and sorted.
+    */
+    assert( j==0 || pPage->aiOvfl[j-1]<(u16)i ); /* Overflows in sorted order */
+    assert( j==0 || i==pPage->aiOvfl[j-1]+1 );   /* Overflows are sequential */
+  }else{
+    int rc = sqlite3PagerWrite(pPage->pDbPage);
+    if( NEVER(rc!=SQLITE_OK) ){
+      return rc;
     }
+    assert( sqlite3PagerIswriteable(pPage->pDbPage) );
+    data = pPage->aData;
+    assert( &data[pPage->cellOffset]==pPage->aCellIdx );
+    rc = allocateSpace(pPage, sz, &idx);
+    if( rc ){ return rc; }
+    /* The allocateSpace() routine guarantees the following properties
+    ** if it returns successfully */
+    assert( idx >= 0 );
+    assert( idx >= pPage->cellOffset+2*pPage->nCell+2 || CORRUPT_DB );
+    assert( idx+sz <= (int)pPage->pBt->usableSize );
+    pPage->nFree -= (u16)(2 + sz);
+    /* In a corrupt database where an entry in the cell index section of
+    ** a btree page has a value of 3 or less, the pCell value might point
+    ** as many as 4 bytes in front of the start of the aData buffer for
+    ** the source page.  Make sure this does not cause problems by not
+    ** reading the first 4 bytes */
+    memcpy(&data[idx+4], pCell+4, sz-4);
+    put4byte(&data[idx], iChild);
+    pIns = pPage->aCellIdx + i*2;
+    memmove(pIns+2, pIns, 2*(pPage->nCell - i));
+    put2byte(pIns, idx);
+    pPage->nCell++;
+    /* increment the cell count */
+    if( (++data[pPage->hdrOffset+4])==0 ) data[pPage->hdrOffset+3]++;
+    assert( get2byte(&data[pPage->hdrOffset+3])==pPage->nCell || CORRUPT_DB );
+#ifndef SQLITE_OMIT_AUTOVACUUM
+    if( pPage->pBt->autoVacuum ){
+      int rc2 = SQLITE_OK;
+      /* The cell may contain a pointer to an overflow page. If so, write
+      ** the entry for the overflow page into the pointer map.
+      */
+      ptrmapPutOvflPtr(pPage, pPage, pCell, &rc2);
+      if( rc2 ) return rc2;
+    }
+#endif
+  }
+  return SQLITE_OK;
+}
+
+/*
+** This variant of insertCell() assumes that the pTemp and iChild
+** parameters are both zero.  Use this variant in sqlite3BtreeInsert()
+** for performance improvement, and also so that this variant is only
+** called from that one place, and is thus inlined, and thus runs must
+** faster.
+**
+** Fixes or enhancements to this routine should be reflected into
+** the insertCell() routine.
+*/
+static int insertCellFast(
+  MemPage *pPage,   /* Page into which we are copying */
+  int i,            /* New cell becomes the i-th cell of the page */
+  u8 *pCell,        /* Content of the new cell */
+  int sz            /* Bytes of content in pCell */
+){
+  int idx = 0;      /* Where to write new cell content in data[] */
+  int j;            /* Loop counter */
+  u8 *data;         /* The content of the whole page */
+  u8 *pIns;         /* The point in pPage->aCellIdx[] where no cell inserted */
+
+  assert( i>=0 && i<=pPage->nCell+pPage->nOverflow );
+  assert( MX_CELL(pPage->pBt)<=10921 );
+  assert( pPage->nCell<=MX_CELL(pPage->pBt) || CORRUPT_DB );
+  assert( pPage->nOverflow<=ArraySize(pPage->apOvfl) );
+  assert( ArraySize(pPage->apOvfl)==ArraySize(pPage->aiOvfl) );
+  assert( sqlite3_mutex_held(pPage->pBt->mutex) );
+  assert( sz==pPage->xCellSize(pPage, pCell) || CORRUPT_DB );
+  assert( pPage->nFree>=0 );
+  assert( pPage->nOverflow==0 );
+  if( sz+2>pPage->nFree ){
     j = pPage->nOverflow++;
     /* Comparison against ArraySize-1 since we hold back one extra slot
     ** as a contingency.  In other words, never need more than 3 overflow
@@ -73976,31 +75975,20 @@ static void insertCell(
   }else{
     int rc = sqlite3PagerWrite(pPage->pDbPage);
     if( rc!=SQLITE_OK ){
-      *pRC = rc;
-      return;
+      return rc;
     }
     assert( sqlite3PagerIswriteable(pPage->pDbPage) );
     data = pPage->aData;
     assert( &data[pPage->cellOffset]==pPage->aCellIdx );
     rc = allocateSpace(pPage, sz, &idx);
-    if( rc ){ *pRC = rc; return; }
+    if( rc ){ return rc; }
     /* The allocateSpace() routine guarantees the following properties
     ** if it returns successfully */
     assert( idx >= 0 );
     assert( idx >= pPage->cellOffset+2*pPage->nCell+2 || CORRUPT_DB );
     assert( idx+sz <= (int)pPage->pBt->usableSize );
     pPage->nFree -= (u16)(2 + sz);
-    if( iChild ){
-      /* In a corrupt database where an entry in the cell index section of
-      ** a btree page has a value of 3 or less, the pCell value might point
-      ** as many as 4 bytes in front of the start of the aData buffer for
-      ** the source page.  Make sure this does not cause problems by not
-      ** reading the first 4 bytes */
-      memcpy(&data[idx+4], pCell+4, sz-4);
-      put4byte(&data[idx], iChild);
-    }else{
-      memcpy(&data[idx], pCell, sz);
-    }
+    memcpy(&data[idx], pCell, sz);
     pIns = pPage->aCellIdx + i*2;
     memmove(pIns+2, pIns, 2*(pPage->nCell - i));
     put2byte(pIns, idx);
@@ -74010,13 +75998,16 @@ static void insertCell(
     assert( get2byte(&data[pPage->hdrOffset+3])==pPage->nCell || CORRUPT_DB );
 #ifndef SQLITE_OMIT_AUTOVACUUM
     if( pPage->pBt->autoVacuum ){
+      int rc2 = SQLITE_OK;
       /* The cell may contain a pointer to an overflow page. If so, write
       ** the entry for the overflow page into the pointer map.
       */
-      ptrmapPutOvflPtr(pPage, pPage, pCell, pRC);
+      ptrmapPutOvflPtr(pPage, pPage, pCell, &rc2);
+      if( rc2 ) return rc2;
     }
 #endif
   }
+  return SQLITE_OK;
 }
 
 /*
@@ -74117,14 +76108,16 @@ struct CellArray {
 ** computed.
 */
 static void populateCellCache(CellArray *p, int idx, int N){
+  MemPage *pRef = p->pRef;
+  u16 *szCell = p->szCell;
   assert( idx>=0 && idx+N<=p->nCell );
   while( N>0 ){
     assert( p->apCell[idx]!=0 );
-    if( p->szCell[idx]==0 ){
-      p->szCell[idx] = p->pRef->xCellSize(p->pRef, p->apCell[idx]);
+    if( szCell[idx]==0 ){
+      szCell[idx] = pRef->xCellSize(pRef, p->apCell[idx]);
     }else{
       assert( CORRUPT_DB ||
-              p->szCell[idx]==p->pRef->xCellSize(p->pRef, p->apCell[idx]) );
+              szCell[idx]==pRef->xCellSize(pRef, p->apCell[idx]) );
     }
     idx++;
     N--;
@@ -74180,7 +76173,7 @@ static int rebuildPage(
 
   assert( i(u32)usableSize ){ j = 0; }
+  if( NEVER(j>(u32)usableSize) ){ j = 0; }
   memcpy(&pTmp[j], &aData[j], usableSize - j);
 
   for(k=0; pCArray->ixNx[k]<=i && ALWAYS(kpBt->usableSize];
   u8 * const pStart = &aData[pPg->hdrOffset + 8 + pPg->childPtrSize];
   int nRet = 0;
-  int i;
+  int i, j;
   int iEnd = iFirst + nCell;
-  u8 *pFree = 0;
-  int szFree = 0;
+  int nFree = 0;
+  int aOfst[10];
+  int aAfter[10];
 
   for(i=iFirst; iapCell[i];
     if( SQLITE_WITHIN(pCell, pStart, pEnd) ){
       int sz;
+      int iAfter;
+      int iOfst;
       /* No need to use cachedCellSize() here.  The sizes of all cells that
       ** are to be freed have already been computing while deciding which
       ** cells need freeing */
       sz = pCArray->szCell[i];  assert( sz>0 );
-      if( pFree!=(pCell + sz) ){
-        if( pFree ){
-          assert( pFree>aData && (pFree - aData)<65536 );
-          freeSpace(pPg, (u16)(pFree - aData), szFree);
-        }
-        pFree = pCell;
-        szFree = sz;
-        if( pFree+sz>pEnd ){
-          return 0;
+      iOfst = (u16)(pCell - aData);
+      iAfter = iOfst+sz;
+      for(j=0; j=nFree ){
+        if( nFree>=(int)(sizeof(aOfst)/sizeof(aOfst[0])) ){
+          for(j=0; jpEnd ) return 0;
+        nFree++;
       }
       nRet++;
     }
   }
-  if( pFree ){
-    assert( pFree>aData && (pFree - aData)<65536 );
-    freeSpace(pPg, (u16)(pFree - aData), szFree);
+  for(j=0; jpPg->aDataEnd ) goto editpage_fail;
+  if( NEVER(pData>pPg->aDataEnd) ) goto editpage_fail;
 
   /* Add cells to the start of the page */
   if( iNewpgno, &rc);
       if( szCell>pNew->minLocal ){
         ptrmapPutOvflPtr(pNew, pNew, pCell, &rc);
@@ -74583,8 +76587,8 @@ static int balance_quick(MemPage *pParent, MemPage *pPage, u8 *pSpace){
 
     /* Insert the new divider cell into pParent. */
     if( rc==SQLITE_OK ){
-      insertCell(pParent, pParent->nCell, pSpace, (int)(pOut-pSpace),
-                   0, pPage->pgno, &rc);
+      rc = insertCell(pParent, pParent->nCell, pSpace, (int)(pOut-pSpace),
+                      0, pPage->pgno);
     }
 
     /* Set the right-child pointer of pParent to point to the new page. */
@@ -74693,7 +76697,7 @@ static void copyNodeContent(MemPage *pFrom, MemPage *pTo, int *pRC){
     /* If this is an auto-vacuum database, update the pointer-map entries
     ** for any b-tree or overflow pages that pTo now contains the pointers to.
     */
-    if( ISAUTOVACUUM ){
+    if( ISAUTOVACUUM(pBt) ){
       *pRC = setChildPtrmaps(pTo);
     }
   }
@@ -75117,15 +77121,17 @@ static int balance_nonroot(
     d = r + 1 - leafData;
     (void)cachedCellSize(&b, d);
     do{
+      int szR, szD;
       assert( d szLeft-(b.szCell[r]+(i==k-1?0:2)))){
+       && (bBulk || szRight+szD+2 > szLeft-(szR+(i==k-1?0:2)))){
         break;
       }
-      szRight += b.szCell[d] + 2;
-      szLeft -= b.szCell[r] + 2;
+      szRight += szD + 2;
+      szLeft -= szR + 2;
       cntNew[i-1] = r;
       r--;
       d--;
@@ -75146,7 +77152,7 @@ static int balance_nonroot(
   **        that page.
   */
   assert( cntNew[0]>0 || (pParent->pgno==1 && pParent->nCell==0) || CORRUPT_DB);
-  TRACE(("BALANCE: old: %d(nc=%d) %d(nc=%d) %d(nc=%d)\n",
+  TRACE(("BALANCE: old: %u(nc=%u) %u(nc=%u) %u(nc=%u)\n",
     apOld[0]->pgno, apOld[0]->nCell,
     nOld>=2 ? apOld[1]->pgno : 0, nOld>=2 ? apOld[1]->nCell : 0,
     nOld>=3 ? apOld[2]->pgno : 0, nOld>=3 ? apOld[2]->nCell : 0
@@ -75179,7 +77185,7 @@ static int balance_nonroot(
       cntOld[i] = b.nCell;
 
       /* Set the pointer-map entry for the new sibling page. */
-      if( ISAUTOVACUUM ){
+      if( ISAUTOVACUUM(pBt) ){
         ptrmapPut(pBt, pNew->pgno, PTRMAP_BTREE, pParent->pgno, &rc);
         if( rc!=SQLITE_OK ){
           goto balance_cleanup;
@@ -75230,8 +77236,8 @@ static int balance_nonroot(
     }
   }
 
-  TRACE(("BALANCE: new: %d(%d nc=%d) %d(%d nc=%d) %d(%d nc=%d) "
-         "%d(%d nc=%d) %d(%d nc=%d)\n",
+  TRACE(("BALANCE: new: %u(%u nc=%u) %u(%u nc=%u) %u(%u nc=%u) "
+         "%u(%u nc=%u) %u(%u nc=%u)\n",
     apNew[0]->pgno, szNew[0], cntNew[0],
     nNew>=2 ? apNew[1]->pgno : 0, nNew>=2 ? szNew[1] : 0,
     nNew>=2 ? cntNew[1] - cntNew[0] - !leafData : 0,
@@ -75272,7 +77278,7 @@ static int balance_nonroot(
   ** updated. This happens below, after the sibling pages have been
   ** populated, not here.
   */
-  if( ISAUTOVACUUM ){
+  if( ISAUTOVACUUM(pBt) ){
     MemPage *pOld;
     MemPage *pNew = pOld = apNew[0];
     int cntOldNext = pNew->nCell + pNew->nOverflow;
@@ -75369,7 +77375,7 @@ static int balance_nonroot(
       rc = SQLITE_CORRUPT_BKPT;
       goto balance_cleanup;
     }
-    insertCell(pParent, nxDiv+i, pCell, sz, pTemp, pNew->pgno, &rc);
+    rc = insertCell(pParent, nxDiv+i, pCell, sz, pTemp, pNew->pgno);
     if( rc!=SQLITE_OK ) goto balance_cleanup;
     assert( sqlite3PagerIswriteable(pParent->pDbPage) );
   }
@@ -75465,7 +77471,7 @@ static int balance_nonroot(
     );
     copyNodeContent(apNew[0], pParent, &rc);
     freePage(apNew[0], &rc);
-  }else if( ISAUTOVACUUM && !leafCorrection ){
+  }else if( ISAUTOVACUUM(pBt) && !leafCorrection ){
     /* Fix the pointer map entries associated with the right-child of each
     ** sibling page. All other pointer map entries have already been taken
     ** care of.  */
@@ -75476,7 +77482,7 @@ static int balance_nonroot(
   }
 
   assert( pParent->isInit );
-  TRACE(("BALANCE: finished: old=%d new=%d cells=%d\n",
+  TRACE(("BALANCE: finished: old=%u new=%u cells=%u\n",
           nOld, nNew, b.nCell));
 
   /* Free any old pages that were not reused as new pages.
@@ -75486,7 +77492,7 @@ static int balance_nonroot(
   }
 
 #if 0
-  if( ISAUTOVACUUM && rc==SQLITE_OK && apNew[0]->isInit ){
+  if( ISAUTOVACUUM(pBt) && rc==SQLITE_OK && apNew[0]->isInit ){
     /* The ptrmapCheckPages() contains assert() statements that verify that
     ** all pointer map pages are set correctly. This is helpful while
     ** debugging. This is usually disabled because a corrupt database may
@@ -75548,7 +77554,7 @@ static int balance_deeper(MemPage *pRoot, MemPage **ppChild){
   if( rc==SQLITE_OK ){
     rc = allocateBtreePage(pBt,&pChild,&pgnoChild,pRoot->pgno,0);
     copyNodeContent(pRoot, pChild, &rc);
-    if( ISAUTOVACUUM ){
+    if( ISAUTOVACUUM(pBt) ){
       ptrmapPut(pBt, pgnoChild, PTRMAP_BTREE, pRoot->pgno, &rc);
     }
   }
@@ -75561,7 +77567,7 @@ static int balance_deeper(MemPage *pRoot, MemPage **ppChild){
   assert( sqlite3PagerIswriteable(pRoot->pDbPage) );
   assert( pChild->nCell==pRoot->nCell || CORRUPT_DB );
 
-  TRACE(("BALANCE: copy root %d into %d\n", pRoot->pgno, pChild->pgno));
+  TRACE(("BALANCE: copy root %u into %u\n", pRoot->pgno, pChild->pgno));
 
   /* Copy the overflow cells from pRoot to pChild */
   memcpy(pChild->aiOvfl, pRoot->aiOvfl,
@@ -75652,6 +77658,11 @@ static int balance(BtCursor *pCur){
       }else{
         break;
       }
+    }else if( sqlite3PagerPageRefcount(pPage->pDbPage)>1 ){
+      /* The page being written is not a root page, and there is currently
+      ** more than one reference to it. This only happens if the page is one
+      ** of its own ancestor pages. Corruption. */
+      rc = SQLITE_CORRUPT_BKPT;
     }else{
       MemPage * const pParent = pCur->apPage[iPage-1];
       int const iIdx = pCur->aiIdx[iPage-1];
@@ -75782,9 +77793,13 @@ static int btreeOverwriteContent(
 
 /*
 ** Overwrite the cell that cursor pCur is pointing to with fresh content
-** contained in pX.
+** contained in pX.  In this variant, pCur is pointing to an overflow
+** cell.
 */
-static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){
+static SQLITE_NOINLINE int btreeOverwriteOverflowCell(
+  BtCursor *pCur,                     /* Cursor pointing to cell to ovewrite */
+  const BtreePayload *pX              /* Content to write into the cell */
+){
   int iOffset;                        /* Next byte of pX->pData to write */
   int nTotal = pX->nData + pX->nZero; /* Total bytes of to write */
   int rc;                             /* Return code */
@@ -75793,16 +77808,12 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){
   Pgno ovflPgno;                      /* Next overflow page to write */
   u32 ovflPageSize;                   /* Size to write on overflow page */
 
-  if( pCur->info.pPayload + pCur->info.nLocal > pPage->aDataEnd
-   || pCur->info.pPayload < pPage->aData + pPage->cellOffset
-  ){
-    return SQLITE_CORRUPT_BKPT;
-  }
+  assert( pCur->info.nLocalinfo.pPayload, pX,
                              0, pCur->info.nLocal);
   if( rc ) return rc;
-  if( pCur->info.nLocal==nTotal ) return SQLITE_OK;
 
   /* Now overwrite the overflow pages */
   iOffset = pCur->info.nLocal;
@@ -75832,6 +77843,29 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){
   return SQLITE_OK;
 }
 
+/*
+** Overwrite the cell that cursor pCur is pointing to with fresh content
+** contained in pX.
+*/
+static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){
+  int nTotal = pX->nData + pX->nZero; /* Total bytes of to write */
+  MemPage *pPage = pCur->pPage;       /* Page being written */
+
+  if( pCur->info.pPayload + pCur->info.nLocal > pPage->aDataEnd
+   || pCur->info.pPayload < pPage->aData + pPage->cellOffset
+  ){
+    return SQLITE_CORRUPT_BKPT;
+  }
+  if( pCur->info.nLocal==nTotal ){
+    /* The entire cell is local */
+    return btreeOverwriteContent(pPage, pCur->info.pPayload, pX,
+                                 0, pCur->info.nLocal);
+  }else{
+    /* The cell contains overflow content */
+    return btreeOverwriteOverflowCell(pCur, pX);
+  }
+}
+
 
 /*
 ** Insert a new record into the BTree.  The content of the new record
@@ -75875,7 +77909,6 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   int idx;
   MemPage *pPage;
   Btree *p = pCur->pBtree;
-  BtShared *pBt = p->pBt;
   unsigned char *oldCell;
   unsigned char *newCell = 0;
 
@@ -75894,7 +77927,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   ** not to clear the cursor here.
   */
   if( pCur->curFlags & BTCF_Multiple ){
-    rc = saveAllCursors(pBt, pCur->pgnoRoot, pCur);
+    rc = saveAllCursors(p->pBt, pCur->pgnoRoot, pCur);
     if( rc ) return rc;
     if( loc && pCur->iPage<0 ){
       /* This can only happen if the schema is corrupt such that there is more
@@ -75918,8 +77951,8 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
 
   assert( cursorOwnsBtShared(pCur) );
   assert( (pCur->curFlags & BTCF_WriteFlag)!=0
-              && pBt->inTransaction==TRANS_WRITE
-              && (pBt->btsFlags & BTS_READ_ONLY)==0 );
+              && p->pBt->inTransaction==TRANS_WRITE
+              && (p->pBt->btsFlags & BTS_READ_ONLY)==0 );
   assert( hasSharedCacheTableLock(p, pCur->pgnoRoot, pCur->pKeyInfo!=0, 2) );
 
   /* Assert that the caller has been consistent. If this cursor was opened
@@ -76017,7 +78050,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
     }
   }
   assert( pCur->eState==CURSOR_VALID
-       || (pCur->eState==CURSOR_INVALID && loc) );
+       || (pCur->eState==CURSOR_INVALID && loc) || CORRUPT_DB );
 
   pPage = pCur->pPage;
   assert( pPage->intKey || pX->nKey>=0 || (flags & BTREE_PREFORMAT) );
@@ -76032,31 +78065,34 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
     if( rc ) return rc;
   }
 
-  TRACE(("INSERT: table=%d nkey=%lld ndata=%d page=%d %s\n",
+  TRACE(("INSERT: table=%u nkey=%lld ndata=%u page=%u %s\n",
           pCur->pgnoRoot, pX->nKey, pX->nData, pPage->pgno,
           loc==0 ? "overwrite" : "new entry"));
   assert( pPage->isInit || CORRUPT_DB );
-  newCell = pBt->pTmpSpace;
+  newCell = p->pBt->pTmpSpace;
   assert( newCell!=0 );
+  assert( BTREE_PREFORMAT==OPFLAG_PREFORMAT );
   if( flags & BTREE_PREFORMAT ){
     rc = SQLITE_OK;
-    szNew = pBt->nPreformatSize;
+    szNew = p->pBt->nPreformatSize;
     if( szNew<4 ) szNew = 4;
-    if( ISAUTOVACUUM && szNew>pPage->maxLocal ){
+    if( ISAUTOVACUUM(p->pBt) && szNew>pPage->maxLocal ){
       CellInfo info;
       pPage->xParseCell(pPage, newCell, &info);
       if( info.nPayload!=info.nLocal ){
         Pgno ovfl = get4byte(&newCell[szNew-4]);
-        ptrmapPut(pBt, ovfl, PTRMAP_OVERFLOW1, pPage->pgno, &rc);
+        ptrmapPut(p->pBt, ovfl, PTRMAP_OVERFLOW1, pPage->pgno, &rc);
+        if( NEVER(rc) ) goto end_insert;
       }
     }
   }else{
     rc = fillInCell(pPage, newCell, pX, &szNew);
+    if( rc ) goto end_insert;
   }
-  if( rc ) goto end_insert;
   assert( szNew==pPage->xCellSize(pPage, newCell) );
-  assert( szNew <= MX_CELL_SIZE(pBt) );
+  assert( szNew <= MX_CELL_SIZE(p->pBt) );
   idx = pCur->ix;
+  pCur->info.nSize = 0;
   if( loc==0 ){
     CellInfo info;
     assert( idx>=0 );
@@ -76075,7 +78111,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
     testcase( pCur->curFlags & BTCF_ValidOvfl );
     invalidateOverflowCache(pCur);
     if( info.nSize==szNew && info.nLocal==info.nPayload
-     && (!ISAUTOVACUUM || szNewminLocal)
+     && (!ISAUTOVACUUM(p->pBt) || szNewminLocal)
     ){
       /* Overwrite the old cell with the new if they are the same size.
       ** We could also try to do this if the old cell is smaller, then add
@@ -76105,7 +78141,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   }else{
     assert( pPage->leaf );
   }
-  insertCell(pPage, idx, newCell, szNew, 0, 0, &rc);
+  rc = insertCellFast(pPage, idx, newCell, szNew);
   assert( pPage->nOverflow==0 || rc==SQLITE_OK );
   assert( rc!=SQLITE_OK || pPage->nCell>0 || pPage->nOverflow>0 );
 
@@ -76129,7 +78165,6 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   ** larger than the largest existing key, it is possible to insert the
   ** row without seeking the cursor. This can be a big performance boost.
   */
-  pCur->info.nSize = 0;
   if( pPage->nOverflow ){
     assert( rc==SQLITE_OK );
     pCur->curFlags &= ~(BTCF_ValidNKey);
@@ -76178,7 +78213,6 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
 ** SQLITE_OK is returned if successful, or an SQLite error code otherwise.
 */
 SQLITE_PRIVATE int sqlite3BtreeTransferRow(BtCursor *pDest, BtCursor *pSrc, i64 iKey){
-  int rc = SQLITE_OK;
   BtShared *pBt = pDest->pBt;
   u8 *aOut = pBt->pTmpSpace;    /* Pointer to next output buffer */
   const u8 *aIn;                /* Pointer to next input buffer */
@@ -76201,7 +78235,9 @@ SQLITE_PRIVATE int sqlite3BtreeTransferRow(BtCursor *pDest, BtCursor *pSrc, i64
   if( nIn==nRem && nInpPage->maxLocal ){
     memcpy(aOut, aIn, nIn);
     pBt->nPreformatSize = nIn + (aOut - pBt->pTmpSpace);
+    return SQLITE_OK;
   }else{
+    int rc = SQLITE_OK;
     Pager *pSrcPager = pSrc->pBt->pPager;
     u8 *pPgnoOut = 0;
     Pgno ovflIn = 0;
@@ -76253,7 +78289,7 @@ SQLITE_PRIVATE int sqlite3BtreeTransferRow(BtCursor *pDest, BtCursor *pSrc, i64
         MemPage *pNew = 0;
         rc = allocateBtreePage(pBt, &pNew, &pgnoNew, 0, 0);
         put4byte(pPgnoOut, pgnoNew);
-        if( ISAUTOVACUUM && pPageOut ){
+        if( ISAUTOVACUUM(pBt) && pPageOut ){
           ptrmapPut(pBt, pgnoNew, PTRMAP_OVERFLOW2, pPageOut->pgno, &rc);
         }
         releasePage(pPageOut);
@@ -76269,9 +78305,8 @@ SQLITE_PRIVATE int sqlite3BtreeTransferRow(BtCursor *pDest, BtCursor *pSrc, i64
 
     releasePage(pPageOut);
     sqlite3PagerUnref(pPageIn);
+    return rc;
   }
-
-  return rc;
 }
 
 /*
@@ -76330,6 +78365,9 @@ SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
   if( pPage->nFree<0 && btreeComputeFreeSpace(pPage) ){
     return SQLITE_CORRUPT_BKPT;
   }
+  if( pCell<&pPage->aCellIdx[pPage->nCell] ){
+    return SQLITE_CORRUPT_BKPT;
+  }
 
   /* If the BTREE_SAVEPOSITION bit is on, then the cursor position must
   ** be preserved following this delete operation. If the current delete
@@ -76426,7 +78464,7 @@ SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
     assert( pTmp!=0 );
     rc = sqlite3PagerWrite(pLeaf->pDbPage);
     if( rc==SQLITE_OK ){
-      insertCell(pPage, iCellIdx, pCell-4, nCell+4, pTmp, n, &rc);
+      rc = insertCell(pPage, iCellIdx, pCell-4, nCell+4, pTmp, n);
     }
     dropCell(pLeaf, pLeaf->nCell-1, nCell, &rc);
     if( rc ) return rc;
@@ -77025,6 +79063,41 @@ SQLITE_PRIVATE Pager *sqlite3BtreePager(Btree *p){
 }
 
 #ifndef SQLITE_OMIT_INTEGRITY_CHECK
+/*
+** Record an OOM error during integrity_check
+*/
+static void checkOom(IntegrityCk *pCheck){
+  pCheck->rc = SQLITE_NOMEM;
+  pCheck->mxErr = 0;  /* Causes integrity_check processing to stop */
+  if( pCheck->nErr==0 ) pCheck->nErr++;
+}
+
+/*
+** Invoke the progress handler, if appropriate.  Also check for an
+** interrupt.
+*/
+static void checkProgress(IntegrityCk *pCheck){
+  sqlite3 *db = pCheck->db;
+  if( AtomicLoad(&db->u1.isInterrupted) ){
+    pCheck->rc = SQLITE_INTERRUPT;
+    pCheck->nErr++;
+    pCheck->mxErr = 0;
+  }
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+  if( db->xProgress ){
+    assert( db->nProgressOps>0 );
+    pCheck->nStep++;
+    if( (pCheck->nStep % db->nProgressOps)==0
+     && db->xProgress(db->pProgressArg)
+    ){
+      pCheck->rc = SQLITE_INTERRUPT;
+      pCheck->nErr++;
+      pCheck->mxErr = 0;
+    }
+  }
+#endif
+}
+
 /*
 ** Append a message to the error message string.
 */
@@ -77034,6 +79107,7 @@ static void checkAppendMsg(
   ...
 ){
   va_list ap;
+  checkProgress(pCheck);
   if( !pCheck->mxErr ) return;
   pCheck->mxErr--;
   pCheck->nErr++;
@@ -77042,12 +79116,13 @@ static void checkAppendMsg(
     sqlite3_str_append(&pCheck->errMsg, "\n", 1);
   }
   if( pCheck->zPfx ){
-    sqlite3_str_appendf(&pCheck->errMsg, pCheck->zPfx, pCheck->v1, pCheck->v2);
+    sqlite3_str_appendf(&pCheck->errMsg, pCheck->zPfx,
+                        pCheck->v0, pCheck->v1, pCheck->v2);
   }
   sqlite3_str_vappendf(&pCheck->errMsg, zFormat, ap);
   va_end(ap);
   if( pCheck->errMsg.accError==SQLITE_NOMEM ){
-    pCheck->bOomFault = 1;
+    checkOom(pCheck);
   }
 }
 #endif /* SQLITE_OMIT_INTEGRITY_CHECK */
@@ -77082,14 +79157,13 @@ static void setPageReferenced(IntegrityCk *pCheck, Pgno iPg){
 */
 static int checkRef(IntegrityCk *pCheck, Pgno iPage){
   if( iPage>pCheck->nPage || iPage==0 ){
-    checkAppendMsg(pCheck, "invalid page number %d", iPage);
+    checkAppendMsg(pCheck, "invalid page number %u", iPage);
     return 1;
   }
   if( getPageReferenced(pCheck, iPage) ){
-    checkAppendMsg(pCheck, "2nd reference to page %d", iPage);
+    checkAppendMsg(pCheck, "2nd reference to page %u", iPage);
     return 1;
   }
-  if( AtomicLoad(&pCheck->db->u1.isInterrupted) ) return 1;
   setPageReferenced(pCheck, iPage);
   return 0;
 }
@@ -77112,14 +79186,14 @@ static void checkPtrmap(
 
   rc = ptrmapGet(pCheck->pBt, iChild, &ePtrmapType, &iPtrmapParent);
   if( rc!=SQLITE_OK ){
-    if( rc==SQLITE_NOMEM || rc==SQLITE_IOERR_NOMEM ) pCheck->bOomFault = 1;
-    checkAppendMsg(pCheck, "Failed to read ptrmap key=%d", iChild);
+    if( rc==SQLITE_NOMEM || rc==SQLITE_IOERR_NOMEM ) checkOom(pCheck);
+    checkAppendMsg(pCheck, "Failed to read ptrmap key=%u", iChild);
     return;
   }
 
   if( ePtrmapType!=eType || iPtrmapParent!=iParent ){
     checkAppendMsg(pCheck,
-      "Bad ptr map entry key=%d expected=(%d,%d) got=(%d,%d)",
+      "Bad ptr map entry key=%u expected=(%u,%u) got=(%u,%u)",
       iChild, eType, iParent, ePtrmapType, iPtrmapParent);
   }
 }
@@ -77144,7 +79218,7 @@ static void checkList(
     if( checkRef(pCheck, iPage) ) break;
     N--;
     if( sqlite3PagerGet(pCheck->pPager, (Pgno)iPage, &pOvflPage, 0) ){
-      checkAppendMsg(pCheck, "failed to get page %d", iPage);
+      checkAppendMsg(pCheck, "failed to get page %u", iPage);
       break;
     }
     pOvflData = (unsigned char *)sqlite3PagerGetData(pOvflPage);
@@ -77157,7 +79231,7 @@ static void checkList(
 #endif
       if( n>pCheck->pBt->usableSize/4-2 ){
         checkAppendMsg(pCheck,
-           "freelist leaf count too big on page %d", iPage);
+           "freelist leaf count too big on page %u", iPage);
         N--;
       }else{
         for(i=0; i<(int)n; i++){
@@ -77189,7 +79263,7 @@ static void checkList(
   }
   if( N && nErrAtStart==pCheck->nErr ){
     checkAppendMsg(pCheck,
-      "%s is %d but should be %d",
+      "%s is %u but should be %u",
       isFreeList ? "size" : "overflow list length",
       expected-N, expected);
   }
@@ -77219,7 +79293,9 @@ static void checkList(
 ** lower 16 bits are the index of the last byte of that range.
 */
 static void btreeHeapInsert(u32 *aHeap, u32 x){
-  u32 j, i = ++aHeap[0];
+  u32 j, i;
+  assert( aHeap!=0 );
+  i = ++aHeap[0];
   aHeap[i] = x;
   while( (j = i/2)>0 && aHeap[j]>aHeap[i] ){
     x = aHeap[j];
@@ -77296,12 +79372,14 @@ static int checkTreePage(
 
   /* Check that the page exists
   */
+  checkProgress(pCheck);
+  if( pCheck->mxErr==0 ) goto end_of_check;
   pBt = pCheck->pBt;
   usableSize = pBt->usableSize;
   if( iPage==0 ) return 0;
   if( checkRef(pCheck, iPage) ) return 0;
-  pCheck->zPfx = "Page %u: ";
-  pCheck->v1 = iPage;
+  pCheck->zPfx = "Tree %u page %u: ";
+  pCheck->v0 = pCheck->v1 = iPage;
   if( (rc = btreeGetPage(pBt, iPage, &pPage, 0))!=0 ){
     checkAppendMsg(pCheck,
        "unable to get the page. error code=%d", rc);
@@ -77327,7 +79405,7 @@ static int checkTreePage(
   hdr = pPage->hdrOffset;
 
   /* Set up for cell analysis */
-  pCheck->zPfx = "On tree page %u cell %d: ";
+  pCheck->zPfx = "Tree %u page %u cell %u: ";
   contentOffset = get2byteNotZero(&data[hdr+5]);
   assert( contentOffset<=usableSize );  /* Enforced by btreeInitPage() */
 
@@ -77347,7 +79425,7 @@ static int checkTreePage(
     pgno = get4byte(&data[hdr+8]);
 #ifndef SQLITE_OMIT_AUTOVACUUM
     if( pBt->autoVacuum ){
-      pCheck->zPfx = "On page %u at right child: ";
+      pCheck->zPfx = "Tree %u page %u right child: ";
       checkPtrmap(pCheck, pgno, PTRMAP_BTREE, iPage);
     }
 #endif
@@ -77371,7 +79449,7 @@ static int checkTreePage(
     pc = get2byteAligned(pCellIdx);
     pCellIdx -= 2;
     if( pcusableSize-4 ){
-      checkAppendMsg(pCheck, "Offset %d out of range %d..%d",
+      checkAppendMsg(pCheck, "Offset %u out of range %u..%u",
                              pc, contentOffset, usableSize-4);
       doCoverageCheck = 0;
       continue;
@@ -77503,7 +79581,7 @@ static int checkTreePage(
     */
     if( heap[0]==0 && nFrag!=data[hdr+7] ){
       checkAppendMsg(pCheck,
-          "Fragmentation of %d bytes reported as %d on page %u",
+          "Fragmentation of %u bytes reported as %u on page %u",
           nFrag, data[hdr+7], iPage);
     }
   }
@@ -77541,13 +79619,14 @@ static int checkTreePage(
 ** the unverified btrees.  Except, if aRoot[1] is 1, then the freelist
 ** checks are still performed.
 */
-SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(
+SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   sqlite3 *db,  /* Database connection that is running the check */
   Btree *p,     /* The btree to be checked */
   Pgno *aRoot,  /* An array of root pages numbers for individual trees */
   int nRoot,    /* Number of entries in aRoot[] */
   int mxErr,    /* Stop reporting errors after this many */
-  int *pnErr    /* Write number of errors seen to this variable */
+  int *pnErr,   /* OUT: Write number of errors seen to this variable */
+  char **pzOut  /* OUT: Write the error message string here */
 ){
   Pgno i;
   IntegrityCk sCheck;
@@ -77570,18 +79649,12 @@ SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(
   assert( p->inTrans>TRANS_NONE && pBt->inTransaction>TRANS_NONE );
   VVA_ONLY( nRef = sqlite3PagerRefcount(pBt->pPager) );
   assert( nRef>=0 );
+  memset(&sCheck, 0, sizeof(sCheck));
   sCheck.db = db;
   sCheck.pBt = pBt;
   sCheck.pPager = pBt->pPager;
   sCheck.nPage = btreePagecount(sCheck.pBt);
   sCheck.mxErr = mxErr;
-  sCheck.nErr = 0;
-  sCheck.bOomFault = 0;
-  sCheck.zPfx = 0;
-  sCheck.v1 = 0;
-  sCheck.v2 = 0;
-  sCheck.aPgRef = 0;
-  sCheck.heap = 0;
   sqlite3StrAccumInit(&sCheck.errMsg, 0, zErr, sizeof(zErr), SQLITE_MAX_LENGTH);
   sCheck.errMsg.printfFlags = SQLITE_PRINTF_INTERNAL;
   if( sCheck.nPage==0 ){
@@ -77590,12 +79663,12 @@ SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(
 
   sCheck.aPgRef = sqlite3MallocZero((sCheck.nPage / 8)+ 1);
   if( !sCheck.aPgRef ){
-    sCheck.bOomFault = 1;
+    checkOom(&sCheck);
     goto integrity_ck_cleanup;
   }
   sCheck.heap = (u32*)sqlite3PageMalloc( pBt->pageSize );
   if( sCheck.heap==0 ){
-    sCheck.bOomFault = 1;
+    checkOom(&sCheck);
     goto integrity_ck_cleanup;
   }
 
@@ -77605,7 +79678,7 @@ SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(
   /* Check the integrity of the freelist
   */
   if( bCkFreelist ){
-    sCheck.zPfx = "Main freelist: ";
+    sCheck.zPfx = "Freelist: ";
     checkList(&sCheck, 1, get4byte(&pBt->pPage1->aData[32]),
               get4byte(&pBt->pPage1->aData[36]));
     sCheck.zPfx = 0;
@@ -77622,7 +79695,7 @@ SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(
       mxInHdr = get4byte(&pBt->pPage1->aData[52]);
       if( mx!=mxInHdr ){
         checkAppendMsg(&sCheck,
-          "max rootpage (%d) disagrees with header (%d)",
+          "max rootpage (%u) disagrees with header (%u)",
           mx, mxInHdr
         );
       }
@@ -77653,7 +79726,7 @@ SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(
     for(i=1; i<=sCheck.nPage && sCheck.mxErr; i++){
 #ifdef SQLITE_OMIT_AUTOVACUUM
       if( getPageReferenced(&sCheck, i)==0 ){
-        checkAppendMsg(&sCheck, "Page %d is never used", i);
+        checkAppendMsg(&sCheck, "Page %u: never used", i);
       }
 #else
       /* If the database supports auto-vacuum, make sure no tables contain
@@ -77661,11 +79734,11 @@ SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(
       */
       if( getPageReferenced(&sCheck, i)==0 &&
          (PTRMAP_PAGENO(pBt, i)!=i || !pBt->autoVacuum) ){
-        checkAppendMsg(&sCheck, "Page %d is never used", i);
+        checkAppendMsg(&sCheck, "Page %u: never used", i);
       }
       if( getPageReferenced(&sCheck, i)!=0 &&
          (PTRMAP_PAGENO(pBt, i)==i && pBt->autoVacuum) ){
-        checkAppendMsg(&sCheck, "Pointer map page %d is referenced", i);
+        checkAppendMsg(&sCheck, "Page %u: pointer map referenced", i);
       }
 #endif
     }
@@ -77676,16 +79749,17 @@ SQLITE_PRIVATE char *sqlite3BtreeIntegrityCheck(
 integrity_ck_cleanup:
   sqlite3PageFree(sCheck.heap);
   sqlite3_free(sCheck.aPgRef);
-  if( sCheck.bOomFault ){
+  *pnErr = sCheck.nErr;
+  if( sCheck.nErr==0 ){
     sqlite3_str_reset(&sCheck.errMsg);
-    sCheck.nErr++;
+    *pzOut = 0;
+  }else{
+    *pzOut = sqlite3StrAccumFinish(&sCheck.errMsg);
   }
-  *pnErr = sCheck.nErr;
-  if( sCheck.nErr==0 ) sqlite3_str_reset(&sCheck.errMsg);
   /* Make sure this analysis did not leave any unref() pages. */
   assert( nRef==sqlite3PagerRefcount(pBt->pPager) );
   sqlite3BtreeLeave(p);
-  return sqlite3StrAccumFinish(&sCheck.errMsg);
+  return sCheck.rc;
 }
 #endif /* SQLITE_OMIT_INTEGRITY_CHECK */
 
@@ -77950,6 +80024,17 @@ SQLITE_PRIVATE int sqlite3BtreeIsReadonly(Btree *p){
 */
 SQLITE_PRIVATE int sqlite3HeaderSizeBtree(void){ return ROUND8(sizeof(MemPage)); }
 
+/*
+** If no transaction is active and the database is not a temp-db, clear
+** the in-memory pager cache.
+*/
+SQLITE_PRIVATE void sqlite3BtreeClearCache(Btree *p){
+  BtShared *pBt = p->pBt;
+  if( pBt->inTransaction==TRANS_NONE ){
+    sqlite3PagerClearCache(pBt->pPager);
+  }
+}
+
 #if !defined(SQLITE_OMIT_SHARED_CACHE)
 /*
 ** Return true if the Btree passed as the only argument is sharable.
@@ -78215,13 +80300,7 @@ static int backupOnePage(
   assert( !isFatalError(p->rc) );
   assert( iSrcPg!=PENDING_BYTE_PAGE(p->pSrc->pBt) );
   assert( zSrcData );
-
-  /* Catch the case where the destination is an in-memory database and the
-  ** page sizes of the source and destination differ.
-  */
-  if( nSrcPgsz!=nDestPgsz && sqlite3PagerIsMemdb(pDestPager) ){
-    rc = SQLITE_READONLY;
-  }
+  assert( nSrcPgsz==nDestPgsz || sqlite3PagerIsMemdb(pDestPager)==0 );
 
   /* This loop runs once for each destination page spanned by the source
   ** page. For each iteration, variable iOff is set to the byte offset
@@ -78354,7 +80433,10 @@ SQLITE_API int sqlite3_backup_step(sqlite3_backup *p, int nPage){
     pgszSrc = sqlite3BtreeGetPageSize(p->pSrc);
     pgszDest = sqlite3BtreeGetPageSize(p->pDest);
     destMode = sqlite3PagerGetJournalMode(sqlite3BtreePager(p->pDest));
-    if( SQLITE_OK==rc && destMode==PAGER_JOURNALMODE_WAL && pgszSrc!=pgszDest ){
+    if( SQLITE_OK==rc
+     && (destMode==PAGER_JOURNALMODE_WAL || sqlite3PagerIsMemdb(pDestPager))
+     && pgszSrc!=pgszDest
+    ){
       rc = SQLITE_READONLY;
     }
 
@@ -78860,9 +80942,9 @@ static void vdbeMemRenderNum(int sz, char *zBuf, Mem *p){
     i64 x;
     assert( (p->flags&MEM_Int)*2==sizeof(x) );
     memcpy(&x, (char*)&p->u, (p->flags&MEM_Int)*2);
-    sqlite3Int64ToText(x, zBuf);
+    p->n = sqlite3Int64ToText(x, zBuf);
 #else
-    sqlite3Int64ToText(p->u.i, zBuf);
+    p->n = sqlite3Int64ToText(p->u.i, zBuf);
 #endif
   }else{
     sqlite3StrAccumInit(&acc, 0, zBuf, sz, 0);
@@ -78870,6 +80952,7 @@ static void vdbeMemRenderNum(int sz, char *zBuf, Mem *p){
          (p->flags & MEM_IntReal)!=0 ? (double)p->u.i : p->u.r);
     assert( acc.zText==zBuf && acc.mxAlloc<=0 );
     zBuf[acc.nChar] = 0; /* Fast version of sqlite3StrAccumFinish(&acc) */
+    p->n = acc.nChar;
   }
 }
 
@@ -78897,10 +80980,12 @@ static void vdbeMemRenderNum(int sz, char *zBuf, Mem *p){
 ** This routine is for use inside of assert() statements only.
 */
 SQLITE_PRIVATE int sqlite3VdbeMemValidStrRep(Mem *p){
+  Mem tmp;
   char zBuf[100];
   char *z;
   int i, j, incr;
   if( (p->flags & MEM_Str)==0 ) return 1;
+  if( p->db && p->db->mallocFailed ) return 1;
   if( p->flags & MEM_Term ){
     /* Insure that the string is properly zero-terminated.  Pay particular
     ** attention to the case where p->n is odd */
@@ -78913,7 +80998,8 @@ SQLITE_PRIVATE int sqlite3VdbeMemValidStrRep(Mem *p){
     assert( p->enc==SQLITE_UTF8 || p->z[((p->n+1)&~1)+1]==0 );
   }
   if( (p->flags & (MEM_Int|MEM_Real|MEM_IntReal))==0 ) return 1;
-  vdbeMemRenderNum(sizeof(zBuf), zBuf, p);
+  memcpy(&tmp, p, sizeof(tmp));
+  vdbeMemRenderNum(sizeof(zBuf), zBuf, &tmp);
   z = p->z;
   i = j = 0;
   incr = 1;
@@ -79182,7 +81268,7 @@ SQLITE_PRIVATE int sqlite3VdbeMemStringify(Mem *pMem, u8 enc, u8 bForce){
 
   vdbeMemRenderNum(nByte, pMem->z, pMem);
   assert( pMem->z!=0 );
-  pMem->n = sqlite3Strlen30NN(pMem->z);
+  assert( pMem->n==(int)sqlite3Strlen30NN(pMem->z) );
   pMem->enc = SQLITE_UTF8;
   pMem->flags |= MEM_Str|MEM_Term;
   if( bForce ) pMem->flags &= ~(MEM_Int|MEM_Real|MEM_IntReal);
@@ -79422,32 +81508,35 @@ SQLITE_PRIVATE int sqlite3VdbeBooleanValue(Mem *pMem, int ifNull){
 }
 
 /*
-** The MEM structure is already a MEM_Real.  Try to also make it a
-** MEM_Int if we can.
+** The MEM structure is already a MEM_Real or MEM_IntReal. Try to
+** make it a MEM_Int if we can.
 */
 SQLITE_PRIVATE void sqlite3VdbeIntegerAffinity(Mem *pMem){
-  i64 ix;
   assert( pMem!=0 );
-  assert( pMem->flags & MEM_Real );
+  assert( pMem->flags & (MEM_Real|MEM_IntReal) );
   assert( !sqlite3VdbeMemIsRowSet(pMem) );
   assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
   assert( EIGHT_BYTE_ALIGNMENT(pMem) );
 
-  ix = doubleToInt64(pMem->u.r);
-
-  /* Only mark the value as an integer if
-  **
-  **    (1) the round-trip conversion real->int->real is a no-op, and
-  **    (2) The integer is neither the largest nor the smallest
-  **        possible integer (ticket #3922)
-  **
-  ** The second and third terms in the following conditional enforces
-  ** the second condition under the assumption that addition overflow causes
-  ** values to wrap around.
-  */
-  if( pMem->u.r==ix && ix>SMALLEST_INT64 && ixu.i = ix;
+  if( pMem->flags & MEM_IntReal ){
     MemSetTypeFlag(pMem, MEM_Int);
+  }else{
+    i64 ix = doubleToInt64(pMem->u.r);
+
+    /* Only mark the value as an integer if
+    **
+    **    (1) the round-trip conversion real->int->real is a no-op, and
+    **    (2) The integer is neither the largest nor the smallest
+    **        possible integer (ticket #3922)
+    **
+    ** The second and third terms in the following conditional enforces
+    ** the second condition under the assumption that addition overflow causes
+    ** values to wrap around.
+    */
+    if( pMem->u.r==ix && ix>SMALLEST_INT64 && ixu.i = ix;
+      MemSetTypeFlag(pMem, MEM_Int);
+    }
   }
 }
 
@@ -79495,6 +81584,16 @@ SQLITE_PRIVATE int sqlite3RealSameAsInt(double r1, sqlite3_int64 i){
           && i >= -2251799813685248LL && i < 2251799813685248LL);
 }
 
+/* Convert a floating point value to its closest integer.  Do so in
+** a way that avoids 'outside the range of representable values' warnings
+** from UBSAN.
+*/
+SQLITE_PRIVATE i64 sqlite3RealToI64(double r){
+  if( r<=(double)SMALLEST_INT64 ) return SMALLEST_INT64;
+  if( r>=(double)LARGEST_INT64) return LARGEST_INT64;
+  return (i64)r;
+}
+
 /*
 ** Convert pMem so that it has type MEM_Real or MEM_Int.
 ** Invalidate any prior representations.
@@ -79516,7 +81615,7 @@ SQLITE_PRIVATE int sqlite3VdbeMemNumerify(Mem *pMem){
     assert( pMem->db==0 || sqlite3_mutex_held(pMem->db->mutex) );
     rc = sqlite3AtoF(pMem->z, &pMem->u.r, pMem->n, pMem->enc);
     if( ((rc==0 || rc==1) && sqlite3Atoi64(pMem->z, &ix, pMem->n, pMem->enc)<=1)
-     || sqlite3RealSameAsInt(pMem->u.r, (ix = (i64)pMem->u.r))
+     || sqlite3RealSameAsInt(pMem->u.r, (ix = sqlite3RealToI64(pMem->u.r)))
     ){
       pMem->u.i = ix;
       MemSetTypeFlag(pMem, MEM_Int);
@@ -79568,6 +81667,7 @@ SQLITE_PRIVATE int sqlite3VdbeMemCast(Mem *pMem, u8 aff, u8 encoding){
       sqlite3ValueApplyAffinity(pMem, SQLITE_AFF_TEXT, encoding);
       assert( pMem->flags & MEM_Str || pMem->db->mallocFailed );
       pMem->flags &= ~(MEM_Int|MEM_Real|MEM_IntReal|MEM_Blob|MEM_Zero);
+      if( encoding!=SQLITE_UTF8 ) pMem->n &= ~1;
       return sqlite3VdbeChangeEncoding(pMem, encoding);
     }
   }
@@ -80212,6 +82312,9 @@ static int valueFromFunction(
   if( pList ) nVal = pList->nExpr;
   assert( !ExprHasProperty(p, EP_IntValue) );
   pFunc = sqlite3FindFunction(db, p->u.zToken, nVal, enc, 0);
+#ifdef SQLITE_ENABLE_UNKNOWN_SQL_FUNCTION
+  if( pFunc==0 ) return SQLITE_OK;
+#endif
   assert( pFunc );
   if( (pFunc->funcFlags & (SQLITE_FUNC_CONSTANT|SQLITE_FUNC_SLOCHNG))==0
    || (pFunc->funcFlags & SQLITE_FUNC_NEEDCOLL)
@@ -80237,8 +82340,6 @@ static int valueFromFunction(
     goto value_from_function_out;
   }
 
-  testcase( pCtx->pParse->rc==SQLITE_ERROR );
-  testcase( pCtx->pParse->rc==SQLITE_OK );
   memset(&ctx, 0, sizeof(ctx));
   ctx.pOut = pVal;
   ctx.pFunc = pFunc;
@@ -80251,16 +82352,16 @@ static int valueFromFunction(
     sqlite3ValueApplyAffinity(pVal, aff, SQLITE_UTF8);
     assert( rc==SQLITE_OK );
     rc = sqlite3VdbeChangeEncoding(pVal, enc);
-    if( rc==SQLITE_OK && sqlite3VdbeMemTooBig(pVal) ){
+    if( NEVER(rc==SQLITE_OK && sqlite3VdbeMemTooBig(pVal)) ){
       rc = SQLITE_TOOBIG;
       pCtx->pParse->nErr++;
     }
   }
-  pCtx->pParse->rc = rc;
 
  value_from_function_out:
   if( rc!=SQLITE_OK ){
     pVal = 0;
+    pCtx->pParse->rc = rc;
   }
   if( apVal ){
     for(i=0; ipLeft, enc, aff, ppVal, pCtx);
     testcase( rc!=SQLITE_OK );
     if( *ppVal ){
+#ifdef SQLITE_ENABLE_STAT4
+      rc = ExpandBlob(*ppVal);
+#else
+      /* zero-blobs only come from functions, not literal values.  And
+      ** functions are only processed under STAT4 */
+      assert( (ppVal[0][0].flags & MEM_Zero)==0 );
+#endif
       sqlite3VdbeMemCast(*ppVal, aff, enc);
       sqlite3ValueApplyAffinity(*ppVal, affinity, enc);
     }
@@ -80703,6 +82811,9 @@ SQLITE_PRIVATE int sqlite3ValueBytes(sqlite3_value *pVal, u8 enc){
   if( (p->flags & MEM_Str)!=0 && pVal->enc==enc ){
     return p->n;
   }
+  if( (p->flags & MEM_Str)!=0 && enc!=SQLITE_UTF8 && pVal->enc!=SQLITE_UTF8 ){
+    return p->n;
+  }
   if( (p->flags & MEM_Blob)!=0 ){
     if( p->flags & MEM_Zero ){
       return p->n + p->u.nZero;
@@ -80748,10 +82859,10 @@ SQLITE_PRIVATE Vdbe *sqlite3VdbeCreate(Parse *pParse){
   memset(&p->aOp, 0, sizeof(Vdbe)-offsetof(Vdbe,aOp));
   p->db = db;
   if( db->pVdbe ){
-    db->pVdbe->pPrev = p;
+    db->pVdbe->ppVPrev = &p->pVNext;
   }
-  p->pNext = db->pVdbe;
-  p->pPrev = 0;
+  p->pVNext = db->pVdbe;
+  p->ppVPrev = &db->pVdbe;
   db->pVdbe = p;
   assert( p->eVdbeState==VDBE_INIT_STATE );
   p->pParse = pParse;
@@ -80833,21 +82944,28 @@ SQLITE_PRIVATE int sqlite3VdbeUsesDoubleQuotedString(
 #endif
 
 /*
-** Swap all content between two VDBE structures.
+** Swap byte-code between two VDBE structures.
+**
+** This happens after pB was previously run and returned
+** SQLITE_SCHEMA.  The statement was then reprepared in pA.
+** This routine transfers the new bytecode in pA over to pB
+** so that pB can be run again.  The old pB byte code is
+** moved back to pA so that it will be cleaned up when pA is
+** finalized.
 */
 SQLITE_PRIVATE void sqlite3VdbeSwap(Vdbe *pA, Vdbe *pB){
-  Vdbe tmp, *pTmp;
+  Vdbe tmp, *pTmp, **ppTmp;
   char *zTmp;
   assert( pA->db==pB->db );
   tmp = *pA;
   *pA = *pB;
   *pB = tmp;
-  pTmp = pA->pNext;
-  pA->pNext = pB->pNext;
-  pB->pNext = pTmp;
-  pTmp = pA->pPrev;
-  pA->pPrev = pB->pPrev;
-  pB->pPrev = pTmp;
+  pTmp = pA->pVNext;
+  pA->pVNext = pB->pVNext;
+  pB->pVNext = pTmp;
+  ppTmp = pA->ppVPrev;
+  pA->ppVPrev = pB->ppVPrev;
+  pB->ppVPrev = ppTmp;
   zTmp = pA->zSql;
   pA->zSql = pB->zSql;
   pB->zSql = zTmp;
@@ -80923,6 +83041,8 @@ static int growOpArray(Vdbe *v, int nOp){
 */
 static void test_addop_breakpoint(int pc, Op *pOp){
   static int n = 0;
+  (void)pc;
+  (void)pOp;
   n++;
 }
 #endif
@@ -80973,16 +83093,16 @@ SQLITE_PRIVATE int sqlite3VdbeAddOp3(Vdbe *p, int op, int p1, int p2, int p3){
 #ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
   pOp->zComment = 0;
 #endif
+#if defined(SQLITE_ENABLE_STMT_SCANSTATUS) || defined(VDBE_PROFILE)
+  pOp->nExec = 0;
+  pOp->nCycle = 0;
+#endif
 #ifdef SQLITE_DEBUG
   if( p->db->flags & SQLITE_VdbeAddopTrace ){
     sqlite3VdbePrintOp(0, i, &p->aOp[i]);
     test_addop_breakpoint(i, &p->aOp[i]);
   }
 #endif
-#ifdef VDBE_PROFILE
-  pOp->cycles = 0;
-  pOp->cnt = 0;
-#endif
 #ifdef SQLITE_VDBE_COVERAGE
   pOp->iSrcLine = 0;
 #endif
@@ -81150,11 +83270,12 @@ SQLITE_PRIVATE void sqlite3ExplainBreakpoint(const char *z1, const char *z2){
 ** If the bPush flag is true, then make this opcode the parent for
 ** subsequent Explains until sqlite3VdbeExplainPop() is called.
 */
-SQLITE_PRIVATE void sqlite3VdbeExplain(Parse *pParse, u8 bPush, const char *zFmt, ...){
-#ifndef SQLITE_DEBUG
+SQLITE_PRIVATE int sqlite3VdbeExplain(Parse *pParse, u8 bPush, const char *zFmt, ...){
+  int addr = 0;
+#if !defined(SQLITE_DEBUG)
   /* Always include the OP_Explain opcodes if SQLITE_DEBUG is defined.
   ** But omit them (for performance) during production builds */
-  if( pParse->explain==2 )
+  if( pParse->explain==2 || IS_STMT_SCANSTATUS(pParse->db) )
 #endif
   {
     char *zMsg;
@@ -81166,13 +83287,15 @@ SQLITE_PRIVATE void sqlite3VdbeExplain(Parse *pParse, u8 bPush, const char *zFmt
     va_end(ap);
     v = pParse->pVdbe;
     iThis = v->nOp;
-    sqlite3VdbeAddOp4(v, OP_Explain, iThis, pParse->addrExplain, 0,
+    addr = sqlite3VdbeAddOp4(v, OP_Explain, iThis, pParse->addrExplain, 0,
                       zMsg, P4_DYNAMIC);
-    sqlite3ExplainBreakpoint(bPush?"PUSH":"", sqlite3VdbeGetOp(v,-1)->p4.z);
+    sqlite3ExplainBreakpoint(bPush?"PUSH":"", sqlite3VdbeGetLastOp(v)->p4.z);
     if( bPush){
       pParse->addrExplain = iThis;
     }
+    sqlite3VdbeScanStatus(v, iThis, 0, 0, 0, 0);
   }
+  return addr;
 }
 
 /*
@@ -81280,6 +83403,9 @@ static SQLITE_NOINLINE void resizeResolveLabel(Parse *p, Vdbe *v, int j){
     int i;
     for(i=p->nLabelAlloc; iaLabel[i] = -1;
 #endif
+    if( nNewSize>=100 && (nNewSize/100)>(p->nLabelAlloc/100) ){
+      sqlite3ProgressCheck(p);
+    }
     p->nLabelAlloc = nNewSize;
     p->aLabel[j] = v->nOp;
   }
@@ -81523,11 +83649,13 @@ static void resolveP2Values(Vdbe *p, int *pMaxFuncArgs){
   Op *pOp;
   Parse *pParse = p->pParse;
   int *aLabel = pParse->aLabel;
+
+  assert( pParse->db->mallocFailed==0 ); /* tag-20230419-1 */
   p->readOnly = 1;
   p->bIsReader = 0;
   pOp = &p->aOp[p->nOp-1];
-  while(1){
-
+  assert( p->aOp[0].opcode==OP_Init );
+  while( 1 /* Loop termates when it reaches the OP_Init opcode */ ){
     /* Only JUMP opcodes and the short list of special opcodes in the switch
     ** below need to be considered.  The mkopcodeh.tcl generator script groups
     ** all these opcodes together near the front of the opcode list.  Skip
@@ -81556,6 +83684,10 @@ static void resolveP2Values(Vdbe *p, int *pMaxFuncArgs){
           p->bIsReader = 1;
           break;
         }
+        case OP_Init: {
+          assert( pOp->p2>=0 );
+          goto resolve_p2_values_loop_exit;
+        }
 #ifndef SQLITE_OMIT_VIRTUALTABLE
         case OP_VUpdate: {
           if( pOp->p2>nMaxArgs ) nMaxArgs = pOp->p2;
@@ -81578,6 +83710,7 @@ static void resolveP2Values(Vdbe *p, int *pMaxFuncArgs){
             ** have non-negative values for P2. */
             assert( (sqlite3OpcodeProperty[pOp->opcode] & OPFLG_JUMP)!=0 );
             assert( ADDR(pOp->p2)<-pParse->nLabel );
+            assert( aLabel!=0 );  /* True because of tag-20230419-1 */
             pOp->p2 = aLabel[ADDR(pOp->p2)];
           }
           break;
@@ -81588,11 +83721,12 @@ static void resolveP2Values(Vdbe *p, int *pMaxFuncArgs){
       ** have non-negative values for P2. */
       assert( (sqlite3OpcodeProperty[pOp->opcode]&OPFLG_JUMP)==0 || pOp->p2>=0);
     }
-    if( pOp==p->aOp ) break;
+    assert( pOp>p->aOp );
     pOp--;
   }
+resolve_p2_values_loop_exit:
   if( aLabel ){
-    sqlite3DbFreeNN(p->db, pParse->aLabel);
+    sqlite3DbNNFreeNN(p->db, pParse->aLabel);
     pParse->aLabel = 0;
   }
   pParse->nLabel = 0;
@@ -81820,20 +83954,83 @@ SQLITE_PRIVATE void sqlite3VdbeScanStatus(
   LogEst nEst,                    /* Estimated number of output rows */
   const char *zName               /* Name of table or index being scanned */
 ){
-  sqlite3_int64 nByte = (p->nScan+1) * sizeof(ScanStatus);
-  ScanStatus *aNew;
-  aNew = (ScanStatus*)sqlite3DbRealloc(p->db, p->aScan, nByte);
-  if( aNew ){
-    ScanStatus *pNew = &aNew[p->nScan++];
-    pNew->addrExplain = addrExplain;
-    pNew->addrLoop = addrLoop;
-    pNew->addrVisit = addrVisit;
-    pNew->nEst = nEst;
-    pNew->zName = sqlite3DbStrDup(p->db, zName);
-    p->aScan = aNew;
+  if( IS_STMT_SCANSTATUS(p->db) ){
+    sqlite3_int64 nByte = (p->nScan+1) * sizeof(ScanStatus);
+    ScanStatus *aNew;
+    aNew = (ScanStatus*)sqlite3DbRealloc(p->db, p->aScan, nByte);
+    if( aNew ){
+      ScanStatus *pNew = &aNew[p->nScan++];
+      memset(pNew, 0, sizeof(ScanStatus));
+      pNew->addrExplain = addrExplain;
+      pNew->addrLoop = addrLoop;
+      pNew->addrVisit = addrVisit;
+      pNew->nEst = nEst;
+      pNew->zName = sqlite3DbStrDup(p->db, zName);
+      p->aScan = aNew;
+    }
+  }
+}
+
+/*
+** Add the range of instructions from addrStart to addrEnd (inclusive) to
+** the set of those corresponding to the sqlite3_stmt_scanstatus() counters
+** associated with the OP_Explain instruction at addrExplain. The
+** sum of the sqlite3Hwtime() values for each of these instructions
+** will be returned for SQLITE_SCANSTAT_NCYCLE requests.
+*/
+SQLITE_PRIVATE void sqlite3VdbeScanStatusRange(
+  Vdbe *p,
+  int addrExplain,
+  int addrStart,
+  int addrEnd
+){
+  if( IS_STMT_SCANSTATUS(p->db) ){
+    ScanStatus *pScan = 0;
+    int ii;
+    for(ii=p->nScan-1; ii>=0; ii--){
+      pScan = &p->aScan[ii];
+      if( pScan->addrExplain==addrExplain ) break;
+      pScan = 0;
+    }
+    if( pScan ){
+      if( addrEnd<0 ) addrEnd = sqlite3VdbeCurrentAddr(p)-1;
+      for(ii=0; iiaAddrRange); ii+=2){
+        if( pScan->aAddrRange[ii]==0 ){
+          pScan->aAddrRange[ii] = addrStart;
+          pScan->aAddrRange[ii+1] = addrEnd;
+          break;
+        }
+      }
+    }
   }
 }
-#endif
+
+/*
+** Set the addresses for the SQLITE_SCANSTAT_NLOOP and SQLITE_SCANSTAT_NROW
+** counters for the query element associated with the OP_Explain at
+** addrExplain.
+*/
+SQLITE_PRIVATE void sqlite3VdbeScanStatusCounters(
+  Vdbe *p,
+  int addrExplain,
+  int addrLoop,
+  int addrVisit
+){
+  if( IS_STMT_SCANSTATUS(p->db) ){
+    ScanStatus *pScan = 0;
+    int ii;
+    for(ii=p->nScan-1; ii>=0; ii--){
+      pScan = &p->aScan[ii];
+      if( pScan->addrExplain==addrExplain ) break;
+      pScan = 0;
+    }
+    if( pScan ){
+      pScan->addrLoop = addrLoop;
+      pScan->addrVisit = addrVisit;
+    }
+  }
+}
+#endif /* defined(SQLITE_ENABLE_STMT_SCANSTATUS) */
 
 
 /*
@@ -81841,15 +84038,19 @@ SQLITE_PRIVATE void sqlite3VdbeScanStatus(
 ** for a specific instruction.
 */
 SQLITE_PRIVATE void sqlite3VdbeChangeOpcode(Vdbe *p, int addr, u8 iNewOpcode){
+  assert( addr>=0 );
   sqlite3VdbeGetOp(p,addr)->opcode = iNewOpcode;
 }
 SQLITE_PRIVATE void sqlite3VdbeChangeP1(Vdbe *p, int addr, int val){
+  assert( addr>=0 );
   sqlite3VdbeGetOp(p,addr)->p1 = val;
 }
 SQLITE_PRIVATE void sqlite3VdbeChangeP2(Vdbe *p, int addr, int val){
+  assert( addr>=0 || p->db->mallocFailed );
   sqlite3VdbeGetOp(p,addr)->p2 = val;
 }
 SQLITE_PRIVATE void sqlite3VdbeChangeP3(Vdbe *p, int addr, int val){
+  assert( addr>=0 );
   sqlite3VdbeGetOp(p,addr)->p3 = val;
 }
 SQLITE_PRIVATE void sqlite3VdbeChangeP5(Vdbe *p, u16 p5){
@@ -81857,6 +84058,18 @@ SQLITE_PRIVATE void sqlite3VdbeChangeP5(Vdbe *p, u16 p5){
   if( p->nOp>0 ) p->aOp[p->nOp-1].p5 = p5;
 }
 
+/*
+** If the previous opcode is an OP_Column that delivers results
+** into register iDest, then add the OPFLAG_TYPEOFARG flag to that
+** opcode.
+*/
+SQLITE_PRIVATE void sqlite3VdbeTypeofColumn(Vdbe *p, int iDest){
+  VdbeOp *pOp = sqlite3VdbeGetLastOp(p);
+  if( pOp->p3==iDest && pOp->opcode==OP_Column ){
+    pOp->p5 |= OPFLAG_TYPEOFARG;
+  }
+}
+
 /*
 ** Change the P2 operand of instruction addr so that it points to
 ** the address of the next instruction to be coded.
@@ -81885,7 +84098,7 @@ SQLITE_PRIVATE void sqlite3VdbeJumpHereOrPopInst(Vdbe *p, int addr){
          || p->aOp[addr].opcode==OP_FkIfZero );
     assert( p->aOp[addr].p4type==0 );
 #ifdef SQLITE_VDBE_COVERAGE
-    sqlite3VdbeGetOp(p,-1)->iSrcLine = 0;  /* Erase VdbeCoverage() macros */
+    sqlite3VdbeGetLastOp(p)->iSrcLine = 0;  /* Erase VdbeCoverage() macros */
 #endif
     p->nOp--;
   }else{
@@ -81899,8 +84112,9 @@ SQLITE_PRIVATE void sqlite3VdbeJumpHereOrPopInst(Vdbe *p, int addr){
 ** the FuncDef is not ephermal, then do nothing.
 */
 static void freeEphemeralFunction(sqlite3 *db, FuncDef *pDef){
+  assert( db!=0 );
   if( (pDef->funcFlags & SQLITE_FUNC_EPHEM)!=0 ){
-    sqlite3DbFreeNN(db, pDef);
+    sqlite3DbNNFreeNN(db, pDef);
   }
 }
 
@@ -81909,11 +84123,12 @@ static void freeEphemeralFunction(sqlite3 *db, FuncDef *pDef){
 */
 static SQLITE_NOINLINE void freeP4Mem(sqlite3 *db, Mem *p){
   if( p->szMalloc ) sqlite3DbFree(db, p->zMalloc);
-  sqlite3DbFreeNN(db, p);
+  sqlite3DbNNFreeNN(db, p);
 }
 static SQLITE_NOINLINE void freeP4FuncCtx(sqlite3 *db, sqlite3_context *p){
+  assert( db!=0 );
   freeEphemeralFunction(db, p->pFunc);
-  sqlite3DbFreeNN(db, p);
+  sqlite3DbNNFreeNN(db, p);
 }
 static void freeP4(sqlite3 *db, int p4type, void *p4){
   assert( db );
@@ -81926,7 +84141,7 @@ static void freeP4(sqlite3 *db, int p4type, void *p4){
     case P4_INT64:
     case P4_DYNAMIC:
     case P4_INTARRAY: {
-      sqlite3DbFree(db, p4);
+      if( p4 ) sqlite3DbNNFreeNN(db, p4);
       break;
     }
     case P4_KEYINFO: {
@@ -81965,6 +84180,7 @@ static void freeP4(sqlite3 *db, int p4type, void *p4){
 */
 static void vdbeFreeOpArray(sqlite3 *db, Op *aOp, int nOp){
   assert( nOp>=0 );
+  assert( db!=0 );
   if( aOp ){
     Op *pOp = &aOp[nOp-1];
     while(1){  /* Exit via break */
@@ -81975,7 +84191,7 @@ static void vdbeFreeOpArray(sqlite3 *db, Op *aOp, int nOp){
       if( pOp==aOp ) break;
       pOp--;
     }
-    sqlite3DbFreeNN(db, aOp);
+    sqlite3DbNNFreeNN(db, aOp);
   }
 }
 
@@ -82144,7 +84360,7 @@ SQLITE_PRIVATE void sqlite3VdbeAppendP4(Vdbe *p, void *pP4, int n){
   if( p->db->mallocFailed ){
     freeP4(p->db, n, pP4);
   }else{
-    assert( pP4!=0 );
+    assert( pP4!=0 || n==P4_DYNAMIC );
     assert( p->nOp>0 );
     pOp = &p->aOp[p->nOp-1];
     assert( pOp->p4type==P4_NOTUSED );
@@ -82206,13 +84422,13 @@ SQLITE_PRIVATE void sqlite3VdbeNoopComment(Vdbe *p, const char *zFormat, ...){
 ** Set the value if the iSrcLine field for the previously coded instruction.
 */
 SQLITE_PRIVATE void sqlite3VdbeSetLineNumber(Vdbe *v, int iLine){
-  sqlite3VdbeGetOp(v,-1)->iSrcLine = iLine;
+  sqlite3VdbeGetLastOp(v)->iSrcLine = iLine;
 }
 #endif /* SQLITE_VDBE_COVERAGE */
 
 /*
-** Return the opcode for a given address.  If the address is -1, then
-** return the most recently inserted opcode.
+** Return the opcode for a given address.  The address must be non-negative.
+** See sqlite3VdbeGetLastOp() to get the most recently added opcode.
 **
 ** If a memory allocation error has occurred prior to the calling of this
 ** routine, then a pointer to a dummy VdbeOp will be returned.  That opcode
@@ -82228,9 +84444,6 @@ SQLITE_PRIVATE VdbeOp *sqlite3VdbeGetOp(Vdbe *p, int addr){
   ** zeros, which is correct.  MSVC generates a warning, nevertheless. */
   static VdbeOp dummy;  /* Ignore the MSVC warning about no initializer */
   assert( p->eVdbeState==VDBE_INIT_STATE );
-  if( addr<0 ){
-    addr = p->nOp - 1;
-  }
   assert( (addr>=0 && addrnOp) || p->db->mallocFailed );
   if( p->db->mallocFailed ){
     return (VdbeOp*)&dummy;
@@ -82239,6 +84452,12 @@ SQLITE_PRIVATE VdbeOp *sqlite3VdbeGetOp(Vdbe *p, int addr){
   }
 }
 
+/* Return the most recently added opcode
+*/
+SQLITE_PRIVATE VdbeOp *sqlite3VdbeGetLastOp(Vdbe *p){
+  return sqlite3VdbeGetOp(p, p->nOp - 1);
+}
+
 #if defined(SQLITE_ENABLE_EXPLAIN_COMMENTS)
 /*
 ** Return an integer value for one of the parameters to the opcode pOp
@@ -82726,7 +84945,7 @@ static void releaseMemArray(Mem *p, int N){
         sqlite3VdbeMemRelease(p);
         p->flags = MEM_Undefined;
       }else if( p->szMalloc ){
-        sqlite3DbFreeNN(db, p->zMalloc);
+        sqlite3DbNNFreeNN(db, p->zMalloc);
         p->szMalloc = 0;
         p->flags = MEM_Undefined;
       }
@@ -82940,7 +85159,6 @@ SQLITE_PRIVATE int sqlite3VdbeList(
   ** sqlite3_column_text16(), causing a translation to UTF-16 encoding.
   */
   releaseMemArray(pMem, 8);
-  p->pResultSet = 0;
 
   if( p->rc==SQLITE_NOMEM ){
     /* This happens if a malloc() inside a call to sqlite3_column_text() or
@@ -82997,7 +85215,7 @@ SQLITE_PRIVATE int sqlite3VdbeList(
         sqlite3VdbeMemSetStr(pMem+5, zP4, -1, SQLITE_UTF8, sqlite3_free);
         p->nResColumn = 8;
       }
-      p->pResultSet = pMem;
+      p->pResultRow = pMem;
       if( db->mallocFailed ){
         p->rc = SQLITE_NOMEM;
         rc = SQLITE_ERROR;
@@ -83108,7 +85326,7 @@ static void *allocSpace(
 ** running it.
 */
 SQLITE_PRIVATE void sqlite3VdbeRewind(Vdbe *p){
-#if defined(SQLITE_DEBUG) || defined(VDBE_PROFILE)
+#if defined(SQLITE_DEBUG)
   int i;
 #endif
   assert( p!=0 );
@@ -83137,8 +85355,8 @@ SQLITE_PRIVATE void sqlite3VdbeRewind(Vdbe *p){
   p->nFkConstraint = 0;
 #ifdef VDBE_PROFILE
   for(i=0; inOp; i++){
-    p->aOp[i].cnt = 0;
-    p->aOp[i].cycles = 0;
+    p->aOp[i].nExec = 0;
+    p->aOp[i].nCycle = 0;
   }
 #endif
 }
@@ -83247,9 +85465,6 @@ SQLITE_PRIVATE void sqlite3VdbeMakeReady(
   p->aVar = allocSpace(&x, 0, nVar*sizeof(Mem));
   p->apArg = allocSpace(&x, 0, nArg*sizeof(Mem*));
   p->apCsr = allocSpace(&x, 0, nCursor*sizeof(VdbeCursor*));
-#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
-  p->anExec = allocSpace(&x, 0, p->nOp*sizeof(i64));
-#endif
   if( x.nNeeded ){
     x.pSpace = p->pFree = sqlite3DbMallocRawNN(db, x.nNeeded);
     x.nFree = x.nNeeded;
@@ -83258,9 +85473,6 @@ SQLITE_PRIVATE void sqlite3VdbeMakeReady(
       p->aVar = allocSpace(&x, p->aVar, nVar*sizeof(Mem));
       p->apArg = allocSpace(&x, p->apArg, nArg*sizeof(Mem*));
       p->apCsr = allocSpace(&x, p->apCsr, nCursor*sizeof(VdbeCursor*));
-#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
-      p->anExec = allocSpace(&x, p->anExec, p->nOp*sizeof(i64));
-#endif
     }
   }
 
@@ -83275,9 +85487,6 @@ SQLITE_PRIVATE void sqlite3VdbeMakeReady(
     p->nMem = nMem;
     initMemArray(p->aMem, nMem, db, MEM_Undefined);
     memset(p->apCsr, 0, nCursor*sizeof(VdbeCursor*));
-#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
-    memset(p->anExec, 0, p->nOp*sizeof(i64));
-#endif
   }
   sqlite3VdbeRewind(p);
 }
@@ -83335,9 +85544,6 @@ static void closeCursorsInFrame(Vdbe *p){
 SQLITE_PRIVATE int sqlite3VdbeFrameRestore(VdbeFrame *pFrame){
   Vdbe *v = pFrame->v;
   closeCursorsInFrame(v);
-#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
-  v->anExec = pFrame->anExec;
-#endif
   v->aOp = pFrame->aOp;
   v->nOp = pFrame->nOp;
   v->aMem = pFrame->aMem;
@@ -83718,7 +85924,7 @@ static void checkActiveVdbeCnt(sqlite3 *db){
       if( p->readOnly==0 ) nWrite++;
       if( p->bIsReader ) nRead++;
     }
-    p = p->pNext;
+    p = p->pVNext;
   }
   assert( cnt==db->nVdbeActive );
   assert( nWrite==db->nVdbeWrite );
@@ -83952,6 +86158,8 @@ SQLITE_PRIVATE int sqlite3VdbeHalt(Vdbe *p){
           db->flags &= ~(u64)SQLITE_DeferFKs;
           sqlite3CommitInternalChanges(db);
         }
+      }else if( p->rc==SQLITE_SCHEMA && db->nVdbeActive>1 ){
+        p->nChange = 0;
       }else{
         sqlite3RollbackAll(db, SQLITE_OK);
         p->nChange = 0;
@@ -84141,7 +86349,7 @@ SQLITE_PRIVATE int sqlite3VdbeReset(Vdbe *p){
     sqlite3DbFree(db, p->zErrMsg);
     p->zErrMsg = 0;
   }
-  p->pResultSet = 0;
+  p->pResultRow = 0;
 #ifdef SQLITE_DEBUG
   p->nWrite = 0;
 #endif
@@ -84169,10 +86377,12 @@ SQLITE_PRIVATE int sqlite3VdbeReset(Vdbe *p){
       }
       for(i=0; inOp; i++){
         char zHdr[100];
+        i64 cnt = p->aOp[i].nExec;
+        i64 cycles = p->aOp[i].nCycle;
         sqlite3_snprintf(sizeof(zHdr), zHdr, "%6u %12llu %8llu ",
-           p->aOp[i].cnt,
-           p->aOp[i].cycles,
-           p->aOp[i].cnt>0 ? p->aOp[i].cycles/p->aOp[i].cnt : 0
+           cnt,
+           cycles,
+           cnt>0 ? cycles/cnt : 0
         );
         fprintf(out, "%s", zHdr);
         sqlite3VdbePrintOp(out, i, &p->aOp[i]);
@@ -84247,10 +86457,11 @@ SQLITE_PRIVATE void sqlite3VdbeDeleteAuxData(sqlite3 *db, AuxData **pp, int iOp,
 */
 static void sqlite3VdbeClearObject(sqlite3 *db, Vdbe *p){
   SubProgram *pSub, *pNext;
+  assert( db!=0 );
   assert( p->db==0 || p->db==db );
   if( p->aColName ){
     releaseMemArray(p->aColName, p->nResColumn*COLNAME_N);
-    sqlite3DbFreeNN(db, p->aColName);
+    sqlite3DbNNFreeNN(db, p->aColName);
   }
   for(pSub=p->pProgram; pSub; pSub=pNext){
     pNext = pSub->pNext;
@@ -84259,17 +86470,17 @@ static void sqlite3VdbeClearObject(sqlite3 *db, Vdbe *p){
   }
   if( p->eVdbeState!=VDBE_INIT_STATE ){
     releaseMemArray(p->aVar, p->nVar);
-    if( p->pVList ) sqlite3DbFreeNN(db, p->pVList);
-    if( p->pFree ) sqlite3DbFreeNN(db, p->pFree);
+    if( p->pVList ) sqlite3DbNNFreeNN(db, p->pVList);
+    if( p->pFree ) sqlite3DbNNFreeNN(db, p->pFree);
   }
   vdbeFreeOpArray(db, p->aOp, p->nOp);
-  sqlite3DbFree(db, p->zSql);
+  if( p->zSql ) sqlite3DbNNFreeNN(db, p->zSql);
 #ifdef SQLITE_ENABLE_NORMALIZE
   sqlite3DbFree(db, p->zNormSql);
   {
-    DblquoteStr *pThis, *pNext;
-    for(pThis=p->pDblStr; pThis; pThis=pNext){
-      pNext = pThis->pNextStr;
+    DblquoteStr *pThis, *pNxt;
+    for(pThis=p->pDblStr; pThis; pThis=pNxt){
+      pNxt = pThis->pNextStr;
       sqlite3DbFree(db, pThis);
     }
   }
@@ -84293,20 +86504,17 @@ SQLITE_PRIVATE void sqlite3VdbeDelete(Vdbe *p){
 
   assert( p!=0 );
   db = p->db;
+  assert( db!=0 );
   assert( sqlite3_mutex_held(db->mutex) );
   sqlite3VdbeClearObject(db, p);
   if( db->pnBytesFreed==0 ){
-    if( p->pPrev ){
-      p->pPrev->pNext = p->pNext;
-    }else{
-      assert( db->pVdbe==p );
-      db->pVdbe = p->pNext;
-    }
-    if( p->pNext ){
-      p->pNext->pPrev = p->pPrev;
+    assert( p->ppVPrev!=0 );
+    *p->ppVPrev = p->pVNext;
+    if( p->pVNext ){
+      p->pVNext->ppVPrev = p->ppVPrev;
     }
   }
-  sqlite3DbFreeNN(db, p);
+  sqlite3DbNNFreeNN(db, p);
 }
 
 /*
@@ -85261,7 +87469,7 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
   assert( pPKey2->pKeyInfo->aSortFlags!=0 );
   assert( pPKey2->pKeyInfo->nKeyField>0 );
   assert( idx1<=szHdr1 || CORRUPT_DB );
-  do{
+  while( 1 /*exit-by-break*/ ){
     u32 serial_type;
 
     /* RHS is an integer */
@@ -85271,7 +87479,7 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
       serial_type = aKey1[idx1];
       testcase( serial_type==12 );
       if( serial_type>=10 ){
-        rc = +1;
+        rc = serial_type==10 ? -1 : +1;
       }else if( serial_type==0 ){
         rc = -1;
       }else if( serial_type==7 ){
@@ -85296,7 +87504,7 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
         ** numbers). Types 10 and 11 are currently "reserved for future
         ** use", so it doesn't really matter what the results of comparing
         ** them to numberic values are.  */
-        rc = +1;
+        rc = serial_type==10 ? -1 : +1;
       }else if( serial_type==0 ){
         rc = -1;
       }else{
@@ -85377,7 +87585,7 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
     /* RHS is null */
     else{
       serial_type = aKey1[idx1];
-      rc = (serial_type!=0);
+      rc = (serial_type!=0 && serial_type!=10);
     }
 
     if( rc!=0 ){
@@ -85399,8 +87607,13 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
     if( i==pPKey2->nField ) break;
     pRhs++;
     d1 += sqlite3VdbeSerialTypeLen(serial_type);
+    if( d1>(unsigned)nKey1 ) break;
     idx1 += sqlite3VarintLen(serial_type);
-  }while( idx1<(unsigned)szHdr1 && d1<=(unsigned)nKey1 );
+    if( idx1>=(unsigned)szHdr1 ){
+      pPKey2->errCode = (u8)SQLITE_CORRUPT_BKPT;
+      return 0;  /* Corrupt index */
+    }
+  }
 
   /* No memory allocation is ever used on mem1.  Prove this using
   ** the following assert().  If the assert() fails, it indicates a
@@ -85801,7 +88014,7 @@ SQLITE_PRIVATE void sqlite3VdbeCountChanges(Vdbe *v){
 */
 SQLITE_PRIVATE void sqlite3ExpirePreparedStatements(sqlite3 *db, int iCode){
   Vdbe *p;
-  for(p = db->pVdbe; p; p=p->pNext){
+  for(p = db->pVdbe; p; p=p->pVNext){
     p->expired = iCode+1;
   }
 }
@@ -85894,6 +88107,20 @@ SQLITE_PRIVATE int sqlite3NotPureFunc(sqlite3_context *pCtx){
   return 1;
 }
 
+#if defined(SQLITE_ENABLE_CURSOR_HINTS) && defined(SQLITE_DEBUG)
+/*
+** This Walker callback is used to help verify that calls to
+** sqlite3BtreeCursorHint() with opcode BTREE_HINT_RANGE have
+** byte-code register values correctly initialized.
+*/
+SQLITE_PRIVATE int sqlite3CursorRangeHintExprCheck(Walker *pWalker, Expr *pExpr){
+  if( pExpr->op==TK_REGISTER ){
+    assert( (pWalker->u.aMem[pExpr->iTable].flags & MEM_Undefined)==0 );
+  }
+  return WRC_Continue;
+}
+#endif /* SQLITE_ENABLE_CURSOR_HINTS && SQLITE_DEBUG */
+
 #ifndef SQLITE_OMIT_VIRTUALTABLE
 /*
 ** Transfer error message text from an sqlite3_vtab.zErrMsg (text stored
@@ -85922,13 +88149,14 @@ SQLITE_PRIVATE void sqlite3VtabImportErrmsg(Vdbe *p, sqlite3_vtab *pVtab){
 ** the vdbeUnpackRecord() function found in vdbeapi.c.
 */
 static void vdbeFreeUnpacked(sqlite3 *db, int nField, UnpackedRecord *p){
+  assert( db!=0 );
   if( p ){
     int i;
     for(i=0; iaMem[i];
       if( pMem->zMalloc ) sqlite3VdbeMemReleaseMalloc(pMem);
     }
-    sqlite3DbFreeNN(db, p);
+    sqlite3DbNNFreeNN(db, p);
   }
 }
 #endif /* SQLITE_ENABLE_PREUPDATE_HOOK */
@@ -85955,6 +88183,16 @@ SQLITE_PRIVATE void sqlite3VdbePreUpdateHook(
   PreUpdate preupdate;
   const char *zTbl = pTab->zName;
   static const u8 fakeSortOrder = 0;
+#ifdef SQLITE_DEBUG
+  int nRealCol;
+  if( pTab->tabFlags & TF_WithoutRowid ){
+    nRealCol = sqlite3PrimaryKeyIndex(pTab)->nColumn;
+  }else if( pTab->tabFlags & TF_HasVirtual ){
+    nRealCol = pTab->nNVCol;
+  }else{
+    nRealCol = pTab->nCol;
+  }
+#endif
 
   assert( db->pPreUpdate==0 );
   memset(&preupdate, 0, sizeof(PreUpdate));
@@ -85971,8 +88209,8 @@ SQLITE_PRIVATE void sqlite3VdbePreUpdateHook(
 
   assert( pCsr!=0 );
   assert( pCsr->eCurType==CURTYPE_BTREE );
-  assert( pCsr->nField==pTab->nCol
-       || (pCsr->nField==pTab->nCol+1 && op==SQLITE_DELETE && iReg==-1)
+  assert( pCsr->nField==nRealCol
+       || (pCsr->nField==nRealCol+1 && op==SQLITE_DELETE && iReg==-1)
   );
 
   preupdate.v = v;
@@ -85999,7 +88237,7 @@ SQLITE_PRIVATE void sqlite3VdbePreUpdateHook(
     for(i=0; inField; i++){
       sqlite3VdbeMemRelease(&preupdate.aNew[i]);
     }
-    sqlite3DbFreeNN(db, preupdate.aNew);
+    sqlite3DbNNFreeNN(db, preupdate.aNew);
   }
 }
 #endif /* SQLITE_ENABLE_PREUPDATE_HOOK */
@@ -86023,6 +88261,7 @@ SQLITE_PRIVATE void sqlite3VdbePreUpdateHook(
 */
 /* #include "sqliteInt.h" */
 /* #include "vdbeInt.h" */
+/* #include "opcodes.h" */
 
 #ifndef SQLITE_OMIT_DEPRECATED
 /*
@@ -86116,7 +88355,9 @@ SQLITE_API int sqlite3_finalize(sqlite3_stmt *pStmt){
     if( vdbeSafety(v) ) return SQLITE_MISUSE_BKPT;
     sqlite3_mutex_enter(db->mutex);
     checkProfileCallback(db, v);
-    rc = sqlite3VdbeFinalize(v);
+    assert( v->eVdbeState>=VDBE_READY_STATE );
+    rc = sqlite3VdbeReset(v);
+    sqlite3VdbeDelete(v);
     rc = sqlite3ApiExit(db, rc);
     sqlite3LeaveMutexAndCloseZombie(db);
   }
@@ -86276,7 +88517,7 @@ SQLITE_API int sqlite3_value_type(sqlite3_value* pVal){
      SQLITE_NULL,     /* 0x1f (not possible) */
      SQLITE_FLOAT,    /* 0x20 INTREAL */
      SQLITE_NULL,     /* 0x21 (not possible) */
-     SQLITE_TEXT,     /* 0x22 INTREAL + TEXT */
+     SQLITE_FLOAT,    /* 0x22 INTREAL + TEXT */
      SQLITE_NULL,     /* 0x23 (not possible) */
      SQLITE_FLOAT,    /* 0x24 (not possible) */
      SQLITE_NULL,     /* 0x25 (not possible) */
@@ -86324,6 +88565,9 @@ SQLITE_API int sqlite3_value_type(sqlite3_value* pVal){
 #endif
   return aType[pVal->flags&MEM_AffMask];
 }
+SQLITE_API int sqlite3_value_encoding(sqlite3_value *pVal){
+  return pVal->enc;
+}
 
 /* Return true if a parameter to xUpdate represents an unchanged column */
 SQLITE_API int sqlite3_value_nochange(sqlite3_value *pVal){
@@ -86508,7 +88752,10 @@ SQLITE_API void sqlite3_result_text64(
 ){
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   assert( xDel!=SQLITE_DYNAMIC );
-  if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
+  if( enc!=SQLITE_UTF8 ){
+    if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
+    n &= ~(u64)1;
+  }
   if( n>0x7fffffff ){
     (void)invokeValueDestructor(z, xDel, pCtx);
   }else{
@@ -86523,7 +88770,7 @@ SQLITE_API void sqlite3_result_text16(
   void (*xDel)(void *)
 ){
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
-  setResultStrOrError(pCtx, z, n, SQLITE_UTF16NATIVE, xDel);
+  setResultStrOrError(pCtx, z, n & ~(u64)1, SQLITE_UTF16NATIVE, xDel);
 }
 SQLITE_API void sqlite3_result_text16be(
   sqlite3_context *pCtx,
@@ -86532,7 +88779,7 @@ SQLITE_API void sqlite3_result_text16be(
   void (*xDel)(void *)
 ){
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
-  setResultStrOrError(pCtx, z, n, SQLITE_UTF16BE, xDel);
+  setResultStrOrError(pCtx, z, n & ~(u64)1, SQLITE_UTF16BE, xDel);
 }
 SQLITE_API void sqlite3_result_text16le(
   sqlite3_context *pCtx,
@@ -86541,7 +88788,7 @@ SQLITE_API void sqlite3_result_text16le(
   void (*xDel)(void *)
 ){
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
-  setResultStrOrError(pCtx, z, n, SQLITE_UTF16LE, xDel);
+  setResultStrOrError(pCtx, z, n & ~(u64)1, SQLITE_UTF16LE, xDel);
 }
 #endif /* SQLITE_OMIT_UTF16 */
 SQLITE_API void sqlite3_result_value(sqlite3_context *pCtx, sqlite3_value *pValue){
@@ -86752,7 +88999,7 @@ static int sqlite3Step(Vdbe *p){
     /* If the statement completed successfully, invoke the profile callback */
     checkProfileCallback(db, p);
 #endif
-
+    p->pResultRow = 0;
     if( rc==SQLITE_DONE && db->autoCommit ){
       assert( p->rc==SQLITE_OK );
       p->rc = doWalCallbacks(db);
@@ -86881,6 +89128,17 @@ SQLITE_API int sqlite3_vtab_nochange(sqlite3_context *p){
   return sqlite3_value_nochange(p->pOut);
 }
 
+/*
+** The destructor function for a ValueList object.  This needs to be
+** a separate function, unknowable to the application, to ensure that
+** calls to sqlite3_vtab_in_first()/sqlite3_vtab_in_next() that are not
+** preceeded by activation of IN processing via sqlite3_vtab_int() do not
+** try to access a fake ValueList object inserted by a hostile extension.
+*/
+SQLITE_PRIVATE void sqlite3VdbeValueListFree(void *pToDelete){
+  sqlite3_free(pToDelete);
+}
+
 /*
 ** Implementation of sqlite3_vtab_in_first() (if bNext==0) and
 ** sqlite3_vtab_in_next() (if bNext!=0).
@@ -86895,8 +89153,15 @@ static int valueFromValueList(
 
   *ppOut = 0;
   if( pVal==0 ) return SQLITE_MISUSE;
-  pRhs = (ValueList*)sqlite3_value_pointer(pVal, "ValueList");
-  if( pRhs==0 ) return SQLITE_MISUSE;
+  if( (pVal->flags & MEM_Dyn)==0 || pVal->xDel!=sqlite3VdbeValueListFree ){
+    return SQLITE_ERROR;
+  }else{
+    assert( (pVal->flags&(MEM_TypeMask|MEM_Term|MEM_Subtype)) ==
+                 (MEM_Null|MEM_Term|MEM_Subtype) );
+    assert( pVal->eSubtype=='p' );
+    assert( pVal->u.zPType!=0 && strcmp(pVal->u.zPType,"ValueList")==0 );
+    pRhs = (ValueList*)pVal->z;
+  }
   if( bNext ){
     rc = sqlite3BtreeNext(pRhs->pCsr, 0);
   }else{
@@ -87116,7 +89381,7 @@ SQLITE_API int sqlite3_column_count(sqlite3_stmt *pStmt){
 */
 SQLITE_API int sqlite3_data_count(sqlite3_stmt *pStmt){
   Vdbe *pVm = (Vdbe *)pStmt;
-  if( pVm==0 || pVm->pResultSet==0 ) return 0;
+  if( pVm==0 || pVm->pResultRow==0 ) return 0;
   return pVm->nResColumn;
 }
 
@@ -87171,8 +89436,8 @@ static Mem *columnMem(sqlite3_stmt *pStmt, int i){
   if( pVm==0 ) return (Mem*)columnNullValue();
   assert( pVm->db );
   sqlite3_mutex_enter(pVm->db->mutex);
-  if( pVm->pResultSet!=0 && inResColumn && i>=0 ){
-    pOut = &pVm->pResultSet[i];
+  if( pVm->pResultRow!=0 && inResColumn && i>=0 ){
+    pOut = &pVm->pResultRow[i];
   }else{
     sqlite3Error(pVm->db, SQLITE_RANGE);
     pOut = (Mem*)columnNullValue();
@@ -87318,9 +89583,9 @@ static const void *columnName(
   assert( db!=0 );
   n = sqlite3_column_count(pStmt);
   if( N=0 ){
+    u8 prior_mallocFailed = db->mallocFailed;
     N += useType*n;
     sqlite3_mutex_enter(db->mutex);
-    assert( db->mallocFailed==0 );
 #ifndef SQLITE_OMIT_UTF16
     if( useUtf16 ){
       ret = sqlite3_value_text16((sqlite3_value*)&p->aColName[N]);
@@ -87332,7 +89597,8 @@ static const void *columnName(
     /* A malloc may have failed inside of the _text() call. If this
     ** is the case, clear the mallocFailed flag and return NULL.
     */
-    if( db->mallocFailed ){
+    assert( db->mallocFailed==0 || db->mallocFailed==1 );
+    if( db->mallocFailed > prior_mallocFailed ){
       sqlite3OomClear(db);
       ret = 0;
     }
@@ -87438,7 +89704,7 @@ SQLITE_API const void *sqlite3_column_origin_name16(sqlite3_stmt *pStmt, int N){
 ** The error code stored in database p->db is overwritten with the return
 ** value in any case.
 */
-static int vdbeUnbind(Vdbe *p, int i){
+static int vdbeUnbind(Vdbe *p, unsigned int i){
   Mem *pVar;
   if( vdbeSafetyNotNull(p) ){
     return SQLITE_MISUSE_BKPT;
@@ -87451,12 +89717,11 @@ static int vdbeUnbind(Vdbe *p, int i){
         "bind on a busy prepared statement: [%s]", p->zSql);
     return SQLITE_MISUSE_BKPT;
   }
-  if( i<1 || i>p->nVar ){
+  if( i>=(unsigned int)p->nVar ){
     sqlite3Error(p->db, SQLITE_RANGE);
     sqlite3_mutex_leave(p->db->mutex);
     return SQLITE_RANGE;
   }
-  i--;
   pVar = &p->aVar[i];
   sqlite3VdbeMemRelease(pVar);
   pVar->flags = MEM_Null;
@@ -87493,7 +89758,7 @@ static int bindText(
   Mem *pVar;
   int rc;
 
-  rc = vdbeUnbind(p, i);
+  rc = vdbeUnbind(p, (u32)(i-1));
   if( rc==SQLITE_OK ){
     if( zData!=0 ){
       pVar = &p->aVar[i-1];
@@ -87542,7 +89807,7 @@ SQLITE_API int sqlite3_bind_blob64(
 SQLITE_API int sqlite3_bind_double(sqlite3_stmt *pStmt, int i, double rValue){
   int rc;
   Vdbe *p = (Vdbe *)pStmt;
-  rc = vdbeUnbind(p, i);
+  rc = vdbeUnbind(p, (u32)(i-1));
   if( rc==SQLITE_OK ){
     sqlite3VdbeMemSetDouble(&p->aVar[i-1], rValue);
     sqlite3_mutex_leave(p->db->mutex);
@@ -87555,7 +89820,7 @@ SQLITE_API int sqlite3_bind_int(sqlite3_stmt *p, int i, int iValue){
 SQLITE_API int sqlite3_bind_int64(sqlite3_stmt *pStmt, int i, sqlite_int64 iValue){
   int rc;
   Vdbe *p = (Vdbe *)pStmt;
-  rc = vdbeUnbind(p, i);
+  rc = vdbeUnbind(p, (u32)(i-1));
   if( rc==SQLITE_OK ){
     sqlite3VdbeMemSetInt64(&p->aVar[i-1], iValue);
     sqlite3_mutex_leave(p->db->mutex);
@@ -87565,7 +89830,7 @@ SQLITE_API int sqlite3_bind_int64(sqlite3_stmt *pStmt, int i, sqlite_int64 iValu
 SQLITE_API int sqlite3_bind_null(sqlite3_stmt *pStmt, int i){
   int rc;
   Vdbe *p = (Vdbe*)pStmt;
-  rc = vdbeUnbind(p, i);
+  rc = vdbeUnbind(p, (u32)(i-1));
   if( rc==SQLITE_OK ){
     sqlite3_mutex_leave(p->db->mutex);
   }
@@ -87580,7 +89845,7 @@ SQLITE_API int sqlite3_bind_pointer(
 ){
   int rc;
   Vdbe *p = (Vdbe*)pStmt;
-  rc = vdbeUnbind(p, i);
+  rc = vdbeUnbind(p, (u32)(i-1));
   if( rc==SQLITE_OK ){
     sqlite3VdbeMemSetPointer(&p->aVar[i-1], pPtr, zPTtype, xDestructor);
     sqlite3_mutex_leave(p->db->mutex);
@@ -87607,7 +89872,10 @@ SQLITE_API int sqlite3_bind_text64(
   unsigned char enc
 ){
   assert( xDel!=SQLITE_DYNAMIC );
-  if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
+  if( enc!=SQLITE_UTF8 ){
+    if( enc==SQLITE_UTF16 ) enc = SQLITE_UTF16NATIVE;
+    nData &= ~(u16)1;
+  }
   return bindText(pStmt, i, zData, nData, xDel, enc);
 }
 #ifndef SQLITE_OMIT_UTF16
@@ -87615,10 +89883,10 @@ SQLITE_API int sqlite3_bind_text16(
   sqlite3_stmt *pStmt,
   int i,
   const void *zData,
-  int nData,
+  int n,
   void (*xDel)(void*)
 ){
-  return bindText(pStmt, i, zData, nData, xDel, SQLITE_UTF16NATIVE);
+  return bindText(pStmt, i, zData, n & ~(u64)1, xDel, SQLITE_UTF16NATIVE);
 }
 #endif /* SQLITE_OMIT_UTF16 */
 SQLITE_API int sqlite3_bind_value(sqlite3_stmt *pStmt, int i, const sqlite3_value *pValue){
@@ -87658,7 +89926,7 @@ SQLITE_API int sqlite3_bind_value(sqlite3_stmt *pStmt, int i, const sqlite3_valu
 SQLITE_API int sqlite3_bind_zeroblob(sqlite3_stmt *pStmt, int i, int n){
   int rc;
   Vdbe *p = (Vdbe *)pStmt;
-  rc = vdbeUnbind(p, i);
+  rc = vdbeUnbind(p, (u32)(i-1));
   if( rc==SQLITE_OK ){
 #ifndef SQLITE_OMIT_INCRBLOB
     sqlite3VdbeMemSetZeroBlob(&p->aVar[i-1], n);
@@ -87818,7 +90086,7 @@ SQLITE_API sqlite3_stmt *sqlite3_next_stmt(sqlite3 *pDb, sqlite3_stmt *pStmt){
   if( pStmt==0 ){
     pNext = (sqlite3_stmt*)pDb->pVdbe;
   }else{
-    pNext = (sqlite3_stmt*)((Vdbe*)pStmt)->pNext;
+    pNext = (sqlite3_stmt*)((Vdbe*)pStmt)->pVNext;
   }
   sqlite3_mutex_leave(pDb->mutex);
   return pNext;
@@ -87843,8 +90111,11 @@ SQLITE_API int sqlite3_stmt_status(sqlite3_stmt *pStmt, int op, int resetFlag){
     sqlite3_mutex_enter(db->mutex);
     v = 0;
     db->pnBytesFreed = (int*)&v;
+    assert( db->lookaside.pEnd==db->lookaside.pTrueEnd );
+    db->lookaside.pEnd = db->lookaside.pStart;
     sqlite3VdbeDelete(pVdbe);
     db->pnBytesFreed = 0;
+    db->lookaside.pEnd = db->lookaside.pTrueEnd;
     sqlite3_mutex_leave(db->mutex);
   }else{
     v = pVdbe->aCounter[op];
@@ -88106,23 +90377,69 @@ SQLITE_API int sqlite3_preupdate_new(sqlite3 *db, int iIdx, sqlite3_value **ppVa
 /*
 ** Return status data for a single loop within query pStmt.
 */
-SQLITE_API int sqlite3_stmt_scanstatus(
+SQLITE_API int sqlite3_stmt_scanstatus_v2(
   sqlite3_stmt *pStmt,            /* Prepared statement being queried */
-  int idx,                        /* Index of loop to report on */
+  int iScan,                      /* Index of loop to report on */
   int iScanStatusOp,              /* Which metric to return */
+  int flags,
   void *pOut                      /* OUT: Write the answer here */
 ){
   Vdbe *p = (Vdbe*)pStmt;
-  ScanStatus *pScan;
-  if( idx<0 || idx>=p->nScan ) return 1;
-  pScan = &p->aScan[idx];
+  VdbeOp *aOp = p->aOp;
+  int nOp = p->nOp;
+  ScanStatus *pScan = 0;
+  int idx;
+
+  if( p->pFrame ){
+    VdbeFrame *pFrame;
+    for(pFrame=p->pFrame; pFrame->pParent; pFrame=pFrame->pParent);
+    aOp = pFrame->aOp;
+    nOp = pFrame->nOp;
+  }
+
+  if( iScan<0 ){
+    int ii;
+    if( iScanStatusOp==SQLITE_SCANSTAT_NCYCLE ){
+      i64 res = 0;
+      for(ii=0; iiaScan[idx];
+  }else{
+    /* If the COMPLEX flag is clear, then this function must ignore any
+    ** ScanStatus structures with ScanStatus.addrLoop set to 0. */
+    for(idx=0; idxnScan; idx++){
+      pScan = &p->aScan[idx];
+      if( pScan->zName ){
+        iScan--;
+        if( iScan<0 ) break;
+      }
+    }
+  }
+  if( idx>=p->nScan ) return 1;
+
   switch( iScanStatusOp ){
     case SQLITE_SCANSTAT_NLOOP: {
-      *(sqlite3_int64*)pOut = p->anExec[pScan->addrLoop];
+      if( pScan->addrLoop>0 ){
+        *(sqlite3_int64*)pOut = aOp[pScan->addrLoop].nExec;
+      }else{
+        *(sqlite3_int64*)pOut = -1;
+      }
       break;
     }
     case SQLITE_SCANSTAT_NVISIT: {
-      *(sqlite3_int64*)pOut = p->anExec[pScan->addrVisit];
+      if( pScan->addrVisit>0 ){
+        *(sqlite3_int64*)pOut = aOp[pScan->addrVisit].nExec;
+      }else{
+        *(sqlite3_int64*)pOut = -1;
+      }
       break;
     }
     case SQLITE_SCANSTAT_EST: {
@@ -88141,7 +90458,7 @@ SQLITE_API int sqlite3_stmt_scanstatus(
     }
     case SQLITE_SCANSTAT_EXPLAIN: {
       if( pScan->addrExplain ){
-        *(const char**)pOut = p->aOp[ pScan->addrExplain ].p4.z;
+        *(const char**)pOut = aOp[ pScan->addrExplain ].p4.z;
       }else{
         *(const char**)pOut = 0;
       }
@@ -88149,12 +90466,51 @@ SQLITE_API int sqlite3_stmt_scanstatus(
     }
     case SQLITE_SCANSTAT_SELECTID: {
       if( pScan->addrExplain ){
-        *(int*)pOut = p->aOp[ pScan->addrExplain ].p1;
+        *(int*)pOut = aOp[ pScan->addrExplain ].p1;
       }else{
         *(int*)pOut = -1;
       }
       break;
     }
+    case SQLITE_SCANSTAT_PARENTID: {
+      if( pScan->addrExplain ){
+        *(int*)pOut = aOp[ pScan->addrExplain ].p2;
+      }else{
+        *(int*)pOut = -1;
+      }
+      break;
+    }
+    case SQLITE_SCANSTAT_NCYCLE: {
+      i64 res = 0;
+      if( pScan->aAddrRange[0]==0 ){
+        res = -1;
+      }else{
+        int ii;
+        for(ii=0; iiaAddrRange); ii+=2){
+          int iIns = pScan->aAddrRange[ii];
+          int iEnd = pScan->aAddrRange[ii+1];
+          if( iIns==0 ) break;
+          if( iIns>0 ){
+            while( iIns<=iEnd ){
+              res += aOp[iIns].nCycle;
+              iIns++;
+            }
+          }else{
+            int iOp;
+            for(iOp=0; iOpp1!=iEnd ) continue;
+              if( (sqlite3OpcodeProperty[pOp->opcode] & OPFLG_NCYCLE)==0 ){
+                continue;
+              }
+              res += aOp[iOp].nCycle;
+            }
+          }
+        }
+      }
+      *(i64*)pOut = res;
+      break;
+    }
     default: {
       return 1;
     }
@@ -88162,12 +90518,29 @@ SQLITE_API int sqlite3_stmt_scanstatus(
   return 0;
 }
 
+/*
+** Return status data for a single loop within query pStmt.
+*/
+SQLITE_API int sqlite3_stmt_scanstatus(
+  sqlite3_stmt *pStmt,            /* Prepared statement being queried */
+  int iScan,                      /* Index of loop to report on */
+  int iScanStatusOp,              /* Which metric to return */
+  void *pOut                      /* OUT: Write the answer here */
+){
+  return sqlite3_stmt_scanstatus_v2(pStmt, iScan, iScanStatusOp, 0, pOut);
+}
+
 /*
 ** Zero all counters associated with the sqlite3_stmt_scanstatus() data.
 */
 SQLITE_API void sqlite3_stmt_scanstatus_reset(sqlite3_stmt *pStmt){
   Vdbe *p = (Vdbe*)pStmt;
-  memset(p->anExec, 0, p->nOp * sizeof(i64));
+  int ii;
+  for(ii=0; iinOp; ii++){
+    Op *pOp = &p->aOp[ii];
+    pOp->nExec = 0;
+    pOp->nCycle = 0;
+  }
 }
 #endif /* SQLITE_ENABLE_STMT_SCANSTATUS */
 
@@ -88503,6 +90876,9 @@ SQLITE_API int sqlite3_found_count = 0;
 */
 static void test_trace_breakpoint(int pc, Op *pOp, Vdbe *v){
   static int n = 0;
+  (void)pc;
+  (void)pOp;
+  (void)v;
   n++;
 }
 #endif
@@ -88684,7 +91060,8 @@ static VdbeCursor *allocateCursor(
 ** return false.
 */
 static int alsoAnInt(Mem *pRec, double rValue, i64 *piValue){
-  i64 iValue = (double)rValue;
+  i64 iValue;
+  iValue = sqlite3RealToI64(rValue);
   if( sqlite3RealSameAsInt(rValue,iValue) ){
     *piValue = iValue;
     return 1;
@@ -88740,6 +91117,10 @@ static void applyNumericAffinity(Mem *pRec, int bTryForInt){
 **    always preferred, even if the affinity is REAL, because
 **    an integer representation is more space efficient on disk.
 **
+** SQLITE_AFF_FLEXNUM:
+**    If the value is text, then try to convert it into a number of
+**    some kind (integer or real) but do not make any other changes.
+**
 ** SQLITE_AFF_TEXT:
 **    Convert pRec to a text representation.
 **
@@ -88754,11 +91135,11 @@ static void applyAffinity(
 ){
   if( affinity>=SQLITE_AFF_NUMERIC ){
     assert( affinity==SQLITE_AFF_INTEGER || affinity==SQLITE_AFF_REAL
-             || affinity==SQLITE_AFF_NUMERIC );
+             || affinity==SQLITE_AFF_NUMERIC || affinity==SQLITE_AFF_FLEXNUM );
     if( (pRec->flags & MEM_Int)==0 ){ /*OPTIMIZATION-IF-FALSE*/
-      if( (pRec->flags & MEM_Real)==0 ){
+      if( (pRec->flags & (MEM_Real|MEM_IntReal))==0 ){
         if( pRec->flags & MEM_Str ) applyNumericAffinity(pRec,1);
-      }else{
+      }else if( affinity<=SQLITE_AFF_REAL ){
         sqlite3VdbeIntegerAffinity(pRec);
       }
     }
@@ -88846,17 +91227,18 @@ static u16 SQLITE_NOINLINE computeNumericType(Mem *pMem){
 ** But it does set pMem->u.r and pMem->u.i appropriately.
 */
 static u16 numericType(Mem *pMem){
-  if( pMem->flags & (MEM_Int|MEM_Real|MEM_IntReal) ){
+  assert( (pMem->flags & MEM_Null)==0
+       || pMem->db==0 || pMem->db->mallocFailed );
+  if( pMem->flags & (MEM_Int|MEM_Real|MEM_IntReal|MEM_Null) ){
     testcase( pMem->flags & MEM_Int );
     testcase( pMem->flags & MEM_Real );
     testcase( pMem->flags & MEM_IntReal );
-    return pMem->flags & (MEM_Int|MEM_Real|MEM_IntReal);
-  }
-  if( pMem->flags & (MEM_Str|MEM_Blob) ){
-    testcase( pMem->flags & MEM_Str );
-    testcase( pMem->flags & MEM_Blob );
-    return computeNumericType(pMem);
+    return pMem->flags & (MEM_Int|MEM_Real|MEM_IntReal|MEM_Null);
   }
+  assert( pMem->flags & (MEM_Str|MEM_Blob) );
+  testcase( pMem->flags & MEM_Str );
+  testcase( pMem->flags & MEM_Blob );
+  return computeNumericType(pMem);
   return 0;
 }
 
@@ -88985,17 +91367,6 @@ SQLITE_PRIVATE void sqlite3VdbeRegisterDump(Vdbe *v){
 #  define REGISTER_TRACE(R,M)
 #endif
 
-
-#ifdef VDBE_PROFILE
-
-/*
-** hwtime.h contains inline assembler code for implementing
-** high-performance timing routines.
-*/
-/* #include "hwtime.h" */
-
-#endif
-
 #ifndef NDEBUG
 /*
 ** This function is only called from within an assert() expression. It
@@ -89055,8 +91426,10 @@ static u64 filterHash(const Mem *aMem, const Op *pOp){
     }else if( p->flags & MEM_Real ){
       h += sqlite3VdbeIntValue(p);
     }else if( p->flags & (MEM_Str|MEM_Blob) ){
-      h += p->n;
-      if( p->flags & MEM_Zero ) h += p->u.nZero;
+      /* All strings have the same hash and all blobs have the same hash,
+      ** though, at least, those hashes are different from each other and
+      ** from NULL. */
+      h += 4093 + (p->flags & (MEM_Str|MEM_Blob));
     }
   }
   return h;
@@ -89085,11 +91458,10 @@ SQLITE_PRIVATE int sqlite3VdbeExec(
 ){
   Op *aOp = p->aOp;          /* Copy of p->aOp */
   Op *pOp = aOp;             /* Current operation */
-#if defined(SQLITE_DEBUG) || defined(VDBE_PROFILE)
-  Op *pOrigOp;               /* Value of pOp at the top of the loop */
-#endif
 #ifdef SQLITE_DEBUG
+  Op *pOrigOp;               /* Value of pOp at the top of the loop */
   int nExtraDelete = 0;      /* Verifies FORDELETE and AUXDELETE flags */
+  u8 iCompareIsInit = 0;     /* iCompare is initialized */
 #endif
   int rc = SQLITE_OK;        /* Value to return */
   sqlite3 *db = p->db;       /* The database */
@@ -89105,13 +91477,16 @@ SQLITE_PRIVATE int sqlite3VdbeExec(
   Mem *pIn2 = 0;             /* 2nd input operand */
   Mem *pIn3 = 0;             /* 3rd input operand */
   Mem *pOut = 0;             /* Output operand */
-#ifdef VDBE_PROFILE
-  u64 start;                 /* CPU clock count at start of opcode */
+#if defined(SQLITE_ENABLE_STMT_SCANSTATUS) || defined(VDBE_PROFILE)
+  u64 *pnCycle = 0;
+  int bStmtScanStatus = IS_STMT_SCANSTATUS(db)!=0;
 #endif
   /*** INSERT STACK UNION HERE ***/
 
   assert( p->eVdbeState==VDBE_RUN_STATE );  /* sqlite3_step() verifies this */
-  sqlite3VdbeEnter(p);
+  if( DbMaskNonZero(p->lockMask) ){
+    sqlite3VdbeEnter(p);
+  }
 #ifndef SQLITE_OMIT_PROGRESS_CALLBACK
   if( db->xProgress ){
     u32 iPrior = p->aCounter[SQLITE_STMTSTATUS_VM_STEP];
@@ -89132,7 +91507,6 @@ SQLITE_PRIVATE int sqlite3VdbeExec(
   assert( p->bIsReader || p->readOnly!=0 );
   p->iCurrentTime = 0;
   assert( p->explain==0 );
-  p->pResultSet = 0;
   db->busyHandler.nBusy = 0;
   if( AtomicLoad(&db->u1.isInterrupted) ) goto abort_due_to_interrupt;
   sqlite3VdbeIOTraceSql(p);
@@ -89169,12 +91543,18 @@ SQLITE_PRIVATE int sqlite3VdbeExec(
     assert( rc==SQLITE_OK );
 
     assert( pOp>=aOp && pOp<&aOp[p->nOp]);
-#ifdef VDBE_PROFILE
-    start = sqlite3NProfileCnt ? sqlite3NProfileCnt : sqlite3Hwtime();
-#endif
     nVmStep++;
-#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
-    if( p->anExec ) p->anExec[(int)(pOp-aOp)]++;
+
+#if defined(VDBE_PROFILE)
+    pOp->nExec++;
+    pnCycle = &pOp->nCycle;
+    if( sqlite3NProfileCnt==0 ) *pnCycle -= sqlite3Hwtime();
+#elif defined(SQLITE_ENABLE_STMT_SCANSTATUS)
+    if( bStmtScanStatus ){
+      pOp->nExec++;
+      pnCycle = &pOp->nCycle;
+      *pnCycle -= sqlite3Hwtime();
+    }
 #endif
 
     /* Only allow tracing if SQLITE_DEBUG is defined.
@@ -89236,7 +91616,7 @@ SQLITE_PRIVATE int sqlite3VdbeExec(
       }
     }
 #endif
-#if defined(SQLITE_DEBUG) || defined(VDBE_PROFILE)
+#ifdef SQLITE_DEBUG
     pOrigOp = pOp;
 #endif
 
@@ -89520,6 +91900,12 @@ case OP_Halt: {
 #ifdef SQLITE_DEBUG
   if( pOp->p2==OE_Abort ){ sqlite3VdbeAssertAbortable(p); }
 #endif
+
+  /* A deliberately coded "OP_Halt SQLITE_INTERNAL * * * *" opcode indicates
+  ** something is wrong with the code generator.  Raise an assertion in order
+  ** to bring this to the attention of fuzzers and other testing tools. */
+  assert( pOp->p1!=SQLITE_INTERNAL );
+
   if( p->pFrame && pOp->p1==SQLITE_OK ){
     /* Halt the sub-program. Return control to the parent frame. */
     pFrame = p->pFrame;
@@ -89961,10 +92347,10 @@ case OP_ResultRow: {
   assert( pOp->p1+pOp->p2<=(p->nMem+1 - p->nCursor)+1 );
 
   p->cacheCtr = (p->cacheCtr + 2)|1;
-  p->pResultSet = &aMem[pOp->p1];
+  p->pResultRow = &aMem[pOp->p1];
 #ifdef SQLITE_DEBUG
   {
-    Mem *pMem = p->pResultSet;
+    Mem *pMem = p->pResultRow;
     int i;
     for(i=0; ip2; i++){
       assert( memIsValid(&pMem[i]) );
@@ -90101,7 +92487,6 @@ case OP_Subtract:              /* same as TK_MINUS, in1, in2, out3 */
 case OP_Multiply:              /* same as TK_STAR, in1, in2, out3 */
 case OP_Divide:                /* same as TK_SLASH, in1, in2, out3 */
 case OP_Remainder: {           /* same as TK_REM, in1, in2, out3 */
-  u16 flags;      /* Combined MEM_* flags from both inputs */
   u16 type1;      /* Numeric type of left operand */
   u16 type2;      /* Numeric type of right operand */
   i64 iA;         /* Integer value of left operand */
@@ -90110,12 +92495,12 @@ case OP_Remainder: {           /* same as TK_REM, in1, in2, out3 */
   double rB;      /* Real value of right operand */
 
   pIn1 = &aMem[pOp->p1];
-  type1 = numericType(pIn1);
+  type1 = pIn1->flags;
   pIn2 = &aMem[pOp->p2];
-  type2 = numericType(pIn2);
+  type2 = pIn2->flags;
   pOut = &aMem[pOp->p3];
-  flags = pIn1->flags | pIn2->flags;
   if( (type1 & type2 & MEM_Int)!=0 ){
+int_math:
     iA = pIn1->u.i;
     iB = pIn2->u.i;
     switch( pOp->opcode ){
@@ -90137,9 +92522,12 @@ case OP_Remainder: {           /* same as TK_REM, in1, in2, out3 */
     }
     pOut->u.i = iB;
     MemSetTypeFlag(pOut, MEM_Int);
-  }else if( (flags & MEM_Null)!=0 ){
+  }else if( ((type1 | type2) & MEM_Null)!=0 ){
     goto arithmetic_result_is_null;
   }else{
+    type1 = numericType(pIn1);
+    type2 = numericType(pIn2);
+    if( (type1 & type2 & MEM_Int)!=0 ) goto int_math;
 fp_math:
     rA = sqlite3VdbeRealValue(pIn1);
     rB = sqlite3VdbeRealValue(pIn2);
@@ -90492,7 +92880,6 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
   flags1 = pIn1->flags;
   flags3 = pIn3->flags;
   if( (flags1 & flags3 & MEM_Int)!=0 ){
-    assert( (pOp->p5 & SQLITE_AFF_MASK)!=SQLITE_AFF_TEXT || CORRUPT_DB );
     /* Common case of comparison of two integers */
     if( pIn3->u.i > pIn1->u.i ){
       if( sqlite3aGTb[pOp->opcode] ){
@@ -90500,18 +92887,21 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
         goto jump_to_p2;
       }
       iCompare = +1;
+      VVA_ONLY( iCompareIsInit = 1; )
     }else if( pIn3->u.i < pIn1->u.i ){
       if( sqlite3aLTb[pOp->opcode] ){
         VdbeBranchTaken(1, (pOp->p5 & SQLITE_NULLEQ)?2:3);
         goto jump_to_p2;
       }
       iCompare = -1;
+      VVA_ONLY( iCompareIsInit = 1; )
     }else{
       if( sqlite3aEQb[pOp->opcode] ){
         VdbeBranchTaken(1, (pOp->p5 & SQLITE_NULLEQ)?2:3);
         goto jump_to_p2;
       }
       iCompare = 0;
+      VVA_ONLY( iCompareIsInit = 1; )
     }
     VdbeBranchTaken(0, (pOp->p5 & SQLITE_NULLEQ)?2:3);
     break;
@@ -90543,6 +92933,7 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
         goto jump_to_p2;
       }
       iCompare = 1;    /* Operands are not equal */
+      VVA_ONLY( iCompareIsInit = 1; )
       break;
     }
   }else{
@@ -90553,14 +92944,14 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
       if( (flags1 | flags3)&MEM_Str ){
         if( (flags1 & (MEM_Int|MEM_IntReal|MEM_Real|MEM_Str))==MEM_Str ){
           applyNumericAffinity(pIn1,0);
-          testcase( flags3==pIn3->flags );
+          assert( flags3==pIn3->flags || CORRUPT_DB );
           flags3 = pIn3->flags;
         }
         if( (flags3 & (MEM_Int|MEM_IntReal|MEM_Real|MEM_Str))==MEM_Str ){
           applyNumericAffinity(pIn3,0);
         }
       }
-    }else if( affinity==SQLITE_AFF_TEXT ){
+    }else if( affinity==SQLITE_AFF_TEXT && ((flags1 | flags3) & MEM_Str)!=0 ){
       if( (flags1 & MEM_Str)==0 && (flags1&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
         testcase( pIn1->flags & MEM_Int );
         testcase( pIn1->flags & MEM_Real );
@@ -90568,7 +92959,7 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
         sqlite3VdbeMemStringify(pIn1, encoding, 1);
         testcase( (flags1&MEM_Dyn) != (pIn1->flags&MEM_Dyn) );
         flags1 = (pIn1->flags & ~MEM_TypeMask) | (flags1 & MEM_TypeMask);
-        if( pIn1==pIn3 ) flags3 = flags1 | MEM_Str;
+        if( NEVER(pIn1==pIn3) ) flags3 = flags1 | MEM_Str;
       }
       if( (flags3 & MEM_Str)==0 && (flags3&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
         testcase( pIn3->flags & MEM_Int );
@@ -90599,6 +92990,7 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
     res2 = sqlite3aGTb[pOp->opcode];
   }
   iCompare = res;
+  VVA_ONLY( iCompareIsInit = 1; )
 
   /* Undo any changes made by applyAffinity() to the input registers. */
   assert( (pIn3->flags & MEM_Dyn) == (flags3 & MEM_Dyn) );
@@ -90637,6 +93029,7 @@ case OP_ElseEq: {       /* same as TK_ESCAPE, jump */
     break;
   }
 #endif /* SQLITE_DEBUG */
+  assert( iCompareIsInit );
   VdbeBranchTaken(iCompare==0, 2);
   if( iCompare==0 ) goto jump_to_p2;
   break;
@@ -90731,6 +93124,7 @@ case OP_Compare: {
     pColl = pKeyInfo->aColl[i];
     bRev = (pKeyInfo->aSortFlags[i] & KEYINFO_ORDER_DESC);
     iCompare = sqlite3MemCompare(&aMem[p1+idx], &aMem[p2+idx], pColl);
+    VVA_ONLY( iCompareIsInit = 1; )
     if( iCompare ){
       if( (pKeyInfo->aSortFlags[i] & KEYINFO_ORDER_BIGNULL)
        && ((aMem[p1+idx].flags & MEM_Null) || (aMem[p2+idx].flags & MEM_Null))
@@ -90748,13 +93142,14 @@ case OP_Compare: {
 /* Opcode: Jump P1 P2 P3 * *
 **
 ** Jump to the instruction at address P1, P2, or P3 depending on whether
-** in the most recent OP_Compare instruction the P1 vector was less than
+** in the most recent OP_Compare instruction the P1 vector was less than,
 ** equal to, or greater than the P2 vector, respectively.
 **
 ** This opcode must immediately follow an OP_Compare opcode.
 */
 case OP_Jump: {             /* jump */
   assert( pOp>aOp && pOp[-1].opcode==OP_Compare );
+  assert( iCompareIsInit );
   if( iCompare<0 ){
     VdbeBranchTaken(0,4); pOp = &aOp[pOp->p1 - 1];
   }else if( iCompare==0 ){
@@ -90954,19 +93349,96 @@ case OP_IsNull: {            /* same as TK_ISNULL, jump, in1 */
   break;
 }
 
-/* Opcode: IsNullOrType P1 P2 P3 * *
-** Synopsis: if typeof(r[P1]) IN (P3,5) goto P2
+/* Opcode: IsType P1 P2 P3 P4 P5
+** Synopsis: if typeof(P1.P3) in P5 goto P2
+**
+** Jump to P2 if the type of a column in a btree is one of the types specified
+** by the P5 bitmask.
+**
+** P1 is normally a cursor on a btree for which the row decode cache is
+** valid through at least column P3.  In other words, there should have been
+** a prior OP_Column for column P3 or greater.  If the cursor is not valid,
+** then this opcode might give spurious results.
+** The the btree row has fewer than P3 columns, then use P4 as the
+** datatype.
+**
+** If P1 is -1, then P3 is a register number and the datatype is taken
+** from the value in that register.
+**
+** P5 is a bitmask of data types.  SQLITE_INTEGER is the least significant
+** (0x01) bit. SQLITE_FLOAT is the 0x02 bit. SQLITE_TEXT is 0x04.
+** SQLITE_BLOB is 0x08.  SQLITE_NULL is 0x10.
+**
+** WARNING: This opcode does not reliably distinguish between NULL and REAL
+** when P1>=0.  If the database contains a NaN value, this opcode will think
+** that the datatype is REAL when it should be NULL.  When P1<0 and the value
+** is already stored in register P3, then this opcode does reliably
+** distinguish between NULL and REAL.  The problem only arises then P1>=0.
+**
+** Take the jump to address P2 if and only if the datatype of the
+** value determined by P1 and P3 corresponds to one of the bits in the
+** P5 bitmask.
 **
-** Jump to P2 if the value in register P1 is NULL or has a datatype P3.
-** P3 is an integer which should be one of SQLITE_INTEGER, SQLITE_FLOAT,
-** SQLITE_BLOB, SQLITE_NULL, or SQLITE_TEXT.
 */
-case OP_IsNullOrType: {      /* jump, in1 */
-  int doTheJump;
-  pIn1 = &aMem[pOp->p1];
-  doTheJump = (pIn1->flags & MEM_Null)!=0 || sqlite3_value_type(pIn1)==pOp->p3;
-  VdbeBranchTaken( doTheJump, 2);
-  if( doTheJump ) goto jump_to_p2;
+case OP_IsType: {        /* jump */
+  VdbeCursor *pC;
+  u16 typeMask;
+  u32 serialType;
+
+  assert( pOp->p1>=(-1) && pOp->p1nCursor );
+  assert( pOp->p1>=0 || (pOp->p3>=0 && pOp->p3<=(p->nMem+1 - p->nCursor)) );
+  if( pOp->p1>=0 ){
+    pC = p->apCsr[pOp->p1];
+    assert( pC!=0 );
+    assert( pOp->p3>=0 );
+    if( pOp->p3nHdrParsed ){
+      serialType = pC->aType[pOp->p3];
+      if( serialType>=12 ){
+        if( serialType&1 ){
+          typeMask = 0x04;   /* SQLITE_TEXT */
+        }else{
+          typeMask = 0x08;   /* SQLITE_BLOB */
+        }
+      }else{
+        static const unsigned char aMask[] = {
+           0x10, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x2,
+           0x01, 0x01, 0x10, 0x10
+        };
+        testcase( serialType==0 );
+        testcase( serialType==1 );
+        testcase( serialType==2 );
+        testcase( serialType==3 );
+        testcase( serialType==4 );
+        testcase( serialType==5 );
+        testcase( serialType==6 );
+        testcase( serialType==7 );
+        testcase( serialType==8 );
+        testcase( serialType==9 );
+        testcase( serialType==10 );
+        testcase( serialType==11 );
+        typeMask = aMask[serialType];
+      }
+    }else{
+      typeMask = 1 << (pOp->p4.i - 1);
+      testcase( typeMask==0x01 );
+      testcase( typeMask==0x02 );
+      testcase( typeMask==0x04 );
+      testcase( typeMask==0x08 );
+      testcase( typeMask==0x10 );
+    }
+  }else{
+    assert( memIsValid(&aMem[pOp->p3]) );
+    typeMask = 1 << (sqlite3_value_type((sqlite3_value*)&aMem[pOp->p3])-1);
+    testcase( typeMask==0x01 );
+    testcase( typeMask==0x02 );
+    testcase( typeMask==0x04 );
+    testcase( typeMask==0x08 );
+    testcase( typeMask==0x10 );
+  }
+  VdbeBranchTaken( (typeMask & pOp->p5)!=0, 2);
+  if( typeMask & pOp->p5 ){
+    goto jump_to_p2;
+  }
   break;
 }
 
@@ -91009,11 +93481,14 @@ case OP_NotNull: {            /* same as TK_NOTNULL, jump, in1 */
 ** If it is, then set register P3 to NULL and jump immediately to P2.
 ** If P1 is not on a NULL row, then fall through without making any
 ** changes.
+**
+** If P1 is not an open cursor, then this opcode is a no-op.
 */
 case OP_IfNullRow: {         /* jump */
+  VdbeCursor *pC;
   assert( pOp->p1>=0 && pOp->p1nCursor );
-  assert( p->apCsr[pOp->p1]!=0 );
-  if( p->apCsr[pOp->p1]->nullRow ){
+  pC = p->apCsr[pOp->p1];
+  if( pC && pC->nullRow ){
     sqlite3VdbeMemSetNull(aMem + pOp->p3);
     goto jump_to_p2;
   }
@@ -91064,7 +93539,7 @@ case OP_Offset: {          /* out3 */
 ** Interpret the data that cursor P1 points to as a structure built using
 ** the MakeRecord instruction.  (See the MakeRecord opcode for additional
 ** information about the format of the data.)  Extract the P2-th column
-** from this record.  If there are less that (P2+1)
+** from this record.  If there are less than (P2+1)
 ** values in the record, extract a NULL.
 **
 ** The value extracted is stored in register P3.
@@ -91073,12 +93548,14 @@ case OP_Offset: {          /* out3 */
 ** if the P4 argument is a P4_MEM use the value of the P4 argument as
 ** the result.
 **
-** If the OPFLAG_LENGTHARG and OPFLAG_TYPEOFARG bits are set on P5 then
-** the result is guaranteed to only be used as the argument of a length()
-** or typeof() function, respectively.  The loading of large blobs can be
-** skipped for length() and all content loading can be skipped for typeof().
+** If the OPFLAG_LENGTHARG bit is set in P5 then the result is guaranteed
+** to only be used by the length() function or the equivalent.  The content
+** of large blobs is not loaded, thus saving CPU cycles.  If the
+** OPFLAG_TYPEOFARG bit is set then the result will only be used by the
+** typeof() function or the IS NULL or IS NOT NULL operators or the
+** equivalent.  In this case, all content loading can be omitted.
 */
-case OP_Column: {
+case OP_Column: {            /* ncycle */
   u32 p2;            /* column number to retrieve */
   VdbeCursor *pC;    /* The VDBE cursor */
   BtCursor *pCrsr;   /* The B-Tree cursor corresponding to pC */
@@ -91427,7 +93904,7 @@ case OP_TypeCheck: {
         }
         case COLTYPE_REAL: {
           testcase( (pIn1->flags & (MEM_Real|MEM_IntReal))==MEM_Real );
-          testcase( (pIn1->flags & (MEM_Real|MEM_IntReal))==MEM_IntReal );
+          assert( (pIn1->flags & MEM_IntReal)==0 );
           if( pIn1->flags & MEM_Int ){
             /* When applying REAL affinity, if the result is still an MEM_Int
             ** that will fit in 6 bytes, then change the type to MEM_IntReal
@@ -91506,7 +93983,7 @@ case OP_Affinity: {
       }else{
         pIn1->u.r = (double)pIn1->u.i;
         pIn1->flags |= MEM_Real;
-        pIn1->flags &= ~MEM_Int;
+        pIn1->flags &= ~(MEM_Int|MEM_Str);
       }
     }
     REGISTER_TRACE((int)(pIn1-aMem), pIn1);
@@ -92430,7 +94907,7 @@ case OP_SetCookie: {
 **
 ** See also: OP_OpenRead, OP_ReopenIdx
 */
-case OP_ReopenIdx: {
+case OP_ReopenIdx: {         /* ncycle */
   int nField;
   KeyInfo *pKeyInfo;
   u32 p2;
@@ -92451,7 +94928,7 @@ case OP_ReopenIdx: {
   }
   /* If the cursor is not currently open or is open on a different
   ** index, then fall through into OP_OpenRead to force a reopen */
-case OP_OpenRead:
+case OP_OpenRead:            /* ncycle */
 case OP_OpenWrite:
 
   assert( pOp->opcode==OP_OpenWrite || pOp->p5==0 || pOp->p5==OPFLAG_SEEKEQ );
@@ -92545,7 +95022,7 @@ case OP_OpenWrite:
 **
 ** Duplicate ephemeral cursors are used for self-joins of materialized views.
 */
-case OP_OpenDup: {
+case OP_OpenDup: {           /* ncycle */
   VdbeCursor *pOrig;    /* The original cursor to be duplicated */
   VdbeCursor *pCx;      /* The new cursor */
 
@@ -92607,8 +95084,8 @@ case OP_OpenDup: {
 ** by this opcode will be used for automatically created transient
 ** indices in joins.
 */
-case OP_OpenAutoindex:
-case OP_OpenEphemeral: {
+case OP_OpenAutoindex:       /* ncycle */
+case OP_OpenEphemeral: {     /* ncycle */
   VdbeCursor *pCx;
   KeyInfo *pKeyInfo;
 
@@ -92766,7 +95243,7 @@ case OP_OpenPseudo: {
 ** Close a cursor previously opened as P1.  If P1 is not
 ** currently open, this instruction is a no-op.
 */
-case OP_Close: {
+case OP_Close: {             /* ncycle */
   assert( pOp->p1>=0 && pOp->p1nCursor );
   sqlite3VdbeFreeCursor(p, p->apCsr[pOp->p1]);
   p->apCsr[pOp->p1] = 0;
@@ -92883,10 +95360,10 @@ case OP_ColumnsUsed: {
 **
 ** See also: Found, NotFound, SeekGt, SeekGe, SeekLt
 */
-case OP_SeekLT:         /* jump, in3, group */
-case OP_SeekLE:         /* jump, in3, group */
-case OP_SeekGE:         /* jump, in3, group */
-case OP_SeekGT: {       /* jump, in3, group */
+case OP_SeekLT:         /* jump, in3, group, ncycle */
+case OP_SeekLE:         /* jump, in3, group, ncycle */
+case OP_SeekGE:         /* jump, in3, group, ncycle */
+case OP_SeekGT: {       /* jump, in3, group, ncycle */
   int res;           /* Comparison result */
   int oc;            /* Opcode */
   VdbeCursor *pC;    /* The cursor to seek */
@@ -93015,7 +95492,13 @@ case OP_SeekGT: {       /* jump, in3, group */
 
     r.aMem = &aMem[pOp->p3];
 #ifdef SQLITE_DEBUG
-    { int i; for(i=0; i0 ) REGISTER_TRACE(pOp->p3+i, &r.aMem[i]);
+      }
+    }
 #endif
     r.eqSeen = 0;
     rc = sqlite3BtreeIndexMoveto(pC->uc.pCursor, &r, &res);
@@ -93078,7 +95561,7 @@ case OP_SeekGT: {       /* jump, in3, group */
 }
 
 
-/* Opcode: SeekScan  P1 P2 * * *
+/* Opcode: SeekScan  P1 P2 * * P5
 ** Synopsis: Scan-ahead up to P1 rows
 **
 ** This opcode is a prefix opcode to OP_SeekGE.  In other words, this
@@ -93088,8 +95571,8 @@ case OP_SeekGT: {       /* jump, in3, group */
 ** This opcode uses the P1 through P4 operands of the subsequent
 ** OP_SeekGE.  In the text that follows, the operands of the subsequent
 ** OP_SeekGE opcode are denoted as SeekOP.P1 through SeekOP.P4.   Only
-** the P1 and P2 operands of this opcode are also used, and  are called
-** This.P1 and This.P2.
+** the P1, P2 and P5 operands of this opcode are also used, and  are called
+** This.P1, This.P2 and This.P5.
 **
 ** This opcode helps to optimize IN operators on a multi-column index
 ** where the IN operator is on the later terms of the index by avoiding
@@ -93099,32 +95582,54 @@ case OP_SeekGT: {       /* jump, in3, group */
 **
 ** The SeekGE.P3 and SeekGE.P4 operands identify an unpacked key which
 ** is the desired entry that we want the cursor SeekGE.P1 to be pointing
-** to.  Call this SeekGE.P4/P5 row the "target".
+** to.  Call this SeekGE.P3/P4 row the "target".
 **
 ** If the SeekGE.P1 cursor is not currently pointing to a valid row,
 ** then this opcode is a no-op and control passes through into the OP_SeekGE.
 **
 ** If the SeekGE.P1 cursor is pointing to a valid row, then that row
 ** might be the target row, or it might be near and slightly before the
-** target row.  This opcode attempts to position the cursor on the target
-** row by, perhaps by invoking sqlite3BtreeStep() on the cursor
-** between 0 and This.P1 times.
-**
-** There are three possible outcomes from this opcode:
      
-**
-** 
    1.  If after This.P1 steps, the cursor is still pointing to a place that
-**      is earlier in the btree than the target row, then fall through
-**      into the subsquence OP_SeekGE opcode.
-**
-** 
    2.  If the cursor is successfully moved to the target row by 0 or more
-**      sqlite3BtreeNext() calls, then jump to This.P2, which will land just
-**      past the OP_IdxGT or OP_IdxGE opcode that follows the OP_SeekGE.
-**
-** 
    3.  If the cursor ends up past the target row (indicating the the target
-**      row does not exist in the btree) then jump to SeekOP.P2.
+** target row, or it might be after the target row.  If the cursor is
+** currently before the target row, then this opcode attempts to position
+** the cursor on or after the target row by invoking sqlite3BtreeStep()
+** on the cursor between 1 and This.P1 times.
+**
+** The This.P5 parameter is a flag that indicates what to do if the
+** cursor ends up pointing at a valid row that is past the target
+** row.  If This.P5 is false (0) then a jump is made to SeekGE.P2.  If
+** This.P5 is true (non-zero) then a jump is made to This.P2.  The P5==0
+** case occurs when there are no inequality constraints to the right of
+** the IN constraing.  The jump to SeekGE.P2 ends the loop.  The P5!=0 case
+** occurs when there are inequality constraints to the right of the IN
+** operator.  In that case, the This.P2 will point either directly to or
+** to setup code prior to the OP_IdxGT or OP_IdxGE opcode that checks for
+** loop terminate.
+**
+** Possible outcomes from this opcode:
        
+**
+** 
      1.  If the cursor is initally not pointed to any valid row, then
+**      fall through into the subsequent OP_SeekGE opcode.
+**
+** 
      2.  If the cursor is left pointing to a row that is before the target
+**      row, even after making as many as This.P1 calls to
+**      sqlite3BtreeNext(), then also fall through into OP_SeekGE.
+**
+** 
      3.  If the cursor is left pointing at the target row, either because it
+**      was at the target row to begin with or because one or more
+**      sqlite3BtreeNext() calls moved the cursor to the target row,
+**      then jump to This.P2..,
+**
+** 
      4.  If the cursor started out before the target row and a call to
+**      to sqlite3BtreeNext() moved the cursor off the end of the index
+**      (indicating that the target row definitely does not exist in the
+**      btree) then jump to SeekGE.P2, ending the loop.
+**
+** 
      5.  If the cursor ends up on a valid row that is past the target row
+**      (indicating that the target row does not exist in the btree) then
+**      jump to SeekOP.P2 if This.P5==0 or to This.P2 if This.P5>0.
 ** 
      
 */
-case OP_SeekScan: {
+case OP_SeekScan: {          /* ncycle */
   VdbeCursor *pC;
   int res;
   int nStep;
@@ -93132,14 +95637,25 @@ case OP_SeekScan: {
 
   assert( pOp[1].opcode==OP_SeekGE );
 
-  /* pOp->p2 points to the first instruction past the OP_IdxGT that
-  ** follows the OP_SeekGE.  */
+  /* If pOp->p5 is clear, then pOp->p2 points to the first instruction past the
+  ** OP_IdxGT that follows the OP_SeekGE. Otherwise, it points to the first
+  ** opcode past the OP_SeekGE itself.  */
   assert( pOp->p2>=(int)(pOp-aOp)+2 );
-  assert( aOp[pOp->p2-1].opcode==OP_IdxGT || aOp[pOp->p2-1].opcode==OP_IdxGE );
-  testcase( aOp[pOp->p2-1].opcode==OP_IdxGE );
-  assert( pOp[1].p1==aOp[pOp->p2-1].p1 );
-  assert( pOp[1].p2==aOp[pOp->p2-1].p2 );
-  assert( pOp[1].p3==aOp[pOp->p2-1].p3 );
+#ifdef SQLITE_DEBUG
+  if( pOp->p5==0 ){
+    /* There are no inequality constraints following the IN constraint. */
+    assert( pOp[1].p1==aOp[pOp->p2-1].p1 );
+    assert( pOp[1].p2==aOp[pOp->p2-1].p2 );
+    assert( pOp[1].p3==aOp[pOp->p2-1].p3 );
+    assert( aOp[pOp->p2-1].opcode==OP_IdxGT
+         || aOp[pOp->p2-1].opcode==OP_IdxGE );
+    testcase( aOp[pOp->p2-1].opcode==OP_IdxGE );
+  }else{
+    /* There are inequality constraints.  */
+    assert( pOp->p2==(int)(pOp-aOp)+2 );
+    assert( aOp[pOp->p2-1].opcode==OP_SeekGE );
+  }
+#endif
 
   assert( pOp->p1>0 );
   pC = p->apCsr[pOp[1].p1];
@@ -93173,8 +95689,9 @@ case OP_SeekScan: {
   while(1){
     rc = sqlite3VdbeIdxKeyCompare(db, pC, &r, &res);
     if( rc ) goto abort_due_to_error;
-    if( res>0 ){
+    if( res>0 && pOp->p5==0 ){
       seekscan_search_fail:
+      /* Jump to SeekGE.P2, ending the loop */
 #ifdef SQLITE_DEBUG
       if( db->flags&SQLITE_VdbeTrace ){
         printf("... %d steps and then skip\n", pOp->p1 - nStep);
@@ -93184,7 +95701,8 @@ case OP_SeekScan: {
       pOp++;
       goto jump_to_p2;
     }
-    if( res==0 ){
+    if( res>=0 ){
+      /* Jump to This.P2, bypassing the OP_SeekGE opcode */
 #ifdef SQLITE_DEBUG
       if( db->flags&SQLITE_VdbeTrace ){
         printf("... %d steps and then success\n", pOp->p1 - nStep);
@@ -93204,6 +95722,7 @@ case OP_SeekScan: {
       break;
     }
     nStep--;
+    pC->cacheStatus = CACHE_STALE;
     rc = sqlite3BtreeNext(pC->uc.pCursor, 0);
     if( rc ){
       if( rc==SQLITE_DONE ){
@@ -93233,7 +95752,7 @@ case OP_SeekScan: {
 **
 ** P1 must be a valid b-tree cursor.
 */
-case OP_SeekHit: {
+case OP_SeekHit: {           /* ncycle */
   VdbeCursor *pC;
   assert( pOp->p1>=0 && pOp->p1nCursor );
   pC = p->apCsr[pOp->p1];
@@ -93260,12 +95779,16 @@ case OP_SeekHit: {
 /* Opcode: IfNotOpen P1 P2 * * *
 ** Synopsis: if( !csr[P1] ) goto P2
 **
-** If cursor P1 is not open, jump to instruction P2. Otherwise, fall through.
+** If cursor P1 is not open or if P1 is set to a NULL row using the
+** OP_NullRow opcode, then jump to instruction P2. Otherwise, fall through.
 */
 case OP_IfNotOpen: {        /* jump */
+  VdbeCursor *pCur;
+
   assert( pOp->p1>=0 && pOp->p1nCursor );
-  VdbeBranchTaken(p->apCsr[pOp->p1]==0, 2);
-  if( !p->apCsr[pOp->p1] ){
+  pCur = p->apCsr[pOp->p1];
+  VdbeBranchTaken(pCur==0 || pCur->nullRow, 2);
+  if( pCur==0 || pCur->nullRow ){
     goto jump_to_p2_and_check_for_interrupt;
   }
   break;
@@ -93361,7 +95884,7 @@ case OP_IfNotOpen: {        /* jump */
 **
 ** See also: NotFound, Found, NotExists
 */
-case OP_IfNoHope: {     /* jump, in3 */
+case OP_IfNoHope: {     /* jump, in3, ncycle */
   VdbeCursor *pC;
   assert( pOp->p1>=0 && pOp->p1nCursor );
   pC = p->apCsr[pOp->p1];
@@ -93375,9 +95898,9 @@ case OP_IfNoHope: {     /* jump, in3 */
   /* Fall through into OP_NotFound */
   /* no break */ deliberate_fall_through
 }
-case OP_NoConflict:     /* jump, in3 */
-case OP_NotFound:       /* jump, in3 */
-case OP_Found: {        /* jump, in3 */
+case OP_NoConflict:     /* jump, in3, ncycle */
+case OP_NotFound:       /* jump, in3, ncycle */
+case OP_Found: {        /* jump, in3, ncycle */
   int alreadyExists;
   int ii;
   VdbeCursor *pC;
@@ -93507,7 +96030,7 @@ case OP_Found: {        /* jump, in3 */
 **
 ** See also: Found, NotFound, NoConflict, SeekRowid
 */
-case OP_SeekRowid: {        /* jump, in3 */
+case OP_SeekRowid: {        /* jump, in3, ncycle */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
@@ -93532,7 +96055,7 @@ case OP_SeekRowid: {        /* jump, in3 */
   }
   /* Fall through into OP_NotExists */
   /* no break */ deliberate_fall_through
-case OP_NotExists:          /* jump, in3 */
+case OP_NotExists:          /* jump, in3, ncycle */
   pIn3 = &aMem[pOp->p3];
   assert( (pIn3->flags & MEM_Int)!=0 || pOp->opcode==OP_SeekRowid );
   assert( pOp->p1>=0 && pOp->p1nCursor );
@@ -93812,8 +96335,11 @@ case OP_Insert: {
   if( pOp->p5 & OPFLAG_ISNOOP ) break;
 #endif
 
-  if( pOp->p5 & OPFLAG_NCHANGE ) p->nChange++;
-  if( pOp->p5 & OPFLAG_LASTROWID ) db->lastRowid = x.nKey;
+  assert( (pOp->p5 & OPFLAG_LASTROWID)==0 || (pOp->p5 & OPFLAG_NCHANGE)!=0 );
+  if( pOp->p5 & OPFLAG_NCHANGE ){
+    p->nChange++;
+    if( pOp->p5 & OPFLAG_LASTROWID ) db->lastRowid = x.nKey;
+  }
   assert( (pData->flags & (MEM_Blob|MEM_Str))!=0 || pData->n==0 );
   x.pData = pData->z;
   x.nData = pData->n;
@@ -93824,6 +96350,7 @@ case OP_Insert: {
     x.nZero = 0;
   }
   x.pKey = 0;
+  assert( BTREE_PREFORMAT==OPFLAG_PREFORMAT );
   rc = sqlite3BtreeInsert(pC->uc.pCursor, &x,
       (pOp->p5 & (OPFLAG_APPEND|OPFLAG_SAVEPOSITION|OPFLAG_PREFORMAT)),
       seekResult
@@ -94155,7 +96682,7 @@ case OP_RowData: {
 ** be a separate OP_VRowid opcode for use with virtual tables, but this
 ** one opcode now works for both table types.
 */
-case OP_Rowid: {                 /* out2 */
+case OP_Rowid: {                 /* out2, ncycle */
   VdbeCursor *pC;
   i64 v;
   sqlite3_vtab *pVtab;
@@ -94254,8 +96781,8 @@ case OP_NullRow: {
 ** from the end toward the beginning.  In other words, the cursor is
 ** configured to use Prev, not Next.
 */
-case OP_SeekEnd:
-case OP_Last: {        /* jump */
+case OP_SeekEnd:             /* ncycle */
+case OP_Last: {              /* jump, ncycle */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
@@ -94356,17 +96883,22 @@ case OP_Sort: {        /* jump */
 ** If the table or index is not empty, fall through to the following
 ** instruction.
 **
+** If P2 is zero, that is an assertion that the P1 table is never
+** empty and hence the jump will never be taken.
+**
 ** This opcode leaves the cursor configured to move in forward order,
 ** from the beginning toward the end.  In other words, the cursor is
 ** configured to use Next, not Prev.
 */
-case OP_Rewind: {        /* jump */
+case OP_Rewind: {        /* jump, ncycle */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
 
   assert( pOp->p1>=0 && pOp->p1nCursor );
   assert( pOp->p5==0 );
+  assert( pOp->p2>=0 && pOp->p2nOp );
+
   pC = p->apCsr[pOp->p1];
   assert( pC!=0 );
   assert( isSorter(pC)==(pOp->opcode==OP_SorterSort) );
@@ -94386,9 +96918,10 @@ case OP_Rewind: {        /* jump */
   }
   if( rc ) goto abort_due_to_error;
   pC->nullRow = (u8)res;
-  assert( pOp->p2>0 && pOp->p2nOp );
-  VdbeBranchTaken(res!=0,2);
-  if( res ) goto jump_to_p2;
+  if( pOp->p2>0 ){
+    VdbeBranchTaken(res!=0,2);
+    if( res ) goto jump_to_p2;
+  }
   break;
 }
 
@@ -94454,9 +96987,11 @@ case OP_SorterNext: {  /* jump */
   rc = sqlite3VdbeSorterNext(db, pC);
   goto next_tail;
 
-case OP_Prev:          /* jump */
+case OP_Prev:          /* jump, ncycle */
   assert( pOp->p1>=0 && pOp->p1nCursor );
-  assert( pOp->p5aCounter) );
+  assert( pOp->p5==0
+       || pOp->p5==SQLITE_STMTSTATUS_FULLSCAN_STEP
+       || pOp->p5==SQLITE_STMTSTATUS_AUTOINDEX);
   pC = p->apCsr[pOp->p1];
   assert( pC!=0 );
   assert( pC->deferredMoveto==0 );
@@ -94467,9 +97002,11 @@ case OP_Prev:          /* jump */
   rc = sqlite3BtreePrevious(pC->uc.pCursor, pOp->p3);
   goto next_tail;
 
-case OP_Next:          /* jump */
+case OP_Next:          /* jump, ncycle */
   assert( pOp->p1>=0 && pOp->p1nCursor );
-  assert( pOp->p5aCounter) );
+  assert( pOp->p5==0
+       || pOp->p5==SQLITE_STMTSTATUS_FULLSCAN_STEP
+       || pOp->p5==SQLITE_STMTSTATUS_AUTOINDEX);
   pC = p->apCsr[pOp->p1];
   assert( pC!=0 );
   assert( pC->deferredMoveto==0 );
@@ -94657,8 +97194,8 @@ case OP_IdxDelete: {
 **
 ** See also: Rowid, MakeRecord.
 */
-case OP_DeferredSeek:
-case OP_IdxRowid: {           /* out2 */
+case OP_DeferredSeek:         /* ncycle */
+case OP_IdxRowid: {           /* out2, ncycle */
   VdbeCursor *pC;             /* The P1 index cursor */
   VdbeCursor *pTabCur;        /* The P2 table cursor (OP_DeferredSeek only) */
   i64 rowid;                  /* Rowid that P1 current points to */
@@ -94676,10 +97213,10 @@ case OP_IdxRowid: {           /* out2 */
   ** of sqlite3VdbeCursorRestore() and sqlite3VdbeIdxRowid(). */
   rc = sqlite3VdbeCursorRestore(pC);
 
-  /* sqlite3VbeCursorRestore() can only fail if the record has been deleted
-  ** out from under the cursor.  That will never happens for an IdxRowid
-  ** or Seek opcode */
-  if( NEVER(rc!=SQLITE_OK) ) goto abort_due_to_error;
+  /* sqlite3VdbeCursorRestore() may fail if the cursor has been disturbed
+  ** since it was last positioned and an error (e.g. OOM or an IO error)
+  ** occurs while trying to reposition it. */
+  if( rc!=SQLITE_OK ) goto abort_due_to_error;
 
   if( !pC->nullRow ){
     rowid = 0;  /* Not needed.  Only used to silence a warning. */
@@ -94720,8 +97257,8 @@ case OP_IdxRowid: {           /* out2 */
 ** seek operation now, without further delay.  If the cursor seek has
 ** already occurred, this instruction is a no-op.
 */
-case OP_FinishSeek: {
-  VdbeCursor *pC;             /* The P1 index cursor */
+case OP_FinishSeek: {        /* ncycle */
+  VdbeCursor *pC;            /* The P1 index cursor */
 
   assert( pOp->p1>=0 && pOp->p1nCursor );
   pC = p->apCsr[pOp->p1];
@@ -94776,10 +97313,10 @@ case OP_FinishSeek: {
 ** If the P1 index entry is less than or equal to the key value then jump
 ** to P2. Otherwise fall through to the next instruction.
 */
-case OP_IdxLE:          /* jump */
-case OP_IdxGT:          /* jump */
-case OP_IdxLT:          /* jump */
-case OP_IdxGE:  {       /* jump */
+case OP_IdxLE:          /* jump, ncycle */
+case OP_IdxGT:          /* jump, ncycle */
+case OP_IdxLT:          /* jump, ncycle */
+case OP_IdxGE:  {       /* jump, ncycle */
   VdbeCursor *pC;
   int res;
   UnpackedRecord r;
@@ -95190,13 +97727,14 @@ case OP_IntegrityCk: {
   pIn1 = &aMem[pOp->p1];
   assert( pOp->p5nDb );
   assert( DbMaskTest(p->btreeMask, pOp->p5) );
-  z = sqlite3BtreeIntegrityCheck(db, db->aDb[pOp->p5].pBt, &aRoot[1], nRoot,
-                                 (int)pnErr->u.i+1, &nErr);
+  rc = sqlite3BtreeIntegrityCheck(db, db->aDb[pOp->p5].pBt, &aRoot[1], nRoot,
+                                 (int)pnErr->u.i+1, &nErr, &z);
   sqlite3VdbeMemSetNull(pIn1);
   if( nErr==0 ){
     assert( z==0 );
-  }else if( z==0 ){
-    goto no_mem;
+  }else if( rc ){
+    sqlite3_free(z);
+    goto abort_due_to_error;
   }else{
     pnErr->u.i -= nErr-1;
     sqlite3VdbeMemSetStr(pIn1, z, -1, SQLITE_UTF8, sqlite3_free);
@@ -95400,9 +97938,6 @@ case OP_Program: {        /* jump */
     pFrame->aOp = p->aOp;
     pFrame->nOp = p->nOp;
     pFrame->token = pProgram->token;
-#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
-    pFrame->anExec = p->anExec;
-#endif
 #ifdef SQLITE_DEBUG
     pFrame->iFrameMagic = SQLITE_FRAME_MAGIC;
 #endif
@@ -95439,9 +97974,6 @@ case OP_Program: {        /* jump */
   memset(pFrame->aOnce, 0, (pProgram->nOp + 7)/8);
   p->aOp = aOp = pProgram->aOp;
   p->nOp = pProgram->nOp;
-#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
-  p->anExec = 0;
-#endif
 #ifdef SQLITE_DEBUG
   /* Verify that second and subsequent executions of the same trigger do not
   ** try to reuse register values from the first use. */
@@ -95581,7 +98113,7 @@ case OP_IfPos: {        /* jump, in1 */
 ** Synopsis: if r[P1]>0 then r[P2]=r[P1]+max(0,r[P3]) else r[P2]=(-1)
 **
 ** This opcode performs a commonly used computation associated with
-** LIMIT and OFFSET process.  r[P1] holds the limit counter.  r[P3]
+** LIMIT and OFFSET processing.  r[P1] holds the limit counter.  r[P3]
 ** holds the offset counter.  The opcode computes the combined value
 ** of the LIMIT and OFFSET and stores that value in r[P2].  The r[P2]
 ** value computed is the total number of rows that will need to be
@@ -95843,6 +98375,7 @@ case OP_AggFinal: {
   }
   sqlite3VdbeChangeEncoding(pMem, encoding);
   UPDATE_MAX_BLOBSIZE(pMem);
+  REGISTER_TRACE((int)(pMem-aMem), pMem);
   break;
 }
 
@@ -96198,7 +98731,7 @@ case OP_VDestroy: {
 ** P1 is a cursor number.  This opcode opens a cursor to the virtual
 ** table and stores that cursor in P1.
 */
-case OP_VOpen: {
+case OP_VOpen: {             /* ncycle */
   VdbeCursor *pCur;
   sqlite3_vtab_cursor *pVCur;
   sqlite3_vtab *pVtab;
@@ -96245,7 +98778,7 @@ case OP_VOpen: {
 ** cursor.  Register P3 is used to hold the values returned by
 ** sqlite3_vtab_in_first() and sqlite3_vtab_in_next().
 */
-case OP_VInitIn: {        /* out2 */
+case OP_VInitIn: {        /* out2, ncycle */
   VdbeCursor *pC;         /* The cursor containing the RHS values */
   ValueList *pRhs;        /* New ValueList object to put in reg[P2] */
 
@@ -96256,7 +98789,7 @@ case OP_VInitIn: {        /* out2 */
   pRhs->pOut = &aMem[pOp->p3];
   pOut = out2Prerelease(p, pOp);
   pOut->flags = MEM_Null;
-  sqlite3VdbeMemSetPointer(pOut, pRhs, "ValueList", sqlite3_free);
+  sqlite3VdbeMemSetPointer(pOut, pRhs, "ValueList", sqlite3VdbeValueListFree);
   break;
 }
 #endif /* SQLITE_OMIT_VIRTUALTABLE */
@@ -96282,7 +98815,7 @@ case OP_VInitIn: {        /* out2 */
 **
 ** A jump is made to P2 if the result set after filtering would be empty.
 */
-case OP_VFilter: {   /* jump */
+case OP_VFilter: {   /* jump, ncycle */
   int nArg;
   int iQuery;
   const sqlite3_module *pModule;
@@ -96342,7 +98875,7 @@ case OP_VFilter: {   /* jump */
 ** bits (OPFLAG_LENGTHARG or OPFLAG_TYPEOFARG) but those bits are
 ** unused by OP_VColumn.
 */
-case OP_VColumn: {
+case OP_VColumn: {           /* ncycle */
   sqlite3_vtab *pVtab;
   const sqlite3_module *pModule;
   Mem *pDest;
@@ -96394,7 +98927,7 @@ case OP_VColumn: {
 ** jump to instruction P2.  Or, if the virtual table has reached
 ** the end of its result set, then fall through to the next instruction.
 */
-case OP_VNext: {   /* jump */
+case OP_VNext: {   /* jump, ncycle */
   sqlite3_vtab *pVtab;
   const sqlite3_module *pModule;
   int res;
@@ -96977,11 +99510,13 @@ default: {          /* This is really OP_Noop, OP_Explain */
 *****************************************************************************/
     }
 
-#ifdef VDBE_PROFILE
-    {
-      u64 endTime = sqlite3NProfileCnt ? sqlite3NProfileCnt : sqlite3Hwtime();
-      if( endTime>start ) pOrigOp->cycles += endTime - start;
-      pOrigOp->cnt++;
+#if defined(VDBE_PROFILE)
+    *pnCycle += sqlite3NProfileCnt ? sqlite3NProfileCnt : sqlite3Hwtime();
+    pnCycle = 0;
+#elif defined(SQLITE_ENABLE_STMT_SCANSTATUS)
+    if( pnCycle ){
+      *pnCycle += sqlite3Hwtime();
+      pnCycle = 0;
     }
 #endif
 
@@ -97058,6 +99593,18 @@ default: {          /* This is really OP_Noop, OP_Explain */
   ** release the mutexes on btrees that were acquired at the
   ** top. */
 vdbe_return:
+#if defined(VDBE_PROFILE)
+  if( pnCycle ){
+    *pnCycle += sqlite3NProfileCnt ? sqlite3NProfileCnt : sqlite3Hwtime();
+    pnCycle = 0;
+  }
+#elif defined(SQLITE_ENABLE_STMT_SCANSTATUS)
+  if( pnCycle ){
+    *pnCycle += sqlite3Hwtime();
+    pnCycle = 0;
+  }
+#endif
+
 #ifndef SQLITE_OMIT_PROGRESS_CALLBACK
   while( nVmStep>=nProgressLimit && db->xProgress!=0 ){
     nProgressLimit += db->nProgressOps;
@@ -97069,7 +99616,9 @@ default: {          /* This is really OP_Noop, OP_Explain */
   }
 #endif
   p->aCounter[SQLITE_STMTSTATUS_VM_STEP] += (int)nVmStep;
-  sqlite3VdbeLeave(p);
+  if( DbMaskNonZero(p->lockMask) ){
+    sqlite3VdbeLeave(p);
+  }
   assert( rc!=SQLITE_OK || nExtraDelete==0
        || sqlite3_strlike("DELETE%",p->zSql,0)!=0
   );
@@ -97447,7 +99996,7 @@ SQLITE_API int sqlite3_blob_open(
     if( pBlob && pBlob->pStmt ) sqlite3VdbeFinalize((Vdbe *)pBlob->pStmt);
     sqlite3DbFree(db, pBlob);
   }
-  sqlite3ErrorWithMsg(db, rc, (zErr ? "%s" : 0), zErr);
+  sqlite3ErrorWithMsg(db, rc, (zErr ? "%s" : (char*)0), zErr);
   sqlite3DbFree(db, zErr);
   sqlite3ParseObjectReset(&sParse);
   rc = sqlite3ApiExit(db, rc);
@@ -97606,7 +100155,7 @@ SQLITE_API int sqlite3_blob_reopen(sqlite3_blob *pBlob, sqlite3_int64 iRow){
     ((Vdbe*)p->pStmt)->rc = SQLITE_OK;
     rc = blobSeekToRow(p, iRow, &zErr);
     if( rc!=SQLITE_OK ){
-      sqlite3ErrorWithMsg(db, rc, (zErr ? "%s" : 0), zErr);
+      sqlite3ErrorWithMsg(db, rc, (zErr ? "%s" : (char*)0), zErr);
       sqlite3DbFree(db, zErr);
     }
     assert( rc!=SQLITE_SCHEMA );
@@ -100476,6 +103025,9 @@ static int bytecodevtabConnect(
    ");"
   };
 
+  (void)argc;
+  (void)argv;
+  (void)pzErr;
   rc = sqlite3_declare_vtab(db, azSchema[isTabUsed]);
   if( rc==SQLITE_OK ){
     pNew = sqlite3_malloc( sizeof(*pNew) );
@@ -100711,6 +103263,7 @@ static int bytecodevtabFilter(
   bytecodevtab_cursor *pCur = (bytecodevtab_cursor *)pVtabCursor;
   bytecodevtab *pVTab = (bytecodevtab *)pVtabCursor->pVtab;
   int rc = SQLITE_OK;
+  (void)idxStr;
 
   bytecodevtabCursorClear(pCur);
   pCur->iRowid = 0;
@@ -101179,6 +103732,8 @@ SQLITE_PRIVATE int sqlite3JournalOpen(
 ){
   MemJournal *p = (MemJournal*)pJfd;
 
+  assert( zName || nSpill<0 || (flags & SQLITE_OPEN_EXCLUSIVE) );
+
   /* Zero the file-handle object. If nSpill was passed zero, initialize
   ** it using the sqlite3OsOpen() function of the underlying VFS. In this
   ** case none of the code in this module is executed as a result of calls
@@ -101620,9 +104175,7 @@ static void resolveAlias(
         pExpr->y.pWin->pOwner = pExpr;
       }
     }
-    sqlite3ParserAddCleanup(pParse,
-      (void(*)(sqlite3*,void*))sqlite3ExprDelete,
-      pDup);
+    sqlite3ExprDeferredDelete(pParse, pDup);
   }
 }
 
@@ -101725,6 +104278,32 @@ static void extendFJMatch(
   }
 }
 
+/*
+** Return TRUE (non-zero) if zTab is a valid name for the schema table pTab.
+*/
+static SQLITE_NOINLINE int isValidSchemaTableName(
+  const char *zTab,         /* Name as it appears in the SQL */
+  Table *pTab,              /* The schema table we are trying to match */
+  Schema *pSchema           /* non-NULL if a database qualifier is present */
+){
+  const char *zLegacy;
+  assert( pTab!=0 );
+  assert( pTab->tnum==1 );
+  if( sqlite3StrNICmp(zTab, "sqlite_", 7)!=0 ) return 0;
+  zLegacy = pTab->zName;
+  if( strcmp(zLegacy+7, &LEGACY_TEMP_SCHEMA_TABLE[7])==0 ){
+    if( sqlite3StrICmp(zTab+7, &PREFERRED_TEMP_SCHEMA_TABLE[7])==0 ){
+      return 1;
+    }
+    if( pSchema==0 ) return 0;
+    if( sqlite3StrICmp(zTab+7, &LEGACY_SCHEMA_TABLE[7])==0 ) return 1;
+    if( sqlite3StrICmp(zTab+7, &PREFERRED_SCHEMA_TABLE[7])==0 ) return 1;
+  }else{
+    if( sqlite3StrICmp(zTab+7, &PREFERRED_SCHEMA_TABLE[7])==0 ) return 1;
+  }
+  return 0;
+}
+
 /*
 ** Given the name of a column of the form X.Y.Z or Y.Z or just Z, look up
 ** that name in the set of source tables in pSrcList and make the pExpr
@@ -101878,15 +104457,17 @@ static int lookupName(
         }
         assert( zDb==0 || zTab!=0 );
         if( zTab ){
-          const char *zTabName;
           if( zDb ){
             if( pTab->pSchema!=pSchema ) continue;
             if( pSchema==0 && strcmp(zDb,"*")!=0 ) continue;
           }
-          zTabName = pItem->zAlias ? pItem->zAlias : pTab->zName;
-          assert( zTabName!=0 );
-          if( sqlite3StrICmp(zTabName, zTab)!=0 ){
-            continue;
+          if( pItem->zAlias!=0 ){
+            if( sqlite3StrICmp(zTab, pItem->zAlias)!=0 ){
+              continue;
+            }
+          }else if( sqlite3StrICmp(zTab, pTab->zName)!=0 ){
+            if( pTab->tnum!=1 ) continue;
+            if( !isValidSchemaTableName(zTab, pTab, pSchema) ) continue;
           }
           assert( ExprUseYTab(pExpr) );
           if( IN_RENAME_OBJECT && pItem->zAlias ){
@@ -101962,7 +104543,8 @@ static int lookupName(
         assert( op==TK_DELETE || op==TK_UPDATE || op==TK_INSERT );
         if( pParse->bReturning ){
           if( (pNC->ncFlags & NC_UBaseReg)!=0
-           && (zTab==0 || sqlite3StrICmp(zTab,pParse->pTriggerTab->zName)==0)
+           && ALWAYS(zTab==0
+                     || sqlite3StrICmp(zTab,pParse->pTriggerTab->zName)==0)
           ){
             pExpr->iTable = op!=TK_DELETE;
             pTab = pParse->pTriggerTab;
@@ -102029,6 +104611,7 @@ static int lookupName(
             if( pParse->bReturning ){
               eNewExprOp = TK_REGISTER;
               pExpr->op2 = TK_COLUMN;
+              pExpr->iColumn = iCol;
               pExpr->iTable = pNC->uNC.iBaseReg + (pTab->nCol+1)*pExpr->iTable +
                  sqlite3TableColumnToStorage(pTab, iCol) + 1;
             }else{
@@ -102441,14 +105024,10 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
       if( 0==sqlite3ExprCanBeNull(pExpr->pLeft) && !IN_RENAME_OBJECT ){
         testcase( ExprHasProperty(pExpr, EP_OuterON) );
         assert( !ExprHasProperty(pExpr, EP_IntValue) );
-        if( pExpr->op==TK_NOTNULL ){
-          pExpr->u.zToken = "true";
-          ExprSetProperty(pExpr, EP_IsTrue);
-        }else{
-          pExpr->u.zToken = "false";
-          ExprSetProperty(pExpr, EP_IsFalse);
-        }
-        pExpr->op = TK_TRUEFALSE;
+        pExpr->u.iValue = (pExpr->op==TK_NOTNULL);
+        pExpr->flags |= EP_IntValue;
+        pExpr->op = TK_INTEGER;
+
         for(i=0, p=pNC; p && ipNext, i++){
           p->nRef = anRef[i];
         }
@@ -102750,8 +105329,8 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         assert( pNC->nRef>=nRef );
         if( nRef!=pNC->nRef ){
           ExprSetProperty(pExpr, EP_VarSelect);
-          pNC->ncFlags |= NC_VarSelect;
         }
+        pNC->ncFlags |= NC_Subquery;
       }
       break;
     }
@@ -103705,49 +106284,121 @@ SQLITE_PRIVATE char sqlite3TableColumnAffinity(const Table *pTab, int iCol){
 */
 SQLITE_PRIVATE char sqlite3ExprAffinity(const Expr *pExpr){
   int op;
-  while( ExprHasProperty(pExpr, EP_Skip|EP_IfNullRow) ){
-    assert( pExpr->op==TK_COLLATE
-         || pExpr->op==TK_IF_NULL_ROW
-         || (pExpr->op==TK_REGISTER && pExpr->op2==TK_IF_NULL_ROW) );
-    pExpr = pExpr->pLeft;
-    assert( pExpr!=0 );
-  }
   op = pExpr->op;
-  if( op==TK_REGISTER ) op = pExpr->op2;
-  if( op==TK_COLUMN || op==TK_AGG_COLUMN ){
-    assert( ExprUseYTab(pExpr) );
-    if( pExpr->y.pTab ){
+  while( 1 /* exit-by-break */ ){
+    if( op==TK_COLUMN || (op==TK_AGG_COLUMN && pExpr->y.pTab!=0) ){
+      assert( ExprUseYTab(pExpr) );
+      assert( pExpr->y.pTab!=0 );
       return sqlite3TableColumnAffinity(pExpr->y.pTab, pExpr->iColumn);
     }
-  }
-  if( op==TK_SELECT ){
-    assert( ExprUseXSelect(pExpr) );
-    assert( pExpr->x.pSelect!=0 );
-    assert( pExpr->x.pSelect->pEList!=0 );
-    assert( pExpr->x.pSelect->pEList->a[0].pExpr!=0 );
-    return sqlite3ExprAffinity(pExpr->x.pSelect->pEList->a[0].pExpr);
-  }
+    if( op==TK_SELECT ){
+      assert( ExprUseXSelect(pExpr) );
+      assert( pExpr->x.pSelect!=0 );
+      assert( pExpr->x.pSelect->pEList!=0 );
+      assert( pExpr->x.pSelect->pEList->a[0].pExpr!=0 );
+      return sqlite3ExprAffinity(pExpr->x.pSelect->pEList->a[0].pExpr);
+    }
 #ifndef SQLITE_OMIT_CAST
-  if( op==TK_CAST ){
-    assert( !ExprHasProperty(pExpr, EP_IntValue) );
-    return sqlite3AffinityType(pExpr->u.zToken, 0);
-  }
+    if( op==TK_CAST ){
+      assert( !ExprHasProperty(pExpr, EP_IntValue) );
+      return sqlite3AffinityType(pExpr->u.zToken, 0);
+    }
 #endif
-  if( op==TK_SELECT_COLUMN ){
-    assert( pExpr->pLeft!=0 && ExprUseXSelect(pExpr->pLeft) );
-    assert( pExpr->iColumn < pExpr->iTable );
-    assert( pExpr->iTable==pExpr->pLeft->x.pSelect->pEList->nExpr );
-    return sqlite3ExprAffinity(
-        pExpr->pLeft->x.pSelect->pEList->a[pExpr->iColumn].pExpr
-    );
-  }
-  if( op==TK_VECTOR ){
-    assert( ExprUseXList(pExpr) );
-    return sqlite3ExprAffinity(pExpr->x.pList->a[0].pExpr);
+    if( op==TK_SELECT_COLUMN ){
+      assert( pExpr->pLeft!=0 && ExprUseXSelect(pExpr->pLeft) );
+      assert( pExpr->iColumn < pExpr->iTable );
+      assert( pExpr->iTable==pExpr->pLeft->x.pSelect->pEList->nExpr );
+      return sqlite3ExprAffinity(
+          pExpr->pLeft->x.pSelect->pEList->a[pExpr->iColumn].pExpr
+      );
+    }
+    if( op==TK_VECTOR ){
+      assert( ExprUseXList(pExpr) );
+      return sqlite3ExprAffinity(pExpr->x.pList->a[0].pExpr);
+    }
+    if( ExprHasProperty(pExpr, EP_Skip|EP_IfNullRow) ){
+      assert( pExpr->op==TK_COLLATE
+           || pExpr->op==TK_IF_NULL_ROW
+           || (pExpr->op==TK_REGISTER && pExpr->op2==TK_IF_NULL_ROW) );
+      pExpr = pExpr->pLeft;
+      op = pExpr->op;
+      continue;
+    }
+    if( op!=TK_REGISTER || (op = pExpr->op2)==TK_REGISTER ) break;
   }
   return pExpr->affExpr;
 }
 
+/*
+** Make a guess at all the possible datatypes of the result that could
+** be returned by an expression.  Return a bitmask indicating the answer:
+**
+**     0x01         Numeric
+**     0x02         Text
+**     0x04         Blob
+**
+** If the expression must return NULL, then 0x00 is returned.
+*/
+SQLITE_PRIVATE int sqlite3ExprDataType(const Expr *pExpr){
+  while( pExpr ){
+    switch( pExpr->op ){
+      case TK_COLLATE:
+      case TK_IF_NULL_ROW:
+      case TK_UPLUS:  {
+        pExpr = pExpr->pLeft;
+        break;
+      }
+      case TK_NULL: {
+        pExpr = 0;
+        break;
+      }
+      case TK_STRING: {
+        return 0x02;
+      }
+      case TK_BLOB: {
+        return 0x04;
+      }
+      case TK_CONCAT: {
+        return 0x06;
+      }
+      case TK_VARIABLE:
+      case TK_AGG_FUNCTION:
+      case TK_FUNCTION: {
+        return 0x07;
+      }
+      case TK_COLUMN:
+      case TK_AGG_COLUMN:
+      case TK_SELECT:
+      case TK_CAST:
+      case TK_SELECT_COLUMN:
+      case TK_VECTOR:  {
+        int aff = sqlite3ExprAffinity(pExpr);
+        if( aff>=SQLITE_AFF_NUMERIC ) return 0x05;
+        if( aff==SQLITE_AFF_TEXT )    return 0x06;
+        return 0x07;
+      }
+      case TK_CASE: {
+        int res = 0;
+        int ii;
+        ExprList *pList = pExpr->x.pList;
+        assert( ExprUseXList(pExpr) && pList!=0 );
+        assert( pList->nExpr > 0);
+        for(ii=1; iinExpr; ii+=2){
+          res |= sqlite3ExprDataType(pList->a[ii].pExpr);
+        }
+        if( pList->nExpr % 2 ){
+          res |= sqlite3ExprDataType(pList->a[pList->nExpr-1].pExpr);
+        }
+        return res;
+      }
+      default: {
+        return 0x01;
+      }
+    } /* End of switch(op) */
+  } /* End of while(pExpr) */
+  return 0x00;
+}
+
 /*
 ** Set the collating sequence for expression pExpr to be the collating
 ** sequence named by pToken.   Return a pointer to a new Expr node that
@@ -103835,18 +106486,17 @@ SQLITE_PRIVATE CollSeq *sqlite3ExprCollSeq(Parse *pParse, const Expr *pExpr){
   while( p ){
     int op = p->op;
     if( op==TK_REGISTER ) op = p->op2;
-    if( op==TK_AGG_COLUMN || op==TK_COLUMN || op==TK_TRIGGER ){
+    if( (op==TK_AGG_COLUMN && p->y.pTab!=0)
+     || op==TK_COLUMN || op==TK_TRIGGER
+    ){
+      int j;
       assert( ExprUseYTab(p) );
-      if( p->y.pTab!=0 ){
-        /* op==TK_REGISTER && p->y.pTab!=0 happens when pExpr was originally
-        ** a TK_COLUMN but was previously evaluated and cached in a register */
-        int j = p->iColumn;
-        if( j>=0 ){
-          const char *zColl = sqlite3ColumnColl(&p->y.pTab->aCol[j]);
-          pColl = sqlite3FindCollSeq(db, ENC(db), zColl, 0);
-        }
-        break;
+      assert( p->y.pTab!=0 );
+      if( (j = p->iColumn)>=0 ){
+        const char *zColl = sqlite3ColumnColl(&p->y.pTab->aCol[j]);
+        pColl = sqlite3FindCollSeq(db, ENC(db), zColl, 0);
       }
+      break;
     }
     if( op==TK_CAST || op==TK_UPLUS ){
       p = p->pLeft;
@@ -103868,11 +106518,10 @@ SQLITE_PRIVATE CollSeq *sqlite3ExprCollSeq(Parse *pParse, const Expr *pExpr){
       }else{
         Expr *pNext  = p->pRight;
         /* The Expr.x union is never used at the same time as Expr.pRight */
-        assert( ExprUseXList(p) );
-        assert( p->x.pList==0 || p->pRight==0 );
-        if( p->x.pList!=0 && !db->mallocFailed ){
+        assert( !ExprUseXList(p) || p->x.pList==0 || p->pRight==0 );
+        if( ExprUseXList(p) && p->x.pList!=0 && !db->mallocFailed ){
           int i;
-          for(i=0; ALWAYS(ix.pList->nExpr); i++){
+          for(i=0; ix.pList->nExpr; i++){
             if( ExprHasProperty(p->x.pList->a[i].pExpr, EP_Collate) ){
               pNext = p->x.pList->a[i].pExpr;
               break;
@@ -104431,7 +107080,9 @@ static void heightOfSelect(const Select *pSelect, int *pnHeight){
 */
 static void exprSetHeight(Expr *p){
   int nHeight = p->pLeft ? p->pLeft->nHeight : 0;
-  if( p->pRight && p->pRight->nHeight>nHeight ) nHeight = p->pRight->nHeight;
+  if( NEVER(p->pRight) && p->pRight->nHeight>nHeight ){
+    nHeight = p->pRight->nHeight;
+  }
   if( ExprUseXSelect(p) ){
     heightOfSelect(p->x.pSelect, &nHeight);
   }else if( p->x.pList ){
@@ -104574,15 +107225,26 @@ SQLITE_PRIVATE void sqlite3ExprAttachSubtrees(
     sqlite3ExprDelete(db, pLeft);
     sqlite3ExprDelete(db, pRight);
   }else{
+    assert( ExprUseXList(pRoot) );
+    assert( pRoot->x.pSelect==0 );
     if( pRight ){
       pRoot->pRight = pRight;
       pRoot->flags |= EP_Propagate & pRight->flags;
+#if SQLITE_MAX_EXPR_DEPTH>0
+      pRoot->nHeight = pRight->nHeight+1;
+    }else{
+      pRoot->nHeight = 1;
+#endif
     }
     if( pLeft ){
       pRoot->pLeft = pLeft;
       pRoot->flags |= EP_Propagate & pLeft->flags;
+#if SQLITE_MAX_EXPR_DEPTH>0
+      if( pLeft->nHeight>=pRoot->nHeight ){
+        pRoot->nHeight = pLeft->nHeight+1;
+      }
+#endif
     }
-    exprSetHeight(pRoot);
   }
 }
 
@@ -104691,9 +107353,9 @@ SQLITE_PRIVATE Select *sqlite3ExprListToValues(Parse *pParse, int nElem, ExprLis
 ** Join two expressions using an AND operator.  If either expression is
 ** NULL, then just return the other expression.
 **
-** If one side or the other of the AND is known to be false, then instead
-** of returning an AND expression, just return a constant expression with
-** a value of false.
+** If one side or the other of the AND is known to be false, and neither side
+** is part of an ON clause, then instead of returning an AND expression,
+** just return a constant expression with a value of false.
 */
 SQLITE_PRIVATE Expr *sqlite3ExprAnd(Parse *pParse, Expr *pLeft, Expr *pRight){
   sqlite3 *db = pParse->db;
@@ -104701,14 +107363,17 @@ SQLITE_PRIVATE Expr *sqlite3ExprAnd(Parse *pParse, Expr *pLeft, Expr *pRight){
     return pRight;
   }else if( pRight==0 ){
     return pLeft;
-  }else if( (ExprAlwaysFalse(pLeft) || ExprAlwaysFalse(pRight))
-         && !IN_RENAME_OBJECT
-  ){
-    sqlite3ExprDeferredDelete(pParse, pLeft);
-    sqlite3ExprDeferredDelete(pParse, pRight);
-    return sqlite3Expr(db, TK_INTEGER, "0");
   }else{
-    return sqlite3PExpr(pParse, TK_AND, pLeft, pRight);
+    u32 f = pLeft->flags | pRight->flags;
+    if( (f&(EP_OuterON|EP_InnerON|EP_IsFalse))==EP_IsFalse
+     && !IN_RENAME_OBJECT
+    ){
+      sqlite3ExprDeferredDelete(pParse, pLeft);
+      sqlite3ExprDeferredDelete(pParse, pRight);
+      return sqlite3Expr(db, TK_INTEGER, "0");
+    }else{
+      return sqlite3PExpr(pParse, TK_AND, pLeft, pRight);
+    }
   }
 }
 
@@ -104868,6 +107533,7 @@ SQLITE_PRIVATE void sqlite3ExprAssignVarNumber(Parse *pParse, Expr *pExpr, u32 n
 */
 static SQLITE_NOINLINE void sqlite3ExprDeleteNN(sqlite3 *db, Expr *p){
   assert( p!=0 );
+  assert( db!=0 );
   assert( !ExprUseUValue(p) || p->u.iValue>=0 );
   assert( !ExprUseYWin(p) || !ExprUseYSub(p) );
   assert( !ExprUseYWin(p) || p->y.pWin!=0 || db->mallocFailed );
@@ -104899,12 +107565,8 @@ static SQLITE_NOINLINE void sqlite3ExprDeleteNN(sqlite3 *db, Expr *p){
 #endif
     }
   }
-  if( ExprHasProperty(p, EP_MemToken) ){
-    assert( !ExprHasProperty(p, EP_IntValue) );
-    sqlite3DbFree(db, p->u.zToken);
-  }
   if( !ExprHasProperty(p, EP_Static) ){
-    sqlite3DbFreeNN(db, p);
+    sqlite3DbNNFreeNN(db, p);
   }
 }
 SQLITE_PRIVATE void sqlite3ExprDelete(sqlite3 *db, Expr *p){
@@ -104935,8 +107597,9 @@ SQLITE_PRIVATE void sqlite3ClearOnOrUsing(sqlite3 *db, OnOrUsing *p){
 ** pExpr to the pParse->pConstExpr list with a register number of 0.
 */
 SQLITE_PRIVATE void sqlite3ExprDeferredDelete(Parse *pParse, Expr *pExpr){
-  pParse->pConstExpr =
-      sqlite3ExprListAppend(pParse, pParse->pConstExpr, pExpr);
+  sqlite3ParserAddCleanup(pParse,
+    (void(*)(sqlite3*,void*))sqlite3ExprDelete,
+    pExpr);
 }
 
 /* Invoke sqlite3RenameExprUnmap() and sqlite3ExprDelete() on the
@@ -105010,7 +107673,6 @@ static int dupedExprStructSize(const Expr *p, int flags){
   }else{
     assert( !ExprHasProperty(p, EP_TokenOnly|EP_Reduced) );
     assert( !ExprHasProperty(p, EP_OuterON) );
-    assert( !ExprHasProperty(p, EP_MemToken) );
     assert( !ExprHasVVAProperty(p, EP_NoReduce) );
     if( p->pLeft || p->x.pList ){
       nSize = EXPR_REDUCEDSIZE | EP_Reduced;
@@ -105114,7 +107776,7 @@ static Expr *exprDup(sqlite3 *db, const Expr *p, int dupFlags, u8 **pzBuffer){
     }
 
     /* Set the EP_Reduced, EP_TokenOnly, and EP_Static flags appropriately. */
-    pNew->flags &= ~(EP_Reduced|EP_TokenOnly|EP_Static|EP_MemToken);
+    pNew->flags &= ~(EP_Reduced|EP_TokenOnly|EP_Static);
     pNew->flags |= nStructSize & (EP_Reduced|EP_TokenOnly);
     pNew->flags |= staticFlag;
     ExprClearVVAProperties(pNew);
@@ -105690,12 +108352,13 @@ static SQLITE_NOINLINE void exprListDeleteNN(sqlite3 *db, ExprList *pList){
   int i = pList->nExpr;
   struct ExprList_item *pItem =  pList->a;
   assert( pList->nExpr>0 );
+  assert( db!=0 );
   do{
     sqlite3ExprDelete(db, pItem->pExpr);
-    sqlite3DbFree(db, pItem->zEName);
+    if( pItem->zEName ) sqlite3DbNNFreeNN(db, pItem->zEName);
     pItem++;
   }while( --i>0 );
-  sqlite3DbFreeNN(db, pList);
+  sqlite3DbNNFreeNN(db, pList);
 }
 SQLITE_PRIVATE void sqlite3ExprListDelete(sqlite3 *db, ExprList *pList){
   if( pList ) exprListDeleteNN(db, pList);
@@ -105955,12 +108618,17 @@ SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr *p, int iCur){
 }
 
 /*
-** Check pExpr to see if it is an invariant constraint on data source pSrc.
+** Check pExpr to see if it is an constraint on the single data source
+** pSrc = &pSrcList->a[iSrc].  In other words, check to see if pExpr
+** constrains pSrc but does not depend on any other tables or data
+** sources anywhere else in the query.  Return true (non-zero) if pExpr
+** is a constraint on pSrc only.
+**
 ** This is an optimization.  False negatives will perhaps cause slower
 ** queries, but false positives will yield incorrect answers.  So when in
 ** doubt, return 0.
 **
-** To be an invariant constraint, the following must be true:
+** To be an single-source constraint, the following must be true:
 **
 **   (1)  pExpr cannot refer to any table other than pSrc->iCursor.
 **
@@ -105971,13 +108639,31 @@ SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr *p, int iCur){
 **
 **   (4)  If pSrc is the right operand of a LEFT JOIN, then...
 **         (4a)  pExpr must come from an ON clause..
-           (4b)  and specifically the ON clause associated with the LEFT JOIN.
+**         (4b)  and specifically the ON clause associated with the LEFT JOIN.
 **
 **   (5)  If pSrc is not the right operand of a LEFT JOIN or the left
 **        operand of a RIGHT JOIN, then pExpr must be from the WHERE
 **        clause, not an ON clause.
+**
+**   (6) Either:
+**
+**       (6a) pExpr does not originate in an ON or USING clause, or
+**
+**       (6b) The ON or USING clause from which pExpr is derived is
+**            not to the left of a RIGHT JOIN (or FULL JOIN).
+**
+**       Without this restriction, accepting pExpr as a single-table
+**       constraint might move the the ON/USING filter expression
+**       from the left side of a RIGHT JOIN over to the right side,
+**       which leads to incorrect answers.  See also restriction (9)
+**       on push-down.
 */
-SQLITE_PRIVATE int sqlite3ExprIsTableConstraint(Expr *pExpr, const SrcItem *pSrc){
+SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(
+  Expr *pExpr,                 /* The constraint */
+  const SrcList *pSrcList,     /* Complete FROM clause */
+  int iSrc                     /* Which element of pSrcList to use */
+){
+  const SrcItem *pSrc = &pSrcList->a[iSrc];
   if( pSrc->fg.jointype & JT_LTORJ ){
     return 0;  /* rule (3) */
   }
@@ -105987,6 +108673,19 @@ SQLITE_PRIVATE int sqlite3ExprIsTableConstraint(Expr *pExpr, const SrcItem *pSrc
   }else{
     if( ExprHasProperty(pExpr, EP_OuterON) ) return 0;    /* rule (5) */
   }
+  if( ExprHasProperty(pExpr, EP_OuterON|EP_InnerON)  /* (6a) */
+   && (pSrcList->a[0].fg.jointype & JT_LTORJ)!=0     /* Fast pre-test of (6b) */
+  ){
+    int jj;
+    for(jj=0; jjw.iJoin==pSrcList->a[jj].iCursor ){
+        if( (pSrcList->a[jj].fg.jointype & JT_LTORJ)!=0 ){
+          return 0;  /* restriction (6) */
+        }
+        break;
+      }
+    }
+  }
   return sqlite3ExprIsTableConstant(pExpr, pSrc->iCursor); /* rules (1), (2) */
 }
 
@@ -106229,7 +108928,7 @@ SQLITE_PRIVATE int sqlite3IsRowid(const char *z){
 ** pX is the RHS of an IN operator.  If pX is a SELECT statement
 ** that can be simplified to a direct table access, then return
 ** a pointer to the SELECT statement.  If pX is not a SELECT statement,
-** or if the SELECT statement needs to be manifested into a transient
+** or if the SELECT statement needs to be materialized into a transient
 ** table, then return NULL.
 */
 #ifndef SQLITE_OMIT_SUBQUERY
@@ -106515,7 +109214,6 @@ SQLITE_PRIVATE int sqlite3FindInIndex(
             CollSeq *pReq = sqlite3BinaryCompareCollSeq(pParse, pLhs, pRhs);
             int j;
 
-            assert( pReq!=0 || pRhs->iColumn==XN_ROWID || pParse->nErr );
             for(j=0; jaiColumn[j]!=pRhs->iColumn ) continue;
               assert( pIdx->azColl[j] );
@@ -106873,6 +109571,7 @@ SQLITE_PRIVATE void sqlite3CodeRhsOfIN(
     sqlite3VdbeChangeP4(v, addr, (void *)pKeyInfo, P4_KEYINFO);
   }
   if( addrOnce ){
+    sqlite3VdbeAddOp1(v, OP_NullRow, iTab);
     sqlite3VdbeJumpHere(v, addrOnce);
     /* Subroutine return */
     assert( ExprUseYSub(pExpr) );
@@ -106908,6 +109607,9 @@ SQLITE_PRIVATE int sqlite3CodeSubselect(Parse *pParse, Expr *pExpr){
   SelectDest dest;            /* How to deal with SELECT result */
   int nReg;                   /* Registers to allocate */
   Expr *pLimit;               /* New limit expression */
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+  int addrExplain;            /* Address of OP_Explain instruction */
+#endif
 
   Vdbe *v = pParse->pVdbe;
   assert( v!=0 );
@@ -106960,8 +109662,9 @@ SQLITE_PRIVATE int sqlite3CodeSubselect(Parse *pParse, Expr *pExpr){
   ** In both cases, the query is augmented with "LIMIT 1".  Any
   ** preexisting limit is discarded in place of the new LIMIT 1.
   */
-  ExplainQueryPlan((pParse, 1, "%sSCALAR SUBQUERY %d",
+  ExplainQueryPlan2(addrExplain, (pParse, 1, "%sSCALAR SUBQUERY %d",
         addrOnce?"":"CORRELATED ", pSel->selId));
+  sqlite3VdbeScanStatusCounters(v, addrExplain, addrExplain, -1);
   nReg = pExpr->op==TK_SELECT ? pSel->pEList->nExpr : 1;
   sqlite3SelectDestInit(&dest, 0, pParse->nMem+1);
   pParse->nMem += nReg;
@@ -106986,7 +109689,7 @@ SQLITE_PRIVATE int sqlite3CodeSubselect(Parse *pParse, Expr *pExpr){
       pLimit = sqlite3PExpr(pParse, TK_NE,
                             sqlite3ExprDup(db, pSel->pLimit->pLeft, 0), pLimit);
     }
-    sqlite3ExprDelete(db, pSel->pLimit->pLeft);
+    sqlite3ExprDeferredDelete(pParse, pSel->pLimit->pLeft);
     pSel->pLimit->pLeft = pLimit;
   }else{
     /* If there is no pre-existing limit add a limit of 1 */
@@ -107004,6 +109707,7 @@ SQLITE_PRIVATE int sqlite3CodeSubselect(Parse *pParse, Expr *pExpr){
   if( addrOnce ){
     sqlite3VdbeJumpHere(v, addrOnce);
   }
+  sqlite3VdbeScanStatusRange(v, addrExplain, addrExplain, -1);
 
   /* Subroutine return */
   assert( ExprUseYSub(pExpr) );
@@ -107412,6 +110116,7 @@ SQLITE_PRIVATE void sqlite3ExprCodeGeneratedColumn(
 ){
   int iAddr;
   Vdbe *v = pParse->pVdbe;
+  int nErr = pParse->nErr;
   assert( v!=0 );
   assert( pParse->iSelfTab!=0 );
   if( pParse->iSelfTab>0 ){
@@ -107424,6 +110129,7 @@ SQLITE_PRIVATE void sqlite3ExprCodeGeneratedColumn(
     sqlite3VdbeAddOp4(v, OP_Affinity, regOut, 1, 0, &pCol->affinity, 1);
   }
   if( iAddr ) sqlite3VdbeJumpHere(v, iAddr);
+  if( pParse->nErr>nErr ) pParse->db->errByteOffset = -1;
 }
 #endif /* SQLITE_OMIT_GENERATED_COLUMNS */
 
@@ -107439,10 +110145,8 @@ SQLITE_PRIVATE void sqlite3ExprCodeGetColumnOfTable(
 ){
   Column *pCol;
   assert( v!=0 );
-  if( pTab==0 ){
-    sqlite3VdbeAddOp3(v, OP_Column, iTabCur, iCol, regOut);
-    return;
-  }
+  assert( pTab!=0 );
+  assert( iCol!=XN_EXPR );
   if( iCol<0 || iCol==pTab->iPKey ){
     sqlite3VdbeAddOp2(v, OP_Rowid, iTabCur, regOut);
     VdbeComment((v, "%s.rowid", pTab->zName));
@@ -107500,7 +110204,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeGetColumn(
   assert( pParse->pVdbe!=0 );
   sqlite3ExprCodeGetColumnOfTable(pParse->pVdbe, pTab, iTable, iColumn, iReg);
   if( p5 ){
-    VdbeOp *pOp = sqlite3VdbeGetOp(pParse->pVdbe,-1);
+    VdbeOp *pOp = sqlite3VdbeGetLastOp(pParse->pVdbe);
     if( pOp->opcode==OP_Column ) pOp->p5 = p5;
   }
   return iReg;
@@ -107569,7 +110273,7 @@ static int exprCodeVector(Parse *pParse, Expr *p, int *piFreeable){
 ** so that a subsequent copy will not be merged into this one.
 */
 static void setDoNotMergeFlagOnCopy(Vdbe *v){
-  if( sqlite3VdbeGetOp(v, -1)->opcode==OP_Copy ){
+  if( sqlite3VdbeGetLastOp(v)->opcode==OP_Copy ){
     sqlite3VdbeChangeP5(v, 1);  /* Tag trailing OP_Copy as not mergable */
   }
 }
@@ -107679,10 +110383,13 @@ static int exprCodeInlineFunction(
       ** the type affinity of the argument.  This is used for testing of
       ** the SQLite type logic.
       */
-      const char *azAff[] = { "blob", "text", "numeric", "integer", "real" };
+      const char *azAff[] = { "blob", "text", "numeric", "integer",
+                              "real", "flexnum" };
       char aff;
       assert( nFarg==1 );
       aff = sqlite3ExprAffinity(pFarg->a[0].pExpr);
+      assert( aff<=SQLITE_AFF_NONE
+           || (aff>=SQLITE_AFF_BLOB && aff<=SQLITE_AFF_FLEXNUM) );
       sqlite3VdbeLoadString(v, target,
               (aff<=SQLITE_AFF_NONE) ? "none" : azAff[aff-SQLITE_AFF_BLOB]);
       break;
@@ -107692,6 +110399,64 @@ static int exprCodeInlineFunction(
   return target;
 }
 
+/*
+** Check to see if pExpr is one of the indexed expressions on pParse->pIdxEpr.
+** If it is, then resolve the expression by reading from the index and
+** return the register into which the value has been read.  If pExpr is
+** not an indexed expression, then return negative.
+*/
+static SQLITE_NOINLINE int sqlite3IndexedExprLookup(
+  Parse *pParse,   /* The parsing context */
+  Expr *pExpr,     /* The expression to potentially bypass */
+  int target       /* Where to store the result of the expression */
+){
+  IndexedExpr *p;
+  Vdbe *v;
+  for(p=pParse->pIdxEpr; p; p=p->pIENext){
+    u8 exprAff;
+    int iDataCur = p->iDataCur;
+    if( iDataCur<0 ) continue;
+    if( pParse->iSelfTab ){
+      if( p->iDataCur!=pParse->iSelfTab-1 ) continue;
+      iDataCur = -1;
+    }
+    if( sqlite3ExprCompare(0, pExpr, p->pExpr, iDataCur)!=0 ) continue;
+    assert( p->aff>=SQLITE_AFF_BLOB && p->aff<=SQLITE_AFF_NUMERIC );
+    exprAff = sqlite3ExprAffinity(pExpr);
+    if( (exprAff<=SQLITE_AFF_BLOB && p->aff!=SQLITE_AFF_BLOB)
+     || (exprAff==SQLITE_AFF_TEXT && p->aff!=SQLITE_AFF_TEXT)
+     || (exprAff>=SQLITE_AFF_NUMERIC && p->aff!=SQLITE_AFF_NUMERIC)
+    ){
+      /* Affinity mismatch on a generated column */
+      continue;
+    }
+
+    v = pParse->pVdbe;
+    assert( v!=0 );
+    if( p->bMaybeNullRow ){
+      /* If the index is on a NULL row due to an outer join, then we
+      ** cannot extract the value from the index.  The value must be
+      ** computed using the original expression. */
+      int addr = sqlite3VdbeCurrentAddr(v);
+      sqlite3VdbeAddOp3(v, OP_IfNullRow, p->iIdxCur, addr+3, target);
+      VdbeCoverage(v);
+      sqlite3VdbeAddOp3(v, OP_Column, p->iIdxCur, p->iIdxCol, target);
+      VdbeComment((v, "%s expr-column %d", p->zIdxName, p->iIdxCol));
+      sqlite3VdbeGoto(v, 0);
+      p = pParse->pIdxEpr;
+      pParse->pIdxEpr = 0;
+      sqlite3ExprCode(pParse, pExpr, target);
+      pParse->pIdxEpr = p;
+      sqlite3VdbeJumpHere(v, addr+2);
+    }else{
+      sqlite3VdbeAddOp3(v, OP_Column, p->iIdxCur, p->iIdxCol, target);
+      VdbeComment((v, "%s expr-column %d", p->zIdxName, p->iIdxCol));
+    }
+    return target;
+  }
+  return -1;  /* Not found */
+}
+
 
 /*
 ** Generate code into the current Vdbe to evaluate the given
@@ -107720,6 +110485,11 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
 expr_code_doover:
   if( pExpr==0 ){
     op = TK_NULL;
+  }else if( pParse->pIdxEpr!=0
+   && !ExprHasProperty(pExpr, EP_Leaf)
+   && (r1 = sqlite3IndexedExprLookup(pParse, pExpr, target))>=0
+  ){
+    return r1;
   }else{
     assert( !ExprHasVVAProperty(pExpr,EP_Immutable) );
     op = pExpr->op;
@@ -107729,16 +110499,29 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       AggInfo *pAggInfo = pExpr->pAggInfo;
       struct AggInfo_col *pCol;
       assert( pAggInfo!=0 );
-      assert( pExpr->iAgg>=0 && pExpr->iAggnColumn );
+      assert( pExpr->iAgg>=0 );
+      if( pExpr->iAgg>=pAggInfo->nColumn ){
+        /* Happens when the left table of a RIGHT JOIN is null and
+        ** is using an expression index */
+        sqlite3VdbeAddOp2(v, OP_Null, 0, target);
+#ifdef SQLITE_VDBE_COVERAGE
+        /* Verify that the OP_Null above is exercised by tests
+        ** tag-20230325-2 */
+        sqlite3VdbeAddOp2(v, OP_NotNull, target, 1);
+        VdbeCoverageNeverTaken(v);
+#endif
+        break;
+      }
       pCol = &pAggInfo->aCol[pExpr->iAgg];
       if( !pAggInfo->directMode ){
-        assert( pCol->iMem>0 );
-        return pCol->iMem;
+        return AggInfoColumnReg(pAggInfo, pExpr->iAgg);
       }else if( pAggInfo->useSortingIdx ){
         Table *pTab = pCol->pTab;
         sqlite3VdbeAddOp3(v, OP_Column, pAggInfo->sortingIdxPTab,
                               pCol->iSorterColumn, target);
-        if( pCol->iColumn<0 ){
+        if( pTab==0 ){
+          /* No comment added */
+        }else if( pCol->iColumn<0 ){
           VdbeComment((v,"%s.rowid",pTab->zName));
         }else{
           VdbeComment((v,"%s.%s",
@@ -107748,6 +110531,11 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
           }
         }
         return target;
+      }else if( pExpr->y.pTab==0 ){
+        /* This case happens when the argument to an aggregate function
+        ** is rewritten by aggregateConvertIndexedExprRefToColumn() */
+        sqlite3VdbeAddOp3(v, OP_Column, pExpr->iTable, pExpr->iColumn, target);
+        return target;
       }
       /* Otherwise, fall thru into the TK_COLUMN case */
       /* no break */ deliberate_fall_through
@@ -107765,13 +110553,10 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
         int aff;
         iReg = sqlite3ExprCodeTarget(pParse, pExpr->pLeft,target);
         assert( ExprUseYTab(pExpr) );
-        if( pExpr->y.pTab ){
-          aff = sqlite3TableColumnAffinity(pExpr->y.pTab, pExpr->iColumn);
-        }else{
-          aff = pExpr->affExpr;
-        }
+        assert( pExpr->y.pTab!=0 );
+        aff = sqlite3TableColumnAffinity(pExpr->y.pTab, pExpr->iColumn);
         if( aff>SQLITE_AFF_BLOB ){
-          static const char zAff[] = "B\000C\000D\000E";
+          static const char zAff[] = "B\000C\000D\000E\000F";
           assert( SQLITE_AFF_BLOB=='A' );
           assert( SQLITE_AFF_TEXT=='B' );
           sqlite3VdbeAddOp4(v, OP_Affinity, iReg, 1, 0,
@@ -107831,12 +110616,10 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
         }
       }
       assert( ExprUseYTab(pExpr) );
+      assert( pExpr->y.pTab!=0 );
       iReg = sqlite3ExprCodeGetColumn(pParse, pExpr->y.pTab,
                                pExpr->iColumn, iTab, target,
                                pExpr->op2);
-      if( pExpr->y.pTab==0 && pExpr->affExpr==SQLITE_AFF_REAL ){
-        sqlite3VdbeAddOp1(v, OP_RealAffinity, iReg);
-      }
       return iReg;
     }
     case TK_INTEGER: {
@@ -107903,11 +110686,8 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
 #ifndef SQLITE_OMIT_CAST
     case TK_CAST: {
       /* Expressions of the form:   CAST(pLeft AS token) */
-      inReg = sqlite3ExprCodeTarget(pParse, pExpr->pLeft, target);
-      if( inReg!=target ){
-        sqlite3VdbeAddOp2(v, OP_SCopy, inReg, target);
-        inReg = target;
-      }
+      sqlite3ExprCode(pParse, pExpr->pLeft, target);
+      assert( inReg==target );
       assert( !ExprHasProperty(pExpr, EP_IntValue) );
       sqlite3VdbeAddOp2(v, OP_Cast, target,
                         sqlite3AffinityType(pExpr->u.zToken, 0));
@@ -108050,7 +110830,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
         assert( !ExprHasProperty(pExpr, EP_IntValue) );
         sqlite3ErrorMsg(pParse, "misuse of aggregate: %#T()", pExpr);
       }else{
-        return pInfo->aFunc[pExpr->iAgg].iMem;
+        return AggInfoFuncReg(pInfo, pExpr->iAgg);
       }
       break;
     }
@@ -108239,17 +111019,16 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       return target;
     }
     case TK_COLLATE: {
-      if( !ExprHasProperty(pExpr, EP_Collate)
-       && ALWAYS(pExpr->pLeft)
-       && pExpr->pLeft->op==TK_FUNCTION
-      ){
-        inReg = sqlite3ExprCodeTarget(pParse, pExpr->pLeft, target);
-        if( inReg!=target ){
-          sqlite3VdbeAddOp2(v, OP_SCopy, inReg, target);
-          inReg = target;
-        }
-        sqlite3VdbeAddOp1(v, OP_ClrSubtype, inReg);
-        return inReg;
+      if( !ExprHasProperty(pExpr, EP_Collate) ){
+        /* A TK_COLLATE Expr node without the EP_Collate tag is a so-called
+        ** "SOFT-COLLATE" that is added to constraints that are pushed down
+        ** from outer queries into sub-queries by the push-down optimization.
+        ** Clear subtypes as subtypes may not cross a subquery boundary.
+        */
+        assert( pExpr->pLeft );
+        sqlite3ExprCode(pParse, pExpr->pLeft, target);
+        sqlite3VdbeAddOp1(v, OP_ClrSubtype, target);
+        return target;
       }else{
         pExpr = pExpr->pLeft;
         goto expr_code_doover; /* 2018-04-28: Prevent deep recursion. */
@@ -108335,16 +111114,34 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
     case TK_IF_NULL_ROW: {
       int addrINR;
       u8 okConstFactor = pParse->okConstFactor;
-      addrINR = sqlite3VdbeAddOp1(v, OP_IfNullRow, pExpr->iTable);
-      /* Temporarily disable factoring of constant expressions, since
-      ** even though expressions may appear to be constant, they are not
-      ** really constant because they originate from the right-hand side
-      ** of a LEFT JOIN. */
-      pParse->okConstFactor = 0;
-      inReg = sqlite3ExprCodeTarget(pParse, pExpr->pLeft, target);
+      AggInfo *pAggInfo = pExpr->pAggInfo;
+      if( pAggInfo ){
+        assert( pExpr->iAgg>=0 && pExpr->iAggnColumn );
+        if( !pAggInfo->directMode ){
+          inReg = AggInfoColumnReg(pAggInfo, pExpr->iAgg);
+          break;
+        }
+        if( pExpr->pAggInfo->useSortingIdx ){
+          sqlite3VdbeAddOp3(v, OP_Column, pAggInfo->sortingIdxPTab,
+                            pAggInfo->aCol[pExpr->iAgg].iSorterColumn,
+                            target);
+          inReg = target;
+          break;
+        }
+      }
+      addrINR = sqlite3VdbeAddOp3(v, OP_IfNullRow, pExpr->iTable, 0, target);
+      /* The OP_IfNullRow opcode above can overwrite the result register with
+      ** NULL.  So we have to ensure that the result register is not a value
+      ** that is suppose to be a constant.  Two defenses are needed:
+      **   (1)  Temporarily disable factoring of constant expressions
+      **   (2)  Make sure the computed value really is stored in register
+      **        "target" and not someplace else.
+      */
+      pParse->okConstFactor = 0;   /* note (1) above */
+      sqlite3ExprCode(pParse, pExpr->pLeft, target);
+      assert( target==inReg );
       pParse->okConstFactor = okConstFactor;
       sqlite3VdbeJumpHere(v, addrINR);
-      sqlite3VdbeChangeP3(v, addrINR, inReg);
       break;
     }
 
@@ -108581,7 +111378,9 @@ SQLITE_PRIVATE void sqlite3ExprCode(Parse *pParse, Expr *pExpr, int target){
   inReg = sqlite3ExprCodeTarget(pParse, pExpr, target);
   if( inReg!=target ){
     u8 op;
-    if( ALWAYS(pExpr) && ExprHasProperty(pExpr,EP_Subquery) ){
+    if( ALWAYS(pExpr)
+     && (ExprHasProperty(pExpr,EP_Subquery) || pExpr->op==TK_REGISTER)
+    ){
       op = OP_Copy;
     }else{
       op = OP_SCopy;
@@ -108676,7 +111475,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeExprList(
       if( inReg!=target+i ){
         VdbeOp *pOp;
         if( copyOp==OP_Copy
-         && (pOp=sqlite3VdbeGetOp(v, -1))->opcode==OP_Copy
+         && (pOp=sqlite3VdbeGetLastOp(v))->opcode==OP_Copy
          && pOp->p1+pOp->p3+1==inReg
          && pOp->p2+pOp->p3+1==target+i
          && pOp->p5==0  /* The do-not-merge flag must be clear */
@@ -108875,6 +111674,7 @@ SQLITE_PRIVATE void sqlite3ExprIfTrue(Parse *pParse, Expr *pExpr, int dest, int
       assert( TK_ISNULL==OP_IsNull );   testcase( op==TK_ISNULL );
       assert( TK_NOTNULL==OP_NotNull ); testcase( op==TK_NOTNULL );
       r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, ®Free1);
+      sqlite3VdbeTypeofColumn(v, r1);
       sqlite3VdbeAddOp2(v, op, r1, dest);
       VdbeCoverageIf(v, op==TK_ISNULL);
       VdbeCoverageIf(v, op==TK_NOTNULL);
@@ -109049,6 +111849,7 @@ SQLITE_PRIVATE void sqlite3ExprIfFalse(Parse *pParse, Expr *pExpr, int dest, int
     case TK_ISNULL:
     case TK_NOTNULL: {
       r1 = sqlite3ExprCodeTemp(pParse, pExpr->pLeft, ®Free1);
+      sqlite3VdbeTypeofColumn(v, r1);
       sqlite3VdbeAddOp2(v, op, r1, dest);
       testcase( op==TK_ISNULL );   VdbeCoverageIf(v, op==TK_ISNULL);
       testcase( op==TK_NOTNULL );  VdbeCoverageIf(v, op==TK_NOTNULL);
@@ -109202,7 +112003,13 @@ SQLITE_PRIVATE int sqlite3ExprCompare(
     if( pB->op==TK_COLLATE && sqlite3ExprCompare(pParse, pA,pB->pLeft,iTab)<2 ){
       return 1;
     }
-    return 2;
+    if( pA->op==TK_AGG_COLUMN && pB->op==TK_COLUMN
+     && pB->iTable<0 && pA->iTable==iTab
+    ){
+      /* fall through */
+    }else{
+      return 2;
+    }
   }
   assert( !ExprHasProperty(pA, EP_IntValue) );
   assert( !ExprHasProperty(pB, EP_IntValue) );
@@ -109504,10 +112311,10 @@ static int impliesNotNullRow(Walker *pWalker, Expr *pExpr){
       assert( pLeft->op!=TK_COLUMN || ExprUseYTab(pLeft) );
       assert( pRight->op!=TK_COLUMN || ExprUseYTab(pRight) );
       if( (pLeft->op==TK_COLUMN
-           && pLeft->y.pTab!=0
+           && ALWAYS(pLeft->y.pTab!=0)
            && IsVirtual(pLeft->y.pTab))
        || (pRight->op==TK_COLUMN
-           && pRight->y.pTab!=0
+           && ALWAYS(pRight->y.pTab!=0)
            && IsVirtual(pRight->y.pTab))
       ){
         return WRC_Prune;
@@ -109712,6 +112519,7 @@ static int exprRefToSrcList(Walker *pWalker, Expr *pExpr){
 SQLITE_PRIVATE int sqlite3ReferencesSrcList(Parse *pParse, Expr *pExpr, SrcList *pSrcList){
   Walker w;
   struct RefSrcList x;
+  assert( pParse->db!=0 );
   memset(&w, 0, sizeof(w));
   memset(&x, 0, sizeof(x));
   w.xExprCallback = exprRefToSrcList;
@@ -109728,7 +112536,7 @@ SQLITE_PRIVATE int sqlite3ReferencesSrcList(Parse *pParse, Expr *pExpr, SrcList
     sqlite3WalkExpr(&w, pExpr->y.pWin->pFilter);
   }
 #endif
-  sqlite3DbFree(pParse->db, x.aiExclude);
+  if( x.aiExclude ) sqlite3DbNNFreeNN(pParse->db, x.aiExclude);
   if( w.eCode & 0x01 ){
     return 1;
   }else if( w.eCode ){
@@ -109746,10 +112554,8 @@ SQLITE_PRIVATE int sqlite3ReferencesSrcList(Parse *pParse, Expr *pExpr, SrcList
 ** it does, make a copy.  This is done because the pExpr argument is
 ** subject to change.
 **
-** The copy is stored on pParse->pConstExpr with a register number of 0.
-** This will cause the expression to be deleted automatically when the
-** Parse object is destroyed, but the zero register number means that it
-** will not generate any code in the preamble.
+** The copy is scheduled for deletion using the sqlite3ExprDeferredDelete()
+** which builds on the sqlite3ParserAddCleanup() mechanism.
 */
 static int agginfoPersistExprCb(Walker *pWalker, Expr *pExpr){
   if( ALWAYS(!ExprHasProperty(pExpr, EP_TokenOnly|EP_Reduced))
@@ -109759,10 +112565,11 @@ static int agginfoPersistExprCb(Walker *pWalker, Expr *pExpr){
     int iAgg = pExpr->iAgg;
     Parse *pParse = pWalker->pParse;
     sqlite3 *db = pParse->db;
-    assert( pExpr->op==TK_AGG_COLUMN || pExpr->op==TK_AGG_FUNCTION );
-    if( pExpr->op==TK_AGG_COLUMN ){
-      assert( iAgg>=0 && iAggnColumn );
-      if( pAggInfo->aCol[iAgg].pCExpr==pExpr ){
+    assert( iAgg>=0 );
+    if( pExpr->op!=TK_AGG_FUNCTION ){
+      if( iAggnColumn
+       && pAggInfo->aCol[iAgg].pCExpr==pExpr
+      ){
         pExpr = sqlite3ExprDup(db, pExpr, 0);
         if( pExpr ){
           pAggInfo->aCol[iAgg].pCExpr = pExpr;
@@ -109770,8 +112577,10 @@ static int agginfoPersistExprCb(Walker *pWalker, Expr *pExpr){
         }
       }
     }else{
-      assert( iAgg>=0 && iAggnFunc );
-      if( pAggInfo->aFunc[iAgg].pFExpr==pExpr ){
+      assert( pExpr->op==TK_AGG_FUNCTION );
+      if( ALWAYS(iAggnFunc)
+       && pAggInfo->aFunc[iAgg].pFExpr==pExpr
+      ){
         pExpr = sqlite3ExprDup(db, pExpr, 0);
         if( pExpr ){
           pAggInfo->aFunc[iAgg].pFExpr = pExpr;
@@ -109826,6 +112635,73 @@ static int addAggInfoFunc(sqlite3 *db, AggInfo *pInfo){
   return i;
 }
 
+/*
+** Search the AggInfo object for an aCol[] entry that has iTable and iColumn.
+** Return the index in aCol[] of the entry that describes that column.
+**
+** If no prior entry is found, create a new one and return -1.  The
+** new column will have an idex of pAggInfo->nColumn-1.
+*/
+static void findOrCreateAggInfoColumn(
+  Parse *pParse,       /* Parsing context */
+  AggInfo *pAggInfo,   /* The AggInfo object to search and/or modify */
+  Expr *pExpr          /* Expr describing the column to find or insert */
+){
+  struct AggInfo_col *pCol;
+  int k;
+
+  assert( pAggInfo->iFirstReg==0 );
+  pCol = pAggInfo->aCol;
+  for(k=0; knColumn; k++, pCol++){
+    if( pCol->iTable==pExpr->iTable
+     && pCol->iColumn==pExpr->iColumn
+     && pExpr->op!=TK_IF_NULL_ROW
+    ){
+      goto fix_up_expr;
+    }
+  }
+  k = addAggInfoColumn(pParse->db, pAggInfo);
+  if( k<0 ){
+    /* OOM on resize */
+    assert( pParse->db->mallocFailed );
+    return;
+  }
+  pCol = &pAggInfo->aCol[k];
+  assert( ExprUseYTab(pExpr) );
+  pCol->pTab = pExpr->y.pTab;
+  pCol->iTable = pExpr->iTable;
+  pCol->iColumn = pExpr->iColumn;
+  pCol->iSorterColumn = -1;
+  pCol->pCExpr = pExpr;
+  if( pAggInfo->pGroupBy && pExpr->op!=TK_IF_NULL_ROW ){
+    int j, n;
+    ExprList *pGB = pAggInfo->pGroupBy;
+    struct ExprList_item *pTerm = pGB->a;
+    n = pGB->nExpr;
+    for(j=0; jpExpr;
+      if( pE->op==TK_COLUMN
+       && pE->iTable==pExpr->iTable
+       && pE->iColumn==pExpr->iColumn
+      ){
+        pCol->iSorterColumn = j;
+        break;
+      }
+    }
+  }
+  if( pCol->iSorterColumn<0 ){
+    pCol->iSorterColumn = pAggInfo->nSortingColumn++;
+  }
+fix_up_expr:
+  ExprSetVVAProperty(pExpr, EP_NoReduce);
+  assert( pExpr->pAggInfo==0 || pExpr->pAggInfo==pAggInfo );
+  pExpr->pAggInfo = pAggInfo;
+  if( pExpr->op==TK_COLUMN ){
+    pExpr->op = TK_AGG_COLUMN;
+  }
+  pExpr->iAgg = (i16)k;
+}
+
 /*
 ** This is the xExprCallback for a tree walker.  It is used to
 ** implement sqlite3ExprAnalyzeAggregates().  See sqlite3ExprAnalyzeAggregates
@@ -109839,76 +112715,64 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
   AggInfo *pAggInfo = pNC->uNC.pAggInfo;
 
   assert( pNC->ncFlags & NC_UAggInfo );
+  assert( pAggInfo->iFirstReg==0 );
   switch( pExpr->op ){
+    default: {
+      IndexedExpr *pIEpr;
+      Expr tmp;
+      assert( pParse->iSelfTab==0 );
+      if( (pNC->ncFlags & NC_InAggFunc)==0 ) break;
+      if( pParse->pIdxEpr==0 ) break;
+      for(pIEpr=pParse->pIdxEpr; pIEpr; pIEpr=pIEpr->pIENext){
+        int iDataCur = pIEpr->iDataCur;
+        if( iDataCur<0 ) continue;
+        if( sqlite3ExprCompare(0, pExpr, pIEpr->pExpr, iDataCur)==0 ) break;
+      }
+      if( pIEpr==0 ) break;
+      if( NEVER(!ExprUseYTab(pExpr)) ) break;
+      for(i=0; inSrc; i++){
+         if( pSrcList->a[0].iCursor==pIEpr->iDataCur ) break;
+      }
+      if( i>=pSrcList->nSrc ) break;
+      if( NEVER(pExpr->pAggInfo!=0) ) break; /* Resolved by outer context */
+      if( pParse->nErr ){ return WRC_Abort; }
+
+      /* If we reach this point, it means that expression pExpr can be
+      ** translated into a reference to an index column as described by
+      ** pIEpr.
+      */
+      memset(&tmp, 0, sizeof(tmp));
+      tmp.op = TK_AGG_COLUMN;
+      tmp.iTable = pIEpr->iIdxCur;
+      tmp.iColumn = pIEpr->iIdxCol;
+      findOrCreateAggInfoColumn(pParse, pAggInfo, &tmp);
+      if( pParse->nErr ){ return WRC_Abort; }
+      assert( pAggInfo->aCol!=0 );
+      assert( tmp.iAggnColumn );
+      pAggInfo->aCol[tmp.iAgg].pCExpr = pExpr;
+      pExpr->pAggInfo = pAggInfo;
+      pExpr->iAgg = tmp.iAgg;
+      return WRC_Prune;
+    }
+    case TK_IF_NULL_ROW:
     case TK_AGG_COLUMN:
     case TK_COLUMN: {
       testcase( pExpr->op==TK_AGG_COLUMN );
       testcase( pExpr->op==TK_COLUMN );
+      testcase( pExpr->op==TK_IF_NULL_ROW );
       /* Check to see if the column is in one of the tables in the FROM
       ** clause of the aggregate query */
       if( ALWAYS(pSrcList!=0) ){
         SrcItem *pItem = pSrcList->a;
         for(i=0; inSrc; i++, pItem++){
-          struct AggInfo_col *pCol;
           assert( !ExprHasProperty(pExpr, EP_TokenOnly|EP_Reduced) );
           if( pExpr->iTable==pItem->iCursor ){
-            /* If we reach this point, it means that pExpr refers to a table
-            ** that is in the FROM clause of the aggregate query.
-            **
-            ** Make an entry for the column in pAggInfo->aCol[] if there
-            ** is not an entry there already.
-            */
-            int k;
-            pCol = pAggInfo->aCol;
-            for(k=0; knColumn; k++, pCol++){
-              if( pCol->iTable==pExpr->iTable &&
-                  pCol->iColumn==pExpr->iColumn ){
-                break;
-              }
-            }
-            if( (k>=pAggInfo->nColumn)
-             && (k = addAggInfoColumn(pParse->db, pAggInfo))>=0
-            ){
-              pCol = &pAggInfo->aCol[k];
-              assert( ExprUseYTab(pExpr) );
-              pCol->pTab = pExpr->y.pTab;
-              pCol->iTable = pExpr->iTable;
-              pCol->iColumn = pExpr->iColumn;
-              pCol->iMem = ++pParse->nMem;
-              pCol->iSorterColumn = -1;
-              pCol->pCExpr = pExpr;
-              if( pAggInfo->pGroupBy ){
-                int j, n;
-                ExprList *pGB = pAggInfo->pGroupBy;
-                struct ExprList_item *pTerm = pGB->a;
-                n = pGB->nExpr;
-                for(j=0; jpExpr;
-                  if( pE->op==TK_COLUMN && pE->iTable==pExpr->iTable &&
-                      pE->iColumn==pExpr->iColumn ){
-                    pCol->iSorterColumn = j;
-                    break;
-                  }
-                }
-              }
-              if( pCol->iSorterColumn<0 ){
-                pCol->iSorterColumn = pAggInfo->nSortingColumn++;
-              }
-            }
-            /* There is now an entry for pExpr in pAggInfo->aCol[] (either
-            ** because it was there before or because we just created it).
-            ** Convert the pExpr to be a TK_AGG_COLUMN referring to that
-            ** pAggInfo->aCol[] entry.
-            */
-            ExprSetVVAProperty(pExpr, EP_NoReduce);
-            pExpr->pAggInfo = pAggInfo;
-            pExpr->op = TK_AGG_COLUMN;
-            pExpr->iAgg = (i16)k;
+            findOrCreateAggInfoColumn(pParse, pAggInfo, pExpr);
             break;
           } /* endif pExpr->iTable==pItem->iCursor */
         } /* end loop over pSrcList */
       }
-      return WRC_Prune;
+      return WRC_Continue;
     }
     case TK_AGG_FUNCTION: {
       if( (pNC->ncFlags & NC_InAggFunc)==0
@@ -109933,7 +112797,6 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
             assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
             pItem = &pAggInfo->aFunc[i];
             pItem->pFExpr = pExpr;
-            pItem->iMem = ++pParse->nMem;
             assert( ExprUseUToken(pExpr) );
             pItem->pFunc = sqlite3FindFunction(pParse->db,
                    pExpr->u.zToken,
@@ -110062,6 +112925,37 @@ SQLITE_PRIVATE void sqlite3ClearTempRegCache(Parse *pParse){
   pParse->nRangeReg = 0;
 }
 
+/*
+** Make sure sufficient registers have been allocated so that
+** iReg is a valid register number.
+*/
+SQLITE_PRIVATE void sqlite3TouchRegister(Parse *pParse, int iReg){
+  if( pParse->nMemnMem = iReg;
+}
+
+#if defined(SQLITE_ENABLE_STAT4) || defined(SQLITE_DEBUG)
+/*
+** Return the latest reusable register in the set of all registers.
+** The value returned is no less than iMin.  If any register iMin or
+** greater is in permanent use, then return one more than that last
+** permanent register.
+*/
+SQLITE_PRIVATE int sqlite3FirstAvailableRegister(Parse *pParse, int iMin){
+  const ExprList *pList = pParse->pConstExpr;
+  if( pList ){
+    int i;
+    for(i=0; inExpr; i++){
+      if( pList->a[i].u.iConstExprReg>=iMin ){
+        iMin = pList->a[i].u.iConstExprReg + 1;
+      }
+    }
+  }
+  pParse->nTempReg = 0;
+  pParse->nRangeReg = 0;
+  return iMin;
+}
+#endif /* SQLITE_ENABLE_STAT4 || SQLITE_DEBUG */
+
 /*
 ** Validate that no temporary register falls within the range of
 ** iFirst..iLast, inclusive.  This routine is only call from within assert()
@@ -110081,6 +112975,14 @@ SQLITE_PRIVATE int sqlite3NoTempsInRange(Parse *pParse, int iFirst, int iLast){
       return 0;
     }
   }
+  if( pParse->pConstExpr ){
+    ExprList *pList = pParse->pConstExpr;
+    for(i=0; inExpr; i++){
+      int iReg = pList->a[i].u.iConstExprReg;
+      if( iReg==0 ) continue;
+      if( iReg>=iFirst && iReg<=iLast ) return 0;
+    }
+  }
   return 1;
 }
 #endif /* SQLITE_DEBUG */
@@ -110830,13 +113732,14 @@ static void renameTokenCheckAll(Parse *pParse, const void *pPtr){
   assert( pParse->db->mallocFailed==0 || pParse->nErr!=0 );
   if( pParse->nErr==0 ){
     const RenameToken *p;
-    u8 i = 0;
+    u32 i = 1;
     for(p=pParse->pRename; p; p=p->pNext){
       if( p->p ){
         assert( p->p!=pPtr );
-        i += *(u8*)(p->p);
+        i += *(u8*)(p->p) | 1;
       }
     }
+    assert( i>0 );
   }
 }
 #else
@@ -111367,6 +114270,19 @@ static int renameEditSql(
   return rc;
 }
 
+/*
+** Set all pEList->a[].fg.eEName fields in the expression-list to val.
+*/
+static void renameSetENames(ExprList *pEList, int val){
+  if( pEList ){
+    int i;
+    for(i=0; inExpr; i++){
+      assert( val==ENAME_NAME || pEList->a[i].fg.eEName==ENAME_NAME );
+      pEList->a[i].fg.eEName = val;
+    }
+  }
+}
+
 /*
 ** Resolve all symbols in the trigger at pParse->pNewTrigger, assuming
 ** it was read from the schema of database zDb. Return SQLITE_OK if
@@ -111414,7 +114330,17 @@ static int renameResolveTrigger(Parse *pParse){
           pSrc = 0;
           rc = SQLITE_NOMEM;
         }else{
+          /* pStep->pExprList contains an expression-list used for an UPDATE
+          ** statement. So the a[].zEName values are the RHS of the
+          ** " = " clauses of the UPDATE statement. So, before
+          ** running SelectPrep(), change all the eEName values in
+          ** pStep->pExprList to ENAME_SPAN (from their current value of
+          ** ENAME_NAME). This is to prevent any ids in ON() clauses that are
+          ** part of pSrc from being incorrectly resolved against the
+          ** a[].zEName values as if they were column aliases.  */
+          renameSetENames(pStep->pExprList, ENAME_SPAN);
           sqlite3SelectPrep(pParse, pSel, 0);
+          renameSetENames(pStep->pExprList, ENAME_NAME);
           rc = pParse->nErr ? SQLITE_ERROR : SQLITE_OK;
           assert( pStep->pExprList==0 || pStep->pExprList==pSel->pEList );
           assert( pSrc==pSel->pSrc );
@@ -113322,6 +116248,7 @@ static void analyzeVdbeCommentIndexWithColumnName(
   if( NEVER(i==XN_ROWID) ){
     VdbeComment((v,"%s.rowid",pIdx->zName));
   }else if( i==XN_EXPR ){
+    assert( pIdx->bHasExpr );
     VdbeComment((v,"%s.expr(%d)",pIdx->zName, k));
   }else{
     VdbeComment((v,"%s.%s", pIdx->zName, pIdx->pTable->aCol[i].zCnName));
@@ -113362,11 +116289,15 @@ static void analyzeOneTable(
   int regIdxname = iMem++;     /* Register containing index name */
   int regStat1 = iMem++;       /* Value for the stat column of sqlite_stat1 */
   int regPrev = iMem;          /* MUST BE LAST (see below) */
+#ifdef SQLITE_ENABLE_STAT4
+  int doOnce = 1;              /* Flag for a one-time computation */
+#endif
 #ifdef SQLITE_ENABLE_PREUPDATE_HOOK
   Table *pStat1 = 0;
 #endif
 
-  pParse->nMem = MAX(pParse->nMem, iMem);
+  sqlite3TouchRegister(pParse, iMem);
+  assert( sqlite3NoTempsInRange(pParse, regNewRowid, iMem) );
   v = sqlite3GetVdbe(pParse);
   if( v==0 || NEVER(pTab==0) ){
     return;
@@ -113472,7 +116403,7 @@ static void analyzeOneTable(
     ** the regPrev array and a trailing rowid (the rowid slot is required
     ** when building a record to insert into the sample column of
     ** the sqlite_stat4 table.  */
-    pParse->nMem = MAX(pParse->nMem, regPrev+nColTest);
+    sqlite3TouchRegister(pParse, regPrev+nColTest);
 
     /* Open a read-only cursor on the index being analyzed. */
     assert( iDb==sqlite3SchemaToIndex(db, pIdx->pSchema) );
@@ -113644,7 +116575,35 @@ static void analyzeOneTable(
       int addrIsNull;
       u8 seekOp = HasRowid(pTab) ? OP_NotExists : OP_NotFound;
 
-      pParse->nMem = MAX(pParse->nMem, regCol+nCol);
+      if( doOnce ){
+        int mxCol = nCol;
+        Index *pX;
+
+        /* Compute the maximum number of columns in any index */
+        for(pX=pTab->pIndex; pX; pX=pX->pNext){
+          int nColX;                     /* Number of columns in pX */
+          if( !HasRowid(pTab) && IsPrimaryKeyIndex(pX) ){
+            nColX = pX->nKeyCol;
+          }else{
+            nColX = pX->nColumn;
+          }
+          if( nColX>mxCol ) mxCol = nColX;
+        }
+
+        /* Allocate space to compute results for the largest index */
+        sqlite3TouchRegister(pParse, regCol+mxCol);
+        doOnce = 0;
+#ifdef SQLITE_DEBUG
+        /* Verify that the call to sqlite3ClearTempRegCache() below
+        ** really is needed.
+        ** https://sqlite.org/forum/forumpost/83cb4a95a0 (2023-03-25)
+        */
+        testcase( !sqlite3NoTempsInRange(pParse, regEq, regCol+mxCol) );
+#endif
+        sqlite3ClearTempRegCache(pParse);  /* tag-20230325-1 */
+        assert( sqlite3NoTempsInRange(pParse, regEq, regCol+mxCol) );
+      }
+      assert( sqlite3NoTempsInRange(pParse, regEq, regCol+nCol) );
 
       addrNext = sqlite3VdbeCurrentAddr(v);
       callStatGet(pParse, regStat, STAT_GET_ROWID, regSampleRowid);
@@ -113725,6 +116684,11 @@ static void analyzeDatabase(Parse *pParse, int iDb){
   for(k=sqliteHashFirst(&pSchema->tblHash); k; k=sqliteHashNext(k)){
     Table *pTab = (Table*)sqliteHashData(k);
     analyzeOneTable(pParse, pTab, 0, iStatCur, iMem, iTab);
+#ifdef SQLITE_ENABLE_STAT4
+    iMem = sqlite3FirstAvailableRegister(pParse, iMem);
+#else
+    assert( iMem==sqlite3FirstAvailableRegister(pParse,iMem) );
+#endif
   }
   loadAnalysis(pParse, iDb);
 }
@@ -113965,6 +116929,8 @@ static int analysisLoader(void *pData, int argc, char **argv, char **NotUsed){
 ** and its contents.
 */
 SQLITE_PRIVATE void sqlite3DeleteIndexSamples(sqlite3 *db, Index *pIdx){
+  assert( db!=0 );
+  assert( pIdx!=0 );
 #ifdef SQLITE_ENABLE_STAT4
   if( pIdx->aSample ){
     int j;
@@ -113974,7 +116940,7 @@ SQLITE_PRIVATE void sqlite3DeleteIndexSamples(sqlite3 *db, Index *pIdx){
     }
     sqlite3DbFree(db, pIdx->aSample);
   }
-  if( db && db->pnBytesFreed==0 ){
+  if( db->pnBytesFreed==0 ){
     pIdx->nSample = 0;
     pIdx->aSample = 0;
   }
@@ -114110,6 +117076,10 @@ static int loadStatTbl(
     pIdx = findIndexOrPrimaryKey(db, zIndex, zDb);
     assert( pIdx==0 || pIdx->nSample==0 );
     if( pIdx==0 ) continue;
+    if( pIdx->aSample!=0 ){
+      /* The same index appears in sqlite_stat4 under multiple names */
+      continue;
+    }
     assert( !HasRowid(pIdx->pTable) || pIdx->nColumn==pIdx->nKeyCol+1 );
     if( !HasRowid(pIdx->pTable) && IsPrimaryKeyIndex(pIdx) ){
       nIdxCol = pIdx->nKeyCol;
@@ -114117,6 +117087,7 @@ static int loadStatTbl(
       nIdxCol = pIdx->nColumn;
     }
     pIdx->nSampleCol = nIdxCol;
+    pIdx->mxSample = nSample;
     nByte = sizeof(IndexSample) * nSample;
     nByte += sizeof(tRowcnt) * nIdxCol * 3 * nSample;
     nByte += nIdxCol * sizeof(tRowcnt);     /* Space for Index.aAvgEq[] */
@@ -114156,6 +117127,11 @@ static int loadStatTbl(
     if( zIndex==0 ) continue;
     pIdx = findIndexOrPrimaryKey(db, zIndex, zDb);
     if( pIdx==0 ) continue;
+    if( pIdx->nSample>=pIdx->mxSample ){
+      /* Too many slots used because the same index appears in
+      ** sqlite_stat4 using multiple names */
+      continue;
+    }
     /* This next condition is true if data has already been loaded from
     ** the sqlite_stat4 table. */
     nCol = pIdx->nSampleCol;
@@ -114199,11 +117175,12 @@ static int loadStat4(sqlite3 *db, const char *zDb){
   const Table *pStat4;
 
   assert( db->lookaside.bDisable );
-  if( (pStat4 = sqlite3FindTable(db, "sqlite_stat4", zDb))!=0
+  if( OptimizationEnabled(db, SQLITE_Stat4)
+   && (pStat4 = sqlite3FindTable(db, "sqlite_stat4", zDb))!=0
    && IsOrdinaryTable(pStat4)
   ){
     rc = loadStatTbl(db,
-      "SELECT idx,count(*) FROM %Q.sqlite_stat4 GROUP BY idx",
+      "SELECT idx,count(*) FROM %Q.sqlite_stat4 GROUP BY idx COLLATE nocase",
       "SELECT idx,neq,nlt,ndlt,sample FROM %Q.sqlite_stat4",
       zDb
     );
@@ -114393,7 +117370,7 @@ static void attachFunc(
   char *zErr = 0;
   unsigned int flags;
   Db *aNew;                 /* New array of Db pointers */
-  Db *pNew;                 /* Db object for the newly attached database */
+  Db *pNew = 0;             /* Db object for the newly attached database */
   char *zErrDyn = 0;
   sqlite3_vfs *pVfs;
 
@@ -114413,13 +117390,26 @@ static void attachFunc(
     /* This is not a real ATTACH.  Instead, this routine is being called
     ** from sqlite3_deserialize() to close database db->init.iDb and
     ** reopen it as a MemDB */
+    Btree *pNewBt = 0;
     pVfs = sqlite3_vfs_find("memdb");
     if( pVfs==0 ) return;
-    pNew = &db->aDb[db->init.iDb];
-    if( pNew->pBt ) sqlite3BtreeClose(pNew->pBt);
-    pNew->pBt = 0;
-    pNew->pSchema = 0;
-    rc = sqlite3BtreeOpen(pVfs, "x\0", db, &pNew->pBt, 0, SQLITE_OPEN_MAIN_DB);
+    rc = sqlite3BtreeOpen(pVfs, "x\0", db, &pNewBt, 0, SQLITE_OPEN_MAIN_DB);
+    if( rc==SQLITE_OK ){
+      Schema *pNewSchema = sqlite3SchemaGet(db, pNewBt);
+      if( pNewSchema ){
+        /* Both the Btree and the new Schema were allocated successfully.
+        ** Close the old db and update the aDb[] slot with the new memdb
+        ** values.  */
+        pNew = &db->aDb[db->init.iDb];
+        if( ALWAYS(pNew->pBt) ) sqlite3BtreeClose(pNew->pBt);
+        pNew->pBt = pNewBt;
+        pNew->pSchema = pNewSchema;
+      }else{
+        sqlite3BtreeClose(pNewBt);
+        rc = SQLITE_NOMEM;
+      }
+    }
+    if( rc ) goto attach_error;
   }else{
     /* This is a real ATTACH
     **
@@ -114532,7 +117522,7 @@ static void attachFunc(
   }
 #endif
   if( rc ){
-    if( !REOPEN_AS_MEMDB(db) ){
+    if( ALWAYS(!REOPEN_AS_MEMDB(db)) ){
       int iDb = db->nDb - 1;
       assert( iDb>=2 );
       if( db->aDb[iDb].pBt ){
@@ -114649,6 +117639,8 @@ static void codeAttach(
   sqlite3* db = pParse->db;
   int regArgs;
 
+  if( SQLITE_OK!=sqlite3ReadSchema(pParse) ) goto attach_end;
+
   if( pParse->nErr ) goto attach_end;
   memset(&sName, 0, sizeof(NameContext));
   sName.pParse = pParse;
@@ -115324,6 +118316,7 @@ SQLITE_PRIVATE int sqlite3DbMaskAllZero(yDbMask m){
 SQLITE_PRIVATE void sqlite3FinishCoding(Parse *pParse){
   sqlite3 *db;
   Vdbe *v;
+  int iDb, i;
 
   assert( pParse->pToplevel==0 );
   db = pParse->db;
@@ -115353,7 +118346,6 @@ SQLITE_PRIVATE void sqlite3FinishCoding(Parse *pParse){
     if( pParse->bReturning ){
       Returning *pReturning = pParse->u1.pReturning;
       int addrRewind;
-      int i;
       int reg;
 
       if( pReturning->nRetCol ){
@@ -115390,76 +118382,69 @@ SQLITE_PRIVATE void sqlite3FinishCoding(Parse *pParse){
     ** transaction on each used database and to verify the schema cookie
     ** on each used database.
     */
-    if( db->mallocFailed==0
-     && (DbMaskNonZero(pParse->cookieMask) || pParse->pConstExpr)
-    ){
-      int iDb, i;
-      assert( sqlite3VdbeGetOp(v, 0)->opcode==OP_Init );
-      sqlite3VdbeJumpHere(v, 0);
-      assert( db->nDb>0 );
-      iDb = 0;
-      do{
-        Schema *pSchema;
-        if( DbMaskTest(pParse->cookieMask, iDb)==0 ) continue;
-        sqlite3VdbeUsesBtree(v, iDb);
-        pSchema = db->aDb[iDb].pSchema;
-        sqlite3VdbeAddOp4Int(v,
-          OP_Transaction,                    /* Opcode */
-          iDb,                               /* P1 */
-          DbMaskTest(pParse->writeMask,iDb), /* P2 */
-          pSchema->schema_cookie,            /* P3 */
-          pSchema->iGeneration               /* P4 */
-        );
-        if( db->init.busy==0 ) sqlite3VdbeChangeP5(v, 1);
-        VdbeComment((v,
-              "usesStmtJournal=%d", pParse->mayAbort && pParse->isMultiWrite));
-      }while( ++iDbnDb );
+    assert( pParse->nErr>0 || sqlite3VdbeGetOp(v, 0)->opcode==OP_Init );
+    sqlite3VdbeJumpHere(v, 0);
+    assert( db->nDb>0 );
+    iDb = 0;
+    do{
+      Schema *pSchema;
+      if( DbMaskTest(pParse->cookieMask, iDb)==0 ) continue;
+      sqlite3VdbeUsesBtree(v, iDb);
+      pSchema = db->aDb[iDb].pSchema;
+      sqlite3VdbeAddOp4Int(v,
+        OP_Transaction,                    /* Opcode */
+        iDb,                               /* P1 */
+        DbMaskTest(pParse->writeMask,iDb), /* P2 */
+        pSchema->schema_cookie,            /* P3 */
+        pSchema->iGeneration               /* P4 */
+      );
+      if( db->init.busy==0 ) sqlite3VdbeChangeP5(v, 1);
+      VdbeComment((v,
+            "usesStmtJournal=%d", pParse->mayAbort && pParse->isMultiWrite));
+    }while( ++iDbnDb );
 #ifndef SQLITE_OMIT_VIRTUALTABLE
-      for(i=0; inVtabLock; i++){
-        char *vtab = (char *)sqlite3GetVTable(db, pParse->apVtabLock[i]);
-        sqlite3VdbeAddOp4(v, OP_VBegin, 0, 0, 0, vtab, P4_VTAB);
-      }
-      pParse->nVtabLock = 0;
+    for(i=0; inVtabLock; i++){
+      char *vtab = (char *)sqlite3GetVTable(db, pParse->apVtabLock[i]);
+      sqlite3VdbeAddOp4(v, OP_VBegin, 0, 0, 0, vtab, P4_VTAB);
+    }
+    pParse->nVtabLock = 0;
 #endif
 
-      /* Once all the cookies have been verified and transactions opened,
-      ** obtain the required table-locks. This is a no-op unless the
-      ** shared-cache feature is enabled.
-      */
-      codeTableLocks(pParse);
+    /* Once all the cookies have been verified and transactions opened,
+    ** obtain the required table-locks. This is a no-op unless the
+    ** shared-cache feature is enabled.
+    */
+    codeTableLocks(pParse);
 
-      /* Initialize any AUTOINCREMENT data structures required.
-      */
-      sqlite3AutoincrementBegin(pParse);
+    /* Initialize any AUTOINCREMENT data structures required.
+    */
+    sqlite3AutoincrementBegin(pParse);
 
-      /* Code constant expressions that where factored out of inner loops.
-      **
-      ** The pConstExpr list might also contain expressions that we simply
-      ** want to keep around until the Parse object is deleted.  Such
-      ** expressions have iConstExprReg==0.  Do not generate code for
-      ** those expressions, of course.
-      */
-      if( pParse->pConstExpr ){
-        ExprList *pEL = pParse->pConstExpr;
-        pParse->okConstFactor = 0;
-        for(i=0; inExpr; i++){
-          int iReg = pEL->a[i].u.iConstExprReg;
-          if( iReg>0 ){
-            sqlite3ExprCode(pParse, pEL->a[i].pExpr, iReg);
-          }
-        }
+    /* Code constant expressions that where factored out of inner loops.
+    **
+    ** The pConstExpr list might also contain expressions that we simply
+    ** want to keep around until the Parse object is deleted.  Such
+    ** expressions have iConstExprReg==0.  Do not generate code for
+    ** those expressions, of course.
+    */
+    if( pParse->pConstExpr ){
+      ExprList *pEL = pParse->pConstExpr;
+      pParse->okConstFactor = 0;
+      for(i=0; inExpr; i++){
+        int iReg = pEL->a[i].u.iConstExprReg;
+        sqlite3ExprCode(pParse, pEL->a[i].pExpr, iReg);
       }
+    }
 
-      if( pParse->bReturning ){
-        Returning *pRet = pParse->u1.pReturning;
-        if( pRet->nRetCol ){
-          sqlite3VdbeAddOp2(v, OP_OpenEphemeral, pRet->iRetCur, pRet->nRetCol);
-        }
+    if( pParse->bReturning ){
+      Returning *pRet = pParse->u1.pReturning;
+      if( pRet->nRetCol ){
+        sqlite3VdbeAddOp2(v, OP_OpenEphemeral, pRet->iRetCur, pRet->nRetCol);
       }
-
-      /* Finally, jump back to the beginning of the executable code. */
-      sqlite3VdbeGoto(v, 1);
     }
+
+    /* Finally, jump back to the beginning of the executable code. */
+    sqlite3VdbeGoto(v, 1);
   }
 
   /* Get the VDBE program ready for execution
@@ -115498,6 +118483,7 @@ SQLITE_PRIVATE void sqlite3NestedParse(Parse *pParse, const char *zFormat, ...){
   char saveBuf[PARSE_TAIL_SZ];
 
   if( pParse->nErr ) return;
+  if( pParse->eParseMode ) return;
   assert( pParse->nested<10 );  /* Nesting should only be of limited depth */
   va_start(ap, zFormat);
   zSql = sqlite3VMPrintf(db, zFormat, ap);
@@ -115644,7 +118630,7 @@ SQLITE_PRIVATE Table *sqlite3LocateTable(
     /* If zName is the not the name of a table in the schema created using
     ** CREATE, then check to see if it is the name of an virtual table that
     ** can be an eponymous virtual table. */
-    if( pParse->disableVtab==0 && db->init.busy==0 ){
+    if( (pParse->prepFlags & SQLITE_PREPARE_NO_VTAB)==0 && db->init.busy==0 ){
       Module *pMod = (Module*)sqlite3HashFind(&db->aModule, zName);
       if( pMod==0 && sqlite3_strnicmp(zName, "pragma_", 7)==0 ){
         pMod = sqlite3PragmaVtabRegister(db, zName);
@@ -115657,7 +118643,7 @@ SQLITE_PRIVATE Table *sqlite3LocateTable(
 #endif
     if( flags & LOCATE_NOERR ) return 0;
     pParse->checkSchema = 1;
-  }else if( IsVirtual(p) && pParse->disableVtab ){
+  }else if( IsVirtual(p) && (pParse->prepFlags & SQLITE_PREPARE_NO_VTAB)!=0 ){
     p = 0;
   }
 
@@ -115966,16 +118952,17 @@ SQLITE_PRIVATE void sqlite3DeleteColumnNames(sqlite3 *db, Table *pTable){
   int i;
   Column *pCol;
   assert( pTable!=0 );
+  assert( db!=0 );
   if( (pCol = pTable->aCol)!=0 ){
     for(i=0; inCol; i++, pCol++){
       assert( pCol->zCnName==0 || pCol->hName==sqlite3StrIHash(pCol->zCnName) );
       sqlite3DbFree(db, pCol->zCnName);
     }
-    sqlite3DbFree(db, pTable->aCol);
+    sqlite3DbNNFreeNN(db, pTable->aCol);
     if( IsOrdinaryTable(pTable) ){
       sqlite3ExprListDelete(db, pTable->u.tab.pDfltList);
     }
-    if( db==0 || db->pnBytesFreed==0 ){
+    if( db->pnBytesFreed==0 ){
       pTable->aCol = 0;
       pTable->nCol = 0;
       if( IsOrdinaryTable(pTable) ){
@@ -116012,7 +118999,8 @@ static void SQLITE_NOINLINE deleteTable(sqlite3 *db, Table *pTable){
   ** a Table object that was going to be marked ephemeral. So do not check
   ** that no lookaside memory is used in this case either. */
   int nLookaside = 0;
-  if( db && !db->mallocFailed && (pTable->tabFlags & TF_Ephemeral)==0 ){
+  assert( db!=0 );
+  if( !db->mallocFailed && (pTable->tabFlags & TF_Ephemeral)==0 ){
     nLookaside = sqlite3LookasideUsed(db, 0);
   }
 #endif
@@ -116022,7 +119010,7 @@ static void SQLITE_NOINLINE deleteTable(sqlite3 *db, Table *pTable){
     pNext = pIndex->pNext;
     assert( pIndex->pSchema==pTable->pSchema
          || (IsVirtual(pTable) && pIndex->idxType!=SQLITE_IDXTYPE_APPDEF) );
-    if( (db==0 || db->pnBytesFreed==0) && !IsVirtual(pTable) ){
+    if( db->pnBytesFreed==0 && !IsVirtual(pTable) ){
       char *zName = pIndex->zName;
       TESTONLY ( Index *pOld = ) sqlite3HashInsert(
          &pIndex->pSchema->idxHash, zName, 0
@@ -116036,7 +119024,7 @@ static void SQLITE_NOINLINE deleteTable(sqlite3 *db, Table *pTable){
   if( IsOrdinaryTable(pTable) ){
     sqlite3FkDelete(db, pTable);
   }
-#ifndef SQLITE_OMIT_VIRTUAL_TABLE
+#ifndef SQLITE_OMIT_VIRTUALTABLE
   else if( IsVirtual(pTable) ){
     sqlite3VtabClear(db, pTable);
   }
@@ -116059,8 +119047,9 @@ static void SQLITE_NOINLINE deleteTable(sqlite3 *db, Table *pTable){
 }
 SQLITE_PRIVATE void sqlite3DeleteTable(sqlite3 *db, Table *pTable){
   /* Do not delete the table until the reference count reaches zero. */
+  assert( db!=0 );
   if( !pTable ) return;
-  if( ((!db || db->pnBytesFreed==0) && (--pTable->nTabRef)>0) ) return;
+  if( db->pnBytesFreed==0 && (--pTable->nTabRef)>0 ) return;
   deleteTable(db, pTable);
 }
 
@@ -116638,7 +119627,7 @@ SQLITE_PRIVATE void sqlite3AddReturning(Parse *pParse, ExprList *pList){
   if( pParse->pNewTrigger ){
     sqlite3ErrorMsg(pParse, "cannot use RETURNING in a trigger");
   }else{
-    assert( pParse->bReturning==0 );
+    assert( pParse->bReturning==0 || pParse->ifNotExists );
   }
   pParse->bReturning = 1;
   pRet = sqlite3DbMallocZero(db, sizeof(*pRet));
@@ -116664,7 +119653,8 @@ SQLITE_PRIVATE void sqlite3AddReturning(Parse *pParse, ExprList *pList){
   pRet->retTStep.pTrig = &pRet->retTrig;
   pRet->retTStep.pExprList = pList;
   pHash = &(db->aDb[1].pSchema->trigHash);
-  assert( sqlite3HashFind(pHash, RETURNING_TRIGGER_NAME)==0 || pParse->nErr );
+  assert( sqlite3HashFind(pHash, RETURNING_TRIGGER_NAME)==0
+          || pParse->nErr  || pParse->ifNotExists );
   if( sqlite3HashInsert(pHash, RETURNING_TRIGGER_NAME, &pRet->retTrig)
           ==&pRet->retTrig ){
     sqlite3OomFault(db);
@@ -117192,6 +120182,14 @@ SQLITE_PRIVATE void sqlite3AddGenerated(Parse *pParse, Expr *pExpr, Token *pType
   if( pCol->colFlags & COLFLAG_PRIMKEY ){
     makeColumnPartOfPrimaryKey(pParse, pCol); /* For the error message */
   }
+  if( ALWAYS(pExpr) && pExpr->op==TK_ID ){
+    /* The value of a generated column needs to be a real expression, not
+    ** just a reference to another column, in order for covering index
+    ** optimizations to work correctly.  So if the value is not an expression,
+    ** turn it into one by adding a unary "+" operator. */
+    pExpr = sqlite3PExpr(pParse, TK_UPLUS, pExpr, 0);
+  }
+  if( pExpr && pExpr->op!=TK_RAISE ) pExpr->affExpr = pCol->affinity;
   sqlite3ColumnSetExpr(pParse, pTab, pCol, pExpr);
   pExpr = 0;
   goto generated_done;
@@ -117328,7 +120326,8 @@ static char *createTableStmt(sqlite3 *db, Table *p){
         /* SQLITE_AFF_TEXT    */ " TEXT",
         /* SQLITE_AFF_NUMERIC */ " NUM",
         /* SQLITE_AFF_INTEGER */ " INT",
-        /* SQLITE_AFF_REAL    */ " REAL"
+        /* SQLITE_AFF_REAL    */ " REAL",
+        /* SQLITE_AFF_FLEXNUM */ " NUM",
     };
     int len;
     const char *zType;
@@ -117344,10 +120343,12 @@ static char *createTableStmt(sqlite3 *db, Table *p){
     testcase( pCol->affinity==SQLITE_AFF_NUMERIC );
     testcase( pCol->affinity==SQLITE_AFF_INTEGER );
     testcase( pCol->affinity==SQLITE_AFF_REAL );
+    testcase( pCol->affinity==SQLITE_AFF_FLEXNUM );
 
     zType = azType[pCol->affinity - SQLITE_AFF_BLOB];
     len = sqlite3Strlen30(zType);
     assert( pCol->affinity==SQLITE_AFF_BLOB
+            || pCol->affinity==SQLITE_AFF_FLEXNUM
             || pCol->affinity==sqlite3AffinityType(zType, 0) );
     memcpy(&zStmt[k], zType, len);
     k += len;
@@ -117464,7 +120465,8 @@ static int isDupColumn(Index *pIdx, int nKey, Index *pPk, int iCol){
 /* Recompute the colNotIdxed field of the Index.
 **
 ** colNotIdxed is a bitmask that has a 0 bit representing each indexed
-** columns that are within the first 63 columns of the table.  The
+** columns that are within the first 63 columns of the table and a 1 for
+** all other bits (all columns that are not in the index).  The
 ** high-order bit of colNotIdxed is always 1.  All unindexed columns
 ** of the table have a 1.
 **
@@ -117492,7 +120494,7 @@ static void recomputeColumnsNotIndexed(Index *pIdx){
     }
   }
   pIdx->colNotIdxed = ~m;
-  assert( (pIdx->colNotIdxed>>63)==1 );
+  assert( (pIdx->colNotIdxed>>63)==1 );  /* See note-20221022-a */
 }
 
 /*
@@ -117761,6 +120763,7 @@ SQLITE_PRIVATE int sqlite3ShadowTableName(sqlite3 *db, const char *zName){
 ** not pass them into code generator routines by mistake.
 */
 static int markImmutableExprStep(Walker *pWalker, Expr *pExpr){
+  (void)pWalker;
   ExprSetVVAProperty(pExpr, EP_Immutable);
   return WRC_Continue;
 }
@@ -118233,7 +121236,7 @@ SQLITE_PRIVATE void sqlite3CreateView(
 ** the columns of the view in the pTable structure.  Return the number
 ** of errors.  If an error is seen leave an error message in pParse->zErrMsg.
 */
-SQLITE_PRIVATE int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){
+static SQLITE_NOINLINE int viewGetColumnNames(Parse *pParse, Table *pTable){
   Table *pSelTab;   /* A fake table from which we get the result set */
   Select *pSel;     /* Copy of the SELECT that implements the view */
   int nErr = 0;     /* Number of errors encountered */
@@ -118258,9 +121261,10 @@ SQLITE_PRIVATE int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){
 
 #ifndef SQLITE_OMIT_VIEW
   /* A positive nCol means the columns names for this view are
-  ** already known.
+  ** already known.  This routine is not called unless either the
+  ** table is virtual or nCol is zero.
   */
-  if( pTable->nCol>0 ) return 0;
+  assert( pTable->nCol<=0 );
 
   /* A negative nCol is a special marker meaning that we are currently
   ** trying to compute the column names.  If we enter this routine with
@@ -118326,8 +121330,7 @@ SQLITE_PRIVATE int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){
        && pTable->nCol==pSel->pEList->nExpr
       ){
         assert( db->mallocFailed==0 );
-        sqlite3SelectAddColumnTypeAndCollation(pParse, pTable, pSel,
-                                               SQLITE_AFF_NONE);
+        sqlite3SubqueryColumnTypes(pParse, pTable, pSel, SQLITE_AFF_NONE);
       }
     }else{
       /* CREATE VIEW name AS...  without an argument list.  Construct
@@ -118356,6 +121359,11 @@ SQLITE_PRIVATE int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){
 #endif /* SQLITE_OMIT_VIEW */
   return nErr;
 }
+SQLITE_PRIVATE int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){
+  assert( pTable!=0 );
+  if( !IsVirtual(pTable) && pTable->nCol>0 ) return 0;
+  return viewGetColumnNames(pParse, pTable);
+}
 #endif /* !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_VIRTUALTABLE) */
 
 #ifndef SQLITE_OMIT_VIEW
@@ -119221,7 +122229,7 @@ SQLITE_PRIVATE void sqlite3CreateIndex(
     }
     if( !IN_RENAME_OBJECT ){
       if( !db->init.busy ){
-        if( sqlite3FindTable(db, zName, 0)!=0 ){
+        if( sqlite3FindTable(db, zName, pDb->zDbSName)!=0 ){
           sqlite3ErrorMsg(pParse, "there is already a table named %s", zName);
           goto exit_create_index;
         }
@@ -119374,6 +122382,7 @@ SQLITE_PRIVATE void sqlite3CreateIndex(
       j = XN_EXPR;
       pIndex->aiColumn[i] = XN_EXPR;
       pIndex->uniqNotNull = 0;
+      pIndex->bHasExpr = 1;
     }else{
       j = pCExpr->iColumn;
       assert( j<=0x7fff );
@@ -119385,6 +122394,7 @@ SQLITE_PRIVATE void sqlite3CreateIndex(
         }
         if( pTab->aCol[j].colFlags & COLFLAG_VIRTUAL ){
           pIndex->bHasVCol = 1;
+          pIndex->bHasExpr = 1;
         }
       }
       pIndex->aiColumn[i] = (i16)j;
@@ -119874,12 +122884,13 @@ SQLITE_PRIVATE IdList *sqlite3IdListAppend(Parse *pParse, IdList *pList, Token *
 */
 SQLITE_PRIVATE void sqlite3IdListDelete(sqlite3 *db, IdList *pList){
   int i;
+  assert( db!=0 );
   if( pList==0 ) return;
   assert( pList->eU4!=EU4_EXPR ); /* EU4_EXPR mode is not currently used */
   for(i=0; inId; i++){
     sqlite3DbFree(db, pList->a[i].zName);
   }
-  sqlite3DbFreeNN(db, pList);
+  sqlite3DbNNFreeNN(db, pList);
 }
 
 /*
@@ -120082,11 +123093,12 @@ SQLITE_PRIVATE void sqlite3SrcListAssignCursors(Parse *pParse, SrcList *pList){
 SQLITE_PRIVATE void sqlite3SrcListDelete(sqlite3 *db, SrcList *pList){
   int i;
   SrcItem *pItem;
+  assert( db!=0 );
   if( pList==0 ) return;
   for(pItem=pList->a, i=0; inSrc; i++, pItem++){
-    if( pItem->zDatabase ) sqlite3DbFreeNN(db, pItem->zDatabase);
-    sqlite3DbFree(db, pItem->zName);
-    if( pItem->zAlias ) sqlite3DbFreeNN(db, pItem->zAlias);
+    if( pItem->zDatabase ) sqlite3DbNNFreeNN(db, pItem->zDatabase);
+    if( pItem->zName ) sqlite3DbNNFreeNN(db, pItem->zName);
+    if( pItem->zAlias ) sqlite3DbNNFreeNN(db, pItem->zAlias);
     if( pItem->fg.isIndexedBy ) sqlite3DbFree(db, pItem->u1.zIndexedBy);
     if( pItem->fg.isTabFunc ) sqlite3ExprListDelete(db, pItem->u1.pFuncArg);
     sqlite3DeleteTable(db, pItem->pTab);
@@ -120097,7 +123109,7 @@ SQLITE_PRIVATE void sqlite3SrcListDelete(sqlite3 *db, SrcList *pList){
       sqlite3ExprDelete(db, pItem->u3.pOn);
     }
   }
-  sqlite3DbFreeNN(db, pList);
+  sqlite3DbNNFreeNN(db, pList);
 }
 
 /*
@@ -121044,6 +124056,7 @@ SQLITE_PRIVATE void sqlite3SetTextEncoding(sqlite3 *db, u8 enc){
   ** strings is BINARY.
   */
   db->pDfltColl = sqlite3FindCollSeq(db, enc, sqlite3StrBINARY, 0);
+  sqlite3ExpirePreparedStatements(db, 1);
 }
 
 /*
@@ -121349,19 +124362,21 @@ SQLITE_PRIVATE void sqlite3SchemaClear(void *p){
   Hash temp2;
   HashElem *pElem;
   Schema *pSchema = (Schema *)p;
+  sqlite3 xdb;
 
+  memset(&xdb, 0, sizeof(xdb));
   temp1 = pSchema->tblHash;
   temp2 = pSchema->trigHash;
   sqlite3HashInit(&pSchema->trigHash);
   sqlite3HashClear(&pSchema->idxHash);
   for(pElem=sqliteHashFirst(&temp2); pElem; pElem=sqliteHashNext(pElem)){
-    sqlite3DeleteTrigger(0, (Trigger*)sqliteHashData(pElem));
+    sqlite3DeleteTrigger(&xdb, (Trigger*)sqliteHashData(pElem));
   }
   sqlite3HashClear(&temp2);
   sqlite3HashInit(&pSchema->tblHash);
   for(pElem=sqliteHashFirst(&temp1); pElem; pElem=sqliteHashNext(pElem)){
     Table *pTab = sqliteHashData(pElem);
-    sqlite3DeleteTable(0, pTab);
+    sqlite3DeleteTable(&xdb, pTab);
   }
   sqlite3HashClear(&temp1);
   sqlite3HashClear(&pSchema->fkeyHash);
@@ -121460,18 +124475,42 @@ SQLITE_PRIVATE void sqlite3CodeChangeCount(Vdbe *v, int regCounter, const char *
 **   1) It is a virtual table and no implementation of the xUpdate method
 **      has been provided
 **
-**   2) It is a system table (i.e. sqlite_schema), this call is not
+**   2) A trigger is currently being coded and the table is a virtual table
+**      that is SQLITE_VTAB_DIRECTONLY or if PRAGMA trusted_schema=OFF and
+**      the table is not SQLITE_VTAB_INNOCUOUS.
+**
+**   3) It is a system table (i.e. sqlite_schema), this call is not
 **      part of a nested parse and writable_schema pragma has not
 **      been specified
 **
-**   3) The table is a shadow table, the database connection is in
+**   4) The table is a shadow table, the database connection is in
 **      defensive mode, and the current sqlite3_prepare()
 **      is for a top-level SQL statement.
 */
+static int vtabIsReadOnly(Parse *pParse, Table *pTab){
+  if( sqlite3GetVTable(pParse->db, pTab)->pMod->pModule->xUpdate==0 ){
+    return 1;
+  }
+
+  /* Within triggers:
+  **   *  Do not allow DELETE, INSERT, or UPDATE of SQLITE_VTAB_DIRECTONLY
+  **      virtual tables
+  **   *  Only allow DELETE, INSERT, or UPDATE of non-SQLITE_VTAB_INNOCUOUS
+  **      virtual tables if PRAGMA trusted_schema=ON.
+  */
+  if( pParse->pToplevel!=0
+   && pTab->u.vtab.p->eVtabRisk >
+           ((pParse->db->flags & SQLITE_TrustedSchema)!=0)
+  ){
+    sqlite3ErrorMsg(pParse, "unsafe use of virtual table \"%s\"",
+      pTab->zName);
+  }
+  return 0;
+}
 static int tabIsReadOnly(Parse *pParse, Table *pTab){
   sqlite3 *db;
   if( IsVirtual(pTab) ){
-    return sqlite3GetVTable(pParse->db, pTab)->pMod->pModule->xUpdate==0;
+    return vtabIsReadOnly(pParse, pTab);
   }
   if( (pTab->tabFlags & (TF_Readonly|TF_Shadow))==0 ) return 0;
   db = pParse->db;
@@ -121483,17 +124522,21 @@ static int tabIsReadOnly(Parse *pParse, Table *pTab){
 }
 
 /*
-** Check to make sure the given table is writable.  If it is not
-** writable, generate an error message and return 1.  If it is
-** writable return 0;
+** Check to make sure the given table is writable.
+**
+** If pTab is not writable  ->  generate an error message and return 1.
+** If pTab is writable but other errors have occurred -> return 1.
+** If pTab is writable and no prior errors -> return 0;
 */
-SQLITE_PRIVATE int sqlite3IsReadOnly(Parse *pParse, Table *pTab, int viewOk){
+SQLITE_PRIVATE int sqlite3IsReadOnly(Parse *pParse, Table *pTab, Trigger *pTrigger){
   if( tabIsReadOnly(pParse, pTab) ){
     sqlite3ErrorMsg(pParse, "table %s may not be modified", pTab->zName);
     return 1;
   }
 #ifndef SQLITE_OMIT_VIEW
-  if( !viewOk && IsView(pTab) ){
+  if( IsView(pTab)
+   && (pTrigger==0 || (pTrigger->bReturning && pTrigger->pNext==0))
+  ){
     sqlite3ErrorMsg(pParse,"cannot modify %s because it is a view",pTab->zName);
     return 1;
   }
@@ -121747,7 +124790,7 @@ SQLITE_PRIVATE void sqlite3DeleteFrom(
     goto delete_from_cleanup;
   }
 
-  if( sqlite3IsReadOnly(pParse, pTab, (pTrigger?1:0)) ){
+  if( sqlite3IsReadOnly(pParse, pTab, pTrigger) ){
     goto delete_from_cleanup;
   }
   iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
@@ -121846,16 +124889,17 @@ SQLITE_PRIVATE void sqlite3DeleteFrom(
     }
     for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
       assert( pIdx->pSchema==pTab->pSchema );
-      sqlite3VdbeAddOp2(v, OP_Clear, pIdx->tnum, iDb);
       if( IsPrimaryKeyIndex(pIdx) && !HasRowid(pTab) ){
-        sqlite3VdbeChangeP3(v, -1, memCnt ? memCnt : -1);
+        sqlite3VdbeAddOp3(v, OP_Clear, pIdx->tnum, iDb, memCnt ? memCnt : -1);
+      }else{
+        sqlite3VdbeAddOp2(v, OP_Clear, pIdx->tnum, iDb);
       }
     }
   }else
 #endif /* SQLITE_OMIT_TRUNCATE_OPTIMIZATION */
   {
     u16 wcf = WHERE_ONEPASS_DESIRED|WHERE_DUPLICATES_OK;
-    if( sNC.ncFlags & NC_VarSelect ) bComplex = 1;
+    if( sNC.ncFlags & NC_Subquery ) bComplex = 1;
     wcf |= (bComplex ? 0 : WHERE_ONEPASS_MULTIROW);
     if( HasRowid(pTab) ){
       /* For a rowid table, initialize the RowSet to an empty set */
@@ -122048,7 +125092,7 @@ SQLITE_PRIVATE void sqlite3DeleteFrom(
   sqlite3ExprListDelete(db, pOrderBy);
   sqlite3ExprDelete(db, pLimit);
 #endif
-  sqlite3DbFree(db, aToOpen);
+  if( aToOpen ) sqlite3DbNNFreeNN(db, aToOpen);
   return;
 }
 /* Make sure "isView" and other macros defined above are undefined. Otherwise
@@ -123131,7 +126175,7 @@ static int patternCompare(
       ** c but in the other case and search the input string for either
       ** c or cx.
       */
-      if( c<=0x80 ){
+      if( c<0x80 ){
         char zStop[3];
         int bMatch;
         if( noCase ){
@@ -123214,7 +126258,13 @@ static int patternCompare(
 ** non-zero if there is no match.
 */
 SQLITE_API int sqlite3_strglob(const char *zGlobPattern, const char *zString){
-  return patternCompare((u8*)zGlobPattern, (u8*)zString, &globInfo, '[');
+  if( zString==0 ){
+    return zGlobPattern!=0;
+  }else if( zGlobPattern==0 ){
+    return 1;
+  }else {
+    return patternCompare((u8*)zGlobPattern, (u8*)zString, &globInfo, '[');
+  }
 }
 
 /*
@@ -123222,7 +126272,13 @@ SQLITE_API int sqlite3_strglob(const char *zGlobPattern, const char *zString){
 ** a miss - like strcmp().
 */
 SQLITE_API int sqlite3_strlike(const char *zPattern, const char *zStr, unsigned int esc){
-  return patternCompare((u8*)zPattern, (u8*)zStr, &likeInfoNorm, esc);
+  if( zStr==0 ){
+    return zPattern!=0;
+  }else if( zPattern==0 ){
+    return 1;
+  }else{
+    return patternCompare((u8*)zPattern, (u8*)zStr, &likeInfoNorm, esc);
+  }
 }
 
 /*
@@ -123461,7 +126517,7 @@ SQLITE_PRIVATE void sqlite3QuoteValue(StrAccum *pStr, sqlite3_value *pValue){
     }
     case SQLITE_BLOB: {
       char const *zBlob = sqlite3_value_blob(pValue);
-      int nBlob = sqlite3_value_bytes(pValue);
+      i64 nBlob = sqlite3_value_bytes(pValue);
       assert( zBlob==sqlite3_value_blob(pValue) ); /* No encoding change */
       sqlite3StrAccumEnlarge(pStr, nBlob*2 + 4);
       if( pStr->accError==0 ){
@@ -123602,6 +126658,96 @@ static void hexFunc(
   }
 }
 
+/*
+** Buffer zStr contains nStr bytes of utf-8 encoded text. Return 1 if zStr
+** contains character ch, or 0 if it does not.
+*/
+static int strContainsChar(const u8 *zStr, int nStr, u32 ch){
+  const u8 *zEnd = &zStr[nStr];
+  const u8 *z = zStr;
+  while( zpSchema);
-      Token tFrom;
-      Token tDb;
+      SrcList *pSrc;
       Expr *pRaise;
 
-      tFrom.z = zFrom;
-      tFrom.n = nFrom;
-      tDb.z = db->aDb[iDb].zDbSName;
-      tDb.n = sqlite3Strlen30(tDb.z);
-
       pRaise = sqlite3Expr(db, TK_RAISE, "FOREIGN KEY constraint failed");
       if( pRaise ){
         pRaise->affExpr = OE_Abort;
       }
+      pSrc = sqlite3SrcListAppend(pParse, 0, 0, 0);
+      if( pSrc ){
+        assert( pSrc->nSrc==1 );
+        pSrc->a[0].zName = sqlite3DbStrDup(db, zFrom);
+        pSrc->a[0].zDatabase = sqlite3DbStrDup(db, db->aDb[iDb].zDbSName);
+      }
       pSelect = sqlite3SelectNew(pParse,
           sqlite3ExprListAppend(pParse, 0, pRaise),
-          sqlite3SrcListAppend(pParse, 0, &tDb, &tFrom),
+          pSrc,
           pWhere,
           0, 0, 0, 0, 0
       );
@@ -126216,11 +129378,12 @@ SQLITE_PRIVATE void sqlite3FkDelete(sqlite3 *db, Table *pTab){
   FKey *pNext;                    /* Copy of pFKey->pNextFrom */
 
   assert( IsOrdinaryTable(pTab) );
+  assert( db!=0 );
   for(pFKey=pTab->u.tab.pFKey; pFKey; pFKey=pNext){
     assert( db==0 || sqlite3SchemaMutexHeld(db, 0, pTab->pSchema) );
 
     /* Remove the FK from the fkeyHash hash table. */
-    if( !db || db->pnBytesFreed==0 ){
+    if( db->pnBytesFreed==0 ){
       if( pFKey->pPrevTo ){
         pFKey->pPrevTo->pNextTo = pFKey->pNextTo;
       }else{
@@ -126324,43 +129487,68 @@ SQLITE_PRIVATE void sqlite3OpenTable(
 ** is managed along with the rest of the Index structure. It will be
 ** released when sqlite3DeleteIndex() is called.
 */
-SQLITE_PRIVATE const char *sqlite3IndexAffinityStr(sqlite3 *db, Index *pIdx){
+static SQLITE_NOINLINE const char *computeIndexAffStr(sqlite3 *db, Index *pIdx){
+  /* The first time a column affinity string for a particular index is
+  ** required, it is allocated and populated here. It is then stored as
+  ** a member of the Index structure for subsequent use.
+  **
+  ** The column affinity string will eventually be deleted by
+  ** sqliteDeleteIndex() when the Index structure itself is cleaned
+  ** up.
+  */
+  int n;
+  Table *pTab = pIdx->pTable;
+  pIdx->zColAff = (char *)sqlite3DbMallocRaw(0, pIdx->nColumn+1);
   if( !pIdx->zColAff ){
-    /* The first time a column affinity string for a particular index is
-    ** required, it is allocated and populated here. It is then stored as
-    ** a member of the Index structure for subsequent use.
-    **
-    ** The column affinity string will eventually be deleted by
-    ** sqliteDeleteIndex() when the Index structure itself is cleaned
-    ** up.
-    */
-    int n;
-    Table *pTab = pIdx->pTable;
-    pIdx->zColAff = (char *)sqlite3DbMallocRaw(0, pIdx->nColumn+1);
-    if( !pIdx->zColAff ){
-      sqlite3OomFault(db);
-      return 0;
+    sqlite3OomFault(db);
+    return 0;
+  }
+  for(n=0; nnColumn; n++){
+    i16 x = pIdx->aiColumn[n];
+    char aff;
+    if( x>=0 ){
+      aff = pTab->aCol[x].affinity;
+    }else if( x==XN_ROWID ){
+      aff = SQLITE_AFF_INTEGER;
+    }else{
+      assert( x==XN_EXPR );
+      assert( pIdx->bHasExpr );
+      assert( pIdx->aColExpr!=0 );
+      aff = sqlite3ExprAffinity(pIdx->aColExpr->a[n].pExpr);
     }
-    for(n=0; nnColumn; n++){
-      i16 x = pIdx->aiColumn[n];
-      char aff;
-      if( x>=0 ){
-        aff = pTab->aCol[x].affinity;
-      }else if( x==XN_ROWID ){
-        aff = SQLITE_AFF_INTEGER;
-      }else{
-        assert( x==XN_EXPR );
-        assert( pIdx->aColExpr!=0 );
-        aff = sqlite3ExprAffinity(pIdx->aColExpr->a[n].pExpr);
+    if( affSQLITE_AFF_NUMERIC) aff = SQLITE_AFF_NUMERIC;
+    pIdx->zColAff[n] = aff;
+  }
+  pIdx->zColAff[n] = 0;
+  return pIdx->zColAff;
+}
+SQLITE_PRIVATE const char *sqlite3IndexAffinityStr(sqlite3 *db, Index *pIdx){
+  if( !pIdx->zColAff ) return computeIndexAffStr(db, pIdx);
+  return pIdx->zColAff;
+}
+
+
+/*
+** Compute an affinity string for a table.   Space is obtained
+** from sqlite3DbMalloc().  The caller is responsible for freeing
+** the space when done.
+*/
+SQLITE_PRIVATE char *sqlite3TableAffinityStr(sqlite3 *db, const Table *pTab){
+  char *zColAff;
+  zColAff = (char *)sqlite3DbMallocRaw(db, pTab->nCol+1);
+  if( zColAff ){
+    int i, j;
+    for(i=j=0; inCol; i++){
+      if( (pTab->aCol[i].colFlags & COLFLAG_VIRTUAL)==0 ){
+        zColAff[j++] = pTab->aCol[i].affinity;
       }
-      if( affSQLITE_AFF_NUMERIC) aff = SQLITE_AFF_NUMERIC;
-      pIdx->zColAff[n] = aff;
     }
-    pIdx->zColAff[n] = 0;
+    do{
+      zColAff[j--] = 0;
+    }while( j>=0 && zColAff[j]<=SQLITE_AFF_BLOB );
   }
-
-  return pIdx->zColAff;
+  return zColAff;
 }
 
 /*
@@ -126404,7 +129592,7 @@ SQLITE_PRIVATE const char *sqlite3IndexAffinityStr(sqlite3 *db, Index *pIdx){
 ** Apply the type checking to that array of registers.
 */
 SQLITE_PRIVATE void sqlite3TableAffinity(Vdbe *v, Table *pTab, int iReg){
-  int i, j;
+  int i;
   char *zColAff;
   if( pTab->tabFlags & TF_Strict ){
     if( iReg==0 ){
@@ -126413,7 +129601,7 @@ SQLITE_PRIVATE void sqlite3TableAffinity(Vdbe *v, Table *pTab, int iReg){
       ** OP_MakeRecord is found */
       VdbeOp *pPrev;
       sqlite3VdbeAppendP4(v, pTab, P4_TABLE);
-      pPrev = sqlite3VdbeGetOp(v, -1);
+      pPrev = sqlite3VdbeGetLastOp(v);
       assert( pPrev!=0 );
       assert( pPrev->opcode==OP_MakeRecord || sqlite3VdbeDb(v)->mallocFailed );
       pPrev->opcode = OP_TypeCheck;
@@ -126427,22 +129615,11 @@ SQLITE_PRIVATE void sqlite3TableAffinity(Vdbe *v, Table *pTab, int iReg){
   }
   zColAff = pTab->zColAff;
   if( zColAff==0 ){
-    sqlite3 *db = sqlite3VdbeDb(v);
-    zColAff = (char *)sqlite3DbMallocRaw(0, pTab->nCol+1);
+    zColAff = sqlite3TableAffinityStr(0, pTab);
     if( !zColAff ){
-      sqlite3OomFault(db);
+      sqlite3OomFault(sqlite3VdbeDb(v));
       return;
     }
-
-    for(i=j=0; inCol; i++){
-      assert( pTab->aCol[i].affinity!=0 || sqlite3VdbeParser(v)->nErr>0 );
-      if( (pTab->aCol[i].colFlags & COLFLAG_VIRTUAL)==0 ){
-        zColAff[j++] = pTab->aCol[i].affinity;
-      }
-    }
-    do{
-      zColAff[j--] = 0;
-    }while( j>=0 && zColAff[j]<=SQLITE_AFF_BLOB );
     pTab->zColAff = zColAff;
   }
   assert( zColAff!=0 );
@@ -126451,7 +129628,7 @@ SQLITE_PRIVATE void sqlite3TableAffinity(Vdbe *v, Table *pTab, int iReg){
     if( iReg ){
       sqlite3VdbeAddOp4(v, OP_Affinity, iReg, i, 0, zColAff, i);
     }else{
-      assert( sqlite3VdbeGetOp(v, -1)->opcode==OP_MakeRecord
+      assert( sqlite3VdbeGetLastOp(v)->opcode==OP_MakeRecord
               || sqlite3VdbeDb(v)->mallocFailed );
       sqlite3VdbeChangeP4(v, -1, zColAff, i);
     }
@@ -126537,7 +129714,7 @@ SQLITE_PRIVATE void sqlite3ComputeGeneratedColumns(
   */
   sqlite3TableAffinity(pParse->pVdbe, pTab, iRegStore);
   if( (pTab->tabFlags & TF_HasStored)!=0 ){
-    pOp = sqlite3VdbeGetOp(pParse->pVdbe,-1);
+    pOp = sqlite3VdbeGetLastOp(pParse->pVdbe);
     if( pOp->opcode==OP_Affinity ){
       /* Change the OP_Affinity argument to '@' (NONE) for all stored
       ** columns.  '@' is the no-op affinity and those columns have not
@@ -127036,7 +130213,7 @@ SQLITE_PRIVATE void sqlite3Insert(
 
   /* Cannot insert into a read-only table.
   */
-  if( sqlite3IsReadOnly(pParse, pTab, tmask) ){
+  if( sqlite3IsReadOnly(pParse, pTab, pTrigger) ){
     goto insert_cleanup;
   }
 
@@ -127443,7 +130620,12 @@ SQLITE_PRIVATE void sqlite3Insert(
         sqlite3VdbeAddOp2(v, OP_SCopy, regFromSelect+k, iRegStore);
       }
     }else{
-      sqlite3ExprCode(pParse, pList->a[k].pExpr, iRegStore);
+      Expr *pX = pList->a[k].pExpr;
+      int y = sqlite3ExprCodeTarget(pParse, pX, iRegStore);
+      if( y!=iRegStore ){
+        sqlite3VdbeAddOp2(v,
+          ExprHasProperty(pX, EP_Subquery) ? OP_Copy : OP_SCopy, y, iRegStore);
+      }
     }
   }
 
@@ -127478,7 +130660,7 @@ SQLITE_PRIVATE void sqlite3Insert(
     }
 
     /* Copy the new data already generated. */
-    assert( pTab->nNVCol>0 );
+    assert( pTab->nNVCol>0 || pParse->nErr>0 );
     sqlite3VdbeAddOp3(v, OP_Copy, regRowid+1, regCols+1, pTab->nNVCol-1);
 
 #ifndef SQLITE_OMIT_GENERATED_COLUMNS
@@ -127580,7 +130762,9 @@ SQLITE_PRIVATE void sqlite3Insert(
       sqlite3GenerateConstraintChecks(pParse, pTab, aRegIdx, iDataCur, iIdxCur,
           regIns, 0, ipkColumn>=0, onError, endOfLoop, &isReplace, 0, pUpsert
       );
-      sqlite3FkCheck(pParse, pTab, 0, regIns, 0, 0);
+      if( db->flags & SQLITE_ForeignKeys ){
+        sqlite3FkCheck(pParse, pTab, 0, regIns, 0, 0);
+      }
 
       /* Set the OPFLAG_USESEEKRESULT flag if either (a) there are no REPLACE
       ** constraints or (b) there are no triggers and this table is not a
@@ -127664,7 +130848,7 @@ SQLITE_PRIVATE void sqlite3Insert(
   sqlite3UpsertDelete(db, pUpsert);
   sqlite3SelectDelete(db, pSelect);
   sqlite3IdListDelete(db, pColumn);
-  sqlite3DbFree(db, aRegIdx);
+  if( aRegIdx ) sqlite3DbNNFreeNN(db, aRegIdx);
 }
 
 /* Make sure "isView" and other macros defined above are undefined. Otherwise
@@ -128028,6 +131212,7 @@ SQLITE_PRIVATE void sqlite3GenerateConstraintChecks(
           case OE_Fail: {
             char *zMsg = sqlite3MPrintf(db, "%s.%s", pTab->zName,
                                         pCol->zCnName);
+            testcase( zMsg==0 && db->mallocFailed==0 );
             sqlite3VdbeAddOp3(v, OP_HaltIfNull, SQLITE_CONSTRAINT_NOTNULL,
                               onError, iReg);
             sqlite3VdbeAppendP4(v, zMsg, P4_DYNAMIC);
@@ -129891,9 +133076,9 @@ struct sqlite3_api_routines {
   const char *(*filename_journal)(const char*);
   const char *(*filename_wal)(const char*);
   /* Version 3.32.0 and later */
-  char *(*create_filename)(const char*,const char*,const char*,
+  const char *(*create_filename)(const char*,const char*,const char*,
                            int,const char**);
-  void (*free_filename)(char*);
+  void (*free_filename)(const char*);
   sqlite3_file *(*database_file_object)(const char*);
   /* Version 3.34.0 and later */
   int (*txn_state)(sqlite3*,const char*);
@@ -129917,6 +133102,10 @@ struct sqlite3_api_routines {
   unsigned char *(*serialize)(sqlite3*,const char *,sqlite3_int64*,
                               unsigned int);
   const char *(*db_name)(sqlite3*,int);
+  /* Version 3.40.0 and later */
+  int (*value_encoding)(sqlite3_value*);
+  /* Version 3.41.0 and later */
+  int (*is_interrupted)(sqlite3*);
 };
 
 /*
@@ -130241,6 +133430,10 @@ typedef int (*sqlite3_loadext_entry)(
 #define sqlite3_serialize              sqlite3_api->serialize
 #endif
 #define sqlite3_db_name                sqlite3_api->db_name
+/* Version 3.40.0 and later */
+#define sqlite3_value_encoding         sqlite3_api->value_encoding
+/* Version 3.41.0 and later */
+#define sqlite3_is_interrupted         sqlite3_api->is_interrupted
 #endif /* !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION) */
 
 #if !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
@@ -130753,7 +133946,11 @@ static const sqlite3_api_routines sqlite3Apis = {
   0,
   0,
 #endif
-  sqlite3_db_name
+  sqlite3_db_name,
+  /* Version 3.40.0 and later */
+  sqlite3_value_encoding,
+  /* Version 3.41.0 and later */
+  sqlite3_is_interrupted
 };
 
 /* True if x is the directory separator character
@@ -130826,7 +134023,11 @@ static int sqlite3LoadExtension(
   /* tag-20210611-1.  Some dlopen() implementations will segfault if given
   ** an oversize filename.  Most filesystems have a pathname limit of 4K,
   ** so limit the extension filename length to about twice that.
-  ** https://sqlite.org/forum/forumpost/08a0d6d9bf */
+  ** https://sqlite.org/forum/forumpost/08a0d6d9bf
+  **
+  ** Later (2023-03-25): Save an extra 6 bytes for the filename suffix.
+  ** See https://sqlite.org/forum/forumpost/24083b579d.
+  */
   if( nMsg>SQLITE_MAX_PATHLEN ) goto extension_not_found;
 
   handle = sqlite3OsDlOpen(pVfs, zFile);
@@ -130834,7 +134035,9 @@ static int sqlite3LoadExtension(
   for(ii=0; iiaDb[iDb].zDbSName;
       sqlite3CodeVerifySchema(pParse, iDb);
       sqlite3TableLock(pParse, iDb, pTab->tnum, 0, pTab->zName);
-      if( pTab->nCol+regRow>pParse->nMem ) pParse->nMem = pTab->nCol + regRow;
+      sqlite3TouchRegister(pParse, pTab->nCol+regRow);
       sqlite3OpenTable(pParse, 0, iDb, pTab, OP_OpenRead);
       sqlite3VdbeLoadString(v, regResult, pTab->zName);
       assert( IsOrdinaryTable(pTab) );
@@ -133370,7 +136573,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
         ** regRow..regRow+n. If any of the child key values are NULL, this
         ** row cannot cause an FK violation. Jump directly to addrOk in
         ** this case. */
-        if( regRow+pFK->nCol>pParse->nMem ) pParse->nMem = regRow+pFK->nCol;
+        sqlite3TouchRegister(pParse, regRow + pFK->nCol);
         for(j=0; jnCol; j++){
           int iCol = aiCols ? aiCols[j] : pFK->aCol[j].iFrom;
           sqlite3ExprCodeGetColumnOfTable(v, pTab, 0, iCol, regRow+j);
@@ -133499,6 +136702,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
       if( iDb>=0 && i!=iDb ) continue;
 
       sqlite3CodeVerifySchema(pParse, i);
+      pParse->okConstFactor = 0;  /* tag-20230327-1 */
 
       /* Do an integrity check of the B-Tree
       **
@@ -133534,7 +136738,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
       aRoot[0] = cnt;
 
       /* Make sure sufficient number of registers have been allocated */
-      pParse->nMem = MAX( pParse->nMem, 8+mxIdx );
+      sqlite3TouchRegister(pParse, 8+mxIdx);
       sqlite3ClearTempRegCache(pParse);
 
       /* Do the b-tree integrity checks */
@@ -133553,15 +136757,24 @@ SQLITE_PRIVATE void sqlite3Pragma(
       for(x=sqliteHashFirst(pTbls); x; x=sqliteHashNext(x)){
         Table *pTab = sqliteHashData(x);
         Index *pIdx, *pPk;
-        Index *pPrior = 0;
+        Index *pPrior = 0;      /* Previous index */
         int loopTop;
         int iDataCur, iIdxCur;
         int r1 = -1;
-        int bStrict;
+        int bStrict;            /* True for a STRICT table */
+        int r2;                 /* Previous key for WITHOUT ROWID tables */
+        int mxCol;              /* Maximum non-virtual column number */
 
         if( !IsOrdinaryTable(pTab) ) continue;
         if( pObjTab && pObjTab!=pTab ) continue;
-        pPk = HasRowid(pTab) ? 0 : sqlite3PrimaryKeyIndex(pTab);
+        if( isQuick || HasRowid(pTab) ){
+          pPk = 0;
+          r2 = 0;
+        }else{
+          pPk = sqlite3PrimaryKeyIndex(pTab);
+          r2 = sqlite3GetTempRange(pParse, pPk->nKeyCol);
+          sqlite3VdbeAddOp3(v, OP_Null, 1, r2, r2+pPk->nKeyCol-1);
+        }
         sqlite3OpenTableAndIndices(pParse, pTab, OP_OpenRead, 0,
                                    1, 0, &iDataCur, &iIdxCur);
         /* reg[7] counts the number of entries in the table.
@@ -133575,52 +136788,180 @@ SQLITE_PRIVATE void sqlite3Pragma(
         assert( sqlite3NoTempsInRange(pParse,1,7+j) );
         sqlite3VdbeAddOp2(v, OP_Rewind, iDataCur, 0); VdbeCoverage(v);
         loopTop = sqlite3VdbeAddOp2(v, OP_AddImm, 7, 1);
+
+        /* Fetch the right-most column from the table.  This will cause
+        ** the entire record header to be parsed and sanity checked.  It
+        ** will also prepopulate the cursor column cache that is used
+        ** by the OP_IsType code, so it is a required step.
+        */
+        assert( !IsVirtual(pTab) );
+        if( HasRowid(pTab) ){
+          mxCol = -1;
+          for(j=0; jnCol; j++){
+            if( (pTab->aCol[j].colFlags & COLFLAG_VIRTUAL)==0 ) mxCol++;
+          }
+          if( mxCol==pTab->iPKey ) mxCol--;
+        }else{
+          /* COLFLAG_VIRTUAL columns are not included in the WITHOUT ROWID
+          ** PK index column-count, so there is no need to account for them
+          ** in this case. */
+          mxCol = sqlite3PrimaryKeyIndex(pTab)->nColumn-1;
+        }
+        if( mxCol>=0 ){
+          sqlite3VdbeAddOp3(v, OP_Column, iDataCur, mxCol, 3);
+          sqlite3VdbeTypeofColumn(v, 3);
+        }
+
         if( !isQuick ){
-          /* Sanity check on record header decoding */
-          sqlite3VdbeAddOp3(v, OP_Column, iDataCur, pTab->nNVCol-1,3);
-          sqlite3VdbeChangeP5(v, OPFLAG_TYPEOFARG);
-          VdbeComment((v, "(right-most column)"));
+          if( pPk ){
+            /* Verify WITHOUT ROWID keys are in ascending order */
+            int a1;
+            char *zErr;
+            a1 = sqlite3VdbeAddOp4Int(v, OP_IdxGT, iDataCur, 0,r2,pPk->nKeyCol);
+            VdbeCoverage(v);
+            sqlite3VdbeAddOp1(v, OP_IsNull, r2); VdbeCoverage(v);
+            zErr = sqlite3MPrintf(db,
+                   "row not in PRIMARY KEY order for %s",
+                    pTab->zName);
+            sqlite3VdbeAddOp4(v, OP_String8, 0, 3, 0, zErr, P4_DYNAMIC);
+            integrityCheckResultRow(v);
+            sqlite3VdbeJumpHere(v, a1);
+            sqlite3VdbeJumpHere(v, a1+1);
+            for(j=0; jnKeyCol; j++){
+              sqlite3ExprCodeLoadIndexColumn(pParse, pPk, iDataCur, j, r2+j);
+            }
+          }
         }
-        /* Verify that all NOT NULL columns really are NOT NULL.  At the
-        ** same time verify the type of the content of STRICT tables */
+        /* Verify datatypes for all columns:
+        **
+        **   (1) NOT NULL columns may not contain a NULL
+        **   (2) Datatype must be exact for non-ANY columns in STRICT tables
+        **   (3) Datatype for TEXT columns in non-STRICT tables must be
+        **       NULL, TEXT, or BLOB.
+        **   (4) Datatype for numeric columns in non-STRICT tables must not
+        **       be a TEXT value that can be losslessly converted to numeric.
+        */
         bStrict = (pTab->tabFlags & TF_Strict)!=0;
         for(j=0; jnCol; j++){
           char *zErr;
-          Column *pCol = pTab->aCol + j;
-          int doError, jmp2;
+          Column *pCol = pTab->aCol + j;  /* The column to be checked */
+          int labelError;               /* Jump here to report an error */
+          int labelOk;                  /* Jump here if all looks ok */
+          int p1, p3, p4;               /* Operands to the OP_IsType opcode */
+          int doTypeCheck;              /* Check datatypes (besides NOT NULL) */
+
           if( j==pTab->iPKey ) continue;
-          if( pCol->notNull==0 && !bStrict ) continue;
-          doError = bStrict ? sqlite3VdbeMakeLabel(pParse) : 0;
-          sqlite3ExprCodeGetColumnOfTable(v, pTab, iDataCur, j, 3);
-          if( sqlite3VdbeGetOp(v,-1)->opcode==OP_Column ){
-            sqlite3VdbeChangeP5(v, OPFLAG_TYPEOFARG);
+          if( bStrict ){
+            doTypeCheck = pCol->eCType>COLTYPE_ANY;
+          }else{
+            doTypeCheck = pCol->affinity>SQLITE_AFF_BLOB;
           }
+          if( pCol->notNull==0 && !doTypeCheck ) continue;
+
+          /* Compute the operands that will be needed for OP_IsType */
+          p4 = SQLITE_NULL;
+          if( pCol->colFlags & COLFLAG_VIRTUAL ){
+            sqlite3ExprCodeGetColumnOfTable(v, pTab, iDataCur, j, 3);
+            p1 = -1;
+            p3 = 3;
+          }else{
+            if( pCol->iDflt ){
+              sqlite3_value *pDfltValue = 0;
+              sqlite3ValueFromExpr(db, sqlite3ColumnExpr(pTab,pCol), ENC(db),
+                                   pCol->affinity, &pDfltValue);
+              if( pDfltValue ){
+                p4 = sqlite3_value_type(pDfltValue);
+                sqlite3ValueFree(pDfltValue);
+              }
+            }
+            p1 = iDataCur;
+            if( !HasRowid(pTab) ){
+              testcase( j!=sqlite3TableColumnToStorage(pTab, j) );
+              p3 = sqlite3TableColumnToIndex(sqlite3PrimaryKeyIndex(pTab), j);
+            }else{
+              p3 = sqlite3TableColumnToStorage(pTab,j);
+              testcase( p3!=j);
+            }
+          }
+
+          labelError = sqlite3VdbeMakeLabel(pParse);
+          labelOk = sqlite3VdbeMakeLabel(pParse);
           if( pCol->notNull ){
-            jmp2 = sqlite3VdbeAddOp1(v, OP_NotNull, 3); VdbeCoverage(v);
+            /* (1) NOT NULL columns may not contain a NULL */
+            int jmp3;
+            int jmp2 = sqlite3VdbeAddOp4Int(v, OP_IsType, p1, labelOk, p3, p4);
+            VdbeCoverage(v);
+            if( p1<0 ){
+              sqlite3VdbeChangeP5(v, 0x0f); /* INT, REAL, TEXT, or BLOB */
+              jmp3 = jmp2;
+            }else{
+              sqlite3VdbeChangeP5(v, 0x0d); /* INT, TEXT, or BLOB */
+              /* OP_IsType does not detect NaN values in the database file
+              ** which should be treated as a NULL.  So if the header type
+              ** is REAL, we have to load the actual data using OP_Column
+              ** to reliably determine if the value is a NULL. */
+              sqlite3VdbeAddOp3(v, OP_Column, p1, p3, 3);
+              jmp3 = sqlite3VdbeAddOp2(v, OP_NotNull, 3, labelOk);
+              VdbeCoverage(v);
+            }
             zErr = sqlite3MPrintf(db, "NULL value in %s.%s", pTab->zName,
                                 pCol->zCnName);
             sqlite3VdbeAddOp4(v, OP_String8, 0, 3, 0, zErr, P4_DYNAMIC);
-            if( bStrict && pCol->eCType!=COLTYPE_ANY ){
-              sqlite3VdbeGoto(v, doError);
+            if( doTypeCheck ){
+              sqlite3VdbeGoto(v, labelError);
+              sqlite3VdbeJumpHere(v, jmp2);
+              sqlite3VdbeJumpHere(v, jmp3);
             }else{
-              integrityCheckResultRow(v);
+              /* VDBE byte code will fall thru */
             }
-            sqlite3VdbeJumpHere(v, jmp2);
           }
-          if( (pTab->tabFlags & TF_Strict)!=0
-           && pCol->eCType!=COLTYPE_ANY
-          ){
-            jmp2 = sqlite3VdbeAddOp3(v, OP_IsNullOrType, 3, 0,
-                                     sqlite3StdTypeMap[pCol->eCType-1]);
+          if( bStrict && doTypeCheck ){
+            /* (2) Datatype must be exact for non-ANY columns in STRICT tables*/
+            static unsigned char aStdTypeMask[] = {
+               0x1f,    /* ANY */
+               0x18,    /* BLOB */
+               0x11,    /* INT */
+               0x11,    /* INTEGER */
+               0x13,    /* REAL */
+               0x14     /* TEXT */
+            };
+            sqlite3VdbeAddOp4Int(v, OP_IsType, p1, labelOk, p3, p4);
+            assert( pCol->eCType>=1 && pCol->eCType<=sizeof(aStdTypeMask) );
+            sqlite3VdbeChangeP5(v, aStdTypeMask[pCol->eCType-1]);
             VdbeCoverage(v);
             zErr = sqlite3MPrintf(db, "non-%s value in %s.%s",
                                   sqlite3StdType[pCol->eCType-1],
                                   pTab->zName, pTab->aCol[j].zCnName);
             sqlite3VdbeAddOp4(v, OP_String8, 0, 3, 0, zErr, P4_DYNAMIC);
-            sqlite3VdbeResolveLabel(v, doError);
-            integrityCheckResultRow(v);
-            sqlite3VdbeJumpHere(v, jmp2);
+          }else if( !bStrict && pCol->affinity==SQLITE_AFF_TEXT ){
+            /* (3) Datatype for TEXT columns in non-STRICT tables must be
+            **     NULL, TEXT, or BLOB. */
+            sqlite3VdbeAddOp4Int(v, OP_IsType, p1, labelOk, p3, p4);
+            sqlite3VdbeChangeP5(v, 0x1c); /* NULL, TEXT, or BLOB */
+            VdbeCoverage(v);
+            zErr = sqlite3MPrintf(db, "NUMERIC value in %s.%s",
+                                  pTab->zName, pTab->aCol[j].zCnName);
+            sqlite3VdbeAddOp4(v, OP_String8, 0, 3, 0, zErr, P4_DYNAMIC);
+          }else if( !bStrict && pCol->affinity>=SQLITE_AFF_NUMERIC ){
+            /* (4) Datatype for numeric columns in non-STRICT tables must not
+            **     be a TEXT value that can be converted to numeric. */
+            sqlite3VdbeAddOp4Int(v, OP_IsType, p1, labelOk, p3, p4);
+            sqlite3VdbeChangeP5(v, 0x1b); /* NULL, INT, FLOAT, or BLOB */
+            VdbeCoverage(v);
+            if( p1>=0 ){
+              sqlite3ExprCodeGetColumnOfTable(v, pTab, iDataCur, j, 3);
+            }
+            sqlite3VdbeAddOp4(v, OP_Affinity, 3, 1, 0, "C", P4_STATIC);
+            sqlite3VdbeAddOp4Int(v, OP_IsType, -1, labelOk, 3, p4);
+            sqlite3VdbeChangeP5(v, 0x1c); /* NULL, TEXT, or BLOB */
+            VdbeCoverage(v);
+            zErr = sqlite3MPrintf(db, "TEXT value in %s.%s",
+                                  pTab->zName, pTab->aCol[j].zCnName);
+            sqlite3VdbeAddOp4(v, OP_String8, 0, 3, 0, zErr, P4_DYNAMIC);
           }
+          sqlite3VdbeResolveLabel(v, labelError);
+          integrityCheckResultRow(v);
+          sqlite3VdbeResolveLabel(v, labelOk);
         }
         /* Verify CHECK constraints */
         if( pTab->pCheck && (db->flags & SQLITE_IgnoreChecks)==0 ){
@@ -133649,7 +136990,8 @@ SQLITE_PRIVATE void sqlite3Pragma(
         if( !isQuick ){ /* Omit the remaining tests for quick_check */
           /* Validate index entries for the current row */
           for(j=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, j++){
-            int jmp2, jmp3, jmp4, jmp5;
+            int jmp2, jmp3, jmp4, jmp5, label6;
+            int kk;
             int ckUniq = sqlite3VdbeMakeLabel(pParse);
             if( pPk==pIdx ) continue;
             r1 = sqlite3GenerateIndexKey(pParse, pIdx, iDataCur, 0, 0, &jmp3,
@@ -133667,13 +137009,49 @@ SQLITE_PRIVATE void sqlite3Pragma(
             sqlite3VdbeAddOp3(v, OP_Concat, 4, 3, 3);
             jmp4 = integrityCheckResultRow(v);
             sqlite3VdbeJumpHere(v, jmp2);
+
+            /* The OP_IdxRowid opcode is an optimized version of OP_Column
+            ** that extracts the rowid off the end of the index record.
+            ** But it only works correctly if index record does not have
+            ** any extra bytes at the end.  Verify that this is the case. */
+            if( HasRowid(pTab) ){
+              int jmp7;
+              sqlite3VdbeAddOp2(v, OP_IdxRowid, iIdxCur+j, 3);
+              jmp7 = sqlite3VdbeAddOp3(v, OP_Eq, 3, 0, r1+pIdx->nColumn-1);
+              VdbeCoverageNeverNull(v);
+              sqlite3VdbeLoadString(v, 3,
+                 "rowid not at end-of-record for row ");
+              sqlite3VdbeAddOp3(v, OP_Concat, 7, 3, 3);
+              sqlite3VdbeLoadString(v, 4, " of index ");
+              sqlite3VdbeGoto(v, jmp5-1);
+              sqlite3VdbeJumpHere(v, jmp7);
+            }
+
+            /* Any indexed columns with non-BINARY collations must still hold
+            ** the exact same text value as the table. */
+            label6 = 0;
+            for(kk=0; kknKeyCol; kk++){
+              if( pIdx->azColl[kk]==sqlite3StrBINARY ) continue;
+              if( label6==0 ) label6 = sqlite3VdbeMakeLabel(pParse);
+              sqlite3VdbeAddOp3(v, OP_Column, iIdxCur+j, kk, 3);
+              sqlite3VdbeAddOp3(v, OP_Ne, 3, label6, r1+kk); VdbeCoverage(v);
+            }
+            if( label6 ){
+              int jmp6 = sqlite3VdbeAddOp0(v, OP_Goto);
+              sqlite3VdbeResolveLabel(v, label6);
+              sqlite3VdbeLoadString(v, 3, "row ");
+              sqlite3VdbeAddOp3(v, OP_Concat, 7, 3, 3);
+              sqlite3VdbeLoadString(v, 4, " values differ from index ");
+              sqlite3VdbeGoto(v, jmp5-1);
+              sqlite3VdbeJumpHere(v, jmp6);
+            }
+
             /* For UNIQUE indexes, verify that only one entry exists with the
             ** current key.  The entry is unique if (1) any column is NULL
             ** or (2) the next entry has a different key */
             if( IsUniqueIndex(pIdx) ){
               int uniqOk = sqlite3VdbeMakeLabel(pParse);
               int jmp6;
-              int kk;
               for(kk=0; kknKeyCol; kk++){
                 int iCol = pIdx->aiColumn[kk];
                 assert( iCol!=XN_ROWID && iColnCol );
@@ -133708,6 +137086,9 @@ SQLITE_PRIVATE void sqlite3Pragma(
             integrityCheckResultRow(v);
             sqlite3VdbeJumpHere(v, addr);
           }
+          if( pPk ){
+            sqlite3ReleaseTempRange(pParse, r2, pPk->nKeyCol);
+          }
         }
       }
     }
@@ -133858,6 +137239,11 @@ SQLITE_PRIVATE void sqlite3Pragma(
       aOp[1].p2 = iCookie;
       aOp[1].p3 = sqlite3Atoi(zRight);
       aOp[1].p5 = 1;
+      if( iCookie==BTREE_SCHEMA_VERSION && (db->flags & SQLITE_Defensive)!=0 ){
+        /* Do not allow the use of PRAGMA schema_version=VALUE in defensive
+        ** mode.  Change the OP_SetCookie opcode into a no-op.  */
+        aOp[1].opcode = OP_Noop;
+      }
     }else{
       /* Read the specified cookie value */
       static const VdbeOpList readCookie[] = {
@@ -134838,7 +138224,14 @@ SQLITE_PRIVATE int sqlite3InitOne(sqlite3 *db, int iDb, char **pzErrMsg, u32 mFl
 #else
       encoding = SQLITE_UTF8;
 #endif
-      sqlite3SetTextEncoding(db, encoding);
+      if( db->nVdbeActive>0 && encoding!=ENC(db)
+       && (db->mDbFlags & DBFLAG_Vacuum)==0
+      ){
+        rc = SQLITE_LOCKED;
+        goto initone_error_out;
+      }else{
+        sqlite3SetTextEncoding(db, encoding);
+      }
     }else{
       /* If opening an attached database, the encoding much match ENC(db) */
       if( (meta[BTREE_TEXT_ENCODING-1] & 3)!=ENC(db) ){
@@ -135052,8 +138445,8 @@ static void schemaIsValid(Parse *pParse){
     sqlite3BtreeGetMeta(pBt, BTREE_SCHEMA_VERSION, (u32 *)&cookie);
     assert( sqlite3SchemaMutexHeld(db, iDb, 0) );
     if( cookie!=db->aDb[iDb].pSchema->schema_cookie ){
+      if( DbHasProperty(db, iDb, DB_SchemaLoaded) ) pParse->rc = SQLITE_SCHEMA;
       sqlite3ResetOneSchema(db, iDb);
-      pParse->rc = SQLITE_SCHEMA;
     }
 
     /* Close the transaction, if one was opened. */
@@ -135106,15 +138499,15 @@ SQLITE_PRIVATE void sqlite3ParseObjectReset(Parse *pParse){
   assert( db->pParse==pParse );
   assert( pParse->nested==0 );
 #ifndef SQLITE_OMIT_SHARED_CACHE
-  sqlite3DbFree(db, pParse->aTableLock);
+  if( pParse->aTableLock ) sqlite3DbNNFreeNN(db, pParse->aTableLock);
 #endif
   while( pParse->pCleanup ){
     ParseCleanup *pCleanup = pParse->pCleanup;
     pParse->pCleanup = pCleanup->pNext;
     pCleanup->xCleanup(db, pCleanup->pPtr);
-    sqlite3DbFreeNN(db, pCleanup);
+    sqlite3DbNNFreeNN(db, pCleanup);
   }
-  sqlite3DbFree(db, pParse->aLabel);
+  if( pParse->aLabel ) sqlite3DbNNFreeNN(db, pParse->aLabel);
   if( pParse->pConstExpr ){
     sqlite3ExprListDelete(db, pParse->pConstExpr);
   }
@@ -135227,7 +138620,11 @@ static int sqlite3Prepare(
   sParse.db = db;
   sParse.pReprepare = pReprepare;
   assert( ppStmt && *ppStmt==0 );
-  if( db->mallocFailed ) sqlite3ErrorMsg(&sParse, "out of memory");
+  if( db->mallocFailed ){
+    sqlite3ErrorMsg(&sParse, "out of memory");
+    db->errCode = rc = SQLITE_NOMEM;
+    goto end_prepare;
+  }
   assert( sqlite3_mutex_held(db->mutex) );
 
   /* For a long-term use prepared statement avoid the use of
@@ -135237,7 +138634,7 @@ static int sqlite3Prepare(
     sParse.disableLookaside++;
     DisableLookaside;
   }
-  sParse.disableVtab = (prepFlags & SQLITE_PREPARE_NO_VTAB)!=0;
+  sParse.prepFlags = prepFlags & 0xff;
 
   /* Check to verify that it is possible to get a read lock on all
   ** database schemas.  The inability to get a read lock indicates that
@@ -135278,7 +138675,9 @@ static int sqlite3Prepare(
     }
   }
 
-  sqlite3VtabUnlockList(db);
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+  if( db->pDisconnect ) sqlite3VtabUnlockList(db);
+#endif
 
   if( nBytes>=0 && (nBytes==0 || zSql[nBytes-1]!=0) ){
     char *zSqlCopy;
@@ -135662,6 +139061,10 @@ struct SortCtx {
   } aDefer[4];
 #endif
   struct RowLoadInfo *pDeferredRowLoad;  /* Deferred row loading info or NULL */
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+  int addrPush;         /* First instruction to push data into sorter */
+  int addrPushEnd;      /* Last instruction that pushes data into sorter */
+#endif
 };
 #define SORTFLAG_UseSorter  0x01   /* Use SorterOpen instead of OpenEphemeral */
 
@@ -135673,6 +139076,7 @@ struct SortCtx {
 ** If bFree==0, Leave the first Select object unfreed
 */
 static void clearSelect(sqlite3 *db, Select *p, int bFree){
+  assert( db!=0 );
   while( p ){
     Select *pPrior = p->pPrior;
     sqlite3ExprListDelete(db, p->pEList);
@@ -135692,7 +139096,7 @@ static void clearSelect(sqlite3 *db, Select *p, int bFree){
       sqlite3WindowUnlinkFromSelect(p->pWin);
     }
 #endif
-    if( bFree ) sqlite3DbFreeNN(db, p);
+    if( bFree ) sqlite3DbNNFreeNN(db, p);
     p = pPrior;
     bFree = 1;
   }
@@ -136309,7 +139713,7 @@ static void pushOntoSorter(
   **   (2) All output columns are included in the sort record.  In that
   **       case regData==regOrigData.
   **   (3) Some output columns are omitted from the sort record due to
-  **       the SQLITE_ENABLE_SORTER_REFERENCE optimization, or due to the
+  **       the SQLITE_ENABLE_SORTER_REFERENCES optimization, or due to the
   **       SQLITE_ECEL_OMITREF optimization, or due to the
   **       SortCtx.pDeferredRowLoad optimiation.  In any of these cases
   **       regOrigData is 0 to prevent this routine from trying to copy
@@ -136317,6 +139721,10 @@ static void pushOntoSorter(
   */
   assert( nData==1 || regData==regOrigData || regOrigData==0 );
 
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+  pSort->addrPush = sqlite3VdbeCurrentAddr(v);
+#endif
+
   if( nPrefixReg ){
     assert( nPrefixReg==nExpr+bSeq );
     regBase = regData - nPrefixReg;
@@ -136417,6 +139825,9 @@ static void pushOntoSorter(
     sqlite3VdbeChangeP2(v, iSkip,
          pSort->labelOBLopt ? pSort->labelOBLopt : sqlite3VdbeCurrentAddr(v));
   }
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+  pSort->addrPushEnd = sqlite3VdbeCurrentAddr(v)-1;
+#endif
 }
 
 /*
@@ -137098,9 +140509,10 @@ SQLITE_PRIVATE KeyInfo *sqlite3KeyInfoAlloc(sqlite3 *db, int N, int X){
 */
 SQLITE_PRIVATE void sqlite3KeyInfoUnref(KeyInfo *p){
   if( p ){
+    assert( p->db!=0 );
     assert( p->nRef>0 );
     p->nRef--;
-    if( p->nRef==0 ) sqlite3DbFreeNN(p->db, p);
+    if( p->nRef==0 ) sqlite3DbNNFreeNN(p->db, p);
   }
 }
 
@@ -137239,6 +140651,16 @@ static void generateSortTail(
   int bSeq;                       /* True if sorter record includes seq. no. */
   int nRefKey = 0;
   struct ExprList_item *aOutEx = p->pEList->a;
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+  int addrExplain;                /* Address of OP_Explain instruction */
+#endif
+
+  ExplainQueryPlan2(addrExplain, (pParse, 0,
+        "USE TEMP B-TREE FOR %sORDER BY", pSort->nOBSat>0?"RIGHT PART OF ":"")
+  );
+  sqlite3VdbeScanStatusRange(v, addrExplain,pSort->addrPush,pSort->addrPushEnd);
+  sqlite3VdbeScanStatusCounters(v, addrExplain, addrExplain, pSort->addrPush);
+
 
   assert( addrBreak<0 );
   if( pSort->labelBkOut ){
@@ -137351,6 +140773,7 @@ static void generateSortTail(
       VdbeComment((v, "%s", aOutEx[i].zEName));
     }
   }
+  sqlite3VdbeScanStatusRange(v, addrExplain, addrExplain, -1);
   switch( eDest ){
     case SRT_Table:
     case SRT_EphemTab: {
@@ -137412,6 +140835,7 @@ static void generateSortTail(
   }else{
     sqlite3VdbeAddOp2(v, OP_Next, iTab, addr); VdbeCoverage(v);
   }
+  sqlite3VdbeScanStatusRange(v, addrExplain, sqlite3VdbeCurrentAddr(v)-1, -1);
   if( pSort->regReturn ) sqlite3VdbeAddOp1(v, OP_Return, pSort->regReturn);
   sqlite3VdbeResolveLabel(v, addrBreak);
 }
@@ -137420,9 +140844,6 @@ static void generateSortTail(
 ** Return a pointer to a string containing the 'declaration type' of the
 ** expression pExpr. The string may be treated as static by the caller.
 **
-** Also try to estimate the size of the returned value and return that
-** result in *pEstWidth.
-**
 ** The declaration type is the exact datatype definition extracted from the
 ** original CREATE TABLE statement if the expression is a column. The
 ** declaration type for a ROWID field is INTEGER. Exactly when an expression
@@ -137686,7 +141107,7 @@ SQLITE_PRIVATE void sqlite3GenerateColumnNames(
   if( pParse->colNamesSet ) return;
   /* Column names are determined by the left-most term of a compound select */
   while( pSelect->pPrior ) pSelect = pSelect->pPrior;
-  SELECTTRACE(1,pParse,pSelect,("generating column names\n"));
+  TREETRACE(0x80,pParse,pSelect,("generating column names\n"));
   pTabList = pSelect->pSrc;
   pEList = pSelect->pEList;
   assert( v!=0 );
@@ -137786,7 +141207,7 @@ SQLITE_PRIVATE int sqlite3ColumnsFromExprList(
   *pnCol = nCol;
   *paCol = aCol;
 
-  for(i=0, pCol=aCol; imallocFailed; i++, pCol++){
+  for(i=0, pCol=aCol; inErr; i++, pCol++){
     struct ExprList_item *pX = &pEList->a[i];
     struct ExprList_item *pCollide;
     /* Get an appropriate name for the column
@@ -137836,7 +141257,10 @@ SQLITE_PRIVATE int sqlite3ColumnsFromExprList(
         if( zName[j]==':' ) nName = j;
       }
       zName = sqlite3MPrintf(db, "%.*z:%u", nName, zName, ++cnt);
-      if( cnt>3 ) sqlite3_randomness(sizeof(cnt), &cnt);
+      sqlite3ProgressCheck(pParse);
+      if( cnt>3 ){
+        sqlite3_randomness(sizeof(cnt), &cnt);
+      }
     }
     pCol->zCnName = zName;
     pCol->hName = sqlite3StrIHash(zName);
@@ -137849,71 +141273,104 @@ SQLITE_PRIVATE int sqlite3ColumnsFromExprList(
     }
   }
   sqlite3HashClear(&ht);
-  if( db->mallocFailed ){
+  if( pParse->nErr ){
     for(j=0; jrc;
   }
   return SQLITE_OK;
 }
 
 /*
-** Add type and collation information to a column list based on
-** a SELECT statement.
+** pTab is a transient Table object that represents a subquery of some
+** kind (maybe a parenthesized subquery in the FROM clause of a larger
+** query, or a VIEW, or a CTE).  This routine computes type information
+** for that Table object based on the Select object that implements the
+** subquery.  For the purposes of this routine, "type infomation" means:
 **
-** The column list presumably came from selectColumnNamesFromExprList().
-** The column list has only names, not types or collations.  This
-** routine goes through and adds the types and collations.
-**
-** This routine requires that all identifiers in the SELECT
-** statement be resolved.
+**    *   The datatype name, as it might appear in a CREATE TABLE statement
+**    *   Which collating sequence to use for the column
+**    *   The affinity of the column
 */
-SQLITE_PRIVATE void sqlite3SelectAddColumnTypeAndCollation(
-  Parse *pParse,        /* Parsing contexts */
-  Table *pTab,          /* Add column type information to this table */
-  Select *pSelect,      /* SELECT used to determine types and collations */
-  char aff              /* Default affinity for columns */
+SQLITE_PRIVATE void sqlite3SubqueryColumnTypes(
+  Parse *pParse,      /* Parsing contexts */
+  Table *pTab,        /* Add column type information to this table */
+  Select *pSelect,    /* SELECT used to determine types and collations */
+  char aff            /* Default affinity. */
 ){
   sqlite3 *db = pParse->db;
-  NameContext sNC;
   Column *pCol;
   CollSeq *pColl;
-  int i;
+  int i,j;
   Expr *p;
   struct ExprList_item *a;
+  NameContext sNC;
 
   assert( pSelect!=0 );
   assert( (pSelect->selFlags & SF_Resolved)!=0 );
-  assert( pTab->nCol==pSelect->pEList->nExpr || db->mallocFailed );
-  if( db->mallocFailed ) return;
+  assert( pTab->nCol==pSelect->pEList->nExpr || pParse->nErr>0 );
+  assert( aff==SQLITE_AFF_NONE || aff==SQLITE_AFF_BLOB );
+  if( db->mallocFailed || IN_RENAME_OBJECT ) return;
+  while( pSelect->pPrior ) pSelect = pSelect->pPrior;
+  a = pSelect->pEList->a;
   memset(&sNC, 0, sizeof(sNC));
   sNC.pSrcList = pSelect->pSrc;
-  a = pSelect->pEList->a;
   for(i=0, pCol=pTab->aCol; inCol; i++, pCol++){
     const char *zType;
-    i64 n, m;
+    i64 n;
     pTab->tabFlags |= (pCol->colFlags & COLFLAG_NOINSERT);
     p = a[i].pExpr;
-    zType = columnType(&sNC, p, 0, 0, 0);
     /* pCol->szEst = ... // Column size est for SELECT tables never used */
     pCol->affinity = sqlite3ExprAffinity(p);
+    if( pCol->affinity<=SQLITE_AFF_NONE ){
+      pCol->affinity = aff;
+    }
+    if( pCol->affinity>=SQLITE_AFF_TEXT && pSelect->pNext ){
+      int m = 0;
+      Select *pS2;
+      for(m=0, pS2=pSelect->pNext; pS2; pS2=pS2->pNext){
+        m |= sqlite3ExprDataType(pS2->pEList->a[i].pExpr);
+      }
+      if( pCol->affinity==SQLITE_AFF_TEXT && (m&0x01)!=0 ){
+        pCol->affinity = SQLITE_AFF_BLOB;
+      }else
+      if( pCol->affinity>=SQLITE_AFF_NUMERIC && (m&0x02)!=0 ){
+        pCol->affinity = SQLITE_AFF_BLOB;
+      }
+      if( pCol->affinity>=SQLITE_AFF_NUMERIC && p->op==TK_CAST ){
+        pCol->affinity = SQLITE_AFF_FLEXNUM;
+      }
+    }
+    zType = columnType(&sNC, p, 0, 0, 0);
+    if( zType==0 || pCol->affinity!=sqlite3AffinityType(zType, 0) ){
+      if( pCol->affinity==SQLITE_AFF_NUMERIC
+       || pCol->affinity==SQLITE_AFF_FLEXNUM
+      ){
+        zType = "NUM";
+      }else{
+        zType = 0;
+        for(j=1; jaffinity ){
+            zType = sqlite3StdType[j];
+            break;
+          }
+        }
+      }
+    }
     if( zType ){
-      m = sqlite3Strlen30(zType);
+      i64 m = sqlite3Strlen30(zType);
       n = sqlite3Strlen30(pCol->zCnName);
       pCol->zCnName = sqlite3DbReallocOrFree(db, pCol->zCnName, n+m+2);
+      pCol->colFlags &= ~(COLFLAG_HASTYPE|COLFLAG_HASCOLL);
       if( pCol->zCnName ){
         memcpy(&pCol->zCnName[n+1], zType, m+1);
         pCol->colFlags |= COLFLAG_HASTYPE;
-      }else{
-        testcase( pCol->colFlags & COLFLAG_HASTYPE );
-        pCol->colFlags &= ~(COLFLAG_HASTYPE|COLFLAG_HASCOLL);
       }
     }
-    if( pCol->affinity<=SQLITE_AFF_NONE ) pCol->affinity = aff;
     pColl = sqlite3ExprCollSeq(pParse, p);
     if( pColl ){
       assert( pTab->pIndex==0 );
@@ -137947,7 +141404,7 @@ SQLITE_PRIVATE Table *sqlite3ResultSetOfSelect(Parse *pParse, Select *pSelect, c
   pTab->zName = 0;
   pTab->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
   sqlite3ColumnsFromExprList(pParse, pSelect->pEList, &pTab->nCol, &pTab->aCol);
-  sqlite3SelectAddColumnTypeAndCollation(pParse, pTab, pSelect, aff);
+  sqlite3SubqueryColumnTypes(pParse, pTab, pSelect, aff);
   pTab->iPKey = -1;
   if( db->mallocFailed ){
     sqlite3DeleteTable(db, pTab);
@@ -138472,7 +141929,7 @@ static int multiSelect(
         pPrior->iLimit = p->iLimit;
         pPrior->iOffset = p->iOffset;
         pPrior->pLimit = p->pLimit;
-        SELECTTRACE(1, pParse, p, ("multiSelect UNION ALL left...\n"));
+        TREETRACE(0x200, pParse, p, ("multiSelect UNION ALL left...\n"));
         rc = sqlite3Select(pParse, pPrior, &dest);
         pPrior->pLimit = 0;
         if( rc ){
@@ -138490,7 +141947,7 @@ static int multiSelect(
           }
         }
         ExplainQueryPlan((pParse, 1, "UNION ALL"));
-        SELECTTRACE(1, pParse, p, ("multiSelect UNION ALL right...\n"));
+        TREETRACE(0x200, pParse, p, ("multiSelect UNION ALL right...\n"));
         rc = sqlite3Select(pParse, p, &dest);
         testcase( rc!=SQLITE_OK );
         pDelete = p->pPrior;
@@ -138543,7 +142000,7 @@ static int multiSelect(
         */
         assert( !pPrior->pOrderBy );
         sqlite3SelectDestInit(&uniondest, priorOp, unionTab);
-        SELECTTRACE(1, pParse, p, ("multiSelect EXCEPT/UNION left...\n"));
+        TREETRACE(0x200, pParse, p, ("multiSelect EXCEPT/UNION left...\n"));
         rc = sqlite3Select(pParse, pPrior, &uniondest);
         if( rc ){
           goto multi_select_end;
@@ -138563,7 +142020,7 @@ static int multiSelect(
         uniondest.eDest = op;
         ExplainQueryPlan((pParse, 1, "%s USING TEMP B-TREE",
                           sqlite3SelectOpName(p->op)));
-        SELECTTRACE(1, pParse, p, ("multiSelect EXCEPT/UNION right...\n"));
+        TREETRACE(0x200, pParse, p, ("multiSelect EXCEPT/UNION right...\n"));
         rc = sqlite3Select(pParse, p, &uniondest);
         testcase( rc!=SQLITE_OK );
         assert( p->pOrderBy==0 );
@@ -138624,7 +142081,7 @@ static int multiSelect(
         /* Code the SELECTs to our left into temporary table "tab1".
         */
         sqlite3SelectDestInit(&intersectdest, SRT_Union, tab1);
-        SELECTTRACE(1, pParse, p, ("multiSelect INTERSECT left...\n"));
+        TREETRACE(0x400, pParse, p, ("multiSelect INTERSECT left...\n"));
         rc = sqlite3Select(pParse, pPrior, &intersectdest);
         if( rc ){
           goto multi_select_end;
@@ -138641,7 +142098,7 @@ static int multiSelect(
         intersectdest.iSDParm = tab2;
         ExplainQueryPlan((pParse, 1, "%s USING TEMP B-TREE",
                           sqlite3SelectOpName(p->op)));
-        SELECTTRACE(1, pParse, p, ("multiSelect INTERSECT right...\n"));
+        TREETRACE(0x400, pParse, p, ("multiSelect INTERSECT right...\n"));
         rc = sqlite3Select(pParse, p, &intersectdest);
         testcase( rc!=SQLITE_OK );
         pDelete = p->pPrior;
@@ -139288,8 +142745,8 @@ static int multiSelectOrderBy(
   */
   sqlite3VdbeResolveLabel(v, labelEnd);
 
-  /* Reassemble the compound query so that it will be freed correctly
-  ** by the calling function */
+  /* Make arrangements to free the 2nd and subsequent arms of the compound
+  ** after the parse has finished */
   if( pSplit->pPrior ){
     sqlite3ParserAddCleanup(pParse,
        (void(*)(sqlite3*,void*))sqlite3SelectDelete, pSplit->pPrior);
@@ -139322,7 +142779,7 @@ static int multiSelectOrderBy(
 ** the left operands of a RIGHT JOIN.  In either case, we need to potentially
 ** bypass the substituted expression with OP_IfNullRow.
 **
-** Suppose the original expression integer constant.  Even though the table
+** Suppose the original expression is an integer constant. Even though the table
 ** has the nullRow flag set, because the expression is an integer constant,
 ** it will not be NULLed out.  So instead, we insert an OP_IfNullRow opcode
 ** that checks to see if the nullRow flag is set on the table.  If the nullRow
@@ -139348,6 +142805,7 @@ typedef struct SubstContext {
   int iNewTable;            /* New table number */
   int isOuterJoin;          /* Add TK_IF_NULL_ROW opcodes on each replacement */
   ExprList *pEList;         /* Replacement expressions */
+  ExprList *pCList;         /* Collation sequences for replacement expr */
 } SubstContext;
 
 /* Forward Declarations */
@@ -139389,19 +142847,23 @@ static Expr *substExpr(
 #endif
     {
       Expr *pNew;
-      Expr *pCopy = pSubst->pEList->a[pExpr->iColumn].pExpr;
+      int iColumn = pExpr->iColumn;
+      Expr *pCopy = pSubst->pEList->a[iColumn].pExpr;
       Expr ifNullRow;
-      assert( pSubst->pEList!=0 && pExpr->iColumnpEList->nExpr );
+      assert( pSubst->pEList!=0 && iColumnpEList->nExpr );
       assert( pExpr->pRight==0 );
       if( sqlite3ExprIsVector(pCopy) ){
         sqlite3VectorErrorMsg(pSubst->pParse, pCopy);
       }else{
         sqlite3 *db = pSubst->pParse->db;
-        if( pSubst->isOuterJoin && pCopy->op!=TK_COLUMN ){
+        if( pSubst->isOuterJoin
+         && (pCopy->op!=TK_COLUMN || pCopy->iTable!=pSubst->iNewTable)
+        ){
           memset(&ifNullRow, 0, sizeof(ifNullRow));
           ifNullRow.op = TK_IF_NULL_ROW;
           ifNullRow.pLeft = pCopy;
           ifNullRow.iTable = pSubst->iNewTable;
+          ifNullRow.iColumn = -99;
           ifNullRow.flags = EP_IfNullRow;
           pCopy = &ifNullRow;
         }
@@ -139428,11 +142890,16 @@ static Expr *substExpr(
 
         /* Ensure that the expression now has an implicit collation sequence,
         ** just as it did when it was a column of a view or sub-query. */
-        if( pExpr->op!=TK_COLUMN && pExpr->op!=TK_COLLATE ){
-          CollSeq *pColl = sqlite3ExprCollSeq(pSubst->pParse, pExpr);
-          pExpr = sqlite3ExprAddCollateString(pSubst->pParse, pExpr,
-              (pColl ? pColl->zName : "BINARY")
+        {
+          CollSeq *pNat = sqlite3ExprCollSeq(pSubst->pParse, pExpr);
+          CollSeq *pColl = sqlite3ExprCollSeq(pSubst->pParse,
+                pSubst->pCList->a[iColumn].pExpr
           );
+          if( pNat!=pColl || (pExpr->op!=TK_COLUMN && pExpr->op!=TK_COLLATE) ){
+            pExpr = sqlite3ExprAddCollateString(pSubst->pParse, pExpr,
+                (pColl ? pColl->zName : "BINARY")
+            );
+          }
         }
         ExprClearProperty(pExpr, EP_Collate);
       }
@@ -139625,6 +143092,46 @@ static void renumberCursors(
 }
 #endif /* !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW) */
 
+/*
+** If pSel is not part of a compound SELECT, return a pointer to its
+** expression list. Otherwise, return a pointer to the expression list
+** of the leftmost SELECT in the compound.
+*/
+static ExprList *findLeftmostExprlist(Select *pSel){
+  while( pSel->pPrior ){
+    pSel = pSel->pPrior;
+  }
+  return pSel->pEList;
+}
+
+/*
+** Return true if any of the result-set columns in the compound query
+** have incompatible affinities on one or more arms of the compound.
+*/
+static int compoundHasDifferentAffinities(Select *p){
+  int ii;
+  ExprList *pList;
+  assert( p!=0 );
+  assert( p->pEList!=0 );
+  assert( p->pPrior!=0 );
+  pList = p->pEList;
+  for(ii=0; iinExpr; ii++){
+    char aff;
+    Select *pSub1;
+    assert( pList->a[ii].pExpr!=0 );
+    aff = sqlite3ExprAffinity(pList->a[ii].pExpr);
+    for(pSub1=p->pPrior; pSub1; pSub1=pSub1->pPrior){
+      assert( pSub1->pEList!=0 );
+      assert( pSub1->pEList->nExpr>ii );
+      assert( pSub1->pEList->a[ii].pExpr!=0 );
+      if( sqlite3ExprAffinity(pSub1->pEList->a[ii].pExpr)!=aff ){
+        return 1;
+      }
+    }
+  }
+  return 0;
+}
+
 #if !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW)
 /*
 ** This routine attempts to flatten subqueries as a performance optimization.
@@ -139669,7 +143176,8 @@ static void renumberCursors(
 **        (3a) the subquery may not be a join and
 **        (3b) the FROM clause of the subquery may not contain a virtual
 **             table and
-**        (3c) the outer query may not be an aggregate.
+**        (**) Was: "The outer query may not have a GROUP BY." This case
+**             is now managed correctly
 **        (3d) the outer query may not be DISTINCT.
 **        See also (26) for restrictions on RIGHT JOIN.
 **
@@ -139726,6 +143234,8 @@ static void renumberCursors(
 **        (17g) either the subquery is the first element of the outer
 **              query or there are no RIGHT or FULL JOINs in any arm
 **              of the subquery.  (This is a duplicate of condition (27b).)
+**        (17h) The corresponding result set expressions in all arms of the
+**              compound must have the same affinity.
 **
 **        The parent and sub-query may contain WHERE clauses. Subject to
 **        rules (11), (13) and (14), they may also contain ORDER BY,
@@ -139777,19 +143287,13 @@ static void renumberCursors(
 **        See also (3) for restrictions on LEFT JOIN.
 **
 **  (27)  The subquery may not contain a FULL or RIGHT JOIN unless it
-**        is the first element of the parent query.  This must be the
-**        the case if:
-**        (27a) the subquery is not compound query, and
+**        is the first element of the parent query.  Two subcases:
+**        (27a) the subquery is not a compound query.
 **        (27b) the subquery is a compound query and the RIGHT JOIN occurs
 **              in any arm of the compound query.  (See also (17g).)
 **
 **  (28)  The subquery is not a MATERIALIZED CTE.
 **
-**  (29)  Either the subquery is not the right-hand operand of a join with an
-**        ON or USING clause nor the right-hand operand of a NATURAL JOIN, or
-**        the right-most table within the FROM clause of the subquery
-**        is not part of an outer join.
-**
 **
 ** In this routine, the "p" parameter is a pointer to the outer query.
 ** The subquery is p->pSrc->a[iFrom].  isAgg is true if the outer query
@@ -139881,16 +143385,10 @@ static int flattenSubquery(
   **
   ** which is not at all the same thing.
   **
-  ** If the subquery is the right operand of a LEFT JOIN, then the outer
-  ** query cannot be an aggregate. (3c)  This is an artifact of the way
-  ** aggregates are processed - there is no mechanism to determine if
-  ** the LEFT JOIN table should be all-NULL.
-  **
   ** See also tickets #306, #350, and #3300.
   */
   if( (pSubitem->fg.jointype & (JT_OUTER|JT_LTORJ))!=0 ){
     if( pSubSrc->nSrc>1                        /* (3a) */
-     || isAgg                                  /* (3c) */
      || IsVirtual(pSubSrc->a[0].pTab)          /* (3b) */
      || (p->selFlags & SF_Distinct)!=0         /* (3d) */
      || (pSubitem->fg.jointype & JT_RIGHT)!=0  /* (26) */
@@ -139899,15 +143397,6 @@ static int flattenSubquery(
     }
     isOuterJoin = 1;
   }
-#ifdef SQLITE_EXTRA_IFNULLROW
-  else if( iFrom>0 && !isAgg ){
-    /* Setting isOuterJoin to -1 causes OP_IfNullRow opcodes to be generated for
-    ** every reference to any result column from subquery in a join, even
-    ** though they are not necessary.  This will stress-test the OP_IfNullRow
-    ** opcode. */
-    isOuterJoin = -1;
-  }
-#endif
 
   assert( pSubSrc->nSrc>0 );  /* True by restriction (7) */
   if( iFrom>0 && (pSubSrc->a[0].fg.jointype & JT_LTORJ)!=0 ){
@@ -139917,41 +143406,13 @@ static int flattenSubquery(
     return 0;       /* (28) */
   }
 
-  /* Restriction (29):
-  **
-  ** We do not want two constraints on the same term of the flattened
-  ** query where one constraint has EP_InnerON and the other is EP_OuterON.
-  ** To prevent this, one or the other of the following conditions must be
-  ** false:
-  **
-  **   (29a)  The right-most entry in the FROM clause of the subquery
-  **          must not be part of an outer join.
-  **
-  **   (29b)  The subquery itself must not be the right operand of a
-  **          NATURAL join or a join that as an ON or USING clause.
-  **
-  ** These conditions are sufficient to keep an EP_OuterON from being
-  ** flattened into an EP_InnerON.  Restrictions (3a) and (27a) prevent
-  ** an EP_InnerON from being flattened into an EP_OuterON.
-  */
-  if( pSubSrc->nSrc>=2
-   && (pSubSrc->a[pSubSrc->nSrc-1].fg.jointype & JT_OUTER)!=0
-  ){
-    if( (pSubitem->fg.jointype & JT_NATURAL)!=0
-     || pSubitem->fg.isUsing
-     || NEVER(pSubitem->u3.pOn!=0) /* ON clause already shifted into WHERE */
-     || pSubitem->fg.isOn
-    ){
-      return 0;
-    }
-  }
-
   /* Restriction (17): If the sub-query is a compound SELECT, then it must
   ** use only the UNION ALL operator. And none of the simple select queries
   ** that make up the compound SELECT are allowed to be aggregate or distinct
   ** queries.
   */
   if( pSub->pPrior ){
+    int ii;
     if( pSub->pOrderBy ){
       return 0;  /* Restriction (20) */
     }
@@ -139984,7 +143445,6 @@ static int flattenSubquery(
 
     /* Restriction (18). */
     if( p->pOrderBy ){
-      int ii;
       for(ii=0; iipOrderBy->nExpr; ii++){
         if( p->pOrderBy->a[ii].u.x.iOrderByCol==0 ) return 0;
       }
@@ -139993,6 +143453,9 @@ static int flattenSubquery(
     /* Restriction (23) */
     if( (p->selFlags & SF_Recursive) ) return 0;
 
+    /* Restriction (17h) */
+    if( compoundHasDifferentAffinities(pSub) ) return 0;
+
     if( pSrc->nSrc>1 ){
       if( pParse->nSelect>500 ) return 0;
       if( OptimizationDisabled(db, SQLITE_FlttnUnionAll) ) return 0;
@@ -140002,7 +143465,7 @@ static int flattenSubquery(
   }
 
   /***** If we reach this point, flattening is permitted. *****/
-  SELECTTRACE(1,pParse,p,("flatten %u.%p from term %d\n",
+  TREETRACE(0x4,pParse,p,("flatten %u.%p from term %d\n",
                    pSub->selId, pSub, iFrom));
 
   /* Authorize the subquery */
@@ -140081,7 +143544,7 @@ static int flattenSubquery(
       if( pPrior ) pPrior->pNext = pNew;
       pNew->pNext = p;
       p->pPrior = pNew;
-      SELECTTRACE(2,pParse,p,("compound-subquery flattener"
+      TREETRACE(0x4,pParse,p,("compound-subquery flattener"
                               " creates %u as peer\n",pNew->selId));
     }
     assert( pSubitem->pSelect==0 );
@@ -140226,6 +143689,7 @@ static int flattenSubquery(
       x.iNewTable = iNewParent;
       x.isOuterJoin = isOuterJoin;
       x.pEList = pSub->pEList;
+      x.pCList = findLeftmostExprlist(pSub);
       substSelect(&x, pParent, 0);
     }
 
@@ -140245,7 +143709,7 @@ static int flattenSubquery(
       pSub->pLimit = 0;
     }
 
-    /* Recompute the SrcList_item.colUsed masks for the flattened
+    /* Recompute the SrcItem.colUsed masks for the flattened
     ** tables. */
     for(i=0; ia[i+iFrom]);
@@ -140260,8 +143724,8 @@ static int flattenSubquery(
   sqlite3SelectDelete(db, pSub1);
 
 #if TREETRACE_ENABLED
-  if( sqlite3TreeTrace & 0x100 ){
-    SELECTTRACE(0x100,pParse,p,("After flattening:\n"));
+  if( sqlite3TreeTrace & 0x4 ){
+    TREETRACE(0x4,pParse,p,("After flattening:\n"));
     sqlite3TreeViewSelect(0, p, 0);
   }
 #endif
@@ -140635,6 +144099,29 @@ static int pushDownWindowCheck(Parse *pParse, Select *pSubq, Expr *pExpr){
 **       be materialized.  (This restriction is implemented in the calling
 **       routine.)
 **
+**   (8) If the subquery is a compound that uses UNION, INTERSECT,
+**       or EXCEPT, then all of the result set columns for all arms of
+**       the compound must use the BINARY collating sequence.
+**
+**   (9) All three of the following are true:
+**
+**       (9a) The WHERE clause expression originates in the ON or USING clause
+**            of a join (either an INNER or an OUTER join), and
+**
+**       (9b) The subquery is to the right of the ON/USING clause
+**
+**       (9c) There is a RIGHT JOIN (or FULL JOIN) in between the ON/USING
+**            clause and the subquery.
+**
+**       Without this restriction, the push-down optimization might move
+**       the ON/USING filter expression from the left side of a RIGHT JOIN
+**       over to the right side, which leads to incorrect answers.  See
+**       also restriction (6) in sqlite3ExprIsSingleTableConstraint().
+**
+**  (10) The inner query is not the right-hand table of a RIGHT JOIN.
+**
+**  (11) The subquery is not a VALUES clause
+**
 ** Return 0 if no changes are made and non-zero if one or more WHERE clause
 ** terms are duplicated into the subquery.
 */
@@ -140642,24 +144129,56 @@ static int pushDownWhereTerms(
   Parse *pParse,        /* Parse context (for malloc() and error reporting) */
   Select *pSubq,        /* The subquery whose WHERE clause is to be augmented */
   Expr *pWhere,         /* The WHERE clause of the outer query */
-  SrcItem *pSrc         /* The subquery term of the outer FROM clause */
+  SrcList *pSrcList,    /* The complete from clause of the outer query */
+  int iSrc              /* Which FROM clause term to try to push into  */
 ){
   Expr *pNew;
+  SrcItem *pSrc;        /* The subquery FROM term into which WHERE is pushed */
   int nChng = 0;
+  pSrc = &pSrcList->a[iSrc];
   if( pWhere==0 ) return 0;
-  if( pSubq->selFlags & (SF_Recursive|SF_MultiPart) ) return 0;
-  if( pSrc->fg.jointype & (JT_LTORJ|JT_RIGHT) ) return 0;
+  if( pSubq->selFlags & (SF_Recursive|SF_MultiPart) ){
+    return 0;           /* restrictions (2) and (11) */
+  }
+  if( pSrc->fg.jointype & (JT_LTORJ|JT_RIGHT) ){
+    return 0;           /* restrictions (10) */
+  }
 
-#ifndef SQLITE_OMIT_WINDOWFUNC
   if( pSubq->pPrior ){
     Select *pSel;
+    int notUnionAll = 0;
     for(pSel=pSubq; pSel; pSel=pSel->pPrior){
+      u8 op = pSel->op;
+      assert( op==TK_ALL || op==TK_SELECT
+           || op==TK_UNION || op==TK_INTERSECT || op==TK_EXCEPT );
+      if( op!=TK_ALL && op!=TK_SELECT ){
+        notUnionAll = 1;
+      }
+#ifndef SQLITE_OMIT_WINDOWFUNC
       if( pSel->pWin ) return 0;    /* restriction (6b) */
+#endif
+    }
+    if( notUnionAll ){
+      /* If any of the compound arms are connected using UNION, INTERSECT,
+      ** or EXCEPT, then we must ensure that none of the columns use a
+      ** non-BINARY collating sequence. */
+      for(pSel=pSubq; pSel; pSel=pSel->pPrior){
+        int ii;
+        const ExprList *pList = pSel->pEList;
+        assert( pList!=0 );
+        for(ii=0; iinExpr; ii++){
+          CollSeq *pColl = sqlite3ExprCollSeq(pParse, pList->a[ii].pExpr);
+          if( !sqlite3IsBinary(pColl) ){
+            return 0;  /* Restriction (8) */
+          }
+        }
+      }
     }
   }else{
+#ifndef SQLITE_OMIT_WINDOWFUNC
     if( pSubq->pWin && pSubq->pWin->pPartition==0 ) return 0;
-  }
 #endif
+  }
 
 #ifdef SQLITE_DEBUG
   /* Only the first term of a compound can have a WITH clause.  But make
@@ -140678,11 +144197,28 @@ static int pushDownWhereTerms(
     return 0; /* restriction (3) */
   }
   while( pWhere->op==TK_AND ){
-    nChng += pushDownWhereTerms(pParse, pSubq, pWhere->pRight, pSrc);
+    nChng += pushDownWhereTerms(pParse, pSubq, pWhere->pRight, pSrcList, iSrc);
     pWhere = pWhere->pLeft;
   }
 
-#if 0  /* Legacy code. Checks now done by sqlite3ExprIsTableConstraint() */
+#if 0 /* These checks now done by sqlite3ExprIsSingleTableConstraint() */
+  if( ExprHasProperty(pWhere, EP_OuterON|EP_InnerON) /* (9a) */
+   && (pSrcList->a[0].fg.jointype & JT_LTORJ)!=0     /* Fast pre-test of (9c) */
+  ){
+    int jj;
+    for(jj=0; jjw.iJoin==pSrcList->a[jj].iCursor ){
+        /* If we reach this point, both (9a) and (9b) are satisfied.
+        ** The following loop checks (9c):
+        */
+        for(jj++; jja[jj].fg.jointype & JT_RIGHT)!=0 ){
+            return 0;  /* restriction (9) */
+          }
+        }
+      }
+    }
+  }
   if( isLeftJoin
    && (ExprHasProperty(pWhere,EP_OuterON)==0
          || pWhere->w.iJoin!=iCursor)
@@ -140696,7 +144232,7 @@ static int pushDownWhereTerms(
   }
 #endif
 
-  if( sqlite3ExprIsTableConstraint(pWhere, pSrc) ){
+  if( sqlite3ExprIsSingleTableConstraint(pWhere, pSrcList, iSrc) ){
     nChng++;
     pSubq->selFlags |= SF_PushDown;
     while( pSubq ){
@@ -140708,6 +144244,7 @@ static int pushDownWhereTerms(
       x.iNewTable = pSrc->iCursor;
       x.isOuterJoin = 0;
       x.pEList = pSubq->pEList;
+      x.pCList = findLeftmostExprlist(pSubq);
       pNew = substExpr(&x, pNew);
 #ifndef SQLITE_OMIT_WINDOWFUNC
       if( pSubq->pWin && 0==pushDownWindowCheck(pParse, pSubq, pNew) ){
@@ -140729,6 +144266,78 @@ static int pushDownWhereTerms(
 }
 #endif /* !defined(SQLITE_OMIT_SUBQUERY) || !defined(SQLITE_OMIT_VIEW) */
 
+/*
+** Check to see if a subquery contains result-set columns that are
+** never used.  If it does, change the value of those result-set columns
+** to NULL so that they do not cause unnecessary work to compute.
+**
+** Return the number of column that were changed to NULL.
+*/
+static int disableUnusedSubqueryResultColumns(SrcItem *pItem){
+  int nCol;
+  Select *pSub;      /* The subquery to be simplified */
+  Select *pX;        /* For looping over compound elements of pSub */
+  Table *pTab;       /* The table that describes the subquery */
+  int j;             /* Column number */
+  int nChng = 0;     /* Number of columns converted to NULL */
+  Bitmask colUsed;   /* Columns that may not be NULLed out */
+
+  assert( pItem!=0 );
+  if( pItem->fg.isCorrelated || pItem->fg.isCte ){
+    return 0;
+  }
+  assert( pItem->pTab!=0 );
+  pTab = pItem->pTab;
+  assert( pItem->pSelect!=0 );
+  pSub = pItem->pSelect;
+  assert( pSub->pEList->nExpr==pTab->nCol );
+  if( (pSub->selFlags & (SF_Distinct|SF_Aggregate))!=0 ){
+    testcase( pSub->selFlags & SF_Distinct );
+    testcase( pSub->selFlags & SF_Aggregate );
+    return 0;
+  }
+  for(pX=pSub; pX; pX=pX->pPrior){
+    if( pX->pPrior && pX->op!=TK_ALL ){
+      /* This optimization does not work for compound subqueries that
+      ** use UNION, INTERSECT, or EXCEPT.  Only UNION ALL is allowed. */
+      return 0;
+    }
+#ifndef SQLITE_OMIT_WINDOWFUNC
+    if( pX->pWin ){
+      /* This optimization does not work for subqueries that use window
+      ** functions. */
+      return 0;
+    }
+#endif
+  }
+  colUsed = pItem->colUsed;
+  if( pSub->pOrderBy ){
+    ExprList *pList = pSub->pOrderBy;
+    for(j=0; jnExpr; j++){
+      u16 iCol = pList->a[j].u.x.iOrderByCol;
+      if( iCol>0 ){
+        iCol--;
+        colUsed |= ((Bitmask)1)<<(iCol>=BMS ? BMS-1 : iCol);
+      }
+    }
+  }
+  nCol = pTab->nCol;
+  for(j=0; jpPrior) {
+      Expr *pY = pX->pEList->a[j].pExpr;
+      if( pY->op==TK_NULL ) continue;
+      pY->op = TK_NULL;
+      ExprClearProperty(pY, EP_Skip|EP_Unlikely);
+      pX->selFlags |= SF_PushDown;
+      nChng++;
+    }
+  }
+  return nChng;
+}
+
+
 /*
 ** The pFunc is the only aggregate function in the query.  Check to see
 ** if the query is a candidate for the min/max optimization.
@@ -141120,9 +144729,6 @@ static int resolveFromTermToCte(
     pFrom->fg.isCte = 1;
     pFrom->u2.pCteUse = pCteUse;
     pCteUse->nUse++;
-    if( pCteUse->nUse>=2 && pCteUse->eM10d==M10d_Any ){
-      pCteUse->eM10d = M10d_Yes;
-    }
 
     /* Check if this is a recursive CTE. */
     pRecTerm = pSel = pFrom->pSelect;
@@ -141232,9 +144838,9 @@ SQLITE_PRIVATE void sqlite3SelectPopWith(Walker *pWalker, Select *p){
 #endif
 
 /*
-** The SrcList_item structure passed as the second argument represents a
+** The SrcItem structure passed as the second argument represents a
 ** sub-query in the FROM clause of a SELECT statement. This function
-** allocates and populates the SrcList_item.pTab object. If successful,
+** allocates and populates the SrcItem.pTab object. If successful,
 ** SQLITE_OK is returned. Otherwise, if an OOM error is encountered,
 ** SQLITE_NOMEM.
 */
@@ -141662,8 +145268,8 @@ static int selectExpander(Walker *pWalker, Select *p){
     }
   }
 #if TREETRACE_ENABLED
-  if( sqlite3TreeTrace & 0x100 ){
-    SELECTTRACE(0x100,pParse,p,("After result-set wildcard expansion:\n"));
+  if( sqlite3TreeTrace & 0x8 ){
+    TREETRACE(0x8,pParse,p,("After result-set wildcard expansion:\n"));
     sqlite3TreeViewSelect(0, p, 0);
   }
 #endif
@@ -141714,14 +145320,14 @@ static void sqlite3SelectExpand(Parse *pParse, Select *pSelect){
 ** This is a Walker.xSelectCallback callback for the sqlite3SelectTypeInfo()
 ** interface.
 **
-** For each FROM-clause subquery, add Column.zType and Column.zColl
-** information to the Table structure that represents the result set
-** of that subquery.
+** For each FROM-clause subquery, add Column.zType, Column.zColl, and
+** Column.affinity information to the Table structure that represents
+** the result set of that subquery.
 **
 ** The Table structure that represents the result set was constructed
-** by selectExpander() but the type and collation information was omitted
-** at that point because identifiers had not yet been resolved.  This
-** routine is called after identifier resolution.
+** by selectExpander() but the type and collation and affinity information
+** was omitted at that point because identifiers had not yet been resolved.
+** This routine is called after identifier resolution.
 */
 static void selectAddSubqueryTypeInfo(Walker *pWalker, Select *p){
   Parse *pParse;
@@ -141741,9 +145347,7 @@ static void selectAddSubqueryTypeInfo(Walker *pWalker, Select *p){
       /* A sub-query in the FROM clause of a SELECT */
       Select *pSel = pFrom->pSelect;
       if( pSel ){
-        while( pSel->pPrior ) pSel = pSel->pPrior;
-        sqlite3SelectAddColumnTypeAndCollation(pParse, pTab, pSel,
-                                               SQLITE_AFF_NONE);
+        sqlite3SubqueryColumnTypes(pParse, pTab, pSel, SQLITE_AFF_NONE);
       }
     }
   }
@@ -141798,6 +145402,178 @@ SQLITE_PRIVATE void sqlite3SelectPrep(
   sqlite3SelectAddTypeInfo(pParse, p);
 }
 
+#if TREETRACE_ENABLED
+/*
+** Display all information about an AggInfo object
+*/
+static void printAggInfo(AggInfo *pAggInfo){
+  int ii;
+  for(ii=0; iinColumn; ii++){
+    struct AggInfo_col *pCol = &pAggInfo->aCol[ii];
+    sqlite3DebugPrintf(
+       "agg-column[%d] pTab=%s iTable=%d iColumn=%d iMem=%d"
+       " iSorterColumn=%d %s\n",
+       ii, pCol->pTab ? pCol->pTab->zName : "NULL",
+       pCol->iTable, pCol->iColumn, pAggInfo->iFirstReg+ii,
+       pCol->iSorterColumn,
+       ii>=pAggInfo->nAccumulator ? "" : " Accumulator");
+    sqlite3TreeViewExpr(0, pAggInfo->aCol[ii].pCExpr, 0);
+  }
+  for(ii=0; iinFunc; ii++){
+    sqlite3DebugPrintf("agg-func[%d]: iMem=%d\n",
+        ii, pAggInfo->iFirstReg+pAggInfo->nColumn+ii);
+    sqlite3TreeViewExpr(0, pAggInfo->aFunc[ii].pFExpr, 0);
+  }
+}
+#endif /* TREETRACE_ENABLED */
+
+/*
+** Analyze the arguments to aggregate functions.  Create new pAggInfo->aCol[]
+** entries for columns that are arguments to aggregate functions but which
+** are not otherwise used.
+**
+** The aCol[] entries in AggInfo prior to nAccumulator are columns that
+** are referenced outside of aggregate functions.  These might be columns
+** that are part of the GROUP by clause, for example.  Other database engines
+** would throw an error if there is a column reference that is not in the
+** GROUP BY clause and that is not part of an aggregate function argument.
+** But SQLite allows this.
+**
+** The aCol[] entries beginning with the aCol[nAccumulator] and following
+** are column references that are used exclusively as arguments to
+** aggregate functions.  This routine is responsible for computing
+** (or recomputing) those aCol[] entries.
+*/
+static void analyzeAggFuncArgs(
+  AggInfo *pAggInfo,
+  NameContext *pNC
+){
+  int i;
+  assert( pAggInfo!=0 );
+  assert( pAggInfo->iFirstReg==0 );
+  pNC->ncFlags |= NC_InAggFunc;
+  for(i=0; inFunc; i++){
+    Expr *pExpr = pAggInfo->aFunc[i].pFExpr;
+    assert( ExprUseXList(pExpr) );
+    sqlite3ExprAnalyzeAggList(pNC, pExpr->x.pList);
+#ifndef SQLITE_OMIT_WINDOWFUNC
+    assert( !IsWindowFunc(pExpr) );
+    if( ExprHasProperty(pExpr, EP_WinFunc) ){
+      sqlite3ExprAnalyzeAggregates(pNC, pExpr->y.pWin->pFilter);
+    }
+#endif
+  }
+  pNC->ncFlags &= ~NC_InAggFunc;
+}
+
+/*
+** An index on expressions is being used in the inner loop of an
+** aggregate query with a GROUP BY clause.  This routine attempts
+** to adjust the AggInfo object to take advantage of index and to
+** perhaps use the index as a covering index.
+**
+*/
+static void optimizeAggregateUseOfIndexedExpr(
+  Parse *pParse,          /* Parsing context */
+  Select *pSelect,        /* The SELECT statement being processed */
+  AggInfo *pAggInfo,      /* The aggregate info */
+  NameContext *pNC        /* Name context used to resolve agg-func args */
+){
+  assert( pAggInfo->iFirstReg==0 );
+  assert( pSelect!=0 );
+  assert( pSelect->pGroupBy!=0 );
+  pAggInfo->nColumn = pAggInfo->nAccumulator;
+  if( ALWAYS(pAggInfo->nSortingColumn>0) ){
+    int mx = pSelect->pGroupBy->nExpr - 1;
+    int j, k;
+    for(j=0; jnColumn; j++){
+      k = pAggInfo->aCol[j].iSorterColumn;
+      if( k>mx ) mx = k;
+    }
+    pAggInfo->nSortingColumn = mx+1;
+  }
+  analyzeAggFuncArgs(pAggInfo, pNC);
+#if TREETRACE_ENABLED
+  if( sqlite3TreeTrace & 0x20 ){
+    IndexedExpr *pIEpr;
+    TREETRACE(0x20, pParse, pSelect,
+        ("AggInfo (possibly) adjusted for Indexed Exprs\n"));
+    sqlite3TreeViewSelect(0, pSelect, 0);
+    for(pIEpr=pParse->pIdxEpr; pIEpr; pIEpr=pIEpr->pIENext){
+      printf("data-cursor=%d index={%d,%d}\n",
+          pIEpr->iDataCur, pIEpr->iIdxCur, pIEpr->iIdxCol);
+      sqlite3TreeViewExpr(0, pIEpr->pExpr, 0);
+    }
+    printAggInfo(pAggInfo);
+  }
+#else
+  UNUSED_PARAMETER(pSelect);
+  UNUSED_PARAMETER(pParse);
+#endif
+}
+
+/*
+** Walker callback for aggregateConvertIndexedExprRefToColumn().
+*/
+static int aggregateIdxEprRefToColCallback(Walker *pWalker, Expr *pExpr){
+  AggInfo *pAggInfo;
+  struct AggInfo_col *pCol;
+  UNUSED_PARAMETER(pWalker);
+  if( pExpr->pAggInfo==0 ) return WRC_Continue;
+  if( pExpr->op==TK_AGG_COLUMN ) return WRC_Continue;
+  if( pExpr->op==TK_AGG_FUNCTION ) return WRC_Continue;
+  if( pExpr->op==TK_IF_NULL_ROW ) return WRC_Continue;
+  pAggInfo = pExpr->pAggInfo;
+  if( NEVER(pExpr->iAgg>=pAggInfo->nColumn) ) return WRC_Continue;
+  assert( pExpr->iAgg>=0 );
+  pCol = &pAggInfo->aCol[pExpr->iAgg];
+  pExpr->op = TK_AGG_COLUMN;
+  pExpr->iTable = pCol->iTable;
+  pExpr->iColumn = pCol->iColumn;
+  ExprClearProperty(pExpr, EP_Skip|EP_Collate);
+  return WRC_Prune;
+}
+
+/*
+** Convert every pAggInfo->aFunc[].pExpr such that any node within
+** those expressions that has pAppInfo set is changed into a TK_AGG_COLUMN
+** opcode.
+*/
+static void aggregateConvertIndexedExprRefToColumn(AggInfo *pAggInfo){
+  int i;
+  Walker w;
+  memset(&w, 0, sizeof(w));
+  w.xExprCallback = aggregateIdxEprRefToColCallback;
+  for(i=0; inFunc; i++){
+    sqlite3WalkExpr(&w, pAggInfo->aFunc[i].pFExpr);
+  }
+}
+
+
+/*
+** Allocate a block of registers so that there is one register for each
+** pAggInfo->aCol[] and pAggInfo->aFunc[] entry in pAggInfo.  The first
+** register in this block is stored in pAggInfo->iFirstReg.
+**
+** This routine may only be called once for each AggInfo object.  Prior
+** to calling this routine:
+**
+**     *  The aCol[] and aFunc[] arrays may be modified
+**     *  The AggInfoColumnReg() and AggInfoFuncReg() macros may not be used
+**
+** After clling this routine:
+**
+**     *  The aCol[] and aFunc[] arrays are fixed
+**     *  The AggInfoColumnReg() and AggInfoFuncReg() macros may be used
+**
+*/
+static void assignAggregateRegisters(Parse *pParse, AggInfo *pAggInfo){
+  assert( pAggInfo!=0 );
+  assert( pAggInfo->iFirstReg==0 );
+  pAggInfo->iFirstReg = pParse->nMem + 1;
+  pParse->nMem += pAggInfo->nColumn + pAggInfo->nFunc;
+}
+
 /*
 ** Reset the aggregate accumulator.
 **
@@ -141811,24 +145587,13 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
   int i;
   struct AggInfo_func *pFunc;
   int nReg = pAggInfo->nFunc + pAggInfo->nColumn;
+  assert( pAggInfo->iFirstReg>0 );
   assert( pParse->db->pParse==pParse );
   assert( pParse->db->mallocFailed==0 || pParse->nErr!=0 );
   if( nReg==0 ) return;
   if( pParse->nErr ) return;
-#ifdef SQLITE_DEBUG
-  /* Verify that all AggInfo registers are within the range specified by
-  ** AggInfo.mnReg..AggInfo.mxReg */
-  assert( nReg==pAggInfo->mxReg-pAggInfo->mnReg+1 );
-  for(i=0; inColumn; i++){
-    assert( pAggInfo->aCol[i].iMem>=pAggInfo->mnReg
-         && pAggInfo->aCol[i].iMem<=pAggInfo->mxReg );
-  }
-  for(i=0; inFunc; i++){
-    assert( pAggInfo->aFunc[i].iMem>=pAggInfo->mnReg
-         && pAggInfo->aFunc[i].iMem<=pAggInfo->mxReg );
-  }
-#endif
-  sqlite3VdbeAddOp3(v, OP_Null, 0, pAggInfo->mnReg, pAggInfo->mxReg);
+  sqlite3VdbeAddOp3(v, OP_Null, 0, pAggInfo->iFirstReg,
+                    pAggInfo->iFirstReg+nReg-1);
   for(pFunc=pAggInfo->aFunc, i=0; inFunc; i++, pFunc++){
     if( pFunc->iDistinct>=0 ){
       Expr *pE = pFunc->pFExpr;
@@ -141860,15 +145625,16 @@ static void finalizeAggFunctions(Parse *pParse, AggInfo *pAggInfo){
     ExprList *pList;
     assert( ExprUseXList(pF->pFExpr) );
     pList = pF->pFExpr->x.pList;
-    sqlite3VdbeAddOp2(v, OP_AggFinal, pF->iMem, pList ? pList->nExpr : 0);
+    sqlite3VdbeAddOp2(v, OP_AggFinal, AggInfoFuncReg(pAggInfo,i),
+                      pList ? pList->nExpr : 0);
     sqlite3VdbeAppendP4(v, pF->pFunc, P4_FUNCDEF);
   }
 }
 
 
 /*
-** Update the accumulator memory cells for an aggregate based on
-** the current cursor position.
+** Generate code that will update the accumulator memory cells for an
+** aggregate based on the current cursor position.
 **
 ** If regAcc is non-zero and there are no min() or max() aggregates
 ** in pAggInfo, then only populate the pAggInfo->nAccumulator accumulator
@@ -141888,6 +145654,8 @@ static void updateAccumulator(
   struct AggInfo_func *pF;
   struct AggInfo_col *pC;
 
+  assert( pAggInfo->iFirstReg>0 );
+  if( pParse->nErr ) return;
   pAggInfo->directMode = 1;
   for(i=0, pF=pAggInfo->aFunc; inFunc; i++, pF++){
     int nArg;
@@ -141948,7 +145716,7 @@ static void updateAccumulator(
       if( regHit==0 && pAggInfo->nAccumulator ) regHit = ++pParse->nMem;
       sqlite3VdbeAddOp4(v, OP_CollSeq, regHit, 0, 0, (char *)pColl, P4_COLLSEQ);
     }
-    sqlite3VdbeAddOp3(v, OP_AggStep, 0, regAgg, pF->iMem);
+    sqlite3VdbeAddOp3(v, OP_AggStep, 0, regAgg, AggInfoFuncReg(pAggInfo,i));
     sqlite3VdbeAppendP4(v, pF->pFunc, P4_FUNCDEF);
     sqlite3VdbeChangeP5(v, (u8)nArg);
     sqlite3ReleaseTempRange(pParse, regAgg, nArg);
@@ -141963,7 +145731,7 @@ static void updateAccumulator(
     addrHitTest = sqlite3VdbeAddOp1(v, OP_If, regHit); VdbeCoverage(v);
   }
   for(i=0, pC=pAggInfo->aCol; inAccumulator; i++, pC++){
-    sqlite3ExprCode(pParse, pC->pCExpr, pC->iMem);
+    sqlite3ExprCode(pParse, pC->pCExpr, AggInfoColumnReg(pAggInfo,i));
   }
 
   pAggInfo->directMode = 0;
@@ -142059,26 +145827,31 @@ static void havingToWhere(Parse *pParse, Select *p){
   sqlite3WalkExpr(&sWalker, p->pHaving);
 #if TREETRACE_ENABLED
   if( sWalker.eCode && (sqlite3TreeTrace & 0x100)!=0 ){
-    SELECTTRACE(0x100,pParse,p,("Move HAVING terms into WHERE:\n"));
+    TREETRACE(0x100,pParse,p,("Move HAVING terms into WHERE:\n"));
     sqlite3TreeViewSelect(0, p, 0);
   }
 #endif
 }
 
 /*
-** Check to see if the pThis entry of pTabList is a self-join of a prior view.
-** If it is, then return the SrcList_item for the prior view.  If it is not,
-** then return 0.
+** Check to see if the pThis entry of pTabList is a self-join of another view.
+** Search FROM-clause entries in the range of iFirst..iEnd, including iFirst
+** but stopping before iEnd.
+**
+** If pThis is a self-join, then return the SrcItem for the first other
+** instance of that view found.  If pThis is not a self-join then return 0.
 */
 static SrcItem *isSelfJoinView(
   SrcList *pTabList,           /* Search for self-joins in this FROM clause */
-  SrcItem *pThis               /* Search for prior reference to this subquery */
+  SrcItem *pThis,              /* Search for prior reference to this subquery */
+  int iFirst, int iEnd        /* Range of FROM-clause entries to search. */
 ){
   SrcItem *pItem;
   assert( pThis->pSelect!=0 );
   if( pThis->pSelect->selFlags & SF_PushDown ) return 0;
-  for(pItem = pTabList->a; pItema[iFirst++];
     if( pItem->pSelect==0 ) continue;
     if( pItem->fg.viaCoroutine ) continue;
     if( pItem->zName==0 ) continue;
@@ -142111,7 +145884,6 @@ static void agginfoFree(sqlite3 *db, AggInfo *p){
   sqlite3DbFreeNN(db, p);
 }
 
-#ifdef SQLITE_COUNTOFVIEW_OPTIMIZATION
 /*
 ** Attempt to transform a query of the form
 **
@@ -142139,7 +145911,9 @@ static int countOfViewOptimization(Parse *pParse, Select *p){
   if( (p->selFlags & SF_Aggregate)==0 ) return 0;   /* This is an aggregate */
   if( p->pEList->nExpr!=1 ) return 0;               /* Single result column */
   if( p->pWhere ) return 0;
+  if( p->pHaving ) return 0;
   if( p->pGroupBy ) return 0;
+  if( p->pOrderBy ) return 0;
   pExpr = p->pEList->a[0].pExpr;
   if( pExpr->op!=TK_AGG_FUNCTION ) return 0;        /* Result is an aggregate */
   assert( ExprUseUToken(pExpr) );
@@ -142147,15 +145921,18 @@ static int countOfViewOptimization(Parse *pParse, Select *p){
   assert( ExprUseXList(pExpr) );
   if( pExpr->x.pList!=0 ) return 0;                 /* Must be count(*) */
   if( p->pSrc->nSrc!=1 ) return 0;                  /* One table in FROM  */
+  if( ExprHasProperty(pExpr, EP_WinFunc) ) return 0;/* Not a window function */
   pSub = p->pSrc->a[0].pSelect;
   if( pSub==0 ) return 0;                           /* The FROM is a subquery */
-  if( pSub->pPrior==0 ) return 0;                   /* Must be a compound ry */
+  if( pSub->pPrior==0 ) return 0;                   /* Must be a compound */
+  if( pSub->selFlags & SF_CopyCte ) return 0;       /* Not a CTE */
   do{
     if( pSub->op!=TK_ALL && pSub->pPrior ) return 0;  /* Must be UNION ALL */
     if( pSub->pWhere ) return 0;                      /* No WHERE clause */
     if( pSub->pLimit ) return 0;                      /* No LIMIT clause */
     if( pSub->selFlags & SF_Aggregate ) return 0;     /* Not an aggregate */
-    pSub = pSub->pPrior;                              /* Repeat over compound */
+    assert( pSub->pHaving==0 );  /* Due to the previous */
+   pSub = pSub->pPrior;                              /* Repeat over compound */
   }while( pSub );
 
   /* If we reach this point then it is OK to perform the transformation */
@@ -142191,14 +145968,13 @@ static int countOfViewOptimization(Parse *pParse, Select *p){
   p->selFlags &= ~SF_Aggregate;
 
 #if TREETRACE_ENABLED
-  if( sqlite3TreeTrace & 0x400 ){
-    SELECTTRACE(0x400,pParse,p,("After count-of-view optimization:\n"));
+  if( sqlite3TreeTrace & 0x200 ){
+    TREETRACE(0x200,pParse,p,("After count-of-view optimization:\n"));
     sqlite3TreeViewSelect(0, p, 0);
   }
 #endif
   return 1;
 }
-#endif /* SQLITE_COUNTOFVIEW_OPTIMIZATION */
 
 /*
 ** If any term of pSrc, or any SF_NestedFrom sub-query, is not the same
@@ -142223,6 +145999,68 @@ static int sameSrcAlias(SrcItem *p0, SrcList *pSrc){
   return 0;
 }
 
+/*
+** Return TRUE (non-zero) if the i-th entry in the pTabList SrcList can
+** be implemented as a co-routine.  The i-th entry is guaranteed to be
+** a subquery.
+**
+** The subquery is implemented as a co-routine if all of the following are
+** true:
+**
+**    (1)  The subquery will likely be implemented in the outer loop of
+**         the query.  This will be the case if any one of the following
+**         conditions hold:
+**         (a)  The subquery is the only term in the FROM clause
+**         (b)  The subquery is the left-most term and a CROSS JOIN or similar
+**              requires it to be the outer loop
+**         (c)  All of the following are true:
+**                (i) The subquery is the left-most subquery in the FROM clause
+**               (ii) There is nothing that would prevent the subquery from
+**                    being used as the outer loop if the sqlite3WhereBegin()
+**                    routine nominates it to that position.
+**              (iii) The query is not a UPDATE ... FROM
+**    (2)  The subquery is not a CTE that should be materialized because
+**         (a) the AS MATERIALIZED keyword is used, or
+**         (b) the CTE is used multiple times and does not have the
+**             NOT MATERIALIZED keyword
+**    (3)  The subquery is not part of a left operand for a RIGHT JOIN
+**    (4)  The SQLITE_Coroutine optimization disable flag is not set
+**    (5)  The subquery is not self-joined
+*/
+static int fromClauseTermCanBeCoroutine(
+  Parse *pParse,          /* Parsing context */
+  SrcList *pTabList,      /* FROM clause */
+  int i,                  /* Which term of the FROM clause holds the subquery */
+  int selFlags            /* Flags on the SELECT statement */
+){
+  SrcItem *pItem = &pTabList->a[i];
+  if( pItem->fg.isCte ){
+    const CteUse *pCteUse = pItem->u2.pCteUse;
+    if( pCteUse->eM10d==M10d_Yes ) return 0;                          /* (2a) */
+    if( pCteUse->nUse>=2 && pCteUse->eM10d!=M10d_No ) return 0;       /* (2b) */
+  }
+  if( pTabList->a[0].fg.jointype & JT_LTORJ ) return 0;               /* (3)  */
+  if( OptimizationDisabled(pParse->db, SQLITE_Coroutines) ) return 0; /* (4)  */
+  if( isSelfJoinView(pTabList, pItem, i+1, pTabList->nSrc)!=0 ){
+    return 0;                                                          /* (5) */
+  }
+  if( i==0 ){
+    if( pTabList->nSrc==1 ) return 1;                             /* (1a) */
+    if( pTabList->a[1].fg.jointype & JT_CROSS ) return 1;         /* (1b) */
+    if( selFlags & SF_UpdateFrom )              return 0;         /* (1c-iii) */
+    return 1;
+  }
+  if( selFlags & SF_UpdateFrom ) return 0;                        /* (1c-iii) */
+  while( 1 /*exit-by-break*/ ){
+    if( pItem->fg.jointype & (JT_OUTER|JT_CROSS)  ) return 0;     /* (1c-ii) */
+    if( i==0 ) break;
+    i--;
+    pItem--;
+    if( pItem->pSelect!=0 ) return 0;                             /* (1c-i) */
+  }
+  return 1;
+}
+
 /*
 ** Generate code for the SELECT statement given in the p argument.
 **
@@ -142268,8 +146106,8 @@ SQLITE_PRIVATE int sqlite3Select(
   assert( db->mallocFailed==0 );
   if( sqlite3AuthCheck(pParse, SQLITE_SELECT, 0, 0, 0) ) return 1;
 #if TREETRACE_ENABLED
-  SELECTTRACE(1,pParse,p, ("begin processing:\n", pParse->addrExplain));
-  if( sqlite3TreeTrace & 0x10100 ){
+  TREETRACE(0x1,pParse,p, ("begin processing:\n", pParse->addrExplain));
+  if( sqlite3TreeTrace & 0x10000 ){
     if( (sqlite3TreeTrace & 0x10001)==0x10000 ){
       sqlite3TreeViewLine(0, "In sqlite3Select() at %s:%d",
                            __FILE__, __LINE__);
@@ -142289,8 +146127,8 @@ SQLITE_PRIVATE int sqlite3Select(
     /* All of these destinations are also able to ignore the ORDER BY clause */
     if( p->pOrderBy ){
 #if TREETRACE_ENABLED
-      SELECTTRACE(1,pParse,p, ("dropping superfluous ORDER BY:\n"));
-      if( sqlite3TreeTrace & 0x100 ){
+      TREETRACE(0x800,pParse,p, ("dropping superfluous ORDER BY:\n"));
+      if( sqlite3TreeTrace & 0x800 ){
         sqlite3TreeViewExprList(0, p->pOrderBy, 0, "ORDERBY");
       }
 #endif
@@ -142310,8 +146148,8 @@ SQLITE_PRIVATE int sqlite3Select(
   assert( db->mallocFailed==0 );
   assert( p->pEList!=0 );
 #if TREETRACE_ENABLED
-  if( sqlite3TreeTrace & 0x104 ){
-    SELECTTRACE(0x104,pParse,p, ("after name resolution:\n"));
+  if( sqlite3TreeTrace & 0x10 ){
+    TREETRACE(0x10,pParse,p, ("after name resolution:\n"));
     sqlite3TreeViewSelect(0, p, 0);
   }
 #endif
@@ -142352,8 +146190,8 @@ SQLITE_PRIVATE int sqlite3Select(
     goto select_end;
   }
 #if TREETRACE_ENABLED
-  if( p->pWin && (sqlite3TreeTrace & 0x108)!=0 ){
-    SELECTTRACE(0x104,pParse,p, ("after window rewrite:\n"));
+  if( p->pWin && (sqlite3TreeTrace & 0x40)!=0 ){
+    TREETRACE(0x40,pParse,p, ("after window rewrite:\n"));
     sqlite3TreeViewSelect(0, p, 0);
   }
 #endif
@@ -142384,7 +146222,7 @@ SQLITE_PRIVATE int sqlite3Select(
      && sqlite3ExprImpliesNonNullRow(p->pWhere, pItem->iCursor)
      && OptimizationEnabled(db, SQLITE_SimplifyJoin)
     ){
-      SELECTTRACE(0x100,pParse,p,
+      TREETRACE(0x1000,pParse,p,
                 ("LEFT-JOIN simplifies to JOIN on term %d\n",i));
       pItem->fg.jointype &= ~(JT_LEFT|JT_OUTER);
       assert( pItem->iCursor>=0 );
@@ -142392,7 +146230,7 @@ SQLITE_PRIVATE int sqlite3Select(
                     pTabList->a[0].fg.jointype & JT_LTORJ);
     }
 
-    /* No futher action if this term of the FROM clause is no a subquery */
+    /* No futher action if this term of the FROM clause is not a subquery */
     if( pSub==0 ) continue;
 
     /* Catch mismatch in the declared columns of a view and the number of
@@ -142440,7 +146278,7 @@ SQLITE_PRIVATE int sqlite3Select(
      && (p->selFlags & SF_OrderByReqd)==0         /* Condition (3) and (4) */
      && OptimizationEnabled(db, SQLITE_OmitOrderBy)
     ){
-      SELECTTRACE(0x100,pParse,p,
+      TREETRACE(0x800,pParse,p,
                 ("omit superfluous ORDER BY on %r FROM-clause subquery\n",i+1));
       sqlite3ParserAddCleanup(pParse,
          (void(*)(sqlite3*,void*))sqlite3ExprListDelete,
@@ -142495,8 +146333,8 @@ SQLITE_PRIVATE int sqlite3Select(
   if( p->pPrior ){
     rc = multiSelect(pParse, p, pDest);
 #if TREETRACE_ENABLED
-    SELECTTRACE(0x1,pParse,p,("end compound-select processing\n"));
-    if( (sqlite3TreeTrace & 0x2000)!=0 && ExplainQueryPlanParent(pParse)==0 ){
+    TREETRACE(0x400,pParse,p,("end compound-select processing\n"));
+    if( (sqlite3TreeTrace & 0x400)!=0 && ExplainQueryPlanParent(pParse)==0 ){
       sqlite3TreeViewSelect(0, p, 0);
     }
 #endif
@@ -142516,24 +146354,21 @@ SQLITE_PRIVATE int sqlite3Select(
    && propagateConstants(pParse, p)
   ){
 #if TREETRACE_ENABLED
-    if( sqlite3TreeTrace & 0x100 ){
-      SELECTTRACE(0x100,pParse,p,("After constant propagation:\n"));
+    if( sqlite3TreeTrace & 0x2000 ){
+      TREETRACE(0x2000,pParse,p,("After constant propagation:\n"));
       sqlite3TreeViewSelect(0, p, 0);
     }
 #endif
   }else{
-    SELECTTRACE(0x100,pParse,p,("Constant propagation not helpful\n"));
+    TREETRACE(0x2000,pParse,p,("Constant propagation not helpful\n"));
   }
 
-#ifdef SQLITE_COUNTOFVIEW_OPTIMIZATION
   if( OptimizationEnabled(db, SQLITE_QueryFlattener|SQLITE_CountOfView)
    && countOfViewOptimization(pParse, p)
   ){
     if( db->mallocFailed ) goto select_end;
-    pEList = p->pEList;
     pTabList = p->pSrc;
   }
-#endif
 
   /* For each term in the FROM clause, do two things:
   ** (1) Authorized unreferenced tables
@@ -142592,39 +146427,42 @@ SQLITE_PRIVATE int sqlite3Select(
     if( OptimizationEnabled(db, SQLITE_PushDown)
      && (pItem->fg.isCte==0
          || (pItem->u2.pCteUse->eM10d!=M10d_Yes && pItem->u2.pCteUse->nUse<2))
-     && pushDownWhereTerms(pParse, pSub, p->pWhere, pItem)
+     && pushDownWhereTerms(pParse, pSub, p->pWhere, pTabList, i)
     ){
 #if TREETRACE_ENABLED
-      if( sqlite3TreeTrace & 0x100 ){
-        SELECTTRACE(0x100,pParse,p,
+      if( sqlite3TreeTrace & 0x4000 ){
+        TREETRACE(0x4000,pParse,p,
             ("After WHERE-clause push-down into subquery %d:\n", pSub->selId));
         sqlite3TreeViewSelect(0, p, 0);
       }
 #endif
       assert( pItem->pSelect && (pItem->pSelect->selFlags & SF_PushDown)!=0 );
     }else{
-      SELECTTRACE(0x100,pParse,p,("Push-down not possible\n"));
+      TREETRACE(0x4000,pParse,p,("Push-down not possible\n"));
+    }
+
+    /* Convert unused result columns of the subquery into simple NULL
+    ** expressions, to avoid unneeded searching and computation.
+    */
+    if( OptimizationEnabled(db, SQLITE_NullUnusedCols)
+     && disableUnusedSubqueryResultColumns(pItem)
+    ){
+#if TREETRACE_ENABLED
+      if( sqlite3TreeTrace & 0x4000 ){
+        TREETRACE(0x4000,pParse,p,
+            ("Change unused result columns to NULL for subquery %d:\n",
+             pSub->selId));
+        sqlite3TreeViewSelect(0, p, 0);
+      }
+#endif
     }
 
     zSavedAuthContext = pParse->zAuthContext;
     pParse->zAuthContext = pItem->zName;
 
     /* Generate code to implement the subquery
-    **
-    ** The subquery is implemented as a co-routine if all of the following are
-    ** true:
-    **
-    **    (1)  the subquery is guaranteed to be the outer loop (so that
-    **         it does not need to be computed more than once), and
-    **    (2)  the subquery is not a CTE that should be materialized
-    **    (3)  the subquery is not part of a left operand for a RIGHT JOIN
     */
-    if( i==0
-     && (pTabList->nSrc==1
-            || (pTabList->a[1].fg.jointype&(JT_OUTER|JT_CROSS))!=0)  /* (1) */
-     && (pItem->fg.isCte==0 || pItem->u2.pCteUse->eM10d!=M10d_Yes)   /* (2) */
-     && (pTabList->a[0].fg.jointype & JT_LTORJ)==0                   /* (3) */
-    ){
+    if( fromClauseTermCanBeCoroutine(pParse, pTabList, i, p->selFlags) ){
       /* Implement a co-routine that will return a single row of the result
       ** set on each invocation.
       */
@@ -142655,7 +146493,7 @@ SQLITE_PRIVATE int sqlite3Select(
         VdbeComment((v, "%!S", pItem));
       }
       pSub->nSelectRow = pCteUse->nRowEst;
-    }else if( (pPrior = isSelfJoinView(pTabList, pItem))!=0 ){
+    }else if( (pPrior = isSelfJoinView(pTabList, pItem, 0, i))!=0 ){
       /* This view has already been materialized by a prior entry in
       ** this same FROM clause.  Reuse it. */
       if( pPrior->addrFillSub ){
@@ -142669,6 +146507,9 @@ SQLITE_PRIVATE int sqlite3Select(
       ** the same view can reuse the materialization. */
       int topAddr;
       int onceAddr = 0;
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+      int addrExplain;
+#endif
 
       pItem->regReturn = ++pParse->nMem;
       topAddr = sqlite3VdbeAddOp0(v, OP_Goto);
@@ -142684,12 +146525,14 @@ SQLITE_PRIVATE int sqlite3Select(
         VdbeNoopComment((v, "materialize %!S", pItem));
       }
       sqlite3SelectDestInit(&dest, SRT_EphemTab, pItem->iCursor);
-      ExplainQueryPlan((pParse, 1, "MATERIALIZE %!S", pItem));
+
+      ExplainQueryPlan2(addrExplain, (pParse, 1, "MATERIALIZE %!S", pItem));
       sqlite3Select(pParse, pSub, &dest);
       pItem->pTab->nRowLogEst = pSub->nSelectRow;
       if( onceAddr ) sqlite3VdbeJumpHere(v, onceAddr);
       sqlite3VdbeAddOp2(v, OP_Return, pItem->regReturn, topAddr+1);
       VdbeComment((v, "end %!S", pItem));
+      sqlite3VdbeScanStatusRange(v, addrExplain, addrExplain, -1);
       sqlite3VdbeJumpHere(v, topAddr);
       sqlite3ClearTempRegCache(pParse);
       if( pItem->fg.isCte && pItem->fg.isCorrelated==0 ){
@@ -142715,8 +146558,8 @@ SQLITE_PRIVATE int sqlite3Select(
   sDistinct.isTnct = (p->selFlags & SF_Distinct)!=0;
 
 #if TREETRACE_ENABLED
-  if( sqlite3TreeTrace & 0x400 ){
-    SELECTTRACE(0x400,pParse,p,("After all FROM-clause analysis:\n"));
+  if( sqlite3TreeTrace & 0x8000 ){
+    TREETRACE(0x8000,pParse,p,("After all FROM-clause analysis:\n"));
     sqlite3TreeViewSelect(0, p, 0);
   }
 #endif
@@ -142752,8 +146595,8 @@ SQLITE_PRIVATE int sqlite3Select(
     sDistinct.isTnct = 2;
 
 #if TREETRACE_ENABLED
-    if( sqlite3TreeTrace & 0x400 ){
-      SELECTTRACE(0x400,pParse,p,("Transform DISTINCT into GROUP BY:\n"));
+    if( sqlite3TreeTrace & 0x20000 ){
+      TREETRACE(0x20000,pParse,p,("Transform DISTINCT into GROUP BY:\n"));
       sqlite3TreeViewSelect(0, p, 0);
     }
 #endif
@@ -142805,7 +146648,7 @@ SQLITE_PRIVATE int sqlite3Select(
   if( (p->selFlags & SF_FixedLimit)==0 ){
     p->nSelectRow = 320;  /* 4 billion rows */
   }
-  computeLimitRegisters(pParse, p, iEnd);
+  if( p->pLimit ) computeLimitRegisters(pParse, p, iEnd);
   if( p->iLimit==0 && sSort.addrSortIndex>=0 ){
     sqlite3VdbeChangeOpcode(v, sSort.addrSortIndex, OP_SorterOpen);
     sSort.sortFlags |= SORTFLAG_UseSorter;
@@ -142839,7 +146682,7 @@ SQLITE_PRIVATE int sqlite3Select(
 
 
     /* Begin the database scan. */
-    SELECTTRACE(1,pParse,p,("WhereBegin\n"));
+    TREETRACE(0x2,pParse,p,("WhereBegin\n"));
     pWInfo = sqlite3WhereBegin(pParse, pTabList, pWhere, sSort.pOrderBy,
                                p->pEList, p, wctrlFlags, p->nSelectRow);
     if( pWInfo==0 ) goto select_end;
@@ -142856,7 +146699,7 @@ SQLITE_PRIVATE int sqlite3Select(
         sSort.pOrderBy = 0;
       }
     }
-    SELECTTRACE(1,pParse,p,("WhereBegin returns\n"));
+    TREETRACE(0x2,pParse,p,("WhereBegin returns\n"));
 
     /* If sorting index that was created by a prior OP_OpenEphemeral
     ** instruction ended up not being needed, then change the OP_OpenEphemeral
@@ -142895,7 +146738,7 @@ SQLITE_PRIVATE int sqlite3Select(
 
       /* End the database scan loop.
       */
-      SELECTTRACE(1,pParse,p,("WhereEnd\n"));
+      TREETRACE(0x2,pParse,p,("WhereEnd\n"));
       sqlite3WhereEnd(pWInfo);
     }
   }else{
@@ -142976,12 +146819,14 @@ SQLITE_PRIVATE int sqlite3Select(
       goto select_end;
     }
     pAggInfo->selId = p->selId;
+#ifdef SQLITE_DEBUG
+    pAggInfo->pSelect = p;
+#endif
     memset(&sNC, 0, sizeof(sNC));
     sNC.pParse = pParse;
     sNC.pSrcList = pTabList;
     sNC.uNC.pAggInfo = pAggInfo;
     VVA_ONLY( sNC.ncFlags = NC_UAggInfo; )
-    pAggInfo->mnReg = pParse->nMem+1;
     pAggInfo->nSortingColumn = pGroupBy ? pGroupBy->nExpr : 0;
     pAggInfo->pGroupBy = pGroupBy;
     sqlite3ExprAnalyzeAggList(&sNC, pEList);
@@ -143002,40 +146847,17 @@ SQLITE_PRIVATE int sqlite3Select(
     }else{
       minMaxFlag = WHERE_ORDERBY_NORMAL;
     }
-    for(i=0; inFunc; i++){
-      Expr *pExpr = pAggInfo->aFunc[i].pFExpr;
-      assert( ExprUseXList(pExpr) );
-      sNC.ncFlags |= NC_InAggFunc;
-      sqlite3ExprAnalyzeAggList(&sNC, pExpr->x.pList);
-#ifndef SQLITE_OMIT_WINDOWFUNC
-      assert( !IsWindowFunc(pExpr) );
-      if( ExprHasProperty(pExpr, EP_WinFunc) ){
-        sqlite3ExprAnalyzeAggregates(&sNC, pExpr->y.pWin->pFilter);
-      }
-#endif
-      sNC.ncFlags &= ~NC_InAggFunc;
-    }
-    pAggInfo->mxReg = pParse->nMem;
+    analyzeAggFuncArgs(pAggInfo, &sNC);
     if( db->mallocFailed ) goto select_end;
 #if TREETRACE_ENABLED
-    if( sqlite3TreeTrace & 0x400 ){
-      int ii;
-      SELECTTRACE(0x400,pParse,p,("After aggregate analysis %p:\n", pAggInfo));
+    if( sqlite3TreeTrace & 0x20 ){
+      TREETRACE(0x20,pParse,p,("After aggregate analysis %p:\n", pAggInfo));
       sqlite3TreeViewSelect(0, p, 0);
       if( minMaxFlag ){
         sqlite3DebugPrintf("MIN/MAX Optimization (0x%02x) adds:\n", minMaxFlag);
         sqlite3TreeViewExprList(0, pMinMaxOrderBy, 0, "ORDERBY");
       }
-      for(ii=0; iinColumn; ii++){
-        sqlite3DebugPrintf("agg-column[%d] iMem=%d\n",
-            ii, pAggInfo->aCol[ii].iMem);
-        sqlite3TreeViewExpr(0, pAggInfo->aCol[ii].pCExpr, 0);
-      }
-      for(ii=0; iinFunc; ii++){
-        sqlite3DebugPrintf("agg-func[%d]: iMem=%d\n",
-            ii, pAggInfo->aFunc[ii].iMem);
-        sqlite3TreeViewExpr(0, pAggInfo->aFunc[ii].pFExpr, 0);
-      }
+      printAggInfo(pAggInfo);
     }
 #endif
 
@@ -143104,17 +146926,21 @@ SQLITE_PRIVATE int sqlite3Select(
       ** in the right order to begin with.
       */
       sqlite3VdbeAddOp2(v, OP_Gosub, regReset, addrReset);
-      SELECTTRACE(1,pParse,p,("WhereBegin\n"));
+      TREETRACE(0x2,pParse,p,("WhereBegin\n"));
       pWInfo = sqlite3WhereBegin(pParse, pTabList, pWhere, pGroupBy, pDistinct,
-          0, (sDistinct.isTnct==2 ? WHERE_DISTINCTBY : WHERE_GROUPBY)
+          p, (sDistinct.isTnct==2 ? WHERE_DISTINCTBY : WHERE_GROUPBY)
           |  (orderByGrp ? WHERE_SORTBYGROUP : 0) | distFlag, 0
       );
       if( pWInfo==0 ){
         sqlite3ExprListDelete(db, pDistinct);
         goto select_end;
       }
+      if( pParse->pIdxEpr ){
+        optimizeAggregateUseOfIndexedExpr(pParse, p, pAggInfo, &sNC);
+      }
+      assignAggregateRegisters(pParse, pAggInfo);
       eDist = sqlite3WhereIsDistinct(pWInfo);
-      SELECTTRACE(1,pParse,p,("WhereBegin returns\n"));
+      TREETRACE(0x2,pParse,p,("WhereBegin returns\n"));
       if( sqlite3WhereIsOrdered(pWInfo)==pGroupBy->nExpr ){
         /* The optimizer is able to deliver rows in group by order so
         ** we do not have to sort.  The OP_OpenEphemeral table will be
@@ -143149,21 +146975,21 @@ SQLITE_PRIVATE int sqlite3Select(
         regBase = sqlite3GetTempRange(pParse, nCol);
         sqlite3ExprCodeExprList(pParse, pGroupBy, regBase, 0, 0);
         j = nGroupBy;
+        pAggInfo->directMode = 1;
         for(i=0; inColumn; i++){
           struct AggInfo_col *pCol = &pAggInfo->aCol[i];
           if( pCol->iSorterColumn>=j ){
-            int r1 = j + regBase;
-            sqlite3ExprCodeGetColumnOfTable(v,
-                               pCol->pTab, pCol->iTable, pCol->iColumn, r1);
+            sqlite3ExprCode(pParse, pCol->pCExpr, j + regBase);
             j++;
           }
         }
+        pAggInfo->directMode = 0;
         regRecord = sqlite3GetTempReg(pParse);
         sqlite3VdbeAddOp3(v, OP_MakeRecord, regBase, nCol, regRecord);
         sqlite3VdbeAddOp2(v, OP_SorterInsert, pAggInfo->sortingIdx, regRecord);
         sqlite3ReleaseTempReg(pParse, regRecord);
         sqlite3ReleaseTempRange(pParse, regBase, nCol);
-        SELECTTRACE(1,pParse,p,("WhereEnd\n"));
+        TREETRACE(0x2,pParse,p,("WhereEnd\n"));
         sqlite3WhereEnd(pWInfo);
         pAggInfo->sortingIdxPTab = sortPTab = pParse->nTab++;
         sortOut = sqlite3GetTempReg(pParse);
@@ -143173,6 +146999,23 @@ SQLITE_PRIVATE int sqlite3Select(
         pAggInfo->useSortingIdx = 1;
       }
 
+      /* If there are entries in pAgggInfo->aFunc[] that contain subexpressions
+      ** that are indexed (and that were previously identified and tagged
+      ** in optimizeAggregateUseOfIndexedExpr()) then those subexpressions
+      ** must now be converted into a TK_AGG_COLUMN node so that the value
+      ** is correctly pulled from the index rather than being recomputed. */
+      if( pParse->pIdxEpr ){
+        aggregateConvertIndexedExprRefToColumn(pAggInfo);
+#if TREETRACE_ENABLED
+        if( sqlite3TreeTrace & 0x20 ){
+          TREETRACE(0x20, pParse, p,
+             ("AggInfo function expressions converted to reference index\n"));
+          sqlite3TreeViewSelect(0, p, 0);
+          printAggInfo(pAggInfo);
+        }
+#endif
+      }
+
       /* If the index or temporary table used by the GROUP BY sort
       ** will naturally deliver rows in the order required by the ORDER BY
       ** clause, cancel the ephemeral table open coded earlier.
@@ -143241,7 +147084,7 @@ SQLITE_PRIVATE int sqlite3Select(
         sqlite3VdbeAddOp2(v, OP_SorterNext, pAggInfo->sortingIdx,addrTopOfLoop);
         VdbeCoverage(v);
       }else{
-        SELECTTRACE(1,pParse,p,("WhereEnd\n"));
+        TREETRACE(0x2,pParse,p,("WhereEnd\n"));
         sqlite3WhereEnd(pWInfo);
         sqlite3VdbeChangeToNoop(v, addrSortingIdx);
       }
@@ -143351,7 +147194,8 @@ SQLITE_PRIVATE int sqlite3Select(
         if( pKeyInfo ){
           sqlite3VdbeChangeP4(v, -1, (char *)pKeyInfo, P4_KEYINFO);
         }
-        sqlite3VdbeAddOp2(v, OP_Count, iCsr, pAggInfo->aFunc[0].iMem);
+        assignAggregateRegisters(pParse, pAggInfo);
+        sqlite3VdbeAddOp2(v, OP_Count, iCsr, AggInfoFuncReg(pAggInfo,0));
         sqlite3VdbeAddOp1(v, OP_Close, iCsr);
         explainSimpleCount(pParse, pTab, pBest);
       }else{
@@ -143387,6 +147231,7 @@ SQLITE_PRIVATE int sqlite3Select(
           pDistinct = pAggInfo->aFunc[0].pFExpr->x.pList;
           distFlag = pDistinct ? (WHERE_WANT_DISTINCT|WHERE_AGG_DISTINCT) : 0;
         }
+        assignAggregateRegisters(pParse, pAggInfo);
 
         /* This case runs if the aggregate has no GROUP BY clause.  The
         ** processing is much simpler since there is only a single row
@@ -143403,13 +147248,13 @@ SQLITE_PRIVATE int sqlite3Select(
         assert( minMaxFlag==WHERE_ORDERBY_NORMAL || pMinMaxOrderBy!=0 );
         assert( pMinMaxOrderBy==0 || pMinMaxOrderBy->nExpr==1 );
 
-        SELECTTRACE(1,pParse,p,("WhereBegin\n"));
+        TREETRACE(0x2,pParse,p,("WhereBegin\n"));
         pWInfo = sqlite3WhereBegin(pParse, pTabList, pWhere, pMinMaxOrderBy,
-                                   pDistinct, 0, minMaxFlag|distFlag, 0);
+                                   pDistinct, p, minMaxFlag|distFlag, 0);
         if( pWInfo==0 ){
           goto select_end;
         }
-        SELECTTRACE(1,pParse,p,("WhereBegin returns\n"));
+        TREETRACE(0x2,pParse,p,("WhereBegin returns\n"));
         eDist = sqlite3WhereIsDistinct(pWInfo);
         updateAccumulator(pParse, regAcc, pAggInfo, eDist);
         if( eDist!=WHERE_DISTINCT_NOOP ){
@@ -143423,7 +147268,7 @@ SQLITE_PRIVATE int sqlite3Select(
         if( minMaxFlag ){
           sqlite3WhereMinMaxOptEarlyOut(v, pWInfo);
         }
-        SELECTTRACE(1,pParse,p,("WhereEnd\n"));
+        TREETRACE(0x2,pParse,p,("WhereEnd\n"));
         sqlite3WhereEnd(pWInfo);
         finalizeAggFunctions(pParse, pAggInfo);
       }
@@ -143445,8 +147290,6 @@ SQLITE_PRIVATE int sqlite3Select(
   ** and send them to the callback one by one.
   */
   if( sSort.pOrderBy ){
-    explainTempTable(pParse,
-                     sSort.nOBSat>0 ? "RIGHT PART OF ORDER BY":"ORDER BY");
     assert( p->pEList==pEList );
     generateSortTail(pParse, p, &sSort, pEList->nExpr, pDest);
   }
@@ -143470,7 +147313,7 @@ SQLITE_PRIVATE int sqlite3Select(
   if( pAggInfo && !db->mallocFailed ){
     for(i=0; inColumn; i++){
       Expr *pExpr = pAggInfo->aCol[i].pCExpr;
-      assert( pExpr!=0 );
+      if( pExpr==0 ) continue;
       assert( pExpr->pAggInfo==pAggInfo );
       assert( pExpr->iAgg==i );
     }
@@ -143484,8 +147327,8 @@ SQLITE_PRIVATE int sqlite3Select(
 #endif
 
 #if TREETRACE_ENABLED
-  SELECTTRACE(0x1,pParse,p,("end processing\n"));
-  if( (sqlite3TreeTrace & 0x2000)!=0 && ExplainQueryPlanParent(pParse)==0 ){
+  TREETRACE(0x1,pParse,p,("end processing\n"));
+  if( (sqlite3TreeTrace & 0x40000)!=0 && ExplainQueryPlanParent(pParse)==0 ){
     sqlite3TreeViewSelect(0, p, 0);
   }
 #endif
@@ -143759,7 +147602,7 @@ SQLITE_PRIVATE Trigger *sqlite3TriggerList(Parse *pParse, Table *pTab){
     if( pTrig->pTabSchema==pTab->pSchema
      && pTrig->table
      && 0==sqlite3StrICmp(pTrig->table, pTab->zName)
-     && pTrig->pTabSchema!=pTmpSchema
+     && (pTrig->pTabSchema!=pTmpSchema || pTrig->bReturning)
     ){
       pTrig->pNext = pList;
       pList = pTrig;
@@ -143900,6 +147743,7 @@ SQLITE_PRIVATE void sqlite3BeginTrigger(
       }else{
         assert( !db->init.busy );
         sqlite3CodeVerifySchema(pParse, iDb);
+        VVA_ONLY( pParse->ifNotExists = 1; )
       }
       goto trigger_cleanup;
     }
@@ -144681,7 +148525,7 @@ static void codeReturningTrigger(
   }
   sqlite3ExprListDelete(db, sSelect.pEList);
   pNew = sqlite3ExpandReturning(pParse, pReturning->pReturnEL, pTab);
-  if( !db->mallocFailed ){
+  if( pParse->nErr==0 ){
     NameContext sNC;
     memset(&sNC, 0, sizeof(sNC));
     if( pReturning->nRetCol==0 ){
@@ -144889,7 +148733,7 @@ static TriggerPrg *codeRowTrigger(
   sSubParse.zAuthContext = pTrigger->zName;
   sSubParse.eTriggerOp = pTrigger->op;
   sSubParse.nQueryLoop = pParse->nQueryLoop;
-  sSubParse.disableVtab = pParse->disableVtab;
+  sSubParse.prepFlags = pParse->prepFlags;
 
   v = sqlite3GetVdbe(&sSubParse);
   if( v ){
@@ -145150,6 +148994,9 @@ SQLITE_PRIVATE u32 sqlite3TriggerColmask(
   Trigger *p;
 
   assert( isNew==1 || isNew==0 );
+  if( IsView(pTab) ){
+    return 0xffffffff;
+  }
   for(p=pTrigger; p; p=p->pNext){
     if( p->op==op
      && (tr_tm&p->tr_tm)
@@ -145235,11 +149082,14 @@ static void updateVirtualTable(
 ** it has been converted into REAL.
 */
 SQLITE_PRIVATE void sqlite3ColumnDefault(Vdbe *v, Table *pTab, int i, int iReg){
+  Column *pCol;
   assert( pTab!=0 );
-  if( !IsView(pTab) ){
+  assert( pTab->nCol>i );
+  pCol = &pTab->aCol[i];
+  if( pCol->iDflt ){
     sqlite3_value *pValue = 0;
     u8 enc = ENC(sqlite3VdbeDb(v));
-    Column *pCol = &pTab->aCol[i];
+    assert( !IsView(pTab) );
     VdbeComment((v, "%s.%s", pTab->zName, pCol->zCnName));
     assert( inCol );
     sqlite3ValueFromExpr(sqlite3VdbeDb(v),
@@ -145250,7 +149100,7 @@ SQLITE_PRIVATE void sqlite3ColumnDefault(Vdbe *v, Table *pTab, int i, int iReg){
     }
   }
 #ifndef SQLITE_OMIT_FLOATING_POINT
-  if( pTab->aCol[i].affinity==SQLITE_AFF_REAL && !IsVirtual(pTab) ){
+  if( pCol->affinity==SQLITE_AFF_REAL && !IsVirtual(pTab) ){
     sqlite3VdbeAddOp1(v, OP_RealAffinity, iReg);
   }
 #endif
@@ -145436,7 +149286,8 @@ static void updateFromSelect(
     }
   }
   pSelect = sqlite3SelectNew(pParse, pList,
-      pSrc, pWhere2, pGrp, 0, pOrderBy2, SF_UFSrcCheck|SF_IncludeHidden, pLimit2
+      pSrc, pWhere2, pGrp, 0, pOrderBy2,
+      SF_UFSrcCheck|SF_IncludeHidden|SF_UpdateFrom, pLimit2
   );
   if( pSelect ) pSelect->selFlags |= SF_OrderByReqd;
   sqlite3SelectDestInit(&dest, eDest, iEph);
@@ -145580,7 +149431,7 @@ SQLITE_PRIVATE void sqlite3Update(
   if( sqlite3ViewGetColumnNames(pParse, pTab) ){
     goto update_cleanup;
   }
-  if( sqlite3IsReadOnly(pParse, pTab, tmask) ){
+  if( sqlite3IsReadOnly(pParse, pTab, pTrigger) ){
     goto update_cleanup;
   }
 
@@ -145899,12 +149750,22 @@ SQLITE_PRIVATE void sqlite3Update(
       /* Begin the database scan.
       **
       ** Do not consider a single-pass strategy for a multi-row update if
-      ** there are any triggers or foreign keys to process, or rows may
-      ** be deleted as a result of REPLACE conflict handling. Any of these
-      ** things might disturb a cursor being used to scan through the table
-      ** or index, causing a single-pass approach to malfunction.  */
+      ** there is anything that might disrupt the cursor being used to do
+      ** the UPDATE:
+      **   (1) This is a nested UPDATE
+      **   (2) There are triggers
+      **   (3) There are FOREIGN KEY constraints
+      **   (4) There are REPLACE conflict handlers
+      **   (5) There are subqueries in the WHERE clause
+      */
       flags = WHERE_ONEPASS_DESIRED;
-      if( !pParse->nested && !pTrigger && !hasFK && !chngKey && !bReplace ){
+      if( !pParse->nested
+       && !pTrigger
+       && !hasFK
+       && !chngKey
+       && !bReplace
+       && (sNC.ncFlags & NC_Subquery)==0
+      ){
         flags |= WHERE_ONEPASS_MULTIROW;
       }
       pWInfo = sqlite3WhereBegin(pParse, pTabList, pWhere,0,0,0,flags,iIdxCur);
@@ -146690,6 +150551,7 @@ SQLITE_PRIVATE int sqlite3UpsertAnalyzeTarget(
         if( pIdx->aiColumn[ii]==XN_EXPR ){
           assert( pIdx->aColExpr!=0 );
           assert( pIdx->aColExpr->nExpr>ii );
+          assert( pIdx->bHasExpr );
           pExpr = pIdx->aColExpr->a[ii].pExpr;
           if( pExpr->op!=TK_COLLATE ){
             sCol[0].pLeft = pExpr;
@@ -147003,6 +150865,7 @@ SQLITE_PRIVATE SQLITE_NOINLINE int sqlite3RunVacuum(
   int nDb;                /* Number of attached databases */
   const char *zDbMain;    /* Schema name of database to vacuum */
   const char *zOut;       /* Name of output file */
+  u32 pgflags = PAGER_SYNCHRONOUS_OFF; /* sync flags for output db */
 
   if( !db->autoCommit ){
     sqlite3SetString(pzErrMsg, db, "cannot VACUUM from within a transaction");
@@ -147074,12 +150937,17 @@ SQLITE_PRIVATE SQLITE_NOINLINE int sqlite3RunVacuum(
       goto end_of_vacuum;
     }
     db->mDbFlags |= DBFLAG_VacuumInto;
+
+    /* For a VACUUM INTO, the pager-flags are set to the same values as
+    ** they are for the database being vacuumed, except that PAGER_CACHESPILL
+    ** is always set. */
+    pgflags = db->aDb[iDb].safety_level | (db->flags & PAGER_FLAGS_MASK);
   }
   nRes = sqlite3BtreeGetRequestedReserve(pMain);
 
   sqlite3BtreeSetCacheSize(pTemp, db->aDb[iDb].pSchema->cache_size);
   sqlite3BtreeSetSpillSize(pTemp, sqlite3BtreeSetSpillSize(pMain,0));
-  sqlite3BtreeSetPagerFlags(pTemp, PAGER_SYNCHRONOUS_OFF|PAGER_CACHESPILL);
+  sqlite3BtreeSetPagerFlags(pTemp, pgflags|PAGER_CACHESPILL);
 
   /* Begin a transaction and take an exclusive lock on the main database
   ** file. This is done before the sqlite3BtreeGetPageSize(pMain) call below,
@@ -147463,10 +151331,10 @@ SQLITE_PRIVATE void sqlite3VtabUnlock(VTable *pVTab){
   pVTab->nRef--;
   if( pVTab->nRef==0 ){
     sqlite3_vtab *p = pVTab->pVtab;
-    sqlite3VtabModuleUnref(pVTab->db, pVTab->pMod);
     if( p ){
       p->pModule->xDisconnect(p);
     }
+    sqlite3VtabModuleUnref(pVTab->db, pVTab->pMod);
     sqlite3DbFree(db, pVTab);
   }
 }
@@ -147592,7 +151460,8 @@ SQLITE_PRIVATE void sqlite3VtabUnlockList(sqlite3 *db){
 */
 SQLITE_PRIVATE void sqlite3VtabClear(sqlite3 *db, Table *p){
   assert( IsVirtual(p) );
-  if( !db || db->pnBytesFreed==0 ) vtabDisconnectAll(0, p);
+  assert( db!=0 );
+  if( db->pnBytesFreed==0 ) vtabDisconnectAll(0, p);
   if( p->u.vtab.azArg ){
     int i;
     for(i=0; iu.vtab.nArg; i++){
@@ -147861,7 +151730,9 @@ static int vtabCallConstructor(
   sCtx.pPrior = db->pVtabCtx;
   sCtx.bDeclared = 0;
   db->pVtabCtx = &sCtx;
+  pTab->nTabRef++;
   rc = xConstruct(db, pMod->pAux, nArg, azArg, &pVTable->pVtab, &zErr);
+  sqlite3DeleteTable(db, pTab);
   db->pVtabCtx = sCtx.pPrior;
   if( rc==SQLITE_NOMEM ) sqlite3OomFault(db);
   assert( sCtx.pTab==pTab );
@@ -148351,7 +152222,10 @@ SQLITE_PRIVATE int sqlite3VtabSavepoint(sqlite3 *db, int op, int iSavepoint){
             break;
         }
         if( xMethod && pVTab->iSavepoint>iSavepoint ){
+          u64 savedFlags = (db->flags & SQLITE_Defensive);
+          db->flags &= ~(u64)SQLITE_Defensive;
           rc = xMethod(pVTab->pVtab, iSavepoint);
+          db->flags |= savedFlags;
         }
         sqlite3VtabUnlock(pVTab);
       }
@@ -148392,7 +152266,7 @@ SQLITE_PRIVATE FuncDef *sqlite3VtabOverloadFunction(
   if( pExpr->op!=TK_COLUMN ) return pDef;
   assert( ExprUseYTab(pExpr) );
   pTab = pExpr->y.pTab;
-  if( pTab==0 ) return pDef;
+  if( NEVER(pTab==0) ) return pDef;
   if( !IsVirtual(pTab) ) return pDef;
   pVtab = sqlite3GetVTable(db, pTab)->pVtab;
   assert( pVtab!=0 );
@@ -148580,6 +152454,10 @@ SQLITE_API int sqlite3_vtab_config(sqlite3 *db, int op, ...){
         p->pVTable->eVtabRisk = SQLITE_VTABRISK_High;
         break;
       }
+      case SQLITE_VTAB_USES_ALL_SCHEMAS: {
+        p->pVTable->bAllSchemas = 1;
+        break;
+      }
       default: {
         rc = SQLITE_MISUSE_BKPT;
         break;
@@ -148999,7 +152877,7 @@ struct WhereAndInfo {
 ** between VDBE cursor numbers and bits of the bitmasks in WhereTerm.
 **
 ** The VDBE cursor numbers are small integers contained in
-** SrcList_item.iCursor and Expr.iTable fields.  For any given WHERE
+** SrcItem.iCursor and Expr.iTable fields.  For any given WHERE
 ** clause, the cursor numbers might not begin with 0 and they might
 ** contain gaps in the numbering sequence.  But we want to make maximum
 ** use of the bits in our bitmasks.  This structure provides a mapping
@@ -149070,20 +152948,6 @@ struct WhereLoopBuilder {
 # define SQLITE_QUERY_PLANNER_LIMIT_INCR 1000
 #endif
 
-/*
-** Each instance of this object records a change to a single node
-** in an expression tree to cause that node to point to a column
-** of an index rather than an expression or a virtual column.  All
-** such transformations need to be undone at the end of WHERE clause
-** processing.
-*/
-typedef struct WhereExprMod WhereExprMod;
-struct WhereExprMod {
-  WhereExprMod *pNext;  /* Next translation on a list of them all */
-  Expr *pExpr;          /* The Expr node that was transformed */
-  Expr orig;            /* Original value of the Expr node */
-};
-
 /*
 ** The WHERE clause processing routine has two halves.  The
 ** first part does the start of the WHERE loop and the second
@@ -149099,10 +152963,10 @@ struct WhereInfo {
   SrcList *pTabList;        /* List of tables in the join */
   ExprList *pOrderBy;       /* The ORDER BY clause or NULL */
   ExprList *pResultSet;     /* Result set of the query */
+#if WHERETRACE_ENABLED
   Expr *pWhere;             /* The complete WHERE clause */
-#ifndef SQLITE_OMIT_VIRTUALTABLE
-  Select *pLimit;           /* Used to access LIMIT expr/registers for vtabs */
 #endif
+  Select *pSelect;          /* The entire SELECT statement containing WHERE */
   int aiCurOnePass[2];      /* OP_OpenWrite cursors for the ONEPASS opt */
   int iContinue;            /* Jump here to continue with next record */
   int iBreak;               /* Jump here to break out of the loop */
@@ -149121,7 +152985,6 @@ struct WhereInfo {
   int iTop;                 /* The very beginning of the WHERE loop */
   int iEndWhere;            /* End of the WHERE clause itself */
   WhereLoop *pLoops;        /* List of all WhereLoop objects */
-  WhereExprMod *pExprMods;  /* Expression modifications */
   WhereMemBlock *pMemToFree;/* Memory to free when this object destroyed */
   Bitmask revMask;          /* Mask of ORDER BY terms that need reversing */
   WhereClause sWC;          /* Decomposition of the WHERE clause */
@@ -149269,6 +153132,8 @@ SQLITE_PRIVATE void sqlite3WhereTabFuncArgs(Parse*, SrcItem*, WhereClause*);
 #define WHERE_BLOOMFILTER  0x00400000  /* Consider using a Bloom-filter */
 #define WHERE_SELFCULL     0x00800000  /* nOut reduced by extra WHERE terms */
 #define WHERE_OMIT_OFFSET  0x01000000  /* Set offset counter to zero */
+#define WHERE_VIEWSCAN     0x02000000  /* A full-scan of a VIEW or subquery */
+#define WHERE_EXPRIDX      0x04000000  /* Uses an index-on-expressions */
 
 #endif /* !defined(SQLITE_WHEREINT_H) */
 
@@ -149366,9 +153231,9 @@ static void explainIndexRange(StrAccum *pStr, WhereLoop *pLoop){
 
 /*
 ** This function is a no-op unless currently processing an EXPLAIN QUERY PLAN
-** command, or if either SQLITE_DEBUG or SQLITE_ENABLE_STMT_SCANSTATUS was
-** defined at compile-time. If it is not a no-op, a single OP_Explain opcode
-** is added to the output to describe the table scan strategy in pLevel.
+** command, or if stmt_scanstatus_v2() stats are enabled, or if SQLITE_DEBUG
+** was defined at compile-time. If it is not a no-op, a single OP_Explain
+** opcode is added to the output to describe the table scan strategy in pLevel.
 **
 ** If an OP_Explain opcode is added to the VM, its address is returned.
 ** Otherwise, if no OP_Explain is coded, zero is returned.
@@ -149380,8 +153245,8 @@ SQLITE_PRIVATE int sqlite3WhereExplainOneScan(
   u16 wctrlFlags                  /* Flags passed to sqlite3WhereBegin() */
 ){
   int ret = 0;
-#if !defined(SQLITE_DEBUG) && !defined(SQLITE_ENABLE_STMT_SCANSTATUS)
-  if( sqlite3ParseToplevel(pParse)->explain==2 )
+#if !defined(SQLITE_DEBUG)
+  if( sqlite3ParseToplevel(pParse)->explain==2 || IS_STMT_SCANSTATUS(pParse->db) )
 #endif
   {
     SrcItem *pItem = &pTabList->a[pLevel->iFrom];
@@ -149525,6 +153390,8 @@ SQLITE_PRIVATE int sqlite3WhereExplainBloomFilter(
   zMsg = sqlite3StrAccumFinish(&str);
   ret = sqlite3VdbeAddOp4(v, OP_Explain, sqlite3VdbeCurrentAddr(v),
                           pParse->addrExplain, 0, zMsg,P4_DYNAMIC);
+
+  sqlite3VdbeScanStatus(v, sqlite3VdbeCurrentAddr(v)-1, 0, 0, 0, 0);
   return ret;
 }
 #endif /* SQLITE_OMIT_EXPLAIN */
@@ -149545,16 +153412,31 @@ SQLITE_PRIVATE void sqlite3WhereAddScanStatus(
   WhereLevel *pLvl,               /* Level to add scanstatus() entry for */
   int addrExplain                 /* Address of OP_Explain (or 0) */
 ){
-  const char *zObj = 0;
-  WhereLoop *pLoop = pLvl->pWLoop;
-  if( (pLoop->wsFlags & WHERE_VIRTUALTABLE)==0  &&  pLoop->u.btree.pIndex!=0 ){
-    zObj = pLoop->u.btree.pIndex->zName;
-  }else{
-    zObj = pSrclist->a[pLvl->iFrom].zName;
+  if( IS_STMT_SCANSTATUS( sqlite3VdbeDb(v) ) ){
+    const char *zObj = 0;
+    WhereLoop *pLoop = pLvl->pWLoop;
+    int wsFlags = pLoop->wsFlags;
+    int viaCoroutine = 0;
+
+    if( (wsFlags & WHERE_VIRTUALTABLE)==0  &&  pLoop->u.btree.pIndex!=0 ){
+      zObj = pLoop->u.btree.pIndex->zName;
+    }else{
+      zObj = pSrclist->a[pLvl->iFrom].zName;
+      viaCoroutine = pSrclist->a[pLvl->iFrom].fg.viaCoroutine;
+    }
+    sqlite3VdbeScanStatus(
+        v, addrExplain, pLvl->addrBody, pLvl->addrVisit, pLoop->nOut, zObj
+    );
+
+    if( viaCoroutine==0 ){
+      if( (wsFlags & (WHERE_MULTI_OR|WHERE_AUTO_INDEX))==0 ){
+        sqlite3VdbeScanStatusRange(v, addrExplain, -1, pLvl->iTabCur);
+      }
+      if( wsFlags & WHERE_INDEXED ){
+        sqlite3VdbeScanStatusRange(v, addrExplain, -1, pLvl->iIdxCur);
+      }
+    }
   }
-  sqlite3VdbeScanStatus(
-      v, addrExplain, pLvl->addrBody, pLvl->addrVisit, pLoop->nOut, zObj
-  );
 }
 #endif
 
@@ -149614,7 +153496,7 @@ static void disableTerm(WhereLevel *pLevel, WhereTerm *pTerm){
       pTerm->wtFlags |= TERM_CODED;
     }
 #ifdef WHERETRACE_ENABLED
-    if( sqlite3WhereTrace & 0x20000 ){
+    if( (sqlite3WhereTrace & 0x4001)==0x4001 ){
       sqlite3DebugPrintf("DISABLE-");
       sqlite3WhereTermPrint(pTerm, (int)(pTerm - (pTerm->pWC->a)));
     }
@@ -149729,68 +153611,75 @@ static Expr *removeUnindexableInClauseTerms(
   Expr *pX              /* The IN expression to be reduced */
 ){
   sqlite3 *db = pParse->db;
+  Select *pSelect;            /* Pointer to the SELECT on the RHS */
   Expr *pNew;
   pNew = sqlite3ExprDup(db, pX, 0);
   if( db->mallocFailed==0 ){
-    ExprList *pOrigRhs;         /* Original unmodified RHS */
-    ExprList *pOrigLhs;         /* Original unmodified LHS */
-    ExprList *pRhs = 0;         /* New RHS after modifications */
-    ExprList *pLhs = 0;         /* New LHS after mods */
-    int i;                      /* Loop counter */
-    Select *pSelect;            /* Pointer to the SELECT on the RHS */
-
-    assert( ExprUseXSelect(pNew) );
-    pOrigRhs = pNew->x.pSelect->pEList;
-    assert( pNew->pLeft!=0 );
-    assert( ExprUseXList(pNew->pLeft) );
-    pOrigLhs = pNew->pLeft->x.pList;
-    for(i=iEq; inLTerm; i++){
-      if( pLoop->aLTerm[i]->pExpr==pX ){
-        int iField;
-        assert( (pLoop->aLTerm[i]->eOperator & (WO_OR|WO_AND))==0 );
-        iField = pLoop->aLTerm[i]->u.x.iField - 1;
-        if( pOrigRhs->a[iField].pExpr==0 ) continue; /* Duplicate PK column */
-        pRhs = sqlite3ExprListAppend(pParse, pRhs, pOrigRhs->a[iField].pExpr);
-        pOrigRhs->a[iField].pExpr = 0;
-        assert( pOrigLhs->a[iField].pExpr!=0 );
-        pLhs = sqlite3ExprListAppend(pParse, pLhs, pOrigLhs->a[iField].pExpr);
-        pOrigLhs->a[iField].pExpr = 0;
-      }
-    }
-    sqlite3ExprListDelete(db, pOrigRhs);
-    sqlite3ExprListDelete(db, pOrigLhs);
-    pNew->pLeft->x.pList = pLhs;
-    pNew->x.pSelect->pEList = pRhs;
-    if( pLhs && pLhs->nExpr==1 ){
-      /* Take care here not to generate a TK_VECTOR containing only a
-      ** single value. Since the parser never creates such a vector, some
-      ** of the subroutines do not handle this case.  */
-      Expr *p = pLhs->a[0].pExpr;
-      pLhs->a[0].pExpr = 0;
-      sqlite3ExprDelete(db, pNew->pLeft);
-      pNew->pLeft = p;
-    }
-    pSelect = pNew->x.pSelect;
-    if( pSelect->pOrderBy ){
-      /* If the SELECT statement has an ORDER BY clause, zero the
-      ** iOrderByCol variables. These are set to non-zero when an
-      ** ORDER BY term exactly matches one of the terms of the
-      ** result-set. Since the result-set of the SELECT statement may
-      ** have been modified or reordered, these variables are no longer
-      ** set correctly.  Since setting them is just an optimization,
-      ** it's easiest just to zero them here.  */
-      ExprList *pOrderBy = pSelect->pOrderBy;
-      for(i=0; inExpr; i++){
-        pOrderBy->a[i].u.x.iOrderByCol = 0;
+    for(pSelect=pNew->x.pSelect; pSelect; pSelect=pSelect->pPrior){
+      ExprList *pOrigRhs;         /* Original unmodified RHS */
+      ExprList *pOrigLhs = 0;     /* Original unmodified LHS */
+      ExprList *pRhs = 0;         /* New RHS after modifications */
+      ExprList *pLhs = 0;         /* New LHS after mods */
+      int i;                      /* Loop counter */
+
+      assert( ExprUseXSelect(pNew) );
+      pOrigRhs = pSelect->pEList;
+      assert( pNew->pLeft!=0 );
+      assert( ExprUseXList(pNew->pLeft) );
+      if( pSelect==pNew->x.pSelect ){
+        pOrigLhs = pNew->pLeft->x.pList;
+      }
+      for(i=iEq; inLTerm; i++){
+        if( pLoop->aLTerm[i]->pExpr==pX ){
+          int iField;
+          assert( (pLoop->aLTerm[i]->eOperator & (WO_OR|WO_AND))==0 );
+          iField = pLoop->aLTerm[i]->u.x.iField - 1;
+          if( pOrigRhs->a[iField].pExpr==0 ) continue; /* Duplicate PK column */
+          pRhs = sqlite3ExprListAppend(pParse, pRhs, pOrigRhs->a[iField].pExpr);
+          pOrigRhs->a[iField].pExpr = 0;
+          if( pOrigLhs ){
+            assert( pOrigLhs->a[iField].pExpr!=0 );
+            pLhs = sqlite3ExprListAppend(pParse,pLhs,pOrigLhs->a[iField].pExpr);
+            pOrigLhs->a[iField].pExpr = 0;
+          }
+        }
+      }
+      sqlite3ExprListDelete(db, pOrigRhs);
+      if( pOrigLhs ){
+        sqlite3ExprListDelete(db, pOrigLhs);
+        pNew->pLeft->x.pList = pLhs;
+      }
+      pSelect->pEList = pRhs;
+      if( pLhs && pLhs->nExpr==1 ){
+        /* Take care here not to generate a TK_VECTOR containing only a
+        ** single value. Since the parser never creates such a vector, some
+        ** of the subroutines do not handle this case.  */
+        Expr *p = pLhs->a[0].pExpr;
+        pLhs->a[0].pExpr = 0;
+        sqlite3ExprDelete(db, pNew->pLeft);
+        pNew->pLeft = p;
+      }
+      if( pSelect->pOrderBy ){
+        /* If the SELECT statement has an ORDER BY clause, zero the
+        ** iOrderByCol variables. These are set to non-zero when an
+        ** ORDER BY term exactly matches one of the terms of the
+        ** result-set. Since the result-set of the SELECT statement may
+        ** have been modified or reordered, these variables are no longer
+        ** set correctly.  Since setting them is just an optimization,
+        ** it's easiest just to zero them here.  */
+        ExprList *pOrderBy = pSelect->pOrderBy;
+        for(i=0; inExpr; i++){
+          pOrderBy->a[i].u.x.iOrderByCol = 0;
+        }
       }
-    }
 
 #if 0
-    printf("For indexing, change the IN expr:\n");
-    sqlite3TreeViewExpr(0, pX, 0);
-    printf("Into:\n");
-    sqlite3TreeViewExpr(0, pNew, 0);
+      printf("For indexing, change the IN expr:\n");
+      sqlite3TreeViewExpr(0, pX, 0);
+      printf("Into:\n");
+      sqlite3TreeViewExpr(0, pNew, 0);
 #endif
+    }
   }
   return pNew;
 }
@@ -150148,7 +154037,7 @@ static void whereLikeOptimizationStringFixup(
   if( pTerm->wtFlags & TERM_LIKEOPT ){
     VdbeOp *pOp;
     assert( pLevel->iLikeRepCntr>0 );
-    pOp = sqlite3VdbeGetOp(v, -1);
+    pOp = sqlite3VdbeGetLastOp(v);
     assert( pOp!=0 );
     assert( pOp->opcode==OP_String8
             || pTerm->pWC->pWInfo->pParse->db->mallocFailed );
@@ -150242,11 +154131,12 @@ static int codeCursorHintIsOrFunction(Walker *pWalker, Expr *pExpr){
 */
 static int codeCursorHintFixExpr(Walker *pWalker, Expr *pExpr){
   int rc = WRC_Continue;
+  int reg;
   struct CCurHint *pHint = pWalker->u.pCCurHint;
   if( pExpr->op==TK_COLUMN ){
     if( pExpr->iTable!=pHint->iTabCur ){
-      int reg = ++pWalker->pParse->nMem;   /* Register for column value */
-      sqlite3ExprCode(pWalker->pParse, pExpr, reg);
+      reg = ++pWalker->pParse->nMem;   /* Register for column value */
+      reg = sqlite3ExprCodeTarget(pWalker->pParse, pExpr, reg);
       pExpr->op = TK_REGISTER;
       pExpr->iTable = reg;
     }else if( pHint->pIdx!=0 ){
@@ -150254,15 +154144,15 @@ static int codeCursorHintFixExpr(Walker *pWalker, Expr *pExpr){
       pExpr->iColumn = sqlite3TableColumnToIndex(pHint->pIdx, pExpr->iColumn);
       assert( pExpr->iColumn>=0 );
     }
-  }else if( pExpr->op==TK_AGG_FUNCTION ){
-    /* An aggregate function in the WHERE clause of a query means this must
-    ** be a correlated sub-query, and expression pExpr is an aggregate from
-    ** the parent context. Do not walk the function arguments in this case.
-    **
-    ** todo: It should be possible to replace this node with a TK_REGISTER
-    ** expression, as the result of the expression must be stored in a
-    ** register at this point. The same holds for TK_AGG_COLUMN nodes. */
+  }else if( pExpr->pAggInfo ){
     rc = WRC_Prune;
+    reg = ++pWalker->pParse->nMem;   /* Register for column value */
+    reg = sqlite3ExprCodeTarget(pWalker->pParse, pExpr, reg);
+    pExpr->op = TK_REGISTER;
+    pExpr->iTable = reg;
+  }else if( pExpr->op==TK_TRUEFALSE ){
+    /* Do not walk disabled expressions.  tag-20230504-1 */
+    return WRC_Prune;
   }
   return rc;
 }
@@ -150364,7 +154254,7 @@ static void codeCursorHint(
   }
   if( pExpr!=0 ){
     sWalker.xExprCallback = codeCursorHintFixExpr;
-    sqlite3WalkExpr(&sWalker, pExpr);
+    if( pParse->nErr==0 ) sqlite3WalkExpr(&sWalker, pExpr);
     sqlite3VdbeAddOp4(v, OP_CursorHint,
                       (sHint.pIdx ? sHint.iIdxCur : sHint.iTabCur), 0, 0,
                       (const char*)pExpr, P4_EXPR);
@@ -150472,143 +154362,6 @@ static void codeExprOrVector(Parse *pParse, Expr *p, int iReg, int nReg){
   }
 }
 
-/* An instance of the IdxExprTrans object carries information about a
-** mapping from an expression on table columns into a column in an index
-** down through the Walker.
-*/
-typedef struct IdxExprTrans {
-  Expr *pIdxExpr;    /* The index expression */
-  int iTabCur;       /* The cursor of the corresponding table */
-  int iIdxCur;       /* The cursor for the index */
-  int iIdxCol;       /* The column for the index */
-  int iTabCol;       /* The column for the table */
-  WhereInfo *pWInfo; /* Complete WHERE clause information */
-  sqlite3 *db;       /* Database connection (for malloc()) */
-} IdxExprTrans;
-
-/*
-** Preserve pExpr on the WhereETrans list of the WhereInfo.
-*/
-static void preserveExpr(IdxExprTrans *pTrans, Expr *pExpr){
-  WhereExprMod *pNew;
-  pNew = sqlite3DbMallocRaw(pTrans->db, sizeof(*pNew));
-  if( pNew==0 ) return;
-  pNew->pNext = pTrans->pWInfo->pExprMods;
-  pTrans->pWInfo->pExprMods = pNew;
-  pNew->pExpr = pExpr;
-  memcpy(&pNew->orig, pExpr, sizeof(*pExpr));
-}
-
-/* The walker node callback used to transform matching expressions into
-** a reference to an index column for an index on an expression.
-**
-** If pExpr matches, then transform it into a reference to the index column
-** that contains the value of pExpr.
-*/
-static int whereIndexExprTransNode(Walker *p, Expr *pExpr){
-  IdxExprTrans *pX = p->u.pIdxTrans;
-  if( sqlite3ExprCompare(0, pExpr, pX->pIdxExpr, pX->iTabCur)==0 ){
-    pExpr = sqlite3ExprSkipCollate(pExpr);
-    preserveExpr(pX, pExpr);
-    pExpr->affExpr = sqlite3ExprAffinity(pExpr);
-    pExpr->op = TK_COLUMN;
-    pExpr->iTable = pX->iIdxCur;
-    pExpr->iColumn = pX->iIdxCol;
-    testcase( ExprHasProperty(pExpr, EP_Unlikely) );
-    ExprClearProperty(pExpr, EP_Skip|EP_Unlikely|EP_WinFunc|EP_Subrtn);
-    pExpr->y.pTab = 0;
-    return WRC_Prune;
-  }else{
-    return WRC_Continue;
-  }
-}
-
-#ifndef SQLITE_OMIT_GENERATED_COLUMNS
-/* A walker node callback that translates a column reference to a table
-** into a corresponding column reference of an index.
-*/
-static int whereIndexExprTransColumn(Walker *p, Expr *pExpr){
-  if( pExpr->op==TK_COLUMN ){
-    IdxExprTrans *pX = p->u.pIdxTrans;
-    if( pExpr->iTable==pX->iTabCur && pExpr->iColumn==pX->iTabCol ){
-      assert( ExprUseYTab(pExpr) && pExpr->y.pTab!=0 );
-      preserveExpr(pX, pExpr);
-      pExpr->affExpr = sqlite3TableColumnAffinity(pExpr->y.pTab,pExpr->iColumn);
-      pExpr->iTable = pX->iIdxCur;
-      pExpr->iColumn = pX->iIdxCol;
-      pExpr->y.pTab = 0;
-    }
-  }
-  return WRC_Continue;
-}
-#endif /* SQLITE_OMIT_GENERATED_COLUMNS */
-
-/*
-** For an indexes on expression X, locate every instance of expression X
-** in pExpr and change that subexpression into a reference to the appropriate
-** column of the index.
-**
-** 2019-10-24: Updated to also translate references to a VIRTUAL column in
-** the table into references to the corresponding (stored) column of the
-** index.
-*/
-static void whereIndexExprTrans(
-  Index *pIdx,      /* The Index */
-  int iTabCur,      /* Cursor of the table that is being indexed */
-  int iIdxCur,      /* Cursor of the index itself */
-  WhereInfo *pWInfo /* Transform expressions in this WHERE clause */
-){
-  int iIdxCol;               /* Column number of the index */
-  ExprList *aColExpr;        /* Expressions that are indexed */
-  Table *pTab;
-  Walker w;
-  IdxExprTrans x;
-  aColExpr = pIdx->aColExpr;
-  if( aColExpr==0 && !pIdx->bHasVCol ){
-    /* The index does not reference any expressions or virtual columns
-    ** so no translations are needed. */
-    return;
-  }
-  pTab = pIdx->pTable;
-  memset(&w, 0, sizeof(w));
-  w.u.pIdxTrans = &x;
-  x.iTabCur = iTabCur;
-  x.iIdxCur = iIdxCur;
-  x.pWInfo = pWInfo;
-  x.db = pWInfo->pParse->db;
-  for(iIdxCol=0; iIdxColnColumn; iIdxCol++){
-    i16 iRef = pIdx->aiColumn[iIdxCol];
-    if( iRef==XN_EXPR ){
-      assert( aColExpr!=0 && aColExpr->a[iIdxCol].pExpr!=0 );
-      x.pIdxExpr = aColExpr->a[iIdxCol].pExpr;
-      if( sqlite3ExprIsConstant(x.pIdxExpr) ) continue;
-      w.xExprCallback = whereIndexExprTransNode;
-#ifndef SQLITE_OMIT_GENERATED_COLUMNS
-    }else if( iRef>=0
-       && (pTab->aCol[iRef].colFlags & COLFLAG_VIRTUAL)!=0
-       && ((pTab->aCol[iRef].colFlags & COLFLAG_HASCOLL)==0
-           || sqlite3StrICmp(sqlite3ColumnColl(&pTab->aCol[iRef]),
-                                               sqlite3StrBINARY)==0)
-    ){
-      /* Check to see if there are direct references to generated columns
-      ** that are contained in the index.  Pulling the generated column
-      ** out of the index is an optimization only - the main table is always
-      ** available if the index cannot be used.  To avoid unnecessary
-      ** complication, omit this optimization if the collating sequence for
-      ** the column is non-standard */
-      x.iTabCol = iRef;
-      w.xExprCallback = whereIndexExprTransColumn;
-#endif /* SQLITE_OMIT_GENERATED_COLUMNS */
-    }else{
-      continue;
-    }
-    x.iIdxCol = iIdxCol;
-    sqlite3WalkExpr(&w, pWInfo->pWhere);
-    sqlite3WalkExprList(&w, pWInfo->pOrderBy);
-    sqlite3WalkExprList(&w, pWInfo->pResultSet);
-  }
-}
-
 /*
 ** The pTruth expression is always true because it is the WHERE clause
 ** a partial index that is driving a query loop.  Look through all of the
@@ -150677,6 +154430,8 @@ static SQLITE_NOINLINE void filterPullDown(
       testcase( pTerm->wtFlags & TERM_VIRTUAL );
       regRowid = sqlite3GetTempReg(pParse);
       regRowid = codeEqualityTerm(pParse, pTerm, pLevel, 0, 0, regRowid);
+      sqlite3VdbeAddOp2(pParse->pVdbe, OP_MustBeInt, regRowid, addrNxt);
+      VdbeCoverage(pParse->pVdbe);
       sqlite3VdbeAddOp4Int(pParse->pVdbe, OP_Filter, pLevel->regFilter,
                            addrNxt, regRowid, 1);
       VdbeCoverage(pParse->pVdbe);
@@ -150736,13 +154491,15 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
   pLevel->notReady = notReady & ~sqlite3WhereGetMask(&pWInfo->sMaskSet, iCur);
   bRev = (pWInfo->revMask>>iLevel)&1;
   VdbeModuleComment((v, "Begin WHERE-loop%d: %s",iLevel,pTabItem->pTab->zName));
-#if WHERETRACE_ENABLED /* 0x20800 */
-  if( sqlite3WhereTrace & 0x800 ){
+#if WHERETRACE_ENABLED /* 0x4001 */
+  if( sqlite3WhereTrace & 0x1 ){
     sqlite3DebugPrintf("Coding level %d of %d:  notReady=%llx  iFrom=%d\n",
        iLevel, pWInfo->nLevel, (u64)notReady, pLevel->iFrom);
-    sqlite3WhereLoopPrint(pLoop, pWC);
+    if( sqlite3WhereTrace & 0x1000 ){
+      sqlite3WhereLoopPrint(pLoop, pWC);
+    }
   }
-  if( sqlite3WhereTrace & 0x20000 ){
+  if( (sqlite3WhereTrace & 0x4001)==0x4001 ){
     if( iLevel==0 ){
       sqlite3DebugPrintf("WHERE clause being coded:\n");
       sqlite3TreeViewExpr(0, pWInfo->pWhere, 0);
@@ -150828,9 +154585,9 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
          && pLoop->u.vtab.bOmitOffset
         ){
           assert( pTerm->eOperator==WO_AUX );
-          assert( pWInfo->pLimit!=0 );
-          assert( pWInfo->pLimit->iOffset>0 );
-          sqlite3VdbeAddOp2(v, OP_Integer, 0, pWInfo->pLimit->iOffset);
+          assert( pWInfo->pSelect!=0 );
+          assert( pWInfo->pSelect->iOffset>0 );
+          sqlite3VdbeAddOp2(v, OP_Integer, 0, pWInfo->pSelect->iOffset);
           VdbeComment((v,"Zero OFFSET counter"));
         }
       }
@@ -150938,6 +154695,8 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
     if( iRowidReg!=iReleaseReg ) sqlite3ReleaseTempReg(pParse, iReleaseReg);
     addrNxt = pLevel->addrNxt;
     if( pLevel->regFilter ){
+      sqlite3VdbeAddOp2(v, OP_MustBeInt, iRowidReg, addrNxt);
+      VdbeCoverage(v);
       sqlite3VdbeAddOp4Int(v, OP_Filter, pLevel->regFilter, addrNxt,
                            iRowidReg, 1);
       VdbeCoverage(v);
@@ -151289,6 +155048,11 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
         ** guess. */
         addrSeekScan = sqlite3VdbeAddOp1(v, OP_SeekScan,
                                          (pIdx->aiRowLogEst[0]+9)/10);
+        if( pRangeStart || pRangeEnd ){
+          sqlite3VdbeChangeP5(v, 1);
+          sqlite3VdbeChangeP2(v, addrSeekScan, sqlite3VdbeCurrentAddr(v)+1);
+          addrSeekScan = 0;
+        }
         VdbeCoverage(v);
       }
       sqlite3VdbeAddOp4Int(v, op, iIdxCur, addrNxt, regBase, nConstraint);
@@ -151325,16 +155089,7 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
     assert( pLevel->p2==0 );
     if( pRangeEnd ){
       Expr *pRight = pRangeEnd->pExpr->pRight;
-      if( addrSeekScan ){
-        /* For a seek-scan that has a range on the lowest term of the index,
-        ** we have to make the top of the loop be code that sets the end
-        ** condition of the range.  Otherwise, the OP_SeekScan might jump
-        ** over that initialization, leaving the range-end value set to the
-        ** range-start value, resulting in a wrong answer.
-        ** See ticket 5981a8c041a3c2f3 (2021-11-02).
-        */
-        pLevel->p2 = sqlite3VdbeCurrentAddr(v);
-      }
+      assert( addrSeekScan==0 );
       codeExprOrVector(pParse, pRight, regBase+nEq, nTop);
       whereLikeOptimizationStringFixup(v, pLevel, pRangeEnd);
       if( (pRangeEnd->wtFlags & TERM_VNULL)==0
@@ -151364,11 +155119,11 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
       }
       nConstraint++;
     }
-    sqlite3DbFree(db, zStartAff);
-    sqlite3DbFree(db, zEndAff);
+    if( zStartAff ) sqlite3DbNNFreeNN(db, zStartAff);
+    if( zEndAff ) sqlite3DbNNFreeNN(db, zEndAff);
 
     /* Top of the loop body */
-    if( pLevel->p2==0 ) pLevel->p2 = sqlite3VdbeCurrentAddr(v);
+    pLevel->p2 = sqlite3VdbeCurrentAddr(v);
 
     /* Check if the index cursor is past the end of the range. */
     if( nConstraint ){
@@ -151427,27 +155182,6 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
     }
 
     if( pLevel->iLeftJoin==0 ){
-      /* If pIdx is an index on one or more expressions, then look through
-      ** all the expressions in pWInfo and try to transform matching expressions
-      ** into reference to index columns.  Also attempt to translate references
-      ** to virtual columns in the table into references to (stored) columns
-      ** of the index.
-      **
-      ** Do not do this for the RHS of a LEFT JOIN. This is because the
-      ** expression may be evaluated after OP_NullRow has been executed on
-      ** the cursor. In this case it is important to do the full evaluation,
-      ** as the result of the expression may not be NULL, even if all table
-      ** column values are.  https://www.sqlite.org/src/info/7fa8049685b50b5a
-      **
-      ** Also, do not do this when processing one index an a multi-index
-      ** OR clause, since the transformation will become invalid once we
-      ** move forward to the next index.
-      ** https://sqlite.org/src/info/4e8e4857d32d401f
-      */
-      if( (pWInfo->wctrlFlags & (WHERE_OR_SUBCLAUSE|WHERE_RIGHT_JOIN))==0 ){
-        whereIndexExprTrans(pIdx, iCur, iIdxCur, pWInfo);
-      }
-
       /* If a partial index is driving the loop, try to eliminate WHERE clause
       ** terms from the query that must be true due to the WHERE clause of
       ** the partial index.
@@ -151560,7 +155294,7 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
       int nNotReady;                 /* The number of notReady tables */
       SrcItem *origSrc;              /* Original list of tables */
       nNotReady = pWInfo->nLevel - iLevel - 1;
-      pOrTab = sqlite3StackAllocRaw(db,
+      pOrTab = sqlite3DbMallocRawNN(db,
                             sizeof(*pOrTab)+ nNotReady*sizeof(pOrTab->a[0]));
       if( pOrTab==0 ) return notReady;
       pOrTab->nAlloc = (u8)(nNotReady + 1);
@@ -151680,7 +155414,7 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
         }
         /* Loop through table entries that match term pOrTerm. */
         ExplainQueryPlan((pParse, 1, "INDEX %d", ii+1));
-        WHERETRACE(0xffff, ("Subplan for OR-clause:\n"));
+        WHERETRACE(0xffffffff, ("Subplan for OR-clause:\n"));
         pSubWInfo = sqlite3WhereBegin(pParse, pOrTab, pOrExpr, 0, 0, 0,
                                       WHERE_OR_SUBCLAUSE, iCovCur);
         assert( pSubWInfo || pParse->nErr );
@@ -151813,7 +155547,7 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
     assert( pLevel->op==OP_Return );
     pLevel->p2 = sqlite3VdbeCurrentAddr(v);
 
-    if( pWInfo->nLevel>1 ){ sqlite3StackFree(db, pOrTab); }
+    if( pWInfo->nLevel>1 ){ sqlite3DbFreeNN(db, pOrTab); }
     if( !untestedTerms ) disableTerm(pLevel, pTerm);
   }else
 #endif /* SQLITE_OMIT_OR_OPTIMIZATION */
@@ -151917,12 +155651,12 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
         }
 #endif
       }
-#ifdef WHERETRACE_ENABLED /* 0xffff */
+#ifdef WHERETRACE_ENABLED /* 0xffffffff */
       if( sqlite3WhereTrace ){
         VdbeNoopComment((v, "WhereTerm[%d] (%p) priority=%d",
                          pWC->nTerm-j, pTerm, iLoop));
       }
-      if( sqlite3WhereTrace & 0x800 ){
+      if( sqlite3WhereTrace & 0x4000 ){
         sqlite3DebugPrintf("Coding auxiliary constraint:\n");
         sqlite3WhereTermPrint(pTerm, pWC->nTerm-j);
       }
@@ -151951,8 +155685,8 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
     if( pTerm->leftCursor!=iCur ) continue;
     if( pTabItem->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT) ) continue;
     pE = pTerm->pExpr;
-#ifdef WHERETRACE_ENABLED /* 0x800 */
-    if( sqlite3WhereTrace & 0x800 ){
+#ifdef WHERETRACE_ENABLED /* 0x4001 */
+    if( (sqlite3WhereTrace & 0x4001)==0x4001 ){
       sqlite3DebugPrintf("Coding transitive constraint:\n");
       sqlite3WhereTermPrint(pTerm, pWC->nTerm-j);
     }
@@ -152067,13 +155801,13 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
     }
   }
 
-#if WHERETRACE_ENABLED /* 0x20800 */
-  if( sqlite3WhereTrace & 0x20000 ){
+#if WHERETRACE_ENABLED /* 0x4001 */
+  if( sqlite3WhereTrace & 0x4000 ){
     sqlite3DebugPrintf("All WHERE-clause terms after coding level %d:\n",
                        iLevel);
     sqlite3WhereClausePrint(pWC);
   }
-  if( sqlite3WhereTrace & 0x800 ){
+  if( sqlite3WhereTrace & 0x1 ){
     sqlite3DebugPrintf("End Coding level %d:  notReady=%llx\n",
        iLevel, (u64)pLevel->notReady);
   }
@@ -152441,7 +156175,7 @@ static int isLikeOrGlob(
         if( pLeft->op!=TK_COLUMN
          || sqlite3ExprAffinity(pLeft)!=SQLITE_AFF_TEXT
          || (ALWAYS( ExprUseYTab(pLeft) )
-             && pLeft->y.pTab
+             && ALWAYS(pLeft->y.pTab)
              && IsVirtual(pLeft->y.pTab))  /* Might be numeric */
         ){
           int isNum;
@@ -152558,8 +156292,7 @@ static int isAuxiliaryVtabOperator(
     **       MATCH(expression,vtab_column)
     */
     pCol = pList->a[1].pExpr;
-    assert( pCol->op!=TK_COLUMN || ExprUseYTab(pCol) );
-    testcase( pCol->op==TK_COLUMN && pCol->y.pTab==0 );
+    assert( pCol->op!=TK_COLUMN || (ExprUseYTab(pCol) && pCol->y.pTab!=0) );
     if( ExprIsVtab(pCol) ){
       for(i=0; ia[0].pExpr;
     assert( pCol->op!=TK_COLUMN || ExprUseYTab(pCol) );
-    testcase( pCol->op==TK_COLUMN && pCol->y.pTab==0 );
+    assert( pCol->op!=TK_COLUMN || (ExprUseYTab(pCol) && pCol->y.pTab!=0) );
     if( ExprIsVtab(pCol) ){
       sqlite3_vtab *pVtab;
       sqlite3_module *pMod;
@@ -152609,13 +156342,12 @@ static int isAuxiliaryVtabOperator(
     int res = 0;
     Expr *pLeft = pExpr->pLeft;
     Expr *pRight = pExpr->pRight;
-    assert( pLeft->op!=TK_COLUMN || ExprUseYTab(pLeft) );
-    testcase( pLeft->op==TK_COLUMN && pLeft->y.pTab==0 );
+    assert( pLeft->op!=TK_COLUMN || (ExprUseYTab(pLeft) && pLeft->y.pTab!=0) );
     if( ExprIsVtab(pLeft) ){
       res++;
     }
-    assert( pRight==0 || pRight->op!=TK_COLUMN || ExprUseYTab(pRight) );
-    testcase( pRight && pRight->op==TK_COLUMN && pRight->y.pTab==0 );
+    assert( pRight==0 || pRight->op!=TK_COLUMN
+            || (ExprUseYTab(pRight) && pRight->y.pTab!=0) );
     if( pRight && ExprIsVtab(pRight) ){
       res++;
       SWAP(Expr*, pLeft, pRight);
@@ -153151,35 +156883,40 @@ static Bitmask exprSelectUsage(WhereMaskSet *pMaskSet, Select *pS){
 */
 static SQLITE_NOINLINE int exprMightBeIndexed2(
   SrcList *pFrom,        /* The FROM clause */
-  Bitmask mPrereq,       /* Bitmask of FROM clause terms referenced by pExpr */
   int *aiCurCol,         /* Write the referenced table cursor and column here */
-  Expr *pExpr            /* An operand of a comparison operator */
+  Expr *pExpr,           /* An operand of a comparison operator */
+  int j                  /* Start looking with the j-th pFrom entry */
 ){
   Index *pIdx;
   int i;
   int iCur;
-  for(i=0; mPrereq>1; i++, mPrereq>>=1){}
-  iCur = pFrom->a[i].iCursor;
-  for(pIdx=pFrom->a[i].pTab->pIndex; pIdx; pIdx=pIdx->pNext){
-    if( pIdx->aColExpr==0 ) continue;
-    for(i=0; inKeyCol; i++){
-      if( pIdx->aiColumn[i]!=XN_EXPR ) continue;
-      if( sqlite3ExprCompareSkip(pExpr, pIdx->aColExpr->a[i].pExpr, iCur)==0 ){
-        aiCurCol[0] = iCur;
-        aiCurCol[1] = XN_EXPR;
-        return 1;
+  do{
+    iCur = pFrom->a[j].iCursor;
+    for(pIdx=pFrom->a[j].pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+      if( pIdx->aColExpr==0 ) continue;
+      for(i=0; inKeyCol; i++){
+        if( pIdx->aiColumn[i]!=XN_EXPR ) continue;
+        assert( pIdx->bHasExpr );
+        if( sqlite3ExprCompareSkip(pExpr,pIdx->aColExpr->a[i].pExpr,iCur)==0
+          && pExpr->op!=TK_STRING
+        ){
+          aiCurCol[0] = iCur;
+          aiCurCol[1] = XN_EXPR;
+          return 1;
+        }
       }
     }
-  }
+  }while( ++j < pFrom->nSrc );
   return 0;
 }
 static int exprMightBeIndexed(
   SrcList *pFrom,        /* The FROM clause */
-  Bitmask mPrereq,       /* Bitmask of FROM clause terms referenced by pExpr */
   int *aiCurCol,         /* Write the referenced table cursor & column here */
   Expr *pExpr,           /* An operand of a comparison operator */
   int op                 /* The specific comparison operator */
 ){
+  int i;
+
   /* If this expression is a vector to the left or right of a
   ** inequality constraint (>, <, >= or <=), perform the processing
   ** on the first element of the vector.  */
@@ -153189,7 +156926,6 @@ static int exprMightBeIndexed(
   if( pExpr->op==TK_VECTOR && (op>=TK_GT && ALWAYS(op<=TK_GE)) ){
     assert( ExprUseXList(pExpr) );
     pExpr = pExpr->x.pList->a[0].pExpr;
-
   }
 
   if( pExpr->op==TK_COLUMN ){
@@ -153197,9 +156933,16 @@ static int exprMightBeIndexed(
     aiCurCol[1] = pExpr->iColumn;
     return 1;
   }
-  if( mPrereq==0 ) return 0;                 /* No table references */
-  if( (mPrereq&(mPrereq-1))!=0 ) return 0;   /* Refs more than one table */
-  return exprMightBeIndexed2(pFrom,mPrereq,aiCurCol,pExpr);
+
+  for(i=0; inSrc; i++){
+    Index *pIdx;
+    for(pIdx=pFrom->a[i].pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+      if( pIdx->aColExpr ){
+        return exprMightBeIndexed2(pFrom,aiCurCol,pExpr,i);
+      }
+    }
+  }
+  return 0;
 }
 
 
@@ -153325,7 +157068,7 @@ static void exprAnalyze(
       pLeft = pLeft->x.pList->a[pTerm->u.x.iField-1].pExpr;
     }
 
-    if( exprMightBeIndexed(pSrc, prereqLeft, aiCurCol, pLeft, op) ){
+    if( exprMightBeIndexed(pSrc, aiCurCol, pLeft, op) ){
       pTerm->leftCursor = aiCurCol[0];
       assert( (pTerm->eOperator & (WO_OR|WO_AND))==0 );
       pTerm->u.x.leftColumn = aiCurCol[1];
@@ -153333,7 +157076,7 @@ static void exprAnalyze(
     }
     if( op==TK_IS ) pTerm->wtFlags |= TERM_IS;
     if( pRight
-     && exprMightBeIndexed(pSrc, pTerm->prereqRight, aiCurCol, pRight, op)
+     && exprMightBeIndexed(pSrc, aiCurCol, pRight, op)
      && !ExprHasProperty(pRight, EP_FixedCol)
     ){
       WhereTerm *pNew;
@@ -153377,7 +157120,7 @@ static void exprAnalyze(
      && 0==sqlite3ExprCanBeNull(pLeft)
     ){
       assert( !ExprHasProperty(pExpr, EP_IntValue) );
-      pExpr->op = TK_TRUEFALSE;
+      pExpr->op = TK_TRUEFALSE;  /* See tag-20230504-1 */
       pExpr->u.zToken = "false";
       ExprSetProperty(pExpr, EP_IsFalse);
       pTerm->prereqAll = 0;
@@ -153544,7 +157287,6 @@ static void exprAnalyze(
     transferJoinMarkings(pNewExpr1, pExpr);
     idxNew1 = whereClauseInsert(pWC, pNewExpr1, wtFlags);
     testcase( idxNew1==0 );
-    exprAnalyze(pSrc, pWC, idxNew1);
     pNewExpr2 = sqlite3ExprDup(db, pLeft, 0);
     pNewExpr2 = sqlite3PExpr(pParse, TK_LT,
            sqlite3ExprAddCollateString(pParse,pNewExpr2,zCollSeqName),
@@ -153552,6 +157294,7 @@ static void exprAnalyze(
     transferJoinMarkings(pNewExpr2, pExpr);
     idxNew2 = whereClauseInsert(pWC, pNewExpr2, wtFlags);
     testcase( idxNew2==0 );
+    exprAnalyze(pSrc, pWC, idxNew1);
     exprAnalyze(pSrc, pWC, idxNew2);
     pTerm = &pWC->a[idxTerm];
     if( isComplete ){
@@ -153608,7 +157351,7 @@ static void exprAnalyze(
    && pTerm->u.x.iField==0
    && pExpr->pLeft->op==TK_VECTOR
    && ALWAYS( ExprUseXSelect(pExpr) )
-   && pExpr->x.pSelect->pPrior==0
+   && (pExpr->x.pSelect->pPrior==0 || (pExpr->x.pSelect->selFlags & SF_Values))
 #ifndef SQLITE_OMIT_WINDOWFUNC
    && pExpr->x.pSelect->pWin==0
 #endif
@@ -153777,9 +157520,9 @@ static void whereAddLimitExpr(
 ** exist only so that they may be passed to the xBestIndex method of the
 ** single virtual table in the FROM clause of the SELECT.
 */
-SQLITE_PRIVATE void sqlite3WhereAddLimit(WhereClause *pWC, Select *p){
-  assert( p==0 || (p->pGroupBy==0 && (p->selFlags & SF_Aggregate)==0) );
-  if( (p && p->pLimit)                                          /* 1 */
+SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3WhereAddLimit(WhereClause *pWC, Select *p){
+  assert( p!=0 && p->pLimit!=0 );                 /* 1 -- checked by caller */
+  if( p->pGroupBy==0
    && (p->selFlags & (SF_Distinct|SF_Aggregate))==0             /* 2 */
    && (p->pSrc->nSrc==1 && IsVirtual(p->pSrc->a[0].pTab))       /* 3 */
   ){
@@ -153796,6 +157539,13 @@ SQLITE_PRIVATE void sqlite3WhereAddLimit(WhereClause *pWC, Select *p){
         assert( pWC->a[ii].eOperator==WO_ROWVAL );
         continue;
       }
+      if( pWC->a[ii].nChild ){
+        /* If this term has child terms, then they are also part of the
+        ** pWC->a[] array. So this term can be ignored, as a LIMIT clause
+        ** will only be added if each of the child terms passes the
+        ** (leftCursor==iCsr) test below.  */
+        continue;
+      }
       if( pWC->a[ii].leftCursor!=iCsr ) return;
     }
 
@@ -154015,9 +157765,12 @@ SQLITE_PRIVATE void sqlite3WhereTabFuncArgs(
     pRhs = sqlite3PExpr(pParse, TK_UPLUS,
         sqlite3ExprDup(pParse->db, pArgs->a[j].pExpr, 0), 0);
     pTerm = sqlite3PExpr(pParse, TK_EQ, pColRef, pRhs);
-    if( pItem->fg.jointype & (JT_LEFT|JT_LTORJ) ){
+    if( pItem->fg.jointype & (JT_LEFT|JT_RIGHT) ){
+      testcase( pItem->fg.jointype & JT_LEFT );  /* testtag-20230227a */
+      testcase( pItem->fg.jointype & JT_RIGHT ); /* testtag-20230227b */
       joinType = EP_OuterON;
     }else{
+      testcase( pItem->fg.jointype & JT_LTORJ ); /* testtag-20230227c */
       joinType = EP_InnerON;
     }
     sqlite3SetJoinExpr(pTerm, pItem->iCursor, joinType);
@@ -154096,7 +157849,7 @@ SQLITE_PRIVATE int sqlite3WhereIsDistinct(WhereInfo *pWInfo){
 ** block sorting is required.
 */
 SQLITE_PRIVATE int sqlite3WhereIsOrdered(WhereInfo *pWInfo){
-  return pWInfo->nOBSat;
+  return pWInfo->nOBSat<0 ? 0 : pWInfo->nOBSat;
 }
 
 /*
@@ -154734,7 +158487,7 @@ static void translateColumnToCopy(
 #if !defined(SQLITE_OMIT_VIRTUALTABLE) && defined(WHERETRACE_ENABLED)
 static void whereTraceIndexInfoInputs(sqlite3_index_info *p){
   int i;
-  if( !sqlite3WhereTrace ) return;
+  if( (sqlite3WhereTrace & 0x10)==0 ) return;
   for(i=0; inConstraint; i++){
     sqlite3DebugPrintf(
        "  constraint[%d]: col=%d termid=%d op=%d usabled=%d collseq=%s\n",
@@ -154754,7 +158507,7 @@ static void whereTraceIndexInfoInputs(sqlite3_index_info *p){
 }
 static void whereTraceIndexInfoOutputs(sqlite3_index_info *p){
   int i;
-  if( !sqlite3WhereTrace ) return;
+  if( (sqlite3WhereTrace & 0x10)==0 ) return;
   for(i=0; inConstraint; i++){
     sqlite3DebugPrintf("  usage[%d]: argvIdx=%d omit=%d\n",
        i,
@@ -154772,6 +158525,43 @@ static void whereTraceIndexInfoOutputs(sqlite3_index_info *p){
 #define whereTraceIndexInfoOutputs(A)
 #endif
 
+/*
+** We know that pSrc is an operand of an outer join.  Return true if
+** pTerm is a constraint that is compatible with that join.
+**
+** pTerm must be EP_OuterON if pSrc is the right operand of an
+** outer join.  pTerm can be either EP_OuterON or EP_InnerON if pSrc
+** is the left operand of a RIGHT join.
+**
+** See https://sqlite.org/forum/forumpost/206d99a16dd9212f
+** for an example of a WHERE clause constraints that may not be used on
+** the right table of a RIGHT JOIN because the constraint implies a
+** not-NULL condition on the left table of the RIGHT JOIN.
+*/
+static int constraintCompatibleWithOuterJoin(
+  const WhereTerm *pTerm,       /* WHERE clause term to check */
+  const SrcItem *pSrc           /* Table we are trying to access */
+){
+  assert( (pSrc->fg.jointype&(JT_LEFT|JT_LTORJ|JT_RIGHT))!=0 ); /* By caller */
+  testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_LEFT );
+  testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_LTORJ );
+  testcase( ExprHasProperty(pTerm->pExpr, EP_OuterON) )
+  testcase( ExprHasProperty(pTerm->pExpr, EP_InnerON) );
+  if( !ExprHasProperty(pTerm->pExpr, EP_OuterON|EP_InnerON)
+   || pTerm->pExpr->w.iJoin != pSrc->iCursor
+  ){
+    return 0;
+  }
+  if( (pSrc->fg.jointype & (JT_LEFT|JT_RIGHT))!=0
+   && ExprHasProperty(pTerm->pExpr, EP_InnerON)
+  ){
+    return 0;
+  }
+  return 1;
+}
+
+
+
 #ifndef SQLITE_OMIT_AUTOMATIC_INDEX
 /*
 ** Return TRUE if the WHERE clause term pTerm is of a form where it
@@ -154787,16 +158577,10 @@ static int termCanDriveIndex(
   if( pTerm->leftCursor!=pSrc->iCursor ) return 0;
   if( (pTerm->eOperator & (WO_EQ|WO_IS))==0 ) return 0;
   assert( (pSrc->fg.jointype & JT_RIGHT)==0 );
-  if( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0 ){
-    testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_LEFT );
-    testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_LTORJ );
-    testcase( ExprHasProperty(pTerm->pExpr, EP_OuterON) )
-    testcase( ExprHasProperty(pTerm->pExpr, EP_InnerON) );
-    if( !ExprHasProperty(pTerm->pExpr, EP_OuterON|EP_InnerON)
-     || pTerm->pExpr->w.iJoin != pSrc->iCursor
-    ){
-      return 0;  /* See tag-20191211-001 */
-    }
+  if( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0
+   && !constraintCompatibleWithOuterJoin(pTerm,pSrc)
+  ){
+    return 0;  /* See https://sqlite.org/forum/forumpost/51e6959f61 */
   }
   if( (pTerm->prereqRight & notReady)!=0 ) return 0;
   assert( (pTerm->eOperator & (WO_OR|WO_AND))==0 );
@@ -154810,6 +158594,57 @@ static int termCanDriveIndex(
 
 
 #ifndef SQLITE_OMIT_AUTOMATIC_INDEX
+
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+/*
+** Argument pIdx represents an automatic index that the current statement
+** will create and populate. Add an OP_Explain with text of the form:
+**
+**     CREATE AUTOMATIC INDEX ON () [WHERE ]
+**
+** This is only required if sqlite3_stmt_scanstatus() is enabled, to
+** associate an SQLITE_SCANSTAT_NCYCLE and SQLITE_SCANSTAT_NLOOP
+** values with. In order to avoid breaking legacy code and test cases,
+** the OP_Explain is not added if this is an EXPLAIN QUERY PLAN command.
+*/
+static void explainAutomaticIndex(
+  Parse *pParse,
+  Index *pIdx,                    /* Automatic index to explain */
+  int bPartial,                   /* True if pIdx is a partial index */
+  int *pAddrExplain               /* OUT: Address of OP_Explain */
+){
+  if( IS_STMT_SCANSTATUS(pParse->db) && pParse->explain!=2 ){
+    Table *pTab = pIdx->pTable;
+    const char *zSep = "";
+    char *zText = 0;
+    int ii = 0;
+    sqlite3_str *pStr = sqlite3_str_new(pParse->db);
+    sqlite3_str_appendf(pStr,"CREATE AUTOMATIC INDEX ON %s(", pTab->zName);
+    assert( pIdx->nColumn>1 );
+    assert( pIdx->aiColumn[pIdx->nColumn-1]==XN_ROWID );
+    for(ii=0; ii<(pIdx->nColumn-1); ii++){
+      const char *zName = 0;
+      int iCol = pIdx->aiColumn[ii];
+
+      zName = pTab->aCol[iCol].zCnName;
+      sqlite3_str_appendf(pStr, "%s%s", zSep, zName);
+      zSep = ", ";
+    }
+    zText = sqlite3_str_finish(pStr);
+    if( zText==0 ){
+      sqlite3OomFault(pParse->db);
+    }else{
+      *pAddrExplain = sqlite3VdbeExplain(
+          pParse, 0, "%s)%s", zText, (bPartial ? " WHERE " : "")
+      );
+      sqlite3_free(zText);
+    }
+  }
+}
+#else
+# define explainAutomaticIndex(a,b,c,d)
+#endif
+
 /*
 ** Generate code to construct the Index object for an automatic index
 ** and to set up the WhereLevel object pLevel so that the code generator
@@ -154817,8 +158652,7 @@ static int termCanDriveIndex(
 */
 static SQLITE_NOINLINE void constructAutomaticIndex(
   Parse *pParse,              /* The parsing context */
-  const WhereClause *pWC,     /* The WHERE clause */
-  const SrcItem *pSrc,        /* The FROM clause term to get the next index */
+  WhereClause *pWC,           /* The WHERE clause */
   const Bitmask notReady,     /* Mask of cursors that are not available */
   WhereLevel *pLevel          /* Write new index here */
 ){
@@ -154839,12 +158673,17 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
   char *zNotUsed;             /* Extra space on the end of pIdx */
   Bitmask idxCols;            /* Bitmap of columns used for indexing */
   Bitmask extraCols;          /* Bitmap of additional columns */
-  u8 sentWarning = 0;         /* True if a warnning has been issued */
+  u8 sentWarning = 0;         /* True if a warning has been issued */
+  u8 useBloomFilter = 0;      /* True to also add a Bloom filter */
   Expr *pPartial = 0;         /* Partial Index Expression */
   int iContinue = 0;          /* Jump here to skip excluded rows */
-  SrcItem *pTabItem;          /* FROM clause term being indexed */
+  SrcList *pTabList;          /* The complete FROM clause */
+  SrcItem *pSrc;              /* The FROM clause term to get the next index */
   int addrCounter = 0;        /* Address where integer counter is initialized */
   int regBase;                /* Array of registers where record is assembled */
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+  int addrExp = 0;            /* Address of OP_Explain */
+#endif
 
   /* Generate code to skip over the creation and initialization of the
   ** transient index on 2nd and subsequent iterations of the loop. */
@@ -154855,6 +158694,8 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
   /* Count the number of columns that will be added to the index
   ** and used to match WHERE clause constraints */
   nKeyCol = 0;
+  pTabList = pWC->pWInfo->pTabList;
+  pSrc = &pTabList->a[pLevel->iFrom];
   pTable = pSrc->pTab;
   pWCEnd = &pWC->a[pWC->nTerm];
   pLoop = pLevel->pWLoop;
@@ -154865,7 +158706,7 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
     ** WHERE clause (or the ON clause of a LEFT join) that constrain which
     ** rows of the target table (pSrc) that can be used. */
     if( (pTerm->wtFlags & TERM_VIRTUAL)==0
-     && sqlite3ExprIsTableConstraint(pExpr, pSrc)
+     && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, pLevel->iFrom)
     ){
       pPartial = sqlite3ExprAnd(pParse, pPartial,
                                 sqlite3ExprDup(pParse->db, pExpr, 0));
@@ -154906,7 +158747,11 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
   ** original table changes and the index and table cannot both be used
   ** if they go out of sync.
   */
-  extraCols = pSrc->colUsed & (~idxCols | MASKBIT(BMS-1));
+  if( IsView(pTable) ){
+    extraCols = ALLBITS;
+  }else{
+    extraCols = pSrc->colUsed & (~idxCols | MASKBIT(BMS-1));
+  }
   mxBitCol = MIN(BMS-1,pTable->nCol);
   testcase( pTable->nCol==BMS-1 );
   testcase( pTable->nCol==BMS-2 );
@@ -154942,6 +158787,16 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
         assert( pColl!=0 || pParse->nErr>0 ); /* TH3 collate01.800 */
         pIdx->azColl[n] = pColl ? pColl->zName : sqlite3StrBINARY;
         n++;
+        if( ALWAYS(pX->pLeft!=0)
+         && sqlite3ExprAffinity(pX->pLeft)!=SQLITE_AFF_TEXT
+        ){
+          /* TUNING: only use a Bloom filter on an automatic index
+          ** if one or more key columns has the ability to hold numeric
+          ** values, since strings all have the same hash in the Bloom
+          ** filter implementation and hence a Bloom filter on a text column
+          ** is not usually helpful. */
+          useBloomFilter = 1;
+        }
       }
     }
   }
@@ -154968,25 +158823,27 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
   pIdx->azColl[n] = sqlite3StrBINARY;
 
   /* Create the automatic index */
+  explainAutomaticIndex(pParse, pIdx, pPartial!=0, &addrExp);
   assert( pLevel->iIdxCur>=0 );
   pLevel->iIdxCur = pParse->nTab++;
   sqlite3VdbeAddOp2(v, OP_OpenAutoindex, pLevel->iIdxCur, nKeyCol+1);
   sqlite3VdbeSetP4KeyInfo(pParse, pIdx);
   VdbeComment((v, "for %s", pTable->zName));
-  if( OptimizationEnabled(pParse->db, SQLITE_BloomFilter) ){
+  if( OptimizationEnabled(pParse->db, SQLITE_BloomFilter) && useBloomFilter ){
+    sqlite3WhereExplainBloomFilter(pParse, pWC->pWInfo, pLevel);
     pLevel->regFilter = ++pParse->nMem;
     sqlite3VdbeAddOp2(v, OP_Blob, 10000, pLevel->regFilter);
   }
 
   /* Fill the automatic index with content */
-  pTabItem = &pWC->pWInfo->pTabList->a[pLevel->iFrom];
-  if( pTabItem->fg.viaCoroutine ){
-    int regYield = pTabItem->regReturn;
+  assert( pSrc == &pWC->pWInfo->pTabList->a[pLevel->iFrom] );
+  if( pSrc->fg.viaCoroutine ){
+    int regYield = pSrc->regReturn;
     addrCounter = sqlite3VdbeAddOp2(v, OP_Integer, 0, 0);
-    sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, pTabItem->addrFillSub);
+    sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, pSrc->addrFillSub);
     addrTop =  sqlite3VdbeAddOp1(v, OP_Yield, regYield);
     VdbeCoverage(v);
-    VdbeComment((v, "next row of %s", pTabItem->pTab->zName));
+    VdbeComment((v, "next row of %s", pSrc->pTab->zName));
   }else{
     addrTop = sqlite3VdbeAddOp1(v, OP_Rewind, pLevel->iTabCur); VdbeCoverage(v);
   }
@@ -155003,17 +158860,18 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
     sqlite3VdbeAddOp4Int(v, OP_FilterAdd, pLevel->regFilter, 0,
                          regBase, pLoop->u.btree.nEq);
   }
+  sqlite3VdbeScanStatusCounters(v, addrExp, addrExp, sqlite3VdbeCurrentAddr(v));
   sqlite3VdbeAddOp2(v, OP_IdxInsert, pLevel->iIdxCur, regRecord);
   sqlite3VdbeChangeP5(v, OPFLAG_USESEEKRESULT);
   if( pPartial ) sqlite3VdbeResolveLabel(v, iContinue);
-  if( pTabItem->fg.viaCoroutine ){
+  if( pSrc->fg.viaCoroutine ){
     sqlite3VdbeChangeP2(v, addrCounter, regBase+n);
     testcase( pParse->db->mallocFailed );
     assert( pLevel->iIdxCur>0 );
     translateColumnToCopy(pParse, addrTop, pLevel->iTabCur,
-                          pTabItem->regResult, pLevel->iIdxCur);
+                          pSrc->regResult, pLevel->iIdxCur);
     sqlite3VdbeGoto(v, addrTop);
-    pTabItem->fg.viaCoroutine = 0;
+    pSrc->fg.viaCoroutine = 0;
   }else{
     sqlite3VdbeAddOp2(v, OP_Next, pLevel->iTabCur, addrTop+1); VdbeCoverage(v);
     sqlite3VdbeChangeP5(v, SQLITE_STMTSTATUS_AUTOINDEX);
@@ -155023,6 +158881,7 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
 
   /* Jump here when skipping the initialization */
   sqlite3VdbeJumpHere(v, addrInit);
+  sqlite3VdbeScanStatusRange(v, addrExp, addrExp, -1);
 
 end_auto_index_create:
   sqlite3ExprDelete(pParse->db, pPartial);
@@ -155064,6 +158923,10 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
   Vdbe *v = pParse->pVdbe;             /* VDBE under construction */
   WhereLoop *pLoop = pLevel->pWLoop;   /* The loop being coded */
   int iCur;                            /* Cursor for table getting the filter */
+  IndexedExpr *saved_pIdxEpr;          /* saved copy of Parse.pIdxEpr */
+
+  saved_pIdxEpr = pParse->pIdxEpr;
+  pParse->pIdxEpr = 0;
 
   assert( pLoop!=0 );
   assert( v!=0 );
@@ -155071,9 +158934,11 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
 
   addrOnce = sqlite3VdbeAddOp0(v, OP_Once); VdbeCoverage(v);
   do{
+    const SrcList *pTabList;
     const SrcItem *pItem;
     const Table *pTab;
     u64 sz;
+    int iSrc;
     sqlite3WhereExplainBloomFilter(pParse, pWInfo, pLevel);
     addrCont = sqlite3VdbeMakeLabel(pParse);
     iCur = pLevel->iTabCur;
@@ -155087,7 +158952,9 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
     ** testing complicated.  By basing the blob size on the value in the
     ** sqlite_stat1 table, testing is much easier.
     */
-    pItem = &pWInfo->pTabList->a[pLevel->iFrom];
+    pTabList = pWInfo->pTabList;
+    iSrc = pLevel->iFrom;
+    pItem = &pTabList->a[iSrc];
     assert( pItem!=0 );
     pTab = pItem->pTab;
     assert( pTab!=0 );
@@ -155104,7 +158971,7 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
     for(pTerm=pWInfo->sWC.a; pTermpExpr;
       if( (pTerm->wtFlags & TERM_VIRTUAL)==0
-       && sqlite3ExprIsTableConstraint(pExpr, pItem)
+       && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, iSrc)
       ){
         sqlite3ExprIfFalse(pParse, pTerm->pExpr, addrCont, SQLITE_JUMPIFNULL);
       }
@@ -155120,9 +158987,8 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
       int r1 = sqlite3GetTempRange(pParse, n);
       int jj;
       for(jj=0; jjaiColumn[jj];
         assert( pIdx->pTable==pItem->pTab );
-        sqlite3ExprCodeGetColumnOfTable(v, pIdx->pTable, iCur, iCol,r1+jj);
+        sqlite3ExprCodeLoadIndexColumn(pParse, pIdx, iCur, jj, r1+jj);
       }
       sqlite3VdbeAddOp4Int(v, OP_FilterAdd, pLevel->regFilter, 0, r1, n);
       sqlite3ReleaseTempRange(pParse, r1, n);
@@ -155153,6 +159019,7 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
     }
   }while( iLevel < pWInfo->nLevel );
   sqlite3VdbeJumpHere(v, addrOnce);
+  pParse->pIdxEpr = saved_pIdxEpr;
 }
 
 
@@ -155208,22 +159075,10 @@ static sqlite3_index_info *allocateIndexInfo(
     assert( (pTerm->eOperator & (WO_OR|WO_AND))==0 );
     assert( pTerm->u.x.leftColumn>=XN_ROWID );
     assert( pTerm->u.x.leftColumnnCol );
-
-    /* tag-20191211-002: WHERE-clause constraints are not useful to the
-    ** right-hand table of a LEFT JOIN nor to the either table of a
-    ** RIGHT JOIN.  See tag-20191211-001 for the
-    ** equivalent restriction for ordinary tables. */
-    if( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0 ){
-      testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_LEFT );
-      testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_RIGHT );
-      testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_LTORJ );
-      testcase( ExprHasProperty(pTerm->pExpr, EP_OuterON) );
-      testcase( ExprHasProperty(pTerm->pExpr, EP_InnerON) );
-      if( !ExprHasProperty(pTerm->pExpr, EP_OuterON|EP_InnerON)
-       || pTerm->pExpr->w.iJoin != pSrc->iCursor
-      ){
-        continue;
-      }
+    if( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0
+     && !constraintCompatibleWithOuterJoin(pTerm,pSrc)
+    ){
+      continue;
     }
     nTerm++;
     pTerm->wtFlags |= TERM_OK;
@@ -155420,6 +159275,9 @@ static int vtabBestIndex(Parse *pParse, Table *pTab, sqlite3_index_info *p){
       sqlite3ErrorMsg(pParse, "%s", pVtab->zErrMsg);
     }
   }
+  if( pTab->u.vtab.p->bAllSchemas ){
+    sqlite3VtabUsesAllSchemas(pParse);
+  }
   sqlite3_free(pVtab->zErrMsg);
   pVtab->zErrMsg = 0;
   return rc;
@@ -155464,6 +159322,7 @@ static int whereKeyStats(
   assert( pIdx->nSample>0 );
   assert( pRec->nField>0 );
 
+
   /* Do a binary search to find the first sample greater than or equal
   ** to pRec. If pRec contains a single field, the set of samples to search
   ** is simply the aSample[] array. If the samples in aSample[] contain more
@@ -155508,7 +159367,12 @@ static int whereKeyStats(
   ** it is extended to two fields. The duplicates that this creates do not
   ** cause any problems.
   */
-  nField = MIN(pRec->nField, pIdx->nSample);
+  if( !HasRowid(pIdx->pTable) && IsPrimaryKeyIndex(pIdx) ){
+    nField = pIdx->nKeyCol;
+  }else{
+    nField = pIdx->nColumn;
+  }
+  nField = MIN(pRec->nField, nField);
   iCol = 0;
   iSample = pIdx->nSample * nField;
   do{
@@ -155574,12 +159438,12 @@ static int whereKeyStats(
       if( iCol>0 ){
         pRec->nField = iCol;
         assert( sqlite3VdbeRecordCompare(aSample[i].n, aSample[i].p, pRec)<=0
-             || pParse->db->mallocFailed );
+             || pParse->db->mallocFailed || CORRUPT_DB );
       }
       if( i>0 ){
         pRec->nField = nField;
         assert( sqlite3VdbeRecordCompare(aSample[i-1].n, aSample[i-1].p, pRec)<0
-             || pParse->db->mallocFailed );
+             || pParse->db->mallocFailed || CORRUPT_DB );
       }
     }
   }
@@ -155596,7 +159460,7 @@ static int whereKeyStats(
     ** is larger than all samples in the array. */
     tRowcnt iUpper, iGap;
     if( i>=pIdx->nSample ){
-      iUpper = sqlite3LogEstToInt(pIdx->aiRowLogEst[0]);
+      iUpper = pIdx->nRowEst0;
     }else{
       iUpper = aSample[i].anLt[iCol];
     }
@@ -155752,7 +159616,7 @@ static int whereRangeSkipScanEst(
       int nAdjust = (sqlite3LogEst(p->nSample) - sqlite3LogEst(nDiff));
       pLoop->nOut -= nAdjust;
       *pbDone = 1;
-      WHERETRACE(0x10, ("range skip-scan regions: %u..%u  adjust=%d est=%d\n",
+      WHERETRACE(0x20, ("range skip-scan regions: %u..%u  adjust=%d est=%d\n",
                            nLower, nUpper, nAdjust*-1, pLoop->nOut));
     }
 
@@ -155930,7 +159794,7 @@ static int whereRangeScanEst(
         if( nNewwtFlags & TERM_VNULL)==0 );
+  assert( pUpper==0 || (pUpper->wtFlags & TERM_VNULL)==0 || pParse->nErr>0 );
   nNew = whereRangeAdjust(pLower, nOut);
   nNew = whereRangeAdjust(pUpper, nNew);
 
@@ -155963,7 +159827,7 @@ static int whereRangeScanEst(
   if( nNewnOut>nOut ){
-    WHERETRACE(0x10,("Range scan lowers nOut from %d to %d\n",
+    WHERETRACE(0x20,("Range scan lowers nOut from %d to %d\n",
                     pLoop->nOut, nOut));
   }
 #endif
@@ -156028,7 +159892,7 @@ static int whereEqualScanEst(
   pBuilder->nRecValid = nEq;
 
   whereKeyStats(pParse, p, pRec, 0, a);
-  WHERETRACE(0x10,("equality scan regions %s(%d): %d\n",
+  WHERETRACE(0x20,("equality scan regions %s(%d): %d\n",
                    p->zName, nEq-1, (int)a[1]));
   *pnRow = a[1];
 
@@ -156076,9 +159940,9 @@ static int whereInScanEst(
   }
 
   if( rc==SQLITE_OK ){
-    if( nRowEst > nRow0 ) nRowEst = nRow0;
+    if( nRowEst > (tRowcnt)nRow0 ) nRowEst = nRow0;
     *pnRow = nRowEst;
-    WHERETRACE(0x10,("IN row estimate: est=%d\n", nRowEst));
+    WHERETRACE(0x20,("IN row estimate: est=%d\n", nRowEst));
   }
   assert( pBuilder->nRecValid==nRecValid );
   return rc;
@@ -156187,7 +160051,7 @@ SQLITE_PRIVATE void sqlite3WhereLoopPrint(WhereLoop *p, WhereClause *pWC){
     sqlite3DebugPrintf(" f %06x N %d", p->wsFlags, p->nLTerm);
   }
   sqlite3DebugPrintf(" cost %d,%d,%d\n", p->rSetup, p->rRun, p->nOut);
-  if( p->nLTerm && (sqlite3WhereTrace & 0x100)!=0 ){
+  if( p->nLTerm && (sqlite3WhereTrace & 0x4000)!=0 ){
     int i;
     for(i=0; inLTerm; i++){
       sqlite3WhereTermPrint(p->aLTerm[i], i);
@@ -156225,12 +160089,18 @@ static void whereLoopClearUnion(sqlite3 *db, WhereLoop *p){
 }
 
 /*
-** Deallocate internal memory used by a WhereLoop object
+** Deallocate internal memory used by a WhereLoop object.  Leave the
+** object in an initialized state, as if it had been newly allocated.
 */
 static void whereLoopClear(sqlite3 *db, WhereLoop *p){
-  if( p->aLTerm!=p->aLTermSpace ) sqlite3DbFreeNN(db, p->aLTerm);
+  if( p->aLTerm!=p->aLTermSpace ){
+    sqlite3DbFreeNN(db, p->aLTerm);
+    p->aLTerm = p->aLTermSpace;
+    p->nLSlot = ArraySize(p->aLTermSpace);
+  }
   whereLoopClearUnion(db, p);
-  whereLoopInit(p);
+  p->nLTerm = 0;
+  p->wsFlags = 0;
 }
 
 /*
@@ -156254,7 +160124,9 @@ static int whereLoopResize(sqlite3 *db, WhereLoop *p, int n){
 */
 static int whereLoopXfer(sqlite3 *db, WhereLoop *pTo, WhereLoop *pFrom){
   whereLoopClearUnion(db, pTo);
-  if( whereLoopResize(db, pTo, pFrom->nLTerm) ){
+  if( pFrom->nLTerm > pTo->nLSlot
+   && whereLoopResize(db, pTo, pFrom->nLTerm)
+  ){
     memset(pTo, 0, WHERE_LOOP_XFER_SZ);
     return SQLITE_NOMEM_BKPT;
   }
@@ -156272,8 +160144,9 @@ static int whereLoopXfer(sqlite3 *db, WhereLoop *pTo, WhereLoop *pFrom){
 ** Delete a WhereLoop object
 */
 static void whereLoopDelete(sqlite3 *db, WhereLoop *p){
+  assert( db!=0 );
   whereLoopClear(db, p);
-  sqlite3DbFreeNN(db, p);
+  sqlite3DbNNFreeNN(db, p);
 }
 
 /*
@@ -156281,30 +160154,19 @@ static void whereLoopDelete(sqlite3 *db, WhereLoop *p){
 */
 static void whereInfoFree(sqlite3 *db, WhereInfo *pWInfo){
   assert( pWInfo!=0 );
+  assert( db!=0 );
   sqlite3WhereClauseClear(&pWInfo->sWC);
   while( pWInfo->pLoops ){
     WhereLoop *p = pWInfo->pLoops;
     pWInfo->pLoops = p->pNextLoop;
     whereLoopDelete(db, p);
   }
-  assert( pWInfo->pExprMods==0 );
   while( pWInfo->pMemToFree ){
     WhereMemBlock *pNext = pWInfo->pMemToFree->pNext;
-    sqlite3DbFreeNN(db, pWInfo->pMemToFree);
+    sqlite3DbNNFreeNN(db, pWInfo->pMemToFree);
     pWInfo->pMemToFree = pNext;
   }
-  sqlite3DbFreeNN(db, pWInfo);
-}
-
-/* Undo all Expr node modifications
-*/
-static void whereUndoExprMods(WhereInfo *pWInfo){
-  while( pWInfo->pExprMods ){
-    WhereExprMod *p = pWInfo->pExprMods;
-    pWInfo->pExprMods = p->pNext;
-    memcpy(p->pExpr, &p->orig, sizeof(p->orig));
-    sqlite3DbFree(pWInfo->pParse->db, p);
-  }
+  sqlite3DbNNFreeNN(db, pWInfo);
 }
 
 /*
@@ -156653,6 +160515,7 @@ static void whereLoopOutputAdjust(
       if( pX->iParent>=0 && (&pWC->a[pX->iParent])==pTerm ) break;
     }
     if( j<0 ){
+      sqlite3ProgressCheck(pWC->pWInfo->pParse);
       if( pLoop->maskSelf==pTerm->prereqAll ){
         /* If there are extra terms in the WHERE clause not used by an index
         ** that depend only on the table being scanned, and that will tend to
@@ -156820,7 +160683,10 @@ static int whereLoopAddBtreeIndex(
   WhereTerm *pTop = 0, *pBtm = 0; /* Top and bottom range constraints */
 
   pNew = pBuilder->pNew;
-  if( db->mallocFailed ) return SQLITE_NOMEM_BKPT;
+  assert( db->mallocFailed==0 || pParse->nErr>0 );
+  if( pParse->nErr ){
+    return pParse->rc;
+  }
   WHERETRACE(0x800, ("BEGIN %s.addBtreeIdx(%s), nEq=%d, nSkip=%d, rRun=%d\n",
                      pProbe->pTable->zName,pProbe->zName,
                      pNew->u.btree.nEq, pNew->nSkip, pNew->rRun));
@@ -156871,32 +160737,11 @@ static int whereLoopAddBtreeIndex(
     ** to mix with a lower range bound from some other source */
     if( pTerm->wtFlags & TERM_LIKEOPT && pTerm->eOperator==WO_LT ) continue;
 
-    /* tag-20191211-001:  Do not allow constraints from the WHERE clause to
-    ** be used by the right table of a LEFT JOIN nor by the left table of a
-    ** RIGHT JOIN.  Only constraints in the ON clause are allowed.
-    ** See tag-20191211-002 for the vtab equivalent.
-    **
-    ** 2022-06-06: See https://sqlite.org/forum/forumpost/206d99a16dd9212f
-    ** for an example of a WHERE clause constraints that may not be used on
-    ** the right table of a RIGHT JOIN because the constraint implies a
-    ** not-NULL condition on the left table of the RIGHT JOIN.
-    **
-    ** 2022-06-10: The same condition applies to termCanDriveIndex() above.
-    ** https://sqlite.org/forum/forumpost/51e6959f61
-    */
-    if( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0 ){
-      testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_LEFT );
-      testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_RIGHT );
-      testcase( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))==JT_LTORJ );
-      testcase( ExprHasProperty(pTerm->pExpr, EP_OuterON) )
-      testcase( ExprHasProperty(pTerm->pExpr, EP_InnerON) );
-      if( !ExprHasProperty(pTerm->pExpr, EP_OuterON|EP_InnerON)
-       || pTerm->pExpr->w.iJoin != pSrc->iCursor
-      ){
-        continue;
-      }
+    if( (pSrc->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0
+     && !constraintCompatibleWithOuterJoin(pTerm,pSrc)
+    ){
+      continue;
     }
-
     if( IsUniqueIndex(pProbe) && saved_nEq==pProbe->nKeyCol-1 ){
       pBuilder->bldFlags1 |= SQLITE_BLDF1_UNIQUE;
     }else{
@@ -156907,7 +160752,11 @@ static int whereLoopAddBtreeIndex(
     pNew->u.btree.nBtm = saved_nBtm;
     pNew->u.btree.nTop = saved_nTop;
     pNew->nLTerm = saved_nLTerm;
-    if( whereLoopResize(db, pNew, pNew->nLTerm+1) ) break; /* OOM */
+    if( pNew->nLTerm>=pNew->nLSlot
+     && whereLoopResize(db, pNew, pNew->nLTerm+1)
+    ){
+       break; /* OOM while trying to enlarge the pNew->aLTerm array */
+    }
     pNew->aLTerm[pNew->nLTerm++] = pTerm;
     pNew->prereq = (saved_prereq | pTerm->prereqRight) & ~pNew->maskSelf;
 
@@ -157000,38 +160849,39 @@ static int whereLoopAddBtreeIndex(
       if( scan.iEquiv>1 ) pNew->wsFlags |= WHERE_TRANSCONS;
     }else if( eOp & WO_ISNULL ){
       pNew->wsFlags |= WHERE_COLUMN_NULL;
-    }else if( eOp & (WO_GT|WO_GE) ){
-      testcase( eOp & WO_GT );
-      testcase( eOp & WO_GE );
-      pNew->wsFlags |= WHERE_COLUMN_RANGE|WHERE_BTM_LIMIT;
-      pNew->u.btree.nBtm = whereRangeVectorLen(
-          pParse, pSrc->iCursor, pProbe, saved_nEq, pTerm
-      );
-      pBtm = pTerm;
-      pTop = 0;
-      if( pTerm->wtFlags & TERM_LIKEOPT ){
-        /* Range constraints that come from the LIKE optimization are
-        ** always used in pairs. */
-        pTop = &pTerm[1];
-        assert( (pTop-(pTerm->pWC->a))pWC->nTerm );
-        assert( pTop->wtFlags & TERM_LIKEOPT );
-        assert( pTop->eOperator==WO_LT );
-        if( whereLoopResize(db, pNew, pNew->nLTerm+1) ) break; /* OOM */
-        pNew->aLTerm[pNew->nLTerm++] = pTop;
-        pNew->wsFlags |= WHERE_TOP_LIMIT;
-        pNew->u.btree.nTop = 1;
-      }
-    }else{
-      assert( eOp & (WO_LT|WO_LE) );
-      testcase( eOp & WO_LT );
-      testcase( eOp & WO_LE );
-      pNew->wsFlags |= WHERE_COLUMN_RANGE|WHERE_TOP_LIMIT;
-      pNew->u.btree.nTop = whereRangeVectorLen(
+    }else{
+      int nVecLen = whereRangeVectorLen(
           pParse, pSrc->iCursor, pProbe, saved_nEq, pTerm
       );
-      pTop = pTerm;
-      pBtm = (pNew->wsFlags & WHERE_BTM_LIMIT)!=0 ?
-                     pNew->aLTerm[pNew->nLTerm-2] : 0;
+      if( eOp & (WO_GT|WO_GE) ){
+        testcase( eOp & WO_GT );
+        testcase( eOp & WO_GE );
+        pNew->wsFlags |= WHERE_COLUMN_RANGE|WHERE_BTM_LIMIT;
+        pNew->u.btree.nBtm = nVecLen;
+        pBtm = pTerm;
+        pTop = 0;
+        if( pTerm->wtFlags & TERM_LIKEOPT ){
+          /* Range constraints that come from the LIKE optimization are
+          ** always used in pairs. */
+          pTop = &pTerm[1];
+          assert( (pTop-(pTerm->pWC->a))pWC->nTerm );
+          assert( pTop->wtFlags & TERM_LIKEOPT );
+          assert( pTop->eOperator==WO_LT );
+          if( whereLoopResize(db, pNew, pNew->nLTerm+1) ) break; /* OOM */
+          pNew->aLTerm[pNew->nLTerm++] = pTop;
+          pNew->wsFlags |= WHERE_TOP_LIMIT;
+          pNew->u.btree.nTop = 1;
+        }
+      }else{
+        assert( eOp & (WO_LT|WO_LE) );
+        testcase( eOp & WO_LT );
+        testcase( eOp & WO_LE );
+        pNew->wsFlags |= WHERE_COLUMN_RANGE|WHERE_TOP_LIMIT;
+        pNew->u.btree.nTop = nVecLen;
+        pTop = pTerm;
+        pBtm = (pNew->wsFlags & WHERE_BTM_LIMIT)!=0 ?
+                       pNew->aLTerm[pNew->nLTerm-2] : 0;
+      }
     }
 
     /* At this point pNew->nOut is set to the number of rows expected to
@@ -157083,7 +160933,7 @@ static int whereLoopAddBtreeIndex(
              && pNew->nOut+10 > pProbe->aiRowLogEst[0]
             ){
 #if WHERETRACE_ENABLED /* 0x01 */
-              if( sqlite3WhereTrace & 0x01 ){
+              if( sqlite3WhereTrace & 0x20 ){
                 sqlite3DebugPrintf(
                    "STAT4 determines term has low selectivity:\n");
                 sqlite3WhereTermPrint(pTerm, 999);
@@ -157120,9 +160970,17 @@ static int whereLoopAddBtreeIndex(
     ** seek only. Then, if this is a non-covering index, add the cost of
     ** visiting the rows in the main table.  */
     assert( pSrc->pTab->szTabRow>0 );
-    rCostIdx = pNew->nOut + 1 + (15*pProbe->szIdxRow)/pSrc->pTab->szTabRow;
+    if( pProbe->idxType==SQLITE_IDXTYPE_IPK ){
+      /* The pProbe->szIdxRow is low for an IPK table since the interior
+      ** pages are small.  Thuse szIdxRow gives a good estimate of seek cost.
+      ** But the leaf pages are full-size, so pProbe->szIdxRow would badly
+      ** under-estimate the scanning cost. */
+      rCostIdx = pNew->nOut + 16;
+    }else{
+      rCostIdx = pNew->nOut + 1 + (15*pProbe->szIdxRow)/pSrc->pTab->szTabRow;
+    }
     pNew->rRun = sqlite3LogEstAdd(rLogSize, rCostIdx);
-    if( (pNew->wsFlags & (WHERE_IDX_ONLY|WHERE_IPK))==0 ){
+    if( (pNew->wsFlags & (WHERE_IDX_ONLY|WHERE_IPK|WHERE_EXPRIDX))==0 ){
       pNew->rRun = sqlite3LogEstAdd(pNew->rRun, pNew->nOut + 16);
     }
     ApplyCostMultiplier(pNew->rRun, pProbe->pTable->costMult);
@@ -157144,6 +161002,9 @@ static int whereLoopAddBtreeIndex(
      && (pNew->u.btree.nEqnKeyCol ||
            pProbe->idxType!=SQLITE_IDXTYPE_PRIMARYKEY)
     ){
+      if( pNew->u.btree.nEq>3 ){
+        sqlite3ProgressCheck(pParse);
+      }
       whereLoopAddBtreeIndex(pBuilder, pSrc, pProbe, nInMul+nIn);
     }
     pNew->nOut = saved_nOut;
@@ -157275,6 +161136,149 @@ static int whereUsablePartialIndex(
   return 0;
 }
 
+/*
+** pIdx is an index containing expressions.  Check it see if any of the
+** expressions in the index match the pExpr expression.
+*/
+static int exprIsCoveredByIndex(
+  const Expr *pExpr,
+  const Index *pIdx,
+  int iTabCur
+){
+  int i;
+  for(i=0; inColumn; i++){
+    if( pIdx->aiColumn[i]==XN_EXPR
+     && sqlite3ExprCompare(0, pExpr, pIdx->aColExpr->a[i].pExpr, iTabCur)==0
+    ){
+      return 1;
+    }
+  }
+  return 0;
+}
+
+/*
+** Structure passed to the whereIsCoveringIndex Walker callback.
+*/
+typedef struct CoveringIndexCheck CoveringIndexCheck;
+struct CoveringIndexCheck {
+  Index *pIdx;       /* The index */
+  int iTabCur;       /* Cursor number for the corresponding table */
+  u8 bExpr;          /* Uses an indexed expression */
+  u8 bUnidx;         /* Uses an unindexed column not within an indexed expr */
+};
+
+/*
+** Information passed in is pWalk->u.pCovIdxCk.  Call it pCk.
+**
+** If the Expr node references the table with cursor pCk->iTabCur, then
+** make sure that column is covered by the index pCk->pIdx.  We know that
+** all columns less than 63 (really BMS-1) are covered, so we don't need
+** to check them.  But we do need to check any column at 63 or greater.
+**
+** If the index does not cover the column, then set pWalk->eCode to
+** non-zero and return WRC_Abort to stop the search.
+**
+** If this node does not disprove that the index can be a covering index,
+** then just return WRC_Continue, to continue the search.
+**
+** If pCk->pIdx contains indexed expressions and one of those expressions
+** matches pExpr, then prune the search.
+*/
+static int whereIsCoveringIndexWalkCallback(Walker *pWalk, Expr *pExpr){
+  int i;                    /* Loop counter */
+  const Index *pIdx;        /* The index of interest */
+  const i16 *aiColumn;      /* Columns contained in the index */
+  u16 nColumn;              /* Number of columns in the index */
+  CoveringIndexCheck *pCk;  /* Info about this search */
+
+  pCk = pWalk->u.pCovIdxCk;
+  pIdx = pCk->pIdx;
+  if( (pExpr->op==TK_COLUMN || pExpr->op==TK_AGG_COLUMN) ){
+    /* if( pExpr->iColumn<(BMS-1) && pIdx->bHasExpr==0 ) return WRC_Continue;*/
+    if( pExpr->iTable!=pCk->iTabCur ) return WRC_Continue;
+    pIdx = pWalk->u.pCovIdxCk->pIdx;
+    aiColumn = pIdx->aiColumn;
+    nColumn = pIdx->nColumn;
+    for(i=0; iiColumn ) return WRC_Continue;
+    }
+    pCk->bUnidx = 1;
+    return WRC_Abort;
+  }else if( pIdx->bHasExpr
+         && exprIsCoveredByIndex(pExpr, pIdx, pWalk->u.pCovIdxCk->iTabCur) ){
+    pCk->bExpr = 1;
+    return WRC_Prune;
+  }
+  return WRC_Continue;
+}
+
+
+/*
+** pIdx is an index that covers all of the low-number columns used by
+** pWInfo->pSelect (columns from 0 through 62) or an index that has
+** expressions terms.  Hence, we cannot determine whether or not it is
+** a covering index by using the colUsed bitmasks.  We have to do a search
+** to see if the index is covering.  This routine does that search.
+**
+** The return value is one of these:
+**
+**      0                The index is definitely not a covering index
+**
+**      WHERE_IDX_ONLY   The index is definitely a covering index
+**
+**      WHERE_EXPRIDX    The index is likely a covering index, but it is
+**                       difficult to determine precisely because of the
+**                       expressions that are indexed.  Score it as a
+**                       covering index, but still keep the main table open
+**                       just in case we need it.
+**
+** This routine is an optimization.  It is always safe to return zero.
+** But returning one of the other two values when zero should have been
+** returned can lead to incorrect bytecode and assertion faults.
+*/
+static SQLITE_NOINLINE u32 whereIsCoveringIndex(
+  WhereInfo *pWInfo,     /* The WHERE clause context */
+  Index *pIdx,           /* Index that is being tested */
+  int iTabCur            /* Cursor for the table being indexed */
+){
+  int i, rc;
+  struct CoveringIndexCheck ck;
+  Walker w;
+  if( pWInfo->pSelect==0 ){
+    /* We don't have access to the full query, so we cannot check to see
+    ** if pIdx is covering.  Assume it is not. */
+    return 0;
+  }
+  if( pIdx->bHasExpr==0 ){
+    for(i=0; inColumn; i++){
+      if( pIdx->aiColumn[i]>=BMS-1 ) break;
+    }
+    if( i>=pIdx->nColumn ){
+      /* pIdx does not index any columns greater than 62, but we know from
+      ** colMask that columns greater than 62 are used, so this is not a
+      ** covering index */
+      return 0;
+    }
+  }
+  ck.pIdx = pIdx;
+  ck.iTabCur = iTabCur;
+  ck.bExpr = 0;
+  ck.bUnidx = 0;
+  memset(&w, 0, sizeof(w));
+  w.xExprCallback = whereIsCoveringIndexWalkCallback;
+  w.xSelectCallback = sqlite3SelectWalkNoop;
+  w.u.pCovIdxCk = &ck;
+  sqlite3WalkSelect(&w, pWInfo->pSelect);
+  if( ck.bUnidx ){
+    rc = 0;
+  }else if( ck.bExpr ){
+    rc = WHERE_EXPRIDX;
+  }else{
+    rc = WHERE_IDX_ONLY;
+  }
+  return rc;
+}
+
 /*
 ** Add all WhereLoop objects for a single table of the join where the table
 ** is identified by pBuilder->pNew->iTab.  That table is guaranteed to be
@@ -157357,7 +161361,7 @@ static int whereLoopAddBtree(
     sPk.aiRowLogEst = aiRowEstPk;
     sPk.onError = OE_Replace;
     sPk.pTable = pTab;
-    sPk.szIdxRow = pTab->szTabRow;
+    sPk.szIdxRow = 3;  /* TUNING: Interior rows of IPK table are very small */
     sPk.idxType = SQLITE_IDXTYPE_IPK;
     aiRowEstPk[0] = pTab->nRowLogEst;
     aiRowEstPk[1] = 0;
@@ -157408,7 +161412,8 @@ static int whereLoopAddBtree(
         if( !IsView(pTab) && (pTab->tabFlags & TF_Ephemeral)==0 ){
           pNew->rSetup += 28;
         }else{
-          pNew->rSetup -= 10;
+          pNew->rSetup -= 25;  /* Greatly reduced setup cost for auto indexes
+                               ** on ephemeral materializations of views */
         }
         ApplyCostMultiplier(pNew->rSetup, pTab->costMult);
         if( pNew->rSetup<0 ) pNew->rSetup = 0;
@@ -157477,6 +161482,9 @@ static int whereLoopAddBtree(
 #else
       pNew->rRun = rSize + 16;
 #endif
+      if( IsView(pTab) || (pTab->tabFlags & TF_Ephemeral)!=0 ){
+        pNew->wsFlags |= WHERE_VIEWSCAN;
+      }
       ApplyCostMultiplier(pNew->rRun, pTab->costMult);
       whereLoopOutputAdjust(pWC, pNew, rSize);
       rc = whereLoopInsert(pBuilder, pNew);
@@ -157485,11 +161493,38 @@ static int whereLoopAddBtree(
     }else{
       Bitmask m;
       if( pProbe->isCovering ){
-        pNew->wsFlags = WHERE_IDX_ONLY | WHERE_INDEXED;
         m = 0;
+        pNew->wsFlags = WHERE_IDX_ONLY | WHERE_INDEXED;
       }else{
         m = pSrc->colUsed & pProbe->colNotIdxed;
-        pNew->wsFlags = (m==0) ? (WHERE_IDX_ONLY|WHERE_INDEXED) : WHERE_INDEXED;
+        pNew->wsFlags = WHERE_INDEXED;
+        if( m==TOPBIT || (pProbe->bHasExpr && !pProbe->bHasVCol && m!=0) ){
+          u32 isCov = whereIsCoveringIndex(pWInfo, pProbe, pSrc->iCursor);
+          if( isCov==0 ){
+            WHERETRACE(0x200,
+               ("-> %s is not a covering index"
+                " according to whereIsCoveringIndex()\n", pProbe->zName));
+            assert( m!=0 );
+          }else{
+            m = 0;
+            pNew->wsFlags |= isCov;
+            if( isCov & WHERE_IDX_ONLY ){
+              WHERETRACE(0x200,
+                 ("-> %s is a covering expression index"
+                  " according to whereIsCoveringIndex()\n", pProbe->zName));
+            }else{
+              assert( isCov==WHERE_EXPRIDX );
+              WHERETRACE(0x200,
+                 ("-> %s might be a covering expression index"
+                  " according to whereIsCoveringIndex()\n", pProbe->zName));
+            }
+          }
+        }else if( m==0 ){
+          WHERETRACE(0x200,
+             ("-> %s a covering index according to bitmasks\n",
+             pProbe->zName, m==0 ? "is" : "is not"));
+          pNew->wsFlags = WHERE_IDX_ONLY | WHERE_INDEXED;
+        }
       }
 
       /* Full scan via index */
@@ -157662,7 +161697,7 @@ static int whereLoopAddVirtualOne(
       ** that the particular combination of parameters provided is unusable.
       ** Make no entries in the loop table.
       */
-      WHERETRACE(0xffff, ("  ^^^^--- non-viable plan rejected!\n"));
+      WHERETRACE(0xffffffff, ("  ^^^^--- non-viable plan rejected!\n"));
       return SQLITE_OK;
     }
     return rc;
@@ -157773,7 +161808,7 @@ static int whereLoopAddVirtualOne(
     sqlite3_free(pNew->u.vtab.idxStr);
     pNew->u.vtab.needFree = 0;
   }
-  WHERETRACE(0xffff, ("  bIn=%d prereqIn=%04llx prereqOut=%04llx\n",
+  WHERETRACE(0xffffffff, ("  bIn=%d prereqIn=%04llx prereqOut=%04llx\n",
                       *pbIn, (sqlite3_uint64)mPrereq,
                       (sqlite3_uint64)(pNew->prereq & ~mPrereq)));
 
@@ -157874,32 +161909,27 @@ SQLITE_API int sqlite3_vtab_distinct(sqlite3_index_info *pIdxInfo){
   return pHidden->eDistinct;
 }
 
-#if (defined(SQLITE_ENABLE_DBPAGE_VTAB) || defined(SQLITE_TEST)) \
-    && !defined(SQLITE_OMIT_VIRTUALTABLE)
 /*
 ** Cause the prepared statement that is associated with a call to
-** xBestIndex to potentiall use all schemas.  If the statement being
+** xBestIndex to potentially use all schemas.  If the statement being
 ** prepared is read-only, then just start read transactions on all
 ** schemas.  But if this is a write operation, start writes on all
 ** schemas.
 **
 ** This is used by the (built-in) sqlite_dbpage virtual table.
 */
-SQLITE_PRIVATE void sqlite3VtabUsesAllSchemas(sqlite3_index_info *pIdxInfo){
-  HiddenIndexInfo *pHidden = (HiddenIndexInfo*)&pIdxInfo[1];
-  Parse *pParse = pHidden->pParse;
+SQLITE_PRIVATE void sqlite3VtabUsesAllSchemas(Parse *pParse){
   int nDb = pParse->db->nDb;
   int i;
   for(i=0; iwriteMask ){
+  if( DbMaskNonZero(pParse->writeMask) ){
     for(i=0; ipTab->zName));
-  WHERETRACE(0x40, ("  VirtualOne: all usable\n"));
+  WHERETRACE(0x800, ("  VirtualOne: all usable\n"));
   rc = whereLoopAddVirtualOne(
       pBuilder, mPrereq, ALLBITS, 0, p, mNoOmit, &bIn, &bRetry
   );
@@ -157990,7 +162020,7 @@ static int whereLoopAddVirtual(
     /* If the plan produced by the earlier call uses an IN(...) term, call
     ** xBestIndex again, this time with IN(...) terms disabled. */
     if( bIn ){
-      WHERETRACE(0x40, ("  VirtualOne: all usable w/o IN\n"));
+      WHERETRACE(0x800, ("  VirtualOne: all usable w/o IN\n"));
       rc = whereLoopAddVirtualOne(
           pBuilder, mPrereq, ALLBITS, WO_IN, p, mNoOmit, &bIn, 0);
       assert( bIn==0 );
@@ -158016,7 +162046,7 @@ static int whereLoopAddVirtual(
       mPrev = mNext;
       if( mNext==ALLBITS ) break;
       if( mNext==mBest || mNext==mBestNoIn ) continue;
-      WHERETRACE(0x40, ("  VirtualOne: mPrev=%04llx mNext=%04llx\n",
+      WHERETRACE(0x800, ("  VirtualOne: mPrev=%04llx mNext=%04llx\n",
                        (sqlite3_uint64)mPrev, (sqlite3_uint64)mNext));
       rc = whereLoopAddVirtualOne(
           pBuilder, mPrereq, mNext|mPrereq, 0, p, mNoOmit, &bIn, 0);
@@ -158030,7 +162060,7 @@ static int whereLoopAddVirtual(
     ** that requires no source tables at all (i.e. one guaranteed to be
     ** usable), make a call here with all source tables disabled */
     if( rc==SQLITE_OK && seenZero==0 ){
-      WHERETRACE(0x40, ("  VirtualOne: all disabled\n"));
+      WHERETRACE(0x800, ("  VirtualOne: all disabled\n"));
       rc = whereLoopAddVirtualOne(
           pBuilder, mPrereq, mPrereq, 0, p, mNoOmit, &bIn, 0);
       if( bIn==0 ) seenZeroNoIN = 1;
@@ -158040,7 +162070,7 @@ static int whereLoopAddVirtual(
     ** that requires no source tables at all and does not use an IN(...)
     ** operator, make a final call to obtain one here.  */
     if( rc==SQLITE_OK && seenZeroNoIN==0 ){
-      WHERETRACE(0x40, ("  VirtualOne: all disabled and w/o IN\n"));
+      WHERETRACE(0x800, ("  VirtualOne: all disabled and w/o IN\n"));
       rc = whereLoopAddVirtualOne(
           pBuilder, mPrereq, mPrereq, WO_IN, p, mNoOmit, &bIn, 0);
     }
@@ -158096,7 +162126,7 @@ static int whereLoopAddOr(
       sSubBuild = *pBuilder;
       sSubBuild.pOrSet = &sCur;
 
-      WHERETRACE(0x200, ("Begin processing OR-clause %p\n", pTerm));
+      WHERETRACE(0x400, ("Begin processing OR-clause %p\n", pTerm));
       for(pOrTerm=pOrWC->a; pOrTermeOperator & WO_AND)!=0 ){
           sSubBuild.pWC = &pOrTerm->u.pAndInfo->wc;
@@ -158113,9 +162143,9 @@ static int whereLoopAddOr(
         }
         sCur.n = 0;
 #ifdef WHERETRACE_ENABLED
-        WHERETRACE(0x200, ("OR-term %d of %p has %d subterms:\n",
+        WHERETRACE(0x400, ("OR-term %d of %p has %d subterms:\n",
                    (int)(pOrTerm-pOrWC->a), pTerm, sSubBuild.pWC->nTerm));
-        if( sqlite3WhereTrace & 0x400 ){
+        if( sqlite3WhereTrace & 0x20000 ){
           sqlite3WhereClausePrint(sSubBuild.pWC);
         }
 #endif
@@ -158130,8 +162160,6 @@ static int whereLoopAddOr(
         if( rc==SQLITE_OK ){
           rc = whereLoopAddOr(&sSubBuild, mPrereq, mUnusable);
         }
-        assert( rc==SQLITE_OK || rc==SQLITE_DONE || sCur.n==0
-                || rc==SQLITE_NOMEM );
         testcase( rc==SQLITE_NOMEM && sCur.n>0 );
         testcase( rc==SQLITE_DONE );
         if( sCur.n==0 ){
@@ -158177,7 +162205,7 @@ static int whereLoopAddOr(
         pNew->prereq = sSum.a[i].prereq;
         rc = whereLoopInsert(pBuilder, pNew);
       }
-      WHERETRACE(0x200, ("End processing OR-clause %p\n", pTerm));
+      WHERETRACE(0x400, ("End processing OR-clause %p\n", pTerm));
     }
   }
   return rc;
@@ -158203,7 +162231,13 @@ static int whereLoopAddAll(WhereLoopBuilder *pBuilder){
 
   /* Loop over the tables in the join, from left to right */
   pNew = pBuilder->pNew;
-  whereLoopInit(pNew);
+
+  /* Verify that pNew has already been initialized */
+  assert( pNew->nLTerm==0 );
+  assert( pNew->wsFlags==0 );
+  assert( pNew->nLSlot>=ArraySize(pNew->aLTermSpace) );
+  assert( pNew->aLTerm!=0 );
+
   pBuilder->iPlanLimit = SQLITE_QUERY_PLANNER_LIMIT;
   for(iTab=0, pItem=pTabList->a; pItemiTable!=iCur ) continue;
             if( pOBExpr->iColumn!=iColumn ) continue;
           }else{
-            Expr *pIdxExpr = pIndex->aColExpr->a[j].pExpr;
-            if( sqlite3ExprCompareSkip(pOBExpr, pIdxExpr, iCur) ){
+            Expr *pIxExpr = pIndex->aColExpr->a[j].pExpr;
+            if( sqlite3ExprCompareSkip(pOBExpr, pIxExpr, iCur) ){
               continue;
             }
           }
@@ -158652,37 +162686,56 @@ static const char *wherePathName(WherePath *pPath, int nLoop, WhereLoop *pLast){
 ** order.
 */
 static LogEst whereSortingCost(
-  WhereInfo *pWInfo,
-  LogEst nRow,
-  int nOrderBy,
-  int nSorted
+  WhereInfo *pWInfo, /* Query planning context */
+  LogEst nRow,       /* Estimated number of rows to sort */
+  int nOrderBy,      /* Number of ORDER BY clause terms */
+  int nSorted        /* Number of initial ORDER BY terms naturally in order */
 ){
-  /* TUNING: Estimated cost of a full external sort, where N is
+  /* Estimated cost of a full external sort, where N is
   ** the number of rows to sort is:
   **
-  **   cost = (3.0 * N * log(N)).
+  **   cost = (K * N * log(N)).
   **
   ** Or, if the order-by clause has X terms but only the last Y
   ** terms are out of order, then block-sorting will reduce the
   ** sorting cost to:
   **
-  **   cost = (3.0 * N * log(N)) * (Y/X)
+  **   cost = (K * N * log(N)) * (Y/X)
+  **
+  ** The constant K is at least 2.0 but will be larger if there are a
+  ** large number of columns to be sorted, as the sorting time is
+  ** proportional to the amount of content to be sorted.  The algorithm
+  ** does not currently distinguish between fat columns (BLOBs and TEXTs)
+  ** and skinny columns (INTs).  It just uses the number of columns as
+  ** an approximation for the row width.
   **
-  ** The (Y/X) term is implemented using stack variable rScale
-  ** below.
+  ** And extra factor of 2.0 or 3.0 is added to the sorting cost if the sort
+  ** is built using OP_IdxInsert and OP_Sort rather than with OP_SorterInsert.
   */
-  LogEst rScale, rSortCost;
-  assert( nOrderBy>0 && 66==sqlite3LogEst(100) );
-  rScale = sqlite3LogEst((nOrderBy-nSorted)*100/nOrderBy) - 66;
-  rSortCost = nRow + rScale + 16;
+  LogEst rSortCost, nCol;
+  assert( pWInfo->pSelect!=0 );
+  assert( pWInfo->pSelect->pEList!=0 );
+  /* TUNING: sorting cost proportional to the number of output columns: */
+  nCol = sqlite3LogEst((pWInfo->pSelect->pEList->nExpr+59)/30);
+  rSortCost = nRow + nCol;
+  if( nSorted>0 ){
+    /* Scale the result by (Y/X) */
+    rSortCost += sqlite3LogEst((nOrderBy-nSorted)*100/nOrderBy) - 66;
+  }
 
   /* Multiple by log(M) where M is the number of output rows.
   ** Use the LIMIT for M if it is smaller.  Or if this sort is for
   ** a DISTINCT operator, M will be the number of distinct output
   ** rows, so fudge it downwards a bit.
   */
-  if( (pWInfo->wctrlFlags & WHERE_USE_LIMIT)!=0 && pWInfo->iLimitiLimit;
+  if( (pWInfo->wctrlFlags & WHERE_USE_LIMIT)!=0 ){
+    rSortCost += 10;       /* TUNING: Extra 2.0x if using LIMIT */
+    if( nSorted!=0 ){
+      rSortCost += 6;      /* TUNING: Extra 1.5x if also using partial sort */
+    }
+    if( pWInfo->iLimitiLimit;
+    }
   }else if( (pWInfo->wctrlFlags & WHERE_WANT_DISTINCT) ){
     /* TUNING: In the sort for a DISTINCT operator, assume that the DISTINCT
     ** reduces the number of output rows by a factor of 2 */
@@ -158708,7 +162761,6 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
   int mxChoice;             /* Maximum number of simultaneous paths tracked */
   int nLoop;                /* Number of terms in the join */
   Parse *pParse;            /* Parsing context */
-  sqlite3 *db;              /* The database connection */
   int iLoop;                /* Loop counter over the terms of the join */
   int ii, jj;               /* Loop counters */
   int mxI = 0;              /* Index of next entry to replace */
@@ -158727,7 +162779,6 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
   int nSpace;               /* Bytes of space allocated at pSpace */
 
   pParse = pWInfo->pParse;
-  db = pParse->db;
   nLoop = pWInfo->nLevel;
   /* TUNING: For simple queries, only the best path is tracked.
   ** For 2-way joins, the 5 best paths are followed.
@@ -158750,7 +162801,7 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
   /* Allocate and initialize space for aTo, aFrom and aSortCost[] */
   nSpace = (sizeof(WherePath)+sizeof(WhereLoop*)*nLoop)*mxChoice*2;
   nSpace += sizeof(LogEst) * nOrderBy;
-  pSpace = sqlite3DbMallocRawNN(db, nSpace);
+  pSpace = sqlite3StackAllocRawNN(pParse->db, nSpace);
   if( pSpace==0 ) return SQLITE_NOMEM_BKPT;
   aTo = (WherePath*)pSpace;
   aFrom = aTo+mxChoice;
@@ -158800,9 +162851,9 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
         LogEst nOut;                      /* Rows visited by (pFrom+pWLoop) */
         LogEst rCost;                     /* Cost of path (pFrom+pWLoop) */
         LogEst rUnsorted;                 /* Unsorted cost of (pFrom+pWLoop) */
-        i8 isOrdered = pFrom->isOrdered;  /* isOrdered for (pFrom+pWLoop) */
+        i8 isOrdered;                     /* isOrdered for (pFrom+pWLoop) */
         Bitmask maskNew;                  /* Mask of src visited by (..) */
-        Bitmask revMask = 0;              /* Mask of rev-order loops for (..) */
+        Bitmask revMask;                  /* Mask of rev-order loops for (..) */
 
         if( (pWLoop->prereq & ~pFrom->maskLoop)!=0 ) continue;
         if( (pWLoop->maskSelf & pFrom->maskLoop)!=0 ) continue;
@@ -158821,7 +162872,9 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
         rUnsorted = sqlite3LogEstAdd(rUnsorted, pFrom->rUnsorted);
         nOut = pFrom->nRow + pWLoop->nOut;
         maskNew = pFrom->maskLoop | pWLoop->maskSelf;
+        isOrdered = pFrom->isOrdered;
         if( isOrdered<0 ){
+          revMask = 0;
           isOrdered = wherePathSatisfiesOrderBy(pWInfo,
                        pWInfo->pOrderBy, pFrom, pWInfo->wctrlFlags,
                        iLoop, pWLoop, &revMask);
@@ -158834,11 +162887,11 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
                 pWInfo, nRowEst, nOrderBy, isOrdered
             );
           }
-          /* TUNING:  Add a small extra penalty (5) to sorting as an
+          /* TUNING:  Add a small extra penalty (3) to sorting as an
           ** extra encouragment to the query planner to select a plan
           ** where the rows emerge in the correct order without any sorting
           ** required. */
-          rCost = sqlite3LogEstAdd(rUnsorted, aSortCost[isOrdered]) + 5;
+          rCost = sqlite3LogEstAdd(rUnsorted, aSortCost[isOrdered]) + 3;
 
           WHERETRACE(0x002,
               ("---- sort cost=%-3d (%d/%d) increases cost %3d to %-3d\n",
@@ -158849,6 +162902,13 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
           rUnsorted -= 2;  /* TUNING:  Slight bias in favor of no-sort plans */
         }
 
+        /* TUNING:  A full-scan of a VIEW or subquery in the outer loop
+        ** is not so bad. */
+        if( iLoop==0 && (pWLoop->wsFlags & WHERE_VIEWSCAN)!=0 ){
+          rCost += -10;
+          nOut += -30;
+        }
+
         /* Check to see if pWLoop should be added to the set of
         ** mxChoice best-so-far paths.
         **
@@ -158999,7 +163059,7 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
 
   if( nFrom==0 ){
     sqlite3ErrorMsg(pParse, "no query solution");
-    sqlite3DbFreeNN(db, pSpace);
+    sqlite3StackFreeNN(pParse->db, pSpace);
     return SQLITE_ERROR;
   }
 
@@ -159035,6 +163095,10 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
       if( pFrom->isOrdered==pWInfo->pOrderBy->nExpr ){
         pWInfo->eDistinct = WHERE_DISTINCT_ORDERED;
       }
+      if( pWInfo->pSelect->pOrderBy
+       && pWInfo->nOBSat > pWInfo->pSelect->pOrderBy->nExpr ){
+        pWInfo->nOBSat = pWInfo->pSelect->pOrderBy->nExpr;
+      }
     }else{
       pWInfo->revMask = pFrom->revLoop;
       if( pWInfo->nOBSat<=0 ){
@@ -159081,7 +163145,7 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
   pWInfo->nRowOut = pFrom->nRow;
 
   /* Free temporary memory and return success */
-  sqlite3DbFreeNN(db, pSpace);
+  sqlite3StackFreeNN(pParse->db, pSpace);
   return SQLITE_OK;
 }
 
@@ -159179,7 +163243,7 @@ static int whereShortCut(WhereLoopBuilder *pBuilder){
     pLoop->cId = '0';
 #endif
 #ifdef WHERETRACE_ENABLED
-    if( sqlite3WhereTrace ){
+    if( sqlite3WhereTrace & 0x02 ){
       sqlite3DebugPrintf("whereShortCut() used to compute solution\n");
     }
 #endif
@@ -159246,6 +163310,13 @@ static void showAllWhereLoops(WhereInfo *pWInfo, WhereClause *pWC){
 **      at most a single row.
 **   4) The table must not be referenced by any part of the query apart
 **      from its own USING or ON clause.
+**   5) The table must not have an inner-join ON or USING clause if there is
+**      a RIGHT JOIN anywhere in the query.  Otherwise the ON/USING clause
+**      might move from the right side to the left side of the RIGHT JOIN.
+**      Note: Due to (2), this condition can only arise if the table is
+**      the right-most table of a subquery that was flattened into the
+**      main query and that subquery was the right-hand operand of an
+**      inner join that held an ON or USING clause.
 **
 ** For example, given:
 **
@@ -159271,6 +163342,7 @@ static SQLITE_NOINLINE Bitmask whereOmitNoopJoin(
 ){
   int i;
   Bitmask tabUsed;
+  int hasRightJoin;
 
   /* Preconditions checked by the caller */
   assert( pWInfo->nLevel>=2 );
@@ -159285,6 +163357,7 @@ static SQLITE_NOINLINE Bitmask whereOmitNoopJoin(
   if( pWInfo->pOrderBy ){
     tabUsed |= sqlite3WhereExprListUsage(&pWInfo->sMaskSet, pWInfo->pOrderBy);
   }
+  hasRightJoin = (pWInfo->pTabList->a[0].fg.jointype & JT_LTORJ)!=0;
   for(i=pWInfo->nLevel-1; i>=1; i--){
     WhereTerm *pTerm, *pEnd;
     SrcItem *pItem;
@@ -159307,9 +163380,15 @@ static SQLITE_NOINLINE Bitmask whereOmitNoopJoin(
           break;
         }
       }
+      if( hasRightJoin
+       && ExprHasProperty(pTerm->pExpr, EP_InnerON)
+       && pTerm->pExpr->w.iJoin==pItem->iCursor
+      ){
+        break;  /* restriction (5) */
+      }
     }
     if( pTerm drop loop %c not used\n", pLoop->cId));
+    WHERETRACE(0xffffffff, ("-> drop loop %c not used\n", pLoop->cId));
     notReady &= ~pLoop->maskSelf;
     for(pTerm=pWInfo->sWC.a; pTermprereqAll & pLoop->maskSelf)!=0 ){
@@ -159348,28 +163427,27 @@ static SQLITE_NOINLINE void whereCheckIfBloomFilterIsUseful(
   const WhereInfo *pWInfo
 ){
   int i;
-  LogEst nSearch;
+  LogEst nSearch = 0;
 
   assert( pWInfo->nLevel>=2 );
   assert( OptimizationEnabled(pWInfo->pParse->db, SQLITE_BloomFilter) );
-  nSearch = pWInfo->a[0].pWLoop->nOut;
-  for(i=1; inLevel; i++){
+  for(i=0; inLevel; i++){
     WhereLoop *pLoop = pWInfo->a[i].pWLoop;
     const unsigned int reqFlags = (WHERE_SELFCULL|WHERE_COLUMN_EQ);
-    if( (pLoop->wsFlags & reqFlags)==reqFlags
+    SrcItem *pItem = &pWInfo->pTabList->a[pLoop->iTab];
+    Table *pTab = pItem->pTab;
+    if( (pTab->tabFlags & TF_HasStat1)==0 ) break;
+    pTab->tabFlags |= TF_StatsUsed;
+    if( i>=1
+     && (pLoop->wsFlags & reqFlags)==reqFlags
      /* vvvvvv--- Always the case if WHERE_COLUMN_EQ is defined */
      && ALWAYS((pLoop->wsFlags & (WHERE_IPK|WHERE_INDEXED))!=0)
     ){
-      SrcItem *pItem = &pWInfo->pTabList->a[pLoop->iTab];
-      Table *pTab = pItem->pTab;
-      pTab->tabFlags |= TF_StatsUsed;
-      if( nSearch > pTab->nRowLogEst
-       && (pTab->tabFlags & TF_HasStat1)!=0
-      ){
+      if( nSearch > pTab->nRowLogEst ){
         testcase( pItem->fg.jointype & JT_LEFT );
         pLoop->wsFlags |= WHERE_BLOOMFILTER;
         pLoop->wsFlags &= ~WHERE_IDX_ONLY;
-        WHERETRACE(0xffff, (
+        WHERETRACE(0xffffffff, (
            "-> use Bloom-filter on loop %c because there are ~%.1e "
            "lookups into %s which has only ~%.1e rows\n",
            pLoop->cId, (double)sqlite3LogEstToInt(nSearch), pTab->zName,
@@ -159380,6 +163458,86 @@ static SQLITE_NOINLINE void whereCheckIfBloomFilterIsUseful(
   }
 }
 
+/*
+** This is an sqlite3ParserAddCleanup() callback that is invoked to
+** free the Parse->pIdxEpr list when the Parse object is destroyed.
+*/
+static void whereIndexedExprCleanup(sqlite3 *db, void *pObject){
+  Parse *pParse = (Parse*)pObject;
+  while( pParse->pIdxEpr!=0 ){
+    IndexedExpr *p = pParse->pIdxEpr;
+    pParse->pIdxEpr = p->pIENext;
+    sqlite3ExprDelete(db, p->pExpr);
+    sqlite3DbFreeNN(db, p);
+  }
+}
+
+/*
+** The index pIdx is used by a query and contains one or more expressions.
+** In other words pIdx is an index on an expression.  iIdxCur is the cursor
+** number for the index and iDataCur is the cursor number for the corresponding
+** table.
+**
+** This routine adds IndexedExpr entries to the Parse->pIdxEpr field for
+** each of the expressions in the index so that the expression code generator
+** will know to replace occurrences of the indexed expression with
+** references to the corresponding column of the index.
+*/
+static SQLITE_NOINLINE void whereAddIndexedExpr(
+  Parse *pParse,     /* Add IndexedExpr entries to pParse->pIdxEpr */
+  Index *pIdx,       /* The index-on-expression that contains the expressions */
+  int iIdxCur,       /* Cursor number for pIdx */
+  SrcItem *pTabItem  /* The FROM clause entry for the table */
+){
+  int i;
+  IndexedExpr *p;
+  Table *pTab;
+  assert( pIdx->bHasExpr );
+  pTab = pIdx->pTable;
+  for(i=0; inColumn; i++){
+    Expr *pExpr;
+    int j = pIdx->aiColumn[i];
+    int bMaybeNullRow;
+    if( j==XN_EXPR ){
+      pExpr = pIdx->aColExpr->a[i].pExpr;
+      testcase( pTabItem->fg.jointype & JT_LEFT );
+      testcase( pTabItem->fg.jointype & JT_RIGHT );
+      testcase( pTabItem->fg.jointype & JT_LTORJ );
+      bMaybeNullRow = (pTabItem->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0;
+    }else if( j>=0 && (pTab->aCol[j].colFlags & COLFLAG_VIRTUAL)!=0 ){
+      pExpr = sqlite3ColumnExpr(pTab, &pTab->aCol[j]);
+      bMaybeNullRow = 0;
+    }else{
+      continue;
+    }
+    if( sqlite3ExprIsConstant(pExpr) ) continue;
+    p = sqlite3DbMallocRaw(pParse->db,  sizeof(IndexedExpr));
+    if( p==0 ) break;
+    p->pIENext = pParse->pIdxEpr;
+#ifdef WHERETRACE_ENABLED
+    if( sqlite3WhereTrace & 0x200 ){
+      sqlite3DebugPrintf("New pParse->pIdxEpr term {%d,%d}\n", iIdxCur, i);
+      if( sqlite3WhereTrace & 0x5000 ) sqlite3ShowExpr(pExpr);
+    }
+#endif
+    p->pExpr = sqlite3ExprDup(pParse->db, pExpr, 0);
+    p->iDataCur = pTabItem->iCursor;
+    p->iIdxCur = iIdxCur;
+    p->iIdxCol = i;
+    p->bMaybeNullRow = bMaybeNullRow;
+    if( sqlite3IndexAffinityStr(pParse->db, pIdx) ){
+      p->aff = pIdx->zColAff[i];
+    }
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+    p->zIdxName = pIdx->zName;
+#endif
+    pParse->pIdxEpr = p;
+    if( p->pIENext==0 ){
+      sqlite3ParserAddCleanup(pParse, whereIndexedExprCleanup, pParse);
+    }
+  }
+}
+
 /*
 ** Generate the beginning of the loop used for WHERE clause processing.
 ** The return value is a pointer to an opaque structure that contains
@@ -159474,7 +163632,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   Expr *pWhere,           /* The WHERE clause */
   ExprList *pOrderBy,     /* An ORDER BY (or GROUP BY) clause, or NULL */
   ExprList *pResultSet,   /* Query result set.  Req'd for DISTINCT */
-  Select *pLimit,         /* Use this LIMIT/OFFSET clause, if any */
+  Select *pSelect,        /* The entire SELECT statement */
   u16 wctrlFlags,         /* The WHERE_* flags defined in sqliteInt.h */
   int iAuxArg             /* If WHERE_OR_SUBCLAUSE is set, index cursor number
                           ** If WHERE_USE_LIMIT, then the limit amount */
@@ -159543,7 +163701,9 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   pWInfo->pParse = pParse;
   pWInfo->pTabList = pTabList;
   pWInfo->pOrderBy = pOrderBy;
+#if WHERETRACE_ENABLED
   pWInfo->pWhere = pWhere;
+#endif
   pWInfo->pResultSet = pResultSet;
   pWInfo->aiCurOnePass[0] = pWInfo->aiCurOnePass[1] = -1;
   pWInfo->nLevel = nTabList;
@@ -159551,9 +163711,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   pWInfo->wctrlFlags = wctrlFlags;
   pWInfo->iLimit = iAuxArg;
   pWInfo->savedNQueryLoop = pParse->nQueryLoop;
-#ifndef SQLITE_OMIT_VIRTUALTABLE
-  pWInfo->pLimit = pLimit;
-#endif
+  pWInfo->pSelect = pSelect;
   memset(&pWInfo->nOBSat, 0,
          offsetof(WhereInfo,sWC) - offsetof(WhereInfo,nOBSat));
   memset(&pWInfo->a[0], 0, sizeof(WhereLoop)+nTabList*sizeof(WhereLevel));
@@ -159622,25 +163780,50 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
 
   /* Analyze all of the subexpressions. */
   sqlite3WhereExprAnalyze(pTabList, &pWInfo->sWC);
-  sqlite3WhereAddLimit(&pWInfo->sWC, pLimit);
+  if( pSelect && pSelect->pLimit ){
+    sqlite3WhereAddLimit(&pWInfo->sWC, pSelect);
+  }
   if( pParse->nErr ) goto whereBeginError;
 
-  /* Special case: WHERE terms that do not refer to any tables in the join
-  ** (constant expressions). Evaluate each such term, and jump over all the
-  ** generated code if the result is not true.
+  /* The False-WHERE-Term-Bypass optimization:
+  **
+  ** If there are WHERE terms that are false, then no rows will be output,
+  ** so skip over all of the code generated here.
+  **
+  ** Conditions:
+  **
+  **   (1)  The WHERE term must not refer to any tables in the join.
+  **   (2)  The term must not come from an ON clause on the
+  **        right-hand side of a LEFT or FULL JOIN.
+  **   (3)  The term must not come from an ON clause, or there must be
+  **        no RIGHT or FULL OUTER joins in pTabList.
+  **   (4)  If the expression contains non-deterministic functions
+  **        that are not within a sub-select. This is not required
+  **        for correctness but rather to preserves SQLite's legacy
+  **        behaviour in the following two cases:
   **
-  ** Do not do this if the expression contains non-deterministic functions
-  ** that are not within a sub-select. This is not strictly required, but
-  ** preserves SQLite's legacy behaviour in the following two cases:
+  **          WHERE random()>0;           -- eval random() once per row
+  **          WHERE (SELECT random())>0;  -- eval random() just once overall
   **
-  **   FROM ... WHERE random()>0;           -- eval random() once per row
-  **   FROM ... WHERE (SELECT random())>0;  -- eval random() once overall
+  ** Note that the Where term need not be a constant in order for this
+  ** optimization to apply, though it does need to be constant relative to
+  ** the current subquery (condition 1).  The term might include variables
+  ** from outer queries so that the value of the term changes from one
+  ** invocation of the current subquery to the next.
   */
   for(ii=0; iinBase; ii++){
-    WhereTerm *pT = &sWLB.pWC->a[ii];
+    WhereTerm *pT = &sWLB.pWC->a[ii];  /* A term of the WHERE clause */
+    Expr *pX;                          /* The expression of pT */
     if( pT->wtFlags & TERM_VIRTUAL ) continue;
-    if( pT->prereqAll==0 && (nTabList==0 || exprIsDeterministic(pT->pExpr)) ){
-      sqlite3ExprIfFalse(pParse, pT->pExpr, pWInfo->iBreak, SQLITE_JUMPIFNULL);
+    pX = pT->pExpr;
+    assert( pX!=0 );
+    assert( pT->prereqAll!=0 || !ExprHasProperty(pX, EP_OuterON) );
+    if( pT->prereqAll==0                           /* Conditions (1) and (2) */
+     && (nTabList==0 || exprIsDeterministic(pX))   /* Condition (4) */
+     && !(ExprHasProperty(pX, EP_InnerON)          /* Condition (3) */
+          && (pTabList->a[0].fg.jointype & JT_LTORJ)!=0 )
+    ){
+      sqlite3ExprIfFalse(pParse, pX, pWInfo->iBreak, SQLITE_JUMPIFNULL);
       pT->wtFlags |= TERM_CODED;
     }
   }
@@ -159663,13 +163846,13 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
 
   /* Construct the WhereLoop objects */
 #if defined(WHERETRACE_ENABLED)
-  if( sqlite3WhereTrace & 0xffff ){
+  if( sqlite3WhereTrace & 0xffffffff ){
     sqlite3DebugPrintf("*** Optimizer Start *** (wctrlFlags: 0x%x",wctrlFlags);
     if( wctrlFlags & WHERE_USE_LIMIT ){
       sqlite3DebugPrintf(", limit: %d", iAuxArg);
     }
     sqlite3DebugPrintf(")\n");
-    if( sqlite3WhereTrace & 0x100 ){
+    if( sqlite3WhereTrace & 0x8000 ){
       Select sSelect;
       memset(&sSelect, 0, sizeof(sSelect));
       sSelect.selFlags = SF_WhereBegin;
@@ -159679,10 +163862,10 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
       sSelect.pEList = pResultSet;
       sqlite3TreeViewSelect(0, &sSelect, 0);
     }
-  }
-  if( sqlite3WhereTrace & 0x100 ){ /* Display all terms of the WHERE clause */
-    sqlite3DebugPrintf("---- WHERE clause at start of analysis:\n");
-    sqlite3WhereClausePrint(sWLB.pWC);
+    if( sqlite3WhereTrace & 0x4000 ){ /* Display all WHERE clause terms */
+      sqlite3DebugPrintf("---- WHERE clause at start of analysis:\n");
+      sqlite3WhereClausePrint(sWLB.pWC);
+    }
   }
 #endif
 
@@ -159698,7 +163881,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
     ** loops will be built using the revised truthProb values. */
     if( sWLB.bldFlags2 & SQLITE_BLDF2_2NDPASS ){
       WHERETRACE_ALL_LOOPS(pWInfo, sWLB.pWC);
-      WHERETRACE(0xffff,
+      WHERETRACE(0xffffffff,
            ("**** Redo all loop computations due to"
             " TERM_HIGHTRUTH changes ****\n"));
       while( pWInfo->pLoops ){
@@ -159784,11 +163967,11 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   }
 
 #if defined(WHERETRACE_ENABLED)
-  if( sqlite3WhereTrace & 0x100 ){ /* Display all terms of the WHERE clause */
+  if( sqlite3WhereTrace & 0x4000 ){ /* Display all terms of the WHERE clause */
     sqlite3DebugPrintf("---- WHERE clause at end of analysis:\n");
     sqlite3WhereClausePrint(sWLB.pWC);
   }
-  WHERETRACE(0xffff,("*** Optimizer Finished ***\n"));
+  WHERETRACE(0xffffffff,("*** Optimizer Finished ***\n"));
 #endif
   pWInfo->pParse->nQueryLoop += pWInfo->nRowOut;
 
@@ -159883,7 +164066,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
         assert( n<=pTab->nCol );
       }
 #ifdef SQLITE_ENABLE_CURSOR_HINTS
-      if( pLoop->u.btree.pIndex!=0 ){
+      if( pLoop->u.btree.pIndex!=0 && (pTab->tabFlags & TF_WithoutRowid)==0 ){
         sqlite3VdbeChangeP5(v, OPFLAG_SEEKEQ|bFordelete);
       }else
 #endif
@@ -159925,6 +164108,9 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
         op = OP_ReopenIdx;
       }else{
         iIndexCur = pParse->nTab++;
+        if( pIx->bHasExpr && OptimizationEnabled(db, SQLITE_IndexedExpr) ){
+          whereAddIndexedExpr(pParse, pIx, iIndexCur, pTabItem);
+        }
       }
       pLevel->iIdxCur = iIndexCur;
       assert( pIx!=0 );
@@ -160017,11 +164203,11 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
         sqlite3VdbeJumpHere(v, iOnce);
       }
     }
+    assert( pTabList == pWInfo->pTabList );
     if( (wsFlags & (WHERE_AUTO_INDEX|WHERE_BLOOMFILTER))!=0 ){
       if( (wsFlags & WHERE_AUTO_INDEX)!=0 ){
 #ifndef SQLITE_OMIT_AUTOMATIC_INDEX
-        constructAutomaticIndex(pParse, &pWInfo->sWC,
-                  &pTabList->a[pLevel->iFrom], notReady, pLevel);
+        constructAutomaticIndex(pParse, &pWInfo->sWC, notReady, pLevel);
 #endif
       }else{
         sqlite3ConstructBloomFilter(pWInfo, ii, pLevel, notReady);
@@ -160047,8 +164233,6 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   /* Jump here if malloc fails */
 whereBeginError:
   if( pWInfo ){
-    testcase( pWInfo->pExprMods!=0 );
-    whereUndoExprMods(pWInfo);
     pParse->nQueryLoop = pWInfo->savedNQueryLoop;
     whereInfoFree(db, pWInfo);
   }
@@ -160267,7 +164451,6 @@ SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
   }
 
   assert( pWInfo->nLevel<=pTabList->nSrc );
-  if( pWInfo->pExprMods ) whereUndoExprMods(pWInfo);
   for(i=0, pLevel=pWInfo->a; inLevel; i++, pLevel++){
     int k, last;
     VdbeOp *pOp, *pLastOp;
@@ -160321,10 +164504,28 @@ SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
       }else{
         last = pWInfo->iEndWhere;
       }
+      if( pIdx->bHasExpr ){
+        IndexedExpr *p = pParse->pIdxEpr;
+        while( p ){
+          if( p->iIdxCur==pLevel->iIdxCur ){
+#ifdef WHERETRACE_ENABLED
+            if( sqlite3WhereTrace & 0x200 ){
+              sqlite3DebugPrintf("Disable pParse->pIdxEpr term {%d,%d}\n",
+                                  p->iIdxCur, p->iIdxCol);
+              if( sqlite3WhereTrace & 0x5000 ) sqlite3ShowExpr(p->pExpr);
+            }
+#endif
+            p->iDataCur = -1;
+            p->iIdxCur = -1;
+          }
+          p = p->pIENext;
+        }
+      }
       k = pLevel->addrBody + 1;
 #ifdef SQLITE_DEBUG
       if( db->flags & SQLITE_VdbeAddopTrace ){
-        printf("TRANSLATE opcodes in range %d..%d\n", k, last-1);
+        printf("TRANSLATE cursor %d->%d in opcode range %d..%d\n",
+                pLevel->iTabCur, pLevel->iIdxCur, k, last-1);
       }
       /* Proof that the "+1" on the k value above is safe */
       pOp = sqlite3VdbeGetOp(v, k - 1);
@@ -161199,6 +165400,7 @@ static int selectWindowRewriteExprCb(Walker *pWalker, Expr *pExpr){
       }
       /* no break */ deliberate_fall_through
 
+    case TK_IF_NULL_ROW:
     case TK_AGG_FUNCTION:
     case TK_COLUMN: {
       int iCol = -1;
@@ -161314,7 +165516,6 @@ static ExprList *exprListAppendList(
     for(i=0; inExpr; i++){
       sqlite3 *db = pParse->db;
       Expr *pDup = sqlite3ExprDup(db, pAppend->a[i].pExpr, 0);
-      assert( pDup==0 || !ExprHasProperty(pDup, EP_MemToken) );
       if( db->mallocFailed ){
         sqlite3ExprDelete(db, pDup);
         break;
@@ -161484,7 +165685,7 @@ SQLITE_PRIVATE int sqlite3WindowRewrite(Parse *pParse, Select *p){
     pSub = sqlite3SelectNew(
         pParse, pSublist, pSrc, pWhere, pGroupBy, pHaving, pSort, 0, 0
     );
-    SELECTTRACE(1,pParse,pSub,
+    TREETRACE(0x40,pParse,pSub,
        ("New window-function subquery in FROM clause of (%u/%p)\n",
        p->selId, p));
     p->pSrc = sqlite3SrcListAppend(pParse, 0, 0, 0);
@@ -161494,6 +165695,7 @@ SQLITE_PRIVATE int sqlite3WindowRewrite(Parse *pParse, Select *p){
     if( p->pSrc ){
       Table *pTab2;
       p->pSrc->a[0].pSelect = pSub;
+      p->pSrc->a[0].fg.isCorrelated = 1;
       sqlite3SrcListAssignCursors(pParse, p->pSrc);
       pSub->selFlags |= SF_Expanded|SF_OrderByReqd;
       pTab2 = sqlite3ResultSetOfSelect(pParse, pSub, SQLITE_AFF_NONE);
@@ -162585,10 +166787,9 @@ static void windowCodeRangeTest(
 
     /* This block runs if reg1 is not NULL, but reg2 is. */
     sqlite3VdbeJumpHere(v, addr);
-    sqlite3VdbeAddOp2(v, OP_IsNull, reg2, lbl); VdbeCoverage(v);
-    if( op==OP_Gt || op==OP_Ge ){
-      sqlite3VdbeChangeP2(v, -1, addrDone);
-    }
+    sqlite3VdbeAddOp2(v, OP_IsNull, reg2,
+                      (op==OP_Gt || op==OP_Ge) ? addrDone : lbl);
+    VdbeCoverage(v);
   }
 
   /* Register reg1 currently contains csr1.peerVal (the peer-value from csr1).
@@ -163360,8 +167561,7 @@ SQLITE_PRIVATE void sqlite3WindowCodeStep(
     VdbeCoverageNeverNullIf(v, op==OP_Ge); /* NeverNull because bound  */
     VdbeCoverageNeverNullIf(v, op==OP_Le); /*   values previously checked */
     windowAggFinal(&s, 0);
-    sqlite3VdbeAddOp2(v, OP_Rewind, s.current.csr, 1);
-    VdbeCoverageNeverTaken(v);
+    sqlite3VdbeAddOp1(v, OP_Rewind, s.current.csr);
     windowReturnOneRow(&s);
     sqlite3VdbeAddOp1(v, OP_ResetSorter, s.current.csr);
     sqlite3VdbeAddOp2(v, OP_Goto, 0, lblWhereEnd);
@@ -163373,13 +167573,10 @@ SQLITE_PRIVATE void sqlite3WindowCodeStep(
   }
 
   if( pMWin->eStart!=TK_UNBOUNDED ){
-    sqlite3VdbeAddOp2(v, OP_Rewind, s.start.csr, 1);
-    VdbeCoverageNeverTaken(v);
+    sqlite3VdbeAddOp1(v, OP_Rewind, s.start.csr);
   }
-  sqlite3VdbeAddOp2(v, OP_Rewind, s.current.csr, 1);
-  VdbeCoverageNeverTaken(v);
-  sqlite3VdbeAddOp2(v, OP_Rewind, s.end.csr, 1);
-  VdbeCoverageNeverTaken(v);
+  sqlite3VdbeAddOp1(v, OP_Rewind, s.current.csr);
+  sqlite3VdbeAddOp1(v, OP_Rewind, s.end.csr);
   if( regPeer && pOrderBy ){
     sqlite3VdbeAddOp3(v, OP_Copy, regNewPeer, regPeer, pOrderBy->nExpr-1);
     sqlite3VdbeAddOp3(v, OP_Copy, regPeer, s.start.reg, pOrderBy->nExpr-1);
@@ -164032,18 +168229,18 @@ typedef union {
 #define sqlite3ParserCTX_FETCH Parse *pParse=yypParser->pParse;
 #define sqlite3ParserCTX_STORE yypParser->pParse=pParse;
 #define YYFALLBACK 1
-#define YYNSTATE             576
-#define YYNRULE              405
-#define YYNRULE_WITH_ACTION  342
+#define YYNSTATE             575
+#define YYNRULE              403
+#define YYNRULE_WITH_ACTION  340
 #define YYNTOKEN             185
-#define YY_MAX_SHIFT         575
-#define YY_MIN_SHIFTREDUCE   835
-#define YY_MAX_SHIFTREDUCE   1239
-#define YY_ERROR_ACTION      1240
-#define YY_ACCEPT_ACTION     1241
-#define YY_NO_ACTION         1242
-#define YY_MIN_REDUCE        1243
-#define YY_MAX_REDUCE        1647
+#define YY_MAX_SHIFT         574
+#define YY_MIN_SHIFTREDUCE   833
+#define YY_MAX_SHIFTREDUCE   1235
+#define YY_ERROR_ACTION      1236
+#define YY_ACCEPT_ACTION     1237
+#define YY_NO_ACTION         1238
+#define YY_MIN_REDUCE        1239
+#define YY_MAX_REDUCE        1641
 /************* End control #defines *******************************************/
 #define YY_NLOOKAHEAD ((int)(sizeof(yy_lookahead)/sizeof(yy_lookahead[0])))
 
@@ -164110,218 +168307,218 @@ typedef union {
 **  yy_default[]       Default action for each state.
 **
 *********** Begin parsing tables **********************************************/
-#define YY_ACTTAB_COUNT (2098)
+#define YY_ACTTAB_COUNT (2096)
 static const YYACTIONTYPE yy_action[] = {
  /*     0 */   568,  208,  568,  118,  115,  229,  568,  118,  115,  229,
- /*    10 */   568, 1314,  377, 1293,  408,  562,  562,  562,  568,  409,
- /*    20 */   378, 1314, 1276,   41,   41,   41,   41,  208, 1526,   71,
- /*    30 */    71,  971,  419,   41,   41,  491,  303,  279,  303,  972,
- /*    40 */   397,   71,   71,  125,  126,   80, 1217, 1217, 1050, 1053,
- /*    50 */  1040, 1040,  123,  123,  124,  124,  124,  124,  476,  409,
- /*    60 */  1241,    1,    1,  575,    2, 1245,  550,  118,  115,  229,
- /*    70 */   317,  480,  146,  480,  524,  118,  115,  229,  529, 1327,
- /*    80 */   417,  523,  142,  125,  126,   80, 1217, 1217, 1050, 1053,
- /*    90 */  1040, 1040,  123,  123,  124,  124,  124,  124,  118,  115,
+ /*    10 */   568, 1310,  377, 1289,  408,  562,  562,  562,  568,  409,
+ /*    20 */   378, 1310, 1272,   41,   41,   41,   41,  208, 1520,   71,
+ /*    30 */    71,  969,  419,   41,   41,  491,  303,  279,  303,  970,
+ /*    40 */   397,   71,   71,  125,  126,   80, 1212, 1212, 1047, 1050,
+ /*    50 */  1037, 1037,  123,  123,  124,  124,  124,  124,  476,  409,
+ /*    60 */  1237,    1,    1,  574,    2, 1241,  550,  118,  115,  229,
+ /*    70 */   317,  480,  146,  480,  524,  118,  115,  229,  529, 1323,
+ /*    80 */   417,  523,  142,  125,  126,   80, 1212, 1212, 1047, 1050,
+ /*    90 */  1037, 1037,  123,  123,  124,  124,  124,  124,  118,  115,
  /*   100 */   229,  327,  122,  122,  122,  122,  121,  121,  120,  120,
  /*   110 */   120,  119,  116,  444,  284,  284,  284,  284,  442,  442,
- /*   120 */   442, 1567,  376, 1569, 1192,  375, 1163,  565, 1163,  565,
- /*   130 */   409, 1567,  537,  259,  226,  444,  101,  145,  449,  316,
+ /*   120 */   442, 1561,  376, 1563, 1188,  375, 1159,  565, 1159,  565,
+ /*   130 */   409, 1561,  537,  259,  226,  444,  101,  145,  449,  316,
  /*   140 */   559,  240,  122,  122,  122,  122,  121,  121,  120,  120,
- /*   150 */   120,  119,  116,  444,  125,  126,   80, 1217, 1217, 1050,
- /*   160 */  1053, 1040, 1040,  123,  123,  124,  124,  124,  124,  142,
- /*   170 */   294, 1192,  339,  448,  120,  120,  120,  119,  116,  444,
- /*   180 */   127, 1192, 1193, 1194,  148,  441,  440,  568,  119,  116,
+ /*   150 */   120,  119,  116,  444,  125,  126,   80, 1212, 1212, 1047,
+ /*   160 */  1050, 1037, 1037,  123,  123,  124,  124,  124,  124,  142,
+ /*   170 */   294, 1188,  339,  448,  120,  120,  120,  119,  116,  444,
+ /*   180 */   127, 1188, 1189, 1188,  148,  441,  440,  568,  119,  116,
  /*   190 */   444,  124,  124,  124,  124,  117,  122,  122,  122,  122,
  /*   200 */   121,  121,  120,  120,  120,  119,  116,  444,  454,  113,
  /*   210 */    13,   13,  546,  122,  122,  122,  122,  121,  121,  120,
- /*   220 */   120,  120,  119,  116,  444,  422,  316,  559, 1192, 1193,
- /*   230 */  1194,  149, 1224,  409, 1224,  124,  124,  124,  124,  122,
+ /*   220 */   120,  120,  119,  116,  444,  422,  316,  559, 1188, 1189,
+ /*   230 */  1188,  149, 1220,  409, 1220,  124,  124,  124,  124,  122,
  /*   240 */   122,  122,  122,  121,  121,  120,  120,  120,  119,  116,
- /*   250 */   444,  465,  342, 1037, 1037, 1051, 1054,  125,  126,   80,
- /*   260 */  1217, 1217, 1050, 1053, 1040, 1040,  123,  123,  124,  124,
- /*   270 */   124,  124, 1279,  522,  222, 1192,  568,  409,  224,  514,
+ /*   250 */   444,  465,  342, 1034, 1034, 1048, 1051,  125,  126,   80,
+ /*   260 */  1212, 1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,
+ /*   270 */   124,  124, 1275,  522,  222, 1188,  568,  409,  224,  514,
  /*   280 */   175,   82,   83,  122,  122,  122,  122,  121,  121,  120,
- /*   290 */   120,  120,  119,  116,  444, 1007,   16,   16, 1192,  133,
- /*   300 */   133,  125,  126,   80, 1217, 1217, 1050, 1053, 1040, 1040,
+ /*   290 */   120,  120,  119,  116,  444, 1005,   16,   16, 1188,  133,
+ /*   300 */   133,  125,  126,   80, 1212, 1212, 1047, 1050, 1037, 1037,
  /*   310 */   123,  123,  124,  124,  124,  124,  122,  122,  122,  122,
- /*   320 */   121,  121,  120,  120,  120,  119,  116,  444, 1041,  546,
- /*   330 */  1192,  373, 1192, 1193, 1194,  252, 1434,  399,  504,  501,
- /*   340 */   500,  111,  560,  566,    4,  926,  926,  433,  499,  340,
- /*   350 */   460,  328,  360,  394, 1237, 1192, 1193, 1194,  563,  568,
+ /*   320 */   121,  121,  120,  120,  120,  119,  116,  444, 1038,  546,
+ /*   330 */  1188,  373, 1188, 1189, 1188,  252, 1429,  399,  504,  501,
+ /*   340 */   500,  111,  560,  566,    4,  924,  924,  433,  499,  340,
+ /*   350 */   460,  328,  360,  394, 1233, 1188, 1189, 1188,  563,  568,
  /*   360 */   122,  122,  122,  122,  121,  121,  120,  120,  120,  119,
- /*   370 */   116,  444,  284,  284,  369, 1580, 1607,  441,  440,  154,
- /*   380 */   409,  445,   71,   71, 1286,  565, 1221, 1192, 1193, 1194,
- /*   390 */    85, 1223,  271,  557,  543,  515, 1561,  568,   98, 1222,
- /*   400 */     6, 1278,  472,  142,  125,  126,   80, 1217, 1217, 1050,
- /*   410 */  1053, 1040, 1040,  123,  123,  124,  124,  124,  124,  550,
- /*   420 */    13,   13, 1027,  507, 1224, 1192, 1224,  549,  109,  109,
- /*   430 */   222,  568, 1238,  175,  568,  427,  110,  197,  445,  570,
- /*   440 */   569,  430, 1552, 1017,  325,  551, 1192,  270,  287,  368,
+ /*   370 */   116,  444,  284,  284,  369, 1574, 1600,  441,  440,  154,
+ /*   380 */   409,  445,   71,   71, 1282,  565, 1217, 1188, 1189, 1188,
+ /*   390 */    85, 1219,  271,  557,  543,  515, 1555,  568,   98, 1218,
+ /*   400 */     6, 1274,  472,  142,  125,  126,   80, 1212, 1212, 1047,
+ /*   410 */  1050, 1037, 1037,  123,  123,  124,  124,  124,  124,  550,
+ /*   420 */    13,   13, 1024,  507, 1220, 1188, 1220,  549,  109,  109,
+ /*   430 */   222,  568, 1234,  175,  568,  427,  110,  197,  445,  569,
+ /*   440 */   445,  430, 1546, 1014,  325,  551, 1188,  270,  287,  368,
  /*   450 */   510,  363,  509,  257,   71,   71,  543,   71,   71,  359,
- /*   460 */   316,  559, 1613,  122,  122,  122,  122,  121,  121,  120,
- /*   470 */   120,  120,  119,  116,  444, 1017, 1017, 1019, 1020,   27,
- /*   480 */   284,  284, 1192, 1193, 1194, 1158,  568, 1612,  409,  901,
- /*   490 */   190,  550,  356,  565,  550,  937,  533,  517, 1158,  516,
- /*   500 */   413, 1158,  552, 1192, 1193, 1194,  568,  544, 1554,   51,
- /*   510 */    51,  214,  125,  126,   80, 1217, 1217, 1050, 1053, 1040,
- /*   520 */  1040,  123,  123,  124,  124,  124,  124, 1192,  474,  135,
- /*   530 */   135,  409,  284,  284, 1490,  505,  121,  121,  120,  120,
- /*   540 */   120,  119,  116,  444, 1007,  565,  518,  217,  541, 1561,
- /*   550 */   316,  559,  142,    6,  532,  125,  126,   80, 1217, 1217,
- /*   560 */  1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,  124,
- /*   570 */  1555,  122,  122,  122,  122,  121,  121,  120,  120,  120,
- /*   580 */   119,  116,  444,  485, 1192, 1193, 1194,  482,  281, 1267,
- /*   590 */   957,  252, 1192,  373,  504,  501,  500, 1192,  340,  571,
- /*   600 */  1192,  571,  409,  292,  499,  957,  876,  191,  480,  316,
+ /*   460 */   316,  559, 1606,  122,  122,  122,  122,  121,  121,  120,
+ /*   470 */   120,  120,  119,  116,  444, 1014, 1014, 1016, 1017,   27,
+ /*   480 */   284,  284, 1188, 1189, 1188, 1154,  568, 1605,  409,  899,
+ /*   490 */   190,  550,  356,  565,  550,  935,  533,  517, 1154,  516,
+ /*   500 */   413, 1154,  552, 1188, 1189, 1188,  568,  544, 1548,   51,
+ /*   510 */    51,  214,  125,  126,   80, 1212, 1212, 1047, 1050, 1037,
+ /*   520 */  1037,  123,  123,  124,  124,  124,  124, 1188,  474,  135,
+ /*   530 */   135,  409,  284,  284, 1484,  505,  121,  121,  120,  120,
+ /*   540 */   120,  119,  116,  444, 1005,  565,  518,  217,  541, 1555,
+ /*   550 */   316,  559,  142,    6,  532,  125,  126,   80, 1212, 1212,
+ /*   560 */  1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,  124,
+ /*   570 */  1549,  122,  122,  122,  122,  121,  121,  120,  120,  120,
+ /*   580 */   119,  116,  444,  485, 1188, 1189, 1188,  482,  281, 1263,
+ /*   590 */   955,  252, 1188,  373,  504,  501,  500, 1188,  340,  570,
+ /*   600 */  1188,  570,  409,  292,  499,  955,  874,  191,  480,  316,
  /*   610 */   559,  384,  290,  380,  122,  122,  122,  122,  121,  121,
- /*   620 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1217,
- /*   630 */  1217, 1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,
- /*   640 */   124,  409,  394, 1136, 1192,  869,  100,  284,  284, 1192,
- /*   650 */  1193, 1194,  373, 1093, 1192, 1193, 1194, 1192, 1193, 1194,
- /*   660 */   565,  455,   32,  373,  233,  125,  126,   80, 1217, 1217,
- /*   670 */  1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,  124,
- /*   680 */  1433,  959,  568,  228,  958,  122,  122,  122,  122,  121,
- /*   690 */   121,  120,  120,  120,  119,  116,  444, 1158,  228, 1192,
- /*   700 */   157, 1192, 1193, 1194, 1553,   13,   13,  301,  957, 1232,
- /*   710 */  1158,  153,  409, 1158,  373, 1583, 1176,    5,  369, 1580,
- /*   720 */   429, 1238,    3,  957,  122,  122,  122,  122,  121,  121,
- /*   730 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1217,
- /*   740 */  1217, 1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,
- /*   750 */   124,  409,  208,  567, 1192, 1028, 1192, 1193, 1194, 1192,
- /*   760 */   388,  852,  155, 1552,  286,  402, 1098, 1098,  488,  568,
- /*   770 */   465,  342, 1319, 1319, 1552,  125,  126,   80, 1217, 1217,
- /*   780 */  1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,  124,
+ /*   620 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1212,
+ /*   630 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
+ /*   640 */   124,  409,  394, 1132, 1188,  867,  100,  284,  284, 1188,
+ /*   650 */  1189, 1188,  373, 1089, 1188, 1189, 1188, 1188, 1189, 1188,
+ /*   660 */   565,  455,   32,  373,  233,  125,  126,   80, 1212, 1212,
+ /*   670 */  1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,  124,
+ /*   680 */  1428,  957,  568,  228,  956,  122,  122,  122,  122,  121,
+ /*   690 */   121,  120,  120,  120,  119,  116,  444, 1154,  228, 1188,
+ /*   700 */   157, 1188, 1189, 1188, 1547,   13,   13,  301,  955, 1228,
+ /*   710 */  1154,  153,  409, 1154,  373, 1577, 1172,    5,  369, 1574,
+ /*   720 */   429, 1234,    3,  955,  122,  122,  122,  122,  121,  121,
+ /*   730 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1212,
+ /*   740 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
+ /*   750 */   124,  409,  208,  567, 1188, 1025, 1188, 1189, 1188, 1188,
+ /*   760 */   388,  850,  155, 1546,  286,  402, 1094, 1094,  488,  568,
+ /*   770 */   465,  342, 1315, 1315, 1546,  125,  126,   80, 1212, 1212,
+ /*   780 */  1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,  124,
  /*   790 */   129,  568,   13,   13,  374,  122,  122,  122,  122,  121,
  /*   800 */   121,  120,  120,  120,  119,  116,  444,  302,  568,  453,
- /*   810 */   528, 1192, 1193, 1194,   13,   13, 1192, 1193, 1194, 1297,
- /*   820 */   463, 1267,  409, 1317, 1317, 1552, 1012,  453,  452,  200,
- /*   830 */   299,   71,   71, 1265,  122,  122,  122,  122,  121,  121,
- /*   840 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1217,
- /*   850 */  1217, 1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,
- /*   860 */   124,  409,  227, 1073, 1158,  284,  284,  419,  312,  278,
- /*   870 */   278,  285,  285, 1419,  406,  405,  382, 1158,  565,  568,
- /*   880 */  1158, 1196,  565, 1600,  565,  125,  126,   80, 1217, 1217,
- /*   890 */  1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,  124,
- /*   900 */   453, 1482,   13,   13, 1536,  122,  122,  122,  122,  121,
+ /*   810 */   528, 1188, 1189, 1188,   13,   13, 1188, 1189, 1188, 1293,
+ /*   820 */   463, 1263,  409, 1313, 1313, 1546, 1010,  453,  452,  200,
+ /*   830 */   299,   71,   71, 1261,  122,  122,  122,  122,  121,  121,
+ /*   840 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1212,
+ /*   850 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
+ /*   860 */   124,  409,  227, 1069, 1154,  284,  284,  419,  312,  278,
+ /*   870 */   278,  285,  285, 1415,  406,  405,  382, 1154,  565,  568,
+ /*   880 */  1154, 1191,  565, 1594,  565,  125,  126,   80, 1212, 1212,
+ /*   890 */  1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,  124,
+ /*   900 */   453, 1476,   13,   13, 1530,  122,  122,  122,  122,  121,
  /*   910 */   121,  120,  120,  120,  119,  116,  444,  201,  568,  354,
- /*   920 */  1586,  575,    2, 1245,  840,  841,  842, 1562,  317, 1212,
- /*   930 */   146,    6,  409,  255,  254,  253,  206, 1327,    9, 1196,
+ /*   920 */  1580,  574,    2, 1241,  838,  839,  840, 1556,  317, 1207,
+ /*   930 */   146,    6,  409,  255,  254,  253,  206, 1323,    9, 1191,
  /*   940 */   262,   71,   71,  424,  122,  122,  122,  122,  121,  121,
- /*   950 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1217,
- /*   960 */  1217, 1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,
- /*   970 */   124,  568,  284,  284,  568, 1213,  409,  574,  313, 1245,
- /*   980 */   349, 1296,  352,  419,  317,  565,  146,  491,  525, 1643,
- /*   990 */   395,  371,  491, 1327,   70,   70, 1295,   71,   71,  240,
- /*  1000 */  1325,  104,   80, 1217, 1217, 1050, 1053, 1040, 1040,  123,
+ /*   950 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1212,
+ /*   960 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
+ /*   970 */   124,  568,  284,  284,  568, 1208,  409,  573,  313, 1241,
+ /*   980 */   349, 1292,  352,  419,  317,  565,  146,  491,  525, 1637,
+ /*   990 */   395,  371,  491, 1323,   70,   70, 1291,   71,   71,  240,
+ /*  1000 */  1321,  104,   80, 1212, 1212, 1047, 1050, 1037, 1037,  123,
  /*  1010 */   123,  124,  124,  124,  124,  122,  122,  122,  122,  121,
- /*  1020 */   121,  120,  120,  120,  119,  116,  444, 1114,  284,  284,
- /*  1030 */   428,  448, 1525, 1213,  439,  284,  284, 1489, 1352,  311,
- /*  1040 */   474,  565, 1115,  971,  491,  491,  217, 1263,  565, 1538,
- /*  1050 */   568,  972,  207,  568, 1027,  240,  383, 1116,  519,  122,
+ /*  1020 */   121,  120,  120,  120,  119,  116,  444, 1110,  284,  284,
+ /*  1030 */   428,  448, 1519, 1208,  439,  284,  284, 1483, 1348,  311,
+ /*  1040 */   474,  565, 1111,  969,  491,  491,  217, 1259,  565, 1532,
+ /*  1050 */   568,  970,  207,  568, 1024,  240,  383, 1112,  519,  122,
  /*  1060 */   122,  122,  122,  121,  121,  120,  120,  120,  119,  116,
- /*  1070 */   444, 1018,  107,   71,   71, 1017,   13,   13,  912,  568,
- /*  1080 */  1495,  568,  284,  284,   97,  526,  491,  448,  913, 1326,
- /*  1090 */  1322,  545,  409,  284,  284,  565,  151,  209, 1495, 1497,
- /*  1100 */   262,  450,   55,   55,   56,   56,  565, 1017, 1017, 1019,
- /*  1110 */   443,  332,  409,  527,   12,  295,  125,  126,   80, 1217,
- /*  1120 */  1217, 1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,
- /*  1130 */   124,  347,  409,  864, 1534, 1213,  125,  126,   80, 1217,
- /*  1140 */  1217, 1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,
- /*  1150 */   124, 1137, 1641,  474, 1641,  371,  125,  114,   80, 1217,
- /*  1160 */  1217, 1050, 1053, 1040, 1040,  123,  123,  124,  124,  124,
- /*  1170 */   124, 1495,  329,  474,  331,  122,  122,  122,  122,  121,
- /*  1180 */   121,  120,  120,  120,  119,  116,  444,  203, 1419,  568,
- /*  1190 */  1294,  864,  464, 1213,  436,  122,  122,  122,  122,  121,
- /*  1200 */   121,  120,  120,  120,  119,  116,  444,  553, 1137, 1642,
- /*  1210 */   539, 1642,   15,   15,  892,  122,  122,  122,  122,  121,
+ /*  1070 */   444, 1015,  107,   71,   71, 1014,   13,   13,  910,  568,
+ /*  1080 */  1489,  568,  284,  284,   97,  526,  491,  448,  911, 1322,
+ /*  1090 */  1318,  545,  409,  284,  284,  565,  151,  209, 1489, 1491,
+ /*  1100 */   262,  450,   55,   55,   56,   56,  565, 1014, 1014, 1016,
+ /*  1110 */   443,  332,  409,  527,   12,  295,  125,  126,   80, 1212,
+ /*  1120 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
+ /*  1130 */   124,  347,  409,  862, 1528, 1208,  125,  126,   80, 1212,
+ /*  1140 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
+ /*  1150 */   124, 1133, 1635,  474, 1635,  371,  125,  114,   80, 1212,
+ /*  1160 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
+ /*  1170 */   124, 1489,  329,  474,  331,  122,  122,  122,  122,  121,
+ /*  1180 */   121,  120,  120,  120,  119,  116,  444,  203, 1415,  568,
+ /*  1190 */  1290,  862,  464, 1208,  436,  122,  122,  122,  122,  121,
+ /*  1200 */   121,  120,  120,  120,  119,  116,  444,  553, 1133, 1636,
+ /*  1210 */   539, 1636,   15,   15,  890,  122,  122,  122,  122,  121,
  /*  1220 */   121,  120,  120,  120,  119,  116,  444,  568,  298,  538,
- /*  1230 */  1135, 1419, 1559, 1560, 1331,  409,    6,    6, 1169, 1268,
- /*  1240 */   415,  320,  284,  284, 1419,  508,  565,  525,  300,  457,
- /*  1250 */    43,   43,  568,  893,   12,  565,  330,  478,  425,  407,
- /*  1260 */   126,   80, 1217, 1217, 1050, 1053, 1040, 1040,  123,  123,
- /*  1270 */   124,  124,  124,  124,  568,   57,   57,  288, 1192, 1419,
- /*  1280 */   496,  458,  392,  392,  391,  273,  389, 1135, 1558,  849,
- /*  1290 */  1169,  407,    6,  568,  321, 1158,  470,   44,   44, 1557,
- /*  1300 */  1114,  426,  234,    6,  323,  256,  540,  256, 1158,  431,
- /*  1310 */   568, 1158,  322,   17,  487, 1115,   58,   58,  122,  122,
+ /*  1230 */  1131, 1415, 1553, 1554, 1327,  409,    6,    6, 1165, 1264,
+ /*  1240 */   415,  320,  284,  284, 1415,  508,  565,  525,  300,  457,
+ /*  1250 */    43,   43,  568,  891,   12,  565,  330,  478,  425,  407,
+ /*  1260 */   126,   80, 1212, 1212, 1047, 1050, 1037, 1037,  123,  123,
+ /*  1270 */   124,  124,  124,  124,  568,   57,   57,  288, 1188, 1415,
+ /*  1280 */   496,  458,  392,  392,  391,  273,  389, 1131, 1552,  847,
+ /*  1290 */  1165,  407,    6,  568,  321, 1154,  470,   44,   44, 1551,
+ /*  1300 */  1110,  426,  234,    6,  323,  256,  540,  256, 1154,  431,
+ /*  1310 */   568, 1154,  322,   17,  487, 1111,   58,   58,  122,  122,
  /*  1320 */   122,  122,  121,  121,  120,  120,  120,  119,  116,  444,
- /*  1330 */  1116,  216,  481,   59,   59, 1192, 1193, 1194,  111,  560,
+ /*  1330 */  1112,  216,  481,   59,   59, 1188, 1189, 1188,  111,  560,
  /*  1340 */   324,    4,  236,  456,  526,  568,  237,  456,  568,  437,
- /*  1350 */   168,  556,  420,  141,  479,  563,  568,  293,  568, 1095,
- /*  1360 */   568,  293,  568, 1095,  531,  568,  872,    8,   60,   60,
+ /*  1350 */   168,  556,  420,  141,  479,  563,  568,  293,  568, 1091,
+ /*  1360 */   568,  293,  568, 1091,  531,  568,  870,    8,   60,   60,
  /*  1370 */   235,   61,   61,  568,  414,  568,  414,  568,  445,   62,
  /*  1380 */    62,   45,   45,   46,   46,   47,   47,  199,   49,   49,
  /*  1390 */   557,  568,  359,  568,  100,  486,   50,   50,   63,   63,
- /*  1400 */    64,   64,  561,  415,  535,  410,  568, 1027,  568,  534,
- /*  1410 */   316,  559,  316,  559,   65,   65,   14,   14,  568, 1027,
- /*  1420 */   568,  512,  932,  872, 1018,  109,  109,  931, 1017,   66,
- /*  1430 */    66,  131,  131,  110,  451,  445,  570,  569,  416,  177,
- /*  1440 */  1017,  132,  132,   67,   67,  568,  467,  568,  932,  471,
- /*  1450 */  1364,  283,  226,  931,  315, 1363,  407,  568,  459,  407,
- /*  1460 */  1017, 1017, 1019,  239,  407,   86,  213, 1350,   52,   52,
- /*  1470 */    68,   68, 1017, 1017, 1019, 1020,   27, 1585, 1180,  447,
- /*  1480 */    69,   69,  288,   97,  108, 1541,  106,  392,  392,  391,
- /*  1490 */   273,  389,  568,  879,  849,  883,  568,  111,  560,  466,
- /*  1500 */     4,  568,  152,   30,   38,  568, 1132,  234,  396,  323,
+ /*  1400 */    64,   64,  561,  415,  535,  410,  568, 1024,  568,  534,
+ /*  1410 */   316,  559,  316,  559,   65,   65,   14,   14,  568, 1024,
+ /*  1420 */   568,  512,  930,  870, 1015,  109,  109,  929, 1014,   66,
+ /*  1430 */    66,  131,  131,  110,  451,  445,  569,  445,  416,  177,
+ /*  1440 */  1014,  132,  132,   67,   67,  568,  467,  568,  930,  471,
+ /*  1450 */  1360,  283,  226,  929,  315, 1359,  407,  568,  459,  407,
+ /*  1460 */  1014, 1014, 1016,  239,  407,   86,  213, 1346,   52,   52,
+ /*  1470 */    68,   68, 1014, 1014, 1016, 1017,   27, 1579, 1176,  447,
+ /*  1480 */    69,   69,  288,   97,  108, 1535,  106,  392,  392,  391,
+ /*  1490 */   273,  389,  568,  877,  847,  881,  568,  111,  560,  466,
+ /*  1500 */     4,  568,  152,   30,   38,  568, 1128,  234,  396,  323,
  /*  1510 */   111,  560,  527,    4,  563,   53,   53,  322,  568,  163,
  /*  1520 */   163,  568,  337,  468,  164,  164,  333,  563,   76,   76,
- /*  1530 */   568,  289, 1514,  568,   31, 1513,  568,  445,  338,  483,
- /*  1540 */   100,   54,   54,  344,   72,   72,  296,  236, 1080,  557,
- /*  1550 */   445,  879, 1360,  134,  134,  168,   73,   73,  141,  161,
- /*  1560 */   161, 1574,  557,  535,  568,  319,  568,  348,  536, 1009,
- /*  1570 */   473,  261,  261,  891,  890,  235,  535,  568, 1027,  568,
+ /*  1530 */   568,  289, 1508,  568,   31, 1507,  568,  445,  338,  483,
+ /*  1540 */   100,   54,   54,  344,   72,   72,  296,  236, 1076,  557,
+ /*  1550 */   445,  877, 1356,  134,  134,  168,   73,   73,  141,  161,
+ /*  1560 */   161, 1568,  557,  535,  568,  319,  568,  348,  536, 1007,
+ /*  1570 */   473,  261,  261,  889,  888,  235,  535,  568, 1024,  568,
  /*  1580 */   475,  534,  261,  367,  109,  109,  521,  136,  136,  130,
- /*  1590 */   130, 1027,  110,  366,  445,  570,  569,  109,  109, 1017,
- /*  1600 */   162,  162,  156,  156,  568,  110, 1080,  445,  570,  569,
- /*  1610 */   410,  351, 1017,  568,  353,  316,  559,  568,  343,  568,
- /*  1620 */   100,  497,  357,  258,  100,  898,  899,  140,  140,  355,
- /*  1630 */  1310, 1017, 1017, 1019, 1020,   27,  139,  139,  362,  451,
- /*  1640 */   137,  137,  138,  138, 1017, 1017, 1019, 1020,   27, 1180,
- /*  1650 */   447,  568,  372,  288,  111,  560, 1021,    4,  392,  392,
- /*  1660 */   391,  273,  389,  568, 1141,  849,  568, 1076,  568,  258,
- /*  1670 */   492,  563,  568,  211,   75,   75,  555,  962,  234,  261,
- /*  1680 */   323,  111,  560,  929,    4,  113,   77,   77,  322,   74,
- /*  1690 */    74,   42,   42, 1373,  445,   48,   48, 1418,  563,  974,
- /*  1700 */   975, 1092, 1091, 1092, 1091,  862,  557,  150,  930, 1346,
- /*  1710 */   113, 1358,  554, 1424, 1021, 1275, 1266, 1254,  236, 1253,
- /*  1720 */  1255,  445, 1593, 1343,  308,  276,  168,  309,   11,  141,
- /*  1730 */   393,  310,  232,  557, 1405, 1027,  335,  291, 1400,  219,
- /*  1740 */   336,  109,  109,  936,  297, 1410,  235,  341,  477,  110,
- /*  1750 */   502,  445,  570,  569, 1393, 1409, 1017,  400, 1293,  365,
- /*  1760 */   223, 1486, 1027, 1485, 1355, 1356, 1354, 1353,  109,  109,
- /*  1770 */   204, 1596, 1232,  558,  265,  218,  110,  205,  445,  570,
- /*  1780 */   569,  410,  387, 1017, 1533,  179,  316,  559, 1017, 1017,
- /*  1790 */  1019, 1020,   27,  230, 1531, 1229,   79,  560,   85,    4,
- /*  1800 */   418,  215,  548,   81,   84,  188, 1406,  173,  181,  461,
- /*  1810 */   451,   35,  462,  563,  183, 1017, 1017, 1019, 1020,   27,
- /*  1820 */   184, 1491,  185,  186,  495,  242,   98,  398, 1412,   36,
- /*  1830 */  1411,  484,   91,  469,  401, 1414,  445,  192, 1480,  246,
- /*  1840 */  1502,  490,  346,  277,  248,  196,  493,  511,  557,  350,
- /*  1850 */  1256,  249,  250,  403, 1313, 1312,  111,  560,  432,    4,
- /*  1860 */  1311, 1304,   93, 1611,  883, 1610,  224,  404,  434,  520,
- /*  1870 */   263,  435, 1579,  563, 1283, 1282,  364, 1027,  306, 1281,
- /*  1880 */   264, 1609, 1565,  109,  109,  370, 1303,  307, 1564,  438,
- /*  1890 */   128,  110, 1378,  445,  570,  569,  445,  546, 1017,   10,
- /*  1900 */  1466,  105,  381, 1377,   34,  572,   99, 1336,  557,  314,
- /*  1910 */  1186,  530,  272,  274,  379,  210, 1335,  547,  385,  386,
- /*  1920 */   275,  573, 1251, 1246,  411,  412, 1518,  165,  178, 1519,
- /*  1930 */  1017, 1017, 1019, 1020,   27, 1517, 1516, 1027,   78,  147,
- /*  1940 */   166,  220,  221,  109,  109,  836,  304,  167,  446,  212,
- /*  1950 */   318,  110,  231,  445,  570,  569,  144, 1090, 1017, 1088,
- /*  1960 */   326,  180,  169, 1212,  182,  334,  238,  915,  241, 1104,
+ /*  1590 */   130, 1024,  110,  366,  445,  569,  445,  109,  109, 1014,
+ /*  1600 */   162,  162,  156,  156,  568,  110, 1076,  445,  569,  445,
+ /*  1610 */   410,  351, 1014,  568,  353,  316,  559,  568,  343,  568,
+ /*  1620 */   100,  497,  357,  258,  100,  896,  897,  140,  140,  355,
+ /*  1630 */  1306, 1014, 1014, 1016, 1017,   27,  139,  139,  362,  451,
+ /*  1640 */   137,  137,  138,  138, 1014, 1014, 1016, 1017,   27, 1176,
+ /*  1650 */   447,  568,  372,  288,  111,  560, 1018,    4,  392,  392,
+ /*  1660 */   391,  273,  389,  568, 1137,  847,  568, 1072,  568,  258,
+ /*  1670 */   492,  563,  568,  211,   75,   75,  555,  960,  234,  261,
+ /*  1680 */   323,  111,  560,  927,    4,  113,   77,   77,  322,   74,
+ /*  1690 */    74,   42,   42, 1369,  445,   48,   48, 1414,  563,  972,
+ /*  1700 */   973, 1088, 1087, 1088, 1087,  860,  557,  150,  928, 1342,
+ /*  1710 */   113, 1354,  554, 1419, 1018, 1271, 1262, 1250,  236, 1249,
+ /*  1720 */  1251,  445, 1587, 1339,  308,  276,  168,  309,   11,  141,
+ /*  1730 */   393,  310,  232,  557, 1401, 1024,  335,  291, 1396,  219,
+ /*  1740 */   336,  109,  109,  934,  297, 1406,  235,  341,  477,  110,
+ /*  1750 */   502,  445,  569,  445, 1389, 1405, 1014,  400, 1289,  365,
+ /*  1760 */   223, 1480, 1024, 1479, 1351, 1352, 1350, 1349,  109,  109,
+ /*  1770 */   204, 1590, 1228,  558,  265,  218,  110,  205,  445,  569,
+ /*  1780 */   445,  410,  387, 1014, 1527,  179,  316,  559, 1014, 1014,
+ /*  1790 */  1016, 1017,   27,  230, 1525, 1225,   79,  560,   85,    4,
+ /*  1800 */   418,  215,  548,   81,   84,  188, 1402,  173,  181,  461,
+ /*  1810 */   451,   35,  462,  563,  183, 1014, 1014, 1016, 1017,   27,
+ /*  1820 */   184, 1485,  185,  186,  495,  242,   98,  398, 1408,   36,
+ /*  1830 */  1407,  484,   91,  469,  401, 1410,  445,  192, 1474,  246,
+ /*  1840 */  1496,  490,  346,  277,  248,  196,  493,  511,  557,  350,
+ /*  1850 */  1252,  249,  250,  403, 1309, 1308,  111,  560,  432,    4,
+ /*  1860 */  1307, 1300,   93, 1604,  881, 1603,  224,  404,  434,  520,
+ /*  1870 */   263,  435, 1573,  563, 1279, 1278,  364, 1024,  306, 1277,
+ /*  1880 */   264, 1602, 1559,  109,  109,  370, 1299,  307, 1558,  438,
+ /*  1890 */   128,  110, 1374,  445,  569,  445,  445,  546, 1014,   10,
+ /*  1900 */  1461,  105,  381, 1373,   34,  571,   99, 1332,  557,  314,
+ /*  1910 */  1182,  530,  272,  274,  379,  210, 1331,  547,  385,  386,
+ /*  1920 */   275,  572, 1247, 1242,  411,  412, 1512,  165,  178, 1513,
+ /*  1930 */  1014, 1014, 1016, 1017,   27, 1511, 1510, 1024,   78,  147,
+ /*  1940 */   166,  220,  221,  109,  109,  834,  304,  167,  446,  212,
+ /*  1950 */   318,  110,  231,  445,  569,  445,  144, 1086, 1014, 1084,
+ /*  1960 */   326,  180,  169, 1207,  182,  334,  238,  913,  241, 1100,
  /*  1970 */   187,  170,  171,  421,   87,   88,  423,  189,   89,   90,
- /*  1980 */   172, 1107,  243, 1103,  244,  158,   18,  245,  345,  247,
- /*  1990 */  1017, 1017, 1019, 1020,   27,  261, 1096,  193, 1226,  489,
- /*  2000 */   194,   37,  366,  851,  494,  251,  195,  506,   92,   19,
- /*  2010 */   498,  358,   20,  503,  881,  361,   94,  894,  305,  159,
- /*  2020 */   513,   39,   95, 1174,  160, 1056,  966, 1143,   96,  174,
- /*  2030 */  1142,  225,  280,  282,  198,  960,  113, 1164, 1160,  260,
- /*  2040 */    21,   22,   23, 1162, 1168, 1167, 1148,   24,   33,   25,
- /*  2050 */   202,  542,   26,  100, 1071,  102, 1057,  103,    7, 1055,
- /*  2060 */  1059, 1113, 1060, 1112,  266,  267,   28,   40,  390, 1022,
- /*  2070 */   863,  112,   29,  564, 1182, 1181,  268,  176,  143,  925,
- /*  2080 */  1242, 1242, 1242, 1242, 1242, 1242, 1242, 1242, 1242, 1242,
- /*  2090 */  1242, 1242, 1242, 1242,  269, 1602, 1242, 1601,
+ /*  1980 */   172, 1103,  243, 1099,  244,  158,   18,  245,  345,  247,
+ /*  1990 */  1014, 1014, 1016, 1017,   27,  261, 1092,  193, 1222,  489,
+ /*  2000 */   194,   37,  366,  849,  494,  251,  195,  506,   92,   19,
+ /*  2010 */   498,  358,   20,  503,  879,  361,   94,  892,  305,  159,
+ /*  2020 */   513,   39,   95, 1170,  160, 1053,  964, 1139,   96,  174,
+ /*  2030 */  1138,  225,  280,  282,  198,  958,  113, 1160, 1156,  260,
+ /*  2040 */    21,   22,   23, 1158, 1164, 1163, 1144,   24,   33,   25,
+ /*  2050 */   202,  542,   26,  100, 1067,  102, 1054,  103,    7, 1052,
+ /*  2060 */  1056, 1109, 1057, 1108,  266,  267,   28,   40,  390, 1019,
+ /*  2070 */   861,  112,   29,  564, 1178, 1177,  268,  176,  143,  923,
+ /*  2080 */  1238, 1238, 1238, 1238, 1238, 1238, 1238, 1238, 1238, 1238,
+ /*  2090 */  1238, 1238, 1238, 1238,  269, 1595,
 };
 static const YYCODETYPE yy_lookahead[] = {
  /*     0 */   193,  193,  193,  274,  275,  276,  193,  274,  275,  276,
@@ -164533,7 +168730,7 @@ static const YYCODETYPE yy_lookahead[] = {
  /*  2060 */    23,   23,   11,   23,   25,   22,   22,   22,   15,   23,
  /*  2070 */    23,   22,   22,   25,    1,    1,  141,   25,   23,  135,
  /*  2080 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2090 */   319,  319,  319,  319,  141,  141,  319,  141,  319,  319,
+ /*  2090 */   319,  319,  319,  319,  141,  141,  319,  319,  319,  319,
  /*  2100 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
  /*  2110 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
  /*  2120 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
@@ -164552,9 +168749,9 @@ static const YYCODETYPE yy_lookahead[] = {
  /*  2250 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
  /*  2260 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
  /*  2270 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2280 */   319,  319,  319,
+ /*  2280 */   319,
 };
-#define YY_SHIFT_COUNT    (575)
+#define YY_SHIFT_COUNT    (574)
 #define YY_SHIFT_MIN      (0)
 #define YY_SHIFT_MAX      (2074)
 static const unsigned short int yy_shift_ofst[] = {
@@ -164574,12 +168771,12 @@ static const unsigned short int yy_shift_ofst[] = {
  /*   130 */   137,  181,  181,  181,  181,  181,  181,  181,   94,  430,
  /*   140 */    66,   65,  112,  366,  533,  533,  740, 1261,  533,  533,
  /*   150 */    79,   79,  533,  412,  412,  412,   77,  412,  123,  113,
- /*   160 */   113,   22,   22, 2098, 2098,  328,  328,  328,  239,  468,
+ /*   160 */   113,   22,   22, 2096, 2096,  328,  328,  328,  239,  468,
  /*   170 */   468,  468,  468, 1015, 1015,  409,  366, 1129, 1186,  533,
  /*   180 */   533,  533,  533,  533,  533,  533,  533,  533,  533,  533,
  /*   190 */   533,  533,  533,  533,  533,  533,  533,  533,  533,  969,
  /*   200 */   621,  621,  533,  642,  788,  788, 1228, 1228,  822,  822,
- /*   210 */    67, 1274, 2098, 2098, 2098, 2098, 2098, 2098, 2098, 1307,
+ /*   210 */    67, 1274, 2096, 2096, 2096, 2096, 2096, 2096, 2096, 1307,
  /*   220 */   954,  954,  585,  472,  640,  387,  695,  538,  541,  700,
  /*   230 */   533,  533,  533,  533,  533,  533,  533,  533,  533,  533,
  /*   240 */   222,  533,  533,  533,  533,  533,  533,  533,  533,  533,
@@ -164597,8 +168794,8 @@ static const unsigned short int yy_shift_ofst[] = {
  /*   360 */  1840, 1840, 1823, 1732, 1738, 1732, 1794, 1732, 1732, 1701,
  /*   370 */  1844, 1758, 1758, 1823, 1633, 1789, 1789, 1807, 1807, 1742,
  /*   380 */  1752, 1877, 1633, 1743, 1742, 1759, 1765, 1677, 1879, 1897,
- /*   390 */  1897, 1914, 1914, 1914, 2098, 2098, 2098, 2098, 2098, 2098,
- /*   400 */  2098, 2098, 2098, 2098, 2098, 2098, 2098, 2098, 2098,  207,
+ /*   390 */  1897, 1914, 1914, 1914, 2096, 2096, 2096, 2096, 2096, 2096,
+ /*   400 */  2096, 2096, 2096, 2096, 2096, 2096, 2096, 2096, 2096,  207,
  /*   410 */  1095,  331,  620,  903,  806, 1074, 1483, 1432, 1481, 1322,
  /*   420 */  1370, 1394, 1515, 1291, 1546, 1547, 1557, 1595, 1598, 1599,
  /*   430 */  1434, 1453, 1618, 1462, 1567, 1489, 1644, 1654, 1616, 1660,
@@ -164615,7 +168812,7 @@ static const unsigned short int yy_shift_ofst[] = {
  /*   540 */  2015, 2023, 2026, 2027, 2025, 2028, 2018, 1913, 1915, 2031,
  /*   550 */  2011, 2033, 2036, 2037, 2038, 2039, 2040, 2043, 2051, 2044,
  /*   560 */  2045, 2046, 2047, 2049, 2050, 2048, 1944, 1935, 1953, 1954,
- /*   570 */  1956, 2052, 2055, 2053, 2073, 2074,
+ /*   570 */  2052, 2055, 2053, 2073, 2074,
 };
 #define YY_REDUCE_COUNT (408)
 #define YY_REDUCE_MIN   (-271)
@@ -164664,64 +168861,64 @@ static const short yy_reduce_ofst[] = {
  /*   400 */  1722, 1723, 1733, 1717, 1724, 1727, 1728, 1725, 1740,
 };
 static const YYACTIONTYPE yy_default[] = {
- /*     0 */  1647, 1647, 1647, 1475, 1240, 1351, 1240, 1240, 1240, 1475,
- /*    10 */  1475, 1475, 1240, 1381, 1381, 1528, 1273, 1240, 1240, 1240,
- /*    20 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1474, 1240, 1240,
- /*    30 */  1240, 1240, 1563, 1563, 1240, 1240, 1240, 1240, 1240, 1240,
- /*    40 */  1240, 1240, 1390, 1240, 1397, 1240, 1240, 1240, 1240, 1240,
- /*    50 */  1476, 1477, 1240, 1240, 1240, 1527, 1529, 1492, 1404, 1403,
- /*    60 */  1402, 1401, 1510, 1369, 1395, 1388, 1392, 1470, 1471, 1469,
- /*    70 */  1473, 1477, 1476, 1240, 1391, 1438, 1454, 1437, 1240, 1240,
- /*    80 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*    90 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   100 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   110 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   120 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   130 */  1446, 1453, 1452, 1451, 1460, 1450, 1447, 1440, 1439, 1441,
- /*   140 */  1442, 1240, 1240, 1264, 1240, 1240, 1261, 1315, 1240, 1240,
- /*   150 */  1240, 1240, 1240, 1547, 1546, 1240, 1443, 1240, 1273, 1432,
- /*   160 */  1431, 1457, 1444, 1456, 1455, 1535, 1599, 1598, 1493, 1240,
- /*   170 */  1240, 1240, 1240, 1240, 1240, 1563, 1240, 1240, 1240, 1240,
- /*   180 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   190 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1371,
- /*   200 */  1563, 1563, 1240, 1273, 1563, 1563, 1372, 1372, 1269, 1269,
- /*   210 */  1375, 1240, 1542, 1342, 1342, 1342, 1342, 1351, 1342, 1240,
- /*   220 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   230 */  1240, 1240, 1240, 1240, 1532, 1530, 1240, 1240, 1240, 1240,
- /*   240 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   250 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   260 */  1240, 1240, 1240, 1347, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   270 */  1240, 1240, 1240, 1240, 1240, 1592, 1240, 1505, 1329, 1347,
- /*   280 */  1347, 1347, 1347, 1349, 1330, 1328, 1341, 1274, 1247, 1639,
- /*   290 */  1407, 1396, 1348, 1396, 1636, 1394, 1407, 1407, 1394, 1407,
- /*   300 */  1348, 1636, 1290, 1615, 1285, 1381, 1381, 1381, 1371, 1371,
- /*   310 */  1371, 1371, 1375, 1375, 1472, 1348, 1341, 1240, 1639, 1639,
- /*   320 */  1357, 1357, 1638, 1638, 1357, 1493, 1623, 1416, 1318, 1324,
- /*   330 */  1324, 1324, 1324, 1357, 1258, 1394, 1623, 1623, 1394, 1416,
- /*   340 */  1318, 1394, 1318, 1394, 1357, 1258, 1509, 1633, 1357, 1258,
- /*   350 */  1483, 1357, 1258, 1357, 1258, 1483, 1316, 1316, 1316, 1305,
- /*   360 */  1240, 1240, 1483, 1316, 1290, 1316, 1305, 1316, 1316, 1581,
- /*   370 */  1240, 1487, 1487, 1483, 1357, 1573, 1573, 1384, 1384, 1389,
- /*   380 */  1375, 1478, 1357, 1240, 1389, 1387, 1385, 1394, 1308, 1595,
- /*   390 */  1595, 1591, 1591, 1591, 1644, 1644, 1542, 1608, 1273, 1273,
- /*   400 */  1273, 1273, 1608, 1292, 1292, 1274, 1274, 1273, 1608, 1240,
- /*   410 */  1240, 1240, 1240, 1240, 1240, 1603, 1240, 1537, 1494, 1361,
- /*   420 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   430 */  1240, 1240, 1240, 1240, 1548, 1240, 1240, 1240, 1240, 1240,
- /*   440 */  1240, 1240, 1240, 1240, 1240, 1421, 1240, 1243, 1539, 1240,
- /*   450 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1398, 1399, 1362,
- /*   460 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1413, 1240, 1240,
- /*   470 */  1240, 1408, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   480 */  1635, 1240, 1240, 1240, 1240, 1240, 1240, 1508, 1507, 1240,
- /*   490 */  1240, 1359, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   500 */  1240, 1240, 1240, 1240, 1240, 1288, 1240, 1240, 1240, 1240,
- /*   510 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   520 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1386,
- /*   530 */  1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   540 */  1240, 1240, 1240, 1240, 1578, 1376, 1240, 1240, 1240, 1240,
- /*   550 */  1626, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240,
- /*   560 */  1240, 1240, 1240, 1240, 1240, 1619, 1332, 1423, 1240, 1422,
- /*   570 */  1426, 1262, 1240, 1252, 1240, 1240,
+ /*     0 */  1641, 1641, 1641, 1469, 1236, 1347, 1236, 1236, 1236, 1469,
+ /*    10 */  1469, 1469, 1236, 1377, 1377, 1522, 1269, 1236, 1236, 1236,
+ /*    20 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1468, 1236, 1236,
+ /*    30 */  1236, 1236, 1557, 1557, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*    40 */  1236, 1236, 1386, 1236, 1393, 1236, 1236, 1236, 1236, 1236,
+ /*    50 */  1470, 1471, 1236, 1236, 1236, 1521, 1523, 1486, 1400, 1399,
+ /*    60 */  1398, 1397, 1504, 1365, 1391, 1384, 1388, 1465, 1466, 1464,
+ /*    70 */  1619, 1471, 1470, 1236, 1387, 1433, 1449, 1432, 1236, 1236,
+ /*    80 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*    90 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   100 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   110 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   120 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   130 */  1441, 1448, 1447, 1446, 1455, 1445, 1442, 1435, 1434, 1436,
+ /*   140 */  1437, 1236, 1236, 1260, 1236, 1236, 1257, 1311, 1236, 1236,
+ /*   150 */  1236, 1236, 1236, 1541, 1540, 1236, 1438, 1236, 1269, 1427,
+ /*   160 */  1426, 1452, 1439, 1451, 1450, 1529, 1593, 1592, 1487, 1236,
+ /*   170 */  1236, 1236, 1236, 1236, 1236, 1557, 1236, 1236, 1236, 1236,
+ /*   180 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   190 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1367,
+ /*   200 */  1557, 1557, 1236, 1269, 1557, 1557, 1368, 1368, 1265, 1265,
+ /*   210 */  1371, 1236, 1536, 1338, 1338, 1338, 1338, 1347, 1338, 1236,
+ /*   220 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   230 */  1236, 1236, 1236, 1236, 1526, 1524, 1236, 1236, 1236, 1236,
+ /*   240 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   250 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   260 */  1236, 1236, 1236, 1343, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   270 */  1236, 1236, 1236, 1236, 1236, 1586, 1236, 1499, 1325, 1343,
+ /*   280 */  1343, 1343, 1343, 1345, 1326, 1324, 1337, 1270, 1243, 1633,
+ /*   290 */  1403, 1392, 1344, 1392, 1630, 1390, 1403, 1403, 1390, 1403,
+ /*   300 */  1344, 1630, 1286, 1608, 1281, 1377, 1377, 1377, 1367, 1367,
+ /*   310 */  1367, 1367, 1371, 1371, 1467, 1344, 1337, 1236, 1633, 1633,
+ /*   320 */  1353, 1353, 1632, 1632, 1353, 1487, 1616, 1412, 1314, 1320,
+ /*   330 */  1320, 1320, 1320, 1353, 1254, 1390, 1616, 1616, 1390, 1412,
+ /*   340 */  1314, 1390, 1314, 1390, 1353, 1254, 1503, 1627, 1353, 1254,
+ /*   350 */  1477, 1353, 1254, 1353, 1254, 1477, 1312, 1312, 1312, 1301,
+ /*   360 */  1236, 1236, 1477, 1312, 1286, 1312, 1301, 1312, 1312, 1575,
+ /*   370 */  1236, 1481, 1481, 1477, 1353, 1567, 1567, 1380, 1380, 1385,
+ /*   380 */  1371, 1472, 1353, 1236, 1385, 1383, 1381, 1390, 1304, 1589,
+ /*   390 */  1589, 1585, 1585, 1585, 1638, 1638, 1536, 1601, 1269, 1269,
+ /*   400 */  1269, 1269, 1601, 1288, 1288, 1270, 1270, 1269, 1601, 1236,
+ /*   410 */  1236, 1236, 1236, 1236, 1236, 1596, 1236, 1531, 1488, 1357,
+ /*   420 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   430 */  1236, 1236, 1236, 1236, 1542, 1236, 1236, 1236, 1236, 1236,
+ /*   440 */  1236, 1236, 1236, 1236, 1236, 1417, 1236, 1239, 1533, 1236,
+ /*   450 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1394, 1395, 1358,
+ /*   460 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1409, 1236, 1236,
+ /*   470 */  1236, 1404, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   480 */  1629, 1236, 1236, 1236, 1236, 1236, 1236, 1502, 1501, 1236,
+ /*   490 */  1236, 1355, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   500 */  1236, 1236, 1236, 1236, 1236, 1284, 1236, 1236, 1236, 1236,
+ /*   510 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   520 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1382,
+ /*   530 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   540 */  1236, 1236, 1236, 1236, 1572, 1372, 1236, 1236, 1236, 1236,
+ /*   550 */  1620, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
+ /*   560 */  1236, 1236, 1236, 1236, 1236, 1612, 1328, 1418, 1236, 1421,
+ /*   570 */  1258, 1236, 1248, 1236, 1236,
 };
 /********** End of lemon-generated parsing tables *****************************/
 
@@ -165518,233 +169715,231 @@ static const char *const yyRuleName[] = {
  /* 175 */ "idlist ::= idlist COMMA nm",
  /* 176 */ "idlist ::= nm",
  /* 177 */ "expr ::= LP expr RP",
- /* 178 */ "expr ::= ID|INDEXED",
- /* 179 */ "expr ::= JOIN_KW",
- /* 180 */ "expr ::= nm DOT nm",
- /* 181 */ "expr ::= nm DOT nm DOT nm",
- /* 182 */ "term ::= NULL|FLOAT|BLOB",
- /* 183 */ "term ::= STRING",
- /* 184 */ "term ::= INTEGER",
- /* 185 */ "expr ::= VARIABLE",
- /* 186 */ "expr ::= expr COLLATE ID|STRING",
- /* 187 */ "expr ::= CAST LP expr AS typetoken RP",
- /* 188 */ "expr ::= ID|INDEXED LP distinct exprlist RP",
- /* 189 */ "expr ::= ID|INDEXED LP STAR RP",
- /* 190 */ "expr ::= ID|INDEXED LP distinct exprlist RP filter_over",
- /* 191 */ "expr ::= ID|INDEXED LP STAR RP filter_over",
- /* 192 */ "term ::= CTIME_KW",
- /* 193 */ "expr ::= LP nexprlist COMMA expr RP",
- /* 194 */ "expr ::= expr AND expr",
- /* 195 */ "expr ::= expr OR expr",
- /* 196 */ "expr ::= expr LT|GT|GE|LE expr",
- /* 197 */ "expr ::= expr EQ|NE expr",
- /* 198 */ "expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr",
- /* 199 */ "expr ::= expr PLUS|MINUS expr",
- /* 200 */ "expr ::= expr STAR|SLASH|REM expr",
- /* 201 */ "expr ::= expr CONCAT expr",
- /* 202 */ "likeop ::= NOT LIKE_KW|MATCH",
- /* 203 */ "expr ::= expr likeop expr",
- /* 204 */ "expr ::= expr likeop expr ESCAPE expr",
- /* 205 */ "expr ::= expr ISNULL|NOTNULL",
- /* 206 */ "expr ::= expr NOT NULL",
- /* 207 */ "expr ::= expr IS expr",
- /* 208 */ "expr ::= expr IS NOT expr",
- /* 209 */ "expr ::= expr IS NOT DISTINCT FROM expr",
- /* 210 */ "expr ::= expr IS DISTINCT FROM expr",
- /* 211 */ "expr ::= NOT expr",
- /* 212 */ "expr ::= BITNOT expr",
- /* 213 */ "expr ::= PLUS|MINUS expr",
- /* 214 */ "expr ::= expr PTR expr",
- /* 215 */ "between_op ::= BETWEEN",
- /* 216 */ "between_op ::= NOT BETWEEN",
- /* 217 */ "expr ::= expr between_op expr AND expr",
- /* 218 */ "in_op ::= IN",
- /* 219 */ "in_op ::= NOT IN",
- /* 220 */ "expr ::= expr in_op LP exprlist RP",
- /* 221 */ "expr ::= LP select RP",
- /* 222 */ "expr ::= expr in_op LP select RP",
- /* 223 */ "expr ::= expr in_op nm dbnm paren_exprlist",
- /* 224 */ "expr ::= EXISTS LP select RP",
- /* 225 */ "expr ::= CASE case_operand case_exprlist case_else END",
- /* 226 */ "case_exprlist ::= case_exprlist WHEN expr THEN expr",
- /* 227 */ "case_exprlist ::= WHEN expr THEN expr",
- /* 228 */ "case_else ::= ELSE expr",
- /* 229 */ "case_else ::=",
- /* 230 */ "case_operand ::= expr",
- /* 231 */ "case_operand ::=",
- /* 232 */ "exprlist ::=",
- /* 233 */ "nexprlist ::= nexprlist COMMA expr",
- /* 234 */ "nexprlist ::= expr",
- /* 235 */ "paren_exprlist ::=",
- /* 236 */ "paren_exprlist ::= LP exprlist RP",
- /* 237 */ "cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt",
- /* 238 */ "uniqueflag ::= UNIQUE",
- /* 239 */ "uniqueflag ::=",
- /* 240 */ "eidlist_opt ::=",
- /* 241 */ "eidlist_opt ::= LP eidlist RP",
- /* 242 */ "eidlist ::= eidlist COMMA nm collate sortorder",
- /* 243 */ "eidlist ::= nm collate sortorder",
- /* 244 */ "collate ::=",
- /* 245 */ "collate ::= COLLATE ID|STRING",
- /* 246 */ "cmd ::= DROP INDEX ifexists fullname",
- /* 247 */ "cmd ::= VACUUM vinto",
- /* 248 */ "cmd ::= VACUUM nm vinto",
- /* 249 */ "vinto ::= INTO expr",
- /* 250 */ "vinto ::=",
- /* 251 */ "cmd ::= PRAGMA nm dbnm",
- /* 252 */ "cmd ::= PRAGMA nm dbnm EQ nmnum",
- /* 253 */ "cmd ::= PRAGMA nm dbnm LP nmnum RP",
- /* 254 */ "cmd ::= PRAGMA nm dbnm EQ minus_num",
- /* 255 */ "cmd ::= PRAGMA nm dbnm LP minus_num RP",
- /* 256 */ "plus_num ::= PLUS INTEGER|FLOAT",
- /* 257 */ "minus_num ::= MINUS INTEGER|FLOAT",
- /* 258 */ "cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END",
- /* 259 */ "trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause",
- /* 260 */ "trigger_time ::= BEFORE|AFTER",
- /* 261 */ "trigger_time ::= INSTEAD OF",
- /* 262 */ "trigger_time ::=",
- /* 263 */ "trigger_event ::= DELETE|INSERT",
- /* 264 */ "trigger_event ::= UPDATE",
- /* 265 */ "trigger_event ::= UPDATE OF idlist",
- /* 266 */ "when_clause ::=",
- /* 267 */ "when_clause ::= WHEN expr",
- /* 268 */ "trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI",
- /* 269 */ "trigger_cmd_list ::= trigger_cmd SEMI",
- /* 270 */ "trnm ::= nm DOT nm",
- /* 271 */ "tridxby ::= INDEXED BY nm",
- /* 272 */ "tridxby ::= NOT INDEXED",
- /* 273 */ "trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt",
- /* 274 */ "trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt",
- /* 275 */ "trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt",
- /* 276 */ "trigger_cmd ::= scanpt select scanpt",
- /* 277 */ "expr ::= RAISE LP IGNORE RP",
- /* 278 */ "expr ::= RAISE LP raisetype COMMA nm RP",
- /* 279 */ "raisetype ::= ROLLBACK",
- /* 280 */ "raisetype ::= ABORT",
- /* 281 */ "raisetype ::= FAIL",
- /* 282 */ "cmd ::= DROP TRIGGER ifexists fullname",
- /* 283 */ "cmd ::= ATTACH database_kw_opt expr AS expr key_opt",
- /* 284 */ "cmd ::= DETACH database_kw_opt expr",
- /* 285 */ "key_opt ::=",
- /* 286 */ "key_opt ::= KEY expr",
- /* 287 */ "cmd ::= REINDEX",
- /* 288 */ "cmd ::= REINDEX nm dbnm",
- /* 289 */ "cmd ::= ANALYZE",
- /* 290 */ "cmd ::= ANALYZE nm dbnm",
- /* 291 */ "cmd ::= ALTER TABLE fullname RENAME TO nm",
- /* 292 */ "cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist",
- /* 293 */ "cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm",
- /* 294 */ "add_column_fullname ::= fullname",
- /* 295 */ "cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm",
- /* 296 */ "cmd ::= create_vtab",
- /* 297 */ "cmd ::= create_vtab LP vtabarglist RP",
- /* 298 */ "create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm",
- /* 299 */ "vtabarg ::=",
- /* 300 */ "vtabargtoken ::= ANY",
- /* 301 */ "vtabargtoken ::= lp anylist RP",
- /* 302 */ "lp ::= LP",
- /* 303 */ "with ::= WITH wqlist",
- /* 304 */ "with ::= WITH RECURSIVE wqlist",
- /* 305 */ "wqas ::= AS",
- /* 306 */ "wqas ::= AS MATERIALIZED",
- /* 307 */ "wqas ::= AS NOT MATERIALIZED",
- /* 308 */ "wqitem ::= nm eidlist_opt wqas LP select RP",
- /* 309 */ "wqlist ::= wqitem",
- /* 310 */ "wqlist ::= wqlist COMMA wqitem",
- /* 311 */ "windowdefn_list ::= windowdefn",
- /* 312 */ "windowdefn_list ::= windowdefn_list COMMA windowdefn",
- /* 313 */ "windowdefn ::= nm AS LP window RP",
- /* 314 */ "window ::= PARTITION BY nexprlist orderby_opt frame_opt",
- /* 315 */ "window ::= nm PARTITION BY nexprlist orderby_opt frame_opt",
- /* 316 */ "window ::= ORDER BY sortlist frame_opt",
- /* 317 */ "window ::= nm ORDER BY sortlist frame_opt",
- /* 318 */ "window ::= frame_opt",
- /* 319 */ "window ::= nm frame_opt",
- /* 320 */ "frame_opt ::=",
- /* 321 */ "frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt",
- /* 322 */ "frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt",
- /* 323 */ "range_or_rows ::= RANGE|ROWS|GROUPS",
- /* 324 */ "frame_bound_s ::= frame_bound",
- /* 325 */ "frame_bound_s ::= UNBOUNDED PRECEDING",
- /* 326 */ "frame_bound_e ::= frame_bound",
- /* 327 */ "frame_bound_e ::= UNBOUNDED FOLLOWING",
- /* 328 */ "frame_bound ::= expr PRECEDING|FOLLOWING",
- /* 329 */ "frame_bound ::= CURRENT ROW",
- /* 330 */ "frame_exclude_opt ::=",
- /* 331 */ "frame_exclude_opt ::= EXCLUDE frame_exclude",
- /* 332 */ "frame_exclude ::= NO OTHERS",
- /* 333 */ "frame_exclude ::= CURRENT ROW",
- /* 334 */ "frame_exclude ::= GROUP|TIES",
- /* 335 */ "window_clause ::= WINDOW windowdefn_list",
- /* 336 */ "filter_over ::= filter_clause over_clause",
- /* 337 */ "filter_over ::= over_clause",
- /* 338 */ "filter_over ::= filter_clause",
- /* 339 */ "over_clause ::= OVER LP window RP",
- /* 340 */ "over_clause ::= OVER nm",
- /* 341 */ "filter_clause ::= FILTER LP WHERE expr RP",
- /* 342 */ "input ::= cmdlist",
- /* 343 */ "cmdlist ::= cmdlist ecmd",
- /* 344 */ "cmdlist ::= ecmd",
- /* 345 */ "ecmd ::= SEMI",
- /* 346 */ "ecmd ::= cmdx SEMI",
- /* 347 */ "ecmd ::= explain cmdx SEMI",
- /* 348 */ "trans_opt ::=",
- /* 349 */ "trans_opt ::= TRANSACTION",
- /* 350 */ "trans_opt ::= TRANSACTION nm",
- /* 351 */ "savepoint_opt ::= SAVEPOINT",
- /* 352 */ "savepoint_opt ::=",
- /* 353 */ "cmd ::= create_table create_table_args",
- /* 354 */ "table_option_set ::= table_option",
- /* 355 */ "columnlist ::= columnlist COMMA columnname carglist",
- /* 356 */ "columnlist ::= columnname carglist",
- /* 357 */ "nm ::= ID|INDEXED",
- /* 358 */ "nm ::= STRING",
- /* 359 */ "nm ::= JOIN_KW",
- /* 360 */ "typetoken ::= typename",
- /* 361 */ "typename ::= ID|STRING",
- /* 362 */ "signed ::= plus_num",
- /* 363 */ "signed ::= minus_num",
- /* 364 */ "carglist ::= carglist ccons",
- /* 365 */ "carglist ::=",
- /* 366 */ "ccons ::= NULL onconf",
- /* 367 */ "ccons ::= GENERATED ALWAYS AS generated",
- /* 368 */ "ccons ::= AS generated",
- /* 369 */ "conslist_opt ::= COMMA conslist",
- /* 370 */ "conslist ::= conslist tconscomma tcons",
- /* 371 */ "conslist ::= tcons",
- /* 372 */ "tconscomma ::=",
- /* 373 */ "defer_subclause_opt ::= defer_subclause",
- /* 374 */ "resolvetype ::= raisetype",
- /* 375 */ "selectnowith ::= oneselect",
- /* 376 */ "oneselect ::= values",
- /* 377 */ "sclp ::= selcollist COMMA",
- /* 378 */ "as ::= ID|STRING",
- /* 379 */ "indexed_opt ::= indexed_by",
- /* 380 */ "returning ::=",
- /* 381 */ "expr ::= term",
- /* 382 */ "likeop ::= LIKE_KW|MATCH",
- /* 383 */ "exprlist ::= nexprlist",
- /* 384 */ "nmnum ::= plus_num",
- /* 385 */ "nmnum ::= nm",
- /* 386 */ "nmnum ::= ON",
- /* 387 */ "nmnum ::= DELETE",
- /* 388 */ "nmnum ::= DEFAULT",
- /* 389 */ "plus_num ::= INTEGER|FLOAT",
- /* 390 */ "foreach_clause ::=",
- /* 391 */ "foreach_clause ::= FOR EACH ROW",
- /* 392 */ "trnm ::= nm",
- /* 393 */ "tridxby ::=",
- /* 394 */ "database_kw_opt ::= DATABASE",
- /* 395 */ "database_kw_opt ::=",
- /* 396 */ "kwcolumn_opt ::=",
- /* 397 */ "kwcolumn_opt ::= COLUMNKW",
- /* 398 */ "vtabarglist ::= vtabarg",
- /* 399 */ "vtabarglist ::= vtabarglist COMMA vtabarg",
- /* 400 */ "vtabarg ::= vtabarg vtabargtoken",
- /* 401 */ "anylist ::=",
- /* 402 */ "anylist ::= anylist LP anylist RP",
- /* 403 */ "anylist ::= anylist ANY",
- /* 404 */ "with ::=",
+ /* 178 */ "expr ::= ID|INDEXED|JOIN_KW",
+ /* 179 */ "expr ::= nm DOT nm",
+ /* 180 */ "expr ::= nm DOT nm DOT nm",
+ /* 181 */ "term ::= NULL|FLOAT|BLOB",
+ /* 182 */ "term ::= STRING",
+ /* 183 */ "term ::= INTEGER",
+ /* 184 */ "expr ::= VARIABLE",
+ /* 185 */ "expr ::= expr COLLATE ID|STRING",
+ /* 186 */ "expr ::= CAST LP expr AS typetoken RP",
+ /* 187 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP",
+ /* 188 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP",
+ /* 189 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over",
+ /* 190 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over",
+ /* 191 */ "term ::= CTIME_KW",
+ /* 192 */ "expr ::= LP nexprlist COMMA expr RP",
+ /* 193 */ "expr ::= expr AND expr",
+ /* 194 */ "expr ::= expr OR expr",
+ /* 195 */ "expr ::= expr LT|GT|GE|LE expr",
+ /* 196 */ "expr ::= expr EQ|NE expr",
+ /* 197 */ "expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr",
+ /* 198 */ "expr ::= expr PLUS|MINUS expr",
+ /* 199 */ "expr ::= expr STAR|SLASH|REM expr",
+ /* 200 */ "expr ::= expr CONCAT expr",
+ /* 201 */ "likeop ::= NOT LIKE_KW|MATCH",
+ /* 202 */ "expr ::= expr likeop expr",
+ /* 203 */ "expr ::= expr likeop expr ESCAPE expr",
+ /* 204 */ "expr ::= expr ISNULL|NOTNULL",
+ /* 205 */ "expr ::= expr NOT NULL",
+ /* 206 */ "expr ::= expr IS expr",
+ /* 207 */ "expr ::= expr IS NOT expr",
+ /* 208 */ "expr ::= expr IS NOT DISTINCT FROM expr",
+ /* 209 */ "expr ::= expr IS DISTINCT FROM expr",
+ /* 210 */ "expr ::= NOT expr",
+ /* 211 */ "expr ::= BITNOT expr",
+ /* 212 */ "expr ::= PLUS|MINUS expr",
+ /* 213 */ "expr ::= expr PTR expr",
+ /* 214 */ "between_op ::= BETWEEN",
+ /* 215 */ "between_op ::= NOT BETWEEN",
+ /* 216 */ "expr ::= expr between_op expr AND expr",
+ /* 217 */ "in_op ::= IN",
+ /* 218 */ "in_op ::= NOT IN",
+ /* 219 */ "expr ::= expr in_op LP exprlist RP",
+ /* 220 */ "expr ::= LP select RP",
+ /* 221 */ "expr ::= expr in_op LP select RP",
+ /* 222 */ "expr ::= expr in_op nm dbnm paren_exprlist",
+ /* 223 */ "expr ::= EXISTS LP select RP",
+ /* 224 */ "expr ::= CASE case_operand case_exprlist case_else END",
+ /* 225 */ "case_exprlist ::= case_exprlist WHEN expr THEN expr",
+ /* 226 */ "case_exprlist ::= WHEN expr THEN expr",
+ /* 227 */ "case_else ::= ELSE expr",
+ /* 228 */ "case_else ::=",
+ /* 229 */ "case_operand ::=",
+ /* 230 */ "exprlist ::=",
+ /* 231 */ "nexprlist ::= nexprlist COMMA expr",
+ /* 232 */ "nexprlist ::= expr",
+ /* 233 */ "paren_exprlist ::=",
+ /* 234 */ "paren_exprlist ::= LP exprlist RP",
+ /* 235 */ "cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt",
+ /* 236 */ "uniqueflag ::= UNIQUE",
+ /* 237 */ "uniqueflag ::=",
+ /* 238 */ "eidlist_opt ::=",
+ /* 239 */ "eidlist_opt ::= LP eidlist RP",
+ /* 240 */ "eidlist ::= eidlist COMMA nm collate sortorder",
+ /* 241 */ "eidlist ::= nm collate sortorder",
+ /* 242 */ "collate ::=",
+ /* 243 */ "collate ::= COLLATE ID|STRING",
+ /* 244 */ "cmd ::= DROP INDEX ifexists fullname",
+ /* 245 */ "cmd ::= VACUUM vinto",
+ /* 246 */ "cmd ::= VACUUM nm vinto",
+ /* 247 */ "vinto ::= INTO expr",
+ /* 248 */ "vinto ::=",
+ /* 249 */ "cmd ::= PRAGMA nm dbnm",
+ /* 250 */ "cmd ::= PRAGMA nm dbnm EQ nmnum",
+ /* 251 */ "cmd ::= PRAGMA nm dbnm LP nmnum RP",
+ /* 252 */ "cmd ::= PRAGMA nm dbnm EQ minus_num",
+ /* 253 */ "cmd ::= PRAGMA nm dbnm LP minus_num RP",
+ /* 254 */ "plus_num ::= PLUS INTEGER|FLOAT",
+ /* 255 */ "minus_num ::= MINUS INTEGER|FLOAT",
+ /* 256 */ "cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END",
+ /* 257 */ "trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause",
+ /* 258 */ "trigger_time ::= BEFORE|AFTER",
+ /* 259 */ "trigger_time ::= INSTEAD OF",
+ /* 260 */ "trigger_time ::=",
+ /* 261 */ "trigger_event ::= DELETE|INSERT",
+ /* 262 */ "trigger_event ::= UPDATE",
+ /* 263 */ "trigger_event ::= UPDATE OF idlist",
+ /* 264 */ "when_clause ::=",
+ /* 265 */ "when_clause ::= WHEN expr",
+ /* 266 */ "trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI",
+ /* 267 */ "trigger_cmd_list ::= trigger_cmd SEMI",
+ /* 268 */ "trnm ::= nm DOT nm",
+ /* 269 */ "tridxby ::= INDEXED BY nm",
+ /* 270 */ "tridxby ::= NOT INDEXED",
+ /* 271 */ "trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt",
+ /* 272 */ "trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt",
+ /* 273 */ "trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt",
+ /* 274 */ "trigger_cmd ::= scanpt select scanpt",
+ /* 275 */ "expr ::= RAISE LP IGNORE RP",
+ /* 276 */ "expr ::= RAISE LP raisetype COMMA nm RP",
+ /* 277 */ "raisetype ::= ROLLBACK",
+ /* 278 */ "raisetype ::= ABORT",
+ /* 279 */ "raisetype ::= FAIL",
+ /* 280 */ "cmd ::= DROP TRIGGER ifexists fullname",
+ /* 281 */ "cmd ::= ATTACH database_kw_opt expr AS expr key_opt",
+ /* 282 */ "cmd ::= DETACH database_kw_opt expr",
+ /* 283 */ "key_opt ::=",
+ /* 284 */ "key_opt ::= KEY expr",
+ /* 285 */ "cmd ::= REINDEX",
+ /* 286 */ "cmd ::= REINDEX nm dbnm",
+ /* 287 */ "cmd ::= ANALYZE",
+ /* 288 */ "cmd ::= ANALYZE nm dbnm",
+ /* 289 */ "cmd ::= ALTER TABLE fullname RENAME TO nm",
+ /* 290 */ "cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist",
+ /* 291 */ "cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm",
+ /* 292 */ "add_column_fullname ::= fullname",
+ /* 293 */ "cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm",
+ /* 294 */ "cmd ::= create_vtab",
+ /* 295 */ "cmd ::= create_vtab LP vtabarglist RP",
+ /* 296 */ "create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm",
+ /* 297 */ "vtabarg ::=",
+ /* 298 */ "vtabargtoken ::= ANY",
+ /* 299 */ "vtabargtoken ::= lp anylist RP",
+ /* 300 */ "lp ::= LP",
+ /* 301 */ "with ::= WITH wqlist",
+ /* 302 */ "with ::= WITH RECURSIVE wqlist",
+ /* 303 */ "wqas ::= AS",
+ /* 304 */ "wqas ::= AS MATERIALIZED",
+ /* 305 */ "wqas ::= AS NOT MATERIALIZED",
+ /* 306 */ "wqitem ::= nm eidlist_opt wqas LP select RP",
+ /* 307 */ "wqlist ::= wqitem",
+ /* 308 */ "wqlist ::= wqlist COMMA wqitem",
+ /* 309 */ "windowdefn_list ::= windowdefn",
+ /* 310 */ "windowdefn_list ::= windowdefn_list COMMA windowdefn",
+ /* 311 */ "windowdefn ::= nm AS LP window RP",
+ /* 312 */ "window ::= PARTITION BY nexprlist orderby_opt frame_opt",
+ /* 313 */ "window ::= nm PARTITION BY nexprlist orderby_opt frame_opt",
+ /* 314 */ "window ::= ORDER BY sortlist frame_opt",
+ /* 315 */ "window ::= nm ORDER BY sortlist frame_opt",
+ /* 316 */ "window ::= frame_opt",
+ /* 317 */ "window ::= nm frame_opt",
+ /* 318 */ "frame_opt ::=",
+ /* 319 */ "frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt",
+ /* 320 */ "frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt",
+ /* 321 */ "range_or_rows ::= RANGE|ROWS|GROUPS",
+ /* 322 */ "frame_bound_s ::= frame_bound",
+ /* 323 */ "frame_bound_s ::= UNBOUNDED PRECEDING",
+ /* 324 */ "frame_bound_e ::= frame_bound",
+ /* 325 */ "frame_bound_e ::= UNBOUNDED FOLLOWING",
+ /* 326 */ "frame_bound ::= expr PRECEDING|FOLLOWING",
+ /* 327 */ "frame_bound ::= CURRENT ROW",
+ /* 328 */ "frame_exclude_opt ::=",
+ /* 329 */ "frame_exclude_opt ::= EXCLUDE frame_exclude",
+ /* 330 */ "frame_exclude ::= NO OTHERS",
+ /* 331 */ "frame_exclude ::= CURRENT ROW",
+ /* 332 */ "frame_exclude ::= GROUP|TIES",
+ /* 333 */ "window_clause ::= WINDOW windowdefn_list",
+ /* 334 */ "filter_over ::= filter_clause over_clause",
+ /* 335 */ "filter_over ::= over_clause",
+ /* 336 */ "filter_over ::= filter_clause",
+ /* 337 */ "over_clause ::= OVER LP window RP",
+ /* 338 */ "over_clause ::= OVER nm",
+ /* 339 */ "filter_clause ::= FILTER LP WHERE expr RP",
+ /* 340 */ "input ::= cmdlist",
+ /* 341 */ "cmdlist ::= cmdlist ecmd",
+ /* 342 */ "cmdlist ::= ecmd",
+ /* 343 */ "ecmd ::= SEMI",
+ /* 344 */ "ecmd ::= cmdx SEMI",
+ /* 345 */ "ecmd ::= explain cmdx SEMI",
+ /* 346 */ "trans_opt ::=",
+ /* 347 */ "trans_opt ::= TRANSACTION",
+ /* 348 */ "trans_opt ::= TRANSACTION nm",
+ /* 349 */ "savepoint_opt ::= SAVEPOINT",
+ /* 350 */ "savepoint_opt ::=",
+ /* 351 */ "cmd ::= create_table create_table_args",
+ /* 352 */ "table_option_set ::= table_option",
+ /* 353 */ "columnlist ::= columnlist COMMA columnname carglist",
+ /* 354 */ "columnlist ::= columnname carglist",
+ /* 355 */ "nm ::= ID|INDEXED|JOIN_KW",
+ /* 356 */ "nm ::= STRING",
+ /* 357 */ "typetoken ::= typename",
+ /* 358 */ "typename ::= ID|STRING",
+ /* 359 */ "signed ::= plus_num",
+ /* 360 */ "signed ::= minus_num",
+ /* 361 */ "carglist ::= carglist ccons",
+ /* 362 */ "carglist ::=",
+ /* 363 */ "ccons ::= NULL onconf",
+ /* 364 */ "ccons ::= GENERATED ALWAYS AS generated",
+ /* 365 */ "ccons ::= AS generated",
+ /* 366 */ "conslist_opt ::= COMMA conslist",
+ /* 367 */ "conslist ::= conslist tconscomma tcons",
+ /* 368 */ "conslist ::= tcons",
+ /* 369 */ "tconscomma ::=",
+ /* 370 */ "defer_subclause_opt ::= defer_subclause",
+ /* 371 */ "resolvetype ::= raisetype",
+ /* 372 */ "selectnowith ::= oneselect",
+ /* 373 */ "oneselect ::= values",
+ /* 374 */ "sclp ::= selcollist COMMA",
+ /* 375 */ "as ::= ID|STRING",
+ /* 376 */ "indexed_opt ::= indexed_by",
+ /* 377 */ "returning ::=",
+ /* 378 */ "expr ::= term",
+ /* 379 */ "likeop ::= LIKE_KW|MATCH",
+ /* 380 */ "case_operand ::= expr",
+ /* 381 */ "exprlist ::= nexprlist",
+ /* 382 */ "nmnum ::= plus_num",
+ /* 383 */ "nmnum ::= nm",
+ /* 384 */ "nmnum ::= ON",
+ /* 385 */ "nmnum ::= DELETE",
+ /* 386 */ "nmnum ::= DEFAULT",
+ /* 387 */ "plus_num ::= INTEGER|FLOAT",
+ /* 388 */ "foreach_clause ::=",
+ /* 389 */ "foreach_clause ::= FOR EACH ROW",
+ /* 390 */ "trnm ::= nm",
+ /* 391 */ "tridxby ::=",
+ /* 392 */ "database_kw_opt ::= DATABASE",
+ /* 393 */ "database_kw_opt ::=",
+ /* 394 */ "kwcolumn_opt ::=",
+ /* 395 */ "kwcolumn_opt ::= COLUMNKW",
+ /* 396 */ "vtabarglist ::= vtabarg",
+ /* 397 */ "vtabarglist ::= vtabarglist COMMA vtabarg",
+ /* 398 */ "vtabarg ::= vtabarg vtabargtoken",
+ /* 399 */ "anylist ::=",
+ /* 400 */ "anylist ::= anylist LP anylist RP",
+ /* 401 */ "anylist ::= anylist ANY",
+ /* 402 */ "with ::=",
 };
 #endif /* NDEBUG */
 
@@ -166429,233 +170624,231 @@ static const YYCODETYPE yyRuleInfoLhs[] = {
    263,  /* (175) idlist ::= idlist COMMA nm */
    263,  /* (176) idlist ::= nm */
    217,  /* (177) expr ::= LP expr RP */
-   217,  /* (178) expr ::= ID|INDEXED */
-   217,  /* (179) expr ::= JOIN_KW */
-   217,  /* (180) expr ::= nm DOT nm */
-   217,  /* (181) expr ::= nm DOT nm DOT nm */
-   216,  /* (182) term ::= NULL|FLOAT|BLOB */
-   216,  /* (183) term ::= STRING */
-   216,  /* (184) term ::= INTEGER */
-   217,  /* (185) expr ::= VARIABLE */
-   217,  /* (186) expr ::= expr COLLATE ID|STRING */
-   217,  /* (187) expr ::= CAST LP expr AS typetoken RP */
-   217,  /* (188) expr ::= ID|INDEXED LP distinct exprlist RP */
-   217,  /* (189) expr ::= ID|INDEXED LP STAR RP */
-   217,  /* (190) expr ::= ID|INDEXED LP distinct exprlist RP filter_over */
-   217,  /* (191) expr ::= ID|INDEXED LP STAR RP filter_over */
-   216,  /* (192) term ::= CTIME_KW */
-   217,  /* (193) expr ::= LP nexprlist COMMA expr RP */
-   217,  /* (194) expr ::= expr AND expr */
-   217,  /* (195) expr ::= expr OR expr */
-   217,  /* (196) expr ::= expr LT|GT|GE|LE expr */
-   217,  /* (197) expr ::= expr EQ|NE expr */
-   217,  /* (198) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
-   217,  /* (199) expr ::= expr PLUS|MINUS expr */
-   217,  /* (200) expr ::= expr STAR|SLASH|REM expr */
-   217,  /* (201) expr ::= expr CONCAT expr */
-   274,  /* (202) likeop ::= NOT LIKE_KW|MATCH */
-   217,  /* (203) expr ::= expr likeop expr */
-   217,  /* (204) expr ::= expr likeop expr ESCAPE expr */
-   217,  /* (205) expr ::= expr ISNULL|NOTNULL */
-   217,  /* (206) expr ::= expr NOT NULL */
-   217,  /* (207) expr ::= expr IS expr */
-   217,  /* (208) expr ::= expr IS NOT expr */
-   217,  /* (209) expr ::= expr IS NOT DISTINCT FROM expr */
-   217,  /* (210) expr ::= expr IS DISTINCT FROM expr */
-   217,  /* (211) expr ::= NOT expr */
-   217,  /* (212) expr ::= BITNOT expr */
-   217,  /* (213) expr ::= PLUS|MINUS expr */
-   217,  /* (214) expr ::= expr PTR expr */
-   275,  /* (215) between_op ::= BETWEEN */
-   275,  /* (216) between_op ::= NOT BETWEEN */
-   217,  /* (217) expr ::= expr between_op expr AND expr */
-   276,  /* (218) in_op ::= IN */
-   276,  /* (219) in_op ::= NOT IN */
-   217,  /* (220) expr ::= expr in_op LP exprlist RP */
-   217,  /* (221) expr ::= LP select RP */
-   217,  /* (222) expr ::= expr in_op LP select RP */
-   217,  /* (223) expr ::= expr in_op nm dbnm paren_exprlist */
-   217,  /* (224) expr ::= EXISTS LP select RP */
-   217,  /* (225) expr ::= CASE case_operand case_exprlist case_else END */
-   279,  /* (226) case_exprlist ::= case_exprlist WHEN expr THEN expr */
-   279,  /* (227) case_exprlist ::= WHEN expr THEN expr */
-   280,  /* (228) case_else ::= ELSE expr */
-   280,  /* (229) case_else ::= */
-   278,  /* (230) case_operand ::= expr */
-   278,  /* (231) case_operand ::= */
-   261,  /* (232) exprlist ::= */
-   253,  /* (233) nexprlist ::= nexprlist COMMA expr */
-   253,  /* (234) nexprlist ::= expr */
-   277,  /* (235) paren_exprlist ::= */
-   277,  /* (236) paren_exprlist ::= LP exprlist RP */
-   190,  /* (237) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
-   281,  /* (238) uniqueflag ::= UNIQUE */
-   281,  /* (239) uniqueflag ::= */
-   221,  /* (240) eidlist_opt ::= */
-   221,  /* (241) eidlist_opt ::= LP eidlist RP */
-   232,  /* (242) eidlist ::= eidlist COMMA nm collate sortorder */
-   232,  /* (243) eidlist ::= nm collate sortorder */
-   282,  /* (244) collate ::= */
-   282,  /* (245) collate ::= COLLATE ID|STRING */
-   190,  /* (246) cmd ::= DROP INDEX ifexists fullname */
-   190,  /* (247) cmd ::= VACUUM vinto */
-   190,  /* (248) cmd ::= VACUUM nm vinto */
-   283,  /* (249) vinto ::= INTO expr */
-   283,  /* (250) vinto ::= */
-   190,  /* (251) cmd ::= PRAGMA nm dbnm */
-   190,  /* (252) cmd ::= PRAGMA nm dbnm EQ nmnum */
-   190,  /* (253) cmd ::= PRAGMA nm dbnm LP nmnum RP */
-   190,  /* (254) cmd ::= PRAGMA nm dbnm EQ minus_num */
-   190,  /* (255) cmd ::= PRAGMA nm dbnm LP minus_num RP */
-   211,  /* (256) plus_num ::= PLUS INTEGER|FLOAT */
-   212,  /* (257) minus_num ::= MINUS INTEGER|FLOAT */
-   190,  /* (258) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
-   285,  /* (259) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
-   287,  /* (260) trigger_time ::= BEFORE|AFTER */
-   287,  /* (261) trigger_time ::= INSTEAD OF */
-   287,  /* (262) trigger_time ::= */
-   288,  /* (263) trigger_event ::= DELETE|INSERT */
-   288,  /* (264) trigger_event ::= UPDATE */
-   288,  /* (265) trigger_event ::= UPDATE OF idlist */
-   290,  /* (266) when_clause ::= */
-   290,  /* (267) when_clause ::= WHEN expr */
-   286,  /* (268) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
-   286,  /* (269) trigger_cmd_list ::= trigger_cmd SEMI */
-   292,  /* (270) trnm ::= nm DOT nm */
-   293,  /* (271) tridxby ::= INDEXED BY nm */
-   293,  /* (272) tridxby ::= NOT INDEXED */
-   291,  /* (273) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-   291,  /* (274) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
-   291,  /* (275) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-   291,  /* (276) trigger_cmd ::= scanpt select scanpt */
-   217,  /* (277) expr ::= RAISE LP IGNORE RP */
-   217,  /* (278) expr ::= RAISE LP raisetype COMMA nm RP */
-   236,  /* (279) raisetype ::= ROLLBACK */
-   236,  /* (280) raisetype ::= ABORT */
-   236,  /* (281) raisetype ::= FAIL */
-   190,  /* (282) cmd ::= DROP TRIGGER ifexists fullname */
-   190,  /* (283) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
-   190,  /* (284) cmd ::= DETACH database_kw_opt expr */
-   295,  /* (285) key_opt ::= */
-   295,  /* (286) key_opt ::= KEY expr */
-   190,  /* (287) cmd ::= REINDEX */
-   190,  /* (288) cmd ::= REINDEX nm dbnm */
-   190,  /* (289) cmd ::= ANALYZE */
-   190,  /* (290) cmd ::= ANALYZE nm dbnm */
-   190,  /* (291) cmd ::= ALTER TABLE fullname RENAME TO nm */
-   190,  /* (292) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
-   190,  /* (293) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
-   296,  /* (294) add_column_fullname ::= fullname */
-   190,  /* (295) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
-   190,  /* (296) cmd ::= create_vtab */
-   190,  /* (297) cmd ::= create_vtab LP vtabarglist RP */
-   298,  /* (298) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
-   300,  /* (299) vtabarg ::= */
-   301,  /* (300) vtabargtoken ::= ANY */
-   301,  /* (301) vtabargtoken ::= lp anylist RP */
-   302,  /* (302) lp ::= LP */
-   266,  /* (303) with ::= WITH wqlist */
-   266,  /* (304) with ::= WITH RECURSIVE wqlist */
-   305,  /* (305) wqas ::= AS */
-   305,  /* (306) wqas ::= AS MATERIALIZED */
-   305,  /* (307) wqas ::= AS NOT MATERIALIZED */
-   304,  /* (308) wqitem ::= nm eidlist_opt wqas LP select RP */
-   241,  /* (309) wqlist ::= wqitem */
-   241,  /* (310) wqlist ::= wqlist COMMA wqitem */
-   306,  /* (311) windowdefn_list ::= windowdefn */
-   306,  /* (312) windowdefn_list ::= windowdefn_list COMMA windowdefn */
-   307,  /* (313) windowdefn ::= nm AS LP window RP */
-   308,  /* (314) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
-   308,  /* (315) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
-   308,  /* (316) window ::= ORDER BY sortlist frame_opt */
-   308,  /* (317) window ::= nm ORDER BY sortlist frame_opt */
-   308,  /* (318) window ::= frame_opt */
-   308,  /* (319) window ::= nm frame_opt */
-   309,  /* (320) frame_opt ::= */
-   309,  /* (321) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
-   309,  /* (322) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
-   313,  /* (323) range_or_rows ::= RANGE|ROWS|GROUPS */
-   315,  /* (324) frame_bound_s ::= frame_bound */
-   315,  /* (325) frame_bound_s ::= UNBOUNDED PRECEDING */
-   316,  /* (326) frame_bound_e ::= frame_bound */
-   316,  /* (327) frame_bound_e ::= UNBOUNDED FOLLOWING */
-   314,  /* (328) frame_bound ::= expr PRECEDING|FOLLOWING */
-   314,  /* (329) frame_bound ::= CURRENT ROW */
-   317,  /* (330) frame_exclude_opt ::= */
-   317,  /* (331) frame_exclude_opt ::= EXCLUDE frame_exclude */
-   318,  /* (332) frame_exclude ::= NO OTHERS */
-   318,  /* (333) frame_exclude ::= CURRENT ROW */
-   318,  /* (334) frame_exclude ::= GROUP|TIES */
-   251,  /* (335) window_clause ::= WINDOW windowdefn_list */
-   273,  /* (336) filter_over ::= filter_clause over_clause */
-   273,  /* (337) filter_over ::= over_clause */
-   273,  /* (338) filter_over ::= filter_clause */
-   312,  /* (339) over_clause ::= OVER LP window RP */
-   312,  /* (340) over_clause ::= OVER nm */
-   311,  /* (341) filter_clause ::= FILTER LP WHERE expr RP */
-   185,  /* (342) input ::= cmdlist */
-   186,  /* (343) cmdlist ::= cmdlist ecmd */
-   186,  /* (344) cmdlist ::= ecmd */
-   187,  /* (345) ecmd ::= SEMI */
-   187,  /* (346) ecmd ::= cmdx SEMI */
-   187,  /* (347) ecmd ::= explain cmdx SEMI */
-   192,  /* (348) trans_opt ::= */
-   192,  /* (349) trans_opt ::= TRANSACTION */
-   192,  /* (350) trans_opt ::= TRANSACTION nm */
-   194,  /* (351) savepoint_opt ::= SAVEPOINT */
-   194,  /* (352) savepoint_opt ::= */
-   190,  /* (353) cmd ::= create_table create_table_args */
-   203,  /* (354) table_option_set ::= table_option */
-   201,  /* (355) columnlist ::= columnlist COMMA columnname carglist */
-   201,  /* (356) columnlist ::= columnname carglist */
-   193,  /* (357) nm ::= ID|INDEXED */
-   193,  /* (358) nm ::= STRING */
-   193,  /* (359) nm ::= JOIN_KW */
-   208,  /* (360) typetoken ::= typename */
-   209,  /* (361) typename ::= ID|STRING */
-   210,  /* (362) signed ::= plus_num */
-   210,  /* (363) signed ::= minus_num */
-   207,  /* (364) carglist ::= carglist ccons */
-   207,  /* (365) carglist ::= */
-   215,  /* (366) ccons ::= NULL onconf */
-   215,  /* (367) ccons ::= GENERATED ALWAYS AS generated */
-   215,  /* (368) ccons ::= AS generated */
-   202,  /* (369) conslist_opt ::= COMMA conslist */
-   228,  /* (370) conslist ::= conslist tconscomma tcons */
-   228,  /* (371) conslist ::= tcons */
-   229,  /* (372) tconscomma ::= */
-   233,  /* (373) defer_subclause_opt ::= defer_subclause */
-   235,  /* (374) resolvetype ::= raisetype */
-   239,  /* (375) selectnowith ::= oneselect */
-   240,  /* (376) oneselect ::= values */
-   254,  /* (377) sclp ::= selcollist COMMA */
-   255,  /* (378) as ::= ID|STRING */
-   264,  /* (379) indexed_opt ::= indexed_by */
-   272,  /* (380) returning ::= */
-   217,  /* (381) expr ::= term */
-   274,  /* (382) likeop ::= LIKE_KW|MATCH */
-   261,  /* (383) exprlist ::= nexprlist */
-   284,  /* (384) nmnum ::= plus_num */
-   284,  /* (385) nmnum ::= nm */
-   284,  /* (386) nmnum ::= ON */
-   284,  /* (387) nmnum ::= DELETE */
-   284,  /* (388) nmnum ::= DEFAULT */
-   211,  /* (389) plus_num ::= INTEGER|FLOAT */
-   289,  /* (390) foreach_clause ::= */
-   289,  /* (391) foreach_clause ::= FOR EACH ROW */
-   292,  /* (392) trnm ::= nm */
-   293,  /* (393) tridxby ::= */
-   294,  /* (394) database_kw_opt ::= DATABASE */
-   294,  /* (395) database_kw_opt ::= */
-   297,  /* (396) kwcolumn_opt ::= */
-   297,  /* (397) kwcolumn_opt ::= COLUMNKW */
-   299,  /* (398) vtabarglist ::= vtabarg */
-   299,  /* (399) vtabarglist ::= vtabarglist COMMA vtabarg */
-   300,  /* (400) vtabarg ::= vtabarg vtabargtoken */
-   303,  /* (401) anylist ::= */
-   303,  /* (402) anylist ::= anylist LP anylist RP */
-   303,  /* (403) anylist ::= anylist ANY */
-   266,  /* (404) with ::= */
+   217,  /* (178) expr ::= ID|INDEXED|JOIN_KW */
+   217,  /* (179) expr ::= nm DOT nm */
+   217,  /* (180) expr ::= nm DOT nm DOT nm */
+   216,  /* (181) term ::= NULL|FLOAT|BLOB */
+   216,  /* (182) term ::= STRING */
+   216,  /* (183) term ::= INTEGER */
+   217,  /* (184) expr ::= VARIABLE */
+   217,  /* (185) expr ::= expr COLLATE ID|STRING */
+   217,  /* (186) expr ::= CAST LP expr AS typetoken RP */
+   217,  /* (187) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
+   217,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+   217,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+   217,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+   216,  /* (191) term ::= CTIME_KW */
+   217,  /* (192) expr ::= LP nexprlist COMMA expr RP */
+   217,  /* (193) expr ::= expr AND expr */
+   217,  /* (194) expr ::= expr OR expr */
+   217,  /* (195) expr ::= expr LT|GT|GE|LE expr */
+   217,  /* (196) expr ::= expr EQ|NE expr */
+   217,  /* (197) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
+   217,  /* (198) expr ::= expr PLUS|MINUS expr */
+   217,  /* (199) expr ::= expr STAR|SLASH|REM expr */
+   217,  /* (200) expr ::= expr CONCAT expr */
+   274,  /* (201) likeop ::= NOT LIKE_KW|MATCH */
+   217,  /* (202) expr ::= expr likeop expr */
+   217,  /* (203) expr ::= expr likeop expr ESCAPE expr */
+   217,  /* (204) expr ::= expr ISNULL|NOTNULL */
+   217,  /* (205) expr ::= expr NOT NULL */
+   217,  /* (206) expr ::= expr IS expr */
+   217,  /* (207) expr ::= expr IS NOT expr */
+   217,  /* (208) expr ::= expr IS NOT DISTINCT FROM expr */
+   217,  /* (209) expr ::= expr IS DISTINCT FROM expr */
+   217,  /* (210) expr ::= NOT expr */
+   217,  /* (211) expr ::= BITNOT expr */
+   217,  /* (212) expr ::= PLUS|MINUS expr */
+   217,  /* (213) expr ::= expr PTR expr */
+   275,  /* (214) between_op ::= BETWEEN */
+   275,  /* (215) between_op ::= NOT BETWEEN */
+   217,  /* (216) expr ::= expr between_op expr AND expr */
+   276,  /* (217) in_op ::= IN */
+   276,  /* (218) in_op ::= NOT IN */
+   217,  /* (219) expr ::= expr in_op LP exprlist RP */
+   217,  /* (220) expr ::= LP select RP */
+   217,  /* (221) expr ::= expr in_op LP select RP */
+   217,  /* (222) expr ::= expr in_op nm dbnm paren_exprlist */
+   217,  /* (223) expr ::= EXISTS LP select RP */
+   217,  /* (224) expr ::= CASE case_operand case_exprlist case_else END */
+   279,  /* (225) case_exprlist ::= case_exprlist WHEN expr THEN expr */
+   279,  /* (226) case_exprlist ::= WHEN expr THEN expr */
+   280,  /* (227) case_else ::= ELSE expr */
+   280,  /* (228) case_else ::= */
+   278,  /* (229) case_operand ::= */
+   261,  /* (230) exprlist ::= */
+   253,  /* (231) nexprlist ::= nexprlist COMMA expr */
+   253,  /* (232) nexprlist ::= expr */
+   277,  /* (233) paren_exprlist ::= */
+   277,  /* (234) paren_exprlist ::= LP exprlist RP */
+   190,  /* (235) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+   281,  /* (236) uniqueflag ::= UNIQUE */
+   281,  /* (237) uniqueflag ::= */
+   221,  /* (238) eidlist_opt ::= */
+   221,  /* (239) eidlist_opt ::= LP eidlist RP */
+   232,  /* (240) eidlist ::= eidlist COMMA nm collate sortorder */
+   232,  /* (241) eidlist ::= nm collate sortorder */
+   282,  /* (242) collate ::= */
+   282,  /* (243) collate ::= COLLATE ID|STRING */
+   190,  /* (244) cmd ::= DROP INDEX ifexists fullname */
+   190,  /* (245) cmd ::= VACUUM vinto */
+   190,  /* (246) cmd ::= VACUUM nm vinto */
+   283,  /* (247) vinto ::= INTO expr */
+   283,  /* (248) vinto ::= */
+   190,  /* (249) cmd ::= PRAGMA nm dbnm */
+   190,  /* (250) cmd ::= PRAGMA nm dbnm EQ nmnum */
+   190,  /* (251) cmd ::= PRAGMA nm dbnm LP nmnum RP */
+   190,  /* (252) cmd ::= PRAGMA nm dbnm EQ minus_num */
+   190,  /* (253) cmd ::= PRAGMA nm dbnm LP minus_num RP */
+   211,  /* (254) plus_num ::= PLUS INTEGER|FLOAT */
+   212,  /* (255) minus_num ::= MINUS INTEGER|FLOAT */
+   190,  /* (256) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+   285,  /* (257) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+   287,  /* (258) trigger_time ::= BEFORE|AFTER */
+   287,  /* (259) trigger_time ::= INSTEAD OF */
+   287,  /* (260) trigger_time ::= */
+   288,  /* (261) trigger_event ::= DELETE|INSERT */
+   288,  /* (262) trigger_event ::= UPDATE */
+   288,  /* (263) trigger_event ::= UPDATE OF idlist */
+   290,  /* (264) when_clause ::= */
+   290,  /* (265) when_clause ::= WHEN expr */
+   286,  /* (266) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+   286,  /* (267) trigger_cmd_list ::= trigger_cmd SEMI */
+   292,  /* (268) trnm ::= nm DOT nm */
+   293,  /* (269) tridxby ::= INDEXED BY nm */
+   293,  /* (270) tridxby ::= NOT INDEXED */
+   291,  /* (271) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+   291,  /* (272) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+   291,  /* (273) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+   291,  /* (274) trigger_cmd ::= scanpt select scanpt */
+   217,  /* (275) expr ::= RAISE LP IGNORE RP */
+   217,  /* (276) expr ::= RAISE LP raisetype COMMA nm RP */
+   236,  /* (277) raisetype ::= ROLLBACK */
+   236,  /* (278) raisetype ::= ABORT */
+   236,  /* (279) raisetype ::= FAIL */
+   190,  /* (280) cmd ::= DROP TRIGGER ifexists fullname */
+   190,  /* (281) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+   190,  /* (282) cmd ::= DETACH database_kw_opt expr */
+   295,  /* (283) key_opt ::= */
+   295,  /* (284) key_opt ::= KEY expr */
+   190,  /* (285) cmd ::= REINDEX */
+   190,  /* (286) cmd ::= REINDEX nm dbnm */
+   190,  /* (287) cmd ::= ANALYZE */
+   190,  /* (288) cmd ::= ANALYZE nm dbnm */
+   190,  /* (289) cmd ::= ALTER TABLE fullname RENAME TO nm */
+   190,  /* (290) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+   190,  /* (291) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+   296,  /* (292) add_column_fullname ::= fullname */
+   190,  /* (293) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+   190,  /* (294) cmd ::= create_vtab */
+   190,  /* (295) cmd ::= create_vtab LP vtabarglist RP */
+   298,  /* (296) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+   300,  /* (297) vtabarg ::= */
+   301,  /* (298) vtabargtoken ::= ANY */
+   301,  /* (299) vtabargtoken ::= lp anylist RP */
+   302,  /* (300) lp ::= LP */
+   266,  /* (301) with ::= WITH wqlist */
+   266,  /* (302) with ::= WITH RECURSIVE wqlist */
+   305,  /* (303) wqas ::= AS */
+   305,  /* (304) wqas ::= AS MATERIALIZED */
+   305,  /* (305) wqas ::= AS NOT MATERIALIZED */
+   304,  /* (306) wqitem ::= nm eidlist_opt wqas LP select RP */
+   241,  /* (307) wqlist ::= wqitem */
+   241,  /* (308) wqlist ::= wqlist COMMA wqitem */
+   306,  /* (309) windowdefn_list ::= windowdefn */
+   306,  /* (310) windowdefn_list ::= windowdefn_list COMMA windowdefn */
+   307,  /* (311) windowdefn ::= nm AS LP window RP */
+   308,  /* (312) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+   308,  /* (313) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+   308,  /* (314) window ::= ORDER BY sortlist frame_opt */
+   308,  /* (315) window ::= nm ORDER BY sortlist frame_opt */
+   308,  /* (316) window ::= frame_opt */
+   308,  /* (317) window ::= nm frame_opt */
+   309,  /* (318) frame_opt ::= */
+   309,  /* (319) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
+   309,  /* (320) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
+   313,  /* (321) range_or_rows ::= RANGE|ROWS|GROUPS */
+   315,  /* (322) frame_bound_s ::= frame_bound */
+   315,  /* (323) frame_bound_s ::= UNBOUNDED PRECEDING */
+   316,  /* (324) frame_bound_e ::= frame_bound */
+   316,  /* (325) frame_bound_e ::= UNBOUNDED FOLLOWING */
+   314,  /* (326) frame_bound ::= expr PRECEDING|FOLLOWING */
+   314,  /* (327) frame_bound ::= CURRENT ROW */
+   317,  /* (328) frame_exclude_opt ::= */
+   317,  /* (329) frame_exclude_opt ::= EXCLUDE frame_exclude */
+   318,  /* (330) frame_exclude ::= NO OTHERS */
+   318,  /* (331) frame_exclude ::= CURRENT ROW */
+   318,  /* (332) frame_exclude ::= GROUP|TIES */
+   251,  /* (333) window_clause ::= WINDOW windowdefn_list */
+   273,  /* (334) filter_over ::= filter_clause over_clause */
+   273,  /* (335) filter_over ::= over_clause */
+   273,  /* (336) filter_over ::= filter_clause */
+   312,  /* (337) over_clause ::= OVER LP window RP */
+   312,  /* (338) over_clause ::= OVER nm */
+   311,  /* (339) filter_clause ::= FILTER LP WHERE expr RP */
+   185,  /* (340) input ::= cmdlist */
+   186,  /* (341) cmdlist ::= cmdlist ecmd */
+   186,  /* (342) cmdlist ::= ecmd */
+   187,  /* (343) ecmd ::= SEMI */
+   187,  /* (344) ecmd ::= cmdx SEMI */
+   187,  /* (345) ecmd ::= explain cmdx SEMI */
+   192,  /* (346) trans_opt ::= */
+   192,  /* (347) trans_opt ::= TRANSACTION */
+   192,  /* (348) trans_opt ::= TRANSACTION nm */
+   194,  /* (349) savepoint_opt ::= SAVEPOINT */
+   194,  /* (350) savepoint_opt ::= */
+   190,  /* (351) cmd ::= create_table create_table_args */
+   203,  /* (352) table_option_set ::= table_option */
+   201,  /* (353) columnlist ::= columnlist COMMA columnname carglist */
+   201,  /* (354) columnlist ::= columnname carglist */
+   193,  /* (355) nm ::= ID|INDEXED|JOIN_KW */
+   193,  /* (356) nm ::= STRING */
+   208,  /* (357) typetoken ::= typename */
+   209,  /* (358) typename ::= ID|STRING */
+   210,  /* (359) signed ::= plus_num */
+   210,  /* (360) signed ::= minus_num */
+   207,  /* (361) carglist ::= carglist ccons */
+   207,  /* (362) carglist ::= */
+   215,  /* (363) ccons ::= NULL onconf */
+   215,  /* (364) ccons ::= GENERATED ALWAYS AS generated */
+   215,  /* (365) ccons ::= AS generated */
+   202,  /* (366) conslist_opt ::= COMMA conslist */
+   228,  /* (367) conslist ::= conslist tconscomma tcons */
+   228,  /* (368) conslist ::= tcons */
+   229,  /* (369) tconscomma ::= */
+   233,  /* (370) defer_subclause_opt ::= defer_subclause */
+   235,  /* (371) resolvetype ::= raisetype */
+   239,  /* (372) selectnowith ::= oneselect */
+   240,  /* (373) oneselect ::= values */
+   254,  /* (374) sclp ::= selcollist COMMA */
+   255,  /* (375) as ::= ID|STRING */
+   264,  /* (376) indexed_opt ::= indexed_by */
+   272,  /* (377) returning ::= */
+   217,  /* (378) expr ::= term */
+   274,  /* (379) likeop ::= LIKE_KW|MATCH */
+   278,  /* (380) case_operand ::= expr */
+   261,  /* (381) exprlist ::= nexprlist */
+   284,  /* (382) nmnum ::= plus_num */
+   284,  /* (383) nmnum ::= nm */
+   284,  /* (384) nmnum ::= ON */
+   284,  /* (385) nmnum ::= DELETE */
+   284,  /* (386) nmnum ::= DEFAULT */
+   211,  /* (387) plus_num ::= INTEGER|FLOAT */
+   289,  /* (388) foreach_clause ::= */
+   289,  /* (389) foreach_clause ::= FOR EACH ROW */
+   292,  /* (390) trnm ::= nm */
+   293,  /* (391) tridxby ::= */
+   294,  /* (392) database_kw_opt ::= DATABASE */
+   294,  /* (393) database_kw_opt ::= */
+   297,  /* (394) kwcolumn_opt ::= */
+   297,  /* (395) kwcolumn_opt ::= COLUMNKW */
+   299,  /* (396) vtabarglist ::= vtabarg */
+   299,  /* (397) vtabarglist ::= vtabarglist COMMA vtabarg */
+   300,  /* (398) vtabarg ::= vtabarg vtabargtoken */
+   303,  /* (399) anylist ::= */
+   303,  /* (400) anylist ::= anylist LP anylist RP */
+   303,  /* (401) anylist ::= anylist ANY */
+   266,  /* (402) with ::= */
 };
 
 /* For rule J, yyRuleInfoNRhs[J] contains the negative of the number
@@ -166839,233 +171032,231 @@ static const signed char yyRuleInfoNRhs[] = {
    -3,  /* (175) idlist ::= idlist COMMA nm */
    -1,  /* (176) idlist ::= nm */
    -3,  /* (177) expr ::= LP expr RP */
-   -1,  /* (178) expr ::= ID|INDEXED */
-   -1,  /* (179) expr ::= JOIN_KW */
-   -3,  /* (180) expr ::= nm DOT nm */
-   -5,  /* (181) expr ::= nm DOT nm DOT nm */
-   -1,  /* (182) term ::= NULL|FLOAT|BLOB */
-   -1,  /* (183) term ::= STRING */
-   -1,  /* (184) term ::= INTEGER */
-   -1,  /* (185) expr ::= VARIABLE */
-   -3,  /* (186) expr ::= expr COLLATE ID|STRING */
-   -6,  /* (187) expr ::= CAST LP expr AS typetoken RP */
-   -5,  /* (188) expr ::= ID|INDEXED LP distinct exprlist RP */
-   -4,  /* (189) expr ::= ID|INDEXED LP STAR RP */
-   -6,  /* (190) expr ::= ID|INDEXED LP distinct exprlist RP filter_over */
-   -5,  /* (191) expr ::= ID|INDEXED LP STAR RP filter_over */
-   -1,  /* (192) term ::= CTIME_KW */
-   -5,  /* (193) expr ::= LP nexprlist COMMA expr RP */
-   -3,  /* (194) expr ::= expr AND expr */
-   -3,  /* (195) expr ::= expr OR expr */
-   -3,  /* (196) expr ::= expr LT|GT|GE|LE expr */
-   -3,  /* (197) expr ::= expr EQ|NE expr */
-   -3,  /* (198) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
-   -3,  /* (199) expr ::= expr PLUS|MINUS expr */
-   -3,  /* (200) expr ::= expr STAR|SLASH|REM expr */
-   -3,  /* (201) expr ::= expr CONCAT expr */
-   -2,  /* (202) likeop ::= NOT LIKE_KW|MATCH */
-   -3,  /* (203) expr ::= expr likeop expr */
-   -5,  /* (204) expr ::= expr likeop expr ESCAPE expr */
-   -2,  /* (205) expr ::= expr ISNULL|NOTNULL */
-   -3,  /* (206) expr ::= expr NOT NULL */
-   -3,  /* (207) expr ::= expr IS expr */
-   -4,  /* (208) expr ::= expr IS NOT expr */
-   -6,  /* (209) expr ::= expr IS NOT DISTINCT FROM expr */
-   -5,  /* (210) expr ::= expr IS DISTINCT FROM expr */
-   -2,  /* (211) expr ::= NOT expr */
-   -2,  /* (212) expr ::= BITNOT expr */
-   -2,  /* (213) expr ::= PLUS|MINUS expr */
-   -3,  /* (214) expr ::= expr PTR expr */
-   -1,  /* (215) between_op ::= BETWEEN */
-   -2,  /* (216) between_op ::= NOT BETWEEN */
-   -5,  /* (217) expr ::= expr between_op expr AND expr */
-   -1,  /* (218) in_op ::= IN */
-   -2,  /* (219) in_op ::= NOT IN */
-   -5,  /* (220) expr ::= expr in_op LP exprlist RP */
-   -3,  /* (221) expr ::= LP select RP */
-   -5,  /* (222) expr ::= expr in_op LP select RP */
-   -5,  /* (223) expr ::= expr in_op nm dbnm paren_exprlist */
-   -4,  /* (224) expr ::= EXISTS LP select RP */
-   -5,  /* (225) expr ::= CASE case_operand case_exprlist case_else END */
-   -5,  /* (226) case_exprlist ::= case_exprlist WHEN expr THEN expr */
-   -4,  /* (227) case_exprlist ::= WHEN expr THEN expr */
-   -2,  /* (228) case_else ::= ELSE expr */
-    0,  /* (229) case_else ::= */
-   -1,  /* (230) case_operand ::= expr */
-    0,  /* (231) case_operand ::= */
-    0,  /* (232) exprlist ::= */
-   -3,  /* (233) nexprlist ::= nexprlist COMMA expr */
-   -1,  /* (234) nexprlist ::= expr */
-    0,  /* (235) paren_exprlist ::= */
-   -3,  /* (236) paren_exprlist ::= LP exprlist RP */
-  -12,  /* (237) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
-   -1,  /* (238) uniqueflag ::= UNIQUE */
-    0,  /* (239) uniqueflag ::= */
-    0,  /* (240) eidlist_opt ::= */
-   -3,  /* (241) eidlist_opt ::= LP eidlist RP */
-   -5,  /* (242) eidlist ::= eidlist COMMA nm collate sortorder */
-   -3,  /* (243) eidlist ::= nm collate sortorder */
-    0,  /* (244) collate ::= */
-   -2,  /* (245) collate ::= COLLATE ID|STRING */
-   -4,  /* (246) cmd ::= DROP INDEX ifexists fullname */
-   -2,  /* (247) cmd ::= VACUUM vinto */
-   -3,  /* (248) cmd ::= VACUUM nm vinto */
-   -2,  /* (249) vinto ::= INTO expr */
-    0,  /* (250) vinto ::= */
-   -3,  /* (251) cmd ::= PRAGMA nm dbnm */
-   -5,  /* (252) cmd ::= PRAGMA nm dbnm EQ nmnum */
-   -6,  /* (253) cmd ::= PRAGMA nm dbnm LP nmnum RP */
-   -5,  /* (254) cmd ::= PRAGMA nm dbnm EQ minus_num */
-   -6,  /* (255) cmd ::= PRAGMA nm dbnm LP minus_num RP */
-   -2,  /* (256) plus_num ::= PLUS INTEGER|FLOAT */
-   -2,  /* (257) minus_num ::= MINUS INTEGER|FLOAT */
-   -5,  /* (258) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
-  -11,  /* (259) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
-   -1,  /* (260) trigger_time ::= BEFORE|AFTER */
-   -2,  /* (261) trigger_time ::= INSTEAD OF */
-    0,  /* (262) trigger_time ::= */
-   -1,  /* (263) trigger_event ::= DELETE|INSERT */
-   -1,  /* (264) trigger_event ::= UPDATE */
-   -3,  /* (265) trigger_event ::= UPDATE OF idlist */
-    0,  /* (266) when_clause ::= */
-   -2,  /* (267) when_clause ::= WHEN expr */
-   -3,  /* (268) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
-   -2,  /* (269) trigger_cmd_list ::= trigger_cmd SEMI */
-   -3,  /* (270) trnm ::= nm DOT nm */
-   -3,  /* (271) tridxby ::= INDEXED BY nm */
-   -2,  /* (272) tridxby ::= NOT INDEXED */
-   -9,  /* (273) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-   -8,  /* (274) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
-   -6,  /* (275) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-   -3,  /* (276) trigger_cmd ::= scanpt select scanpt */
-   -4,  /* (277) expr ::= RAISE LP IGNORE RP */
-   -6,  /* (278) expr ::= RAISE LP raisetype COMMA nm RP */
-   -1,  /* (279) raisetype ::= ROLLBACK */
-   -1,  /* (280) raisetype ::= ABORT */
-   -1,  /* (281) raisetype ::= FAIL */
-   -4,  /* (282) cmd ::= DROP TRIGGER ifexists fullname */
-   -6,  /* (283) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
-   -3,  /* (284) cmd ::= DETACH database_kw_opt expr */
-    0,  /* (285) key_opt ::= */
-   -2,  /* (286) key_opt ::= KEY expr */
-   -1,  /* (287) cmd ::= REINDEX */
-   -3,  /* (288) cmd ::= REINDEX nm dbnm */
-   -1,  /* (289) cmd ::= ANALYZE */
-   -3,  /* (290) cmd ::= ANALYZE nm dbnm */
-   -6,  /* (291) cmd ::= ALTER TABLE fullname RENAME TO nm */
-   -7,  /* (292) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
-   -6,  /* (293) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
-   -1,  /* (294) add_column_fullname ::= fullname */
-   -8,  /* (295) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
-   -1,  /* (296) cmd ::= create_vtab */
-   -4,  /* (297) cmd ::= create_vtab LP vtabarglist RP */
-   -8,  /* (298) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
-    0,  /* (299) vtabarg ::= */
-   -1,  /* (300) vtabargtoken ::= ANY */
-   -3,  /* (301) vtabargtoken ::= lp anylist RP */
-   -1,  /* (302) lp ::= LP */
-   -2,  /* (303) with ::= WITH wqlist */
-   -3,  /* (304) with ::= WITH RECURSIVE wqlist */
-   -1,  /* (305) wqas ::= AS */
-   -2,  /* (306) wqas ::= AS MATERIALIZED */
-   -3,  /* (307) wqas ::= AS NOT MATERIALIZED */
-   -6,  /* (308) wqitem ::= nm eidlist_opt wqas LP select RP */
-   -1,  /* (309) wqlist ::= wqitem */
-   -3,  /* (310) wqlist ::= wqlist COMMA wqitem */
-   -1,  /* (311) windowdefn_list ::= windowdefn */
-   -3,  /* (312) windowdefn_list ::= windowdefn_list COMMA windowdefn */
-   -5,  /* (313) windowdefn ::= nm AS LP window RP */
-   -5,  /* (314) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
-   -6,  /* (315) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
-   -4,  /* (316) window ::= ORDER BY sortlist frame_opt */
-   -5,  /* (317) window ::= nm ORDER BY sortlist frame_opt */
-   -1,  /* (318) window ::= frame_opt */
-   -2,  /* (319) window ::= nm frame_opt */
-    0,  /* (320) frame_opt ::= */
-   -3,  /* (321) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
-   -6,  /* (322) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
-   -1,  /* (323) range_or_rows ::= RANGE|ROWS|GROUPS */
-   -1,  /* (324) frame_bound_s ::= frame_bound */
-   -2,  /* (325) frame_bound_s ::= UNBOUNDED PRECEDING */
-   -1,  /* (326) frame_bound_e ::= frame_bound */
-   -2,  /* (327) frame_bound_e ::= UNBOUNDED FOLLOWING */
-   -2,  /* (328) frame_bound ::= expr PRECEDING|FOLLOWING */
-   -2,  /* (329) frame_bound ::= CURRENT ROW */
-    0,  /* (330) frame_exclude_opt ::= */
-   -2,  /* (331) frame_exclude_opt ::= EXCLUDE frame_exclude */
-   -2,  /* (332) frame_exclude ::= NO OTHERS */
-   -2,  /* (333) frame_exclude ::= CURRENT ROW */
-   -1,  /* (334) frame_exclude ::= GROUP|TIES */
-   -2,  /* (335) window_clause ::= WINDOW windowdefn_list */
-   -2,  /* (336) filter_over ::= filter_clause over_clause */
-   -1,  /* (337) filter_over ::= over_clause */
-   -1,  /* (338) filter_over ::= filter_clause */
-   -4,  /* (339) over_clause ::= OVER LP window RP */
-   -2,  /* (340) over_clause ::= OVER nm */
-   -5,  /* (341) filter_clause ::= FILTER LP WHERE expr RP */
-   -1,  /* (342) input ::= cmdlist */
-   -2,  /* (343) cmdlist ::= cmdlist ecmd */
-   -1,  /* (344) cmdlist ::= ecmd */
-   -1,  /* (345) ecmd ::= SEMI */
-   -2,  /* (346) ecmd ::= cmdx SEMI */
-   -3,  /* (347) ecmd ::= explain cmdx SEMI */
-    0,  /* (348) trans_opt ::= */
-   -1,  /* (349) trans_opt ::= TRANSACTION */
-   -2,  /* (350) trans_opt ::= TRANSACTION nm */
-   -1,  /* (351) savepoint_opt ::= SAVEPOINT */
-    0,  /* (352) savepoint_opt ::= */
-   -2,  /* (353) cmd ::= create_table create_table_args */
-   -1,  /* (354) table_option_set ::= table_option */
-   -4,  /* (355) columnlist ::= columnlist COMMA columnname carglist */
-   -2,  /* (356) columnlist ::= columnname carglist */
-   -1,  /* (357) nm ::= ID|INDEXED */
-   -1,  /* (358) nm ::= STRING */
-   -1,  /* (359) nm ::= JOIN_KW */
-   -1,  /* (360) typetoken ::= typename */
-   -1,  /* (361) typename ::= ID|STRING */
-   -1,  /* (362) signed ::= plus_num */
-   -1,  /* (363) signed ::= minus_num */
-   -2,  /* (364) carglist ::= carglist ccons */
-    0,  /* (365) carglist ::= */
-   -2,  /* (366) ccons ::= NULL onconf */
-   -4,  /* (367) ccons ::= GENERATED ALWAYS AS generated */
-   -2,  /* (368) ccons ::= AS generated */
-   -2,  /* (369) conslist_opt ::= COMMA conslist */
-   -3,  /* (370) conslist ::= conslist tconscomma tcons */
-   -1,  /* (371) conslist ::= tcons */
-    0,  /* (372) tconscomma ::= */
-   -1,  /* (373) defer_subclause_opt ::= defer_subclause */
-   -1,  /* (374) resolvetype ::= raisetype */
-   -1,  /* (375) selectnowith ::= oneselect */
-   -1,  /* (376) oneselect ::= values */
-   -2,  /* (377) sclp ::= selcollist COMMA */
-   -1,  /* (378) as ::= ID|STRING */
-   -1,  /* (379) indexed_opt ::= indexed_by */
-    0,  /* (380) returning ::= */
-   -1,  /* (381) expr ::= term */
-   -1,  /* (382) likeop ::= LIKE_KW|MATCH */
-   -1,  /* (383) exprlist ::= nexprlist */
-   -1,  /* (384) nmnum ::= plus_num */
-   -1,  /* (385) nmnum ::= nm */
-   -1,  /* (386) nmnum ::= ON */
-   -1,  /* (387) nmnum ::= DELETE */
-   -1,  /* (388) nmnum ::= DEFAULT */
-   -1,  /* (389) plus_num ::= INTEGER|FLOAT */
-    0,  /* (390) foreach_clause ::= */
-   -3,  /* (391) foreach_clause ::= FOR EACH ROW */
-   -1,  /* (392) trnm ::= nm */
-    0,  /* (393) tridxby ::= */
-   -1,  /* (394) database_kw_opt ::= DATABASE */
-    0,  /* (395) database_kw_opt ::= */
-    0,  /* (396) kwcolumn_opt ::= */
-   -1,  /* (397) kwcolumn_opt ::= COLUMNKW */
-   -1,  /* (398) vtabarglist ::= vtabarg */
-   -3,  /* (399) vtabarglist ::= vtabarglist COMMA vtabarg */
-   -2,  /* (400) vtabarg ::= vtabarg vtabargtoken */
-    0,  /* (401) anylist ::= */
-   -4,  /* (402) anylist ::= anylist LP anylist RP */
-   -2,  /* (403) anylist ::= anylist ANY */
-    0,  /* (404) with ::= */
+   -1,  /* (178) expr ::= ID|INDEXED|JOIN_KW */
+   -3,  /* (179) expr ::= nm DOT nm */
+   -5,  /* (180) expr ::= nm DOT nm DOT nm */
+   -1,  /* (181) term ::= NULL|FLOAT|BLOB */
+   -1,  /* (182) term ::= STRING */
+   -1,  /* (183) term ::= INTEGER */
+   -1,  /* (184) expr ::= VARIABLE */
+   -3,  /* (185) expr ::= expr COLLATE ID|STRING */
+   -6,  /* (186) expr ::= CAST LP expr AS typetoken RP */
+   -5,  /* (187) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
+   -4,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+   -6,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+   -5,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+   -1,  /* (191) term ::= CTIME_KW */
+   -5,  /* (192) expr ::= LP nexprlist COMMA expr RP */
+   -3,  /* (193) expr ::= expr AND expr */
+   -3,  /* (194) expr ::= expr OR expr */
+   -3,  /* (195) expr ::= expr LT|GT|GE|LE expr */
+   -3,  /* (196) expr ::= expr EQ|NE expr */
+   -3,  /* (197) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
+   -3,  /* (198) expr ::= expr PLUS|MINUS expr */
+   -3,  /* (199) expr ::= expr STAR|SLASH|REM expr */
+   -3,  /* (200) expr ::= expr CONCAT expr */
+   -2,  /* (201) likeop ::= NOT LIKE_KW|MATCH */
+   -3,  /* (202) expr ::= expr likeop expr */
+   -5,  /* (203) expr ::= expr likeop expr ESCAPE expr */
+   -2,  /* (204) expr ::= expr ISNULL|NOTNULL */
+   -3,  /* (205) expr ::= expr NOT NULL */
+   -3,  /* (206) expr ::= expr IS expr */
+   -4,  /* (207) expr ::= expr IS NOT expr */
+   -6,  /* (208) expr ::= expr IS NOT DISTINCT FROM expr */
+   -5,  /* (209) expr ::= expr IS DISTINCT FROM expr */
+   -2,  /* (210) expr ::= NOT expr */
+   -2,  /* (211) expr ::= BITNOT expr */
+   -2,  /* (212) expr ::= PLUS|MINUS expr */
+   -3,  /* (213) expr ::= expr PTR expr */
+   -1,  /* (214) between_op ::= BETWEEN */
+   -2,  /* (215) between_op ::= NOT BETWEEN */
+   -5,  /* (216) expr ::= expr between_op expr AND expr */
+   -1,  /* (217) in_op ::= IN */
+   -2,  /* (218) in_op ::= NOT IN */
+   -5,  /* (219) expr ::= expr in_op LP exprlist RP */
+   -3,  /* (220) expr ::= LP select RP */
+   -5,  /* (221) expr ::= expr in_op LP select RP */
+   -5,  /* (222) expr ::= expr in_op nm dbnm paren_exprlist */
+   -4,  /* (223) expr ::= EXISTS LP select RP */
+   -5,  /* (224) expr ::= CASE case_operand case_exprlist case_else END */
+   -5,  /* (225) case_exprlist ::= case_exprlist WHEN expr THEN expr */
+   -4,  /* (226) case_exprlist ::= WHEN expr THEN expr */
+   -2,  /* (227) case_else ::= ELSE expr */
+    0,  /* (228) case_else ::= */
+    0,  /* (229) case_operand ::= */
+    0,  /* (230) exprlist ::= */
+   -3,  /* (231) nexprlist ::= nexprlist COMMA expr */
+   -1,  /* (232) nexprlist ::= expr */
+    0,  /* (233) paren_exprlist ::= */
+   -3,  /* (234) paren_exprlist ::= LP exprlist RP */
+  -12,  /* (235) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+   -1,  /* (236) uniqueflag ::= UNIQUE */
+    0,  /* (237) uniqueflag ::= */
+    0,  /* (238) eidlist_opt ::= */
+   -3,  /* (239) eidlist_opt ::= LP eidlist RP */
+   -5,  /* (240) eidlist ::= eidlist COMMA nm collate sortorder */
+   -3,  /* (241) eidlist ::= nm collate sortorder */
+    0,  /* (242) collate ::= */
+   -2,  /* (243) collate ::= COLLATE ID|STRING */
+   -4,  /* (244) cmd ::= DROP INDEX ifexists fullname */
+   -2,  /* (245) cmd ::= VACUUM vinto */
+   -3,  /* (246) cmd ::= VACUUM nm vinto */
+   -2,  /* (247) vinto ::= INTO expr */
+    0,  /* (248) vinto ::= */
+   -3,  /* (249) cmd ::= PRAGMA nm dbnm */
+   -5,  /* (250) cmd ::= PRAGMA nm dbnm EQ nmnum */
+   -6,  /* (251) cmd ::= PRAGMA nm dbnm LP nmnum RP */
+   -5,  /* (252) cmd ::= PRAGMA nm dbnm EQ minus_num */
+   -6,  /* (253) cmd ::= PRAGMA nm dbnm LP minus_num RP */
+   -2,  /* (254) plus_num ::= PLUS INTEGER|FLOAT */
+   -2,  /* (255) minus_num ::= MINUS INTEGER|FLOAT */
+   -5,  /* (256) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+  -11,  /* (257) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+   -1,  /* (258) trigger_time ::= BEFORE|AFTER */
+   -2,  /* (259) trigger_time ::= INSTEAD OF */
+    0,  /* (260) trigger_time ::= */
+   -1,  /* (261) trigger_event ::= DELETE|INSERT */
+   -1,  /* (262) trigger_event ::= UPDATE */
+   -3,  /* (263) trigger_event ::= UPDATE OF idlist */
+    0,  /* (264) when_clause ::= */
+   -2,  /* (265) when_clause ::= WHEN expr */
+   -3,  /* (266) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+   -2,  /* (267) trigger_cmd_list ::= trigger_cmd SEMI */
+   -3,  /* (268) trnm ::= nm DOT nm */
+   -3,  /* (269) tridxby ::= INDEXED BY nm */
+   -2,  /* (270) tridxby ::= NOT INDEXED */
+   -9,  /* (271) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+   -8,  /* (272) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+   -6,  /* (273) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+   -3,  /* (274) trigger_cmd ::= scanpt select scanpt */
+   -4,  /* (275) expr ::= RAISE LP IGNORE RP */
+   -6,  /* (276) expr ::= RAISE LP raisetype COMMA nm RP */
+   -1,  /* (277) raisetype ::= ROLLBACK */
+   -1,  /* (278) raisetype ::= ABORT */
+   -1,  /* (279) raisetype ::= FAIL */
+   -4,  /* (280) cmd ::= DROP TRIGGER ifexists fullname */
+   -6,  /* (281) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+   -3,  /* (282) cmd ::= DETACH database_kw_opt expr */
+    0,  /* (283) key_opt ::= */
+   -2,  /* (284) key_opt ::= KEY expr */
+   -1,  /* (285) cmd ::= REINDEX */
+   -3,  /* (286) cmd ::= REINDEX nm dbnm */
+   -1,  /* (287) cmd ::= ANALYZE */
+   -3,  /* (288) cmd ::= ANALYZE nm dbnm */
+   -6,  /* (289) cmd ::= ALTER TABLE fullname RENAME TO nm */
+   -7,  /* (290) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+   -6,  /* (291) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+   -1,  /* (292) add_column_fullname ::= fullname */
+   -8,  /* (293) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+   -1,  /* (294) cmd ::= create_vtab */
+   -4,  /* (295) cmd ::= create_vtab LP vtabarglist RP */
+   -8,  /* (296) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+    0,  /* (297) vtabarg ::= */
+   -1,  /* (298) vtabargtoken ::= ANY */
+   -3,  /* (299) vtabargtoken ::= lp anylist RP */
+   -1,  /* (300) lp ::= LP */
+   -2,  /* (301) with ::= WITH wqlist */
+   -3,  /* (302) with ::= WITH RECURSIVE wqlist */
+   -1,  /* (303) wqas ::= AS */
+   -2,  /* (304) wqas ::= AS MATERIALIZED */
+   -3,  /* (305) wqas ::= AS NOT MATERIALIZED */
+   -6,  /* (306) wqitem ::= nm eidlist_opt wqas LP select RP */
+   -1,  /* (307) wqlist ::= wqitem */
+   -3,  /* (308) wqlist ::= wqlist COMMA wqitem */
+   -1,  /* (309) windowdefn_list ::= windowdefn */
+   -3,  /* (310) windowdefn_list ::= windowdefn_list COMMA windowdefn */
+   -5,  /* (311) windowdefn ::= nm AS LP window RP */
+   -5,  /* (312) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+   -6,  /* (313) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+   -4,  /* (314) window ::= ORDER BY sortlist frame_opt */
+   -5,  /* (315) window ::= nm ORDER BY sortlist frame_opt */
+   -1,  /* (316) window ::= frame_opt */
+   -2,  /* (317) window ::= nm frame_opt */
+    0,  /* (318) frame_opt ::= */
+   -3,  /* (319) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
+   -6,  /* (320) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
+   -1,  /* (321) range_or_rows ::= RANGE|ROWS|GROUPS */
+   -1,  /* (322) frame_bound_s ::= frame_bound */
+   -2,  /* (323) frame_bound_s ::= UNBOUNDED PRECEDING */
+   -1,  /* (324) frame_bound_e ::= frame_bound */
+   -2,  /* (325) frame_bound_e ::= UNBOUNDED FOLLOWING */
+   -2,  /* (326) frame_bound ::= expr PRECEDING|FOLLOWING */
+   -2,  /* (327) frame_bound ::= CURRENT ROW */
+    0,  /* (328) frame_exclude_opt ::= */
+   -2,  /* (329) frame_exclude_opt ::= EXCLUDE frame_exclude */
+   -2,  /* (330) frame_exclude ::= NO OTHERS */
+   -2,  /* (331) frame_exclude ::= CURRENT ROW */
+   -1,  /* (332) frame_exclude ::= GROUP|TIES */
+   -2,  /* (333) window_clause ::= WINDOW windowdefn_list */
+   -2,  /* (334) filter_over ::= filter_clause over_clause */
+   -1,  /* (335) filter_over ::= over_clause */
+   -1,  /* (336) filter_over ::= filter_clause */
+   -4,  /* (337) over_clause ::= OVER LP window RP */
+   -2,  /* (338) over_clause ::= OVER nm */
+   -5,  /* (339) filter_clause ::= FILTER LP WHERE expr RP */
+   -1,  /* (340) input ::= cmdlist */
+   -2,  /* (341) cmdlist ::= cmdlist ecmd */
+   -1,  /* (342) cmdlist ::= ecmd */
+   -1,  /* (343) ecmd ::= SEMI */
+   -2,  /* (344) ecmd ::= cmdx SEMI */
+   -3,  /* (345) ecmd ::= explain cmdx SEMI */
+    0,  /* (346) trans_opt ::= */
+   -1,  /* (347) trans_opt ::= TRANSACTION */
+   -2,  /* (348) trans_opt ::= TRANSACTION nm */
+   -1,  /* (349) savepoint_opt ::= SAVEPOINT */
+    0,  /* (350) savepoint_opt ::= */
+   -2,  /* (351) cmd ::= create_table create_table_args */
+   -1,  /* (352) table_option_set ::= table_option */
+   -4,  /* (353) columnlist ::= columnlist COMMA columnname carglist */
+   -2,  /* (354) columnlist ::= columnname carglist */
+   -1,  /* (355) nm ::= ID|INDEXED|JOIN_KW */
+   -1,  /* (356) nm ::= STRING */
+   -1,  /* (357) typetoken ::= typename */
+   -1,  /* (358) typename ::= ID|STRING */
+   -1,  /* (359) signed ::= plus_num */
+   -1,  /* (360) signed ::= minus_num */
+   -2,  /* (361) carglist ::= carglist ccons */
+    0,  /* (362) carglist ::= */
+   -2,  /* (363) ccons ::= NULL onconf */
+   -4,  /* (364) ccons ::= GENERATED ALWAYS AS generated */
+   -2,  /* (365) ccons ::= AS generated */
+   -2,  /* (366) conslist_opt ::= COMMA conslist */
+   -3,  /* (367) conslist ::= conslist tconscomma tcons */
+   -1,  /* (368) conslist ::= tcons */
+    0,  /* (369) tconscomma ::= */
+   -1,  /* (370) defer_subclause_opt ::= defer_subclause */
+   -1,  /* (371) resolvetype ::= raisetype */
+   -1,  /* (372) selectnowith ::= oneselect */
+   -1,  /* (373) oneselect ::= values */
+   -2,  /* (374) sclp ::= selcollist COMMA */
+   -1,  /* (375) as ::= ID|STRING */
+   -1,  /* (376) indexed_opt ::= indexed_by */
+    0,  /* (377) returning ::= */
+   -1,  /* (378) expr ::= term */
+   -1,  /* (379) likeop ::= LIKE_KW|MATCH */
+   -1,  /* (380) case_operand ::= expr */
+   -1,  /* (381) exprlist ::= nexprlist */
+   -1,  /* (382) nmnum ::= plus_num */
+   -1,  /* (383) nmnum ::= nm */
+   -1,  /* (384) nmnum ::= ON */
+   -1,  /* (385) nmnum ::= DELETE */
+   -1,  /* (386) nmnum ::= DEFAULT */
+   -1,  /* (387) plus_num ::= INTEGER|FLOAT */
+    0,  /* (388) foreach_clause ::= */
+   -3,  /* (389) foreach_clause ::= FOR EACH ROW */
+   -1,  /* (390) trnm ::= nm */
+    0,  /* (391) tridxby ::= */
+   -1,  /* (392) database_kw_opt ::= DATABASE */
+    0,  /* (393) database_kw_opt ::= */
+    0,  /* (394) kwcolumn_opt ::= */
+   -1,  /* (395) kwcolumn_opt ::= COLUMNKW */
+   -1,  /* (396) vtabarglist ::= vtabarg */
+   -3,  /* (397) vtabarglist ::= vtabarglist COMMA vtabarg */
+   -2,  /* (398) vtabarg ::= vtabarg vtabargtoken */
+    0,  /* (399) anylist ::= */
+   -4,  /* (400) anylist ::= anylist LP anylist RP */
+   -2,  /* (401) anylist ::= anylist ANY */
+    0,  /* (402) with ::= */
 };
 
 static void yy_accept(yyParser*);  /* Forward Declaration */
@@ -167125,7 +171316,7 @@ static YYACTIONTYPE yy_reduce(
       case 5: /* transtype ::= DEFERRED */
       case 6: /* transtype ::= IMMEDIATE */ yytestcase(yyruleno==6);
       case 7: /* transtype ::= EXCLUSIVE */ yytestcase(yyruleno==7);
-      case 323: /* range_or_rows ::= RANGE|ROWS|GROUPS */ yytestcase(yyruleno==323);
+      case 321: /* range_or_rows ::= RANGE|ROWS|GROUPS */ yytestcase(yyruleno==321);
 {yymsp[0].minor.yy394 = yymsp[0].major; /*A-overwrites-X*/}
         break;
       case 8: /* cmd ::= COMMIT|END trans_opt */
@@ -167162,7 +171353,7 @@ static YYACTIONTYPE yy_reduce(
       case 72: /* defer_subclause_opt ::= */ yytestcase(yyruleno==72);
       case 81: /* ifexists ::= */ yytestcase(yyruleno==81);
       case 98: /* distinct ::= */ yytestcase(yyruleno==98);
-      case 244: /* collate ::= */ yytestcase(yyruleno==244);
+      case 242: /* collate ::= */ yytestcase(yyruleno==242);
 {yymsp[1].minor.yy394 = 0;}
         break;
       case 16: /* ifnotexists ::= IF NOT EXISTS */
@@ -167346,9 +171537,9 @@ static YYACTIONTYPE yy_reduce(
         break;
       case 63: /* init_deferred_pred_opt ::= INITIALLY DEFERRED */
       case 80: /* ifexists ::= IF EXISTS */ yytestcase(yyruleno==80);
-      case 216: /* between_op ::= NOT BETWEEN */ yytestcase(yyruleno==216);
-      case 219: /* in_op ::= NOT IN */ yytestcase(yyruleno==219);
-      case 245: /* collate ::= COLLATE ID|STRING */ yytestcase(yyruleno==245);
+      case 215: /* between_op ::= NOT BETWEEN */ yytestcase(yyruleno==215);
+      case 218: /* in_op ::= NOT IN */ yytestcase(yyruleno==218);
+      case 243: /* collate ::= COLLATE ID|STRING */ yytestcase(yyruleno==243);
 {yymsp[-1].minor.yy394 = 1;}
         break;
       case 64: /* init_deferred_pred_opt ::= INITIALLY IMMEDIATE */
@@ -167498,9 +171689,9 @@ static YYACTIONTYPE yy_reduce(
       case 99: /* sclp ::= */
       case 132: /* orderby_opt ::= */ yytestcase(yyruleno==132);
       case 142: /* groupby_opt ::= */ yytestcase(yyruleno==142);
-      case 232: /* exprlist ::= */ yytestcase(yyruleno==232);
-      case 235: /* paren_exprlist ::= */ yytestcase(yyruleno==235);
-      case 240: /* eidlist_opt ::= */ yytestcase(yyruleno==240);
+      case 230: /* exprlist ::= */ yytestcase(yyruleno==230);
+      case 233: /* paren_exprlist ::= */ yytestcase(yyruleno==233);
+      case 238: /* eidlist_opt ::= */ yytestcase(yyruleno==238);
 {yymsp[1].minor.yy322 = 0;}
         break;
       case 100: /* selcollist ::= sclp scanpt expr scanpt as */
@@ -167526,8 +171717,8 @@ static YYACTIONTYPE yy_reduce(
         break;
       case 103: /* as ::= AS nm */
       case 115: /* dbnm ::= DOT nm */ yytestcase(yyruleno==115);
-      case 256: /* plus_num ::= PLUS INTEGER|FLOAT */ yytestcase(yyruleno==256);
-      case 257: /* minus_num ::= MINUS INTEGER|FLOAT */ yytestcase(yyruleno==257);
+      case 254: /* plus_num ::= PLUS INTEGER|FLOAT */ yytestcase(yyruleno==254);
+      case 255: /* minus_num ::= MINUS INTEGER|FLOAT */ yytestcase(yyruleno==255);
 {yymsp[-1].minor.yy0 = yymsp[0].minor.yy0;}
         break;
       case 105: /* from ::= */
@@ -167571,7 +171762,7 @@ static YYACTIONTYPE yy_reduce(
 {
     if( yymsp[-5].minor.yy131==0 && yymsp[-1].minor.yy0.n==0 && yymsp[0].minor.yy561.pOn==0 && yymsp[0].minor.yy561.pUsing==0 ){
       yymsp[-5].minor.yy131 = yymsp[-3].minor.yy131;
-    }else if( yymsp[-3].minor.yy131->nSrc==1 ){
+    }else if( ALWAYS(yymsp[-3].minor.yy131!=0) && yymsp[-3].minor.yy131->nSrc==1 ){
       yymsp[-5].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy131,0,0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy561);
       if( yymsp[-5].minor.yy131 ){
         SrcItem *pNew = &yymsp[-5].minor.yy131->a[yymsp[-5].minor.yy131->nSrc-1];
@@ -167699,16 +171890,16 @@ static YYACTIONTYPE yy_reduce(
       case 146: /* limit_opt ::= */ yytestcase(yyruleno==146);
       case 151: /* where_opt ::= */ yytestcase(yyruleno==151);
       case 153: /* where_opt_ret ::= */ yytestcase(yyruleno==153);
-      case 229: /* case_else ::= */ yytestcase(yyruleno==229);
-      case 231: /* case_operand ::= */ yytestcase(yyruleno==231);
-      case 250: /* vinto ::= */ yytestcase(yyruleno==250);
+      case 228: /* case_else ::= */ yytestcase(yyruleno==228);
+      case 229: /* case_operand ::= */ yytestcase(yyruleno==229);
+      case 248: /* vinto ::= */ yytestcase(yyruleno==248);
 {yymsp[1].minor.yy528 = 0;}
         break;
       case 145: /* having_opt ::= HAVING expr */
       case 152: /* where_opt ::= WHERE expr */ yytestcase(yyruleno==152);
       case 154: /* where_opt_ret ::= WHERE expr */ yytestcase(yyruleno==154);
-      case 228: /* case_else ::= ELSE expr */ yytestcase(yyruleno==228);
-      case 249: /* vinto ::= INTO expr */ yytestcase(yyruleno==249);
+      case 227: /* case_else ::= ELSE expr */ yytestcase(yyruleno==227);
+      case 247: /* vinto ::= INTO expr */ yytestcase(yyruleno==247);
 {yymsp[-1].minor.yy528 = yymsp[0].minor.yy528;}
         break;
       case 147: /* limit_opt ::= LIMIT expr */
@@ -167820,11 +172011,10 @@ static YYACTIONTYPE yy_reduce(
       case 177: /* expr ::= LP expr RP */
 {yymsp[-2].minor.yy528 = yymsp[-1].minor.yy528;}
         break;
-      case 178: /* expr ::= ID|INDEXED */
-      case 179: /* expr ::= JOIN_KW */ yytestcase(yyruleno==179);
+      case 178: /* expr ::= ID|INDEXED|JOIN_KW */
 {yymsp[0].minor.yy528=tokenExpr(pParse,TK_ID,yymsp[0].minor.yy0); /*A-overwrites-X*/}
         break;
-      case 180: /* expr ::= nm DOT nm */
+      case 179: /* expr ::= nm DOT nm */
 {
   Expr *temp1 = tokenExpr(pParse,TK_ID,yymsp[-2].minor.yy0);
   Expr *temp2 = tokenExpr(pParse,TK_ID,yymsp[0].minor.yy0);
@@ -167832,7 +172022,7 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-2].minor.yy528 = yylhsminor.yy528;
         break;
-      case 181: /* expr ::= nm DOT nm DOT nm */
+      case 180: /* expr ::= nm DOT nm DOT nm */
 {
   Expr *temp1 = tokenExpr(pParse,TK_ID,yymsp[-4].minor.yy0);
   Expr *temp2 = tokenExpr(pParse,TK_ID,yymsp[-2].minor.yy0);
@@ -167845,18 +172035,18 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-4].minor.yy528 = yylhsminor.yy528;
         break;
-      case 182: /* term ::= NULL|FLOAT|BLOB */
-      case 183: /* term ::= STRING */ yytestcase(yyruleno==183);
+      case 181: /* term ::= NULL|FLOAT|BLOB */
+      case 182: /* term ::= STRING */ yytestcase(yyruleno==182);
 {yymsp[0].minor.yy528=tokenExpr(pParse,yymsp[0].major,yymsp[0].minor.yy0); /*A-overwrites-X*/}
         break;
-      case 184: /* term ::= INTEGER */
+      case 183: /* term ::= INTEGER */
 {
   yylhsminor.yy528 = sqlite3ExprAlloc(pParse->db, TK_INTEGER, &yymsp[0].minor.yy0, 1);
   if( yylhsminor.yy528 ) yylhsminor.yy528->w.iOfst = (int)(yymsp[0].minor.yy0.z - pParse->zTail);
 }
   yymsp[0].minor.yy528 = yylhsminor.yy528;
         break;
-      case 185: /* expr ::= VARIABLE */
+      case 184: /* expr ::= VARIABLE */
 {
   if( !(yymsp[0].minor.yy0.z[0]=='#' && sqlite3Isdigit(yymsp[0].minor.yy0.z[1])) ){
     u32 n = yymsp[0].minor.yy0.n;
@@ -167878,50 +172068,50 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 186: /* expr ::= expr COLLATE ID|STRING */
+      case 185: /* expr ::= expr COLLATE ID|STRING */
 {
   yymsp[-2].minor.yy528 = sqlite3ExprAddCollateToken(pParse, yymsp[-2].minor.yy528, &yymsp[0].minor.yy0, 1);
 }
         break;
-      case 187: /* expr ::= CAST LP expr AS typetoken RP */
+      case 186: /* expr ::= CAST LP expr AS typetoken RP */
 {
   yymsp[-5].minor.yy528 = sqlite3ExprAlloc(pParse->db, TK_CAST, &yymsp[-1].minor.yy0, 1);
   sqlite3ExprAttachSubtrees(pParse->db, yymsp[-5].minor.yy528, yymsp[-3].minor.yy528, 0);
 }
         break;
-      case 188: /* expr ::= ID|INDEXED LP distinct exprlist RP */
+      case 187: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
 {
   yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-1].minor.yy322, &yymsp[-4].minor.yy0, yymsp[-2].minor.yy394);
 }
   yymsp[-4].minor.yy528 = yylhsminor.yy528;
         break;
-      case 189: /* expr ::= ID|INDEXED LP STAR RP */
+      case 188: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
 {
   yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[-3].minor.yy0, 0);
 }
   yymsp[-3].minor.yy528 = yylhsminor.yy528;
         break;
-      case 190: /* expr ::= ID|INDEXED LP distinct exprlist RP filter_over */
+      case 189: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
 {
   yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-2].minor.yy322, &yymsp[-5].minor.yy0, yymsp[-3].minor.yy394);
   sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
 }
   yymsp[-5].minor.yy528 = yylhsminor.yy528;
         break;
-      case 191: /* expr ::= ID|INDEXED LP STAR RP filter_over */
+      case 190: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
 {
   yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[-4].minor.yy0, 0);
   sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
 }
   yymsp[-4].minor.yy528 = yylhsminor.yy528;
         break;
-      case 192: /* term ::= CTIME_KW */
+      case 191: /* term ::= CTIME_KW */
 {
   yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[0].minor.yy0, 0);
 }
   yymsp[0].minor.yy528 = yylhsminor.yy528;
         break;
-      case 193: /* expr ::= LP nexprlist COMMA expr RP */
+      case 192: /* expr ::= LP nexprlist COMMA expr RP */
 {
   ExprList *pList = sqlite3ExprListAppend(pParse, yymsp[-3].minor.yy322, yymsp[-1].minor.yy528);
   yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_VECTOR, 0, 0);
@@ -167935,22 +172125,22 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 194: /* expr ::= expr AND expr */
+      case 193: /* expr ::= expr AND expr */
 {yymsp[-2].minor.yy528=sqlite3ExprAnd(pParse,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
         break;
-      case 195: /* expr ::= expr OR expr */
-      case 196: /* expr ::= expr LT|GT|GE|LE expr */ yytestcase(yyruleno==196);
-      case 197: /* expr ::= expr EQ|NE expr */ yytestcase(yyruleno==197);
-      case 198: /* expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */ yytestcase(yyruleno==198);
-      case 199: /* expr ::= expr PLUS|MINUS expr */ yytestcase(yyruleno==199);
-      case 200: /* expr ::= expr STAR|SLASH|REM expr */ yytestcase(yyruleno==200);
-      case 201: /* expr ::= expr CONCAT expr */ yytestcase(yyruleno==201);
+      case 194: /* expr ::= expr OR expr */
+      case 195: /* expr ::= expr LT|GT|GE|LE expr */ yytestcase(yyruleno==195);
+      case 196: /* expr ::= expr EQ|NE expr */ yytestcase(yyruleno==196);
+      case 197: /* expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */ yytestcase(yyruleno==197);
+      case 198: /* expr ::= expr PLUS|MINUS expr */ yytestcase(yyruleno==198);
+      case 199: /* expr ::= expr STAR|SLASH|REM expr */ yytestcase(yyruleno==199);
+      case 200: /* expr ::= expr CONCAT expr */ yytestcase(yyruleno==200);
 {yymsp[-2].minor.yy528=sqlite3PExpr(pParse,yymsp[-1].major,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
         break;
-      case 202: /* likeop ::= NOT LIKE_KW|MATCH */
+      case 201: /* likeop ::= NOT LIKE_KW|MATCH */
 {yymsp[-1].minor.yy0=yymsp[0].minor.yy0; yymsp[-1].minor.yy0.n|=0x80000000; /*yymsp[-1].minor.yy0-overwrite-yymsp[0].minor.yy0*/}
         break;
-      case 203: /* expr ::= expr likeop expr */
+      case 202: /* expr ::= expr likeop expr */
 {
   ExprList *pList;
   int bNot = yymsp[-1].minor.yy0.n & 0x80000000;
@@ -167962,7 +172152,7 @@ static YYACTIONTYPE yy_reduce(
   if( yymsp[-2].minor.yy528 ) yymsp[-2].minor.yy528->flags |= EP_InfixFunc;
 }
         break;
-      case 204: /* expr ::= expr likeop expr ESCAPE expr */
+      case 203: /* expr ::= expr likeop expr ESCAPE expr */
 {
   ExprList *pList;
   int bNot = yymsp[-3].minor.yy0.n & 0x80000000;
@@ -167975,47 +172165,47 @@ static YYACTIONTYPE yy_reduce(
   if( yymsp[-4].minor.yy528 ) yymsp[-4].minor.yy528->flags |= EP_InfixFunc;
 }
         break;
-      case 205: /* expr ::= expr ISNULL|NOTNULL */
+      case 204: /* expr ::= expr ISNULL|NOTNULL */
 {yymsp[-1].minor.yy528 = sqlite3PExpr(pParse,yymsp[0].major,yymsp[-1].minor.yy528,0);}
         break;
-      case 206: /* expr ::= expr NOT NULL */
+      case 205: /* expr ::= expr NOT NULL */
 {yymsp[-2].minor.yy528 = sqlite3PExpr(pParse,TK_NOTNULL,yymsp[-2].minor.yy528,0);}
         break;
-      case 207: /* expr ::= expr IS expr */
+      case 206: /* expr ::= expr IS expr */
 {
   yymsp[-2].minor.yy528 = sqlite3PExpr(pParse,TK_IS,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);
   binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-2].minor.yy528, TK_ISNULL);
 }
         break;
-      case 208: /* expr ::= expr IS NOT expr */
+      case 207: /* expr ::= expr IS NOT expr */
 {
   yymsp[-3].minor.yy528 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-3].minor.yy528,yymsp[0].minor.yy528);
   binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-3].minor.yy528, TK_NOTNULL);
 }
         break;
-      case 209: /* expr ::= expr IS NOT DISTINCT FROM expr */
+      case 208: /* expr ::= expr IS NOT DISTINCT FROM expr */
 {
   yymsp[-5].minor.yy528 = sqlite3PExpr(pParse,TK_IS,yymsp[-5].minor.yy528,yymsp[0].minor.yy528);
   binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-5].minor.yy528, TK_ISNULL);
 }
         break;
-      case 210: /* expr ::= expr IS DISTINCT FROM expr */
+      case 209: /* expr ::= expr IS DISTINCT FROM expr */
 {
   yymsp[-4].minor.yy528 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-4].minor.yy528,yymsp[0].minor.yy528);
   binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-4].minor.yy528, TK_NOTNULL);
 }
         break;
-      case 211: /* expr ::= NOT expr */
-      case 212: /* expr ::= BITNOT expr */ yytestcase(yyruleno==212);
+      case 210: /* expr ::= NOT expr */
+      case 211: /* expr ::= BITNOT expr */ yytestcase(yyruleno==211);
 {yymsp[-1].minor.yy528 = sqlite3PExpr(pParse, yymsp[-1].major, yymsp[0].minor.yy528, 0);/*A-overwrites-B*/}
         break;
-      case 213: /* expr ::= PLUS|MINUS expr */
+      case 212: /* expr ::= PLUS|MINUS expr */
 {
   yymsp[-1].minor.yy528 = sqlite3PExpr(pParse, yymsp[-1].major==TK_PLUS ? TK_UPLUS : TK_UMINUS, yymsp[0].minor.yy528, 0);
   /*A-overwrites-B*/
 }
         break;
-      case 214: /* expr ::= expr PTR expr */
+      case 213: /* expr ::= expr PTR expr */
 {
   ExprList *pList = sqlite3ExprListAppend(pParse, 0, yymsp[-2].minor.yy528);
   pList = sqlite3ExprListAppend(pParse, pList, yymsp[0].minor.yy528);
@@ -168023,11 +172213,11 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-2].minor.yy528 = yylhsminor.yy528;
         break;
-      case 215: /* between_op ::= BETWEEN */
-      case 218: /* in_op ::= IN */ yytestcase(yyruleno==218);
+      case 214: /* between_op ::= BETWEEN */
+      case 217: /* in_op ::= IN */ yytestcase(yyruleno==217);
 {yymsp[0].minor.yy394 = 0;}
         break;
-      case 217: /* expr ::= expr between_op expr AND expr */
+      case 216: /* expr ::= expr between_op expr AND expr */
 {
   ExprList *pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
   pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy528);
@@ -168040,7 +172230,7 @@ static YYACTIONTYPE yy_reduce(
   if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
 }
         break;
-      case 220: /* expr ::= expr in_op LP exprlist RP */
+      case 219: /* expr ::= expr in_op LP exprlist RP */
 {
     if( yymsp[-1].minor.yy322==0 ){
       /* Expressions of the form
@@ -168061,6 +172251,11 @@ static YYACTIONTYPE yy_reduce(
         sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
         pRHS = sqlite3PExpr(pParse, TK_UPLUS, pRHS, 0);
         yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_EQ, yymsp[-4].minor.yy528, pRHS);
+      }else if( yymsp[-1].minor.yy322->nExpr==1 && pRHS->op==TK_SELECT ){
+        yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
+        sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, pRHS->x.pSelect);
+        pRHS->x.pSelect = 0;
+        sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
       }else{
         yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
         if( yymsp[-4].minor.yy528==0 ){
@@ -168081,20 +172276,20 @@ static YYACTIONTYPE yy_reduce(
     }
   }
         break;
-      case 221: /* expr ::= LP select RP */
+      case 220: /* expr ::= LP select RP */
 {
     yymsp[-2].minor.yy528 = sqlite3PExpr(pParse, TK_SELECT, 0, 0);
     sqlite3PExprAddSelect(pParse, yymsp[-2].minor.yy528, yymsp[-1].minor.yy47);
   }
         break;
-      case 222: /* expr ::= expr in_op LP select RP */
+      case 221: /* expr ::= expr in_op LP select RP */
 {
     yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
     sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, yymsp[-1].minor.yy47);
     if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
   }
         break;
-      case 223: /* expr ::= expr in_op nm dbnm paren_exprlist */
+      case 222: /* expr ::= expr in_op nm dbnm paren_exprlist */
 {
     SrcList *pSrc = sqlite3SrcListAppend(pParse, 0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0);
     Select *pSelect = sqlite3SelectNew(pParse, 0,pSrc,0,0,0,0,0,0);
@@ -168104,14 +172299,14 @@ static YYACTIONTYPE yy_reduce(
     if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
   }
         break;
-      case 224: /* expr ::= EXISTS LP select RP */
+      case 223: /* expr ::= EXISTS LP select RP */
 {
     Expr *p;
     p = yymsp[-3].minor.yy528 = sqlite3PExpr(pParse, TK_EXISTS, 0, 0);
     sqlite3PExprAddSelect(pParse, p, yymsp[-1].minor.yy47);
   }
         break;
-      case 225: /* expr ::= CASE case_operand case_exprlist case_else END */
+      case 224: /* expr ::= CASE case_operand case_exprlist case_else END */
 {
   yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_CASE, yymsp[-3].minor.yy528, 0);
   if( yymsp[-4].minor.yy528 ){
@@ -168123,32 +172318,29 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 226: /* case_exprlist ::= case_exprlist WHEN expr THEN expr */
+      case 225: /* case_exprlist ::= case_exprlist WHEN expr THEN expr */
 {
   yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, yymsp[-2].minor.yy528);
   yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, yymsp[0].minor.yy528);
 }
         break;
-      case 227: /* case_exprlist ::= WHEN expr THEN expr */
+      case 226: /* case_exprlist ::= WHEN expr THEN expr */
 {
   yymsp[-3].minor.yy322 = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
   yymsp[-3].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-3].minor.yy322, yymsp[0].minor.yy528);
 }
         break;
-      case 230: /* case_operand ::= expr */
-{yymsp[0].minor.yy528 = yymsp[0].minor.yy528; /*A-overwrites-X*/}
-        break;
-      case 233: /* nexprlist ::= nexprlist COMMA expr */
+      case 231: /* nexprlist ::= nexprlist COMMA expr */
 {yymsp[-2].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy322,yymsp[0].minor.yy528);}
         break;
-      case 234: /* nexprlist ::= expr */
+      case 232: /* nexprlist ::= expr */
 {yymsp[0].minor.yy322 = sqlite3ExprListAppend(pParse,0,yymsp[0].minor.yy528); /*A-overwrites-Y*/}
         break;
-      case 236: /* paren_exprlist ::= LP exprlist RP */
-      case 241: /* eidlist_opt ::= LP eidlist RP */ yytestcase(yyruleno==241);
+      case 234: /* paren_exprlist ::= LP exprlist RP */
+      case 239: /* eidlist_opt ::= LP eidlist RP */ yytestcase(yyruleno==239);
 {yymsp[-2].minor.yy322 = yymsp[-1].minor.yy322;}
         break;
-      case 237: /* cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+      case 235: /* cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
 {
   sqlite3CreateIndex(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0,
                      sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,0), yymsp[-2].minor.yy322, yymsp[-10].minor.yy394,
@@ -168158,48 +172350,48 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 238: /* uniqueflag ::= UNIQUE */
-      case 280: /* raisetype ::= ABORT */ yytestcase(yyruleno==280);
+      case 236: /* uniqueflag ::= UNIQUE */
+      case 278: /* raisetype ::= ABORT */ yytestcase(yyruleno==278);
 {yymsp[0].minor.yy394 = OE_Abort;}
         break;
-      case 239: /* uniqueflag ::= */
+      case 237: /* uniqueflag ::= */
 {yymsp[1].minor.yy394 = OE_None;}
         break;
-      case 242: /* eidlist ::= eidlist COMMA nm collate sortorder */
+      case 240: /* eidlist ::= eidlist COMMA nm collate sortorder */
 {
   yymsp[-4].minor.yy322 = parserAddExprIdListTerm(pParse, yymsp[-4].minor.yy322, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy394, yymsp[0].minor.yy394);
 }
         break;
-      case 243: /* eidlist ::= nm collate sortorder */
+      case 241: /* eidlist ::= nm collate sortorder */
 {
   yymsp[-2].minor.yy322 = parserAddExprIdListTerm(pParse, 0, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy394, yymsp[0].minor.yy394); /*A-overwrites-Y*/
 }
         break;
-      case 246: /* cmd ::= DROP INDEX ifexists fullname */
+      case 244: /* cmd ::= DROP INDEX ifexists fullname */
 {sqlite3DropIndex(pParse, yymsp[0].minor.yy131, yymsp[-1].minor.yy394);}
         break;
-      case 247: /* cmd ::= VACUUM vinto */
+      case 245: /* cmd ::= VACUUM vinto */
 {sqlite3Vacuum(pParse,0,yymsp[0].minor.yy528);}
         break;
-      case 248: /* cmd ::= VACUUM nm vinto */
+      case 246: /* cmd ::= VACUUM nm vinto */
 {sqlite3Vacuum(pParse,&yymsp[-1].minor.yy0,yymsp[0].minor.yy528);}
         break;
-      case 251: /* cmd ::= PRAGMA nm dbnm */
+      case 249: /* cmd ::= PRAGMA nm dbnm */
 {sqlite3Pragma(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,0,0);}
         break;
-      case 252: /* cmd ::= PRAGMA nm dbnm EQ nmnum */
+      case 250: /* cmd ::= PRAGMA nm dbnm EQ nmnum */
 {sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,0);}
         break;
-      case 253: /* cmd ::= PRAGMA nm dbnm LP nmnum RP */
+      case 251: /* cmd ::= PRAGMA nm dbnm LP nmnum RP */
 {sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,0);}
         break;
-      case 254: /* cmd ::= PRAGMA nm dbnm EQ minus_num */
+      case 252: /* cmd ::= PRAGMA nm dbnm EQ minus_num */
 {sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,1);}
         break;
-      case 255: /* cmd ::= PRAGMA nm dbnm LP minus_num RP */
+      case 253: /* cmd ::= PRAGMA nm dbnm LP minus_num RP */
 {sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,1);}
         break;
-      case 258: /* cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+      case 256: /* cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
 {
   Token all;
   all.z = yymsp[-3].minor.yy0.z;
@@ -168207,50 +172399,50 @@ static YYACTIONTYPE yy_reduce(
   sqlite3FinishTrigger(pParse, yymsp[-1].minor.yy33, &all);
 }
         break;
-      case 259: /* trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+      case 257: /* trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
 {
   sqlite3BeginTrigger(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0, yymsp[-5].minor.yy394, yymsp[-4].minor.yy180.a, yymsp[-4].minor.yy180.b, yymsp[-2].minor.yy131, yymsp[0].minor.yy528, yymsp[-10].minor.yy394, yymsp[-8].minor.yy394);
   yymsp[-10].minor.yy0 = (yymsp[-6].minor.yy0.n==0?yymsp[-7].minor.yy0:yymsp[-6].minor.yy0); /*A-overwrites-T*/
 }
         break;
-      case 260: /* trigger_time ::= BEFORE|AFTER */
+      case 258: /* trigger_time ::= BEFORE|AFTER */
 { yymsp[0].minor.yy394 = yymsp[0].major; /*A-overwrites-X*/ }
         break;
-      case 261: /* trigger_time ::= INSTEAD OF */
+      case 259: /* trigger_time ::= INSTEAD OF */
 { yymsp[-1].minor.yy394 = TK_INSTEAD;}
         break;
-      case 262: /* trigger_time ::= */
+      case 260: /* trigger_time ::= */
 { yymsp[1].minor.yy394 = TK_BEFORE; }
         break;
-      case 263: /* trigger_event ::= DELETE|INSERT */
-      case 264: /* trigger_event ::= UPDATE */ yytestcase(yyruleno==264);
+      case 261: /* trigger_event ::= DELETE|INSERT */
+      case 262: /* trigger_event ::= UPDATE */ yytestcase(yyruleno==262);
 {yymsp[0].minor.yy180.a = yymsp[0].major; /*A-overwrites-X*/ yymsp[0].minor.yy180.b = 0;}
         break;
-      case 265: /* trigger_event ::= UPDATE OF idlist */
+      case 263: /* trigger_event ::= UPDATE OF idlist */
 {yymsp[-2].minor.yy180.a = TK_UPDATE; yymsp[-2].minor.yy180.b = yymsp[0].minor.yy254;}
         break;
-      case 266: /* when_clause ::= */
-      case 285: /* key_opt ::= */ yytestcase(yyruleno==285);
+      case 264: /* when_clause ::= */
+      case 283: /* key_opt ::= */ yytestcase(yyruleno==283);
 { yymsp[1].minor.yy528 = 0; }
         break;
-      case 267: /* when_clause ::= WHEN expr */
-      case 286: /* key_opt ::= KEY expr */ yytestcase(yyruleno==286);
+      case 265: /* when_clause ::= WHEN expr */
+      case 284: /* key_opt ::= KEY expr */ yytestcase(yyruleno==284);
 { yymsp[-1].minor.yy528 = yymsp[0].minor.yy528; }
         break;
-      case 268: /* trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+      case 266: /* trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
 {
   assert( yymsp[-2].minor.yy33!=0 );
   yymsp[-2].minor.yy33->pLast->pNext = yymsp[-1].minor.yy33;
   yymsp[-2].minor.yy33->pLast = yymsp[-1].minor.yy33;
 }
         break;
-      case 269: /* trigger_cmd_list ::= trigger_cmd SEMI */
+      case 267: /* trigger_cmd_list ::= trigger_cmd SEMI */
 {
   assert( yymsp[-1].minor.yy33!=0 );
   yymsp[-1].minor.yy33->pLast = yymsp[-1].minor.yy33;
 }
         break;
-      case 270: /* trnm ::= nm DOT nm */
+      case 268: /* trnm ::= nm DOT nm */
 {
   yymsp[-2].minor.yy0 = yymsp[0].minor.yy0;
   sqlite3ErrorMsg(pParse,
@@ -168258,39 +172450,39 @@ static YYACTIONTYPE yy_reduce(
         "statements within triggers");
 }
         break;
-      case 271: /* tridxby ::= INDEXED BY nm */
+      case 269: /* tridxby ::= INDEXED BY nm */
 {
   sqlite3ErrorMsg(pParse,
         "the INDEXED BY clause is not allowed on UPDATE or DELETE statements "
         "within triggers");
 }
         break;
-      case 272: /* tridxby ::= NOT INDEXED */
+      case 270: /* tridxby ::= NOT INDEXED */
 {
   sqlite3ErrorMsg(pParse,
         "the NOT INDEXED clause is not allowed on UPDATE or DELETE statements "
         "within triggers");
 }
         break;
-      case 273: /* trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+      case 271: /* trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
 {yylhsminor.yy33 = sqlite3TriggerUpdateStep(pParse, &yymsp[-6].minor.yy0, yymsp[-2].minor.yy131, yymsp[-3].minor.yy322, yymsp[-1].minor.yy528, yymsp[-7].minor.yy394, yymsp[-8].minor.yy0.z, yymsp[0].minor.yy522);}
   yymsp[-8].minor.yy33 = yylhsminor.yy33;
         break;
-      case 274: /* trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+      case 272: /* trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
 {
    yylhsminor.yy33 = sqlite3TriggerInsertStep(pParse,&yymsp[-4].minor.yy0,yymsp[-3].minor.yy254,yymsp[-2].minor.yy47,yymsp[-6].minor.yy394,yymsp[-1].minor.yy444,yymsp[-7].minor.yy522,yymsp[0].minor.yy522);/*yylhsminor.yy33-overwrites-yymsp[-6].minor.yy394*/
 }
   yymsp[-7].minor.yy33 = yylhsminor.yy33;
         break;
-      case 275: /* trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+      case 273: /* trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
 {yylhsminor.yy33 = sqlite3TriggerDeleteStep(pParse, &yymsp[-3].minor.yy0, yymsp[-1].minor.yy528, yymsp[-5].minor.yy0.z, yymsp[0].minor.yy522);}
   yymsp[-5].minor.yy33 = yylhsminor.yy33;
         break;
-      case 276: /* trigger_cmd ::= scanpt select scanpt */
+      case 274: /* trigger_cmd ::= scanpt select scanpt */
 {yylhsminor.yy33 = sqlite3TriggerSelectStep(pParse->db, yymsp[-1].minor.yy47, yymsp[-2].minor.yy522, yymsp[0].minor.yy522); /*yylhsminor.yy33-overwrites-yymsp[-1].minor.yy47*/}
   yymsp[-2].minor.yy33 = yylhsminor.yy33;
         break;
-      case 277: /* expr ::= RAISE LP IGNORE RP */
+      case 275: /* expr ::= RAISE LP IGNORE RP */
 {
   yymsp[-3].minor.yy528 = sqlite3PExpr(pParse, TK_RAISE, 0, 0);
   if( yymsp[-3].minor.yy528 ){
@@ -168298,7 +172490,7 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 278: /* expr ::= RAISE LP raisetype COMMA nm RP */
+      case 276: /* expr ::= RAISE LP raisetype COMMA nm RP */
 {
   yymsp[-5].minor.yy528 = sqlite3ExprAlloc(pParse->db, TK_RAISE, &yymsp[-1].minor.yy0, 1);
   if( yymsp[-5].minor.yy528 ) {
@@ -168306,118 +172498,118 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 279: /* raisetype ::= ROLLBACK */
+      case 277: /* raisetype ::= ROLLBACK */
 {yymsp[0].minor.yy394 = OE_Rollback;}
         break;
-      case 281: /* raisetype ::= FAIL */
+      case 279: /* raisetype ::= FAIL */
 {yymsp[0].minor.yy394 = OE_Fail;}
         break;
-      case 282: /* cmd ::= DROP TRIGGER ifexists fullname */
+      case 280: /* cmd ::= DROP TRIGGER ifexists fullname */
 {
   sqlite3DropTrigger(pParse,yymsp[0].minor.yy131,yymsp[-1].minor.yy394);
 }
         break;
-      case 283: /* cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+      case 281: /* cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
 {
   sqlite3Attach(pParse, yymsp[-3].minor.yy528, yymsp[-1].minor.yy528, yymsp[0].minor.yy528);
 }
         break;
-      case 284: /* cmd ::= DETACH database_kw_opt expr */
+      case 282: /* cmd ::= DETACH database_kw_opt expr */
 {
   sqlite3Detach(pParse, yymsp[0].minor.yy528);
 }
         break;
-      case 287: /* cmd ::= REINDEX */
+      case 285: /* cmd ::= REINDEX */
 {sqlite3Reindex(pParse, 0, 0);}
         break;
-      case 288: /* cmd ::= REINDEX nm dbnm */
+      case 286: /* cmd ::= REINDEX nm dbnm */
 {sqlite3Reindex(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
         break;
-      case 289: /* cmd ::= ANALYZE */
+      case 287: /* cmd ::= ANALYZE */
 {sqlite3Analyze(pParse, 0, 0);}
         break;
-      case 290: /* cmd ::= ANALYZE nm dbnm */
+      case 288: /* cmd ::= ANALYZE nm dbnm */
 {sqlite3Analyze(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
         break;
-      case 291: /* cmd ::= ALTER TABLE fullname RENAME TO nm */
+      case 289: /* cmd ::= ALTER TABLE fullname RENAME TO nm */
 {
   sqlite3AlterRenameTable(pParse,yymsp[-3].minor.yy131,&yymsp[0].minor.yy0);
 }
         break;
-      case 292: /* cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+      case 290: /* cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
 {
   yymsp[-1].minor.yy0.n = (int)(pParse->sLastToken.z-yymsp[-1].minor.yy0.z) + pParse->sLastToken.n;
   sqlite3AlterFinishAddColumn(pParse, &yymsp[-1].minor.yy0);
 }
         break;
-      case 293: /* cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+      case 291: /* cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
 {
   sqlite3AlterDropColumn(pParse, yymsp[-3].minor.yy131, &yymsp[0].minor.yy0);
 }
         break;
-      case 294: /* add_column_fullname ::= fullname */
+      case 292: /* add_column_fullname ::= fullname */
 {
   disableLookaside(pParse);
   sqlite3AlterBeginAddColumn(pParse, yymsp[0].minor.yy131);
 }
         break;
-      case 295: /* cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+      case 293: /* cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
 {
   sqlite3AlterRenameColumn(pParse, yymsp[-5].minor.yy131, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0);
 }
         break;
-      case 296: /* cmd ::= create_vtab */
+      case 294: /* cmd ::= create_vtab */
 {sqlite3VtabFinishParse(pParse,0);}
         break;
-      case 297: /* cmd ::= create_vtab LP vtabarglist RP */
+      case 295: /* cmd ::= create_vtab LP vtabarglist RP */
 {sqlite3VtabFinishParse(pParse,&yymsp[0].minor.yy0);}
         break;
-      case 298: /* create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+      case 296: /* create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
 {
     sqlite3VtabBeginParse(pParse, &yymsp[-3].minor.yy0, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0, yymsp[-4].minor.yy394);
 }
         break;
-      case 299: /* vtabarg ::= */
+      case 297: /* vtabarg ::= */
 {sqlite3VtabArgInit(pParse);}
         break;
-      case 300: /* vtabargtoken ::= ANY */
-      case 301: /* vtabargtoken ::= lp anylist RP */ yytestcase(yyruleno==301);
-      case 302: /* lp ::= LP */ yytestcase(yyruleno==302);
+      case 298: /* vtabargtoken ::= ANY */
+      case 299: /* vtabargtoken ::= lp anylist RP */ yytestcase(yyruleno==299);
+      case 300: /* lp ::= LP */ yytestcase(yyruleno==300);
 {sqlite3VtabArgExtend(pParse,&yymsp[0].minor.yy0);}
         break;
-      case 303: /* with ::= WITH wqlist */
-      case 304: /* with ::= WITH RECURSIVE wqlist */ yytestcase(yyruleno==304);
+      case 301: /* with ::= WITH wqlist */
+      case 302: /* with ::= WITH RECURSIVE wqlist */ yytestcase(yyruleno==302);
 { sqlite3WithPush(pParse, yymsp[0].minor.yy521, 1); }
         break;
-      case 305: /* wqas ::= AS */
+      case 303: /* wqas ::= AS */
 {yymsp[0].minor.yy516 = M10d_Any;}
         break;
-      case 306: /* wqas ::= AS MATERIALIZED */
+      case 304: /* wqas ::= AS MATERIALIZED */
 {yymsp[-1].minor.yy516 = M10d_Yes;}
         break;
-      case 307: /* wqas ::= AS NOT MATERIALIZED */
+      case 305: /* wqas ::= AS NOT MATERIALIZED */
 {yymsp[-2].minor.yy516 = M10d_No;}
         break;
-      case 308: /* wqitem ::= nm eidlist_opt wqas LP select RP */
+      case 306: /* wqitem ::= nm eidlist_opt wqas LP select RP */
 {
   yymsp[-5].minor.yy385 = sqlite3CteNew(pParse, &yymsp[-5].minor.yy0, yymsp[-4].minor.yy322, yymsp[-1].minor.yy47, yymsp[-3].minor.yy516); /*A-overwrites-X*/
 }
         break;
-      case 309: /* wqlist ::= wqitem */
+      case 307: /* wqlist ::= wqitem */
 {
   yymsp[0].minor.yy521 = sqlite3WithAdd(pParse, 0, yymsp[0].minor.yy385); /*A-overwrites-X*/
 }
         break;
-      case 310: /* wqlist ::= wqlist COMMA wqitem */
+      case 308: /* wqlist ::= wqlist COMMA wqitem */
 {
   yymsp[-2].minor.yy521 = sqlite3WithAdd(pParse, yymsp[-2].minor.yy521, yymsp[0].minor.yy385);
 }
         break;
-      case 311: /* windowdefn_list ::= windowdefn */
+      case 309: /* windowdefn_list ::= windowdefn */
 { yylhsminor.yy41 = yymsp[0].minor.yy41; }
   yymsp[0].minor.yy41 = yylhsminor.yy41;
         break;
-      case 312: /* windowdefn_list ::= windowdefn_list COMMA windowdefn */
+      case 310: /* windowdefn_list ::= windowdefn_list COMMA windowdefn */
 {
   assert( yymsp[0].minor.yy41!=0 );
   sqlite3WindowChain(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy41);
@@ -168426,7 +172618,7 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-2].minor.yy41 = yylhsminor.yy41;
         break;
-      case 313: /* windowdefn ::= nm AS LP window RP */
+      case 311: /* windowdefn ::= nm AS LP window RP */
 {
   if( ALWAYS(yymsp[-1].minor.yy41) ){
     yymsp[-1].minor.yy41->zName = sqlite3DbStrNDup(pParse->db, yymsp[-4].minor.yy0.z, yymsp[-4].minor.yy0.n);
@@ -168435,90 +172627,90 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-4].minor.yy41 = yylhsminor.yy41;
         break;
-      case 314: /* window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+      case 312: /* window ::= PARTITION BY nexprlist orderby_opt frame_opt */
 {
   yymsp[-4].minor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy322, yymsp[-1].minor.yy322, 0);
 }
         break;
-      case 315: /* window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+      case 313: /* window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
 {
   yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy322, yymsp[-1].minor.yy322, &yymsp[-5].minor.yy0);
 }
   yymsp[-5].minor.yy41 = yylhsminor.yy41;
         break;
-      case 316: /* window ::= ORDER BY sortlist frame_opt */
+      case 314: /* window ::= ORDER BY sortlist frame_opt */
 {
   yymsp[-3].minor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, yymsp[-1].minor.yy322, 0);
 }
         break;
-      case 317: /* window ::= nm ORDER BY sortlist frame_opt */
+      case 315: /* window ::= nm ORDER BY sortlist frame_opt */
 {
   yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, yymsp[-1].minor.yy322, &yymsp[-4].minor.yy0);
 }
   yymsp[-4].minor.yy41 = yylhsminor.yy41;
         break;
-      case 318: /* window ::= frame_opt */
-      case 337: /* filter_over ::= over_clause */ yytestcase(yyruleno==337);
+      case 316: /* window ::= frame_opt */
+      case 335: /* filter_over ::= over_clause */ yytestcase(yyruleno==335);
 {
   yylhsminor.yy41 = yymsp[0].minor.yy41;
 }
   yymsp[0].minor.yy41 = yylhsminor.yy41;
         break;
-      case 319: /* window ::= nm frame_opt */
+      case 317: /* window ::= nm frame_opt */
 {
   yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, 0, &yymsp[-1].minor.yy0);
 }
   yymsp[-1].minor.yy41 = yylhsminor.yy41;
         break;
-      case 320: /* frame_opt ::= */
+      case 318: /* frame_opt ::= */
 {
   yymsp[1].minor.yy41 = sqlite3WindowAlloc(pParse, 0, TK_UNBOUNDED, 0, TK_CURRENT, 0, 0);
 }
         break;
-      case 321: /* frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
+      case 319: /* frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
 {
   yylhsminor.yy41 = sqlite3WindowAlloc(pParse, yymsp[-2].minor.yy394, yymsp[-1].minor.yy595.eType, yymsp[-1].minor.yy595.pExpr, TK_CURRENT, 0, yymsp[0].minor.yy516);
 }
   yymsp[-2].minor.yy41 = yylhsminor.yy41;
         break;
-      case 322: /* frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
+      case 320: /* frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
 {
   yylhsminor.yy41 = sqlite3WindowAlloc(pParse, yymsp[-5].minor.yy394, yymsp[-3].minor.yy595.eType, yymsp[-3].minor.yy595.pExpr, yymsp[-1].minor.yy595.eType, yymsp[-1].minor.yy595.pExpr, yymsp[0].minor.yy516);
 }
   yymsp[-5].minor.yy41 = yylhsminor.yy41;
         break;
-      case 324: /* frame_bound_s ::= frame_bound */
-      case 326: /* frame_bound_e ::= frame_bound */ yytestcase(yyruleno==326);
+      case 322: /* frame_bound_s ::= frame_bound */
+      case 324: /* frame_bound_e ::= frame_bound */ yytestcase(yyruleno==324);
 {yylhsminor.yy595 = yymsp[0].minor.yy595;}
   yymsp[0].minor.yy595 = yylhsminor.yy595;
         break;
-      case 325: /* frame_bound_s ::= UNBOUNDED PRECEDING */
-      case 327: /* frame_bound_e ::= UNBOUNDED FOLLOWING */ yytestcase(yyruleno==327);
-      case 329: /* frame_bound ::= CURRENT ROW */ yytestcase(yyruleno==329);
+      case 323: /* frame_bound_s ::= UNBOUNDED PRECEDING */
+      case 325: /* frame_bound_e ::= UNBOUNDED FOLLOWING */ yytestcase(yyruleno==325);
+      case 327: /* frame_bound ::= CURRENT ROW */ yytestcase(yyruleno==327);
 {yylhsminor.yy595.eType = yymsp[-1].major; yylhsminor.yy595.pExpr = 0;}
   yymsp[-1].minor.yy595 = yylhsminor.yy595;
         break;
-      case 328: /* frame_bound ::= expr PRECEDING|FOLLOWING */
+      case 326: /* frame_bound ::= expr PRECEDING|FOLLOWING */
 {yylhsminor.yy595.eType = yymsp[0].major; yylhsminor.yy595.pExpr = yymsp[-1].minor.yy528;}
   yymsp[-1].minor.yy595 = yylhsminor.yy595;
         break;
-      case 330: /* frame_exclude_opt ::= */
+      case 328: /* frame_exclude_opt ::= */
 {yymsp[1].minor.yy516 = 0;}
         break;
-      case 331: /* frame_exclude_opt ::= EXCLUDE frame_exclude */
+      case 329: /* frame_exclude_opt ::= EXCLUDE frame_exclude */
 {yymsp[-1].minor.yy516 = yymsp[0].minor.yy516;}
         break;
-      case 332: /* frame_exclude ::= NO OTHERS */
-      case 333: /* frame_exclude ::= CURRENT ROW */ yytestcase(yyruleno==333);
+      case 330: /* frame_exclude ::= NO OTHERS */
+      case 331: /* frame_exclude ::= CURRENT ROW */ yytestcase(yyruleno==331);
 {yymsp[-1].minor.yy516 = yymsp[-1].major; /*A-overwrites-X*/}
         break;
-      case 334: /* frame_exclude ::= GROUP|TIES */
+      case 332: /* frame_exclude ::= GROUP|TIES */
 {yymsp[0].minor.yy516 = yymsp[0].major; /*A-overwrites-X*/}
         break;
-      case 335: /* window_clause ::= WINDOW windowdefn_list */
+      case 333: /* window_clause ::= WINDOW windowdefn_list */
 { yymsp[-1].minor.yy41 = yymsp[0].minor.yy41; }
         break;
-      case 336: /* filter_over ::= filter_clause over_clause */
+      case 334: /* filter_over ::= filter_clause over_clause */
 {
   if( yymsp[0].minor.yy41 ){
     yymsp[0].minor.yy41->pFilter = yymsp[-1].minor.yy528;
@@ -168529,7 +172721,7 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-1].minor.yy41 = yylhsminor.yy41;
         break;
-      case 338: /* filter_over ::= filter_clause */
+      case 336: /* filter_over ::= filter_clause */
 {
   yylhsminor.yy41 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
   if( yylhsminor.yy41 ){
@@ -168541,13 +172733,13 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[0].minor.yy41 = yylhsminor.yy41;
         break;
-      case 339: /* over_clause ::= OVER LP window RP */
+      case 337: /* over_clause ::= OVER LP window RP */
 {
   yymsp[-3].minor.yy41 = yymsp[-1].minor.yy41;
   assert( yymsp[-3].minor.yy41!=0 );
 }
         break;
-      case 340: /* over_clause ::= OVER nm */
+      case 338: /* over_clause ::= OVER nm */
 {
   yymsp[-1].minor.yy41 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
   if( yymsp[-1].minor.yy41 ){
@@ -168555,73 +172747,73 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 341: /* filter_clause ::= FILTER LP WHERE expr RP */
+      case 339: /* filter_clause ::= FILTER LP WHERE expr RP */
 { yymsp[-4].minor.yy528 = yymsp[-1].minor.yy528; }
         break;
       default:
-      /* (342) input ::= cmdlist */ yytestcase(yyruleno==342);
-      /* (343) cmdlist ::= cmdlist ecmd */ yytestcase(yyruleno==343);
-      /* (344) cmdlist ::= ecmd (OPTIMIZED OUT) */ assert(yyruleno!=344);
-      /* (345) ecmd ::= SEMI */ yytestcase(yyruleno==345);
-      /* (346) ecmd ::= cmdx SEMI */ yytestcase(yyruleno==346);
-      /* (347) ecmd ::= explain cmdx SEMI (NEVER REDUCES) */ assert(yyruleno!=347);
-      /* (348) trans_opt ::= */ yytestcase(yyruleno==348);
-      /* (349) trans_opt ::= TRANSACTION */ yytestcase(yyruleno==349);
-      /* (350) trans_opt ::= TRANSACTION nm */ yytestcase(yyruleno==350);
-      /* (351) savepoint_opt ::= SAVEPOINT */ yytestcase(yyruleno==351);
-      /* (352) savepoint_opt ::= */ yytestcase(yyruleno==352);
-      /* (353) cmd ::= create_table create_table_args */ yytestcase(yyruleno==353);
-      /* (354) table_option_set ::= table_option (OPTIMIZED OUT) */ assert(yyruleno!=354);
-      /* (355) columnlist ::= columnlist COMMA columnname carglist */ yytestcase(yyruleno==355);
-      /* (356) columnlist ::= columnname carglist */ yytestcase(yyruleno==356);
-      /* (357) nm ::= ID|INDEXED */ yytestcase(yyruleno==357);
-      /* (358) nm ::= STRING */ yytestcase(yyruleno==358);
-      /* (359) nm ::= JOIN_KW */ yytestcase(yyruleno==359);
-      /* (360) typetoken ::= typename */ yytestcase(yyruleno==360);
-      /* (361) typename ::= ID|STRING */ yytestcase(yyruleno==361);
-      /* (362) signed ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=362);
-      /* (363) signed ::= minus_num (OPTIMIZED OUT) */ assert(yyruleno!=363);
-      /* (364) carglist ::= carglist ccons */ yytestcase(yyruleno==364);
-      /* (365) carglist ::= */ yytestcase(yyruleno==365);
-      /* (366) ccons ::= NULL onconf */ yytestcase(yyruleno==366);
-      /* (367) ccons ::= GENERATED ALWAYS AS generated */ yytestcase(yyruleno==367);
-      /* (368) ccons ::= AS generated */ yytestcase(yyruleno==368);
-      /* (369) conslist_opt ::= COMMA conslist */ yytestcase(yyruleno==369);
-      /* (370) conslist ::= conslist tconscomma tcons */ yytestcase(yyruleno==370);
-      /* (371) conslist ::= tcons (OPTIMIZED OUT) */ assert(yyruleno!=371);
-      /* (372) tconscomma ::= */ yytestcase(yyruleno==372);
-      /* (373) defer_subclause_opt ::= defer_subclause (OPTIMIZED OUT) */ assert(yyruleno!=373);
-      /* (374) resolvetype ::= raisetype (OPTIMIZED OUT) */ assert(yyruleno!=374);
-      /* (375) selectnowith ::= oneselect (OPTIMIZED OUT) */ assert(yyruleno!=375);
-      /* (376) oneselect ::= values */ yytestcase(yyruleno==376);
-      /* (377) sclp ::= selcollist COMMA */ yytestcase(yyruleno==377);
-      /* (378) as ::= ID|STRING */ yytestcase(yyruleno==378);
-      /* (379) indexed_opt ::= indexed_by (OPTIMIZED OUT) */ assert(yyruleno!=379);
-      /* (380) returning ::= */ yytestcase(yyruleno==380);
-      /* (381) expr ::= term (OPTIMIZED OUT) */ assert(yyruleno!=381);
-      /* (382) likeop ::= LIKE_KW|MATCH */ yytestcase(yyruleno==382);
-      /* (383) exprlist ::= nexprlist */ yytestcase(yyruleno==383);
-      /* (384) nmnum ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=384);
-      /* (385) nmnum ::= nm (OPTIMIZED OUT) */ assert(yyruleno!=385);
-      /* (386) nmnum ::= ON */ yytestcase(yyruleno==386);
-      /* (387) nmnum ::= DELETE */ yytestcase(yyruleno==387);
-      /* (388) nmnum ::= DEFAULT */ yytestcase(yyruleno==388);
-      /* (389) plus_num ::= INTEGER|FLOAT */ yytestcase(yyruleno==389);
-      /* (390) foreach_clause ::= */ yytestcase(yyruleno==390);
-      /* (391) foreach_clause ::= FOR EACH ROW */ yytestcase(yyruleno==391);
-      /* (392) trnm ::= nm */ yytestcase(yyruleno==392);
-      /* (393) tridxby ::= */ yytestcase(yyruleno==393);
-      /* (394) database_kw_opt ::= DATABASE */ yytestcase(yyruleno==394);
-      /* (395) database_kw_opt ::= */ yytestcase(yyruleno==395);
-      /* (396) kwcolumn_opt ::= */ yytestcase(yyruleno==396);
-      /* (397) kwcolumn_opt ::= COLUMNKW */ yytestcase(yyruleno==397);
-      /* (398) vtabarglist ::= vtabarg */ yytestcase(yyruleno==398);
-      /* (399) vtabarglist ::= vtabarglist COMMA vtabarg */ yytestcase(yyruleno==399);
-      /* (400) vtabarg ::= vtabarg vtabargtoken */ yytestcase(yyruleno==400);
-      /* (401) anylist ::= */ yytestcase(yyruleno==401);
-      /* (402) anylist ::= anylist LP anylist RP */ yytestcase(yyruleno==402);
-      /* (403) anylist ::= anylist ANY */ yytestcase(yyruleno==403);
-      /* (404) with ::= */ yytestcase(yyruleno==404);
+      /* (340) input ::= cmdlist */ yytestcase(yyruleno==340);
+      /* (341) cmdlist ::= cmdlist ecmd */ yytestcase(yyruleno==341);
+      /* (342) cmdlist ::= ecmd (OPTIMIZED OUT) */ assert(yyruleno!=342);
+      /* (343) ecmd ::= SEMI */ yytestcase(yyruleno==343);
+      /* (344) ecmd ::= cmdx SEMI */ yytestcase(yyruleno==344);
+      /* (345) ecmd ::= explain cmdx SEMI (NEVER REDUCES) */ assert(yyruleno!=345);
+      /* (346) trans_opt ::= */ yytestcase(yyruleno==346);
+      /* (347) trans_opt ::= TRANSACTION */ yytestcase(yyruleno==347);
+      /* (348) trans_opt ::= TRANSACTION nm */ yytestcase(yyruleno==348);
+      /* (349) savepoint_opt ::= SAVEPOINT */ yytestcase(yyruleno==349);
+      /* (350) savepoint_opt ::= */ yytestcase(yyruleno==350);
+      /* (351) cmd ::= create_table create_table_args */ yytestcase(yyruleno==351);
+      /* (352) table_option_set ::= table_option (OPTIMIZED OUT) */ assert(yyruleno!=352);
+      /* (353) columnlist ::= columnlist COMMA columnname carglist */ yytestcase(yyruleno==353);
+      /* (354) columnlist ::= columnname carglist */ yytestcase(yyruleno==354);
+      /* (355) nm ::= ID|INDEXED|JOIN_KW */ yytestcase(yyruleno==355);
+      /* (356) nm ::= STRING */ yytestcase(yyruleno==356);
+      /* (357) typetoken ::= typename */ yytestcase(yyruleno==357);
+      /* (358) typename ::= ID|STRING */ yytestcase(yyruleno==358);
+      /* (359) signed ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=359);
+      /* (360) signed ::= minus_num (OPTIMIZED OUT) */ assert(yyruleno!=360);
+      /* (361) carglist ::= carglist ccons */ yytestcase(yyruleno==361);
+      /* (362) carglist ::= */ yytestcase(yyruleno==362);
+      /* (363) ccons ::= NULL onconf */ yytestcase(yyruleno==363);
+      /* (364) ccons ::= GENERATED ALWAYS AS generated */ yytestcase(yyruleno==364);
+      /* (365) ccons ::= AS generated */ yytestcase(yyruleno==365);
+      /* (366) conslist_opt ::= COMMA conslist */ yytestcase(yyruleno==366);
+      /* (367) conslist ::= conslist tconscomma tcons */ yytestcase(yyruleno==367);
+      /* (368) conslist ::= tcons (OPTIMIZED OUT) */ assert(yyruleno!=368);
+      /* (369) tconscomma ::= */ yytestcase(yyruleno==369);
+      /* (370) defer_subclause_opt ::= defer_subclause (OPTIMIZED OUT) */ assert(yyruleno!=370);
+      /* (371) resolvetype ::= raisetype (OPTIMIZED OUT) */ assert(yyruleno!=371);
+      /* (372) selectnowith ::= oneselect (OPTIMIZED OUT) */ assert(yyruleno!=372);
+      /* (373) oneselect ::= values */ yytestcase(yyruleno==373);
+      /* (374) sclp ::= selcollist COMMA */ yytestcase(yyruleno==374);
+      /* (375) as ::= ID|STRING */ yytestcase(yyruleno==375);
+      /* (376) indexed_opt ::= indexed_by (OPTIMIZED OUT) */ assert(yyruleno!=376);
+      /* (377) returning ::= */ yytestcase(yyruleno==377);
+      /* (378) expr ::= term (OPTIMIZED OUT) */ assert(yyruleno!=378);
+      /* (379) likeop ::= LIKE_KW|MATCH */ yytestcase(yyruleno==379);
+      /* (380) case_operand ::= expr */ yytestcase(yyruleno==380);
+      /* (381) exprlist ::= nexprlist */ yytestcase(yyruleno==381);
+      /* (382) nmnum ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=382);
+      /* (383) nmnum ::= nm (OPTIMIZED OUT) */ assert(yyruleno!=383);
+      /* (384) nmnum ::= ON */ yytestcase(yyruleno==384);
+      /* (385) nmnum ::= DELETE */ yytestcase(yyruleno==385);
+      /* (386) nmnum ::= DEFAULT */ yytestcase(yyruleno==386);
+      /* (387) plus_num ::= INTEGER|FLOAT */ yytestcase(yyruleno==387);
+      /* (388) foreach_clause ::= */ yytestcase(yyruleno==388);
+      /* (389) foreach_clause ::= FOR EACH ROW */ yytestcase(yyruleno==389);
+      /* (390) trnm ::= nm */ yytestcase(yyruleno==390);
+      /* (391) tridxby ::= */ yytestcase(yyruleno==391);
+      /* (392) database_kw_opt ::= DATABASE */ yytestcase(yyruleno==392);
+      /* (393) database_kw_opt ::= */ yytestcase(yyruleno==393);
+      /* (394) kwcolumn_opt ::= */ yytestcase(yyruleno==394);
+      /* (395) kwcolumn_opt ::= COLUMNKW */ yytestcase(yyruleno==395);
+      /* (396) vtabarglist ::= vtabarg */ yytestcase(yyruleno==396);
+      /* (397) vtabarglist ::= vtabarglist COMMA vtabarg */ yytestcase(yyruleno==397);
+      /* (398) vtabarg ::= vtabarg vtabargtoken */ yytestcase(yyruleno==398);
+      /* (399) anylist ::= */ yytestcase(yyruleno==399);
+      /* (400) anylist ::= anylist LP anylist RP */ yytestcase(yyruleno==400);
+      /* (401) anylist ::= anylist ANY */ yytestcase(yyruleno==401);
+      /* (402) with ::= */ yytestcase(yyruleno==402);
         break;
 /********** End reduce actions ************************************************/
   };
@@ -169197,7 +173389,7 @@ static const unsigned char aKWHash[127] = {
 /* aKWNext[] forms the hash collision chain.  If aKWHash[i]==0
 ** then the i-th keyword has no more hash collisions.  Otherwise,
 ** the next keyword with the same hash is aKWHash[i]-1. */
-static const unsigned char aKWNext[147] = {
+static const unsigned char aKWNext[148] = {0,
      0,   0,   0,   0,   4,   0,  43,   0,   0, 106, 114,   0,   0,
      0,   2,   0,   0, 143,   0,   0,   0,  13,   0,   0,   0,   0,
    141,   0,   0, 119,  52,   0,   0, 137,  12,   0,   0,  62,   0,
@@ -169212,7 +173404,7 @@ static const unsigned char aKWNext[147] = {
    102,   0,   0,  87,
 };
 /* aKWLen[i] is the length (in bytes) of the i-th keyword */
-static const unsigned char aKWLen[147] = {
+static const unsigned char aKWLen[148] = {0,
      7,   7,   5,   4,   6,   4,   5,   3,   6,   7,   3,   6,   6,
      7,   7,   3,   8,   2,   6,   5,   4,   4,   3,  10,   4,   7,
      6,   9,   4,   2,   6,   5,   9,   9,   4,   7,   3,   2,   4,
@@ -169228,7 +173420,7 @@ static const unsigned char aKWLen[147] = {
 };
 /* aKWOffset[i] is the index into zKWText[] of the start of
 ** the text for the i-th keyword. */
-static const unsigned short int aKWOffset[147] = {
+static const unsigned short int aKWOffset[148] = {0,
      0,   2,   2,   8,   9,  14,  16,  20,  23,  25,  25,  29,  33,
     36,  41,  46,  48,  53,  54,  59,  62,  65,  67,  69,  78,  81,
     86,  90,  90,  94,  99, 101, 105, 111, 119, 123, 123, 123, 126,
@@ -169243,7 +173435,7 @@ static const unsigned short int aKWOffset[147] = {
    648, 650, 655, 659,
 };
 /* aKWCode[i] is the parser symbol code for the i-th keyword */
-static const unsigned char aKWCode[147] = {
+static const unsigned char aKWCode[148] = {0,
   TK_REINDEX,    TK_INDEXED,    TK_INDEX,      TK_DESC,       TK_ESCAPE,
   TK_EACH,       TK_CHECK,      TK_KEY,        TK_BEFORE,     TK_FOREIGN,
   TK_FOR,        TK_IGNORE,     TK_LIKE_KW,    TK_EXPLAIN,    TK_INSTEAD,
@@ -169412,7 +173604,7 @@ static int keywordCode(const char *z, int n, int *pType){
   const char *zKW;
   if( n>=2 ){
     i = ((charMap(z[0])*4) ^ (charMap(z[n-1])*3) ^ n*1) % 127;
-    for(i=((int)aKWHash[i])-1; i>=0; i=((int)aKWNext[i])-1){
+    for(i=(int)aKWHash[i]; i>0; i=aKWNext[i]){
       if( aKWLen[i]!=n ) continue;
       zKW = &zKWText[aKWOffset[i]];
 #ifdef SQLITE_ASCII
@@ -169428,153 +173620,153 @@ static int keywordCode(const char *z, int n, int *pType){
       while( j=SQLITE_N_KEYWORD ) return SQLITE_ERROR;
+  i++;
   *pzName = zKWText + aKWOffset[i];
   *pnName = aKWLen[i];
   return SQLITE_OK;
@@ -170165,7 +174358,7 @@ SQLITE_PRIVATE int sqlite3RunParser(Parse *pParse, const char *zSql){
   if( pParse->pNewTrigger && !IN_RENAME_OBJECT ){
     sqlite3DeleteTrigger(db, pParse->pNewTrigger);
   }
-  if( pParse->pVList ) sqlite3DbFreeNN(db, pParse->pVList);
+  if( pParse->pVList ) sqlite3DbNNFreeNN(db, pParse->pVList);
   db->pParse = pParentParse;
   assert( nErr==0 || pParse->rc!=SQLITE_OK );
   return nErr;
@@ -171127,9 +175320,21 @@ SQLITE_API int sqlite3_config(int op, ...){
   va_list ap;
   int rc = SQLITE_OK;
 
-  /* sqlite3_config() shall return SQLITE_MISUSE if it is invoked while
-  ** the SQLite library is in use. */
-  if( sqlite3GlobalConfig.isInit ) return SQLITE_MISUSE_BKPT;
+  /* sqlite3_config() normally returns SQLITE_MISUSE if it is invoked while
+  ** the SQLite library is in use.  Except, a few selected opcodes
+  ** are allowed.
+  */
+  if( sqlite3GlobalConfig.isInit ){
+    static const u64 mAnytimeConfigOption = 0
+       | MASKBIT64( SQLITE_CONFIG_LOG )
+       | MASKBIT64( SQLITE_CONFIG_PCACHE_HDRSZ )
+    ;
+    if( op<0 || op>63 || (MASKBIT64(op) & mAnytimeConfigOption)==0 ){
+      return SQLITE_MISUSE_BKPT;
+    }
+    testcase( op==SQLITE_CONFIG_LOG );
+    testcase( op==SQLITE_CONFIG_PCACHE_HDRSZ );
+  }
 
   va_start(ap, op);
   switch( op ){
@@ -171198,6 +175403,7 @@ SQLITE_API int sqlite3_config(int op, ...){
       break;
     }
     case SQLITE_CONFIG_MEMSTATUS: {
+      assert( !sqlite3GlobalConfig.isInit );  /* Cannot change at runtime */
       /* EVIDENCE-OF: R-61275-35157 The SQLITE_CONFIG_MEMSTATUS option takes
       ** single argument of type int, interpreted as a boolean, which enables
       ** or disables the collection of memory allocation statistics. */
@@ -171321,8 +175527,10 @@ SQLITE_API int sqlite3_config(int op, ...){
       ** sqlite3GlobalConfig.xLog = va_arg(ap, void(*)(void*,int,const char*));
       */
       typedef void(*LOGFUNC_t)(void*,int,const char*);
-      sqlite3GlobalConfig.xLog = va_arg(ap, LOGFUNC_t);
-      sqlite3GlobalConfig.pLogArg = va_arg(ap, void*);
+      LOGFUNC_t xLog = va_arg(ap, LOGFUNC_t);
+      void *pLogArg = va_arg(ap, void*);
+      AtomicStore(&sqlite3GlobalConfig.xLog, xLog);
+      AtomicStore(&sqlite3GlobalConfig.pLogArg, pLogArg);
       break;
     }
 
@@ -171336,7 +175544,8 @@ SQLITE_API int sqlite3_config(int op, ...){
       ** argument of type int. If non-zero, then URI handling is globally
       ** enabled. If the parameter is zero, then URI handling is globally
       ** disabled. */
-      sqlite3GlobalConfig.bOpenUri = va_arg(ap, int);
+      int bOpenUri = va_arg(ap, int);
+      AtomicStore(&sqlite3GlobalConfig.bOpenUri, bOpenUri);
       break;
     }
 
@@ -171521,18 +175730,19 @@ static int setupLookaside(sqlite3 *db, void *pBuf, int sz, int cnt){
     db->lookaside.bMalloced = pBuf==0 ?1:0;
     db->lookaside.nSlot = nBig+nSm;
   }else{
-    db->lookaside.pStart = db;
+    db->lookaside.pStart = 0;
 #ifndef SQLITE_OMIT_TWOSIZE_LOOKASIDE
     db->lookaside.pSmallInit = 0;
     db->lookaside.pSmallFree = 0;
-    db->lookaside.pMiddle = db;
+    db->lookaside.pMiddle = 0;
 #endif /* SQLITE_OMIT_TWOSIZE_LOOKASIDE */
-    db->lookaside.pEnd = db;
+    db->lookaside.pEnd = 0;
     db->lookaside.bDisable = 1;
     db->lookaside.sz = 0;
     db->lookaside.bMalloced = 0;
     db->lookaside.nSlot = 0;
   }
+  db->lookaside.pTrueEnd = db->lookaside.pEnd;
   assert( sqlite3LookasideUsed(db,0)==0 );
 #endif /* SQLITE_OMIT_LOOKASIDE */
   return SQLITE_OK;
@@ -171611,6 +175821,7 @@ SQLITE_API int sqlite3_db_cacheflush(sqlite3 *db){
 SQLITE_API int sqlite3_db_config(sqlite3 *db, int op, ...){
   va_list ap;
   int rc;
+  sqlite3_mutex_enter(db->mutex);
   va_start(ap, op);
   switch( op ){
     case SQLITE_DBCONFIG_MAINDBNAME: {
@@ -171649,6 +175860,8 @@ SQLITE_API int sqlite3_db_config(sqlite3 *db, int op, ...){
         { SQLITE_DBCONFIG_DQS_DML,               SQLITE_DqsDML         },
         { SQLITE_DBCONFIG_LEGACY_FILE_FORMAT,    SQLITE_LegacyFileFmt  },
         { SQLITE_DBCONFIG_TRUSTED_SCHEMA,        SQLITE_TrustedSchema  },
+        { SQLITE_DBCONFIG_STMT_SCANSTATUS,       SQLITE_StmtScanStatus },
+        { SQLITE_DBCONFIG_REVERSE_SCANORDER,     SQLITE_ReverseOrder   },
       };
       unsigned int i;
       rc = SQLITE_ERROR; /* IMP: R-42790-23372 */
@@ -171676,6 +175889,7 @@ SQLITE_API int sqlite3_db_config(sqlite3 *db, int op, ...){
     }
   }
   va_end(ap);
+  sqlite3_mutex_leave(db->mutex);
   return rc;
 }
 
@@ -172260,6 +176474,7 @@ SQLITE_PRIVATE const char *sqlite3ErrName(int rc){
       case SQLITE_NOTICE_RECOVER_WAL: zName = "SQLITE_NOTICE_RECOVER_WAL";break;
       case SQLITE_NOTICE_RECOVER_ROLLBACK:
                                 zName = "SQLITE_NOTICE_RECOVER_ROLLBACK"; break;
+      case SQLITE_NOTICE_RBU:         zName = "SQLITE_NOTICE_RBU"; break;
       case SQLITE_WARNING:            zName = "SQLITE_WARNING";           break;
       case SQLITE_WARNING_AUTOINDEX:  zName = "SQLITE_WARNING_AUTOINDEX"; break;
       case SQLITE_DONE:               zName = "SQLITE_DONE";              break;
@@ -172489,7 +176704,9 @@ SQLITE_API int sqlite3_busy_timeout(sqlite3 *db, int ms){
 */
 SQLITE_API void sqlite3_interrupt(sqlite3 *db){
 #ifdef SQLITE_ENABLE_API_ARMOR
-  if( !sqlite3SafetyCheckOk(db) && (db==0 || db->eOpenState!=SQLITE_STATE_ZOMBIE) ){
+  if( !sqlite3SafetyCheckOk(db)
+   && (db==0 || db->eOpenState!=SQLITE_STATE_ZOMBIE)
+  ){
     (void)SQLITE_MISUSE_BKPT;
     return;
   }
@@ -172497,6 +176714,21 @@ SQLITE_API void sqlite3_interrupt(sqlite3 *db){
   AtomicStore(&db->u1.isInterrupted, 1);
 }
 
+/*
+** Return true or false depending on whether or not an interrupt is
+** pending on connection db.
+*/
+SQLITE_API int sqlite3_is_interrupted(sqlite3 *db){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( !sqlite3SafetyCheckOk(db)
+   && (db==0 || db->eOpenState!=SQLITE_STATE_ZOMBIE)
+  ){
+    (void)SQLITE_MISUSE_BKPT;
+    return 0;
+  }
+#endif
+  return AtomicLoad(&db->u1.isInterrupted)!=0;
+}
 
 /*
 ** This function is exactly the same as sqlite3_create_function(), except
@@ -172541,7 +176773,7 @@ SQLITE_PRIVATE int sqlite3CreateFunc(
   /* The SQLITE_INNOCUOUS flag is the same bit as SQLITE_FUNC_UNSAFE.  But
   ** the meaning is inverted.  So flip the bit. */
   assert( SQLITE_FUNC_UNSAFE==SQLITE_INNOCUOUS );
-  extraFlags ^= SQLITE_FUNC_UNSAFE;
+  extraFlags ^= SQLITE_FUNC_UNSAFE;  /* tag-20230109-1 */
 
 
 #ifndef SQLITE_OMIT_UTF16
@@ -172559,11 +176791,11 @@ SQLITE_PRIVATE int sqlite3CreateFunc(
     case SQLITE_ANY: {
       int rc;
       rc = sqlite3CreateFunc(db, zFunctionName, nArg,
-           (SQLITE_UTF8|extraFlags)^SQLITE_FUNC_UNSAFE,
+           (SQLITE_UTF8|extraFlags)^SQLITE_FUNC_UNSAFE, /* tag-20230109-1 */
            pUserData, xSFunc, xStep, xFinal, xValue, xInverse, pDestructor);
       if( rc==SQLITE_OK ){
         rc = sqlite3CreateFunc(db, zFunctionName, nArg,
-             (SQLITE_UTF16LE|extraFlags)^SQLITE_FUNC_UNSAFE,
+             (SQLITE_UTF16LE|extraFlags)^SQLITE_FUNC_UNSAFE, /* tag-20230109-1*/
              pUserData, xSFunc, xStep, xFinal, xValue, xInverse, pDestructor);
       }
       if( rc!=SQLITE_OK ){
@@ -172812,7 +177044,7 @@ SQLITE_API int sqlite3_overload_function(
   rc = sqlite3FindFunction(db, zName, nArg, SQLITE_UTF8, 0)!=0;
   sqlite3_mutex_leave(db->mutex);
   if( rc ) return SQLITE_OK;
-  zCopy = sqlite3_mprintf(zName);
+  zCopy = sqlite3_mprintf("%s", zName);
   if( zCopy==0 ) return SQLITE_NOMEM;
   return sqlite3_create_function_v2(db, zName, nArg, SQLITE_UTF8,
                            zCopy, sqlite3InvalidFunction, 0, 0, sqlite3_free);
@@ -173615,9 +177847,9 @@ SQLITE_PRIVATE int sqlite3ParseUri(
 
   assert( *pzErrMsg==0 );
 
-  if( ((flags & SQLITE_OPEN_URI)             /* IMP: R-48725-32206 */
-            || sqlite3GlobalConfig.bOpenUri) /* IMP: R-51689-46548 */
-   && nUri>=5 && memcmp(zUri, "file:", 5)==0 /* IMP: R-57884-37496 */
+  if( ((flags & SQLITE_OPEN_URI)                     /* IMP: R-48725-32206 */
+       || AtomicLoad(&sqlite3GlobalConfig.bOpenUri)) /* IMP: R-51689-46548 */
+   && nUri>=5 && memcmp(zUri, "file:", 5)==0         /* IMP: R-57884-37496 */
   ){
     char *zOpt;
     int eState;                   /* Parser state when parsing URI */
@@ -174023,6 +178255,9 @@ static int openDatabase(
 #endif
 #if defined(SQLITE_DEFAULT_LEGACY_ALTER_TABLE)
                  | SQLITE_LegacyAlter
+#endif
+#if defined(SQLITE_ENABLE_STMT_SCANSTATUS)
+                 | SQLITE_StmtScanStatus
 #endif
       ;
   sqlite3HashInit(&db->aCollSeq);
@@ -174046,6 +178281,19 @@ static int openDatabase(
     goto opendb_out;
   }
 
+#if SQLITE_OS_UNIX && defined(SQLITE_OS_KV_OPTIONAL)
+  /* Process magic filenames ":localStorage:" and ":sessionStorage:" */
+  if( zFilename && zFilename[0]==':' ){
+    if( strcmp(zFilename, ":localStorage:")==0 ){
+      zFilename = "file:local?vfs=kvvfs";
+      flags |= SQLITE_OPEN_URI;
+    }else if( strcmp(zFilename, ":sessionStorage:")==0 ){
+      zFilename = "file:session?vfs=kvvfs";
+      flags |= SQLITE_OPEN_URI;
+    }
+  }
+#endif /* SQLITE_OS_UNIX && defined(SQLITE_OS_KV_OPTIONAL) */
+
   /* Parse the filename/URI argument
   **
   ** Only allow sensible combinations of bits in the flags argument.
@@ -174076,6 +178324,12 @@ static int openDatabase(
     sqlite3_free(zErrMsg);
     goto opendb_out;
   }
+  assert( db->pVfs!=0 );
+#if SQLITE_OS_KV || defined(SQLITE_OS_KV_OPTIONAL)
+  if( sqlite3_stricmp(db->pVfs->zName, "kvvfs")==0 ){
+    db->temp_store = 2;
+  }
+#endif
 
   /* Open the backend database driver */
   rc = sqlite3BtreeOpen(db->pVfs, zOpen, db, &db->aDb[0].pBt, 0,
@@ -174569,7 +178823,7 @@ SQLITE_API int sqlite3_sleep(int ms){
   /* This function works in milliseconds, but the underlying OsSleep()
   ** API uses microseconds. Hence the 1000's.
   */
-  rc = (sqlite3OsSleep(pVfs, 1000*ms)/1000);
+  rc = (sqlite3OsSleep(pVfs, ms<0 ? 0 : 1000*ms)/1000);
   return rc;
 }
 
@@ -174625,6 +178879,9 @@ SQLITE_API int sqlite3_file_control(sqlite3 *db, const char *zDbName, int op, vo
         sqlite3BtreeSetPageSize(pBtree, 0, iNew, 0);
       }
       rc = SQLITE_OK;
+    }else if( op==SQLITE_FCNTL_RESET_CACHE ){
+      sqlite3BtreeClearCache(pBtree);
+      rc = SQLITE_OK;
     }else{
       int nSave = db->busyHandler.nBusy;
       rc = sqlite3OsFileControl(fd, op, pArg);
@@ -175185,7 +179442,7 @@ static char *appendText(char *p, const char *z){
 ** Memory layout must be compatible with that generated by the pager
 ** and expected by sqlite3_uri_parameter() and databaseName().
 */
-SQLITE_API char *sqlite3_create_filename(
+SQLITE_API const char *sqlite3_create_filename(
   const char *zDatabase,
   const char *zJournal,
   const char *zWal,
@@ -175221,10 +179478,10 @@ SQLITE_API char *sqlite3_create_filename(
 ** error to call this routine with any parameter other than a pointer
 ** previously obtained from sqlite3_create_filename() or a NULL pointer.
 */
-SQLITE_API void sqlite3_free_filename(char *p){
+SQLITE_API void sqlite3_free_filename(const char *p){
   if( p==0 ) return;
-  p = (char*)databaseName(p);
-  sqlite3_free(p - 4);
+  p = databaseName(p);
+  sqlite3_free((char*)p - 4);
 }
 
 
@@ -175475,8 +179732,8 @@ SQLITE_API int sqlite3_snapshot_open(
 */
 SQLITE_API int sqlite3_snapshot_recover(sqlite3 *db, const char *zDb){
   int rc = SQLITE_ERROR;
-  int iDb;
 #ifndef SQLITE_OMIT_WAL
+  int iDb;
 
 #ifdef SQLITE_ENABLE_API_ARMOR
   if( !sqlite3SafetyCheckOk(db) ){
@@ -177123,6 +181380,8 @@ SQLITE_PRIVATE int sqlite3FtsUnicodeIsalnum(int);
 SQLITE_PRIVATE int sqlite3FtsUnicodeIsdiacritic(int);
 #endif
 
+SQLITE_PRIVATE int sqlite3Fts3ExprIterate(Fts3Expr*, int (*x)(Fts3Expr*,int,void*), void*);
+
 #endif /* !SQLITE_CORE || SQLITE_ENABLE_FTS3 */
 #endif /* _FTSINT_H */
 
@@ -182126,9 +186385,8 @@ static void fts3EvalNextRow(
   Fts3Expr *pExpr,                /* Expr. to advance to next matching row */
   int *pRc                        /* IN/OUT: Error code */
 ){
-  if( *pRc==SQLITE_OK ){
+  if( *pRc==SQLITE_OK && pExpr->bEof==0 ){
     int bDescDoclist = pCsr->bDesc;         /* Used by DOCID_CMP() macro */
-    assert( pExpr->bEof==0 );
     pExpr->bStart = 1;
 
     switch( pExpr->eType ){
@@ -182604,6 +186862,22 @@ static void fts3EvalUpdateCounts(Fts3Expr *pExpr, int nCol){
   }
 }
 
+/*
+** This is an sqlite3Fts3ExprIterate() callback. If the Fts3Expr.aMI[] array
+** has not yet been allocated, allocate and zero it. Otherwise, just zero
+** it.
+*/
+static int fts3AllocateMSI(Fts3Expr *pExpr, int iPhrase, void *pCtx){
+  Fts3Table *pTab = (Fts3Table*)pCtx;
+  UNUSED_PARAMETER(iPhrase);
+  if( pExpr->aMI==0 ){
+    pExpr->aMI = (u32 *)sqlite3_malloc64(pTab->nColumn * 3 * sizeof(u32));
+    if( pExpr->aMI==0 ) return SQLITE_NOMEM;
+  }
+  memset(pExpr->aMI, 0, pTab->nColumn * 3 * sizeof(u32));
+  return SQLITE_OK;
+}
+
 /*
 ** Expression pExpr must be of type FTSQUERY_PHRASE.
 **
@@ -182625,7 +186899,6 @@ static int fts3EvalGatherStats(
   if( pExpr->aMI==0 ){
     Fts3Table *pTab = (Fts3Table *)pCsr->base.pVtab;
     Fts3Expr *pRoot;                /* Root of NEAR expression */
-    Fts3Expr *p;                    /* Iterator used for several purposes */
 
     sqlite3_int64 iPrevId = pCsr->iPrevId;
     sqlite3_int64 iDocid;
@@ -182633,7 +186906,9 @@ static int fts3EvalGatherStats(
 
     /* Find the root of the NEAR expression */
     pRoot = pExpr;
-    while( pRoot->pParent && pRoot->pParent->eType==FTSQUERY_NEAR ){
+    while( pRoot->pParent
+        && (pRoot->pParent->eType==FTSQUERY_NEAR || pRoot->bDeferred)
+    ){
       pRoot = pRoot->pParent;
     }
     iDocid = pRoot->iDocid;
@@ -182641,14 +186916,8 @@ static int fts3EvalGatherStats(
     assert( pRoot->bStart );
 
     /* Allocate space for the aMSI[] array of each FTSQUERY_PHRASE node */
-    for(p=pRoot; p; p=p->pLeft){
-      Fts3Expr *pE = (p->eType==FTSQUERY_PHRASE?p:p->pRight);
-      assert( pE->aMI==0 );
-      pE->aMI = (u32 *)sqlite3_malloc64(pTab->nColumn * 3 * sizeof(u32));
-      if( !pE->aMI ) return SQLITE_NOMEM;
-      memset(pE->aMI, 0, pTab->nColumn * 3 * sizeof(u32));
-    }
-
+    rc = sqlite3Fts3ExprIterate(pRoot, fts3AllocateMSI, (void*)pTab);
+    if( rc!=SQLITE_OK ) return rc;
     fts3EvalRestart(pCsr, pRoot, &rc);
 
     while( pCsr->isEof==0 && rc==SQLITE_OK ){
@@ -182804,6 +187073,7 @@ SQLITE_PRIVATE int sqlite3Fts3EvalPhrasePoslist(
     u8 bTreeEof = 0;
     Fts3Expr *p;                  /* Used to iterate from pExpr to root */
     Fts3Expr *pNear;              /* Most senior NEAR ancestor (or pExpr) */
+    Fts3Expr *pRun;               /* Closest non-deferred ancestor of pNear */
     int bMatch;
 
     /* Check if this phrase descends from an OR expression node. If not,
@@ -182818,25 +187088,30 @@ SQLITE_PRIVATE int sqlite3Fts3EvalPhrasePoslist(
       if( p->bEof ) bTreeEof = 1;
     }
     if( bOr==0 ) return SQLITE_OK;
+    pRun = pNear;
+    while( pRun->bDeferred ){
+      assert( pRun->pParent );
+      pRun = pRun->pParent;
+    }
 
     /* This is the descendent of an OR node. In this case we cannot use
     ** an incremental phrase. Load the entire doclist for the phrase
     ** into memory in this case.  */
     if( pPhrase->bIncr ){
-      int bEofSave = pNear->bEof;
-      fts3EvalRestart(pCsr, pNear, &rc);
-      while( rc==SQLITE_OK && !pNear->bEof ){
-        fts3EvalNextRow(pCsr, pNear, &rc);
-        if( bEofSave==0 && pNear->iDocid==iDocid ) break;
+      int bEofSave = pRun->bEof;
+      fts3EvalRestart(pCsr, pRun, &rc);
+      while( rc==SQLITE_OK && !pRun->bEof ){
+        fts3EvalNextRow(pCsr, pRun, &rc);
+        if( bEofSave==0 && pRun->iDocid==iDocid ) break;
       }
       assert( rc!=SQLITE_OK || pPhrase->bIncr==0 );
-      if( rc==SQLITE_OK && pNear->bEof!=bEofSave ){
+      if( rc==SQLITE_OK && pRun->bEof!=bEofSave ){
         rc = FTS_CORRUPT_VTAB;
       }
     }
     if( bTreeEof ){
-      while( rc==SQLITE_OK && !pNear->bEof ){
-        fts3EvalNextRow(pCsr, pNear, &rc);
+      while( rc==SQLITE_OK && !pRun->bEof ){
+        fts3EvalNextRow(pCsr, pRun, &rc);
       }
     }
     if( rc!=SQLITE_OK ) return rc;
@@ -189752,16 +194027,18 @@ static int fts3MsrBufferData(
   char *pList,
   i64 nList
 ){
-  if( nList>pMsr->nBuffer ){
+  if( (nList+FTS3_NODE_PADDING)>pMsr->nBuffer ){
     char *pNew;
-    pMsr->nBuffer = nList*2;
-    pNew = (char *)sqlite3_realloc64(pMsr->aBuffer, pMsr->nBuffer);
+    int nNew = nList*2 + FTS3_NODE_PADDING;
+    pNew = (char *)sqlite3_realloc64(pMsr->aBuffer, nNew);
     if( !pNew ) return SQLITE_NOMEM;
     pMsr->aBuffer = pNew;
+    pMsr->nBuffer = nNew;
   }
 
   assert( nList>0 );
   memcpy(pMsr->aBuffer, pList, nList);
+  memset(&pMsr->aBuffer[nList], 0, FTS3_NODE_PADDING);
   return SQLITE_OK;
 }
 
@@ -192943,7 +197220,7 @@ typedef sqlite3_int64 i64;
 
 
 /*
-** Used as an fts3ExprIterate() context when loading phrase doclists to
+** Used as an sqlite3Fts3ExprIterate() context when loading phrase doclists to
 ** Fts3Expr.aDoclist[]/nDoclist.
 */
 typedef struct LoadDoclistCtx LoadDoclistCtx;
@@ -192987,7 +197264,7 @@ struct SnippetFragment {
 };
 
 /*
-** This type is used as an fts3ExprIterate() context object while
+** This type is used as an sqlite3Fts3ExprIterate() context object while
 ** accumulating the data returned by the matchinfo() function.
 */
 typedef struct MatchInfo MatchInfo;
@@ -193146,7 +197423,7 @@ static void fts3GetDeltaPosition(char **pp, i64 *piPos){
 }
 
 /*
-** Helper function for fts3ExprIterate() (see below).
+** Helper function for sqlite3Fts3ExprIterate() (see below).
 */
 static int fts3ExprIterate2(
   Fts3Expr *pExpr,                /* Expression to iterate phrases of */
@@ -193180,7 +197457,7 @@ static int fts3ExprIterate2(
 ** Otherwise, SQLITE_OK is returned after a callback has been made for
 ** all eligible phrase nodes.
 */
-static int fts3ExprIterate(
+SQLITE_PRIVATE int sqlite3Fts3ExprIterate(
   Fts3Expr *pExpr,                /* Expression to iterate phrases of */
   int (*x)(Fts3Expr*,int,void*),  /* Callback function to invoke for phrases */
   void *pCtx                      /* Second argument to pass to callback */
@@ -193189,10 +197466,9 @@ static int fts3ExprIterate(
   return fts3ExprIterate2(pExpr, &iPhrase, x, pCtx);
 }
 
-
 /*
-** This is an fts3ExprIterate() callback used while loading the doclists
-** for each phrase into Fts3Expr.aDoclist[]/nDoclist. See also
+** This is an sqlite3Fts3ExprIterate() callback used while loading the
+** doclists for each phrase into Fts3Expr.aDoclist[]/nDoclist. See also
 ** fts3ExprLoadDoclists().
 */
 static int fts3ExprLoadDoclistsCb(Fts3Expr *pExpr, int iPhrase, void *ctx){
@@ -193224,9 +197500,9 @@ static int fts3ExprLoadDoclists(
   int *pnToken                    /* OUT: Number of tokens in query */
 ){
   int rc;                         /* Return Code */
-  LoadDoclistCtx sCtx = {0,0,0};  /* Context for fts3ExprIterate() */
+  LoadDoclistCtx sCtx = {0,0,0};  /* Context for sqlite3Fts3ExprIterate() */
   sCtx.pCsr = pCsr;
-  rc = fts3ExprIterate(pCsr->pExpr, fts3ExprLoadDoclistsCb, (void *)&sCtx);
+  rc = sqlite3Fts3ExprIterate(pCsr->pExpr,fts3ExprLoadDoclistsCb,(void*)&sCtx);
   if( pnPhrase ) *pnPhrase = sCtx.nPhrase;
   if( pnToken ) *pnToken = sCtx.nToken;
   return rc;
@@ -193239,7 +197515,7 @@ static int fts3ExprPhraseCountCb(Fts3Expr *pExpr, int iPhrase, void *ctx){
 }
 static int fts3ExprPhraseCount(Fts3Expr *pExpr){
   int nPhrase = 0;
-  (void)fts3ExprIterate(pExpr, fts3ExprPhraseCountCb, (void *)&nPhrase);
+  (void)sqlite3Fts3ExprIterate(pExpr, fts3ExprPhraseCountCb, (void *)&nPhrase);
   return nPhrase;
 }
 
@@ -193367,8 +197643,9 @@ static void fts3SnippetDetails(
 }
 
 /*
-** This function is an fts3ExprIterate() callback used by fts3BestSnippet().
-** Each invocation populates an element of the SnippetIter.aPhrase[] array.
+** This function is an sqlite3Fts3ExprIterate() callback used by
+** fts3BestSnippet().  Each invocation populates an element of the
+** SnippetIter.aPhrase[] array.
 */
 static int fts3SnippetFindPositions(Fts3Expr *pExpr, int iPhrase, void *ctx){
   SnippetIter *p = (SnippetIter *)ctx;
@@ -193458,7 +197735,9 @@ static int fts3BestSnippet(
   sIter.nSnippet = nSnippet;
   sIter.nPhrase = nList;
   sIter.iCurrent = -1;
-  rc = fts3ExprIterate(pCsr->pExpr, fts3SnippetFindPositions, (void*)&sIter);
+  rc = sqlite3Fts3ExprIterate(
+      pCsr->pExpr, fts3SnippetFindPositions, (void*)&sIter
+  );
   if( rc==SQLITE_OK ){
 
     /* Set the *pmSeen output variable. */
@@ -193819,10 +198098,10 @@ static int fts3ExprLHitGather(
 }
 
 /*
-** fts3ExprIterate() callback used to collect the "global" matchinfo stats
-** for a single query.
+** sqlite3Fts3ExprIterate() callback used to collect the "global" matchinfo
+** stats for a single query.
 **
-** fts3ExprIterate() callback to load the 'global' elements of a
+** sqlite3Fts3ExprIterate() callback to load the 'global' elements of a
 ** FTS3_MATCHINFO_HITS matchinfo array. The global stats are those elements
 ** of the matchinfo array that are constant for all rows returned by the
 ** current query.
@@ -193857,7 +198136,7 @@ static int fts3ExprGlobalHitsCb(
 }
 
 /*
-** fts3ExprIterate() callback used to collect the "local" part of the
+** sqlite3Fts3ExprIterate() callback used to collect the "local" part of the
 ** FTS3_MATCHINFO_HITS array. The local stats are those elements of the
 ** array that are different for each row returned by the query.
 */
@@ -194053,7 +198332,7 @@ static int fts3MatchinfoLcs(Fts3Cursor *pCsr, MatchInfo *pInfo){
   **/
   aIter = sqlite3Fts3MallocZero(sizeof(LcsIterator) * pCsr->nPhrase);
   if( !aIter ) return SQLITE_NOMEM;
-  (void)fts3ExprIterate(pCsr->pExpr, fts3MatchinfoLcsCb, (void*)aIter);
+  (void)sqlite3Fts3ExprIterate(pCsr->pExpr, fts3MatchinfoLcsCb, (void*)aIter);
 
   for(i=0; inPhrase; i++){
     LcsIterator *pIter = &aIter[i];
@@ -194230,11 +198509,11 @@ static int fts3MatchinfoValues(
             rc = fts3MatchinfoSelectDoctotal(pTab, &pSelect, &pInfo->nDoc,0,0);
             if( rc!=SQLITE_OK ) break;
           }
-          rc = fts3ExprIterate(pExpr, fts3ExprGlobalHitsCb,(void*)pInfo);
+          rc = sqlite3Fts3ExprIterate(pExpr, fts3ExprGlobalHitsCb,(void*)pInfo);
           sqlite3Fts3EvalTestDeferred(pCsr, &rc);
           if( rc!=SQLITE_OK ) break;
         }
-        (void)fts3ExprIterate(pExpr, fts3ExprLocalHitsCb,(void*)pInfo);
+        (void)sqlite3Fts3ExprIterate(pExpr, fts3ExprLocalHitsCb,(void*)pInfo);
         break;
       }
     }
@@ -194457,7 +198736,7 @@ struct TermOffsetCtx {
 };
 
 /*
-** This function is an fts3ExprIterate() callback used by sqlite3Fts3Offsets().
+** This function is an sqlite3Fts3ExprIterate() callback used by sqlite3Fts3Offsets().
 */
 static int fts3ExprTermOffsetInit(Fts3Expr *pExpr, int iPhrase, void *ctx){
   TermOffsetCtx *p = (TermOffsetCtx *)ctx;
@@ -194539,7 +198818,9 @@ SQLITE_PRIVATE void sqlite3Fts3Offsets(
     */
     sCtx.iCol = iCol;
     sCtx.iTerm = 0;
-    rc = fts3ExprIterate(pCsr->pExpr, fts3ExprTermOffsetInit, (void*)&sCtx);
+    rc = sqlite3Fts3ExprIterate(
+        pCsr->pExpr, fts3ExprTermOffsetInit, (void*)&sCtx
+    );
     if( rc!=SQLITE_OK ) goto offsets_out;
 
     /* Retreive the text stored in column iCol. If an SQL NULL is stored
@@ -195546,6 +199827,7 @@ static const char * const jsonType[] = {
 #define JNODE_PATCH   0x10         /* Patch with JsonNode.u.pPatch */
 #define JNODE_APPEND  0x20         /* More ARRAY/OBJECT entries at u.iAppend */
 #define JNODE_LABEL   0x40         /* Is a label of an object */
+#define JNODE_JSON5   0x80         /* Node contains JSON5 enhancements */
 
 
 /* A single node of parsed JSON
@@ -195572,10 +199854,12 @@ struct JsonParse {
   JsonNode *aNode;   /* Array of nodes containing the parse */
   const char *zJson; /* Original JSON string */
   u32 *aUp;          /* Index of parent of each node */
-  u8 oom;            /* Set to true if out of memory */
-  u8 nErr;           /* Number of errors seen */
   u16 iDepth;        /* Nesting depth */
+  u8 nErr;           /* Number of errors seen */
+  u8 oom;            /* Set to true if out of memory */
+  u8 hasNonstd;      /* True if input uses non-standard features like JSON5 */
   int nJson;         /* Length of the zJson string in bytes */
+  u32 iErr;          /* Error location in zJson[] */
   u32 iHold;         /* Replace cache line with the lowest iHold value */
 };
 
@@ -195583,10 +199867,10 @@ struct JsonParse {
 ** Maximum nesting depth of JSON for this implementation.
 **
 ** This limit is needed to avoid a stack overflow in the recursive
-** descent parser.  A depth of 2000 is far deeper than any sane JSON
-** should go.
+** descent parser.  A depth of 1000 is far deeper than any sane JSON
+** should go.  Historical note: This limit was 2000 prior to version 3.42.0
 */
-#define JSON_MAX_DEPTH  2000
+#define JSON_MAX_DEPTH  1000
 
 /**************************************************************************
 ** Utility routines for dealing with JsonString objects
@@ -195736,6 +200020,129 @@ static void jsonAppendString(JsonString *p, const char *zIn, u32 N){
   assert( p->nUsednAlloc );
 }
 
+/*
+** The zIn[0..N] string is a JSON5 string literal.  Append to p a translation
+** of the string literal that standard JSON and that omits all JSON5
+** features.
+*/
+static void jsonAppendNormalizedString(JsonString *p, const char *zIn, u32 N){
+  u32 i;
+  jsonAppendChar(p, '"');
+  zIn++;
+  N -= 2;
+  while( N>0 ){
+    for(i=0; i0 ){
+      jsonAppendRaw(p, zIn, i);
+      zIn += i;
+      N -= i;
+      if( N==0 ) break;
+    }
+    assert( zIn[0]=='\\' );
+    switch( (u8)zIn[1] ){
+      case '\'':
+        jsonAppendChar(p, '\'');
+        break;
+      case 'v':
+        jsonAppendRaw(p, "\\u0009", 6);
+        break;
+      case 'x':
+        jsonAppendRaw(p, "\\u00", 4);
+        jsonAppendRaw(p, &zIn[2], 2);
+        zIn += 2;
+        N -= 2;
+        break;
+      case '0':
+        jsonAppendRaw(p, "\\u0000", 6);
+        break;
+      case '\r':
+        if( zIn[2]=='\n' ){
+          zIn++;
+          N--;
+        }
+        break;
+      case '\n':
+        break;
+      case 0xe2:
+        assert( N>=4 );
+        assert( 0x80==(u8)zIn[2] );
+        assert( 0xa8==(u8)zIn[3] || 0xa9==(u8)zIn[3] );
+        zIn += 2;
+        N -= 2;
+        break;
+      default:
+        jsonAppendRaw(p, zIn, 2);
+        break;
+    }
+    zIn += 2;
+    N -= 2;
+  }
+  jsonAppendChar(p, '"');
+}
+
+/*
+** The zIn[0..N] string is a JSON5 integer literal.  Append to p a translation
+** of the string literal that standard JSON and that omits all JSON5
+** features.
+*/
+static void jsonAppendNormalizedInt(JsonString *p, const char *zIn, u32 N){
+  if( zIn[0]=='+' ){
+    zIn++;
+    N--;
+  }else if( zIn[0]=='-' ){
+    jsonAppendChar(p, '-');
+    zIn++;
+    N--;
+  }
+  if( zIn[0]=='0' && (zIn[1]=='x' || zIn[1]=='X') ){
+    sqlite3_int64 i = 0;
+    int rc = sqlite3DecOrHexToI64(zIn, &i);
+    if( rc<=1 ){
+      jsonPrintf(100,p,"%lld",i);
+    }else{
+      assert( rc==2 );
+      jsonAppendRaw(p, "9.0e999", 7);
+    }
+    return;
+  }
+  jsonAppendRaw(p, zIn, N);
+}
+
+/*
+** The zIn[0..N] string is a JSON5 real literal.  Append to p a translation
+** of the string literal that standard JSON and that omits all JSON5
+** features.
+*/
+static void jsonAppendNormalizedReal(JsonString *p, const char *zIn, u32 N){
+  u32 i;
+  if( zIn[0]=='+' ){
+    zIn++;
+    N--;
+  }else if( zIn[0]=='-' ){
+    jsonAppendChar(p, '-');
+    zIn++;
+    N--;
+  }
+  if( zIn[0]=='.' ){
+    jsonAppendChar(p, '0');
+  }
+  for(i=0; i0 ){
+    jsonAppendRaw(p, zIn, N);
+  }
+}
+
+
+
 /*
 ** Append a function parameter value to the JSON string under
 ** construction.
@@ -195749,8 +200156,11 @@ static void jsonAppendValue(
       jsonAppendRaw(p, "null", 4);
       break;
     }
-    case SQLITE_INTEGER:
     case SQLITE_FLOAT: {
+      jsonPrintf(100, p, "%!0.15g", sqlite3_value_double(pValue));
+      break;
+    }
+    case SQLITE_INTEGER: {
       const char *z = (const char*)sqlite3_value_text(pValue);
       u32 n = (u32)sqlite3_value_bytes(pValue);
       jsonAppendRaw(p, z, n);
@@ -195863,17 +200273,38 @@ static void jsonRenderNode(
       break;
     }
     case JSON_STRING: {
+      assert( pNode->eU==1 );
       if( pNode->jnFlags & JNODE_RAW ){
-        assert( pNode->eU==1 );
-        jsonAppendString(pOut, pNode->u.zJContent, pNode->n);
-        break;
+        if( pNode->jnFlags & JNODE_LABEL ){
+          jsonAppendChar(pOut, '"');
+          jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
+          jsonAppendChar(pOut, '"');
+        }else{
+          jsonAppendString(pOut, pNode->u.zJContent, pNode->n);
+        }
+      }else if( pNode->jnFlags & JNODE_JSON5 ){
+        jsonAppendNormalizedString(pOut, pNode->u.zJContent, pNode->n);
+      }else{
+        jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
       }
-      /* no break */ deliberate_fall_through
+      break;
+    }
+    case JSON_REAL: {
+      assert( pNode->eU==1 );
+      if( pNode->jnFlags & JNODE_JSON5 ){
+        jsonAppendNormalizedReal(pOut, pNode->u.zJContent, pNode->n);
+      }else{
+        jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
+      }
+      break;
     }
-    case JSON_REAL:
     case JSON_INT: {
       assert( pNode->eU==1 );
-      jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
+      if( pNode->jnFlags & JNODE_JSON5 ){
+        jsonAppendNormalizedInt(pOut, pNode->u.zJContent, pNode->n);
+      }else{
+        jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
+      }
       break;
     }
     case JSON_ARRAY: {
@@ -195989,59 +200420,41 @@ static void jsonReturn(
     }
     case JSON_INT: {
       sqlite3_int64 i = 0;
+      int rc;
+      int bNeg = 0;
       const char *z;
+
+
       assert( pNode->eU==1 );
       z = pNode->u.zJContent;
-      if( z[0]=='-' ){ z++; }
-      while( z[0]>='0' && z[0]<='9' ){
-        unsigned v = *(z++) - '0';
-        if( i>=LARGEST_INT64/10 ){
-          if( i>LARGEST_INT64/10 ) goto int_as_real;
-          if( z[0]>='0' && z[0]<='9' ) goto int_as_real;
-          if( v==9 ) goto int_as_real;
-          if( v==8 ){
-            if( pNode->u.zJContent[0]=='-' ){
-              sqlite3_result_int64(pCtx, SMALLEST_INT64);
-              goto int_done;
-            }else{
-              goto int_as_real;
-            }
-          }
-        }
-        i = i*10 + v;
+      if( z[0]=='-' ){ z++; bNeg = 1; }
+      else if( z[0]=='+' ){ z++; }
+      rc = sqlite3DecOrHexToI64(z, &i);
+      if( rc<=1 ){
+        sqlite3_result_int64(pCtx, bNeg ? -i : i);
+      }else if( rc==3 && bNeg ){
+        sqlite3_result_int64(pCtx, SMALLEST_INT64);
+      }else{
+        goto to_double;
       }
-      if( pNode->u.zJContent[0]=='-' ){ i = -i; }
-      sqlite3_result_int64(pCtx, i);
-      int_done:
       break;
-      int_as_real: ; /* no break */ deliberate_fall_through
     }
     case JSON_REAL: {
       double r;
-#ifdef SQLITE_AMALGAMATION
       const char *z;
       assert( pNode->eU==1 );
+    to_double:
       z = pNode->u.zJContent;
       sqlite3AtoF(z, &r, sqlite3Strlen30(z), SQLITE_UTF8);
-#else
-      assert( pNode->eU==1 );
-      r = strtod(pNode->u.zJContent, 0);
-#endif
       sqlite3_result_double(pCtx, r);
       break;
     }
     case JSON_STRING: {
-#if 0 /* Never happens because JNODE_RAW is only set by json_set(),
-      ** json_insert() and json_replace() and those routines do not
-      ** call jsonReturn() */
       if( pNode->jnFlags & JNODE_RAW ){
         assert( pNode->eU==1 );
         sqlite3_result_text(pCtx, pNode->u.zJContent, pNode->n,
                             SQLITE_TRANSIENT);
-      }else
-#endif
-      assert( (pNode->jnFlags & JNODE_RAW)==0 );
-      if( (pNode->jnFlags & JNODE_ESCAPE)==0 ){
+      }else if( (pNode->jnFlags & JNODE_ESCAPE)==0 ){
         /* JSON formatted without any backslash-escapes */
         assert( pNode->eU==1 );
         sqlite3_result_text(pCtx, pNode->u.zJContent+1, pNode->n-2,
@@ -196053,18 +200466,17 @@ static void jsonReturn(
         const char *z;
         char *zOut;
         u32 j;
+        u32 nOut = n;
         assert( pNode->eU==1 );
         z = pNode->u.zJContent;
-        zOut = sqlite3_malloc( n+1 );
+        zOut = sqlite3_malloc( nOut+1 );
         if( zOut==0 ){
           sqlite3_result_error_nomem(pCtx);
           break;
         }
         for(i=1, j=0; iaNode[pParse->nNode];
-  p->eType = (u8)eType;
-  p->jnFlags = 0;
+  p->eType = (u8)(eType & 0xff);
+  p->jnFlags = (u8)(eType >> 8);
   VVA( p->eU = zContent ? 1 : 0 );
   p->n = n;
   p->u.zJContent = zContent;
   return pParse->nNode++;
 }
 
+/*
+** Return true if z[] begins with 2 (or more) hexadecimal digits
+*/
+static int jsonIs2Hex(const char *z){
+  return sqlite3Isxdigit(z[0]) && sqlite3Isxdigit(z[1]);
+}
+
 /*
 ** Return true if z[] begins with 4 (or more) hexadecimal digits
 */
 static int jsonIs4Hex(const char *z){
-  int i;
-  for(i=0; i<4; i++) if( !sqlite3Isxdigit(z[i]) ) return 0;
-  return 1;
+  return jsonIs2Hex(z) && jsonIs2Hex(&z[2]);
+}
+
+/*
+** Return the number of bytes of JSON5 whitespace at the beginning of
+** the input string z[].
+**
+** JSON5 whitespace consists of any of the following characters:
+**
+**    Unicode  UTF-8         Name
+**    U+0009   09            horizontal tab
+**    U+000a   0a            line feed
+**    U+000b   0b            vertical tab
+**    U+000c   0c            form feed
+**    U+000d   0d            carriage return
+**    U+0020   20            space
+**    U+00a0   c2 a0         non-breaking space
+**    U+1680   e1 9a 80      ogham space mark
+**    U+2000   e2 80 80      en quad
+**    U+2001   e2 80 81      em quad
+**    U+2002   e2 80 82      en space
+**    U+2003   e2 80 83      em space
+**    U+2004   e2 80 84      three-per-em space
+**    U+2005   e2 80 85      four-per-em space
+**    U+2006   e2 80 86      six-per-em space
+**    U+2007   e2 80 87      figure space
+**    U+2008   e2 80 88      punctuation space
+**    U+2009   e2 80 89      thin space
+**    U+200a   e2 80 8a      hair space
+**    U+2028   e2 80 a8      line separator
+**    U+2029   e2 80 a9      paragraph separator
+**    U+202f   e2 80 af      narrow no-break space (NNBSP)
+**    U+205f   e2 81 9f      medium mathematical space (MMSP)
+**    U+3000   e3 80 80      ideographical space
+**    U+FEFF   ef bb bf      byte order mark
+**
+** In addition, comments between '/', '*' and '*', '/' and
+** from '/', '/' to end-of-line are also considered to be whitespace.
+*/
+static int json5Whitespace(const char *zIn){
+  int n = 0;
+  const u8 *z = (u8*)zIn;
+  while( 1 /*exit by "goto whitespace_done"*/ ){
+    switch( z[n] ){
+      case 0x09:
+      case 0x0a:
+      case 0x0b:
+      case 0x0c:
+      case 0x0d:
+      case 0x20: {
+        n++;
+        break;
+      }
+      case '/': {
+        if( z[n+1]=='*' && z[n+2]!=0 ){
+          int j;
+          for(j=n+3; z[j]!='/' || z[j-1]!='*'; j++){
+            if( z[j]==0 ) goto whitespace_done;
+          }
+          n = j+1;
+          break;
+        }else if( z[n+1]=='/' ){
+          int j;
+          char c;
+          for(j=n+2; (c = z[j])!=0; j++){
+            if( c=='\n' || c=='\r' ) break;
+            if( 0xe2==(u8)c && 0x80==(u8)z[j+1]
+             && (0xa8==(u8)z[j+2] || 0xa9==(u8)z[j+2])
+            ){
+              j += 2;
+              break;
+            }
+          }
+          n = j;
+          if( z[n] ) n++;
+          break;
+        }
+        goto whitespace_done;
+      }
+      case 0xc2: {
+        if( z[n+1]==0xa0 ){
+          n += 2;
+          break;
+        }
+        goto whitespace_done;
+      }
+      case 0xe1: {
+        if( z[n+1]==0x9a && z[n+2]==0x80 ){
+          n += 3;
+          break;
+        }
+        goto whitespace_done;
+      }
+      case 0xe2: {
+        if( z[n+1]==0x80 ){
+          u8 c = z[n+2];
+          if( c<0x80 ) goto whitespace_done;
+          if( c<=0x8a || c==0xa8 || c==0xa9 || c==0xaf ){
+            n += 3;
+            break;
+          }
+        }else if( z[n+1]==0x81 && z[n+2]==0x9f ){
+          n += 3;
+          break;
+        }
+        goto whitespace_done;
+      }
+      case 0xe3: {
+        if( z[n+1]==0x80 && z[n+2]==0x80 ){
+          n += 3;
+          break;
+        }
+        goto whitespace_done;
+      }
+      case 0xef: {
+        if( z[n+1]==0xbb && z[n+2]==0xbf ){
+          n += 3;
+          break;
+        }
+        goto whitespace_done;
+      }
+      default: {
+        goto whitespace_done;
+      }
+    }
+  }
+  whitespace_done:
+  return n;
 }
 
+/*
+** Extra floating-point literals to allow in JSON.
+*/
+static const struct NanInfName {
+  char c1;
+  char c2;
+  char n;
+  char eType;
+  char nRepl;
+  char *zMatch;
+  char *zRepl;
+} aNanInfName[] = {
+  { 'i', 'I', 3, JSON_REAL, 7, "inf", "9.0e999" },
+  { 'i', 'I', 8, JSON_REAL, 7, "infinity", "9.0e999" },
+  { 'n', 'N', 3, JSON_NULL, 4, "NaN", "null" },
+  { 'q', 'Q', 4, JSON_NULL, 4, "QNaN", "null" },
+  { 's', 'S', 4, JSON_NULL, 4, "SNaN", "null" },
+};
+
 /*
 ** Parse a single JSON value which begins at pParse->zJson[i].  Return the
 ** index of the first character past the end of the value parsed.
 **
-** Return negative for a syntax error.  Special cases:  return -2 if the
-** first non-whitespace character is '}' and return -3 if the first
-** non-whitespace character is ']'.
+** Special return values:
+**
+**      0    End if input
+**     -1    Syntax error
+**     -2    '}' seen
+**     -3    ']' seen
+**     -4    ',' seen
+**     -5    ':' seen
 */
 static int jsonParseValue(JsonParse *pParse, u32 i){
   char c;
@@ -196211,151 +200797,430 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
   int x;
   JsonNode *pNode;
   const char *z = pParse->zJson;
-  while( fast_isspace(z[i]) ){ i++; }
-  if( (c = z[i])=='{' ){
+json_parse_restart:
+  switch( (u8)z[i] ){
+  case '{': {
     /* Parse object */
     iThis = jsonParseAddNode(pParse, JSON_OBJECT, 0, 0);
     if( iThis<0 ) return -1;
+    if( ++pParse->iDepth > JSON_MAX_DEPTH ){
+      pParse->iErr = i;
+      return -1;
+    }
     for(j=i+1;;j++){
-      while( fast_isspace(z[j]) ){ j++; }
-      if( ++pParse->iDepth > JSON_MAX_DEPTH ) return -1;
+      u32 nNode = pParse->nNode;
       x = jsonParseValue(pParse, j);
-      if( x<0 ){
-        pParse->iDepth--;
-        if( x==(-2) && pParse->nNode==(u32)iThis+1 ) return j+1;
-        return -1;
+      if( x<=0 ){
+        if( x==(-2) ){
+          j = pParse->iErr;
+          if( pParse->nNode!=(u32)iThis+1 ) pParse->hasNonstd = 1;
+          break;
+        }
+        j += json5Whitespace(&z[j]);
+        if( sqlite3JsonId1(z[j])
+         || (z[j]=='\\' && z[j+1]=='u' && jsonIs4Hex(&z[j+2]))
+        ){
+          int k = j+1;
+          while( (sqlite3JsonId2(z[k]) && json5Whitespace(&z[k])==0)
+            || (z[k]=='\\' && z[k+1]=='u' && jsonIs4Hex(&z[k+2]))
+          ){
+            k++;
+          }
+          jsonParseAddNode(pParse, JSON_STRING | (JNODE_RAW<<8), k-j, &z[j]);
+          pParse->hasNonstd = 1;
+          x = k;
+        }else{
+          if( x!=-1 ) pParse->iErr = j;
+          return -1;
+        }
       }
       if( pParse->oom ) return -1;
-      pNode = &pParse->aNode[pParse->nNode-1];
-      if( pNode->eType!=JSON_STRING ) return -1;
+      pNode = &pParse->aNode[nNode];
+      if( pNode->eType!=JSON_STRING ){
+        pParse->iErr = j;
+        return -1;
+      }
       pNode->jnFlags |= JNODE_LABEL;
       j = x;
-      while( fast_isspace(z[j]) ){ j++; }
-      if( z[j]!=':' ) return -1;
-      j++;
+      if( z[j]==':' ){
+        j++;
+      }else{
+        if( fast_isspace(z[j]) ){
+          do{ j++; }while( fast_isspace(z[j]) );
+          if( z[j]==':' ){
+            j++;
+            goto parse_object_value;
+          }
+        }
+        x = jsonParseValue(pParse, j);
+        if( x!=(-5) ){
+          if( x!=(-1) ) pParse->iErr = j;
+          return -1;
+        }
+        j = pParse->iErr+1;
+      }
+    parse_object_value:
       x = jsonParseValue(pParse, j);
-      pParse->iDepth--;
-      if( x<0 ) return -1;
+      if( x<=0 ){
+        if( x!=(-1) ) pParse->iErr = j;
+        return -1;
+      }
       j = x;
-      while( fast_isspace(z[j]) ){ j++; }
-      c = z[j];
-      if( c==',' ) continue;
-      if( c!='}' ) return -1;
-      break;
+      if( z[j]==',' ){
+        continue;
+      }else if( z[j]=='}' ){
+        break;
+      }else{
+        if( fast_isspace(z[j]) ){
+          do{ j++; }while( fast_isspace(z[j]) );
+          if( z[j]==',' ){
+            continue;
+          }else if( z[j]=='}' ){
+            break;
+          }
+        }
+        x = jsonParseValue(pParse, j);
+        if( x==(-4) ){
+          j = pParse->iErr;
+          continue;
+        }
+        if( x==(-2) ){
+          j = pParse->iErr;
+          break;
+        }
+      }
+      pParse->iErr = j;
+      return -1;
     }
     pParse->aNode[iThis].n = pParse->nNode - (u32)iThis - 1;
+    pParse->iDepth--;
     return j+1;
-  }else if( c=='[' ){
+  }
+  case '[': {
     /* Parse array */
     iThis = jsonParseAddNode(pParse, JSON_ARRAY, 0, 0);
     if( iThis<0 ) return -1;
+    if( ++pParse->iDepth > JSON_MAX_DEPTH ){
+      pParse->iErr = i;
+      return -1;
+    }
     memset(&pParse->aNode[iThis].u, 0, sizeof(pParse->aNode[iThis].u));
     for(j=i+1;;j++){
-      while( fast_isspace(z[j]) ){ j++; }
-      if( ++pParse->iDepth > JSON_MAX_DEPTH ) return -1;
       x = jsonParseValue(pParse, j);
-      pParse->iDepth--;
-      if( x<0 ){
-        if( x==(-3) && pParse->nNode==(u32)iThis+1 ) return j+1;
+      if( x<=0 ){
+        if( x==(-3) ){
+          j = pParse->iErr;
+          if( pParse->nNode!=(u32)iThis+1 ) pParse->hasNonstd = 1;
+          break;
+        }
+        if( x!=(-1) ) pParse->iErr = j;
         return -1;
       }
       j = x;
-      while( fast_isspace(z[j]) ){ j++; }
-      c = z[j];
-      if( c==',' ) continue;
-      if( c!=']' ) return -1;
-      break;
+      if( z[j]==',' ){
+        continue;
+      }else if( z[j]==']' ){
+        break;
+      }else{
+        if( fast_isspace(z[j]) ){
+          do{ j++; }while( fast_isspace(z[j]) );
+          if( z[j]==',' ){
+            continue;
+          }else if( z[j]==']' ){
+            break;
+          }
+        }
+        x = jsonParseValue(pParse, j);
+        if( x==(-4) ){
+          j = pParse->iErr;
+          continue;
+        }
+        if( x==(-3) ){
+          j = pParse->iErr;
+          break;
+        }
+      }
+      pParse->iErr = j;
+      return -1;
     }
     pParse->aNode[iThis].n = pParse->nNode - (u32)iThis - 1;
+    pParse->iDepth--;
     return j+1;
-  }else if( c=='"' ){
+  }
+  case '\'': {
+    u8 jnFlags;
+    char cDelim;
+    pParse->hasNonstd = 1;
+    jnFlags = JNODE_JSON5;
+    goto parse_string;
+  case '"':
     /* Parse string */
-    u8 jnFlags = 0;
+    jnFlags = 0;
+  parse_string:
+    cDelim = z[i];
     j = i+1;
     for(;;){
       c = z[j];
       if( (c & ~0x1f)==0 ){
         /* Control characters are not allowed in strings */
+        pParse->iErr = j;
         return -1;
       }
       if( c=='\\' ){
         c = z[++j];
         if( c=='"' || c=='\\' || c=='/' || c=='b' || c=='f'
            || c=='n' || c=='r' || c=='t'
-           || (c=='u' && jsonIs4Hex(z+j+1)) ){
-          jnFlags = JNODE_ESCAPE;
+           || (c=='u' && jsonIs4Hex(&z[j+1])) ){
+          jnFlags |= JNODE_ESCAPE;
+        }else if( c=='\'' || c=='0' || c=='v' || c=='\n'
+           || (0xe2==(u8)c && 0x80==(u8)z[j+1]
+                && (0xa8==(u8)z[j+2] || 0xa9==(u8)z[j+2]))
+           || (c=='x' && jsonIs2Hex(&z[j+1])) ){
+          jnFlags |= (JNODE_ESCAPE|JNODE_JSON5);
+          pParse->hasNonstd = 1;
+        }else if( c=='\r' ){
+          if( z[j+1]=='\n' ) j++;
+          jnFlags |= (JNODE_ESCAPE|JNODE_JSON5);
+          pParse->hasNonstd = 1;
         }else{
+          pParse->iErr = j;
           return -1;
         }
-      }else if( c=='"' ){
+      }else if( c==cDelim ){
         break;
       }
       j++;
     }
-    jsonParseAddNode(pParse, JSON_STRING, j+1-i, &z[i]);
-    if( !pParse->oom ) pParse->aNode[pParse->nNode-1].jnFlags = jnFlags;
+    jsonParseAddNode(pParse, JSON_STRING | (jnFlags<<8), j+1-i, &z[i]);
     return j+1;
-  }else if( c=='n'
-         && strncmp(z+i,"null",4)==0
-         && !sqlite3Isalnum(z[i+4]) ){
-    jsonParseAddNode(pParse, JSON_NULL, 0, 0);
-    return i+4;
-  }else if( c=='t'
-         && strncmp(z+i,"true",4)==0
-         && !sqlite3Isalnum(z[i+4]) ){
-    jsonParseAddNode(pParse, JSON_TRUE, 0, 0);
-    return i+4;
-  }else if( c=='f'
-         && strncmp(z+i,"false",5)==0
-         && !sqlite3Isalnum(z[i+5]) ){
-    jsonParseAddNode(pParse, JSON_FALSE, 0, 0);
-    return i+5;
-  }else if( c=='-' || (c>='0' && c<='9') ){
+  }
+  case 't': {
+    if( strncmp(z+i,"true",4)==0 && !sqlite3Isalnum(z[i+4]) ){
+      jsonParseAddNode(pParse, JSON_TRUE, 0, 0);
+      return i+4;
+    }
+    pParse->iErr = i;
+    return -1;
+  }
+  case 'f': {
+    if( strncmp(z+i,"false",5)==0 && !sqlite3Isalnum(z[i+5]) ){
+      jsonParseAddNode(pParse, JSON_FALSE, 0, 0);
+      return i+5;
+    }
+    pParse->iErr = i;
+    return -1;
+  }
+  case '+': {
+    u8 seenDP, seenE, jnFlags;
+    pParse->hasNonstd = 1;
+    jnFlags = JNODE_JSON5;
+    goto parse_number;
+  case '.':
+    if( sqlite3Isdigit(z[i+1]) ){
+      pParse->hasNonstd = 1;
+      jnFlags = JNODE_JSON5;
+      seenE = 0;
+      seenDP = JSON_REAL;
+      goto parse_number_2;
+    }
+    pParse->iErr = i;
+    return -1;
+  case '-':
+  case '0':
+  case '1':
+  case '2':
+  case '3':
+  case '4':
+  case '5':
+  case '6':
+  case '7':
+  case '8':
+  case '9':
     /* Parse number */
-    u8 seenDP = 0;
-    u8 seenE = 0;
+    jnFlags = 0;
+  parse_number:
+    seenDP = JSON_INT;
+    seenE = 0;
     assert( '-' < '0' );
+    assert( '+' < '0' );
+    assert( '.' < '0' );
+    c = z[i];
+
     if( c<='0' ){
-      j = c=='-' ? i+1 : i;
-      if( z[j]=='0' && z[j+1]>='0' && z[j+1]<='9' ) return -1;
+      if( c=='0' ){
+        if( (z[i+1]=='x' || z[i+1]=='X') && sqlite3Isxdigit(z[i+2]) ){
+          assert( seenDP==JSON_INT );
+          pParse->hasNonstd = 1;
+          jnFlags |= JNODE_JSON5;
+          for(j=i+3; sqlite3Isxdigit(z[j]); j++){}
+          goto parse_number_finish;
+        }else if( sqlite3Isdigit(z[i+1]) ){
+          pParse->iErr = i+1;
+          return -1;
+        }
+      }else{
+        if( !sqlite3Isdigit(z[i+1]) ){
+          /* JSON5 allows for "+Infinity" and "-Infinity" using exactly
+          ** that case.  SQLite also allows these in any case and it allows
+          ** "+inf" and "-inf". */
+          if( (z[i+1]=='I' || z[i+1]=='i')
+           && sqlite3StrNICmp(&z[i+1], "inf",3)==0
+          ){
+            pParse->hasNonstd = 1;
+            if( z[i]=='-' ){
+              jsonParseAddNode(pParse, JSON_REAL, 8, "-9.0e999");
+            }else{
+              jsonParseAddNode(pParse, JSON_REAL, 7, "9.0e999");
+            }
+            return i + (sqlite3StrNICmp(&z[i+4],"inity",5)==0 ? 9 : 4);
+          }
+          if( z[i+1]=='.' ){
+            pParse->hasNonstd = 1;
+            jnFlags |= JNODE_JSON5;
+            goto parse_number_2;
+          }
+          pParse->iErr = i;
+          return -1;
+        }
+        if( z[i+1]=='0' ){
+          if( sqlite3Isdigit(z[i+2]) ){
+            pParse->iErr = i+1;
+            return -1;
+          }else if( (z[i+2]=='x' || z[i+2]=='X') && sqlite3Isxdigit(z[i+3]) ){
+            pParse->hasNonstd = 1;
+            jnFlags |= JNODE_JSON5;
+            for(j=i+4; sqlite3Isxdigit(z[j]); j++){}
+            goto parse_number_finish;
+          }
+        }
+      }
     }
-    j = i+1;
-    for(;; j++){
+  parse_number_2:
+    for(j=i+1;; j++){
       c = z[j];
-      if( c>='0' && c<='9' ) continue;
+      if( sqlite3Isdigit(c) ) continue;
       if( c=='.' ){
-        if( z[j-1]=='-' ) return -1;
-        if( seenDP ) return -1;
-        seenDP = 1;
+        if( seenDP==JSON_REAL ){
+          pParse->iErr = j;
+          return -1;
+        }
+        seenDP = JSON_REAL;
         continue;
       }
       if( c=='e' || c=='E' ){
-        if( z[j-1]<'0' ) return -1;
-        if( seenE ) return -1;
-        seenDP = seenE = 1;
+        if( z[j-1]<'0' ){
+          if( ALWAYS(z[j-1]=='.') && ALWAYS(j-2>=i) && sqlite3Isdigit(z[j-2]) ){
+            pParse->hasNonstd = 1;
+            jnFlags |= JNODE_JSON5;
+          }else{
+            pParse->iErr = j;
+            return -1;
+          }
+        }
+        if( seenE ){
+          pParse->iErr = j;
+          return -1;
+        }
+        seenDP = JSON_REAL;
+        seenE = 1;
         c = z[j+1];
         if( c=='+' || c=='-' ){
           j++;
           c = z[j+1];
         }
-        if( c<'0' || c>'9' ) return -1;
+        if( c<'0' || c>'9' ){
+          pParse->iErr = j;
+          return -1;
+        }
         continue;
       }
       break;
     }
-    if( z[j-1]<'0' ) return -1;
-    jsonParseAddNode(pParse, seenDP ? JSON_REAL : JSON_INT,
-                        j - i, &z[i]);
+    if( z[j-1]<'0' ){
+      if( ALWAYS(z[j-1]=='.') && ALWAYS(j-2>=i) && sqlite3Isdigit(z[j-2]) ){
+        pParse->hasNonstd = 1;
+        jnFlags |= JNODE_JSON5;
+      }else{
+        pParse->iErr = j;
+        return -1;
+      }
+    }
+  parse_number_finish:
+    jsonParseAddNode(pParse, seenDP | (jnFlags<<8), j - i, &z[i]);
     return j;
-  }else if( c=='}' ){
+  }
+  case '}': {
+    pParse->iErr = i;
     return -2;  /* End of {...} */
-  }else if( c==']' ){
+  }
+  case ']': {
+    pParse->iErr = i;
     return -3;  /* End of [...] */
-  }else if( c==0 ){
+  }
+  case ',': {
+    pParse->iErr = i;
+    return -4;  /* List separator */
+  }
+  case ':': {
+    pParse->iErr = i;
+    return -5;  /* Object label/value separator */
+  }
+  case 0: {
     return 0;   /* End of file */
-  }else{
+  }
+  case 0x09:
+  case 0x0a:
+  case 0x0d:
+  case 0x20: {
+    do{
+      i++;
+    }while( fast_isspace(z[i]) );
+    goto json_parse_restart;
+  }
+  case 0x0b:
+  case 0x0c:
+  case '/':
+  case 0xc2:
+  case 0xe1:
+  case 0xe2:
+  case 0xe3:
+  case 0xef: {
+    j = json5Whitespace(&z[i]);
+    if( j>0 ){
+      i += j;
+      pParse->hasNonstd = 1;
+      goto json_parse_restart;
+    }
+    pParse->iErr = i;
+    return -1;
+  }
+  case 'n': {
+    if( strncmp(z+i,"null",4)==0 && !sqlite3Isalnum(z[i+4]) ){
+      jsonParseAddNode(pParse, JSON_NULL, 0, 0);
+      return i+4;
+    }
+    /* fall-through into the default case that checks for NaN */
+  }
+  default: {
+    u32 k;
+    int nn;
+    c = z[i];
+    for(k=0; khasNonstd = 1;
+      return i + nn;
+    }
+    pParse->iErr = i;
     return -1;  /* Syntax error */
   }
+  } /* End switch(z[i]) */
 }
 
 /*
@@ -196379,7 +201244,14 @@ static int jsonParse(
   if( i>0 ){
     assert( pParse->iDepth==0 );
     while( fast_isspace(zJson[i]) ) i++;
-    if( zJson[i] ) i = -1;
+    if( zJson[i] ){
+      i += json5Whitespace(&zJson[i]);
+      if( zJson[i] ){
+        jsonParseReset(pParse);
+        return 1;
+      }
+      pParse->hasNonstd = 1;
+    }
   }
   if( i<=0 ){
     if( pCtx!=0 ){
@@ -196450,6 +201322,15 @@ static int jsonParseFindParents(JsonParse *pParse){
 ** is no longer valid, parse the JSON again and return the new parse,
 ** and also register the new parse so that it will be available for
 ** future sqlite3_get_auxdata() calls.
+**
+** If an error occurs and pErrCtx!=0 then report the error on pErrCtx
+** and return NULL.
+**
+** If an error occurs and pErrCtx==0 then return the Parse object with
+** JsonParse.nErr non-zero.  If the caller invokes this routine with
+** pErrCtx==0 and it gets back a JsonParse with nErr!=0, then the caller
+** is responsible for invoking jsonParseFree() on the returned value.
+** But the caller may invoke jsonParseFree() *only* if pParse->nErr!=0.
 */
 static JsonParse *jsonParseCached(
   sqlite3_context *pCtx,
@@ -196499,6 +201380,10 @@ static JsonParse *jsonParseCached(
   p->zJson = (char*)&p[1];
   memcpy((char*)p->zJson, zJson, nJson+1);
   if( jsonParse(p, pErrCtx, p->zJson) ){
+    if( pErrCtx==0 ){
+      p->nErr = 1;
+      return p;
+    }
     sqlite3_free(p);
     return 0;
   }
@@ -196513,7 +201398,7 @@ static JsonParse *jsonParseCached(
 ** Compare the OBJECT label at pNode against zKey,nKey.  Return true on
 ** a match.
 */
-static int jsonLabelCompare(JsonNode *pNode, const char *zKey, u32 nKey){
+static int jsonLabelCompare(const JsonNode *pNode, const char *zKey, u32 nKey){
   assert( pNode->eU==1 );
   if( pNode->jnFlags & JNODE_RAW ){
     if( pNode->n!=nKey ) return 0;
@@ -196523,6 +201408,15 @@ static int jsonLabelCompare(JsonNode *pNode, const char *zKey, u32 nKey){
     return strncmp(pNode->u.zJContent+1, zKey, nKey)==0;
   }
 }
+static int jsonSameLabel(const JsonNode *p1, const JsonNode *p2){
+  if( p1->jnFlags & JNODE_RAW ){
+    return jsonLabelCompare(p2, p1->u.zJContent, p1->n);
+  }else if( p2->jnFlags & JNODE_RAW ){
+    return jsonLabelCompare(p1, p2->u.zJContent, p2->n);
+  }else{
+    return p1->n==p2->n && strncmp(p1->u.zJContent,p2->u.zJContent,p1->n)==0;
+  }
+}
 
 /* forward declaration */
 static JsonNode *jsonLookupAppend(JsonParse*,const char*,int*,const char**);
@@ -196993,7 +201887,7 @@ static void jsonExtractFunc(
     zPath = (const char*)sqlite3_value_text(argv[1]);
     if( zPath==0 ) return;
     if( flags & JSON_ABPATH ){
-      if( zPath[0]!='$' ){
+      if( zPath[0]!='$' || (zPath[1]!='.' && zPath[1]!='[' && zPath[1]!=0) ){
         /* The -> and ->> operators accept abbreviated PATH arguments.  This
         ** is mostly for compatibility with PostgreSQL, but also for
         ** convenience.
@@ -197084,12 +201978,10 @@ static JsonNode *jsonMergePatch(
     assert( pPatch[i].eU==1 );
     nKey = pPatch[i].n;
     zKey = pPatch[i].u.zJContent;
-    assert( (pPatch[i].jnFlags & JNODE_RAW)==0 );
     for(j=1; jn; j += jsonNodeSize(&pTarget[j+1])+1 ){
       assert( pTarget[j].eType==JSON_STRING );
       assert( pTarget[j].jnFlags & JNODE_LABEL );
-      assert( (pPatch[i].jnFlags & JNODE_RAW)==0 );
-      if( pTarget[j].n==nKey && strncmp(pTarget[j].u.zJContent,zKey,nKey)==0 ){
+      if( jsonSameLabel(&pPatch[i], &pTarget[j]) ){
         if( pTarget[j+1].jnFlags & (JNODE_REMOVE|JNODE_PATCH) ) break;
         if( pPatch[i+1].eType==JSON_NULL ){
           pTarget[j+1].jnFlags |= JNODE_REMOVE;
@@ -197376,8 +202268,8 @@ static void jsonTypeFunc(
 /*
 ** json_valid(JSON)
 **
-** Return 1 if JSON is a well-formed JSON string according to RFC-7159.
-** Return 0 otherwise.
+** Return 1 if JSON is a well-formed canonical JSON string according
+** to RFC-7159. Return 0 otherwise.
 */
 static void jsonValidFunc(
   sqlite3_context *ctx,
@@ -197386,8 +202278,69 @@ static void jsonValidFunc(
 ){
   JsonParse *p;          /* The parse */
   UNUSED_PARAMETER(argc);
+  if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
   p = jsonParseCached(ctx, argv, 0);
-  sqlite3_result_int(ctx, p!=0);
+  if( p==0 || p->oom ){
+    sqlite3_result_error_nomem(ctx);
+    sqlite3_free(p);
+  }else{
+    sqlite3_result_int(ctx, p->nErr==0 && p->hasNonstd==0);
+    if( p->nErr ) jsonParseFree(p);
+  }
+}
+
+/*
+** json_error_position(JSON)
+**
+** If the argument is not an interpretable JSON string, then return the 1-based
+** character position at which the parser first recognized that the input
+** was in error.  The left-most character is 1.  If the string is valid
+** JSON, then return 0.
+**
+** Note that json_valid() is only true for strictly conforming canonical JSON.
+** But this routine returns zero if the input contains extension.  Thus:
+**
+** (1) If the input X is strictly conforming canonical JSON:
+**
+**         json_valid(X) returns true
+**         json_error_position(X) returns 0
+**
+** (2) If the input X is JSON but it includes extension (such as JSON5) that
+**     are not part of RFC-8259:
+**
+**         json_valid(X) returns false
+**         json_error_position(X) return 0
+**
+** (3) If the input X cannot be interpreted as JSON even taking extensions
+**     into account:
+**
+**         json_valid(X) return false
+**         json_error_position(X) returns 1 or more
+*/
+static void jsonErrorFunc(
+  sqlite3_context *ctx,
+  int argc,
+  sqlite3_value **argv
+){
+  JsonParse *p;          /* The parse */
+  UNUSED_PARAMETER(argc);
+  if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
+  p = jsonParseCached(ctx, argv, 0);
+  if( p==0 || p->oom ){
+    sqlite3_result_error_nomem(ctx);
+    sqlite3_free(p);
+  }else if( p->nErr==0 ){
+    sqlite3_result_int(ctx, 0);
+  }else{
+    int n = 1;
+    u32 i;
+    const char *z = p->zJson;
+    for(i=0; iiErr && ALWAYS(z[i]); i++){
+      if( (z[i]&0xc0)!=0x80 ) n++;
+    }
+    sqlite3_result_int(ctx, n);
+    jsonParseFree(p);
+  }
 }
 
 
@@ -197731,14 +202684,16 @@ static void jsonAppendObjectPathElement(
   assert( pNode->eU==1 );
   z = pNode->u.zJContent;
   nn = pNode->n;
-  assert( nn>=2 );
-  assert( z[0]=='"' );
-  assert( z[nn-1]=='"' );
-  if( nn>2 && sqlite3Isalpha(z[1]) ){
-    for(jj=2; jjjnFlags & JNODE_RAW)==0 ){
+    assert( nn>=2 );
+    assert( z[0]=='"' || z[0]=='\'' );
+    assert( z[nn-1]=='"' || z[0]=='\'' );
+    if( nn>2 && sqlite3Isalpha(z[1]) ){
+      for(jj=2; jjnOrderBy>0
+   && pIdxInfo->aOrderBy[0].iColumn<0
+   && pIdxInfo->aOrderBy[0].desc==0
+  ){
+    pIdxInfo->orderByConsumed = 1;
+  }
+
   if( (unusableMask & ~idxMask)!=0 ){
     /* If there are any unusable constraints on JSON or ROOT, then reject
     ** this entire plan */
@@ -198091,6 +203053,7 @@ SQLITE_PRIVATE void sqlite3RegisterJsonFunctions(void){
     JFUNCTION(json_array,        -1, 0,  jsonArrayFunc),
     JFUNCTION(json_array_length,  1, 0,  jsonArrayLengthFunc),
     JFUNCTION(json_array_length,  2, 0,  jsonArrayLengthFunc),
+    JFUNCTION(json_error_position,1, 0,  jsonErrorFunc),
     JFUNCTION(json_extract,      -1, 0,  jsonExtractFunc),
     JFUNCTION(->,                 2, JSON_JSON, jsonExtractFunc),
     JFUNCTION(->>,                2, JSON_SQL, jsonExtractFunc),
@@ -198110,10 +203073,10 @@ SQLITE_PRIVATE void sqlite3RegisterJsonFunctions(void){
 #endif
     WAGGREGATE(json_group_array,  1, 0, 0,
        jsonArrayStep, jsonArrayFinal, jsonArrayValue, jsonGroupInverse,
-       SQLITE_SUBTYPE|SQLITE_UTF8|SQLITE_DETERMINISTIC|SQLITE_INNOCUOUS),
+       SQLITE_SUBTYPE|SQLITE_UTF8|SQLITE_DETERMINISTIC),
     WAGGREGATE(json_group_object, 2, 0, 0,
        jsonObjectStep, jsonObjectFinal, jsonObjectValue, jsonGroupInverse,
-       SQLITE_SUBTYPE|SQLITE_UTF8|SQLITE_DETERMINISTIC|SQLITE_INNOCUOUS)
+       SQLITE_SUBTYPE|SQLITE_UTF8|SQLITE_DETERMINISTIC)
   };
   sqlite3InsertBuiltinFuncs(aJsonFunc, ArraySize(aJsonFunc));
 #endif
@@ -198615,16 +203578,17 @@ struct RtreeMatchArg {
 ** at run-time.
 */
 #ifndef SQLITE_BYTEORDER
-#if defined(i386)     || defined(__i386__)   || defined(_M_IX86) ||    \
-    defined(__x86_64) || defined(__x86_64__) || defined(_M_X64)  ||    \
-    defined(_M_AMD64) || defined(_M_ARM)     || defined(__x86)   ||    \
-    defined(__arm__)
-# define SQLITE_BYTEORDER    1234
-#elif defined(sparc)    || defined(__ppc__)
-# define SQLITE_BYTEORDER    4321
-#else
-# define SQLITE_BYTEORDER    0     /* 0 means "unknown at compile-time" */
-#endif
+# if defined(i386)      || defined(__i386__)      || defined(_M_IX86) ||    \
+     defined(__x86_64)  || defined(__x86_64__)    || defined(_M_X64)  ||    \
+     defined(_M_AMD64)  || defined(_M_ARM)        || defined(__x86)   ||    \
+     defined(__ARMEL__) || defined(__AARCH64EL__) || defined(_M_ARM64)
+#   define SQLITE_BYTEORDER    1234
+# elif defined(sparc)     || defined(__ppc__) || \
+       defined(__ARMEB__) || defined(__AARCH64EB__)
+#   define SQLITE_BYTEORDER    4321
+# else
+#   define SQLITE_BYTEORDER 0
+# endif
 #endif
 
 
@@ -198645,7 +203609,7 @@ static int readInt16(u8 *p){
   return (p[0]<<8) + p[1];
 }
 static void readCoord(u8 *p, RtreeCoord *pCoord){
-  assert( ((((char*)p) - (char*)0)&3)==0 );  /* p is always 4-byte aligned */
+  assert( (((sqlite3_uint64)p)&3)==0 );  /* p is always 4-byte aligned */
 #if SQLITE_BYTEORDER==1234 && MSVC_VERSION>=1300
   pCoord->u = _byteswap_ulong(*(u32*)p);
 #elif SQLITE_BYTEORDER==1234 && GCC_VERSION>=4003000
@@ -198699,7 +203663,7 @@ static void writeInt16(u8 *p, int i){
 }
 static int writeCoord(u8 *p, RtreeCoord *pCoord){
   u32 i;
-  assert( ((((char*)p) - (char*)0)&3)==0 );  /* p is always 4-byte aligned */
+  assert( (((sqlite3_uint64)p)&3)==0 );  /* p is always 4-byte aligned */
   assert( sizeof(RtreeCoord)==4 );
   assert( sizeof(u32)==4 );
 #if SQLITE_BYTEORDER==1234 && GCC_VERSION>=4003000
@@ -199427,7 +204391,7 @@ static void rtreeNonleafConstraint(
   assert(p->op==RTREE_LE || p->op==RTREE_LT || p->op==RTREE_GE
       || p->op==RTREE_GT || p->op==RTREE_EQ || p->op==RTREE_TRUE
       || p->op==RTREE_FALSE );
-  assert( ((((char*)pCellData) - (char*)0)&3)==0 );  /* 4-byte aligned */
+  assert( (((sqlite3_uint64)pCellData)&3)==0 );  /* 4-byte aligned */
   switch( p->op ){
     case RTREE_TRUE:  return;   /* Always satisfied */
     case RTREE_FALSE: break;    /* Never satisfied */
@@ -199480,7 +204444,7 @@ static void rtreeLeafConstraint(
       || p->op==RTREE_GT || p->op==RTREE_EQ || p->op==RTREE_TRUE
       || p->op==RTREE_FALSE );
   pCellData += 8 + p->iCoord*4;
-  assert( ((((char*)pCellData) - (char*)0)&3)==0 );  /* 4-byte aligned */
+  assert( (((sqlite3_uint64)pCellData)&3)==0 );  /* 4-byte aligned */
   RTREE_DECODE_COORD(eInt, pCellData, xN);
   switch( p->op ){
     case RTREE_TRUE:  return;   /* Always satisfied */
@@ -201379,7 +206343,7 @@ static int rtreeUpdate(
   rtreeReference(pRtree);
   assert(nData>=1);
 
-  cell.iRowid = 0;  /* Used only to suppress a compiler warning */
+  memset(&cell, 0, sizeof(cell));
 
   /* Constraint handling. A write operation on an r-tree table may return
   ** SQLITE_CONSTRAINT for two reasons:
@@ -202852,7 +207816,7 @@ static GeoPoly *geopolyFuncParam(
   int nByte;
   testcase( pCtx==0 );
   if( sqlite3_value_type(pVal)==SQLITE_BLOB
-   && (nByte = sqlite3_value_bytes(pVal))>=(4+6*sizeof(GeoCoord))
+   && (nByte = sqlite3_value_bytes(pVal))>=(int)(4+6*sizeof(GeoCoord))
   ){
     const unsigned char *a = sqlite3_value_blob(pVal);
     int nVertex;
@@ -202910,6 +207874,7 @@ static void geopolyBlobFunc(
   sqlite3_value **argv
 ){
   GeoPoly *p = geopolyFuncParam(context, argv[0], 0);
+  (void)argc;
   if( p ){
     sqlite3_result_blob(context, p->hdr,
        4+8*p->nVertex, SQLITE_TRANSIENT);
@@ -202929,6 +207894,7 @@ static void geopolyJsonFunc(
   sqlite3_value **argv
 ){
   GeoPoly *p = geopolyFuncParam(context, argv[0], 0);
+  (void)argc;
   if( p ){
     sqlite3 *db = sqlite3_context_db_handle(context);
     sqlite3_str *x = sqlite3_str_new(db);
@@ -203010,6 +207976,7 @@ static void geopolyXformFunc(
   double F = sqlite3_value_double(argv[6]);
   GeoCoord x1, y1, x0, y0;
   int ii;
+  (void)argc;
   if( p ){
     for(ii=0; iinVertex; ii++){
       x0 = GeoX(p,ii);
@@ -203060,6 +208027,7 @@ static void geopolyAreaFunc(
   sqlite3_value **argv
 ){
   GeoPoly *p = geopolyFuncParam(context, argv[0], 0);
+  (void)argc;
   if( p ){
     sqlite3_result_double(context, geopolyArea(p));
     sqlite3_free(p);
@@ -203085,6 +208053,7 @@ static void geopolyCcwFunc(
   sqlite3_value **argv
 ){
   GeoPoly *p = geopolyFuncParam(context, argv[0], 0);
+  (void)argc;
   if( p ){
     if( geopolyArea(p)<0.0 ){
       int ii, jj;
@@ -203139,6 +208108,7 @@ static void geopolyRegularFunc(
   int n = sqlite3_value_int(argv[3]);
   int i;
   GeoPoly *p;
+  (void)argc;
 
   if( n<3 || r<=0.0 ) return;
   if( n>1000 ) n = 1000;
@@ -203248,6 +208218,7 @@ static void geopolyBBoxFunc(
   sqlite3_value **argv
 ){
   GeoPoly *p = geopolyBBox(context, argv[0], 0, 0);
+  (void)argc;
   if( p ){
     sqlite3_result_blob(context, p->hdr,
        4+8*p->nVertex, SQLITE_TRANSIENT);
@@ -203275,6 +208246,7 @@ static void geopolyBBoxStep(
 ){
   RtreeCoord a[4];
   int rc = SQLITE_OK;
+  (void)argc;
   (void)geopolyBBox(context, argv[0], a, &rc);
   if( rc==SQLITE_OK ){
     GeoBBox *pBBox;
@@ -203363,6 +208335,8 @@ static void geopolyContainsPointFunc(
   int v = 0;
   int cnt = 0;
   int ii;
+  (void)argc;
+
   if( p1==0 ) return;
   for(ii=0; iinVertex-1; ii++){
     v = pointBeneathLine(x0,y0,GeoX(p1,ii), GeoY(p1,ii),
@@ -203402,6 +208376,7 @@ static void geopolyWithinFunc(
 ){
   GeoPoly *p1 = geopolyFuncParam(context, argv[0], 0);
   GeoPoly *p2 = geopolyFuncParam(context, argv[1], 0);
+  (void)argc;
   if( p1 && p2 ){
     int x = geopolyOverlap(p1, p2);
     if( x<0 ){
@@ -203732,6 +208707,7 @@ static void geopolyOverlapFunc(
 ){
   GeoPoly *p1 = geopolyFuncParam(context, argv[0], 0);
   GeoPoly *p2 = geopolyFuncParam(context, argv[1], 0);
+  (void)argc;
   if( p1 && p2 ){
     int x = geopolyOverlap(p1, p2);
     if( x<0 ){
@@ -203752,8 +208728,12 @@ static void geopolyDebugFunc(
   int argc,
   sqlite3_value **argv
 ){
+  (void)context;
+  (void)argc;
 #ifdef GEOPOLY_ENABLE_DEBUG
   geo_debug = sqlite3_value_int(argv[0]);
+#else
+  (void)argv;
 #endif
 }
 
@@ -203781,6 +208761,7 @@ static int geopolyInit(
   sqlite3_str *pSql;
   char *zSql;
   int ii;
+  (void)pAux;
 
   sqlite3_vtab_config(db, SQLITE_VTAB_CONSTRAINT_SUPPORT, 1);
 
@@ -203897,6 +208878,7 @@ static int geopolyFilter(
   RtreeNode *pRoot = 0;
   int rc = SQLITE_OK;
   int iCell = 0;
+  (void)idxStr;
 
   rtreeReference(pRtree);
 
@@ -204023,6 +209005,7 @@ static int geopolyBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
   int iRowidTerm = -1;
   int iFuncTerm = -1;
   int idxNum = 0;
+  (void)tab;
 
   for(ii=0; iinConstraint; ii++){
     struct sqlite3_index_constraint *p = &pIdxInfo->aConstraint[ii];
@@ -204269,6 +209252,8 @@ static int geopolyFindFunction(
   void (**pxFunc)(sqlite3_context*,int,sqlite3_value**),
   void **ppArg
 ){
+  (void)pVtab;
+  (void)nArg;
   if( sqlite3_stricmp(zName, "geopoly_overlap")==0 ){
     *pxFunc = geopolyOverlapFunc;
     *ppArg = 0;
@@ -204338,7 +209323,7 @@ static int sqlite3_geopoly_init(sqlite3 *db){
   } aAgg[] = {
      { geopolyBBoxStep, geopolyBBoxFinal, "geopoly_group_bbox"    },
   };
-  int i;
+  unsigned int i;
   for(i=0; i naming scheme.
+** tables or views named using the data_ naming scheme.
 **
 ** Instead of the plain data_ naming scheme, RBU database tables
 ** may also be named data_, where  is any sequence
@@ -205572,7 +210557,7 @@ SQLITE_PRIVATE void sqlite3Fts3IcuTokenizerModule(
 **
 ** If the target database table is a virtual table or a table that has no
 ** PRIMARY KEY declaration, the data_% table must also contain a column
-** named "rbu_rowid". This column is mapped to the tables implicit primary
+** named "rbu_rowid". This column is mapped to the table's implicit primary
 ** key column - "rowid". Virtual tables for which the "rowid" column does
 ** not function like a primary key value cannot be updated using RBU. For
 ** example, if the target db contains either of the following:
@@ -206005,6 +210990,34 @@ SQLITE_API void sqlite3rbu_bp_progress(sqlite3rbu *pRbu, int *pnOne, int*pnTwo);
 
 SQLITE_API int sqlite3rbu_state(sqlite3rbu *pRbu);
 
+/*
+** As part of applying an RBU update or performing an RBU vacuum operation,
+** the system must at one point move the *-oal file to the equivalent *-wal
+** path. Normally, it does this by invoking POSIX function rename(2) directly.
+** Except on WINCE platforms, where it uses win32 API MoveFileW(). This
+** function may be used to register a callback that the RBU module will invoke
+** instead of one of these APIs.
+**
+** If a callback is registered with an RBU handle, it invokes it instead
+** of rename(2) when it needs to move a file within the file-system. The
+** first argument passed to the xRename() callback is a copy of the second
+** argument (pArg) passed to this function. The second is the full path
+** to the file to move and the third the full path to which it should be
+** moved. The callback function should return SQLITE_OK to indicate
+** success. If an error occurs, it should return an SQLite error code.
+** In this case the RBU operation will be abandoned and the error returned
+** to the RBU user.
+**
+** Passing a NULL pointer in place of the xRename argument to this function
+** restores the default behaviour.
+*/
+SQLITE_API void sqlite3rbu_rename_handler(
+  sqlite3rbu *pRbu,
+  void *pArg,
+  int (*xRename)(void *pArg, const char *zOld, const char *zNew)
+);
+
+
 /*
 ** Create an RBU VFS named zName that accesses the underlying file-system
 ** via existing VFS zParent. Or, if the zParent parameter is passed NULL,
@@ -206372,6 +211385,8 @@ struct sqlite3rbu {
   int nPagePerSector;             /* Pages per sector for pTargetFd */
   i64 iOalSz;
   i64 nPhaseOneStep;
+  void *pRenameArg;
+  int (*xRename)(void*, const char*, const char*);
 
   /* The following state variables are used as part of the incremental
   ** checkpoint stage (eStage==RBU_STAGE_CKPT). See comments surrounding
@@ -208760,7 +213775,7 @@ static void rbuOpenDatabase(sqlite3rbu *p, sqlite3 *dbMain, int *pbRetry){
     sqlite3_file_control(p->dbRbu, "main", SQLITE_FCNTL_RBUCNT, (void*)p);
     if( p->zState==0 ){
       const char *zFile = sqlite3_db_filename(p->dbRbu, "main");
-      p->zState = rbuMPrintf(p, "file://%s-vacuum?modeof=%s", zFile, zFile);
+      p->zState = rbuMPrintf(p, "file:///%s-vacuum?modeof=%s", zFile, zFile);
     }
   }
 
@@ -209008,11 +214023,11 @@ static void rbuSetupCheckpoint(sqlite3rbu *p, RbuState *pState){
   **     no-ops. These locks will not be released until the connection
   **     is closed.
   **
-  **   * Attempting to xSync() the database file causes an SQLITE_INTERNAL
+  **   * Attempting to xSync() the database file causes an SQLITE_NOTICE
   **     error.
   **
   ** As a result, unless an error (i.e. OOM or SQLITE_BUSY) occurs, the
-  ** checkpoint below fails with SQLITE_INTERNAL, and leaves the aFrame[]
+  ** checkpoint below fails with SQLITE_NOTICE, and leaves the aFrame[]
   ** array populated with a set of (frame -> page) mappings. Because the
   ** WRITER, CHECKPOINT and READ0 locks are still held, it is safe to copy
   ** data from the wal file into the database file according to the
@@ -209022,7 +214037,7 @@ static void rbuSetupCheckpoint(sqlite3rbu *p, RbuState *pState){
     int rc2;
     p->eStage = RBU_STAGE_CAPTURE;
     rc2 = sqlite3_exec(p->dbMain, "PRAGMA main.wal_checkpoint=restart", 0, 0,0);
-    if( rc2!=SQLITE_INTERNAL ) p->rc = rc2;
+    if( rc2!=SQLITE_NOTICE ) p->rc = rc2;
   }
 
   if( p->rc==SQLITE_OK && p->nFrame>0 ){
@@ -209068,7 +214083,7 @@ static int rbuCaptureWalRead(sqlite3rbu *pRbu, i64 iOff, int iAmt){
 
   if( pRbu->mLock!=mReq ){
     pRbu->rc = SQLITE_BUSY;
-    return SQLITE_INTERNAL;
+    return SQLITE_NOTICE_RBU;
   }
 
   pRbu->pgsz = iAmt;
@@ -209118,6 +214133,11 @@ static void rbuCheckpointFrame(sqlite3rbu *p, RbuFrame *pFrame){
   p->rc = pDb->pMethods->xWrite(pDb, p->aBuf, p->pgsz, iOff);
 }
 
+/*
+** This value is copied from the definition of ZIPVFS_CTRL_FILE_POINTER
+** in zipvfs.h.
+*/
+#define RBU_ZIPVFS_CTRL_FILE_POINTER 230439
 
 /*
 ** Take an EXCLUSIVE lock on the database file. Return SQLITE_OK if
@@ -209126,9 +214146,20 @@ static void rbuCheckpointFrame(sqlite3rbu *p, RbuFrame *pFrame){
 static int rbuLockDatabase(sqlite3 *db){
   int rc = SQLITE_OK;
   sqlite3_file *fd = 0;
-  sqlite3_file_control(db, "main", SQLITE_FCNTL_FILE_POINTER, &fd);
 
-  if( fd->pMethods ){
+  sqlite3_file_control(db, "main", RBU_ZIPVFS_CTRL_FILE_POINTER, &fd);
+  if( fd ){
+    sqlite3_file_control(db, "main", SQLITE_FCNTL_FILE_POINTER, &fd);
+    rc = fd->pMethods->xLock(fd, SQLITE_LOCK_SHARED);
+    if( rc==SQLITE_OK ){
+      rc = fd->pMethods->xUnlock(fd, SQLITE_LOCK_NONE);
+    }
+    sqlite3_file_control(db, "main", RBU_ZIPVFS_CTRL_FILE_POINTER, &fd);
+  }else{
+    sqlite3_file_control(db, "main", SQLITE_FCNTL_FILE_POINTER, &fd);
+  }
+
+  if( rc==SQLITE_OK && fd->pMethods ){
     rc = fd->pMethods->xLock(fd, SQLITE_LOCK_SHARED);
     if( rc==SQLITE_OK ){
       rc = fd->pMethods->xLock(fd, SQLITE_LOCK_EXCLUSIVE);
@@ -209220,32 +214251,7 @@ static void rbuMoveOalFile(sqlite3rbu *p){
     }
 
     if( p->rc==SQLITE_OK ){
-#if defined(_WIN32_WCE)
-      {
-        LPWSTR zWideOal;
-        LPWSTR zWideWal;
-
-        zWideOal = rbuWinUtf8ToUnicode(zOal);
-        if( zWideOal ){
-          zWideWal = rbuWinUtf8ToUnicode(zWal);
-          if( zWideWal ){
-            if( MoveFileW(zWideOal, zWideWal) ){
-              p->rc = SQLITE_OK;
-            }else{
-              p->rc = SQLITE_IOERR;
-            }
-            sqlite3_free(zWideWal);
-          }else{
-            p->rc = SQLITE_IOERR_NOMEM;
-          }
-          sqlite3_free(zWideOal);
-        }else{
-          p->rc = SQLITE_IOERR_NOMEM;
-        }
-      }
-#else
-      p->rc = rename(zOal, zWal) ? SQLITE_IOERR : SQLITE_OK;
-#endif
+      p->rc = p->xRename(p->pRenameArg, zOal, zWal);
     }
 
     if( p->rc!=SQLITE_OK
@@ -209832,7 +214838,8 @@ static void rbuSetupOal(sqlite3rbu *p, RbuState *pState){
 static void rbuDeleteOalFile(sqlite3rbu *p){
   char *zOal = rbuMPrintf(p, "%s-oal", p->zTarget);
   if( zOal ){
-    sqlite3_vfs *pVfs = sqlite3_vfs_find(0);
+    sqlite3_vfs *pVfs = 0;
+    sqlite3_file_control(p->dbMain, "main", SQLITE_FCNTL_VFS_POINTER, &pVfs);
     assert( pVfs && p->rc==SQLITE_OK && p->zErrmsg==0 );
     pVfs->xDelete(pVfs, zOal, 0);
     sqlite3_free(zOal);
@@ -209984,6 +214991,7 @@ static sqlite3rbu *openRbuHandle(
 
     /* Create the custom VFS. */
     memset(p, 0, sizeof(sqlite3rbu));
+    sqlite3rbu_rename_handler(p, 0, 0);
     rbuCreateVfs(p);
 
     /* Open the target, RBU and state databases */
@@ -210375,6 +215383,54 @@ SQLITE_API int sqlite3rbu_savestate(sqlite3rbu *p){
   return rc;
 }
 
+/*
+** Default xRename callback for RBU.
+*/
+static int xDefaultRename(void *pArg, const char *zOld, const char *zNew){
+  int rc = SQLITE_OK;
+#if defined(_WIN32_WCE)
+  {
+    LPWSTR zWideOld;
+    LPWSTR zWideNew;
+
+    zWideOld = rbuWinUtf8ToUnicode(zOld);
+    if( zWideOld ){
+      zWideNew = rbuWinUtf8ToUnicode(zNew);
+      if( zWideNew ){
+        if( MoveFileW(zWideOld, zWideNew) ){
+          rc = SQLITE_OK;
+        }else{
+          rc = SQLITE_IOERR;
+        }
+        sqlite3_free(zWideNew);
+      }else{
+        rc = SQLITE_IOERR_NOMEM;
+      }
+      sqlite3_free(zWideOld);
+    }else{
+      rc = SQLITE_IOERR_NOMEM;
+    }
+  }
+#else
+  rc = rename(zOld, zNew) ? SQLITE_IOERR : SQLITE_OK;
+#endif
+  return rc;
+}
+
+SQLITE_API void sqlite3rbu_rename_handler(
+  sqlite3rbu *pRbu,
+  void *pArg,
+  int (*xRename)(void *pArg, const char *zOld, const char *zNew)
+){
+  if( xRename ){
+    pRbu->xRename = xRename;
+    pRbu->pRenameArg = pArg;
+  }else{
+    pRbu->xRename = xDefaultRename;
+    pRbu->pRenameArg = 0;
+  }
+}
+
 /**************************************************************************
 ** Beginning of RBU VFS shim methods. The VFS shim modifies the behaviour
 ** of a standard VFS in the following ways:
@@ -210431,7 +215487,7 @@ SQLITE_API int sqlite3rbu_savestate(sqlite3rbu *p){
 **     database file are recorded. xShmLock() calls to unlock the same
 **     locks are no-ops (so that once obtained, these locks are never
 **     relinquished). Finally, calls to xSync() on the target database
-**     file fail with SQLITE_INTERNAL errors.
+**     file fail with SQLITE_NOTICE errors.
 */
 
 static void rbuUnlockShm(rbu_file *p){
@@ -210540,9 +215596,12 @@ static int rbuVfsClose(sqlite3_file *pFile){
   sqlite3_free(p->zDel);
 
   if( p->openFlags & SQLITE_OPEN_MAIN_DB ){
+    const sqlite3_io_methods *pMeth = p->pReal->pMethods;
     rbuMainlistRemove(p);
     rbuUnlockShm(p);
-    p->pReal->pMethods->xShmUnmap(p->pReal, 0);
+    if( pMeth->iVersion>1 && pMeth->xShmUnmap ){
+      pMeth->xShmUnmap(p->pReal, 0);
+    }
   }
   else if( (p->openFlags & SQLITE_OPEN_DELETEONCLOSE) && p->pRbu ){
     rbuUpdateTempSize(p, 0);
@@ -210710,7 +215769,7 @@ static int rbuVfsSync(sqlite3_file *pFile, int flags){
   rbu_file *p = (rbu_file *)pFile;
   if( p->pRbu && p->pRbu->eStage==RBU_STAGE_CAPTURE ){
     if( p->openFlags & SQLITE_OPEN_MAIN_DB ){
-      return SQLITE_INTERNAL;
+      return SQLITE_NOTICE_RBU;
     }
     return SQLITE_OK;
   }
@@ -211001,6 +216060,25 @@ static int rbuVfsOpen(
     rbuVfsShmUnmap,               /* xShmUnmap */
     0, 0                          /* xFetch, xUnfetch */
   };
+  static sqlite3_io_methods rbuvfs_io_methods1 = {
+    1,                            /* iVersion */
+    rbuVfsClose,                  /* xClose */
+    rbuVfsRead,                   /* xRead */
+    rbuVfsWrite,                  /* xWrite */
+    rbuVfsTruncate,               /* xTruncate */
+    rbuVfsSync,                   /* xSync */
+    rbuVfsFileSize,               /* xFileSize */
+    rbuVfsLock,                   /* xLock */
+    rbuVfsUnlock,                 /* xUnlock */
+    rbuVfsCheckReservedLock,      /* xCheckReservedLock */
+    rbuVfsFileControl,            /* xFileControl */
+    rbuVfsSectorSize,             /* xSectorSize */
+    rbuVfsDeviceCharacteristics,  /* xDeviceCharacteristics */
+    0, 0, 0, 0, 0, 0
+  };
+
+
+
   rbu_vfs *pRbuVfs = (rbu_vfs*)pVfs;
   sqlite3_vfs *pRealVfs = pRbuVfs->pRealVfs;
   rbu_file *pFd = (rbu_file *)pFile;
@@ -211055,10 +216133,15 @@ static int rbuVfsOpen(
     rc = pRealVfs->xOpen(pRealVfs, zOpen, pFd->pReal, oflags, pOutFlags);
   }
   if( pFd->pReal->pMethods ){
+    const sqlite3_io_methods *pMeth = pFd->pReal->pMethods;
     /* The xOpen() operation has succeeded. Set the sqlite3_file.pMethods
     ** pointer and, if the file is a main database file, link it into the
     ** mutex protected linked list of all such files.  */
-    pFile->pMethods = &rbuvfs_io_methods;
+    if( pMeth->iVersion<2 || pMeth->xShmLock==0 ){
+      pFile->pMethods = &rbuvfs_io_methods1;
+    }else{
+      pFile->pMethods = &rbuvfs_io_methods;
+    }
     if( flags & SQLITE_OPEN_MAIN_DB ){
       rbuMainlistAdd(pFd);
     }
@@ -211491,6 +216574,7 @@ static int statConnect(
   StatTable *pTab = 0;
   int rc = SQLITE_OK;
   int iDb;
+  (void)pAux;
 
   if( argc>=4 ){
     Token nm;
@@ -211544,6 +216628,7 @@ static int statBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
   int iSchema = -1;
   int iName = -1;
   int iAgg = -1;
+  (void)tab;
 
   /* Look for a valid schema=? constraint.  If found, change the idxNum to
   ** 1 and request the value of that constraint be sent to xFilter.  And
@@ -212069,6 +217154,8 @@ static int statFilter(
   int iArg = 0;           /* Count of argv[] parameters used so far */
   int rc = SQLITE_OK;     /* Result of this operation */
   const char *zName = 0;  /* Only provide analysis of this table */
+  (void)argc;
+  (void)idxStr;
 
   statResetCsr(pCsr);
   sqlite3_finalize(pCsr->pStmt);
@@ -212152,16 +217239,16 @@ static int statColumn(
       }
       break;
     case 4:            /* ncell */
-      sqlite3_result_int(ctx, pCsr->nCell);
+      sqlite3_result_int64(ctx, pCsr->nCell);
       break;
     case 5:            /* payload */
-      sqlite3_result_int(ctx, pCsr->nPayload);
+      sqlite3_result_int64(ctx, pCsr->nPayload);
       break;
     case 6:            /* unused */
-      sqlite3_result_int(ctx, pCsr->nUnused);
+      sqlite3_result_int64(ctx, pCsr->nUnused);
       break;
     case 7:            /* mx_payload */
-      sqlite3_result_int(ctx, pCsr->nMxPayload);
+      sqlite3_result_int64(ctx, pCsr->nMxPayload);
       break;
     case 8:            /* pgoffset */
       if( !pCsr->isAgg ){
@@ -212169,7 +217256,7 @@ static int statColumn(
       }
       break;
     case 9:            /* pgsize */
-      sqlite3_result_int(ctx, pCsr->szPage);
+      sqlite3_result_int64(ctx, pCsr->szPage);
       break;
     case 10: {         /* schema */
       sqlite3 *db = sqlite3_context_db_handle(ctx);
@@ -212303,8 +217390,13 @@ static int dbpageConnect(
 ){
   DbpageTable *pTab = 0;
   int rc = SQLITE_OK;
+  (void)pAux;
+  (void)argc;
+  (void)argv;
+  (void)pzErr;
 
   sqlite3_vtab_config(db, SQLITE_VTAB_DIRECTONLY);
+  sqlite3_vtab_config(db, SQLITE_VTAB_USES_ALL_SCHEMAS);
   rc = sqlite3_declare_vtab(db,
           "CREATE TABLE x(pgno INTEGER PRIMARY KEY, data BLOB, schema HIDDEN)");
   if( rc==SQLITE_OK ){
@@ -212341,6 +217433,7 @@ static int dbpageDisconnect(sqlite3_vtab *pVtab){
 static int dbpageBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
   int i;
   int iPlan = 0;
+  (void)tab;
 
   /* If there is a schema= constraint, it must be honored.  Report a
   ** ridiculously large estimated cost if the schema= constraint is
@@ -212387,7 +217480,6 @@ static int dbpageBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
   ){
     pIdxInfo->orderByConsumed = 1;
   }
-  sqlite3VtabUsesAllSchemas(pIdxInfo);
   return SQLITE_OK;
 }
 
@@ -212456,6 +217548,8 @@ static int dbpageFilter(
   sqlite3 *db = pTab->db;
   Btree *pBt;
 
+  (void)idxStr;
+
   /* Default setting is no rows of result */
   pCsr->pgno = 1;
   pCsr->mxPgno = 0;
@@ -212470,7 +217564,7 @@ static int dbpageFilter(
     pCsr->iDb = 0;
   }
   pBt = db->aDb[pCsr->iDb].pBt;
-  if( pBt==0 ) return SQLITE_OK;
+  if( NEVER(pBt==0) ) return SQLITE_OK;
   pCsr->pPager = sqlite3BtreePager(pBt);
   pCsr->szPage = sqlite3BtreeGetPageSize(pBt);
   pCsr->mxPgno = sqlite3BtreeLastPage(pBt);
@@ -212505,12 +217599,18 @@ static int dbpageColumn(
     }
     case 1: {           /* data */
       DbPage *pDbPage = 0;
-      rc = sqlite3PagerGet(pCsr->pPager, pCsr->pgno, (DbPage**)&pDbPage, 0);
-      if( rc==SQLITE_OK ){
-        sqlite3_result_blob(ctx, sqlite3PagerGetData(pDbPage), pCsr->szPage,
-                            SQLITE_TRANSIENT);
+      if( pCsr->pgno==((PENDING_BYTE/pCsr->szPage)+1) ){
+        /* The pending byte page. Assume it is zeroed out. Attempting to
+        ** request this page from the page is an SQLITE_CORRUPT error. */
+        sqlite3_result_zeroblob(ctx, pCsr->szPage);
+      }else{
+        rc = sqlite3PagerGet(pCsr->pPager, pCsr->pgno, (DbPage**)&pDbPage, 0);
+        if( rc==SQLITE_OK ){
+          sqlite3_result_blob(ctx, sqlite3PagerGetData(pDbPage), pCsr->szPage,
+              SQLITE_TRANSIENT);
+        }
+        sqlite3PagerUnref(pDbPage);
       }
-      sqlite3PagerUnref(pDbPage);
       break;
     }
     default: {          /* schema */
@@ -212519,7 +217619,7 @@ static int dbpageColumn(
       break;
     }
   }
-  return SQLITE_OK;
+  return rc;
 }
 
 static int dbpageRowid(sqlite3_vtab_cursor *pCursor, sqlite_int64 *pRowid){
@@ -212545,6 +217645,7 @@ static int dbpageUpdate(
   Pager *pPager;
   int szPage;
 
+  (void)pRowid;
   if( pTab->db->flags & SQLITE_Defensive ){
     zErr = "read-only";
     goto update_fail;
@@ -212554,18 +217655,20 @@ static int dbpageUpdate(
     goto update_fail;
   }
   pgno = sqlite3_value_int(argv[0]);
-  if( (Pgno)sqlite3_value_int(argv[1])!=pgno ){
+  if( sqlite3_value_type(argv[0])==SQLITE_NULL
+   || (Pgno)sqlite3_value_int(argv[1])!=pgno
+  ){
     zErr = "cannot insert";
     goto update_fail;
   }
   zSchema = (const char*)sqlite3_value_text(argv[4]);
-  iDb = zSchema ? sqlite3FindDbName(pTab->db, zSchema) : -1;
-  if( iDb<0 ){
+  iDb = ALWAYS(zSchema) ? sqlite3FindDbName(pTab->db, zSchema) : -1;
+  if( NEVER(iDb<0) ){
     zErr = "no such schema";
     goto update_fail;
   }
   pBt = pTab->db->aDb[iDb].pBt;
-  if( pgno<1 || pBt==0 || pgno>sqlite3BtreeLastPage(pBt) ){
+  if( NEVER(pgno<1) || NEVER(pBt==0) || NEVER(pgno>sqlite3BtreeLastPage(pBt)) ){
     zErr = "bad page number";
     goto update_fail;
   }
@@ -212579,11 +217682,12 @@ static int dbpageUpdate(
   pPager = sqlite3BtreePager(pBt);
   rc = sqlite3PagerGet(pPager, pgno, (DbPage**)&pDbPage, 0);
   if( rc==SQLITE_OK ){
-    rc = sqlite3PagerWrite(pDbPage);
-    if( rc==SQLITE_OK ){
-      memcpy(sqlite3PagerGetData(pDbPage),
-             sqlite3_value_blob(argv[3]),
-             szPage);
+    const void *pData = sqlite3_value_blob(argv[3]);
+    assert( pData!=0 || pTab->db->mallocFailed );
+    if( pData
+     && (rc = sqlite3PagerWrite(pDbPage))==SQLITE_OK
+    ){
+      memcpy(sqlite3PagerGetData(pDbPage), pData, szPage);
     }
   }
   sqlite3PagerUnref(pDbPage);
@@ -212605,7 +217709,7 @@ static int dbpageBegin(sqlite3_vtab *pVtab){
   int i;
   for(i=0; inDb; i++){
     Btree *pBt = db->aDb[i].pBt;
-    if( pBt ) sqlite3BtreeBeginTrans(pBt, 1, 0);
+    if( pBt ) (void)sqlite3BtreeBeginTrans(pBt, 1, 0);
   }
   return SQLITE_OK;
 }
@@ -212676,6 +217780,8 @@ typedef struct SessionInput SessionInput;
 # endif
 #endif
 
+#define SESSIONS_ROWID "_rowid_"
+
 static int sessions_strm_chunk_size = SESSIONS_STRM_CHUNK_SIZE;
 
 typedef struct SessionHook SessionHook;
@@ -212697,6 +217803,7 @@ struct sqlite3_session {
   int bEnable;                    /* True if currently recording */
   int bIndirect;                  /* True if all changes are indirect */
   int bAutoAttach;                /* True to auto-attach tables */
+  int bImplicitPK;                /* True to handle tables with implicit PK */
   int rc;                         /* Non-zero if an error has occurred */
   void *pFilterCtx;               /* First argument to pass to xTableFilter */
   int (*xTableFilter)(void *pCtx, const char *zTab);
@@ -212773,6 +217880,7 @@ struct SessionTable {
   char *zName;                    /* Local name of table */
   int nCol;                       /* Number of columns in table zName */
   int bStat1;                     /* True if this is sqlite_stat1 */
+  int bRowid;                     /* True if this table uses rowid for PK */
   const char **azCol;             /* Column names */
   u8 *abPK;                       /* Array of primary key flags */
   int nEntry;                     /* Total number of entries in hash table */
@@ -213165,6 +218273,7 @@ static unsigned int sessionHashAppendType(unsigned int h, int eType){
 */
 static int sessionPreupdateHash(
   sqlite3_session *pSession,      /* Session object that owns pTab */
+  i64 iRowid,
   SessionTable *pTab,             /* Session table handle */
   int bNew,                       /* True to hash the new.* PK */
   int *piHash,                    /* OUT: Hash value */
@@ -213173,48 +218282,53 @@ static int sessionPreupdateHash(
   unsigned int h = 0;             /* Hash value to return */
   int i;                          /* Used to iterate through columns */
 
-  assert( *pbNullPK==0 );
-  assert( pTab->nCol==pSession->hook.xCount(pSession->hook.pCtx) );
-  for(i=0; inCol; i++){
-    if( pTab->abPK[i] ){
-      int rc;
-      int eType;
-      sqlite3_value *pVal;
-
-      if( bNew ){
-        rc = pSession->hook.xNew(pSession->hook.pCtx, i, &pVal);
-      }else{
-        rc = pSession->hook.xOld(pSession->hook.pCtx, i, &pVal);
-      }
-      if( rc!=SQLITE_OK ) return rc;
+  if( pTab->bRowid ){
+    assert( pTab->nCol-1==pSession->hook.xCount(pSession->hook.pCtx) );
+    h = sessionHashAppendI64(h, iRowid);
+  }else{
+    assert( *pbNullPK==0 );
+    assert( pTab->nCol==pSession->hook.xCount(pSession->hook.pCtx) );
+    for(i=0; inCol; i++){
+      if( pTab->abPK[i] ){
+        int rc;
+        int eType;
+        sqlite3_value *pVal;
 
-      eType = sqlite3_value_type(pVal);
-      h = sessionHashAppendType(h, eType);
-      if( eType==SQLITE_INTEGER || eType==SQLITE_FLOAT ){
-        i64 iVal;
-        if( eType==SQLITE_INTEGER ){
-          iVal = sqlite3_value_int64(pVal);
+        if( bNew ){
+          rc = pSession->hook.xNew(pSession->hook.pCtx, i, &pVal);
         }else{
-          double rVal = sqlite3_value_double(pVal);
-          assert( sizeof(iVal)==8 && sizeof(rVal)==8 );
-          memcpy(&iVal, &rVal, 8);
+          rc = pSession->hook.xOld(pSession->hook.pCtx, i, &pVal);
         }
-        h = sessionHashAppendI64(h, iVal);
-      }else if( eType==SQLITE_TEXT || eType==SQLITE_BLOB ){
-        const u8 *z;
-        int n;
-        if( eType==SQLITE_TEXT ){
-          z = (const u8 *)sqlite3_value_text(pVal);
+        if( rc!=SQLITE_OK ) return rc;
+
+        eType = sqlite3_value_type(pVal);
+        h = sessionHashAppendType(h, eType);
+        if( eType==SQLITE_INTEGER || eType==SQLITE_FLOAT ){
+          i64 iVal;
+          if( eType==SQLITE_INTEGER ){
+            iVal = sqlite3_value_int64(pVal);
+          }else{
+            double rVal = sqlite3_value_double(pVal);
+            assert( sizeof(iVal)==8 && sizeof(rVal)==8 );
+            memcpy(&iVal, &rVal, 8);
+          }
+          h = sessionHashAppendI64(h, iVal);
+        }else if( eType==SQLITE_TEXT || eType==SQLITE_BLOB ){
+          const u8 *z;
+          int n;
+          if( eType==SQLITE_TEXT ){
+            z = (const u8 *)sqlite3_value_text(pVal);
+          }else{
+            z = (const u8 *)sqlite3_value_blob(pVal);
+          }
+          n = sqlite3_value_bytes(pVal);
+          if( !z && (eType!=SQLITE_BLOB || n>0) ) return SQLITE_NOMEM;
+          h = sessionHashAppendBlob(h, n, z);
         }else{
-          z = (const u8 *)sqlite3_value_blob(pVal);
+          assert( eType==SQLITE_NULL );
+          assert( pTab->bStat1==0 || i!=1 );
+          *pbNullPK = 1;
         }
-        n = sqlite3_value_bytes(pVal);
-        if( !z && (eType!=SQLITE_BLOB || n>0) ) return SQLITE_NOMEM;
-        h = sessionHashAppendBlob(h, n, z);
-      }else{
-        assert( eType==SQLITE_NULL );
-        assert( pTab->bStat1==0 || i!=1 );
-        *pbNullPK = 1;
       }
     }
   }
@@ -213497,6 +218611,7 @@ static int sessionMergeUpdate(
 */
 static int sessionPreupdateEqual(
   sqlite3_session *pSession,      /* Session object that owns SessionTable */
+  i64 iRowid,                     /* Rowid value if pTab->bRowid */
   SessionTable *pTab,             /* Table associated with change */
   SessionChange *pChange,         /* Change to compare to */
   int op                          /* Current pre-update operation */
@@ -213504,6 +218619,11 @@ static int sessionPreupdateEqual(
   int iCol;                       /* Used to iterate through columns */
   u8 *a = pChange->aRecord;       /* Cursor used to scan change record */
 
+  if( pTab->bRowid ){
+    if( a[0]!=SQLITE_INTEGER ) return 0;
+    return sessionGetI64(&a[1])==iRowid;
+  }
+
   assert( op==SQLITE_INSERT || op==SQLITE_UPDATE || op==SQLITE_DELETE );
   for(iCol=0; iColnCol; iCol++){
     if( !pTab->abPK[iCol] ){
@@ -213648,7 +218768,8 @@ static int sessionTableInfo(
   int *pnCol,                     /* OUT: number of columns */
   const char **pzTab,             /* OUT: Copy of zThis */
   const char ***pazCol,           /* OUT: Array of column names for table */
-  u8 **pabPK                      /* OUT: Array of booleans - true for PK col */
+  u8 **pabPK,                     /* OUT: Array of booleans - true for PK col */
+  int *pbRowid                    /* OUT: True if only PK is a rowid */
 ){
   char *zPragma;
   sqlite3_stmt *pStmt;
@@ -213660,6 +218781,7 @@ static int sessionTableInfo(
   u8 *pAlloc = 0;
   char **azCol = 0;
   u8 *abPK = 0;
+  int bRowid = 0;                 /* Set to true to use rowid as PK */
 
   assert( pazCol && pabPK );
 
@@ -213704,10 +218826,15 @@ static int sessionTableInfo(
   }
 
   nByte = nThis + 1;
+  bRowid = (pbRowid!=0);
   while( SQLITE_ROW==sqlite3_step(pStmt) ){
     nByte += sqlite3_column_bytes(pStmt, 1);
     nDbCol++;
+    if( sqlite3_column_int(pStmt, 5) ) bRowid = 0;
   }
+  if( nDbCol==0 ) bRowid = 0;
+  nDbCol += bRowid;
+  nByte += strlen(SESSIONS_ROWID);
   rc = sqlite3_reset(pStmt);
 
   if( rc==SQLITE_OK ){
@@ -213729,6 +218856,14 @@ static int sessionTableInfo(
     }
 
     i = 0;
+    if( bRowid ){
+      size_t nName = strlen(SESSIONS_ROWID);
+      memcpy(pAlloc, SESSIONS_ROWID, nName+1);
+      azCol[i] = (char*)pAlloc;
+      pAlloc += nName+1;
+      abPK[i] = 1;
+      i++;
+    }
     while( SQLITE_ROW==sqlite3_step(pStmt) ){
       int nName = sqlite3_column_bytes(pStmt, 1);
       const unsigned char *zName = sqlite3_column_text(pStmt, 1);
@@ -213740,7 +218875,6 @@ static int sessionTableInfo(
       i++;
     }
     rc = sqlite3_reset(pStmt);
-
   }
 
   /* If successful, populate the output variables. Otherwise, zero them and
@@ -213757,6 +218891,7 @@ static int sessionTableInfo(
     if( pzTab ) *pzTab = 0;
     sessionFree(pSession, azCol);
   }
+  if( pbRowid ) *pbRowid = bRowid;
   sqlite3_finalize(pStmt);
   return rc;
 }
@@ -213778,7 +218913,8 @@ static int sessionInitTable(sqlite3_session *pSession, SessionTable *pTab){
     u8 *abPK;
     assert( pTab->azCol==0 || pTab->abPK==0 );
     pSession->rc = sessionTableInfo(pSession, pSession->db, pSession->zDb,
-        pTab->zName, &pTab->nCol, 0, &pTab->azCol, &abPK
+        pTab->zName, &pTab->nCol, 0, &pTab->azCol, &abPK,
+        (pSession->bImplicitPK ? &pTab->bRowid : 0)
     );
     if( pSession->rc==SQLITE_OK ){
       int i;
@@ -213850,6 +218986,7 @@ static int sessionUpdateMaxSize(
 ){
   i64 nNew = 2;
   if( pC->op==SQLITE_INSERT ){
+    if( pTab->bRowid ) nNew += 9;
     if( op!=SQLITE_DELETE ){
       int ii;
       for(ii=0; iinCol; ii++){
@@ -213866,12 +219003,16 @@ static int sessionUpdateMaxSize(
   }else{
     int ii;
     u8 *pCsr = pC->aRecord;
-    for(ii=0; iinCol; ii++){
+    if( pTab->bRowid ){
+      nNew += 9 + 1;
+      pCsr += 9;
+    }
+    for(ii=pTab->bRowid; iinCol; ii++){
       int bChanged = 1;
       int nOld = 0;
       int eType;
       sqlite3_value *p = 0;
-      pSession->hook.xNew(pSession->hook.pCtx, ii, &p);
+      pSession->hook.xNew(pSession->hook.pCtx, ii-pTab->bRowid, &p);
       if( p==0 ){
         return SQLITE_NOMEM;
       }
@@ -213950,6 +219091,7 @@ static int sessionUpdateMaxSize(
 */
 static void sessionPreupdateOneChange(
   int op,                         /* One of SQLITE_UPDATE, INSERT, DELETE */
+  i64 iRowid,
   sqlite3_session *pSession,      /* Session object pTab is attached to */
   SessionTable *pTab              /* Table that change applies to */
 ){
@@ -213965,7 +219107,7 @@ static void sessionPreupdateOneChange(
 
   /* Check the number of columns in this xPreUpdate call matches the
   ** number of columns in the table.  */
-  if( pTab->nCol!=pSession->hook.xCount(pSession->hook.pCtx) ){
+  if( (pTab->nCol-pTab->bRowid)!=pSession->hook.xCount(pSession->hook.pCtx) ){
     pSession->rc = SQLITE_SCHEMA;
     return;
   }
@@ -213998,14 +219140,16 @@ static void sessionPreupdateOneChange(
   /* Calculate the hash-key for this change. If the primary key of the row
   ** includes a NULL value, exit early. Such changes are ignored by the
   ** session module. */
-  rc = sessionPreupdateHash(pSession, pTab, op==SQLITE_INSERT, &iHash, &bNull);
+  rc = sessionPreupdateHash(
+      pSession, iRowid, pTab, op==SQLITE_INSERT, &iHash, &bNull
+  );
   if( rc!=SQLITE_OK ) goto error_out;
 
   if( bNull==0 ){
     /* Search the hash table for an existing record for this row. */
     SessionChange *pC;
     for(pC=pTab->apChange[iHash]; pC; pC=pC->pNext){
-      if( sessionPreupdateEqual(pSession, pTab, pC, op) ) break;
+      if( sessionPreupdateEqual(pSession, iRowid, pTab, pC, op) ) break;
     }
 
     if( pC==0 ){
@@ -214020,7 +219164,7 @@ static void sessionPreupdateOneChange(
 
       /* Figure out how large an allocation is required */
       nByte = sizeof(SessionChange);
-      for(i=0; inCol; i++){
+      for(i=0; i<(pTab->nCol-pTab->bRowid); i++){
         sqlite3_value *p = 0;
         if( op!=SQLITE_INSERT ){
           TESTONLY(int trc = ) pSession->hook.xOld(pSession->hook.pCtx, i, &p);
@@ -214035,6 +219179,9 @@ static void sessionPreupdateOneChange(
         rc = sessionSerializeValue(0, p, &nByte);
         if( rc!=SQLITE_OK ) goto error_out;
       }
+      if( pTab->bRowid ){
+        nByte += 9;               /* Size of rowid field - an integer */
+      }
 
       /* Allocate the change object */
       pC = (SessionChange *)sessionMalloc64(pSession, nByte);
@@ -214051,7 +219198,12 @@ static void sessionPreupdateOneChange(
       ** required values and encodings have already been cached in memory.
       ** It is not possible for an OOM to occur in this block. */
       nByte = 0;
-      for(i=0; inCol; i++){
+      if( pTab->bRowid ){
+        pC->aRecord[0] = SQLITE_INTEGER;
+        sessionPutI64(&pC->aRecord[1], iRowid);
+        nByte = 9;
+      }
+      for(i=0; i<(pTab->nCol-pTab->bRowid); i++){
         sqlite3_value *p = 0;
         if( op!=SQLITE_INSERT ){
           pSession->hook.xOld(pSession->hook.pCtx, i, &p);
@@ -214150,6 +219302,8 @@ static void xPreUpdate(
   int nDb = sqlite3Strlen30(zDb);
 
   assert( sqlite3_mutex_held(db->mutex) );
+  (void)iKey1;
+  (void)iKey2;
 
   for(pSession=(sqlite3_session *)pCtx; pSession; pSession=pSession->pNext){
     SessionTable *pTab;
@@ -214164,9 +219318,10 @@ static void xPreUpdate(
     pSession->rc = sessionFindTable(pSession, zName, &pTab);
     if( pTab ){
       assert( pSession->rc==SQLITE_OK );
-      sessionPreupdateOneChange(op, pSession, pTab);
+      assert( op==SQLITE_UPDATE || iKey1==iKey2 );
+      sessionPreupdateOneChange(op, iKey1, pSession, pTab);
       if( op==SQLITE_UPDATE ){
-        sessionPreupdateOneChange(SQLITE_INSERT, pSession, pTab);
+        sessionPreupdateOneChange(SQLITE_INSERT, iKey2, pSession, pTab);
       }
     }
   }
@@ -214205,6 +219360,7 @@ static void sessionPreupdateHooks(
 typedef struct SessionDiffCtx SessionDiffCtx;
 struct SessionDiffCtx {
   sqlite3_stmt *pStmt;
+  int bRowid;
   int nOldOff;
 };
 
@@ -214213,19 +219369,20 @@ struct SessionDiffCtx {
 */
 static int sessionDiffOld(void *pCtx, int iVal, sqlite3_value **ppVal){
   SessionDiffCtx *p = (SessionDiffCtx*)pCtx;
-  *ppVal = sqlite3_column_value(p->pStmt, iVal+p->nOldOff);
+  *ppVal = sqlite3_column_value(p->pStmt, iVal+p->nOldOff+p->bRowid);
   return SQLITE_OK;
 }
 static int sessionDiffNew(void *pCtx, int iVal, sqlite3_value **ppVal){
   SessionDiffCtx *p = (SessionDiffCtx*)pCtx;
-  *ppVal = sqlite3_column_value(p->pStmt, iVal);
+  *ppVal = sqlite3_column_value(p->pStmt, iVal+p->bRowid);
    return SQLITE_OK;
 }
 static int sessionDiffCount(void *pCtx){
   SessionDiffCtx *p = (SessionDiffCtx*)pCtx;
-  return p->nOldOff ? p->nOldOff : sqlite3_column_count(p->pStmt);
+  return (p->nOldOff ? p->nOldOff : sqlite3_column_count(p->pStmt)) - p->bRowid;
 }
 static int sessionDiffDepth(void *pCtx){
+  (void)pCtx;
   return 0;
 }
 
@@ -214299,17 +219456,18 @@ static char *sessionExprCompareOther(
 }
 
 static char *sessionSelectFindNew(
-  int nCol,
   const char *zDb1,      /* Pick rows in this db only */
   const char *zDb2,      /* But not in this one */
+  int bRowid,
   const char *zTbl,      /* Table name */
   const char *zExpr
 ){
+  const char *zSel = (bRowid ? SESSIONS_ROWID ", *" : "*");
   char *zRet = sqlite3_mprintf(
-      "SELECT * FROM \"%w\".\"%w\" WHERE NOT EXISTS ("
+      "SELECT %s FROM \"%w\".\"%w\" WHERE NOT EXISTS ("
       "  SELECT 1 FROM \"%w\".\"%w\" WHERE %s"
       ")",
-      zDb1, zTbl, zDb2, zTbl, zExpr
+      zSel, zDb1, zTbl, zDb2, zTbl, zExpr
   );
   return zRet;
 }
@@ -214323,7 +219481,9 @@ static int sessionDiffFindNew(
   char *zExpr
 ){
   int rc = SQLITE_OK;
-  char *zStmt = sessionSelectFindNew(pTab->nCol, zDb1, zDb2, pTab->zName,zExpr);
+  char *zStmt = sessionSelectFindNew(
+      zDb1, zDb2, pTab->bRowid, pTab->zName, zExpr
+  );
 
   if( zStmt==0 ){
     rc = SQLITE_NOMEM;
@@ -214334,8 +219494,10 @@ static int sessionDiffFindNew(
       SessionDiffCtx *pDiffCtx = (SessionDiffCtx*)pSession->hook.pCtx;
       pDiffCtx->pStmt = pStmt;
       pDiffCtx->nOldOff = 0;
+      pDiffCtx->bRowid = pTab->bRowid;
       while( SQLITE_ROW==sqlite3_step(pStmt) ){
-        sessionPreupdateOneChange(op, pSession, pTab);
+        i64 iRowid = (pTab->bRowid ? sqlite3_column_int64(pStmt, 0) : 0);
+        sessionPreupdateOneChange(op, iRowid, pSession, pTab);
       }
       rc = sqlite3_finalize(pStmt);
     }
@@ -214345,6 +219507,27 @@ static int sessionDiffFindNew(
   return rc;
 }
 
+/*
+** Return a comma-separated list of the fully-qualified (with both database
+** and table name) column names from table pTab. e.g.
+**
+**    "main"."t1"."a", "main"."t1"."b", "main"."t1"."c"
+*/
+static char *sessionAllCols(
+  const char *zDb,
+  SessionTable *pTab
+){
+  int ii;
+  char *zRet = 0;
+  for(ii=0; iinCol; ii++){
+    zRet = sqlite3_mprintf("%z%s\"%w\".\"%w\".\"%w\"",
+        zRet, (zRet ? ", " : ""), zDb, pTab->zName, pTab->azCol[ii]
+    );
+    if( !zRet ) break;
+  }
+  return zRet;
+}
+
 static int sessionDiffFindModified(
   sqlite3_session *pSession,
   SessionTable *pTab,
@@ -214359,11 +219542,13 @@ static int sessionDiffFindModified(
   if( zExpr2==0 ){
     rc = SQLITE_NOMEM;
   }else{
+    char *z1 = sessionAllCols(pSession->zDb, pTab);
+    char *z2 = sessionAllCols(zFrom, pTab);
     char *zStmt = sqlite3_mprintf(
-        "SELECT * FROM \"%w\".\"%w\", \"%w\".\"%w\" WHERE %s AND (%z)",
-        pSession->zDb, pTab->zName, zFrom, pTab->zName, zExpr, zExpr2
+        "SELECT %s,%s FROM \"%w\".\"%w\", \"%w\".\"%w\" WHERE %s AND (%z)",
+        z1, z2, pSession->zDb, pTab->zName, zFrom, pTab->zName, zExpr, zExpr2
     );
-    if( zStmt==0 ){
+    if( zStmt==0 || z1==0 || z2==0 ){
       rc = SQLITE_NOMEM;
     }else{
       sqlite3_stmt *pStmt;
@@ -214374,12 +219559,15 @@ static int sessionDiffFindModified(
         pDiffCtx->pStmt = pStmt;
         pDiffCtx->nOldOff = pTab->nCol;
         while( SQLITE_ROW==sqlite3_step(pStmt) ){
-          sessionPreupdateOneChange(SQLITE_UPDATE, pSession, pTab);
+          i64 iRowid = (pTab->bRowid ? sqlite3_column_int64(pStmt, 0) : 0);
+          sessionPreupdateOneChange(SQLITE_UPDATE, iRowid, pSession, pTab);
         }
         rc = sqlite3_finalize(pStmt);
       }
-      sqlite3_free(zStmt);
     }
+    sqlite3_free(zStmt);
+    sqlite3_free(z1);
+    sqlite3_free(z2);
   }
 
   return rc;
@@ -214418,9 +219606,12 @@ SQLITE_API int sqlite3session_diff(
       int bHasPk = 0;
       int bMismatch = 0;
       int nCol;                   /* Columns in zFrom.zTbl */
+      int bRowid = 0;
       u8 *abPK;
       const char **azCol = 0;
-      rc = sessionTableInfo(0, db, zFrom, zTbl, &nCol, 0, &azCol, &abPK);
+      rc = sessionTableInfo(0, db, zFrom, zTbl, &nCol, 0, &azCol, &abPK,
+          pSession->bImplicitPK ? &bRowid : 0
+      );
       if( rc==SQLITE_OK ){
         if( pTo->nCol!=nCol ){
           bMismatch = 1;
@@ -214762,9 +219953,10 @@ static void sessionAppendStr(
   int *pRc
 ){
   int nStr = sqlite3Strlen30(zStr);
-  if( 0==sessionBufferGrow(p, nStr, pRc) ){
+  if( 0==sessionBufferGrow(p, nStr+1, pRc) ){
     memcpy(&p->aBuf[p->nBuf], zStr, nStr);
     p->nBuf += nStr;
+    p->aBuf[p->nBuf] = 0x00;
   }
 }
 
@@ -214786,6 +219978,27 @@ static void sessionAppendInteger(
   sessionAppendStr(p, aBuf, pRc);
 }
 
+static void sessionAppendPrintf(
+  SessionBuffer *p,               /* Buffer to append to */
+  int *pRc,
+  const char *zFmt,
+  ...
+){
+  if( *pRc==SQLITE_OK ){
+    char *zApp = 0;
+    va_list ap;
+    va_start(ap, zFmt);
+    zApp = sqlite3_vmprintf(zFmt, ap);
+    if( zApp==0 ){
+      *pRc = SQLITE_NOMEM;
+    }else{
+      sessionAppendStr(p, zApp, pRc);
+    }
+    va_end(ap);
+    sqlite3_free(zApp);
+  }
+}
+
 /*
 ** This function is a no-op if *pRc is other than SQLITE_OK when it is
 ** called. Otherwise, append the string zStr enclosed in quotes (") and
@@ -214800,7 +220013,7 @@ static void sessionAppendIdent(
   const char *zStr,               /* String to quote, escape and append */
   int *pRc                        /* IN/OUT: Error code */
 ){
-  int nStr = sqlite3Strlen30(zStr)*2 + 2 + 1;
+  int nStr = sqlite3Strlen30(zStr)*2 + 2 + 2;
   if( 0==sessionBufferGrow(p, nStr, pRc) ){
     char *zOut = (char *)&p->aBuf[p->nBuf];
     const char *zIn = zStr;
@@ -214811,6 +220024,7 @@ static void sessionAppendIdent(
     }
     *zOut++ = '"';
     p->nBuf = (int)((u8 *)zOut - p->aBuf);
+    p->aBuf[p->nBuf] = 0x00;
   }
 }
 
@@ -214946,7 +220160,7 @@ static int sessionAppendUpdate(
     /* If at least one field has been modified, this is not a no-op. */
     if( bChanged ) bNoop = 0;
 
-    /* Add a field to the old.* record. This is omitted if this modules is
+    /* Add a field to the old.* record. This is omitted if this module is
     ** currently generating a patchset. */
     if( bPatchset==0 ){
       if( bChanged || abPK[i] ){
@@ -215035,12 +220249,20 @@ static int sessionAppendDelete(
 ** Formulate and prepare a SELECT statement to retrieve a row from table
 ** zTab in database zDb based on its primary key. i.e.
 **
-**   SELECT * FROM zDb.zTab WHERE pk1 = ? AND pk2 = ? AND ...
+**   SELECT *,  FROM zDb.zTab WHERE (pk1, pk2,...) IS (?1, ?2,...)
+**
+** where  is:
+**
+**   1 AND (?A OR ?1 IS ) AND ...
+**
+** for each non-pk .
 */
 static int sessionSelectStmt(
   sqlite3 *db,                    /* Database handle */
+  int bIgnoreNoop,
   const char *zDb,                /* Database name */
   const char *zTab,               /* Table name */
+  int bRowid,
   int nCol,                       /* Number of columns in table */
   const char **azCol,             /* Names of table columns */
   u8 *abPK,                       /* PRIMARY KEY  array */
@@ -215048,8 +220270,50 @@ static int sessionSelectStmt(
 ){
   int rc = SQLITE_OK;
   char *zSql = 0;
+  const char *zSep = "";
+  const char *zCols = bRowid ? SESSIONS_ROWID ", *" : "*";
   int nSql = -1;
+  int i;
+
+  SessionBuffer nooptest = {0, 0, 0};
+  SessionBuffer pkfield = {0, 0, 0};
+  SessionBuffer pkvar = {0, 0, 0};
+
+  sessionAppendStr(&nooptest, ", 1", &rc);
+
+  if( 0==sqlite3_stricmp("sqlite_stat1", zTab) ){
+    sessionAppendStr(&nooptest, " AND (?6 OR ?3 IS stat)", &rc);
+    sessionAppendStr(&pkfield, "tbl, idx", &rc);
+    sessionAppendStr(&pkvar,
+        "?1, (CASE WHEN ?2=X'' THEN NULL ELSE ?2 END)", &rc
+    );
+    zCols = "tbl, ?2, stat";
+  }else{
+    for(i=0; izDb, zName, &nCol, 0,&azCol,&abPK);
-      if( !rc && (pTab->nCol!=nCol || memcmp(abPK, pTab->abPK, nCol)) ){
+      rc = sessionTableInfo(
+          0, db, pSession->zDb, zName, &nCol, 0, &azCol, &abPK,
+          (pSession->bImplicitPK ? &bRowid : 0)
+      );
+      if( rc==SQLITE_OK && (
+          pTab->nCol!=nCol
+       || pTab->bRowid!=bRowid
+       || memcmp(abPK, pTab->abPK, nCol)
+      )){
         rc = SQLITE_SCHEMA;
       }
 
@@ -215242,7 +220517,8 @@ static int sessionGenerateChangeset(
       /* Build and compile a statement to execute: */
       if( rc==SQLITE_OK ){
         rc = sessionSelectStmt(
-            db, pSession->zDb, zName, nCol, azCol, abPK, &pSel);
+            db, 0, pSession->zDb, zName, bRowid, nCol, azCol, abPK, &pSel
+        );
       }
 
       nNoop = buf.nBuf;
@@ -215325,7 +220601,7 @@ SQLITE_API int sqlite3session_changeset(
   int rc;
 
   if( pnChangeset==0 || ppChangeset==0 ) return SQLITE_MISUSE;
-  rc = sessionGenerateChangeset(pSession, 0, 0, 0, pnChangeset,ppChangeset);
+  rc = sessionGenerateChangeset(pSession, 0, 0, 0, pnChangeset, ppChangeset);
   assert( rc || pnChangeset==0
        || pSession->bEnableSize==0 || *pnChangeset<=pSession->nMaxChangesetSize
   );
@@ -215443,6 +220719,19 @@ SQLITE_API int sqlite3session_object_config(sqlite3_session *pSession, int op, v
       break;
     }
 
+    case SQLITE_SESSION_OBJCONFIG_ROWID: {
+      int iArg = *(int*)pArg;
+      if( iArg>=0 ){
+        if( pSession->pTable ){
+          rc = SQLITE_MISUSE;
+        }else{
+          pSession->bImplicitPK = (iArg!=0);
+        }
+      }
+      *(int*)pArg = pSession->bImplicitPK;
+      break;
+    }
+
     default:
       rc = SQLITE_MISUSE;
   }
@@ -215978,6 +221267,22 @@ static int sessionChangesetNextOne(
       if( p->op==SQLITE_INSERT ) p->op = SQLITE_DELETE;
       else if( p->op==SQLITE_DELETE ) p->op = SQLITE_INSERT;
     }
+
+    /* If this is an UPDATE that is part of a changeset, then check that
+    ** there are no fields in the old.* record that are not (a) PK fields,
+    ** or (b) also present in the new.* record.
+    **
+    ** Such records are technically corrupt, but the rebaser was at one
+    ** point generating them. Under most circumstances this is benign, but
+    ** can cause spurious SQLITE_RANGE errors when applying the changeset. */
+    if( p->bPatchset==0 && p->op==SQLITE_UPDATE){
+      for(i=0; inCol; i++){
+        if( p->abPK[i]==0 && p->apValue[i+p->nCol]==0 ){
+          sqlite3ValueFree(p->apValue[i]);
+          p->apValue[i] = 0;
+        }
+      }
+    }
   }
 
   return SQLITE_ROW;
@@ -216415,6 +221720,8 @@ struct SessionApplyCtx {
   SessionBuffer rebase;           /* Rebase information (if any) here */
   u8 bRebaseStarted;              /* If table header is already in rebase */
   u8 bRebase;                     /* True to collect rebase information */
+  u8 bIgnoreNoop;                 /* True to ignore no-op conflicts */
+  int bRowid;
 };
 
 /* Number of prepared UPDATE statements to cache. */
@@ -216665,8 +221972,10 @@ static int sessionSelectRow(
   const char *zTab,               /* Table name */
   SessionApplyCtx *p              /* Session changeset-apply context */
 ){
-  return sessionSelectStmt(
-      db, "main", zTab, p->nCol, p->azCol, p->abPK, &p->pSelect);
+  /* TODO */
+  return sessionSelectStmt(db, p->bIgnoreNoop,
+      "main", zTab, p->bRowid, p->nCol, p->azCol, p->abPK, &p->pSelect
+  );
 }
 
 /*
@@ -216824,22 +222133,34 @@ static int sessionBindRow(
 ** UPDATE, bind values from the old.* record.
 */
 static int sessionSeekToRow(
-  sqlite3 *db,                    /* Database handle */
   sqlite3_changeset_iter *pIter,  /* Changeset iterator */
-  u8 *abPK,                       /* Primary key flags array */
-  sqlite3_stmt *pSelect           /* SELECT statement from sessionSelectRow() */
+  SessionApplyCtx *p
 ){
+  sqlite3_stmt *pSelect = p->pSelect;
   int rc;                         /* Return code */
   int nCol;                       /* Number of columns in table */
   int op;                         /* Changset operation (SQLITE_UPDATE etc.) */
   const char *zDummy;             /* Unused */
 
+  sqlite3_clear_bindings(pSelect);
   sqlite3changeset_op(pIter, &zDummy, &nCol, &op, 0);
   rc = sessionBindRow(pIter,
       op==SQLITE_INSERT ? sqlite3changeset_new : sqlite3changeset_old,
-      nCol, abPK, pSelect
+      nCol, p->abPK, pSelect
   );
 
+  if( op!=SQLITE_DELETE && p->bIgnoreNoop ){
+    int ii;
+    for(ii=0; rc==SQLITE_OK && iiabPK[ii]==0 ){
+        sqlite3_value *pVal = 0;
+        sqlite3changeset_new(pIter, ii, &pVal);
+        sqlite3_bind_int(pSelect, ii+1+nCol, (pVal==0));
+        if( pVal ) rc = sessionBindValue(pSelect, ii+1, pVal);
+      }
+    }
+  }
+
   if( rc==SQLITE_OK ){
     rc = sqlite3_step(pSelect);
     if( rc!=SQLITE_ROW ) rc = sqlite3_reset(pSelect);
@@ -216954,16 +222275,22 @@ static int sessionConflictHandler(
 
   /* Bind the new.* PRIMARY KEY values to the SELECT statement. */
   if( pbReplace ){
-    rc = sessionSeekToRow(p->db, pIter, p->abPK, p->pSelect);
+    rc = sessionSeekToRow(pIter, p);
   }else{
     rc = SQLITE_OK;
   }
 
   if( rc==SQLITE_ROW ){
     /* There exists another row with the new.* primary key. */
-    pIter->pConflict = p->pSelect;
-    res = xConflict(pCtx, eType, pIter);
-    pIter->pConflict = 0;
+    if( p->bIgnoreNoop
+     && sqlite3_column_int(p->pSelect, sqlite3_column_count(p->pSelect)-1)
+    ){
+      res = SQLITE_CHANGESET_OMIT;
+    }else{
+      pIter->pConflict = p->pSelect;
+      res = xConflict(pCtx, eType, pIter);
+      pIter->pConflict = 0;
+    }
     rc = sqlite3_reset(p->pSelect);
   }else if( rc==SQLITE_OK ){
     if( p->bDeferConstraints && eType==SQLITE_CHANGESET_CONFLICT ){
@@ -217071,7 +222398,7 @@ static int sessionApplyOneOp(
 
     sqlite3_step(p->pDelete);
     rc = sqlite3_reset(p->pDelete);
-    if( rc==SQLITE_OK && sqlite3_changes(p->db)==0 ){
+    if( rc==SQLITE_OK && sqlite3_changes(p->db)==0 && p->bIgnoreNoop==0 ){
       rc = sessionConflictHandler(
           SQLITE_CHANGESET_DATA, p, pIter, xConflict, pCtx, pbRetry
       );
@@ -217128,7 +222455,7 @@ static int sessionApplyOneOp(
       /* Check if there is a conflicting row. For sqlite_stat1, this needs
       ** to be done using a SELECT, as there is no PRIMARY KEY in the
       ** database schema to throw an exception if a duplicate is inserted.  */
-      rc = sessionSeekToRow(p->db, pIter, p->abPK, p->pSelect);
+      rc = sessionSeekToRow(pIter, p);
       if( rc==SQLITE_ROW ){
         rc = SQLITE_CONSTRAINT;
         sqlite3_reset(p->pSelect);
@@ -217305,6 +222632,7 @@ static int sessionChangesetApply(
   memset(&sApply, 0, sizeof(sApply));
   sApply.bRebase = (ppRebase && pnRebase);
   sApply.bInvertConstraints = !!(flags & SQLITE_CHANGESETAPPLY_INVERT);
+  sApply.bIgnoreNoop = !!(flags & SQLITE_CHANGESETAPPLY_IGNORENOOP);
   sqlite3_mutex_enter(sqlite3_db_mutex(db));
   if( (flags & SQLITE_CHANGESETAPPLY_NOSAVEPOINT)==0 ){
     rc = sqlite3_exec(db, "SAVEPOINT changeset_apply", 0, 0, 0);
@@ -217342,6 +222670,7 @@ static int sessionChangesetApply(
       sApply.bStat1 = 0;
       sApply.bDeferConstraints = 1;
       sApply.bRebaseStarted = 0;
+      sApply.bRowid = 0;
       memset(&sApply.constraints, 0, sizeof(SessionBuffer));
 
       /* If an xFilter() callback was specified, invoke it now. If the
@@ -217361,8 +222690,8 @@ static int sessionChangesetApply(
         int i;
 
         sqlite3changeset_pk(pIter, &abPK, 0);
-        rc = sessionTableInfo(0,
-            db, "main", zNew, &sApply.nCol, &zTab, &sApply.azCol, &sApply.abPK
+        rc = sessionTableInfo(0, db, "main", zNew,
+            &sApply.nCol, &zTab, &sApply.azCol, &sApply.abPK, &sApply.bRowid
         );
         if( rc!=SQLITE_OK ) break;
         for(i=0; iabPK[i] && a1[0] ) bData = 1;
         memcpy(pOut, a1, n1);
         pOut += n1;
-      }else if( a2[0]!=0xFF ){
+      }else if( a2[0]!=0xFF && a1[0] ){
         bData = 1;
         memcpy(pOut, a2, n2);
         pOut += n2;
@@ -219244,6 +224573,7 @@ struct Fts5Config {
   int ePattern;                   /* FTS_PATTERN_XXX constant */
 
   /* Values loaded from the %_config table */
+  int iVersion;                   /* fts5 file format 'version' */
   int iCookie;                    /* Incremented when %_config is modified */
   int pgsz;                       /* Approximate page size used in %_data */
   int nAutomerge;                 /* 'automerge' setting */
@@ -219252,6 +224582,7 @@ struct Fts5Config {
   int nHashSize;                  /* Bytes of memory for in-memory hash */
   char *zRank;                    /* Name of rank function */
   char *zRankArgs;                /* Arguments to rank function */
+  int bSecureDelete;              /* 'secure-delete' */
 
   /* If non-NULL, points to sqlite3_vtab.base.zErrmsg. Often NULL. */
   char **pzErrmsg;
@@ -219261,8 +224592,11 @@ struct Fts5Config {
 #endif
 };
 
-/* Current expected value of %_config table 'version' field */
-#define FTS5_CURRENT_VERSION  4
+/* Current expected value of %_config table 'version' field. And
+** the expected version if the 'secure-delete' option has ever been
+** set on the table.  */
+#define FTS5_CURRENT_VERSION               4
+#define FTS5_CURRENT_VERSION_SECUREDELETE  5
 
 #define FTS5_CONTENT_NORMAL   0
 #define FTS5_CONTENT_NONE     1
@@ -219331,7 +224665,7 @@ static void sqlite3Fts5BufferAppendPrintf(int *, Fts5Buffer*, char *zFmt, ...);
 static char *sqlite3Fts5Mprintf(int *pRc, const char *zFmt, ...);
 
 #define fts5BufferZero(x)             sqlite3Fts5BufferZero(x)
-#define fts5BufferAppendVarint(a,b,c) sqlite3Fts5BufferAppendVarint(a,b,c)
+#define fts5BufferAppendVarint(a,b,c) sqlite3Fts5BufferAppendVarint(a,b,(i64)c)
 #define fts5BufferFree(a)             sqlite3Fts5BufferFree(a)
 #define fts5BufferAppendBlob(a,b,c,d) sqlite3Fts5BufferAppendBlob(a,b,c,d)
 #define fts5BufferSet(a,b,c,d)        sqlite3Fts5BufferSet(a,b,c,d)
@@ -219428,6 +224762,7 @@ struct Fts5IndexIter {
 ** above. */
 #define FTS5INDEX_QUERY_SKIPEMPTY  0x0010
 #define FTS5INDEX_QUERY_NOOUTPUT   0x0020
+#define FTS5INDEX_QUERY_SKIPHASH   0x0040
 
 /*
 ** Create/destroy an Fts5Index object.
@@ -219582,7 +224917,7 @@ static int sqlite3Fts5GetVarintLen(u32 iVal);
 static u8 sqlite3Fts5GetVarint(const unsigned char*, u64*);
 static int sqlite3Fts5PutVarint(unsigned char *p, u64 v);
 
-#define fts5GetVarint32(a,b) sqlite3Fts5GetVarint32(a,(u32*)&b)
+#define fts5GetVarint32(a,b) sqlite3Fts5GetVarint32(a,(u32*)&(b))
 #define fts5GetVarint    sqlite3Fts5GetVarint
 
 #define fts5FastGetVarint32(a, iOff, nVal) {      \
@@ -221561,7 +226896,7 @@ static int fts5HighlightCb(
   if( tflags & FTS5_TOKEN_COLOCATED ) return SQLITE_OK;
   iPos = p->iPos++;
 
-  if( p->iRangeEnd>0 ){
+  if( p->iRangeEnd>=0 ){
     if( iPosiRangeStart || iPos>p->iRangeEnd ) return SQLITE_OK;
     if( p->iRangeStart && iPos==p->iRangeStart ) p->iOff = iStartOff;
   }
@@ -221573,7 +226908,7 @@ static int fts5HighlightCb(
   }
 
   if( iPos==p->iter.iEnd ){
-    if( p->iRangeEnd && p->iter.iStartiRangeStart ){
+    if( p->iRangeEnd>=0 && p->iter.iStartiRangeStart ){
       fts5HighlightAppend(&rc, p, p->zOpen, -1);
     }
     fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iEndOff - p->iOff);
@@ -221584,7 +226919,7 @@ static int fts5HighlightCb(
     }
   }
 
-  if( p->iRangeEnd>0 && iPos==p->iRangeEnd ){
+  if( p->iRangeEnd>=0 && iPos==p->iRangeEnd ){
     fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iEndOff - p->iOff);
     p->iOff = iEndOff;
     if( iPos>=p->iter.iStart && iPositer.iEnd ){
@@ -221619,6 +226954,7 @@ static void fts5HighlightFunction(
   memset(&ctx, 0, sizeof(HighlightContext));
   ctx.zOpen = (const char*)sqlite3_value_text(apVal[1]);
   ctx.zClose = (const char*)sqlite3_value_text(apVal[2]);
+  ctx.iRangeEnd = -1;
   rc = pApi->xColumnText(pFts, iCol, &ctx.zIn, &ctx.nIn);
 
   if( ctx.zIn ){
@@ -221804,6 +227140,7 @@ static void fts5SnippetFunction(
   iCol = sqlite3_value_int(apVal[0]);
   ctx.zOpen = fts5ValueToText(apVal[1]);
   ctx.zClose = fts5ValueToText(apVal[2]);
+  ctx.iRangeEnd = -1;
   zEllips = fts5ValueToText(apVal[3]);
   nToken = sqlite3_value_int(apVal[4]);
 
@@ -223072,6 +228409,7 @@ static int sqlite3Fts5ConfigParse(
     rc = SQLITE_ERROR;
   }
 
+  assert( (pRet->abUnindexed && pRet->azCol) || rc!=SQLITE_OK );
   for(i=3; rc==SQLITE_OK && ibSecureDelete = (bVal ? 1 : 0);
+    }
   }else{
     *pbBadkey = 1;
   }
@@ -223469,15 +228819,20 @@ static int sqlite3Fts5ConfigLoad(Fts5Config *pConfig, int iCookie){
     rc = sqlite3_finalize(p);
   }
 
-  if( rc==SQLITE_OK && iVersion!=FTS5_CURRENT_VERSION ){
+  if( rc==SQLITE_OK
+   && iVersion!=FTS5_CURRENT_VERSION
+   && iVersion!=FTS5_CURRENT_VERSION_SECUREDELETE
+  ){
     rc = SQLITE_ERROR;
     if( pConfig->pzErrmsg ){
       assert( 0==*pConfig->pzErrmsg );
-      *pConfig->pzErrmsg = sqlite3_mprintf(
-          "invalid fts5 file format (found %d, expected %d) - run 'rebuild'",
-          iVersion, FTS5_CURRENT_VERSION
+      *pConfig->pzErrmsg = sqlite3_mprintf("invalid fts5 file format "
+          "(found %d, expected %d or %d) - run 'rebuild'",
+          iVersion, FTS5_CURRENT_VERSION, FTS5_CURRENT_VERSION_SECUREDELETE
       );
     }
+  }else{
+    pConfig->iVersion = iVersion;
   }
 
   if( rc==SQLITE_OK ){
@@ -223505,6 +228860,10 @@ static int sqlite3Fts5ConfigLoad(Fts5Config *pConfig, int iCookie){
 /* #include "fts5Int.h" */
 /* #include "fts5parse.h" */
 
+#ifndef SQLITE_FTS5_MAX_EXPR_DEPTH
+# define SQLITE_FTS5_MAX_EXPR_DEPTH 256
+#endif
+
 /*
 ** All token types in the generated fts5parse.h file are greater than 0.
 */
@@ -223545,11 +228904,17 @@ struct Fts5Expr {
 **       FTS5_NOT                 (nChild, apChild valid)
 **       FTS5_STRING              (pNear valid)
 **       FTS5_TERM                (pNear valid)
+**
+** iHeight:
+**   Distance from this node to furthest leaf. This is always 0 for nodes
+**   of type FTS5_STRING and FTS5_TERM. For all other nodes it is one
+**   greater than the largest child value.
 */
 struct Fts5ExprNode {
   int eType;                      /* Node type */
   int bEof;                       /* True at EOF */
   int bNomatch;                   /* True if entry is not a match */
+  int iHeight;                    /* Distance to tree leaf nodes */
 
   /* Next method for this node. */
   int (*xNext)(Fts5Expr*, Fts5ExprNode*, int, i64);
@@ -223619,6 +228984,31 @@ struct Fts5Parse {
   int bPhraseToAnd;               /* Convert "a+b" to "a AND b" */
 };
 
+/*
+** Check that the Fts5ExprNode.iHeight variables are set correctly in
+** the expression tree passed as the only argument.
+*/
+#ifndef NDEBUG
+static void assert_expr_depth_ok(int rc, Fts5ExprNode *p){
+  if( rc==SQLITE_OK ){
+    if( p->eType==FTS5_TERM || p->eType==FTS5_STRING || p->eType==0 ){
+      assert( p->iHeight==0 );
+    }else{
+      int ii;
+      int iMaxChild = 0;
+      for(ii=0; iinChild; ii++){
+        Fts5ExprNode *pChild = p->apChild[ii];
+        iMaxChild = MAX(iMaxChild, pChild->iHeight);
+        assert_expr_depth_ok(SQLITE_OK, pChild);
+      }
+      assert( p->iHeight==iMaxChild+1 );
+    }
+  }
+}
+#else
+# define assert_expr_depth_ok(rc, p)
+#endif
+
 static void sqlite3Fts5ParseError(Fts5Parse *pParse, const char *zFmt, ...){
   va_list ap;
   va_start(ap, zFmt);
@@ -223733,6 +229123,8 @@ static int sqlite3Fts5ExprNew(
   }while( sParse.rc==SQLITE_OK && t!=FTS5_EOF );
   sqlite3Fts5ParserFree(pEngine, fts5ParseFree);
 
+  assert_expr_depth_ok(sParse.rc, sParse.pExpr);
+
   /* If the LHS of the MATCH expression was a user column, apply the
   ** implicit column-filter.  */
   if( iColnCol && sParse.pExpr && sParse.rc==SQLITE_OK ){
@@ -223777,6 +229169,19 @@ static int sqlite3Fts5ExprNew(
   return sParse.rc;
 }
 
+/*
+** Assuming that buffer z is at least nByte bytes in size and contains a
+** valid utf-8 string, return the number of characters in the string.
+*/
+static int fts5ExprCountChar(const char *z, int nByte){
+  int nRet = 0;
+  int ii;
+  for(ii=0; ii=3 ){
+
+        if( fts5ExprCountChar(&zText[iFirst], i-iFirst)>=3 ){
           int jj;
           zExpr[iOut++] = '"';
           for(jj=iFirst; jjnPhrase + p2->nPhrase;
 
@@ -223906,7 +229312,7 @@ static int sqlite3Fts5ExprAnd(Fts5Expr **pp1, Fts5Expr *p2){
     }
     sqlite3_free(p2->apExprPhrase);
     sqlite3_free(p2);
-  }else{
+  }else if( p2 ){
     *pp1 = p2;
   }
 
@@ -225680,6 +231086,7 @@ static void fts5ExprAssignXNext(Fts5ExprNode *pNode){
 }
 
 static void fts5ExprAddChildren(Fts5ExprNode *p, Fts5ExprNode *pSub){
+  int ii = p->nChild;
   if( p->eType!=FTS5_NOT && pSub->eType==p->eType ){
     int nByte = sizeof(Fts5ExprNode*) * pSub->nChild;
     memcpy(&p->apChild[p->nChild], pSub->apChild, nByte);
@@ -225688,6 +231095,9 @@ static void fts5ExprAddChildren(Fts5ExprNode *p, Fts5ExprNode *pSub){
   }else{
     p->apChild[p->nChild++] = pSub;
   }
+  for( ; iinChild; ii++){
+    p->iHeight = MAX(p->iHeight, p->apChild[ii]->iHeight + 1);
+  }
 }
 
 /*
@@ -225718,6 +231128,7 @@ static Fts5ExprNode *fts5ParsePhraseToAnd(
   if( pRet ){
     pRet->eType = FTS5_AND;
     pRet->nChild = nTerm;
+    pRet->iHeight = 1;
     fts5ExprAssignXNext(pRet);
     pParse->nPhrase--;
     for(ii=0; iiiHeight>SQLITE_FTS5_MAX_EXPR_DEPTH ){
+            sqlite3Fts5ParseError(pParse,
+                "fts5 expression tree is too large (maximum depth %d)",
+                SQLITE_FTS5_MAX_EXPR_DEPTH
+            );
+            sqlite3_free(pRet);
+            pRet = 0;
+          }
         }
       }
     }
@@ -227175,6 +232594,8 @@ static void sqlite3Fts5HashScanEntry(
 # error "FTS5_MAX_PREFIX_INDEXES is too large"
 #endif
 
+#define FTS5_MAX_LEVEL 64
+
 /*
 ** Details:
 **
@@ -227421,6 +232842,8 @@ struct Fts5Index {
   sqlite3_stmt *pIdxSelect;
   int nRead;                      /* Total number of blocks read */
 
+  sqlite3_stmt *pDeleteFromIdx;
+
   sqlite3_stmt *pDataVersion;
   i64 iStructVersion;             /* data_version when pStruct read */
   Fts5Structure *pStruct;         /* Current db structure (or NULL) */
@@ -227513,9 +232936,6 @@ struct Fts5CResult {
 ** iLeafOffset:
 **   Byte offset within the current leaf that is the first byte of the
 **   position list data (one byte passed the position-list size field).
-**   rowid field of the current entry. Usually this is the size field of the
-**   position list data. The exception is if the rowid for the current entry
-**   is the last thing on the leaf page.
 **
 ** pLeaf:
 **   Buffer containing current leaf page data. Set to NULL at EOF.
@@ -228074,6 +233494,7 @@ static int fts5StructureDecode(
             rc = FTS5_CORRUPT;
             break;
           }
+          assert( pSeg!=0 );
           i += fts5GetVarint32(&pData[i], pSeg->iSegid);
           i += fts5GetVarint32(&pData[i], pSeg->pgnoFirst);
           i += fts5GetVarint32(&pData[i], pSeg->pgnoLast);
@@ -228104,6 +233525,7 @@ static int fts5StructureDecode(
 */
 static void fts5StructureAddLevel(int *pRc, Fts5Structure **ppStruct){
   fts5StructureMakeWritable(pRc, ppStruct);
+  assert( (ppStruct!=0 && (*ppStruct)!=0) || (*pRc)!=SQLITE_OK );
   if( *pRc==SQLITE_OK ){
     Fts5Structure *pStruct = *ppStruct;
     int nLevel = pStruct->nLevel;
@@ -228562,42 +233984,25 @@ static int fts5DlidxLvlPrev(Fts5DlidxLvl *pLvl){
     pLvl->bEof = 1;
   }else{
     u8 *a = pLvl->pData->p;
-    i64 iVal;
-    int iLimit;
-    int ii;
-    int nZero = 0;
-
-    /* Currently iOff points to the first byte of a varint. This block
-    ** decrements iOff until it points to the first byte of the previous
-    ** varint. Taking care not to read any memory locations that occur
-    ** before the buffer in memory.  */
-    iLimit = (iOff>9 ? iOff-9 : 0);
-    for(iOff--; iOff>iLimit; iOff--){
-      if( (a[iOff-1] & 0x80)==0 ) break;
-    }
-
-    fts5GetVarint(&a[iOff], (u64*)&iVal);
-    pLvl->iRowid -= iVal;
-    pLvl->iLeafPgno--;
-
-    /* Skip backwards past any 0x00 varints. */
-    for(ii=iOff-1; ii>=pLvl->iFirstOff && a[ii]==0x00; ii--){
-      nZero++;
-    }
-    if( ii>=pLvl->iFirstOff && (a[ii] & 0x80) ){
-      /* The byte immediately before the last 0x00 byte has the 0x80 bit
-      ** set. So the last 0x00 is only a varint 0 if there are 8 more 0x80
-      ** bytes before a[ii]. */
-      int bZero = 0;              /* True if last 0x00 counts */
-      if( (ii-8)>=pLvl->iFirstOff ){
-        int j;
-        for(j=1; j<=8 && (a[ii-j] & 0x80); j++);
-        bZero = (j>8);
+
+    pLvl->iOff = 0;
+    fts5DlidxLvlNext(pLvl);
+    while( 1 ){
+      int nZero = 0;
+      int ii = pLvl->iOff;
+      u64 delta = 0;
+
+      while( a[ii]==0 ){
+        nZero++;
+        ii++;
       }
-      if( bZero==0 ) nZero--;
+      ii += sqlite3Fts5GetVarint(&a[ii], &delta);
+
+      if( ii>=iOff ) break;
+      pLvl->iLeafPgno += nZero+1;
+      pLvl->iRowid += delta;
+      pLvl->iOff = ii;
     }
-    pLvl->iLeafPgno -= nZero;
-    pLvl->iOff = iOff - nZero;
   }
 
   return pLvl->bEof;
@@ -228793,7 +234198,7 @@ static void fts5SegIterLoadRowid(Fts5Index *p, Fts5SegIter *pIter){
   i64 iOff = pIter->iLeafOffset;
 
   ASSERT_SZLEAF_OK(pIter->pLeaf);
-  if( iOff>=pIter->pLeaf->szLeaf ){
+  while( iOff>=pIter->pLeaf->szLeaf ){
     fts5SegIterNextPage(p, pIter);
     if( pIter->pLeaf==0 ){
       if( p->rc==SQLITE_OK ) p->rc = FTS5_CORRUPT;
@@ -228892,10 +234297,12 @@ static void fts5SegIterInit(
     fts5SegIterSetNext(p, pIter);
     pIter->pSeg = pSeg;
     pIter->iLeafPgno = pSeg->pgnoFirst-1;
-    fts5SegIterNextPage(p, pIter);
+    do {
+      fts5SegIterNextPage(p, pIter);
+    }while( p->rc==SQLITE_OK && pIter->pLeaf && pIter->pLeaf->nn==4 );
   }
 
-  if( p->rc==SQLITE_OK ){
+  if( p->rc==SQLITE_OK && pIter->pLeaf ){
     pIter->iLeafOffset = 4;
     assert( pIter->pLeaf!=0 );
     assert_nc( pIter->pLeaf->nn>4 );
@@ -229089,7 +234496,7 @@ static void fts5SegIterNext_None(
   iOff = pIter->iLeafOffset;
 
   /* Next entry is on the next page */
-  if( pIter->pSeg && iOff>=pIter->pLeaf->szLeaf ){
+  while( pIter->pSeg && iOff>=pIter->pLeaf->szLeaf ){
     fts5SegIterNextPage(p, pIter);
     if( p->rc || pIter->pLeaf==0 ) return;
     pIter->iRowid = 0;
@@ -229282,7 +234689,7 @@ static void fts5SegIterReverse(Fts5Index *p, Fts5SegIter *pIter){
   Fts5Data *pLast = 0;
   int pgnoLast = 0;
 
-  if( pDlidx ){
+  if( pDlidx && p->pConfig->iVersion==FTS5_CURRENT_VERSION ){
     int iSegid = pIter->pSeg->iSegid;
     pgnoLast = fts5DlidxIterPgno(pDlidx);
     pLast = fts5LeafRead(p, FTS5_SEGMENT_ROWID(iSegid, pgnoLast));
@@ -229843,7 +235250,8 @@ static int fts5MultiIterDoCompare(Fts5Iter *pIter, int iOut){
 
 /*
 ** Move the seg-iter so that it points to the first rowid on page iLeafPgno.
-** It is an error if leaf iLeafPgno does not exist or contains no rowids.
+** It is an error if leaf iLeafPgno does not exist. Unless the db is
+** a 'secure-delete' db, if it contains no rowids then this is also an error.
 */
 static void fts5SegIterGotoPage(
   Fts5Index *p,                   /* FTS5 backend object */
@@ -229858,21 +235266,23 @@ static void fts5SegIterGotoPage(
     fts5DataRelease(pIter->pNextLeaf);
     pIter->pNextLeaf = 0;
     pIter->iLeafPgno = iLeafPgno-1;
-    fts5SegIterNextPage(p, pIter);
-    assert( p->rc!=SQLITE_OK || pIter->iLeafPgno==iLeafPgno );
 
-    if( p->rc==SQLITE_OK && ALWAYS(pIter->pLeaf!=0) ){
+    while( p->rc==SQLITE_OK ){
       int iOff;
-      u8 *a = pIter->pLeaf->p;
-      int n = pIter->pLeaf->szLeaf;
-
+      fts5SegIterNextPage(p, pIter);
+      if( pIter->pLeaf==0 ) break;
       iOff = fts5LeafFirstRowidOff(pIter->pLeaf);
-      if( iOff<4 || iOff>=n ){
-        p->rc = FTS5_CORRUPT;
-      }else{
-        iOff += fts5GetVarint(&a[iOff], (u64*)&pIter->iRowid);
-        pIter->iLeafOffset = iOff;
-        fts5SegIterLoadNPos(p, pIter);
+      if( iOff>0 ){
+        u8 *a = pIter->pLeaf->p;
+        int n = pIter->pLeaf->szLeaf;
+        if( iOff<4 || iOff>=n ){
+          p->rc = FTS5_CORRUPT;
+        }else{
+          iOff += fts5GetVarint(&a[iOff], (u64*)&pIter->iRowid);
+          pIter->iLeafOffset = iOff;
+          fts5SegIterLoadNPos(p, pIter);
+        }
+        break;
       }
     }
   }
@@ -230587,7 +235997,7 @@ static void fts5MultiIterNew(
     if( iLevel<0 ){
       assert( pStruct->nSegment==fts5StructureCountSegments(pStruct) );
       nSeg = pStruct->nSegment;
-      nSeg += (p->pHash ? 1 : 0);
+      nSeg += (p->pHash && 0==(flags & FTS5INDEX_QUERY_SKIPHASH));
     }else{
       nSeg = MIN(pStruct->aLevel[iLevel].nSeg, nSegment);
     }
@@ -230608,7 +236018,7 @@ static void fts5MultiIterNew(
   if( p->rc==SQLITE_OK ){
     if( iLevel<0 ){
       Fts5StructureLevel *pEnd = &pStruct->aLevel[pStruct->nLevel];
-      if( p->pHash ){
+      if( p->pHash && 0==(flags & FTS5INDEX_QUERY_SKIPHASH) ){
         /* Add a segment iterator for the current contents of the hash table. */
         Fts5SegIter *pIter = &pNew->aSeg[iIter++];
         fts5SegIterHashInit(p, pTerm, nTerm, flags, pIter);
@@ -231208,7 +236618,9 @@ static void fts5WriteAppendRowid(
       fts5BufferAppendVarint(&p->rc, &pPage->buf, iRowid);
     }else{
       assert_nc( p->rc || iRowid>pWriter->iPrevRowid );
-      fts5BufferAppendVarint(&p->rc, &pPage->buf, iRowid - pWriter->iPrevRowid);
+      fts5BufferAppendVarint(&p->rc, &pPage->buf,
+          (u64)iRowid - (u64)pWriter->iPrevRowid
+      );
     }
     pWriter->iPrevRowid = iRowid;
     pWriter->bFirstRowidInDoclist = 0;
@@ -231361,7 +236773,7 @@ static void fts5TrimSegments(Fts5Index *p, Fts5Iter *pIter){
           fts5BufferAppendBlob(&p->rc, &buf, sizeof(aHdr), aHdr);
           fts5BufferAppendVarint(&p->rc, &buf, pSeg->term.n);
           fts5BufferAppendBlob(&p->rc, &buf, pSeg->term.n, pSeg->term.p);
-          fts5BufferAppendBlob(&p->rc, &buf, pData->szLeaf-iOff,&pData->p[iOff]);
+          fts5BufferAppendBlob(&p->rc, &buf,pData->szLeaf-iOff,&pData->p[iOff]);
           if( p->rc==SQLITE_OK ){
             /* Set the szLeaf field */
             fts5PutU16(&buf.p[2], (u16)buf.n);
@@ -231639,16 +237051,16 @@ static void fts5IndexCrisismerge(
 ){
   const int nCrisis = p->pConfig->nCrisisMerge;
   Fts5Structure *pStruct = *ppStruct;
-  int iLvl = 0;
-
-  assert( p->rc!=SQLITE_OK || pStruct->nLevel>0 );
-  while( p->rc==SQLITE_OK && pStruct->aLevel[iLvl].nSeg>=nCrisis ){
-    fts5IndexMergeLevel(p, &pStruct, iLvl, 0);
-    assert( p->rc!=SQLITE_OK || pStruct->nLevel>(iLvl+1) );
-    fts5StructurePromote(p, iLvl+1, pStruct);
-    iLvl++;
+  if( pStruct && pStruct->nLevel>0 ){
+    int iLvl = 0;
+    while( p->rc==SQLITE_OK && pStruct->aLevel[iLvl].nSeg>=nCrisis ){
+      fts5IndexMergeLevel(p, &pStruct, iLvl, 0);
+      assert( p->rc!=SQLITE_OK || pStruct->nLevel>(iLvl+1) );
+      fts5StructurePromote(p, iLvl+1, pStruct);
+      iLvl++;
+    }
+    *ppStruct = pStruct;
   }
-  *ppStruct = pStruct;
 }
 
 static int fts5IndexReturn(Fts5Index *p){
@@ -231682,6 +237094,413 @@ static int fts5PoslistPrefix(const u8 *aBuf, int nMax){
   return ret;
 }
 
+/*
+** Execute the SQL statement:
+**
+**    DELETE FROM %_idx WHERE (segid, (pgno/2)) = ($iSegid, $iPgno);
+**
+** This is used when a secure-delete operation removes the last term
+** from a segment leaf page. In that case the %_idx entry is removed
+** too. This is done to ensure that if all instances of a token are
+** removed from an fts5 database in secure-delete mode, no trace of
+** the token itself remains in the database.
+*/
+static void fts5SecureDeleteIdxEntry(
+  Fts5Index *p,                   /* FTS5 backend object */
+  int iSegid,                     /* Id of segment to delete entry for */
+  int iPgno                       /* Page number within segment */
+){
+  if( iPgno!=1 ){
+    assert( p->pConfig->iVersion==FTS5_CURRENT_VERSION_SECUREDELETE );
+    if( p->pDeleteFromIdx==0 ){
+      fts5IndexPrepareStmt(p, &p->pDeleteFromIdx, sqlite3_mprintf(
+          "DELETE FROM '%q'.'%q_idx' WHERE (segid, (pgno/2)) = (?1, ?2)",
+          p->pConfig->zDb, p->pConfig->zName
+      ));
+    }
+    if( p->rc==SQLITE_OK ){
+      sqlite3_bind_int(p->pDeleteFromIdx, 1, iSegid);
+      sqlite3_bind_int(p->pDeleteFromIdx, 2, iPgno);
+      sqlite3_step(p->pDeleteFromIdx);
+      p->rc = sqlite3_reset(p->pDeleteFromIdx);
+    }
+  }
+}
+
+/*
+** This is called when a secure-delete operation removes a position-list
+** that overflows onto segment page iPgno of segment pSeg. This function
+** rewrites node iPgno, and possibly one or more of its right-hand peers,
+** to remove this portion of the position list.
+**
+** Output variable (*pbLastInDoclist) is set to true if the position-list
+** removed is followed by a new term or the end-of-segment, or false if
+** it is followed by another rowid/position list.
+*/
+static void fts5SecureDeleteOverflow(
+  Fts5Index *p,
+  Fts5StructureSegment *pSeg,
+  int iPgno,
+  int *pbLastInDoclist
+){
+  const int bDetailNone = (p->pConfig->eDetail==FTS5_DETAIL_NONE);
+  int pgno;
+  Fts5Data *pLeaf = 0;
+  assert( iPgno!=1 );
+
+  *pbLastInDoclist = 1;
+  for(pgno=iPgno; p->rc==SQLITE_OK && pgno<=pSeg->pgnoLast; pgno++){
+    i64 iRowid = FTS5_SEGMENT_ROWID(pSeg->iSegid, pgno);
+    int iNext = 0;
+    u8 *aPg = 0;
+
+    pLeaf = fts5DataRead(p, iRowid);
+    if( pLeaf==0 ) break;
+    aPg = pLeaf->p;
+
+    iNext = fts5GetU16(&aPg[0]);
+    if( iNext!=0 ){
+      *pbLastInDoclist = 0;
+    }
+    if( iNext==0 && pLeaf->szLeaf!=pLeaf->nn ){
+      fts5GetVarint32(&aPg[pLeaf->szLeaf], iNext);
+    }
+
+    if( iNext==0 ){
+      /* The page contains no terms or rowids. Replace it with an empty
+      ** page and move on to the right-hand peer.  */
+      const u8 aEmpty[] = {0x00, 0x00, 0x00, 0x04};
+      assert_nc( bDetailNone==0 || pLeaf->nn==4 );
+      if( bDetailNone==0 ) fts5DataWrite(p, iRowid, aEmpty, sizeof(aEmpty));
+      fts5DataRelease(pLeaf);
+      pLeaf = 0;
+    }else if( bDetailNone ){
+      break;
+    }else if( iNext>=pLeaf->szLeaf || iNext<4 ){
+      p->rc = FTS5_CORRUPT;
+      break;
+    }else{
+      int nShift = iNext - 4;
+      int nPg;
+
+      int nIdx = 0;
+      u8 *aIdx = 0;
+
+      /* Unless the current page footer is 0 bytes in size (in which case
+      ** the new page footer will be as well), allocate and populate a
+      ** buffer containing the new page footer. Set stack variables aIdx
+      ** and nIdx accordingly.  */
+      if( pLeaf->nn>pLeaf->szLeaf ){
+        int iFirst = 0;
+        int i1 = pLeaf->szLeaf;
+        int i2 = 0;
+
+        aIdx = sqlite3Fts5MallocZero(&p->rc, (pLeaf->nn-pLeaf->szLeaf)+2);
+        if( aIdx==0 ) break;
+        i1 += fts5GetVarint32(&aPg[i1], iFirst);
+        i2 = sqlite3Fts5PutVarint(aIdx, iFirst-nShift);
+        if( i1nn ){
+          memcpy(&aIdx[i2], &aPg[i1], pLeaf->nn-i1);
+          i2 += (pLeaf->nn-i1);
+        }
+        nIdx = i2;
+      }
+
+      /* Modify the contents of buffer aPg[]. Set nPg to the new size
+      ** in bytes. The new page is always smaller than the old.  */
+      nPg = pLeaf->szLeaf - nShift;
+      memmove(&aPg[4], &aPg[4+nShift], nPg-4);
+      fts5PutU16(&aPg[2], nPg);
+      if( fts5GetU16(&aPg[0]) ) fts5PutU16(&aPg[0], 4);
+      if( nIdx>0 ){
+        memcpy(&aPg[nPg], aIdx, nIdx);
+        nPg += nIdx;
+      }
+      sqlite3_free(aIdx);
+
+      /* Write the new page to disk and exit the loop */
+      assert( nPg>4 || fts5GetU16(aPg)==0 );
+      fts5DataWrite(p, iRowid, aPg, nPg);
+      break;
+    }
+  }
+  fts5DataRelease(pLeaf);
+}
+
+/*
+** Completely remove the entry that pSeg currently points to from
+** the database.
+*/
+static void fts5DoSecureDelete(
+  Fts5Index *p,
+  Fts5SegIter *pSeg
+){
+  const int bDetailNone = (p->pConfig->eDetail==FTS5_DETAIL_NONE);
+  int iSegid = pSeg->pSeg->iSegid;
+  u8 *aPg = pSeg->pLeaf->p;
+  int nPg = pSeg->pLeaf->nn;
+  int iPgIdx = pSeg->pLeaf->szLeaf;
+
+  u64 iDelta = 0;
+  u64 iNextDelta = 0;
+  int iNextOff = 0;
+  int iOff = 0;
+  int nIdx = 0;
+  u8 *aIdx = 0;
+  int bLastInDoclist = 0;
+  int iIdx = 0;
+  int iStart = 0;
+  int iKeyOff = 0;
+  int iPrevKeyOff = 0;
+  int iDelKeyOff = 0;       /* Offset of deleted key, if any */
+
+  nIdx = nPg-iPgIdx;
+  aIdx = sqlite3Fts5MallocZero(&p->rc, nIdx+16);
+  if( p->rc ) return;
+  memcpy(aIdx, &aPg[iPgIdx], nIdx);
+
+  /* At this point segment iterator pSeg points to the entry
+  ** this function should remove from the b-tree segment.
+  **
+  ** In detail=full or detail=column mode, pSeg->iLeafOffset is the
+  ** offset of the first byte in the position-list for the entry to
+  ** remove. Immediately before this comes two varints that will also
+  ** need to be removed:
+  **
+  **     + the rowid or delta rowid value for the entry, and
+  **     + the size of the position list in bytes.
+  **
+  ** Or, in detail=none mode, there is a single varint prior to
+  ** pSeg->iLeafOffset - the rowid or delta rowid value.
+  **
+  ** This block sets the following variables:
+  **
+  **   iStart:
+  **   iDelta:
+  */
+  {
+    int iSOP;
+    if( pSeg->iLeafPgno==pSeg->iTermLeafPgno ){
+      iStart = pSeg->iTermLeafOffset;
+    }else{
+      iStart = fts5GetU16(&aPg[0]);
+    }
+
+    iSOP = iStart + fts5GetVarint(&aPg[iStart], &iDelta);
+    assert_nc( iSOP<=pSeg->iLeafOffset );
+
+    if( bDetailNone ){
+      while( iSOPiLeafOffset ){
+        if( aPg[iSOP]==0x00 ) iSOP++;
+        if( aPg[iSOP]==0x00 ) iSOP++;
+        iStart = iSOP;
+        iSOP = iStart + fts5GetVarint(&aPg[iStart], &iDelta);
+      }
+
+      iNextOff = iSOP;
+      if( iNextOffiEndofDoclist && aPg[iNextOff]==0x00 ) iNextOff++;
+      if( iNextOffiEndofDoclist && aPg[iNextOff]==0x00 ) iNextOff++;
+
+    }else{
+      int nPos = 0;
+      iSOP += fts5GetVarint32(&aPg[iSOP], nPos);
+      while( iSOPiLeafOffset ){
+        iStart = iSOP + (nPos/2);
+        iSOP = iStart + fts5GetVarint(&aPg[iStart], &iDelta);
+        iSOP += fts5GetVarint32(&aPg[iSOP], nPos);
+      }
+      assert_nc( iSOP==pSeg->iLeafOffset );
+      iNextOff = pSeg->iLeafOffset + pSeg->nPos;
+    }
+  }
+
+  iOff = iStart;
+  if( iNextOff>=iPgIdx ){
+    int pgno = pSeg->iLeafPgno+1;
+    fts5SecureDeleteOverflow(p, pSeg->pSeg, pgno, &bLastInDoclist);
+    iNextOff = iPgIdx;
+  }else{
+    /* Set bLastInDoclist to true if the entry being removed is the last
+    ** in its doclist.  */
+    for(iIdx=0, iKeyOff=0; iIdxiTermLeafOffset && pSeg->iLeafPgno==pSeg->iTermLeafPgno
+  ){
+    /* The entry being removed was the only position list in its
+    ** doclist. Therefore the term needs to be removed as well. */
+    int iKey = 0;
+    for(iIdx=0, iKeyOff=0; iIdx(u32)iStart ) break;
+      iKeyOff += iVal;
+    }
+
+    iDelKeyOff = iOff = iKeyOff;
+    if( iNextOff!=iPgIdx ){
+      int nPrefix = 0;
+      int nSuffix = 0;
+      int nPrefix2 = 0;
+      int nSuffix2 = 0;
+
+      iDelKeyOff = iNextOff;
+      iNextOff += fts5GetVarint32(&aPg[iNextOff], nPrefix2);
+      iNextOff += fts5GetVarint32(&aPg[iNextOff], nSuffix2);
+
+      if( iKey!=1 ){
+        iKeyOff += fts5GetVarint32(&aPg[iKeyOff], nPrefix);
+      }
+      iKeyOff += fts5GetVarint32(&aPg[iKeyOff], nSuffix);
+
+      nPrefix = MIN(nPrefix, nPrefix2);
+      nSuffix = (nPrefix2 + nSuffix2) - nPrefix;
+
+      if( (iKeyOff+nSuffix)>iPgIdx || (iNextOff+nSuffix2)>iPgIdx ){
+        p->rc = FTS5_CORRUPT;
+      }else{
+        if( iKey!=1 ){
+          iOff += sqlite3Fts5PutVarint(&aPg[iOff], nPrefix);
+        }
+        iOff += sqlite3Fts5PutVarint(&aPg[iOff], nSuffix);
+        if( nPrefix2>nPrefix ){
+          memcpy(&aPg[iOff], &pSeg->term.p[nPrefix], nPrefix2-nPrefix);
+          iOff += (nPrefix2-nPrefix);
+        }
+        memmove(&aPg[iOff], &aPg[iNextOff], nSuffix2);
+        iOff += nSuffix2;
+        iNextOff += nSuffix2;
+      }
+    }
+  }else if( iStart==4 ){
+      int iPgno;
+
+      assert_nc( pSeg->iLeafPgno>pSeg->iTermLeafPgno );
+      /* The entry being removed may be the only position list in
+      ** its doclist. */
+      for(iPgno=pSeg->iLeafPgno-1; iPgno>pSeg->iTermLeafPgno; iPgno-- ){
+        Fts5Data *pPg = fts5DataRead(p, FTS5_SEGMENT_ROWID(iSegid, iPgno));
+        int bEmpty = (pPg && pPg->nn==4);
+        fts5DataRelease(pPg);
+        if( bEmpty==0 ) break;
+      }
+
+      if( iPgno==pSeg->iTermLeafPgno ){
+        i64 iId = FTS5_SEGMENT_ROWID(iSegid, pSeg->iTermLeafPgno);
+        Fts5Data *pTerm = fts5DataRead(p, iId);
+        if( pTerm && pTerm->szLeaf==pSeg->iTermLeafOffset ){
+          u8 *aTermIdx = &pTerm->p[pTerm->szLeaf];
+          int nTermIdx = pTerm->nn - pTerm->szLeaf;
+          int iTermIdx = 0;
+          int iTermOff = 0;
+
+          while( 1 ){
+            u32 iVal = 0;
+            int nByte = fts5GetVarint32(&aTermIdx[iTermIdx], iVal);
+            iTermOff += iVal;
+            if( (iTermIdx+nByte)>=nTermIdx ) break;
+            iTermIdx += nByte;
+          }
+          nTermIdx = iTermIdx;
+
+          memmove(&pTerm->p[iTermOff], &pTerm->p[pTerm->szLeaf], nTermIdx);
+          fts5PutU16(&pTerm->p[2], iTermOff);
+
+          fts5DataWrite(p, iId, pTerm->p, iTermOff+nTermIdx);
+          if( nTermIdx==0 ){
+            fts5SecureDeleteIdxEntry(p, iSegid, pSeg->iTermLeafPgno);
+          }
+        }
+        fts5DataRelease(pTerm);
+      }
+    }
+
+    if( p->rc==SQLITE_OK ){
+      const int nMove = nPg - iNextOff;
+      int nShift = 0;
+
+      memmove(&aPg[iOff], &aPg[iNextOff], nMove);
+      iPgIdx -= (iNextOff - iOff);
+      nPg = iPgIdx;
+      fts5PutU16(&aPg[2], iPgIdx);
+
+      nShift = iNextOff - iOff;
+      for(iIdx=0, iKeyOff=0, iPrevKeyOff=0; iIdxiOff ){
+            iKeyOff -= nShift;
+            nShift = 0;
+          }
+          nPg += sqlite3Fts5PutVarint(&aPg[nPg], iKeyOff - iPrevKeyOff);
+          iPrevKeyOff = iKeyOff;
+        }
+      }
+
+      if( iPgIdx==nPg && nIdx>0 && pSeg->iLeafPgno!=1 ){
+        fts5SecureDeleteIdxEntry(p, iSegid, pSeg->iLeafPgno);
+      }
+
+      assert_nc( nPg>4 || fts5GetU16(aPg)==0 );
+      fts5DataWrite(p, FTS5_SEGMENT_ROWID(iSegid,pSeg->iLeafPgno), aPg,nPg);
+    }
+    sqlite3_free(aIdx);
+}
+
+/*
+** This is called as part of flushing a delete to disk in 'secure-delete'
+** mode. It edits the segments within the database described by argument
+** pStruct to remove the entries for term zTerm, rowid iRowid.
+*/
+static void fts5FlushSecureDelete(
+  Fts5Index *p,
+  Fts5Structure *pStruct,
+  const char *zTerm,
+  i64 iRowid
+){
+  const int f = FTS5INDEX_QUERY_SKIPHASH;
+  int nTerm = (int)strlen(zTerm);
+  Fts5Iter *pIter = 0;            /* Used to find term instance */
+
+  fts5MultiIterNew(p, pStruct, f, 0, (const u8*)zTerm, nTerm, -1, 0, &pIter);
+  if( fts5MultiIterEof(p, pIter)==0 ){
+    i64 iThis = fts5MultiIterRowid(pIter);
+    if( iThisrc==SQLITE_OK
+     && fts5MultiIterEof(p, pIter)==0
+     && iRowid==fts5MultiIterRowid(pIter)
+    ){
+      Fts5SegIter *pSeg = &pIter->aSeg[pIter->aFirst[1].iFirst];
+      fts5DoSecureDelete(p, pSeg);
+    }
+  }
+
+  fts5MultiIterFree(pIter);
+}
+
+
 /*
 ** Flush the contents of in-memory hash table iHash to a new level-0
 ** segment on disk. Also update the corresponding structure record.
@@ -231704,6 +237523,7 @@ static void fts5FlushOneHash(Fts5Index *p){
   if( iSegid ){
     const int pgsz = p->pConfig->pgsz;
     int eDetail = p->pConfig->eDetail;
+    int bSecureDelete = p->pConfig->bSecureDelete;
     Fts5StructureSegment *pSeg;   /* New segment within pStruct */
     Fts5Buffer *pBuf;             /* Buffer in which to assemble leaf page */
     Fts5Buffer *pPgidx;           /* Buffer in which to assemble pgidx */
@@ -231726,40 +237546,77 @@ static void fts5FlushOneHash(Fts5Index *p){
     }
     while( p->rc==SQLITE_OK && 0==sqlite3Fts5HashScanEof(pHash) ){
       const char *zTerm;          /* Buffer containing term */
+      int nTerm;                  /* Size of zTerm in bytes */
       const u8 *pDoclist;         /* Pointer to doclist for this term */
       int nDoclist;               /* Size of doclist in bytes */
 
-      /* Write the term for this entry to disk. */
+      /* Get the term and doclist for this entry. */
       sqlite3Fts5HashScanEntry(pHash, &zTerm, &pDoclist, &nDoclist);
-      fts5WriteAppendTerm(p, &writer, (int)strlen(zTerm), (const u8*)zTerm);
-      if( p->rc!=SQLITE_OK ) break;
+      nTerm = (int)strlen(zTerm);
+      if( bSecureDelete==0 ){
+        fts5WriteAppendTerm(p, &writer, nTerm, (const u8*)zTerm);
+        if( p->rc!=SQLITE_OK ) break;
+        assert( writer.bFirstRowidInPage==0 );
+      }
 
-      assert( writer.bFirstRowidInPage==0 );
-      if( pgsz>=(pBuf->n + pPgidx->n + nDoclist + 1) ){
+      if( !bSecureDelete && pgsz>=(pBuf->n + pPgidx->n + nDoclist + 1) ){
         /* The entire doclist will fit on the current leaf. */
         fts5BufferSafeAppendBlob(pBuf, pDoclist, nDoclist);
       }else{
+        int bTermWritten = !bSecureDelete;
         i64 iRowid = 0;
-        u64 iDelta = 0;
+        i64 iPrev = 0;
         int iOff = 0;
 
         /* The entire doclist will not fit on this leaf. The following
         ** loop iterates through the poslists that make up the current
         ** doclist.  */
         while( p->rc==SQLITE_OK && iOffrc!=SQLITE_OK || pDoclist[iOff]==0x01 ){
+                iOff++;
+                continue;
+              }
+            }
+          }
+
+          if( p->rc==SQLITE_OK && bTermWritten==0 ){
+            fts5WriteAppendTerm(p, &writer, nTerm, (const u8*)zTerm);
+            bTermWritten = 1;
+            assert( p->rc!=SQLITE_OK || writer.bFirstRowidInPage==0 );
+          }
+
           if( writer.bFirstRowidInPage ){
             fts5PutU16(&pBuf->p[0], (u16)pBuf->n);   /* first rowid on page */
             pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iRowid);
             writer.bFirstRowidInPage = 0;
             fts5WriteDlidxAppend(p, &writer, iRowid);
-            if( p->rc!=SQLITE_OK ) break;
           }else{
-            pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iDelta);
+            pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iRowid-iPrev);
           }
+          if( p->rc!=SQLITE_OK ) break;
           assert( pBuf->n<=pBuf->nSpace );
+          iPrev = iRowid;
 
           if( eDetail==FTS5_DETAIL_NONE ){
             if( iOffnLevel==0 ){
-      fts5StructureAddLevel(&p->rc, &pStruct);
-    }
-    fts5StructureExtendLevel(&p->rc, pStruct, 0, 1, 0);
-    if( p->rc==SQLITE_OK ){
-      pSeg = &pStruct->aLevel[0].aSeg[ pStruct->aLevel[0].nSeg++ ];
-      pSeg->iSegid = iSegid;
-      pSeg->pgnoFirst = 1;
-      pSeg->pgnoLast = pgnoLast;
-      pStruct->nSegment++;
+    assert( p->rc!=SQLITE_OK || bSecureDelete || pgnoLast>0 );
+    if( pgnoLast>0 ){
+      /* Update the Fts5Structure. It is written back to the database by the
+      ** fts5StructureRelease() call below.  */
+      if( pStruct->nLevel==0 ){
+        fts5StructureAddLevel(&p->rc, &pStruct);
+      }
+      fts5StructureExtendLevel(&p->rc, pStruct, 0, 1, 0);
+      if( p->rc==SQLITE_OK ){
+        pSeg = &pStruct->aLevel[0].aSeg[ pStruct->aLevel[0].nSeg++ ];
+        pSeg->iSegid = iSegid;
+        pSeg->pgnoFirst = 1;
+        pSeg->pgnoLast = pgnoLast;
+        pStruct->nSegment++;
+      }
+      fts5StructurePromote(p, 0, pStruct);
     }
-    fts5StructurePromote(p, 0, pStruct);
   }
 
   fts5IndexAutomerge(p, &pStruct, pgnoLast);
@@ -231887,10 +237747,10 @@ static Fts5Structure *fts5IndexOptimizeStruct(
   if( pNew ){
     Fts5StructureLevel *pLvl;
     nByte = nSeg * sizeof(Fts5StructureSegment);
-    pNew->nLevel = pStruct->nLevel+1;
+    pNew->nLevel = MIN(pStruct->nLevel+1, FTS5_MAX_LEVEL);
     pNew->nRef = 1;
     pNew->nWriteCounter = pStruct->nWriteCounter;
-    pLvl = &pNew->aLevel[pStruct->nLevel];
+    pLvl = &pNew->aLevel[pNew->nLevel-1];
     pLvl->aSeg = (Fts5StructureSegment*)sqlite3Fts5MallocZero(&p->rc, nByte);
     if( pLvl->aSeg ){
       int iLvl, iSeg;
@@ -231972,7 +237832,7 @@ static int sqlite3Fts5IndexMerge(Fts5Index *p, int nMerge){
 
 static void fts5AppendRowid(
   Fts5Index *p,
-  i64 iDelta,
+  u64 iDelta,
   Fts5Iter *pUnused,
   Fts5Buffer *pBuf
 ){
@@ -231982,7 +237842,7 @@ static void fts5AppendRowid(
 
 static void fts5AppendPoslist(
   Fts5Index *p,
-  i64 iDelta,
+  u64 iDelta,
   Fts5Iter *pMulti,
   Fts5Buffer *pBuf
 ){
@@ -232057,10 +237917,10 @@ static void fts5MergeAppendDocid(
 }
 #endif
 
-#define fts5MergeAppendDocid(pBuf, iLastRowid, iRowid) {       \
-  assert( (pBuf)->n!=0 || (iLastRowid)==0 );                   \
-  fts5BufferSafeAppendVarint((pBuf), (iRowid) - (iLastRowid)); \
-  (iLastRowid) = (iRowid);                                     \
+#define fts5MergeAppendDocid(pBuf, iLastRowid, iRowid) {                 \
+  assert( (pBuf)->n!=0 || (iLastRowid)==0 );                             \
+  fts5BufferSafeAppendVarint((pBuf), (u64)(iRowid) - (u64)(iLastRowid)); \
+  (iLastRowid) = (iRowid);                                               \
 }
 
 /*
@@ -232192,7 +238052,7 @@ static void fts5MergePrefixLists(
   /* Initialize a doclist-iterator for each input buffer. Arrange them in
   ** a linked-list starting at pHead in ascending order of rowid. Avoid
   ** linking any iterators already at EOF into the linked list at all. */
-  assert( nBuf+1<=sizeof(aMerger)/sizeof(aMerger[0]) );
+  assert( nBuf+1<=(int)(sizeof(aMerger)/sizeof(aMerger[0])) );
   memset(aMerger, 0, sizeof(PrefixMerger)*(nBuf+1));
   pHead = &aMerger[nBuf];
   fts5DoclistIterInit(p1, &pHead->iter);
@@ -232331,7 +238191,7 @@ static void fts5SetupPrefixIter(
   int nMerge = 1;
 
   void (*xMerge)(Fts5Index*, Fts5Buffer*, int, Fts5Buffer*);
-  void (*xAppend)(Fts5Index*, i64, Fts5Iter*, Fts5Buffer*);
+  void (*xAppend)(Fts5Index*, u64, Fts5Iter*, Fts5Buffer*);
   if( p->pConfig->eDetail==FTS5_DETAIL_NONE ){
     xMerge = fts5MergeRowidLists;
     xAppend = fts5AppendRowid;
@@ -232370,7 +238230,7 @@ static void fts5SetupPrefixIter(
         Fts5SegIter *pSeg = &p1->aSeg[ p1->aFirst[1].iFirst ];
         p1->xSetOutputs(p1, pSeg);
         if( p1->base.nData ){
-          xAppend(p, p1->base.iRowid-iLastRowid, p1, &doclist);
+          xAppend(p, (u64)p1->base.iRowid-(u64)iLastRowid, p1, &doclist);
           iLastRowid = p1->base.iRowid;
         }
       }
@@ -232418,7 +238278,7 @@ static void fts5SetupPrefixIter(
         iLastRowid = 0;
       }
 
-      xAppend(p, p1->base.iRowid-iLastRowid, p1, &doclist);
+      xAppend(p, (u64)p1->base.iRowid-(u64)iLastRowid, p1, &doclist);
       iLastRowid = p1->base.iRowid;
     }
 
@@ -232572,6 +238432,7 @@ static int sqlite3Fts5IndexClose(Fts5Index *p){
     sqlite3_finalize(p->pIdxDeleter);
     sqlite3_finalize(p->pIdxSelect);
     sqlite3_finalize(p->pDataVersion);
+    sqlite3_finalize(p->pDeleteFromIdx);
     sqlite3Fts5HashFree(p->pHash);
     sqlite3_free(p->zDataTbl);
     sqlite3_free(p);
@@ -233202,6 +239063,7 @@ static void fts5IndexIntegrityCheckSegment(
   Fts5StructureSegment *pSeg      /* Segment to check internal consistency */
 ){
   Fts5Config *pConfig = p->pConfig;
+  int bSecureDelete = (pConfig->iVersion==FTS5_CURRENT_VERSION_SECUREDELETE);
   sqlite3_stmt *pStmt = 0;
   int rc2;
   int iIdxPrevLeaf = pSeg->pgnoFirst-1;
@@ -233237,7 +239099,19 @@ static void fts5IndexIntegrityCheckSegment(
     ** is also a rowid pointer within the leaf page header, it points to a
     ** location before the term.  */
     if( pLeaf->nn<=pLeaf->szLeaf ){
-      p->rc = FTS5_CORRUPT;
+
+      if( nIdxTerm==0
+       && pConfig->iVersion==FTS5_CURRENT_VERSION_SECUREDELETE
+       && pLeaf->nn==pLeaf->szLeaf
+       && pLeaf->nn==4
+      ){
+        /* special case - the very first page in a segment keeps its %_idx
+        ** entry even if all the terms are removed from it by secure-delete
+        ** operations. */
+      }else{
+        p->rc = FTS5_CORRUPT;
+      }
+
     }else{
       int iOff;                   /* Offset of first term on leaf */
       int iRowidOff;              /* Offset of first rowid on leaf */
@@ -233301,9 +239175,12 @@ static void fts5IndexIntegrityCheckSegment(
           ASSERT_SZLEAF_OK(pLeaf);
           if( iRowidOff>=pLeaf->szLeaf ){
             p->rc = FTS5_CORRUPT;
-          }else{
+          }else if( bSecureDelete==0 || iRowidOff>0 ){
+            i64 iDlRowid = fts5DlidxIterRowid(pDlidx);
             fts5GetVarint(&pLeaf->p[iRowidOff], (u64*)&iRowid);
-            if( iRowid!=fts5DlidxIterRowid(pDlidx) ) p->rc = FTS5_CORRUPT;
+            if( iRowidrc = FTS5_CORRUPT;
+            }
           }
           fts5DataRelease(pLeaf);
         }
@@ -233397,6 +239274,7 @@ static int sqlite3Fts5IndexIntegrityCheck(Fts5Index *p, u64 cksum, int bUseCksum
 
     /* If this is a new term, query for it. Update cksum3 with the results. */
     fts5TestTerm(p, &term, z, n, cksum2, &cksum3);
+    if( p->rc ) break;
 
     if( eDetail==FTS5_DETAIL_NONE ){
       if( 0==fts5MultiIterIsEmpty(p, pIter) ){
@@ -234201,7 +240079,7 @@ static void fts5CheckTransactionState(Fts5FullTable *p, int op, int iSavepoint){
       break;
 
     case FTS5_SYNC:
-      assert( p->ts.eState==1 );
+      assert( p->ts.eState==1 || p->ts.eState==2 );
       p->ts.eState = 2;
       break;
 
@@ -234216,21 +240094,21 @@ static void fts5CheckTransactionState(Fts5FullTable *p, int op, int iSavepoint){
       break;
 
     case FTS5_SAVEPOINT:
-      assert( p->ts.eState==1 );
+      assert( p->ts.eState>=1 );
       assert( iSavepoint>=0 );
       assert( iSavepoint>=p->ts.iSavepoint );
       p->ts.iSavepoint = iSavepoint;
       break;
 
     case FTS5_RELEASE:
-      assert( p->ts.eState==1 );
+      assert( p->ts.eState>=1 );
       assert( iSavepoint>=0 );
       assert( iSavepoint<=p->ts.iSavepoint );
       p->ts.iSavepoint = iSavepoint-1;
       break;
 
     case FTS5_ROLLBACKTO:
-      assert( p->ts.eState==1 );
+      assert( p->ts.eState>=1 );
       assert( iSavepoint>=-1 );
       /* The following assert() can fail if another vtab strikes an error
       ** within an xSavepoint() call then SQLite calls xRollbackTo() - without
@@ -235564,9 +241442,11 @@ static int fts5UpdateMethod(
   Fts5Config *pConfig = pTab->p.pConfig;
   int eType0;                     /* value_type() of apVal[0] */
   int rc = SQLITE_OK;             /* Return code */
+  int bUpdateOrDelete = 0;
+
 
   /* A transaction must be open when this is called. */
-  assert( pTab->ts.eState==1 );
+  assert( pTab->ts.eState==1 || pTab->ts.eState==2 );
 
   assert( pVtab->zErrMsg==0 );
   assert( nArg==1 || nArg==(2+pConfig->nCol+2) );
@@ -235574,6 +241454,11 @@ static int fts5UpdateMethod(
        || sqlite3_value_type(apVal[0])==SQLITE_NULL
   );
   assert( pTab->p.pConfig->pzErrmsg==0 );
+  if( pConfig->pgsz==0 ){
+    rc = sqlite3Fts5IndexLoadConfig(pTab->p.pIndex);
+    if( rc!=SQLITE_OK ) return rc;
+  }
+
   pTab->p.pConfig->pzErrmsg = &pTab->p.base.zErrMsg;
 
   /* Put any active cursors into REQUIRE_SEEK state. */
@@ -235626,6 +241511,7 @@ static int fts5UpdateMethod(
     else if( nArg==1 ){
       i64 iDel = sqlite3_value_int64(apVal[0]);  /* Rowid to delete */
       rc = sqlite3Fts5StorageDelete(pTab->pStorage, iDel, 0);
+      bUpdateOrDelete = 1;
     }
 
     /* INSERT or UPDATE */
@@ -235641,6 +241527,7 @@ static int fts5UpdateMethod(
         if( eConflict==SQLITE_REPLACE && eType1==SQLITE_INTEGER ){
           i64 iNew = sqlite3_value_int64(apVal[1]);  /* Rowid to delete */
           rc = sqlite3Fts5StorageDelete(pTab->pStorage, iNew, 0);
+          bUpdateOrDelete = 1;
         }
         fts5StorageInsert(&rc, pTab, apVal, pRowid);
       }
@@ -235669,10 +241556,24 @@ static int fts5UpdateMethod(
           rc = sqlite3Fts5StorageDelete(pTab->pStorage, iOld, 0);
           fts5StorageInsert(&rc, pTab, apVal, pRowid);
         }
+        bUpdateOrDelete = 1;
       }
     }
   }
 
+  if( rc==SQLITE_OK
+   && bUpdateOrDelete
+   && pConfig->bSecureDelete
+   && pConfig->iVersion==FTS5_CURRENT_VERSION
+  ){
+    rc = sqlite3Fts5StorageConfigValue(
+        pTab->pStorage, "version", 0, FTS5_CURRENT_VERSION_SECUREDELETE
+    );
+    if( rc==SQLITE_OK ){
+      pConfig->iVersion = FTS5_CURRENT_VERSION_SECUREDELETE;
+    }
+  }
+
   pTab->p.pConfig->pzErrmsg = 0;
   return rc;
 }
@@ -236532,6 +242433,7 @@ static int fts5RollbackToMethod(sqlite3_vtab *pVtab, int iSavepoint){
   UNUSED_PARAM(iSavepoint);  /* Call below is a no-op for NDEBUG builds */
   fts5CheckTransactionState(pTab, FTS5_ROLLBACKTO, iSavepoint);
   fts5TripCursors(pTab);
+  pTab->p.pConfig->pgsz = 0;
   return sqlite3Fts5StorageRollback(pTab->pStorage);
 }
 
@@ -236734,7 +242636,7 @@ static void fts5SourceIdFunc(
 ){
   assert( nArg==0 );
   UNUSED_PARAM2(nArg, apUnused);
-  sqlite3_result_text(pCtx, "fts5: 2022-09-29 15:55:41 a29f9949895322123f7c38fbe94c649a9d6e6c9cd0c3b41c96d694552f26b309", -1, SQLITE_TRANSIENT);
+  sqlite3_result_text(pCtx, "fts5: 2023-05-16 12:36:15 831d0fb2836b71c9bc51067c49fee4b8f18047814f2ff22d817d25195cf350b0", -1, SQLITE_TRANSIENT);
 }
 
 /*
@@ -236807,7 +242709,9 @@ static int fts5Init(sqlite3 *db){
     }
     if( rc==SQLITE_OK ){
       rc = sqlite3_create_function(
-          db, "fts5_source_id", 0, SQLITE_UTF8, p, fts5SourceIdFunc, 0, 0
+          db, "fts5_source_id", 0,
+          SQLITE_UTF8|SQLITE_DETERMINISTIC|SQLITE_INNOCUOUS,
+          p, fts5SourceIdFunc, 0, 0
       );
     }
   }
@@ -241472,6 +247376,10 @@ static int stmtConnect(
 #define STMT_COLUMN_MEM    10   /* SQLITE_STMTSTATUS_MEMUSED */
 
 
+  (void)pAux;
+  (void)argc;
+  (void)argv;
+  (void)pzErr;
   rc = sqlite3_declare_vtab(db,
      "CREATE TABLE x(sql,ncol,ro,busy,nscan,nsort,naidx,nstep,"
                     "reprep,run,mem)");
@@ -241591,6 +247499,10 @@ static int stmtFilter(
   sqlite3_int64 iRowid = 1;
   StmtRow **ppRow = 0;
 
+  (void)idxNum;
+  (void)idxStr;
+  (void)argc;
+  (void)argv;
   stmtCsrReset(pCur);
   ppRow = &pCur->pRow;
   for(p=sqlite3_next_stmt(pCur->db, 0); p; p=sqlite3_next_stmt(pCur->db, p)){
@@ -241646,6 +247558,7 @@ static int stmtBestIndex(
   sqlite3_vtab *tab,
   sqlite3_index_info *pIdxInfo
 ){
+  (void)tab;
   pIdxInfo->estimatedCost = (double)500;
   pIdxInfo->estimatedRows = 500;
   return SQLITE_OK;
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
index ab00ef50c..57eac0abf 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
@@ -147,9 +147,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.39.4"
-#define SQLITE_VERSION_NUMBER 3039004
-#define SQLITE_SOURCE_ID      "2022-09-29 15:55:41 a29f9949895322123f7c38fbe94c649a9d6e6c9cd0c3b41c96d694552f26b309"
+#define SQLITE_VERSION        "3.42.0"
+#define SQLITE_VERSION_NUMBER 3042000
+#define SQLITE_SOURCE_ID      "2023-05-16 12:36:15 831d0fb2836b71c9bc51067c49fee4b8f18047814f2ff22d817d25195cf350b0"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -564,6 +564,7 @@ SQLITE_API int sqlite3_exec(
 #define SQLITE_CONSTRAINT_DATATYPE     (SQLITE_CONSTRAINT |(12<<8))
 #define SQLITE_NOTICE_RECOVER_WAL      (SQLITE_NOTICE | (1<<8))
 #define SQLITE_NOTICE_RECOVER_ROLLBACK (SQLITE_NOTICE | (2<<8))
+#define SQLITE_NOTICE_RBU              (SQLITE_NOTICE | (3<<8))
 #define SQLITE_WARNING_AUTOINDEX       (SQLITE_WARNING | (1<<8))
 #define SQLITE_AUTH_USER               (SQLITE_AUTH | (1<<8))
 #define SQLITE_OK_LOAD_PERMANENTLY     (SQLITE_OK | (1<<8))
@@ -671,13 +672,17 @@ SQLITE_API int sqlite3_exec(
 **
 ** SQLite uses one of these integer values as the second
 ** argument to calls it makes to the xLock() and xUnlock() methods
-** of an [sqlite3_io_methods] object.
+** of an [sqlite3_io_methods] object.  These values are ordered from
+** lest restrictive to most restrictive.
+**
+** The argument to xLock() is always SHARED or higher.  The argument to
+** xUnlock is either SHARED or NONE.
 */
-#define SQLITE_LOCK_NONE          0
-#define SQLITE_LOCK_SHARED        1
-#define SQLITE_LOCK_RESERVED      2
-#define SQLITE_LOCK_PENDING       3
-#define SQLITE_LOCK_EXCLUSIVE     4
+#define SQLITE_LOCK_NONE          0       /* xUnlock() only */
+#define SQLITE_LOCK_SHARED        1       /* xLock() or xUnlock() */
+#define SQLITE_LOCK_RESERVED      2       /* xLock() only */
+#define SQLITE_LOCK_PENDING       3       /* xLock() only */
+#define SQLITE_LOCK_EXCLUSIVE     4       /* xLock() only */
 
 /*
 ** CAPI3REF: Synchronization Type Flags
@@ -755,7 +760,14 @@ struct sqlite3_file {
 ** 
    4.  [SQLITE_LOCK_PENDING], or
 ** 
    5.  [SQLITE_LOCK_EXCLUSIVE].
 ** 
-** xLock() increases the lock. xUnlock() decreases the lock.
+** xLock() upgrades the database file lock.  In other words, xLock() moves the
+** database file lock in the direction NONE toward EXCLUSIVE. The argument to
+** xLock() is always on of SHARED, RESERVED, PENDING, or EXCLUSIVE, never
+** SQLITE_LOCK_NONE.  If the database file lock is already at or above the
+** requested lock, then the call to xLock() is a no-op.
+** xUnlock() downgrades the database file lock to either SHARED or NONE.
+*  If the lock is already at or below the requested lock state, then the call
+** to xUnlock() is a no-op.
 ** The xCheckReservedLock() method checks whether any database connection,
 ** either in this process or in some other process, is holding a RESERVED,
 ** PENDING, or EXCLUSIVE lock on the file.  It returns true
@@ -860,9 +872,8 @@ struct sqlite3_io_methods {
 ** opcode causes the xFileControl method to write the current state of
 ** the lock (one of [SQLITE_LOCK_NONE], [SQLITE_LOCK_SHARED],
 ** [SQLITE_LOCK_RESERVED], [SQLITE_LOCK_PENDING], or [SQLITE_LOCK_EXCLUSIVE])
-** into an integer that the pArg argument points to. This capability
-** is used during testing and is only available when the SQLITE_TEST
-** compile-time option is used.
+** into an integer that the pArg argument points to.
+** This capability is only available if SQLite is compiled with [SQLITE_DEBUG].
 **
 ** 
    6. [[SQLITE_FCNTL_SIZE_HINT]]
 ** The [SQLITE_FCNTL_SIZE_HINT] opcode is used by SQLite to give the VFS
@@ -1166,7 +1177,6 @@ struct sqlite3_io_methods {
 ** in wal mode after the client has finished copying pages from the wal
 ** file to the database file, but before the *-shm file is updated to
 ** record the fact that the pages have been checkpointed.
-** 
 **
 ** 
    7. [[SQLITE_FCNTL_EXTERNAL_READER]]
 ** The EXPERIMENTAL [SQLITE_FCNTL_EXTERNAL_READER] opcode is used to detect
@@ -1179,10 +1189,16 @@ struct sqlite3_io_methods {
 ** the database is not a wal-mode db, or if there is no such connection in any
 ** other process. This opcode cannot be used to detect transactions opened
 ** by clients within the current process, only within other processes.
-** 
 **
 ** 
    8. [[SQLITE_FCNTL_CKSM_FILE]]
-** Used by the cksmvfs VFS module only.
+** The [SQLITE_FCNTL_CKSM_FILE] opcode is for use interally by the
+** [checksum VFS shim] only.
+**
+** 
    9. [[SQLITE_FCNTL_RESET_CACHE]]
+** If there is currently no transaction open on the database, and the
+** database is not a temp db, then the [SQLITE_FCNTL_RESET_CACHE] file-control
+** purges the contents of the in-memory page cache. If there is an open
+** transaction, or if the db is a temp-db, this opcode is a no-op, not an error.
 ** 
 */
 #define SQLITE_FCNTL_LOCKSTATE               1
@@ -1225,6 +1241,7 @@ struct sqlite3_io_methods {
 #define SQLITE_FCNTL_CKPT_START             39
 #define SQLITE_FCNTL_EXTERNAL_READER        40
 #define SQLITE_FCNTL_CKSM_FILE              41
+#define SQLITE_FCNTL_RESET_CACHE            42
 
 /* deprecated names */
 #define SQLITE_GET_LOCKPROXYFILE      SQLITE_FCNTL_GET_LOCKPROXYFILE
@@ -1254,6 +1271,26 @@ typedef struct sqlite3_mutex sqlite3_mutex;
 */
 typedef struct sqlite3_api_routines sqlite3_api_routines;
 
+/*
+** CAPI3REF: File Name
+**
+** Type [sqlite3_filename] is used by SQLite to pass filenames to the
+** xOpen method of a [VFS]. It may be cast to (const char*) and treated
+** as a normal, nul-terminated, UTF-8 buffer containing the filename, but
+** may also be passed to special APIs such as:
+**
+** 
        
+** 
      •   sqlite3_filename_database()
+** 
      •   sqlite3_filename_journal()
+** 
      •   sqlite3_filename_wal()
+** 
      •   sqlite3_uri_parameter()
+** 
      •   sqlite3_uri_boolean()
+** 
      •   sqlite3_uri_int64()
+** 
      •   sqlite3_uri_key()
+** 
      
+*/
+typedef const char *sqlite3_filename;
+
 /*
 ** CAPI3REF: OS Interface Object
 **
@@ -1432,7 +1469,7 @@ struct sqlite3_vfs {
   sqlite3_vfs *pNext;      /* Next registered VFS */
   const char *zName;       /* Name of this virtual file system */
   void *pAppData;          /* Pointer to application-specific data */
-  int (*xOpen)(sqlite3_vfs*, const char *zName, sqlite3_file*,
+  int (*xOpen)(sqlite3_vfs*, sqlite3_filename zName, sqlite3_file*,
                int flags, int *pOutFlags);
   int (*xDelete)(sqlite3_vfs*, const char *zName, int syncDir);
   int (*xAccess)(sqlite3_vfs*, const char *zName, int flags, int *pResOut);
@@ -1619,20 +1656,23 @@ SQLITE_API int sqlite3_os_end(void);
 ** must ensure that no other SQLite interfaces are invoked by other
 ** threads while sqlite3_config() is running.
 **
-** The sqlite3_config() interface
-** may only be invoked prior to library initialization using
-** [sqlite3_initialize()] or after shutdown by [sqlite3_shutdown()].
-** ^If sqlite3_config() is called after [sqlite3_initialize()] and before
-** [sqlite3_shutdown()] then it will return SQLITE_MISUSE.
-** Note, however, that ^sqlite3_config() can be called as part of the
-** implementation of an application-defined [sqlite3_os_init()].
-**
 ** The first argument to sqlite3_config() is an integer
 ** [configuration option] that determines
 ** what property of SQLite is to be configured.  Subsequent arguments
 ** vary depending on the [configuration option]
 ** in the first argument.
 **
+** For most configuration options, the sqlite3_config() interface
+** may only be invoked prior to library initialization using
+** [sqlite3_initialize()] or after shutdown by [sqlite3_shutdown()].
+** The exceptional configuration options that may be invoked at any time
+** are called "anytime configuration options".
+** ^If sqlite3_config() is called after [sqlite3_initialize()] and before
+** [sqlite3_shutdown()] with a first argument that is not an anytime
+** configuration option, then the sqlite3_config() call will return SQLITE_MISUSE.
+** Note, however, that ^sqlite3_config() can be called as part of the
+** implementation of an application-defined [sqlite3_os_init()].
+**
 ** ^When a configuration option is set, sqlite3_config() returns [SQLITE_OK].
 ** ^If the option is unknown or SQLite is unable to set the option
 ** then this routine returns a non-zero [error code].
@@ -1740,6 +1780,23 @@ struct sqlite3_mem_methods {
 ** These constants are the available integer configuration options that
 ** can be passed as the first argument to the [sqlite3_config()] interface.
 **
+** Most of the configuration options for sqlite3_config()
+** will only work if invoked prior to [sqlite3_initialize()] or after
+** [sqlite3_shutdown()].  The few exceptions to this rule are called
+** "anytime configuration options".
+** ^Calling [sqlite3_config()] with a first argument that is not an
+** anytime configuration option in between calls to [sqlite3_initialize()] and
+** [sqlite3_shutdown()] is a no-op that returns SQLITE_MISUSE.
+**
+** The set of anytime configuration options can change (by insertions
+** and/or deletions) from one release of SQLite to the next.
+** As of SQLite version 3.42.0, the complete set of anytime configuration
+** options is:
+** 
        
+** 
      •  SQLITE_CONFIG_LOG
+** 
      •  SQLITE_CONFIG_PCACHE_HDRSZ
+** 
      
+**
 ** New configuration options may be added in future releases of SQLite.
 ** Existing configuration options might be discontinued.  Applications
 ** should check the return code from [sqlite3_config()] to make sure that
@@ -2086,28 +2143,28 @@ struct sqlite3_mem_methods {
 ** compile-time option is not set, then the default maximum is 1073741824.
 ** 
 */
-#define SQLITE_CONFIG_SINGLETHREAD  1  /* nil */
-#define SQLITE_CONFIG_MULTITHREAD   2  /* nil */
-#define SQLITE_CONFIG_SERIALIZED    3  /* nil */
-#define SQLITE_CONFIG_MALLOC        4  /* sqlite3_mem_methods* */
-#define SQLITE_CONFIG_GETMALLOC     5  /* sqlite3_mem_methods* */
-#define SQLITE_CONFIG_SCRATCH       6  /* No longer used */
-#define SQLITE_CONFIG_PAGECACHE     7  /* void*, int sz, int N */
-#define SQLITE_CONFIG_HEAP          8  /* void*, int nByte, int min */
-#define SQLITE_CONFIG_MEMSTATUS     9  /* boolean */
-#define SQLITE_CONFIG_MUTEX        10  /* sqlite3_mutex_methods* */
-#define SQLITE_CONFIG_GETMUTEX     11  /* sqlite3_mutex_methods* */
-/* previously SQLITE_CONFIG_CHUNKALLOC 12 which is now unused. */
-#define SQLITE_CONFIG_LOOKASIDE    13  /* int int */
-#define SQLITE_CONFIG_PCACHE       14  /* no-op */
-#define SQLITE_CONFIG_GETPCACHE    15  /* no-op */
-#define SQLITE_CONFIG_LOG          16  /* xFunc, void* */
-#define SQLITE_CONFIG_URI          17  /* int */
-#define SQLITE_CONFIG_PCACHE2      18  /* sqlite3_pcache_methods2* */
-#define SQLITE_CONFIG_GETPCACHE2   19  /* sqlite3_pcache_methods2* */
+#define SQLITE_CONFIG_SINGLETHREAD         1  /* nil */
+#define SQLITE_CONFIG_MULTITHREAD          2  /* nil */
+#define SQLITE_CONFIG_SERIALIZED           3  /* nil */
+#define SQLITE_CONFIG_MALLOC               4  /* sqlite3_mem_methods* */
+#define SQLITE_CONFIG_GETMALLOC            5  /* sqlite3_mem_methods* */
+#define SQLITE_CONFIG_SCRATCH              6  /* No longer used */
+#define SQLITE_CONFIG_PAGECACHE            7  /* void*, int sz, int N */
+#define SQLITE_CONFIG_HEAP                 8  /* void*, int nByte, int min */
+#define SQLITE_CONFIG_MEMSTATUS            9  /* boolean */
+#define SQLITE_CONFIG_MUTEX               10  /* sqlite3_mutex_methods* */
+#define SQLITE_CONFIG_GETMUTEX            11  /* sqlite3_mutex_methods* */
+/* previously SQLITE_CONFIG_CHUNKALLOC    12 which is now unused. */
+#define SQLITE_CONFIG_LOOKASIDE           13  /* int int */
+#define SQLITE_CONFIG_PCACHE              14  /* no-op */
+#define SQLITE_CONFIG_GETPCACHE           15  /* no-op */
+#define SQLITE_CONFIG_LOG                 16  /* xFunc, void* */
+#define SQLITE_CONFIG_URI                 17  /* int */
+#define SQLITE_CONFIG_PCACHE2             18  /* sqlite3_pcache_methods2* */
+#define SQLITE_CONFIG_GETPCACHE2          19  /* sqlite3_pcache_methods2* */
 #define SQLITE_CONFIG_COVERING_INDEX_SCAN 20  /* int */
-#define SQLITE_CONFIG_SQLLOG       21  /* xSqllog, void* */
-#define SQLITE_CONFIG_MMAP_SIZE    22  /* sqlite3_int64, sqlite3_int64 */
+#define SQLITE_CONFIG_SQLLOG              21  /* xSqllog, void* */
+#define SQLITE_CONFIG_MMAP_SIZE           22  /* sqlite3_int64, sqlite3_int64 */
 #define SQLITE_CONFIG_WIN32_HEAPSIZE      23  /* int nByte */
 #define SQLITE_CONFIG_PCACHE_HDRSZ        24  /* int *psz */
 #define SQLITE_CONFIG_PMASZ               25  /* unsigned int szPma */
@@ -2148,7 +2205,7 @@ struct sqlite3_mem_methods {
 ** configuration for a database connection can only be changed when that
 ** connection is not currently using lookaside memory, or in other words
 ** when the "current value" returned by
-** [sqlite3_db_status](D,[SQLITE_CONFIG_LOOKASIDE],...) is zero.
+** [sqlite3_db_status](D,[SQLITE_DBSTATUS_LOOKASIDE_USED],...) is zero.
 ** Any attempt to change the lookaside memory configuration when lookaside
 ** memory is in use leaves the configuration unchanged and returns
 ** [SQLITE_BUSY].)^
@@ -2298,8 +2355,12 @@ struct sqlite3_mem_methods {
 ** 
    10.  sqlite3_db_config(db, SQLITE_DBCONFIG_RESET_DATABASE, 0, 0);
 ** 
 ** Because resetting a database is destructive and irreversible, the
-** process requires the use of this obscure API and multiple steps to help
-** ensure that it does not happen by accident.
+** process requires the use of this obscure API and multiple steps to
+** help ensure that it does not happen by accident. Because this
+** feature must be capable of resetting corrupt databases, and
+** shutting down virtual tables may require access to that corrupt
+** storage, the library must abandon any installed virtual tables
+** without calling their xDestroy() methods.
 **
 ** [[SQLITE_DBCONFIG_DEFENSIVE]] 
      SQLITE_DBCONFIG_DEFENSIVE
      
 ** 
      The SQLITE_DBCONFIG_DEFENSIVE option activates or deactivates the
@@ -2310,6 +2371,7 @@ struct sqlite3_mem_methods {
 ** 
        
 ** 
      •  The [PRAGMA writable_schema=ON] statement.
 ** 
      •  The [PRAGMA journal_mode=OFF] statement.
+** 
      •  The [PRAGMA schema_version=N] statement.
 ** 
      •  Writes to the [sqlite_dbpage] virtual table.
 ** 
      •  Direct writes to [shadow tables].
 ** 
      
@@ -2337,7 +2399,7 @@ struct sqlite3_mem_methods {
 ** 
      
 **
 ** [[SQLITE_DBCONFIG_DQS_DML]]
-** 
      SQLITE_DBCONFIG_DQS_DML
+** 
      SQLITE_DBCONFIG_DQS_DML
      
 ** 
      The SQLITE_DBCONFIG_DQS_DML option activates or deactivates
 ** the legacy [double-quoted string literal] misfeature for DML statements
 ** only, that is DELETE, INSERT, SELECT, and UPDATE statements. The
@@ -2346,7 +2408,7 @@ struct sqlite3_mem_methods {
 ** 
      
 **
 ** [[SQLITE_DBCONFIG_DQS_DDL]]
-** 
      SQLITE_DBCONFIG_DQS_DDL
+** 
      SQLITE_DBCONFIG_DQS_DDL
      
 ** 
      The SQLITE_DBCONFIG_DQS option activates or deactivates
 ** the legacy [double-quoted string literal] misfeature for DDL statements,
 ** such as CREATE TABLE and CREATE INDEX. The
@@ -2355,7 +2417,7 @@ struct sqlite3_mem_methods {
 ** 
      
 **
 ** [[SQLITE_DBCONFIG_TRUSTED_SCHEMA]]
-** 
      SQLITE_DBCONFIG_TRUSTED_SCHEMA
+** 
      SQLITE_DBCONFIG_TRUSTED_SCHEMA
      
 ** 
      The SQLITE_DBCONFIG_TRUSTED_SCHEMA option tells SQLite to
 ** assume that database schemas are untainted by malicious content.
 ** When the SQLITE_DBCONFIG_TRUSTED_SCHEMA option is disabled, SQLite
@@ -2375,7 +2437,7 @@ struct sqlite3_mem_methods {
 ** 
      
 **
 ** [[SQLITE_DBCONFIG_LEGACY_FILE_FORMAT]]
-** 
      SQLITE_DBCONFIG_LEGACY_FILE_FORMAT
+** 
      SQLITE_DBCONFIG_LEGACY_FILE_FORMAT
      
 ** 
      The SQLITE_DBCONFIG_LEGACY_FILE_FORMAT option activates or deactivates
 ** the legacy file format flag.  When activated, this flag causes all newly
 ** created database file to have a schema format version number (the 4-byte
@@ -2384,7 +2446,7 @@ struct sqlite3_mem_methods {
 ** any SQLite version back to 3.0.0 ([dateof:3.0.0]).  Without this setting,
 ** newly created databases are generally not understandable by SQLite versions
 ** prior to 3.3.0 ([dateof:3.3.0]).  As these words are written, there
-** is now scarcely any need to generated database files that are compatible
+** is now scarcely any need to generate database files that are compatible
 ** all the way back to version 3.0.0, and so this setting is of little
 ** practical use, but is provided so that SQLite can continue to claim the
 ** ability to generate new database files that are compatible with  version
@@ -2395,6 +2457,38 @@ struct sqlite3_mem_methods {
 ** not considered a bug since SQLite versions 3.3.0 and earlier do not support
 ** either generated columns or decending indexes.
 ** 
      
+**
+** [[SQLITE_DBCONFIG_STMT_SCANSTATUS]]
+** 
      SQLITE_DBCONFIG_STMT_SCANSTATUS
      
+** 
      The SQLITE_DBCONFIG_STMT_SCANSTATUS option is only useful in
+** SQLITE_ENABLE_STMT_SCANSTATUS builds. In this case, it sets or clears
+** a flag that enables collection of the sqlite3_stmt_scanstatus_v2()
+** statistics. For statistics to be collected, the flag must be set on
+** the database handle both when the SQL statement is prepared and when it
+** is stepped. The flag is set (collection of statistics is enabled)
+** by default.  This option takes two arguments: an integer and a pointer to
+** an integer..  The first argument is 1, 0, or -1 to enable, disable, or
+** leave unchanged the statement scanstatus option.  If the second argument
+** is not NULL, then the value of the statement scanstatus setting after
+** processing the first argument is written into the integer that the second
+** argument points to.
+** 
      
+**
+** [[SQLITE_DBCONFIG_REVERSE_SCANORDER]]
+** 
      SQLITE_DBCONFIG_REVERSE_SCANORDER
      
+** 
      The SQLITE_DBCONFIG_REVERSE_SCANORDER option changes the default order
+** in which tables and indexes are scanned so that the scans start at the end
+** and work toward the beginning rather than starting at the beginning and
+** working toward the end. Setting SQLITE_DBCONFIG_REVERSE_SCANORDER is the
+** same as setting [PRAGMA reverse_unordered_selects].  This option takes
+** two arguments which are an integer and a pointer to an integer.  The first
+** argument is 1, 0, or -1 to enable, disable, or leave unchanged the
+** reverse scan order flag, respectively.  If the second argument is not NULL,
+** then 0 or 1 is written into the integer that the second argument points to
+** depending on if the reverse scan order flag is set after processing the
+** first argument.
+** 
      
+**
 ** 
 */
 #define SQLITE_DBCONFIG_MAINDBNAME            1000 /* const char* */
@@ -2415,7 +2509,9 @@ struct sqlite3_mem_methods {
 #define SQLITE_DBCONFIG_ENABLE_VIEW           1015 /* int int* */
 #define SQLITE_DBCONFIG_LEGACY_FILE_FORMAT    1016 /* int int* */
 #define SQLITE_DBCONFIG_TRUSTED_SCHEMA        1017 /* int int* */
-#define SQLITE_DBCONFIG_MAX                   1017 /* Largest DBCONFIG */
+#define SQLITE_DBCONFIG_STMT_SCANSTATUS       1018 /* int int* */
+#define SQLITE_DBCONFIG_REVERSE_SCANORDER     1019 /* int int* */
+#define SQLITE_DBCONFIG_MAX                   1019 /* Largest DBCONFIG */
 
 /*
 ** CAPI3REF: Enable Or Disable Extended Result Codes
@@ -2637,8 +2733,12 @@ SQLITE_API sqlite3_int64 sqlite3_total_changes64(sqlite3*);
 ** ^A call to sqlite3_interrupt(D) that occurs when there are no running
 ** SQL statements is a no-op and has no effect on SQL statements
 ** that are started after the sqlite3_interrupt() call returns.
+**
+** ^The [sqlite3_is_interrupted(D)] interface can be used to determine whether
+** or not an interrupt is currently in effect for [database connection] D.
 */
 SQLITE_API void sqlite3_interrupt(sqlite3*);
+SQLITE_API int sqlite3_is_interrupted(sqlite3*);
 
 /*
 ** CAPI3REF: Determine If An SQL Statement Is Complete
@@ -3256,8 +3356,8 @@ SQLITE_API SQLITE_DEPRECATED void *sqlite3_profile(sqlite3*,
 ** 
      ^An SQLITE_TRACE_PROFILE callback provides approximately the same
 ** information as is provided by the [sqlite3_profile()] callback.
 ** ^The P argument is a pointer to the [prepared statement] and the
-** X argument points to a 64-bit integer which is the estimated of
-** the number of nanosecond that the prepared statement took to run.
+** X argument points to a 64-bit integer which is approximately
+** the number of nanoseconds that the prepared statement took to run.
 ** ^The SQLITE_TRACE_PROFILE callback is invoked when the statement finishes.
 **
 ** [[SQLITE_TRACE_ROW]] 
      SQLITE_TRACE_ROW
      
@@ -3320,7 +3420,7 @@ SQLITE_API int sqlite3_trace_v2(
 **
 ** ^The sqlite3_progress_handler(D,N,X,P) interface causes the callback
 ** function X to be invoked periodically during long running calls to
-** [sqlite3_exec()], [sqlite3_step()] and [sqlite3_get_table()] for
+** [sqlite3_step()] and [sqlite3_prepare()] and similar for
 ** database connection D.  An example use for this
 ** interface is to keep a GUI updated during a large query.
 **
@@ -3345,6 +3445,13 @@ SQLITE_API int sqlite3_trace_v2(
 ** Note that [sqlite3_prepare_v2()] and [sqlite3_step()] both modify their
 ** database connections for the meaning of "modify" in this paragraph.
 **
+** The progress handler callback would originally only be invoked from the
+** bytecode engine.  It still might be invoked during [sqlite3_prepare()]
+** and similar because those routines might force a reparse of the schema
+** which involves running the bytecode engine.  However, beginning with
+** SQLite version 3.41.0, the progress handler callback might also be
+** invoked directly from [sqlite3_prepare()] while analyzing and generating
+** code for complex queries.
 */
 SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*);
 
@@ -3381,13 +3488,18 @@ SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*);
 **
 ** 
      
 ** ^(
      [SQLITE_OPEN_READONLY]
      
-** 
      The database is opened in read-only mode.  If the database does not
-** already exist, an error is returned.
      )^
+** 
      The database is opened in read-only mode.  If the database does
+** not already exist, an error is returned.
      )^
 **
 ** ^(
      [SQLITE_OPEN_READWRITE]
      
-** 
      The database is opened for reading and writing if possible, or reading
-** only if the file is write protected by the operating system.  In either
-** case the database must already exist, otherwise an error is returned.
      )^
+** 
      The database is opened for reading and writing if possible, or
+** reading only if the file is write protected by the operating
+** system.  In either case the database must already exist, otherwise
+** an error is returned.  For historical reasons, if opening in
+** read-write mode fails due to OS-level permissions, an attempt is
+** made to open it in read-only mode. [sqlite3_db_readonly()] can be
+** used to determine whether the database is actually
+** read-write.
      )^
 **
 ** ^(
      [SQLITE_OPEN_READWRITE] | [SQLITE_OPEN_CREATE]
      
 ** 
      The database is opened for reading and writing, and is created if
@@ -3425,6 +3537,9 @@ SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*);
 ** 
      The database is opened [shared cache] enabled, overriding
 ** the default shared cache setting provided by
 ** [sqlite3_enable_shared_cache()].)^
+** The [use of shared cache mode is discouraged] and hence shared cache
+** capabilities may be omitted from many builds of SQLite.  In such cases,
+** this option is a no-op.
 **
 ** ^(
      [SQLITE_OPEN_PRIVATECACHE]
      
 ** 
      The database is opened [shared cache] disabled, overriding
@@ -3440,7 +3555,7 @@ SQLITE_API void sqlite3_progress_handler(sqlite3*, int, int(*)(void*), void*);
 ** to return an extended result code.
      
 **
 ** [[OPEN_NOFOLLOW]] ^(
      [SQLITE_OPEN_NOFOLLOW]
      
-** 
      The database filename is not allowed to be a symbolic link
      
+** 
      The database filename is not allowed to contain a symbolic link
      
 ** 
      )^
 **
 ** If the 3rd parameter to sqlite3_open_v2() is not one of the
@@ -3699,10 +3814,10 @@ SQLITE_API int sqlite3_open_v2(
 **
 ** See the [URI filename] documentation for additional information.
 */
-SQLITE_API const char *sqlite3_uri_parameter(const char *zFilename, const char *zParam);
-SQLITE_API int sqlite3_uri_boolean(const char *zFile, const char *zParam, int bDefault);
-SQLITE_API sqlite3_int64 sqlite3_uri_int64(const char*, const char*, sqlite3_int64);
-SQLITE_API const char *sqlite3_uri_key(const char *zFilename, int N);
+SQLITE_API const char *sqlite3_uri_parameter(sqlite3_filename z, const char *zParam);
+SQLITE_API int sqlite3_uri_boolean(sqlite3_filename z, const char *zParam, int bDefault);
+SQLITE_API sqlite3_int64 sqlite3_uri_int64(sqlite3_filename, const char*, sqlite3_int64);
+SQLITE_API const char *sqlite3_uri_key(sqlite3_filename z, int N);
 
 /*
 ** CAPI3REF:  Translate filenames
@@ -3731,9 +3846,9 @@ SQLITE_API const char *sqlite3_uri_key(const char *zFilename, int N);
 ** return value from [sqlite3_db_filename()], then the result is
 ** undefined and is likely a memory access violation.
 */
-SQLITE_API const char *sqlite3_filename_database(const char*);
-SQLITE_API const char *sqlite3_filename_journal(const char*);
-SQLITE_API const char *sqlite3_filename_wal(const char*);
+SQLITE_API const char *sqlite3_filename_database(sqlite3_filename);
+SQLITE_API const char *sqlite3_filename_journal(sqlite3_filename);
+SQLITE_API const char *sqlite3_filename_wal(sqlite3_filename);
 
 /*
 ** CAPI3REF:  Database File Corresponding To A Journal
@@ -3799,14 +3914,14 @@ SQLITE_API sqlite3_file *sqlite3_database_file_object(const char*);
 ** then the corresponding [sqlite3_module.xClose() method should also be
 ** invoked prior to calling sqlite3_free_filename(Y).
 */
-SQLITE_API char *sqlite3_create_filename(
+SQLITE_API sqlite3_filename sqlite3_create_filename(
   const char *zDatabase,
   const char *zJournal,
   const char *zWal,
   int nParam,
   const char **azParam
 );
-SQLITE_API void sqlite3_free_filename(char*);
+SQLITE_API void sqlite3_free_filename(sqlite3_filename);
 
 /*
 ** CAPI3REF: Error Codes And Messages
@@ -5365,10 +5480,21 @@ SQLITE_API int sqlite3_create_window_function(
 ** from top-level SQL, and cannot be used in VIEWs or TRIGGERs nor in
 ** schema structures such as [CHECK constraints], [DEFAULT clauses],
 ** [expression indexes], [partial indexes], or [generated columns].
-** The SQLITE_DIRECTONLY flags is a security feature which is recommended
-** for all [application-defined SQL functions], and especially for functions
-** that have side-effects or that could potentially leak sensitive
-** information.
+** 
      
+** The SQLITE_DIRECTONLY flag is recommended for any
+** [application-defined SQL function]
+** that has side-effects or that could potentially leak sensitive information.
+** This will prevent attacks in which an application is tricked
+** into using a database file that has had its schema surreptiously
+** modified to invoke the application-defined function in ways that are
+** harmful.
+** 
      
+** Some people say it is good practice to set SQLITE_DIRECTONLY on all
+** [application-defined SQL functions], regardless of whether or not they
+** are security sensitive, as doing so prevents those functions from being used
+** inside of the database schema, and thus ensures that the database
+** can be inspected and modified using generic tools (such as the [CLI])
+** that do not have access to the application-defined functions.
 ** 
 **
 ** [[SQLITE_INNOCUOUS]] 
      SQLITE_INNOCUOUS
      
@@ -5574,6 +5700,28 @@ SQLITE_API int sqlite3_value_numeric_type(sqlite3_value*);
 SQLITE_API int sqlite3_value_nochange(sqlite3_value*);
 SQLITE_API int sqlite3_value_frombind(sqlite3_value*);
 
+/*
+** CAPI3REF: Report the internal text encoding state of an sqlite3_value object
+** METHOD: sqlite3_value
+**
+** ^(The sqlite3_value_encoding(X) interface returns one of [SQLITE_UTF8],
+** [SQLITE_UTF16BE], or [SQLITE_UTF16LE] according to the current text encoding
+** of the value X, assuming that X has type TEXT.)^  If sqlite3_value_type(X)
+** returns something other than SQLITE_TEXT, then the return value from
+** sqlite3_value_encoding(X) is meaningless.  ^Calls to
+** [sqlite3_value_text(X)], [sqlite3_value_text16(X)], [sqlite3_value_text16be(X)],
+** [sqlite3_value_text16le(X)], [sqlite3_value_bytes(X)], or
+** [sqlite3_value_bytes16(X)] might change the encoding of the value X and
+** thus change the return from subsequent calls to sqlite3_value_encoding(X).
+**
+** This routine is intended for used by applications that test and validate
+** the SQLite implementation.  This routine is inquiring about the opaque
+** internal state of an [sqlite3_value] object.  Ordinary applications should
+** not need to know what the internal state of an sqlite3_value object is and
+** hence should not need to use this interface.
+*/
+SQLITE_API int sqlite3_value_encoding(sqlite3_value*);
+
 /*
 ** CAPI3REF: Finding The Subtype Of SQL Values
 ** METHOD: sqlite3_value
@@ -5626,7 +5774,7 @@ SQLITE_API void sqlite3_value_free(sqlite3_value*);
 **
 ** ^The sqlite3_aggregate_context(C,N) routine returns a NULL pointer
 ** when first called if N is less than or equal to zero or if a memory
-** allocate error occurs.
+** allocation error occurs.
 **
 ** ^(The amount of space allocated by sqlite3_aggregate_context(C,N) is
 ** determined by the N parameter on first successful call.  Changing the
@@ -5831,9 +5979,10 @@ typedef void (*sqlite3_destructor_type)(void*);
 ** of [SQLITE_UTF8], [SQLITE_UTF16], [SQLITE_UTF16BE], or [SQLITE_UTF16LE].
 ** ^SQLite takes the text result from the application from
 ** the 2nd parameter of the sqlite3_result_text* interfaces.
-** ^If the 3rd parameter to the sqlite3_result_text* interfaces
-** is negative, then SQLite takes result text from the 2nd parameter
-** through the first zero character.
+** ^If the 3rd parameter to any of the sqlite3_result_text* interfaces
+** other than sqlite3_result_text64() is negative, then SQLite computes
+** the string length itself by searching the 2nd parameter for the first
+** zero character.
 ** ^If the 3rd parameter to the sqlite3_result_text* interfaces
 ** is non-negative, then as many bytes (not characters) of the text
 ** pointed to by the 2nd parameter are taken as the application-defined
@@ -6107,6 +6256,13 @@ SQLITE_API void sqlite3_activate_cerod(
 ** of the default VFS is not implemented correctly, or not implemented at
 ** all, then the behavior of sqlite3_sleep() may deviate from the description
 ** in the previous paragraphs.
+**
+** If a negative argument is passed to sqlite3_sleep() the results vary by
+** VFS and operating system.  Some system treat a negative argument as an
+** instruction to sleep forever.  Others understand it to mean do not sleep
+** at all. ^In SQLite version 3.42.0 and later, a negative
+** argument passed into sqlite3_sleep() is changed to zero before it is relayed
+** down into the xSleep method of the VFS.
 */
 SQLITE_API int sqlite3_sleep(int);
 
@@ -6329,7 +6485,7 @@ SQLITE_API const char *sqlite3_db_name(sqlite3 *db, int N);
 ** 
    11.  [sqlite3_filename_wal()]
 ** 
 */
-SQLITE_API const char *sqlite3_db_filename(sqlite3 *db, const char *zDbName);
+SQLITE_API sqlite3_filename sqlite3_db_filename(sqlite3 *db, const char *zDbName);
 
 /*
 ** CAPI3REF: Determine if a database is read-only
@@ -6466,7 +6622,7 @@ SQLITE_API void *sqlite3_rollback_hook(sqlite3*, void(*)(void *), void*);
 ** function C that is invoked prior to each autovacuum of the database
 ** file.  ^The callback is passed a copy of the generic data pointer (P),
 ** the schema-name of the attached database that is being autovacuumed,
-** the the size of the database file in pages, the number of free pages,
+** the size of the database file in pages, the number of free pages,
 ** and the number of bytes per page, respectively.  The callback should
 ** return the number of free pages that should be removed by the
 ** autovacuum.  ^If the callback returns zero, then no autovacuum happens.
@@ -6587,6 +6743,11 @@ SQLITE_API void *sqlite3_update_hook(
 ** to the same database. Sharing is enabled if the argument is true
 ** and disabled if the argument is false.)^
 **
+** This interface is omitted if SQLite is compiled with
+** [-DSQLITE_OMIT_SHARED_CACHE].  The [-DSQLITE_OMIT_SHARED_CACHE]
+** compile-time option is recommended because the
+** [use of shared cache mode is discouraged].
+**
 ** ^Cache sharing is enabled and disabled for an entire process.
 ** This is a change as of SQLite [version 3.5.0] ([dateof:3.5.0]).
 ** In prior versions of SQLite,
@@ -6685,7 +6846,7 @@ SQLITE_API int sqlite3_db_release_memory(sqlite3*);
 ** ^The soft heap limit may not be greater than the hard heap limit.
 ** ^If the hard heap limit is enabled and if sqlite3_soft_heap_limit(N)
 ** is invoked with a value of N that is greater than the hard heap limit,
-** the the soft heap limit is set to the value of the hard heap limit.
+** the soft heap limit is set to the value of the hard heap limit.
 ** ^The soft heap limit is automatically enabled whenever the hard heap
 ** limit is enabled. ^When sqlite3_hard_heap_limit64(N) is invoked and
 ** the soft heap limit is outside the range of 1..N, then the soft heap
@@ -6946,15 +7107,6 @@ SQLITE_API int sqlite3_cancel_auto_extension(void(*xEntryPoint)(void));
 */
 SQLITE_API void sqlite3_reset_auto_extension(void);
 
-/*
-** The interface to the virtual-table mechanism is currently considered
-** to be experimental.  The interface might change in incompatible ways.
-** If this is a problem for you, do not use the interface at this time.
-**
-** When the virtual-table mechanism stabilizes, we will declare the
-** interface fixed, support it indefinitely, and remove this comment.
-*/
-
 /*
 ** Structures used by the virtual table interface
 */
@@ -7073,10 +7225,10 @@ struct sqlite3_module {
 ** when the omit flag is true there is no guarantee that the constraint will
 ** not be checked again using byte code.)^
 **
-** ^The idxNum and idxPtr values are recorded and passed into the
+** ^The idxNum and idxStr values are recorded and passed into the
 ** [xFilter] method.
-** ^[sqlite3_free()] is used to free idxPtr if and only if
-** needToFreeIdxPtr is true.
+** ^[sqlite3_free()] is used to free idxStr if and only if
+** needToFreeIdxStr is true.
 **
 ** ^The orderByConsumed means that output from [xFilter]/[xNext] will occur in
 ** the correct order to satisfy the ORDER BY clause so that no separate
@@ -7196,7 +7348,7 @@ struct sqlite3_index_info {
 ** the [sqlite3_vtab_collation()] interface.  For most real-world virtual
 ** tables, the collating sequence of constraints does not matter (for example
 ** because the constraints are numeric) and so the sqlite3_vtab_collation()
-** interface is no commonly needed.
+** interface is not commonly needed.
 */
 #define SQLITE_INDEX_CONSTRAINT_EQ          2
 #define SQLITE_INDEX_CONSTRAINT_GT          4
@@ -7355,16 +7507,6 @@ SQLITE_API int sqlite3_declare_vtab(sqlite3*, const char *zSQL);
 */
 SQLITE_API int sqlite3_overload_function(sqlite3*, const char *zFuncName, int nArg);
 
-/*
-** The interface to the virtual-table mechanism defined above (back up
-** to a comment remarkably similar to this one) is currently considered
-** to be experimental.  The interface might change in incompatible ways.
-** If this is a problem for you, do not use the interface at this time.
-**
-** When the virtual-table mechanism stabilizes, we will declare the
-** interface fixed, support it indefinitely, and remove this comment.
-*/
-
 /*
 ** CAPI3REF: A Handle To An Open BLOB
 ** KEYWORDS: {BLOB handle} {BLOB handles}
@@ -7748,9 +7890,9 @@ SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*);
 ** is undefined if the mutex is not currently entered by the
 ** calling thread or is not currently allocated.
 **
-** ^If the argument to sqlite3_mutex_enter(), sqlite3_mutex_try(), or
-** sqlite3_mutex_leave() is a NULL pointer, then all three routines
-** behave as no-ops.
+** ^If the argument to sqlite3_mutex_enter(), sqlite3_mutex_try(),
+** sqlite3_mutex_leave(), or sqlite3_mutex_free() is a NULL pointer,
+** then any of the four routines behaves as a no-op.
 **
 ** See also: [sqlite3_mutex_held()] and [sqlite3_mutex_notheld()].
 */
@@ -8980,7 +9122,7 @@ typedef struct sqlite3_backup sqlite3_backup;
 ** if the application incorrectly accesses the destination [database connection]
 ** and so no error code is reported, but the operations may malfunction
 ** nevertheless.  Use of the destination database connection while a
-** backup is in progress might also also cause a mutex deadlock.
+** backup is in progress might also cause a mutex deadlock.
 **
 ** If running in [shared cache mode], the application must
 ** guarantee that the shared cache used by the destination database
@@ -9408,7 +9550,7 @@ SQLITE_API int sqlite3_wal_checkpoint_v2(
 */
 #define SQLITE_CHECKPOINT_PASSIVE  0  /* Do as much as possible w/o blocking */
 #define SQLITE_CHECKPOINT_FULL     1  /* Wait for writers, then checkpoint */
-#define SQLITE_CHECKPOINT_RESTART  2  /* Like FULL but wait for for readers */
+#define SQLITE_CHECKPOINT_RESTART  2  /* Like FULL but wait for readers */
 #define SQLITE_CHECKPOINT_TRUNCATE 3  /* Like RESTART but also truncate WAL */
 
 /*
@@ -9484,18 +9626,28 @@ SQLITE_API int sqlite3_vtab_config(sqlite3*, int op, ...);
 ** [[SQLITE_VTAB_INNOCUOUS]]
      SQLITE_VTAB_INNOCUOUS
      
 ** 
      Calls of the form
 ** [sqlite3_vtab_config](db,SQLITE_VTAB_INNOCUOUS) from within the
-** the [xConnect] or [xCreate] methods of a [virtual table] implmentation
+** the [xConnect] or [xCreate] methods of a [virtual table] implementation
 ** identify that virtual table as being safe to use from within triggers
 ** and views.  Conceptually, the SQLITE_VTAB_INNOCUOUS tag means that the
 ** virtual table can do no serious harm even if it is controlled by a
 ** malicious hacker.  Developers should avoid setting the SQLITE_VTAB_INNOCUOUS
 ** flag unless absolutely necessary.
 ** 
      
+**
+** [[SQLITE_VTAB_USES_ALL_SCHEMAS]]
      SQLITE_VTAB_USES_ALL_SCHEMAS
      
+** 
      Calls of the form
+** [sqlite3_vtab_config](db,SQLITE_VTAB_USES_ALL_SCHEMA) from within the
+** the [xConnect] or [xCreate] methods of a [virtual table] implementation
+** instruct the query planner to begin at least a read transaction on
+** all schemas ("main", "temp", and any ATTACH-ed databases) whenever the
+** virtual table is used.
+** 
      
 ** 
 */
 #define SQLITE_VTAB_CONSTRAINT_SUPPORT 1
 #define SQLITE_VTAB_INNOCUOUS          2
 #define SQLITE_VTAB_DIRECTONLY         3
+#define SQLITE_VTAB_USES_ALL_SCHEMAS   4
 
 /*
 ** CAPI3REF: Determine The Virtual Table Conflict Policy
@@ -9568,7 +9720,7 @@ SQLITE_API int sqlite3_vtab_nochange(sqlite3_context*);
 ** 
    12.  Otherwise, "BINARY" is returned.
 ** 
 */
-SQLITE_API SQLITE_EXPERIMENTAL const char *sqlite3_vtab_collation(sqlite3_index_info*,int);
+SQLITE_API const char *sqlite3_vtab_collation(sqlite3_index_info*,int);
 
 /*
 ** CAPI3REF: Determine if a virtual table query is DISTINCT
@@ -9725,21 +9877,20 @@ SQLITE_API int sqlite3_vtab_in(sqlite3_index_info*, int iCons, int bHandle);
 ** is undefined and probably harmful.
 **
 ** The X parameter in a call to sqlite3_vtab_in_first(X,P) or
-** sqlite3_vtab_in_next(X,P) must be one of the parameters to the
+** sqlite3_vtab_in_next(X,P) should be one of the parameters to the
 ** xFilter method which invokes these routines, and specifically
 ** a parameter that was previously selected for all-at-once IN constraint
 ** processing use the [sqlite3_vtab_in()] interface in the
 ** [xBestIndex|xBestIndex method].  ^(If the X parameter is not
 ** an xFilter argument that was selected for all-at-once IN constraint
-** processing, then these routines return [SQLITE_MISUSE])^ or perhaps
-** exhibit some other undefined or harmful behavior.
+** processing, then these routines return [SQLITE_ERROR].)^
 **
 ** ^(Use these routines to access all values on the right-hand side
 ** of the IN constraint using code like the following:
 **
 ** 
       **    for(rc=sqlite3_vtab_in_first(pList, &pVal);
-**        rc==SQLITE_OK && pVal
+**        rc==SQLITE_OK && pVal;
 **        rc=sqlite3_vtab_in_next(pList, &pVal)
 **    ){
 **      // do something with pVal
@@ -9837,6 +9988,10 @@ SQLITE_API int sqlite3_vtab_rhs_value(sqlite3_index_info*, int, sqlite3_value **
 ** managed by the prepared statement S and will be automatically freed when
 ** S is finalized.
 **
+** Not all values are available for all query elements. When a value is
+** not available, the output variable is set to -1 if the value is numeric,
+** or to NULL if it is a string (SQLITE_SCANSTAT_NAME).
+**
 ** 
      
 ** [[SQLITE_SCANSTAT_NLOOP]] 
      SQLITE_SCANSTAT_NLOOP
      
 ** 
      ^The [sqlite3_int64] variable pointed to by the V parameter will be
@@ -9864,12 +10019,24 @@ SQLITE_API int sqlite3_vtab_rhs_value(sqlite3_index_info*, int, sqlite3_value **
 ** to a zero-terminated UTF-8 string containing the [EXPLAIN QUERY PLAN]
 ** description for the X-th loop.
 **
-** [[SQLITE_SCANSTAT_SELECTID]] 
      SQLITE_SCANSTAT_SELECT
      
+** [[SQLITE_SCANSTAT_SELECTID]] 
      SQLITE_SCANSTAT_SELECTID
      
 ** 
      ^The "int" variable pointed to by the V parameter will be set to the
-** "select-id" for the X-th loop.  The select-id identifies which query or
-** subquery the loop is part of.  The main query has a select-id of zero.
-** The select-id is the same value as is output in the first column
-** of an [EXPLAIN QUERY PLAN] query.
+** id for the X-th query plan element. The id value is unique within the
+** statement. The select-id is the same value as is output in the first
+** column of an [EXPLAIN QUERY PLAN] query.
+**
+** [[SQLITE_SCANSTAT_PARENTID]] 
      SQLITE_SCANSTAT_PARENTID
      
+** 
      The "int" variable pointed to by the V parameter will be set to the
+** the id of the parent of the current query element, if applicable, or
+** to zero if the query element has no parent. This is the same value as
+** returned in the second column of an [EXPLAIN QUERY PLAN] query.
+**
+** [[SQLITE_SCANSTAT_NCYCLE]] 
      SQLITE_SCANSTAT_NCYCLE
      
+** 
      The sqlite3_int64 output value is set to the number of cycles,
+** according to the processor time-stamp counter, that elapsed while the
+** query element was being processed. This value is not available for
+** all query elements - if it is unavailable the output variable is
+** set to -1.
 ** 
      
 */
 #define SQLITE_SCANSTAT_NLOOP    0
@@ -9878,12 +10045,14 @@ SQLITE_API int sqlite3_vtab_rhs_value(sqlite3_index_info*, int, sqlite3_value **
 #define SQLITE_SCANSTAT_NAME     3
 #define SQLITE_SCANSTAT_EXPLAIN  4
 #define SQLITE_SCANSTAT_SELECTID 5
+#define SQLITE_SCANSTAT_PARENTID 6
+#define SQLITE_SCANSTAT_NCYCLE   7
 
 /*
 ** CAPI3REF: Prepared Statement Scan Status
 ** METHOD: sqlite3_stmt
 **
-** This interface returns information about the predicted and measured
+** These interfaces return information about the predicted and measured
 ** performance for pStmt.  Advanced applications can use this
 ** interface to compare the predicted and the measured performance and
 ** issue warnings and/or rerun [ANALYZE] if discrepancies are found.
@@ -9894,19 +10063,25 @@ SQLITE_API int sqlite3_vtab_rhs_value(sqlite3_index_info*, int, sqlite3_value **
 **
 ** The "iScanStatusOp" parameter determines which status information to return.
 ** The "iScanStatusOp" must be one of the [scanstatus options] or the behavior
-** of this interface is undefined.
-** ^The requested measurement is written into a variable pointed to by
-** the "pOut" parameter.
-** Parameter "idx" identifies the specific loop to retrieve statistics for.
-** Loops are numbered starting from zero. ^If idx is out of range - less than
-** zero or greater than or equal to the total number of loops used to implement
-** the statement - a non-zero value is returned and the variable that pOut
-** points to is unchanged.
-**
-** ^Statistics might not be available for all loops in all statements. ^In cases
-** where there exist loops with no available statistics, this function behaves
-** as if the loop did not exist - it returns non-zero and leave the variable
-** that pOut points to unchanged.
+** of this interface is undefined. ^The requested measurement is written into
+** a variable pointed to by the "pOut" parameter.
+**
+** The "flags" parameter must be passed a mask of flags. At present only
+** one flag is defined - SQLITE_SCANSTAT_COMPLEX. If SQLITE_SCANSTAT_COMPLEX
+** is specified, then status information is available for all elements
+** of a query plan that are reported by "EXPLAIN QUERY PLAN" output. If
+** SQLITE_SCANSTAT_COMPLEX is not specified, then only query plan elements
+** that correspond to query loops (the "SCAN..." and "SEARCH..." elements of
+** the EXPLAIN QUERY PLAN output) are available. Invoking API
+** sqlite3_stmt_scanstatus() is equivalent to calling
+** sqlite3_stmt_scanstatus_v2() with a zeroed flags parameter.
+**
+** Parameter "idx" identifies the specific query element to retrieve statistics
+** for. Query elements are numbered starting from zero. A value of -1 may be
+** to query for statistics regarding the entire query. ^If idx is out of range
+** - less than -1 or greater than or equal to the total number of query
+** elements used to implement the statement - a non-zero value is returned and
+** the variable that pOut points to is unchanged.
 **
 ** See also: [sqlite3_stmt_scanstatus_reset()]
 */
@@ -9916,6 +10091,19 @@ SQLITE_API int sqlite3_stmt_scanstatus(
   int iScanStatusOp,        /* Information desired.  SQLITE_SCANSTAT_* */
   void *pOut                /* Result written here */
 );
+SQLITE_API int sqlite3_stmt_scanstatus_v2(
+  sqlite3_stmt *pStmt,      /* Prepared statement for which info desired */
+  int idx,                  /* Index of loop to report on */
+  int iScanStatusOp,        /* Information desired.  SQLITE_SCANSTAT_* */
+  int flags,                /* Mask of flags defined below */
+  void *pOut                /* Result written here */
+);
+
+/*
+** CAPI3REF: Prepared Statement Scan Status
+** KEYWORDS: {scan status flags}
+*/
+#define SQLITE_SCANSTAT_COMPLEX 0x0001
 
 /*
 ** CAPI3REF: Zero Scan-Status Counters
@@ -10006,6 +10194,10 @@ SQLITE_API int sqlite3_db_cacheflush(sqlite3*);
 ** function is not defined for operations on WITHOUT ROWID tables, or for
 ** DELETE operations on rowid tables.
 **
+** ^The sqlite3_preupdate_hook(D,C,P) function returns the P argument from
+** the previous call on the same [database connection] D, or NULL for
+** the first call on D.
+**
 ** The [sqlite3_preupdate_old()], [sqlite3_preupdate_new()],
 ** [sqlite3_preupdate_count()], and [sqlite3_preupdate_depth()] interfaces
 ** provide additional information about a preupdate event. These routines
@@ -10411,6 +10603,19 @@ SQLITE_API int sqlite3_deserialize(
 # undef double
 #endif
 
+#if defined(__wasi__)
+# undef SQLITE_WASI
+# define SQLITE_WASI 1
+# undef SQLITE_OMIT_WAL
+# define SQLITE_OMIT_WAL 1/* because it requires shared memory APIs */
+# ifndef SQLITE_OMIT_LOAD_EXTENSION
+#  define SQLITE_OMIT_LOAD_EXTENSION
+# endif
+# ifndef SQLITE_THREADSAFE
+#  define SQLITE_THREADSAFE 0
+# endif
+#endif
+
 #ifdef __cplusplus
 }  /* End of the 'extern "C"' block */
 #endif
@@ -10617,16 +10822,20 @@ SQLITE_API int sqlite3session_create(
 SQLITE_API void sqlite3session_delete(sqlite3_session *pSession);
 
 /*
-** CAPIREF: Conigure a Session Object
+** CAPI3REF: Configure a Session Object
 ** METHOD: sqlite3_session
 **
 ** This method is used to configure a session object after it has been
-** created. At present the only valid value for the second parameter is
-** [SQLITE_SESSION_OBJCONFIG_SIZE].
+** created. At present the only valid values for the second parameter are
+** [SQLITE_SESSION_OBJCONFIG_SIZE] and [SQLITE_SESSION_OBJCONFIG_ROWID].
 **
-** Arguments for sqlite3session_object_config()
+*/
+SQLITE_API int sqlite3session_object_config(sqlite3_session*, int op, void *pArg);
+
+/*
+** CAPI3REF: Options for sqlite3session_object_config
 **
-** The following values may passed as the the 4th parameter to
+** The following values may passed as the the 2nd parameter to
 ** sqlite3session_object_config().
 **
 ** 
      SQLITE_SESSION_OBJCONFIG_SIZE 
      
@@ -10642,12 +10851,21 @@ SQLITE_API void sqlite3session_delete(sqlite3_session *pSession);
 **
 **   It is an error (SQLITE_MISUSE) to attempt to modify this setting after
 **   the first table has been attached to the session object.
+**
+** 
      SQLITE_SESSION_OBJCONFIG_ROWID 
      
+**   This option is used to set, clear or query the flag that enables
+**   collection of data for tables with no explicit PRIMARY KEY.
+**
+**   Normally, tables with no explicit PRIMARY KEY are simply ignored
+**   by the sessions module. However, if this flag is set, it behaves
+**   as if such tables have a column "_rowid_ INTEGER PRIMARY KEY" inserted
+**   as their leftmost columns.
+**
+**   It is an error (SQLITE_MISUSE) to attempt to modify this setting after
+**   the first table has been attached to the session object.
 */
-SQLITE_API int sqlite3session_object_config(sqlite3_session*, int op, void *pArg);
-
-/*
-*/
-#define SQLITE_SESSION_OBJCONFIG_SIZE 1
+#define SQLITE_SESSION_OBJCONFIG_SIZE  1
+#define SQLITE_SESSION_OBJCONFIG_ROWID 2
 
 /*
 ** CAPI3REF: Enable Or Disable A Session Object
@@ -11780,9 +11998,23 @@ SQLITE_API int sqlite3changeset_apply_v2(
 **   Invert the changeset before applying it. This is equivalent to inverting
 **   a changeset using sqlite3changeset_invert() before applying it. It is
 **   an error to specify this flag with a patchset.
+**
+** 
      SQLITE_CHANGESETAPPLY_IGNORENOOP 
      
+**   Do not invoke the conflict handler callback for any changes that
+**   would not actually modify the database even if they were applied.
+**   Specifically, this means that the conflict handler is not invoked
+**   for:
+**    
        
+**    
      • a delete change if the row being deleted cannot be found,
+**    
      • an update change if the modified fields are already set to
+**        their new values in the conflicting row, or
+**    
      • an insert change if all fields of the conflicting row match
+**        the row being inserted.
+**    
      
 */
 #define SQLITE_CHANGESETAPPLY_NOSAVEPOINT   0x0001
 #define SQLITE_CHANGESETAPPLY_INVERT        0x0002
+#define SQLITE_CHANGESETAPPLY_IGNORENOOP    0x0004
 
 /*
 ** CAPI3REF: Constants Passed To The Conflict Handler
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
index 9c0f4d891..5e4e2ff57 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
@@ -837,9 +837,9 @@ func lastError(db *C.sqlite3) error {
 
 // Exec implements Execer.
 func (c *SQLiteConn) Exec(query string, args []driver.Value) (driver.Result, error) {
-	list := make([]namedValue, len(args))
+	list := make([]driver.NamedValue, len(args))
 	for i, v := range args {
-		list[i] = namedValue{
+		list[i] = driver.NamedValue{
 			Ordinal: i + 1,
 			Value:   v,
 		}
@@ -847,7 +847,7 @@ func (c *SQLiteConn) Exec(query string, args []driver.Value) (driver.Result, err
 	return c.exec(context.Background(), query, list)
 }
 
-func (c *SQLiteConn) exec(ctx context.Context, query string, args []namedValue) (driver.Result, error) {
+func (c *SQLiteConn) exec(ctx context.Context, query string, args []driver.NamedValue) (driver.Result, error) {
 	start := 0
 	for {
 		s, err := c.prepare(ctx, query)
@@ -856,7 +856,7 @@ func (c *SQLiteConn) exec(ctx context.Context, query string, args []namedValue)
 		}
 		var res driver.Result
 		if s.(*SQLiteStmt).s != nil {
-			stmtArgs := make([]namedValue, 0, len(args))
+			stmtArgs := make([]driver.NamedValue, 0, len(args))
 			na := s.NumInput()
 			if len(args)-start < na {
 				s.Close()
@@ -894,17 +894,11 @@ func (c *SQLiteConn) exec(ctx context.Context, query string, args []namedValue)
 	}
 }
 
-type namedValue struct {
-	Name    string
-	Ordinal int
-	Value   driver.Value
-}
-
 // Query implements Queryer.
 func (c *SQLiteConn) Query(query string, args []driver.Value) (driver.Rows, error) {
-	list := make([]namedValue, len(args))
+	list := make([]driver.NamedValue, len(args))
 	for i, v := range args {
-		list[i] = namedValue{
+		list[i] = driver.NamedValue{
 			Ordinal: i + 1,
 			Value:   v,
 		}
@@ -912,10 +906,10 @@ func (c *SQLiteConn) Query(query string, args []driver.Value) (driver.Rows, erro
 	return c.query(context.Background(), query, list)
 }
 
-func (c *SQLiteConn) query(ctx context.Context, query string, args []namedValue) (driver.Rows, error) {
+func (c *SQLiteConn) query(ctx context.Context, query string, args []driver.NamedValue) (driver.Rows, error) {
 	start := 0
 	for {
-		stmtArgs := make([]namedValue, 0, len(args))
+		stmtArgs := make([]driver.NamedValue, 0, len(args))
 		s, err := c.prepare(ctx, query)
 		if err != nil {
 			return nil, err
@@ -1912,7 +1906,7 @@ func (s *SQLiteStmt) NumInput() int {
 
 var placeHolder = []byte{0}
 
-func (s *SQLiteStmt) bind(args []namedValue) error {
+func (s *SQLiteStmt) bind(args []driver.NamedValue) error {
 	rv := C.sqlite3_reset(s.s)
 	if rv != C.SQLITE_ROW && rv != C.SQLITE_OK && rv != C.SQLITE_DONE {
 		return s.c.lastError()
@@ -1982,9 +1976,9 @@ func (s *SQLiteStmt) bind(args []namedValue) error {
 
 // Query the statement with arguments. Return records.
 func (s *SQLiteStmt) Query(args []driver.Value) (driver.Rows, error) {
-	list := make([]namedValue, len(args))
+	list := make([]driver.NamedValue, len(args))
 	for i, v := range args {
-		list[i] = namedValue{
+		list[i] = driver.NamedValue{
 			Ordinal: i + 1,
 			Value:   v,
 		}
@@ -1992,7 +1986,7 @@ func (s *SQLiteStmt) Query(args []driver.Value) (driver.Rows, error) {
 	return s.query(context.Background(), list)
 }
 
-func (s *SQLiteStmt) query(ctx context.Context, args []namedValue) (driver.Rows, error) {
+func (s *SQLiteStmt) query(ctx context.Context, args []driver.NamedValue) (driver.Rows, error) {
 	if err := s.bind(args); err != nil {
 		return nil, err
 	}
@@ -2022,9 +2016,9 @@ func (r *SQLiteResult) RowsAffected() (int64, error) {
 
 // Exec execute the statement with arguments. Return result object.
 func (s *SQLiteStmt) Exec(args []driver.Value) (driver.Result, error) {
-	list := make([]namedValue, len(args))
+	list := make([]driver.NamedValue, len(args))
 	for i, v := range args {
-		list[i] = namedValue{
+		list[i] = driver.NamedValue{
 			Ordinal: i + 1,
 			Value:   v,
 		}
@@ -2041,7 +2035,7 @@ func isInterruptErr(err error) bool {
 }
 
 // exec executes a query that doesn't return rows. Attempts to honor context timeout.
-func (s *SQLiteStmt) exec(ctx context.Context, args []namedValue) (driver.Result, error) {
+func (s *SQLiteStmt) exec(ctx context.Context, args []driver.NamedValue) (driver.Result, error) {
 	if ctx.Done() == nil {
 		return s.execSync(args)
 	}
@@ -2073,7 +2067,7 @@ func (s *SQLiteStmt) exec(ctx context.Context, args []namedValue) (driver.Result
 	return rv.r, rv.err
 }
 
-func (s *SQLiteStmt) execSync(args []namedValue) (driver.Result, error) {
+func (s *SQLiteStmt) execSync(args []driver.NamedValue) (driver.Result, error) {
 	if err := s.bind(args); err != nil {
 		C.sqlite3_reset(s.s)
 		C.sqlite3_clear_bindings(s.s)
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go
index bd97cb874..514fd7ecb 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go
@@ -25,20 +25,12 @@ func (c *SQLiteConn) Ping(ctx context.Context) error {
 
 // QueryContext implement QueryerContext.
 func (c *SQLiteConn) QueryContext(ctx context.Context, query string, args []driver.NamedValue) (driver.Rows, error) {
-	list := make([]namedValue, len(args))
-	for i, nv := range args {
-		list[i] = namedValue(nv)
-	}
-	return c.query(ctx, query, list)
+	return c.query(ctx, query, args)
 }
 
 // ExecContext implement ExecerContext.
 func (c *SQLiteConn) ExecContext(ctx context.Context, query string, args []driver.NamedValue) (driver.Result, error) {
-	list := make([]namedValue, len(args))
-	for i, nv := range args {
-		list[i] = namedValue(nv)
-	}
-	return c.exec(ctx, query, list)
+	return c.exec(ctx, query, args)
 }
 
 // PrepareContext implement ConnPrepareContext.
@@ -53,18 +45,10 @@ func (c *SQLiteConn) BeginTx(ctx context.Context, opts driver.TxOptions) (driver
 
 // QueryContext implement QueryerContext.
 func (s *SQLiteStmt) QueryContext(ctx context.Context, args []driver.NamedValue) (driver.Rows, error) {
-	list := make([]namedValue, len(args))
-	for i, nv := range args {
-		list[i] = namedValue(nv)
-	}
-	return s.query(ctx, list)
+	return s.query(ctx, args)
 }
 
 // ExecContext implement ExecerContext.
 func (s *SQLiteStmt) ExecContext(ctx context.Context, args []driver.NamedValue) (driver.Result, error) {
-	list := make([]namedValue, len(args))
-	for i, nv := range args {
-		list[i] = namedValue(nv)
-	}
-	return s.exec(ctx, list)
+	return s.exec(ctx, args)
 }
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
index e428fe675..ac609c956 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
@@ -10,8 +10,10 @@ package sqlite3
 /*
 #cgo CFLAGS: -DUSE_LIBSQLITE3
 #cgo linux LDFLAGS: -lsqlite3
-#cgo darwin LDFLAGS: -L/usr/local/opt/sqlite/lib -lsqlite3
-#cgo darwin CFLAGS: -I/usr/local/opt/sqlite/include
+#cgo darwin,amd64 LDFLAGS: -L/usr/local/opt/sqlite/lib -lsqlite3
+#cgo darwin,amd64 CFLAGS:  -I/usr/local/opt/sqlite/include
+#cgo darwin,arm64 LDFLAGS: -L/opt/homebrew/opt/sqlite/lib -lsqlite3
+#cgo darwin,arm64 CFLAGS:  -I/opt/homebrew/opt/sqlite/include
 #cgo openbsd LDFLAGS: -lsqlite3
 #cgo solaris LDFLAGS: -lsqlite3
 #cgo windows LDFLAGS: -lsqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_icu.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_icu.go
index 8257a75bf..f82bdd0d4 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_icu.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_icu.go
@@ -10,8 +10,10 @@ package sqlite3
 /*
 #cgo LDFLAGS: -licuuc -licui18n
 #cgo CFLAGS: -DSQLITE_ENABLE_ICU
-#cgo darwin CFLAGS: -I/usr/local/opt/icu4c/include
-#cgo darwin LDFLAGS: -L/usr/local/opt/icu4c/lib
+#cgo darwin,amd64 CFLAGS:  -I/usr/local/opt/icu4c/include
+#cgo darwin,amd64 LDFLAGS: -L/usr/local/opt/icu4c/lib
+#cgo darwin,arm64 CFLAGS:  -I/opt/homebrew/opt/icu4c/include
+#cgo darwin,arm64 LDFLAGS: -L/opt/homebrew/opt/icu4c/lib
 #cgo openbsd LDFLAGS: -lsqlite3
 */
 import "C"
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize.go
new file mode 100644
index 000000000..2560c43a7
--- /dev/null
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize.go
@@ -0,0 +1,82 @@
+// +build !libsqlite3 sqlite_serialize
+
+package sqlite3
+
+/*
+#ifndef USE_LIBSQLITE3
+#include 
+#else
+#include 
+#endif
+#include 
+#include 
+*/
+import "C"
+
+import (
+	"fmt"
+	"math"
+	"reflect"
+	"unsafe"
+)
+
+// Serialize returns a byte slice that is a serialization of the database.
+//
+// See https://www.sqlite.org/c3ref/serialize.html
+func (c *SQLiteConn) Serialize(schema string) ([]byte, error) {
+	if schema == "" {
+		schema = "main"
+	}
+	var zSchema *C.char
+	zSchema = C.CString(schema)
+	defer C.free(unsafe.Pointer(zSchema))
+
+	var sz C.sqlite3_int64
+	ptr := C.sqlite3_serialize(c.db, zSchema, &sz, 0)
+	if ptr == nil {
+		return nil, fmt.Errorf("serialize failed")
+	}
+	defer C.sqlite3_free(unsafe.Pointer(ptr))
+
+	if sz > C.sqlite3_int64(math.MaxInt) {
+		return nil, fmt.Errorf("serialized database is too large (%d bytes)", sz)
+	}
+
+	cBuf := *(*[]byte)(unsafe.Pointer(&reflect.SliceHeader{
+		Data: uintptr(unsafe.Pointer(ptr)),
+		Len:  int(sz),
+		Cap:  int(sz),
+	}))
+
+	res := make([]byte, int(sz))
+	copy(res, cBuf)
+	return res, nil
+}
+
+// Deserialize causes the connection to disconnect from the current database and
+// then re-open as an in-memory database based on the contents of the byte slice.
+//
+// See https://www.sqlite.org/c3ref/deserialize.html
+func (c *SQLiteConn) Deserialize(b []byte, schema string) error {
+	if schema == "" {
+		schema = "main"
+	}
+	var zSchema *C.char
+	zSchema = C.CString(schema)
+	defer C.free(unsafe.Pointer(zSchema))
+
+	tmpBuf := (*C.uchar)(C.sqlite3_malloc64(C.sqlite3_uint64(len(b))))
+	cBuf := *(*[]byte)(unsafe.Pointer(&reflect.SliceHeader{
+		Data: uintptr(unsafe.Pointer(tmpBuf)),
+		Len:  len(b),
+		Cap:  len(b),
+	}))
+	copy(cBuf, b)
+
+	rc := C.sqlite3_deserialize(c.db, zSchema, tmpBuf, C.sqlite3_int64(len(b)),
+		C.sqlite3_int64(len(b)), C.SQLITE_DESERIALIZE_FREEONCLOSE)
+	if rc != C.SQLITE_OK {
+		return fmt.Errorf("deserialize failed with return %v", rc)
+	}
+	return nil
+}
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize_omit.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize_omit.go
new file mode 100644
index 000000000..b154dd34d
--- /dev/null
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize_omit.go
@@ -0,0 +1,20 @@
+// +build libsqlite3,!sqlite_serialize
+
+package sqlite3
+
+import (
+	"errors"
+)
+
+/*
+#cgo CFLAGS: -DSQLITE_OMIT_DESERIALIZE
+*/
+import "C"
+
+func (c *SQLiteConn) Serialize(schema string) ([]byte, error) {
+	return nil, errors.New("sqlite3: Serialize requires the sqlite_serialize build tag when using the libsqlite3 build tag")
+}
+
+func (c *SQLiteConn) Deserialize(b []byte, schema string) error {
+	return errors.New("sqlite3: Deserialize requires the sqlite_serialize build tag when using the libsqlite3 build tag")
+}
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3ext.h b/vendor/github.com/mattn/go-sqlite3/sqlite3ext.h
index 940f162de..819e2e357 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3ext.h
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3ext.h
@@ -336,9 +336,9 @@ struct sqlite3_api_routines {
   const char *(*filename_journal)(const char*);
   const char *(*filename_wal)(const char*);
   /* Version 3.32.0 and later */
-  char *(*create_filename)(const char*,const char*,const char*,
+  const char *(*create_filename)(const char*,const char*,const char*,
                            int,const char**);
-  void (*free_filename)(char*);
+  void (*free_filename)(const char*);
   sqlite3_file *(*database_file_object)(const char*);
   /* Version 3.34.0 and later */
   int (*txn_state)(sqlite3*,const char*);
@@ -362,6 +362,10 @@ struct sqlite3_api_routines {
   unsigned char *(*serialize)(sqlite3*,const char *,sqlite3_int64*,
                               unsigned int);
   const char *(*db_name)(sqlite3*,int);
+  /* Version 3.40.0 and later */
+  int (*value_encoding)(sqlite3_value*);
+  /* Version 3.41.0 and later */
+  int (*is_interrupted)(sqlite3*);
 };
 
 /*
@@ -686,6 +690,10 @@ typedef int (*sqlite3_loadext_entry)(
 #define sqlite3_serialize              sqlite3_api->serialize
 #endif
 #define sqlite3_db_name                sqlite3_api->db_name
+/* Version 3.40.0 and later */
+#define sqlite3_value_encoding         sqlite3_api->value_encoding
+/* Version 3.41.0 and later */
+#define sqlite3_is_interrupted         sqlite3_api->is_interrupted
 #endif /* !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION) */
 
 #if !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 51820d04b..a78d53fb9 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -74,7 +74,7 @@ github.com/kylelemons/go-gypsy/yaml
 github.com/lib/pq
 github.com/lib/pq/oid
 github.com/lib/pq/scram
-# github.com/mattn/go-sqlite3 v1.14.16
+# github.com/mattn/go-sqlite3 v1.14.17
 ## explicit; go 1.16
 github.com/mattn/go-sqlite3
 # github.com/matttproud/golang_protobuf_extensions v1.0.4

From 682fa4a997571f4a8d73d90ac3663b846626bcbe Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 19 Jun 2023 03:59:28 +0000
Subject: [PATCH 31/73] build(deps): bump golang.org/x/crypto from 0.9.0 to
 0.10.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.9.0 to 0.10.0.
- [Commits](https://github.com/golang/crypto/compare/v0.9.0...v0.10.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |  6 +--
 go.sum                                        | 14 +++---
 vendor/golang.org/x/crypto/ssh/common.go      |  2 +-
 vendor/golang.org/x/crypto/ssh/mac.go         |  4 ++
 vendor/golang.org/x/sys/cpu/endian_little.go  |  4 +-
 vendor/golang.org/x/sys/unix/mkall.sh         |  2 +-
 vendor/golang.org/x/sys/unix/mkerrors.sh      |  6 ++-
 vendor/golang.org/x/sys/unix/syscall_linux.go | 30 +++++++++++-
 .../golang.org/x/sys/unix/syscall_openbsd.go  | 17 ++++++-
 .../x/sys/unix/zerrors_linux_sparc64.go       | 48 +++++++++++++++++++
 .../golang.org/x/sys/unix/zsyscall_linux.go   | 14 ++++++
 .../x/sys/unix/zsyscall_openbsd_386.go        | 22 +++++++++
 .../x/sys/unix/zsyscall_openbsd_386.s         | 10 ++++
 .../x/sys/unix/zsyscall_openbsd_amd64.go      | 32 +++++++++++--
 .../x/sys/unix/zsyscall_openbsd_amd64.s       | 10 ++++
 .../x/sys/unix/zsyscall_openbsd_arm.go        | 22 +++++++++
 .../x/sys/unix/zsyscall_openbsd_arm.s         | 10 ++++
 .../x/sys/unix/zsyscall_openbsd_arm64.go      | 22 +++++++++
 .../x/sys/unix/zsyscall_openbsd_arm64.s       | 10 ++++
 .../x/sys/unix/zsyscall_openbsd_mips64.go     | 22 +++++++++
 .../x/sys/unix/zsyscall_openbsd_mips64.s      | 10 ++++
 .../x/sys/unix/zsyscall_openbsd_ppc64.go      | 22 +++++++++
 .../x/sys/unix/zsyscall_openbsd_ppc64.s       | 12 +++++
 .../x/sys/unix/zsyscall_openbsd_riscv64.go    | 22 +++++++++
 .../x/sys/unix/zsyscall_openbsd_riscv64.s     | 10 ++++
 vendor/golang.org/x/sys/unix/ztypes_linux.go  | 46 ++++++++++++++++++
 .../x/sys/windows/syscall_windows.go          | 13 ++++-
 .../x/sys/windows/zsyscall_windows.go         |  8 +---
 vendor/modules.txt                            |  6 +--
 29 files changed, 422 insertions(+), 34 deletions(-)

diff --git a/go.mod b/go.mod
index b74776c6d..8b404e865 100644
--- a/go.mod
+++ b/go.mod
@@ -17,7 +17,7 @@ require (
 	github.com/stretchr/testify v1.8.4
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.9.0
+	golang.org/x/crypto v0.10.0
 )
 
 require (
@@ -38,8 +38,8 @@ require (
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/sys v0.8.0 // indirect
-	golang.org/x/text v0.9.0 // indirect
+	golang.org/x/sys v0.9.0 // indirect
+	golang.org/x/text v0.10.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
diff --git a/go.sum b/go.sum
index d08948273..bb637afb3 100644
--- a/go.sum
+++ b/go.sum
@@ -388,8 +388,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.9.0 h1:LF6fAI+IutBocDJ2OT0Q1g8plpYljMZ4+lty+dsqw3g=
-golang.org/x/crypto v0.9.0/go.mod h1:yrmDGqONDYtNj3tH8X9dzUun2m2lzPa9ngI6/RUPGR0=
+golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM=
+golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -531,14 +531,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.8.0 h1:EBmGv8NaZBZTWvrbjNoL6HVt+IVy3QDQpJs7VRIw3tU=
-golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s=
+golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.8.0 h1:n5xxQn2i3PC0yLAbjTpNT85q/Kgzcr2gIoX9OrJUols=
+golang.org/x/term v0.9.0 h1:GRRCnKYhdQrD8kfRAdQ6Zcw1P0OcELxGLKJvtjVMZ28=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -549,8 +549,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE=
-golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58=
+golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go
index e6a77f26a..dc6f301de 100644
--- a/vendor/golang.org/x/crypto/ssh/common.go
+++ b/vendor/golang.org/x/crypto/ssh/common.go
@@ -85,7 +85,7 @@ var supportedHostKeyAlgos = []string{
 // This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
 // because they have reached the end of their useful life.
 var supportedMACs = []string{
-	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
+	"hmac-sha2-512-etm@openssh.com", "hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
 }
 
 var supportedCompressions = []string{compressionNone}
diff --git a/vendor/golang.org/x/crypto/ssh/mac.go b/vendor/golang.org/x/crypto/ssh/mac.go
index c07a06285..0a21af47e 100644
--- a/vendor/golang.org/x/crypto/ssh/mac.go
+++ b/vendor/golang.org/x/crypto/ssh/mac.go
@@ -10,6 +10,7 @@ import (
 	"crypto/hmac"
 	"crypto/sha1"
 	"crypto/sha256"
+	"crypto/sha512"
 	"hash"
 )
 
@@ -46,6 +47,9 @@ func (t truncatingMAC) Size() int {
 func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() }
 
 var macModes = map[string]*macMode{
+	"hmac-sha2-512-etm@openssh.com": {64, true, func(key []byte) hash.Hash {
+		return hmac.New(sha512.New, key)
+	}},
 	"hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
 	}},
diff --git a/vendor/golang.org/x/sys/cpu/endian_little.go b/vendor/golang.org/x/sys/cpu/endian_little.go
index fe545966b..55db853ef 100644
--- a/vendor/golang.org/x/sys/cpu/endian_little.go
+++ b/vendor/golang.org/x/sys/cpu/endian_little.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh
-// +build 386 amd64 amd64p32 alpha arm arm64 loong64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh
+//go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh || wasm
+// +build 386 amd64 amd64p32 alpha arm arm64 loong64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh wasm
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/unix/mkall.sh b/vendor/golang.org/x/sys/unix/mkall.sh
index 8e3947c36..e6f31d374 100644
--- a/vendor/golang.org/x/sys/unix/mkall.sh
+++ b/vendor/golang.org/x/sys/unix/mkall.sh
@@ -50,7 +50,7 @@ if [[ "$GOOS" = "linux" ]]; then
 	# Use the Docker-based build system
 	# Files generated through docker (use $cmd so you can Ctl-C the build or run)
 	$cmd docker build --tag generate:$GOOS $GOOS
-	$cmd docker run --interactive --tty --volume $(cd -- "$(dirname -- "$0")/.." && /bin/pwd):/build generate:$GOOS
+	$cmd docker run --interactive --tty --volume $(cd -- "$(dirname -- "$0")/.." && pwd):/build generate:$GOOS
 	exit
 fi
 
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index be0423e68..315646271 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -741,7 +741,8 @@ main(void)
 		e = errors[i].num;
 		if(i > 0 && errors[i-1].num == e)
 			continue;
-		strcpy(buf, strerror(e));
+		strncpy(buf, strerror(e), sizeof(buf) - 1);
+		buf[sizeof(buf) - 1] = '\0';
 		// lowercase first letter: Bad -> bad, but STREAM -> STREAM.
 		if(A <= buf[0] && buf[0] <= Z && a <= buf[1] && buf[1] <= z)
 			buf[0] += a - A;
@@ -760,7 +761,8 @@ main(void)
 		e = signals[i].num;
 		if(i > 0 && signals[i-1].num == e)
 			continue;
-		strcpy(buf, strsignal(e));
+		strncpy(buf, strsignal(e), sizeof(buf) - 1);
+		buf[sizeof(buf) - 1] = '\0';
 		// lowercase first letter: Bad -> bad, but STREAM -> STREAM.
 		if(A <= buf[0] && buf[0] <= Z && a <= buf[1] && buf[1] <= z)
 			buf[0] += a - A;
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index fbaeb5fff..6de486bef 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -1699,12 +1699,23 @@ func PtracePokeUser(pid int, addr uintptr, data []byte) (count int, err error) {
 	return ptracePoke(PTRACE_POKEUSR, PTRACE_PEEKUSR, pid, addr, data)
 }
 
+// elfNT_PRSTATUS is a copy of the debug/elf.NT_PRSTATUS constant so
+// x/sys/unix doesn't need to depend on debug/elf and thus
+// compress/zlib, debug/dwarf, and other packages.
+const elfNT_PRSTATUS = 1
+
 func PtraceGetRegs(pid int, regsout *PtraceRegs) (err error) {
-	return ptracePtr(PTRACE_GETREGS, pid, 0, unsafe.Pointer(regsout))
+	var iov Iovec
+	iov.Base = (*byte)(unsafe.Pointer(regsout))
+	iov.SetLen(int(unsafe.Sizeof(*regsout)))
+	return ptracePtr(PTRACE_GETREGSET, pid, uintptr(elfNT_PRSTATUS), unsafe.Pointer(&iov))
 }
 
 func PtraceSetRegs(pid int, regs *PtraceRegs) (err error) {
-	return ptracePtr(PTRACE_SETREGS, pid, 0, unsafe.Pointer(regs))
+	var iov Iovec
+	iov.Base = (*byte)(unsafe.Pointer(regs))
+	iov.SetLen(int(unsafe.Sizeof(*regs)))
+	return ptracePtr(PTRACE_SETREGSET, pid, uintptr(elfNT_PRSTATUS), unsafe.Pointer(&iov))
 }
 
 func PtraceSetOptions(pid int, options int) (err error) {
@@ -2420,6 +2431,21 @@ func PthreadSigmask(how int, set, oldset *Sigset_t) error {
 	return rtSigprocmask(how, set, oldset, _C__NSIG/8)
 }
 
+//sysnb	getresuid(ruid *_C_int, euid *_C_int, suid *_C_int)
+//sysnb	getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int)
+
+func Getresuid() (ruid, euid, suid int) {
+	var r, e, s _C_int
+	getresuid(&r, &e, &s)
+	return int(r), int(e), int(s)
+}
+
+func Getresgid() (rgid, egid, sgid int) {
+	var r, e, s _C_int
+	getresgid(&r, &e, &s)
+	return int(r), int(e), int(s)
+}
+
 /*
  * Unimplemented
  */
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
index f9c7a9663..c5f166a11 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
@@ -151,6 +151,21 @@ func Getfsstat(buf []Statfs_t, flags int) (n int, err error) {
 	return
 }
 
+//sysnb	getresuid(ruid *_C_int, euid *_C_int, suid *_C_int)
+//sysnb	getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int)
+
+func Getresuid() (ruid, euid, suid int) {
+	var r, e, s _C_int
+	getresuid(&r, &e, &s)
+	return int(r), int(e), int(s)
+}
+
+func Getresgid() (rgid, egid, sgid int) {
+	var r, e, s _C_int
+	getresgid(&r, &e, &s)
+	return int(r), int(e), int(s)
+}
+
 //sys	ioctl(fd int, req uint, arg uintptr) (err error)
 //sys	ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) = SYS_IOCTL
 
@@ -338,8 +353,6 @@ func Uname(uname *Utsname) error {
 // getgid
 // getitimer
 // getlogin
-// getresgid
-// getresuid
 // getthrid
 // ktrace
 // lfs_bmapv
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index f61925269..48984202c 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -329,6 +329,54 @@ const (
 	SCM_WIFI_STATUS                  = 0x25
 	SFD_CLOEXEC                      = 0x400000
 	SFD_NONBLOCK                     = 0x4000
+	SF_FP                            = 0x38
+	SF_I0                            = 0x20
+	SF_I1                            = 0x24
+	SF_I2                            = 0x28
+	SF_I3                            = 0x2c
+	SF_I4                            = 0x30
+	SF_I5                            = 0x34
+	SF_L0                            = 0x0
+	SF_L1                            = 0x4
+	SF_L2                            = 0x8
+	SF_L3                            = 0xc
+	SF_L4                            = 0x10
+	SF_L5                            = 0x14
+	SF_L6                            = 0x18
+	SF_L7                            = 0x1c
+	SF_PC                            = 0x3c
+	SF_RETP                          = 0x40
+	SF_V9_FP                         = 0x70
+	SF_V9_I0                         = 0x40
+	SF_V9_I1                         = 0x48
+	SF_V9_I2                         = 0x50
+	SF_V9_I3                         = 0x58
+	SF_V9_I4                         = 0x60
+	SF_V9_I5                         = 0x68
+	SF_V9_L0                         = 0x0
+	SF_V9_L1                         = 0x8
+	SF_V9_L2                         = 0x10
+	SF_V9_L3                         = 0x18
+	SF_V9_L4                         = 0x20
+	SF_V9_L5                         = 0x28
+	SF_V9_L6                         = 0x30
+	SF_V9_L7                         = 0x38
+	SF_V9_PC                         = 0x78
+	SF_V9_RETP                       = 0x80
+	SF_V9_XARG0                      = 0x88
+	SF_V9_XARG1                      = 0x90
+	SF_V9_XARG2                      = 0x98
+	SF_V9_XARG3                      = 0xa0
+	SF_V9_XARG4                      = 0xa8
+	SF_V9_XARG5                      = 0xb0
+	SF_V9_XXARG                      = 0xb8
+	SF_XARG0                         = 0x44
+	SF_XARG1                         = 0x48
+	SF_XARG2                         = 0x4c
+	SF_XARG3                         = 0x50
+	SF_XARG4                         = 0x54
+	SF_XARG5                         = 0x58
+	SF_XXARG                         = 0x5c
 	SIOCATMARK                       = 0x8905
 	SIOCGPGRP                        = 0x8904
 	SIOCGSTAMPNS_NEW                 = 0x40108907
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index da63d9d78..722c29a00 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -2172,3 +2172,17 @@ func rtSigprocmask(how int, set *Sigset_t, oldset *Sigset_t, sigsetsize uintptr)
 	}
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getresuid(ruid *_C_int, euid *_C_int, suid *_C_int) {
+	RawSyscallNoError(SYS_GETRESUID, uintptr(unsafe.Pointer(ruid)), uintptr(unsafe.Pointer(euid)), uintptr(unsafe.Pointer(suid)))
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int) {
+	RawSyscallNoError(SYS_GETRESGID, uintptr(unsafe.Pointer(rgid)), uintptr(unsafe.Pointer(egid)), uintptr(unsafe.Pointer(sgid)))
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
index 6699a783e..9ab9abf72 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
@@ -519,6 +519,28 @@ var libc_getcwd_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getresuid(ruid *_C_int, euid *_C_int, suid *_C_int) {
+	syscall_rawSyscall(libc_getresuid_trampoline_addr, uintptr(unsafe.Pointer(ruid)), uintptr(unsafe.Pointer(euid)), uintptr(unsafe.Pointer(suid)))
+	return
+}
+
+var libc_getresuid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresuid getresuid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int) {
+	syscall_rawSyscall(libc_getresgid_trampoline_addr, uintptr(unsafe.Pointer(rgid)), uintptr(unsafe.Pointer(egid)), uintptr(unsafe.Pointer(sgid)))
+	return
+}
+
+var libc_getresgid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresgid getresgid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
index 04f0de34b..3dcacd30d 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
@@ -158,6 +158,16 @@ TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_getcwd_trampoline_addr(SB), RODATA, $4
 DATA	·libc_getcwd_trampoline_addr(SB)/4, $libc_getcwd_trampoline<>(SB)
 
+TEXT libc_getresuid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresuid(SB)
+GLOBL	·libc_getresuid_trampoline_addr(SB), RODATA, $4
+DATA	·libc_getresuid_trampoline_addr(SB)/4, $libc_getresuid_trampoline<>(SB)
+
+TEXT libc_getresgid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresgid(SB)
+GLOBL	·libc_getresgid_trampoline_addr(SB), RODATA, $4
+DATA	·libc_getresgid_trampoline_addr(SB)/4, $libc_getresgid_trampoline<>(SB)
+
 TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ioctl(SB)
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $4
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
index 1e775fe05..915761eab 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
@@ -519,6 +519,28 @@ var libc_getcwd_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getresuid(ruid *_C_int, euid *_C_int, suid *_C_int) {
+	syscall_rawSyscall(libc_getresuid_trampoline_addr, uintptr(unsafe.Pointer(ruid)), uintptr(unsafe.Pointer(euid)), uintptr(unsafe.Pointer(suid)))
+	return
+}
+
+var libc_getresuid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresuid getresuid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int) {
+	syscall_rawSyscall(libc_getresgid_trampoline_addr, uintptr(unsafe.Pointer(rgid)), uintptr(unsafe.Pointer(egid)), uintptr(unsafe.Pointer(sgid)))
+	return
+}
+
+var libc_getresgid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresgid getresgid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -527,6 +549,12 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
 	return
 }
 
+var libc_ioctl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -535,10 +563,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	return
 }
 
-var libc_ioctl_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
index 27b6f4df7..2763620b0 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
@@ -158,6 +158,16 @@ TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_getcwd_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getcwd_trampoline_addr(SB)/8, $libc_getcwd_trampoline<>(SB)
 
+TEXT libc_getresuid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresuid(SB)
+GLOBL	·libc_getresuid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresuid_trampoline_addr(SB)/8, $libc_getresuid_trampoline<>(SB)
+
+TEXT libc_getresgid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresgid(SB)
+GLOBL	·libc_getresgid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresgid_trampoline_addr(SB)/8, $libc_getresgid_trampoline<>(SB)
+
 TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ioctl(SB)
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
index 7f6427899..8e87fdf15 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
@@ -519,6 +519,28 @@ var libc_getcwd_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getresuid(ruid *_C_int, euid *_C_int, suid *_C_int) {
+	syscall_rawSyscall(libc_getresuid_trampoline_addr, uintptr(unsafe.Pointer(ruid)), uintptr(unsafe.Pointer(euid)), uintptr(unsafe.Pointer(suid)))
+	return
+}
+
+var libc_getresuid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresuid getresuid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int) {
+	syscall_rawSyscall(libc_getresgid_trampoline_addr, uintptr(unsafe.Pointer(rgid)), uintptr(unsafe.Pointer(egid)), uintptr(unsafe.Pointer(sgid)))
+	return
+}
+
+var libc_getresgid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresgid getresgid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
index b797045fd..c92231404 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
@@ -158,6 +158,16 @@ TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_getcwd_trampoline_addr(SB), RODATA, $4
 DATA	·libc_getcwd_trampoline_addr(SB)/4, $libc_getcwd_trampoline<>(SB)
 
+TEXT libc_getresuid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresuid(SB)
+GLOBL	·libc_getresuid_trampoline_addr(SB), RODATA, $4
+DATA	·libc_getresuid_trampoline_addr(SB)/4, $libc_getresuid_trampoline<>(SB)
+
+TEXT libc_getresgid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresgid(SB)
+GLOBL	·libc_getresgid_trampoline_addr(SB), RODATA, $4
+DATA	·libc_getresgid_trampoline_addr(SB)/4, $libc_getresgid_trampoline<>(SB)
+
 TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ioctl(SB)
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $4
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
index 756ef7b17..12a7a2160 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
@@ -519,6 +519,28 @@ var libc_getcwd_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getresuid(ruid *_C_int, euid *_C_int, suid *_C_int) {
+	syscall_rawSyscall(libc_getresuid_trampoline_addr, uintptr(unsafe.Pointer(ruid)), uintptr(unsafe.Pointer(euid)), uintptr(unsafe.Pointer(suid)))
+	return
+}
+
+var libc_getresuid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresuid getresuid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int) {
+	syscall_rawSyscall(libc_getresgid_trampoline_addr, uintptr(unsafe.Pointer(rgid)), uintptr(unsafe.Pointer(egid)), uintptr(unsafe.Pointer(sgid)))
+	return
+}
+
+var libc_getresgid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresgid getresgid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
index a87126622..a6bc32c92 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
@@ -158,6 +158,16 @@ TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_getcwd_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getcwd_trampoline_addr(SB)/8, $libc_getcwd_trampoline<>(SB)
 
+TEXT libc_getresuid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresuid(SB)
+GLOBL	·libc_getresuid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresuid_trampoline_addr(SB)/8, $libc_getresuid_trampoline<>(SB)
+
+TEXT libc_getresgid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresgid(SB)
+GLOBL	·libc_getresgid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresgid_trampoline_addr(SB)/8, $libc_getresgid_trampoline<>(SB)
+
 TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ioctl(SB)
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
index 7bc2e24eb..b19e8aa03 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
@@ -519,6 +519,28 @@ var libc_getcwd_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getresuid(ruid *_C_int, euid *_C_int, suid *_C_int) {
+	syscall_rawSyscall(libc_getresuid_trampoline_addr, uintptr(unsafe.Pointer(ruid)), uintptr(unsafe.Pointer(euid)), uintptr(unsafe.Pointer(suid)))
+	return
+}
+
+var libc_getresuid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresuid getresuid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int) {
+	syscall_rawSyscall(libc_getresgid_trampoline_addr, uintptr(unsafe.Pointer(rgid)), uintptr(unsafe.Pointer(egid)), uintptr(unsafe.Pointer(sgid)))
+	return
+}
+
+var libc_getresgid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresgid getresgid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
index 05d4bffd7..b4e7bceab 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
@@ -158,6 +158,16 @@ TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_getcwd_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getcwd_trampoline_addr(SB)/8, $libc_getcwd_trampoline<>(SB)
 
+TEXT libc_getresuid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresuid(SB)
+GLOBL	·libc_getresuid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresuid_trampoline_addr(SB)/8, $libc_getresuid_trampoline<>(SB)
+
+TEXT libc_getresgid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresgid(SB)
+GLOBL	·libc_getresgid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresgid_trampoline_addr(SB)/8, $libc_getresgid_trampoline<>(SB)
+
 TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ioctl(SB)
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
index 739be6217..fb99594c9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
@@ -519,6 +519,28 @@ var libc_getcwd_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getresuid(ruid *_C_int, euid *_C_int, suid *_C_int) {
+	syscall_rawSyscall(libc_getresuid_trampoline_addr, uintptr(unsafe.Pointer(ruid)), uintptr(unsafe.Pointer(euid)), uintptr(unsafe.Pointer(suid)))
+	return
+}
+
+var libc_getresuid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresuid getresuid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int) {
+	syscall_rawSyscall(libc_getresgid_trampoline_addr, uintptr(unsafe.Pointer(rgid)), uintptr(unsafe.Pointer(egid)), uintptr(unsafe.Pointer(sgid)))
+	return
+}
+
+var libc_getresgid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresgid getresgid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
index 74a25f8d6..ca3f76600 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
@@ -189,6 +189,18 @@ TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_getcwd_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getcwd_trampoline_addr(SB)/8, $libc_getcwd_trampoline<>(SB)
 
+TEXT libc_getresuid_trampoline<>(SB),NOSPLIT,$0-0
+	CALL	libc_getresuid(SB)
+	RET
+GLOBL	·libc_getresuid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresuid_trampoline_addr(SB)/8, $libc_getresuid_trampoline<>(SB)
+
+TEXT libc_getresgid_trampoline<>(SB),NOSPLIT,$0-0
+	CALL	libc_getresgid(SB)
+	RET
+GLOBL	·libc_getresgid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresgid_trampoline_addr(SB)/8, $libc_getresgid_trampoline<>(SB)
+
 TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 	CALL	libc_ioctl(SB)
 	RET
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
index 7d95a1978..32cbbbc52 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
@@ -519,6 +519,28 @@ var libc_getcwd_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getresuid(ruid *_C_int, euid *_C_int, suid *_C_int) {
+	syscall_rawSyscall(libc_getresuid_trampoline_addr, uintptr(unsafe.Pointer(ruid)), uintptr(unsafe.Pointer(euid)), uintptr(unsafe.Pointer(suid)))
+	return
+}
+
+var libc_getresuid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresuid getresuid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int) {
+	syscall_rawSyscall(libc_getresgid_trampoline_addr, uintptr(unsafe.Pointer(rgid)), uintptr(unsafe.Pointer(egid)), uintptr(unsafe.Pointer(sgid)))
+	return
+}
+
+var libc_getresgid_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getresgid getresgid "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
index 990be2457..477a7d5b2 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
@@ -158,6 +158,16 @@ TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_getcwd_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getcwd_trampoline_addr(SB)/8, $libc_getcwd_trampoline<>(SB)
 
+TEXT libc_getresuid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresuid(SB)
+GLOBL	·libc_getresuid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresuid_trampoline_addr(SB)/8, $libc_getresuid_trampoline<>(SB)
+
+TEXT libc_getresgid_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getresgid(SB)
+GLOBL	·libc_getresgid_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getresgid_trampoline_addr(SB)/8, $libc_getresgid_trampoline<>(SB)
+
 TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ioctl(SB)
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index ca84727cf..00c3b8c20 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -2555,6 +2555,11 @@ const (
 	BPF_REG_8                                  = 0x8
 	BPF_REG_9                                  = 0x9
 	BPF_REG_10                                 = 0xa
+	BPF_CGROUP_ITER_ORDER_UNSPEC               = 0x0
+	BPF_CGROUP_ITER_SELF_ONLY                  = 0x1
+	BPF_CGROUP_ITER_DESCENDANTS_PRE            = 0x2
+	BPF_CGROUP_ITER_DESCENDANTS_POST           = 0x3
+	BPF_CGROUP_ITER_ANCESTORS_UP               = 0x4
 	BPF_MAP_CREATE                             = 0x0
 	BPF_MAP_LOOKUP_ELEM                        = 0x1
 	BPF_MAP_UPDATE_ELEM                        = 0x2
@@ -2566,6 +2571,7 @@ const (
 	BPF_PROG_ATTACH                            = 0x8
 	BPF_PROG_DETACH                            = 0x9
 	BPF_PROG_TEST_RUN                          = 0xa
+	BPF_PROG_RUN                               = 0xa
 	BPF_PROG_GET_NEXT_ID                       = 0xb
 	BPF_MAP_GET_NEXT_ID                        = 0xc
 	BPF_PROG_GET_FD_BY_ID                      = 0xd
@@ -2610,6 +2616,7 @@ const (
 	BPF_MAP_TYPE_CPUMAP                        = 0x10
 	BPF_MAP_TYPE_XSKMAP                        = 0x11
 	BPF_MAP_TYPE_SOCKHASH                      = 0x12
+	BPF_MAP_TYPE_CGROUP_STORAGE_DEPRECATED     = 0x13
 	BPF_MAP_TYPE_CGROUP_STORAGE                = 0x13
 	BPF_MAP_TYPE_REUSEPORT_SOCKARRAY           = 0x14
 	BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE         = 0x15
@@ -2620,6 +2627,10 @@ const (
 	BPF_MAP_TYPE_STRUCT_OPS                    = 0x1a
 	BPF_MAP_TYPE_RINGBUF                       = 0x1b
 	BPF_MAP_TYPE_INODE_STORAGE                 = 0x1c
+	BPF_MAP_TYPE_TASK_STORAGE                  = 0x1d
+	BPF_MAP_TYPE_BLOOM_FILTER                  = 0x1e
+	BPF_MAP_TYPE_USER_RINGBUF                  = 0x1f
+	BPF_MAP_TYPE_CGRP_STORAGE                  = 0x20
 	BPF_PROG_TYPE_UNSPEC                       = 0x0
 	BPF_PROG_TYPE_SOCKET_FILTER                = 0x1
 	BPF_PROG_TYPE_KPROBE                       = 0x2
@@ -2651,6 +2662,7 @@ const (
 	BPF_PROG_TYPE_EXT                          = 0x1c
 	BPF_PROG_TYPE_LSM                          = 0x1d
 	BPF_PROG_TYPE_SK_LOOKUP                    = 0x1e
+	BPF_PROG_TYPE_SYSCALL                      = 0x1f
 	BPF_CGROUP_INET_INGRESS                    = 0x0
 	BPF_CGROUP_INET_EGRESS                     = 0x1
 	BPF_CGROUP_INET_SOCK_CREATE                = 0x2
@@ -2689,6 +2701,12 @@ const (
 	BPF_XDP_CPUMAP                             = 0x23
 	BPF_SK_LOOKUP                              = 0x24
 	BPF_XDP                                    = 0x25
+	BPF_SK_SKB_VERDICT                         = 0x26
+	BPF_SK_REUSEPORT_SELECT                    = 0x27
+	BPF_SK_REUSEPORT_SELECT_OR_MIGRATE         = 0x28
+	BPF_PERF_EVENT                             = 0x29
+	BPF_TRACE_KPROBE_MULTI                     = 0x2a
+	BPF_LSM_CGROUP                             = 0x2b
 	BPF_LINK_TYPE_UNSPEC                       = 0x0
 	BPF_LINK_TYPE_RAW_TRACEPOINT               = 0x1
 	BPF_LINK_TYPE_TRACING                      = 0x2
@@ -2696,6 +2714,9 @@ const (
 	BPF_LINK_TYPE_ITER                         = 0x4
 	BPF_LINK_TYPE_NETNS                        = 0x5
 	BPF_LINK_TYPE_XDP                          = 0x6
+	BPF_LINK_TYPE_PERF_EVENT                   = 0x7
+	BPF_LINK_TYPE_KPROBE_MULTI                 = 0x8
+	BPF_LINK_TYPE_STRUCT_OPS                   = 0x9
 	BPF_ANY                                    = 0x0
 	BPF_NOEXIST                                = 0x1
 	BPF_EXIST                                  = 0x2
@@ -2733,6 +2754,7 @@ const (
 	BPF_F_ZERO_CSUM_TX                         = 0x2
 	BPF_F_DONT_FRAGMENT                        = 0x4
 	BPF_F_SEQ_NUMBER                           = 0x8
+	BPF_F_TUNINFO_FLAGS                        = 0x10
 	BPF_F_INDEX_MASK                           = 0xffffffff
 	BPF_F_CURRENT_CPU                          = 0xffffffff
 	BPF_F_CTXLEN_MASK                          = 0xfffff00000000
@@ -2747,6 +2769,7 @@ const (
 	BPF_F_ADJ_ROOM_ENCAP_L4_GRE                = 0x8
 	BPF_F_ADJ_ROOM_ENCAP_L4_UDP                = 0x10
 	BPF_F_ADJ_ROOM_NO_CSUM_RESET               = 0x20
+	BPF_F_ADJ_ROOM_ENCAP_L2_ETH                = 0x40
 	BPF_ADJ_ROOM_ENCAP_L2_MASK                 = 0xff
 	BPF_ADJ_ROOM_ENCAP_L2_SHIFT                = 0x38
 	BPF_F_SYSCTL_BASE_NAME                     = 0x1
@@ -2771,10 +2794,16 @@ const (
 	BPF_LWT_ENCAP_SEG6                         = 0x0
 	BPF_LWT_ENCAP_SEG6_INLINE                  = 0x1
 	BPF_LWT_ENCAP_IP                           = 0x2
+	BPF_F_BPRM_SECUREEXEC                      = 0x1
+	BPF_F_BROADCAST                            = 0x8
+	BPF_F_EXCLUDE_INGRESS                      = 0x10
+	BPF_SKB_TSTAMP_UNSPEC                      = 0x0
+	BPF_SKB_TSTAMP_DELIVERY_MONO               = 0x1
 	BPF_OK                                     = 0x0
 	BPF_DROP                                   = 0x2
 	BPF_REDIRECT                               = 0x7
 	BPF_LWT_REROUTE                            = 0x80
+	BPF_FLOW_DISSECTOR_CONTINUE                = 0x81
 	BPF_SOCK_OPS_RTO_CB_FLAG                   = 0x1
 	BPF_SOCK_OPS_RETRANS_CB_FLAG               = 0x2
 	BPF_SOCK_OPS_STATE_CB_FLAG                 = 0x4
@@ -2838,6 +2867,10 @@ const (
 	BPF_FIB_LKUP_RET_UNSUPP_LWT                = 0x6
 	BPF_FIB_LKUP_RET_NO_NEIGH                  = 0x7
 	BPF_FIB_LKUP_RET_FRAG_NEEDED               = 0x8
+	BPF_MTU_CHK_SEGS                           = 0x1
+	BPF_MTU_CHK_RET_SUCCESS                    = 0x0
+	BPF_MTU_CHK_RET_FRAG_NEEDED                = 0x1
+	BPF_MTU_CHK_RET_SEGS_TOOBIG                = 0x2
 	BPF_FD_TYPE_RAW_TRACEPOINT                 = 0x0
 	BPF_FD_TYPE_TRACEPOINT                     = 0x1
 	BPF_FD_TYPE_KPROBE                         = 0x2
@@ -2847,6 +2880,19 @@ const (
 	BPF_FLOW_DISSECTOR_F_PARSE_1ST_FRAG        = 0x1
 	BPF_FLOW_DISSECTOR_F_STOP_AT_FLOW_LABEL    = 0x2
 	BPF_FLOW_DISSECTOR_F_STOP_AT_ENCAP         = 0x4
+	BPF_CORE_FIELD_BYTE_OFFSET                 = 0x0
+	BPF_CORE_FIELD_BYTE_SIZE                   = 0x1
+	BPF_CORE_FIELD_EXISTS                      = 0x2
+	BPF_CORE_FIELD_SIGNED                      = 0x3
+	BPF_CORE_FIELD_LSHIFT_U64                  = 0x4
+	BPF_CORE_FIELD_RSHIFT_U64                  = 0x5
+	BPF_CORE_TYPE_ID_LOCAL                     = 0x6
+	BPF_CORE_TYPE_ID_TARGET                    = 0x7
+	BPF_CORE_TYPE_EXISTS                       = 0x8
+	BPF_CORE_TYPE_SIZE                         = 0x9
+	BPF_CORE_ENUMVAL_EXISTS                    = 0xa
+	BPF_CORE_ENUMVAL_VALUE                     = 0xb
+	BPF_CORE_TYPE_MATCHES                      = 0xc
 )
 
 const (
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 3723b2c22..964590075 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -405,7 +405,7 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	VerQueryValue(block unsafe.Pointer, subBlock string, pointerToBufferPointer unsafe.Pointer, bufSize *uint32) (err error) = version.VerQueryValueW
 
 // Process Status API (PSAPI)
-//sys	EnumProcesses(processIds []uint32, bytesReturned *uint32) (err error) = psapi.EnumProcesses
+//sys	enumProcesses(processIds *uint32, nSize uint32, bytesReturned *uint32) (err error) = psapi.EnumProcesses
 //sys	EnumProcessModules(process Handle, module *Handle, cb uint32, cbNeeded *uint32) (err error) = psapi.EnumProcessModules
 //sys	EnumProcessModulesEx(process Handle, module *Handle, cb uint32, cbNeeded *uint32, filterFlag uint32) (err error) = psapi.EnumProcessModulesEx
 //sys	GetModuleInformation(process Handle, module Handle, modinfo *ModuleInfo, cb uint32) (err error) = psapi.GetModuleInformation
@@ -1354,6 +1354,17 @@ func SetsockoptIPv6Mreq(fd Handle, level, opt int, mreq *IPv6Mreq) (err error) {
 	return syscall.EWINDOWS
 }
 
+func EnumProcesses(processIds []uint32, bytesReturned *uint32) error {
+	// EnumProcesses syscall expects the size parameter to be in bytes, but the code generated with mksyscall uses
+	// the length of the processIds slice instead. Hence, this wrapper function is added to fix the discrepancy.
+	var p *uint32
+	if len(processIds) > 0 {
+		p = &processIds[0]
+	}
+	size := uint32(len(processIds) * 4)
+	return enumProcesses(p, size, bytesReturned)
+}
+
 func Getpid() (pid int) { return int(GetCurrentProcessId()) }
 
 func FindFirstFile(name *uint16, data *Win32finddata) (handle Handle, err error) {
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index a81ea2c70..566dd3e31 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -3516,12 +3516,8 @@ func EnumProcessModulesEx(process Handle, module *Handle, cb uint32, cbNeeded *u
 	return
 }
 
-func EnumProcesses(processIds []uint32, bytesReturned *uint32) (err error) {
-	var _p0 *uint32
-	if len(processIds) > 0 {
-		_p0 = &processIds[0]
-	}
-	r1, _, e1 := syscall.Syscall(procEnumProcesses.Addr(), 3, uintptr(unsafe.Pointer(_p0)), uintptr(len(processIds)), uintptr(unsafe.Pointer(bytesReturned)))
+func enumProcesses(processIds *uint32, nSize uint32, bytesReturned *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procEnumProcesses.Addr(), 3, uintptr(unsafe.Pointer(processIds)), uintptr(nSize), uintptr(unsafe.Pointer(bytesReturned)))
 	if r1 == 0 {
 		err = errnoErr(e1)
 	}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index a78d53fb9..e9fbe972f 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -143,7 +143,7 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.9.0
+# golang.org/x/crypto v0.10.0
 ## explicit; go 1.17
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
@@ -165,13 +165,13 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 ## explicit; go 1.17
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.8.0
+# golang.org/x/sys v0.9.0
 ## explicit; go 1.17
 golang.org/x/sys/cpu
 golang.org/x/sys/internal/unsafeheader
 golang.org/x/sys/unix
 golang.org/x/sys/windows
-# golang.org/x/text v0.9.0
+# golang.org/x/text v0.10.0
 ## explicit; go 1.17
 golang.org/x/text/secure/bidirule
 golang.org/x/text/transform

From c6ac238ee6d2d93c92f7cdb02ff8723bf5e484f8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 19 Jun 2023 03:59:41 +0000
Subject: [PATCH 32/73] build(deps): bump github.com/prometheus/client_golang

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.15.1 to 1.16.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.15.1...v1.16.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |   4 +-
 go.sum                                        |   8 +-
 .../client_golang/prometheus/desc.go          |   4 +-
 .../client_golang/prometheus/histogram.go     |  10 +-
 .../client_golang/prometheus/promhttp/http.go |  19 +-
 .../client_golang/prometheus/vec.go           |  35 +++-
 .../prometheus/procfs/Makefile.common         |  16 +-
 vendor/github.com/prometheus/procfs/fs.go     |   9 +-
 .../prometheus/procfs/fs_statfs_notype.go     |  23 +++
 .../prometheus/procfs/fs_statfs_type.go       |  33 ++++
 .../prometheus/procfs/internal/util/parse.go  |  15 ++
 .../prometheus/procfs/mountstats.go           |   6 +-
 .../prometheus/procfs/net_conntrackstat.go    |  88 +++------
 .../prometheus/procfs/net_softnet.go          |   5 +
 .../prometheus/procfs/net_wireless.go         | 182 ++++++++++++++++++
 .../github.com/prometheus/procfs/netstat.go   |  25 ++-
 vendor/github.com/prometheus/procfs/proc.go   |  22 ++-
 .../github.com/prometheus/procfs/proc_stat.go |   6 +-
 .../prometheus/procfs/proc_status.go          |  32 +++
 vendor/github.com/prometheus/procfs/thread.go |   9 +-
 vendor/modules.txt                            |   6 +-
 21 files changed, 435 insertions(+), 122 deletions(-)
 create mode 100644 vendor/github.com/prometheus/procfs/fs_statfs_notype.go
 create mode 100644 vendor/github.com/prometheus/procfs/fs_statfs_type.go
 create mode 100644 vendor/github.com/prometheus/procfs/net_wireless.go

diff --git a/go.mod b/go.mod
index b74776c6d..5f581a05a 100644
--- a/go.mod
+++ b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
 	github.com/mattn/go-sqlite3 v1.14.17
-	github.com/prometheus/client_golang v1.15.1
+	github.com/prometheus/client_golang v1.16.0
 	github.com/stretchr/testify v1.8.4
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
@@ -33,7 +33,7 @@ require (
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/client_model v0.4.0 // indirect
 	github.com/prometheus/common v0.42.0 // indirect
-	github.com/prometheus/procfs v0.9.0 // indirect
+	github.com/prometheus/procfs v0.10.1 // indirect
 	github.com/rogpeppe/go-internal v1.10.0 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
diff --git a/go.sum b/go.sum
index d08948273..139a88253 100644
--- a/go.sum
+++ b/go.sum
@@ -280,8 +280,8 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
 github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_golang v1.15.1 h1:8tXpTmJbyH5lydzFPoxSIJ0J46jdh3tylbvM1xCv0LI=
-github.com/prometheus/client_golang v1.15.1/go.mod h1:e9yaBhRPU2pPNsZwE+JdQl0KEt1N9XgF6zxWmaC0xOk=
+github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8=
+github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
@@ -299,8 +299,8 @@ github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsT
 github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
 github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
 github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
-github.com/prometheus/procfs v0.9.0 h1:wzCHvIvM5SxWqYvwgVL7yJY8Lz3PKn49KQtpgMYJfhI=
-github.com/prometheus/procfs v0.9.0/go.mod h1:+pB4zwohETzFnmlpe6yd2lSc+0/46IYZRB/chUwxUZY=
+github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg=
+github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
 github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/desc.go b/vendor/github.com/prometheus/client_golang/prometheus/desc.go
index 12331542d..deedc2dfb 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/desc.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/desc.go
@@ -18,12 +18,12 @@ import (
 	"sort"
 	"strings"
 
-	"github.com/prometheus/client_golang/prometheus/internal"
-
 	"github.com/cespare/xxhash/v2"
 	dto "github.com/prometheus/client_model/go"
 	"github.com/prometheus/common/model"
 	"google.golang.org/protobuf/proto"
+
+	"github.com/prometheus/client_golang/prometheus/internal"
 )
 
 // Desc is the descriptor used by every Prometheus Metric. It is essentially
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
index 5b69965b2..8d818afe9 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
@@ -401,7 +401,7 @@ type HistogramOpts struct {
 	// Histogram by a Prometheus server with that feature enabled (requires
 	// Prometheus v2.40+). Sparse buckets are exponential buckets covering
 	// the whole float64 range (with the exception of the “zero” bucket, see
-	// SparseBucketsZeroThreshold below). From any one bucket to the next,
+	// NativeHistogramZeroThreshold below). From any one bucket to the next,
 	// the width of the bucket grows by a constant
 	// factor. NativeHistogramBucketFactor provides an upper bound for this
 	// factor (exception see below). The smaller
@@ -432,7 +432,7 @@ type HistogramOpts struct {
 	// bucket. For best results, this should be close to a bucket
 	// boundary. This is usually the case if picking a power of two. If
 	// NativeHistogramZeroThreshold is left at zero,
-	// DefSparseBucketsZeroThreshold is used as the threshold. To configure
+	// DefNativeHistogramZeroThreshold is used as the threshold. To configure
 	// a zero bucket with an actual threshold of zero (i.e. only
 	// observations of precisely zero will go into the zero bucket), set
 	// NativeHistogramZeroThreshold to the NativeHistogramZeroThresholdZero
@@ -639,8 +639,8 @@ func (hc *histogramCounts) observe(v float64, bucket int, doSparse bool) {
 			if frac == 0.5 {
 				key--
 			}
-			div := 1 << -schema
-			key = (key + div - 1) / div
+			offset := (1 << -schema) - 1
+			key = (key + offset) >> -schema
 		}
 		if isInf {
 			key++
@@ -817,7 +817,7 @@ func (h *histogram) observe(v float64, bucket int) {
 	}
 }
 
-// limitSparsebuckets applies a strategy to limit the number of populated sparse
+// limitBuckets applies a strategy to limit the number of populated sparse
 // buckets. It's generally best effort, and there are situations where the
 // number can go higher (if even the lowest resolution isn't enough to reduce
 // the number sufficiently, or if the provided counts aren't fully updated yet
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
index a4cc9810b..09b8d2fbe 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
@@ -37,6 +37,7 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"strconv"
 	"strings"
 	"sync"
 	"time"
@@ -47,9 +48,10 @@ import (
 )
 
 const (
-	contentTypeHeader     = "Content-Type"
-	contentEncodingHeader = "Content-Encoding"
-	acceptEncodingHeader  = "Accept-Encoding"
+	contentTypeHeader      = "Content-Type"
+	contentEncodingHeader  = "Content-Encoding"
+	acceptEncodingHeader   = "Accept-Encoding"
+	processStartTimeHeader = "Process-Start-Time-Unix"
 )
 
 var gzipPool = sync.Pool{
@@ -121,6 +123,9 @@ func HandlerForTransactional(reg prometheus.TransactionalGatherer, opts HandlerO
 	}
 
 	h := http.HandlerFunc(func(rsp http.ResponseWriter, req *http.Request) {
+		if !opts.ProcessStartTime.IsZero() {
+			rsp.Header().Set(processStartTimeHeader, strconv.FormatInt(opts.ProcessStartTime.Unix(), 10))
+		}
 		if inFlightSem != nil {
 			select {
 			case inFlightSem <- struct{}{}: // All good, carry on.
@@ -366,6 +371,14 @@ type HandlerOpts struct {
 	// (which changes the identity of the resulting series on the Prometheus
 	// server).
 	EnableOpenMetrics bool
+	// ProcessStartTime allows setting process start timevalue that will be exposed
+	// with "Process-Start-Time-Unix" response header along with the metrics
+	// payload. This allow callers to have efficient transformations to cumulative
+	// counters (e.g. OpenTelemetry) or generally _created timestamp estimation per
+	// scrape target.
+	// NOTE: This feature is experimental and not covered by OpenMetrics or Prometheus
+	// exposition format.
+	ProcessStartTime time.Time
 }
 
 // gzipAccepted returns whether the client will accept gzip-encoded content.
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/vec.go b/vendor/github.com/prometheus/client_golang/prometheus/vec.go
index 386fb2d23..f0d0015a0 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/vec.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/vec.go
@@ -20,6 +20,24 @@ import (
 	"github.com/prometheus/common/model"
 )
 
+var labelsPool = &sync.Pool{
+	New: func() interface{} {
+		return make(Labels)
+	},
+}
+
+func getLabelsFromPool() Labels {
+	return labelsPool.Get().(Labels)
+}
+
+func putLabelsToPool(labels Labels) {
+	for k := range labels {
+		delete(labels, k)
+	}
+
+	labelsPool.Put(labels)
+}
+
 // MetricVec is a Collector to bundle metrics of the same name that differ in
 // their label values. MetricVec is not used directly but as a building block
 // for implementations of vectors of a given metric type, like GaugeVec,
@@ -93,6 +111,8 @@ func (m *MetricVec) DeleteLabelValues(lvs ...string) bool {
 // there for pros and cons of the two methods.
 func (m *MetricVec) Delete(labels Labels) bool {
 	labels = constrainLabels(m.desc, labels)
+	defer putLabelsToPool(labels)
+
 	h, err := m.hashLabels(labels)
 	if err != nil {
 		return false
@@ -109,6 +129,8 @@ func (m *MetricVec) Delete(labels Labels) bool {
 // To match curried labels with DeletePartialMatch, it must be called on the base vector.
 func (m *MetricVec) DeletePartialMatch(labels Labels) int {
 	labels = constrainLabels(m.desc, labels)
+	defer putLabelsToPool(labels)
+
 	return m.metricMap.deleteByLabels(labels, m.curry)
 }
 
@@ -229,6 +251,8 @@ func (m *MetricVec) GetMetricWithLabelValues(lvs ...string) (Metric, error) {
 // for example GaugeVec.
 func (m *MetricVec) GetMetricWith(labels Labels) (Metric, error) {
 	labels = constrainLabels(m.desc, labels)
+	defer putLabelsToPool(labels)
+
 	h, err := m.hashLabels(labels)
 	if err != nil {
 		return nil, err
@@ -647,15 +671,16 @@ func inlineLabelValues(lvs []string, curry []curriedLabelValue) []string {
 }
 
 func constrainLabels(desc *Desc, labels Labels) Labels {
-	constrainedValues := make(Labels, len(labels))
+	constrainedLabels := getLabelsFromPool()
 	for l, v := range labels {
 		if i, ok := indexOf(l, desc.variableLabels.labelNames()); ok {
-			constrainedValues[l] = desc.variableLabels[i].Constrain(v)
-			continue
+			v = desc.variableLabels[i].Constrain(v)
 		}
-		constrainedValues[l] = v
+
+		constrainedLabels[l] = v
 	}
-	return constrainedValues
+
+	return constrainedLabels
 }
 
 func constrainLabelValues(desc *Desc, lvs []string, curry []curriedLabelValue) []string {
diff --git a/vendor/github.com/prometheus/procfs/Makefile.common b/vendor/github.com/prometheus/procfs/Makefile.common
index e358db69c..b111d2562 100644
--- a/vendor/github.com/prometheus/procfs/Makefile.common
+++ b/vendor/github.com/prometheus/procfs/Makefile.common
@@ -61,7 +61,7 @@ PROMU_URL     := https://github.com/prometheus/promu/releases/download/v$(PROMU_
 SKIP_GOLANGCI_LINT :=
 GOLANGCI_LINT :=
 GOLANGCI_LINT_OPTS ?=
-GOLANGCI_LINT_VERSION ?= v1.49.0
+GOLANGCI_LINT_VERSION ?= v1.51.2
 # golangci-lint only supports linux, darwin and windows platforms on i386/amd64.
 # windows isn't included here because of the path separator being different.
 ifeq ($(GOHOSTOS),$(filter $(GOHOSTOS),linux darwin))
@@ -91,6 +91,8 @@ BUILD_DOCKER_ARCHS = $(addprefix common-docker-,$(DOCKER_ARCHS))
 PUBLISH_DOCKER_ARCHS = $(addprefix common-docker-publish-,$(DOCKER_ARCHS))
 TAG_DOCKER_ARCHS = $(addprefix common-docker-tag-latest-,$(DOCKER_ARCHS))
 
+SANITIZED_DOCKER_IMAGE_TAG := $(subst +,-,$(DOCKER_IMAGE_TAG))
+
 ifeq ($(GOHOSTARCH),amd64)
         ifeq ($(GOHOSTOS),$(filter $(GOHOSTOS),linux freebsd darwin windows))
                 # Only supported on amd64
@@ -205,7 +207,7 @@ common-tarball: promu
 .PHONY: common-docker $(BUILD_DOCKER_ARCHS)
 common-docker: $(BUILD_DOCKER_ARCHS)
 $(BUILD_DOCKER_ARCHS): common-docker-%:
-	docker build -t "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:$(DOCKER_IMAGE_TAG)" \
+	docker build -t "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:$(SANITIZED_DOCKER_IMAGE_TAG)" \
 		-f $(DOCKERFILE_PATH) \
 		--build-arg ARCH="$*" \
 		--build-arg OS="linux" \
@@ -214,19 +216,19 @@ $(BUILD_DOCKER_ARCHS): common-docker-%:
 .PHONY: common-docker-publish $(PUBLISH_DOCKER_ARCHS)
 common-docker-publish: $(PUBLISH_DOCKER_ARCHS)
 $(PUBLISH_DOCKER_ARCHS): common-docker-publish-%:
-	docker push "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:$(DOCKER_IMAGE_TAG)"
+	docker push "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:$(SANITIZED_DOCKER_IMAGE_TAG)"
 
 DOCKER_MAJOR_VERSION_TAG = $(firstword $(subst ., ,$(shell cat VERSION)))
 .PHONY: common-docker-tag-latest $(TAG_DOCKER_ARCHS)
 common-docker-tag-latest: $(TAG_DOCKER_ARCHS)
 $(TAG_DOCKER_ARCHS): common-docker-tag-latest-%:
-	docker tag "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:$(DOCKER_IMAGE_TAG)" "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:latest"
-	docker tag "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:$(DOCKER_IMAGE_TAG)" "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:v$(DOCKER_MAJOR_VERSION_TAG)"
+	docker tag "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:$(SANITIZED_DOCKER_IMAGE_TAG)" "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:latest"
+	docker tag "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:$(SANITIZED_DOCKER_IMAGE_TAG)" "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$*:v$(DOCKER_MAJOR_VERSION_TAG)"
 
 .PHONY: common-docker-manifest
 common-docker-manifest:
-	DOCKER_CLI_EXPERIMENTAL=enabled docker manifest create -a "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)" $(foreach ARCH,$(DOCKER_ARCHS),$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$(ARCH):$(DOCKER_IMAGE_TAG))
-	DOCKER_CLI_EXPERIMENTAL=enabled docker manifest push "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME):$(DOCKER_IMAGE_TAG)"
+	DOCKER_CLI_EXPERIMENTAL=enabled docker manifest create -a "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME):$(SANITIZED_DOCKER_IMAGE_TAG)" $(foreach ARCH,$(DOCKER_ARCHS),$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)-linux-$(ARCH):$(SANITIZED_DOCKER_IMAGE_TAG))
+	DOCKER_CLI_EXPERIMENTAL=enabled docker manifest push "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME):$(SANITIZED_DOCKER_IMAGE_TAG)"
 
 .PHONY: promu
 promu: $(PROMU)
diff --git a/vendor/github.com/prometheus/procfs/fs.go b/vendor/github.com/prometheus/procfs/fs.go
index 0102ab0fd..60c551e02 100644
--- a/vendor/github.com/prometheus/procfs/fs.go
+++ b/vendor/github.com/prometheus/procfs/fs.go
@@ -21,6 +21,7 @@ import (
 // kernel data structures.
 type FS struct {
 	proc fs.FS
+	real bool
 }
 
 // DefaultMountPoint is the common mount point of the proc filesystem.
@@ -39,5 +40,11 @@ func NewFS(mountPoint string) (FS, error) {
 	if err != nil {
 		return FS{}, err
 	}
-	return FS{fs}, nil
+
+	real, err := isRealProc(mountPoint)
+	if err != nil {
+		return FS{}, err
+	}
+
+	return FS{fs, real}, nil
 }
diff --git a/vendor/github.com/prometheus/procfs/fs_statfs_notype.go b/vendor/github.com/prometheus/procfs/fs_statfs_notype.go
new file mode 100644
index 000000000..800576968
--- /dev/null
+++ b/vendor/github.com/prometheus/procfs/fs_statfs_notype.go
@@ -0,0 +1,23 @@
+// Copyright 2018 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build netbsd || openbsd || solaris || windows
+// +build netbsd openbsd solaris windows
+
+package procfs
+
+// isRealProc returns true on architectures that don't have a Type argument
+// in their Statfs_t struct
+func isRealProc(mountPoint string) (bool, error) {
+	return true, nil
+}
diff --git a/vendor/github.com/prometheus/procfs/fs_statfs_type.go b/vendor/github.com/prometheus/procfs/fs_statfs_type.go
new file mode 100644
index 000000000..6233217ad
--- /dev/null
+++ b/vendor/github.com/prometheus/procfs/fs_statfs_type.go
@@ -0,0 +1,33 @@
+// Copyright 2018 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build !netbsd && !openbsd && !solaris && !windows
+// +build !netbsd,!openbsd,!solaris,!windows
+
+package procfs
+
+import (
+	"syscall"
+)
+
+// isRealProc determines whether supplied mountpoint is really a proc filesystem.
+func isRealProc(mountPoint string) (bool, error) {
+	stat := syscall.Statfs_t{}
+	err := syscall.Statfs(mountPoint, &stat)
+	if err != nil {
+		return false, err
+	}
+
+	// 0x9fa0 is PROC_SUPER_MAGIC: https://elixir.bootlin.com/linux/v6.1/source/include/uapi/linux/magic.h#L87
+	return stat.Type == 0x9fa0, nil
+}
diff --git a/vendor/github.com/prometheus/procfs/internal/util/parse.go b/vendor/github.com/prometheus/procfs/internal/util/parse.go
index b030951fa..14272dc78 100644
--- a/vendor/github.com/prometheus/procfs/internal/util/parse.go
+++ b/vendor/github.com/prometheus/procfs/internal/util/parse.go
@@ -64,6 +64,21 @@ func ParsePInt64s(ss []string) ([]*int64, error) {
 	return us, nil
 }
 
+// Parses a uint64 from given hex in string.
+func ParseHexUint64s(ss []string) ([]*uint64, error) {
+	us := make([]*uint64, 0, len(ss))
+	for _, s := range ss {
+		u, err := strconv.ParseUint(s, 16, 64)
+		if err != nil {
+			return nil, err
+		}
+
+		us = append(us, &u)
+	}
+
+	return us, nil
+}
+
 // ReadUintFromFile reads a file and attempts to parse a uint64 from it.
 func ReadUintFromFile(path string) (uint64, error) {
 	data, err := os.ReadFile(path)
diff --git a/vendor/github.com/prometheus/procfs/mountstats.go b/vendor/github.com/prometheus/procfs/mountstats.go
index 0c482c18c..7f68890cf 100644
--- a/vendor/github.com/prometheus/procfs/mountstats.go
+++ b/vendor/github.com/prometheus/procfs/mountstats.go
@@ -186,6 +186,8 @@ type NFSOperationStats struct {
 	CumulativeTotalResponseMilliseconds uint64
 	// Duration from when a request was enqueued to when it was completely handled.
 	CumulativeTotalRequestMilliseconds uint64
+	// The average time from the point the client sends RPC requests until it receives the response.
+	AverageRTTMilliseconds float64
 	// The count of operations that complete with tk_status < 0.  These statuses usually indicate error conditions.
 	Errors uint64
 }
@@ -534,7 +536,6 @@ func parseNFSOperationStats(s *bufio.Scanner) ([]NFSOperationStats, error) {
 
 			ns = append(ns, n)
 		}
-
 		opStats := NFSOperationStats{
 			Operation:                           strings.TrimSuffix(ss[0], ":"),
 			Requests:                            ns[0],
@@ -546,6 +547,9 @@ func parseNFSOperationStats(s *bufio.Scanner) ([]NFSOperationStats, error) {
 			CumulativeTotalResponseMilliseconds: ns[6],
 			CumulativeTotalRequestMilliseconds:  ns[7],
 		}
+		if ns[0] != 0 {
+			opStats.AverageRTTMilliseconds = float64(ns[6]) / float64(ns[0])
+		}
 
 		if len(ns) > 8 {
 			opStats.Errors = ns[8]
diff --git a/vendor/github.com/prometheus/procfs/net_conntrackstat.go b/vendor/github.com/prometheus/procfs/net_conntrackstat.go
index 8300daca0..64a0e9460 100644
--- a/vendor/github.com/prometheus/procfs/net_conntrackstat.go
+++ b/vendor/github.com/prometheus/procfs/net_conntrackstat.go
@@ -18,7 +18,6 @@ import (
 	"bytes"
 	"fmt"
 	"io"
-	"strconv"
 	"strings"
 
 	"github.com/prometheus/procfs/internal/util"
@@ -28,9 +27,13 @@ import (
 // and contains netfilter conntrack statistics at one CPU core.
 type ConntrackStatEntry struct {
 	Entries       uint64
+	Searched      uint64
 	Found         uint64
+	New           uint64
 	Invalid       uint64
 	Ignore        uint64
+	Delete        uint64
+	DeleteList    uint64
 	Insert        uint64
 	InsertFailed  uint64
 	Drop          uint64
@@ -81,73 +84,34 @@ func parseConntrackStat(r io.Reader) ([]ConntrackStatEntry, error) {
 
 // Parses a ConntrackStatEntry from given array of fields.
 func parseConntrackStatEntry(fields []string) (*ConntrackStatEntry, error) {
-	if len(fields) != 17 {
-		return nil, fmt.Errorf("invalid conntrackstat entry, missing fields")
-	}
-	entry := &ConntrackStatEntry{}
-
-	entries, err := parseConntrackStatField(fields[0])
-	if err != nil {
-		return nil, err
-	}
-	entry.Entries = entries
-
-	found, err := parseConntrackStatField(fields[2])
-	if err != nil {
-		return nil, err
-	}
-	entry.Found = found
-
-	invalid, err := parseConntrackStatField(fields[4])
-	if err != nil {
-		return nil, err
-	}
-	entry.Invalid = invalid
-
-	ignore, err := parseConntrackStatField(fields[5])
-	if err != nil {
-		return nil, err
-	}
-	entry.Ignore = ignore
-
-	insert, err := parseConntrackStatField(fields[8])
+	entries, err := util.ParseHexUint64s(fields)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("invalid conntrackstat entry, couldn't parse fields: %s", err)
 	}
-	entry.Insert = insert
-
-	insertFailed, err := parseConntrackStatField(fields[9])
-	if err != nil {
-		return nil, err
+	numEntries := len(entries)
+	if numEntries < 16 || numEntries > 17 {
+		return nil, fmt.Errorf("invalid conntrackstat entry, invalid number of fields: %d", numEntries)
 	}
-	entry.InsertFailed = insertFailed
 
-	drop, err := parseConntrackStatField(fields[10])
-	if err != nil {
-		return nil, err
+	stats := &ConntrackStatEntry{
+		Entries:      *entries[0],
+		Searched:     *entries[1],
+		Found:        *entries[2],
+		New:          *entries[3],
+		Invalid:      *entries[4],
+		Ignore:       *entries[5],
+		Delete:       *entries[6],
+		DeleteList:   *entries[7],
+		Insert:       *entries[8],
+		InsertFailed: *entries[9],
+		Drop:         *entries[10],
+		EarlyDrop:    *entries[11],
 	}
-	entry.Drop = drop
 
-	earlyDrop, err := parseConntrackStatField(fields[11])
-	if err != nil {
-		return nil, err
+	// Ignore missing search_restart on Linux < 2.6.35.
+	if numEntries == 17 {
+		stats.SearchRestart = *entries[16]
 	}
-	entry.EarlyDrop = earlyDrop
 
-	searchRestart, err := parseConntrackStatField(fields[16])
-	if err != nil {
-		return nil, err
-	}
-	entry.SearchRestart = searchRestart
-
-	return entry, nil
-}
-
-// Parses a uint64 from given hex in string.
-func parseConntrackStatField(field string) (uint64, error) {
-	val, err := strconv.ParseUint(field, 16, 64)
-	if err != nil {
-		return 0, fmt.Errorf("couldn't parse %q field: %w", field, err)
-	}
-	return val, err
+	return stats, nil
 }
diff --git a/vendor/github.com/prometheus/procfs/net_softnet.go b/vendor/github.com/prometheus/procfs/net_softnet.go
index 06b7b8f21..540cea52c 100644
--- a/vendor/github.com/prometheus/procfs/net_softnet.go
+++ b/vendor/github.com/prometheus/procfs/net_softnet.go
@@ -76,6 +76,7 @@ func parseSoftnet(r io.Reader) ([]SoftnetStat, error) {
 	s := bufio.NewScanner(r)
 
 	var stats []SoftnetStat
+	cpuIndex := 0
 	for s.Scan() {
 		columns := strings.Fields(s.Text())
 		width := len(columns)
@@ -127,9 +128,13 @@ func parseSoftnet(r io.Reader) ([]SoftnetStat, error) {
 
 			softnetStat.SoftnetBacklogLen = us[0]
 			softnetStat.Index = us[1]
+		} else {
+			// For older kernels, create the Index based on the scan line number.
+			softnetStat.Index = uint32(cpuIndex)
 		}
 		softnetStat.Width = width
 		stats = append(stats, softnetStat)
+		cpuIndex++
 	}
 
 	return stats, nil
diff --git a/vendor/github.com/prometheus/procfs/net_wireless.go b/vendor/github.com/prometheus/procfs/net_wireless.go
new file mode 100644
index 000000000..c80fb1542
--- /dev/null
+++ b/vendor/github.com/prometheus/procfs/net_wireless.go
@@ -0,0 +1,182 @@
+// Copyright 2023 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package procfs
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"io"
+	"strconv"
+	"strings"
+
+	"github.com/prometheus/procfs/internal/util"
+)
+
+// Wireless models the content of /proc/net/wireless.
+type Wireless struct {
+	Name string
+
+	// Status is the current 4-digit hex value status of the interface.
+	Status uint64
+
+	// QualityLink is the link quality.
+	QualityLink int
+
+	// QualityLevel is the signal gain (dBm).
+	QualityLevel int
+
+	// QualityNoise is the signal noise baseline (dBm).
+	QualityNoise int
+
+	// DiscardedNwid is the number of discarded packets with wrong nwid/essid.
+	DiscardedNwid int
+
+	// DiscardedCrypt is the number of discarded packets with wrong code/decode (WEP).
+	DiscardedCrypt int
+
+	// DiscardedFrag is the number of discarded packets that can't perform MAC reassembly.
+	DiscardedFrag int
+
+	// DiscardedRetry is the number of discarded packets that reached max MAC retries.
+	DiscardedRetry int
+
+	// DiscardedMisc is the number of discarded packets for other reasons.
+	DiscardedMisc int
+
+	// MissedBeacon is the number of missed beacons/superframe.
+	MissedBeacon int
+}
+
+// Wireless returns kernel wireless statistics.
+func (fs FS) Wireless() ([]*Wireless, error) {
+	b, err := util.ReadFileNoStat(fs.proc.Path("net/wireless"))
+	if err != nil {
+		return nil, err
+	}
+
+	m, err := parseWireless(bytes.NewReader(b))
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse wireless: %w", err)
+	}
+
+	return m, nil
+}
+
+// parseWireless parses the contents of /proc/net/wireless.
+/*
+Inter-| sta-|   Quality        |   Discarded packets               | Missed | WE
+face | tus | link level noise |  nwid  crypt   frag  retry   misc | beacon | 22
+ eth1: 0000    5.  -256.  -10.       0      1      0     3      0        0
+ eth2: 0000    5.  -256.  -20.       0      2      0     4      0        0
+*/
+func parseWireless(r io.Reader) ([]*Wireless, error) {
+	var (
+		interfaces []*Wireless
+		scanner    = bufio.NewScanner(r)
+	)
+
+	for n := 0; scanner.Scan(); n++ {
+		// Skip the 2 header lines.
+		if n < 2 {
+			continue
+		}
+
+		line := scanner.Text()
+
+		parts := strings.Split(line, ":")
+		if len(parts) != 2 {
+			return nil, fmt.Errorf("expected 2 parts after splitting line by ':', got %d for line %q", len(parts), line)
+		}
+
+		name := strings.TrimSpace(parts[0])
+		stats := strings.Fields(parts[1])
+
+		if len(stats) < 10 {
+			return nil, fmt.Errorf("invalid number of fields in line %d, expected at least 10, got %d: %q", n, len(stats), line)
+		}
+
+		status, err := strconv.ParseUint(stats[0], 16, 16)
+		if err != nil {
+			return nil, fmt.Errorf("invalid status in line %d: %q", n, line)
+		}
+
+		qlink, err := strconv.Atoi(strings.TrimSuffix(stats[1], "."))
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse Quality:link as integer %q: %w", qlink, err)
+		}
+
+		qlevel, err := strconv.Atoi(strings.TrimSuffix(stats[2], "."))
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse Quality:level as integer %q: %w", qlevel, err)
+		}
+
+		qnoise, err := strconv.Atoi(strings.TrimSuffix(stats[3], "."))
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse Quality:noise as integer %q: %w", qnoise, err)
+		}
+
+		dnwid, err := strconv.Atoi(stats[4])
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse Discarded:nwid as integer %q: %w", dnwid, err)
+		}
+
+		dcrypt, err := strconv.Atoi(stats[5])
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse Discarded:crypt as integer %q: %w", dcrypt, err)
+		}
+
+		dfrag, err := strconv.Atoi(stats[6])
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse Discarded:frag as integer %q: %w", dfrag, err)
+		}
+
+		dretry, err := strconv.Atoi(stats[7])
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse Discarded:retry as integer %q: %w", dretry, err)
+		}
+
+		dmisc, err := strconv.Atoi(stats[8])
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse Discarded:misc as integer %q: %w", dmisc, err)
+		}
+
+		mbeacon, err := strconv.Atoi(stats[9])
+		if err != nil {
+			return nil, fmt.Errorf("failed to parse Missed:beacon as integer %q: %w", mbeacon, err)
+		}
+
+		w := &Wireless{
+			Name:           name,
+			Status:         status,
+			QualityLink:    qlink,
+			QualityLevel:   qlevel,
+			QualityNoise:   qnoise,
+			DiscardedNwid:  dnwid,
+			DiscardedCrypt: dcrypt,
+			DiscardedFrag:  dfrag,
+			DiscardedRetry: dretry,
+			DiscardedMisc:  dmisc,
+			MissedBeacon:   mbeacon,
+		}
+
+		interfaces = append(interfaces, w)
+	}
+
+	if err := scanner.Err(); err != nil {
+		return nil, fmt.Errorf("failed to scan /proc/net/wireless: %w", err)
+	}
+
+	return interfaces, nil
+}
diff --git a/vendor/github.com/prometheus/procfs/netstat.go b/vendor/github.com/prometheus/procfs/netstat.go
index 5cc40aef5..742dff453 100644
--- a/vendor/github.com/prometheus/procfs/netstat.go
+++ b/vendor/github.com/prometheus/procfs/netstat.go
@@ -15,7 +15,6 @@ package procfs
 
 import (
 	"bufio"
-	"io"
 	"os"
 	"path/filepath"
 	"strconv"
@@ -38,12 +37,7 @@ func (fs FS) NetStat() ([]NetStat, error) {
 	var netStatsTotal []NetStat
 
 	for _, filePath := range statFiles {
-		file, err := os.Open(filePath)
-		if err != nil {
-			return nil, err
-		}
-
-		procNetstat, err := parseNetstat(file)
+		procNetstat, err := parseNetstat(filePath)
 		if err != nil {
 			return nil, err
 		}
@@ -56,14 +50,17 @@ func (fs FS) NetStat() ([]NetStat, error) {
 
 // parseNetstat parses the metrics from `/proc/net/stat/` file
 // and returns a NetStat structure.
-func parseNetstat(r io.Reader) (NetStat, error) {
-	var (
-		scanner = bufio.NewScanner(r)
-		netStat = NetStat{
-			Stats: make(map[string][]uint64),
-		}
-	)
+func parseNetstat(filePath string) (NetStat, error) {
+	netStat := NetStat{
+		Stats: make(map[string][]uint64),
+	}
+	file, err := os.Open(filePath)
+	if err != nil {
+		return netStat, err
+	}
+	defer file.Close()
 
+	scanner := bufio.NewScanner(file)
 	scanner.Scan()
 
 	// First string is always a header for stats
diff --git a/vendor/github.com/prometheus/procfs/proc.go b/vendor/github.com/prometheus/procfs/proc.go
index c30223af7..48f39dafd 100644
--- a/vendor/github.com/prometheus/procfs/proc.go
+++ b/vendor/github.com/prometheus/procfs/proc.go
@@ -21,7 +21,6 @@ import (
 	"strconv"
 	"strings"
 
-	"github.com/prometheus/procfs/internal/fs"
 	"github.com/prometheus/procfs/internal/util"
 )
 
@@ -30,7 +29,7 @@ type Proc struct {
 	// The process ID.
 	PID int
 
-	fs fs.FS
+	fs FS
 }
 
 // Procs represents a list of Proc structs.
@@ -92,7 +91,7 @@ func (fs FS) Proc(pid int) (Proc, error) {
 	if _, err := os.Stat(fs.proc.Path(strconv.Itoa(pid))); err != nil {
 		return Proc{}, err
 	}
-	return Proc{PID: pid, fs: fs.proc}, nil
+	return Proc{PID: pid, fs: fs}, nil
 }
 
 // AllProcs returns a list of all currently available processes.
@@ -114,7 +113,7 @@ func (fs FS) AllProcs() (Procs, error) {
 		if err != nil {
 			continue
 		}
-		p = append(p, Proc{PID: int(pid), fs: fs.proc})
+		p = append(p, Proc{PID: int(pid), fs: fs})
 	}
 
 	return p, nil
@@ -237,6 +236,19 @@ func (p Proc) FileDescriptorTargets() ([]string, error) {
 // FileDescriptorsLen returns the number of currently open file descriptors of
 // a process.
 func (p Proc) FileDescriptorsLen() (int, error) {
+	// Use fast path if available (Linux v6.2): https://github.com/torvalds/linux/commit/f1f1f2569901
+	if p.fs.real {
+		stat, err := os.Stat(p.path("fd"))
+		if err != nil {
+			return 0, err
+		}
+
+		size := stat.Size()
+		if size > 0 {
+			return int(size), nil
+		}
+	}
+
 	fds, err := p.fileDescriptors()
 	if err != nil {
 		return 0, err
@@ -285,7 +297,7 @@ func (p Proc) fileDescriptors() ([]string, error) {
 }
 
 func (p Proc) path(pa ...string) string {
-	return p.fs.Path(append([]string{strconv.Itoa(p.PID)}, pa...)...)
+	return p.fs.proc.Path(append([]string{strconv.Itoa(p.PID)}, pa...)...)
 }
 
 // FileDescriptorsInfo retrieves information about all file descriptors of
diff --git a/vendor/github.com/prometheus/procfs/proc_stat.go b/vendor/github.com/prometheus/procfs/proc_stat.go
index b278eb2c2..14b249f4f 100644
--- a/vendor/github.com/prometheus/procfs/proc_stat.go
+++ b/vendor/github.com/prometheus/procfs/proc_stat.go
@@ -18,7 +18,6 @@ import (
 	"fmt"
 	"os"
 
-	"github.com/prometheus/procfs/internal/fs"
 	"github.com/prometheus/procfs/internal/util"
 )
 
@@ -112,7 +111,7 @@ type ProcStat struct {
 	// Aggregated block I/O delays, measured in clock ticks (centiseconds).
 	DelayAcctBlkIOTicks uint64
 
-	proc fs.FS
+	proc FS
 }
 
 // NewStat returns the current status information of the process.
@@ -210,8 +209,7 @@ func (s ProcStat) ResidentMemory() int {
 
 // StartTime returns the unix timestamp of the process in seconds.
 func (s ProcStat) StartTime() (float64, error) {
-	fs := FS{proc: s.proc}
-	stat, err := fs.Stat()
+	stat, err := s.proc.Stat()
 	if err != nil {
 		return 0, err
 	}
diff --git a/vendor/github.com/prometheus/procfs/proc_status.go b/vendor/github.com/prometheus/procfs/proc_status.go
index 3d8c06439..c055d075d 100644
--- a/vendor/github.com/prometheus/procfs/proc_status.go
+++ b/vendor/github.com/prometheus/procfs/proc_status.go
@@ -15,6 +15,7 @@ package procfs
 
 import (
 	"bytes"
+	"sort"
 	"strconv"
 	"strings"
 
@@ -76,6 +77,9 @@ type ProcStatus struct {
 	UIDs [4]string
 	// GIDs of the process (Real, effective, saved set, and filesystem GIDs)
 	GIDs [4]string
+
+	// CpusAllowedList: List of cpu cores processes are allowed to run on.
+	CpusAllowedList []uint64
 }
 
 // NewStatus returns the current status information of the process.
@@ -161,10 +165,38 @@ func (s *ProcStatus) fillStatus(k string, vString string, vUint uint64, vUintByt
 		s.VoluntaryCtxtSwitches = vUint
 	case "nonvoluntary_ctxt_switches":
 		s.NonVoluntaryCtxtSwitches = vUint
+	case "Cpus_allowed_list":
+		s.CpusAllowedList = calcCpusAllowedList(vString)
 	}
+
 }
 
 // TotalCtxtSwitches returns the total context switch.
 func (s ProcStatus) TotalCtxtSwitches() uint64 {
 	return s.VoluntaryCtxtSwitches + s.NonVoluntaryCtxtSwitches
 }
+
+func calcCpusAllowedList(cpuString string) []uint64 {
+	s := strings.Split(cpuString, ",")
+
+	var g []uint64
+
+	for _, cpu := range s {
+		// parse cpu ranges, example: 1-3=[1,2,3]
+		if l := strings.Split(strings.TrimSpace(cpu), "-"); len(l) > 1 {
+			startCPU, _ := strconv.ParseUint(l[0], 10, 64)
+			endCPU, _ := strconv.ParseUint(l[1], 10, 64)
+
+			for i := startCPU; i <= endCPU; i++ {
+				g = append(g, i)
+			}
+		} else if len(l) == 1 {
+			cpu, _ := strconv.ParseUint(l[0], 10, 64)
+			g = append(g, cpu)
+		}
+
+	}
+
+	sort.Slice(g, func(i, j int) bool { return g[i] < g[j] })
+	return g
+}
diff --git a/vendor/github.com/prometheus/procfs/thread.go b/vendor/github.com/prometheus/procfs/thread.go
index f08bfc769..490c14708 100644
--- a/vendor/github.com/prometheus/procfs/thread.go
+++ b/vendor/github.com/prometheus/procfs/thread.go
@@ -54,7 +54,8 @@ func (fs FS) AllThreads(pid int) (Procs, error) {
 		if err != nil {
 			continue
 		}
-		t = append(t, Proc{PID: int(tid), fs: fsi.FS(taskPath)})
+
+		t = append(t, Proc{PID: int(tid), fs: FS{fsi.FS(taskPath), fs.real}})
 	}
 
 	return t, nil
@@ -66,13 +67,13 @@ func (fs FS) Thread(pid, tid int) (Proc, error) {
 	if _, err := os.Stat(taskPath); err != nil {
 		return Proc{}, err
 	}
-	return Proc{PID: tid, fs: fsi.FS(taskPath)}, nil
+	return Proc{PID: tid, fs: FS{fsi.FS(taskPath), fs.real}}, nil
 }
 
 // Thread returns a process for a given TID of Proc.
 func (proc Proc) Thread(tid int) (Proc, error) {
-	tfs := fsi.FS(proc.path("task"))
-	if _, err := os.Stat(tfs.Path(strconv.Itoa(tid))); err != nil {
+	tfs := FS{fsi.FS(proc.path("task")), proc.fs.real}
+	if _, err := os.Stat(tfs.proc.Path(strconv.Itoa(tid))); err != nil {
 		return Proc{}, err
 	}
 	return Proc{PID: tid, fs: tfs}, nil
diff --git a/vendor/modules.txt b/vendor/modules.txt
index a78d53fb9..3950be771 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -86,7 +86,7 @@ github.com/pelletier/go-toml
 # github.com/pmezard/go-difflib v1.0.0
 ## explicit
 github.com/pmezard/go-difflib/difflib
-# github.com/prometheus/client_golang v1.15.1
+# github.com/prometheus/client_golang v1.16.0
 ## explicit; go 1.17
 github.com/prometheus/client_golang/prometheus
 github.com/prometheus/client_golang/prometheus/internal
@@ -100,8 +100,8 @@ github.com/prometheus/client_model/go
 github.com/prometheus/common/expfmt
 github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg
 github.com/prometheus/common/model
-# github.com/prometheus/procfs v0.9.0
-## explicit; go 1.18
+# github.com/prometheus/procfs v0.10.1
+## explicit; go 1.19
 github.com/prometheus/procfs
 github.com/prometheus/procfs/internal/fs
 github.com/prometheus/procfs/internal/util

From 6619c79a5bc0a4984f0c43b0651552e77a1c6361 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=AD=94=E7=BB=B4=E5=9B=BD?=
 
Date: Mon, 26 Jun 2023 13:35:56 +0800
Subject: [PATCH 33/73] Add DER support for gernerating and parsing CSR

---
 csr/csr.go         | 15 +++++++++++--
 csr/csr_test.go    | 53 ++++++++++++++++++++++++++++++++++++++++++++++
 helpers/helpers.go | 17 +++++++++++++++
 3 files changed, 83 insertions(+), 2 deletions(-)

diff --git a/csr/csr.go b/csr/csr.go
index c88a16c07..52039326b 100644
--- a/csr/csr.go
+++ b/csr/csr.go
@@ -408,9 +408,9 @@ func Regenerate(priv crypto.Signer, csr []byte) ([]byte, error) {
 	return x509.CreateCertificateRequest(rand.Reader, req, priv)
 }
 
-// Generate creates a new CSR from a CertificateRequest structure and
+// GenerateDER creates a new CSR(ASN1 DER encoded) from a CertificateRequest structure and
 // an existing key. The KeyRequest field is ignored.
-func Generate(priv crypto.Signer, req *CertificateRequest) (csr []byte, err error) {
+func GenerateDER(priv crypto.Signer, req *CertificateRequest) (csr []byte, err error) {
 	sigAlgo := helpers.SignerAlgo(priv)
 	if sigAlgo == x509.UnknownSignatureAlgorithm {
 		return nil, cferr.New(cferr.PrivateKeyError, cferr.Unavailable)
@@ -466,6 +466,17 @@ func Generate(priv crypto.Signer, req *CertificateRequest) (csr []byte, err erro
 		err = cferr.Wrap(cferr.CSRError, cferr.BadRequest, err)
 		return
 	}
+	return
+}
+
+// Generate creates a new CSR(PEM encoded) from a CertificateRequest structure and
+// an existing key. The KeyRequest field is ignored.
+func Generate(priv crypto.Signer, req *CertificateRequest) (csr []byte, err error) {
+
+	csr, err = GenerateDER(priv, req)
+	if err != nil {
+		return
+	}
 	block := pem.Block{
 		Type:  "CERTIFICATE REQUEST",
 		Bytes: csr,
diff --git a/csr/csr_test.go b/csr/csr_test.go
index e125ac0a0..ebe2552a9 100644
--- a/csr/csr_test.go
+++ b/csr/csr_test.go
@@ -705,6 +705,59 @@ func TestGenerate(t *testing.T) {
 	}
 }
 
+func TestGenerateASN1(t *testing.T) {
+	var req = &CertificateRequest{
+		Names: []Name{
+			{
+				C:  "US",
+				ST: "California",
+				L:  "San Francisco",
+				O:  "CloudFlare",
+				OU: "Systems Engineering",
+			},
+		},
+		CN:         "cloudflare.com",
+		Hosts:      []string{"cloudflare.com", "www.cloudflare.com", "192.168.0.1", "jdoe@example.com", "https://www.cloudflare.com"},
+		KeyRequest: &KeyRequest{"ecdsa", 256},
+	}
+
+	key, err := req.KeyRequest.Generate()
+	if err != nil {
+		t.Fatalf("%v", err)
+	}
+
+	priv, ok := key.(crypto.Signer)
+	if !ok {
+		t.Fatal("Private key is not a signer.")
+	}
+
+	csrDER, err := GenerateDER(priv, req)
+	if err != nil {
+		t.Fatalf("%v", err)
+	}
+
+	csr, err := helpers.ParseCSRDER(csrDER)
+	if err != nil {
+		t.Fatalf("%v", err)
+	}
+
+	if len(csr.DNSNames) != 2 {
+		t.Fatal("SAN parsing error")
+	}
+
+	if len(csr.IPAddresses) != 1 {
+		t.Fatal("SAN parsing error")
+	}
+
+	if len(csr.EmailAddresses) != 1 {
+		t.Fatal("SAN parsing error")
+	}
+
+	if len(csr.URIs) != 1 {
+		t.Fatal("SAN parsing error")
+	}
+}
+
 // TestReGenerate ensures Regenerate() is abel to use the provided CSR as a template for signing a new
 // CSR using priv.
 func TestReGenerate(t *testing.T) {
diff --git a/helpers/helpers.go b/helpers/helpers.go
index 3b4dfe724..e721e352c 100644
--- a/helpers/helpers.go
+++ b/helpers/helpers.go
@@ -457,6 +457,23 @@ func ParseCSRPEM(csrPEM []byte) (*x509.CertificateRequest, error) {
 	return csrObject, nil
 }
 
+// ParseCSRDER parses a PEM-encoded certificate signing request.
+// It does not check the signature. This is useful for dumping data from a CSR
+// locally.
+func ParseCSRDER(csrDER []byte) (*x509.CertificateRequest, error) {
+	csrObject, err := x509.ParseCertificateRequest(csrDER)
+	if err != nil {
+		return nil, err
+	}
+
+	err = csrObject.CheckSignature()
+	if err != nil {
+		return nil, err
+	}
+
+	return csrObject, nil
+}
+
 // SignerAlgo returns an X.509 signature algorithm from a crypto.Signer.
 func SignerAlgo(priv crypto.Signer) x509.SignatureAlgorithm {
 	switch pub := priv.Public().(type) {

From 8d25f2551562c73be1602443865d482d967f3d74 Mon Sep 17 00:00:00 2001
From: Sebastiaan van Stijn 
Date: Sun, 20 Nov 2022 12:55:47 +0100
Subject: [PATCH 34/73] certdb/sql: remove uses of
 github.com/stretchr/testify/require

This was the only location where this assertion library was used; all
other code in this repository used Go's stdlib for assertions. The
remaining uses in this package could be replaced without too much
trouble, which allowed for the dependency (including its indirect
dependencies) to be removed altogether.

Signed-off-by: Sebastiaan van Stijn 
---
 certdb/sql/sql_test.go                        |   28 +-
 go.mod                                        |    5 +-
 go.sum                                        |    1 -
 signer/local/local_test.go                    |   10 +-
 vendor/github.com/davecgh/go-spew/LICENSE     |   15 -
 .../github.com/davecgh/go-spew/spew/bypass.go |  145 -
 .../davecgh/go-spew/spew/bypasssafe.go        |   38 -
 .../github.com/davecgh/go-spew/spew/common.go |  341 --
 .../github.com/davecgh/go-spew/spew/config.go |  306 --
 vendor/github.com/davecgh/go-spew/spew/doc.go |  211 --
 .../github.com/davecgh/go-spew/spew/dump.go   |  509 ---
 .../github.com/davecgh/go-spew/spew/format.go |  419 ---
 .../github.com/davecgh/go-spew/spew/spew.go   |  148 -
 vendor/github.com/pmezard/go-difflib/LICENSE  |   27 -
 .../pmezard/go-difflib/difflib/difflib.go     |  772 -----
 vendor/github.com/stretchr/testify/LICENSE    |   21 -
 .../testify/assert/assertion_compare.go       |  458 ---
 .../assert/assertion_compare_can_convert.go   |   16 -
 .../assert/assertion_compare_legacy.go        |   16 -
 .../testify/assert/assertion_format.go        |  805 -----
 .../testify/assert/assertion_format.go.tmpl   |    5 -
 .../testify/assert/assertion_forward.go       | 1598 ---------
 .../testify/assert/assertion_forward.go.tmpl  |    5 -
 .../testify/assert/assertion_order.go         |   81 -
 .../stretchr/testify/assert/assertions.go     | 2054 -----------
 .../github.com/stretchr/testify/assert/doc.go |   46 -
 .../stretchr/testify/assert/errors.go         |   10 -
 .../testify/assert/forward_assertions.go      |   16 -
 .../testify/assert/http_assertions.go         |  162 -
 .../stretchr/testify/require/doc.go           |   29 -
 .../testify/require/forward_requirements.go   |   16 -
 .../stretchr/testify/require/require.go       | 2031 -----------
 .../stretchr/testify/require/require.go.tmpl  |    6 -
 .../testify/require/require_forward.go        | 1599 ---------
 .../testify/require/require_forward.go.tmpl   |    5 -
 .../stretchr/testify/require/requirements.go  |   29 -
 vendor/gopkg.in/yaml.v3/LICENSE               |   50 -
 vendor/gopkg.in/yaml.v3/NOTICE                |   13 -
 vendor/gopkg.in/yaml.v3/README.md             |  150 -
 vendor/gopkg.in/yaml.v3/apic.go               |  747 ----
 vendor/gopkg.in/yaml.v3/decode.go             | 1000 ------
 vendor/gopkg.in/yaml.v3/emitterc.go           | 2020 -----------
 vendor/gopkg.in/yaml.v3/encode.go             |  577 ----
 vendor/gopkg.in/yaml.v3/parserc.go            | 1258 -------
 vendor/gopkg.in/yaml.v3/readerc.go            |  434 ---
 vendor/gopkg.in/yaml.v3/resolve.go            |  326 --
 vendor/gopkg.in/yaml.v3/scannerc.go           | 3038 -----------------
 vendor/gopkg.in/yaml.v3/sorter.go             |  134 -
 vendor/gopkg.in/yaml.v3/writerc.go            |   48 -
 vendor/gopkg.in/yaml.v3/yaml.go               |  698 ----
 vendor/gopkg.in/yaml.v3/yamlh.go              |  807 -----
 vendor/gopkg.in/yaml.v3/yamlprivateh.go       |  198 --
 vendor/modules.txt                            |   11 -
 53 files changed, 27 insertions(+), 23465 deletions(-)
 delete mode 100644 vendor/github.com/davecgh/go-spew/LICENSE
 delete mode 100644 vendor/github.com/davecgh/go-spew/spew/bypass.go
 delete mode 100644 vendor/github.com/davecgh/go-spew/spew/bypasssafe.go
 delete mode 100644 vendor/github.com/davecgh/go-spew/spew/common.go
 delete mode 100644 vendor/github.com/davecgh/go-spew/spew/config.go
 delete mode 100644 vendor/github.com/davecgh/go-spew/spew/doc.go
 delete mode 100644 vendor/github.com/davecgh/go-spew/spew/dump.go
 delete mode 100644 vendor/github.com/davecgh/go-spew/spew/format.go
 delete mode 100644 vendor/github.com/davecgh/go-spew/spew/spew.go
 delete mode 100644 vendor/github.com/pmezard/go-difflib/LICENSE
 delete mode 100644 vendor/github.com/pmezard/go-difflib/difflib/difflib.go
 delete mode 100644 vendor/github.com/stretchr/testify/LICENSE
 delete mode 100644 vendor/github.com/stretchr/testify/assert/assertion_compare.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/assertion_compare_can_convert.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/assertion_compare_legacy.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/assertion_format.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl
 delete mode 100644 vendor/github.com/stretchr/testify/assert/assertion_forward.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl
 delete mode 100644 vendor/github.com/stretchr/testify/assert/assertion_order.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/assertions.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/doc.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/errors.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/forward_assertions.go
 delete mode 100644 vendor/github.com/stretchr/testify/assert/http_assertions.go
 delete mode 100644 vendor/github.com/stretchr/testify/require/doc.go
 delete mode 100644 vendor/github.com/stretchr/testify/require/forward_requirements.go
 delete mode 100644 vendor/github.com/stretchr/testify/require/require.go
 delete mode 100644 vendor/github.com/stretchr/testify/require/require.go.tmpl
 delete mode 100644 vendor/github.com/stretchr/testify/require/require_forward.go
 delete mode 100644 vendor/github.com/stretchr/testify/require/require_forward.go.tmpl
 delete mode 100644 vendor/github.com/stretchr/testify/require/requirements.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/LICENSE
 delete mode 100644 vendor/gopkg.in/yaml.v3/NOTICE
 delete mode 100644 vendor/gopkg.in/yaml.v3/README.md
 delete mode 100644 vendor/gopkg.in/yaml.v3/apic.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/decode.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/emitterc.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/encode.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/parserc.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/readerc.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/resolve.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/scannerc.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/sorter.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/writerc.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/yaml.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/yamlh.go
 delete mode 100644 vendor/gopkg.in/yaml.v3/yamlprivateh.go

diff --git a/certdb/sql/sql_test.go b/certdb/sql/sql_test.go
index b322b3d39..4a43f9059 100644
--- a/certdb/sql/sql_test.go
+++ b/certdb/sql/sql_test.go
@@ -2,6 +2,7 @@ package sql
 
 import (
 	"math"
+	"reflect"
 	"testing"
 	"time"
 
@@ -9,7 +10,6 @@ import (
 	"github.com/cloudflare/cfssl/certdb/testdb"
 
 	"github.com/jmoiron/sqlx"
-	"github.com/stretchr/testify/require"
 )
 
 const (
@@ -95,8 +95,13 @@ func testInsertCertificateAndGetCertificate(ta TestAccessor, t *testing.T) {
 		t.Errorf("want Certificate %+v, got %+v", want, got)
 	}
 	gotMeta, err := got.GetMetadata()
-	require.NoError(t, err)
-	require.Equal(t, map[string]interface{}{"k": "v"}, gotMeta)
+	if err != nil {
+		t.Fatal(err)
+	}
+	expected := map[string]interface{}{"k": "v"}
+	if !reflect.DeepEqual(gotMeta, expected) {
+		t.Fatalf("expected: %+v, got: %+v", expected, gotMeta)
+	}
 
 	unexpired, err := ta.Accessor.GetUnexpiredCertificates()
 
@@ -156,12 +161,19 @@ func testInsertCertificateAndGetUnexpiredCertificate(ta TestAccessor, t *testing
 	}
 
 	unexpiredFiltered, err := ta.Accessor.GetUnexpiredCertificatesByLabel([]string{"foo"})
-	require.NoError(t, err)
-	require.Len(t, unexpiredFiltered, 1)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if l := len(unexpiredFiltered); l != 1 {
+		t.Error("Should have 1 unexpiredFiltered certificate record:", l)
+	}
 	unexpiredFiltered, err = ta.Accessor.GetUnexpiredCertificatesByLabel([]string{"bar"})
-	require.NoError(t, err)
-	require.Len(t, unexpiredFiltered, 0)
-
+	if err != nil {
+		t.Fatal(err)
+	}
+	if l := len(unexpiredFiltered); l != 0 {
+		t.Error("Should have 0 unexpiredFiltered certificate record:", l)
+	}
 }
 func testInsertCertificateAndGetUnexpiredCertificateNullCommonName(ta TestAccessor, t *testing.T) {
 	ta.Truncate()
diff --git a/go.mod b/go.mod
index c04307f5f..b9ae781cd 100644
--- a/go.mod
+++ b/go.mod
@@ -14,7 +14,6 @@ require (
 	github.com/lib/pq v1.10.9
 	github.com/mattn/go-sqlite3 v1.14.17
 	github.com/prometheus/client_golang v1.16.0
-	github.com/stretchr/testify v1.8.4
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
 	golang.org/x/crypto v0.10.0
@@ -23,24 +22,22 @@ require (
 require (
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/getsentry/sentry-go v0.11.0 // indirect
 	github.com/go-logr/logr v1.2.3 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/kylelemons/go-gypsy v1.0.0 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
 	github.com/pelletier/go-toml v1.9.3 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/prometheus/client_model v0.4.0 // indirect
 	github.com/prometheus/common v0.42.0 // indirect
 	github.com/prometheus/procfs v0.10.1 // indirect
 	github.com/rogpeppe/go-internal v1.10.0 // indirect
+	github.com/stretchr/testify v1.8.4 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.10.0 // indirect
 	golang.org/x/sys v0.9.0 // indirect
 	golang.org/x/text v0.10.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
-	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
 )
diff --git a/go.sum b/go.sum
index 271fd9524..2c7c784bb 100644
--- a/go.sum
+++ b/go.sum
@@ -702,7 +702,6 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20191120175047-4206685974f2/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
-gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
diff --git a/signer/local/local_test.go b/signer/local/local_test.go
index 51cdcf54f..1cb36fba1 100644
--- a/signer/local/local_test.go
+++ b/signer/local/local_test.go
@@ -31,8 +31,6 @@ import (
 	"github.com/cloudflare/cfssl/helpers"
 	"github.com/cloudflare/cfssl/log"
 	"github.com/cloudflare/cfssl/signer"
-	"github.com/stretchr/testify/require"
-
 	ct "github.com/google/certificate-transparency-go"
 	"github.com/zmap/zlint/v3/lint"
 )
@@ -1622,13 +1620,17 @@ func TestLint(t *testing.T) {
 			} else if err != nil && tc.expectedErr != nil {
 				actual := err.Error()
 				expected := tc.expectedErr.Error()
-				require.Equal(t, expected, actual)
+				if expected != actual {
+					t.Fatalf("expected: %v, got: %v", expected, actual)
+				}
 				if len(tc.expectedErrResults) > 0 {
 					le, ok := err.(*LintError)
 					if !ok {
 						t.Fatalf("expected LintError type err, got %v", err)
 					}
-					require.EqualValues(t, tc.expectedErrResults, le.ErrorResults)
+					if !reflect.DeepEqual(tc.expectedErrResults, le.ErrorResults) {
+						t.Fatalf("expected: %v, got: %v", tc.expectedErrResults, le.ErrorResults)
+					}
 				}
 			}
 		})
diff --git a/vendor/github.com/davecgh/go-spew/LICENSE b/vendor/github.com/davecgh/go-spew/LICENSE
deleted file mode 100644
index bc52e96f2..000000000
--- a/vendor/github.com/davecgh/go-spew/LICENSE
+++ /dev/null
@@ -1,15 +0,0 @@
-ISC License
-
-Copyright (c) 2012-2016 Dave Collins 
-
-Permission to use, copy, modify, and/or distribute this software for any
-purpose with or without fee is hereby granted, provided that the above
-copyright notice and this permission notice appear in all copies.
-
-THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
diff --git a/vendor/github.com/davecgh/go-spew/spew/bypass.go b/vendor/github.com/davecgh/go-spew/spew/bypass.go
deleted file mode 100644
index 792994785..000000000
--- a/vendor/github.com/davecgh/go-spew/spew/bypass.go
+++ /dev/null
@@ -1,145 +0,0 @@
-// Copyright (c) 2015-2016 Dave Collins 
-//
-// Permission to use, copy, modify, and distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-// NOTE: Due to the following build constraints, this file will only be compiled
-// when the code is not running on Google App Engine, compiled by GopherJS, and
-// "-tags safe" is not added to the go build command line.  The "disableunsafe"
-// tag is deprecated and thus should not be used.
-// Go versions prior to 1.4 are disabled because they use a different layout
-// for interfaces which make the implementation of unsafeReflectValue more complex.
-// +build !js,!appengine,!safe,!disableunsafe,go1.4
-
-package spew
-
-import (
-	"reflect"
-	"unsafe"
-)
-
-const (
-	// UnsafeDisabled is a build-time constant which specifies whether or
-	// not access to the unsafe package is available.
-	UnsafeDisabled = false
-
-	// ptrSize is the size of a pointer on the current arch.
-	ptrSize = unsafe.Sizeof((*byte)(nil))
-)
-
-type flag uintptr
-
-var (
-	// flagRO indicates whether the value field of a reflect.Value
-	// is read-only.
-	flagRO flag
-
-	// flagAddr indicates whether the address of the reflect.Value's
-	// value may be taken.
-	flagAddr flag
-)
-
-// flagKindMask holds the bits that make up the kind
-// part of the flags field. In all the supported versions,
-// it is in the lower 5 bits.
-const flagKindMask = flag(0x1f)
-
-// Different versions of Go have used different
-// bit layouts for the flags type. This table
-// records the known combinations.
-var okFlags = []struct {
-	ro, addr flag
-}{{
-	// From Go 1.4 to 1.5
-	ro:   1 << 5,
-	addr: 1 << 7,
-}, {
-	// Up to Go tip.
-	ro:   1<<5 | 1<<6,
-	addr: 1 << 8,
-}}
-
-var flagValOffset = func() uintptr {
-	field, ok := reflect.TypeOf(reflect.Value{}).FieldByName("flag")
-	if !ok {
-		panic("reflect.Value has no flag field")
-	}
-	return field.Offset
-}()
-
-// flagField returns a pointer to the flag field of a reflect.Value.
-func flagField(v *reflect.Value) *flag {
-	return (*flag)(unsafe.Pointer(uintptr(unsafe.Pointer(v)) + flagValOffset))
-}
-
-// unsafeReflectValue converts the passed reflect.Value into a one that bypasses
-// the typical safety restrictions preventing access to unaddressable and
-// unexported data.  It works by digging the raw pointer to the underlying
-// value out of the protected value and generating a new unprotected (unsafe)
-// reflect.Value to it.
-//
-// This allows us to check for implementations of the Stringer and error
-// interfaces to be used for pretty printing ordinarily unaddressable and
-// inaccessible values such as unexported struct fields.
-func unsafeReflectValue(v reflect.Value) reflect.Value {
-	if !v.IsValid() || (v.CanInterface() && v.CanAddr()) {
-		return v
-	}
-	flagFieldPtr := flagField(&v)
-	*flagFieldPtr &^= flagRO
-	*flagFieldPtr |= flagAddr
-	return v
-}
-
-// Sanity checks against future reflect package changes
-// to the type or semantics of the Value.flag field.
-func init() {
-	field, ok := reflect.TypeOf(reflect.Value{}).FieldByName("flag")
-	if !ok {
-		panic("reflect.Value has no flag field")
-	}
-	if field.Type.Kind() != reflect.TypeOf(flag(0)).Kind() {
-		panic("reflect.Value flag field has changed kind")
-	}
-	type t0 int
-	var t struct {
-		A t0
-		// t0 will have flagEmbedRO set.
-		t0
-		// a will have flagStickyRO set
-		a t0
-	}
-	vA := reflect.ValueOf(t).FieldByName("A")
-	va := reflect.ValueOf(t).FieldByName("a")
-	vt0 := reflect.ValueOf(t).FieldByName("t0")
-
-	// Infer flagRO from the difference between the flags
-	// for the (otherwise identical) fields in t.
-	flagPublic := *flagField(&vA)
-	flagWithRO := *flagField(&va) | *flagField(&vt0)
-	flagRO = flagPublic ^ flagWithRO
-
-	// Infer flagAddr from the difference between a value
-	// taken from a pointer and not.
-	vPtrA := reflect.ValueOf(&t).Elem().FieldByName("A")
-	flagNoPtr := *flagField(&vA)
-	flagPtr := *flagField(&vPtrA)
-	flagAddr = flagNoPtr ^ flagPtr
-
-	// Check that the inferred flags tally with one of the known versions.
-	for _, f := range okFlags {
-		if flagRO == f.ro && flagAddr == f.addr {
-			return
-		}
-	}
-	panic("reflect.Value read-only flag has changed semantics")
-}
diff --git a/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go b/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go
deleted file mode 100644
index 205c28d68..000000000
--- a/vendor/github.com/davecgh/go-spew/spew/bypasssafe.go
+++ /dev/null
@@ -1,38 +0,0 @@
-// Copyright (c) 2015-2016 Dave Collins 
-//
-// Permission to use, copy, modify, and distribute this software for any
-// purpose with or without fee is hereby granted, provided that the above
-// copyright notice and this permission notice appear in all copies.
-//
-// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
-// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
-// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
-// ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
-// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
-// ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
-// OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
-
-// NOTE: Due to the following build constraints, this file will only be compiled
-// when the code is running on Google App Engine, compiled by GopherJS, or
-// "-tags safe" is added to the go build command line.  The "disableunsafe"
-// tag is deprecated and thus should not be used.
-// +build js appengine safe disableunsafe !go1.4
-
-package spew
-
-import "reflect"
-
-const (
-	// UnsafeDisabled is a build-time constant which specifies whether or
-	// not access to the unsafe package is available.
-	UnsafeDisabled = true
-)
-
-// unsafeReflectValue typically converts the passed reflect.Value into a one
-// that bypasses the typical safety restrictions preventing access to
-// unaddressable and unexported data.  However, doing this relies on access to
-// the unsafe package.  This is a stub version which simply returns the passed
-// reflect.Value when the unsafe package is not available.
-func unsafeReflectValue(v reflect.Value) reflect.Value {
-	return v
-}
diff --git a/vendor/github.com/davecgh/go-spew/spew/common.go b/vendor/github.com/davecgh/go-spew/spew/common.go
deleted file mode 100644
index 1be8ce945..000000000
--- a/vendor/github.com/davecgh/go-spew/spew/common.go
+++ /dev/null
@@ -1,341 +0,0 @@
-/*
- * Copyright (c) 2013-2016 Dave Collins 
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-package spew
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-	"reflect"
-	"sort"
-	"strconv"
-)
-
-// Some constants in the form of bytes to avoid string overhead.  This mirrors
-// the technique used in the fmt package.
-var (
-	panicBytes            = []byte("(PANIC=")
-	plusBytes             = []byte("+")
-	iBytes                = []byte("i")
-	trueBytes             = []byte("true")
-	falseBytes            = []byte("false")
-	interfaceBytes        = []byte("(interface {})")
-	commaNewlineBytes     = []byte(",\n")
-	newlineBytes          = []byte("\n")
-	openBraceBytes        = []byte("{")
-	openBraceNewlineBytes = []byte("{\n")
-	closeBraceBytes       = []byte("}")
-	asteriskBytes         = []byte("*")
-	colonBytes            = []byte(":")
-	colonSpaceBytes       = []byte(": ")
-	openParenBytes        = []byte("(")
-	closeParenBytes       = []byte(")")
-	spaceBytes            = []byte(" ")
-	pointerChainBytes     = []byte("->")
-	nilAngleBytes         = []byte("")
-	maxNewlineBytes       = []byte("\n")
-	maxShortBytes         = []byte("")
-	circularBytes         = []byte("")
-	circularShortBytes    = []byte("")
-	invalidAngleBytes     = []byte("")
-	openBracketBytes      = []byte("[")
-	closeBracketBytes     = []byte("]")
-	percentBytes          = []byte("%")
-	precisionBytes        = []byte(".")
-	openAngleBytes        = []byte("<")
-	closeAngleBytes       = []byte(">")
-	openMapBytes          = []byte("map[")
-	closeMapBytes         = []byte("]")
-	lenEqualsBytes        = []byte("len=")
-	capEqualsBytes        = []byte("cap=")
-)
-
-// hexDigits is used to map a decimal value to a hex digit.
-var hexDigits = "0123456789abcdef"
-
-// catchPanic handles any panics that might occur during the handleMethods
-// calls.
-func catchPanic(w io.Writer, v reflect.Value) {
-	if err := recover(); err != nil {
-		w.Write(panicBytes)
-		fmt.Fprintf(w, "%v", err)
-		w.Write(closeParenBytes)
-	}
-}
-
-// handleMethods attempts to call the Error and String methods on the underlying
-// type the passed reflect.Value represents and outputes the result to Writer w.
-//
-// It handles panics in any called methods by catching and displaying the error
-// as the formatted value.
-func handleMethods(cs *ConfigState, w io.Writer, v reflect.Value) (handled bool) {
-	// We need an interface to check if the type implements the error or
-	// Stringer interface.  However, the reflect package won't give us an
-	// interface on certain things like unexported struct fields in order
-	// to enforce visibility rules.  We use unsafe, when it's available,
-	// to bypass these restrictions since this package does not mutate the
-	// values.
-	if !v.CanInterface() {
-		if UnsafeDisabled {
-			return false
-		}
-
-		v = unsafeReflectValue(v)
-	}
-
-	// Choose whether or not to do error and Stringer interface lookups against
-	// the base type or a pointer to the base type depending on settings.
-	// Technically calling one of these methods with a pointer receiver can
-	// mutate the value, however, types which choose to satisify an error or
-	// Stringer interface with a pointer receiver should not be mutating their
-	// state inside these interface methods.
-	if !cs.DisablePointerMethods && !UnsafeDisabled && !v.CanAddr() {
-		v = unsafeReflectValue(v)
-	}
-	if v.CanAddr() {
-		v = v.Addr()
-	}
-
-	// Is it an error or Stringer?
-	switch iface := v.Interface().(type) {
-	case error:
-		defer catchPanic(w, v)
-		if cs.ContinueOnMethod {
-			w.Write(openParenBytes)
-			w.Write([]byte(iface.Error()))
-			w.Write(closeParenBytes)
-			w.Write(spaceBytes)
-			return false
-		}
-
-		w.Write([]byte(iface.Error()))
-		return true
-
-	case fmt.Stringer:
-		defer catchPanic(w, v)
-		if cs.ContinueOnMethod {
-			w.Write(openParenBytes)
-			w.Write([]byte(iface.String()))
-			w.Write(closeParenBytes)
-			w.Write(spaceBytes)
-			return false
-		}
-		w.Write([]byte(iface.String()))
-		return true
-	}
-	return false
-}
-
-// printBool outputs a boolean value as true or false to Writer w.
-func printBool(w io.Writer, val bool) {
-	if val {
-		w.Write(trueBytes)
-	} else {
-		w.Write(falseBytes)
-	}
-}
-
-// printInt outputs a signed integer value to Writer w.
-func printInt(w io.Writer, val int64, base int) {
-	w.Write([]byte(strconv.FormatInt(val, base)))
-}
-
-// printUint outputs an unsigned integer value to Writer w.
-func printUint(w io.Writer, val uint64, base int) {
-	w.Write([]byte(strconv.FormatUint(val, base)))
-}
-
-// printFloat outputs a floating point value using the specified precision,
-// which is expected to be 32 or 64bit, to Writer w.
-func printFloat(w io.Writer, val float64, precision int) {
-	w.Write([]byte(strconv.FormatFloat(val, 'g', -1, precision)))
-}
-
-// printComplex outputs a complex value using the specified float precision
-// for the real and imaginary parts to Writer w.
-func printComplex(w io.Writer, c complex128, floatPrecision int) {
-	r := real(c)
-	w.Write(openParenBytes)
-	w.Write([]byte(strconv.FormatFloat(r, 'g', -1, floatPrecision)))
-	i := imag(c)
-	if i >= 0 {
-		w.Write(plusBytes)
-	}
-	w.Write([]byte(strconv.FormatFloat(i, 'g', -1, floatPrecision)))
-	w.Write(iBytes)
-	w.Write(closeParenBytes)
-}
-
-// printHexPtr outputs a uintptr formatted as hexadecimal with a leading '0x'
-// prefix to Writer w.
-func printHexPtr(w io.Writer, p uintptr) {
-	// Null pointer.
-	num := uint64(p)
-	if num == 0 {
-		w.Write(nilAngleBytes)
-		return
-	}
-
-	// Max uint64 is 16 bytes in hex + 2 bytes for '0x' prefix
-	buf := make([]byte, 18)
-
-	// It's simpler to construct the hex string right to left.
-	base := uint64(16)
-	i := len(buf) - 1
-	for num >= base {
-		buf[i] = hexDigits[num%base]
-		num /= base
-		i--
-	}
-	buf[i] = hexDigits[num]
-
-	// Add '0x' prefix.
-	i--
-	buf[i] = 'x'
-	i--
-	buf[i] = '0'
-
-	// Strip unused leading bytes.
-	buf = buf[i:]
-	w.Write(buf)
-}
-
-// valuesSorter implements sort.Interface to allow a slice of reflect.Value
-// elements to be sorted.
-type valuesSorter struct {
-	values  []reflect.Value
-	strings []string // either nil or same len and values
-	cs      *ConfigState
-}
-
-// newValuesSorter initializes a valuesSorter instance, which holds a set of
-// surrogate keys on which the data should be sorted.  It uses flags in
-// ConfigState to decide if and how to populate those surrogate keys.
-func newValuesSorter(values []reflect.Value, cs *ConfigState) sort.Interface {
-	vs := &valuesSorter{values: values, cs: cs}
-	if canSortSimply(vs.values[0].Kind()) {
-		return vs
-	}
-	if !cs.DisableMethods {
-		vs.strings = make([]string, len(values))
-		for i := range vs.values {
-			b := bytes.Buffer{}
-			if !handleMethods(cs, &b, vs.values[i]) {
-				vs.strings = nil
-				break
-			}
-			vs.strings[i] = b.String()
-		}
-	}
-	if vs.strings == nil && cs.SpewKeys {
-		vs.strings = make([]string, len(values))
-		for i := range vs.values {
-			vs.strings[i] = Sprintf("%#v", vs.values[i].Interface())
-		}
-	}
-	return vs
-}
-
-// canSortSimply tests whether a reflect.Kind is a primitive that can be sorted
-// directly, or whether it should be considered for sorting by surrogate keys
-// (if the ConfigState allows it).
-func canSortSimply(kind reflect.Kind) bool {
-	// This switch parallels valueSortLess, except for the default case.
-	switch kind {
-	case reflect.Bool:
-		return true
-	case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
-		return true
-	case reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint:
-		return true
-	case reflect.Float32, reflect.Float64:
-		return true
-	case reflect.String:
-		return true
-	case reflect.Uintptr:
-		return true
-	case reflect.Array:
-		return true
-	}
-	return false
-}
-
-// Len returns the number of values in the slice.  It is part of the
-// sort.Interface implementation.
-func (s *valuesSorter) Len() int {
-	return len(s.values)
-}
-
-// Swap swaps the values at the passed indices.  It is part of the
-// sort.Interface implementation.
-func (s *valuesSorter) Swap(i, j int) {
-	s.values[i], s.values[j] = s.values[j], s.values[i]
-	if s.strings != nil {
-		s.strings[i], s.strings[j] = s.strings[j], s.strings[i]
-	}
-}
-
-// valueSortLess returns whether the first value should sort before the second
-// value.  It is used by valueSorter.Less as part of the sort.Interface
-// implementation.
-func valueSortLess(a, b reflect.Value) bool {
-	switch a.Kind() {
-	case reflect.Bool:
-		return !a.Bool() && b.Bool()
-	case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
-		return a.Int() < b.Int()
-	case reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint:
-		return a.Uint() < b.Uint()
-	case reflect.Float32, reflect.Float64:
-		return a.Float() < b.Float()
-	case reflect.String:
-		return a.String() < b.String()
-	case reflect.Uintptr:
-		return a.Uint() < b.Uint()
-	case reflect.Array:
-		// Compare the contents of both arrays.
-		l := a.Len()
-		for i := 0; i < l; i++ {
-			av := a.Index(i)
-			bv := b.Index(i)
-			if av.Interface() == bv.Interface() {
-				continue
-			}
-			return valueSortLess(av, bv)
-		}
-	}
-	return a.String() < b.String()
-}
-
-// Less returns whether the value at index i should sort before the
-// value at index j.  It is part of the sort.Interface implementation.
-func (s *valuesSorter) Less(i, j int) bool {
-	if s.strings == nil {
-		return valueSortLess(s.values[i], s.values[j])
-	}
-	return s.strings[i] < s.strings[j]
-}
-
-// sortValues is a sort function that handles both native types and any type that
-// can be converted to error or Stringer.  Other inputs are sorted according to
-// their Value.String() value to ensure display stability.
-func sortValues(values []reflect.Value, cs *ConfigState) {
-	if len(values) == 0 {
-		return
-	}
-	sort.Sort(newValuesSorter(values, cs))
-}
diff --git a/vendor/github.com/davecgh/go-spew/spew/config.go b/vendor/github.com/davecgh/go-spew/spew/config.go
deleted file mode 100644
index 2e3d22f31..000000000
--- a/vendor/github.com/davecgh/go-spew/spew/config.go
+++ /dev/null
@@ -1,306 +0,0 @@
-/*
- * Copyright (c) 2013-2016 Dave Collins 
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-package spew
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-	"os"
-)
-
-// ConfigState houses the configuration options used by spew to format and
-// display values.  There is a global instance, Config, that is used to control
-// all top-level Formatter and Dump functionality.  Each ConfigState instance
-// provides methods equivalent to the top-level functions.
-//
-// The zero value for ConfigState provides no indentation.  You would typically
-// want to set it to a space or a tab.
-//
-// Alternatively, you can use NewDefaultConfig to get a ConfigState instance
-// with default settings.  See the documentation of NewDefaultConfig for default
-// values.
-type ConfigState struct {
-	// Indent specifies the string to use for each indentation level.  The
-	// global config instance that all top-level functions use set this to a
-	// single space by default.  If you would like more indentation, you might
-	// set this to a tab with "\t" or perhaps two spaces with "  ".
-	Indent string
-
-	// MaxDepth controls the maximum number of levels to descend into nested
-	// data structures.  The default, 0, means there is no limit.
-	//
-	// NOTE: Circular data structures are properly detected, so it is not
-	// necessary to set this value unless you specifically want to limit deeply
-	// nested data structures.
-	MaxDepth int
-
-	// DisableMethods specifies whether or not error and Stringer interfaces are
-	// invoked for types that implement them.
-	DisableMethods bool
-
-	// DisablePointerMethods specifies whether or not to check for and invoke
-	// error and Stringer interfaces on types which only accept a pointer
-	// receiver when the current type is not a pointer.
-	//
-	// NOTE: This might be an unsafe action since calling one of these methods
-	// with a pointer receiver could technically mutate the value, however,
-	// in practice, types which choose to satisify an error or Stringer
-	// interface with a pointer receiver should not be mutating their state
-	// inside these interface methods.  As a result, this option relies on
-	// access to the unsafe package, so it will not have any effect when
-	// running in environments without access to the unsafe package such as
-	// Google App Engine or with the "safe" build tag specified.
-	DisablePointerMethods bool
-
-	// DisablePointerAddresses specifies whether to disable the printing of
-	// pointer addresses. This is useful when diffing data structures in tests.
-	DisablePointerAddresses bool
-
-	// DisableCapacities specifies whether to disable the printing of capacities
-	// for arrays, slices, maps and channels. This is useful when diffing
-	// data structures in tests.
-	DisableCapacities bool
-
-	// ContinueOnMethod specifies whether or not recursion should continue once
-	// a custom error or Stringer interface is invoked.  The default, false,
-	// means it will print the results of invoking the custom error or Stringer
-	// interface and return immediately instead of continuing to recurse into
-	// the internals of the data type.
-	//
-	// NOTE: This flag does not have any effect if method invocation is disabled
-	// via the DisableMethods or DisablePointerMethods options.
-	ContinueOnMethod bool
-
-	// SortKeys specifies map keys should be sorted before being printed. Use
-	// this to have a more deterministic, diffable output.  Note that only
-	// native types (bool, int, uint, floats, uintptr and string) and types
-	// that support the error or Stringer interfaces (if methods are
-	// enabled) are supported, with other types sorted according to the
-	// reflect.Value.String() output which guarantees display stability.
-	SortKeys bool
-
-	// SpewKeys specifies that, as a last resort attempt, map keys should
-	// be spewed to strings and sorted by those strings.  This is only
-	// considered if SortKeys is true.
-	SpewKeys bool
-}
-
-// Config is the active configuration of the top-level functions.
-// The configuration can be changed by modifying the contents of spew.Config.
-var Config = ConfigState{Indent: " "}
-
-// Errorf is a wrapper for fmt.Errorf that treats each argument as if it were
-// passed with a Formatter interface returned by c.NewFormatter.  It returns
-// the formatted string as a value that satisfies error.  See NewFormatter
-// for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Errorf(format, c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Errorf(format string, a ...interface{}) (err error) {
-	return fmt.Errorf(format, c.convertArgs(a)...)
-}
-
-// Fprint is a wrapper for fmt.Fprint that treats each argument as if it were
-// passed with a Formatter interface returned by c.NewFormatter.  It returns
-// the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Fprint(w, c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Fprint(w io.Writer, a ...interface{}) (n int, err error) {
-	return fmt.Fprint(w, c.convertArgs(a)...)
-}
-
-// Fprintf is a wrapper for fmt.Fprintf that treats each argument as if it were
-// passed with a Formatter interface returned by c.NewFormatter.  It returns
-// the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Fprintf(w, format, c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Fprintf(w io.Writer, format string, a ...interface{}) (n int, err error) {
-	return fmt.Fprintf(w, format, c.convertArgs(a)...)
-}
-
-// Fprintln is a wrapper for fmt.Fprintln that treats each argument as if it
-// passed with a Formatter interface returned by c.NewFormatter.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Fprintln(w, c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Fprintln(w io.Writer, a ...interface{}) (n int, err error) {
-	return fmt.Fprintln(w, c.convertArgs(a)...)
-}
-
-// Print is a wrapper for fmt.Print that treats each argument as if it were
-// passed with a Formatter interface returned by c.NewFormatter.  It returns
-// the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Print(c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Print(a ...interface{}) (n int, err error) {
-	return fmt.Print(c.convertArgs(a)...)
-}
-
-// Printf is a wrapper for fmt.Printf that treats each argument as if it were
-// passed with a Formatter interface returned by c.NewFormatter.  It returns
-// the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Printf(format, c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Printf(format string, a ...interface{}) (n int, err error) {
-	return fmt.Printf(format, c.convertArgs(a)...)
-}
-
-// Println is a wrapper for fmt.Println that treats each argument as if it were
-// passed with a Formatter interface returned by c.NewFormatter.  It returns
-// the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Println(c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Println(a ...interface{}) (n int, err error) {
-	return fmt.Println(c.convertArgs(a)...)
-}
-
-// Sprint is a wrapper for fmt.Sprint that treats each argument as if it were
-// passed with a Formatter interface returned by c.NewFormatter.  It returns
-// the resulting string.  See NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Sprint(c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Sprint(a ...interface{}) string {
-	return fmt.Sprint(c.convertArgs(a)...)
-}
-
-// Sprintf is a wrapper for fmt.Sprintf that treats each argument as if it were
-// passed with a Formatter interface returned by c.NewFormatter.  It returns
-// the resulting string.  See NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Sprintf(format, c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Sprintf(format string, a ...interface{}) string {
-	return fmt.Sprintf(format, c.convertArgs(a)...)
-}
-
-// Sprintln is a wrapper for fmt.Sprintln that treats each argument as if it
-// were passed with a Formatter interface returned by c.NewFormatter.  It
-// returns the resulting string.  See NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Sprintln(c.NewFormatter(a), c.NewFormatter(b))
-func (c *ConfigState) Sprintln(a ...interface{}) string {
-	return fmt.Sprintln(c.convertArgs(a)...)
-}
-
-/*
-NewFormatter returns a custom formatter that satisfies the fmt.Formatter
-interface.  As a result, it integrates cleanly with standard fmt package
-printing functions.  The formatter is useful for inline printing of smaller data
-types similar to the standard %v format specifier.
-
-The custom formatter only responds to the %v (most compact), %+v (adds pointer
-addresses), %#v (adds types), and %#+v (adds types and pointer addresses) verb
-combinations.  Any other verbs such as %x and %q will be sent to the the
-standard fmt package for formatting.  In addition, the custom formatter ignores
-the width and precision arguments (however they will still work on the format
-specifiers not handled by the custom formatter).
-
-Typically this function shouldn't be called directly.  It is much easier to make
-use of the custom formatter by calling one of the convenience functions such as
-c.Printf, c.Println, or c.Printf.
-*/
-func (c *ConfigState) NewFormatter(v interface{}) fmt.Formatter {
-	return newFormatter(c, v)
-}
-
-// Fdump formats and displays the passed arguments to io.Writer w.  It formats
-// exactly the same as Dump.
-func (c *ConfigState) Fdump(w io.Writer, a ...interface{}) {
-	fdump(c, w, a...)
-}
-
-/*
-Dump displays the passed parameters to standard out with newlines, customizable
-indentation, and additional debug information such as complete types and all
-pointer addresses used to indirect to the final value.  It provides the
-following features over the built-in printing facilities provided by the fmt
-package:
-
-	* Pointers are dereferenced and followed
-	* Circular data structures are detected and handled properly
-	* Custom Stringer/error interfaces are optionally invoked, including
-	  on unexported types
-	* Custom types which only implement the Stringer/error interfaces via
-	  a pointer receiver are optionally invoked when passing non-pointer
-	  variables
-	* Byte arrays and slices are dumped like the hexdump -C command which
-	  includes offsets, byte values in hex, and ASCII output
-
-The configuration options are controlled by modifying the public members
-of c.  See ConfigState for options documentation.
-
-See Fdump if you would prefer dumping to an arbitrary io.Writer or Sdump to
-get the formatted result as a string.
-*/
-func (c *ConfigState) Dump(a ...interface{}) {
-	fdump(c, os.Stdout, a...)
-}
-
-// Sdump returns a string with the passed arguments formatted exactly the same
-// as Dump.
-func (c *ConfigState) Sdump(a ...interface{}) string {
-	var buf bytes.Buffer
-	fdump(c, &buf, a...)
-	return buf.String()
-}
-
-// convertArgs accepts a slice of arguments and returns a slice of the same
-// length with each argument converted to a spew Formatter interface using
-// the ConfigState associated with s.
-func (c *ConfigState) convertArgs(args []interface{}) (formatters []interface{}) {
-	formatters = make([]interface{}, len(args))
-	for index, arg := range args {
-		formatters[index] = newFormatter(c, arg)
-	}
-	return formatters
-}
-
-// NewDefaultConfig returns a ConfigState with the following default settings.
-//
-// 	Indent: " "
-// 	MaxDepth: 0
-// 	DisableMethods: false
-// 	DisablePointerMethods: false
-// 	ContinueOnMethod: false
-// 	SortKeys: false
-func NewDefaultConfig() *ConfigState {
-	return &ConfigState{Indent: " "}
-}
diff --git a/vendor/github.com/davecgh/go-spew/spew/doc.go b/vendor/github.com/davecgh/go-spew/spew/doc.go
deleted file mode 100644
index aacaac6f1..000000000
--- a/vendor/github.com/davecgh/go-spew/spew/doc.go
+++ /dev/null
@@ -1,211 +0,0 @@
-/*
- * Copyright (c) 2013-2016 Dave Collins 
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-/*
-Package spew implements a deep pretty printer for Go data structures to aid in
-debugging.
-
-A quick overview of the additional features spew provides over the built-in
-printing facilities for Go data types are as follows:
-
-	* Pointers are dereferenced and followed
-	* Circular data structures are detected and handled properly
-	* Custom Stringer/error interfaces are optionally invoked, including
-	  on unexported types
-	* Custom types which only implement the Stringer/error interfaces via
-	  a pointer receiver are optionally invoked when passing non-pointer
-	  variables
-	* Byte arrays and slices are dumped like the hexdump -C command which
-	  includes offsets, byte values in hex, and ASCII output (only when using
-	  Dump style)
-
-There are two different approaches spew allows for dumping Go data structures:
-
-	* Dump style which prints with newlines, customizable indentation,
-	  and additional debug information such as types and all pointer addresses
-	  used to indirect to the final value
-	* A custom Formatter interface that integrates cleanly with the standard fmt
-	  package and replaces %v, %+v, %#v, and %#+v to provide inline printing
-	  similar to the default %v while providing the additional functionality
-	  outlined above and passing unsupported format verbs such as %x and %q
-	  along to fmt
-
-Quick Start
-
-This section demonstrates how to quickly get started with spew.  See the
-sections below for further details on formatting and configuration options.
-
-To dump a variable with full newlines, indentation, type, and pointer
-information use Dump, Fdump, or Sdump:
-	spew.Dump(myVar1, myVar2, ...)
-	spew.Fdump(someWriter, myVar1, myVar2, ...)
-	str := spew.Sdump(myVar1, myVar2, ...)
-
-Alternatively, if you would prefer to use format strings with a compacted inline
-printing style, use the convenience wrappers Printf, Fprintf, etc with
-%v (most compact), %+v (adds pointer addresses), %#v (adds types), or
-%#+v (adds types and pointer addresses):
-	spew.Printf("myVar1: %v -- myVar2: %+v", myVar1, myVar2)
-	spew.Printf("myVar3: %#v -- myVar4: %#+v", myVar3, myVar4)
-	spew.Fprintf(someWriter, "myVar1: %v -- myVar2: %+v", myVar1, myVar2)
-	spew.Fprintf(someWriter, "myVar3: %#v -- myVar4: %#+v", myVar3, myVar4)
-
-Configuration Options
-
-Configuration of spew is handled by fields in the ConfigState type.  For
-convenience, all of the top-level functions use a global state available
-via the spew.Config global.
-
-It is also possible to create a ConfigState instance that provides methods
-equivalent to the top-level functions.  This allows concurrent configuration
-options.  See the ConfigState documentation for more details.
-
-The following configuration options are available:
-	* Indent
-		String to use for each indentation level for Dump functions.
-		It is a single space by default.  A popular alternative is "\t".
-
-	* MaxDepth
-		Maximum number of levels to descend into nested data structures.
-		There is no limit by default.
-
-	* DisableMethods
-		Disables invocation of error and Stringer interface methods.
-		Method invocation is enabled by default.
-
-	* DisablePointerMethods
-		Disables invocation of error and Stringer interface methods on types
-		which only accept pointer receivers from non-pointer variables.
-		Pointer method invocation is enabled by default.
-
-	* DisablePointerAddresses
-		DisablePointerAddresses specifies whether to disable the printing of
-		pointer addresses. This is useful when diffing data structures in tests.
-
-	* DisableCapacities
-		DisableCapacities specifies whether to disable the printing of
-		capacities for arrays, slices, maps and channels. This is useful when
-		diffing data structures in tests.
-
-	* ContinueOnMethod
-		Enables recursion into types after invoking error and Stringer interface
-		methods. Recursion after method invocation is disabled by default.
-
-	* SortKeys
-		Specifies map keys should be sorted before being printed. Use
-		this to have a more deterministic, diffable output.  Note that
-		only native types (bool, int, uint, floats, uintptr and string)
-		and types which implement error or Stringer interfaces are
-		supported with other types sorted according to the
-		reflect.Value.String() output which guarantees display
-		stability.  Natural map order is used by default.
-
-	* SpewKeys
-		Specifies that, as a last resort attempt, map keys should be
-		spewed to strings and sorted by those strings.  This is only
-		considered if SortKeys is true.
-
-Dump Usage
-
-Simply call spew.Dump with a list of variables you want to dump:
-
-	spew.Dump(myVar1, myVar2, ...)
-
-You may also call spew.Fdump if you would prefer to output to an arbitrary
-io.Writer.  For example, to dump to standard error:
-
-	spew.Fdump(os.Stderr, myVar1, myVar2, ...)
-
-A third option is to call spew.Sdump to get the formatted output as a string:
-
-	str := spew.Sdump(myVar1, myVar2, ...)
-
-Sample Dump Output
-
-See the Dump example for details on the setup of the types and variables being
-shown here.
-
-	(main.Foo) {
-	 unexportedField: (*main.Bar)(0xf84002e210)({
-	  flag: (main.Flag) flagTwo,
-	  data: (uintptr) 
-	 }),
-	 ExportedField: (map[interface {}]interface {}) (len=1) {
-	  (string) (len=3) "one": (bool) true
-	 }
-	}
-
-Byte (and uint8) arrays and slices are displayed uniquely like the hexdump -C
-command as shown.
-	([]uint8) (len=32 cap=32) {
-	 00000000  11 12 13 14 15 16 17 18  19 1a 1b 1c 1d 1e 1f 20  |............... |
-	 00000010  21 22 23 24 25 26 27 28  29 2a 2b 2c 2d 2e 2f 30  |!"#$%&'()*+,-./0|
-	 00000020  31 32                                             |12|
-	}
-
-Custom Formatter
-
-Spew provides a custom formatter that implements the fmt.Formatter interface
-so that it integrates cleanly with standard fmt package printing functions. The
-formatter is useful for inline printing of smaller data types similar to the
-standard %v format specifier.
-
-The custom formatter only responds to the %v (most compact), %+v (adds pointer
-addresses), %#v (adds types), or %#+v (adds types and pointer addresses) verb
-combinations.  Any other verbs such as %x and %q will be sent to the the
-standard fmt package for formatting.  In addition, the custom formatter ignores
-the width and precision arguments (however they will still work on the format
-specifiers not handled by the custom formatter).
-
-Custom Formatter Usage
-
-The simplest way to make use of the spew custom formatter is to call one of the
-convenience functions such as spew.Printf, spew.Println, or spew.Printf.  The
-functions have syntax you are most likely already familiar with:
-
-	spew.Printf("myVar1: %v -- myVar2: %+v", myVar1, myVar2)
-	spew.Printf("myVar3: %#v -- myVar4: %#+v", myVar3, myVar4)
-	spew.Println(myVar, myVar2)
-	spew.Fprintf(os.Stderr, "myVar1: %v -- myVar2: %+v", myVar1, myVar2)
-	spew.Fprintf(os.Stderr, "myVar3: %#v -- myVar4: %#+v", myVar3, myVar4)
-
-See the Index for the full list convenience functions.
-
-Sample Formatter Output
-
-Double pointer to a uint8:
-	  %v: <**>5
-	 %+v: <**>(0xf8400420d0->0xf8400420c8)5
-	 %#v: (**uint8)5
-	%#+v: (**uint8)(0xf8400420d0->0xf8400420c8)5
-
-Pointer to circular struct with a uint8 field and a pointer to itself:
-	  %v: <*>{1 <*>}
-	 %+v: <*>(0xf84003e260){ui8:1 c:<*>(0xf84003e260)}
-	 %#v: (*main.circular){ui8:(uint8)1 c:(*main.circular)}
-	%#+v: (*main.circular)(0xf84003e260){ui8:(uint8)1 c:(*main.circular)(0xf84003e260)}
-
-See the Printf example for details on the setup of variables being shown
-here.
-
-Errors
-
-Since it is possible for custom Stringer/error interfaces to panic, spew
-detects them and handles them internally by printing the panic information
-inline with the output.  Since spew is intended to provide deep pretty printing
-capabilities on structures, it intentionally does not return any errors.
-*/
-package spew
diff --git a/vendor/github.com/davecgh/go-spew/spew/dump.go b/vendor/github.com/davecgh/go-spew/spew/dump.go
deleted file mode 100644
index f78d89fc1..000000000
--- a/vendor/github.com/davecgh/go-spew/spew/dump.go
+++ /dev/null
@@ -1,509 +0,0 @@
-/*
- * Copyright (c) 2013-2016 Dave Collins 
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-package spew
-
-import (
-	"bytes"
-	"encoding/hex"
-	"fmt"
-	"io"
-	"os"
-	"reflect"
-	"regexp"
-	"strconv"
-	"strings"
-)
-
-var (
-	// uint8Type is a reflect.Type representing a uint8.  It is used to
-	// convert cgo types to uint8 slices for hexdumping.
-	uint8Type = reflect.TypeOf(uint8(0))
-
-	// cCharRE is a regular expression that matches a cgo char.
-	// It is used to detect character arrays to hexdump them.
-	cCharRE = regexp.MustCompile(`^.*\._Ctype_char$`)
-
-	// cUnsignedCharRE is a regular expression that matches a cgo unsigned
-	// char.  It is used to detect unsigned character arrays to hexdump
-	// them.
-	cUnsignedCharRE = regexp.MustCompile(`^.*\._Ctype_unsignedchar$`)
-
-	// cUint8tCharRE is a regular expression that matches a cgo uint8_t.
-	// It is used to detect uint8_t arrays to hexdump them.
-	cUint8tCharRE = regexp.MustCompile(`^.*\._Ctype_uint8_t$`)
-)
-
-// dumpState contains information about the state of a dump operation.
-type dumpState struct {
-	w                io.Writer
-	depth            int
-	pointers         map[uintptr]int
-	ignoreNextType   bool
-	ignoreNextIndent bool
-	cs               *ConfigState
-}
-
-// indent performs indentation according to the depth level and cs.Indent
-// option.
-func (d *dumpState) indent() {
-	if d.ignoreNextIndent {
-		d.ignoreNextIndent = false
-		return
-	}
-	d.w.Write(bytes.Repeat([]byte(d.cs.Indent), d.depth))
-}
-
-// unpackValue returns values inside of non-nil interfaces when possible.
-// This is useful for data types like structs, arrays, slices, and maps which
-// can contain varying types packed inside an interface.
-func (d *dumpState) unpackValue(v reflect.Value) reflect.Value {
-	if v.Kind() == reflect.Interface && !v.IsNil() {
-		v = v.Elem()
-	}
-	return v
-}
-
-// dumpPtr handles formatting of pointers by indirecting them as necessary.
-func (d *dumpState) dumpPtr(v reflect.Value) {
-	// Remove pointers at or below the current depth from map used to detect
-	// circular refs.
-	for k, depth := range d.pointers {
-		if depth >= d.depth {
-			delete(d.pointers, k)
-		}
-	}
-
-	// Keep list of all dereferenced pointers to show later.
-	pointerChain := make([]uintptr, 0)
-
-	// Figure out how many levels of indirection there are by dereferencing
-	// pointers and unpacking interfaces down the chain while detecting circular
-	// references.
-	nilFound := false
-	cycleFound := false
-	indirects := 0
-	ve := v
-	for ve.Kind() == reflect.Ptr {
-		if ve.IsNil() {
-			nilFound = true
-			break
-		}
-		indirects++
-		addr := ve.Pointer()
-		pointerChain = append(pointerChain, addr)
-		if pd, ok := d.pointers[addr]; ok && pd < d.depth {
-			cycleFound = true
-			indirects--
-			break
-		}
-		d.pointers[addr] = d.depth
-
-		ve = ve.Elem()
-		if ve.Kind() == reflect.Interface {
-			if ve.IsNil() {
-				nilFound = true
-				break
-			}
-			ve = ve.Elem()
-		}
-	}
-
-	// Display type information.
-	d.w.Write(openParenBytes)
-	d.w.Write(bytes.Repeat(asteriskBytes, indirects))
-	d.w.Write([]byte(ve.Type().String()))
-	d.w.Write(closeParenBytes)
-
-	// Display pointer information.
-	if !d.cs.DisablePointerAddresses && len(pointerChain) > 0 {
-		d.w.Write(openParenBytes)
-		for i, addr := range pointerChain {
-			if i > 0 {
-				d.w.Write(pointerChainBytes)
-			}
-			printHexPtr(d.w, addr)
-		}
-		d.w.Write(closeParenBytes)
-	}
-
-	// Display dereferenced value.
-	d.w.Write(openParenBytes)
-	switch {
-	case nilFound:
-		d.w.Write(nilAngleBytes)
-
-	case cycleFound:
-		d.w.Write(circularBytes)
-
-	default:
-		d.ignoreNextType = true
-		d.dump(ve)
-	}
-	d.w.Write(closeParenBytes)
-}
-
-// dumpSlice handles formatting of arrays and slices.  Byte (uint8 under
-// reflection) arrays and slices are dumped in hexdump -C fashion.
-func (d *dumpState) dumpSlice(v reflect.Value) {
-	// Determine whether this type should be hex dumped or not.  Also,
-	// for types which should be hexdumped, try to use the underlying data
-	// first, then fall back to trying to convert them to a uint8 slice.
-	var buf []uint8
-	doConvert := false
-	doHexDump := false
-	numEntries := v.Len()
-	if numEntries > 0 {
-		vt := v.Index(0).Type()
-		vts := vt.String()
-		switch {
-		// C types that need to be converted.
-		case cCharRE.MatchString(vts):
-			fallthrough
-		case cUnsignedCharRE.MatchString(vts):
-			fallthrough
-		case cUint8tCharRE.MatchString(vts):
-			doConvert = true
-
-		// Try to use existing uint8 slices and fall back to converting
-		// and copying if that fails.
-		case vt.Kind() == reflect.Uint8:
-			// We need an addressable interface to convert the type
-			// to a byte slice.  However, the reflect package won't
-			// give us an interface on certain things like
-			// unexported struct fields in order to enforce
-			// visibility rules.  We use unsafe, when available, to
-			// bypass these restrictions since this package does not
-			// mutate the values.
-			vs := v
-			if !vs.CanInterface() || !vs.CanAddr() {
-				vs = unsafeReflectValue(vs)
-			}
-			if !UnsafeDisabled {
-				vs = vs.Slice(0, numEntries)
-
-				// Use the existing uint8 slice if it can be
-				// type asserted.
-				iface := vs.Interface()
-				if slice, ok := iface.([]uint8); ok {
-					buf = slice
-					doHexDump = true
-					break
-				}
-			}
-
-			// The underlying data needs to be converted if it can't
-			// be type asserted to a uint8 slice.
-			doConvert = true
-		}
-
-		// Copy and convert the underlying type if needed.
-		if doConvert && vt.ConvertibleTo(uint8Type) {
-			// Convert and copy each element into a uint8 byte
-			// slice.
-			buf = make([]uint8, numEntries)
-			for i := 0; i < numEntries; i++ {
-				vv := v.Index(i)
-				buf[i] = uint8(vv.Convert(uint8Type).Uint())
-			}
-			doHexDump = true
-		}
-	}
-
-	// Hexdump the entire slice as needed.
-	if doHexDump {
-		indent := strings.Repeat(d.cs.Indent, d.depth)
-		str := indent + hex.Dump(buf)
-		str = strings.Replace(str, "\n", "\n"+indent, -1)
-		str = strings.TrimRight(str, d.cs.Indent)
-		d.w.Write([]byte(str))
-		return
-	}
-
-	// Recursively call dump for each item.
-	for i := 0; i < numEntries; i++ {
-		d.dump(d.unpackValue(v.Index(i)))
-		if i < (numEntries - 1) {
-			d.w.Write(commaNewlineBytes)
-		} else {
-			d.w.Write(newlineBytes)
-		}
-	}
-}
-
-// dump is the main workhorse for dumping a value.  It uses the passed reflect
-// value to figure out what kind of object we are dealing with and formats it
-// appropriately.  It is a recursive function, however circular data structures
-// are detected and handled properly.
-func (d *dumpState) dump(v reflect.Value) {
-	// Handle invalid reflect values immediately.
-	kind := v.Kind()
-	if kind == reflect.Invalid {
-		d.w.Write(invalidAngleBytes)
-		return
-	}
-
-	// Handle pointers specially.
-	if kind == reflect.Ptr {
-		d.indent()
-		d.dumpPtr(v)
-		return
-	}
-
-	// Print type information unless already handled elsewhere.
-	if !d.ignoreNextType {
-		d.indent()
-		d.w.Write(openParenBytes)
-		d.w.Write([]byte(v.Type().String()))
-		d.w.Write(closeParenBytes)
-		d.w.Write(spaceBytes)
-	}
-	d.ignoreNextType = false
-
-	// Display length and capacity if the built-in len and cap functions
-	// work with the value's kind and the len/cap itself is non-zero.
-	valueLen, valueCap := 0, 0
-	switch v.Kind() {
-	case reflect.Array, reflect.Slice, reflect.Chan:
-		valueLen, valueCap = v.Len(), v.Cap()
-	case reflect.Map, reflect.String:
-		valueLen = v.Len()
-	}
-	if valueLen != 0 || !d.cs.DisableCapacities && valueCap != 0 {
-		d.w.Write(openParenBytes)
-		if valueLen != 0 {
-			d.w.Write(lenEqualsBytes)
-			printInt(d.w, int64(valueLen), 10)
-		}
-		if !d.cs.DisableCapacities && valueCap != 0 {
-			if valueLen != 0 {
-				d.w.Write(spaceBytes)
-			}
-			d.w.Write(capEqualsBytes)
-			printInt(d.w, int64(valueCap), 10)
-		}
-		d.w.Write(closeParenBytes)
-		d.w.Write(spaceBytes)
-	}
-
-	// Call Stringer/error interfaces if they exist and the handle methods flag
-	// is enabled
-	if !d.cs.DisableMethods {
-		if (kind != reflect.Invalid) && (kind != reflect.Interface) {
-			if handled := handleMethods(d.cs, d.w, v); handled {
-				return
-			}
-		}
-	}
-
-	switch kind {
-	case reflect.Invalid:
-		// Do nothing.  We should never get here since invalid has already
-		// been handled above.
-
-	case reflect.Bool:
-		printBool(d.w, v.Bool())
-
-	case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
-		printInt(d.w, v.Int(), 10)
-
-	case reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint:
-		printUint(d.w, v.Uint(), 10)
-
-	case reflect.Float32:
-		printFloat(d.w, v.Float(), 32)
-
-	case reflect.Float64:
-		printFloat(d.w, v.Float(), 64)
-
-	case reflect.Complex64:
-		printComplex(d.w, v.Complex(), 32)
-
-	case reflect.Complex128:
-		printComplex(d.w, v.Complex(), 64)
-
-	case reflect.Slice:
-		if v.IsNil() {
-			d.w.Write(nilAngleBytes)
-			break
-		}
-		fallthrough
-
-	case reflect.Array:
-		d.w.Write(openBraceNewlineBytes)
-		d.depth++
-		if (d.cs.MaxDepth != 0) && (d.depth > d.cs.MaxDepth) {
-			d.indent()
-			d.w.Write(maxNewlineBytes)
-		} else {
-			d.dumpSlice(v)
-		}
-		d.depth--
-		d.indent()
-		d.w.Write(closeBraceBytes)
-
-	case reflect.String:
-		d.w.Write([]byte(strconv.Quote(v.String())))
-
-	case reflect.Interface:
-		// The only time we should get here is for nil interfaces due to
-		// unpackValue calls.
-		if v.IsNil() {
-			d.w.Write(nilAngleBytes)
-		}
-
-	case reflect.Ptr:
-		// Do nothing.  We should never get here since pointers have already
-		// been handled above.
-
-	case reflect.Map:
-		// nil maps should be indicated as different than empty maps
-		if v.IsNil() {
-			d.w.Write(nilAngleBytes)
-			break
-		}
-
-		d.w.Write(openBraceNewlineBytes)
-		d.depth++
-		if (d.cs.MaxDepth != 0) && (d.depth > d.cs.MaxDepth) {
-			d.indent()
-			d.w.Write(maxNewlineBytes)
-		} else {
-			numEntries := v.Len()
-			keys := v.MapKeys()
-			if d.cs.SortKeys {
-				sortValues(keys, d.cs)
-			}
-			for i, key := range keys {
-				d.dump(d.unpackValue(key))
-				d.w.Write(colonSpaceBytes)
-				d.ignoreNextIndent = true
-				d.dump(d.unpackValue(v.MapIndex(key)))
-				if i < (numEntries - 1) {
-					d.w.Write(commaNewlineBytes)
-				} else {
-					d.w.Write(newlineBytes)
-				}
-			}
-		}
-		d.depth--
-		d.indent()
-		d.w.Write(closeBraceBytes)
-
-	case reflect.Struct:
-		d.w.Write(openBraceNewlineBytes)
-		d.depth++
-		if (d.cs.MaxDepth != 0) && (d.depth > d.cs.MaxDepth) {
-			d.indent()
-			d.w.Write(maxNewlineBytes)
-		} else {
-			vt := v.Type()
-			numFields := v.NumField()
-			for i := 0; i < numFields; i++ {
-				d.indent()
-				vtf := vt.Field(i)
-				d.w.Write([]byte(vtf.Name))
-				d.w.Write(colonSpaceBytes)
-				d.ignoreNextIndent = true
-				d.dump(d.unpackValue(v.Field(i)))
-				if i < (numFields - 1) {
-					d.w.Write(commaNewlineBytes)
-				} else {
-					d.w.Write(newlineBytes)
-				}
-			}
-		}
-		d.depth--
-		d.indent()
-		d.w.Write(closeBraceBytes)
-
-	case reflect.Uintptr:
-		printHexPtr(d.w, uintptr(v.Uint()))
-
-	case reflect.UnsafePointer, reflect.Chan, reflect.Func:
-		printHexPtr(d.w, v.Pointer())
-
-	// There were not any other types at the time this code was written, but
-	// fall back to letting the default fmt package handle it in case any new
-	// types are added.
-	default:
-		if v.CanInterface() {
-			fmt.Fprintf(d.w, "%v", v.Interface())
-		} else {
-			fmt.Fprintf(d.w, "%v", v.String())
-		}
-	}
-}
-
-// fdump is a helper function to consolidate the logic from the various public
-// methods which take varying writers and config states.
-func fdump(cs *ConfigState, w io.Writer, a ...interface{}) {
-	for _, arg := range a {
-		if arg == nil {
-			w.Write(interfaceBytes)
-			w.Write(spaceBytes)
-			w.Write(nilAngleBytes)
-			w.Write(newlineBytes)
-			continue
-		}
-
-		d := dumpState{w: w, cs: cs}
-		d.pointers = make(map[uintptr]int)
-		d.dump(reflect.ValueOf(arg))
-		d.w.Write(newlineBytes)
-	}
-}
-
-// Fdump formats and displays the passed arguments to io.Writer w.  It formats
-// exactly the same as Dump.
-func Fdump(w io.Writer, a ...interface{}) {
-	fdump(&Config, w, a...)
-}
-
-// Sdump returns a string with the passed arguments formatted exactly the same
-// as Dump.
-func Sdump(a ...interface{}) string {
-	var buf bytes.Buffer
-	fdump(&Config, &buf, a...)
-	return buf.String()
-}
-
-/*
-Dump displays the passed parameters to standard out with newlines, customizable
-indentation, and additional debug information such as complete types and all
-pointer addresses used to indirect to the final value.  It provides the
-following features over the built-in printing facilities provided by the fmt
-package:
-
-	* Pointers are dereferenced and followed
-	* Circular data structures are detected and handled properly
-	* Custom Stringer/error interfaces are optionally invoked, including
-	  on unexported types
-	* Custom types which only implement the Stringer/error interfaces via
-	  a pointer receiver are optionally invoked when passing non-pointer
-	  variables
-	* Byte arrays and slices are dumped like the hexdump -C command which
-	  includes offsets, byte values in hex, and ASCII output
-
-The configuration options are controlled by an exported package global,
-spew.Config.  See ConfigState for options documentation.
-
-See Fdump if you would prefer dumping to an arbitrary io.Writer or Sdump to
-get the formatted result as a string.
-*/
-func Dump(a ...interface{}) {
-	fdump(&Config, os.Stdout, a...)
-}
diff --git a/vendor/github.com/davecgh/go-spew/spew/format.go b/vendor/github.com/davecgh/go-spew/spew/format.go
deleted file mode 100644
index b04edb7d7..000000000
--- a/vendor/github.com/davecgh/go-spew/spew/format.go
+++ /dev/null
@@ -1,419 +0,0 @@
-/*
- * Copyright (c) 2013-2016 Dave Collins 
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-package spew
-
-import (
-	"bytes"
-	"fmt"
-	"reflect"
-	"strconv"
-	"strings"
-)
-
-// supportedFlags is a list of all the character flags supported by fmt package.
-const supportedFlags = "0-+# "
-
-// formatState implements the fmt.Formatter interface and contains information
-// about the state of a formatting operation.  The NewFormatter function can
-// be used to get a new Formatter which can be used directly as arguments
-// in standard fmt package printing calls.
-type formatState struct {
-	value          interface{}
-	fs             fmt.State
-	depth          int
-	pointers       map[uintptr]int
-	ignoreNextType bool
-	cs             *ConfigState
-}
-
-// buildDefaultFormat recreates the original format string without precision
-// and width information to pass in to fmt.Sprintf in the case of an
-// unrecognized type.  Unless new types are added to the language, this
-// function won't ever be called.
-func (f *formatState) buildDefaultFormat() (format string) {
-	buf := bytes.NewBuffer(percentBytes)
-
-	for _, flag := range supportedFlags {
-		if f.fs.Flag(int(flag)) {
-			buf.WriteRune(flag)
-		}
-	}
-
-	buf.WriteRune('v')
-
-	format = buf.String()
-	return format
-}
-
-// constructOrigFormat recreates the original format string including precision
-// and width information to pass along to the standard fmt package.  This allows
-// automatic deferral of all format strings this package doesn't support.
-func (f *formatState) constructOrigFormat(verb rune) (format string) {
-	buf := bytes.NewBuffer(percentBytes)
-
-	for _, flag := range supportedFlags {
-		if f.fs.Flag(int(flag)) {
-			buf.WriteRune(flag)
-		}
-	}
-
-	if width, ok := f.fs.Width(); ok {
-		buf.WriteString(strconv.Itoa(width))
-	}
-
-	if precision, ok := f.fs.Precision(); ok {
-		buf.Write(precisionBytes)
-		buf.WriteString(strconv.Itoa(precision))
-	}
-
-	buf.WriteRune(verb)
-
-	format = buf.String()
-	return format
-}
-
-// unpackValue returns values inside of non-nil interfaces when possible and
-// ensures that types for values which have been unpacked from an interface
-// are displayed when the show types flag is also set.
-// This is useful for data types like structs, arrays, slices, and maps which
-// can contain varying types packed inside an interface.
-func (f *formatState) unpackValue(v reflect.Value) reflect.Value {
-	if v.Kind() == reflect.Interface {
-		f.ignoreNextType = false
-		if !v.IsNil() {
-			v = v.Elem()
-		}
-	}
-	return v
-}
-
-// formatPtr handles formatting of pointers by indirecting them as necessary.
-func (f *formatState) formatPtr(v reflect.Value) {
-	// Display nil if top level pointer is nil.
-	showTypes := f.fs.Flag('#')
-	if v.IsNil() && (!showTypes || f.ignoreNextType) {
-		f.fs.Write(nilAngleBytes)
-		return
-	}
-
-	// Remove pointers at or below the current depth from map used to detect
-	// circular refs.
-	for k, depth := range f.pointers {
-		if depth >= f.depth {
-			delete(f.pointers, k)
-		}
-	}
-
-	// Keep list of all dereferenced pointers to possibly show later.
-	pointerChain := make([]uintptr, 0)
-
-	// Figure out how many levels of indirection there are by derferencing
-	// pointers and unpacking interfaces down the chain while detecting circular
-	// references.
-	nilFound := false
-	cycleFound := false
-	indirects := 0
-	ve := v
-	for ve.Kind() == reflect.Ptr {
-		if ve.IsNil() {
-			nilFound = true
-			break
-		}
-		indirects++
-		addr := ve.Pointer()
-		pointerChain = append(pointerChain, addr)
-		if pd, ok := f.pointers[addr]; ok && pd < f.depth {
-			cycleFound = true
-			indirects--
-			break
-		}
-		f.pointers[addr] = f.depth
-
-		ve = ve.Elem()
-		if ve.Kind() == reflect.Interface {
-			if ve.IsNil() {
-				nilFound = true
-				break
-			}
-			ve = ve.Elem()
-		}
-	}
-
-	// Display type or indirection level depending on flags.
-	if showTypes && !f.ignoreNextType {
-		f.fs.Write(openParenBytes)
-		f.fs.Write(bytes.Repeat(asteriskBytes, indirects))
-		f.fs.Write([]byte(ve.Type().String()))
-		f.fs.Write(closeParenBytes)
-	} else {
-		if nilFound || cycleFound {
-			indirects += strings.Count(ve.Type().String(), "*")
-		}
-		f.fs.Write(openAngleBytes)
-		f.fs.Write([]byte(strings.Repeat("*", indirects)))
-		f.fs.Write(closeAngleBytes)
-	}
-
-	// Display pointer information depending on flags.
-	if f.fs.Flag('+') && (len(pointerChain) > 0) {
-		f.fs.Write(openParenBytes)
-		for i, addr := range pointerChain {
-			if i > 0 {
-				f.fs.Write(pointerChainBytes)
-			}
-			printHexPtr(f.fs, addr)
-		}
-		f.fs.Write(closeParenBytes)
-	}
-
-	// Display dereferenced value.
-	switch {
-	case nilFound:
-		f.fs.Write(nilAngleBytes)
-
-	case cycleFound:
-		f.fs.Write(circularShortBytes)
-
-	default:
-		f.ignoreNextType = true
-		f.format(ve)
-	}
-}
-
-// format is the main workhorse for providing the Formatter interface.  It
-// uses the passed reflect value to figure out what kind of object we are
-// dealing with and formats it appropriately.  It is a recursive function,
-// however circular data structures are detected and handled properly.
-func (f *formatState) format(v reflect.Value) {
-	// Handle invalid reflect values immediately.
-	kind := v.Kind()
-	if kind == reflect.Invalid {
-		f.fs.Write(invalidAngleBytes)
-		return
-	}
-
-	// Handle pointers specially.
-	if kind == reflect.Ptr {
-		f.formatPtr(v)
-		return
-	}
-
-	// Print type information unless already handled elsewhere.
-	if !f.ignoreNextType && f.fs.Flag('#') {
-		f.fs.Write(openParenBytes)
-		f.fs.Write([]byte(v.Type().String()))
-		f.fs.Write(closeParenBytes)
-	}
-	f.ignoreNextType = false
-
-	// Call Stringer/error interfaces if they exist and the handle methods
-	// flag is enabled.
-	if !f.cs.DisableMethods {
-		if (kind != reflect.Invalid) && (kind != reflect.Interface) {
-			if handled := handleMethods(f.cs, f.fs, v); handled {
-				return
-			}
-		}
-	}
-
-	switch kind {
-	case reflect.Invalid:
-		// Do nothing.  We should never get here since invalid has already
-		// been handled above.
-
-	case reflect.Bool:
-		printBool(f.fs, v.Bool())
-
-	case reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Int:
-		printInt(f.fs, v.Int(), 10)
-
-	case reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uint:
-		printUint(f.fs, v.Uint(), 10)
-
-	case reflect.Float32:
-		printFloat(f.fs, v.Float(), 32)
-
-	case reflect.Float64:
-		printFloat(f.fs, v.Float(), 64)
-
-	case reflect.Complex64:
-		printComplex(f.fs, v.Complex(), 32)
-
-	case reflect.Complex128:
-		printComplex(f.fs, v.Complex(), 64)
-
-	case reflect.Slice:
-		if v.IsNil() {
-			f.fs.Write(nilAngleBytes)
-			break
-		}
-		fallthrough
-
-	case reflect.Array:
-		f.fs.Write(openBracketBytes)
-		f.depth++
-		if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) {
-			f.fs.Write(maxShortBytes)
-		} else {
-			numEntries := v.Len()
-			for i := 0; i < numEntries; i++ {
-				if i > 0 {
-					f.fs.Write(spaceBytes)
-				}
-				f.ignoreNextType = true
-				f.format(f.unpackValue(v.Index(i)))
-			}
-		}
-		f.depth--
-		f.fs.Write(closeBracketBytes)
-
-	case reflect.String:
-		f.fs.Write([]byte(v.String()))
-
-	case reflect.Interface:
-		// The only time we should get here is for nil interfaces due to
-		// unpackValue calls.
-		if v.IsNil() {
-			f.fs.Write(nilAngleBytes)
-		}
-
-	case reflect.Ptr:
-		// Do nothing.  We should never get here since pointers have already
-		// been handled above.
-
-	case reflect.Map:
-		// nil maps should be indicated as different than empty maps
-		if v.IsNil() {
-			f.fs.Write(nilAngleBytes)
-			break
-		}
-
-		f.fs.Write(openMapBytes)
-		f.depth++
-		if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) {
-			f.fs.Write(maxShortBytes)
-		} else {
-			keys := v.MapKeys()
-			if f.cs.SortKeys {
-				sortValues(keys, f.cs)
-			}
-			for i, key := range keys {
-				if i > 0 {
-					f.fs.Write(spaceBytes)
-				}
-				f.ignoreNextType = true
-				f.format(f.unpackValue(key))
-				f.fs.Write(colonBytes)
-				f.ignoreNextType = true
-				f.format(f.unpackValue(v.MapIndex(key)))
-			}
-		}
-		f.depth--
-		f.fs.Write(closeMapBytes)
-
-	case reflect.Struct:
-		numFields := v.NumField()
-		f.fs.Write(openBraceBytes)
-		f.depth++
-		if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) {
-			f.fs.Write(maxShortBytes)
-		} else {
-			vt := v.Type()
-			for i := 0; i < numFields; i++ {
-				if i > 0 {
-					f.fs.Write(spaceBytes)
-				}
-				vtf := vt.Field(i)
-				if f.fs.Flag('+') || f.fs.Flag('#') {
-					f.fs.Write([]byte(vtf.Name))
-					f.fs.Write(colonBytes)
-				}
-				f.format(f.unpackValue(v.Field(i)))
-			}
-		}
-		f.depth--
-		f.fs.Write(closeBraceBytes)
-
-	case reflect.Uintptr:
-		printHexPtr(f.fs, uintptr(v.Uint()))
-
-	case reflect.UnsafePointer, reflect.Chan, reflect.Func:
-		printHexPtr(f.fs, v.Pointer())
-
-	// There were not any other types at the time this code was written, but
-	// fall back to letting the default fmt package handle it if any get added.
-	default:
-		format := f.buildDefaultFormat()
-		if v.CanInterface() {
-			fmt.Fprintf(f.fs, format, v.Interface())
-		} else {
-			fmt.Fprintf(f.fs, format, v.String())
-		}
-	}
-}
-
-// Format satisfies the fmt.Formatter interface. See NewFormatter for usage
-// details.
-func (f *formatState) Format(fs fmt.State, verb rune) {
-	f.fs = fs
-
-	// Use standard formatting for verbs that are not v.
-	if verb != 'v' {
-		format := f.constructOrigFormat(verb)
-		fmt.Fprintf(fs, format, f.value)
-		return
-	}
-
-	if f.value == nil {
-		if fs.Flag('#') {
-			fs.Write(interfaceBytes)
-		}
-		fs.Write(nilAngleBytes)
-		return
-	}
-
-	f.format(reflect.ValueOf(f.value))
-}
-
-// newFormatter is a helper function to consolidate the logic from the various
-// public methods which take varying config states.
-func newFormatter(cs *ConfigState, v interface{}) fmt.Formatter {
-	fs := &formatState{value: v, cs: cs}
-	fs.pointers = make(map[uintptr]int)
-	return fs
-}
-
-/*
-NewFormatter returns a custom formatter that satisfies the fmt.Formatter
-interface.  As a result, it integrates cleanly with standard fmt package
-printing functions.  The formatter is useful for inline printing of smaller data
-types similar to the standard %v format specifier.
-
-The custom formatter only responds to the %v (most compact), %+v (adds pointer
-addresses), %#v (adds types), or %#+v (adds types and pointer addresses) verb
-combinations.  Any other verbs such as %x and %q will be sent to the the
-standard fmt package for formatting.  In addition, the custom formatter ignores
-the width and precision arguments (however they will still work on the format
-specifiers not handled by the custom formatter).
-
-Typically this function shouldn't be called directly.  It is much easier to make
-use of the custom formatter by calling one of the convenience functions such as
-Printf, Println, or Fprintf.
-*/
-func NewFormatter(v interface{}) fmt.Formatter {
-	return newFormatter(&Config, v)
-}
diff --git a/vendor/github.com/davecgh/go-spew/spew/spew.go b/vendor/github.com/davecgh/go-spew/spew/spew.go
deleted file mode 100644
index 32c0e3388..000000000
--- a/vendor/github.com/davecgh/go-spew/spew/spew.go
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * Copyright (c) 2013-2016 Dave Collins 
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-package spew
-
-import (
-	"fmt"
-	"io"
-)
-
-// Errorf is a wrapper for fmt.Errorf that treats each argument as if it were
-// passed with a default Formatter interface returned by NewFormatter.  It
-// returns the formatted string as a value that satisfies error.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Errorf(format, spew.NewFormatter(a), spew.NewFormatter(b))
-func Errorf(format string, a ...interface{}) (err error) {
-	return fmt.Errorf(format, convertArgs(a)...)
-}
-
-// Fprint is a wrapper for fmt.Fprint that treats each argument as if it were
-// passed with a default Formatter interface returned by NewFormatter.  It
-// returns the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Fprint(w, spew.NewFormatter(a), spew.NewFormatter(b))
-func Fprint(w io.Writer, a ...interface{}) (n int, err error) {
-	return fmt.Fprint(w, convertArgs(a)...)
-}
-
-// Fprintf is a wrapper for fmt.Fprintf that treats each argument as if it were
-// passed with a default Formatter interface returned by NewFormatter.  It
-// returns the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Fprintf(w, format, spew.NewFormatter(a), spew.NewFormatter(b))
-func Fprintf(w io.Writer, format string, a ...interface{}) (n int, err error) {
-	return fmt.Fprintf(w, format, convertArgs(a)...)
-}
-
-// Fprintln is a wrapper for fmt.Fprintln that treats each argument as if it
-// passed with a default Formatter interface returned by NewFormatter.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Fprintln(w, spew.NewFormatter(a), spew.NewFormatter(b))
-func Fprintln(w io.Writer, a ...interface{}) (n int, err error) {
-	return fmt.Fprintln(w, convertArgs(a)...)
-}
-
-// Print is a wrapper for fmt.Print that treats each argument as if it were
-// passed with a default Formatter interface returned by NewFormatter.  It
-// returns the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Print(spew.NewFormatter(a), spew.NewFormatter(b))
-func Print(a ...interface{}) (n int, err error) {
-	return fmt.Print(convertArgs(a)...)
-}
-
-// Printf is a wrapper for fmt.Printf that treats each argument as if it were
-// passed with a default Formatter interface returned by NewFormatter.  It
-// returns the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Printf(format, spew.NewFormatter(a), spew.NewFormatter(b))
-func Printf(format string, a ...interface{}) (n int, err error) {
-	return fmt.Printf(format, convertArgs(a)...)
-}
-
-// Println is a wrapper for fmt.Println that treats each argument as if it were
-// passed with a default Formatter interface returned by NewFormatter.  It
-// returns the number of bytes written and any write error encountered.  See
-// NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Println(spew.NewFormatter(a), spew.NewFormatter(b))
-func Println(a ...interface{}) (n int, err error) {
-	return fmt.Println(convertArgs(a)...)
-}
-
-// Sprint is a wrapper for fmt.Sprint that treats each argument as if it were
-// passed with a default Formatter interface returned by NewFormatter.  It
-// returns the resulting string.  See NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Sprint(spew.NewFormatter(a), spew.NewFormatter(b))
-func Sprint(a ...interface{}) string {
-	return fmt.Sprint(convertArgs(a)...)
-}
-
-// Sprintf is a wrapper for fmt.Sprintf that treats each argument as if it were
-// passed with a default Formatter interface returned by NewFormatter.  It
-// returns the resulting string.  See NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Sprintf(format, spew.NewFormatter(a), spew.NewFormatter(b))
-func Sprintf(format string, a ...interface{}) string {
-	return fmt.Sprintf(format, convertArgs(a)...)
-}
-
-// Sprintln is a wrapper for fmt.Sprintln that treats each argument as if it
-// were passed with a default Formatter interface returned by NewFormatter.  It
-// returns the resulting string.  See NewFormatter for formatting details.
-//
-// This function is shorthand for the following syntax:
-//
-//	fmt.Sprintln(spew.NewFormatter(a), spew.NewFormatter(b))
-func Sprintln(a ...interface{}) string {
-	return fmt.Sprintln(convertArgs(a)...)
-}
-
-// convertArgs accepts a slice of arguments and returns a slice of the same
-// length with each argument converted to a default spew Formatter interface.
-func convertArgs(args []interface{}) (formatters []interface{}) {
-	formatters = make([]interface{}, len(args))
-	for index, arg := range args {
-		formatters[index] = NewFormatter(arg)
-	}
-	return formatters
-}
diff --git a/vendor/github.com/pmezard/go-difflib/LICENSE b/vendor/github.com/pmezard/go-difflib/LICENSE
deleted file mode 100644
index c67dad612..000000000
--- a/vendor/github.com/pmezard/go-difflib/LICENSE
+++ /dev/null
@@ -1,27 +0,0 @@
-Copyright (c) 2013, Patrick Mezard
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-    Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-    Redistributions in binary form must reproduce the above copyright
-notice, this list of conditions and the following disclaimer in the
-documentation and/or other materials provided with the distribution.
-    The names of its contributors may not be used to endorse or promote
-products derived from this software without specific prior written
-permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
-IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
-TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
-PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
-TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
-PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/pmezard/go-difflib/difflib/difflib.go b/vendor/github.com/pmezard/go-difflib/difflib/difflib.go
deleted file mode 100644
index 003e99fad..000000000
--- a/vendor/github.com/pmezard/go-difflib/difflib/difflib.go
+++ /dev/null
@@ -1,772 +0,0 @@
-// Package difflib is a partial port of Python difflib module.
-//
-// It provides tools to compare sequences of strings and generate textual diffs.
-//
-// The following class and functions have been ported:
-//
-// - SequenceMatcher
-//
-// - unified_diff
-//
-// - context_diff
-//
-// Getting unified diffs was the main goal of the port. Keep in mind this code
-// is mostly suitable to output text differences in a human friendly way, there
-// are no guarantees generated diffs are consumable by patch(1).
-package difflib
-
-import (
-	"bufio"
-	"bytes"
-	"fmt"
-	"io"
-	"strings"
-)
-
-func min(a, b int) int {
-	if a < b {
-		return a
-	}
-	return b
-}
-
-func max(a, b int) int {
-	if a > b {
-		return a
-	}
-	return b
-}
-
-func calculateRatio(matches, length int) float64 {
-	if length > 0 {
-		return 2.0 * float64(matches) / float64(length)
-	}
-	return 1.0
-}
-
-type Match struct {
-	A    int
-	B    int
-	Size int
-}
-
-type OpCode struct {
-	Tag byte
-	I1  int
-	I2  int
-	J1  int
-	J2  int
-}
-
-// SequenceMatcher compares sequence of strings. The basic
-// algorithm predates, and is a little fancier than, an algorithm
-// published in the late 1980's by Ratcliff and Obershelp under the
-// hyperbolic name "gestalt pattern matching".  The basic idea is to find
-// the longest contiguous matching subsequence that contains no "junk"
-// elements (R-O doesn't address junk).  The same idea is then applied
-// recursively to the pieces of the sequences to the left and to the right
-// of the matching subsequence.  This does not yield minimal edit
-// sequences, but does tend to yield matches that "look right" to people.
-//
-// SequenceMatcher tries to compute a "human-friendly diff" between two
-// sequences.  Unlike e.g. UNIX(tm) diff, the fundamental notion is the
-// longest *contiguous* & junk-free matching subsequence.  That's what
-// catches peoples' eyes.  The Windows(tm) windiff has another interesting
-// notion, pairing up elements that appear uniquely in each sequence.
-// That, and the method here, appear to yield more intuitive difference
-// reports than does diff.  This method appears to be the least vulnerable
-// to synching up on blocks of "junk lines", though (like blank lines in
-// ordinary text files, or maybe "
      " lines in HTML files).  That may be
-// because this is the only method of the 3 that has a *concept* of
-// "junk" .
-//
-// Timing:  Basic R-O is cubic time worst case and quadratic time expected
-// case.  SequenceMatcher is quadratic time for the worst case and has
-// expected-case behavior dependent in a complicated way on how many
-// elements the sequences have in common; best case time is linear.
-type SequenceMatcher struct {
-	a              []string
-	b              []string
-	b2j            map[string][]int
-	IsJunk         func(string) bool
-	autoJunk       bool
-	bJunk          map[string]struct{}
-	matchingBlocks []Match
-	fullBCount     map[string]int
-	bPopular       map[string]struct{}
-	opCodes        []OpCode
-}
-
-func NewMatcher(a, b []string) *SequenceMatcher {
-	m := SequenceMatcher{autoJunk: true}
-	m.SetSeqs(a, b)
-	return &m
-}
-
-func NewMatcherWithJunk(a, b []string, autoJunk bool,
-	isJunk func(string) bool) *SequenceMatcher {
-
-	m := SequenceMatcher{IsJunk: isJunk, autoJunk: autoJunk}
-	m.SetSeqs(a, b)
-	return &m
-}
-
-// Set two sequences to be compared.
-func (m *SequenceMatcher) SetSeqs(a, b []string) {
-	m.SetSeq1(a)
-	m.SetSeq2(b)
-}
-
-// Set the first sequence to be compared. The second sequence to be compared is
-// not changed.
-//
-// SequenceMatcher computes and caches detailed information about the second
-// sequence, so if you want to compare one sequence S against many sequences,
-// use .SetSeq2(s) once and call .SetSeq1(x) repeatedly for each of the other
-// sequences.
-//
-// See also SetSeqs() and SetSeq2().
-func (m *SequenceMatcher) SetSeq1(a []string) {
-	if &a == &m.a {
-		return
-	}
-	m.a = a
-	m.matchingBlocks = nil
-	m.opCodes = nil
-}
-
-// Set the second sequence to be compared. The first sequence to be compared is
-// not changed.
-func (m *SequenceMatcher) SetSeq2(b []string) {
-	if &b == &m.b {
-		return
-	}
-	m.b = b
-	m.matchingBlocks = nil
-	m.opCodes = nil
-	m.fullBCount = nil
-	m.chainB()
-}
-
-func (m *SequenceMatcher) chainB() {
-	// Populate line -> index mapping
-	b2j := map[string][]int{}
-	for i, s := range m.b {
-		indices := b2j[s]
-		indices = append(indices, i)
-		b2j[s] = indices
-	}
-
-	// Purge junk elements
-	m.bJunk = map[string]struct{}{}
-	if m.IsJunk != nil {
-		junk := m.bJunk
-		for s, _ := range b2j {
-			if m.IsJunk(s) {
-				junk[s] = struct{}{}
-			}
-		}
-		for s, _ := range junk {
-			delete(b2j, s)
-		}
-	}
-
-	// Purge remaining popular elements
-	popular := map[string]struct{}{}
-	n := len(m.b)
-	if m.autoJunk && n >= 200 {
-		ntest := n/100 + 1
-		for s, indices := range b2j {
-			if len(indices) > ntest {
-				popular[s] = struct{}{}
-			}
-		}
-		for s, _ := range popular {
-			delete(b2j, s)
-		}
-	}
-	m.bPopular = popular
-	m.b2j = b2j
-}
-
-func (m *SequenceMatcher) isBJunk(s string) bool {
-	_, ok := m.bJunk[s]
-	return ok
-}
-
-// Find longest matching block in a[alo:ahi] and b[blo:bhi].
-//
-// If IsJunk is not defined:
-//
-// Return (i,j,k) such that a[i:i+k] is equal to b[j:j+k], where
-//     alo <= i <= i+k <= ahi
-//     blo <= j <= j+k <= bhi
-// and for all (i',j',k') meeting those conditions,
-//     k >= k'
-//     i <= i'
-//     and if i == i', j <= j'
-//
-// In other words, of all maximal matching blocks, return one that
-// starts earliest in a, and of all those maximal matching blocks that
-// start earliest in a, return the one that starts earliest in b.
-//
-// If IsJunk is defined, first the longest matching block is
-// determined as above, but with the additional restriction that no
-// junk element appears in the block.  Then that block is extended as
-// far as possible by matching (only) junk elements on both sides.  So
-// the resulting block never matches on junk except as identical junk
-// happens to be adjacent to an "interesting" match.
-//
-// If no blocks match, return (alo, blo, 0).
-func (m *SequenceMatcher) findLongestMatch(alo, ahi, blo, bhi int) Match {
-	// CAUTION:  stripping common prefix or suffix would be incorrect.
-	// E.g.,
-	//    ab
-	//    acab
-	// Longest matching block is "ab", but if common prefix is
-	// stripped, it's "a" (tied with "b").  UNIX(tm) diff does so
-	// strip, so ends up claiming that ab is changed to acab by
-	// inserting "ca" in the middle.  That's minimal but unintuitive:
-	// "it's obvious" that someone inserted "ac" at the front.
-	// Windiff ends up at the same place as diff, but by pairing up
-	// the unique 'b's and then matching the first two 'a's.
-	besti, bestj, bestsize := alo, blo, 0
-
-	// find longest junk-free match
-	// during an iteration of the loop, j2len[j] = length of longest
-	// junk-free match ending with a[i-1] and b[j]
-	j2len := map[int]int{}
-	for i := alo; i != ahi; i++ {
-		// look at all instances of a[i] in b; note that because
-		// b2j has no junk keys, the loop is skipped if a[i] is junk
-		newj2len := map[int]int{}
-		for _, j := range m.b2j[m.a[i]] {
-			// a[i] matches b[j]
-			if j < blo {
-				continue
-			}
-			if j >= bhi {
-				break
-			}
-			k := j2len[j-1] + 1
-			newj2len[j] = k
-			if k > bestsize {
-				besti, bestj, bestsize = i-k+1, j-k+1, k
-			}
-		}
-		j2len = newj2len
-	}
-
-	// Extend the best by non-junk elements on each end.  In particular,
-	// "popular" non-junk elements aren't in b2j, which greatly speeds
-	// the inner loop above, but also means "the best" match so far
-	// doesn't contain any junk *or* popular non-junk elements.
-	for besti > alo && bestj > blo && !m.isBJunk(m.b[bestj-1]) &&
-		m.a[besti-1] == m.b[bestj-1] {
-		besti, bestj, bestsize = besti-1, bestj-1, bestsize+1
-	}
-	for besti+bestsize < ahi && bestj+bestsize < bhi &&
-		!m.isBJunk(m.b[bestj+bestsize]) &&
-		m.a[besti+bestsize] == m.b[bestj+bestsize] {
-		bestsize += 1
-	}
-
-	// Now that we have a wholly interesting match (albeit possibly
-	// empty!), we may as well suck up the matching junk on each
-	// side of it too.  Can't think of a good reason not to, and it
-	// saves post-processing the (possibly considerable) expense of
-	// figuring out what to do with it.  In the case of an empty
-	// interesting match, this is clearly the right thing to do,
-	// because no other kind of match is possible in the regions.
-	for besti > alo && bestj > blo && m.isBJunk(m.b[bestj-1]) &&
-		m.a[besti-1] == m.b[bestj-1] {
-		besti, bestj, bestsize = besti-1, bestj-1, bestsize+1
-	}
-	for besti+bestsize < ahi && bestj+bestsize < bhi &&
-		m.isBJunk(m.b[bestj+bestsize]) &&
-		m.a[besti+bestsize] == m.b[bestj+bestsize] {
-		bestsize += 1
-	}
-
-	return Match{A: besti, B: bestj, Size: bestsize}
-}
-
-// Return list of triples describing matching subsequences.
-//
-// Each triple is of the form (i, j, n), and means that
-// a[i:i+n] == b[j:j+n].  The triples are monotonically increasing in
-// i and in j. It's also guaranteed that if (i, j, n) and (i', j', n') are
-// adjacent triples in the list, and the second is not the last triple in the
-// list, then i+n != i' or j+n != j'. IOW, adjacent triples never describe
-// adjacent equal blocks.
-//
-// The last triple is a dummy, (len(a), len(b), 0), and is the only
-// triple with n==0.
-func (m *SequenceMatcher) GetMatchingBlocks() []Match {
-	if m.matchingBlocks != nil {
-		return m.matchingBlocks
-	}
-
-	var matchBlocks func(alo, ahi, blo, bhi int, matched []Match) []Match
-	matchBlocks = func(alo, ahi, blo, bhi int, matched []Match) []Match {
-		match := m.findLongestMatch(alo, ahi, blo, bhi)
-		i, j, k := match.A, match.B, match.Size
-		if match.Size > 0 {
-			if alo < i && blo < j {
-				matched = matchBlocks(alo, i, blo, j, matched)
-			}
-			matched = append(matched, match)
-			if i+k < ahi && j+k < bhi {
-				matched = matchBlocks(i+k, ahi, j+k, bhi, matched)
-			}
-		}
-		return matched
-	}
-	matched := matchBlocks(0, len(m.a), 0, len(m.b), nil)
-
-	// It's possible that we have adjacent equal blocks in the
-	// matching_blocks list now.
-	nonAdjacent := []Match{}
-	i1, j1, k1 := 0, 0, 0
-	for _, b := range matched {
-		// Is this block adjacent to i1, j1, k1?
-		i2, j2, k2 := b.A, b.B, b.Size
-		if i1+k1 == i2 && j1+k1 == j2 {
-			// Yes, so collapse them -- this just increases the length of
-			// the first block by the length of the second, and the first
-			// block so lengthened remains the block to compare against.
-			k1 += k2
-		} else {
-			// Not adjacent.  Remember the first block (k1==0 means it's
-			// the dummy we started with), and make the second block the
-			// new block to compare against.
-			if k1 > 0 {
-				nonAdjacent = append(nonAdjacent, Match{i1, j1, k1})
-			}
-			i1, j1, k1 = i2, j2, k2
-		}
-	}
-	if k1 > 0 {
-		nonAdjacent = append(nonAdjacent, Match{i1, j1, k1})
-	}
-
-	nonAdjacent = append(nonAdjacent, Match{len(m.a), len(m.b), 0})
-	m.matchingBlocks = nonAdjacent
-	return m.matchingBlocks
-}
-
-// Return list of 5-tuples describing how to turn a into b.
-//
-// Each tuple is of the form (tag, i1, i2, j1, j2).  The first tuple
-// has i1 == j1 == 0, and remaining tuples have i1 == the i2 from the
-// tuple preceding it, and likewise for j1 == the previous j2.
-//
-// The tags are characters, with these meanings:
-//
-// 'r' (replace):  a[i1:i2] should be replaced by b[j1:j2]
-//
-// 'd' (delete):   a[i1:i2] should be deleted, j1==j2 in this case.
-//
-// 'i' (insert):   b[j1:j2] should be inserted at a[i1:i1], i1==i2 in this case.
-//
-// 'e' (equal):    a[i1:i2] == b[j1:j2]
-func (m *SequenceMatcher) GetOpCodes() []OpCode {
-	if m.opCodes != nil {
-		return m.opCodes
-	}
-	i, j := 0, 0
-	matching := m.GetMatchingBlocks()
-	opCodes := make([]OpCode, 0, len(matching))
-	for _, m := range matching {
-		//  invariant:  we've pumped out correct diffs to change
-		//  a[:i] into b[:j], and the next matching block is
-		//  a[ai:ai+size] == b[bj:bj+size]. So we need to pump
-		//  out a diff to change a[i:ai] into b[j:bj], pump out
-		//  the matching block, and move (i,j) beyond the match
-		ai, bj, size := m.A, m.B, m.Size
-		tag := byte(0)
-		if i < ai && j < bj {
-			tag = 'r'
-		} else if i < ai {
-			tag = 'd'
-		} else if j < bj {
-			tag = 'i'
-		}
-		if tag > 0 {
-			opCodes = append(opCodes, OpCode{tag, i, ai, j, bj})
-		}
-		i, j = ai+size, bj+size
-		// the list of matching blocks is terminated by a
-		// sentinel with size 0
-		if size > 0 {
-			opCodes = append(opCodes, OpCode{'e', ai, i, bj, j})
-		}
-	}
-	m.opCodes = opCodes
-	return m.opCodes
-}
-
-// Isolate change clusters by eliminating ranges with no changes.
-//
-// Return a generator of groups with up to n lines of context.
-// Each group is in the same format as returned by GetOpCodes().
-func (m *SequenceMatcher) GetGroupedOpCodes(n int) [][]OpCode {
-	if n < 0 {
-		n = 3
-	}
-	codes := m.GetOpCodes()
-	if len(codes) == 0 {
-		codes = []OpCode{OpCode{'e', 0, 1, 0, 1}}
-	}
-	// Fixup leading and trailing groups if they show no changes.
-	if codes[0].Tag == 'e' {
-		c := codes[0]
-		i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2
-		codes[0] = OpCode{c.Tag, max(i1, i2-n), i2, max(j1, j2-n), j2}
-	}
-	if codes[len(codes)-1].Tag == 'e' {
-		c := codes[len(codes)-1]
-		i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2
-		codes[len(codes)-1] = OpCode{c.Tag, i1, min(i2, i1+n), j1, min(j2, j1+n)}
-	}
-	nn := n + n
-	groups := [][]OpCode{}
-	group := []OpCode{}
-	for _, c := range codes {
-		i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2
-		// End the current group and start a new one whenever
-		// there is a large range with no changes.
-		if c.Tag == 'e' && i2-i1 > nn {
-			group = append(group, OpCode{c.Tag, i1, min(i2, i1+n),
-				j1, min(j2, j1+n)})
-			groups = append(groups, group)
-			group = []OpCode{}
-			i1, j1 = max(i1, i2-n), max(j1, j2-n)
-		}
-		group = append(group, OpCode{c.Tag, i1, i2, j1, j2})
-	}
-	if len(group) > 0 && !(len(group) == 1 && group[0].Tag == 'e') {
-		groups = append(groups, group)
-	}
-	return groups
-}
-
-// Return a measure of the sequences' similarity (float in [0,1]).
-//
-// Where T is the total number of elements in both sequences, and
-// M is the number of matches, this is 2.0*M / T.
-// Note that this is 1 if the sequences are identical, and 0 if
-// they have nothing in common.
-//
-// .Ratio() is expensive to compute if you haven't already computed
-// .GetMatchingBlocks() or .GetOpCodes(), in which case you may
-// want to try .QuickRatio() or .RealQuickRation() first to get an
-// upper bound.
-func (m *SequenceMatcher) Ratio() float64 {
-	matches := 0
-	for _, m := range m.GetMatchingBlocks() {
-		matches += m.Size
-	}
-	return calculateRatio(matches, len(m.a)+len(m.b))
-}
-
-// Return an upper bound on ratio() relatively quickly.
-//
-// This isn't defined beyond that it is an upper bound on .Ratio(), and
-// is faster to compute.
-func (m *SequenceMatcher) QuickRatio() float64 {
-	// viewing a and b as multisets, set matches to the cardinality
-	// of their intersection; this counts the number of matches
-	// without regard to order, so is clearly an upper bound
-	if m.fullBCount == nil {
-		m.fullBCount = map[string]int{}
-		for _, s := range m.b {
-			m.fullBCount[s] = m.fullBCount[s] + 1
-		}
-	}
-
-	// avail[x] is the number of times x appears in 'b' less the
-	// number of times we've seen it in 'a' so far ... kinda
-	avail := map[string]int{}
-	matches := 0
-	for _, s := range m.a {
-		n, ok := avail[s]
-		if !ok {
-			n = m.fullBCount[s]
-		}
-		avail[s] = n - 1
-		if n > 0 {
-			matches += 1
-		}
-	}
-	return calculateRatio(matches, len(m.a)+len(m.b))
-}
-
-// Return an upper bound on ratio() very quickly.
-//
-// This isn't defined beyond that it is an upper bound on .Ratio(), and
-// is faster to compute than either .Ratio() or .QuickRatio().
-func (m *SequenceMatcher) RealQuickRatio() float64 {
-	la, lb := len(m.a), len(m.b)
-	return calculateRatio(min(la, lb), la+lb)
-}
-
-// Convert range to the "ed" format
-func formatRangeUnified(start, stop int) string {
-	// Per the diff spec at http://www.unix.org/single_unix_specification/
-	beginning := start + 1 // lines start numbering with one
-	length := stop - start
-	if length == 1 {
-		return fmt.Sprintf("%d", beginning)
-	}
-	if length == 0 {
-		beginning -= 1 // empty ranges begin at line just before the range
-	}
-	return fmt.Sprintf("%d,%d", beginning, length)
-}
-
-// Unified diff parameters
-type UnifiedDiff struct {
-	A        []string // First sequence lines
-	FromFile string   // First file name
-	FromDate string   // First file time
-	B        []string // Second sequence lines
-	ToFile   string   // Second file name
-	ToDate   string   // Second file time
-	Eol      string   // Headers end of line, defaults to LF
-	Context  int      // Number of context lines
-}
-
-// Compare two sequences of lines; generate the delta as a unified diff.
-//
-// Unified diffs are a compact way of showing line changes and a few
-// lines of context.  The number of context lines is set by 'n' which
-// defaults to three.
-//
-// By default, the diff control lines (those with ---, +++, or @@) are
-// created with a trailing newline.  This is helpful so that inputs
-// created from file.readlines() result in diffs that are suitable for
-// file.writelines() since both the inputs and outputs have trailing
-// newlines.
-//
-// For inputs that do not have trailing newlines, set the lineterm
-// argument to "" so that the output will be uniformly newline free.
-//
-// The unidiff format normally has a header for filenames and modification
-// times.  Any or all of these may be specified using strings for
-// 'fromfile', 'tofile', 'fromfiledate', and 'tofiledate'.
-// The modification times are normally expressed in the ISO 8601 format.
-func WriteUnifiedDiff(writer io.Writer, diff UnifiedDiff) error {
-	buf := bufio.NewWriter(writer)
-	defer buf.Flush()
-	wf := func(format string, args ...interface{}) error {
-		_, err := buf.WriteString(fmt.Sprintf(format, args...))
-		return err
-	}
-	ws := func(s string) error {
-		_, err := buf.WriteString(s)
-		return err
-	}
-
-	if len(diff.Eol) == 0 {
-		diff.Eol = "\n"
-	}
-
-	started := false
-	m := NewMatcher(diff.A, diff.B)
-	for _, g := range m.GetGroupedOpCodes(diff.Context) {
-		if !started {
-			started = true
-			fromDate := ""
-			if len(diff.FromDate) > 0 {
-				fromDate = "\t" + diff.FromDate
-			}
-			toDate := ""
-			if len(diff.ToDate) > 0 {
-				toDate = "\t" + diff.ToDate
-			}
-			if diff.FromFile != "" || diff.ToFile != "" {
-				err := wf("--- %s%s%s", diff.FromFile, fromDate, diff.Eol)
-				if err != nil {
-					return err
-				}
-				err = wf("+++ %s%s%s", diff.ToFile, toDate, diff.Eol)
-				if err != nil {
-					return err
-				}
-			}
-		}
-		first, last := g[0], g[len(g)-1]
-		range1 := formatRangeUnified(first.I1, last.I2)
-		range2 := formatRangeUnified(first.J1, last.J2)
-		if err := wf("@@ -%s +%s @@%s", range1, range2, diff.Eol); err != nil {
-			return err
-		}
-		for _, c := range g {
-			i1, i2, j1, j2 := c.I1, c.I2, c.J1, c.J2
-			if c.Tag == 'e' {
-				for _, line := range diff.A[i1:i2] {
-					if err := ws(" " + line); err != nil {
-						return err
-					}
-				}
-				continue
-			}
-			if c.Tag == 'r' || c.Tag == 'd' {
-				for _, line := range diff.A[i1:i2] {
-					if err := ws("-" + line); err != nil {
-						return err
-					}
-				}
-			}
-			if c.Tag == 'r' || c.Tag == 'i' {
-				for _, line := range diff.B[j1:j2] {
-					if err := ws("+" + line); err != nil {
-						return err
-					}
-				}
-			}
-		}
-	}
-	return nil
-}
-
-// Like WriteUnifiedDiff but returns the diff a string.
-func GetUnifiedDiffString(diff UnifiedDiff) (string, error) {
-	w := &bytes.Buffer{}
-	err := WriteUnifiedDiff(w, diff)
-	return string(w.Bytes()), err
-}
-
-// Convert range to the "ed" format.
-func formatRangeContext(start, stop int) string {
-	// Per the diff spec at http://www.unix.org/single_unix_specification/
-	beginning := start + 1 // lines start numbering with one
-	length := stop - start
-	if length == 0 {
-		beginning -= 1 // empty ranges begin at line just before the range
-	}
-	if length <= 1 {
-		return fmt.Sprintf("%d", beginning)
-	}
-	return fmt.Sprintf("%d,%d", beginning, beginning+length-1)
-}
-
-type ContextDiff UnifiedDiff
-
-// Compare two sequences of lines; generate the delta as a context diff.
-//
-// Context diffs are a compact way of showing line changes and a few
-// lines of context. The number of context lines is set by diff.Context
-// which defaults to three.
-//
-// By default, the diff control lines (those with *** or ---) are
-// created with a trailing newline.
-//
-// For inputs that do not have trailing newlines, set the diff.Eol
-// argument to "" so that the output will be uniformly newline free.
-//
-// The context diff format normally has a header for filenames and
-// modification times.  Any or all of these may be specified using
-// strings for diff.FromFile, diff.ToFile, diff.FromDate, diff.ToDate.
-// The modification times are normally expressed in the ISO 8601 format.
-// If not specified, the strings default to blanks.
-func WriteContextDiff(writer io.Writer, diff ContextDiff) error {
-	buf := bufio.NewWriter(writer)
-	defer buf.Flush()
-	var diffErr error
-	wf := func(format string, args ...interface{}) {
-		_, err := buf.WriteString(fmt.Sprintf(format, args...))
-		if diffErr == nil && err != nil {
-			diffErr = err
-		}
-	}
-	ws := func(s string) {
-		_, err := buf.WriteString(s)
-		if diffErr == nil && err != nil {
-			diffErr = err
-		}
-	}
-
-	if len(diff.Eol) == 0 {
-		diff.Eol = "\n"
-	}
-
-	prefix := map[byte]string{
-		'i': "+ ",
-		'd': "- ",
-		'r': "! ",
-		'e': "  ",
-	}
-
-	started := false
-	m := NewMatcher(diff.A, diff.B)
-	for _, g := range m.GetGroupedOpCodes(diff.Context) {
-		if !started {
-			started = true
-			fromDate := ""
-			if len(diff.FromDate) > 0 {
-				fromDate = "\t" + diff.FromDate
-			}
-			toDate := ""
-			if len(diff.ToDate) > 0 {
-				toDate = "\t" + diff.ToDate
-			}
-			if diff.FromFile != "" || diff.ToFile != "" {
-				wf("*** %s%s%s", diff.FromFile, fromDate, diff.Eol)
-				wf("--- %s%s%s", diff.ToFile, toDate, diff.Eol)
-			}
-		}
-
-		first, last := g[0], g[len(g)-1]
-		ws("***************" + diff.Eol)
-
-		range1 := formatRangeContext(first.I1, last.I2)
-		wf("*** %s ****%s", range1, diff.Eol)
-		for _, c := range g {
-			if c.Tag == 'r' || c.Tag == 'd' {
-				for _, cc := range g {
-					if cc.Tag == 'i' {
-						continue
-					}
-					for _, line := range diff.A[cc.I1:cc.I2] {
-						ws(prefix[cc.Tag] + line)
-					}
-				}
-				break
-			}
-		}
-
-		range2 := formatRangeContext(first.J1, last.J2)
-		wf("--- %s ----%s", range2, diff.Eol)
-		for _, c := range g {
-			if c.Tag == 'r' || c.Tag == 'i' {
-				for _, cc := range g {
-					if cc.Tag == 'd' {
-						continue
-					}
-					for _, line := range diff.B[cc.J1:cc.J2] {
-						ws(prefix[cc.Tag] + line)
-					}
-				}
-				break
-			}
-		}
-	}
-	return diffErr
-}
-
-// Like WriteContextDiff but returns the diff a string.
-func GetContextDiffString(diff ContextDiff) (string, error) {
-	w := &bytes.Buffer{}
-	err := WriteContextDiff(w, diff)
-	return string(w.Bytes()), err
-}
-
-// Split a string on "\n" while preserving them. The output can be used
-// as input for UnifiedDiff and ContextDiff structures.
-func SplitLines(s string) []string {
-	lines := strings.SplitAfter(s, "\n")
-	lines[len(lines)-1] += "\n"
-	return lines
-}
diff --git a/vendor/github.com/stretchr/testify/LICENSE b/vendor/github.com/stretchr/testify/LICENSE
deleted file mode 100644
index 4b0421cf9..000000000
--- a/vendor/github.com/stretchr/testify/LICENSE
+++ /dev/null
@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2012-2020 Mat Ryer, Tyler Bunnell and contributors.
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
diff --git a/vendor/github.com/stretchr/testify/assert/assertion_compare.go b/vendor/github.com/stretchr/testify/assert/assertion_compare.go
deleted file mode 100644
index b774da88d..000000000
--- a/vendor/github.com/stretchr/testify/assert/assertion_compare.go
+++ /dev/null
@@ -1,458 +0,0 @@
-package assert
-
-import (
-	"bytes"
-	"fmt"
-	"reflect"
-	"time"
-)
-
-type CompareType int
-
-const (
-	compareLess CompareType = iota - 1
-	compareEqual
-	compareGreater
-)
-
-var (
-	intType   = reflect.TypeOf(int(1))
-	int8Type  = reflect.TypeOf(int8(1))
-	int16Type = reflect.TypeOf(int16(1))
-	int32Type = reflect.TypeOf(int32(1))
-	int64Type = reflect.TypeOf(int64(1))
-
-	uintType   = reflect.TypeOf(uint(1))
-	uint8Type  = reflect.TypeOf(uint8(1))
-	uint16Type = reflect.TypeOf(uint16(1))
-	uint32Type = reflect.TypeOf(uint32(1))
-	uint64Type = reflect.TypeOf(uint64(1))
-
-	float32Type = reflect.TypeOf(float32(1))
-	float64Type = reflect.TypeOf(float64(1))
-
-	stringType = reflect.TypeOf("")
-
-	timeType  = reflect.TypeOf(time.Time{})
-	bytesType = reflect.TypeOf([]byte{})
-)
-
-func compare(obj1, obj2 interface{}, kind reflect.Kind) (CompareType, bool) {
-	obj1Value := reflect.ValueOf(obj1)
-	obj2Value := reflect.ValueOf(obj2)
-
-	// throughout this switch we try and avoid calling .Convert() if possible,
-	// as this has a pretty big performance impact
-	switch kind {
-	case reflect.Int:
-		{
-			intobj1, ok := obj1.(int)
-			if !ok {
-				intobj1 = obj1Value.Convert(intType).Interface().(int)
-			}
-			intobj2, ok := obj2.(int)
-			if !ok {
-				intobj2 = obj2Value.Convert(intType).Interface().(int)
-			}
-			if intobj1 > intobj2 {
-				return compareGreater, true
-			}
-			if intobj1 == intobj2 {
-				return compareEqual, true
-			}
-			if intobj1 < intobj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Int8:
-		{
-			int8obj1, ok := obj1.(int8)
-			if !ok {
-				int8obj1 = obj1Value.Convert(int8Type).Interface().(int8)
-			}
-			int8obj2, ok := obj2.(int8)
-			if !ok {
-				int8obj2 = obj2Value.Convert(int8Type).Interface().(int8)
-			}
-			if int8obj1 > int8obj2 {
-				return compareGreater, true
-			}
-			if int8obj1 == int8obj2 {
-				return compareEqual, true
-			}
-			if int8obj1 < int8obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Int16:
-		{
-			int16obj1, ok := obj1.(int16)
-			if !ok {
-				int16obj1 = obj1Value.Convert(int16Type).Interface().(int16)
-			}
-			int16obj2, ok := obj2.(int16)
-			if !ok {
-				int16obj2 = obj2Value.Convert(int16Type).Interface().(int16)
-			}
-			if int16obj1 > int16obj2 {
-				return compareGreater, true
-			}
-			if int16obj1 == int16obj2 {
-				return compareEqual, true
-			}
-			if int16obj1 < int16obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Int32:
-		{
-			int32obj1, ok := obj1.(int32)
-			if !ok {
-				int32obj1 = obj1Value.Convert(int32Type).Interface().(int32)
-			}
-			int32obj2, ok := obj2.(int32)
-			if !ok {
-				int32obj2 = obj2Value.Convert(int32Type).Interface().(int32)
-			}
-			if int32obj1 > int32obj2 {
-				return compareGreater, true
-			}
-			if int32obj1 == int32obj2 {
-				return compareEqual, true
-			}
-			if int32obj1 < int32obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Int64:
-		{
-			int64obj1, ok := obj1.(int64)
-			if !ok {
-				int64obj1 = obj1Value.Convert(int64Type).Interface().(int64)
-			}
-			int64obj2, ok := obj2.(int64)
-			if !ok {
-				int64obj2 = obj2Value.Convert(int64Type).Interface().(int64)
-			}
-			if int64obj1 > int64obj2 {
-				return compareGreater, true
-			}
-			if int64obj1 == int64obj2 {
-				return compareEqual, true
-			}
-			if int64obj1 < int64obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Uint:
-		{
-			uintobj1, ok := obj1.(uint)
-			if !ok {
-				uintobj1 = obj1Value.Convert(uintType).Interface().(uint)
-			}
-			uintobj2, ok := obj2.(uint)
-			if !ok {
-				uintobj2 = obj2Value.Convert(uintType).Interface().(uint)
-			}
-			if uintobj1 > uintobj2 {
-				return compareGreater, true
-			}
-			if uintobj1 == uintobj2 {
-				return compareEqual, true
-			}
-			if uintobj1 < uintobj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Uint8:
-		{
-			uint8obj1, ok := obj1.(uint8)
-			if !ok {
-				uint8obj1 = obj1Value.Convert(uint8Type).Interface().(uint8)
-			}
-			uint8obj2, ok := obj2.(uint8)
-			if !ok {
-				uint8obj2 = obj2Value.Convert(uint8Type).Interface().(uint8)
-			}
-			if uint8obj1 > uint8obj2 {
-				return compareGreater, true
-			}
-			if uint8obj1 == uint8obj2 {
-				return compareEqual, true
-			}
-			if uint8obj1 < uint8obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Uint16:
-		{
-			uint16obj1, ok := obj1.(uint16)
-			if !ok {
-				uint16obj1 = obj1Value.Convert(uint16Type).Interface().(uint16)
-			}
-			uint16obj2, ok := obj2.(uint16)
-			if !ok {
-				uint16obj2 = obj2Value.Convert(uint16Type).Interface().(uint16)
-			}
-			if uint16obj1 > uint16obj2 {
-				return compareGreater, true
-			}
-			if uint16obj1 == uint16obj2 {
-				return compareEqual, true
-			}
-			if uint16obj1 < uint16obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Uint32:
-		{
-			uint32obj1, ok := obj1.(uint32)
-			if !ok {
-				uint32obj1 = obj1Value.Convert(uint32Type).Interface().(uint32)
-			}
-			uint32obj2, ok := obj2.(uint32)
-			if !ok {
-				uint32obj2 = obj2Value.Convert(uint32Type).Interface().(uint32)
-			}
-			if uint32obj1 > uint32obj2 {
-				return compareGreater, true
-			}
-			if uint32obj1 == uint32obj2 {
-				return compareEqual, true
-			}
-			if uint32obj1 < uint32obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Uint64:
-		{
-			uint64obj1, ok := obj1.(uint64)
-			if !ok {
-				uint64obj1 = obj1Value.Convert(uint64Type).Interface().(uint64)
-			}
-			uint64obj2, ok := obj2.(uint64)
-			if !ok {
-				uint64obj2 = obj2Value.Convert(uint64Type).Interface().(uint64)
-			}
-			if uint64obj1 > uint64obj2 {
-				return compareGreater, true
-			}
-			if uint64obj1 == uint64obj2 {
-				return compareEqual, true
-			}
-			if uint64obj1 < uint64obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Float32:
-		{
-			float32obj1, ok := obj1.(float32)
-			if !ok {
-				float32obj1 = obj1Value.Convert(float32Type).Interface().(float32)
-			}
-			float32obj2, ok := obj2.(float32)
-			if !ok {
-				float32obj2 = obj2Value.Convert(float32Type).Interface().(float32)
-			}
-			if float32obj1 > float32obj2 {
-				return compareGreater, true
-			}
-			if float32obj1 == float32obj2 {
-				return compareEqual, true
-			}
-			if float32obj1 < float32obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.Float64:
-		{
-			float64obj1, ok := obj1.(float64)
-			if !ok {
-				float64obj1 = obj1Value.Convert(float64Type).Interface().(float64)
-			}
-			float64obj2, ok := obj2.(float64)
-			if !ok {
-				float64obj2 = obj2Value.Convert(float64Type).Interface().(float64)
-			}
-			if float64obj1 > float64obj2 {
-				return compareGreater, true
-			}
-			if float64obj1 == float64obj2 {
-				return compareEqual, true
-			}
-			if float64obj1 < float64obj2 {
-				return compareLess, true
-			}
-		}
-	case reflect.String:
-		{
-			stringobj1, ok := obj1.(string)
-			if !ok {
-				stringobj1 = obj1Value.Convert(stringType).Interface().(string)
-			}
-			stringobj2, ok := obj2.(string)
-			if !ok {
-				stringobj2 = obj2Value.Convert(stringType).Interface().(string)
-			}
-			if stringobj1 > stringobj2 {
-				return compareGreater, true
-			}
-			if stringobj1 == stringobj2 {
-				return compareEqual, true
-			}
-			if stringobj1 < stringobj2 {
-				return compareLess, true
-			}
-		}
-	// Check for known struct types we can check for compare results.
-	case reflect.Struct:
-		{
-			// All structs enter here. We're not interested in most types.
-			if !canConvert(obj1Value, timeType) {
-				break
-			}
-
-			// time.Time can compared!
-			timeObj1, ok := obj1.(time.Time)
-			if !ok {
-				timeObj1 = obj1Value.Convert(timeType).Interface().(time.Time)
-			}
-
-			timeObj2, ok := obj2.(time.Time)
-			if !ok {
-				timeObj2 = obj2Value.Convert(timeType).Interface().(time.Time)
-			}
-
-			return compare(timeObj1.UnixNano(), timeObj2.UnixNano(), reflect.Int64)
-		}
-	case reflect.Slice:
-		{
-			// We only care about the []byte type.
-			if !canConvert(obj1Value, bytesType) {
-				break
-			}
-
-			// []byte can be compared!
-			bytesObj1, ok := obj1.([]byte)
-			if !ok {
-				bytesObj1 = obj1Value.Convert(bytesType).Interface().([]byte)
-
-			}
-			bytesObj2, ok := obj2.([]byte)
-			if !ok {
-				bytesObj2 = obj2Value.Convert(bytesType).Interface().([]byte)
-			}
-
-			return CompareType(bytes.Compare(bytesObj1, bytesObj2)), true
-		}
-	}
-
-	return compareEqual, false
-}
-
-// Greater asserts that the first element is greater than the second
-//
-//	assert.Greater(t, 2, 1)
-//	assert.Greater(t, float64(2), float64(1))
-//	assert.Greater(t, "b", "a")
-func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return compareTwoValues(t, e1, e2, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs...)
-}
-
-// GreaterOrEqual asserts that the first element is greater than or equal to the second
-//
-//	assert.GreaterOrEqual(t, 2, 1)
-//	assert.GreaterOrEqual(t, 2, 2)
-//	assert.GreaterOrEqual(t, "b", "a")
-//	assert.GreaterOrEqual(t, "b", "b")
-func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return compareTwoValues(t, e1, e2, []CompareType{compareGreater, compareEqual}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs...)
-}
-
-// Less asserts that the first element is less than the second
-//
-//	assert.Less(t, 1, 2)
-//	assert.Less(t, float64(1), float64(2))
-//	assert.Less(t, "a", "b")
-func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return compareTwoValues(t, e1, e2, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs...)
-}
-
-// LessOrEqual asserts that the first element is less than or equal to the second
-//
-//	assert.LessOrEqual(t, 1, 2)
-//	assert.LessOrEqual(t, 2, 2)
-//	assert.LessOrEqual(t, "a", "b")
-//	assert.LessOrEqual(t, "b", "b")
-func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return compareTwoValues(t, e1, e2, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs...)
-}
-
-// Positive asserts that the specified element is positive
-//
-//	assert.Positive(t, 1)
-//	assert.Positive(t, 1.23)
-func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	zero := reflect.Zero(reflect.TypeOf(e))
-	return compareTwoValues(t, e, zero.Interface(), []CompareType{compareGreater}, "\"%v\" is not positive", msgAndArgs...)
-}
-
-// Negative asserts that the specified element is negative
-//
-//	assert.Negative(t, -1)
-//	assert.Negative(t, -1.23)
-func Negative(t TestingT, e interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	zero := reflect.Zero(reflect.TypeOf(e))
-	return compareTwoValues(t, e, zero.Interface(), []CompareType{compareLess}, "\"%v\" is not negative", msgAndArgs...)
-}
-
-func compareTwoValues(t TestingT, e1 interface{}, e2 interface{}, allowedComparesResults []CompareType, failMessage string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	e1Kind := reflect.ValueOf(e1).Kind()
-	e2Kind := reflect.ValueOf(e2).Kind()
-	if e1Kind != e2Kind {
-		return Fail(t, "Elements should be the same type", msgAndArgs...)
-	}
-
-	compareResult, isComparable := compare(e1, e2, e1Kind)
-	if !isComparable {
-		return Fail(t, fmt.Sprintf("Can not compare type \"%s\"", reflect.TypeOf(e1)), msgAndArgs...)
-	}
-
-	if !containsValue(allowedComparesResults, compareResult) {
-		return Fail(t, fmt.Sprintf(failMessage, e1, e2), msgAndArgs...)
-	}
-
-	return true
-}
-
-func containsValue(values []CompareType, value CompareType) bool {
-	for _, v := range values {
-		if v == value {
-			return true
-		}
-	}
-
-	return false
-}
diff --git a/vendor/github.com/stretchr/testify/assert/assertion_compare_can_convert.go b/vendor/github.com/stretchr/testify/assert/assertion_compare_can_convert.go
deleted file mode 100644
index da867903e..000000000
--- a/vendor/github.com/stretchr/testify/assert/assertion_compare_can_convert.go
+++ /dev/null
@@ -1,16 +0,0 @@
-//go:build go1.17
-// +build go1.17
-
-// TODO: once support for Go 1.16 is dropped, this file can be
-//       merged/removed with assertion_compare_go1.17_test.go and
-//       assertion_compare_legacy.go
-
-package assert
-
-import "reflect"
-
-// Wrapper around reflect.Value.CanConvert, for compatibility
-// reasons.
-func canConvert(value reflect.Value, to reflect.Type) bool {
-	return value.CanConvert(to)
-}
diff --git a/vendor/github.com/stretchr/testify/assert/assertion_compare_legacy.go b/vendor/github.com/stretchr/testify/assert/assertion_compare_legacy.go
deleted file mode 100644
index 1701af2a3..000000000
--- a/vendor/github.com/stretchr/testify/assert/assertion_compare_legacy.go
+++ /dev/null
@@ -1,16 +0,0 @@
-//go:build !go1.17
-// +build !go1.17
-
-// TODO: once support for Go 1.16 is dropped, this file can be
-//       merged/removed with assertion_compare_go1.17_test.go and
-//       assertion_compare_can_convert.go
-
-package assert
-
-import "reflect"
-
-// Older versions of Go does not have the reflect.Value.CanConvert
-// method.
-func canConvert(value reflect.Value, to reflect.Type) bool {
-	return false
-}
diff --git a/vendor/github.com/stretchr/testify/assert/assertion_format.go b/vendor/github.com/stretchr/testify/assert/assertion_format.go
deleted file mode 100644
index 84dbd6c79..000000000
--- a/vendor/github.com/stretchr/testify/assert/assertion_format.go
+++ /dev/null
@@ -1,805 +0,0 @@
-/*
-* CODE GENERATED AUTOMATICALLY WITH github.com/stretchr/testify/_codegen
-* THIS FILE MUST NOT BE EDITED BY HAND
- */
-
-package assert
-
-import (
-	http "net/http"
-	url "net/url"
-	time "time"
-)
-
-// Conditionf uses a Comparison to assert a complex condition.
-func Conditionf(t TestingT, comp Comparison, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Condition(t, comp, append([]interface{}{msg}, args...)...)
-}
-
-// Containsf asserts that the specified string, list(array, slice...) or map contains the
-// specified substring or element.
-//
-//	assert.Containsf(t, "Hello World", "World", "error message %s", "formatted")
-//	assert.Containsf(t, ["Hello", "World"], "World", "error message %s", "formatted")
-//	assert.Containsf(t, {"Hello": "World"}, "Hello", "error message %s", "formatted")
-func Containsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Contains(t, s, contains, append([]interface{}{msg}, args...)...)
-}
-
-// DirExistsf checks whether a directory exists in the given path. It also fails
-// if the path is a file rather a directory or there is an error checking whether it exists.
-func DirExistsf(t TestingT, path string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return DirExists(t, path, append([]interface{}{msg}, args...)...)
-}
-
-// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified
-// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
-// the number of appearances of each of them in both lists should match.
-//
-// assert.ElementsMatchf(t, [1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted")
-func ElementsMatchf(t TestingT, listA interface{}, listB interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return ElementsMatch(t, listA, listB, append([]interface{}{msg}, args...)...)
-}
-
-// Emptyf asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	assert.Emptyf(t, obj, "error message %s", "formatted")
-func Emptyf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Empty(t, object, append([]interface{}{msg}, args...)...)
-}
-
-// Equalf asserts that two objects are equal.
-//
-//	assert.Equalf(t, 123, 123, "error message %s", "formatted")
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses). Function equality
-// cannot be determined and will always fail.
-func Equalf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Equal(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// EqualErrorf asserts that a function returned an error (i.e. not `nil`)
-// and that it is equal to the provided error.
-//
-//	actualObj, err := SomeFunction()
-//	assert.EqualErrorf(t, err,  expectedErrorString, "error message %s", "formatted")
-func EqualErrorf(t TestingT, theError error, errString string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return EqualError(t, theError, errString, append([]interface{}{msg}, args...)...)
-}
-
-// EqualExportedValuesf asserts that the types of two objects are equal and their public
-// fields are also equal. This is useful for comparing structs that have private fields
-// that could potentially differ.
-//
-//	 type S struct {
-//		Exported     	int
-//		notExported   	int
-//	 }
-//	 assert.EqualExportedValuesf(t, S{1, 2}, S{1, 3}, "error message %s", "formatted") => true
-//	 assert.EqualExportedValuesf(t, S{1, 2}, S{2, 3}, "error message %s", "formatted") => false
-func EqualExportedValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return EqualExportedValues(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// EqualValuesf asserts that two objects are equal or convertable to the same types
-// and equal.
-//
-//	assert.EqualValuesf(t, uint32(123), int32(123), "error message %s", "formatted")
-func EqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return EqualValues(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// Errorf asserts that a function returned an error (i.e. not `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if assert.Errorf(t, err, "error message %s", "formatted") {
-//		   assert.Equal(t, expectedErrorf, err)
-//	  }
-func Errorf(t TestingT, err error, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Error(t, err, append([]interface{}{msg}, args...)...)
-}
-
-// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
-// This is a wrapper for errors.As.
-func ErrorAsf(t TestingT, err error, target interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return ErrorAs(t, err, target, append([]interface{}{msg}, args...)...)
-}
-
-// ErrorContainsf asserts that a function returned an error (i.e. not `nil`)
-// and that the error contains the specified substring.
-//
-//	actualObj, err := SomeFunction()
-//	assert.ErrorContainsf(t, err,  expectedErrorSubString, "error message %s", "formatted")
-func ErrorContainsf(t TestingT, theError error, contains string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return ErrorContains(t, theError, contains, append([]interface{}{msg}, args...)...)
-}
-
-// ErrorIsf asserts that at least one of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func ErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return ErrorIs(t, err, target, append([]interface{}{msg}, args...)...)
-}
-
-// Eventuallyf asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick.
-//
-//	assert.Eventuallyf(t, func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
-func Eventuallyf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Eventually(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...)
-}
-
-// EventuallyWithTf asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick. In contrast to Eventually,
-// it supplies a CollectT to the condition function, so that the condition
-// function can use the CollectT to call other assertions.
-// The condition is considered "met" if no errors are raised in a tick.
-// The supplied CollectT collects all errors from one tick (if there are any).
-// If the condition is not met before waitFor, the collected errors of
-// the last tick are copied to t.
-//
-//	externalValue := false
-//	go func() {
-//		time.Sleep(8*time.Second)
-//		externalValue = true
-//	}()
-//	assert.EventuallyWithTf(t, func(c *assert.CollectT, "error message %s", "formatted") {
-//		// add assertions as needed; any assertion failure will fail the current tick
-//		assert.True(c, externalValue, "expected 'externalValue' to be true")
-//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
-func EventuallyWithTf(t TestingT, condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return EventuallyWithT(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...)
-}
-
-// Exactlyf asserts that two objects are equal in value and type.
-//
-//	assert.Exactlyf(t, int32(123), int64(123), "error message %s", "formatted")
-func Exactlyf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Exactly(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// Failf reports a failure through
-func Failf(t TestingT, failureMessage string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Fail(t, failureMessage, append([]interface{}{msg}, args...)...)
-}
-
-// FailNowf fails test
-func FailNowf(t TestingT, failureMessage string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return FailNow(t, failureMessage, append([]interface{}{msg}, args...)...)
-}
-
-// Falsef asserts that the specified value is false.
-//
-//	assert.Falsef(t, myBool, "error message %s", "formatted")
-func Falsef(t TestingT, value bool, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return False(t, value, append([]interface{}{msg}, args...)...)
-}
-
-// FileExistsf checks whether a file exists in the given path. It also fails if
-// the path points to a directory or there is an error when trying to check the file.
-func FileExistsf(t TestingT, path string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return FileExists(t, path, append([]interface{}{msg}, args...)...)
-}
-
-// Greaterf asserts that the first element is greater than the second
-//
-//	assert.Greaterf(t, 2, 1, "error message %s", "formatted")
-//	assert.Greaterf(t, float64(2), float64(1), "error message %s", "formatted")
-//	assert.Greaterf(t, "b", "a", "error message %s", "formatted")
-func Greaterf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Greater(t, e1, e2, append([]interface{}{msg}, args...)...)
-}
-
-// GreaterOrEqualf asserts that the first element is greater than or equal to the second
-//
-//	assert.GreaterOrEqualf(t, 2, 1, "error message %s", "formatted")
-//	assert.GreaterOrEqualf(t, 2, 2, "error message %s", "formatted")
-//	assert.GreaterOrEqualf(t, "b", "a", "error message %s", "formatted")
-//	assert.GreaterOrEqualf(t, "b", "b", "error message %s", "formatted")
-func GreaterOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return GreaterOrEqual(t, e1, e2, append([]interface{}{msg}, args...)...)
-}
-
-// HTTPBodyContainsf asserts that a specified handler returns a
-// body that contains a string.
-//
-//	assert.HTTPBodyContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPBodyContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPBodyContains(t, handler, method, url, values, str, append([]interface{}{msg}, args...)...)
-}
-
-// HTTPBodyNotContainsf asserts that a specified handler returns a
-// body that does not contain a string.
-//
-//	assert.HTTPBodyNotContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPBodyNotContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPBodyNotContains(t, handler, method, url, values, str, append([]interface{}{msg}, args...)...)
-}
-
-// HTTPErrorf asserts that a specified handler returns an error status code.
-//
-//	assert.HTTPErrorf(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPErrorf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPError(t, handler, method, url, values, append([]interface{}{msg}, args...)...)
-}
-
-// HTTPRedirectf asserts that a specified handler returns a redirect status code.
-//
-//	assert.HTTPRedirectf(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPRedirectf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPRedirect(t, handler, method, url, values, append([]interface{}{msg}, args...)...)
-}
-
-// HTTPStatusCodef asserts that a specified handler returns a specified status code.
-//
-//	assert.HTTPStatusCodef(t, myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPStatusCodef(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPStatusCode(t, handler, method, url, values, statuscode, append([]interface{}{msg}, args...)...)
-}
-
-// HTTPSuccessf asserts that a specified handler returns a success status code.
-//
-//	assert.HTTPSuccessf(t, myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPSuccessf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPSuccess(t, handler, method, url, values, append([]interface{}{msg}, args...)...)
-}
-
-// Implementsf asserts that an object is implemented by the specified interface.
-//
-//	assert.Implementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
-func Implementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Implements(t, interfaceObject, object, append([]interface{}{msg}, args...)...)
-}
-
-// InDeltaf asserts that the two numerals are within delta of each other.
-//
-//	assert.InDeltaf(t, math.Pi, 22/7.0, 0.01, "error message %s", "formatted")
-func InDeltaf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return InDelta(t, expected, actual, delta, append([]interface{}{msg}, args...)...)
-}
-
-// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
-func InDeltaMapValuesf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return InDeltaMapValues(t, expected, actual, delta, append([]interface{}{msg}, args...)...)
-}
-
-// InDeltaSlicef is the same as InDelta, except it compares two slices.
-func InDeltaSlicef(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return InDeltaSlice(t, expected, actual, delta, append([]interface{}{msg}, args...)...)
-}
-
-// InEpsilonf asserts that expected and actual have a relative error less than epsilon
-func InEpsilonf(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return InEpsilon(t, expected, actual, epsilon, append([]interface{}{msg}, args...)...)
-}
-
-// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices.
-func InEpsilonSlicef(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return InEpsilonSlice(t, expected, actual, epsilon, append([]interface{}{msg}, args...)...)
-}
-
-// IsDecreasingf asserts that the collection is decreasing
-//
-//	assert.IsDecreasingf(t, []int{2, 1, 0}, "error message %s", "formatted")
-//	assert.IsDecreasingf(t, []float{2, 1}, "error message %s", "formatted")
-//	assert.IsDecreasingf(t, []string{"b", "a"}, "error message %s", "formatted")
-func IsDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsDecreasing(t, object, append([]interface{}{msg}, args...)...)
-}
-
-// IsIncreasingf asserts that the collection is increasing
-//
-//	assert.IsIncreasingf(t, []int{1, 2, 3}, "error message %s", "formatted")
-//	assert.IsIncreasingf(t, []float{1, 2}, "error message %s", "formatted")
-//	assert.IsIncreasingf(t, []string{"a", "b"}, "error message %s", "formatted")
-func IsIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsIncreasing(t, object, append([]interface{}{msg}, args...)...)
-}
-
-// IsNonDecreasingf asserts that the collection is not decreasing
-//
-//	assert.IsNonDecreasingf(t, []int{1, 1, 2}, "error message %s", "formatted")
-//	assert.IsNonDecreasingf(t, []float{1, 2}, "error message %s", "formatted")
-//	assert.IsNonDecreasingf(t, []string{"a", "b"}, "error message %s", "formatted")
-func IsNonDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsNonDecreasing(t, object, append([]interface{}{msg}, args...)...)
-}
-
-// IsNonIncreasingf asserts that the collection is not increasing
-//
-//	assert.IsNonIncreasingf(t, []int{2, 1, 1}, "error message %s", "formatted")
-//	assert.IsNonIncreasingf(t, []float{2, 1}, "error message %s", "formatted")
-//	assert.IsNonIncreasingf(t, []string{"b", "a"}, "error message %s", "formatted")
-func IsNonIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsNonIncreasing(t, object, append([]interface{}{msg}, args...)...)
-}
-
-// IsTypef asserts that the specified objects are of the same type.
-func IsTypef(t TestingT, expectedType interface{}, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsType(t, expectedType, object, append([]interface{}{msg}, args...)...)
-}
-
-// JSONEqf asserts that two JSON strings are equivalent.
-//
-//	assert.JSONEqf(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted")
-func JSONEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return JSONEq(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// Lenf asserts that the specified object has specific length.
-// Lenf also fails if the object has a type that len() not accept.
-//
-//	assert.Lenf(t, mySlice, 3, "error message %s", "formatted")
-func Lenf(t TestingT, object interface{}, length int, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Len(t, object, length, append([]interface{}{msg}, args...)...)
-}
-
-// Lessf asserts that the first element is less than the second
-//
-//	assert.Lessf(t, 1, 2, "error message %s", "formatted")
-//	assert.Lessf(t, float64(1), float64(2), "error message %s", "formatted")
-//	assert.Lessf(t, "a", "b", "error message %s", "formatted")
-func Lessf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Less(t, e1, e2, append([]interface{}{msg}, args...)...)
-}
-
-// LessOrEqualf asserts that the first element is less than or equal to the second
-//
-//	assert.LessOrEqualf(t, 1, 2, "error message %s", "formatted")
-//	assert.LessOrEqualf(t, 2, 2, "error message %s", "formatted")
-//	assert.LessOrEqualf(t, "a", "b", "error message %s", "formatted")
-//	assert.LessOrEqualf(t, "b", "b", "error message %s", "formatted")
-func LessOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return LessOrEqual(t, e1, e2, append([]interface{}{msg}, args...)...)
-}
-
-// Negativef asserts that the specified element is negative
-//
-//	assert.Negativef(t, -1, "error message %s", "formatted")
-//	assert.Negativef(t, -1.23, "error message %s", "formatted")
-func Negativef(t TestingT, e interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Negative(t, e, append([]interface{}{msg}, args...)...)
-}
-
-// Neverf asserts that the given condition doesn't satisfy in waitFor time,
-// periodically checking the target function each tick.
-//
-//	assert.Neverf(t, func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
-func Neverf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Never(t, condition, waitFor, tick, append([]interface{}{msg}, args...)...)
-}
-
-// Nilf asserts that the specified object is nil.
-//
-//	assert.Nilf(t, err, "error message %s", "formatted")
-func Nilf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Nil(t, object, append([]interface{}{msg}, args...)...)
-}
-
-// NoDirExistsf checks whether a directory does not exist in the given path.
-// It fails if the path points to an existing _directory_ only.
-func NoDirExistsf(t TestingT, path string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NoDirExists(t, path, append([]interface{}{msg}, args...)...)
-}
-
-// NoErrorf asserts that a function returned no error (i.e. `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if assert.NoErrorf(t, err, "error message %s", "formatted") {
-//		   assert.Equal(t, expectedObj, actualObj)
-//	  }
-func NoErrorf(t TestingT, err error, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NoError(t, err, append([]interface{}{msg}, args...)...)
-}
-
-// NoFileExistsf checks whether a file does not exist in a given path. It fails
-// if the path points to an existing _file_ only.
-func NoFileExistsf(t TestingT, path string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NoFileExists(t, path, append([]interface{}{msg}, args...)...)
-}
-
-// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the
-// specified substring or element.
-//
-//	assert.NotContainsf(t, "Hello World", "Earth", "error message %s", "formatted")
-//	assert.NotContainsf(t, ["Hello", "World"], "Earth", "error message %s", "formatted")
-//	assert.NotContainsf(t, {"Hello": "World"}, "Earth", "error message %s", "formatted")
-func NotContainsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotContains(t, s, contains, append([]interface{}{msg}, args...)...)
-}
-
-// NotEmptyf asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	if assert.NotEmptyf(t, obj, "error message %s", "formatted") {
-//	  assert.Equal(t, "two", obj[1])
-//	}
-func NotEmptyf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotEmpty(t, object, append([]interface{}{msg}, args...)...)
-}
-
-// NotEqualf asserts that the specified values are NOT equal.
-//
-//	assert.NotEqualf(t, obj1, obj2, "error message %s", "formatted")
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses).
-func NotEqualf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotEqual(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// NotEqualValuesf asserts that two objects are not equal even when converted to the same type
-//
-//	assert.NotEqualValuesf(t, obj1, obj2, "error message %s", "formatted")
-func NotEqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotEqualValues(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// NotErrorIsf asserts that at none of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func NotErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotErrorIs(t, err, target, append([]interface{}{msg}, args...)...)
-}
-
-// NotNilf asserts that the specified object is not nil.
-//
-//	assert.NotNilf(t, err, "error message %s", "formatted")
-func NotNilf(t TestingT, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotNil(t, object, append([]interface{}{msg}, args...)...)
-}
-
-// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic.
-//
-//	assert.NotPanicsf(t, func(){ RemainCalm() }, "error message %s", "formatted")
-func NotPanicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotPanics(t, f, append([]interface{}{msg}, args...)...)
-}
-
-// NotRegexpf asserts that a specified regexp does not match a string.
-//
-//	assert.NotRegexpf(t, regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted")
-//	assert.NotRegexpf(t, "^start", "it's not starting", "error message %s", "formatted")
-func NotRegexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotRegexp(t, rx, str, append([]interface{}{msg}, args...)...)
-}
-
-// NotSamef asserts that two pointers do not reference the same object.
-//
-//	assert.NotSamef(t, ptr1, ptr2, "error message %s", "formatted")
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func NotSamef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotSame(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// NotSubsetf asserts that the specified list(array, slice...) contains not all
-// elements given in the specified subset(array, slice...).
-//
-//	assert.NotSubsetf(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted")
-func NotSubsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotSubset(t, list, subset, append([]interface{}{msg}, args...)...)
-}
-
-// NotZerof asserts that i is not the zero value for its type.
-func NotZerof(t TestingT, i interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotZero(t, i, append([]interface{}{msg}, args...)...)
-}
-
-// Panicsf asserts that the code inside the specified PanicTestFunc panics.
-//
-//	assert.Panicsf(t, func(){ GoCrazy() }, "error message %s", "formatted")
-func Panicsf(t TestingT, f PanicTestFunc, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Panics(t, f, append([]interface{}{msg}, args...)...)
-}
-
-// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc
-// panics, and that the recovered panic value is an error that satisfies the
-// EqualError comparison.
-//
-//	assert.PanicsWithErrorf(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
-func PanicsWithErrorf(t TestingT, errString string, f PanicTestFunc, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return PanicsWithError(t, errString, f, append([]interface{}{msg}, args...)...)
-}
-
-// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that
-// the recovered panic value equals the expected panic value.
-//
-//	assert.PanicsWithValuef(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
-func PanicsWithValuef(t TestingT, expected interface{}, f PanicTestFunc, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return PanicsWithValue(t, expected, f, append([]interface{}{msg}, args...)...)
-}
-
-// Positivef asserts that the specified element is positive
-//
-//	assert.Positivef(t, 1, "error message %s", "formatted")
-//	assert.Positivef(t, 1.23, "error message %s", "formatted")
-func Positivef(t TestingT, e interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Positive(t, e, append([]interface{}{msg}, args...)...)
-}
-
-// Regexpf asserts that a specified regexp matches a string.
-//
-//	assert.Regexpf(t, regexp.MustCompile("start"), "it's starting", "error message %s", "formatted")
-//	assert.Regexpf(t, "start...$", "it's not starting", "error message %s", "formatted")
-func Regexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Regexp(t, rx, str, append([]interface{}{msg}, args...)...)
-}
-
-// Samef asserts that two pointers reference the same object.
-//
-//	assert.Samef(t, ptr1, ptr2, "error message %s", "formatted")
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func Samef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Same(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// Subsetf asserts that the specified list(array, slice...) contains all
-// elements given in the specified subset(array, slice...).
-//
-//	assert.Subsetf(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted")
-func Subsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Subset(t, list, subset, append([]interface{}{msg}, args...)...)
-}
-
-// Truef asserts that the specified value is true.
-//
-//	assert.Truef(t, myBool, "error message %s", "formatted")
-func Truef(t TestingT, value bool, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return True(t, value, append([]interface{}{msg}, args...)...)
-}
-
-// WithinDurationf asserts that the two times are within duration delta of each other.
-//
-//	assert.WithinDurationf(t, time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted")
-func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return WithinDuration(t, expected, actual, delta, append([]interface{}{msg}, args...)...)
-}
-
-// WithinRangef asserts that a time is within a time range (inclusive).
-//
-//	assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted")
-func WithinRangef(t TestingT, actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return WithinRange(t, actual, start, end, append([]interface{}{msg}, args...)...)
-}
-
-// YAMLEqf asserts that two YAML strings are equivalent.
-func YAMLEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return YAMLEq(t, expected, actual, append([]interface{}{msg}, args...)...)
-}
-
-// Zerof asserts that i is the zero value for its type.
-func Zerof(t TestingT, i interface{}, msg string, args ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Zero(t, i, append([]interface{}{msg}, args...)...)
-}
diff --git a/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl b/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl
deleted file mode 100644
index d2bb0b817..000000000
--- a/vendor/github.com/stretchr/testify/assert/assertion_format.go.tmpl
+++ /dev/null
@@ -1,5 +0,0 @@
-{{.CommentFormat}}
-func {{.DocInfo.Name}}f(t TestingT, {{.ParamsFormat}}) bool {
-	if h, ok := t.(tHelper); ok { h.Helper() }
-	return {{.DocInfo.Name}}(t, {{.ForwardedParamsFormat}})
-}
diff --git a/vendor/github.com/stretchr/testify/assert/assertion_forward.go b/vendor/github.com/stretchr/testify/assert/assertion_forward.go
deleted file mode 100644
index b1d94aec5..000000000
--- a/vendor/github.com/stretchr/testify/assert/assertion_forward.go
+++ /dev/null
@@ -1,1598 +0,0 @@
-/*
-* CODE GENERATED AUTOMATICALLY WITH github.com/stretchr/testify/_codegen
-* THIS FILE MUST NOT BE EDITED BY HAND
- */
-
-package assert
-
-import (
-	http "net/http"
-	url "net/url"
-	time "time"
-)
-
-// Condition uses a Comparison to assert a complex condition.
-func (a *Assertions) Condition(comp Comparison, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Condition(a.t, comp, msgAndArgs...)
-}
-
-// Conditionf uses a Comparison to assert a complex condition.
-func (a *Assertions) Conditionf(comp Comparison, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Conditionf(a.t, comp, msg, args...)
-}
-
-// Contains asserts that the specified string, list(array, slice...) or map contains the
-// specified substring or element.
-//
-//	a.Contains("Hello World", "World")
-//	a.Contains(["Hello", "World"], "World")
-//	a.Contains({"Hello": "World"}, "Hello")
-func (a *Assertions) Contains(s interface{}, contains interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Contains(a.t, s, contains, msgAndArgs...)
-}
-
-// Containsf asserts that the specified string, list(array, slice...) or map contains the
-// specified substring or element.
-//
-//	a.Containsf("Hello World", "World", "error message %s", "formatted")
-//	a.Containsf(["Hello", "World"], "World", "error message %s", "formatted")
-//	a.Containsf({"Hello": "World"}, "Hello", "error message %s", "formatted")
-func (a *Assertions) Containsf(s interface{}, contains interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Containsf(a.t, s, contains, msg, args...)
-}
-
-// DirExists checks whether a directory exists in the given path. It also fails
-// if the path is a file rather a directory or there is an error checking whether it exists.
-func (a *Assertions) DirExists(path string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return DirExists(a.t, path, msgAndArgs...)
-}
-
-// DirExistsf checks whether a directory exists in the given path. It also fails
-// if the path is a file rather a directory or there is an error checking whether it exists.
-func (a *Assertions) DirExistsf(path string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return DirExistsf(a.t, path, msg, args...)
-}
-
-// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified
-// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
-// the number of appearances of each of them in both lists should match.
-//
-// a.ElementsMatch([1, 3, 2, 3], [1, 3, 3, 2])
-func (a *Assertions) ElementsMatch(listA interface{}, listB interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return ElementsMatch(a.t, listA, listB, msgAndArgs...)
-}
-
-// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified
-// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
-// the number of appearances of each of them in both lists should match.
-//
-// a.ElementsMatchf([1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted")
-func (a *Assertions) ElementsMatchf(listA interface{}, listB interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return ElementsMatchf(a.t, listA, listB, msg, args...)
-}
-
-// Empty asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	a.Empty(obj)
-func (a *Assertions) Empty(object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Empty(a.t, object, msgAndArgs...)
-}
-
-// Emptyf asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	a.Emptyf(obj, "error message %s", "formatted")
-func (a *Assertions) Emptyf(object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Emptyf(a.t, object, msg, args...)
-}
-
-// Equal asserts that two objects are equal.
-//
-//	a.Equal(123, 123)
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses). Function equality
-// cannot be determined and will always fail.
-func (a *Assertions) Equal(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Equal(a.t, expected, actual, msgAndArgs...)
-}
-
-// EqualError asserts that a function returned an error (i.e. not `nil`)
-// and that it is equal to the provided error.
-//
-//	actualObj, err := SomeFunction()
-//	a.EqualError(err,  expectedErrorString)
-func (a *Assertions) EqualError(theError error, errString string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return EqualError(a.t, theError, errString, msgAndArgs...)
-}
-
-// EqualErrorf asserts that a function returned an error (i.e. not `nil`)
-// and that it is equal to the provided error.
-//
-//	actualObj, err := SomeFunction()
-//	a.EqualErrorf(err,  expectedErrorString, "error message %s", "formatted")
-func (a *Assertions) EqualErrorf(theError error, errString string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return EqualErrorf(a.t, theError, errString, msg, args...)
-}
-
-// EqualExportedValues asserts that the types of two objects are equal and their public
-// fields are also equal. This is useful for comparing structs that have private fields
-// that could potentially differ.
-//
-//	 type S struct {
-//		Exported     	int
-//		notExported   	int
-//	 }
-//	 a.EqualExportedValues(S{1, 2}, S{1, 3}) => true
-//	 a.EqualExportedValues(S{1, 2}, S{2, 3}) => false
-func (a *Assertions) EqualExportedValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return EqualExportedValues(a.t, expected, actual, msgAndArgs...)
-}
-
-// EqualExportedValuesf asserts that the types of two objects are equal and their public
-// fields are also equal. This is useful for comparing structs that have private fields
-// that could potentially differ.
-//
-//	 type S struct {
-//		Exported     	int
-//		notExported   	int
-//	 }
-//	 a.EqualExportedValuesf(S{1, 2}, S{1, 3}, "error message %s", "formatted") => true
-//	 a.EqualExportedValuesf(S{1, 2}, S{2, 3}, "error message %s", "formatted") => false
-func (a *Assertions) EqualExportedValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return EqualExportedValuesf(a.t, expected, actual, msg, args...)
-}
-
-// EqualValues asserts that two objects are equal or convertable to the same types
-// and equal.
-//
-//	a.EqualValues(uint32(123), int32(123))
-func (a *Assertions) EqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return EqualValues(a.t, expected, actual, msgAndArgs...)
-}
-
-// EqualValuesf asserts that two objects are equal or convertable to the same types
-// and equal.
-//
-//	a.EqualValuesf(uint32(123), int32(123), "error message %s", "formatted")
-func (a *Assertions) EqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return EqualValuesf(a.t, expected, actual, msg, args...)
-}
-
-// Equalf asserts that two objects are equal.
-//
-//	a.Equalf(123, 123, "error message %s", "formatted")
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses). Function equality
-// cannot be determined and will always fail.
-func (a *Assertions) Equalf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Equalf(a.t, expected, actual, msg, args...)
-}
-
-// Error asserts that a function returned an error (i.e. not `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if a.Error(err) {
-//		   assert.Equal(t, expectedError, err)
-//	  }
-func (a *Assertions) Error(err error, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Error(a.t, err, msgAndArgs...)
-}
-
-// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
-// This is a wrapper for errors.As.
-func (a *Assertions) ErrorAs(err error, target interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return ErrorAs(a.t, err, target, msgAndArgs...)
-}
-
-// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
-// This is a wrapper for errors.As.
-func (a *Assertions) ErrorAsf(err error, target interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return ErrorAsf(a.t, err, target, msg, args...)
-}
-
-// ErrorContains asserts that a function returned an error (i.e. not `nil`)
-// and that the error contains the specified substring.
-//
-//	actualObj, err := SomeFunction()
-//	a.ErrorContains(err,  expectedErrorSubString)
-func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return ErrorContains(a.t, theError, contains, msgAndArgs...)
-}
-
-// ErrorContainsf asserts that a function returned an error (i.e. not `nil`)
-// and that the error contains the specified substring.
-//
-//	actualObj, err := SomeFunction()
-//	a.ErrorContainsf(err,  expectedErrorSubString, "error message %s", "formatted")
-func (a *Assertions) ErrorContainsf(theError error, contains string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return ErrorContainsf(a.t, theError, contains, msg, args...)
-}
-
-// ErrorIs asserts that at least one of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func (a *Assertions) ErrorIs(err error, target error, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return ErrorIs(a.t, err, target, msgAndArgs...)
-}
-
-// ErrorIsf asserts that at least one of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func (a *Assertions) ErrorIsf(err error, target error, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return ErrorIsf(a.t, err, target, msg, args...)
-}
-
-// Errorf asserts that a function returned an error (i.e. not `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if a.Errorf(err, "error message %s", "formatted") {
-//		   assert.Equal(t, expectedErrorf, err)
-//	  }
-func (a *Assertions) Errorf(err error, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Errorf(a.t, err, msg, args...)
-}
-
-// Eventually asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick.
-//
-//	a.Eventually(func() bool { return true; }, time.Second, 10*time.Millisecond)
-func (a *Assertions) Eventually(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Eventually(a.t, condition, waitFor, tick, msgAndArgs...)
-}
-
-// EventuallyWithT asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick. In contrast to Eventually,
-// it supplies a CollectT to the condition function, so that the condition
-// function can use the CollectT to call other assertions.
-// The condition is considered "met" if no errors are raised in a tick.
-// The supplied CollectT collects all errors from one tick (if there are any).
-// If the condition is not met before waitFor, the collected errors of
-// the last tick are copied to t.
-//
-//	externalValue := false
-//	go func() {
-//		time.Sleep(8*time.Second)
-//		externalValue = true
-//	}()
-//	a.EventuallyWithT(func(c *assert.CollectT) {
-//		// add assertions as needed; any assertion failure will fail the current tick
-//		assert.True(c, externalValue, "expected 'externalValue' to be true")
-//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
-func (a *Assertions) EventuallyWithT(condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return EventuallyWithT(a.t, condition, waitFor, tick, msgAndArgs...)
-}
-
-// EventuallyWithTf asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick. In contrast to Eventually,
-// it supplies a CollectT to the condition function, so that the condition
-// function can use the CollectT to call other assertions.
-// The condition is considered "met" if no errors are raised in a tick.
-// The supplied CollectT collects all errors from one tick (if there are any).
-// If the condition is not met before waitFor, the collected errors of
-// the last tick are copied to t.
-//
-//	externalValue := false
-//	go func() {
-//		time.Sleep(8*time.Second)
-//		externalValue = true
-//	}()
-//	a.EventuallyWithTf(func(c *assert.CollectT, "error message %s", "formatted") {
-//		// add assertions as needed; any assertion failure will fail the current tick
-//		assert.True(c, externalValue, "expected 'externalValue' to be true")
-//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
-func (a *Assertions) EventuallyWithTf(condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return EventuallyWithTf(a.t, condition, waitFor, tick, msg, args...)
-}
-
-// Eventuallyf asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick.
-//
-//	a.Eventuallyf(func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
-func (a *Assertions) Eventuallyf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Eventuallyf(a.t, condition, waitFor, tick, msg, args...)
-}
-
-// Exactly asserts that two objects are equal in value and type.
-//
-//	a.Exactly(int32(123), int64(123))
-func (a *Assertions) Exactly(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Exactly(a.t, expected, actual, msgAndArgs...)
-}
-
-// Exactlyf asserts that two objects are equal in value and type.
-//
-//	a.Exactlyf(int32(123), int64(123), "error message %s", "formatted")
-func (a *Assertions) Exactlyf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Exactlyf(a.t, expected, actual, msg, args...)
-}
-
-// Fail reports a failure through
-func (a *Assertions) Fail(failureMessage string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Fail(a.t, failureMessage, msgAndArgs...)
-}
-
-// FailNow fails test
-func (a *Assertions) FailNow(failureMessage string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return FailNow(a.t, failureMessage, msgAndArgs...)
-}
-
-// FailNowf fails test
-func (a *Assertions) FailNowf(failureMessage string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return FailNowf(a.t, failureMessage, msg, args...)
-}
-
-// Failf reports a failure through
-func (a *Assertions) Failf(failureMessage string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Failf(a.t, failureMessage, msg, args...)
-}
-
-// False asserts that the specified value is false.
-//
-//	a.False(myBool)
-func (a *Assertions) False(value bool, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return False(a.t, value, msgAndArgs...)
-}
-
-// Falsef asserts that the specified value is false.
-//
-//	a.Falsef(myBool, "error message %s", "formatted")
-func (a *Assertions) Falsef(value bool, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Falsef(a.t, value, msg, args...)
-}
-
-// FileExists checks whether a file exists in the given path. It also fails if
-// the path points to a directory or there is an error when trying to check the file.
-func (a *Assertions) FileExists(path string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return FileExists(a.t, path, msgAndArgs...)
-}
-
-// FileExistsf checks whether a file exists in the given path. It also fails if
-// the path points to a directory or there is an error when trying to check the file.
-func (a *Assertions) FileExistsf(path string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return FileExistsf(a.t, path, msg, args...)
-}
-
-// Greater asserts that the first element is greater than the second
-//
-//	a.Greater(2, 1)
-//	a.Greater(float64(2), float64(1))
-//	a.Greater("b", "a")
-func (a *Assertions) Greater(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Greater(a.t, e1, e2, msgAndArgs...)
-}
-
-// GreaterOrEqual asserts that the first element is greater than or equal to the second
-//
-//	a.GreaterOrEqual(2, 1)
-//	a.GreaterOrEqual(2, 2)
-//	a.GreaterOrEqual("b", "a")
-//	a.GreaterOrEqual("b", "b")
-func (a *Assertions) GreaterOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return GreaterOrEqual(a.t, e1, e2, msgAndArgs...)
-}
-
-// GreaterOrEqualf asserts that the first element is greater than or equal to the second
-//
-//	a.GreaterOrEqualf(2, 1, "error message %s", "formatted")
-//	a.GreaterOrEqualf(2, 2, "error message %s", "formatted")
-//	a.GreaterOrEqualf("b", "a", "error message %s", "formatted")
-//	a.GreaterOrEqualf("b", "b", "error message %s", "formatted")
-func (a *Assertions) GreaterOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return GreaterOrEqualf(a.t, e1, e2, msg, args...)
-}
-
-// Greaterf asserts that the first element is greater than the second
-//
-//	a.Greaterf(2, 1, "error message %s", "formatted")
-//	a.Greaterf(float64(2), float64(1), "error message %s", "formatted")
-//	a.Greaterf("b", "a", "error message %s", "formatted")
-func (a *Assertions) Greaterf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Greaterf(a.t, e1, e2, msg, args...)
-}
-
-// HTTPBodyContains asserts that a specified handler returns a
-// body that contains a string.
-//
-//	a.HTTPBodyContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPBodyContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPBodyContains(a.t, handler, method, url, values, str, msgAndArgs...)
-}
-
-// HTTPBodyContainsf asserts that a specified handler returns a
-// body that contains a string.
-//
-//	a.HTTPBodyContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPBodyContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPBodyContainsf(a.t, handler, method, url, values, str, msg, args...)
-}
-
-// HTTPBodyNotContains asserts that a specified handler returns a
-// body that does not contain a string.
-//
-//	a.HTTPBodyNotContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPBodyNotContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPBodyNotContains(a.t, handler, method, url, values, str, msgAndArgs...)
-}
-
-// HTTPBodyNotContainsf asserts that a specified handler returns a
-// body that does not contain a string.
-//
-//	a.HTTPBodyNotContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPBodyNotContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPBodyNotContainsf(a.t, handler, method, url, values, str, msg, args...)
-}
-
-// HTTPError asserts that a specified handler returns an error status code.
-//
-//	a.HTTPError(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPError(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPError(a.t, handler, method, url, values, msgAndArgs...)
-}
-
-// HTTPErrorf asserts that a specified handler returns an error status code.
-//
-//	a.HTTPErrorf(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPErrorf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPErrorf(a.t, handler, method, url, values, msg, args...)
-}
-
-// HTTPRedirect asserts that a specified handler returns a redirect status code.
-//
-//	a.HTTPRedirect(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPRedirect(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPRedirect(a.t, handler, method, url, values, msgAndArgs...)
-}
-
-// HTTPRedirectf asserts that a specified handler returns a redirect status code.
-//
-//	a.HTTPRedirectf(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPRedirectf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPRedirectf(a.t, handler, method, url, values, msg, args...)
-}
-
-// HTTPStatusCode asserts that a specified handler returns a specified status code.
-//
-//	a.HTTPStatusCode(myHandler, "GET", "/notImplemented", nil, 501)
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPStatusCode(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPStatusCode(a.t, handler, method, url, values, statuscode, msgAndArgs...)
-}
-
-// HTTPStatusCodef asserts that a specified handler returns a specified status code.
-//
-//	a.HTTPStatusCodef(myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPStatusCodef(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPStatusCodef(a.t, handler, method, url, values, statuscode, msg, args...)
-}
-
-// HTTPSuccess asserts that a specified handler returns a success status code.
-//
-//	a.HTTPSuccess(myHandler, "POST", "http://www.google.com", nil)
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPSuccess(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPSuccess(a.t, handler, method, url, values, msgAndArgs...)
-}
-
-// HTTPSuccessf asserts that a specified handler returns a success status code.
-//
-//	a.HTTPSuccessf(myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPSuccessf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return HTTPSuccessf(a.t, handler, method, url, values, msg, args...)
-}
-
-// Implements asserts that an object is implemented by the specified interface.
-//
-//	a.Implements((*MyInterface)(nil), new(MyObject))
-func (a *Assertions) Implements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Implements(a.t, interfaceObject, object, msgAndArgs...)
-}
-
-// Implementsf asserts that an object is implemented by the specified interface.
-//
-//	a.Implementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
-func (a *Assertions) Implementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Implementsf(a.t, interfaceObject, object, msg, args...)
-}
-
-// InDelta asserts that the two numerals are within delta of each other.
-//
-//	a.InDelta(math.Pi, 22/7.0, 0.01)
-func (a *Assertions) InDelta(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InDelta(a.t, expected, actual, delta, msgAndArgs...)
-}
-
-// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
-func (a *Assertions) InDeltaMapValues(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InDeltaMapValues(a.t, expected, actual, delta, msgAndArgs...)
-}
-
-// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
-func (a *Assertions) InDeltaMapValuesf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InDeltaMapValuesf(a.t, expected, actual, delta, msg, args...)
-}
-
-// InDeltaSlice is the same as InDelta, except it compares two slices.
-func (a *Assertions) InDeltaSlice(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InDeltaSlice(a.t, expected, actual, delta, msgAndArgs...)
-}
-
-// InDeltaSlicef is the same as InDelta, except it compares two slices.
-func (a *Assertions) InDeltaSlicef(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InDeltaSlicef(a.t, expected, actual, delta, msg, args...)
-}
-
-// InDeltaf asserts that the two numerals are within delta of each other.
-//
-//	a.InDeltaf(math.Pi, 22/7.0, 0.01, "error message %s", "formatted")
-func (a *Assertions) InDeltaf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InDeltaf(a.t, expected, actual, delta, msg, args...)
-}
-
-// InEpsilon asserts that expected and actual have a relative error less than epsilon
-func (a *Assertions) InEpsilon(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InEpsilon(a.t, expected, actual, epsilon, msgAndArgs...)
-}
-
-// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices.
-func (a *Assertions) InEpsilonSlice(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InEpsilonSlice(a.t, expected, actual, epsilon, msgAndArgs...)
-}
-
-// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices.
-func (a *Assertions) InEpsilonSlicef(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InEpsilonSlicef(a.t, expected, actual, epsilon, msg, args...)
-}
-
-// InEpsilonf asserts that expected and actual have a relative error less than epsilon
-func (a *Assertions) InEpsilonf(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return InEpsilonf(a.t, expected, actual, epsilon, msg, args...)
-}
-
-// IsDecreasing asserts that the collection is decreasing
-//
-//	a.IsDecreasing([]int{2, 1, 0})
-//	a.IsDecreasing([]float{2, 1})
-//	a.IsDecreasing([]string{"b", "a"})
-func (a *Assertions) IsDecreasing(object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsDecreasing(a.t, object, msgAndArgs...)
-}
-
-// IsDecreasingf asserts that the collection is decreasing
-//
-//	a.IsDecreasingf([]int{2, 1, 0}, "error message %s", "formatted")
-//	a.IsDecreasingf([]float{2, 1}, "error message %s", "formatted")
-//	a.IsDecreasingf([]string{"b", "a"}, "error message %s", "formatted")
-func (a *Assertions) IsDecreasingf(object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsDecreasingf(a.t, object, msg, args...)
-}
-
-// IsIncreasing asserts that the collection is increasing
-//
-//	a.IsIncreasing([]int{1, 2, 3})
-//	a.IsIncreasing([]float{1, 2})
-//	a.IsIncreasing([]string{"a", "b"})
-func (a *Assertions) IsIncreasing(object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsIncreasing(a.t, object, msgAndArgs...)
-}
-
-// IsIncreasingf asserts that the collection is increasing
-//
-//	a.IsIncreasingf([]int{1, 2, 3}, "error message %s", "formatted")
-//	a.IsIncreasingf([]float{1, 2}, "error message %s", "formatted")
-//	a.IsIncreasingf([]string{"a", "b"}, "error message %s", "formatted")
-func (a *Assertions) IsIncreasingf(object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsIncreasingf(a.t, object, msg, args...)
-}
-
-// IsNonDecreasing asserts that the collection is not decreasing
-//
-//	a.IsNonDecreasing([]int{1, 1, 2})
-//	a.IsNonDecreasing([]float{1, 2})
-//	a.IsNonDecreasing([]string{"a", "b"})
-func (a *Assertions) IsNonDecreasing(object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsNonDecreasing(a.t, object, msgAndArgs...)
-}
-
-// IsNonDecreasingf asserts that the collection is not decreasing
-//
-//	a.IsNonDecreasingf([]int{1, 1, 2}, "error message %s", "formatted")
-//	a.IsNonDecreasingf([]float{1, 2}, "error message %s", "formatted")
-//	a.IsNonDecreasingf([]string{"a", "b"}, "error message %s", "formatted")
-func (a *Assertions) IsNonDecreasingf(object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsNonDecreasingf(a.t, object, msg, args...)
-}
-
-// IsNonIncreasing asserts that the collection is not increasing
-//
-//	a.IsNonIncreasing([]int{2, 1, 1})
-//	a.IsNonIncreasing([]float{2, 1})
-//	a.IsNonIncreasing([]string{"b", "a"})
-func (a *Assertions) IsNonIncreasing(object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsNonIncreasing(a.t, object, msgAndArgs...)
-}
-
-// IsNonIncreasingf asserts that the collection is not increasing
-//
-//	a.IsNonIncreasingf([]int{2, 1, 1}, "error message %s", "formatted")
-//	a.IsNonIncreasingf([]float{2, 1}, "error message %s", "formatted")
-//	a.IsNonIncreasingf([]string{"b", "a"}, "error message %s", "formatted")
-func (a *Assertions) IsNonIncreasingf(object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsNonIncreasingf(a.t, object, msg, args...)
-}
-
-// IsType asserts that the specified objects are of the same type.
-func (a *Assertions) IsType(expectedType interface{}, object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsType(a.t, expectedType, object, msgAndArgs...)
-}
-
-// IsTypef asserts that the specified objects are of the same type.
-func (a *Assertions) IsTypef(expectedType interface{}, object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return IsTypef(a.t, expectedType, object, msg, args...)
-}
-
-// JSONEq asserts that two JSON strings are equivalent.
-//
-//	a.JSONEq(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`)
-func (a *Assertions) JSONEq(expected string, actual string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return JSONEq(a.t, expected, actual, msgAndArgs...)
-}
-
-// JSONEqf asserts that two JSON strings are equivalent.
-//
-//	a.JSONEqf(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted")
-func (a *Assertions) JSONEqf(expected string, actual string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return JSONEqf(a.t, expected, actual, msg, args...)
-}
-
-// Len asserts that the specified object has specific length.
-// Len also fails if the object has a type that len() not accept.
-//
-//	a.Len(mySlice, 3)
-func (a *Assertions) Len(object interface{}, length int, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Len(a.t, object, length, msgAndArgs...)
-}
-
-// Lenf asserts that the specified object has specific length.
-// Lenf also fails if the object has a type that len() not accept.
-//
-//	a.Lenf(mySlice, 3, "error message %s", "formatted")
-func (a *Assertions) Lenf(object interface{}, length int, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Lenf(a.t, object, length, msg, args...)
-}
-
-// Less asserts that the first element is less than the second
-//
-//	a.Less(1, 2)
-//	a.Less(float64(1), float64(2))
-//	a.Less("a", "b")
-func (a *Assertions) Less(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Less(a.t, e1, e2, msgAndArgs...)
-}
-
-// LessOrEqual asserts that the first element is less than or equal to the second
-//
-//	a.LessOrEqual(1, 2)
-//	a.LessOrEqual(2, 2)
-//	a.LessOrEqual("a", "b")
-//	a.LessOrEqual("b", "b")
-func (a *Assertions) LessOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return LessOrEqual(a.t, e1, e2, msgAndArgs...)
-}
-
-// LessOrEqualf asserts that the first element is less than or equal to the second
-//
-//	a.LessOrEqualf(1, 2, "error message %s", "formatted")
-//	a.LessOrEqualf(2, 2, "error message %s", "formatted")
-//	a.LessOrEqualf("a", "b", "error message %s", "formatted")
-//	a.LessOrEqualf("b", "b", "error message %s", "formatted")
-func (a *Assertions) LessOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return LessOrEqualf(a.t, e1, e2, msg, args...)
-}
-
-// Lessf asserts that the first element is less than the second
-//
-//	a.Lessf(1, 2, "error message %s", "formatted")
-//	a.Lessf(float64(1), float64(2), "error message %s", "formatted")
-//	a.Lessf("a", "b", "error message %s", "formatted")
-func (a *Assertions) Lessf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Lessf(a.t, e1, e2, msg, args...)
-}
-
-// Negative asserts that the specified element is negative
-//
-//	a.Negative(-1)
-//	a.Negative(-1.23)
-func (a *Assertions) Negative(e interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Negative(a.t, e, msgAndArgs...)
-}
-
-// Negativef asserts that the specified element is negative
-//
-//	a.Negativef(-1, "error message %s", "formatted")
-//	a.Negativef(-1.23, "error message %s", "formatted")
-func (a *Assertions) Negativef(e interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Negativef(a.t, e, msg, args...)
-}
-
-// Never asserts that the given condition doesn't satisfy in waitFor time,
-// periodically checking the target function each tick.
-//
-//	a.Never(func() bool { return false; }, time.Second, 10*time.Millisecond)
-func (a *Assertions) Never(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Never(a.t, condition, waitFor, tick, msgAndArgs...)
-}
-
-// Neverf asserts that the given condition doesn't satisfy in waitFor time,
-// periodically checking the target function each tick.
-//
-//	a.Neverf(func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
-func (a *Assertions) Neverf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Neverf(a.t, condition, waitFor, tick, msg, args...)
-}
-
-// Nil asserts that the specified object is nil.
-//
-//	a.Nil(err)
-func (a *Assertions) Nil(object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Nil(a.t, object, msgAndArgs...)
-}
-
-// Nilf asserts that the specified object is nil.
-//
-//	a.Nilf(err, "error message %s", "formatted")
-func (a *Assertions) Nilf(object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Nilf(a.t, object, msg, args...)
-}
-
-// NoDirExists checks whether a directory does not exist in the given path.
-// It fails if the path points to an existing _directory_ only.
-func (a *Assertions) NoDirExists(path string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NoDirExists(a.t, path, msgAndArgs...)
-}
-
-// NoDirExistsf checks whether a directory does not exist in the given path.
-// It fails if the path points to an existing _directory_ only.
-func (a *Assertions) NoDirExistsf(path string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NoDirExistsf(a.t, path, msg, args...)
-}
-
-// NoError asserts that a function returned no error (i.e. `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if a.NoError(err) {
-//		   assert.Equal(t, expectedObj, actualObj)
-//	  }
-func (a *Assertions) NoError(err error, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NoError(a.t, err, msgAndArgs...)
-}
-
-// NoErrorf asserts that a function returned no error (i.e. `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if a.NoErrorf(err, "error message %s", "formatted") {
-//		   assert.Equal(t, expectedObj, actualObj)
-//	  }
-func (a *Assertions) NoErrorf(err error, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NoErrorf(a.t, err, msg, args...)
-}
-
-// NoFileExists checks whether a file does not exist in a given path. It fails
-// if the path points to an existing _file_ only.
-func (a *Assertions) NoFileExists(path string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NoFileExists(a.t, path, msgAndArgs...)
-}
-
-// NoFileExistsf checks whether a file does not exist in a given path. It fails
-// if the path points to an existing _file_ only.
-func (a *Assertions) NoFileExistsf(path string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NoFileExistsf(a.t, path, msg, args...)
-}
-
-// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the
-// specified substring or element.
-//
-//	a.NotContains("Hello World", "Earth")
-//	a.NotContains(["Hello", "World"], "Earth")
-//	a.NotContains({"Hello": "World"}, "Earth")
-func (a *Assertions) NotContains(s interface{}, contains interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotContains(a.t, s, contains, msgAndArgs...)
-}
-
-// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the
-// specified substring or element.
-//
-//	a.NotContainsf("Hello World", "Earth", "error message %s", "formatted")
-//	a.NotContainsf(["Hello", "World"], "Earth", "error message %s", "formatted")
-//	a.NotContainsf({"Hello": "World"}, "Earth", "error message %s", "formatted")
-func (a *Assertions) NotContainsf(s interface{}, contains interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotContainsf(a.t, s, contains, msg, args...)
-}
-
-// NotEmpty asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	if a.NotEmpty(obj) {
-//	  assert.Equal(t, "two", obj[1])
-//	}
-func (a *Assertions) NotEmpty(object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotEmpty(a.t, object, msgAndArgs...)
-}
-
-// NotEmptyf asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	if a.NotEmptyf(obj, "error message %s", "formatted") {
-//	  assert.Equal(t, "two", obj[1])
-//	}
-func (a *Assertions) NotEmptyf(object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotEmptyf(a.t, object, msg, args...)
-}
-
-// NotEqual asserts that the specified values are NOT equal.
-//
-//	a.NotEqual(obj1, obj2)
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses).
-func (a *Assertions) NotEqual(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotEqual(a.t, expected, actual, msgAndArgs...)
-}
-
-// NotEqualValues asserts that two objects are not equal even when converted to the same type
-//
-//	a.NotEqualValues(obj1, obj2)
-func (a *Assertions) NotEqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotEqualValues(a.t, expected, actual, msgAndArgs...)
-}
-
-// NotEqualValuesf asserts that two objects are not equal even when converted to the same type
-//
-//	a.NotEqualValuesf(obj1, obj2, "error message %s", "formatted")
-func (a *Assertions) NotEqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotEqualValuesf(a.t, expected, actual, msg, args...)
-}
-
-// NotEqualf asserts that the specified values are NOT equal.
-//
-//	a.NotEqualf(obj1, obj2, "error message %s", "formatted")
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses).
-func (a *Assertions) NotEqualf(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotEqualf(a.t, expected, actual, msg, args...)
-}
-
-// NotErrorIs asserts that at none of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func (a *Assertions) NotErrorIs(err error, target error, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotErrorIs(a.t, err, target, msgAndArgs...)
-}
-
-// NotErrorIsf asserts that at none of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func (a *Assertions) NotErrorIsf(err error, target error, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotErrorIsf(a.t, err, target, msg, args...)
-}
-
-// NotNil asserts that the specified object is not nil.
-//
-//	a.NotNil(err)
-func (a *Assertions) NotNil(object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotNil(a.t, object, msgAndArgs...)
-}
-
-// NotNilf asserts that the specified object is not nil.
-//
-//	a.NotNilf(err, "error message %s", "formatted")
-func (a *Assertions) NotNilf(object interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotNilf(a.t, object, msg, args...)
-}
-
-// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic.
-//
-//	a.NotPanics(func(){ RemainCalm() })
-func (a *Assertions) NotPanics(f PanicTestFunc, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotPanics(a.t, f, msgAndArgs...)
-}
-
-// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic.
-//
-//	a.NotPanicsf(func(){ RemainCalm() }, "error message %s", "formatted")
-func (a *Assertions) NotPanicsf(f PanicTestFunc, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotPanicsf(a.t, f, msg, args...)
-}
-
-// NotRegexp asserts that a specified regexp does not match a string.
-//
-//	a.NotRegexp(regexp.MustCompile("starts"), "it's starting")
-//	a.NotRegexp("^start", "it's not starting")
-func (a *Assertions) NotRegexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotRegexp(a.t, rx, str, msgAndArgs...)
-}
-
-// NotRegexpf asserts that a specified regexp does not match a string.
-//
-//	a.NotRegexpf(regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted")
-//	a.NotRegexpf("^start", "it's not starting", "error message %s", "formatted")
-func (a *Assertions) NotRegexpf(rx interface{}, str interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotRegexpf(a.t, rx, str, msg, args...)
-}
-
-// NotSame asserts that two pointers do not reference the same object.
-//
-//	a.NotSame(ptr1, ptr2)
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func (a *Assertions) NotSame(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotSame(a.t, expected, actual, msgAndArgs...)
-}
-
-// NotSamef asserts that two pointers do not reference the same object.
-//
-//	a.NotSamef(ptr1, ptr2, "error message %s", "formatted")
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func (a *Assertions) NotSamef(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotSamef(a.t, expected, actual, msg, args...)
-}
-
-// NotSubset asserts that the specified list(array, slice...) contains not all
-// elements given in the specified subset(array, slice...).
-//
-//	a.NotSubset([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]")
-func (a *Assertions) NotSubset(list interface{}, subset interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotSubset(a.t, list, subset, msgAndArgs...)
-}
-
-// NotSubsetf asserts that the specified list(array, slice...) contains not all
-// elements given in the specified subset(array, slice...).
-//
-//	a.NotSubsetf([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted")
-func (a *Assertions) NotSubsetf(list interface{}, subset interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotSubsetf(a.t, list, subset, msg, args...)
-}
-
-// NotZero asserts that i is not the zero value for its type.
-func (a *Assertions) NotZero(i interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotZero(a.t, i, msgAndArgs...)
-}
-
-// NotZerof asserts that i is not the zero value for its type.
-func (a *Assertions) NotZerof(i interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return NotZerof(a.t, i, msg, args...)
-}
-
-// Panics asserts that the code inside the specified PanicTestFunc panics.
-//
-//	a.Panics(func(){ GoCrazy() })
-func (a *Assertions) Panics(f PanicTestFunc, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Panics(a.t, f, msgAndArgs...)
-}
-
-// PanicsWithError asserts that the code inside the specified PanicTestFunc
-// panics, and that the recovered panic value is an error that satisfies the
-// EqualError comparison.
-//
-//	a.PanicsWithError("crazy error", func(){ GoCrazy() })
-func (a *Assertions) PanicsWithError(errString string, f PanicTestFunc, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return PanicsWithError(a.t, errString, f, msgAndArgs...)
-}
-
-// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc
-// panics, and that the recovered panic value is an error that satisfies the
-// EqualError comparison.
-//
-//	a.PanicsWithErrorf("crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
-func (a *Assertions) PanicsWithErrorf(errString string, f PanicTestFunc, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return PanicsWithErrorf(a.t, errString, f, msg, args...)
-}
-
-// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that
-// the recovered panic value equals the expected panic value.
-//
-//	a.PanicsWithValue("crazy error", func(){ GoCrazy() })
-func (a *Assertions) PanicsWithValue(expected interface{}, f PanicTestFunc, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return PanicsWithValue(a.t, expected, f, msgAndArgs...)
-}
-
-// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that
-// the recovered panic value equals the expected panic value.
-//
-//	a.PanicsWithValuef("crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
-func (a *Assertions) PanicsWithValuef(expected interface{}, f PanicTestFunc, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return PanicsWithValuef(a.t, expected, f, msg, args...)
-}
-
-// Panicsf asserts that the code inside the specified PanicTestFunc panics.
-//
-//	a.Panicsf(func(){ GoCrazy() }, "error message %s", "formatted")
-func (a *Assertions) Panicsf(f PanicTestFunc, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Panicsf(a.t, f, msg, args...)
-}
-
-// Positive asserts that the specified element is positive
-//
-//	a.Positive(1)
-//	a.Positive(1.23)
-func (a *Assertions) Positive(e interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Positive(a.t, e, msgAndArgs...)
-}
-
-// Positivef asserts that the specified element is positive
-//
-//	a.Positivef(1, "error message %s", "formatted")
-//	a.Positivef(1.23, "error message %s", "formatted")
-func (a *Assertions) Positivef(e interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Positivef(a.t, e, msg, args...)
-}
-
-// Regexp asserts that a specified regexp matches a string.
-//
-//	a.Regexp(regexp.MustCompile("start"), "it's starting")
-//	a.Regexp("start...$", "it's not starting")
-func (a *Assertions) Regexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Regexp(a.t, rx, str, msgAndArgs...)
-}
-
-// Regexpf asserts that a specified regexp matches a string.
-//
-//	a.Regexpf(regexp.MustCompile("start"), "it's starting", "error message %s", "formatted")
-//	a.Regexpf("start...$", "it's not starting", "error message %s", "formatted")
-func (a *Assertions) Regexpf(rx interface{}, str interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Regexpf(a.t, rx, str, msg, args...)
-}
-
-// Same asserts that two pointers reference the same object.
-//
-//	a.Same(ptr1, ptr2)
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func (a *Assertions) Same(expected interface{}, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Same(a.t, expected, actual, msgAndArgs...)
-}
-
-// Samef asserts that two pointers reference the same object.
-//
-//	a.Samef(ptr1, ptr2, "error message %s", "formatted")
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func (a *Assertions) Samef(expected interface{}, actual interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Samef(a.t, expected, actual, msg, args...)
-}
-
-// Subset asserts that the specified list(array, slice...) contains all
-// elements given in the specified subset(array, slice...).
-//
-//	a.Subset([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]")
-func (a *Assertions) Subset(list interface{}, subset interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Subset(a.t, list, subset, msgAndArgs...)
-}
-
-// Subsetf asserts that the specified list(array, slice...) contains all
-// elements given in the specified subset(array, slice...).
-//
-//	a.Subsetf([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted")
-func (a *Assertions) Subsetf(list interface{}, subset interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Subsetf(a.t, list, subset, msg, args...)
-}
-
-// True asserts that the specified value is true.
-//
-//	a.True(myBool)
-func (a *Assertions) True(value bool, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return True(a.t, value, msgAndArgs...)
-}
-
-// Truef asserts that the specified value is true.
-//
-//	a.Truef(myBool, "error message %s", "formatted")
-func (a *Assertions) Truef(value bool, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Truef(a.t, value, msg, args...)
-}
-
-// WithinDuration asserts that the two times are within duration delta of each other.
-//
-//	a.WithinDuration(time.Now(), time.Now(), 10*time.Second)
-func (a *Assertions) WithinDuration(expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return WithinDuration(a.t, expected, actual, delta, msgAndArgs...)
-}
-
-// WithinDurationf asserts that the two times are within duration delta of each other.
-//
-//	a.WithinDurationf(time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted")
-func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return WithinDurationf(a.t, expected, actual, delta, msg, args...)
-}
-
-// WithinRange asserts that a time is within a time range (inclusive).
-//
-//	a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second))
-func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return WithinRange(a.t, actual, start, end, msgAndArgs...)
-}
-
-// WithinRangef asserts that a time is within a time range (inclusive).
-//
-//	a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted")
-func (a *Assertions) WithinRangef(actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return WithinRangef(a.t, actual, start, end, msg, args...)
-}
-
-// YAMLEq asserts that two YAML strings are equivalent.
-func (a *Assertions) YAMLEq(expected string, actual string, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return YAMLEq(a.t, expected, actual, msgAndArgs...)
-}
-
-// YAMLEqf asserts that two YAML strings are equivalent.
-func (a *Assertions) YAMLEqf(expected string, actual string, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return YAMLEqf(a.t, expected, actual, msg, args...)
-}
-
-// Zero asserts that i is the zero value for its type.
-func (a *Assertions) Zero(i interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Zero(a.t, i, msgAndArgs...)
-}
-
-// Zerof asserts that i is the zero value for its type.
-func (a *Assertions) Zerof(i interface{}, msg string, args ...interface{}) bool {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	return Zerof(a.t, i, msg, args...)
-}
diff --git a/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl b/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl
deleted file mode 100644
index 188bb9e17..000000000
--- a/vendor/github.com/stretchr/testify/assert/assertion_forward.go.tmpl
+++ /dev/null
@@ -1,5 +0,0 @@
-{{.CommentWithoutT "a"}}
-func (a *Assertions) {{.DocInfo.Name}}({{.Params}}) bool {
-	if h, ok := a.t.(tHelper); ok { h.Helper() }
-	return {{.DocInfo.Name}}(a.t, {{.ForwardedParams}})
-}
diff --git a/vendor/github.com/stretchr/testify/assert/assertion_order.go b/vendor/github.com/stretchr/testify/assert/assertion_order.go
deleted file mode 100644
index 00df62a05..000000000
--- a/vendor/github.com/stretchr/testify/assert/assertion_order.go
+++ /dev/null
@@ -1,81 +0,0 @@
-package assert
-
-import (
-	"fmt"
-	"reflect"
-)
-
-// isOrdered checks that collection contains orderable elements.
-func isOrdered(t TestingT, object interface{}, allowedComparesResults []CompareType, failMessage string, msgAndArgs ...interface{}) bool {
-	objKind := reflect.TypeOf(object).Kind()
-	if objKind != reflect.Slice && objKind != reflect.Array {
-		return false
-	}
-
-	objValue := reflect.ValueOf(object)
-	objLen := objValue.Len()
-
-	if objLen <= 1 {
-		return true
-	}
-
-	value := objValue.Index(0)
-	valueInterface := value.Interface()
-	firstValueKind := value.Kind()
-
-	for i := 1; i < objLen; i++ {
-		prevValue := value
-		prevValueInterface := valueInterface
-
-		value = objValue.Index(i)
-		valueInterface = value.Interface()
-
-		compareResult, isComparable := compare(prevValueInterface, valueInterface, firstValueKind)
-
-		if !isComparable {
-			return Fail(t, fmt.Sprintf("Can not compare type \"%s\" and \"%s\"", reflect.TypeOf(value), reflect.TypeOf(prevValue)), msgAndArgs...)
-		}
-
-		if !containsValue(allowedComparesResults, compareResult) {
-			return Fail(t, fmt.Sprintf(failMessage, prevValue, value), msgAndArgs...)
-		}
-	}
-
-	return true
-}
-
-// IsIncreasing asserts that the collection is increasing
-//
-//	assert.IsIncreasing(t, []int{1, 2, 3})
-//	assert.IsIncreasing(t, []float{1, 2})
-//	assert.IsIncreasing(t, []string{"a", "b"})
-func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
-	return isOrdered(t, object, []CompareType{compareLess}, "\"%v\" is not less than \"%v\"", msgAndArgs...)
-}
-
-// IsNonIncreasing asserts that the collection is not increasing
-//
-//	assert.IsNonIncreasing(t, []int{2, 1, 1})
-//	assert.IsNonIncreasing(t, []float{2, 1})
-//	assert.IsNonIncreasing(t, []string{"b", "a"})
-func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
-	return isOrdered(t, object, []CompareType{compareEqual, compareGreater}, "\"%v\" is not greater than or equal to \"%v\"", msgAndArgs...)
-}
-
-// IsDecreasing asserts that the collection is decreasing
-//
-//	assert.IsDecreasing(t, []int{2, 1, 0})
-//	assert.IsDecreasing(t, []float{2, 1})
-//	assert.IsDecreasing(t, []string{"b", "a"})
-func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
-	return isOrdered(t, object, []CompareType{compareGreater}, "\"%v\" is not greater than \"%v\"", msgAndArgs...)
-}
-
-// IsNonDecreasing asserts that the collection is not decreasing
-//
-//	assert.IsNonDecreasing(t, []int{1, 1, 2})
-//	assert.IsNonDecreasing(t, []float{1, 2})
-//	assert.IsNonDecreasing(t, []string{"a", "b"})
-func IsNonDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
-	return isOrdered(t, object, []CompareType{compareLess, compareEqual}, "\"%v\" is not less than or equal to \"%v\"", msgAndArgs...)
-}
diff --git a/vendor/github.com/stretchr/testify/assert/assertions.go b/vendor/github.com/stretchr/testify/assert/assertions.go
deleted file mode 100644
index a55d1bba9..000000000
--- a/vendor/github.com/stretchr/testify/assert/assertions.go
+++ /dev/null
@@ -1,2054 +0,0 @@
-package assert
-
-import (
-	"bufio"
-	"bytes"
-	"encoding/json"
-	"errors"
-	"fmt"
-	"math"
-	"os"
-	"reflect"
-	"regexp"
-	"runtime"
-	"runtime/debug"
-	"strings"
-	"time"
-	"unicode"
-	"unicode/utf8"
-
-	"github.com/davecgh/go-spew/spew"
-	"github.com/pmezard/go-difflib/difflib"
-	yaml "gopkg.in/yaml.v3"
-)
-
-//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=assert -template=assertion_format.go.tmpl"
-
-// TestingT is an interface wrapper around *testing.T
-type TestingT interface {
-	Errorf(format string, args ...interface{})
-}
-
-// ComparisonAssertionFunc is a common function prototype when comparing two values.  Can be useful
-// for table driven tests.
-type ComparisonAssertionFunc func(TestingT, interface{}, interface{}, ...interface{}) bool
-
-// ValueAssertionFunc is a common function prototype when validating a single value.  Can be useful
-// for table driven tests.
-type ValueAssertionFunc func(TestingT, interface{}, ...interface{}) bool
-
-// BoolAssertionFunc is a common function prototype when validating a bool value.  Can be useful
-// for table driven tests.
-type BoolAssertionFunc func(TestingT, bool, ...interface{}) bool
-
-// ErrorAssertionFunc is a common function prototype when validating an error value.  Can be useful
-// for table driven tests.
-type ErrorAssertionFunc func(TestingT, error, ...interface{}) bool
-
-// Comparison is a custom function that returns true on success and false on failure
-type Comparison func() (success bool)
-
-/*
-	Helper functions
-*/
-
-// ObjectsAreEqual determines if two objects are considered equal.
-//
-// This function does no assertion of any kind.
-func ObjectsAreEqual(expected, actual interface{}) bool {
-	if expected == nil || actual == nil {
-		return expected == actual
-	}
-
-	exp, ok := expected.([]byte)
-	if !ok {
-		return reflect.DeepEqual(expected, actual)
-	}
-
-	act, ok := actual.([]byte)
-	if !ok {
-		return false
-	}
-	if exp == nil || act == nil {
-		return exp == nil && act == nil
-	}
-	return bytes.Equal(exp, act)
-}
-
-// copyExportedFields iterates downward through nested data structures and creates a copy
-// that only contains the exported struct fields.
-func copyExportedFields(expected interface{}) interface{} {
-	if isNil(expected) {
-		return expected
-	}
-
-	expectedType := reflect.TypeOf(expected)
-	expectedKind := expectedType.Kind()
-	expectedValue := reflect.ValueOf(expected)
-
-	switch expectedKind {
-	case reflect.Struct:
-		result := reflect.New(expectedType).Elem()
-		for i := 0; i < expectedType.NumField(); i++ {
-			field := expectedType.Field(i)
-			isExported := field.IsExported()
-			if isExported {
-				fieldValue := expectedValue.Field(i)
-				if isNil(fieldValue) || isNil(fieldValue.Interface()) {
-					continue
-				}
-				newValue := copyExportedFields(fieldValue.Interface())
-				result.Field(i).Set(reflect.ValueOf(newValue))
-			}
-		}
-		return result.Interface()
-
-	case reflect.Ptr:
-		result := reflect.New(expectedType.Elem())
-		unexportedRemoved := copyExportedFields(expectedValue.Elem().Interface())
-		result.Elem().Set(reflect.ValueOf(unexportedRemoved))
-		return result.Interface()
-
-	case reflect.Array, reflect.Slice:
-		result := reflect.MakeSlice(expectedType, expectedValue.Len(), expectedValue.Len())
-		for i := 0; i < expectedValue.Len(); i++ {
-			index := expectedValue.Index(i)
-			if isNil(index) {
-				continue
-			}
-			unexportedRemoved := copyExportedFields(index.Interface())
-			result.Index(i).Set(reflect.ValueOf(unexportedRemoved))
-		}
-		return result.Interface()
-
-	case reflect.Map:
-		result := reflect.MakeMap(expectedType)
-		for _, k := range expectedValue.MapKeys() {
-			index := expectedValue.MapIndex(k)
-			unexportedRemoved := copyExportedFields(index.Interface())
-			result.SetMapIndex(k, reflect.ValueOf(unexportedRemoved))
-		}
-		return result.Interface()
-
-	default:
-		return expected
-	}
-}
-
-// ObjectsExportedFieldsAreEqual determines if the exported (public) fields of two objects are
-// considered equal. This comparison of only exported fields is applied recursively to nested data
-// structures.
-//
-// This function does no assertion of any kind.
-func ObjectsExportedFieldsAreEqual(expected, actual interface{}) bool {
-	expectedCleaned := copyExportedFields(expected)
-	actualCleaned := copyExportedFields(actual)
-	return ObjectsAreEqualValues(expectedCleaned, actualCleaned)
-}
-
-// ObjectsAreEqualValues gets whether two objects are equal, or if their
-// values are equal.
-func ObjectsAreEqualValues(expected, actual interface{}) bool {
-	if ObjectsAreEqual(expected, actual) {
-		return true
-	}
-
-	actualType := reflect.TypeOf(actual)
-	if actualType == nil {
-		return false
-	}
-	expectedValue := reflect.ValueOf(expected)
-	if expectedValue.IsValid() && expectedValue.Type().ConvertibleTo(actualType) {
-		// Attempt comparison after type conversion
-		return reflect.DeepEqual(expectedValue.Convert(actualType).Interface(), actual)
-	}
-
-	return false
-}
-
-/* CallerInfo is necessary because the assert functions use the testing object
-internally, causing it to print the file:line of the assert method, rather than where
-the problem actually occurred in calling code.*/
-
-// CallerInfo returns an array of strings containing the file and line number
-// of each stack frame leading from the current test to the assert call that
-// failed.
-func CallerInfo() []string {
-
-	var pc uintptr
-	var ok bool
-	var file string
-	var line int
-	var name string
-
-	callers := []string{}
-	for i := 0; ; i++ {
-		pc, file, line, ok = runtime.Caller(i)
-		if !ok {
-			// The breaks below failed to terminate the loop, and we ran off the
-			// end of the call stack.
-			break
-		}
-
-		// This is a huge edge case, but it will panic if this is the case, see #180
-		if file == "" {
-			break
-		}
-
-		f := runtime.FuncForPC(pc)
-		if f == nil {
-			break
-		}
-		name = f.Name()
-
-		// testing.tRunner is the standard library function that calls
-		// tests. Subtests are called directly by tRunner, without going through
-		// the Test/Benchmark/Example function that contains the t.Run calls, so
-		// with subtests we should break when we hit tRunner, without adding it
-		// to the list of callers.
-		if name == "testing.tRunner" {
-			break
-		}
-
-		parts := strings.Split(file, "/")
-		if len(parts) > 1 {
-			filename := parts[len(parts)-1]
-			dir := parts[len(parts)-2]
-			if (dir != "assert" && dir != "mock" && dir != "require") || filename == "mock_test.go" {
-				callers = append(callers, fmt.Sprintf("%s:%d", file, line))
-			}
-		}
-
-		// Drop the package
-		segments := strings.Split(name, ".")
-		name = segments[len(segments)-1]
-		if isTest(name, "Test") ||
-			isTest(name, "Benchmark") ||
-			isTest(name, "Example") {
-			break
-		}
-	}
-
-	return callers
-}
-
-// Stolen from the `go test` tool.
-// isTest tells whether name looks like a test (or benchmark, according to prefix).
-// It is a Test (say) if there is a character after Test that is not a lower-case letter.
-// We don't want TesticularCancer.
-func isTest(name, prefix string) bool {
-	if !strings.HasPrefix(name, prefix) {
-		return false
-	}
-	if len(name) == len(prefix) { // "Test" is ok
-		return true
-	}
-	r, _ := utf8.DecodeRuneInString(name[len(prefix):])
-	return !unicode.IsLower(r)
-}
-
-func messageFromMsgAndArgs(msgAndArgs ...interface{}) string {
-	if len(msgAndArgs) == 0 || msgAndArgs == nil {
-		return ""
-	}
-	if len(msgAndArgs) == 1 {
-		msg := msgAndArgs[0]
-		if msgAsStr, ok := msg.(string); ok {
-			return msgAsStr
-		}
-		return fmt.Sprintf("%+v", msg)
-	}
-	if len(msgAndArgs) > 1 {
-		return fmt.Sprintf(msgAndArgs[0].(string), msgAndArgs[1:]...)
-	}
-	return ""
-}
-
-// Aligns the provided message so that all lines after the first line start at the same location as the first line.
-// Assumes that the first line starts at the correct location (after carriage return, tab, label, spacer and tab).
-// The longestLabelLen parameter specifies the length of the longest label in the output (required becaues this is the
-// basis on which the alignment occurs).
-func indentMessageLines(message string, longestLabelLen int) string {
-	outBuf := new(bytes.Buffer)
-
-	for i, scanner := 0, bufio.NewScanner(strings.NewReader(message)); scanner.Scan(); i++ {
-		// no need to align first line because it starts at the correct location (after the label)
-		if i != 0 {
-			// append alignLen+1 spaces to align with "{{longestLabel}}:" before adding tab
-			outBuf.WriteString("\n\t" + strings.Repeat(" ", longestLabelLen+1) + "\t")
-		}
-		outBuf.WriteString(scanner.Text())
-	}
-
-	return outBuf.String()
-}
-
-type failNower interface {
-	FailNow()
-}
-
-// FailNow fails test
-func FailNow(t TestingT, failureMessage string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	Fail(t, failureMessage, msgAndArgs...)
-
-	// We cannot extend TestingT with FailNow() and
-	// maintain backwards compatibility, so we fallback
-	// to panicking when FailNow is not available in
-	// TestingT.
-	// See issue #263
-
-	if t, ok := t.(failNower); ok {
-		t.FailNow()
-	} else {
-		panic("test failed and t is missing `FailNow()`")
-	}
-	return false
-}
-
-// Fail reports a failure through
-func Fail(t TestingT, failureMessage string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	content := []labeledContent{
-		{"Error Trace", strings.Join(CallerInfo(), "\n\t\t\t")},
-		{"Error", failureMessage},
-	}
-
-	// Add test name if the Go version supports it
-	if n, ok := t.(interface {
-		Name() string
-	}); ok {
-		content = append(content, labeledContent{"Test", n.Name()})
-	}
-
-	message := messageFromMsgAndArgs(msgAndArgs...)
-	if len(message) > 0 {
-		content = append(content, labeledContent{"Messages", message})
-	}
-
-	t.Errorf("\n%s", ""+labeledOutput(content...))
-
-	return false
-}
-
-type labeledContent struct {
-	label   string
-	content string
-}
-
-// labeledOutput returns a string consisting of the provided labeledContent. Each labeled output is appended in the following manner:
-//
-//	\t{{label}}:{{align_spaces}}\t{{content}}\n
-//
-// The initial carriage return is required to undo/erase any padding added by testing.T.Errorf. The "\t{{label}}:" is for the label.
-// If a label is shorter than the longest label provided, padding spaces are added to make all the labels match in length. Once this
-// alignment is achieved, "\t{{content}}\n" is added for the output.
-//
-// If the content of the labeledOutput contains line breaks, the subsequent lines are aligned so that they start at the same location as the first line.
-func labeledOutput(content ...labeledContent) string {
-	longestLabel := 0
-	for _, v := range content {
-		if len(v.label) > longestLabel {
-			longestLabel = len(v.label)
-		}
-	}
-	var output string
-	for _, v := range content {
-		output += "\t" + v.label + ":" + strings.Repeat(" ", longestLabel-len(v.label)) + "\t" + indentMessageLines(v.content, longestLabel) + "\n"
-	}
-	return output
-}
-
-// Implements asserts that an object is implemented by the specified interface.
-//
-//	assert.Implements(t, (*MyInterface)(nil), new(MyObject))
-func Implements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	interfaceType := reflect.TypeOf(interfaceObject).Elem()
-
-	if object == nil {
-		return Fail(t, fmt.Sprintf("Cannot check if nil implements %v", interfaceType), msgAndArgs...)
-	}
-	if !reflect.TypeOf(object).Implements(interfaceType) {
-		return Fail(t, fmt.Sprintf("%T must implement %v", object, interfaceType), msgAndArgs...)
-	}
-
-	return true
-}
-
-// IsType asserts that the specified objects are of the same type.
-func IsType(t TestingT, expectedType interface{}, object interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	if !ObjectsAreEqual(reflect.TypeOf(object), reflect.TypeOf(expectedType)) {
-		return Fail(t, fmt.Sprintf("Object expected to be of type %v, but was %v", reflect.TypeOf(expectedType), reflect.TypeOf(object)), msgAndArgs...)
-	}
-
-	return true
-}
-
-// Equal asserts that two objects are equal.
-//
-//	assert.Equal(t, 123, 123)
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses). Function equality
-// cannot be determined and will always fail.
-func Equal(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if err := validateEqualArgs(expected, actual); err != nil {
-		return Fail(t, fmt.Sprintf("Invalid operation: %#v == %#v (%s)",
-			expected, actual, err), msgAndArgs...)
-	}
-
-	if !ObjectsAreEqual(expected, actual) {
-		diff := diff(expected, actual)
-		expected, actual = formatUnequalValues(expected, actual)
-		return Fail(t, fmt.Sprintf("Not equal: \n"+
-			"expected: %s\n"+
-			"actual  : %s%s", expected, actual, diff), msgAndArgs...)
-	}
-
-	return true
-
-}
-
-// validateEqualArgs checks whether provided arguments can be safely used in the
-// Equal/NotEqual functions.
-func validateEqualArgs(expected, actual interface{}) error {
-	if expected == nil && actual == nil {
-		return nil
-	}
-
-	if isFunction(expected) || isFunction(actual) {
-		return errors.New("cannot take func type as argument")
-	}
-	return nil
-}
-
-// Same asserts that two pointers reference the same object.
-//
-//	assert.Same(t, ptr1, ptr2)
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func Same(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	if !samePointers(expected, actual) {
-		return Fail(t, fmt.Sprintf("Not same: \n"+
-			"expected: %p %#v\n"+
-			"actual  : %p %#v", expected, expected, actual, actual), msgAndArgs...)
-	}
-
-	return true
-}
-
-// NotSame asserts that two pointers do not reference the same object.
-//
-//	assert.NotSame(t, ptr1, ptr2)
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func NotSame(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	if samePointers(expected, actual) {
-		return Fail(t, fmt.Sprintf(
-			"Expected and actual point to the same object: %p %#v",
-			expected, expected), msgAndArgs...)
-	}
-	return true
-}
-
-// samePointers compares two generic interface objects and returns whether
-// they point to the same object
-func samePointers(first, second interface{}) bool {
-	firstPtr, secondPtr := reflect.ValueOf(first), reflect.ValueOf(second)
-	if firstPtr.Kind() != reflect.Ptr || secondPtr.Kind() != reflect.Ptr {
-		return false
-	}
-
-	firstType, secondType := reflect.TypeOf(first), reflect.TypeOf(second)
-	if firstType != secondType {
-		return false
-	}
-
-	// compare pointer addresses
-	return first == second
-}
-
-// formatUnequalValues takes two values of arbitrary types and returns string
-// representations appropriate to be presented to the user.
-//
-// If the values are not of like type, the returned strings will be prefixed
-// with the type name, and the value will be enclosed in parenthesis similar
-// to a type conversion in the Go grammar.
-func formatUnequalValues(expected, actual interface{}) (e string, a string) {
-	if reflect.TypeOf(expected) != reflect.TypeOf(actual) {
-		return fmt.Sprintf("%T(%s)", expected, truncatingFormat(expected)),
-			fmt.Sprintf("%T(%s)", actual, truncatingFormat(actual))
-	}
-	switch expected.(type) {
-	case time.Duration:
-		return fmt.Sprintf("%v", expected), fmt.Sprintf("%v", actual)
-	}
-	return truncatingFormat(expected), truncatingFormat(actual)
-}
-
-// truncatingFormat formats the data and truncates it if it's too long.
-//
-// This helps keep formatted error messages lines from exceeding the
-// bufio.MaxScanTokenSize max line length that the go testing framework imposes.
-func truncatingFormat(data interface{}) string {
-	value := fmt.Sprintf("%#v", data)
-	max := bufio.MaxScanTokenSize - 100 // Give us some space the type info too if needed.
-	if len(value) > max {
-		value = value[0:max] + "<... truncated>"
-	}
-	return value
-}
-
-// EqualValues asserts that two objects are equal or convertable to the same types
-// and equal.
-//
-//	assert.EqualValues(t, uint32(123), int32(123))
-func EqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	if !ObjectsAreEqualValues(expected, actual) {
-		diff := diff(expected, actual)
-		expected, actual = formatUnequalValues(expected, actual)
-		return Fail(t, fmt.Sprintf("Not equal: \n"+
-			"expected: %s\n"+
-			"actual  : %s%s", expected, actual, diff), msgAndArgs...)
-	}
-
-	return true
-
-}
-
-// EqualExportedValues asserts that the types of two objects are equal and their public
-// fields are also equal. This is useful for comparing structs that have private fields
-// that could potentially differ.
-//
-//	 type S struct {
-//		Exported     	int
-//		notExported   	int
-//	 }
-//	 assert.EqualExportedValues(t, S{1, 2}, S{1, 3}) => true
-//	 assert.EqualExportedValues(t, S{1, 2}, S{2, 3}) => false
-func EqualExportedValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	aType := reflect.TypeOf(expected)
-	bType := reflect.TypeOf(actual)
-
-	if aType != bType {
-		return Fail(t, fmt.Sprintf("Types expected to match exactly\n\t%v != %v", aType, bType), msgAndArgs...)
-	}
-
-	if aType.Kind() != reflect.Struct {
-		return Fail(t, fmt.Sprintf("Types expected to both be struct \n\t%v != %v", aType.Kind(), reflect.Struct), msgAndArgs...)
-	}
-
-	if bType.Kind() != reflect.Struct {
-		return Fail(t, fmt.Sprintf("Types expected to both be struct \n\t%v != %v", bType.Kind(), reflect.Struct), msgAndArgs...)
-	}
-
-	expected = copyExportedFields(expected)
-	actual = copyExportedFields(actual)
-
-	if !ObjectsAreEqualValues(expected, actual) {
-		diff := diff(expected, actual)
-		expected, actual = formatUnequalValues(expected, actual)
-		return Fail(t, fmt.Sprintf("Not equal (comparing only exported fields): \n"+
-			"expected: %s\n"+
-			"actual  : %s%s", expected, actual, diff), msgAndArgs...)
-	}
-
-	return true
-}
-
-// Exactly asserts that two objects are equal in value and type.
-//
-//	assert.Exactly(t, int32(123), int64(123))
-func Exactly(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	aType := reflect.TypeOf(expected)
-	bType := reflect.TypeOf(actual)
-
-	if aType != bType {
-		return Fail(t, fmt.Sprintf("Types expected to match exactly\n\t%v != %v", aType, bType), msgAndArgs...)
-	}
-
-	return Equal(t, expected, actual, msgAndArgs...)
-
-}
-
-// NotNil asserts that the specified object is not nil.
-//
-//	assert.NotNil(t, err)
-func NotNil(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
-	if !isNil(object) {
-		return true
-	}
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Fail(t, "Expected value not to be nil.", msgAndArgs...)
-}
-
-// containsKind checks if a specified kind in the slice of kinds.
-func containsKind(kinds []reflect.Kind, kind reflect.Kind) bool {
-	for i := 0; i < len(kinds); i++ {
-		if kind == kinds[i] {
-			return true
-		}
-	}
-
-	return false
-}
-
-// isNil checks if a specified object is nil or not, without Failing.
-func isNil(object interface{}) bool {
-	if object == nil {
-		return true
-	}
-
-	value := reflect.ValueOf(object)
-	kind := value.Kind()
-	isNilableKind := containsKind(
-		[]reflect.Kind{
-			reflect.Chan, reflect.Func,
-			reflect.Interface, reflect.Map,
-			reflect.Ptr, reflect.Slice, reflect.UnsafePointer},
-		kind)
-
-	if isNilableKind && value.IsNil() {
-		return true
-	}
-
-	return false
-}
-
-// Nil asserts that the specified object is nil.
-//
-//	assert.Nil(t, err)
-func Nil(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
-	if isNil(object) {
-		return true
-	}
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	return Fail(t, fmt.Sprintf("Expected nil, but got: %#v", object), msgAndArgs...)
-}
-
-// isEmpty gets whether the specified object is considered empty or not.
-func isEmpty(object interface{}) bool {
-
-	// get nil case out of the way
-	if object == nil {
-		return true
-	}
-
-	objValue := reflect.ValueOf(object)
-
-	switch objValue.Kind() {
-	// collection types are empty when they have no element
-	case reflect.Chan, reflect.Map, reflect.Slice:
-		return objValue.Len() == 0
-	// pointers are empty if nil or if the value they point to is empty
-	case reflect.Ptr:
-		if objValue.IsNil() {
-			return true
-		}
-		deref := objValue.Elem().Interface()
-		return isEmpty(deref)
-	// for all other types, compare against the zero value
-	// array types are empty when they match their zero-initialized state
-	default:
-		zero := reflect.Zero(objValue.Type())
-		return reflect.DeepEqual(object, zero.Interface())
-	}
-}
-
-// Empty asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	assert.Empty(t, obj)
-func Empty(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
-	pass := isEmpty(object)
-	if !pass {
-		if h, ok := t.(tHelper); ok {
-			h.Helper()
-		}
-		Fail(t, fmt.Sprintf("Should be empty, but was %v", object), msgAndArgs...)
-	}
-
-	return pass
-
-}
-
-// NotEmpty asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	if assert.NotEmpty(t, obj) {
-//	  assert.Equal(t, "two", obj[1])
-//	}
-func NotEmpty(t TestingT, object interface{}, msgAndArgs ...interface{}) bool {
-	pass := !isEmpty(object)
-	if !pass {
-		if h, ok := t.(tHelper); ok {
-			h.Helper()
-		}
-		Fail(t, fmt.Sprintf("Should NOT be empty, but was %v", object), msgAndArgs...)
-	}
-
-	return pass
-
-}
-
-// getLen try to get length of object.
-// return (false, 0) if impossible.
-func getLen(x interface{}) (ok bool, length int) {
-	v := reflect.ValueOf(x)
-	defer func() {
-		if e := recover(); e != nil {
-			ok = false
-		}
-	}()
-	return true, v.Len()
-}
-
-// Len asserts that the specified object has specific length.
-// Len also fails if the object has a type that len() not accept.
-//
-//	assert.Len(t, mySlice, 3)
-func Len(t TestingT, object interface{}, length int, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	ok, l := getLen(object)
-	if !ok {
-		return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", object), msgAndArgs...)
-	}
-
-	if l != length {
-		return Fail(t, fmt.Sprintf("\"%s\" should have %d item(s), but has %d", object, length, l), msgAndArgs...)
-	}
-	return true
-}
-
-// True asserts that the specified value is true.
-//
-//	assert.True(t, myBool)
-func True(t TestingT, value bool, msgAndArgs ...interface{}) bool {
-	if !value {
-		if h, ok := t.(tHelper); ok {
-			h.Helper()
-		}
-		return Fail(t, "Should be true", msgAndArgs...)
-	}
-
-	return true
-
-}
-
-// False asserts that the specified value is false.
-//
-//	assert.False(t, myBool)
-func False(t TestingT, value bool, msgAndArgs ...interface{}) bool {
-	if value {
-		if h, ok := t.(tHelper); ok {
-			h.Helper()
-		}
-		return Fail(t, "Should be false", msgAndArgs...)
-	}
-
-	return true
-
-}
-
-// NotEqual asserts that the specified values are NOT equal.
-//
-//	assert.NotEqual(t, obj1, obj2)
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses).
-func NotEqual(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if err := validateEqualArgs(expected, actual); err != nil {
-		return Fail(t, fmt.Sprintf("Invalid operation: %#v != %#v (%s)",
-			expected, actual, err), msgAndArgs...)
-	}
-
-	if ObjectsAreEqual(expected, actual) {
-		return Fail(t, fmt.Sprintf("Should not be: %#v\n", actual), msgAndArgs...)
-	}
-
-	return true
-
-}
-
-// NotEqualValues asserts that two objects are not equal even when converted to the same type
-//
-//	assert.NotEqualValues(t, obj1, obj2)
-func NotEqualValues(t TestingT, expected, actual interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	if ObjectsAreEqualValues(expected, actual) {
-		return Fail(t, fmt.Sprintf("Should not be: %#v\n", actual), msgAndArgs...)
-	}
-
-	return true
-}
-
-// containsElement try loop over the list check if the list includes the element.
-// return (false, false) if impossible.
-// return (true, false) if element was not found.
-// return (true, true) if element was found.
-func containsElement(list interface{}, element interface{}) (ok, found bool) {
-
-	listValue := reflect.ValueOf(list)
-	listType := reflect.TypeOf(list)
-	if listType == nil {
-		return false, false
-	}
-	listKind := listType.Kind()
-	defer func() {
-		if e := recover(); e != nil {
-			ok = false
-			found = false
-		}
-	}()
-
-	if listKind == reflect.String {
-		elementValue := reflect.ValueOf(element)
-		return true, strings.Contains(listValue.String(), elementValue.String())
-	}
-
-	if listKind == reflect.Map {
-		mapKeys := listValue.MapKeys()
-		for i := 0; i < len(mapKeys); i++ {
-			if ObjectsAreEqual(mapKeys[i].Interface(), element) {
-				return true, true
-			}
-		}
-		return true, false
-	}
-
-	for i := 0; i < listValue.Len(); i++ {
-		if ObjectsAreEqual(listValue.Index(i).Interface(), element) {
-			return true, true
-		}
-	}
-	return true, false
-
-}
-
-// Contains asserts that the specified string, list(array, slice...) or map contains the
-// specified substring or element.
-//
-//	assert.Contains(t, "Hello World", "World")
-//	assert.Contains(t, ["Hello", "World"], "World")
-//	assert.Contains(t, {"Hello": "World"}, "Hello")
-func Contains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	ok, found := containsElement(s, contains)
-	if !ok {
-		return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", s), msgAndArgs...)
-	}
-	if !found {
-		return Fail(t, fmt.Sprintf("%#v does not contain %#v", s, contains), msgAndArgs...)
-	}
-
-	return true
-
-}
-
-// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the
-// specified substring or element.
-//
-//	assert.NotContains(t, "Hello World", "Earth")
-//	assert.NotContains(t, ["Hello", "World"], "Earth")
-//	assert.NotContains(t, {"Hello": "World"}, "Earth")
-func NotContains(t TestingT, s, contains interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	ok, found := containsElement(s, contains)
-	if !ok {
-		return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", s), msgAndArgs...)
-	}
-	if found {
-		return Fail(t, fmt.Sprintf("%#v should not contain %#v", s, contains), msgAndArgs...)
-	}
-
-	return true
-
-}
-
-// Subset asserts that the specified list(array, slice...) contains all
-// elements given in the specified subset(array, slice...).
-//
-//	assert.Subset(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]")
-func Subset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok bool) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if subset == nil {
-		return true // we consider nil to be equal to the nil set
-	}
-
-	listKind := reflect.TypeOf(list).Kind()
-	if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map {
-		return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...)
-	}
-
-	subsetKind := reflect.TypeOf(subset).Kind()
-	if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map {
-		return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...)
-	}
-
-	if subsetKind == reflect.Map && listKind == reflect.Map {
-		subsetMap := reflect.ValueOf(subset)
-		actualMap := reflect.ValueOf(list)
-
-		for _, k := range subsetMap.MapKeys() {
-			ev := subsetMap.MapIndex(k)
-			av := actualMap.MapIndex(k)
-
-			if !av.IsValid() {
-				return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...)
-			}
-			if !ObjectsAreEqual(ev.Interface(), av.Interface()) {
-				return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, subset), msgAndArgs...)
-			}
-		}
-
-		return true
-	}
-
-	subsetList := reflect.ValueOf(subset)
-	for i := 0; i < subsetList.Len(); i++ {
-		element := subsetList.Index(i).Interface()
-		ok, found := containsElement(list, element)
-		if !ok {
-			return Fail(t, fmt.Sprintf("%#v could not be applied builtin len()", list), msgAndArgs...)
-		}
-		if !found {
-			return Fail(t, fmt.Sprintf("%#v does not contain %#v", list, element), msgAndArgs...)
-		}
-	}
-
-	return true
-}
-
-// NotSubset asserts that the specified list(array, slice...) contains not all
-// elements given in the specified subset(array, slice...).
-//
-//	assert.NotSubset(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]")
-func NotSubset(t TestingT, list, subset interface{}, msgAndArgs ...interface{}) (ok bool) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if subset == nil {
-		return Fail(t, "nil is the empty set which is a subset of every set", msgAndArgs...)
-	}
-
-	listKind := reflect.TypeOf(list).Kind()
-	if listKind != reflect.Array && listKind != reflect.Slice && listKind != reflect.Map {
-		return Fail(t, fmt.Sprintf("%q has an unsupported type %s", list, listKind), msgAndArgs...)
-	}
-
-	subsetKind := reflect.TypeOf(subset).Kind()
-	if subsetKind != reflect.Array && subsetKind != reflect.Slice && listKind != reflect.Map {
-		return Fail(t, fmt.Sprintf("%q has an unsupported type %s", subset, subsetKind), msgAndArgs...)
-	}
-
-	if subsetKind == reflect.Map && listKind == reflect.Map {
-		subsetMap := reflect.ValueOf(subset)
-		actualMap := reflect.ValueOf(list)
-
-		for _, k := range subsetMap.MapKeys() {
-			ev := subsetMap.MapIndex(k)
-			av := actualMap.MapIndex(k)
-
-			if !av.IsValid() {
-				return true
-			}
-			if !ObjectsAreEqual(ev.Interface(), av.Interface()) {
-				return true
-			}
-		}
-
-		return Fail(t, fmt.Sprintf("%q is a subset of %q", subset, list), msgAndArgs...)
-	}
-
-	subsetList := reflect.ValueOf(subset)
-	for i := 0; i < subsetList.Len(); i++ {
-		element := subsetList.Index(i).Interface()
-		ok, found := containsElement(list, element)
-		if !ok {
-			return Fail(t, fmt.Sprintf("\"%s\" could not be applied builtin len()", list), msgAndArgs...)
-		}
-		if !found {
-			return true
-		}
-	}
-
-	return Fail(t, fmt.Sprintf("%q is a subset of %q", subset, list), msgAndArgs...)
-}
-
-// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified
-// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
-// the number of appearances of each of them in both lists should match.
-//
-// assert.ElementsMatch(t, [1, 3, 2, 3], [1, 3, 3, 2])
-func ElementsMatch(t TestingT, listA, listB interface{}, msgAndArgs ...interface{}) (ok bool) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if isEmpty(listA) && isEmpty(listB) {
-		return true
-	}
-
-	if !isList(t, listA, msgAndArgs...) || !isList(t, listB, msgAndArgs...) {
-		return false
-	}
-
-	extraA, extraB := diffLists(listA, listB)
-
-	if len(extraA) == 0 && len(extraB) == 0 {
-		return true
-	}
-
-	return Fail(t, formatListDiff(listA, listB, extraA, extraB), msgAndArgs...)
-}
-
-// isList checks that the provided value is array or slice.
-func isList(t TestingT, list interface{}, msgAndArgs ...interface{}) (ok bool) {
-	kind := reflect.TypeOf(list).Kind()
-	if kind != reflect.Array && kind != reflect.Slice {
-		return Fail(t, fmt.Sprintf("%q has an unsupported type %s, expecting array or slice", list, kind),
-			msgAndArgs...)
-	}
-	return true
-}
-
-// diffLists diffs two arrays/slices and returns slices of elements that are only in A and only in B.
-// If some element is present multiple times, each instance is counted separately (e.g. if something is 2x in A and
-// 5x in B, it will be 0x in extraA and 3x in extraB). The order of items in both lists is ignored.
-func diffLists(listA, listB interface{}) (extraA, extraB []interface{}) {
-	aValue := reflect.ValueOf(listA)
-	bValue := reflect.ValueOf(listB)
-
-	aLen := aValue.Len()
-	bLen := bValue.Len()
-
-	// Mark indexes in bValue that we already used
-	visited := make([]bool, bLen)
-	for i := 0; i < aLen; i++ {
-		element := aValue.Index(i).Interface()
-		found := false
-		for j := 0; j < bLen; j++ {
-			if visited[j] {
-				continue
-			}
-			if ObjectsAreEqual(bValue.Index(j).Interface(), element) {
-				visited[j] = true
-				found = true
-				break
-			}
-		}
-		if !found {
-			extraA = append(extraA, element)
-		}
-	}
-
-	for j := 0; j < bLen; j++ {
-		if visited[j] {
-			continue
-		}
-		extraB = append(extraB, bValue.Index(j).Interface())
-	}
-
-	return
-}
-
-func formatListDiff(listA, listB interface{}, extraA, extraB []interface{}) string {
-	var msg bytes.Buffer
-
-	msg.WriteString("elements differ")
-	if len(extraA) > 0 {
-		msg.WriteString("\n\nextra elements in list A:\n")
-		msg.WriteString(spewConfig.Sdump(extraA))
-	}
-	if len(extraB) > 0 {
-		msg.WriteString("\n\nextra elements in list B:\n")
-		msg.WriteString(spewConfig.Sdump(extraB))
-	}
-	msg.WriteString("\n\nlistA:\n")
-	msg.WriteString(spewConfig.Sdump(listA))
-	msg.WriteString("\n\nlistB:\n")
-	msg.WriteString(spewConfig.Sdump(listB))
-
-	return msg.String()
-}
-
-// Condition uses a Comparison to assert a complex condition.
-func Condition(t TestingT, comp Comparison, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	result := comp()
-	if !result {
-		Fail(t, "Condition failed!", msgAndArgs...)
-	}
-	return result
-}
-
-// PanicTestFunc defines a func that should be passed to the assert.Panics and assert.NotPanics
-// methods, and represents a simple func that takes no arguments, and returns nothing.
-type PanicTestFunc func()
-
-// didPanic returns true if the function passed to it panics. Otherwise, it returns false.
-func didPanic(f PanicTestFunc) (didPanic bool, message interface{}, stack string) {
-	didPanic = true
-
-	defer func() {
-		message = recover()
-		if didPanic {
-			stack = string(debug.Stack())
-		}
-	}()
-
-	// call the target function
-	f()
-	didPanic = false
-
-	return
-}
-
-// Panics asserts that the code inside the specified PanicTestFunc panics.
-//
-//	assert.Panics(t, func(){ GoCrazy() })
-func Panics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	if funcDidPanic, panicValue, _ := didPanic(f); !funcDidPanic {
-		return Fail(t, fmt.Sprintf("func %#v should panic\n\tPanic value:\t%#v", f, panicValue), msgAndArgs...)
-	}
-
-	return true
-}
-
-// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that
-// the recovered panic value equals the expected panic value.
-//
-//	assert.PanicsWithValue(t, "crazy error", func(){ GoCrazy() })
-func PanicsWithValue(t TestingT, expected interface{}, f PanicTestFunc, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	funcDidPanic, panicValue, panickedStack := didPanic(f)
-	if !funcDidPanic {
-		return Fail(t, fmt.Sprintf("func %#v should panic\n\tPanic value:\t%#v", f, panicValue), msgAndArgs...)
-	}
-	if panicValue != expected {
-		return Fail(t, fmt.Sprintf("func %#v should panic with value:\t%#v\n\tPanic value:\t%#v\n\tPanic stack:\t%s", f, expected, panicValue, panickedStack), msgAndArgs...)
-	}
-
-	return true
-}
-
-// PanicsWithError asserts that the code inside the specified PanicTestFunc
-// panics, and that the recovered panic value is an error that satisfies the
-// EqualError comparison.
-//
-//	assert.PanicsWithError(t, "crazy error", func(){ GoCrazy() })
-func PanicsWithError(t TestingT, errString string, f PanicTestFunc, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	funcDidPanic, panicValue, panickedStack := didPanic(f)
-	if !funcDidPanic {
-		return Fail(t, fmt.Sprintf("func %#v should panic\n\tPanic value:\t%#v", f, panicValue), msgAndArgs...)
-	}
-	panicErr, ok := panicValue.(error)
-	if !ok || panicErr.Error() != errString {
-		return Fail(t, fmt.Sprintf("func %#v should panic with error message:\t%#v\n\tPanic value:\t%#v\n\tPanic stack:\t%s", f, errString, panicValue, panickedStack), msgAndArgs...)
-	}
-
-	return true
-}
-
-// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic.
-//
-//	assert.NotPanics(t, func(){ RemainCalm() })
-func NotPanics(t TestingT, f PanicTestFunc, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	if funcDidPanic, panicValue, panickedStack := didPanic(f); funcDidPanic {
-		return Fail(t, fmt.Sprintf("func %#v should not panic\n\tPanic value:\t%v\n\tPanic stack:\t%s", f, panicValue, panickedStack), msgAndArgs...)
-	}
-
-	return true
-}
-
-// WithinDuration asserts that the two times are within duration delta of each other.
-//
-//	assert.WithinDuration(t, time.Now(), time.Now(), 10*time.Second)
-func WithinDuration(t TestingT, expected, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	dt := expected.Sub(actual)
-	if dt < -delta || dt > delta {
-		return Fail(t, fmt.Sprintf("Max difference between %v and %v allowed is %v, but difference was %v", expected, actual, delta, dt), msgAndArgs...)
-	}
-
-	return true
-}
-
-// WithinRange asserts that a time is within a time range (inclusive).
-//
-//	assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second))
-func WithinRange(t TestingT, actual, start, end time.Time, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	if end.Before(start) {
-		return Fail(t, "Start should be before end", msgAndArgs...)
-	}
-
-	if actual.Before(start) {
-		return Fail(t, fmt.Sprintf("Time %v expected to be in time range %v to %v, but is before the range", actual, start, end), msgAndArgs...)
-	} else if actual.After(end) {
-		return Fail(t, fmt.Sprintf("Time %v expected to be in time range %v to %v, but is after the range", actual, start, end), msgAndArgs...)
-	}
-
-	return true
-}
-
-func toFloat(x interface{}) (float64, bool) {
-	var xf float64
-	xok := true
-
-	switch xn := x.(type) {
-	case uint:
-		xf = float64(xn)
-	case uint8:
-		xf = float64(xn)
-	case uint16:
-		xf = float64(xn)
-	case uint32:
-		xf = float64(xn)
-	case uint64:
-		xf = float64(xn)
-	case int:
-		xf = float64(xn)
-	case int8:
-		xf = float64(xn)
-	case int16:
-		xf = float64(xn)
-	case int32:
-		xf = float64(xn)
-	case int64:
-		xf = float64(xn)
-	case float32:
-		xf = float64(xn)
-	case float64:
-		xf = xn
-	case time.Duration:
-		xf = float64(xn)
-	default:
-		xok = false
-	}
-
-	return xf, xok
-}
-
-// InDelta asserts that the two numerals are within delta of each other.
-//
-//	assert.InDelta(t, math.Pi, 22/7.0, 0.01)
-func InDelta(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	af, aok := toFloat(expected)
-	bf, bok := toFloat(actual)
-
-	if !aok || !bok {
-		return Fail(t, "Parameters must be numerical", msgAndArgs...)
-	}
-
-	if math.IsNaN(af) && math.IsNaN(bf) {
-		return true
-	}
-
-	if math.IsNaN(af) {
-		return Fail(t, "Expected must not be NaN", msgAndArgs...)
-	}
-
-	if math.IsNaN(bf) {
-		return Fail(t, fmt.Sprintf("Expected %v with delta %v, but was NaN", expected, delta), msgAndArgs...)
-	}
-
-	dt := af - bf
-	if dt < -delta || dt > delta {
-		return Fail(t, fmt.Sprintf("Max difference between %v and %v allowed is %v, but difference was %v", expected, actual, delta, dt), msgAndArgs...)
-	}
-
-	return true
-}
-
-// InDeltaSlice is the same as InDelta, except it compares two slices.
-func InDeltaSlice(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if expected == nil || actual == nil ||
-		reflect.TypeOf(actual).Kind() != reflect.Slice ||
-		reflect.TypeOf(expected).Kind() != reflect.Slice {
-		return Fail(t, "Parameters must be slice", msgAndArgs...)
-	}
-
-	actualSlice := reflect.ValueOf(actual)
-	expectedSlice := reflect.ValueOf(expected)
-
-	for i := 0; i < actualSlice.Len(); i++ {
-		result := InDelta(t, actualSlice.Index(i).Interface(), expectedSlice.Index(i).Interface(), delta, msgAndArgs...)
-		if !result {
-			return result
-		}
-	}
-
-	return true
-}
-
-// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
-func InDeltaMapValues(t TestingT, expected, actual interface{}, delta float64, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if expected == nil || actual == nil ||
-		reflect.TypeOf(actual).Kind() != reflect.Map ||
-		reflect.TypeOf(expected).Kind() != reflect.Map {
-		return Fail(t, "Arguments must be maps", msgAndArgs...)
-	}
-
-	expectedMap := reflect.ValueOf(expected)
-	actualMap := reflect.ValueOf(actual)
-
-	if expectedMap.Len() != actualMap.Len() {
-		return Fail(t, "Arguments must have the same number of keys", msgAndArgs...)
-	}
-
-	for _, k := range expectedMap.MapKeys() {
-		ev := expectedMap.MapIndex(k)
-		av := actualMap.MapIndex(k)
-
-		if !ev.IsValid() {
-			return Fail(t, fmt.Sprintf("missing key %q in expected map", k), msgAndArgs...)
-		}
-
-		if !av.IsValid() {
-			return Fail(t, fmt.Sprintf("missing key %q in actual map", k), msgAndArgs...)
-		}
-
-		if !InDelta(
-			t,
-			ev.Interface(),
-			av.Interface(),
-			delta,
-			msgAndArgs...,
-		) {
-			return false
-		}
-	}
-
-	return true
-}
-
-func calcRelativeError(expected, actual interface{}) (float64, error) {
-	af, aok := toFloat(expected)
-	bf, bok := toFloat(actual)
-	if !aok || !bok {
-		return 0, fmt.Errorf("Parameters must be numerical")
-	}
-	if math.IsNaN(af) && math.IsNaN(bf) {
-		return 0, nil
-	}
-	if math.IsNaN(af) {
-		return 0, errors.New("expected value must not be NaN")
-	}
-	if af == 0 {
-		return 0, fmt.Errorf("expected value must have a value other than zero to calculate the relative error")
-	}
-	if math.IsNaN(bf) {
-		return 0, errors.New("actual value must not be NaN")
-	}
-
-	return math.Abs(af-bf) / math.Abs(af), nil
-}
-
-// InEpsilon asserts that expected and actual have a relative error less than epsilon
-func InEpsilon(t TestingT, expected, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if math.IsNaN(epsilon) {
-		return Fail(t, "epsilon must not be NaN")
-	}
-	actualEpsilon, err := calcRelativeError(expected, actual)
-	if err != nil {
-		return Fail(t, err.Error(), msgAndArgs...)
-	}
-	if actualEpsilon > epsilon {
-		return Fail(t, fmt.Sprintf("Relative error is too high: %#v (expected)\n"+
-			"        < %#v (actual)", epsilon, actualEpsilon), msgAndArgs...)
-	}
-
-	return true
-}
-
-// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices.
-func InEpsilonSlice(t TestingT, expected, actual interface{}, epsilon float64, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if expected == nil || actual == nil ||
-		reflect.TypeOf(actual).Kind() != reflect.Slice ||
-		reflect.TypeOf(expected).Kind() != reflect.Slice {
-		return Fail(t, "Parameters must be slice", msgAndArgs...)
-	}
-
-	actualSlice := reflect.ValueOf(actual)
-	expectedSlice := reflect.ValueOf(expected)
-
-	for i := 0; i < actualSlice.Len(); i++ {
-		result := InEpsilon(t, actualSlice.Index(i).Interface(), expectedSlice.Index(i).Interface(), epsilon)
-		if !result {
-			return result
-		}
-	}
-
-	return true
-}
-
-/*
-	Errors
-*/
-
-// NoError asserts that a function returned no error (i.e. `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if assert.NoError(t, err) {
-//		   assert.Equal(t, expectedObj, actualObj)
-//	  }
-func NoError(t TestingT, err error, msgAndArgs ...interface{}) bool {
-	if err != nil {
-		if h, ok := t.(tHelper); ok {
-			h.Helper()
-		}
-		return Fail(t, fmt.Sprintf("Received unexpected error:\n%+v", err), msgAndArgs...)
-	}
-
-	return true
-}
-
-// Error asserts that a function returned an error (i.e. not `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if assert.Error(t, err) {
-//		   assert.Equal(t, expectedError, err)
-//	  }
-func Error(t TestingT, err error, msgAndArgs ...interface{}) bool {
-	if err == nil {
-		if h, ok := t.(tHelper); ok {
-			h.Helper()
-		}
-		return Fail(t, "An error is expected but got nil.", msgAndArgs...)
-	}
-
-	return true
-}
-
-// EqualError asserts that a function returned an error (i.e. not `nil`)
-// and that it is equal to the provided error.
-//
-//	actualObj, err := SomeFunction()
-//	assert.EqualError(t, err,  expectedErrorString)
-func EqualError(t TestingT, theError error, errString string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if !Error(t, theError, msgAndArgs...) {
-		return false
-	}
-	expected := errString
-	actual := theError.Error()
-	// don't need to use deep equals here, we know they are both strings
-	if expected != actual {
-		return Fail(t, fmt.Sprintf("Error message not equal:\n"+
-			"expected: %q\n"+
-			"actual  : %q", expected, actual), msgAndArgs...)
-	}
-	return true
-}
-
-// ErrorContains asserts that a function returned an error (i.e. not `nil`)
-// and that the error contains the specified substring.
-//
-//	actualObj, err := SomeFunction()
-//	assert.ErrorContains(t, err,  expectedErrorSubString)
-func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if !Error(t, theError, msgAndArgs...) {
-		return false
-	}
-
-	actual := theError.Error()
-	if !strings.Contains(actual, contains) {
-		return Fail(t, fmt.Sprintf("Error %#v does not contain %#v", actual, contains), msgAndArgs...)
-	}
-
-	return true
-}
-
-// matchRegexp return true if a specified regexp matches a string.
-func matchRegexp(rx interface{}, str interface{}) bool {
-
-	var r *regexp.Regexp
-	if rr, ok := rx.(*regexp.Regexp); ok {
-		r = rr
-	} else {
-		r = regexp.MustCompile(fmt.Sprint(rx))
-	}
-
-	return (r.FindStringIndex(fmt.Sprint(str)) != nil)
-
-}
-
-// Regexp asserts that a specified regexp matches a string.
-//
-//	assert.Regexp(t, regexp.MustCompile("start"), "it's starting")
-//	assert.Regexp(t, "start...$", "it's not starting")
-func Regexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	match := matchRegexp(rx, str)
-
-	if !match {
-		Fail(t, fmt.Sprintf("Expect \"%v\" to match \"%v\"", str, rx), msgAndArgs...)
-	}
-
-	return match
-}
-
-// NotRegexp asserts that a specified regexp does not match a string.
-//
-//	assert.NotRegexp(t, regexp.MustCompile("starts"), "it's starting")
-//	assert.NotRegexp(t, "^start", "it's not starting")
-func NotRegexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	match := matchRegexp(rx, str)
-
-	if match {
-		Fail(t, fmt.Sprintf("Expect \"%v\" to NOT match \"%v\"", str, rx), msgAndArgs...)
-	}
-
-	return !match
-
-}
-
-// Zero asserts that i is the zero value for its type.
-func Zero(t TestingT, i interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if i != nil && !reflect.DeepEqual(i, reflect.Zero(reflect.TypeOf(i)).Interface()) {
-		return Fail(t, fmt.Sprintf("Should be zero, but was %v", i), msgAndArgs...)
-	}
-	return true
-}
-
-// NotZero asserts that i is not the zero value for its type.
-func NotZero(t TestingT, i interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if i == nil || reflect.DeepEqual(i, reflect.Zero(reflect.TypeOf(i)).Interface()) {
-		return Fail(t, fmt.Sprintf("Should not be zero, but was %v", i), msgAndArgs...)
-	}
-	return true
-}
-
-// FileExists checks whether a file exists in the given path. It also fails if
-// the path points to a directory or there is an error when trying to check the file.
-func FileExists(t TestingT, path string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	info, err := os.Lstat(path)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return Fail(t, fmt.Sprintf("unable to find file %q", path), msgAndArgs...)
-		}
-		return Fail(t, fmt.Sprintf("error when running os.Lstat(%q): %s", path, err), msgAndArgs...)
-	}
-	if info.IsDir() {
-		return Fail(t, fmt.Sprintf("%q is a directory", path), msgAndArgs...)
-	}
-	return true
-}
-
-// NoFileExists checks whether a file does not exist in a given path. It fails
-// if the path points to an existing _file_ only.
-func NoFileExists(t TestingT, path string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	info, err := os.Lstat(path)
-	if err != nil {
-		return true
-	}
-	if info.IsDir() {
-		return true
-	}
-	return Fail(t, fmt.Sprintf("file %q exists", path), msgAndArgs...)
-}
-
-// DirExists checks whether a directory exists in the given path. It also fails
-// if the path is a file rather a directory or there is an error checking whether it exists.
-func DirExists(t TestingT, path string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	info, err := os.Lstat(path)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return Fail(t, fmt.Sprintf("unable to find file %q", path), msgAndArgs...)
-		}
-		return Fail(t, fmt.Sprintf("error when running os.Lstat(%q): %s", path, err), msgAndArgs...)
-	}
-	if !info.IsDir() {
-		return Fail(t, fmt.Sprintf("%q is a file", path), msgAndArgs...)
-	}
-	return true
-}
-
-// NoDirExists checks whether a directory does not exist in the given path.
-// It fails if the path points to an existing _directory_ only.
-func NoDirExists(t TestingT, path string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	info, err := os.Lstat(path)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return true
-		}
-		return true
-	}
-	if !info.IsDir() {
-		return true
-	}
-	return Fail(t, fmt.Sprintf("directory %q exists", path), msgAndArgs...)
-}
-
-// JSONEq asserts that two JSON strings are equivalent.
-//
-//	assert.JSONEq(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`)
-func JSONEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	var expectedJSONAsInterface, actualJSONAsInterface interface{}
-
-	if err := json.Unmarshal([]byte(expected), &expectedJSONAsInterface); err != nil {
-		return Fail(t, fmt.Sprintf("Expected value ('%s') is not valid json.\nJSON parsing error: '%s'", expected, err.Error()), msgAndArgs...)
-	}
-
-	if err := json.Unmarshal([]byte(actual), &actualJSONAsInterface); err != nil {
-		return Fail(t, fmt.Sprintf("Input ('%s') needs to be valid json.\nJSON parsing error: '%s'", actual, err.Error()), msgAndArgs...)
-	}
-
-	return Equal(t, expectedJSONAsInterface, actualJSONAsInterface, msgAndArgs...)
-}
-
-// YAMLEq asserts that two YAML strings are equivalent.
-func YAMLEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	var expectedYAMLAsInterface, actualYAMLAsInterface interface{}
-
-	if err := yaml.Unmarshal([]byte(expected), &expectedYAMLAsInterface); err != nil {
-		return Fail(t, fmt.Sprintf("Expected value ('%s') is not valid yaml.\nYAML parsing error: '%s'", expected, err.Error()), msgAndArgs...)
-	}
-
-	if err := yaml.Unmarshal([]byte(actual), &actualYAMLAsInterface); err != nil {
-		return Fail(t, fmt.Sprintf("Input ('%s') needs to be valid yaml.\nYAML error: '%s'", actual, err.Error()), msgAndArgs...)
-	}
-
-	return Equal(t, expectedYAMLAsInterface, actualYAMLAsInterface, msgAndArgs...)
-}
-
-func typeAndKind(v interface{}) (reflect.Type, reflect.Kind) {
-	t := reflect.TypeOf(v)
-	k := t.Kind()
-
-	if k == reflect.Ptr {
-		t = t.Elem()
-		k = t.Kind()
-	}
-	return t, k
-}
-
-// diff returns a diff of both values as long as both are of the same type and
-// are a struct, map, slice, array or string. Otherwise it returns an empty string.
-func diff(expected interface{}, actual interface{}) string {
-	if expected == nil || actual == nil {
-		return ""
-	}
-
-	et, ek := typeAndKind(expected)
-	at, _ := typeAndKind(actual)
-
-	if et != at {
-		return ""
-	}
-
-	if ek != reflect.Struct && ek != reflect.Map && ek != reflect.Slice && ek != reflect.Array && ek != reflect.String {
-		return ""
-	}
-
-	var e, a string
-
-	switch et {
-	case reflect.TypeOf(""):
-		e = reflect.ValueOf(expected).String()
-		a = reflect.ValueOf(actual).String()
-	case reflect.TypeOf(time.Time{}):
-		e = spewConfigStringerEnabled.Sdump(expected)
-		a = spewConfigStringerEnabled.Sdump(actual)
-	default:
-		e = spewConfig.Sdump(expected)
-		a = spewConfig.Sdump(actual)
-	}
-
-	diff, _ := difflib.GetUnifiedDiffString(difflib.UnifiedDiff{
-		A:        difflib.SplitLines(e),
-		B:        difflib.SplitLines(a),
-		FromFile: "Expected",
-		FromDate: "",
-		ToFile:   "Actual",
-		ToDate:   "",
-		Context:  1,
-	})
-
-	return "\n\nDiff:\n" + diff
-}
-
-func isFunction(arg interface{}) bool {
-	if arg == nil {
-		return false
-	}
-	return reflect.TypeOf(arg).Kind() == reflect.Func
-}
-
-var spewConfig = spew.ConfigState{
-	Indent:                  " ",
-	DisablePointerAddresses: true,
-	DisableCapacities:       true,
-	SortKeys:                true,
-	DisableMethods:          true,
-	MaxDepth:                10,
-}
-
-var spewConfigStringerEnabled = spew.ConfigState{
-	Indent:                  " ",
-	DisablePointerAddresses: true,
-	DisableCapacities:       true,
-	SortKeys:                true,
-	MaxDepth:                10,
-}
-
-type tHelper interface {
-	Helper()
-}
-
-// Eventually asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick.
-//
-//	assert.Eventually(t, func() bool { return true; }, time.Second, 10*time.Millisecond)
-func Eventually(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	ch := make(chan bool, 1)
-
-	timer := time.NewTimer(waitFor)
-	defer timer.Stop()
-
-	ticker := time.NewTicker(tick)
-	defer ticker.Stop()
-
-	for tick := ticker.C; ; {
-		select {
-		case <-timer.C:
-			return Fail(t, "Condition never satisfied", msgAndArgs...)
-		case <-tick:
-			tick = nil
-			go func() { ch <- condition() }()
-		case v := <-ch:
-			if v {
-				return true
-			}
-			tick = ticker.C
-		}
-	}
-}
-
-// CollectT implements the TestingT interface and collects all errors.
-type CollectT struct {
-	errors []error
-}
-
-// Errorf collects the error.
-func (c *CollectT) Errorf(format string, args ...interface{}) {
-	c.errors = append(c.errors, fmt.Errorf(format, args...))
-}
-
-// FailNow panics.
-func (c *CollectT) FailNow() {
-	panic("Assertion failed")
-}
-
-// Reset clears the collected errors.
-func (c *CollectT) Reset() {
-	c.errors = nil
-}
-
-// Copy copies the collected errors to the supplied t.
-func (c *CollectT) Copy(t TestingT) {
-	if tt, ok := t.(tHelper); ok {
-		tt.Helper()
-	}
-	for _, err := range c.errors {
-		t.Errorf("%v", err)
-	}
-}
-
-// EventuallyWithT asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick. In contrast to Eventually,
-// it supplies a CollectT to the condition function, so that the condition
-// function can use the CollectT to call other assertions.
-// The condition is considered "met" if no errors are raised in a tick.
-// The supplied CollectT collects all errors from one tick (if there are any).
-// If the condition is not met before waitFor, the collected errors of
-// the last tick are copied to t.
-//
-//	externalValue := false
-//	go func() {
-//		time.Sleep(8*time.Second)
-//		externalValue = true
-//	}()
-//	assert.EventuallyWithT(t, func(c *assert.CollectT) {
-//		// add assertions as needed; any assertion failure will fail the current tick
-//		assert.True(c, externalValue, "expected 'externalValue' to be true")
-//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
-func EventuallyWithT(t TestingT, condition func(collect *CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	collect := new(CollectT)
-	ch := make(chan bool, 1)
-
-	timer := time.NewTimer(waitFor)
-	defer timer.Stop()
-
-	ticker := time.NewTicker(tick)
-	defer ticker.Stop()
-
-	for tick := ticker.C; ; {
-		select {
-		case <-timer.C:
-			collect.Copy(t)
-			return Fail(t, "Condition never satisfied", msgAndArgs...)
-		case <-tick:
-			tick = nil
-			collect.Reset()
-			go func() {
-				condition(collect)
-				ch <- len(collect.errors) == 0
-			}()
-		case v := <-ch:
-			if v {
-				return true
-			}
-			tick = ticker.C
-		}
-	}
-}
-
-// Never asserts that the given condition doesn't satisfy in waitFor time,
-// periodically checking the target function each tick.
-//
-//	assert.Never(t, func() bool { return false; }, time.Second, 10*time.Millisecond)
-func Never(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-
-	ch := make(chan bool, 1)
-
-	timer := time.NewTimer(waitFor)
-	defer timer.Stop()
-
-	ticker := time.NewTicker(tick)
-	defer ticker.Stop()
-
-	for tick := ticker.C; ; {
-		select {
-		case <-timer.C:
-			return true
-		case <-tick:
-			tick = nil
-			go func() { ch <- condition() }()
-		case v := <-ch:
-			if v {
-				return Fail(t, "Condition satisfied", msgAndArgs...)
-			}
-			tick = ticker.C
-		}
-	}
-}
-
-// ErrorIs asserts that at least one of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func ErrorIs(t TestingT, err, target error, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if errors.Is(err, target) {
-		return true
-	}
-
-	var expectedText string
-	if target != nil {
-		expectedText = target.Error()
-	}
-
-	chain := buildErrorChainString(err)
-
-	return Fail(t, fmt.Sprintf("Target error should be in err chain:\n"+
-		"expected: %q\n"+
-		"in chain: %s", expectedText, chain,
-	), msgAndArgs...)
-}
-
-// NotErrorIs asserts that at none of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func NotErrorIs(t TestingT, err, target error, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if !errors.Is(err, target) {
-		return true
-	}
-
-	var expectedText string
-	if target != nil {
-		expectedText = target.Error()
-	}
-
-	chain := buildErrorChainString(err)
-
-	return Fail(t, fmt.Sprintf("Target error should not be in err chain:\n"+
-		"found: %q\n"+
-		"in chain: %s", expectedText, chain,
-	), msgAndArgs...)
-}
-
-// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
-// This is a wrapper for errors.As.
-func ErrorAs(t TestingT, err error, target interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if errors.As(err, target) {
-		return true
-	}
-
-	chain := buildErrorChainString(err)
-
-	return Fail(t, fmt.Sprintf("Should be in error chain:\n"+
-		"expected: %q\n"+
-		"in chain: %s", target, chain,
-	), msgAndArgs...)
-}
-
-func buildErrorChainString(err error) string {
-	if err == nil {
-		return ""
-	}
-
-	e := errors.Unwrap(err)
-	chain := fmt.Sprintf("%q", err.Error())
-	for e != nil {
-		chain += fmt.Sprintf("\n\t%q", e.Error())
-		e = errors.Unwrap(e)
-	}
-	return chain
-}
diff --git a/vendor/github.com/stretchr/testify/assert/doc.go b/vendor/github.com/stretchr/testify/assert/doc.go
deleted file mode 100644
index 4953981d3..000000000
--- a/vendor/github.com/stretchr/testify/assert/doc.go
+++ /dev/null
@@ -1,46 +0,0 @@
-// Package assert provides a set of comprehensive testing tools for use with the normal Go testing system.
-//
-// # Example Usage
-//
-// The following is a complete example using assert in a standard test function:
-//
-//	import (
-//	  "testing"
-//	  "github.com/stretchr/testify/assert"
-//	)
-//
-//	func TestSomething(t *testing.T) {
-//
-//	  var a string = "Hello"
-//	  var b string = "Hello"
-//
-//	  assert.Equal(t, a, b, "The two words should be the same.")
-//
-//	}
-//
-// if you assert many times, use the format below:
-//
-//	import (
-//	  "testing"
-//	  "github.com/stretchr/testify/assert"
-//	)
-//
-//	func TestSomething(t *testing.T) {
-//	  assert := assert.New(t)
-//
-//	  var a string = "Hello"
-//	  var b string = "Hello"
-//
-//	  assert.Equal(a, b, "The two words should be the same.")
-//	}
-//
-// # Assertions
-//
-// Assertions allow you to easily write test code, and are global funcs in the `assert` package.
-// All assertion functions take, as the first argument, the `*testing.T` object provided by the
-// testing framework. This allows the assertion funcs to write the failings and other details to
-// the correct place.
-//
-// Every assertion function also takes an optional string message as the final argument,
-// allowing custom error messages to be appended to the message the assertion method outputs.
-package assert
diff --git a/vendor/github.com/stretchr/testify/assert/errors.go b/vendor/github.com/stretchr/testify/assert/errors.go
deleted file mode 100644
index ac9dc9d1d..000000000
--- a/vendor/github.com/stretchr/testify/assert/errors.go
+++ /dev/null
@@ -1,10 +0,0 @@
-package assert
-
-import (
-	"errors"
-)
-
-// AnError is an error instance useful for testing.  If the code does not care
-// about error specifics, and only needs to return the error for example, this
-// error should be used to make the test code more readable.
-var AnError = errors.New("assert.AnError general error for testing")
diff --git a/vendor/github.com/stretchr/testify/assert/forward_assertions.go b/vendor/github.com/stretchr/testify/assert/forward_assertions.go
deleted file mode 100644
index df189d234..000000000
--- a/vendor/github.com/stretchr/testify/assert/forward_assertions.go
+++ /dev/null
@@ -1,16 +0,0 @@
-package assert
-
-// Assertions provides assertion methods around the
-// TestingT interface.
-type Assertions struct {
-	t TestingT
-}
-
-// New makes a new Assertions object for the specified TestingT.
-func New(t TestingT) *Assertions {
-	return &Assertions{
-		t: t,
-	}
-}
-
-//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=assert -template=assertion_forward.go.tmpl -include-format-funcs"
diff --git a/vendor/github.com/stretchr/testify/assert/http_assertions.go b/vendor/github.com/stretchr/testify/assert/http_assertions.go
deleted file mode 100644
index d8038c28a..000000000
--- a/vendor/github.com/stretchr/testify/assert/http_assertions.go
+++ /dev/null
@@ -1,162 +0,0 @@
-package assert
-
-import (
-	"fmt"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"strings"
-)
-
-// httpCode is a helper that returns HTTP code of the response. It returns -1 and
-// an error if building a new request fails.
-func httpCode(handler http.HandlerFunc, method, url string, values url.Values) (int, error) {
-	w := httptest.NewRecorder()
-	req, err := http.NewRequest(method, url, nil)
-	if err != nil {
-		return -1, err
-	}
-	req.URL.RawQuery = values.Encode()
-	handler(w, req)
-	return w.Code, nil
-}
-
-// HTTPSuccess asserts that a specified handler returns a success status code.
-//
-//	assert.HTTPSuccess(t, myHandler, "POST", "http://www.google.com", nil)
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPSuccess(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	code, err := httpCode(handler, method, url, values)
-	if err != nil {
-		Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err))
-	}
-
-	isSuccessCode := code >= http.StatusOK && code <= http.StatusPartialContent
-	if !isSuccessCode {
-		Fail(t, fmt.Sprintf("Expected HTTP success status code for %q but received %d", url+"?"+values.Encode(), code))
-	}
-
-	return isSuccessCode
-}
-
-// HTTPRedirect asserts that a specified handler returns a redirect status code.
-//
-//	assert.HTTPRedirect(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPRedirect(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	code, err := httpCode(handler, method, url, values)
-	if err != nil {
-		Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err))
-	}
-
-	isRedirectCode := code >= http.StatusMultipleChoices && code <= http.StatusTemporaryRedirect
-	if !isRedirectCode {
-		Fail(t, fmt.Sprintf("Expected HTTP redirect status code for %q but received %d", url+"?"+values.Encode(), code))
-	}
-
-	return isRedirectCode
-}
-
-// HTTPError asserts that a specified handler returns an error status code.
-//
-//	assert.HTTPError(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPError(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	code, err := httpCode(handler, method, url, values)
-	if err != nil {
-		Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err))
-	}
-
-	isErrorCode := code >= http.StatusBadRequest
-	if !isErrorCode {
-		Fail(t, fmt.Sprintf("Expected HTTP error status code for %q but received %d", url+"?"+values.Encode(), code))
-	}
-
-	return isErrorCode
-}
-
-// HTTPStatusCode asserts that a specified handler returns a specified status code.
-//
-//	assert.HTTPStatusCode(t, myHandler, "GET", "/notImplemented", nil, 501)
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPStatusCode(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	code, err := httpCode(handler, method, url, values)
-	if err != nil {
-		Fail(t, fmt.Sprintf("Failed to build test request, got error: %s", err))
-	}
-
-	successful := code == statuscode
-	if !successful {
-		Fail(t, fmt.Sprintf("Expected HTTP status code %d for %q but received %d", statuscode, url+"?"+values.Encode(), code))
-	}
-
-	return successful
-}
-
-// HTTPBody is a helper that returns HTTP body of the response. It returns
-// empty string if building a new request fails.
-func HTTPBody(handler http.HandlerFunc, method, url string, values url.Values) string {
-	w := httptest.NewRecorder()
-	req, err := http.NewRequest(method, url+"?"+values.Encode(), nil)
-	if err != nil {
-		return ""
-	}
-	handler(w, req)
-	return w.Body.String()
-}
-
-// HTTPBodyContains asserts that a specified handler returns a
-// body that contains a string.
-//
-//	assert.HTTPBodyContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPBodyContains(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	body := HTTPBody(handler, method, url, values)
-
-	contains := strings.Contains(body, fmt.Sprint(str))
-	if !contains {
-		Fail(t, fmt.Sprintf("Expected response body for \"%s\" to contain \"%s\" but found \"%s\"", url+"?"+values.Encode(), str, body))
-	}
-
-	return contains
-}
-
-// HTTPBodyNotContains asserts that a specified handler returns a
-// body that does not contain a string.
-//
-//	assert.HTTPBodyNotContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPBodyNotContains(t TestingT, handler http.HandlerFunc, method, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) bool {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	body := HTTPBody(handler, method, url, values)
-
-	contains := strings.Contains(body, fmt.Sprint(str))
-	if contains {
-		Fail(t, fmt.Sprintf("Expected response body for \"%s\" to NOT contain \"%s\" but found \"%s\"", url+"?"+values.Encode(), str, body))
-	}
-
-	return !contains
-}
diff --git a/vendor/github.com/stretchr/testify/require/doc.go b/vendor/github.com/stretchr/testify/require/doc.go
deleted file mode 100644
index 968434724..000000000
--- a/vendor/github.com/stretchr/testify/require/doc.go
+++ /dev/null
@@ -1,29 +0,0 @@
-// Package require implements the same assertions as the `assert` package but
-// stops test execution when a test fails.
-//
-// # Example Usage
-//
-// The following is a complete example using require in a standard test function:
-//
-//	import (
-//	  "testing"
-//	  "github.com/stretchr/testify/require"
-//	)
-//
-//	func TestSomething(t *testing.T) {
-//
-//	  var a string = "Hello"
-//	  var b string = "Hello"
-//
-//	  require.Equal(t, a, b, "The two words should be the same.")
-//
-//	}
-//
-// # Assertions
-//
-// The `require` package have same global functions as in the `assert` package,
-// but instead of returning a boolean result they call `t.FailNow()`.
-//
-// Every assertion function also takes an optional string message as the final argument,
-// allowing custom error messages to be appended to the message the assertion method outputs.
-package require
diff --git a/vendor/github.com/stretchr/testify/require/forward_requirements.go b/vendor/github.com/stretchr/testify/require/forward_requirements.go
deleted file mode 100644
index 1dcb2338c..000000000
--- a/vendor/github.com/stretchr/testify/require/forward_requirements.go
+++ /dev/null
@@ -1,16 +0,0 @@
-package require
-
-// Assertions provides assertion methods around the
-// TestingT interface.
-type Assertions struct {
-	t TestingT
-}
-
-// New makes a new Assertions object for the specified TestingT.
-func New(t TestingT) *Assertions {
-	return &Assertions{
-		t: t,
-	}
-}
-
-//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=require -template=require_forward.go.tmpl -include-format-funcs"
diff --git a/vendor/github.com/stretchr/testify/require/require.go b/vendor/github.com/stretchr/testify/require/require.go
deleted file mode 100644
index 63f852147..000000000
--- a/vendor/github.com/stretchr/testify/require/require.go
+++ /dev/null
@@ -1,2031 +0,0 @@
-/*
-* CODE GENERATED AUTOMATICALLY WITH github.com/stretchr/testify/_codegen
-* THIS FILE MUST NOT BE EDITED BY HAND
- */
-
-package require
-
-import (
-	assert "github.com/stretchr/testify/assert"
-	http "net/http"
-	url "net/url"
-	time "time"
-)
-
-// Condition uses a Comparison to assert a complex condition.
-func Condition(t TestingT, comp assert.Comparison, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Condition(t, comp, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Conditionf uses a Comparison to assert a complex condition.
-func Conditionf(t TestingT, comp assert.Comparison, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Conditionf(t, comp, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Contains asserts that the specified string, list(array, slice...) or map contains the
-// specified substring or element.
-//
-//	assert.Contains(t, "Hello World", "World")
-//	assert.Contains(t, ["Hello", "World"], "World")
-//	assert.Contains(t, {"Hello": "World"}, "Hello")
-func Contains(t TestingT, s interface{}, contains interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Contains(t, s, contains, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Containsf asserts that the specified string, list(array, slice...) or map contains the
-// specified substring or element.
-//
-//	assert.Containsf(t, "Hello World", "World", "error message %s", "formatted")
-//	assert.Containsf(t, ["Hello", "World"], "World", "error message %s", "formatted")
-//	assert.Containsf(t, {"Hello": "World"}, "Hello", "error message %s", "formatted")
-func Containsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Containsf(t, s, contains, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// DirExists checks whether a directory exists in the given path. It also fails
-// if the path is a file rather a directory or there is an error checking whether it exists.
-func DirExists(t TestingT, path string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.DirExists(t, path, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// DirExistsf checks whether a directory exists in the given path. It also fails
-// if the path is a file rather a directory or there is an error checking whether it exists.
-func DirExistsf(t TestingT, path string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.DirExistsf(t, path, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified
-// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
-// the number of appearances of each of them in both lists should match.
-//
-// assert.ElementsMatch(t, [1, 3, 2, 3], [1, 3, 3, 2])
-func ElementsMatch(t TestingT, listA interface{}, listB interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.ElementsMatch(t, listA, listB, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified
-// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
-// the number of appearances of each of them in both lists should match.
-//
-// assert.ElementsMatchf(t, [1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted")
-func ElementsMatchf(t TestingT, listA interface{}, listB interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.ElementsMatchf(t, listA, listB, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Empty asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	assert.Empty(t, obj)
-func Empty(t TestingT, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Empty(t, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Emptyf asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	assert.Emptyf(t, obj, "error message %s", "formatted")
-func Emptyf(t TestingT, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Emptyf(t, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Equal asserts that two objects are equal.
-//
-//	assert.Equal(t, 123, 123)
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses). Function equality
-// cannot be determined and will always fail.
-func Equal(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Equal(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// EqualError asserts that a function returned an error (i.e. not `nil`)
-// and that it is equal to the provided error.
-//
-//	actualObj, err := SomeFunction()
-//	assert.EqualError(t, err,  expectedErrorString)
-func EqualError(t TestingT, theError error, errString string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.EqualError(t, theError, errString, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// EqualErrorf asserts that a function returned an error (i.e. not `nil`)
-// and that it is equal to the provided error.
-//
-//	actualObj, err := SomeFunction()
-//	assert.EqualErrorf(t, err,  expectedErrorString, "error message %s", "formatted")
-func EqualErrorf(t TestingT, theError error, errString string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.EqualErrorf(t, theError, errString, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// EqualExportedValues asserts that the types of two objects are equal and their public
-// fields are also equal. This is useful for comparing structs that have private fields
-// that could potentially differ.
-//
-//	 type S struct {
-//		Exported     	int
-//		notExported   	int
-//	 }
-//	 assert.EqualExportedValues(t, S{1, 2}, S{1, 3}) => true
-//	 assert.EqualExportedValues(t, S{1, 2}, S{2, 3}) => false
-func EqualExportedValues(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.EqualExportedValues(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// EqualExportedValuesf asserts that the types of two objects are equal and their public
-// fields are also equal. This is useful for comparing structs that have private fields
-// that could potentially differ.
-//
-//	 type S struct {
-//		Exported     	int
-//		notExported   	int
-//	 }
-//	 assert.EqualExportedValuesf(t, S{1, 2}, S{1, 3}, "error message %s", "formatted") => true
-//	 assert.EqualExportedValuesf(t, S{1, 2}, S{2, 3}, "error message %s", "formatted") => false
-func EqualExportedValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.EqualExportedValuesf(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// EqualValues asserts that two objects are equal or convertable to the same types
-// and equal.
-//
-//	assert.EqualValues(t, uint32(123), int32(123))
-func EqualValues(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.EqualValues(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// EqualValuesf asserts that two objects are equal or convertable to the same types
-// and equal.
-//
-//	assert.EqualValuesf(t, uint32(123), int32(123), "error message %s", "formatted")
-func EqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.EqualValuesf(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Equalf asserts that two objects are equal.
-//
-//	assert.Equalf(t, 123, 123, "error message %s", "formatted")
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses). Function equality
-// cannot be determined and will always fail.
-func Equalf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Equalf(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Error asserts that a function returned an error (i.e. not `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if assert.Error(t, err) {
-//		   assert.Equal(t, expectedError, err)
-//	  }
-func Error(t TestingT, err error, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Error(t, err, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
-// This is a wrapper for errors.As.
-func ErrorAs(t TestingT, err error, target interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.ErrorAs(t, err, target, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
-// This is a wrapper for errors.As.
-func ErrorAsf(t TestingT, err error, target interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.ErrorAsf(t, err, target, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// ErrorContains asserts that a function returned an error (i.e. not `nil`)
-// and that the error contains the specified substring.
-//
-//	actualObj, err := SomeFunction()
-//	assert.ErrorContains(t, err,  expectedErrorSubString)
-func ErrorContains(t TestingT, theError error, contains string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.ErrorContains(t, theError, contains, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// ErrorContainsf asserts that a function returned an error (i.e. not `nil`)
-// and that the error contains the specified substring.
-//
-//	actualObj, err := SomeFunction()
-//	assert.ErrorContainsf(t, err,  expectedErrorSubString, "error message %s", "formatted")
-func ErrorContainsf(t TestingT, theError error, contains string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.ErrorContainsf(t, theError, contains, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// ErrorIs asserts that at least one of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func ErrorIs(t TestingT, err error, target error, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.ErrorIs(t, err, target, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// ErrorIsf asserts that at least one of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func ErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.ErrorIsf(t, err, target, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Errorf asserts that a function returned an error (i.e. not `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if assert.Errorf(t, err, "error message %s", "formatted") {
-//		   assert.Equal(t, expectedErrorf, err)
-//	  }
-func Errorf(t TestingT, err error, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Errorf(t, err, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Eventually asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick.
-//
-//	assert.Eventually(t, func() bool { return true; }, time.Second, 10*time.Millisecond)
-func Eventually(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Eventually(t, condition, waitFor, tick, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// EventuallyWithT asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick. In contrast to Eventually,
-// it supplies a CollectT to the condition function, so that the condition
-// function can use the CollectT to call other assertions.
-// The condition is considered "met" if no errors are raised in a tick.
-// The supplied CollectT collects all errors from one tick (if there are any).
-// If the condition is not met before waitFor, the collected errors of
-// the last tick are copied to t.
-//
-//	externalValue := false
-//	go func() {
-//		time.Sleep(8*time.Second)
-//		externalValue = true
-//	}()
-//	assert.EventuallyWithT(t, func(c *assert.CollectT) {
-//		// add assertions as needed; any assertion failure will fail the current tick
-//		assert.True(c, externalValue, "expected 'externalValue' to be true")
-//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
-func EventuallyWithT(t TestingT, condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.EventuallyWithT(t, condition, waitFor, tick, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// EventuallyWithTf asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick. In contrast to Eventually,
-// it supplies a CollectT to the condition function, so that the condition
-// function can use the CollectT to call other assertions.
-// The condition is considered "met" if no errors are raised in a tick.
-// The supplied CollectT collects all errors from one tick (if there are any).
-// If the condition is not met before waitFor, the collected errors of
-// the last tick are copied to t.
-//
-//	externalValue := false
-//	go func() {
-//		time.Sleep(8*time.Second)
-//		externalValue = true
-//	}()
-//	assert.EventuallyWithTf(t, func(c *assert.CollectT, "error message %s", "formatted") {
-//		// add assertions as needed; any assertion failure will fail the current tick
-//		assert.True(c, externalValue, "expected 'externalValue' to be true")
-//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
-func EventuallyWithTf(t TestingT, condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.EventuallyWithTf(t, condition, waitFor, tick, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Eventuallyf asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick.
-//
-//	assert.Eventuallyf(t, func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
-func Eventuallyf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Eventuallyf(t, condition, waitFor, tick, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Exactly asserts that two objects are equal in value and type.
-//
-//	assert.Exactly(t, int32(123), int64(123))
-func Exactly(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Exactly(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Exactlyf asserts that two objects are equal in value and type.
-//
-//	assert.Exactlyf(t, int32(123), int64(123), "error message %s", "formatted")
-func Exactlyf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Exactlyf(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Fail reports a failure through
-func Fail(t TestingT, failureMessage string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Fail(t, failureMessage, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// FailNow fails test
-func FailNow(t TestingT, failureMessage string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.FailNow(t, failureMessage, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// FailNowf fails test
-func FailNowf(t TestingT, failureMessage string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.FailNowf(t, failureMessage, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Failf reports a failure through
-func Failf(t TestingT, failureMessage string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Failf(t, failureMessage, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// False asserts that the specified value is false.
-//
-//	assert.False(t, myBool)
-func False(t TestingT, value bool, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.False(t, value, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Falsef asserts that the specified value is false.
-//
-//	assert.Falsef(t, myBool, "error message %s", "formatted")
-func Falsef(t TestingT, value bool, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Falsef(t, value, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// FileExists checks whether a file exists in the given path. It also fails if
-// the path points to a directory or there is an error when trying to check the file.
-func FileExists(t TestingT, path string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.FileExists(t, path, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// FileExistsf checks whether a file exists in the given path. It also fails if
-// the path points to a directory or there is an error when trying to check the file.
-func FileExistsf(t TestingT, path string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.FileExistsf(t, path, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Greater asserts that the first element is greater than the second
-//
-//	assert.Greater(t, 2, 1)
-//	assert.Greater(t, float64(2), float64(1))
-//	assert.Greater(t, "b", "a")
-func Greater(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Greater(t, e1, e2, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// GreaterOrEqual asserts that the first element is greater than or equal to the second
-//
-//	assert.GreaterOrEqual(t, 2, 1)
-//	assert.GreaterOrEqual(t, 2, 2)
-//	assert.GreaterOrEqual(t, "b", "a")
-//	assert.GreaterOrEqual(t, "b", "b")
-func GreaterOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.GreaterOrEqual(t, e1, e2, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// GreaterOrEqualf asserts that the first element is greater than or equal to the second
-//
-//	assert.GreaterOrEqualf(t, 2, 1, "error message %s", "formatted")
-//	assert.GreaterOrEqualf(t, 2, 2, "error message %s", "formatted")
-//	assert.GreaterOrEqualf(t, "b", "a", "error message %s", "formatted")
-//	assert.GreaterOrEqualf(t, "b", "b", "error message %s", "formatted")
-func GreaterOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.GreaterOrEqualf(t, e1, e2, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Greaterf asserts that the first element is greater than the second
-//
-//	assert.Greaterf(t, 2, 1, "error message %s", "formatted")
-//	assert.Greaterf(t, float64(2), float64(1), "error message %s", "formatted")
-//	assert.Greaterf(t, "b", "a", "error message %s", "formatted")
-func Greaterf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Greaterf(t, e1, e2, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPBodyContains asserts that a specified handler returns a
-// body that contains a string.
-//
-//	assert.HTTPBodyContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPBodyContains(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPBodyContains(t, handler, method, url, values, str, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPBodyContainsf asserts that a specified handler returns a
-// body that contains a string.
-//
-//	assert.HTTPBodyContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPBodyContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPBodyContainsf(t, handler, method, url, values, str, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPBodyNotContains asserts that a specified handler returns a
-// body that does not contain a string.
-//
-//	assert.HTTPBodyNotContains(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPBodyNotContains(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPBodyNotContains(t, handler, method, url, values, str, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPBodyNotContainsf asserts that a specified handler returns a
-// body that does not contain a string.
-//
-//	assert.HTTPBodyNotContainsf(t, myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPBodyNotContainsf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPBodyNotContainsf(t, handler, method, url, values, str, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPError asserts that a specified handler returns an error status code.
-//
-//	assert.HTTPError(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPError(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPError(t, handler, method, url, values, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPErrorf asserts that a specified handler returns an error status code.
-//
-//	assert.HTTPErrorf(t, myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPErrorf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPErrorf(t, handler, method, url, values, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPRedirect asserts that a specified handler returns a redirect status code.
-//
-//	assert.HTTPRedirect(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPRedirect(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPRedirect(t, handler, method, url, values, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPRedirectf asserts that a specified handler returns a redirect status code.
-//
-//	assert.HTTPRedirectf(t, myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPRedirectf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPRedirectf(t, handler, method, url, values, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPStatusCode asserts that a specified handler returns a specified status code.
-//
-//	assert.HTTPStatusCode(t, myHandler, "GET", "/notImplemented", nil, 501)
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPStatusCode(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPStatusCode(t, handler, method, url, values, statuscode, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPStatusCodef asserts that a specified handler returns a specified status code.
-//
-//	assert.HTTPStatusCodef(t, myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPStatusCodef(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPStatusCodef(t, handler, method, url, values, statuscode, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPSuccess asserts that a specified handler returns a success status code.
-//
-//	assert.HTTPSuccess(t, myHandler, "POST", "http://www.google.com", nil)
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPSuccess(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPSuccess(t, handler, method, url, values, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// HTTPSuccessf asserts that a specified handler returns a success status code.
-//
-//	assert.HTTPSuccessf(t, myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func HTTPSuccessf(t TestingT, handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.HTTPSuccessf(t, handler, method, url, values, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Implements asserts that an object is implemented by the specified interface.
-//
-//	assert.Implements(t, (*MyInterface)(nil), new(MyObject))
-func Implements(t TestingT, interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Implements(t, interfaceObject, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Implementsf asserts that an object is implemented by the specified interface.
-//
-//	assert.Implementsf(t, (*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
-func Implementsf(t TestingT, interfaceObject interface{}, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Implementsf(t, interfaceObject, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InDelta asserts that the two numerals are within delta of each other.
-//
-//	assert.InDelta(t, math.Pi, 22/7.0, 0.01)
-func InDelta(t TestingT, expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InDelta(t, expected, actual, delta, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
-func InDeltaMapValues(t TestingT, expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InDeltaMapValues(t, expected, actual, delta, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
-func InDeltaMapValuesf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InDeltaMapValuesf(t, expected, actual, delta, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InDeltaSlice is the same as InDelta, except it compares two slices.
-func InDeltaSlice(t TestingT, expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InDeltaSlice(t, expected, actual, delta, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InDeltaSlicef is the same as InDelta, except it compares two slices.
-func InDeltaSlicef(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InDeltaSlicef(t, expected, actual, delta, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InDeltaf asserts that the two numerals are within delta of each other.
-//
-//	assert.InDeltaf(t, math.Pi, 22/7.0, 0.01, "error message %s", "formatted")
-func InDeltaf(t TestingT, expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InDeltaf(t, expected, actual, delta, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InEpsilon asserts that expected and actual have a relative error less than epsilon
-func InEpsilon(t TestingT, expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InEpsilon(t, expected, actual, epsilon, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices.
-func InEpsilonSlice(t TestingT, expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InEpsilonSlice(t, expected, actual, epsilon, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices.
-func InEpsilonSlicef(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InEpsilonSlicef(t, expected, actual, epsilon, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// InEpsilonf asserts that expected and actual have a relative error less than epsilon
-func InEpsilonf(t TestingT, expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.InEpsilonf(t, expected, actual, epsilon, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsDecreasing asserts that the collection is decreasing
-//
-//	assert.IsDecreasing(t, []int{2, 1, 0})
-//	assert.IsDecreasing(t, []float{2, 1})
-//	assert.IsDecreasing(t, []string{"b", "a"})
-func IsDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsDecreasing(t, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsDecreasingf asserts that the collection is decreasing
-//
-//	assert.IsDecreasingf(t, []int{2, 1, 0}, "error message %s", "formatted")
-//	assert.IsDecreasingf(t, []float{2, 1}, "error message %s", "formatted")
-//	assert.IsDecreasingf(t, []string{"b", "a"}, "error message %s", "formatted")
-func IsDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsDecreasingf(t, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsIncreasing asserts that the collection is increasing
-//
-//	assert.IsIncreasing(t, []int{1, 2, 3})
-//	assert.IsIncreasing(t, []float{1, 2})
-//	assert.IsIncreasing(t, []string{"a", "b"})
-func IsIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsIncreasing(t, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsIncreasingf asserts that the collection is increasing
-//
-//	assert.IsIncreasingf(t, []int{1, 2, 3}, "error message %s", "formatted")
-//	assert.IsIncreasingf(t, []float{1, 2}, "error message %s", "formatted")
-//	assert.IsIncreasingf(t, []string{"a", "b"}, "error message %s", "formatted")
-func IsIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsIncreasingf(t, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsNonDecreasing asserts that the collection is not decreasing
-//
-//	assert.IsNonDecreasing(t, []int{1, 1, 2})
-//	assert.IsNonDecreasing(t, []float{1, 2})
-//	assert.IsNonDecreasing(t, []string{"a", "b"})
-func IsNonDecreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsNonDecreasing(t, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsNonDecreasingf asserts that the collection is not decreasing
-//
-//	assert.IsNonDecreasingf(t, []int{1, 1, 2}, "error message %s", "formatted")
-//	assert.IsNonDecreasingf(t, []float{1, 2}, "error message %s", "formatted")
-//	assert.IsNonDecreasingf(t, []string{"a", "b"}, "error message %s", "formatted")
-func IsNonDecreasingf(t TestingT, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsNonDecreasingf(t, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsNonIncreasing asserts that the collection is not increasing
-//
-//	assert.IsNonIncreasing(t, []int{2, 1, 1})
-//	assert.IsNonIncreasing(t, []float{2, 1})
-//	assert.IsNonIncreasing(t, []string{"b", "a"})
-func IsNonIncreasing(t TestingT, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsNonIncreasing(t, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsNonIncreasingf asserts that the collection is not increasing
-//
-//	assert.IsNonIncreasingf(t, []int{2, 1, 1}, "error message %s", "formatted")
-//	assert.IsNonIncreasingf(t, []float{2, 1}, "error message %s", "formatted")
-//	assert.IsNonIncreasingf(t, []string{"b", "a"}, "error message %s", "formatted")
-func IsNonIncreasingf(t TestingT, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsNonIncreasingf(t, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsType asserts that the specified objects are of the same type.
-func IsType(t TestingT, expectedType interface{}, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsType(t, expectedType, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// IsTypef asserts that the specified objects are of the same type.
-func IsTypef(t TestingT, expectedType interface{}, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.IsTypef(t, expectedType, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// JSONEq asserts that two JSON strings are equivalent.
-//
-//	assert.JSONEq(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`)
-func JSONEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.JSONEq(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// JSONEqf asserts that two JSON strings are equivalent.
-//
-//	assert.JSONEqf(t, `{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted")
-func JSONEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.JSONEqf(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Len asserts that the specified object has specific length.
-// Len also fails if the object has a type that len() not accept.
-//
-//	assert.Len(t, mySlice, 3)
-func Len(t TestingT, object interface{}, length int, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Len(t, object, length, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Lenf asserts that the specified object has specific length.
-// Lenf also fails if the object has a type that len() not accept.
-//
-//	assert.Lenf(t, mySlice, 3, "error message %s", "formatted")
-func Lenf(t TestingT, object interface{}, length int, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Lenf(t, object, length, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Less asserts that the first element is less than the second
-//
-//	assert.Less(t, 1, 2)
-//	assert.Less(t, float64(1), float64(2))
-//	assert.Less(t, "a", "b")
-func Less(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Less(t, e1, e2, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// LessOrEqual asserts that the first element is less than or equal to the second
-//
-//	assert.LessOrEqual(t, 1, 2)
-//	assert.LessOrEqual(t, 2, 2)
-//	assert.LessOrEqual(t, "a", "b")
-//	assert.LessOrEqual(t, "b", "b")
-func LessOrEqual(t TestingT, e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.LessOrEqual(t, e1, e2, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// LessOrEqualf asserts that the first element is less than or equal to the second
-//
-//	assert.LessOrEqualf(t, 1, 2, "error message %s", "formatted")
-//	assert.LessOrEqualf(t, 2, 2, "error message %s", "formatted")
-//	assert.LessOrEqualf(t, "a", "b", "error message %s", "formatted")
-//	assert.LessOrEqualf(t, "b", "b", "error message %s", "formatted")
-func LessOrEqualf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.LessOrEqualf(t, e1, e2, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Lessf asserts that the first element is less than the second
-//
-//	assert.Lessf(t, 1, 2, "error message %s", "formatted")
-//	assert.Lessf(t, float64(1), float64(2), "error message %s", "formatted")
-//	assert.Lessf(t, "a", "b", "error message %s", "formatted")
-func Lessf(t TestingT, e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Lessf(t, e1, e2, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Negative asserts that the specified element is negative
-//
-//	assert.Negative(t, -1)
-//	assert.Negative(t, -1.23)
-func Negative(t TestingT, e interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Negative(t, e, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Negativef asserts that the specified element is negative
-//
-//	assert.Negativef(t, -1, "error message %s", "formatted")
-//	assert.Negativef(t, -1.23, "error message %s", "formatted")
-func Negativef(t TestingT, e interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Negativef(t, e, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Never asserts that the given condition doesn't satisfy in waitFor time,
-// periodically checking the target function each tick.
-//
-//	assert.Never(t, func() bool { return false; }, time.Second, 10*time.Millisecond)
-func Never(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Never(t, condition, waitFor, tick, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Neverf asserts that the given condition doesn't satisfy in waitFor time,
-// periodically checking the target function each tick.
-//
-//	assert.Neverf(t, func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
-func Neverf(t TestingT, condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Neverf(t, condition, waitFor, tick, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Nil asserts that the specified object is nil.
-//
-//	assert.Nil(t, err)
-func Nil(t TestingT, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Nil(t, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Nilf asserts that the specified object is nil.
-//
-//	assert.Nilf(t, err, "error message %s", "formatted")
-func Nilf(t TestingT, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Nilf(t, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NoDirExists checks whether a directory does not exist in the given path.
-// It fails if the path points to an existing _directory_ only.
-func NoDirExists(t TestingT, path string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NoDirExists(t, path, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NoDirExistsf checks whether a directory does not exist in the given path.
-// It fails if the path points to an existing _directory_ only.
-func NoDirExistsf(t TestingT, path string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NoDirExistsf(t, path, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NoError asserts that a function returned no error (i.e. `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if assert.NoError(t, err) {
-//		   assert.Equal(t, expectedObj, actualObj)
-//	  }
-func NoError(t TestingT, err error, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NoError(t, err, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NoErrorf asserts that a function returned no error (i.e. `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if assert.NoErrorf(t, err, "error message %s", "formatted") {
-//		   assert.Equal(t, expectedObj, actualObj)
-//	  }
-func NoErrorf(t TestingT, err error, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NoErrorf(t, err, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NoFileExists checks whether a file does not exist in a given path. It fails
-// if the path points to an existing _file_ only.
-func NoFileExists(t TestingT, path string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NoFileExists(t, path, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NoFileExistsf checks whether a file does not exist in a given path. It fails
-// if the path points to an existing _file_ only.
-func NoFileExistsf(t TestingT, path string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NoFileExistsf(t, path, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the
-// specified substring or element.
-//
-//	assert.NotContains(t, "Hello World", "Earth")
-//	assert.NotContains(t, ["Hello", "World"], "Earth")
-//	assert.NotContains(t, {"Hello": "World"}, "Earth")
-func NotContains(t TestingT, s interface{}, contains interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotContains(t, s, contains, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the
-// specified substring or element.
-//
-//	assert.NotContainsf(t, "Hello World", "Earth", "error message %s", "formatted")
-//	assert.NotContainsf(t, ["Hello", "World"], "Earth", "error message %s", "formatted")
-//	assert.NotContainsf(t, {"Hello": "World"}, "Earth", "error message %s", "formatted")
-func NotContainsf(t TestingT, s interface{}, contains interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotContainsf(t, s, contains, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotEmpty asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	if assert.NotEmpty(t, obj) {
-//	  assert.Equal(t, "two", obj[1])
-//	}
-func NotEmpty(t TestingT, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotEmpty(t, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotEmptyf asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	if assert.NotEmptyf(t, obj, "error message %s", "formatted") {
-//	  assert.Equal(t, "two", obj[1])
-//	}
-func NotEmptyf(t TestingT, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotEmptyf(t, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotEqual asserts that the specified values are NOT equal.
-//
-//	assert.NotEqual(t, obj1, obj2)
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses).
-func NotEqual(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotEqual(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotEqualValues asserts that two objects are not equal even when converted to the same type
-//
-//	assert.NotEqualValues(t, obj1, obj2)
-func NotEqualValues(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotEqualValues(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotEqualValuesf asserts that two objects are not equal even when converted to the same type
-//
-//	assert.NotEqualValuesf(t, obj1, obj2, "error message %s", "formatted")
-func NotEqualValuesf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotEqualValuesf(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotEqualf asserts that the specified values are NOT equal.
-//
-//	assert.NotEqualf(t, obj1, obj2, "error message %s", "formatted")
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses).
-func NotEqualf(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotEqualf(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotErrorIs asserts that at none of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func NotErrorIs(t TestingT, err error, target error, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotErrorIs(t, err, target, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotErrorIsf asserts that at none of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func NotErrorIsf(t TestingT, err error, target error, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotErrorIsf(t, err, target, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotNil asserts that the specified object is not nil.
-//
-//	assert.NotNil(t, err)
-func NotNil(t TestingT, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotNil(t, object, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotNilf asserts that the specified object is not nil.
-//
-//	assert.NotNilf(t, err, "error message %s", "formatted")
-func NotNilf(t TestingT, object interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotNilf(t, object, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic.
-//
-//	assert.NotPanics(t, func(){ RemainCalm() })
-func NotPanics(t TestingT, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotPanics(t, f, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic.
-//
-//	assert.NotPanicsf(t, func(){ RemainCalm() }, "error message %s", "formatted")
-func NotPanicsf(t TestingT, f assert.PanicTestFunc, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotPanicsf(t, f, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotRegexp asserts that a specified regexp does not match a string.
-//
-//	assert.NotRegexp(t, regexp.MustCompile("starts"), "it's starting")
-//	assert.NotRegexp(t, "^start", "it's not starting")
-func NotRegexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotRegexp(t, rx, str, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotRegexpf asserts that a specified regexp does not match a string.
-//
-//	assert.NotRegexpf(t, regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted")
-//	assert.NotRegexpf(t, "^start", "it's not starting", "error message %s", "formatted")
-func NotRegexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotRegexpf(t, rx, str, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotSame asserts that two pointers do not reference the same object.
-//
-//	assert.NotSame(t, ptr1, ptr2)
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func NotSame(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotSame(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotSamef asserts that two pointers do not reference the same object.
-//
-//	assert.NotSamef(t, ptr1, ptr2, "error message %s", "formatted")
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func NotSamef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotSamef(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotSubset asserts that the specified list(array, slice...) contains not all
-// elements given in the specified subset(array, slice...).
-//
-//	assert.NotSubset(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]")
-func NotSubset(t TestingT, list interface{}, subset interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotSubset(t, list, subset, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotSubsetf asserts that the specified list(array, slice...) contains not all
-// elements given in the specified subset(array, slice...).
-//
-//	assert.NotSubsetf(t, [1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted")
-func NotSubsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotSubsetf(t, list, subset, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotZero asserts that i is not the zero value for its type.
-func NotZero(t TestingT, i interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotZero(t, i, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// NotZerof asserts that i is not the zero value for its type.
-func NotZerof(t TestingT, i interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.NotZerof(t, i, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Panics asserts that the code inside the specified PanicTestFunc panics.
-//
-//	assert.Panics(t, func(){ GoCrazy() })
-func Panics(t TestingT, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Panics(t, f, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// PanicsWithError asserts that the code inside the specified PanicTestFunc
-// panics, and that the recovered panic value is an error that satisfies the
-// EqualError comparison.
-//
-//	assert.PanicsWithError(t, "crazy error", func(){ GoCrazy() })
-func PanicsWithError(t TestingT, errString string, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.PanicsWithError(t, errString, f, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc
-// panics, and that the recovered panic value is an error that satisfies the
-// EqualError comparison.
-//
-//	assert.PanicsWithErrorf(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
-func PanicsWithErrorf(t TestingT, errString string, f assert.PanicTestFunc, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.PanicsWithErrorf(t, errString, f, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that
-// the recovered panic value equals the expected panic value.
-//
-//	assert.PanicsWithValue(t, "crazy error", func(){ GoCrazy() })
-func PanicsWithValue(t TestingT, expected interface{}, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.PanicsWithValue(t, expected, f, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that
-// the recovered panic value equals the expected panic value.
-//
-//	assert.PanicsWithValuef(t, "crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
-func PanicsWithValuef(t TestingT, expected interface{}, f assert.PanicTestFunc, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.PanicsWithValuef(t, expected, f, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Panicsf asserts that the code inside the specified PanicTestFunc panics.
-//
-//	assert.Panicsf(t, func(){ GoCrazy() }, "error message %s", "formatted")
-func Panicsf(t TestingT, f assert.PanicTestFunc, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Panicsf(t, f, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Positive asserts that the specified element is positive
-//
-//	assert.Positive(t, 1)
-//	assert.Positive(t, 1.23)
-func Positive(t TestingT, e interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Positive(t, e, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Positivef asserts that the specified element is positive
-//
-//	assert.Positivef(t, 1, "error message %s", "formatted")
-//	assert.Positivef(t, 1.23, "error message %s", "formatted")
-func Positivef(t TestingT, e interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Positivef(t, e, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Regexp asserts that a specified regexp matches a string.
-//
-//	assert.Regexp(t, regexp.MustCompile("start"), "it's starting")
-//	assert.Regexp(t, "start...$", "it's not starting")
-func Regexp(t TestingT, rx interface{}, str interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Regexp(t, rx, str, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Regexpf asserts that a specified regexp matches a string.
-//
-//	assert.Regexpf(t, regexp.MustCompile("start"), "it's starting", "error message %s", "formatted")
-//	assert.Regexpf(t, "start...$", "it's not starting", "error message %s", "formatted")
-func Regexpf(t TestingT, rx interface{}, str interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Regexpf(t, rx, str, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Same asserts that two pointers reference the same object.
-//
-//	assert.Same(t, ptr1, ptr2)
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func Same(t TestingT, expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Same(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Samef asserts that two pointers reference the same object.
-//
-//	assert.Samef(t, ptr1, ptr2, "error message %s", "formatted")
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func Samef(t TestingT, expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Samef(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Subset asserts that the specified list(array, slice...) contains all
-// elements given in the specified subset(array, slice...).
-//
-//	assert.Subset(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]")
-func Subset(t TestingT, list interface{}, subset interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Subset(t, list, subset, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Subsetf asserts that the specified list(array, slice...) contains all
-// elements given in the specified subset(array, slice...).
-//
-//	assert.Subsetf(t, [1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted")
-func Subsetf(t TestingT, list interface{}, subset interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Subsetf(t, list, subset, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// True asserts that the specified value is true.
-//
-//	assert.True(t, myBool)
-func True(t TestingT, value bool, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.True(t, value, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Truef asserts that the specified value is true.
-//
-//	assert.Truef(t, myBool, "error message %s", "formatted")
-func Truef(t TestingT, value bool, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Truef(t, value, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// WithinDuration asserts that the two times are within duration delta of each other.
-//
-//	assert.WithinDuration(t, time.Now(), time.Now(), 10*time.Second)
-func WithinDuration(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.WithinDuration(t, expected, actual, delta, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// WithinDurationf asserts that the two times are within duration delta of each other.
-//
-//	assert.WithinDurationf(t, time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted")
-func WithinDurationf(t TestingT, expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.WithinDurationf(t, expected, actual, delta, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// WithinRange asserts that a time is within a time range (inclusive).
-//
-//	assert.WithinRange(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second))
-func WithinRange(t TestingT, actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.WithinRange(t, actual, start, end, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// WithinRangef asserts that a time is within a time range (inclusive).
-//
-//	assert.WithinRangef(t, time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted")
-func WithinRangef(t TestingT, actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.WithinRangef(t, actual, start, end, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// YAMLEq asserts that two YAML strings are equivalent.
-func YAMLEq(t TestingT, expected string, actual string, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.YAMLEq(t, expected, actual, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// YAMLEqf asserts that two YAML strings are equivalent.
-func YAMLEqf(t TestingT, expected string, actual string, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.YAMLEqf(t, expected, actual, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Zero asserts that i is the zero value for its type.
-func Zero(t TestingT, i interface{}, msgAndArgs ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Zero(t, i, msgAndArgs...) {
-		return
-	}
-	t.FailNow()
-}
-
-// Zerof asserts that i is the zero value for its type.
-func Zerof(t TestingT, i interface{}, msg string, args ...interface{}) {
-	if h, ok := t.(tHelper); ok {
-		h.Helper()
-	}
-	if assert.Zerof(t, i, msg, args...) {
-		return
-	}
-	t.FailNow()
-}
diff --git a/vendor/github.com/stretchr/testify/require/require.go.tmpl b/vendor/github.com/stretchr/testify/require/require.go.tmpl
deleted file mode 100644
index 55e42ddeb..000000000
--- a/vendor/github.com/stretchr/testify/require/require.go.tmpl
+++ /dev/null
@@ -1,6 +0,0 @@
-{{.Comment}}
-func {{.DocInfo.Name}}(t TestingT, {{.Params}}) {
-	if h, ok := t.(tHelper); ok { h.Helper() }
-	if assert.{{.DocInfo.Name}}(t, {{.ForwardedParams}}) { return }
-	t.FailNow()
-}
diff --git a/vendor/github.com/stretchr/testify/require/require_forward.go b/vendor/github.com/stretchr/testify/require/require_forward.go
deleted file mode 100644
index 3b5b09330..000000000
--- a/vendor/github.com/stretchr/testify/require/require_forward.go
+++ /dev/null
@@ -1,1599 +0,0 @@
-/*
-* CODE GENERATED AUTOMATICALLY WITH github.com/stretchr/testify/_codegen
-* THIS FILE MUST NOT BE EDITED BY HAND
- */
-
-package require
-
-import (
-	assert "github.com/stretchr/testify/assert"
-	http "net/http"
-	url "net/url"
-	time "time"
-)
-
-// Condition uses a Comparison to assert a complex condition.
-func (a *Assertions) Condition(comp assert.Comparison, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Condition(a.t, comp, msgAndArgs...)
-}
-
-// Conditionf uses a Comparison to assert a complex condition.
-func (a *Assertions) Conditionf(comp assert.Comparison, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Conditionf(a.t, comp, msg, args...)
-}
-
-// Contains asserts that the specified string, list(array, slice...) or map contains the
-// specified substring or element.
-//
-//	a.Contains("Hello World", "World")
-//	a.Contains(["Hello", "World"], "World")
-//	a.Contains({"Hello": "World"}, "Hello")
-func (a *Assertions) Contains(s interface{}, contains interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Contains(a.t, s, contains, msgAndArgs...)
-}
-
-// Containsf asserts that the specified string, list(array, slice...) or map contains the
-// specified substring or element.
-//
-//	a.Containsf("Hello World", "World", "error message %s", "formatted")
-//	a.Containsf(["Hello", "World"], "World", "error message %s", "formatted")
-//	a.Containsf({"Hello": "World"}, "Hello", "error message %s", "formatted")
-func (a *Assertions) Containsf(s interface{}, contains interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Containsf(a.t, s, contains, msg, args...)
-}
-
-// DirExists checks whether a directory exists in the given path. It also fails
-// if the path is a file rather a directory or there is an error checking whether it exists.
-func (a *Assertions) DirExists(path string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	DirExists(a.t, path, msgAndArgs...)
-}
-
-// DirExistsf checks whether a directory exists in the given path. It also fails
-// if the path is a file rather a directory or there is an error checking whether it exists.
-func (a *Assertions) DirExistsf(path string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	DirExistsf(a.t, path, msg, args...)
-}
-
-// ElementsMatch asserts that the specified listA(array, slice...) is equal to specified
-// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
-// the number of appearances of each of them in both lists should match.
-//
-// a.ElementsMatch([1, 3, 2, 3], [1, 3, 3, 2])
-func (a *Assertions) ElementsMatch(listA interface{}, listB interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	ElementsMatch(a.t, listA, listB, msgAndArgs...)
-}
-
-// ElementsMatchf asserts that the specified listA(array, slice...) is equal to specified
-// listB(array, slice...) ignoring the order of the elements. If there are duplicate elements,
-// the number of appearances of each of them in both lists should match.
-//
-// a.ElementsMatchf([1, 3, 2, 3], [1, 3, 3, 2], "error message %s", "formatted")
-func (a *Assertions) ElementsMatchf(listA interface{}, listB interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	ElementsMatchf(a.t, listA, listB, msg, args...)
-}
-
-// Empty asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	a.Empty(obj)
-func (a *Assertions) Empty(object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Empty(a.t, object, msgAndArgs...)
-}
-
-// Emptyf asserts that the specified object is empty.  I.e. nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	a.Emptyf(obj, "error message %s", "formatted")
-func (a *Assertions) Emptyf(object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Emptyf(a.t, object, msg, args...)
-}
-
-// Equal asserts that two objects are equal.
-//
-//	a.Equal(123, 123)
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses). Function equality
-// cannot be determined and will always fail.
-func (a *Assertions) Equal(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Equal(a.t, expected, actual, msgAndArgs...)
-}
-
-// EqualError asserts that a function returned an error (i.e. not `nil`)
-// and that it is equal to the provided error.
-//
-//	actualObj, err := SomeFunction()
-//	a.EqualError(err,  expectedErrorString)
-func (a *Assertions) EqualError(theError error, errString string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	EqualError(a.t, theError, errString, msgAndArgs...)
-}
-
-// EqualErrorf asserts that a function returned an error (i.e. not `nil`)
-// and that it is equal to the provided error.
-//
-//	actualObj, err := SomeFunction()
-//	a.EqualErrorf(err,  expectedErrorString, "error message %s", "formatted")
-func (a *Assertions) EqualErrorf(theError error, errString string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	EqualErrorf(a.t, theError, errString, msg, args...)
-}
-
-// EqualExportedValues asserts that the types of two objects are equal and their public
-// fields are also equal. This is useful for comparing structs that have private fields
-// that could potentially differ.
-//
-//	 type S struct {
-//		Exported     	int
-//		notExported   	int
-//	 }
-//	 a.EqualExportedValues(S{1, 2}, S{1, 3}) => true
-//	 a.EqualExportedValues(S{1, 2}, S{2, 3}) => false
-func (a *Assertions) EqualExportedValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	EqualExportedValues(a.t, expected, actual, msgAndArgs...)
-}
-
-// EqualExportedValuesf asserts that the types of two objects are equal and their public
-// fields are also equal. This is useful for comparing structs that have private fields
-// that could potentially differ.
-//
-//	 type S struct {
-//		Exported     	int
-//		notExported   	int
-//	 }
-//	 a.EqualExportedValuesf(S{1, 2}, S{1, 3}, "error message %s", "formatted") => true
-//	 a.EqualExportedValuesf(S{1, 2}, S{2, 3}, "error message %s", "formatted") => false
-func (a *Assertions) EqualExportedValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	EqualExportedValuesf(a.t, expected, actual, msg, args...)
-}
-
-// EqualValues asserts that two objects are equal or convertable to the same types
-// and equal.
-//
-//	a.EqualValues(uint32(123), int32(123))
-func (a *Assertions) EqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	EqualValues(a.t, expected, actual, msgAndArgs...)
-}
-
-// EqualValuesf asserts that two objects are equal or convertable to the same types
-// and equal.
-//
-//	a.EqualValuesf(uint32(123), int32(123), "error message %s", "formatted")
-func (a *Assertions) EqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	EqualValuesf(a.t, expected, actual, msg, args...)
-}
-
-// Equalf asserts that two objects are equal.
-//
-//	a.Equalf(123, 123, "error message %s", "formatted")
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses). Function equality
-// cannot be determined and will always fail.
-func (a *Assertions) Equalf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Equalf(a.t, expected, actual, msg, args...)
-}
-
-// Error asserts that a function returned an error (i.e. not `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if a.Error(err) {
-//		   assert.Equal(t, expectedError, err)
-//	  }
-func (a *Assertions) Error(err error, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Error(a.t, err, msgAndArgs...)
-}
-
-// ErrorAs asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
-// This is a wrapper for errors.As.
-func (a *Assertions) ErrorAs(err error, target interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	ErrorAs(a.t, err, target, msgAndArgs...)
-}
-
-// ErrorAsf asserts that at least one of the errors in err's chain matches target, and if so, sets target to that error value.
-// This is a wrapper for errors.As.
-func (a *Assertions) ErrorAsf(err error, target interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	ErrorAsf(a.t, err, target, msg, args...)
-}
-
-// ErrorContains asserts that a function returned an error (i.e. not `nil`)
-// and that the error contains the specified substring.
-//
-//	actualObj, err := SomeFunction()
-//	a.ErrorContains(err,  expectedErrorSubString)
-func (a *Assertions) ErrorContains(theError error, contains string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	ErrorContains(a.t, theError, contains, msgAndArgs...)
-}
-
-// ErrorContainsf asserts that a function returned an error (i.e. not `nil`)
-// and that the error contains the specified substring.
-//
-//	actualObj, err := SomeFunction()
-//	a.ErrorContainsf(err,  expectedErrorSubString, "error message %s", "formatted")
-func (a *Assertions) ErrorContainsf(theError error, contains string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	ErrorContainsf(a.t, theError, contains, msg, args...)
-}
-
-// ErrorIs asserts that at least one of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func (a *Assertions) ErrorIs(err error, target error, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	ErrorIs(a.t, err, target, msgAndArgs...)
-}
-
-// ErrorIsf asserts that at least one of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func (a *Assertions) ErrorIsf(err error, target error, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	ErrorIsf(a.t, err, target, msg, args...)
-}
-
-// Errorf asserts that a function returned an error (i.e. not `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if a.Errorf(err, "error message %s", "formatted") {
-//		   assert.Equal(t, expectedErrorf, err)
-//	  }
-func (a *Assertions) Errorf(err error, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Errorf(a.t, err, msg, args...)
-}
-
-// Eventually asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick.
-//
-//	a.Eventually(func() bool { return true; }, time.Second, 10*time.Millisecond)
-func (a *Assertions) Eventually(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Eventually(a.t, condition, waitFor, tick, msgAndArgs...)
-}
-
-// EventuallyWithT asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick. In contrast to Eventually,
-// it supplies a CollectT to the condition function, so that the condition
-// function can use the CollectT to call other assertions.
-// The condition is considered "met" if no errors are raised in a tick.
-// The supplied CollectT collects all errors from one tick (if there are any).
-// If the condition is not met before waitFor, the collected errors of
-// the last tick are copied to t.
-//
-//	externalValue := false
-//	go func() {
-//		time.Sleep(8*time.Second)
-//		externalValue = true
-//	}()
-//	a.EventuallyWithT(func(c *assert.CollectT) {
-//		// add assertions as needed; any assertion failure will fail the current tick
-//		assert.True(c, externalValue, "expected 'externalValue' to be true")
-//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
-func (a *Assertions) EventuallyWithT(condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	EventuallyWithT(a.t, condition, waitFor, tick, msgAndArgs...)
-}
-
-// EventuallyWithTf asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick. In contrast to Eventually,
-// it supplies a CollectT to the condition function, so that the condition
-// function can use the CollectT to call other assertions.
-// The condition is considered "met" if no errors are raised in a tick.
-// The supplied CollectT collects all errors from one tick (if there are any).
-// If the condition is not met before waitFor, the collected errors of
-// the last tick are copied to t.
-//
-//	externalValue := false
-//	go func() {
-//		time.Sleep(8*time.Second)
-//		externalValue = true
-//	}()
-//	a.EventuallyWithTf(func(c *assert.CollectT, "error message %s", "formatted") {
-//		// add assertions as needed; any assertion failure will fail the current tick
-//		assert.True(c, externalValue, "expected 'externalValue' to be true")
-//	}, 1*time.Second, 10*time.Second, "external state has not changed to 'true'; still false")
-func (a *Assertions) EventuallyWithTf(condition func(collect *assert.CollectT), waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	EventuallyWithTf(a.t, condition, waitFor, tick, msg, args...)
-}
-
-// Eventuallyf asserts that given condition will be met in waitFor time,
-// periodically checking target function each tick.
-//
-//	a.Eventuallyf(func() bool { return true; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
-func (a *Assertions) Eventuallyf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Eventuallyf(a.t, condition, waitFor, tick, msg, args...)
-}
-
-// Exactly asserts that two objects are equal in value and type.
-//
-//	a.Exactly(int32(123), int64(123))
-func (a *Assertions) Exactly(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Exactly(a.t, expected, actual, msgAndArgs...)
-}
-
-// Exactlyf asserts that two objects are equal in value and type.
-//
-//	a.Exactlyf(int32(123), int64(123), "error message %s", "formatted")
-func (a *Assertions) Exactlyf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Exactlyf(a.t, expected, actual, msg, args...)
-}
-
-// Fail reports a failure through
-func (a *Assertions) Fail(failureMessage string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Fail(a.t, failureMessage, msgAndArgs...)
-}
-
-// FailNow fails test
-func (a *Assertions) FailNow(failureMessage string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	FailNow(a.t, failureMessage, msgAndArgs...)
-}
-
-// FailNowf fails test
-func (a *Assertions) FailNowf(failureMessage string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	FailNowf(a.t, failureMessage, msg, args...)
-}
-
-// Failf reports a failure through
-func (a *Assertions) Failf(failureMessage string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Failf(a.t, failureMessage, msg, args...)
-}
-
-// False asserts that the specified value is false.
-//
-//	a.False(myBool)
-func (a *Assertions) False(value bool, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	False(a.t, value, msgAndArgs...)
-}
-
-// Falsef asserts that the specified value is false.
-//
-//	a.Falsef(myBool, "error message %s", "formatted")
-func (a *Assertions) Falsef(value bool, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Falsef(a.t, value, msg, args...)
-}
-
-// FileExists checks whether a file exists in the given path. It also fails if
-// the path points to a directory or there is an error when trying to check the file.
-func (a *Assertions) FileExists(path string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	FileExists(a.t, path, msgAndArgs...)
-}
-
-// FileExistsf checks whether a file exists in the given path. It also fails if
-// the path points to a directory or there is an error when trying to check the file.
-func (a *Assertions) FileExistsf(path string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	FileExistsf(a.t, path, msg, args...)
-}
-
-// Greater asserts that the first element is greater than the second
-//
-//	a.Greater(2, 1)
-//	a.Greater(float64(2), float64(1))
-//	a.Greater("b", "a")
-func (a *Assertions) Greater(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Greater(a.t, e1, e2, msgAndArgs...)
-}
-
-// GreaterOrEqual asserts that the first element is greater than or equal to the second
-//
-//	a.GreaterOrEqual(2, 1)
-//	a.GreaterOrEqual(2, 2)
-//	a.GreaterOrEqual("b", "a")
-//	a.GreaterOrEqual("b", "b")
-func (a *Assertions) GreaterOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	GreaterOrEqual(a.t, e1, e2, msgAndArgs...)
-}
-
-// GreaterOrEqualf asserts that the first element is greater than or equal to the second
-//
-//	a.GreaterOrEqualf(2, 1, "error message %s", "formatted")
-//	a.GreaterOrEqualf(2, 2, "error message %s", "formatted")
-//	a.GreaterOrEqualf("b", "a", "error message %s", "formatted")
-//	a.GreaterOrEqualf("b", "b", "error message %s", "formatted")
-func (a *Assertions) GreaterOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	GreaterOrEqualf(a.t, e1, e2, msg, args...)
-}
-
-// Greaterf asserts that the first element is greater than the second
-//
-//	a.Greaterf(2, 1, "error message %s", "formatted")
-//	a.Greaterf(float64(2), float64(1), "error message %s", "formatted")
-//	a.Greaterf("b", "a", "error message %s", "formatted")
-func (a *Assertions) Greaterf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Greaterf(a.t, e1, e2, msg, args...)
-}
-
-// HTTPBodyContains asserts that a specified handler returns a
-// body that contains a string.
-//
-//	a.HTTPBodyContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPBodyContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPBodyContains(a.t, handler, method, url, values, str, msgAndArgs...)
-}
-
-// HTTPBodyContainsf asserts that a specified handler returns a
-// body that contains a string.
-//
-//	a.HTTPBodyContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPBodyContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPBodyContainsf(a.t, handler, method, url, values, str, msg, args...)
-}
-
-// HTTPBodyNotContains asserts that a specified handler returns a
-// body that does not contain a string.
-//
-//	a.HTTPBodyNotContains(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPBodyNotContains(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPBodyNotContains(a.t, handler, method, url, values, str, msgAndArgs...)
-}
-
-// HTTPBodyNotContainsf asserts that a specified handler returns a
-// body that does not contain a string.
-//
-//	a.HTTPBodyNotContainsf(myHandler, "GET", "www.google.com", nil, "I'm Feeling Lucky", "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPBodyNotContainsf(handler http.HandlerFunc, method string, url string, values url.Values, str interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPBodyNotContainsf(a.t, handler, method, url, values, str, msg, args...)
-}
-
-// HTTPError asserts that a specified handler returns an error status code.
-//
-//	a.HTTPError(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPError(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPError(a.t, handler, method, url, values, msgAndArgs...)
-}
-
-// HTTPErrorf asserts that a specified handler returns an error status code.
-//
-//	a.HTTPErrorf(myHandler, "POST", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPErrorf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPErrorf(a.t, handler, method, url, values, msg, args...)
-}
-
-// HTTPRedirect asserts that a specified handler returns a redirect status code.
-//
-//	a.HTTPRedirect(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPRedirect(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPRedirect(a.t, handler, method, url, values, msgAndArgs...)
-}
-
-// HTTPRedirectf asserts that a specified handler returns a redirect status code.
-//
-//	a.HTTPRedirectf(myHandler, "GET", "/a/b/c", url.Values{"a": []string{"b", "c"}}
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPRedirectf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPRedirectf(a.t, handler, method, url, values, msg, args...)
-}
-
-// HTTPStatusCode asserts that a specified handler returns a specified status code.
-//
-//	a.HTTPStatusCode(myHandler, "GET", "/notImplemented", nil, 501)
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPStatusCode(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPStatusCode(a.t, handler, method, url, values, statuscode, msgAndArgs...)
-}
-
-// HTTPStatusCodef asserts that a specified handler returns a specified status code.
-//
-//	a.HTTPStatusCodef(myHandler, "GET", "/notImplemented", nil, 501, "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPStatusCodef(handler http.HandlerFunc, method string, url string, values url.Values, statuscode int, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPStatusCodef(a.t, handler, method, url, values, statuscode, msg, args...)
-}
-
-// HTTPSuccess asserts that a specified handler returns a success status code.
-//
-//	a.HTTPSuccess(myHandler, "POST", "http://www.google.com", nil)
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPSuccess(handler http.HandlerFunc, method string, url string, values url.Values, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPSuccess(a.t, handler, method, url, values, msgAndArgs...)
-}
-
-// HTTPSuccessf asserts that a specified handler returns a success status code.
-//
-//	a.HTTPSuccessf(myHandler, "POST", "http://www.google.com", nil, "error message %s", "formatted")
-//
-// Returns whether the assertion was successful (true) or not (false).
-func (a *Assertions) HTTPSuccessf(handler http.HandlerFunc, method string, url string, values url.Values, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	HTTPSuccessf(a.t, handler, method, url, values, msg, args...)
-}
-
-// Implements asserts that an object is implemented by the specified interface.
-//
-//	a.Implements((*MyInterface)(nil), new(MyObject))
-func (a *Assertions) Implements(interfaceObject interface{}, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Implements(a.t, interfaceObject, object, msgAndArgs...)
-}
-
-// Implementsf asserts that an object is implemented by the specified interface.
-//
-//	a.Implementsf((*MyInterface)(nil), new(MyObject), "error message %s", "formatted")
-func (a *Assertions) Implementsf(interfaceObject interface{}, object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Implementsf(a.t, interfaceObject, object, msg, args...)
-}
-
-// InDelta asserts that the two numerals are within delta of each other.
-//
-//	a.InDelta(math.Pi, 22/7.0, 0.01)
-func (a *Assertions) InDelta(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InDelta(a.t, expected, actual, delta, msgAndArgs...)
-}
-
-// InDeltaMapValues is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
-func (a *Assertions) InDeltaMapValues(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InDeltaMapValues(a.t, expected, actual, delta, msgAndArgs...)
-}
-
-// InDeltaMapValuesf is the same as InDelta, but it compares all values between two maps. Both maps must have exactly the same keys.
-func (a *Assertions) InDeltaMapValuesf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InDeltaMapValuesf(a.t, expected, actual, delta, msg, args...)
-}
-
-// InDeltaSlice is the same as InDelta, except it compares two slices.
-func (a *Assertions) InDeltaSlice(expected interface{}, actual interface{}, delta float64, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InDeltaSlice(a.t, expected, actual, delta, msgAndArgs...)
-}
-
-// InDeltaSlicef is the same as InDelta, except it compares two slices.
-func (a *Assertions) InDeltaSlicef(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InDeltaSlicef(a.t, expected, actual, delta, msg, args...)
-}
-
-// InDeltaf asserts that the two numerals are within delta of each other.
-//
-//	a.InDeltaf(math.Pi, 22/7.0, 0.01, "error message %s", "formatted")
-func (a *Assertions) InDeltaf(expected interface{}, actual interface{}, delta float64, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InDeltaf(a.t, expected, actual, delta, msg, args...)
-}
-
-// InEpsilon asserts that expected and actual have a relative error less than epsilon
-func (a *Assertions) InEpsilon(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InEpsilon(a.t, expected, actual, epsilon, msgAndArgs...)
-}
-
-// InEpsilonSlice is the same as InEpsilon, except it compares each value from two slices.
-func (a *Assertions) InEpsilonSlice(expected interface{}, actual interface{}, epsilon float64, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InEpsilonSlice(a.t, expected, actual, epsilon, msgAndArgs...)
-}
-
-// InEpsilonSlicef is the same as InEpsilon, except it compares each value from two slices.
-func (a *Assertions) InEpsilonSlicef(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InEpsilonSlicef(a.t, expected, actual, epsilon, msg, args...)
-}
-
-// InEpsilonf asserts that expected and actual have a relative error less than epsilon
-func (a *Assertions) InEpsilonf(expected interface{}, actual interface{}, epsilon float64, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	InEpsilonf(a.t, expected, actual, epsilon, msg, args...)
-}
-
-// IsDecreasing asserts that the collection is decreasing
-//
-//	a.IsDecreasing([]int{2, 1, 0})
-//	a.IsDecreasing([]float{2, 1})
-//	a.IsDecreasing([]string{"b", "a"})
-func (a *Assertions) IsDecreasing(object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsDecreasing(a.t, object, msgAndArgs...)
-}
-
-// IsDecreasingf asserts that the collection is decreasing
-//
-//	a.IsDecreasingf([]int{2, 1, 0}, "error message %s", "formatted")
-//	a.IsDecreasingf([]float{2, 1}, "error message %s", "formatted")
-//	a.IsDecreasingf([]string{"b", "a"}, "error message %s", "formatted")
-func (a *Assertions) IsDecreasingf(object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsDecreasingf(a.t, object, msg, args...)
-}
-
-// IsIncreasing asserts that the collection is increasing
-//
-//	a.IsIncreasing([]int{1, 2, 3})
-//	a.IsIncreasing([]float{1, 2})
-//	a.IsIncreasing([]string{"a", "b"})
-func (a *Assertions) IsIncreasing(object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsIncreasing(a.t, object, msgAndArgs...)
-}
-
-// IsIncreasingf asserts that the collection is increasing
-//
-//	a.IsIncreasingf([]int{1, 2, 3}, "error message %s", "formatted")
-//	a.IsIncreasingf([]float{1, 2}, "error message %s", "formatted")
-//	a.IsIncreasingf([]string{"a", "b"}, "error message %s", "formatted")
-func (a *Assertions) IsIncreasingf(object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsIncreasingf(a.t, object, msg, args...)
-}
-
-// IsNonDecreasing asserts that the collection is not decreasing
-//
-//	a.IsNonDecreasing([]int{1, 1, 2})
-//	a.IsNonDecreasing([]float{1, 2})
-//	a.IsNonDecreasing([]string{"a", "b"})
-func (a *Assertions) IsNonDecreasing(object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsNonDecreasing(a.t, object, msgAndArgs...)
-}
-
-// IsNonDecreasingf asserts that the collection is not decreasing
-//
-//	a.IsNonDecreasingf([]int{1, 1, 2}, "error message %s", "formatted")
-//	a.IsNonDecreasingf([]float{1, 2}, "error message %s", "formatted")
-//	a.IsNonDecreasingf([]string{"a", "b"}, "error message %s", "formatted")
-func (a *Assertions) IsNonDecreasingf(object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsNonDecreasingf(a.t, object, msg, args...)
-}
-
-// IsNonIncreasing asserts that the collection is not increasing
-//
-//	a.IsNonIncreasing([]int{2, 1, 1})
-//	a.IsNonIncreasing([]float{2, 1})
-//	a.IsNonIncreasing([]string{"b", "a"})
-func (a *Assertions) IsNonIncreasing(object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsNonIncreasing(a.t, object, msgAndArgs...)
-}
-
-// IsNonIncreasingf asserts that the collection is not increasing
-//
-//	a.IsNonIncreasingf([]int{2, 1, 1}, "error message %s", "formatted")
-//	a.IsNonIncreasingf([]float{2, 1}, "error message %s", "formatted")
-//	a.IsNonIncreasingf([]string{"b", "a"}, "error message %s", "formatted")
-func (a *Assertions) IsNonIncreasingf(object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsNonIncreasingf(a.t, object, msg, args...)
-}
-
-// IsType asserts that the specified objects are of the same type.
-func (a *Assertions) IsType(expectedType interface{}, object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsType(a.t, expectedType, object, msgAndArgs...)
-}
-
-// IsTypef asserts that the specified objects are of the same type.
-func (a *Assertions) IsTypef(expectedType interface{}, object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	IsTypef(a.t, expectedType, object, msg, args...)
-}
-
-// JSONEq asserts that two JSON strings are equivalent.
-//
-//	a.JSONEq(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`)
-func (a *Assertions) JSONEq(expected string, actual string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	JSONEq(a.t, expected, actual, msgAndArgs...)
-}
-
-// JSONEqf asserts that two JSON strings are equivalent.
-//
-//	a.JSONEqf(`{"hello": "world", "foo": "bar"}`, `{"foo": "bar", "hello": "world"}`, "error message %s", "formatted")
-func (a *Assertions) JSONEqf(expected string, actual string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	JSONEqf(a.t, expected, actual, msg, args...)
-}
-
-// Len asserts that the specified object has specific length.
-// Len also fails if the object has a type that len() not accept.
-//
-//	a.Len(mySlice, 3)
-func (a *Assertions) Len(object interface{}, length int, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Len(a.t, object, length, msgAndArgs...)
-}
-
-// Lenf asserts that the specified object has specific length.
-// Lenf also fails if the object has a type that len() not accept.
-//
-//	a.Lenf(mySlice, 3, "error message %s", "formatted")
-func (a *Assertions) Lenf(object interface{}, length int, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Lenf(a.t, object, length, msg, args...)
-}
-
-// Less asserts that the first element is less than the second
-//
-//	a.Less(1, 2)
-//	a.Less(float64(1), float64(2))
-//	a.Less("a", "b")
-func (a *Assertions) Less(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Less(a.t, e1, e2, msgAndArgs...)
-}
-
-// LessOrEqual asserts that the first element is less than or equal to the second
-//
-//	a.LessOrEqual(1, 2)
-//	a.LessOrEqual(2, 2)
-//	a.LessOrEqual("a", "b")
-//	a.LessOrEqual("b", "b")
-func (a *Assertions) LessOrEqual(e1 interface{}, e2 interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	LessOrEqual(a.t, e1, e2, msgAndArgs...)
-}
-
-// LessOrEqualf asserts that the first element is less than or equal to the second
-//
-//	a.LessOrEqualf(1, 2, "error message %s", "formatted")
-//	a.LessOrEqualf(2, 2, "error message %s", "formatted")
-//	a.LessOrEqualf("a", "b", "error message %s", "formatted")
-//	a.LessOrEqualf("b", "b", "error message %s", "formatted")
-func (a *Assertions) LessOrEqualf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	LessOrEqualf(a.t, e1, e2, msg, args...)
-}
-
-// Lessf asserts that the first element is less than the second
-//
-//	a.Lessf(1, 2, "error message %s", "formatted")
-//	a.Lessf(float64(1), float64(2), "error message %s", "formatted")
-//	a.Lessf("a", "b", "error message %s", "formatted")
-func (a *Assertions) Lessf(e1 interface{}, e2 interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Lessf(a.t, e1, e2, msg, args...)
-}
-
-// Negative asserts that the specified element is negative
-//
-//	a.Negative(-1)
-//	a.Negative(-1.23)
-func (a *Assertions) Negative(e interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Negative(a.t, e, msgAndArgs...)
-}
-
-// Negativef asserts that the specified element is negative
-//
-//	a.Negativef(-1, "error message %s", "formatted")
-//	a.Negativef(-1.23, "error message %s", "formatted")
-func (a *Assertions) Negativef(e interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Negativef(a.t, e, msg, args...)
-}
-
-// Never asserts that the given condition doesn't satisfy in waitFor time,
-// periodically checking the target function each tick.
-//
-//	a.Never(func() bool { return false; }, time.Second, 10*time.Millisecond)
-func (a *Assertions) Never(condition func() bool, waitFor time.Duration, tick time.Duration, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Never(a.t, condition, waitFor, tick, msgAndArgs...)
-}
-
-// Neverf asserts that the given condition doesn't satisfy in waitFor time,
-// periodically checking the target function each tick.
-//
-//	a.Neverf(func() bool { return false; }, time.Second, 10*time.Millisecond, "error message %s", "formatted")
-func (a *Assertions) Neverf(condition func() bool, waitFor time.Duration, tick time.Duration, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Neverf(a.t, condition, waitFor, tick, msg, args...)
-}
-
-// Nil asserts that the specified object is nil.
-//
-//	a.Nil(err)
-func (a *Assertions) Nil(object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Nil(a.t, object, msgAndArgs...)
-}
-
-// Nilf asserts that the specified object is nil.
-//
-//	a.Nilf(err, "error message %s", "formatted")
-func (a *Assertions) Nilf(object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Nilf(a.t, object, msg, args...)
-}
-
-// NoDirExists checks whether a directory does not exist in the given path.
-// It fails if the path points to an existing _directory_ only.
-func (a *Assertions) NoDirExists(path string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NoDirExists(a.t, path, msgAndArgs...)
-}
-
-// NoDirExistsf checks whether a directory does not exist in the given path.
-// It fails if the path points to an existing _directory_ only.
-func (a *Assertions) NoDirExistsf(path string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NoDirExistsf(a.t, path, msg, args...)
-}
-
-// NoError asserts that a function returned no error (i.e. `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if a.NoError(err) {
-//		   assert.Equal(t, expectedObj, actualObj)
-//	  }
-func (a *Assertions) NoError(err error, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NoError(a.t, err, msgAndArgs...)
-}
-
-// NoErrorf asserts that a function returned no error (i.e. `nil`).
-//
-//	  actualObj, err := SomeFunction()
-//	  if a.NoErrorf(err, "error message %s", "formatted") {
-//		   assert.Equal(t, expectedObj, actualObj)
-//	  }
-func (a *Assertions) NoErrorf(err error, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NoErrorf(a.t, err, msg, args...)
-}
-
-// NoFileExists checks whether a file does not exist in a given path. It fails
-// if the path points to an existing _file_ only.
-func (a *Assertions) NoFileExists(path string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NoFileExists(a.t, path, msgAndArgs...)
-}
-
-// NoFileExistsf checks whether a file does not exist in a given path. It fails
-// if the path points to an existing _file_ only.
-func (a *Assertions) NoFileExistsf(path string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NoFileExistsf(a.t, path, msg, args...)
-}
-
-// NotContains asserts that the specified string, list(array, slice...) or map does NOT contain the
-// specified substring or element.
-//
-//	a.NotContains("Hello World", "Earth")
-//	a.NotContains(["Hello", "World"], "Earth")
-//	a.NotContains({"Hello": "World"}, "Earth")
-func (a *Assertions) NotContains(s interface{}, contains interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotContains(a.t, s, contains, msgAndArgs...)
-}
-
-// NotContainsf asserts that the specified string, list(array, slice...) or map does NOT contain the
-// specified substring or element.
-//
-//	a.NotContainsf("Hello World", "Earth", "error message %s", "formatted")
-//	a.NotContainsf(["Hello", "World"], "Earth", "error message %s", "formatted")
-//	a.NotContainsf({"Hello": "World"}, "Earth", "error message %s", "formatted")
-func (a *Assertions) NotContainsf(s interface{}, contains interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotContainsf(a.t, s, contains, msg, args...)
-}
-
-// NotEmpty asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	if a.NotEmpty(obj) {
-//	  assert.Equal(t, "two", obj[1])
-//	}
-func (a *Assertions) NotEmpty(object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotEmpty(a.t, object, msgAndArgs...)
-}
-
-// NotEmptyf asserts that the specified object is NOT empty.  I.e. not nil, "", false, 0 or either
-// a slice or a channel with len == 0.
-//
-//	if a.NotEmptyf(obj, "error message %s", "formatted") {
-//	  assert.Equal(t, "two", obj[1])
-//	}
-func (a *Assertions) NotEmptyf(object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotEmptyf(a.t, object, msg, args...)
-}
-
-// NotEqual asserts that the specified values are NOT equal.
-//
-//	a.NotEqual(obj1, obj2)
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses).
-func (a *Assertions) NotEqual(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotEqual(a.t, expected, actual, msgAndArgs...)
-}
-
-// NotEqualValues asserts that two objects are not equal even when converted to the same type
-//
-//	a.NotEqualValues(obj1, obj2)
-func (a *Assertions) NotEqualValues(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotEqualValues(a.t, expected, actual, msgAndArgs...)
-}
-
-// NotEqualValuesf asserts that two objects are not equal even when converted to the same type
-//
-//	a.NotEqualValuesf(obj1, obj2, "error message %s", "formatted")
-func (a *Assertions) NotEqualValuesf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotEqualValuesf(a.t, expected, actual, msg, args...)
-}
-
-// NotEqualf asserts that the specified values are NOT equal.
-//
-//	a.NotEqualf(obj1, obj2, "error message %s", "formatted")
-//
-// Pointer variable equality is determined based on the equality of the
-// referenced values (as opposed to the memory addresses).
-func (a *Assertions) NotEqualf(expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotEqualf(a.t, expected, actual, msg, args...)
-}
-
-// NotErrorIs asserts that at none of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func (a *Assertions) NotErrorIs(err error, target error, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotErrorIs(a.t, err, target, msgAndArgs...)
-}
-
-// NotErrorIsf asserts that at none of the errors in err's chain matches target.
-// This is a wrapper for errors.Is.
-func (a *Assertions) NotErrorIsf(err error, target error, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotErrorIsf(a.t, err, target, msg, args...)
-}
-
-// NotNil asserts that the specified object is not nil.
-//
-//	a.NotNil(err)
-func (a *Assertions) NotNil(object interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotNil(a.t, object, msgAndArgs...)
-}
-
-// NotNilf asserts that the specified object is not nil.
-//
-//	a.NotNilf(err, "error message %s", "formatted")
-func (a *Assertions) NotNilf(object interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotNilf(a.t, object, msg, args...)
-}
-
-// NotPanics asserts that the code inside the specified PanicTestFunc does NOT panic.
-//
-//	a.NotPanics(func(){ RemainCalm() })
-func (a *Assertions) NotPanics(f assert.PanicTestFunc, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotPanics(a.t, f, msgAndArgs...)
-}
-
-// NotPanicsf asserts that the code inside the specified PanicTestFunc does NOT panic.
-//
-//	a.NotPanicsf(func(){ RemainCalm() }, "error message %s", "formatted")
-func (a *Assertions) NotPanicsf(f assert.PanicTestFunc, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotPanicsf(a.t, f, msg, args...)
-}
-
-// NotRegexp asserts that a specified regexp does not match a string.
-//
-//	a.NotRegexp(regexp.MustCompile("starts"), "it's starting")
-//	a.NotRegexp("^start", "it's not starting")
-func (a *Assertions) NotRegexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotRegexp(a.t, rx, str, msgAndArgs...)
-}
-
-// NotRegexpf asserts that a specified regexp does not match a string.
-//
-//	a.NotRegexpf(regexp.MustCompile("starts"), "it's starting", "error message %s", "formatted")
-//	a.NotRegexpf("^start", "it's not starting", "error message %s", "formatted")
-func (a *Assertions) NotRegexpf(rx interface{}, str interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotRegexpf(a.t, rx, str, msg, args...)
-}
-
-// NotSame asserts that two pointers do not reference the same object.
-//
-//	a.NotSame(ptr1, ptr2)
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func (a *Assertions) NotSame(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotSame(a.t, expected, actual, msgAndArgs...)
-}
-
-// NotSamef asserts that two pointers do not reference the same object.
-//
-//	a.NotSamef(ptr1, ptr2, "error message %s", "formatted")
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func (a *Assertions) NotSamef(expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotSamef(a.t, expected, actual, msg, args...)
-}
-
-// NotSubset asserts that the specified list(array, slice...) contains not all
-// elements given in the specified subset(array, slice...).
-//
-//	a.NotSubset([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]")
-func (a *Assertions) NotSubset(list interface{}, subset interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotSubset(a.t, list, subset, msgAndArgs...)
-}
-
-// NotSubsetf asserts that the specified list(array, slice...) contains not all
-// elements given in the specified subset(array, slice...).
-//
-//	a.NotSubsetf([1, 3, 4], [1, 2], "But [1, 3, 4] does not contain [1, 2]", "error message %s", "formatted")
-func (a *Assertions) NotSubsetf(list interface{}, subset interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotSubsetf(a.t, list, subset, msg, args...)
-}
-
-// NotZero asserts that i is not the zero value for its type.
-func (a *Assertions) NotZero(i interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotZero(a.t, i, msgAndArgs...)
-}
-
-// NotZerof asserts that i is not the zero value for its type.
-func (a *Assertions) NotZerof(i interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	NotZerof(a.t, i, msg, args...)
-}
-
-// Panics asserts that the code inside the specified PanicTestFunc panics.
-//
-//	a.Panics(func(){ GoCrazy() })
-func (a *Assertions) Panics(f assert.PanicTestFunc, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Panics(a.t, f, msgAndArgs...)
-}
-
-// PanicsWithError asserts that the code inside the specified PanicTestFunc
-// panics, and that the recovered panic value is an error that satisfies the
-// EqualError comparison.
-//
-//	a.PanicsWithError("crazy error", func(){ GoCrazy() })
-func (a *Assertions) PanicsWithError(errString string, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	PanicsWithError(a.t, errString, f, msgAndArgs...)
-}
-
-// PanicsWithErrorf asserts that the code inside the specified PanicTestFunc
-// panics, and that the recovered panic value is an error that satisfies the
-// EqualError comparison.
-//
-//	a.PanicsWithErrorf("crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
-func (a *Assertions) PanicsWithErrorf(errString string, f assert.PanicTestFunc, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	PanicsWithErrorf(a.t, errString, f, msg, args...)
-}
-
-// PanicsWithValue asserts that the code inside the specified PanicTestFunc panics, and that
-// the recovered panic value equals the expected panic value.
-//
-//	a.PanicsWithValue("crazy error", func(){ GoCrazy() })
-func (a *Assertions) PanicsWithValue(expected interface{}, f assert.PanicTestFunc, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	PanicsWithValue(a.t, expected, f, msgAndArgs...)
-}
-
-// PanicsWithValuef asserts that the code inside the specified PanicTestFunc panics, and that
-// the recovered panic value equals the expected panic value.
-//
-//	a.PanicsWithValuef("crazy error", func(){ GoCrazy() }, "error message %s", "formatted")
-func (a *Assertions) PanicsWithValuef(expected interface{}, f assert.PanicTestFunc, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	PanicsWithValuef(a.t, expected, f, msg, args...)
-}
-
-// Panicsf asserts that the code inside the specified PanicTestFunc panics.
-//
-//	a.Panicsf(func(){ GoCrazy() }, "error message %s", "formatted")
-func (a *Assertions) Panicsf(f assert.PanicTestFunc, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Panicsf(a.t, f, msg, args...)
-}
-
-// Positive asserts that the specified element is positive
-//
-//	a.Positive(1)
-//	a.Positive(1.23)
-func (a *Assertions) Positive(e interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Positive(a.t, e, msgAndArgs...)
-}
-
-// Positivef asserts that the specified element is positive
-//
-//	a.Positivef(1, "error message %s", "formatted")
-//	a.Positivef(1.23, "error message %s", "formatted")
-func (a *Assertions) Positivef(e interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Positivef(a.t, e, msg, args...)
-}
-
-// Regexp asserts that a specified regexp matches a string.
-//
-//	a.Regexp(regexp.MustCompile("start"), "it's starting")
-//	a.Regexp("start...$", "it's not starting")
-func (a *Assertions) Regexp(rx interface{}, str interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Regexp(a.t, rx, str, msgAndArgs...)
-}
-
-// Regexpf asserts that a specified regexp matches a string.
-//
-//	a.Regexpf(regexp.MustCompile("start"), "it's starting", "error message %s", "formatted")
-//	a.Regexpf("start...$", "it's not starting", "error message %s", "formatted")
-func (a *Assertions) Regexpf(rx interface{}, str interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Regexpf(a.t, rx, str, msg, args...)
-}
-
-// Same asserts that two pointers reference the same object.
-//
-//	a.Same(ptr1, ptr2)
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func (a *Assertions) Same(expected interface{}, actual interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Same(a.t, expected, actual, msgAndArgs...)
-}
-
-// Samef asserts that two pointers reference the same object.
-//
-//	a.Samef(ptr1, ptr2, "error message %s", "formatted")
-//
-// Both arguments must be pointer variables. Pointer variable sameness is
-// determined based on the equality of both type and value.
-func (a *Assertions) Samef(expected interface{}, actual interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Samef(a.t, expected, actual, msg, args...)
-}
-
-// Subset asserts that the specified list(array, slice...) contains all
-// elements given in the specified subset(array, slice...).
-//
-//	a.Subset([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]")
-func (a *Assertions) Subset(list interface{}, subset interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Subset(a.t, list, subset, msgAndArgs...)
-}
-
-// Subsetf asserts that the specified list(array, slice...) contains all
-// elements given in the specified subset(array, slice...).
-//
-//	a.Subsetf([1, 2, 3], [1, 2], "But [1, 2, 3] does contain [1, 2]", "error message %s", "formatted")
-func (a *Assertions) Subsetf(list interface{}, subset interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Subsetf(a.t, list, subset, msg, args...)
-}
-
-// True asserts that the specified value is true.
-//
-//	a.True(myBool)
-func (a *Assertions) True(value bool, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	True(a.t, value, msgAndArgs...)
-}
-
-// Truef asserts that the specified value is true.
-//
-//	a.Truef(myBool, "error message %s", "formatted")
-func (a *Assertions) Truef(value bool, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Truef(a.t, value, msg, args...)
-}
-
-// WithinDuration asserts that the two times are within duration delta of each other.
-//
-//	a.WithinDuration(time.Now(), time.Now(), 10*time.Second)
-func (a *Assertions) WithinDuration(expected time.Time, actual time.Time, delta time.Duration, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	WithinDuration(a.t, expected, actual, delta, msgAndArgs...)
-}
-
-// WithinDurationf asserts that the two times are within duration delta of each other.
-//
-//	a.WithinDurationf(time.Now(), time.Now(), 10*time.Second, "error message %s", "formatted")
-func (a *Assertions) WithinDurationf(expected time.Time, actual time.Time, delta time.Duration, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	WithinDurationf(a.t, expected, actual, delta, msg, args...)
-}
-
-// WithinRange asserts that a time is within a time range (inclusive).
-//
-//	a.WithinRange(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second))
-func (a *Assertions) WithinRange(actual time.Time, start time.Time, end time.Time, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	WithinRange(a.t, actual, start, end, msgAndArgs...)
-}
-
-// WithinRangef asserts that a time is within a time range (inclusive).
-//
-//	a.WithinRangef(time.Now(), time.Now().Add(-time.Second), time.Now().Add(time.Second), "error message %s", "formatted")
-func (a *Assertions) WithinRangef(actual time.Time, start time.Time, end time.Time, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	WithinRangef(a.t, actual, start, end, msg, args...)
-}
-
-// YAMLEq asserts that two YAML strings are equivalent.
-func (a *Assertions) YAMLEq(expected string, actual string, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	YAMLEq(a.t, expected, actual, msgAndArgs...)
-}
-
-// YAMLEqf asserts that two YAML strings are equivalent.
-func (a *Assertions) YAMLEqf(expected string, actual string, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	YAMLEqf(a.t, expected, actual, msg, args...)
-}
-
-// Zero asserts that i is the zero value for its type.
-func (a *Assertions) Zero(i interface{}, msgAndArgs ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Zero(a.t, i, msgAndArgs...)
-}
-
-// Zerof asserts that i is the zero value for its type.
-func (a *Assertions) Zerof(i interface{}, msg string, args ...interface{}) {
-	if h, ok := a.t.(tHelper); ok {
-		h.Helper()
-	}
-	Zerof(a.t, i, msg, args...)
-}
diff --git a/vendor/github.com/stretchr/testify/require/require_forward.go.tmpl b/vendor/github.com/stretchr/testify/require/require_forward.go.tmpl
deleted file mode 100644
index 54124df1d..000000000
--- a/vendor/github.com/stretchr/testify/require/require_forward.go.tmpl
+++ /dev/null
@@ -1,5 +0,0 @@
-{{.CommentWithoutT "a"}}
-func (a *Assertions) {{.DocInfo.Name}}({{.Params}}) {
-	if h, ok := a.t.(tHelper); ok { h.Helper() }
-	{{.DocInfo.Name}}(a.t, {{.ForwardedParams}})
-}
diff --git a/vendor/github.com/stretchr/testify/require/requirements.go b/vendor/github.com/stretchr/testify/require/requirements.go
deleted file mode 100644
index 91772dfeb..000000000
--- a/vendor/github.com/stretchr/testify/require/requirements.go
+++ /dev/null
@@ -1,29 +0,0 @@
-package require
-
-// TestingT is an interface wrapper around *testing.T
-type TestingT interface {
-	Errorf(format string, args ...interface{})
-	FailNow()
-}
-
-type tHelper interface {
-	Helper()
-}
-
-// ComparisonAssertionFunc is a common function prototype when comparing two values.  Can be useful
-// for table driven tests.
-type ComparisonAssertionFunc func(TestingT, interface{}, interface{}, ...interface{})
-
-// ValueAssertionFunc is a common function prototype when validating a single value.  Can be useful
-// for table driven tests.
-type ValueAssertionFunc func(TestingT, interface{}, ...interface{})
-
-// BoolAssertionFunc is a common function prototype when validating a bool value.  Can be useful
-// for table driven tests.
-type BoolAssertionFunc func(TestingT, bool, ...interface{})
-
-// ErrorAssertionFunc is a common function prototype when validating an error value.  Can be useful
-// for table driven tests.
-type ErrorAssertionFunc func(TestingT, error, ...interface{})
-
-//go:generate sh -c "cd ../_codegen && go build && cd - && ../_codegen/_codegen -output-package=require -template=require.go.tmpl -include-format-funcs"
diff --git a/vendor/gopkg.in/yaml.v3/LICENSE b/vendor/gopkg.in/yaml.v3/LICENSE
deleted file mode 100644
index 2683e4bb1..000000000
--- a/vendor/gopkg.in/yaml.v3/LICENSE
+++ /dev/null
@@ -1,50 +0,0 @@
-
-This project is covered by two different licenses: MIT and Apache.
-
-#### MIT License ####
-
-The following files were ported to Go from C files of libyaml, and thus
-are still covered by their original MIT license, with the additional
-copyright staring in 2011 when the project was ported over:
-
-    apic.go emitterc.go parserc.go readerc.go scannerc.go
-    writerc.go yamlh.go yamlprivateh.go
-
-Copyright (c) 2006-2010 Kirill Simonov
-Copyright (c) 2006-2011 Kirill Simonov
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of
-this software and associated documentation files (the "Software"), to deal in
-the Software without restriction, including without limitation the rights to
-use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-of the Software, and to permit persons to whom the Software is furnished to do
-so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
-### Apache License ###
-
-All the remaining project files are covered by the Apache license:
-
-Copyright (c) 2011-2019 Canonical Ltd
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
diff --git a/vendor/gopkg.in/yaml.v3/NOTICE b/vendor/gopkg.in/yaml.v3/NOTICE
deleted file mode 100644
index 866d74a7a..000000000
--- a/vendor/gopkg.in/yaml.v3/NOTICE
+++ /dev/null
@@ -1,13 +0,0 @@
-Copyright 2011-2016 Canonical Ltd.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
diff --git a/vendor/gopkg.in/yaml.v3/README.md b/vendor/gopkg.in/yaml.v3/README.md
deleted file mode 100644
index 08eb1babd..000000000
--- a/vendor/gopkg.in/yaml.v3/README.md
+++ /dev/null
@@ -1,150 +0,0 @@
-# YAML support for the Go language
-
-Introduction
-------------
-
-The yaml package enables Go programs to comfortably encode and decode YAML
-values. It was developed within [Canonical](https://www.canonical.com) as
-part of the [juju](https://juju.ubuntu.com) project, and is based on a
-pure Go port of the well-known [libyaml](http://pyyaml.org/wiki/LibYAML)
-C library to parse and generate YAML data quickly and reliably.
-
-Compatibility
--------------
-
-The yaml package supports most of YAML 1.2, but preserves some behavior
-from 1.1 for backwards compatibility.
-
-Specifically, as of v3 of the yaml package:
-
- - YAML 1.1 bools (_yes/no, on/off_) are supported as long as they are being
-   decoded into a typed bool value. Otherwise they behave as a string. Booleans
-   in YAML 1.2 are _true/false_ only.
- - Octals encode and decode as _0777_ per YAML 1.1, rather than _0o777_
-   as specified in YAML 1.2, because most parsers still use the old format.
-   Octals in the  _0o777_ format are supported though, so new files work.
- - Does not support base-60 floats. These are gone from YAML 1.2, and were
-   actually never supported by this package as it's clearly a poor choice.
-
-and offers backwards
-compatibility with YAML 1.1 in some cases.
-1.2, including support for
-anchors, tags, map merging, etc. Multi-document unmarshalling is not yet
-implemented, and base-60 floats from YAML 1.1 are purposefully not
-supported since they're a poor design and are gone in YAML 1.2.
-
-Installation and usage
-----------------------
-
-The import path for the package is *gopkg.in/yaml.v3*.
-
-To install it, run:
-
-    go get gopkg.in/yaml.v3
-
-API documentation
------------------
-
-If opened in a browser, the import path itself leads to the API documentation:
-
-  - [https://gopkg.in/yaml.v3](https://gopkg.in/yaml.v3)
-
-API stability
--------------
-
-The package API for yaml v3 will remain stable as described in [gopkg.in](https://gopkg.in).
-
-
-License
--------
-
-The yaml package is licensed under the MIT and Apache License 2.0 licenses.
-Please see the LICENSE file for details.
-
-
-Example
--------
-
-```Go
-package main
-
-import (
-        "fmt"
-        "log"
-
-        "gopkg.in/yaml.v3"
-)
-
-var data = `
-a: Easy!
-b:
-  c: 2
-  d: [3, 4]
-`
-
-// Note: struct fields must be public in order for unmarshal to
-// correctly populate the data.
-type T struct {
-        A string
-        B struct {
-                RenamedC int   `yaml:"c"`
-                D        []int `yaml:",flow"`
-        }
-}
-
-func main() {
-        t := T{}
-    
-        err := yaml.Unmarshal([]byte(data), &t)
-        if err != nil {
-                log.Fatalf("error: %v", err)
-        }
-        fmt.Printf("--- t:\n%v\n\n", t)
-    
-        d, err := yaml.Marshal(&t)
-        if err != nil {
-                log.Fatalf("error: %v", err)
-        }
-        fmt.Printf("--- t dump:\n%s\n\n", string(d))
-    
-        m := make(map[interface{}]interface{})
-    
-        err = yaml.Unmarshal([]byte(data), &m)
-        if err != nil {
-                log.Fatalf("error: %v", err)
-        }
-        fmt.Printf("--- m:\n%v\n\n", m)
-    
-        d, err = yaml.Marshal(&m)
-        if err != nil {
-                log.Fatalf("error: %v", err)
-        }
-        fmt.Printf("--- m dump:\n%s\n\n", string(d))
-}
-```
-
-This example will generate the following output:
-
-```
---- t:
-{Easy! {2 [3 4]}}
-
---- t dump:
-a: Easy!
-b:
-  c: 2
-  d: [3, 4]
-
-
---- m:
-map[a:Easy! b:map[c:2 d:[3 4]]]
-
---- m dump:
-a: Easy!
-b:
-  c: 2
-  d:
-  - 3
-  - 4
-```
-
diff --git a/vendor/gopkg.in/yaml.v3/apic.go b/vendor/gopkg.in/yaml.v3/apic.go
deleted file mode 100644
index ae7d049f1..000000000
--- a/vendor/gopkg.in/yaml.v3/apic.go
+++ /dev/null
@@ -1,747 +0,0 @@
-// 
-// Copyright (c) 2011-2019 Canonical Ltd
-// Copyright (c) 2006-2010 Kirill Simonov
-// 
-// Permission is hereby granted, free of charge, to any person obtaining a copy of
-// this software and associated documentation files (the "Software"), to deal in
-// the Software without restriction, including without limitation the rights to
-// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-// of the Software, and to permit persons to whom the Software is furnished to do
-// so, subject to the following conditions:
-// 
-// The above copyright notice and this permission notice shall be included in all
-// copies or substantial portions of the Software.
-// 
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-// SOFTWARE.
-
-package yaml
-
-import (
-	"io"
-)
-
-func yaml_insert_token(parser *yaml_parser_t, pos int, token *yaml_token_t) {
-	//fmt.Println("yaml_insert_token", "pos:", pos, "typ:", token.typ, "head:", parser.tokens_head, "len:", len(parser.tokens))
-
-	// Check if we can move the queue at the beginning of the buffer.
-	if parser.tokens_head > 0 && len(parser.tokens) == cap(parser.tokens) {
-		if parser.tokens_head != len(parser.tokens) {
-			copy(parser.tokens, parser.tokens[parser.tokens_head:])
-		}
-		parser.tokens = parser.tokens[:len(parser.tokens)-parser.tokens_head]
-		parser.tokens_head = 0
-	}
-	parser.tokens = append(parser.tokens, *token)
-	if pos < 0 {
-		return
-	}
-	copy(parser.tokens[parser.tokens_head+pos+1:], parser.tokens[parser.tokens_head+pos:])
-	parser.tokens[parser.tokens_head+pos] = *token
-}
-
-// Create a new parser object.
-func yaml_parser_initialize(parser *yaml_parser_t) bool {
-	*parser = yaml_parser_t{
-		raw_buffer: make([]byte, 0, input_raw_buffer_size),
-		buffer:     make([]byte, 0, input_buffer_size),
-	}
-	return true
-}
-
-// Destroy a parser object.
-func yaml_parser_delete(parser *yaml_parser_t) {
-	*parser = yaml_parser_t{}
-}
-
-// String read handler.
-func yaml_string_read_handler(parser *yaml_parser_t, buffer []byte) (n int, err error) {
-	if parser.input_pos == len(parser.input) {
-		return 0, io.EOF
-	}
-	n = copy(buffer, parser.input[parser.input_pos:])
-	parser.input_pos += n
-	return n, nil
-}
-
-// Reader read handler.
-func yaml_reader_read_handler(parser *yaml_parser_t, buffer []byte) (n int, err error) {
-	return parser.input_reader.Read(buffer)
-}
-
-// Set a string input.
-func yaml_parser_set_input_string(parser *yaml_parser_t, input []byte) {
-	if parser.read_handler != nil {
-		panic("must set the input source only once")
-	}
-	parser.read_handler = yaml_string_read_handler
-	parser.input = input
-	parser.input_pos = 0
-}
-
-// Set a file input.
-func yaml_parser_set_input_reader(parser *yaml_parser_t, r io.Reader) {
-	if parser.read_handler != nil {
-		panic("must set the input source only once")
-	}
-	parser.read_handler = yaml_reader_read_handler
-	parser.input_reader = r
-}
-
-// Set the source encoding.
-func yaml_parser_set_encoding(parser *yaml_parser_t, encoding yaml_encoding_t) {
-	if parser.encoding != yaml_ANY_ENCODING {
-		panic("must set the encoding only once")
-	}
-	parser.encoding = encoding
-}
-
-// Create a new emitter object.
-func yaml_emitter_initialize(emitter *yaml_emitter_t) {
-	*emitter = yaml_emitter_t{
-		buffer:     make([]byte, output_buffer_size),
-		raw_buffer: make([]byte, 0, output_raw_buffer_size),
-		states:     make([]yaml_emitter_state_t, 0, initial_stack_size),
-		events:     make([]yaml_event_t, 0, initial_queue_size),
-		best_width: -1,
-	}
-}
-
-// Destroy an emitter object.
-func yaml_emitter_delete(emitter *yaml_emitter_t) {
-	*emitter = yaml_emitter_t{}
-}
-
-// String write handler.
-func yaml_string_write_handler(emitter *yaml_emitter_t, buffer []byte) error {
-	*emitter.output_buffer = append(*emitter.output_buffer, buffer...)
-	return nil
-}
-
-// yaml_writer_write_handler uses emitter.output_writer to write the
-// emitted text.
-func yaml_writer_write_handler(emitter *yaml_emitter_t, buffer []byte) error {
-	_, err := emitter.output_writer.Write(buffer)
-	return err
-}
-
-// Set a string output.
-func yaml_emitter_set_output_string(emitter *yaml_emitter_t, output_buffer *[]byte) {
-	if emitter.write_handler != nil {
-		panic("must set the output target only once")
-	}
-	emitter.write_handler = yaml_string_write_handler
-	emitter.output_buffer = output_buffer
-}
-
-// Set a file output.
-func yaml_emitter_set_output_writer(emitter *yaml_emitter_t, w io.Writer) {
-	if emitter.write_handler != nil {
-		panic("must set the output target only once")
-	}
-	emitter.write_handler = yaml_writer_write_handler
-	emitter.output_writer = w
-}
-
-// Set the output encoding.
-func yaml_emitter_set_encoding(emitter *yaml_emitter_t, encoding yaml_encoding_t) {
-	if emitter.encoding != yaml_ANY_ENCODING {
-		panic("must set the output encoding only once")
-	}
-	emitter.encoding = encoding
-}
-
-// Set the canonical output style.
-func yaml_emitter_set_canonical(emitter *yaml_emitter_t, canonical bool) {
-	emitter.canonical = canonical
-}
-
-// Set the indentation increment.
-func yaml_emitter_set_indent(emitter *yaml_emitter_t, indent int) {
-	if indent < 2 || indent > 9 {
-		indent = 2
-	}
-	emitter.best_indent = indent
-}
-
-// Set the preferred line width.
-func yaml_emitter_set_width(emitter *yaml_emitter_t, width int) {
-	if width < 0 {
-		width = -1
-	}
-	emitter.best_width = width
-}
-
-// Set if unescaped non-ASCII characters are allowed.
-func yaml_emitter_set_unicode(emitter *yaml_emitter_t, unicode bool) {
-	emitter.unicode = unicode
-}
-
-// Set the preferred line break character.
-func yaml_emitter_set_break(emitter *yaml_emitter_t, line_break yaml_break_t) {
-	emitter.line_break = line_break
-}
-
-///*
-// * Destroy a token object.
-// */
-//
-//YAML_DECLARE(void)
-//yaml_token_delete(yaml_token_t *token)
-//{
-//    assert(token);  // Non-NULL token object expected.
-//
-//    switch (token.type)
-//    {
-//        case YAML_TAG_DIRECTIVE_TOKEN:
-//            yaml_free(token.data.tag_directive.handle);
-//            yaml_free(token.data.tag_directive.prefix);
-//            break;
-//
-//        case YAML_ALIAS_TOKEN:
-//            yaml_free(token.data.alias.value);
-//            break;
-//
-//        case YAML_ANCHOR_TOKEN:
-//            yaml_free(token.data.anchor.value);
-//            break;
-//
-//        case YAML_TAG_TOKEN:
-//            yaml_free(token.data.tag.handle);
-//            yaml_free(token.data.tag.suffix);
-//            break;
-//
-//        case YAML_SCALAR_TOKEN:
-//            yaml_free(token.data.scalar.value);
-//            break;
-//
-//        default:
-//            break;
-//    }
-//
-//    memset(token, 0, sizeof(yaml_token_t));
-//}
-//
-///*
-// * Check if a string is a valid UTF-8 sequence.
-// *
-// * Check 'reader.c' for more details on UTF-8 encoding.
-// */
-//
-//static int
-//yaml_check_utf8(yaml_char_t *start, size_t length)
-//{
-//    yaml_char_t *end = start+length;
-//    yaml_char_t *pointer = start;
-//
-//    while (pointer < end) {
-//        unsigned char octet;
-//        unsigned int width;
-//        unsigned int value;
-//        size_t k;
-//
-//        octet = pointer[0];
-//        width = (octet & 0x80) == 0x00 ? 1 :
-//                (octet & 0xE0) == 0xC0 ? 2 :
-//                (octet & 0xF0) == 0xE0 ? 3 :
-//                (octet & 0xF8) == 0xF0 ? 4 : 0;
-//        value = (octet & 0x80) == 0x00 ? octet & 0x7F :
-//                (octet & 0xE0) == 0xC0 ? octet & 0x1F :
-//                (octet & 0xF0) == 0xE0 ? octet & 0x0F :
-//                (octet & 0xF8) == 0xF0 ? octet & 0x07 : 0;
-//        if (!width) return 0;
-//        if (pointer+width > end) return 0;
-//        for (k = 1; k < width; k ++) {
-//            octet = pointer[k];
-//            if ((octet & 0xC0) != 0x80) return 0;
-//            value = (value << 6) + (octet & 0x3F);
-//        }
-//        if (!((width == 1) ||
-//            (width == 2 && value >= 0x80) ||
-//            (width == 3 && value >= 0x800) ||
-//            (width == 4 && value >= 0x10000))) return 0;
-//
-//        pointer += width;
-//    }
-//
-//    return 1;
-//}
-//
-
-// Create STREAM-START.
-func yaml_stream_start_event_initialize(event *yaml_event_t, encoding yaml_encoding_t) {
-	*event = yaml_event_t{
-		typ:      yaml_STREAM_START_EVENT,
-		encoding: encoding,
-	}
-}
-
-// Create STREAM-END.
-func yaml_stream_end_event_initialize(event *yaml_event_t) {
-	*event = yaml_event_t{
-		typ: yaml_STREAM_END_EVENT,
-	}
-}
-
-// Create DOCUMENT-START.
-func yaml_document_start_event_initialize(
-	event *yaml_event_t,
-	version_directive *yaml_version_directive_t,
-	tag_directives []yaml_tag_directive_t,
-	implicit bool,
-) {
-	*event = yaml_event_t{
-		typ:               yaml_DOCUMENT_START_EVENT,
-		version_directive: version_directive,
-		tag_directives:    tag_directives,
-		implicit:          implicit,
-	}
-}
-
-// Create DOCUMENT-END.
-func yaml_document_end_event_initialize(event *yaml_event_t, implicit bool) {
-	*event = yaml_event_t{
-		typ:      yaml_DOCUMENT_END_EVENT,
-		implicit: implicit,
-	}
-}
-
-// Create ALIAS.
-func yaml_alias_event_initialize(event *yaml_event_t, anchor []byte) bool {
-	*event = yaml_event_t{
-		typ:    yaml_ALIAS_EVENT,
-		anchor: anchor,
-	}
-	return true
-}
-
-// Create SCALAR.
-func yaml_scalar_event_initialize(event *yaml_event_t, anchor, tag, value []byte, plain_implicit, quoted_implicit bool, style yaml_scalar_style_t) bool {
-	*event = yaml_event_t{
-		typ:             yaml_SCALAR_EVENT,
-		anchor:          anchor,
-		tag:             tag,
-		value:           value,
-		implicit:        plain_implicit,
-		quoted_implicit: quoted_implicit,
-		style:           yaml_style_t(style),
-	}
-	return true
-}
-
-// Create SEQUENCE-START.
-func yaml_sequence_start_event_initialize(event *yaml_event_t, anchor, tag []byte, implicit bool, style yaml_sequence_style_t) bool {
-	*event = yaml_event_t{
-		typ:      yaml_SEQUENCE_START_EVENT,
-		anchor:   anchor,
-		tag:      tag,
-		implicit: implicit,
-		style:    yaml_style_t(style),
-	}
-	return true
-}
-
-// Create SEQUENCE-END.
-func yaml_sequence_end_event_initialize(event *yaml_event_t) bool {
-	*event = yaml_event_t{
-		typ: yaml_SEQUENCE_END_EVENT,
-	}
-	return true
-}
-
-// Create MAPPING-START.
-func yaml_mapping_start_event_initialize(event *yaml_event_t, anchor, tag []byte, implicit bool, style yaml_mapping_style_t) {
-	*event = yaml_event_t{
-		typ:      yaml_MAPPING_START_EVENT,
-		anchor:   anchor,
-		tag:      tag,
-		implicit: implicit,
-		style:    yaml_style_t(style),
-	}
-}
-
-// Create MAPPING-END.
-func yaml_mapping_end_event_initialize(event *yaml_event_t) {
-	*event = yaml_event_t{
-		typ: yaml_MAPPING_END_EVENT,
-	}
-}
-
-// Destroy an event object.
-func yaml_event_delete(event *yaml_event_t) {
-	*event = yaml_event_t{}
-}
-
-///*
-// * Create a document object.
-// */
-//
-//YAML_DECLARE(int)
-//yaml_document_initialize(document *yaml_document_t,
-//        version_directive *yaml_version_directive_t,
-//        tag_directives_start *yaml_tag_directive_t,
-//        tag_directives_end *yaml_tag_directive_t,
-//        start_implicit int, end_implicit int)
-//{
-//    struct {
-//        error yaml_error_type_t
-//    } context
-//    struct {
-//        start *yaml_node_t
-//        end *yaml_node_t
-//        top *yaml_node_t
-//    } nodes = { NULL, NULL, NULL }
-//    version_directive_copy *yaml_version_directive_t = NULL
-//    struct {
-//        start *yaml_tag_directive_t
-//        end *yaml_tag_directive_t
-//        top *yaml_tag_directive_t
-//    } tag_directives_copy = { NULL, NULL, NULL }
-//    value yaml_tag_directive_t = { NULL, NULL }
-//    mark yaml_mark_t = { 0, 0, 0 }
-//
-//    assert(document) // Non-NULL document object is expected.
-//    assert((tag_directives_start && tag_directives_end) ||
-//            (tag_directives_start == tag_directives_end))
-//                            // Valid tag directives are expected.
-//
-//    if (!STACK_INIT(&context, nodes, INITIAL_STACK_SIZE)) goto error
-//
-//    if (version_directive) {
-//        version_directive_copy = yaml_malloc(sizeof(yaml_version_directive_t))
-//        if (!version_directive_copy) goto error
-//        version_directive_copy.major = version_directive.major
-//        version_directive_copy.minor = version_directive.minor
-//    }
-//
-//    if (tag_directives_start != tag_directives_end) {
-//        tag_directive *yaml_tag_directive_t
-//        if (!STACK_INIT(&context, tag_directives_copy, INITIAL_STACK_SIZE))
-//            goto error
-//        for (tag_directive = tag_directives_start
-//                tag_directive != tag_directives_end; tag_directive ++) {
-//            assert(tag_directive.handle)
-//            assert(tag_directive.prefix)
-//            if (!yaml_check_utf8(tag_directive.handle,
-//                        strlen((char *)tag_directive.handle)))
-//                goto error
-//            if (!yaml_check_utf8(tag_directive.prefix,
-//                        strlen((char *)tag_directive.prefix)))
-//                goto error
-//            value.handle = yaml_strdup(tag_directive.handle)
-//            value.prefix = yaml_strdup(tag_directive.prefix)
-//            if (!value.handle || !value.prefix) goto error
-//            if (!PUSH(&context, tag_directives_copy, value))
-//                goto error
-//            value.handle = NULL
-//            value.prefix = NULL
-//        }
-//    }
-//
-//    DOCUMENT_INIT(*document, nodes.start, nodes.end, version_directive_copy,
-//            tag_directives_copy.start, tag_directives_copy.top,
-//            start_implicit, end_implicit, mark, mark)
-//
-//    return 1
-//
-//error:
-//    STACK_DEL(&context, nodes)
-//    yaml_free(version_directive_copy)
-//    while (!STACK_EMPTY(&context, tag_directives_copy)) {
-//        value yaml_tag_directive_t = POP(&context, tag_directives_copy)
-//        yaml_free(value.handle)
-//        yaml_free(value.prefix)
-//    }
-//    STACK_DEL(&context, tag_directives_copy)
-//    yaml_free(value.handle)
-//    yaml_free(value.prefix)
-//
-//    return 0
-//}
-//
-///*
-// * Destroy a document object.
-// */
-//
-//YAML_DECLARE(void)
-//yaml_document_delete(document *yaml_document_t)
-//{
-//    struct {
-//        error yaml_error_type_t
-//    } context
-//    tag_directive *yaml_tag_directive_t
-//
-//    context.error = YAML_NO_ERROR // Eliminate a compiler warning.
-//
-//    assert(document) // Non-NULL document object is expected.
-//
-//    while (!STACK_EMPTY(&context, document.nodes)) {
-//        node yaml_node_t = POP(&context, document.nodes)
-//        yaml_free(node.tag)
-//        switch (node.type) {
-//            case YAML_SCALAR_NODE:
-//                yaml_free(node.data.scalar.value)
-//                break
-//            case YAML_SEQUENCE_NODE:
-//                STACK_DEL(&context, node.data.sequence.items)
-//                break
-//            case YAML_MAPPING_NODE:
-//                STACK_DEL(&context, node.data.mapping.pairs)
-//                break
-//            default:
-//                assert(0) // Should not happen.
-//        }
-//    }
-//    STACK_DEL(&context, document.nodes)
-//
-//    yaml_free(document.version_directive)
-//    for (tag_directive = document.tag_directives.start
-//            tag_directive != document.tag_directives.end
-//            tag_directive++) {
-//        yaml_free(tag_directive.handle)
-//        yaml_free(tag_directive.prefix)
-//    }
-//    yaml_free(document.tag_directives.start)
-//
-//    memset(document, 0, sizeof(yaml_document_t))
-//}
-//
-///**
-// * Get a document node.
-// */
-//
-//YAML_DECLARE(yaml_node_t *)
-//yaml_document_get_node(document *yaml_document_t, index int)
-//{
-//    assert(document) // Non-NULL document object is expected.
-//
-//    if (index > 0 && document.nodes.start + index <= document.nodes.top) {
-//        return document.nodes.start + index - 1
-//    }
-//    return NULL
-//}
-//
-///**
-// * Get the root object.
-// */
-//
-//YAML_DECLARE(yaml_node_t *)
-//yaml_document_get_root_node(document *yaml_document_t)
-//{
-//    assert(document) // Non-NULL document object is expected.
-//
-//    if (document.nodes.top != document.nodes.start) {
-//        return document.nodes.start
-//    }
-//    return NULL
-//}
-//
-///*
-// * Add a scalar node to a document.
-// */
-//
-//YAML_DECLARE(int)
-//yaml_document_add_scalar(document *yaml_document_t,
-//        tag *yaml_char_t, value *yaml_char_t, length int,
-//        style yaml_scalar_style_t)
-//{
-//    struct {
-//        error yaml_error_type_t
-//    } context
-//    mark yaml_mark_t = { 0, 0, 0 }
-//    tag_copy *yaml_char_t = NULL
-//    value_copy *yaml_char_t = NULL
-//    node yaml_node_t
-//
-//    assert(document) // Non-NULL document object is expected.
-//    assert(value) // Non-NULL value is expected.
-//
-//    if (!tag) {
-//        tag = (yaml_char_t *)YAML_DEFAULT_SCALAR_TAG
-//    }
-//
-//    if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error
-//    tag_copy = yaml_strdup(tag)
-//    if (!tag_copy) goto error
-//
-//    if (length < 0) {
-//        length = strlen((char *)value)
-//    }
-//
-//    if (!yaml_check_utf8(value, length)) goto error
-//    value_copy = yaml_malloc(length+1)
-//    if (!value_copy) goto error
-//    memcpy(value_copy, value, length)
-//    value_copy[length] = '\0'
-//
-//    SCALAR_NODE_INIT(node, tag_copy, value_copy, length, style, mark, mark)
-//    if (!PUSH(&context, document.nodes, node)) goto error
-//
-//    return document.nodes.top - document.nodes.start
-//
-//error:
-//    yaml_free(tag_copy)
-//    yaml_free(value_copy)
-//
-//    return 0
-//}
-//
-///*
-// * Add a sequence node to a document.
-// */
-//
-//YAML_DECLARE(int)
-//yaml_document_add_sequence(document *yaml_document_t,
-//        tag *yaml_char_t, style yaml_sequence_style_t)
-//{
-//    struct {
-//        error yaml_error_type_t
-//    } context
-//    mark yaml_mark_t = { 0, 0, 0 }
-//    tag_copy *yaml_char_t = NULL
-//    struct {
-//        start *yaml_node_item_t
-//        end *yaml_node_item_t
-//        top *yaml_node_item_t
-//    } items = { NULL, NULL, NULL }
-//    node yaml_node_t
-//
-//    assert(document) // Non-NULL document object is expected.
-//
-//    if (!tag) {
-//        tag = (yaml_char_t *)YAML_DEFAULT_SEQUENCE_TAG
-//    }
-//
-//    if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error
-//    tag_copy = yaml_strdup(tag)
-//    if (!tag_copy) goto error
-//
-//    if (!STACK_INIT(&context, items, INITIAL_STACK_SIZE)) goto error
-//
-//    SEQUENCE_NODE_INIT(node, tag_copy, items.start, items.end,
-//            style, mark, mark)
-//    if (!PUSH(&context, document.nodes, node)) goto error
-//
-//    return document.nodes.top - document.nodes.start
-//
-//error:
-//    STACK_DEL(&context, items)
-//    yaml_free(tag_copy)
-//
-//    return 0
-//}
-//
-///*
-// * Add a mapping node to a document.
-// */
-//
-//YAML_DECLARE(int)
-//yaml_document_add_mapping(document *yaml_document_t,
-//        tag *yaml_char_t, style yaml_mapping_style_t)
-//{
-//    struct {
-//        error yaml_error_type_t
-//    } context
-//    mark yaml_mark_t = { 0, 0, 0 }
-//    tag_copy *yaml_char_t = NULL
-//    struct {
-//        start *yaml_node_pair_t
-//        end *yaml_node_pair_t
-//        top *yaml_node_pair_t
-//    } pairs = { NULL, NULL, NULL }
-//    node yaml_node_t
-//
-//    assert(document) // Non-NULL document object is expected.
-//
-//    if (!tag) {
-//        tag = (yaml_char_t *)YAML_DEFAULT_MAPPING_TAG
-//    }
-//
-//    if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error
-//    tag_copy = yaml_strdup(tag)
-//    if (!tag_copy) goto error
-//
-//    if (!STACK_INIT(&context, pairs, INITIAL_STACK_SIZE)) goto error
-//
-//    MAPPING_NODE_INIT(node, tag_copy, pairs.start, pairs.end,
-//            style, mark, mark)
-//    if (!PUSH(&context, document.nodes, node)) goto error
-//
-//    return document.nodes.top - document.nodes.start
-//
-//error:
-//    STACK_DEL(&context, pairs)
-//    yaml_free(tag_copy)
-//
-//    return 0
-//}
-//
-///*
-// * Append an item to a sequence node.
-// */
-//
-//YAML_DECLARE(int)
-//yaml_document_append_sequence_item(document *yaml_document_t,
-//        sequence int, item int)
-//{
-//    struct {
-//        error yaml_error_type_t
-//    } context
-//
-//    assert(document) // Non-NULL document is required.
-//    assert(sequence > 0
-//            && document.nodes.start + sequence <= document.nodes.top)
-//                            // Valid sequence id is required.
-//    assert(document.nodes.start[sequence-1].type == YAML_SEQUENCE_NODE)
-//                            // A sequence node is required.
-//    assert(item > 0 && document.nodes.start + item <= document.nodes.top)
-//                            // Valid item id is required.
-//
-//    if (!PUSH(&context,
-//                document.nodes.start[sequence-1].data.sequence.items, item))
-//        return 0
-//
-//    return 1
-//}
-//
-///*
-// * Append a pair of a key and a value to a mapping node.
-// */
-//
-//YAML_DECLARE(int)
-//yaml_document_append_mapping_pair(document *yaml_document_t,
-//        mapping int, key int, value int)
-//{
-//    struct {
-//        error yaml_error_type_t
-//    } context
-//
-//    pair yaml_node_pair_t
-//
-//    assert(document) // Non-NULL document is required.
-//    assert(mapping > 0
-//            && document.nodes.start + mapping <= document.nodes.top)
-//                            // Valid mapping id is required.
-//    assert(document.nodes.start[mapping-1].type == YAML_MAPPING_NODE)
-//                            // A mapping node is required.
-//    assert(key > 0 && document.nodes.start + key <= document.nodes.top)
-//                            // Valid key id is required.
-//    assert(value > 0 && document.nodes.start + value <= document.nodes.top)
-//                            // Valid value id is required.
-//
-//    pair.key = key
-//    pair.value = value
-//
-//    if (!PUSH(&context,
-//                document.nodes.start[mapping-1].data.mapping.pairs, pair))
-//        return 0
-//
-//    return 1
-//}
-//
-//
diff --git a/vendor/gopkg.in/yaml.v3/decode.go b/vendor/gopkg.in/yaml.v3/decode.go
deleted file mode 100644
index 0173b6982..000000000
--- a/vendor/gopkg.in/yaml.v3/decode.go
+++ /dev/null
@@ -1,1000 +0,0 @@
-//
-// Copyright (c) 2011-2019 Canonical Ltd
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package yaml
-
-import (
-	"encoding"
-	"encoding/base64"
-	"fmt"
-	"io"
-	"math"
-	"reflect"
-	"strconv"
-	"time"
-)
-
-// ----------------------------------------------------------------------------
-// Parser, produces a node tree out of a libyaml event stream.
-
-type parser struct {
-	parser   yaml_parser_t
-	event    yaml_event_t
-	doc      *Node
-	anchors  map[string]*Node
-	doneInit bool
-	textless bool
-}
-
-func newParser(b []byte) *parser {
-	p := parser{}
-	if !yaml_parser_initialize(&p.parser) {
-		panic("failed to initialize YAML emitter")
-	}
-	if len(b) == 0 {
-		b = []byte{'\n'}
-	}
-	yaml_parser_set_input_string(&p.parser, b)
-	return &p
-}
-
-func newParserFromReader(r io.Reader) *parser {
-	p := parser{}
-	if !yaml_parser_initialize(&p.parser) {
-		panic("failed to initialize YAML emitter")
-	}
-	yaml_parser_set_input_reader(&p.parser, r)
-	return &p
-}
-
-func (p *parser) init() {
-	if p.doneInit {
-		return
-	}
-	p.anchors = make(map[string]*Node)
-	p.expect(yaml_STREAM_START_EVENT)
-	p.doneInit = true
-}
-
-func (p *parser) destroy() {
-	if p.event.typ != yaml_NO_EVENT {
-		yaml_event_delete(&p.event)
-	}
-	yaml_parser_delete(&p.parser)
-}
-
-// expect consumes an event from the event stream and
-// checks that it's of the expected type.
-func (p *parser) expect(e yaml_event_type_t) {
-	if p.event.typ == yaml_NO_EVENT {
-		if !yaml_parser_parse(&p.parser, &p.event) {
-			p.fail()
-		}
-	}
-	if p.event.typ == yaml_STREAM_END_EVENT {
-		failf("attempted to go past the end of stream; corrupted value?")
-	}
-	if p.event.typ != e {
-		p.parser.problem = fmt.Sprintf("expected %s event but got %s", e, p.event.typ)
-		p.fail()
-	}
-	yaml_event_delete(&p.event)
-	p.event.typ = yaml_NO_EVENT
-}
-
-// peek peeks at the next event in the event stream,
-// puts the results into p.event and returns the event type.
-func (p *parser) peek() yaml_event_type_t {
-	if p.event.typ != yaml_NO_EVENT {
-		return p.event.typ
-	}
-	// It's curious choice from the underlying API to generally return a
-	// positive result on success, but on this case return true in an error
-	// scenario. This was the source of bugs in the past (issue #666).
-	if !yaml_parser_parse(&p.parser, &p.event) || p.parser.error != yaml_NO_ERROR {
-		p.fail()
-	}
-	return p.event.typ
-}
-
-func (p *parser) fail() {
-	var where string
-	var line int
-	if p.parser.context_mark.line != 0 {
-		line = p.parser.context_mark.line
-		// Scanner errors don't iterate line before returning error
-		if p.parser.error == yaml_SCANNER_ERROR {
-			line++
-		}
-	} else if p.parser.problem_mark.line != 0 {
-		line = p.parser.problem_mark.line
-		// Scanner errors don't iterate line before returning error
-		if p.parser.error == yaml_SCANNER_ERROR {
-			line++
-		}
-	}
-	if line != 0 {
-		where = "line " + strconv.Itoa(line) + ": "
-	}
-	var msg string
-	if len(p.parser.problem) > 0 {
-		msg = p.parser.problem
-	} else {
-		msg = "unknown problem parsing YAML content"
-	}
-	failf("%s%s", where, msg)
-}
-
-func (p *parser) anchor(n *Node, anchor []byte) {
-	if anchor != nil {
-		n.Anchor = string(anchor)
-		p.anchors[n.Anchor] = n
-	}
-}
-
-func (p *parser) parse() *Node {
-	p.init()
-	switch p.peek() {
-	case yaml_SCALAR_EVENT:
-		return p.scalar()
-	case yaml_ALIAS_EVENT:
-		return p.alias()
-	case yaml_MAPPING_START_EVENT:
-		return p.mapping()
-	case yaml_SEQUENCE_START_EVENT:
-		return p.sequence()
-	case yaml_DOCUMENT_START_EVENT:
-		return p.document()
-	case yaml_STREAM_END_EVENT:
-		// Happens when attempting to decode an empty buffer.
-		return nil
-	case yaml_TAIL_COMMENT_EVENT:
-		panic("internal error: unexpected tail comment event (please report)")
-	default:
-		panic("internal error: attempted to parse unknown event (please report): " + p.event.typ.String())
-	}
-}
-
-func (p *parser) node(kind Kind, defaultTag, tag, value string) *Node {
-	var style Style
-	if tag != "" && tag != "!" {
-		tag = shortTag(tag)
-		style = TaggedStyle
-	} else if defaultTag != "" {
-		tag = defaultTag
-	} else if kind == ScalarNode {
-		tag, _ = resolve("", value)
-	}
-	n := &Node{
-		Kind:  kind,
-		Tag:   tag,
-		Value: value,
-		Style: style,
-	}
-	if !p.textless {
-		n.Line = p.event.start_mark.line + 1
-		n.Column = p.event.start_mark.column + 1
-		n.HeadComment = string(p.event.head_comment)
-		n.LineComment = string(p.event.line_comment)
-		n.FootComment = string(p.event.foot_comment)
-	}
-	return n
-}
-
-func (p *parser) parseChild(parent *Node) *Node {
-	child := p.parse()
-	parent.Content = append(parent.Content, child)
-	return child
-}
-
-func (p *parser) document() *Node {
-	n := p.node(DocumentNode, "", "", "")
-	p.doc = n
-	p.expect(yaml_DOCUMENT_START_EVENT)
-	p.parseChild(n)
-	if p.peek() == yaml_DOCUMENT_END_EVENT {
-		n.FootComment = string(p.event.foot_comment)
-	}
-	p.expect(yaml_DOCUMENT_END_EVENT)
-	return n
-}
-
-func (p *parser) alias() *Node {
-	n := p.node(AliasNode, "", "", string(p.event.anchor))
-	n.Alias = p.anchors[n.Value]
-	if n.Alias == nil {
-		failf("unknown anchor '%s' referenced", n.Value)
-	}
-	p.expect(yaml_ALIAS_EVENT)
-	return n
-}
-
-func (p *parser) scalar() *Node {
-	var parsedStyle = p.event.scalar_style()
-	var nodeStyle Style
-	switch {
-	case parsedStyle&yaml_DOUBLE_QUOTED_SCALAR_STYLE != 0:
-		nodeStyle = DoubleQuotedStyle
-	case parsedStyle&yaml_SINGLE_QUOTED_SCALAR_STYLE != 0:
-		nodeStyle = SingleQuotedStyle
-	case parsedStyle&yaml_LITERAL_SCALAR_STYLE != 0:
-		nodeStyle = LiteralStyle
-	case parsedStyle&yaml_FOLDED_SCALAR_STYLE != 0:
-		nodeStyle = FoldedStyle
-	}
-	var nodeValue = string(p.event.value)
-	var nodeTag = string(p.event.tag)
-	var defaultTag string
-	if nodeStyle == 0 {
-		if nodeValue == "<<" {
-			defaultTag = mergeTag
-		}
-	} else {
-		defaultTag = strTag
-	}
-	n := p.node(ScalarNode, defaultTag, nodeTag, nodeValue)
-	n.Style |= nodeStyle
-	p.anchor(n, p.event.anchor)
-	p.expect(yaml_SCALAR_EVENT)
-	return n
-}
-
-func (p *parser) sequence() *Node {
-	n := p.node(SequenceNode, seqTag, string(p.event.tag), "")
-	if p.event.sequence_style()&yaml_FLOW_SEQUENCE_STYLE != 0 {
-		n.Style |= FlowStyle
-	}
-	p.anchor(n, p.event.anchor)
-	p.expect(yaml_SEQUENCE_START_EVENT)
-	for p.peek() != yaml_SEQUENCE_END_EVENT {
-		p.parseChild(n)
-	}
-	n.LineComment = string(p.event.line_comment)
-	n.FootComment = string(p.event.foot_comment)
-	p.expect(yaml_SEQUENCE_END_EVENT)
-	return n
-}
-
-func (p *parser) mapping() *Node {
-	n := p.node(MappingNode, mapTag, string(p.event.tag), "")
-	block := true
-	if p.event.mapping_style()&yaml_FLOW_MAPPING_STYLE != 0 {
-		block = false
-		n.Style |= FlowStyle
-	}
-	p.anchor(n, p.event.anchor)
-	p.expect(yaml_MAPPING_START_EVENT)
-	for p.peek() != yaml_MAPPING_END_EVENT {
-		k := p.parseChild(n)
-		if block && k.FootComment != "" {
-			// Must be a foot comment for the prior value when being dedented.
-			if len(n.Content) > 2 {
-				n.Content[len(n.Content)-3].FootComment = k.FootComment
-				k.FootComment = ""
-			}
-		}
-		v := p.parseChild(n)
-		if k.FootComment == "" && v.FootComment != "" {
-			k.FootComment = v.FootComment
-			v.FootComment = ""
-		}
-		if p.peek() == yaml_TAIL_COMMENT_EVENT {
-			if k.FootComment == "" {
-				k.FootComment = string(p.event.foot_comment)
-			}
-			p.expect(yaml_TAIL_COMMENT_EVENT)
-		}
-	}
-	n.LineComment = string(p.event.line_comment)
-	n.FootComment = string(p.event.foot_comment)
-	if n.Style&FlowStyle == 0 && n.FootComment != "" && len(n.Content) > 1 {
-		n.Content[len(n.Content)-2].FootComment = n.FootComment
-		n.FootComment = ""
-	}
-	p.expect(yaml_MAPPING_END_EVENT)
-	return n
-}
-
-// ----------------------------------------------------------------------------
-// Decoder, unmarshals a node into a provided value.
-
-type decoder struct {
-	doc     *Node
-	aliases map[*Node]bool
-	terrors []string
-
-	stringMapType  reflect.Type
-	generalMapType reflect.Type
-
-	knownFields bool
-	uniqueKeys  bool
-	decodeCount int
-	aliasCount  int
-	aliasDepth  int
-
-	mergedFields map[interface{}]bool
-}
-
-var (
-	nodeType       = reflect.TypeOf(Node{})
-	durationType   = reflect.TypeOf(time.Duration(0))
-	stringMapType  = reflect.TypeOf(map[string]interface{}{})
-	generalMapType = reflect.TypeOf(map[interface{}]interface{}{})
-	ifaceType      = generalMapType.Elem()
-	timeType       = reflect.TypeOf(time.Time{})
-	ptrTimeType    = reflect.TypeOf(&time.Time{})
-)
-
-func newDecoder() *decoder {
-	d := &decoder{
-		stringMapType:  stringMapType,
-		generalMapType: generalMapType,
-		uniqueKeys:     true,
-	}
-	d.aliases = make(map[*Node]bool)
-	return d
-}
-
-func (d *decoder) terror(n *Node, tag string, out reflect.Value) {
-	if n.Tag != "" {
-		tag = n.Tag
-	}
-	value := n.Value
-	if tag != seqTag && tag != mapTag {
-		if len(value) > 10 {
-			value = " `" + value[:7] + "...`"
-		} else {
-			value = " `" + value + "`"
-		}
-	}
-	d.terrors = append(d.terrors, fmt.Sprintf("line %d: cannot unmarshal %s%s into %s", n.Line, shortTag(tag), value, out.Type()))
-}
-
-func (d *decoder) callUnmarshaler(n *Node, u Unmarshaler) (good bool) {
-	err := u.UnmarshalYAML(n)
-	if e, ok := err.(*TypeError); ok {
-		d.terrors = append(d.terrors, e.Errors...)
-		return false
-	}
-	if err != nil {
-		fail(err)
-	}
-	return true
-}
-
-func (d *decoder) callObsoleteUnmarshaler(n *Node, u obsoleteUnmarshaler) (good bool) {
-	terrlen := len(d.terrors)
-	err := u.UnmarshalYAML(func(v interface{}) (err error) {
-		defer handleErr(&err)
-		d.unmarshal(n, reflect.ValueOf(v))
-		if len(d.terrors) > terrlen {
-			issues := d.terrors[terrlen:]
-			d.terrors = d.terrors[:terrlen]
-			return &TypeError{issues}
-		}
-		return nil
-	})
-	if e, ok := err.(*TypeError); ok {
-		d.terrors = append(d.terrors, e.Errors...)
-		return false
-	}
-	if err != nil {
-		fail(err)
-	}
-	return true
-}
-
-// d.prepare initializes and dereferences pointers and calls UnmarshalYAML
-// if a value is found to implement it.
-// It returns the initialized and dereferenced out value, whether
-// unmarshalling was already done by UnmarshalYAML, and if so whether
-// its types unmarshalled appropriately.
-//
-// If n holds a null value, prepare returns before doing anything.
-func (d *decoder) prepare(n *Node, out reflect.Value) (newout reflect.Value, unmarshaled, good bool) {
-	if n.ShortTag() == nullTag {
-		return out, false, false
-	}
-	again := true
-	for again {
-		again = false
-		if out.Kind() == reflect.Ptr {
-			if out.IsNil() {
-				out.Set(reflect.New(out.Type().Elem()))
-			}
-			out = out.Elem()
-			again = true
-		}
-		if out.CanAddr() {
-			outi := out.Addr().Interface()
-			if u, ok := outi.(Unmarshaler); ok {
-				good = d.callUnmarshaler(n, u)
-				return out, true, good
-			}
-			if u, ok := outi.(obsoleteUnmarshaler); ok {
-				good = d.callObsoleteUnmarshaler(n, u)
-				return out, true, good
-			}
-		}
-	}
-	return out, false, false
-}
-
-func (d *decoder) fieldByIndex(n *Node, v reflect.Value, index []int) (field reflect.Value) {
-	if n.ShortTag() == nullTag {
-		return reflect.Value{}
-	}
-	for _, num := range index {
-		for {
-			if v.Kind() == reflect.Ptr {
-				if v.IsNil() {
-					v.Set(reflect.New(v.Type().Elem()))
-				}
-				v = v.Elem()
-				continue
-			}
-			break
-		}
-		v = v.Field(num)
-	}
-	return v
-}
-
-const (
-	// 400,000 decode operations is ~500kb of dense object declarations, or
-	// ~5kb of dense object declarations with 10000% alias expansion
-	alias_ratio_range_low = 400000
-
-	// 4,000,000 decode operations is ~5MB of dense object declarations, or
-	// ~4.5MB of dense object declarations with 10% alias expansion
-	alias_ratio_range_high = 4000000
-
-	// alias_ratio_range is the range over which we scale allowed alias ratios
-	alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low)
-)
-
-func allowedAliasRatio(decodeCount int) float64 {
-	switch {
-	case decodeCount <= alias_ratio_range_low:
-		// allow 99% to come from alias expansion for small-to-medium documents
-		return 0.99
-	case decodeCount >= alias_ratio_range_high:
-		// allow 10% to come from alias expansion for very large documents
-		return 0.10
-	default:
-		// scale smoothly from 99% down to 10% over the range.
-		// this maps to 396,000 - 400,000 allowed alias-driven decodes over the range.
-		// 400,000 decode operations is ~100MB of allocations in worst-case scenarios (single-item maps).
-		return 0.99 - 0.89*(float64(decodeCount-alias_ratio_range_low)/alias_ratio_range)
-	}
-}
-
-func (d *decoder) unmarshal(n *Node, out reflect.Value) (good bool) {
-	d.decodeCount++
-	if d.aliasDepth > 0 {
-		d.aliasCount++
-	}
-	if d.aliasCount > 100 && d.decodeCount > 1000 && float64(d.aliasCount)/float64(d.decodeCount) > allowedAliasRatio(d.decodeCount) {
-		failf("document contains excessive aliasing")
-	}
-	if out.Type() == nodeType {
-		out.Set(reflect.ValueOf(n).Elem())
-		return true
-	}
-	switch n.Kind {
-	case DocumentNode:
-		return d.document(n, out)
-	case AliasNode:
-		return d.alias(n, out)
-	}
-	out, unmarshaled, good := d.prepare(n, out)
-	if unmarshaled {
-		return good
-	}
-	switch n.Kind {
-	case ScalarNode:
-		good = d.scalar(n, out)
-	case MappingNode:
-		good = d.mapping(n, out)
-	case SequenceNode:
-		good = d.sequence(n, out)
-	case 0:
-		if n.IsZero() {
-			return d.null(out)
-		}
-		fallthrough
-	default:
-		failf("cannot decode node with unknown kind %d", n.Kind)
-	}
-	return good
-}
-
-func (d *decoder) document(n *Node, out reflect.Value) (good bool) {
-	if len(n.Content) == 1 {
-		d.doc = n
-		d.unmarshal(n.Content[0], out)
-		return true
-	}
-	return false
-}
-
-func (d *decoder) alias(n *Node, out reflect.Value) (good bool) {
-	if d.aliases[n] {
-		// TODO this could actually be allowed in some circumstances.
-		failf("anchor '%s' value contains itself", n.Value)
-	}
-	d.aliases[n] = true
-	d.aliasDepth++
-	good = d.unmarshal(n.Alias, out)
-	d.aliasDepth--
-	delete(d.aliases, n)
-	return good
-}
-
-var zeroValue reflect.Value
-
-func resetMap(out reflect.Value) {
-	for _, k := range out.MapKeys() {
-		out.SetMapIndex(k, zeroValue)
-	}
-}
-
-func (d *decoder) null(out reflect.Value) bool {
-	if out.CanAddr() {
-		switch out.Kind() {
-		case reflect.Interface, reflect.Ptr, reflect.Map, reflect.Slice:
-			out.Set(reflect.Zero(out.Type()))
-			return true
-		}
-	}
-	return false
-}
-
-func (d *decoder) scalar(n *Node, out reflect.Value) bool {
-	var tag string
-	var resolved interface{}
-	if n.indicatedString() {
-		tag = strTag
-		resolved = n.Value
-	} else {
-		tag, resolved = resolve(n.Tag, n.Value)
-		if tag == binaryTag {
-			data, err := base64.StdEncoding.DecodeString(resolved.(string))
-			if err != nil {
-				failf("!!binary value contains invalid base64 data")
-			}
-			resolved = string(data)
-		}
-	}
-	if resolved == nil {
-		return d.null(out)
-	}
-	if resolvedv := reflect.ValueOf(resolved); out.Type() == resolvedv.Type() {
-		// We've resolved to exactly the type we want, so use that.
-		out.Set(resolvedv)
-		return true
-	}
-	// Perhaps we can use the value as a TextUnmarshaler to
-	// set its value.
-	if out.CanAddr() {
-		u, ok := out.Addr().Interface().(encoding.TextUnmarshaler)
-		if ok {
-			var text []byte
-			if tag == binaryTag {
-				text = []byte(resolved.(string))
-			} else {
-				// We let any value be unmarshaled into TextUnmarshaler.
-				// That might be more lax than we'd like, but the
-				// TextUnmarshaler itself should bowl out any dubious values.
-				text = []byte(n.Value)
-			}
-			err := u.UnmarshalText(text)
-			if err != nil {
-				fail(err)
-			}
-			return true
-		}
-	}
-	switch out.Kind() {
-	case reflect.String:
-		if tag == binaryTag {
-			out.SetString(resolved.(string))
-			return true
-		}
-		out.SetString(n.Value)
-		return true
-	case reflect.Interface:
-		out.Set(reflect.ValueOf(resolved))
-		return true
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		// This used to work in v2, but it's very unfriendly.
-		isDuration := out.Type() == durationType
-
-		switch resolved := resolved.(type) {
-		case int:
-			if !isDuration && !out.OverflowInt(int64(resolved)) {
-				out.SetInt(int64(resolved))
-				return true
-			}
-		case int64:
-			if !isDuration && !out.OverflowInt(resolved) {
-				out.SetInt(resolved)
-				return true
-			}
-		case uint64:
-			if !isDuration && resolved <= math.MaxInt64 && !out.OverflowInt(int64(resolved)) {
-				out.SetInt(int64(resolved))
-				return true
-			}
-		case float64:
-			if !isDuration && resolved <= math.MaxInt64 && !out.OverflowInt(int64(resolved)) {
-				out.SetInt(int64(resolved))
-				return true
-			}
-		case string:
-			if out.Type() == durationType {
-				d, err := time.ParseDuration(resolved)
-				if err == nil {
-					out.SetInt(int64(d))
-					return true
-				}
-			}
-		}
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		switch resolved := resolved.(type) {
-		case int:
-			if resolved >= 0 && !out.OverflowUint(uint64(resolved)) {
-				out.SetUint(uint64(resolved))
-				return true
-			}
-		case int64:
-			if resolved >= 0 && !out.OverflowUint(uint64(resolved)) {
-				out.SetUint(uint64(resolved))
-				return true
-			}
-		case uint64:
-			if !out.OverflowUint(uint64(resolved)) {
-				out.SetUint(uint64(resolved))
-				return true
-			}
-		case float64:
-			if resolved <= math.MaxUint64 && !out.OverflowUint(uint64(resolved)) {
-				out.SetUint(uint64(resolved))
-				return true
-			}
-		}
-	case reflect.Bool:
-		switch resolved := resolved.(type) {
-		case bool:
-			out.SetBool(resolved)
-			return true
-		case string:
-			// This offers some compatibility with the 1.1 spec (https://yaml.org/type/bool.html).
-			// It only works if explicitly attempting to unmarshal into a typed bool value.
-			switch resolved {
-			case "y", "Y", "yes", "Yes", "YES", "on", "On", "ON":
-				out.SetBool(true)
-				return true
-			case "n", "N", "no", "No", "NO", "off", "Off", "OFF":
-				out.SetBool(false)
-				return true
-			}
-		}
-	case reflect.Float32, reflect.Float64:
-		switch resolved := resolved.(type) {
-		case int:
-			out.SetFloat(float64(resolved))
-			return true
-		case int64:
-			out.SetFloat(float64(resolved))
-			return true
-		case uint64:
-			out.SetFloat(float64(resolved))
-			return true
-		case float64:
-			out.SetFloat(resolved)
-			return true
-		}
-	case reflect.Struct:
-		if resolvedv := reflect.ValueOf(resolved); out.Type() == resolvedv.Type() {
-			out.Set(resolvedv)
-			return true
-		}
-	case reflect.Ptr:
-		panic("yaml internal error: please report the issue")
-	}
-	d.terror(n, tag, out)
-	return false
-}
-
-func settableValueOf(i interface{}) reflect.Value {
-	v := reflect.ValueOf(i)
-	sv := reflect.New(v.Type()).Elem()
-	sv.Set(v)
-	return sv
-}
-
-func (d *decoder) sequence(n *Node, out reflect.Value) (good bool) {
-	l := len(n.Content)
-
-	var iface reflect.Value
-	switch out.Kind() {
-	case reflect.Slice:
-		out.Set(reflect.MakeSlice(out.Type(), l, l))
-	case reflect.Array:
-		if l != out.Len() {
-			failf("invalid array: want %d elements but got %d", out.Len(), l)
-		}
-	case reflect.Interface:
-		// No type hints. Will have to use a generic sequence.
-		iface = out
-		out = settableValueOf(make([]interface{}, l))
-	default:
-		d.terror(n, seqTag, out)
-		return false
-	}
-	et := out.Type().Elem()
-
-	j := 0
-	for i := 0; i < l; i++ {
-		e := reflect.New(et).Elem()
-		if ok := d.unmarshal(n.Content[i], e); ok {
-			out.Index(j).Set(e)
-			j++
-		}
-	}
-	if out.Kind() != reflect.Array {
-		out.Set(out.Slice(0, j))
-	}
-	if iface.IsValid() {
-		iface.Set(out)
-	}
-	return true
-}
-
-func (d *decoder) mapping(n *Node, out reflect.Value) (good bool) {
-	l := len(n.Content)
-	if d.uniqueKeys {
-		nerrs := len(d.terrors)
-		for i := 0; i < l; i += 2 {
-			ni := n.Content[i]
-			for j := i + 2; j < l; j += 2 {
-				nj := n.Content[j]
-				if ni.Kind == nj.Kind && ni.Value == nj.Value {
-					d.terrors = append(d.terrors, fmt.Sprintf("line %d: mapping key %#v already defined at line %d", nj.Line, nj.Value, ni.Line))
-				}
-			}
-		}
-		if len(d.terrors) > nerrs {
-			return false
-		}
-	}
-	switch out.Kind() {
-	case reflect.Struct:
-		return d.mappingStruct(n, out)
-	case reflect.Map:
-		// okay
-	case reflect.Interface:
-		iface := out
-		if isStringMap(n) {
-			out = reflect.MakeMap(d.stringMapType)
-		} else {
-			out = reflect.MakeMap(d.generalMapType)
-		}
-		iface.Set(out)
-	default:
-		d.terror(n, mapTag, out)
-		return false
-	}
-
-	outt := out.Type()
-	kt := outt.Key()
-	et := outt.Elem()
-
-	stringMapType := d.stringMapType
-	generalMapType := d.generalMapType
-	if outt.Elem() == ifaceType {
-		if outt.Key().Kind() == reflect.String {
-			d.stringMapType = outt
-		} else if outt.Key() == ifaceType {
-			d.generalMapType = outt
-		}
-	}
-
-	mergedFields := d.mergedFields
-	d.mergedFields = nil
-
-	var mergeNode *Node
-
-	mapIsNew := false
-	if out.IsNil() {
-		out.Set(reflect.MakeMap(outt))
-		mapIsNew = true
-	}
-	for i := 0; i < l; i += 2 {
-		if isMerge(n.Content[i]) {
-			mergeNode = n.Content[i+1]
-			continue
-		}
-		k := reflect.New(kt).Elem()
-		if d.unmarshal(n.Content[i], k) {
-			if mergedFields != nil {
-				ki := k.Interface()
-				if mergedFields[ki] {
-					continue
-				}
-				mergedFields[ki] = true
-			}
-			kkind := k.Kind()
-			if kkind == reflect.Interface {
-				kkind = k.Elem().Kind()
-			}
-			if kkind == reflect.Map || kkind == reflect.Slice {
-				failf("invalid map key: %#v", k.Interface())
-			}
-			e := reflect.New(et).Elem()
-			if d.unmarshal(n.Content[i+1], e) || n.Content[i+1].ShortTag() == nullTag && (mapIsNew || !out.MapIndex(k).IsValid()) {
-				out.SetMapIndex(k, e)
-			}
-		}
-	}
-
-	d.mergedFields = mergedFields
-	if mergeNode != nil {
-		d.merge(n, mergeNode, out)
-	}
-
-	d.stringMapType = stringMapType
-	d.generalMapType = generalMapType
-	return true
-}
-
-func isStringMap(n *Node) bool {
-	if n.Kind != MappingNode {
-		return false
-	}
-	l := len(n.Content)
-	for i := 0; i < l; i += 2 {
-		shortTag := n.Content[i].ShortTag()
-		if shortTag != strTag && shortTag != mergeTag {
-			return false
-		}
-	}
-	return true
-}
-
-func (d *decoder) mappingStruct(n *Node, out reflect.Value) (good bool) {
-	sinfo, err := getStructInfo(out.Type())
-	if err != nil {
-		panic(err)
-	}
-
-	var inlineMap reflect.Value
-	var elemType reflect.Type
-	if sinfo.InlineMap != -1 {
-		inlineMap = out.Field(sinfo.InlineMap)
-		elemType = inlineMap.Type().Elem()
-	}
-
-	for _, index := range sinfo.InlineUnmarshalers {
-		field := d.fieldByIndex(n, out, index)
-		d.prepare(n, field)
-	}
-
-	mergedFields := d.mergedFields
-	d.mergedFields = nil
-	var mergeNode *Node
-	var doneFields []bool
-	if d.uniqueKeys {
-		doneFields = make([]bool, len(sinfo.FieldsList))
-	}
-	name := settableValueOf("")
-	l := len(n.Content)
-	for i := 0; i < l; i += 2 {
-		ni := n.Content[i]
-		if isMerge(ni) {
-			mergeNode = n.Content[i+1]
-			continue
-		}
-		if !d.unmarshal(ni, name) {
-			continue
-		}
-		sname := name.String()
-		if mergedFields != nil {
-			if mergedFields[sname] {
-				continue
-			}
-			mergedFields[sname] = true
-		}
-		if info, ok := sinfo.FieldsMap[sname]; ok {
-			if d.uniqueKeys {
-				if doneFields[info.Id] {
-					d.terrors = append(d.terrors, fmt.Sprintf("line %d: field %s already set in type %s", ni.Line, name.String(), out.Type()))
-					continue
-				}
-				doneFields[info.Id] = true
-			}
-			var field reflect.Value
-			if info.Inline == nil {
-				field = out.Field(info.Num)
-			} else {
-				field = d.fieldByIndex(n, out, info.Inline)
-			}
-			d.unmarshal(n.Content[i+1], field)
-		} else if sinfo.InlineMap != -1 {
-			if inlineMap.IsNil() {
-				inlineMap.Set(reflect.MakeMap(inlineMap.Type()))
-			}
-			value := reflect.New(elemType).Elem()
-			d.unmarshal(n.Content[i+1], value)
-			inlineMap.SetMapIndex(name, value)
-		} else if d.knownFields {
-			d.terrors = append(d.terrors, fmt.Sprintf("line %d: field %s not found in type %s", ni.Line, name.String(), out.Type()))
-		}
-	}
-
-	d.mergedFields = mergedFields
-	if mergeNode != nil {
-		d.merge(n, mergeNode, out)
-	}
-	return true
-}
-
-func failWantMap() {
-	failf("map merge requires map or sequence of maps as the value")
-}
-
-func (d *decoder) merge(parent *Node, merge *Node, out reflect.Value) {
-	mergedFields := d.mergedFields
-	if mergedFields == nil {
-		d.mergedFields = make(map[interface{}]bool)
-		for i := 0; i < len(parent.Content); i += 2 {
-			k := reflect.New(ifaceType).Elem()
-			if d.unmarshal(parent.Content[i], k) {
-				d.mergedFields[k.Interface()] = true
-			}
-		}
-	}
-
-	switch merge.Kind {
-	case MappingNode:
-		d.unmarshal(merge, out)
-	case AliasNode:
-		if merge.Alias != nil && merge.Alias.Kind != MappingNode {
-			failWantMap()
-		}
-		d.unmarshal(merge, out)
-	case SequenceNode:
-		for i := 0; i < len(merge.Content); i++ {
-			ni := merge.Content[i]
-			if ni.Kind == AliasNode {
-				if ni.Alias != nil && ni.Alias.Kind != MappingNode {
-					failWantMap()
-				}
-			} else if ni.Kind != MappingNode {
-				failWantMap()
-			}
-			d.unmarshal(ni, out)
-		}
-	default:
-		failWantMap()
-	}
-
-	d.mergedFields = mergedFields
-}
-
-func isMerge(n *Node) bool {
-	return n.Kind == ScalarNode && n.Value == "<<" && (n.Tag == "" || n.Tag == "!" || shortTag(n.Tag) == mergeTag)
-}
diff --git a/vendor/gopkg.in/yaml.v3/emitterc.go b/vendor/gopkg.in/yaml.v3/emitterc.go
deleted file mode 100644
index 0f47c9ca8..000000000
--- a/vendor/gopkg.in/yaml.v3/emitterc.go
+++ /dev/null
@@ -1,2020 +0,0 @@
-//
-// Copyright (c) 2011-2019 Canonical Ltd
-// Copyright (c) 2006-2010 Kirill Simonov
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy of
-// this software and associated documentation files (the "Software"), to deal in
-// the Software without restriction, including without limitation the rights to
-// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-// of the Software, and to permit persons to whom the Software is furnished to do
-// so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in all
-// copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-// SOFTWARE.
-
-package yaml
-
-import (
-	"bytes"
-	"fmt"
-)
-
-// Flush the buffer if needed.
-func flush(emitter *yaml_emitter_t) bool {
-	if emitter.buffer_pos+5 >= len(emitter.buffer) {
-		return yaml_emitter_flush(emitter)
-	}
-	return true
-}
-
-// Put a character to the output buffer.
-func put(emitter *yaml_emitter_t, value byte) bool {
-	if emitter.buffer_pos+5 >= len(emitter.buffer) && !yaml_emitter_flush(emitter) {
-		return false
-	}
-	emitter.buffer[emitter.buffer_pos] = value
-	emitter.buffer_pos++
-	emitter.column++
-	return true
-}
-
-// Put a line break to the output buffer.
-func put_break(emitter *yaml_emitter_t) bool {
-	if emitter.buffer_pos+5 >= len(emitter.buffer) && !yaml_emitter_flush(emitter) {
-		return false
-	}
-	switch emitter.line_break {
-	case yaml_CR_BREAK:
-		emitter.buffer[emitter.buffer_pos] = '\r'
-		emitter.buffer_pos += 1
-	case yaml_LN_BREAK:
-		emitter.buffer[emitter.buffer_pos] = '\n'
-		emitter.buffer_pos += 1
-	case yaml_CRLN_BREAK:
-		emitter.buffer[emitter.buffer_pos+0] = '\r'
-		emitter.buffer[emitter.buffer_pos+1] = '\n'
-		emitter.buffer_pos += 2
-	default:
-		panic("unknown line break setting")
-	}
-	if emitter.column == 0 {
-		emitter.space_above = true
-	}
-	emitter.column = 0
-	emitter.line++
-	// [Go] Do this here and below and drop from everywhere else (see commented lines).
-	emitter.indention = true
-	return true
-}
-
-// Copy a character from a string into buffer.
-func write(emitter *yaml_emitter_t, s []byte, i *int) bool {
-	if emitter.buffer_pos+5 >= len(emitter.buffer) && !yaml_emitter_flush(emitter) {
-		return false
-	}
-	p := emitter.buffer_pos
-	w := width(s[*i])
-	switch w {
-	case 4:
-		emitter.buffer[p+3] = s[*i+3]
-		fallthrough
-	case 3:
-		emitter.buffer[p+2] = s[*i+2]
-		fallthrough
-	case 2:
-		emitter.buffer[p+1] = s[*i+1]
-		fallthrough
-	case 1:
-		emitter.buffer[p+0] = s[*i+0]
-	default:
-		panic("unknown character width")
-	}
-	emitter.column++
-	emitter.buffer_pos += w
-	*i += w
-	return true
-}
-
-// Write a whole string into buffer.
-func write_all(emitter *yaml_emitter_t, s []byte) bool {
-	for i := 0; i < len(s); {
-		if !write(emitter, s, &i) {
-			return false
-		}
-	}
-	return true
-}
-
-// Copy a line break character from a string into buffer.
-func write_break(emitter *yaml_emitter_t, s []byte, i *int) bool {
-	if s[*i] == '\n' {
-		if !put_break(emitter) {
-			return false
-		}
-		*i++
-	} else {
-		if !write(emitter, s, i) {
-			return false
-		}
-		if emitter.column == 0 {
-			emitter.space_above = true
-		}
-		emitter.column = 0
-		emitter.line++
-		// [Go] Do this here and above and drop from everywhere else (see commented lines).
-		emitter.indention = true
-	}
-	return true
-}
-
-// Set an emitter error and return false.
-func yaml_emitter_set_emitter_error(emitter *yaml_emitter_t, problem string) bool {
-	emitter.error = yaml_EMITTER_ERROR
-	emitter.problem = problem
-	return false
-}
-
-// Emit an event.
-func yaml_emitter_emit(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	emitter.events = append(emitter.events, *event)
-	for !yaml_emitter_need_more_events(emitter) {
-		event := &emitter.events[emitter.events_head]
-		if !yaml_emitter_analyze_event(emitter, event) {
-			return false
-		}
-		if !yaml_emitter_state_machine(emitter, event) {
-			return false
-		}
-		yaml_event_delete(event)
-		emitter.events_head++
-	}
-	return true
-}
-
-// Check if we need to accumulate more events before emitting.
-//
-// We accumulate extra
-//  - 1 event for DOCUMENT-START
-//  - 2 events for SEQUENCE-START
-//  - 3 events for MAPPING-START
-//
-func yaml_emitter_need_more_events(emitter *yaml_emitter_t) bool {
-	if emitter.events_head == len(emitter.events) {
-		return true
-	}
-	var accumulate int
-	switch emitter.events[emitter.events_head].typ {
-	case yaml_DOCUMENT_START_EVENT:
-		accumulate = 1
-		break
-	case yaml_SEQUENCE_START_EVENT:
-		accumulate = 2
-		break
-	case yaml_MAPPING_START_EVENT:
-		accumulate = 3
-		break
-	default:
-		return false
-	}
-	if len(emitter.events)-emitter.events_head > accumulate {
-		return false
-	}
-	var level int
-	for i := emitter.events_head; i < len(emitter.events); i++ {
-		switch emitter.events[i].typ {
-		case yaml_STREAM_START_EVENT, yaml_DOCUMENT_START_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT:
-			level++
-		case yaml_STREAM_END_EVENT, yaml_DOCUMENT_END_EVENT, yaml_SEQUENCE_END_EVENT, yaml_MAPPING_END_EVENT:
-			level--
-		}
-		if level == 0 {
-			return false
-		}
-	}
-	return true
-}
-
-// Append a directive to the directives stack.
-func yaml_emitter_append_tag_directive(emitter *yaml_emitter_t, value *yaml_tag_directive_t, allow_duplicates bool) bool {
-	for i := 0; i < len(emitter.tag_directives); i++ {
-		if bytes.Equal(value.handle, emitter.tag_directives[i].handle) {
-			if allow_duplicates {
-				return true
-			}
-			return yaml_emitter_set_emitter_error(emitter, "duplicate %TAG directive")
-		}
-	}
-
-	// [Go] Do we actually need to copy this given garbage collection
-	// and the lack of deallocating destructors?
-	tag_copy := yaml_tag_directive_t{
-		handle: make([]byte, len(value.handle)),
-		prefix: make([]byte, len(value.prefix)),
-	}
-	copy(tag_copy.handle, value.handle)
-	copy(tag_copy.prefix, value.prefix)
-	emitter.tag_directives = append(emitter.tag_directives, tag_copy)
-	return true
-}
-
-// Increase the indentation level.
-func yaml_emitter_increase_indent(emitter *yaml_emitter_t, flow, indentless bool) bool {
-	emitter.indents = append(emitter.indents, emitter.indent)
-	if emitter.indent < 0 {
-		if flow {
-			emitter.indent = emitter.best_indent
-		} else {
-			emitter.indent = 0
-		}
-	} else if !indentless {
-		// [Go] This was changed so that indentations are more regular.
-		if emitter.states[len(emitter.states)-1] == yaml_EMIT_BLOCK_SEQUENCE_ITEM_STATE {
-			// The first indent inside a sequence will just skip the "- " indicator.
-			emitter.indent += 2
-		} else {
-			// Everything else aligns to the chosen indentation.
-			emitter.indent = emitter.best_indent*((emitter.indent+emitter.best_indent)/emitter.best_indent)
-		}
-	}
-	return true
-}
-
-// State dispatcher.
-func yaml_emitter_state_machine(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	switch emitter.state {
-	default:
-	case yaml_EMIT_STREAM_START_STATE:
-		return yaml_emitter_emit_stream_start(emitter, event)
-
-	case yaml_EMIT_FIRST_DOCUMENT_START_STATE:
-		return yaml_emitter_emit_document_start(emitter, event, true)
-
-	case yaml_EMIT_DOCUMENT_START_STATE:
-		return yaml_emitter_emit_document_start(emitter, event, false)
-
-	case yaml_EMIT_DOCUMENT_CONTENT_STATE:
-		return yaml_emitter_emit_document_content(emitter, event)
-
-	case yaml_EMIT_DOCUMENT_END_STATE:
-		return yaml_emitter_emit_document_end(emitter, event)
-
-	case yaml_EMIT_FLOW_SEQUENCE_FIRST_ITEM_STATE:
-		return yaml_emitter_emit_flow_sequence_item(emitter, event, true, false)
-
-	case yaml_EMIT_FLOW_SEQUENCE_TRAIL_ITEM_STATE:
-		return yaml_emitter_emit_flow_sequence_item(emitter, event, false, true)
-
-	case yaml_EMIT_FLOW_SEQUENCE_ITEM_STATE:
-		return yaml_emitter_emit_flow_sequence_item(emitter, event, false, false)
-
-	case yaml_EMIT_FLOW_MAPPING_FIRST_KEY_STATE:
-		return yaml_emitter_emit_flow_mapping_key(emitter, event, true, false)
-
-	case yaml_EMIT_FLOW_MAPPING_TRAIL_KEY_STATE:
-		return yaml_emitter_emit_flow_mapping_key(emitter, event, false, true)
-
-	case yaml_EMIT_FLOW_MAPPING_KEY_STATE:
-		return yaml_emitter_emit_flow_mapping_key(emitter, event, false, false)
-
-	case yaml_EMIT_FLOW_MAPPING_SIMPLE_VALUE_STATE:
-		return yaml_emitter_emit_flow_mapping_value(emitter, event, true)
-
-	case yaml_EMIT_FLOW_MAPPING_VALUE_STATE:
-		return yaml_emitter_emit_flow_mapping_value(emitter, event, false)
-
-	case yaml_EMIT_BLOCK_SEQUENCE_FIRST_ITEM_STATE:
-		return yaml_emitter_emit_block_sequence_item(emitter, event, true)
-
-	case yaml_EMIT_BLOCK_SEQUENCE_ITEM_STATE:
-		return yaml_emitter_emit_block_sequence_item(emitter, event, false)
-
-	case yaml_EMIT_BLOCK_MAPPING_FIRST_KEY_STATE:
-		return yaml_emitter_emit_block_mapping_key(emitter, event, true)
-
-	case yaml_EMIT_BLOCK_MAPPING_KEY_STATE:
-		return yaml_emitter_emit_block_mapping_key(emitter, event, false)
-
-	case yaml_EMIT_BLOCK_MAPPING_SIMPLE_VALUE_STATE:
-		return yaml_emitter_emit_block_mapping_value(emitter, event, true)
-
-	case yaml_EMIT_BLOCK_MAPPING_VALUE_STATE:
-		return yaml_emitter_emit_block_mapping_value(emitter, event, false)
-
-	case yaml_EMIT_END_STATE:
-		return yaml_emitter_set_emitter_error(emitter, "expected nothing after STREAM-END")
-	}
-	panic("invalid emitter state")
-}
-
-// Expect STREAM-START.
-func yaml_emitter_emit_stream_start(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	if event.typ != yaml_STREAM_START_EVENT {
-		return yaml_emitter_set_emitter_error(emitter, "expected STREAM-START")
-	}
-	if emitter.encoding == yaml_ANY_ENCODING {
-		emitter.encoding = event.encoding
-		if emitter.encoding == yaml_ANY_ENCODING {
-			emitter.encoding = yaml_UTF8_ENCODING
-		}
-	}
-	if emitter.best_indent < 2 || emitter.best_indent > 9 {
-		emitter.best_indent = 2
-	}
-	if emitter.best_width >= 0 && emitter.best_width <= emitter.best_indent*2 {
-		emitter.best_width = 80
-	}
-	if emitter.best_width < 0 {
-		emitter.best_width = 1<<31 - 1
-	}
-	if emitter.line_break == yaml_ANY_BREAK {
-		emitter.line_break = yaml_LN_BREAK
-	}
-
-	emitter.indent = -1
-	emitter.line = 0
-	emitter.column = 0
-	emitter.whitespace = true
-	emitter.indention = true
-	emitter.space_above = true
-	emitter.foot_indent = -1
-
-	if emitter.encoding != yaml_UTF8_ENCODING {
-		if !yaml_emitter_write_bom(emitter) {
-			return false
-		}
-	}
-	emitter.state = yaml_EMIT_FIRST_DOCUMENT_START_STATE
-	return true
-}
-
-// Expect DOCUMENT-START or STREAM-END.
-func yaml_emitter_emit_document_start(emitter *yaml_emitter_t, event *yaml_event_t, first bool) bool {
-
-	if event.typ == yaml_DOCUMENT_START_EVENT {
-
-		if event.version_directive != nil {
-			if !yaml_emitter_analyze_version_directive(emitter, event.version_directive) {
-				return false
-			}
-		}
-
-		for i := 0; i < len(event.tag_directives); i++ {
-			tag_directive := &event.tag_directives[i]
-			if !yaml_emitter_analyze_tag_directive(emitter, tag_directive) {
-				return false
-			}
-			if !yaml_emitter_append_tag_directive(emitter, tag_directive, false) {
-				return false
-			}
-		}
-
-		for i := 0; i < len(default_tag_directives); i++ {
-			tag_directive := &default_tag_directives[i]
-			if !yaml_emitter_append_tag_directive(emitter, tag_directive, true) {
-				return false
-			}
-		}
-
-		implicit := event.implicit
-		if !first || emitter.canonical {
-			implicit = false
-		}
-
-		if emitter.open_ended && (event.version_directive != nil || len(event.tag_directives) > 0) {
-			if !yaml_emitter_write_indicator(emitter, []byte("..."), true, false, false) {
-				return false
-			}
-			if !yaml_emitter_write_indent(emitter) {
-				return false
-			}
-		}
-
-		if event.version_directive != nil {
-			implicit = false
-			if !yaml_emitter_write_indicator(emitter, []byte("%YAML"), true, false, false) {
-				return false
-			}
-			if !yaml_emitter_write_indicator(emitter, []byte("1.1"), true, false, false) {
-				return false
-			}
-			if !yaml_emitter_write_indent(emitter) {
-				return false
-			}
-		}
-
-		if len(event.tag_directives) > 0 {
-			implicit = false
-			for i := 0; i < len(event.tag_directives); i++ {
-				tag_directive := &event.tag_directives[i]
-				if !yaml_emitter_write_indicator(emitter, []byte("%TAG"), true, false, false) {
-					return false
-				}
-				if !yaml_emitter_write_tag_handle(emitter, tag_directive.handle) {
-					return false
-				}
-				if !yaml_emitter_write_tag_content(emitter, tag_directive.prefix, true) {
-					return false
-				}
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-			}
-		}
-
-		if yaml_emitter_check_empty_document(emitter) {
-			implicit = false
-		}
-		if !implicit {
-			if !yaml_emitter_write_indent(emitter) {
-				return false
-			}
-			if !yaml_emitter_write_indicator(emitter, []byte("---"), true, false, false) {
-				return false
-			}
-			if emitter.canonical || true {
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-			}
-		}
-
-		if len(emitter.head_comment) > 0 {
-			if !yaml_emitter_process_head_comment(emitter) {
-				return false
-			}
-			if !put_break(emitter) {
-				return false
-			}
-		}
-
-		emitter.state = yaml_EMIT_DOCUMENT_CONTENT_STATE
-		return true
-	}
-
-	if event.typ == yaml_STREAM_END_EVENT {
-		if emitter.open_ended {
-			if !yaml_emitter_write_indicator(emitter, []byte("..."), true, false, false) {
-				return false
-			}
-			if !yaml_emitter_write_indent(emitter) {
-				return false
-			}
-		}
-		if !yaml_emitter_flush(emitter) {
-			return false
-		}
-		emitter.state = yaml_EMIT_END_STATE
-		return true
-	}
-
-	return yaml_emitter_set_emitter_error(emitter, "expected DOCUMENT-START or STREAM-END")
-}
-
-// Expect the root node.
-func yaml_emitter_emit_document_content(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	emitter.states = append(emitter.states, yaml_EMIT_DOCUMENT_END_STATE)
-
-	if !yaml_emitter_process_head_comment(emitter) {
-		return false
-	}
-	if !yaml_emitter_emit_node(emitter, event, true, false, false, false) {
-		return false
-	}
-	if !yaml_emitter_process_line_comment(emitter) {
-		return false
-	}
-	if !yaml_emitter_process_foot_comment(emitter) {
-		return false
-	}
-	return true
-}
-
-// Expect DOCUMENT-END.
-func yaml_emitter_emit_document_end(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	if event.typ != yaml_DOCUMENT_END_EVENT {
-		return yaml_emitter_set_emitter_error(emitter, "expected DOCUMENT-END")
-	}
-	// [Go] Force document foot separation.
-	emitter.foot_indent = 0
-	if !yaml_emitter_process_foot_comment(emitter) {
-		return false
-	}
-	emitter.foot_indent = -1
-	if !yaml_emitter_write_indent(emitter) {
-		return false
-	}
-	if !event.implicit {
-		// [Go] Allocate the slice elsewhere.
-		if !yaml_emitter_write_indicator(emitter, []byte("..."), true, false, false) {
-			return false
-		}
-		if !yaml_emitter_write_indent(emitter) {
-			return false
-		}
-	}
-	if !yaml_emitter_flush(emitter) {
-		return false
-	}
-	emitter.state = yaml_EMIT_DOCUMENT_START_STATE
-	emitter.tag_directives = emitter.tag_directives[:0]
-	return true
-}
-
-// Expect a flow item node.
-func yaml_emitter_emit_flow_sequence_item(emitter *yaml_emitter_t, event *yaml_event_t, first, trail bool) bool {
-	if first {
-		if !yaml_emitter_write_indicator(emitter, []byte{'['}, true, true, false) {
-			return false
-		}
-		if !yaml_emitter_increase_indent(emitter, true, false) {
-			return false
-		}
-		emitter.flow_level++
-	}
-
-	if event.typ == yaml_SEQUENCE_END_EVENT {
-		if emitter.canonical && !first && !trail {
-			if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
-				return false
-			}
-		}
-		emitter.flow_level--
-		emitter.indent = emitter.indents[len(emitter.indents)-1]
-		emitter.indents = emitter.indents[:len(emitter.indents)-1]
-		if emitter.column == 0 || emitter.canonical && !first {
-			if !yaml_emitter_write_indent(emitter) {
-				return false
-			}
-		}
-		if !yaml_emitter_write_indicator(emitter, []byte{']'}, false, false, false) {
-			return false
-		}
-		if !yaml_emitter_process_line_comment(emitter) {
-			return false
-		}
-		if !yaml_emitter_process_foot_comment(emitter) {
-			return false
-		}
-		emitter.state = emitter.states[len(emitter.states)-1]
-		emitter.states = emitter.states[:len(emitter.states)-1]
-
-		return true
-	}
-
-	if !first && !trail {
-		if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
-			return false
-		}
-	}
-
-	if !yaml_emitter_process_head_comment(emitter) {
-		return false
-	}
-	if emitter.column == 0 {
-		if !yaml_emitter_write_indent(emitter) {
-			return false
-		}
-	}
-
-	if emitter.canonical || emitter.column > emitter.best_width {
-		if !yaml_emitter_write_indent(emitter) {
-			return false
-		}
-	}
-	if len(emitter.line_comment)+len(emitter.foot_comment)+len(emitter.tail_comment) > 0 {
-		emitter.states = append(emitter.states, yaml_EMIT_FLOW_SEQUENCE_TRAIL_ITEM_STATE)
-	} else {
-		emitter.states = append(emitter.states, yaml_EMIT_FLOW_SEQUENCE_ITEM_STATE)
-	}
-	if !yaml_emitter_emit_node(emitter, event, false, true, false, false) {
-		return false
-	}
-	if len(emitter.line_comment)+len(emitter.foot_comment)+len(emitter.tail_comment) > 0 {
-		if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
-			return false
-		}
-	}
-	if !yaml_emitter_process_line_comment(emitter) {
-		return false
-	}
-	if !yaml_emitter_process_foot_comment(emitter) {
-		return false
-	}
-	return true
-}
-
-// Expect a flow key node.
-func yaml_emitter_emit_flow_mapping_key(emitter *yaml_emitter_t, event *yaml_event_t, first, trail bool) bool {
-	if first {
-		if !yaml_emitter_write_indicator(emitter, []byte{'{'}, true, true, false) {
-			return false
-		}
-		if !yaml_emitter_increase_indent(emitter, true, false) {
-			return false
-		}
-		emitter.flow_level++
-	}
-
-	if event.typ == yaml_MAPPING_END_EVENT {
-		if (emitter.canonical || len(emitter.head_comment)+len(emitter.foot_comment)+len(emitter.tail_comment) > 0) && !first && !trail {
-			if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
-				return false
-			}
-		}
-		if !yaml_emitter_process_head_comment(emitter) {
-			return false
-		}
-		emitter.flow_level--
-		emitter.indent = emitter.indents[len(emitter.indents)-1]
-		emitter.indents = emitter.indents[:len(emitter.indents)-1]
-		if emitter.canonical && !first {
-			if !yaml_emitter_write_indent(emitter) {
-				return false
-			}
-		}
-		if !yaml_emitter_write_indicator(emitter, []byte{'}'}, false, false, false) {
-			return false
-		}
-		if !yaml_emitter_process_line_comment(emitter) {
-			return false
-		}
-		if !yaml_emitter_process_foot_comment(emitter) {
-			return false
-		}
-		emitter.state = emitter.states[len(emitter.states)-1]
-		emitter.states = emitter.states[:len(emitter.states)-1]
-		return true
-	}
-
-	if !first && !trail {
-		if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
-			return false
-		}
-	}
-
-	if !yaml_emitter_process_head_comment(emitter) {
-		return false
-	}
-
-	if emitter.column == 0 {
-		if !yaml_emitter_write_indent(emitter) {
-			return false
-		}
-	}
-
-	if emitter.canonical || emitter.column > emitter.best_width {
-		if !yaml_emitter_write_indent(emitter) {
-			return false
-		}
-	}
-
-	if !emitter.canonical && yaml_emitter_check_simple_key(emitter) {
-		emitter.states = append(emitter.states, yaml_EMIT_FLOW_MAPPING_SIMPLE_VALUE_STATE)
-		return yaml_emitter_emit_node(emitter, event, false, false, true, true)
-	}
-	if !yaml_emitter_write_indicator(emitter, []byte{'?'}, true, false, false) {
-		return false
-	}
-	emitter.states = append(emitter.states, yaml_EMIT_FLOW_MAPPING_VALUE_STATE)
-	return yaml_emitter_emit_node(emitter, event, false, false, true, false)
-}
-
-// Expect a flow value node.
-func yaml_emitter_emit_flow_mapping_value(emitter *yaml_emitter_t, event *yaml_event_t, simple bool) bool {
-	if simple {
-		if !yaml_emitter_write_indicator(emitter, []byte{':'}, false, false, false) {
-			return false
-		}
-	} else {
-		if emitter.canonical || emitter.column > emitter.best_width {
-			if !yaml_emitter_write_indent(emitter) {
-				return false
-			}
-		}
-		if !yaml_emitter_write_indicator(emitter, []byte{':'}, true, false, false) {
-			return false
-		}
-	}
-	if len(emitter.line_comment)+len(emitter.foot_comment)+len(emitter.tail_comment) > 0 {
-		emitter.states = append(emitter.states, yaml_EMIT_FLOW_MAPPING_TRAIL_KEY_STATE)
-	} else {
-		emitter.states = append(emitter.states, yaml_EMIT_FLOW_MAPPING_KEY_STATE)
-	}
-	if !yaml_emitter_emit_node(emitter, event, false, false, true, false) {
-		return false
-	}
-	if len(emitter.line_comment)+len(emitter.foot_comment)+len(emitter.tail_comment) > 0 {
-		if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
-			return false
-		}
-	}
-	if !yaml_emitter_process_line_comment(emitter) {
-		return false
-	}
-	if !yaml_emitter_process_foot_comment(emitter) {
-		return false
-	}
-	return true
-}
-
-// Expect a block item node.
-func yaml_emitter_emit_block_sequence_item(emitter *yaml_emitter_t, event *yaml_event_t, first bool) bool {
-	if first {
-		if !yaml_emitter_increase_indent(emitter, false, false) {
-			return false
-		}
-	}
-	if event.typ == yaml_SEQUENCE_END_EVENT {
-		emitter.indent = emitter.indents[len(emitter.indents)-1]
-		emitter.indents = emitter.indents[:len(emitter.indents)-1]
-		emitter.state = emitter.states[len(emitter.states)-1]
-		emitter.states = emitter.states[:len(emitter.states)-1]
-		return true
-	}
-	if !yaml_emitter_process_head_comment(emitter) {
-		return false
-	}
-	if !yaml_emitter_write_indent(emitter) {
-		return false
-	}
-	if !yaml_emitter_write_indicator(emitter, []byte{'-'}, true, false, true) {
-		return false
-	}
-	emitter.states = append(emitter.states, yaml_EMIT_BLOCK_SEQUENCE_ITEM_STATE)
-	if !yaml_emitter_emit_node(emitter, event, false, true, false, false) {
-		return false
-	}
-	if !yaml_emitter_process_line_comment(emitter) {
-		return false
-	}
-	if !yaml_emitter_process_foot_comment(emitter) {
-		return false
-	}
-	return true
-}
-
-// Expect a block key node.
-func yaml_emitter_emit_block_mapping_key(emitter *yaml_emitter_t, event *yaml_event_t, first bool) bool {
-	if first {
-		if !yaml_emitter_increase_indent(emitter, false, false) {
-			return false
-		}
-	}
-	if !yaml_emitter_process_head_comment(emitter) {
-		return false
-	}
-	if event.typ == yaml_MAPPING_END_EVENT {
-		emitter.indent = emitter.indents[len(emitter.indents)-1]
-		emitter.indents = emitter.indents[:len(emitter.indents)-1]
-		emitter.state = emitter.states[len(emitter.states)-1]
-		emitter.states = emitter.states[:len(emitter.states)-1]
-		return true
-	}
-	if !yaml_emitter_write_indent(emitter) {
-		return false
-	}
-	if len(emitter.line_comment) > 0 {
-		// [Go] A line comment was provided for the key. That's unusual as the
-		//      scanner associates line comments with the value. Either way,
-		//      save the line comment and render it appropriately later.
-		emitter.key_line_comment = emitter.line_comment
-		emitter.line_comment = nil
-	}
-	if yaml_emitter_check_simple_key(emitter) {
-		emitter.states = append(emitter.states, yaml_EMIT_BLOCK_MAPPING_SIMPLE_VALUE_STATE)
-		return yaml_emitter_emit_node(emitter, event, false, false, true, true)
-	}
-	if !yaml_emitter_write_indicator(emitter, []byte{'?'}, true, false, true) {
-		return false
-	}
-	emitter.states = append(emitter.states, yaml_EMIT_BLOCK_MAPPING_VALUE_STATE)
-	return yaml_emitter_emit_node(emitter, event, false, false, true, false)
-}
-
-// Expect a block value node.
-func yaml_emitter_emit_block_mapping_value(emitter *yaml_emitter_t, event *yaml_event_t, simple bool) bool {
-	if simple {
-		if !yaml_emitter_write_indicator(emitter, []byte{':'}, false, false, false) {
-			return false
-		}
-	} else {
-		if !yaml_emitter_write_indent(emitter) {
-			return false
-		}
-		if !yaml_emitter_write_indicator(emitter, []byte{':'}, true, false, true) {
-			return false
-		}
-	}
-	if len(emitter.key_line_comment) > 0 {
-		// [Go] Line comments are generally associated with the value, but when there's
-		//      no value on the same line as a mapping key they end up attached to the
-		//      key itself.
-		if event.typ == yaml_SCALAR_EVENT {
-			if len(emitter.line_comment) == 0 {
-				// A scalar is coming and it has no line comments by itself yet,
-				// so just let it handle the line comment as usual. If it has a
-				// line comment, we can't have both so the one from the key is lost.
-				emitter.line_comment = emitter.key_line_comment
-				emitter.key_line_comment = nil
-			}
-		} else if event.sequence_style() != yaml_FLOW_SEQUENCE_STYLE && (event.typ == yaml_MAPPING_START_EVENT || event.typ == yaml_SEQUENCE_START_EVENT) {
-			// An indented block follows, so write the comment right now.
-			emitter.line_comment, emitter.key_line_comment = emitter.key_line_comment, emitter.line_comment
-			if !yaml_emitter_process_line_comment(emitter) {
-				return false
-			}
-			emitter.line_comment, emitter.key_line_comment = emitter.key_line_comment, emitter.line_comment
-		}
-	}
-	emitter.states = append(emitter.states, yaml_EMIT_BLOCK_MAPPING_KEY_STATE)
-	if !yaml_emitter_emit_node(emitter, event, false, false, true, false) {
-		return false
-	}
-	if !yaml_emitter_process_line_comment(emitter) {
-		return false
-	}
-	if !yaml_emitter_process_foot_comment(emitter) {
-		return false
-	}
-	return true
-}
-
-func yaml_emitter_silent_nil_event(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	return event.typ == yaml_SCALAR_EVENT && event.implicit && !emitter.canonical && len(emitter.scalar_data.value) == 0
-}
-
-// Expect a node.
-func yaml_emitter_emit_node(emitter *yaml_emitter_t, event *yaml_event_t,
-	root bool, sequence bool, mapping bool, simple_key bool) bool {
-
-	emitter.root_context = root
-	emitter.sequence_context = sequence
-	emitter.mapping_context = mapping
-	emitter.simple_key_context = simple_key
-
-	switch event.typ {
-	case yaml_ALIAS_EVENT:
-		return yaml_emitter_emit_alias(emitter, event)
-	case yaml_SCALAR_EVENT:
-		return yaml_emitter_emit_scalar(emitter, event)
-	case yaml_SEQUENCE_START_EVENT:
-		return yaml_emitter_emit_sequence_start(emitter, event)
-	case yaml_MAPPING_START_EVENT:
-		return yaml_emitter_emit_mapping_start(emitter, event)
-	default:
-		return yaml_emitter_set_emitter_error(emitter,
-			fmt.Sprintf("expected SCALAR, SEQUENCE-START, MAPPING-START, or ALIAS, but got %v", event.typ))
-	}
-}
-
-// Expect ALIAS.
-func yaml_emitter_emit_alias(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	if !yaml_emitter_process_anchor(emitter) {
-		return false
-	}
-	emitter.state = emitter.states[len(emitter.states)-1]
-	emitter.states = emitter.states[:len(emitter.states)-1]
-	return true
-}
-
-// Expect SCALAR.
-func yaml_emitter_emit_scalar(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	if !yaml_emitter_select_scalar_style(emitter, event) {
-		return false
-	}
-	if !yaml_emitter_process_anchor(emitter) {
-		return false
-	}
-	if !yaml_emitter_process_tag(emitter) {
-		return false
-	}
-	if !yaml_emitter_increase_indent(emitter, true, false) {
-		return false
-	}
-	if !yaml_emitter_process_scalar(emitter) {
-		return false
-	}
-	emitter.indent = emitter.indents[len(emitter.indents)-1]
-	emitter.indents = emitter.indents[:len(emitter.indents)-1]
-	emitter.state = emitter.states[len(emitter.states)-1]
-	emitter.states = emitter.states[:len(emitter.states)-1]
-	return true
-}
-
-// Expect SEQUENCE-START.
-func yaml_emitter_emit_sequence_start(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	if !yaml_emitter_process_anchor(emitter) {
-		return false
-	}
-	if !yaml_emitter_process_tag(emitter) {
-		return false
-	}
-	if emitter.flow_level > 0 || emitter.canonical || event.sequence_style() == yaml_FLOW_SEQUENCE_STYLE ||
-		yaml_emitter_check_empty_sequence(emitter) {
-		emitter.state = yaml_EMIT_FLOW_SEQUENCE_FIRST_ITEM_STATE
-	} else {
-		emitter.state = yaml_EMIT_BLOCK_SEQUENCE_FIRST_ITEM_STATE
-	}
-	return true
-}
-
-// Expect MAPPING-START.
-func yaml_emitter_emit_mapping_start(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-	if !yaml_emitter_process_anchor(emitter) {
-		return false
-	}
-	if !yaml_emitter_process_tag(emitter) {
-		return false
-	}
-	if emitter.flow_level > 0 || emitter.canonical || event.mapping_style() == yaml_FLOW_MAPPING_STYLE ||
-		yaml_emitter_check_empty_mapping(emitter) {
-		emitter.state = yaml_EMIT_FLOW_MAPPING_FIRST_KEY_STATE
-	} else {
-		emitter.state = yaml_EMIT_BLOCK_MAPPING_FIRST_KEY_STATE
-	}
-	return true
-}
-
-// Check if the document content is an empty scalar.
-func yaml_emitter_check_empty_document(emitter *yaml_emitter_t) bool {
-	return false // [Go] Huh?
-}
-
-// Check if the next events represent an empty sequence.
-func yaml_emitter_check_empty_sequence(emitter *yaml_emitter_t) bool {
-	if len(emitter.events)-emitter.events_head < 2 {
-		return false
-	}
-	return emitter.events[emitter.events_head].typ == yaml_SEQUENCE_START_EVENT &&
-		emitter.events[emitter.events_head+1].typ == yaml_SEQUENCE_END_EVENT
-}
-
-// Check if the next events represent an empty mapping.
-func yaml_emitter_check_empty_mapping(emitter *yaml_emitter_t) bool {
-	if len(emitter.events)-emitter.events_head < 2 {
-		return false
-	}
-	return emitter.events[emitter.events_head].typ == yaml_MAPPING_START_EVENT &&
-		emitter.events[emitter.events_head+1].typ == yaml_MAPPING_END_EVENT
-}
-
-// Check if the next node can be expressed as a simple key.
-func yaml_emitter_check_simple_key(emitter *yaml_emitter_t) bool {
-	length := 0
-	switch emitter.events[emitter.events_head].typ {
-	case yaml_ALIAS_EVENT:
-		length += len(emitter.anchor_data.anchor)
-	case yaml_SCALAR_EVENT:
-		if emitter.scalar_data.multiline {
-			return false
-		}
-		length += len(emitter.anchor_data.anchor) +
-			len(emitter.tag_data.handle) +
-			len(emitter.tag_data.suffix) +
-			len(emitter.scalar_data.value)
-	case yaml_SEQUENCE_START_EVENT:
-		if !yaml_emitter_check_empty_sequence(emitter) {
-			return false
-		}
-		length += len(emitter.anchor_data.anchor) +
-			len(emitter.tag_data.handle) +
-			len(emitter.tag_data.suffix)
-	case yaml_MAPPING_START_EVENT:
-		if !yaml_emitter_check_empty_mapping(emitter) {
-			return false
-		}
-		length += len(emitter.anchor_data.anchor) +
-			len(emitter.tag_data.handle) +
-			len(emitter.tag_data.suffix)
-	default:
-		return false
-	}
-	return length <= 128
-}
-
-// Determine an acceptable scalar style.
-func yaml_emitter_select_scalar_style(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-
-	no_tag := len(emitter.tag_data.handle) == 0 && len(emitter.tag_data.suffix) == 0
-	if no_tag && !event.implicit && !event.quoted_implicit {
-		return yaml_emitter_set_emitter_error(emitter, "neither tag nor implicit flags are specified")
-	}
-
-	style := event.scalar_style()
-	if style == yaml_ANY_SCALAR_STYLE {
-		style = yaml_PLAIN_SCALAR_STYLE
-	}
-	if emitter.canonical {
-		style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
-	}
-	if emitter.simple_key_context && emitter.scalar_data.multiline {
-		style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
-	}
-
-	if style == yaml_PLAIN_SCALAR_STYLE {
-		if emitter.flow_level > 0 && !emitter.scalar_data.flow_plain_allowed ||
-			emitter.flow_level == 0 && !emitter.scalar_data.block_plain_allowed {
-			style = yaml_SINGLE_QUOTED_SCALAR_STYLE
-		}
-		if len(emitter.scalar_data.value) == 0 && (emitter.flow_level > 0 || emitter.simple_key_context) {
-			style = yaml_SINGLE_QUOTED_SCALAR_STYLE
-		}
-		if no_tag && !event.implicit {
-			style = yaml_SINGLE_QUOTED_SCALAR_STYLE
-		}
-	}
-	if style == yaml_SINGLE_QUOTED_SCALAR_STYLE {
-		if !emitter.scalar_data.single_quoted_allowed {
-			style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
-		}
-	}
-	if style == yaml_LITERAL_SCALAR_STYLE || style == yaml_FOLDED_SCALAR_STYLE {
-		if !emitter.scalar_data.block_allowed || emitter.flow_level > 0 || emitter.simple_key_context {
-			style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
-		}
-	}
-
-	if no_tag && !event.quoted_implicit && style != yaml_PLAIN_SCALAR_STYLE {
-		emitter.tag_data.handle = []byte{'!'}
-	}
-	emitter.scalar_data.style = style
-	return true
-}
-
-// Write an anchor.
-func yaml_emitter_process_anchor(emitter *yaml_emitter_t) bool {
-	if emitter.anchor_data.anchor == nil {
-		return true
-	}
-	c := []byte{'&'}
-	if emitter.anchor_data.alias {
-		c[0] = '*'
-	}
-	if !yaml_emitter_write_indicator(emitter, c, true, false, false) {
-		return false
-	}
-	return yaml_emitter_write_anchor(emitter, emitter.anchor_data.anchor)
-}
-
-// Write a tag.
-func yaml_emitter_process_tag(emitter *yaml_emitter_t) bool {
-	if len(emitter.tag_data.handle) == 0 && len(emitter.tag_data.suffix) == 0 {
-		return true
-	}
-	if len(emitter.tag_data.handle) > 0 {
-		if !yaml_emitter_write_tag_handle(emitter, emitter.tag_data.handle) {
-			return false
-		}
-		if len(emitter.tag_data.suffix) > 0 {
-			if !yaml_emitter_write_tag_content(emitter, emitter.tag_data.suffix, false) {
-				return false
-			}
-		}
-	} else {
-		// [Go] Allocate these slices elsewhere.
-		if !yaml_emitter_write_indicator(emitter, []byte("!<"), true, false, false) {
-			return false
-		}
-		if !yaml_emitter_write_tag_content(emitter, emitter.tag_data.suffix, false) {
-			return false
-		}
-		if !yaml_emitter_write_indicator(emitter, []byte{'>'}, false, false, false) {
-			return false
-		}
-	}
-	return true
-}
-
-// Write a scalar.
-func yaml_emitter_process_scalar(emitter *yaml_emitter_t) bool {
-	switch emitter.scalar_data.style {
-	case yaml_PLAIN_SCALAR_STYLE:
-		return yaml_emitter_write_plain_scalar(emitter, emitter.scalar_data.value, !emitter.simple_key_context)
-
-	case yaml_SINGLE_QUOTED_SCALAR_STYLE:
-		return yaml_emitter_write_single_quoted_scalar(emitter, emitter.scalar_data.value, !emitter.simple_key_context)
-
-	case yaml_DOUBLE_QUOTED_SCALAR_STYLE:
-		return yaml_emitter_write_double_quoted_scalar(emitter, emitter.scalar_data.value, !emitter.simple_key_context)
-
-	case yaml_LITERAL_SCALAR_STYLE:
-		return yaml_emitter_write_literal_scalar(emitter, emitter.scalar_data.value)
-
-	case yaml_FOLDED_SCALAR_STYLE:
-		return yaml_emitter_write_folded_scalar(emitter, emitter.scalar_data.value)
-	}
-	panic("unknown scalar style")
-}
-
-// Write a head comment.
-func yaml_emitter_process_head_comment(emitter *yaml_emitter_t) bool {
-	if len(emitter.tail_comment) > 0 {
-		if !yaml_emitter_write_indent(emitter) {
-			return false
-		}
-		if !yaml_emitter_write_comment(emitter, emitter.tail_comment) {
-			return false
-		}
-		emitter.tail_comment = emitter.tail_comment[:0]
-		emitter.foot_indent = emitter.indent
-		if emitter.foot_indent < 0 {
-			emitter.foot_indent = 0
-		}
-	}
-
-	if len(emitter.head_comment) == 0 {
-		return true
-	}
-	if !yaml_emitter_write_indent(emitter) {
-		return false
-	}
-	if !yaml_emitter_write_comment(emitter, emitter.head_comment) {
-		return false
-	}
-	emitter.head_comment = emitter.head_comment[:0]
-	return true
-}
-
-// Write an line comment.
-func yaml_emitter_process_line_comment(emitter *yaml_emitter_t) bool {
-	if len(emitter.line_comment) == 0 {
-		return true
-	}
-	if !emitter.whitespace {
-		if !put(emitter, ' ') {
-			return false
-		}
-	}
-	if !yaml_emitter_write_comment(emitter, emitter.line_comment) {
-		return false
-	}
-	emitter.line_comment = emitter.line_comment[:0]
-	return true
-}
-
-// Write a foot comment.
-func yaml_emitter_process_foot_comment(emitter *yaml_emitter_t) bool {
-	if len(emitter.foot_comment) == 0 {
-		return true
-	}
-	if !yaml_emitter_write_indent(emitter) {
-		return false
-	}
-	if !yaml_emitter_write_comment(emitter, emitter.foot_comment) {
-		return false
-	}
-	emitter.foot_comment = emitter.foot_comment[:0]
-	emitter.foot_indent = emitter.indent
-	if emitter.foot_indent < 0 {
-		emitter.foot_indent = 0
-	}
-	return true
-}
-
-// Check if a %YAML directive is valid.
-func yaml_emitter_analyze_version_directive(emitter *yaml_emitter_t, version_directive *yaml_version_directive_t) bool {
-	if version_directive.major != 1 || version_directive.minor != 1 {
-		return yaml_emitter_set_emitter_error(emitter, "incompatible %YAML directive")
-	}
-	return true
-}
-
-// Check if a %TAG directive is valid.
-func yaml_emitter_analyze_tag_directive(emitter *yaml_emitter_t, tag_directive *yaml_tag_directive_t) bool {
-	handle := tag_directive.handle
-	prefix := tag_directive.prefix
-	if len(handle) == 0 {
-		return yaml_emitter_set_emitter_error(emitter, "tag handle must not be empty")
-	}
-	if handle[0] != '!' {
-		return yaml_emitter_set_emitter_error(emitter, "tag handle must start with '!'")
-	}
-	if handle[len(handle)-1] != '!' {
-		return yaml_emitter_set_emitter_error(emitter, "tag handle must end with '!'")
-	}
-	for i := 1; i < len(handle)-1; i += width(handle[i]) {
-		if !is_alpha(handle, i) {
-			return yaml_emitter_set_emitter_error(emitter, "tag handle must contain alphanumerical characters only")
-		}
-	}
-	if len(prefix) == 0 {
-		return yaml_emitter_set_emitter_error(emitter, "tag prefix must not be empty")
-	}
-	return true
-}
-
-// Check if an anchor is valid.
-func yaml_emitter_analyze_anchor(emitter *yaml_emitter_t, anchor []byte, alias bool) bool {
-	if len(anchor) == 0 {
-		problem := "anchor value must not be empty"
-		if alias {
-			problem = "alias value must not be empty"
-		}
-		return yaml_emitter_set_emitter_error(emitter, problem)
-	}
-	for i := 0; i < len(anchor); i += width(anchor[i]) {
-		if !is_alpha(anchor, i) {
-			problem := "anchor value must contain alphanumerical characters only"
-			if alias {
-				problem = "alias value must contain alphanumerical characters only"
-			}
-			return yaml_emitter_set_emitter_error(emitter, problem)
-		}
-	}
-	emitter.anchor_data.anchor = anchor
-	emitter.anchor_data.alias = alias
-	return true
-}
-
-// Check if a tag is valid.
-func yaml_emitter_analyze_tag(emitter *yaml_emitter_t, tag []byte) bool {
-	if len(tag) == 0 {
-		return yaml_emitter_set_emitter_error(emitter, "tag value must not be empty")
-	}
-	for i := 0; i < len(emitter.tag_directives); i++ {
-		tag_directive := &emitter.tag_directives[i]
-		if bytes.HasPrefix(tag, tag_directive.prefix) {
-			emitter.tag_data.handle = tag_directive.handle
-			emitter.tag_data.suffix = tag[len(tag_directive.prefix):]
-			return true
-		}
-	}
-	emitter.tag_data.suffix = tag
-	return true
-}
-
-// Check if a scalar is valid.
-func yaml_emitter_analyze_scalar(emitter *yaml_emitter_t, value []byte) bool {
-	var (
-		block_indicators   = false
-		flow_indicators    = false
-		line_breaks        = false
-		special_characters = false
-		tab_characters     = false
-
-		leading_space  = false
-		leading_break  = false
-		trailing_space = false
-		trailing_break = false
-		break_space    = false
-		space_break    = false
-
-		preceded_by_whitespace = false
-		followed_by_whitespace = false
-		previous_space         = false
-		previous_break         = false
-	)
-
-	emitter.scalar_data.value = value
-
-	if len(value) == 0 {
-		emitter.scalar_data.multiline = false
-		emitter.scalar_data.flow_plain_allowed = false
-		emitter.scalar_data.block_plain_allowed = true
-		emitter.scalar_data.single_quoted_allowed = true
-		emitter.scalar_data.block_allowed = false
-		return true
-	}
-
-	if len(value) >= 3 && ((value[0] == '-' && value[1] == '-' && value[2] == '-') || (value[0] == '.' && value[1] == '.' && value[2] == '.')) {
-		block_indicators = true
-		flow_indicators = true
-	}
-
-	preceded_by_whitespace = true
-	for i, w := 0, 0; i < len(value); i += w {
-		w = width(value[i])
-		followed_by_whitespace = i+w >= len(value) || is_blank(value, i+w)
-
-		if i == 0 {
-			switch value[i] {
-			case '#', ',', '[', ']', '{', '}', '&', '*', '!', '|', '>', '\'', '"', '%', '@', '`':
-				flow_indicators = true
-				block_indicators = true
-			case '?', ':':
-				flow_indicators = true
-				if followed_by_whitespace {
-					block_indicators = true
-				}
-			case '-':
-				if followed_by_whitespace {
-					flow_indicators = true
-					block_indicators = true
-				}
-			}
-		} else {
-			switch value[i] {
-			case ',', '?', '[', ']', '{', '}':
-				flow_indicators = true
-			case ':':
-				flow_indicators = true
-				if followed_by_whitespace {
-					block_indicators = true
-				}
-			case '#':
-				if preceded_by_whitespace {
-					flow_indicators = true
-					block_indicators = true
-				}
-			}
-		}
-
-		if value[i] == '\t' {
-			tab_characters = true
-		} else if !is_printable(value, i) || !is_ascii(value, i) && !emitter.unicode {
-			special_characters = true
-		}
-		if is_space(value, i) {
-			if i == 0 {
-				leading_space = true
-			}
-			if i+width(value[i]) == len(value) {
-				trailing_space = true
-			}
-			if previous_break {
-				break_space = true
-			}
-			previous_space = true
-			previous_break = false
-		} else if is_break(value, i) {
-			line_breaks = true
-			if i == 0 {
-				leading_break = true
-			}
-			if i+width(value[i]) == len(value) {
-				trailing_break = true
-			}
-			if previous_space {
-				space_break = true
-			}
-			previous_space = false
-			previous_break = true
-		} else {
-			previous_space = false
-			previous_break = false
-		}
-
-		// [Go]: Why 'z'? Couldn't be the end of the string as that's the loop condition.
-		preceded_by_whitespace = is_blankz(value, i)
-	}
-
-	emitter.scalar_data.multiline = line_breaks
-	emitter.scalar_data.flow_plain_allowed = true
-	emitter.scalar_data.block_plain_allowed = true
-	emitter.scalar_data.single_quoted_allowed = true
-	emitter.scalar_data.block_allowed = true
-
-	if leading_space || leading_break || trailing_space || trailing_break {
-		emitter.scalar_data.flow_plain_allowed = false
-		emitter.scalar_data.block_plain_allowed = false
-	}
-	if trailing_space {
-		emitter.scalar_data.block_allowed = false
-	}
-	if break_space {
-		emitter.scalar_data.flow_plain_allowed = false
-		emitter.scalar_data.block_plain_allowed = false
-		emitter.scalar_data.single_quoted_allowed = false
-	}
-	if space_break || tab_characters || special_characters {
-		emitter.scalar_data.flow_plain_allowed = false
-		emitter.scalar_data.block_plain_allowed = false
-		emitter.scalar_data.single_quoted_allowed = false
-	}
-	if space_break || special_characters {
-		emitter.scalar_data.block_allowed = false
-	}
-	if line_breaks {
-		emitter.scalar_data.flow_plain_allowed = false
-		emitter.scalar_data.block_plain_allowed = false
-	}
-	if flow_indicators {
-		emitter.scalar_data.flow_plain_allowed = false
-	}
-	if block_indicators {
-		emitter.scalar_data.block_plain_allowed = false
-	}
-	return true
-}
-
-// Check if the event data is valid.
-func yaml_emitter_analyze_event(emitter *yaml_emitter_t, event *yaml_event_t) bool {
-
-	emitter.anchor_data.anchor = nil
-	emitter.tag_data.handle = nil
-	emitter.tag_data.suffix = nil
-	emitter.scalar_data.value = nil
-
-	if len(event.head_comment) > 0 {
-		emitter.head_comment = event.head_comment
-	}
-	if len(event.line_comment) > 0 {
-		emitter.line_comment = event.line_comment
-	}
-	if len(event.foot_comment) > 0 {
-		emitter.foot_comment = event.foot_comment
-	}
-	if len(event.tail_comment) > 0 {
-		emitter.tail_comment = event.tail_comment
-	}
-
-	switch event.typ {
-	case yaml_ALIAS_EVENT:
-		if !yaml_emitter_analyze_anchor(emitter, event.anchor, true) {
-			return false
-		}
-
-	case yaml_SCALAR_EVENT:
-		if len(event.anchor) > 0 {
-			if !yaml_emitter_analyze_anchor(emitter, event.anchor, false) {
-				return false
-			}
-		}
-		if len(event.tag) > 0 && (emitter.canonical || (!event.implicit && !event.quoted_implicit)) {
-			if !yaml_emitter_analyze_tag(emitter, event.tag) {
-				return false
-			}
-		}
-		if !yaml_emitter_analyze_scalar(emitter, event.value) {
-			return false
-		}
-
-	case yaml_SEQUENCE_START_EVENT:
-		if len(event.anchor) > 0 {
-			if !yaml_emitter_analyze_anchor(emitter, event.anchor, false) {
-				return false
-			}
-		}
-		if len(event.tag) > 0 && (emitter.canonical || !event.implicit) {
-			if !yaml_emitter_analyze_tag(emitter, event.tag) {
-				return false
-			}
-		}
-
-	case yaml_MAPPING_START_EVENT:
-		if len(event.anchor) > 0 {
-			if !yaml_emitter_analyze_anchor(emitter, event.anchor, false) {
-				return false
-			}
-		}
-		if len(event.tag) > 0 && (emitter.canonical || !event.implicit) {
-			if !yaml_emitter_analyze_tag(emitter, event.tag) {
-				return false
-			}
-		}
-	}
-	return true
-}
-
-// Write the BOM character.
-func yaml_emitter_write_bom(emitter *yaml_emitter_t) bool {
-	if !flush(emitter) {
-		return false
-	}
-	pos := emitter.buffer_pos
-	emitter.buffer[pos+0] = '\xEF'
-	emitter.buffer[pos+1] = '\xBB'
-	emitter.buffer[pos+2] = '\xBF'
-	emitter.buffer_pos += 3
-	return true
-}
-
-func yaml_emitter_write_indent(emitter *yaml_emitter_t) bool {
-	indent := emitter.indent
-	if indent < 0 {
-		indent = 0
-	}
-	if !emitter.indention || emitter.column > indent || (emitter.column == indent && !emitter.whitespace) {
-		if !put_break(emitter) {
-			return false
-		}
-	}
-	if emitter.foot_indent == indent {
-		if !put_break(emitter) {
-			return false
-		}
-	}
-	for emitter.column < indent {
-		if !put(emitter, ' ') {
-			return false
-		}
-	}
-	emitter.whitespace = true
-	//emitter.indention = true
-	emitter.space_above = false
-	emitter.foot_indent = -1
-	return true
-}
-
-func yaml_emitter_write_indicator(emitter *yaml_emitter_t, indicator []byte, need_whitespace, is_whitespace, is_indention bool) bool {
-	if need_whitespace && !emitter.whitespace {
-		if !put(emitter, ' ') {
-			return false
-		}
-	}
-	if !write_all(emitter, indicator) {
-		return false
-	}
-	emitter.whitespace = is_whitespace
-	emitter.indention = (emitter.indention && is_indention)
-	emitter.open_ended = false
-	return true
-}
-
-func yaml_emitter_write_anchor(emitter *yaml_emitter_t, value []byte) bool {
-	if !write_all(emitter, value) {
-		return false
-	}
-	emitter.whitespace = false
-	emitter.indention = false
-	return true
-}
-
-func yaml_emitter_write_tag_handle(emitter *yaml_emitter_t, value []byte) bool {
-	if !emitter.whitespace {
-		if !put(emitter, ' ') {
-			return false
-		}
-	}
-	if !write_all(emitter, value) {
-		return false
-	}
-	emitter.whitespace = false
-	emitter.indention = false
-	return true
-}
-
-func yaml_emitter_write_tag_content(emitter *yaml_emitter_t, value []byte, need_whitespace bool) bool {
-	if need_whitespace && !emitter.whitespace {
-		if !put(emitter, ' ') {
-			return false
-		}
-	}
-	for i := 0; i < len(value); {
-		var must_write bool
-		switch value[i] {
-		case ';', '/', '?', ':', '@', '&', '=', '+', '$', ',', '_', '.', '~', '*', '\'', '(', ')', '[', ']':
-			must_write = true
-		default:
-			must_write = is_alpha(value, i)
-		}
-		if must_write {
-			if !write(emitter, value, &i) {
-				return false
-			}
-		} else {
-			w := width(value[i])
-			for k := 0; k < w; k++ {
-				octet := value[i]
-				i++
-				if !put(emitter, '%') {
-					return false
-				}
-
-				c := octet >> 4
-				if c < 10 {
-					c += '0'
-				} else {
-					c += 'A' - 10
-				}
-				if !put(emitter, c) {
-					return false
-				}
-
-				c = octet & 0x0f
-				if c < 10 {
-					c += '0'
-				} else {
-					c += 'A' - 10
-				}
-				if !put(emitter, c) {
-					return false
-				}
-			}
-		}
-	}
-	emitter.whitespace = false
-	emitter.indention = false
-	return true
-}
-
-func yaml_emitter_write_plain_scalar(emitter *yaml_emitter_t, value []byte, allow_breaks bool) bool {
-	if len(value) > 0 && !emitter.whitespace {
-		if !put(emitter, ' ') {
-			return false
-		}
-	}
-
-	spaces := false
-	breaks := false
-	for i := 0; i < len(value); {
-		if is_space(value, i) {
-			if allow_breaks && !spaces && emitter.column > emitter.best_width && !is_space(value, i+1) {
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-				i += width(value[i])
-			} else {
-				if !write(emitter, value, &i) {
-					return false
-				}
-			}
-			spaces = true
-		} else if is_break(value, i) {
-			if !breaks && value[i] == '\n' {
-				if !put_break(emitter) {
-					return false
-				}
-			}
-			if !write_break(emitter, value, &i) {
-				return false
-			}
-			//emitter.indention = true
-			breaks = true
-		} else {
-			if breaks {
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-			}
-			if !write(emitter, value, &i) {
-				return false
-			}
-			emitter.indention = false
-			spaces = false
-			breaks = false
-		}
-	}
-
-	if len(value) > 0 {
-		emitter.whitespace = false
-	}
-	emitter.indention = false
-	if emitter.root_context {
-		emitter.open_ended = true
-	}
-
-	return true
-}
-
-func yaml_emitter_write_single_quoted_scalar(emitter *yaml_emitter_t, value []byte, allow_breaks bool) bool {
-
-	if !yaml_emitter_write_indicator(emitter, []byte{'\''}, true, false, false) {
-		return false
-	}
-
-	spaces := false
-	breaks := false
-	for i := 0; i < len(value); {
-		if is_space(value, i) {
-			if allow_breaks && !spaces && emitter.column > emitter.best_width && i > 0 && i < len(value)-1 && !is_space(value, i+1) {
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-				i += width(value[i])
-			} else {
-				if !write(emitter, value, &i) {
-					return false
-				}
-			}
-			spaces = true
-		} else if is_break(value, i) {
-			if !breaks && value[i] == '\n' {
-				if !put_break(emitter) {
-					return false
-				}
-			}
-			if !write_break(emitter, value, &i) {
-				return false
-			}
-			//emitter.indention = true
-			breaks = true
-		} else {
-			if breaks {
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-			}
-			if value[i] == '\'' {
-				if !put(emitter, '\'') {
-					return false
-				}
-			}
-			if !write(emitter, value, &i) {
-				return false
-			}
-			emitter.indention = false
-			spaces = false
-			breaks = false
-		}
-	}
-	if !yaml_emitter_write_indicator(emitter, []byte{'\''}, false, false, false) {
-		return false
-	}
-	emitter.whitespace = false
-	emitter.indention = false
-	return true
-}
-
-func yaml_emitter_write_double_quoted_scalar(emitter *yaml_emitter_t, value []byte, allow_breaks bool) bool {
-	spaces := false
-	if !yaml_emitter_write_indicator(emitter, []byte{'"'}, true, false, false) {
-		return false
-	}
-
-	for i := 0; i < len(value); {
-		if !is_printable(value, i) || (!emitter.unicode && !is_ascii(value, i)) ||
-			is_bom(value, i) || is_break(value, i) ||
-			value[i] == '"' || value[i] == '\\' {
-
-			octet := value[i]
-
-			var w int
-			var v rune
-			switch {
-			case octet&0x80 == 0x00:
-				w, v = 1, rune(octet&0x7F)
-			case octet&0xE0 == 0xC0:
-				w, v = 2, rune(octet&0x1F)
-			case octet&0xF0 == 0xE0:
-				w, v = 3, rune(octet&0x0F)
-			case octet&0xF8 == 0xF0:
-				w, v = 4, rune(octet&0x07)
-			}
-			for k := 1; k < w; k++ {
-				octet = value[i+k]
-				v = (v << 6) + (rune(octet) & 0x3F)
-			}
-			i += w
-
-			if !put(emitter, '\\') {
-				return false
-			}
-
-			var ok bool
-			switch v {
-			case 0x00:
-				ok = put(emitter, '0')
-			case 0x07:
-				ok = put(emitter, 'a')
-			case 0x08:
-				ok = put(emitter, 'b')
-			case 0x09:
-				ok = put(emitter, 't')
-			case 0x0A:
-				ok = put(emitter, 'n')
-			case 0x0b:
-				ok = put(emitter, 'v')
-			case 0x0c:
-				ok = put(emitter, 'f')
-			case 0x0d:
-				ok = put(emitter, 'r')
-			case 0x1b:
-				ok = put(emitter, 'e')
-			case 0x22:
-				ok = put(emitter, '"')
-			case 0x5c:
-				ok = put(emitter, '\\')
-			case 0x85:
-				ok = put(emitter, 'N')
-			case 0xA0:
-				ok = put(emitter, '_')
-			case 0x2028:
-				ok = put(emitter, 'L')
-			case 0x2029:
-				ok = put(emitter, 'P')
-			default:
-				if v <= 0xFF {
-					ok = put(emitter, 'x')
-					w = 2
-				} else if v <= 0xFFFF {
-					ok = put(emitter, 'u')
-					w = 4
-				} else {
-					ok = put(emitter, 'U')
-					w = 8
-				}
-				for k := (w - 1) * 4; ok && k >= 0; k -= 4 {
-					digit := byte((v >> uint(k)) & 0x0F)
-					if digit < 10 {
-						ok = put(emitter, digit+'0')
-					} else {
-						ok = put(emitter, digit+'A'-10)
-					}
-				}
-			}
-			if !ok {
-				return false
-			}
-			spaces = false
-		} else if is_space(value, i) {
-			if allow_breaks && !spaces && emitter.column > emitter.best_width && i > 0 && i < len(value)-1 {
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-				if is_space(value, i+1) {
-					if !put(emitter, '\\') {
-						return false
-					}
-				}
-				i += width(value[i])
-			} else if !write(emitter, value, &i) {
-				return false
-			}
-			spaces = true
-		} else {
-			if !write(emitter, value, &i) {
-				return false
-			}
-			spaces = false
-		}
-	}
-	if !yaml_emitter_write_indicator(emitter, []byte{'"'}, false, false, false) {
-		return false
-	}
-	emitter.whitespace = false
-	emitter.indention = false
-	return true
-}
-
-func yaml_emitter_write_block_scalar_hints(emitter *yaml_emitter_t, value []byte) bool {
-	if is_space(value, 0) || is_break(value, 0) {
-		indent_hint := []byte{'0' + byte(emitter.best_indent)}
-		if !yaml_emitter_write_indicator(emitter, indent_hint, false, false, false) {
-			return false
-		}
-	}
-
-	emitter.open_ended = false
-
-	var chomp_hint [1]byte
-	if len(value) == 0 {
-		chomp_hint[0] = '-'
-	} else {
-		i := len(value) - 1
-		for value[i]&0xC0 == 0x80 {
-			i--
-		}
-		if !is_break(value, i) {
-			chomp_hint[0] = '-'
-		} else if i == 0 {
-			chomp_hint[0] = '+'
-			emitter.open_ended = true
-		} else {
-			i--
-			for value[i]&0xC0 == 0x80 {
-				i--
-			}
-			if is_break(value, i) {
-				chomp_hint[0] = '+'
-				emitter.open_ended = true
-			}
-		}
-	}
-	if chomp_hint[0] != 0 {
-		if !yaml_emitter_write_indicator(emitter, chomp_hint[:], false, false, false) {
-			return false
-		}
-	}
-	return true
-}
-
-func yaml_emitter_write_literal_scalar(emitter *yaml_emitter_t, value []byte) bool {
-	if !yaml_emitter_write_indicator(emitter, []byte{'|'}, true, false, false) {
-		return false
-	}
-	if !yaml_emitter_write_block_scalar_hints(emitter, value) {
-		return false
-	}
-	if !yaml_emitter_process_line_comment(emitter) {
-		return false
-	}
-	//emitter.indention = true
-	emitter.whitespace = true
-	breaks := true
-	for i := 0; i < len(value); {
-		if is_break(value, i) {
-			if !write_break(emitter, value, &i) {
-				return false
-			}
-			//emitter.indention = true
-			breaks = true
-		} else {
-			if breaks {
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-			}
-			if !write(emitter, value, &i) {
-				return false
-			}
-			emitter.indention = false
-			breaks = false
-		}
-	}
-
-	return true
-}
-
-func yaml_emitter_write_folded_scalar(emitter *yaml_emitter_t, value []byte) bool {
-	if !yaml_emitter_write_indicator(emitter, []byte{'>'}, true, false, false) {
-		return false
-	}
-	if !yaml_emitter_write_block_scalar_hints(emitter, value) {
-		return false
-	}
-	if !yaml_emitter_process_line_comment(emitter) {
-		return false
-	}
-
-	//emitter.indention = true
-	emitter.whitespace = true
-
-	breaks := true
-	leading_spaces := true
-	for i := 0; i < len(value); {
-		if is_break(value, i) {
-			if !breaks && !leading_spaces && value[i] == '\n' {
-				k := 0
-				for is_break(value, k) {
-					k += width(value[k])
-				}
-				if !is_blankz(value, k) {
-					if !put_break(emitter) {
-						return false
-					}
-				}
-			}
-			if !write_break(emitter, value, &i) {
-				return false
-			}
-			//emitter.indention = true
-			breaks = true
-		} else {
-			if breaks {
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-				leading_spaces = is_blank(value, i)
-			}
-			if !breaks && is_space(value, i) && !is_space(value, i+1) && emitter.column > emitter.best_width {
-				if !yaml_emitter_write_indent(emitter) {
-					return false
-				}
-				i += width(value[i])
-			} else {
-				if !write(emitter, value, &i) {
-					return false
-				}
-			}
-			emitter.indention = false
-			breaks = false
-		}
-	}
-	return true
-}
-
-func yaml_emitter_write_comment(emitter *yaml_emitter_t, comment []byte) bool {
-	breaks := false
-	pound := false
-	for i := 0; i < len(comment); {
-		if is_break(comment, i) {
-			if !write_break(emitter, comment, &i) {
-				return false
-			}
-			//emitter.indention = true
-			breaks = true
-			pound = false
-		} else {
-			if breaks && !yaml_emitter_write_indent(emitter) {
-				return false
-			}
-			if !pound {
-				if comment[i] != '#' && (!put(emitter, '#') || !put(emitter, ' ')) {
-					return false
-				}
-				pound = true
-			}
-			if !write(emitter, comment, &i) {
-				return false
-			}
-			emitter.indention = false
-			breaks = false
-		}
-	}
-	if !breaks && !put_break(emitter) {
-		return false
-	}
-
-	emitter.whitespace = true
-	//emitter.indention = true
-	return true
-}
diff --git a/vendor/gopkg.in/yaml.v3/encode.go b/vendor/gopkg.in/yaml.v3/encode.go
deleted file mode 100644
index de9e72a3e..000000000
--- a/vendor/gopkg.in/yaml.v3/encode.go
+++ /dev/null
@@ -1,577 +0,0 @@
-//
-// Copyright (c) 2011-2019 Canonical Ltd
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package yaml
-
-import (
-	"encoding"
-	"fmt"
-	"io"
-	"reflect"
-	"regexp"
-	"sort"
-	"strconv"
-	"strings"
-	"time"
-	"unicode/utf8"
-)
-
-type encoder struct {
-	emitter  yaml_emitter_t
-	event    yaml_event_t
-	out      []byte
-	flow     bool
-	indent   int
-	doneInit bool
-}
-
-func newEncoder() *encoder {
-	e := &encoder{}
-	yaml_emitter_initialize(&e.emitter)
-	yaml_emitter_set_output_string(&e.emitter, &e.out)
-	yaml_emitter_set_unicode(&e.emitter, true)
-	return e
-}
-
-func newEncoderWithWriter(w io.Writer) *encoder {
-	e := &encoder{}
-	yaml_emitter_initialize(&e.emitter)
-	yaml_emitter_set_output_writer(&e.emitter, w)
-	yaml_emitter_set_unicode(&e.emitter, true)
-	return e
-}
-
-func (e *encoder) init() {
-	if e.doneInit {
-		return
-	}
-	if e.indent == 0 {
-		e.indent = 4
-	}
-	e.emitter.best_indent = e.indent
-	yaml_stream_start_event_initialize(&e.event, yaml_UTF8_ENCODING)
-	e.emit()
-	e.doneInit = true
-}
-
-func (e *encoder) finish() {
-	e.emitter.open_ended = false
-	yaml_stream_end_event_initialize(&e.event)
-	e.emit()
-}
-
-func (e *encoder) destroy() {
-	yaml_emitter_delete(&e.emitter)
-}
-
-func (e *encoder) emit() {
-	// This will internally delete the e.event value.
-	e.must(yaml_emitter_emit(&e.emitter, &e.event))
-}
-
-func (e *encoder) must(ok bool) {
-	if !ok {
-		msg := e.emitter.problem
-		if msg == "" {
-			msg = "unknown problem generating YAML content"
-		}
-		failf("%s", msg)
-	}
-}
-
-func (e *encoder) marshalDoc(tag string, in reflect.Value) {
-	e.init()
-	var node *Node
-	if in.IsValid() {
-		node, _ = in.Interface().(*Node)
-	}
-	if node != nil && node.Kind == DocumentNode {
-		e.nodev(in)
-	} else {
-		yaml_document_start_event_initialize(&e.event, nil, nil, true)
-		e.emit()
-		e.marshal(tag, in)
-		yaml_document_end_event_initialize(&e.event, true)
-		e.emit()
-	}
-}
-
-func (e *encoder) marshal(tag string, in reflect.Value) {
-	tag = shortTag(tag)
-	if !in.IsValid() || in.Kind() == reflect.Ptr && in.IsNil() {
-		e.nilv()
-		return
-	}
-	iface := in.Interface()
-	switch value := iface.(type) {
-	case *Node:
-		e.nodev(in)
-		return
-	case Node:
-		if !in.CanAddr() {
-			var n = reflect.New(in.Type()).Elem()
-			n.Set(in)
-			in = n
-		}
-		e.nodev(in.Addr())
-		return
-	case time.Time:
-		e.timev(tag, in)
-		return
-	case *time.Time:
-		e.timev(tag, in.Elem())
-		return
-	case time.Duration:
-		e.stringv(tag, reflect.ValueOf(value.String()))
-		return
-	case Marshaler:
-		v, err := value.MarshalYAML()
-		if err != nil {
-			fail(err)
-		}
-		if v == nil {
-			e.nilv()
-			return
-		}
-		e.marshal(tag, reflect.ValueOf(v))
-		return
-	case encoding.TextMarshaler:
-		text, err := value.MarshalText()
-		if err != nil {
-			fail(err)
-		}
-		in = reflect.ValueOf(string(text))
-	case nil:
-		e.nilv()
-		return
-	}
-	switch in.Kind() {
-	case reflect.Interface:
-		e.marshal(tag, in.Elem())
-	case reflect.Map:
-		e.mapv(tag, in)
-	case reflect.Ptr:
-		e.marshal(tag, in.Elem())
-	case reflect.Struct:
-		e.structv(tag, in)
-	case reflect.Slice, reflect.Array:
-		e.slicev(tag, in)
-	case reflect.String:
-		e.stringv(tag, in)
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		e.intv(tag, in)
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		e.uintv(tag, in)
-	case reflect.Float32, reflect.Float64:
-		e.floatv(tag, in)
-	case reflect.Bool:
-		e.boolv(tag, in)
-	default:
-		panic("cannot marshal type: " + in.Type().String())
-	}
-}
-
-func (e *encoder) mapv(tag string, in reflect.Value) {
-	e.mappingv(tag, func() {
-		keys := keyList(in.MapKeys())
-		sort.Sort(keys)
-		for _, k := range keys {
-			e.marshal("", k)
-			e.marshal("", in.MapIndex(k))
-		}
-	})
-}
-
-func (e *encoder) fieldByIndex(v reflect.Value, index []int) (field reflect.Value) {
-	for _, num := range index {
-		for {
-			if v.Kind() == reflect.Ptr {
-				if v.IsNil() {
-					return reflect.Value{}
-				}
-				v = v.Elem()
-				continue
-			}
-			break
-		}
-		v = v.Field(num)
-	}
-	return v
-}
-
-func (e *encoder) structv(tag string, in reflect.Value) {
-	sinfo, err := getStructInfo(in.Type())
-	if err != nil {
-		panic(err)
-	}
-	e.mappingv(tag, func() {
-		for _, info := range sinfo.FieldsList {
-			var value reflect.Value
-			if info.Inline == nil {
-				value = in.Field(info.Num)
-			} else {
-				value = e.fieldByIndex(in, info.Inline)
-				if !value.IsValid() {
-					continue
-				}
-			}
-			if info.OmitEmpty && isZero(value) {
-				continue
-			}
-			e.marshal("", reflect.ValueOf(info.Key))
-			e.flow = info.Flow
-			e.marshal("", value)
-		}
-		if sinfo.InlineMap >= 0 {
-			m := in.Field(sinfo.InlineMap)
-			if m.Len() > 0 {
-				e.flow = false
-				keys := keyList(m.MapKeys())
-				sort.Sort(keys)
-				for _, k := range keys {
-					if _, found := sinfo.FieldsMap[k.String()]; found {
-						panic(fmt.Sprintf("cannot have key %q in inlined map: conflicts with struct field", k.String()))
-					}
-					e.marshal("", k)
-					e.flow = false
-					e.marshal("", m.MapIndex(k))
-				}
-			}
-		}
-	})
-}
-
-func (e *encoder) mappingv(tag string, f func()) {
-	implicit := tag == ""
-	style := yaml_BLOCK_MAPPING_STYLE
-	if e.flow {
-		e.flow = false
-		style = yaml_FLOW_MAPPING_STYLE
-	}
-	yaml_mapping_start_event_initialize(&e.event, nil, []byte(tag), implicit, style)
-	e.emit()
-	f()
-	yaml_mapping_end_event_initialize(&e.event)
-	e.emit()
-}
-
-func (e *encoder) slicev(tag string, in reflect.Value) {
-	implicit := tag == ""
-	style := yaml_BLOCK_SEQUENCE_STYLE
-	if e.flow {
-		e.flow = false
-		style = yaml_FLOW_SEQUENCE_STYLE
-	}
-	e.must(yaml_sequence_start_event_initialize(&e.event, nil, []byte(tag), implicit, style))
-	e.emit()
-	n := in.Len()
-	for i := 0; i < n; i++ {
-		e.marshal("", in.Index(i))
-	}
-	e.must(yaml_sequence_end_event_initialize(&e.event))
-	e.emit()
-}
-
-// isBase60 returns whether s is in base 60 notation as defined in YAML 1.1.
-//
-// The base 60 float notation in YAML 1.1 is a terrible idea and is unsupported
-// in YAML 1.2 and by this package, but these should be marshalled quoted for
-// the time being for compatibility with other parsers.
-func isBase60Float(s string) (result bool) {
-	// Fast path.
-	if s == "" {
-		return false
-	}
-	c := s[0]
-	if !(c == '+' || c == '-' || c >= '0' && c <= '9') || strings.IndexByte(s, ':') < 0 {
-		return false
-	}
-	// Do the full match.
-	return base60float.MatchString(s)
-}
-
-// From http://yaml.org/type/float.html, except the regular expression there
-// is bogus. In practice parsers do not enforce the "\.[0-9_]*" suffix.
-var base60float = regexp.MustCompile(`^[-+]?[0-9][0-9_]*(?::[0-5]?[0-9])+(?:\.[0-9_]*)?$`)
-
-// isOldBool returns whether s is bool notation as defined in YAML 1.1.
-//
-// We continue to force strings that YAML 1.1 would interpret as booleans to be
-// rendered as quotes strings so that the marshalled output valid for YAML 1.1
-// parsing.
-func isOldBool(s string) (result bool) {
-	switch s {
-	case "y", "Y", "yes", "Yes", "YES", "on", "On", "ON",
-		"n", "N", "no", "No", "NO", "off", "Off", "OFF":
-		return true
-	default:
-		return false
-	}
-}
-
-func (e *encoder) stringv(tag string, in reflect.Value) {
-	var style yaml_scalar_style_t
-	s := in.String()
-	canUsePlain := true
-	switch {
-	case !utf8.ValidString(s):
-		if tag == binaryTag {
-			failf("explicitly tagged !!binary data must be base64-encoded")
-		}
-		if tag != "" {
-			failf("cannot marshal invalid UTF-8 data as %s", shortTag(tag))
-		}
-		// It can't be encoded directly as YAML so use a binary tag
-		// and encode it as base64.
-		tag = binaryTag
-		s = encodeBase64(s)
-	case tag == "":
-		// Check to see if it would resolve to a specific
-		// tag when encoded unquoted. If it doesn't,
-		// there's no need to quote it.
-		rtag, _ := resolve("", s)
-		canUsePlain = rtag == strTag && !(isBase60Float(s) || isOldBool(s))
-	}
-	// Note: it's possible for user code to emit invalid YAML
-	// if they explicitly specify a tag and a string containing
-	// text that's incompatible with that tag.
-	switch {
-	case strings.Contains(s, "\n"):
-		if e.flow {
-			style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
-		} else {
-			style = yaml_LITERAL_SCALAR_STYLE
-		}
-	case canUsePlain:
-		style = yaml_PLAIN_SCALAR_STYLE
-	default:
-		style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
-	}
-	e.emitScalar(s, "", tag, style, nil, nil, nil, nil)
-}
-
-func (e *encoder) boolv(tag string, in reflect.Value) {
-	var s string
-	if in.Bool() {
-		s = "true"
-	} else {
-		s = "false"
-	}
-	e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE, nil, nil, nil, nil)
-}
-
-func (e *encoder) intv(tag string, in reflect.Value) {
-	s := strconv.FormatInt(in.Int(), 10)
-	e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE, nil, nil, nil, nil)
-}
-
-func (e *encoder) uintv(tag string, in reflect.Value) {
-	s := strconv.FormatUint(in.Uint(), 10)
-	e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE, nil, nil, nil, nil)
-}
-
-func (e *encoder) timev(tag string, in reflect.Value) {
-	t := in.Interface().(time.Time)
-	s := t.Format(time.RFC3339Nano)
-	e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE, nil, nil, nil, nil)
-}
-
-func (e *encoder) floatv(tag string, in reflect.Value) {
-	// Issue #352: When formatting, use the precision of the underlying value
-	precision := 64
-	if in.Kind() == reflect.Float32 {
-		precision = 32
-	}
-
-	s := strconv.FormatFloat(in.Float(), 'g', -1, precision)
-	switch s {
-	case "+Inf":
-		s = ".inf"
-	case "-Inf":
-		s = "-.inf"
-	case "NaN":
-		s = ".nan"
-	}
-	e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE, nil, nil, nil, nil)
-}
-
-func (e *encoder) nilv() {
-	e.emitScalar("null", "", "", yaml_PLAIN_SCALAR_STYLE, nil, nil, nil, nil)
-}
-
-func (e *encoder) emitScalar(value, anchor, tag string, style yaml_scalar_style_t, head, line, foot, tail []byte) {
-	// TODO Kill this function. Replace all initialize calls by their underlining Go literals.
-	implicit := tag == ""
-	if !implicit {
-		tag = longTag(tag)
-	}
-	e.must(yaml_scalar_event_initialize(&e.event, []byte(anchor), []byte(tag), []byte(value), implicit, implicit, style))
-	e.event.head_comment = head
-	e.event.line_comment = line
-	e.event.foot_comment = foot
-	e.event.tail_comment = tail
-	e.emit()
-}
-
-func (e *encoder) nodev(in reflect.Value) {
-	e.node(in.Interface().(*Node), "")
-}
-
-func (e *encoder) node(node *Node, tail string) {
-	// Zero nodes behave as nil.
-	if node.Kind == 0 && node.IsZero() {
-		e.nilv()
-		return
-	}
-
-	// If the tag was not explicitly requested, and dropping it won't change the
-	// implicit tag of the value, don't include it in the presentation.
-	var tag = node.Tag
-	var stag = shortTag(tag)
-	var forceQuoting bool
-	if tag != "" && node.Style&TaggedStyle == 0 {
-		if node.Kind == ScalarNode {
-			if stag == strTag && node.Style&(SingleQuotedStyle|DoubleQuotedStyle|LiteralStyle|FoldedStyle) != 0 {
-				tag = ""
-			} else {
-				rtag, _ := resolve("", node.Value)
-				if rtag == stag {
-					tag = ""
-				} else if stag == strTag {
-					tag = ""
-					forceQuoting = true
-				}
-			}
-		} else {
-			var rtag string
-			switch node.Kind {
-			case MappingNode:
-				rtag = mapTag
-			case SequenceNode:
-				rtag = seqTag
-			}
-			if rtag == stag {
-				tag = ""
-			}
-		}
-	}
-
-	switch node.Kind {
-	case DocumentNode:
-		yaml_document_start_event_initialize(&e.event, nil, nil, true)
-		e.event.head_comment = []byte(node.HeadComment)
-		e.emit()
-		for _, node := range node.Content {
-			e.node(node, "")
-		}
-		yaml_document_end_event_initialize(&e.event, true)
-		e.event.foot_comment = []byte(node.FootComment)
-		e.emit()
-
-	case SequenceNode:
-		style := yaml_BLOCK_SEQUENCE_STYLE
-		if node.Style&FlowStyle != 0 {
-			style = yaml_FLOW_SEQUENCE_STYLE
-		}
-		e.must(yaml_sequence_start_event_initialize(&e.event, []byte(node.Anchor), []byte(longTag(tag)), tag == "", style))
-		e.event.head_comment = []byte(node.HeadComment)
-		e.emit()
-		for _, node := range node.Content {
-			e.node(node, "")
-		}
-		e.must(yaml_sequence_end_event_initialize(&e.event))
-		e.event.line_comment = []byte(node.LineComment)
-		e.event.foot_comment = []byte(node.FootComment)
-		e.emit()
-
-	case MappingNode:
-		style := yaml_BLOCK_MAPPING_STYLE
-		if node.Style&FlowStyle != 0 {
-			style = yaml_FLOW_MAPPING_STYLE
-		}
-		yaml_mapping_start_event_initialize(&e.event, []byte(node.Anchor), []byte(longTag(tag)), tag == "", style)
-		e.event.tail_comment = []byte(tail)
-		e.event.head_comment = []byte(node.HeadComment)
-		e.emit()
-
-		// The tail logic below moves the foot comment of prior keys to the following key,
-		// since the value for each key may be a nested structure and the foot needs to be
-		// processed only the entirety of the value is streamed. The last tail is processed
-		// with the mapping end event.
-		var tail string
-		for i := 0; i+1 < len(node.Content); i += 2 {
-			k := node.Content[i]
-			foot := k.FootComment
-			if foot != "" {
-				kopy := *k
-				kopy.FootComment = ""
-				k = &kopy
-			}
-			e.node(k, tail)
-			tail = foot
-
-			v := node.Content[i+1]
-			e.node(v, "")
-		}
-
-		yaml_mapping_end_event_initialize(&e.event)
-		e.event.tail_comment = []byte(tail)
-		e.event.line_comment = []byte(node.LineComment)
-		e.event.foot_comment = []byte(node.FootComment)
-		e.emit()
-
-	case AliasNode:
-		yaml_alias_event_initialize(&e.event, []byte(node.Value))
-		e.event.head_comment = []byte(node.HeadComment)
-		e.event.line_comment = []byte(node.LineComment)
-		e.event.foot_comment = []byte(node.FootComment)
-		e.emit()
-
-	case ScalarNode:
-		value := node.Value
-		if !utf8.ValidString(value) {
-			if stag == binaryTag {
-				failf("explicitly tagged !!binary data must be base64-encoded")
-			}
-			if stag != "" {
-				failf("cannot marshal invalid UTF-8 data as %s", stag)
-			}
-			// It can't be encoded directly as YAML so use a binary tag
-			// and encode it as base64.
-			tag = binaryTag
-			value = encodeBase64(value)
-		}
-
-		style := yaml_PLAIN_SCALAR_STYLE
-		switch {
-		case node.Style&DoubleQuotedStyle != 0:
-			style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
-		case node.Style&SingleQuotedStyle != 0:
-			style = yaml_SINGLE_QUOTED_SCALAR_STYLE
-		case node.Style&LiteralStyle != 0:
-			style = yaml_LITERAL_SCALAR_STYLE
-		case node.Style&FoldedStyle != 0:
-			style = yaml_FOLDED_SCALAR_STYLE
-		case strings.Contains(value, "\n"):
-			style = yaml_LITERAL_SCALAR_STYLE
-		case forceQuoting:
-			style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
-		}
-
-		e.emitScalar(value, node.Anchor, tag, style, []byte(node.HeadComment), []byte(node.LineComment), []byte(node.FootComment), []byte(tail))
-	default:
-		failf("cannot encode node with unknown kind %d", node.Kind)
-	}
-}
diff --git a/vendor/gopkg.in/yaml.v3/parserc.go b/vendor/gopkg.in/yaml.v3/parserc.go
deleted file mode 100644
index 268558a0d..000000000
--- a/vendor/gopkg.in/yaml.v3/parserc.go
+++ /dev/null
@@ -1,1258 +0,0 @@
-//
-// Copyright (c) 2011-2019 Canonical Ltd
-// Copyright (c) 2006-2010 Kirill Simonov
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy of
-// this software and associated documentation files (the "Software"), to deal in
-// the Software without restriction, including without limitation the rights to
-// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-// of the Software, and to permit persons to whom the Software is furnished to do
-// so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in all
-// copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-// SOFTWARE.
-
-package yaml
-
-import (
-	"bytes"
-)
-
-// The parser implements the following grammar:
-//
-// stream               ::= STREAM-START implicit_document? explicit_document* STREAM-END
-// implicit_document    ::= block_node DOCUMENT-END*
-// explicit_document    ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END*
-// block_node_or_indentless_sequence    ::=
-//                          ALIAS
-//                          | properties (block_content | indentless_block_sequence)?
-//                          | block_content
-//                          | indentless_block_sequence
-// block_node           ::= ALIAS
-//                          | properties block_content?
-//                          | block_content
-// flow_node            ::= ALIAS
-//                          | properties flow_content?
-//                          | flow_content
-// properties           ::= TAG ANCHOR? | ANCHOR TAG?
-// block_content        ::= block_collection | flow_collection | SCALAR
-// flow_content         ::= flow_collection | SCALAR
-// block_collection     ::= block_sequence | block_mapping
-// flow_collection      ::= flow_sequence | flow_mapping
-// block_sequence       ::= BLOCK-SEQUENCE-START (BLOCK-ENTRY block_node?)* BLOCK-END
-// indentless_sequence  ::= (BLOCK-ENTRY block_node?)+
-// block_mapping        ::= BLOCK-MAPPING_START
-//                          ((KEY block_node_or_indentless_sequence?)?
-//                          (VALUE block_node_or_indentless_sequence?)?)*
-//                          BLOCK-END
-// flow_sequence        ::= FLOW-SEQUENCE-START
-//                          (flow_sequence_entry FLOW-ENTRY)*
-//                          flow_sequence_entry?
-//                          FLOW-SEQUENCE-END
-// flow_sequence_entry  ::= flow_node | KEY flow_node? (VALUE flow_node?)?
-// flow_mapping         ::= FLOW-MAPPING-START
-//                          (flow_mapping_entry FLOW-ENTRY)*
-//                          flow_mapping_entry?
-//                          FLOW-MAPPING-END
-// flow_mapping_entry   ::= flow_node | KEY flow_node? (VALUE flow_node?)?
-
-// Peek the next token in the token queue.
-func peek_token(parser *yaml_parser_t) *yaml_token_t {
-	if parser.token_available || yaml_parser_fetch_more_tokens(parser) {
-		token := &parser.tokens[parser.tokens_head]
-		yaml_parser_unfold_comments(parser, token)
-		return token
-	}
-	return nil
-}
-
-// yaml_parser_unfold_comments walks through the comments queue and joins all
-// comments behind the position of the provided token into the respective
-// top-level comment slices in the parser.
-func yaml_parser_unfold_comments(parser *yaml_parser_t, token *yaml_token_t) {
-	for parser.comments_head < len(parser.comments) && token.start_mark.index >= parser.comments[parser.comments_head].token_mark.index {
-		comment := &parser.comments[parser.comments_head]
-		if len(comment.head) > 0 {
-			if token.typ == yaml_BLOCK_END_TOKEN {
-				// No heads on ends, so keep comment.head for a follow up token.
-				break
-			}
-			if len(parser.head_comment) > 0 {
-				parser.head_comment = append(parser.head_comment, '\n')
-			}
-			parser.head_comment = append(parser.head_comment, comment.head...)
-		}
-		if len(comment.foot) > 0 {
-			if len(parser.foot_comment) > 0 {
-				parser.foot_comment = append(parser.foot_comment, '\n')
-			}
-			parser.foot_comment = append(parser.foot_comment, comment.foot...)
-		}
-		if len(comment.line) > 0 {
-			if len(parser.line_comment) > 0 {
-				parser.line_comment = append(parser.line_comment, '\n')
-			}
-			parser.line_comment = append(parser.line_comment, comment.line...)
-		}
-		*comment = yaml_comment_t{}
-		parser.comments_head++
-	}
-}
-
-// Remove the next token from the queue (must be called after peek_token).
-func skip_token(parser *yaml_parser_t) {
-	parser.token_available = false
-	parser.tokens_parsed++
-	parser.stream_end_produced = parser.tokens[parser.tokens_head].typ == yaml_STREAM_END_TOKEN
-	parser.tokens_head++
-}
-
-// Get the next event.
-func yaml_parser_parse(parser *yaml_parser_t, event *yaml_event_t) bool {
-	// Erase the event object.
-	*event = yaml_event_t{}
-
-	// No events after the end of the stream or error.
-	if parser.stream_end_produced || parser.error != yaml_NO_ERROR || parser.state == yaml_PARSE_END_STATE {
-		return true
-	}
-
-	// Generate the next event.
-	return yaml_parser_state_machine(parser, event)
-}
-
-// Set parser error.
-func yaml_parser_set_parser_error(parser *yaml_parser_t, problem string, problem_mark yaml_mark_t) bool {
-	parser.error = yaml_PARSER_ERROR
-	parser.problem = problem
-	parser.problem_mark = problem_mark
-	return false
-}
-
-func yaml_parser_set_parser_error_context(parser *yaml_parser_t, context string, context_mark yaml_mark_t, problem string, problem_mark yaml_mark_t) bool {
-	parser.error = yaml_PARSER_ERROR
-	parser.context = context
-	parser.context_mark = context_mark
-	parser.problem = problem
-	parser.problem_mark = problem_mark
-	return false
-}
-
-// State dispatcher.
-func yaml_parser_state_machine(parser *yaml_parser_t, event *yaml_event_t) bool {
-	//trace("yaml_parser_state_machine", "state:", parser.state.String())
-
-	switch parser.state {
-	case yaml_PARSE_STREAM_START_STATE:
-		return yaml_parser_parse_stream_start(parser, event)
-
-	case yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE:
-		return yaml_parser_parse_document_start(parser, event, true)
-
-	case yaml_PARSE_DOCUMENT_START_STATE:
-		return yaml_parser_parse_document_start(parser, event, false)
-
-	case yaml_PARSE_DOCUMENT_CONTENT_STATE:
-		return yaml_parser_parse_document_content(parser, event)
-
-	case yaml_PARSE_DOCUMENT_END_STATE:
-		return yaml_parser_parse_document_end(parser, event)
-
-	case yaml_PARSE_BLOCK_NODE_STATE:
-		return yaml_parser_parse_node(parser, event, true, false)
-
-	case yaml_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE:
-		return yaml_parser_parse_node(parser, event, true, true)
-
-	case yaml_PARSE_FLOW_NODE_STATE:
-		return yaml_parser_parse_node(parser, event, false, false)
-
-	case yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE:
-		return yaml_parser_parse_block_sequence_entry(parser, event, true)
-
-	case yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE:
-		return yaml_parser_parse_block_sequence_entry(parser, event, false)
-
-	case yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE:
-		return yaml_parser_parse_indentless_sequence_entry(parser, event)
-
-	case yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE:
-		return yaml_parser_parse_block_mapping_key(parser, event, true)
-
-	case yaml_PARSE_BLOCK_MAPPING_KEY_STATE:
-		return yaml_parser_parse_block_mapping_key(parser, event, false)
-
-	case yaml_PARSE_BLOCK_MAPPING_VALUE_STATE:
-		return yaml_parser_parse_block_mapping_value(parser, event)
-
-	case yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE:
-		return yaml_parser_parse_flow_sequence_entry(parser, event, true)
-
-	case yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE:
-		return yaml_parser_parse_flow_sequence_entry(parser, event, false)
-
-	case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE:
-		return yaml_parser_parse_flow_sequence_entry_mapping_key(parser, event)
-
-	case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE:
-		return yaml_parser_parse_flow_sequence_entry_mapping_value(parser, event)
-
-	case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE:
-		return yaml_parser_parse_flow_sequence_entry_mapping_end(parser, event)
-
-	case yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE:
-		return yaml_parser_parse_flow_mapping_key(parser, event, true)
-
-	case yaml_PARSE_FLOW_MAPPING_KEY_STATE:
-		return yaml_parser_parse_flow_mapping_key(parser, event, false)
-
-	case yaml_PARSE_FLOW_MAPPING_VALUE_STATE:
-		return yaml_parser_parse_flow_mapping_value(parser, event, false)
-
-	case yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE:
-		return yaml_parser_parse_flow_mapping_value(parser, event, true)
-
-	default:
-		panic("invalid parser state")
-	}
-}
-
-// Parse the production:
-// stream   ::= STREAM-START implicit_document? explicit_document* STREAM-END
-//              ************
-func yaml_parser_parse_stream_start(parser *yaml_parser_t, event *yaml_event_t) bool {
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-	if token.typ != yaml_STREAM_START_TOKEN {
-		return yaml_parser_set_parser_error(parser, "did not find expected ", token.start_mark)
-	}
-	parser.state = yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE
-	*event = yaml_event_t{
-		typ:        yaml_STREAM_START_EVENT,
-		start_mark: token.start_mark,
-		end_mark:   token.end_mark,
-		encoding:   token.encoding,
-	}
-	skip_token(parser)
-	return true
-}
-
-// Parse the productions:
-// implicit_document    ::= block_node DOCUMENT-END*
-//                          *
-// explicit_document    ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END*
-//                          *************************
-func yaml_parser_parse_document_start(parser *yaml_parser_t, event *yaml_event_t, implicit bool) bool {
-
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-
-	// Parse extra document end indicators.
-	if !implicit {
-		for token.typ == yaml_DOCUMENT_END_TOKEN {
-			skip_token(parser)
-			token = peek_token(parser)
-			if token == nil {
-				return false
-			}
-		}
-	}
-
-	if implicit && token.typ != yaml_VERSION_DIRECTIVE_TOKEN &&
-		token.typ != yaml_TAG_DIRECTIVE_TOKEN &&
-		token.typ != yaml_DOCUMENT_START_TOKEN &&
-		token.typ != yaml_STREAM_END_TOKEN {
-		// Parse an implicit document.
-		if !yaml_parser_process_directives(parser, nil, nil) {
-			return false
-		}
-		parser.states = append(parser.states, yaml_PARSE_DOCUMENT_END_STATE)
-		parser.state = yaml_PARSE_BLOCK_NODE_STATE
-
-		var head_comment []byte
-		if len(parser.head_comment) > 0 {
-			// [Go] Scan the header comment backwards, and if an empty line is found, break
-			//      the header so the part before the last empty line goes into the
-			//      document header, while the bottom of it goes into a follow up event.
-			for i := len(parser.head_comment) - 1; i > 0; i-- {
-				if parser.head_comment[i] == '\n' {
-					if i == len(parser.head_comment)-1 {
-						head_comment = parser.head_comment[:i]
-						parser.head_comment = parser.head_comment[i+1:]
-						break
-					} else if parser.head_comment[i-1] == '\n' {
-						head_comment = parser.head_comment[:i-1]
-						parser.head_comment = parser.head_comment[i+1:]
-						break
-					}
-				}
-			}
-		}
-
-		*event = yaml_event_t{
-			typ:        yaml_DOCUMENT_START_EVENT,
-			start_mark: token.start_mark,
-			end_mark:   token.end_mark,
-
-			head_comment: head_comment,
-		}
-
-	} else if token.typ != yaml_STREAM_END_TOKEN {
-		// Parse an explicit document.
-		var version_directive *yaml_version_directive_t
-		var tag_directives []yaml_tag_directive_t
-		start_mark := token.start_mark
-		if !yaml_parser_process_directives(parser, &version_directive, &tag_directives) {
-			return false
-		}
-		token = peek_token(parser)
-		if token == nil {
-			return false
-		}
-		if token.typ != yaml_DOCUMENT_START_TOKEN {
-			yaml_parser_set_parser_error(parser,
-				"did not find expected ", token.start_mark)
-			return false
-		}
-		parser.states = append(parser.states, yaml_PARSE_DOCUMENT_END_STATE)
-		parser.state = yaml_PARSE_DOCUMENT_CONTENT_STATE
-		end_mark := token.end_mark
-
-		*event = yaml_event_t{
-			typ:               yaml_DOCUMENT_START_EVENT,
-			start_mark:        start_mark,
-			end_mark:          end_mark,
-			version_directive: version_directive,
-			tag_directives:    tag_directives,
-			implicit:          false,
-		}
-		skip_token(parser)
-
-	} else {
-		// Parse the stream end.
-		parser.state = yaml_PARSE_END_STATE
-		*event = yaml_event_t{
-			typ:        yaml_STREAM_END_EVENT,
-			start_mark: token.start_mark,
-			end_mark:   token.end_mark,
-		}
-		skip_token(parser)
-	}
-
-	return true
-}
-
-// Parse the productions:
-// explicit_document    ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END*
-//                                                    ***********
-//
-func yaml_parser_parse_document_content(parser *yaml_parser_t, event *yaml_event_t) bool {
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-
-	if token.typ == yaml_VERSION_DIRECTIVE_TOKEN ||
-		token.typ == yaml_TAG_DIRECTIVE_TOKEN ||
-		token.typ == yaml_DOCUMENT_START_TOKEN ||
-		token.typ == yaml_DOCUMENT_END_TOKEN ||
-		token.typ == yaml_STREAM_END_TOKEN {
-		parser.state = parser.states[len(parser.states)-1]
-		parser.states = parser.states[:len(parser.states)-1]
-		return yaml_parser_process_empty_scalar(parser, event,
-			token.start_mark)
-	}
-	return yaml_parser_parse_node(parser, event, true, false)
-}
-
-// Parse the productions:
-// implicit_document    ::= block_node DOCUMENT-END*
-//                                     *************
-// explicit_document    ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END*
-//
-func yaml_parser_parse_document_end(parser *yaml_parser_t, event *yaml_event_t) bool {
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-
-	start_mark := token.start_mark
-	end_mark := token.start_mark
-
-	implicit := true
-	if token.typ == yaml_DOCUMENT_END_TOKEN {
-		end_mark = token.end_mark
-		skip_token(parser)
-		implicit = false
-	}
-
-	parser.tag_directives = parser.tag_directives[:0]
-
-	parser.state = yaml_PARSE_DOCUMENT_START_STATE
-	*event = yaml_event_t{
-		typ:        yaml_DOCUMENT_END_EVENT,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-		implicit:   implicit,
-	}
-	yaml_parser_set_event_comments(parser, event)
-	if len(event.head_comment) > 0 && len(event.foot_comment) == 0 {
-		event.foot_comment = event.head_comment
-		event.head_comment = nil
-	}
-	return true
-}
-
-func yaml_parser_set_event_comments(parser *yaml_parser_t, event *yaml_event_t) {
-	event.head_comment = parser.head_comment
-	event.line_comment = parser.line_comment
-	event.foot_comment = parser.foot_comment
-	parser.head_comment = nil
-	parser.line_comment = nil
-	parser.foot_comment = nil
-	parser.tail_comment = nil
-	parser.stem_comment = nil
-}
-
-// Parse the productions:
-// block_node_or_indentless_sequence    ::=
-//                          ALIAS
-//                          *****
-//                          | properties (block_content | indentless_block_sequence)?
-//                            **********  *
-//                          | block_content | indentless_block_sequence
-//                            *
-// block_node           ::= ALIAS
-//                          *****
-//                          | properties block_content?
-//                            ********** *
-//                          | block_content
-//                            *
-// flow_node            ::= ALIAS
-//                          *****
-//                          | properties flow_content?
-//                            ********** *
-//                          | flow_content
-//                            *
-// properties           ::= TAG ANCHOR? | ANCHOR TAG?
-//                          *************************
-// block_content        ::= block_collection | flow_collection | SCALAR
-//                                                               ******
-// flow_content         ::= flow_collection | SCALAR
-//                                            ******
-func yaml_parser_parse_node(parser *yaml_parser_t, event *yaml_event_t, block, indentless_sequence bool) bool {
-	//defer trace("yaml_parser_parse_node", "block:", block, "indentless_sequence:", indentless_sequence)()
-
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-
-	if token.typ == yaml_ALIAS_TOKEN {
-		parser.state = parser.states[len(parser.states)-1]
-		parser.states = parser.states[:len(parser.states)-1]
-		*event = yaml_event_t{
-			typ:        yaml_ALIAS_EVENT,
-			start_mark: token.start_mark,
-			end_mark:   token.end_mark,
-			anchor:     token.value,
-		}
-		yaml_parser_set_event_comments(parser, event)
-		skip_token(parser)
-		return true
-	}
-
-	start_mark := token.start_mark
-	end_mark := token.start_mark
-
-	var tag_token bool
-	var tag_handle, tag_suffix, anchor []byte
-	var tag_mark yaml_mark_t
-	if token.typ == yaml_ANCHOR_TOKEN {
-		anchor = token.value
-		start_mark = token.start_mark
-		end_mark = token.end_mark
-		skip_token(parser)
-		token = peek_token(parser)
-		if token == nil {
-			return false
-		}
-		if token.typ == yaml_TAG_TOKEN {
-			tag_token = true
-			tag_handle = token.value
-			tag_suffix = token.suffix
-			tag_mark = token.start_mark
-			end_mark = token.end_mark
-			skip_token(parser)
-			token = peek_token(parser)
-			if token == nil {
-				return false
-			}
-		}
-	} else if token.typ == yaml_TAG_TOKEN {
-		tag_token = true
-		tag_handle = token.value
-		tag_suffix = token.suffix
-		start_mark = token.start_mark
-		tag_mark = token.start_mark
-		end_mark = token.end_mark
-		skip_token(parser)
-		token = peek_token(parser)
-		if token == nil {
-			return false
-		}
-		if token.typ == yaml_ANCHOR_TOKEN {
-			anchor = token.value
-			end_mark = token.end_mark
-			skip_token(parser)
-			token = peek_token(parser)
-			if token == nil {
-				return false
-			}
-		}
-	}
-
-	var tag []byte
-	if tag_token {
-		if len(tag_handle) == 0 {
-			tag = tag_suffix
-			tag_suffix = nil
-		} else {
-			for i := range parser.tag_directives {
-				if bytes.Equal(parser.tag_directives[i].handle, tag_handle) {
-					tag = append([]byte(nil), parser.tag_directives[i].prefix...)
-					tag = append(tag, tag_suffix...)
-					break
-				}
-			}
-			if len(tag) == 0 {
-				yaml_parser_set_parser_error_context(parser,
-					"while parsing a node", start_mark,
-					"found undefined tag handle", tag_mark)
-				return false
-			}
-		}
-	}
-
-	implicit := len(tag) == 0
-	if indentless_sequence && token.typ == yaml_BLOCK_ENTRY_TOKEN {
-		end_mark = token.end_mark
-		parser.state = yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE
-		*event = yaml_event_t{
-			typ:        yaml_SEQUENCE_START_EVENT,
-			start_mark: start_mark,
-			end_mark:   end_mark,
-			anchor:     anchor,
-			tag:        tag,
-			implicit:   implicit,
-			style:      yaml_style_t(yaml_BLOCK_SEQUENCE_STYLE),
-		}
-		return true
-	}
-	if token.typ == yaml_SCALAR_TOKEN {
-		var plain_implicit, quoted_implicit bool
-		end_mark = token.end_mark
-		if (len(tag) == 0 && token.style == yaml_PLAIN_SCALAR_STYLE) || (len(tag) == 1 && tag[0] == '!') {
-			plain_implicit = true
-		} else if len(tag) == 0 {
-			quoted_implicit = true
-		}
-		parser.state = parser.states[len(parser.states)-1]
-		parser.states = parser.states[:len(parser.states)-1]
-
-		*event = yaml_event_t{
-			typ:             yaml_SCALAR_EVENT,
-			start_mark:      start_mark,
-			end_mark:        end_mark,
-			anchor:          anchor,
-			tag:             tag,
-			value:           token.value,
-			implicit:        plain_implicit,
-			quoted_implicit: quoted_implicit,
-			style:           yaml_style_t(token.style),
-		}
-		yaml_parser_set_event_comments(parser, event)
-		skip_token(parser)
-		return true
-	}
-	if token.typ == yaml_FLOW_SEQUENCE_START_TOKEN {
-		// [Go] Some of the events below can be merged as they differ only on style.
-		end_mark = token.end_mark
-		parser.state = yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE
-		*event = yaml_event_t{
-			typ:        yaml_SEQUENCE_START_EVENT,
-			start_mark: start_mark,
-			end_mark:   end_mark,
-			anchor:     anchor,
-			tag:        tag,
-			implicit:   implicit,
-			style:      yaml_style_t(yaml_FLOW_SEQUENCE_STYLE),
-		}
-		yaml_parser_set_event_comments(parser, event)
-		return true
-	}
-	if token.typ == yaml_FLOW_MAPPING_START_TOKEN {
-		end_mark = token.end_mark
-		parser.state = yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE
-		*event = yaml_event_t{
-			typ:        yaml_MAPPING_START_EVENT,
-			start_mark: start_mark,
-			end_mark:   end_mark,
-			anchor:     anchor,
-			tag:        tag,
-			implicit:   implicit,
-			style:      yaml_style_t(yaml_FLOW_MAPPING_STYLE),
-		}
-		yaml_parser_set_event_comments(parser, event)
-		return true
-	}
-	if block && token.typ == yaml_BLOCK_SEQUENCE_START_TOKEN {
-		end_mark = token.end_mark
-		parser.state = yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE
-		*event = yaml_event_t{
-			typ:        yaml_SEQUENCE_START_EVENT,
-			start_mark: start_mark,
-			end_mark:   end_mark,
-			anchor:     anchor,
-			tag:        tag,
-			implicit:   implicit,
-			style:      yaml_style_t(yaml_BLOCK_SEQUENCE_STYLE),
-		}
-		if parser.stem_comment != nil {
-			event.head_comment = parser.stem_comment
-			parser.stem_comment = nil
-		}
-		return true
-	}
-	if block && token.typ == yaml_BLOCK_MAPPING_START_TOKEN {
-		end_mark = token.end_mark
-		parser.state = yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE
-		*event = yaml_event_t{
-			typ:        yaml_MAPPING_START_EVENT,
-			start_mark: start_mark,
-			end_mark:   end_mark,
-			anchor:     anchor,
-			tag:        tag,
-			implicit:   implicit,
-			style:      yaml_style_t(yaml_BLOCK_MAPPING_STYLE),
-		}
-		if parser.stem_comment != nil {
-			event.head_comment = parser.stem_comment
-			parser.stem_comment = nil
-		}
-		return true
-	}
-	if len(anchor) > 0 || len(tag) > 0 {
-		parser.state = parser.states[len(parser.states)-1]
-		parser.states = parser.states[:len(parser.states)-1]
-
-		*event = yaml_event_t{
-			typ:             yaml_SCALAR_EVENT,
-			start_mark:      start_mark,
-			end_mark:        end_mark,
-			anchor:          anchor,
-			tag:             tag,
-			implicit:        implicit,
-			quoted_implicit: false,
-			style:           yaml_style_t(yaml_PLAIN_SCALAR_STYLE),
-		}
-		return true
-	}
-
-	context := "while parsing a flow node"
-	if block {
-		context = "while parsing a block node"
-	}
-	yaml_parser_set_parser_error_context(parser, context, start_mark,
-		"did not find expected node content", token.start_mark)
-	return false
-}
-
-// Parse the productions:
-// block_sequence ::= BLOCK-SEQUENCE-START (BLOCK-ENTRY block_node?)* BLOCK-END
-//                    ********************  *********** *             *********
-//
-func yaml_parser_parse_block_sequence_entry(parser *yaml_parser_t, event *yaml_event_t, first bool) bool {
-	if first {
-		token := peek_token(parser)
-		if token == nil {
-			return false
-		}
-		parser.marks = append(parser.marks, token.start_mark)
-		skip_token(parser)
-	}
-
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-
-	if token.typ == yaml_BLOCK_ENTRY_TOKEN {
-		mark := token.end_mark
-		prior_head_len := len(parser.head_comment)
-		skip_token(parser)
-		yaml_parser_split_stem_comment(parser, prior_head_len)
-		token = peek_token(parser)
-		if token == nil {
-			return false
-		}
-		if token.typ != yaml_BLOCK_ENTRY_TOKEN && token.typ != yaml_BLOCK_END_TOKEN {
-			parser.states = append(parser.states, yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE)
-			return yaml_parser_parse_node(parser, event, true, false)
-		} else {
-			parser.state = yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE
-			return yaml_parser_process_empty_scalar(parser, event, mark)
-		}
-	}
-	if token.typ == yaml_BLOCK_END_TOKEN {
-		parser.state = parser.states[len(parser.states)-1]
-		parser.states = parser.states[:len(parser.states)-1]
-		parser.marks = parser.marks[:len(parser.marks)-1]
-
-		*event = yaml_event_t{
-			typ:        yaml_SEQUENCE_END_EVENT,
-			start_mark: token.start_mark,
-			end_mark:   token.end_mark,
-		}
-
-		skip_token(parser)
-		return true
-	}
-
-	context_mark := parser.marks[len(parser.marks)-1]
-	parser.marks = parser.marks[:len(parser.marks)-1]
-	return yaml_parser_set_parser_error_context(parser,
-		"while parsing a block collection", context_mark,
-		"did not find expected '-' indicator", token.start_mark)
-}
-
-// Parse the productions:
-// indentless_sequence  ::= (BLOCK-ENTRY block_node?)+
-//                           *********** *
-func yaml_parser_parse_indentless_sequence_entry(parser *yaml_parser_t, event *yaml_event_t) bool {
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-
-	if token.typ == yaml_BLOCK_ENTRY_TOKEN {
-		mark := token.end_mark
-		prior_head_len := len(parser.head_comment)
-		skip_token(parser)
-		yaml_parser_split_stem_comment(parser, prior_head_len)
-		token = peek_token(parser)
-		if token == nil {
-			return false
-		}
-		if token.typ != yaml_BLOCK_ENTRY_TOKEN &&
-			token.typ != yaml_KEY_TOKEN &&
-			token.typ != yaml_VALUE_TOKEN &&
-			token.typ != yaml_BLOCK_END_TOKEN {
-			parser.states = append(parser.states, yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE)
-			return yaml_parser_parse_node(parser, event, true, false)
-		}
-		parser.state = yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE
-		return yaml_parser_process_empty_scalar(parser, event, mark)
-	}
-	parser.state = parser.states[len(parser.states)-1]
-	parser.states = parser.states[:len(parser.states)-1]
-
-	*event = yaml_event_t{
-		typ:        yaml_SEQUENCE_END_EVENT,
-		start_mark: token.start_mark,
-		end_mark:   token.start_mark, // [Go] Shouldn't this be token.end_mark?
-	}
-	return true
-}
-
-// Split stem comment from head comment.
-//
-// When a sequence or map is found under a sequence entry, the former head comment
-// is assigned to the underlying sequence or map as a whole, not the individual
-// sequence or map entry as would be expected otherwise. To handle this case the
-// previous head comment is moved aside as the stem comment.
-func yaml_parser_split_stem_comment(parser *yaml_parser_t, stem_len int) {
-	if stem_len == 0 {
-		return
-	}
-
-	token := peek_token(parser)
-	if token == nil || token.typ != yaml_BLOCK_SEQUENCE_START_TOKEN && token.typ != yaml_BLOCK_MAPPING_START_TOKEN {
-		return
-	}
-
-	parser.stem_comment = parser.head_comment[:stem_len]
-	if len(parser.head_comment) == stem_len {
-		parser.head_comment = nil
-	} else {
-		// Copy suffix to prevent very strange bugs if someone ever appends
-		// further bytes to the prefix in the stem_comment slice above.
-		parser.head_comment = append([]byte(nil), parser.head_comment[stem_len+1:]...)
-	}
-}
-
-// Parse the productions:
-// block_mapping        ::= BLOCK-MAPPING_START
-//                          *******************
-//                          ((KEY block_node_or_indentless_sequence?)?
-//                            *** *
-//                          (VALUE block_node_or_indentless_sequence?)?)*
-//
-//                          BLOCK-END
-//                          *********
-//
-func yaml_parser_parse_block_mapping_key(parser *yaml_parser_t, event *yaml_event_t, first bool) bool {
-	if first {
-		token := peek_token(parser)
-		if token == nil {
-			return false
-		}
-		parser.marks = append(parser.marks, token.start_mark)
-		skip_token(parser)
-	}
-
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-
-	// [Go] A tail comment was left from the prior mapping value processed. Emit an event
-	//      as it needs to be processed with that value and not the following key.
-	if len(parser.tail_comment) > 0 {
-		*event = yaml_event_t{
-			typ:          yaml_TAIL_COMMENT_EVENT,
-			start_mark:   token.start_mark,
-			end_mark:     token.end_mark,
-			foot_comment: parser.tail_comment,
-		}
-		parser.tail_comment = nil
-		return true
-	}
-
-	if token.typ == yaml_KEY_TOKEN {
-		mark := token.end_mark
-		skip_token(parser)
-		token = peek_token(parser)
-		if token == nil {
-			return false
-		}
-		if token.typ != yaml_KEY_TOKEN &&
-			token.typ != yaml_VALUE_TOKEN &&
-			token.typ != yaml_BLOCK_END_TOKEN {
-			parser.states = append(parser.states, yaml_PARSE_BLOCK_MAPPING_VALUE_STATE)
-			return yaml_parser_parse_node(parser, event, true, true)
-		} else {
-			parser.state = yaml_PARSE_BLOCK_MAPPING_VALUE_STATE
-			return yaml_parser_process_empty_scalar(parser, event, mark)
-		}
-	} else if token.typ == yaml_BLOCK_END_TOKEN {
-		parser.state = parser.states[len(parser.states)-1]
-		parser.states = parser.states[:len(parser.states)-1]
-		parser.marks = parser.marks[:len(parser.marks)-1]
-		*event = yaml_event_t{
-			typ:        yaml_MAPPING_END_EVENT,
-			start_mark: token.start_mark,
-			end_mark:   token.end_mark,
-		}
-		yaml_parser_set_event_comments(parser, event)
-		skip_token(parser)
-		return true
-	}
-
-	context_mark := parser.marks[len(parser.marks)-1]
-	parser.marks = parser.marks[:len(parser.marks)-1]
-	return yaml_parser_set_parser_error_context(parser,
-		"while parsing a block mapping", context_mark,
-		"did not find expected key", token.start_mark)
-}
-
-// Parse the productions:
-// block_mapping        ::= BLOCK-MAPPING_START
-//
-//                          ((KEY block_node_or_indentless_sequence?)?
-//
-//                          (VALUE block_node_or_indentless_sequence?)?)*
-//                           ***** *
-//                          BLOCK-END
-//
-//
-func yaml_parser_parse_block_mapping_value(parser *yaml_parser_t, event *yaml_event_t) bool {
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-	if token.typ == yaml_VALUE_TOKEN {
-		mark := token.end_mark
-		skip_token(parser)
-		token = peek_token(parser)
-		if token == nil {
-			return false
-		}
-		if token.typ != yaml_KEY_TOKEN &&
-			token.typ != yaml_VALUE_TOKEN &&
-			token.typ != yaml_BLOCK_END_TOKEN {
-			parser.states = append(parser.states, yaml_PARSE_BLOCK_MAPPING_KEY_STATE)
-			return yaml_parser_parse_node(parser, event, true, true)
-		}
-		parser.state = yaml_PARSE_BLOCK_MAPPING_KEY_STATE
-		return yaml_parser_process_empty_scalar(parser, event, mark)
-	}
-	parser.state = yaml_PARSE_BLOCK_MAPPING_KEY_STATE
-	return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
-}
-
-// Parse the productions:
-// flow_sequence        ::= FLOW-SEQUENCE-START
-//                          *******************
-//                          (flow_sequence_entry FLOW-ENTRY)*
-//                           *                   **********
-//                          flow_sequence_entry?
-//                          *
-//                          FLOW-SEQUENCE-END
-//                          *****************
-// flow_sequence_entry  ::= flow_node | KEY flow_node? (VALUE flow_node?)?
-//                          *
-//
-func yaml_parser_parse_flow_sequence_entry(parser *yaml_parser_t, event *yaml_event_t, first bool) bool {
-	if first {
-		token := peek_token(parser)
-		if token == nil {
-			return false
-		}
-		parser.marks = append(parser.marks, token.start_mark)
-		skip_token(parser)
-	}
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-	if token.typ != yaml_FLOW_SEQUENCE_END_TOKEN {
-		if !first {
-			if token.typ == yaml_FLOW_ENTRY_TOKEN {
-				skip_token(parser)
-				token = peek_token(parser)
-				if token == nil {
-					return false
-				}
-			} else {
-				context_mark := parser.marks[len(parser.marks)-1]
-				parser.marks = parser.marks[:len(parser.marks)-1]
-				return yaml_parser_set_parser_error_context(parser,
-					"while parsing a flow sequence", context_mark,
-					"did not find expected ',' or ']'", token.start_mark)
-			}
-		}
-
-		if token.typ == yaml_KEY_TOKEN {
-			parser.state = yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE
-			*event = yaml_event_t{
-				typ:        yaml_MAPPING_START_EVENT,
-				start_mark: token.start_mark,
-				end_mark:   token.end_mark,
-				implicit:   true,
-				style:      yaml_style_t(yaml_FLOW_MAPPING_STYLE),
-			}
-			skip_token(parser)
-			return true
-		} else if token.typ != yaml_FLOW_SEQUENCE_END_TOKEN {
-			parser.states = append(parser.states, yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE)
-			return yaml_parser_parse_node(parser, event, false, false)
-		}
-	}
-
-	parser.state = parser.states[len(parser.states)-1]
-	parser.states = parser.states[:len(parser.states)-1]
-	parser.marks = parser.marks[:len(parser.marks)-1]
-
-	*event = yaml_event_t{
-		typ:        yaml_SEQUENCE_END_EVENT,
-		start_mark: token.start_mark,
-		end_mark:   token.end_mark,
-	}
-	yaml_parser_set_event_comments(parser, event)
-
-	skip_token(parser)
-	return true
-}
-
-//
-// Parse the productions:
-// flow_sequence_entry  ::= flow_node | KEY flow_node? (VALUE flow_node?)?
-//                                      *** *
-//
-func yaml_parser_parse_flow_sequence_entry_mapping_key(parser *yaml_parser_t, event *yaml_event_t) bool {
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-	if token.typ != yaml_VALUE_TOKEN &&
-		token.typ != yaml_FLOW_ENTRY_TOKEN &&
-		token.typ != yaml_FLOW_SEQUENCE_END_TOKEN {
-		parser.states = append(parser.states, yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE)
-		return yaml_parser_parse_node(parser, event, false, false)
-	}
-	mark := token.end_mark
-	skip_token(parser)
-	parser.state = yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE
-	return yaml_parser_process_empty_scalar(parser, event, mark)
-}
-
-// Parse the productions:
-// flow_sequence_entry  ::= flow_node | KEY flow_node? (VALUE flow_node?)?
-//                                                      ***** *
-//
-func yaml_parser_parse_flow_sequence_entry_mapping_value(parser *yaml_parser_t, event *yaml_event_t) bool {
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-	if token.typ == yaml_VALUE_TOKEN {
-		skip_token(parser)
-		token := peek_token(parser)
-		if token == nil {
-			return false
-		}
-		if token.typ != yaml_FLOW_ENTRY_TOKEN && token.typ != yaml_FLOW_SEQUENCE_END_TOKEN {
-			parser.states = append(parser.states, yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE)
-			return yaml_parser_parse_node(parser, event, false, false)
-		}
-	}
-	parser.state = yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE
-	return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
-}
-
-// Parse the productions:
-// flow_sequence_entry  ::= flow_node | KEY flow_node? (VALUE flow_node?)?
-//                                                                      *
-//
-func yaml_parser_parse_flow_sequence_entry_mapping_end(parser *yaml_parser_t, event *yaml_event_t) bool {
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-	parser.state = yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE
-	*event = yaml_event_t{
-		typ:        yaml_MAPPING_END_EVENT,
-		start_mark: token.start_mark,
-		end_mark:   token.start_mark, // [Go] Shouldn't this be end_mark?
-	}
-	return true
-}
-
-// Parse the productions:
-// flow_mapping         ::= FLOW-MAPPING-START
-//                          ******************
-//                          (flow_mapping_entry FLOW-ENTRY)*
-//                           *                  **********
-//                          flow_mapping_entry?
-//                          ******************
-//                          FLOW-MAPPING-END
-//                          ****************
-// flow_mapping_entry   ::= flow_node | KEY flow_node? (VALUE flow_node?)?
-//                          *           *** *
-//
-func yaml_parser_parse_flow_mapping_key(parser *yaml_parser_t, event *yaml_event_t, first bool) bool {
-	if first {
-		token := peek_token(parser)
-		parser.marks = append(parser.marks, token.start_mark)
-		skip_token(parser)
-	}
-
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-
-	if token.typ != yaml_FLOW_MAPPING_END_TOKEN {
-		if !first {
-			if token.typ == yaml_FLOW_ENTRY_TOKEN {
-				skip_token(parser)
-				token = peek_token(parser)
-				if token == nil {
-					return false
-				}
-			} else {
-				context_mark := parser.marks[len(parser.marks)-1]
-				parser.marks = parser.marks[:len(parser.marks)-1]
-				return yaml_parser_set_parser_error_context(parser,
-					"while parsing a flow mapping", context_mark,
-					"did not find expected ',' or '}'", token.start_mark)
-			}
-		}
-
-		if token.typ == yaml_KEY_TOKEN {
-			skip_token(parser)
-			token = peek_token(parser)
-			if token == nil {
-				return false
-			}
-			if token.typ != yaml_VALUE_TOKEN &&
-				token.typ != yaml_FLOW_ENTRY_TOKEN &&
-				token.typ != yaml_FLOW_MAPPING_END_TOKEN {
-				parser.states = append(parser.states, yaml_PARSE_FLOW_MAPPING_VALUE_STATE)
-				return yaml_parser_parse_node(parser, event, false, false)
-			} else {
-				parser.state = yaml_PARSE_FLOW_MAPPING_VALUE_STATE
-				return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
-			}
-		} else if token.typ != yaml_FLOW_MAPPING_END_TOKEN {
-			parser.states = append(parser.states, yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE)
-			return yaml_parser_parse_node(parser, event, false, false)
-		}
-	}
-
-	parser.state = parser.states[len(parser.states)-1]
-	parser.states = parser.states[:len(parser.states)-1]
-	parser.marks = parser.marks[:len(parser.marks)-1]
-	*event = yaml_event_t{
-		typ:        yaml_MAPPING_END_EVENT,
-		start_mark: token.start_mark,
-		end_mark:   token.end_mark,
-	}
-	yaml_parser_set_event_comments(parser, event)
-	skip_token(parser)
-	return true
-}
-
-// Parse the productions:
-// flow_mapping_entry   ::= flow_node | KEY flow_node? (VALUE flow_node?)?
-//                                   *                  ***** *
-//
-func yaml_parser_parse_flow_mapping_value(parser *yaml_parser_t, event *yaml_event_t, empty bool) bool {
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-	if empty {
-		parser.state = yaml_PARSE_FLOW_MAPPING_KEY_STATE
-		return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
-	}
-	if token.typ == yaml_VALUE_TOKEN {
-		skip_token(parser)
-		token = peek_token(parser)
-		if token == nil {
-			return false
-		}
-		if token.typ != yaml_FLOW_ENTRY_TOKEN && token.typ != yaml_FLOW_MAPPING_END_TOKEN {
-			parser.states = append(parser.states, yaml_PARSE_FLOW_MAPPING_KEY_STATE)
-			return yaml_parser_parse_node(parser, event, false, false)
-		}
-	}
-	parser.state = yaml_PARSE_FLOW_MAPPING_KEY_STATE
-	return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
-}
-
-// Generate an empty scalar event.
-func yaml_parser_process_empty_scalar(parser *yaml_parser_t, event *yaml_event_t, mark yaml_mark_t) bool {
-	*event = yaml_event_t{
-		typ:        yaml_SCALAR_EVENT,
-		start_mark: mark,
-		end_mark:   mark,
-		value:      nil, // Empty
-		implicit:   true,
-		style:      yaml_style_t(yaml_PLAIN_SCALAR_STYLE),
-	}
-	return true
-}
-
-var default_tag_directives = []yaml_tag_directive_t{
-	{[]byte("!"), []byte("!")},
-	{[]byte("!!"), []byte("tag:yaml.org,2002:")},
-}
-
-// Parse directives.
-func yaml_parser_process_directives(parser *yaml_parser_t,
-	version_directive_ref **yaml_version_directive_t,
-	tag_directives_ref *[]yaml_tag_directive_t) bool {
-
-	var version_directive *yaml_version_directive_t
-	var tag_directives []yaml_tag_directive_t
-
-	token := peek_token(parser)
-	if token == nil {
-		return false
-	}
-
-	for token.typ == yaml_VERSION_DIRECTIVE_TOKEN || token.typ == yaml_TAG_DIRECTIVE_TOKEN {
-		if token.typ == yaml_VERSION_DIRECTIVE_TOKEN {
-			if version_directive != nil {
-				yaml_parser_set_parser_error(parser,
-					"found duplicate %YAML directive", token.start_mark)
-				return false
-			}
-			if token.major != 1 || token.minor != 1 {
-				yaml_parser_set_parser_error(parser,
-					"found incompatible YAML document", token.start_mark)
-				return false
-			}
-			version_directive = &yaml_version_directive_t{
-				major: token.major,
-				minor: token.minor,
-			}
-		} else if token.typ == yaml_TAG_DIRECTIVE_TOKEN {
-			value := yaml_tag_directive_t{
-				handle: token.value,
-				prefix: token.prefix,
-			}
-			if !yaml_parser_append_tag_directive(parser, value, false, token.start_mark) {
-				return false
-			}
-			tag_directives = append(tag_directives, value)
-		}
-
-		skip_token(parser)
-		token = peek_token(parser)
-		if token == nil {
-			return false
-		}
-	}
-
-	for i := range default_tag_directives {
-		if !yaml_parser_append_tag_directive(parser, default_tag_directives[i], true, token.start_mark) {
-			return false
-		}
-	}
-
-	if version_directive_ref != nil {
-		*version_directive_ref = version_directive
-	}
-	if tag_directives_ref != nil {
-		*tag_directives_ref = tag_directives
-	}
-	return true
-}
-
-// Append a tag directive to the directives stack.
-func yaml_parser_append_tag_directive(parser *yaml_parser_t, value yaml_tag_directive_t, allow_duplicates bool, mark yaml_mark_t) bool {
-	for i := range parser.tag_directives {
-		if bytes.Equal(value.handle, parser.tag_directives[i].handle) {
-			if allow_duplicates {
-				return true
-			}
-			return yaml_parser_set_parser_error(parser, "found duplicate %TAG directive", mark)
-		}
-	}
-
-	// [Go] I suspect the copy is unnecessary. This was likely done
-	// because there was no way to track ownership of the data.
-	value_copy := yaml_tag_directive_t{
-		handle: make([]byte, len(value.handle)),
-		prefix: make([]byte, len(value.prefix)),
-	}
-	copy(value_copy.handle, value.handle)
-	copy(value_copy.prefix, value.prefix)
-	parser.tag_directives = append(parser.tag_directives, value_copy)
-	return true
-}
diff --git a/vendor/gopkg.in/yaml.v3/readerc.go b/vendor/gopkg.in/yaml.v3/readerc.go
deleted file mode 100644
index b7de0a89c..000000000
--- a/vendor/gopkg.in/yaml.v3/readerc.go
+++ /dev/null
@@ -1,434 +0,0 @@
-// 
-// Copyright (c) 2011-2019 Canonical Ltd
-// Copyright (c) 2006-2010 Kirill Simonov
-// 
-// Permission is hereby granted, free of charge, to any person obtaining a copy of
-// this software and associated documentation files (the "Software"), to deal in
-// the Software without restriction, including without limitation the rights to
-// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-// of the Software, and to permit persons to whom the Software is furnished to do
-// so, subject to the following conditions:
-// 
-// The above copyright notice and this permission notice shall be included in all
-// copies or substantial portions of the Software.
-// 
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-// SOFTWARE.
-
-package yaml
-
-import (
-	"io"
-)
-
-// Set the reader error and return 0.
-func yaml_parser_set_reader_error(parser *yaml_parser_t, problem string, offset int, value int) bool {
-	parser.error = yaml_READER_ERROR
-	parser.problem = problem
-	parser.problem_offset = offset
-	parser.problem_value = value
-	return false
-}
-
-// Byte order marks.
-const (
-	bom_UTF8    = "\xef\xbb\xbf"
-	bom_UTF16LE = "\xff\xfe"
-	bom_UTF16BE = "\xfe\xff"
-)
-
-// Determine the input stream encoding by checking the BOM symbol. If no BOM is
-// found, the UTF-8 encoding is assumed. Return 1 on success, 0 on failure.
-func yaml_parser_determine_encoding(parser *yaml_parser_t) bool {
-	// Ensure that we had enough bytes in the raw buffer.
-	for !parser.eof && len(parser.raw_buffer)-parser.raw_buffer_pos < 3 {
-		if !yaml_parser_update_raw_buffer(parser) {
-			return false
-		}
-	}
-
-	// Determine the encoding.
-	buf := parser.raw_buffer
-	pos := parser.raw_buffer_pos
-	avail := len(buf) - pos
-	if avail >= 2 && buf[pos] == bom_UTF16LE[0] && buf[pos+1] == bom_UTF16LE[1] {
-		parser.encoding = yaml_UTF16LE_ENCODING
-		parser.raw_buffer_pos += 2
-		parser.offset += 2
-	} else if avail >= 2 && buf[pos] == bom_UTF16BE[0] && buf[pos+1] == bom_UTF16BE[1] {
-		parser.encoding = yaml_UTF16BE_ENCODING
-		parser.raw_buffer_pos += 2
-		parser.offset += 2
-	} else if avail >= 3 && buf[pos] == bom_UTF8[0] && buf[pos+1] == bom_UTF8[1] && buf[pos+2] == bom_UTF8[2] {
-		parser.encoding = yaml_UTF8_ENCODING
-		parser.raw_buffer_pos += 3
-		parser.offset += 3
-	} else {
-		parser.encoding = yaml_UTF8_ENCODING
-	}
-	return true
-}
-
-// Update the raw buffer.
-func yaml_parser_update_raw_buffer(parser *yaml_parser_t) bool {
-	size_read := 0
-
-	// Return if the raw buffer is full.
-	if parser.raw_buffer_pos == 0 && len(parser.raw_buffer) == cap(parser.raw_buffer) {
-		return true
-	}
-
-	// Return on EOF.
-	if parser.eof {
-		return true
-	}
-
-	// Move the remaining bytes in the raw buffer to the beginning.
-	if parser.raw_buffer_pos > 0 && parser.raw_buffer_pos < len(parser.raw_buffer) {
-		copy(parser.raw_buffer, parser.raw_buffer[parser.raw_buffer_pos:])
-	}
-	parser.raw_buffer = parser.raw_buffer[:len(parser.raw_buffer)-parser.raw_buffer_pos]
-	parser.raw_buffer_pos = 0
-
-	// Call the read handler to fill the buffer.
-	size_read, err := parser.read_handler(parser, parser.raw_buffer[len(parser.raw_buffer):cap(parser.raw_buffer)])
-	parser.raw_buffer = parser.raw_buffer[:len(parser.raw_buffer)+size_read]
-	if err == io.EOF {
-		parser.eof = true
-	} else if err != nil {
-		return yaml_parser_set_reader_error(parser, "input error: "+err.Error(), parser.offset, -1)
-	}
-	return true
-}
-
-// Ensure that the buffer contains at least `length` characters.
-// Return true on success, false on failure.
-//
-// The length is supposed to be significantly less that the buffer size.
-func yaml_parser_update_buffer(parser *yaml_parser_t, length int) bool {
-	if parser.read_handler == nil {
-		panic("read handler must be set")
-	}
-
-	// [Go] This function was changed to guarantee the requested length size at EOF.
-	// The fact we need to do this is pretty awful, but the description above implies
-	// for that to be the case, and there are tests
-
-	// If the EOF flag is set and the raw buffer is empty, do nothing.
-	if parser.eof && parser.raw_buffer_pos == len(parser.raw_buffer) {
-		// [Go] ACTUALLY! Read the documentation of this function above.
-		// This is just broken. To return true, we need to have the
-		// given length in the buffer. Not doing that means every single
-		// check that calls this function to make sure the buffer has a
-		// given length is Go) panicking; or C) accessing invalid memory.
-		//return true
-	}
-
-	// Return if the buffer contains enough characters.
-	if parser.unread >= length {
-		return true
-	}
-
-	// Determine the input encoding if it is not known yet.
-	if parser.encoding == yaml_ANY_ENCODING {
-		if !yaml_parser_determine_encoding(parser) {
-			return false
-		}
-	}
-
-	// Move the unread characters to the beginning of the buffer.
-	buffer_len := len(parser.buffer)
-	if parser.buffer_pos > 0 && parser.buffer_pos < buffer_len {
-		copy(parser.buffer, parser.buffer[parser.buffer_pos:])
-		buffer_len -= parser.buffer_pos
-		parser.buffer_pos = 0
-	} else if parser.buffer_pos == buffer_len {
-		buffer_len = 0
-		parser.buffer_pos = 0
-	}
-
-	// Open the whole buffer for writing, and cut it before returning.
-	parser.buffer = parser.buffer[:cap(parser.buffer)]
-
-	// Fill the buffer until it has enough characters.
-	first := true
-	for parser.unread < length {
-
-		// Fill the raw buffer if necessary.
-		if !first || parser.raw_buffer_pos == len(parser.raw_buffer) {
-			if !yaml_parser_update_raw_buffer(parser) {
-				parser.buffer = parser.buffer[:buffer_len]
-				return false
-			}
-		}
-		first = false
-
-		// Decode the raw buffer.
-	inner:
-		for parser.raw_buffer_pos != len(parser.raw_buffer) {
-			var value rune
-			var width int
-
-			raw_unread := len(parser.raw_buffer) - parser.raw_buffer_pos
-
-			// Decode the next character.
-			switch parser.encoding {
-			case yaml_UTF8_ENCODING:
-				// Decode a UTF-8 character.  Check RFC 3629
-				// (http://www.ietf.org/rfc/rfc3629.txt) for more details.
-				//
-				// The following table (taken from the RFC) is used for
-				// decoding.
-				//
-				//    Char. number range |        UTF-8 octet sequence
-				//      (hexadecimal)    |              (binary)
-				//   --------------------+------------------------------------
-				//   0000 0000-0000 007F | 0xxxxxxx
-				//   0000 0080-0000 07FF | 110xxxxx 10xxxxxx
-				//   0000 0800-0000 FFFF | 1110xxxx 10xxxxxx 10xxxxxx
-				//   0001 0000-0010 FFFF | 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
-				//
-				// Additionally, the characters in the range 0xD800-0xDFFF
-				// are prohibited as they are reserved for use with UTF-16
-				// surrogate pairs.
-
-				// Determine the length of the UTF-8 sequence.
-				octet := parser.raw_buffer[parser.raw_buffer_pos]
-				switch {
-				case octet&0x80 == 0x00:
-					width = 1
-				case octet&0xE0 == 0xC0:
-					width = 2
-				case octet&0xF0 == 0xE0:
-					width = 3
-				case octet&0xF8 == 0xF0:
-					width = 4
-				default:
-					// The leading octet is invalid.
-					return yaml_parser_set_reader_error(parser,
-						"invalid leading UTF-8 octet",
-						parser.offset, int(octet))
-				}
-
-				// Check if the raw buffer contains an incomplete character.
-				if width > raw_unread {
-					if parser.eof {
-						return yaml_parser_set_reader_error(parser,
-							"incomplete UTF-8 octet sequence",
-							parser.offset, -1)
-					}
-					break inner
-				}
-
-				// Decode the leading octet.
-				switch {
-				case octet&0x80 == 0x00:
-					value = rune(octet & 0x7F)
-				case octet&0xE0 == 0xC0:
-					value = rune(octet & 0x1F)
-				case octet&0xF0 == 0xE0:
-					value = rune(octet & 0x0F)
-				case octet&0xF8 == 0xF0:
-					value = rune(octet & 0x07)
-				default:
-					value = 0
-				}
-
-				// Check and decode the trailing octets.
-				for k := 1; k < width; k++ {
-					octet = parser.raw_buffer[parser.raw_buffer_pos+k]
-
-					// Check if the octet is valid.
-					if (octet & 0xC0) != 0x80 {
-						return yaml_parser_set_reader_error(parser,
-							"invalid trailing UTF-8 octet",
-							parser.offset+k, int(octet))
-					}
-
-					// Decode the octet.
-					value = (value << 6) + rune(octet&0x3F)
-				}
-
-				// Check the length of the sequence against the value.
-				switch {
-				case width == 1:
-				case width == 2 && value >= 0x80:
-				case width == 3 && value >= 0x800:
-				case width == 4 && value >= 0x10000:
-				default:
-					return yaml_parser_set_reader_error(parser,
-						"invalid length of a UTF-8 sequence",
-						parser.offset, -1)
-				}
-
-				// Check the range of the value.
-				if value >= 0xD800 && value <= 0xDFFF || value > 0x10FFFF {
-					return yaml_parser_set_reader_error(parser,
-						"invalid Unicode character",
-						parser.offset, int(value))
-				}
-
-			case yaml_UTF16LE_ENCODING, yaml_UTF16BE_ENCODING:
-				var low, high int
-				if parser.encoding == yaml_UTF16LE_ENCODING {
-					low, high = 0, 1
-				} else {
-					low, high = 1, 0
-				}
-
-				// The UTF-16 encoding is not as simple as one might
-				// naively think.  Check RFC 2781
-				// (http://www.ietf.org/rfc/rfc2781.txt).
-				//
-				// Normally, two subsequent bytes describe a Unicode
-				// character.  However a special technique (called a
-				// surrogate pair) is used for specifying character
-				// values larger than 0xFFFF.
-				//
-				// A surrogate pair consists of two pseudo-characters:
-				//      high surrogate area (0xD800-0xDBFF)
-				//      low surrogate area (0xDC00-0xDFFF)
-				//
-				// The following formulas are used for decoding
-				// and encoding characters using surrogate pairs:
-				//
-				//  U  = U' + 0x10000   (0x01 00 00 <= U <= 0x10 FF FF)
-				//  U' = yyyyyyyyyyxxxxxxxxxx   (0 <= U' <= 0x0F FF FF)
-				//  W1 = 110110yyyyyyyyyy
-				//  W2 = 110111xxxxxxxxxx
-				//
-				// where U is the character value, W1 is the high surrogate
-				// area, W2 is the low surrogate area.
-
-				// Check for incomplete UTF-16 character.
-				if raw_unread < 2 {
-					if parser.eof {
-						return yaml_parser_set_reader_error(parser,
-							"incomplete UTF-16 character",
-							parser.offset, -1)
-					}
-					break inner
-				}
-
-				// Get the character.
-				value = rune(parser.raw_buffer[parser.raw_buffer_pos+low]) +
-					(rune(parser.raw_buffer[parser.raw_buffer_pos+high]) << 8)
-
-				// Check for unexpected low surrogate area.
-				if value&0xFC00 == 0xDC00 {
-					return yaml_parser_set_reader_error(parser,
-						"unexpected low surrogate area",
-						parser.offset, int(value))
-				}
-
-				// Check for a high surrogate area.
-				if value&0xFC00 == 0xD800 {
-					width = 4
-
-					// Check for incomplete surrogate pair.
-					if raw_unread < 4 {
-						if parser.eof {
-							return yaml_parser_set_reader_error(parser,
-								"incomplete UTF-16 surrogate pair",
-								parser.offset, -1)
-						}
-						break inner
-					}
-
-					// Get the next character.
-					value2 := rune(parser.raw_buffer[parser.raw_buffer_pos+low+2]) +
-						(rune(parser.raw_buffer[parser.raw_buffer_pos+high+2]) << 8)
-
-					// Check for a low surrogate area.
-					if value2&0xFC00 != 0xDC00 {
-						return yaml_parser_set_reader_error(parser,
-							"expected low surrogate area",
-							parser.offset+2, int(value2))
-					}
-
-					// Generate the value of the surrogate pair.
-					value = 0x10000 + ((value & 0x3FF) << 10) + (value2 & 0x3FF)
-				} else {
-					width = 2
-				}
-
-			default:
-				panic("impossible")
-			}
-
-			// Check if the character is in the allowed range:
-			//      #x9 | #xA | #xD | [#x20-#x7E]               (8 bit)
-			//      | #x85 | [#xA0-#xD7FF] | [#xE000-#xFFFD]    (16 bit)
-			//      | [#x10000-#x10FFFF]                        (32 bit)
-			switch {
-			case value == 0x09:
-			case value == 0x0A:
-			case value == 0x0D:
-			case value >= 0x20 && value <= 0x7E:
-			case value == 0x85:
-			case value >= 0xA0 && value <= 0xD7FF:
-			case value >= 0xE000 && value <= 0xFFFD:
-			case value >= 0x10000 && value <= 0x10FFFF:
-			default:
-				return yaml_parser_set_reader_error(parser,
-					"control characters are not allowed",
-					parser.offset, int(value))
-			}
-
-			// Move the raw pointers.
-			parser.raw_buffer_pos += width
-			parser.offset += width
-
-			// Finally put the character into the buffer.
-			if value <= 0x7F {
-				// 0000 0000-0000 007F . 0xxxxxxx
-				parser.buffer[buffer_len+0] = byte(value)
-				buffer_len += 1
-			} else if value <= 0x7FF {
-				// 0000 0080-0000 07FF . 110xxxxx 10xxxxxx
-				parser.buffer[buffer_len+0] = byte(0xC0 + (value >> 6))
-				parser.buffer[buffer_len+1] = byte(0x80 + (value & 0x3F))
-				buffer_len += 2
-			} else if value <= 0xFFFF {
-				// 0000 0800-0000 FFFF . 1110xxxx 10xxxxxx 10xxxxxx
-				parser.buffer[buffer_len+0] = byte(0xE0 + (value >> 12))
-				parser.buffer[buffer_len+1] = byte(0x80 + ((value >> 6) & 0x3F))
-				parser.buffer[buffer_len+2] = byte(0x80 + (value & 0x3F))
-				buffer_len += 3
-			} else {
-				// 0001 0000-0010 FFFF . 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
-				parser.buffer[buffer_len+0] = byte(0xF0 + (value >> 18))
-				parser.buffer[buffer_len+1] = byte(0x80 + ((value >> 12) & 0x3F))
-				parser.buffer[buffer_len+2] = byte(0x80 + ((value >> 6) & 0x3F))
-				parser.buffer[buffer_len+3] = byte(0x80 + (value & 0x3F))
-				buffer_len += 4
-			}
-
-			parser.unread++
-		}
-
-		// On EOF, put NUL into the buffer and return.
-		if parser.eof {
-			parser.buffer[buffer_len] = 0
-			buffer_len++
-			parser.unread++
-			break
-		}
-	}
-	// [Go] Read the documentation of this function above. To return true,
-	// we need to have the given length in the buffer. Not doing that means
-	// every single check that calls this function to make sure the buffer
-	// has a given length is Go) panicking; or C) accessing invalid memory.
-	// This happens here due to the EOF above breaking early.
-	for buffer_len < length {
-		parser.buffer[buffer_len] = 0
-		buffer_len++
-	}
-	parser.buffer = parser.buffer[:buffer_len]
-	return true
-}
diff --git a/vendor/gopkg.in/yaml.v3/resolve.go b/vendor/gopkg.in/yaml.v3/resolve.go
deleted file mode 100644
index 64ae88805..000000000
--- a/vendor/gopkg.in/yaml.v3/resolve.go
+++ /dev/null
@@ -1,326 +0,0 @@
-//
-// Copyright (c) 2011-2019 Canonical Ltd
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package yaml
-
-import (
-	"encoding/base64"
-	"math"
-	"regexp"
-	"strconv"
-	"strings"
-	"time"
-)
-
-type resolveMapItem struct {
-	value interface{}
-	tag   string
-}
-
-var resolveTable = make([]byte, 256)
-var resolveMap = make(map[string]resolveMapItem)
-
-func init() {
-	t := resolveTable
-	t[int('+')] = 'S' // Sign
-	t[int('-')] = 'S'
-	for _, c := range "0123456789" {
-		t[int(c)] = 'D' // Digit
-	}
-	for _, c := range "yYnNtTfFoO~" {
-		t[int(c)] = 'M' // In map
-	}
-	t[int('.')] = '.' // Float (potentially in map)
-
-	var resolveMapList = []struct {
-		v   interface{}
-		tag string
-		l   []string
-	}{
-		{true, boolTag, []string{"true", "True", "TRUE"}},
-		{false, boolTag, []string{"false", "False", "FALSE"}},
-		{nil, nullTag, []string{"", "~", "null", "Null", "NULL"}},
-		{math.NaN(), floatTag, []string{".nan", ".NaN", ".NAN"}},
-		{math.Inf(+1), floatTag, []string{".inf", ".Inf", ".INF"}},
-		{math.Inf(+1), floatTag, []string{"+.inf", "+.Inf", "+.INF"}},
-		{math.Inf(-1), floatTag, []string{"-.inf", "-.Inf", "-.INF"}},
-		{"<<", mergeTag, []string{"<<"}},
-	}
-
-	m := resolveMap
-	for _, item := range resolveMapList {
-		for _, s := range item.l {
-			m[s] = resolveMapItem{item.v, item.tag}
-		}
-	}
-}
-
-const (
-	nullTag      = "!!null"
-	boolTag      = "!!bool"
-	strTag       = "!!str"
-	intTag       = "!!int"
-	floatTag     = "!!float"
-	timestampTag = "!!timestamp"
-	seqTag       = "!!seq"
-	mapTag       = "!!map"
-	binaryTag    = "!!binary"
-	mergeTag     = "!!merge"
-)
-
-var longTags = make(map[string]string)
-var shortTags = make(map[string]string)
-
-func init() {
-	for _, stag := range []string{nullTag, boolTag, strTag, intTag, floatTag, timestampTag, seqTag, mapTag, binaryTag, mergeTag} {
-		ltag := longTag(stag)
-		longTags[stag] = ltag
-		shortTags[ltag] = stag
-	}
-}
-
-const longTagPrefix = "tag:yaml.org,2002:"
-
-func shortTag(tag string) string {
-	if strings.HasPrefix(tag, longTagPrefix) {
-		if stag, ok := shortTags[tag]; ok {
-			return stag
-		}
-		return "!!" + tag[len(longTagPrefix):]
-	}
-	return tag
-}
-
-func longTag(tag string) string {
-	if strings.HasPrefix(tag, "!!") {
-		if ltag, ok := longTags[tag]; ok {
-			return ltag
-		}
-		return longTagPrefix + tag[2:]
-	}
-	return tag
-}
-
-func resolvableTag(tag string) bool {
-	switch tag {
-	case "", strTag, boolTag, intTag, floatTag, nullTag, timestampTag:
-		return true
-	}
-	return false
-}
-
-var yamlStyleFloat = regexp.MustCompile(`^[-+]?(\.[0-9]+|[0-9]+(\.[0-9]*)?)([eE][-+]?[0-9]+)?$`)
-
-func resolve(tag string, in string) (rtag string, out interface{}) {
-	tag = shortTag(tag)
-	if !resolvableTag(tag) {
-		return tag, in
-	}
-
-	defer func() {
-		switch tag {
-		case "", rtag, strTag, binaryTag:
-			return
-		case floatTag:
-			if rtag == intTag {
-				switch v := out.(type) {
-				case int64:
-					rtag = floatTag
-					out = float64(v)
-					return
-				case int:
-					rtag = floatTag
-					out = float64(v)
-					return
-				}
-			}
-		}
-		failf("cannot decode %s `%s` as a %s", shortTag(rtag), in, shortTag(tag))
-	}()
-
-	// Any data is accepted as a !!str or !!binary.
-	// Otherwise, the prefix is enough of a hint about what it might be.
-	hint := byte('N')
-	if in != "" {
-		hint = resolveTable[in[0]]
-	}
-	if hint != 0 && tag != strTag && tag != binaryTag {
-		// Handle things we can lookup in a map.
-		if item, ok := resolveMap[in]; ok {
-			return item.tag, item.value
-		}
-
-		// Base 60 floats are a bad idea, were dropped in YAML 1.2, and
-		// are purposefully unsupported here. They're still quoted on
-		// the way out for compatibility with other parser, though.
-
-		switch hint {
-		case 'M':
-			// We've already checked the map above.
-
-		case '.':
-			// Not in the map, so maybe a normal float.
-			floatv, err := strconv.ParseFloat(in, 64)
-			if err == nil {
-				return floatTag, floatv
-			}
-
-		case 'D', 'S':
-			// Int, float, or timestamp.
-			// Only try values as a timestamp if the value is unquoted or there's an explicit
-			// !!timestamp tag.
-			if tag == "" || tag == timestampTag {
-				t, ok := parseTimestamp(in)
-				if ok {
-					return timestampTag, t
-				}
-			}
-
-			plain := strings.Replace(in, "_", "", -1)
-			intv, err := strconv.ParseInt(plain, 0, 64)
-			if err == nil {
-				if intv == int64(int(intv)) {
-					return intTag, int(intv)
-				} else {
-					return intTag, intv
-				}
-			}
-			uintv, err := strconv.ParseUint(plain, 0, 64)
-			if err == nil {
-				return intTag, uintv
-			}
-			if yamlStyleFloat.MatchString(plain) {
-				floatv, err := strconv.ParseFloat(plain, 64)
-				if err == nil {
-					return floatTag, floatv
-				}
-			}
-			if strings.HasPrefix(plain, "0b") {
-				intv, err := strconv.ParseInt(plain[2:], 2, 64)
-				if err == nil {
-					if intv == int64(int(intv)) {
-						return intTag, int(intv)
-					} else {
-						return intTag, intv
-					}
-				}
-				uintv, err := strconv.ParseUint(plain[2:], 2, 64)
-				if err == nil {
-					return intTag, uintv
-				}
-			} else if strings.HasPrefix(plain, "-0b") {
-				intv, err := strconv.ParseInt("-"+plain[3:], 2, 64)
-				if err == nil {
-					if true || intv == int64(int(intv)) {
-						return intTag, int(intv)
-					} else {
-						return intTag, intv
-					}
-				}
-			}
-			// Octals as introduced in version 1.2 of the spec.
-			// Octals from the 1.1 spec, spelled as 0777, are still
-			// decoded by default in v3 as well for compatibility.
-			// May be dropped in v4 depending on how usage evolves.
-			if strings.HasPrefix(plain, "0o") {
-				intv, err := strconv.ParseInt(plain[2:], 8, 64)
-				if err == nil {
-					if intv == int64(int(intv)) {
-						return intTag, int(intv)
-					} else {
-						return intTag, intv
-					}
-				}
-				uintv, err := strconv.ParseUint(plain[2:], 8, 64)
-				if err == nil {
-					return intTag, uintv
-				}
-			} else if strings.HasPrefix(plain, "-0o") {
-				intv, err := strconv.ParseInt("-"+plain[3:], 8, 64)
-				if err == nil {
-					if true || intv == int64(int(intv)) {
-						return intTag, int(intv)
-					} else {
-						return intTag, intv
-					}
-				}
-			}
-		default:
-			panic("internal error: missing handler for resolver table: " + string(rune(hint)) + " (with " + in + ")")
-		}
-	}
-	return strTag, in
-}
-
-// encodeBase64 encodes s as base64 that is broken up into multiple lines
-// as appropriate for the resulting length.
-func encodeBase64(s string) string {
-	const lineLen = 70
-	encLen := base64.StdEncoding.EncodedLen(len(s))
-	lines := encLen/lineLen + 1
-	buf := make([]byte, encLen*2+lines)
-	in := buf[0:encLen]
-	out := buf[encLen:]
-	base64.StdEncoding.Encode(in, []byte(s))
-	k := 0
-	for i := 0; i < len(in); i += lineLen {
-		j := i + lineLen
-		if j > len(in) {
-			j = len(in)
-		}
-		k += copy(out[k:], in[i:j])
-		if lines > 1 {
-			out[k] = '\n'
-			k++
-		}
-	}
-	return string(out[:k])
-}
-
-// This is a subset of the formats allowed by the regular expression
-// defined at http://yaml.org/type/timestamp.html.
-var allowedTimestampFormats = []string{
-	"2006-1-2T15:4:5.999999999Z07:00", // RCF3339Nano with short date fields.
-	"2006-1-2t15:4:5.999999999Z07:00", // RFC3339Nano with short date fields and lower-case "t".
-	"2006-1-2 15:4:5.999999999",       // space separated with no time zone
-	"2006-1-2",                        // date only
-	// Notable exception: time.Parse cannot handle: "2001-12-14 21:59:43.10 -5"
-	// from the set of examples.
-}
-
-// parseTimestamp parses s as a timestamp string and
-// returns the timestamp and reports whether it succeeded.
-// Timestamp formats are defined at http://yaml.org/type/timestamp.html
-func parseTimestamp(s string) (time.Time, bool) {
-	// TODO write code to check all the formats supported by
-	// http://yaml.org/type/timestamp.html instead of using time.Parse.
-
-	// Quick check: all date formats start with YYYY-.
-	i := 0
-	for ; i < len(s); i++ {
-		if c := s[i]; c < '0' || c > '9' {
-			break
-		}
-	}
-	if i != 4 || i == len(s) || s[i] != '-' {
-		return time.Time{}, false
-	}
-	for _, format := range allowedTimestampFormats {
-		if t, err := time.Parse(format, s); err == nil {
-			return t, true
-		}
-	}
-	return time.Time{}, false
-}
diff --git a/vendor/gopkg.in/yaml.v3/scannerc.go b/vendor/gopkg.in/yaml.v3/scannerc.go
deleted file mode 100644
index ca0070108..000000000
--- a/vendor/gopkg.in/yaml.v3/scannerc.go
+++ /dev/null
@@ -1,3038 +0,0 @@
-//
-// Copyright (c) 2011-2019 Canonical Ltd
-// Copyright (c) 2006-2010 Kirill Simonov
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy of
-// this software and associated documentation files (the "Software"), to deal in
-// the Software without restriction, including without limitation the rights to
-// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-// of the Software, and to permit persons to whom the Software is furnished to do
-// so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in all
-// copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-// SOFTWARE.
-
-package yaml
-
-import (
-	"bytes"
-	"fmt"
-)
-
-// Introduction
-// ************
-//
-// The following notes assume that you are familiar with the YAML specification
-// (http://yaml.org/spec/1.2/spec.html).  We mostly follow it, although in
-// some cases we are less restrictive that it requires.
-//
-// The process of transforming a YAML stream into a sequence of events is
-// divided on two steps: Scanning and Parsing.
-//
-// The Scanner transforms the input stream into a sequence of tokens, while the
-// parser transform the sequence of tokens produced by the Scanner into a
-// sequence of parsing events.
-//
-// The Scanner is rather clever and complicated. The Parser, on the contrary,
-// is a straightforward implementation of a recursive-descendant parser (or,
-// LL(1) parser, as it is usually called).
-//
-// Actually there are two issues of Scanning that might be called "clever", the
-// rest is quite straightforward.  The issues are "block collection start" and
-// "simple keys".  Both issues are explained below in details.
-//
-// Here the Scanning step is explained and implemented.  We start with the list
-// of all the tokens produced by the Scanner together with short descriptions.
-//
-// Now, tokens:
-//
-//      STREAM-START(encoding)          # The stream start.
-//      STREAM-END                      # The stream end.
-//      VERSION-DIRECTIVE(major,minor)  # The '%YAML' directive.
-//      TAG-DIRECTIVE(handle,prefix)    # The '%TAG' directive.
-//      DOCUMENT-START                  # '---'
-//      DOCUMENT-END                    # '...'
-//      BLOCK-SEQUENCE-START            # Indentation increase denoting a block
-//      BLOCK-MAPPING-START             # sequence or a block mapping.
-//      BLOCK-END                       # Indentation decrease.
-//      FLOW-SEQUENCE-START             # '['
-//      FLOW-SEQUENCE-END               # ']'
-//      BLOCK-SEQUENCE-START            # '{'
-//      BLOCK-SEQUENCE-END              # '}'
-//      BLOCK-ENTRY                     # '-'
-//      FLOW-ENTRY                      # ','
-//      KEY                             # '?' or nothing (simple keys).
-//      VALUE                           # ':'
-//      ALIAS(anchor)                   # '*anchor'
-//      ANCHOR(anchor)                  # '&anchor'
-//      TAG(handle,suffix)              # '!handle!suffix'
-//      SCALAR(value,style)             # A scalar.
-//
-// The following two tokens are "virtual" tokens denoting the beginning and the
-// end of the stream:
-//
-//      STREAM-START(encoding)
-//      STREAM-END
-//
-// We pass the information about the input stream encoding with the
-// STREAM-START token.
-//
-// The next two tokens are responsible for tags:
-//
-//      VERSION-DIRECTIVE(major,minor)
-//      TAG-DIRECTIVE(handle,prefix)
-//
-// Example:
-//
-//      %YAML   1.1
-//      %TAG    !   !foo
-//      %TAG    !yaml!  tag:yaml.org,2002:
-//      ---
-//
-// The correspoding sequence of tokens:
-//
-//      STREAM-START(utf-8)
-//      VERSION-DIRECTIVE(1,1)
-//      TAG-DIRECTIVE("!","!foo")
-//      TAG-DIRECTIVE("!yaml","tag:yaml.org,2002:")
-//      DOCUMENT-START
-//      STREAM-END
-//
-// Note that the VERSION-DIRECTIVE and TAG-DIRECTIVE tokens occupy a whole
-// line.
-//
-// The document start and end indicators are represented by:
-//
-//      DOCUMENT-START
-//      DOCUMENT-END
-//
-// Note that if a YAML stream contains an implicit document (without '---'
-// and '...' indicators), no DOCUMENT-START and DOCUMENT-END tokens will be
-// produced.
-//
-// In the following examples, we present whole documents together with the
-// produced tokens.
-//
-//      1. An implicit document:
-//
-//          'a scalar'
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          SCALAR("a scalar",single-quoted)
-//          STREAM-END
-//
-//      2. An explicit document:
-//
-//          ---
-//          'a scalar'
-//          ...
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          DOCUMENT-START
-//          SCALAR("a scalar",single-quoted)
-//          DOCUMENT-END
-//          STREAM-END
-//
-//      3. Several documents in a stream:
-//
-//          'a scalar'
-//          ---
-//          'another scalar'
-//          ---
-//          'yet another scalar'
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          SCALAR("a scalar",single-quoted)
-//          DOCUMENT-START
-//          SCALAR("another scalar",single-quoted)
-//          DOCUMENT-START
-//          SCALAR("yet another scalar",single-quoted)
-//          STREAM-END
-//
-// We have already introduced the SCALAR token above.  The following tokens are
-// used to describe aliases, anchors, tag, and scalars:
-//
-//      ALIAS(anchor)
-//      ANCHOR(anchor)
-//      TAG(handle,suffix)
-//      SCALAR(value,style)
-//
-// The following series of examples illustrate the usage of these tokens:
-//
-//      1. A recursive sequence:
-//
-//          &A [ *A ]
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          ANCHOR("A")
-//          FLOW-SEQUENCE-START
-//          ALIAS("A")
-//          FLOW-SEQUENCE-END
-//          STREAM-END
-//
-//      2. A tagged scalar:
-//
-//          !!float "3.14"  # A good approximation.
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          TAG("!!","float")
-//          SCALAR("3.14",double-quoted)
-//          STREAM-END
-//
-//      3. Various scalar styles:
-//
-//          --- # Implicit empty plain scalars do not produce tokens.
-//          --- a plain scalar
-//          --- 'a single-quoted scalar'
-//          --- "a double-quoted scalar"
-//          --- |-
-//            a literal scalar
-//          --- >-
-//            a folded
-//            scalar
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          DOCUMENT-START
-//          DOCUMENT-START
-//          SCALAR("a plain scalar",plain)
-//          DOCUMENT-START
-//          SCALAR("a single-quoted scalar",single-quoted)
-//          DOCUMENT-START
-//          SCALAR("a double-quoted scalar",double-quoted)
-//          DOCUMENT-START
-//          SCALAR("a literal scalar",literal)
-//          DOCUMENT-START
-//          SCALAR("a folded scalar",folded)
-//          STREAM-END
-//
-// Now it's time to review collection-related tokens. We will start with
-// flow collections:
-//
-//      FLOW-SEQUENCE-START
-//      FLOW-SEQUENCE-END
-//      FLOW-MAPPING-START
-//      FLOW-MAPPING-END
-//      FLOW-ENTRY
-//      KEY
-//      VALUE
-//
-// The tokens FLOW-SEQUENCE-START, FLOW-SEQUENCE-END, FLOW-MAPPING-START, and
-// FLOW-MAPPING-END represent the indicators '[', ']', '{', and '}'
-// correspondingly.  FLOW-ENTRY represent the ',' indicator.  Finally the
-// indicators '?' and ':', which are used for denoting mapping keys and values,
-// are represented by the KEY and VALUE tokens.
-//
-// The following examples show flow collections:
-//
-//      1. A flow sequence:
-//
-//          [item 1, item 2, item 3]
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          FLOW-SEQUENCE-START
-//          SCALAR("item 1",plain)
-//          FLOW-ENTRY
-//          SCALAR("item 2",plain)
-//          FLOW-ENTRY
-//          SCALAR("item 3",plain)
-//          FLOW-SEQUENCE-END
-//          STREAM-END
-//
-//      2. A flow mapping:
-//
-//          {
-//              a simple key: a value,  # Note that the KEY token is produced.
-//              ? a complex key: another value,
-//          }
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          FLOW-MAPPING-START
-//          KEY
-//          SCALAR("a simple key",plain)
-//          VALUE
-//          SCALAR("a value",plain)
-//          FLOW-ENTRY
-//          KEY
-//          SCALAR("a complex key",plain)
-//          VALUE
-//          SCALAR("another value",plain)
-//          FLOW-ENTRY
-//          FLOW-MAPPING-END
-//          STREAM-END
-//
-// A simple key is a key which is not denoted by the '?' indicator.  Note that
-// the Scanner still produce the KEY token whenever it encounters a simple key.
-//
-// For scanning block collections, the following tokens are used (note that we
-// repeat KEY and VALUE here):
-//
-//      BLOCK-SEQUENCE-START
-//      BLOCK-MAPPING-START
-//      BLOCK-END
-//      BLOCK-ENTRY
-//      KEY
-//      VALUE
-//
-// The tokens BLOCK-SEQUENCE-START and BLOCK-MAPPING-START denote indentation
-// increase that precedes a block collection (cf. the INDENT token in Python).
-// The token BLOCK-END denote indentation decrease that ends a block collection
-// (cf. the DEDENT token in Python).  However YAML has some syntax pecularities
-// that makes detections of these tokens more complex.
-//
-// The tokens BLOCK-ENTRY, KEY, and VALUE are used to represent the indicators
-// '-', '?', and ':' correspondingly.
-//
-// The following examples show how the tokens BLOCK-SEQUENCE-START,
-// BLOCK-MAPPING-START, and BLOCK-END are emitted by the Scanner:
-//
-//      1. Block sequences:
-//
-//          - item 1
-//          - item 2
-//          -
-//            - item 3.1
-//            - item 3.2
-//          -
-//            key 1: value 1
-//            key 2: value 2
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          BLOCK-SEQUENCE-START
-//          BLOCK-ENTRY
-//          SCALAR("item 1",plain)
-//          BLOCK-ENTRY
-//          SCALAR("item 2",plain)
-//          BLOCK-ENTRY
-//          BLOCK-SEQUENCE-START
-//          BLOCK-ENTRY
-//          SCALAR("item 3.1",plain)
-//          BLOCK-ENTRY
-//          SCALAR("item 3.2",plain)
-//          BLOCK-END
-//          BLOCK-ENTRY
-//          BLOCK-MAPPING-START
-//          KEY
-//          SCALAR("key 1",plain)
-//          VALUE
-//          SCALAR("value 1",plain)
-//          KEY
-//          SCALAR("key 2",plain)
-//          VALUE
-//          SCALAR("value 2",plain)
-//          BLOCK-END
-//          BLOCK-END
-//          STREAM-END
-//
-//      2. Block mappings:
-//
-//          a simple key: a value   # The KEY token is produced here.
-//          ? a complex key
-//          : another value
-//          a mapping:
-//            key 1: value 1
-//            key 2: value 2
-//          a sequence:
-//            - item 1
-//            - item 2
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          BLOCK-MAPPING-START
-//          KEY
-//          SCALAR("a simple key",plain)
-//          VALUE
-//          SCALAR("a value",plain)
-//          KEY
-//          SCALAR("a complex key",plain)
-//          VALUE
-//          SCALAR("another value",plain)
-//          KEY
-//          SCALAR("a mapping",plain)
-//          BLOCK-MAPPING-START
-//          KEY
-//          SCALAR("key 1",plain)
-//          VALUE
-//          SCALAR("value 1",plain)
-//          KEY
-//          SCALAR("key 2",plain)
-//          VALUE
-//          SCALAR("value 2",plain)
-//          BLOCK-END
-//          KEY
-//          SCALAR("a sequence",plain)
-//          VALUE
-//          BLOCK-SEQUENCE-START
-//          BLOCK-ENTRY
-//          SCALAR("item 1",plain)
-//          BLOCK-ENTRY
-//          SCALAR("item 2",plain)
-//          BLOCK-END
-//          BLOCK-END
-//          STREAM-END
-//
-// YAML does not always require to start a new block collection from a new
-// line.  If the current line contains only '-', '?', and ':' indicators, a new
-// block collection may start at the current line.  The following examples
-// illustrate this case:
-//
-//      1. Collections in a sequence:
-//
-//          - - item 1
-//            - item 2
-//          - key 1: value 1
-//            key 2: value 2
-//          - ? complex key
-//            : complex value
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          BLOCK-SEQUENCE-START
-//          BLOCK-ENTRY
-//          BLOCK-SEQUENCE-START
-//          BLOCK-ENTRY
-//          SCALAR("item 1",plain)
-//          BLOCK-ENTRY
-//          SCALAR("item 2",plain)
-//          BLOCK-END
-//          BLOCK-ENTRY
-//          BLOCK-MAPPING-START
-//          KEY
-//          SCALAR("key 1",plain)
-//          VALUE
-//          SCALAR("value 1",plain)
-//          KEY
-//          SCALAR("key 2",plain)
-//          VALUE
-//          SCALAR("value 2",plain)
-//          BLOCK-END
-//          BLOCK-ENTRY
-//          BLOCK-MAPPING-START
-//          KEY
-//          SCALAR("complex key")
-//          VALUE
-//          SCALAR("complex value")
-//          BLOCK-END
-//          BLOCK-END
-//          STREAM-END
-//
-//      2. Collections in a mapping:
-//
-//          ? a sequence
-//          : - item 1
-//            - item 2
-//          ? a mapping
-//          : key 1: value 1
-//            key 2: value 2
-//
-//      Tokens:
-//
-//          STREAM-START(utf-8)
-//          BLOCK-MAPPING-START
-//          KEY
-//          SCALAR("a sequence",plain)
-//          VALUE
-//          BLOCK-SEQUENCE-START
-//          BLOCK-ENTRY
-//          SCALAR("item 1",plain)
-//          BLOCK-ENTRY
-//          SCALAR("item 2",plain)
-//          BLOCK-END
-//          KEY
-//          SCALAR("a mapping",plain)
-//          VALUE
-//          BLOCK-MAPPING-START
-//          KEY
-//          SCALAR("key 1",plain)
-//          VALUE
-//          SCALAR("value 1",plain)
-//          KEY
-//          SCALAR("key 2",plain)
-//          VALUE
-//          SCALAR("value 2",plain)
-//          BLOCK-END
-//          BLOCK-END
-//          STREAM-END
-//
-// YAML also permits non-indented sequences if they are included into a block
-// mapping.  In this case, the token BLOCK-SEQUENCE-START is not produced:
-//
-//      key:
-//      - item 1    # BLOCK-SEQUENCE-START is NOT produced here.
-//      - item 2
-//
-// Tokens:
-//
-//      STREAM-START(utf-8)
-//      BLOCK-MAPPING-START
-//      KEY
-//      SCALAR("key",plain)
-//      VALUE
-//      BLOCK-ENTRY
-//      SCALAR("item 1",plain)
-//      BLOCK-ENTRY
-//      SCALAR("item 2",plain)
-//      BLOCK-END
-//
-
-// Ensure that the buffer contains the required number of characters.
-// Return true on success, false on failure (reader error or memory error).
-func cache(parser *yaml_parser_t, length int) bool {
-	// [Go] This was inlined: !cache(A, B) -> unread < B && !update(A, B)
-	return parser.unread >= length || yaml_parser_update_buffer(parser, length)
-}
-
-// Advance the buffer pointer.
-func skip(parser *yaml_parser_t) {
-	if !is_blank(parser.buffer, parser.buffer_pos) {
-		parser.newlines = 0
-	}
-	parser.mark.index++
-	parser.mark.column++
-	parser.unread--
-	parser.buffer_pos += width(parser.buffer[parser.buffer_pos])
-}
-
-func skip_line(parser *yaml_parser_t) {
-	if is_crlf(parser.buffer, parser.buffer_pos) {
-		parser.mark.index += 2
-		parser.mark.column = 0
-		parser.mark.line++
-		parser.unread -= 2
-		parser.buffer_pos += 2
-		parser.newlines++
-	} else if is_break(parser.buffer, parser.buffer_pos) {
-		parser.mark.index++
-		parser.mark.column = 0
-		parser.mark.line++
-		parser.unread--
-		parser.buffer_pos += width(parser.buffer[parser.buffer_pos])
-		parser.newlines++
-	}
-}
-
-// Copy a character to a string buffer and advance pointers.
-func read(parser *yaml_parser_t, s []byte) []byte {
-	if !is_blank(parser.buffer, parser.buffer_pos) {
-		parser.newlines = 0
-	}
-	w := width(parser.buffer[parser.buffer_pos])
-	if w == 0 {
-		panic("invalid character sequence")
-	}
-	if len(s) == 0 {
-		s = make([]byte, 0, 32)
-	}
-	if w == 1 && len(s)+w <= cap(s) {
-		s = s[:len(s)+1]
-		s[len(s)-1] = parser.buffer[parser.buffer_pos]
-		parser.buffer_pos++
-	} else {
-		s = append(s, parser.buffer[parser.buffer_pos:parser.buffer_pos+w]...)
-		parser.buffer_pos += w
-	}
-	parser.mark.index++
-	parser.mark.column++
-	parser.unread--
-	return s
-}
-
-// Copy a line break character to a string buffer and advance pointers.
-func read_line(parser *yaml_parser_t, s []byte) []byte {
-	buf := parser.buffer
-	pos := parser.buffer_pos
-	switch {
-	case buf[pos] == '\r' && buf[pos+1] == '\n':
-		// CR LF . LF
-		s = append(s, '\n')
-		parser.buffer_pos += 2
-		parser.mark.index++
-		parser.unread--
-	case buf[pos] == '\r' || buf[pos] == '\n':
-		// CR|LF . LF
-		s = append(s, '\n')
-		parser.buffer_pos += 1
-	case buf[pos] == '\xC2' && buf[pos+1] == '\x85':
-		// NEL . LF
-		s = append(s, '\n')
-		parser.buffer_pos += 2
-	case buf[pos] == '\xE2' && buf[pos+1] == '\x80' && (buf[pos+2] == '\xA8' || buf[pos+2] == '\xA9'):
-		// LS|PS . LS|PS
-		s = append(s, buf[parser.buffer_pos:pos+3]...)
-		parser.buffer_pos += 3
-	default:
-		return s
-	}
-	parser.mark.index++
-	parser.mark.column = 0
-	parser.mark.line++
-	parser.unread--
-	parser.newlines++
-	return s
-}
-
-// Get the next token.
-func yaml_parser_scan(parser *yaml_parser_t, token *yaml_token_t) bool {
-	// Erase the token object.
-	*token = yaml_token_t{} // [Go] Is this necessary?
-
-	// No tokens after STREAM-END or error.
-	if parser.stream_end_produced || parser.error != yaml_NO_ERROR {
-		return true
-	}
-
-	// Ensure that the tokens queue contains enough tokens.
-	if !parser.token_available {
-		if !yaml_parser_fetch_more_tokens(parser) {
-			return false
-		}
-	}
-
-	// Fetch the next token from the queue.
-	*token = parser.tokens[parser.tokens_head]
-	parser.tokens_head++
-	parser.tokens_parsed++
-	parser.token_available = false
-
-	if token.typ == yaml_STREAM_END_TOKEN {
-		parser.stream_end_produced = true
-	}
-	return true
-}
-
-// Set the scanner error and return false.
-func yaml_parser_set_scanner_error(parser *yaml_parser_t, context string, context_mark yaml_mark_t, problem string) bool {
-	parser.error = yaml_SCANNER_ERROR
-	parser.context = context
-	parser.context_mark = context_mark
-	parser.problem = problem
-	parser.problem_mark = parser.mark
-	return false
-}
-
-func yaml_parser_set_scanner_tag_error(parser *yaml_parser_t, directive bool, context_mark yaml_mark_t, problem string) bool {
-	context := "while parsing a tag"
-	if directive {
-		context = "while parsing a %TAG directive"
-	}
-	return yaml_parser_set_scanner_error(parser, context, context_mark, problem)
-}
-
-func trace(args ...interface{}) func() {
-	pargs := append([]interface{}{"+++"}, args...)
-	fmt.Println(pargs...)
-	pargs = append([]interface{}{"---"}, args...)
-	return func() { fmt.Println(pargs...) }
-}
-
-// Ensure that the tokens queue contains at least one token which can be
-// returned to the Parser.
-func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool {
-	// While we need more tokens to fetch, do it.
-	for {
-		// [Go] The comment parsing logic requires a lookahead of two tokens
-		// so that foot comments may be parsed in time of associating them
-		// with the tokens that are parsed before them, and also for line
-		// comments to be transformed into head comments in some edge cases.
-		if parser.tokens_head < len(parser.tokens)-2 {
-			// If a potential simple key is at the head position, we need to fetch
-			// the next token to disambiguate it.
-			head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed]
-			if !ok {
-				break
-			} else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok {
-				return false
-			} else if !valid {
-				break
-			}
-		}
-		// Fetch the next token.
-		if !yaml_parser_fetch_next_token(parser) {
-			return false
-		}
-	}
-
-	parser.token_available = true
-	return true
-}
-
-// The dispatcher for token fetchers.
-func yaml_parser_fetch_next_token(parser *yaml_parser_t) (ok bool) {
-	// Ensure that the buffer is initialized.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-
-	// Check if we just started scanning.  Fetch STREAM-START then.
-	if !parser.stream_start_produced {
-		return yaml_parser_fetch_stream_start(parser)
-	}
-
-	scan_mark := parser.mark
-
-	// Eat whitespaces and comments until we reach the next token.
-	if !yaml_parser_scan_to_next_token(parser) {
-		return false
-	}
-
-	// [Go] While unrolling indents, transform the head comments of prior
-	// indentation levels observed after scan_start into foot comments at
-	// the respective indexes.
-
-	// Check the indentation level against the current column.
-	if !yaml_parser_unroll_indent(parser, parser.mark.column, scan_mark) {
-		return false
-	}
-
-	// Ensure that the buffer contains at least 4 characters.  4 is the length
-	// of the longest indicators ('--- ' and '... ').
-	if parser.unread < 4 && !yaml_parser_update_buffer(parser, 4) {
-		return false
-	}
-
-	// Is it the end of the stream?
-	if is_z(parser.buffer, parser.buffer_pos) {
-		return yaml_parser_fetch_stream_end(parser)
-	}
-
-	// Is it a directive?
-	if parser.mark.column == 0 && parser.buffer[parser.buffer_pos] == '%' {
-		return yaml_parser_fetch_directive(parser)
-	}
-
-	buf := parser.buffer
-	pos := parser.buffer_pos
-
-	// Is it the document start indicator?
-	if parser.mark.column == 0 && buf[pos] == '-' && buf[pos+1] == '-' && buf[pos+2] == '-' && is_blankz(buf, pos+3) {
-		return yaml_parser_fetch_document_indicator(parser, yaml_DOCUMENT_START_TOKEN)
-	}
-
-	// Is it the document end indicator?
-	if parser.mark.column == 0 && buf[pos] == '.' && buf[pos+1] == '.' && buf[pos+2] == '.' && is_blankz(buf, pos+3) {
-		return yaml_parser_fetch_document_indicator(parser, yaml_DOCUMENT_END_TOKEN)
-	}
-
-	comment_mark := parser.mark
-	if len(parser.tokens) > 0 && (parser.flow_level == 0 && buf[pos] == ':' || parser.flow_level > 0 && buf[pos] == ',') {
-		// Associate any following comments with the prior token.
-		comment_mark = parser.tokens[len(parser.tokens)-1].start_mark
-	}
-	defer func() {
-		if !ok {
-			return
-		}
-		if len(parser.tokens) > 0 && parser.tokens[len(parser.tokens)-1].typ == yaml_BLOCK_ENTRY_TOKEN {
-			// Sequence indicators alone have no line comments. It becomes
-			// a head comment for whatever follows.
-			return
-		}
-		if !yaml_parser_scan_line_comment(parser, comment_mark) {
-			ok = false
-			return
-		}
-	}()
-
-	// Is it the flow sequence start indicator?
-	if buf[pos] == '[' {
-		return yaml_parser_fetch_flow_collection_start(parser, yaml_FLOW_SEQUENCE_START_TOKEN)
-	}
-
-	// Is it the flow mapping start indicator?
-	if parser.buffer[parser.buffer_pos] == '{' {
-		return yaml_parser_fetch_flow_collection_start(parser, yaml_FLOW_MAPPING_START_TOKEN)
-	}
-
-	// Is it the flow sequence end indicator?
-	if parser.buffer[parser.buffer_pos] == ']' {
-		return yaml_parser_fetch_flow_collection_end(parser,
-			yaml_FLOW_SEQUENCE_END_TOKEN)
-	}
-
-	// Is it the flow mapping end indicator?
-	if parser.buffer[parser.buffer_pos] == '}' {
-		return yaml_parser_fetch_flow_collection_end(parser,
-			yaml_FLOW_MAPPING_END_TOKEN)
-	}
-
-	// Is it the flow entry indicator?
-	if parser.buffer[parser.buffer_pos] == ',' {
-		return yaml_parser_fetch_flow_entry(parser)
-	}
-
-	// Is it the block entry indicator?
-	if parser.buffer[parser.buffer_pos] == '-' && is_blankz(parser.buffer, parser.buffer_pos+1) {
-		return yaml_parser_fetch_block_entry(parser)
-	}
-
-	// Is it the key indicator?
-	if parser.buffer[parser.buffer_pos] == '?' && (parser.flow_level > 0 || is_blankz(parser.buffer, parser.buffer_pos+1)) {
-		return yaml_parser_fetch_key(parser)
-	}
-
-	// Is it the value indicator?
-	if parser.buffer[parser.buffer_pos] == ':' && (parser.flow_level > 0 || is_blankz(parser.buffer, parser.buffer_pos+1)) {
-		return yaml_parser_fetch_value(parser)
-	}
-
-	// Is it an alias?
-	if parser.buffer[parser.buffer_pos] == '*' {
-		return yaml_parser_fetch_anchor(parser, yaml_ALIAS_TOKEN)
-	}
-
-	// Is it an anchor?
-	if parser.buffer[parser.buffer_pos] == '&' {
-		return yaml_parser_fetch_anchor(parser, yaml_ANCHOR_TOKEN)
-	}
-
-	// Is it a tag?
-	if parser.buffer[parser.buffer_pos] == '!' {
-		return yaml_parser_fetch_tag(parser)
-	}
-
-	// Is it a literal scalar?
-	if parser.buffer[parser.buffer_pos] == '|' && parser.flow_level == 0 {
-		return yaml_parser_fetch_block_scalar(parser, true)
-	}
-
-	// Is it a folded scalar?
-	if parser.buffer[parser.buffer_pos] == '>' && parser.flow_level == 0 {
-		return yaml_parser_fetch_block_scalar(parser, false)
-	}
-
-	// Is it a single-quoted scalar?
-	if parser.buffer[parser.buffer_pos] == '\'' {
-		return yaml_parser_fetch_flow_scalar(parser, true)
-	}
-
-	// Is it a double-quoted scalar?
-	if parser.buffer[parser.buffer_pos] == '"' {
-		return yaml_parser_fetch_flow_scalar(parser, false)
-	}
-
-	// Is it a plain scalar?
-	//
-	// A plain scalar may start with any non-blank characters except
-	//
-	//      '-', '?', ':', ',', '[', ']', '{', '}',
-	//      '#', '&', '*', '!', '|', '>', '\'', '\"',
-	//      '%', '@', '`'.
-	//
-	// In the block context (and, for the '-' indicator, in the flow context
-	// too), it may also start with the characters
-	//
-	//      '-', '?', ':'
-	//
-	// if it is followed by a non-space character.
-	//
-	// The last rule is more restrictive than the specification requires.
-	// [Go] TODO Make this logic more reasonable.
-	//switch parser.buffer[parser.buffer_pos] {
-	//case '-', '?', ':', ',', '?', '-', ',', ':', ']', '[', '}', '{', '&', '#', '!', '*', '>', '|', '"', '\'', '@', '%', '-', '`':
-	//}
-	if !(is_blankz(parser.buffer, parser.buffer_pos) || parser.buffer[parser.buffer_pos] == '-' ||
-		parser.buffer[parser.buffer_pos] == '?' || parser.buffer[parser.buffer_pos] == ':' ||
-		parser.buffer[parser.buffer_pos] == ',' || parser.buffer[parser.buffer_pos] == '[' ||
-		parser.buffer[parser.buffer_pos] == ']' || parser.buffer[parser.buffer_pos] == '{' ||
-		parser.buffer[parser.buffer_pos] == '}' || parser.buffer[parser.buffer_pos] == '#' ||
-		parser.buffer[parser.buffer_pos] == '&' || parser.buffer[parser.buffer_pos] == '*' ||
-		parser.buffer[parser.buffer_pos] == '!' || parser.buffer[parser.buffer_pos] == '|' ||
-		parser.buffer[parser.buffer_pos] == '>' || parser.buffer[parser.buffer_pos] == '\'' ||
-		parser.buffer[parser.buffer_pos] == '"' || parser.buffer[parser.buffer_pos] == '%' ||
-		parser.buffer[parser.buffer_pos] == '@' || parser.buffer[parser.buffer_pos] == '`') ||
-		(parser.buffer[parser.buffer_pos] == '-' && !is_blank(parser.buffer, parser.buffer_pos+1)) ||
-		(parser.flow_level == 0 &&
-			(parser.buffer[parser.buffer_pos] == '?' || parser.buffer[parser.buffer_pos] == ':') &&
-			!is_blankz(parser.buffer, parser.buffer_pos+1)) {
-		return yaml_parser_fetch_plain_scalar(parser)
-	}
-
-	// If we don't determine the token type so far, it is an error.
-	return yaml_parser_set_scanner_error(parser,
-		"while scanning for the next token", parser.mark,
-		"found character that cannot start any token")
-}
-
-func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) {
-	if !simple_key.possible {
-		return false, true
-	}
-
-	// The 1.2 specification says:
-	//
-	//     "If the ? indicator is omitted, parsing needs to see past the
-	//     implicit key to recognize it as such. To limit the amount of
-	//     lookahead required, the “:” indicator must appear at most 1024
-	//     Unicode characters beyond the start of the key. In addition, the key
-	//     is restricted to a single line."
-	//
-	if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index {
-		// Check if the potential simple key to be removed is required.
-		if simple_key.required {
-			return false, yaml_parser_set_scanner_error(parser,
-				"while scanning a simple key", simple_key.mark,
-				"could not find expected ':'")
-		}
-		simple_key.possible = false
-		return false, true
-	}
-	return true, true
-}
-
-// Check if a simple key may start at the current position and add it if
-// needed.
-func yaml_parser_save_simple_key(parser *yaml_parser_t) bool {
-	// A simple key is required at the current position if the scanner is in
-	// the block context and the current column coincides with the indentation
-	// level.
-
-	required := parser.flow_level == 0 && parser.indent == parser.mark.column
-
-	//
-	// If the current position may start a simple key, save it.
-	//
-	if parser.simple_key_allowed {
-		simple_key := yaml_simple_key_t{
-			possible:     true,
-			required:     required,
-			token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head),
-			mark:         parser.mark,
-		}
-
-		if !yaml_parser_remove_simple_key(parser) {
-			return false
-		}
-		parser.simple_keys[len(parser.simple_keys)-1] = simple_key
-		parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1
-	}
-	return true
-}
-
-// Remove a potential simple key at the current flow level.
-func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool {
-	i := len(parser.simple_keys) - 1
-	if parser.simple_keys[i].possible {
-		// If the key is required, it is an error.
-		if parser.simple_keys[i].required {
-			return yaml_parser_set_scanner_error(parser,
-				"while scanning a simple key", parser.simple_keys[i].mark,
-				"could not find expected ':'")
-		}
-		// Remove the key from the stack.
-		parser.simple_keys[i].possible = false
-		delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number)
-	}
-	return true
-}
-
-// max_flow_level limits the flow_level
-const max_flow_level = 10000
-
-// Increase the flow level and resize the simple key list if needed.
-func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool {
-	// Reset the simple key on the next level.
-	parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{
-		possible:     false,
-		required:     false,
-		token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head),
-		mark:         parser.mark,
-	})
-
-	// Increase the flow level.
-	parser.flow_level++
-	if parser.flow_level > max_flow_level {
-		return yaml_parser_set_scanner_error(parser,
-			"while increasing flow level", parser.simple_keys[len(parser.simple_keys)-1].mark,
-			fmt.Sprintf("exceeded max depth of %d", max_flow_level))
-	}
-	return true
-}
-
-// Decrease the flow level.
-func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool {
-	if parser.flow_level > 0 {
-		parser.flow_level--
-		last := len(parser.simple_keys) - 1
-		delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number)
-		parser.simple_keys = parser.simple_keys[:last]
-	}
-	return true
-}
-
-// max_indents limits the indents stack size
-const max_indents = 10000
-
-// Push the current indentation level to the stack and set the new level
-// the current column is greater than the indentation level.  In this case,
-// append or insert the specified token into the token queue.
-func yaml_parser_roll_indent(parser *yaml_parser_t, column, number int, typ yaml_token_type_t, mark yaml_mark_t) bool {
-	// In the flow context, do nothing.
-	if parser.flow_level > 0 {
-		return true
-	}
-
-	if parser.indent < column {
-		// Push the current indentation level to the stack and set the new
-		// indentation level.
-		parser.indents = append(parser.indents, parser.indent)
-		parser.indent = column
-		if len(parser.indents) > max_indents {
-			return yaml_parser_set_scanner_error(parser,
-				"while increasing indent level", parser.simple_keys[len(parser.simple_keys)-1].mark,
-				fmt.Sprintf("exceeded max depth of %d", max_indents))
-		}
-
-		// Create a token and insert it into the queue.
-		token := yaml_token_t{
-			typ:        typ,
-			start_mark: mark,
-			end_mark:   mark,
-		}
-		if number > -1 {
-			number -= parser.tokens_parsed
-		}
-		yaml_insert_token(parser, number, &token)
-	}
-	return true
-}
-
-// Pop indentation levels from the indents stack until the current level
-// becomes less or equal to the column.  For each indentation level, append
-// the BLOCK-END token.
-func yaml_parser_unroll_indent(parser *yaml_parser_t, column int, scan_mark yaml_mark_t) bool {
-	// In the flow context, do nothing.
-	if parser.flow_level > 0 {
-		return true
-	}
-
-	block_mark := scan_mark
-	block_mark.index--
-
-	// Loop through the indentation levels in the stack.
-	for parser.indent > column {
-
-		// [Go] Reposition the end token before potential following
-		//      foot comments of parent blocks. For that, search
-		//      backwards for recent comments that were at the same
-		//      indent as the block that is ending now.
-		stop_index := block_mark.index
-		for i := len(parser.comments) - 1; i >= 0; i-- {
-			comment := &parser.comments[i]
-
-			if comment.end_mark.index < stop_index {
-				// Don't go back beyond the start of the comment/whitespace scan, unless column < 0.
-				// If requested indent column is < 0, then the document is over and everything else
-				// is a foot anyway.
-				break
-			}
-			if comment.start_mark.column == parser.indent+1 {
-				// This is a good match. But maybe there's a former comment
-				// at that same indent level, so keep searching.
-				block_mark = comment.start_mark
-			}
-
-			// While the end of the former comment matches with
-			// the start of the following one, we know there's
-			// nothing in between and scanning is still safe.
-			stop_index = comment.scan_mark.index
-		}
-
-		// Create a token and append it to the queue.
-		token := yaml_token_t{
-			typ:        yaml_BLOCK_END_TOKEN,
-			start_mark: block_mark,
-			end_mark:   block_mark,
-		}
-		yaml_insert_token(parser, -1, &token)
-
-		// Pop the indentation level.
-		parser.indent = parser.indents[len(parser.indents)-1]
-		parser.indents = parser.indents[:len(parser.indents)-1]
-	}
-	return true
-}
-
-// Initialize the scanner and produce the STREAM-START token.
-func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool {
-
-	// Set the initial indentation.
-	parser.indent = -1
-
-	// Initialize the simple key stack.
-	parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{})
-
-	parser.simple_keys_by_tok = make(map[int]int)
-
-	// A simple key is allowed at the beginning of the stream.
-	parser.simple_key_allowed = true
-
-	// We have started.
-	parser.stream_start_produced = true
-
-	// Create the STREAM-START token and append it to the queue.
-	token := yaml_token_t{
-		typ:        yaml_STREAM_START_TOKEN,
-		start_mark: parser.mark,
-		end_mark:   parser.mark,
-		encoding:   parser.encoding,
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the STREAM-END token and shut down the scanner.
-func yaml_parser_fetch_stream_end(parser *yaml_parser_t) bool {
-
-	// Force new line.
-	if parser.mark.column != 0 {
-		parser.mark.column = 0
-		parser.mark.line++
-	}
-
-	// Reset the indentation level.
-	if !yaml_parser_unroll_indent(parser, -1, parser.mark) {
-		return false
-	}
-
-	// Reset simple keys.
-	if !yaml_parser_remove_simple_key(parser) {
-		return false
-	}
-
-	parser.simple_key_allowed = false
-
-	// Create the STREAM-END token and append it to the queue.
-	token := yaml_token_t{
-		typ:        yaml_STREAM_END_TOKEN,
-		start_mark: parser.mark,
-		end_mark:   parser.mark,
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce a VERSION-DIRECTIVE or TAG-DIRECTIVE token.
-func yaml_parser_fetch_directive(parser *yaml_parser_t) bool {
-	// Reset the indentation level.
-	if !yaml_parser_unroll_indent(parser, -1, parser.mark) {
-		return false
-	}
-
-	// Reset simple keys.
-	if !yaml_parser_remove_simple_key(parser) {
-		return false
-	}
-
-	parser.simple_key_allowed = false
-
-	// Create the YAML-DIRECTIVE or TAG-DIRECTIVE token.
-	token := yaml_token_t{}
-	if !yaml_parser_scan_directive(parser, &token) {
-		return false
-	}
-	// Append the token to the queue.
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the DOCUMENT-START or DOCUMENT-END token.
-func yaml_parser_fetch_document_indicator(parser *yaml_parser_t, typ yaml_token_type_t) bool {
-	// Reset the indentation level.
-	if !yaml_parser_unroll_indent(parser, -1, parser.mark) {
-		return false
-	}
-
-	// Reset simple keys.
-	if !yaml_parser_remove_simple_key(parser) {
-		return false
-	}
-
-	parser.simple_key_allowed = false
-
-	// Consume the token.
-	start_mark := parser.mark
-
-	skip(parser)
-	skip(parser)
-	skip(parser)
-
-	end_mark := parser.mark
-
-	// Create the DOCUMENT-START or DOCUMENT-END token.
-	token := yaml_token_t{
-		typ:        typ,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-	}
-	// Append the token to the queue.
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the FLOW-SEQUENCE-START or FLOW-MAPPING-START token.
-func yaml_parser_fetch_flow_collection_start(parser *yaml_parser_t, typ yaml_token_type_t) bool {
-
-	// The indicators '[' and '{' may start a simple key.
-	if !yaml_parser_save_simple_key(parser) {
-		return false
-	}
-
-	// Increase the flow level.
-	if !yaml_parser_increase_flow_level(parser) {
-		return false
-	}
-
-	// A simple key may follow the indicators '[' and '{'.
-	parser.simple_key_allowed = true
-
-	// Consume the token.
-	start_mark := parser.mark
-	skip(parser)
-	end_mark := parser.mark
-
-	// Create the FLOW-SEQUENCE-START of FLOW-MAPPING-START token.
-	token := yaml_token_t{
-		typ:        typ,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-	}
-	// Append the token to the queue.
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the FLOW-SEQUENCE-END or FLOW-MAPPING-END token.
-func yaml_parser_fetch_flow_collection_end(parser *yaml_parser_t, typ yaml_token_type_t) bool {
-	// Reset any potential simple key on the current flow level.
-	if !yaml_parser_remove_simple_key(parser) {
-		return false
-	}
-
-	// Decrease the flow level.
-	if !yaml_parser_decrease_flow_level(parser) {
-		return false
-	}
-
-	// No simple keys after the indicators ']' and '}'.
-	parser.simple_key_allowed = false
-
-	// Consume the token.
-
-	start_mark := parser.mark
-	skip(parser)
-	end_mark := parser.mark
-
-	// Create the FLOW-SEQUENCE-END of FLOW-MAPPING-END token.
-	token := yaml_token_t{
-		typ:        typ,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-	}
-	// Append the token to the queue.
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the FLOW-ENTRY token.
-func yaml_parser_fetch_flow_entry(parser *yaml_parser_t) bool {
-	// Reset any potential simple keys on the current flow level.
-	if !yaml_parser_remove_simple_key(parser) {
-		return false
-	}
-
-	// Simple keys are allowed after ','.
-	parser.simple_key_allowed = true
-
-	// Consume the token.
-	start_mark := parser.mark
-	skip(parser)
-	end_mark := parser.mark
-
-	// Create the FLOW-ENTRY token and append it to the queue.
-	token := yaml_token_t{
-		typ:        yaml_FLOW_ENTRY_TOKEN,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the BLOCK-ENTRY token.
-func yaml_parser_fetch_block_entry(parser *yaml_parser_t) bool {
-	// Check if the scanner is in the block context.
-	if parser.flow_level == 0 {
-		// Check if we are allowed to start a new entry.
-		if !parser.simple_key_allowed {
-			return yaml_parser_set_scanner_error(parser, "", parser.mark,
-				"block sequence entries are not allowed in this context")
-		}
-		// Add the BLOCK-SEQUENCE-START token if needed.
-		if !yaml_parser_roll_indent(parser, parser.mark.column, -1, yaml_BLOCK_SEQUENCE_START_TOKEN, parser.mark) {
-			return false
-		}
-	} else {
-		// It is an error for the '-' indicator to occur in the flow context,
-		// but we let the Parser detect and report about it because the Parser
-		// is able to point to the context.
-	}
-
-	// Reset any potential simple keys on the current flow level.
-	if !yaml_parser_remove_simple_key(parser) {
-		return false
-	}
-
-	// Simple keys are allowed after '-'.
-	parser.simple_key_allowed = true
-
-	// Consume the token.
-	start_mark := parser.mark
-	skip(parser)
-	end_mark := parser.mark
-
-	// Create the BLOCK-ENTRY token and append it to the queue.
-	token := yaml_token_t{
-		typ:        yaml_BLOCK_ENTRY_TOKEN,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the KEY token.
-func yaml_parser_fetch_key(parser *yaml_parser_t) bool {
-
-	// In the block context, additional checks are required.
-	if parser.flow_level == 0 {
-		// Check if we are allowed to start a new key (not nessesary simple).
-		if !parser.simple_key_allowed {
-			return yaml_parser_set_scanner_error(parser, "", parser.mark,
-				"mapping keys are not allowed in this context")
-		}
-		// Add the BLOCK-MAPPING-START token if needed.
-		if !yaml_parser_roll_indent(parser, parser.mark.column, -1, yaml_BLOCK_MAPPING_START_TOKEN, parser.mark) {
-			return false
-		}
-	}
-
-	// Reset any potential simple keys on the current flow level.
-	if !yaml_parser_remove_simple_key(parser) {
-		return false
-	}
-
-	// Simple keys are allowed after '?' in the block context.
-	parser.simple_key_allowed = parser.flow_level == 0
-
-	// Consume the token.
-	start_mark := parser.mark
-	skip(parser)
-	end_mark := parser.mark
-
-	// Create the KEY token and append it to the queue.
-	token := yaml_token_t{
-		typ:        yaml_KEY_TOKEN,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the VALUE token.
-func yaml_parser_fetch_value(parser *yaml_parser_t) bool {
-
-	simple_key := &parser.simple_keys[len(parser.simple_keys)-1]
-
-	// Have we found a simple key?
-	if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok {
-		return false
-
-	} else if valid {
-
-		// Create the KEY token and insert it into the queue.
-		token := yaml_token_t{
-			typ:        yaml_KEY_TOKEN,
-			start_mark: simple_key.mark,
-			end_mark:   simple_key.mark,
-		}
-		yaml_insert_token(parser, simple_key.token_number-parser.tokens_parsed, &token)
-
-		// In the block context, we may need to add the BLOCK-MAPPING-START token.
-		if !yaml_parser_roll_indent(parser, simple_key.mark.column,
-			simple_key.token_number,
-			yaml_BLOCK_MAPPING_START_TOKEN, simple_key.mark) {
-			return false
-		}
-
-		// Remove the simple key.
-		simple_key.possible = false
-		delete(parser.simple_keys_by_tok, simple_key.token_number)
-
-		// A simple key cannot follow another simple key.
-		parser.simple_key_allowed = false
-
-	} else {
-		// The ':' indicator follows a complex key.
-
-		// In the block context, extra checks are required.
-		if parser.flow_level == 0 {
-
-			// Check if we are allowed to start a complex value.
-			if !parser.simple_key_allowed {
-				return yaml_parser_set_scanner_error(parser, "", parser.mark,
-					"mapping values are not allowed in this context")
-			}
-
-			// Add the BLOCK-MAPPING-START token if needed.
-			if !yaml_parser_roll_indent(parser, parser.mark.column, -1, yaml_BLOCK_MAPPING_START_TOKEN, parser.mark) {
-				return false
-			}
-		}
-
-		// Simple keys after ':' are allowed in the block context.
-		parser.simple_key_allowed = parser.flow_level == 0
-	}
-
-	// Consume the token.
-	start_mark := parser.mark
-	skip(parser)
-	end_mark := parser.mark
-
-	// Create the VALUE token and append it to the queue.
-	token := yaml_token_t{
-		typ:        yaml_VALUE_TOKEN,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the ALIAS or ANCHOR token.
-func yaml_parser_fetch_anchor(parser *yaml_parser_t, typ yaml_token_type_t) bool {
-	// An anchor or an alias could be a simple key.
-	if !yaml_parser_save_simple_key(parser) {
-		return false
-	}
-
-	// A simple key cannot follow an anchor or an alias.
-	parser.simple_key_allowed = false
-
-	// Create the ALIAS or ANCHOR token and append it to the queue.
-	var token yaml_token_t
-	if !yaml_parser_scan_anchor(parser, &token, typ) {
-		return false
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the TAG token.
-func yaml_parser_fetch_tag(parser *yaml_parser_t) bool {
-	// A tag could be a simple key.
-	if !yaml_parser_save_simple_key(parser) {
-		return false
-	}
-
-	// A simple key cannot follow a tag.
-	parser.simple_key_allowed = false
-
-	// Create the TAG token and append it to the queue.
-	var token yaml_token_t
-	if !yaml_parser_scan_tag(parser, &token) {
-		return false
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the SCALAR(...,literal) or SCALAR(...,folded) tokens.
-func yaml_parser_fetch_block_scalar(parser *yaml_parser_t, literal bool) bool {
-	// Remove any potential simple keys.
-	if !yaml_parser_remove_simple_key(parser) {
-		return false
-	}
-
-	// A simple key may follow a block scalar.
-	parser.simple_key_allowed = true
-
-	// Create the SCALAR token and append it to the queue.
-	var token yaml_token_t
-	if !yaml_parser_scan_block_scalar(parser, &token, literal) {
-		return false
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the SCALAR(...,single-quoted) or SCALAR(...,double-quoted) tokens.
-func yaml_parser_fetch_flow_scalar(parser *yaml_parser_t, single bool) bool {
-	// A plain scalar could be a simple key.
-	if !yaml_parser_save_simple_key(parser) {
-		return false
-	}
-
-	// A simple key cannot follow a flow scalar.
-	parser.simple_key_allowed = false
-
-	// Create the SCALAR token and append it to the queue.
-	var token yaml_token_t
-	if !yaml_parser_scan_flow_scalar(parser, &token, single) {
-		return false
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Produce the SCALAR(...,plain) token.
-func yaml_parser_fetch_plain_scalar(parser *yaml_parser_t) bool {
-	// A plain scalar could be a simple key.
-	if !yaml_parser_save_simple_key(parser) {
-		return false
-	}
-
-	// A simple key cannot follow a flow scalar.
-	parser.simple_key_allowed = false
-
-	// Create the SCALAR token and append it to the queue.
-	var token yaml_token_t
-	if !yaml_parser_scan_plain_scalar(parser, &token) {
-		return false
-	}
-	yaml_insert_token(parser, -1, &token)
-	return true
-}
-
-// Eat whitespaces and comments until the next token is found.
-func yaml_parser_scan_to_next_token(parser *yaml_parser_t) bool {
-
-	scan_mark := parser.mark
-
-	// Until the next token is not found.
-	for {
-		// Allow the BOM mark to start a line.
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-		if parser.mark.column == 0 && is_bom(parser.buffer, parser.buffer_pos) {
-			skip(parser)
-		}
-
-		// Eat whitespaces.
-		// Tabs are allowed:
-		//  - in the flow context
-		//  - in the block context, but not at the beginning of the line or
-		//  after '-', '?', or ':' (complex value).
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-
-		for parser.buffer[parser.buffer_pos] == ' ' || ((parser.flow_level > 0 || !parser.simple_key_allowed) && parser.buffer[parser.buffer_pos] == '\t') {
-			skip(parser)
-			if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-				return false
-			}
-		}
-
-		// Check if we just had a line comment under a sequence entry that
-		// looks more like a header to the following content. Similar to this:
-		//
-		// - # The comment
-		//   - Some data
-		//
-		// If so, transform the line comment to a head comment and reposition.
-		if len(parser.comments) > 0 && len(parser.tokens) > 1 {
-			tokenA := parser.tokens[len(parser.tokens)-2]
-			tokenB := parser.tokens[len(parser.tokens)-1]
-			comment := &parser.comments[len(parser.comments)-1]
-			if tokenA.typ == yaml_BLOCK_SEQUENCE_START_TOKEN && tokenB.typ == yaml_BLOCK_ENTRY_TOKEN && len(comment.line) > 0 && !is_break(parser.buffer, parser.buffer_pos) {
-				// If it was in the prior line, reposition so it becomes a
-				// header of the follow up token. Otherwise, keep it in place
-				// so it becomes a header of the former.
-				comment.head = comment.line
-				comment.line = nil
-				if comment.start_mark.line == parser.mark.line-1 {
-					comment.token_mark = parser.mark
-				}
-			}
-		}
-
-		// Eat a comment until a line break.
-		if parser.buffer[parser.buffer_pos] == '#' {
-			if !yaml_parser_scan_comments(parser, scan_mark) {
-				return false
-			}
-		}
-
-		// If it is a line break, eat it.
-		if is_break(parser.buffer, parser.buffer_pos) {
-			if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-				return false
-			}
-			skip_line(parser)
-
-			// In the block context, a new line may start a simple key.
-			if parser.flow_level == 0 {
-				parser.simple_key_allowed = true
-			}
-		} else {
-			break // We have found a token.
-		}
-	}
-
-	return true
-}
-
-// Scan a YAML-DIRECTIVE or TAG-DIRECTIVE token.
-//
-// Scope:
-//      %YAML    1.1    # a comment \n
-//      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-//      %TAG    !yaml!  tag:yaml.org,2002:  \n
-//      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-//
-func yaml_parser_scan_directive(parser *yaml_parser_t, token *yaml_token_t) bool {
-	// Eat '%'.
-	start_mark := parser.mark
-	skip(parser)
-
-	// Scan the directive name.
-	var name []byte
-	if !yaml_parser_scan_directive_name(parser, start_mark, &name) {
-		return false
-	}
-
-	// Is it a YAML directive?
-	if bytes.Equal(name, []byte("YAML")) {
-		// Scan the VERSION directive value.
-		var major, minor int8
-		if !yaml_parser_scan_version_directive_value(parser, start_mark, &major, &minor) {
-			return false
-		}
-		end_mark := parser.mark
-
-		// Create a VERSION-DIRECTIVE token.
-		*token = yaml_token_t{
-			typ:        yaml_VERSION_DIRECTIVE_TOKEN,
-			start_mark: start_mark,
-			end_mark:   end_mark,
-			major:      major,
-			minor:      minor,
-		}
-
-		// Is it a TAG directive?
-	} else if bytes.Equal(name, []byte("TAG")) {
-		// Scan the TAG directive value.
-		var handle, prefix []byte
-		if !yaml_parser_scan_tag_directive_value(parser, start_mark, &handle, &prefix) {
-			return false
-		}
-		end_mark := parser.mark
-
-		// Create a TAG-DIRECTIVE token.
-		*token = yaml_token_t{
-			typ:        yaml_TAG_DIRECTIVE_TOKEN,
-			start_mark: start_mark,
-			end_mark:   end_mark,
-			value:      handle,
-			prefix:     prefix,
-		}
-
-		// Unknown directive.
-	} else {
-		yaml_parser_set_scanner_error(parser, "while scanning a directive",
-			start_mark, "found unknown directive name")
-		return false
-	}
-
-	// Eat the rest of the line including any comments.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-
-	for is_blank(parser.buffer, parser.buffer_pos) {
-		skip(parser)
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-	}
-
-	if parser.buffer[parser.buffer_pos] == '#' {
-		// [Go] Discard this inline comment for the time being.
-		//if !yaml_parser_scan_line_comment(parser, start_mark) {
-		//	return false
-		//}
-		for !is_breakz(parser.buffer, parser.buffer_pos) {
-			skip(parser)
-			if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-				return false
-			}
-		}
-	}
-
-	// Check if we are at the end of the line.
-	if !is_breakz(parser.buffer, parser.buffer_pos) {
-		yaml_parser_set_scanner_error(parser, "while scanning a directive",
-			start_mark, "did not find expected comment or line break")
-		return false
-	}
-
-	// Eat a line break.
-	if is_break(parser.buffer, parser.buffer_pos) {
-		if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-			return false
-		}
-		skip_line(parser)
-	}
-
-	return true
-}
-
-// Scan the directive name.
-//
-// Scope:
-//      %YAML   1.1     # a comment \n
-//       ^^^^
-//      %TAG    !yaml!  tag:yaml.org,2002:  \n
-//       ^^^
-//
-func yaml_parser_scan_directive_name(parser *yaml_parser_t, start_mark yaml_mark_t, name *[]byte) bool {
-	// Consume the directive name.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-
-	var s []byte
-	for is_alpha(parser.buffer, parser.buffer_pos) {
-		s = read(parser, s)
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-	}
-
-	// Check if the name is empty.
-	if len(s) == 0 {
-		yaml_parser_set_scanner_error(parser, "while scanning a directive",
-			start_mark, "could not find expected directive name")
-		return false
-	}
-
-	// Check for an blank character after the name.
-	if !is_blankz(parser.buffer, parser.buffer_pos) {
-		yaml_parser_set_scanner_error(parser, "while scanning a directive",
-			start_mark, "found unexpected non-alphabetical character")
-		return false
-	}
-	*name = s
-	return true
-}
-
-// Scan the value of VERSION-DIRECTIVE.
-//
-// Scope:
-//      %YAML   1.1     # a comment \n
-//           ^^^^^^
-func yaml_parser_scan_version_directive_value(parser *yaml_parser_t, start_mark yaml_mark_t, major, minor *int8) bool {
-	// Eat whitespaces.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-	for is_blank(parser.buffer, parser.buffer_pos) {
-		skip(parser)
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-	}
-
-	// Consume the major version number.
-	if !yaml_parser_scan_version_directive_number(parser, start_mark, major) {
-		return false
-	}
-
-	// Eat '.'.
-	if parser.buffer[parser.buffer_pos] != '.' {
-		return yaml_parser_set_scanner_error(parser, "while scanning a %YAML directive",
-			start_mark, "did not find expected digit or '.' character")
-	}
-
-	skip(parser)
-
-	// Consume the minor version number.
-	if !yaml_parser_scan_version_directive_number(parser, start_mark, minor) {
-		return false
-	}
-	return true
-}
-
-const max_number_length = 2
-
-// Scan the version number of VERSION-DIRECTIVE.
-//
-// Scope:
-//      %YAML   1.1     # a comment \n
-//              ^
-//      %YAML   1.1     # a comment \n
-//                ^
-func yaml_parser_scan_version_directive_number(parser *yaml_parser_t, start_mark yaml_mark_t, number *int8) bool {
-
-	// Repeat while the next character is digit.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-	var value, length int8
-	for is_digit(parser.buffer, parser.buffer_pos) {
-		// Check if the number is too long.
-		length++
-		if length > max_number_length {
-			return yaml_parser_set_scanner_error(parser, "while scanning a %YAML directive",
-				start_mark, "found extremely long version number")
-		}
-		value = value*10 + int8(as_digit(parser.buffer, parser.buffer_pos))
-		skip(parser)
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-	}
-
-	// Check if the number was present.
-	if length == 0 {
-		return yaml_parser_set_scanner_error(parser, "while scanning a %YAML directive",
-			start_mark, "did not find expected version number")
-	}
-	*number = value
-	return true
-}
-
-// Scan the value of a TAG-DIRECTIVE token.
-//
-// Scope:
-//      %TAG    !yaml!  tag:yaml.org,2002:  \n
-//          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-//
-func yaml_parser_scan_tag_directive_value(parser *yaml_parser_t, start_mark yaml_mark_t, handle, prefix *[]byte) bool {
-	var handle_value, prefix_value []byte
-
-	// Eat whitespaces.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-
-	for is_blank(parser.buffer, parser.buffer_pos) {
-		skip(parser)
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-	}
-
-	// Scan a handle.
-	if !yaml_parser_scan_tag_handle(parser, true, start_mark, &handle_value) {
-		return false
-	}
-
-	// Expect a whitespace.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-	if !is_blank(parser.buffer, parser.buffer_pos) {
-		yaml_parser_set_scanner_error(parser, "while scanning a %TAG directive",
-			start_mark, "did not find expected whitespace")
-		return false
-	}
-
-	// Eat whitespaces.
-	for is_blank(parser.buffer, parser.buffer_pos) {
-		skip(parser)
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-	}
-
-	// Scan a prefix.
-	if !yaml_parser_scan_tag_uri(parser, true, nil, start_mark, &prefix_value) {
-		return false
-	}
-
-	// Expect a whitespace or line break.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-	if !is_blankz(parser.buffer, parser.buffer_pos) {
-		yaml_parser_set_scanner_error(parser, "while scanning a %TAG directive",
-			start_mark, "did not find expected whitespace or line break")
-		return false
-	}
-
-	*handle = handle_value
-	*prefix = prefix_value
-	return true
-}
-
-func yaml_parser_scan_anchor(parser *yaml_parser_t, token *yaml_token_t, typ yaml_token_type_t) bool {
-	var s []byte
-
-	// Eat the indicator character.
-	start_mark := parser.mark
-	skip(parser)
-
-	// Consume the value.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-
-	for is_alpha(parser.buffer, parser.buffer_pos) {
-		s = read(parser, s)
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-	}
-
-	end_mark := parser.mark
-
-	/*
-	 * Check if length of the anchor is greater than 0 and it is followed by
-	 * a whitespace character or one of the indicators:
-	 *
-	 *      '?', ':', ',', ']', '}', '%', '@', '`'.
-	 */
-
-	if len(s) == 0 ||
-		!(is_blankz(parser.buffer, parser.buffer_pos) || parser.buffer[parser.buffer_pos] == '?' ||
-			parser.buffer[parser.buffer_pos] == ':' || parser.buffer[parser.buffer_pos] == ',' ||
-			parser.buffer[parser.buffer_pos] == ']' || parser.buffer[parser.buffer_pos] == '}' ||
-			parser.buffer[parser.buffer_pos] == '%' || parser.buffer[parser.buffer_pos] == '@' ||
-			parser.buffer[parser.buffer_pos] == '`') {
-		context := "while scanning an alias"
-		if typ == yaml_ANCHOR_TOKEN {
-			context = "while scanning an anchor"
-		}
-		yaml_parser_set_scanner_error(parser, context, start_mark,
-			"did not find expected alphabetic or numeric character")
-		return false
-	}
-
-	// Create a token.
-	*token = yaml_token_t{
-		typ:        typ,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-		value:      s,
-	}
-
-	return true
-}
-
-/*
- * Scan a TAG token.
- */
-
-func yaml_parser_scan_tag(parser *yaml_parser_t, token *yaml_token_t) bool {
-	var handle, suffix []byte
-
-	start_mark := parser.mark
-
-	// Check if the tag is in the canonical form.
-	if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-		return false
-	}
-
-	if parser.buffer[parser.buffer_pos+1] == '<' {
-		// Keep the handle as ''
-
-		// Eat '!<'
-		skip(parser)
-		skip(parser)
-
-		// Consume the tag value.
-		if !yaml_parser_scan_tag_uri(parser, false, nil, start_mark, &suffix) {
-			return false
-		}
-
-		// Check for '>' and eat it.
-		if parser.buffer[parser.buffer_pos] != '>' {
-			yaml_parser_set_scanner_error(parser, "while scanning a tag",
-				start_mark, "did not find the expected '>'")
-			return false
-		}
-
-		skip(parser)
-	} else {
-		// The tag has either the '!suffix' or the '!handle!suffix' form.
-
-		// First, try to scan a handle.
-		if !yaml_parser_scan_tag_handle(parser, false, start_mark, &handle) {
-			return false
-		}
-
-		// Check if it is, indeed, handle.
-		if handle[0] == '!' && len(handle) > 1 && handle[len(handle)-1] == '!' {
-			// Scan the suffix now.
-			if !yaml_parser_scan_tag_uri(parser, false, nil, start_mark, &suffix) {
-				return false
-			}
-		} else {
-			// It wasn't a handle after all.  Scan the rest of the tag.
-			if !yaml_parser_scan_tag_uri(parser, false, handle, start_mark, &suffix) {
-				return false
-			}
-
-			// Set the handle to '!'.
-			handle = []byte{'!'}
-
-			// A special case: the '!' tag.  Set the handle to '' and the
-			// suffix to '!'.
-			if len(suffix) == 0 {
-				handle, suffix = suffix, handle
-			}
-		}
-	}
-
-	// Check the character which ends the tag.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-	if !is_blankz(parser.buffer, parser.buffer_pos) {
-		yaml_parser_set_scanner_error(parser, "while scanning a tag",
-			start_mark, "did not find expected whitespace or line break")
-		return false
-	}
-
-	end_mark := parser.mark
-
-	// Create a token.
-	*token = yaml_token_t{
-		typ:        yaml_TAG_TOKEN,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-		value:      handle,
-		suffix:     suffix,
-	}
-	return true
-}
-
-// Scan a tag handle.
-func yaml_parser_scan_tag_handle(parser *yaml_parser_t, directive bool, start_mark yaml_mark_t, handle *[]byte) bool {
-	// Check the initial '!' character.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-	if parser.buffer[parser.buffer_pos] != '!' {
-		yaml_parser_set_scanner_tag_error(parser, directive,
-			start_mark, "did not find expected '!'")
-		return false
-	}
-
-	var s []byte
-
-	// Copy the '!' character.
-	s = read(parser, s)
-
-	// Copy all subsequent alphabetical and numerical characters.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-	for is_alpha(parser.buffer, parser.buffer_pos) {
-		s = read(parser, s)
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-	}
-
-	// Check if the trailing character is '!' and copy it.
-	if parser.buffer[parser.buffer_pos] == '!' {
-		s = read(parser, s)
-	} else {
-		// It's either the '!' tag or not really a tag handle.  If it's a %TAG
-		// directive, it's an error.  If it's a tag token, it must be a part of URI.
-		if directive && string(s) != "!" {
-			yaml_parser_set_scanner_tag_error(parser, directive,
-				start_mark, "did not find expected '!'")
-			return false
-		}
-	}
-
-	*handle = s
-	return true
-}
-
-// Scan a tag.
-func yaml_parser_scan_tag_uri(parser *yaml_parser_t, directive bool, head []byte, start_mark yaml_mark_t, uri *[]byte) bool {
-	//size_t length = head ? strlen((char *)head) : 0
-	var s []byte
-	hasTag := len(head) > 0
-
-	// Copy the head if needed.
-	//
-	// Note that we don't copy the leading '!' character.
-	if len(head) > 1 {
-		s = append(s, head[1:]...)
-	}
-
-	// Scan the tag.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-
-	// The set of characters that may appear in URI is as follows:
-	//
-	//      '0'-'9', 'A'-'Z', 'a'-'z', '_', '-', ';', '/', '?', ':', '@', '&',
-	//      '=', '+', '$', ',', '.', '!', '~', '*', '\'', '(', ')', '[', ']',
-	//      '%'.
-	// [Go] TODO Convert this into more reasonable logic.
-	for is_alpha(parser.buffer, parser.buffer_pos) || parser.buffer[parser.buffer_pos] == ';' ||
-		parser.buffer[parser.buffer_pos] == '/' || parser.buffer[parser.buffer_pos] == '?' ||
-		parser.buffer[parser.buffer_pos] == ':' || parser.buffer[parser.buffer_pos] == '@' ||
-		parser.buffer[parser.buffer_pos] == '&' || parser.buffer[parser.buffer_pos] == '=' ||
-		parser.buffer[parser.buffer_pos] == '+' || parser.buffer[parser.buffer_pos] == '$' ||
-		parser.buffer[parser.buffer_pos] == ',' || parser.buffer[parser.buffer_pos] == '.' ||
-		parser.buffer[parser.buffer_pos] == '!' || parser.buffer[parser.buffer_pos] == '~' ||
-		parser.buffer[parser.buffer_pos] == '*' || parser.buffer[parser.buffer_pos] == '\'' ||
-		parser.buffer[parser.buffer_pos] == '(' || parser.buffer[parser.buffer_pos] == ')' ||
-		parser.buffer[parser.buffer_pos] == '[' || parser.buffer[parser.buffer_pos] == ']' ||
-		parser.buffer[parser.buffer_pos] == '%' {
-		// Check if it is a URI-escape sequence.
-		if parser.buffer[parser.buffer_pos] == '%' {
-			if !yaml_parser_scan_uri_escapes(parser, directive, start_mark, &s) {
-				return false
-			}
-		} else {
-			s = read(parser, s)
-		}
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-		hasTag = true
-	}
-
-	if !hasTag {
-		yaml_parser_set_scanner_tag_error(parser, directive,
-			start_mark, "did not find expected tag URI")
-		return false
-	}
-	*uri = s
-	return true
-}
-
-// Decode an URI-escape sequence corresponding to a single UTF-8 character.
-func yaml_parser_scan_uri_escapes(parser *yaml_parser_t, directive bool, start_mark yaml_mark_t, s *[]byte) bool {
-
-	// Decode the required number of characters.
-	w := 1024
-	for w > 0 {
-		// Check for a URI-escaped octet.
-		if parser.unread < 3 && !yaml_parser_update_buffer(parser, 3) {
-			return false
-		}
-
-		if !(parser.buffer[parser.buffer_pos] == '%' &&
-			is_hex(parser.buffer, parser.buffer_pos+1) &&
-			is_hex(parser.buffer, parser.buffer_pos+2)) {
-			return yaml_parser_set_scanner_tag_error(parser, directive,
-				start_mark, "did not find URI escaped octet")
-		}
-
-		// Get the octet.
-		octet := byte((as_hex(parser.buffer, parser.buffer_pos+1) << 4) + as_hex(parser.buffer, parser.buffer_pos+2))
-
-		// If it is the leading octet, determine the length of the UTF-8 sequence.
-		if w == 1024 {
-			w = width(octet)
-			if w == 0 {
-				return yaml_parser_set_scanner_tag_error(parser, directive,
-					start_mark, "found an incorrect leading UTF-8 octet")
-			}
-		} else {
-			// Check if the trailing octet is correct.
-			if octet&0xC0 != 0x80 {
-				return yaml_parser_set_scanner_tag_error(parser, directive,
-					start_mark, "found an incorrect trailing UTF-8 octet")
-			}
-		}
-
-		// Copy the octet and move the pointers.
-		*s = append(*s, octet)
-		skip(parser)
-		skip(parser)
-		skip(parser)
-		w--
-	}
-	return true
-}
-
-// Scan a block scalar.
-func yaml_parser_scan_block_scalar(parser *yaml_parser_t, token *yaml_token_t, literal bool) bool {
-	// Eat the indicator '|' or '>'.
-	start_mark := parser.mark
-	skip(parser)
-
-	// Scan the additional block scalar indicators.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-
-	// Check for a chomping indicator.
-	var chomping, increment int
-	if parser.buffer[parser.buffer_pos] == '+' || parser.buffer[parser.buffer_pos] == '-' {
-		// Set the chomping method and eat the indicator.
-		if parser.buffer[parser.buffer_pos] == '+' {
-			chomping = +1
-		} else {
-			chomping = -1
-		}
-		skip(parser)
-
-		// Check for an indentation indicator.
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-		if is_digit(parser.buffer, parser.buffer_pos) {
-			// Check that the indentation is greater than 0.
-			if parser.buffer[parser.buffer_pos] == '0' {
-				yaml_parser_set_scanner_error(parser, "while scanning a block scalar",
-					start_mark, "found an indentation indicator equal to 0")
-				return false
-			}
-
-			// Get the indentation level and eat the indicator.
-			increment = as_digit(parser.buffer, parser.buffer_pos)
-			skip(parser)
-		}
-
-	} else if is_digit(parser.buffer, parser.buffer_pos) {
-		// Do the same as above, but in the opposite order.
-
-		if parser.buffer[parser.buffer_pos] == '0' {
-			yaml_parser_set_scanner_error(parser, "while scanning a block scalar",
-				start_mark, "found an indentation indicator equal to 0")
-			return false
-		}
-		increment = as_digit(parser.buffer, parser.buffer_pos)
-		skip(parser)
-
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-		if parser.buffer[parser.buffer_pos] == '+' || parser.buffer[parser.buffer_pos] == '-' {
-			if parser.buffer[parser.buffer_pos] == '+' {
-				chomping = +1
-			} else {
-				chomping = -1
-			}
-			skip(parser)
-		}
-	}
-
-	// Eat whitespaces and comments to the end of the line.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-	for is_blank(parser.buffer, parser.buffer_pos) {
-		skip(parser)
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-	}
-	if parser.buffer[parser.buffer_pos] == '#' {
-		if !yaml_parser_scan_line_comment(parser, start_mark) {
-			return false
-		}
-		for !is_breakz(parser.buffer, parser.buffer_pos) {
-			skip(parser)
-			if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-				return false
-			}
-		}
-	}
-
-	// Check if we are at the end of the line.
-	if !is_breakz(parser.buffer, parser.buffer_pos) {
-		yaml_parser_set_scanner_error(parser, "while scanning a block scalar",
-			start_mark, "did not find expected comment or line break")
-		return false
-	}
-
-	// Eat a line break.
-	if is_break(parser.buffer, parser.buffer_pos) {
-		if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-			return false
-		}
-		skip_line(parser)
-	}
-
-	end_mark := parser.mark
-
-	// Set the indentation level if it was specified.
-	var indent int
-	if increment > 0 {
-		if parser.indent >= 0 {
-			indent = parser.indent + increment
-		} else {
-			indent = increment
-		}
-	}
-
-	// Scan the leading line breaks and determine the indentation level if needed.
-	var s, leading_break, trailing_breaks []byte
-	if !yaml_parser_scan_block_scalar_breaks(parser, &indent, &trailing_breaks, start_mark, &end_mark) {
-		return false
-	}
-
-	// Scan the block scalar content.
-	if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-		return false
-	}
-	var leading_blank, trailing_blank bool
-	for parser.mark.column == indent && !is_z(parser.buffer, parser.buffer_pos) {
-		// We are at the beginning of a non-empty line.
-
-		// Is it a trailing whitespace?
-		trailing_blank = is_blank(parser.buffer, parser.buffer_pos)
-
-		// Check if we need to fold the leading line break.
-		if !literal && !leading_blank && !trailing_blank && len(leading_break) > 0 && leading_break[0] == '\n' {
-			// Do we need to join the lines by space?
-			if len(trailing_breaks) == 0 {
-				s = append(s, ' ')
-			}
-		} else {
-			s = append(s, leading_break...)
-		}
-		leading_break = leading_break[:0]
-
-		// Append the remaining line breaks.
-		s = append(s, trailing_breaks...)
-		trailing_breaks = trailing_breaks[:0]
-
-		// Is it a leading whitespace?
-		leading_blank = is_blank(parser.buffer, parser.buffer_pos)
-
-		// Consume the current line.
-		for !is_breakz(parser.buffer, parser.buffer_pos) {
-			s = read(parser, s)
-			if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-				return false
-			}
-		}
-
-		// Consume the line break.
-		if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-			return false
-		}
-
-		leading_break = read_line(parser, leading_break)
-
-		// Eat the following indentation spaces and line breaks.
-		if !yaml_parser_scan_block_scalar_breaks(parser, &indent, &trailing_breaks, start_mark, &end_mark) {
-			return false
-		}
-	}
-
-	// Chomp the tail.
-	if chomping != -1 {
-		s = append(s, leading_break...)
-	}
-	if chomping == 1 {
-		s = append(s, trailing_breaks...)
-	}
-
-	// Create a token.
-	*token = yaml_token_t{
-		typ:        yaml_SCALAR_TOKEN,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-		value:      s,
-		style:      yaml_LITERAL_SCALAR_STYLE,
-	}
-	if !literal {
-		token.style = yaml_FOLDED_SCALAR_STYLE
-	}
-	return true
-}
-
-// Scan indentation spaces and line breaks for a block scalar.  Determine the
-// indentation level if needed.
-func yaml_parser_scan_block_scalar_breaks(parser *yaml_parser_t, indent *int, breaks *[]byte, start_mark yaml_mark_t, end_mark *yaml_mark_t) bool {
-	*end_mark = parser.mark
-
-	// Eat the indentation spaces and line breaks.
-	max_indent := 0
-	for {
-		// Eat the indentation spaces.
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-		for (*indent == 0 || parser.mark.column < *indent) && is_space(parser.buffer, parser.buffer_pos) {
-			skip(parser)
-			if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-				return false
-			}
-		}
-		if parser.mark.column > max_indent {
-			max_indent = parser.mark.column
-		}
-
-		// Check for a tab character messing the indentation.
-		if (*indent == 0 || parser.mark.column < *indent) && is_tab(parser.buffer, parser.buffer_pos) {
-			return yaml_parser_set_scanner_error(parser, "while scanning a block scalar",
-				start_mark, "found a tab character where an indentation space is expected")
-		}
-
-		// Have we found a non-empty line?
-		if !is_break(parser.buffer, parser.buffer_pos) {
-			break
-		}
-
-		// Consume the line break.
-		if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-			return false
-		}
-		// [Go] Should really be returning breaks instead.
-		*breaks = read_line(parser, *breaks)
-		*end_mark = parser.mark
-	}
-
-	// Determine the indentation level if needed.
-	if *indent == 0 {
-		*indent = max_indent
-		if *indent < parser.indent+1 {
-			*indent = parser.indent + 1
-		}
-		if *indent < 1 {
-			*indent = 1
-		}
-	}
-	return true
-}
-
-// Scan a quoted scalar.
-func yaml_parser_scan_flow_scalar(parser *yaml_parser_t, token *yaml_token_t, single bool) bool {
-	// Eat the left quote.
-	start_mark := parser.mark
-	skip(parser)
-
-	// Consume the content of the quoted scalar.
-	var s, leading_break, trailing_breaks, whitespaces []byte
-	for {
-		// Check that there are no document indicators at the beginning of the line.
-		if parser.unread < 4 && !yaml_parser_update_buffer(parser, 4) {
-			return false
-		}
-
-		if parser.mark.column == 0 &&
-			((parser.buffer[parser.buffer_pos+0] == '-' &&
-				parser.buffer[parser.buffer_pos+1] == '-' &&
-				parser.buffer[parser.buffer_pos+2] == '-') ||
-				(parser.buffer[parser.buffer_pos+0] == '.' &&
-					parser.buffer[parser.buffer_pos+1] == '.' &&
-					parser.buffer[parser.buffer_pos+2] == '.')) &&
-			is_blankz(parser.buffer, parser.buffer_pos+3) {
-			yaml_parser_set_scanner_error(parser, "while scanning a quoted scalar",
-				start_mark, "found unexpected document indicator")
-			return false
-		}
-
-		// Check for EOF.
-		if is_z(parser.buffer, parser.buffer_pos) {
-			yaml_parser_set_scanner_error(parser, "while scanning a quoted scalar",
-				start_mark, "found unexpected end of stream")
-			return false
-		}
-
-		// Consume non-blank characters.
-		leading_blanks := false
-		for !is_blankz(parser.buffer, parser.buffer_pos) {
-			if single && parser.buffer[parser.buffer_pos] == '\'' && parser.buffer[parser.buffer_pos+1] == '\'' {
-				// Is is an escaped single quote.
-				s = append(s, '\'')
-				skip(parser)
-				skip(parser)
-
-			} else if single && parser.buffer[parser.buffer_pos] == '\'' {
-				// It is a right single quote.
-				break
-			} else if !single && parser.buffer[parser.buffer_pos] == '"' {
-				// It is a right double quote.
-				break
-
-			} else if !single && parser.buffer[parser.buffer_pos] == '\\' && is_break(parser.buffer, parser.buffer_pos+1) {
-				// It is an escaped line break.
-				if parser.unread < 3 && !yaml_parser_update_buffer(parser, 3) {
-					return false
-				}
-				skip(parser)
-				skip_line(parser)
-				leading_blanks = true
-				break
-
-			} else if !single && parser.buffer[parser.buffer_pos] == '\\' {
-				// It is an escape sequence.
-				code_length := 0
-
-				// Check the escape character.
-				switch parser.buffer[parser.buffer_pos+1] {
-				case '0':
-					s = append(s, 0)
-				case 'a':
-					s = append(s, '\x07')
-				case 'b':
-					s = append(s, '\x08')
-				case 't', '\t':
-					s = append(s, '\x09')
-				case 'n':
-					s = append(s, '\x0A')
-				case 'v':
-					s = append(s, '\x0B')
-				case 'f':
-					s = append(s, '\x0C')
-				case 'r':
-					s = append(s, '\x0D')
-				case 'e':
-					s = append(s, '\x1B')
-				case ' ':
-					s = append(s, '\x20')
-				case '"':
-					s = append(s, '"')
-				case '\'':
-					s = append(s, '\'')
-				case '\\':
-					s = append(s, '\\')
-				case 'N': // NEL (#x85)
-					s = append(s, '\xC2')
-					s = append(s, '\x85')
-				case '_': // #xA0
-					s = append(s, '\xC2')
-					s = append(s, '\xA0')
-				case 'L': // LS (#x2028)
-					s = append(s, '\xE2')
-					s = append(s, '\x80')
-					s = append(s, '\xA8')
-				case 'P': // PS (#x2029)
-					s = append(s, '\xE2')
-					s = append(s, '\x80')
-					s = append(s, '\xA9')
-				case 'x':
-					code_length = 2
-				case 'u':
-					code_length = 4
-				case 'U':
-					code_length = 8
-				default:
-					yaml_parser_set_scanner_error(parser, "while parsing a quoted scalar",
-						start_mark, "found unknown escape character")
-					return false
-				}
-
-				skip(parser)
-				skip(parser)
-
-				// Consume an arbitrary escape code.
-				if code_length > 0 {
-					var value int
-
-					// Scan the character value.
-					if parser.unread < code_length && !yaml_parser_update_buffer(parser, code_length) {
-						return false
-					}
-					for k := 0; k < code_length; k++ {
-						if !is_hex(parser.buffer, parser.buffer_pos+k) {
-							yaml_parser_set_scanner_error(parser, "while parsing a quoted scalar",
-								start_mark, "did not find expected hexdecimal number")
-							return false
-						}
-						value = (value << 4) + as_hex(parser.buffer, parser.buffer_pos+k)
-					}
-
-					// Check the value and write the character.
-					if (value >= 0xD800 && value <= 0xDFFF) || value > 0x10FFFF {
-						yaml_parser_set_scanner_error(parser, "while parsing a quoted scalar",
-							start_mark, "found invalid Unicode character escape code")
-						return false
-					}
-					if value <= 0x7F {
-						s = append(s, byte(value))
-					} else if value <= 0x7FF {
-						s = append(s, byte(0xC0+(value>>6)))
-						s = append(s, byte(0x80+(value&0x3F)))
-					} else if value <= 0xFFFF {
-						s = append(s, byte(0xE0+(value>>12)))
-						s = append(s, byte(0x80+((value>>6)&0x3F)))
-						s = append(s, byte(0x80+(value&0x3F)))
-					} else {
-						s = append(s, byte(0xF0+(value>>18)))
-						s = append(s, byte(0x80+((value>>12)&0x3F)))
-						s = append(s, byte(0x80+((value>>6)&0x3F)))
-						s = append(s, byte(0x80+(value&0x3F)))
-					}
-
-					// Advance the pointer.
-					for k := 0; k < code_length; k++ {
-						skip(parser)
-					}
-				}
-			} else {
-				// It is a non-escaped non-blank character.
-				s = read(parser, s)
-			}
-			if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-				return false
-			}
-		}
-
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-
-		// Check if we are at the end of the scalar.
-		if single {
-			if parser.buffer[parser.buffer_pos] == '\'' {
-				break
-			}
-		} else {
-			if parser.buffer[parser.buffer_pos] == '"' {
-				break
-			}
-		}
-
-		// Consume blank characters.
-		for is_blank(parser.buffer, parser.buffer_pos) || is_break(parser.buffer, parser.buffer_pos) {
-			if is_blank(parser.buffer, parser.buffer_pos) {
-				// Consume a space or a tab character.
-				if !leading_blanks {
-					whitespaces = read(parser, whitespaces)
-				} else {
-					skip(parser)
-				}
-			} else {
-				if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-					return false
-				}
-
-				// Check if it is a first line break.
-				if !leading_blanks {
-					whitespaces = whitespaces[:0]
-					leading_break = read_line(parser, leading_break)
-					leading_blanks = true
-				} else {
-					trailing_breaks = read_line(parser, trailing_breaks)
-				}
-			}
-			if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-				return false
-			}
-		}
-
-		// Join the whitespaces or fold line breaks.
-		if leading_blanks {
-			// Do we need to fold line breaks?
-			if len(leading_break) > 0 && leading_break[0] == '\n' {
-				if len(trailing_breaks) == 0 {
-					s = append(s, ' ')
-				} else {
-					s = append(s, trailing_breaks...)
-				}
-			} else {
-				s = append(s, leading_break...)
-				s = append(s, trailing_breaks...)
-			}
-			trailing_breaks = trailing_breaks[:0]
-			leading_break = leading_break[:0]
-		} else {
-			s = append(s, whitespaces...)
-			whitespaces = whitespaces[:0]
-		}
-	}
-
-	// Eat the right quote.
-	skip(parser)
-	end_mark := parser.mark
-
-	// Create a token.
-	*token = yaml_token_t{
-		typ:        yaml_SCALAR_TOKEN,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-		value:      s,
-		style:      yaml_SINGLE_QUOTED_SCALAR_STYLE,
-	}
-	if !single {
-		token.style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
-	}
-	return true
-}
-
-// Scan a plain scalar.
-func yaml_parser_scan_plain_scalar(parser *yaml_parser_t, token *yaml_token_t) bool {
-
-	var s, leading_break, trailing_breaks, whitespaces []byte
-	var leading_blanks bool
-	var indent = parser.indent + 1
-
-	start_mark := parser.mark
-	end_mark := parser.mark
-
-	// Consume the content of the plain scalar.
-	for {
-		// Check for a document indicator.
-		if parser.unread < 4 && !yaml_parser_update_buffer(parser, 4) {
-			return false
-		}
-		if parser.mark.column == 0 &&
-			((parser.buffer[parser.buffer_pos+0] == '-' &&
-				parser.buffer[parser.buffer_pos+1] == '-' &&
-				parser.buffer[parser.buffer_pos+2] == '-') ||
-				(parser.buffer[parser.buffer_pos+0] == '.' &&
-					parser.buffer[parser.buffer_pos+1] == '.' &&
-					parser.buffer[parser.buffer_pos+2] == '.')) &&
-			is_blankz(parser.buffer, parser.buffer_pos+3) {
-			break
-		}
-
-		// Check for a comment.
-		if parser.buffer[parser.buffer_pos] == '#' {
-			break
-		}
-
-		// Consume non-blank characters.
-		for !is_blankz(parser.buffer, parser.buffer_pos) {
-
-			// Check for indicators that may end a plain scalar.
-			if (parser.buffer[parser.buffer_pos] == ':' && is_blankz(parser.buffer, parser.buffer_pos+1)) ||
-				(parser.flow_level > 0 &&
-					(parser.buffer[parser.buffer_pos] == ',' ||
-						parser.buffer[parser.buffer_pos] == '?' || parser.buffer[parser.buffer_pos] == '[' ||
-						parser.buffer[parser.buffer_pos] == ']' || parser.buffer[parser.buffer_pos] == '{' ||
-						parser.buffer[parser.buffer_pos] == '}')) {
-				break
-			}
-
-			// Check if we need to join whitespaces and breaks.
-			if leading_blanks || len(whitespaces) > 0 {
-				if leading_blanks {
-					// Do we need to fold line breaks?
-					if leading_break[0] == '\n' {
-						if len(trailing_breaks) == 0 {
-							s = append(s, ' ')
-						} else {
-							s = append(s, trailing_breaks...)
-						}
-					} else {
-						s = append(s, leading_break...)
-						s = append(s, trailing_breaks...)
-					}
-					trailing_breaks = trailing_breaks[:0]
-					leading_break = leading_break[:0]
-					leading_blanks = false
-				} else {
-					s = append(s, whitespaces...)
-					whitespaces = whitespaces[:0]
-				}
-			}
-
-			// Copy the character.
-			s = read(parser, s)
-
-			end_mark = parser.mark
-			if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-				return false
-			}
-		}
-
-		// Is it the end?
-		if !(is_blank(parser.buffer, parser.buffer_pos) || is_break(parser.buffer, parser.buffer_pos)) {
-			break
-		}
-
-		// Consume blank characters.
-		if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-			return false
-		}
-
-		for is_blank(parser.buffer, parser.buffer_pos) || is_break(parser.buffer, parser.buffer_pos) {
-			if is_blank(parser.buffer, parser.buffer_pos) {
-
-				// Check for tab characters that abuse indentation.
-				if leading_blanks && parser.mark.column < indent && is_tab(parser.buffer, parser.buffer_pos) {
-					yaml_parser_set_scanner_error(parser, "while scanning a plain scalar",
-						start_mark, "found a tab character that violates indentation")
-					return false
-				}
-
-				// Consume a space or a tab character.
-				if !leading_blanks {
-					whitespaces = read(parser, whitespaces)
-				} else {
-					skip(parser)
-				}
-			} else {
-				if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-					return false
-				}
-
-				// Check if it is a first line break.
-				if !leading_blanks {
-					whitespaces = whitespaces[:0]
-					leading_break = read_line(parser, leading_break)
-					leading_blanks = true
-				} else {
-					trailing_breaks = read_line(parser, trailing_breaks)
-				}
-			}
-			if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-				return false
-			}
-		}
-
-		// Check indentation level.
-		if parser.flow_level == 0 && parser.mark.column < indent {
-			break
-		}
-	}
-
-	// Create a token.
-	*token = yaml_token_t{
-		typ:        yaml_SCALAR_TOKEN,
-		start_mark: start_mark,
-		end_mark:   end_mark,
-		value:      s,
-		style:      yaml_PLAIN_SCALAR_STYLE,
-	}
-
-	// Note that we change the 'simple_key_allowed' flag.
-	if leading_blanks {
-		parser.simple_key_allowed = true
-	}
-	return true
-}
-
-func yaml_parser_scan_line_comment(parser *yaml_parser_t, token_mark yaml_mark_t) bool {
-	if parser.newlines > 0 {
-		return true
-	}
-
-	var start_mark yaml_mark_t
-	var text []byte
-
-	for peek := 0; peek < 512; peek++ {
-		if parser.unread < peek+1 && !yaml_parser_update_buffer(parser, peek+1) {
-			break
-		}
-		if is_blank(parser.buffer, parser.buffer_pos+peek) {
-			continue
-		}
-		if parser.buffer[parser.buffer_pos+peek] == '#' {
-			seen := parser.mark.index+peek
-			for {
-				if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-					return false
-				}
-				if is_breakz(parser.buffer, parser.buffer_pos) {
-					if parser.mark.index >= seen {
-						break
-					}
-					if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-						return false
-					}
-					skip_line(parser)
-				} else if parser.mark.index >= seen {
-					if len(text) == 0 {
-						start_mark = parser.mark
-					}
-					text = read(parser, text)
-				} else {
-					skip(parser)
-				}
-			}
-		}
-		break
-	}
-	if len(text) > 0 {
-		parser.comments = append(parser.comments, yaml_comment_t{
-			token_mark: token_mark,
-			start_mark: start_mark,
-			line: text,
-		})
-	}
-	return true
-}
-
-func yaml_parser_scan_comments(parser *yaml_parser_t, scan_mark yaml_mark_t) bool {
-	token := parser.tokens[len(parser.tokens)-1]
-
-	if token.typ == yaml_FLOW_ENTRY_TOKEN && len(parser.tokens) > 1 {
-		token = parser.tokens[len(parser.tokens)-2]
-	}
-
-	var token_mark = token.start_mark
-	var start_mark yaml_mark_t
-	var next_indent = parser.indent
-	if next_indent < 0 {
-		next_indent = 0
-	}
-
-	var recent_empty = false
-	var first_empty = parser.newlines <= 1
-
-	var line = parser.mark.line
-	var column = parser.mark.column
-
-	var text []byte
-
-	// The foot line is the place where a comment must start to
-	// still be considered as a foot of the prior content.
-	// If there's some content in the currently parsed line, then
-	// the foot is the line below it.
-	var foot_line = -1
-	if scan_mark.line > 0 {
-		foot_line = parser.mark.line-parser.newlines+1
-		if parser.newlines == 0 && parser.mark.column > 1 {
-			foot_line++
-		}
-	}
-
-	var peek = 0
-	for ; peek < 512; peek++ {
-		if parser.unread < peek+1 && !yaml_parser_update_buffer(parser, peek+1) {
-			break
-		}
-		column++
-		if is_blank(parser.buffer, parser.buffer_pos+peek) {
-			continue
-		}
-		c := parser.buffer[parser.buffer_pos+peek]
-		var close_flow = parser.flow_level > 0 && (c == ']' || c == '}')
-		if close_flow || is_breakz(parser.buffer, parser.buffer_pos+peek) {
-			// Got line break or terminator.
-			if close_flow || !recent_empty {
-				if close_flow || first_empty && (start_mark.line == foot_line && token.typ != yaml_VALUE_TOKEN || start_mark.column-1 < next_indent) {
-					// This is the first empty line and there were no empty lines before,
-					// so this initial part of the comment is a foot of the prior token
-					// instead of being a head for the following one. Split it up.
-					// Alternatively, this might also be the last comment inside a flow
-					// scope, so it must be a footer.
-					if len(text) > 0 {
-						if start_mark.column-1 < next_indent {
-							// If dedented it's unrelated to the prior token.
-							token_mark = start_mark
-						}
-						parser.comments = append(parser.comments, yaml_comment_t{
-							scan_mark:  scan_mark,
-							token_mark: token_mark,
-							start_mark: start_mark,
-							end_mark:   yaml_mark_t{parser.mark.index + peek, line, column},
-							foot:       text,
-						})
-						scan_mark = yaml_mark_t{parser.mark.index + peek, line, column}
-						token_mark = scan_mark
-						text = nil
-					}
-				} else {
-					if len(text) > 0 && parser.buffer[parser.buffer_pos+peek] != 0 {
-						text = append(text, '\n')
-					}
-				}
-			}
-			if !is_break(parser.buffer, parser.buffer_pos+peek) {
-				break
-			}
-			first_empty = false
-			recent_empty = true
-			column = 0
-			line++
-			continue
-		}
-
-		if len(text) > 0 && (close_flow || column-1 < next_indent && column != start_mark.column) {
-			// The comment at the different indentation is a foot of the
-			// preceding data rather than a head of the upcoming one.
-			parser.comments = append(parser.comments, yaml_comment_t{
-				scan_mark:  scan_mark,
-				token_mark: token_mark,
-				start_mark: start_mark,
-				end_mark:   yaml_mark_t{parser.mark.index + peek, line, column},
-				foot:       text,
-			})
-			scan_mark = yaml_mark_t{parser.mark.index + peek, line, column}
-			token_mark = scan_mark
-			text = nil
-		}
-
-		if parser.buffer[parser.buffer_pos+peek] != '#' {
-			break
-		}
-
-		if len(text) == 0 {
-			start_mark = yaml_mark_t{parser.mark.index + peek, line, column}
-		} else {
-			text = append(text, '\n')
-		}
-
-		recent_empty = false
-
-		// Consume until after the consumed comment line.
-		seen := parser.mark.index+peek
-		for {
-			if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
-				return false
-			}
-			if is_breakz(parser.buffer, parser.buffer_pos) {
-				if parser.mark.index >= seen {
-					break
-				}
-				if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
-					return false
-				}
-				skip_line(parser)
-			} else if parser.mark.index >= seen {
-				text = read(parser, text)
-			} else {
-				skip(parser)
-			}
-		}
-
-		peek = 0
-		column = 0
-		line = parser.mark.line
-		next_indent = parser.indent
-		if next_indent < 0 {
-			next_indent = 0
-		}
-	}
-
-	if len(text) > 0 {
-		parser.comments = append(parser.comments, yaml_comment_t{
-			scan_mark:  scan_mark,
-			token_mark: start_mark,
-			start_mark: start_mark,
-			end_mark:   yaml_mark_t{parser.mark.index + peek - 1, line, column},
-			head:       text,
-		})
-	}
-	return true
-}
diff --git a/vendor/gopkg.in/yaml.v3/sorter.go b/vendor/gopkg.in/yaml.v3/sorter.go
deleted file mode 100644
index 9210ece7e..000000000
--- a/vendor/gopkg.in/yaml.v3/sorter.go
+++ /dev/null
@@ -1,134 +0,0 @@
-//
-// Copyright (c) 2011-2019 Canonical Ltd
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package yaml
-
-import (
-	"reflect"
-	"unicode"
-)
-
-type keyList []reflect.Value
-
-func (l keyList) Len() int      { return len(l) }
-func (l keyList) Swap(i, j int) { l[i], l[j] = l[j], l[i] }
-func (l keyList) Less(i, j int) bool {
-	a := l[i]
-	b := l[j]
-	ak := a.Kind()
-	bk := b.Kind()
-	for (ak == reflect.Interface || ak == reflect.Ptr) && !a.IsNil() {
-		a = a.Elem()
-		ak = a.Kind()
-	}
-	for (bk == reflect.Interface || bk == reflect.Ptr) && !b.IsNil() {
-		b = b.Elem()
-		bk = b.Kind()
-	}
-	af, aok := keyFloat(a)
-	bf, bok := keyFloat(b)
-	if aok && bok {
-		if af != bf {
-			return af < bf
-		}
-		if ak != bk {
-			return ak < bk
-		}
-		return numLess(a, b)
-	}
-	if ak != reflect.String || bk != reflect.String {
-		return ak < bk
-	}
-	ar, br := []rune(a.String()), []rune(b.String())
-	digits := false
-	for i := 0; i < len(ar) && i < len(br); i++ {
-		if ar[i] == br[i] {
-			digits = unicode.IsDigit(ar[i])
-			continue
-		}
-		al := unicode.IsLetter(ar[i])
-		bl := unicode.IsLetter(br[i])
-		if al && bl {
-			return ar[i] < br[i]
-		}
-		if al || bl {
-			if digits {
-				return al
-			} else {
-				return bl
-			}
-		}
-		var ai, bi int
-		var an, bn int64
-		if ar[i] == '0' || br[i] == '0' {
-			for j := i - 1; j >= 0 && unicode.IsDigit(ar[j]); j-- {
-				if ar[j] != '0' {
-					an = 1
-					bn = 1
-					break
-				}
-			}
-		}
-		for ai = i; ai < len(ar) && unicode.IsDigit(ar[ai]); ai++ {
-			an = an*10 + int64(ar[ai]-'0')
-		}
-		for bi = i; bi < len(br) && unicode.IsDigit(br[bi]); bi++ {
-			bn = bn*10 + int64(br[bi]-'0')
-		}
-		if an != bn {
-			return an < bn
-		}
-		if ai != bi {
-			return ai < bi
-		}
-		return ar[i] < br[i]
-	}
-	return len(ar) < len(br)
-}
-
-// keyFloat returns a float value for v if it is a number/bool
-// and whether it is a number/bool or not.
-func keyFloat(v reflect.Value) (f float64, ok bool) {
-	switch v.Kind() {
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		return float64(v.Int()), true
-	case reflect.Float32, reflect.Float64:
-		return v.Float(), true
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		return float64(v.Uint()), true
-	case reflect.Bool:
-		if v.Bool() {
-			return 1, true
-		}
-		return 0, true
-	}
-	return 0, false
-}
-
-// numLess returns whether a < b.
-// a and b must necessarily have the same kind.
-func numLess(a, b reflect.Value) bool {
-	switch a.Kind() {
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		return a.Int() < b.Int()
-	case reflect.Float32, reflect.Float64:
-		return a.Float() < b.Float()
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		return a.Uint() < b.Uint()
-	case reflect.Bool:
-		return !a.Bool() && b.Bool()
-	}
-	panic("not a number")
-}
diff --git a/vendor/gopkg.in/yaml.v3/writerc.go b/vendor/gopkg.in/yaml.v3/writerc.go
deleted file mode 100644
index b8a116bf9..000000000
--- a/vendor/gopkg.in/yaml.v3/writerc.go
+++ /dev/null
@@ -1,48 +0,0 @@
-// 
-// Copyright (c) 2011-2019 Canonical Ltd
-// Copyright (c) 2006-2010 Kirill Simonov
-// 
-// Permission is hereby granted, free of charge, to any person obtaining a copy of
-// this software and associated documentation files (the "Software"), to deal in
-// the Software without restriction, including without limitation the rights to
-// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-// of the Software, and to permit persons to whom the Software is furnished to do
-// so, subject to the following conditions:
-// 
-// The above copyright notice and this permission notice shall be included in all
-// copies or substantial portions of the Software.
-// 
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-// SOFTWARE.
-
-package yaml
-
-// Set the writer error and return false.
-func yaml_emitter_set_writer_error(emitter *yaml_emitter_t, problem string) bool {
-	emitter.error = yaml_WRITER_ERROR
-	emitter.problem = problem
-	return false
-}
-
-// Flush the output buffer.
-func yaml_emitter_flush(emitter *yaml_emitter_t) bool {
-	if emitter.write_handler == nil {
-		panic("write handler not set")
-	}
-
-	// Check if the buffer is empty.
-	if emitter.buffer_pos == 0 {
-		return true
-	}
-
-	if err := emitter.write_handler(emitter, emitter.buffer[:emitter.buffer_pos]); err != nil {
-		return yaml_emitter_set_writer_error(emitter, "write error: "+err.Error())
-	}
-	emitter.buffer_pos = 0
-	return true
-}
diff --git a/vendor/gopkg.in/yaml.v3/yaml.go b/vendor/gopkg.in/yaml.v3/yaml.go
deleted file mode 100644
index 8cec6da48..000000000
--- a/vendor/gopkg.in/yaml.v3/yaml.go
+++ /dev/null
@@ -1,698 +0,0 @@
-//
-// Copyright (c) 2011-2019 Canonical Ltd
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-// Package yaml implements YAML support for the Go language.
-//
-// Source code and other details for the project are available at GitHub:
-//
-//   https://github.com/go-yaml/yaml
-//
-package yaml
-
-import (
-	"errors"
-	"fmt"
-	"io"
-	"reflect"
-	"strings"
-	"sync"
-	"unicode/utf8"
-)
-
-// The Unmarshaler interface may be implemented by types to customize their
-// behavior when being unmarshaled from a YAML document.
-type Unmarshaler interface {
-	UnmarshalYAML(value *Node) error
-}
-
-type obsoleteUnmarshaler interface {
-	UnmarshalYAML(unmarshal func(interface{}) error) error
-}
-
-// The Marshaler interface may be implemented by types to customize their
-// behavior when being marshaled into a YAML document. The returned value
-// is marshaled in place of the original value implementing Marshaler.
-//
-// If an error is returned by MarshalYAML, the marshaling procedure stops
-// and returns with the provided error.
-type Marshaler interface {
-	MarshalYAML() (interface{}, error)
-}
-
-// Unmarshal decodes the first document found within the in byte slice
-// and assigns decoded values into the out value.
-//
-// Maps and pointers (to a struct, string, int, etc) are accepted as out
-// values. If an internal pointer within a struct is not initialized,
-// the yaml package will initialize it if necessary for unmarshalling
-// the provided data. The out parameter must not be nil.
-//
-// The type of the decoded values should be compatible with the respective
-// values in out. If one or more values cannot be decoded due to a type
-// mismatches, decoding continues partially until the end of the YAML
-// content, and a *yaml.TypeError is returned with details for all
-// missed values.
-//
-// Struct fields are only unmarshalled if they are exported (have an
-// upper case first letter), and are unmarshalled using the field name
-// lowercased as the default key. Custom keys may be defined via the
-// "yaml" name in the field tag: the content preceding the first comma
-// is used as the key, and the following comma-separated options are
-// used to tweak the marshalling process (see Marshal).
-// Conflicting names result in a runtime error.
-//
-// For example:
-//
-//     type T struct {
-//         F int `yaml:"a,omitempty"`
-//         B int
-//     }
-//     var t T
-//     yaml.Unmarshal([]byte("a: 1\nb: 2"), &t)
-//
-// See the documentation of Marshal for the format of tags and a list of
-// supported tag options.
-//
-func Unmarshal(in []byte, out interface{}) (err error) {
-	return unmarshal(in, out, false)
-}
-
-// A Decoder reads and decodes YAML values from an input stream.
-type Decoder struct {
-	parser      *parser
-	knownFields bool
-}
-
-// NewDecoder returns a new decoder that reads from r.
-//
-// The decoder introduces its own buffering and may read
-// data from r beyond the YAML values requested.
-func NewDecoder(r io.Reader) *Decoder {
-	return &Decoder{
-		parser: newParserFromReader(r),
-	}
-}
-
-// KnownFields ensures that the keys in decoded mappings to
-// exist as fields in the struct being decoded into.
-func (dec *Decoder) KnownFields(enable bool) {
-	dec.knownFields = enable
-}
-
-// Decode reads the next YAML-encoded value from its input
-// and stores it in the value pointed to by v.
-//
-// See the documentation for Unmarshal for details about the
-// conversion of YAML into a Go value.
-func (dec *Decoder) Decode(v interface{}) (err error) {
-	d := newDecoder()
-	d.knownFields = dec.knownFields
-	defer handleErr(&err)
-	node := dec.parser.parse()
-	if node == nil {
-		return io.EOF
-	}
-	out := reflect.ValueOf(v)
-	if out.Kind() == reflect.Ptr && !out.IsNil() {
-		out = out.Elem()
-	}
-	d.unmarshal(node, out)
-	if len(d.terrors) > 0 {
-		return &TypeError{d.terrors}
-	}
-	return nil
-}
-
-// Decode decodes the node and stores its data into the value pointed to by v.
-//
-// See the documentation for Unmarshal for details about the
-// conversion of YAML into a Go value.
-func (n *Node) Decode(v interface{}) (err error) {
-	d := newDecoder()
-	defer handleErr(&err)
-	out := reflect.ValueOf(v)
-	if out.Kind() == reflect.Ptr && !out.IsNil() {
-		out = out.Elem()
-	}
-	d.unmarshal(n, out)
-	if len(d.terrors) > 0 {
-		return &TypeError{d.terrors}
-	}
-	return nil
-}
-
-func unmarshal(in []byte, out interface{}, strict bool) (err error) {
-	defer handleErr(&err)
-	d := newDecoder()
-	p := newParser(in)
-	defer p.destroy()
-	node := p.parse()
-	if node != nil {
-		v := reflect.ValueOf(out)
-		if v.Kind() == reflect.Ptr && !v.IsNil() {
-			v = v.Elem()
-		}
-		d.unmarshal(node, v)
-	}
-	if len(d.terrors) > 0 {
-		return &TypeError{d.terrors}
-	}
-	return nil
-}
-
-// Marshal serializes the value provided into a YAML document. The structure
-// of the generated document will reflect the structure of the value itself.
-// Maps and pointers (to struct, string, int, etc) are accepted as the in value.
-//
-// Struct fields are only marshalled if they are exported (have an upper case
-// first letter), and are marshalled using the field name lowercased as the
-// default key. Custom keys may be defined via the "yaml" name in the field
-// tag: the content preceding the first comma is used as the key, and the
-// following comma-separated options are used to tweak the marshalling process.
-// Conflicting names result in a runtime error.
-//
-// The field tag format accepted is:
-//
-//     `(...) yaml:"[][,[,]]" (...)`
-//
-// The following flags are currently supported:
-//
-//     omitempty    Only include the field if it's not set to the zero
-//                  value for the type or to empty slices or maps.
-//                  Zero valued structs will be omitted if all their public
-//                  fields are zero, unless they implement an IsZero
-//                  method (see the IsZeroer interface type), in which
-//                  case the field will be excluded if IsZero returns true.
-//
-//     flow         Marshal using a flow style (useful for structs,
-//                  sequences and maps).
-//
-//     inline       Inline the field, which must be a struct or a map,
-//                  causing all of its fields or keys to be processed as if
-//                  they were part of the outer struct. For maps, keys must
-//                  not conflict with the yaml keys of other struct fields.
-//
-// In addition, if the key is "-", the field is ignored.
-//
-// For example:
-//
-//     type T struct {
-//         F int `yaml:"a,omitempty"`
-//         B int
-//     }
-//     yaml.Marshal(&T{B: 2}) // Returns "b: 2\n"
-//     yaml.Marshal(&T{F: 1}} // Returns "a: 1\nb: 0\n"
-//
-func Marshal(in interface{}) (out []byte, err error) {
-	defer handleErr(&err)
-	e := newEncoder()
-	defer e.destroy()
-	e.marshalDoc("", reflect.ValueOf(in))
-	e.finish()
-	out = e.out
-	return
-}
-
-// An Encoder writes YAML values to an output stream.
-type Encoder struct {
-	encoder *encoder
-}
-
-// NewEncoder returns a new encoder that writes to w.
-// The Encoder should be closed after use to flush all data
-// to w.
-func NewEncoder(w io.Writer) *Encoder {
-	return &Encoder{
-		encoder: newEncoderWithWriter(w),
-	}
-}
-
-// Encode writes the YAML encoding of v to the stream.
-// If multiple items are encoded to the stream, the
-// second and subsequent document will be preceded
-// with a "---" document separator, but the first will not.
-//
-// See the documentation for Marshal for details about the conversion of Go
-// values to YAML.
-func (e *Encoder) Encode(v interface{}) (err error) {
-	defer handleErr(&err)
-	e.encoder.marshalDoc("", reflect.ValueOf(v))
-	return nil
-}
-
-// Encode encodes value v and stores its representation in n.
-//
-// See the documentation for Marshal for details about the
-// conversion of Go values into YAML.
-func (n *Node) Encode(v interface{}) (err error) {
-	defer handleErr(&err)
-	e := newEncoder()
-	defer e.destroy()
-	e.marshalDoc("", reflect.ValueOf(v))
-	e.finish()
-	p := newParser(e.out)
-	p.textless = true
-	defer p.destroy()
-	doc := p.parse()
-	*n = *doc.Content[0]
-	return nil
-}
-
-// SetIndent changes the used indentation used when encoding.
-func (e *Encoder) SetIndent(spaces int) {
-	if spaces < 0 {
-		panic("yaml: cannot indent to a negative number of spaces")
-	}
-	e.encoder.indent = spaces
-}
-
-// Close closes the encoder by writing any remaining data.
-// It does not write a stream terminating string "...".
-func (e *Encoder) Close() (err error) {
-	defer handleErr(&err)
-	e.encoder.finish()
-	return nil
-}
-
-func handleErr(err *error) {
-	if v := recover(); v != nil {
-		if e, ok := v.(yamlError); ok {
-			*err = e.err
-		} else {
-			panic(v)
-		}
-	}
-}
-
-type yamlError struct {
-	err error
-}
-
-func fail(err error) {
-	panic(yamlError{err})
-}
-
-func failf(format string, args ...interface{}) {
-	panic(yamlError{fmt.Errorf("yaml: "+format, args...)})
-}
-
-// A TypeError is returned by Unmarshal when one or more fields in
-// the YAML document cannot be properly decoded into the requested
-// types. When this error is returned, the value is still
-// unmarshaled partially.
-type TypeError struct {
-	Errors []string
-}
-
-func (e *TypeError) Error() string {
-	return fmt.Sprintf("yaml: unmarshal errors:\n  %s", strings.Join(e.Errors, "\n  "))
-}
-
-type Kind uint32
-
-const (
-	DocumentNode Kind = 1 << iota
-	SequenceNode
-	MappingNode
-	ScalarNode
-	AliasNode
-)
-
-type Style uint32
-
-const (
-	TaggedStyle Style = 1 << iota
-	DoubleQuotedStyle
-	SingleQuotedStyle
-	LiteralStyle
-	FoldedStyle
-	FlowStyle
-)
-
-// Node represents an element in the YAML document hierarchy. While documents
-// are typically encoded and decoded into higher level types, such as structs
-// and maps, Node is an intermediate representation that allows detailed
-// control over the content being decoded or encoded.
-//
-// It's worth noting that although Node offers access into details such as
-// line numbers, colums, and comments, the content when re-encoded will not
-// have its original textual representation preserved. An effort is made to
-// render the data plesantly, and to preserve comments near the data they
-// describe, though.
-//
-// Values that make use of the Node type interact with the yaml package in the
-// same way any other type would do, by encoding and decoding yaml data
-// directly or indirectly into them.
-//
-// For example:
-//
-//     var person struct {
-//             Name    string
-//             Address yaml.Node
-//     }
-//     err := yaml.Unmarshal(data, &person)
-// 
-// Or by itself:
-//
-//     var person Node
-//     err := yaml.Unmarshal(data, &person)
-//
-type Node struct {
-	// Kind defines whether the node is a document, a mapping, a sequence,
-	// a scalar value, or an alias to another node. The specific data type of
-	// scalar nodes may be obtained via the ShortTag and LongTag methods.
-	Kind  Kind
-
-	// Style allows customizing the apperance of the node in the tree.
-	Style Style
-
-	// Tag holds the YAML tag defining the data type for the value.
-	// When decoding, this field will always be set to the resolved tag,
-	// even when it wasn't explicitly provided in the YAML content.
-	// When encoding, if this field is unset the value type will be
-	// implied from the node properties, and if it is set, it will only
-	// be serialized into the representation if TaggedStyle is used or
-	// the implicit tag diverges from the provided one.
-	Tag string
-
-	// Value holds the unescaped and unquoted represenation of the value.
-	Value string
-
-	// Anchor holds the anchor name for this node, which allows aliases to point to it.
-	Anchor string
-
-	// Alias holds the node that this alias points to. Only valid when Kind is AliasNode.
-	Alias *Node
-
-	// Content holds contained nodes for documents, mappings, and sequences.
-	Content []*Node
-
-	// HeadComment holds any comments in the lines preceding the node and
-	// not separated by an empty line.
-	HeadComment string
-
-	// LineComment holds any comments at the end of the line where the node is in.
-	LineComment string
-
-	// FootComment holds any comments following the node and before empty lines.
-	FootComment string
-
-	// Line and Column hold the node position in the decoded YAML text.
-	// These fields are not respected when encoding the node.
-	Line   int
-	Column int
-}
-
-// IsZero returns whether the node has all of its fields unset.
-func (n *Node) IsZero() bool {
-	return n.Kind == 0 && n.Style == 0 && n.Tag == "" && n.Value == "" && n.Anchor == "" && n.Alias == nil && n.Content == nil &&
-		n.HeadComment == "" && n.LineComment == "" && n.FootComment == "" && n.Line == 0 && n.Column == 0
-}
-
-
-// LongTag returns the long form of the tag that indicates the data type for
-// the node. If the Tag field isn't explicitly defined, one will be computed
-// based on the node properties.
-func (n *Node) LongTag() string {
-	return longTag(n.ShortTag())
-}
-
-// ShortTag returns the short form of the YAML tag that indicates data type for
-// the node. If the Tag field isn't explicitly defined, one will be computed
-// based on the node properties.
-func (n *Node) ShortTag() string {
-	if n.indicatedString() {
-		return strTag
-	}
-	if n.Tag == "" || n.Tag == "!" {
-		switch n.Kind {
-		case MappingNode:
-			return mapTag
-		case SequenceNode:
-			return seqTag
-		case AliasNode:
-			if n.Alias != nil {
-				return n.Alias.ShortTag()
-			}
-		case ScalarNode:
-			tag, _ := resolve("", n.Value)
-			return tag
-		case 0:
-			// Special case to make the zero value convenient.
-			if n.IsZero() {
-				return nullTag
-			}
-		}
-		return ""
-	}
-	return shortTag(n.Tag)
-}
-
-func (n *Node) indicatedString() bool {
-	return n.Kind == ScalarNode &&
-		(shortTag(n.Tag) == strTag ||
-			(n.Tag == "" || n.Tag == "!") && n.Style&(SingleQuotedStyle|DoubleQuotedStyle|LiteralStyle|FoldedStyle) != 0)
-}
-
-// SetString is a convenience function that sets the node to a string value
-// and defines its style in a pleasant way depending on its content.
-func (n *Node) SetString(s string) {
-	n.Kind = ScalarNode
-	if utf8.ValidString(s) {
-		n.Value = s
-		n.Tag = strTag
-	} else {
-		n.Value = encodeBase64(s)
-		n.Tag = binaryTag
-	}
-	if strings.Contains(n.Value, "\n") {
-		n.Style = LiteralStyle
-	}
-}
-
-// --------------------------------------------------------------------------
-// Maintain a mapping of keys to structure field indexes
-
-// The code in this section was copied from mgo/bson.
-
-// structInfo holds details for the serialization of fields of
-// a given struct.
-type structInfo struct {
-	FieldsMap  map[string]fieldInfo
-	FieldsList []fieldInfo
-
-	// InlineMap is the number of the field in the struct that
-	// contains an ,inline map, or -1 if there's none.
-	InlineMap int
-
-	// InlineUnmarshalers holds indexes to inlined fields that
-	// contain unmarshaler values.
-	InlineUnmarshalers [][]int
-}
-
-type fieldInfo struct {
-	Key       string
-	Num       int
-	OmitEmpty bool
-	Flow      bool
-	// Id holds the unique field identifier, so we can cheaply
-	// check for field duplicates without maintaining an extra map.
-	Id int
-
-	// Inline holds the field index if the field is part of an inlined struct.
-	Inline []int
-}
-
-var structMap = make(map[reflect.Type]*structInfo)
-var fieldMapMutex sync.RWMutex
-var unmarshalerType reflect.Type
-
-func init() {
-	var v Unmarshaler
-	unmarshalerType = reflect.ValueOf(&v).Elem().Type()
-}
-
-func getStructInfo(st reflect.Type) (*structInfo, error) {
-	fieldMapMutex.RLock()
-	sinfo, found := structMap[st]
-	fieldMapMutex.RUnlock()
-	if found {
-		return sinfo, nil
-	}
-
-	n := st.NumField()
-	fieldsMap := make(map[string]fieldInfo)
-	fieldsList := make([]fieldInfo, 0, n)
-	inlineMap := -1
-	inlineUnmarshalers := [][]int(nil)
-	for i := 0; i != n; i++ {
-		field := st.Field(i)
-		if field.PkgPath != "" && !field.Anonymous {
-			continue // Private field
-		}
-
-		info := fieldInfo{Num: i}
-
-		tag := field.Tag.Get("yaml")
-		if tag == "" && strings.Index(string(field.Tag), ":") < 0 {
-			tag = string(field.Tag)
-		}
-		if tag == "-" {
-			continue
-		}
-
-		inline := false
-		fields := strings.Split(tag, ",")
-		if len(fields) > 1 {
-			for _, flag := range fields[1:] {
-				switch flag {
-				case "omitempty":
-					info.OmitEmpty = true
-				case "flow":
-					info.Flow = true
-				case "inline":
-					inline = true
-				default:
-					return nil, errors.New(fmt.Sprintf("unsupported flag %q in tag %q of type %s", flag, tag, st))
-				}
-			}
-			tag = fields[0]
-		}
-
-		if inline {
-			switch field.Type.Kind() {
-			case reflect.Map:
-				if inlineMap >= 0 {
-					return nil, errors.New("multiple ,inline maps in struct " + st.String())
-				}
-				if field.Type.Key() != reflect.TypeOf("") {
-					return nil, errors.New("option ,inline needs a map with string keys in struct " + st.String())
-				}
-				inlineMap = info.Num
-			case reflect.Struct, reflect.Ptr:
-				ftype := field.Type
-				for ftype.Kind() == reflect.Ptr {
-					ftype = ftype.Elem()
-				}
-				if ftype.Kind() != reflect.Struct {
-					return nil, errors.New("option ,inline may only be used on a struct or map field")
-				}
-				if reflect.PtrTo(ftype).Implements(unmarshalerType) {
-					inlineUnmarshalers = append(inlineUnmarshalers, []int{i})
-				} else {
-					sinfo, err := getStructInfo(ftype)
-					if err != nil {
-						return nil, err
-					}
-					for _, index := range sinfo.InlineUnmarshalers {
-						inlineUnmarshalers = append(inlineUnmarshalers, append([]int{i}, index...))
-					}
-					for _, finfo := range sinfo.FieldsList {
-						if _, found := fieldsMap[finfo.Key]; found {
-							msg := "duplicated key '" + finfo.Key + "' in struct " + st.String()
-							return nil, errors.New(msg)
-						}
-						if finfo.Inline == nil {
-							finfo.Inline = []int{i, finfo.Num}
-						} else {
-							finfo.Inline = append([]int{i}, finfo.Inline...)
-						}
-						finfo.Id = len(fieldsList)
-						fieldsMap[finfo.Key] = finfo
-						fieldsList = append(fieldsList, finfo)
-					}
-				}
-			default:
-				return nil, errors.New("option ,inline may only be used on a struct or map field")
-			}
-			continue
-		}
-
-		if tag != "" {
-			info.Key = tag
-		} else {
-			info.Key = strings.ToLower(field.Name)
-		}
-
-		if _, found = fieldsMap[info.Key]; found {
-			msg := "duplicated key '" + info.Key + "' in struct " + st.String()
-			return nil, errors.New(msg)
-		}
-
-		info.Id = len(fieldsList)
-		fieldsList = append(fieldsList, info)
-		fieldsMap[info.Key] = info
-	}
-
-	sinfo = &structInfo{
-		FieldsMap:          fieldsMap,
-		FieldsList:         fieldsList,
-		InlineMap:          inlineMap,
-		InlineUnmarshalers: inlineUnmarshalers,
-	}
-
-	fieldMapMutex.Lock()
-	structMap[st] = sinfo
-	fieldMapMutex.Unlock()
-	return sinfo, nil
-}
-
-// IsZeroer is used to check whether an object is zero to
-// determine whether it should be omitted when marshaling
-// with the omitempty flag. One notable implementation
-// is time.Time.
-type IsZeroer interface {
-	IsZero() bool
-}
-
-func isZero(v reflect.Value) bool {
-	kind := v.Kind()
-	if z, ok := v.Interface().(IsZeroer); ok {
-		if (kind == reflect.Ptr || kind == reflect.Interface) && v.IsNil() {
-			return true
-		}
-		return z.IsZero()
-	}
-	switch kind {
-	case reflect.String:
-		return len(v.String()) == 0
-	case reflect.Interface, reflect.Ptr:
-		return v.IsNil()
-	case reflect.Slice:
-		return v.Len() == 0
-	case reflect.Map:
-		return v.Len() == 0
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		return v.Int() == 0
-	case reflect.Float32, reflect.Float64:
-		return v.Float() == 0
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		return v.Uint() == 0
-	case reflect.Bool:
-		return !v.Bool()
-	case reflect.Struct:
-		vt := v.Type()
-		for i := v.NumField() - 1; i >= 0; i-- {
-			if vt.Field(i).PkgPath != "" {
-				continue // Private field
-			}
-			if !isZero(v.Field(i)) {
-				return false
-			}
-		}
-		return true
-	}
-	return false
-}
diff --git a/vendor/gopkg.in/yaml.v3/yamlh.go b/vendor/gopkg.in/yaml.v3/yamlh.go
deleted file mode 100644
index 7c6d00770..000000000
--- a/vendor/gopkg.in/yaml.v3/yamlh.go
+++ /dev/null
@@ -1,807 +0,0 @@
-//
-// Copyright (c) 2011-2019 Canonical Ltd
-// Copyright (c) 2006-2010 Kirill Simonov
-//
-// Permission is hereby granted, free of charge, to any person obtaining a copy of
-// this software and associated documentation files (the "Software"), to deal in
-// the Software without restriction, including without limitation the rights to
-// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-// of the Software, and to permit persons to whom the Software is furnished to do
-// so, subject to the following conditions:
-//
-// The above copyright notice and this permission notice shall be included in all
-// copies or substantial portions of the Software.
-//
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-// SOFTWARE.
-
-package yaml
-
-import (
-	"fmt"
-	"io"
-)
-
-// The version directive data.
-type yaml_version_directive_t struct {
-	major int8 // The major version number.
-	minor int8 // The minor version number.
-}
-
-// The tag directive data.
-type yaml_tag_directive_t struct {
-	handle []byte // The tag handle.
-	prefix []byte // The tag prefix.
-}
-
-type yaml_encoding_t int
-
-// The stream encoding.
-const (
-	// Let the parser choose the encoding.
-	yaml_ANY_ENCODING yaml_encoding_t = iota
-
-	yaml_UTF8_ENCODING    // The default UTF-8 encoding.
-	yaml_UTF16LE_ENCODING // The UTF-16-LE encoding with BOM.
-	yaml_UTF16BE_ENCODING // The UTF-16-BE encoding with BOM.
-)
-
-type yaml_break_t int
-
-// Line break types.
-const (
-	// Let the parser choose the break type.
-	yaml_ANY_BREAK yaml_break_t = iota
-
-	yaml_CR_BREAK   // Use CR for line breaks (Mac style).
-	yaml_LN_BREAK   // Use LN for line breaks (Unix style).
-	yaml_CRLN_BREAK // Use CR LN for line breaks (DOS style).
-)
-
-type yaml_error_type_t int
-
-// Many bad things could happen with the parser and emitter.
-const (
-	// No error is produced.
-	yaml_NO_ERROR yaml_error_type_t = iota
-
-	yaml_MEMORY_ERROR   // Cannot allocate or reallocate a block of memory.
-	yaml_READER_ERROR   // Cannot read or decode the input stream.
-	yaml_SCANNER_ERROR  // Cannot scan the input stream.
-	yaml_PARSER_ERROR   // Cannot parse the input stream.
-	yaml_COMPOSER_ERROR // Cannot compose a YAML document.
-	yaml_WRITER_ERROR   // Cannot write to the output stream.
-	yaml_EMITTER_ERROR  // Cannot emit a YAML stream.
-)
-
-// The pointer position.
-type yaml_mark_t struct {
-	index  int // The position index.
-	line   int // The position line.
-	column int // The position column.
-}
-
-// Node Styles
-
-type yaml_style_t int8
-
-type yaml_scalar_style_t yaml_style_t
-
-// Scalar styles.
-const (
-	// Let the emitter choose the style.
-	yaml_ANY_SCALAR_STYLE yaml_scalar_style_t = 0
-
-	yaml_PLAIN_SCALAR_STYLE         yaml_scalar_style_t = 1 << iota // The plain scalar style.
-	yaml_SINGLE_QUOTED_SCALAR_STYLE                                 // The single-quoted scalar style.
-	yaml_DOUBLE_QUOTED_SCALAR_STYLE                                 // The double-quoted scalar style.
-	yaml_LITERAL_SCALAR_STYLE                                       // The literal scalar style.
-	yaml_FOLDED_SCALAR_STYLE                                        // The folded scalar style.
-)
-
-type yaml_sequence_style_t yaml_style_t
-
-// Sequence styles.
-const (
-	// Let the emitter choose the style.
-	yaml_ANY_SEQUENCE_STYLE yaml_sequence_style_t = iota
-
-	yaml_BLOCK_SEQUENCE_STYLE // The block sequence style.
-	yaml_FLOW_SEQUENCE_STYLE  // The flow sequence style.
-)
-
-type yaml_mapping_style_t yaml_style_t
-
-// Mapping styles.
-const (
-	// Let the emitter choose the style.
-	yaml_ANY_MAPPING_STYLE yaml_mapping_style_t = iota
-
-	yaml_BLOCK_MAPPING_STYLE // The block mapping style.
-	yaml_FLOW_MAPPING_STYLE  // The flow mapping style.
-)
-
-// Tokens
-
-type yaml_token_type_t int
-
-// Token types.
-const (
-	// An empty token.
-	yaml_NO_TOKEN yaml_token_type_t = iota
-
-	yaml_STREAM_START_TOKEN // A STREAM-START token.
-	yaml_STREAM_END_TOKEN   // A STREAM-END token.
-
-	yaml_VERSION_DIRECTIVE_TOKEN // A VERSION-DIRECTIVE token.
-	yaml_TAG_DIRECTIVE_TOKEN     // A TAG-DIRECTIVE token.
-	yaml_DOCUMENT_START_TOKEN    // A DOCUMENT-START token.
-	yaml_DOCUMENT_END_TOKEN      // A DOCUMENT-END token.
-
-	yaml_BLOCK_SEQUENCE_START_TOKEN // A BLOCK-SEQUENCE-START token.
-	yaml_BLOCK_MAPPING_START_TOKEN  // A BLOCK-SEQUENCE-END token.
-	yaml_BLOCK_END_TOKEN            // A BLOCK-END token.
-
-	yaml_FLOW_SEQUENCE_START_TOKEN // A FLOW-SEQUENCE-START token.
-	yaml_FLOW_SEQUENCE_END_TOKEN   // A FLOW-SEQUENCE-END token.
-	yaml_FLOW_MAPPING_START_TOKEN  // A FLOW-MAPPING-START token.
-	yaml_FLOW_MAPPING_END_TOKEN    // A FLOW-MAPPING-END token.
-
-	yaml_BLOCK_ENTRY_TOKEN // A BLOCK-ENTRY token.
-	yaml_FLOW_ENTRY_TOKEN  // A FLOW-ENTRY token.
-	yaml_KEY_TOKEN         // A KEY token.
-	yaml_VALUE_TOKEN       // A VALUE token.
-
-	yaml_ALIAS_TOKEN  // An ALIAS token.
-	yaml_ANCHOR_TOKEN // An ANCHOR token.
-	yaml_TAG_TOKEN    // A TAG token.
-	yaml_SCALAR_TOKEN // A SCALAR token.
-)
-
-func (tt yaml_token_type_t) String() string {
-	switch tt {
-	case yaml_NO_TOKEN:
-		return "yaml_NO_TOKEN"
-	case yaml_STREAM_START_TOKEN:
-		return "yaml_STREAM_START_TOKEN"
-	case yaml_STREAM_END_TOKEN:
-		return "yaml_STREAM_END_TOKEN"
-	case yaml_VERSION_DIRECTIVE_TOKEN:
-		return "yaml_VERSION_DIRECTIVE_TOKEN"
-	case yaml_TAG_DIRECTIVE_TOKEN:
-		return "yaml_TAG_DIRECTIVE_TOKEN"
-	case yaml_DOCUMENT_START_TOKEN:
-		return "yaml_DOCUMENT_START_TOKEN"
-	case yaml_DOCUMENT_END_TOKEN:
-		return "yaml_DOCUMENT_END_TOKEN"
-	case yaml_BLOCK_SEQUENCE_START_TOKEN:
-		return "yaml_BLOCK_SEQUENCE_START_TOKEN"
-	case yaml_BLOCK_MAPPING_START_TOKEN:
-		return "yaml_BLOCK_MAPPING_START_TOKEN"
-	case yaml_BLOCK_END_TOKEN:
-		return "yaml_BLOCK_END_TOKEN"
-	case yaml_FLOW_SEQUENCE_START_TOKEN:
-		return "yaml_FLOW_SEQUENCE_START_TOKEN"
-	case yaml_FLOW_SEQUENCE_END_TOKEN:
-		return "yaml_FLOW_SEQUENCE_END_TOKEN"
-	case yaml_FLOW_MAPPING_START_TOKEN:
-		return "yaml_FLOW_MAPPING_START_TOKEN"
-	case yaml_FLOW_MAPPING_END_TOKEN:
-		return "yaml_FLOW_MAPPING_END_TOKEN"
-	case yaml_BLOCK_ENTRY_TOKEN:
-		return "yaml_BLOCK_ENTRY_TOKEN"
-	case yaml_FLOW_ENTRY_TOKEN:
-		return "yaml_FLOW_ENTRY_TOKEN"
-	case yaml_KEY_TOKEN:
-		return "yaml_KEY_TOKEN"
-	case yaml_VALUE_TOKEN:
-		return "yaml_VALUE_TOKEN"
-	case yaml_ALIAS_TOKEN:
-		return "yaml_ALIAS_TOKEN"
-	case yaml_ANCHOR_TOKEN:
-		return "yaml_ANCHOR_TOKEN"
-	case yaml_TAG_TOKEN:
-		return "yaml_TAG_TOKEN"
-	case yaml_SCALAR_TOKEN:
-		return "yaml_SCALAR_TOKEN"
-	}
-	return ""
-}
-
-// The token structure.
-type yaml_token_t struct {
-	// The token type.
-	typ yaml_token_type_t
-
-	// The start/end of the token.
-	start_mark, end_mark yaml_mark_t
-
-	// The stream encoding (for yaml_STREAM_START_TOKEN).
-	encoding yaml_encoding_t
-
-	// The alias/anchor/scalar value or tag/tag directive handle
-	// (for yaml_ALIAS_TOKEN, yaml_ANCHOR_TOKEN, yaml_SCALAR_TOKEN, yaml_TAG_TOKEN, yaml_TAG_DIRECTIVE_TOKEN).
-	value []byte
-
-	// The tag suffix (for yaml_TAG_TOKEN).
-	suffix []byte
-
-	// The tag directive prefix (for yaml_TAG_DIRECTIVE_TOKEN).
-	prefix []byte
-
-	// The scalar style (for yaml_SCALAR_TOKEN).
-	style yaml_scalar_style_t
-
-	// The version directive major/minor (for yaml_VERSION_DIRECTIVE_TOKEN).
-	major, minor int8
-}
-
-// Events
-
-type yaml_event_type_t int8
-
-// Event types.
-const (
-	// An empty event.
-	yaml_NO_EVENT yaml_event_type_t = iota
-
-	yaml_STREAM_START_EVENT   // A STREAM-START event.
-	yaml_STREAM_END_EVENT     // A STREAM-END event.
-	yaml_DOCUMENT_START_EVENT // A DOCUMENT-START event.
-	yaml_DOCUMENT_END_EVENT   // A DOCUMENT-END event.
-	yaml_ALIAS_EVENT          // An ALIAS event.
-	yaml_SCALAR_EVENT         // A SCALAR event.
-	yaml_SEQUENCE_START_EVENT // A SEQUENCE-START event.
-	yaml_SEQUENCE_END_EVENT   // A SEQUENCE-END event.
-	yaml_MAPPING_START_EVENT  // A MAPPING-START event.
-	yaml_MAPPING_END_EVENT    // A MAPPING-END event.
-	yaml_TAIL_COMMENT_EVENT
-)
-
-var eventStrings = []string{
-	yaml_NO_EVENT:             "none",
-	yaml_STREAM_START_EVENT:   "stream start",
-	yaml_STREAM_END_EVENT:     "stream end",
-	yaml_DOCUMENT_START_EVENT: "document start",
-	yaml_DOCUMENT_END_EVENT:   "document end",
-	yaml_ALIAS_EVENT:          "alias",
-	yaml_SCALAR_EVENT:         "scalar",
-	yaml_SEQUENCE_START_EVENT: "sequence start",
-	yaml_SEQUENCE_END_EVENT:   "sequence end",
-	yaml_MAPPING_START_EVENT:  "mapping start",
-	yaml_MAPPING_END_EVENT:    "mapping end",
-	yaml_TAIL_COMMENT_EVENT:   "tail comment",
-}
-
-func (e yaml_event_type_t) String() string {
-	if e < 0 || int(e) >= len(eventStrings) {
-		return fmt.Sprintf("unknown event %d", e)
-	}
-	return eventStrings[e]
-}
-
-// The event structure.
-type yaml_event_t struct {
-
-	// The event type.
-	typ yaml_event_type_t
-
-	// The start and end of the event.
-	start_mark, end_mark yaml_mark_t
-
-	// The document encoding (for yaml_STREAM_START_EVENT).
-	encoding yaml_encoding_t
-
-	// The version directive (for yaml_DOCUMENT_START_EVENT).
-	version_directive *yaml_version_directive_t
-
-	// The list of tag directives (for yaml_DOCUMENT_START_EVENT).
-	tag_directives []yaml_tag_directive_t
-
-	// The comments
-	head_comment []byte
-	line_comment []byte
-	foot_comment []byte
-	tail_comment []byte
-
-	// The anchor (for yaml_SCALAR_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT, yaml_ALIAS_EVENT).
-	anchor []byte
-
-	// The tag (for yaml_SCALAR_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT).
-	tag []byte
-
-	// The scalar value (for yaml_SCALAR_EVENT).
-	value []byte
-
-	// Is the document start/end indicator implicit, or the tag optional?
-	// (for yaml_DOCUMENT_START_EVENT, yaml_DOCUMENT_END_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT, yaml_SCALAR_EVENT).
-	implicit bool
-
-	// Is the tag optional for any non-plain style? (for yaml_SCALAR_EVENT).
-	quoted_implicit bool
-
-	// The style (for yaml_SCALAR_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT).
-	style yaml_style_t
-}
-
-func (e *yaml_event_t) scalar_style() yaml_scalar_style_t     { return yaml_scalar_style_t(e.style) }
-func (e *yaml_event_t) sequence_style() yaml_sequence_style_t { return yaml_sequence_style_t(e.style) }
-func (e *yaml_event_t) mapping_style() yaml_mapping_style_t   { return yaml_mapping_style_t(e.style) }
-
-// Nodes
-
-const (
-	yaml_NULL_TAG      = "tag:yaml.org,2002:null"      // The tag !!null with the only possible value: null.
-	yaml_BOOL_TAG      = "tag:yaml.org,2002:bool"      // The tag !!bool with the values: true and false.
-	yaml_STR_TAG       = "tag:yaml.org,2002:str"       // The tag !!str for string values.
-	yaml_INT_TAG       = "tag:yaml.org,2002:int"       // The tag !!int for integer values.
-	yaml_FLOAT_TAG     = "tag:yaml.org,2002:float"     // The tag !!float for float values.
-	yaml_TIMESTAMP_TAG = "tag:yaml.org,2002:timestamp" // The tag !!timestamp for date and time values.
-
-	yaml_SEQ_TAG = "tag:yaml.org,2002:seq" // The tag !!seq is used to denote sequences.
-	yaml_MAP_TAG = "tag:yaml.org,2002:map" // The tag !!map is used to denote mapping.
-
-	// Not in original libyaml.
-	yaml_BINARY_TAG = "tag:yaml.org,2002:binary"
-	yaml_MERGE_TAG  = "tag:yaml.org,2002:merge"
-
-	yaml_DEFAULT_SCALAR_TAG   = yaml_STR_TAG // The default scalar tag is !!str.
-	yaml_DEFAULT_SEQUENCE_TAG = yaml_SEQ_TAG // The default sequence tag is !!seq.
-	yaml_DEFAULT_MAPPING_TAG  = yaml_MAP_TAG // The default mapping tag is !!map.
-)
-
-type yaml_node_type_t int
-
-// Node types.
-const (
-	// An empty node.
-	yaml_NO_NODE yaml_node_type_t = iota
-
-	yaml_SCALAR_NODE   // A scalar node.
-	yaml_SEQUENCE_NODE // A sequence node.
-	yaml_MAPPING_NODE  // A mapping node.
-)
-
-// An element of a sequence node.
-type yaml_node_item_t int
-
-// An element of a mapping node.
-type yaml_node_pair_t struct {
-	key   int // The key of the element.
-	value int // The value of the element.
-}
-
-// The node structure.
-type yaml_node_t struct {
-	typ yaml_node_type_t // The node type.
-	tag []byte           // The node tag.
-
-	// The node data.
-
-	// The scalar parameters (for yaml_SCALAR_NODE).
-	scalar struct {
-		value  []byte              // The scalar value.
-		length int                 // The length of the scalar value.
-		style  yaml_scalar_style_t // The scalar style.
-	}
-
-	// The sequence parameters (for YAML_SEQUENCE_NODE).
-	sequence struct {
-		items_data []yaml_node_item_t    // The stack of sequence items.
-		style      yaml_sequence_style_t // The sequence style.
-	}
-
-	// The mapping parameters (for yaml_MAPPING_NODE).
-	mapping struct {
-		pairs_data  []yaml_node_pair_t   // The stack of mapping pairs (key, value).
-		pairs_start *yaml_node_pair_t    // The beginning of the stack.
-		pairs_end   *yaml_node_pair_t    // The end of the stack.
-		pairs_top   *yaml_node_pair_t    // The top of the stack.
-		style       yaml_mapping_style_t // The mapping style.
-	}
-
-	start_mark yaml_mark_t // The beginning of the node.
-	end_mark   yaml_mark_t // The end of the node.
-
-}
-
-// The document structure.
-type yaml_document_t struct {
-
-	// The document nodes.
-	nodes []yaml_node_t
-
-	// The version directive.
-	version_directive *yaml_version_directive_t
-
-	// The list of tag directives.
-	tag_directives_data  []yaml_tag_directive_t
-	tag_directives_start int // The beginning of the tag directives list.
-	tag_directives_end   int // The end of the tag directives list.
-
-	start_implicit int // Is the document start indicator implicit?
-	end_implicit   int // Is the document end indicator implicit?
-
-	// The start/end of the document.
-	start_mark, end_mark yaml_mark_t
-}
-
-// The prototype of a read handler.
-//
-// The read handler is called when the parser needs to read more bytes from the
-// source. The handler should write not more than size bytes to the buffer.
-// The number of written bytes should be set to the size_read variable.
-//
-// [in,out]   data        A pointer to an application data specified by
-//                        yaml_parser_set_input().
-// [out]      buffer      The buffer to write the data from the source.
-// [in]       size        The size of the buffer.
-// [out]      size_read   The actual number of bytes read from the source.
-//
-// On success, the handler should return 1.  If the handler failed,
-// the returned value should be 0. On EOF, the handler should set the
-// size_read to 0 and return 1.
-type yaml_read_handler_t func(parser *yaml_parser_t, buffer []byte) (n int, err error)
-
-// This structure holds information about a potential simple key.
-type yaml_simple_key_t struct {
-	possible     bool        // Is a simple key possible?
-	required     bool        // Is a simple key required?
-	token_number int         // The number of the token.
-	mark         yaml_mark_t // The position mark.
-}
-
-// The states of the parser.
-type yaml_parser_state_t int
-
-const (
-	yaml_PARSE_STREAM_START_STATE yaml_parser_state_t = iota
-
-	yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE           // Expect the beginning of an implicit document.
-	yaml_PARSE_DOCUMENT_START_STATE                    // Expect DOCUMENT-START.
-	yaml_PARSE_DOCUMENT_CONTENT_STATE                  // Expect the content of a document.
-	yaml_PARSE_DOCUMENT_END_STATE                      // Expect DOCUMENT-END.
-	yaml_PARSE_BLOCK_NODE_STATE                        // Expect a block node.
-	yaml_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE // Expect a block node or indentless sequence.
-	yaml_PARSE_FLOW_NODE_STATE                         // Expect a flow node.
-	yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE        // Expect the first entry of a block sequence.
-	yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE              // Expect an entry of a block sequence.
-	yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE         // Expect an entry of an indentless sequence.
-	yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE           // Expect the first key of a block mapping.
-	yaml_PARSE_BLOCK_MAPPING_KEY_STATE                 // Expect a block mapping key.
-	yaml_PARSE_BLOCK_MAPPING_VALUE_STATE               // Expect a block mapping value.
-	yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE         // Expect the first entry of a flow sequence.
-	yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE               // Expect an entry of a flow sequence.
-	yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE   // Expect a key of an ordered mapping.
-	yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE // Expect a value of an ordered mapping.
-	yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE   // Expect the and of an ordered mapping entry.
-	yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE            // Expect the first key of a flow mapping.
-	yaml_PARSE_FLOW_MAPPING_KEY_STATE                  // Expect a key of a flow mapping.
-	yaml_PARSE_FLOW_MAPPING_VALUE_STATE                // Expect a value of a flow mapping.
-	yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE          // Expect an empty value of a flow mapping.
-	yaml_PARSE_END_STATE                               // Expect nothing.
-)
-
-func (ps yaml_parser_state_t) String() string {
-	switch ps {
-	case yaml_PARSE_STREAM_START_STATE:
-		return "yaml_PARSE_STREAM_START_STATE"
-	case yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE:
-		return "yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE"
-	case yaml_PARSE_DOCUMENT_START_STATE:
-		return "yaml_PARSE_DOCUMENT_START_STATE"
-	case yaml_PARSE_DOCUMENT_CONTENT_STATE:
-		return "yaml_PARSE_DOCUMENT_CONTENT_STATE"
-	case yaml_PARSE_DOCUMENT_END_STATE:
-		return "yaml_PARSE_DOCUMENT_END_STATE"
-	case yaml_PARSE_BLOCK_NODE_STATE:
-		return "yaml_PARSE_BLOCK_NODE_STATE"
-	case yaml_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE:
-		return "yaml_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE"
-	case yaml_PARSE_FLOW_NODE_STATE:
-		return "yaml_PARSE_FLOW_NODE_STATE"
-	case yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE:
-		return "yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE"
-	case yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE:
-		return "yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE"
-	case yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE:
-		return "yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE"
-	case yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE:
-		return "yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE"
-	case yaml_PARSE_BLOCK_MAPPING_KEY_STATE:
-		return "yaml_PARSE_BLOCK_MAPPING_KEY_STATE"
-	case yaml_PARSE_BLOCK_MAPPING_VALUE_STATE:
-		return "yaml_PARSE_BLOCK_MAPPING_VALUE_STATE"
-	case yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE:
-		return "yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE"
-	case yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE:
-		return "yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE"
-	case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE:
-		return "yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE"
-	case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE:
-		return "yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE"
-	case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE:
-		return "yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE"
-	case yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE:
-		return "yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE"
-	case yaml_PARSE_FLOW_MAPPING_KEY_STATE:
-		return "yaml_PARSE_FLOW_MAPPING_KEY_STATE"
-	case yaml_PARSE_FLOW_MAPPING_VALUE_STATE:
-		return "yaml_PARSE_FLOW_MAPPING_VALUE_STATE"
-	case yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE:
-		return "yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE"
-	case yaml_PARSE_END_STATE:
-		return "yaml_PARSE_END_STATE"
-	}
-	return ""
-}
-
-// This structure holds aliases data.
-type yaml_alias_data_t struct {
-	anchor []byte      // The anchor.
-	index  int         // The node id.
-	mark   yaml_mark_t // The anchor mark.
-}
-
-// The parser structure.
-//
-// All members are internal. Manage the structure using the
-// yaml_parser_ family of functions.
-type yaml_parser_t struct {
-
-	// Error handling
-
-	error yaml_error_type_t // Error type.
-
-	problem string // Error description.
-
-	// The byte about which the problem occurred.
-	problem_offset int
-	problem_value  int
-	problem_mark   yaml_mark_t
-
-	// The error context.
-	context      string
-	context_mark yaml_mark_t
-
-	// Reader stuff
-
-	read_handler yaml_read_handler_t // Read handler.
-
-	input_reader io.Reader // File input data.
-	input        []byte    // String input data.
-	input_pos    int
-
-	eof bool // EOF flag
-
-	buffer     []byte // The working buffer.
-	buffer_pos int    // The current position of the buffer.
-
-	unread int // The number of unread characters in the buffer.
-
-	newlines int // The number of line breaks since last non-break/non-blank character
-
-	raw_buffer     []byte // The raw buffer.
-	raw_buffer_pos int    // The current position of the buffer.
-
-	encoding yaml_encoding_t // The input encoding.
-
-	offset int         // The offset of the current position (in bytes).
-	mark   yaml_mark_t // The mark of the current position.
-
-	// Comments
-
-	head_comment []byte // The current head comments
-	line_comment []byte // The current line comments
-	foot_comment []byte // The current foot comments
-	tail_comment []byte // Foot comment that happens at the end of a block.
-	stem_comment []byte // Comment in item preceding a nested structure (list inside list item, etc)
-
-	comments      []yaml_comment_t // The folded comments for all parsed tokens
-	comments_head int
-
-	// Scanner stuff
-
-	stream_start_produced bool // Have we started to scan the input stream?
-	stream_end_produced   bool // Have we reached the end of the input stream?
-
-	flow_level int // The number of unclosed '[' and '{' indicators.
-
-	tokens          []yaml_token_t // The tokens queue.
-	tokens_head     int            // The head of the tokens queue.
-	tokens_parsed   int            // The number of tokens fetched from the queue.
-	token_available bool           // Does the tokens queue contain a token ready for dequeueing.
-
-	indent  int   // The current indentation level.
-	indents []int // The indentation levels stack.
-
-	simple_key_allowed bool                // May a simple key occur at the current position?
-	simple_keys        []yaml_simple_key_t // The stack of simple keys.
-	simple_keys_by_tok map[int]int         // possible simple_key indexes indexed by token_number
-
-	// Parser stuff
-
-	state          yaml_parser_state_t    // The current parser state.
-	states         []yaml_parser_state_t  // The parser states stack.
-	marks          []yaml_mark_t          // The stack of marks.
-	tag_directives []yaml_tag_directive_t // The list of TAG directives.
-
-	// Dumper stuff
-
-	aliases []yaml_alias_data_t // The alias data.
-
-	document *yaml_document_t // The currently parsed document.
-}
-
-type yaml_comment_t struct {
-
-	scan_mark  yaml_mark_t // Position where scanning for comments started
-	token_mark yaml_mark_t // Position after which tokens will be associated with this comment
-	start_mark yaml_mark_t // Position of '#' comment mark
-	end_mark   yaml_mark_t // Position where comment terminated
-
-	head []byte
-	line []byte
-	foot []byte
-}
-
-// Emitter Definitions
-
-// The prototype of a write handler.
-//
-// The write handler is called when the emitter needs to flush the accumulated
-// characters to the output.  The handler should write @a size bytes of the
-// @a buffer to the output.
-//
-// @param[in,out]   data        A pointer to an application data specified by
-//                              yaml_emitter_set_output().
-// @param[in]       buffer      The buffer with bytes to be written.
-// @param[in]       size        The size of the buffer.
-//
-// @returns On success, the handler should return @c 1.  If the handler failed,
-// the returned value should be @c 0.
-//
-type yaml_write_handler_t func(emitter *yaml_emitter_t, buffer []byte) error
-
-type yaml_emitter_state_t int
-
-// The emitter states.
-const (
-	// Expect STREAM-START.
-	yaml_EMIT_STREAM_START_STATE yaml_emitter_state_t = iota
-
-	yaml_EMIT_FIRST_DOCUMENT_START_STATE       // Expect the first DOCUMENT-START or STREAM-END.
-	yaml_EMIT_DOCUMENT_START_STATE             // Expect DOCUMENT-START or STREAM-END.
-	yaml_EMIT_DOCUMENT_CONTENT_STATE           // Expect the content of a document.
-	yaml_EMIT_DOCUMENT_END_STATE               // Expect DOCUMENT-END.
-	yaml_EMIT_FLOW_SEQUENCE_FIRST_ITEM_STATE   // Expect the first item of a flow sequence.
-	yaml_EMIT_FLOW_SEQUENCE_TRAIL_ITEM_STATE   // Expect the next item of a flow sequence, with the comma already written out
-	yaml_EMIT_FLOW_SEQUENCE_ITEM_STATE         // Expect an item of a flow sequence.
-	yaml_EMIT_FLOW_MAPPING_FIRST_KEY_STATE     // Expect the first key of a flow mapping.
-	yaml_EMIT_FLOW_MAPPING_TRAIL_KEY_STATE     // Expect the next key of a flow mapping, with the comma already written out
-	yaml_EMIT_FLOW_MAPPING_KEY_STATE           // Expect a key of a flow mapping.
-	yaml_EMIT_FLOW_MAPPING_SIMPLE_VALUE_STATE  // Expect a value for a simple key of a flow mapping.
-	yaml_EMIT_FLOW_MAPPING_VALUE_STATE         // Expect a value of a flow mapping.
-	yaml_EMIT_BLOCK_SEQUENCE_FIRST_ITEM_STATE  // Expect the first item of a block sequence.
-	yaml_EMIT_BLOCK_SEQUENCE_ITEM_STATE        // Expect an item of a block sequence.
-	yaml_EMIT_BLOCK_MAPPING_FIRST_KEY_STATE    // Expect the first key of a block mapping.
-	yaml_EMIT_BLOCK_MAPPING_KEY_STATE          // Expect the key of a block mapping.
-	yaml_EMIT_BLOCK_MAPPING_SIMPLE_VALUE_STATE // Expect a value for a simple key of a block mapping.
-	yaml_EMIT_BLOCK_MAPPING_VALUE_STATE        // Expect a value of a block mapping.
-	yaml_EMIT_END_STATE                        // Expect nothing.
-)
-
-// The emitter structure.
-//
-// All members are internal.  Manage the structure using the @c yaml_emitter_
-// family of functions.
-type yaml_emitter_t struct {
-
-	// Error handling
-
-	error   yaml_error_type_t // Error type.
-	problem string            // Error description.
-
-	// Writer stuff
-
-	write_handler yaml_write_handler_t // Write handler.
-
-	output_buffer *[]byte   // String output data.
-	output_writer io.Writer // File output data.
-
-	buffer     []byte // The working buffer.
-	buffer_pos int    // The current position of the buffer.
-
-	raw_buffer     []byte // The raw buffer.
-	raw_buffer_pos int    // The current position of the buffer.
-
-	encoding yaml_encoding_t // The stream encoding.
-
-	// Emitter stuff
-
-	canonical   bool         // If the output is in the canonical style?
-	best_indent int          // The number of indentation spaces.
-	best_width  int          // The preferred width of the output lines.
-	unicode     bool         // Allow unescaped non-ASCII characters?
-	line_break  yaml_break_t // The preferred line break.
-
-	state  yaml_emitter_state_t   // The current emitter state.
-	states []yaml_emitter_state_t // The stack of states.
-
-	events      []yaml_event_t // The event queue.
-	events_head int            // The head of the event queue.
-
-	indents []int // The stack of indentation levels.
-
-	tag_directives []yaml_tag_directive_t // The list of tag directives.
-
-	indent int // The current indentation level.
-
-	flow_level int // The current flow level.
-
-	root_context       bool // Is it the document root context?
-	sequence_context   bool // Is it a sequence context?
-	mapping_context    bool // Is it a mapping context?
-	simple_key_context bool // Is it a simple mapping key context?
-
-	line       int  // The current line.
-	column     int  // The current column.
-	whitespace bool // If the last character was a whitespace?
-	indention  bool // If the last character was an indentation character (' ', '-', '?', ':')?
-	open_ended bool // If an explicit document end is required?
-
-	space_above bool // Is there's an empty line above?
-	foot_indent int  // The indent used to write the foot comment above, or -1 if none.
-
-	// Anchor analysis.
-	anchor_data struct {
-		anchor []byte // The anchor value.
-		alias  bool   // Is it an alias?
-	}
-
-	// Tag analysis.
-	tag_data struct {
-		handle []byte // The tag handle.
-		suffix []byte // The tag suffix.
-	}
-
-	// Scalar analysis.
-	scalar_data struct {
-		value                 []byte              // The scalar value.
-		multiline             bool                // Does the scalar contain line breaks?
-		flow_plain_allowed    bool                // Can the scalar be expessed in the flow plain style?
-		block_plain_allowed   bool                // Can the scalar be expressed in the block plain style?
-		single_quoted_allowed bool                // Can the scalar be expressed in the single quoted style?
-		block_allowed         bool                // Can the scalar be expressed in the literal or folded styles?
-		style                 yaml_scalar_style_t // The output style.
-	}
-
-	// Comments
-	head_comment []byte
-	line_comment []byte
-	foot_comment []byte
-	tail_comment []byte
-
-	key_line_comment []byte
-
-	// Dumper stuff
-
-	opened bool // If the stream was already opened?
-	closed bool // If the stream was already closed?
-
-	// The information associated with the document nodes.
-	anchors *struct {
-		references int  // The number of references.
-		anchor     int  // The anchor id.
-		serialized bool // If the node has been emitted?
-	}
-
-	last_anchor_id int // The last assigned anchor id.
-
-	document *yaml_document_t // The currently emitted document.
-}
diff --git a/vendor/gopkg.in/yaml.v3/yamlprivateh.go b/vendor/gopkg.in/yaml.v3/yamlprivateh.go
deleted file mode 100644
index e88f9c54a..000000000
--- a/vendor/gopkg.in/yaml.v3/yamlprivateh.go
+++ /dev/null
@@ -1,198 +0,0 @@
-// 
-// Copyright (c) 2011-2019 Canonical Ltd
-// Copyright (c) 2006-2010 Kirill Simonov
-// 
-// Permission is hereby granted, free of charge, to any person obtaining a copy of
-// this software and associated documentation files (the "Software"), to deal in
-// the Software without restriction, including without limitation the rights to
-// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
-// of the Software, and to permit persons to whom the Software is furnished to do
-// so, subject to the following conditions:
-// 
-// The above copyright notice and this permission notice shall be included in all
-// copies or substantial portions of the Software.
-// 
-// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-// SOFTWARE.
-
-package yaml
-
-const (
-	// The size of the input raw buffer.
-	input_raw_buffer_size = 512
-
-	// The size of the input buffer.
-	// It should be possible to decode the whole raw buffer.
-	input_buffer_size = input_raw_buffer_size * 3
-
-	// The size of the output buffer.
-	output_buffer_size = 128
-
-	// The size of the output raw buffer.
-	// It should be possible to encode the whole output buffer.
-	output_raw_buffer_size = (output_buffer_size*2 + 2)
-
-	// The size of other stacks and queues.
-	initial_stack_size  = 16
-	initial_queue_size  = 16
-	initial_string_size = 16
-)
-
-// Check if the character at the specified position is an alphabetical
-// character, a digit, '_', or '-'.
-func is_alpha(b []byte, i int) bool {
-	return b[i] >= '0' && b[i] <= '9' || b[i] >= 'A' && b[i] <= 'Z' || b[i] >= 'a' && b[i] <= 'z' || b[i] == '_' || b[i] == '-'
-}
-
-// Check if the character at the specified position is a digit.
-func is_digit(b []byte, i int) bool {
-	return b[i] >= '0' && b[i] <= '9'
-}
-
-// Get the value of a digit.
-func as_digit(b []byte, i int) int {
-	return int(b[i]) - '0'
-}
-
-// Check if the character at the specified position is a hex-digit.
-func is_hex(b []byte, i int) bool {
-	return b[i] >= '0' && b[i] <= '9' || b[i] >= 'A' && b[i] <= 'F' || b[i] >= 'a' && b[i] <= 'f'
-}
-
-// Get the value of a hex-digit.
-func as_hex(b []byte, i int) int {
-	bi := b[i]
-	if bi >= 'A' && bi <= 'F' {
-		return int(bi) - 'A' + 10
-	}
-	if bi >= 'a' && bi <= 'f' {
-		return int(bi) - 'a' + 10
-	}
-	return int(bi) - '0'
-}
-
-// Check if the character is ASCII.
-func is_ascii(b []byte, i int) bool {
-	return b[i] <= 0x7F
-}
-
-// Check if the character at the start of the buffer can be printed unescaped.
-func is_printable(b []byte, i int) bool {
-	return ((b[i] == 0x0A) || // . == #x0A
-		(b[i] >= 0x20 && b[i] <= 0x7E) || // #x20 <= . <= #x7E
-		(b[i] == 0xC2 && b[i+1] >= 0xA0) || // #0xA0 <= . <= #xD7FF
-		(b[i] > 0xC2 && b[i] < 0xED) ||
-		(b[i] == 0xED && b[i+1] < 0xA0) ||
-		(b[i] == 0xEE) ||
-		(b[i] == 0xEF && // #xE000 <= . <= #xFFFD
-			!(b[i+1] == 0xBB && b[i+2] == 0xBF) && // && . != #xFEFF
-			!(b[i+1] == 0xBF && (b[i+2] == 0xBE || b[i+2] == 0xBF))))
-}
-
-// Check if the character at the specified position is NUL.
-func is_z(b []byte, i int) bool {
-	return b[i] == 0x00
-}
-
-// Check if the beginning of the buffer is a BOM.
-func is_bom(b []byte, i int) bool {
-	return b[0] == 0xEF && b[1] == 0xBB && b[2] == 0xBF
-}
-
-// Check if the character at the specified position is space.
-func is_space(b []byte, i int) bool {
-	return b[i] == ' '
-}
-
-// Check if the character at the specified position is tab.
-func is_tab(b []byte, i int) bool {
-	return b[i] == '\t'
-}
-
-// Check if the character at the specified position is blank (space or tab).
-func is_blank(b []byte, i int) bool {
-	//return is_space(b, i) || is_tab(b, i)
-	return b[i] == ' ' || b[i] == '\t'
-}
-
-// Check if the character at the specified position is a line break.
-func is_break(b []byte, i int) bool {
-	return (b[i] == '\r' || // CR (#xD)
-		b[i] == '\n' || // LF (#xA)
-		b[i] == 0xC2 && b[i+1] == 0x85 || // NEL (#x85)
-		b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA8 || // LS (#x2028)
-		b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA9) // PS (#x2029)
-}
-
-func is_crlf(b []byte, i int) bool {
-	return b[i] == '\r' && b[i+1] == '\n'
-}
-
-// Check if the character is a line break or NUL.
-func is_breakz(b []byte, i int) bool {
-	//return is_break(b, i) || is_z(b, i)
-	return (
-		// is_break:
-		b[i] == '\r' || // CR (#xD)
-		b[i] == '\n' || // LF (#xA)
-		b[i] == 0xC2 && b[i+1] == 0x85 || // NEL (#x85)
-		b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA8 || // LS (#x2028)
-		b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA9 || // PS (#x2029)
-		// is_z:
-		b[i] == 0)
-}
-
-// Check if the character is a line break, space, or NUL.
-func is_spacez(b []byte, i int) bool {
-	//return is_space(b, i) || is_breakz(b, i)
-	return (
-		// is_space:
-		b[i] == ' ' ||
-		// is_breakz:
-		b[i] == '\r' || // CR (#xD)
-		b[i] == '\n' || // LF (#xA)
-		b[i] == 0xC2 && b[i+1] == 0x85 || // NEL (#x85)
-		b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA8 || // LS (#x2028)
-		b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA9 || // PS (#x2029)
-		b[i] == 0)
-}
-
-// Check if the character is a line break, space, tab, or NUL.
-func is_blankz(b []byte, i int) bool {
-	//return is_blank(b, i) || is_breakz(b, i)
-	return (
-		// is_blank:
-		b[i] == ' ' || b[i] == '\t' ||
-		// is_breakz:
-		b[i] == '\r' || // CR (#xD)
-		b[i] == '\n' || // LF (#xA)
-		b[i] == 0xC2 && b[i+1] == 0x85 || // NEL (#x85)
-		b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA8 || // LS (#x2028)
-		b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA9 || // PS (#x2029)
-		b[i] == 0)
-}
-
-// Determine the width of the character.
-func width(b byte) int {
-	// Don't replace these by a switch without first
-	// confirming that it is being inlined.
-	if b&0x80 == 0x00 {
-		return 1
-	}
-	if b&0xE0 == 0xC0 {
-		return 2
-	}
-	if b&0xF0 == 0xE0 {
-		return 3
-	}
-	if b&0xF8 == 0xF0 {
-		return 4
-	}
-	return 0
-
-}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 6d1e44fd2..c281d0ee4 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -27,9 +27,6 @@ github.com/cloudflare/redoctober/passvault
 github.com/cloudflare/redoctober/persist
 github.com/cloudflare/redoctober/report
 github.com/cloudflare/redoctober/symcrypt
-# github.com/davecgh/go-spew v1.1.1
-## explicit
-github.com/davecgh/go-spew/spew
 # github.com/getsentry/sentry-go v0.11.0
 ## explicit; go 1.14
 github.com/getsentry/sentry-go
@@ -83,9 +80,6 @@ github.com/matttproud/golang_protobuf_extensions/pbutil
 # github.com/pelletier/go-toml v1.9.3
 ## explicit; go 1.12
 github.com/pelletier/go-toml
-# github.com/pmezard/go-difflib v1.0.0
-## explicit
-github.com/pmezard/go-difflib/difflib
 # github.com/prometheus/client_golang v1.16.0
 ## explicit; go 1.17
 github.com/prometheus/client_golang/prometheus
@@ -109,8 +103,6 @@ github.com/prometheus/procfs/internal/util
 ## explicit; go 1.19
 # github.com/stretchr/testify v1.8.4
 ## explicit; go 1.20
-github.com/stretchr/testify/assert
-github.com/stretchr/testify/require
 # github.com/weppos/publicsuffix-go v0.30.0
 ## explicit; go 1.16
 github.com/weppos/publicsuffix-go/publicsuffix
@@ -207,9 +199,6 @@ google.golang.org/protobuf/runtime/protoiface
 google.golang.org/protobuf/runtime/protoimpl
 google.golang.org/protobuf/types/descriptorpb
 google.golang.org/protobuf/types/known/timestamppb
-# gopkg.in/yaml.v3 v3.0.1
-## explicit
-gopkg.in/yaml.v3
 # k8s.io/klog/v2 v2.100.1
 ## explicit; go 1.13
 k8s.io/klog/v2

From 48e8f991ed36cf21fa580f1bc7f032df463f9137 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 7 Aug 2023 03:40:12 +0000
Subject: [PATCH 35/73] build(deps): bump golang.org/x/crypto from 0.10.0 to
 0.12.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.10.0 to 0.12.0.
- [Commits](https://github.com/golang/crypto/compare/v0.10.0...v0.12.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |    6 +-
 go.sum                                        |   14 +-
 vendor/golang.org/x/crypto/ssh/common.go      |   51 +-
 vendor/golang.org/x/crypto/ssh/kex.go         |   12 +
 vendor/golang.org/x/crypto/ssh/mac.go         |    3 +
 vendor/golang.org/x/crypto/ssh/server.go      |   21 +-
 vendor/golang.org/x/sys/unix/mkerrors.sh      |    4 +-
 vendor/golang.org/x/sys/unix/mmap_nomremap.go |   14 +
 vendor/golang.org/x/sys/unix/mremap.go        |   53 +
 vendor/golang.org/x/sys/unix/syscall_aix.go   |   15 -
 vendor/golang.org/x/sys/unix/syscall_bsd.go   |   14 -
 .../golang.org/x/sys/unix/syscall_darwin.go   |   50 +-
 vendor/golang.org/x/sys/unix/syscall_linux.go |   58 +-
 .../x/sys/unix/syscall_linux_amd64.go         |    2 +-
 .../x/sys/unix/syscall_linux_arm64.go         |    2 +-
 .../x/sys/unix/syscall_linux_loong64.go       |    2 +-
 .../x/sys/unix/syscall_linux_mips64x.go       |    2 +-
 .../x/sys/unix/syscall_linux_riscv64.go       |   13 +-
 .../golang.org/x/sys/unix/syscall_netbsd.go   |   13 +-
 .../golang.org/x/sys/unix/syscall_solaris.go  |   14 -
 vendor/golang.org/x/sys/unix/syscall_unix.go  |    8 +
 .../x/sys/unix/syscall_zos_s390x.go           |   14 -
 vendor/golang.org/x/sys/unix/zerrors_linux.go |   26 +-
 .../x/sys/unix/zerrors_linux_386.go           |    9 +
 .../x/sys/unix/zerrors_linux_amd64.go         |    9 +
 .../x/sys/unix/zerrors_linux_arm.go           |    9 +
 .../x/sys/unix/zerrors_linux_arm64.go         |   11 +
 .../x/sys/unix/zerrors_linux_loong64.go       |    9 +
 .../x/sys/unix/zerrors_linux_mips.go          |    9 +
 .../x/sys/unix/zerrors_linux_mips64.go        |    9 +
 .../x/sys/unix/zerrors_linux_mips64le.go      |    9 +
 .../x/sys/unix/zerrors_linux_mipsle.go        |    9 +
 .../x/sys/unix/zerrors_linux_ppc.go           |    9 +
 .../x/sys/unix/zerrors_linux_ppc64.go         |    9 +
 .../x/sys/unix/zerrors_linux_ppc64le.go       |    9 +
 .../x/sys/unix/zerrors_linux_riscv64.go       |    9 +
 .../x/sys/unix/zerrors_linux_s390x.go         |    9 +
 .../x/sys/unix/zerrors_linux_sparc64.go       |    9 +
 .../golang.org/x/sys/unix/zsyscall_linux.go   |   13 +-
 .../x/sys/unix/zsyscall_linux_riscv64.go      |   16 +
 .../x/sys/unix/zsyscall_netbsd_386.go         |   11 +
 .../x/sys/unix/zsyscall_netbsd_amd64.go       |   11 +
 .../x/sys/unix/zsyscall_netbsd_arm.go         |   11 +
 .../x/sys/unix/zsyscall_netbsd_arm64.go       |   11 +
 .../x/sys/unix/zsysnum_linux_riscv64.go       |    2 +
 .../x/sys/unix/zsysnum_linux_s390x.go         |    1 +
 vendor/golang.org/x/sys/unix/ztypes_linux.go  |   40 +-
 .../golang.org/x/sys/unix/ztypes_linux_386.go |    2 +
 .../x/sys/unix/ztypes_linux_amd64.go          |    2 +
 .../golang.org/x/sys/unix/ztypes_linux_arm.go |    2 +
 .../x/sys/unix/ztypes_linux_arm64.go          |    2 +
 .../x/sys/unix/ztypes_linux_loong64.go        |    2 +
 .../x/sys/unix/ztypes_linux_mips.go           |    2 +
 .../x/sys/unix/ztypes_linux_mips64.go         |    2 +
 .../x/sys/unix/ztypes_linux_mips64le.go       |    2 +
 .../x/sys/unix/ztypes_linux_mipsle.go         |    2 +
 .../golang.org/x/sys/unix/ztypes_linux_ppc.go |    2 +
 .../x/sys/unix/ztypes_linux_ppc64.go          |    2 +
 .../x/sys/unix/ztypes_linux_ppc64le.go        |    2 +
 .../x/sys/unix/ztypes_linux_riscv64.go        |   25 +
 .../x/sys/unix/ztypes_linux_s390x.go          |    2 +
 .../x/sys/unix/ztypes_linux_sparc64.go        |    2 +
 vendor/golang.org/x/sys/windows/service.go    |    4 +
 .../x/sys/windows/syscall_windows.go          |    4 +-
 .../x/text/unicode/bidi/tables13.0.0.go       |    4 +-
 .../x/text/unicode/bidi/tables15.0.0.go       | 2043 +++++
 .../x/text/unicode/norm/tables13.0.0.go       |    4 +-
 .../x/text/unicode/norm/tables15.0.0.go       | 7908 +++++++++++++++++
 vendor/modules.txt                            |    6 +-
 69 files changed, 10535 insertions(+), 155 deletions(-)
 create mode 100644 vendor/golang.org/x/sys/unix/mmap_nomremap.go
 create mode 100644 vendor/golang.org/x/sys/unix/mremap.go
 create mode 100644 vendor/golang.org/x/text/unicode/bidi/tables15.0.0.go
 create mode 100644 vendor/golang.org/x/text/unicode/norm/tables15.0.0.go

diff --git a/go.mod b/go.mod
index b9ae781cd..3fb497480 100644
--- a/go.mod
+++ b/go.mod
@@ -16,7 +16,7 @@ require (
 	github.com/prometheus/client_golang v1.16.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.10.0
+	golang.org/x/crypto v0.12.0
 )
 
 require (
@@ -36,8 +36,8 @@ require (
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/sys v0.9.0 // indirect
-	golang.org/x/text v0.10.0 // indirect
+	golang.org/x/sys v0.11.0 // indirect
+	golang.org/x/text v0.12.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
 )
diff --git a/go.sum b/go.sum
index 2c7c784bb..6fb23b2fb 100644
--- a/go.sum
+++ b/go.sum
@@ -388,8 +388,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM=
-golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I=
+golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
+golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -531,14 +531,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s=
-golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.9.0 h1:GRRCnKYhdQrD8kfRAdQ6Zcw1P0OcELxGLKJvtjVMZ28=
+golang.org/x/term v0.11.0 h1:F9tnn/DA/Im8nCwm+fX+1/eBwi4qFjRT++MhtVC4ZX0=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -549,8 +549,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58=
-golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
+golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go
index dc6f301de..b419c761e 100644
--- a/vendor/golang.org/x/crypto/ssh/common.go
+++ b/vendor/golang.org/x/crypto/ssh/common.go
@@ -49,7 +49,8 @@ var supportedKexAlgos = []string{
 	// P384 and P521 are not constant-time yet, but since we don't
 	// reuse ephemeral keys, using them for ECDH should be OK.
 	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
-	kexAlgoDH14SHA256, kexAlgoDH14SHA1, kexAlgoDH1SHA1,
+	kexAlgoDH14SHA256, kexAlgoDH16SHA512, kexAlgoDH14SHA1,
+	kexAlgoDH1SHA1,
 }
 
 // serverForbiddenKexAlgos contains key exchange algorithms, that are forbidden
@@ -59,8 +60,9 @@ var serverForbiddenKexAlgos = map[string]struct{}{
 	kexAlgoDHGEXSHA256: {}, // server half implementation is only minimal to satisfy the automated tests
 }
 
-// preferredKexAlgos specifies the default preference for key-exchange algorithms
-// in preference order.
+// preferredKexAlgos specifies the default preference for key-exchange
+// algorithms in preference order. The diffie-hellman-group16-sha512 algorithm
+// is disabled by default because it is a bit slower than the others.
 var preferredKexAlgos = []string{
 	kexAlgoCurve25519SHA256, kexAlgoCurve25519SHA256LibSSH,
 	kexAlgoECDH256, kexAlgoECDH384, kexAlgoECDH521,
@@ -70,12 +72,12 @@ var preferredKexAlgos = []string{
 // supportedHostKeyAlgos specifies the supported host-key algorithms (i.e. methods
 // of authenticating servers) in preference order.
 var supportedHostKeyAlgos = []string{
-	CertAlgoRSASHA512v01, CertAlgoRSASHA256v01,
+	CertAlgoRSASHA256v01, CertAlgoRSASHA512v01,
 	CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01,
 	CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01,
 
 	KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521,
-	KeyAlgoRSASHA512, KeyAlgoRSASHA256,
+	KeyAlgoRSASHA256, KeyAlgoRSASHA512,
 	KeyAlgoRSA, KeyAlgoDSA,
 
 	KeyAlgoED25519,
@@ -85,7 +87,7 @@ var supportedHostKeyAlgos = []string{
 // This is based on RFC 4253, section 6.4, but with hmac-md5 variants removed
 // because they have reached the end of their useful life.
 var supportedMACs = []string{
-	"hmac-sha2-512-etm@openssh.com", "hmac-sha2-256-etm@openssh.com", "hmac-sha2-256", "hmac-sha1", "hmac-sha1-96",
+	"hmac-sha2-256-etm@openssh.com", "hmac-sha2-512-etm@openssh.com", "hmac-sha2-256", "hmac-sha2-512", "hmac-sha1", "hmac-sha1-96",
 }
 
 var supportedCompressions = []string{compressionNone}
@@ -119,6 +121,13 @@ func algorithmsForKeyFormat(keyFormat string) []string {
 	}
 }
 
+// isRSA returns whether algo is a supported RSA algorithm, including certificate
+// algorithms.
+func isRSA(algo string) bool {
+	algos := algorithmsForKeyFormat(KeyAlgoRSA)
+	return contains(algos, underlyingAlgo(algo))
+}
+
 // supportedPubKeyAuthAlgos specifies the supported client public key
 // authentication algorithms. Note that this doesn't include certificate types
 // since those use the underlying algorithm. This list is sent to the client if
@@ -262,16 +271,16 @@ type Config struct {
 	// unspecified, a size suitable for the chosen cipher is used.
 	RekeyThreshold uint64
 
-	// The allowed key exchanges algorithms. If unspecified then a
-	// default set of algorithms is used.
+	// The allowed key exchanges algorithms. If unspecified then a default set
+	// of algorithms is used. Unsupported values are silently ignored.
 	KeyExchanges []string
 
-	// The allowed cipher algorithms. If unspecified then a sensible
-	// default is used.
+	// The allowed cipher algorithms. If unspecified then a sensible default is
+	// used. Unsupported values are silently ignored.
 	Ciphers []string
 
-	// The allowed MAC algorithms. If unspecified then a sensible default
-	// is used.
+	// The allowed MAC algorithms. If unspecified then a sensible default is
+	// used. Unsupported values are silently ignored.
 	MACs []string
 }
 
@@ -288,7 +297,7 @@ func (c *Config) SetDefaults() {
 	var ciphers []string
 	for _, c := range c.Ciphers {
 		if cipherModes[c] != nil {
-			// reject the cipher if we have no cipherModes definition
+			// Ignore the cipher if we have no cipherModes definition.
 			ciphers = append(ciphers, c)
 		}
 	}
@@ -297,10 +306,26 @@ func (c *Config) SetDefaults() {
 	if c.KeyExchanges == nil {
 		c.KeyExchanges = preferredKexAlgos
 	}
+	var kexs []string
+	for _, k := range c.KeyExchanges {
+		if kexAlgoMap[k] != nil {
+			// Ignore the KEX if we have no kexAlgoMap definition.
+			kexs = append(kexs, k)
+		}
+	}
+	c.KeyExchanges = kexs
 
 	if c.MACs == nil {
 		c.MACs = supportedMACs
 	}
+	var macs []string
+	for _, m := range c.MACs {
+		if macModes[m] != nil {
+			// Ignore the MAC if we have no macModes definition.
+			macs = append(macs, m)
+		}
+	}
+	c.MACs = macs
 
 	if c.RekeyThreshold == 0 {
 		// cipher specific default
diff --git a/vendor/golang.org/x/crypto/ssh/kex.go b/vendor/golang.org/x/crypto/ssh/kex.go
index 927a90cd4..8a05f7990 100644
--- a/vendor/golang.org/x/crypto/ssh/kex.go
+++ b/vendor/golang.org/x/crypto/ssh/kex.go
@@ -23,6 +23,7 @@ const (
 	kexAlgoDH1SHA1                = "diffie-hellman-group1-sha1"
 	kexAlgoDH14SHA1               = "diffie-hellman-group14-sha1"
 	kexAlgoDH14SHA256             = "diffie-hellman-group14-sha256"
+	kexAlgoDH16SHA512             = "diffie-hellman-group16-sha512"
 	kexAlgoECDH256                = "ecdh-sha2-nistp256"
 	kexAlgoECDH384                = "ecdh-sha2-nistp384"
 	kexAlgoECDH521                = "ecdh-sha2-nistp521"
@@ -430,6 +431,17 @@ func init() {
 		hashFunc: crypto.SHA256,
 	}
 
+	// This is the group called diffie-hellman-group16-sha512 in RFC
+	// 8268 and Oakley Group 16 in RFC 3526.
+	p, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF6955817183995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200CBBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199FFFFFFFFFFFFFFFF", 16)
+
+	kexAlgoMap[kexAlgoDH16SHA512] = &dhGroup{
+		g:        new(big.Int).SetInt64(2),
+		p:        p,
+		pMinus1:  new(big.Int).Sub(p, bigOne),
+		hashFunc: crypto.SHA512,
+	}
+
 	kexAlgoMap[kexAlgoECDH521] = &ecdh{elliptic.P521()}
 	kexAlgoMap[kexAlgoECDH384] = &ecdh{elliptic.P384()}
 	kexAlgoMap[kexAlgoECDH256] = &ecdh{elliptic.P256()}
diff --git a/vendor/golang.org/x/crypto/ssh/mac.go b/vendor/golang.org/x/crypto/ssh/mac.go
index 0a21af47e..06a1b2750 100644
--- a/vendor/golang.org/x/crypto/ssh/mac.go
+++ b/vendor/golang.org/x/crypto/ssh/mac.go
@@ -53,6 +53,9 @@ var macModes = map[string]*macMode{
 	"hmac-sha2-256-etm@openssh.com": {32, true, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
 	}},
+	"hmac-sha2-512": {64, false, func(key []byte) hash.Hash {
+		return hmac.New(sha512.New, key)
+	}},
 	"hmac-sha2-256": {32, false, func(key []byte) hash.Hash {
 		return hmac.New(sha256.New, key)
 	}},
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index 9e3870292..b21322aff 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -370,6 +370,25 @@ func gssExchangeToken(gssapiConfig *GSSAPIWithMICConfig, firstToken []byte, s *c
 	return authErr, perms, nil
 }
 
+// isAlgoCompatible checks if the signature format is compatible with the
+// selected algorithm taking into account edge cases that occur with old
+// clients.
+func isAlgoCompatible(algo, sigFormat string) bool {
+	// Compatibility for old clients.
+	//
+	// For certificate authentication with OpenSSH 7.2-7.7 signature format can
+	// be rsa-sha2-256 or rsa-sha2-512 for the algorithm
+	// ssh-rsa-cert-v01@openssh.com.
+	//
+	// With gpg-agent < 2.2.6 the algorithm can be rsa-sha2-256 or rsa-sha2-512
+	// for signature format ssh-rsa.
+	if isRSA(algo) && isRSA(sigFormat) {
+		return true
+	}
+	// Standard case: the underlying algorithm must match the signature format.
+	return underlyingAlgo(algo) == sigFormat
+}
+
 // ServerAuthError represents server authentication errors and is
 // sometimes returned by NewServerConn. It appends any authentication
 // errors that may occur, and is returned if all of the authentication
@@ -567,7 +586,7 @@ userAuthLoop:
 					authErr = fmt.Errorf("ssh: algorithm %q not accepted", sig.Format)
 					break
 				}
-				if underlyingAlgo(algo) != sig.Format {
+				if !isAlgoCompatible(algo, sig.Format) {
 					authErr = fmt.Errorf("ssh: signature %q not compatible with selected algorithm %q", sig.Format, algo)
 					break
 				}
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index 315646271..8f775fafa 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -519,7 +519,7 @@ ccflags="$@"
 		$2 ~ /^LOCK_(SH|EX|NB|UN)$/ ||
 		$2 ~ /^LO_(KEY|NAME)_SIZE$/ ||
 		$2 ~ /^LOOP_(CLR|CTL|GET|SET)_/ ||
-		$2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ ||
+		$2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MREMAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ ||
 		$2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ ||
 		$2 ~ /^NFC_.*_(MAX)?SIZE$/ ||
 		$2 ~ /^RAW_PAYLOAD_/ ||
@@ -624,7 +624,7 @@ ccflags="$@"
 		$2 ~ /^MEM/ ||
 		$2 ~ /^WG/ ||
 		$2 ~ /^FIB_RULE_/ ||
-		$2 ~ /^BLK[A-Z]*(GET$|SET$|BUF$|PART$|SIZE)/ {printf("\t%s = C.%s\n", $2, $2)}
+		$2 ~ /^BLK[A-Z]*(GET$|SET$|BUF$|PART$|SIZE|IOMIN$|IOOPT$|ALIGNOFF$|DISCARD|ROTATIONAL$|ZEROOUT$|GETDISKSEQ$)/ {printf("\t%s = C.%s\n", $2, $2)}
 		$2 ~ /^__WCOREFLAG$/ {next}
 		$2 ~ /^__W[A-Z0-9]+$/ {printf("\t%s = C.%s\n", substr($2,3), $2)}
 
diff --git a/vendor/golang.org/x/sys/unix/mmap_nomremap.go b/vendor/golang.org/x/sys/unix/mmap_nomremap.go
new file mode 100644
index 000000000..ca0513632
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/mmap_nomremap.go
@@ -0,0 +1,14 @@
+// Copyright 2023 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build aix || darwin || dragonfly || freebsd || openbsd || solaris
+// +build aix darwin dragonfly freebsd openbsd solaris
+
+package unix
+
+var mapper = &mmapper{
+	active: make(map[*byte][]byte),
+	mmap:   mmap,
+	munmap: munmap,
+}
diff --git a/vendor/golang.org/x/sys/unix/mremap.go b/vendor/golang.org/x/sys/unix/mremap.go
new file mode 100644
index 000000000..fa93d0aa9
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/mremap.go
@@ -0,0 +1,53 @@
+// Copyright 2023 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux || netbsd
+// +build linux netbsd
+
+package unix
+
+import "unsafe"
+
+type mremapMmapper struct {
+	mmapper
+	mremap func(oldaddr uintptr, oldlength uintptr, newlength uintptr, flags int, newaddr uintptr) (xaddr uintptr, err error)
+}
+
+var mapper = &mremapMmapper{
+	mmapper: mmapper{
+		active: make(map[*byte][]byte),
+		mmap:   mmap,
+		munmap: munmap,
+	},
+	mremap: mremap,
+}
+
+func (m *mremapMmapper) Mremap(oldData []byte, newLength int, flags int) (data []byte, err error) {
+	if newLength <= 0 || len(oldData) == 0 || len(oldData) != cap(oldData) || flags&mremapFixed != 0 {
+		return nil, EINVAL
+	}
+
+	pOld := &oldData[cap(oldData)-1]
+	m.Lock()
+	defer m.Unlock()
+	bOld := m.active[pOld]
+	if bOld == nil || &bOld[0] != &oldData[0] {
+		return nil, EINVAL
+	}
+	newAddr, errno := m.mremap(uintptr(unsafe.Pointer(&bOld[0])), uintptr(len(bOld)), uintptr(newLength), flags, 0)
+	if errno != nil {
+		return nil, errno
+	}
+	bNew := unsafe.Slice((*byte)(unsafe.Pointer(newAddr)), newLength)
+	pNew := &bNew[cap(bNew)-1]
+	if flags&mremapDontunmap == 0 {
+		delete(m.active, pOld)
+	}
+	m.active[pNew] = bNew
+	return bNew, nil
+}
+
+func Mremap(oldData []byte, newLength int, flags int) (data []byte, err error) {
+	return mapper.Mremap(oldData, newLength, flags)
+}
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix.go b/vendor/golang.org/x/sys/unix/syscall_aix.go
index c406ae00f..9a6e5acac 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix.go
@@ -535,21 +535,6 @@ func Fsync(fd int) error {
 //sys	sendmsg(s int, msg *Msghdr, flags int) (n int, err error) = nsendmsg
 
 //sys	munmap(addr uintptr, length uintptr) (err error)
-
-var mapper = &mmapper{
-	active: make(map[*byte][]byte),
-	mmap:   mmap,
-	munmap: munmap,
-}
-
-func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
-	return mapper.Mmap(fd, offset, length, prot, flags)
-}
-
-func Munmap(b []byte) (err error) {
-	return mapper.Munmap(b)
-}
-
 //sys	Madvise(b []byte, advice int) (err error)
 //sys	Mprotect(b []byte, prot int) (err error)
 //sys	Mlock(b []byte) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go
index 7705c3270..4217de518 100644
--- a/vendor/golang.org/x/sys/unix/syscall_bsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go
@@ -601,20 +601,6 @@ func Poll(fds []PollFd, timeout int) (n int, err error) {
 //	Gethostuuid(uuid *byte, timeout *Timespec) (err error)
 //	Ptrace(req int, pid int, addr uintptr, data int) (ret uintptr, err error)
 
-var mapper = &mmapper{
-	active: make(map[*byte][]byte),
-	mmap:   mmap,
-	munmap: munmap,
-}
-
-func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
-	return mapper.Mmap(fd, offset, length, prot, flags)
-}
-
-func Munmap(b []byte) (err error) {
-	return mapper.Munmap(b)
-}
-
 //sys	Madvise(b []byte, behav int) (err error)
 //sys	Mlock(b []byte) (err error)
 //sys	Mlockall(flags int) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go
index 206921504..135cc3cd7 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go
@@ -510,30 +510,36 @@ func SysctlKinfoProcSlice(name string, args ...int) ([]KinfoProc, error) {
 		return nil, err
 	}
 
-	// Find size.
-	n := uintptr(0)
-	if err := sysctl(mib, nil, &n, nil, 0); err != nil {
-		return nil, err
-	}
-	if n == 0 {
-		return nil, nil
-	}
-	if n%SizeofKinfoProc != 0 {
-		return nil, fmt.Errorf("sysctl() returned a size of %d, which is not a multiple of %d", n, SizeofKinfoProc)
-	}
+	for {
+		// Find size.
+		n := uintptr(0)
+		if err := sysctl(mib, nil, &n, nil, 0); err != nil {
+			return nil, err
+		}
+		if n == 0 {
+			return nil, nil
+		}
+		if n%SizeofKinfoProc != 0 {
+			return nil, fmt.Errorf("sysctl() returned a size of %d, which is not a multiple of %d", n, SizeofKinfoProc)
+		}
 
-	// Read into buffer of that size.
-	buf := make([]KinfoProc, n/SizeofKinfoProc)
-	if err := sysctl(mib, (*byte)(unsafe.Pointer(&buf[0])), &n, nil, 0); err != nil {
-		return nil, err
-	}
-	if n%SizeofKinfoProc != 0 {
-		return nil, fmt.Errorf("sysctl() returned a size of %d, which is not a multiple of %d", n, SizeofKinfoProc)
-	}
+		// Read into buffer of that size.
+		buf := make([]KinfoProc, n/SizeofKinfoProc)
+		if err := sysctl(mib, (*byte)(unsafe.Pointer(&buf[0])), &n, nil, 0); err != nil {
+			if err == ENOMEM {
+				// Process table grew. Try again.
+				continue
+			}
+			return nil, err
+		}
+		if n%SizeofKinfoProc != 0 {
+			return nil, fmt.Errorf("sysctl() returned a size of %d, which is not a multiple of %d", n, SizeofKinfoProc)
+		}
 
-	// The actual call may return less than the original reported required
-	// size so ensure we deal with that.
-	return buf[:n/SizeofKinfoProc], nil
+		// The actual call may return less than the original reported required
+		// size so ensure we deal with that.
+		return buf[:n/SizeofKinfoProc], nil
+	}
 }
 
 //sys	sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index 6de486bef..a730878e4 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -1885,7 +1885,7 @@ func Getpgrp() (pid int) {
 //sys	PerfEventOpen(attr *PerfEventAttr, pid int, cpu int, groupFd int, flags int) (fd int, err error)
 //sys	PivotRoot(newroot string, putold string) (err error) = SYS_PIVOT_ROOT
 //sys	Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error)
-//sys	Pselect(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timespec, sigmask *Sigset_t) (n int, err error) = SYS_PSELECT6
+//sys	pselect6(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timespec, sigmask *sigset_argpack) (n int, err error)
 //sys	read(fd int, p []byte) (n int, err error)
 //sys	Removexattr(path string, attr string) (err error)
 //sys	Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error)
@@ -2124,21 +2124,7 @@ func writevRacedetect(iovecs []Iovec, n int) {
 
 // mmap varies by architecture; see syscall_linux_*.go.
 //sys	munmap(addr uintptr, length uintptr) (err error)
-
-var mapper = &mmapper{
-	active: make(map[*byte][]byte),
-	mmap:   mmap,
-	munmap: munmap,
-}
-
-func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
-	return mapper.Mmap(fd, offset, length, prot, flags)
-}
-
-func Munmap(b []byte) (err error) {
-	return mapper.Munmap(b)
-}
-
+//sys	mremap(oldaddr uintptr, oldlength uintptr, newlength uintptr, flags int, newaddr uintptr) (xaddr uintptr, err error)
 //sys	Madvise(b []byte, advice int) (err error)
 //sys	Mprotect(b []byte, prot int) (err error)
 //sys	Mlock(b []byte) (err error)
@@ -2147,6 +2133,12 @@ func Munmap(b []byte) (err error) {
 //sys	Munlock(b []byte) (err error)
 //sys	Munlockall() (err error)
 
+const (
+	mremapFixed     = MREMAP_FIXED
+	mremapDontunmap = MREMAP_DONTUNMAP
+	mremapMaymove   = MREMAP_MAYMOVE
+)
+
 // Vmsplice splices user pages from a slice of Iovecs into a pipe specified by fd,
 // using the specified flags.
 func Vmsplice(fd int, iovs []Iovec, flags int) (int, error) {
@@ -2446,6 +2438,39 @@ func Getresgid() (rgid, egid, sgid int) {
 	return int(r), int(e), int(s)
 }
 
+// Pselect is a wrapper around the Linux pselect6 system call.
+// This version does not modify the timeout argument.
+func Pselect(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
+	// Per https://man7.org/linux/man-pages/man2/select.2.html#NOTES,
+	// The Linux pselect6() system call modifies its timeout argument.
+	// [Not modifying the argument] is the behavior required by POSIX.1-2001.
+	var mutableTimeout *Timespec
+	if timeout != nil {
+		mutableTimeout = new(Timespec)
+		*mutableTimeout = *timeout
+	}
+
+	// The final argument of the pselect6() system call is not a
+	// sigset_t * pointer, but is instead a structure
+	var kernelMask *sigset_argpack
+	if sigmask != nil {
+		wordBits := 32 << (^uintptr(0) >> 63) // see math.intSize
+
+		// A sigset stores one bit per signal,
+		// offset by 1 (because signal 0 does not exist).
+		// So the number of words needed is ⌈__C_NSIG - 1 / wordBits⌉.
+		sigsetWords := (_C__NSIG - 1 + wordBits - 1) / (wordBits)
+
+		sigsetBytes := uintptr(sigsetWords * (wordBits / 8))
+		kernelMask = &sigset_argpack{
+			ss:    sigmask,
+			ssLen: sigsetBytes,
+		}
+	}
+
+	return pselect6(nfd, r, w, e, mutableTimeout, kernelMask)
+}
+
 /*
  * Unimplemented
  */
@@ -2487,7 +2512,6 @@ func Getresgid() (rgid, egid, sgid int) {
 // MqTimedreceive
 // MqTimedsend
 // MqUnlink
-// Mremap
 // Msgctl
 // Msgget
 // Msgrcv
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go
index 5b21fcfd7..70601ce36 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go
@@ -40,7 +40,7 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err
 	if timeout != nil {
 		ts = &Timespec{Sec: timeout.Sec, Nsec: timeout.Usec * 1000}
 	}
-	return Pselect(nfd, r, w, e, ts, nil)
+	return pselect6(nfd, r, w, e, ts, nil)
 }
 
 //sys	sendfile(outfd int, infd int, offset *int64, count int) (written int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
index a81f5742b..f5266689a 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
@@ -33,7 +33,7 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err
 	if timeout != nil {
 		ts = &Timespec{Sec: timeout.Sec, Nsec: timeout.Usec * 1000}
 	}
-	return Pselect(nfd, r, w, e, ts, nil)
+	return pselect6(nfd, r, w, e, ts, nil)
 }
 
 //sys	sendfile(outfd int, infd int, offset *int64, count int) (written int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
index 69d2d7c3d..f6ab02ec1 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
@@ -28,7 +28,7 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err
 	if timeout != nil {
 		ts = &Timespec{Sec: timeout.Sec, Nsec: timeout.Usec * 1000}
 	}
-	return Pselect(nfd, r, w, e, ts, nil)
+	return pselect6(nfd, r, w, e, ts, nil)
 }
 
 //sys	sendfile(outfd int, infd int, offset *int64, count int) (written int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go
index 76d564095..93fe59d25 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go
@@ -31,7 +31,7 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err
 	if timeout != nil {
 		ts = &Timespec{Sec: timeout.Sec, Nsec: timeout.Usec * 1000}
 	}
-	return Pselect(nfd, r, w, e, ts, nil)
+	return pselect6(nfd, r, w, e, ts, nil)
 }
 
 //sys	sendfile(outfd int, infd int, offset *int64, count int) (written int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
index 35851ef70..5e6ceee12 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
@@ -32,7 +32,7 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err
 	if timeout != nil {
 		ts = &Timespec{Sec: timeout.Sec, Nsec: timeout.Usec * 1000}
 	}
-	return Pselect(nfd, r, w, e, ts, nil)
+	return pselect6(nfd, r, w, e, ts, nil)
 }
 
 //sys	sendfile(outfd int, infd int, offset *int64, count int) (written int, err error)
@@ -177,3 +177,14 @@ func KexecFileLoad(kernelFd int, initrdFd int, cmdline string, flags int) error
 	}
 	return kexecFileLoad(kernelFd, initrdFd, cmdlineLen, cmdline, flags)
 }
+
+//sys	riscvHWProbe(pairs []RISCVHWProbePairs, cpuCount uintptr, cpus *CPUSet, flags uint) (err error)
+
+func RISCVHWProbe(pairs []RISCVHWProbePairs, set *CPUSet, flags uint) (err error) {
+	var setSize uintptr
+
+	if set != nil {
+		setSize = uintptr(unsafe.Sizeof(*set))
+	}
+	return riscvHWProbe(pairs, setSize, set, flags)
+}
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd.go b/vendor/golang.org/x/sys/unix/syscall_netbsd.go
index 018d7d478..ddd1ac853 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd.go
@@ -360,6 +360,18 @@ func Statvfs(path string, buf *Statvfs_t) (err error) {
 //sys	writelen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_WRITE
 //sys	utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error)
 
+const (
+	mremapFixed     = MAP_FIXED
+	mremapDontunmap = 0
+	mremapMaymove   = 0
+)
+
+//sys	mremapNetBSD(oldp uintptr, oldsize uintptr, newp uintptr, newsize uintptr, flags int) (xaddr uintptr, err error) = SYS_MREMAP
+
+func mremap(oldaddr uintptr, oldlength uintptr, newlength uintptr, flags int, newaddr uintptr) (uintptr, error) {
+	return mremapNetBSD(oldaddr, oldlength, newaddr, newlength, flags)
+}
+
 /*
  * Unimplemented
  */
@@ -564,7 +576,6 @@ func Statvfs(path string, buf *Statvfs_t) (err error) {
 // mq_timedreceive
 // mq_timedsend
 // mq_unlink
-// mremap
 // msgget
 // msgrcv
 // msgsnd
diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go
index b600a289d..72d23575f 100644
--- a/vendor/golang.org/x/sys/unix/syscall_solaris.go
+++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go
@@ -716,20 +716,6 @@ func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
 	return
 }
 
-var mapper = &mmapper{
-	active: make(map[*byte][]byte),
-	mmap:   mmap,
-	munmap: munmap,
-}
-
-func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
-	return mapper.Mmap(fd, offset, length, prot, flags)
-}
-
-func Munmap(b []byte) (err error) {
-	return mapper.Munmap(b)
-}
-
 // Event Ports
 
 type fileObjCookie struct {
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix.go b/vendor/golang.org/x/sys/unix/syscall_unix.go
index 8e48c29ec..8bb30e7ce 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix.go
@@ -147,6 +147,14 @@ func (m *mmapper) Munmap(data []byte) (err error) {
 	return nil
 }
 
+func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
+	return mapper.Mmap(fd, offset, length, prot, flags)
+}
+
+func Munmap(b []byte) (err error) {
+	return mapper.Munmap(b)
+}
+
 func Read(fd int, p []byte) (n int, err error) {
 	n, err = read(fd, p)
 	if raceenabled {
diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
index d3d49ec3e..44e72edb4 100644
--- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
@@ -285,25 +285,11 @@ func Close(fd int) (err error) {
 	return
 }
 
-var mapper = &mmapper{
-	active: make(map[*byte][]byte),
-	mmap:   mmap,
-	munmap: munmap,
-}
-
 // Dummy function: there are no semantics for Madvise on z/OS
 func Madvise(b []byte, advice int) (err error) {
 	return
 }
 
-func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
-	return mapper.Mmap(fd, offset, length, prot, flags)
-}
-
-func Munmap(b []byte) (err error) {
-	return mapper.Munmap(b)
-}
-
 //sys   Gethostname(buf []byte) (err error) = SYS___GETHOSTNAME_A
 //sysnb	Getegid() (egid int)
 //sysnb	Geteuid() (uid int)
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index de936b677..3784f402e 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -493,6 +493,7 @@ const (
 	BPF_F_TEST_RUN_ON_CPU                       = 0x1
 	BPF_F_TEST_STATE_FREQ                       = 0x8
 	BPF_F_TEST_XDP_LIVE_FRAMES                  = 0x2
+	BPF_F_XDP_DEV_BOUND_ONLY                    = 0x40
 	BPF_F_XDP_HAS_FRAGS                         = 0x20
 	BPF_H                                       = 0x8
 	BPF_IMM                                     = 0x0
@@ -826,9 +827,9 @@ const (
 	DM_UUID_FLAG                                = 0x4000
 	DM_UUID_LEN                                 = 0x81
 	DM_VERSION                                  = 0xc138fd00
-	DM_VERSION_EXTRA                            = "-ioctl (2022-07-28)"
+	DM_VERSION_EXTRA                            = "-ioctl (2023-03-01)"
 	DM_VERSION_MAJOR                            = 0x4
-	DM_VERSION_MINOR                            = 0x2f
+	DM_VERSION_MINOR                            = 0x30
 	DM_VERSION_PATCHLEVEL                       = 0x0
 	DT_BLK                                      = 0x6
 	DT_CHR                                      = 0x2
@@ -1197,6 +1198,7 @@ const (
 	FAN_EVENT_METADATA_LEN                      = 0x18
 	FAN_EVENT_ON_CHILD                          = 0x8000000
 	FAN_FS_ERROR                                = 0x8000
+	FAN_INFO                                    = 0x20
 	FAN_MARK_ADD                                = 0x1
 	FAN_MARK_DONT_FOLLOW                        = 0x4
 	FAN_MARK_EVICTABLE                          = 0x200
@@ -1233,6 +1235,8 @@ const (
 	FAN_REPORT_PIDFD                            = 0x80
 	FAN_REPORT_TARGET_FID                       = 0x1000
 	FAN_REPORT_TID                              = 0x100
+	FAN_RESPONSE_INFO_AUDIT_RULE                = 0x1
+	FAN_RESPONSE_INFO_NONE                      = 0x0
 	FAN_UNLIMITED_MARKS                         = 0x20
 	FAN_UNLIMITED_QUEUE                         = 0x10
 	FD_CLOEXEC                                  = 0x1
@@ -1860,6 +1864,7 @@ const (
 	MEMWRITEOOB64                               = 0xc0184d15
 	MFD_ALLOW_SEALING                           = 0x2
 	MFD_CLOEXEC                                 = 0x1
+	MFD_EXEC                                    = 0x10
 	MFD_HUGETLB                                 = 0x4
 	MFD_HUGE_16GB                               = 0x88000000
 	MFD_HUGE_16MB                               = 0x60000000
@@ -1875,6 +1880,7 @@ const (
 	MFD_HUGE_8MB                                = 0x5c000000
 	MFD_HUGE_MASK                               = 0x3f
 	MFD_HUGE_SHIFT                              = 0x1a
+	MFD_NOEXEC_SEAL                             = 0x8
 	MINIX2_SUPER_MAGIC                          = 0x2468
 	MINIX2_SUPER_MAGIC2                         = 0x2478
 	MINIX3_SUPER_MAGIC                          = 0x4d5a
@@ -1898,6 +1904,9 @@ const (
 	MOUNT_ATTR_SIZE_VER0                        = 0x20
 	MOUNT_ATTR_STRICTATIME                      = 0x20
 	MOUNT_ATTR__ATIME                           = 0x70
+	MREMAP_DONTUNMAP                            = 0x4
+	MREMAP_FIXED                                = 0x2
+	MREMAP_MAYMOVE                              = 0x1
 	MSDOS_SUPER_MAGIC                           = 0x4d44
 	MSG_BATCH                                   = 0x40000
 	MSG_CMSG_CLOEXEC                            = 0x40000000
@@ -2204,6 +2213,7 @@ const (
 	PACKET_USER                                 = 0x6
 	PACKET_VERSION                              = 0xa
 	PACKET_VNET_HDR                             = 0xf
+	PACKET_VNET_HDR_SZ                          = 0x18
 	PARITY_CRC16_PR0                            = 0x2
 	PARITY_CRC16_PR0_CCITT                      = 0x4
 	PARITY_CRC16_PR1                            = 0x3
@@ -2221,6 +2231,7 @@ const (
 	PERF_ATTR_SIZE_VER5                         = 0x70
 	PERF_ATTR_SIZE_VER6                         = 0x78
 	PERF_ATTR_SIZE_VER7                         = 0x80
+	PERF_ATTR_SIZE_VER8                         = 0x88
 	PERF_AUX_FLAG_COLLISION                     = 0x8
 	PERF_AUX_FLAG_CORESIGHT_FORMAT_CORESIGHT    = 0x0
 	PERF_AUX_FLAG_CORESIGHT_FORMAT_RAW          = 0x100
@@ -2361,6 +2372,7 @@ const (
 	PR_FP_EXC_UND                               = 0x40000
 	PR_FP_MODE_FR                               = 0x1
 	PR_FP_MODE_FRE                              = 0x2
+	PR_GET_AUXV                                 = 0x41555856
 	PR_GET_CHILD_SUBREAPER                      = 0x25
 	PR_GET_DUMPABLE                             = 0x3
 	PR_GET_ENDIAN                               = 0x13
@@ -2369,6 +2381,8 @@ const (
 	PR_GET_FP_MODE                              = 0x2e
 	PR_GET_IO_FLUSHER                           = 0x3a
 	PR_GET_KEEPCAPS                             = 0x7
+	PR_GET_MDWE                                 = 0x42
+	PR_GET_MEMORY_MERGE                         = 0x44
 	PR_GET_NAME                                 = 0x10
 	PR_GET_NO_NEW_PRIVS                         = 0x27
 	PR_GET_PDEATHSIG                            = 0x2
@@ -2389,6 +2403,7 @@ const (
 	PR_MCE_KILL_GET                             = 0x22
 	PR_MCE_KILL_LATE                            = 0x0
 	PR_MCE_KILL_SET                             = 0x1
+	PR_MDWE_REFUSE_EXEC_GAIN                    = 0x1
 	PR_MPX_DISABLE_MANAGEMENT                   = 0x2c
 	PR_MPX_ENABLE_MANAGEMENT                    = 0x2b
 	PR_MTE_TAG_MASK                             = 0x7fff8
@@ -2423,6 +2438,8 @@ const (
 	PR_SET_FP_MODE                              = 0x2d
 	PR_SET_IO_FLUSHER                           = 0x39
 	PR_SET_KEEPCAPS                             = 0x8
+	PR_SET_MDWE                                 = 0x41
+	PR_SET_MEMORY_MERGE                         = 0x43
 	PR_SET_MM                                   = 0x23
 	PR_SET_MM_ARG_END                           = 0x9
 	PR_SET_MM_ARG_START                         = 0x8
@@ -2506,6 +2523,7 @@ const (
 	PTRACE_GETSIGMASK                           = 0x420a
 	PTRACE_GET_RSEQ_CONFIGURATION               = 0x420f
 	PTRACE_GET_SYSCALL_INFO                     = 0x420e
+	PTRACE_GET_SYSCALL_USER_DISPATCH_CONFIG     = 0x4211
 	PTRACE_INTERRUPT                            = 0x4207
 	PTRACE_KILL                                 = 0x8
 	PTRACE_LISTEN                               = 0x4208
@@ -2536,6 +2554,7 @@ const (
 	PTRACE_SETREGSET                            = 0x4205
 	PTRACE_SETSIGINFO                           = 0x4203
 	PTRACE_SETSIGMASK                           = 0x420b
+	PTRACE_SET_SYSCALL_USER_DISPATCH_CONFIG     = 0x4210
 	PTRACE_SINGLESTEP                           = 0x9
 	PTRACE_SYSCALL                              = 0x18
 	PTRACE_SYSCALL_INFO_ENTRY                   = 0x1
@@ -3072,7 +3091,7 @@ const (
 	TASKSTATS_GENL_NAME                         = "TASKSTATS"
 	TASKSTATS_GENL_VERSION                      = 0x1
 	TASKSTATS_TYPE_MAX                          = 0x6
-	TASKSTATS_VERSION                           = 0xd
+	TASKSTATS_VERSION                           = 0xe
 	TCIFLUSH                                    = 0x0
 	TCIOFF                                      = 0x2
 	TCIOFLUSH                                   = 0x2
@@ -3238,6 +3257,7 @@ const (
 	TP_STATUS_COPY                              = 0x2
 	TP_STATUS_CSUMNOTREADY                      = 0x8
 	TP_STATUS_CSUM_VALID                        = 0x80
+	TP_STATUS_GSO_TCP                           = 0x100
 	TP_STATUS_KERNEL                            = 0x0
 	TP_STATUS_LOSING                            = 0x4
 	TP_STATUS_SENDING                           = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index a46df0f1e..cfb143001 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x127a
 	BLKBSZGET                        = 0x80041270
 	BLKBSZSET                        = 0x40041271
+	BLKDISCARD                       = 0x1277
+	BLKDISCARDZEROES                 = 0x127c
 	BLKFLSBUF                        = 0x1261
 	BLKFRAGET                        = 0x1265
 	BLKFRASET                        = 0x1264
+	BLKGETDISKSEQ                    = 0x80081280
 	BLKGETSIZE                       = 0x1260
 	BLKGETSIZE64                     = 0x80041272
+	BLKIOMIN                         = 0x1278
+	BLKIOOPT                         = 0x1279
 	BLKPBSZGET                       = 0x127b
 	BLKRAGET                         = 0x1263
 	BLKRASET                         = 0x1262
 	BLKROGET                         = 0x125e
 	BLKROSET                         = 0x125d
+	BLKROTATIONAL                    = 0x127e
 	BLKRRPART                        = 0x125f
+	BLKSECDISCARD                    = 0x127d
 	BLKSECTGET                       = 0x1267
 	BLKSECTSET                       = 0x1266
 	BLKSSZGET                        = 0x1268
+	BLKZEROOUT                       = 0x127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index 6cd4a3ea9..df64f2d59 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x127a
 	BLKBSZGET                        = 0x80081270
 	BLKBSZSET                        = 0x40081271
+	BLKDISCARD                       = 0x1277
+	BLKDISCARDZEROES                 = 0x127c
 	BLKFLSBUF                        = 0x1261
 	BLKFRAGET                        = 0x1265
 	BLKFRASET                        = 0x1264
+	BLKGETDISKSEQ                    = 0x80081280
 	BLKGETSIZE                       = 0x1260
 	BLKGETSIZE64                     = 0x80081272
+	BLKIOMIN                         = 0x1278
+	BLKIOOPT                         = 0x1279
 	BLKPBSZGET                       = 0x127b
 	BLKRAGET                         = 0x1263
 	BLKRASET                         = 0x1262
 	BLKROGET                         = 0x125e
 	BLKROSET                         = 0x125d
+	BLKROTATIONAL                    = 0x127e
 	BLKRRPART                        = 0x125f
+	BLKSECDISCARD                    = 0x127d
 	BLKSECTGET                       = 0x1267
 	BLKSECTSET                       = 0x1266
 	BLKSSZGET                        = 0x1268
+	BLKZEROOUT                       = 0x127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index c7ebee24d..3025cd5b2 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x127a
 	BLKBSZGET                        = 0x80041270
 	BLKBSZSET                        = 0x40041271
+	BLKDISCARD                       = 0x1277
+	BLKDISCARDZEROES                 = 0x127c
 	BLKFLSBUF                        = 0x1261
 	BLKFRAGET                        = 0x1265
 	BLKFRASET                        = 0x1264
+	BLKGETDISKSEQ                    = 0x80081280
 	BLKGETSIZE                       = 0x1260
 	BLKGETSIZE64                     = 0x80041272
+	BLKIOMIN                         = 0x1278
+	BLKIOOPT                         = 0x1279
 	BLKPBSZGET                       = 0x127b
 	BLKRAGET                         = 0x1263
 	BLKRASET                         = 0x1262
 	BLKROGET                         = 0x125e
 	BLKROSET                         = 0x125d
+	BLKROTATIONAL                    = 0x127e
 	BLKRRPART                        = 0x125f
+	BLKSECDISCARD                    = 0x127d
 	BLKSECTGET                       = 0x1267
 	BLKSECTSET                       = 0x1266
 	BLKSSZGET                        = 0x1268
+	BLKZEROOUT                       = 0x127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index 9d5352c3e..09e1ffbef 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x127a
 	BLKBSZGET                        = 0x80081270
 	BLKBSZSET                        = 0x40081271
+	BLKDISCARD                       = 0x1277
+	BLKDISCARDZEROES                 = 0x127c
 	BLKFLSBUF                        = 0x1261
 	BLKFRAGET                        = 0x1265
 	BLKFRASET                        = 0x1264
+	BLKGETDISKSEQ                    = 0x80081280
 	BLKGETSIZE                       = 0x1260
 	BLKGETSIZE64                     = 0x80081272
+	BLKIOMIN                         = 0x1278
+	BLKIOOPT                         = 0x1279
 	BLKPBSZGET                       = 0x127b
 	BLKRAGET                         = 0x1263
 	BLKRASET                         = 0x1262
 	BLKROGET                         = 0x125e
 	BLKROSET                         = 0x125d
+	BLKROTATIONAL                    = 0x127e
 	BLKRRPART                        = 0x125f
+	BLKSECDISCARD                    = 0x127d
 	BLKSECTGET                       = 0x1267
 	BLKSECTSET                       = 0x1266
 	BLKSSZGET                        = 0x1268
+	BLKZEROOUT                       = 0x127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
@@ -443,6 +452,7 @@ const (
 	TIOCSWINSZ                       = 0x5414
 	TIOCVHANGUP                      = 0x5437
 	TOSTOP                           = 0x100
+	TPIDR2_MAGIC                     = 0x54504902
 	TUNATTACHFILTER                  = 0x401054d5
 	TUNDETACHFILTER                  = 0x401054d6
 	TUNGETDEVNETNS                   = 0x54e3
@@ -515,6 +525,7 @@ const (
 	XCASE                            = 0x4
 	XTABS                            = 0x1800
 	ZA_MAGIC                         = 0x54366345
+	ZT_MAGIC                         = 0x5a544e01
 	_HIDIOCGRAWNAME                  = 0x80804804
 	_HIDIOCGRAWPHYS                  = 0x80404805
 	_HIDIOCGRAWUNIQ                  = 0x80404808
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
index f26a164f4..a45723540 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x127a
 	BLKBSZGET                        = 0x80081270
 	BLKBSZSET                        = 0x40081271
+	BLKDISCARD                       = 0x1277
+	BLKDISCARDZEROES                 = 0x127c
 	BLKFLSBUF                        = 0x1261
 	BLKFRAGET                        = 0x1265
 	BLKFRASET                        = 0x1264
+	BLKGETDISKSEQ                    = 0x80081280
 	BLKGETSIZE                       = 0x1260
 	BLKGETSIZE64                     = 0x80081272
+	BLKIOMIN                         = 0x1278
+	BLKIOOPT                         = 0x1279
 	BLKPBSZGET                       = 0x127b
 	BLKRAGET                         = 0x1263
 	BLKRASET                         = 0x1262
 	BLKROGET                         = 0x125e
 	BLKROSET                         = 0x125d
+	BLKROTATIONAL                    = 0x127e
 	BLKRRPART                        = 0x125f
+	BLKSECDISCARD                    = 0x127d
 	BLKSECTGET                       = 0x1267
 	BLKSECTSET                       = 0x1266
 	BLKSSZGET                        = 0x1268
+	BLKZEROOUT                       = 0x127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index 890bc3c9b..fee7dfb81 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x2000127a
 	BLKBSZGET                        = 0x40041270
 	BLKBSZSET                        = 0x80041271
+	BLKDISCARD                       = 0x20001277
+	BLKDISCARDZEROES                 = 0x2000127c
 	BLKFLSBUF                        = 0x20001261
 	BLKFRAGET                        = 0x20001265
 	BLKFRASET                        = 0x20001264
+	BLKGETDISKSEQ                    = 0x40081280
 	BLKGETSIZE                       = 0x20001260
 	BLKGETSIZE64                     = 0x40041272
+	BLKIOMIN                         = 0x20001278
+	BLKIOOPT                         = 0x20001279
 	BLKPBSZGET                       = 0x2000127b
 	BLKRAGET                         = 0x20001263
 	BLKRASET                         = 0x20001262
 	BLKROGET                         = 0x2000125e
 	BLKROSET                         = 0x2000125d
+	BLKROTATIONAL                    = 0x2000127e
 	BLKRRPART                        = 0x2000125f
+	BLKSECDISCARD                    = 0x2000127d
 	BLKSECTGET                       = 0x20001267
 	BLKSECTSET                       = 0x20001266
 	BLKSSZGET                        = 0x20001268
+	BLKZEROOUT                       = 0x2000127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index 549f26ac6..a5b2373ae 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x2000127a
 	BLKBSZGET                        = 0x40081270
 	BLKBSZSET                        = 0x80081271
+	BLKDISCARD                       = 0x20001277
+	BLKDISCARDZEROES                 = 0x2000127c
 	BLKFLSBUF                        = 0x20001261
 	BLKFRAGET                        = 0x20001265
 	BLKFRASET                        = 0x20001264
+	BLKGETDISKSEQ                    = 0x40081280
 	BLKGETSIZE                       = 0x20001260
 	BLKGETSIZE64                     = 0x40081272
+	BLKIOMIN                         = 0x20001278
+	BLKIOOPT                         = 0x20001279
 	BLKPBSZGET                       = 0x2000127b
 	BLKRAGET                         = 0x20001263
 	BLKRASET                         = 0x20001262
 	BLKROGET                         = 0x2000125e
 	BLKROSET                         = 0x2000125d
+	BLKROTATIONAL                    = 0x2000127e
 	BLKRRPART                        = 0x2000125f
+	BLKSECDISCARD                    = 0x2000127d
 	BLKSECTGET                       = 0x20001267
 	BLKSECTSET                       = 0x20001266
 	BLKSSZGET                        = 0x20001268
+	BLKZEROOUT                       = 0x2000127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index e0365e32c..5dde82c98 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x2000127a
 	BLKBSZGET                        = 0x40081270
 	BLKBSZSET                        = 0x80081271
+	BLKDISCARD                       = 0x20001277
+	BLKDISCARDZEROES                 = 0x2000127c
 	BLKFLSBUF                        = 0x20001261
 	BLKFRAGET                        = 0x20001265
 	BLKFRASET                        = 0x20001264
+	BLKGETDISKSEQ                    = 0x40081280
 	BLKGETSIZE                       = 0x20001260
 	BLKGETSIZE64                     = 0x40081272
+	BLKIOMIN                         = 0x20001278
+	BLKIOOPT                         = 0x20001279
 	BLKPBSZGET                       = 0x2000127b
 	BLKRAGET                         = 0x20001263
 	BLKRASET                         = 0x20001262
 	BLKROGET                         = 0x2000125e
 	BLKROSET                         = 0x2000125d
+	BLKROTATIONAL                    = 0x2000127e
 	BLKRRPART                        = 0x2000125f
+	BLKSECDISCARD                    = 0x2000127d
 	BLKSECTGET                       = 0x20001267
 	BLKSECTSET                       = 0x20001266
 	BLKSSZGET                        = 0x20001268
+	BLKZEROOUT                       = 0x2000127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index fdccce15c..2e80ea6b3 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x2000127a
 	BLKBSZGET                        = 0x40041270
 	BLKBSZSET                        = 0x80041271
+	BLKDISCARD                       = 0x20001277
+	BLKDISCARDZEROES                 = 0x2000127c
 	BLKFLSBUF                        = 0x20001261
 	BLKFRAGET                        = 0x20001265
 	BLKFRASET                        = 0x20001264
+	BLKGETDISKSEQ                    = 0x40081280
 	BLKGETSIZE                       = 0x20001260
 	BLKGETSIZE64                     = 0x40041272
+	BLKIOMIN                         = 0x20001278
+	BLKIOOPT                         = 0x20001279
 	BLKPBSZGET                       = 0x2000127b
 	BLKRAGET                         = 0x20001263
 	BLKRASET                         = 0x20001262
 	BLKROGET                         = 0x2000125e
 	BLKROSET                         = 0x2000125d
+	BLKROTATIONAL                    = 0x2000127e
 	BLKRRPART                        = 0x2000125f
+	BLKSECDISCARD                    = 0x2000127d
 	BLKSECTGET                       = 0x20001267
 	BLKSECTSET                       = 0x20001266
 	BLKSSZGET                        = 0x20001268
+	BLKZEROOUT                       = 0x2000127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index b2205c83f..a65dcd7cb 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x10
 	B576000                          = 0x15
 	B921600                          = 0x16
+	BLKALIGNOFF                      = 0x2000127a
 	BLKBSZGET                        = 0x40041270
 	BLKBSZSET                        = 0x80041271
+	BLKDISCARD                       = 0x20001277
+	BLKDISCARDZEROES                 = 0x2000127c
 	BLKFLSBUF                        = 0x20001261
 	BLKFRAGET                        = 0x20001265
 	BLKFRASET                        = 0x20001264
+	BLKGETDISKSEQ                    = 0x40081280
 	BLKGETSIZE                       = 0x20001260
 	BLKGETSIZE64                     = 0x40041272
+	BLKIOMIN                         = 0x20001278
+	BLKIOOPT                         = 0x20001279
 	BLKPBSZGET                       = 0x2000127b
 	BLKRAGET                         = 0x20001263
 	BLKRASET                         = 0x20001262
 	BLKROGET                         = 0x2000125e
 	BLKROSET                         = 0x2000125d
+	BLKROTATIONAL                    = 0x2000127e
 	BLKRRPART                        = 0x2000125f
+	BLKSECDISCARD                    = 0x2000127d
 	BLKSECTGET                       = 0x20001267
 	BLKSECTSET                       = 0x20001266
 	BLKSSZGET                        = 0x20001268
+	BLKZEROOUT                       = 0x2000127f
 	BOTHER                           = 0x1f
 	BS1                              = 0x8000
 	BSDLY                            = 0x8000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index 81aa5ad0f..cbd34e3d8 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x10
 	B576000                          = 0x15
 	B921600                          = 0x16
+	BLKALIGNOFF                      = 0x2000127a
 	BLKBSZGET                        = 0x40081270
 	BLKBSZSET                        = 0x80081271
+	BLKDISCARD                       = 0x20001277
+	BLKDISCARDZEROES                 = 0x2000127c
 	BLKFLSBUF                        = 0x20001261
 	BLKFRAGET                        = 0x20001265
 	BLKFRASET                        = 0x20001264
+	BLKGETDISKSEQ                    = 0x40081280
 	BLKGETSIZE                       = 0x20001260
 	BLKGETSIZE64                     = 0x40081272
+	BLKIOMIN                         = 0x20001278
+	BLKIOOPT                         = 0x20001279
 	BLKPBSZGET                       = 0x2000127b
 	BLKRAGET                         = 0x20001263
 	BLKRASET                         = 0x20001262
 	BLKROGET                         = 0x2000125e
 	BLKROSET                         = 0x2000125d
+	BLKROTATIONAL                    = 0x2000127e
 	BLKRRPART                        = 0x2000125f
+	BLKSECDISCARD                    = 0x2000127d
 	BLKSECTGET                       = 0x20001267
 	BLKSECTSET                       = 0x20001266
 	BLKSSZGET                        = 0x20001268
+	BLKZEROOUT                       = 0x2000127f
 	BOTHER                           = 0x1f
 	BS1                              = 0x8000
 	BSDLY                            = 0x8000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index 76807a1fd..e4afa7a31 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x10
 	B576000                          = 0x15
 	B921600                          = 0x16
+	BLKALIGNOFF                      = 0x2000127a
 	BLKBSZGET                        = 0x40081270
 	BLKBSZSET                        = 0x80081271
+	BLKDISCARD                       = 0x20001277
+	BLKDISCARDZEROES                 = 0x2000127c
 	BLKFLSBUF                        = 0x20001261
 	BLKFRAGET                        = 0x20001265
 	BLKFRASET                        = 0x20001264
+	BLKGETDISKSEQ                    = 0x40081280
 	BLKGETSIZE                       = 0x20001260
 	BLKGETSIZE64                     = 0x40081272
+	BLKIOMIN                         = 0x20001278
+	BLKIOOPT                         = 0x20001279
 	BLKPBSZGET                       = 0x2000127b
 	BLKRAGET                         = 0x20001263
 	BLKRASET                         = 0x20001262
 	BLKROGET                         = 0x2000125e
 	BLKROSET                         = 0x2000125d
+	BLKROTATIONAL                    = 0x2000127e
 	BLKRRPART                        = 0x2000125f
+	BLKSECDISCARD                    = 0x2000127d
 	BLKSECTGET                       = 0x20001267
 	BLKSECTSET                       = 0x20001266
 	BLKSSZGET                        = 0x20001268
+	BLKZEROOUT                       = 0x2000127f
 	BOTHER                           = 0x1f
 	BS1                              = 0x8000
 	BSDLY                            = 0x8000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index d4a5ab9e4..44f45a039 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x127a
 	BLKBSZGET                        = 0x80081270
 	BLKBSZSET                        = 0x40081271
+	BLKDISCARD                       = 0x1277
+	BLKDISCARDZEROES                 = 0x127c
 	BLKFLSBUF                        = 0x1261
 	BLKFRAGET                        = 0x1265
 	BLKFRASET                        = 0x1264
+	BLKGETDISKSEQ                    = 0x80081280
 	BLKGETSIZE                       = 0x1260
 	BLKGETSIZE64                     = 0x80081272
+	BLKIOMIN                         = 0x1278
+	BLKIOOPT                         = 0x1279
 	BLKPBSZGET                       = 0x127b
 	BLKRAGET                         = 0x1263
 	BLKRASET                         = 0x1262
 	BLKROGET                         = 0x125e
 	BLKROSET                         = 0x125d
+	BLKROTATIONAL                    = 0x127e
 	BLKRRPART                        = 0x125f
+	BLKSECDISCARD                    = 0x127d
 	BLKSECTGET                       = 0x1267
 	BLKSECTSET                       = 0x1266
 	BLKSSZGET                        = 0x1268
+	BLKZEROOUT                       = 0x127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 66e65db95..74733e260 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -27,22 +27,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x127a
 	BLKBSZGET                        = 0x80081270
 	BLKBSZSET                        = 0x40081271
+	BLKDISCARD                       = 0x1277
+	BLKDISCARDZEROES                 = 0x127c
 	BLKFLSBUF                        = 0x1261
 	BLKFRAGET                        = 0x1265
 	BLKFRASET                        = 0x1264
+	BLKGETDISKSEQ                    = 0x80081280
 	BLKGETSIZE                       = 0x1260
 	BLKGETSIZE64                     = 0x80081272
+	BLKIOMIN                         = 0x1278
+	BLKIOOPT                         = 0x1279
 	BLKPBSZGET                       = 0x127b
 	BLKRAGET                         = 0x1263
 	BLKRASET                         = 0x1262
 	BLKROGET                         = 0x125e
 	BLKROSET                         = 0x125d
+	BLKROTATIONAL                    = 0x127e
 	BLKRRPART                        = 0x125f
+	BLKSECDISCARD                    = 0x127d
 	BLKSECTGET                       = 0x1267
 	BLKSECTSET                       = 0x1266
 	BLKSSZGET                        = 0x1268
+	BLKZEROOUT                       = 0x127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index 48984202c..f5f3934b1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -30,22 +30,31 @@ const (
 	B57600                           = 0x1001
 	B576000                          = 0x1006
 	B921600                          = 0x1007
+	BLKALIGNOFF                      = 0x2000127a
 	BLKBSZGET                        = 0x40081270
 	BLKBSZSET                        = 0x80081271
+	BLKDISCARD                       = 0x20001277
+	BLKDISCARDZEROES                 = 0x2000127c
 	BLKFLSBUF                        = 0x20001261
 	BLKFRAGET                        = 0x20001265
 	BLKFRASET                        = 0x20001264
+	BLKGETDISKSEQ                    = 0x40081280
 	BLKGETSIZE                       = 0x20001260
 	BLKGETSIZE64                     = 0x40081272
+	BLKIOMIN                         = 0x20001278
+	BLKIOOPT                         = 0x20001279
 	BLKPBSZGET                       = 0x2000127b
 	BLKRAGET                         = 0x20001263
 	BLKRASET                         = 0x20001262
 	BLKROGET                         = 0x2000125e
 	BLKROSET                         = 0x2000125d
+	BLKROTATIONAL                    = 0x2000127e
 	BLKRRPART                        = 0x2000125f
+	BLKSECDISCARD                    = 0x2000127d
 	BLKSECTGET                       = 0x20001267
 	BLKSECTSET                       = 0x20001266
 	BLKSSZGET                        = 0x20001268
+	BLKZEROOUT                       = 0x2000127f
 	BOTHER                           = 0x1000
 	BS1                              = 0x2000
 	BSDLY                            = 0x2000
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 722c29a00..a07321bed 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -1356,7 +1356,7 @@ func Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Pselect(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
+func pselect6(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timespec, sigmask *sigset_argpack) (n int, err error) {
 	r0, _, e1 := Syscall6(SYS_PSELECT6, uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)))
 	n = int(r0)
 	if e1 != 0 {
@@ -1868,6 +1868,17 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func mremap(oldaddr uintptr, oldlength uintptr, newlength uintptr, flags int, newaddr uintptr) (xaddr uintptr, err error) {
+	r0, _, e1 := Syscall6(SYS_MREMAP, uintptr(oldaddr), uintptr(oldlength), uintptr(newlength), uintptr(flags), uintptr(newaddr), 0)
+	xaddr = uintptr(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Madvise(b []byte, advice int) (err error) {
 	var _p0 unsafe.Pointer
 	if len(b) > 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go
index 0b2923958..0ab4f2ed7 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go
@@ -531,3 +531,19 @@ func kexecFileLoad(kernelFd int, initrdFd int, cmdlineLen int, cmdline string, f
 	}
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func riscvHWProbe(pairs []RISCVHWProbePairs, cpuCount uintptr, cpus *CPUSet, flags uint) (err error) {
+	var _p0 unsafe.Pointer
+	if len(pairs) > 0 {
+		_p0 = unsafe.Pointer(&pairs[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	_, _, e1 := Syscall6(SYS_RISCV_HWPROBE, uintptr(_p0), uintptr(len(pairs)), uintptr(cpuCount), uintptr(unsafe.Pointer(cpus)), uintptr(flags), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
index cdb2af5ae..35f499b32 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
@@ -1858,3 +1858,14 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 	}
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func mremapNetBSD(oldp uintptr, oldsize uintptr, newp uintptr, newsize uintptr, flags int) (xaddr uintptr, err error) {
+	r0, _, e1 := Syscall6(SYS_MREMAP, uintptr(oldp), uintptr(oldsize), uintptr(newp), uintptr(newsize), uintptr(flags), 0)
+	xaddr = uintptr(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
index 9d25f76b0..3cda65b0d 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
@@ -1858,3 +1858,14 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 	}
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func mremapNetBSD(oldp uintptr, oldsize uintptr, newp uintptr, newsize uintptr, flags int) (xaddr uintptr, err error) {
+	r0, _, e1 := Syscall6(SYS_MREMAP, uintptr(oldp), uintptr(oldsize), uintptr(newp), uintptr(newsize), uintptr(flags), 0)
+	xaddr = uintptr(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
index d3f803516..1e1fea902 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
@@ -1858,3 +1858,14 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 	}
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func mremapNetBSD(oldp uintptr, oldsize uintptr, newp uintptr, newsize uintptr, flags int) (xaddr uintptr, err error) {
+	r0, _, e1 := Syscall6(SYS_MREMAP, uintptr(oldp), uintptr(oldsize), uintptr(newp), uintptr(newsize), uintptr(flags), 0)
+	xaddr = uintptr(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
index 887188a52..3b77da110 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
@@ -1858,3 +1858,14 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 	}
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func mremapNetBSD(oldp uintptr, oldsize uintptr, newp uintptr, newsize uintptr, flags int) (xaddr uintptr, err error) {
+	r0, _, e1 := Syscall6(SYS_MREMAP, uintptr(oldp), uintptr(oldsize), uintptr(newp), uintptr(newsize), uintptr(flags), 0)
+	xaddr = uintptr(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index 3e594a8c0..ef285c567 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -251,6 +251,8 @@ const (
 	SYS_ACCEPT4                 = 242
 	SYS_RECVMMSG                = 243
 	SYS_ARCH_SPECIFIC_SYSCALL   = 244
+	SYS_RISCV_HWPROBE           = 258
+	SYS_RISCV_FLUSH_ICACHE      = 259
 	SYS_WAIT4                   = 260
 	SYS_PRLIMIT64               = 261
 	SYS_FANOTIFY_INIT           = 262
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index 7ea465204..e6ed7d637 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -372,6 +372,7 @@ const (
 	SYS_LANDLOCK_CREATE_RULESET = 444
 	SYS_LANDLOCK_ADD_RULE       = 445
 	SYS_LANDLOCK_RESTRICT_SELF  = 446
+	SYS_MEMFD_SECRET            = 447
 	SYS_PROCESS_MRELEASE        = 448
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 00c3b8c20..26ef52aaf 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -866,6 +866,11 @@ const (
 	POLLNVAL = 0x20
 )
 
+type sigset_argpack struct {
+	ss    *Sigset_t
+	ssLen uintptr
+}
+
 type SignalfdSiginfo struct {
 	Signo     uint32
 	Errno     int32
@@ -1538,6 +1543,10 @@ const (
 	IFLA_GRO_MAX_SIZE                          = 0x3a
 	IFLA_TSO_MAX_SIZE                          = 0x3b
 	IFLA_TSO_MAX_SEGS                          = 0x3c
+	IFLA_ALLMULTI                              = 0x3d
+	IFLA_DEVLINK_PORT                          = 0x3e
+	IFLA_GSO_IPV4_MAX_SIZE                     = 0x3f
+	IFLA_GRO_IPV4_MAX_SIZE                     = 0x40
 	IFLA_PROTO_DOWN_REASON_UNSPEC              = 0x0
 	IFLA_PROTO_DOWN_REASON_MASK                = 0x1
 	IFLA_PROTO_DOWN_REASON_VALUE               = 0x2
@@ -1968,7 +1977,7 @@ const (
 	NFT_MSG_GETFLOWTABLE              = 0x17
 	NFT_MSG_DELFLOWTABLE              = 0x18
 	NFT_MSG_GETRULE_RESET             = 0x19
-	NFT_MSG_MAX                       = 0x1a
+	NFT_MSG_MAX                       = 0x21
 	NFTA_LIST_UNSPEC                  = 0x0
 	NFTA_LIST_ELEM                    = 0x1
 	NFTA_HOOK_UNSPEC                  = 0x0
@@ -3651,7 +3660,7 @@ const (
 	ETHTOOL_MSG_PSE_GET                       = 0x24
 	ETHTOOL_MSG_PSE_SET                       = 0x25
 	ETHTOOL_MSG_RSS_GET                       = 0x26
-	ETHTOOL_MSG_USER_MAX                      = 0x26
+	ETHTOOL_MSG_USER_MAX                      = 0x2b
 	ETHTOOL_MSG_KERNEL_NONE                   = 0x0
 	ETHTOOL_MSG_STRSET_GET_REPLY              = 0x1
 	ETHTOOL_MSG_LINKINFO_GET_REPLY            = 0x2
@@ -3691,7 +3700,7 @@ const (
 	ETHTOOL_MSG_MODULE_NTF                    = 0x24
 	ETHTOOL_MSG_PSE_GET_REPLY                 = 0x25
 	ETHTOOL_MSG_RSS_GET_REPLY                 = 0x26
-	ETHTOOL_MSG_KERNEL_MAX                    = 0x26
+	ETHTOOL_MSG_KERNEL_MAX                    = 0x2b
 	ETHTOOL_A_HEADER_UNSPEC                   = 0x0
 	ETHTOOL_A_HEADER_DEV_INDEX                = 0x1
 	ETHTOOL_A_HEADER_DEV_NAME                 = 0x2
@@ -3795,7 +3804,7 @@ const (
 	ETHTOOL_A_RINGS_TCP_DATA_SPLIT            = 0xb
 	ETHTOOL_A_RINGS_CQE_SIZE                  = 0xc
 	ETHTOOL_A_RINGS_TX_PUSH                   = 0xd
-	ETHTOOL_A_RINGS_MAX                       = 0xd
+	ETHTOOL_A_RINGS_MAX                       = 0x10
 	ETHTOOL_A_CHANNELS_UNSPEC                 = 0x0
 	ETHTOOL_A_CHANNELS_HEADER                 = 0x1
 	ETHTOOL_A_CHANNELS_RX_MAX                 = 0x2
@@ -3833,14 +3842,14 @@ const (
 	ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL   = 0x17
 	ETHTOOL_A_COALESCE_USE_CQE_MODE_TX        = 0x18
 	ETHTOOL_A_COALESCE_USE_CQE_MODE_RX        = 0x19
-	ETHTOOL_A_COALESCE_MAX                    = 0x19
+	ETHTOOL_A_COALESCE_MAX                    = 0x1c
 	ETHTOOL_A_PAUSE_UNSPEC                    = 0x0
 	ETHTOOL_A_PAUSE_HEADER                    = 0x1
 	ETHTOOL_A_PAUSE_AUTONEG                   = 0x2
 	ETHTOOL_A_PAUSE_RX                        = 0x3
 	ETHTOOL_A_PAUSE_TX                        = 0x4
 	ETHTOOL_A_PAUSE_STATS                     = 0x5
-	ETHTOOL_A_PAUSE_MAX                       = 0x5
+	ETHTOOL_A_PAUSE_MAX                       = 0x6
 	ETHTOOL_A_PAUSE_STAT_UNSPEC               = 0x0
 	ETHTOOL_A_PAUSE_STAT_PAD                  = 0x1
 	ETHTOOL_A_PAUSE_STAT_TX_FRAMES            = 0x2
@@ -4490,7 +4499,7 @@ const (
 	NL80211_ATTR_MAC_HINT                                   = 0xc8
 	NL80211_ATTR_MAC_MASK                                   = 0xd7
 	NL80211_ATTR_MAX_AP_ASSOC_STA                           = 0xca
-	NL80211_ATTR_MAX                                        = 0x141
+	NL80211_ATTR_MAX                                        = 0x145
 	NL80211_ATTR_MAX_CRIT_PROT_DURATION                     = 0xb4
 	NL80211_ATTR_MAX_CSA_COUNTERS                           = 0xce
 	NL80211_ATTR_MAX_MATCH_SETS                             = 0x85
@@ -4719,7 +4728,7 @@ const (
 	NL80211_BAND_ATTR_HT_CAPA                               = 0x4
 	NL80211_BAND_ATTR_HT_MCS_SET                            = 0x3
 	NL80211_BAND_ATTR_IFTYPE_DATA                           = 0x9
-	NL80211_BAND_ATTR_MAX                                   = 0xb
+	NL80211_BAND_ATTR_MAX                                   = 0xd
 	NL80211_BAND_ATTR_RATES                                 = 0x2
 	NL80211_BAND_ATTR_VHT_CAPA                              = 0x8
 	NL80211_BAND_ATTR_VHT_MCS_SET                           = 0x7
@@ -4860,7 +4869,7 @@ const (
 	NL80211_CMD_LEAVE_IBSS                                  = 0x2c
 	NL80211_CMD_LEAVE_MESH                                  = 0x45
 	NL80211_CMD_LEAVE_OCB                                   = 0x6d
-	NL80211_CMD_MAX                                         = 0x98
+	NL80211_CMD_MAX                                         = 0x99
 	NL80211_CMD_MICHAEL_MIC_FAILURE                         = 0x29
 	NL80211_CMD_MODIFY_LINK_STA                             = 0x97
 	NL80211_CMD_NAN_MATCH                                   = 0x78
@@ -5841,6 +5850,8 @@ const (
 	TUN_F_TSO6    = 0x4
 	TUN_F_TSO_ECN = 0x8
 	TUN_F_UFO     = 0x10
+	TUN_F_USO4    = 0x20
+	TUN_F_USO6    = 0x40
 )
 
 const (
@@ -5850,9 +5861,10 @@ const (
 )
 
 const (
-	VIRTIO_NET_HDR_GSO_NONE  = 0x0
-	VIRTIO_NET_HDR_GSO_TCPV4 = 0x1
-	VIRTIO_NET_HDR_GSO_UDP   = 0x3
-	VIRTIO_NET_HDR_GSO_TCPV6 = 0x4
-	VIRTIO_NET_HDR_GSO_ECN   = 0x80
+	VIRTIO_NET_HDR_GSO_NONE   = 0x0
+	VIRTIO_NET_HDR_GSO_TCPV4  = 0x1
+	VIRTIO_NET_HDR_GSO_UDP    = 0x3
+	VIRTIO_NET_HDR_GSO_TCPV6  = 0x4
+	VIRTIO_NET_HDR_GSO_UDP_L4 = 0x5
+	VIRTIO_NET_HDR_GSO_ECN    = 0x80
 )
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
index 4ecc1495c..6d8acbcc5 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
@@ -337,6 +337,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
index 34fddff96..59293c688 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
@@ -350,6 +350,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
index 3b14a6031..40cfa38c2 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
@@ -328,6 +328,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
index 0517651ab..055bc4216 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
@@ -329,6 +329,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
index 3b0c51813..f28affbc6 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
@@ -330,6 +330,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
index fccdf4dd0..9d71e7ccd 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
@@ -333,6 +333,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
index 500de8fc0..fd5ccd332 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
@@ -332,6 +332,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
index d0434cd2c..7704de77a 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
@@ -332,6 +332,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
index 84206ba53..df00b8757 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
@@ -333,6 +333,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
index ab078cf1f..0942840db 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
@@ -340,6 +340,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
index 42eb2c4ce..034874395 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
@@ -339,6 +339,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
index 31304a4e8..bad067047 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
@@ -339,6 +339,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
index c311f9612..83c69c119 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
@@ -357,6 +357,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
@@ -716,3 +718,26 @@ type SysvShmDesc struct {
 	_      uint64
 	_      uint64
 }
+
+type RISCVHWProbePairs struct {
+	Key   int64
+	Value uint64
+}
+
+const (
+	RISCV_HWPROBE_KEY_MVENDORID          = 0x0
+	RISCV_HWPROBE_KEY_MARCHID            = 0x1
+	RISCV_HWPROBE_KEY_MIMPID             = 0x2
+	RISCV_HWPROBE_KEY_BASE_BEHAVIOR      = 0x3
+	RISCV_HWPROBE_BASE_BEHAVIOR_IMA      = 0x1
+	RISCV_HWPROBE_KEY_IMA_EXT_0          = 0x4
+	RISCV_HWPROBE_IMA_FD                 = 0x1
+	RISCV_HWPROBE_IMA_C                  = 0x2
+	RISCV_HWPROBE_KEY_CPUPERF_0          = 0x5
+	RISCV_HWPROBE_MISALIGNED_UNKNOWN     = 0x0
+	RISCV_HWPROBE_MISALIGNED_EMULATED    = 0x1
+	RISCV_HWPROBE_MISALIGNED_SLOW        = 0x2
+	RISCV_HWPROBE_MISALIGNED_FAST        = 0x3
+	RISCV_HWPROBE_MISALIGNED_UNSUPPORTED = 0x4
+	RISCV_HWPROBE_MISALIGNED_MASK        = 0x7
+)
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
index bba3cefac..aa268d025 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
@@ -352,6 +352,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
index ad8a01380..444045b6c 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
@@ -334,6 +334,8 @@ type Taskstats struct {
 	Ac_exe_inode              uint64
 	Wpcopy_count              uint64
 	Wpcopy_delay_total        uint64
+	Irq_count                 uint64
+	Irq_delay_total           uint64
 }
 
 type cpuMask uint64
diff --git a/vendor/golang.org/x/sys/windows/service.go b/vendor/golang.org/x/sys/windows/service.go
index c964b6848..c44a1b963 100644
--- a/vendor/golang.org/x/sys/windows/service.go
+++ b/vendor/golang.org/x/sys/windows/service.go
@@ -218,6 +218,10 @@ type SERVICE_FAILURE_ACTIONS struct {
 	Actions      *SC_ACTION
 }
 
+type SERVICE_FAILURE_ACTIONS_FLAG struct {
+	FailureActionsOnNonCrashFailures int32
+}
+
 type SC_ACTION struct {
 	Type  uint32
 	Delay uint32
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 964590075..373d16388 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -135,14 +135,14 @@ func Getpagesize() int { return 4096 }
 
 // NewCallback converts a Go function to a function pointer conforming to the stdcall calling convention.
 // This is useful when interoperating with Windows code requiring callbacks.
-// The argument is expected to be a function with with one uintptr-sized result. The function must not have arguments with size larger than the size of uintptr.
+// The argument is expected to be a function with one uintptr-sized result. The function must not have arguments with size larger than the size of uintptr.
 func NewCallback(fn interface{}) uintptr {
 	return syscall.NewCallback(fn)
 }
 
 // NewCallbackCDecl converts a Go function to a function pointer conforming to the cdecl calling convention.
 // This is useful when interoperating with Windows code requiring callbacks.
-// The argument is expected to be a function with with one uintptr-sized result. The function must not have arguments with size larger than the size of uintptr.
+// The argument is expected to be a function with one uintptr-sized result. The function must not have arguments with size larger than the size of uintptr.
 func NewCallbackCDecl(fn interface{}) uintptr {
 	return syscall.NewCallbackCDecl(fn)
 }
diff --git a/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go
index f248effae..ffadb7beb 100644
--- a/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go
+++ b/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go
@@ -1,7 +1,7 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
-//go:build go1.16
-// +build go1.16
+//go:build go1.16 && !go1.21
+// +build go1.16,!go1.21
 
 package bidi
 
diff --git a/vendor/golang.org/x/text/unicode/bidi/tables15.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables15.0.0.go
new file mode 100644
index 000000000..92cce5802
--- /dev/null
+++ b/vendor/golang.org/x/text/unicode/bidi/tables15.0.0.go
@@ -0,0 +1,2043 @@
+// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+
+//go:build go1.21
+// +build go1.21
+
+package bidi
+
+// UnicodeVersion is the Unicode version from which the tables in this package are derived.
+const UnicodeVersion = "15.0.0"
+
+// xorMasks contains masks to be xor-ed with brackets to get the reverse
+// version.
+var xorMasks = []int32{ // 8 elements
+	0, 1, 6, 7, 3, 15, 29, 63,
+} // Size: 56 bytes
+
+// lookup returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *bidiTrie) lookup(s []byte) (v uint8, sz int) {
+	c0 := s[0]
+	switch {
+	case c0 < 0x80: // is ASCII
+		return bidiValues[c0], 1
+	case c0 < 0xC2:
+		return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+	case c0 < 0xE0: // 2-byte UTF-8
+		if len(s) < 2 {
+			return 0, 0
+		}
+		i := bidiIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c1), 2
+	case c0 < 0xF0: // 3-byte UTF-8
+		if len(s) < 3 {
+			return 0, 0
+		}
+		i := bidiIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = bidiIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c2), 3
+	case c0 < 0xF8: // 4-byte UTF-8
+		if len(s) < 4 {
+			return 0, 0
+		}
+		i := bidiIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = bidiIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		o = uint32(i)<<6 + uint32(c2)
+		i = bidiIndex[o]
+		c3 := s[3]
+		if c3 < 0x80 || 0xC0 <= c3 {
+			return 0, 3 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c3), 4
+	}
+	// Illegal rune
+	return 0, 1
+}
+
+// lookupUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *bidiTrie) lookupUnsafe(s []byte) uint8 {
+	c0 := s[0]
+	if c0 < 0x80 { // is ASCII
+		return bidiValues[c0]
+	}
+	i := bidiIndex[c0]
+	if c0 < 0xE0 { // 2-byte UTF-8
+		return t.lookupValue(uint32(i), s[1])
+	}
+	i = bidiIndex[uint32(i)<<6+uint32(s[1])]
+	if c0 < 0xF0 { // 3-byte UTF-8
+		return t.lookupValue(uint32(i), s[2])
+	}
+	i = bidiIndex[uint32(i)<<6+uint32(s[2])]
+	if c0 < 0xF8 { // 4-byte UTF-8
+		return t.lookupValue(uint32(i), s[3])
+	}
+	return 0
+}
+
+// lookupString returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *bidiTrie) lookupString(s string) (v uint8, sz int) {
+	c0 := s[0]
+	switch {
+	case c0 < 0x80: // is ASCII
+		return bidiValues[c0], 1
+	case c0 < 0xC2:
+		return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+	case c0 < 0xE0: // 2-byte UTF-8
+		if len(s) < 2 {
+			return 0, 0
+		}
+		i := bidiIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c1), 2
+	case c0 < 0xF0: // 3-byte UTF-8
+		if len(s) < 3 {
+			return 0, 0
+		}
+		i := bidiIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = bidiIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c2), 3
+	case c0 < 0xF8: // 4-byte UTF-8
+		if len(s) < 4 {
+			return 0, 0
+		}
+		i := bidiIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = bidiIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		o = uint32(i)<<6 + uint32(c2)
+		i = bidiIndex[o]
+		c3 := s[3]
+		if c3 < 0x80 || 0xC0 <= c3 {
+			return 0, 3 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c3), 4
+	}
+	// Illegal rune
+	return 0, 1
+}
+
+// lookupStringUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *bidiTrie) lookupStringUnsafe(s string) uint8 {
+	c0 := s[0]
+	if c0 < 0x80 { // is ASCII
+		return bidiValues[c0]
+	}
+	i := bidiIndex[c0]
+	if c0 < 0xE0 { // 2-byte UTF-8
+		return t.lookupValue(uint32(i), s[1])
+	}
+	i = bidiIndex[uint32(i)<<6+uint32(s[1])]
+	if c0 < 0xF0 { // 3-byte UTF-8
+		return t.lookupValue(uint32(i), s[2])
+	}
+	i = bidiIndex[uint32(i)<<6+uint32(s[2])]
+	if c0 < 0xF8 { // 4-byte UTF-8
+		return t.lookupValue(uint32(i), s[3])
+	}
+	return 0
+}
+
+// bidiTrie. Total size: 19904 bytes (19.44 KiB). Checksum: b1f201ed2debb6c8.
+type bidiTrie struct{}
+
+func newBidiTrie(i int) *bidiTrie {
+	return &bidiTrie{}
+}
+
+// lookupValue determines the type of block n and looks up the value for b.
+func (t *bidiTrie) lookupValue(n uint32, b byte) uint8 {
+	switch {
+	default:
+		return uint8(bidiValues[n<<6+uint32(b)])
+	}
+}
+
+// bidiValues: 259 blocks, 16576 entries, 16576 bytes
+// The third block is the zero block.
+var bidiValues = [16576]uint8{
+	// Block 0x0, offset 0x0
+	0x00: 0x000b, 0x01: 0x000b, 0x02: 0x000b, 0x03: 0x000b, 0x04: 0x000b, 0x05: 0x000b,
+	0x06: 0x000b, 0x07: 0x000b, 0x08: 0x000b, 0x09: 0x0008, 0x0a: 0x0007, 0x0b: 0x0008,
+	0x0c: 0x0009, 0x0d: 0x0007, 0x0e: 0x000b, 0x0f: 0x000b, 0x10: 0x000b, 0x11: 0x000b,
+	0x12: 0x000b, 0x13: 0x000b, 0x14: 0x000b, 0x15: 0x000b, 0x16: 0x000b, 0x17: 0x000b,
+	0x18: 0x000b, 0x19: 0x000b, 0x1a: 0x000b, 0x1b: 0x000b, 0x1c: 0x0007, 0x1d: 0x0007,
+	0x1e: 0x0007, 0x1f: 0x0008, 0x20: 0x0009, 0x21: 0x000a, 0x22: 0x000a, 0x23: 0x0004,
+	0x24: 0x0004, 0x25: 0x0004, 0x26: 0x000a, 0x27: 0x000a, 0x28: 0x003a, 0x29: 0x002a,
+	0x2a: 0x000a, 0x2b: 0x0003, 0x2c: 0x0006, 0x2d: 0x0003, 0x2e: 0x0006, 0x2f: 0x0006,
+	0x30: 0x0002, 0x31: 0x0002, 0x32: 0x0002, 0x33: 0x0002, 0x34: 0x0002, 0x35: 0x0002,
+	0x36: 0x0002, 0x37: 0x0002, 0x38: 0x0002, 0x39: 0x0002, 0x3a: 0x0006, 0x3b: 0x000a,
+	0x3c: 0x000a, 0x3d: 0x000a, 0x3e: 0x000a, 0x3f: 0x000a,
+	// Block 0x1, offset 0x40
+	0x40: 0x000a,
+	0x5b: 0x005a, 0x5c: 0x000a, 0x5d: 0x004a,
+	0x5e: 0x000a, 0x5f: 0x000a, 0x60: 0x000a,
+	0x7b: 0x005a,
+	0x7c: 0x000a, 0x7d: 0x004a, 0x7e: 0x000a, 0x7f: 0x000b,
+	// Block 0x2, offset 0x80
+	// Block 0x3, offset 0xc0
+	0xc0: 0x000b, 0xc1: 0x000b, 0xc2: 0x000b, 0xc3: 0x000b, 0xc4: 0x000b, 0xc5: 0x0007,
+	0xc6: 0x000b, 0xc7: 0x000b, 0xc8: 0x000b, 0xc9: 0x000b, 0xca: 0x000b, 0xcb: 0x000b,
+	0xcc: 0x000b, 0xcd: 0x000b, 0xce: 0x000b, 0xcf: 0x000b, 0xd0: 0x000b, 0xd1: 0x000b,
+	0xd2: 0x000b, 0xd3: 0x000b, 0xd4: 0x000b, 0xd5: 0x000b, 0xd6: 0x000b, 0xd7: 0x000b,
+	0xd8: 0x000b, 0xd9: 0x000b, 0xda: 0x000b, 0xdb: 0x000b, 0xdc: 0x000b, 0xdd: 0x000b,
+	0xde: 0x000b, 0xdf: 0x000b, 0xe0: 0x0006, 0xe1: 0x000a, 0xe2: 0x0004, 0xe3: 0x0004,
+	0xe4: 0x0004, 0xe5: 0x0004, 0xe6: 0x000a, 0xe7: 0x000a, 0xe8: 0x000a, 0xe9: 0x000a,
+	0xeb: 0x000a, 0xec: 0x000a, 0xed: 0x000b, 0xee: 0x000a, 0xef: 0x000a,
+	0xf0: 0x0004, 0xf1: 0x0004, 0xf2: 0x0002, 0xf3: 0x0002, 0xf4: 0x000a,
+	0xf6: 0x000a, 0xf7: 0x000a, 0xf8: 0x000a, 0xf9: 0x0002, 0xfb: 0x000a,
+	0xfc: 0x000a, 0xfd: 0x000a, 0xfe: 0x000a, 0xff: 0x000a,
+	// Block 0x4, offset 0x100
+	0x117: 0x000a,
+	0x137: 0x000a,
+	// Block 0x5, offset 0x140
+	0x179: 0x000a, 0x17a: 0x000a,
+	// Block 0x6, offset 0x180
+	0x182: 0x000a, 0x183: 0x000a, 0x184: 0x000a, 0x185: 0x000a,
+	0x186: 0x000a, 0x187: 0x000a, 0x188: 0x000a, 0x189: 0x000a, 0x18a: 0x000a, 0x18b: 0x000a,
+	0x18c: 0x000a, 0x18d: 0x000a, 0x18e: 0x000a, 0x18f: 0x000a,
+	0x192: 0x000a, 0x193: 0x000a, 0x194: 0x000a, 0x195: 0x000a, 0x196: 0x000a, 0x197: 0x000a,
+	0x198: 0x000a, 0x199: 0x000a, 0x19a: 0x000a, 0x19b: 0x000a, 0x19c: 0x000a, 0x19d: 0x000a,
+	0x19e: 0x000a, 0x19f: 0x000a,
+	0x1a5: 0x000a, 0x1a6: 0x000a, 0x1a7: 0x000a, 0x1a8: 0x000a, 0x1a9: 0x000a,
+	0x1aa: 0x000a, 0x1ab: 0x000a, 0x1ac: 0x000a, 0x1ad: 0x000a, 0x1af: 0x000a,
+	0x1b0: 0x000a, 0x1b1: 0x000a, 0x1b2: 0x000a, 0x1b3: 0x000a, 0x1b4: 0x000a, 0x1b5: 0x000a,
+	0x1b6: 0x000a, 0x1b7: 0x000a, 0x1b8: 0x000a, 0x1b9: 0x000a, 0x1ba: 0x000a, 0x1bb: 0x000a,
+	0x1bc: 0x000a, 0x1bd: 0x000a, 0x1be: 0x000a, 0x1bf: 0x000a,
+	// Block 0x7, offset 0x1c0
+	0x1c0: 0x000c, 0x1c1: 0x000c, 0x1c2: 0x000c, 0x1c3: 0x000c, 0x1c4: 0x000c, 0x1c5: 0x000c,
+	0x1c6: 0x000c, 0x1c7: 0x000c, 0x1c8: 0x000c, 0x1c9: 0x000c, 0x1ca: 0x000c, 0x1cb: 0x000c,
+	0x1cc: 0x000c, 0x1cd: 0x000c, 0x1ce: 0x000c, 0x1cf: 0x000c, 0x1d0: 0x000c, 0x1d1: 0x000c,
+	0x1d2: 0x000c, 0x1d3: 0x000c, 0x1d4: 0x000c, 0x1d5: 0x000c, 0x1d6: 0x000c, 0x1d7: 0x000c,
+	0x1d8: 0x000c, 0x1d9: 0x000c, 0x1da: 0x000c, 0x1db: 0x000c, 0x1dc: 0x000c, 0x1dd: 0x000c,
+	0x1de: 0x000c, 0x1df: 0x000c, 0x1e0: 0x000c, 0x1e1: 0x000c, 0x1e2: 0x000c, 0x1e3: 0x000c,
+	0x1e4: 0x000c, 0x1e5: 0x000c, 0x1e6: 0x000c, 0x1e7: 0x000c, 0x1e8: 0x000c, 0x1e9: 0x000c,
+	0x1ea: 0x000c, 0x1eb: 0x000c, 0x1ec: 0x000c, 0x1ed: 0x000c, 0x1ee: 0x000c, 0x1ef: 0x000c,
+	0x1f0: 0x000c, 0x1f1: 0x000c, 0x1f2: 0x000c, 0x1f3: 0x000c, 0x1f4: 0x000c, 0x1f5: 0x000c,
+	0x1f6: 0x000c, 0x1f7: 0x000c, 0x1f8: 0x000c, 0x1f9: 0x000c, 0x1fa: 0x000c, 0x1fb: 0x000c,
+	0x1fc: 0x000c, 0x1fd: 0x000c, 0x1fe: 0x000c, 0x1ff: 0x000c,
+	// Block 0x8, offset 0x200
+	0x200: 0x000c, 0x201: 0x000c, 0x202: 0x000c, 0x203: 0x000c, 0x204: 0x000c, 0x205: 0x000c,
+	0x206: 0x000c, 0x207: 0x000c, 0x208: 0x000c, 0x209: 0x000c, 0x20a: 0x000c, 0x20b: 0x000c,
+	0x20c: 0x000c, 0x20d: 0x000c, 0x20e: 0x000c, 0x20f: 0x000c, 0x210: 0x000c, 0x211: 0x000c,
+	0x212: 0x000c, 0x213: 0x000c, 0x214: 0x000c, 0x215: 0x000c, 0x216: 0x000c, 0x217: 0x000c,
+	0x218: 0x000c, 0x219: 0x000c, 0x21a: 0x000c, 0x21b: 0x000c, 0x21c: 0x000c, 0x21d: 0x000c,
+	0x21e: 0x000c, 0x21f: 0x000c, 0x220: 0x000c, 0x221: 0x000c, 0x222: 0x000c, 0x223: 0x000c,
+	0x224: 0x000c, 0x225: 0x000c, 0x226: 0x000c, 0x227: 0x000c, 0x228: 0x000c, 0x229: 0x000c,
+	0x22a: 0x000c, 0x22b: 0x000c, 0x22c: 0x000c, 0x22d: 0x000c, 0x22e: 0x000c, 0x22f: 0x000c,
+	0x234: 0x000a, 0x235: 0x000a,
+	0x23e: 0x000a,
+	// Block 0x9, offset 0x240
+	0x244: 0x000a, 0x245: 0x000a,
+	0x247: 0x000a,
+	// Block 0xa, offset 0x280
+	0x2b6: 0x000a,
+	// Block 0xb, offset 0x2c0
+	0x2c3: 0x000c, 0x2c4: 0x000c, 0x2c5: 0x000c,
+	0x2c6: 0x000c, 0x2c7: 0x000c, 0x2c8: 0x000c, 0x2c9: 0x000c,
+	// Block 0xc, offset 0x300
+	0x30a: 0x000a,
+	0x30d: 0x000a, 0x30e: 0x000a, 0x30f: 0x0004, 0x310: 0x0001, 0x311: 0x000c,
+	0x312: 0x000c, 0x313: 0x000c, 0x314: 0x000c, 0x315: 0x000c, 0x316: 0x000c, 0x317: 0x000c,
+	0x318: 0x000c, 0x319: 0x000c, 0x31a: 0x000c, 0x31b: 0x000c, 0x31c: 0x000c, 0x31d: 0x000c,
+	0x31e: 0x000c, 0x31f: 0x000c, 0x320: 0x000c, 0x321: 0x000c, 0x322: 0x000c, 0x323: 0x000c,
+	0x324: 0x000c, 0x325: 0x000c, 0x326: 0x000c, 0x327: 0x000c, 0x328: 0x000c, 0x329: 0x000c,
+	0x32a: 0x000c, 0x32b: 0x000c, 0x32c: 0x000c, 0x32d: 0x000c, 0x32e: 0x000c, 0x32f: 0x000c,
+	0x330: 0x000c, 0x331: 0x000c, 0x332: 0x000c, 0x333: 0x000c, 0x334: 0x000c, 0x335: 0x000c,
+	0x336: 0x000c, 0x337: 0x000c, 0x338: 0x000c, 0x339: 0x000c, 0x33a: 0x000c, 0x33b: 0x000c,
+	0x33c: 0x000c, 0x33d: 0x000c, 0x33e: 0x0001, 0x33f: 0x000c,
+	// Block 0xd, offset 0x340
+	0x340: 0x0001, 0x341: 0x000c, 0x342: 0x000c, 0x343: 0x0001, 0x344: 0x000c, 0x345: 0x000c,
+	0x346: 0x0001, 0x347: 0x000c, 0x348: 0x0001, 0x349: 0x0001, 0x34a: 0x0001, 0x34b: 0x0001,
+	0x34c: 0x0001, 0x34d: 0x0001, 0x34e: 0x0001, 0x34f: 0x0001, 0x350: 0x0001, 0x351: 0x0001,
+	0x352: 0x0001, 0x353: 0x0001, 0x354: 0x0001, 0x355: 0x0001, 0x356: 0x0001, 0x357: 0x0001,
+	0x358: 0x0001, 0x359: 0x0001, 0x35a: 0x0001, 0x35b: 0x0001, 0x35c: 0x0001, 0x35d: 0x0001,
+	0x35e: 0x0001, 0x35f: 0x0001, 0x360: 0x0001, 0x361: 0x0001, 0x362: 0x0001, 0x363: 0x0001,
+	0x364: 0x0001, 0x365: 0x0001, 0x366: 0x0001, 0x367: 0x0001, 0x368: 0x0001, 0x369: 0x0001,
+	0x36a: 0x0001, 0x36b: 0x0001, 0x36c: 0x0001, 0x36d: 0x0001, 0x36e: 0x0001, 0x36f: 0x0001,
+	0x370: 0x0001, 0x371: 0x0001, 0x372: 0x0001, 0x373: 0x0001, 0x374: 0x0001, 0x375: 0x0001,
+	0x376: 0x0001, 0x377: 0x0001, 0x378: 0x0001, 0x379: 0x0001, 0x37a: 0x0001, 0x37b: 0x0001,
+	0x37c: 0x0001, 0x37d: 0x0001, 0x37e: 0x0001, 0x37f: 0x0001,
+	// Block 0xe, offset 0x380
+	0x380: 0x0005, 0x381: 0x0005, 0x382: 0x0005, 0x383: 0x0005, 0x384: 0x0005, 0x385: 0x0005,
+	0x386: 0x000a, 0x387: 0x000a, 0x388: 0x000d, 0x389: 0x0004, 0x38a: 0x0004, 0x38b: 0x000d,
+	0x38c: 0x0006, 0x38d: 0x000d, 0x38e: 0x000a, 0x38f: 0x000a, 0x390: 0x000c, 0x391: 0x000c,
+	0x392: 0x000c, 0x393: 0x000c, 0x394: 0x000c, 0x395: 0x000c, 0x396: 0x000c, 0x397: 0x000c,
+	0x398: 0x000c, 0x399: 0x000c, 0x39a: 0x000c, 0x39b: 0x000d, 0x39c: 0x000d, 0x39d: 0x000d,
+	0x39e: 0x000d, 0x39f: 0x000d, 0x3a0: 0x000d, 0x3a1: 0x000d, 0x3a2: 0x000d, 0x3a3: 0x000d,
+	0x3a4: 0x000d, 0x3a5: 0x000d, 0x3a6: 0x000d, 0x3a7: 0x000d, 0x3a8: 0x000d, 0x3a9: 0x000d,
+	0x3aa: 0x000d, 0x3ab: 0x000d, 0x3ac: 0x000d, 0x3ad: 0x000d, 0x3ae: 0x000d, 0x3af: 0x000d,
+	0x3b0: 0x000d, 0x3b1: 0x000d, 0x3b2: 0x000d, 0x3b3: 0x000d, 0x3b4: 0x000d, 0x3b5: 0x000d,
+	0x3b6: 0x000d, 0x3b7: 0x000d, 0x3b8: 0x000d, 0x3b9: 0x000d, 0x3ba: 0x000d, 0x3bb: 0x000d,
+	0x3bc: 0x000d, 0x3bd: 0x000d, 0x3be: 0x000d, 0x3bf: 0x000d,
+	// Block 0xf, offset 0x3c0
+	0x3c0: 0x000d, 0x3c1: 0x000d, 0x3c2: 0x000d, 0x3c3: 0x000d, 0x3c4: 0x000d, 0x3c5: 0x000d,
+	0x3c6: 0x000d, 0x3c7: 0x000d, 0x3c8: 0x000d, 0x3c9: 0x000d, 0x3ca: 0x000d, 0x3cb: 0x000c,
+	0x3cc: 0x000c, 0x3cd: 0x000c, 0x3ce: 0x000c, 0x3cf: 0x000c, 0x3d0: 0x000c, 0x3d1: 0x000c,
+	0x3d2: 0x000c, 0x3d3: 0x000c, 0x3d4: 0x000c, 0x3d5: 0x000c, 0x3d6: 0x000c, 0x3d7: 0x000c,
+	0x3d8: 0x000c, 0x3d9: 0x000c, 0x3da: 0x000c, 0x3db: 0x000c, 0x3dc: 0x000c, 0x3dd: 0x000c,
+	0x3de: 0x000c, 0x3df: 0x000c, 0x3e0: 0x0005, 0x3e1: 0x0005, 0x3e2: 0x0005, 0x3e3: 0x0005,
+	0x3e4: 0x0005, 0x3e5: 0x0005, 0x3e6: 0x0005, 0x3e7: 0x0005, 0x3e8: 0x0005, 0x3e9: 0x0005,
+	0x3ea: 0x0004, 0x3eb: 0x0005, 0x3ec: 0x0005, 0x3ed: 0x000d, 0x3ee: 0x000d, 0x3ef: 0x000d,
+	0x3f0: 0x000c, 0x3f1: 0x000d, 0x3f2: 0x000d, 0x3f3: 0x000d, 0x3f4: 0x000d, 0x3f5: 0x000d,
+	0x3f6: 0x000d, 0x3f7: 0x000d, 0x3f8: 0x000d, 0x3f9: 0x000d, 0x3fa: 0x000d, 0x3fb: 0x000d,
+	0x3fc: 0x000d, 0x3fd: 0x000d, 0x3fe: 0x000d, 0x3ff: 0x000d,
+	// Block 0x10, offset 0x400
+	0x400: 0x000d, 0x401: 0x000d, 0x402: 0x000d, 0x403: 0x000d, 0x404: 0x000d, 0x405: 0x000d,
+	0x406: 0x000d, 0x407: 0x000d, 0x408: 0x000d, 0x409: 0x000d, 0x40a: 0x000d, 0x40b: 0x000d,
+	0x40c: 0x000d, 0x40d: 0x000d, 0x40e: 0x000d, 0x40f: 0x000d, 0x410: 0x000d, 0x411: 0x000d,
+	0x412: 0x000d, 0x413: 0x000d, 0x414: 0x000d, 0x415: 0x000d, 0x416: 0x000d, 0x417: 0x000d,
+	0x418: 0x000d, 0x419: 0x000d, 0x41a: 0x000d, 0x41b: 0x000d, 0x41c: 0x000d, 0x41d: 0x000d,
+	0x41e: 0x000d, 0x41f: 0x000d, 0x420: 0x000d, 0x421: 0x000d, 0x422: 0x000d, 0x423: 0x000d,
+	0x424: 0x000d, 0x425: 0x000d, 0x426: 0x000d, 0x427: 0x000d, 0x428: 0x000d, 0x429: 0x000d,
+	0x42a: 0x000d, 0x42b: 0x000d, 0x42c: 0x000d, 0x42d: 0x000d, 0x42e: 0x000d, 0x42f: 0x000d,
+	0x430: 0x000d, 0x431: 0x000d, 0x432: 0x000d, 0x433: 0x000d, 0x434: 0x000d, 0x435: 0x000d,
+	0x436: 0x000d, 0x437: 0x000d, 0x438: 0x000d, 0x439: 0x000d, 0x43a: 0x000d, 0x43b: 0x000d,
+	0x43c: 0x000d, 0x43d: 0x000d, 0x43e: 0x000d, 0x43f: 0x000d,
+	// Block 0x11, offset 0x440
+	0x440: 0x000d, 0x441: 0x000d, 0x442: 0x000d, 0x443: 0x000d, 0x444: 0x000d, 0x445: 0x000d,
+	0x446: 0x000d, 0x447: 0x000d, 0x448: 0x000d, 0x449: 0x000d, 0x44a: 0x000d, 0x44b: 0x000d,
+	0x44c: 0x000d, 0x44d: 0x000d, 0x44e: 0x000d, 0x44f: 0x000d, 0x450: 0x000d, 0x451: 0x000d,
+	0x452: 0x000d, 0x453: 0x000d, 0x454: 0x000d, 0x455: 0x000d, 0x456: 0x000c, 0x457: 0x000c,
+	0x458: 0x000c, 0x459: 0x000c, 0x45a: 0x000c, 0x45b: 0x000c, 0x45c: 0x000c, 0x45d: 0x0005,
+	0x45e: 0x000a, 0x45f: 0x000c, 0x460: 0x000c, 0x461: 0x000c, 0x462: 0x000c, 0x463: 0x000c,
+	0x464: 0x000c, 0x465: 0x000d, 0x466: 0x000d, 0x467: 0x000c, 0x468: 0x000c, 0x469: 0x000a,
+	0x46a: 0x000c, 0x46b: 0x000c, 0x46c: 0x000c, 0x46d: 0x000c, 0x46e: 0x000d, 0x46f: 0x000d,
+	0x470: 0x0002, 0x471: 0x0002, 0x472: 0x0002, 0x473: 0x0002, 0x474: 0x0002, 0x475: 0x0002,
+	0x476: 0x0002, 0x477: 0x0002, 0x478: 0x0002, 0x479: 0x0002, 0x47a: 0x000d, 0x47b: 0x000d,
+	0x47c: 0x000d, 0x47d: 0x000d, 0x47e: 0x000d, 0x47f: 0x000d,
+	// Block 0x12, offset 0x480
+	0x480: 0x000d, 0x481: 0x000d, 0x482: 0x000d, 0x483: 0x000d, 0x484: 0x000d, 0x485: 0x000d,
+	0x486: 0x000d, 0x487: 0x000d, 0x488: 0x000d, 0x489: 0x000d, 0x48a: 0x000d, 0x48b: 0x000d,
+	0x48c: 0x000d, 0x48d: 0x000d, 0x48e: 0x000d, 0x48f: 0x000d, 0x490: 0x000d, 0x491: 0x000c,
+	0x492: 0x000d, 0x493: 0x000d, 0x494: 0x000d, 0x495: 0x000d, 0x496: 0x000d, 0x497: 0x000d,
+	0x498: 0x000d, 0x499: 0x000d, 0x49a: 0x000d, 0x49b: 0x000d, 0x49c: 0x000d, 0x49d: 0x000d,
+	0x49e: 0x000d, 0x49f: 0x000d, 0x4a0: 0x000d, 0x4a1: 0x000d, 0x4a2: 0x000d, 0x4a3: 0x000d,
+	0x4a4: 0x000d, 0x4a5: 0x000d, 0x4a6: 0x000d, 0x4a7: 0x000d, 0x4a8: 0x000d, 0x4a9: 0x000d,
+	0x4aa: 0x000d, 0x4ab: 0x000d, 0x4ac: 0x000d, 0x4ad: 0x000d, 0x4ae: 0x000d, 0x4af: 0x000d,
+	0x4b0: 0x000c, 0x4b1: 0x000c, 0x4b2: 0x000c, 0x4b3: 0x000c, 0x4b4: 0x000c, 0x4b5: 0x000c,
+	0x4b6: 0x000c, 0x4b7: 0x000c, 0x4b8: 0x000c, 0x4b9: 0x000c, 0x4ba: 0x000c, 0x4bb: 0x000c,
+	0x4bc: 0x000c, 0x4bd: 0x000c, 0x4be: 0x000c, 0x4bf: 0x000c,
+	// Block 0x13, offset 0x4c0
+	0x4c0: 0x000c, 0x4c1: 0x000c, 0x4c2: 0x000c, 0x4c3: 0x000c, 0x4c4: 0x000c, 0x4c5: 0x000c,
+	0x4c6: 0x000c, 0x4c7: 0x000c, 0x4c8: 0x000c, 0x4c9: 0x000c, 0x4ca: 0x000c, 0x4cb: 0x000d,
+	0x4cc: 0x000d, 0x4cd: 0x000d, 0x4ce: 0x000d, 0x4cf: 0x000d, 0x4d0: 0x000d, 0x4d1: 0x000d,
+	0x4d2: 0x000d, 0x4d3: 0x000d, 0x4d4: 0x000d, 0x4d5: 0x000d, 0x4d6: 0x000d, 0x4d7: 0x000d,
+	0x4d8: 0x000d, 0x4d9: 0x000d, 0x4da: 0x000d, 0x4db: 0x000d, 0x4dc: 0x000d, 0x4dd: 0x000d,
+	0x4de: 0x000d, 0x4df: 0x000d, 0x4e0: 0x000d, 0x4e1: 0x000d, 0x4e2: 0x000d, 0x4e3: 0x000d,
+	0x4e4: 0x000d, 0x4e5: 0x000d, 0x4e6: 0x000d, 0x4e7: 0x000d, 0x4e8: 0x000d, 0x4e9: 0x000d,
+	0x4ea: 0x000d, 0x4eb: 0x000d, 0x4ec: 0x000d, 0x4ed: 0x000d, 0x4ee: 0x000d, 0x4ef: 0x000d,
+	0x4f0: 0x000d, 0x4f1: 0x000d, 0x4f2: 0x000d, 0x4f3: 0x000d, 0x4f4: 0x000d, 0x4f5: 0x000d,
+	0x4f6: 0x000d, 0x4f7: 0x000d, 0x4f8: 0x000d, 0x4f9: 0x000d, 0x4fa: 0x000d, 0x4fb: 0x000d,
+	0x4fc: 0x000d, 0x4fd: 0x000d, 0x4fe: 0x000d, 0x4ff: 0x000d,
+	// Block 0x14, offset 0x500
+	0x500: 0x000d, 0x501: 0x000d, 0x502: 0x000d, 0x503: 0x000d, 0x504: 0x000d, 0x505: 0x000d,
+	0x506: 0x000d, 0x507: 0x000d, 0x508: 0x000d, 0x509: 0x000d, 0x50a: 0x000d, 0x50b: 0x000d,
+	0x50c: 0x000d, 0x50d: 0x000d, 0x50e: 0x000d, 0x50f: 0x000d, 0x510: 0x000d, 0x511: 0x000d,
+	0x512: 0x000d, 0x513: 0x000d, 0x514: 0x000d, 0x515: 0x000d, 0x516: 0x000d, 0x517: 0x000d,
+	0x518: 0x000d, 0x519: 0x000d, 0x51a: 0x000d, 0x51b: 0x000d, 0x51c: 0x000d, 0x51d: 0x000d,
+	0x51e: 0x000d, 0x51f: 0x000d, 0x520: 0x000d, 0x521: 0x000d, 0x522: 0x000d, 0x523: 0x000d,
+	0x524: 0x000d, 0x525: 0x000d, 0x526: 0x000c, 0x527: 0x000c, 0x528: 0x000c, 0x529: 0x000c,
+	0x52a: 0x000c, 0x52b: 0x000c, 0x52c: 0x000c, 0x52d: 0x000c, 0x52e: 0x000c, 0x52f: 0x000c,
+	0x530: 0x000c, 0x531: 0x000d, 0x532: 0x000d, 0x533: 0x000d, 0x534: 0x000d, 0x535: 0x000d,
+	0x536: 0x000d, 0x537: 0x000d, 0x538: 0x000d, 0x539: 0x000d, 0x53a: 0x000d, 0x53b: 0x000d,
+	0x53c: 0x000d, 0x53d: 0x000d, 0x53e: 0x000d, 0x53f: 0x000d,
+	// Block 0x15, offset 0x540
+	0x540: 0x0001, 0x541: 0x0001, 0x542: 0x0001, 0x543: 0x0001, 0x544: 0x0001, 0x545: 0x0001,
+	0x546: 0x0001, 0x547: 0x0001, 0x548: 0x0001, 0x549: 0x0001, 0x54a: 0x0001, 0x54b: 0x0001,
+	0x54c: 0x0001, 0x54d: 0x0001, 0x54e: 0x0001, 0x54f: 0x0001, 0x550: 0x0001, 0x551: 0x0001,
+	0x552: 0x0001, 0x553: 0x0001, 0x554: 0x0001, 0x555: 0x0001, 0x556: 0x0001, 0x557: 0x0001,
+	0x558: 0x0001, 0x559: 0x0001, 0x55a: 0x0001, 0x55b: 0x0001, 0x55c: 0x0001, 0x55d: 0x0001,
+	0x55e: 0x0001, 0x55f: 0x0001, 0x560: 0x0001, 0x561: 0x0001, 0x562: 0x0001, 0x563: 0x0001,
+	0x564: 0x0001, 0x565: 0x0001, 0x566: 0x0001, 0x567: 0x0001, 0x568: 0x0001, 0x569: 0x0001,
+	0x56a: 0x0001, 0x56b: 0x000c, 0x56c: 0x000c, 0x56d: 0x000c, 0x56e: 0x000c, 0x56f: 0x000c,
+	0x570: 0x000c, 0x571: 0x000c, 0x572: 0x000c, 0x573: 0x000c, 0x574: 0x0001, 0x575: 0x0001,
+	0x576: 0x000a, 0x577: 0x000a, 0x578: 0x000a, 0x579: 0x000a, 0x57a: 0x0001, 0x57b: 0x0001,
+	0x57c: 0x0001, 0x57d: 0x000c, 0x57e: 0x0001, 0x57f: 0x0001,
+	// Block 0x16, offset 0x580
+	0x580: 0x0001, 0x581: 0x0001, 0x582: 0x0001, 0x583: 0x0001, 0x584: 0x0001, 0x585: 0x0001,
+	0x586: 0x0001, 0x587: 0x0001, 0x588: 0x0001, 0x589: 0x0001, 0x58a: 0x0001, 0x58b: 0x0001,
+	0x58c: 0x0001, 0x58d: 0x0001, 0x58e: 0x0001, 0x58f: 0x0001, 0x590: 0x0001, 0x591: 0x0001,
+	0x592: 0x0001, 0x593: 0x0001, 0x594: 0x0001, 0x595: 0x0001, 0x596: 0x000c, 0x597: 0x000c,
+	0x598: 0x000c, 0x599: 0x000c, 0x59a: 0x0001, 0x59b: 0x000c, 0x59c: 0x000c, 0x59d: 0x000c,
+	0x59e: 0x000c, 0x59f: 0x000c, 0x5a0: 0x000c, 0x5a1: 0x000c, 0x5a2: 0x000c, 0x5a3: 0x000c,
+	0x5a4: 0x0001, 0x5a5: 0x000c, 0x5a6: 0x000c, 0x5a7: 0x000c, 0x5a8: 0x0001, 0x5a9: 0x000c,
+	0x5aa: 0x000c, 0x5ab: 0x000c, 0x5ac: 0x000c, 0x5ad: 0x000c, 0x5ae: 0x0001, 0x5af: 0x0001,
+	0x5b0: 0x0001, 0x5b1: 0x0001, 0x5b2: 0x0001, 0x5b3: 0x0001, 0x5b4: 0x0001, 0x5b5: 0x0001,
+	0x5b6: 0x0001, 0x5b7: 0x0001, 0x5b8: 0x0001, 0x5b9: 0x0001, 0x5ba: 0x0001, 0x5bb: 0x0001,
+	0x5bc: 0x0001, 0x5bd: 0x0001, 0x5be: 0x0001, 0x5bf: 0x0001,
+	// Block 0x17, offset 0x5c0
+	0x5c0: 0x0001, 0x5c1: 0x0001, 0x5c2: 0x0001, 0x5c3: 0x0001, 0x5c4: 0x0001, 0x5c5: 0x0001,
+	0x5c6: 0x0001, 0x5c7: 0x0001, 0x5c8: 0x0001, 0x5c9: 0x0001, 0x5ca: 0x0001, 0x5cb: 0x0001,
+	0x5cc: 0x0001, 0x5cd: 0x0001, 0x5ce: 0x0001, 0x5cf: 0x0001, 0x5d0: 0x0001, 0x5d1: 0x0001,
+	0x5d2: 0x0001, 0x5d3: 0x0001, 0x5d4: 0x0001, 0x5d5: 0x0001, 0x5d6: 0x0001, 0x5d7: 0x0001,
+	0x5d8: 0x0001, 0x5d9: 0x000c, 0x5da: 0x000c, 0x5db: 0x000c, 0x5dc: 0x0001, 0x5dd: 0x0001,
+	0x5de: 0x0001, 0x5df: 0x0001, 0x5e0: 0x000d, 0x5e1: 0x000d, 0x5e2: 0x000d, 0x5e3: 0x000d,
+	0x5e4: 0x000d, 0x5e5: 0x000d, 0x5e6: 0x000d, 0x5e7: 0x000d, 0x5e8: 0x000d, 0x5e9: 0x000d,
+	0x5ea: 0x000d, 0x5eb: 0x0001, 0x5ec: 0x0001, 0x5ed: 0x0001, 0x5ee: 0x0001, 0x5ef: 0x0001,
+	0x5f0: 0x000d, 0x5f1: 0x000d, 0x5f2: 0x000d, 0x5f3: 0x000d, 0x5f4: 0x000d, 0x5f5: 0x000d,
+	0x5f6: 0x000d, 0x5f7: 0x000d, 0x5f8: 0x000d, 0x5f9: 0x000d, 0x5fa: 0x000d, 0x5fb: 0x000d,
+	0x5fc: 0x000d, 0x5fd: 0x000d, 0x5fe: 0x000d, 0x5ff: 0x000d,
+	// Block 0x18, offset 0x600
+	0x600: 0x000d, 0x601: 0x000d, 0x602: 0x000d, 0x603: 0x000d, 0x604: 0x000d, 0x605: 0x000d,
+	0x606: 0x000d, 0x607: 0x000d, 0x608: 0x000d, 0x609: 0x000d, 0x60a: 0x000d, 0x60b: 0x000d,
+	0x60c: 0x000d, 0x60d: 0x000d, 0x60e: 0x000d, 0x60f: 0x0001, 0x610: 0x0005, 0x611: 0x0005,
+	0x612: 0x0001, 0x613: 0x0001, 0x614: 0x0001, 0x615: 0x0001, 0x616: 0x0001, 0x617: 0x0001,
+	0x618: 0x000c, 0x619: 0x000c, 0x61a: 0x000c, 0x61b: 0x000c, 0x61c: 0x000c, 0x61d: 0x000c,
+	0x61e: 0x000c, 0x61f: 0x000c, 0x620: 0x000d, 0x621: 0x000d, 0x622: 0x000d, 0x623: 0x000d,
+	0x624: 0x000d, 0x625: 0x000d, 0x626: 0x000d, 0x627: 0x000d, 0x628: 0x000d, 0x629: 0x000d,
+	0x62a: 0x000d, 0x62b: 0x000d, 0x62c: 0x000d, 0x62d: 0x000d, 0x62e: 0x000d, 0x62f: 0x000d,
+	0x630: 0x000d, 0x631: 0x000d, 0x632: 0x000d, 0x633: 0x000d, 0x634: 0x000d, 0x635: 0x000d,
+	0x636: 0x000d, 0x637: 0x000d, 0x638: 0x000d, 0x639: 0x000d, 0x63a: 0x000d, 0x63b: 0x000d,
+	0x63c: 0x000d, 0x63d: 0x000d, 0x63e: 0x000d, 0x63f: 0x000d,
+	// Block 0x19, offset 0x640
+	0x640: 0x000d, 0x641: 0x000d, 0x642: 0x000d, 0x643: 0x000d, 0x644: 0x000d, 0x645: 0x000d,
+	0x646: 0x000d, 0x647: 0x000d, 0x648: 0x000d, 0x649: 0x000d, 0x64a: 0x000c, 0x64b: 0x000c,
+	0x64c: 0x000c, 0x64d: 0x000c, 0x64e: 0x000c, 0x64f: 0x000c, 0x650: 0x000c, 0x651: 0x000c,
+	0x652: 0x000c, 0x653: 0x000c, 0x654: 0x000c, 0x655: 0x000c, 0x656: 0x000c, 0x657: 0x000c,
+	0x658: 0x000c, 0x659: 0x000c, 0x65a: 0x000c, 0x65b: 0x000c, 0x65c: 0x000c, 0x65d: 0x000c,
+	0x65e: 0x000c, 0x65f: 0x000c, 0x660: 0x000c, 0x661: 0x000c, 0x662: 0x0005, 0x663: 0x000c,
+	0x664: 0x000c, 0x665: 0x000c, 0x666: 0x000c, 0x667: 0x000c, 0x668: 0x000c, 0x669: 0x000c,
+	0x66a: 0x000c, 0x66b: 0x000c, 0x66c: 0x000c, 0x66d: 0x000c, 0x66e: 0x000c, 0x66f: 0x000c,
+	0x670: 0x000c, 0x671: 0x000c, 0x672: 0x000c, 0x673: 0x000c, 0x674: 0x000c, 0x675: 0x000c,
+	0x676: 0x000c, 0x677: 0x000c, 0x678: 0x000c, 0x679: 0x000c, 0x67a: 0x000c, 0x67b: 0x000c,
+	0x67c: 0x000c, 0x67d: 0x000c, 0x67e: 0x000c, 0x67f: 0x000c,
+	// Block 0x1a, offset 0x680
+	0x680: 0x000c, 0x681: 0x000c, 0x682: 0x000c,
+	0x6ba: 0x000c,
+	0x6bc: 0x000c,
+	// Block 0x1b, offset 0x6c0
+	0x6c1: 0x000c, 0x6c2: 0x000c, 0x6c3: 0x000c, 0x6c4: 0x000c, 0x6c5: 0x000c,
+	0x6c6: 0x000c, 0x6c7: 0x000c, 0x6c8: 0x000c,
+	0x6cd: 0x000c, 0x6d1: 0x000c,
+	0x6d2: 0x000c, 0x6d3: 0x000c, 0x6d4: 0x000c, 0x6d5: 0x000c, 0x6d6: 0x000c, 0x6d7: 0x000c,
+	0x6e2: 0x000c, 0x6e3: 0x000c,
+	// Block 0x1c, offset 0x700
+	0x701: 0x000c,
+	0x73c: 0x000c,
+	// Block 0x1d, offset 0x740
+	0x741: 0x000c, 0x742: 0x000c, 0x743: 0x000c, 0x744: 0x000c,
+	0x74d: 0x000c,
+	0x762: 0x000c, 0x763: 0x000c,
+	0x772: 0x0004, 0x773: 0x0004,
+	0x77b: 0x0004,
+	0x77e: 0x000c,
+	// Block 0x1e, offset 0x780
+	0x781: 0x000c, 0x782: 0x000c,
+	0x7bc: 0x000c,
+	// Block 0x1f, offset 0x7c0
+	0x7c1: 0x000c, 0x7c2: 0x000c,
+	0x7c7: 0x000c, 0x7c8: 0x000c, 0x7cb: 0x000c,
+	0x7cc: 0x000c, 0x7cd: 0x000c, 0x7d1: 0x000c,
+	0x7f0: 0x000c, 0x7f1: 0x000c, 0x7f5: 0x000c,
+	// Block 0x20, offset 0x800
+	0x801: 0x000c, 0x802: 0x000c, 0x803: 0x000c, 0x804: 0x000c, 0x805: 0x000c,
+	0x807: 0x000c, 0x808: 0x000c,
+	0x80d: 0x000c,
+	0x822: 0x000c, 0x823: 0x000c,
+	0x831: 0x0004,
+	0x83a: 0x000c, 0x83b: 0x000c,
+	0x83c: 0x000c, 0x83d: 0x000c, 0x83e: 0x000c, 0x83f: 0x000c,
+	// Block 0x21, offset 0x840
+	0x841: 0x000c,
+	0x87c: 0x000c, 0x87f: 0x000c,
+	// Block 0x22, offset 0x880
+	0x881: 0x000c, 0x882: 0x000c, 0x883: 0x000c, 0x884: 0x000c,
+	0x88d: 0x000c,
+	0x895: 0x000c, 0x896: 0x000c,
+	0x8a2: 0x000c, 0x8a3: 0x000c,
+	// Block 0x23, offset 0x8c0
+	0x8c2: 0x000c,
+	// Block 0x24, offset 0x900
+	0x900: 0x000c,
+	0x90d: 0x000c,
+	0x933: 0x000a, 0x934: 0x000a, 0x935: 0x000a,
+	0x936: 0x000a, 0x937: 0x000a, 0x938: 0x000a, 0x939: 0x0004, 0x93a: 0x000a,
+	// Block 0x25, offset 0x940
+	0x940: 0x000c, 0x944: 0x000c,
+	0x97c: 0x000c, 0x97e: 0x000c, 0x97f: 0x000c,
+	// Block 0x26, offset 0x980
+	0x980: 0x000c,
+	0x986: 0x000c, 0x987: 0x000c, 0x988: 0x000c, 0x98a: 0x000c, 0x98b: 0x000c,
+	0x98c: 0x000c, 0x98d: 0x000c,
+	0x995: 0x000c, 0x996: 0x000c,
+	0x9a2: 0x000c, 0x9a3: 0x000c,
+	0x9b8: 0x000a, 0x9b9: 0x000a, 0x9ba: 0x000a, 0x9bb: 0x000a,
+	0x9bc: 0x000a, 0x9bd: 0x000a, 0x9be: 0x000a,
+	// Block 0x27, offset 0x9c0
+	0x9cc: 0x000c, 0x9cd: 0x000c,
+	0x9e2: 0x000c, 0x9e3: 0x000c,
+	// Block 0x28, offset 0xa00
+	0xa00: 0x000c, 0xa01: 0x000c,
+	0xa3b: 0x000c,
+	0xa3c: 0x000c,
+	// Block 0x29, offset 0xa40
+	0xa41: 0x000c, 0xa42: 0x000c, 0xa43: 0x000c, 0xa44: 0x000c,
+	0xa4d: 0x000c,
+	0xa62: 0x000c, 0xa63: 0x000c,
+	// Block 0x2a, offset 0xa80
+	0xa81: 0x000c,
+	// Block 0x2b, offset 0xac0
+	0xaca: 0x000c,
+	0xad2: 0x000c, 0xad3: 0x000c, 0xad4: 0x000c, 0xad6: 0x000c,
+	// Block 0x2c, offset 0xb00
+	0xb31: 0x000c, 0xb34: 0x000c, 0xb35: 0x000c,
+	0xb36: 0x000c, 0xb37: 0x000c, 0xb38: 0x000c, 0xb39: 0x000c, 0xb3a: 0x000c,
+	0xb3f: 0x0004,
+	// Block 0x2d, offset 0xb40
+	0xb47: 0x000c, 0xb48: 0x000c, 0xb49: 0x000c, 0xb4a: 0x000c, 0xb4b: 0x000c,
+	0xb4c: 0x000c, 0xb4d: 0x000c, 0xb4e: 0x000c,
+	// Block 0x2e, offset 0xb80
+	0xbb1: 0x000c, 0xbb4: 0x000c, 0xbb5: 0x000c,
+	0xbb6: 0x000c, 0xbb7: 0x000c, 0xbb8: 0x000c, 0xbb9: 0x000c, 0xbba: 0x000c, 0xbbb: 0x000c,
+	0xbbc: 0x000c,
+	// Block 0x2f, offset 0xbc0
+	0xbc8: 0x000c, 0xbc9: 0x000c, 0xbca: 0x000c, 0xbcb: 0x000c,
+	0xbcc: 0x000c, 0xbcd: 0x000c, 0xbce: 0x000c,
+	// Block 0x30, offset 0xc00
+	0xc18: 0x000c, 0xc19: 0x000c,
+	0xc35: 0x000c,
+	0xc37: 0x000c, 0xc39: 0x000c, 0xc3a: 0x003a, 0xc3b: 0x002a,
+	0xc3c: 0x003a, 0xc3d: 0x002a,
+	// Block 0x31, offset 0xc40
+	0xc71: 0x000c, 0xc72: 0x000c, 0xc73: 0x000c, 0xc74: 0x000c, 0xc75: 0x000c,
+	0xc76: 0x000c, 0xc77: 0x000c, 0xc78: 0x000c, 0xc79: 0x000c, 0xc7a: 0x000c, 0xc7b: 0x000c,
+	0xc7c: 0x000c, 0xc7d: 0x000c, 0xc7e: 0x000c,
+	// Block 0x32, offset 0xc80
+	0xc80: 0x000c, 0xc81: 0x000c, 0xc82: 0x000c, 0xc83: 0x000c, 0xc84: 0x000c,
+	0xc86: 0x000c, 0xc87: 0x000c,
+	0xc8d: 0x000c, 0xc8e: 0x000c, 0xc8f: 0x000c, 0xc90: 0x000c, 0xc91: 0x000c,
+	0xc92: 0x000c, 0xc93: 0x000c, 0xc94: 0x000c, 0xc95: 0x000c, 0xc96: 0x000c, 0xc97: 0x000c,
+	0xc99: 0x000c, 0xc9a: 0x000c, 0xc9b: 0x000c, 0xc9c: 0x000c, 0xc9d: 0x000c,
+	0xc9e: 0x000c, 0xc9f: 0x000c, 0xca0: 0x000c, 0xca1: 0x000c, 0xca2: 0x000c, 0xca3: 0x000c,
+	0xca4: 0x000c, 0xca5: 0x000c, 0xca6: 0x000c, 0xca7: 0x000c, 0xca8: 0x000c, 0xca9: 0x000c,
+	0xcaa: 0x000c, 0xcab: 0x000c, 0xcac: 0x000c, 0xcad: 0x000c, 0xcae: 0x000c, 0xcaf: 0x000c,
+	0xcb0: 0x000c, 0xcb1: 0x000c, 0xcb2: 0x000c, 0xcb3: 0x000c, 0xcb4: 0x000c, 0xcb5: 0x000c,
+	0xcb6: 0x000c, 0xcb7: 0x000c, 0xcb8: 0x000c, 0xcb9: 0x000c, 0xcba: 0x000c, 0xcbb: 0x000c,
+	0xcbc: 0x000c,
+	// Block 0x33, offset 0xcc0
+	0xcc6: 0x000c,
+	// Block 0x34, offset 0xd00
+	0xd2d: 0x000c, 0xd2e: 0x000c, 0xd2f: 0x000c,
+	0xd30: 0x000c, 0xd32: 0x000c, 0xd33: 0x000c, 0xd34: 0x000c, 0xd35: 0x000c,
+	0xd36: 0x000c, 0xd37: 0x000c, 0xd39: 0x000c, 0xd3a: 0x000c,
+	0xd3d: 0x000c, 0xd3e: 0x000c,
+	// Block 0x35, offset 0xd40
+	0xd58: 0x000c, 0xd59: 0x000c,
+	0xd5e: 0x000c, 0xd5f: 0x000c, 0xd60: 0x000c,
+	0xd71: 0x000c, 0xd72: 0x000c, 0xd73: 0x000c, 0xd74: 0x000c,
+	// Block 0x36, offset 0xd80
+	0xd82: 0x000c, 0xd85: 0x000c,
+	0xd86: 0x000c,
+	0xd8d: 0x000c,
+	0xd9d: 0x000c,
+	// Block 0x37, offset 0xdc0
+	0xddd: 0x000c,
+	0xdde: 0x000c, 0xddf: 0x000c,
+	// Block 0x38, offset 0xe00
+	0xe10: 0x000a, 0xe11: 0x000a,
+	0xe12: 0x000a, 0xe13: 0x000a, 0xe14: 0x000a, 0xe15: 0x000a, 0xe16: 0x000a, 0xe17: 0x000a,
+	0xe18: 0x000a, 0xe19: 0x000a,
+	// Block 0x39, offset 0xe40
+	0xe40: 0x000a,
+	// Block 0x3a, offset 0xe80
+	0xe80: 0x0009,
+	0xe9b: 0x007a, 0xe9c: 0x006a,
+	// Block 0x3b, offset 0xec0
+	0xed2: 0x000c, 0xed3: 0x000c, 0xed4: 0x000c,
+	0xef2: 0x000c, 0xef3: 0x000c,
+	// Block 0x3c, offset 0xf00
+	0xf12: 0x000c, 0xf13: 0x000c,
+	0xf32: 0x000c, 0xf33: 0x000c,
+	// Block 0x3d, offset 0xf40
+	0xf74: 0x000c, 0xf75: 0x000c,
+	0xf77: 0x000c, 0xf78: 0x000c, 0xf79: 0x000c, 0xf7a: 0x000c, 0xf7b: 0x000c,
+	0xf7c: 0x000c, 0xf7d: 0x000c,
+	// Block 0x3e, offset 0xf80
+	0xf86: 0x000c, 0xf89: 0x000c, 0xf8a: 0x000c, 0xf8b: 0x000c,
+	0xf8c: 0x000c, 0xf8d: 0x000c, 0xf8e: 0x000c, 0xf8f: 0x000c, 0xf90: 0x000c, 0xf91: 0x000c,
+	0xf92: 0x000c, 0xf93: 0x000c,
+	0xf9b: 0x0004, 0xf9d: 0x000c,
+	0xfb0: 0x000a, 0xfb1: 0x000a, 0xfb2: 0x000a, 0xfb3: 0x000a, 0xfb4: 0x000a, 0xfb5: 0x000a,
+	0xfb6: 0x000a, 0xfb7: 0x000a, 0xfb8: 0x000a, 0xfb9: 0x000a,
+	// Block 0x3f, offset 0xfc0
+	0xfc0: 0x000a, 0xfc1: 0x000a, 0xfc2: 0x000a, 0xfc3: 0x000a, 0xfc4: 0x000a, 0xfc5: 0x000a,
+	0xfc6: 0x000a, 0xfc7: 0x000a, 0xfc8: 0x000a, 0xfc9: 0x000a, 0xfca: 0x000a, 0xfcb: 0x000c,
+	0xfcc: 0x000c, 0xfcd: 0x000c, 0xfce: 0x000b, 0xfcf: 0x000c,
+	// Block 0x40, offset 0x1000
+	0x1005: 0x000c,
+	0x1006: 0x000c,
+	0x1029: 0x000c,
+	// Block 0x41, offset 0x1040
+	0x1060: 0x000c, 0x1061: 0x000c, 0x1062: 0x000c,
+	0x1067: 0x000c, 0x1068: 0x000c,
+	0x1072: 0x000c,
+	0x1079: 0x000c, 0x107a: 0x000c, 0x107b: 0x000c,
+	// Block 0x42, offset 0x1080
+	0x1080: 0x000a, 0x1084: 0x000a, 0x1085: 0x000a,
+	// Block 0x43, offset 0x10c0
+	0x10de: 0x000a, 0x10df: 0x000a, 0x10e0: 0x000a, 0x10e1: 0x000a, 0x10e2: 0x000a, 0x10e3: 0x000a,
+	0x10e4: 0x000a, 0x10e5: 0x000a, 0x10e6: 0x000a, 0x10e7: 0x000a, 0x10e8: 0x000a, 0x10e9: 0x000a,
+	0x10ea: 0x000a, 0x10eb: 0x000a, 0x10ec: 0x000a, 0x10ed: 0x000a, 0x10ee: 0x000a, 0x10ef: 0x000a,
+	0x10f0: 0x000a, 0x10f1: 0x000a, 0x10f2: 0x000a, 0x10f3: 0x000a, 0x10f4: 0x000a, 0x10f5: 0x000a,
+	0x10f6: 0x000a, 0x10f7: 0x000a, 0x10f8: 0x000a, 0x10f9: 0x000a, 0x10fa: 0x000a, 0x10fb: 0x000a,
+	0x10fc: 0x000a, 0x10fd: 0x000a, 0x10fe: 0x000a, 0x10ff: 0x000a,
+	// Block 0x44, offset 0x1100
+	0x1117: 0x000c,
+	0x1118: 0x000c, 0x111b: 0x000c,
+	// Block 0x45, offset 0x1140
+	0x1156: 0x000c,
+	0x1158: 0x000c, 0x1159: 0x000c, 0x115a: 0x000c, 0x115b: 0x000c, 0x115c: 0x000c, 0x115d: 0x000c,
+	0x115e: 0x000c, 0x1160: 0x000c, 0x1162: 0x000c,
+	0x1165: 0x000c, 0x1166: 0x000c, 0x1167: 0x000c, 0x1168: 0x000c, 0x1169: 0x000c,
+	0x116a: 0x000c, 0x116b: 0x000c, 0x116c: 0x000c,
+	0x1173: 0x000c, 0x1174: 0x000c, 0x1175: 0x000c,
+	0x1176: 0x000c, 0x1177: 0x000c, 0x1178: 0x000c, 0x1179: 0x000c, 0x117a: 0x000c, 0x117b: 0x000c,
+	0x117c: 0x000c, 0x117f: 0x000c,
+	// Block 0x46, offset 0x1180
+	0x11b0: 0x000c, 0x11b1: 0x000c, 0x11b2: 0x000c, 0x11b3: 0x000c, 0x11b4: 0x000c, 0x11b5: 0x000c,
+	0x11b6: 0x000c, 0x11b7: 0x000c, 0x11b8: 0x000c, 0x11b9: 0x000c, 0x11ba: 0x000c, 0x11bb: 0x000c,
+	0x11bc: 0x000c, 0x11bd: 0x000c, 0x11be: 0x000c, 0x11bf: 0x000c,
+	// Block 0x47, offset 0x11c0
+	0x11c0: 0x000c, 0x11c1: 0x000c, 0x11c2: 0x000c, 0x11c3: 0x000c, 0x11c4: 0x000c, 0x11c5: 0x000c,
+	0x11c6: 0x000c, 0x11c7: 0x000c, 0x11c8: 0x000c, 0x11c9: 0x000c, 0x11ca: 0x000c, 0x11cb: 0x000c,
+	0x11cc: 0x000c, 0x11cd: 0x000c, 0x11ce: 0x000c,
+	// Block 0x48, offset 0x1200
+	0x1200: 0x000c, 0x1201: 0x000c, 0x1202: 0x000c, 0x1203: 0x000c,
+	0x1234: 0x000c,
+	0x1236: 0x000c, 0x1237: 0x000c, 0x1238: 0x000c, 0x1239: 0x000c, 0x123a: 0x000c,
+	0x123c: 0x000c,
+	// Block 0x49, offset 0x1240
+	0x1242: 0x000c,
+	0x126b: 0x000c, 0x126c: 0x000c, 0x126d: 0x000c, 0x126e: 0x000c, 0x126f: 0x000c,
+	0x1270: 0x000c, 0x1271: 0x000c, 0x1272: 0x000c, 0x1273: 0x000c,
+	// Block 0x4a, offset 0x1280
+	0x1280: 0x000c, 0x1281: 0x000c,
+	0x12a2: 0x000c, 0x12a3: 0x000c,
+	0x12a4: 0x000c, 0x12a5: 0x000c, 0x12a8: 0x000c, 0x12a9: 0x000c,
+	0x12ab: 0x000c, 0x12ac: 0x000c, 0x12ad: 0x000c,
+	// Block 0x4b, offset 0x12c0
+	0x12e6: 0x000c, 0x12e8: 0x000c, 0x12e9: 0x000c,
+	0x12ed: 0x000c, 0x12ef: 0x000c,
+	0x12f0: 0x000c, 0x12f1: 0x000c,
+	// Block 0x4c, offset 0x1300
+	0x132c: 0x000c, 0x132d: 0x000c, 0x132e: 0x000c, 0x132f: 0x000c,
+	0x1330: 0x000c, 0x1331: 0x000c, 0x1332: 0x000c, 0x1333: 0x000c,
+	0x1336: 0x000c, 0x1337: 0x000c,
+	// Block 0x4d, offset 0x1340
+	0x1350: 0x000c, 0x1351: 0x000c,
+	0x1352: 0x000c, 0x1354: 0x000c, 0x1355: 0x000c, 0x1356: 0x000c, 0x1357: 0x000c,
+	0x1358: 0x000c, 0x1359: 0x000c, 0x135a: 0x000c, 0x135b: 0x000c, 0x135c: 0x000c, 0x135d: 0x000c,
+	0x135e: 0x000c, 0x135f: 0x000c, 0x1360: 0x000c, 0x1362: 0x000c, 0x1363: 0x000c,
+	0x1364: 0x000c, 0x1365: 0x000c, 0x1366: 0x000c, 0x1367: 0x000c, 0x1368: 0x000c,
+	0x136d: 0x000c,
+	0x1374: 0x000c,
+	0x1378: 0x000c, 0x1379: 0x000c,
+	// Block 0x4e, offset 0x1380
+	0x13bd: 0x000a, 0x13bf: 0x000a,
+	// Block 0x4f, offset 0x13c0
+	0x13c0: 0x000a, 0x13c1: 0x000a,
+	0x13cd: 0x000a, 0x13ce: 0x000a, 0x13cf: 0x000a,
+	0x13dd: 0x000a,
+	0x13de: 0x000a, 0x13df: 0x000a,
+	0x13ed: 0x000a, 0x13ee: 0x000a, 0x13ef: 0x000a,
+	0x13fd: 0x000a, 0x13fe: 0x000a,
+	// Block 0x50, offset 0x1400
+	0x1400: 0x0009, 0x1401: 0x0009, 0x1402: 0x0009, 0x1403: 0x0009, 0x1404: 0x0009, 0x1405: 0x0009,
+	0x1406: 0x0009, 0x1407: 0x0009, 0x1408: 0x0009, 0x1409: 0x0009, 0x140a: 0x0009, 0x140b: 0x000b,
+	0x140c: 0x000b, 0x140d: 0x000b, 0x140f: 0x0001, 0x1410: 0x000a, 0x1411: 0x000a,
+	0x1412: 0x000a, 0x1413: 0x000a, 0x1414: 0x000a, 0x1415: 0x000a, 0x1416: 0x000a, 0x1417: 0x000a,
+	0x1418: 0x000a, 0x1419: 0x000a, 0x141a: 0x000a, 0x141b: 0x000a, 0x141c: 0x000a, 0x141d: 0x000a,
+	0x141e: 0x000a, 0x141f: 0x000a, 0x1420: 0x000a, 0x1421: 0x000a, 0x1422: 0x000a, 0x1423: 0x000a,
+	0x1424: 0x000a, 0x1425: 0x000a, 0x1426: 0x000a, 0x1427: 0x000a, 0x1428: 0x0009, 0x1429: 0x0007,
+	0x142a: 0x000e, 0x142b: 0x000e, 0x142c: 0x000e, 0x142d: 0x000e, 0x142e: 0x000e, 0x142f: 0x0006,
+	0x1430: 0x0004, 0x1431: 0x0004, 0x1432: 0x0004, 0x1433: 0x0004, 0x1434: 0x0004, 0x1435: 0x000a,
+	0x1436: 0x000a, 0x1437: 0x000a, 0x1438: 0x000a, 0x1439: 0x000a, 0x143a: 0x000a, 0x143b: 0x000a,
+	0x143c: 0x000a, 0x143d: 0x000a, 0x143e: 0x000a, 0x143f: 0x000a,
+	// Block 0x51, offset 0x1440
+	0x1440: 0x000a, 0x1441: 0x000a, 0x1442: 0x000a, 0x1443: 0x000a, 0x1444: 0x0006, 0x1445: 0x009a,
+	0x1446: 0x008a, 0x1447: 0x000a, 0x1448: 0x000a, 0x1449: 0x000a, 0x144a: 0x000a, 0x144b: 0x000a,
+	0x144c: 0x000a, 0x144d: 0x000a, 0x144e: 0x000a, 0x144f: 0x000a, 0x1450: 0x000a, 0x1451: 0x000a,
+	0x1452: 0x000a, 0x1453: 0x000a, 0x1454: 0x000a, 0x1455: 0x000a, 0x1456: 0x000a, 0x1457: 0x000a,
+	0x1458: 0x000a, 0x1459: 0x000a, 0x145a: 0x000a, 0x145b: 0x000a, 0x145c: 0x000a, 0x145d: 0x000a,
+	0x145e: 0x000a, 0x145f: 0x0009, 0x1460: 0x000b, 0x1461: 0x000b, 0x1462: 0x000b, 0x1463: 0x000b,
+	0x1464: 0x000b, 0x1465: 0x000b, 0x1466: 0x000e, 0x1467: 0x000e, 0x1468: 0x000e, 0x1469: 0x000e,
+	0x146a: 0x000b, 0x146b: 0x000b, 0x146c: 0x000b, 0x146d: 0x000b, 0x146e: 0x000b, 0x146f: 0x000b,
+	0x1470: 0x0002, 0x1474: 0x0002, 0x1475: 0x0002,
+	0x1476: 0x0002, 0x1477: 0x0002, 0x1478: 0x0002, 0x1479: 0x0002, 0x147a: 0x0003, 0x147b: 0x0003,
+	0x147c: 0x000a, 0x147d: 0x009a, 0x147e: 0x008a,
+	// Block 0x52, offset 0x1480
+	0x1480: 0x0002, 0x1481: 0x0002, 0x1482: 0x0002, 0x1483: 0x0002, 0x1484: 0x0002, 0x1485: 0x0002,
+	0x1486: 0x0002, 0x1487: 0x0002, 0x1488: 0x0002, 0x1489: 0x0002, 0x148a: 0x0003, 0x148b: 0x0003,
+	0x148c: 0x000a, 0x148d: 0x009a, 0x148e: 0x008a,
+	0x14a0: 0x0004, 0x14a1: 0x0004, 0x14a2: 0x0004, 0x14a3: 0x0004,
+	0x14a4: 0x0004, 0x14a5: 0x0004, 0x14a6: 0x0004, 0x14a7: 0x0004, 0x14a8: 0x0004, 0x14a9: 0x0004,
+	0x14aa: 0x0004, 0x14ab: 0x0004, 0x14ac: 0x0004, 0x14ad: 0x0004, 0x14ae: 0x0004, 0x14af: 0x0004,
+	0x14b0: 0x0004, 0x14b1: 0x0004, 0x14b2: 0x0004, 0x14b3: 0x0004, 0x14b4: 0x0004, 0x14b5: 0x0004,
+	0x14b6: 0x0004, 0x14b7: 0x0004, 0x14b8: 0x0004, 0x14b9: 0x0004, 0x14ba: 0x0004, 0x14bb: 0x0004,
+	0x14bc: 0x0004, 0x14bd: 0x0004, 0x14be: 0x0004, 0x14bf: 0x0004,
+	// Block 0x53, offset 0x14c0
+	0x14c0: 0x0004, 0x14c1: 0x0004, 0x14c2: 0x0004, 0x14c3: 0x0004, 0x14c4: 0x0004, 0x14c5: 0x0004,
+	0x14c6: 0x0004, 0x14c7: 0x0004, 0x14c8: 0x0004, 0x14c9: 0x0004, 0x14ca: 0x0004, 0x14cb: 0x0004,
+	0x14cc: 0x0004, 0x14cd: 0x0004, 0x14ce: 0x0004, 0x14cf: 0x0004, 0x14d0: 0x000c, 0x14d1: 0x000c,
+	0x14d2: 0x000c, 0x14d3: 0x000c, 0x14d4: 0x000c, 0x14d5: 0x000c, 0x14d6: 0x000c, 0x14d7: 0x000c,
+	0x14d8: 0x000c, 0x14d9: 0x000c, 0x14da: 0x000c, 0x14db: 0x000c, 0x14dc: 0x000c, 0x14dd: 0x000c,
+	0x14de: 0x000c, 0x14df: 0x000c, 0x14e0: 0x000c, 0x14e1: 0x000c, 0x14e2: 0x000c, 0x14e3: 0x000c,
+	0x14e4: 0x000c, 0x14e5: 0x000c, 0x14e6: 0x000c, 0x14e7: 0x000c, 0x14e8: 0x000c, 0x14e9: 0x000c,
+	0x14ea: 0x000c, 0x14eb: 0x000c, 0x14ec: 0x000c, 0x14ed: 0x000c, 0x14ee: 0x000c, 0x14ef: 0x000c,
+	0x14f0: 0x000c,
+	// Block 0x54, offset 0x1500
+	0x1500: 0x000a, 0x1501: 0x000a, 0x1503: 0x000a, 0x1504: 0x000a, 0x1505: 0x000a,
+	0x1506: 0x000a, 0x1508: 0x000a, 0x1509: 0x000a,
+	0x1514: 0x000a, 0x1516: 0x000a, 0x1517: 0x000a,
+	0x1518: 0x000a,
+	0x151e: 0x000a, 0x151f: 0x000a, 0x1520: 0x000a, 0x1521: 0x000a, 0x1522: 0x000a, 0x1523: 0x000a,
+	0x1525: 0x000a, 0x1527: 0x000a, 0x1529: 0x000a,
+	0x152e: 0x0004,
+	0x153a: 0x000a, 0x153b: 0x000a,
+	// Block 0x55, offset 0x1540
+	0x1540: 0x000a, 0x1541: 0x000a, 0x1542: 0x000a, 0x1543: 0x000a, 0x1544: 0x000a,
+	0x154a: 0x000a, 0x154b: 0x000a,
+	0x154c: 0x000a, 0x154d: 0x000a, 0x1550: 0x000a, 0x1551: 0x000a,
+	0x1552: 0x000a, 0x1553: 0x000a, 0x1554: 0x000a, 0x1555: 0x000a, 0x1556: 0x000a, 0x1557: 0x000a,
+	0x1558: 0x000a, 0x1559: 0x000a, 0x155a: 0x000a, 0x155b: 0x000a, 0x155c: 0x000a, 0x155d: 0x000a,
+	0x155e: 0x000a, 0x155f: 0x000a,
+	// Block 0x56, offset 0x1580
+	0x1589: 0x000a, 0x158a: 0x000a, 0x158b: 0x000a,
+	0x1590: 0x000a, 0x1591: 0x000a,
+	0x1592: 0x000a, 0x1593: 0x000a, 0x1594: 0x000a, 0x1595: 0x000a, 0x1596: 0x000a, 0x1597: 0x000a,
+	0x1598: 0x000a, 0x1599: 0x000a, 0x159a: 0x000a, 0x159b: 0x000a, 0x159c: 0x000a, 0x159d: 0x000a,
+	0x159e: 0x000a, 0x159f: 0x000a, 0x15a0: 0x000a, 0x15a1: 0x000a, 0x15a2: 0x000a, 0x15a3: 0x000a,
+	0x15a4: 0x000a, 0x15a5: 0x000a, 0x15a6: 0x000a, 0x15a7: 0x000a, 0x15a8: 0x000a, 0x15a9: 0x000a,
+	0x15aa: 0x000a, 0x15ab: 0x000a, 0x15ac: 0x000a, 0x15ad: 0x000a, 0x15ae: 0x000a, 0x15af: 0x000a,
+	0x15b0: 0x000a, 0x15b1: 0x000a, 0x15b2: 0x000a, 0x15b3: 0x000a, 0x15b4: 0x000a, 0x15b5: 0x000a,
+	0x15b6: 0x000a, 0x15b7: 0x000a, 0x15b8: 0x000a, 0x15b9: 0x000a, 0x15ba: 0x000a, 0x15bb: 0x000a,
+	0x15bc: 0x000a, 0x15bd: 0x000a, 0x15be: 0x000a, 0x15bf: 0x000a,
+	// Block 0x57, offset 0x15c0
+	0x15c0: 0x000a, 0x15c1: 0x000a, 0x15c2: 0x000a, 0x15c3: 0x000a, 0x15c4: 0x000a, 0x15c5: 0x000a,
+	0x15c6: 0x000a, 0x15c7: 0x000a, 0x15c8: 0x000a, 0x15c9: 0x000a, 0x15ca: 0x000a, 0x15cb: 0x000a,
+	0x15cc: 0x000a, 0x15cd: 0x000a, 0x15ce: 0x000a, 0x15cf: 0x000a, 0x15d0: 0x000a, 0x15d1: 0x000a,
+	0x15d2: 0x000a, 0x15d3: 0x000a, 0x15d4: 0x000a, 0x15d5: 0x000a, 0x15d6: 0x000a, 0x15d7: 0x000a,
+	0x15d8: 0x000a, 0x15d9: 0x000a, 0x15da: 0x000a, 0x15db: 0x000a, 0x15dc: 0x000a, 0x15dd: 0x000a,
+	0x15de: 0x000a, 0x15df: 0x000a, 0x15e0: 0x000a, 0x15e1: 0x000a, 0x15e2: 0x000a, 0x15e3: 0x000a,
+	0x15e4: 0x000a, 0x15e5: 0x000a, 0x15e6: 0x000a, 0x15e7: 0x000a, 0x15e8: 0x000a, 0x15e9: 0x000a,
+	0x15ea: 0x000a, 0x15eb: 0x000a, 0x15ec: 0x000a, 0x15ed: 0x000a, 0x15ee: 0x000a, 0x15ef: 0x000a,
+	0x15f0: 0x000a, 0x15f1: 0x000a, 0x15f2: 0x000a, 0x15f3: 0x000a, 0x15f4: 0x000a, 0x15f5: 0x000a,
+	0x15f6: 0x000a, 0x15f7: 0x000a, 0x15f8: 0x000a, 0x15f9: 0x000a, 0x15fa: 0x000a, 0x15fb: 0x000a,
+	0x15fc: 0x000a, 0x15fd: 0x000a, 0x15fe: 0x000a, 0x15ff: 0x000a,
+	// Block 0x58, offset 0x1600
+	0x1600: 0x000a, 0x1601: 0x000a, 0x1602: 0x000a, 0x1603: 0x000a, 0x1604: 0x000a, 0x1605: 0x000a,
+	0x1606: 0x000a, 0x1607: 0x000a, 0x1608: 0x000a, 0x1609: 0x000a, 0x160a: 0x000a, 0x160b: 0x000a,
+	0x160c: 0x000a, 0x160d: 0x000a, 0x160e: 0x000a, 0x160f: 0x000a, 0x1610: 0x000a, 0x1611: 0x000a,
+	0x1612: 0x0003, 0x1613: 0x0004, 0x1614: 0x000a, 0x1615: 0x000a, 0x1616: 0x000a, 0x1617: 0x000a,
+	0x1618: 0x000a, 0x1619: 0x000a, 0x161a: 0x000a, 0x161b: 0x000a, 0x161c: 0x000a, 0x161d: 0x000a,
+	0x161e: 0x000a, 0x161f: 0x000a, 0x1620: 0x000a, 0x1621: 0x000a, 0x1622: 0x000a, 0x1623: 0x000a,
+	0x1624: 0x000a, 0x1625: 0x000a, 0x1626: 0x000a, 0x1627: 0x000a, 0x1628: 0x000a, 0x1629: 0x000a,
+	0x162a: 0x000a, 0x162b: 0x000a, 0x162c: 0x000a, 0x162d: 0x000a, 0x162e: 0x000a, 0x162f: 0x000a,
+	0x1630: 0x000a, 0x1631: 0x000a, 0x1632: 0x000a, 0x1633: 0x000a, 0x1634: 0x000a, 0x1635: 0x000a,
+	0x1636: 0x000a, 0x1637: 0x000a, 0x1638: 0x000a, 0x1639: 0x000a, 0x163a: 0x000a, 0x163b: 0x000a,
+	0x163c: 0x000a, 0x163d: 0x000a, 0x163e: 0x000a, 0x163f: 0x000a,
+	// Block 0x59, offset 0x1640
+	0x1640: 0x000a, 0x1641: 0x000a, 0x1642: 0x000a, 0x1643: 0x000a, 0x1644: 0x000a, 0x1645: 0x000a,
+	0x1646: 0x000a, 0x1647: 0x000a, 0x1648: 0x003a, 0x1649: 0x002a, 0x164a: 0x003a, 0x164b: 0x002a,
+	0x164c: 0x000a, 0x164d: 0x000a, 0x164e: 0x000a, 0x164f: 0x000a, 0x1650: 0x000a, 0x1651: 0x000a,
+	0x1652: 0x000a, 0x1653: 0x000a, 0x1654: 0x000a, 0x1655: 0x000a, 0x1656: 0x000a, 0x1657: 0x000a,
+	0x1658: 0x000a, 0x1659: 0x000a, 0x165a: 0x000a, 0x165b: 0x000a, 0x165c: 0x000a, 0x165d: 0x000a,
+	0x165e: 0x000a, 0x165f: 0x000a, 0x1660: 0x000a, 0x1661: 0x000a, 0x1662: 0x000a, 0x1663: 0x000a,
+	0x1664: 0x000a, 0x1665: 0x000a, 0x1666: 0x000a, 0x1667: 0x000a, 0x1668: 0x000a, 0x1669: 0x009a,
+	0x166a: 0x008a, 0x166b: 0x000a, 0x166c: 0x000a, 0x166d: 0x000a, 0x166e: 0x000a, 0x166f: 0x000a,
+	0x1670: 0x000a, 0x1671: 0x000a, 0x1672: 0x000a, 0x1673: 0x000a, 0x1674: 0x000a, 0x1675: 0x000a,
+	// Block 0x5a, offset 0x1680
+	0x16bb: 0x000a,
+	0x16bc: 0x000a, 0x16bd: 0x000a, 0x16be: 0x000a, 0x16bf: 0x000a,
+	// Block 0x5b, offset 0x16c0
+	0x16c0: 0x000a, 0x16c1: 0x000a, 0x16c2: 0x000a, 0x16c3: 0x000a, 0x16c4: 0x000a, 0x16c5: 0x000a,
+	0x16c6: 0x000a, 0x16c7: 0x000a, 0x16c8: 0x000a, 0x16c9: 0x000a, 0x16ca: 0x000a, 0x16cb: 0x000a,
+	0x16cc: 0x000a, 0x16cd: 0x000a, 0x16ce: 0x000a, 0x16cf: 0x000a, 0x16d0: 0x000a, 0x16d1: 0x000a,
+	0x16d2: 0x000a, 0x16d3: 0x000a, 0x16d4: 0x000a, 0x16d6: 0x000a, 0x16d7: 0x000a,
+	0x16d8: 0x000a, 0x16d9: 0x000a, 0x16da: 0x000a, 0x16db: 0x000a, 0x16dc: 0x000a, 0x16dd: 0x000a,
+	0x16de: 0x000a, 0x16df: 0x000a, 0x16e0: 0x000a, 0x16e1: 0x000a, 0x16e2: 0x000a, 0x16e3: 0x000a,
+	0x16e4: 0x000a, 0x16e5: 0x000a, 0x16e6: 0x000a, 0x16e7: 0x000a, 0x16e8: 0x000a, 0x16e9: 0x000a,
+	0x16ea: 0x000a, 0x16eb: 0x000a, 0x16ec: 0x000a, 0x16ed: 0x000a, 0x16ee: 0x000a, 0x16ef: 0x000a,
+	0x16f0: 0x000a, 0x16f1: 0x000a, 0x16f2: 0x000a, 0x16f3: 0x000a, 0x16f4: 0x000a, 0x16f5: 0x000a,
+	0x16f6: 0x000a, 0x16f7: 0x000a, 0x16f8: 0x000a, 0x16f9: 0x000a, 0x16fa: 0x000a, 0x16fb: 0x000a,
+	0x16fc: 0x000a, 0x16fd: 0x000a, 0x16fe: 0x000a, 0x16ff: 0x000a,
+	// Block 0x5c, offset 0x1700
+	0x1700: 0x000a, 0x1701: 0x000a, 0x1702: 0x000a, 0x1703: 0x000a, 0x1704: 0x000a, 0x1705: 0x000a,
+	0x1706: 0x000a, 0x1707: 0x000a, 0x1708: 0x000a, 0x1709: 0x000a, 0x170a: 0x000a, 0x170b: 0x000a,
+	0x170c: 0x000a, 0x170d: 0x000a, 0x170e: 0x000a, 0x170f: 0x000a, 0x1710: 0x000a, 0x1711: 0x000a,
+	0x1712: 0x000a, 0x1713: 0x000a, 0x1714: 0x000a, 0x1715: 0x000a, 0x1716: 0x000a, 0x1717: 0x000a,
+	0x1718: 0x000a, 0x1719: 0x000a, 0x171a: 0x000a, 0x171b: 0x000a, 0x171c: 0x000a, 0x171d: 0x000a,
+	0x171e: 0x000a, 0x171f: 0x000a, 0x1720: 0x000a, 0x1721: 0x000a, 0x1722: 0x000a, 0x1723: 0x000a,
+	0x1724: 0x000a, 0x1725: 0x000a, 0x1726: 0x000a,
+	// Block 0x5d, offset 0x1740
+	0x1740: 0x000a, 0x1741: 0x000a, 0x1742: 0x000a, 0x1743: 0x000a, 0x1744: 0x000a, 0x1745: 0x000a,
+	0x1746: 0x000a, 0x1747: 0x000a, 0x1748: 0x000a, 0x1749: 0x000a, 0x174a: 0x000a,
+	0x1760: 0x000a, 0x1761: 0x000a, 0x1762: 0x000a, 0x1763: 0x000a,
+	0x1764: 0x000a, 0x1765: 0x000a, 0x1766: 0x000a, 0x1767: 0x000a, 0x1768: 0x000a, 0x1769: 0x000a,
+	0x176a: 0x000a, 0x176b: 0x000a, 0x176c: 0x000a, 0x176d: 0x000a, 0x176e: 0x000a, 0x176f: 0x000a,
+	0x1770: 0x000a, 0x1771: 0x000a, 0x1772: 0x000a, 0x1773: 0x000a, 0x1774: 0x000a, 0x1775: 0x000a,
+	0x1776: 0x000a, 0x1777: 0x000a, 0x1778: 0x000a, 0x1779: 0x000a, 0x177a: 0x000a, 0x177b: 0x000a,
+	0x177c: 0x000a, 0x177d: 0x000a, 0x177e: 0x000a, 0x177f: 0x000a,
+	// Block 0x5e, offset 0x1780
+	0x1780: 0x000a, 0x1781: 0x000a, 0x1782: 0x000a, 0x1783: 0x000a, 0x1784: 0x000a, 0x1785: 0x000a,
+	0x1786: 0x000a, 0x1787: 0x000a, 0x1788: 0x0002, 0x1789: 0x0002, 0x178a: 0x0002, 0x178b: 0x0002,
+	0x178c: 0x0002, 0x178d: 0x0002, 0x178e: 0x0002, 0x178f: 0x0002, 0x1790: 0x0002, 0x1791: 0x0002,
+	0x1792: 0x0002, 0x1793: 0x0002, 0x1794: 0x0002, 0x1795: 0x0002, 0x1796: 0x0002, 0x1797: 0x0002,
+	0x1798: 0x0002, 0x1799: 0x0002, 0x179a: 0x0002, 0x179b: 0x0002,
+	// Block 0x5f, offset 0x17c0
+	0x17ea: 0x000a, 0x17eb: 0x000a, 0x17ec: 0x000a, 0x17ed: 0x000a, 0x17ee: 0x000a, 0x17ef: 0x000a,
+	0x17f0: 0x000a, 0x17f1: 0x000a, 0x17f2: 0x000a, 0x17f3: 0x000a, 0x17f4: 0x000a, 0x17f5: 0x000a,
+	0x17f6: 0x000a, 0x17f7: 0x000a, 0x17f8: 0x000a, 0x17f9: 0x000a, 0x17fa: 0x000a, 0x17fb: 0x000a,
+	0x17fc: 0x000a, 0x17fd: 0x000a, 0x17fe: 0x000a, 0x17ff: 0x000a,
+	// Block 0x60, offset 0x1800
+	0x1800: 0x000a, 0x1801: 0x000a, 0x1802: 0x000a, 0x1803: 0x000a, 0x1804: 0x000a, 0x1805: 0x000a,
+	0x1806: 0x000a, 0x1807: 0x000a, 0x1808: 0x000a, 0x1809: 0x000a, 0x180a: 0x000a, 0x180b: 0x000a,
+	0x180c: 0x000a, 0x180d: 0x000a, 0x180e: 0x000a, 0x180f: 0x000a, 0x1810: 0x000a, 0x1811: 0x000a,
+	0x1812: 0x000a, 0x1813: 0x000a, 0x1814: 0x000a, 0x1815: 0x000a, 0x1816: 0x000a, 0x1817: 0x000a,
+	0x1818: 0x000a, 0x1819: 0x000a, 0x181a: 0x000a, 0x181b: 0x000a, 0x181c: 0x000a, 0x181d: 0x000a,
+	0x181e: 0x000a, 0x181f: 0x000a, 0x1820: 0x000a, 0x1821: 0x000a, 0x1822: 0x000a, 0x1823: 0x000a,
+	0x1824: 0x000a, 0x1825: 0x000a, 0x1826: 0x000a, 0x1827: 0x000a, 0x1828: 0x000a, 0x1829: 0x000a,
+	0x182a: 0x000a, 0x182b: 0x000a, 0x182d: 0x000a, 0x182e: 0x000a, 0x182f: 0x000a,
+	0x1830: 0x000a, 0x1831: 0x000a, 0x1832: 0x000a, 0x1833: 0x000a, 0x1834: 0x000a, 0x1835: 0x000a,
+	0x1836: 0x000a, 0x1837: 0x000a, 0x1838: 0x000a, 0x1839: 0x000a, 0x183a: 0x000a, 0x183b: 0x000a,
+	0x183c: 0x000a, 0x183d: 0x000a, 0x183e: 0x000a, 0x183f: 0x000a,
+	// Block 0x61, offset 0x1840
+	0x1840: 0x000a, 0x1841: 0x000a, 0x1842: 0x000a, 0x1843: 0x000a, 0x1844: 0x000a, 0x1845: 0x000a,
+	0x1846: 0x000a, 0x1847: 0x000a, 0x1848: 0x000a, 0x1849: 0x000a, 0x184a: 0x000a, 0x184b: 0x000a,
+	0x184c: 0x000a, 0x184d: 0x000a, 0x184e: 0x000a, 0x184f: 0x000a, 0x1850: 0x000a, 0x1851: 0x000a,
+	0x1852: 0x000a, 0x1853: 0x000a, 0x1854: 0x000a, 0x1855: 0x000a, 0x1856: 0x000a, 0x1857: 0x000a,
+	0x1858: 0x000a, 0x1859: 0x000a, 0x185a: 0x000a, 0x185b: 0x000a, 0x185c: 0x000a, 0x185d: 0x000a,
+	0x185e: 0x000a, 0x185f: 0x000a, 0x1860: 0x000a, 0x1861: 0x000a, 0x1862: 0x000a, 0x1863: 0x000a,
+	0x1864: 0x000a, 0x1865: 0x000a, 0x1866: 0x000a, 0x1867: 0x000a, 0x1868: 0x003a, 0x1869: 0x002a,
+	0x186a: 0x003a, 0x186b: 0x002a, 0x186c: 0x003a, 0x186d: 0x002a, 0x186e: 0x003a, 0x186f: 0x002a,
+	0x1870: 0x003a, 0x1871: 0x002a, 0x1872: 0x003a, 0x1873: 0x002a, 0x1874: 0x003a, 0x1875: 0x002a,
+	0x1876: 0x000a, 0x1877: 0x000a, 0x1878: 0x000a, 0x1879: 0x000a, 0x187a: 0x000a, 0x187b: 0x000a,
+	0x187c: 0x000a, 0x187d: 0x000a, 0x187e: 0x000a, 0x187f: 0x000a,
+	// Block 0x62, offset 0x1880
+	0x1880: 0x000a, 0x1881: 0x000a, 0x1882: 0x000a, 0x1883: 0x000a, 0x1884: 0x000a, 0x1885: 0x009a,
+	0x1886: 0x008a, 0x1887: 0x000a, 0x1888: 0x000a, 0x1889: 0x000a, 0x188a: 0x000a, 0x188b: 0x000a,
+	0x188c: 0x000a, 0x188d: 0x000a, 0x188e: 0x000a, 0x188f: 0x000a, 0x1890: 0x000a, 0x1891: 0x000a,
+	0x1892: 0x000a, 0x1893: 0x000a, 0x1894: 0x000a, 0x1895: 0x000a, 0x1896: 0x000a, 0x1897: 0x000a,
+	0x1898: 0x000a, 0x1899: 0x000a, 0x189a: 0x000a, 0x189b: 0x000a, 0x189c: 0x000a, 0x189d: 0x000a,
+	0x189e: 0x000a, 0x189f: 0x000a, 0x18a0: 0x000a, 0x18a1: 0x000a, 0x18a2: 0x000a, 0x18a3: 0x000a,
+	0x18a4: 0x000a, 0x18a5: 0x000a, 0x18a6: 0x003a, 0x18a7: 0x002a, 0x18a8: 0x003a, 0x18a9: 0x002a,
+	0x18aa: 0x003a, 0x18ab: 0x002a, 0x18ac: 0x003a, 0x18ad: 0x002a, 0x18ae: 0x003a, 0x18af: 0x002a,
+	0x18b0: 0x000a, 0x18b1: 0x000a, 0x18b2: 0x000a, 0x18b3: 0x000a, 0x18b4: 0x000a, 0x18b5: 0x000a,
+	0x18b6: 0x000a, 0x18b7: 0x000a, 0x18b8: 0x000a, 0x18b9: 0x000a, 0x18ba: 0x000a, 0x18bb: 0x000a,
+	0x18bc: 0x000a, 0x18bd: 0x000a, 0x18be: 0x000a, 0x18bf: 0x000a,
+	// Block 0x63, offset 0x18c0
+	0x18c0: 0x000a, 0x18c1: 0x000a, 0x18c2: 0x000a, 0x18c3: 0x007a, 0x18c4: 0x006a, 0x18c5: 0x009a,
+	0x18c6: 0x008a, 0x18c7: 0x00ba, 0x18c8: 0x00aa, 0x18c9: 0x009a, 0x18ca: 0x008a, 0x18cb: 0x007a,
+	0x18cc: 0x006a, 0x18cd: 0x00da, 0x18ce: 0x002a, 0x18cf: 0x003a, 0x18d0: 0x00ca, 0x18d1: 0x009a,
+	0x18d2: 0x008a, 0x18d3: 0x007a, 0x18d4: 0x006a, 0x18d5: 0x009a, 0x18d6: 0x008a, 0x18d7: 0x00ba,
+	0x18d8: 0x00aa, 0x18d9: 0x000a, 0x18da: 0x000a, 0x18db: 0x000a, 0x18dc: 0x000a, 0x18dd: 0x000a,
+	0x18de: 0x000a, 0x18df: 0x000a, 0x18e0: 0x000a, 0x18e1: 0x000a, 0x18e2: 0x000a, 0x18e3: 0x000a,
+	0x18e4: 0x000a, 0x18e5: 0x000a, 0x18e6: 0x000a, 0x18e7: 0x000a, 0x18e8: 0x000a, 0x18e9: 0x000a,
+	0x18ea: 0x000a, 0x18eb: 0x000a, 0x18ec: 0x000a, 0x18ed: 0x000a, 0x18ee: 0x000a, 0x18ef: 0x000a,
+	0x18f0: 0x000a, 0x18f1: 0x000a, 0x18f2: 0x000a, 0x18f3: 0x000a, 0x18f4: 0x000a, 0x18f5: 0x000a,
+	0x18f6: 0x000a, 0x18f7: 0x000a, 0x18f8: 0x000a, 0x18f9: 0x000a, 0x18fa: 0x000a, 0x18fb: 0x000a,
+	0x18fc: 0x000a, 0x18fd: 0x000a, 0x18fe: 0x000a, 0x18ff: 0x000a,
+	// Block 0x64, offset 0x1900
+	0x1900: 0x000a, 0x1901: 0x000a, 0x1902: 0x000a, 0x1903: 0x000a, 0x1904: 0x000a, 0x1905: 0x000a,
+	0x1906: 0x000a, 0x1907: 0x000a, 0x1908: 0x000a, 0x1909: 0x000a, 0x190a: 0x000a, 0x190b: 0x000a,
+	0x190c: 0x000a, 0x190d: 0x000a, 0x190e: 0x000a, 0x190f: 0x000a, 0x1910: 0x000a, 0x1911: 0x000a,
+	0x1912: 0x000a, 0x1913: 0x000a, 0x1914: 0x000a, 0x1915: 0x000a, 0x1916: 0x000a, 0x1917: 0x000a,
+	0x1918: 0x003a, 0x1919: 0x002a, 0x191a: 0x003a, 0x191b: 0x002a, 0x191c: 0x000a, 0x191d: 0x000a,
+	0x191e: 0x000a, 0x191f: 0x000a, 0x1920: 0x000a, 0x1921: 0x000a, 0x1922: 0x000a, 0x1923: 0x000a,
+	0x1924: 0x000a, 0x1925: 0x000a, 0x1926: 0x000a, 0x1927: 0x000a, 0x1928: 0x000a, 0x1929: 0x000a,
+	0x192a: 0x000a, 0x192b: 0x000a, 0x192c: 0x000a, 0x192d: 0x000a, 0x192e: 0x000a, 0x192f: 0x000a,
+	0x1930: 0x000a, 0x1931: 0x000a, 0x1932: 0x000a, 0x1933: 0x000a, 0x1934: 0x000a, 0x1935: 0x000a,
+	0x1936: 0x000a, 0x1937: 0x000a, 0x1938: 0x000a, 0x1939: 0x000a, 0x193a: 0x000a, 0x193b: 0x000a,
+	0x193c: 0x003a, 0x193d: 0x002a, 0x193e: 0x000a, 0x193f: 0x000a,
+	// Block 0x65, offset 0x1940
+	0x1940: 0x000a, 0x1941: 0x000a, 0x1942: 0x000a, 0x1943: 0x000a, 0x1944: 0x000a, 0x1945: 0x000a,
+	0x1946: 0x000a, 0x1947: 0x000a, 0x1948: 0x000a, 0x1949: 0x000a, 0x194a: 0x000a, 0x194b: 0x000a,
+	0x194c: 0x000a, 0x194d: 0x000a, 0x194e: 0x000a, 0x194f: 0x000a, 0x1950: 0x000a, 0x1951: 0x000a,
+	0x1952: 0x000a, 0x1953: 0x000a, 0x1954: 0x000a, 0x1955: 0x000a, 0x1956: 0x000a, 0x1957: 0x000a,
+	0x1958: 0x000a, 0x1959: 0x000a, 0x195a: 0x000a, 0x195b: 0x000a, 0x195c: 0x000a, 0x195d: 0x000a,
+	0x195e: 0x000a, 0x195f: 0x000a, 0x1960: 0x000a, 0x1961: 0x000a, 0x1962: 0x000a, 0x1963: 0x000a,
+	0x1964: 0x000a, 0x1965: 0x000a, 0x1966: 0x000a, 0x1967: 0x000a, 0x1968: 0x000a, 0x1969: 0x000a,
+	0x196a: 0x000a, 0x196b: 0x000a, 0x196c: 0x000a, 0x196d: 0x000a, 0x196e: 0x000a, 0x196f: 0x000a,
+	0x1970: 0x000a, 0x1971: 0x000a, 0x1972: 0x000a, 0x1973: 0x000a,
+	0x1976: 0x000a, 0x1977: 0x000a, 0x1978: 0x000a, 0x1979: 0x000a, 0x197a: 0x000a, 0x197b: 0x000a,
+	0x197c: 0x000a, 0x197d: 0x000a, 0x197e: 0x000a, 0x197f: 0x000a,
+	// Block 0x66, offset 0x1980
+	0x1980: 0x000a, 0x1981: 0x000a, 0x1982: 0x000a, 0x1983: 0x000a, 0x1984: 0x000a, 0x1985: 0x000a,
+	0x1986: 0x000a, 0x1987: 0x000a, 0x1988: 0x000a, 0x1989: 0x000a, 0x198a: 0x000a, 0x198b: 0x000a,
+	0x198c: 0x000a, 0x198d: 0x000a, 0x198e: 0x000a, 0x198f: 0x000a, 0x1990: 0x000a, 0x1991: 0x000a,
+	0x1992: 0x000a, 0x1993: 0x000a, 0x1994: 0x000a, 0x1995: 0x000a, 0x1997: 0x000a,
+	0x1998: 0x000a, 0x1999: 0x000a, 0x199a: 0x000a, 0x199b: 0x000a, 0x199c: 0x000a, 0x199d: 0x000a,
+	0x199e: 0x000a, 0x199f: 0x000a, 0x19a0: 0x000a, 0x19a1: 0x000a, 0x19a2: 0x000a, 0x19a3: 0x000a,
+	0x19a4: 0x000a, 0x19a5: 0x000a, 0x19a6: 0x000a, 0x19a7: 0x000a, 0x19a8: 0x000a, 0x19a9: 0x000a,
+	0x19aa: 0x000a, 0x19ab: 0x000a, 0x19ac: 0x000a, 0x19ad: 0x000a, 0x19ae: 0x000a, 0x19af: 0x000a,
+	0x19b0: 0x000a, 0x19b1: 0x000a, 0x19b2: 0x000a, 0x19b3: 0x000a, 0x19b4: 0x000a, 0x19b5: 0x000a,
+	0x19b6: 0x000a, 0x19b7: 0x000a, 0x19b8: 0x000a, 0x19b9: 0x000a, 0x19ba: 0x000a, 0x19bb: 0x000a,
+	0x19bc: 0x000a, 0x19bd: 0x000a, 0x19be: 0x000a, 0x19bf: 0x000a,
+	// Block 0x67, offset 0x19c0
+	0x19e5: 0x000a, 0x19e6: 0x000a, 0x19e7: 0x000a, 0x19e8: 0x000a, 0x19e9: 0x000a,
+	0x19ea: 0x000a, 0x19ef: 0x000c,
+	0x19f0: 0x000c, 0x19f1: 0x000c,
+	0x19f9: 0x000a, 0x19fa: 0x000a, 0x19fb: 0x000a,
+	0x19fc: 0x000a, 0x19fd: 0x000a, 0x19fe: 0x000a, 0x19ff: 0x000a,
+	// Block 0x68, offset 0x1a00
+	0x1a3f: 0x000c,
+	// Block 0x69, offset 0x1a40
+	0x1a60: 0x000c, 0x1a61: 0x000c, 0x1a62: 0x000c, 0x1a63: 0x000c,
+	0x1a64: 0x000c, 0x1a65: 0x000c, 0x1a66: 0x000c, 0x1a67: 0x000c, 0x1a68: 0x000c, 0x1a69: 0x000c,
+	0x1a6a: 0x000c, 0x1a6b: 0x000c, 0x1a6c: 0x000c, 0x1a6d: 0x000c, 0x1a6e: 0x000c, 0x1a6f: 0x000c,
+	0x1a70: 0x000c, 0x1a71: 0x000c, 0x1a72: 0x000c, 0x1a73: 0x000c, 0x1a74: 0x000c, 0x1a75: 0x000c,
+	0x1a76: 0x000c, 0x1a77: 0x000c, 0x1a78: 0x000c, 0x1a79: 0x000c, 0x1a7a: 0x000c, 0x1a7b: 0x000c,
+	0x1a7c: 0x000c, 0x1a7d: 0x000c, 0x1a7e: 0x000c, 0x1a7f: 0x000c,
+	// Block 0x6a, offset 0x1a80
+	0x1a80: 0x000a, 0x1a81: 0x000a, 0x1a82: 0x000a, 0x1a83: 0x000a, 0x1a84: 0x000a, 0x1a85: 0x000a,
+	0x1a86: 0x000a, 0x1a87: 0x000a, 0x1a88: 0x000a, 0x1a89: 0x000a, 0x1a8a: 0x000a, 0x1a8b: 0x000a,
+	0x1a8c: 0x000a, 0x1a8d: 0x000a, 0x1a8e: 0x000a, 0x1a8f: 0x000a, 0x1a90: 0x000a, 0x1a91: 0x000a,
+	0x1a92: 0x000a, 0x1a93: 0x000a, 0x1a94: 0x000a, 0x1a95: 0x000a, 0x1a96: 0x000a, 0x1a97: 0x000a,
+	0x1a98: 0x000a, 0x1a99: 0x000a, 0x1a9a: 0x000a, 0x1a9b: 0x000a, 0x1a9c: 0x000a, 0x1a9d: 0x000a,
+	0x1a9e: 0x000a, 0x1a9f: 0x000a, 0x1aa0: 0x000a, 0x1aa1: 0x000a, 0x1aa2: 0x003a, 0x1aa3: 0x002a,
+	0x1aa4: 0x003a, 0x1aa5: 0x002a, 0x1aa6: 0x003a, 0x1aa7: 0x002a, 0x1aa8: 0x003a, 0x1aa9: 0x002a,
+	0x1aaa: 0x000a, 0x1aab: 0x000a, 0x1aac: 0x000a, 0x1aad: 0x000a, 0x1aae: 0x000a, 0x1aaf: 0x000a,
+	0x1ab0: 0x000a, 0x1ab1: 0x000a, 0x1ab2: 0x000a, 0x1ab3: 0x000a, 0x1ab4: 0x000a, 0x1ab5: 0x000a,
+	0x1ab6: 0x000a, 0x1ab7: 0x000a, 0x1ab8: 0x000a, 0x1ab9: 0x000a, 0x1aba: 0x000a, 0x1abb: 0x000a,
+	0x1abc: 0x000a, 0x1abd: 0x000a, 0x1abe: 0x000a, 0x1abf: 0x000a,
+	// Block 0x6b, offset 0x1ac0
+	0x1ac0: 0x000a, 0x1ac1: 0x000a, 0x1ac2: 0x000a, 0x1ac3: 0x000a, 0x1ac4: 0x000a, 0x1ac5: 0x000a,
+	0x1ac6: 0x000a, 0x1ac7: 0x000a, 0x1ac8: 0x000a, 0x1ac9: 0x000a, 0x1aca: 0x000a, 0x1acb: 0x000a,
+	0x1acc: 0x000a, 0x1acd: 0x000a, 0x1ace: 0x000a, 0x1acf: 0x000a, 0x1ad0: 0x000a, 0x1ad1: 0x000a,
+	0x1ad2: 0x000a, 0x1ad3: 0x000a, 0x1ad4: 0x000a, 0x1ad5: 0x009a, 0x1ad6: 0x008a, 0x1ad7: 0x00ba,
+	0x1ad8: 0x00aa, 0x1ad9: 0x009a, 0x1ada: 0x008a, 0x1adb: 0x007a, 0x1adc: 0x006a, 0x1add: 0x000a,
+	// Block 0x6c, offset 0x1b00
+	0x1b00: 0x000a, 0x1b01: 0x000a, 0x1b02: 0x000a, 0x1b03: 0x000a, 0x1b04: 0x000a, 0x1b05: 0x000a,
+	0x1b06: 0x000a, 0x1b07: 0x000a, 0x1b08: 0x000a, 0x1b09: 0x000a, 0x1b0a: 0x000a, 0x1b0b: 0x000a,
+	0x1b0c: 0x000a, 0x1b0d: 0x000a, 0x1b0e: 0x000a, 0x1b0f: 0x000a, 0x1b10: 0x000a, 0x1b11: 0x000a,
+	0x1b12: 0x000a, 0x1b13: 0x000a, 0x1b14: 0x000a, 0x1b15: 0x000a, 0x1b16: 0x000a, 0x1b17: 0x000a,
+	0x1b18: 0x000a, 0x1b19: 0x000a, 0x1b1b: 0x000a, 0x1b1c: 0x000a, 0x1b1d: 0x000a,
+	0x1b1e: 0x000a, 0x1b1f: 0x000a, 0x1b20: 0x000a, 0x1b21: 0x000a, 0x1b22: 0x000a, 0x1b23: 0x000a,
+	0x1b24: 0x000a, 0x1b25: 0x000a, 0x1b26: 0x000a, 0x1b27: 0x000a, 0x1b28: 0x000a, 0x1b29: 0x000a,
+	0x1b2a: 0x000a, 0x1b2b: 0x000a, 0x1b2c: 0x000a, 0x1b2d: 0x000a, 0x1b2e: 0x000a, 0x1b2f: 0x000a,
+	0x1b30: 0x000a, 0x1b31: 0x000a, 0x1b32: 0x000a, 0x1b33: 0x000a, 0x1b34: 0x000a, 0x1b35: 0x000a,
+	0x1b36: 0x000a, 0x1b37: 0x000a, 0x1b38: 0x000a, 0x1b39: 0x000a, 0x1b3a: 0x000a, 0x1b3b: 0x000a,
+	0x1b3c: 0x000a, 0x1b3d: 0x000a, 0x1b3e: 0x000a, 0x1b3f: 0x000a,
+	// Block 0x6d, offset 0x1b40
+	0x1b40: 0x000a, 0x1b41: 0x000a, 0x1b42: 0x000a, 0x1b43: 0x000a, 0x1b44: 0x000a, 0x1b45: 0x000a,
+	0x1b46: 0x000a, 0x1b47: 0x000a, 0x1b48: 0x000a, 0x1b49: 0x000a, 0x1b4a: 0x000a, 0x1b4b: 0x000a,
+	0x1b4c: 0x000a, 0x1b4d: 0x000a, 0x1b4e: 0x000a, 0x1b4f: 0x000a, 0x1b50: 0x000a, 0x1b51: 0x000a,
+	0x1b52: 0x000a, 0x1b53: 0x000a, 0x1b54: 0x000a, 0x1b55: 0x000a, 0x1b56: 0x000a, 0x1b57: 0x000a,
+	0x1b58: 0x000a, 0x1b59: 0x000a, 0x1b5a: 0x000a, 0x1b5b: 0x000a, 0x1b5c: 0x000a, 0x1b5d: 0x000a,
+	0x1b5e: 0x000a, 0x1b5f: 0x000a, 0x1b60: 0x000a, 0x1b61: 0x000a, 0x1b62: 0x000a, 0x1b63: 0x000a,
+	0x1b64: 0x000a, 0x1b65: 0x000a, 0x1b66: 0x000a, 0x1b67: 0x000a, 0x1b68: 0x000a, 0x1b69: 0x000a,
+	0x1b6a: 0x000a, 0x1b6b: 0x000a, 0x1b6c: 0x000a, 0x1b6d: 0x000a, 0x1b6e: 0x000a, 0x1b6f: 0x000a,
+	0x1b70: 0x000a, 0x1b71: 0x000a, 0x1b72: 0x000a, 0x1b73: 0x000a,
+	// Block 0x6e, offset 0x1b80
+	0x1b80: 0x000a, 0x1b81: 0x000a, 0x1b82: 0x000a, 0x1b83: 0x000a, 0x1b84: 0x000a, 0x1b85: 0x000a,
+	0x1b86: 0x000a, 0x1b87: 0x000a, 0x1b88: 0x000a, 0x1b89: 0x000a, 0x1b8a: 0x000a, 0x1b8b: 0x000a,
+	0x1b8c: 0x000a, 0x1b8d: 0x000a, 0x1b8e: 0x000a, 0x1b8f: 0x000a, 0x1b90: 0x000a, 0x1b91: 0x000a,
+	0x1b92: 0x000a, 0x1b93: 0x000a, 0x1b94: 0x000a, 0x1b95: 0x000a,
+	0x1bb0: 0x000a, 0x1bb1: 0x000a, 0x1bb2: 0x000a, 0x1bb3: 0x000a, 0x1bb4: 0x000a, 0x1bb5: 0x000a,
+	0x1bb6: 0x000a, 0x1bb7: 0x000a, 0x1bb8: 0x000a, 0x1bb9: 0x000a, 0x1bba: 0x000a, 0x1bbb: 0x000a,
+	// Block 0x6f, offset 0x1bc0
+	0x1bc0: 0x0009, 0x1bc1: 0x000a, 0x1bc2: 0x000a, 0x1bc3: 0x000a, 0x1bc4: 0x000a,
+	0x1bc8: 0x003a, 0x1bc9: 0x002a, 0x1bca: 0x003a, 0x1bcb: 0x002a,
+	0x1bcc: 0x003a, 0x1bcd: 0x002a, 0x1bce: 0x003a, 0x1bcf: 0x002a, 0x1bd0: 0x003a, 0x1bd1: 0x002a,
+	0x1bd2: 0x000a, 0x1bd3: 0x000a, 0x1bd4: 0x003a, 0x1bd5: 0x002a, 0x1bd6: 0x003a, 0x1bd7: 0x002a,
+	0x1bd8: 0x003a, 0x1bd9: 0x002a, 0x1bda: 0x003a, 0x1bdb: 0x002a, 0x1bdc: 0x000a, 0x1bdd: 0x000a,
+	0x1bde: 0x000a, 0x1bdf: 0x000a, 0x1be0: 0x000a,
+	0x1bea: 0x000c, 0x1beb: 0x000c, 0x1bec: 0x000c, 0x1bed: 0x000c,
+	0x1bf0: 0x000a,
+	0x1bf6: 0x000a, 0x1bf7: 0x000a,
+	0x1bfd: 0x000a, 0x1bfe: 0x000a, 0x1bff: 0x000a,
+	// Block 0x70, offset 0x1c00
+	0x1c19: 0x000c, 0x1c1a: 0x000c, 0x1c1b: 0x000a, 0x1c1c: 0x000a,
+	0x1c20: 0x000a,
+	// Block 0x71, offset 0x1c40
+	0x1c7b: 0x000a,
+	// Block 0x72, offset 0x1c80
+	0x1c80: 0x000a, 0x1c81: 0x000a, 0x1c82: 0x000a, 0x1c83: 0x000a, 0x1c84: 0x000a, 0x1c85: 0x000a,
+	0x1c86: 0x000a, 0x1c87: 0x000a, 0x1c88: 0x000a, 0x1c89: 0x000a, 0x1c8a: 0x000a, 0x1c8b: 0x000a,
+	0x1c8c: 0x000a, 0x1c8d: 0x000a, 0x1c8e: 0x000a, 0x1c8f: 0x000a, 0x1c90: 0x000a, 0x1c91: 0x000a,
+	0x1c92: 0x000a, 0x1c93: 0x000a, 0x1c94: 0x000a, 0x1c95: 0x000a, 0x1c96: 0x000a, 0x1c97: 0x000a,
+	0x1c98: 0x000a, 0x1c99: 0x000a, 0x1c9a: 0x000a, 0x1c9b: 0x000a, 0x1c9c: 0x000a, 0x1c9d: 0x000a,
+	0x1c9e: 0x000a, 0x1c9f: 0x000a, 0x1ca0: 0x000a, 0x1ca1: 0x000a, 0x1ca2: 0x000a, 0x1ca3: 0x000a,
+	// Block 0x73, offset 0x1cc0
+	0x1cdd: 0x000a,
+	0x1cde: 0x000a,
+	// Block 0x74, offset 0x1d00
+	0x1d10: 0x000a, 0x1d11: 0x000a,
+	0x1d12: 0x000a, 0x1d13: 0x000a, 0x1d14: 0x000a, 0x1d15: 0x000a, 0x1d16: 0x000a, 0x1d17: 0x000a,
+	0x1d18: 0x000a, 0x1d19: 0x000a, 0x1d1a: 0x000a, 0x1d1b: 0x000a, 0x1d1c: 0x000a, 0x1d1d: 0x000a,
+	0x1d1e: 0x000a, 0x1d1f: 0x000a,
+	0x1d3c: 0x000a, 0x1d3d: 0x000a, 0x1d3e: 0x000a,
+	// Block 0x75, offset 0x1d40
+	0x1d71: 0x000a, 0x1d72: 0x000a, 0x1d73: 0x000a, 0x1d74: 0x000a, 0x1d75: 0x000a,
+	0x1d76: 0x000a, 0x1d77: 0x000a, 0x1d78: 0x000a, 0x1d79: 0x000a, 0x1d7a: 0x000a, 0x1d7b: 0x000a,
+	0x1d7c: 0x000a, 0x1d7d: 0x000a, 0x1d7e: 0x000a, 0x1d7f: 0x000a,
+	// Block 0x76, offset 0x1d80
+	0x1d8c: 0x000a, 0x1d8d: 0x000a, 0x1d8e: 0x000a, 0x1d8f: 0x000a,
+	// Block 0x77, offset 0x1dc0
+	0x1df7: 0x000a, 0x1df8: 0x000a, 0x1df9: 0x000a, 0x1dfa: 0x000a,
+	// Block 0x78, offset 0x1e00
+	0x1e1e: 0x000a, 0x1e1f: 0x000a,
+	0x1e3f: 0x000a,
+	// Block 0x79, offset 0x1e40
+	0x1e50: 0x000a, 0x1e51: 0x000a,
+	0x1e52: 0x000a, 0x1e53: 0x000a, 0x1e54: 0x000a, 0x1e55: 0x000a, 0x1e56: 0x000a, 0x1e57: 0x000a,
+	0x1e58: 0x000a, 0x1e59: 0x000a, 0x1e5a: 0x000a, 0x1e5b: 0x000a, 0x1e5c: 0x000a, 0x1e5d: 0x000a,
+	0x1e5e: 0x000a, 0x1e5f: 0x000a, 0x1e60: 0x000a, 0x1e61: 0x000a, 0x1e62: 0x000a, 0x1e63: 0x000a,
+	0x1e64: 0x000a, 0x1e65: 0x000a, 0x1e66: 0x000a, 0x1e67: 0x000a, 0x1e68: 0x000a, 0x1e69: 0x000a,
+	0x1e6a: 0x000a, 0x1e6b: 0x000a, 0x1e6c: 0x000a, 0x1e6d: 0x000a, 0x1e6e: 0x000a, 0x1e6f: 0x000a,
+	0x1e70: 0x000a, 0x1e71: 0x000a, 0x1e72: 0x000a, 0x1e73: 0x000a, 0x1e74: 0x000a, 0x1e75: 0x000a,
+	0x1e76: 0x000a, 0x1e77: 0x000a, 0x1e78: 0x000a, 0x1e79: 0x000a, 0x1e7a: 0x000a, 0x1e7b: 0x000a,
+	0x1e7c: 0x000a, 0x1e7d: 0x000a, 0x1e7e: 0x000a, 0x1e7f: 0x000a,
+	// Block 0x7a, offset 0x1e80
+	0x1e80: 0x000a, 0x1e81: 0x000a, 0x1e82: 0x000a, 0x1e83: 0x000a, 0x1e84: 0x000a, 0x1e85: 0x000a,
+	0x1e86: 0x000a,
+	// Block 0x7b, offset 0x1ec0
+	0x1ecd: 0x000a, 0x1ece: 0x000a, 0x1ecf: 0x000a,
+	// Block 0x7c, offset 0x1f00
+	0x1f2f: 0x000c,
+	0x1f30: 0x000c, 0x1f31: 0x000c, 0x1f32: 0x000c, 0x1f33: 0x000a, 0x1f34: 0x000c, 0x1f35: 0x000c,
+	0x1f36: 0x000c, 0x1f37: 0x000c, 0x1f38: 0x000c, 0x1f39: 0x000c, 0x1f3a: 0x000c, 0x1f3b: 0x000c,
+	0x1f3c: 0x000c, 0x1f3d: 0x000c, 0x1f3e: 0x000a, 0x1f3f: 0x000a,
+	// Block 0x7d, offset 0x1f40
+	0x1f5e: 0x000c, 0x1f5f: 0x000c,
+	// Block 0x7e, offset 0x1f80
+	0x1fb0: 0x000c, 0x1fb1: 0x000c,
+	// Block 0x7f, offset 0x1fc0
+	0x1fc0: 0x000a, 0x1fc1: 0x000a, 0x1fc2: 0x000a, 0x1fc3: 0x000a, 0x1fc4: 0x000a, 0x1fc5: 0x000a,
+	0x1fc6: 0x000a, 0x1fc7: 0x000a, 0x1fc8: 0x000a, 0x1fc9: 0x000a, 0x1fca: 0x000a, 0x1fcb: 0x000a,
+	0x1fcc: 0x000a, 0x1fcd: 0x000a, 0x1fce: 0x000a, 0x1fcf: 0x000a, 0x1fd0: 0x000a, 0x1fd1: 0x000a,
+	0x1fd2: 0x000a, 0x1fd3: 0x000a, 0x1fd4: 0x000a, 0x1fd5: 0x000a, 0x1fd6: 0x000a, 0x1fd7: 0x000a,
+	0x1fd8: 0x000a, 0x1fd9: 0x000a, 0x1fda: 0x000a, 0x1fdb: 0x000a, 0x1fdc: 0x000a, 0x1fdd: 0x000a,
+	0x1fde: 0x000a, 0x1fdf: 0x000a, 0x1fe0: 0x000a, 0x1fe1: 0x000a,
+	// Block 0x80, offset 0x2000
+	0x2008: 0x000a,
+	// Block 0x81, offset 0x2040
+	0x2042: 0x000c,
+	0x2046: 0x000c, 0x204b: 0x000c,
+	0x2065: 0x000c, 0x2066: 0x000c, 0x2068: 0x000a, 0x2069: 0x000a,
+	0x206a: 0x000a, 0x206b: 0x000a, 0x206c: 0x000c,
+	0x2078: 0x0004, 0x2079: 0x0004,
+	// Block 0x82, offset 0x2080
+	0x20b4: 0x000a, 0x20b5: 0x000a,
+	0x20b6: 0x000a, 0x20b7: 0x000a,
+	// Block 0x83, offset 0x20c0
+	0x20c4: 0x000c, 0x20c5: 0x000c,
+	0x20e0: 0x000c, 0x20e1: 0x000c, 0x20e2: 0x000c, 0x20e3: 0x000c,
+	0x20e4: 0x000c, 0x20e5: 0x000c, 0x20e6: 0x000c, 0x20e7: 0x000c, 0x20e8: 0x000c, 0x20e9: 0x000c,
+	0x20ea: 0x000c, 0x20eb: 0x000c, 0x20ec: 0x000c, 0x20ed: 0x000c, 0x20ee: 0x000c, 0x20ef: 0x000c,
+	0x20f0: 0x000c, 0x20f1: 0x000c,
+	0x20ff: 0x000c,
+	// Block 0x84, offset 0x2100
+	0x2126: 0x000c, 0x2127: 0x000c, 0x2128: 0x000c, 0x2129: 0x000c,
+	0x212a: 0x000c, 0x212b: 0x000c, 0x212c: 0x000c, 0x212d: 0x000c,
+	// Block 0x85, offset 0x2140
+	0x2147: 0x000c, 0x2148: 0x000c, 0x2149: 0x000c, 0x214a: 0x000c, 0x214b: 0x000c,
+	0x214c: 0x000c, 0x214d: 0x000c, 0x214e: 0x000c, 0x214f: 0x000c, 0x2150: 0x000c, 0x2151: 0x000c,
+	// Block 0x86, offset 0x2180
+	0x2180: 0x000c, 0x2181: 0x000c, 0x2182: 0x000c,
+	0x21b3: 0x000c,
+	0x21b6: 0x000c, 0x21b7: 0x000c, 0x21b8: 0x000c, 0x21b9: 0x000c,
+	0x21bc: 0x000c, 0x21bd: 0x000c,
+	// Block 0x87, offset 0x21c0
+	0x21e5: 0x000c,
+	// Block 0x88, offset 0x2200
+	0x2229: 0x000c,
+	0x222a: 0x000c, 0x222b: 0x000c, 0x222c: 0x000c, 0x222d: 0x000c, 0x222e: 0x000c,
+	0x2231: 0x000c, 0x2232: 0x000c, 0x2235: 0x000c,
+	0x2236: 0x000c,
+	// Block 0x89, offset 0x2240
+	0x2243: 0x000c,
+	0x224c: 0x000c,
+	0x227c: 0x000c,
+	// Block 0x8a, offset 0x2280
+	0x22b0: 0x000c, 0x22b2: 0x000c, 0x22b3: 0x000c, 0x22b4: 0x000c,
+	0x22b7: 0x000c, 0x22b8: 0x000c,
+	0x22be: 0x000c, 0x22bf: 0x000c,
+	// Block 0x8b, offset 0x22c0
+	0x22c1: 0x000c,
+	0x22ec: 0x000c, 0x22ed: 0x000c,
+	0x22f6: 0x000c,
+	// Block 0x8c, offset 0x2300
+	0x232a: 0x000a, 0x232b: 0x000a,
+	// Block 0x8d, offset 0x2340
+	0x2365: 0x000c, 0x2368: 0x000c,
+	0x236d: 0x000c,
+	// Block 0x8e, offset 0x2380
+	0x239d: 0x0001,
+	0x239e: 0x000c, 0x239f: 0x0001, 0x23a0: 0x0001, 0x23a1: 0x0001, 0x23a2: 0x0001, 0x23a3: 0x0001,
+	0x23a4: 0x0001, 0x23a5: 0x0001, 0x23a6: 0x0001, 0x23a7: 0x0001, 0x23a8: 0x0001, 0x23a9: 0x0003,
+	0x23aa: 0x0001, 0x23ab: 0x0001, 0x23ac: 0x0001, 0x23ad: 0x0001, 0x23ae: 0x0001, 0x23af: 0x0001,
+	0x23b0: 0x0001, 0x23b1: 0x0001, 0x23b2: 0x0001, 0x23b3: 0x0001, 0x23b4: 0x0001, 0x23b5: 0x0001,
+	0x23b6: 0x0001, 0x23b7: 0x0001, 0x23b8: 0x0001, 0x23b9: 0x0001, 0x23ba: 0x0001, 0x23bb: 0x0001,
+	0x23bc: 0x0001, 0x23bd: 0x0001, 0x23be: 0x0001, 0x23bf: 0x0001,
+	// Block 0x8f, offset 0x23c0
+	0x23c0: 0x0001, 0x23c1: 0x0001, 0x23c2: 0x0001, 0x23c3: 0x0001, 0x23c4: 0x0001, 0x23c5: 0x0001,
+	0x23c6: 0x0001, 0x23c7: 0x0001, 0x23c8: 0x0001, 0x23c9: 0x0001, 0x23ca: 0x0001, 0x23cb: 0x0001,
+	0x23cc: 0x0001, 0x23cd: 0x0001, 0x23ce: 0x0001, 0x23cf: 0x0001, 0x23d0: 0x000d, 0x23d1: 0x000d,
+	0x23d2: 0x000d, 0x23d3: 0x000d, 0x23d4: 0x000d, 0x23d5: 0x000d, 0x23d6: 0x000d, 0x23d7: 0x000d,
+	0x23d8: 0x000d, 0x23d9: 0x000d, 0x23da: 0x000d, 0x23db: 0x000d, 0x23dc: 0x000d, 0x23dd: 0x000d,
+	0x23de: 0x000d, 0x23df: 0x000d, 0x23e0: 0x000d, 0x23e1: 0x000d, 0x23e2: 0x000d, 0x23e3: 0x000d,
+	0x23e4: 0x000d, 0x23e5: 0x000d, 0x23e6: 0x000d, 0x23e7: 0x000d, 0x23e8: 0x000d, 0x23e9: 0x000d,
+	0x23ea: 0x000d, 0x23eb: 0x000d, 0x23ec: 0x000d, 0x23ed: 0x000d, 0x23ee: 0x000d, 0x23ef: 0x000d,
+	0x23f0: 0x000d, 0x23f1: 0x000d, 0x23f2: 0x000d, 0x23f3: 0x000d, 0x23f4: 0x000d, 0x23f5: 0x000d,
+	0x23f6: 0x000d, 0x23f7: 0x000d, 0x23f8: 0x000d, 0x23f9: 0x000d, 0x23fa: 0x000d, 0x23fb: 0x000d,
+	0x23fc: 0x000d, 0x23fd: 0x000d, 0x23fe: 0x000d, 0x23ff: 0x000d,
+	// Block 0x90, offset 0x2400
+	0x2400: 0x000d, 0x2401: 0x000d, 0x2402: 0x000d, 0x2403: 0x000d, 0x2404: 0x000d, 0x2405: 0x000d,
+	0x2406: 0x000d, 0x2407: 0x000d, 0x2408: 0x000d, 0x2409: 0x000d, 0x240a: 0x000d, 0x240b: 0x000d,
+	0x240c: 0x000d, 0x240d: 0x000d, 0x240e: 0x000d, 0x240f: 0x000d, 0x2410: 0x000d, 0x2411: 0x000d,
+	0x2412: 0x000d, 0x2413: 0x000d, 0x2414: 0x000d, 0x2415: 0x000d, 0x2416: 0x000d, 0x2417: 0x000d,
+	0x2418: 0x000d, 0x2419: 0x000d, 0x241a: 0x000d, 0x241b: 0x000d, 0x241c: 0x000d, 0x241d: 0x000d,
+	0x241e: 0x000d, 0x241f: 0x000d, 0x2420: 0x000d, 0x2421: 0x000d, 0x2422: 0x000d, 0x2423: 0x000d,
+	0x2424: 0x000d, 0x2425: 0x000d, 0x2426: 0x000d, 0x2427: 0x000d, 0x2428: 0x000d, 0x2429: 0x000d,
+	0x242a: 0x000d, 0x242b: 0x000d, 0x242c: 0x000d, 0x242d: 0x000d, 0x242e: 0x000d, 0x242f: 0x000d,
+	0x2430: 0x000d, 0x2431: 0x000d, 0x2432: 0x000d, 0x2433: 0x000d, 0x2434: 0x000d, 0x2435: 0x000d,
+	0x2436: 0x000d, 0x2437: 0x000d, 0x2438: 0x000d, 0x2439: 0x000d, 0x243a: 0x000d, 0x243b: 0x000d,
+	0x243c: 0x000d, 0x243d: 0x000d, 0x243e: 0x000a, 0x243f: 0x000a,
+	// Block 0x91, offset 0x2440
+	0x2440: 0x000a, 0x2441: 0x000a, 0x2442: 0x000a, 0x2443: 0x000a, 0x2444: 0x000a, 0x2445: 0x000a,
+	0x2446: 0x000a, 0x2447: 0x000a, 0x2448: 0x000a, 0x2449: 0x000a, 0x244a: 0x000a, 0x244b: 0x000a,
+	0x244c: 0x000a, 0x244d: 0x000a, 0x244e: 0x000a, 0x244f: 0x000a, 0x2450: 0x000d, 0x2451: 0x000d,
+	0x2452: 0x000d, 0x2453: 0x000d, 0x2454: 0x000d, 0x2455: 0x000d, 0x2456: 0x000d, 0x2457: 0x000d,
+	0x2458: 0x000d, 0x2459: 0x000d, 0x245a: 0x000d, 0x245b: 0x000d, 0x245c: 0x000d, 0x245d: 0x000d,
+	0x245e: 0x000d, 0x245f: 0x000d, 0x2460: 0x000d, 0x2461: 0x000d, 0x2462: 0x000d, 0x2463: 0x000d,
+	0x2464: 0x000d, 0x2465: 0x000d, 0x2466: 0x000d, 0x2467: 0x000d, 0x2468: 0x000d, 0x2469: 0x000d,
+	0x246a: 0x000d, 0x246b: 0x000d, 0x246c: 0x000d, 0x246d: 0x000d, 0x246e: 0x000d, 0x246f: 0x000d,
+	0x2470: 0x000d, 0x2471: 0x000d, 0x2472: 0x000d, 0x2473: 0x000d, 0x2474: 0x000d, 0x2475: 0x000d,
+	0x2476: 0x000d, 0x2477: 0x000d, 0x2478: 0x000d, 0x2479: 0x000d, 0x247a: 0x000d, 0x247b: 0x000d,
+	0x247c: 0x000d, 0x247d: 0x000d, 0x247e: 0x000d, 0x247f: 0x000d,
+	// Block 0x92, offset 0x2480
+	0x2480: 0x000d, 0x2481: 0x000d, 0x2482: 0x000d, 0x2483: 0x000d, 0x2484: 0x000d, 0x2485: 0x000d,
+	0x2486: 0x000d, 0x2487: 0x000d, 0x2488: 0x000d, 0x2489: 0x000d, 0x248a: 0x000d, 0x248b: 0x000d,
+	0x248c: 0x000d, 0x248d: 0x000d, 0x248e: 0x000d, 0x248f: 0x000a, 0x2490: 0x000b, 0x2491: 0x000b,
+	0x2492: 0x000b, 0x2493: 0x000b, 0x2494: 0x000b, 0x2495: 0x000b, 0x2496: 0x000b, 0x2497: 0x000b,
+	0x2498: 0x000b, 0x2499: 0x000b, 0x249a: 0x000b, 0x249b: 0x000b, 0x249c: 0x000b, 0x249d: 0x000b,
+	0x249e: 0x000b, 0x249f: 0x000b, 0x24a0: 0x000b, 0x24a1: 0x000b, 0x24a2: 0x000b, 0x24a3: 0x000b,
+	0x24a4: 0x000b, 0x24a5: 0x000b, 0x24a6: 0x000b, 0x24a7: 0x000b, 0x24a8: 0x000b, 0x24a9: 0x000b,
+	0x24aa: 0x000b, 0x24ab: 0x000b, 0x24ac: 0x000b, 0x24ad: 0x000b, 0x24ae: 0x000b, 0x24af: 0x000b,
+	0x24b0: 0x000d, 0x24b1: 0x000d, 0x24b2: 0x000d, 0x24b3: 0x000d, 0x24b4: 0x000d, 0x24b5: 0x000d,
+	0x24b6: 0x000d, 0x24b7: 0x000d, 0x24b8: 0x000d, 0x24b9: 0x000d, 0x24ba: 0x000d, 0x24bb: 0x000d,
+	0x24bc: 0x000d, 0x24bd: 0x000a, 0x24be: 0x000a, 0x24bf: 0x000a,
+	// Block 0x93, offset 0x24c0
+	0x24c0: 0x000c, 0x24c1: 0x000c, 0x24c2: 0x000c, 0x24c3: 0x000c, 0x24c4: 0x000c, 0x24c5: 0x000c,
+	0x24c6: 0x000c, 0x24c7: 0x000c, 0x24c8: 0x000c, 0x24c9: 0x000c, 0x24ca: 0x000c, 0x24cb: 0x000c,
+	0x24cc: 0x000c, 0x24cd: 0x000c, 0x24ce: 0x000c, 0x24cf: 0x000c, 0x24d0: 0x000a, 0x24d1: 0x000a,
+	0x24d2: 0x000a, 0x24d3: 0x000a, 0x24d4: 0x000a, 0x24d5: 0x000a, 0x24d6: 0x000a, 0x24d7: 0x000a,
+	0x24d8: 0x000a, 0x24d9: 0x000a,
+	0x24e0: 0x000c, 0x24e1: 0x000c, 0x24e2: 0x000c, 0x24e3: 0x000c,
+	0x24e4: 0x000c, 0x24e5: 0x000c, 0x24e6: 0x000c, 0x24e7: 0x000c, 0x24e8: 0x000c, 0x24e9: 0x000c,
+	0x24ea: 0x000c, 0x24eb: 0x000c, 0x24ec: 0x000c, 0x24ed: 0x000c, 0x24ee: 0x000c, 0x24ef: 0x000c,
+	0x24f0: 0x000a, 0x24f1: 0x000a, 0x24f2: 0x000a, 0x24f3: 0x000a, 0x24f4: 0x000a, 0x24f5: 0x000a,
+	0x24f6: 0x000a, 0x24f7: 0x000a, 0x24f8: 0x000a, 0x24f9: 0x000a, 0x24fa: 0x000a, 0x24fb: 0x000a,
+	0x24fc: 0x000a, 0x24fd: 0x000a, 0x24fe: 0x000a, 0x24ff: 0x000a,
+	// Block 0x94, offset 0x2500
+	0x2500: 0x000a, 0x2501: 0x000a, 0x2502: 0x000a, 0x2503: 0x000a, 0x2504: 0x000a, 0x2505: 0x000a,
+	0x2506: 0x000a, 0x2507: 0x000a, 0x2508: 0x000a, 0x2509: 0x000a, 0x250a: 0x000a, 0x250b: 0x000a,
+	0x250c: 0x000a, 0x250d: 0x000a, 0x250e: 0x000a, 0x250f: 0x000a, 0x2510: 0x0006, 0x2511: 0x000a,
+	0x2512: 0x0006, 0x2514: 0x000a, 0x2515: 0x0006, 0x2516: 0x000a, 0x2517: 0x000a,
+	0x2518: 0x000a, 0x2519: 0x009a, 0x251a: 0x008a, 0x251b: 0x007a, 0x251c: 0x006a, 0x251d: 0x009a,
+	0x251e: 0x008a, 0x251f: 0x0004, 0x2520: 0x000a, 0x2521: 0x000a, 0x2522: 0x0003, 0x2523: 0x0003,
+	0x2524: 0x000a, 0x2525: 0x000a, 0x2526: 0x000a, 0x2528: 0x000a, 0x2529: 0x0004,
+	0x252a: 0x0004, 0x252b: 0x000a,
+	0x2530: 0x000d, 0x2531: 0x000d, 0x2532: 0x000d, 0x2533: 0x000d, 0x2534: 0x000d, 0x2535: 0x000d,
+	0x2536: 0x000d, 0x2537: 0x000d, 0x2538: 0x000d, 0x2539: 0x000d, 0x253a: 0x000d, 0x253b: 0x000d,
+	0x253c: 0x000d, 0x253d: 0x000d, 0x253e: 0x000d, 0x253f: 0x000d,
+	// Block 0x95, offset 0x2540
+	0x2540: 0x000d, 0x2541: 0x000d, 0x2542: 0x000d, 0x2543: 0x000d, 0x2544: 0x000d, 0x2545: 0x000d,
+	0x2546: 0x000d, 0x2547: 0x000d, 0x2548: 0x000d, 0x2549: 0x000d, 0x254a: 0x000d, 0x254b: 0x000d,
+	0x254c: 0x000d, 0x254d: 0x000d, 0x254e: 0x000d, 0x254f: 0x000d, 0x2550: 0x000d, 0x2551: 0x000d,
+	0x2552: 0x000d, 0x2553: 0x000d, 0x2554: 0x000d, 0x2555: 0x000d, 0x2556: 0x000d, 0x2557: 0x000d,
+	0x2558: 0x000d, 0x2559: 0x000d, 0x255a: 0x000d, 0x255b: 0x000d, 0x255c: 0x000d, 0x255d: 0x000d,
+	0x255e: 0x000d, 0x255f: 0x000d, 0x2560: 0x000d, 0x2561: 0x000d, 0x2562: 0x000d, 0x2563: 0x000d,
+	0x2564: 0x000d, 0x2565: 0x000d, 0x2566: 0x000d, 0x2567: 0x000d, 0x2568: 0x000d, 0x2569: 0x000d,
+	0x256a: 0x000d, 0x256b: 0x000d, 0x256c: 0x000d, 0x256d: 0x000d, 0x256e: 0x000d, 0x256f: 0x000d,
+	0x2570: 0x000d, 0x2571: 0x000d, 0x2572: 0x000d, 0x2573: 0x000d, 0x2574: 0x000d, 0x2575: 0x000d,
+	0x2576: 0x000d, 0x2577: 0x000d, 0x2578: 0x000d, 0x2579: 0x000d, 0x257a: 0x000d, 0x257b: 0x000d,
+	0x257c: 0x000d, 0x257d: 0x000d, 0x257e: 0x000d, 0x257f: 0x000b,
+	// Block 0x96, offset 0x2580
+	0x2581: 0x000a, 0x2582: 0x000a, 0x2583: 0x0004, 0x2584: 0x0004, 0x2585: 0x0004,
+	0x2586: 0x000a, 0x2587: 0x000a, 0x2588: 0x003a, 0x2589: 0x002a, 0x258a: 0x000a, 0x258b: 0x0003,
+	0x258c: 0x0006, 0x258d: 0x0003, 0x258e: 0x0006, 0x258f: 0x0006, 0x2590: 0x0002, 0x2591: 0x0002,
+	0x2592: 0x0002, 0x2593: 0x0002, 0x2594: 0x0002, 0x2595: 0x0002, 0x2596: 0x0002, 0x2597: 0x0002,
+	0x2598: 0x0002, 0x2599: 0x0002, 0x259a: 0x0006, 0x259b: 0x000a, 0x259c: 0x000a, 0x259d: 0x000a,
+	0x259e: 0x000a, 0x259f: 0x000a, 0x25a0: 0x000a,
+	0x25bb: 0x005a,
+	0x25bc: 0x000a, 0x25bd: 0x004a, 0x25be: 0x000a, 0x25bf: 0x000a,
+	// Block 0x97, offset 0x25c0
+	0x25c0: 0x000a,
+	0x25db: 0x005a, 0x25dc: 0x000a, 0x25dd: 0x004a,
+	0x25de: 0x000a, 0x25df: 0x00fa, 0x25e0: 0x00ea, 0x25e1: 0x000a, 0x25e2: 0x003a, 0x25e3: 0x002a,
+	0x25e4: 0x000a, 0x25e5: 0x000a,
+	// Block 0x98, offset 0x2600
+	0x2620: 0x0004, 0x2621: 0x0004, 0x2622: 0x000a, 0x2623: 0x000a,
+	0x2624: 0x000a, 0x2625: 0x0004, 0x2626: 0x0004, 0x2628: 0x000a, 0x2629: 0x000a,
+	0x262a: 0x000a, 0x262b: 0x000a, 0x262c: 0x000a, 0x262d: 0x000a, 0x262e: 0x000a,
+	0x2630: 0x000b, 0x2631: 0x000b, 0x2632: 0x000b, 0x2633: 0x000b, 0x2634: 0x000b, 0x2635: 0x000b,
+	0x2636: 0x000b, 0x2637: 0x000b, 0x2638: 0x000b, 0x2639: 0x000a, 0x263a: 0x000a, 0x263b: 0x000a,
+	0x263c: 0x000a, 0x263d: 0x000a, 0x263e: 0x000b, 0x263f: 0x000b,
+	// Block 0x99, offset 0x2640
+	0x2641: 0x000a,
+	// Block 0x9a, offset 0x2680
+	0x2680: 0x000a, 0x2681: 0x000a, 0x2682: 0x000a, 0x2683: 0x000a, 0x2684: 0x000a, 0x2685: 0x000a,
+	0x2686: 0x000a, 0x2687: 0x000a, 0x2688: 0x000a, 0x2689: 0x000a, 0x268a: 0x000a, 0x268b: 0x000a,
+	0x268c: 0x000a, 0x2690: 0x000a, 0x2691: 0x000a,
+	0x2692: 0x000a, 0x2693: 0x000a, 0x2694: 0x000a, 0x2695: 0x000a, 0x2696: 0x000a, 0x2697: 0x000a,
+	0x2698: 0x000a, 0x2699: 0x000a, 0x269a: 0x000a, 0x269b: 0x000a, 0x269c: 0x000a,
+	0x26a0: 0x000a,
+	// Block 0x9b, offset 0x26c0
+	0x26fd: 0x000c,
+	// Block 0x9c, offset 0x2700
+	0x2720: 0x000c, 0x2721: 0x0002, 0x2722: 0x0002, 0x2723: 0x0002,
+	0x2724: 0x0002, 0x2725: 0x0002, 0x2726: 0x0002, 0x2727: 0x0002, 0x2728: 0x0002, 0x2729: 0x0002,
+	0x272a: 0x0002, 0x272b: 0x0002, 0x272c: 0x0002, 0x272d: 0x0002, 0x272e: 0x0002, 0x272f: 0x0002,
+	0x2730: 0x0002, 0x2731: 0x0002, 0x2732: 0x0002, 0x2733: 0x0002, 0x2734: 0x0002, 0x2735: 0x0002,
+	0x2736: 0x0002, 0x2737: 0x0002, 0x2738: 0x0002, 0x2739: 0x0002, 0x273a: 0x0002, 0x273b: 0x0002,
+	// Block 0x9d, offset 0x2740
+	0x2776: 0x000c, 0x2777: 0x000c, 0x2778: 0x000c, 0x2779: 0x000c, 0x277a: 0x000c,
+	// Block 0x9e, offset 0x2780
+	0x2780: 0x0001, 0x2781: 0x0001, 0x2782: 0x0001, 0x2783: 0x0001, 0x2784: 0x0001, 0x2785: 0x0001,
+	0x2786: 0x0001, 0x2787: 0x0001, 0x2788: 0x0001, 0x2789: 0x0001, 0x278a: 0x0001, 0x278b: 0x0001,
+	0x278c: 0x0001, 0x278d: 0x0001, 0x278e: 0x0001, 0x278f: 0x0001, 0x2790: 0x0001, 0x2791: 0x0001,
+	0x2792: 0x0001, 0x2793: 0x0001, 0x2794: 0x0001, 0x2795: 0x0001, 0x2796: 0x0001, 0x2797: 0x0001,
+	0x2798: 0x0001, 0x2799: 0x0001, 0x279a: 0x0001, 0x279b: 0x0001, 0x279c: 0x0001, 0x279d: 0x0001,
+	0x279e: 0x0001, 0x279f: 0x0001, 0x27a0: 0x0001, 0x27a1: 0x0001, 0x27a2: 0x0001, 0x27a3: 0x0001,
+	0x27a4: 0x0001, 0x27a5: 0x0001, 0x27a6: 0x0001, 0x27a7: 0x0001, 0x27a8: 0x0001, 0x27a9: 0x0001,
+	0x27aa: 0x0001, 0x27ab: 0x0001, 0x27ac: 0x0001, 0x27ad: 0x0001, 0x27ae: 0x0001, 0x27af: 0x0001,
+	0x27b0: 0x0001, 0x27b1: 0x0001, 0x27b2: 0x0001, 0x27b3: 0x0001, 0x27b4: 0x0001, 0x27b5: 0x0001,
+	0x27b6: 0x0001, 0x27b7: 0x0001, 0x27b8: 0x0001, 0x27b9: 0x0001, 0x27ba: 0x0001, 0x27bb: 0x0001,
+	0x27bc: 0x0001, 0x27bd: 0x0001, 0x27be: 0x0001, 0x27bf: 0x0001,
+	// Block 0x9f, offset 0x27c0
+	0x27c0: 0x0001, 0x27c1: 0x0001, 0x27c2: 0x0001, 0x27c3: 0x0001, 0x27c4: 0x0001, 0x27c5: 0x0001,
+	0x27c6: 0x0001, 0x27c7: 0x0001, 0x27c8: 0x0001, 0x27c9: 0x0001, 0x27ca: 0x0001, 0x27cb: 0x0001,
+	0x27cc: 0x0001, 0x27cd: 0x0001, 0x27ce: 0x0001, 0x27cf: 0x0001, 0x27d0: 0x0001, 0x27d1: 0x0001,
+	0x27d2: 0x0001, 0x27d3: 0x0001, 0x27d4: 0x0001, 0x27d5: 0x0001, 0x27d6: 0x0001, 0x27d7: 0x0001,
+	0x27d8: 0x0001, 0x27d9: 0x0001, 0x27da: 0x0001, 0x27db: 0x0001, 0x27dc: 0x0001, 0x27dd: 0x0001,
+	0x27de: 0x0001, 0x27df: 0x000a, 0x27e0: 0x0001, 0x27e1: 0x0001, 0x27e2: 0x0001, 0x27e3: 0x0001,
+	0x27e4: 0x0001, 0x27e5: 0x0001, 0x27e6: 0x0001, 0x27e7: 0x0001, 0x27e8: 0x0001, 0x27e9: 0x0001,
+	0x27ea: 0x0001, 0x27eb: 0x0001, 0x27ec: 0x0001, 0x27ed: 0x0001, 0x27ee: 0x0001, 0x27ef: 0x0001,
+	0x27f0: 0x0001, 0x27f1: 0x0001, 0x27f2: 0x0001, 0x27f3: 0x0001, 0x27f4: 0x0001, 0x27f5: 0x0001,
+	0x27f6: 0x0001, 0x27f7: 0x0001, 0x27f8: 0x0001, 0x27f9: 0x0001, 0x27fa: 0x0001, 0x27fb: 0x0001,
+	0x27fc: 0x0001, 0x27fd: 0x0001, 0x27fe: 0x0001, 0x27ff: 0x0001,
+	// Block 0xa0, offset 0x2800
+	0x2800: 0x0001, 0x2801: 0x000c, 0x2802: 0x000c, 0x2803: 0x000c, 0x2804: 0x0001, 0x2805: 0x000c,
+	0x2806: 0x000c, 0x2807: 0x0001, 0x2808: 0x0001, 0x2809: 0x0001, 0x280a: 0x0001, 0x280b: 0x0001,
+	0x280c: 0x000c, 0x280d: 0x000c, 0x280e: 0x000c, 0x280f: 0x000c, 0x2810: 0x0001, 0x2811: 0x0001,
+	0x2812: 0x0001, 0x2813: 0x0001, 0x2814: 0x0001, 0x2815: 0x0001, 0x2816: 0x0001, 0x2817: 0x0001,
+	0x2818: 0x0001, 0x2819: 0x0001, 0x281a: 0x0001, 0x281b: 0x0001, 0x281c: 0x0001, 0x281d: 0x0001,
+	0x281e: 0x0001, 0x281f: 0x0001, 0x2820: 0x0001, 0x2821: 0x0001, 0x2822: 0x0001, 0x2823: 0x0001,
+	0x2824: 0x0001, 0x2825: 0x0001, 0x2826: 0x0001, 0x2827: 0x0001, 0x2828: 0x0001, 0x2829: 0x0001,
+	0x282a: 0x0001, 0x282b: 0x0001, 0x282c: 0x0001, 0x282d: 0x0001, 0x282e: 0x0001, 0x282f: 0x0001,
+	0x2830: 0x0001, 0x2831: 0x0001, 0x2832: 0x0001, 0x2833: 0x0001, 0x2834: 0x0001, 0x2835: 0x0001,
+	0x2836: 0x0001, 0x2837: 0x0001, 0x2838: 0x000c, 0x2839: 0x000c, 0x283a: 0x000c, 0x283b: 0x0001,
+	0x283c: 0x0001, 0x283d: 0x0001, 0x283e: 0x0001, 0x283f: 0x000c,
+	// Block 0xa1, offset 0x2840
+	0x2840: 0x0001, 0x2841: 0x0001, 0x2842: 0x0001, 0x2843: 0x0001, 0x2844: 0x0001, 0x2845: 0x0001,
+	0x2846: 0x0001, 0x2847: 0x0001, 0x2848: 0x0001, 0x2849: 0x0001, 0x284a: 0x0001, 0x284b: 0x0001,
+	0x284c: 0x0001, 0x284d: 0x0001, 0x284e: 0x0001, 0x284f: 0x0001, 0x2850: 0x0001, 0x2851: 0x0001,
+	0x2852: 0x0001, 0x2853: 0x0001, 0x2854: 0x0001, 0x2855: 0x0001, 0x2856: 0x0001, 0x2857: 0x0001,
+	0x2858: 0x0001, 0x2859: 0x0001, 0x285a: 0x0001, 0x285b: 0x0001, 0x285c: 0x0001, 0x285d: 0x0001,
+	0x285e: 0x0001, 0x285f: 0x0001, 0x2860: 0x0001, 0x2861: 0x0001, 0x2862: 0x0001, 0x2863: 0x0001,
+	0x2864: 0x0001, 0x2865: 0x000c, 0x2866: 0x000c, 0x2867: 0x0001, 0x2868: 0x0001, 0x2869: 0x0001,
+	0x286a: 0x0001, 0x286b: 0x0001, 0x286c: 0x0001, 0x286d: 0x0001, 0x286e: 0x0001, 0x286f: 0x0001,
+	0x2870: 0x0001, 0x2871: 0x0001, 0x2872: 0x0001, 0x2873: 0x0001, 0x2874: 0x0001, 0x2875: 0x0001,
+	0x2876: 0x0001, 0x2877: 0x0001, 0x2878: 0x0001, 0x2879: 0x0001, 0x287a: 0x0001, 0x287b: 0x0001,
+	0x287c: 0x0001, 0x287d: 0x0001, 0x287e: 0x0001, 0x287f: 0x0001,
+	// Block 0xa2, offset 0x2880
+	0x2880: 0x0001, 0x2881: 0x0001, 0x2882: 0x0001, 0x2883: 0x0001, 0x2884: 0x0001, 0x2885: 0x0001,
+	0x2886: 0x0001, 0x2887: 0x0001, 0x2888: 0x0001, 0x2889: 0x0001, 0x288a: 0x0001, 0x288b: 0x0001,
+	0x288c: 0x0001, 0x288d: 0x0001, 0x288e: 0x0001, 0x288f: 0x0001, 0x2890: 0x0001, 0x2891: 0x0001,
+	0x2892: 0x0001, 0x2893: 0x0001, 0x2894: 0x0001, 0x2895: 0x0001, 0x2896: 0x0001, 0x2897: 0x0001,
+	0x2898: 0x0001, 0x2899: 0x0001, 0x289a: 0x0001, 0x289b: 0x0001, 0x289c: 0x0001, 0x289d: 0x0001,
+	0x289e: 0x0001, 0x289f: 0x0001, 0x28a0: 0x0001, 0x28a1: 0x0001, 0x28a2: 0x0001, 0x28a3: 0x0001,
+	0x28a4: 0x0001, 0x28a5: 0x0001, 0x28a6: 0x0001, 0x28a7: 0x0001, 0x28a8: 0x0001, 0x28a9: 0x0001,
+	0x28aa: 0x0001, 0x28ab: 0x0001, 0x28ac: 0x0001, 0x28ad: 0x0001, 0x28ae: 0x0001, 0x28af: 0x0001,
+	0x28b0: 0x0001, 0x28b1: 0x0001, 0x28b2: 0x0001, 0x28b3: 0x0001, 0x28b4: 0x0001, 0x28b5: 0x0001,
+	0x28b6: 0x0001, 0x28b7: 0x0001, 0x28b8: 0x0001, 0x28b9: 0x000a, 0x28ba: 0x000a, 0x28bb: 0x000a,
+	0x28bc: 0x000a, 0x28bd: 0x000a, 0x28be: 0x000a, 0x28bf: 0x000a,
+	// Block 0xa3, offset 0x28c0
+	0x28c0: 0x000d, 0x28c1: 0x000d, 0x28c2: 0x000d, 0x28c3: 0x000d, 0x28c4: 0x000d, 0x28c5: 0x000d,
+	0x28c6: 0x000d, 0x28c7: 0x000d, 0x28c8: 0x000d, 0x28c9: 0x000d, 0x28ca: 0x000d, 0x28cb: 0x000d,
+	0x28cc: 0x000d, 0x28cd: 0x000d, 0x28ce: 0x000d, 0x28cf: 0x000d, 0x28d0: 0x000d, 0x28d1: 0x000d,
+	0x28d2: 0x000d, 0x28d3: 0x000d, 0x28d4: 0x000d, 0x28d5: 0x000d, 0x28d6: 0x000d, 0x28d7: 0x000d,
+	0x28d8: 0x000d, 0x28d9: 0x000d, 0x28da: 0x000d, 0x28db: 0x000d, 0x28dc: 0x000d, 0x28dd: 0x000d,
+	0x28de: 0x000d, 0x28df: 0x000d, 0x28e0: 0x000d, 0x28e1: 0x000d, 0x28e2: 0x000d, 0x28e3: 0x000d,
+	0x28e4: 0x000c, 0x28e5: 0x000c, 0x28e6: 0x000c, 0x28e7: 0x000c, 0x28e8: 0x0001, 0x28e9: 0x0001,
+	0x28ea: 0x0001, 0x28eb: 0x0001, 0x28ec: 0x0001, 0x28ed: 0x0001, 0x28ee: 0x0001, 0x28ef: 0x0001,
+	0x28f0: 0x0005, 0x28f1: 0x0005, 0x28f2: 0x0005, 0x28f3: 0x0005, 0x28f4: 0x0005, 0x28f5: 0x0005,
+	0x28f6: 0x0005, 0x28f7: 0x0005, 0x28f8: 0x0005, 0x28f9: 0x0005, 0x28fa: 0x0001, 0x28fb: 0x0001,
+	0x28fc: 0x0001, 0x28fd: 0x0001, 0x28fe: 0x0001, 0x28ff: 0x0001,
+	// Block 0xa4, offset 0x2900
+	0x2900: 0x0001, 0x2901: 0x0001, 0x2902: 0x0001, 0x2903: 0x0001, 0x2904: 0x0001, 0x2905: 0x0001,
+	0x2906: 0x0001, 0x2907: 0x0001, 0x2908: 0x0001, 0x2909: 0x0001, 0x290a: 0x0001, 0x290b: 0x0001,
+	0x290c: 0x0001, 0x290d: 0x0001, 0x290e: 0x0001, 0x290f: 0x0001, 0x2910: 0x0001, 0x2911: 0x0001,
+	0x2912: 0x0001, 0x2913: 0x0001, 0x2914: 0x0001, 0x2915: 0x0001, 0x2916: 0x0001, 0x2917: 0x0001,
+	0x2918: 0x0001, 0x2919: 0x0001, 0x291a: 0x0001, 0x291b: 0x0001, 0x291c: 0x0001, 0x291d: 0x0001,
+	0x291e: 0x0001, 0x291f: 0x0001, 0x2920: 0x0005, 0x2921: 0x0005, 0x2922: 0x0005, 0x2923: 0x0005,
+	0x2924: 0x0005, 0x2925: 0x0005, 0x2926: 0x0005, 0x2927: 0x0005, 0x2928: 0x0005, 0x2929: 0x0005,
+	0x292a: 0x0005, 0x292b: 0x0005, 0x292c: 0x0005, 0x292d: 0x0005, 0x292e: 0x0005, 0x292f: 0x0005,
+	0x2930: 0x0005, 0x2931: 0x0005, 0x2932: 0x0005, 0x2933: 0x0005, 0x2934: 0x0005, 0x2935: 0x0005,
+	0x2936: 0x0005, 0x2937: 0x0005, 0x2938: 0x0005, 0x2939: 0x0005, 0x293a: 0x0005, 0x293b: 0x0005,
+	0x293c: 0x0005, 0x293d: 0x0005, 0x293e: 0x0005, 0x293f: 0x0001,
+	// Block 0xa5, offset 0x2940
+	0x2940: 0x0001, 0x2941: 0x0001, 0x2942: 0x0001, 0x2943: 0x0001, 0x2944: 0x0001, 0x2945: 0x0001,
+	0x2946: 0x0001, 0x2947: 0x0001, 0x2948: 0x0001, 0x2949: 0x0001, 0x294a: 0x0001, 0x294b: 0x0001,
+	0x294c: 0x0001, 0x294d: 0x0001, 0x294e: 0x0001, 0x294f: 0x0001, 0x2950: 0x0001, 0x2951: 0x0001,
+	0x2952: 0x0001, 0x2953: 0x0001, 0x2954: 0x0001, 0x2955: 0x0001, 0x2956: 0x0001, 0x2957: 0x0001,
+	0x2958: 0x0001, 0x2959: 0x0001, 0x295a: 0x0001, 0x295b: 0x0001, 0x295c: 0x0001, 0x295d: 0x0001,
+	0x295e: 0x0001, 0x295f: 0x0001, 0x2960: 0x0001, 0x2961: 0x0001, 0x2962: 0x0001, 0x2963: 0x0001,
+	0x2964: 0x0001, 0x2965: 0x0001, 0x2966: 0x0001, 0x2967: 0x0001, 0x2968: 0x0001, 0x2969: 0x0001,
+	0x296a: 0x0001, 0x296b: 0x000c, 0x296c: 0x000c, 0x296d: 0x0001, 0x296e: 0x0001, 0x296f: 0x0001,
+	0x2970: 0x0001, 0x2971: 0x0001, 0x2972: 0x0001, 0x2973: 0x0001, 0x2974: 0x0001, 0x2975: 0x0001,
+	0x2976: 0x0001, 0x2977: 0x0001, 0x2978: 0x0001, 0x2979: 0x0001, 0x297a: 0x0001, 0x297b: 0x0001,
+	0x297c: 0x0001, 0x297d: 0x0001, 0x297e: 0x0001, 0x297f: 0x0001,
+	// Block 0xa6, offset 0x2980
+	0x2980: 0x0001, 0x2981: 0x0001, 0x2982: 0x0001, 0x2983: 0x0001, 0x2984: 0x0001, 0x2985: 0x0001,
+	0x2986: 0x0001, 0x2987: 0x0001, 0x2988: 0x0001, 0x2989: 0x0001, 0x298a: 0x0001, 0x298b: 0x0001,
+	0x298c: 0x0001, 0x298d: 0x0001, 0x298e: 0x0001, 0x298f: 0x0001, 0x2990: 0x0001, 0x2991: 0x0001,
+	0x2992: 0x0001, 0x2993: 0x0001, 0x2994: 0x0001, 0x2995: 0x0001, 0x2996: 0x0001, 0x2997: 0x0001,
+	0x2998: 0x0001, 0x2999: 0x0001, 0x299a: 0x0001, 0x299b: 0x0001, 0x299c: 0x0001, 0x299d: 0x0001,
+	0x299e: 0x0001, 0x299f: 0x0001, 0x29a0: 0x0001, 0x29a1: 0x0001, 0x29a2: 0x0001, 0x29a3: 0x0001,
+	0x29a4: 0x0001, 0x29a5: 0x0001, 0x29a6: 0x0001, 0x29a7: 0x0001, 0x29a8: 0x0001, 0x29a9: 0x0001,
+	0x29aa: 0x0001, 0x29ab: 0x0001, 0x29ac: 0x0001, 0x29ad: 0x0001, 0x29ae: 0x0001, 0x29af: 0x0001,
+	0x29b0: 0x0001, 0x29b1: 0x0001, 0x29b2: 0x0001, 0x29b3: 0x0001, 0x29b4: 0x0001, 0x29b5: 0x0001,
+	0x29b6: 0x0001, 0x29b7: 0x0001, 0x29b8: 0x0001, 0x29b9: 0x0001, 0x29ba: 0x0001, 0x29bb: 0x0001,
+	0x29bc: 0x0001, 0x29bd: 0x000c, 0x29be: 0x000c, 0x29bf: 0x000c,
+	// Block 0xa7, offset 0x29c0
+	0x29c0: 0x0001, 0x29c1: 0x0001, 0x29c2: 0x0001, 0x29c3: 0x0001, 0x29c4: 0x0001, 0x29c5: 0x0001,
+	0x29c6: 0x0001, 0x29c7: 0x0001, 0x29c8: 0x0001, 0x29c9: 0x0001, 0x29ca: 0x0001, 0x29cb: 0x0001,
+	0x29cc: 0x0001, 0x29cd: 0x0001, 0x29ce: 0x0001, 0x29cf: 0x0001, 0x29d0: 0x0001, 0x29d1: 0x0001,
+	0x29d2: 0x0001, 0x29d3: 0x0001, 0x29d4: 0x0001, 0x29d5: 0x0001, 0x29d6: 0x0001, 0x29d7: 0x0001,
+	0x29d8: 0x0001, 0x29d9: 0x0001, 0x29da: 0x0001, 0x29db: 0x0001, 0x29dc: 0x0001, 0x29dd: 0x0001,
+	0x29de: 0x0001, 0x29df: 0x0001, 0x29e0: 0x0001, 0x29e1: 0x0001, 0x29e2: 0x0001, 0x29e3: 0x0001,
+	0x29e4: 0x0001, 0x29e5: 0x0001, 0x29e6: 0x0001, 0x29e7: 0x0001, 0x29e8: 0x0001, 0x29e9: 0x0001,
+	0x29ea: 0x0001, 0x29eb: 0x0001, 0x29ec: 0x0001, 0x29ed: 0x0001, 0x29ee: 0x0001, 0x29ef: 0x0001,
+	0x29f0: 0x000d, 0x29f1: 0x000d, 0x29f2: 0x000d, 0x29f3: 0x000d, 0x29f4: 0x000d, 0x29f5: 0x000d,
+	0x29f6: 0x000d, 0x29f7: 0x000d, 0x29f8: 0x000d, 0x29f9: 0x000d, 0x29fa: 0x000d, 0x29fb: 0x000d,
+	0x29fc: 0x000d, 0x29fd: 0x000d, 0x29fe: 0x000d, 0x29ff: 0x000d,
+	// Block 0xa8, offset 0x2a00
+	0x2a00: 0x000d, 0x2a01: 0x000d, 0x2a02: 0x000d, 0x2a03: 0x000d, 0x2a04: 0x000d, 0x2a05: 0x000d,
+	0x2a06: 0x000c, 0x2a07: 0x000c, 0x2a08: 0x000c, 0x2a09: 0x000c, 0x2a0a: 0x000c, 0x2a0b: 0x000c,
+	0x2a0c: 0x000c, 0x2a0d: 0x000c, 0x2a0e: 0x000c, 0x2a0f: 0x000c, 0x2a10: 0x000c, 0x2a11: 0x000d,
+	0x2a12: 0x000d, 0x2a13: 0x000d, 0x2a14: 0x000d, 0x2a15: 0x000d, 0x2a16: 0x000d, 0x2a17: 0x000d,
+	0x2a18: 0x000d, 0x2a19: 0x000d, 0x2a1a: 0x0001, 0x2a1b: 0x0001, 0x2a1c: 0x0001, 0x2a1d: 0x0001,
+	0x2a1e: 0x0001, 0x2a1f: 0x0001, 0x2a20: 0x0001, 0x2a21: 0x0001, 0x2a22: 0x0001, 0x2a23: 0x0001,
+	0x2a24: 0x0001, 0x2a25: 0x0001, 0x2a26: 0x0001, 0x2a27: 0x0001, 0x2a28: 0x0001, 0x2a29: 0x0001,
+	0x2a2a: 0x0001, 0x2a2b: 0x0001, 0x2a2c: 0x0001, 0x2a2d: 0x0001, 0x2a2e: 0x0001, 0x2a2f: 0x0001,
+	0x2a30: 0x0001, 0x2a31: 0x0001, 0x2a32: 0x0001, 0x2a33: 0x0001, 0x2a34: 0x0001, 0x2a35: 0x0001,
+	0x2a36: 0x0001, 0x2a37: 0x0001, 0x2a38: 0x0001, 0x2a39: 0x0001, 0x2a3a: 0x0001, 0x2a3b: 0x0001,
+	0x2a3c: 0x0001, 0x2a3d: 0x0001, 0x2a3e: 0x0001, 0x2a3f: 0x0001,
+	// Block 0xa9, offset 0x2a40
+	0x2a40: 0x0001, 0x2a41: 0x0001, 0x2a42: 0x000c, 0x2a43: 0x000c, 0x2a44: 0x000c, 0x2a45: 0x000c,
+	0x2a46: 0x0001, 0x2a47: 0x0001, 0x2a48: 0x0001, 0x2a49: 0x0001, 0x2a4a: 0x0001, 0x2a4b: 0x0001,
+	0x2a4c: 0x0001, 0x2a4d: 0x0001, 0x2a4e: 0x0001, 0x2a4f: 0x0001, 0x2a50: 0x0001, 0x2a51: 0x0001,
+	0x2a52: 0x0001, 0x2a53: 0x0001, 0x2a54: 0x0001, 0x2a55: 0x0001, 0x2a56: 0x0001, 0x2a57: 0x0001,
+	0x2a58: 0x0001, 0x2a59: 0x0001, 0x2a5a: 0x0001, 0x2a5b: 0x0001, 0x2a5c: 0x0001, 0x2a5d: 0x0001,
+	0x2a5e: 0x0001, 0x2a5f: 0x0001, 0x2a60: 0x0001, 0x2a61: 0x0001, 0x2a62: 0x0001, 0x2a63: 0x0001,
+	0x2a64: 0x0001, 0x2a65: 0x0001, 0x2a66: 0x0001, 0x2a67: 0x0001, 0x2a68: 0x0001, 0x2a69: 0x0001,
+	0x2a6a: 0x0001, 0x2a6b: 0x0001, 0x2a6c: 0x0001, 0x2a6d: 0x0001, 0x2a6e: 0x0001, 0x2a6f: 0x0001,
+	0x2a70: 0x0001, 0x2a71: 0x0001, 0x2a72: 0x0001, 0x2a73: 0x0001, 0x2a74: 0x0001, 0x2a75: 0x0001,
+	0x2a76: 0x0001, 0x2a77: 0x0001, 0x2a78: 0x0001, 0x2a79: 0x0001, 0x2a7a: 0x0001, 0x2a7b: 0x0001,
+	0x2a7c: 0x0001, 0x2a7d: 0x0001, 0x2a7e: 0x0001, 0x2a7f: 0x0001,
+	// Block 0xaa, offset 0x2a80
+	0x2a81: 0x000c,
+	0x2ab8: 0x000c, 0x2ab9: 0x000c, 0x2aba: 0x000c, 0x2abb: 0x000c,
+	0x2abc: 0x000c, 0x2abd: 0x000c, 0x2abe: 0x000c, 0x2abf: 0x000c,
+	// Block 0xab, offset 0x2ac0
+	0x2ac0: 0x000c, 0x2ac1: 0x000c, 0x2ac2: 0x000c, 0x2ac3: 0x000c, 0x2ac4: 0x000c, 0x2ac5: 0x000c,
+	0x2ac6: 0x000c,
+	0x2ad2: 0x000a, 0x2ad3: 0x000a, 0x2ad4: 0x000a, 0x2ad5: 0x000a, 0x2ad6: 0x000a, 0x2ad7: 0x000a,
+	0x2ad8: 0x000a, 0x2ad9: 0x000a, 0x2ada: 0x000a, 0x2adb: 0x000a, 0x2adc: 0x000a, 0x2add: 0x000a,
+	0x2ade: 0x000a, 0x2adf: 0x000a, 0x2ae0: 0x000a, 0x2ae1: 0x000a, 0x2ae2: 0x000a, 0x2ae3: 0x000a,
+	0x2ae4: 0x000a, 0x2ae5: 0x000a,
+	0x2af0: 0x000c, 0x2af3: 0x000c, 0x2af4: 0x000c,
+	0x2aff: 0x000c,
+	// Block 0xac, offset 0x2b00
+	0x2b00: 0x000c, 0x2b01: 0x000c,
+	0x2b33: 0x000c, 0x2b34: 0x000c, 0x2b35: 0x000c,
+	0x2b36: 0x000c, 0x2b39: 0x000c, 0x2b3a: 0x000c,
+	// Block 0xad, offset 0x2b40
+	0x2b40: 0x000c, 0x2b41: 0x000c, 0x2b42: 0x000c,
+	0x2b67: 0x000c, 0x2b68: 0x000c, 0x2b69: 0x000c,
+	0x2b6a: 0x000c, 0x2b6b: 0x000c, 0x2b6d: 0x000c, 0x2b6e: 0x000c, 0x2b6f: 0x000c,
+	0x2b70: 0x000c, 0x2b71: 0x000c, 0x2b72: 0x000c, 0x2b73: 0x000c, 0x2b74: 0x000c,
+	// Block 0xae, offset 0x2b80
+	0x2bb3: 0x000c,
+	// Block 0xaf, offset 0x2bc0
+	0x2bc0: 0x000c, 0x2bc1: 0x000c,
+	0x2bf6: 0x000c, 0x2bf7: 0x000c, 0x2bf8: 0x000c, 0x2bf9: 0x000c, 0x2bfa: 0x000c, 0x2bfb: 0x000c,
+	0x2bfc: 0x000c, 0x2bfd: 0x000c, 0x2bfe: 0x000c,
+	// Block 0xb0, offset 0x2c00
+	0x2c09: 0x000c, 0x2c0a: 0x000c, 0x2c0b: 0x000c,
+	0x2c0c: 0x000c, 0x2c0f: 0x000c,
+	// Block 0xb1, offset 0x2c40
+	0x2c6f: 0x000c,
+	0x2c70: 0x000c, 0x2c71: 0x000c, 0x2c74: 0x000c,
+	0x2c76: 0x000c, 0x2c77: 0x000c,
+	0x2c7e: 0x000c,
+	// Block 0xb2, offset 0x2c80
+	0x2c9f: 0x000c, 0x2ca3: 0x000c,
+	0x2ca4: 0x000c, 0x2ca5: 0x000c, 0x2ca6: 0x000c, 0x2ca7: 0x000c, 0x2ca8: 0x000c, 0x2ca9: 0x000c,
+	0x2caa: 0x000c,
+	// Block 0xb3, offset 0x2cc0
+	0x2cc0: 0x000c,
+	0x2ce6: 0x000c, 0x2ce7: 0x000c, 0x2ce8: 0x000c, 0x2ce9: 0x000c,
+	0x2cea: 0x000c, 0x2ceb: 0x000c, 0x2cec: 0x000c,
+	0x2cf0: 0x000c, 0x2cf1: 0x000c, 0x2cf2: 0x000c, 0x2cf3: 0x000c, 0x2cf4: 0x000c,
+	// Block 0xb4, offset 0x2d00
+	0x2d38: 0x000c, 0x2d39: 0x000c, 0x2d3a: 0x000c, 0x2d3b: 0x000c,
+	0x2d3c: 0x000c, 0x2d3d: 0x000c, 0x2d3e: 0x000c, 0x2d3f: 0x000c,
+	// Block 0xb5, offset 0x2d40
+	0x2d42: 0x000c, 0x2d43: 0x000c, 0x2d44: 0x000c,
+	0x2d46: 0x000c,
+	0x2d5e: 0x000c,
+	// Block 0xb6, offset 0x2d80
+	0x2db3: 0x000c, 0x2db4: 0x000c, 0x2db5: 0x000c,
+	0x2db6: 0x000c, 0x2db7: 0x000c, 0x2db8: 0x000c, 0x2dba: 0x000c,
+	0x2dbf: 0x000c,
+	// Block 0xb7, offset 0x2dc0
+	0x2dc0: 0x000c, 0x2dc2: 0x000c, 0x2dc3: 0x000c,
+	// Block 0xb8, offset 0x2e00
+	0x2e32: 0x000c, 0x2e33: 0x000c, 0x2e34: 0x000c, 0x2e35: 0x000c,
+	0x2e3c: 0x000c, 0x2e3d: 0x000c, 0x2e3f: 0x000c,
+	// Block 0xb9, offset 0x2e40
+	0x2e40: 0x000c,
+	0x2e5c: 0x000c, 0x2e5d: 0x000c,
+	// Block 0xba, offset 0x2e80
+	0x2eb3: 0x000c, 0x2eb4: 0x000c, 0x2eb5: 0x000c,
+	0x2eb6: 0x000c, 0x2eb7: 0x000c, 0x2eb8: 0x000c, 0x2eb9: 0x000c, 0x2eba: 0x000c,
+	0x2ebd: 0x000c, 0x2ebf: 0x000c,
+	// Block 0xbb, offset 0x2ec0
+	0x2ec0: 0x000c,
+	0x2ee0: 0x000a, 0x2ee1: 0x000a, 0x2ee2: 0x000a, 0x2ee3: 0x000a,
+	0x2ee4: 0x000a, 0x2ee5: 0x000a, 0x2ee6: 0x000a, 0x2ee7: 0x000a, 0x2ee8: 0x000a, 0x2ee9: 0x000a,
+	0x2eea: 0x000a, 0x2eeb: 0x000a, 0x2eec: 0x000a,
+	// Block 0xbc, offset 0x2f00
+	0x2f2b: 0x000c, 0x2f2d: 0x000c,
+	0x2f30: 0x000c, 0x2f31: 0x000c, 0x2f32: 0x000c, 0x2f33: 0x000c, 0x2f34: 0x000c, 0x2f35: 0x000c,
+	0x2f37: 0x000c,
+	// Block 0xbd, offset 0x2f40
+	0x2f5d: 0x000c,
+	0x2f5e: 0x000c, 0x2f5f: 0x000c, 0x2f62: 0x000c, 0x2f63: 0x000c,
+	0x2f64: 0x000c, 0x2f65: 0x000c, 0x2f67: 0x000c, 0x2f68: 0x000c, 0x2f69: 0x000c,
+	0x2f6a: 0x000c, 0x2f6b: 0x000c,
+	// Block 0xbe, offset 0x2f80
+	0x2faf: 0x000c,
+	0x2fb0: 0x000c, 0x2fb1: 0x000c, 0x2fb2: 0x000c, 0x2fb3: 0x000c, 0x2fb4: 0x000c, 0x2fb5: 0x000c,
+	0x2fb6: 0x000c, 0x2fb7: 0x000c, 0x2fb9: 0x000c, 0x2fba: 0x000c,
+	// Block 0xbf, offset 0x2fc0
+	0x2ffb: 0x000c,
+	0x2ffc: 0x000c, 0x2ffe: 0x000c,
+	// Block 0xc0, offset 0x3000
+	0x3003: 0x000c,
+	// Block 0xc1, offset 0x3040
+	0x3054: 0x000c, 0x3055: 0x000c, 0x3056: 0x000c, 0x3057: 0x000c,
+	0x305a: 0x000c, 0x305b: 0x000c,
+	0x3060: 0x000c,
+	// Block 0xc2, offset 0x3080
+	0x3081: 0x000c, 0x3082: 0x000c, 0x3083: 0x000c, 0x3084: 0x000c, 0x3085: 0x000c,
+	0x3086: 0x000c, 0x3089: 0x000c, 0x308a: 0x000c,
+	0x30b3: 0x000c, 0x30b4: 0x000c, 0x30b5: 0x000c,
+	0x30b6: 0x000c, 0x30b7: 0x000c, 0x30b8: 0x000c, 0x30bb: 0x000c,
+	0x30bc: 0x000c, 0x30bd: 0x000c, 0x30be: 0x000c,
+	// Block 0xc3, offset 0x30c0
+	0x30c7: 0x000c,
+	0x30d1: 0x000c,
+	0x30d2: 0x000c, 0x30d3: 0x000c, 0x30d4: 0x000c, 0x30d5: 0x000c, 0x30d6: 0x000c,
+	0x30d9: 0x000c, 0x30da: 0x000c, 0x30db: 0x000c,
+	// Block 0xc4, offset 0x3100
+	0x310a: 0x000c, 0x310b: 0x000c,
+	0x310c: 0x000c, 0x310d: 0x000c, 0x310e: 0x000c, 0x310f: 0x000c, 0x3110: 0x000c, 0x3111: 0x000c,
+	0x3112: 0x000c, 0x3113: 0x000c, 0x3114: 0x000c, 0x3115: 0x000c, 0x3116: 0x000c,
+	0x3118: 0x000c, 0x3119: 0x000c,
+	// Block 0xc5, offset 0x3140
+	0x3170: 0x000c, 0x3171: 0x000c, 0x3172: 0x000c, 0x3173: 0x000c, 0x3174: 0x000c, 0x3175: 0x000c,
+	0x3176: 0x000c, 0x3178: 0x000c, 0x3179: 0x000c, 0x317a: 0x000c, 0x317b: 0x000c,
+	0x317c: 0x000c, 0x317d: 0x000c,
+	// Block 0xc6, offset 0x3180
+	0x3192: 0x000c, 0x3193: 0x000c, 0x3194: 0x000c, 0x3195: 0x000c, 0x3196: 0x000c, 0x3197: 0x000c,
+	0x3198: 0x000c, 0x3199: 0x000c, 0x319a: 0x000c, 0x319b: 0x000c, 0x319c: 0x000c, 0x319d: 0x000c,
+	0x319e: 0x000c, 0x319f: 0x000c, 0x31a0: 0x000c, 0x31a1: 0x000c, 0x31a2: 0x000c, 0x31a3: 0x000c,
+	0x31a4: 0x000c, 0x31a5: 0x000c, 0x31a6: 0x000c, 0x31a7: 0x000c,
+	0x31aa: 0x000c, 0x31ab: 0x000c, 0x31ac: 0x000c, 0x31ad: 0x000c, 0x31ae: 0x000c, 0x31af: 0x000c,
+	0x31b0: 0x000c, 0x31b2: 0x000c, 0x31b3: 0x000c, 0x31b5: 0x000c,
+	0x31b6: 0x000c,
+	// Block 0xc7, offset 0x31c0
+	0x31f1: 0x000c, 0x31f2: 0x000c, 0x31f3: 0x000c, 0x31f4: 0x000c, 0x31f5: 0x000c,
+	0x31f6: 0x000c, 0x31fa: 0x000c,
+	0x31fc: 0x000c, 0x31fd: 0x000c, 0x31ff: 0x000c,
+	// Block 0xc8, offset 0x3200
+	0x3200: 0x000c, 0x3201: 0x000c, 0x3202: 0x000c, 0x3203: 0x000c, 0x3204: 0x000c, 0x3205: 0x000c,
+	0x3207: 0x000c,
+	// Block 0xc9, offset 0x3240
+	0x3250: 0x000c, 0x3251: 0x000c,
+	0x3255: 0x000c, 0x3257: 0x000c,
+	// Block 0xca, offset 0x3280
+	0x32b3: 0x000c, 0x32b4: 0x000c,
+	// Block 0xcb, offset 0x32c0
+	0x32c0: 0x000c, 0x32c1: 0x000c,
+	0x32f6: 0x000c, 0x32f7: 0x000c, 0x32f8: 0x000c, 0x32f9: 0x000c, 0x32fa: 0x000c,
+	// Block 0xcc, offset 0x3300
+	0x3300: 0x000c, 0x3302: 0x000c,
+	// Block 0xcd, offset 0x3340
+	0x3355: 0x000a, 0x3356: 0x000a, 0x3357: 0x000a,
+	0x3358: 0x000a, 0x3359: 0x000a, 0x335a: 0x000a, 0x335b: 0x000a, 0x335c: 0x000a, 0x335d: 0x0004,
+	0x335e: 0x0004, 0x335f: 0x0004, 0x3360: 0x0004, 0x3361: 0x000a, 0x3362: 0x000a, 0x3363: 0x000a,
+	0x3364: 0x000a, 0x3365: 0x000a, 0x3366: 0x000a, 0x3367: 0x000a, 0x3368: 0x000a, 0x3369: 0x000a,
+	0x336a: 0x000a, 0x336b: 0x000a, 0x336c: 0x000a, 0x336d: 0x000a, 0x336e: 0x000a, 0x336f: 0x000a,
+	0x3370: 0x000a, 0x3371: 0x000a,
+	// Block 0xce, offset 0x3380
+	0x3380: 0x000c,
+	0x3387: 0x000c, 0x3388: 0x000c, 0x3389: 0x000c, 0x338a: 0x000c, 0x338b: 0x000c,
+	0x338c: 0x000c, 0x338d: 0x000c, 0x338e: 0x000c, 0x338f: 0x000c, 0x3390: 0x000c, 0x3391: 0x000c,
+	0x3392: 0x000c, 0x3393: 0x000c, 0x3394: 0x000c, 0x3395: 0x000c,
+	// Block 0xcf, offset 0x33c0
+	0x33f0: 0x000c, 0x33f1: 0x000c, 0x33f2: 0x000c, 0x33f3: 0x000c, 0x33f4: 0x000c,
+	// Block 0xd0, offset 0x3400
+	0x3430: 0x000c, 0x3431: 0x000c, 0x3432: 0x000c, 0x3433: 0x000c, 0x3434: 0x000c, 0x3435: 0x000c,
+	0x3436: 0x000c,
+	// Block 0xd1, offset 0x3440
+	0x344f: 0x000c,
+	// Block 0xd2, offset 0x3480
+	0x348f: 0x000c, 0x3490: 0x000c, 0x3491: 0x000c,
+	0x3492: 0x000c,
+	// Block 0xd3, offset 0x34c0
+	0x34e2: 0x000a,
+	0x34e4: 0x000c,
+	// Block 0xd4, offset 0x3500
+	0x351d: 0x000c,
+	0x351e: 0x000c, 0x3520: 0x000b, 0x3521: 0x000b, 0x3522: 0x000b, 0x3523: 0x000b,
+	// Block 0xd5, offset 0x3540
+	0x3540: 0x000c, 0x3541: 0x000c, 0x3542: 0x000c, 0x3543: 0x000c, 0x3544: 0x000c, 0x3545: 0x000c,
+	0x3546: 0x000c, 0x3547: 0x000c, 0x3548: 0x000c, 0x3549: 0x000c, 0x354a: 0x000c, 0x354b: 0x000c,
+	0x354c: 0x000c, 0x354d: 0x000c, 0x354e: 0x000c, 0x354f: 0x000c, 0x3550: 0x000c, 0x3551: 0x000c,
+	0x3552: 0x000c, 0x3553: 0x000c, 0x3554: 0x000c, 0x3555: 0x000c, 0x3556: 0x000c, 0x3557: 0x000c,
+	0x3558: 0x000c, 0x3559: 0x000c, 0x355a: 0x000c, 0x355b: 0x000c, 0x355c: 0x000c, 0x355d: 0x000c,
+	0x355e: 0x000c, 0x355f: 0x000c, 0x3560: 0x000c, 0x3561: 0x000c, 0x3562: 0x000c, 0x3563: 0x000c,
+	0x3564: 0x000c, 0x3565: 0x000c, 0x3566: 0x000c, 0x3567: 0x000c, 0x3568: 0x000c, 0x3569: 0x000c,
+	0x356a: 0x000c, 0x356b: 0x000c, 0x356c: 0x000c, 0x356d: 0x000c,
+	0x3570: 0x000c, 0x3571: 0x000c, 0x3572: 0x000c, 0x3573: 0x000c, 0x3574: 0x000c, 0x3575: 0x000c,
+	0x3576: 0x000c, 0x3577: 0x000c, 0x3578: 0x000c, 0x3579: 0x000c, 0x357a: 0x000c, 0x357b: 0x000c,
+	0x357c: 0x000c, 0x357d: 0x000c, 0x357e: 0x000c, 0x357f: 0x000c,
+	// Block 0xd6, offset 0x3580
+	0x3580: 0x000c, 0x3581: 0x000c, 0x3582: 0x000c, 0x3583: 0x000c, 0x3584: 0x000c, 0x3585: 0x000c,
+	0x3586: 0x000c,
+	// Block 0xd7, offset 0x35c0
+	0x35e7: 0x000c, 0x35e8: 0x000c, 0x35e9: 0x000c,
+	0x35f3: 0x000b, 0x35f4: 0x000b, 0x35f5: 0x000b,
+	0x35f6: 0x000b, 0x35f7: 0x000b, 0x35f8: 0x000b, 0x35f9: 0x000b, 0x35fa: 0x000b, 0x35fb: 0x000c,
+	0x35fc: 0x000c, 0x35fd: 0x000c, 0x35fe: 0x000c, 0x35ff: 0x000c,
+	// Block 0xd8, offset 0x3600
+	0x3600: 0x000c, 0x3601: 0x000c, 0x3602: 0x000c, 0x3605: 0x000c,
+	0x3606: 0x000c, 0x3607: 0x000c, 0x3608: 0x000c, 0x3609: 0x000c, 0x360a: 0x000c, 0x360b: 0x000c,
+	0x362a: 0x000c, 0x362b: 0x000c, 0x362c: 0x000c, 0x362d: 0x000c,
+	// Block 0xd9, offset 0x3640
+	0x3669: 0x000a,
+	0x366a: 0x000a,
+	// Block 0xda, offset 0x3680
+	0x3680: 0x000a, 0x3681: 0x000a, 0x3682: 0x000c, 0x3683: 0x000c, 0x3684: 0x000c, 0x3685: 0x000a,
+	// Block 0xdb, offset 0x36c0
+	0x36c0: 0x000a, 0x36c1: 0x000a, 0x36c2: 0x000a, 0x36c3: 0x000a, 0x36c4: 0x000a, 0x36c5: 0x000a,
+	0x36c6: 0x000a, 0x36c7: 0x000a, 0x36c8: 0x000a, 0x36c9: 0x000a, 0x36ca: 0x000a, 0x36cb: 0x000a,
+	0x36cc: 0x000a, 0x36cd: 0x000a, 0x36ce: 0x000a, 0x36cf: 0x000a, 0x36d0: 0x000a, 0x36d1: 0x000a,
+	0x36d2: 0x000a, 0x36d3: 0x000a, 0x36d4: 0x000a, 0x36d5: 0x000a, 0x36d6: 0x000a,
+	// Block 0xdc, offset 0x3700
+	0x371b: 0x000a,
+	// Block 0xdd, offset 0x3740
+	0x3755: 0x000a,
+	// Block 0xde, offset 0x3780
+	0x378f: 0x000a,
+	// Block 0xdf, offset 0x37c0
+	0x37c9: 0x000a,
+	// Block 0xe0, offset 0x3800
+	0x3803: 0x000a,
+	0x380e: 0x0002, 0x380f: 0x0002, 0x3810: 0x0002, 0x3811: 0x0002,
+	0x3812: 0x0002, 0x3813: 0x0002, 0x3814: 0x0002, 0x3815: 0x0002, 0x3816: 0x0002, 0x3817: 0x0002,
+	0x3818: 0x0002, 0x3819: 0x0002, 0x381a: 0x0002, 0x381b: 0x0002, 0x381c: 0x0002, 0x381d: 0x0002,
+	0x381e: 0x0002, 0x381f: 0x0002, 0x3820: 0x0002, 0x3821: 0x0002, 0x3822: 0x0002, 0x3823: 0x0002,
+	0x3824: 0x0002, 0x3825: 0x0002, 0x3826: 0x0002, 0x3827: 0x0002, 0x3828: 0x0002, 0x3829: 0x0002,
+	0x382a: 0x0002, 0x382b: 0x0002, 0x382c: 0x0002, 0x382d: 0x0002, 0x382e: 0x0002, 0x382f: 0x0002,
+	0x3830: 0x0002, 0x3831: 0x0002, 0x3832: 0x0002, 0x3833: 0x0002, 0x3834: 0x0002, 0x3835: 0x0002,
+	0x3836: 0x0002, 0x3837: 0x0002, 0x3838: 0x0002, 0x3839: 0x0002, 0x383a: 0x0002, 0x383b: 0x0002,
+	0x383c: 0x0002, 0x383d: 0x0002, 0x383e: 0x0002, 0x383f: 0x0002,
+	// Block 0xe1, offset 0x3840
+	0x3840: 0x000c, 0x3841: 0x000c, 0x3842: 0x000c, 0x3843: 0x000c, 0x3844: 0x000c, 0x3845: 0x000c,
+	0x3846: 0x000c, 0x3847: 0x000c, 0x3848: 0x000c, 0x3849: 0x000c, 0x384a: 0x000c, 0x384b: 0x000c,
+	0x384c: 0x000c, 0x384d: 0x000c, 0x384e: 0x000c, 0x384f: 0x000c, 0x3850: 0x000c, 0x3851: 0x000c,
+	0x3852: 0x000c, 0x3853: 0x000c, 0x3854: 0x000c, 0x3855: 0x000c, 0x3856: 0x000c, 0x3857: 0x000c,
+	0x3858: 0x000c, 0x3859: 0x000c, 0x385a: 0x000c, 0x385b: 0x000c, 0x385c: 0x000c, 0x385d: 0x000c,
+	0x385e: 0x000c, 0x385f: 0x000c, 0x3860: 0x000c, 0x3861: 0x000c, 0x3862: 0x000c, 0x3863: 0x000c,
+	0x3864: 0x000c, 0x3865: 0x000c, 0x3866: 0x000c, 0x3867: 0x000c, 0x3868: 0x000c, 0x3869: 0x000c,
+	0x386a: 0x000c, 0x386b: 0x000c, 0x386c: 0x000c, 0x386d: 0x000c, 0x386e: 0x000c, 0x386f: 0x000c,
+	0x3870: 0x000c, 0x3871: 0x000c, 0x3872: 0x000c, 0x3873: 0x000c, 0x3874: 0x000c, 0x3875: 0x000c,
+	0x3876: 0x000c, 0x387b: 0x000c,
+	0x387c: 0x000c, 0x387d: 0x000c, 0x387e: 0x000c, 0x387f: 0x000c,
+	// Block 0xe2, offset 0x3880
+	0x3880: 0x000c, 0x3881: 0x000c, 0x3882: 0x000c, 0x3883: 0x000c, 0x3884: 0x000c, 0x3885: 0x000c,
+	0x3886: 0x000c, 0x3887: 0x000c, 0x3888: 0x000c, 0x3889: 0x000c, 0x388a: 0x000c, 0x388b: 0x000c,
+	0x388c: 0x000c, 0x388d: 0x000c, 0x388e: 0x000c, 0x388f: 0x000c, 0x3890: 0x000c, 0x3891: 0x000c,
+	0x3892: 0x000c, 0x3893: 0x000c, 0x3894: 0x000c, 0x3895: 0x000c, 0x3896: 0x000c, 0x3897: 0x000c,
+	0x3898: 0x000c, 0x3899: 0x000c, 0x389a: 0x000c, 0x389b: 0x000c, 0x389c: 0x000c, 0x389d: 0x000c,
+	0x389e: 0x000c, 0x389f: 0x000c, 0x38a0: 0x000c, 0x38a1: 0x000c, 0x38a2: 0x000c, 0x38a3: 0x000c,
+	0x38a4: 0x000c, 0x38a5: 0x000c, 0x38a6: 0x000c, 0x38a7: 0x000c, 0x38a8: 0x000c, 0x38a9: 0x000c,
+	0x38aa: 0x000c, 0x38ab: 0x000c, 0x38ac: 0x000c,
+	0x38b5: 0x000c,
+	// Block 0xe3, offset 0x38c0
+	0x38c4: 0x000c,
+	0x38db: 0x000c, 0x38dc: 0x000c, 0x38dd: 0x000c,
+	0x38de: 0x000c, 0x38df: 0x000c, 0x38e1: 0x000c, 0x38e2: 0x000c, 0x38e3: 0x000c,
+	0x38e4: 0x000c, 0x38e5: 0x000c, 0x38e6: 0x000c, 0x38e7: 0x000c, 0x38e8: 0x000c, 0x38e9: 0x000c,
+	0x38ea: 0x000c, 0x38eb: 0x000c, 0x38ec: 0x000c, 0x38ed: 0x000c, 0x38ee: 0x000c, 0x38ef: 0x000c,
+	// Block 0xe4, offset 0x3900
+	0x3900: 0x000c, 0x3901: 0x000c, 0x3902: 0x000c, 0x3903: 0x000c, 0x3904: 0x000c, 0x3905: 0x000c,
+	0x3906: 0x000c, 0x3908: 0x000c, 0x3909: 0x000c, 0x390a: 0x000c, 0x390b: 0x000c,
+	0x390c: 0x000c, 0x390d: 0x000c, 0x390e: 0x000c, 0x390f: 0x000c, 0x3910: 0x000c, 0x3911: 0x000c,
+	0x3912: 0x000c, 0x3913: 0x000c, 0x3914: 0x000c, 0x3915: 0x000c, 0x3916: 0x000c, 0x3917: 0x000c,
+	0x3918: 0x000c, 0x391b: 0x000c, 0x391c: 0x000c, 0x391d: 0x000c,
+	0x391e: 0x000c, 0x391f: 0x000c, 0x3920: 0x000c, 0x3921: 0x000c, 0x3923: 0x000c,
+	0x3924: 0x000c, 0x3926: 0x000c, 0x3927: 0x000c, 0x3928: 0x000c, 0x3929: 0x000c,
+	0x392a: 0x000c,
+	// Block 0xe5, offset 0x3940
+	0x396e: 0x000c,
+	// Block 0xe6, offset 0x3980
+	0x39ac: 0x000c, 0x39ad: 0x000c, 0x39ae: 0x000c, 0x39af: 0x000c,
+	0x39bf: 0x0004,
+	// Block 0xe7, offset 0x39c0
+	0x39ec: 0x000c, 0x39ed: 0x000c, 0x39ee: 0x000c, 0x39ef: 0x000c,
+	// Block 0xe8, offset 0x3a00
+	0x3a00: 0x0001, 0x3a01: 0x0001, 0x3a02: 0x0001, 0x3a03: 0x0001, 0x3a04: 0x0001, 0x3a05: 0x0001,
+	0x3a06: 0x0001, 0x3a07: 0x0001, 0x3a08: 0x0001, 0x3a09: 0x0001, 0x3a0a: 0x0001, 0x3a0b: 0x0001,
+	0x3a0c: 0x0001, 0x3a0d: 0x0001, 0x3a0e: 0x0001, 0x3a0f: 0x0001, 0x3a10: 0x000c, 0x3a11: 0x000c,
+	0x3a12: 0x000c, 0x3a13: 0x000c, 0x3a14: 0x000c, 0x3a15: 0x000c, 0x3a16: 0x000c, 0x3a17: 0x0001,
+	0x3a18: 0x0001, 0x3a19: 0x0001, 0x3a1a: 0x0001, 0x3a1b: 0x0001, 0x3a1c: 0x0001, 0x3a1d: 0x0001,
+	0x3a1e: 0x0001, 0x3a1f: 0x0001, 0x3a20: 0x0001, 0x3a21: 0x0001, 0x3a22: 0x0001, 0x3a23: 0x0001,
+	0x3a24: 0x0001, 0x3a25: 0x0001, 0x3a26: 0x0001, 0x3a27: 0x0001, 0x3a28: 0x0001, 0x3a29: 0x0001,
+	0x3a2a: 0x0001, 0x3a2b: 0x0001, 0x3a2c: 0x0001, 0x3a2d: 0x0001, 0x3a2e: 0x0001, 0x3a2f: 0x0001,
+	0x3a30: 0x0001, 0x3a31: 0x0001, 0x3a32: 0x0001, 0x3a33: 0x0001, 0x3a34: 0x0001, 0x3a35: 0x0001,
+	0x3a36: 0x0001, 0x3a37: 0x0001, 0x3a38: 0x0001, 0x3a39: 0x0001, 0x3a3a: 0x0001, 0x3a3b: 0x0001,
+	0x3a3c: 0x0001, 0x3a3d: 0x0001, 0x3a3e: 0x0001, 0x3a3f: 0x0001,
+	// Block 0xe9, offset 0x3a40
+	0x3a40: 0x0001, 0x3a41: 0x0001, 0x3a42: 0x0001, 0x3a43: 0x0001, 0x3a44: 0x000c, 0x3a45: 0x000c,
+	0x3a46: 0x000c, 0x3a47: 0x000c, 0x3a48: 0x000c, 0x3a49: 0x000c, 0x3a4a: 0x000c, 0x3a4b: 0x0001,
+	0x3a4c: 0x0001, 0x3a4d: 0x0001, 0x3a4e: 0x0001, 0x3a4f: 0x0001, 0x3a50: 0x0001, 0x3a51: 0x0001,
+	0x3a52: 0x0001, 0x3a53: 0x0001, 0x3a54: 0x0001, 0x3a55: 0x0001, 0x3a56: 0x0001, 0x3a57: 0x0001,
+	0x3a58: 0x0001, 0x3a59: 0x0001, 0x3a5a: 0x0001, 0x3a5b: 0x0001, 0x3a5c: 0x0001, 0x3a5d: 0x0001,
+	0x3a5e: 0x0001, 0x3a5f: 0x0001, 0x3a60: 0x0001, 0x3a61: 0x0001, 0x3a62: 0x0001, 0x3a63: 0x0001,
+	0x3a64: 0x0001, 0x3a65: 0x0001, 0x3a66: 0x0001, 0x3a67: 0x0001, 0x3a68: 0x0001, 0x3a69: 0x0001,
+	0x3a6a: 0x0001, 0x3a6b: 0x0001, 0x3a6c: 0x0001, 0x3a6d: 0x0001, 0x3a6e: 0x0001, 0x3a6f: 0x0001,
+	0x3a70: 0x0001, 0x3a71: 0x0001, 0x3a72: 0x0001, 0x3a73: 0x0001, 0x3a74: 0x0001, 0x3a75: 0x0001,
+	0x3a76: 0x0001, 0x3a77: 0x0001, 0x3a78: 0x0001, 0x3a79: 0x0001, 0x3a7a: 0x0001, 0x3a7b: 0x0001,
+	0x3a7c: 0x0001, 0x3a7d: 0x0001, 0x3a7e: 0x0001, 0x3a7f: 0x0001,
+	// Block 0xea, offset 0x3a80
+	0x3a80: 0x0001, 0x3a81: 0x0001, 0x3a82: 0x0001, 0x3a83: 0x0001, 0x3a84: 0x0001, 0x3a85: 0x0001,
+	0x3a86: 0x0001, 0x3a87: 0x0001, 0x3a88: 0x0001, 0x3a89: 0x0001, 0x3a8a: 0x0001, 0x3a8b: 0x0001,
+	0x3a8c: 0x0001, 0x3a8d: 0x0001, 0x3a8e: 0x0001, 0x3a8f: 0x0001, 0x3a90: 0x0001, 0x3a91: 0x0001,
+	0x3a92: 0x0001, 0x3a93: 0x0001, 0x3a94: 0x0001, 0x3a95: 0x0001, 0x3a96: 0x0001, 0x3a97: 0x0001,
+	0x3a98: 0x0001, 0x3a99: 0x0001, 0x3a9a: 0x0001, 0x3a9b: 0x0001, 0x3a9c: 0x0001, 0x3a9d: 0x0001,
+	0x3a9e: 0x0001, 0x3a9f: 0x0001, 0x3aa0: 0x0001, 0x3aa1: 0x0001, 0x3aa2: 0x0001, 0x3aa3: 0x0001,
+	0x3aa4: 0x0001, 0x3aa5: 0x0001, 0x3aa6: 0x0001, 0x3aa7: 0x0001, 0x3aa8: 0x0001, 0x3aa9: 0x0001,
+	0x3aaa: 0x0001, 0x3aab: 0x0001, 0x3aac: 0x0001, 0x3aad: 0x0001, 0x3aae: 0x0001, 0x3aaf: 0x0001,
+	0x3ab0: 0x0001, 0x3ab1: 0x000d, 0x3ab2: 0x000d, 0x3ab3: 0x000d, 0x3ab4: 0x000d, 0x3ab5: 0x000d,
+	0x3ab6: 0x000d, 0x3ab7: 0x000d, 0x3ab8: 0x000d, 0x3ab9: 0x000d, 0x3aba: 0x000d, 0x3abb: 0x000d,
+	0x3abc: 0x000d, 0x3abd: 0x000d, 0x3abe: 0x000d, 0x3abf: 0x000d,
+	// Block 0xeb, offset 0x3ac0
+	0x3ac0: 0x000d, 0x3ac1: 0x000d, 0x3ac2: 0x000d, 0x3ac3: 0x000d, 0x3ac4: 0x000d, 0x3ac5: 0x000d,
+	0x3ac6: 0x000d, 0x3ac7: 0x000d, 0x3ac8: 0x000d, 0x3ac9: 0x000d, 0x3aca: 0x000d, 0x3acb: 0x000d,
+	0x3acc: 0x000d, 0x3acd: 0x000d, 0x3ace: 0x000d, 0x3acf: 0x000d, 0x3ad0: 0x000d, 0x3ad1: 0x000d,
+	0x3ad2: 0x000d, 0x3ad3: 0x000d, 0x3ad4: 0x000d, 0x3ad5: 0x000d, 0x3ad6: 0x000d, 0x3ad7: 0x000d,
+	0x3ad8: 0x000d, 0x3ad9: 0x000d, 0x3ada: 0x000d, 0x3adb: 0x000d, 0x3adc: 0x000d, 0x3add: 0x000d,
+	0x3ade: 0x000d, 0x3adf: 0x000d, 0x3ae0: 0x000d, 0x3ae1: 0x000d, 0x3ae2: 0x000d, 0x3ae3: 0x000d,
+	0x3ae4: 0x000d, 0x3ae5: 0x000d, 0x3ae6: 0x000d, 0x3ae7: 0x000d, 0x3ae8: 0x000d, 0x3ae9: 0x000d,
+	0x3aea: 0x000d, 0x3aeb: 0x000d, 0x3aec: 0x000d, 0x3aed: 0x000d, 0x3aee: 0x000d, 0x3aef: 0x000d,
+	0x3af0: 0x000d, 0x3af1: 0x000d, 0x3af2: 0x000d, 0x3af3: 0x000d, 0x3af4: 0x000d, 0x3af5: 0x0001,
+	0x3af6: 0x0001, 0x3af7: 0x0001, 0x3af8: 0x0001, 0x3af9: 0x0001, 0x3afa: 0x0001, 0x3afb: 0x0001,
+	0x3afc: 0x0001, 0x3afd: 0x0001, 0x3afe: 0x0001, 0x3aff: 0x0001,
+	// Block 0xec, offset 0x3b00
+	0x3b00: 0x0001, 0x3b01: 0x000d, 0x3b02: 0x000d, 0x3b03: 0x000d, 0x3b04: 0x000d, 0x3b05: 0x000d,
+	0x3b06: 0x000d, 0x3b07: 0x000d, 0x3b08: 0x000d, 0x3b09: 0x000d, 0x3b0a: 0x000d, 0x3b0b: 0x000d,
+	0x3b0c: 0x000d, 0x3b0d: 0x000d, 0x3b0e: 0x000d, 0x3b0f: 0x000d, 0x3b10: 0x000d, 0x3b11: 0x000d,
+	0x3b12: 0x000d, 0x3b13: 0x000d, 0x3b14: 0x000d, 0x3b15: 0x000d, 0x3b16: 0x000d, 0x3b17: 0x000d,
+	0x3b18: 0x000d, 0x3b19: 0x000d, 0x3b1a: 0x000d, 0x3b1b: 0x000d, 0x3b1c: 0x000d, 0x3b1d: 0x000d,
+	0x3b1e: 0x000d, 0x3b1f: 0x000d, 0x3b20: 0x000d, 0x3b21: 0x000d, 0x3b22: 0x000d, 0x3b23: 0x000d,
+	0x3b24: 0x000d, 0x3b25: 0x000d, 0x3b26: 0x000d, 0x3b27: 0x000d, 0x3b28: 0x000d, 0x3b29: 0x000d,
+	0x3b2a: 0x000d, 0x3b2b: 0x000d, 0x3b2c: 0x000d, 0x3b2d: 0x000d, 0x3b2e: 0x000d, 0x3b2f: 0x000d,
+	0x3b30: 0x000d, 0x3b31: 0x000d, 0x3b32: 0x000d, 0x3b33: 0x000d, 0x3b34: 0x000d, 0x3b35: 0x000d,
+	0x3b36: 0x000d, 0x3b37: 0x000d, 0x3b38: 0x000d, 0x3b39: 0x000d, 0x3b3a: 0x000d, 0x3b3b: 0x000d,
+	0x3b3c: 0x000d, 0x3b3d: 0x000d, 0x3b3e: 0x0001, 0x3b3f: 0x0001,
+	// Block 0xed, offset 0x3b40
+	0x3b40: 0x000d, 0x3b41: 0x000d, 0x3b42: 0x000d, 0x3b43: 0x000d, 0x3b44: 0x000d, 0x3b45: 0x000d,
+	0x3b46: 0x000d, 0x3b47: 0x000d, 0x3b48: 0x000d, 0x3b49: 0x000d, 0x3b4a: 0x000d, 0x3b4b: 0x000d,
+	0x3b4c: 0x000d, 0x3b4d: 0x000d, 0x3b4e: 0x000d, 0x3b4f: 0x000d, 0x3b50: 0x000d, 0x3b51: 0x000d,
+	0x3b52: 0x000d, 0x3b53: 0x000d, 0x3b54: 0x000d, 0x3b55: 0x000d, 0x3b56: 0x000d, 0x3b57: 0x000d,
+	0x3b58: 0x000d, 0x3b59: 0x000d, 0x3b5a: 0x000d, 0x3b5b: 0x000d, 0x3b5c: 0x000d, 0x3b5d: 0x000d,
+	0x3b5e: 0x000d, 0x3b5f: 0x000d, 0x3b60: 0x000d, 0x3b61: 0x000d, 0x3b62: 0x000d, 0x3b63: 0x000d,
+	0x3b64: 0x000d, 0x3b65: 0x000d, 0x3b66: 0x000d, 0x3b67: 0x000d, 0x3b68: 0x000d, 0x3b69: 0x000d,
+	0x3b6a: 0x000d, 0x3b6b: 0x000d, 0x3b6c: 0x000d, 0x3b6d: 0x000d, 0x3b6e: 0x000d, 0x3b6f: 0x000d,
+	0x3b70: 0x000a, 0x3b71: 0x000a, 0x3b72: 0x000d, 0x3b73: 0x000d, 0x3b74: 0x000d, 0x3b75: 0x000d,
+	0x3b76: 0x000d, 0x3b77: 0x000d, 0x3b78: 0x000d, 0x3b79: 0x000d, 0x3b7a: 0x000d, 0x3b7b: 0x000d,
+	0x3b7c: 0x000d, 0x3b7d: 0x000d, 0x3b7e: 0x000d, 0x3b7f: 0x000d,
+	// Block 0xee, offset 0x3b80
+	0x3b80: 0x000a, 0x3b81: 0x000a, 0x3b82: 0x000a, 0x3b83: 0x000a, 0x3b84: 0x000a, 0x3b85: 0x000a,
+	0x3b86: 0x000a, 0x3b87: 0x000a, 0x3b88: 0x000a, 0x3b89: 0x000a, 0x3b8a: 0x000a, 0x3b8b: 0x000a,
+	0x3b8c: 0x000a, 0x3b8d: 0x000a, 0x3b8e: 0x000a, 0x3b8f: 0x000a, 0x3b90: 0x000a, 0x3b91: 0x000a,
+	0x3b92: 0x000a, 0x3b93: 0x000a, 0x3b94: 0x000a, 0x3b95: 0x000a, 0x3b96: 0x000a, 0x3b97: 0x000a,
+	0x3b98: 0x000a, 0x3b99: 0x000a, 0x3b9a: 0x000a, 0x3b9b: 0x000a, 0x3b9c: 0x000a, 0x3b9d: 0x000a,
+	0x3b9e: 0x000a, 0x3b9f: 0x000a, 0x3ba0: 0x000a, 0x3ba1: 0x000a, 0x3ba2: 0x000a, 0x3ba3: 0x000a,
+	0x3ba4: 0x000a, 0x3ba5: 0x000a, 0x3ba6: 0x000a, 0x3ba7: 0x000a, 0x3ba8: 0x000a, 0x3ba9: 0x000a,
+	0x3baa: 0x000a, 0x3bab: 0x000a,
+	0x3bb0: 0x000a, 0x3bb1: 0x000a, 0x3bb2: 0x000a, 0x3bb3: 0x000a, 0x3bb4: 0x000a, 0x3bb5: 0x000a,
+	0x3bb6: 0x000a, 0x3bb7: 0x000a, 0x3bb8: 0x000a, 0x3bb9: 0x000a, 0x3bba: 0x000a, 0x3bbb: 0x000a,
+	0x3bbc: 0x000a, 0x3bbd: 0x000a, 0x3bbe: 0x000a, 0x3bbf: 0x000a,
+	// Block 0xef, offset 0x3bc0
+	0x3bc0: 0x000a, 0x3bc1: 0x000a, 0x3bc2: 0x000a, 0x3bc3: 0x000a, 0x3bc4: 0x000a, 0x3bc5: 0x000a,
+	0x3bc6: 0x000a, 0x3bc7: 0x000a, 0x3bc8: 0x000a, 0x3bc9: 0x000a, 0x3bca: 0x000a, 0x3bcb: 0x000a,
+	0x3bcc: 0x000a, 0x3bcd: 0x000a, 0x3bce: 0x000a, 0x3bcf: 0x000a, 0x3bd0: 0x000a, 0x3bd1: 0x000a,
+	0x3bd2: 0x000a, 0x3bd3: 0x000a,
+	0x3be0: 0x000a, 0x3be1: 0x000a, 0x3be2: 0x000a, 0x3be3: 0x000a,
+	0x3be4: 0x000a, 0x3be5: 0x000a, 0x3be6: 0x000a, 0x3be7: 0x000a, 0x3be8: 0x000a, 0x3be9: 0x000a,
+	0x3bea: 0x000a, 0x3beb: 0x000a, 0x3bec: 0x000a, 0x3bed: 0x000a, 0x3bee: 0x000a,
+	0x3bf1: 0x000a, 0x3bf2: 0x000a, 0x3bf3: 0x000a, 0x3bf4: 0x000a, 0x3bf5: 0x000a,
+	0x3bf6: 0x000a, 0x3bf7: 0x000a, 0x3bf8: 0x000a, 0x3bf9: 0x000a, 0x3bfa: 0x000a, 0x3bfb: 0x000a,
+	0x3bfc: 0x000a, 0x3bfd: 0x000a, 0x3bfe: 0x000a, 0x3bff: 0x000a,
+	// Block 0xf0, offset 0x3c00
+	0x3c01: 0x000a, 0x3c02: 0x000a, 0x3c03: 0x000a, 0x3c04: 0x000a, 0x3c05: 0x000a,
+	0x3c06: 0x000a, 0x3c07: 0x000a, 0x3c08: 0x000a, 0x3c09: 0x000a, 0x3c0a: 0x000a, 0x3c0b: 0x000a,
+	0x3c0c: 0x000a, 0x3c0d: 0x000a, 0x3c0e: 0x000a, 0x3c0f: 0x000a, 0x3c11: 0x000a,
+	0x3c12: 0x000a, 0x3c13: 0x000a, 0x3c14: 0x000a, 0x3c15: 0x000a, 0x3c16: 0x000a, 0x3c17: 0x000a,
+	0x3c18: 0x000a, 0x3c19: 0x000a, 0x3c1a: 0x000a, 0x3c1b: 0x000a, 0x3c1c: 0x000a, 0x3c1d: 0x000a,
+	0x3c1e: 0x000a, 0x3c1f: 0x000a, 0x3c20: 0x000a, 0x3c21: 0x000a, 0x3c22: 0x000a, 0x3c23: 0x000a,
+	0x3c24: 0x000a, 0x3c25: 0x000a, 0x3c26: 0x000a, 0x3c27: 0x000a, 0x3c28: 0x000a, 0x3c29: 0x000a,
+	0x3c2a: 0x000a, 0x3c2b: 0x000a, 0x3c2c: 0x000a, 0x3c2d: 0x000a, 0x3c2e: 0x000a, 0x3c2f: 0x000a,
+	0x3c30: 0x000a, 0x3c31: 0x000a, 0x3c32: 0x000a, 0x3c33: 0x000a, 0x3c34: 0x000a, 0x3c35: 0x000a,
+	// Block 0xf1, offset 0x3c40
+	0x3c40: 0x0002, 0x3c41: 0x0002, 0x3c42: 0x0002, 0x3c43: 0x0002, 0x3c44: 0x0002, 0x3c45: 0x0002,
+	0x3c46: 0x0002, 0x3c47: 0x0002, 0x3c48: 0x0002, 0x3c49: 0x0002, 0x3c4a: 0x0002, 0x3c4b: 0x000a,
+	0x3c4c: 0x000a, 0x3c4d: 0x000a, 0x3c4e: 0x000a, 0x3c4f: 0x000a,
+	0x3c6f: 0x000a,
+	// Block 0xf2, offset 0x3c80
+	0x3caa: 0x000a, 0x3cab: 0x000a, 0x3cac: 0x000a, 0x3cad: 0x000a, 0x3cae: 0x000a, 0x3caf: 0x000a,
+	// Block 0xf3, offset 0x3cc0
+	0x3ced: 0x000a,
+	// Block 0xf4, offset 0x3d00
+	0x3d20: 0x000a, 0x3d21: 0x000a, 0x3d22: 0x000a, 0x3d23: 0x000a,
+	0x3d24: 0x000a, 0x3d25: 0x000a,
+	// Block 0xf5, offset 0x3d40
+	0x3d40: 0x000a, 0x3d41: 0x000a, 0x3d42: 0x000a, 0x3d43: 0x000a, 0x3d44: 0x000a, 0x3d45: 0x000a,
+	0x3d46: 0x000a, 0x3d47: 0x000a, 0x3d48: 0x000a, 0x3d49: 0x000a, 0x3d4a: 0x000a, 0x3d4b: 0x000a,
+	0x3d4c: 0x000a, 0x3d4d: 0x000a, 0x3d4e: 0x000a, 0x3d4f: 0x000a, 0x3d50: 0x000a, 0x3d51: 0x000a,
+	0x3d52: 0x000a, 0x3d53: 0x000a, 0x3d54: 0x000a, 0x3d55: 0x000a, 0x3d56: 0x000a, 0x3d57: 0x000a,
+	0x3d5c: 0x000a, 0x3d5d: 0x000a,
+	0x3d5e: 0x000a, 0x3d5f: 0x000a, 0x3d60: 0x000a, 0x3d61: 0x000a, 0x3d62: 0x000a, 0x3d63: 0x000a,
+	0x3d64: 0x000a, 0x3d65: 0x000a, 0x3d66: 0x000a, 0x3d67: 0x000a, 0x3d68: 0x000a, 0x3d69: 0x000a,
+	0x3d6a: 0x000a, 0x3d6b: 0x000a, 0x3d6c: 0x000a,
+	0x3d70: 0x000a, 0x3d71: 0x000a, 0x3d72: 0x000a, 0x3d73: 0x000a, 0x3d74: 0x000a, 0x3d75: 0x000a,
+	0x3d76: 0x000a, 0x3d77: 0x000a, 0x3d78: 0x000a, 0x3d79: 0x000a, 0x3d7a: 0x000a, 0x3d7b: 0x000a,
+	0x3d7c: 0x000a,
+	// Block 0xf6, offset 0x3d80
+	0x3d80: 0x000a, 0x3d81: 0x000a, 0x3d82: 0x000a, 0x3d83: 0x000a, 0x3d84: 0x000a, 0x3d85: 0x000a,
+	0x3d86: 0x000a, 0x3d87: 0x000a, 0x3d88: 0x000a, 0x3d89: 0x000a, 0x3d8a: 0x000a, 0x3d8b: 0x000a,
+	0x3d8c: 0x000a, 0x3d8d: 0x000a, 0x3d8e: 0x000a, 0x3d8f: 0x000a, 0x3d90: 0x000a, 0x3d91: 0x000a,
+	0x3d92: 0x000a, 0x3d93: 0x000a, 0x3d94: 0x000a, 0x3d95: 0x000a, 0x3d96: 0x000a, 0x3d97: 0x000a,
+	0x3d98: 0x000a, 0x3d99: 0x000a, 0x3d9a: 0x000a, 0x3d9b: 0x000a, 0x3d9c: 0x000a, 0x3d9d: 0x000a,
+	0x3d9e: 0x000a, 0x3d9f: 0x000a, 0x3da0: 0x000a, 0x3da1: 0x000a, 0x3da2: 0x000a, 0x3da3: 0x000a,
+	0x3da4: 0x000a, 0x3da5: 0x000a, 0x3da6: 0x000a, 0x3da7: 0x000a, 0x3da8: 0x000a, 0x3da9: 0x000a,
+	0x3daa: 0x000a, 0x3dab: 0x000a, 0x3dac: 0x000a, 0x3dad: 0x000a, 0x3dae: 0x000a, 0x3daf: 0x000a,
+	0x3db0: 0x000a, 0x3db1: 0x000a, 0x3db2: 0x000a, 0x3db3: 0x000a, 0x3db4: 0x000a, 0x3db5: 0x000a,
+	0x3db6: 0x000a, 0x3dbb: 0x000a,
+	0x3dbc: 0x000a, 0x3dbd: 0x000a, 0x3dbe: 0x000a, 0x3dbf: 0x000a,
+	// Block 0xf7, offset 0x3dc0
+	0x3dc0: 0x000a, 0x3dc1: 0x000a, 0x3dc2: 0x000a, 0x3dc3: 0x000a, 0x3dc4: 0x000a, 0x3dc5: 0x000a,
+	0x3dc6: 0x000a, 0x3dc7: 0x000a, 0x3dc8: 0x000a, 0x3dc9: 0x000a, 0x3dca: 0x000a, 0x3dcb: 0x000a,
+	0x3dcc: 0x000a, 0x3dcd: 0x000a, 0x3dce: 0x000a, 0x3dcf: 0x000a, 0x3dd0: 0x000a, 0x3dd1: 0x000a,
+	0x3dd2: 0x000a, 0x3dd3: 0x000a, 0x3dd4: 0x000a, 0x3dd5: 0x000a, 0x3dd6: 0x000a, 0x3dd7: 0x000a,
+	0x3dd8: 0x000a, 0x3dd9: 0x000a,
+	0x3de0: 0x000a, 0x3de1: 0x000a, 0x3de2: 0x000a, 0x3de3: 0x000a,
+	0x3de4: 0x000a, 0x3de5: 0x000a, 0x3de6: 0x000a, 0x3de7: 0x000a, 0x3de8: 0x000a, 0x3de9: 0x000a,
+	0x3dea: 0x000a, 0x3deb: 0x000a,
+	0x3df0: 0x000a,
+	// Block 0xf8, offset 0x3e00
+	0x3e00: 0x000a, 0x3e01: 0x000a, 0x3e02: 0x000a, 0x3e03: 0x000a, 0x3e04: 0x000a, 0x3e05: 0x000a,
+	0x3e06: 0x000a, 0x3e07: 0x000a, 0x3e08: 0x000a, 0x3e09: 0x000a, 0x3e0a: 0x000a, 0x3e0b: 0x000a,
+	0x3e10: 0x000a, 0x3e11: 0x000a,
+	0x3e12: 0x000a, 0x3e13: 0x000a, 0x3e14: 0x000a, 0x3e15: 0x000a, 0x3e16: 0x000a, 0x3e17: 0x000a,
+	0x3e18: 0x000a, 0x3e19: 0x000a, 0x3e1a: 0x000a, 0x3e1b: 0x000a, 0x3e1c: 0x000a, 0x3e1d: 0x000a,
+	0x3e1e: 0x000a, 0x3e1f: 0x000a, 0x3e20: 0x000a, 0x3e21: 0x000a, 0x3e22: 0x000a, 0x3e23: 0x000a,
+	0x3e24: 0x000a, 0x3e25: 0x000a, 0x3e26: 0x000a, 0x3e27: 0x000a, 0x3e28: 0x000a, 0x3e29: 0x000a,
+	0x3e2a: 0x000a, 0x3e2b: 0x000a, 0x3e2c: 0x000a, 0x3e2d: 0x000a, 0x3e2e: 0x000a, 0x3e2f: 0x000a,
+	0x3e30: 0x000a, 0x3e31: 0x000a, 0x3e32: 0x000a, 0x3e33: 0x000a, 0x3e34: 0x000a, 0x3e35: 0x000a,
+	0x3e36: 0x000a, 0x3e37: 0x000a, 0x3e38: 0x000a, 0x3e39: 0x000a, 0x3e3a: 0x000a, 0x3e3b: 0x000a,
+	0x3e3c: 0x000a, 0x3e3d: 0x000a, 0x3e3e: 0x000a, 0x3e3f: 0x000a,
+	// Block 0xf9, offset 0x3e40
+	0x3e40: 0x000a, 0x3e41: 0x000a, 0x3e42: 0x000a, 0x3e43: 0x000a, 0x3e44: 0x000a, 0x3e45: 0x000a,
+	0x3e46: 0x000a, 0x3e47: 0x000a,
+	0x3e50: 0x000a, 0x3e51: 0x000a,
+	0x3e52: 0x000a, 0x3e53: 0x000a, 0x3e54: 0x000a, 0x3e55: 0x000a, 0x3e56: 0x000a, 0x3e57: 0x000a,
+	0x3e58: 0x000a, 0x3e59: 0x000a,
+	0x3e60: 0x000a, 0x3e61: 0x000a, 0x3e62: 0x000a, 0x3e63: 0x000a,
+	0x3e64: 0x000a, 0x3e65: 0x000a, 0x3e66: 0x000a, 0x3e67: 0x000a, 0x3e68: 0x000a, 0x3e69: 0x000a,
+	0x3e6a: 0x000a, 0x3e6b: 0x000a, 0x3e6c: 0x000a, 0x3e6d: 0x000a, 0x3e6e: 0x000a, 0x3e6f: 0x000a,
+	0x3e70: 0x000a, 0x3e71: 0x000a, 0x3e72: 0x000a, 0x3e73: 0x000a, 0x3e74: 0x000a, 0x3e75: 0x000a,
+	0x3e76: 0x000a, 0x3e77: 0x000a, 0x3e78: 0x000a, 0x3e79: 0x000a, 0x3e7a: 0x000a, 0x3e7b: 0x000a,
+	0x3e7c: 0x000a, 0x3e7d: 0x000a, 0x3e7e: 0x000a, 0x3e7f: 0x000a,
+	// Block 0xfa, offset 0x3e80
+	0x3e80: 0x000a, 0x3e81: 0x000a, 0x3e82: 0x000a, 0x3e83: 0x000a, 0x3e84: 0x000a, 0x3e85: 0x000a,
+	0x3e86: 0x000a, 0x3e87: 0x000a,
+	0x3e90: 0x000a, 0x3e91: 0x000a,
+	0x3e92: 0x000a, 0x3e93: 0x000a, 0x3e94: 0x000a, 0x3e95: 0x000a, 0x3e96: 0x000a, 0x3e97: 0x000a,
+	0x3e98: 0x000a, 0x3e99: 0x000a, 0x3e9a: 0x000a, 0x3e9b: 0x000a, 0x3e9c: 0x000a, 0x3e9d: 0x000a,
+	0x3e9e: 0x000a, 0x3e9f: 0x000a, 0x3ea0: 0x000a, 0x3ea1: 0x000a, 0x3ea2: 0x000a, 0x3ea3: 0x000a,
+	0x3ea4: 0x000a, 0x3ea5: 0x000a, 0x3ea6: 0x000a, 0x3ea7: 0x000a, 0x3ea8: 0x000a, 0x3ea9: 0x000a,
+	0x3eaa: 0x000a, 0x3eab: 0x000a, 0x3eac: 0x000a, 0x3ead: 0x000a,
+	0x3eb0: 0x000a, 0x3eb1: 0x000a,
+	// Block 0xfb, offset 0x3ec0
+	0x3ec0: 0x000a, 0x3ec1: 0x000a, 0x3ec2: 0x000a, 0x3ec3: 0x000a, 0x3ec4: 0x000a, 0x3ec5: 0x000a,
+	0x3ec6: 0x000a, 0x3ec7: 0x000a, 0x3ec8: 0x000a, 0x3ec9: 0x000a, 0x3eca: 0x000a, 0x3ecb: 0x000a,
+	0x3ecc: 0x000a, 0x3ecd: 0x000a, 0x3ece: 0x000a, 0x3ecf: 0x000a, 0x3ed0: 0x000a, 0x3ed1: 0x000a,
+	0x3ed2: 0x000a, 0x3ed3: 0x000a,
+	0x3ee0: 0x000a, 0x3ee1: 0x000a, 0x3ee2: 0x000a, 0x3ee3: 0x000a,
+	0x3ee4: 0x000a, 0x3ee5: 0x000a, 0x3ee6: 0x000a, 0x3ee7: 0x000a, 0x3ee8: 0x000a, 0x3ee9: 0x000a,
+	0x3eea: 0x000a, 0x3eeb: 0x000a, 0x3eec: 0x000a, 0x3eed: 0x000a,
+	0x3ef0: 0x000a, 0x3ef1: 0x000a, 0x3ef2: 0x000a, 0x3ef3: 0x000a, 0x3ef4: 0x000a, 0x3ef5: 0x000a,
+	0x3ef6: 0x000a, 0x3ef7: 0x000a, 0x3ef8: 0x000a, 0x3ef9: 0x000a, 0x3efa: 0x000a, 0x3efb: 0x000a,
+	0x3efc: 0x000a,
+	// Block 0xfc, offset 0x3f00
+	0x3f00: 0x000a, 0x3f01: 0x000a, 0x3f02: 0x000a, 0x3f03: 0x000a, 0x3f04: 0x000a, 0x3f05: 0x000a,
+	0x3f06: 0x000a, 0x3f07: 0x000a, 0x3f08: 0x000a,
+	0x3f10: 0x000a, 0x3f11: 0x000a,
+	0x3f12: 0x000a, 0x3f13: 0x000a, 0x3f14: 0x000a, 0x3f15: 0x000a, 0x3f16: 0x000a, 0x3f17: 0x000a,
+	0x3f18: 0x000a, 0x3f19: 0x000a, 0x3f1a: 0x000a, 0x3f1b: 0x000a, 0x3f1c: 0x000a, 0x3f1d: 0x000a,
+	0x3f1e: 0x000a, 0x3f1f: 0x000a, 0x3f20: 0x000a, 0x3f21: 0x000a, 0x3f22: 0x000a, 0x3f23: 0x000a,
+	0x3f24: 0x000a, 0x3f25: 0x000a, 0x3f26: 0x000a, 0x3f27: 0x000a, 0x3f28: 0x000a, 0x3f29: 0x000a,
+	0x3f2a: 0x000a, 0x3f2b: 0x000a, 0x3f2c: 0x000a, 0x3f2d: 0x000a, 0x3f2e: 0x000a, 0x3f2f: 0x000a,
+	0x3f30: 0x000a, 0x3f31: 0x000a, 0x3f32: 0x000a, 0x3f33: 0x000a, 0x3f34: 0x000a, 0x3f35: 0x000a,
+	0x3f36: 0x000a, 0x3f37: 0x000a, 0x3f38: 0x000a, 0x3f39: 0x000a, 0x3f3a: 0x000a, 0x3f3b: 0x000a,
+	0x3f3c: 0x000a, 0x3f3d: 0x000a, 0x3f3f: 0x000a,
+	// Block 0xfd, offset 0x3f40
+	0x3f40: 0x000a, 0x3f41: 0x000a, 0x3f42: 0x000a, 0x3f43: 0x000a, 0x3f44: 0x000a, 0x3f45: 0x000a,
+	0x3f4e: 0x000a, 0x3f4f: 0x000a, 0x3f50: 0x000a, 0x3f51: 0x000a,
+	0x3f52: 0x000a, 0x3f53: 0x000a, 0x3f54: 0x000a, 0x3f55: 0x000a, 0x3f56: 0x000a, 0x3f57: 0x000a,
+	0x3f58: 0x000a, 0x3f59: 0x000a, 0x3f5a: 0x000a, 0x3f5b: 0x000a,
+	0x3f60: 0x000a, 0x3f61: 0x000a, 0x3f62: 0x000a, 0x3f63: 0x000a,
+	0x3f64: 0x000a, 0x3f65: 0x000a, 0x3f66: 0x000a, 0x3f67: 0x000a, 0x3f68: 0x000a,
+	0x3f70: 0x000a, 0x3f71: 0x000a, 0x3f72: 0x000a, 0x3f73: 0x000a, 0x3f74: 0x000a, 0x3f75: 0x000a,
+	0x3f76: 0x000a, 0x3f77: 0x000a, 0x3f78: 0x000a,
+	// Block 0xfe, offset 0x3f80
+	0x3f80: 0x000a, 0x3f81: 0x000a, 0x3f82: 0x000a, 0x3f83: 0x000a, 0x3f84: 0x000a, 0x3f85: 0x000a,
+	0x3f86: 0x000a, 0x3f87: 0x000a, 0x3f88: 0x000a, 0x3f89: 0x000a, 0x3f8a: 0x000a, 0x3f8b: 0x000a,
+	0x3f8c: 0x000a, 0x3f8d: 0x000a, 0x3f8e: 0x000a, 0x3f8f: 0x000a, 0x3f90: 0x000a, 0x3f91: 0x000a,
+	0x3f92: 0x000a, 0x3f94: 0x000a, 0x3f95: 0x000a, 0x3f96: 0x000a, 0x3f97: 0x000a,
+	0x3f98: 0x000a, 0x3f99: 0x000a, 0x3f9a: 0x000a, 0x3f9b: 0x000a, 0x3f9c: 0x000a, 0x3f9d: 0x000a,
+	0x3f9e: 0x000a, 0x3f9f: 0x000a, 0x3fa0: 0x000a, 0x3fa1: 0x000a, 0x3fa2: 0x000a, 0x3fa3: 0x000a,
+	0x3fa4: 0x000a, 0x3fa5: 0x000a, 0x3fa6: 0x000a, 0x3fa7: 0x000a, 0x3fa8: 0x000a, 0x3fa9: 0x000a,
+	0x3faa: 0x000a, 0x3fab: 0x000a, 0x3fac: 0x000a, 0x3fad: 0x000a, 0x3fae: 0x000a, 0x3faf: 0x000a,
+	0x3fb0: 0x000a, 0x3fb1: 0x000a, 0x3fb2: 0x000a, 0x3fb3: 0x000a, 0x3fb4: 0x000a, 0x3fb5: 0x000a,
+	0x3fb6: 0x000a, 0x3fb7: 0x000a, 0x3fb8: 0x000a, 0x3fb9: 0x000a, 0x3fba: 0x000a, 0x3fbb: 0x000a,
+	0x3fbc: 0x000a, 0x3fbd: 0x000a, 0x3fbe: 0x000a, 0x3fbf: 0x000a,
+	// Block 0xff, offset 0x3fc0
+	0x3fc0: 0x000a, 0x3fc1: 0x000a, 0x3fc2: 0x000a, 0x3fc3: 0x000a, 0x3fc4: 0x000a, 0x3fc5: 0x000a,
+	0x3fc6: 0x000a, 0x3fc7: 0x000a, 0x3fc8: 0x000a, 0x3fc9: 0x000a, 0x3fca: 0x000a,
+	0x3ff0: 0x0002, 0x3ff1: 0x0002, 0x3ff2: 0x0002, 0x3ff3: 0x0002, 0x3ff4: 0x0002, 0x3ff5: 0x0002,
+	0x3ff6: 0x0002, 0x3ff7: 0x0002, 0x3ff8: 0x0002, 0x3ff9: 0x0002,
+	// Block 0x100, offset 0x4000
+	0x403e: 0x000b, 0x403f: 0x000b,
+	// Block 0x101, offset 0x4040
+	0x4040: 0x000b, 0x4041: 0x000b, 0x4042: 0x000b, 0x4043: 0x000b, 0x4044: 0x000b, 0x4045: 0x000b,
+	0x4046: 0x000b, 0x4047: 0x000b, 0x4048: 0x000b, 0x4049: 0x000b, 0x404a: 0x000b, 0x404b: 0x000b,
+	0x404c: 0x000b, 0x404d: 0x000b, 0x404e: 0x000b, 0x404f: 0x000b, 0x4050: 0x000b, 0x4051: 0x000b,
+	0x4052: 0x000b, 0x4053: 0x000b, 0x4054: 0x000b, 0x4055: 0x000b, 0x4056: 0x000b, 0x4057: 0x000b,
+	0x4058: 0x000b, 0x4059: 0x000b, 0x405a: 0x000b, 0x405b: 0x000b, 0x405c: 0x000b, 0x405d: 0x000b,
+	0x405e: 0x000b, 0x405f: 0x000b, 0x4060: 0x000b, 0x4061: 0x000b, 0x4062: 0x000b, 0x4063: 0x000b,
+	0x4064: 0x000b, 0x4065: 0x000b, 0x4066: 0x000b, 0x4067: 0x000b, 0x4068: 0x000b, 0x4069: 0x000b,
+	0x406a: 0x000b, 0x406b: 0x000b, 0x406c: 0x000b, 0x406d: 0x000b, 0x406e: 0x000b, 0x406f: 0x000b,
+	0x4070: 0x000b, 0x4071: 0x000b, 0x4072: 0x000b, 0x4073: 0x000b, 0x4074: 0x000b, 0x4075: 0x000b,
+	0x4076: 0x000b, 0x4077: 0x000b, 0x4078: 0x000b, 0x4079: 0x000b, 0x407a: 0x000b, 0x407b: 0x000b,
+	0x407c: 0x000b, 0x407d: 0x000b, 0x407e: 0x000b, 0x407f: 0x000b,
+	// Block 0x102, offset 0x4080
+	0x4080: 0x000c, 0x4081: 0x000c, 0x4082: 0x000c, 0x4083: 0x000c, 0x4084: 0x000c, 0x4085: 0x000c,
+	0x4086: 0x000c, 0x4087: 0x000c, 0x4088: 0x000c, 0x4089: 0x000c, 0x408a: 0x000c, 0x408b: 0x000c,
+	0x408c: 0x000c, 0x408d: 0x000c, 0x408e: 0x000c, 0x408f: 0x000c, 0x4090: 0x000c, 0x4091: 0x000c,
+	0x4092: 0x000c, 0x4093: 0x000c, 0x4094: 0x000c, 0x4095: 0x000c, 0x4096: 0x000c, 0x4097: 0x000c,
+	0x4098: 0x000c, 0x4099: 0x000c, 0x409a: 0x000c, 0x409b: 0x000c, 0x409c: 0x000c, 0x409d: 0x000c,
+	0x409e: 0x000c, 0x409f: 0x000c, 0x40a0: 0x000c, 0x40a1: 0x000c, 0x40a2: 0x000c, 0x40a3: 0x000c,
+	0x40a4: 0x000c, 0x40a5: 0x000c, 0x40a6: 0x000c, 0x40a7: 0x000c, 0x40a8: 0x000c, 0x40a9: 0x000c,
+	0x40aa: 0x000c, 0x40ab: 0x000c, 0x40ac: 0x000c, 0x40ad: 0x000c, 0x40ae: 0x000c, 0x40af: 0x000c,
+	0x40b0: 0x000b, 0x40b1: 0x000b, 0x40b2: 0x000b, 0x40b3: 0x000b, 0x40b4: 0x000b, 0x40b5: 0x000b,
+	0x40b6: 0x000b, 0x40b7: 0x000b, 0x40b8: 0x000b, 0x40b9: 0x000b, 0x40ba: 0x000b, 0x40bb: 0x000b,
+	0x40bc: 0x000b, 0x40bd: 0x000b, 0x40be: 0x000b, 0x40bf: 0x000b,
+}
+
+// bidiIndex: 26 blocks, 1664 entries, 3328 bytes
+// Block 0 is the zero block.
+var bidiIndex = [1664]uint16{
+	// Block 0x0, offset 0x0
+	// Block 0x1, offset 0x40
+	// Block 0x2, offset 0x80
+	// Block 0x3, offset 0xc0
+	0xc2: 0x01, 0xc3: 0x02,
+	0xca: 0x03, 0xcb: 0x04, 0xcc: 0x05, 0xcd: 0x06, 0xce: 0x07, 0xcf: 0x08,
+	0xd2: 0x09, 0xd6: 0x0a, 0xd7: 0x0b,
+	0xd8: 0x0c, 0xd9: 0x0d, 0xda: 0x0e, 0xdb: 0x0f, 0xdc: 0x10, 0xdd: 0x11, 0xde: 0x12, 0xdf: 0x13,
+	0xe0: 0x02, 0xe1: 0x03, 0xe2: 0x04, 0xe3: 0x05, 0xe4: 0x06,
+	0xea: 0x07, 0xef: 0x08,
+	0xf0: 0x13, 0xf1: 0x14, 0xf2: 0x14, 0xf3: 0x16, 0xf4: 0x17,
+	// Block 0x4, offset 0x100
+	0x120: 0x14, 0x121: 0x15, 0x122: 0x16, 0x123: 0x17, 0x124: 0x18, 0x125: 0x19, 0x126: 0x1a, 0x127: 0x1b,
+	0x128: 0x1c, 0x129: 0x1d, 0x12a: 0x1c, 0x12b: 0x1e, 0x12c: 0x1f, 0x12d: 0x20, 0x12e: 0x21, 0x12f: 0x22,
+	0x130: 0x23, 0x131: 0x24, 0x132: 0x1a, 0x133: 0x25, 0x134: 0x26, 0x135: 0x27, 0x136: 0x28, 0x137: 0x29,
+	0x138: 0x2a, 0x139: 0x2b, 0x13a: 0x2c, 0x13b: 0x2d, 0x13c: 0x2e, 0x13d: 0x2f, 0x13e: 0x30, 0x13f: 0x31,
+	// Block 0x5, offset 0x140
+	0x140: 0x32, 0x141: 0x33, 0x142: 0x34,
+	0x14d: 0x35, 0x14e: 0x36,
+	0x150: 0x37,
+	0x15a: 0x38, 0x15c: 0x39, 0x15d: 0x3a, 0x15e: 0x3b, 0x15f: 0x3c,
+	0x160: 0x3d, 0x162: 0x3e, 0x164: 0x3f, 0x165: 0x40, 0x167: 0x41,
+	0x168: 0x42, 0x169: 0x43, 0x16a: 0x44, 0x16b: 0x45, 0x16c: 0x46, 0x16d: 0x47, 0x16e: 0x48, 0x16f: 0x49,
+	0x170: 0x4a, 0x173: 0x4b, 0x177: 0x05,
+	0x17e: 0x4c, 0x17f: 0x4d,
+	// Block 0x6, offset 0x180
+	0x180: 0x4e, 0x181: 0x4f, 0x182: 0x50, 0x183: 0x51, 0x184: 0x52, 0x185: 0x53, 0x186: 0x54, 0x187: 0x55,
+	0x188: 0x56, 0x189: 0x55, 0x18a: 0x55, 0x18b: 0x55, 0x18c: 0x57, 0x18d: 0x58, 0x18e: 0x59, 0x18f: 0x55,
+	0x190: 0x5a, 0x191: 0x5b, 0x192: 0x5c, 0x193: 0x5d, 0x194: 0x55, 0x195: 0x55, 0x196: 0x55, 0x197: 0x55,
+	0x198: 0x55, 0x199: 0x55, 0x19a: 0x5e, 0x19b: 0x55, 0x19c: 0x55, 0x19d: 0x5f, 0x19e: 0x55, 0x19f: 0x60,
+	0x1a4: 0x55, 0x1a5: 0x55, 0x1a6: 0x61, 0x1a7: 0x62,
+	0x1a8: 0x55, 0x1a9: 0x55, 0x1aa: 0x55, 0x1ab: 0x55, 0x1ac: 0x55, 0x1ad: 0x63, 0x1ae: 0x64, 0x1af: 0x55,
+	0x1b3: 0x65, 0x1b5: 0x66, 0x1b7: 0x67,
+	0x1b8: 0x68, 0x1b9: 0x69, 0x1ba: 0x6a, 0x1bb: 0x6b, 0x1bc: 0x55, 0x1bd: 0x55, 0x1be: 0x55, 0x1bf: 0x6c,
+	// Block 0x7, offset 0x1c0
+	0x1c0: 0x6d, 0x1c2: 0x6e, 0x1c3: 0x6f, 0x1c7: 0x70,
+	0x1c8: 0x71, 0x1c9: 0x72, 0x1ca: 0x73, 0x1cb: 0x74, 0x1cd: 0x75, 0x1cf: 0x76,
+	// Block 0x8, offset 0x200
+	0x237: 0x55,
+	// Block 0x9, offset 0x240
+	0x252: 0x77, 0x253: 0x78,
+	0x258: 0x79, 0x259: 0x7a, 0x25a: 0x7b, 0x25b: 0x7c, 0x25c: 0x7d, 0x25e: 0x7e,
+	0x260: 0x7f, 0x261: 0x80, 0x263: 0x81, 0x264: 0x82, 0x265: 0x83, 0x266: 0x84, 0x267: 0x85,
+	0x268: 0x86, 0x269: 0x87, 0x26a: 0x88, 0x26b: 0x89, 0x26d: 0x8a, 0x26f: 0x8b,
+	// Block 0xa, offset 0x280
+	0x2ac: 0x8c, 0x2ad: 0x8d, 0x2ae: 0x0e, 0x2af: 0x0e,
+	0x2b0: 0x0e, 0x2b1: 0x0e, 0x2b2: 0x0e, 0x2b3: 0x0e, 0x2b4: 0x8e, 0x2b5: 0x8f, 0x2b6: 0x0e, 0x2b7: 0x90,
+	0x2b8: 0x91, 0x2b9: 0x92, 0x2ba: 0x0e, 0x2bb: 0x93, 0x2bc: 0x94, 0x2bd: 0x95, 0x2bf: 0x96,
+	// Block 0xb, offset 0x2c0
+	0x2c4: 0x97, 0x2c5: 0x55, 0x2c6: 0x98, 0x2c7: 0x99,
+	0x2cb: 0x9a, 0x2cd: 0x9b,
+	0x2e0: 0x9c, 0x2e1: 0x9c, 0x2e2: 0x9c, 0x2e3: 0x9c, 0x2e4: 0x9d, 0x2e5: 0x9c, 0x2e6: 0x9c, 0x2e7: 0x9c,
+	0x2e8: 0x9e, 0x2e9: 0x9c, 0x2ea: 0x9c, 0x2eb: 0x9f, 0x2ec: 0xa0, 0x2ed: 0x9c, 0x2ee: 0x9c, 0x2ef: 0x9c,
+	0x2f0: 0x9c, 0x2f1: 0x9c, 0x2f2: 0x9c, 0x2f3: 0x9c, 0x2f4: 0xa1, 0x2f5: 0x9c, 0x2f6: 0x9c, 0x2f7: 0x9c,
+	0x2f8: 0x9c, 0x2f9: 0xa2, 0x2fa: 0xa3, 0x2fb: 0xa4, 0x2fc: 0xa5, 0x2fd: 0xa6, 0x2fe: 0xa7, 0x2ff: 0x9c,
+	// Block 0xc, offset 0x300
+	0x300: 0xa8, 0x301: 0xa9, 0x302: 0xaa, 0x303: 0x21, 0x304: 0xab, 0x305: 0xac, 0x306: 0xad, 0x307: 0xae,
+	0x308: 0xaf, 0x309: 0x28, 0x30b: 0xb0, 0x30c: 0x26, 0x30d: 0xb1,
+	0x310: 0xb2, 0x311: 0xb3, 0x312: 0xb4, 0x313: 0xb5, 0x316: 0xb6, 0x317: 0xb7,
+	0x318: 0xb8, 0x319: 0xb9, 0x31a: 0xba, 0x31c: 0xbb,
+	0x320: 0xbc, 0x324: 0xbd, 0x325: 0xbe, 0x327: 0xbf,
+	0x328: 0xc0, 0x329: 0xc1, 0x32a: 0xc2,
+	0x330: 0xc3, 0x332: 0xc4, 0x334: 0xc5, 0x335: 0xc6, 0x336: 0xc7,
+	0x33b: 0xc8, 0x33c: 0xc9, 0x33d: 0xca, 0x33f: 0xcb,
+	// Block 0xd, offset 0x340
+	0x351: 0xcc,
+	// Block 0xe, offset 0x380
+	0x3ab: 0xcd, 0x3ac: 0xce,
+	0x3bd: 0xcf, 0x3be: 0xd0, 0x3bf: 0xd1,
+	// Block 0xf, offset 0x3c0
+	0x3f2: 0xd2,
+	// Block 0x10, offset 0x400
+	0x43c: 0xd3, 0x43d: 0xd4,
+	// Block 0x11, offset 0x440
+	0x445: 0xd5, 0x446: 0xd6, 0x447: 0xd7,
+	0x448: 0x55, 0x449: 0xd8, 0x44c: 0x55, 0x44d: 0xd9,
+	0x45b: 0xda, 0x45c: 0xdb, 0x45d: 0xdc, 0x45e: 0xdd, 0x45f: 0xde,
+	0x468: 0xdf, 0x469: 0xe0, 0x46a: 0xe1,
+	// Block 0x12, offset 0x480
+	0x480: 0xe2, 0x482: 0xcf, 0x484: 0xce,
+	0x48a: 0xe3, 0x48b: 0xe4,
+	0x493: 0xe5,
+	0x4a0: 0x9c, 0x4a1: 0x9c, 0x4a2: 0x9c, 0x4a3: 0xe6, 0x4a4: 0x9c, 0x4a5: 0xe7, 0x4a6: 0x9c, 0x4a7: 0x9c,
+	0x4a8: 0x9c, 0x4a9: 0x9c, 0x4aa: 0x9c, 0x4ab: 0x9c, 0x4ac: 0x9c, 0x4ad: 0x9c, 0x4ae: 0x9c, 0x4af: 0x9c,
+	0x4b0: 0x9c, 0x4b1: 0xe8, 0x4b2: 0xe9, 0x4b3: 0x9c, 0x4b4: 0xea, 0x4b5: 0x9c, 0x4b6: 0x9c, 0x4b7: 0x9c,
+	0x4b8: 0x0e, 0x4b9: 0x0e, 0x4ba: 0x0e, 0x4bb: 0xeb, 0x4bc: 0x9c, 0x4bd: 0x9c, 0x4be: 0x9c, 0x4bf: 0x9c,
+	// Block 0x13, offset 0x4c0
+	0x4c0: 0xec, 0x4c1: 0x55, 0x4c2: 0xed, 0x4c3: 0xee, 0x4c4: 0xef, 0x4c5: 0xf0, 0x4c6: 0xf1,
+	0x4c9: 0xf2, 0x4cc: 0x55, 0x4cd: 0x55, 0x4ce: 0x55, 0x4cf: 0x55,
+	0x4d0: 0x55, 0x4d1: 0x55, 0x4d2: 0x55, 0x4d3: 0x55, 0x4d4: 0x55, 0x4d5: 0x55, 0x4d6: 0x55, 0x4d7: 0x55,
+	0x4d8: 0x55, 0x4d9: 0x55, 0x4da: 0x55, 0x4db: 0xf3, 0x4dc: 0x55, 0x4dd: 0xf4, 0x4de: 0x55, 0x4df: 0xf5,
+	0x4e0: 0xf6, 0x4e1: 0xf7, 0x4e2: 0xf8, 0x4e4: 0x55, 0x4e5: 0x55, 0x4e6: 0x55, 0x4e7: 0x55,
+	0x4e8: 0x55, 0x4e9: 0xf9, 0x4ea: 0xfa, 0x4eb: 0xfb, 0x4ec: 0x55, 0x4ed: 0x55, 0x4ee: 0xfc, 0x4ef: 0xfd,
+	0x4ff: 0xfe,
+	// Block 0x14, offset 0x500
+	0x53f: 0xfe,
+	// Block 0x15, offset 0x540
+	0x550: 0x09, 0x551: 0x0a, 0x553: 0x0b, 0x556: 0x0c,
+	0x55b: 0x0d, 0x55c: 0x0e, 0x55d: 0x0f, 0x55e: 0x10, 0x55f: 0x11,
+	0x56f: 0x12,
+	0x57f: 0x12,
+	// Block 0x16, offset 0x580
+	0x58f: 0x12,
+	0x59f: 0x12,
+	0x5af: 0x12,
+	0x5bf: 0x12,
+	// Block 0x17, offset 0x5c0
+	0x5c0: 0xff, 0x5c1: 0xff, 0x5c2: 0xff, 0x5c3: 0xff, 0x5c4: 0x05, 0x5c5: 0x05, 0x5c6: 0x05, 0x5c7: 0x100,
+	0x5c8: 0xff, 0x5c9: 0xff, 0x5ca: 0xff, 0x5cb: 0xff, 0x5cc: 0xff, 0x5cd: 0xff, 0x5ce: 0xff, 0x5cf: 0xff,
+	0x5d0: 0xff, 0x5d1: 0xff, 0x5d2: 0xff, 0x5d3: 0xff, 0x5d4: 0xff, 0x5d5: 0xff, 0x5d6: 0xff, 0x5d7: 0xff,
+	0x5d8: 0xff, 0x5d9: 0xff, 0x5da: 0xff, 0x5db: 0xff, 0x5dc: 0xff, 0x5dd: 0xff, 0x5de: 0xff, 0x5df: 0xff,
+	0x5e0: 0xff, 0x5e1: 0xff, 0x5e2: 0xff, 0x5e3: 0xff, 0x5e4: 0xff, 0x5e5: 0xff, 0x5e6: 0xff, 0x5e7: 0xff,
+	0x5e8: 0xff, 0x5e9: 0xff, 0x5ea: 0xff, 0x5eb: 0xff, 0x5ec: 0xff, 0x5ed: 0xff, 0x5ee: 0xff, 0x5ef: 0xff,
+	0x5f0: 0xff, 0x5f1: 0xff, 0x5f2: 0xff, 0x5f3: 0xff, 0x5f4: 0xff, 0x5f5: 0xff, 0x5f6: 0xff, 0x5f7: 0xff,
+	0x5f8: 0xff, 0x5f9: 0xff, 0x5fa: 0xff, 0x5fb: 0xff, 0x5fc: 0xff, 0x5fd: 0xff, 0x5fe: 0xff, 0x5ff: 0xff,
+	// Block 0x18, offset 0x600
+	0x60f: 0x12,
+	0x61f: 0x12,
+	0x620: 0x15,
+	0x62f: 0x12,
+	0x63f: 0x12,
+	// Block 0x19, offset 0x640
+	0x64f: 0x12,
+}
+
+// Total table size 19960 bytes (19KiB); checksum: F50EF68C
diff --git a/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go
index 9115ef257..f65785e8a 100644
--- a/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go
+++ b/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go
@@ -1,7 +1,7 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
-//go:build go1.16
-// +build go1.16
+//go:build go1.16 && !go1.21
+// +build go1.16,!go1.21
 
 package norm
 
diff --git a/vendor/golang.org/x/text/unicode/norm/tables15.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables15.0.0.go
new file mode 100644
index 000000000..e1858b879
--- /dev/null
+++ b/vendor/golang.org/x/text/unicode/norm/tables15.0.0.go
@@ -0,0 +1,7908 @@
+// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+
+//go:build go1.21
+// +build go1.21
+
+package norm
+
+import "sync"
+
+const (
+	// Version is the Unicode edition from which the tables are derived.
+	Version = "15.0.0"
+
+	// MaxTransformChunkSize indicates the maximum number of bytes that Transform
+	// may need to write atomically for any Form. Making a destination buffer at
+	// least this size ensures that Transform can always make progress and that
+	// the user does not need to grow the buffer on an ErrShortDst.
+	MaxTransformChunkSize = 35 + maxNonStarters*4
+)
+
+var ccc = [56]uint8{
+	0, 1, 6, 7, 8, 9, 10, 11,
+	12, 13, 14, 15, 16, 17, 18, 19,
+	20, 21, 22, 23, 24, 25, 26, 27,
+	28, 29, 30, 31, 32, 33, 34, 35,
+	36, 84, 91, 103, 107, 118, 122, 129,
+	130, 132, 202, 214, 216, 218, 220, 222,
+	224, 226, 228, 230, 232, 233, 234, 240,
+}
+
+const (
+	firstMulti            = 0x199A
+	firstCCC              = 0x2DD5
+	endMulti              = 0x30A1
+	firstLeadingCCC       = 0x4AEF
+	firstCCCZeroExcept    = 0x4BB9
+	firstStarterWithNLead = 0x4BE0
+	lastDecomp            = 0x4BE2
+	maxDecomp             = 0x8000
+)
+
+// decomps: 19426 bytes
+var decomps = [...]byte{
+	// Bytes 0 - 3f
+	0x00, 0x41, 0x20, 0x41, 0x21, 0x41, 0x22, 0x41,
+	0x23, 0x41, 0x24, 0x41, 0x25, 0x41, 0x26, 0x41,
+	0x27, 0x41, 0x28, 0x41, 0x29, 0x41, 0x2A, 0x41,
+	0x2B, 0x41, 0x2C, 0x41, 0x2D, 0x41, 0x2E, 0x41,
+	0x2F, 0x41, 0x30, 0x41, 0x31, 0x41, 0x32, 0x41,
+	0x33, 0x41, 0x34, 0x41, 0x35, 0x41, 0x36, 0x41,
+	0x37, 0x41, 0x38, 0x41, 0x39, 0x41, 0x3A, 0x41,
+	0x3B, 0x41, 0x3C, 0x41, 0x3D, 0x41, 0x3E, 0x41,
+	// Bytes 40 - 7f
+	0x3F, 0x41, 0x40, 0x41, 0x41, 0x41, 0x42, 0x41,
+	0x43, 0x41, 0x44, 0x41, 0x45, 0x41, 0x46, 0x41,
+	0x47, 0x41, 0x48, 0x41, 0x49, 0x41, 0x4A, 0x41,
+	0x4B, 0x41, 0x4C, 0x41, 0x4D, 0x41, 0x4E, 0x41,
+	0x4F, 0x41, 0x50, 0x41, 0x51, 0x41, 0x52, 0x41,
+	0x53, 0x41, 0x54, 0x41, 0x55, 0x41, 0x56, 0x41,
+	0x57, 0x41, 0x58, 0x41, 0x59, 0x41, 0x5A, 0x41,
+	0x5B, 0x41, 0x5C, 0x41, 0x5D, 0x41, 0x5E, 0x41,
+	// Bytes 80 - bf
+	0x5F, 0x41, 0x60, 0x41, 0x61, 0x41, 0x62, 0x41,
+	0x63, 0x41, 0x64, 0x41, 0x65, 0x41, 0x66, 0x41,
+	0x67, 0x41, 0x68, 0x41, 0x69, 0x41, 0x6A, 0x41,
+	0x6B, 0x41, 0x6C, 0x41, 0x6D, 0x41, 0x6E, 0x41,
+	0x6F, 0x41, 0x70, 0x41, 0x71, 0x41, 0x72, 0x41,
+	0x73, 0x41, 0x74, 0x41, 0x75, 0x41, 0x76, 0x41,
+	0x77, 0x41, 0x78, 0x41, 0x79, 0x41, 0x7A, 0x41,
+	0x7B, 0x41, 0x7C, 0x41, 0x7D, 0x41, 0x7E, 0x42,
+	// Bytes c0 - ff
+	0xC2, 0xA2, 0x42, 0xC2, 0xA3, 0x42, 0xC2, 0xA5,
+	0x42, 0xC2, 0xA6, 0x42, 0xC2, 0xAC, 0x42, 0xC2,
+	0xB7, 0x42, 0xC3, 0x86, 0x42, 0xC3, 0xA6, 0x42,
+	0xC3, 0xB0, 0x42, 0xC3, 0xB8, 0x42, 0xC4, 0xA6,
+	0x42, 0xC4, 0xA7, 0x42, 0xC4, 0xB1, 0x42, 0xC5,
+	0x8B, 0x42, 0xC5, 0x93, 0x42, 0xC6, 0x8E, 0x42,
+	0xC6, 0x90, 0x42, 0xC6, 0xAB, 0x42, 0xC7, 0x80,
+	0x42, 0xC7, 0x81, 0x42, 0xC7, 0x82, 0x42, 0xC8,
+	// Bytes 100 - 13f
+	0xA2, 0x42, 0xC8, 0xB7, 0x42, 0xC9, 0x90, 0x42,
+	0xC9, 0x91, 0x42, 0xC9, 0x92, 0x42, 0xC9, 0x93,
+	0x42, 0xC9, 0x94, 0x42, 0xC9, 0x95, 0x42, 0xC9,
+	0x96, 0x42, 0xC9, 0x97, 0x42, 0xC9, 0x98, 0x42,
+	0xC9, 0x99, 0x42, 0xC9, 0x9B, 0x42, 0xC9, 0x9C,
+	0x42, 0xC9, 0x9E, 0x42, 0xC9, 0x9F, 0x42, 0xC9,
+	0xA0, 0x42, 0xC9, 0xA1, 0x42, 0xC9, 0xA2, 0x42,
+	0xC9, 0xA3, 0x42, 0xC9, 0xA4, 0x42, 0xC9, 0xA5,
+	// Bytes 140 - 17f
+	0x42, 0xC9, 0xA6, 0x42, 0xC9, 0xA7, 0x42, 0xC9,
+	0xA8, 0x42, 0xC9, 0xA9, 0x42, 0xC9, 0xAA, 0x42,
+	0xC9, 0xAB, 0x42, 0xC9, 0xAC, 0x42, 0xC9, 0xAD,
+	0x42, 0xC9, 0xAE, 0x42, 0xC9, 0xAF, 0x42, 0xC9,
+	0xB0, 0x42, 0xC9, 0xB1, 0x42, 0xC9, 0xB2, 0x42,
+	0xC9, 0xB3, 0x42, 0xC9, 0xB4, 0x42, 0xC9, 0xB5,
+	0x42, 0xC9, 0xB6, 0x42, 0xC9, 0xB7, 0x42, 0xC9,
+	0xB8, 0x42, 0xC9, 0xB9, 0x42, 0xC9, 0xBA, 0x42,
+	// Bytes 180 - 1bf
+	0xC9, 0xBB, 0x42, 0xC9, 0xBD, 0x42, 0xC9, 0xBE,
+	0x42, 0xCA, 0x80, 0x42, 0xCA, 0x81, 0x42, 0xCA,
+	0x82, 0x42, 0xCA, 0x83, 0x42, 0xCA, 0x84, 0x42,
+	0xCA, 0x88, 0x42, 0xCA, 0x89, 0x42, 0xCA, 0x8A,
+	0x42, 0xCA, 0x8B, 0x42, 0xCA, 0x8C, 0x42, 0xCA,
+	0x8D, 0x42, 0xCA, 0x8E, 0x42, 0xCA, 0x8F, 0x42,
+	0xCA, 0x90, 0x42, 0xCA, 0x91, 0x42, 0xCA, 0x92,
+	0x42, 0xCA, 0x95, 0x42, 0xCA, 0x98, 0x42, 0xCA,
+	// Bytes 1c0 - 1ff
+	0x99, 0x42, 0xCA, 0x9B, 0x42, 0xCA, 0x9C, 0x42,
+	0xCA, 0x9D, 0x42, 0xCA, 0x9F, 0x42, 0xCA, 0xA1,
+	0x42, 0xCA, 0xA2, 0x42, 0xCA, 0xA3, 0x42, 0xCA,
+	0xA4, 0x42, 0xCA, 0xA5, 0x42, 0xCA, 0xA6, 0x42,
+	0xCA, 0xA7, 0x42, 0xCA, 0xA8, 0x42, 0xCA, 0xA9,
+	0x42, 0xCA, 0xAA, 0x42, 0xCA, 0xAB, 0x42, 0xCA,
+	0xB9, 0x42, 0xCB, 0x90, 0x42, 0xCB, 0x91, 0x42,
+	0xCE, 0x91, 0x42, 0xCE, 0x92, 0x42, 0xCE, 0x93,
+	// Bytes 200 - 23f
+	0x42, 0xCE, 0x94, 0x42, 0xCE, 0x95, 0x42, 0xCE,
+	0x96, 0x42, 0xCE, 0x97, 0x42, 0xCE, 0x98, 0x42,
+	0xCE, 0x99, 0x42, 0xCE, 0x9A, 0x42, 0xCE, 0x9B,
+	0x42, 0xCE, 0x9C, 0x42, 0xCE, 0x9D, 0x42, 0xCE,
+	0x9E, 0x42, 0xCE, 0x9F, 0x42, 0xCE, 0xA0, 0x42,
+	0xCE, 0xA1, 0x42, 0xCE, 0xA3, 0x42, 0xCE, 0xA4,
+	0x42, 0xCE, 0xA5, 0x42, 0xCE, 0xA6, 0x42, 0xCE,
+	0xA7, 0x42, 0xCE, 0xA8, 0x42, 0xCE, 0xA9, 0x42,
+	// Bytes 240 - 27f
+	0xCE, 0xB1, 0x42, 0xCE, 0xB2, 0x42, 0xCE, 0xB3,
+	0x42, 0xCE, 0xB4, 0x42, 0xCE, 0xB5, 0x42, 0xCE,
+	0xB6, 0x42, 0xCE, 0xB7, 0x42, 0xCE, 0xB8, 0x42,
+	0xCE, 0xB9, 0x42, 0xCE, 0xBA, 0x42, 0xCE, 0xBB,
+	0x42, 0xCE, 0xBC, 0x42, 0xCE, 0xBD, 0x42, 0xCE,
+	0xBE, 0x42, 0xCE, 0xBF, 0x42, 0xCF, 0x80, 0x42,
+	0xCF, 0x81, 0x42, 0xCF, 0x82, 0x42, 0xCF, 0x83,
+	0x42, 0xCF, 0x84, 0x42, 0xCF, 0x85, 0x42, 0xCF,
+	// Bytes 280 - 2bf
+	0x86, 0x42, 0xCF, 0x87, 0x42, 0xCF, 0x88, 0x42,
+	0xCF, 0x89, 0x42, 0xCF, 0x9C, 0x42, 0xCF, 0x9D,
+	0x42, 0xD0, 0xB0, 0x42, 0xD0, 0xB1, 0x42, 0xD0,
+	0xB2, 0x42, 0xD0, 0xB3, 0x42, 0xD0, 0xB4, 0x42,
+	0xD0, 0xB5, 0x42, 0xD0, 0xB6, 0x42, 0xD0, 0xB7,
+	0x42, 0xD0, 0xB8, 0x42, 0xD0, 0xBA, 0x42, 0xD0,
+	0xBB, 0x42, 0xD0, 0xBC, 0x42, 0xD0, 0xBD, 0x42,
+	0xD0, 0xBE, 0x42, 0xD0, 0xBF, 0x42, 0xD1, 0x80,
+	// Bytes 2c0 - 2ff
+	0x42, 0xD1, 0x81, 0x42, 0xD1, 0x82, 0x42, 0xD1,
+	0x83, 0x42, 0xD1, 0x84, 0x42, 0xD1, 0x85, 0x42,
+	0xD1, 0x86, 0x42, 0xD1, 0x87, 0x42, 0xD1, 0x88,
+	0x42, 0xD1, 0x8A, 0x42, 0xD1, 0x8B, 0x42, 0xD1,
+	0x8C, 0x42, 0xD1, 0x8D, 0x42, 0xD1, 0x8E, 0x42,
+	0xD1, 0x95, 0x42, 0xD1, 0x96, 0x42, 0xD1, 0x98,
+	0x42, 0xD1, 0x9F, 0x42, 0xD2, 0x91, 0x42, 0xD2,
+	0xAB, 0x42, 0xD2, 0xAF, 0x42, 0xD2, 0xB1, 0x42,
+	// Bytes 300 - 33f
+	0xD3, 0x8F, 0x42, 0xD3, 0x99, 0x42, 0xD3, 0xA9,
+	0x42, 0xD7, 0x90, 0x42, 0xD7, 0x91, 0x42, 0xD7,
+	0x92, 0x42, 0xD7, 0x93, 0x42, 0xD7, 0x94, 0x42,
+	0xD7, 0x9B, 0x42, 0xD7, 0x9C, 0x42, 0xD7, 0x9D,
+	0x42, 0xD7, 0xA2, 0x42, 0xD7, 0xA8, 0x42, 0xD7,
+	0xAA, 0x42, 0xD8, 0xA1, 0x42, 0xD8, 0xA7, 0x42,
+	0xD8, 0xA8, 0x42, 0xD8, 0xA9, 0x42, 0xD8, 0xAA,
+	0x42, 0xD8, 0xAB, 0x42, 0xD8, 0xAC, 0x42, 0xD8,
+	// Bytes 340 - 37f
+	0xAD, 0x42, 0xD8, 0xAE, 0x42, 0xD8, 0xAF, 0x42,
+	0xD8, 0xB0, 0x42, 0xD8, 0xB1, 0x42, 0xD8, 0xB2,
+	0x42, 0xD8, 0xB3, 0x42, 0xD8, 0xB4, 0x42, 0xD8,
+	0xB5, 0x42, 0xD8, 0xB6, 0x42, 0xD8, 0xB7, 0x42,
+	0xD8, 0xB8, 0x42, 0xD8, 0xB9, 0x42, 0xD8, 0xBA,
+	0x42, 0xD9, 0x81, 0x42, 0xD9, 0x82, 0x42, 0xD9,
+	0x83, 0x42, 0xD9, 0x84, 0x42, 0xD9, 0x85, 0x42,
+	0xD9, 0x86, 0x42, 0xD9, 0x87, 0x42, 0xD9, 0x88,
+	// Bytes 380 - 3bf
+	0x42, 0xD9, 0x89, 0x42, 0xD9, 0x8A, 0x42, 0xD9,
+	0xAE, 0x42, 0xD9, 0xAF, 0x42, 0xD9, 0xB1, 0x42,
+	0xD9, 0xB9, 0x42, 0xD9, 0xBA, 0x42, 0xD9, 0xBB,
+	0x42, 0xD9, 0xBE, 0x42, 0xD9, 0xBF, 0x42, 0xDA,
+	0x80, 0x42, 0xDA, 0x83, 0x42, 0xDA, 0x84, 0x42,
+	0xDA, 0x86, 0x42, 0xDA, 0x87, 0x42, 0xDA, 0x88,
+	0x42, 0xDA, 0x8C, 0x42, 0xDA, 0x8D, 0x42, 0xDA,
+	0x8E, 0x42, 0xDA, 0x91, 0x42, 0xDA, 0x98, 0x42,
+	// Bytes 3c0 - 3ff
+	0xDA, 0xA1, 0x42, 0xDA, 0xA4, 0x42, 0xDA, 0xA6,
+	0x42, 0xDA, 0xA9, 0x42, 0xDA, 0xAD, 0x42, 0xDA,
+	0xAF, 0x42, 0xDA, 0xB1, 0x42, 0xDA, 0xB3, 0x42,
+	0xDA, 0xBA, 0x42, 0xDA, 0xBB, 0x42, 0xDA, 0xBE,
+	0x42, 0xDB, 0x81, 0x42, 0xDB, 0x85, 0x42, 0xDB,
+	0x86, 0x42, 0xDB, 0x87, 0x42, 0xDB, 0x88, 0x42,
+	0xDB, 0x89, 0x42, 0xDB, 0x8B, 0x42, 0xDB, 0x8C,
+	0x42, 0xDB, 0x90, 0x42, 0xDB, 0x92, 0x43, 0xE0,
+	// Bytes 400 - 43f
+	0xBC, 0x8B, 0x43, 0xE1, 0x83, 0x9C, 0x43, 0xE1,
+	0x84, 0x80, 0x43, 0xE1, 0x84, 0x81, 0x43, 0xE1,
+	0x84, 0x82, 0x43, 0xE1, 0x84, 0x83, 0x43, 0xE1,
+	0x84, 0x84, 0x43, 0xE1, 0x84, 0x85, 0x43, 0xE1,
+	0x84, 0x86, 0x43, 0xE1, 0x84, 0x87, 0x43, 0xE1,
+	0x84, 0x88, 0x43, 0xE1, 0x84, 0x89, 0x43, 0xE1,
+	0x84, 0x8A, 0x43, 0xE1, 0x84, 0x8B, 0x43, 0xE1,
+	0x84, 0x8C, 0x43, 0xE1, 0x84, 0x8D, 0x43, 0xE1,
+	// Bytes 440 - 47f
+	0x84, 0x8E, 0x43, 0xE1, 0x84, 0x8F, 0x43, 0xE1,
+	0x84, 0x90, 0x43, 0xE1, 0x84, 0x91, 0x43, 0xE1,
+	0x84, 0x92, 0x43, 0xE1, 0x84, 0x94, 0x43, 0xE1,
+	0x84, 0x95, 0x43, 0xE1, 0x84, 0x9A, 0x43, 0xE1,
+	0x84, 0x9C, 0x43, 0xE1, 0x84, 0x9D, 0x43, 0xE1,
+	0x84, 0x9E, 0x43, 0xE1, 0x84, 0xA0, 0x43, 0xE1,
+	0x84, 0xA1, 0x43, 0xE1, 0x84, 0xA2, 0x43, 0xE1,
+	0x84, 0xA3, 0x43, 0xE1, 0x84, 0xA7, 0x43, 0xE1,
+	// Bytes 480 - 4bf
+	0x84, 0xA9, 0x43, 0xE1, 0x84, 0xAB, 0x43, 0xE1,
+	0x84, 0xAC, 0x43, 0xE1, 0x84, 0xAD, 0x43, 0xE1,
+	0x84, 0xAE, 0x43, 0xE1, 0x84, 0xAF, 0x43, 0xE1,
+	0x84, 0xB2, 0x43, 0xE1, 0x84, 0xB6, 0x43, 0xE1,
+	0x85, 0x80, 0x43, 0xE1, 0x85, 0x87, 0x43, 0xE1,
+	0x85, 0x8C, 0x43, 0xE1, 0x85, 0x97, 0x43, 0xE1,
+	0x85, 0x98, 0x43, 0xE1, 0x85, 0x99, 0x43, 0xE1,
+	0x85, 0xA0, 0x43, 0xE1, 0x86, 0x84, 0x43, 0xE1,
+	// Bytes 4c0 - 4ff
+	0x86, 0x85, 0x43, 0xE1, 0x86, 0x88, 0x43, 0xE1,
+	0x86, 0x91, 0x43, 0xE1, 0x86, 0x92, 0x43, 0xE1,
+	0x86, 0x94, 0x43, 0xE1, 0x86, 0x9E, 0x43, 0xE1,
+	0x86, 0xA1, 0x43, 0xE1, 0x87, 0x87, 0x43, 0xE1,
+	0x87, 0x88, 0x43, 0xE1, 0x87, 0x8C, 0x43, 0xE1,
+	0x87, 0x8E, 0x43, 0xE1, 0x87, 0x93, 0x43, 0xE1,
+	0x87, 0x97, 0x43, 0xE1, 0x87, 0x99, 0x43, 0xE1,
+	0x87, 0x9D, 0x43, 0xE1, 0x87, 0x9F, 0x43, 0xE1,
+	// Bytes 500 - 53f
+	0x87, 0xB1, 0x43, 0xE1, 0x87, 0xB2, 0x43, 0xE1,
+	0xB4, 0x82, 0x43, 0xE1, 0xB4, 0x96, 0x43, 0xE1,
+	0xB4, 0x97, 0x43, 0xE1, 0xB4, 0x9C, 0x43, 0xE1,
+	0xB4, 0x9D, 0x43, 0xE1, 0xB4, 0xA5, 0x43, 0xE1,
+	0xB5, 0xBB, 0x43, 0xE1, 0xB6, 0x85, 0x43, 0xE1,
+	0xB6, 0x91, 0x43, 0xE2, 0x80, 0x82, 0x43, 0xE2,
+	0x80, 0x83, 0x43, 0xE2, 0x80, 0x90, 0x43, 0xE2,
+	0x80, 0x93, 0x43, 0xE2, 0x80, 0x94, 0x43, 0xE2,
+	// Bytes 540 - 57f
+	0x82, 0xA9, 0x43, 0xE2, 0x86, 0x90, 0x43, 0xE2,
+	0x86, 0x91, 0x43, 0xE2, 0x86, 0x92, 0x43, 0xE2,
+	0x86, 0x93, 0x43, 0xE2, 0x88, 0x82, 0x43, 0xE2,
+	0x88, 0x87, 0x43, 0xE2, 0x88, 0x91, 0x43, 0xE2,
+	0x88, 0x92, 0x43, 0xE2, 0x94, 0x82, 0x43, 0xE2,
+	0x96, 0xA0, 0x43, 0xE2, 0x97, 0x8B, 0x43, 0xE2,
+	0xA6, 0x85, 0x43, 0xE2, 0xA6, 0x86, 0x43, 0xE2,
+	0xB1, 0xB1, 0x43, 0xE2, 0xB5, 0xA1, 0x43, 0xE3,
+	// Bytes 580 - 5bf
+	0x80, 0x81, 0x43, 0xE3, 0x80, 0x82, 0x43, 0xE3,
+	0x80, 0x88, 0x43, 0xE3, 0x80, 0x89, 0x43, 0xE3,
+	0x80, 0x8A, 0x43, 0xE3, 0x80, 0x8B, 0x43, 0xE3,
+	0x80, 0x8C, 0x43, 0xE3, 0x80, 0x8D, 0x43, 0xE3,
+	0x80, 0x8E, 0x43, 0xE3, 0x80, 0x8F, 0x43, 0xE3,
+	0x80, 0x90, 0x43, 0xE3, 0x80, 0x91, 0x43, 0xE3,
+	0x80, 0x92, 0x43, 0xE3, 0x80, 0x94, 0x43, 0xE3,
+	0x80, 0x95, 0x43, 0xE3, 0x80, 0x96, 0x43, 0xE3,
+	// Bytes 5c0 - 5ff
+	0x80, 0x97, 0x43, 0xE3, 0x82, 0xA1, 0x43, 0xE3,
+	0x82, 0xA2, 0x43, 0xE3, 0x82, 0xA3, 0x43, 0xE3,
+	0x82, 0xA4, 0x43, 0xE3, 0x82, 0xA5, 0x43, 0xE3,
+	0x82, 0xA6, 0x43, 0xE3, 0x82, 0xA7, 0x43, 0xE3,
+	0x82, 0xA8, 0x43, 0xE3, 0x82, 0xA9, 0x43, 0xE3,
+	0x82, 0xAA, 0x43, 0xE3, 0x82, 0xAB, 0x43, 0xE3,
+	0x82, 0xAD, 0x43, 0xE3, 0x82, 0xAF, 0x43, 0xE3,
+	0x82, 0xB1, 0x43, 0xE3, 0x82, 0xB3, 0x43, 0xE3,
+	// Bytes 600 - 63f
+	0x82, 0xB5, 0x43, 0xE3, 0x82, 0xB7, 0x43, 0xE3,
+	0x82, 0xB9, 0x43, 0xE3, 0x82, 0xBB, 0x43, 0xE3,
+	0x82, 0xBD, 0x43, 0xE3, 0x82, 0xBF, 0x43, 0xE3,
+	0x83, 0x81, 0x43, 0xE3, 0x83, 0x83, 0x43, 0xE3,
+	0x83, 0x84, 0x43, 0xE3, 0x83, 0x86, 0x43, 0xE3,
+	0x83, 0x88, 0x43, 0xE3, 0x83, 0x8A, 0x43, 0xE3,
+	0x83, 0x8B, 0x43, 0xE3, 0x83, 0x8C, 0x43, 0xE3,
+	0x83, 0x8D, 0x43, 0xE3, 0x83, 0x8E, 0x43, 0xE3,
+	// Bytes 640 - 67f
+	0x83, 0x8F, 0x43, 0xE3, 0x83, 0x92, 0x43, 0xE3,
+	0x83, 0x95, 0x43, 0xE3, 0x83, 0x98, 0x43, 0xE3,
+	0x83, 0x9B, 0x43, 0xE3, 0x83, 0x9E, 0x43, 0xE3,
+	0x83, 0x9F, 0x43, 0xE3, 0x83, 0xA0, 0x43, 0xE3,
+	0x83, 0xA1, 0x43, 0xE3, 0x83, 0xA2, 0x43, 0xE3,
+	0x83, 0xA3, 0x43, 0xE3, 0x83, 0xA4, 0x43, 0xE3,
+	0x83, 0xA5, 0x43, 0xE3, 0x83, 0xA6, 0x43, 0xE3,
+	0x83, 0xA7, 0x43, 0xE3, 0x83, 0xA8, 0x43, 0xE3,
+	// Bytes 680 - 6bf
+	0x83, 0xA9, 0x43, 0xE3, 0x83, 0xAA, 0x43, 0xE3,
+	0x83, 0xAB, 0x43, 0xE3, 0x83, 0xAC, 0x43, 0xE3,
+	0x83, 0xAD, 0x43, 0xE3, 0x83, 0xAF, 0x43, 0xE3,
+	0x83, 0xB0, 0x43, 0xE3, 0x83, 0xB1, 0x43, 0xE3,
+	0x83, 0xB2, 0x43, 0xE3, 0x83, 0xB3, 0x43, 0xE3,
+	0x83, 0xBB, 0x43, 0xE3, 0x83, 0xBC, 0x43, 0xE3,
+	0x92, 0x9E, 0x43, 0xE3, 0x92, 0xB9, 0x43, 0xE3,
+	0x92, 0xBB, 0x43, 0xE3, 0x93, 0x9F, 0x43, 0xE3,
+	// Bytes 6c0 - 6ff
+	0x94, 0x95, 0x43, 0xE3, 0x9B, 0xAE, 0x43, 0xE3,
+	0x9B, 0xBC, 0x43, 0xE3, 0x9E, 0x81, 0x43, 0xE3,
+	0xA0, 0xAF, 0x43, 0xE3, 0xA1, 0xA2, 0x43, 0xE3,
+	0xA1, 0xBC, 0x43, 0xE3, 0xA3, 0x87, 0x43, 0xE3,
+	0xA3, 0xA3, 0x43, 0xE3, 0xA4, 0x9C, 0x43, 0xE3,
+	0xA4, 0xBA, 0x43, 0xE3, 0xA8, 0xAE, 0x43, 0xE3,
+	0xA9, 0xAC, 0x43, 0xE3, 0xAB, 0xA4, 0x43, 0xE3,
+	0xAC, 0x88, 0x43, 0xE3, 0xAC, 0x99, 0x43, 0xE3,
+	// Bytes 700 - 73f
+	0xAD, 0x89, 0x43, 0xE3, 0xAE, 0x9D, 0x43, 0xE3,
+	0xB0, 0x98, 0x43, 0xE3, 0xB1, 0x8E, 0x43, 0xE3,
+	0xB4, 0xB3, 0x43, 0xE3, 0xB6, 0x96, 0x43, 0xE3,
+	0xBA, 0xAC, 0x43, 0xE3, 0xBA, 0xB8, 0x43, 0xE3,
+	0xBC, 0x9B, 0x43, 0xE3, 0xBF, 0xBC, 0x43, 0xE4,
+	0x80, 0x88, 0x43, 0xE4, 0x80, 0x98, 0x43, 0xE4,
+	0x80, 0xB9, 0x43, 0xE4, 0x81, 0x86, 0x43, 0xE4,
+	0x82, 0x96, 0x43, 0xE4, 0x83, 0xA3, 0x43, 0xE4,
+	// Bytes 740 - 77f
+	0x84, 0xAF, 0x43, 0xE4, 0x88, 0x82, 0x43, 0xE4,
+	0x88, 0xA7, 0x43, 0xE4, 0x8A, 0xA0, 0x43, 0xE4,
+	0x8C, 0x81, 0x43, 0xE4, 0x8C, 0xB4, 0x43, 0xE4,
+	0x8D, 0x99, 0x43, 0xE4, 0x8F, 0x95, 0x43, 0xE4,
+	0x8F, 0x99, 0x43, 0xE4, 0x90, 0x8B, 0x43, 0xE4,
+	0x91, 0xAB, 0x43, 0xE4, 0x94, 0xAB, 0x43, 0xE4,
+	0x95, 0x9D, 0x43, 0xE4, 0x95, 0xA1, 0x43, 0xE4,
+	0x95, 0xAB, 0x43, 0xE4, 0x97, 0x97, 0x43, 0xE4,
+	// Bytes 780 - 7bf
+	0x97, 0xB9, 0x43, 0xE4, 0x98, 0xB5, 0x43, 0xE4,
+	0x9A, 0xBE, 0x43, 0xE4, 0x9B, 0x87, 0x43, 0xE4,
+	0xA6, 0x95, 0x43, 0xE4, 0xA7, 0xA6, 0x43, 0xE4,
+	0xA9, 0xAE, 0x43, 0xE4, 0xA9, 0xB6, 0x43, 0xE4,
+	0xAA, 0xB2, 0x43, 0xE4, 0xAC, 0xB3, 0x43, 0xE4,
+	0xAF, 0x8E, 0x43, 0xE4, 0xB3, 0x8E, 0x43, 0xE4,
+	0xB3, 0xAD, 0x43, 0xE4, 0xB3, 0xB8, 0x43, 0xE4,
+	0xB5, 0x96, 0x43, 0xE4, 0xB8, 0x80, 0x43, 0xE4,
+	// Bytes 7c0 - 7ff
+	0xB8, 0x81, 0x43, 0xE4, 0xB8, 0x83, 0x43, 0xE4,
+	0xB8, 0x89, 0x43, 0xE4, 0xB8, 0x8A, 0x43, 0xE4,
+	0xB8, 0x8B, 0x43, 0xE4, 0xB8, 0x8D, 0x43, 0xE4,
+	0xB8, 0x99, 0x43, 0xE4, 0xB8, 0xA6, 0x43, 0xE4,
+	0xB8, 0xA8, 0x43, 0xE4, 0xB8, 0xAD, 0x43, 0xE4,
+	0xB8, 0xB2, 0x43, 0xE4, 0xB8, 0xB6, 0x43, 0xE4,
+	0xB8, 0xB8, 0x43, 0xE4, 0xB8, 0xB9, 0x43, 0xE4,
+	0xB8, 0xBD, 0x43, 0xE4, 0xB8, 0xBF, 0x43, 0xE4,
+	// Bytes 800 - 83f
+	0xB9, 0x81, 0x43, 0xE4, 0xB9, 0x99, 0x43, 0xE4,
+	0xB9, 0x9D, 0x43, 0xE4, 0xBA, 0x82, 0x43, 0xE4,
+	0xBA, 0x85, 0x43, 0xE4, 0xBA, 0x86, 0x43, 0xE4,
+	0xBA, 0x8C, 0x43, 0xE4, 0xBA, 0x94, 0x43, 0xE4,
+	0xBA, 0xA0, 0x43, 0xE4, 0xBA, 0xA4, 0x43, 0xE4,
+	0xBA, 0xAE, 0x43, 0xE4, 0xBA, 0xBA, 0x43, 0xE4,
+	0xBB, 0x80, 0x43, 0xE4, 0xBB, 0x8C, 0x43, 0xE4,
+	0xBB, 0xA4, 0x43, 0xE4, 0xBC, 0x81, 0x43, 0xE4,
+	// Bytes 840 - 87f
+	0xBC, 0x91, 0x43, 0xE4, 0xBD, 0xA0, 0x43, 0xE4,
+	0xBE, 0x80, 0x43, 0xE4, 0xBE, 0x86, 0x43, 0xE4,
+	0xBE, 0x8B, 0x43, 0xE4, 0xBE, 0xAE, 0x43, 0xE4,
+	0xBE, 0xBB, 0x43, 0xE4, 0xBE, 0xBF, 0x43, 0xE5,
+	0x80, 0x82, 0x43, 0xE5, 0x80, 0xAB, 0x43, 0xE5,
+	0x81, 0xBA, 0x43, 0xE5, 0x82, 0x99, 0x43, 0xE5,
+	0x83, 0x8F, 0x43, 0xE5, 0x83, 0x9A, 0x43, 0xE5,
+	0x83, 0xA7, 0x43, 0xE5, 0x84, 0xAA, 0x43, 0xE5,
+	// Bytes 880 - 8bf
+	0x84, 0xBF, 0x43, 0xE5, 0x85, 0x80, 0x43, 0xE5,
+	0x85, 0x85, 0x43, 0xE5, 0x85, 0x8D, 0x43, 0xE5,
+	0x85, 0x94, 0x43, 0xE5, 0x85, 0xA4, 0x43, 0xE5,
+	0x85, 0xA5, 0x43, 0xE5, 0x85, 0xA7, 0x43, 0xE5,
+	0x85, 0xA8, 0x43, 0xE5, 0x85, 0xA9, 0x43, 0xE5,
+	0x85, 0xAB, 0x43, 0xE5, 0x85, 0xAD, 0x43, 0xE5,
+	0x85, 0xB7, 0x43, 0xE5, 0x86, 0x80, 0x43, 0xE5,
+	0x86, 0x82, 0x43, 0xE5, 0x86, 0x8D, 0x43, 0xE5,
+	// Bytes 8c0 - 8ff
+	0x86, 0x92, 0x43, 0xE5, 0x86, 0x95, 0x43, 0xE5,
+	0x86, 0x96, 0x43, 0xE5, 0x86, 0x97, 0x43, 0xE5,
+	0x86, 0x99, 0x43, 0xE5, 0x86, 0xA4, 0x43, 0xE5,
+	0x86, 0xAB, 0x43, 0xE5, 0x86, 0xAC, 0x43, 0xE5,
+	0x86, 0xB5, 0x43, 0xE5, 0x86, 0xB7, 0x43, 0xE5,
+	0x87, 0x89, 0x43, 0xE5, 0x87, 0x8C, 0x43, 0xE5,
+	0x87, 0x9C, 0x43, 0xE5, 0x87, 0x9E, 0x43, 0xE5,
+	0x87, 0xA0, 0x43, 0xE5, 0x87, 0xB5, 0x43, 0xE5,
+	// Bytes 900 - 93f
+	0x88, 0x80, 0x43, 0xE5, 0x88, 0x83, 0x43, 0xE5,
+	0x88, 0x87, 0x43, 0xE5, 0x88, 0x97, 0x43, 0xE5,
+	0x88, 0x9D, 0x43, 0xE5, 0x88, 0xA9, 0x43, 0xE5,
+	0x88, 0xBA, 0x43, 0xE5, 0x88, 0xBB, 0x43, 0xE5,
+	0x89, 0x86, 0x43, 0xE5, 0x89, 0x8D, 0x43, 0xE5,
+	0x89, 0xB2, 0x43, 0xE5, 0x89, 0xB7, 0x43, 0xE5,
+	0x8A, 0x89, 0x43, 0xE5, 0x8A, 0x9B, 0x43, 0xE5,
+	0x8A, 0xA3, 0x43, 0xE5, 0x8A, 0xB3, 0x43, 0xE5,
+	// Bytes 940 - 97f
+	0x8A, 0xB4, 0x43, 0xE5, 0x8B, 0x87, 0x43, 0xE5,
+	0x8B, 0x89, 0x43, 0xE5, 0x8B, 0x92, 0x43, 0xE5,
+	0x8B, 0x9E, 0x43, 0xE5, 0x8B, 0xA4, 0x43, 0xE5,
+	0x8B, 0xB5, 0x43, 0xE5, 0x8B, 0xB9, 0x43, 0xE5,
+	0x8B, 0xBA, 0x43, 0xE5, 0x8C, 0x85, 0x43, 0xE5,
+	0x8C, 0x86, 0x43, 0xE5, 0x8C, 0x95, 0x43, 0xE5,
+	0x8C, 0x97, 0x43, 0xE5, 0x8C, 0x9A, 0x43, 0xE5,
+	0x8C, 0xB8, 0x43, 0xE5, 0x8C, 0xBB, 0x43, 0xE5,
+	// Bytes 980 - 9bf
+	0x8C, 0xBF, 0x43, 0xE5, 0x8D, 0x81, 0x43, 0xE5,
+	0x8D, 0x84, 0x43, 0xE5, 0x8D, 0x85, 0x43, 0xE5,
+	0x8D, 0x89, 0x43, 0xE5, 0x8D, 0x91, 0x43, 0xE5,
+	0x8D, 0x94, 0x43, 0xE5, 0x8D, 0x9A, 0x43, 0xE5,
+	0x8D, 0x9C, 0x43, 0xE5, 0x8D, 0xA9, 0x43, 0xE5,
+	0x8D, 0xB0, 0x43, 0xE5, 0x8D, 0xB3, 0x43, 0xE5,
+	0x8D, 0xB5, 0x43, 0xE5, 0x8D, 0xBD, 0x43, 0xE5,
+	0x8D, 0xBF, 0x43, 0xE5, 0x8E, 0x82, 0x43, 0xE5,
+	// Bytes 9c0 - 9ff
+	0x8E, 0xB6, 0x43, 0xE5, 0x8F, 0x83, 0x43, 0xE5,
+	0x8F, 0x88, 0x43, 0xE5, 0x8F, 0x8A, 0x43, 0xE5,
+	0x8F, 0x8C, 0x43, 0xE5, 0x8F, 0x9F, 0x43, 0xE5,
+	0x8F, 0xA3, 0x43, 0xE5, 0x8F, 0xA5, 0x43, 0xE5,
+	0x8F, 0xAB, 0x43, 0xE5, 0x8F, 0xAF, 0x43, 0xE5,
+	0x8F, 0xB1, 0x43, 0xE5, 0x8F, 0xB3, 0x43, 0xE5,
+	0x90, 0x86, 0x43, 0xE5, 0x90, 0x88, 0x43, 0xE5,
+	0x90, 0x8D, 0x43, 0xE5, 0x90, 0x8F, 0x43, 0xE5,
+	// Bytes a00 - a3f
+	0x90, 0x9D, 0x43, 0xE5, 0x90, 0xB8, 0x43, 0xE5,
+	0x90, 0xB9, 0x43, 0xE5, 0x91, 0x82, 0x43, 0xE5,
+	0x91, 0x88, 0x43, 0xE5, 0x91, 0xA8, 0x43, 0xE5,
+	0x92, 0x9E, 0x43, 0xE5, 0x92, 0xA2, 0x43, 0xE5,
+	0x92, 0xBD, 0x43, 0xE5, 0x93, 0xB6, 0x43, 0xE5,
+	0x94, 0x90, 0x43, 0xE5, 0x95, 0x8F, 0x43, 0xE5,
+	0x95, 0x93, 0x43, 0xE5, 0x95, 0x95, 0x43, 0xE5,
+	0x95, 0xA3, 0x43, 0xE5, 0x96, 0x84, 0x43, 0xE5,
+	// Bytes a40 - a7f
+	0x96, 0x87, 0x43, 0xE5, 0x96, 0x99, 0x43, 0xE5,
+	0x96, 0x9D, 0x43, 0xE5, 0x96, 0xAB, 0x43, 0xE5,
+	0x96, 0xB3, 0x43, 0xE5, 0x96, 0xB6, 0x43, 0xE5,
+	0x97, 0x80, 0x43, 0xE5, 0x97, 0x82, 0x43, 0xE5,
+	0x97, 0xA2, 0x43, 0xE5, 0x98, 0x86, 0x43, 0xE5,
+	0x99, 0x91, 0x43, 0xE5, 0x99, 0xA8, 0x43, 0xE5,
+	0x99, 0xB4, 0x43, 0xE5, 0x9B, 0x97, 0x43, 0xE5,
+	0x9B, 0x9B, 0x43, 0xE5, 0x9B, 0xB9, 0x43, 0xE5,
+	// Bytes a80 - abf
+	0x9C, 0x96, 0x43, 0xE5, 0x9C, 0x97, 0x43, 0xE5,
+	0x9C, 0x9F, 0x43, 0xE5, 0x9C, 0xB0, 0x43, 0xE5,
+	0x9E, 0x8B, 0x43, 0xE5, 0x9F, 0x8E, 0x43, 0xE5,
+	0x9F, 0xB4, 0x43, 0xE5, 0xA0, 0x8D, 0x43, 0xE5,
+	0xA0, 0xB1, 0x43, 0xE5, 0xA0, 0xB2, 0x43, 0xE5,
+	0xA1, 0x80, 0x43, 0xE5, 0xA1, 0x9A, 0x43, 0xE5,
+	0xA1, 0x9E, 0x43, 0xE5, 0xA2, 0xA8, 0x43, 0xE5,
+	0xA2, 0xAC, 0x43, 0xE5, 0xA2, 0xB3, 0x43, 0xE5,
+	// Bytes ac0 - aff
+	0xA3, 0x98, 0x43, 0xE5, 0xA3, 0x9F, 0x43, 0xE5,
+	0xA3, 0xAB, 0x43, 0xE5, 0xA3, 0xAE, 0x43, 0xE5,
+	0xA3, 0xB0, 0x43, 0xE5, 0xA3, 0xB2, 0x43, 0xE5,
+	0xA3, 0xB7, 0x43, 0xE5, 0xA4, 0x82, 0x43, 0xE5,
+	0xA4, 0x86, 0x43, 0xE5, 0xA4, 0x8A, 0x43, 0xE5,
+	0xA4, 0x95, 0x43, 0xE5, 0xA4, 0x9A, 0x43, 0xE5,
+	0xA4, 0x9C, 0x43, 0xE5, 0xA4, 0xA2, 0x43, 0xE5,
+	0xA4, 0xA7, 0x43, 0xE5, 0xA4, 0xA9, 0x43, 0xE5,
+	// Bytes b00 - b3f
+	0xA5, 0x84, 0x43, 0xE5, 0xA5, 0x88, 0x43, 0xE5,
+	0xA5, 0x91, 0x43, 0xE5, 0xA5, 0x94, 0x43, 0xE5,
+	0xA5, 0xA2, 0x43, 0xE5, 0xA5, 0xB3, 0x43, 0xE5,
+	0xA7, 0x98, 0x43, 0xE5, 0xA7, 0xAC, 0x43, 0xE5,
+	0xA8, 0x9B, 0x43, 0xE5, 0xA8, 0xA7, 0x43, 0xE5,
+	0xA9, 0xA2, 0x43, 0xE5, 0xA9, 0xA6, 0x43, 0xE5,
+	0xAA, 0xB5, 0x43, 0xE5, 0xAC, 0x88, 0x43, 0xE5,
+	0xAC, 0xA8, 0x43, 0xE5, 0xAC, 0xBE, 0x43, 0xE5,
+	// Bytes b40 - b7f
+	0xAD, 0x90, 0x43, 0xE5, 0xAD, 0x97, 0x43, 0xE5,
+	0xAD, 0xA6, 0x43, 0xE5, 0xAE, 0x80, 0x43, 0xE5,
+	0xAE, 0x85, 0x43, 0xE5, 0xAE, 0x97, 0x43, 0xE5,
+	0xAF, 0x83, 0x43, 0xE5, 0xAF, 0x98, 0x43, 0xE5,
+	0xAF, 0xA7, 0x43, 0xE5, 0xAF, 0xAE, 0x43, 0xE5,
+	0xAF, 0xB3, 0x43, 0xE5, 0xAF, 0xB8, 0x43, 0xE5,
+	0xAF, 0xBF, 0x43, 0xE5, 0xB0, 0x86, 0x43, 0xE5,
+	0xB0, 0x8F, 0x43, 0xE5, 0xB0, 0xA2, 0x43, 0xE5,
+	// Bytes b80 - bbf
+	0xB0, 0xB8, 0x43, 0xE5, 0xB0, 0xBF, 0x43, 0xE5,
+	0xB1, 0xA0, 0x43, 0xE5, 0xB1, 0xA2, 0x43, 0xE5,
+	0xB1, 0xA4, 0x43, 0xE5, 0xB1, 0xA5, 0x43, 0xE5,
+	0xB1, 0xAE, 0x43, 0xE5, 0xB1, 0xB1, 0x43, 0xE5,
+	0xB2, 0x8D, 0x43, 0xE5, 0xB3, 0x80, 0x43, 0xE5,
+	0xB4, 0x99, 0x43, 0xE5, 0xB5, 0x83, 0x43, 0xE5,
+	0xB5, 0x90, 0x43, 0xE5, 0xB5, 0xAB, 0x43, 0xE5,
+	0xB5, 0xAE, 0x43, 0xE5, 0xB5, 0xBC, 0x43, 0xE5,
+	// Bytes bc0 - bff
+	0xB6, 0xB2, 0x43, 0xE5, 0xB6, 0xBA, 0x43, 0xE5,
+	0xB7, 0x9B, 0x43, 0xE5, 0xB7, 0xA1, 0x43, 0xE5,
+	0xB7, 0xA2, 0x43, 0xE5, 0xB7, 0xA5, 0x43, 0xE5,
+	0xB7, 0xA6, 0x43, 0xE5, 0xB7, 0xB1, 0x43, 0xE5,
+	0xB7, 0xBD, 0x43, 0xE5, 0xB7, 0xBE, 0x43, 0xE5,
+	0xB8, 0xA8, 0x43, 0xE5, 0xB8, 0xBD, 0x43, 0xE5,
+	0xB9, 0xA9, 0x43, 0xE5, 0xB9, 0xB2, 0x43, 0xE5,
+	0xB9, 0xB4, 0x43, 0xE5, 0xB9, 0xBA, 0x43, 0xE5,
+	// Bytes c00 - c3f
+	0xB9, 0xBC, 0x43, 0xE5, 0xB9, 0xBF, 0x43, 0xE5,
+	0xBA, 0xA6, 0x43, 0xE5, 0xBA, 0xB0, 0x43, 0xE5,
+	0xBA, 0xB3, 0x43, 0xE5, 0xBA, 0xB6, 0x43, 0xE5,
+	0xBB, 0x89, 0x43, 0xE5, 0xBB, 0x8A, 0x43, 0xE5,
+	0xBB, 0x92, 0x43, 0xE5, 0xBB, 0x93, 0x43, 0xE5,
+	0xBB, 0x99, 0x43, 0xE5, 0xBB, 0xAC, 0x43, 0xE5,
+	0xBB, 0xB4, 0x43, 0xE5, 0xBB, 0xBE, 0x43, 0xE5,
+	0xBC, 0x84, 0x43, 0xE5, 0xBC, 0x8B, 0x43, 0xE5,
+	// Bytes c40 - c7f
+	0xBC, 0x93, 0x43, 0xE5, 0xBC, 0xA2, 0x43, 0xE5,
+	0xBD, 0x90, 0x43, 0xE5, 0xBD, 0x93, 0x43, 0xE5,
+	0xBD, 0xA1, 0x43, 0xE5, 0xBD, 0xA2, 0x43, 0xE5,
+	0xBD, 0xA9, 0x43, 0xE5, 0xBD, 0xAB, 0x43, 0xE5,
+	0xBD, 0xB3, 0x43, 0xE5, 0xBE, 0x8B, 0x43, 0xE5,
+	0xBE, 0x8C, 0x43, 0xE5, 0xBE, 0x97, 0x43, 0xE5,
+	0xBE, 0x9A, 0x43, 0xE5, 0xBE, 0xA9, 0x43, 0xE5,
+	0xBE, 0xAD, 0x43, 0xE5, 0xBF, 0x83, 0x43, 0xE5,
+	// Bytes c80 - cbf
+	0xBF, 0x8D, 0x43, 0xE5, 0xBF, 0x97, 0x43, 0xE5,
+	0xBF, 0xB5, 0x43, 0xE5, 0xBF, 0xB9, 0x43, 0xE6,
+	0x80, 0x92, 0x43, 0xE6, 0x80, 0x9C, 0x43, 0xE6,
+	0x81, 0xB5, 0x43, 0xE6, 0x82, 0x81, 0x43, 0xE6,
+	0x82, 0x94, 0x43, 0xE6, 0x83, 0x87, 0x43, 0xE6,
+	0x83, 0x98, 0x43, 0xE6, 0x83, 0xA1, 0x43, 0xE6,
+	0x84, 0x88, 0x43, 0xE6, 0x85, 0x84, 0x43, 0xE6,
+	0x85, 0x88, 0x43, 0xE6, 0x85, 0x8C, 0x43, 0xE6,
+	// Bytes cc0 - cff
+	0x85, 0x8E, 0x43, 0xE6, 0x85, 0xA0, 0x43, 0xE6,
+	0x85, 0xA8, 0x43, 0xE6, 0x85, 0xBA, 0x43, 0xE6,
+	0x86, 0x8E, 0x43, 0xE6, 0x86, 0x90, 0x43, 0xE6,
+	0x86, 0xA4, 0x43, 0xE6, 0x86, 0xAF, 0x43, 0xE6,
+	0x86, 0xB2, 0x43, 0xE6, 0x87, 0x9E, 0x43, 0xE6,
+	0x87, 0xB2, 0x43, 0xE6, 0x87, 0xB6, 0x43, 0xE6,
+	0x88, 0x80, 0x43, 0xE6, 0x88, 0x88, 0x43, 0xE6,
+	0x88, 0x90, 0x43, 0xE6, 0x88, 0x9B, 0x43, 0xE6,
+	// Bytes d00 - d3f
+	0x88, 0xAE, 0x43, 0xE6, 0x88, 0xB4, 0x43, 0xE6,
+	0x88, 0xB6, 0x43, 0xE6, 0x89, 0x8B, 0x43, 0xE6,
+	0x89, 0x93, 0x43, 0xE6, 0x89, 0x9D, 0x43, 0xE6,
+	0x8A, 0x95, 0x43, 0xE6, 0x8A, 0xB1, 0x43, 0xE6,
+	0x8B, 0x89, 0x43, 0xE6, 0x8B, 0x8F, 0x43, 0xE6,
+	0x8B, 0x93, 0x43, 0xE6, 0x8B, 0x94, 0x43, 0xE6,
+	0x8B, 0xBC, 0x43, 0xE6, 0x8B, 0xBE, 0x43, 0xE6,
+	0x8C, 0x87, 0x43, 0xE6, 0x8C, 0xBD, 0x43, 0xE6,
+	// Bytes d40 - d7f
+	0x8D, 0x90, 0x43, 0xE6, 0x8D, 0x95, 0x43, 0xE6,
+	0x8D, 0xA8, 0x43, 0xE6, 0x8D, 0xBB, 0x43, 0xE6,
+	0x8E, 0x83, 0x43, 0xE6, 0x8E, 0xA0, 0x43, 0xE6,
+	0x8E, 0xA9, 0x43, 0xE6, 0x8F, 0x84, 0x43, 0xE6,
+	0x8F, 0x85, 0x43, 0xE6, 0x8F, 0xA4, 0x43, 0xE6,
+	0x90, 0x9C, 0x43, 0xE6, 0x90, 0xA2, 0x43, 0xE6,
+	0x91, 0x92, 0x43, 0xE6, 0x91, 0xA9, 0x43, 0xE6,
+	0x91, 0xB7, 0x43, 0xE6, 0x91, 0xBE, 0x43, 0xE6,
+	// Bytes d80 - dbf
+	0x92, 0x9A, 0x43, 0xE6, 0x92, 0x9D, 0x43, 0xE6,
+	0x93, 0x84, 0x43, 0xE6, 0x94, 0xAF, 0x43, 0xE6,
+	0x94, 0xB4, 0x43, 0xE6, 0x95, 0x8F, 0x43, 0xE6,
+	0x95, 0x96, 0x43, 0xE6, 0x95, 0xAC, 0x43, 0xE6,
+	0x95, 0xB8, 0x43, 0xE6, 0x96, 0x87, 0x43, 0xE6,
+	0x96, 0x97, 0x43, 0xE6, 0x96, 0x99, 0x43, 0xE6,
+	0x96, 0xA4, 0x43, 0xE6, 0x96, 0xB0, 0x43, 0xE6,
+	0x96, 0xB9, 0x43, 0xE6, 0x97, 0x85, 0x43, 0xE6,
+	// Bytes dc0 - dff
+	0x97, 0xA0, 0x43, 0xE6, 0x97, 0xA2, 0x43, 0xE6,
+	0x97, 0xA3, 0x43, 0xE6, 0x97, 0xA5, 0x43, 0xE6,
+	0x98, 0x93, 0x43, 0xE6, 0x98, 0xA0, 0x43, 0xE6,
+	0x99, 0x89, 0x43, 0xE6, 0x99, 0xB4, 0x43, 0xE6,
+	0x9A, 0x88, 0x43, 0xE6, 0x9A, 0x91, 0x43, 0xE6,
+	0x9A, 0x9C, 0x43, 0xE6, 0x9A, 0xB4, 0x43, 0xE6,
+	0x9B, 0x86, 0x43, 0xE6, 0x9B, 0xB0, 0x43, 0xE6,
+	0x9B, 0xB4, 0x43, 0xE6, 0x9B, 0xB8, 0x43, 0xE6,
+	// Bytes e00 - e3f
+	0x9C, 0x80, 0x43, 0xE6, 0x9C, 0x88, 0x43, 0xE6,
+	0x9C, 0x89, 0x43, 0xE6, 0x9C, 0x97, 0x43, 0xE6,
+	0x9C, 0x9B, 0x43, 0xE6, 0x9C, 0xA1, 0x43, 0xE6,
+	0x9C, 0xA8, 0x43, 0xE6, 0x9D, 0x8E, 0x43, 0xE6,
+	0x9D, 0x93, 0x43, 0xE6, 0x9D, 0x96, 0x43, 0xE6,
+	0x9D, 0x9E, 0x43, 0xE6, 0x9D, 0xBB, 0x43, 0xE6,
+	0x9E, 0x85, 0x43, 0xE6, 0x9E, 0x97, 0x43, 0xE6,
+	0x9F, 0xB3, 0x43, 0xE6, 0x9F, 0xBA, 0x43, 0xE6,
+	// Bytes e40 - e7f
+	0xA0, 0x97, 0x43, 0xE6, 0xA0, 0x9F, 0x43, 0xE6,
+	0xA0, 0xAA, 0x43, 0xE6, 0xA1, 0x92, 0x43, 0xE6,
+	0xA2, 0x81, 0x43, 0xE6, 0xA2, 0x85, 0x43, 0xE6,
+	0xA2, 0x8E, 0x43, 0xE6, 0xA2, 0xA8, 0x43, 0xE6,
+	0xA4, 0x94, 0x43, 0xE6, 0xA5, 0x82, 0x43, 0xE6,
+	0xA6, 0xA3, 0x43, 0xE6, 0xA7, 0xAA, 0x43, 0xE6,
+	0xA8, 0x82, 0x43, 0xE6, 0xA8, 0x93, 0x43, 0xE6,
+	0xAA, 0xA8, 0x43, 0xE6, 0xAB, 0x93, 0x43, 0xE6,
+	// Bytes e80 - ebf
+	0xAB, 0x9B, 0x43, 0xE6, 0xAC, 0x84, 0x43, 0xE6,
+	0xAC, 0xA0, 0x43, 0xE6, 0xAC, 0xA1, 0x43, 0xE6,
+	0xAD, 0x94, 0x43, 0xE6, 0xAD, 0xA2, 0x43, 0xE6,
+	0xAD, 0xA3, 0x43, 0xE6, 0xAD, 0xB2, 0x43, 0xE6,
+	0xAD, 0xB7, 0x43, 0xE6, 0xAD, 0xB9, 0x43, 0xE6,
+	0xAE, 0x9F, 0x43, 0xE6, 0xAE, 0xAE, 0x43, 0xE6,
+	0xAE, 0xB3, 0x43, 0xE6, 0xAE, 0xBA, 0x43, 0xE6,
+	0xAE, 0xBB, 0x43, 0xE6, 0xAF, 0x8B, 0x43, 0xE6,
+	// Bytes ec0 - eff
+	0xAF, 0x8D, 0x43, 0xE6, 0xAF, 0x94, 0x43, 0xE6,
+	0xAF, 0x9B, 0x43, 0xE6, 0xB0, 0x8F, 0x43, 0xE6,
+	0xB0, 0x94, 0x43, 0xE6, 0xB0, 0xB4, 0x43, 0xE6,
+	0xB1, 0x8E, 0x43, 0xE6, 0xB1, 0xA7, 0x43, 0xE6,
+	0xB2, 0x88, 0x43, 0xE6, 0xB2, 0xBF, 0x43, 0xE6,
+	0xB3, 0x8C, 0x43, 0xE6, 0xB3, 0x8D, 0x43, 0xE6,
+	0xB3, 0xA5, 0x43, 0xE6, 0xB3, 0xA8, 0x43, 0xE6,
+	0xB4, 0x96, 0x43, 0xE6, 0xB4, 0x9B, 0x43, 0xE6,
+	// Bytes f00 - f3f
+	0xB4, 0x9E, 0x43, 0xE6, 0xB4, 0xB4, 0x43, 0xE6,
+	0xB4, 0xBE, 0x43, 0xE6, 0xB5, 0x81, 0x43, 0xE6,
+	0xB5, 0xA9, 0x43, 0xE6, 0xB5, 0xAA, 0x43, 0xE6,
+	0xB5, 0xB7, 0x43, 0xE6, 0xB5, 0xB8, 0x43, 0xE6,
+	0xB6, 0x85, 0x43, 0xE6, 0xB7, 0x8B, 0x43, 0xE6,
+	0xB7, 0x9A, 0x43, 0xE6, 0xB7, 0xAA, 0x43, 0xE6,
+	0xB7, 0xB9, 0x43, 0xE6, 0xB8, 0x9A, 0x43, 0xE6,
+	0xB8, 0xAF, 0x43, 0xE6, 0xB9, 0xAE, 0x43, 0xE6,
+	// Bytes f40 - f7f
+	0xBA, 0x80, 0x43, 0xE6, 0xBA, 0x9C, 0x43, 0xE6,
+	0xBA, 0xBA, 0x43, 0xE6, 0xBB, 0x87, 0x43, 0xE6,
+	0xBB, 0x8B, 0x43, 0xE6, 0xBB, 0x91, 0x43, 0xE6,
+	0xBB, 0x9B, 0x43, 0xE6, 0xBC, 0x8F, 0x43, 0xE6,
+	0xBC, 0x94, 0x43, 0xE6, 0xBC, 0xA2, 0x43, 0xE6,
+	0xBC, 0xA3, 0x43, 0xE6, 0xBD, 0xAE, 0x43, 0xE6,
+	0xBF, 0x86, 0x43, 0xE6, 0xBF, 0xAB, 0x43, 0xE6,
+	0xBF, 0xBE, 0x43, 0xE7, 0x80, 0x9B, 0x43, 0xE7,
+	// Bytes f80 - fbf
+	0x80, 0x9E, 0x43, 0xE7, 0x80, 0xB9, 0x43, 0xE7,
+	0x81, 0x8A, 0x43, 0xE7, 0x81, 0xAB, 0x43, 0xE7,
+	0x81, 0xB0, 0x43, 0xE7, 0x81, 0xB7, 0x43, 0xE7,
+	0x81, 0xBD, 0x43, 0xE7, 0x82, 0x99, 0x43, 0xE7,
+	0x82, 0xAD, 0x43, 0xE7, 0x83, 0x88, 0x43, 0xE7,
+	0x83, 0x99, 0x43, 0xE7, 0x84, 0xA1, 0x43, 0xE7,
+	0x85, 0x85, 0x43, 0xE7, 0x85, 0x89, 0x43, 0xE7,
+	0x85, 0xAE, 0x43, 0xE7, 0x86, 0x9C, 0x43, 0xE7,
+	// Bytes fc0 - fff
+	0x87, 0x8E, 0x43, 0xE7, 0x87, 0x90, 0x43, 0xE7,
+	0x88, 0x90, 0x43, 0xE7, 0x88, 0x9B, 0x43, 0xE7,
+	0x88, 0xA8, 0x43, 0xE7, 0x88, 0xAA, 0x43, 0xE7,
+	0x88, 0xAB, 0x43, 0xE7, 0x88, 0xB5, 0x43, 0xE7,
+	0x88, 0xB6, 0x43, 0xE7, 0x88, 0xBB, 0x43, 0xE7,
+	0x88, 0xBF, 0x43, 0xE7, 0x89, 0x87, 0x43, 0xE7,
+	0x89, 0x90, 0x43, 0xE7, 0x89, 0x99, 0x43, 0xE7,
+	0x89, 0x9B, 0x43, 0xE7, 0x89, 0xA2, 0x43, 0xE7,
+	// Bytes 1000 - 103f
+	0x89, 0xB9, 0x43, 0xE7, 0x8A, 0x80, 0x43, 0xE7,
+	0x8A, 0x95, 0x43, 0xE7, 0x8A, 0xAC, 0x43, 0xE7,
+	0x8A, 0xAF, 0x43, 0xE7, 0x8B, 0x80, 0x43, 0xE7,
+	0x8B, 0xBC, 0x43, 0xE7, 0x8C, 0xAA, 0x43, 0xE7,
+	0x8D, 0xB5, 0x43, 0xE7, 0x8D, 0xBA, 0x43, 0xE7,
+	0x8E, 0x84, 0x43, 0xE7, 0x8E, 0x87, 0x43, 0xE7,
+	0x8E, 0x89, 0x43, 0xE7, 0x8E, 0x8B, 0x43, 0xE7,
+	0x8E, 0xA5, 0x43, 0xE7, 0x8E, 0xB2, 0x43, 0xE7,
+	// Bytes 1040 - 107f
+	0x8F, 0x9E, 0x43, 0xE7, 0x90, 0x86, 0x43, 0xE7,
+	0x90, 0x89, 0x43, 0xE7, 0x90, 0xA2, 0x43, 0xE7,
+	0x91, 0x87, 0x43, 0xE7, 0x91, 0x9C, 0x43, 0xE7,
+	0x91, 0xA9, 0x43, 0xE7, 0x91, 0xB1, 0x43, 0xE7,
+	0x92, 0x85, 0x43, 0xE7, 0x92, 0x89, 0x43, 0xE7,
+	0x92, 0x98, 0x43, 0xE7, 0x93, 0x8A, 0x43, 0xE7,
+	0x93, 0x9C, 0x43, 0xE7, 0x93, 0xA6, 0x43, 0xE7,
+	0x94, 0x86, 0x43, 0xE7, 0x94, 0x98, 0x43, 0xE7,
+	// Bytes 1080 - 10bf
+	0x94, 0x9F, 0x43, 0xE7, 0x94, 0xA4, 0x43, 0xE7,
+	0x94, 0xA8, 0x43, 0xE7, 0x94, 0xB0, 0x43, 0xE7,
+	0x94, 0xB2, 0x43, 0xE7, 0x94, 0xB3, 0x43, 0xE7,
+	0x94, 0xB7, 0x43, 0xE7, 0x94, 0xBB, 0x43, 0xE7,
+	0x94, 0xBE, 0x43, 0xE7, 0x95, 0x99, 0x43, 0xE7,
+	0x95, 0xA5, 0x43, 0xE7, 0x95, 0xB0, 0x43, 0xE7,
+	0x96, 0x8B, 0x43, 0xE7, 0x96, 0x92, 0x43, 0xE7,
+	0x97, 0xA2, 0x43, 0xE7, 0x98, 0x90, 0x43, 0xE7,
+	// Bytes 10c0 - 10ff
+	0x98, 0x9D, 0x43, 0xE7, 0x98, 0x9F, 0x43, 0xE7,
+	0x99, 0x82, 0x43, 0xE7, 0x99, 0xA9, 0x43, 0xE7,
+	0x99, 0xB6, 0x43, 0xE7, 0x99, 0xBD, 0x43, 0xE7,
+	0x9A, 0xAE, 0x43, 0xE7, 0x9A, 0xBF, 0x43, 0xE7,
+	0x9B, 0x8A, 0x43, 0xE7, 0x9B, 0x9B, 0x43, 0xE7,
+	0x9B, 0xA3, 0x43, 0xE7, 0x9B, 0xA7, 0x43, 0xE7,
+	0x9B, 0xAE, 0x43, 0xE7, 0x9B, 0xB4, 0x43, 0xE7,
+	0x9C, 0x81, 0x43, 0xE7, 0x9C, 0x9E, 0x43, 0xE7,
+	// Bytes 1100 - 113f
+	0x9C, 0x9F, 0x43, 0xE7, 0x9D, 0x80, 0x43, 0xE7,
+	0x9D, 0x8A, 0x43, 0xE7, 0x9E, 0x8B, 0x43, 0xE7,
+	0x9E, 0xA7, 0x43, 0xE7, 0x9F, 0x9B, 0x43, 0xE7,
+	0x9F, 0xA2, 0x43, 0xE7, 0x9F, 0xB3, 0x43, 0xE7,
+	0xA1, 0x8E, 0x43, 0xE7, 0xA1, 0xAB, 0x43, 0xE7,
+	0xA2, 0x8C, 0x43, 0xE7, 0xA2, 0x91, 0x43, 0xE7,
+	0xA3, 0x8A, 0x43, 0xE7, 0xA3, 0x8C, 0x43, 0xE7,
+	0xA3, 0xBB, 0x43, 0xE7, 0xA4, 0xAA, 0x43, 0xE7,
+	// Bytes 1140 - 117f
+	0xA4, 0xBA, 0x43, 0xE7, 0xA4, 0xBC, 0x43, 0xE7,
+	0xA4, 0xBE, 0x43, 0xE7, 0xA5, 0x88, 0x43, 0xE7,
+	0xA5, 0x89, 0x43, 0xE7, 0xA5, 0x90, 0x43, 0xE7,
+	0xA5, 0x96, 0x43, 0xE7, 0xA5, 0x9D, 0x43, 0xE7,
+	0xA5, 0x9E, 0x43, 0xE7, 0xA5, 0xA5, 0x43, 0xE7,
+	0xA5, 0xBF, 0x43, 0xE7, 0xA6, 0x81, 0x43, 0xE7,
+	0xA6, 0x8D, 0x43, 0xE7, 0xA6, 0x8E, 0x43, 0xE7,
+	0xA6, 0x8F, 0x43, 0xE7, 0xA6, 0xAE, 0x43, 0xE7,
+	// Bytes 1180 - 11bf
+	0xA6, 0xB8, 0x43, 0xE7, 0xA6, 0xBE, 0x43, 0xE7,
+	0xA7, 0x8A, 0x43, 0xE7, 0xA7, 0x98, 0x43, 0xE7,
+	0xA7, 0xAB, 0x43, 0xE7, 0xA8, 0x9C, 0x43, 0xE7,
+	0xA9, 0x80, 0x43, 0xE7, 0xA9, 0x8A, 0x43, 0xE7,
+	0xA9, 0x8F, 0x43, 0xE7, 0xA9, 0xB4, 0x43, 0xE7,
+	0xA9, 0xBA, 0x43, 0xE7, 0xAA, 0x81, 0x43, 0xE7,
+	0xAA, 0xB1, 0x43, 0xE7, 0xAB, 0x8B, 0x43, 0xE7,
+	0xAB, 0xAE, 0x43, 0xE7, 0xAB, 0xB9, 0x43, 0xE7,
+	// Bytes 11c0 - 11ff
+	0xAC, 0xA0, 0x43, 0xE7, 0xAE, 0x8F, 0x43, 0xE7,
+	0xAF, 0x80, 0x43, 0xE7, 0xAF, 0x86, 0x43, 0xE7,
+	0xAF, 0x89, 0x43, 0xE7, 0xB0, 0xBE, 0x43, 0xE7,
+	0xB1, 0xA0, 0x43, 0xE7, 0xB1, 0xB3, 0x43, 0xE7,
+	0xB1, 0xBB, 0x43, 0xE7, 0xB2, 0x92, 0x43, 0xE7,
+	0xB2, 0xBE, 0x43, 0xE7, 0xB3, 0x92, 0x43, 0xE7,
+	0xB3, 0x96, 0x43, 0xE7, 0xB3, 0xA3, 0x43, 0xE7,
+	0xB3, 0xA7, 0x43, 0xE7, 0xB3, 0xA8, 0x43, 0xE7,
+	// Bytes 1200 - 123f
+	0xB3, 0xB8, 0x43, 0xE7, 0xB4, 0x80, 0x43, 0xE7,
+	0xB4, 0x90, 0x43, 0xE7, 0xB4, 0xA2, 0x43, 0xE7,
+	0xB4, 0xAF, 0x43, 0xE7, 0xB5, 0x82, 0x43, 0xE7,
+	0xB5, 0x9B, 0x43, 0xE7, 0xB5, 0xA3, 0x43, 0xE7,
+	0xB6, 0xA0, 0x43, 0xE7, 0xB6, 0xBE, 0x43, 0xE7,
+	0xB7, 0x87, 0x43, 0xE7, 0xB7, 0xB4, 0x43, 0xE7,
+	0xB8, 0x82, 0x43, 0xE7, 0xB8, 0x89, 0x43, 0xE7,
+	0xB8, 0xB7, 0x43, 0xE7, 0xB9, 0x81, 0x43, 0xE7,
+	// Bytes 1240 - 127f
+	0xB9, 0x85, 0x43, 0xE7, 0xBC, 0xB6, 0x43, 0xE7,
+	0xBC, 0xBE, 0x43, 0xE7, 0xBD, 0x91, 0x43, 0xE7,
+	0xBD, 0xB2, 0x43, 0xE7, 0xBD, 0xB9, 0x43, 0xE7,
+	0xBD, 0xBA, 0x43, 0xE7, 0xBE, 0x85, 0x43, 0xE7,
+	0xBE, 0x8A, 0x43, 0xE7, 0xBE, 0x95, 0x43, 0xE7,
+	0xBE, 0x9A, 0x43, 0xE7, 0xBE, 0xBD, 0x43, 0xE7,
+	0xBF, 0xBA, 0x43, 0xE8, 0x80, 0x81, 0x43, 0xE8,
+	0x80, 0x85, 0x43, 0xE8, 0x80, 0x8C, 0x43, 0xE8,
+	// Bytes 1280 - 12bf
+	0x80, 0x92, 0x43, 0xE8, 0x80, 0xB3, 0x43, 0xE8,
+	0x81, 0x86, 0x43, 0xE8, 0x81, 0xA0, 0x43, 0xE8,
+	0x81, 0xAF, 0x43, 0xE8, 0x81, 0xB0, 0x43, 0xE8,
+	0x81, 0xBE, 0x43, 0xE8, 0x81, 0xBF, 0x43, 0xE8,
+	0x82, 0x89, 0x43, 0xE8, 0x82, 0x8B, 0x43, 0xE8,
+	0x82, 0xAD, 0x43, 0xE8, 0x82, 0xB2, 0x43, 0xE8,
+	0x84, 0x83, 0x43, 0xE8, 0x84, 0xBE, 0x43, 0xE8,
+	0x87, 0x98, 0x43, 0xE8, 0x87, 0xA3, 0x43, 0xE8,
+	// Bytes 12c0 - 12ff
+	0x87, 0xA8, 0x43, 0xE8, 0x87, 0xAA, 0x43, 0xE8,
+	0x87, 0xAD, 0x43, 0xE8, 0x87, 0xB3, 0x43, 0xE8,
+	0x87, 0xBC, 0x43, 0xE8, 0x88, 0x81, 0x43, 0xE8,
+	0x88, 0x84, 0x43, 0xE8, 0x88, 0x8C, 0x43, 0xE8,
+	0x88, 0x98, 0x43, 0xE8, 0x88, 0x9B, 0x43, 0xE8,
+	0x88, 0x9F, 0x43, 0xE8, 0x89, 0xAE, 0x43, 0xE8,
+	0x89, 0xAF, 0x43, 0xE8, 0x89, 0xB2, 0x43, 0xE8,
+	0x89, 0xB8, 0x43, 0xE8, 0x89, 0xB9, 0x43, 0xE8,
+	// Bytes 1300 - 133f
+	0x8A, 0x8B, 0x43, 0xE8, 0x8A, 0x91, 0x43, 0xE8,
+	0x8A, 0x9D, 0x43, 0xE8, 0x8A, 0xB1, 0x43, 0xE8,
+	0x8A, 0xB3, 0x43, 0xE8, 0x8A, 0xBD, 0x43, 0xE8,
+	0x8B, 0xA5, 0x43, 0xE8, 0x8B, 0xA6, 0x43, 0xE8,
+	0x8C, 0x9D, 0x43, 0xE8, 0x8C, 0xA3, 0x43, 0xE8,
+	0x8C, 0xB6, 0x43, 0xE8, 0x8D, 0x92, 0x43, 0xE8,
+	0x8D, 0x93, 0x43, 0xE8, 0x8D, 0xA3, 0x43, 0xE8,
+	0x8E, 0xAD, 0x43, 0xE8, 0x8E, 0xBD, 0x43, 0xE8,
+	// Bytes 1340 - 137f
+	0x8F, 0x89, 0x43, 0xE8, 0x8F, 0x8A, 0x43, 0xE8,
+	0x8F, 0x8C, 0x43, 0xE8, 0x8F, 0x9C, 0x43, 0xE8,
+	0x8F, 0xA7, 0x43, 0xE8, 0x8F, 0xAF, 0x43, 0xE8,
+	0x8F, 0xB1, 0x43, 0xE8, 0x90, 0xBD, 0x43, 0xE8,
+	0x91, 0x89, 0x43, 0xE8, 0x91, 0x97, 0x43, 0xE8,
+	0x93, 0xAE, 0x43, 0xE8, 0x93, 0xB1, 0x43, 0xE8,
+	0x93, 0xB3, 0x43, 0xE8, 0x93, 0xBC, 0x43, 0xE8,
+	0x94, 0x96, 0x43, 0xE8, 0x95, 0xA4, 0x43, 0xE8,
+	// Bytes 1380 - 13bf
+	0x97, 0x8D, 0x43, 0xE8, 0x97, 0xBA, 0x43, 0xE8,
+	0x98, 0x86, 0x43, 0xE8, 0x98, 0x92, 0x43, 0xE8,
+	0x98, 0xAD, 0x43, 0xE8, 0x98, 0xBF, 0x43, 0xE8,
+	0x99, 0x8D, 0x43, 0xE8, 0x99, 0x90, 0x43, 0xE8,
+	0x99, 0x9C, 0x43, 0xE8, 0x99, 0xA7, 0x43, 0xE8,
+	0x99, 0xA9, 0x43, 0xE8, 0x99, 0xAB, 0x43, 0xE8,
+	0x9A, 0x88, 0x43, 0xE8, 0x9A, 0xA9, 0x43, 0xE8,
+	0x9B, 0xA2, 0x43, 0xE8, 0x9C, 0x8E, 0x43, 0xE8,
+	// Bytes 13c0 - 13ff
+	0x9C, 0xA8, 0x43, 0xE8, 0x9D, 0xAB, 0x43, 0xE8,
+	0x9D, 0xB9, 0x43, 0xE8, 0x9E, 0x86, 0x43, 0xE8,
+	0x9E, 0xBA, 0x43, 0xE8, 0x9F, 0xA1, 0x43, 0xE8,
+	0xA0, 0x81, 0x43, 0xE8, 0xA0, 0x9F, 0x43, 0xE8,
+	0xA1, 0x80, 0x43, 0xE8, 0xA1, 0x8C, 0x43, 0xE8,
+	0xA1, 0xA0, 0x43, 0xE8, 0xA1, 0xA3, 0x43, 0xE8,
+	0xA3, 0x82, 0x43, 0xE8, 0xA3, 0x8F, 0x43, 0xE8,
+	0xA3, 0x97, 0x43, 0xE8, 0xA3, 0x9E, 0x43, 0xE8,
+	// Bytes 1400 - 143f
+	0xA3, 0xA1, 0x43, 0xE8, 0xA3, 0xB8, 0x43, 0xE8,
+	0xA3, 0xBA, 0x43, 0xE8, 0xA4, 0x90, 0x43, 0xE8,
+	0xA5, 0x81, 0x43, 0xE8, 0xA5, 0xA4, 0x43, 0xE8,
+	0xA5, 0xBE, 0x43, 0xE8, 0xA6, 0x86, 0x43, 0xE8,
+	0xA6, 0x8B, 0x43, 0xE8, 0xA6, 0x96, 0x43, 0xE8,
+	0xA7, 0x92, 0x43, 0xE8, 0xA7, 0xA3, 0x43, 0xE8,
+	0xA8, 0x80, 0x43, 0xE8, 0xAA, 0xA0, 0x43, 0xE8,
+	0xAA, 0xAA, 0x43, 0xE8, 0xAA, 0xBF, 0x43, 0xE8,
+	// Bytes 1440 - 147f
+	0xAB, 0x8B, 0x43, 0xE8, 0xAB, 0x92, 0x43, 0xE8,
+	0xAB, 0x96, 0x43, 0xE8, 0xAB, 0xAD, 0x43, 0xE8,
+	0xAB, 0xB8, 0x43, 0xE8, 0xAB, 0xBE, 0x43, 0xE8,
+	0xAC, 0x81, 0x43, 0xE8, 0xAC, 0xB9, 0x43, 0xE8,
+	0xAD, 0x98, 0x43, 0xE8, 0xAE, 0x80, 0x43, 0xE8,
+	0xAE, 0x8A, 0x43, 0xE8, 0xB0, 0xB7, 0x43, 0xE8,
+	0xB1, 0x86, 0x43, 0xE8, 0xB1, 0x88, 0x43, 0xE8,
+	0xB1, 0x95, 0x43, 0xE8, 0xB1, 0xB8, 0x43, 0xE8,
+	// Bytes 1480 - 14bf
+	0xB2, 0x9D, 0x43, 0xE8, 0xB2, 0xA1, 0x43, 0xE8,
+	0xB2, 0xA9, 0x43, 0xE8, 0xB2, 0xAB, 0x43, 0xE8,
+	0xB3, 0x81, 0x43, 0xE8, 0xB3, 0x82, 0x43, 0xE8,
+	0xB3, 0x87, 0x43, 0xE8, 0xB3, 0x88, 0x43, 0xE8,
+	0xB3, 0x93, 0x43, 0xE8, 0xB4, 0x88, 0x43, 0xE8,
+	0xB4, 0x9B, 0x43, 0xE8, 0xB5, 0xA4, 0x43, 0xE8,
+	0xB5, 0xB0, 0x43, 0xE8, 0xB5, 0xB7, 0x43, 0xE8,
+	0xB6, 0xB3, 0x43, 0xE8, 0xB6, 0xBC, 0x43, 0xE8,
+	// Bytes 14c0 - 14ff
+	0xB7, 0x8B, 0x43, 0xE8, 0xB7, 0xAF, 0x43, 0xE8,
+	0xB7, 0xB0, 0x43, 0xE8, 0xBA, 0xAB, 0x43, 0xE8,
+	0xBB, 0x8A, 0x43, 0xE8, 0xBB, 0x94, 0x43, 0xE8,
+	0xBC, 0xA6, 0x43, 0xE8, 0xBC, 0xAA, 0x43, 0xE8,
+	0xBC, 0xB8, 0x43, 0xE8, 0xBC, 0xBB, 0x43, 0xE8,
+	0xBD, 0xA2, 0x43, 0xE8, 0xBE, 0x9B, 0x43, 0xE8,
+	0xBE, 0x9E, 0x43, 0xE8, 0xBE, 0xB0, 0x43, 0xE8,
+	0xBE, 0xB5, 0x43, 0xE8, 0xBE, 0xB6, 0x43, 0xE9,
+	// Bytes 1500 - 153f
+	0x80, 0xA3, 0x43, 0xE9, 0x80, 0xB8, 0x43, 0xE9,
+	0x81, 0x8A, 0x43, 0xE9, 0x81, 0xA9, 0x43, 0xE9,
+	0x81, 0xB2, 0x43, 0xE9, 0x81, 0xBC, 0x43, 0xE9,
+	0x82, 0x8F, 0x43, 0xE9, 0x82, 0x91, 0x43, 0xE9,
+	0x82, 0x94, 0x43, 0xE9, 0x83, 0x8E, 0x43, 0xE9,
+	0x83, 0x9E, 0x43, 0xE9, 0x83, 0xB1, 0x43, 0xE9,
+	0x83, 0xBD, 0x43, 0xE9, 0x84, 0x91, 0x43, 0xE9,
+	0x84, 0x9B, 0x43, 0xE9, 0x85, 0x89, 0x43, 0xE9,
+	// Bytes 1540 - 157f
+	0x85, 0x8D, 0x43, 0xE9, 0x85, 0xAA, 0x43, 0xE9,
+	0x86, 0x99, 0x43, 0xE9, 0x86, 0xB4, 0x43, 0xE9,
+	0x87, 0x86, 0x43, 0xE9, 0x87, 0x8C, 0x43, 0xE9,
+	0x87, 0x8F, 0x43, 0xE9, 0x87, 0x91, 0x43, 0xE9,
+	0x88, 0xB4, 0x43, 0xE9, 0x88, 0xB8, 0x43, 0xE9,
+	0x89, 0xB6, 0x43, 0xE9, 0x89, 0xBC, 0x43, 0xE9,
+	0x8B, 0x97, 0x43, 0xE9, 0x8B, 0x98, 0x43, 0xE9,
+	0x8C, 0x84, 0x43, 0xE9, 0x8D, 0x8A, 0x43, 0xE9,
+	// Bytes 1580 - 15bf
+	0x8F, 0xB9, 0x43, 0xE9, 0x90, 0x95, 0x43, 0xE9,
+	0x95, 0xB7, 0x43, 0xE9, 0x96, 0x80, 0x43, 0xE9,
+	0x96, 0x8B, 0x43, 0xE9, 0x96, 0xAD, 0x43, 0xE9,
+	0x96, 0xB7, 0x43, 0xE9, 0x98, 0x9C, 0x43, 0xE9,
+	0x98, 0xAE, 0x43, 0xE9, 0x99, 0x8B, 0x43, 0xE9,
+	0x99, 0x8D, 0x43, 0xE9, 0x99, 0xB5, 0x43, 0xE9,
+	0x99, 0xB8, 0x43, 0xE9, 0x99, 0xBC, 0x43, 0xE9,
+	0x9A, 0x86, 0x43, 0xE9, 0x9A, 0xA3, 0x43, 0xE9,
+	// Bytes 15c0 - 15ff
+	0x9A, 0xB6, 0x43, 0xE9, 0x9A, 0xB7, 0x43, 0xE9,
+	0x9A, 0xB8, 0x43, 0xE9, 0x9A, 0xB9, 0x43, 0xE9,
+	0x9B, 0x83, 0x43, 0xE9, 0x9B, 0xA2, 0x43, 0xE9,
+	0x9B, 0xA3, 0x43, 0xE9, 0x9B, 0xA8, 0x43, 0xE9,
+	0x9B, 0xB6, 0x43, 0xE9, 0x9B, 0xB7, 0x43, 0xE9,
+	0x9C, 0xA3, 0x43, 0xE9, 0x9C, 0xB2, 0x43, 0xE9,
+	0x9D, 0x88, 0x43, 0xE9, 0x9D, 0x91, 0x43, 0xE9,
+	0x9D, 0x96, 0x43, 0xE9, 0x9D, 0x9E, 0x43, 0xE9,
+	// Bytes 1600 - 163f
+	0x9D, 0xA2, 0x43, 0xE9, 0x9D, 0xA9, 0x43, 0xE9,
+	0x9F, 0x8B, 0x43, 0xE9, 0x9F, 0x9B, 0x43, 0xE9,
+	0x9F, 0xA0, 0x43, 0xE9, 0x9F, 0xAD, 0x43, 0xE9,
+	0x9F, 0xB3, 0x43, 0xE9, 0x9F, 0xBF, 0x43, 0xE9,
+	0xA0, 0x81, 0x43, 0xE9, 0xA0, 0x85, 0x43, 0xE9,
+	0xA0, 0x8B, 0x43, 0xE9, 0xA0, 0x98, 0x43, 0xE9,
+	0xA0, 0xA9, 0x43, 0xE9, 0xA0, 0xBB, 0x43, 0xE9,
+	0xA1, 0x9E, 0x43, 0xE9, 0xA2, 0xA8, 0x43, 0xE9,
+	// Bytes 1640 - 167f
+	0xA3, 0x9B, 0x43, 0xE9, 0xA3, 0x9F, 0x43, 0xE9,
+	0xA3, 0xA2, 0x43, 0xE9, 0xA3, 0xAF, 0x43, 0xE9,
+	0xA3, 0xBC, 0x43, 0xE9, 0xA4, 0xA8, 0x43, 0xE9,
+	0xA4, 0xA9, 0x43, 0xE9, 0xA6, 0x96, 0x43, 0xE9,
+	0xA6, 0x99, 0x43, 0xE9, 0xA6, 0xA7, 0x43, 0xE9,
+	0xA6, 0xAC, 0x43, 0xE9, 0xA7, 0x82, 0x43, 0xE9,
+	0xA7, 0xB1, 0x43, 0xE9, 0xA7, 0xBE, 0x43, 0xE9,
+	0xA9, 0xAA, 0x43, 0xE9, 0xAA, 0xA8, 0x43, 0xE9,
+	// Bytes 1680 - 16bf
+	0xAB, 0x98, 0x43, 0xE9, 0xAB, 0x9F, 0x43, 0xE9,
+	0xAC, 0x92, 0x43, 0xE9, 0xAC, 0xA5, 0x43, 0xE9,
+	0xAC, 0xAF, 0x43, 0xE9, 0xAC, 0xB2, 0x43, 0xE9,
+	0xAC, 0xBC, 0x43, 0xE9, 0xAD, 0x9A, 0x43, 0xE9,
+	0xAD, 0xAF, 0x43, 0xE9, 0xB1, 0x80, 0x43, 0xE9,
+	0xB1, 0x97, 0x43, 0xE9, 0xB3, 0xA5, 0x43, 0xE9,
+	0xB3, 0xBD, 0x43, 0xE9, 0xB5, 0xA7, 0x43, 0xE9,
+	0xB6, 0xB4, 0x43, 0xE9, 0xB7, 0xBA, 0x43, 0xE9,
+	// Bytes 16c0 - 16ff
+	0xB8, 0x9E, 0x43, 0xE9, 0xB9, 0xB5, 0x43, 0xE9,
+	0xB9, 0xBF, 0x43, 0xE9, 0xBA, 0x97, 0x43, 0xE9,
+	0xBA, 0x9F, 0x43, 0xE9, 0xBA, 0xA5, 0x43, 0xE9,
+	0xBA, 0xBB, 0x43, 0xE9, 0xBB, 0x83, 0x43, 0xE9,
+	0xBB, 0x8D, 0x43, 0xE9, 0xBB, 0x8E, 0x43, 0xE9,
+	0xBB, 0x91, 0x43, 0xE9, 0xBB, 0xB9, 0x43, 0xE9,
+	0xBB, 0xBD, 0x43, 0xE9, 0xBB, 0xBE, 0x43, 0xE9,
+	0xBC, 0x85, 0x43, 0xE9, 0xBC, 0x8E, 0x43, 0xE9,
+	// Bytes 1700 - 173f
+	0xBC, 0x8F, 0x43, 0xE9, 0xBC, 0x93, 0x43, 0xE9,
+	0xBC, 0x96, 0x43, 0xE9, 0xBC, 0xA0, 0x43, 0xE9,
+	0xBC, 0xBB, 0x43, 0xE9, 0xBD, 0x83, 0x43, 0xE9,
+	0xBD, 0x8A, 0x43, 0xE9, 0xBD, 0x92, 0x43, 0xE9,
+	0xBE, 0x8D, 0x43, 0xE9, 0xBE, 0x8E, 0x43, 0xE9,
+	0xBE, 0x9C, 0x43, 0xE9, 0xBE, 0x9F, 0x43, 0xE9,
+	0xBE, 0xA0, 0x43, 0xEA, 0x99, 0x91, 0x43, 0xEA,
+	0x9A, 0x89, 0x43, 0xEA, 0x9C, 0xA7, 0x43, 0xEA,
+	// Bytes 1740 - 177f
+	0x9D, 0xAF, 0x43, 0xEA, 0x9E, 0x8E, 0x43, 0xEA,
+	0xAC, 0xB7, 0x43, 0xEA, 0xAD, 0x92, 0x43, 0xEA,
+	0xAD, 0xA6, 0x43, 0xEA, 0xAD, 0xA7, 0x44, 0xF0,
+	0x9D, 0xBC, 0x84, 0x44, 0xF0, 0x9D, 0xBC, 0x85,
+	0x44, 0xF0, 0x9D, 0xBC, 0x86, 0x44, 0xF0, 0x9D,
+	0xBC, 0x88, 0x44, 0xF0, 0x9D, 0xBC, 0x8A, 0x44,
+	0xF0, 0x9D, 0xBC, 0x9E, 0x44, 0xF0, 0xA0, 0x84,
+	0xA2, 0x44, 0xF0, 0xA0, 0x94, 0x9C, 0x44, 0xF0,
+	// Bytes 1780 - 17bf
+	0xA0, 0x94, 0xA5, 0x44, 0xF0, 0xA0, 0x95, 0x8B,
+	0x44, 0xF0, 0xA0, 0x98, 0xBA, 0x44, 0xF0, 0xA0,
+	0xA0, 0x84, 0x44, 0xF0, 0xA0, 0xA3, 0x9E, 0x44,
+	0xF0, 0xA0, 0xA8, 0xAC, 0x44, 0xF0, 0xA0, 0xAD,
+	0xA3, 0x44, 0xF0, 0xA1, 0x93, 0xA4, 0x44, 0xF0,
+	0xA1, 0x9A, 0xA8, 0x44, 0xF0, 0xA1, 0x9B, 0xAA,
+	0x44, 0xF0, 0xA1, 0xA7, 0x88, 0x44, 0xF0, 0xA1,
+	0xAC, 0x98, 0x44, 0xF0, 0xA1, 0xB4, 0x8B, 0x44,
+	// Bytes 17c0 - 17ff
+	0xF0, 0xA1, 0xB7, 0xA4, 0x44, 0xF0, 0xA1, 0xB7,
+	0xA6, 0x44, 0xF0, 0xA2, 0x86, 0x83, 0x44, 0xF0,
+	0xA2, 0x86, 0x9F, 0x44, 0xF0, 0xA2, 0x8C, 0xB1,
+	0x44, 0xF0, 0xA2, 0x9B, 0x94, 0x44, 0xF0, 0xA2,
+	0xA1, 0x84, 0x44, 0xF0, 0xA2, 0xA1, 0x8A, 0x44,
+	0xF0, 0xA2, 0xAC, 0x8C, 0x44, 0xF0, 0xA2, 0xAF,
+	0xB1, 0x44, 0xF0, 0xA3, 0x80, 0x8A, 0x44, 0xF0,
+	0xA3, 0x8A, 0xB8, 0x44, 0xF0, 0xA3, 0x8D, 0x9F,
+	// Bytes 1800 - 183f
+	0x44, 0xF0, 0xA3, 0x8E, 0x93, 0x44, 0xF0, 0xA3,
+	0x8E, 0x9C, 0x44, 0xF0, 0xA3, 0x8F, 0x83, 0x44,
+	0xF0, 0xA3, 0x8F, 0x95, 0x44, 0xF0, 0xA3, 0x91,
+	0xAD, 0x44, 0xF0, 0xA3, 0x9A, 0xA3, 0x44, 0xF0,
+	0xA3, 0xA2, 0xA7, 0x44, 0xF0, 0xA3, 0xAA, 0x8D,
+	0x44, 0xF0, 0xA3, 0xAB, 0xBA, 0x44, 0xF0, 0xA3,
+	0xB2, 0xBC, 0x44, 0xF0, 0xA3, 0xB4, 0x9E, 0x44,
+	0xF0, 0xA3, 0xBB, 0x91, 0x44, 0xF0, 0xA3, 0xBD,
+	// Bytes 1840 - 187f
+	0x9E, 0x44, 0xF0, 0xA3, 0xBE, 0x8E, 0x44, 0xF0,
+	0xA4, 0x89, 0xA3, 0x44, 0xF0, 0xA4, 0x8B, 0xAE,
+	0x44, 0xF0, 0xA4, 0x8E, 0xAB, 0x44, 0xF0, 0xA4,
+	0x98, 0x88, 0x44, 0xF0, 0xA4, 0x9C, 0xB5, 0x44,
+	0xF0, 0xA4, 0xA0, 0x94, 0x44, 0xF0, 0xA4, 0xB0,
+	0xB6, 0x44, 0xF0, 0xA4, 0xB2, 0x92, 0x44, 0xF0,
+	0xA4, 0xBE, 0xA1, 0x44, 0xF0, 0xA4, 0xBE, 0xB8,
+	0x44, 0xF0, 0xA5, 0x81, 0x84, 0x44, 0xF0, 0xA5,
+	// Bytes 1880 - 18bf
+	0x83, 0xB2, 0x44, 0xF0, 0xA5, 0x83, 0xB3, 0x44,
+	0xF0, 0xA5, 0x84, 0x99, 0x44, 0xF0, 0xA5, 0x84,
+	0xB3, 0x44, 0xF0, 0xA5, 0x89, 0x89, 0x44, 0xF0,
+	0xA5, 0x90, 0x9D, 0x44, 0xF0, 0xA5, 0x98, 0xA6,
+	0x44, 0xF0, 0xA5, 0x9A, 0x9A, 0x44, 0xF0, 0xA5,
+	0x9B, 0x85, 0x44, 0xF0, 0xA5, 0xA5, 0xBC, 0x44,
+	0xF0, 0xA5, 0xAA, 0xA7, 0x44, 0xF0, 0xA5, 0xAE,
+	0xAB, 0x44, 0xF0, 0xA5, 0xB2, 0x80, 0x44, 0xF0,
+	// Bytes 18c0 - 18ff
+	0xA5, 0xB3, 0x90, 0x44, 0xF0, 0xA5, 0xBE, 0x86,
+	0x44, 0xF0, 0xA6, 0x87, 0x9A, 0x44, 0xF0, 0xA6,
+	0x88, 0xA8, 0x44, 0xF0, 0xA6, 0x89, 0x87, 0x44,
+	0xF0, 0xA6, 0x8B, 0x99, 0x44, 0xF0, 0xA6, 0x8C,
+	0xBE, 0x44, 0xF0, 0xA6, 0x93, 0x9A, 0x44, 0xF0,
+	0xA6, 0x94, 0xA3, 0x44, 0xF0, 0xA6, 0x96, 0xA8,
+	0x44, 0xF0, 0xA6, 0x9E, 0xA7, 0x44, 0xF0, 0xA6,
+	0x9E, 0xB5, 0x44, 0xF0, 0xA6, 0xAC, 0xBC, 0x44,
+	// Bytes 1900 - 193f
+	0xF0, 0xA6, 0xB0, 0xB6, 0x44, 0xF0, 0xA6, 0xB3,
+	0x95, 0x44, 0xF0, 0xA6, 0xB5, 0xAB, 0x44, 0xF0,
+	0xA6, 0xBC, 0xAC, 0x44, 0xF0, 0xA6, 0xBE, 0xB1,
+	0x44, 0xF0, 0xA7, 0x83, 0x92, 0x44, 0xF0, 0xA7,
+	0x8F, 0x8A, 0x44, 0xF0, 0xA7, 0x99, 0xA7, 0x44,
+	0xF0, 0xA7, 0xA2, 0xAE, 0x44, 0xF0, 0xA7, 0xA5,
+	0xA6, 0x44, 0xF0, 0xA7, 0xB2, 0xA8, 0x44, 0xF0,
+	0xA7, 0xBB, 0x93, 0x44, 0xF0, 0xA7, 0xBC, 0xAF,
+	// Bytes 1940 - 197f
+	0x44, 0xF0, 0xA8, 0x97, 0x92, 0x44, 0xF0, 0xA8,
+	0x97, 0xAD, 0x44, 0xF0, 0xA8, 0x9C, 0xAE, 0x44,
+	0xF0, 0xA8, 0xAF, 0xBA, 0x44, 0xF0, 0xA8, 0xB5,
+	0xB7, 0x44, 0xF0, 0xA9, 0x85, 0x85, 0x44, 0xF0,
+	0xA9, 0x87, 0x9F, 0x44, 0xF0, 0xA9, 0x88, 0x9A,
+	0x44, 0xF0, 0xA9, 0x90, 0x8A, 0x44, 0xF0, 0xA9,
+	0x92, 0x96, 0x44, 0xF0, 0xA9, 0x96, 0xB6, 0x44,
+	0xF0, 0xA9, 0xAC, 0xB0, 0x44, 0xF0, 0xAA, 0x83,
+	// Bytes 1980 - 19bf
+	0x8E, 0x44, 0xF0, 0xAA, 0x84, 0x85, 0x44, 0xF0,
+	0xAA, 0x88, 0x8E, 0x44, 0xF0, 0xAA, 0x8A, 0x91,
+	0x44, 0xF0, 0xAA, 0x8E, 0x92, 0x44, 0xF0, 0xAA,
+	0x98, 0x80, 0x42, 0x21, 0x21, 0x42, 0x21, 0x3F,
+	0x42, 0x2E, 0x2E, 0x42, 0x30, 0x2C, 0x42, 0x30,
+	0x2E, 0x42, 0x31, 0x2C, 0x42, 0x31, 0x2E, 0x42,
+	0x31, 0x30, 0x42, 0x31, 0x31, 0x42, 0x31, 0x32,
+	0x42, 0x31, 0x33, 0x42, 0x31, 0x34, 0x42, 0x31,
+	// Bytes 19c0 - 19ff
+	0x35, 0x42, 0x31, 0x36, 0x42, 0x31, 0x37, 0x42,
+	0x31, 0x38, 0x42, 0x31, 0x39, 0x42, 0x32, 0x2C,
+	0x42, 0x32, 0x2E, 0x42, 0x32, 0x30, 0x42, 0x32,
+	0x31, 0x42, 0x32, 0x32, 0x42, 0x32, 0x33, 0x42,
+	0x32, 0x34, 0x42, 0x32, 0x35, 0x42, 0x32, 0x36,
+	0x42, 0x32, 0x37, 0x42, 0x32, 0x38, 0x42, 0x32,
+	0x39, 0x42, 0x33, 0x2C, 0x42, 0x33, 0x2E, 0x42,
+	0x33, 0x30, 0x42, 0x33, 0x31, 0x42, 0x33, 0x32,
+	// Bytes 1a00 - 1a3f
+	0x42, 0x33, 0x33, 0x42, 0x33, 0x34, 0x42, 0x33,
+	0x35, 0x42, 0x33, 0x36, 0x42, 0x33, 0x37, 0x42,
+	0x33, 0x38, 0x42, 0x33, 0x39, 0x42, 0x34, 0x2C,
+	0x42, 0x34, 0x2E, 0x42, 0x34, 0x30, 0x42, 0x34,
+	0x31, 0x42, 0x34, 0x32, 0x42, 0x34, 0x33, 0x42,
+	0x34, 0x34, 0x42, 0x34, 0x35, 0x42, 0x34, 0x36,
+	0x42, 0x34, 0x37, 0x42, 0x34, 0x38, 0x42, 0x34,
+	0x39, 0x42, 0x35, 0x2C, 0x42, 0x35, 0x2E, 0x42,
+	// Bytes 1a40 - 1a7f
+	0x35, 0x30, 0x42, 0x36, 0x2C, 0x42, 0x36, 0x2E,
+	0x42, 0x37, 0x2C, 0x42, 0x37, 0x2E, 0x42, 0x38,
+	0x2C, 0x42, 0x38, 0x2E, 0x42, 0x39, 0x2C, 0x42,
+	0x39, 0x2E, 0x42, 0x3D, 0x3D, 0x42, 0x3F, 0x21,
+	0x42, 0x3F, 0x3F, 0x42, 0x41, 0x55, 0x42, 0x42,
+	0x71, 0x42, 0x43, 0x44, 0x42, 0x44, 0x4A, 0x42,
+	0x44, 0x5A, 0x42, 0x44, 0x7A, 0x42, 0x47, 0x42,
+	0x42, 0x47, 0x79, 0x42, 0x48, 0x50, 0x42, 0x48,
+	// Bytes 1a80 - 1abf
+	0x56, 0x42, 0x48, 0x67, 0x42, 0x48, 0x7A, 0x42,
+	0x49, 0x49, 0x42, 0x49, 0x4A, 0x42, 0x49, 0x55,
+	0x42, 0x49, 0x56, 0x42, 0x49, 0x58, 0x42, 0x4B,
+	0x42, 0x42, 0x4B, 0x4B, 0x42, 0x4B, 0x4D, 0x42,
+	0x4C, 0x4A, 0x42, 0x4C, 0x6A, 0x42, 0x4D, 0x42,
+	0x42, 0x4D, 0x43, 0x42, 0x4D, 0x44, 0x42, 0x4D,
+	0x52, 0x42, 0x4D, 0x56, 0x42, 0x4D, 0x57, 0x42,
+	0x4E, 0x4A, 0x42, 0x4E, 0x6A, 0x42, 0x4E, 0x6F,
+	// Bytes 1ac0 - 1aff
+	0x42, 0x50, 0x48, 0x42, 0x50, 0x52, 0x42, 0x50,
+	0x61, 0x42, 0x52, 0x73, 0x42, 0x53, 0x44, 0x42,
+	0x53, 0x4D, 0x42, 0x53, 0x53, 0x42, 0x53, 0x76,
+	0x42, 0x54, 0x4D, 0x42, 0x56, 0x49, 0x42, 0x57,
+	0x43, 0x42, 0x57, 0x5A, 0x42, 0x57, 0x62, 0x42,
+	0x58, 0x49, 0x42, 0x63, 0x63, 0x42, 0x63, 0x64,
+	0x42, 0x63, 0x6D, 0x42, 0x64, 0x42, 0x42, 0x64,
+	0x61, 0x42, 0x64, 0x6C, 0x42, 0x64, 0x6D, 0x42,
+	// Bytes 1b00 - 1b3f
+	0x64, 0x7A, 0x42, 0x65, 0x56, 0x42, 0x66, 0x66,
+	0x42, 0x66, 0x69, 0x42, 0x66, 0x6C, 0x42, 0x66,
+	0x6D, 0x42, 0x68, 0x61, 0x42, 0x69, 0x69, 0x42,
+	0x69, 0x6A, 0x42, 0x69, 0x6E, 0x42, 0x69, 0x76,
+	0x42, 0x69, 0x78, 0x42, 0x6B, 0x41, 0x42, 0x6B,
+	0x56, 0x42, 0x6B, 0x57, 0x42, 0x6B, 0x67, 0x42,
+	0x6B, 0x6C, 0x42, 0x6B, 0x6D, 0x42, 0x6B, 0x74,
+	0x42, 0x6C, 0x6A, 0x42, 0x6C, 0x6D, 0x42, 0x6C,
+	// Bytes 1b40 - 1b7f
+	0x6E, 0x42, 0x6C, 0x78, 0x42, 0x6D, 0x32, 0x42,
+	0x6D, 0x33, 0x42, 0x6D, 0x41, 0x42, 0x6D, 0x56,
+	0x42, 0x6D, 0x57, 0x42, 0x6D, 0x62, 0x42, 0x6D,
+	0x67, 0x42, 0x6D, 0x6C, 0x42, 0x6D, 0x6D, 0x42,
+	0x6D, 0x73, 0x42, 0x6E, 0x41, 0x42, 0x6E, 0x46,
+	0x42, 0x6E, 0x56, 0x42, 0x6E, 0x57, 0x42, 0x6E,
+	0x6A, 0x42, 0x6E, 0x6D, 0x42, 0x6E, 0x73, 0x42,
+	0x6F, 0x56, 0x42, 0x70, 0x41, 0x42, 0x70, 0x46,
+	// Bytes 1b80 - 1bbf
+	0x42, 0x70, 0x56, 0x42, 0x70, 0x57, 0x42, 0x70,
+	0x63, 0x42, 0x70, 0x73, 0x42, 0x73, 0x72, 0x42,
+	0x73, 0x74, 0x42, 0x76, 0x69, 0x42, 0x78, 0x69,
+	0x43, 0x28, 0x31, 0x29, 0x43, 0x28, 0x32, 0x29,
+	0x43, 0x28, 0x33, 0x29, 0x43, 0x28, 0x34, 0x29,
+	0x43, 0x28, 0x35, 0x29, 0x43, 0x28, 0x36, 0x29,
+	0x43, 0x28, 0x37, 0x29, 0x43, 0x28, 0x38, 0x29,
+	0x43, 0x28, 0x39, 0x29, 0x43, 0x28, 0x41, 0x29,
+	// Bytes 1bc0 - 1bff
+	0x43, 0x28, 0x42, 0x29, 0x43, 0x28, 0x43, 0x29,
+	0x43, 0x28, 0x44, 0x29, 0x43, 0x28, 0x45, 0x29,
+	0x43, 0x28, 0x46, 0x29, 0x43, 0x28, 0x47, 0x29,
+	0x43, 0x28, 0x48, 0x29, 0x43, 0x28, 0x49, 0x29,
+	0x43, 0x28, 0x4A, 0x29, 0x43, 0x28, 0x4B, 0x29,
+	0x43, 0x28, 0x4C, 0x29, 0x43, 0x28, 0x4D, 0x29,
+	0x43, 0x28, 0x4E, 0x29, 0x43, 0x28, 0x4F, 0x29,
+	0x43, 0x28, 0x50, 0x29, 0x43, 0x28, 0x51, 0x29,
+	// Bytes 1c00 - 1c3f
+	0x43, 0x28, 0x52, 0x29, 0x43, 0x28, 0x53, 0x29,
+	0x43, 0x28, 0x54, 0x29, 0x43, 0x28, 0x55, 0x29,
+	0x43, 0x28, 0x56, 0x29, 0x43, 0x28, 0x57, 0x29,
+	0x43, 0x28, 0x58, 0x29, 0x43, 0x28, 0x59, 0x29,
+	0x43, 0x28, 0x5A, 0x29, 0x43, 0x28, 0x61, 0x29,
+	0x43, 0x28, 0x62, 0x29, 0x43, 0x28, 0x63, 0x29,
+	0x43, 0x28, 0x64, 0x29, 0x43, 0x28, 0x65, 0x29,
+	0x43, 0x28, 0x66, 0x29, 0x43, 0x28, 0x67, 0x29,
+	// Bytes 1c40 - 1c7f
+	0x43, 0x28, 0x68, 0x29, 0x43, 0x28, 0x69, 0x29,
+	0x43, 0x28, 0x6A, 0x29, 0x43, 0x28, 0x6B, 0x29,
+	0x43, 0x28, 0x6C, 0x29, 0x43, 0x28, 0x6D, 0x29,
+	0x43, 0x28, 0x6E, 0x29, 0x43, 0x28, 0x6F, 0x29,
+	0x43, 0x28, 0x70, 0x29, 0x43, 0x28, 0x71, 0x29,
+	0x43, 0x28, 0x72, 0x29, 0x43, 0x28, 0x73, 0x29,
+	0x43, 0x28, 0x74, 0x29, 0x43, 0x28, 0x75, 0x29,
+	0x43, 0x28, 0x76, 0x29, 0x43, 0x28, 0x77, 0x29,
+	// Bytes 1c80 - 1cbf
+	0x43, 0x28, 0x78, 0x29, 0x43, 0x28, 0x79, 0x29,
+	0x43, 0x28, 0x7A, 0x29, 0x43, 0x2E, 0x2E, 0x2E,
+	0x43, 0x31, 0x30, 0x2E, 0x43, 0x31, 0x31, 0x2E,
+	0x43, 0x31, 0x32, 0x2E, 0x43, 0x31, 0x33, 0x2E,
+	0x43, 0x31, 0x34, 0x2E, 0x43, 0x31, 0x35, 0x2E,
+	0x43, 0x31, 0x36, 0x2E, 0x43, 0x31, 0x37, 0x2E,
+	0x43, 0x31, 0x38, 0x2E, 0x43, 0x31, 0x39, 0x2E,
+	0x43, 0x32, 0x30, 0x2E, 0x43, 0x3A, 0x3A, 0x3D,
+	// Bytes 1cc0 - 1cff
+	0x43, 0x3D, 0x3D, 0x3D, 0x43, 0x43, 0x6F, 0x2E,
+	0x43, 0x46, 0x41, 0x58, 0x43, 0x47, 0x48, 0x7A,
+	0x43, 0x47, 0x50, 0x61, 0x43, 0x49, 0x49, 0x49,
+	0x43, 0x4C, 0x54, 0x44, 0x43, 0x4C, 0xC2, 0xB7,
+	0x43, 0x4D, 0x48, 0x7A, 0x43, 0x4D, 0x50, 0x61,
+	0x43, 0x4D, 0xCE, 0xA9, 0x43, 0x50, 0x50, 0x4D,
+	0x43, 0x50, 0x50, 0x56, 0x43, 0x50, 0x54, 0x45,
+	0x43, 0x54, 0x45, 0x4C, 0x43, 0x54, 0x48, 0x7A,
+	// Bytes 1d00 - 1d3f
+	0x43, 0x56, 0x49, 0x49, 0x43, 0x58, 0x49, 0x49,
+	0x43, 0x61, 0x2F, 0x63, 0x43, 0x61, 0x2F, 0x73,
+	0x43, 0x61, 0xCA, 0xBE, 0x43, 0x62, 0x61, 0x72,
+	0x43, 0x63, 0x2F, 0x6F, 0x43, 0x63, 0x2F, 0x75,
+	0x43, 0x63, 0x61, 0x6C, 0x43, 0x63, 0x6D, 0x32,
+	0x43, 0x63, 0x6D, 0x33, 0x43, 0x64, 0x6D, 0x32,
+	0x43, 0x64, 0x6D, 0x33, 0x43, 0x65, 0x72, 0x67,
+	0x43, 0x66, 0x66, 0x69, 0x43, 0x66, 0x66, 0x6C,
+	// Bytes 1d40 - 1d7f
+	0x43, 0x67, 0x61, 0x6C, 0x43, 0x68, 0x50, 0x61,
+	0x43, 0x69, 0x69, 0x69, 0x43, 0x6B, 0x48, 0x7A,
+	0x43, 0x6B, 0x50, 0x61, 0x43, 0x6B, 0x6D, 0x32,
+	0x43, 0x6B, 0x6D, 0x33, 0x43, 0x6B, 0xCE, 0xA9,
+	0x43, 0x6C, 0x6F, 0x67, 0x43, 0x6C, 0xC2, 0xB7,
+	0x43, 0x6D, 0x69, 0x6C, 0x43, 0x6D, 0x6D, 0x32,
+	0x43, 0x6D, 0x6D, 0x33, 0x43, 0x6D, 0x6F, 0x6C,
+	0x43, 0x72, 0x61, 0x64, 0x43, 0x76, 0x69, 0x69,
+	// Bytes 1d80 - 1dbf
+	0x43, 0x78, 0x69, 0x69, 0x43, 0xC2, 0xB0, 0x43,
+	0x43, 0xC2, 0xB0, 0x46, 0x43, 0xCA, 0xBC, 0x6E,
+	0x43, 0xCE, 0xBC, 0x41, 0x43, 0xCE, 0xBC, 0x46,
+	0x43, 0xCE, 0xBC, 0x56, 0x43, 0xCE, 0xBC, 0x57,
+	0x43, 0xCE, 0xBC, 0x67, 0x43, 0xCE, 0xBC, 0x6C,
+	0x43, 0xCE, 0xBC, 0x6D, 0x43, 0xCE, 0xBC, 0x73,
+	0x44, 0x28, 0x31, 0x30, 0x29, 0x44, 0x28, 0x31,
+	0x31, 0x29, 0x44, 0x28, 0x31, 0x32, 0x29, 0x44,
+	// Bytes 1dc0 - 1dff
+	0x28, 0x31, 0x33, 0x29, 0x44, 0x28, 0x31, 0x34,
+	0x29, 0x44, 0x28, 0x31, 0x35, 0x29, 0x44, 0x28,
+	0x31, 0x36, 0x29, 0x44, 0x28, 0x31, 0x37, 0x29,
+	0x44, 0x28, 0x31, 0x38, 0x29, 0x44, 0x28, 0x31,
+	0x39, 0x29, 0x44, 0x28, 0x32, 0x30, 0x29, 0x44,
+	0x30, 0xE7, 0x82, 0xB9, 0x44, 0x31, 0xE2, 0x81,
+	0x84, 0x44, 0x31, 0xE6, 0x97, 0xA5, 0x44, 0x31,
+	0xE6, 0x9C, 0x88, 0x44, 0x31, 0xE7, 0x82, 0xB9,
+	// Bytes 1e00 - 1e3f
+	0x44, 0x32, 0xE6, 0x97, 0xA5, 0x44, 0x32, 0xE6,
+	0x9C, 0x88, 0x44, 0x32, 0xE7, 0x82, 0xB9, 0x44,
+	0x33, 0xE6, 0x97, 0xA5, 0x44, 0x33, 0xE6, 0x9C,
+	0x88, 0x44, 0x33, 0xE7, 0x82, 0xB9, 0x44, 0x34,
+	0xE6, 0x97, 0xA5, 0x44, 0x34, 0xE6, 0x9C, 0x88,
+	0x44, 0x34, 0xE7, 0x82, 0xB9, 0x44, 0x35, 0xE6,
+	0x97, 0xA5, 0x44, 0x35, 0xE6, 0x9C, 0x88, 0x44,
+	0x35, 0xE7, 0x82, 0xB9, 0x44, 0x36, 0xE6, 0x97,
+	// Bytes 1e40 - 1e7f
+	0xA5, 0x44, 0x36, 0xE6, 0x9C, 0x88, 0x44, 0x36,
+	0xE7, 0x82, 0xB9, 0x44, 0x37, 0xE6, 0x97, 0xA5,
+	0x44, 0x37, 0xE6, 0x9C, 0x88, 0x44, 0x37, 0xE7,
+	0x82, 0xB9, 0x44, 0x38, 0xE6, 0x97, 0xA5, 0x44,
+	0x38, 0xE6, 0x9C, 0x88, 0x44, 0x38, 0xE7, 0x82,
+	0xB9, 0x44, 0x39, 0xE6, 0x97, 0xA5, 0x44, 0x39,
+	0xE6, 0x9C, 0x88, 0x44, 0x39, 0xE7, 0x82, 0xB9,
+	0x44, 0x56, 0x49, 0x49, 0x49, 0x44, 0x61, 0x2E,
+	// Bytes 1e80 - 1ebf
+	0x6D, 0x2E, 0x44, 0x6B, 0x63, 0x61, 0x6C, 0x44,
+	0x70, 0x2E, 0x6D, 0x2E, 0x44, 0x76, 0x69, 0x69,
+	0x69, 0x44, 0xD5, 0xA5, 0xD6, 0x82, 0x44, 0xD5,
+	0xB4, 0xD5, 0xA5, 0x44, 0xD5, 0xB4, 0xD5, 0xAB,
+	0x44, 0xD5, 0xB4, 0xD5, 0xAD, 0x44, 0xD5, 0xB4,
+	0xD5, 0xB6, 0x44, 0xD5, 0xBE, 0xD5, 0xB6, 0x44,
+	0xD7, 0x90, 0xD7, 0x9C, 0x44, 0xD8, 0xA7, 0xD9,
+	0xB4, 0x44, 0xD8, 0xA8, 0xD8, 0xAC, 0x44, 0xD8,
+	// Bytes 1ec0 - 1eff
+	0xA8, 0xD8, 0xAD, 0x44, 0xD8, 0xA8, 0xD8, 0xAE,
+	0x44, 0xD8, 0xA8, 0xD8, 0xB1, 0x44, 0xD8, 0xA8,
+	0xD8, 0xB2, 0x44, 0xD8, 0xA8, 0xD9, 0x85, 0x44,
+	0xD8, 0xA8, 0xD9, 0x86, 0x44, 0xD8, 0xA8, 0xD9,
+	0x87, 0x44, 0xD8, 0xA8, 0xD9, 0x89, 0x44, 0xD8,
+	0xA8, 0xD9, 0x8A, 0x44, 0xD8, 0xAA, 0xD8, 0xAC,
+	0x44, 0xD8, 0xAA, 0xD8, 0xAD, 0x44, 0xD8, 0xAA,
+	0xD8, 0xAE, 0x44, 0xD8, 0xAA, 0xD8, 0xB1, 0x44,
+	// Bytes 1f00 - 1f3f
+	0xD8, 0xAA, 0xD8, 0xB2, 0x44, 0xD8, 0xAA, 0xD9,
+	0x85, 0x44, 0xD8, 0xAA, 0xD9, 0x86, 0x44, 0xD8,
+	0xAA, 0xD9, 0x87, 0x44, 0xD8, 0xAA, 0xD9, 0x89,
+	0x44, 0xD8, 0xAA, 0xD9, 0x8A, 0x44, 0xD8, 0xAB,
+	0xD8, 0xAC, 0x44, 0xD8, 0xAB, 0xD8, 0xB1, 0x44,
+	0xD8, 0xAB, 0xD8, 0xB2, 0x44, 0xD8, 0xAB, 0xD9,
+	0x85, 0x44, 0xD8, 0xAB, 0xD9, 0x86, 0x44, 0xD8,
+	0xAB, 0xD9, 0x87, 0x44, 0xD8, 0xAB, 0xD9, 0x89,
+	// Bytes 1f40 - 1f7f
+	0x44, 0xD8, 0xAB, 0xD9, 0x8A, 0x44, 0xD8, 0xAC,
+	0xD8, 0xAD, 0x44, 0xD8, 0xAC, 0xD9, 0x85, 0x44,
+	0xD8, 0xAC, 0xD9, 0x89, 0x44, 0xD8, 0xAC, 0xD9,
+	0x8A, 0x44, 0xD8, 0xAD, 0xD8, 0xAC, 0x44, 0xD8,
+	0xAD, 0xD9, 0x85, 0x44, 0xD8, 0xAD, 0xD9, 0x89,
+	0x44, 0xD8, 0xAD, 0xD9, 0x8A, 0x44, 0xD8, 0xAE,
+	0xD8, 0xAC, 0x44, 0xD8, 0xAE, 0xD8, 0xAD, 0x44,
+	0xD8, 0xAE, 0xD9, 0x85, 0x44, 0xD8, 0xAE, 0xD9,
+	// Bytes 1f80 - 1fbf
+	0x89, 0x44, 0xD8, 0xAE, 0xD9, 0x8A, 0x44, 0xD8,
+	0xB3, 0xD8, 0xAC, 0x44, 0xD8, 0xB3, 0xD8, 0xAD,
+	0x44, 0xD8, 0xB3, 0xD8, 0xAE, 0x44, 0xD8, 0xB3,
+	0xD8, 0xB1, 0x44, 0xD8, 0xB3, 0xD9, 0x85, 0x44,
+	0xD8, 0xB3, 0xD9, 0x87, 0x44, 0xD8, 0xB3, 0xD9,
+	0x89, 0x44, 0xD8, 0xB3, 0xD9, 0x8A, 0x44, 0xD8,
+	0xB4, 0xD8, 0xAC, 0x44, 0xD8, 0xB4, 0xD8, 0xAD,
+	0x44, 0xD8, 0xB4, 0xD8, 0xAE, 0x44, 0xD8, 0xB4,
+	// Bytes 1fc0 - 1fff
+	0xD8, 0xB1, 0x44, 0xD8, 0xB4, 0xD9, 0x85, 0x44,
+	0xD8, 0xB4, 0xD9, 0x87, 0x44, 0xD8, 0xB4, 0xD9,
+	0x89, 0x44, 0xD8, 0xB4, 0xD9, 0x8A, 0x44, 0xD8,
+	0xB5, 0xD8, 0xAD, 0x44, 0xD8, 0xB5, 0xD8, 0xAE,
+	0x44, 0xD8, 0xB5, 0xD8, 0xB1, 0x44, 0xD8, 0xB5,
+	0xD9, 0x85, 0x44, 0xD8, 0xB5, 0xD9, 0x89, 0x44,
+	0xD8, 0xB5, 0xD9, 0x8A, 0x44, 0xD8, 0xB6, 0xD8,
+	0xAC, 0x44, 0xD8, 0xB6, 0xD8, 0xAD, 0x44, 0xD8,
+	// Bytes 2000 - 203f
+	0xB6, 0xD8, 0xAE, 0x44, 0xD8, 0xB6, 0xD8, 0xB1,
+	0x44, 0xD8, 0xB6, 0xD9, 0x85, 0x44, 0xD8, 0xB6,
+	0xD9, 0x89, 0x44, 0xD8, 0xB6, 0xD9, 0x8A, 0x44,
+	0xD8, 0xB7, 0xD8, 0xAD, 0x44, 0xD8, 0xB7, 0xD9,
+	0x85, 0x44, 0xD8, 0xB7, 0xD9, 0x89, 0x44, 0xD8,
+	0xB7, 0xD9, 0x8A, 0x44, 0xD8, 0xB8, 0xD9, 0x85,
+	0x44, 0xD8, 0xB9, 0xD8, 0xAC, 0x44, 0xD8, 0xB9,
+	0xD9, 0x85, 0x44, 0xD8, 0xB9, 0xD9, 0x89, 0x44,
+	// Bytes 2040 - 207f
+	0xD8, 0xB9, 0xD9, 0x8A, 0x44, 0xD8, 0xBA, 0xD8,
+	0xAC, 0x44, 0xD8, 0xBA, 0xD9, 0x85, 0x44, 0xD8,
+	0xBA, 0xD9, 0x89, 0x44, 0xD8, 0xBA, 0xD9, 0x8A,
+	0x44, 0xD9, 0x81, 0xD8, 0xAC, 0x44, 0xD9, 0x81,
+	0xD8, 0xAD, 0x44, 0xD9, 0x81, 0xD8, 0xAE, 0x44,
+	0xD9, 0x81, 0xD9, 0x85, 0x44, 0xD9, 0x81, 0xD9,
+	0x89, 0x44, 0xD9, 0x81, 0xD9, 0x8A, 0x44, 0xD9,
+	0x82, 0xD8, 0xAD, 0x44, 0xD9, 0x82, 0xD9, 0x85,
+	// Bytes 2080 - 20bf
+	0x44, 0xD9, 0x82, 0xD9, 0x89, 0x44, 0xD9, 0x82,
+	0xD9, 0x8A, 0x44, 0xD9, 0x83, 0xD8, 0xA7, 0x44,
+	0xD9, 0x83, 0xD8, 0xAC, 0x44, 0xD9, 0x83, 0xD8,
+	0xAD, 0x44, 0xD9, 0x83, 0xD8, 0xAE, 0x44, 0xD9,
+	0x83, 0xD9, 0x84, 0x44, 0xD9, 0x83, 0xD9, 0x85,
+	0x44, 0xD9, 0x83, 0xD9, 0x89, 0x44, 0xD9, 0x83,
+	0xD9, 0x8A, 0x44, 0xD9, 0x84, 0xD8, 0xA7, 0x44,
+	0xD9, 0x84, 0xD8, 0xAC, 0x44, 0xD9, 0x84, 0xD8,
+	// Bytes 20c0 - 20ff
+	0xAD, 0x44, 0xD9, 0x84, 0xD8, 0xAE, 0x44, 0xD9,
+	0x84, 0xD9, 0x85, 0x44, 0xD9, 0x84, 0xD9, 0x87,
+	0x44, 0xD9, 0x84, 0xD9, 0x89, 0x44, 0xD9, 0x84,
+	0xD9, 0x8A, 0x44, 0xD9, 0x85, 0xD8, 0xA7, 0x44,
+	0xD9, 0x85, 0xD8, 0xAC, 0x44, 0xD9, 0x85, 0xD8,
+	0xAD, 0x44, 0xD9, 0x85, 0xD8, 0xAE, 0x44, 0xD9,
+	0x85, 0xD9, 0x85, 0x44, 0xD9, 0x85, 0xD9, 0x89,
+	0x44, 0xD9, 0x85, 0xD9, 0x8A, 0x44, 0xD9, 0x86,
+	// Bytes 2100 - 213f
+	0xD8, 0xAC, 0x44, 0xD9, 0x86, 0xD8, 0xAD, 0x44,
+	0xD9, 0x86, 0xD8, 0xAE, 0x44, 0xD9, 0x86, 0xD8,
+	0xB1, 0x44, 0xD9, 0x86, 0xD8, 0xB2, 0x44, 0xD9,
+	0x86, 0xD9, 0x85, 0x44, 0xD9, 0x86, 0xD9, 0x86,
+	0x44, 0xD9, 0x86, 0xD9, 0x87, 0x44, 0xD9, 0x86,
+	0xD9, 0x89, 0x44, 0xD9, 0x86, 0xD9, 0x8A, 0x44,
+	0xD9, 0x87, 0xD8, 0xAC, 0x44, 0xD9, 0x87, 0xD9,
+	0x85, 0x44, 0xD9, 0x87, 0xD9, 0x89, 0x44, 0xD9,
+	// Bytes 2140 - 217f
+	0x87, 0xD9, 0x8A, 0x44, 0xD9, 0x88, 0xD9, 0xB4,
+	0x44, 0xD9, 0x8A, 0xD8, 0xAC, 0x44, 0xD9, 0x8A,
+	0xD8, 0xAD, 0x44, 0xD9, 0x8A, 0xD8, 0xAE, 0x44,
+	0xD9, 0x8A, 0xD8, 0xB1, 0x44, 0xD9, 0x8A, 0xD8,
+	0xB2, 0x44, 0xD9, 0x8A, 0xD9, 0x85, 0x44, 0xD9,
+	0x8A, 0xD9, 0x86, 0x44, 0xD9, 0x8A, 0xD9, 0x87,
+	0x44, 0xD9, 0x8A, 0xD9, 0x89, 0x44, 0xD9, 0x8A,
+	0xD9, 0x8A, 0x44, 0xD9, 0x8A, 0xD9, 0xB4, 0x44,
+	// Bytes 2180 - 21bf
+	0xDB, 0x87, 0xD9, 0xB4, 0x45, 0x28, 0xE1, 0x84,
+	0x80, 0x29, 0x45, 0x28, 0xE1, 0x84, 0x82, 0x29,
+	0x45, 0x28, 0xE1, 0x84, 0x83, 0x29, 0x45, 0x28,
+	0xE1, 0x84, 0x85, 0x29, 0x45, 0x28, 0xE1, 0x84,
+	0x86, 0x29, 0x45, 0x28, 0xE1, 0x84, 0x87, 0x29,
+	0x45, 0x28, 0xE1, 0x84, 0x89, 0x29, 0x45, 0x28,
+	0xE1, 0x84, 0x8B, 0x29, 0x45, 0x28, 0xE1, 0x84,
+	0x8C, 0x29, 0x45, 0x28, 0xE1, 0x84, 0x8E, 0x29,
+	// Bytes 21c0 - 21ff
+	0x45, 0x28, 0xE1, 0x84, 0x8F, 0x29, 0x45, 0x28,
+	0xE1, 0x84, 0x90, 0x29, 0x45, 0x28, 0xE1, 0x84,
+	0x91, 0x29, 0x45, 0x28, 0xE1, 0x84, 0x92, 0x29,
+	0x45, 0x28, 0xE4, 0xB8, 0x80, 0x29, 0x45, 0x28,
+	0xE4, 0xB8, 0x83, 0x29, 0x45, 0x28, 0xE4, 0xB8,
+	0x89, 0x29, 0x45, 0x28, 0xE4, 0xB9, 0x9D, 0x29,
+	0x45, 0x28, 0xE4, 0xBA, 0x8C, 0x29, 0x45, 0x28,
+	0xE4, 0xBA, 0x94, 0x29, 0x45, 0x28, 0xE4, 0xBB,
+	// Bytes 2200 - 223f
+	0xA3, 0x29, 0x45, 0x28, 0xE4, 0xBC, 0x81, 0x29,
+	0x45, 0x28, 0xE4, 0xBC, 0x91, 0x29, 0x45, 0x28,
+	0xE5, 0x85, 0xAB, 0x29, 0x45, 0x28, 0xE5, 0x85,
+	0xAD, 0x29, 0x45, 0x28, 0xE5, 0x8A, 0xB4, 0x29,
+	0x45, 0x28, 0xE5, 0x8D, 0x81, 0x29, 0x45, 0x28,
+	0xE5, 0x8D, 0x94, 0x29, 0x45, 0x28, 0xE5, 0x90,
+	0x8D, 0x29, 0x45, 0x28, 0xE5, 0x91, 0xBC, 0x29,
+	0x45, 0x28, 0xE5, 0x9B, 0x9B, 0x29, 0x45, 0x28,
+	// Bytes 2240 - 227f
+	0xE5, 0x9C, 0x9F, 0x29, 0x45, 0x28, 0xE5, 0xAD,
+	0xA6, 0x29, 0x45, 0x28, 0xE6, 0x97, 0xA5, 0x29,
+	0x45, 0x28, 0xE6, 0x9C, 0x88, 0x29, 0x45, 0x28,
+	0xE6, 0x9C, 0x89, 0x29, 0x45, 0x28, 0xE6, 0x9C,
+	0xA8, 0x29, 0x45, 0x28, 0xE6, 0xA0, 0xAA, 0x29,
+	0x45, 0x28, 0xE6, 0xB0, 0xB4, 0x29, 0x45, 0x28,
+	0xE7, 0x81, 0xAB, 0x29, 0x45, 0x28, 0xE7, 0x89,
+	0xB9, 0x29, 0x45, 0x28, 0xE7, 0x9B, 0xA3, 0x29,
+	// Bytes 2280 - 22bf
+	0x45, 0x28, 0xE7, 0xA4, 0xBE, 0x29, 0x45, 0x28,
+	0xE7, 0xA5, 0x9D, 0x29, 0x45, 0x28, 0xE7, 0xA5,
+	0xAD, 0x29, 0x45, 0x28, 0xE8, 0x87, 0xAA, 0x29,
+	0x45, 0x28, 0xE8, 0x87, 0xB3, 0x29, 0x45, 0x28,
+	0xE8, 0xB2, 0xA1, 0x29, 0x45, 0x28, 0xE8, 0xB3,
+	0x87, 0x29, 0x45, 0x28, 0xE9, 0x87, 0x91, 0x29,
+	0x45, 0x30, 0xE2, 0x81, 0x84, 0x33, 0x45, 0x31,
+	0x30, 0xE6, 0x97, 0xA5, 0x45, 0x31, 0x30, 0xE6,
+	// Bytes 22c0 - 22ff
+	0x9C, 0x88, 0x45, 0x31, 0x30, 0xE7, 0x82, 0xB9,
+	0x45, 0x31, 0x31, 0xE6, 0x97, 0xA5, 0x45, 0x31,
+	0x31, 0xE6, 0x9C, 0x88, 0x45, 0x31, 0x31, 0xE7,
+	0x82, 0xB9, 0x45, 0x31, 0x32, 0xE6, 0x97, 0xA5,
+	0x45, 0x31, 0x32, 0xE6, 0x9C, 0x88, 0x45, 0x31,
+	0x32, 0xE7, 0x82, 0xB9, 0x45, 0x31, 0x33, 0xE6,
+	0x97, 0xA5, 0x45, 0x31, 0x33, 0xE7, 0x82, 0xB9,
+	0x45, 0x31, 0x34, 0xE6, 0x97, 0xA5, 0x45, 0x31,
+	// Bytes 2300 - 233f
+	0x34, 0xE7, 0x82, 0xB9, 0x45, 0x31, 0x35, 0xE6,
+	0x97, 0xA5, 0x45, 0x31, 0x35, 0xE7, 0x82, 0xB9,
+	0x45, 0x31, 0x36, 0xE6, 0x97, 0xA5, 0x45, 0x31,
+	0x36, 0xE7, 0x82, 0xB9, 0x45, 0x31, 0x37, 0xE6,
+	0x97, 0xA5, 0x45, 0x31, 0x37, 0xE7, 0x82, 0xB9,
+	0x45, 0x31, 0x38, 0xE6, 0x97, 0xA5, 0x45, 0x31,
+	0x38, 0xE7, 0x82, 0xB9, 0x45, 0x31, 0x39, 0xE6,
+	0x97, 0xA5, 0x45, 0x31, 0x39, 0xE7, 0x82, 0xB9,
+	// Bytes 2340 - 237f
+	0x45, 0x31, 0xE2, 0x81, 0x84, 0x32, 0x45, 0x31,
+	0xE2, 0x81, 0x84, 0x33, 0x45, 0x31, 0xE2, 0x81,
+	0x84, 0x34, 0x45, 0x31, 0xE2, 0x81, 0x84, 0x35,
+	0x45, 0x31, 0xE2, 0x81, 0x84, 0x36, 0x45, 0x31,
+	0xE2, 0x81, 0x84, 0x37, 0x45, 0x31, 0xE2, 0x81,
+	0x84, 0x38, 0x45, 0x31, 0xE2, 0x81, 0x84, 0x39,
+	0x45, 0x32, 0x30, 0xE6, 0x97, 0xA5, 0x45, 0x32,
+	0x30, 0xE7, 0x82, 0xB9, 0x45, 0x32, 0x31, 0xE6,
+	// Bytes 2380 - 23bf
+	0x97, 0xA5, 0x45, 0x32, 0x31, 0xE7, 0x82, 0xB9,
+	0x45, 0x32, 0x32, 0xE6, 0x97, 0xA5, 0x45, 0x32,
+	0x32, 0xE7, 0x82, 0xB9, 0x45, 0x32, 0x33, 0xE6,
+	0x97, 0xA5, 0x45, 0x32, 0x33, 0xE7, 0x82, 0xB9,
+	0x45, 0x32, 0x34, 0xE6, 0x97, 0xA5, 0x45, 0x32,
+	0x34, 0xE7, 0x82, 0xB9, 0x45, 0x32, 0x35, 0xE6,
+	0x97, 0xA5, 0x45, 0x32, 0x36, 0xE6, 0x97, 0xA5,
+	0x45, 0x32, 0x37, 0xE6, 0x97, 0xA5, 0x45, 0x32,
+	// Bytes 23c0 - 23ff
+	0x38, 0xE6, 0x97, 0xA5, 0x45, 0x32, 0x39, 0xE6,
+	0x97, 0xA5, 0x45, 0x32, 0xE2, 0x81, 0x84, 0x33,
+	0x45, 0x32, 0xE2, 0x81, 0x84, 0x35, 0x45, 0x33,
+	0x30, 0xE6, 0x97, 0xA5, 0x45, 0x33, 0x31, 0xE6,
+	0x97, 0xA5, 0x45, 0x33, 0xE2, 0x81, 0x84, 0x34,
+	0x45, 0x33, 0xE2, 0x81, 0x84, 0x35, 0x45, 0x33,
+	0xE2, 0x81, 0x84, 0x38, 0x45, 0x34, 0xE2, 0x81,
+	0x84, 0x35, 0x45, 0x35, 0xE2, 0x81, 0x84, 0x36,
+	// Bytes 2400 - 243f
+	0x45, 0x35, 0xE2, 0x81, 0x84, 0x38, 0x45, 0x37,
+	0xE2, 0x81, 0x84, 0x38, 0x45, 0x41, 0xE2, 0x88,
+	0x95, 0x6D, 0x45, 0x56, 0xE2, 0x88, 0x95, 0x6D,
+	0x45, 0x6D, 0xE2, 0x88, 0x95, 0x73, 0x46, 0x31,
+	0xE2, 0x81, 0x84, 0x31, 0x30, 0x46, 0x43, 0xE2,
+	0x88, 0x95, 0x6B, 0x67, 0x46, 0x6D, 0xE2, 0x88,
+	0x95, 0x73, 0x32, 0x46, 0xD8, 0xA8, 0xD8, 0xAD,
+	0xD9, 0x8A, 0x46, 0xD8, 0xA8, 0xD8, 0xAE, 0xD9,
+	// Bytes 2440 - 247f
+	0x8A, 0x46, 0xD8, 0xAA, 0xD8, 0xAC, 0xD9, 0x85,
+	0x46, 0xD8, 0xAA, 0xD8, 0xAC, 0xD9, 0x89, 0x46,
+	0xD8, 0xAA, 0xD8, 0xAC, 0xD9, 0x8A, 0x46, 0xD8,
+	0xAA, 0xD8, 0xAD, 0xD8, 0xAC, 0x46, 0xD8, 0xAA,
+	0xD8, 0xAD, 0xD9, 0x85, 0x46, 0xD8, 0xAA, 0xD8,
+	0xAE, 0xD9, 0x85, 0x46, 0xD8, 0xAA, 0xD8, 0xAE,
+	0xD9, 0x89, 0x46, 0xD8, 0xAA, 0xD8, 0xAE, 0xD9,
+	0x8A, 0x46, 0xD8, 0xAA, 0xD9, 0x85, 0xD8, 0xAC,
+	// Bytes 2480 - 24bf
+	0x46, 0xD8, 0xAA, 0xD9, 0x85, 0xD8, 0xAD, 0x46,
+	0xD8, 0xAA, 0xD9, 0x85, 0xD8, 0xAE, 0x46, 0xD8,
+	0xAA, 0xD9, 0x85, 0xD9, 0x89, 0x46, 0xD8, 0xAA,
+	0xD9, 0x85, 0xD9, 0x8A, 0x46, 0xD8, 0xAC, 0xD8,
+	0xAD, 0xD9, 0x89, 0x46, 0xD8, 0xAC, 0xD8, 0xAD,
+	0xD9, 0x8A, 0x46, 0xD8, 0xAC, 0xD9, 0x85, 0xD8,
+	0xAD, 0x46, 0xD8, 0xAC, 0xD9, 0x85, 0xD9, 0x89,
+	0x46, 0xD8, 0xAC, 0xD9, 0x85, 0xD9, 0x8A, 0x46,
+	// Bytes 24c0 - 24ff
+	0xD8, 0xAD, 0xD8, 0xAC, 0xD9, 0x8A, 0x46, 0xD8,
+	0xAD, 0xD9, 0x85, 0xD9, 0x89, 0x46, 0xD8, 0xAD,
+	0xD9, 0x85, 0xD9, 0x8A, 0x46, 0xD8, 0xB3, 0xD8,
+	0xAC, 0xD8, 0xAD, 0x46, 0xD8, 0xB3, 0xD8, 0xAC,
+	0xD9, 0x89, 0x46, 0xD8, 0xB3, 0xD8, 0xAD, 0xD8,
+	0xAC, 0x46, 0xD8, 0xB3, 0xD8, 0xAE, 0xD9, 0x89,
+	0x46, 0xD8, 0xB3, 0xD8, 0xAE, 0xD9, 0x8A, 0x46,
+	0xD8, 0xB3, 0xD9, 0x85, 0xD8, 0xAC, 0x46, 0xD8,
+	// Bytes 2500 - 253f
+	0xB3, 0xD9, 0x85, 0xD8, 0xAD, 0x46, 0xD8, 0xB3,
+	0xD9, 0x85, 0xD9, 0x85, 0x46, 0xD8, 0xB4, 0xD8,
+	0xAC, 0xD9, 0x8A, 0x46, 0xD8, 0xB4, 0xD8, 0xAD,
+	0xD9, 0x85, 0x46, 0xD8, 0xB4, 0xD8, 0xAD, 0xD9,
+	0x8A, 0x46, 0xD8, 0xB4, 0xD9, 0x85, 0xD8, 0xAE,
+	0x46, 0xD8, 0xB4, 0xD9, 0x85, 0xD9, 0x85, 0x46,
+	0xD8, 0xB5, 0xD8, 0xAD, 0xD8, 0xAD, 0x46, 0xD8,
+	0xB5, 0xD8, 0xAD, 0xD9, 0x8A, 0x46, 0xD8, 0xB5,
+	// Bytes 2540 - 257f
+	0xD9, 0x84, 0xD9, 0x89, 0x46, 0xD8, 0xB5, 0xD9,
+	0x84, 0xDB, 0x92, 0x46, 0xD8, 0xB5, 0xD9, 0x85,
+	0xD9, 0x85, 0x46, 0xD8, 0xB6, 0xD8, 0xAD, 0xD9,
+	0x89, 0x46, 0xD8, 0xB6, 0xD8, 0xAD, 0xD9, 0x8A,
+	0x46, 0xD8, 0xB6, 0xD8, 0xAE, 0xD9, 0x85, 0x46,
+	0xD8, 0xB7, 0xD9, 0x85, 0xD8, 0xAD, 0x46, 0xD8,
+	0xB7, 0xD9, 0x85, 0xD9, 0x85, 0x46, 0xD8, 0xB7,
+	0xD9, 0x85, 0xD9, 0x8A, 0x46, 0xD8, 0xB9, 0xD8,
+	// Bytes 2580 - 25bf
+	0xAC, 0xD9, 0x85, 0x46, 0xD8, 0xB9, 0xD9, 0x85,
+	0xD9, 0x85, 0x46, 0xD8, 0xB9, 0xD9, 0x85, 0xD9,
+	0x89, 0x46, 0xD8, 0xB9, 0xD9, 0x85, 0xD9, 0x8A,
+	0x46, 0xD8, 0xBA, 0xD9, 0x85, 0xD9, 0x85, 0x46,
+	0xD8, 0xBA, 0xD9, 0x85, 0xD9, 0x89, 0x46, 0xD8,
+	0xBA, 0xD9, 0x85, 0xD9, 0x8A, 0x46, 0xD9, 0x81,
+	0xD8, 0xAE, 0xD9, 0x85, 0x46, 0xD9, 0x81, 0xD9,
+	0x85, 0xD9, 0x8A, 0x46, 0xD9, 0x82, 0xD9, 0x84,
+	// Bytes 25c0 - 25ff
+	0xDB, 0x92, 0x46, 0xD9, 0x82, 0xD9, 0x85, 0xD8,
+	0xAD, 0x46, 0xD9, 0x82, 0xD9, 0x85, 0xD9, 0x85,
+	0x46, 0xD9, 0x82, 0xD9, 0x85, 0xD9, 0x8A, 0x46,
+	0xD9, 0x83, 0xD9, 0x85, 0xD9, 0x85, 0x46, 0xD9,
+	0x83, 0xD9, 0x85, 0xD9, 0x8A, 0x46, 0xD9, 0x84,
+	0xD8, 0xAC, 0xD8, 0xAC, 0x46, 0xD9, 0x84, 0xD8,
+	0xAC, 0xD9, 0x85, 0x46, 0xD9, 0x84, 0xD8, 0xAC,
+	0xD9, 0x8A, 0x46, 0xD9, 0x84, 0xD8, 0xAD, 0xD9,
+	// Bytes 2600 - 263f
+	0x85, 0x46, 0xD9, 0x84, 0xD8, 0xAD, 0xD9, 0x89,
+	0x46, 0xD9, 0x84, 0xD8, 0xAD, 0xD9, 0x8A, 0x46,
+	0xD9, 0x84, 0xD8, 0xAE, 0xD9, 0x85, 0x46, 0xD9,
+	0x84, 0xD9, 0x85, 0xD8, 0xAD, 0x46, 0xD9, 0x84,
+	0xD9, 0x85, 0xD9, 0x8A, 0x46, 0xD9, 0x85, 0xD8,
+	0xAC, 0xD8, 0xAD, 0x46, 0xD9, 0x85, 0xD8, 0xAC,
+	0xD8, 0xAE, 0x46, 0xD9, 0x85, 0xD8, 0xAC, 0xD9,
+	0x85, 0x46, 0xD9, 0x85, 0xD8, 0xAC, 0xD9, 0x8A,
+	// Bytes 2640 - 267f
+	0x46, 0xD9, 0x85, 0xD8, 0xAD, 0xD8, 0xAC, 0x46,
+	0xD9, 0x85, 0xD8, 0xAD, 0xD9, 0x85, 0x46, 0xD9,
+	0x85, 0xD8, 0xAD, 0xD9, 0x8A, 0x46, 0xD9, 0x85,
+	0xD8, 0xAE, 0xD8, 0xAC, 0x46, 0xD9, 0x85, 0xD8,
+	0xAE, 0xD9, 0x85, 0x46, 0xD9, 0x85, 0xD8, 0xAE,
+	0xD9, 0x8A, 0x46, 0xD9, 0x85, 0xD9, 0x85, 0xD9,
+	0x8A, 0x46, 0xD9, 0x86, 0xD8, 0xAC, 0xD8, 0xAD,
+	0x46, 0xD9, 0x86, 0xD8, 0xAC, 0xD9, 0x85, 0x46,
+	// Bytes 2680 - 26bf
+	0xD9, 0x86, 0xD8, 0xAC, 0xD9, 0x89, 0x46, 0xD9,
+	0x86, 0xD8, 0xAC, 0xD9, 0x8A, 0x46, 0xD9, 0x86,
+	0xD8, 0xAD, 0xD9, 0x85, 0x46, 0xD9, 0x86, 0xD8,
+	0xAD, 0xD9, 0x89, 0x46, 0xD9, 0x86, 0xD8, 0xAD,
+	0xD9, 0x8A, 0x46, 0xD9, 0x86, 0xD9, 0x85, 0xD9,
+	0x89, 0x46, 0xD9, 0x86, 0xD9, 0x85, 0xD9, 0x8A,
+	0x46, 0xD9, 0x87, 0xD9, 0x85, 0xD8, 0xAC, 0x46,
+	0xD9, 0x87, 0xD9, 0x85, 0xD9, 0x85, 0x46, 0xD9,
+	// Bytes 26c0 - 26ff
+	0x8A, 0xD8, 0xAC, 0xD9, 0x8A, 0x46, 0xD9, 0x8A,
+	0xD8, 0xAD, 0xD9, 0x8A, 0x46, 0xD9, 0x8A, 0xD9,
+	0x85, 0xD9, 0x85, 0x46, 0xD9, 0x8A, 0xD9, 0x85,
+	0xD9, 0x8A, 0x46, 0xD9, 0x8A, 0xD9, 0x94, 0xD8,
+	0xA7, 0x46, 0xD9, 0x8A, 0xD9, 0x94, 0xD8, 0xAC,
+	0x46, 0xD9, 0x8A, 0xD9, 0x94, 0xD8, 0xAD, 0x46,
+	0xD9, 0x8A, 0xD9, 0x94, 0xD8, 0xAE, 0x46, 0xD9,
+	0x8A, 0xD9, 0x94, 0xD8, 0xB1, 0x46, 0xD9, 0x8A,
+	// Bytes 2700 - 273f
+	0xD9, 0x94, 0xD8, 0xB2, 0x46, 0xD9, 0x8A, 0xD9,
+	0x94, 0xD9, 0x85, 0x46, 0xD9, 0x8A, 0xD9, 0x94,
+	0xD9, 0x86, 0x46, 0xD9, 0x8A, 0xD9, 0x94, 0xD9,
+	0x87, 0x46, 0xD9, 0x8A, 0xD9, 0x94, 0xD9, 0x88,
+	0x46, 0xD9, 0x8A, 0xD9, 0x94, 0xD9, 0x89, 0x46,
+	0xD9, 0x8A, 0xD9, 0x94, 0xD9, 0x8A, 0x46, 0xD9,
+	0x8A, 0xD9, 0x94, 0xDB, 0x86, 0x46, 0xD9, 0x8A,
+	0xD9, 0x94, 0xDB, 0x87, 0x46, 0xD9, 0x8A, 0xD9,
+	// Bytes 2740 - 277f
+	0x94, 0xDB, 0x88, 0x46, 0xD9, 0x8A, 0xD9, 0x94,
+	0xDB, 0x90, 0x46, 0xD9, 0x8A, 0xD9, 0x94, 0xDB,
+	0x95, 0x46, 0xE0, 0xB9, 0x8D, 0xE0, 0xB8, 0xB2,
+	0x46, 0xE0, 0xBA, 0xAB, 0xE0, 0xBA, 0x99, 0x46,
+	0xE0, 0xBA, 0xAB, 0xE0, 0xBA, 0xA1, 0x46, 0xE0,
+	0xBB, 0x8D, 0xE0, 0xBA, 0xB2, 0x46, 0xE0, 0xBD,
+	0x80, 0xE0, 0xBE, 0xB5, 0x46, 0xE0, 0xBD, 0x82,
+	0xE0, 0xBE, 0xB7, 0x46, 0xE0, 0xBD, 0x8C, 0xE0,
+	// Bytes 2780 - 27bf
+	0xBE, 0xB7, 0x46, 0xE0, 0xBD, 0x91, 0xE0, 0xBE,
+	0xB7, 0x46, 0xE0, 0xBD, 0x96, 0xE0, 0xBE, 0xB7,
+	0x46, 0xE0, 0xBD, 0x9B, 0xE0, 0xBE, 0xB7, 0x46,
+	0xE0, 0xBE, 0x90, 0xE0, 0xBE, 0xB5, 0x46, 0xE0,
+	0xBE, 0x92, 0xE0, 0xBE, 0xB7, 0x46, 0xE0, 0xBE,
+	0x9C, 0xE0, 0xBE, 0xB7, 0x46, 0xE0, 0xBE, 0xA1,
+	0xE0, 0xBE, 0xB7, 0x46, 0xE0, 0xBE, 0xA6, 0xE0,
+	0xBE, 0xB7, 0x46, 0xE0, 0xBE, 0xAB, 0xE0, 0xBE,
+	// Bytes 27c0 - 27ff
+	0xB7, 0x46, 0xE2, 0x80, 0xB2, 0xE2, 0x80, 0xB2,
+	0x46, 0xE2, 0x80, 0xB5, 0xE2, 0x80, 0xB5, 0x46,
+	0xE2, 0x88, 0xAB, 0xE2, 0x88, 0xAB, 0x46, 0xE2,
+	0x88, 0xAE, 0xE2, 0x88, 0xAE, 0x46, 0xE3, 0x81,
+	0xBB, 0xE3, 0x81, 0x8B, 0x46, 0xE3, 0x82, 0x88,
+	0xE3, 0x82, 0x8A, 0x46, 0xE3, 0x82, 0xAD, 0xE3,
+	0x83, 0xAD, 0x46, 0xE3, 0x82, 0xB3, 0xE3, 0x82,
+	0xB3, 0x46, 0xE3, 0x82, 0xB3, 0xE3, 0x83, 0x88,
+	// Bytes 2800 - 283f
+	0x46, 0xE3, 0x83, 0x88, 0xE3, 0x83, 0xB3, 0x46,
+	0xE3, 0x83, 0x8A, 0xE3, 0x83, 0x8E, 0x46, 0xE3,
+	0x83, 0x9B, 0xE3, 0x83, 0xB3, 0x46, 0xE3, 0x83,
+	0x9F, 0xE3, 0x83, 0xAA, 0x46, 0xE3, 0x83, 0xAA,
+	0xE3, 0x83, 0xA9, 0x46, 0xE3, 0x83, 0xAC, 0xE3,
+	0x83, 0xA0, 0x46, 0xE4, 0xBB, 0xA4, 0xE5, 0x92,
+	0x8C, 0x46, 0xE5, 0xA4, 0xA7, 0xE6, 0xAD, 0xA3,
+	0x46, 0xE5, 0xB9, 0xB3, 0xE6, 0x88, 0x90, 0x46,
+	// Bytes 2840 - 287f
+	0xE6, 0x98, 0x8E, 0xE6, 0xB2, 0xBB, 0x46, 0xE6,
+	0x98, 0xAD, 0xE5, 0x92, 0x8C, 0x47, 0x72, 0x61,
+	0x64, 0xE2, 0x88, 0x95, 0x73, 0x47, 0xE3, 0x80,
+	0x94, 0x53, 0xE3, 0x80, 0x95, 0x48, 0x28, 0xE1,
+	0x84, 0x80, 0xE1, 0x85, 0xA1, 0x29, 0x48, 0x28,
+	0xE1, 0x84, 0x82, 0xE1, 0x85, 0xA1, 0x29, 0x48,
+	0x28, 0xE1, 0x84, 0x83, 0xE1, 0x85, 0xA1, 0x29,
+	0x48, 0x28, 0xE1, 0x84, 0x85, 0xE1, 0x85, 0xA1,
+	// Bytes 2880 - 28bf
+	0x29, 0x48, 0x28, 0xE1, 0x84, 0x86, 0xE1, 0x85,
+	0xA1, 0x29, 0x48, 0x28, 0xE1, 0x84, 0x87, 0xE1,
+	0x85, 0xA1, 0x29, 0x48, 0x28, 0xE1, 0x84, 0x89,
+	0xE1, 0x85, 0xA1, 0x29, 0x48, 0x28, 0xE1, 0x84,
+	0x8B, 0xE1, 0x85, 0xA1, 0x29, 0x48, 0x28, 0xE1,
+	0x84, 0x8C, 0xE1, 0x85, 0xA1, 0x29, 0x48, 0x28,
+	0xE1, 0x84, 0x8C, 0xE1, 0x85, 0xAE, 0x29, 0x48,
+	0x28, 0xE1, 0x84, 0x8E, 0xE1, 0x85, 0xA1, 0x29,
+	// Bytes 28c0 - 28ff
+	0x48, 0x28, 0xE1, 0x84, 0x8F, 0xE1, 0x85, 0xA1,
+	0x29, 0x48, 0x28, 0xE1, 0x84, 0x90, 0xE1, 0x85,
+	0xA1, 0x29, 0x48, 0x28, 0xE1, 0x84, 0x91, 0xE1,
+	0x85, 0xA1, 0x29, 0x48, 0x28, 0xE1, 0x84, 0x92,
+	0xE1, 0x85, 0xA1, 0x29, 0x48, 0x72, 0x61, 0x64,
+	0xE2, 0x88, 0x95, 0x73, 0x32, 0x48, 0xD8, 0xA7,
+	0xD9, 0x83, 0xD8, 0xA8, 0xD8, 0xB1, 0x48, 0xD8,
+	0xA7, 0xD9, 0x84, 0xD9, 0x84, 0xD9, 0x87, 0x48,
+	// Bytes 2900 - 293f
+	0xD8, 0xB1, 0xD8, 0xB3, 0xD9, 0x88, 0xD9, 0x84,
+	0x48, 0xD8, 0xB1, 0xDB, 0x8C, 0xD8, 0xA7, 0xD9,
+	0x84, 0x48, 0xD8, 0xB5, 0xD9, 0x84, 0xD8, 0xB9,
+	0xD9, 0x85, 0x48, 0xD8, 0xB9, 0xD9, 0x84, 0xD9,
+	0x8A, 0xD9, 0x87, 0x48, 0xD9, 0x85, 0xD8, 0xAD,
+	0xD9, 0x85, 0xD8, 0xAF, 0x48, 0xD9, 0x88, 0xD8,
+	0xB3, 0xD9, 0x84, 0xD9, 0x85, 0x49, 0xE2, 0x80,
+	0xB2, 0xE2, 0x80, 0xB2, 0xE2, 0x80, 0xB2, 0x49,
+	// Bytes 2940 - 297f
+	0xE2, 0x80, 0xB5, 0xE2, 0x80, 0xB5, 0xE2, 0x80,
+	0xB5, 0x49, 0xE2, 0x88, 0xAB, 0xE2, 0x88, 0xAB,
+	0xE2, 0x88, 0xAB, 0x49, 0xE2, 0x88, 0xAE, 0xE2,
+	0x88, 0xAE, 0xE2, 0x88, 0xAE, 0x49, 0xE3, 0x80,
+	0x94, 0xE4, 0xB8, 0x89, 0xE3, 0x80, 0x95, 0x49,
+	0xE3, 0x80, 0x94, 0xE4, 0xBA, 0x8C, 0xE3, 0x80,
+	0x95, 0x49, 0xE3, 0x80, 0x94, 0xE5, 0x8B, 0x9D,
+	0xE3, 0x80, 0x95, 0x49, 0xE3, 0x80, 0x94, 0xE5,
+	// Bytes 2980 - 29bf
+	0xAE, 0x89, 0xE3, 0x80, 0x95, 0x49, 0xE3, 0x80,
+	0x94, 0xE6, 0x89, 0x93, 0xE3, 0x80, 0x95, 0x49,
+	0xE3, 0x80, 0x94, 0xE6, 0x95, 0x97, 0xE3, 0x80,
+	0x95, 0x49, 0xE3, 0x80, 0x94, 0xE6, 0x9C, 0xAC,
+	0xE3, 0x80, 0x95, 0x49, 0xE3, 0x80, 0x94, 0xE7,
+	0x82, 0xB9, 0xE3, 0x80, 0x95, 0x49, 0xE3, 0x80,
+	0x94, 0xE7, 0x9B, 0x97, 0xE3, 0x80, 0x95, 0x49,
+	0xE3, 0x82, 0xA2, 0xE3, 0x83, 0xBC, 0xE3, 0x83,
+	// Bytes 29c0 - 29ff
+	0xAB, 0x49, 0xE3, 0x82, 0xA4, 0xE3, 0x83, 0xB3,
+	0xE3, 0x83, 0x81, 0x49, 0xE3, 0x82, 0xA6, 0xE3,
+	0x82, 0xA9, 0xE3, 0x83, 0xB3, 0x49, 0xE3, 0x82,
+	0xAA, 0xE3, 0x83, 0xB3, 0xE3, 0x82, 0xB9, 0x49,
+	0xE3, 0x82, 0xAA, 0xE3, 0x83, 0xBC, 0xE3, 0x83,
+	0xA0, 0x49, 0xE3, 0x82, 0xAB, 0xE3, 0x82, 0xA4,
+	0xE3, 0x83, 0xAA, 0x49, 0xE3, 0x82, 0xB1, 0xE3,
+	0x83, 0xBC, 0xE3, 0x82, 0xB9, 0x49, 0xE3, 0x82,
+	// Bytes 2a00 - 2a3f
+	0xB3, 0xE3, 0x83, 0xAB, 0xE3, 0x83, 0x8A, 0x49,
+	0xE3, 0x82, 0xBB, 0xE3, 0x83, 0xB3, 0xE3, 0x83,
+	0x81, 0x49, 0xE3, 0x82, 0xBB, 0xE3, 0x83, 0xB3,
+	0xE3, 0x83, 0x88, 0x49, 0xE3, 0x83, 0x86, 0xE3,
+	0x82, 0x99, 0xE3, 0x82, 0xB7, 0x49, 0xE3, 0x83,
+	0x88, 0xE3, 0x82, 0x99, 0xE3, 0x83, 0xAB, 0x49,
+	0xE3, 0x83, 0x8E, 0xE3, 0x83, 0x83, 0xE3, 0x83,
+	0x88, 0x49, 0xE3, 0x83, 0x8F, 0xE3, 0x82, 0xA4,
+	// Bytes 2a40 - 2a7f
+	0xE3, 0x83, 0x84, 0x49, 0xE3, 0x83, 0x92, 0xE3,
+	0x82, 0x99, 0xE3, 0x83, 0xAB, 0x49, 0xE3, 0x83,
+	0x92, 0xE3, 0x82, 0x9A, 0xE3, 0x82, 0xB3, 0x49,
+	0xE3, 0x83, 0x95, 0xE3, 0x83, 0xA9, 0xE3, 0x83,
+	0xB3, 0x49, 0xE3, 0x83, 0x98, 0xE3, 0x82, 0x9A,
+	0xE3, 0x82, 0xBD, 0x49, 0xE3, 0x83, 0x98, 0xE3,
+	0x83, 0xAB, 0xE3, 0x83, 0x84, 0x49, 0xE3, 0x83,
+	0x9B, 0xE3, 0x83, 0xBC, 0xE3, 0x83, 0xAB, 0x49,
+	// Bytes 2a80 - 2abf
+	0xE3, 0x83, 0x9B, 0xE3, 0x83, 0xBC, 0xE3, 0x83,
+	0xB3, 0x49, 0xE3, 0x83, 0x9E, 0xE3, 0x82, 0xA4,
+	0xE3, 0x83, 0xAB, 0x49, 0xE3, 0x83, 0x9E, 0xE3,
+	0x83, 0x83, 0xE3, 0x83, 0x8F, 0x49, 0xE3, 0x83,
+	0x9E, 0xE3, 0x83, 0xAB, 0xE3, 0x82, 0xAF, 0x49,
+	0xE3, 0x83, 0xA4, 0xE3, 0x83, 0xBC, 0xE3, 0x83,
+	0xAB, 0x49, 0xE3, 0x83, 0xA6, 0xE3, 0x82, 0xA2,
+	0xE3, 0x83, 0xB3, 0x49, 0xE3, 0x83, 0xAF, 0xE3,
+	// Bytes 2ac0 - 2aff
+	0x83, 0x83, 0xE3, 0x83, 0x88, 0x4C, 0xE2, 0x80,
+	0xB2, 0xE2, 0x80, 0xB2, 0xE2, 0x80, 0xB2, 0xE2,
+	0x80, 0xB2, 0x4C, 0xE2, 0x88, 0xAB, 0xE2, 0x88,
+	0xAB, 0xE2, 0x88, 0xAB, 0xE2, 0x88, 0xAB, 0x4C,
+	0xE3, 0x82, 0xA2, 0xE3, 0x83, 0xAB, 0xE3, 0x83,
+	0x95, 0xE3, 0x82, 0xA1, 0x4C, 0xE3, 0x82, 0xA8,
+	0xE3, 0x83, 0xBC, 0xE3, 0x82, 0xAB, 0xE3, 0x83,
+	0xBC, 0x4C, 0xE3, 0x82, 0xAB, 0xE3, 0x82, 0x99,
+	// Bytes 2b00 - 2b3f
+	0xE3, 0x83, 0xAD, 0xE3, 0x83, 0xB3, 0x4C, 0xE3,
+	0x82, 0xAB, 0xE3, 0x82, 0x99, 0xE3, 0x83, 0xB3,
+	0xE3, 0x83, 0x9E, 0x4C, 0xE3, 0x82, 0xAB, 0xE3,
+	0x83, 0xA9, 0xE3, 0x83, 0x83, 0xE3, 0x83, 0x88,
+	0x4C, 0xE3, 0x82, 0xAB, 0xE3, 0x83, 0xAD, 0xE3,
+	0x83, 0xAA, 0xE3, 0x83, 0xBC, 0x4C, 0xE3, 0x82,
+	0xAD, 0xE3, 0x82, 0x99, 0xE3, 0x83, 0x8B, 0xE3,
+	0x83, 0xBC, 0x4C, 0xE3, 0x82, 0xAD, 0xE3, 0x83,
+	// Bytes 2b40 - 2b7f
+	0xA5, 0xE3, 0x83, 0xAA, 0xE3, 0x83, 0xBC, 0x4C,
+	0xE3, 0x82, 0xAF, 0xE3, 0x82, 0x99, 0xE3, 0x83,
+	0xA9, 0xE3, 0x83, 0xA0, 0x4C, 0xE3, 0x82, 0xAF,
+	0xE3, 0x83, 0xAD, 0xE3, 0x83, 0xBC, 0xE3, 0x83,
+	0x8D, 0x4C, 0xE3, 0x82, 0xB5, 0xE3, 0x82, 0xA4,
+	0xE3, 0x82, 0xAF, 0xE3, 0x83, 0xAB, 0x4C, 0xE3,
+	0x82, 0xBF, 0xE3, 0x82, 0x99, 0xE3, 0x83, 0xBC,
+	0xE3, 0x82, 0xB9, 0x4C, 0xE3, 0x83, 0x8F, 0xE3,
+	// Bytes 2b80 - 2bbf
+	0x82, 0x9A, 0xE3, 0x83, 0xBC, 0xE3, 0x83, 0x84,
+	0x4C, 0xE3, 0x83, 0x92, 0xE3, 0x82, 0x9A, 0xE3,
+	0x82, 0xAF, 0xE3, 0x83, 0xAB, 0x4C, 0xE3, 0x83,
+	0x95, 0xE3, 0x82, 0xA3, 0xE3, 0x83, 0xBC, 0xE3,
+	0x83, 0x88, 0x4C, 0xE3, 0x83, 0x98, 0xE3, 0x82,
+	0x99, 0xE3, 0x83, 0xBC, 0xE3, 0x82, 0xBF, 0x4C,
+	0xE3, 0x83, 0x98, 0xE3, 0x82, 0x9A, 0xE3, 0x83,
+	0x8B, 0xE3, 0x83, 0x92, 0x4C, 0xE3, 0x83, 0x98,
+	// Bytes 2bc0 - 2bff
+	0xE3, 0x82, 0x9A, 0xE3, 0x83, 0xB3, 0xE3, 0x82,
+	0xB9, 0x4C, 0xE3, 0x83, 0x9B, 0xE3, 0x82, 0x99,
+	0xE3, 0x83, 0xAB, 0xE3, 0x83, 0x88, 0x4C, 0xE3,
+	0x83, 0x9E, 0xE3, 0x82, 0xA4, 0xE3, 0x82, 0xAF,
+	0xE3, 0x83, 0xAD, 0x4C, 0xE3, 0x83, 0x9F, 0xE3,
+	0x82, 0xAF, 0xE3, 0x83, 0xAD, 0xE3, 0x83, 0xB3,
+	0x4C, 0xE3, 0x83, 0xA1, 0xE3, 0x83, 0xBC, 0xE3,
+	0x83, 0x88, 0xE3, 0x83, 0xAB, 0x4C, 0xE3, 0x83,
+	// Bytes 2c00 - 2c3f
+	0xAA, 0xE3, 0x83, 0x83, 0xE3, 0x83, 0x88, 0xE3,
+	0x83, 0xAB, 0x4C, 0xE3, 0x83, 0xAB, 0xE3, 0x83,
+	0x92, 0xE3, 0x82, 0x9A, 0xE3, 0x83, 0xBC, 0x4C,
+	0xE6, 0xA0, 0xAA, 0xE5, 0xBC, 0x8F, 0xE4, 0xBC,
+	0x9A, 0xE7, 0xA4, 0xBE, 0x4E, 0x28, 0xE1, 0x84,
+	0x8B, 0xE1, 0x85, 0xA9, 0xE1, 0x84, 0x92, 0xE1,
+	0x85, 0xAE, 0x29, 0x4F, 0xD8, 0xAC, 0xD9, 0x84,
+	0x20, 0xD8, 0xAC, 0xD9, 0x84, 0xD8, 0xA7, 0xD9,
+	// Bytes 2c40 - 2c7f
+	0x84, 0xD9, 0x87, 0x4F, 0xE3, 0x82, 0xA2, 0xE3,
+	0x83, 0x8F, 0xE3, 0x82, 0x9A, 0xE3, 0x83, 0xBC,
+	0xE3, 0x83, 0x88, 0x4F, 0xE3, 0x82, 0xA2, 0xE3,
+	0x83, 0xB3, 0xE3, 0x83, 0x98, 0xE3, 0x82, 0x9A,
+	0xE3, 0x82, 0xA2, 0x4F, 0xE3, 0x82, 0xAD, 0xE3,
+	0x83, 0xAD, 0xE3, 0x83, 0xAF, 0xE3, 0x83, 0x83,
+	0xE3, 0x83, 0x88, 0x4F, 0xE3, 0x82, 0xB5, 0xE3,
+	0x83, 0xB3, 0xE3, 0x83, 0x81, 0xE3, 0x83, 0xBC,
+	// Bytes 2c80 - 2cbf
+	0xE3, 0x83, 0xA0, 0x4F, 0xE3, 0x83, 0x8F, 0xE3,
+	0x82, 0x99, 0xE3, 0x83, 0xBC, 0xE3, 0x83, 0xAC,
+	0xE3, 0x83, 0xAB, 0x4F, 0xE3, 0x83, 0x98, 0xE3,
+	0x82, 0xAF, 0xE3, 0x82, 0xBF, 0xE3, 0x83, 0xBC,
+	0xE3, 0x83, 0xAB, 0x4F, 0xE3, 0x83, 0x9B, 0xE3,
+	0x82, 0x9A, 0xE3, 0x82, 0xA4, 0xE3, 0x83, 0xB3,
+	0xE3, 0x83, 0x88, 0x4F, 0xE3, 0x83, 0x9E, 0xE3,
+	0x83, 0xB3, 0xE3, 0x82, 0xB7, 0xE3, 0x83, 0xA7,
+	// Bytes 2cc0 - 2cff
+	0xE3, 0x83, 0xB3, 0x4F, 0xE3, 0x83, 0xA1, 0xE3,
+	0x82, 0xAB, 0xE3, 0x82, 0x99, 0xE3, 0x83, 0x88,
+	0xE3, 0x83, 0xB3, 0x4F, 0xE3, 0x83, 0xAB, 0xE3,
+	0x83, 0xBC, 0xE3, 0x83, 0x95, 0xE3, 0x82, 0x99,
+	0xE3, 0x83, 0xAB, 0x51, 0x28, 0xE1, 0x84, 0x8B,
+	0xE1, 0x85, 0xA9, 0xE1, 0x84, 0x8C, 0xE1, 0x85,
+	0xA5, 0xE1, 0x86, 0xAB, 0x29, 0x52, 0xE3, 0x82,
+	0xAD, 0xE3, 0x82, 0x99, 0xE3, 0x83, 0xAB, 0xE3,
+	// Bytes 2d00 - 2d3f
+	0x82, 0xBF, 0xE3, 0x82, 0x99, 0xE3, 0x83, 0xBC,
+	0x52, 0xE3, 0x82, 0xAD, 0xE3, 0x83, 0xAD, 0xE3,
+	0x82, 0xAF, 0xE3, 0x82, 0x99, 0xE3, 0x83, 0xA9,
+	0xE3, 0x83, 0xA0, 0x52, 0xE3, 0x82, 0xAD, 0xE3,
+	0x83, 0xAD, 0xE3, 0x83, 0xA1, 0xE3, 0x83, 0xBC,
+	0xE3, 0x83, 0x88, 0xE3, 0x83, 0xAB, 0x52, 0xE3,
+	0x82, 0xAF, 0xE3, 0x82, 0x99, 0xE3, 0x83, 0xA9,
+	0xE3, 0x83, 0xA0, 0xE3, 0x83, 0x88, 0xE3, 0x83,
+	// Bytes 2d40 - 2d7f
+	0xB3, 0x52, 0xE3, 0x82, 0xAF, 0xE3, 0x83, 0xAB,
+	0xE3, 0x82, 0xBB, 0xE3, 0x82, 0x99, 0xE3, 0x82,
+	0xA4, 0xE3, 0x83, 0xAD, 0x52, 0xE3, 0x83, 0x8F,
+	0xE3, 0x82, 0x9A, 0xE3, 0x83, 0xBC, 0xE3, 0x82,
+	0xBB, 0xE3, 0x83, 0xB3, 0xE3, 0x83, 0x88, 0x52,
+	0xE3, 0x83, 0x92, 0xE3, 0x82, 0x9A, 0xE3, 0x82,
+	0xA2, 0xE3, 0x82, 0xB9, 0xE3, 0x83, 0x88, 0xE3,
+	0x83, 0xAB, 0x52, 0xE3, 0x83, 0x95, 0xE3, 0x82,
+	// Bytes 2d80 - 2dbf
+	0x99, 0xE3, 0x83, 0x83, 0xE3, 0x82, 0xB7, 0xE3,
+	0x82, 0xA7, 0xE3, 0x83, 0xAB, 0x52, 0xE3, 0x83,
+	0x9F, 0xE3, 0x83, 0xAA, 0xE3, 0x83, 0x8F, 0xE3,
+	0x82, 0x99, 0xE3, 0x83, 0xBC, 0xE3, 0x83, 0xAB,
+	0x52, 0xE3, 0x83, 0xAC, 0xE3, 0x83, 0xB3, 0xE3,
+	0x83, 0x88, 0xE3, 0x82, 0xB1, 0xE3, 0x82, 0x99,
+	0xE3, 0x83, 0xB3, 0x61, 0xD8, 0xB5, 0xD9, 0x84,
+	0xD9, 0x89, 0x20, 0xD8, 0xA7, 0xD9, 0x84, 0xD9,
+	// Bytes 2dc0 - 2dff
+	0x84, 0xD9, 0x87, 0x20, 0xD8, 0xB9, 0xD9, 0x84,
+	0xD9, 0x8A, 0xD9, 0x87, 0x20, 0xD9, 0x88, 0xD8,
+	0xB3, 0xD9, 0x84, 0xD9, 0x85, 0x06, 0xE0, 0xA7,
+	0x87, 0xE0, 0xA6, 0xBE, 0x01, 0x06, 0xE0, 0xA7,
+	0x87, 0xE0, 0xA7, 0x97, 0x01, 0x06, 0xE0, 0xAD,
+	0x87, 0xE0, 0xAC, 0xBE, 0x01, 0x06, 0xE0, 0xAD,
+	0x87, 0xE0, 0xAD, 0x96, 0x01, 0x06, 0xE0, 0xAD,
+	0x87, 0xE0, 0xAD, 0x97, 0x01, 0x06, 0xE0, 0xAE,
+	// Bytes 2e00 - 2e3f
+	0x92, 0xE0, 0xAF, 0x97, 0x01, 0x06, 0xE0, 0xAF,
+	0x86, 0xE0, 0xAE, 0xBE, 0x01, 0x06, 0xE0, 0xAF,
+	0x86, 0xE0, 0xAF, 0x97, 0x01, 0x06, 0xE0, 0xAF,
+	0x87, 0xE0, 0xAE, 0xBE, 0x01, 0x06, 0xE0, 0xB2,
+	0xBF, 0xE0, 0xB3, 0x95, 0x01, 0x06, 0xE0, 0xB3,
+	0x86, 0xE0, 0xB3, 0x95, 0x01, 0x06, 0xE0, 0xB3,
+	0x86, 0xE0, 0xB3, 0x96, 0x01, 0x06, 0xE0, 0xB5,
+	0x86, 0xE0, 0xB4, 0xBE, 0x01, 0x06, 0xE0, 0xB5,
+	// Bytes 2e40 - 2e7f
+	0x86, 0xE0, 0xB5, 0x97, 0x01, 0x06, 0xE0, 0xB5,
+	0x87, 0xE0, 0xB4, 0xBE, 0x01, 0x06, 0xE0, 0xB7,
+	0x99, 0xE0, 0xB7, 0x9F, 0x01, 0x06, 0xE1, 0x80,
+	0xA5, 0xE1, 0x80, 0xAE, 0x01, 0x06, 0xE1, 0xAC,
+	0x85, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAC,
+	0x87, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAC,
+	0x89, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAC,
+	0x8B, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAC,
+	// Bytes 2e80 - 2ebf
+	0x8D, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAC,
+	0x91, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAC,
+	0xBA, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAC,
+	0xBC, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAC,
+	0xBE, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAC,
+	0xBF, 0xE1, 0xAC, 0xB5, 0x01, 0x06, 0xE1, 0xAD,
+	0x82, 0xE1, 0xAC, 0xB5, 0x01, 0x08, 0xF0, 0x91,
+	0x84, 0xB1, 0xF0, 0x91, 0x84, 0xA7, 0x01, 0x08,
+	// Bytes 2ec0 - 2eff
+	0xF0, 0x91, 0x84, 0xB2, 0xF0, 0x91, 0x84, 0xA7,
+	0x01, 0x08, 0xF0, 0x91, 0x8D, 0x87, 0xF0, 0x91,
+	0x8C, 0xBE, 0x01, 0x08, 0xF0, 0x91, 0x8D, 0x87,
+	0xF0, 0x91, 0x8D, 0x97, 0x01, 0x08, 0xF0, 0x91,
+	0x92, 0xB9, 0xF0, 0x91, 0x92, 0xB0, 0x01, 0x08,
+	0xF0, 0x91, 0x92, 0xB9, 0xF0, 0x91, 0x92, 0xBA,
+	0x01, 0x08, 0xF0, 0x91, 0x92, 0xB9, 0xF0, 0x91,
+	0x92, 0xBD, 0x01, 0x08, 0xF0, 0x91, 0x96, 0xB8,
+	// Bytes 2f00 - 2f3f
+	0xF0, 0x91, 0x96, 0xAF, 0x01, 0x08, 0xF0, 0x91,
+	0x96, 0xB9, 0xF0, 0x91, 0x96, 0xAF, 0x01, 0x08,
+	0xF0, 0x91, 0xA4, 0xB5, 0xF0, 0x91, 0xA4, 0xB0,
+	0x01, 0x09, 0xE0, 0xB3, 0x86, 0xE0, 0xB3, 0x82,
+	0xE0, 0xB3, 0x95, 0x02, 0x09, 0xE0, 0xB7, 0x99,
+	0xE0, 0xB7, 0x8F, 0xE0, 0xB7, 0x8A, 0x16, 0x44,
+	0x44, 0x5A, 0xCC, 0x8C, 0xCD, 0x44, 0x44, 0x7A,
+	0xCC, 0x8C, 0xCD, 0x44, 0x64, 0x7A, 0xCC, 0x8C,
+	// Bytes 2f40 - 2f7f
+	0xCD, 0x46, 0xD9, 0x84, 0xD8, 0xA7, 0xD9, 0x93,
+	0xCD, 0x46, 0xD9, 0x84, 0xD8, 0xA7, 0xD9, 0x94,
+	0xCD, 0x46, 0xD9, 0x84, 0xD8, 0xA7, 0xD9, 0x95,
+	0xB9, 0x46, 0xE1, 0x84, 0x80, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x82, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x83, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x85, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x86, 0xE1, 0x85, 0xA1,
+	// Bytes 2f80 - 2fbf
+	0x01, 0x46, 0xE1, 0x84, 0x87, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x89, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x8B, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x8B, 0xE1, 0x85, 0xAE,
+	0x01, 0x46, 0xE1, 0x84, 0x8C, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x8E, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x8F, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x90, 0xE1, 0x85, 0xA1,
+	// Bytes 2fc0 - 2fff
+	0x01, 0x46, 0xE1, 0x84, 0x91, 0xE1, 0x85, 0xA1,
+	0x01, 0x46, 0xE1, 0x84, 0x92, 0xE1, 0x85, 0xA1,
+	0x01, 0x49, 0xE3, 0x83, 0xA1, 0xE3, 0x82, 0xAB,
+	0xE3, 0x82, 0x99, 0x11, 0x4C, 0xE1, 0x84, 0x8C,
+	0xE1, 0x85, 0xAE, 0xE1, 0x84, 0x8B, 0xE1, 0x85,
+	0xB4, 0x01, 0x4C, 0xE3, 0x82, 0xAD, 0xE3, 0x82,
+	0x99, 0xE3, 0x82, 0xAB, 0xE3, 0x82, 0x99, 0x11,
+	0x4C, 0xE3, 0x82, 0xB3, 0xE3, 0x83, 0xBC, 0xE3,
+	// Bytes 3000 - 303f
+	0x83, 0x9B, 0xE3, 0x82, 0x9A, 0x11, 0x4C, 0xE3,
+	0x83, 0xA4, 0xE3, 0x83, 0xBC, 0xE3, 0x83, 0x88,
+	0xE3, 0x82, 0x99, 0x11, 0x4F, 0xE1, 0x84, 0x8E,
+	0xE1, 0x85, 0xA1, 0xE1, 0x86, 0xB7, 0xE1, 0x84,
+	0x80, 0xE1, 0x85, 0xA9, 0x01, 0x4F, 0xE3, 0x82,
+	0xA4, 0xE3, 0x83, 0x8B, 0xE3, 0x83, 0xB3, 0xE3,
+	0x82, 0xAF, 0xE3, 0x82, 0x99, 0x11, 0x4F, 0xE3,
+	0x82, 0xB7, 0xE3, 0x83, 0xAA, 0xE3, 0x83, 0xB3,
+	// Bytes 3040 - 307f
+	0xE3, 0x82, 0xAF, 0xE3, 0x82, 0x99, 0x11, 0x4F,
+	0xE3, 0x83, 0x98, 0xE3, 0x82, 0x9A, 0xE3, 0x83,
+	0xBC, 0xE3, 0x82, 0xB7, 0xE3, 0x82, 0x99, 0x11,
+	0x4F, 0xE3, 0x83, 0x9B, 0xE3, 0x82, 0x9A, 0xE3,
+	0x83, 0xB3, 0xE3, 0x83, 0x88, 0xE3, 0x82, 0x99,
+	0x11, 0x52, 0xE3, 0x82, 0xA8, 0xE3, 0x82, 0xB9,
+	0xE3, 0x82, 0xAF, 0xE3, 0x83, 0xBC, 0xE3, 0x83,
+	0x88, 0xE3, 0x82, 0x99, 0x11, 0x52, 0xE3, 0x83,
+	// Bytes 3080 - 30bf
+	0x95, 0xE3, 0x82, 0xA1, 0xE3, 0x83, 0xA9, 0xE3,
+	0x83, 0x83, 0xE3, 0x83, 0x88, 0xE3, 0x82, 0x99,
+	0x11, 0x86, 0xE0, 0xB3, 0x86, 0xE0, 0xB3, 0x82,
+	0x01, 0x86, 0xE0, 0xB7, 0x99, 0xE0, 0xB7, 0x8F,
+	0x01, 0x03, 0x3C, 0xCC, 0xB8, 0x05, 0x03, 0x3D,
+	0xCC, 0xB8, 0x05, 0x03, 0x3E, 0xCC, 0xB8, 0x05,
+	0x03, 0x41, 0xCC, 0x80, 0xCD, 0x03, 0x41, 0xCC,
+	0x81, 0xCD, 0x03, 0x41, 0xCC, 0x83, 0xCD, 0x03,
+	// Bytes 30c0 - 30ff
+	0x41, 0xCC, 0x84, 0xCD, 0x03, 0x41, 0xCC, 0x89,
+	0xCD, 0x03, 0x41, 0xCC, 0x8C, 0xCD, 0x03, 0x41,
+	0xCC, 0x8F, 0xCD, 0x03, 0x41, 0xCC, 0x91, 0xCD,
+	0x03, 0x41, 0xCC, 0xA5, 0xB9, 0x03, 0x41, 0xCC,
+	0xA8, 0xA9, 0x03, 0x42, 0xCC, 0x87, 0xCD, 0x03,
+	0x42, 0xCC, 0xA3, 0xB9, 0x03, 0x42, 0xCC, 0xB1,
+	0xB9, 0x03, 0x43, 0xCC, 0x81, 0xCD, 0x03, 0x43,
+	0xCC, 0x82, 0xCD, 0x03, 0x43, 0xCC, 0x87, 0xCD,
+	// Bytes 3100 - 313f
+	0x03, 0x43, 0xCC, 0x8C, 0xCD, 0x03, 0x44, 0xCC,
+	0x87, 0xCD, 0x03, 0x44, 0xCC, 0x8C, 0xCD, 0x03,
+	0x44, 0xCC, 0xA3, 0xB9, 0x03, 0x44, 0xCC, 0xA7,
+	0xA9, 0x03, 0x44, 0xCC, 0xAD, 0xB9, 0x03, 0x44,
+	0xCC, 0xB1, 0xB9, 0x03, 0x45, 0xCC, 0x80, 0xCD,
+	0x03, 0x45, 0xCC, 0x81, 0xCD, 0x03, 0x45, 0xCC,
+	0x83, 0xCD, 0x03, 0x45, 0xCC, 0x86, 0xCD, 0x03,
+	0x45, 0xCC, 0x87, 0xCD, 0x03, 0x45, 0xCC, 0x88,
+	// Bytes 3140 - 317f
+	0xCD, 0x03, 0x45, 0xCC, 0x89, 0xCD, 0x03, 0x45,
+	0xCC, 0x8C, 0xCD, 0x03, 0x45, 0xCC, 0x8F, 0xCD,
+	0x03, 0x45, 0xCC, 0x91, 0xCD, 0x03, 0x45, 0xCC,
+	0xA8, 0xA9, 0x03, 0x45, 0xCC, 0xAD, 0xB9, 0x03,
+	0x45, 0xCC, 0xB0, 0xB9, 0x03, 0x46, 0xCC, 0x87,
+	0xCD, 0x03, 0x47, 0xCC, 0x81, 0xCD, 0x03, 0x47,
+	0xCC, 0x82, 0xCD, 0x03, 0x47, 0xCC, 0x84, 0xCD,
+	0x03, 0x47, 0xCC, 0x86, 0xCD, 0x03, 0x47, 0xCC,
+	// Bytes 3180 - 31bf
+	0x87, 0xCD, 0x03, 0x47, 0xCC, 0x8C, 0xCD, 0x03,
+	0x47, 0xCC, 0xA7, 0xA9, 0x03, 0x48, 0xCC, 0x82,
+	0xCD, 0x03, 0x48, 0xCC, 0x87, 0xCD, 0x03, 0x48,
+	0xCC, 0x88, 0xCD, 0x03, 0x48, 0xCC, 0x8C, 0xCD,
+	0x03, 0x48, 0xCC, 0xA3, 0xB9, 0x03, 0x48, 0xCC,
+	0xA7, 0xA9, 0x03, 0x48, 0xCC, 0xAE, 0xB9, 0x03,
+	0x49, 0xCC, 0x80, 0xCD, 0x03, 0x49, 0xCC, 0x81,
+	0xCD, 0x03, 0x49, 0xCC, 0x82, 0xCD, 0x03, 0x49,
+	// Bytes 31c0 - 31ff
+	0xCC, 0x83, 0xCD, 0x03, 0x49, 0xCC, 0x84, 0xCD,
+	0x03, 0x49, 0xCC, 0x86, 0xCD, 0x03, 0x49, 0xCC,
+	0x87, 0xCD, 0x03, 0x49, 0xCC, 0x89, 0xCD, 0x03,
+	0x49, 0xCC, 0x8C, 0xCD, 0x03, 0x49, 0xCC, 0x8F,
+	0xCD, 0x03, 0x49, 0xCC, 0x91, 0xCD, 0x03, 0x49,
+	0xCC, 0xA3, 0xB9, 0x03, 0x49, 0xCC, 0xA8, 0xA9,
+	0x03, 0x49, 0xCC, 0xB0, 0xB9, 0x03, 0x4A, 0xCC,
+	0x82, 0xCD, 0x03, 0x4B, 0xCC, 0x81, 0xCD, 0x03,
+	// Bytes 3200 - 323f
+	0x4B, 0xCC, 0x8C, 0xCD, 0x03, 0x4B, 0xCC, 0xA3,
+	0xB9, 0x03, 0x4B, 0xCC, 0xA7, 0xA9, 0x03, 0x4B,
+	0xCC, 0xB1, 0xB9, 0x03, 0x4C, 0xCC, 0x81, 0xCD,
+	0x03, 0x4C, 0xCC, 0x8C, 0xCD, 0x03, 0x4C, 0xCC,
+	0xA7, 0xA9, 0x03, 0x4C, 0xCC, 0xAD, 0xB9, 0x03,
+	0x4C, 0xCC, 0xB1, 0xB9, 0x03, 0x4D, 0xCC, 0x81,
+	0xCD, 0x03, 0x4D, 0xCC, 0x87, 0xCD, 0x03, 0x4D,
+	0xCC, 0xA3, 0xB9, 0x03, 0x4E, 0xCC, 0x80, 0xCD,
+	// Bytes 3240 - 327f
+	0x03, 0x4E, 0xCC, 0x81, 0xCD, 0x03, 0x4E, 0xCC,
+	0x83, 0xCD, 0x03, 0x4E, 0xCC, 0x87, 0xCD, 0x03,
+	0x4E, 0xCC, 0x8C, 0xCD, 0x03, 0x4E, 0xCC, 0xA3,
+	0xB9, 0x03, 0x4E, 0xCC, 0xA7, 0xA9, 0x03, 0x4E,
+	0xCC, 0xAD, 0xB9, 0x03, 0x4E, 0xCC, 0xB1, 0xB9,
+	0x03, 0x4F, 0xCC, 0x80, 0xCD, 0x03, 0x4F, 0xCC,
+	0x81, 0xCD, 0x03, 0x4F, 0xCC, 0x86, 0xCD, 0x03,
+	0x4F, 0xCC, 0x89, 0xCD, 0x03, 0x4F, 0xCC, 0x8B,
+	// Bytes 3280 - 32bf
+	0xCD, 0x03, 0x4F, 0xCC, 0x8C, 0xCD, 0x03, 0x4F,
+	0xCC, 0x8F, 0xCD, 0x03, 0x4F, 0xCC, 0x91, 0xCD,
+	0x03, 0x50, 0xCC, 0x81, 0xCD, 0x03, 0x50, 0xCC,
+	0x87, 0xCD, 0x03, 0x52, 0xCC, 0x81, 0xCD, 0x03,
+	0x52, 0xCC, 0x87, 0xCD, 0x03, 0x52, 0xCC, 0x8C,
+	0xCD, 0x03, 0x52, 0xCC, 0x8F, 0xCD, 0x03, 0x52,
+	0xCC, 0x91, 0xCD, 0x03, 0x52, 0xCC, 0xA7, 0xA9,
+	0x03, 0x52, 0xCC, 0xB1, 0xB9, 0x03, 0x53, 0xCC,
+	// Bytes 32c0 - 32ff
+	0x82, 0xCD, 0x03, 0x53, 0xCC, 0x87, 0xCD, 0x03,
+	0x53, 0xCC, 0xA6, 0xB9, 0x03, 0x53, 0xCC, 0xA7,
+	0xA9, 0x03, 0x54, 0xCC, 0x87, 0xCD, 0x03, 0x54,
+	0xCC, 0x8C, 0xCD, 0x03, 0x54, 0xCC, 0xA3, 0xB9,
+	0x03, 0x54, 0xCC, 0xA6, 0xB9, 0x03, 0x54, 0xCC,
+	0xA7, 0xA9, 0x03, 0x54, 0xCC, 0xAD, 0xB9, 0x03,
+	0x54, 0xCC, 0xB1, 0xB9, 0x03, 0x55, 0xCC, 0x80,
+	0xCD, 0x03, 0x55, 0xCC, 0x81, 0xCD, 0x03, 0x55,
+	// Bytes 3300 - 333f
+	0xCC, 0x82, 0xCD, 0x03, 0x55, 0xCC, 0x86, 0xCD,
+	0x03, 0x55, 0xCC, 0x89, 0xCD, 0x03, 0x55, 0xCC,
+	0x8A, 0xCD, 0x03, 0x55, 0xCC, 0x8B, 0xCD, 0x03,
+	0x55, 0xCC, 0x8C, 0xCD, 0x03, 0x55, 0xCC, 0x8F,
+	0xCD, 0x03, 0x55, 0xCC, 0x91, 0xCD, 0x03, 0x55,
+	0xCC, 0xA3, 0xB9, 0x03, 0x55, 0xCC, 0xA4, 0xB9,
+	0x03, 0x55, 0xCC, 0xA8, 0xA9, 0x03, 0x55, 0xCC,
+	0xAD, 0xB9, 0x03, 0x55, 0xCC, 0xB0, 0xB9, 0x03,
+	// Bytes 3340 - 337f
+	0x56, 0xCC, 0x83, 0xCD, 0x03, 0x56, 0xCC, 0xA3,
+	0xB9, 0x03, 0x57, 0xCC, 0x80, 0xCD, 0x03, 0x57,
+	0xCC, 0x81, 0xCD, 0x03, 0x57, 0xCC, 0x82, 0xCD,
+	0x03, 0x57, 0xCC, 0x87, 0xCD, 0x03, 0x57, 0xCC,
+	0x88, 0xCD, 0x03, 0x57, 0xCC, 0xA3, 0xB9, 0x03,
+	0x58, 0xCC, 0x87, 0xCD, 0x03, 0x58, 0xCC, 0x88,
+	0xCD, 0x03, 0x59, 0xCC, 0x80, 0xCD, 0x03, 0x59,
+	0xCC, 0x81, 0xCD, 0x03, 0x59, 0xCC, 0x82, 0xCD,
+	// Bytes 3380 - 33bf
+	0x03, 0x59, 0xCC, 0x83, 0xCD, 0x03, 0x59, 0xCC,
+	0x84, 0xCD, 0x03, 0x59, 0xCC, 0x87, 0xCD, 0x03,
+	0x59, 0xCC, 0x88, 0xCD, 0x03, 0x59, 0xCC, 0x89,
+	0xCD, 0x03, 0x59, 0xCC, 0xA3, 0xB9, 0x03, 0x5A,
+	0xCC, 0x81, 0xCD, 0x03, 0x5A, 0xCC, 0x82, 0xCD,
+	0x03, 0x5A, 0xCC, 0x87, 0xCD, 0x03, 0x5A, 0xCC,
+	0x8C, 0xCD, 0x03, 0x5A, 0xCC, 0xA3, 0xB9, 0x03,
+	0x5A, 0xCC, 0xB1, 0xB9, 0x03, 0x61, 0xCC, 0x80,
+	// Bytes 33c0 - 33ff
+	0xCD, 0x03, 0x61, 0xCC, 0x81, 0xCD, 0x03, 0x61,
+	0xCC, 0x83, 0xCD, 0x03, 0x61, 0xCC, 0x84, 0xCD,
+	0x03, 0x61, 0xCC, 0x89, 0xCD, 0x03, 0x61, 0xCC,
+	0x8C, 0xCD, 0x03, 0x61, 0xCC, 0x8F, 0xCD, 0x03,
+	0x61, 0xCC, 0x91, 0xCD, 0x03, 0x61, 0xCC, 0xA5,
+	0xB9, 0x03, 0x61, 0xCC, 0xA8, 0xA9, 0x03, 0x62,
+	0xCC, 0x87, 0xCD, 0x03, 0x62, 0xCC, 0xA3, 0xB9,
+	0x03, 0x62, 0xCC, 0xB1, 0xB9, 0x03, 0x63, 0xCC,
+	// Bytes 3400 - 343f
+	0x81, 0xCD, 0x03, 0x63, 0xCC, 0x82, 0xCD, 0x03,
+	0x63, 0xCC, 0x87, 0xCD, 0x03, 0x63, 0xCC, 0x8C,
+	0xCD, 0x03, 0x64, 0xCC, 0x87, 0xCD, 0x03, 0x64,
+	0xCC, 0x8C, 0xCD, 0x03, 0x64, 0xCC, 0xA3, 0xB9,
+	0x03, 0x64, 0xCC, 0xA7, 0xA9, 0x03, 0x64, 0xCC,
+	0xAD, 0xB9, 0x03, 0x64, 0xCC, 0xB1, 0xB9, 0x03,
+	0x65, 0xCC, 0x80, 0xCD, 0x03, 0x65, 0xCC, 0x81,
+	0xCD, 0x03, 0x65, 0xCC, 0x83, 0xCD, 0x03, 0x65,
+	// Bytes 3440 - 347f
+	0xCC, 0x86, 0xCD, 0x03, 0x65, 0xCC, 0x87, 0xCD,
+	0x03, 0x65, 0xCC, 0x88, 0xCD, 0x03, 0x65, 0xCC,
+	0x89, 0xCD, 0x03, 0x65, 0xCC, 0x8C, 0xCD, 0x03,
+	0x65, 0xCC, 0x8F, 0xCD, 0x03, 0x65, 0xCC, 0x91,
+	0xCD, 0x03, 0x65, 0xCC, 0xA8, 0xA9, 0x03, 0x65,
+	0xCC, 0xAD, 0xB9, 0x03, 0x65, 0xCC, 0xB0, 0xB9,
+	0x03, 0x66, 0xCC, 0x87, 0xCD, 0x03, 0x67, 0xCC,
+	0x81, 0xCD, 0x03, 0x67, 0xCC, 0x82, 0xCD, 0x03,
+	// Bytes 3480 - 34bf
+	0x67, 0xCC, 0x84, 0xCD, 0x03, 0x67, 0xCC, 0x86,
+	0xCD, 0x03, 0x67, 0xCC, 0x87, 0xCD, 0x03, 0x67,
+	0xCC, 0x8C, 0xCD, 0x03, 0x67, 0xCC, 0xA7, 0xA9,
+	0x03, 0x68, 0xCC, 0x82, 0xCD, 0x03, 0x68, 0xCC,
+	0x87, 0xCD, 0x03, 0x68, 0xCC, 0x88, 0xCD, 0x03,
+	0x68, 0xCC, 0x8C, 0xCD, 0x03, 0x68, 0xCC, 0xA3,
+	0xB9, 0x03, 0x68, 0xCC, 0xA7, 0xA9, 0x03, 0x68,
+	0xCC, 0xAE, 0xB9, 0x03, 0x68, 0xCC, 0xB1, 0xB9,
+	// Bytes 34c0 - 34ff
+	0x03, 0x69, 0xCC, 0x80, 0xCD, 0x03, 0x69, 0xCC,
+	0x81, 0xCD, 0x03, 0x69, 0xCC, 0x82, 0xCD, 0x03,
+	0x69, 0xCC, 0x83, 0xCD, 0x03, 0x69, 0xCC, 0x84,
+	0xCD, 0x03, 0x69, 0xCC, 0x86, 0xCD, 0x03, 0x69,
+	0xCC, 0x89, 0xCD, 0x03, 0x69, 0xCC, 0x8C, 0xCD,
+	0x03, 0x69, 0xCC, 0x8F, 0xCD, 0x03, 0x69, 0xCC,
+	0x91, 0xCD, 0x03, 0x69, 0xCC, 0xA3, 0xB9, 0x03,
+	0x69, 0xCC, 0xA8, 0xA9, 0x03, 0x69, 0xCC, 0xB0,
+	// Bytes 3500 - 353f
+	0xB9, 0x03, 0x6A, 0xCC, 0x82, 0xCD, 0x03, 0x6A,
+	0xCC, 0x8C, 0xCD, 0x03, 0x6B, 0xCC, 0x81, 0xCD,
+	0x03, 0x6B, 0xCC, 0x8C, 0xCD, 0x03, 0x6B, 0xCC,
+	0xA3, 0xB9, 0x03, 0x6B, 0xCC, 0xA7, 0xA9, 0x03,
+	0x6B, 0xCC, 0xB1, 0xB9, 0x03, 0x6C, 0xCC, 0x81,
+	0xCD, 0x03, 0x6C, 0xCC, 0x8C, 0xCD, 0x03, 0x6C,
+	0xCC, 0xA7, 0xA9, 0x03, 0x6C, 0xCC, 0xAD, 0xB9,
+	0x03, 0x6C, 0xCC, 0xB1, 0xB9, 0x03, 0x6D, 0xCC,
+	// Bytes 3540 - 357f
+	0x81, 0xCD, 0x03, 0x6D, 0xCC, 0x87, 0xCD, 0x03,
+	0x6D, 0xCC, 0xA3, 0xB9, 0x03, 0x6E, 0xCC, 0x80,
+	0xCD, 0x03, 0x6E, 0xCC, 0x81, 0xCD, 0x03, 0x6E,
+	0xCC, 0x83, 0xCD, 0x03, 0x6E, 0xCC, 0x87, 0xCD,
+	0x03, 0x6E, 0xCC, 0x8C, 0xCD, 0x03, 0x6E, 0xCC,
+	0xA3, 0xB9, 0x03, 0x6E, 0xCC, 0xA7, 0xA9, 0x03,
+	0x6E, 0xCC, 0xAD, 0xB9, 0x03, 0x6E, 0xCC, 0xB1,
+	0xB9, 0x03, 0x6F, 0xCC, 0x80, 0xCD, 0x03, 0x6F,
+	// Bytes 3580 - 35bf
+	0xCC, 0x81, 0xCD, 0x03, 0x6F, 0xCC, 0x86, 0xCD,
+	0x03, 0x6F, 0xCC, 0x89, 0xCD, 0x03, 0x6F, 0xCC,
+	0x8B, 0xCD, 0x03, 0x6F, 0xCC, 0x8C, 0xCD, 0x03,
+	0x6F, 0xCC, 0x8F, 0xCD, 0x03, 0x6F, 0xCC, 0x91,
+	0xCD, 0x03, 0x70, 0xCC, 0x81, 0xCD, 0x03, 0x70,
+	0xCC, 0x87, 0xCD, 0x03, 0x72, 0xCC, 0x81, 0xCD,
+	0x03, 0x72, 0xCC, 0x87, 0xCD, 0x03, 0x72, 0xCC,
+	0x8C, 0xCD, 0x03, 0x72, 0xCC, 0x8F, 0xCD, 0x03,
+	// Bytes 35c0 - 35ff
+	0x72, 0xCC, 0x91, 0xCD, 0x03, 0x72, 0xCC, 0xA7,
+	0xA9, 0x03, 0x72, 0xCC, 0xB1, 0xB9, 0x03, 0x73,
+	0xCC, 0x82, 0xCD, 0x03, 0x73, 0xCC, 0x87, 0xCD,
+	0x03, 0x73, 0xCC, 0xA6, 0xB9, 0x03, 0x73, 0xCC,
+	0xA7, 0xA9, 0x03, 0x74, 0xCC, 0x87, 0xCD, 0x03,
+	0x74, 0xCC, 0x88, 0xCD, 0x03, 0x74, 0xCC, 0x8C,
+	0xCD, 0x03, 0x74, 0xCC, 0xA3, 0xB9, 0x03, 0x74,
+	0xCC, 0xA6, 0xB9, 0x03, 0x74, 0xCC, 0xA7, 0xA9,
+	// Bytes 3600 - 363f
+	0x03, 0x74, 0xCC, 0xAD, 0xB9, 0x03, 0x74, 0xCC,
+	0xB1, 0xB9, 0x03, 0x75, 0xCC, 0x80, 0xCD, 0x03,
+	0x75, 0xCC, 0x81, 0xCD, 0x03, 0x75, 0xCC, 0x82,
+	0xCD, 0x03, 0x75, 0xCC, 0x86, 0xCD, 0x03, 0x75,
+	0xCC, 0x89, 0xCD, 0x03, 0x75, 0xCC, 0x8A, 0xCD,
+	0x03, 0x75, 0xCC, 0x8B, 0xCD, 0x03, 0x75, 0xCC,
+	0x8C, 0xCD, 0x03, 0x75, 0xCC, 0x8F, 0xCD, 0x03,
+	0x75, 0xCC, 0x91, 0xCD, 0x03, 0x75, 0xCC, 0xA3,
+	// Bytes 3640 - 367f
+	0xB9, 0x03, 0x75, 0xCC, 0xA4, 0xB9, 0x03, 0x75,
+	0xCC, 0xA8, 0xA9, 0x03, 0x75, 0xCC, 0xAD, 0xB9,
+	0x03, 0x75, 0xCC, 0xB0, 0xB9, 0x03, 0x76, 0xCC,
+	0x83, 0xCD, 0x03, 0x76, 0xCC, 0xA3, 0xB9, 0x03,
+	0x77, 0xCC, 0x80, 0xCD, 0x03, 0x77, 0xCC, 0x81,
+	0xCD, 0x03, 0x77, 0xCC, 0x82, 0xCD, 0x03, 0x77,
+	0xCC, 0x87, 0xCD, 0x03, 0x77, 0xCC, 0x88, 0xCD,
+	0x03, 0x77, 0xCC, 0x8A, 0xCD, 0x03, 0x77, 0xCC,
+	// Bytes 3680 - 36bf
+	0xA3, 0xB9, 0x03, 0x78, 0xCC, 0x87, 0xCD, 0x03,
+	0x78, 0xCC, 0x88, 0xCD, 0x03, 0x79, 0xCC, 0x80,
+	0xCD, 0x03, 0x79, 0xCC, 0x81, 0xCD, 0x03, 0x79,
+	0xCC, 0x82, 0xCD, 0x03, 0x79, 0xCC, 0x83, 0xCD,
+	0x03, 0x79, 0xCC, 0x84, 0xCD, 0x03, 0x79, 0xCC,
+	0x87, 0xCD, 0x03, 0x79, 0xCC, 0x88, 0xCD, 0x03,
+	0x79, 0xCC, 0x89, 0xCD, 0x03, 0x79, 0xCC, 0x8A,
+	0xCD, 0x03, 0x79, 0xCC, 0xA3, 0xB9, 0x03, 0x7A,
+	// Bytes 36c0 - 36ff
+	0xCC, 0x81, 0xCD, 0x03, 0x7A, 0xCC, 0x82, 0xCD,
+	0x03, 0x7A, 0xCC, 0x87, 0xCD, 0x03, 0x7A, 0xCC,
+	0x8C, 0xCD, 0x03, 0x7A, 0xCC, 0xA3, 0xB9, 0x03,
+	0x7A, 0xCC, 0xB1, 0xB9, 0x04, 0xC2, 0xA8, 0xCC,
+	0x80, 0xCE, 0x04, 0xC2, 0xA8, 0xCC, 0x81, 0xCE,
+	0x04, 0xC2, 0xA8, 0xCD, 0x82, 0xCE, 0x04, 0xC3,
+	0x86, 0xCC, 0x81, 0xCD, 0x04, 0xC3, 0x86, 0xCC,
+	0x84, 0xCD, 0x04, 0xC3, 0x98, 0xCC, 0x81, 0xCD,
+	// Bytes 3700 - 373f
+	0x04, 0xC3, 0xA6, 0xCC, 0x81, 0xCD, 0x04, 0xC3,
+	0xA6, 0xCC, 0x84, 0xCD, 0x04, 0xC3, 0xB8, 0xCC,
+	0x81, 0xCD, 0x04, 0xC5, 0xBF, 0xCC, 0x87, 0xCD,
+	0x04, 0xC6, 0xB7, 0xCC, 0x8C, 0xCD, 0x04, 0xCA,
+	0x92, 0xCC, 0x8C, 0xCD, 0x04, 0xCE, 0x91, 0xCC,
+	0x80, 0xCD, 0x04, 0xCE, 0x91, 0xCC, 0x81, 0xCD,
+	0x04, 0xCE, 0x91, 0xCC, 0x84, 0xCD, 0x04, 0xCE,
+	0x91, 0xCC, 0x86, 0xCD, 0x04, 0xCE, 0x91, 0xCD,
+	// Bytes 3740 - 377f
+	0x85, 0xDD, 0x04, 0xCE, 0x95, 0xCC, 0x80, 0xCD,
+	0x04, 0xCE, 0x95, 0xCC, 0x81, 0xCD, 0x04, 0xCE,
+	0x97, 0xCC, 0x80, 0xCD, 0x04, 0xCE, 0x97, 0xCC,
+	0x81, 0xCD, 0x04, 0xCE, 0x97, 0xCD, 0x85, 0xDD,
+	0x04, 0xCE, 0x99, 0xCC, 0x80, 0xCD, 0x04, 0xCE,
+	0x99, 0xCC, 0x81, 0xCD, 0x04, 0xCE, 0x99, 0xCC,
+	0x84, 0xCD, 0x04, 0xCE, 0x99, 0xCC, 0x86, 0xCD,
+	0x04, 0xCE, 0x99, 0xCC, 0x88, 0xCD, 0x04, 0xCE,
+	// Bytes 3780 - 37bf
+	0x9F, 0xCC, 0x80, 0xCD, 0x04, 0xCE, 0x9F, 0xCC,
+	0x81, 0xCD, 0x04, 0xCE, 0xA1, 0xCC, 0x94, 0xCD,
+	0x04, 0xCE, 0xA5, 0xCC, 0x80, 0xCD, 0x04, 0xCE,
+	0xA5, 0xCC, 0x81, 0xCD, 0x04, 0xCE, 0xA5, 0xCC,
+	0x84, 0xCD, 0x04, 0xCE, 0xA5, 0xCC, 0x86, 0xCD,
+	0x04, 0xCE, 0xA5, 0xCC, 0x88, 0xCD, 0x04, 0xCE,
+	0xA9, 0xCC, 0x80, 0xCD, 0x04, 0xCE, 0xA9, 0xCC,
+	0x81, 0xCD, 0x04, 0xCE, 0xA9, 0xCD, 0x85, 0xDD,
+	// Bytes 37c0 - 37ff
+	0x04, 0xCE, 0xB1, 0xCC, 0x84, 0xCD, 0x04, 0xCE,
+	0xB1, 0xCC, 0x86, 0xCD, 0x04, 0xCE, 0xB1, 0xCD,
+	0x85, 0xDD, 0x04, 0xCE, 0xB5, 0xCC, 0x80, 0xCD,
+	0x04, 0xCE, 0xB5, 0xCC, 0x81, 0xCD, 0x04, 0xCE,
+	0xB7, 0xCD, 0x85, 0xDD, 0x04, 0xCE, 0xB9, 0xCC,
+	0x80, 0xCD, 0x04, 0xCE, 0xB9, 0xCC, 0x81, 0xCD,
+	0x04, 0xCE, 0xB9, 0xCC, 0x84, 0xCD, 0x04, 0xCE,
+	0xB9, 0xCC, 0x86, 0xCD, 0x04, 0xCE, 0xB9, 0xCD,
+	// Bytes 3800 - 383f
+	0x82, 0xCD, 0x04, 0xCE, 0xBF, 0xCC, 0x80, 0xCD,
+	0x04, 0xCE, 0xBF, 0xCC, 0x81, 0xCD, 0x04, 0xCF,
+	0x81, 0xCC, 0x93, 0xCD, 0x04, 0xCF, 0x81, 0xCC,
+	0x94, 0xCD, 0x04, 0xCF, 0x85, 0xCC, 0x80, 0xCD,
+	0x04, 0xCF, 0x85, 0xCC, 0x81, 0xCD, 0x04, 0xCF,
+	0x85, 0xCC, 0x84, 0xCD, 0x04, 0xCF, 0x85, 0xCC,
+	0x86, 0xCD, 0x04, 0xCF, 0x85, 0xCD, 0x82, 0xCD,
+	0x04, 0xCF, 0x89, 0xCD, 0x85, 0xDD, 0x04, 0xCF,
+	// Bytes 3840 - 387f
+	0x92, 0xCC, 0x81, 0xCD, 0x04, 0xCF, 0x92, 0xCC,
+	0x88, 0xCD, 0x04, 0xD0, 0x86, 0xCC, 0x88, 0xCD,
+	0x04, 0xD0, 0x90, 0xCC, 0x86, 0xCD, 0x04, 0xD0,
+	0x90, 0xCC, 0x88, 0xCD, 0x04, 0xD0, 0x93, 0xCC,
+	0x81, 0xCD, 0x04, 0xD0, 0x95, 0xCC, 0x80, 0xCD,
+	0x04, 0xD0, 0x95, 0xCC, 0x86, 0xCD, 0x04, 0xD0,
+	0x95, 0xCC, 0x88, 0xCD, 0x04, 0xD0, 0x96, 0xCC,
+	0x86, 0xCD, 0x04, 0xD0, 0x96, 0xCC, 0x88, 0xCD,
+	// Bytes 3880 - 38bf
+	0x04, 0xD0, 0x97, 0xCC, 0x88, 0xCD, 0x04, 0xD0,
+	0x98, 0xCC, 0x80, 0xCD, 0x04, 0xD0, 0x98, 0xCC,
+	0x84, 0xCD, 0x04, 0xD0, 0x98, 0xCC, 0x86, 0xCD,
+	0x04, 0xD0, 0x98, 0xCC, 0x88, 0xCD, 0x04, 0xD0,
+	0x9A, 0xCC, 0x81, 0xCD, 0x04, 0xD0, 0x9E, 0xCC,
+	0x88, 0xCD, 0x04, 0xD0, 0xA3, 0xCC, 0x84, 0xCD,
+	0x04, 0xD0, 0xA3, 0xCC, 0x86, 0xCD, 0x04, 0xD0,
+	0xA3, 0xCC, 0x88, 0xCD, 0x04, 0xD0, 0xA3, 0xCC,
+	// Bytes 38c0 - 38ff
+	0x8B, 0xCD, 0x04, 0xD0, 0xA7, 0xCC, 0x88, 0xCD,
+	0x04, 0xD0, 0xAB, 0xCC, 0x88, 0xCD, 0x04, 0xD0,
+	0xAD, 0xCC, 0x88, 0xCD, 0x04, 0xD0, 0xB0, 0xCC,
+	0x86, 0xCD, 0x04, 0xD0, 0xB0, 0xCC, 0x88, 0xCD,
+	0x04, 0xD0, 0xB3, 0xCC, 0x81, 0xCD, 0x04, 0xD0,
+	0xB5, 0xCC, 0x80, 0xCD, 0x04, 0xD0, 0xB5, 0xCC,
+	0x86, 0xCD, 0x04, 0xD0, 0xB5, 0xCC, 0x88, 0xCD,
+	0x04, 0xD0, 0xB6, 0xCC, 0x86, 0xCD, 0x04, 0xD0,
+	// Bytes 3900 - 393f
+	0xB6, 0xCC, 0x88, 0xCD, 0x04, 0xD0, 0xB7, 0xCC,
+	0x88, 0xCD, 0x04, 0xD0, 0xB8, 0xCC, 0x80, 0xCD,
+	0x04, 0xD0, 0xB8, 0xCC, 0x84, 0xCD, 0x04, 0xD0,
+	0xB8, 0xCC, 0x86, 0xCD, 0x04, 0xD0, 0xB8, 0xCC,
+	0x88, 0xCD, 0x04, 0xD0, 0xBA, 0xCC, 0x81, 0xCD,
+	0x04, 0xD0, 0xBE, 0xCC, 0x88, 0xCD, 0x04, 0xD1,
+	0x83, 0xCC, 0x84, 0xCD, 0x04, 0xD1, 0x83, 0xCC,
+	0x86, 0xCD, 0x04, 0xD1, 0x83, 0xCC, 0x88, 0xCD,
+	// Bytes 3940 - 397f
+	0x04, 0xD1, 0x83, 0xCC, 0x8B, 0xCD, 0x04, 0xD1,
+	0x87, 0xCC, 0x88, 0xCD, 0x04, 0xD1, 0x8B, 0xCC,
+	0x88, 0xCD, 0x04, 0xD1, 0x8D, 0xCC, 0x88, 0xCD,
+	0x04, 0xD1, 0x96, 0xCC, 0x88, 0xCD, 0x04, 0xD1,
+	0xB4, 0xCC, 0x8F, 0xCD, 0x04, 0xD1, 0xB5, 0xCC,
+	0x8F, 0xCD, 0x04, 0xD3, 0x98, 0xCC, 0x88, 0xCD,
+	0x04, 0xD3, 0x99, 0xCC, 0x88, 0xCD, 0x04, 0xD3,
+	0xA8, 0xCC, 0x88, 0xCD, 0x04, 0xD3, 0xA9, 0xCC,
+	// Bytes 3980 - 39bf
+	0x88, 0xCD, 0x04, 0xD8, 0xA7, 0xD9, 0x93, 0xCD,
+	0x04, 0xD8, 0xA7, 0xD9, 0x94, 0xCD, 0x04, 0xD8,
+	0xA7, 0xD9, 0x95, 0xB9, 0x04, 0xD9, 0x88, 0xD9,
+	0x94, 0xCD, 0x04, 0xD9, 0x8A, 0xD9, 0x94, 0xCD,
+	0x04, 0xDB, 0x81, 0xD9, 0x94, 0xCD, 0x04, 0xDB,
+	0x92, 0xD9, 0x94, 0xCD, 0x04, 0xDB, 0x95, 0xD9,
+	0x94, 0xCD, 0x05, 0x41, 0xCC, 0x82, 0xCC, 0x80,
+	0xCE, 0x05, 0x41, 0xCC, 0x82, 0xCC, 0x81, 0xCE,
+	// Bytes 39c0 - 39ff
+	0x05, 0x41, 0xCC, 0x82, 0xCC, 0x83, 0xCE, 0x05,
+	0x41, 0xCC, 0x82, 0xCC, 0x89, 0xCE, 0x05, 0x41,
+	0xCC, 0x86, 0xCC, 0x80, 0xCE, 0x05, 0x41, 0xCC,
+	0x86, 0xCC, 0x81, 0xCE, 0x05, 0x41, 0xCC, 0x86,
+	0xCC, 0x83, 0xCE, 0x05, 0x41, 0xCC, 0x86, 0xCC,
+	0x89, 0xCE, 0x05, 0x41, 0xCC, 0x87, 0xCC, 0x84,
+	0xCE, 0x05, 0x41, 0xCC, 0x88, 0xCC, 0x84, 0xCE,
+	0x05, 0x41, 0xCC, 0x8A, 0xCC, 0x81, 0xCE, 0x05,
+	// Bytes 3a00 - 3a3f
+	0x41, 0xCC, 0xA3, 0xCC, 0x82, 0xCE, 0x05, 0x41,
+	0xCC, 0xA3, 0xCC, 0x86, 0xCE, 0x05, 0x43, 0xCC,
+	0xA7, 0xCC, 0x81, 0xCE, 0x05, 0x45, 0xCC, 0x82,
+	0xCC, 0x80, 0xCE, 0x05, 0x45, 0xCC, 0x82, 0xCC,
+	0x81, 0xCE, 0x05, 0x45, 0xCC, 0x82, 0xCC, 0x83,
+	0xCE, 0x05, 0x45, 0xCC, 0x82, 0xCC, 0x89, 0xCE,
+	0x05, 0x45, 0xCC, 0x84, 0xCC, 0x80, 0xCE, 0x05,
+	0x45, 0xCC, 0x84, 0xCC, 0x81, 0xCE, 0x05, 0x45,
+	// Bytes 3a40 - 3a7f
+	0xCC, 0xA3, 0xCC, 0x82, 0xCE, 0x05, 0x45, 0xCC,
+	0xA7, 0xCC, 0x86, 0xCE, 0x05, 0x49, 0xCC, 0x88,
+	0xCC, 0x81, 0xCE, 0x05, 0x4C, 0xCC, 0xA3, 0xCC,
+	0x84, 0xCE, 0x05, 0x4F, 0xCC, 0x82, 0xCC, 0x80,
+	0xCE, 0x05, 0x4F, 0xCC, 0x82, 0xCC, 0x81, 0xCE,
+	0x05, 0x4F, 0xCC, 0x82, 0xCC, 0x83, 0xCE, 0x05,
+	0x4F, 0xCC, 0x82, 0xCC, 0x89, 0xCE, 0x05, 0x4F,
+	0xCC, 0x83, 0xCC, 0x81, 0xCE, 0x05, 0x4F, 0xCC,
+	// Bytes 3a80 - 3abf
+	0x83, 0xCC, 0x84, 0xCE, 0x05, 0x4F, 0xCC, 0x83,
+	0xCC, 0x88, 0xCE, 0x05, 0x4F, 0xCC, 0x84, 0xCC,
+	0x80, 0xCE, 0x05, 0x4F, 0xCC, 0x84, 0xCC, 0x81,
+	0xCE, 0x05, 0x4F, 0xCC, 0x87, 0xCC, 0x84, 0xCE,
+	0x05, 0x4F, 0xCC, 0x88, 0xCC, 0x84, 0xCE, 0x05,
+	0x4F, 0xCC, 0x9B, 0xCC, 0x80, 0xCE, 0x05, 0x4F,
+	0xCC, 0x9B, 0xCC, 0x81, 0xCE, 0x05, 0x4F, 0xCC,
+	0x9B, 0xCC, 0x83, 0xCE, 0x05, 0x4F, 0xCC, 0x9B,
+	// Bytes 3ac0 - 3aff
+	0xCC, 0x89, 0xCE, 0x05, 0x4F, 0xCC, 0x9B, 0xCC,
+	0xA3, 0xBA, 0x05, 0x4F, 0xCC, 0xA3, 0xCC, 0x82,
+	0xCE, 0x05, 0x4F, 0xCC, 0xA8, 0xCC, 0x84, 0xCE,
+	0x05, 0x52, 0xCC, 0xA3, 0xCC, 0x84, 0xCE, 0x05,
+	0x53, 0xCC, 0x81, 0xCC, 0x87, 0xCE, 0x05, 0x53,
+	0xCC, 0x8C, 0xCC, 0x87, 0xCE, 0x05, 0x53, 0xCC,
+	0xA3, 0xCC, 0x87, 0xCE, 0x05, 0x55, 0xCC, 0x83,
+	0xCC, 0x81, 0xCE, 0x05, 0x55, 0xCC, 0x84, 0xCC,
+	// Bytes 3b00 - 3b3f
+	0x88, 0xCE, 0x05, 0x55, 0xCC, 0x88, 0xCC, 0x80,
+	0xCE, 0x05, 0x55, 0xCC, 0x88, 0xCC, 0x81, 0xCE,
+	0x05, 0x55, 0xCC, 0x88, 0xCC, 0x84, 0xCE, 0x05,
+	0x55, 0xCC, 0x88, 0xCC, 0x8C, 0xCE, 0x05, 0x55,
+	0xCC, 0x9B, 0xCC, 0x80, 0xCE, 0x05, 0x55, 0xCC,
+	0x9B, 0xCC, 0x81, 0xCE, 0x05, 0x55, 0xCC, 0x9B,
+	0xCC, 0x83, 0xCE, 0x05, 0x55, 0xCC, 0x9B, 0xCC,
+	0x89, 0xCE, 0x05, 0x55, 0xCC, 0x9B, 0xCC, 0xA3,
+	// Bytes 3b40 - 3b7f
+	0xBA, 0x05, 0x61, 0xCC, 0x82, 0xCC, 0x80, 0xCE,
+	0x05, 0x61, 0xCC, 0x82, 0xCC, 0x81, 0xCE, 0x05,
+	0x61, 0xCC, 0x82, 0xCC, 0x83, 0xCE, 0x05, 0x61,
+	0xCC, 0x82, 0xCC, 0x89, 0xCE, 0x05, 0x61, 0xCC,
+	0x86, 0xCC, 0x80, 0xCE, 0x05, 0x61, 0xCC, 0x86,
+	0xCC, 0x81, 0xCE, 0x05, 0x61, 0xCC, 0x86, 0xCC,
+	0x83, 0xCE, 0x05, 0x61, 0xCC, 0x86, 0xCC, 0x89,
+	0xCE, 0x05, 0x61, 0xCC, 0x87, 0xCC, 0x84, 0xCE,
+	// Bytes 3b80 - 3bbf
+	0x05, 0x61, 0xCC, 0x88, 0xCC, 0x84, 0xCE, 0x05,
+	0x61, 0xCC, 0x8A, 0xCC, 0x81, 0xCE, 0x05, 0x61,
+	0xCC, 0xA3, 0xCC, 0x82, 0xCE, 0x05, 0x61, 0xCC,
+	0xA3, 0xCC, 0x86, 0xCE, 0x05, 0x63, 0xCC, 0xA7,
+	0xCC, 0x81, 0xCE, 0x05, 0x65, 0xCC, 0x82, 0xCC,
+	0x80, 0xCE, 0x05, 0x65, 0xCC, 0x82, 0xCC, 0x81,
+	0xCE, 0x05, 0x65, 0xCC, 0x82, 0xCC, 0x83, 0xCE,
+	0x05, 0x65, 0xCC, 0x82, 0xCC, 0x89, 0xCE, 0x05,
+	// Bytes 3bc0 - 3bff
+	0x65, 0xCC, 0x84, 0xCC, 0x80, 0xCE, 0x05, 0x65,
+	0xCC, 0x84, 0xCC, 0x81, 0xCE, 0x05, 0x65, 0xCC,
+	0xA3, 0xCC, 0x82, 0xCE, 0x05, 0x65, 0xCC, 0xA7,
+	0xCC, 0x86, 0xCE, 0x05, 0x69, 0xCC, 0x88, 0xCC,
+	0x81, 0xCE, 0x05, 0x6C, 0xCC, 0xA3, 0xCC, 0x84,
+	0xCE, 0x05, 0x6F, 0xCC, 0x82, 0xCC, 0x80, 0xCE,
+	0x05, 0x6F, 0xCC, 0x82, 0xCC, 0x81, 0xCE, 0x05,
+	0x6F, 0xCC, 0x82, 0xCC, 0x83, 0xCE, 0x05, 0x6F,
+	// Bytes 3c00 - 3c3f
+	0xCC, 0x82, 0xCC, 0x89, 0xCE, 0x05, 0x6F, 0xCC,
+	0x83, 0xCC, 0x81, 0xCE, 0x05, 0x6F, 0xCC, 0x83,
+	0xCC, 0x84, 0xCE, 0x05, 0x6F, 0xCC, 0x83, 0xCC,
+	0x88, 0xCE, 0x05, 0x6F, 0xCC, 0x84, 0xCC, 0x80,
+	0xCE, 0x05, 0x6F, 0xCC, 0x84, 0xCC, 0x81, 0xCE,
+	0x05, 0x6F, 0xCC, 0x87, 0xCC, 0x84, 0xCE, 0x05,
+	0x6F, 0xCC, 0x88, 0xCC, 0x84, 0xCE, 0x05, 0x6F,
+	0xCC, 0x9B, 0xCC, 0x80, 0xCE, 0x05, 0x6F, 0xCC,
+	// Bytes 3c40 - 3c7f
+	0x9B, 0xCC, 0x81, 0xCE, 0x05, 0x6F, 0xCC, 0x9B,
+	0xCC, 0x83, 0xCE, 0x05, 0x6F, 0xCC, 0x9B, 0xCC,
+	0x89, 0xCE, 0x05, 0x6F, 0xCC, 0x9B, 0xCC, 0xA3,
+	0xBA, 0x05, 0x6F, 0xCC, 0xA3, 0xCC, 0x82, 0xCE,
+	0x05, 0x6F, 0xCC, 0xA8, 0xCC, 0x84, 0xCE, 0x05,
+	0x72, 0xCC, 0xA3, 0xCC, 0x84, 0xCE, 0x05, 0x73,
+	0xCC, 0x81, 0xCC, 0x87, 0xCE, 0x05, 0x73, 0xCC,
+	0x8C, 0xCC, 0x87, 0xCE, 0x05, 0x73, 0xCC, 0xA3,
+	// Bytes 3c80 - 3cbf
+	0xCC, 0x87, 0xCE, 0x05, 0x75, 0xCC, 0x83, 0xCC,
+	0x81, 0xCE, 0x05, 0x75, 0xCC, 0x84, 0xCC, 0x88,
+	0xCE, 0x05, 0x75, 0xCC, 0x88, 0xCC, 0x80, 0xCE,
+	0x05, 0x75, 0xCC, 0x88, 0xCC, 0x81, 0xCE, 0x05,
+	0x75, 0xCC, 0x88, 0xCC, 0x84, 0xCE, 0x05, 0x75,
+	0xCC, 0x88, 0xCC, 0x8C, 0xCE, 0x05, 0x75, 0xCC,
+	0x9B, 0xCC, 0x80, 0xCE, 0x05, 0x75, 0xCC, 0x9B,
+	0xCC, 0x81, 0xCE, 0x05, 0x75, 0xCC, 0x9B, 0xCC,
+	// Bytes 3cc0 - 3cff
+	0x83, 0xCE, 0x05, 0x75, 0xCC, 0x9B, 0xCC, 0x89,
+	0xCE, 0x05, 0x75, 0xCC, 0x9B, 0xCC, 0xA3, 0xBA,
+	0x05, 0xE1, 0xBE, 0xBF, 0xCC, 0x80, 0xCE, 0x05,
+	0xE1, 0xBE, 0xBF, 0xCC, 0x81, 0xCE, 0x05, 0xE1,
+	0xBE, 0xBF, 0xCD, 0x82, 0xCE, 0x05, 0xE1, 0xBF,
+	0xBE, 0xCC, 0x80, 0xCE, 0x05, 0xE1, 0xBF, 0xBE,
+	0xCC, 0x81, 0xCE, 0x05, 0xE1, 0xBF, 0xBE, 0xCD,
+	0x82, 0xCE, 0x05, 0xE2, 0x86, 0x90, 0xCC, 0xB8,
+	// Bytes 3d00 - 3d3f
+	0x05, 0x05, 0xE2, 0x86, 0x92, 0xCC, 0xB8, 0x05,
+	0x05, 0xE2, 0x86, 0x94, 0xCC, 0xB8, 0x05, 0x05,
+	0xE2, 0x87, 0x90, 0xCC, 0xB8, 0x05, 0x05, 0xE2,
+	0x87, 0x92, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x87,
+	0x94, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x88, 0x83,
+	0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x88, 0x88, 0xCC,
+	0xB8, 0x05, 0x05, 0xE2, 0x88, 0x8B, 0xCC, 0xB8,
+	0x05, 0x05, 0xE2, 0x88, 0xA3, 0xCC, 0xB8, 0x05,
+	// Bytes 3d40 - 3d7f
+	0x05, 0xE2, 0x88, 0xA5, 0xCC, 0xB8, 0x05, 0x05,
+	0xE2, 0x88, 0xBC, 0xCC, 0xB8, 0x05, 0x05, 0xE2,
+	0x89, 0x83, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x89,
+	0x85, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x89, 0x88,
+	0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x89, 0x8D, 0xCC,
+	0xB8, 0x05, 0x05, 0xE2, 0x89, 0xA1, 0xCC, 0xB8,
+	0x05, 0x05, 0xE2, 0x89, 0xA4, 0xCC, 0xB8, 0x05,
+	0x05, 0xE2, 0x89, 0xA5, 0xCC, 0xB8, 0x05, 0x05,
+	// Bytes 3d80 - 3dbf
+	0xE2, 0x89, 0xB2, 0xCC, 0xB8, 0x05, 0x05, 0xE2,
+	0x89, 0xB3, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x89,
+	0xB6, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x89, 0xB7,
+	0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x89, 0xBA, 0xCC,
+	0xB8, 0x05, 0x05, 0xE2, 0x89, 0xBB, 0xCC, 0xB8,
+	0x05, 0x05, 0xE2, 0x89, 0xBC, 0xCC, 0xB8, 0x05,
+	0x05, 0xE2, 0x89, 0xBD, 0xCC, 0xB8, 0x05, 0x05,
+	0xE2, 0x8A, 0x82, 0xCC, 0xB8, 0x05, 0x05, 0xE2,
+	// Bytes 3dc0 - 3dff
+	0x8A, 0x83, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x8A,
+	0x86, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x8A, 0x87,
+	0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x8A, 0x91, 0xCC,
+	0xB8, 0x05, 0x05, 0xE2, 0x8A, 0x92, 0xCC, 0xB8,
+	0x05, 0x05, 0xE2, 0x8A, 0xA2, 0xCC, 0xB8, 0x05,
+	0x05, 0xE2, 0x8A, 0xA8, 0xCC, 0xB8, 0x05, 0x05,
+	0xE2, 0x8A, 0xA9, 0xCC, 0xB8, 0x05, 0x05, 0xE2,
+	0x8A, 0xAB, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x8A,
+	// Bytes 3e00 - 3e3f
+	0xB2, 0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x8A, 0xB3,
+	0xCC, 0xB8, 0x05, 0x05, 0xE2, 0x8A, 0xB4, 0xCC,
+	0xB8, 0x05, 0x05, 0xE2, 0x8A, 0xB5, 0xCC, 0xB8,
+	0x05, 0x06, 0xCE, 0x91, 0xCC, 0x93, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0x91, 0xCC, 0x94, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0x95, 0xCC, 0x93, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0x95, 0xCC, 0x93, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0x95, 0xCC, 0x94, 0xCC, 0x80,
+	// Bytes 3e40 - 3e7f
+	0xCE, 0x06, 0xCE, 0x95, 0xCC, 0x94, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0x97, 0xCC, 0x93, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0x97, 0xCC, 0x94, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0x99, 0xCC, 0x93, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0x99, 0xCC, 0x93, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0x99, 0xCC, 0x93, 0xCD, 0x82,
+	0xCE, 0x06, 0xCE, 0x99, 0xCC, 0x94, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0x99, 0xCC, 0x94, 0xCC, 0x81,
+	// Bytes 3e80 - 3ebf
+	0xCE, 0x06, 0xCE, 0x99, 0xCC, 0x94, 0xCD, 0x82,
+	0xCE, 0x06, 0xCE, 0x9F, 0xCC, 0x93, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0x9F, 0xCC, 0x93, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0x9F, 0xCC, 0x94, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0x9F, 0xCC, 0x94, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0xA5, 0xCC, 0x94, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0xA5, 0xCC, 0x94, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0xA5, 0xCC, 0x94, 0xCD, 0x82,
+	// Bytes 3ec0 - 3eff
+	0xCE, 0x06, 0xCE, 0xA9, 0xCC, 0x93, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xA9, 0xCC, 0x94, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB1, 0xCC, 0x80, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB1, 0xCC, 0x81, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB1, 0xCC, 0x93, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB1, 0xCC, 0x94, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB1, 0xCD, 0x82, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB5, 0xCC, 0x93, 0xCC, 0x80,
+	// Bytes 3f00 - 3f3f
+	0xCE, 0x06, 0xCE, 0xB5, 0xCC, 0x93, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0xB5, 0xCC, 0x94, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0xB5, 0xCC, 0x94, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0xB7, 0xCC, 0x80, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB7, 0xCC, 0x81, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB7, 0xCC, 0x93, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB7, 0xCC, 0x94, 0xCD, 0x85,
+	0xDE, 0x06, 0xCE, 0xB7, 0xCD, 0x82, 0xCD, 0x85,
+	// Bytes 3f40 - 3f7f
+	0xDE, 0x06, 0xCE, 0xB9, 0xCC, 0x88, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0xB9, 0xCC, 0x88, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0xB9, 0xCC, 0x88, 0xCD, 0x82,
+	0xCE, 0x06, 0xCE, 0xB9, 0xCC, 0x93, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0xB9, 0xCC, 0x93, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0xB9, 0xCC, 0x93, 0xCD, 0x82,
+	0xCE, 0x06, 0xCE, 0xB9, 0xCC, 0x94, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0xB9, 0xCC, 0x94, 0xCC, 0x81,
+	// Bytes 3f80 - 3fbf
+	0xCE, 0x06, 0xCE, 0xB9, 0xCC, 0x94, 0xCD, 0x82,
+	0xCE, 0x06, 0xCE, 0xBF, 0xCC, 0x93, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0xBF, 0xCC, 0x93, 0xCC, 0x81,
+	0xCE, 0x06, 0xCE, 0xBF, 0xCC, 0x94, 0xCC, 0x80,
+	0xCE, 0x06, 0xCE, 0xBF, 0xCC, 0x94, 0xCC, 0x81,
+	0xCE, 0x06, 0xCF, 0x85, 0xCC, 0x88, 0xCC, 0x80,
+	0xCE, 0x06, 0xCF, 0x85, 0xCC, 0x88, 0xCC, 0x81,
+	0xCE, 0x06, 0xCF, 0x85, 0xCC, 0x88, 0xCD, 0x82,
+	// Bytes 3fc0 - 3fff
+	0xCE, 0x06, 0xCF, 0x85, 0xCC, 0x93, 0xCC, 0x80,
+	0xCE, 0x06, 0xCF, 0x85, 0xCC, 0x93, 0xCC, 0x81,
+	0xCE, 0x06, 0xCF, 0x85, 0xCC, 0x93, 0xCD, 0x82,
+	0xCE, 0x06, 0xCF, 0x85, 0xCC, 0x94, 0xCC, 0x80,
+	0xCE, 0x06, 0xCF, 0x85, 0xCC, 0x94, 0xCC, 0x81,
+	0xCE, 0x06, 0xCF, 0x85, 0xCC, 0x94, 0xCD, 0x82,
+	0xCE, 0x06, 0xCF, 0x89, 0xCC, 0x80, 0xCD, 0x85,
+	0xDE, 0x06, 0xCF, 0x89, 0xCC, 0x81, 0xCD, 0x85,
+	// Bytes 4000 - 403f
+	0xDE, 0x06, 0xCF, 0x89, 0xCC, 0x93, 0xCD, 0x85,
+	0xDE, 0x06, 0xCF, 0x89, 0xCC, 0x94, 0xCD, 0x85,
+	0xDE, 0x06, 0xCF, 0x89, 0xCD, 0x82, 0xCD, 0x85,
+	0xDE, 0x06, 0xE0, 0xA4, 0xA8, 0xE0, 0xA4, 0xBC,
+	0x0D, 0x06, 0xE0, 0xA4, 0xB0, 0xE0, 0xA4, 0xBC,
+	0x0D, 0x06, 0xE0, 0xA4, 0xB3, 0xE0, 0xA4, 0xBC,
+	0x0D, 0x06, 0xE0, 0xB1, 0x86, 0xE0, 0xB1, 0x96,
+	0x89, 0x06, 0xE0, 0xB7, 0x99, 0xE0, 0xB7, 0x8A,
+	// Bytes 4040 - 407f
+	0x15, 0x06, 0xE3, 0x81, 0x86, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x8B, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x8D, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x8F, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x91, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x93, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x95, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x97, 0xE3, 0x82, 0x99,
+	// Bytes 4080 - 40bf
+	0x11, 0x06, 0xE3, 0x81, 0x99, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x9B, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x9D, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0x9F, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0xA1, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0xA4, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0xA6, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0xA8, 0xE3, 0x82, 0x99,
+	// Bytes 40c0 - 40ff
+	0x11, 0x06, 0xE3, 0x81, 0xAF, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0xAF, 0xE3, 0x82, 0x9A,
+	0x11, 0x06, 0xE3, 0x81, 0xB2, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0xB2, 0xE3, 0x82, 0x9A,
+	0x11, 0x06, 0xE3, 0x81, 0xB5, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0xB5, 0xE3, 0x82, 0x9A,
+	0x11, 0x06, 0xE3, 0x81, 0xB8, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0xB8, 0xE3, 0x82, 0x9A,
+	// Bytes 4100 - 413f
+	0x11, 0x06, 0xE3, 0x81, 0xBB, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x81, 0xBB, 0xE3, 0x82, 0x9A,
+	0x11, 0x06, 0xE3, 0x82, 0x9D, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xA6, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xAB, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xAD, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xAF, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xB1, 0xE3, 0x82, 0x99,
+	// Bytes 4140 - 417f
+	0x11, 0x06, 0xE3, 0x82, 0xB3, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xB5, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xB7, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xB9, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xBB, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xBD, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x82, 0xBF, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0x81, 0xE3, 0x82, 0x99,
+	// Bytes 4180 - 41bf
+	0x11, 0x06, 0xE3, 0x83, 0x84, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0x86, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0x88, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0x8F, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0x8F, 0xE3, 0x82, 0x9A,
+	0x11, 0x06, 0xE3, 0x83, 0x92, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0x92, 0xE3, 0x82, 0x9A,
+	0x11, 0x06, 0xE3, 0x83, 0x95, 0xE3, 0x82, 0x99,
+	// Bytes 41c0 - 41ff
+	0x11, 0x06, 0xE3, 0x83, 0x95, 0xE3, 0x82, 0x9A,
+	0x11, 0x06, 0xE3, 0x83, 0x98, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0x98, 0xE3, 0x82, 0x9A,
+	0x11, 0x06, 0xE3, 0x83, 0x9B, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0x9B, 0xE3, 0x82, 0x9A,
+	0x11, 0x06, 0xE3, 0x83, 0xAF, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0xB0, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0xB1, 0xE3, 0x82, 0x99,
+	// Bytes 4200 - 423f
+	0x11, 0x06, 0xE3, 0x83, 0xB2, 0xE3, 0x82, 0x99,
+	0x11, 0x06, 0xE3, 0x83, 0xBD, 0xE3, 0x82, 0x99,
+	0x11, 0x08, 0xCE, 0x91, 0xCC, 0x93, 0xCC, 0x80,
+	0xCD, 0x85, 0xDF, 0x08, 0xCE, 0x91, 0xCC, 0x93,
+	0xCC, 0x81, 0xCD, 0x85, 0xDF, 0x08, 0xCE, 0x91,
+	0xCC, 0x93, 0xCD, 0x82, 0xCD, 0x85, 0xDF, 0x08,
+	0xCE, 0x91, 0xCC, 0x94, 0xCC, 0x80, 0xCD, 0x85,
+	0xDF, 0x08, 0xCE, 0x91, 0xCC, 0x94, 0xCC, 0x81,
+	// Bytes 4240 - 427f
+	0xCD, 0x85, 0xDF, 0x08, 0xCE, 0x91, 0xCC, 0x94,
+	0xCD, 0x82, 0xCD, 0x85, 0xDF, 0x08, 0xCE, 0x97,
+	0xCC, 0x93, 0xCC, 0x80, 0xCD, 0x85, 0xDF, 0x08,
+	0xCE, 0x97, 0xCC, 0x93, 0xCC, 0x81, 0xCD, 0x85,
+	0xDF, 0x08, 0xCE, 0x97, 0xCC, 0x93, 0xCD, 0x82,
+	0xCD, 0x85, 0xDF, 0x08, 0xCE, 0x97, 0xCC, 0x94,
+	0xCC, 0x80, 0xCD, 0x85, 0xDF, 0x08, 0xCE, 0x97,
+	0xCC, 0x94, 0xCC, 0x81, 0xCD, 0x85, 0xDF, 0x08,
+	// Bytes 4280 - 42bf
+	0xCE, 0x97, 0xCC, 0x94, 0xCD, 0x82, 0xCD, 0x85,
+	0xDF, 0x08, 0xCE, 0xA9, 0xCC, 0x93, 0xCC, 0x80,
+	0xCD, 0x85, 0xDF, 0x08, 0xCE, 0xA9, 0xCC, 0x93,
+	0xCC, 0x81, 0xCD, 0x85, 0xDF, 0x08, 0xCE, 0xA9,
+	0xCC, 0x93, 0xCD, 0x82, 0xCD, 0x85, 0xDF, 0x08,
+	0xCE, 0xA9, 0xCC, 0x94, 0xCC, 0x80, 0xCD, 0x85,
+	0xDF, 0x08, 0xCE, 0xA9, 0xCC, 0x94, 0xCC, 0x81,
+	0xCD, 0x85, 0xDF, 0x08, 0xCE, 0xA9, 0xCC, 0x94,
+	// Bytes 42c0 - 42ff
+	0xCD, 0x82, 0xCD, 0x85, 0xDF, 0x08, 0xCE, 0xB1,
+	0xCC, 0x93, 0xCC, 0x80, 0xCD, 0x85, 0xDF, 0x08,
+	0xCE, 0xB1, 0xCC, 0x93, 0xCC, 0x81, 0xCD, 0x85,
+	0xDF, 0x08, 0xCE, 0xB1, 0xCC, 0x93, 0xCD, 0x82,
+	0xCD, 0x85, 0xDF, 0x08, 0xCE, 0xB1, 0xCC, 0x94,
+	0xCC, 0x80, 0xCD, 0x85, 0xDF, 0x08, 0xCE, 0xB1,
+	0xCC, 0x94, 0xCC, 0x81, 0xCD, 0x85, 0xDF, 0x08,
+	0xCE, 0xB1, 0xCC, 0x94, 0xCD, 0x82, 0xCD, 0x85,
+	// Bytes 4300 - 433f
+	0xDF, 0x08, 0xCE, 0xB7, 0xCC, 0x93, 0xCC, 0x80,
+	0xCD, 0x85, 0xDF, 0x08, 0xCE, 0xB7, 0xCC, 0x93,
+	0xCC, 0x81, 0xCD, 0x85, 0xDF, 0x08, 0xCE, 0xB7,
+	0xCC, 0x93, 0xCD, 0x82, 0xCD, 0x85, 0xDF, 0x08,
+	0xCE, 0xB7, 0xCC, 0x94, 0xCC, 0x80, 0xCD, 0x85,
+	0xDF, 0x08, 0xCE, 0xB7, 0xCC, 0x94, 0xCC, 0x81,
+	0xCD, 0x85, 0xDF, 0x08, 0xCE, 0xB7, 0xCC, 0x94,
+	0xCD, 0x82, 0xCD, 0x85, 0xDF, 0x08, 0xCF, 0x89,
+	// Bytes 4340 - 437f
+	0xCC, 0x93, 0xCC, 0x80, 0xCD, 0x85, 0xDF, 0x08,
+	0xCF, 0x89, 0xCC, 0x93, 0xCC, 0x81, 0xCD, 0x85,
+	0xDF, 0x08, 0xCF, 0x89, 0xCC, 0x93, 0xCD, 0x82,
+	0xCD, 0x85, 0xDF, 0x08, 0xCF, 0x89, 0xCC, 0x94,
+	0xCC, 0x80, 0xCD, 0x85, 0xDF, 0x08, 0xCF, 0x89,
+	0xCC, 0x94, 0xCC, 0x81, 0xCD, 0x85, 0xDF, 0x08,
+	0xCF, 0x89, 0xCC, 0x94, 0xCD, 0x82, 0xCD, 0x85,
+	0xDF, 0x08, 0xF0, 0x91, 0x82, 0x99, 0xF0, 0x91,
+	// Bytes 4380 - 43bf
+	0x82, 0xBA, 0x0D, 0x08, 0xF0, 0x91, 0x82, 0x9B,
+	0xF0, 0x91, 0x82, 0xBA, 0x0D, 0x08, 0xF0, 0x91,
+	0x82, 0xA5, 0xF0, 0x91, 0x82, 0xBA, 0x0D, 0x42,
+	0xC2, 0xB4, 0x01, 0x43, 0x20, 0xCC, 0x81, 0xCD,
+	0x43, 0x20, 0xCC, 0x83, 0xCD, 0x43, 0x20, 0xCC,
+	0x84, 0xCD, 0x43, 0x20, 0xCC, 0x85, 0xCD, 0x43,
+	0x20, 0xCC, 0x86, 0xCD, 0x43, 0x20, 0xCC, 0x87,
+	0xCD, 0x43, 0x20, 0xCC, 0x88, 0xCD, 0x43, 0x20,
+	// Bytes 43c0 - 43ff
+	0xCC, 0x8A, 0xCD, 0x43, 0x20, 0xCC, 0x8B, 0xCD,
+	0x43, 0x20, 0xCC, 0x93, 0xCD, 0x43, 0x20, 0xCC,
+	0x94, 0xCD, 0x43, 0x20, 0xCC, 0xA7, 0xA9, 0x43,
+	0x20, 0xCC, 0xA8, 0xA9, 0x43, 0x20, 0xCC, 0xB3,
+	0xB9, 0x43, 0x20, 0xCD, 0x82, 0xCD, 0x43, 0x20,
+	0xCD, 0x85, 0xDD, 0x43, 0x20, 0xD9, 0x8B, 0x5D,
+	0x43, 0x20, 0xD9, 0x8C, 0x61, 0x43, 0x20, 0xD9,
+	0x8D, 0x65, 0x43, 0x20, 0xD9, 0x8E, 0x69, 0x43,
+	// Bytes 4400 - 443f
+	0x20, 0xD9, 0x8F, 0x6D, 0x43, 0x20, 0xD9, 0x90,
+	0x71, 0x43, 0x20, 0xD9, 0x91, 0x75, 0x43, 0x20,
+	0xD9, 0x92, 0x79, 0x43, 0x41, 0xCC, 0x8A, 0xCD,
+	0x43, 0x73, 0xCC, 0x87, 0xCD, 0x44, 0x20, 0xE3,
+	0x82, 0x99, 0x11, 0x44, 0x20, 0xE3, 0x82, 0x9A,
+	0x11, 0x44, 0xC2, 0xA8, 0xCC, 0x81, 0xCE, 0x44,
+	0xCE, 0x91, 0xCC, 0x81, 0xCD, 0x44, 0xCE, 0x95,
+	0xCC, 0x81, 0xCD, 0x44, 0xCE, 0x97, 0xCC, 0x81,
+	// Bytes 4440 - 447f
+	0xCD, 0x44, 0xCE, 0x99, 0xCC, 0x81, 0xCD, 0x44,
+	0xCE, 0x9F, 0xCC, 0x81, 0xCD, 0x44, 0xCE, 0xA5,
+	0xCC, 0x81, 0xCD, 0x44, 0xCE, 0xA5, 0xCC, 0x88,
+	0xCD, 0x44, 0xCE, 0xA9, 0xCC, 0x81, 0xCD, 0x44,
+	0xCE, 0xB1, 0xCC, 0x81, 0xCD, 0x44, 0xCE, 0xB5,
+	0xCC, 0x81, 0xCD, 0x44, 0xCE, 0xB7, 0xCC, 0x81,
+	0xCD, 0x44, 0xCE, 0xB9, 0xCC, 0x81, 0xCD, 0x44,
+	0xCE, 0xBF, 0xCC, 0x81, 0xCD, 0x44, 0xCF, 0x85,
+	// Bytes 4480 - 44bf
+	0xCC, 0x81, 0xCD, 0x44, 0xCF, 0x89, 0xCC, 0x81,
+	0xCD, 0x44, 0xD7, 0x90, 0xD6, 0xB7, 0x35, 0x44,
+	0xD7, 0x90, 0xD6, 0xB8, 0x39, 0x44, 0xD7, 0x90,
+	0xD6, 0xBC, 0x45, 0x44, 0xD7, 0x91, 0xD6, 0xBC,
+	0x45, 0x44, 0xD7, 0x91, 0xD6, 0xBF, 0x4D, 0x44,
+	0xD7, 0x92, 0xD6, 0xBC, 0x45, 0x44, 0xD7, 0x93,
+	0xD6, 0xBC, 0x45, 0x44, 0xD7, 0x94, 0xD6, 0xBC,
+	0x45, 0x44, 0xD7, 0x95, 0xD6, 0xB9, 0x3D, 0x44,
+	// Bytes 44c0 - 44ff
+	0xD7, 0x95, 0xD6, 0xBC, 0x45, 0x44, 0xD7, 0x96,
+	0xD6, 0xBC, 0x45, 0x44, 0xD7, 0x98, 0xD6, 0xBC,
+	0x45, 0x44, 0xD7, 0x99, 0xD6, 0xB4, 0x29, 0x44,
+	0xD7, 0x99, 0xD6, 0xBC, 0x45, 0x44, 0xD7, 0x9A,
+	0xD6, 0xBC, 0x45, 0x44, 0xD7, 0x9B, 0xD6, 0xBC,
+	0x45, 0x44, 0xD7, 0x9B, 0xD6, 0xBF, 0x4D, 0x44,
+	0xD7, 0x9C, 0xD6, 0xBC, 0x45, 0x44, 0xD7, 0x9E,
+	0xD6, 0xBC, 0x45, 0x44, 0xD7, 0xA0, 0xD6, 0xBC,
+	// Bytes 4500 - 453f
+	0x45, 0x44, 0xD7, 0xA1, 0xD6, 0xBC, 0x45, 0x44,
+	0xD7, 0xA3, 0xD6, 0xBC, 0x45, 0x44, 0xD7, 0xA4,
+	0xD6, 0xBC, 0x45, 0x44, 0xD7, 0xA4, 0xD6, 0xBF,
+	0x4D, 0x44, 0xD7, 0xA6, 0xD6, 0xBC, 0x45, 0x44,
+	0xD7, 0xA7, 0xD6, 0xBC, 0x45, 0x44, 0xD7, 0xA8,
+	0xD6, 0xBC, 0x45, 0x44, 0xD7, 0xA9, 0xD6, 0xBC,
+	0x45, 0x44, 0xD7, 0xA9, 0xD7, 0x81, 0x51, 0x44,
+	0xD7, 0xA9, 0xD7, 0x82, 0x55, 0x44, 0xD7, 0xAA,
+	// Bytes 4540 - 457f
+	0xD6, 0xBC, 0x45, 0x44, 0xD7, 0xB2, 0xD6, 0xB7,
+	0x35, 0x44, 0xD8, 0xA7, 0xD9, 0x8B, 0x5D, 0x44,
+	0xD8, 0xA7, 0xD9, 0x93, 0xCD, 0x44, 0xD8, 0xA7,
+	0xD9, 0x94, 0xCD, 0x44, 0xD8, 0xA7, 0xD9, 0x95,
+	0xB9, 0x44, 0xD8, 0xB0, 0xD9, 0xB0, 0x7D, 0x44,
+	0xD8, 0xB1, 0xD9, 0xB0, 0x7D, 0x44, 0xD9, 0x80,
+	0xD9, 0x8B, 0x5D, 0x44, 0xD9, 0x80, 0xD9, 0x8E,
+	0x69, 0x44, 0xD9, 0x80, 0xD9, 0x8F, 0x6D, 0x44,
+	// Bytes 4580 - 45bf
+	0xD9, 0x80, 0xD9, 0x90, 0x71, 0x44, 0xD9, 0x80,
+	0xD9, 0x91, 0x75, 0x44, 0xD9, 0x80, 0xD9, 0x92,
+	0x79, 0x44, 0xD9, 0x87, 0xD9, 0xB0, 0x7D, 0x44,
+	0xD9, 0x88, 0xD9, 0x94, 0xCD, 0x44, 0xD9, 0x89,
+	0xD9, 0xB0, 0x7D, 0x44, 0xD9, 0x8A, 0xD9, 0x94,
+	0xCD, 0x44, 0xDB, 0x92, 0xD9, 0x94, 0xCD, 0x44,
+	0xDB, 0x95, 0xD9, 0x94, 0xCD, 0x45, 0x20, 0xCC,
+	0x88, 0xCC, 0x80, 0xCE, 0x45, 0x20, 0xCC, 0x88,
+	// Bytes 45c0 - 45ff
+	0xCC, 0x81, 0xCE, 0x45, 0x20, 0xCC, 0x88, 0xCD,
+	0x82, 0xCE, 0x45, 0x20, 0xCC, 0x93, 0xCC, 0x80,
+	0xCE, 0x45, 0x20, 0xCC, 0x93, 0xCC, 0x81, 0xCE,
+	0x45, 0x20, 0xCC, 0x93, 0xCD, 0x82, 0xCE, 0x45,
+	0x20, 0xCC, 0x94, 0xCC, 0x80, 0xCE, 0x45, 0x20,
+	0xCC, 0x94, 0xCC, 0x81, 0xCE, 0x45, 0x20, 0xCC,
+	0x94, 0xCD, 0x82, 0xCE, 0x45, 0x20, 0xD9, 0x8C,
+	0xD9, 0x91, 0x76, 0x45, 0x20, 0xD9, 0x8D, 0xD9,
+	// Bytes 4600 - 463f
+	0x91, 0x76, 0x45, 0x20, 0xD9, 0x8E, 0xD9, 0x91,
+	0x76, 0x45, 0x20, 0xD9, 0x8F, 0xD9, 0x91, 0x76,
+	0x45, 0x20, 0xD9, 0x90, 0xD9, 0x91, 0x76, 0x45,
+	0x20, 0xD9, 0x91, 0xD9, 0xB0, 0x7E, 0x45, 0xE2,
+	0xAB, 0x9D, 0xCC, 0xB8, 0x05, 0x46, 0xCE, 0xB9,
+	0xCC, 0x88, 0xCC, 0x81, 0xCE, 0x46, 0xCF, 0x85,
+	0xCC, 0x88, 0xCC, 0x81, 0xCE, 0x46, 0xD7, 0xA9,
+	0xD6, 0xBC, 0xD7, 0x81, 0x52, 0x46, 0xD7, 0xA9,
+	// Bytes 4640 - 467f
+	0xD6, 0xBC, 0xD7, 0x82, 0x56, 0x46, 0xD9, 0x80,
+	0xD9, 0x8E, 0xD9, 0x91, 0x76, 0x46, 0xD9, 0x80,
+	0xD9, 0x8F, 0xD9, 0x91, 0x76, 0x46, 0xD9, 0x80,
+	0xD9, 0x90, 0xD9, 0x91, 0x76, 0x46, 0xE0, 0xA4,
+	0x95, 0xE0, 0xA4, 0xBC, 0x0D, 0x46, 0xE0, 0xA4,
+	0x96, 0xE0, 0xA4, 0xBC, 0x0D, 0x46, 0xE0, 0xA4,
+	0x97, 0xE0, 0xA4, 0xBC, 0x0D, 0x46, 0xE0, 0xA4,
+	0x9C, 0xE0, 0xA4, 0xBC, 0x0D, 0x46, 0xE0, 0xA4,
+	// Bytes 4680 - 46bf
+	0xA1, 0xE0, 0xA4, 0xBC, 0x0D, 0x46, 0xE0, 0xA4,
+	0xA2, 0xE0, 0xA4, 0xBC, 0x0D, 0x46, 0xE0, 0xA4,
+	0xAB, 0xE0, 0xA4, 0xBC, 0x0D, 0x46, 0xE0, 0xA4,
+	0xAF, 0xE0, 0xA4, 0xBC, 0x0D, 0x46, 0xE0, 0xA6,
+	0xA1, 0xE0, 0xA6, 0xBC, 0x0D, 0x46, 0xE0, 0xA6,
+	0xA2, 0xE0, 0xA6, 0xBC, 0x0D, 0x46, 0xE0, 0xA6,
+	0xAF, 0xE0, 0xA6, 0xBC, 0x0D, 0x46, 0xE0, 0xA8,
+	0x96, 0xE0, 0xA8, 0xBC, 0x0D, 0x46, 0xE0, 0xA8,
+	// Bytes 46c0 - 46ff
+	0x97, 0xE0, 0xA8, 0xBC, 0x0D, 0x46, 0xE0, 0xA8,
+	0x9C, 0xE0, 0xA8, 0xBC, 0x0D, 0x46, 0xE0, 0xA8,
+	0xAB, 0xE0, 0xA8, 0xBC, 0x0D, 0x46, 0xE0, 0xA8,
+	0xB2, 0xE0, 0xA8, 0xBC, 0x0D, 0x46, 0xE0, 0xA8,
+	0xB8, 0xE0, 0xA8, 0xBC, 0x0D, 0x46, 0xE0, 0xAC,
+	0xA1, 0xE0, 0xAC, 0xBC, 0x0D, 0x46, 0xE0, 0xAC,
+	0xA2, 0xE0, 0xAC, 0xBC, 0x0D, 0x46, 0xE0, 0xBE,
+	0xB2, 0xE0, 0xBE, 0x80, 0xA1, 0x46, 0xE0, 0xBE,
+	// Bytes 4700 - 473f
+	0xB3, 0xE0, 0xBE, 0x80, 0xA1, 0x46, 0xE3, 0x83,
+	0x86, 0xE3, 0x82, 0x99, 0x11, 0x48, 0xF0, 0x9D,
+	0x85, 0x97, 0xF0, 0x9D, 0x85, 0xA5, 0xB1, 0x48,
+	0xF0, 0x9D, 0x85, 0x98, 0xF0, 0x9D, 0x85, 0xA5,
+	0xB1, 0x48, 0xF0, 0x9D, 0x86, 0xB9, 0xF0, 0x9D,
+	0x85, 0xA5, 0xB1, 0x48, 0xF0, 0x9D, 0x86, 0xBA,
+	0xF0, 0x9D, 0x85, 0xA5, 0xB1, 0x49, 0xE0, 0xBE,
+	0xB2, 0xE0, 0xBD, 0xB1, 0xE0, 0xBE, 0x80, 0xA2,
+	// Bytes 4740 - 477f
+	0x49, 0xE0, 0xBE, 0xB3, 0xE0, 0xBD, 0xB1, 0xE0,
+	0xBE, 0x80, 0xA2, 0x4C, 0xF0, 0x9D, 0x85, 0x98,
+	0xF0, 0x9D, 0x85, 0xA5, 0xF0, 0x9D, 0x85, 0xAE,
+	0xB2, 0x4C, 0xF0, 0x9D, 0x85, 0x98, 0xF0, 0x9D,
+	0x85, 0xA5, 0xF0, 0x9D, 0x85, 0xAF, 0xB2, 0x4C,
+	0xF0, 0x9D, 0x85, 0x98, 0xF0, 0x9D, 0x85, 0xA5,
+	0xF0, 0x9D, 0x85, 0xB0, 0xB2, 0x4C, 0xF0, 0x9D,
+	0x85, 0x98, 0xF0, 0x9D, 0x85, 0xA5, 0xF0, 0x9D,
+	// Bytes 4780 - 47bf
+	0x85, 0xB1, 0xB2, 0x4C, 0xF0, 0x9D, 0x85, 0x98,
+	0xF0, 0x9D, 0x85, 0xA5, 0xF0, 0x9D, 0x85, 0xB2,
+	0xB2, 0x4C, 0xF0, 0x9D, 0x86, 0xB9, 0xF0, 0x9D,
+	0x85, 0xA5, 0xF0, 0x9D, 0x85, 0xAE, 0xB2, 0x4C,
+	0xF0, 0x9D, 0x86, 0xB9, 0xF0, 0x9D, 0x85, 0xA5,
+	0xF0, 0x9D, 0x85, 0xAF, 0xB2, 0x4C, 0xF0, 0x9D,
+	0x86, 0xBA, 0xF0, 0x9D, 0x85, 0xA5, 0xF0, 0x9D,
+	0x85, 0xAE, 0xB2, 0x4C, 0xF0, 0x9D, 0x86, 0xBA,
+	// Bytes 47c0 - 47ff
+	0xF0, 0x9D, 0x85, 0xA5, 0xF0, 0x9D, 0x85, 0xAF,
+	0xB2, 0x83, 0x41, 0xCC, 0x82, 0xCD, 0x83, 0x41,
+	0xCC, 0x86, 0xCD, 0x83, 0x41, 0xCC, 0x87, 0xCD,
+	0x83, 0x41, 0xCC, 0x88, 0xCD, 0x83, 0x41, 0xCC,
+	0x8A, 0xCD, 0x83, 0x41, 0xCC, 0xA3, 0xB9, 0x83,
+	0x43, 0xCC, 0xA7, 0xA9, 0x83, 0x45, 0xCC, 0x82,
+	0xCD, 0x83, 0x45, 0xCC, 0x84, 0xCD, 0x83, 0x45,
+	0xCC, 0xA3, 0xB9, 0x83, 0x45, 0xCC, 0xA7, 0xA9,
+	// Bytes 4800 - 483f
+	0x83, 0x49, 0xCC, 0x88, 0xCD, 0x83, 0x4C, 0xCC,
+	0xA3, 0xB9, 0x83, 0x4F, 0xCC, 0x82, 0xCD, 0x83,
+	0x4F, 0xCC, 0x83, 0xCD, 0x83, 0x4F, 0xCC, 0x84,
+	0xCD, 0x83, 0x4F, 0xCC, 0x87, 0xCD, 0x83, 0x4F,
+	0xCC, 0x88, 0xCD, 0x83, 0x4F, 0xCC, 0x9B, 0xB1,
+	0x83, 0x4F, 0xCC, 0xA3, 0xB9, 0x83, 0x4F, 0xCC,
+	0xA8, 0xA9, 0x83, 0x52, 0xCC, 0xA3, 0xB9, 0x83,
+	0x53, 0xCC, 0x81, 0xCD, 0x83, 0x53, 0xCC, 0x8C,
+	// Bytes 4840 - 487f
+	0xCD, 0x83, 0x53, 0xCC, 0xA3, 0xB9, 0x83, 0x55,
+	0xCC, 0x83, 0xCD, 0x83, 0x55, 0xCC, 0x84, 0xCD,
+	0x83, 0x55, 0xCC, 0x88, 0xCD, 0x83, 0x55, 0xCC,
+	0x9B, 0xB1, 0x83, 0x61, 0xCC, 0x82, 0xCD, 0x83,
+	0x61, 0xCC, 0x86, 0xCD, 0x83, 0x61, 0xCC, 0x87,
+	0xCD, 0x83, 0x61, 0xCC, 0x88, 0xCD, 0x83, 0x61,
+	0xCC, 0x8A, 0xCD, 0x83, 0x61, 0xCC, 0xA3, 0xB9,
+	0x83, 0x63, 0xCC, 0xA7, 0xA9, 0x83, 0x65, 0xCC,
+	// Bytes 4880 - 48bf
+	0x82, 0xCD, 0x83, 0x65, 0xCC, 0x84, 0xCD, 0x83,
+	0x65, 0xCC, 0xA3, 0xB9, 0x83, 0x65, 0xCC, 0xA7,
+	0xA9, 0x83, 0x69, 0xCC, 0x88, 0xCD, 0x83, 0x6C,
+	0xCC, 0xA3, 0xB9, 0x83, 0x6F, 0xCC, 0x82, 0xCD,
+	0x83, 0x6F, 0xCC, 0x83, 0xCD, 0x83, 0x6F, 0xCC,
+	0x84, 0xCD, 0x83, 0x6F, 0xCC, 0x87, 0xCD, 0x83,
+	0x6F, 0xCC, 0x88, 0xCD, 0x83, 0x6F, 0xCC, 0x9B,
+	0xB1, 0x83, 0x6F, 0xCC, 0xA3, 0xB9, 0x83, 0x6F,
+	// Bytes 48c0 - 48ff
+	0xCC, 0xA8, 0xA9, 0x83, 0x72, 0xCC, 0xA3, 0xB9,
+	0x83, 0x73, 0xCC, 0x81, 0xCD, 0x83, 0x73, 0xCC,
+	0x8C, 0xCD, 0x83, 0x73, 0xCC, 0xA3, 0xB9, 0x83,
+	0x75, 0xCC, 0x83, 0xCD, 0x83, 0x75, 0xCC, 0x84,
+	0xCD, 0x83, 0x75, 0xCC, 0x88, 0xCD, 0x83, 0x75,
+	0xCC, 0x9B, 0xB1, 0x84, 0xCE, 0x91, 0xCC, 0x93,
+	0xCD, 0x84, 0xCE, 0x91, 0xCC, 0x94, 0xCD, 0x84,
+	0xCE, 0x95, 0xCC, 0x93, 0xCD, 0x84, 0xCE, 0x95,
+	// Bytes 4900 - 493f
+	0xCC, 0x94, 0xCD, 0x84, 0xCE, 0x97, 0xCC, 0x93,
+	0xCD, 0x84, 0xCE, 0x97, 0xCC, 0x94, 0xCD, 0x84,
+	0xCE, 0x99, 0xCC, 0x93, 0xCD, 0x84, 0xCE, 0x99,
+	0xCC, 0x94, 0xCD, 0x84, 0xCE, 0x9F, 0xCC, 0x93,
+	0xCD, 0x84, 0xCE, 0x9F, 0xCC, 0x94, 0xCD, 0x84,
+	0xCE, 0xA5, 0xCC, 0x94, 0xCD, 0x84, 0xCE, 0xA9,
+	0xCC, 0x93, 0xCD, 0x84, 0xCE, 0xA9, 0xCC, 0x94,
+	0xCD, 0x84, 0xCE, 0xB1, 0xCC, 0x80, 0xCD, 0x84,
+	// Bytes 4940 - 497f
+	0xCE, 0xB1, 0xCC, 0x81, 0xCD, 0x84, 0xCE, 0xB1,
+	0xCC, 0x93, 0xCD, 0x84, 0xCE, 0xB1, 0xCC, 0x94,
+	0xCD, 0x84, 0xCE, 0xB1, 0xCD, 0x82, 0xCD, 0x84,
+	0xCE, 0xB5, 0xCC, 0x93, 0xCD, 0x84, 0xCE, 0xB5,
+	0xCC, 0x94, 0xCD, 0x84, 0xCE, 0xB7, 0xCC, 0x80,
+	0xCD, 0x84, 0xCE, 0xB7, 0xCC, 0x81, 0xCD, 0x84,
+	0xCE, 0xB7, 0xCC, 0x93, 0xCD, 0x84, 0xCE, 0xB7,
+	0xCC, 0x94, 0xCD, 0x84, 0xCE, 0xB7, 0xCD, 0x82,
+	// Bytes 4980 - 49bf
+	0xCD, 0x84, 0xCE, 0xB9, 0xCC, 0x88, 0xCD, 0x84,
+	0xCE, 0xB9, 0xCC, 0x93, 0xCD, 0x84, 0xCE, 0xB9,
+	0xCC, 0x94, 0xCD, 0x84, 0xCE, 0xBF, 0xCC, 0x93,
+	0xCD, 0x84, 0xCE, 0xBF, 0xCC, 0x94, 0xCD, 0x84,
+	0xCF, 0x85, 0xCC, 0x88, 0xCD, 0x84, 0xCF, 0x85,
+	0xCC, 0x93, 0xCD, 0x84, 0xCF, 0x85, 0xCC, 0x94,
+	0xCD, 0x84, 0xCF, 0x89, 0xCC, 0x80, 0xCD, 0x84,
+	0xCF, 0x89, 0xCC, 0x81, 0xCD, 0x84, 0xCF, 0x89,
+	// Bytes 49c0 - 49ff
+	0xCC, 0x93, 0xCD, 0x84, 0xCF, 0x89, 0xCC, 0x94,
+	0xCD, 0x84, 0xCF, 0x89, 0xCD, 0x82, 0xCD, 0x86,
+	0xCE, 0x91, 0xCC, 0x93, 0xCC, 0x80, 0xCE, 0x86,
+	0xCE, 0x91, 0xCC, 0x93, 0xCC, 0x81, 0xCE, 0x86,
+	0xCE, 0x91, 0xCC, 0x93, 0xCD, 0x82, 0xCE, 0x86,
+	0xCE, 0x91, 0xCC, 0x94, 0xCC, 0x80, 0xCE, 0x86,
+	0xCE, 0x91, 0xCC, 0x94, 0xCC, 0x81, 0xCE, 0x86,
+	0xCE, 0x91, 0xCC, 0x94, 0xCD, 0x82, 0xCE, 0x86,
+	// Bytes 4a00 - 4a3f
+	0xCE, 0x97, 0xCC, 0x93, 0xCC, 0x80, 0xCE, 0x86,
+	0xCE, 0x97, 0xCC, 0x93, 0xCC, 0x81, 0xCE, 0x86,
+	0xCE, 0x97, 0xCC, 0x93, 0xCD, 0x82, 0xCE, 0x86,
+	0xCE, 0x97, 0xCC, 0x94, 0xCC, 0x80, 0xCE, 0x86,
+	0xCE, 0x97, 0xCC, 0x94, 0xCC, 0x81, 0xCE, 0x86,
+	0xCE, 0x97, 0xCC, 0x94, 0xCD, 0x82, 0xCE, 0x86,
+	0xCE, 0xA9, 0xCC, 0x93, 0xCC, 0x80, 0xCE, 0x86,
+	0xCE, 0xA9, 0xCC, 0x93, 0xCC, 0x81, 0xCE, 0x86,
+	// Bytes 4a40 - 4a7f
+	0xCE, 0xA9, 0xCC, 0x93, 0xCD, 0x82, 0xCE, 0x86,
+	0xCE, 0xA9, 0xCC, 0x94, 0xCC, 0x80, 0xCE, 0x86,
+	0xCE, 0xA9, 0xCC, 0x94, 0xCC, 0x81, 0xCE, 0x86,
+	0xCE, 0xA9, 0xCC, 0x94, 0xCD, 0x82, 0xCE, 0x86,
+	0xCE, 0xB1, 0xCC, 0x93, 0xCC, 0x80, 0xCE, 0x86,
+	0xCE, 0xB1, 0xCC, 0x93, 0xCC, 0x81, 0xCE, 0x86,
+	0xCE, 0xB1, 0xCC, 0x93, 0xCD, 0x82, 0xCE, 0x86,
+	0xCE, 0xB1, 0xCC, 0x94, 0xCC, 0x80, 0xCE, 0x86,
+	// Bytes 4a80 - 4abf
+	0xCE, 0xB1, 0xCC, 0x94, 0xCC, 0x81, 0xCE, 0x86,
+	0xCE, 0xB1, 0xCC, 0x94, 0xCD, 0x82, 0xCE, 0x86,
+	0xCE, 0xB7, 0xCC, 0x93, 0xCC, 0x80, 0xCE, 0x86,
+	0xCE, 0xB7, 0xCC, 0x93, 0xCC, 0x81, 0xCE, 0x86,
+	0xCE, 0xB7, 0xCC, 0x93, 0xCD, 0x82, 0xCE, 0x86,
+	0xCE, 0xB7, 0xCC, 0x94, 0xCC, 0x80, 0xCE, 0x86,
+	0xCE, 0xB7, 0xCC, 0x94, 0xCC, 0x81, 0xCE, 0x86,
+	0xCE, 0xB7, 0xCC, 0x94, 0xCD, 0x82, 0xCE, 0x86,
+	// Bytes 4ac0 - 4aff
+	0xCF, 0x89, 0xCC, 0x93, 0xCC, 0x80, 0xCE, 0x86,
+	0xCF, 0x89, 0xCC, 0x93, 0xCC, 0x81, 0xCE, 0x86,
+	0xCF, 0x89, 0xCC, 0x93, 0xCD, 0x82, 0xCE, 0x86,
+	0xCF, 0x89, 0xCC, 0x94, 0xCC, 0x80, 0xCE, 0x86,
+	0xCF, 0x89, 0xCC, 0x94, 0xCC, 0x81, 0xCE, 0x86,
+	0xCF, 0x89, 0xCC, 0x94, 0xCD, 0x82, 0xCE, 0x42,
+	0xCC, 0x80, 0xCD, 0x33, 0x42, 0xCC, 0x81, 0xCD,
+	0x33, 0x42, 0xCC, 0x93, 0xCD, 0x33, 0x43, 0xE1,
+	// Bytes 4b00 - 4b3f
+	0x85, 0xA1, 0x01, 0x00, 0x43, 0xE1, 0x85, 0xA2,
+	0x01, 0x00, 0x43, 0xE1, 0x85, 0xA3, 0x01, 0x00,
+	0x43, 0xE1, 0x85, 0xA4, 0x01, 0x00, 0x43, 0xE1,
+	0x85, 0xA5, 0x01, 0x00, 0x43, 0xE1, 0x85, 0xA6,
+	0x01, 0x00, 0x43, 0xE1, 0x85, 0xA7, 0x01, 0x00,
+	0x43, 0xE1, 0x85, 0xA8, 0x01, 0x00, 0x43, 0xE1,
+	0x85, 0xA9, 0x01, 0x00, 0x43, 0xE1, 0x85, 0xAA,
+	0x01, 0x00, 0x43, 0xE1, 0x85, 0xAB, 0x01, 0x00,
+	// Bytes 4b40 - 4b7f
+	0x43, 0xE1, 0x85, 0xAC, 0x01, 0x00, 0x43, 0xE1,
+	0x85, 0xAD, 0x01, 0x00, 0x43, 0xE1, 0x85, 0xAE,
+	0x01, 0x00, 0x43, 0xE1, 0x85, 0xAF, 0x01, 0x00,
+	0x43, 0xE1, 0x85, 0xB0, 0x01, 0x00, 0x43, 0xE1,
+	0x85, 0xB1, 0x01, 0x00, 0x43, 0xE1, 0x85, 0xB2,
+	0x01, 0x00, 0x43, 0xE1, 0x85, 0xB3, 0x01, 0x00,
+	0x43, 0xE1, 0x85, 0xB4, 0x01, 0x00, 0x43, 0xE1,
+	0x85, 0xB5, 0x01, 0x00, 0x43, 0xE1, 0x86, 0xAA,
+	// Bytes 4b80 - 4bbf
+	0x01, 0x00, 0x43, 0xE1, 0x86, 0xAC, 0x01, 0x00,
+	0x43, 0xE1, 0x86, 0xAD, 0x01, 0x00, 0x43, 0xE1,
+	0x86, 0xB0, 0x01, 0x00, 0x43, 0xE1, 0x86, 0xB1,
+	0x01, 0x00, 0x43, 0xE1, 0x86, 0xB2, 0x01, 0x00,
+	0x43, 0xE1, 0x86, 0xB3, 0x01, 0x00, 0x43, 0xE1,
+	0x86, 0xB4, 0x01, 0x00, 0x43, 0xE1, 0x86, 0xB5,
+	0x01, 0x00, 0x44, 0xCC, 0x88, 0xCC, 0x81, 0xCE,
+	0x33, 0x43, 0xE3, 0x82, 0x99, 0x11, 0x04, 0x43,
+	// Bytes 4bc0 - 4bff
+	0xE3, 0x82, 0x9A, 0x11, 0x04, 0x46, 0xE0, 0xBD,
+	0xB1, 0xE0, 0xBD, 0xB2, 0xA2, 0x27, 0x46, 0xE0,
+	0xBD, 0xB1, 0xE0, 0xBD, 0xB4, 0xA6, 0x27, 0x46,
+	0xE0, 0xBD, 0xB1, 0xE0, 0xBE, 0x80, 0xA2, 0x27,
+	0x00, 0x01,
+}
+
+// lookup returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *nfcTrie) lookup(s []byte) (v uint16, sz int) {
+	c0 := s[0]
+	switch {
+	case c0 < 0x80: // is ASCII
+		return nfcValues[c0], 1
+	case c0 < 0xC2:
+		return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+	case c0 < 0xE0: // 2-byte UTF-8
+		if len(s) < 2 {
+			return 0, 0
+		}
+		i := nfcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c1), 2
+	case c0 < 0xF0: // 3-byte UTF-8
+		if len(s) < 3 {
+			return 0, 0
+		}
+		i := nfcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = nfcIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c2), 3
+	case c0 < 0xF8: // 4-byte UTF-8
+		if len(s) < 4 {
+			return 0, 0
+		}
+		i := nfcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = nfcIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		o = uint32(i)<<6 + uint32(c2)
+		i = nfcIndex[o]
+		c3 := s[3]
+		if c3 < 0x80 || 0xC0 <= c3 {
+			return 0, 3 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c3), 4
+	}
+	// Illegal rune
+	return 0, 1
+}
+
+// lookupUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *nfcTrie) lookupUnsafe(s []byte) uint16 {
+	c0 := s[0]
+	if c0 < 0x80 { // is ASCII
+		return nfcValues[c0]
+	}
+	i := nfcIndex[c0]
+	if c0 < 0xE0 { // 2-byte UTF-8
+		return t.lookupValue(uint32(i), s[1])
+	}
+	i = nfcIndex[uint32(i)<<6+uint32(s[1])]
+	if c0 < 0xF0 { // 3-byte UTF-8
+		return t.lookupValue(uint32(i), s[2])
+	}
+	i = nfcIndex[uint32(i)<<6+uint32(s[2])]
+	if c0 < 0xF8 { // 4-byte UTF-8
+		return t.lookupValue(uint32(i), s[3])
+	}
+	return 0
+}
+
+// lookupString returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *nfcTrie) lookupString(s string) (v uint16, sz int) {
+	c0 := s[0]
+	switch {
+	case c0 < 0x80: // is ASCII
+		return nfcValues[c0], 1
+	case c0 < 0xC2:
+		return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+	case c0 < 0xE0: // 2-byte UTF-8
+		if len(s) < 2 {
+			return 0, 0
+		}
+		i := nfcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c1), 2
+	case c0 < 0xF0: // 3-byte UTF-8
+		if len(s) < 3 {
+			return 0, 0
+		}
+		i := nfcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = nfcIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c2), 3
+	case c0 < 0xF8: // 4-byte UTF-8
+		if len(s) < 4 {
+			return 0, 0
+		}
+		i := nfcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = nfcIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		o = uint32(i)<<6 + uint32(c2)
+		i = nfcIndex[o]
+		c3 := s[3]
+		if c3 < 0x80 || 0xC0 <= c3 {
+			return 0, 3 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c3), 4
+	}
+	// Illegal rune
+	return 0, 1
+}
+
+// lookupStringUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *nfcTrie) lookupStringUnsafe(s string) uint16 {
+	c0 := s[0]
+	if c0 < 0x80 { // is ASCII
+		return nfcValues[c0]
+	}
+	i := nfcIndex[c0]
+	if c0 < 0xE0 { // 2-byte UTF-8
+		return t.lookupValue(uint32(i), s[1])
+	}
+	i = nfcIndex[uint32(i)<<6+uint32(s[1])]
+	if c0 < 0xF0 { // 3-byte UTF-8
+		return t.lookupValue(uint32(i), s[2])
+	}
+	i = nfcIndex[uint32(i)<<6+uint32(s[2])]
+	if c0 < 0xF8 { // 4-byte UTF-8
+		return t.lookupValue(uint32(i), s[3])
+	}
+	return 0
+}
+
+// nfcTrie. Total size: 10798 bytes (10.54 KiB). Checksum: b5981cc85e3bd14.
+type nfcTrie struct{}
+
+func newNfcTrie(i int) *nfcTrie {
+	return &nfcTrie{}
+}
+
+// lookupValue determines the type of block n and looks up the value for b.
+func (t *nfcTrie) lookupValue(n uint32, b byte) uint16 {
+	switch {
+	case n < 46:
+		return uint16(nfcValues[n<<6+uint32(b)])
+	default:
+		n -= 46
+		return uint16(nfcSparse.lookup(n, b))
+	}
+}
+
+// nfcValues: 48 blocks, 3072 entries, 6144 bytes
+// The third block is the zero block.
+var nfcValues = [3072]uint16{
+	// Block 0x0, offset 0x0
+	0x3c: 0xa000, 0x3d: 0xa000, 0x3e: 0xa000,
+	// Block 0x1, offset 0x40
+	0x41: 0xa000, 0x42: 0xa000, 0x43: 0xa000, 0x44: 0xa000, 0x45: 0xa000,
+	0x46: 0xa000, 0x47: 0xa000, 0x48: 0xa000, 0x49: 0xa000, 0x4a: 0xa000, 0x4b: 0xa000,
+	0x4c: 0xa000, 0x4d: 0xa000, 0x4e: 0xa000, 0x4f: 0xa000, 0x50: 0xa000,
+	0x52: 0xa000, 0x53: 0xa000, 0x54: 0xa000, 0x55: 0xa000, 0x56: 0xa000, 0x57: 0xa000,
+	0x58: 0xa000, 0x59: 0xa000, 0x5a: 0xa000,
+	0x61: 0xa000, 0x62: 0xa000, 0x63: 0xa000,
+	0x64: 0xa000, 0x65: 0xa000, 0x66: 0xa000, 0x67: 0xa000, 0x68: 0xa000, 0x69: 0xa000,
+	0x6a: 0xa000, 0x6b: 0xa000, 0x6c: 0xa000, 0x6d: 0xa000, 0x6e: 0xa000, 0x6f: 0xa000,
+	0x70: 0xa000, 0x72: 0xa000, 0x73: 0xa000, 0x74: 0xa000, 0x75: 0xa000,
+	0x76: 0xa000, 0x77: 0xa000, 0x78: 0xa000, 0x79: 0xa000, 0x7a: 0xa000,
+	// Block 0x2, offset 0x80
+	// Block 0x3, offset 0xc0
+	0xc0: 0x30b0, 0xc1: 0x30b5, 0xc2: 0x47c9, 0xc3: 0x30ba, 0xc4: 0x47d8, 0xc5: 0x47dd,
+	0xc6: 0xa000, 0xc7: 0x47e7, 0xc8: 0x3123, 0xc9: 0x3128, 0xca: 0x47ec, 0xcb: 0x313c,
+	0xcc: 0x31af, 0xcd: 0x31b4, 0xce: 0x31b9, 0xcf: 0x4800, 0xd1: 0x3245,
+	0xd2: 0x3268, 0xd3: 0x326d, 0xd4: 0x480a, 0xd5: 0x480f, 0xd6: 0x481e,
+	0xd8: 0xa000, 0xd9: 0x32f4, 0xda: 0x32f9, 0xdb: 0x32fe, 0xdc: 0x4850, 0xdd: 0x3376,
+	0xe0: 0x33bc, 0xe1: 0x33c1, 0xe2: 0x485a, 0xe3: 0x33c6,
+	0xe4: 0x4869, 0xe5: 0x486e, 0xe6: 0xa000, 0xe7: 0x4878, 0xe8: 0x342f, 0xe9: 0x3434,
+	0xea: 0x487d, 0xeb: 0x3448, 0xec: 0x34c0, 0xed: 0x34c5, 0xee: 0x34ca, 0xef: 0x4891,
+	0xf1: 0x3556, 0xf2: 0x3579, 0xf3: 0x357e, 0xf4: 0x489b, 0xf5: 0x48a0,
+	0xf6: 0x48af, 0xf8: 0xa000, 0xf9: 0x360a, 0xfa: 0x360f, 0xfb: 0x3614,
+	0xfc: 0x48e1, 0xfd: 0x3691, 0xff: 0x36aa,
+	// Block 0x4, offset 0x100
+	0x100: 0x30bf, 0x101: 0x33cb, 0x102: 0x47ce, 0x103: 0x485f, 0x104: 0x30dd, 0x105: 0x33e9,
+	0x106: 0x30f1, 0x107: 0x33fd, 0x108: 0x30f6, 0x109: 0x3402, 0x10a: 0x30fb, 0x10b: 0x3407,
+	0x10c: 0x3100, 0x10d: 0x340c, 0x10e: 0x310a, 0x10f: 0x3416,
+	0x112: 0x47f1, 0x113: 0x4882, 0x114: 0x3132, 0x115: 0x343e, 0x116: 0x3137, 0x117: 0x3443,
+	0x118: 0x3155, 0x119: 0x3461, 0x11a: 0x3146, 0x11b: 0x3452, 0x11c: 0x316e, 0x11d: 0x347a,
+	0x11e: 0x3178, 0x11f: 0x3484, 0x120: 0x317d, 0x121: 0x3489, 0x122: 0x3187, 0x123: 0x3493,
+	0x124: 0x318c, 0x125: 0x3498, 0x128: 0x31be, 0x129: 0x34cf,
+	0x12a: 0x31c3, 0x12b: 0x34d4, 0x12c: 0x31c8, 0x12d: 0x34d9, 0x12e: 0x31eb, 0x12f: 0x34f7,
+	0x130: 0x31cd, 0x134: 0x31f5, 0x135: 0x3501,
+	0x136: 0x3209, 0x137: 0x351a, 0x139: 0x3213, 0x13a: 0x3524, 0x13b: 0x321d,
+	0x13c: 0x352e, 0x13d: 0x3218, 0x13e: 0x3529,
+	// Block 0x5, offset 0x140
+	0x143: 0x3240, 0x144: 0x3551, 0x145: 0x3259,
+	0x146: 0x356a, 0x147: 0x324f, 0x148: 0x3560,
+	0x14c: 0x4814, 0x14d: 0x48a5, 0x14e: 0x3272, 0x14f: 0x3583, 0x150: 0x327c, 0x151: 0x358d,
+	0x154: 0x329a, 0x155: 0x35ab, 0x156: 0x32b3, 0x157: 0x35c4,
+	0x158: 0x32a4, 0x159: 0x35b5, 0x15a: 0x4837, 0x15b: 0x48c8, 0x15c: 0x32bd, 0x15d: 0x35ce,
+	0x15e: 0x32cc, 0x15f: 0x35dd, 0x160: 0x483c, 0x161: 0x48cd, 0x162: 0x32e5, 0x163: 0x35fb,
+	0x164: 0x32d6, 0x165: 0x35ec, 0x168: 0x4846, 0x169: 0x48d7,
+	0x16a: 0x484b, 0x16b: 0x48dc, 0x16c: 0x3303, 0x16d: 0x3619, 0x16e: 0x330d, 0x16f: 0x3623,
+	0x170: 0x3312, 0x171: 0x3628, 0x172: 0x3330, 0x173: 0x3646, 0x174: 0x3353, 0x175: 0x3669,
+	0x176: 0x337b, 0x177: 0x3696, 0x178: 0x338f, 0x179: 0x339e, 0x17a: 0x36be, 0x17b: 0x33a8,
+	0x17c: 0x36c8, 0x17d: 0x33ad, 0x17e: 0x36cd, 0x17f: 0xa000,
+	// Block 0x6, offset 0x180
+	0x184: 0x8100, 0x185: 0x8100,
+	0x186: 0x8100,
+	0x18d: 0x30c9, 0x18e: 0x33d5, 0x18f: 0x31d7, 0x190: 0x34e3, 0x191: 0x3281,
+	0x192: 0x3592, 0x193: 0x3317, 0x194: 0x362d, 0x195: 0x3b10, 0x196: 0x3c9f, 0x197: 0x3b09,
+	0x198: 0x3c98, 0x199: 0x3b17, 0x19a: 0x3ca6, 0x19b: 0x3b02, 0x19c: 0x3c91,
+	0x19e: 0x39f1, 0x19f: 0x3b80, 0x1a0: 0x39ea, 0x1a1: 0x3b79, 0x1a2: 0x36f4, 0x1a3: 0x3706,
+	0x1a6: 0x3182, 0x1a7: 0x348e, 0x1a8: 0x31ff, 0x1a9: 0x3510,
+	0x1aa: 0x482d, 0x1ab: 0x48be, 0x1ac: 0x3ad1, 0x1ad: 0x3c60, 0x1ae: 0x3718, 0x1af: 0x371e,
+	0x1b0: 0x3506, 0x1b4: 0x3169, 0x1b5: 0x3475,
+	0x1b8: 0x323b, 0x1b9: 0x354c, 0x1ba: 0x39f8, 0x1bb: 0x3b87,
+	0x1bc: 0x36ee, 0x1bd: 0x3700, 0x1be: 0x36fa, 0x1bf: 0x370c,
+	// Block 0x7, offset 0x1c0
+	0x1c0: 0x30ce, 0x1c1: 0x33da, 0x1c2: 0x30d3, 0x1c3: 0x33df, 0x1c4: 0x314b, 0x1c5: 0x3457,
+	0x1c6: 0x3150, 0x1c7: 0x345c, 0x1c8: 0x31dc, 0x1c9: 0x34e8, 0x1ca: 0x31e1, 0x1cb: 0x34ed,
+	0x1cc: 0x3286, 0x1cd: 0x3597, 0x1ce: 0x328b, 0x1cf: 0x359c, 0x1d0: 0x32a9, 0x1d1: 0x35ba,
+	0x1d2: 0x32ae, 0x1d3: 0x35bf, 0x1d4: 0x331c, 0x1d5: 0x3632, 0x1d6: 0x3321, 0x1d7: 0x3637,
+	0x1d8: 0x32c7, 0x1d9: 0x35d8, 0x1da: 0x32e0, 0x1db: 0x35f6,
+	0x1de: 0x319b, 0x1df: 0x34a7,
+	0x1e6: 0x47d3, 0x1e7: 0x4864, 0x1e8: 0x47fb, 0x1e9: 0x488c,
+	0x1ea: 0x3aa0, 0x1eb: 0x3c2f, 0x1ec: 0x3a7d, 0x1ed: 0x3c0c, 0x1ee: 0x4819, 0x1ef: 0x48aa,
+	0x1f0: 0x3a99, 0x1f1: 0x3c28, 0x1f2: 0x3385, 0x1f3: 0x36a0,
+	// Block 0x8, offset 0x200
+	0x200: 0x9933, 0x201: 0x9933, 0x202: 0x9933, 0x203: 0x9933, 0x204: 0x9933, 0x205: 0x8133,
+	0x206: 0x9933, 0x207: 0x9933, 0x208: 0x9933, 0x209: 0x9933, 0x20a: 0x9933, 0x20b: 0x9933,
+	0x20c: 0x9933, 0x20d: 0x8133, 0x20e: 0x8133, 0x20f: 0x9933, 0x210: 0x8133, 0x211: 0x9933,
+	0x212: 0x8133, 0x213: 0x9933, 0x214: 0x9933, 0x215: 0x8134, 0x216: 0x812e, 0x217: 0x812e,
+	0x218: 0x812e, 0x219: 0x812e, 0x21a: 0x8134, 0x21b: 0x992c, 0x21c: 0x812e, 0x21d: 0x812e,
+	0x21e: 0x812e, 0x21f: 0x812e, 0x220: 0x812e, 0x221: 0x812a, 0x222: 0x812a, 0x223: 0x992e,
+	0x224: 0x992e, 0x225: 0x992e, 0x226: 0x992e, 0x227: 0x992a, 0x228: 0x992a, 0x229: 0x812e,
+	0x22a: 0x812e, 0x22b: 0x812e, 0x22c: 0x812e, 0x22d: 0x992e, 0x22e: 0x992e, 0x22f: 0x812e,
+	0x230: 0x992e, 0x231: 0x992e, 0x232: 0x812e, 0x233: 0x812e, 0x234: 0x8101, 0x235: 0x8101,
+	0x236: 0x8101, 0x237: 0x8101, 0x238: 0x9901, 0x239: 0x812e, 0x23a: 0x812e, 0x23b: 0x812e,
+	0x23c: 0x812e, 0x23d: 0x8133, 0x23e: 0x8133, 0x23f: 0x8133,
+	// Block 0x9, offset 0x240
+	0x240: 0x4aef, 0x241: 0x4af4, 0x242: 0x9933, 0x243: 0x4af9, 0x244: 0x4bb2, 0x245: 0x9937,
+	0x246: 0x8133, 0x247: 0x812e, 0x248: 0x812e, 0x249: 0x812e, 0x24a: 0x8133, 0x24b: 0x8133,
+	0x24c: 0x8133, 0x24d: 0x812e, 0x24e: 0x812e, 0x250: 0x8133, 0x251: 0x8133,
+	0x252: 0x8133, 0x253: 0x812e, 0x254: 0x812e, 0x255: 0x812e, 0x256: 0x812e, 0x257: 0x8133,
+	0x258: 0x8134, 0x259: 0x812e, 0x25a: 0x812e, 0x25b: 0x8133, 0x25c: 0x8135, 0x25d: 0x8136,
+	0x25e: 0x8136, 0x25f: 0x8135, 0x260: 0x8136, 0x261: 0x8136, 0x262: 0x8135, 0x263: 0x8133,
+	0x264: 0x8133, 0x265: 0x8133, 0x266: 0x8133, 0x267: 0x8133, 0x268: 0x8133, 0x269: 0x8133,
+	0x26a: 0x8133, 0x26b: 0x8133, 0x26c: 0x8133, 0x26d: 0x8133, 0x26e: 0x8133, 0x26f: 0x8133,
+	0x274: 0x01ee,
+	0x27a: 0x8100,
+	0x27e: 0x0037,
+	// Block 0xa, offset 0x280
+	0x284: 0x8100, 0x285: 0x36e2,
+	0x286: 0x372a, 0x287: 0x00ce, 0x288: 0x3748, 0x289: 0x3754, 0x28a: 0x3766,
+	0x28c: 0x3784, 0x28e: 0x3796, 0x28f: 0x37b4, 0x290: 0x3f49, 0x291: 0xa000,
+	0x295: 0xa000, 0x297: 0xa000,
+	0x299: 0xa000,
+	0x29f: 0xa000, 0x2a1: 0xa000,
+	0x2a5: 0xa000, 0x2a9: 0xa000,
+	0x2aa: 0x3778, 0x2ab: 0x37a8, 0x2ac: 0x493f, 0x2ad: 0x37d8, 0x2ae: 0x4969, 0x2af: 0x37ea,
+	0x2b0: 0x3fb1, 0x2b1: 0xa000, 0x2b5: 0xa000,
+	0x2b7: 0xa000, 0x2b9: 0xa000,
+	0x2bf: 0xa000,
+	// Block 0xb, offset 0x2c0
+	0x2c0: 0x3862, 0x2c1: 0x386e, 0x2c3: 0x385c,
+	0x2c6: 0xa000, 0x2c7: 0x384a,
+	0x2cc: 0x389e, 0x2cd: 0x3886, 0x2ce: 0x38b0, 0x2d0: 0xa000,
+	0x2d3: 0xa000, 0x2d5: 0xa000, 0x2d6: 0xa000, 0x2d7: 0xa000,
+	0x2d8: 0xa000, 0x2d9: 0x3892, 0x2da: 0xa000,
+	0x2de: 0xa000, 0x2e3: 0xa000,
+	0x2e7: 0xa000,
+	0x2eb: 0xa000, 0x2ed: 0xa000,
+	0x2f0: 0xa000, 0x2f3: 0xa000, 0x2f5: 0xa000,
+	0x2f6: 0xa000, 0x2f7: 0xa000, 0x2f8: 0xa000, 0x2f9: 0x3916, 0x2fa: 0xa000,
+	0x2fe: 0xa000,
+	// Block 0xc, offset 0x300
+	0x301: 0x3874, 0x302: 0x38f8,
+	0x310: 0x3850, 0x311: 0x38d4,
+	0x312: 0x3856, 0x313: 0x38da, 0x316: 0x3868, 0x317: 0x38ec,
+	0x318: 0xa000, 0x319: 0xa000, 0x31a: 0x396a, 0x31b: 0x3970, 0x31c: 0x387a, 0x31d: 0x38fe,
+	0x31e: 0x3880, 0x31f: 0x3904, 0x322: 0x388c, 0x323: 0x3910,
+	0x324: 0x3898, 0x325: 0x391c, 0x326: 0x38a4, 0x327: 0x3928, 0x328: 0xa000, 0x329: 0xa000,
+	0x32a: 0x3976, 0x32b: 0x397c, 0x32c: 0x38ce, 0x32d: 0x3952, 0x32e: 0x38aa, 0x32f: 0x392e,
+	0x330: 0x38b6, 0x331: 0x393a, 0x332: 0x38bc, 0x333: 0x3940, 0x334: 0x38c2, 0x335: 0x3946,
+	0x338: 0x38c8, 0x339: 0x394c,
+	// Block 0xd, offset 0x340
+	0x351: 0x812e,
+	0x352: 0x8133, 0x353: 0x8133, 0x354: 0x8133, 0x355: 0x8133, 0x356: 0x812e, 0x357: 0x8133,
+	0x358: 0x8133, 0x359: 0x8133, 0x35a: 0x812f, 0x35b: 0x812e, 0x35c: 0x8133, 0x35d: 0x8133,
+	0x35e: 0x8133, 0x35f: 0x8133, 0x360: 0x8133, 0x361: 0x8133, 0x362: 0x812e, 0x363: 0x812e,
+	0x364: 0x812e, 0x365: 0x812e, 0x366: 0x812e, 0x367: 0x812e, 0x368: 0x8133, 0x369: 0x8133,
+	0x36a: 0x812e, 0x36b: 0x8133, 0x36c: 0x8133, 0x36d: 0x812f, 0x36e: 0x8132, 0x36f: 0x8133,
+	0x370: 0x8106, 0x371: 0x8107, 0x372: 0x8108, 0x373: 0x8109, 0x374: 0x810a, 0x375: 0x810b,
+	0x376: 0x810c, 0x377: 0x810d, 0x378: 0x810e, 0x379: 0x810f, 0x37a: 0x810f, 0x37b: 0x8110,
+	0x37c: 0x8111, 0x37d: 0x8112, 0x37f: 0x8113,
+	// Block 0xe, offset 0x380
+	0x388: 0xa000, 0x38a: 0xa000, 0x38b: 0x8117,
+	0x38c: 0x8118, 0x38d: 0x8119, 0x38e: 0x811a, 0x38f: 0x811b, 0x390: 0x811c, 0x391: 0x811d,
+	0x392: 0x811e, 0x393: 0x9933, 0x394: 0x9933, 0x395: 0x992e, 0x396: 0x812e, 0x397: 0x8133,
+	0x398: 0x8133, 0x399: 0x8133, 0x39a: 0x8133, 0x39b: 0x8133, 0x39c: 0x812e, 0x39d: 0x8133,
+	0x39e: 0x8133, 0x39f: 0x812e,
+	0x3b0: 0x811f,
+	// Block 0xf, offset 0x3c0
+	0x3ca: 0x8133, 0x3cb: 0x8133,
+	0x3cc: 0x8133, 0x3cd: 0x8133, 0x3ce: 0x8133, 0x3cf: 0x812e, 0x3d0: 0x812e, 0x3d1: 0x812e,
+	0x3d2: 0x812e, 0x3d3: 0x812e, 0x3d4: 0x8133, 0x3d5: 0x8133, 0x3d6: 0x8133, 0x3d7: 0x8133,
+	0x3d8: 0x8133, 0x3d9: 0x8133, 0x3da: 0x8133, 0x3db: 0x8133, 0x3dc: 0x8133, 0x3dd: 0x8133,
+	0x3de: 0x8133, 0x3df: 0x8133, 0x3e0: 0x8133, 0x3e1: 0x8133, 0x3e3: 0x812e,
+	0x3e4: 0x8133, 0x3e5: 0x8133, 0x3e6: 0x812e, 0x3e7: 0x8133, 0x3e8: 0x8133, 0x3e9: 0x812e,
+	0x3ea: 0x8133, 0x3eb: 0x8133, 0x3ec: 0x8133, 0x3ed: 0x812e, 0x3ee: 0x812e, 0x3ef: 0x812e,
+	0x3f0: 0x8117, 0x3f1: 0x8118, 0x3f2: 0x8119, 0x3f3: 0x8133, 0x3f4: 0x8133, 0x3f5: 0x8133,
+	0x3f6: 0x812e, 0x3f7: 0x8133, 0x3f8: 0x8133, 0x3f9: 0x812e, 0x3fa: 0x812e, 0x3fb: 0x8133,
+	0x3fc: 0x8133, 0x3fd: 0x8133, 0x3fe: 0x8133, 0x3ff: 0x8133,
+	// Block 0x10, offset 0x400
+	0x405: 0xa000,
+	0x406: 0x2e5d, 0x407: 0xa000, 0x408: 0x2e65, 0x409: 0xa000, 0x40a: 0x2e6d, 0x40b: 0xa000,
+	0x40c: 0x2e75, 0x40d: 0xa000, 0x40e: 0x2e7d, 0x411: 0xa000,
+	0x412: 0x2e85,
+	0x434: 0x8103, 0x435: 0x9900,
+	0x43a: 0xa000, 0x43b: 0x2e8d,
+	0x43c: 0xa000, 0x43d: 0x2e95, 0x43e: 0xa000, 0x43f: 0xa000,
+	// Block 0x11, offset 0x440
+	0x440: 0x8133, 0x441: 0x8133, 0x442: 0x812e, 0x443: 0x8133, 0x444: 0x8133, 0x445: 0x8133,
+	0x446: 0x8133, 0x447: 0x8133, 0x448: 0x8133, 0x449: 0x8133, 0x44a: 0x812e, 0x44b: 0x8133,
+	0x44c: 0x8133, 0x44d: 0x8136, 0x44e: 0x812b, 0x44f: 0x812e, 0x450: 0x812a, 0x451: 0x8133,
+	0x452: 0x8133, 0x453: 0x8133, 0x454: 0x8133, 0x455: 0x8133, 0x456: 0x8133, 0x457: 0x8133,
+	0x458: 0x8133, 0x459: 0x8133, 0x45a: 0x8133, 0x45b: 0x8133, 0x45c: 0x8133, 0x45d: 0x8133,
+	0x45e: 0x8133, 0x45f: 0x8133, 0x460: 0x8133, 0x461: 0x8133, 0x462: 0x8133, 0x463: 0x8133,
+	0x464: 0x8133, 0x465: 0x8133, 0x466: 0x8133, 0x467: 0x8133, 0x468: 0x8133, 0x469: 0x8133,
+	0x46a: 0x8133, 0x46b: 0x8133, 0x46c: 0x8133, 0x46d: 0x8133, 0x46e: 0x8133, 0x46f: 0x8133,
+	0x470: 0x8133, 0x471: 0x8133, 0x472: 0x8133, 0x473: 0x8133, 0x474: 0x8133, 0x475: 0x8133,
+	0x476: 0x8134, 0x477: 0x8132, 0x478: 0x8132, 0x479: 0x812e, 0x47a: 0x812d, 0x47b: 0x8133,
+	0x47c: 0x8135, 0x47d: 0x812e, 0x47e: 0x8133, 0x47f: 0x812e,
+	// Block 0x12, offset 0x480
+	0x480: 0x30d8, 0x481: 0x33e4, 0x482: 0x30e2, 0x483: 0x33ee, 0x484: 0x30e7, 0x485: 0x33f3,
+	0x486: 0x30ec, 0x487: 0x33f8, 0x488: 0x3a0d, 0x489: 0x3b9c, 0x48a: 0x3105, 0x48b: 0x3411,
+	0x48c: 0x310f, 0x48d: 0x341b, 0x48e: 0x311e, 0x48f: 0x342a, 0x490: 0x3114, 0x491: 0x3420,
+	0x492: 0x3119, 0x493: 0x3425, 0x494: 0x3a30, 0x495: 0x3bbf, 0x496: 0x3a37, 0x497: 0x3bc6,
+	0x498: 0x315a, 0x499: 0x3466, 0x49a: 0x315f, 0x49b: 0x346b, 0x49c: 0x3a45, 0x49d: 0x3bd4,
+	0x49e: 0x3164, 0x49f: 0x3470, 0x4a0: 0x3173, 0x4a1: 0x347f, 0x4a2: 0x3191, 0x4a3: 0x349d,
+	0x4a4: 0x31a0, 0x4a5: 0x34ac, 0x4a6: 0x3196, 0x4a7: 0x34a2, 0x4a8: 0x31a5, 0x4a9: 0x34b1,
+	0x4aa: 0x31aa, 0x4ab: 0x34b6, 0x4ac: 0x31f0, 0x4ad: 0x34fc, 0x4ae: 0x3a4c, 0x4af: 0x3bdb,
+	0x4b0: 0x31fa, 0x4b1: 0x350b, 0x4b2: 0x3204, 0x4b3: 0x3515, 0x4b4: 0x320e, 0x4b5: 0x351f,
+	0x4b6: 0x4805, 0x4b7: 0x4896, 0x4b8: 0x3a53, 0x4b9: 0x3be2, 0x4ba: 0x3227, 0x4bb: 0x3538,
+	0x4bc: 0x3222, 0x4bd: 0x3533, 0x4be: 0x322c, 0x4bf: 0x353d,
+	// Block 0x13, offset 0x4c0
+	0x4c0: 0x3231, 0x4c1: 0x3542, 0x4c2: 0x3236, 0x4c3: 0x3547, 0x4c4: 0x324a, 0x4c5: 0x355b,
+	0x4c6: 0x3254, 0x4c7: 0x3565, 0x4c8: 0x3263, 0x4c9: 0x3574, 0x4ca: 0x325e, 0x4cb: 0x356f,
+	0x4cc: 0x3a76, 0x4cd: 0x3c05, 0x4ce: 0x3a84, 0x4cf: 0x3c13, 0x4d0: 0x3a8b, 0x4d1: 0x3c1a,
+	0x4d2: 0x3a92, 0x4d3: 0x3c21, 0x4d4: 0x3290, 0x4d5: 0x35a1, 0x4d6: 0x3295, 0x4d7: 0x35a6,
+	0x4d8: 0x329f, 0x4d9: 0x35b0, 0x4da: 0x4832, 0x4db: 0x48c3, 0x4dc: 0x3ad8, 0x4dd: 0x3c67,
+	0x4de: 0x32b8, 0x4df: 0x35c9, 0x4e0: 0x32c2, 0x4e1: 0x35d3, 0x4e2: 0x4841, 0x4e3: 0x48d2,
+	0x4e4: 0x3adf, 0x4e5: 0x3c6e, 0x4e6: 0x3ae6, 0x4e7: 0x3c75, 0x4e8: 0x3aed, 0x4e9: 0x3c7c,
+	0x4ea: 0x32d1, 0x4eb: 0x35e2, 0x4ec: 0x32db, 0x4ed: 0x35f1, 0x4ee: 0x32ef, 0x4ef: 0x3605,
+	0x4f0: 0x32ea, 0x4f1: 0x3600, 0x4f2: 0x332b, 0x4f3: 0x3641, 0x4f4: 0x333a, 0x4f5: 0x3650,
+	0x4f6: 0x3335, 0x4f7: 0x364b, 0x4f8: 0x3af4, 0x4f9: 0x3c83, 0x4fa: 0x3afb, 0x4fb: 0x3c8a,
+	0x4fc: 0x333f, 0x4fd: 0x3655, 0x4fe: 0x3344, 0x4ff: 0x365a,
+	// Block 0x14, offset 0x500
+	0x500: 0x3349, 0x501: 0x365f, 0x502: 0x334e, 0x503: 0x3664, 0x504: 0x335d, 0x505: 0x3673,
+	0x506: 0x3358, 0x507: 0x366e, 0x508: 0x3362, 0x509: 0x367d, 0x50a: 0x3367, 0x50b: 0x3682,
+	0x50c: 0x336c, 0x50d: 0x3687, 0x50e: 0x338a, 0x50f: 0x36a5, 0x510: 0x33a3, 0x511: 0x36c3,
+	0x512: 0x33b2, 0x513: 0x36d2, 0x514: 0x33b7, 0x515: 0x36d7, 0x516: 0x34bb, 0x517: 0x35e7,
+	0x518: 0x3678, 0x519: 0x36b4, 0x51b: 0x3712,
+	0x520: 0x47e2, 0x521: 0x4873, 0x522: 0x30c4, 0x523: 0x33d0,
+	0x524: 0x39b9, 0x525: 0x3b48, 0x526: 0x39b2, 0x527: 0x3b41, 0x528: 0x39c7, 0x529: 0x3b56,
+	0x52a: 0x39c0, 0x52b: 0x3b4f, 0x52c: 0x39ff, 0x52d: 0x3b8e, 0x52e: 0x39d5, 0x52f: 0x3b64,
+	0x530: 0x39ce, 0x531: 0x3b5d, 0x532: 0x39e3, 0x533: 0x3b72, 0x534: 0x39dc, 0x535: 0x3b6b,
+	0x536: 0x3a06, 0x537: 0x3b95, 0x538: 0x47f6, 0x539: 0x4887, 0x53a: 0x3141, 0x53b: 0x344d,
+	0x53c: 0x312d, 0x53d: 0x3439, 0x53e: 0x3a1b, 0x53f: 0x3baa,
+	// Block 0x15, offset 0x540
+	0x540: 0x3a14, 0x541: 0x3ba3, 0x542: 0x3a29, 0x543: 0x3bb8, 0x544: 0x3a22, 0x545: 0x3bb1,
+	0x546: 0x3a3e, 0x547: 0x3bcd, 0x548: 0x31d2, 0x549: 0x34de, 0x54a: 0x31e6, 0x54b: 0x34f2,
+	0x54c: 0x4828, 0x54d: 0x48b9, 0x54e: 0x3277, 0x54f: 0x3588, 0x550: 0x3a61, 0x551: 0x3bf0,
+	0x552: 0x3a5a, 0x553: 0x3be9, 0x554: 0x3a6f, 0x555: 0x3bfe, 0x556: 0x3a68, 0x557: 0x3bf7,
+	0x558: 0x3aca, 0x559: 0x3c59, 0x55a: 0x3aae, 0x55b: 0x3c3d, 0x55c: 0x3aa7, 0x55d: 0x3c36,
+	0x55e: 0x3abc, 0x55f: 0x3c4b, 0x560: 0x3ab5, 0x561: 0x3c44, 0x562: 0x3ac3, 0x563: 0x3c52,
+	0x564: 0x3326, 0x565: 0x363c, 0x566: 0x3308, 0x567: 0x361e, 0x568: 0x3b25, 0x569: 0x3cb4,
+	0x56a: 0x3b1e, 0x56b: 0x3cad, 0x56c: 0x3b33, 0x56d: 0x3cc2, 0x56e: 0x3b2c, 0x56f: 0x3cbb,
+	0x570: 0x3b3a, 0x571: 0x3cc9, 0x572: 0x3371, 0x573: 0x368c, 0x574: 0x3399, 0x575: 0x36b9,
+	0x576: 0x3394, 0x577: 0x36af, 0x578: 0x3380, 0x579: 0x369b,
+	// Block 0x16, offset 0x580
+	0x580: 0x4945, 0x581: 0x494b, 0x582: 0x4a5f, 0x583: 0x4a77, 0x584: 0x4a67, 0x585: 0x4a7f,
+	0x586: 0x4a6f, 0x587: 0x4a87, 0x588: 0x48eb, 0x589: 0x48f1, 0x58a: 0x49cf, 0x58b: 0x49e7,
+	0x58c: 0x49d7, 0x58d: 0x49ef, 0x58e: 0x49df, 0x58f: 0x49f7, 0x590: 0x4957, 0x591: 0x495d,
+	0x592: 0x3ef9, 0x593: 0x3f09, 0x594: 0x3f01, 0x595: 0x3f11,
+	0x598: 0x48f7, 0x599: 0x48fd, 0x59a: 0x3e29, 0x59b: 0x3e39, 0x59c: 0x3e31, 0x59d: 0x3e41,
+	0x5a0: 0x496f, 0x5a1: 0x4975, 0x5a2: 0x4a8f, 0x5a3: 0x4aa7,
+	0x5a4: 0x4a97, 0x5a5: 0x4aaf, 0x5a6: 0x4a9f, 0x5a7: 0x4ab7, 0x5a8: 0x4903, 0x5a9: 0x4909,
+	0x5aa: 0x49ff, 0x5ab: 0x4a17, 0x5ac: 0x4a07, 0x5ad: 0x4a1f, 0x5ae: 0x4a0f, 0x5af: 0x4a27,
+	0x5b0: 0x4987, 0x5b1: 0x498d, 0x5b2: 0x3f59, 0x5b3: 0x3f71, 0x5b4: 0x3f61, 0x5b5: 0x3f79,
+	0x5b6: 0x3f69, 0x5b7: 0x3f81, 0x5b8: 0x490f, 0x5b9: 0x4915, 0x5ba: 0x3e59, 0x5bb: 0x3e71,
+	0x5bc: 0x3e61, 0x5bd: 0x3e79, 0x5be: 0x3e69, 0x5bf: 0x3e81,
+	// Block 0x17, offset 0x5c0
+	0x5c0: 0x4993, 0x5c1: 0x4999, 0x5c2: 0x3f89, 0x5c3: 0x3f99, 0x5c4: 0x3f91, 0x5c5: 0x3fa1,
+	0x5c8: 0x491b, 0x5c9: 0x4921, 0x5ca: 0x3e89, 0x5cb: 0x3e99,
+	0x5cc: 0x3e91, 0x5cd: 0x3ea1, 0x5d0: 0x49a5, 0x5d1: 0x49ab,
+	0x5d2: 0x3fc1, 0x5d3: 0x3fd9, 0x5d4: 0x3fc9, 0x5d5: 0x3fe1, 0x5d6: 0x3fd1, 0x5d7: 0x3fe9,
+	0x5d9: 0x4927, 0x5db: 0x3ea9, 0x5dd: 0x3eb1,
+	0x5df: 0x3eb9, 0x5e0: 0x49bd, 0x5e1: 0x49c3, 0x5e2: 0x4abf, 0x5e3: 0x4ad7,
+	0x5e4: 0x4ac7, 0x5e5: 0x4adf, 0x5e6: 0x4acf, 0x5e7: 0x4ae7, 0x5e8: 0x492d, 0x5e9: 0x4933,
+	0x5ea: 0x4a2f, 0x5eb: 0x4a47, 0x5ec: 0x4a37, 0x5ed: 0x4a4f, 0x5ee: 0x4a3f, 0x5ef: 0x4a57,
+	0x5f0: 0x4939, 0x5f1: 0x445f, 0x5f2: 0x37d2, 0x5f3: 0x4465, 0x5f4: 0x4963, 0x5f5: 0x446b,
+	0x5f6: 0x37e4, 0x5f7: 0x4471, 0x5f8: 0x3802, 0x5f9: 0x4477, 0x5fa: 0x381a, 0x5fb: 0x447d,
+	0x5fc: 0x49b1, 0x5fd: 0x4483,
+	// Block 0x18, offset 0x600
+	0x600: 0x3ee1, 0x601: 0x3ee9, 0x602: 0x42c5, 0x603: 0x42e3, 0x604: 0x42cf, 0x605: 0x42ed,
+	0x606: 0x42d9, 0x607: 0x42f7, 0x608: 0x3e19, 0x609: 0x3e21, 0x60a: 0x4211, 0x60b: 0x422f,
+	0x60c: 0x421b, 0x60d: 0x4239, 0x60e: 0x4225, 0x60f: 0x4243, 0x610: 0x3f29, 0x611: 0x3f31,
+	0x612: 0x4301, 0x613: 0x431f, 0x614: 0x430b, 0x615: 0x4329, 0x616: 0x4315, 0x617: 0x4333,
+	0x618: 0x3e49, 0x619: 0x3e51, 0x61a: 0x424d, 0x61b: 0x426b, 0x61c: 0x4257, 0x61d: 0x4275,
+	0x61e: 0x4261, 0x61f: 0x427f, 0x620: 0x4001, 0x621: 0x4009, 0x622: 0x433d, 0x623: 0x435b,
+	0x624: 0x4347, 0x625: 0x4365, 0x626: 0x4351, 0x627: 0x436f, 0x628: 0x3ec1, 0x629: 0x3ec9,
+	0x62a: 0x4289, 0x62b: 0x42a7, 0x62c: 0x4293, 0x62d: 0x42b1, 0x62e: 0x429d, 0x62f: 0x42bb,
+	0x630: 0x37c6, 0x631: 0x37c0, 0x632: 0x3ed1, 0x633: 0x37cc, 0x634: 0x3ed9,
+	0x636: 0x4951, 0x637: 0x3ef1, 0x638: 0x3736, 0x639: 0x3730, 0x63a: 0x3724, 0x63b: 0x442f,
+	0x63c: 0x373c, 0x63d: 0x8100, 0x63e: 0x0257, 0x63f: 0xa100,
+	// Block 0x19, offset 0x640
+	0x640: 0x8100, 0x641: 0x36e8, 0x642: 0x3f19, 0x643: 0x37de, 0x644: 0x3f21,
+	0x646: 0x497b, 0x647: 0x3f39, 0x648: 0x3742, 0x649: 0x4435, 0x64a: 0x374e, 0x64b: 0x443b,
+	0x64c: 0x375a, 0x64d: 0x3cd0, 0x64e: 0x3cd7, 0x64f: 0x3cde, 0x650: 0x37f6, 0x651: 0x37f0,
+	0x652: 0x3f41, 0x653: 0x4625, 0x656: 0x37fc, 0x657: 0x3f51,
+	0x658: 0x3772, 0x659: 0x376c, 0x65a: 0x3760, 0x65b: 0x4441, 0x65d: 0x3ce5,
+	0x65e: 0x3cec, 0x65f: 0x3cf3, 0x660: 0x382c, 0x661: 0x3826, 0x662: 0x3fa9, 0x663: 0x462d,
+	0x664: 0x380e, 0x665: 0x3814, 0x666: 0x3832, 0x667: 0x3fb9, 0x668: 0x37a2, 0x669: 0x379c,
+	0x66a: 0x3790, 0x66b: 0x444d, 0x66c: 0x378a, 0x66d: 0x36dc, 0x66e: 0x4429, 0x66f: 0x0081,
+	0x672: 0x3ff1, 0x673: 0x3838, 0x674: 0x3ff9,
+	0x676: 0x49c9, 0x677: 0x4011, 0x678: 0x377e, 0x679: 0x4447, 0x67a: 0x37ae, 0x67b: 0x4459,
+	0x67c: 0x37ba, 0x67d: 0x4397, 0x67e: 0xa100,
+	// Block 0x1a, offset 0x680
+	0x681: 0x3d47, 0x683: 0xa000, 0x684: 0x3d4e, 0x685: 0xa000,
+	0x687: 0x3d55, 0x688: 0xa000, 0x689: 0x3d5c,
+	0x68d: 0xa000,
+	0x6a0: 0x30a6, 0x6a1: 0xa000, 0x6a2: 0x3d6a,
+	0x6a4: 0xa000, 0x6a5: 0xa000,
+	0x6ad: 0x3d63, 0x6ae: 0x30a1, 0x6af: 0x30ab,
+	0x6b0: 0x3d71, 0x6b1: 0x3d78, 0x6b2: 0xa000, 0x6b3: 0xa000, 0x6b4: 0x3d7f, 0x6b5: 0x3d86,
+	0x6b6: 0xa000, 0x6b7: 0xa000, 0x6b8: 0x3d8d, 0x6b9: 0x3d94, 0x6ba: 0xa000, 0x6bb: 0xa000,
+	0x6bc: 0xa000, 0x6bd: 0xa000,
+	// Block 0x1b, offset 0x6c0
+	0x6c0: 0x3d9b, 0x6c1: 0x3da2, 0x6c2: 0xa000, 0x6c3: 0xa000, 0x6c4: 0x3db7, 0x6c5: 0x3dbe,
+	0x6c6: 0xa000, 0x6c7: 0xa000, 0x6c8: 0x3dc5, 0x6c9: 0x3dcc,
+	0x6d1: 0xa000,
+	0x6d2: 0xa000,
+	0x6e2: 0xa000,
+	0x6e8: 0xa000, 0x6e9: 0xa000,
+	0x6eb: 0xa000, 0x6ec: 0x3de1, 0x6ed: 0x3de8, 0x6ee: 0x3def, 0x6ef: 0x3df6,
+	0x6f2: 0xa000, 0x6f3: 0xa000, 0x6f4: 0xa000, 0x6f5: 0xa000,
+	// Block 0x1c, offset 0x700
+	0x706: 0xa000, 0x70b: 0xa000,
+	0x70c: 0x4049, 0x70d: 0xa000, 0x70e: 0x4051, 0x70f: 0xa000, 0x710: 0x4059, 0x711: 0xa000,
+	0x712: 0x4061, 0x713: 0xa000, 0x714: 0x4069, 0x715: 0xa000, 0x716: 0x4071, 0x717: 0xa000,
+	0x718: 0x4079, 0x719: 0xa000, 0x71a: 0x4081, 0x71b: 0xa000, 0x71c: 0x4089, 0x71d: 0xa000,
+	0x71e: 0x4091, 0x71f: 0xa000, 0x720: 0x4099, 0x721: 0xa000, 0x722: 0x40a1,
+	0x724: 0xa000, 0x725: 0x40a9, 0x726: 0xa000, 0x727: 0x40b1, 0x728: 0xa000, 0x729: 0x40b9,
+	0x72f: 0xa000,
+	0x730: 0x40c1, 0x731: 0x40c9, 0x732: 0xa000, 0x733: 0x40d1, 0x734: 0x40d9, 0x735: 0xa000,
+	0x736: 0x40e1, 0x737: 0x40e9, 0x738: 0xa000, 0x739: 0x40f1, 0x73a: 0x40f9, 0x73b: 0xa000,
+	0x73c: 0x4101, 0x73d: 0x4109,
+	// Block 0x1d, offset 0x740
+	0x754: 0x4041,
+	0x759: 0x9904, 0x75a: 0x9904, 0x75b: 0x8100, 0x75c: 0x8100, 0x75d: 0xa000,
+	0x75e: 0x4111,
+	0x766: 0xa000,
+	0x76b: 0xa000, 0x76c: 0x4121, 0x76d: 0xa000, 0x76e: 0x4129, 0x76f: 0xa000,
+	0x770: 0x4131, 0x771: 0xa000, 0x772: 0x4139, 0x773: 0xa000, 0x774: 0x4141, 0x775: 0xa000,
+	0x776: 0x4149, 0x777: 0xa000, 0x778: 0x4151, 0x779: 0xa000, 0x77a: 0x4159, 0x77b: 0xa000,
+	0x77c: 0x4161, 0x77d: 0xa000, 0x77e: 0x4169, 0x77f: 0xa000,
+	// Block 0x1e, offset 0x780
+	0x780: 0x4171, 0x781: 0xa000, 0x782: 0x4179, 0x784: 0xa000, 0x785: 0x4181,
+	0x786: 0xa000, 0x787: 0x4189, 0x788: 0xa000, 0x789: 0x4191,
+	0x78f: 0xa000, 0x790: 0x4199, 0x791: 0x41a1,
+	0x792: 0xa000, 0x793: 0x41a9, 0x794: 0x41b1, 0x795: 0xa000, 0x796: 0x41b9, 0x797: 0x41c1,
+	0x798: 0xa000, 0x799: 0x41c9, 0x79a: 0x41d1, 0x79b: 0xa000, 0x79c: 0x41d9, 0x79d: 0x41e1,
+	0x7af: 0xa000,
+	0x7b0: 0xa000, 0x7b1: 0xa000, 0x7b2: 0xa000, 0x7b4: 0x4119,
+	0x7b7: 0x41e9, 0x7b8: 0x41f1, 0x7b9: 0x41f9, 0x7ba: 0x4201,
+	0x7bd: 0xa000, 0x7be: 0x4209,
+	// Block 0x1f, offset 0x7c0
+	0x7c0: 0x1472, 0x7c1: 0x0df6, 0x7c2: 0x14ce, 0x7c3: 0x149a, 0x7c4: 0x0f52, 0x7c5: 0x07e6,
+	0x7c6: 0x09da, 0x7c7: 0x1726, 0x7c8: 0x1726, 0x7c9: 0x0b06, 0x7ca: 0x155a, 0x7cb: 0x0a3e,
+	0x7cc: 0x0b02, 0x7cd: 0x0cea, 0x7ce: 0x10ca, 0x7cf: 0x125a, 0x7d0: 0x1392, 0x7d1: 0x13ce,
+	0x7d2: 0x1402, 0x7d3: 0x1516, 0x7d4: 0x0e6e, 0x7d5: 0x0efa, 0x7d6: 0x0fa6, 0x7d7: 0x103e,
+	0x7d8: 0x135a, 0x7d9: 0x1542, 0x7da: 0x166e, 0x7db: 0x080a, 0x7dc: 0x09ae, 0x7dd: 0x0e82,
+	0x7de: 0x0fca, 0x7df: 0x138e, 0x7e0: 0x16be, 0x7e1: 0x0bae, 0x7e2: 0x0f72, 0x7e3: 0x137e,
+	0x7e4: 0x1412, 0x7e5: 0x0d1e, 0x7e6: 0x12b6, 0x7e7: 0x13da, 0x7e8: 0x0c1a, 0x7e9: 0x0e0a,
+	0x7ea: 0x0f12, 0x7eb: 0x1016, 0x7ec: 0x1522, 0x7ed: 0x084a, 0x7ee: 0x08e2, 0x7ef: 0x094e,
+	0x7f0: 0x0d86, 0x7f1: 0x0e7a, 0x7f2: 0x0fc6, 0x7f3: 0x10ea, 0x7f4: 0x1272, 0x7f5: 0x1386,
+	0x7f6: 0x139e, 0x7f7: 0x14c2, 0x7f8: 0x15ea, 0x7f9: 0x169e, 0x7fa: 0x16ba, 0x7fb: 0x1126,
+	0x7fc: 0x1166, 0x7fd: 0x121e, 0x7fe: 0x133e, 0x7ff: 0x1576,
+	// Block 0x20, offset 0x800
+	0x800: 0x16c6, 0x801: 0x1446, 0x802: 0x0ac2, 0x803: 0x0c36, 0x804: 0x11d6, 0x805: 0x1296,
+	0x806: 0x0ffa, 0x807: 0x112e, 0x808: 0x1492, 0x809: 0x15e2, 0x80a: 0x0abe, 0x80b: 0x0b8a,
+	0x80c: 0x0e72, 0x80d: 0x0f26, 0x80e: 0x0f5a, 0x80f: 0x120e, 0x810: 0x1236, 0x811: 0x15a2,
+	0x812: 0x094a, 0x813: 0x12a2, 0x814: 0x08ee, 0x815: 0x08ea, 0x816: 0x1192, 0x817: 0x1222,
+	0x818: 0x1356, 0x819: 0x15aa, 0x81a: 0x1462, 0x81b: 0x0d22, 0x81c: 0x0e6e, 0x81d: 0x1452,
+	0x81e: 0x07f2, 0x81f: 0x0b5e, 0x820: 0x0c8e, 0x821: 0x102a, 0x822: 0x10aa, 0x823: 0x096e,
+	0x824: 0x1136, 0x825: 0x085a, 0x826: 0x0c72, 0x827: 0x07d2, 0x828: 0x0ee6, 0x829: 0x0d9e,
+	0x82a: 0x120a, 0x82b: 0x09c2, 0x82c: 0x0aae, 0x82d: 0x10f6, 0x82e: 0x135e, 0x82f: 0x1436,
+	0x830: 0x0eb2, 0x831: 0x14f2, 0x832: 0x0ede, 0x833: 0x0d32, 0x834: 0x1316, 0x835: 0x0d52,
+	0x836: 0x10a6, 0x837: 0x0826, 0x838: 0x08a2, 0x839: 0x08e6, 0x83a: 0x0e4e, 0x83b: 0x11f6,
+	0x83c: 0x12ee, 0x83d: 0x1442, 0x83e: 0x1556, 0x83f: 0x0956,
+	// Block 0x21, offset 0x840
+	0x840: 0x0a0a, 0x841: 0x0b12, 0x842: 0x0c2a, 0x843: 0x0dba, 0x844: 0x0f76, 0x845: 0x113a,
+	0x846: 0x1592, 0x847: 0x1676, 0x848: 0x16ca, 0x849: 0x16e2, 0x84a: 0x0932, 0x84b: 0x0dee,
+	0x84c: 0x0e9e, 0x84d: 0x14e6, 0x84e: 0x0bf6, 0x84f: 0x0cd2, 0x850: 0x0cee, 0x851: 0x0d7e,
+	0x852: 0x0f66, 0x853: 0x0fb2, 0x854: 0x1062, 0x855: 0x1186, 0x856: 0x122a, 0x857: 0x128e,
+	0x858: 0x14d6, 0x859: 0x1366, 0x85a: 0x14fe, 0x85b: 0x157a, 0x85c: 0x090a, 0x85d: 0x0936,
+	0x85e: 0x0a1e, 0x85f: 0x0fa2, 0x860: 0x13ee, 0x861: 0x1436, 0x862: 0x0c16, 0x863: 0x0c86,
+	0x864: 0x0d4a, 0x865: 0x0eaa, 0x866: 0x11d2, 0x867: 0x101e, 0x868: 0x0836, 0x869: 0x0a7a,
+	0x86a: 0x0b5e, 0x86b: 0x0bc2, 0x86c: 0x0c92, 0x86d: 0x103a, 0x86e: 0x1056, 0x86f: 0x1266,
+	0x870: 0x1286, 0x871: 0x155e, 0x872: 0x15de, 0x873: 0x15ee, 0x874: 0x162a, 0x875: 0x084e,
+	0x876: 0x117a, 0x877: 0x154a, 0x878: 0x15c6, 0x879: 0x0caa, 0x87a: 0x0812, 0x87b: 0x0872,
+	0x87c: 0x0b62, 0x87d: 0x0b82, 0x87e: 0x0daa, 0x87f: 0x0e6e,
+	// Block 0x22, offset 0x880
+	0x880: 0x0fbe, 0x881: 0x10c6, 0x882: 0x1372, 0x883: 0x1512, 0x884: 0x171e, 0x885: 0x0dde,
+	0x886: 0x159e, 0x887: 0x092e, 0x888: 0x0e2a, 0x889: 0x0e36, 0x88a: 0x0f0a, 0x88b: 0x0f42,
+	0x88c: 0x1046, 0x88d: 0x10a2, 0x88e: 0x1122, 0x88f: 0x1206, 0x890: 0x1636, 0x891: 0x08aa,
+	0x892: 0x0cfe, 0x893: 0x15ae, 0x894: 0x0862, 0x895: 0x0ba6, 0x896: 0x0f2a, 0x897: 0x14da,
+	0x898: 0x0c62, 0x899: 0x0cb2, 0x89a: 0x0e3e, 0x89b: 0x102a, 0x89c: 0x15b6, 0x89d: 0x0912,
+	0x89e: 0x09fa, 0x89f: 0x0b92, 0x8a0: 0x0dce, 0x8a1: 0x0e1a, 0x8a2: 0x0e5a, 0x8a3: 0x0eee,
+	0x8a4: 0x1042, 0x8a5: 0x10b6, 0x8a6: 0x1252, 0x8a7: 0x13f2, 0x8a8: 0x13fe, 0x8a9: 0x1552,
+	0x8aa: 0x15d2, 0x8ab: 0x097e, 0x8ac: 0x0f46, 0x8ad: 0x09fe, 0x8ae: 0x0fc2, 0x8af: 0x1066,
+	0x8b0: 0x1382, 0x8b1: 0x15ba, 0x8b2: 0x16a6, 0x8b3: 0x16ce, 0x8b4: 0x0e32, 0x8b5: 0x0f22,
+	0x8b6: 0x12be, 0x8b7: 0x11b2, 0x8b8: 0x11be, 0x8b9: 0x11e2, 0x8ba: 0x1012, 0x8bb: 0x0f9a,
+	0x8bc: 0x145e, 0x8bd: 0x082e, 0x8be: 0x1326, 0x8bf: 0x0916,
+	// Block 0x23, offset 0x8c0
+	0x8c0: 0x0906, 0x8c1: 0x0c06, 0x8c2: 0x0d26, 0x8c3: 0x11ee, 0x8c4: 0x0b4e, 0x8c5: 0x0efe,
+	0x8c6: 0x0dea, 0x8c7: 0x14e2, 0x8c8: 0x13e2, 0x8c9: 0x15a6, 0x8ca: 0x141e, 0x8cb: 0x0c22,
+	0x8cc: 0x0882, 0x8cd: 0x0a56, 0x8d0: 0x0aaa,
+	0x8d2: 0x0dda, 0x8d5: 0x08f2, 0x8d6: 0x101a, 0x8d7: 0x10de,
+	0x8d8: 0x1142, 0x8d9: 0x115e, 0x8da: 0x1162, 0x8db: 0x1176, 0x8dc: 0x15f6, 0x8dd: 0x11e6,
+	0x8de: 0x126a, 0x8e0: 0x138a, 0x8e2: 0x144e,
+	0x8e5: 0x1502, 0x8e6: 0x152e,
+	0x8ea: 0x164a, 0x8eb: 0x164e, 0x8ec: 0x1652, 0x8ed: 0x16b6, 0x8ee: 0x1526, 0x8ef: 0x15c2,
+	0x8f0: 0x0852, 0x8f1: 0x0876, 0x8f2: 0x088a, 0x8f3: 0x0946, 0x8f4: 0x0952, 0x8f5: 0x0992,
+	0x8f6: 0x0a46, 0x8f7: 0x0a62, 0x8f8: 0x0a6a, 0x8f9: 0x0aa6, 0x8fa: 0x0ab2, 0x8fb: 0x0b8e,
+	0x8fc: 0x0b96, 0x8fd: 0x0c9e, 0x8fe: 0x0cc6, 0x8ff: 0x0cce,
+	// Block 0x24, offset 0x900
+	0x900: 0x0ce6, 0x901: 0x0d92, 0x902: 0x0dc2, 0x903: 0x0de2, 0x904: 0x0e52, 0x905: 0x0f16,
+	0x906: 0x0f32, 0x907: 0x0f62, 0x908: 0x0fb6, 0x909: 0x0fd6, 0x90a: 0x104a, 0x90b: 0x112a,
+	0x90c: 0x1146, 0x90d: 0x114e, 0x90e: 0x114a, 0x90f: 0x1152, 0x910: 0x1156, 0x911: 0x115a,
+	0x912: 0x116e, 0x913: 0x1172, 0x914: 0x1196, 0x915: 0x11aa, 0x916: 0x11c6, 0x917: 0x122a,
+	0x918: 0x1232, 0x919: 0x123a, 0x91a: 0x124e, 0x91b: 0x1276, 0x91c: 0x12c6, 0x91d: 0x12fa,
+	0x91e: 0x12fa, 0x91f: 0x1362, 0x920: 0x140a, 0x921: 0x1422, 0x922: 0x1456, 0x923: 0x145a,
+	0x924: 0x149e, 0x925: 0x14a2, 0x926: 0x14fa, 0x927: 0x1502, 0x928: 0x15d6, 0x929: 0x161a,
+	0x92a: 0x1632, 0x92b: 0x0c96, 0x92c: 0x184b, 0x92d: 0x12de,
+	0x930: 0x07da, 0x931: 0x08de, 0x932: 0x089e, 0x933: 0x0846, 0x934: 0x0886, 0x935: 0x08b2,
+	0x936: 0x0942, 0x937: 0x095e, 0x938: 0x0a46, 0x939: 0x0a32, 0x93a: 0x0a42, 0x93b: 0x0a5e,
+	0x93c: 0x0aaa, 0x93d: 0x0aba, 0x93e: 0x0afe, 0x93f: 0x0b0a,
+	// Block 0x25, offset 0x940
+	0x940: 0x0b26, 0x941: 0x0b36, 0x942: 0x0c1e, 0x943: 0x0c26, 0x944: 0x0c56, 0x945: 0x0c76,
+	0x946: 0x0ca6, 0x947: 0x0cbe, 0x948: 0x0cae, 0x949: 0x0cce, 0x94a: 0x0cc2, 0x94b: 0x0ce6,
+	0x94c: 0x0d02, 0x94d: 0x0d5a, 0x94e: 0x0d66, 0x94f: 0x0d6e, 0x950: 0x0d96, 0x951: 0x0dda,
+	0x952: 0x0e0a, 0x953: 0x0e0e, 0x954: 0x0e22, 0x955: 0x0ea2, 0x956: 0x0eb2, 0x957: 0x0f0a,
+	0x958: 0x0f56, 0x959: 0x0f4e, 0x95a: 0x0f62, 0x95b: 0x0f7e, 0x95c: 0x0fb6, 0x95d: 0x110e,
+	0x95e: 0x0fda, 0x95f: 0x100e, 0x960: 0x101a, 0x961: 0x105a, 0x962: 0x1076, 0x963: 0x109a,
+	0x964: 0x10be, 0x965: 0x10c2, 0x966: 0x10de, 0x967: 0x10e2, 0x968: 0x10f2, 0x969: 0x1106,
+	0x96a: 0x1102, 0x96b: 0x1132, 0x96c: 0x11ae, 0x96d: 0x11c6, 0x96e: 0x11de, 0x96f: 0x1216,
+	0x970: 0x122a, 0x971: 0x1246, 0x972: 0x1276, 0x973: 0x132a, 0x974: 0x1352, 0x975: 0x13c6,
+	0x976: 0x140e, 0x977: 0x141a, 0x978: 0x1422, 0x979: 0x143a, 0x97a: 0x144e, 0x97b: 0x143e,
+	0x97c: 0x1456, 0x97d: 0x1452, 0x97e: 0x144a, 0x97f: 0x145a,
+	// Block 0x26, offset 0x980
+	0x980: 0x1466, 0x981: 0x14a2, 0x982: 0x14de, 0x983: 0x150e, 0x984: 0x1546, 0x985: 0x1566,
+	0x986: 0x15b2, 0x987: 0x15d6, 0x988: 0x15f6, 0x989: 0x160a, 0x98a: 0x161a, 0x98b: 0x1626,
+	0x98c: 0x1632, 0x98d: 0x1686, 0x98e: 0x1726, 0x98f: 0x17e2, 0x990: 0x17dd, 0x991: 0x180f,
+	0x992: 0x0702, 0x993: 0x072a, 0x994: 0x072e, 0x995: 0x1891, 0x996: 0x18be, 0x997: 0x1936,
+	0x998: 0x1712, 0x999: 0x1722,
+	// Block 0x27, offset 0x9c0
+	0x9c0: 0x07f6, 0x9c1: 0x07ee, 0x9c2: 0x07fe, 0x9c3: 0x1774, 0x9c4: 0x0842, 0x9c5: 0x0852,
+	0x9c6: 0x0856, 0x9c7: 0x085e, 0x9c8: 0x0866, 0x9c9: 0x086a, 0x9ca: 0x0876, 0x9cb: 0x086e,
+	0x9cc: 0x06ae, 0x9cd: 0x1788, 0x9ce: 0x088a, 0x9cf: 0x088e, 0x9d0: 0x0892, 0x9d1: 0x08ae,
+	0x9d2: 0x1779, 0x9d3: 0x06b2, 0x9d4: 0x089a, 0x9d5: 0x08ba, 0x9d6: 0x1783, 0x9d7: 0x08ca,
+	0x9d8: 0x08d2, 0x9d9: 0x0832, 0x9da: 0x08da, 0x9db: 0x08de, 0x9dc: 0x195e, 0x9dd: 0x08fa,
+	0x9de: 0x0902, 0x9df: 0x06ba, 0x9e0: 0x091a, 0x9e1: 0x091e, 0x9e2: 0x0926, 0x9e3: 0x092a,
+	0x9e4: 0x06be, 0x9e5: 0x0942, 0x9e6: 0x0946, 0x9e7: 0x0952, 0x9e8: 0x095e, 0x9e9: 0x0962,
+	0x9ea: 0x0966, 0x9eb: 0x096e, 0x9ec: 0x098e, 0x9ed: 0x0992, 0x9ee: 0x099a, 0x9ef: 0x09aa,
+	0x9f0: 0x09b2, 0x9f1: 0x09b6, 0x9f2: 0x09b6, 0x9f3: 0x09b6, 0x9f4: 0x1797, 0x9f5: 0x0f8e,
+	0x9f6: 0x09ca, 0x9f7: 0x09d2, 0x9f8: 0x179c, 0x9f9: 0x09de, 0x9fa: 0x09e6, 0x9fb: 0x09ee,
+	0x9fc: 0x0a16, 0x9fd: 0x0a02, 0x9fe: 0x0a0e, 0x9ff: 0x0a12,
+	// Block 0x28, offset 0xa00
+	0xa00: 0x0a1a, 0xa01: 0x0a22, 0xa02: 0x0a26, 0xa03: 0x0a2e, 0xa04: 0x0a36, 0xa05: 0x0a3a,
+	0xa06: 0x0a3a, 0xa07: 0x0a42, 0xa08: 0x0a4a, 0xa09: 0x0a4e, 0xa0a: 0x0a5a, 0xa0b: 0x0a7e,
+	0xa0c: 0x0a62, 0xa0d: 0x0a82, 0xa0e: 0x0a66, 0xa0f: 0x0a6e, 0xa10: 0x0906, 0xa11: 0x0aca,
+	0xa12: 0x0a92, 0xa13: 0x0a96, 0xa14: 0x0a9a, 0xa15: 0x0a8e, 0xa16: 0x0aa2, 0xa17: 0x0a9e,
+	0xa18: 0x0ab6, 0xa19: 0x17a1, 0xa1a: 0x0ad2, 0xa1b: 0x0ad6, 0xa1c: 0x0ade, 0xa1d: 0x0aea,
+	0xa1e: 0x0af2, 0xa1f: 0x0b0e, 0xa20: 0x17a6, 0xa21: 0x17ab, 0xa22: 0x0b1a, 0xa23: 0x0b1e,
+	0xa24: 0x0b22, 0xa25: 0x0b16, 0xa26: 0x0b2a, 0xa27: 0x06c2, 0xa28: 0x06c6, 0xa29: 0x0b32,
+	0xa2a: 0x0b3a, 0xa2b: 0x0b3a, 0xa2c: 0x17b0, 0xa2d: 0x0b56, 0xa2e: 0x0b5a, 0xa2f: 0x0b5e,
+	0xa30: 0x0b66, 0xa31: 0x17b5, 0xa32: 0x0b6e, 0xa33: 0x0b72, 0xa34: 0x0c4a, 0xa35: 0x0b7a,
+	0xa36: 0x06ca, 0xa37: 0x0b86, 0xa38: 0x0b96, 0xa39: 0x0ba2, 0xa3a: 0x0b9e, 0xa3b: 0x17bf,
+	0xa3c: 0x0baa, 0xa3d: 0x17c4, 0xa3e: 0x0bb6, 0xa3f: 0x0bb2,
+	// Block 0x29, offset 0xa40
+	0xa40: 0x0bba, 0xa41: 0x0bca, 0xa42: 0x0bce, 0xa43: 0x06ce, 0xa44: 0x0bde, 0xa45: 0x0be6,
+	0xa46: 0x0bea, 0xa47: 0x0bee, 0xa48: 0x06d2, 0xa49: 0x17c9, 0xa4a: 0x06d6, 0xa4b: 0x0c0a,
+	0xa4c: 0x0c0e, 0xa4d: 0x0c12, 0xa4e: 0x0c1a, 0xa4f: 0x1990, 0xa50: 0x0c32, 0xa51: 0x17d3,
+	0xa52: 0x17d3, 0xa53: 0x12d2, 0xa54: 0x0c42, 0xa55: 0x0c42, 0xa56: 0x06da, 0xa57: 0x17f6,
+	0xa58: 0x18c8, 0xa59: 0x0c52, 0xa5a: 0x0c5a, 0xa5b: 0x06de, 0xa5c: 0x0c6e, 0xa5d: 0x0c7e,
+	0xa5e: 0x0c82, 0xa5f: 0x0c8a, 0xa60: 0x0c9a, 0xa61: 0x06e6, 0xa62: 0x06e2, 0xa63: 0x0c9e,
+	0xa64: 0x17d8, 0xa65: 0x0ca2, 0xa66: 0x0cb6, 0xa67: 0x0cba, 0xa68: 0x0cbe, 0xa69: 0x0cba,
+	0xa6a: 0x0cca, 0xa6b: 0x0cce, 0xa6c: 0x0cde, 0xa6d: 0x0cd6, 0xa6e: 0x0cda, 0xa6f: 0x0ce2,
+	0xa70: 0x0ce6, 0xa71: 0x0cea, 0xa72: 0x0cf6, 0xa73: 0x0cfa, 0xa74: 0x0d12, 0xa75: 0x0d1a,
+	0xa76: 0x0d2a, 0xa77: 0x0d3e, 0xa78: 0x17e7, 0xa79: 0x0d3a, 0xa7a: 0x0d2e, 0xa7b: 0x0d46,
+	0xa7c: 0x0d4e, 0xa7d: 0x0d62, 0xa7e: 0x17ec, 0xa7f: 0x0d6a,
+	// Block 0x2a, offset 0xa80
+	0xa80: 0x0d5e, 0xa81: 0x0d56, 0xa82: 0x06ea, 0xa83: 0x0d72, 0xa84: 0x0d7a, 0xa85: 0x0d82,
+	0xa86: 0x0d76, 0xa87: 0x06ee, 0xa88: 0x0d92, 0xa89: 0x0d9a, 0xa8a: 0x17f1, 0xa8b: 0x0dc6,
+	0xa8c: 0x0dfa, 0xa8d: 0x0dd6, 0xa8e: 0x06fa, 0xa8f: 0x0de2, 0xa90: 0x06f6, 0xa91: 0x06f2,
+	0xa92: 0x08be, 0xa93: 0x08c2, 0xa94: 0x0dfe, 0xa95: 0x0de6, 0xa96: 0x12a6, 0xa97: 0x075e,
+	0xa98: 0x0e0a, 0xa99: 0x0e0e, 0xa9a: 0x0e12, 0xa9b: 0x0e26, 0xa9c: 0x0e1e, 0xa9d: 0x180a,
+	0xa9e: 0x06fe, 0xa9f: 0x0e3a, 0xaa0: 0x0e2e, 0xaa1: 0x0e4a, 0xaa2: 0x0e52, 0xaa3: 0x1814,
+	0xaa4: 0x0e56, 0xaa5: 0x0e42, 0xaa6: 0x0e5e, 0xaa7: 0x0702, 0xaa8: 0x0e62, 0xaa9: 0x0e66,
+	0xaaa: 0x0e6a, 0xaab: 0x0e76, 0xaac: 0x1819, 0xaad: 0x0e7e, 0xaae: 0x0706, 0xaaf: 0x0e8a,
+	0xab0: 0x181e, 0xab1: 0x0e8e, 0xab2: 0x070a, 0xab3: 0x0e9a, 0xab4: 0x0ea6, 0xab5: 0x0eb2,
+	0xab6: 0x0eb6, 0xab7: 0x1823, 0xab8: 0x17ba, 0xab9: 0x1828, 0xaba: 0x0ed6, 0xabb: 0x182d,
+	0xabc: 0x0ee2, 0xabd: 0x0eea, 0xabe: 0x0eda, 0xabf: 0x0ef6,
+	// Block 0x2b, offset 0xac0
+	0xac0: 0x0f06, 0xac1: 0x0f16, 0xac2: 0x0f0a, 0xac3: 0x0f0e, 0xac4: 0x0f1a, 0xac5: 0x0f1e,
+	0xac6: 0x1832, 0xac7: 0x0f02, 0xac8: 0x0f36, 0xac9: 0x0f3a, 0xaca: 0x070e, 0xacb: 0x0f4e,
+	0xacc: 0x0f4a, 0xacd: 0x1837, 0xace: 0x0f2e, 0xacf: 0x0f6a, 0xad0: 0x183c, 0xad1: 0x1841,
+	0xad2: 0x0f6e, 0xad3: 0x0f82, 0xad4: 0x0f7e, 0xad5: 0x0f7a, 0xad6: 0x0712, 0xad7: 0x0f86,
+	0xad8: 0x0f96, 0xad9: 0x0f92, 0xada: 0x0f9e, 0xadb: 0x177e, 0xadc: 0x0fae, 0xadd: 0x1846,
+	0xade: 0x0fba, 0xadf: 0x1850, 0xae0: 0x0fce, 0xae1: 0x0fda, 0xae2: 0x0fee, 0xae3: 0x1855,
+	0xae4: 0x1002, 0xae5: 0x1006, 0xae6: 0x185a, 0xae7: 0x185f, 0xae8: 0x1022, 0xae9: 0x1032,
+	0xaea: 0x0716, 0xaeb: 0x1036, 0xaec: 0x071a, 0xaed: 0x071a, 0xaee: 0x104e, 0xaef: 0x1052,
+	0xaf0: 0x105a, 0xaf1: 0x105e, 0xaf2: 0x106a, 0xaf3: 0x071e, 0xaf4: 0x1082, 0xaf5: 0x1864,
+	0xaf6: 0x109e, 0xaf7: 0x1869, 0xaf8: 0x10aa, 0xaf9: 0x17ce, 0xafa: 0x10ba, 0xafb: 0x186e,
+	0xafc: 0x1873, 0xafd: 0x1878, 0xafe: 0x0722, 0xaff: 0x0726,
+	// Block 0x2c, offset 0xb00
+	0xb00: 0x10f2, 0xb01: 0x1882, 0xb02: 0x187d, 0xb03: 0x1887, 0xb04: 0x188c, 0xb05: 0x10fa,
+	0xb06: 0x10fe, 0xb07: 0x10fe, 0xb08: 0x1106, 0xb09: 0x072e, 0xb0a: 0x110a, 0xb0b: 0x0732,
+	0xb0c: 0x0736, 0xb0d: 0x1896, 0xb0e: 0x111e, 0xb0f: 0x1126, 0xb10: 0x1132, 0xb11: 0x073a,
+	0xb12: 0x189b, 0xb13: 0x1156, 0xb14: 0x18a0, 0xb15: 0x18a5, 0xb16: 0x1176, 0xb17: 0x118e,
+	0xb18: 0x073e, 0xb19: 0x1196, 0xb1a: 0x119a, 0xb1b: 0x119e, 0xb1c: 0x18aa, 0xb1d: 0x18af,
+	0xb1e: 0x18af, 0xb1f: 0x11b6, 0xb20: 0x0742, 0xb21: 0x18b4, 0xb22: 0x11ca, 0xb23: 0x11ce,
+	0xb24: 0x0746, 0xb25: 0x18b9, 0xb26: 0x11ea, 0xb27: 0x074a, 0xb28: 0x11fa, 0xb29: 0x11f2,
+	0xb2a: 0x1202, 0xb2b: 0x18c3, 0xb2c: 0x121a, 0xb2d: 0x074e, 0xb2e: 0x1226, 0xb2f: 0x122e,
+	0xb30: 0x123e, 0xb31: 0x0752, 0xb32: 0x18cd, 0xb33: 0x18d2, 0xb34: 0x0756, 0xb35: 0x18d7,
+	0xb36: 0x1256, 0xb37: 0x18dc, 0xb38: 0x1262, 0xb39: 0x126e, 0xb3a: 0x1276, 0xb3b: 0x18e1,
+	0xb3c: 0x18e6, 0xb3d: 0x128a, 0xb3e: 0x18eb, 0xb3f: 0x1292,
+	// Block 0x2d, offset 0xb40
+	0xb40: 0x17fb, 0xb41: 0x075a, 0xb42: 0x12aa, 0xb43: 0x12ae, 0xb44: 0x0762, 0xb45: 0x12b2,
+	0xb46: 0x0b2e, 0xb47: 0x18f0, 0xb48: 0x18f5, 0xb49: 0x1800, 0xb4a: 0x1805, 0xb4b: 0x12d2,
+	0xb4c: 0x12d6, 0xb4d: 0x14ee, 0xb4e: 0x0766, 0xb4f: 0x1302, 0xb50: 0x12fe, 0xb51: 0x1306,
+	0xb52: 0x093a, 0xb53: 0x130a, 0xb54: 0x130e, 0xb55: 0x1312, 0xb56: 0x131a, 0xb57: 0x18fa,
+	0xb58: 0x1316, 0xb59: 0x131e, 0xb5a: 0x1332, 0xb5b: 0x1336, 0xb5c: 0x1322, 0xb5d: 0x133a,
+	0xb5e: 0x134e, 0xb5f: 0x1362, 0xb60: 0x132e, 0xb61: 0x1342, 0xb62: 0x1346, 0xb63: 0x134a,
+	0xb64: 0x18ff, 0xb65: 0x1909, 0xb66: 0x1904, 0xb67: 0x076a, 0xb68: 0x136a, 0xb69: 0x136e,
+	0xb6a: 0x1376, 0xb6b: 0x191d, 0xb6c: 0x137a, 0xb6d: 0x190e, 0xb6e: 0x076e, 0xb6f: 0x0772,
+	0xb70: 0x1913, 0xb71: 0x1918, 0xb72: 0x0776, 0xb73: 0x139a, 0xb74: 0x139e, 0xb75: 0x13a2,
+	0xb76: 0x13a6, 0xb77: 0x13b2, 0xb78: 0x13ae, 0xb79: 0x13ba, 0xb7a: 0x13b6, 0xb7b: 0x13c6,
+	0xb7c: 0x13be, 0xb7d: 0x13c2, 0xb7e: 0x13ca, 0xb7f: 0x077a,
+	// Block 0x2e, offset 0xb80
+	0xb80: 0x13d2, 0xb81: 0x13d6, 0xb82: 0x077e, 0xb83: 0x13e6, 0xb84: 0x13ea, 0xb85: 0x1922,
+	0xb86: 0x13f6, 0xb87: 0x13fa, 0xb88: 0x0782, 0xb89: 0x1406, 0xb8a: 0x06b6, 0xb8b: 0x1927,
+	0xb8c: 0x192c, 0xb8d: 0x0786, 0xb8e: 0x078a, 0xb8f: 0x1432, 0xb90: 0x144a, 0xb91: 0x1466,
+	0xb92: 0x1476, 0xb93: 0x1931, 0xb94: 0x148a, 0xb95: 0x148e, 0xb96: 0x14a6, 0xb97: 0x14b2,
+	0xb98: 0x193b, 0xb99: 0x178d, 0xb9a: 0x14be, 0xb9b: 0x14ba, 0xb9c: 0x14c6, 0xb9d: 0x1792,
+	0xb9e: 0x14d2, 0xb9f: 0x14de, 0xba0: 0x1940, 0xba1: 0x1945, 0xba2: 0x151e, 0xba3: 0x152a,
+	0xba4: 0x1532, 0xba5: 0x194a, 0xba6: 0x1536, 0xba7: 0x1562, 0xba8: 0x156e, 0xba9: 0x1572,
+	0xbaa: 0x156a, 0xbab: 0x157e, 0xbac: 0x1582, 0xbad: 0x194f, 0xbae: 0x158e, 0xbaf: 0x078e,
+	0xbb0: 0x1596, 0xbb1: 0x1954, 0xbb2: 0x0792, 0xbb3: 0x15ce, 0xbb4: 0x0bbe, 0xbb5: 0x15e6,
+	0xbb6: 0x1959, 0xbb7: 0x1963, 0xbb8: 0x0796, 0xbb9: 0x079a, 0xbba: 0x160e, 0xbbb: 0x1968,
+	0xbbc: 0x079e, 0xbbd: 0x196d, 0xbbe: 0x1626, 0xbbf: 0x1626,
+	// Block 0x2f, offset 0xbc0
+	0xbc0: 0x162e, 0xbc1: 0x1972, 0xbc2: 0x1646, 0xbc3: 0x07a2, 0xbc4: 0x1656, 0xbc5: 0x1662,
+	0xbc6: 0x166a, 0xbc7: 0x1672, 0xbc8: 0x07a6, 0xbc9: 0x1977, 0xbca: 0x1686, 0xbcb: 0x16a2,
+	0xbcc: 0x16ae, 0xbcd: 0x07aa, 0xbce: 0x07ae, 0xbcf: 0x16b2, 0xbd0: 0x197c, 0xbd1: 0x07b2,
+	0xbd2: 0x1981, 0xbd3: 0x1986, 0xbd4: 0x198b, 0xbd5: 0x16d6, 0xbd6: 0x07b6, 0xbd7: 0x16ea,
+	0xbd8: 0x16f2, 0xbd9: 0x16f6, 0xbda: 0x16fe, 0xbdb: 0x1706, 0xbdc: 0x170e, 0xbdd: 0x1995,
+}
+
+// nfcIndex: 22 blocks, 1408 entries, 1408 bytes
+// Block 0 is the zero block.
+var nfcIndex = [1408]uint8{
+	// Block 0x0, offset 0x0
+	// Block 0x1, offset 0x40
+	// Block 0x2, offset 0x80
+	// Block 0x3, offset 0xc0
+	0xc2: 0x2e, 0xc3: 0x01, 0xc4: 0x02, 0xc5: 0x03, 0xc6: 0x2f, 0xc7: 0x04,
+	0xc8: 0x05, 0xca: 0x30, 0xcb: 0x31, 0xcc: 0x06, 0xcd: 0x07, 0xce: 0x08, 0xcf: 0x32,
+	0xd0: 0x09, 0xd1: 0x33, 0xd2: 0x34, 0xd3: 0x0a, 0xd6: 0x0b, 0xd7: 0x35,
+	0xd8: 0x36, 0xd9: 0x0c, 0xdb: 0x37, 0xdc: 0x38, 0xdd: 0x39, 0xdf: 0x3a,
+	0xe0: 0x02, 0xe1: 0x03, 0xe2: 0x04, 0xe3: 0x05,
+	0xea: 0x06, 0xeb: 0x07, 0xec: 0x08, 0xed: 0x09, 0xef: 0x0a,
+	0xf0: 0x13,
+	// Block 0x4, offset 0x100
+	0x120: 0x3b, 0x121: 0x3c, 0x122: 0x3d, 0x123: 0x0d, 0x124: 0x3e, 0x125: 0x3f, 0x126: 0x40, 0x127: 0x41,
+	0x128: 0x42, 0x129: 0x43, 0x12a: 0x44, 0x12b: 0x45, 0x12c: 0x40, 0x12d: 0x46, 0x12e: 0x47, 0x12f: 0x48,
+	0x130: 0x44, 0x131: 0x49, 0x132: 0x4a, 0x133: 0x4b, 0x134: 0x4c, 0x135: 0x4d, 0x137: 0x4e,
+	0x138: 0x4f, 0x139: 0x50, 0x13a: 0x51, 0x13b: 0x52, 0x13c: 0x53, 0x13d: 0x54, 0x13e: 0x55, 0x13f: 0x56,
+	// Block 0x5, offset 0x140
+	0x140: 0x57, 0x142: 0x58, 0x144: 0x59, 0x145: 0x5a, 0x146: 0x5b, 0x147: 0x5c,
+	0x14d: 0x5d,
+	0x15c: 0x5e, 0x15f: 0x5f,
+	0x162: 0x60, 0x164: 0x61,
+	0x168: 0x62, 0x169: 0x63, 0x16a: 0x64, 0x16b: 0x65, 0x16c: 0x0e, 0x16d: 0x66, 0x16e: 0x67, 0x16f: 0x68,
+	0x170: 0x69, 0x173: 0x6a, 0x177: 0x0f,
+	0x178: 0x10, 0x179: 0x11, 0x17a: 0x12, 0x17b: 0x13, 0x17c: 0x14, 0x17d: 0x15, 0x17e: 0x16, 0x17f: 0x17,
+	// Block 0x6, offset 0x180
+	0x180: 0x6b, 0x183: 0x6c, 0x184: 0x6d, 0x186: 0x6e, 0x187: 0x6f,
+	0x188: 0x70, 0x189: 0x18, 0x18a: 0x19, 0x18b: 0x71, 0x18c: 0x72,
+	0x1ab: 0x73,
+	0x1b3: 0x74, 0x1b5: 0x75, 0x1b7: 0x76,
+	// Block 0x7, offset 0x1c0
+	0x1c0: 0x77, 0x1c1: 0x1a, 0x1c2: 0x1b, 0x1c3: 0x1c, 0x1c4: 0x78, 0x1c5: 0x79,
+	0x1c9: 0x7a, 0x1cc: 0x7b, 0x1cd: 0x7c,
+	// Block 0x8, offset 0x200
+	0x219: 0x7d, 0x21a: 0x7e, 0x21b: 0x7f,
+	0x220: 0x80, 0x223: 0x81, 0x224: 0x82, 0x225: 0x83, 0x226: 0x84, 0x227: 0x85,
+	0x22a: 0x86, 0x22b: 0x87, 0x22f: 0x88,
+	0x230: 0x89, 0x231: 0x8a, 0x232: 0x8b, 0x233: 0x8c, 0x234: 0x8d, 0x235: 0x8e, 0x236: 0x8f, 0x237: 0x89,
+	0x238: 0x8a, 0x239: 0x8b, 0x23a: 0x8c, 0x23b: 0x8d, 0x23c: 0x8e, 0x23d: 0x8f, 0x23e: 0x89, 0x23f: 0x8a,
+	// Block 0x9, offset 0x240
+	0x240: 0x8b, 0x241: 0x8c, 0x242: 0x8d, 0x243: 0x8e, 0x244: 0x8f, 0x245: 0x89, 0x246: 0x8a, 0x247: 0x8b,
+	0x248: 0x8c, 0x249: 0x8d, 0x24a: 0x8e, 0x24b: 0x8f, 0x24c: 0x89, 0x24d: 0x8a, 0x24e: 0x8b, 0x24f: 0x8c,
+	0x250: 0x8d, 0x251: 0x8e, 0x252: 0x8f, 0x253: 0x89, 0x254: 0x8a, 0x255: 0x8b, 0x256: 0x8c, 0x257: 0x8d,
+	0x258: 0x8e, 0x259: 0x8f, 0x25a: 0x89, 0x25b: 0x8a, 0x25c: 0x8b, 0x25d: 0x8c, 0x25e: 0x8d, 0x25f: 0x8e,
+	0x260: 0x8f, 0x261: 0x89, 0x262: 0x8a, 0x263: 0x8b, 0x264: 0x8c, 0x265: 0x8d, 0x266: 0x8e, 0x267: 0x8f,
+	0x268: 0x89, 0x269: 0x8a, 0x26a: 0x8b, 0x26b: 0x8c, 0x26c: 0x8d, 0x26d: 0x8e, 0x26e: 0x8f, 0x26f: 0x89,
+	0x270: 0x8a, 0x271: 0x8b, 0x272: 0x8c, 0x273: 0x8d, 0x274: 0x8e, 0x275: 0x8f, 0x276: 0x89, 0x277: 0x8a,
+	0x278: 0x8b, 0x279: 0x8c, 0x27a: 0x8d, 0x27b: 0x8e, 0x27c: 0x8f, 0x27d: 0x89, 0x27e: 0x8a, 0x27f: 0x8b,
+	// Block 0xa, offset 0x280
+	0x280: 0x8c, 0x281: 0x8d, 0x282: 0x8e, 0x283: 0x8f, 0x284: 0x89, 0x285: 0x8a, 0x286: 0x8b, 0x287: 0x8c,
+	0x288: 0x8d, 0x289: 0x8e, 0x28a: 0x8f, 0x28b: 0x89, 0x28c: 0x8a, 0x28d: 0x8b, 0x28e: 0x8c, 0x28f: 0x8d,
+	0x290: 0x8e, 0x291: 0x8f, 0x292: 0x89, 0x293: 0x8a, 0x294: 0x8b, 0x295: 0x8c, 0x296: 0x8d, 0x297: 0x8e,
+	0x298: 0x8f, 0x299: 0x89, 0x29a: 0x8a, 0x29b: 0x8b, 0x29c: 0x8c, 0x29d: 0x8d, 0x29e: 0x8e, 0x29f: 0x8f,
+	0x2a0: 0x89, 0x2a1: 0x8a, 0x2a2: 0x8b, 0x2a3: 0x8c, 0x2a4: 0x8d, 0x2a5: 0x8e, 0x2a6: 0x8f, 0x2a7: 0x89,
+	0x2a8: 0x8a, 0x2a9: 0x8b, 0x2aa: 0x8c, 0x2ab: 0x8d, 0x2ac: 0x8e, 0x2ad: 0x8f, 0x2ae: 0x89, 0x2af: 0x8a,
+	0x2b0: 0x8b, 0x2b1: 0x8c, 0x2b2: 0x8d, 0x2b3: 0x8e, 0x2b4: 0x8f, 0x2b5: 0x89, 0x2b6: 0x8a, 0x2b7: 0x8b,
+	0x2b8: 0x8c, 0x2b9: 0x8d, 0x2ba: 0x8e, 0x2bb: 0x8f, 0x2bc: 0x89, 0x2bd: 0x8a, 0x2be: 0x8b, 0x2bf: 0x8c,
+	// Block 0xb, offset 0x2c0
+	0x2c0: 0x8d, 0x2c1: 0x8e, 0x2c2: 0x8f, 0x2c3: 0x89, 0x2c4: 0x8a, 0x2c5: 0x8b, 0x2c6: 0x8c, 0x2c7: 0x8d,
+	0x2c8: 0x8e, 0x2c9: 0x8f, 0x2ca: 0x89, 0x2cb: 0x8a, 0x2cc: 0x8b, 0x2cd: 0x8c, 0x2ce: 0x8d, 0x2cf: 0x8e,
+	0x2d0: 0x8f, 0x2d1: 0x89, 0x2d2: 0x8a, 0x2d3: 0x8b, 0x2d4: 0x8c, 0x2d5: 0x8d, 0x2d6: 0x8e, 0x2d7: 0x8f,
+	0x2d8: 0x89, 0x2d9: 0x8a, 0x2da: 0x8b, 0x2db: 0x8c, 0x2dc: 0x8d, 0x2dd: 0x8e, 0x2de: 0x90,
+	// Block 0xc, offset 0x300
+	0x324: 0x1d, 0x325: 0x1e, 0x326: 0x1f, 0x327: 0x20,
+	0x328: 0x21, 0x329: 0x22, 0x32a: 0x23, 0x32b: 0x24, 0x32c: 0x91, 0x32d: 0x92, 0x32e: 0x93,
+	0x331: 0x94, 0x332: 0x95, 0x333: 0x96, 0x334: 0x97,
+	0x338: 0x98, 0x339: 0x99, 0x33a: 0x9a, 0x33b: 0x9b, 0x33e: 0x9c, 0x33f: 0x9d,
+	// Block 0xd, offset 0x340
+	0x347: 0x9e,
+	0x34b: 0x9f, 0x34d: 0xa0,
+	0x368: 0xa1, 0x36b: 0xa2,
+	0x374: 0xa3,
+	0x37a: 0xa4, 0x37b: 0xa5, 0x37d: 0xa6, 0x37e: 0xa7,
+	// Block 0xe, offset 0x380
+	0x381: 0xa8, 0x382: 0xa9, 0x384: 0xaa, 0x385: 0x84, 0x387: 0xab,
+	0x388: 0xac, 0x38b: 0xad, 0x38c: 0xae, 0x38d: 0xaf,
+	0x391: 0xb0, 0x392: 0xb1, 0x393: 0xb2, 0x396: 0xb3, 0x397: 0xb4,
+	0x398: 0x75, 0x39a: 0xb5, 0x39c: 0xb6,
+	0x3a0: 0xb7, 0x3a4: 0xb8, 0x3a5: 0xb9, 0x3a7: 0xba,
+	0x3a8: 0xbb, 0x3a9: 0xbc, 0x3aa: 0xbd,
+	0x3b0: 0x75, 0x3b5: 0xbe, 0x3b6: 0xbf,
+	0x3bd: 0xc0,
+	// Block 0xf, offset 0x3c0
+	0x3eb: 0xc1, 0x3ec: 0xc2,
+	0x3ff: 0xc3,
+	// Block 0x10, offset 0x400
+	0x432: 0xc4,
+	// Block 0x11, offset 0x440
+	0x445: 0xc5, 0x446: 0xc6, 0x447: 0xc7,
+	0x449: 0xc8,
+	// Block 0x12, offset 0x480
+	0x480: 0xc9, 0x482: 0xca, 0x484: 0xc2,
+	0x48a: 0xcb, 0x48b: 0xcc,
+	0x493: 0xcd,
+	0x4a3: 0xce, 0x4a5: 0xcf,
+	// Block 0x13, offset 0x4c0
+	0x4c8: 0xd0,
+	// Block 0x14, offset 0x500
+	0x520: 0x25, 0x521: 0x26, 0x522: 0x27, 0x523: 0x28, 0x524: 0x29, 0x525: 0x2a, 0x526: 0x2b, 0x527: 0x2c,
+	0x528: 0x2d,
+	// Block 0x15, offset 0x540
+	0x550: 0x0b, 0x551: 0x0c, 0x556: 0x0d,
+	0x55b: 0x0e, 0x55d: 0x0f, 0x55e: 0x10, 0x55f: 0x11,
+	0x56f: 0x12,
+}
+
+// nfcSparseOffset: 163 entries, 326 bytes
+var nfcSparseOffset = []uint16{0x0, 0x5, 0x9, 0xb, 0xd, 0x18, 0x28, 0x2a, 0x2f, 0x3a, 0x49, 0x56, 0x5e, 0x63, 0x68, 0x6a, 0x6e, 0x76, 0x7d, 0x80, 0x88, 0x8c, 0x90, 0x92, 0x94, 0x9d, 0xa1, 0xa8, 0xad, 0xb0, 0xba, 0xbd, 0xc4, 0xcc, 0xcf, 0xd1, 0xd4, 0xd6, 0xdb, 0xec, 0xf8, 0xfa, 0x100, 0x102, 0x104, 0x106, 0x108, 0x10a, 0x10c, 0x10f, 0x112, 0x114, 0x117, 0x11a, 0x11e, 0x124, 0x12b, 0x134, 0x136, 0x139, 0x13b, 0x146, 0x14a, 0x158, 0x15b, 0x161, 0x167, 0x172, 0x176, 0x178, 0x17a, 0x17c, 0x17e, 0x180, 0x186, 0x18a, 0x18c, 0x18e, 0x196, 0x19a, 0x19d, 0x19f, 0x1a1, 0x1a4, 0x1a7, 0x1a9, 0x1ab, 0x1ad, 0x1af, 0x1b5, 0x1b8, 0x1ba, 0x1c1, 0x1c7, 0x1cd, 0x1d5, 0x1db, 0x1e1, 0x1e7, 0x1eb, 0x1f9, 0x202, 0x205, 0x208, 0x20a, 0x20d, 0x20f, 0x213, 0x218, 0x21a, 0x21c, 0x221, 0x227, 0x229, 0x22b, 0x22d, 0x233, 0x236, 0x238, 0x23a, 0x23c, 0x242, 0x246, 0x24a, 0x252, 0x259, 0x25c, 0x25f, 0x261, 0x264, 0x26c, 0x270, 0x277, 0x27a, 0x280, 0x282, 0x285, 0x287, 0x28a, 0x28f, 0x291, 0x293, 0x295, 0x297, 0x299, 0x29c, 0x29e, 0x2a0, 0x2a2, 0x2a4, 0x2a6, 0x2a8, 0x2b5, 0x2bf, 0x2c1, 0x2c3, 0x2c9, 0x2cb, 0x2cd, 0x2cf, 0x2d3, 0x2d5, 0x2d8}
+
+// nfcSparseValues: 730 entries, 2920 bytes
+var nfcSparseValues = [730]valueRange{
+	// Block 0x0, offset 0x0
+	{value: 0x0000, lo: 0x04},
+	{value: 0xa100, lo: 0xa8, hi: 0xa8},
+	{value: 0x8100, lo: 0xaf, hi: 0xaf},
+	{value: 0x8100, lo: 0xb4, hi: 0xb4},
+	{value: 0x8100, lo: 0xb8, hi: 0xb8},
+	// Block 0x1, offset 0x5
+	{value: 0x0091, lo: 0x03},
+	{value: 0x4823, lo: 0xa0, hi: 0xa1},
+	{value: 0x4855, lo: 0xaf, hi: 0xb0},
+	{value: 0xa000, lo: 0xb7, hi: 0xb7},
+	// Block 0x2, offset 0x9
+	{value: 0x0000, lo: 0x01},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	// Block 0x3, offset 0xb
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8100, lo: 0x98, hi: 0x9d},
+	// Block 0x4, offset 0xd
+	{value: 0x0006, lo: 0x0a},
+	{value: 0xa000, lo: 0x81, hi: 0x81},
+	{value: 0xa000, lo: 0x85, hi: 0x85},
+	{value: 0xa000, lo: 0x89, hi: 0x89},
+	{value: 0x4981, lo: 0x8a, hi: 0x8a},
+	{value: 0x499f, lo: 0x8b, hi: 0x8b},
+	{value: 0x3808, lo: 0x8c, hi: 0x8c},
+	{value: 0x3820, lo: 0x8d, hi: 0x8d},
+	{value: 0x49b7, lo: 0x8e, hi: 0x8e},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0x383e, lo: 0x93, hi: 0x94},
+	// Block 0x5, offset 0x18
+	{value: 0x0000, lo: 0x0f},
+	{value: 0xa000, lo: 0x83, hi: 0x83},
+	{value: 0xa000, lo: 0x87, hi: 0x87},
+	{value: 0xa000, lo: 0x8b, hi: 0x8b},
+	{value: 0xa000, lo: 0x8d, hi: 0x8d},
+	{value: 0x38e6, lo: 0x90, hi: 0x90},
+	{value: 0x38f2, lo: 0x91, hi: 0x91},
+	{value: 0x38e0, lo: 0x93, hi: 0x93},
+	{value: 0xa000, lo: 0x96, hi: 0x96},
+	{value: 0x3958, lo: 0x97, hi: 0x97},
+	{value: 0x3922, lo: 0x9c, hi: 0x9c},
+	{value: 0x390a, lo: 0x9d, hi: 0x9d},
+	{value: 0x3934, lo: 0x9e, hi: 0x9e},
+	{value: 0xa000, lo: 0xb4, hi: 0xb5},
+	{value: 0x395e, lo: 0xb6, hi: 0xb6},
+	{value: 0x3964, lo: 0xb7, hi: 0xb7},
+	// Block 0x6, offset 0x28
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0x83, hi: 0x87},
+	// Block 0x7, offset 0x2a
+	{value: 0x0001, lo: 0x04},
+	{value: 0x8114, lo: 0x81, hi: 0x82},
+	{value: 0x8133, lo: 0x84, hi: 0x84},
+	{value: 0x812e, lo: 0x85, hi: 0x85},
+	{value: 0x810e, lo: 0x87, hi: 0x87},
+	// Block 0x8, offset 0x2f
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x8133, lo: 0x90, hi: 0x97},
+	{value: 0x811a, lo: 0x98, hi: 0x98},
+	{value: 0x811b, lo: 0x99, hi: 0x99},
+	{value: 0x811c, lo: 0x9a, hi: 0x9a},
+	{value: 0x3982, lo: 0xa2, hi: 0xa2},
+	{value: 0x3988, lo: 0xa3, hi: 0xa3},
+	{value: 0x3994, lo: 0xa4, hi: 0xa4},
+	{value: 0x398e, lo: 0xa5, hi: 0xa5},
+	{value: 0x399a, lo: 0xa6, hi: 0xa6},
+	{value: 0xa000, lo: 0xa7, hi: 0xa7},
+	// Block 0x9, offset 0x3a
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x39ac, lo: 0x80, hi: 0x80},
+	{value: 0xa000, lo: 0x81, hi: 0x81},
+	{value: 0x39a0, lo: 0x82, hi: 0x82},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0x39a6, lo: 0x93, hi: 0x93},
+	{value: 0xa000, lo: 0x95, hi: 0x95},
+	{value: 0x8133, lo: 0x96, hi: 0x9c},
+	{value: 0x8133, lo: 0x9f, hi: 0xa2},
+	{value: 0x812e, lo: 0xa3, hi: 0xa3},
+	{value: 0x8133, lo: 0xa4, hi: 0xa4},
+	{value: 0x8133, lo: 0xa7, hi: 0xa8},
+	{value: 0x812e, lo: 0xaa, hi: 0xaa},
+	{value: 0x8133, lo: 0xab, hi: 0xac},
+	{value: 0x812e, lo: 0xad, hi: 0xad},
+	// Block 0xa, offset 0x49
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x8120, lo: 0x91, hi: 0x91},
+	{value: 0x8133, lo: 0xb0, hi: 0xb0},
+	{value: 0x812e, lo: 0xb1, hi: 0xb1},
+	{value: 0x8133, lo: 0xb2, hi: 0xb3},
+	{value: 0x812e, lo: 0xb4, hi: 0xb4},
+	{value: 0x8133, lo: 0xb5, hi: 0xb6},
+	{value: 0x812e, lo: 0xb7, hi: 0xb9},
+	{value: 0x8133, lo: 0xba, hi: 0xba},
+	{value: 0x812e, lo: 0xbb, hi: 0xbc},
+	{value: 0x8133, lo: 0xbd, hi: 0xbd},
+	{value: 0x812e, lo: 0xbe, hi: 0xbe},
+	{value: 0x8133, lo: 0xbf, hi: 0xbf},
+	// Block 0xb, offset 0x56
+	{value: 0x0005, lo: 0x07},
+	{value: 0x8133, lo: 0x80, hi: 0x80},
+	{value: 0x8133, lo: 0x81, hi: 0x81},
+	{value: 0x812e, lo: 0x82, hi: 0x83},
+	{value: 0x812e, lo: 0x84, hi: 0x85},
+	{value: 0x812e, lo: 0x86, hi: 0x87},
+	{value: 0x812e, lo: 0x88, hi: 0x89},
+	{value: 0x8133, lo: 0x8a, hi: 0x8a},
+	// Block 0xc, offset 0x5e
+	{value: 0x0000, lo: 0x04},
+	{value: 0x8133, lo: 0xab, hi: 0xb1},
+	{value: 0x812e, lo: 0xb2, hi: 0xb2},
+	{value: 0x8133, lo: 0xb3, hi: 0xb3},
+	{value: 0x812e, lo: 0xbd, hi: 0xbd},
+	// Block 0xd, offset 0x63
+	{value: 0x0000, lo: 0x04},
+	{value: 0x8133, lo: 0x96, hi: 0x99},
+	{value: 0x8133, lo: 0x9b, hi: 0xa3},
+	{value: 0x8133, lo: 0xa5, hi: 0xa7},
+	{value: 0x8133, lo: 0xa9, hi: 0xad},
+	// Block 0xe, offset 0x68
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0x99, hi: 0x9b},
+	// Block 0xf, offset 0x6a
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8133, lo: 0x98, hi: 0x98},
+	{value: 0x812e, lo: 0x99, hi: 0x9b},
+	{value: 0x8133, lo: 0x9c, hi: 0x9f},
+	// Block 0x10, offset 0x6e
+	{value: 0x0000, lo: 0x07},
+	{value: 0xa000, lo: 0xa8, hi: 0xa8},
+	{value: 0x4019, lo: 0xa9, hi: 0xa9},
+	{value: 0xa000, lo: 0xb0, hi: 0xb0},
+	{value: 0x4021, lo: 0xb1, hi: 0xb1},
+	{value: 0xa000, lo: 0xb3, hi: 0xb3},
+	{value: 0x4029, lo: 0xb4, hi: 0xb4},
+	{value: 0x9903, lo: 0xbc, hi: 0xbc},
+	// Block 0x11, offset 0x76
+	{value: 0x0008, lo: 0x06},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x8133, lo: 0x91, hi: 0x91},
+	{value: 0x812e, lo: 0x92, hi: 0x92},
+	{value: 0x8133, lo: 0x93, hi: 0x93},
+	{value: 0x8133, lo: 0x94, hi: 0x94},
+	{value: 0x465d, lo: 0x98, hi: 0x9f},
+	// Block 0x12, offset 0x7d
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0xbc, hi: 0xbc},
+	{value: 0x9900, lo: 0xbe, hi: 0xbe},
+	// Block 0x13, offset 0x80
+	{value: 0x0008, lo: 0x07},
+	{value: 0xa000, lo: 0x87, hi: 0x87},
+	{value: 0x2dd5, lo: 0x8b, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x97, hi: 0x97},
+	{value: 0x469d, lo: 0x9c, hi: 0x9d},
+	{value: 0x46ad, lo: 0x9f, hi: 0x9f},
+	{value: 0x8133, lo: 0xbe, hi: 0xbe},
+	// Block 0x14, offset 0x88
+	{value: 0x0000, lo: 0x03},
+	{value: 0x46d5, lo: 0xb3, hi: 0xb3},
+	{value: 0x46dd, lo: 0xb6, hi: 0xb6},
+	{value: 0x8103, lo: 0xbc, hi: 0xbc},
+	// Block 0x15, offset 0x8c
+	{value: 0x0008, lo: 0x03},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x46b5, lo: 0x99, hi: 0x9b},
+	{value: 0x46cd, lo: 0x9e, hi: 0x9e},
+	// Block 0x16, offset 0x90
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0xbc, hi: 0xbc},
+	// Block 0x17, offset 0x92
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	// Block 0x18, offset 0x94
+	{value: 0x0000, lo: 0x08},
+	{value: 0xa000, lo: 0x87, hi: 0x87},
+	{value: 0x2ded, lo: 0x88, hi: 0x88},
+	{value: 0x2de5, lo: 0x8b, hi: 0x8b},
+	{value: 0x2df5, lo: 0x8c, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x96, hi: 0x97},
+	{value: 0x46e5, lo: 0x9c, hi: 0x9c},
+	{value: 0x46ed, lo: 0x9d, hi: 0x9d},
+	// Block 0x19, offset 0x9d
+	{value: 0x0000, lo: 0x03},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0x2dfd, lo: 0x94, hi: 0x94},
+	{value: 0x9900, lo: 0xbe, hi: 0xbe},
+	// Block 0x1a, offset 0xa1
+	{value: 0x0000, lo: 0x06},
+	{value: 0xa000, lo: 0x86, hi: 0x87},
+	{value: 0x2e05, lo: 0x8a, hi: 0x8a},
+	{value: 0x2e15, lo: 0x8b, hi: 0x8b},
+	{value: 0x2e0d, lo: 0x8c, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x97, hi: 0x97},
+	// Block 0x1b, offset 0xa8
+	{value: 0x1801, lo: 0x04},
+	{value: 0xa000, lo: 0x86, hi: 0x86},
+	{value: 0x4031, lo: 0x88, hi: 0x88},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x8121, lo: 0x95, hi: 0x96},
+	// Block 0x1c, offset 0xad
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0xbc, hi: 0xbc},
+	{value: 0xa000, lo: 0xbf, hi: 0xbf},
+	// Block 0x1d, offset 0xb0
+	{value: 0x0000, lo: 0x09},
+	{value: 0x2e1d, lo: 0x80, hi: 0x80},
+	{value: 0x9900, lo: 0x82, hi: 0x82},
+	{value: 0xa000, lo: 0x86, hi: 0x86},
+	{value: 0x2e25, lo: 0x87, hi: 0x87},
+	{value: 0x2e2d, lo: 0x88, hi: 0x88},
+	{value: 0x3091, lo: 0x8a, hi: 0x8a},
+	{value: 0x2f19, lo: 0x8b, hi: 0x8b},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x95, hi: 0x96},
+	// Block 0x1e, offset 0xba
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0xbb, hi: 0xbc},
+	{value: 0x9900, lo: 0xbe, hi: 0xbe},
+	// Block 0x1f, offset 0xbd
+	{value: 0x0000, lo: 0x06},
+	{value: 0xa000, lo: 0x86, hi: 0x87},
+	{value: 0x2e35, lo: 0x8a, hi: 0x8a},
+	{value: 0x2e45, lo: 0x8b, hi: 0x8b},
+	{value: 0x2e3d, lo: 0x8c, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x97, hi: 0x97},
+	// Block 0x20, offset 0xc4
+	{value: 0x6ab3, lo: 0x07},
+	{value: 0x9905, lo: 0x8a, hi: 0x8a},
+	{value: 0x9900, lo: 0x8f, hi: 0x8f},
+	{value: 0xa000, lo: 0x99, hi: 0x99},
+	{value: 0x4039, lo: 0x9a, hi: 0x9a},
+	{value: 0x3099, lo: 0x9c, hi: 0x9c},
+	{value: 0x2f24, lo: 0x9d, hi: 0x9d},
+	{value: 0x2e4d, lo: 0x9e, hi: 0x9f},
+	// Block 0x21, offset 0xcc
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8123, lo: 0xb8, hi: 0xb9},
+	{value: 0x8105, lo: 0xba, hi: 0xba},
+	// Block 0x22, offset 0xcf
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8124, lo: 0x88, hi: 0x8b},
+	// Block 0x23, offset 0xd1
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8125, lo: 0xb8, hi: 0xb9},
+	{value: 0x8105, lo: 0xba, hi: 0xba},
+	// Block 0x24, offset 0xd4
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8126, lo: 0x88, hi: 0x8b},
+	// Block 0x25, offset 0xd6
+	{value: 0x0000, lo: 0x04},
+	{value: 0x812e, lo: 0x98, hi: 0x99},
+	{value: 0x812e, lo: 0xb5, hi: 0xb5},
+	{value: 0x812e, lo: 0xb7, hi: 0xb7},
+	{value: 0x812c, lo: 0xb9, hi: 0xb9},
+	// Block 0x26, offset 0xdb
+	{value: 0x0000, lo: 0x10},
+	{value: 0x2774, lo: 0x83, hi: 0x83},
+	{value: 0x277b, lo: 0x8d, hi: 0x8d},
+	{value: 0x2782, lo: 0x92, hi: 0x92},
+	{value: 0x2789, lo: 0x97, hi: 0x97},
+	{value: 0x2790, lo: 0x9c, hi: 0x9c},
+	{value: 0x276d, lo: 0xa9, hi: 0xa9},
+	{value: 0x8127, lo: 0xb1, hi: 0xb1},
+	{value: 0x8128, lo: 0xb2, hi: 0xb2},
+	{value: 0x4bc5, lo: 0xb3, hi: 0xb3},
+	{value: 0x8129, lo: 0xb4, hi: 0xb4},
+	{value: 0x4bce, lo: 0xb5, hi: 0xb5},
+	{value: 0x46f5, lo: 0xb6, hi: 0xb6},
+	{value: 0x8200, lo: 0xb7, hi: 0xb7},
+	{value: 0x46fd, lo: 0xb8, hi: 0xb8},
+	{value: 0x8200, lo: 0xb9, hi: 0xb9},
+	{value: 0x8128, lo: 0xba, hi: 0xbd},
+	// Block 0x27, offset 0xec
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x8128, lo: 0x80, hi: 0x80},
+	{value: 0x4bd7, lo: 0x81, hi: 0x81},
+	{value: 0x8133, lo: 0x82, hi: 0x83},
+	{value: 0x8105, lo: 0x84, hi: 0x84},
+	{value: 0x8133, lo: 0x86, hi: 0x87},
+	{value: 0x279e, lo: 0x93, hi: 0x93},
+	{value: 0x27a5, lo: 0x9d, hi: 0x9d},
+	{value: 0x27ac, lo: 0xa2, hi: 0xa2},
+	{value: 0x27b3, lo: 0xa7, hi: 0xa7},
+	{value: 0x27ba, lo: 0xac, hi: 0xac},
+	{value: 0x2797, lo: 0xb9, hi: 0xb9},
+	// Block 0x28, offset 0xf8
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0x86, hi: 0x86},
+	// Block 0x29, offset 0xfa
+	{value: 0x0000, lo: 0x05},
+	{value: 0xa000, lo: 0xa5, hi: 0xa5},
+	{value: 0x2e55, lo: 0xa6, hi: 0xa6},
+	{value: 0x9900, lo: 0xae, hi: 0xae},
+	{value: 0x8103, lo: 0xb7, hi: 0xb7},
+	{value: 0x8105, lo: 0xb9, hi: 0xba},
+	// Block 0x2a, offset 0x100
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0x8d, hi: 0x8d},
+	// Block 0x2b, offset 0x102
+	{value: 0x0000, lo: 0x01},
+	{value: 0xa000, lo: 0x80, hi: 0x92},
+	// Block 0x2c, offset 0x104
+	{value: 0x0000, lo: 0x01},
+	{value: 0xb900, lo: 0xa1, hi: 0xb5},
+	// Block 0x2d, offset 0x106
+	{value: 0x0000, lo: 0x01},
+	{value: 0x9900, lo: 0xa8, hi: 0xbf},
+	// Block 0x2e, offset 0x108
+	{value: 0x0000, lo: 0x01},
+	{value: 0x9900, lo: 0x80, hi: 0x82},
+	// Block 0x2f, offset 0x10a
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0x9d, hi: 0x9f},
+	// Block 0x30, offset 0x10c
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x94, hi: 0x95},
+	{value: 0x8105, lo: 0xb4, hi: 0xb4},
+	// Block 0x31, offset 0x10f
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x92, hi: 0x92},
+	{value: 0x8133, lo: 0x9d, hi: 0x9d},
+	// Block 0x32, offset 0x112
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8132, lo: 0xa9, hi: 0xa9},
+	// Block 0x33, offset 0x114
+	{value: 0x0004, lo: 0x02},
+	{value: 0x812f, lo: 0xb9, hi: 0xba},
+	{value: 0x812e, lo: 0xbb, hi: 0xbb},
+	// Block 0x34, offset 0x117
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0x97, hi: 0x97},
+	{value: 0x812e, lo: 0x98, hi: 0x98},
+	// Block 0x35, offset 0x11a
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8105, lo: 0xa0, hi: 0xa0},
+	{value: 0x8133, lo: 0xb5, hi: 0xbc},
+	{value: 0x812e, lo: 0xbf, hi: 0xbf},
+	// Block 0x36, offset 0x11e
+	{value: 0x0000, lo: 0x05},
+	{value: 0x8133, lo: 0xb0, hi: 0xb4},
+	{value: 0x812e, lo: 0xb5, hi: 0xba},
+	{value: 0x8133, lo: 0xbb, hi: 0xbc},
+	{value: 0x812e, lo: 0xbd, hi: 0xbd},
+	{value: 0x812e, lo: 0xbf, hi: 0xbf},
+	// Block 0x37, offset 0x124
+	{value: 0x0000, lo: 0x06},
+	{value: 0x812e, lo: 0x80, hi: 0x80},
+	{value: 0x8133, lo: 0x81, hi: 0x82},
+	{value: 0x812e, lo: 0x83, hi: 0x84},
+	{value: 0x8133, lo: 0x85, hi: 0x89},
+	{value: 0x812e, lo: 0x8a, hi: 0x8a},
+	{value: 0x8133, lo: 0x8b, hi: 0x8e},
+	// Block 0x38, offset 0x12b
+	{value: 0x0000, lo: 0x08},
+	{value: 0x2e9d, lo: 0x80, hi: 0x80},
+	{value: 0x2ea5, lo: 0x81, hi: 0x81},
+	{value: 0xa000, lo: 0x82, hi: 0x82},
+	{value: 0x2ead, lo: 0x83, hi: 0x83},
+	{value: 0x8105, lo: 0x84, hi: 0x84},
+	{value: 0x8133, lo: 0xab, hi: 0xab},
+	{value: 0x812e, lo: 0xac, hi: 0xac},
+	{value: 0x8133, lo: 0xad, hi: 0xb3},
+	// Block 0x39, offset 0x134
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xaa, hi: 0xab},
+	// Block 0x3a, offset 0x136
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0xa6, hi: 0xa6},
+	{value: 0x8105, lo: 0xb2, hi: 0xb3},
+	// Block 0x3b, offset 0x139
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0xb7, hi: 0xb7},
+	// Block 0x3c, offset 0x13b
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x8133, lo: 0x90, hi: 0x92},
+	{value: 0x8101, lo: 0x94, hi: 0x94},
+	{value: 0x812e, lo: 0x95, hi: 0x99},
+	{value: 0x8133, lo: 0x9a, hi: 0x9b},
+	{value: 0x812e, lo: 0x9c, hi: 0x9f},
+	{value: 0x8133, lo: 0xa0, hi: 0xa0},
+	{value: 0x8101, lo: 0xa2, hi: 0xa8},
+	{value: 0x812e, lo: 0xad, hi: 0xad},
+	{value: 0x8133, lo: 0xb4, hi: 0xb4},
+	{value: 0x8133, lo: 0xb8, hi: 0xb9},
+	// Block 0x3d, offset 0x146
+	{value: 0x0004, lo: 0x03},
+	{value: 0x052a, lo: 0x80, hi: 0x81},
+	{value: 0x8100, lo: 0x97, hi: 0x97},
+	{value: 0x8100, lo: 0xbe, hi: 0xbe},
+	// Block 0x3e, offset 0x14a
+	{value: 0x0000, lo: 0x0d},
+	{value: 0x8133, lo: 0x90, hi: 0x91},
+	{value: 0x8101, lo: 0x92, hi: 0x93},
+	{value: 0x8133, lo: 0x94, hi: 0x97},
+	{value: 0x8101, lo: 0x98, hi: 0x9a},
+	{value: 0x8133, lo: 0x9b, hi: 0x9c},
+	{value: 0x8133, lo: 0xa1, hi: 0xa1},
+	{value: 0x8101, lo: 0xa5, hi: 0xa6},
+	{value: 0x8133, lo: 0xa7, hi: 0xa7},
+	{value: 0x812e, lo: 0xa8, hi: 0xa8},
+	{value: 0x8133, lo: 0xa9, hi: 0xa9},
+	{value: 0x8101, lo: 0xaa, hi: 0xab},
+	{value: 0x812e, lo: 0xac, hi: 0xaf},
+	{value: 0x8133, lo: 0xb0, hi: 0xb0},
+	// Block 0x3f, offset 0x158
+	{value: 0x43bc, lo: 0x02},
+	{value: 0x023c, lo: 0xa6, hi: 0xa6},
+	{value: 0x0057, lo: 0xaa, hi: 0xab},
+	// Block 0x40, offset 0x15b
+	{value: 0x0007, lo: 0x05},
+	{value: 0xa000, lo: 0x90, hi: 0x90},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0xa000, lo: 0x94, hi: 0x94},
+	{value: 0x3cfa, lo: 0x9a, hi: 0x9b},
+	{value: 0x3d08, lo: 0xae, hi: 0xae},
+	// Block 0x41, offset 0x161
+	{value: 0x000e, lo: 0x05},
+	{value: 0x3d0f, lo: 0x8d, hi: 0x8e},
+	{value: 0x3d16, lo: 0x8f, hi: 0x8f},
+	{value: 0xa000, lo: 0x90, hi: 0x90},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0xa000, lo: 0x94, hi: 0x94},
+	// Block 0x42, offset 0x167
+	{value: 0x62c7, lo: 0x0a},
+	{value: 0xa000, lo: 0x83, hi: 0x83},
+	{value: 0x3d24, lo: 0x84, hi: 0x84},
+	{value: 0xa000, lo: 0x88, hi: 0x88},
+	{value: 0x3d2b, lo: 0x89, hi: 0x89},
+	{value: 0xa000, lo: 0x8b, hi: 0x8b},
+	{value: 0x3d32, lo: 0x8c, hi: 0x8c},
+	{value: 0xa000, lo: 0xa3, hi: 0xa3},
+	{value: 0x3d39, lo: 0xa4, hi: 0xa5},
+	{value: 0x3d40, lo: 0xa6, hi: 0xa6},
+	{value: 0xa000, lo: 0xbc, hi: 0xbc},
+	// Block 0x43, offset 0x172
+	{value: 0x0007, lo: 0x03},
+	{value: 0x3da9, lo: 0xa0, hi: 0xa1},
+	{value: 0x3dd3, lo: 0xa2, hi: 0xa3},
+	{value: 0x3dfd, lo: 0xaa, hi: 0xad},
+	// Block 0x44, offset 0x176
+	{value: 0x0004, lo: 0x01},
+	{value: 0x0586, lo: 0xa9, hi: 0xaa},
+	// Block 0x45, offset 0x178
+	{value: 0x0000, lo: 0x01},
+	{value: 0x461e, lo: 0x9c, hi: 0x9c},
+	// Block 0x46, offset 0x17a
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xaf, hi: 0xb1},
+	// Block 0x47, offset 0x17c
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xbf, hi: 0xbf},
+	// Block 0x48, offset 0x17e
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xa0, hi: 0xbf},
+	// Block 0x49, offset 0x180
+	{value: 0x0000, lo: 0x05},
+	{value: 0x812d, lo: 0xaa, hi: 0xaa},
+	{value: 0x8132, lo: 0xab, hi: 0xab},
+	{value: 0x8134, lo: 0xac, hi: 0xac},
+	{value: 0x812f, lo: 0xad, hi: 0xad},
+	{value: 0x8130, lo: 0xae, hi: 0xaf},
+	// Block 0x4a, offset 0x186
+	{value: 0x0000, lo: 0x03},
+	{value: 0x4be0, lo: 0xb3, hi: 0xb3},
+	{value: 0x4be0, lo: 0xb5, hi: 0xb6},
+	{value: 0x4be0, lo: 0xba, hi: 0xbf},
+	// Block 0x4b, offset 0x18a
+	{value: 0x0000, lo: 0x01},
+	{value: 0x4be0, lo: 0x8f, hi: 0xa3},
+	// Block 0x4c, offset 0x18c
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8100, lo: 0xae, hi: 0xbe},
+	// Block 0x4d, offset 0x18e
+	{value: 0x0000, lo: 0x07},
+	{value: 0x8100, lo: 0x84, hi: 0x84},
+	{value: 0x8100, lo: 0x87, hi: 0x87},
+	{value: 0x8100, lo: 0x90, hi: 0x90},
+	{value: 0x8100, lo: 0x9e, hi: 0x9e},
+	{value: 0x8100, lo: 0xa1, hi: 0xa1},
+	{value: 0x8100, lo: 0xb2, hi: 0xb2},
+	{value: 0x8100, lo: 0xbb, hi: 0xbb},
+	// Block 0x4e, offset 0x196
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8100, lo: 0x80, hi: 0x80},
+	{value: 0x8100, lo: 0x8b, hi: 0x8b},
+	{value: 0x8100, lo: 0x8e, hi: 0x8e},
+	// Block 0x4f, offset 0x19a
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0xaf, hi: 0xaf},
+	{value: 0x8133, lo: 0xb4, hi: 0xbd},
+	// Block 0x50, offset 0x19d
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0x9e, hi: 0x9f},
+	// Block 0x51, offset 0x19f
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xb0, hi: 0xb1},
+	// Block 0x52, offset 0x1a1
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x86, hi: 0x86},
+	{value: 0x8105, lo: 0xac, hi: 0xac},
+	// Block 0x53, offset 0x1a4
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x84, hi: 0x84},
+	{value: 0x8133, lo: 0xa0, hi: 0xb1},
+	// Block 0x54, offset 0x1a7
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0xab, hi: 0xad},
+	// Block 0x55, offset 0x1a9
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x93, hi: 0x93},
+	// Block 0x56, offset 0x1ab
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0xb3, hi: 0xb3},
+	// Block 0x57, offset 0x1ad
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x80, hi: 0x80},
+	// Block 0x58, offset 0x1af
+	{value: 0x0000, lo: 0x05},
+	{value: 0x8133, lo: 0xb0, hi: 0xb0},
+	{value: 0x8133, lo: 0xb2, hi: 0xb3},
+	{value: 0x812e, lo: 0xb4, hi: 0xb4},
+	{value: 0x8133, lo: 0xb7, hi: 0xb8},
+	{value: 0x8133, lo: 0xbe, hi: 0xbf},
+	// Block 0x59, offset 0x1b5
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0x81, hi: 0x81},
+	{value: 0x8105, lo: 0xb6, hi: 0xb6},
+	// Block 0x5a, offset 0x1b8
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xad, hi: 0xad},
+	// Block 0x5b, offset 0x1ba
+	{value: 0x0000, lo: 0x06},
+	{value: 0xe500, lo: 0x80, hi: 0x80},
+	{value: 0xc600, lo: 0x81, hi: 0x9b},
+	{value: 0xe500, lo: 0x9c, hi: 0x9c},
+	{value: 0xc600, lo: 0x9d, hi: 0xb7},
+	{value: 0xe500, lo: 0xb8, hi: 0xb8},
+	{value: 0xc600, lo: 0xb9, hi: 0xbf},
+	// Block 0x5c, offset 0x1c1
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x93},
+	{value: 0xe500, lo: 0x94, hi: 0x94},
+	{value: 0xc600, lo: 0x95, hi: 0xaf},
+	{value: 0xe500, lo: 0xb0, hi: 0xb0},
+	{value: 0xc600, lo: 0xb1, hi: 0xbf},
+	// Block 0x5d, offset 0x1c7
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x8b},
+	{value: 0xe500, lo: 0x8c, hi: 0x8c},
+	{value: 0xc600, lo: 0x8d, hi: 0xa7},
+	{value: 0xe500, lo: 0xa8, hi: 0xa8},
+	{value: 0xc600, lo: 0xa9, hi: 0xbf},
+	// Block 0x5e, offset 0x1cd
+	{value: 0x0000, lo: 0x07},
+	{value: 0xc600, lo: 0x80, hi: 0x83},
+	{value: 0xe500, lo: 0x84, hi: 0x84},
+	{value: 0xc600, lo: 0x85, hi: 0x9f},
+	{value: 0xe500, lo: 0xa0, hi: 0xa0},
+	{value: 0xc600, lo: 0xa1, hi: 0xbb},
+	{value: 0xe500, lo: 0xbc, hi: 0xbc},
+	{value: 0xc600, lo: 0xbd, hi: 0xbf},
+	// Block 0x5f, offset 0x1d5
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x97},
+	{value: 0xe500, lo: 0x98, hi: 0x98},
+	{value: 0xc600, lo: 0x99, hi: 0xb3},
+	{value: 0xe500, lo: 0xb4, hi: 0xb4},
+	{value: 0xc600, lo: 0xb5, hi: 0xbf},
+	// Block 0x60, offset 0x1db
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x8f},
+	{value: 0xe500, lo: 0x90, hi: 0x90},
+	{value: 0xc600, lo: 0x91, hi: 0xab},
+	{value: 0xe500, lo: 0xac, hi: 0xac},
+	{value: 0xc600, lo: 0xad, hi: 0xbf},
+	// Block 0x61, offset 0x1e1
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x87},
+	{value: 0xe500, lo: 0x88, hi: 0x88},
+	{value: 0xc600, lo: 0x89, hi: 0xa3},
+	{value: 0xe500, lo: 0xa4, hi: 0xa4},
+	{value: 0xc600, lo: 0xa5, hi: 0xbf},
+	// Block 0x62, offset 0x1e7
+	{value: 0x0000, lo: 0x03},
+	{value: 0xc600, lo: 0x80, hi: 0x87},
+	{value: 0xe500, lo: 0x88, hi: 0x88},
+	{value: 0xc600, lo: 0x89, hi: 0xa3},
+	// Block 0x63, offset 0x1eb
+	{value: 0x0006, lo: 0x0d},
+	{value: 0x44d1, lo: 0x9d, hi: 0x9d},
+	{value: 0x8116, lo: 0x9e, hi: 0x9e},
+	{value: 0x4543, lo: 0x9f, hi: 0x9f},
+	{value: 0x4531, lo: 0xaa, hi: 0xab},
+	{value: 0x4635, lo: 0xac, hi: 0xac},
+	{value: 0x463d, lo: 0xad, hi: 0xad},
+	{value: 0x4489, lo: 0xae, hi: 0xb1},
+	{value: 0x44a7, lo: 0xb2, hi: 0xb4},
+	{value: 0x44bf, lo: 0xb5, hi: 0xb6},
+	{value: 0x44cb, lo: 0xb8, hi: 0xb8},
+	{value: 0x44d7, lo: 0xb9, hi: 0xbb},
+	{value: 0x44ef, lo: 0xbc, hi: 0xbc},
+	{value: 0x44f5, lo: 0xbe, hi: 0xbe},
+	// Block 0x64, offset 0x1f9
+	{value: 0x0006, lo: 0x08},
+	{value: 0x44fb, lo: 0x80, hi: 0x81},
+	{value: 0x4507, lo: 0x83, hi: 0x84},
+	{value: 0x4519, lo: 0x86, hi: 0x89},
+	{value: 0x453d, lo: 0x8a, hi: 0x8a},
+	{value: 0x44b9, lo: 0x8b, hi: 0x8b},
+	{value: 0x44a1, lo: 0x8c, hi: 0x8c},
+	{value: 0x44e9, lo: 0x8d, hi: 0x8d},
+	{value: 0x4513, lo: 0x8e, hi: 0x8e},
+	// Block 0x65, offset 0x202
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8100, lo: 0xa4, hi: 0xa5},
+	{value: 0x8100, lo: 0xb0, hi: 0xb1},
+	// Block 0x66, offset 0x205
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8100, lo: 0x9b, hi: 0x9d},
+	{value: 0x8200, lo: 0x9e, hi: 0xa3},
+	// Block 0x67, offset 0x208
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8100, lo: 0x90, hi: 0x90},
+	// Block 0x68, offset 0x20a
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8100, lo: 0x99, hi: 0x99},
+	{value: 0x8200, lo: 0xb2, hi: 0xb4},
+	// Block 0x69, offset 0x20d
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8100, lo: 0xbc, hi: 0xbd},
+	// Block 0x6a, offset 0x20f
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8133, lo: 0xa0, hi: 0xa6},
+	{value: 0x812e, lo: 0xa7, hi: 0xad},
+	{value: 0x8133, lo: 0xae, hi: 0xaf},
+	// Block 0x6b, offset 0x213
+	{value: 0x0000, lo: 0x04},
+	{value: 0x8100, lo: 0x89, hi: 0x8c},
+	{value: 0x8100, lo: 0xb0, hi: 0xb2},
+	{value: 0x8100, lo: 0xb4, hi: 0xb4},
+	{value: 0x8100, lo: 0xb6, hi: 0xbf},
+	// Block 0x6c, offset 0x218
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8100, lo: 0x81, hi: 0x8c},
+	// Block 0x6d, offset 0x21a
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8100, lo: 0xb5, hi: 0xba},
+	// Block 0x6e, offset 0x21c
+	{value: 0x0000, lo: 0x04},
+	{value: 0x4be0, lo: 0x9e, hi: 0x9f},
+	{value: 0x4be0, lo: 0xa3, hi: 0xa3},
+	{value: 0x4be0, lo: 0xa5, hi: 0xa6},
+	{value: 0x4be0, lo: 0xaa, hi: 0xaf},
+	// Block 0x6f, offset 0x221
+	{value: 0x0000, lo: 0x05},
+	{value: 0x4be0, lo: 0x82, hi: 0x87},
+	{value: 0x4be0, lo: 0x8a, hi: 0x8f},
+	{value: 0x4be0, lo: 0x92, hi: 0x97},
+	{value: 0x4be0, lo: 0x9a, hi: 0x9c},
+	{value: 0x8100, lo: 0xa3, hi: 0xa3},
+	// Block 0x70, offset 0x227
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0xbd, hi: 0xbd},
+	// Block 0x71, offset 0x229
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0xa0, hi: 0xa0},
+	// Block 0x72, offset 0x22b
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xb6, hi: 0xba},
+	// Block 0x73, offset 0x22d
+	{value: 0x002d, lo: 0x05},
+	{value: 0x812e, lo: 0x8d, hi: 0x8d},
+	{value: 0x8133, lo: 0x8f, hi: 0x8f},
+	{value: 0x8133, lo: 0xb8, hi: 0xb8},
+	{value: 0x8101, lo: 0xb9, hi: 0xba},
+	{value: 0x8105, lo: 0xbf, hi: 0xbf},
+	// Block 0x74, offset 0x233
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0xa5, hi: 0xa5},
+	{value: 0x812e, lo: 0xa6, hi: 0xa6},
+	// Block 0x75, offset 0x236
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xa4, hi: 0xa7},
+	// Block 0x76, offset 0x238
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xab, hi: 0xac},
+	// Block 0x77, offset 0x23a
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0xbd, hi: 0xbf},
+	// Block 0x78, offset 0x23c
+	{value: 0x0000, lo: 0x05},
+	{value: 0x812e, lo: 0x86, hi: 0x87},
+	{value: 0x8133, lo: 0x88, hi: 0x8a},
+	{value: 0x812e, lo: 0x8b, hi: 0x8b},
+	{value: 0x8133, lo: 0x8c, hi: 0x8c},
+	{value: 0x812e, lo: 0x8d, hi: 0x90},
+	// Block 0x79, offset 0x242
+	{value: 0x0005, lo: 0x03},
+	{value: 0x8133, lo: 0x82, hi: 0x82},
+	{value: 0x812e, lo: 0x83, hi: 0x84},
+	{value: 0x812e, lo: 0x85, hi: 0x85},
+	// Block 0x7a, offset 0x246
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8105, lo: 0x86, hi: 0x86},
+	{value: 0x8105, lo: 0xb0, hi: 0xb0},
+	{value: 0x8105, lo: 0xbf, hi: 0xbf},
+	// Block 0x7b, offset 0x24a
+	{value: 0x17fe, lo: 0x07},
+	{value: 0xa000, lo: 0x99, hi: 0x99},
+	{value: 0x4379, lo: 0x9a, hi: 0x9a},
+	{value: 0xa000, lo: 0x9b, hi: 0x9b},
+	{value: 0x4383, lo: 0x9c, hi: 0x9c},
+	{value: 0xa000, lo: 0xa5, hi: 0xa5},
+	{value: 0x438d, lo: 0xab, hi: 0xab},
+	{value: 0x8105, lo: 0xb9, hi: 0xba},
+	// Block 0x7c, offset 0x252
+	{value: 0x0000, lo: 0x06},
+	{value: 0x8133, lo: 0x80, hi: 0x82},
+	{value: 0x9900, lo: 0xa7, hi: 0xa7},
+	{value: 0x2eb5, lo: 0xae, hi: 0xae},
+	{value: 0x2ebf, lo: 0xaf, hi: 0xaf},
+	{value: 0xa000, lo: 0xb1, hi: 0xb2},
+	{value: 0x8105, lo: 0xb3, hi: 0xb4},
+	// Block 0x7d, offset 0x259
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x80, hi: 0x80},
+	{value: 0x8103, lo: 0x8a, hi: 0x8a},
+	// Block 0x7e, offset 0x25c
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0xb5, hi: 0xb5},
+	{value: 0x8103, lo: 0xb6, hi: 0xb6},
+	// Block 0x7f, offset 0x25f
+	{value: 0x0002, lo: 0x01},
+	{value: 0x8103, lo: 0xa9, hi: 0xaa},
+	// Block 0x80, offset 0x261
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0xbb, hi: 0xbc},
+	{value: 0x9900, lo: 0xbe, hi: 0xbe},
+	// Block 0x81, offset 0x264
+	{value: 0x0000, lo: 0x07},
+	{value: 0xa000, lo: 0x87, hi: 0x87},
+	{value: 0x2ec9, lo: 0x8b, hi: 0x8b},
+	{value: 0x2ed3, lo: 0x8c, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x97, hi: 0x97},
+	{value: 0x8133, lo: 0xa6, hi: 0xac},
+	{value: 0x8133, lo: 0xb0, hi: 0xb4},
+	// Block 0x82, offset 0x26c
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8105, lo: 0x82, hi: 0x82},
+	{value: 0x8103, lo: 0x86, hi: 0x86},
+	{value: 0x8133, lo: 0x9e, hi: 0x9e},
+	// Block 0x83, offset 0x270
+	{value: 0x6a23, lo: 0x06},
+	{value: 0x9900, lo: 0xb0, hi: 0xb0},
+	{value: 0xa000, lo: 0xb9, hi: 0xb9},
+	{value: 0x9900, lo: 0xba, hi: 0xba},
+	{value: 0x2ee7, lo: 0xbb, hi: 0xbb},
+	{value: 0x2edd, lo: 0xbc, hi: 0xbd},
+	{value: 0x2ef1, lo: 0xbe, hi: 0xbe},
+	// Block 0x84, offset 0x277
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x82, hi: 0x82},
+	{value: 0x8103, lo: 0x83, hi: 0x83},
+	// Block 0x85, offset 0x27a
+	{value: 0x0000, lo: 0x05},
+	{value: 0x9900, lo: 0xaf, hi: 0xaf},
+	{value: 0xa000, lo: 0xb8, hi: 0xb9},
+	{value: 0x2efb, lo: 0xba, hi: 0xba},
+	{value: 0x2f05, lo: 0xbb, hi: 0xbb},
+	{value: 0x8105, lo: 0xbf, hi: 0xbf},
+	// Block 0x86, offset 0x280
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0x80, hi: 0x80},
+	// Block 0x87, offset 0x282
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0xb6, hi: 0xb6},
+	{value: 0x8103, lo: 0xb7, hi: 0xb7},
+	// Block 0x88, offset 0x285
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xab, hi: 0xab},
+	// Block 0x89, offset 0x287
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0xb9, hi: 0xb9},
+	{value: 0x8103, lo: 0xba, hi: 0xba},
+	// Block 0x8a, offset 0x28a
+	{value: 0x0000, lo: 0x04},
+	{value: 0x9900, lo: 0xb0, hi: 0xb0},
+	{value: 0xa000, lo: 0xb5, hi: 0xb5},
+	{value: 0x2f0f, lo: 0xb8, hi: 0xb8},
+	{value: 0x8105, lo: 0xbd, hi: 0xbe},
+	// Block 0x8b, offset 0x28f
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0x83, hi: 0x83},
+	// Block 0x8c, offset 0x291
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xa0, hi: 0xa0},
+	// Block 0x8d, offset 0x293
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xb4, hi: 0xb4},
+	// Block 0x8e, offset 0x295
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x87, hi: 0x87},
+	// Block 0x8f, offset 0x297
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x99, hi: 0x99},
+	// Block 0x90, offset 0x299
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0x82, hi: 0x82},
+	{value: 0x8105, lo: 0x84, hi: 0x85},
+	// Block 0x91, offset 0x29c
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x97, hi: 0x97},
+	// Block 0x92, offset 0x29e
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x81, hi: 0x82},
+	// Block 0x93, offset 0x2a0
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8101, lo: 0xb0, hi: 0xb4},
+	// Block 0x94, offset 0x2a2
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xb0, hi: 0xb6},
+	// Block 0x95, offset 0x2a4
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8102, lo: 0xb0, hi: 0xb1},
+	// Block 0x96, offset 0x2a6
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8101, lo: 0x9e, hi: 0x9e},
+	// Block 0x97, offset 0x2a8
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x470d, lo: 0x9e, hi: 0x9e},
+	{value: 0x4717, lo: 0x9f, hi: 0x9f},
+	{value: 0x474b, lo: 0xa0, hi: 0xa0},
+	{value: 0x4759, lo: 0xa1, hi: 0xa1},
+	{value: 0x4767, lo: 0xa2, hi: 0xa2},
+	{value: 0x4775, lo: 0xa3, hi: 0xa3},
+	{value: 0x4783, lo: 0xa4, hi: 0xa4},
+	{value: 0x812c, lo: 0xa5, hi: 0xa6},
+	{value: 0x8101, lo: 0xa7, hi: 0xa9},
+	{value: 0x8131, lo: 0xad, hi: 0xad},
+	{value: 0x812c, lo: 0xae, hi: 0xb2},
+	{value: 0x812e, lo: 0xbb, hi: 0xbf},
+	// Block 0x98, offset 0x2b5
+	{value: 0x0000, lo: 0x09},
+	{value: 0x812e, lo: 0x80, hi: 0x82},
+	{value: 0x8133, lo: 0x85, hi: 0x89},
+	{value: 0x812e, lo: 0x8a, hi: 0x8b},
+	{value: 0x8133, lo: 0xaa, hi: 0xad},
+	{value: 0x4721, lo: 0xbb, hi: 0xbb},
+	{value: 0x472b, lo: 0xbc, hi: 0xbc},
+	{value: 0x4791, lo: 0xbd, hi: 0xbd},
+	{value: 0x47ad, lo: 0xbe, hi: 0xbe},
+	{value: 0x479f, lo: 0xbf, hi: 0xbf},
+	// Block 0x99, offset 0x2bf
+	{value: 0x0000, lo: 0x01},
+	{value: 0x47bb, lo: 0x80, hi: 0x80},
+	// Block 0x9a, offset 0x2c1
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0x82, hi: 0x84},
+	// Block 0x9b, offset 0x2c3
+	{value: 0x0000, lo: 0x05},
+	{value: 0x8133, lo: 0x80, hi: 0x86},
+	{value: 0x8133, lo: 0x88, hi: 0x98},
+	{value: 0x8133, lo: 0x9b, hi: 0xa1},
+	{value: 0x8133, lo: 0xa3, hi: 0xa4},
+	{value: 0x8133, lo: 0xa6, hi: 0xaa},
+	// Block 0x9c, offset 0x2c9
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0x8f, hi: 0x8f},
+	// Block 0x9d, offset 0x2cb
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xae, hi: 0xae},
+	// Block 0x9e, offset 0x2cd
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xac, hi: 0xaf},
+	// Block 0x9f, offset 0x2cf
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8134, lo: 0xac, hi: 0xad},
+	{value: 0x812e, lo: 0xae, hi: 0xae},
+	{value: 0x8133, lo: 0xaf, hi: 0xaf},
+	// Block 0xa0, offset 0x2d3
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0x90, hi: 0x96},
+	// Block 0xa1, offset 0x2d5
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0x84, hi: 0x89},
+	{value: 0x8103, lo: 0x8a, hi: 0x8a},
+	// Block 0xa2, offset 0x2d8
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8100, lo: 0x93, hi: 0x93},
+}
+
+// lookup returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *nfkcTrie) lookup(s []byte) (v uint16, sz int) {
+	c0 := s[0]
+	switch {
+	case c0 < 0x80: // is ASCII
+		return nfkcValues[c0], 1
+	case c0 < 0xC2:
+		return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+	case c0 < 0xE0: // 2-byte UTF-8
+		if len(s) < 2 {
+			return 0, 0
+		}
+		i := nfkcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c1), 2
+	case c0 < 0xF0: // 3-byte UTF-8
+		if len(s) < 3 {
+			return 0, 0
+		}
+		i := nfkcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = nfkcIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c2), 3
+	case c0 < 0xF8: // 4-byte UTF-8
+		if len(s) < 4 {
+			return 0, 0
+		}
+		i := nfkcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = nfkcIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		o = uint32(i)<<6 + uint32(c2)
+		i = nfkcIndex[o]
+		c3 := s[3]
+		if c3 < 0x80 || 0xC0 <= c3 {
+			return 0, 3 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c3), 4
+	}
+	// Illegal rune
+	return 0, 1
+}
+
+// lookupUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *nfkcTrie) lookupUnsafe(s []byte) uint16 {
+	c0 := s[0]
+	if c0 < 0x80 { // is ASCII
+		return nfkcValues[c0]
+	}
+	i := nfkcIndex[c0]
+	if c0 < 0xE0 { // 2-byte UTF-8
+		return t.lookupValue(uint32(i), s[1])
+	}
+	i = nfkcIndex[uint32(i)<<6+uint32(s[1])]
+	if c0 < 0xF0 { // 3-byte UTF-8
+		return t.lookupValue(uint32(i), s[2])
+	}
+	i = nfkcIndex[uint32(i)<<6+uint32(s[2])]
+	if c0 < 0xF8 { // 4-byte UTF-8
+		return t.lookupValue(uint32(i), s[3])
+	}
+	return 0
+}
+
+// lookupString returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *nfkcTrie) lookupString(s string) (v uint16, sz int) {
+	c0 := s[0]
+	switch {
+	case c0 < 0x80: // is ASCII
+		return nfkcValues[c0], 1
+	case c0 < 0xC2:
+		return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+	case c0 < 0xE0: // 2-byte UTF-8
+		if len(s) < 2 {
+			return 0, 0
+		}
+		i := nfkcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c1), 2
+	case c0 < 0xF0: // 3-byte UTF-8
+		if len(s) < 3 {
+			return 0, 0
+		}
+		i := nfkcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = nfkcIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c2), 3
+	case c0 < 0xF8: // 4-byte UTF-8
+		if len(s) < 4 {
+			return 0, 0
+		}
+		i := nfkcIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = nfkcIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		o = uint32(i)<<6 + uint32(c2)
+		i = nfkcIndex[o]
+		c3 := s[3]
+		if c3 < 0x80 || 0xC0 <= c3 {
+			return 0, 3 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c3), 4
+	}
+	// Illegal rune
+	return 0, 1
+}
+
+// lookupStringUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *nfkcTrie) lookupStringUnsafe(s string) uint16 {
+	c0 := s[0]
+	if c0 < 0x80 { // is ASCII
+		return nfkcValues[c0]
+	}
+	i := nfkcIndex[c0]
+	if c0 < 0xE0 { // 2-byte UTF-8
+		return t.lookupValue(uint32(i), s[1])
+	}
+	i = nfkcIndex[uint32(i)<<6+uint32(s[1])]
+	if c0 < 0xF0 { // 3-byte UTF-8
+		return t.lookupValue(uint32(i), s[2])
+	}
+	i = nfkcIndex[uint32(i)<<6+uint32(s[2])]
+	if c0 < 0xF8 { // 4-byte UTF-8
+		return t.lookupValue(uint32(i), s[3])
+	}
+	return 0
+}
+
+// nfkcTrie. Total size: 19260 bytes (18.81 KiB). Checksum: 1a0bbc4c8c24da49.
+type nfkcTrie struct{}
+
+func newNfkcTrie(i int) *nfkcTrie {
+	return &nfkcTrie{}
+}
+
+// lookupValue determines the type of block n and looks up the value for b.
+func (t *nfkcTrie) lookupValue(n uint32, b byte) uint16 {
+	switch {
+	case n < 95:
+		return uint16(nfkcValues[n<<6+uint32(b)])
+	default:
+		n -= 95
+		return uint16(nfkcSparse.lookup(n, b))
+	}
+}
+
+// nfkcValues: 97 blocks, 6208 entries, 12416 bytes
+// The third block is the zero block.
+var nfkcValues = [6208]uint16{
+	// Block 0x0, offset 0x0
+	0x3c: 0xa000, 0x3d: 0xa000, 0x3e: 0xa000,
+	// Block 0x1, offset 0x40
+	0x41: 0xa000, 0x42: 0xa000, 0x43: 0xa000, 0x44: 0xa000, 0x45: 0xa000,
+	0x46: 0xa000, 0x47: 0xa000, 0x48: 0xa000, 0x49: 0xa000, 0x4a: 0xa000, 0x4b: 0xa000,
+	0x4c: 0xa000, 0x4d: 0xa000, 0x4e: 0xa000, 0x4f: 0xa000, 0x50: 0xa000,
+	0x52: 0xa000, 0x53: 0xa000, 0x54: 0xa000, 0x55: 0xa000, 0x56: 0xa000, 0x57: 0xa000,
+	0x58: 0xa000, 0x59: 0xa000, 0x5a: 0xa000,
+	0x61: 0xa000, 0x62: 0xa000, 0x63: 0xa000,
+	0x64: 0xa000, 0x65: 0xa000, 0x66: 0xa000, 0x67: 0xa000, 0x68: 0xa000, 0x69: 0xa000,
+	0x6a: 0xa000, 0x6b: 0xa000, 0x6c: 0xa000, 0x6d: 0xa000, 0x6e: 0xa000, 0x6f: 0xa000,
+	0x70: 0xa000, 0x72: 0xa000, 0x73: 0xa000, 0x74: 0xa000, 0x75: 0xa000,
+	0x76: 0xa000, 0x77: 0xa000, 0x78: 0xa000, 0x79: 0xa000, 0x7a: 0xa000,
+	// Block 0x2, offset 0x80
+	// Block 0x3, offset 0xc0
+	0xc0: 0x30b0, 0xc1: 0x30b5, 0xc2: 0x47c9, 0xc3: 0x30ba, 0xc4: 0x47d8, 0xc5: 0x47dd,
+	0xc6: 0xa000, 0xc7: 0x47e7, 0xc8: 0x3123, 0xc9: 0x3128, 0xca: 0x47ec, 0xcb: 0x313c,
+	0xcc: 0x31af, 0xcd: 0x31b4, 0xce: 0x31b9, 0xcf: 0x4800, 0xd1: 0x3245,
+	0xd2: 0x3268, 0xd3: 0x326d, 0xd4: 0x480a, 0xd5: 0x480f, 0xd6: 0x481e,
+	0xd8: 0xa000, 0xd9: 0x32f4, 0xda: 0x32f9, 0xdb: 0x32fe, 0xdc: 0x4850, 0xdd: 0x3376,
+	0xe0: 0x33bc, 0xe1: 0x33c1, 0xe2: 0x485a, 0xe3: 0x33c6,
+	0xe4: 0x4869, 0xe5: 0x486e, 0xe6: 0xa000, 0xe7: 0x4878, 0xe8: 0x342f, 0xe9: 0x3434,
+	0xea: 0x487d, 0xeb: 0x3448, 0xec: 0x34c0, 0xed: 0x34c5, 0xee: 0x34ca, 0xef: 0x4891,
+	0xf1: 0x3556, 0xf2: 0x3579, 0xf3: 0x357e, 0xf4: 0x489b, 0xf5: 0x48a0,
+	0xf6: 0x48af, 0xf8: 0xa000, 0xf9: 0x360a, 0xfa: 0x360f, 0xfb: 0x3614,
+	0xfc: 0x48e1, 0xfd: 0x3691, 0xff: 0x36aa,
+	// Block 0x4, offset 0x100
+	0x100: 0x30bf, 0x101: 0x33cb, 0x102: 0x47ce, 0x103: 0x485f, 0x104: 0x30dd, 0x105: 0x33e9,
+	0x106: 0x30f1, 0x107: 0x33fd, 0x108: 0x30f6, 0x109: 0x3402, 0x10a: 0x30fb, 0x10b: 0x3407,
+	0x10c: 0x3100, 0x10d: 0x340c, 0x10e: 0x310a, 0x10f: 0x3416,
+	0x112: 0x47f1, 0x113: 0x4882, 0x114: 0x3132, 0x115: 0x343e, 0x116: 0x3137, 0x117: 0x3443,
+	0x118: 0x3155, 0x119: 0x3461, 0x11a: 0x3146, 0x11b: 0x3452, 0x11c: 0x316e, 0x11d: 0x347a,
+	0x11e: 0x3178, 0x11f: 0x3484, 0x120: 0x317d, 0x121: 0x3489, 0x122: 0x3187, 0x123: 0x3493,
+	0x124: 0x318c, 0x125: 0x3498, 0x128: 0x31be, 0x129: 0x34cf,
+	0x12a: 0x31c3, 0x12b: 0x34d4, 0x12c: 0x31c8, 0x12d: 0x34d9, 0x12e: 0x31eb, 0x12f: 0x34f7,
+	0x130: 0x31cd, 0x132: 0x1a8a, 0x133: 0x1b17, 0x134: 0x31f5, 0x135: 0x3501,
+	0x136: 0x3209, 0x137: 0x351a, 0x139: 0x3213, 0x13a: 0x3524, 0x13b: 0x321d,
+	0x13c: 0x352e, 0x13d: 0x3218, 0x13e: 0x3529, 0x13f: 0x1cdc,
+	// Block 0x5, offset 0x140
+	0x140: 0x1d64, 0x143: 0x3240, 0x144: 0x3551, 0x145: 0x3259,
+	0x146: 0x356a, 0x147: 0x324f, 0x148: 0x3560, 0x149: 0x1d8c,
+	0x14c: 0x4814, 0x14d: 0x48a5, 0x14e: 0x3272, 0x14f: 0x3583, 0x150: 0x327c, 0x151: 0x358d,
+	0x154: 0x329a, 0x155: 0x35ab, 0x156: 0x32b3, 0x157: 0x35c4,
+	0x158: 0x32a4, 0x159: 0x35b5, 0x15a: 0x4837, 0x15b: 0x48c8, 0x15c: 0x32bd, 0x15d: 0x35ce,
+	0x15e: 0x32cc, 0x15f: 0x35dd, 0x160: 0x483c, 0x161: 0x48cd, 0x162: 0x32e5, 0x163: 0x35fb,
+	0x164: 0x32d6, 0x165: 0x35ec, 0x168: 0x4846, 0x169: 0x48d7,
+	0x16a: 0x484b, 0x16b: 0x48dc, 0x16c: 0x3303, 0x16d: 0x3619, 0x16e: 0x330d, 0x16f: 0x3623,
+	0x170: 0x3312, 0x171: 0x3628, 0x172: 0x3330, 0x173: 0x3646, 0x174: 0x3353, 0x175: 0x3669,
+	0x176: 0x337b, 0x177: 0x3696, 0x178: 0x338f, 0x179: 0x339e, 0x17a: 0x36be, 0x17b: 0x33a8,
+	0x17c: 0x36c8, 0x17d: 0x33ad, 0x17e: 0x36cd, 0x17f: 0x00a7,
+	// Block 0x6, offset 0x180
+	0x184: 0x2f2f, 0x185: 0x2f35,
+	0x186: 0x2f3b, 0x187: 0x1a9f, 0x188: 0x1aa2, 0x189: 0x1b38, 0x18a: 0x1ab7, 0x18b: 0x1aba,
+	0x18c: 0x1b6e, 0x18d: 0x30c9, 0x18e: 0x33d5, 0x18f: 0x31d7, 0x190: 0x34e3, 0x191: 0x3281,
+	0x192: 0x3592, 0x193: 0x3317, 0x194: 0x362d, 0x195: 0x3b10, 0x196: 0x3c9f, 0x197: 0x3b09,
+	0x198: 0x3c98, 0x199: 0x3b17, 0x19a: 0x3ca6, 0x19b: 0x3b02, 0x19c: 0x3c91,
+	0x19e: 0x39f1, 0x19f: 0x3b80, 0x1a0: 0x39ea, 0x1a1: 0x3b79, 0x1a2: 0x36f4, 0x1a3: 0x3706,
+	0x1a6: 0x3182, 0x1a7: 0x348e, 0x1a8: 0x31ff, 0x1a9: 0x3510,
+	0x1aa: 0x482d, 0x1ab: 0x48be, 0x1ac: 0x3ad1, 0x1ad: 0x3c60, 0x1ae: 0x3718, 0x1af: 0x371e,
+	0x1b0: 0x3506, 0x1b1: 0x1a6f, 0x1b2: 0x1a72, 0x1b3: 0x1aff, 0x1b4: 0x3169, 0x1b5: 0x3475,
+	0x1b8: 0x323b, 0x1b9: 0x354c, 0x1ba: 0x39f8, 0x1bb: 0x3b87,
+	0x1bc: 0x36ee, 0x1bd: 0x3700, 0x1be: 0x36fa, 0x1bf: 0x370c,
+	// Block 0x7, offset 0x1c0
+	0x1c0: 0x30ce, 0x1c1: 0x33da, 0x1c2: 0x30d3, 0x1c3: 0x33df, 0x1c4: 0x314b, 0x1c5: 0x3457,
+	0x1c6: 0x3150, 0x1c7: 0x345c, 0x1c8: 0x31dc, 0x1c9: 0x34e8, 0x1ca: 0x31e1, 0x1cb: 0x34ed,
+	0x1cc: 0x3286, 0x1cd: 0x3597, 0x1ce: 0x328b, 0x1cf: 0x359c, 0x1d0: 0x32a9, 0x1d1: 0x35ba,
+	0x1d2: 0x32ae, 0x1d3: 0x35bf, 0x1d4: 0x331c, 0x1d5: 0x3632, 0x1d6: 0x3321, 0x1d7: 0x3637,
+	0x1d8: 0x32c7, 0x1d9: 0x35d8, 0x1da: 0x32e0, 0x1db: 0x35f6,
+	0x1de: 0x319b, 0x1df: 0x34a7,
+	0x1e6: 0x47d3, 0x1e7: 0x4864, 0x1e8: 0x47fb, 0x1e9: 0x488c,
+	0x1ea: 0x3aa0, 0x1eb: 0x3c2f, 0x1ec: 0x3a7d, 0x1ed: 0x3c0c, 0x1ee: 0x4819, 0x1ef: 0x48aa,
+	0x1f0: 0x3a99, 0x1f1: 0x3c28, 0x1f2: 0x3385, 0x1f3: 0x36a0,
+	// Block 0x8, offset 0x200
+	0x200: 0x9933, 0x201: 0x9933, 0x202: 0x9933, 0x203: 0x9933, 0x204: 0x9933, 0x205: 0x8133,
+	0x206: 0x9933, 0x207: 0x9933, 0x208: 0x9933, 0x209: 0x9933, 0x20a: 0x9933, 0x20b: 0x9933,
+	0x20c: 0x9933, 0x20d: 0x8133, 0x20e: 0x8133, 0x20f: 0x9933, 0x210: 0x8133, 0x211: 0x9933,
+	0x212: 0x8133, 0x213: 0x9933, 0x214: 0x9933, 0x215: 0x8134, 0x216: 0x812e, 0x217: 0x812e,
+	0x218: 0x812e, 0x219: 0x812e, 0x21a: 0x8134, 0x21b: 0x992c, 0x21c: 0x812e, 0x21d: 0x812e,
+	0x21e: 0x812e, 0x21f: 0x812e, 0x220: 0x812e, 0x221: 0x812a, 0x222: 0x812a, 0x223: 0x992e,
+	0x224: 0x992e, 0x225: 0x992e, 0x226: 0x992e, 0x227: 0x992a, 0x228: 0x992a, 0x229: 0x812e,
+	0x22a: 0x812e, 0x22b: 0x812e, 0x22c: 0x812e, 0x22d: 0x992e, 0x22e: 0x992e, 0x22f: 0x812e,
+	0x230: 0x992e, 0x231: 0x992e, 0x232: 0x812e, 0x233: 0x812e, 0x234: 0x8101, 0x235: 0x8101,
+	0x236: 0x8101, 0x237: 0x8101, 0x238: 0x9901, 0x239: 0x812e, 0x23a: 0x812e, 0x23b: 0x812e,
+	0x23c: 0x812e, 0x23d: 0x8133, 0x23e: 0x8133, 0x23f: 0x8133,
+	// Block 0x9, offset 0x240
+	0x240: 0x4aef, 0x241: 0x4af4, 0x242: 0x9933, 0x243: 0x4af9, 0x244: 0x4bb2, 0x245: 0x9937,
+	0x246: 0x8133, 0x247: 0x812e, 0x248: 0x812e, 0x249: 0x812e, 0x24a: 0x8133, 0x24b: 0x8133,
+	0x24c: 0x8133, 0x24d: 0x812e, 0x24e: 0x812e, 0x250: 0x8133, 0x251: 0x8133,
+	0x252: 0x8133, 0x253: 0x812e, 0x254: 0x812e, 0x255: 0x812e, 0x256: 0x812e, 0x257: 0x8133,
+	0x258: 0x8134, 0x259: 0x812e, 0x25a: 0x812e, 0x25b: 0x8133, 0x25c: 0x8135, 0x25d: 0x8136,
+	0x25e: 0x8136, 0x25f: 0x8135, 0x260: 0x8136, 0x261: 0x8136, 0x262: 0x8135, 0x263: 0x8133,
+	0x264: 0x8133, 0x265: 0x8133, 0x266: 0x8133, 0x267: 0x8133, 0x268: 0x8133, 0x269: 0x8133,
+	0x26a: 0x8133, 0x26b: 0x8133, 0x26c: 0x8133, 0x26d: 0x8133, 0x26e: 0x8133, 0x26f: 0x8133,
+	0x274: 0x01ee,
+	0x27a: 0x43e6,
+	0x27e: 0x0037,
+	// Block 0xa, offset 0x280
+	0x284: 0x439b, 0x285: 0x45bc,
+	0x286: 0x372a, 0x287: 0x00ce, 0x288: 0x3748, 0x289: 0x3754, 0x28a: 0x3766,
+	0x28c: 0x3784, 0x28e: 0x3796, 0x28f: 0x37b4, 0x290: 0x3f49, 0x291: 0xa000,
+	0x295: 0xa000, 0x297: 0xa000,
+	0x299: 0xa000,
+	0x29f: 0xa000, 0x2a1: 0xa000,
+	0x2a5: 0xa000, 0x2a9: 0xa000,
+	0x2aa: 0x3778, 0x2ab: 0x37a8, 0x2ac: 0x493f, 0x2ad: 0x37d8, 0x2ae: 0x4969, 0x2af: 0x37ea,
+	0x2b0: 0x3fb1, 0x2b1: 0xa000, 0x2b5: 0xa000,
+	0x2b7: 0xa000, 0x2b9: 0xa000,
+	0x2bf: 0xa000,
+	// Block 0xb, offset 0x2c0
+	0x2c1: 0xa000, 0x2c5: 0xa000,
+	0x2c9: 0xa000, 0x2ca: 0x4981, 0x2cb: 0x499f,
+	0x2cc: 0x3808, 0x2cd: 0x3820, 0x2ce: 0x49b7, 0x2d0: 0x0242, 0x2d1: 0x0254,
+	0x2d2: 0x0230, 0x2d3: 0x444d, 0x2d4: 0x4453, 0x2d5: 0x027e, 0x2d6: 0x026c,
+	0x2f0: 0x025a, 0x2f1: 0x026f, 0x2f2: 0x0272, 0x2f4: 0x020c, 0x2f5: 0x024b,
+	0x2f9: 0x022a,
+	// Block 0xc, offset 0x300
+	0x300: 0x3862, 0x301: 0x386e, 0x303: 0x385c,
+	0x306: 0xa000, 0x307: 0x384a,
+	0x30c: 0x389e, 0x30d: 0x3886, 0x30e: 0x38b0, 0x310: 0xa000,
+	0x313: 0xa000, 0x315: 0xa000, 0x316: 0xa000, 0x317: 0xa000,
+	0x318: 0xa000, 0x319: 0x3892, 0x31a: 0xa000,
+	0x31e: 0xa000, 0x323: 0xa000,
+	0x327: 0xa000,
+	0x32b: 0xa000, 0x32d: 0xa000,
+	0x330: 0xa000, 0x333: 0xa000, 0x335: 0xa000,
+	0x336: 0xa000, 0x337: 0xa000, 0x338: 0xa000, 0x339: 0x3916, 0x33a: 0xa000,
+	0x33e: 0xa000,
+	// Block 0xd, offset 0x340
+	0x341: 0x3874, 0x342: 0x38f8,
+	0x350: 0x3850, 0x351: 0x38d4,
+	0x352: 0x3856, 0x353: 0x38da, 0x356: 0x3868, 0x357: 0x38ec,
+	0x358: 0xa000, 0x359: 0xa000, 0x35a: 0x396a, 0x35b: 0x3970, 0x35c: 0x387a, 0x35d: 0x38fe,
+	0x35e: 0x3880, 0x35f: 0x3904, 0x362: 0x388c, 0x363: 0x3910,
+	0x364: 0x3898, 0x365: 0x391c, 0x366: 0x38a4, 0x367: 0x3928, 0x368: 0xa000, 0x369: 0xa000,
+	0x36a: 0x3976, 0x36b: 0x397c, 0x36c: 0x38ce, 0x36d: 0x3952, 0x36e: 0x38aa, 0x36f: 0x392e,
+	0x370: 0x38b6, 0x371: 0x393a, 0x372: 0x38bc, 0x373: 0x3940, 0x374: 0x38c2, 0x375: 0x3946,
+	0x378: 0x38c8, 0x379: 0x394c,
+	// Block 0xe, offset 0x380
+	0x387: 0x1e91,
+	0x391: 0x812e,
+	0x392: 0x8133, 0x393: 0x8133, 0x394: 0x8133, 0x395: 0x8133, 0x396: 0x812e, 0x397: 0x8133,
+	0x398: 0x8133, 0x399: 0x8133, 0x39a: 0x812f, 0x39b: 0x812e, 0x39c: 0x8133, 0x39d: 0x8133,
+	0x39e: 0x8133, 0x39f: 0x8133, 0x3a0: 0x8133, 0x3a1: 0x8133, 0x3a2: 0x812e, 0x3a3: 0x812e,
+	0x3a4: 0x812e, 0x3a5: 0x812e, 0x3a6: 0x812e, 0x3a7: 0x812e, 0x3a8: 0x8133, 0x3a9: 0x8133,
+	0x3aa: 0x812e, 0x3ab: 0x8133, 0x3ac: 0x8133, 0x3ad: 0x812f, 0x3ae: 0x8132, 0x3af: 0x8133,
+	0x3b0: 0x8106, 0x3b1: 0x8107, 0x3b2: 0x8108, 0x3b3: 0x8109, 0x3b4: 0x810a, 0x3b5: 0x810b,
+	0x3b6: 0x810c, 0x3b7: 0x810d, 0x3b8: 0x810e, 0x3b9: 0x810f, 0x3ba: 0x810f, 0x3bb: 0x8110,
+	0x3bc: 0x8111, 0x3bd: 0x8112, 0x3bf: 0x8113,
+	// Block 0xf, offset 0x3c0
+	0x3c8: 0xa000, 0x3ca: 0xa000, 0x3cb: 0x8117,
+	0x3cc: 0x8118, 0x3cd: 0x8119, 0x3ce: 0x811a, 0x3cf: 0x811b, 0x3d0: 0x811c, 0x3d1: 0x811d,
+	0x3d2: 0x811e, 0x3d3: 0x9933, 0x3d4: 0x9933, 0x3d5: 0x992e, 0x3d6: 0x812e, 0x3d7: 0x8133,
+	0x3d8: 0x8133, 0x3d9: 0x8133, 0x3da: 0x8133, 0x3db: 0x8133, 0x3dc: 0x812e, 0x3dd: 0x8133,
+	0x3de: 0x8133, 0x3df: 0x812e,
+	0x3f0: 0x811f, 0x3f5: 0x1eb4,
+	0x3f6: 0x2143, 0x3f7: 0x217f, 0x3f8: 0x217a,
+	// Block 0x10, offset 0x400
+	0x40a: 0x8133, 0x40b: 0x8133,
+	0x40c: 0x8133, 0x40d: 0x8133, 0x40e: 0x8133, 0x40f: 0x812e, 0x410: 0x812e, 0x411: 0x812e,
+	0x412: 0x812e, 0x413: 0x812e, 0x414: 0x8133, 0x415: 0x8133, 0x416: 0x8133, 0x417: 0x8133,
+	0x418: 0x8133, 0x419: 0x8133, 0x41a: 0x8133, 0x41b: 0x8133, 0x41c: 0x8133, 0x41d: 0x8133,
+	0x41e: 0x8133, 0x41f: 0x8133, 0x420: 0x8133, 0x421: 0x8133, 0x423: 0x812e,
+	0x424: 0x8133, 0x425: 0x8133, 0x426: 0x812e, 0x427: 0x8133, 0x428: 0x8133, 0x429: 0x812e,
+	0x42a: 0x8133, 0x42b: 0x8133, 0x42c: 0x8133, 0x42d: 0x812e, 0x42e: 0x812e, 0x42f: 0x812e,
+	0x430: 0x8117, 0x431: 0x8118, 0x432: 0x8119, 0x433: 0x8133, 0x434: 0x8133, 0x435: 0x8133,
+	0x436: 0x812e, 0x437: 0x8133, 0x438: 0x8133, 0x439: 0x812e, 0x43a: 0x812e, 0x43b: 0x8133,
+	0x43c: 0x8133, 0x43d: 0x8133, 0x43e: 0x8133, 0x43f: 0x8133,
+	// Block 0x11, offset 0x440
+	0x445: 0xa000,
+	0x446: 0x2e5d, 0x447: 0xa000, 0x448: 0x2e65, 0x449: 0xa000, 0x44a: 0x2e6d, 0x44b: 0xa000,
+	0x44c: 0x2e75, 0x44d: 0xa000, 0x44e: 0x2e7d, 0x451: 0xa000,
+	0x452: 0x2e85,
+	0x474: 0x8103, 0x475: 0x9900,
+	0x47a: 0xa000, 0x47b: 0x2e8d,
+	0x47c: 0xa000, 0x47d: 0x2e95, 0x47e: 0xa000, 0x47f: 0xa000,
+	// Block 0x12, offset 0x480
+	0x480: 0x0069, 0x481: 0x006b, 0x482: 0x006f, 0x483: 0x0083, 0x484: 0x0104, 0x485: 0x0107,
+	0x486: 0x0506, 0x487: 0x0085, 0x488: 0x0089, 0x489: 0x008b, 0x48a: 0x011f, 0x48b: 0x0122,
+	0x48c: 0x0125, 0x48d: 0x008f, 0x48f: 0x0097, 0x490: 0x009b, 0x491: 0x00e6,
+	0x492: 0x009f, 0x493: 0x0110, 0x494: 0x050a, 0x495: 0x050e, 0x496: 0x00a1, 0x497: 0x00a9,
+	0x498: 0x00ab, 0x499: 0x0516, 0x49a: 0x015b, 0x49b: 0x00ad, 0x49c: 0x051a, 0x49d: 0x0242,
+	0x49e: 0x0245, 0x49f: 0x0248, 0x4a0: 0x027e, 0x4a1: 0x0281, 0x4a2: 0x0093, 0x4a3: 0x00a5,
+	0x4a4: 0x00ab, 0x4a5: 0x00ad, 0x4a6: 0x0242, 0x4a7: 0x0245, 0x4a8: 0x026f, 0x4a9: 0x027e,
+	0x4aa: 0x0281,
+	0x4b8: 0x02b4,
+	// Block 0x13, offset 0x4c0
+	0x4db: 0x010a, 0x4dc: 0x0087, 0x4dd: 0x0113,
+	0x4de: 0x00d7, 0x4df: 0x0125, 0x4e0: 0x008d, 0x4e1: 0x012b, 0x4e2: 0x0131, 0x4e3: 0x013d,
+	0x4e4: 0x0146, 0x4e5: 0x0149, 0x4e6: 0x014c, 0x4e7: 0x051e, 0x4e8: 0x01c7, 0x4e9: 0x0155,
+	0x4ea: 0x0522, 0x4eb: 0x01ca, 0x4ec: 0x0161, 0x4ed: 0x015e, 0x4ee: 0x0164, 0x4ef: 0x0167,
+	0x4f0: 0x016a, 0x4f1: 0x016d, 0x4f2: 0x0176, 0x4f3: 0x018e, 0x4f4: 0x0191, 0x4f5: 0x00f2,
+	0x4f6: 0x019a, 0x4f7: 0x019d, 0x4f8: 0x0512, 0x4f9: 0x01a0, 0x4fa: 0x01a3, 0x4fb: 0x00b5,
+	0x4fc: 0x01af, 0x4fd: 0x01b2, 0x4fe: 0x01b5, 0x4ff: 0x0254,
+	// Block 0x14, offset 0x500
+	0x500: 0x8133, 0x501: 0x8133, 0x502: 0x812e, 0x503: 0x8133, 0x504: 0x8133, 0x505: 0x8133,
+	0x506: 0x8133, 0x507: 0x8133, 0x508: 0x8133, 0x509: 0x8133, 0x50a: 0x812e, 0x50b: 0x8133,
+	0x50c: 0x8133, 0x50d: 0x8136, 0x50e: 0x812b, 0x50f: 0x812e, 0x510: 0x812a, 0x511: 0x8133,
+	0x512: 0x8133, 0x513: 0x8133, 0x514: 0x8133, 0x515: 0x8133, 0x516: 0x8133, 0x517: 0x8133,
+	0x518: 0x8133, 0x519: 0x8133, 0x51a: 0x8133, 0x51b: 0x8133, 0x51c: 0x8133, 0x51d: 0x8133,
+	0x51e: 0x8133, 0x51f: 0x8133, 0x520: 0x8133, 0x521: 0x8133, 0x522: 0x8133, 0x523: 0x8133,
+	0x524: 0x8133, 0x525: 0x8133, 0x526: 0x8133, 0x527: 0x8133, 0x528: 0x8133, 0x529: 0x8133,
+	0x52a: 0x8133, 0x52b: 0x8133, 0x52c: 0x8133, 0x52d: 0x8133, 0x52e: 0x8133, 0x52f: 0x8133,
+	0x530: 0x8133, 0x531: 0x8133, 0x532: 0x8133, 0x533: 0x8133, 0x534: 0x8133, 0x535: 0x8133,
+	0x536: 0x8134, 0x537: 0x8132, 0x538: 0x8132, 0x539: 0x812e, 0x53a: 0x812d, 0x53b: 0x8133,
+	0x53c: 0x8135, 0x53d: 0x812e, 0x53e: 0x8133, 0x53f: 0x812e,
+	// Block 0x15, offset 0x540
+	0x540: 0x30d8, 0x541: 0x33e4, 0x542: 0x30e2, 0x543: 0x33ee, 0x544: 0x30e7, 0x545: 0x33f3,
+	0x546: 0x30ec, 0x547: 0x33f8, 0x548: 0x3a0d, 0x549: 0x3b9c, 0x54a: 0x3105, 0x54b: 0x3411,
+	0x54c: 0x310f, 0x54d: 0x341b, 0x54e: 0x311e, 0x54f: 0x342a, 0x550: 0x3114, 0x551: 0x3420,
+	0x552: 0x3119, 0x553: 0x3425, 0x554: 0x3a30, 0x555: 0x3bbf, 0x556: 0x3a37, 0x557: 0x3bc6,
+	0x558: 0x315a, 0x559: 0x3466, 0x55a: 0x315f, 0x55b: 0x346b, 0x55c: 0x3a45, 0x55d: 0x3bd4,
+	0x55e: 0x3164, 0x55f: 0x3470, 0x560: 0x3173, 0x561: 0x347f, 0x562: 0x3191, 0x563: 0x349d,
+	0x564: 0x31a0, 0x565: 0x34ac, 0x566: 0x3196, 0x567: 0x34a2, 0x568: 0x31a5, 0x569: 0x34b1,
+	0x56a: 0x31aa, 0x56b: 0x34b6, 0x56c: 0x31f0, 0x56d: 0x34fc, 0x56e: 0x3a4c, 0x56f: 0x3bdb,
+	0x570: 0x31fa, 0x571: 0x350b, 0x572: 0x3204, 0x573: 0x3515, 0x574: 0x320e, 0x575: 0x351f,
+	0x576: 0x4805, 0x577: 0x4896, 0x578: 0x3a53, 0x579: 0x3be2, 0x57a: 0x3227, 0x57b: 0x3538,
+	0x57c: 0x3222, 0x57d: 0x3533, 0x57e: 0x322c, 0x57f: 0x353d,
+	// Block 0x16, offset 0x580
+	0x580: 0x3231, 0x581: 0x3542, 0x582: 0x3236, 0x583: 0x3547, 0x584: 0x324a, 0x585: 0x355b,
+	0x586: 0x3254, 0x587: 0x3565, 0x588: 0x3263, 0x589: 0x3574, 0x58a: 0x325e, 0x58b: 0x356f,
+	0x58c: 0x3a76, 0x58d: 0x3c05, 0x58e: 0x3a84, 0x58f: 0x3c13, 0x590: 0x3a8b, 0x591: 0x3c1a,
+	0x592: 0x3a92, 0x593: 0x3c21, 0x594: 0x3290, 0x595: 0x35a1, 0x596: 0x3295, 0x597: 0x35a6,
+	0x598: 0x329f, 0x599: 0x35b0, 0x59a: 0x4832, 0x59b: 0x48c3, 0x59c: 0x3ad8, 0x59d: 0x3c67,
+	0x59e: 0x32b8, 0x59f: 0x35c9, 0x5a0: 0x32c2, 0x5a1: 0x35d3, 0x5a2: 0x4841, 0x5a3: 0x48d2,
+	0x5a4: 0x3adf, 0x5a5: 0x3c6e, 0x5a6: 0x3ae6, 0x5a7: 0x3c75, 0x5a8: 0x3aed, 0x5a9: 0x3c7c,
+	0x5aa: 0x32d1, 0x5ab: 0x35e2, 0x5ac: 0x32db, 0x5ad: 0x35f1, 0x5ae: 0x32ef, 0x5af: 0x3605,
+	0x5b0: 0x32ea, 0x5b1: 0x3600, 0x5b2: 0x332b, 0x5b3: 0x3641, 0x5b4: 0x333a, 0x5b5: 0x3650,
+	0x5b6: 0x3335, 0x5b7: 0x364b, 0x5b8: 0x3af4, 0x5b9: 0x3c83, 0x5ba: 0x3afb, 0x5bb: 0x3c8a,
+	0x5bc: 0x333f, 0x5bd: 0x3655, 0x5be: 0x3344, 0x5bf: 0x365a,
+	// Block 0x17, offset 0x5c0
+	0x5c0: 0x3349, 0x5c1: 0x365f, 0x5c2: 0x334e, 0x5c3: 0x3664, 0x5c4: 0x335d, 0x5c5: 0x3673,
+	0x5c6: 0x3358, 0x5c7: 0x366e, 0x5c8: 0x3362, 0x5c9: 0x367d, 0x5ca: 0x3367, 0x5cb: 0x3682,
+	0x5cc: 0x336c, 0x5cd: 0x3687, 0x5ce: 0x338a, 0x5cf: 0x36a5, 0x5d0: 0x33a3, 0x5d1: 0x36c3,
+	0x5d2: 0x33b2, 0x5d3: 0x36d2, 0x5d4: 0x33b7, 0x5d5: 0x36d7, 0x5d6: 0x34bb, 0x5d7: 0x35e7,
+	0x5d8: 0x3678, 0x5d9: 0x36b4, 0x5da: 0x1d10, 0x5db: 0x4418,
+	0x5e0: 0x47e2, 0x5e1: 0x4873, 0x5e2: 0x30c4, 0x5e3: 0x33d0,
+	0x5e4: 0x39b9, 0x5e5: 0x3b48, 0x5e6: 0x39b2, 0x5e7: 0x3b41, 0x5e8: 0x39c7, 0x5e9: 0x3b56,
+	0x5ea: 0x39c0, 0x5eb: 0x3b4f, 0x5ec: 0x39ff, 0x5ed: 0x3b8e, 0x5ee: 0x39d5, 0x5ef: 0x3b64,
+	0x5f0: 0x39ce, 0x5f1: 0x3b5d, 0x5f2: 0x39e3, 0x5f3: 0x3b72, 0x5f4: 0x39dc, 0x5f5: 0x3b6b,
+	0x5f6: 0x3a06, 0x5f7: 0x3b95, 0x5f8: 0x47f6, 0x5f9: 0x4887, 0x5fa: 0x3141, 0x5fb: 0x344d,
+	0x5fc: 0x312d, 0x5fd: 0x3439, 0x5fe: 0x3a1b, 0x5ff: 0x3baa,
+	// Block 0x18, offset 0x600
+	0x600: 0x3a14, 0x601: 0x3ba3, 0x602: 0x3a29, 0x603: 0x3bb8, 0x604: 0x3a22, 0x605: 0x3bb1,
+	0x606: 0x3a3e, 0x607: 0x3bcd, 0x608: 0x31d2, 0x609: 0x34de, 0x60a: 0x31e6, 0x60b: 0x34f2,
+	0x60c: 0x4828, 0x60d: 0x48b9, 0x60e: 0x3277, 0x60f: 0x3588, 0x610: 0x3a61, 0x611: 0x3bf0,
+	0x612: 0x3a5a, 0x613: 0x3be9, 0x614: 0x3a6f, 0x615: 0x3bfe, 0x616: 0x3a68, 0x617: 0x3bf7,
+	0x618: 0x3aca, 0x619: 0x3c59, 0x61a: 0x3aae, 0x61b: 0x3c3d, 0x61c: 0x3aa7, 0x61d: 0x3c36,
+	0x61e: 0x3abc, 0x61f: 0x3c4b, 0x620: 0x3ab5, 0x621: 0x3c44, 0x622: 0x3ac3, 0x623: 0x3c52,
+	0x624: 0x3326, 0x625: 0x363c, 0x626: 0x3308, 0x627: 0x361e, 0x628: 0x3b25, 0x629: 0x3cb4,
+	0x62a: 0x3b1e, 0x62b: 0x3cad, 0x62c: 0x3b33, 0x62d: 0x3cc2, 0x62e: 0x3b2c, 0x62f: 0x3cbb,
+	0x630: 0x3b3a, 0x631: 0x3cc9, 0x632: 0x3371, 0x633: 0x368c, 0x634: 0x3399, 0x635: 0x36b9,
+	0x636: 0x3394, 0x637: 0x36af, 0x638: 0x3380, 0x639: 0x369b,
+	// Block 0x19, offset 0x640
+	0x640: 0x4945, 0x641: 0x494b, 0x642: 0x4a5f, 0x643: 0x4a77, 0x644: 0x4a67, 0x645: 0x4a7f,
+	0x646: 0x4a6f, 0x647: 0x4a87, 0x648: 0x48eb, 0x649: 0x48f1, 0x64a: 0x49cf, 0x64b: 0x49e7,
+	0x64c: 0x49d7, 0x64d: 0x49ef, 0x64e: 0x49df, 0x64f: 0x49f7, 0x650: 0x4957, 0x651: 0x495d,
+	0x652: 0x3ef9, 0x653: 0x3f09, 0x654: 0x3f01, 0x655: 0x3f11,
+	0x658: 0x48f7, 0x659: 0x48fd, 0x65a: 0x3e29, 0x65b: 0x3e39, 0x65c: 0x3e31, 0x65d: 0x3e41,
+	0x660: 0x496f, 0x661: 0x4975, 0x662: 0x4a8f, 0x663: 0x4aa7,
+	0x664: 0x4a97, 0x665: 0x4aaf, 0x666: 0x4a9f, 0x667: 0x4ab7, 0x668: 0x4903, 0x669: 0x4909,
+	0x66a: 0x49ff, 0x66b: 0x4a17, 0x66c: 0x4a07, 0x66d: 0x4a1f, 0x66e: 0x4a0f, 0x66f: 0x4a27,
+	0x670: 0x4987, 0x671: 0x498d, 0x672: 0x3f59, 0x673: 0x3f71, 0x674: 0x3f61, 0x675: 0x3f79,
+	0x676: 0x3f69, 0x677: 0x3f81, 0x678: 0x490f, 0x679: 0x4915, 0x67a: 0x3e59, 0x67b: 0x3e71,
+	0x67c: 0x3e61, 0x67d: 0x3e79, 0x67e: 0x3e69, 0x67f: 0x3e81,
+	// Block 0x1a, offset 0x680
+	0x680: 0x4993, 0x681: 0x4999, 0x682: 0x3f89, 0x683: 0x3f99, 0x684: 0x3f91, 0x685: 0x3fa1,
+	0x688: 0x491b, 0x689: 0x4921, 0x68a: 0x3e89, 0x68b: 0x3e99,
+	0x68c: 0x3e91, 0x68d: 0x3ea1, 0x690: 0x49a5, 0x691: 0x49ab,
+	0x692: 0x3fc1, 0x693: 0x3fd9, 0x694: 0x3fc9, 0x695: 0x3fe1, 0x696: 0x3fd1, 0x697: 0x3fe9,
+	0x699: 0x4927, 0x69b: 0x3ea9, 0x69d: 0x3eb1,
+	0x69f: 0x3eb9, 0x6a0: 0x49bd, 0x6a1: 0x49c3, 0x6a2: 0x4abf, 0x6a3: 0x4ad7,
+	0x6a4: 0x4ac7, 0x6a5: 0x4adf, 0x6a6: 0x4acf, 0x6a7: 0x4ae7, 0x6a8: 0x492d, 0x6a9: 0x4933,
+	0x6aa: 0x4a2f, 0x6ab: 0x4a47, 0x6ac: 0x4a37, 0x6ad: 0x4a4f, 0x6ae: 0x4a3f, 0x6af: 0x4a57,
+	0x6b0: 0x4939, 0x6b1: 0x445f, 0x6b2: 0x37d2, 0x6b3: 0x4465, 0x6b4: 0x4963, 0x6b5: 0x446b,
+	0x6b6: 0x37e4, 0x6b7: 0x4471, 0x6b8: 0x3802, 0x6b9: 0x4477, 0x6ba: 0x381a, 0x6bb: 0x447d,
+	0x6bc: 0x49b1, 0x6bd: 0x4483,
+	// Block 0x1b, offset 0x6c0
+	0x6c0: 0x3ee1, 0x6c1: 0x3ee9, 0x6c2: 0x42c5, 0x6c3: 0x42e3, 0x6c4: 0x42cf, 0x6c5: 0x42ed,
+	0x6c6: 0x42d9, 0x6c7: 0x42f7, 0x6c8: 0x3e19, 0x6c9: 0x3e21, 0x6ca: 0x4211, 0x6cb: 0x422f,
+	0x6cc: 0x421b, 0x6cd: 0x4239, 0x6ce: 0x4225, 0x6cf: 0x4243, 0x6d0: 0x3f29, 0x6d1: 0x3f31,
+	0x6d2: 0x4301, 0x6d3: 0x431f, 0x6d4: 0x430b, 0x6d5: 0x4329, 0x6d6: 0x4315, 0x6d7: 0x4333,
+	0x6d8: 0x3e49, 0x6d9: 0x3e51, 0x6da: 0x424d, 0x6db: 0x426b, 0x6dc: 0x4257, 0x6dd: 0x4275,
+	0x6de: 0x4261, 0x6df: 0x427f, 0x6e0: 0x4001, 0x6e1: 0x4009, 0x6e2: 0x433d, 0x6e3: 0x435b,
+	0x6e4: 0x4347, 0x6e5: 0x4365, 0x6e6: 0x4351, 0x6e7: 0x436f, 0x6e8: 0x3ec1, 0x6e9: 0x3ec9,
+	0x6ea: 0x4289, 0x6eb: 0x42a7, 0x6ec: 0x4293, 0x6ed: 0x42b1, 0x6ee: 0x429d, 0x6ef: 0x42bb,
+	0x6f0: 0x37c6, 0x6f1: 0x37c0, 0x6f2: 0x3ed1, 0x6f3: 0x37cc, 0x6f4: 0x3ed9,
+	0x6f6: 0x4951, 0x6f7: 0x3ef1, 0x6f8: 0x3736, 0x6f9: 0x3730, 0x6fa: 0x3724, 0x6fb: 0x442f,
+	0x6fc: 0x373c, 0x6fd: 0x43c8, 0x6fe: 0x0257, 0x6ff: 0x43c8,
+	// Block 0x1c, offset 0x700
+	0x700: 0x43e1, 0x701: 0x45c3, 0x702: 0x3f19, 0x703: 0x37de, 0x704: 0x3f21,
+	0x706: 0x497b, 0x707: 0x3f39, 0x708: 0x3742, 0x709: 0x4435, 0x70a: 0x374e, 0x70b: 0x443b,
+	0x70c: 0x375a, 0x70d: 0x45ca, 0x70e: 0x45d1, 0x70f: 0x45d8, 0x710: 0x37f6, 0x711: 0x37f0,
+	0x712: 0x3f41, 0x713: 0x4625, 0x716: 0x37fc, 0x717: 0x3f51,
+	0x718: 0x3772, 0x719: 0x376c, 0x71a: 0x3760, 0x71b: 0x4441, 0x71d: 0x45df,
+	0x71e: 0x45e6, 0x71f: 0x45ed, 0x720: 0x382c, 0x721: 0x3826, 0x722: 0x3fa9, 0x723: 0x462d,
+	0x724: 0x380e, 0x725: 0x3814, 0x726: 0x3832, 0x727: 0x3fb9, 0x728: 0x37a2, 0x729: 0x379c,
+	0x72a: 0x3790, 0x72b: 0x444d, 0x72c: 0x378a, 0x72d: 0x45b5, 0x72e: 0x45bc, 0x72f: 0x0081,
+	0x732: 0x3ff1, 0x733: 0x3838, 0x734: 0x3ff9,
+	0x736: 0x49c9, 0x737: 0x4011, 0x738: 0x377e, 0x739: 0x4447, 0x73a: 0x37ae, 0x73b: 0x4459,
+	0x73c: 0x37ba, 0x73d: 0x439b, 0x73e: 0x43cd,
+	// Block 0x1d, offset 0x740
+	0x740: 0x1d08, 0x741: 0x1d0c, 0x742: 0x0047, 0x743: 0x1d84, 0x745: 0x1d18,
+	0x746: 0x1d1c, 0x747: 0x00ef, 0x749: 0x1d88, 0x74a: 0x008f, 0x74b: 0x0051,
+	0x74c: 0x0051, 0x74d: 0x0051, 0x74e: 0x0091, 0x74f: 0x00e0, 0x750: 0x0053, 0x751: 0x0053,
+	0x752: 0x0059, 0x753: 0x0099, 0x755: 0x005d, 0x756: 0x1abd,
+	0x759: 0x0061, 0x75a: 0x0063, 0x75b: 0x0065, 0x75c: 0x0065, 0x75d: 0x0065,
+	0x760: 0x1acf, 0x761: 0x1cf8, 0x762: 0x1ad8,
+	0x764: 0x0075, 0x766: 0x023c, 0x768: 0x0075,
+	0x76a: 0x0057, 0x76b: 0x4413, 0x76c: 0x0045, 0x76d: 0x0047, 0x76f: 0x008b,
+	0x770: 0x004b, 0x771: 0x004d, 0x773: 0x005b, 0x774: 0x009f, 0x775: 0x0308,
+	0x776: 0x030b, 0x777: 0x030e, 0x778: 0x0311, 0x779: 0x0093, 0x77b: 0x1cc8,
+	0x77c: 0x026c, 0x77d: 0x0245, 0x77e: 0x01fd, 0x77f: 0x0224,
+	// Block 0x1e, offset 0x780
+	0x780: 0x055a, 0x785: 0x0049,
+	0x786: 0x0089, 0x787: 0x008b, 0x788: 0x0093, 0x789: 0x0095,
+	0x790: 0x235e, 0x791: 0x236a,
+	0x792: 0x241e, 0x793: 0x2346, 0x794: 0x23ca, 0x795: 0x2352, 0x796: 0x23d0, 0x797: 0x23e8,
+	0x798: 0x23f4, 0x799: 0x2358, 0x79a: 0x23fa, 0x79b: 0x2364, 0x79c: 0x23ee, 0x79d: 0x2400,
+	0x79e: 0x2406, 0x79f: 0x1dec, 0x7a0: 0x0053, 0x7a1: 0x1a87, 0x7a2: 0x1cd4, 0x7a3: 0x1a90,
+	0x7a4: 0x006d, 0x7a5: 0x1adb, 0x7a6: 0x1d00, 0x7a7: 0x1e78, 0x7a8: 0x1a93, 0x7a9: 0x0071,
+	0x7aa: 0x1ae7, 0x7ab: 0x1d04, 0x7ac: 0x0059, 0x7ad: 0x0047, 0x7ae: 0x0049, 0x7af: 0x005b,
+	0x7b0: 0x0093, 0x7b1: 0x1b14, 0x7b2: 0x1d48, 0x7b3: 0x1b1d, 0x7b4: 0x00ad, 0x7b5: 0x1b92,
+	0x7b6: 0x1d7c, 0x7b7: 0x1e8c, 0x7b8: 0x1b20, 0x7b9: 0x00b1, 0x7ba: 0x1b95, 0x7bb: 0x1d80,
+	0x7bc: 0x0099, 0x7bd: 0x0087, 0x7be: 0x0089, 0x7bf: 0x009b,
+	// Block 0x1f, offset 0x7c0
+	0x7c1: 0x3d47, 0x7c3: 0xa000, 0x7c4: 0x3d4e, 0x7c5: 0xa000,
+	0x7c7: 0x3d55, 0x7c8: 0xa000, 0x7c9: 0x3d5c,
+	0x7cd: 0xa000,
+	0x7e0: 0x30a6, 0x7e1: 0xa000, 0x7e2: 0x3d6a,
+	0x7e4: 0xa000, 0x7e5: 0xa000,
+	0x7ed: 0x3d63, 0x7ee: 0x30a1, 0x7ef: 0x30ab,
+	0x7f0: 0x3d71, 0x7f1: 0x3d78, 0x7f2: 0xa000, 0x7f3: 0xa000, 0x7f4: 0x3d7f, 0x7f5: 0x3d86,
+	0x7f6: 0xa000, 0x7f7: 0xa000, 0x7f8: 0x3d8d, 0x7f9: 0x3d94, 0x7fa: 0xa000, 0x7fb: 0xa000,
+	0x7fc: 0xa000, 0x7fd: 0xa000,
+	// Block 0x20, offset 0x800
+	0x800: 0x3d9b, 0x801: 0x3da2, 0x802: 0xa000, 0x803: 0xa000, 0x804: 0x3db7, 0x805: 0x3dbe,
+	0x806: 0xa000, 0x807: 0xa000, 0x808: 0x3dc5, 0x809: 0x3dcc,
+	0x811: 0xa000,
+	0x812: 0xa000,
+	0x822: 0xa000,
+	0x828: 0xa000, 0x829: 0xa000,
+	0x82b: 0xa000, 0x82c: 0x3de1, 0x82d: 0x3de8, 0x82e: 0x3def, 0x82f: 0x3df6,
+	0x832: 0xa000, 0x833: 0xa000, 0x834: 0xa000, 0x835: 0xa000,
+	// Block 0x21, offset 0x840
+	0x860: 0x0023, 0x861: 0x0025, 0x862: 0x0027, 0x863: 0x0029,
+	0x864: 0x002b, 0x865: 0x002d, 0x866: 0x002f, 0x867: 0x0031, 0x868: 0x0033, 0x869: 0x19af,
+	0x86a: 0x19b2, 0x86b: 0x19b5, 0x86c: 0x19b8, 0x86d: 0x19bb, 0x86e: 0x19be, 0x86f: 0x19c1,
+	0x870: 0x19c4, 0x871: 0x19c7, 0x872: 0x19ca, 0x873: 0x19d3, 0x874: 0x1b98, 0x875: 0x1b9c,
+	0x876: 0x1ba0, 0x877: 0x1ba4, 0x878: 0x1ba8, 0x879: 0x1bac, 0x87a: 0x1bb0, 0x87b: 0x1bb4,
+	0x87c: 0x1bb8, 0x87d: 0x1db0, 0x87e: 0x1db5, 0x87f: 0x1dba,
+	// Block 0x22, offset 0x880
+	0x880: 0x1dbf, 0x881: 0x1dc4, 0x882: 0x1dc9, 0x883: 0x1dce, 0x884: 0x1dd3, 0x885: 0x1dd8,
+	0x886: 0x1ddd, 0x887: 0x1de2, 0x888: 0x19ac, 0x889: 0x19d0, 0x88a: 0x19f4, 0x88b: 0x1a18,
+	0x88c: 0x1a3c, 0x88d: 0x1a45, 0x88e: 0x1a4b, 0x88f: 0x1a51, 0x890: 0x1a57, 0x891: 0x1c90,
+	0x892: 0x1c94, 0x893: 0x1c98, 0x894: 0x1c9c, 0x895: 0x1ca0, 0x896: 0x1ca4, 0x897: 0x1ca8,
+	0x898: 0x1cac, 0x899: 0x1cb0, 0x89a: 0x1cb4, 0x89b: 0x1cb8, 0x89c: 0x1c24, 0x89d: 0x1c28,
+	0x89e: 0x1c2c, 0x89f: 0x1c30, 0x8a0: 0x1c34, 0x8a1: 0x1c38, 0x8a2: 0x1c3c, 0x8a3: 0x1c40,
+	0x8a4: 0x1c44, 0x8a5: 0x1c48, 0x8a6: 0x1c4c, 0x8a7: 0x1c50, 0x8a8: 0x1c54, 0x8a9: 0x1c58,
+	0x8aa: 0x1c5c, 0x8ab: 0x1c60, 0x8ac: 0x1c64, 0x8ad: 0x1c68, 0x8ae: 0x1c6c, 0x8af: 0x1c70,
+	0x8b0: 0x1c74, 0x8b1: 0x1c78, 0x8b2: 0x1c7c, 0x8b3: 0x1c80, 0x8b4: 0x1c84, 0x8b5: 0x1c88,
+	0x8b6: 0x0043, 0x8b7: 0x0045, 0x8b8: 0x0047, 0x8b9: 0x0049, 0x8ba: 0x004b, 0x8bb: 0x004d,
+	0x8bc: 0x004f, 0x8bd: 0x0051, 0x8be: 0x0053, 0x8bf: 0x0055,
+	// Block 0x23, offset 0x8c0
+	0x8c0: 0x07ba, 0x8c1: 0x07de, 0x8c2: 0x07ea, 0x8c3: 0x07fa, 0x8c4: 0x0802, 0x8c5: 0x080e,
+	0x8c6: 0x0816, 0x8c7: 0x081e, 0x8c8: 0x082a, 0x8c9: 0x087e, 0x8ca: 0x0896, 0x8cb: 0x08a6,
+	0x8cc: 0x08b6, 0x8cd: 0x08c6, 0x8ce: 0x08d6, 0x8cf: 0x08f6, 0x8d0: 0x08fa, 0x8d1: 0x08fe,
+	0x8d2: 0x0932, 0x8d3: 0x095a, 0x8d4: 0x096a, 0x8d5: 0x0972, 0x8d6: 0x0976, 0x8d7: 0x0982,
+	0x8d8: 0x099e, 0x8d9: 0x09a2, 0x8da: 0x09ba, 0x8db: 0x09be, 0x8dc: 0x09c6, 0x8dd: 0x09d6,
+	0x8de: 0x0a72, 0x8df: 0x0a86, 0x8e0: 0x0ac6, 0x8e1: 0x0ada, 0x8e2: 0x0ae2, 0x8e3: 0x0ae6,
+	0x8e4: 0x0af6, 0x8e5: 0x0b12, 0x8e6: 0x0b3e, 0x8e7: 0x0b4a, 0x8e8: 0x0b6a, 0x8e9: 0x0b76,
+	0x8ea: 0x0b7a, 0x8eb: 0x0b7e, 0x8ec: 0x0b96, 0x8ed: 0x0b9a, 0x8ee: 0x0bc6, 0x8ef: 0x0bd2,
+	0x8f0: 0x0bda, 0x8f1: 0x0be2, 0x8f2: 0x0bf2, 0x8f3: 0x0bfa, 0x8f4: 0x0c02, 0x8f5: 0x0c2e,
+	0x8f6: 0x0c32, 0x8f7: 0x0c3a, 0x8f8: 0x0c3e, 0x8f9: 0x0c46, 0x8fa: 0x0c4e, 0x8fb: 0x0c5e,
+	0x8fc: 0x0c7a, 0x8fd: 0x0cf2, 0x8fe: 0x0d06, 0x8ff: 0x0d0a,
+	// Block 0x24, offset 0x900
+	0x900: 0x0d8a, 0x901: 0x0d8e, 0x902: 0x0da2, 0x903: 0x0da6, 0x904: 0x0dae, 0x905: 0x0db6,
+	0x906: 0x0dbe, 0x907: 0x0dca, 0x908: 0x0df2, 0x909: 0x0e02, 0x90a: 0x0e16, 0x90b: 0x0e86,
+	0x90c: 0x0e92, 0x90d: 0x0ea2, 0x90e: 0x0eae, 0x90f: 0x0eba, 0x910: 0x0ec2, 0x911: 0x0ec6,
+	0x912: 0x0eca, 0x913: 0x0ece, 0x914: 0x0ed2, 0x915: 0x0f8a, 0x916: 0x0fd2, 0x917: 0x0fde,
+	0x918: 0x0fe2, 0x919: 0x0fe6, 0x91a: 0x0fea, 0x91b: 0x0ff2, 0x91c: 0x0ff6, 0x91d: 0x100a,
+	0x91e: 0x1026, 0x91f: 0x102e, 0x920: 0x106e, 0x921: 0x1072, 0x922: 0x107a, 0x923: 0x107e,
+	0x924: 0x1086, 0x925: 0x108a, 0x926: 0x10ae, 0x927: 0x10b2, 0x928: 0x10ce, 0x929: 0x10d2,
+	0x92a: 0x10d6, 0x92b: 0x10da, 0x92c: 0x10ee, 0x92d: 0x1112, 0x92e: 0x1116, 0x92f: 0x111a,
+	0x930: 0x113e, 0x931: 0x117e, 0x932: 0x1182, 0x933: 0x11a2, 0x934: 0x11b2, 0x935: 0x11ba,
+	0x936: 0x11da, 0x937: 0x11fe, 0x938: 0x1242, 0x939: 0x124a, 0x93a: 0x125e, 0x93b: 0x126a,
+	0x93c: 0x1272, 0x93d: 0x127a, 0x93e: 0x127e, 0x93f: 0x1282,
+	// Block 0x25, offset 0x940
+	0x940: 0x129a, 0x941: 0x129e, 0x942: 0x12ba, 0x943: 0x12c2, 0x944: 0x12ca, 0x945: 0x12ce,
+	0x946: 0x12da, 0x947: 0x12e2, 0x948: 0x12e6, 0x949: 0x12ea, 0x94a: 0x12f2, 0x94b: 0x12f6,
+	0x94c: 0x1396, 0x94d: 0x13aa, 0x94e: 0x13de, 0x94f: 0x13e2, 0x950: 0x13ea, 0x951: 0x1416,
+	0x952: 0x141e, 0x953: 0x1426, 0x954: 0x142e, 0x955: 0x146a, 0x956: 0x146e, 0x957: 0x1476,
+	0x958: 0x147a, 0x959: 0x147e, 0x95a: 0x14aa, 0x95b: 0x14ae, 0x95c: 0x14b6, 0x95d: 0x14ca,
+	0x95e: 0x14ce, 0x95f: 0x14ea, 0x960: 0x14f2, 0x961: 0x14f6, 0x962: 0x151a, 0x963: 0x153a,
+	0x964: 0x154e, 0x965: 0x1552, 0x966: 0x155a, 0x967: 0x1586, 0x968: 0x158a, 0x969: 0x159a,
+	0x96a: 0x15be, 0x96b: 0x15ca, 0x96c: 0x15da, 0x96d: 0x15f2, 0x96e: 0x15fa, 0x96f: 0x15fe,
+	0x970: 0x1602, 0x971: 0x1606, 0x972: 0x1612, 0x973: 0x1616, 0x974: 0x161e, 0x975: 0x163a,
+	0x976: 0x163e, 0x977: 0x1642, 0x978: 0x165a, 0x979: 0x165e, 0x97a: 0x1666, 0x97b: 0x167a,
+	0x97c: 0x167e, 0x97d: 0x1682, 0x97e: 0x168a, 0x97f: 0x168e,
+	// Block 0x26, offset 0x980
+	0x986: 0xa000, 0x98b: 0xa000,
+	0x98c: 0x4049, 0x98d: 0xa000, 0x98e: 0x4051, 0x98f: 0xa000, 0x990: 0x4059, 0x991: 0xa000,
+	0x992: 0x4061, 0x993: 0xa000, 0x994: 0x4069, 0x995: 0xa000, 0x996: 0x4071, 0x997: 0xa000,
+	0x998: 0x4079, 0x999: 0xa000, 0x99a: 0x4081, 0x99b: 0xa000, 0x99c: 0x4089, 0x99d: 0xa000,
+	0x99e: 0x4091, 0x99f: 0xa000, 0x9a0: 0x4099, 0x9a1: 0xa000, 0x9a2: 0x40a1,
+	0x9a4: 0xa000, 0x9a5: 0x40a9, 0x9a6: 0xa000, 0x9a7: 0x40b1, 0x9a8: 0xa000, 0x9a9: 0x40b9,
+	0x9af: 0xa000,
+	0x9b0: 0x40c1, 0x9b1: 0x40c9, 0x9b2: 0xa000, 0x9b3: 0x40d1, 0x9b4: 0x40d9, 0x9b5: 0xa000,
+	0x9b6: 0x40e1, 0x9b7: 0x40e9, 0x9b8: 0xa000, 0x9b9: 0x40f1, 0x9ba: 0x40f9, 0x9bb: 0xa000,
+	0x9bc: 0x4101, 0x9bd: 0x4109,
+	// Block 0x27, offset 0x9c0
+	0x9d4: 0x4041,
+	0x9d9: 0x9904, 0x9da: 0x9904, 0x9db: 0x441d, 0x9dc: 0x4423, 0x9dd: 0xa000,
+	0x9de: 0x4111, 0x9df: 0x27e4,
+	0x9e6: 0xa000,
+	0x9eb: 0xa000, 0x9ec: 0x4121, 0x9ed: 0xa000, 0x9ee: 0x4129, 0x9ef: 0xa000,
+	0x9f0: 0x4131, 0x9f1: 0xa000, 0x9f2: 0x4139, 0x9f3: 0xa000, 0x9f4: 0x4141, 0x9f5: 0xa000,
+	0x9f6: 0x4149, 0x9f7: 0xa000, 0x9f8: 0x4151, 0x9f9: 0xa000, 0x9fa: 0x4159, 0x9fb: 0xa000,
+	0x9fc: 0x4161, 0x9fd: 0xa000, 0x9fe: 0x4169, 0x9ff: 0xa000,
+	// Block 0x28, offset 0xa00
+	0xa00: 0x4171, 0xa01: 0xa000, 0xa02: 0x4179, 0xa04: 0xa000, 0xa05: 0x4181,
+	0xa06: 0xa000, 0xa07: 0x4189, 0xa08: 0xa000, 0xa09: 0x4191,
+	0xa0f: 0xa000, 0xa10: 0x4199, 0xa11: 0x41a1,
+	0xa12: 0xa000, 0xa13: 0x41a9, 0xa14: 0x41b1, 0xa15: 0xa000, 0xa16: 0x41b9, 0xa17: 0x41c1,
+	0xa18: 0xa000, 0xa19: 0x41c9, 0xa1a: 0x41d1, 0xa1b: 0xa000, 0xa1c: 0x41d9, 0xa1d: 0x41e1,
+	0xa2f: 0xa000,
+	0xa30: 0xa000, 0xa31: 0xa000, 0xa32: 0xa000, 0xa34: 0x4119,
+	0xa37: 0x41e9, 0xa38: 0x41f1, 0xa39: 0x41f9, 0xa3a: 0x4201,
+	0xa3d: 0xa000, 0xa3e: 0x4209, 0xa3f: 0x27f9,
+	// Block 0x29, offset 0xa40
+	0xa40: 0x045a, 0xa41: 0x041e, 0xa42: 0x0422, 0xa43: 0x0426, 0xa44: 0x046e, 0xa45: 0x042a,
+	0xa46: 0x042e, 0xa47: 0x0432, 0xa48: 0x0436, 0xa49: 0x043a, 0xa4a: 0x043e, 0xa4b: 0x0442,
+	0xa4c: 0x0446, 0xa4d: 0x044a, 0xa4e: 0x044e, 0xa4f: 0x4afe, 0xa50: 0x4b04, 0xa51: 0x4b0a,
+	0xa52: 0x4b10, 0xa53: 0x4b16, 0xa54: 0x4b1c, 0xa55: 0x4b22, 0xa56: 0x4b28, 0xa57: 0x4b2e,
+	0xa58: 0x4b34, 0xa59: 0x4b3a, 0xa5a: 0x4b40, 0xa5b: 0x4b46, 0xa5c: 0x4b4c, 0xa5d: 0x4b52,
+	0xa5e: 0x4b58, 0xa5f: 0x4b5e, 0xa60: 0x4b64, 0xa61: 0x4b6a, 0xa62: 0x4b70, 0xa63: 0x4b76,
+	0xa64: 0x04b6, 0xa65: 0x0452, 0xa66: 0x0456, 0xa67: 0x04da, 0xa68: 0x04de, 0xa69: 0x04e2,
+	0xa6a: 0x04e6, 0xa6b: 0x04ea, 0xa6c: 0x04ee, 0xa6d: 0x04f2, 0xa6e: 0x045e, 0xa6f: 0x04f6,
+	0xa70: 0x04fa, 0xa71: 0x0462, 0xa72: 0x0466, 0xa73: 0x046a, 0xa74: 0x0472, 0xa75: 0x0476,
+	0xa76: 0x047a, 0xa77: 0x047e, 0xa78: 0x0482, 0xa79: 0x0486, 0xa7a: 0x048a, 0xa7b: 0x048e,
+	0xa7c: 0x0492, 0xa7d: 0x0496, 0xa7e: 0x049a, 0xa7f: 0x049e,
+	// Block 0x2a, offset 0xa80
+	0xa80: 0x04a2, 0xa81: 0x04a6, 0xa82: 0x04fe, 0xa83: 0x0502, 0xa84: 0x04aa, 0xa85: 0x04ae,
+	0xa86: 0x04b2, 0xa87: 0x04ba, 0xa88: 0x04be, 0xa89: 0x04c2, 0xa8a: 0x04c6, 0xa8b: 0x04ca,
+	0xa8c: 0x04ce, 0xa8d: 0x04d2, 0xa8e: 0x04d6,
+	0xa92: 0x07ba, 0xa93: 0x0816, 0xa94: 0x07c6, 0xa95: 0x0a76, 0xa96: 0x07ca, 0xa97: 0x07e2,
+	0xa98: 0x07ce, 0xa99: 0x108e, 0xa9a: 0x0802, 0xa9b: 0x07d6, 0xa9c: 0x07be, 0xa9d: 0x0afa,
+	0xa9e: 0x0a8a, 0xa9f: 0x082a,
+	// Block 0x2b, offset 0xac0
+	0xac0: 0x2184, 0xac1: 0x218a, 0xac2: 0x2190, 0xac3: 0x2196, 0xac4: 0x219c, 0xac5: 0x21a2,
+	0xac6: 0x21a8, 0xac7: 0x21ae, 0xac8: 0x21b4, 0xac9: 0x21ba, 0xaca: 0x21c0, 0xacb: 0x21c6,
+	0xacc: 0x21cc, 0xacd: 0x21d2, 0xace: 0x285d, 0xacf: 0x2866, 0xad0: 0x286f, 0xad1: 0x2878,
+	0xad2: 0x2881, 0xad3: 0x288a, 0xad4: 0x2893, 0xad5: 0x289c, 0xad6: 0x28a5, 0xad7: 0x28b7,
+	0xad8: 0x28c0, 0xad9: 0x28c9, 0xada: 0x28d2, 0xadb: 0x28db, 0xadc: 0x28ae, 0xadd: 0x2ce3,
+	0xade: 0x2c24, 0xae0: 0x21d8, 0xae1: 0x21f0, 0xae2: 0x21e4, 0xae3: 0x2238,
+	0xae4: 0x21f6, 0xae5: 0x2214, 0xae6: 0x21de, 0xae7: 0x220e, 0xae8: 0x21ea, 0xae9: 0x2220,
+	0xaea: 0x2250, 0xaeb: 0x226e, 0xaec: 0x2268, 0xaed: 0x225c, 0xaee: 0x22aa, 0xaef: 0x223e,
+	0xaf0: 0x224a, 0xaf1: 0x2262, 0xaf2: 0x2256, 0xaf3: 0x2280, 0xaf4: 0x222c, 0xaf5: 0x2274,
+	0xaf6: 0x229e, 0xaf7: 0x2286, 0xaf8: 0x221a, 0xaf9: 0x21fc, 0xafa: 0x2232, 0xafb: 0x2244,
+	0xafc: 0x227a, 0xafd: 0x2202, 0xafe: 0x22a4, 0xaff: 0x2226,
+	// Block 0x2c, offset 0xb00
+	0xb00: 0x228c, 0xb01: 0x2208, 0xb02: 0x2292, 0xb03: 0x2298, 0xb04: 0x0a2a, 0xb05: 0x0bfe,
+	0xb06: 0x0da2, 0xb07: 0x11c2,
+	0xb10: 0x1cf4, 0xb11: 0x19d6,
+	0xb12: 0x19d9, 0xb13: 0x19dc, 0xb14: 0x19df, 0xb15: 0x19e2, 0xb16: 0x19e5, 0xb17: 0x19e8,
+	0xb18: 0x19eb, 0xb19: 0x19ee, 0xb1a: 0x19f7, 0xb1b: 0x19fa, 0xb1c: 0x19fd, 0xb1d: 0x1a00,
+	0xb1e: 0x1a03, 0xb1f: 0x1a06, 0xb20: 0x0406, 0xb21: 0x040e, 0xb22: 0x0412, 0xb23: 0x041a,
+	0xb24: 0x041e, 0xb25: 0x0422, 0xb26: 0x042a, 0xb27: 0x0432, 0xb28: 0x0436, 0xb29: 0x043e,
+	0xb2a: 0x0442, 0xb2b: 0x0446, 0xb2c: 0x044a, 0xb2d: 0x044e, 0xb2e: 0x2f59, 0xb2f: 0x2f61,
+	0xb30: 0x2f69, 0xb31: 0x2f71, 0xb32: 0x2f79, 0xb33: 0x2f81, 0xb34: 0x2f89, 0xb35: 0x2f91,
+	0xb36: 0x2fa1, 0xb37: 0x2fa9, 0xb38: 0x2fb1, 0xb39: 0x2fb9, 0xb3a: 0x2fc1, 0xb3b: 0x2fc9,
+	0xb3c: 0x3014, 0xb3d: 0x2fdc, 0xb3e: 0x2f99,
+	// Block 0x2d, offset 0xb40
+	0xb40: 0x07ba, 0xb41: 0x0816, 0xb42: 0x07c6, 0xb43: 0x0a76, 0xb44: 0x081a, 0xb45: 0x08aa,
+	0xb46: 0x07c2, 0xb47: 0x08a6, 0xb48: 0x0806, 0xb49: 0x0982, 0xb4a: 0x0e02, 0xb4b: 0x0f8a,
+	0xb4c: 0x0ed2, 0xb4d: 0x0e16, 0xb4e: 0x155a, 0xb4f: 0x0a86, 0xb50: 0x0dca, 0xb51: 0x0e46,
+	0xb52: 0x0e06, 0xb53: 0x1146, 0xb54: 0x09f6, 0xb55: 0x0ffe, 0xb56: 0x1482, 0xb57: 0x115a,
+	0xb58: 0x093e, 0xb59: 0x118a, 0xb5a: 0x1096, 0xb5b: 0x0b12, 0xb5c: 0x150a, 0xb5d: 0x087a,
+	0xb5e: 0x09a6, 0xb5f: 0x0ef2, 0xb60: 0x1622, 0xb61: 0x083e, 0xb62: 0x08ce, 0xb63: 0x0e96,
+	0xb64: 0x07ca, 0xb65: 0x07e2, 0xb66: 0x07ce, 0xb67: 0x0bd6, 0xb68: 0x09ea, 0xb69: 0x097a,
+	0xb6a: 0x0b52, 0xb6b: 0x0b46, 0xb6c: 0x10e6, 0xb6d: 0x083a, 0xb6e: 0x1496, 0xb6f: 0x0996,
+	0xb70: 0x0aee, 0xb71: 0x1a09, 0xb72: 0x1a0c, 0xb73: 0x1a0f, 0xb74: 0x1a12, 0xb75: 0x1a1b,
+	0xb76: 0x1a1e, 0xb77: 0x1a21, 0xb78: 0x1a24, 0xb79: 0x1a27, 0xb7a: 0x1a2a, 0xb7b: 0x1a2d,
+	0xb7c: 0x1a30, 0xb7d: 0x1a33, 0xb7e: 0x1a36, 0xb7f: 0x1a3f,
+	// Block 0x2e, offset 0xb80
+	0xb80: 0x1df6, 0xb81: 0x1e05, 0xb82: 0x1e14, 0xb83: 0x1e23, 0xb84: 0x1e32, 0xb85: 0x1e41,
+	0xb86: 0x1e50, 0xb87: 0x1e5f, 0xb88: 0x1e6e, 0xb89: 0x22bc, 0xb8a: 0x22ce, 0xb8b: 0x22e0,
+	0xb8c: 0x1a81, 0xb8d: 0x1d34, 0xb8e: 0x1b02, 0xb8f: 0x1cd8, 0xb90: 0x05c6, 0xb91: 0x05ce,
+	0xb92: 0x05d6, 0xb93: 0x05de, 0xb94: 0x05e6, 0xb95: 0x05ea, 0xb96: 0x05ee, 0xb97: 0x05f2,
+	0xb98: 0x05f6, 0xb99: 0x05fa, 0xb9a: 0x05fe, 0xb9b: 0x0602, 0xb9c: 0x0606, 0xb9d: 0x060a,
+	0xb9e: 0x060e, 0xb9f: 0x0612, 0xba0: 0x0616, 0xba1: 0x061e, 0xba2: 0x0622, 0xba3: 0x0626,
+	0xba4: 0x062a, 0xba5: 0x062e, 0xba6: 0x0632, 0xba7: 0x0636, 0xba8: 0x063a, 0xba9: 0x063e,
+	0xbaa: 0x0642, 0xbab: 0x0646, 0xbac: 0x064a, 0xbad: 0x064e, 0xbae: 0x0652, 0xbaf: 0x0656,
+	0xbb0: 0x065a, 0xbb1: 0x065e, 0xbb2: 0x0662, 0xbb3: 0x066a, 0xbb4: 0x0672, 0xbb5: 0x067a,
+	0xbb6: 0x067e, 0xbb7: 0x0682, 0xbb8: 0x0686, 0xbb9: 0x068a, 0xbba: 0x068e, 0xbbb: 0x0692,
+	0xbbc: 0x0696, 0xbbd: 0x069a, 0xbbe: 0x069e, 0xbbf: 0x282a,
+	// Block 0x2f, offset 0xbc0
+	0xbc0: 0x2c43, 0xbc1: 0x2adf, 0xbc2: 0x2c53, 0xbc3: 0x29b7, 0xbc4: 0x3025, 0xbc5: 0x29c1,
+	0xbc6: 0x29cb, 0xbc7: 0x3069, 0xbc8: 0x2aec, 0xbc9: 0x29d5, 0xbca: 0x29df, 0xbcb: 0x29e9,
+	0xbcc: 0x2b13, 0xbcd: 0x2b20, 0xbce: 0x2af9, 0xbcf: 0x2b06, 0xbd0: 0x2fea, 0xbd1: 0x2b2d,
+	0xbd2: 0x2b3a, 0xbd3: 0x2cf5, 0xbd4: 0x27eb, 0xbd5: 0x2d08, 0xbd6: 0x2d1b, 0xbd7: 0x2c63,
+	0xbd8: 0x2b47, 0xbd9: 0x2d2e, 0xbda: 0x2d41, 0xbdb: 0x2b54, 0xbdc: 0x29f3, 0xbdd: 0x29fd,
+	0xbde: 0x2ff8, 0xbdf: 0x2b61, 0xbe0: 0x2c73, 0xbe1: 0x3036, 0xbe2: 0x2a07, 0xbe3: 0x2a11,
+	0xbe4: 0x2b6e, 0xbe5: 0x2a1b, 0xbe6: 0x2a25, 0xbe7: 0x2800, 0xbe8: 0x2807, 0xbe9: 0x2a2f,
+	0xbea: 0x2a39, 0xbeb: 0x2d54, 0xbec: 0x2b7b, 0xbed: 0x2c83, 0xbee: 0x2d67, 0xbef: 0x2b88,
+	0xbf0: 0x2a4d, 0xbf1: 0x2a43, 0xbf2: 0x307d, 0xbf3: 0x2b95, 0xbf4: 0x2d7a, 0xbf5: 0x2a57,
+	0xbf6: 0x2c93, 0xbf7: 0x2a61, 0xbf8: 0x2baf, 0xbf9: 0x2a6b, 0xbfa: 0x2bbc, 0xbfb: 0x3047,
+	0xbfc: 0x2ba2, 0xbfd: 0x2ca3, 0xbfe: 0x2bc9, 0xbff: 0x280e,
+	// Block 0x30, offset 0xc00
+	0xc00: 0x3058, 0xc01: 0x2a75, 0xc02: 0x2a7f, 0xc03: 0x2bd6, 0xc04: 0x2a89, 0xc05: 0x2a93,
+	0xc06: 0x2a9d, 0xc07: 0x2cb3, 0xc08: 0x2be3, 0xc09: 0x2815, 0xc0a: 0x2d8d, 0xc0b: 0x2fd1,
+	0xc0c: 0x2cc3, 0xc0d: 0x2bf0, 0xc0e: 0x3006, 0xc0f: 0x2aa7, 0xc10: 0x2ab1, 0xc11: 0x2bfd,
+	0xc12: 0x281c, 0xc13: 0x2c0a, 0xc14: 0x2cd3, 0xc15: 0x2823, 0xc16: 0x2da0, 0xc17: 0x2abb,
+	0xc18: 0x1de7, 0xc19: 0x1dfb, 0xc1a: 0x1e0a, 0xc1b: 0x1e19, 0xc1c: 0x1e28, 0xc1d: 0x1e37,
+	0xc1e: 0x1e46, 0xc1f: 0x1e55, 0xc20: 0x1e64, 0xc21: 0x1e73, 0xc22: 0x22c2, 0xc23: 0x22d4,
+	0xc24: 0x22e6, 0xc25: 0x22f2, 0xc26: 0x22fe, 0xc27: 0x230a, 0xc28: 0x2316, 0xc29: 0x2322,
+	0xc2a: 0x232e, 0xc2b: 0x233a, 0xc2c: 0x2376, 0xc2d: 0x2382, 0xc2e: 0x238e, 0xc2f: 0x239a,
+	0xc30: 0x23a6, 0xc31: 0x1d44, 0xc32: 0x1af6, 0xc33: 0x1a63, 0xc34: 0x1d14, 0xc35: 0x1b77,
+	0xc36: 0x1b86, 0xc37: 0x1afc, 0xc38: 0x1d2c, 0xc39: 0x1d30, 0xc3a: 0x1a8d, 0xc3b: 0x2838,
+	0xc3c: 0x2846, 0xc3d: 0x2831, 0xc3e: 0x283f, 0xc3f: 0x2c17,
+	// Block 0x31, offset 0xc40
+	0xc40: 0x1b7a, 0xc41: 0x1b62, 0xc42: 0x1d90, 0xc43: 0x1b4a, 0xc44: 0x1b23, 0xc45: 0x1a96,
+	0xc46: 0x1aa5, 0xc47: 0x1a75, 0xc48: 0x1d20, 0xc49: 0x1e82, 0xc4a: 0x1b7d, 0xc4b: 0x1b65,
+	0xc4c: 0x1d94, 0xc4d: 0x1da0, 0xc4e: 0x1b56, 0xc4f: 0x1b2c, 0xc50: 0x1a84, 0xc51: 0x1d4c,
+	0xc52: 0x1ce0, 0xc53: 0x1ccc, 0xc54: 0x1cfc, 0xc55: 0x1da4, 0xc56: 0x1b59, 0xc57: 0x1af9,
+	0xc58: 0x1b2f, 0xc59: 0x1b0e, 0xc5a: 0x1b71, 0xc5b: 0x1da8, 0xc5c: 0x1b5c, 0xc5d: 0x1af0,
+	0xc5e: 0x1b32, 0xc5f: 0x1d6c, 0xc60: 0x1d24, 0xc61: 0x1b44, 0xc62: 0x1d54, 0xc63: 0x1d70,
+	0xc64: 0x1d28, 0xc65: 0x1b47, 0xc66: 0x1d58, 0xc67: 0x2418, 0xc68: 0x242c, 0xc69: 0x1ac6,
+	0xc6a: 0x1d50, 0xc6b: 0x1ce4, 0xc6c: 0x1cd0, 0xc6d: 0x1d78, 0xc6e: 0x284d, 0xc6f: 0x28e4,
+	0xc70: 0x1b89, 0xc71: 0x1b74, 0xc72: 0x1dac, 0xc73: 0x1b5f, 0xc74: 0x1b80, 0xc75: 0x1b68,
+	0xc76: 0x1d98, 0xc77: 0x1b4d, 0xc78: 0x1b26, 0xc79: 0x1ab1, 0xc7a: 0x1b83, 0xc7b: 0x1b6b,
+	0xc7c: 0x1d9c, 0xc7d: 0x1b50, 0xc7e: 0x1b29, 0xc7f: 0x1ab4,
+	// Block 0x32, offset 0xc80
+	0xc80: 0x1d5c, 0xc81: 0x1ce8, 0xc82: 0x1e7d, 0xc83: 0x1a66, 0xc84: 0x1aea, 0xc85: 0x1aed,
+	0xc86: 0x2425, 0xc87: 0x1cc4, 0xc88: 0x1af3, 0xc89: 0x1a78, 0xc8a: 0x1b11, 0xc8b: 0x1a7b,
+	0xc8c: 0x1b1a, 0xc8d: 0x1a99, 0xc8e: 0x1a9c, 0xc8f: 0x1b35, 0xc90: 0x1b3b, 0xc91: 0x1b3e,
+	0xc92: 0x1d60, 0xc93: 0x1b41, 0xc94: 0x1b53, 0xc95: 0x1d68, 0xc96: 0x1d74, 0xc97: 0x1ac0,
+	0xc98: 0x1e87, 0xc99: 0x1cec, 0xc9a: 0x1ac3, 0xc9b: 0x1b8c, 0xc9c: 0x1ad5, 0xc9d: 0x1ae4,
+	0xc9e: 0x2412, 0xc9f: 0x240c, 0xca0: 0x1df1, 0xca1: 0x1e00, 0xca2: 0x1e0f, 0xca3: 0x1e1e,
+	0xca4: 0x1e2d, 0xca5: 0x1e3c, 0xca6: 0x1e4b, 0xca7: 0x1e5a, 0xca8: 0x1e69, 0xca9: 0x22b6,
+	0xcaa: 0x22c8, 0xcab: 0x22da, 0xcac: 0x22ec, 0xcad: 0x22f8, 0xcae: 0x2304, 0xcaf: 0x2310,
+	0xcb0: 0x231c, 0xcb1: 0x2328, 0xcb2: 0x2334, 0xcb3: 0x2370, 0xcb4: 0x237c, 0xcb5: 0x2388,
+	0xcb6: 0x2394, 0xcb7: 0x23a0, 0xcb8: 0x23ac, 0xcb9: 0x23b2, 0xcba: 0x23b8, 0xcbb: 0x23be,
+	0xcbc: 0x23c4, 0xcbd: 0x23d6, 0xcbe: 0x23dc, 0xcbf: 0x1d40,
+	// Block 0x33, offset 0xcc0
+	0xcc0: 0x1472, 0xcc1: 0x0df6, 0xcc2: 0x14ce, 0xcc3: 0x149a, 0xcc4: 0x0f52, 0xcc5: 0x07e6,
+	0xcc6: 0x09da, 0xcc7: 0x1726, 0xcc8: 0x1726, 0xcc9: 0x0b06, 0xcca: 0x155a, 0xccb: 0x0a3e,
+	0xccc: 0x0b02, 0xccd: 0x0cea, 0xcce: 0x10ca, 0xccf: 0x125a, 0xcd0: 0x1392, 0xcd1: 0x13ce,
+	0xcd2: 0x1402, 0xcd3: 0x1516, 0xcd4: 0x0e6e, 0xcd5: 0x0efa, 0xcd6: 0x0fa6, 0xcd7: 0x103e,
+	0xcd8: 0x135a, 0xcd9: 0x1542, 0xcda: 0x166e, 0xcdb: 0x080a, 0xcdc: 0x09ae, 0xcdd: 0x0e82,
+	0xcde: 0x0fca, 0xcdf: 0x138e, 0xce0: 0x16be, 0xce1: 0x0bae, 0xce2: 0x0f72, 0xce3: 0x137e,
+	0xce4: 0x1412, 0xce5: 0x0d1e, 0xce6: 0x12b6, 0xce7: 0x13da, 0xce8: 0x0c1a, 0xce9: 0x0e0a,
+	0xcea: 0x0f12, 0xceb: 0x1016, 0xcec: 0x1522, 0xced: 0x084a, 0xcee: 0x08e2, 0xcef: 0x094e,
+	0xcf0: 0x0d86, 0xcf1: 0x0e7a, 0xcf2: 0x0fc6, 0xcf3: 0x10ea, 0xcf4: 0x1272, 0xcf5: 0x1386,
+	0xcf6: 0x139e, 0xcf7: 0x14c2, 0xcf8: 0x15ea, 0xcf9: 0x169e, 0xcfa: 0x16ba, 0xcfb: 0x1126,
+	0xcfc: 0x1166, 0xcfd: 0x121e, 0xcfe: 0x133e, 0xcff: 0x1576,
+	// Block 0x34, offset 0xd00
+	0xd00: 0x16c6, 0xd01: 0x1446, 0xd02: 0x0ac2, 0xd03: 0x0c36, 0xd04: 0x11d6, 0xd05: 0x1296,
+	0xd06: 0x0ffa, 0xd07: 0x112e, 0xd08: 0x1492, 0xd09: 0x15e2, 0xd0a: 0x0abe, 0xd0b: 0x0b8a,
+	0xd0c: 0x0e72, 0xd0d: 0x0f26, 0xd0e: 0x0f5a, 0xd0f: 0x120e, 0xd10: 0x1236, 0xd11: 0x15a2,
+	0xd12: 0x094a, 0xd13: 0x12a2, 0xd14: 0x08ee, 0xd15: 0x08ea, 0xd16: 0x1192, 0xd17: 0x1222,
+	0xd18: 0x1356, 0xd19: 0x15aa, 0xd1a: 0x1462, 0xd1b: 0x0d22, 0xd1c: 0x0e6e, 0xd1d: 0x1452,
+	0xd1e: 0x07f2, 0xd1f: 0x0b5e, 0xd20: 0x0c8e, 0xd21: 0x102a, 0xd22: 0x10aa, 0xd23: 0x096e,
+	0xd24: 0x1136, 0xd25: 0x085a, 0xd26: 0x0c72, 0xd27: 0x07d2, 0xd28: 0x0ee6, 0xd29: 0x0d9e,
+	0xd2a: 0x120a, 0xd2b: 0x09c2, 0xd2c: 0x0aae, 0xd2d: 0x10f6, 0xd2e: 0x135e, 0xd2f: 0x1436,
+	0xd30: 0x0eb2, 0xd31: 0x14f2, 0xd32: 0x0ede, 0xd33: 0x0d32, 0xd34: 0x1316, 0xd35: 0x0d52,
+	0xd36: 0x10a6, 0xd37: 0x0826, 0xd38: 0x08a2, 0xd39: 0x08e6, 0xd3a: 0x0e4e, 0xd3b: 0x11f6,
+	0xd3c: 0x12ee, 0xd3d: 0x1442, 0xd3e: 0x1556, 0xd3f: 0x0956,
+	// Block 0x35, offset 0xd40
+	0xd40: 0x0a0a, 0xd41: 0x0b12, 0xd42: 0x0c2a, 0xd43: 0x0dba, 0xd44: 0x0f76, 0xd45: 0x113a,
+	0xd46: 0x1592, 0xd47: 0x1676, 0xd48: 0x16ca, 0xd49: 0x16e2, 0xd4a: 0x0932, 0xd4b: 0x0dee,
+	0xd4c: 0x0e9e, 0xd4d: 0x14e6, 0xd4e: 0x0bf6, 0xd4f: 0x0cd2, 0xd50: 0x0cee, 0xd51: 0x0d7e,
+	0xd52: 0x0f66, 0xd53: 0x0fb2, 0xd54: 0x1062, 0xd55: 0x1186, 0xd56: 0x122a, 0xd57: 0x128e,
+	0xd58: 0x14d6, 0xd59: 0x1366, 0xd5a: 0x14fe, 0xd5b: 0x157a, 0xd5c: 0x090a, 0xd5d: 0x0936,
+	0xd5e: 0x0a1e, 0xd5f: 0x0fa2, 0xd60: 0x13ee, 0xd61: 0x1436, 0xd62: 0x0c16, 0xd63: 0x0c86,
+	0xd64: 0x0d4a, 0xd65: 0x0eaa, 0xd66: 0x11d2, 0xd67: 0x101e, 0xd68: 0x0836, 0xd69: 0x0a7a,
+	0xd6a: 0x0b5e, 0xd6b: 0x0bc2, 0xd6c: 0x0c92, 0xd6d: 0x103a, 0xd6e: 0x1056, 0xd6f: 0x1266,
+	0xd70: 0x1286, 0xd71: 0x155e, 0xd72: 0x15de, 0xd73: 0x15ee, 0xd74: 0x162a, 0xd75: 0x084e,
+	0xd76: 0x117a, 0xd77: 0x154a, 0xd78: 0x15c6, 0xd79: 0x0caa, 0xd7a: 0x0812, 0xd7b: 0x0872,
+	0xd7c: 0x0b62, 0xd7d: 0x0b82, 0xd7e: 0x0daa, 0xd7f: 0x0e6e,
+	// Block 0x36, offset 0xd80
+	0xd80: 0x0fbe, 0xd81: 0x10c6, 0xd82: 0x1372, 0xd83: 0x1512, 0xd84: 0x171e, 0xd85: 0x0dde,
+	0xd86: 0x159e, 0xd87: 0x092e, 0xd88: 0x0e2a, 0xd89: 0x0e36, 0xd8a: 0x0f0a, 0xd8b: 0x0f42,
+	0xd8c: 0x1046, 0xd8d: 0x10a2, 0xd8e: 0x1122, 0xd8f: 0x1206, 0xd90: 0x1636, 0xd91: 0x08aa,
+	0xd92: 0x0cfe, 0xd93: 0x15ae, 0xd94: 0x0862, 0xd95: 0x0ba6, 0xd96: 0x0f2a, 0xd97: 0x14da,
+	0xd98: 0x0c62, 0xd99: 0x0cb2, 0xd9a: 0x0e3e, 0xd9b: 0x102a, 0xd9c: 0x15b6, 0xd9d: 0x0912,
+	0xd9e: 0x09fa, 0xd9f: 0x0b92, 0xda0: 0x0dce, 0xda1: 0x0e1a, 0xda2: 0x0e5a, 0xda3: 0x0eee,
+	0xda4: 0x1042, 0xda5: 0x10b6, 0xda6: 0x1252, 0xda7: 0x13f2, 0xda8: 0x13fe, 0xda9: 0x1552,
+	0xdaa: 0x15d2, 0xdab: 0x097e, 0xdac: 0x0f46, 0xdad: 0x09fe, 0xdae: 0x0fc2, 0xdaf: 0x1066,
+	0xdb0: 0x1382, 0xdb1: 0x15ba, 0xdb2: 0x16a6, 0xdb3: 0x16ce, 0xdb4: 0x0e32, 0xdb5: 0x0f22,
+	0xdb6: 0x12be, 0xdb7: 0x11b2, 0xdb8: 0x11be, 0xdb9: 0x11e2, 0xdba: 0x1012, 0xdbb: 0x0f9a,
+	0xdbc: 0x145e, 0xdbd: 0x082e, 0xdbe: 0x1326, 0xdbf: 0x0916,
+	// Block 0x37, offset 0xdc0
+	0xdc0: 0x0906, 0xdc1: 0x0c06, 0xdc2: 0x0d26, 0xdc3: 0x11ee, 0xdc4: 0x0b4e, 0xdc5: 0x0efe,
+	0xdc6: 0x0dea, 0xdc7: 0x14e2, 0xdc8: 0x13e2, 0xdc9: 0x15a6, 0xdca: 0x141e, 0xdcb: 0x0c22,
+	0xdcc: 0x0882, 0xdcd: 0x0a56, 0xdd0: 0x0aaa,
+	0xdd2: 0x0dda, 0xdd5: 0x08f2, 0xdd6: 0x101a, 0xdd7: 0x10de,
+	0xdd8: 0x1142, 0xdd9: 0x115e, 0xdda: 0x1162, 0xddb: 0x1176, 0xddc: 0x15f6, 0xddd: 0x11e6,
+	0xdde: 0x126a, 0xde0: 0x138a, 0xde2: 0x144e,
+	0xde5: 0x1502, 0xde6: 0x152e,
+	0xdea: 0x164a, 0xdeb: 0x164e, 0xdec: 0x1652, 0xded: 0x16b6, 0xdee: 0x1526, 0xdef: 0x15c2,
+	0xdf0: 0x0852, 0xdf1: 0x0876, 0xdf2: 0x088a, 0xdf3: 0x0946, 0xdf4: 0x0952, 0xdf5: 0x0992,
+	0xdf6: 0x0a46, 0xdf7: 0x0a62, 0xdf8: 0x0a6a, 0xdf9: 0x0aa6, 0xdfa: 0x0ab2, 0xdfb: 0x0b8e,
+	0xdfc: 0x0b96, 0xdfd: 0x0c9e, 0xdfe: 0x0cc6, 0xdff: 0x0cce,
+	// Block 0x38, offset 0xe00
+	0xe00: 0x0ce6, 0xe01: 0x0d92, 0xe02: 0x0dc2, 0xe03: 0x0de2, 0xe04: 0x0e52, 0xe05: 0x0f16,
+	0xe06: 0x0f32, 0xe07: 0x0f62, 0xe08: 0x0fb6, 0xe09: 0x0fd6, 0xe0a: 0x104a, 0xe0b: 0x112a,
+	0xe0c: 0x1146, 0xe0d: 0x114e, 0xe0e: 0x114a, 0xe0f: 0x1152, 0xe10: 0x1156, 0xe11: 0x115a,
+	0xe12: 0x116e, 0xe13: 0x1172, 0xe14: 0x1196, 0xe15: 0x11aa, 0xe16: 0x11c6, 0xe17: 0x122a,
+	0xe18: 0x1232, 0xe19: 0x123a, 0xe1a: 0x124e, 0xe1b: 0x1276, 0xe1c: 0x12c6, 0xe1d: 0x12fa,
+	0xe1e: 0x12fa, 0xe1f: 0x1362, 0xe20: 0x140a, 0xe21: 0x1422, 0xe22: 0x1456, 0xe23: 0x145a,
+	0xe24: 0x149e, 0xe25: 0x14a2, 0xe26: 0x14fa, 0xe27: 0x1502, 0xe28: 0x15d6, 0xe29: 0x161a,
+	0xe2a: 0x1632, 0xe2b: 0x0c96, 0xe2c: 0x184b, 0xe2d: 0x12de,
+	0xe30: 0x07da, 0xe31: 0x08de, 0xe32: 0x089e, 0xe33: 0x0846, 0xe34: 0x0886, 0xe35: 0x08b2,
+	0xe36: 0x0942, 0xe37: 0x095e, 0xe38: 0x0a46, 0xe39: 0x0a32, 0xe3a: 0x0a42, 0xe3b: 0x0a5e,
+	0xe3c: 0x0aaa, 0xe3d: 0x0aba, 0xe3e: 0x0afe, 0xe3f: 0x0b0a,
+	// Block 0x39, offset 0xe40
+	0xe40: 0x0b26, 0xe41: 0x0b36, 0xe42: 0x0c1e, 0xe43: 0x0c26, 0xe44: 0x0c56, 0xe45: 0x0c76,
+	0xe46: 0x0ca6, 0xe47: 0x0cbe, 0xe48: 0x0cae, 0xe49: 0x0cce, 0xe4a: 0x0cc2, 0xe4b: 0x0ce6,
+	0xe4c: 0x0d02, 0xe4d: 0x0d5a, 0xe4e: 0x0d66, 0xe4f: 0x0d6e, 0xe50: 0x0d96, 0xe51: 0x0dda,
+	0xe52: 0x0e0a, 0xe53: 0x0e0e, 0xe54: 0x0e22, 0xe55: 0x0ea2, 0xe56: 0x0eb2, 0xe57: 0x0f0a,
+	0xe58: 0x0f56, 0xe59: 0x0f4e, 0xe5a: 0x0f62, 0xe5b: 0x0f7e, 0xe5c: 0x0fb6, 0xe5d: 0x110e,
+	0xe5e: 0x0fda, 0xe5f: 0x100e, 0xe60: 0x101a, 0xe61: 0x105a, 0xe62: 0x1076, 0xe63: 0x109a,
+	0xe64: 0x10be, 0xe65: 0x10c2, 0xe66: 0x10de, 0xe67: 0x10e2, 0xe68: 0x10f2, 0xe69: 0x1106,
+	0xe6a: 0x1102, 0xe6b: 0x1132, 0xe6c: 0x11ae, 0xe6d: 0x11c6, 0xe6e: 0x11de, 0xe6f: 0x1216,
+	0xe70: 0x122a, 0xe71: 0x1246, 0xe72: 0x1276, 0xe73: 0x132a, 0xe74: 0x1352, 0xe75: 0x13c6,
+	0xe76: 0x140e, 0xe77: 0x141a, 0xe78: 0x1422, 0xe79: 0x143a, 0xe7a: 0x144e, 0xe7b: 0x143e,
+	0xe7c: 0x1456, 0xe7d: 0x1452, 0xe7e: 0x144a, 0xe7f: 0x145a,
+	// Block 0x3a, offset 0xe80
+	0xe80: 0x1466, 0xe81: 0x14a2, 0xe82: 0x14de, 0xe83: 0x150e, 0xe84: 0x1546, 0xe85: 0x1566,
+	0xe86: 0x15b2, 0xe87: 0x15d6, 0xe88: 0x15f6, 0xe89: 0x160a, 0xe8a: 0x161a, 0xe8b: 0x1626,
+	0xe8c: 0x1632, 0xe8d: 0x1686, 0xe8e: 0x1726, 0xe8f: 0x17e2, 0xe90: 0x17dd, 0xe91: 0x180f,
+	0xe92: 0x0702, 0xe93: 0x072a, 0xe94: 0x072e, 0xe95: 0x1891, 0xe96: 0x18be, 0xe97: 0x1936,
+	0xe98: 0x1712, 0xe99: 0x1722,
+	// Block 0x3b, offset 0xec0
+	0xec0: 0x1b05, 0xec1: 0x1b08, 0xec2: 0x1b0b, 0xec3: 0x1d38, 0xec4: 0x1d3c, 0xec5: 0x1b8f,
+	0xec6: 0x1b8f,
+	0xed3: 0x1ea5, 0xed4: 0x1e96, 0xed5: 0x1e9b, 0xed6: 0x1eaa, 0xed7: 0x1ea0,
+	0xedd: 0x44d1,
+	0xede: 0x8116, 0xedf: 0x4543, 0xee0: 0x0320, 0xee1: 0x0308, 0xee2: 0x0311, 0xee3: 0x0314,
+	0xee4: 0x0317, 0xee5: 0x031a, 0xee6: 0x031d, 0xee7: 0x0323, 0xee8: 0x0326, 0xee9: 0x0017,
+	0xeea: 0x4531, 0xeeb: 0x4537, 0xeec: 0x4635, 0xeed: 0x463d, 0xeee: 0x4489, 0xeef: 0x448f,
+	0xef0: 0x4495, 0xef1: 0x449b, 0xef2: 0x44a7, 0xef3: 0x44ad, 0xef4: 0x44b3, 0xef5: 0x44bf,
+	0xef6: 0x44c5, 0xef8: 0x44cb, 0xef9: 0x44d7, 0xefa: 0x44dd, 0xefb: 0x44e3,
+	0xefc: 0x44ef, 0xefe: 0x44f5,
+	// Block 0x3c, offset 0xf00
+	0xf00: 0x44fb, 0xf01: 0x4501, 0xf03: 0x4507, 0xf04: 0x450d,
+	0xf06: 0x4519, 0xf07: 0x451f, 0xf08: 0x4525, 0xf09: 0x452b, 0xf0a: 0x453d, 0xf0b: 0x44b9,
+	0xf0c: 0x44a1, 0xf0d: 0x44e9, 0xf0e: 0x4513, 0xf0f: 0x1eaf, 0xf10: 0x038c, 0xf11: 0x038c,
+	0xf12: 0x0395, 0xf13: 0x0395, 0xf14: 0x0395, 0xf15: 0x0395, 0xf16: 0x0398, 0xf17: 0x0398,
+	0xf18: 0x0398, 0xf19: 0x0398, 0xf1a: 0x039e, 0xf1b: 0x039e, 0xf1c: 0x039e, 0xf1d: 0x039e,
+	0xf1e: 0x0392, 0xf1f: 0x0392, 0xf20: 0x0392, 0xf21: 0x0392, 0xf22: 0x039b, 0xf23: 0x039b,
+	0xf24: 0x039b, 0xf25: 0x039b, 0xf26: 0x038f, 0xf27: 0x038f, 0xf28: 0x038f, 0xf29: 0x038f,
+	0xf2a: 0x03c2, 0xf2b: 0x03c2, 0xf2c: 0x03c2, 0xf2d: 0x03c2, 0xf2e: 0x03c5, 0xf2f: 0x03c5,
+	0xf30: 0x03c5, 0xf31: 0x03c5, 0xf32: 0x03a4, 0xf33: 0x03a4, 0xf34: 0x03a4, 0xf35: 0x03a4,
+	0xf36: 0x03a1, 0xf37: 0x03a1, 0xf38: 0x03a1, 0xf39: 0x03a1, 0xf3a: 0x03a7, 0xf3b: 0x03a7,
+	0xf3c: 0x03a7, 0xf3d: 0x03a7, 0xf3e: 0x03aa, 0xf3f: 0x03aa,
+	// Block 0x3d, offset 0xf40
+	0xf40: 0x03aa, 0xf41: 0x03aa, 0xf42: 0x03b3, 0xf43: 0x03b3, 0xf44: 0x03b0, 0xf45: 0x03b0,
+	0xf46: 0x03b6, 0xf47: 0x03b6, 0xf48: 0x03ad, 0xf49: 0x03ad, 0xf4a: 0x03bc, 0xf4b: 0x03bc,
+	0xf4c: 0x03b9, 0xf4d: 0x03b9, 0xf4e: 0x03c8, 0xf4f: 0x03c8, 0xf50: 0x03c8, 0xf51: 0x03c8,
+	0xf52: 0x03ce, 0xf53: 0x03ce, 0xf54: 0x03ce, 0xf55: 0x03ce, 0xf56: 0x03d4, 0xf57: 0x03d4,
+	0xf58: 0x03d4, 0xf59: 0x03d4, 0xf5a: 0x03d1, 0xf5b: 0x03d1, 0xf5c: 0x03d1, 0xf5d: 0x03d1,
+	0xf5e: 0x03d7, 0xf5f: 0x03d7, 0xf60: 0x03da, 0xf61: 0x03da, 0xf62: 0x03da, 0xf63: 0x03da,
+	0xf64: 0x45af, 0xf65: 0x45af, 0xf66: 0x03e0, 0xf67: 0x03e0, 0xf68: 0x03e0, 0xf69: 0x03e0,
+	0xf6a: 0x03dd, 0xf6b: 0x03dd, 0xf6c: 0x03dd, 0xf6d: 0x03dd, 0xf6e: 0x03fb, 0xf6f: 0x03fb,
+	0xf70: 0x45a9, 0xf71: 0x45a9,
+	// Block 0x3e, offset 0xf80
+	0xf93: 0x03cb, 0xf94: 0x03cb, 0xf95: 0x03cb, 0xf96: 0x03cb, 0xf97: 0x03e9,
+	0xf98: 0x03e9, 0xf99: 0x03e6, 0xf9a: 0x03e6, 0xf9b: 0x03ec, 0xf9c: 0x03ec, 0xf9d: 0x217f,
+	0xf9e: 0x03f2, 0xf9f: 0x03f2, 0xfa0: 0x03e3, 0xfa1: 0x03e3, 0xfa2: 0x03ef, 0xfa3: 0x03ef,
+	0xfa4: 0x03f8, 0xfa5: 0x03f8, 0xfa6: 0x03f8, 0xfa7: 0x03f8, 0xfa8: 0x0380, 0xfa9: 0x0380,
+	0xfaa: 0x26da, 0xfab: 0x26da, 0xfac: 0x274a, 0xfad: 0x274a, 0xfae: 0x2719, 0xfaf: 0x2719,
+	0xfb0: 0x2735, 0xfb1: 0x2735, 0xfb2: 0x272e, 0xfb3: 0x272e, 0xfb4: 0x273c, 0xfb5: 0x273c,
+	0xfb6: 0x2743, 0xfb7: 0x2743, 0xfb8: 0x2743, 0xfb9: 0x2720, 0xfba: 0x2720, 0xfbb: 0x2720,
+	0xfbc: 0x03f5, 0xfbd: 0x03f5, 0xfbe: 0x03f5, 0xfbf: 0x03f5,
+	// Block 0x3f, offset 0xfc0
+	0xfc0: 0x26e1, 0xfc1: 0x26e8, 0xfc2: 0x2704, 0xfc3: 0x2720, 0xfc4: 0x2727, 0xfc5: 0x1eb9,
+	0xfc6: 0x1ebe, 0xfc7: 0x1ec3, 0xfc8: 0x1ed2, 0xfc9: 0x1ee1, 0xfca: 0x1ee6, 0xfcb: 0x1eeb,
+	0xfcc: 0x1ef0, 0xfcd: 0x1ef5, 0xfce: 0x1f04, 0xfcf: 0x1f13, 0xfd0: 0x1f18, 0xfd1: 0x1f1d,
+	0xfd2: 0x1f2c, 0xfd3: 0x1f3b, 0xfd4: 0x1f40, 0xfd5: 0x1f45, 0xfd6: 0x1f4a, 0xfd7: 0x1f59,
+	0xfd8: 0x1f5e, 0xfd9: 0x1f6d, 0xfda: 0x1f72, 0xfdb: 0x1f77, 0xfdc: 0x1f86, 0xfdd: 0x1f8b,
+	0xfde: 0x1f90, 0xfdf: 0x1f9a, 0xfe0: 0x1fd6, 0xfe1: 0x1fe5, 0xfe2: 0x1ff4, 0xfe3: 0x1ff9,
+	0xfe4: 0x1ffe, 0xfe5: 0x2008, 0xfe6: 0x2017, 0xfe7: 0x201c, 0xfe8: 0x202b, 0xfe9: 0x2030,
+	0xfea: 0x2035, 0xfeb: 0x2044, 0xfec: 0x2049, 0xfed: 0x2058, 0xfee: 0x205d, 0xfef: 0x2062,
+	0xff0: 0x2067, 0xff1: 0x206c, 0xff2: 0x2071, 0xff3: 0x2076, 0xff4: 0x207b, 0xff5: 0x2080,
+	0xff6: 0x2085, 0xff7: 0x208a, 0xff8: 0x208f, 0xff9: 0x2094, 0xffa: 0x2099, 0xffb: 0x209e,
+	0xffc: 0x20a3, 0xffd: 0x20a8, 0xffe: 0x20ad, 0xfff: 0x20b7,
+	// Block 0x40, offset 0x1000
+	0x1000: 0x20bc, 0x1001: 0x20c1, 0x1002: 0x20c6, 0x1003: 0x20d0, 0x1004: 0x20d5, 0x1005: 0x20df,
+	0x1006: 0x20e4, 0x1007: 0x20e9, 0x1008: 0x20ee, 0x1009: 0x20f3, 0x100a: 0x20f8, 0x100b: 0x20fd,
+	0x100c: 0x2102, 0x100d: 0x2107, 0x100e: 0x2116, 0x100f: 0x2125, 0x1010: 0x212a, 0x1011: 0x212f,
+	0x1012: 0x2134, 0x1013: 0x2139, 0x1014: 0x213e, 0x1015: 0x2148, 0x1016: 0x214d, 0x1017: 0x2152,
+	0x1018: 0x2161, 0x1019: 0x2170, 0x101a: 0x2175, 0x101b: 0x4561, 0x101c: 0x4567, 0x101d: 0x459d,
+	0x101e: 0x45f4, 0x101f: 0x45fb, 0x1020: 0x4602, 0x1021: 0x4609, 0x1022: 0x4610, 0x1023: 0x4617,
+	0x1024: 0x26f6, 0x1025: 0x26fd, 0x1026: 0x2704, 0x1027: 0x270b, 0x1028: 0x2720, 0x1029: 0x2727,
+	0x102a: 0x1ec8, 0x102b: 0x1ecd, 0x102c: 0x1ed2, 0x102d: 0x1ed7, 0x102e: 0x1ee1, 0x102f: 0x1ee6,
+	0x1030: 0x1efa, 0x1031: 0x1eff, 0x1032: 0x1f04, 0x1033: 0x1f09, 0x1034: 0x1f13, 0x1035: 0x1f18,
+	0x1036: 0x1f22, 0x1037: 0x1f27, 0x1038: 0x1f2c, 0x1039: 0x1f31, 0x103a: 0x1f3b, 0x103b: 0x1f40,
+	0x103c: 0x206c, 0x103d: 0x2071, 0x103e: 0x2080, 0x103f: 0x2085,
+	// Block 0x41, offset 0x1040
+	0x1040: 0x208a, 0x1041: 0x209e, 0x1042: 0x20a3, 0x1043: 0x20a8, 0x1044: 0x20ad, 0x1045: 0x20c6,
+	0x1046: 0x20d0, 0x1047: 0x20d5, 0x1048: 0x20da, 0x1049: 0x20ee, 0x104a: 0x210c, 0x104b: 0x2111,
+	0x104c: 0x2116, 0x104d: 0x211b, 0x104e: 0x2125, 0x104f: 0x212a, 0x1050: 0x459d, 0x1051: 0x2157,
+	0x1052: 0x215c, 0x1053: 0x2161, 0x1054: 0x2166, 0x1055: 0x2170, 0x1056: 0x2175, 0x1057: 0x26e1,
+	0x1058: 0x26e8, 0x1059: 0x26ef, 0x105a: 0x2704, 0x105b: 0x2712, 0x105c: 0x1eb9, 0x105d: 0x1ebe,
+	0x105e: 0x1ec3, 0x105f: 0x1ed2, 0x1060: 0x1edc, 0x1061: 0x1eeb, 0x1062: 0x1ef0, 0x1063: 0x1ef5,
+	0x1064: 0x1f04, 0x1065: 0x1f0e, 0x1066: 0x1f2c, 0x1067: 0x1f45, 0x1068: 0x1f4a, 0x1069: 0x1f59,
+	0x106a: 0x1f5e, 0x106b: 0x1f6d, 0x106c: 0x1f77, 0x106d: 0x1f86, 0x106e: 0x1f8b, 0x106f: 0x1f90,
+	0x1070: 0x1f9a, 0x1071: 0x1fd6, 0x1072: 0x1fdb, 0x1073: 0x1fe5, 0x1074: 0x1ff4, 0x1075: 0x1ff9,
+	0x1076: 0x1ffe, 0x1077: 0x2008, 0x1078: 0x2017, 0x1079: 0x202b, 0x107a: 0x2030, 0x107b: 0x2035,
+	0x107c: 0x2044, 0x107d: 0x2049, 0x107e: 0x2058, 0x107f: 0x205d,
+	// Block 0x42, offset 0x1080
+	0x1080: 0x2062, 0x1081: 0x2067, 0x1082: 0x2076, 0x1083: 0x207b, 0x1084: 0x208f, 0x1085: 0x2094,
+	0x1086: 0x2099, 0x1087: 0x209e, 0x1088: 0x20a3, 0x1089: 0x20b7, 0x108a: 0x20bc, 0x108b: 0x20c1,
+	0x108c: 0x20c6, 0x108d: 0x20cb, 0x108e: 0x20df, 0x108f: 0x20e4, 0x1090: 0x20e9, 0x1091: 0x20ee,
+	0x1092: 0x20fd, 0x1093: 0x2102, 0x1094: 0x2107, 0x1095: 0x2116, 0x1096: 0x2120, 0x1097: 0x212f,
+	0x1098: 0x2134, 0x1099: 0x4591, 0x109a: 0x2148, 0x109b: 0x214d, 0x109c: 0x2152, 0x109d: 0x2161,
+	0x109e: 0x216b, 0x109f: 0x2704, 0x10a0: 0x2712, 0x10a1: 0x1ed2, 0x10a2: 0x1edc, 0x10a3: 0x1f04,
+	0x10a4: 0x1f0e, 0x10a5: 0x1f2c, 0x10a6: 0x1f36, 0x10a7: 0x1f9a, 0x10a8: 0x1f9f, 0x10a9: 0x1fc2,
+	0x10aa: 0x1fc7, 0x10ab: 0x209e, 0x10ac: 0x20a3, 0x10ad: 0x20c6, 0x10ae: 0x2116, 0x10af: 0x2120,
+	0x10b0: 0x2161, 0x10b1: 0x216b, 0x10b2: 0x4645, 0x10b3: 0x464d, 0x10b4: 0x4655, 0x10b5: 0x2021,
+	0x10b6: 0x2026, 0x10b7: 0x203a, 0x10b8: 0x203f, 0x10b9: 0x204e, 0x10ba: 0x2053, 0x10bb: 0x1fa4,
+	0x10bc: 0x1fa9, 0x10bd: 0x1fcc, 0x10be: 0x1fd1, 0x10bf: 0x1f63,
+	// Block 0x43, offset 0x10c0
+	0x10c0: 0x1f68, 0x10c1: 0x1f4f, 0x10c2: 0x1f54, 0x10c3: 0x1f7c, 0x10c4: 0x1f81, 0x10c5: 0x1fea,
+	0x10c6: 0x1fef, 0x10c7: 0x200d, 0x10c8: 0x2012, 0x10c9: 0x1fae, 0x10ca: 0x1fb3, 0x10cb: 0x1fb8,
+	0x10cc: 0x1fc2, 0x10cd: 0x1fbd, 0x10ce: 0x1f95, 0x10cf: 0x1fe0, 0x10d0: 0x2003, 0x10d1: 0x2021,
+	0x10d2: 0x2026, 0x10d3: 0x203a, 0x10d4: 0x203f, 0x10d5: 0x204e, 0x10d6: 0x2053, 0x10d7: 0x1fa4,
+	0x10d8: 0x1fa9, 0x10d9: 0x1fcc, 0x10da: 0x1fd1, 0x10db: 0x1f63, 0x10dc: 0x1f68, 0x10dd: 0x1f4f,
+	0x10de: 0x1f54, 0x10df: 0x1f7c, 0x10e0: 0x1f81, 0x10e1: 0x1fea, 0x10e2: 0x1fef, 0x10e3: 0x200d,
+	0x10e4: 0x2012, 0x10e5: 0x1fae, 0x10e6: 0x1fb3, 0x10e7: 0x1fb8, 0x10e8: 0x1fc2, 0x10e9: 0x1fbd,
+	0x10ea: 0x1f95, 0x10eb: 0x1fe0, 0x10ec: 0x2003, 0x10ed: 0x1fae, 0x10ee: 0x1fb3, 0x10ef: 0x1fb8,
+	0x10f0: 0x1fc2, 0x10f1: 0x1f9f, 0x10f2: 0x1fc7, 0x10f3: 0x201c, 0x10f4: 0x1f86, 0x10f5: 0x1f8b,
+	0x10f6: 0x1f90, 0x10f7: 0x1fae, 0x10f8: 0x1fb3, 0x10f9: 0x1fb8, 0x10fa: 0x201c, 0x10fb: 0x202b,
+	0x10fc: 0x4549, 0x10fd: 0x4549,
+	// Block 0x44, offset 0x1100
+	0x1110: 0x2441, 0x1111: 0x2456,
+	0x1112: 0x2456, 0x1113: 0x245d, 0x1114: 0x2464, 0x1115: 0x2479, 0x1116: 0x2480, 0x1117: 0x2487,
+	0x1118: 0x24aa, 0x1119: 0x24aa, 0x111a: 0x24cd, 0x111b: 0x24c6, 0x111c: 0x24e2, 0x111d: 0x24d4,
+	0x111e: 0x24db, 0x111f: 0x24fe, 0x1120: 0x24fe, 0x1121: 0x24f7, 0x1122: 0x2505, 0x1123: 0x2505,
+	0x1124: 0x252f, 0x1125: 0x252f, 0x1126: 0x254b, 0x1127: 0x2513, 0x1128: 0x2513, 0x1129: 0x250c,
+	0x112a: 0x2521, 0x112b: 0x2521, 0x112c: 0x2528, 0x112d: 0x2528, 0x112e: 0x2552, 0x112f: 0x2560,
+	0x1130: 0x2560, 0x1131: 0x2567, 0x1132: 0x2567, 0x1133: 0x256e, 0x1134: 0x2575, 0x1135: 0x257c,
+	0x1136: 0x2583, 0x1137: 0x2583, 0x1138: 0x258a, 0x1139: 0x2598, 0x113a: 0x25a6, 0x113b: 0x259f,
+	0x113c: 0x25ad, 0x113d: 0x25ad, 0x113e: 0x25c2, 0x113f: 0x25c9,
+	// Block 0x45, offset 0x1140
+	0x1140: 0x25fa, 0x1141: 0x2608, 0x1142: 0x2601, 0x1143: 0x25e5, 0x1144: 0x25e5, 0x1145: 0x260f,
+	0x1146: 0x260f, 0x1147: 0x2616, 0x1148: 0x2616, 0x1149: 0x2640, 0x114a: 0x2647, 0x114b: 0x264e,
+	0x114c: 0x2624, 0x114d: 0x2632, 0x114e: 0x2655, 0x114f: 0x265c,
+	0x1152: 0x262b, 0x1153: 0x26b0, 0x1154: 0x26b7, 0x1155: 0x268d, 0x1156: 0x2694, 0x1157: 0x2678,
+	0x1158: 0x2678, 0x1159: 0x267f, 0x115a: 0x26a9, 0x115b: 0x26a2, 0x115c: 0x26cc, 0x115d: 0x26cc,
+	0x115e: 0x243a, 0x115f: 0x244f, 0x1160: 0x2448, 0x1161: 0x2472, 0x1162: 0x246b, 0x1163: 0x2495,
+	0x1164: 0x248e, 0x1165: 0x24b8, 0x1166: 0x249c, 0x1167: 0x24b1, 0x1168: 0x24e9, 0x1169: 0x2536,
+	0x116a: 0x251a, 0x116b: 0x2559, 0x116c: 0x25f3, 0x116d: 0x261d, 0x116e: 0x26c5, 0x116f: 0x26be,
+	0x1170: 0x26d3, 0x1171: 0x266a, 0x1172: 0x25d0, 0x1173: 0x269b, 0x1174: 0x25c2, 0x1175: 0x25fa,
+	0x1176: 0x2591, 0x1177: 0x25de, 0x1178: 0x2671, 0x1179: 0x2663, 0x117a: 0x25ec, 0x117b: 0x25d7,
+	0x117c: 0x25ec, 0x117d: 0x2671, 0x117e: 0x24a3, 0x117f: 0x24bf,
+	// Block 0x46, offset 0x1180
+	0x1180: 0x2639, 0x1181: 0x25b4, 0x1182: 0x2433, 0x1183: 0x25d7, 0x1184: 0x257c, 0x1185: 0x254b,
+	0x1186: 0x24f0, 0x1187: 0x2686,
+	0x11b0: 0x2544, 0x11b1: 0x25bb, 0x11b2: 0x28f6, 0x11b3: 0x28ed, 0x11b4: 0x2923, 0x11b5: 0x2911,
+	0x11b6: 0x28ff, 0x11b7: 0x291a, 0x11b8: 0x292c, 0x11b9: 0x253d, 0x11ba: 0x2db3, 0x11bb: 0x2c33,
+	0x11bc: 0x2908,
+	// Block 0x47, offset 0x11c0
+	0x11d0: 0x0019, 0x11d1: 0x057e,
+	0x11d2: 0x0582, 0x11d3: 0x0035, 0x11d4: 0x0037, 0x11d5: 0x0003, 0x11d6: 0x003f, 0x11d7: 0x05ba,
+	0x11d8: 0x05be, 0x11d9: 0x1c8c,
+	0x11e0: 0x8133, 0x11e1: 0x8133, 0x11e2: 0x8133, 0x11e3: 0x8133,
+	0x11e4: 0x8133, 0x11e5: 0x8133, 0x11e6: 0x8133, 0x11e7: 0x812e, 0x11e8: 0x812e, 0x11e9: 0x812e,
+	0x11ea: 0x812e, 0x11eb: 0x812e, 0x11ec: 0x812e, 0x11ed: 0x812e, 0x11ee: 0x8133, 0x11ef: 0x8133,
+	0x11f0: 0x19a0, 0x11f1: 0x053a, 0x11f2: 0x0536, 0x11f3: 0x007f, 0x11f4: 0x007f, 0x11f5: 0x0011,
+	0x11f6: 0x0013, 0x11f7: 0x00b7, 0x11f8: 0x00bb, 0x11f9: 0x05b2, 0x11fa: 0x05b6, 0x11fb: 0x05a6,
+	0x11fc: 0x05aa, 0x11fd: 0x058e, 0x11fe: 0x0592, 0x11ff: 0x0586,
+	// Block 0x48, offset 0x1200
+	0x1200: 0x058a, 0x1201: 0x0596, 0x1202: 0x059a, 0x1203: 0x059e, 0x1204: 0x05a2,
+	0x1207: 0x0077, 0x1208: 0x007b, 0x1209: 0x43aa, 0x120a: 0x43aa, 0x120b: 0x43aa,
+	0x120c: 0x43aa, 0x120d: 0x007f, 0x120e: 0x007f, 0x120f: 0x007f, 0x1210: 0x0019, 0x1211: 0x057e,
+	0x1212: 0x001d, 0x1214: 0x0037, 0x1215: 0x0035, 0x1216: 0x003f, 0x1217: 0x0003,
+	0x1218: 0x053a, 0x1219: 0x0011, 0x121a: 0x0013, 0x121b: 0x00b7, 0x121c: 0x00bb, 0x121d: 0x05b2,
+	0x121e: 0x05b6, 0x121f: 0x0007, 0x1220: 0x000d, 0x1221: 0x0015, 0x1222: 0x0017, 0x1223: 0x001b,
+	0x1224: 0x0039, 0x1225: 0x003d, 0x1226: 0x003b, 0x1228: 0x0079, 0x1229: 0x0009,
+	0x122a: 0x000b, 0x122b: 0x0041,
+	0x1230: 0x43eb, 0x1231: 0x456d, 0x1232: 0x43f0, 0x1234: 0x43f5,
+	0x1236: 0x43fa, 0x1237: 0x4573, 0x1238: 0x43ff, 0x1239: 0x4579, 0x123a: 0x4404, 0x123b: 0x457f,
+	0x123c: 0x4409, 0x123d: 0x4585, 0x123e: 0x440e, 0x123f: 0x458b,
+	// Block 0x49, offset 0x1240
+	0x1240: 0x0329, 0x1241: 0x454f, 0x1242: 0x454f, 0x1243: 0x4555, 0x1244: 0x4555, 0x1245: 0x4597,
+	0x1246: 0x4597, 0x1247: 0x455b, 0x1248: 0x455b, 0x1249: 0x45a3, 0x124a: 0x45a3, 0x124b: 0x45a3,
+	0x124c: 0x45a3, 0x124d: 0x032c, 0x124e: 0x032c, 0x124f: 0x032f, 0x1250: 0x032f, 0x1251: 0x032f,
+	0x1252: 0x032f, 0x1253: 0x0332, 0x1254: 0x0332, 0x1255: 0x0335, 0x1256: 0x0335, 0x1257: 0x0335,
+	0x1258: 0x0335, 0x1259: 0x0338, 0x125a: 0x0338, 0x125b: 0x0338, 0x125c: 0x0338, 0x125d: 0x033b,
+	0x125e: 0x033b, 0x125f: 0x033b, 0x1260: 0x033b, 0x1261: 0x033e, 0x1262: 0x033e, 0x1263: 0x033e,
+	0x1264: 0x033e, 0x1265: 0x0341, 0x1266: 0x0341, 0x1267: 0x0341, 0x1268: 0x0341, 0x1269: 0x0344,
+	0x126a: 0x0344, 0x126b: 0x0347, 0x126c: 0x0347, 0x126d: 0x034a, 0x126e: 0x034a, 0x126f: 0x034d,
+	0x1270: 0x034d, 0x1271: 0x0350, 0x1272: 0x0350, 0x1273: 0x0350, 0x1274: 0x0350, 0x1275: 0x0353,
+	0x1276: 0x0353, 0x1277: 0x0353, 0x1278: 0x0353, 0x1279: 0x0356, 0x127a: 0x0356, 0x127b: 0x0356,
+	0x127c: 0x0356, 0x127d: 0x0359, 0x127e: 0x0359, 0x127f: 0x0359,
+	// Block 0x4a, offset 0x1280
+	0x1280: 0x0359, 0x1281: 0x035c, 0x1282: 0x035c, 0x1283: 0x035c, 0x1284: 0x035c, 0x1285: 0x035f,
+	0x1286: 0x035f, 0x1287: 0x035f, 0x1288: 0x035f, 0x1289: 0x0362, 0x128a: 0x0362, 0x128b: 0x0362,
+	0x128c: 0x0362, 0x128d: 0x0365, 0x128e: 0x0365, 0x128f: 0x0365, 0x1290: 0x0365, 0x1291: 0x0368,
+	0x1292: 0x0368, 0x1293: 0x0368, 0x1294: 0x0368, 0x1295: 0x036b, 0x1296: 0x036b, 0x1297: 0x036b,
+	0x1298: 0x036b, 0x1299: 0x036e, 0x129a: 0x036e, 0x129b: 0x036e, 0x129c: 0x036e, 0x129d: 0x0371,
+	0x129e: 0x0371, 0x129f: 0x0371, 0x12a0: 0x0371, 0x12a1: 0x0374, 0x12a2: 0x0374, 0x12a3: 0x0374,
+	0x12a4: 0x0374, 0x12a5: 0x0377, 0x12a6: 0x0377, 0x12a7: 0x0377, 0x12a8: 0x0377, 0x12a9: 0x037a,
+	0x12aa: 0x037a, 0x12ab: 0x037a, 0x12ac: 0x037a, 0x12ad: 0x037d, 0x12ae: 0x037d, 0x12af: 0x0380,
+	0x12b0: 0x0380, 0x12b1: 0x0383, 0x12b2: 0x0383, 0x12b3: 0x0383, 0x12b4: 0x0383, 0x12b5: 0x2f41,
+	0x12b6: 0x2f41, 0x12b7: 0x2f49, 0x12b8: 0x2f49, 0x12b9: 0x2f51, 0x12ba: 0x2f51, 0x12bb: 0x20b2,
+	0x12bc: 0x20b2,
+	// Block 0x4b, offset 0x12c0
+	0x12c0: 0x0081, 0x12c1: 0x0083, 0x12c2: 0x0085, 0x12c3: 0x0087, 0x12c4: 0x0089, 0x12c5: 0x008b,
+	0x12c6: 0x008d, 0x12c7: 0x008f, 0x12c8: 0x0091, 0x12c9: 0x0093, 0x12ca: 0x0095, 0x12cb: 0x0097,
+	0x12cc: 0x0099, 0x12cd: 0x009b, 0x12ce: 0x009d, 0x12cf: 0x009f, 0x12d0: 0x00a1, 0x12d1: 0x00a3,
+	0x12d2: 0x00a5, 0x12d3: 0x00a7, 0x12d4: 0x00a9, 0x12d5: 0x00ab, 0x12d6: 0x00ad, 0x12d7: 0x00af,
+	0x12d8: 0x00b1, 0x12d9: 0x00b3, 0x12da: 0x00b5, 0x12db: 0x00b7, 0x12dc: 0x00b9, 0x12dd: 0x00bb,
+	0x12de: 0x00bd, 0x12df: 0x056e, 0x12e0: 0x0572, 0x12e1: 0x0582, 0x12e2: 0x0596, 0x12e3: 0x059a,
+	0x12e4: 0x057e, 0x12e5: 0x06a6, 0x12e6: 0x069e, 0x12e7: 0x05c2, 0x12e8: 0x05ca, 0x12e9: 0x05d2,
+	0x12ea: 0x05da, 0x12eb: 0x05e2, 0x12ec: 0x0666, 0x12ed: 0x066e, 0x12ee: 0x0676, 0x12ef: 0x061a,
+	0x12f0: 0x06aa, 0x12f1: 0x05c6, 0x12f2: 0x05ce, 0x12f3: 0x05d6, 0x12f4: 0x05de, 0x12f5: 0x05e6,
+	0x12f6: 0x05ea, 0x12f7: 0x05ee, 0x12f8: 0x05f2, 0x12f9: 0x05f6, 0x12fa: 0x05fa, 0x12fb: 0x05fe,
+	0x12fc: 0x0602, 0x12fd: 0x0606, 0x12fe: 0x060a, 0x12ff: 0x060e,
+	// Block 0x4c, offset 0x1300
+	0x1300: 0x0612, 0x1301: 0x0616, 0x1302: 0x061e, 0x1303: 0x0622, 0x1304: 0x0626, 0x1305: 0x062a,
+	0x1306: 0x062e, 0x1307: 0x0632, 0x1308: 0x0636, 0x1309: 0x063a, 0x130a: 0x063e, 0x130b: 0x0642,
+	0x130c: 0x0646, 0x130d: 0x064a, 0x130e: 0x064e, 0x130f: 0x0652, 0x1310: 0x0656, 0x1311: 0x065a,
+	0x1312: 0x065e, 0x1313: 0x0662, 0x1314: 0x066a, 0x1315: 0x0672, 0x1316: 0x067a, 0x1317: 0x067e,
+	0x1318: 0x0682, 0x1319: 0x0686, 0x131a: 0x068a, 0x131b: 0x068e, 0x131c: 0x0692, 0x131d: 0x06a2,
+	0x131e: 0x4bb9, 0x131f: 0x4bbf, 0x1320: 0x04b6, 0x1321: 0x0406, 0x1322: 0x040a, 0x1323: 0x4b7c,
+	0x1324: 0x040e, 0x1325: 0x4b82, 0x1326: 0x4b88, 0x1327: 0x0412, 0x1328: 0x0416, 0x1329: 0x041a,
+	0x132a: 0x4b8e, 0x132b: 0x4b94, 0x132c: 0x4b9a, 0x132d: 0x4ba0, 0x132e: 0x4ba6, 0x132f: 0x4bac,
+	0x1330: 0x045a, 0x1331: 0x041e, 0x1332: 0x0422, 0x1333: 0x0426, 0x1334: 0x046e, 0x1335: 0x042a,
+	0x1336: 0x042e, 0x1337: 0x0432, 0x1338: 0x0436, 0x1339: 0x043a, 0x133a: 0x043e, 0x133b: 0x0442,
+	0x133c: 0x0446, 0x133d: 0x044a, 0x133e: 0x044e,
+	// Block 0x4d, offset 0x1340
+	0x1342: 0x4afe, 0x1343: 0x4b04, 0x1344: 0x4b0a, 0x1345: 0x4b10,
+	0x1346: 0x4b16, 0x1347: 0x4b1c, 0x134a: 0x4b22, 0x134b: 0x4b28,
+	0x134c: 0x4b2e, 0x134d: 0x4b34, 0x134e: 0x4b3a, 0x134f: 0x4b40,
+	0x1352: 0x4b46, 0x1353: 0x4b4c, 0x1354: 0x4b52, 0x1355: 0x4b58, 0x1356: 0x4b5e, 0x1357: 0x4b64,
+	0x135a: 0x4b6a, 0x135b: 0x4b70, 0x135c: 0x4b76,
+	0x1360: 0x00bf, 0x1361: 0x00c2, 0x1362: 0x00cb, 0x1363: 0x43a5,
+	0x1364: 0x00c8, 0x1365: 0x00c5, 0x1366: 0x053e, 0x1368: 0x0562, 0x1369: 0x0542,
+	0x136a: 0x0546, 0x136b: 0x054a, 0x136c: 0x054e, 0x136d: 0x0566, 0x136e: 0x056a,
+	// Block 0x4e, offset 0x1380
+	0x1381: 0x01f1, 0x1382: 0x01f4, 0x1383: 0x00d4, 0x1384: 0x01be, 0x1385: 0x010d,
+	0x1387: 0x01d3, 0x1388: 0x174e, 0x1389: 0x01d9, 0x138a: 0x01d6, 0x138b: 0x0116,
+	0x138c: 0x0119, 0x138d: 0x0526, 0x138e: 0x011c, 0x138f: 0x0128, 0x1390: 0x01e5, 0x1391: 0x013a,
+	0x1392: 0x0134, 0x1393: 0x012e, 0x1394: 0x01c1, 0x1395: 0x00e0, 0x1396: 0x01c4, 0x1397: 0x0143,
+	0x1398: 0x0194, 0x1399: 0x01e8, 0x139a: 0x01eb, 0x139b: 0x0152, 0x139c: 0x1756, 0x139d: 0x1742,
+	0x139e: 0x0158, 0x139f: 0x175b, 0x13a0: 0x01a9, 0x13a1: 0x1760, 0x13a2: 0x00da, 0x13a3: 0x0170,
+	0x13a4: 0x0173, 0x13a5: 0x00a3, 0x13a6: 0x017c, 0x13a7: 0x1765, 0x13a8: 0x0182, 0x13a9: 0x0185,
+	0x13aa: 0x0188, 0x13ab: 0x01e2, 0x13ac: 0x01dc, 0x13ad: 0x1752, 0x13ae: 0x01df, 0x13af: 0x0197,
+	0x13b0: 0x0576, 0x13b2: 0x01ac, 0x13b3: 0x01cd, 0x13b4: 0x01d0, 0x13b5: 0x01bb,
+	0x13b6: 0x00f5, 0x13b7: 0x00f8, 0x13b8: 0x00fb, 0x13b9: 0x176a, 0x13ba: 0x176f,
+	// Block 0x4f, offset 0x13c0
+	0x13c0: 0x0063, 0x13c1: 0x0065, 0x13c2: 0x0067, 0x13c3: 0x0069, 0x13c4: 0x006b, 0x13c5: 0x006d,
+	0x13c6: 0x006f, 0x13c7: 0x0071, 0x13c8: 0x0073, 0x13c9: 0x0075, 0x13ca: 0x0083, 0x13cb: 0x0085,
+	0x13cc: 0x0087, 0x13cd: 0x0089, 0x13ce: 0x008b, 0x13cf: 0x008d, 0x13d0: 0x008f, 0x13d1: 0x0091,
+	0x13d2: 0x0093, 0x13d3: 0x0095, 0x13d4: 0x0097, 0x13d5: 0x0099, 0x13d6: 0x009b, 0x13d7: 0x009d,
+	0x13d8: 0x009f, 0x13d9: 0x00a1, 0x13da: 0x00a3, 0x13db: 0x00a5, 0x13dc: 0x00a7, 0x13dd: 0x00a9,
+	0x13de: 0x00ab, 0x13df: 0x00ad, 0x13e0: 0x00af, 0x13e1: 0x00b1, 0x13e2: 0x00b3, 0x13e3: 0x00b5,
+	0x13e4: 0x00e3, 0x13e5: 0x0101, 0x13e8: 0x01f7, 0x13e9: 0x01fa,
+	0x13ea: 0x01fd, 0x13eb: 0x0200, 0x13ec: 0x0203, 0x13ed: 0x0206, 0x13ee: 0x0209, 0x13ef: 0x020c,
+	0x13f0: 0x020f, 0x13f1: 0x0212, 0x13f2: 0x0215, 0x13f3: 0x0218, 0x13f4: 0x021b, 0x13f5: 0x021e,
+	0x13f6: 0x0221, 0x13f7: 0x0224, 0x13f8: 0x0227, 0x13f9: 0x020c, 0x13fa: 0x022a, 0x13fb: 0x022d,
+	0x13fc: 0x0230, 0x13fd: 0x0233, 0x13fe: 0x0236, 0x13ff: 0x0239,
+	// Block 0x50, offset 0x1400
+	0x1400: 0x0281, 0x1401: 0x0284, 0x1402: 0x0287, 0x1403: 0x0552, 0x1404: 0x024b, 0x1405: 0x0254,
+	0x1406: 0x025a, 0x1407: 0x027e, 0x1408: 0x026f, 0x1409: 0x026c, 0x140a: 0x028a, 0x140b: 0x028d,
+	0x140e: 0x0021, 0x140f: 0x0023, 0x1410: 0x0025, 0x1411: 0x0027,
+	0x1412: 0x0029, 0x1413: 0x002b, 0x1414: 0x002d, 0x1415: 0x002f, 0x1416: 0x0031, 0x1417: 0x0033,
+	0x1418: 0x0021, 0x1419: 0x0023, 0x141a: 0x0025, 0x141b: 0x0027, 0x141c: 0x0029, 0x141d: 0x002b,
+	0x141e: 0x002d, 0x141f: 0x002f, 0x1420: 0x0031, 0x1421: 0x0033, 0x1422: 0x0021, 0x1423: 0x0023,
+	0x1424: 0x0025, 0x1425: 0x0027, 0x1426: 0x0029, 0x1427: 0x002b, 0x1428: 0x002d, 0x1429: 0x002f,
+	0x142a: 0x0031, 0x142b: 0x0033, 0x142c: 0x0021, 0x142d: 0x0023, 0x142e: 0x0025, 0x142f: 0x0027,
+	0x1430: 0x0029, 0x1431: 0x002b, 0x1432: 0x002d, 0x1433: 0x002f, 0x1434: 0x0031, 0x1435: 0x0033,
+	0x1436: 0x0021, 0x1437: 0x0023, 0x1438: 0x0025, 0x1439: 0x0027, 0x143a: 0x0029, 0x143b: 0x002b,
+	0x143c: 0x002d, 0x143d: 0x002f, 0x143e: 0x0031, 0x143f: 0x0033,
+	// Block 0x51, offset 0x1440
+	0x1440: 0x8133, 0x1441: 0x8133, 0x1442: 0x8133, 0x1443: 0x8133, 0x1444: 0x8133, 0x1445: 0x8133,
+	0x1446: 0x8133, 0x1448: 0x8133, 0x1449: 0x8133, 0x144a: 0x8133, 0x144b: 0x8133,
+	0x144c: 0x8133, 0x144d: 0x8133, 0x144e: 0x8133, 0x144f: 0x8133, 0x1450: 0x8133, 0x1451: 0x8133,
+	0x1452: 0x8133, 0x1453: 0x8133, 0x1454: 0x8133, 0x1455: 0x8133, 0x1456: 0x8133, 0x1457: 0x8133,
+	0x1458: 0x8133, 0x145b: 0x8133, 0x145c: 0x8133, 0x145d: 0x8133,
+	0x145e: 0x8133, 0x145f: 0x8133, 0x1460: 0x8133, 0x1461: 0x8133, 0x1463: 0x8133,
+	0x1464: 0x8133, 0x1466: 0x8133, 0x1467: 0x8133, 0x1468: 0x8133, 0x1469: 0x8133,
+	0x146a: 0x8133,
+	0x1470: 0x0290, 0x1471: 0x0293, 0x1472: 0x0296, 0x1473: 0x0299, 0x1474: 0x029c, 0x1475: 0x029f,
+	0x1476: 0x02a2, 0x1477: 0x02a5, 0x1478: 0x02a8, 0x1479: 0x02ab, 0x147a: 0x02ae, 0x147b: 0x02b1,
+	0x147c: 0x02b7, 0x147d: 0x02ba, 0x147e: 0x02bd, 0x147f: 0x02c0,
+	// Block 0x52, offset 0x1480
+	0x1480: 0x02c3, 0x1481: 0x02c6, 0x1482: 0x02c9, 0x1483: 0x02cc, 0x1484: 0x02cf, 0x1485: 0x02d2,
+	0x1486: 0x02d5, 0x1487: 0x02db, 0x1488: 0x02e1, 0x1489: 0x02e4, 0x148a: 0x1736, 0x148b: 0x0302,
+	0x148c: 0x02ea, 0x148d: 0x02ed, 0x148e: 0x0305, 0x148f: 0x02f9, 0x1490: 0x02ff, 0x1491: 0x0290,
+	0x1492: 0x0293, 0x1493: 0x0296, 0x1494: 0x0299, 0x1495: 0x029c, 0x1496: 0x029f, 0x1497: 0x02a2,
+	0x1498: 0x02a5, 0x1499: 0x02a8, 0x149a: 0x02ab, 0x149b: 0x02ae, 0x149c: 0x02b7, 0x149d: 0x02ba,
+	0x149e: 0x02c0, 0x149f: 0x02c6, 0x14a0: 0x02c9, 0x14a1: 0x02cc, 0x14a2: 0x02cf, 0x14a3: 0x02d2,
+	0x14a4: 0x02d5, 0x14a5: 0x02d8, 0x14a6: 0x02db, 0x14a7: 0x02f3, 0x14a8: 0x02ea, 0x14a9: 0x02e7,
+	0x14aa: 0x02f0, 0x14ab: 0x02f6, 0x14ac: 0x1732, 0x14ad: 0x02fc,
+	// Block 0x53, offset 0x14c0
+	0x14c0: 0x032c, 0x14c1: 0x032f, 0x14c2: 0x033b, 0x14c3: 0x0344, 0x14c5: 0x037d,
+	0x14c6: 0x034d, 0x14c7: 0x033e, 0x14c8: 0x035c, 0x14c9: 0x0383, 0x14ca: 0x036e, 0x14cb: 0x0371,
+	0x14cc: 0x0374, 0x14cd: 0x0377, 0x14ce: 0x0350, 0x14cf: 0x0362, 0x14d0: 0x0368, 0x14d1: 0x0356,
+	0x14d2: 0x036b, 0x14d3: 0x034a, 0x14d4: 0x0353, 0x14d5: 0x0335, 0x14d6: 0x0338, 0x14d7: 0x0341,
+	0x14d8: 0x0347, 0x14d9: 0x0359, 0x14da: 0x035f, 0x14db: 0x0365, 0x14dc: 0x0386, 0x14dd: 0x03d7,
+	0x14de: 0x03bf, 0x14df: 0x0389, 0x14e1: 0x032f, 0x14e2: 0x033b,
+	0x14e4: 0x037a, 0x14e7: 0x033e, 0x14e9: 0x0383,
+	0x14ea: 0x036e, 0x14eb: 0x0371, 0x14ec: 0x0374, 0x14ed: 0x0377, 0x14ee: 0x0350, 0x14ef: 0x0362,
+	0x14f0: 0x0368, 0x14f1: 0x0356, 0x14f2: 0x036b, 0x14f4: 0x0353, 0x14f5: 0x0335,
+	0x14f6: 0x0338, 0x14f7: 0x0341, 0x14f9: 0x0359, 0x14fb: 0x0365,
+	// Block 0x54, offset 0x1500
+	0x1502: 0x033b,
+	0x1507: 0x033e, 0x1509: 0x0383, 0x150b: 0x0371,
+	0x150d: 0x0377, 0x150e: 0x0350, 0x150f: 0x0362, 0x1511: 0x0356,
+	0x1512: 0x036b, 0x1514: 0x0353, 0x1517: 0x0341,
+	0x1519: 0x0359, 0x151b: 0x0365, 0x151d: 0x03d7,
+	0x151f: 0x0389, 0x1521: 0x032f, 0x1522: 0x033b,
+	0x1524: 0x037a, 0x1527: 0x033e, 0x1528: 0x035c, 0x1529: 0x0383,
+	0x152a: 0x036e, 0x152c: 0x0374, 0x152d: 0x0377, 0x152e: 0x0350, 0x152f: 0x0362,
+	0x1530: 0x0368, 0x1531: 0x0356, 0x1532: 0x036b, 0x1534: 0x0353, 0x1535: 0x0335,
+	0x1536: 0x0338, 0x1537: 0x0341, 0x1539: 0x0359, 0x153a: 0x035f, 0x153b: 0x0365,
+	0x153c: 0x0386, 0x153e: 0x03bf,
+	// Block 0x55, offset 0x1540
+	0x1540: 0x032c, 0x1541: 0x032f, 0x1542: 0x033b, 0x1543: 0x0344, 0x1544: 0x037a, 0x1545: 0x037d,
+	0x1546: 0x034d, 0x1547: 0x033e, 0x1548: 0x035c, 0x1549: 0x0383, 0x154b: 0x0371,
+	0x154c: 0x0374, 0x154d: 0x0377, 0x154e: 0x0350, 0x154f: 0x0362, 0x1550: 0x0368, 0x1551: 0x0356,
+	0x1552: 0x036b, 0x1553: 0x034a, 0x1554: 0x0353, 0x1555: 0x0335, 0x1556: 0x0338, 0x1557: 0x0341,
+	0x1558: 0x0347, 0x1559: 0x0359, 0x155a: 0x035f, 0x155b: 0x0365,
+	0x1561: 0x032f, 0x1562: 0x033b, 0x1563: 0x0344,
+	0x1565: 0x037d, 0x1566: 0x034d, 0x1567: 0x033e, 0x1568: 0x035c, 0x1569: 0x0383,
+	0x156b: 0x0371, 0x156c: 0x0374, 0x156d: 0x0377, 0x156e: 0x0350, 0x156f: 0x0362,
+	0x1570: 0x0368, 0x1571: 0x0356, 0x1572: 0x036b, 0x1573: 0x034a, 0x1574: 0x0353, 0x1575: 0x0335,
+	0x1576: 0x0338, 0x1577: 0x0341, 0x1578: 0x0347, 0x1579: 0x0359, 0x157a: 0x035f, 0x157b: 0x0365,
+	// Block 0x56, offset 0x1580
+	0x1580: 0x19a6, 0x1581: 0x19a3, 0x1582: 0x19a9, 0x1583: 0x19cd, 0x1584: 0x19f1, 0x1585: 0x1a15,
+	0x1586: 0x1a39, 0x1587: 0x1a42, 0x1588: 0x1a48, 0x1589: 0x1a4e, 0x158a: 0x1a54,
+	0x1590: 0x1bbc, 0x1591: 0x1bc0,
+	0x1592: 0x1bc4, 0x1593: 0x1bc8, 0x1594: 0x1bcc, 0x1595: 0x1bd0, 0x1596: 0x1bd4, 0x1597: 0x1bd8,
+	0x1598: 0x1bdc, 0x1599: 0x1be0, 0x159a: 0x1be4, 0x159b: 0x1be8, 0x159c: 0x1bec, 0x159d: 0x1bf0,
+	0x159e: 0x1bf4, 0x159f: 0x1bf8, 0x15a0: 0x1bfc, 0x15a1: 0x1c00, 0x15a2: 0x1c04, 0x15a3: 0x1c08,
+	0x15a4: 0x1c0c, 0x15a5: 0x1c10, 0x15a6: 0x1c14, 0x15a7: 0x1c18, 0x15a8: 0x1c1c, 0x15a9: 0x1c20,
+	0x15aa: 0x2855, 0x15ab: 0x0047, 0x15ac: 0x0065, 0x15ad: 0x1a69, 0x15ae: 0x1ae1,
+	0x15b0: 0x0043, 0x15b1: 0x0045, 0x15b2: 0x0047, 0x15b3: 0x0049, 0x15b4: 0x004b, 0x15b5: 0x004d,
+	0x15b6: 0x004f, 0x15b7: 0x0051, 0x15b8: 0x0053, 0x15b9: 0x0055, 0x15ba: 0x0057, 0x15bb: 0x0059,
+	0x15bc: 0x005b, 0x15bd: 0x005d, 0x15be: 0x005f, 0x15bf: 0x0061,
+	// Block 0x57, offset 0x15c0
+	0x15c0: 0x27dd, 0x15c1: 0x27f2, 0x15c2: 0x05fe,
+	0x15d0: 0x0d0a, 0x15d1: 0x0b42,
+	0x15d2: 0x09ce, 0x15d3: 0x4705, 0x15d4: 0x0816, 0x15d5: 0x0aea, 0x15d6: 0x142a, 0x15d7: 0x0afa,
+	0x15d8: 0x0822, 0x15d9: 0x0dd2, 0x15da: 0x0faa, 0x15db: 0x0daa, 0x15dc: 0x0922, 0x15dd: 0x0c66,
+	0x15de: 0x08ba, 0x15df: 0x0db2, 0x15e0: 0x090e, 0x15e1: 0x1212, 0x15e2: 0x107e, 0x15e3: 0x1486,
+	0x15e4: 0x0ace, 0x15e5: 0x0a06, 0x15e6: 0x0f5e, 0x15e7: 0x0d16, 0x15e8: 0x0d42, 0x15e9: 0x07ba,
+	0x15ea: 0x07c6, 0x15eb: 0x1506, 0x15ec: 0x0bd6, 0x15ed: 0x07e2, 0x15ee: 0x09ea, 0x15ef: 0x0d36,
+	0x15f0: 0x14ae, 0x15f1: 0x0d0e, 0x15f2: 0x116a, 0x15f3: 0x11a6, 0x15f4: 0x09f2, 0x15f5: 0x0f3e,
+	0x15f6: 0x0e06, 0x15f7: 0x0e02, 0x15f8: 0x1092, 0x15f9: 0x0926, 0x15fa: 0x0a52, 0x15fb: 0x153e,
+	// Block 0x58, offset 0x1600
+	0x1600: 0x07f6, 0x1601: 0x07ee, 0x1602: 0x07fe, 0x1603: 0x1774, 0x1604: 0x0842, 0x1605: 0x0852,
+	0x1606: 0x0856, 0x1607: 0x085e, 0x1608: 0x0866, 0x1609: 0x086a, 0x160a: 0x0876, 0x160b: 0x086e,
+	0x160c: 0x06ae, 0x160d: 0x1788, 0x160e: 0x088a, 0x160f: 0x088e, 0x1610: 0x0892, 0x1611: 0x08ae,
+	0x1612: 0x1779, 0x1613: 0x06b2, 0x1614: 0x089a, 0x1615: 0x08ba, 0x1616: 0x1783, 0x1617: 0x08ca,
+	0x1618: 0x08d2, 0x1619: 0x0832, 0x161a: 0x08da, 0x161b: 0x08de, 0x161c: 0x195e, 0x161d: 0x08fa,
+	0x161e: 0x0902, 0x161f: 0x06ba, 0x1620: 0x091a, 0x1621: 0x091e, 0x1622: 0x0926, 0x1623: 0x092a,
+	0x1624: 0x06be, 0x1625: 0x0942, 0x1626: 0x0946, 0x1627: 0x0952, 0x1628: 0x095e, 0x1629: 0x0962,
+	0x162a: 0x0966, 0x162b: 0x096e, 0x162c: 0x098e, 0x162d: 0x0992, 0x162e: 0x099a, 0x162f: 0x09aa,
+	0x1630: 0x09b2, 0x1631: 0x09b6, 0x1632: 0x09b6, 0x1633: 0x09b6, 0x1634: 0x1797, 0x1635: 0x0f8e,
+	0x1636: 0x09ca, 0x1637: 0x09d2, 0x1638: 0x179c, 0x1639: 0x09de, 0x163a: 0x09e6, 0x163b: 0x09ee,
+	0x163c: 0x0a16, 0x163d: 0x0a02, 0x163e: 0x0a0e, 0x163f: 0x0a12,
+	// Block 0x59, offset 0x1640
+	0x1640: 0x0a1a, 0x1641: 0x0a22, 0x1642: 0x0a26, 0x1643: 0x0a2e, 0x1644: 0x0a36, 0x1645: 0x0a3a,
+	0x1646: 0x0a3a, 0x1647: 0x0a42, 0x1648: 0x0a4a, 0x1649: 0x0a4e, 0x164a: 0x0a5a, 0x164b: 0x0a7e,
+	0x164c: 0x0a62, 0x164d: 0x0a82, 0x164e: 0x0a66, 0x164f: 0x0a6e, 0x1650: 0x0906, 0x1651: 0x0aca,
+	0x1652: 0x0a92, 0x1653: 0x0a96, 0x1654: 0x0a9a, 0x1655: 0x0a8e, 0x1656: 0x0aa2, 0x1657: 0x0a9e,
+	0x1658: 0x0ab6, 0x1659: 0x17a1, 0x165a: 0x0ad2, 0x165b: 0x0ad6, 0x165c: 0x0ade, 0x165d: 0x0aea,
+	0x165e: 0x0af2, 0x165f: 0x0b0e, 0x1660: 0x17a6, 0x1661: 0x17ab, 0x1662: 0x0b1a, 0x1663: 0x0b1e,
+	0x1664: 0x0b22, 0x1665: 0x0b16, 0x1666: 0x0b2a, 0x1667: 0x06c2, 0x1668: 0x06c6, 0x1669: 0x0b32,
+	0x166a: 0x0b3a, 0x166b: 0x0b3a, 0x166c: 0x17b0, 0x166d: 0x0b56, 0x166e: 0x0b5a, 0x166f: 0x0b5e,
+	0x1670: 0x0b66, 0x1671: 0x17b5, 0x1672: 0x0b6e, 0x1673: 0x0b72, 0x1674: 0x0c4a, 0x1675: 0x0b7a,
+	0x1676: 0x06ca, 0x1677: 0x0b86, 0x1678: 0x0b96, 0x1679: 0x0ba2, 0x167a: 0x0b9e, 0x167b: 0x17bf,
+	0x167c: 0x0baa, 0x167d: 0x17c4, 0x167e: 0x0bb6, 0x167f: 0x0bb2,
+	// Block 0x5a, offset 0x1680
+	0x1680: 0x0bba, 0x1681: 0x0bca, 0x1682: 0x0bce, 0x1683: 0x06ce, 0x1684: 0x0bde, 0x1685: 0x0be6,
+	0x1686: 0x0bea, 0x1687: 0x0bee, 0x1688: 0x06d2, 0x1689: 0x17c9, 0x168a: 0x06d6, 0x168b: 0x0c0a,
+	0x168c: 0x0c0e, 0x168d: 0x0c12, 0x168e: 0x0c1a, 0x168f: 0x1990, 0x1690: 0x0c32, 0x1691: 0x17d3,
+	0x1692: 0x17d3, 0x1693: 0x12d2, 0x1694: 0x0c42, 0x1695: 0x0c42, 0x1696: 0x06da, 0x1697: 0x17f6,
+	0x1698: 0x18c8, 0x1699: 0x0c52, 0x169a: 0x0c5a, 0x169b: 0x06de, 0x169c: 0x0c6e, 0x169d: 0x0c7e,
+	0x169e: 0x0c82, 0x169f: 0x0c8a, 0x16a0: 0x0c9a, 0x16a1: 0x06e6, 0x16a2: 0x06e2, 0x16a3: 0x0c9e,
+	0x16a4: 0x17d8, 0x16a5: 0x0ca2, 0x16a6: 0x0cb6, 0x16a7: 0x0cba, 0x16a8: 0x0cbe, 0x16a9: 0x0cba,
+	0x16aa: 0x0cca, 0x16ab: 0x0cce, 0x16ac: 0x0cde, 0x16ad: 0x0cd6, 0x16ae: 0x0cda, 0x16af: 0x0ce2,
+	0x16b0: 0x0ce6, 0x16b1: 0x0cea, 0x16b2: 0x0cf6, 0x16b3: 0x0cfa, 0x16b4: 0x0d12, 0x16b5: 0x0d1a,
+	0x16b6: 0x0d2a, 0x16b7: 0x0d3e, 0x16b8: 0x17e7, 0x16b9: 0x0d3a, 0x16ba: 0x0d2e, 0x16bb: 0x0d46,
+	0x16bc: 0x0d4e, 0x16bd: 0x0d62, 0x16be: 0x17ec, 0x16bf: 0x0d6a,
+	// Block 0x5b, offset 0x16c0
+	0x16c0: 0x0d5e, 0x16c1: 0x0d56, 0x16c2: 0x06ea, 0x16c3: 0x0d72, 0x16c4: 0x0d7a, 0x16c5: 0x0d82,
+	0x16c6: 0x0d76, 0x16c7: 0x06ee, 0x16c8: 0x0d92, 0x16c9: 0x0d9a, 0x16ca: 0x17f1, 0x16cb: 0x0dc6,
+	0x16cc: 0x0dfa, 0x16cd: 0x0dd6, 0x16ce: 0x06fa, 0x16cf: 0x0de2, 0x16d0: 0x06f6, 0x16d1: 0x06f2,
+	0x16d2: 0x08be, 0x16d3: 0x08c2, 0x16d4: 0x0dfe, 0x16d5: 0x0de6, 0x16d6: 0x12a6, 0x16d7: 0x075e,
+	0x16d8: 0x0e0a, 0x16d9: 0x0e0e, 0x16da: 0x0e12, 0x16db: 0x0e26, 0x16dc: 0x0e1e, 0x16dd: 0x180a,
+	0x16de: 0x06fe, 0x16df: 0x0e3a, 0x16e0: 0x0e2e, 0x16e1: 0x0e4a, 0x16e2: 0x0e52, 0x16e3: 0x1814,
+	0x16e4: 0x0e56, 0x16e5: 0x0e42, 0x16e6: 0x0e5e, 0x16e7: 0x0702, 0x16e8: 0x0e62, 0x16e9: 0x0e66,
+	0x16ea: 0x0e6a, 0x16eb: 0x0e76, 0x16ec: 0x1819, 0x16ed: 0x0e7e, 0x16ee: 0x0706, 0x16ef: 0x0e8a,
+	0x16f0: 0x181e, 0x16f1: 0x0e8e, 0x16f2: 0x070a, 0x16f3: 0x0e9a, 0x16f4: 0x0ea6, 0x16f5: 0x0eb2,
+	0x16f6: 0x0eb6, 0x16f7: 0x1823, 0x16f8: 0x17ba, 0x16f9: 0x1828, 0x16fa: 0x0ed6, 0x16fb: 0x182d,
+	0x16fc: 0x0ee2, 0x16fd: 0x0eea, 0x16fe: 0x0eda, 0x16ff: 0x0ef6,
+	// Block 0x5c, offset 0x1700
+	0x1700: 0x0f06, 0x1701: 0x0f16, 0x1702: 0x0f0a, 0x1703: 0x0f0e, 0x1704: 0x0f1a, 0x1705: 0x0f1e,
+	0x1706: 0x1832, 0x1707: 0x0f02, 0x1708: 0x0f36, 0x1709: 0x0f3a, 0x170a: 0x070e, 0x170b: 0x0f4e,
+	0x170c: 0x0f4a, 0x170d: 0x1837, 0x170e: 0x0f2e, 0x170f: 0x0f6a, 0x1710: 0x183c, 0x1711: 0x1841,
+	0x1712: 0x0f6e, 0x1713: 0x0f82, 0x1714: 0x0f7e, 0x1715: 0x0f7a, 0x1716: 0x0712, 0x1717: 0x0f86,
+	0x1718: 0x0f96, 0x1719: 0x0f92, 0x171a: 0x0f9e, 0x171b: 0x177e, 0x171c: 0x0fae, 0x171d: 0x1846,
+	0x171e: 0x0fba, 0x171f: 0x1850, 0x1720: 0x0fce, 0x1721: 0x0fda, 0x1722: 0x0fee, 0x1723: 0x1855,
+	0x1724: 0x1002, 0x1725: 0x1006, 0x1726: 0x185a, 0x1727: 0x185f, 0x1728: 0x1022, 0x1729: 0x1032,
+	0x172a: 0x0716, 0x172b: 0x1036, 0x172c: 0x071a, 0x172d: 0x071a, 0x172e: 0x104e, 0x172f: 0x1052,
+	0x1730: 0x105a, 0x1731: 0x105e, 0x1732: 0x106a, 0x1733: 0x071e, 0x1734: 0x1082, 0x1735: 0x1864,
+	0x1736: 0x109e, 0x1737: 0x1869, 0x1738: 0x10aa, 0x1739: 0x17ce, 0x173a: 0x10ba, 0x173b: 0x186e,
+	0x173c: 0x1873, 0x173d: 0x1878, 0x173e: 0x0722, 0x173f: 0x0726,
+	// Block 0x5d, offset 0x1740
+	0x1740: 0x10f2, 0x1741: 0x1882, 0x1742: 0x187d, 0x1743: 0x1887, 0x1744: 0x188c, 0x1745: 0x10fa,
+	0x1746: 0x10fe, 0x1747: 0x10fe, 0x1748: 0x1106, 0x1749: 0x072e, 0x174a: 0x110a, 0x174b: 0x0732,
+	0x174c: 0x0736, 0x174d: 0x1896, 0x174e: 0x111e, 0x174f: 0x1126, 0x1750: 0x1132, 0x1751: 0x073a,
+	0x1752: 0x189b, 0x1753: 0x1156, 0x1754: 0x18a0, 0x1755: 0x18a5, 0x1756: 0x1176, 0x1757: 0x118e,
+	0x1758: 0x073e, 0x1759: 0x1196, 0x175a: 0x119a, 0x175b: 0x119e, 0x175c: 0x18aa, 0x175d: 0x18af,
+	0x175e: 0x18af, 0x175f: 0x11b6, 0x1760: 0x0742, 0x1761: 0x18b4, 0x1762: 0x11ca, 0x1763: 0x11ce,
+	0x1764: 0x0746, 0x1765: 0x18b9, 0x1766: 0x11ea, 0x1767: 0x074a, 0x1768: 0x11fa, 0x1769: 0x11f2,
+	0x176a: 0x1202, 0x176b: 0x18c3, 0x176c: 0x121a, 0x176d: 0x074e, 0x176e: 0x1226, 0x176f: 0x122e,
+	0x1770: 0x123e, 0x1771: 0x0752, 0x1772: 0x18cd, 0x1773: 0x18d2, 0x1774: 0x0756, 0x1775: 0x18d7,
+	0x1776: 0x1256, 0x1777: 0x18dc, 0x1778: 0x1262, 0x1779: 0x126e, 0x177a: 0x1276, 0x177b: 0x18e1,
+	0x177c: 0x18e6, 0x177d: 0x128a, 0x177e: 0x18eb, 0x177f: 0x1292,
+	// Block 0x5e, offset 0x1780
+	0x1780: 0x17fb, 0x1781: 0x075a, 0x1782: 0x12aa, 0x1783: 0x12ae, 0x1784: 0x0762, 0x1785: 0x12b2,
+	0x1786: 0x0b2e, 0x1787: 0x18f0, 0x1788: 0x18f5, 0x1789: 0x1800, 0x178a: 0x1805, 0x178b: 0x12d2,
+	0x178c: 0x12d6, 0x178d: 0x14ee, 0x178e: 0x0766, 0x178f: 0x1302, 0x1790: 0x12fe, 0x1791: 0x1306,
+	0x1792: 0x093a, 0x1793: 0x130a, 0x1794: 0x130e, 0x1795: 0x1312, 0x1796: 0x131a, 0x1797: 0x18fa,
+	0x1798: 0x1316, 0x1799: 0x131e, 0x179a: 0x1332, 0x179b: 0x1336, 0x179c: 0x1322, 0x179d: 0x133a,
+	0x179e: 0x134e, 0x179f: 0x1362, 0x17a0: 0x132e, 0x17a1: 0x1342, 0x17a2: 0x1346, 0x17a3: 0x134a,
+	0x17a4: 0x18ff, 0x17a5: 0x1909, 0x17a6: 0x1904, 0x17a7: 0x076a, 0x17a8: 0x136a, 0x17a9: 0x136e,
+	0x17aa: 0x1376, 0x17ab: 0x191d, 0x17ac: 0x137a, 0x17ad: 0x190e, 0x17ae: 0x076e, 0x17af: 0x0772,
+	0x17b0: 0x1913, 0x17b1: 0x1918, 0x17b2: 0x0776, 0x17b3: 0x139a, 0x17b4: 0x139e, 0x17b5: 0x13a2,
+	0x17b6: 0x13a6, 0x17b7: 0x13b2, 0x17b8: 0x13ae, 0x17b9: 0x13ba, 0x17ba: 0x13b6, 0x17bb: 0x13c6,
+	0x17bc: 0x13be, 0x17bd: 0x13c2, 0x17be: 0x13ca, 0x17bf: 0x077a,
+	// Block 0x5f, offset 0x17c0
+	0x17c0: 0x13d2, 0x17c1: 0x13d6, 0x17c2: 0x077e, 0x17c3: 0x13e6, 0x17c4: 0x13ea, 0x17c5: 0x1922,
+	0x17c6: 0x13f6, 0x17c7: 0x13fa, 0x17c8: 0x0782, 0x17c9: 0x1406, 0x17ca: 0x06b6, 0x17cb: 0x1927,
+	0x17cc: 0x192c, 0x17cd: 0x0786, 0x17ce: 0x078a, 0x17cf: 0x1432, 0x17d0: 0x144a, 0x17d1: 0x1466,
+	0x17d2: 0x1476, 0x17d3: 0x1931, 0x17d4: 0x148a, 0x17d5: 0x148e, 0x17d6: 0x14a6, 0x17d7: 0x14b2,
+	0x17d8: 0x193b, 0x17d9: 0x178d, 0x17da: 0x14be, 0x17db: 0x14ba, 0x17dc: 0x14c6, 0x17dd: 0x1792,
+	0x17de: 0x14d2, 0x17df: 0x14de, 0x17e0: 0x1940, 0x17e1: 0x1945, 0x17e2: 0x151e, 0x17e3: 0x152a,
+	0x17e4: 0x1532, 0x17e5: 0x194a, 0x17e6: 0x1536, 0x17e7: 0x1562, 0x17e8: 0x156e, 0x17e9: 0x1572,
+	0x17ea: 0x156a, 0x17eb: 0x157e, 0x17ec: 0x1582, 0x17ed: 0x194f, 0x17ee: 0x158e, 0x17ef: 0x078e,
+	0x17f0: 0x1596, 0x17f1: 0x1954, 0x17f2: 0x0792, 0x17f3: 0x15ce, 0x17f4: 0x0bbe, 0x17f5: 0x15e6,
+	0x17f6: 0x1959, 0x17f7: 0x1963, 0x17f8: 0x0796, 0x17f9: 0x079a, 0x17fa: 0x160e, 0x17fb: 0x1968,
+	0x17fc: 0x079e, 0x17fd: 0x196d, 0x17fe: 0x1626, 0x17ff: 0x1626,
+	// Block 0x60, offset 0x1800
+	0x1800: 0x162e, 0x1801: 0x1972, 0x1802: 0x1646, 0x1803: 0x07a2, 0x1804: 0x1656, 0x1805: 0x1662,
+	0x1806: 0x166a, 0x1807: 0x1672, 0x1808: 0x07a6, 0x1809: 0x1977, 0x180a: 0x1686, 0x180b: 0x16a2,
+	0x180c: 0x16ae, 0x180d: 0x07aa, 0x180e: 0x07ae, 0x180f: 0x16b2, 0x1810: 0x197c, 0x1811: 0x07b2,
+	0x1812: 0x1981, 0x1813: 0x1986, 0x1814: 0x198b, 0x1815: 0x16d6, 0x1816: 0x07b6, 0x1817: 0x16ea,
+	0x1818: 0x16f2, 0x1819: 0x16f6, 0x181a: 0x16fe, 0x181b: 0x1706, 0x181c: 0x170e, 0x181d: 0x1995,
+}
+
+// nfkcIndex: 22 blocks, 1408 entries, 2816 bytes
+// Block 0 is the zero block.
+var nfkcIndex = [1408]uint16{
+	// Block 0x0, offset 0x0
+	// Block 0x1, offset 0x40
+	// Block 0x2, offset 0x80
+	// Block 0x3, offset 0xc0
+	0xc2: 0x5f, 0xc3: 0x01, 0xc4: 0x02, 0xc5: 0x03, 0xc6: 0x60, 0xc7: 0x04,
+	0xc8: 0x05, 0xca: 0x61, 0xcb: 0x62, 0xcc: 0x06, 0xcd: 0x07, 0xce: 0x08, 0xcf: 0x09,
+	0xd0: 0x0a, 0xd1: 0x63, 0xd2: 0x64, 0xd3: 0x0b, 0xd6: 0x0c, 0xd7: 0x65,
+	0xd8: 0x66, 0xd9: 0x0d, 0xdb: 0x67, 0xdc: 0x68, 0xdd: 0x69, 0xdf: 0x6a,
+	0xe0: 0x02, 0xe1: 0x03, 0xe2: 0x04, 0xe3: 0x05,
+	0xea: 0x06, 0xeb: 0x07, 0xec: 0x08, 0xed: 0x09, 0xef: 0x0a,
+	0xf0: 0x13,
+	// Block 0x4, offset 0x100
+	0x120: 0x6b, 0x121: 0x6c, 0x122: 0x6d, 0x123: 0x0e, 0x124: 0x6e, 0x125: 0x6f, 0x126: 0x70, 0x127: 0x71,
+	0x128: 0x72, 0x129: 0x73, 0x12a: 0x74, 0x12b: 0x75, 0x12c: 0x70, 0x12d: 0x76, 0x12e: 0x77, 0x12f: 0x78,
+	0x130: 0x74, 0x131: 0x79, 0x132: 0x7a, 0x133: 0x7b, 0x134: 0x7c, 0x135: 0x7d, 0x137: 0x7e,
+	0x138: 0x7f, 0x139: 0x80, 0x13a: 0x81, 0x13b: 0x82, 0x13c: 0x83, 0x13d: 0x84, 0x13e: 0x85, 0x13f: 0x86,
+	// Block 0x5, offset 0x140
+	0x140: 0x87, 0x142: 0x88, 0x143: 0x89, 0x144: 0x8a, 0x145: 0x8b, 0x146: 0x8c, 0x147: 0x8d,
+	0x14d: 0x8e,
+	0x15c: 0x8f, 0x15f: 0x90,
+	0x162: 0x91, 0x164: 0x92,
+	0x168: 0x93, 0x169: 0x94, 0x16a: 0x95, 0x16b: 0x96, 0x16c: 0x0f, 0x16d: 0x97, 0x16e: 0x98, 0x16f: 0x99,
+	0x170: 0x9a, 0x173: 0x9b, 0x174: 0x9c, 0x175: 0x10, 0x176: 0x11, 0x177: 0x12,
+	0x178: 0x13, 0x179: 0x14, 0x17a: 0x15, 0x17b: 0x16, 0x17c: 0x17, 0x17d: 0x18, 0x17e: 0x19, 0x17f: 0x1a,
+	// Block 0x6, offset 0x180
+	0x180: 0x9d, 0x181: 0x9e, 0x182: 0x9f, 0x183: 0xa0, 0x184: 0x1b, 0x185: 0x1c, 0x186: 0xa1, 0x187: 0xa2,
+	0x188: 0xa3, 0x189: 0x1d, 0x18a: 0x1e, 0x18b: 0xa4, 0x18c: 0xa5,
+	0x191: 0x1f, 0x192: 0x20, 0x193: 0xa6,
+	0x1a8: 0xa7, 0x1a9: 0xa8, 0x1ab: 0xa9,
+	0x1b1: 0xaa, 0x1b3: 0xab, 0x1b5: 0xac, 0x1b7: 0xad,
+	0x1ba: 0xae, 0x1bb: 0xaf, 0x1bc: 0x21, 0x1bd: 0x22, 0x1be: 0x23, 0x1bf: 0xb0,
+	// Block 0x7, offset 0x1c0
+	0x1c0: 0xb1, 0x1c1: 0x24, 0x1c2: 0x25, 0x1c3: 0x26, 0x1c4: 0xb2, 0x1c5: 0x27, 0x1c6: 0x28,
+	0x1c8: 0x29, 0x1c9: 0x2a, 0x1ca: 0x2b, 0x1cb: 0x2c, 0x1cc: 0x2d, 0x1cd: 0x2e, 0x1ce: 0x2f, 0x1cf: 0x30,
+	// Block 0x8, offset 0x200
+	0x219: 0xb3, 0x21a: 0xb4, 0x21b: 0xb5, 0x21d: 0xb6, 0x21f: 0xb7,
+	0x220: 0xb8, 0x223: 0xb9, 0x224: 0xba, 0x225: 0xbb, 0x226: 0xbc, 0x227: 0xbd,
+	0x22a: 0xbe, 0x22b: 0xbf, 0x22d: 0xc0, 0x22f: 0xc1,
+	0x230: 0xc2, 0x231: 0xc3, 0x232: 0xc4, 0x233: 0xc5, 0x234: 0xc6, 0x235: 0xc7, 0x236: 0xc8, 0x237: 0xc2,
+	0x238: 0xc3, 0x239: 0xc4, 0x23a: 0xc5, 0x23b: 0xc6, 0x23c: 0xc7, 0x23d: 0xc8, 0x23e: 0xc2, 0x23f: 0xc3,
+	// Block 0x9, offset 0x240
+	0x240: 0xc4, 0x241: 0xc5, 0x242: 0xc6, 0x243: 0xc7, 0x244: 0xc8, 0x245: 0xc2, 0x246: 0xc3, 0x247: 0xc4,
+	0x248: 0xc5, 0x249: 0xc6, 0x24a: 0xc7, 0x24b: 0xc8, 0x24c: 0xc2, 0x24d: 0xc3, 0x24e: 0xc4, 0x24f: 0xc5,
+	0x250: 0xc6, 0x251: 0xc7, 0x252: 0xc8, 0x253: 0xc2, 0x254: 0xc3, 0x255: 0xc4, 0x256: 0xc5, 0x257: 0xc6,
+	0x258: 0xc7, 0x259: 0xc8, 0x25a: 0xc2, 0x25b: 0xc3, 0x25c: 0xc4, 0x25d: 0xc5, 0x25e: 0xc6, 0x25f: 0xc7,
+	0x260: 0xc8, 0x261: 0xc2, 0x262: 0xc3, 0x263: 0xc4, 0x264: 0xc5, 0x265: 0xc6, 0x266: 0xc7, 0x267: 0xc8,
+	0x268: 0xc2, 0x269: 0xc3, 0x26a: 0xc4, 0x26b: 0xc5, 0x26c: 0xc6, 0x26d: 0xc7, 0x26e: 0xc8, 0x26f: 0xc2,
+	0x270: 0xc3, 0x271: 0xc4, 0x272: 0xc5, 0x273: 0xc6, 0x274: 0xc7, 0x275: 0xc8, 0x276: 0xc2, 0x277: 0xc3,
+	0x278: 0xc4, 0x279: 0xc5, 0x27a: 0xc6, 0x27b: 0xc7, 0x27c: 0xc8, 0x27d: 0xc2, 0x27e: 0xc3, 0x27f: 0xc4,
+	// Block 0xa, offset 0x280
+	0x280: 0xc5, 0x281: 0xc6, 0x282: 0xc7, 0x283: 0xc8, 0x284: 0xc2, 0x285: 0xc3, 0x286: 0xc4, 0x287: 0xc5,
+	0x288: 0xc6, 0x289: 0xc7, 0x28a: 0xc8, 0x28b: 0xc2, 0x28c: 0xc3, 0x28d: 0xc4, 0x28e: 0xc5, 0x28f: 0xc6,
+	0x290: 0xc7, 0x291: 0xc8, 0x292: 0xc2, 0x293: 0xc3, 0x294: 0xc4, 0x295: 0xc5, 0x296: 0xc6, 0x297: 0xc7,
+	0x298: 0xc8, 0x299: 0xc2, 0x29a: 0xc3, 0x29b: 0xc4, 0x29c: 0xc5, 0x29d: 0xc6, 0x29e: 0xc7, 0x29f: 0xc8,
+	0x2a0: 0xc2, 0x2a1: 0xc3, 0x2a2: 0xc4, 0x2a3: 0xc5, 0x2a4: 0xc6, 0x2a5: 0xc7, 0x2a6: 0xc8, 0x2a7: 0xc2,
+	0x2a8: 0xc3, 0x2a9: 0xc4, 0x2aa: 0xc5, 0x2ab: 0xc6, 0x2ac: 0xc7, 0x2ad: 0xc8, 0x2ae: 0xc2, 0x2af: 0xc3,
+	0x2b0: 0xc4, 0x2b1: 0xc5, 0x2b2: 0xc6, 0x2b3: 0xc7, 0x2b4: 0xc8, 0x2b5: 0xc2, 0x2b6: 0xc3, 0x2b7: 0xc4,
+	0x2b8: 0xc5, 0x2b9: 0xc6, 0x2ba: 0xc7, 0x2bb: 0xc8, 0x2bc: 0xc2, 0x2bd: 0xc3, 0x2be: 0xc4, 0x2bf: 0xc5,
+	// Block 0xb, offset 0x2c0
+	0x2c0: 0xc6, 0x2c1: 0xc7, 0x2c2: 0xc8, 0x2c3: 0xc2, 0x2c4: 0xc3, 0x2c5: 0xc4, 0x2c6: 0xc5, 0x2c7: 0xc6,
+	0x2c8: 0xc7, 0x2c9: 0xc8, 0x2ca: 0xc2, 0x2cb: 0xc3, 0x2cc: 0xc4, 0x2cd: 0xc5, 0x2ce: 0xc6, 0x2cf: 0xc7,
+	0x2d0: 0xc8, 0x2d1: 0xc2, 0x2d2: 0xc3, 0x2d3: 0xc4, 0x2d4: 0xc5, 0x2d5: 0xc6, 0x2d6: 0xc7, 0x2d7: 0xc8,
+	0x2d8: 0xc2, 0x2d9: 0xc3, 0x2da: 0xc4, 0x2db: 0xc5, 0x2dc: 0xc6, 0x2dd: 0xc7, 0x2de: 0xc9,
+	// Block 0xc, offset 0x300
+	0x324: 0x31, 0x325: 0x32, 0x326: 0x33, 0x327: 0x34,
+	0x328: 0x35, 0x329: 0x36, 0x32a: 0x37, 0x32b: 0x38, 0x32c: 0x39, 0x32d: 0x3a, 0x32e: 0x3b, 0x32f: 0x3c,
+	0x330: 0x3d, 0x331: 0x3e, 0x332: 0x3f, 0x333: 0x40, 0x334: 0x41, 0x335: 0x42, 0x336: 0x43, 0x337: 0x44,
+	0x338: 0x45, 0x339: 0x46, 0x33a: 0x47, 0x33b: 0x48, 0x33c: 0xca, 0x33d: 0x49, 0x33e: 0x4a, 0x33f: 0x4b,
+	// Block 0xd, offset 0x340
+	0x347: 0xcb,
+	0x34b: 0xcc, 0x34d: 0xcd,
+	0x35e: 0x4c,
+	0x368: 0xce, 0x36b: 0xcf,
+	0x374: 0xd0,
+	0x37a: 0xd1, 0x37b: 0xd2, 0x37d: 0xd3, 0x37e: 0xd4,
+	// Block 0xe, offset 0x380
+	0x381: 0xd5, 0x382: 0xd6, 0x384: 0xd7, 0x385: 0xbc, 0x387: 0xd8,
+	0x388: 0xd9, 0x38b: 0xda, 0x38c: 0xdb, 0x38d: 0xdc,
+	0x391: 0xdd, 0x392: 0xde, 0x393: 0xdf, 0x396: 0xe0, 0x397: 0xe1,
+	0x398: 0xe2, 0x39a: 0xe3, 0x39c: 0xe4,
+	0x3a0: 0xe5, 0x3a4: 0xe6, 0x3a5: 0xe7, 0x3a7: 0xe8,
+	0x3a8: 0xe9, 0x3a9: 0xea, 0x3aa: 0xeb,
+	0x3b0: 0xe2, 0x3b5: 0xec, 0x3b6: 0xed,
+	0x3bd: 0xee,
+	// Block 0xf, offset 0x3c0
+	0x3eb: 0xef, 0x3ec: 0xf0,
+	0x3ff: 0xf1,
+	// Block 0x10, offset 0x400
+	0x432: 0xf2,
+	// Block 0x11, offset 0x440
+	0x445: 0xf3, 0x446: 0xf4, 0x447: 0xf5,
+	0x449: 0xf6,
+	0x450: 0xf7, 0x451: 0xf8, 0x452: 0xf9, 0x453: 0xfa, 0x454: 0xfb, 0x455: 0xfc, 0x456: 0xfd, 0x457: 0xfe,
+	0x458: 0xff, 0x459: 0x100, 0x45a: 0x4d, 0x45b: 0x101, 0x45c: 0x102, 0x45d: 0x103, 0x45e: 0x104, 0x45f: 0x4e,
+	// Block 0x12, offset 0x480
+	0x480: 0x4f, 0x481: 0x50, 0x482: 0x105, 0x484: 0xf0,
+	0x48a: 0x106, 0x48b: 0x107,
+	0x493: 0x108,
+	0x4a3: 0x109, 0x4a5: 0x10a,
+	0x4b8: 0x51, 0x4b9: 0x52, 0x4ba: 0x53,
+	// Block 0x13, offset 0x4c0
+	0x4c4: 0x54, 0x4c5: 0x10b, 0x4c6: 0x10c,
+	0x4c8: 0x55, 0x4c9: 0x10d,
+	0x4ef: 0x10e,
+	// Block 0x14, offset 0x500
+	0x520: 0x56, 0x521: 0x57, 0x522: 0x58, 0x523: 0x59, 0x524: 0x5a, 0x525: 0x5b, 0x526: 0x5c, 0x527: 0x5d,
+	0x528: 0x5e,
+	// Block 0x15, offset 0x540
+	0x550: 0x0b, 0x551: 0x0c, 0x556: 0x0d,
+	0x55b: 0x0e, 0x55d: 0x0f, 0x55e: 0x10, 0x55f: 0x11,
+	0x56f: 0x12,
+}
+
+// nfkcSparseOffset: 176 entries, 352 bytes
+var nfkcSparseOffset = []uint16{0x0, 0xe, 0x12, 0x1c, 0x26, 0x36, 0x38, 0x3d, 0x48, 0x57, 0x64, 0x6c, 0x71, 0x76, 0x78, 0x7c, 0x84, 0x8b, 0x8e, 0x96, 0x9a, 0x9e, 0xa0, 0xa2, 0xab, 0xaf, 0xb6, 0xbb, 0xbe, 0xc8, 0xcb, 0xd2, 0xda, 0xde, 0xe0, 0xe4, 0xe8, 0xee, 0xff, 0x10b, 0x10d, 0x113, 0x115, 0x117, 0x119, 0x11b, 0x11d, 0x11f, 0x121, 0x124, 0x127, 0x129, 0x12c, 0x12f, 0x133, 0x139, 0x140, 0x149, 0x14b, 0x14e, 0x150, 0x15b, 0x166, 0x174, 0x182, 0x192, 0x1a0, 0x1a7, 0x1ad, 0x1bc, 0x1c0, 0x1c2, 0x1c6, 0x1c8, 0x1cb, 0x1cd, 0x1d0, 0x1d2, 0x1d5, 0x1d7, 0x1d9, 0x1db, 0x1e7, 0x1f1, 0x1fb, 0x1fe, 0x202, 0x204, 0x206, 0x20b, 0x20e, 0x211, 0x213, 0x215, 0x217, 0x219, 0x21f, 0x222, 0x227, 0x229, 0x230, 0x236, 0x23c, 0x244, 0x24a, 0x250, 0x256, 0x25a, 0x25c, 0x25e, 0x260, 0x262, 0x268, 0x26b, 0x26d, 0x26f, 0x271, 0x277, 0x27b, 0x27f, 0x287, 0x28e, 0x291, 0x294, 0x296, 0x299, 0x2a1, 0x2a5, 0x2ac, 0x2af, 0x2b5, 0x2b7, 0x2b9, 0x2bc, 0x2be, 0x2c1, 0x2c6, 0x2c8, 0x2ca, 0x2cc, 0x2ce, 0x2d0, 0x2d3, 0x2d5, 0x2d7, 0x2d9, 0x2db, 0x2dd, 0x2df, 0x2ec, 0x2f6, 0x2f8, 0x2fa, 0x2fe, 0x303, 0x30f, 0x314, 0x31d, 0x323, 0x328, 0x32c, 0x331, 0x335, 0x345, 0x353, 0x361, 0x36f, 0x371, 0x373, 0x375, 0x379, 0x37b, 0x37e, 0x389, 0x38b, 0x395}
+
+// nfkcSparseValues: 919 entries, 3676 bytes
+var nfkcSparseValues = [919]valueRange{
+	// Block 0x0, offset 0x0
+	{value: 0x0002, lo: 0x0d},
+	{value: 0x0001, lo: 0xa0, hi: 0xa0},
+	{value: 0x43b9, lo: 0xa8, hi: 0xa8},
+	{value: 0x0083, lo: 0xaa, hi: 0xaa},
+	{value: 0x43a5, lo: 0xaf, hi: 0xaf},
+	{value: 0x0025, lo: 0xb2, hi: 0xb3},
+	{value: 0x439b, lo: 0xb4, hi: 0xb4},
+	{value: 0x0260, lo: 0xb5, hi: 0xb5},
+	{value: 0x43d2, lo: 0xb8, hi: 0xb8},
+	{value: 0x0023, lo: 0xb9, hi: 0xb9},
+	{value: 0x009f, lo: 0xba, hi: 0xba},
+	{value: 0x234c, lo: 0xbc, hi: 0xbc},
+	{value: 0x2340, lo: 0xbd, hi: 0xbd},
+	{value: 0x23e2, lo: 0xbe, hi: 0xbe},
+	// Block 0x1, offset 0xe
+	{value: 0x0091, lo: 0x03},
+	{value: 0x4823, lo: 0xa0, hi: 0xa1},
+	{value: 0x4855, lo: 0xaf, hi: 0xb0},
+	{value: 0xa000, lo: 0xb7, hi: 0xb7},
+	// Block 0x2, offset 0x12
+	{value: 0x0004, lo: 0x09},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0x0091, lo: 0xb0, hi: 0xb0},
+	{value: 0x0140, lo: 0xb1, hi: 0xb1},
+	{value: 0x0095, lo: 0xb2, hi: 0xb2},
+	{value: 0x00a5, lo: 0xb3, hi: 0xb3},
+	{value: 0x0179, lo: 0xb4, hi: 0xb4},
+	{value: 0x017f, lo: 0xb5, hi: 0xb5},
+	{value: 0x018b, lo: 0xb6, hi: 0xb6},
+	{value: 0x00af, lo: 0xb7, hi: 0xb8},
+	// Block 0x3, offset 0x1c
+	{value: 0x000a, lo: 0x09},
+	{value: 0x43af, lo: 0x98, hi: 0x98},
+	{value: 0x43b4, lo: 0x99, hi: 0x9a},
+	{value: 0x43d7, lo: 0x9b, hi: 0x9b},
+	{value: 0x43a0, lo: 0x9c, hi: 0x9c},
+	{value: 0x43c3, lo: 0x9d, hi: 0x9d},
+	{value: 0x0137, lo: 0xa0, hi: 0xa0},
+	{value: 0x0099, lo: 0xa1, hi: 0xa1},
+	{value: 0x00a7, lo: 0xa2, hi: 0xa3},
+	{value: 0x01b8, lo: 0xa4, hi: 0xa4},
+	// Block 0x4, offset 0x26
+	{value: 0x0000, lo: 0x0f},
+	{value: 0xa000, lo: 0x83, hi: 0x83},
+	{value: 0xa000, lo: 0x87, hi: 0x87},
+	{value: 0xa000, lo: 0x8b, hi: 0x8b},
+	{value: 0xa000, lo: 0x8d, hi: 0x8d},
+	{value: 0x38e6, lo: 0x90, hi: 0x90},
+	{value: 0x38f2, lo: 0x91, hi: 0x91},
+	{value: 0x38e0, lo: 0x93, hi: 0x93},
+	{value: 0xa000, lo: 0x96, hi: 0x96},
+	{value: 0x3958, lo: 0x97, hi: 0x97},
+	{value: 0x3922, lo: 0x9c, hi: 0x9c},
+	{value: 0x390a, lo: 0x9d, hi: 0x9d},
+	{value: 0x3934, lo: 0x9e, hi: 0x9e},
+	{value: 0xa000, lo: 0xb4, hi: 0xb5},
+	{value: 0x395e, lo: 0xb6, hi: 0xb6},
+	{value: 0x3964, lo: 0xb7, hi: 0xb7},
+	// Block 0x5, offset 0x36
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0x83, hi: 0x87},
+	// Block 0x6, offset 0x38
+	{value: 0x0001, lo: 0x04},
+	{value: 0x8114, lo: 0x81, hi: 0x82},
+	{value: 0x8133, lo: 0x84, hi: 0x84},
+	{value: 0x812e, lo: 0x85, hi: 0x85},
+	{value: 0x810e, lo: 0x87, hi: 0x87},
+	// Block 0x7, offset 0x3d
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x8133, lo: 0x90, hi: 0x97},
+	{value: 0x811a, lo: 0x98, hi: 0x98},
+	{value: 0x811b, lo: 0x99, hi: 0x99},
+	{value: 0x811c, lo: 0x9a, hi: 0x9a},
+	{value: 0x3982, lo: 0xa2, hi: 0xa2},
+	{value: 0x3988, lo: 0xa3, hi: 0xa3},
+	{value: 0x3994, lo: 0xa4, hi: 0xa4},
+	{value: 0x398e, lo: 0xa5, hi: 0xa5},
+	{value: 0x399a, lo: 0xa6, hi: 0xa6},
+	{value: 0xa000, lo: 0xa7, hi: 0xa7},
+	// Block 0x8, offset 0x48
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x39ac, lo: 0x80, hi: 0x80},
+	{value: 0xa000, lo: 0x81, hi: 0x81},
+	{value: 0x39a0, lo: 0x82, hi: 0x82},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0x39a6, lo: 0x93, hi: 0x93},
+	{value: 0xa000, lo: 0x95, hi: 0x95},
+	{value: 0x8133, lo: 0x96, hi: 0x9c},
+	{value: 0x8133, lo: 0x9f, hi: 0xa2},
+	{value: 0x812e, lo: 0xa3, hi: 0xa3},
+	{value: 0x8133, lo: 0xa4, hi: 0xa4},
+	{value: 0x8133, lo: 0xa7, hi: 0xa8},
+	{value: 0x812e, lo: 0xaa, hi: 0xaa},
+	{value: 0x8133, lo: 0xab, hi: 0xac},
+	{value: 0x812e, lo: 0xad, hi: 0xad},
+	// Block 0x9, offset 0x57
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x8120, lo: 0x91, hi: 0x91},
+	{value: 0x8133, lo: 0xb0, hi: 0xb0},
+	{value: 0x812e, lo: 0xb1, hi: 0xb1},
+	{value: 0x8133, lo: 0xb2, hi: 0xb3},
+	{value: 0x812e, lo: 0xb4, hi: 0xb4},
+	{value: 0x8133, lo: 0xb5, hi: 0xb6},
+	{value: 0x812e, lo: 0xb7, hi: 0xb9},
+	{value: 0x8133, lo: 0xba, hi: 0xba},
+	{value: 0x812e, lo: 0xbb, hi: 0xbc},
+	{value: 0x8133, lo: 0xbd, hi: 0xbd},
+	{value: 0x812e, lo: 0xbe, hi: 0xbe},
+	{value: 0x8133, lo: 0xbf, hi: 0xbf},
+	// Block 0xa, offset 0x64
+	{value: 0x0005, lo: 0x07},
+	{value: 0x8133, lo: 0x80, hi: 0x80},
+	{value: 0x8133, lo: 0x81, hi: 0x81},
+	{value: 0x812e, lo: 0x82, hi: 0x83},
+	{value: 0x812e, lo: 0x84, hi: 0x85},
+	{value: 0x812e, lo: 0x86, hi: 0x87},
+	{value: 0x812e, lo: 0x88, hi: 0x89},
+	{value: 0x8133, lo: 0x8a, hi: 0x8a},
+	// Block 0xb, offset 0x6c
+	{value: 0x0000, lo: 0x04},
+	{value: 0x8133, lo: 0xab, hi: 0xb1},
+	{value: 0x812e, lo: 0xb2, hi: 0xb2},
+	{value: 0x8133, lo: 0xb3, hi: 0xb3},
+	{value: 0x812e, lo: 0xbd, hi: 0xbd},
+	// Block 0xc, offset 0x71
+	{value: 0x0000, lo: 0x04},
+	{value: 0x8133, lo: 0x96, hi: 0x99},
+	{value: 0x8133, lo: 0x9b, hi: 0xa3},
+	{value: 0x8133, lo: 0xa5, hi: 0xa7},
+	{value: 0x8133, lo: 0xa9, hi: 0xad},
+	// Block 0xd, offset 0x76
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0x99, hi: 0x9b},
+	// Block 0xe, offset 0x78
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8133, lo: 0x98, hi: 0x98},
+	{value: 0x812e, lo: 0x99, hi: 0x9b},
+	{value: 0x8133, lo: 0x9c, hi: 0x9f},
+	// Block 0xf, offset 0x7c
+	{value: 0x0000, lo: 0x07},
+	{value: 0xa000, lo: 0xa8, hi: 0xa8},
+	{value: 0x4019, lo: 0xa9, hi: 0xa9},
+	{value: 0xa000, lo: 0xb0, hi: 0xb0},
+	{value: 0x4021, lo: 0xb1, hi: 0xb1},
+	{value: 0xa000, lo: 0xb3, hi: 0xb3},
+	{value: 0x4029, lo: 0xb4, hi: 0xb4},
+	{value: 0x9903, lo: 0xbc, hi: 0xbc},
+	// Block 0x10, offset 0x84
+	{value: 0x0008, lo: 0x06},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x8133, lo: 0x91, hi: 0x91},
+	{value: 0x812e, lo: 0x92, hi: 0x92},
+	{value: 0x8133, lo: 0x93, hi: 0x93},
+	{value: 0x8133, lo: 0x94, hi: 0x94},
+	{value: 0x465d, lo: 0x98, hi: 0x9f},
+	// Block 0x11, offset 0x8b
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0xbc, hi: 0xbc},
+	{value: 0x9900, lo: 0xbe, hi: 0xbe},
+	// Block 0x12, offset 0x8e
+	{value: 0x0008, lo: 0x07},
+	{value: 0xa000, lo: 0x87, hi: 0x87},
+	{value: 0x2dd5, lo: 0x8b, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x97, hi: 0x97},
+	{value: 0x469d, lo: 0x9c, hi: 0x9d},
+	{value: 0x46ad, lo: 0x9f, hi: 0x9f},
+	{value: 0x8133, lo: 0xbe, hi: 0xbe},
+	// Block 0x13, offset 0x96
+	{value: 0x0000, lo: 0x03},
+	{value: 0x46d5, lo: 0xb3, hi: 0xb3},
+	{value: 0x46dd, lo: 0xb6, hi: 0xb6},
+	{value: 0x8103, lo: 0xbc, hi: 0xbc},
+	// Block 0x14, offset 0x9a
+	{value: 0x0008, lo: 0x03},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x46b5, lo: 0x99, hi: 0x9b},
+	{value: 0x46cd, lo: 0x9e, hi: 0x9e},
+	// Block 0x15, offset 0x9e
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0xbc, hi: 0xbc},
+	// Block 0x16, offset 0xa0
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	// Block 0x17, offset 0xa2
+	{value: 0x0000, lo: 0x08},
+	{value: 0xa000, lo: 0x87, hi: 0x87},
+	{value: 0x2ded, lo: 0x88, hi: 0x88},
+	{value: 0x2de5, lo: 0x8b, hi: 0x8b},
+	{value: 0x2df5, lo: 0x8c, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x96, hi: 0x97},
+	{value: 0x46e5, lo: 0x9c, hi: 0x9c},
+	{value: 0x46ed, lo: 0x9d, hi: 0x9d},
+	// Block 0x18, offset 0xab
+	{value: 0x0000, lo: 0x03},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0x2dfd, lo: 0x94, hi: 0x94},
+	{value: 0x9900, lo: 0xbe, hi: 0xbe},
+	// Block 0x19, offset 0xaf
+	{value: 0x0000, lo: 0x06},
+	{value: 0xa000, lo: 0x86, hi: 0x87},
+	{value: 0x2e05, lo: 0x8a, hi: 0x8a},
+	{value: 0x2e15, lo: 0x8b, hi: 0x8b},
+	{value: 0x2e0d, lo: 0x8c, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x97, hi: 0x97},
+	// Block 0x1a, offset 0xb6
+	{value: 0x1801, lo: 0x04},
+	{value: 0xa000, lo: 0x86, hi: 0x86},
+	{value: 0x4031, lo: 0x88, hi: 0x88},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x8121, lo: 0x95, hi: 0x96},
+	// Block 0x1b, offset 0xbb
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0xbc, hi: 0xbc},
+	{value: 0xa000, lo: 0xbf, hi: 0xbf},
+	// Block 0x1c, offset 0xbe
+	{value: 0x0000, lo: 0x09},
+	{value: 0x2e1d, lo: 0x80, hi: 0x80},
+	{value: 0x9900, lo: 0x82, hi: 0x82},
+	{value: 0xa000, lo: 0x86, hi: 0x86},
+	{value: 0x2e25, lo: 0x87, hi: 0x87},
+	{value: 0x2e2d, lo: 0x88, hi: 0x88},
+	{value: 0x3091, lo: 0x8a, hi: 0x8a},
+	{value: 0x2f19, lo: 0x8b, hi: 0x8b},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x95, hi: 0x96},
+	// Block 0x1d, offset 0xc8
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0xbb, hi: 0xbc},
+	{value: 0x9900, lo: 0xbe, hi: 0xbe},
+	// Block 0x1e, offset 0xcb
+	{value: 0x0000, lo: 0x06},
+	{value: 0xa000, lo: 0x86, hi: 0x87},
+	{value: 0x2e35, lo: 0x8a, hi: 0x8a},
+	{value: 0x2e45, lo: 0x8b, hi: 0x8b},
+	{value: 0x2e3d, lo: 0x8c, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x97, hi: 0x97},
+	// Block 0x1f, offset 0xd2
+	{value: 0x6ab3, lo: 0x07},
+	{value: 0x9905, lo: 0x8a, hi: 0x8a},
+	{value: 0x9900, lo: 0x8f, hi: 0x8f},
+	{value: 0xa000, lo: 0x99, hi: 0x99},
+	{value: 0x4039, lo: 0x9a, hi: 0x9a},
+	{value: 0x3099, lo: 0x9c, hi: 0x9c},
+	{value: 0x2f24, lo: 0x9d, hi: 0x9d},
+	{value: 0x2e4d, lo: 0x9e, hi: 0x9f},
+	// Block 0x20, offset 0xda
+	{value: 0x0000, lo: 0x03},
+	{value: 0x2751, lo: 0xb3, hi: 0xb3},
+	{value: 0x8123, lo: 0xb8, hi: 0xb9},
+	{value: 0x8105, lo: 0xba, hi: 0xba},
+	// Block 0x21, offset 0xde
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8124, lo: 0x88, hi: 0x8b},
+	// Block 0x22, offset 0xe0
+	{value: 0x0000, lo: 0x03},
+	{value: 0x2766, lo: 0xb3, hi: 0xb3},
+	{value: 0x8125, lo: 0xb8, hi: 0xb9},
+	{value: 0x8105, lo: 0xba, hi: 0xba},
+	// Block 0x23, offset 0xe4
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8126, lo: 0x88, hi: 0x8b},
+	{value: 0x2758, lo: 0x9c, hi: 0x9c},
+	{value: 0x275f, lo: 0x9d, hi: 0x9d},
+	// Block 0x24, offset 0xe8
+	{value: 0x0000, lo: 0x05},
+	{value: 0x03fe, lo: 0x8c, hi: 0x8c},
+	{value: 0x812e, lo: 0x98, hi: 0x99},
+	{value: 0x812e, lo: 0xb5, hi: 0xb5},
+	{value: 0x812e, lo: 0xb7, hi: 0xb7},
+	{value: 0x812c, lo: 0xb9, hi: 0xb9},
+	// Block 0x25, offset 0xee
+	{value: 0x0000, lo: 0x10},
+	{value: 0x2774, lo: 0x83, hi: 0x83},
+	{value: 0x277b, lo: 0x8d, hi: 0x8d},
+	{value: 0x2782, lo: 0x92, hi: 0x92},
+	{value: 0x2789, lo: 0x97, hi: 0x97},
+	{value: 0x2790, lo: 0x9c, hi: 0x9c},
+	{value: 0x276d, lo: 0xa9, hi: 0xa9},
+	{value: 0x8127, lo: 0xb1, hi: 0xb1},
+	{value: 0x8128, lo: 0xb2, hi: 0xb2},
+	{value: 0x4bc5, lo: 0xb3, hi: 0xb3},
+	{value: 0x8129, lo: 0xb4, hi: 0xb4},
+	{value: 0x4bce, lo: 0xb5, hi: 0xb5},
+	{value: 0x46f5, lo: 0xb6, hi: 0xb6},
+	{value: 0x4735, lo: 0xb7, hi: 0xb7},
+	{value: 0x46fd, lo: 0xb8, hi: 0xb8},
+	{value: 0x4740, lo: 0xb9, hi: 0xb9},
+	{value: 0x8128, lo: 0xba, hi: 0xbd},
+	// Block 0x26, offset 0xff
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x8128, lo: 0x80, hi: 0x80},
+	{value: 0x4bd7, lo: 0x81, hi: 0x81},
+	{value: 0x8133, lo: 0x82, hi: 0x83},
+	{value: 0x8105, lo: 0x84, hi: 0x84},
+	{value: 0x8133, lo: 0x86, hi: 0x87},
+	{value: 0x279e, lo: 0x93, hi: 0x93},
+	{value: 0x27a5, lo: 0x9d, hi: 0x9d},
+	{value: 0x27ac, lo: 0xa2, hi: 0xa2},
+	{value: 0x27b3, lo: 0xa7, hi: 0xa7},
+	{value: 0x27ba, lo: 0xac, hi: 0xac},
+	{value: 0x2797, lo: 0xb9, hi: 0xb9},
+	// Block 0x27, offset 0x10b
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0x86, hi: 0x86},
+	// Block 0x28, offset 0x10d
+	{value: 0x0000, lo: 0x05},
+	{value: 0xa000, lo: 0xa5, hi: 0xa5},
+	{value: 0x2e55, lo: 0xa6, hi: 0xa6},
+	{value: 0x9900, lo: 0xae, hi: 0xae},
+	{value: 0x8103, lo: 0xb7, hi: 0xb7},
+	{value: 0x8105, lo: 0xb9, hi: 0xba},
+	// Block 0x29, offset 0x113
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0x8d, hi: 0x8d},
+	// Block 0x2a, offset 0x115
+	{value: 0x0000, lo: 0x01},
+	{value: 0x0402, lo: 0xbc, hi: 0xbc},
+	// Block 0x2b, offset 0x117
+	{value: 0x0000, lo: 0x01},
+	{value: 0xa000, lo: 0x80, hi: 0x92},
+	// Block 0x2c, offset 0x119
+	{value: 0x0000, lo: 0x01},
+	{value: 0xb900, lo: 0xa1, hi: 0xb5},
+	// Block 0x2d, offset 0x11b
+	{value: 0x0000, lo: 0x01},
+	{value: 0x9900, lo: 0xa8, hi: 0xbf},
+	// Block 0x2e, offset 0x11d
+	{value: 0x0000, lo: 0x01},
+	{value: 0x9900, lo: 0x80, hi: 0x82},
+	// Block 0x2f, offset 0x11f
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0x9d, hi: 0x9f},
+	// Block 0x30, offset 0x121
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x94, hi: 0x95},
+	{value: 0x8105, lo: 0xb4, hi: 0xb4},
+	// Block 0x31, offset 0x124
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x92, hi: 0x92},
+	{value: 0x8133, lo: 0x9d, hi: 0x9d},
+	// Block 0x32, offset 0x127
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8132, lo: 0xa9, hi: 0xa9},
+	// Block 0x33, offset 0x129
+	{value: 0x0004, lo: 0x02},
+	{value: 0x812f, lo: 0xb9, hi: 0xba},
+	{value: 0x812e, lo: 0xbb, hi: 0xbb},
+	// Block 0x34, offset 0x12c
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0x97, hi: 0x97},
+	{value: 0x812e, lo: 0x98, hi: 0x98},
+	// Block 0x35, offset 0x12f
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8105, lo: 0xa0, hi: 0xa0},
+	{value: 0x8133, lo: 0xb5, hi: 0xbc},
+	{value: 0x812e, lo: 0xbf, hi: 0xbf},
+	// Block 0x36, offset 0x133
+	{value: 0x0000, lo: 0x05},
+	{value: 0x8133, lo: 0xb0, hi: 0xb4},
+	{value: 0x812e, lo: 0xb5, hi: 0xba},
+	{value: 0x8133, lo: 0xbb, hi: 0xbc},
+	{value: 0x812e, lo: 0xbd, hi: 0xbd},
+	{value: 0x812e, lo: 0xbf, hi: 0xbf},
+	// Block 0x37, offset 0x139
+	{value: 0x0000, lo: 0x06},
+	{value: 0x812e, lo: 0x80, hi: 0x80},
+	{value: 0x8133, lo: 0x81, hi: 0x82},
+	{value: 0x812e, lo: 0x83, hi: 0x84},
+	{value: 0x8133, lo: 0x85, hi: 0x89},
+	{value: 0x812e, lo: 0x8a, hi: 0x8a},
+	{value: 0x8133, lo: 0x8b, hi: 0x8e},
+	// Block 0x38, offset 0x140
+	{value: 0x0000, lo: 0x08},
+	{value: 0x2e9d, lo: 0x80, hi: 0x80},
+	{value: 0x2ea5, lo: 0x81, hi: 0x81},
+	{value: 0xa000, lo: 0x82, hi: 0x82},
+	{value: 0x2ead, lo: 0x83, hi: 0x83},
+	{value: 0x8105, lo: 0x84, hi: 0x84},
+	{value: 0x8133, lo: 0xab, hi: 0xab},
+	{value: 0x812e, lo: 0xac, hi: 0xac},
+	{value: 0x8133, lo: 0xad, hi: 0xb3},
+	// Block 0x39, offset 0x149
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xaa, hi: 0xab},
+	// Block 0x3a, offset 0x14b
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0xa6, hi: 0xa6},
+	{value: 0x8105, lo: 0xb2, hi: 0xb3},
+	// Block 0x3b, offset 0x14e
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0xb7, hi: 0xb7},
+	// Block 0x3c, offset 0x150
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x8133, lo: 0x90, hi: 0x92},
+	{value: 0x8101, lo: 0x94, hi: 0x94},
+	{value: 0x812e, lo: 0x95, hi: 0x99},
+	{value: 0x8133, lo: 0x9a, hi: 0x9b},
+	{value: 0x812e, lo: 0x9c, hi: 0x9f},
+	{value: 0x8133, lo: 0xa0, hi: 0xa0},
+	{value: 0x8101, lo: 0xa2, hi: 0xa8},
+	{value: 0x812e, lo: 0xad, hi: 0xad},
+	{value: 0x8133, lo: 0xb4, hi: 0xb4},
+	{value: 0x8133, lo: 0xb8, hi: 0xb9},
+	// Block 0x3d, offset 0x15b
+	{value: 0x0002, lo: 0x0a},
+	{value: 0x0043, lo: 0xac, hi: 0xac},
+	{value: 0x00d1, lo: 0xad, hi: 0xad},
+	{value: 0x0045, lo: 0xae, hi: 0xae},
+	{value: 0x0049, lo: 0xb0, hi: 0xb1},
+	{value: 0x00ec, lo: 0xb2, hi: 0xb2},
+	{value: 0x004f, lo: 0xb3, hi: 0xba},
+	{value: 0x005f, lo: 0xbc, hi: 0xbc},
+	{value: 0x00fe, lo: 0xbd, hi: 0xbd},
+	{value: 0x0061, lo: 0xbe, hi: 0xbe},
+	{value: 0x0065, lo: 0xbf, hi: 0xbf},
+	// Block 0x3e, offset 0x166
+	{value: 0x0000, lo: 0x0d},
+	{value: 0x0001, lo: 0x80, hi: 0x8a},
+	{value: 0x0532, lo: 0x91, hi: 0x91},
+	{value: 0x43dc, lo: 0x97, hi: 0x97},
+	{value: 0x001d, lo: 0xa4, hi: 0xa4},
+	{value: 0x19a0, lo: 0xa5, hi: 0xa5},
+	{value: 0x1c8c, lo: 0xa6, hi: 0xa6},
+	{value: 0x0001, lo: 0xaf, hi: 0xaf},
+	{value: 0x27c1, lo: 0xb3, hi: 0xb3},
+	{value: 0x2935, lo: 0xb4, hi: 0xb4},
+	{value: 0x27c8, lo: 0xb6, hi: 0xb6},
+	{value: 0x293f, lo: 0xb7, hi: 0xb7},
+	{value: 0x199a, lo: 0xbc, hi: 0xbc},
+	{value: 0x43aa, lo: 0xbe, hi: 0xbe},
+	// Block 0x3f, offset 0x174
+	{value: 0x0002, lo: 0x0d},
+	{value: 0x1a60, lo: 0x87, hi: 0x87},
+	{value: 0x1a5d, lo: 0x88, hi: 0x88},
+	{value: 0x199d, lo: 0x89, hi: 0x89},
+	{value: 0x2ac5, lo: 0x97, hi: 0x97},
+	{value: 0x0001, lo: 0x9f, hi: 0x9f},
+	{value: 0x0021, lo: 0xb0, hi: 0xb0},
+	{value: 0x0093, lo: 0xb1, hi: 0xb1},
+	{value: 0x0029, lo: 0xb4, hi: 0xb9},
+	{value: 0x0017, lo: 0xba, hi: 0xba},
+	{value: 0x055e, lo: 0xbb, hi: 0xbb},
+	{value: 0x003b, lo: 0xbc, hi: 0xbc},
+	{value: 0x0011, lo: 0xbd, hi: 0xbe},
+	{value: 0x009d, lo: 0xbf, hi: 0xbf},
+	// Block 0x40, offset 0x182
+	{value: 0x0002, lo: 0x0f},
+	{value: 0x0021, lo: 0x80, hi: 0x89},
+	{value: 0x0017, lo: 0x8a, hi: 0x8a},
+	{value: 0x055e, lo: 0x8b, hi: 0x8b},
+	{value: 0x003b, lo: 0x8c, hi: 0x8c},
+	{value: 0x0011, lo: 0x8d, hi: 0x8e},
+	{value: 0x0083, lo: 0x90, hi: 0x90},
+	{value: 0x008b, lo: 0x91, hi: 0x91},
+	{value: 0x009f, lo: 0x92, hi: 0x92},
+	{value: 0x00b1, lo: 0x93, hi: 0x93},
+	{value: 0x011f, lo: 0x94, hi: 0x94},
+	{value: 0x0091, lo: 0x95, hi: 0x95},
+	{value: 0x0097, lo: 0x96, hi: 0x99},
+	{value: 0x00a1, lo: 0x9a, hi: 0x9a},
+	{value: 0x00a7, lo: 0x9b, hi: 0x9c},
+	{value: 0x1ac9, lo: 0xa8, hi: 0xa8},
+	// Block 0x41, offset 0x192
+	{value: 0x0000, lo: 0x0d},
+	{value: 0x8133, lo: 0x90, hi: 0x91},
+	{value: 0x8101, lo: 0x92, hi: 0x93},
+	{value: 0x8133, lo: 0x94, hi: 0x97},
+	{value: 0x8101, lo: 0x98, hi: 0x9a},
+	{value: 0x8133, lo: 0x9b, hi: 0x9c},
+	{value: 0x8133, lo: 0xa1, hi: 0xa1},
+	{value: 0x8101, lo: 0xa5, hi: 0xa6},
+	{value: 0x8133, lo: 0xa7, hi: 0xa7},
+	{value: 0x812e, lo: 0xa8, hi: 0xa8},
+	{value: 0x8133, lo: 0xa9, hi: 0xa9},
+	{value: 0x8101, lo: 0xaa, hi: 0xab},
+	{value: 0x812e, lo: 0xac, hi: 0xaf},
+	{value: 0x8133, lo: 0xb0, hi: 0xb0},
+	// Block 0x42, offset 0x1a0
+	{value: 0x0007, lo: 0x06},
+	{value: 0x22b0, lo: 0x89, hi: 0x89},
+	{value: 0xa000, lo: 0x90, hi: 0x90},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0xa000, lo: 0x94, hi: 0x94},
+	{value: 0x3cfa, lo: 0x9a, hi: 0x9b},
+	{value: 0x3d08, lo: 0xae, hi: 0xae},
+	// Block 0x43, offset 0x1a7
+	{value: 0x000e, lo: 0x05},
+	{value: 0x3d0f, lo: 0x8d, hi: 0x8e},
+	{value: 0x3d16, lo: 0x8f, hi: 0x8f},
+	{value: 0xa000, lo: 0x90, hi: 0x90},
+	{value: 0xa000, lo: 0x92, hi: 0x92},
+	{value: 0xa000, lo: 0x94, hi: 0x94},
+	// Block 0x44, offset 0x1ad
+	{value: 0x017a, lo: 0x0e},
+	{value: 0xa000, lo: 0x83, hi: 0x83},
+	{value: 0x3d24, lo: 0x84, hi: 0x84},
+	{value: 0xa000, lo: 0x88, hi: 0x88},
+	{value: 0x3d2b, lo: 0x89, hi: 0x89},
+	{value: 0xa000, lo: 0x8b, hi: 0x8b},
+	{value: 0x3d32, lo: 0x8c, hi: 0x8c},
+	{value: 0xa000, lo: 0xa3, hi: 0xa3},
+	{value: 0x3d39, lo: 0xa4, hi: 0xa4},
+	{value: 0xa000, lo: 0xa5, hi: 0xa5},
+	{value: 0x3d40, lo: 0xa6, hi: 0xa6},
+	{value: 0x27cf, lo: 0xac, hi: 0xad},
+	{value: 0x27d6, lo: 0xaf, hi: 0xaf},
+	{value: 0x2953, lo: 0xb0, hi: 0xb0},
+	{value: 0xa000, lo: 0xbc, hi: 0xbc},
+	// Block 0x45, offset 0x1bc
+	{value: 0x0007, lo: 0x03},
+	{value: 0x3da9, lo: 0xa0, hi: 0xa1},
+	{value: 0x3dd3, lo: 0xa2, hi: 0xa3},
+	{value: 0x3dfd, lo: 0xaa, hi: 0xad},
+	// Block 0x46, offset 0x1c0
+	{value: 0x0004, lo: 0x01},
+	{value: 0x0586, lo: 0xa9, hi: 0xaa},
+	// Block 0x47, offset 0x1c2
+	{value: 0x0002, lo: 0x03},
+	{value: 0x0057, lo: 0x80, hi: 0x8f},
+	{value: 0x0083, lo: 0x90, hi: 0xa9},
+	{value: 0x0021, lo: 0xaa, hi: 0xaa},
+	// Block 0x48, offset 0x1c6
+	{value: 0x0000, lo: 0x01},
+	{value: 0x2ad2, lo: 0x8c, hi: 0x8c},
+	// Block 0x49, offset 0x1c8
+	{value: 0x0266, lo: 0x02},
+	{value: 0x1cbc, lo: 0xb4, hi: 0xb4},
+	{value: 0x1a5a, lo: 0xb5, hi: 0xb6},
+	// Block 0x4a, offset 0x1cb
+	{value: 0x0000, lo: 0x01},
+	{value: 0x461e, lo: 0x9c, hi: 0x9c},
+	// Block 0x4b, offset 0x1cd
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0095, lo: 0xbc, hi: 0xbc},
+	{value: 0x006d, lo: 0xbd, hi: 0xbd},
+	// Block 0x4c, offset 0x1d0
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xaf, hi: 0xb1},
+	// Block 0x4d, offset 0x1d2
+	{value: 0x0000, lo: 0x02},
+	{value: 0x057a, lo: 0xaf, hi: 0xaf},
+	{value: 0x8105, lo: 0xbf, hi: 0xbf},
+	// Block 0x4e, offset 0x1d5
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xa0, hi: 0xbf},
+	// Block 0x4f, offset 0x1d7
+	{value: 0x0000, lo: 0x01},
+	{value: 0x0ebe, lo: 0x9f, hi: 0x9f},
+	// Block 0x50, offset 0x1d9
+	{value: 0x0000, lo: 0x01},
+	{value: 0x172a, lo: 0xb3, hi: 0xb3},
+	// Block 0x51, offset 0x1db
+	{value: 0x0004, lo: 0x0b},
+	{value: 0x1692, lo: 0x80, hi: 0x82},
+	{value: 0x16aa, lo: 0x83, hi: 0x83},
+	{value: 0x16c2, lo: 0x84, hi: 0x85},
+	{value: 0x16d2, lo: 0x86, hi: 0x89},
+	{value: 0x16e6, lo: 0x8a, hi: 0x8c},
+	{value: 0x16fa, lo: 0x8d, hi: 0x8d},
+	{value: 0x1702, lo: 0x8e, hi: 0x8e},
+	{value: 0x170a, lo: 0x8f, hi: 0x90},
+	{value: 0x1716, lo: 0x91, hi: 0x93},
+	{value: 0x1726, lo: 0x94, hi: 0x94},
+	{value: 0x172e, lo: 0x95, hi: 0x95},
+	// Block 0x52, offset 0x1e7
+	{value: 0x0004, lo: 0x09},
+	{value: 0x0001, lo: 0x80, hi: 0x80},
+	{value: 0x812d, lo: 0xaa, hi: 0xaa},
+	{value: 0x8132, lo: 0xab, hi: 0xab},
+	{value: 0x8134, lo: 0xac, hi: 0xac},
+	{value: 0x812f, lo: 0xad, hi: 0xad},
+	{value: 0x8130, lo: 0xae, hi: 0xae},
+	{value: 0x8130, lo: 0xaf, hi: 0xaf},
+	{value: 0x05ae, lo: 0xb6, hi: 0xb6},
+	{value: 0x0982, lo: 0xb8, hi: 0xba},
+	// Block 0x53, offset 0x1f1
+	{value: 0x0006, lo: 0x09},
+	{value: 0x0406, lo: 0xb1, hi: 0xb1},
+	{value: 0x040a, lo: 0xb2, hi: 0xb2},
+	{value: 0x4b7c, lo: 0xb3, hi: 0xb3},
+	{value: 0x040e, lo: 0xb4, hi: 0xb4},
+	{value: 0x4b82, lo: 0xb5, hi: 0xb6},
+	{value: 0x0412, lo: 0xb7, hi: 0xb7},
+	{value: 0x0416, lo: 0xb8, hi: 0xb8},
+	{value: 0x041a, lo: 0xb9, hi: 0xb9},
+	{value: 0x4b8e, lo: 0xba, hi: 0xbf},
+	// Block 0x54, offset 0x1fb
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0xaf, hi: 0xaf},
+	{value: 0x8133, lo: 0xb4, hi: 0xbd},
+	// Block 0x55, offset 0x1fe
+	{value: 0x0000, lo: 0x03},
+	{value: 0x02d8, lo: 0x9c, hi: 0x9c},
+	{value: 0x02de, lo: 0x9d, hi: 0x9d},
+	{value: 0x8133, lo: 0x9e, hi: 0x9f},
+	// Block 0x56, offset 0x202
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xb0, hi: 0xb1},
+	// Block 0x57, offset 0x204
+	{value: 0x0000, lo: 0x01},
+	{value: 0x173e, lo: 0xb0, hi: 0xb0},
+	// Block 0x58, offset 0x206
+	{value: 0x0006, lo: 0x04},
+	{value: 0x0047, lo: 0xb2, hi: 0xb3},
+	{value: 0x0063, lo: 0xb4, hi: 0xb4},
+	{value: 0x00dd, lo: 0xb8, hi: 0xb8},
+	{value: 0x00e9, lo: 0xb9, hi: 0xb9},
+	// Block 0x59, offset 0x20b
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x86, hi: 0x86},
+	{value: 0x8105, lo: 0xac, hi: 0xac},
+	// Block 0x5a, offset 0x20e
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x84, hi: 0x84},
+	{value: 0x8133, lo: 0xa0, hi: 0xb1},
+	// Block 0x5b, offset 0x211
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0xab, hi: 0xad},
+	// Block 0x5c, offset 0x213
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x93, hi: 0x93},
+	// Block 0x5d, offset 0x215
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0xb3, hi: 0xb3},
+	// Block 0x5e, offset 0x217
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x80, hi: 0x80},
+	// Block 0x5f, offset 0x219
+	{value: 0x0000, lo: 0x05},
+	{value: 0x8133, lo: 0xb0, hi: 0xb0},
+	{value: 0x8133, lo: 0xb2, hi: 0xb3},
+	{value: 0x812e, lo: 0xb4, hi: 0xb4},
+	{value: 0x8133, lo: 0xb7, hi: 0xb8},
+	{value: 0x8133, lo: 0xbe, hi: 0xbf},
+	// Block 0x60, offset 0x21f
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0x81, hi: 0x81},
+	{value: 0x8105, lo: 0xb6, hi: 0xb6},
+	// Block 0x61, offset 0x222
+	{value: 0x000c, lo: 0x04},
+	{value: 0x173a, lo: 0x9c, hi: 0x9d},
+	{value: 0x014f, lo: 0x9e, hi: 0x9e},
+	{value: 0x174a, lo: 0x9f, hi: 0x9f},
+	{value: 0x01a6, lo: 0xa9, hi: 0xa9},
+	// Block 0x62, offset 0x227
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xad, hi: 0xad},
+	// Block 0x63, offset 0x229
+	{value: 0x0000, lo: 0x06},
+	{value: 0xe500, lo: 0x80, hi: 0x80},
+	{value: 0xc600, lo: 0x81, hi: 0x9b},
+	{value: 0xe500, lo: 0x9c, hi: 0x9c},
+	{value: 0xc600, lo: 0x9d, hi: 0xb7},
+	{value: 0xe500, lo: 0xb8, hi: 0xb8},
+	{value: 0xc600, lo: 0xb9, hi: 0xbf},
+	// Block 0x64, offset 0x230
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x93},
+	{value: 0xe500, lo: 0x94, hi: 0x94},
+	{value: 0xc600, lo: 0x95, hi: 0xaf},
+	{value: 0xe500, lo: 0xb0, hi: 0xb0},
+	{value: 0xc600, lo: 0xb1, hi: 0xbf},
+	// Block 0x65, offset 0x236
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x8b},
+	{value: 0xe500, lo: 0x8c, hi: 0x8c},
+	{value: 0xc600, lo: 0x8d, hi: 0xa7},
+	{value: 0xe500, lo: 0xa8, hi: 0xa8},
+	{value: 0xc600, lo: 0xa9, hi: 0xbf},
+	// Block 0x66, offset 0x23c
+	{value: 0x0000, lo: 0x07},
+	{value: 0xc600, lo: 0x80, hi: 0x83},
+	{value: 0xe500, lo: 0x84, hi: 0x84},
+	{value: 0xc600, lo: 0x85, hi: 0x9f},
+	{value: 0xe500, lo: 0xa0, hi: 0xa0},
+	{value: 0xc600, lo: 0xa1, hi: 0xbb},
+	{value: 0xe500, lo: 0xbc, hi: 0xbc},
+	{value: 0xc600, lo: 0xbd, hi: 0xbf},
+	// Block 0x67, offset 0x244
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x97},
+	{value: 0xe500, lo: 0x98, hi: 0x98},
+	{value: 0xc600, lo: 0x99, hi: 0xb3},
+	{value: 0xe500, lo: 0xb4, hi: 0xb4},
+	{value: 0xc600, lo: 0xb5, hi: 0xbf},
+	// Block 0x68, offset 0x24a
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x8f},
+	{value: 0xe500, lo: 0x90, hi: 0x90},
+	{value: 0xc600, lo: 0x91, hi: 0xab},
+	{value: 0xe500, lo: 0xac, hi: 0xac},
+	{value: 0xc600, lo: 0xad, hi: 0xbf},
+	// Block 0x69, offset 0x250
+	{value: 0x0000, lo: 0x05},
+	{value: 0xc600, lo: 0x80, hi: 0x87},
+	{value: 0xe500, lo: 0x88, hi: 0x88},
+	{value: 0xc600, lo: 0x89, hi: 0xa3},
+	{value: 0xe500, lo: 0xa4, hi: 0xa4},
+	{value: 0xc600, lo: 0xa5, hi: 0xbf},
+	// Block 0x6a, offset 0x256
+	{value: 0x0000, lo: 0x03},
+	{value: 0xc600, lo: 0x80, hi: 0x87},
+	{value: 0xe500, lo: 0x88, hi: 0x88},
+	{value: 0xc600, lo: 0x89, hi: 0xa3},
+	// Block 0x6b, offset 0x25a
+	{value: 0x0002, lo: 0x01},
+	{value: 0x0003, lo: 0x81, hi: 0xbf},
+	// Block 0x6c, offset 0x25c
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0xbd, hi: 0xbd},
+	// Block 0x6d, offset 0x25e
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0xa0, hi: 0xa0},
+	// Block 0x6e, offset 0x260
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xb6, hi: 0xba},
+	// Block 0x6f, offset 0x262
+	{value: 0x002d, lo: 0x05},
+	{value: 0x812e, lo: 0x8d, hi: 0x8d},
+	{value: 0x8133, lo: 0x8f, hi: 0x8f},
+	{value: 0x8133, lo: 0xb8, hi: 0xb8},
+	{value: 0x8101, lo: 0xb9, hi: 0xba},
+	{value: 0x8105, lo: 0xbf, hi: 0xbf},
+	// Block 0x70, offset 0x268
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0xa5, hi: 0xa5},
+	{value: 0x812e, lo: 0xa6, hi: 0xa6},
+	// Block 0x71, offset 0x26b
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xa4, hi: 0xa7},
+	// Block 0x72, offset 0x26d
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xab, hi: 0xac},
+	// Block 0x73, offset 0x26f
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0xbd, hi: 0xbf},
+	// Block 0x74, offset 0x271
+	{value: 0x0000, lo: 0x05},
+	{value: 0x812e, lo: 0x86, hi: 0x87},
+	{value: 0x8133, lo: 0x88, hi: 0x8a},
+	{value: 0x812e, lo: 0x8b, hi: 0x8b},
+	{value: 0x8133, lo: 0x8c, hi: 0x8c},
+	{value: 0x812e, lo: 0x8d, hi: 0x90},
+	// Block 0x75, offset 0x277
+	{value: 0x0005, lo: 0x03},
+	{value: 0x8133, lo: 0x82, hi: 0x82},
+	{value: 0x812e, lo: 0x83, hi: 0x84},
+	{value: 0x812e, lo: 0x85, hi: 0x85},
+	// Block 0x76, offset 0x27b
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8105, lo: 0x86, hi: 0x86},
+	{value: 0x8105, lo: 0xb0, hi: 0xb0},
+	{value: 0x8105, lo: 0xbf, hi: 0xbf},
+	// Block 0x77, offset 0x27f
+	{value: 0x17fe, lo: 0x07},
+	{value: 0xa000, lo: 0x99, hi: 0x99},
+	{value: 0x4379, lo: 0x9a, hi: 0x9a},
+	{value: 0xa000, lo: 0x9b, hi: 0x9b},
+	{value: 0x4383, lo: 0x9c, hi: 0x9c},
+	{value: 0xa000, lo: 0xa5, hi: 0xa5},
+	{value: 0x438d, lo: 0xab, hi: 0xab},
+	{value: 0x8105, lo: 0xb9, hi: 0xba},
+	// Block 0x78, offset 0x287
+	{value: 0x0000, lo: 0x06},
+	{value: 0x8133, lo: 0x80, hi: 0x82},
+	{value: 0x9900, lo: 0xa7, hi: 0xa7},
+	{value: 0x2eb5, lo: 0xae, hi: 0xae},
+	{value: 0x2ebf, lo: 0xaf, hi: 0xaf},
+	{value: 0xa000, lo: 0xb1, hi: 0xb2},
+	{value: 0x8105, lo: 0xb3, hi: 0xb4},
+	// Block 0x79, offset 0x28e
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x80, hi: 0x80},
+	{value: 0x8103, lo: 0x8a, hi: 0x8a},
+	// Block 0x7a, offset 0x291
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0xb5, hi: 0xb5},
+	{value: 0x8103, lo: 0xb6, hi: 0xb6},
+	// Block 0x7b, offset 0x294
+	{value: 0x0002, lo: 0x01},
+	{value: 0x8103, lo: 0xa9, hi: 0xaa},
+	// Block 0x7c, offset 0x296
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0xbb, hi: 0xbc},
+	{value: 0x9900, lo: 0xbe, hi: 0xbe},
+	// Block 0x7d, offset 0x299
+	{value: 0x0000, lo: 0x07},
+	{value: 0xa000, lo: 0x87, hi: 0x87},
+	{value: 0x2ec9, lo: 0x8b, hi: 0x8b},
+	{value: 0x2ed3, lo: 0x8c, hi: 0x8c},
+	{value: 0x8105, lo: 0x8d, hi: 0x8d},
+	{value: 0x9900, lo: 0x97, hi: 0x97},
+	{value: 0x8133, lo: 0xa6, hi: 0xac},
+	{value: 0x8133, lo: 0xb0, hi: 0xb4},
+	// Block 0x7e, offset 0x2a1
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8105, lo: 0x82, hi: 0x82},
+	{value: 0x8103, lo: 0x86, hi: 0x86},
+	{value: 0x8133, lo: 0x9e, hi: 0x9e},
+	// Block 0x7f, offset 0x2a5
+	{value: 0x6a23, lo: 0x06},
+	{value: 0x9900, lo: 0xb0, hi: 0xb0},
+	{value: 0xa000, lo: 0xb9, hi: 0xb9},
+	{value: 0x9900, lo: 0xba, hi: 0xba},
+	{value: 0x2ee7, lo: 0xbb, hi: 0xbb},
+	{value: 0x2edd, lo: 0xbc, hi: 0xbd},
+	{value: 0x2ef1, lo: 0xbe, hi: 0xbe},
+	// Block 0x80, offset 0x2ac
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0x82, hi: 0x82},
+	{value: 0x8103, lo: 0x83, hi: 0x83},
+	// Block 0x81, offset 0x2af
+	{value: 0x0000, lo: 0x05},
+	{value: 0x9900, lo: 0xaf, hi: 0xaf},
+	{value: 0xa000, lo: 0xb8, hi: 0xb9},
+	{value: 0x2efb, lo: 0xba, hi: 0xba},
+	{value: 0x2f05, lo: 0xbb, hi: 0xbb},
+	{value: 0x8105, lo: 0xbf, hi: 0xbf},
+	// Block 0x82, offset 0x2b5
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0x80, hi: 0x80},
+	// Block 0x83, offset 0x2b7
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xbf, hi: 0xbf},
+	// Block 0x84, offset 0x2b9
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0xb6, hi: 0xb6},
+	{value: 0x8103, lo: 0xb7, hi: 0xb7},
+	// Block 0x85, offset 0x2bc
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xab, hi: 0xab},
+	// Block 0x86, offset 0x2be
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8105, lo: 0xb9, hi: 0xb9},
+	{value: 0x8103, lo: 0xba, hi: 0xba},
+	// Block 0x87, offset 0x2c1
+	{value: 0x0000, lo: 0x04},
+	{value: 0x9900, lo: 0xb0, hi: 0xb0},
+	{value: 0xa000, lo: 0xb5, hi: 0xb5},
+	{value: 0x2f0f, lo: 0xb8, hi: 0xb8},
+	{value: 0x8105, lo: 0xbd, hi: 0xbe},
+	// Block 0x88, offset 0x2c6
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8103, lo: 0x83, hi: 0x83},
+	// Block 0x89, offset 0x2c8
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xa0, hi: 0xa0},
+	// Block 0x8a, offset 0x2ca
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0xb4, hi: 0xb4},
+	// Block 0x8b, offset 0x2cc
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x87, hi: 0x87},
+	// Block 0x8c, offset 0x2ce
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x99, hi: 0x99},
+	// Block 0x8d, offset 0x2d0
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8103, lo: 0x82, hi: 0x82},
+	{value: 0x8105, lo: 0x84, hi: 0x85},
+	// Block 0x8e, offset 0x2d3
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x97, hi: 0x97},
+	// Block 0x8f, offset 0x2d5
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8105, lo: 0x81, hi: 0x82},
+	// Block 0x90, offset 0x2d7
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8101, lo: 0xb0, hi: 0xb4},
+	// Block 0x91, offset 0x2d9
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xb0, hi: 0xb6},
+	// Block 0x92, offset 0x2db
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8102, lo: 0xb0, hi: 0xb1},
+	// Block 0x93, offset 0x2dd
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8101, lo: 0x9e, hi: 0x9e},
+	// Block 0x94, offset 0x2df
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x470d, lo: 0x9e, hi: 0x9e},
+	{value: 0x4717, lo: 0x9f, hi: 0x9f},
+	{value: 0x474b, lo: 0xa0, hi: 0xa0},
+	{value: 0x4759, lo: 0xa1, hi: 0xa1},
+	{value: 0x4767, lo: 0xa2, hi: 0xa2},
+	{value: 0x4775, lo: 0xa3, hi: 0xa3},
+	{value: 0x4783, lo: 0xa4, hi: 0xa4},
+	{value: 0x812c, lo: 0xa5, hi: 0xa6},
+	{value: 0x8101, lo: 0xa7, hi: 0xa9},
+	{value: 0x8131, lo: 0xad, hi: 0xad},
+	{value: 0x812c, lo: 0xae, hi: 0xb2},
+	{value: 0x812e, lo: 0xbb, hi: 0xbf},
+	// Block 0x95, offset 0x2ec
+	{value: 0x0000, lo: 0x09},
+	{value: 0x812e, lo: 0x80, hi: 0x82},
+	{value: 0x8133, lo: 0x85, hi: 0x89},
+	{value: 0x812e, lo: 0x8a, hi: 0x8b},
+	{value: 0x8133, lo: 0xaa, hi: 0xad},
+	{value: 0x4721, lo: 0xbb, hi: 0xbb},
+	{value: 0x472b, lo: 0xbc, hi: 0xbc},
+	{value: 0x4791, lo: 0xbd, hi: 0xbd},
+	{value: 0x47ad, lo: 0xbe, hi: 0xbe},
+	{value: 0x479f, lo: 0xbf, hi: 0xbf},
+	// Block 0x96, offset 0x2f6
+	{value: 0x0000, lo: 0x01},
+	{value: 0x47bb, lo: 0x80, hi: 0x80},
+	// Block 0x97, offset 0x2f8
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0x82, hi: 0x84},
+	// Block 0x98, offset 0x2fa
+	{value: 0x0002, lo: 0x03},
+	{value: 0x0043, lo: 0x80, hi: 0x99},
+	{value: 0x0083, lo: 0x9a, hi: 0xb3},
+	{value: 0x0043, lo: 0xb4, hi: 0xbf},
+	// Block 0x99, offset 0x2fe
+	{value: 0x0002, lo: 0x04},
+	{value: 0x005b, lo: 0x80, hi: 0x8d},
+	{value: 0x0083, lo: 0x8e, hi: 0x94},
+	{value: 0x0093, lo: 0x96, hi: 0xa7},
+	{value: 0x0043, lo: 0xa8, hi: 0xbf},
+	// Block 0x9a, offset 0x303
+	{value: 0x0002, lo: 0x0b},
+	{value: 0x0073, lo: 0x80, hi: 0x81},
+	{value: 0x0083, lo: 0x82, hi: 0x9b},
+	{value: 0x0043, lo: 0x9c, hi: 0x9c},
+	{value: 0x0047, lo: 0x9e, hi: 0x9f},
+	{value: 0x004f, lo: 0xa2, hi: 0xa2},
+	{value: 0x0055, lo: 0xa5, hi: 0xa6},
+	{value: 0x005d, lo: 0xa9, hi: 0xac},
+	{value: 0x0067, lo: 0xae, hi: 0xb5},
+	{value: 0x0083, lo: 0xb6, hi: 0xb9},
+	{value: 0x008d, lo: 0xbb, hi: 0xbb},
+	{value: 0x0091, lo: 0xbd, hi: 0xbf},
+	// Block 0x9b, offset 0x30f
+	{value: 0x0002, lo: 0x04},
+	{value: 0x0097, lo: 0x80, hi: 0x83},
+	{value: 0x00a1, lo: 0x85, hi: 0x8f},
+	{value: 0x0043, lo: 0x90, hi: 0xa9},
+	{value: 0x0083, lo: 0xaa, hi: 0xbf},
+	// Block 0x9c, offset 0x314
+	{value: 0x0002, lo: 0x08},
+	{value: 0x00af, lo: 0x80, hi: 0x83},
+	{value: 0x0043, lo: 0x84, hi: 0x85},
+	{value: 0x0049, lo: 0x87, hi: 0x8a},
+	{value: 0x0055, lo: 0x8d, hi: 0x94},
+	{value: 0x0067, lo: 0x96, hi: 0x9c},
+	{value: 0x0083, lo: 0x9e, hi: 0xb7},
+	{value: 0x0043, lo: 0xb8, hi: 0xb9},
+	{value: 0x0049, lo: 0xbb, hi: 0xbe},
+	// Block 0x9d, offset 0x31d
+	{value: 0x0002, lo: 0x05},
+	{value: 0x0053, lo: 0x80, hi: 0x84},
+	{value: 0x005f, lo: 0x86, hi: 0x86},
+	{value: 0x0067, lo: 0x8a, hi: 0x90},
+	{value: 0x0083, lo: 0x92, hi: 0xab},
+	{value: 0x0043, lo: 0xac, hi: 0xbf},
+	// Block 0x9e, offset 0x323
+	{value: 0x0002, lo: 0x04},
+	{value: 0x006b, lo: 0x80, hi: 0x85},
+	{value: 0x0083, lo: 0x86, hi: 0x9f},
+	{value: 0x0043, lo: 0xa0, hi: 0xb9},
+	{value: 0x0083, lo: 0xba, hi: 0xbf},
+	// Block 0x9f, offset 0x328
+	{value: 0x0002, lo: 0x03},
+	{value: 0x008f, lo: 0x80, hi: 0x93},
+	{value: 0x0043, lo: 0x94, hi: 0xad},
+	{value: 0x0083, lo: 0xae, hi: 0xbf},
+	// Block 0xa0, offset 0x32c
+	{value: 0x0002, lo: 0x04},
+	{value: 0x00a7, lo: 0x80, hi: 0x87},
+	{value: 0x0043, lo: 0x88, hi: 0xa1},
+	{value: 0x0083, lo: 0xa2, hi: 0xbb},
+	{value: 0x0043, lo: 0xbc, hi: 0xbf},
+	// Block 0xa1, offset 0x331
+	{value: 0x0002, lo: 0x03},
+	{value: 0x004b, lo: 0x80, hi: 0x95},
+	{value: 0x0083, lo: 0x96, hi: 0xaf},
+	{value: 0x0043, lo: 0xb0, hi: 0xbf},
+	// Block 0xa2, offset 0x335
+	{value: 0x0003, lo: 0x0f},
+	{value: 0x023c, lo: 0x80, hi: 0x80},
+	{value: 0x0556, lo: 0x81, hi: 0x81},
+	{value: 0x023f, lo: 0x82, hi: 0x9a},
+	{value: 0x0552, lo: 0x9b, hi: 0x9b},
+	{value: 0x024b, lo: 0x9c, hi: 0x9c},
+	{value: 0x0254, lo: 0x9d, hi: 0x9d},
+	{value: 0x025a, lo: 0x9e, hi: 0x9e},
+	{value: 0x027e, lo: 0x9f, hi: 0x9f},
+	{value: 0x026f, lo: 0xa0, hi: 0xa0},
+	{value: 0x026c, lo: 0xa1, hi: 0xa1},
+	{value: 0x01f7, lo: 0xa2, hi: 0xb2},
+	{value: 0x020c, lo: 0xb3, hi: 0xb3},
+	{value: 0x022a, lo: 0xb4, hi: 0xba},
+	{value: 0x0556, lo: 0xbb, hi: 0xbb},
+	{value: 0x023f, lo: 0xbc, hi: 0xbf},
+	// Block 0xa3, offset 0x345
+	{value: 0x0003, lo: 0x0d},
+	{value: 0x024b, lo: 0x80, hi: 0x94},
+	{value: 0x0552, lo: 0x95, hi: 0x95},
+	{value: 0x024b, lo: 0x96, hi: 0x96},
+	{value: 0x0254, lo: 0x97, hi: 0x97},
+	{value: 0x025a, lo: 0x98, hi: 0x98},
+	{value: 0x027e, lo: 0x99, hi: 0x99},
+	{value: 0x026f, lo: 0x9a, hi: 0x9a},
+	{value: 0x026c, lo: 0x9b, hi: 0x9b},
+	{value: 0x01f7, lo: 0x9c, hi: 0xac},
+	{value: 0x020c, lo: 0xad, hi: 0xad},
+	{value: 0x022a, lo: 0xae, hi: 0xb4},
+	{value: 0x0556, lo: 0xb5, hi: 0xb5},
+	{value: 0x023f, lo: 0xb6, hi: 0xbf},
+	// Block 0xa4, offset 0x353
+	{value: 0x0003, lo: 0x0d},
+	{value: 0x025d, lo: 0x80, hi: 0x8e},
+	{value: 0x0552, lo: 0x8f, hi: 0x8f},
+	{value: 0x024b, lo: 0x90, hi: 0x90},
+	{value: 0x0254, lo: 0x91, hi: 0x91},
+	{value: 0x025a, lo: 0x92, hi: 0x92},
+	{value: 0x027e, lo: 0x93, hi: 0x93},
+	{value: 0x026f, lo: 0x94, hi: 0x94},
+	{value: 0x026c, lo: 0x95, hi: 0x95},
+	{value: 0x01f7, lo: 0x96, hi: 0xa6},
+	{value: 0x020c, lo: 0xa7, hi: 0xa7},
+	{value: 0x022a, lo: 0xa8, hi: 0xae},
+	{value: 0x0556, lo: 0xaf, hi: 0xaf},
+	{value: 0x023f, lo: 0xb0, hi: 0xbf},
+	// Block 0xa5, offset 0x361
+	{value: 0x0003, lo: 0x0d},
+	{value: 0x026f, lo: 0x80, hi: 0x88},
+	{value: 0x0552, lo: 0x89, hi: 0x89},
+	{value: 0x024b, lo: 0x8a, hi: 0x8a},
+	{value: 0x0254, lo: 0x8b, hi: 0x8b},
+	{value: 0x025a, lo: 0x8c, hi: 0x8c},
+	{value: 0x027e, lo: 0x8d, hi: 0x8d},
+	{value: 0x026f, lo: 0x8e, hi: 0x8e},
+	{value: 0x026c, lo: 0x8f, hi: 0x8f},
+	{value: 0x01f7, lo: 0x90, hi: 0xa0},
+	{value: 0x020c, lo: 0xa1, hi: 0xa1},
+	{value: 0x022a, lo: 0xa2, hi: 0xa8},
+	{value: 0x0556, lo: 0xa9, hi: 0xa9},
+	{value: 0x023f, lo: 0xaa, hi: 0xbf},
+	// Block 0xa6, offset 0x36f
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0x8f, hi: 0x8f},
+	// Block 0xa7, offset 0x371
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xae, hi: 0xae},
+	// Block 0xa8, offset 0x373
+	{value: 0x0000, lo: 0x01},
+	{value: 0x8133, lo: 0xac, hi: 0xaf},
+	// Block 0xa9, offset 0x375
+	{value: 0x0000, lo: 0x03},
+	{value: 0x8134, lo: 0xac, hi: 0xad},
+	{value: 0x812e, lo: 0xae, hi: 0xae},
+	{value: 0x8133, lo: 0xaf, hi: 0xaf},
+	// Block 0xaa, offset 0x379
+	{value: 0x0000, lo: 0x01},
+	{value: 0x812e, lo: 0x90, hi: 0x96},
+	// Block 0xab, offset 0x37b
+	{value: 0x0000, lo: 0x02},
+	{value: 0x8133, lo: 0x84, hi: 0x89},
+	{value: 0x8103, lo: 0x8a, hi: 0x8a},
+	// Block 0xac, offset 0x37e
+	{value: 0x0002, lo: 0x0a},
+	{value: 0x0063, lo: 0x80, hi: 0x89},
+	{value: 0x1a7e, lo: 0x8a, hi: 0x8a},
+	{value: 0x1ab1, lo: 0x8b, hi: 0x8b},
+	{value: 0x1acc, lo: 0x8c, hi: 0x8c},
+	{value: 0x1ad2, lo: 0x8d, hi: 0x8d},
+	{value: 0x1cf0, lo: 0x8e, hi: 0x8e},
+	{value: 0x1ade, lo: 0x8f, hi: 0x8f},
+	{value: 0x1aa8, lo: 0xaa, hi: 0xaa},
+	{value: 0x1aab, lo: 0xab, hi: 0xab},
+	{value: 0x1aae, lo: 0xac, hi: 0xac},
+	// Block 0xad, offset 0x389
+	{value: 0x0000, lo: 0x01},
+	{value: 0x1a6c, lo: 0x90, hi: 0x90},
+	// Block 0xae, offset 0x38b
+	{value: 0x0028, lo: 0x09},
+	{value: 0x2999, lo: 0x80, hi: 0x80},
+	{value: 0x295d, lo: 0x81, hi: 0x81},
+	{value: 0x2967, lo: 0x82, hi: 0x82},
+	{value: 0x297b, lo: 0x83, hi: 0x84},
+	{value: 0x2985, lo: 0x85, hi: 0x86},
+	{value: 0x2971, lo: 0x87, hi: 0x87},
+	{value: 0x298f, lo: 0x88, hi: 0x88},
+	{value: 0x0c6a, lo: 0x90, hi: 0x90},
+	{value: 0x09e2, lo: 0x91, hi: 0x91},
+	// Block 0xaf, offset 0x395
+	{value: 0x0002, lo: 0x01},
+	{value: 0x0021, lo: 0xb0, hi: 0xb9},
+}
+
+// recompMap: 7528 bytes (entries only)
+var recompMap map[uint32]rune
+var recompMapOnce sync.Once
+
+const recompMapPacked = "" +
+	"\x00A\x03\x00\x00\x00\x00\xc0" + // 0x00410300: 0x000000C0
+	"\x00A\x03\x01\x00\x00\x00\xc1" + // 0x00410301: 0x000000C1
+	"\x00A\x03\x02\x00\x00\x00\xc2" + // 0x00410302: 0x000000C2
+	"\x00A\x03\x03\x00\x00\x00\xc3" + // 0x00410303: 0x000000C3
+	"\x00A\x03\b\x00\x00\x00\xc4" + // 0x00410308: 0x000000C4
+	"\x00A\x03\n\x00\x00\x00\xc5" + // 0x0041030A: 0x000000C5
+	"\x00C\x03'\x00\x00\x00\xc7" + // 0x00430327: 0x000000C7
+	"\x00E\x03\x00\x00\x00\x00\xc8" + // 0x00450300: 0x000000C8
+	"\x00E\x03\x01\x00\x00\x00\xc9" + // 0x00450301: 0x000000C9
+	"\x00E\x03\x02\x00\x00\x00\xca" + // 0x00450302: 0x000000CA
+	"\x00E\x03\b\x00\x00\x00\xcb" + // 0x00450308: 0x000000CB
+	"\x00I\x03\x00\x00\x00\x00\xcc" + // 0x00490300: 0x000000CC
+	"\x00I\x03\x01\x00\x00\x00\xcd" + // 0x00490301: 0x000000CD
+	"\x00I\x03\x02\x00\x00\x00\xce" + // 0x00490302: 0x000000CE
+	"\x00I\x03\b\x00\x00\x00\xcf" + // 0x00490308: 0x000000CF
+	"\x00N\x03\x03\x00\x00\x00\xd1" + // 0x004E0303: 0x000000D1
+	"\x00O\x03\x00\x00\x00\x00\xd2" + // 0x004F0300: 0x000000D2
+	"\x00O\x03\x01\x00\x00\x00\xd3" + // 0x004F0301: 0x000000D3
+	"\x00O\x03\x02\x00\x00\x00\xd4" + // 0x004F0302: 0x000000D4
+	"\x00O\x03\x03\x00\x00\x00\xd5" + // 0x004F0303: 0x000000D5
+	"\x00O\x03\b\x00\x00\x00\xd6" + // 0x004F0308: 0x000000D6
+	"\x00U\x03\x00\x00\x00\x00\xd9" + // 0x00550300: 0x000000D9
+	"\x00U\x03\x01\x00\x00\x00\xda" + // 0x00550301: 0x000000DA
+	"\x00U\x03\x02\x00\x00\x00\xdb" + // 0x00550302: 0x000000DB
+	"\x00U\x03\b\x00\x00\x00\xdc" + // 0x00550308: 0x000000DC
+	"\x00Y\x03\x01\x00\x00\x00\xdd" + // 0x00590301: 0x000000DD
+	"\x00a\x03\x00\x00\x00\x00\xe0" + // 0x00610300: 0x000000E0
+	"\x00a\x03\x01\x00\x00\x00\xe1" + // 0x00610301: 0x000000E1
+	"\x00a\x03\x02\x00\x00\x00\xe2" + // 0x00610302: 0x000000E2
+	"\x00a\x03\x03\x00\x00\x00\xe3" + // 0x00610303: 0x000000E3
+	"\x00a\x03\b\x00\x00\x00\xe4" + // 0x00610308: 0x000000E4
+	"\x00a\x03\n\x00\x00\x00\xe5" + // 0x0061030A: 0x000000E5
+	"\x00c\x03'\x00\x00\x00\xe7" + // 0x00630327: 0x000000E7
+	"\x00e\x03\x00\x00\x00\x00\xe8" + // 0x00650300: 0x000000E8
+	"\x00e\x03\x01\x00\x00\x00\xe9" + // 0x00650301: 0x000000E9
+	"\x00e\x03\x02\x00\x00\x00\xea" + // 0x00650302: 0x000000EA
+	"\x00e\x03\b\x00\x00\x00\xeb" + // 0x00650308: 0x000000EB
+	"\x00i\x03\x00\x00\x00\x00\xec" + // 0x00690300: 0x000000EC
+	"\x00i\x03\x01\x00\x00\x00\xed" + // 0x00690301: 0x000000ED
+	"\x00i\x03\x02\x00\x00\x00\xee" + // 0x00690302: 0x000000EE
+	"\x00i\x03\b\x00\x00\x00\xef" + // 0x00690308: 0x000000EF
+	"\x00n\x03\x03\x00\x00\x00\xf1" + // 0x006E0303: 0x000000F1
+	"\x00o\x03\x00\x00\x00\x00\xf2" + // 0x006F0300: 0x000000F2
+	"\x00o\x03\x01\x00\x00\x00\xf3" + // 0x006F0301: 0x000000F3
+	"\x00o\x03\x02\x00\x00\x00\xf4" + // 0x006F0302: 0x000000F4
+	"\x00o\x03\x03\x00\x00\x00\xf5" + // 0x006F0303: 0x000000F5
+	"\x00o\x03\b\x00\x00\x00\xf6" + // 0x006F0308: 0x000000F6
+	"\x00u\x03\x00\x00\x00\x00\xf9" + // 0x00750300: 0x000000F9
+	"\x00u\x03\x01\x00\x00\x00\xfa" + // 0x00750301: 0x000000FA
+	"\x00u\x03\x02\x00\x00\x00\xfb" + // 0x00750302: 0x000000FB
+	"\x00u\x03\b\x00\x00\x00\xfc" + // 0x00750308: 0x000000FC
+	"\x00y\x03\x01\x00\x00\x00\xfd" + // 0x00790301: 0x000000FD
+	"\x00y\x03\b\x00\x00\x00\xff" + // 0x00790308: 0x000000FF
+	"\x00A\x03\x04\x00\x00\x01\x00" + // 0x00410304: 0x00000100
+	"\x00a\x03\x04\x00\x00\x01\x01" + // 0x00610304: 0x00000101
+	"\x00A\x03\x06\x00\x00\x01\x02" + // 0x00410306: 0x00000102
+	"\x00a\x03\x06\x00\x00\x01\x03" + // 0x00610306: 0x00000103
+	"\x00A\x03(\x00\x00\x01\x04" + // 0x00410328: 0x00000104
+	"\x00a\x03(\x00\x00\x01\x05" + // 0x00610328: 0x00000105
+	"\x00C\x03\x01\x00\x00\x01\x06" + // 0x00430301: 0x00000106
+	"\x00c\x03\x01\x00\x00\x01\a" + // 0x00630301: 0x00000107
+	"\x00C\x03\x02\x00\x00\x01\b" + // 0x00430302: 0x00000108
+	"\x00c\x03\x02\x00\x00\x01\t" + // 0x00630302: 0x00000109
+	"\x00C\x03\a\x00\x00\x01\n" + // 0x00430307: 0x0000010A
+	"\x00c\x03\a\x00\x00\x01\v" + // 0x00630307: 0x0000010B
+	"\x00C\x03\f\x00\x00\x01\f" + // 0x0043030C: 0x0000010C
+	"\x00c\x03\f\x00\x00\x01\r" + // 0x0063030C: 0x0000010D
+	"\x00D\x03\f\x00\x00\x01\x0e" + // 0x0044030C: 0x0000010E
+	"\x00d\x03\f\x00\x00\x01\x0f" + // 0x0064030C: 0x0000010F
+	"\x00E\x03\x04\x00\x00\x01\x12" + // 0x00450304: 0x00000112
+	"\x00e\x03\x04\x00\x00\x01\x13" + // 0x00650304: 0x00000113
+	"\x00E\x03\x06\x00\x00\x01\x14" + // 0x00450306: 0x00000114
+	"\x00e\x03\x06\x00\x00\x01\x15" + // 0x00650306: 0x00000115
+	"\x00E\x03\a\x00\x00\x01\x16" + // 0x00450307: 0x00000116
+	"\x00e\x03\a\x00\x00\x01\x17" + // 0x00650307: 0x00000117
+	"\x00E\x03(\x00\x00\x01\x18" + // 0x00450328: 0x00000118
+	"\x00e\x03(\x00\x00\x01\x19" + // 0x00650328: 0x00000119
+	"\x00E\x03\f\x00\x00\x01\x1a" + // 0x0045030C: 0x0000011A
+	"\x00e\x03\f\x00\x00\x01\x1b" + // 0x0065030C: 0x0000011B
+	"\x00G\x03\x02\x00\x00\x01\x1c" + // 0x00470302: 0x0000011C
+	"\x00g\x03\x02\x00\x00\x01\x1d" + // 0x00670302: 0x0000011D
+	"\x00G\x03\x06\x00\x00\x01\x1e" + // 0x00470306: 0x0000011E
+	"\x00g\x03\x06\x00\x00\x01\x1f" + // 0x00670306: 0x0000011F
+	"\x00G\x03\a\x00\x00\x01 " + // 0x00470307: 0x00000120
+	"\x00g\x03\a\x00\x00\x01!" + // 0x00670307: 0x00000121
+	"\x00G\x03'\x00\x00\x01\"" + // 0x00470327: 0x00000122
+	"\x00g\x03'\x00\x00\x01#" + // 0x00670327: 0x00000123
+	"\x00H\x03\x02\x00\x00\x01$" + // 0x00480302: 0x00000124
+	"\x00h\x03\x02\x00\x00\x01%" + // 0x00680302: 0x00000125
+	"\x00I\x03\x03\x00\x00\x01(" + // 0x00490303: 0x00000128
+	"\x00i\x03\x03\x00\x00\x01)" + // 0x00690303: 0x00000129
+	"\x00I\x03\x04\x00\x00\x01*" + // 0x00490304: 0x0000012A
+	"\x00i\x03\x04\x00\x00\x01+" + // 0x00690304: 0x0000012B
+	"\x00I\x03\x06\x00\x00\x01," + // 0x00490306: 0x0000012C
+	"\x00i\x03\x06\x00\x00\x01-" + // 0x00690306: 0x0000012D
+	"\x00I\x03(\x00\x00\x01." + // 0x00490328: 0x0000012E
+	"\x00i\x03(\x00\x00\x01/" + // 0x00690328: 0x0000012F
+	"\x00I\x03\a\x00\x00\x010" + // 0x00490307: 0x00000130
+	"\x00J\x03\x02\x00\x00\x014" + // 0x004A0302: 0x00000134
+	"\x00j\x03\x02\x00\x00\x015" + // 0x006A0302: 0x00000135
+	"\x00K\x03'\x00\x00\x016" + // 0x004B0327: 0x00000136
+	"\x00k\x03'\x00\x00\x017" + // 0x006B0327: 0x00000137
+	"\x00L\x03\x01\x00\x00\x019" + // 0x004C0301: 0x00000139
+	"\x00l\x03\x01\x00\x00\x01:" + // 0x006C0301: 0x0000013A
+	"\x00L\x03'\x00\x00\x01;" + // 0x004C0327: 0x0000013B
+	"\x00l\x03'\x00\x00\x01<" + // 0x006C0327: 0x0000013C
+	"\x00L\x03\f\x00\x00\x01=" + // 0x004C030C: 0x0000013D
+	"\x00l\x03\f\x00\x00\x01>" + // 0x006C030C: 0x0000013E
+	"\x00N\x03\x01\x00\x00\x01C" + // 0x004E0301: 0x00000143
+	"\x00n\x03\x01\x00\x00\x01D" + // 0x006E0301: 0x00000144
+	"\x00N\x03'\x00\x00\x01E" + // 0x004E0327: 0x00000145
+	"\x00n\x03'\x00\x00\x01F" + // 0x006E0327: 0x00000146
+	"\x00N\x03\f\x00\x00\x01G" + // 0x004E030C: 0x00000147
+	"\x00n\x03\f\x00\x00\x01H" + // 0x006E030C: 0x00000148
+	"\x00O\x03\x04\x00\x00\x01L" + // 0x004F0304: 0x0000014C
+	"\x00o\x03\x04\x00\x00\x01M" + // 0x006F0304: 0x0000014D
+	"\x00O\x03\x06\x00\x00\x01N" + // 0x004F0306: 0x0000014E
+	"\x00o\x03\x06\x00\x00\x01O" + // 0x006F0306: 0x0000014F
+	"\x00O\x03\v\x00\x00\x01P" + // 0x004F030B: 0x00000150
+	"\x00o\x03\v\x00\x00\x01Q" + // 0x006F030B: 0x00000151
+	"\x00R\x03\x01\x00\x00\x01T" + // 0x00520301: 0x00000154
+	"\x00r\x03\x01\x00\x00\x01U" + // 0x00720301: 0x00000155
+	"\x00R\x03'\x00\x00\x01V" + // 0x00520327: 0x00000156
+	"\x00r\x03'\x00\x00\x01W" + // 0x00720327: 0x00000157
+	"\x00R\x03\f\x00\x00\x01X" + // 0x0052030C: 0x00000158
+	"\x00r\x03\f\x00\x00\x01Y" + // 0x0072030C: 0x00000159
+	"\x00S\x03\x01\x00\x00\x01Z" + // 0x00530301: 0x0000015A
+	"\x00s\x03\x01\x00\x00\x01[" + // 0x00730301: 0x0000015B
+	"\x00S\x03\x02\x00\x00\x01\\" + // 0x00530302: 0x0000015C
+	"\x00s\x03\x02\x00\x00\x01]" + // 0x00730302: 0x0000015D
+	"\x00S\x03'\x00\x00\x01^" + // 0x00530327: 0x0000015E
+	"\x00s\x03'\x00\x00\x01_" + // 0x00730327: 0x0000015F
+	"\x00S\x03\f\x00\x00\x01`" + // 0x0053030C: 0x00000160
+	"\x00s\x03\f\x00\x00\x01a" + // 0x0073030C: 0x00000161
+	"\x00T\x03'\x00\x00\x01b" + // 0x00540327: 0x00000162
+	"\x00t\x03'\x00\x00\x01c" + // 0x00740327: 0x00000163
+	"\x00T\x03\f\x00\x00\x01d" + // 0x0054030C: 0x00000164
+	"\x00t\x03\f\x00\x00\x01e" + // 0x0074030C: 0x00000165
+	"\x00U\x03\x03\x00\x00\x01h" + // 0x00550303: 0x00000168
+	"\x00u\x03\x03\x00\x00\x01i" + // 0x00750303: 0x00000169
+	"\x00U\x03\x04\x00\x00\x01j" + // 0x00550304: 0x0000016A
+	"\x00u\x03\x04\x00\x00\x01k" + // 0x00750304: 0x0000016B
+	"\x00U\x03\x06\x00\x00\x01l" + // 0x00550306: 0x0000016C
+	"\x00u\x03\x06\x00\x00\x01m" + // 0x00750306: 0x0000016D
+	"\x00U\x03\n\x00\x00\x01n" + // 0x0055030A: 0x0000016E
+	"\x00u\x03\n\x00\x00\x01o" + // 0x0075030A: 0x0000016F
+	"\x00U\x03\v\x00\x00\x01p" + // 0x0055030B: 0x00000170
+	"\x00u\x03\v\x00\x00\x01q" + // 0x0075030B: 0x00000171
+	"\x00U\x03(\x00\x00\x01r" + // 0x00550328: 0x00000172
+	"\x00u\x03(\x00\x00\x01s" + // 0x00750328: 0x00000173
+	"\x00W\x03\x02\x00\x00\x01t" + // 0x00570302: 0x00000174
+	"\x00w\x03\x02\x00\x00\x01u" + // 0x00770302: 0x00000175
+	"\x00Y\x03\x02\x00\x00\x01v" + // 0x00590302: 0x00000176
+	"\x00y\x03\x02\x00\x00\x01w" + // 0x00790302: 0x00000177
+	"\x00Y\x03\b\x00\x00\x01x" + // 0x00590308: 0x00000178
+	"\x00Z\x03\x01\x00\x00\x01y" + // 0x005A0301: 0x00000179
+	"\x00z\x03\x01\x00\x00\x01z" + // 0x007A0301: 0x0000017A
+	"\x00Z\x03\a\x00\x00\x01{" + // 0x005A0307: 0x0000017B
+	"\x00z\x03\a\x00\x00\x01|" + // 0x007A0307: 0x0000017C
+	"\x00Z\x03\f\x00\x00\x01}" + // 0x005A030C: 0x0000017D
+	"\x00z\x03\f\x00\x00\x01~" + // 0x007A030C: 0x0000017E
+	"\x00O\x03\x1b\x00\x00\x01\xa0" + // 0x004F031B: 0x000001A0
+	"\x00o\x03\x1b\x00\x00\x01\xa1" + // 0x006F031B: 0x000001A1
+	"\x00U\x03\x1b\x00\x00\x01\xaf" + // 0x0055031B: 0x000001AF
+	"\x00u\x03\x1b\x00\x00\x01\xb0" + // 0x0075031B: 0x000001B0
+	"\x00A\x03\f\x00\x00\x01\xcd" + // 0x0041030C: 0x000001CD
+	"\x00a\x03\f\x00\x00\x01\xce" + // 0x0061030C: 0x000001CE
+	"\x00I\x03\f\x00\x00\x01\xcf" + // 0x0049030C: 0x000001CF
+	"\x00i\x03\f\x00\x00\x01\xd0" + // 0x0069030C: 0x000001D0
+	"\x00O\x03\f\x00\x00\x01\xd1" + // 0x004F030C: 0x000001D1
+	"\x00o\x03\f\x00\x00\x01\xd2" + // 0x006F030C: 0x000001D2
+	"\x00U\x03\f\x00\x00\x01\xd3" + // 0x0055030C: 0x000001D3
+	"\x00u\x03\f\x00\x00\x01\xd4" + // 0x0075030C: 0x000001D4
+	"\x00\xdc\x03\x04\x00\x00\x01\xd5" + // 0x00DC0304: 0x000001D5
+	"\x00\xfc\x03\x04\x00\x00\x01\xd6" + // 0x00FC0304: 0x000001D6
+	"\x00\xdc\x03\x01\x00\x00\x01\xd7" + // 0x00DC0301: 0x000001D7
+	"\x00\xfc\x03\x01\x00\x00\x01\xd8" + // 0x00FC0301: 0x000001D8
+	"\x00\xdc\x03\f\x00\x00\x01\xd9" + // 0x00DC030C: 0x000001D9
+	"\x00\xfc\x03\f\x00\x00\x01\xda" + // 0x00FC030C: 0x000001DA
+	"\x00\xdc\x03\x00\x00\x00\x01\xdb" + // 0x00DC0300: 0x000001DB
+	"\x00\xfc\x03\x00\x00\x00\x01\xdc" + // 0x00FC0300: 0x000001DC
+	"\x00\xc4\x03\x04\x00\x00\x01\xde" + // 0x00C40304: 0x000001DE
+	"\x00\xe4\x03\x04\x00\x00\x01\xdf" + // 0x00E40304: 0x000001DF
+	"\x02&\x03\x04\x00\x00\x01\xe0" + // 0x02260304: 0x000001E0
+	"\x02'\x03\x04\x00\x00\x01\xe1" + // 0x02270304: 0x000001E1
+	"\x00\xc6\x03\x04\x00\x00\x01\xe2" + // 0x00C60304: 0x000001E2
+	"\x00\xe6\x03\x04\x00\x00\x01\xe3" + // 0x00E60304: 0x000001E3
+	"\x00G\x03\f\x00\x00\x01\xe6" + // 0x0047030C: 0x000001E6
+	"\x00g\x03\f\x00\x00\x01\xe7" + // 0x0067030C: 0x000001E7
+	"\x00K\x03\f\x00\x00\x01\xe8" + // 0x004B030C: 0x000001E8
+	"\x00k\x03\f\x00\x00\x01\xe9" + // 0x006B030C: 0x000001E9
+	"\x00O\x03(\x00\x00\x01\xea" + // 0x004F0328: 0x000001EA
+	"\x00o\x03(\x00\x00\x01\xeb" + // 0x006F0328: 0x000001EB
+	"\x01\xea\x03\x04\x00\x00\x01\xec" + // 0x01EA0304: 0x000001EC
+	"\x01\xeb\x03\x04\x00\x00\x01\xed" + // 0x01EB0304: 0x000001ED
+	"\x01\xb7\x03\f\x00\x00\x01\xee" + // 0x01B7030C: 0x000001EE
+	"\x02\x92\x03\f\x00\x00\x01\xef" + // 0x0292030C: 0x000001EF
+	"\x00j\x03\f\x00\x00\x01\xf0" + // 0x006A030C: 0x000001F0
+	"\x00G\x03\x01\x00\x00\x01\xf4" + // 0x00470301: 0x000001F4
+	"\x00g\x03\x01\x00\x00\x01\xf5" + // 0x00670301: 0x000001F5
+	"\x00N\x03\x00\x00\x00\x01\xf8" + // 0x004E0300: 0x000001F8
+	"\x00n\x03\x00\x00\x00\x01\xf9" + // 0x006E0300: 0x000001F9
+	"\x00\xc5\x03\x01\x00\x00\x01\xfa" + // 0x00C50301: 0x000001FA
+	"\x00\xe5\x03\x01\x00\x00\x01\xfb" + // 0x00E50301: 0x000001FB
+	"\x00\xc6\x03\x01\x00\x00\x01\xfc" + // 0x00C60301: 0x000001FC
+	"\x00\xe6\x03\x01\x00\x00\x01\xfd" + // 0x00E60301: 0x000001FD
+	"\x00\xd8\x03\x01\x00\x00\x01\xfe" + // 0x00D80301: 0x000001FE
+	"\x00\xf8\x03\x01\x00\x00\x01\xff" + // 0x00F80301: 0x000001FF
+	"\x00A\x03\x0f\x00\x00\x02\x00" + // 0x0041030F: 0x00000200
+	"\x00a\x03\x0f\x00\x00\x02\x01" + // 0x0061030F: 0x00000201
+	"\x00A\x03\x11\x00\x00\x02\x02" + // 0x00410311: 0x00000202
+	"\x00a\x03\x11\x00\x00\x02\x03" + // 0x00610311: 0x00000203
+	"\x00E\x03\x0f\x00\x00\x02\x04" + // 0x0045030F: 0x00000204
+	"\x00e\x03\x0f\x00\x00\x02\x05" + // 0x0065030F: 0x00000205
+	"\x00E\x03\x11\x00\x00\x02\x06" + // 0x00450311: 0x00000206
+	"\x00e\x03\x11\x00\x00\x02\a" + // 0x00650311: 0x00000207
+	"\x00I\x03\x0f\x00\x00\x02\b" + // 0x0049030F: 0x00000208
+	"\x00i\x03\x0f\x00\x00\x02\t" + // 0x0069030F: 0x00000209
+	"\x00I\x03\x11\x00\x00\x02\n" + // 0x00490311: 0x0000020A
+	"\x00i\x03\x11\x00\x00\x02\v" + // 0x00690311: 0x0000020B
+	"\x00O\x03\x0f\x00\x00\x02\f" + // 0x004F030F: 0x0000020C
+	"\x00o\x03\x0f\x00\x00\x02\r" + // 0x006F030F: 0x0000020D
+	"\x00O\x03\x11\x00\x00\x02\x0e" + // 0x004F0311: 0x0000020E
+	"\x00o\x03\x11\x00\x00\x02\x0f" + // 0x006F0311: 0x0000020F
+	"\x00R\x03\x0f\x00\x00\x02\x10" + // 0x0052030F: 0x00000210
+	"\x00r\x03\x0f\x00\x00\x02\x11" + // 0x0072030F: 0x00000211
+	"\x00R\x03\x11\x00\x00\x02\x12" + // 0x00520311: 0x00000212
+	"\x00r\x03\x11\x00\x00\x02\x13" + // 0x00720311: 0x00000213
+	"\x00U\x03\x0f\x00\x00\x02\x14" + // 0x0055030F: 0x00000214
+	"\x00u\x03\x0f\x00\x00\x02\x15" + // 0x0075030F: 0x00000215
+	"\x00U\x03\x11\x00\x00\x02\x16" + // 0x00550311: 0x00000216
+	"\x00u\x03\x11\x00\x00\x02\x17" + // 0x00750311: 0x00000217
+	"\x00S\x03&\x00\x00\x02\x18" + // 0x00530326: 0x00000218
+	"\x00s\x03&\x00\x00\x02\x19" + // 0x00730326: 0x00000219
+	"\x00T\x03&\x00\x00\x02\x1a" + // 0x00540326: 0x0000021A
+	"\x00t\x03&\x00\x00\x02\x1b" + // 0x00740326: 0x0000021B
+	"\x00H\x03\f\x00\x00\x02\x1e" + // 0x0048030C: 0x0000021E
+	"\x00h\x03\f\x00\x00\x02\x1f" + // 0x0068030C: 0x0000021F
+	"\x00A\x03\a\x00\x00\x02&" + // 0x00410307: 0x00000226
+	"\x00a\x03\a\x00\x00\x02'" + // 0x00610307: 0x00000227
+	"\x00E\x03'\x00\x00\x02(" + // 0x00450327: 0x00000228
+	"\x00e\x03'\x00\x00\x02)" + // 0x00650327: 0x00000229
+	"\x00\xd6\x03\x04\x00\x00\x02*" + // 0x00D60304: 0x0000022A
+	"\x00\xf6\x03\x04\x00\x00\x02+" + // 0x00F60304: 0x0000022B
+	"\x00\xd5\x03\x04\x00\x00\x02," + // 0x00D50304: 0x0000022C
+	"\x00\xf5\x03\x04\x00\x00\x02-" + // 0x00F50304: 0x0000022D
+	"\x00O\x03\a\x00\x00\x02." + // 0x004F0307: 0x0000022E
+	"\x00o\x03\a\x00\x00\x02/" + // 0x006F0307: 0x0000022F
+	"\x02.\x03\x04\x00\x00\x020" + // 0x022E0304: 0x00000230
+	"\x02/\x03\x04\x00\x00\x021" + // 0x022F0304: 0x00000231
+	"\x00Y\x03\x04\x00\x00\x022" + // 0x00590304: 0x00000232
+	"\x00y\x03\x04\x00\x00\x023" + // 0x00790304: 0x00000233
+	"\x00\xa8\x03\x01\x00\x00\x03\x85" + // 0x00A80301: 0x00000385
+	"\x03\x91\x03\x01\x00\x00\x03\x86" + // 0x03910301: 0x00000386
+	"\x03\x95\x03\x01\x00\x00\x03\x88" + // 0x03950301: 0x00000388
+	"\x03\x97\x03\x01\x00\x00\x03\x89" + // 0x03970301: 0x00000389
+	"\x03\x99\x03\x01\x00\x00\x03\x8a" + // 0x03990301: 0x0000038A
+	"\x03\x9f\x03\x01\x00\x00\x03\x8c" + // 0x039F0301: 0x0000038C
+	"\x03\xa5\x03\x01\x00\x00\x03\x8e" + // 0x03A50301: 0x0000038E
+	"\x03\xa9\x03\x01\x00\x00\x03\x8f" + // 0x03A90301: 0x0000038F
+	"\x03\xca\x03\x01\x00\x00\x03\x90" + // 0x03CA0301: 0x00000390
+	"\x03\x99\x03\b\x00\x00\x03\xaa" + // 0x03990308: 0x000003AA
+	"\x03\xa5\x03\b\x00\x00\x03\xab" + // 0x03A50308: 0x000003AB
+	"\x03\xb1\x03\x01\x00\x00\x03\xac" + // 0x03B10301: 0x000003AC
+	"\x03\xb5\x03\x01\x00\x00\x03\xad" + // 0x03B50301: 0x000003AD
+	"\x03\xb7\x03\x01\x00\x00\x03\xae" + // 0x03B70301: 0x000003AE
+	"\x03\xb9\x03\x01\x00\x00\x03\xaf" + // 0x03B90301: 0x000003AF
+	"\x03\xcb\x03\x01\x00\x00\x03\xb0" + // 0x03CB0301: 0x000003B0
+	"\x03\xb9\x03\b\x00\x00\x03\xca" + // 0x03B90308: 0x000003CA
+	"\x03\xc5\x03\b\x00\x00\x03\xcb" + // 0x03C50308: 0x000003CB
+	"\x03\xbf\x03\x01\x00\x00\x03\xcc" + // 0x03BF0301: 0x000003CC
+	"\x03\xc5\x03\x01\x00\x00\x03\xcd" + // 0x03C50301: 0x000003CD
+	"\x03\xc9\x03\x01\x00\x00\x03\xce" + // 0x03C90301: 0x000003CE
+	"\x03\xd2\x03\x01\x00\x00\x03\xd3" + // 0x03D20301: 0x000003D3
+	"\x03\xd2\x03\b\x00\x00\x03\xd4" + // 0x03D20308: 0x000003D4
+	"\x04\x15\x03\x00\x00\x00\x04\x00" + // 0x04150300: 0x00000400
+	"\x04\x15\x03\b\x00\x00\x04\x01" + // 0x04150308: 0x00000401
+	"\x04\x13\x03\x01\x00\x00\x04\x03" + // 0x04130301: 0x00000403
+	"\x04\x06\x03\b\x00\x00\x04\a" + // 0x04060308: 0x00000407
+	"\x04\x1a\x03\x01\x00\x00\x04\f" + // 0x041A0301: 0x0000040C
+	"\x04\x18\x03\x00\x00\x00\x04\r" + // 0x04180300: 0x0000040D
+	"\x04#\x03\x06\x00\x00\x04\x0e" + // 0x04230306: 0x0000040E
+	"\x04\x18\x03\x06\x00\x00\x04\x19" + // 0x04180306: 0x00000419
+	"\x048\x03\x06\x00\x00\x049" + // 0x04380306: 0x00000439
+	"\x045\x03\x00\x00\x00\x04P" + // 0x04350300: 0x00000450
+	"\x045\x03\b\x00\x00\x04Q" + // 0x04350308: 0x00000451
+	"\x043\x03\x01\x00\x00\x04S" + // 0x04330301: 0x00000453
+	"\x04V\x03\b\x00\x00\x04W" + // 0x04560308: 0x00000457
+	"\x04:\x03\x01\x00\x00\x04\\" + // 0x043A0301: 0x0000045C
+	"\x048\x03\x00\x00\x00\x04]" + // 0x04380300: 0x0000045D
+	"\x04C\x03\x06\x00\x00\x04^" + // 0x04430306: 0x0000045E
+	"\x04t\x03\x0f\x00\x00\x04v" + // 0x0474030F: 0x00000476
+	"\x04u\x03\x0f\x00\x00\x04w" + // 0x0475030F: 0x00000477
+	"\x04\x16\x03\x06\x00\x00\x04\xc1" + // 0x04160306: 0x000004C1
+	"\x046\x03\x06\x00\x00\x04\xc2" + // 0x04360306: 0x000004C2
+	"\x04\x10\x03\x06\x00\x00\x04\xd0" + // 0x04100306: 0x000004D0
+	"\x040\x03\x06\x00\x00\x04\xd1" + // 0x04300306: 0x000004D1
+	"\x04\x10\x03\b\x00\x00\x04\xd2" + // 0x04100308: 0x000004D2
+	"\x040\x03\b\x00\x00\x04\xd3" + // 0x04300308: 0x000004D3
+	"\x04\x15\x03\x06\x00\x00\x04\xd6" + // 0x04150306: 0x000004D6
+	"\x045\x03\x06\x00\x00\x04\xd7" + // 0x04350306: 0x000004D7
+	"\x04\xd8\x03\b\x00\x00\x04\xda" + // 0x04D80308: 0x000004DA
+	"\x04\xd9\x03\b\x00\x00\x04\xdb" + // 0x04D90308: 0x000004DB
+	"\x04\x16\x03\b\x00\x00\x04\xdc" + // 0x04160308: 0x000004DC
+	"\x046\x03\b\x00\x00\x04\xdd" + // 0x04360308: 0x000004DD
+	"\x04\x17\x03\b\x00\x00\x04\xde" + // 0x04170308: 0x000004DE
+	"\x047\x03\b\x00\x00\x04\xdf" + // 0x04370308: 0x000004DF
+	"\x04\x18\x03\x04\x00\x00\x04\xe2" + // 0x04180304: 0x000004E2
+	"\x048\x03\x04\x00\x00\x04\xe3" + // 0x04380304: 0x000004E3
+	"\x04\x18\x03\b\x00\x00\x04\xe4" + // 0x04180308: 0x000004E4
+	"\x048\x03\b\x00\x00\x04\xe5" + // 0x04380308: 0x000004E5
+	"\x04\x1e\x03\b\x00\x00\x04\xe6" + // 0x041E0308: 0x000004E6
+	"\x04>\x03\b\x00\x00\x04\xe7" + // 0x043E0308: 0x000004E7
+	"\x04\xe8\x03\b\x00\x00\x04\xea" + // 0x04E80308: 0x000004EA
+	"\x04\xe9\x03\b\x00\x00\x04\xeb" + // 0x04E90308: 0x000004EB
+	"\x04-\x03\b\x00\x00\x04\xec" + // 0x042D0308: 0x000004EC
+	"\x04M\x03\b\x00\x00\x04\xed" + // 0x044D0308: 0x000004ED
+	"\x04#\x03\x04\x00\x00\x04\xee" + // 0x04230304: 0x000004EE
+	"\x04C\x03\x04\x00\x00\x04\xef" + // 0x04430304: 0x000004EF
+	"\x04#\x03\b\x00\x00\x04\xf0" + // 0x04230308: 0x000004F0
+	"\x04C\x03\b\x00\x00\x04\xf1" + // 0x04430308: 0x000004F1
+	"\x04#\x03\v\x00\x00\x04\xf2" + // 0x0423030B: 0x000004F2
+	"\x04C\x03\v\x00\x00\x04\xf3" + // 0x0443030B: 0x000004F3
+	"\x04'\x03\b\x00\x00\x04\xf4" + // 0x04270308: 0x000004F4
+	"\x04G\x03\b\x00\x00\x04\xf5" + // 0x04470308: 0x000004F5
+	"\x04+\x03\b\x00\x00\x04\xf8" + // 0x042B0308: 0x000004F8
+	"\x04K\x03\b\x00\x00\x04\xf9" + // 0x044B0308: 0x000004F9
+	"\x06'\x06S\x00\x00\x06\"" + // 0x06270653: 0x00000622
+	"\x06'\x06T\x00\x00\x06#" + // 0x06270654: 0x00000623
+	"\x06H\x06T\x00\x00\x06$" + // 0x06480654: 0x00000624
+	"\x06'\x06U\x00\x00\x06%" + // 0x06270655: 0x00000625
+	"\x06J\x06T\x00\x00\x06&" + // 0x064A0654: 0x00000626
+	"\x06\xd5\x06T\x00\x00\x06\xc0" + // 0x06D50654: 0x000006C0
+	"\x06\xc1\x06T\x00\x00\x06\xc2" + // 0x06C10654: 0x000006C2
+	"\x06\xd2\x06T\x00\x00\x06\xd3" + // 0x06D20654: 0x000006D3
+	"\t(\t<\x00\x00\t)" + // 0x0928093C: 0x00000929
+	"\t0\t<\x00\x00\t1" + // 0x0930093C: 0x00000931
+	"\t3\t<\x00\x00\t4" + // 0x0933093C: 0x00000934
+	"\t\xc7\t\xbe\x00\x00\t\xcb" + // 0x09C709BE: 0x000009CB
+	"\t\xc7\t\xd7\x00\x00\t\xcc" + // 0x09C709D7: 0x000009CC
+	"\vG\vV\x00\x00\vH" + // 0x0B470B56: 0x00000B48
+	"\vG\v>\x00\x00\vK" + // 0x0B470B3E: 0x00000B4B
+	"\vG\vW\x00\x00\vL" + // 0x0B470B57: 0x00000B4C
+	"\v\x92\v\xd7\x00\x00\v\x94" + // 0x0B920BD7: 0x00000B94
+	"\v\xc6\v\xbe\x00\x00\v\xca" + // 0x0BC60BBE: 0x00000BCA
+	"\v\xc7\v\xbe\x00\x00\v\xcb" + // 0x0BC70BBE: 0x00000BCB
+	"\v\xc6\v\xd7\x00\x00\v\xcc" + // 0x0BC60BD7: 0x00000BCC
+	"\fF\fV\x00\x00\fH" + // 0x0C460C56: 0x00000C48
+	"\f\xbf\f\xd5\x00\x00\f\xc0" + // 0x0CBF0CD5: 0x00000CC0
+	"\f\xc6\f\xd5\x00\x00\f\xc7" + // 0x0CC60CD5: 0x00000CC7
+	"\f\xc6\f\xd6\x00\x00\f\xc8" + // 0x0CC60CD6: 0x00000CC8
+	"\f\xc6\f\xc2\x00\x00\f\xca" + // 0x0CC60CC2: 0x00000CCA
+	"\f\xca\f\xd5\x00\x00\f\xcb" + // 0x0CCA0CD5: 0x00000CCB
+	"\rF\r>\x00\x00\rJ" + // 0x0D460D3E: 0x00000D4A
+	"\rG\r>\x00\x00\rK" + // 0x0D470D3E: 0x00000D4B
+	"\rF\rW\x00\x00\rL" + // 0x0D460D57: 0x00000D4C
+	"\r\xd9\r\xca\x00\x00\r\xda" + // 0x0DD90DCA: 0x00000DDA
+	"\r\xd9\r\xcf\x00\x00\r\xdc" + // 0x0DD90DCF: 0x00000DDC
+	"\r\xdc\r\xca\x00\x00\r\xdd" + // 0x0DDC0DCA: 0x00000DDD
+	"\r\xd9\r\xdf\x00\x00\r\xde" + // 0x0DD90DDF: 0x00000DDE
+	"\x10%\x10.\x00\x00\x10&" + // 0x1025102E: 0x00001026
+	"\x1b\x05\x1b5\x00\x00\x1b\x06" + // 0x1B051B35: 0x00001B06
+	"\x1b\a\x1b5\x00\x00\x1b\b" + // 0x1B071B35: 0x00001B08
+	"\x1b\t\x1b5\x00\x00\x1b\n" + // 0x1B091B35: 0x00001B0A
+	"\x1b\v\x1b5\x00\x00\x1b\f" + // 0x1B0B1B35: 0x00001B0C
+	"\x1b\r\x1b5\x00\x00\x1b\x0e" + // 0x1B0D1B35: 0x00001B0E
+	"\x1b\x11\x1b5\x00\x00\x1b\x12" + // 0x1B111B35: 0x00001B12
+	"\x1b:\x1b5\x00\x00\x1b;" + // 0x1B3A1B35: 0x00001B3B
+	"\x1b<\x1b5\x00\x00\x1b=" + // 0x1B3C1B35: 0x00001B3D
+	"\x1b>\x1b5\x00\x00\x1b@" + // 0x1B3E1B35: 0x00001B40
+	"\x1b?\x1b5\x00\x00\x1bA" + // 0x1B3F1B35: 0x00001B41
+	"\x1bB\x1b5\x00\x00\x1bC" + // 0x1B421B35: 0x00001B43
+	"\x00A\x03%\x00\x00\x1e\x00" + // 0x00410325: 0x00001E00
+	"\x00a\x03%\x00\x00\x1e\x01" + // 0x00610325: 0x00001E01
+	"\x00B\x03\a\x00\x00\x1e\x02" + // 0x00420307: 0x00001E02
+	"\x00b\x03\a\x00\x00\x1e\x03" + // 0x00620307: 0x00001E03
+	"\x00B\x03#\x00\x00\x1e\x04" + // 0x00420323: 0x00001E04
+	"\x00b\x03#\x00\x00\x1e\x05" + // 0x00620323: 0x00001E05
+	"\x00B\x031\x00\x00\x1e\x06" + // 0x00420331: 0x00001E06
+	"\x00b\x031\x00\x00\x1e\a" + // 0x00620331: 0x00001E07
+	"\x00\xc7\x03\x01\x00\x00\x1e\b" + // 0x00C70301: 0x00001E08
+	"\x00\xe7\x03\x01\x00\x00\x1e\t" + // 0x00E70301: 0x00001E09
+	"\x00D\x03\a\x00\x00\x1e\n" + // 0x00440307: 0x00001E0A
+	"\x00d\x03\a\x00\x00\x1e\v" + // 0x00640307: 0x00001E0B
+	"\x00D\x03#\x00\x00\x1e\f" + // 0x00440323: 0x00001E0C
+	"\x00d\x03#\x00\x00\x1e\r" + // 0x00640323: 0x00001E0D
+	"\x00D\x031\x00\x00\x1e\x0e" + // 0x00440331: 0x00001E0E
+	"\x00d\x031\x00\x00\x1e\x0f" + // 0x00640331: 0x00001E0F
+	"\x00D\x03'\x00\x00\x1e\x10" + // 0x00440327: 0x00001E10
+	"\x00d\x03'\x00\x00\x1e\x11" + // 0x00640327: 0x00001E11
+	"\x00D\x03-\x00\x00\x1e\x12" + // 0x0044032D: 0x00001E12
+	"\x00d\x03-\x00\x00\x1e\x13" + // 0x0064032D: 0x00001E13
+	"\x01\x12\x03\x00\x00\x00\x1e\x14" + // 0x01120300: 0x00001E14
+	"\x01\x13\x03\x00\x00\x00\x1e\x15" + // 0x01130300: 0x00001E15
+	"\x01\x12\x03\x01\x00\x00\x1e\x16" + // 0x01120301: 0x00001E16
+	"\x01\x13\x03\x01\x00\x00\x1e\x17" + // 0x01130301: 0x00001E17
+	"\x00E\x03-\x00\x00\x1e\x18" + // 0x0045032D: 0x00001E18
+	"\x00e\x03-\x00\x00\x1e\x19" + // 0x0065032D: 0x00001E19
+	"\x00E\x030\x00\x00\x1e\x1a" + // 0x00450330: 0x00001E1A
+	"\x00e\x030\x00\x00\x1e\x1b" + // 0x00650330: 0x00001E1B
+	"\x02(\x03\x06\x00\x00\x1e\x1c" + // 0x02280306: 0x00001E1C
+	"\x02)\x03\x06\x00\x00\x1e\x1d" + // 0x02290306: 0x00001E1D
+	"\x00F\x03\a\x00\x00\x1e\x1e" + // 0x00460307: 0x00001E1E
+	"\x00f\x03\a\x00\x00\x1e\x1f" + // 0x00660307: 0x00001E1F
+	"\x00G\x03\x04\x00\x00\x1e " + // 0x00470304: 0x00001E20
+	"\x00g\x03\x04\x00\x00\x1e!" + // 0x00670304: 0x00001E21
+	"\x00H\x03\a\x00\x00\x1e\"" + // 0x00480307: 0x00001E22
+	"\x00h\x03\a\x00\x00\x1e#" + // 0x00680307: 0x00001E23
+	"\x00H\x03#\x00\x00\x1e$" + // 0x00480323: 0x00001E24
+	"\x00h\x03#\x00\x00\x1e%" + // 0x00680323: 0x00001E25
+	"\x00H\x03\b\x00\x00\x1e&" + // 0x00480308: 0x00001E26
+	"\x00h\x03\b\x00\x00\x1e'" + // 0x00680308: 0x00001E27
+	"\x00H\x03'\x00\x00\x1e(" + // 0x00480327: 0x00001E28
+	"\x00h\x03'\x00\x00\x1e)" + // 0x00680327: 0x00001E29
+	"\x00H\x03.\x00\x00\x1e*" + // 0x0048032E: 0x00001E2A
+	"\x00h\x03.\x00\x00\x1e+" + // 0x0068032E: 0x00001E2B
+	"\x00I\x030\x00\x00\x1e," + // 0x00490330: 0x00001E2C
+	"\x00i\x030\x00\x00\x1e-" + // 0x00690330: 0x00001E2D
+	"\x00\xcf\x03\x01\x00\x00\x1e." + // 0x00CF0301: 0x00001E2E
+	"\x00\xef\x03\x01\x00\x00\x1e/" + // 0x00EF0301: 0x00001E2F
+	"\x00K\x03\x01\x00\x00\x1e0" + // 0x004B0301: 0x00001E30
+	"\x00k\x03\x01\x00\x00\x1e1" + // 0x006B0301: 0x00001E31
+	"\x00K\x03#\x00\x00\x1e2" + // 0x004B0323: 0x00001E32
+	"\x00k\x03#\x00\x00\x1e3" + // 0x006B0323: 0x00001E33
+	"\x00K\x031\x00\x00\x1e4" + // 0x004B0331: 0x00001E34
+	"\x00k\x031\x00\x00\x1e5" + // 0x006B0331: 0x00001E35
+	"\x00L\x03#\x00\x00\x1e6" + // 0x004C0323: 0x00001E36
+	"\x00l\x03#\x00\x00\x1e7" + // 0x006C0323: 0x00001E37
+	"\x1e6\x03\x04\x00\x00\x1e8" + // 0x1E360304: 0x00001E38
+	"\x1e7\x03\x04\x00\x00\x1e9" + // 0x1E370304: 0x00001E39
+	"\x00L\x031\x00\x00\x1e:" + // 0x004C0331: 0x00001E3A
+	"\x00l\x031\x00\x00\x1e;" + // 0x006C0331: 0x00001E3B
+	"\x00L\x03-\x00\x00\x1e<" + // 0x004C032D: 0x00001E3C
+	"\x00l\x03-\x00\x00\x1e=" + // 0x006C032D: 0x00001E3D
+	"\x00M\x03\x01\x00\x00\x1e>" + // 0x004D0301: 0x00001E3E
+	"\x00m\x03\x01\x00\x00\x1e?" + // 0x006D0301: 0x00001E3F
+	"\x00M\x03\a\x00\x00\x1e@" + // 0x004D0307: 0x00001E40
+	"\x00m\x03\a\x00\x00\x1eA" + // 0x006D0307: 0x00001E41
+	"\x00M\x03#\x00\x00\x1eB" + // 0x004D0323: 0x00001E42
+	"\x00m\x03#\x00\x00\x1eC" + // 0x006D0323: 0x00001E43
+	"\x00N\x03\a\x00\x00\x1eD" + // 0x004E0307: 0x00001E44
+	"\x00n\x03\a\x00\x00\x1eE" + // 0x006E0307: 0x00001E45
+	"\x00N\x03#\x00\x00\x1eF" + // 0x004E0323: 0x00001E46
+	"\x00n\x03#\x00\x00\x1eG" + // 0x006E0323: 0x00001E47
+	"\x00N\x031\x00\x00\x1eH" + // 0x004E0331: 0x00001E48
+	"\x00n\x031\x00\x00\x1eI" + // 0x006E0331: 0x00001E49
+	"\x00N\x03-\x00\x00\x1eJ" + // 0x004E032D: 0x00001E4A
+	"\x00n\x03-\x00\x00\x1eK" + // 0x006E032D: 0x00001E4B
+	"\x00\xd5\x03\x01\x00\x00\x1eL" + // 0x00D50301: 0x00001E4C
+	"\x00\xf5\x03\x01\x00\x00\x1eM" + // 0x00F50301: 0x00001E4D
+	"\x00\xd5\x03\b\x00\x00\x1eN" + // 0x00D50308: 0x00001E4E
+	"\x00\xf5\x03\b\x00\x00\x1eO" + // 0x00F50308: 0x00001E4F
+	"\x01L\x03\x00\x00\x00\x1eP" + // 0x014C0300: 0x00001E50
+	"\x01M\x03\x00\x00\x00\x1eQ" + // 0x014D0300: 0x00001E51
+	"\x01L\x03\x01\x00\x00\x1eR" + // 0x014C0301: 0x00001E52
+	"\x01M\x03\x01\x00\x00\x1eS" + // 0x014D0301: 0x00001E53
+	"\x00P\x03\x01\x00\x00\x1eT" + // 0x00500301: 0x00001E54
+	"\x00p\x03\x01\x00\x00\x1eU" + // 0x00700301: 0x00001E55
+	"\x00P\x03\a\x00\x00\x1eV" + // 0x00500307: 0x00001E56
+	"\x00p\x03\a\x00\x00\x1eW" + // 0x00700307: 0x00001E57
+	"\x00R\x03\a\x00\x00\x1eX" + // 0x00520307: 0x00001E58
+	"\x00r\x03\a\x00\x00\x1eY" + // 0x00720307: 0x00001E59
+	"\x00R\x03#\x00\x00\x1eZ" + // 0x00520323: 0x00001E5A
+	"\x00r\x03#\x00\x00\x1e[" + // 0x00720323: 0x00001E5B
+	"\x1eZ\x03\x04\x00\x00\x1e\\" + // 0x1E5A0304: 0x00001E5C
+	"\x1e[\x03\x04\x00\x00\x1e]" + // 0x1E5B0304: 0x00001E5D
+	"\x00R\x031\x00\x00\x1e^" + // 0x00520331: 0x00001E5E
+	"\x00r\x031\x00\x00\x1e_" + // 0x00720331: 0x00001E5F
+	"\x00S\x03\a\x00\x00\x1e`" + // 0x00530307: 0x00001E60
+	"\x00s\x03\a\x00\x00\x1ea" + // 0x00730307: 0x00001E61
+	"\x00S\x03#\x00\x00\x1eb" + // 0x00530323: 0x00001E62
+	"\x00s\x03#\x00\x00\x1ec" + // 0x00730323: 0x00001E63
+	"\x01Z\x03\a\x00\x00\x1ed" + // 0x015A0307: 0x00001E64
+	"\x01[\x03\a\x00\x00\x1ee" + // 0x015B0307: 0x00001E65
+	"\x01`\x03\a\x00\x00\x1ef" + // 0x01600307: 0x00001E66
+	"\x01a\x03\a\x00\x00\x1eg" + // 0x01610307: 0x00001E67
+	"\x1eb\x03\a\x00\x00\x1eh" + // 0x1E620307: 0x00001E68
+	"\x1ec\x03\a\x00\x00\x1ei" + // 0x1E630307: 0x00001E69
+	"\x00T\x03\a\x00\x00\x1ej" + // 0x00540307: 0x00001E6A
+	"\x00t\x03\a\x00\x00\x1ek" + // 0x00740307: 0x00001E6B
+	"\x00T\x03#\x00\x00\x1el" + // 0x00540323: 0x00001E6C
+	"\x00t\x03#\x00\x00\x1em" + // 0x00740323: 0x00001E6D
+	"\x00T\x031\x00\x00\x1en" + // 0x00540331: 0x00001E6E
+	"\x00t\x031\x00\x00\x1eo" + // 0x00740331: 0x00001E6F
+	"\x00T\x03-\x00\x00\x1ep" + // 0x0054032D: 0x00001E70
+	"\x00t\x03-\x00\x00\x1eq" + // 0x0074032D: 0x00001E71
+	"\x00U\x03$\x00\x00\x1er" + // 0x00550324: 0x00001E72
+	"\x00u\x03$\x00\x00\x1es" + // 0x00750324: 0x00001E73
+	"\x00U\x030\x00\x00\x1et" + // 0x00550330: 0x00001E74
+	"\x00u\x030\x00\x00\x1eu" + // 0x00750330: 0x00001E75
+	"\x00U\x03-\x00\x00\x1ev" + // 0x0055032D: 0x00001E76
+	"\x00u\x03-\x00\x00\x1ew" + // 0x0075032D: 0x00001E77
+	"\x01h\x03\x01\x00\x00\x1ex" + // 0x01680301: 0x00001E78
+	"\x01i\x03\x01\x00\x00\x1ey" + // 0x01690301: 0x00001E79
+	"\x01j\x03\b\x00\x00\x1ez" + // 0x016A0308: 0x00001E7A
+	"\x01k\x03\b\x00\x00\x1e{" + // 0x016B0308: 0x00001E7B
+	"\x00V\x03\x03\x00\x00\x1e|" + // 0x00560303: 0x00001E7C
+	"\x00v\x03\x03\x00\x00\x1e}" + // 0x00760303: 0x00001E7D
+	"\x00V\x03#\x00\x00\x1e~" + // 0x00560323: 0x00001E7E
+	"\x00v\x03#\x00\x00\x1e\x7f" + // 0x00760323: 0x00001E7F
+	"\x00W\x03\x00\x00\x00\x1e\x80" + // 0x00570300: 0x00001E80
+	"\x00w\x03\x00\x00\x00\x1e\x81" + // 0x00770300: 0x00001E81
+	"\x00W\x03\x01\x00\x00\x1e\x82" + // 0x00570301: 0x00001E82
+	"\x00w\x03\x01\x00\x00\x1e\x83" + // 0x00770301: 0x00001E83
+	"\x00W\x03\b\x00\x00\x1e\x84" + // 0x00570308: 0x00001E84
+	"\x00w\x03\b\x00\x00\x1e\x85" + // 0x00770308: 0x00001E85
+	"\x00W\x03\a\x00\x00\x1e\x86" + // 0x00570307: 0x00001E86
+	"\x00w\x03\a\x00\x00\x1e\x87" + // 0x00770307: 0x00001E87
+	"\x00W\x03#\x00\x00\x1e\x88" + // 0x00570323: 0x00001E88
+	"\x00w\x03#\x00\x00\x1e\x89" + // 0x00770323: 0x00001E89
+	"\x00X\x03\a\x00\x00\x1e\x8a" + // 0x00580307: 0x00001E8A
+	"\x00x\x03\a\x00\x00\x1e\x8b" + // 0x00780307: 0x00001E8B
+	"\x00X\x03\b\x00\x00\x1e\x8c" + // 0x00580308: 0x00001E8C
+	"\x00x\x03\b\x00\x00\x1e\x8d" + // 0x00780308: 0x00001E8D
+	"\x00Y\x03\a\x00\x00\x1e\x8e" + // 0x00590307: 0x00001E8E
+	"\x00y\x03\a\x00\x00\x1e\x8f" + // 0x00790307: 0x00001E8F
+	"\x00Z\x03\x02\x00\x00\x1e\x90" + // 0x005A0302: 0x00001E90
+	"\x00z\x03\x02\x00\x00\x1e\x91" + // 0x007A0302: 0x00001E91
+	"\x00Z\x03#\x00\x00\x1e\x92" + // 0x005A0323: 0x00001E92
+	"\x00z\x03#\x00\x00\x1e\x93" + // 0x007A0323: 0x00001E93
+	"\x00Z\x031\x00\x00\x1e\x94" + // 0x005A0331: 0x00001E94
+	"\x00z\x031\x00\x00\x1e\x95" + // 0x007A0331: 0x00001E95
+	"\x00h\x031\x00\x00\x1e\x96" + // 0x00680331: 0x00001E96
+	"\x00t\x03\b\x00\x00\x1e\x97" + // 0x00740308: 0x00001E97
+	"\x00w\x03\n\x00\x00\x1e\x98" + // 0x0077030A: 0x00001E98
+	"\x00y\x03\n\x00\x00\x1e\x99" + // 0x0079030A: 0x00001E99
+	"\x01\x7f\x03\a\x00\x00\x1e\x9b" + // 0x017F0307: 0x00001E9B
+	"\x00A\x03#\x00\x00\x1e\xa0" + // 0x00410323: 0x00001EA0
+	"\x00a\x03#\x00\x00\x1e\xa1" + // 0x00610323: 0x00001EA1
+	"\x00A\x03\t\x00\x00\x1e\xa2" + // 0x00410309: 0x00001EA2
+	"\x00a\x03\t\x00\x00\x1e\xa3" + // 0x00610309: 0x00001EA3
+	"\x00\xc2\x03\x01\x00\x00\x1e\xa4" + // 0x00C20301: 0x00001EA4
+	"\x00\xe2\x03\x01\x00\x00\x1e\xa5" + // 0x00E20301: 0x00001EA5
+	"\x00\xc2\x03\x00\x00\x00\x1e\xa6" + // 0x00C20300: 0x00001EA6
+	"\x00\xe2\x03\x00\x00\x00\x1e\xa7" + // 0x00E20300: 0x00001EA7
+	"\x00\xc2\x03\t\x00\x00\x1e\xa8" + // 0x00C20309: 0x00001EA8
+	"\x00\xe2\x03\t\x00\x00\x1e\xa9" + // 0x00E20309: 0x00001EA9
+	"\x00\xc2\x03\x03\x00\x00\x1e\xaa" + // 0x00C20303: 0x00001EAA
+	"\x00\xe2\x03\x03\x00\x00\x1e\xab" + // 0x00E20303: 0x00001EAB
+	"\x1e\xa0\x03\x02\x00\x00\x1e\xac" + // 0x1EA00302: 0x00001EAC
+	"\x1e\xa1\x03\x02\x00\x00\x1e\xad" + // 0x1EA10302: 0x00001EAD
+	"\x01\x02\x03\x01\x00\x00\x1e\xae" + // 0x01020301: 0x00001EAE
+	"\x01\x03\x03\x01\x00\x00\x1e\xaf" + // 0x01030301: 0x00001EAF
+	"\x01\x02\x03\x00\x00\x00\x1e\xb0" + // 0x01020300: 0x00001EB0
+	"\x01\x03\x03\x00\x00\x00\x1e\xb1" + // 0x01030300: 0x00001EB1
+	"\x01\x02\x03\t\x00\x00\x1e\xb2" + // 0x01020309: 0x00001EB2
+	"\x01\x03\x03\t\x00\x00\x1e\xb3" + // 0x01030309: 0x00001EB3
+	"\x01\x02\x03\x03\x00\x00\x1e\xb4" + // 0x01020303: 0x00001EB4
+	"\x01\x03\x03\x03\x00\x00\x1e\xb5" + // 0x01030303: 0x00001EB5
+	"\x1e\xa0\x03\x06\x00\x00\x1e\xb6" + // 0x1EA00306: 0x00001EB6
+	"\x1e\xa1\x03\x06\x00\x00\x1e\xb7" + // 0x1EA10306: 0x00001EB7
+	"\x00E\x03#\x00\x00\x1e\xb8" + // 0x00450323: 0x00001EB8
+	"\x00e\x03#\x00\x00\x1e\xb9" + // 0x00650323: 0x00001EB9
+	"\x00E\x03\t\x00\x00\x1e\xba" + // 0x00450309: 0x00001EBA
+	"\x00e\x03\t\x00\x00\x1e\xbb" + // 0x00650309: 0x00001EBB
+	"\x00E\x03\x03\x00\x00\x1e\xbc" + // 0x00450303: 0x00001EBC
+	"\x00e\x03\x03\x00\x00\x1e\xbd" + // 0x00650303: 0x00001EBD
+	"\x00\xca\x03\x01\x00\x00\x1e\xbe" + // 0x00CA0301: 0x00001EBE
+	"\x00\xea\x03\x01\x00\x00\x1e\xbf" + // 0x00EA0301: 0x00001EBF
+	"\x00\xca\x03\x00\x00\x00\x1e\xc0" + // 0x00CA0300: 0x00001EC0
+	"\x00\xea\x03\x00\x00\x00\x1e\xc1" + // 0x00EA0300: 0x00001EC1
+	"\x00\xca\x03\t\x00\x00\x1e\xc2" + // 0x00CA0309: 0x00001EC2
+	"\x00\xea\x03\t\x00\x00\x1e\xc3" + // 0x00EA0309: 0x00001EC3
+	"\x00\xca\x03\x03\x00\x00\x1e\xc4" + // 0x00CA0303: 0x00001EC4
+	"\x00\xea\x03\x03\x00\x00\x1e\xc5" + // 0x00EA0303: 0x00001EC5
+	"\x1e\xb8\x03\x02\x00\x00\x1e\xc6" + // 0x1EB80302: 0x00001EC6
+	"\x1e\xb9\x03\x02\x00\x00\x1e\xc7" + // 0x1EB90302: 0x00001EC7
+	"\x00I\x03\t\x00\x00\x1e\xc8" + // 0x00490309: 0x00001EC8
+	"\x00i\x03\t\x00\x00\x1e\xc9" + // 0x00690309: 0x00001EC9
+	"\x00I\x03#\x00\x00\x1e\xca" + // 0x00490323: 0x00001ECA
+	"\x00i\x03#\x00\x00\x1e\xcb" + // 0x00690323: 0x00001ECB
+	"\x00O\x03#\x00\x00\x1e\xcc" + // 0x004F0323: 0x00001ECC
+	"\x00o\x03#\x00\x00\x1e\xcd" + // 0x006F0323: 0x00001ECD
+	"\x00O\x03\t\x00\x00\x1e\xce" + // 0x004F0309: 0x00001ECE
+	"\x00o\x03\t\x00\x00\x1e\xcf" + // 0x006F0309: 0x00001ECF
+	"\x00\xd4\x03\x01\x00\x00\x1e\xd0" + // 0x00D40301: 0x00001ED0
+	"\x00\xf4\x03\x01\x00\x00\x1e\xd1" + // 0x00F40301: 0x00001ED1
+	"\x00\xd4\x03\x00\x00\x00\x1e\xd2" + // 0x00D40300: 0x00001ED2
+	"\x00\xf4\x03\x00\x00\x00\x1e\xd3" + // 0x00F40300: 0x00001ED3
+	"\x00\xd4\x03\t\x00\x00\x1e\xd4" + // 0x00D40309: 0x00001ED4
+	"\x00\xf4\x03\t\x00\x00\x1e\xd5" + // 0x00F40309: 0x00001ED5
+	"\x00\xd4\x03\x03\x00\x00\x1e\xd6" + // 0x00D40303: 0x00001ED6
+	"\x00\xf4\x03\x03\x00\x00\x1e\xd7" + // 0x00F40303: 0x00001ED7
+	"\x1e\xcc\x03\x02\x00\x00\x1e\xd8" + // 0x1ECC0302: 0x00001ED8
+	"\x1e\xcd\x03\x02\x00\x00\x1e\xd9" + // 0x1ECD0302: 0x00001ED9
+	"\x01\xa0\x03\x01\x00\x00\x1e\xda" + // 0x01A00301: 0x00001EDA
+	"\x01\xa1\x03\x01\x00\x00\x1e\xdb" + // 0x01A10301: 0x00001EDB
+	"\x01\xa0\x03\x00\x00\x00\x1e\xdc" + // 0x01A00300: 0x00001EDC
+	"\x01\xa1\x03\x00\x00\x00\x1e\xdd" + // 0x01A10300: 0x00001EDD
+	"\x01\xa0\x03\t\x00\x00\x1e\xde" + // 0x01A00309: 0x00001EDE
+	"\x01\xa1\x03\t\x00\x00\x1e\xdf" + // 0x01A10309: 0x00001EDF
+	"\x01\xa0\x03\x03\x00\x00\x1e\xe0" + // 0x01A00303: 0x00001EE0
+	"\x01\xa1\x03\x03\x00\x00\x1e\xe1" + // 0x01A10303: 0x00001EE1
+	"\x01\xa0\x03#\x00\x00\x1e\xe2" + // 0x01A00323: 0x00001EE2
+	"\x01\xa1\x03#\x00\x00\x1e\xe3" + // 0x01A10323: 0x00001EE3
+	"\x00U\x03#\x00\x00\x1e\xe4" + // 0x00550323: 0x00001EE4
+	"\x00u\x03#\x00\x00\x1e\xe5" + // 0x00750323: 0x00001EE5
+	"\x00U\x03\t\x00\x00\x1e\xe6" + // 0x00550309: 0x00001EE6
+	"\x00u\x03\t\x00\x00\x1e\xe7" + // 0x00750309: 0x00001EE7
+	"\x01\xaf\x03\x01\x00\x00\x1e\xe8" + // 0x01AF0301: 0x00001EE8
+	"\x01\xb0\x03\x01\x00\x00\x1e\xe9" + // 0x01B00301: 0x00001EE9
+	"\x01\xaf\x03\x00\x00\x00\x1e\xea" + // 0x01AF0300: 0x00001EEA
+	"\x01\xb0\x03\x00\x00\x00\x1e\xeb" + // 0x01B00300: 0x00001EEB
+	"\x01\xaf\x03\t\x00\x00\x1e\xec" + // 0x01AF0309: 0x00001EEC
+	"\x01\xb0\x03\t\x00\x00\x1e\xed" + // 0x01B00309: 0x00001EED
+	"\x01\xaf\x03\x03\x00\x00\x1e\xee" + // 0x01AF0303: 0x00001EEE
+	"\x01\xb0\x03\x03\x00\x00\x1e\xef" + // 0x01B00303: 0x00001EEF
+	"\x01\xaf\x03#\x00\x00\x1e\xf0" + // 0x01AF0323: 0x00001EF0
+	"\x01\xb0\x03#\x00\x00\x1e\xf1" + // 0x01B00323: 0x00001EF1
+	"\x00Y\x03\x00\x00\x00\x1e\xf2" + // 0x00590300: 0x00001EF2
+	"\x00y\x03\x00\x00\x00\x1e\xf3" + // 0x00790300: 0x00001EF3
+	"\x00Y\x03#\x00\x00\x1e\xf4" + // 0x00590323: 0x00001EF4
+	"\x00y\x03#\x00\x00\x1e\xf5" + // 0x00790323: 0x00001EF5
+	"\x00Y\x03\t\x00\x00\x1e\xf6" + // 0x00590309: 0x00001EF6
+	"\x00y\x03\t\x00\x00\x1e\xf7" + // 0x00790309: 0x00001EF7
+	"\x00Y\x03\x03\x00\x00\x1e\xf8" + // 0x00590303: 0x00001EF8
+	"\x00y\x03\x03\x00\x00\x1e\xf9" + // 0x00790303: 0x00001EF9
+	"\x03\xb1\x03\x13\x00\x00\x1f\x00" + // 0x03B10313: 0x00001F00
+	"\x03\xb1\x03\x14\x00\x00\x1f\x01" + // 0x03B10314: 0x00001F01
+	"\x1f\x00\x03\x00\x00\x00\x1f\x02" + // 0x1F000300: 0x00001F02
+	"\x1f\x01\x03\x00\x00\x00\x1f\x03" + // 0x1F010300: 0x00001F03
+	"\x1f\x00\x03\x01\x00\x00\x1f\x04" + // 0x1F000301: 0x00001F04
+	"\x1f\x01\x03\x01\x00\x00\x1f\x05" + // 0x1F010301: 0x00001F05
+	"\x1f\x00\x03B\x00\x00\x1f\x06" + // 0x1F000342: 0x00001F06
+	"\x1f\x01\x03B\x00\x00\x1f\a" + // 0x1F010342: 0x00001F07
+	"\x03\x91\x03\x13\x00\x00\x1f\b" + // 0x03910313: 0x00001F08
+	"\x03\x91\x03\x14\x00\x00\x1f\t" + // 0x03910314: 0x00001F09
+	"\x1f\b\x03\x00\x00\x00\x1f\n" + // 0x1F080300: 0x00001F0A
+	"\x1f\t\x03\x00\x00\x00\x1f\v" + // 0x1F090300: 0x00001F0B
+	"\x1f\b\x03\x01\x00\x00\x1f\f" + // 0x1F080301: 0x00001F0C
+	"\x1f\t\x03\x01\x00\x00\x1f\r" + // 0x1F090301: 0x00001F0D
+	"\x1f\b\x03B\x00\x00\x1f\x0e" + // 0x1F080342: 0x00001F0E
+	"\x1f\t\x03B\x00\x00\x1f\x0f" + // 0x1F090342: 0x00001F0F
+	"\x03\xb5\x03\x13\x00\x00\x1f\x10" + // 0x03B50313: 0x00001F10
+	"\x03\xb5\x03\x14\x00\x00\x1f\x11" + // 0x03B50314: 0x00001F11
+	"\x1f\x10\x03\x00\x00\x00\x1f\x12" + // 0x1F100300: 0x00001F12
+	"\x1f\x11\x03\x00\x00\x00\x1f\x13" + // 0x1F110300: 0x00001F13
+	"\x1f\x10\x03\x01\x00\x00\x1f\x14" + // 0x1F100301: 0x00001F14
+	"\x1f\x11\x03\x01\x00\x00\x1f\x15" + // 0x1F110301: 0x00001F15
+	"\x03\x95\x03\x13\x00\x00\x1f\x18" + // 0x03950313: 0x00001F18
+	"\x03\x95\x03\x14\x00\x00\x1f\x19" + // 0x03950314: 0x00001F19
+	"\x1f\x18\x03\x00\x00\x00\x1f\x1a" + // 0x1F180300: 0x00001F1A
+	"\x1f\x19\x03\x00\x00\x00\x1f\x1b" + // 0x1F190300: 0x00001F1B
+	"\x1f\x18\x03\x01\x00\x00\x1f\x1c" + // 0x1F180301: 0x00001F1C
+	"\x1f\x19\x03\x01\x00\x00\x1f\x1d" + // 0x1F190301: 0x00001F1D
+	"\x03\xb7\x03\x13\x00\x00\x1f " + // 0x03B70313: 0x00001F20
+	"\x03\xb7\x03\x14\x00\x00\x1f!" + // 0x03B70314: 0x00001F21
+	"\x1f \x03\x00\x00\x00\x1f\"" + // 0x1F200300: 0x00001F22
+	"\x1f!\x03\x00\x00\x00\x1f#" + // 0x1F210300: 0x00001F23
+	"\x1f \x03\x01\x00\x00\x1f$" + // 0x1F200301: 0x00001F24
+	"\x1f!\x03\x01\x00\x00\x1f%" + // 0x1F210301: 0x00001F25
+	"\x1f \x03B\x00\x00\x1f&" + // 0x1F200342: 0x00001F26
+	"\x1f!\x03B\x00\x00\x1f'" + // 0x1F210342: 0x00001F27
+	"\x03\x97\x03\x13\x00\x00\x1f(" + // 0x03970313: 0x00001F28
+	"\x03\x97\x03\x14\x00\x00\x1f)" + // 0x03970314: 0x00001F29
+	"\x1f(\x03\x00\x00\x00\x1f*" + // 0x1F280300: 0x00001F2A
+	"\x1f)\x03\x00\x00\x00\x1f+" + // 0x1F290300: 0x00001F2B
+	"\x1f(\x03\x01\x00\x00\x1f," + // 0x1F280301: 0x00001F2C
+	"\x1f)\x03\x01\x00\x00\x1f-" + // 0x1F290301: 0x00001F2D
+	"\x1f(\x03B\x00\x00\x1f." + // 0x1F280342: 0x00001F2E
+	"\x1f)\x03B\x00\x00\x1f/" + // 0x1F290342: 0x00001F2F
+	"\x03\xb9\x03\x13\x00\x00\x1f0" + // 0x03B90313: 0x00001F30
+	"\x03\xb9\x03\x14\x00\x00\x1f1" + // 0x03B90314: 0x00001F31
+	"\x1f0\x03\x00\x00\x00\x1f2" + // 0x1F300300: 0x00001F32
+	"\x1f1\x03\x00\x00\x00\x1f3" + // 0x1F310300: 0x00001F33
+	"\x1f0\x03\x01\x00\x00\x1f4" + // 0x1F300301: 0x00001F34
+	"\x1f1\x03\x01\x00\x00\x1f5" + // 0x1F310301: 0x00001F35
+	"\x1f0\x03B\x00\x00\x1f6" + // 0x1F300342: 0x00001F36
+	"\x1f1\x03B\x00\x00\x1f7" + // 0x1F310342: 0x00001F37
+	"\x03\x99\x03\x13\x00\x00\x1f8" + // 0x03990313: 0x00001F38
+	"\x03\x99\x03\x14\x00\x00\x1f9" + // 0x03990314: 0x00001F39
+	"\x1f8\x03\x00\x00\x00\x1f:" + // 0x1F380300: 0x00001F3A
+	"\x1f9\x03\x00\x00\x00\x1f;" + // 0x1F390300: 0x00001F3B
+	"\x1f8\x03\x01\x00\x00\x1f<" + // 0x1F380301: 0x00001F3C
+	"\x1f9\x03\x01\x00\x00\x1f=" + // 0x1F390301: 0x00001F3D
+	"\x1f8\x03B\x00\x00\x1f>" + // 0x1F380342: 0x00001F3E
+	"\x1f9\x03B\x00\x00\x1f?" + // 0x1F390342: 0x00001F3F
+	"\x03\xbf\x03\x13\x00\x00\x1f@" + // 0x03BF0313: 0x00001F40
+	"\x03\xbf\x03\x14\x00\x00\x1fA" + // 0x03BF0314: 0x00001F41
+	"\x1f@\x03\x00\x00\x00\x1fB" + // 0x1F400300: 0x00001F42
+	"\x1fA\x03\x00\x00\x00\x1fC" + // 0x1F410300: 0x00001F43
+	"\x1f@\x03\x01\x00\x00\x1fD" + // 0x1F400301: 0x00001F44
+	"\x1fA\x03\x01\x00\x00\x1fE" + // 0x1F410301: 0x00001F45
+	"\x03\x9f\x03\x13\x00\x00\x1fH" + // 0x039F0313: 0x00001F48
+	"\x03\x9f\x03\x14\x00\x00\x1fI" + // 0x039F0314: 0x00001F49
+	"\x1fH\x03\x00\x00\x00\x1fJ" + // 0x1F480300: 0x00001F4A
+	"\x1fI\x03\x00\x00\x00\x1fK" + // 0x1F490300: 0x00001F4B
+	"\x1fH\x03\x01\x00\x00\x1fL" + // 0x1F480301: 0x00001F4C
+	"\x1fI\x03\x01\x00\x00\x1fM" + // 0x1F490301: 0x00001F4D
+	"\x03\xc5\x03\x13\x00\x00\x1fP" + // 0x03C50313: 0x00001F50
+	"\x03\xc5\x03\x14\x00\x00\x1fQ" + // 0x03C50314: 0x00001F51
+	"\x1fP\x03\x00\x00\x00\x1fR" + // 0x1F500300: 0x00001F52
+	"\x1fQ\x03\x00\x00\x00\x1fS" + // 0x1F510300: 0x00001F53
+	"\x1fP\x03\x01\x00\x00\x1fT" + // 0x1F500301: 0x00001F54
+	"\x1fQ\x03\x01\x00\x00\x1fU" + // 0x1F510301: 0x00001F55
+	"\x1fP\x03B\x00\x00\x1fV" + // 0x1F500342: 0x00001F56
+	"\x1fQ\x03B\x00\x00\x1fW" + // 0x1F510342: 0x00001F57
+	"\x03\xa5\x03\x14\x00\x00\x1fY" + // 0x03A50314: 0x00001F59
+	"\x1fY\x03\x00\x00\x00\x1f[" + // 0x1F590300: 0x00001F5B
+	"\x1fY\x03\x01\x00\x00\x1f]" + // 0x1F590301: 0x00001F5D
+	"\x1fY\x03B\x00\x00\x1f_" + // 0x1F590342: 0x00001F5F
+	"\x03\xc9\x03\x13\x00\x00\x1f`" + // 0x03C90313: 0x00001F60
+	"\x03\xc9\x03\x14\x00\x00\x1fa" + // 0x03C90314: 0x00001F61
+	"\x1f`\x03\x00\x00\x00\x1fb" + // 0x1F600300: 0x00001F62
+	"\x1fa\x03\x00\x00\x00\x1fc" + // 0x1F610300: 0x00001F63
+	"\x1f`\x03\x01\x00\x00\x1fd" + // 0x1F600301: 0x00001F64
+	"\x1fa\x03\x01\x00\x00\x1fe" + // 0x1F610301: 0x00001F65
+	"\x1f`\x03B\x00\x00\x1ff" + // 0x1F600342: 0x00001F66
+	"\x1fa\x03B\x00\x00\x1fg" + // 0x1F610342: 0x00001F67
+	"\x03\xa9\x03\x13\x00\x00\x1fh" + // 0x03A90313: 0x00001F68
+	"\x03\xa9\x03\x14\x00\x00\x1fi" + // 0x03A90314: 0x00001F69
+	"\x1fh\x03\x00\x00\x00\x1fj" + // 0x1F680300: 0x00001F6A
+	"\x1fi\x03\x00\x00\x00\x1fk" + // 0x1F690300: 0x00001F6B
+	"\x1fh\x03\x01\x00\x00\x1fl" + // 0x1F680301: 0x00001F6C
+	"\x1fi\x03\x01\x00\x00\x1fm" + // 0x1F690301: 0x00001F6D
+	"\x1fh\x03B\x00\x00\x1fn" + // 0x1F680342: 0x00001F6E
+	"\x1fi\x03B\x00\x00\x1fo" + // 0x1F690342: 0x00001F6F
+	"\x03\xb1\x03\x00\x00\x00\x1fp" + // 0x03B10300: 0x00001F70
+	"\x03\xb5\x03\x00\x00\x00\x1fr" + // 0x03B50300: 0x00001F72
+	"\x03\xb7\x03\x00\x00\x00\x1ft" + // 0x03B70300: 0x00001F74
+	"\x03\xb9\x03\x00\x00\x00\x1fv" + // 0x03B90300: 0x00001F76
+	"\x03\xbf\x03\x00\x00\x00\x1fx" + // 0x03BF0300: 0x00001F78
+	"\x03\xc5\x03\x00\x00\x00\x1fz" + // 0x03C50300: 0x00001F7A
+	"\x03\xc9\x03\x00\x00\x00\x1f|" + // 0x03C90300: 0x00001F7C
+	"\x1f\x00\x03E\x00\x00\x1f\x80" + // 0x1F000345: 0x00001F80
+	"\x1f\x01\x03E\x00\x00\x1f\x81" + // 0x1F010345: 0x00001F81
+	"\x1f\x02\x03E\x00\x00\x1f\x82" + // 0x1F020345: 0x00001F82
+	"\x1f\x03\x03E\x00\x00\x1f\x83" + // 0x1F030345: 0x00001F83
+	"\x1f\x04\x03E\x00\x00\x1f\x84" + // 0x1F040345: 0x00001F84
+	"\x1f\x05\x03E\x00\x00\x1f\x85" + // 0x1F050345: 0x00001F85
+	"\x1f\x06\x03E\x00\x00\x1f\x86" + // 0x1F060345: 0x00001F86
+	"\x1f\a\x03E\x00\x00\x1f\x87" + // 0x1F070345: 0x00001F87
+	"\x1f\b\x03E\x00\x00\x1f\x88" + // 0x1F080345: 0x00001F88
+	"\x1f\t\x03E\x00\x00\x1f\x89" + // 0x1F090345: 0x00001F89
+	"\x1f\n\x03E\x00\x00\x1f\x8a" + // 0x1F0A0345: 0x00001F8A
+	"\x1f\v\x03E\x00\x00\x1f\x8b" + // 0x1F0B0345: 0x00001F8B
+	"\x1f\f\x03E\x00\x00\x1f\x8c" + // 0x1F0C0345: 0x00001F8C
+	"\x1f\r\x03E\x00\x00\x1f\x8d" + // 0x1F0D0345: 0x00001F8D
+	"\x1f\x0e\x03E\x00\x00\x1f\x8e" + // 0x1F0E0345: 0x00001F8E
+	"\x1f\x0f\x03E\x00\x00\x1f\x8f" + // 0x1F0F0345: 0x00001F8F
+	"\x1f \x03E\x00\x00\x1f\x90" + // 0x1F200345: 0x00001F90
+	"\x1f!\x03E\x00\x00\x1f\x91" + // 0x1F210345: 0x00001F91
+	"\x1f\"\x03E\x00\x00\x1f\x92" + // 0x1F220345: 0x00001F92
+	"\x1f#\x03E\x00\x00\x1f\x93" + // 0x1F230345: 0x00001F93
+	"\x1f$\x03E\x00\x00\x1f\x94" + // 0x1F240345: 0x00001F94
+	"\x1f%\x03E\x00\x00\x1f\x95" + // 0x1F250345: 0x00001F95
+	"\x1f&\x03E\x00\x00\x1f\x96" + // 0x1F260345: 0x00001F96
+	"\x1f'\x03E\x00\x00\x1f\x97" + // 0x1F270345: 0x00001F97
+	"\x1f(\x03E\x00\x00\x1f\x98" + // 0x1F280345: 0x00001F98
+	"\x1f)\x03E\x00\x00\x1f\x99" + // 0x1F290345: 0x00001F99
+	"\x1f*\x03E\x00\x00\x1f\x9a" + // 0x1F2A0345: 0x00001F9A
+	"\x1f+\x03E\x00\x00\x1f\x9b" + // 0x1F2B0345: 0x00001F9B
+	"\x1f,\x03E\x00\x00\x1f\x9c" + // 0x1F2C0345: 0x00001F9C
+	"\x1f-\x03E\x00\x00\x1f\x9d" + // 0x1F2D0345: 0x00001F9D
+	"\x1f.\x03E\x00\x00\x1f\x9e" + // 0x1F2E0345: 0x00001F9E
+	"\x1f/\x03E\x00\x00\x1f\x9f" + // 0x1F2F0345: 0x00001F9F
+	"\x1f`\x03E\x00\x00\x1f\xa0" + // 0x1F600345: 0x00001FA0
+	"\x1fa\x03E\x00\x00\x1f\xa1" + // 0x1F610345: 0x00001FA1
+	"\x1fb\x03E\x00\x00\x1f\xa2" + // 0x1F620345: 0x00001FA2
+	"\x1fc\x03E\x00\x00\x1f\xa3" + // 0x1F630345: 0x00001FA3
+	"\x1fd\x03E\x00\x00\x1f\xa4" + // 0x1F640345: 0x00001FA4
+	"\x1fe\x03E\x00\x00\x1f\xa5" + // 0x1F650345: 0x00001FA5
+	"\x1ff\x03E\x00\x00\x1f\xa6" + // 0x1F660345: 0x00001FA6
+	"\x1fg\x03E\x00\x00\x1f\xa7" + // 0x1F670345: 0x00001FA7
+	"\x1fh\x03E\x00\x00\x1f\xa8" + // 0x1F680345: 0x00001FA8
+	"\x1fi\x03E\x00\x00\x1f\xa9" + // 0x1F690345: 0x00001FA9
+	"\x1fj\x03E\x00\x00\x1f\xaa" + // 0x1F6A0345: 0x00001FAA
+	"\x1fk\x03E\x00\x00\x1f\xab" + // 0x1F6B0345: 0x00001FAB
+	"\x1fl\x03E\x00\x00\x1f\xac" + // 0x1F6C0345: 0x00001FAC
+	"\x1fm\x03E\x00\x00\x1f\xad" + // 0x1F6D0345: 0x00001FAD
+	"\x1fn\x03E\x00\x00\x1f\xae" + // 0x1F6E0345: 0x00001FAE
+	"\x1fo\x03E\x00\x00\x1f\xaf" + // 0x1F6F0345: 0x00001FAF
+	"\x03\xb1\x03\x06\x00\x00\x1f\xb0" + // 0x03B10306: 0x00001FB0
+	"\x03\xb1\x03\x04\x00\x00\x1f\xb1" + // 0x03B10304: 0x00001FB1
+	"\x1fp\x03E\x00\x00\x1f\xb2" + // 0x1F700345: 0x00001FB2
+	"\x03\xb1\x03E\x00\x00\x1f\xb3" + // 0x03B10345: 0x00001FB3
+	"\x03\xac\x03E\x00\x00\x1f\xb4" + // 0x03AC0345: 0x00001FB4
+	"\x03\xb1\x03B\x00\x00\x1f\xb6" + // 0x03B10342: 0x00001FB6
+	"\x1f\xb6\x03E\x00\x00\x1f\xb7" + // 0x1FB60345: 0x00001FB7
+	"\x03\x91\x03\x06\x00\x00\x1f\xb8" + // 0x03910306: 0x00001FB8
+	"\x03\x91\x03\x04\x00\x00\x1f\xb9" + // 0x03910304: 0x00001FB9
+	"\x03\x91\x03\x00\x00\x00\x1f\xba" + // 0x03910300: 0x00001FBA
+	"\x03\x91\x03E\x00\x00\x1f\xbc" + // 0x03910345: 0x00001FBC
+	"\x00\xa8\x03B\x00\x00\x1f\xc1" + // 0x00A80342: 0x00001FC1
+	"\x1ft\x03E\x00\x00\x1f\xc2" + // 0x1F740345: 0x00001FC2
+	"\x03\xb7\x03E\x00\x00\x1f\xc3" + // 0x03B70345: 0x00001FC3
+	"\x03\xae\x03E\x00\x00\x1f\xc4" + // 0x03AE0345: 0x00001FC4
+	"\x03\xb7\x03B\x00\x00\x1f\xc6" + // 0x03B70342: 0x00001FC6
+	"\x1f\xc6\x03E\x00\x00\x1f\xc7" + // 0x1FC60345: 0x00001FC7
+	"\x03\x95\x03\x00\x00\x00\x1f\xc8" + // 0x03950300: 0x00001FC8
+	"\x03\x97\x03\x00\x00\x00\x1f\xca" + // 0x03970300: 0x00001FCA
+	"\x03\x97\x03E\x00\x00\x1f\xcc" + // 0x03970345: 0x00001FCC
+	"\x1f\xbf\x03\x00\x00\x00\x1f\xcd" + // 0x1FBF0300: 0x00001FCD
+	"\x1f\xbf\x03\x01\x00\x00\x1f\xce" + // 0x1FBF0301: 0x00001FCE
+	"\x1f\xbf\x03B\x00\x00\x1f\xcf" + // 0x1FBF0342: 0x00001FCF
+	"\x03\xb9\x03\x06\x00\x00\x1f\xd0" + // 0x03B90306: 0x00001FD0
+	"\x03\xb9\x03\x04\x00\x00\x1f\xd1" + // 0x03B90304: 0x00001FD1
+	"\x03\xca\x03\x00\x00\x00\x1f\xd2" + // 0x03CA0300: 0x00001FD2
+	"\x03\xb9\x03B\x00\x00\x1f\xd6" + // 0x03B90342: 0x00001FD6
+	"\x03\xca\x03B\x00\x00\x1f\xd7" + // 0x03CA0342: 0x00001FD7
+	"\x03\x99\x03\x06\x00\x00\x1f\xd8" + // 0x03990306: 0x00001FD8
+	"\x03\x99\x03\x04\x00\x00\x1f\xd9" + // 0x03990304: 0x00001FD9
+	"\x03\x99\x03\x00\x00\x00\x1f\xda" + // 0x03990300: 0x00001FDA
+	"\x1f\xfe\x03\x00\x00\x00\x1f\xdd" + // 0x1FFE0300: 0x00001FDD
+	"\x1f\xfe\x03\x01\x00\x00\x1f\xde" + // 0x1FFE0301: 0x00001FDE
+	"\x1f\xfe\x03B\x00\x00\x1f\xdf" + // 0x1FFE0342: 0x00001FDF
+	"\x03\xc5\x03\x06\x00\x00\x1f\xe0" + // 0x03C50306: 0x00001FE0
+	"\x03\xc5\x03\x04\x00\x00\x1f\xe1" + // 0x03C50304: 0x00001FE1
+	"\x03\xcb\x03\x00\x00\x00\x1f\xe2" + // 0x03CB0300: 0x00001FE2
+	"\x03\xc1\x03\x13\x00\x00\x1f\xe4" + // 0x03C10313: 0x00001FE4
+	"\x03\xc1\x03\x14\x00\x00\x1f\xe5" + // 0x03C10314: 0x00001FE5
+	"\x03\xc5\x03B\x00\x00\x1f\xe6" + // 0x03C50342: 0x00001FE6
+	"\x03\xcb\x03B\x00\x00\x1f\xe7" + // 0x03CB0342: 0x00001FE7
+	"\x03\xa5\x03\x06\x00\x00\x1f\xe8" + // 0x03A50306: 0x00001FE8
+	"\x03\xa5\x03\x04\x00\x00\x1f\xe9" + // 0x03A50304: 0x00001FE9
+	"\x03\xa5\x03\x00\x00\x00\x1f\xea" + // 0x03A50300: 0x00001FEA
+	"\x03\xa1\x03\x14\x00\x00\x1f\xec" + // 0x03A10314: 0x00001FEC
+	"\x00\xa8\x03\x00\x00\x00\x1f\xed" + // 0x00A80300: 0x00001FED
+	"\x1f|\x03E\x00\x00\x1f\xf2" + // 0x1F7C0345: 0x00001FF2
+	"\x03\xc9\x03E\x00\x00\x1f\xf3" + // 0x03C90345: 0x00001FF3
+	"\x03\xce\x03E\x00\x00\x1f\xf4" + // 0x03CE0345: 0x00001FF4
+	"\x03\xc9\x03B\x00\x00\x1f\xf6" + // 0x03C90342: 0x00001FF6
+	"\x1f\xf6\x03E\x00\x00\x1f\xf7" + // 0x1FF60345: 0x00001FF7
+	"\x03\x9f\x03\x00\x00\x00\x1f\xf8" + // 0x039F0300: 0x00001FF8
+	"\x03\xa9\x03\x00\x00\x00\x1f\xfa" + // 0x03A90300: 0x00001FFA
+	"\x03\xa9\x03E\x00\x00\x1f\xfc" + // 0x03A90345: 0x00001FFC
+	"!\x90\x038\x00\x00!\x9a" + // 0x21900338: 0x0000219A
+	"!\x92\x038\x00\x00!\x9b" + // 0x21920338: 0x0000219B
+	"!\x94\x038\x00\x00!\xae" + // 0x21940338: 0x000021AE
+	"!\xd0\x038\x00\x00!\xcd" + // 0x21D00338: 0x000021CD
+	"!\xd4\x038\x00\x00!\xce" + // 0x21D40338: 0x000021CE
+	"!\xd2\x038\x00\x00!\xcf" + // 0x21D20338: 0x000021CF
+	"\"\x03\x038\x00\x00\"\x04" + // 0x22030338: 0x00002204
+	"\"\b\x038\x00\x00\"\t" + // 0x22080338: 0x00002209
+	"\"\v\x038\x00\x00\"\f" + // 0x220B0338: 0x0000220C
+	"\"#\x038\x00\x00\"$" + // 0x22230338: 0x00002224
+	"\"%\x038\x00\x00\"&" + // 0x22250338: 0x00002226
+	"\"<\x038\x00\x00\"A" + // 0x223C0338: 0x00002241
+	"\"C\x038\x00\x00\"D" + // 0x22430338: 0x00002244
+	"\"E\x038\x00\x00\"G" + // 0x22450338: 0x00002247
+	"\"H\x038\x00\x00\"I" + // 0x22480338: 0x00002249
+	"\x00=\x038\x00\x00\"`" + // 0x003D0338: 0x00002260
+	"\"a\x038\x00\x00\"b" + // 0x22610338: 0x00002262
+	"\"M\x038\x00\x00\"m" + // 0x224D0338: 0x0000226D
+	"\x00<\x038\x00\x00\"n" + // 0x003C0338: 0x0000226E
+	"\x00>\x038\x00\x00\"o" + // 0x003E0338: 0x0000226F
+	"\"d\x038\x00\x00\"p" + // 0x22640338: 0x00002270
+	"\"e\x038\x00\x00\"q" + // 0x22650338: 0x00002271
+	"\"r\x038\x00\x00\"t" + // 0x22720338: 0x00002274
+	"\"s\x038\x00\x00\"u" + // 0x22730338: 0x00002275
+	"\"v\x038\x00\x00\"x" + // 0x22760338: 0x00002278
+	"\"w\x038\x00\x00\"y" + // 0x22770338: 0x00002279
+	"\"z\x038\x00\x00\"\x80" + // 0x227A0338: 0x00002280
+	"\"{\x038\x00\x00\"\x81" + // 0x227B0338: 0x00002281
+	"\"\x82\x038\x00\x00\"\x84" + // 0x22820338: 0x00002284
+	"\"\x83\x038\x00\x00\"\x85" + // 0x22830338: 0x00002285
+	"\"\x86\x038\x00\x00\"\x88" + // 0x22860338: 0x00002288
+	"\"\x87\x038\x00\x00\"\x89" + // 0x22870338: 0x00002289
+	"\"\xa2\x038\x00\x00\"\xac" + // 0x22A20338: 0x000022AC
+	"\"\xa8\x038\x00\x00\"\xad" + // 0x22A80338: 0x000022AD
+	"\"\xa9\x038\x00\x00\"\xae" + // 0x22A90338: 0x000022AE
+	"\"\xab\x038\x00\x00\"\xaf" + // 0x22AB0338: 0x000022AF
+	"\"|\x038\x00\x00\"\xe0" + // 0x227C0338: 0x000022E0
+	"\"}\x038\x00\x00\"\xe1" + // 0x227D0338: 0x000022E1
+	"\"\x91\x038\x00\x00\"\xe2" + // 0x22910338: 0x000022E2
+	"\"\x92\x038\x00\x00\"\xe3" + // 0x22920338: 0x000022E3
+	"\"\xb2\x038\x00\x00\"\xea" + // 0x22B20338: 0x000022EA
+	"\"\xb3\x038\x00\x00\"\xeb" + // 0x22B30338: 0x000022EB
+	"\"\xb4\x038\x00\x00\"\xec" + // 0x22B40338: 0x000022EC
+	"\"\xb5\x038\x00\x00\"\xed" + // 0x22B50338: 0x000022ED
+	"0K0\x99\x00\x000L" + // 0x304B3099: 0x0000304C
+	"0M0\x99\x00\x000N" + // 0x304D3099: 0x0000304E
+	"0O0\x99\x00\x000P" + // 0x304F3099: 0x00003050
+	"0Q0\x99\x00\x000R" + // 0x30513099: 0x00003052
+	"0S0\x99\x00\x000T" + // 0x30533099: 0x00003054
+	"0U0\x99\x00\x000V" + // 0x30553099: 0x00003056
+	"0W0\x99\x00\x000X" + // 0x30573099: 0x00003058
+	"0Y0\x99\x00\x000Z" + // 0x30593099: 0x0000305A
+	"0[0\x99\x00\x000\\" + // 0x305B3099: 0x0000305C
+	"0]0\x99\x00\x000^" + // 0x305D3099: 0x0000305E
+	"0_0\x99\x00\x000`" + // 0x305F3099: 0x00003060
+	"0a0\x99\x00\x000b" + // 0x30613099: 0x00003062
+	"0d0\x99\x00\x000e" + // 0x30643099: 0x00003065
+	"0f0\x99\x00\x000g" + // 0x30663099: 0x00003067
+	"0h0\x99\x00\x000i" + // 0x30683099: 0x00003069
+	"0o0\x99\x00\x000p" + // 0x306F3099: 0x00003070
+	"0o0\x9a\x00\x000q" + // 0x306F309A: 0x00003071
+	"0r0\x99\x00\x000s" + // 0x30723099: 0x00003073
+	"0r0\x9a\x00\x000t" + // 0x3072309A: 0x00003074
+	"0u0\x99\x00\x000v" + // 0x30753099: 0x00003076
+	"0u0\x9a\x00\x000w" + // 0x3075309A: 0x00003077
+	"0x0\x99\x00\x000y" + // 0x30783099: 0x00003079
+	"0x0\x9a\x00\x000z" + // 0x3078309A: 0x0000307A
+	"0{0\x99\x00\x000|" + // 0x307B3099: 0x0000307C
+	"0{0\x9a\x00\x000}" + // 0x307B309A: 0x0000307D
+	"0F0\x99\x00\x000\x94" + // 0x30463099: 0x00003094
+	"0\x9d0\x99\x00\x000\x9e" + // 0x309D3099: 0x0000309E
+	"0\xab0\x99\x00\x000\xac" + // 0x30AB3099: 0x000030AC
+	"0\xad0\x99\x00\x000\xae" + // 0x30AD3099: 0x000030AE
+	"0\xaf0\x99\x00\x000\xb0" + // 0x30AF3099: 0x000030B0
+	"0\xb10\x99\x00\x000\xb2" + // 0x30B13099: 0x000030B2
+	"0\xb30\x99\x00\x000\xb4" + // 0x30B33099: 0x000030B4
+	"0\xb50\x99\x00\x000\xb6" + // 0x30B53099: 0x000030B6
+	"0\xb70\x99\x00\x000\xb8" + // 0x30B73099: 0x000030B8
+	"0\xb90\x99\x00\x000\xba" + // 0x30B93099: 0x000030BA
+	"0\xbb0\x99\x00\x000\xbc" + // 0x30BB3099: 0x000030BC
+	"0\xbd0\x99\x00\x000\xbe" + // 0x30BD3099: 0x000030BE
+	"0\xbf0\x99\x00\x000\xc0" + // 0x30BF3099: 0x000030C0
+	"0\xc10\x99\x00\x000\xc2" + // 0x30C13099: 0x000030C2
+	"0\xc40\x99\x00\x000\xc5" + // 0x30C43099: 0x000030C5
+	"0\xc60\x99\x00\x000\xc7" + // 0x30C63099: 0x000030C7
+	"0\xc80\x99\x00\x000\xc9" + // 0x30C83099: 0x000030C9
+	"0\xcf0\x99\x00\x000\xd0" + // 0x30CF3099: 0x000030D0
+	"0\xcf0\x9a\x00\x000\xd1" + // 0x30CF309A: 0x000030D1
+	"0\xd20\x99\x00\x000\xd3" + // 0x30D23099: 0x000030D3
+	"0\xd20\x9a\x00\x000\xd4" + // 0x30D2309A: 0x000030D4
+	"0\xd50\x99\x00\x000\xd6" + // 0x30D53099: 0x000030D6
+	"0\xd50\x9a\x00\x000\xd7" + // 0x30D5309A: 0x000030D7
+	"0\xd80\x99\x00\x000\xd9" + // 0x30D83099: 0x000030D9
+	"0\xd80\x9a\x00\x000\xda" + // 0x30D8309A: 0x000030DA
+	"0\xdb0\x99\x00\x000\xdc" + // 0x30DB3099: 0x000030DC
+	"0\xdb0\x9a\x00\x000\xdd" + // 0x30DB309A: 0x000030DD
+	"0\xa60\x99\x00\x000\xf4" + // 0x30A63099: 0x000030F4
+	"0\xef0\x99\x00\x000\xf7" + // 0x30EF3099: 0x000030F7
+	"0\xf00\x99\x00\x000\xf8" + // 0x30F03099: 0x000030F8
+	"0\xf10\x99\x00\x000\xf9" + // 0x30F13099: 0x000030F9
+	"0\xf20\x99\x00\x000\xfa" + // 0x30F23099: 0x000030FA
+	"0\xfd0\x99\x00\x000\xfe" + // 0x30FD3099: 0x000030FE
+	"\x10\x99\x10\xba\x00\x01\x10\x9a" + // 0x109910BA: 0x0001109A
+	"\x10\x9b\x10\xba\x00\x01\x10\x9c" + // 0x109B10BA: 0x0001109C
+	"\x10\xa5\x10\xba\x00\x01\x10\xab" + // 0x10A510BA: 0x000110AB
+	"\x111\x11'\x00\x01\x11." + // 0x11311127: 0x0001112E
+	"\x112\x11'\x00\x01\x11/" + // 0x11321127: 0x0001112F
+	"\x13G\x13>\x00\x01\x13K" + // 0x1347133E: 0x0001134B
+	"\x13G\x13W\x00\x01\x13L" + // 0x13471357: 0x0001134C
+	"\x14\xb9\x14\xba\x00\x01\x14\xbb" + // 0x14B914BA: 0x000114BB
+	"\x14\xb9\x14\xb0\x00\x01\x14\xbc" + // 0x14B914B0: 0x000114BC
+	"\x14\xb9\x14\xbd\x00\x01\x14\xbe" + // 0x14B914BD: 0x000114BE
+	"\x15\xb8\x15\xaf\x00\x01\x15\xba" + // 0x15B815AF: 0x000115BA
+	"\x15\xb9\x15\xaf\x00\x01\x15\xbb" + // 0x15B915AF: 0x000115BB
+	"\x195\x190\x00\x01\x198" + // 0x19351930: 0x00011938
+	""
+	// Total size of tables: 56KB (57068 bytes)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index c281d0ee4..262ac0bf8 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -135,7 +135,7 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.10.0
+# golang.org/x/crypto v0.12.0
 ## explicit; go 1.17
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
@@ -157,13 +157,13 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 ## explicit; go 1.17
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.9.0
+# golang.org/x/sys v0.11.0
 ## explicit; go 1.17
 golang.org/x/sys/cpu
 golang.org/x/sys/internal/unsafeheader
 golang.org/x/sys/unix
 golang.org/x/sys/windows
-# golang.org/x/text v0.10.0
+# golang.org/x/text v0.12.0
 ## explicit; go 1.17
 golang.org/x/text/secure/bidirule
 golang.org/x/text/transform

From b97dedebea9d54de82a681a3da3b5a4c58a08a55 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 Sep 2023 03:16:43 +0000
Subject: [PATCH 36/73] build(deps): bump golang.org/x/crypto from 0.12.0 to
 0.13.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.12.0 to 0.13.0.
- [Commits](https://github.com/golang/crypto/compare/v0.12.0...v0.13.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |  6 ++---
 go.sum                                        | 14 +++++-----
 vendor/golang.org/x/sys/cpu/cpu.go            |  5 +++-
 vendor/golang.org/x/sys/cpu/cpu_x86.go        |  7 +++++
 vendor/golang.org/x/sys/unix/mkerrors.sh      |  1 +
 vendor/golang.org/x/sys/unix/syscall_linux.go | 23 ++++++++++++++++
 vendor/golang.org/x/sys/unix/syscall_unix.go  |  3 +++
 vendor/golang.org/x/sys/unix/zerrors_linux.go | 17 ++++++++++++
 .../golang.org/x/sys/unix/zsyscall_linux.go   | 20 ++++++++++++++
 vendor/golang.org/x/sys/unix/ztypes_linux.go  | 15 +++++++++++
 .../x/sys/windows/syscall_windows.go          | 11 +++++++-
 .../x/sys/windows/zsyscall_windows.go         | 26 +++++++++++++++----
 vendor/golang.org/x/text/unicode/norm/trie.go |  2 +-
 vendor/modules.txt                            |  6 ++---
 14 files changed, 135 insertions(+), 21 deletions(-)

diff --git a/go.mod b/go.mod
index 3fb497480..cd902bdfb 100644
--- a/go.mod
+++ b/go.mod
@@ -16,7 +16,7 @@ require (
 	github.com/prometheus/client_golang v1.16.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.12.0
+	golang.org/x/crypto v0.13.0
 )
 
 require (
@@ -36,8 +36,8 @@ require (
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/sys v0.11.0 // indirect
-	golang.org/x/text v0.12.0 // indirect
+	golang.org/x/sys v0.12.0 // indirect
+	golang.org/x/text v0.13.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
 )
diff --git a/go.sum b/go.sum
index 6fb23b2fb..daeb5d71b 100644
--- a/go.sum
+++ b/go.sum
@@ -388,8 +388,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
-golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
+golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
+golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -531,14 +531,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
-golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.11.0 h1:F9tnn/DA/Im8nCwm+fX+1/eBwi4qFjRT++MhtVC4ZX0=
+golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -549,8 +549,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
-golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
+golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
diff --git a/vendor/golang.org/x/sys/cpu/cpu.go b/vendor/golang.org/x/sys/cpu/cpu.go
index 83f112c4c..4756ad5f7 100644
--- a/vendor/golang.org/x/sys/cpu/cpu.go
+++ b/vendor/golang.org/x/sys/cpu/cpu.go
@@ -38,7 +38,7 @@ var X86 struct {
 	HasAVX512F          bool // Advanced vector extension 512 Foundation Instructions
 	HasAVX512CD         bool // Advanced vector extension 512 Conflict Detection Instructions
 	HasAVX512ER         bool // Advanced vector extension 512 Exponential and Reciprocal Instructions
-	HasAVX512PF         bool // Advanced vector extension 512 Prefetch Instructions Instructions
+	HasAVX512PF         bool // Advanced vector extension 512 Prefetch Instructions
 	HasAVX512VL         bool // Advanced vector extension 512 Vector Length Extensions
 	HasAVX512BW         bool // Advanced vector extension 512 Byte and Word Instructions
 	HasAVX512DQ         bool // Advanced vector extension 512 Doubleword and Quadword Instructions
@@ -54,6 +54,9 @@ var X86 struct {
 	HasAVX512VBMI2      bool // Advanced vector extension 512 Vector Byte Manipulation Instructions 2
 	HasAVX512BITALG     bool // Advanced vector extension 512 Bit Algorithms
 	HasAVX512BF16       bool // Advanced vector extension 512 BFloat16 Instructions
+	HasAMXTile          bool // Advanced Matrix Extension Tile instructions
+	HasAMXInt8          bool // Advanced Matrix Extension Int8 instructions
+	HasAMXBF16          bool // Advanced Matrix Extension BFloat16 instructions
 	HasBMI1             bool // Bit manipulation instruction set 1
 	HasBMI2             bool // Bit manipulation instruction set 2
 	HasCX16             bool // Compare and exchange 16 Bytes
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.go b/vendor/golang.org/x/sys/cpu/cpu_x86.go
index f5aacfc82..2dcde8285 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.go
@@ -37,6 +37,9 @@ func initOptions() {
 		{Name: "avx512vbmi2", Feature: &X86.HasAVX512VBMI2},
 		{Name: "avx512bitalg", Feature: &X86.HasAVX512BITALG},
 		{Name: "avx512bf16", Feature: &X86.HasAVX512BF16},
+		{Name: "amxtile", Feature: &X86.HasAMXTile},
+		{Name: "amxint8", Feature: &X86.HasAMXInt8},
+		{Name: "amxbf16", Feature: &X86.HasAMXBF16},
 		{Name: "bmi1", Feature: &X86.HasBMI1},
 		{Name: "bmi2", Feature: &X86.HasBMI2},
 		{Name: "cx16", Feature: &X86.HasCX16},
@@ -138,6 +141,10 @@ func archInit() {
 		eax71, _, _, _ := cpuid(7, 1)
 		X86.HasAVX512BF16 = isSet(5, eax71)
 	}
+
+	X86.HasAMXTile = isSet(24, edx7)
+	X86.HasAMXInt8 = isSet(25, edx7)
+	X86.HasAMXBF16 = isSet(22, edx7)
 }
 
 func isSet(bitpos uint, value uint32) bool {
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index 8f775fafa..47fa6a7eb 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -583,6 +583,7 @@ ccflags="$@"
 		$2 ~ /^PERF_/ ||
 		$2 ~ /^SECCOMP_MODE_/ ||
 		$2 ~ /^SEEK_/ ||
+		$2 ~ /^SCHED_/ ||
 		$2 ~ /^SPLICE_/ ||
 		$2 ~ /^SYNC_FILE_RANGE_/ ||
 		$2 !~ /IOC_MAGIC/ &&
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index a730878e4..0ba030197 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -2471,6 +2471,29 @@ func Pselect(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timespec, sigmask *
 	return pselect6(nfd, r, w, e, mutableTimeout, kernelMask)
 }
 
+//sys	schedSetattr(pid int, attr *SchedAttr, flags uint) (err error)
+//sys	schedGetattr(pid int, attr *SchedAttr, size uint, flags uint) (err error)
+
+// SchedSetAttr is a wrapper for sched_setattr(2) syscall.
+// https://man7.org/linux/man-pages/man2/sched_setattr.2.html
+func SchedSetAttr(pid int, attr *SchedAttr, flags uint) error {
+	if attr == nil {
+		return EINVAL
+	}
+	attr.Size = SizeofSchedAttr
+	return schedSetattr(pid, attr, flags)
+}
+
+// SchedGetAttr is a wrapper for sched_getattr(2) syscall.
+// https://man7.org/linux/man-pages/man2/sched_getattr.2.html
+func SchedGetAttr(pid int, flags uint) (*SchedAttr, error) {
+	attr := &SchedAttr{}
+	if err := schedGetattr(pid, attr, SizeofSchedAttr, flags); err != nil {
+		return nil, err
+	}
+	return attr, nil
+}
+
 /*
  * Unimplemented
  */
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix.go b/vendor/golang.org/x/sys/unix/syscall_unix.go
index 8bb30e7ce..f6eda2705 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix.go
@@ -549,6 +549,9 @@ func SetNonblock(fd int, nonblocking bool) (err error) {
 	if err != nil {
 		return err
 	}
+	if (flag&O_NONBLOCK != 0) == nonblocking {
+		return nil
+	}
 	if nonblocking {
 		flag |= O_NONBLOCK
 	} else {
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index 3784f402e..0787a043b 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -2821,6 +2821,23 @@ const (
 	RWF_SUPPORTED                               = 0x1f
 	RWF_SYNC                                    = 0x4
 	RWF_WRITE_LIFE_NOT_SET                      = 0x0
+	SCHED_BATCH                                 = 0x3
+	SCHED_DEADLINE                              = 0x6
+	SCHED_FIFO                                  = 0x1
+	SCHED_FLAG_ALL                              = 0x7f
+	SCHED_FLAG_DL_OVERRUN                       = 0x4
+	SCHED_FLAG_KEEP_ALL                         = 0x18
+	SCHED_FLAG_KEEP_PARAMS                      = 0x10
+	SCHED_FLAG_KEEP_POLICY                      = 0x8
+	SCHED_FLAG_RECLAIM                          = 0x2
+	SCHED_FLAG_RESET_ON_FORK                    = 0x1
+	SCHED_FLAG_UTIL_CLAMP                       = 0x60
+	SCHED_FLAG_UTIL_CLAMP_MAX                   = 0x40
+	SCHED_FLAG_UTIL_CLAMP_MIN                   = 0x20
+	SCHED_IDLE                                  = 0x5
+	SCHED_NORMAL                                = 0x0
+	SCHED_RESET_ON_FORK                         = 0x40000000
+	SCHED_RR                                    = 0x2
 	SCM_CREDENTIALS                             = 0x2
 	SCM_RIGHTS                                  = 0x1
 	SCM_TIMESTAMP                               = 0x1d
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index a07321bed..14ab34a56 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -2197,3 +2197,23 @@ func getresgid(rgid *_C_int, egid *_C_int, sgid *_C_int) {
 	RawSyscallNoError(SYS_GETRESGID, uintptr(unsafe.Pointer(rgid)), uintptr(unsafe.Pointer(egid)), uintptr(unsafe.Pointer(sgid)))
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func schedSetattr(pid int, attr *SchedAttr, flags uint) (err error) {
+	_, _, e1 := Syscall(SYS_SCHED_SETATTR, uintptr(pid), uintptr(unsafe.Pointer(attr)), uintptr(flags))
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func schedGetattr(pid int, attr *SchedAttr, size uint, flags uint) (err error) {
+	_, _, e1 := Syscall6(SYS_SCHED_GETATTR, uintptr(pid), uintptr(unsafe.Pointer(attr)), uintptr(size), uintptr(flags), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 26ef52aaf..494493c78 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -5868,3 +5868,18 @@ const (
 	VIRTIO_NET_HDR_GSO_UDP_L4 = 0x5
 	VIRTIO_NET_HDR_GSO_ECN    = 0x80
 )
+
+type SchedAttr struct {
+	Size     uint32
+	Policy   uint32
+	Flags    uint64
+	Nice     int32
+	Priority uint32
+	Runtime  uint64
+	Deadline uint64
+	Period   uint64
+	Util_min uint32
+	Util_max uint32
+}
+
+const SizeofSchedAttr = 0x38
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 373d16388..67bad0926 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -216,7 +216,7 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	shGetKnownFolderPath(id *KNOWNFOLDERID, flags uint32, token Token, path **uint16) (ret error) = shell32.SHGetKnownFolderPath
 //sys	TerminateProcess(handle Handle, exitcode uint32) (err error)
 //sys	GetExitCodeProcess(handle Handle, exitcode *uint32) (err error)
-//sys	GetStartupInfo(startupInfo *StartupInfo) (err error) = GetStartupInfoW
+//sys	getStartupInfo(startupInfo *StartupInfo) = GetStartupInfoW
 //sys	GetProcessTimes(handle Handle, creationTime *Filetime, exitTime *Filetime, kernelTime *Filetime, userTime *Filetime) (err error)
 //sys	DuplicateHandle(hSourceProcessHandle Handle, hSourceHandle Handle, hTargetProcessHandle Handle, lpTargetHandle *Handle, dwDesiredAccess uint32, bInheritHandle bool, dwOptions uint32) (err error)
 //sys	WaitForSingleObject(handle Handle, waitMilliseconds uint32) (event uint32, err error) [failretval==0xffffffff]
@@ -437,6 +437,10 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	DwmGetWindowAttribute(hwnd HWND, attribute uint32, value unsafe.Pointer, size uint32) (ret error) = dwmapi.DwmGetWindowAttribute
 //sys	DwmSetWindowAttribute(hwnd HWND, attribute uint32, value unsafe.Pointer, size uint32) (ret error) = dwmapi.DwmSetWindowAttribute
 
+// Windows Multimedia API
+//sys TimeBeginPeriod (period uint32) (err error) [failretval != 0] = winmm.timeBeginPeriod
+//sys TimeEndPeriod (period uint32) (err error) [failretval != 0] = winmm.timeEndPeriod
+
 // syscall interface implementation for other packages
 
 // GetCurrentProcess returns the handle for the current process.
@@ -1624,6 +1628,11 @@ func SetConsoleCursorPosition(console Handle, position Coord) error {
 	return setConsoleCursorPosition(console, *((*uint32)(unsafe.Pointer(&position))))
 }
 
+func GetStartupInfo(startupInfo *StartupInfo) error {
+	getStartupInfo(startupInfo)
+	return nil
+}
+
 func (s NTStatus) Errno() syscall.Errno {
 	return rtlNtStatusToDosErrorNoTeb(s)
 }
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index 566dd3e31..5c385580f 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -55,6 +55,7 @@ var (
 	moduser32   = NewLazySystemDLL("user32.dll")
 	moduserenv  = NewLazySystemDLL("userenv.dll")
 	modversion  = NewLazySystemDLL("version.dll")
+	modwinmm    = NewLazySystemDLL("winmm.dll")
 	modwintrust = NewLazySystemDLL("wintrust.dll")
 	modws2_32   = NewLazySystemDLL("ws2_32.dll")
 	modwtsapi32 = NewLazySystemDLL("wtsapi32.dll")
@@ -468,6 +469,8 @@ var (
 	procGetFileVersionInfoSizeW                              = modversion.NewProc("GetFileVersionInfoSizeW")
 	procGetFileVersionInfoW                                  = modversion.NewProc("GetFileVersionInfoW")
 	procVerQueryValueW                                       = modversion.NewProc("VerQueryValueW")
+	proctimeBeginPeriod                                      = modwinmm.NewProc("timeBeginPeriod")
+	proctimeEndPeriod                                        = modwinmm.NewProc("timeEndPeriod")
 	procWinVerifyTrustEx                                     = modwintrust.NewProc("WinVerifyTrustEx")
 	procFreeAddrInfoW                                        = modws2_32.NewProc("FreeAddrInfoW")
 	procGetAddrInfoW                                         = modws2_32.NewProc("GetAddrInfoW")
@@ -2367,11 +2370,8 @@ func GetShortPathName(longpath *uint16, shortpath *uint16, buflen uint32) (n uin
 	return
 }
 
-func GetStartupInfo(startupInfo *StartupInfo) (err error) {
-	r1, _, e1 := syscall.Syscall(procGetStartupInfoW.Addr(), 1, uintptr(unsafe.Pointer(startupInfo)), 0, 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
+func getStartupInfo(startupInfo *StartupInfo) {
+	syscall.Syscall(procGetStartupInfoW.Addr(), 1, uintptr(unsafe.Pointer(startupInfo)), 0, 0)
 	return
 }
 
@@ -4017,6 +4017,22 @@ func _VerQueryValue(block unsafe.Pointer, subBlock *uint16, pointerToBufferPoint
 	return
 }
 
+func TimeBeginPeriod(period uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(proctimeBeginPeriod.Addr(), 1, uintptr(period), 0, 0)
+	if r1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func TimeEndPeriod(period uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(proctimeEndPeriod.Addr(), 1, uintptr(period), 0, 0)
+	if r1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func WinVerifyTrustEx(hwnd HWND, actionId *GUID, data *WinTrustData) (ret error) {
 	r0, _, _ := syscall.Syscall(procWinVerifyTrustEx.Addr(), 3, uintptr(hwnd), uintptr(unsafe.Pointer(actionId)), uintptr(unsafe.Pointer(data)))
 	if r0 != 0 {
diff --git a/vendor/golang.org/x/text/unicode/norm/trie.go b/vendor/golang.org/x/text/unicode/norm/trie.go
index 423386bf4..e4250ae22 100644
--- a/vendor/golang.org/x/text/unicode/norm/trie.go
+++ b/vendor/golang.org/x/text/unicode/norm/trie.go
@@ -29,7 +29,7 @@ var (
 	nfkcData = newNfkcTrie(0)
 )
 
-// lookupValue determines the type of block n and looks up the value for b.
+// lookup determines the type of block n and looks up the value for b.
 // For n < t.cutoff, the block is a simple lookup table. Otherwise, the block
 // is a list of ranges with an accompanying value. Given a matching range r,
 // the value for b is by r.value + (b - r.lo) * stride.
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 262ac0bf8..38e6d2786 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -135,7 +135,7 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.12.0
+# golang.org/x/crypto v0.13.0
 ## explicit; go 1.17
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
@@ -157,13 +157,13 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 ## explicit; go 1.17
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.11.0
+# golang.org/x/sys v0.12.0
 ## explicit; go 1.17
 golang.org/x/sys/cpu
 golang.org/x/sys/internal/unsafeheader
 golang.org/x/sys/unix
 golang.org/x/sys/windows
-# golang.org/x/text v0.12.0
+# golang.org/x/text v0.13.0
 ## explicit; go 1.17
 golang.org/x/text/secure/bidirule
 golang.org/x/text/transform

From ff634d9286b18ee029df67a5c98a5734841752a7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 Sep 2023 03:21:13 +0000
Subject: [PATCH 37/73] build(deps): bump actions/checkout from 3 to 4

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/docker-builds.yml | 2 +-
 .github/workflows/go.yml            | 4 ++--
 .github/workflows/snapshot.yml      | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/docker-builds.yml b/.github/workflows/docker-builds.yml
index d1d1d35cf..fd8d99f92 100644
--- a/.github/workflows/docker-builds.yml
+++ b/.github/workflows/docker-builds.yml
@@ -28,7 +28,7 @@ jobs:
             image: cfssl/cfssl
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 8f85e0d9d..d5556fc22 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -50,7 +50,7 @@ jobs:
       - run: psql -c 'create database certdb_development;' -U postgres;
       - run: mysql -e 'create database certdb_development;' -u root;
       - run: mysql -e 'SET global sql_mode = 0;' -u root;
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Set up Go
         uses: actions/setup-go@v4
@@ -73,6 +73,6 @@ jobs:
       - uses: actions/setup-go@v4
         with:
           go-version: 1.18
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v3
diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml
index 505e5433a..26678505f 100644
--- a/.github/workflows/snapshot.yml
+++ b/.github/workflows/snapshot.yml
@@ -9,7 +9,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - run: make snapshot
       - name: Archive snapshot artifacts
         uses: actions/upload-artifact@v3

From c448632ddc31c64aaa58de9af1e917d6c1ecfbf5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 03:05:39 +0000
Subject: [PATCH 38/73] build(deps): bump docker/metadata-action from 4 to 5

Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](https://github.com/docker/metadata-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/docker-builds.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-builds.yml b/.github/workflows/docker-builds.yml
index fd8d99f92..6b629b5b0 100644
--- a/.github/workflows/docker-builds.yml
+++ b/.github/workflows/docker-builds.yml
@@ -46,7 +46,7 @@ jobs:
           password: ${{ secrets[matrix.password_secret] }}
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
           images: ${{ matrix.image }}
       - name: Build and push

From 47aa9b7a670c11494f446a43579a03465254a0e2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 03:05:41 +0000
Subject: [PATCH 39/73] build(deps): bump docker/build-push-action from 4 to 5

Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/docker-builds.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-builds.yml b/.github/workflows/docker-builds.yml
index fd8d99f92..3958467b6 100644
--- a/.github/workflows/docker-builds.yml
+++ b/.github/workflows/docker-builds.yml
@@ -50,7 +50,7 @@ jobs:
         with:
           images: ${{ matrix.image }}
       - name: Build and push
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           context: .
           platforms: linux/amd64,linux/arm64,linux/s390x

From 4452a0e701d728794e9fd2c24712d09e629238c4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 03:05:43 +0000
Subject: [PATCH 40/73] build(deps): bump docker/login-action from 2 to 3

Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/docker-builds.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-builds.yml b/.github/workflows/docker-builds.yml
index fd8d99f92..1a3416303 100644
--- a/.github/workflows/docker-builds.yml
+++ b/.github/workflows/docker-builds.yml
@@ -39,7 +39,7 @@ jobs:
         uses: docker/setup-buildx-action@v2
 
       - name: Log in to the Docker hub
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ${{ matrix.registry }}
           username: ${{ matrix.username }}

From 4adaa6a86572f2f1f93de5a47c3208fa830165c9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 03:05:46 +0000
Subject: [PATCH 41/73] build(deps): bump docker/setup-qemu-action from 2 to 3

Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/docker-builds.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-builds.yml b/.github/workflows/docker-builds.yml
index fd8d99f92..592af84b5 100644
--- a/.github/workflows/docker-builds.yml
+++ b/.github/workflows/docker-builds.yml
@@ -33,7 +33,7 @@ jobs:
           fetch-depth: 0
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v2

From 8a40f98bf2b97e591da41d73e7f8f27eeae0a1b7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 15:13:52 +0000
Subject: [PATCH 42/73] build(deps): bump docker/setup-buildx-action from 2 to
 3

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/docker-builds.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/docker-builds.yml b/.github/workflows/docker-builds.yml
index aab7ef4e9..4e4e98def 100644
--- a/.github/workflows/docker-builds.yml
+++ b/.github/workflows/docker-builds.yml
@@ -36,7 +36,7 @@ jobs:
         uses: docker/setup-qemu-action@v3
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Log in to the Docker hub
         uses: docker/login-action@v3

From 33c9f300d59c122b1861ea1bc72efb2f10f51f93 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Oct 2023 03:16:01 +0000
Subject: [PATCH 43/73] build(deps): bump golang.org/x/crypto from 0.13.0 to
 0.14.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.13.0 to 0.14.0.
- [Commits](https://github.com/golang/crypto/compare/v0.13.0...v0.14.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |   4 +-
 go.sum                                        |  10 +-
 .../x/crypto/chacha20/chacha_arm64.go         |   4 +-
 .../x/crypto/chacha20/chacha_arm64.s          |   4 +-
 .../x/crypto/chacha20/chacha_noasm.go         |   4 +-
 .../golang.org/x/crypto/cryptobyte/builder.go |   5 +
 .../golang.org/x/crypto/cryptobyte/string.go  |  11 +
 vendor/golang.org/x/crypto/ssh/certs.go       |  38 +-
 vendor/golang.org/x/crypto/ssh/client_auth.go |  96 +++--
 vendor/golang.org/x/crypto/ssh/doc.go         |   1 +
 vendor/golang.org/x/crypto/ssh/handshake.go   |  44 +-
 vendor/golang.org/x/crypto/ssh/keys.go        | 376 +++++++++++++++---
 vendor/golang.org/x/crypto/ssh/messages.go    |  14 +
 vendor/golang.org/x/crypto/ssh/mux.go         |   6 +
 vendor/golang.org/x/crypto/ssh/server.go      |  11 +-
 vendor/golang.org/x/sys/cpu/cpu_riscv64.go    |   2 +-
 vendor/golang.org/x/sys/cpu/hwcap_linux.go    |   4 +-
 .../sys/internal/unsafeheader/unsafeheader.go |  30 --
 vendor/golang.org/x/sys/unix/ptrace_darwin.go |   6 -
 vendor/golang.org/x/sys/unix/ptrace_ios.go    |   6 -
 vendor/golang.org/x/sys/unix/syscall_aix.go   |   2 -
 .../golang.org/x/sys/unix/syscall_darwin.go   | 186 ---------
 .../x/sys/unix/syscall_darwin_amd64.go        |   1 -
 .../x/sys/unix/syscall_darwin_arm64.go        |   1 -
 .../x/sys/unix/syscall_dragonfly.go           | 198 ---------
 .../golang.org/x/sys/unix/syscall_freebsd.go  | 192 ---------
 vendor/golang.org/x/sys/unix/syscall_linux.go | 115 +-----
 .../golang.org/x/sys/unix/syscall_netbsd.go   | 261 ------------
 .../golang.org/x/sys/unix/syscall_openbsd.go  |  74 ----
 .../golang.org/x/sys/unix/syscall_solaris.go  |  18 -
 .../x/sys/unix/syscall_zos_s390x.go           |   1 -
 vendor/golang.org/x/sys/unix/zerrors_linux.go |   9 +
 .../x/sys/unix/zerrors_linux_386.go           |   2 +
 .../x/sys/unix/zerrors_linux_amd64.go         |   2 +
 .../x/sys/unix/zerrors_linux_arm.go           |   2 +
 .../x/sys/unix/zerrors_linux_arm64.go         |   2 +
 .../x/sys/unix/zerrors_linux_loong64.go       |   4 +
 .../x/sys/unix/zerrors_linux_mips.go          |   2 +
 .../x/sys/unix/zerrors_linux_mips64.go        |   2 +
 .../x/sys/unix/zerrors_linux_mips64le.go      |   2 +
 .../x/sys/unix/zerrors_linux_mipsle.go        |   2 +
 .../x/sys/unix/zerrors_linux_ppc.go           |   2 +
 .../x/sys/unix/zerrors_linux_ppc64.go         |   2 +
 .../x/sys/unix/zerrors_linux_ppc64le.go       |   2 +
 .../x/sys/unix/zerrors_linux_riscv64.go       |   2 +
 .../x/sys/unix/zerrors_linux_s390x.go         |   2 +
 .../x/sys/unix/zerrors_linux_sparc64.go       |   2 +
 .../golang.org/x/sys/unix/zsyscall_aix_ppc.go |  22 -
 .../x/sys/unix/zsyscall_aix_ppc64.go          |  22 -
 .../x/sys/unix/zsyscall_darwin_amd64.go       |  40 +-
 .../x/sys/unix/zsyscall_darwin_amd64.s        | 149 -------
 .../x/sys/unix/zsyscall_darwin_arm64.go       |  40 +-
 .../x/sys/unix/zsyscall_darwin_arm64.s        | 149 -------
 .../x/sys/unix/zsyscall_dragonfly_amd64.go    |  22 -
 .../x/sys/unix/zsyscall_freebsd_386.go        |  22 -
 .../x/sys/unix/zsyscall_freebsd_amd64.go      |  22 -
 .../x/sys/unix/zsyscall_freebsd_arm.go        |  22 -
 .../x/sys/unix/zsyscall_freebsd_arm64.go      |  22 -
 .../x/sys/unix/zsyscall_freebsd_riscv64.go    |  22 -
 .../x/sys/unix/zsyscall_illumos_amd64.go      |  10 +-
 .../golang.org/x/sys/unix/zsyscall_linux.go   |  22 -
 .../x/sys/unix/zsyscall_netbsd_386.go         |  22 -
 .../x/sys/unix/zsyscall_netbsd_amd64.go       |  22 -
 .../x/sys/unix/zsyscall_netbsd_arm.go         |  22 -
 .../x/sys/unix/zsyscall_netbsd_arm64.go       |  22 -
 .../x/sys/unix/zsyscall_openbsd_386.go        |  32 +-
 .../x/sys/unix/zsyscall_openbsd_amd64.go      |  22 -
 .../x/sys/unix/zsyscall_openbsd_arm.go        |  32 +-
 .../x/sys/unix/zsyscall_openbsd_arm64.go      |  32 +-
 .../x/sys/unix/zsyscall_openbsd_mips64.go     |  32 +-
 .../x/sys/unix/zsyscall_openbsd_ppc64.go      |  32 +-
 .../x/sys/unix/zsyscall_openbsd_riscv64.go    |  32 +-
 .../x/sys/unix/zsyscall_solaris_amd64.go      | 256 ++++++------
 .../x/sys/unix/zsyscall_zos_s390x.go          |  11 -
 .../x/sys/unix/zsysnum_linux_386.go           |   1 +
 .../x/sys/unix/zsysnum_linux_amd64.go         |   1 +
 .../x/sys/unix/zsysnum_linux_arm.go           |   1 +
 .../x/sys/unix/zsysnum_linux_arm64.go         |   1 +
 .../x/sys/unix/zsysnum_linux_loong64.go       |   1 +
 .../x/sys/unix/zsysnum_linux_mips.go          |   1 +
 .../x/sys/unix/zsysnum_linux_mips64.go        |   1 +
 .../x/sys/unix/zsysnum_linux_mips64le.go      |   1 +
 .../x/sys/unix/zsysnum_linux_mipsle.go        |   1 +
 .../x/sys/unix/zsysnum_linux_ppc.go           |   1 +
 .../x/sys/unix/zsysnum_linux_ppc64.go         |   1 +
 .../x/sys/unix/zsysnum_linux_ppc64le.go       |   1 +
 .../x/sys/unix/zsysnum_linux_riscv64.go       |   1 +
 .../x/sys/unix/zsysnum_linux_s390x.go         |   1 +
 .../x/sys/unix/zsysnum_linux_sparc64.go       |   1 +
 vendor/golang.org/x/sys/unix/ztypes_linux.go  |   8 +-
 .../x/sys/unix/ztypes_linux_riscv64.go        |   4 +
 .../golang.org/x/sys/windows/exec_windows.go  |  89 ++++-
 .../x/sys/windows/security_windows.go         |  21 +-
 .../x/sys/windows/syscall_windows.go          |  42 +-
 .../golang.org/x/sys/windows/types_windows.go |   7 +
 .../x/sys/windows/zsyscall_windows.go         |  28 +-
 vendor/modules.txt                            |   5 +-
 97 files changed, 902 insertions(+), 2238 deletions(-)
 delete mode 100644 vendor/golang.org/x/sys/internal/unsafeheader/unsafeheader.go

diff --git a/go.mod b/go.mod
index cd902bdfb..038f50cb2 100644
--- a/go.mod
+++ b/go.mod
@@ -16,7 +16,7 @@ require (
 	github.com/prometheus/client_golang v1.16.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.13.0
+	golang.org/x/crypto v0.14.0
 )
 
 require (
@@ -36,7 +36,7 @@ require (
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.10.0 // indirect
-	golang.org/x/sys v0.12.0 // indirect
+	golang.org/x/sys v0.13.0 // indirect
 	golang.org/x/text v0.13.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
diff --git a/go.sum b/go.sum
index daeb5d71b..b0dfb5d7e 100644
--- a/go.sum
+++ b/go.sum
@@ -388,8 +388,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
-golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
+golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
+golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -531,14 +531,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
-golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
+golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU=
+golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.go b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.go
index 94c71ac1a..5dfacbb98 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build go1.11 && gc && !purego
-// +build go1.11,gc,!purego
+//go:build gc && !purego
+// +build gc,!purego
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s
index 63cae9e6f..f1f66230d 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build go1.11 && gc && !purego
-// +build go1.11,gc,!purego
+//go:build gc && !purego
+// +build gc,!purego
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
index 025b49897..02ff3d05e 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build (!arm64 && !s390x && !ppc64le) || (arm64 && !go1.11) || !gc || purego
-// +build !arm64,!s390x,!ppc64le arm64,!go1.11 !gc purego
+//go:build (!arm64 && !s390x && !ppc64le) || !gc || purego
+// +build !arm64,!s390x,!ppc64le !gc purego
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/cryptobyte/builder.go b/vendor/golang.org/x/crypto/cryptobyte/builder.go
index c05ac7d16..cf254f5f1 100644
--- a/vendor/golang.org/x/crypto/cryptobyte/builder.go
+++ b/vendor/golang.org/x/crypto/cryptobyte/builder.go
@@ -95,6 +95,11 @@ func (b *Builder) AddUint32(v uint32) {
 	b.add(byte(v>>24), byte(v>>16), byte(v>>8), byte(v))
 }
 
+// AddUint48 appends a big-endian, 48-bit value to the byte string.
+func (b *Builder) AddUint48(v uint64) {
+	b.add(byte(v>>40), byte(v>>32), byte(v>>24), byte(v>>16), byte(v>>8), byte(v))
+}
+
 // AddUint64 appends a big-endian, 64-bit value to the byte string.
 func (b *Builder) AddUint64(v uint64) {
 	b.add(byte(v>>56), byte(v>>48), byte(v>>40), byte(v>>32), byte(v>>24), byte(v>>16), byte(v>>8), byte(v))
diff --git a/vendor/golang.org/x/crypto/cryptobyte/string.go b/vendor/golang.org/x/crypto/cryptobyte/string.go
index 0531a3d6f..10692a8a3 100644
--- a/vendor/golang.org/x/crypto/cryptobyte/string.go
+++ b/vendor/golang.org/x/crypto/cryptobyte/string.go
@@ -81,6 +81,17 @@ func (s *String) ReadUint32(out *uint32) bool {
 	return true
 }
 
+// ReadUint48 decodes a big-endian, 48-bit value into out and advances over it.
+// It reports whether the read was successful.
+func (s *String) ReadUint48(out *uint64) bool {
+	v := s.read(6)
+	if v == nil {
+		return false
+	}
+	*out = uint64(v[0])<<40 | uint64(v[1])<<32 | uint64(v[2])<<24 | uint64(v[3])<<16 | uint64(v[4])<<8 | uint64(v[5])
+	return true
+}
+
 // ReadUint64 decodes a big-endian, 64-bit value into out and advances over it.
 // It reports whether the read was successful.
 func (s *String) ReadUint64(out *uint64) bool {
diff --git a/vendor/golang.org/x/crypto/ssh/certs.go b/vendor/golang.org/x/crypto/ssh/certs.go
index fc04d03e1..27d0e14aa 100644
--- a/vendor/golang.org/x/crypto/ssh/certs.go
+++ b/vendor/golang.org/x/crypto/ssh/certs.go
@@ -16,8 +16,9 @@ import (
 
 // Certificate algorithm names from [PROTOCOL.certkeys]. These values can appear
 // in Certificate.Type, PublicKey.Type, and ClientConfig.HostKeyAlgorithms.
-// Unlike key algorithm names, these are not passed to AlgorithmSigner and don't
-// appear in the Signature.Format field.
+// Unlike key algorithm names, these are not passed to AlgorithmSigner nor
+// returned by MultiAlgorithmSigner and don't appear in the Signature.Format
+// field.
 const (
 	CertAlgoRSAv01        = "ssh-rsa-cert-v01@openssh.com"
 	CertAlgoDSAv01        = "ssh-dss-cert-v01@openssh.com"
@@ -255,10 +256,17 @@ func NewCertSigner(cert *Certificate, signer Signer) (Signer, error) {
 		return nil, errors.New("ssh: signer and cert have different public key")
 	}
 
-	if algorithmSigner, ok := signer.(AlgorithmSigner); ok {
+	switch s := signer.(type) {
+	case MultiAlgorithmSigner:
+		return &multiAlgorithmSigner{
+			AlgorithmSigner: &algorithmOpenSSHCertSigner{
+				&openSSHCertSigner{cert, signer}, s},
+			supportedAlgorithms: s.Algorithms(),
+		}, nil
+	case AlgorithmSigner:
 		return &algorithmOpenSSHCertSigner{
-			&openSSHCertSigner{cert, signer}, algorithmSigner}, nil
-	} else {
+			&openSSHCertSigner{cert, signer}, s}, nil
+	default:
 		return &openSSHCertSigner{cert, signer}, nil
 	}
 }
@@ -432,7 +440,9 @@ func (c *CertChecker) CheckCert(principal string, cert *Certificate) error {
 }
 
 // SignCert signs the certificate with an authority, setting the Nonce,
-// SignatureKey, and Signature fields.
+// SignatureKey, and Signature fields. If the authority implements the
+// MultiAlgorithmSigner interface the first algorithm in the list is used. This
+// is useful if you want to sign with a specific algorithm.
 func (c *Certificate) SignCert(rand io.Reader, authority Signer) error {
 	c.Nonce = make([]byte, 32)
 	if _, err := io.ReadFull(rand, c.Nonce); err != nil {
@@ -440,8 +450,20 @@ func (c *Certificate) SignCert(rand io.Reader, authority Signer) error {
 	}
 	c.SignatureKey = authority.PublicKey()
 
-	// Default to KeyAlgoRSASHA512 for ssh-rsa signers.
-	if v, ok := authority.(AlgorithmSigner); ok && v.PublicKey().Type() == KeyAlgoRSA {
+	if v, ok := authority.(MultiAlgorithmSigner); ok {
+		if len(v.Algorithms()) == 0 {
+			return errors.New("the provided authority has no signature algorithm")
+		}
+		// Use the first algorithm in the list.
+		sig, err := v.SignWithAlgorithm(rand, c.bytesForSigning(), v.Algorithms()[0])
+		if err != nil {
+			return err
+		}
+		c.Signature = sig
+		return nil
+	} else if v, ok := authority.(AlgorithmSigner); ok && v.PublicKey().Type() == KeyAlgoRSA {
+		// Default to KeyAlgoRSASHA512 for ssh-rsa signers.
+		// TODO: consider using KeyAlgoRSASHA256 as default.
 		sig, err := v.SignWithAlgorithm(rand, c.bytesForSigning(), KeyAlgoRSASHA512)
 		if err != nil {
 			return err
diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go
index 409b5ea1d..5c3bc2572 100644
--- a/vendor/golang.org/x/crypto/ssh/client_auth.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth.go
@@ -71,7 +71,9 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
 	for auth := AuthMethod(new(noneAuth)); auth != nil; {
 		ok, methods, err := auth.auth(sessionID, config.User, c.transport, config.Rand, extensions)
 		if err != nil {
-			return err
+			// We return the error later if there is no other method left to
+			// try.
+			ok = authFailure
 		}
 		if ok == authSuccess {
 			// success
@@ -101,6 +103,12 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
 				}
 			}
 		}
+
+		if auth == nil && err != nil {
+			// We have an error and there are no other authentication methods to
+			// try, so we return it.
+			return err
+		}
 	}
 	return fmt.Errorf("ssh: unable to authenticate, attempted methods %v, no supported methods remain", tried)
 }
@@ -217,21 +225,45 @@ func (cb publicKeyCallback) method() string {
 	return "publickey"
 }
 
-func pickSignatureAlgorithm(signer Signer, extensions map[string][]byte) (as AlgorithmSigner, algo string) {
+func pickSignatureAlgorithm(signer Signer, extensions map[string][]byte) (MultiAlgorithmSigner, string, error) {
+	var as MultiAlgorithmSigner
 	keyFormat := signer.PublicKey().Type()
 
-	// Like in sendKexInit, if the public key implements AlgorithmSigner we
-	// assume it supports all algorithms, otherwise only the key format one.
-	as, ok := signer.(AlgorithmSigner)
-	if !ok {
-		return algorithmSignerWrapper{signer}, keyFormat
+	// If the signer implements MultiAlgorithmSigner we use the algorithms it
+	// support, if it implements AlgorithmSigner we assume it supports all
+	// algorithms, otherwise only the key format one.
+	switch s := signer.(type) {
+	case MultiAlgorithmSigner:
+		as = s
+	case AlgorithmSigner:
+		as = &multiAlgorithmSigner{
+			AlgorithmSigner:     s,
+			supportedAlgorithms: algorithmsForKeyFormat(underlyingAlgo(keyFormat)),
+		}
+	default:
+		as = &multiAlgorithmSigner{
+			AlgorithmSigner:     algorithmSignerWrapper{signer},
+			supportedAlgorithms: []string{underlyingAlgo(keyFormat)},
+		}
+	}
+
+	getFallbackAlgo := func() (string, error) {
+		// Fallback to use if there is no "server-sig-algs" extension or a
+		// common algorithm cannot be found. We use the public key format if the
+		// MultiAlgorithmSigner supports it, otherwise we return an error.
+		if !contains(as.Algorithms(), underlyingAlgo(keyFormat)) {
+			return "", fmt.Errorf("ssh: no common public key signature algorithm, server only supports %q for key type %q, signer only supports %v",
+				underlyingAlgo(keyFormat), keyFormat, as.Algorithms())
+		}
+		return keyFormat, nil
 	}
 
 	extPayload, ok := extensions["server-sig-algs"]
 	if !ok {
-		// If there is no "server-sig-algs" extension, fall back to the key
-		// format algorithm.
-		return as, keyFormat
+		// If there is no "server-sig-algs" extension use the fallback
+		// algorithm.
+		algo, err := getFallbackAlgo()
+		return as, algo, err
 	}
 
 	// The server-sig-algs extension only carries underlying signature
@@ -245,15 +277,22 @@ func pickSignatureAlgorithm(signer Signer, extensions map[string][]byte) (as Alg
 		}
 	}
 
-	keyAlgos := algorithmsForKeyFormat(keyFormat)
+	// Filter algorithms based on those supported by MultiAlgorithmSigner.
+	var keyAlgos []string
+	for _, algo := range algorithmsForKeyFormat(keyFormat) {
+		if contains(as.Algorithms(), underlyingAlgo(algo)) {
+			keyAlgos = append(keyAlgos, algo)
+		}
+	}
+
 	algo, err := findCommon("public key signature algorithm", keyAlgos, serverAlgos)
 	if err != nil {
-		// If there is no overlap, try the key anyway with the key format
-		// algorithm, to support servers that fail to list all supported
-		// algorithms.
-		return as, keyFormat
+		// If there is no overlap, return the fallback algorithm to support
+		// servers that fail to list all supported algorithms.
+		algo, err := getFallbackAlgo()
+		return as, algo, err
 	}
-	return as, algo
+	return as, algo, nil
 }
 
 func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand io.Reader, extensions map[string][]byte) (authResult, []string, error) {
@@ -267,10 +306,17 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
 		return authFailure, nil, err
 	}
 	var methods []string
+	var errSigAlgo error
 	for _, signer := range signers {
 		pub := signer.PublicKey()
-		as, algo := pickSignatureAlgorithm(signer, extensions)
-
+		as, algo, err := pickSignatureAlgorithm(signer, extensions)
+		if err != nil && errSigAlgo == nil {
+			// If we cannot negotiate a signature algorithm store the first
+			// error so we can return it to provide a more meaningful message if
+			// no other signers work.
+			errSigAlgo = err
+			continue
+		}
 		ok, err := validateKey(pub, algo, user, c)
 		if err != nil {
 			return authFailure, nil, err
@@ -317,22 +363,12 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
 		// contain the "publickey" method, do not attempt to authenticate with any
 		// other keys.  According to RFC 4252 Section 7, the latter can occur when
 		// additional authentication methods are required.
-		if success == authSuccess || !containsMethod(methods, cb.method()) {
+		if success == authSuccess || !contains(methods, cb.method()) {
 			return success, methods, err
 		}
 	}
 
-	return authFailure, methods, nil
-}
-
-func containsMethod(methods []string, method string) bool {
-	for _, m := range methods {
-		if m == method {
-			return true
-		}
-	}
-
-	return false
+	return authFailure, methods, errSigAlgo
 }
 
 // validateKey validates the key provided is acceptable to the server.
diff --git a/vendor/golang.org/x/crypto/ssh/doc.go b/vendor/golang.org/x/crypto/ssh/doc.go
index f6bff60dc..edbe63340 100644
--- a/vendor/golang.org/x/crypto/ssh/doc.go
+++ b/vendor/golang.org/x/crypto/ssh/doc.go
@@ -13,6 +13,7 @@ others.
 
 References:
 
+	[PROTOCOL]: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL?rev=HEAD
 	[PROTOCOL.certkeys]: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD
 	[SSH-PARAMETERS]:    http://www.iana.org/assignments/ssh-parameters/ssh-parameters.xml#ssh-parameters-1
 
diff --git a/vendor/golang.org/x/crypto/ssh/handshake.go b/vendor/golang.org/x/crypto/ssh/handshake.go
index 07a1843e0..70a7369ff 100644
--- a/vendor/golang.org/x/crypto/ssh/handshake.go
+++ b/vendor/golang.org/x/crypto/ssh/handshake.go
@@ -461,19 +461,24 @@ func (t *handshakeTransport) sendKexInit() error {
 	isServer := len(t.hostKeys) > 0
 	if isServer {
 		for _, k := range t.hostKeys {
-			// If k is an AlgorithmSigner, presume it supports all signature algorithms
-			// associated with the key format. (Ideally AlgorithmSigner would have a
-			// method to advertise supported algorithms, but it doesn't. This means that
-			// adding support for a new algorithm is a breaking change, as we will
-			// immediately negotiate it even if existing implementations don't support
-			// it. If that ever happens, we'll have to figure something out.)
-			// If k is not an AlgorithmSigner, we can only assume it only supports the
-			// algorithms that matches the key format. (This means that Sign can't pick
-			// a different default.)
+			// If k is a MultiAlgorithmSigner, we restrict the signature
+			// algorithms. If k is a AlgorithmSigner, presume it supports all
+			// signature algorithms associated with the key format. If k is not
+			// an AlgorithmSigner, we can only assume it only supports the
+			// algorithms that matches the key format. (This means that Sign
+			// can't pick a different default).
 			keyFormat := k.PublicKey().Type()
-			if _, ok := k.(AlgorithmSigner); ok {
+
+			switch s := k.(type) {
+			case MultiAlgorithmSigner:
+				for _, algo := range algorithmsForKeyFormat(keyFormat) {
+					if contains(s.Algorithms(), underlyingAlgo(algo)) {
+						msg.ServerHostKeyAlgos = append(msg.ServerHostKeyAlgos, algo)
+					}
+				}
+			case AlgorithmSigner:
 				msg.ServerHostKeyAlgos = append(msg.ServerHostKeyAlgos, algorithmsForKeyFormat(keyFormat)...)
-			} else {
+			default:
 				msg.ServerHostKeyAlgos = append(msg.ServerHostKeyAlgos, keyFormat)
 			}
 		}
@@ -642,16 +647,20 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 
 	// On the server side, after the first SSH_MSG_NEWKEYS, send a SSH_MSG_EXT_INFO
 	// message with the server-sig-algs extension if the client supports it. See
-	// RFC 8308, Sections 2.4 and 3.1.
+	// RFC 8308, Sections 2.4 and 3.1, and [PROTOCOL], Section 1.9.
 	if !isClient && firstKeyExchange && contains(clientInit.KexAlgos, "ext-info-c") {
 		extInfo := &extInfoMsg{
-			NumExtensions: 1,
-			Payload:       make([]byte, 0, 4+15+4+len(supportedPubKeyAuthAlgosList)),
+			NumExtensions: 2,
+			Payload:       make([]byte, 0, 4+15+4+len(supportedPubKeyAuthAlgosList)+4+16+4+1),
 		}
 		extInfo.Payload = appendInt(extInfo.Payload, len("server-sig-algs"))
 		extInfo.Payload = append(extInfo.Payload, "server-sig-algs"...)
 		extInfo.Payload = appendInt(extInfo.Payload, len(supportedPubKeyAuthAlgosList))
 		extInfo.Payload = append(extInfo.Payload, supportedPubKeyAuthAlgosList...)
+		extInfo.Payload = appendInt(extInfo.Payload, len("ping@openssh.com"))
+		extInfo.Payload = append(extInfo.Payload, "ping@openssh.com"...)
+		extInfo.Payload = appendInt(extInfo.Payload, 1)
+		extInfo.Payload = append(extInfo.Payload, "0"...)
 		if err := t.conn.writePacket(Marshal(extInfo)); err != nil {
 			return err
 		}
@@ -685,9 +694,16 @@ func (a algorithmSignerWrapper) SignWithAlgorithm(rand io.Reader, data []byte, a
 
 func pickHostKey(hostKeys []Signer, algo string) AlgorithmSigner {
 	for _, k := range hostKeys {
+		if s, ok := k.(MultiAlgorithmSigner); ok {
+			if !contains(s.Algorithms(), underlyingAlgo(algo)) {
+				continue
+			}
+		}
+
 		if algo == k.PublicKey().Type() {
 			return algorithmSignerWrapper{k}
 		}
+
 		k, ok := k.(AlgorithmSigner)
 		if !ok {
 			continue
diff --git a/vendor/golang.org/x/crypto/ssh/keys.go b/vendor/golang.org/x/crypto/ssh/keys.go
index dac8ee724..ef1bad731 100644
--- a/vendor/golang.org/x/crypto/ssh/keys.go
+++ b/vendor/golang.org/x/crypto/ssh/keys.go
@@ -11,13 +11,16 @@ import (
 	"crypto/cipher"
 	"crypto/dsa"
 	"crypto/ecdsa"
+	"crypto/ed25519"
 	"crypto/elliptic"
 	"crypto/md5"
+	"crypto/rand"
 	"crypto/rsa"
 	"crypto/sha256"
 	"crypto/x509"
 	"encoding/asn1"
 	"encoding/base64"
+	"encoding/binary"
 	"encoding/hex"
 	"encoding/pem"
 	"errors"
@@ -26,7 +29,6 @@ import (
 	"math/big"
 	"strings"
 
-	"golang.org/x/crypto/ed25519"
 	"golang.org/x/crypto/ssh/internal/bcrypt_pbkdf"
 )
 
@@ -295,6 +297,18 @@ func MarshalAuthorizedKey(key PublicKey) []byte {
 	return b.Bytes()
 }
 
+// MarshalPrivateKey returns a PEM block with the private key serialized in the
+// OpenSSH format.
+func MarshalPrivateKey(key crypto.PrivateKey, comment string) (*pem.Block, error) {
+	return marshalOpenSSHPrivateKey(key, comment, unencryptedOpenSSHMarshaler)
+}
+
+// MarshalPrivateKeyWithPassphrase returns a PEM block holding the encrypted
+// private key serialized in the OpenSSH format.
+func MarshalPrivateKeyWithPassphrase(key crypto.PrivateKey, comment string, passphrase []byte) (*pem.Block, error) {
+	return marshalOpenSSHPrivateKey(key, comment, passphraseProtectedOpenSSHMarshaler(passphrase))
+}
+
 // PublicKey represents a public key using an unspecified algorithm.
 //
 // Some PublicKeys provided by this package also implement CryptoPublicKey.
@@ -321,7 +335,7 @@ type CryptoPublicKey interface {
 
 // A Signer can create signatures that verify against a public key.
 //
-// Some Signers provided by this package also implement AlgorithmSigner.
+// Some Signers provided by this package also implement MultiAlgorithmSigner.
 type Signer interface {
 	// PublicKey returns the associated PublicKey.
 	PublicKey() PublicKey
@@ -336,9 +350,9 @@ type Signer interface {
 // An AlgorithmSigner is a Signer that also supports specifying an algorithm to
 // use for signing.
 //
-// An AlgorithmSigner can't advertise the algorithms it supports, so it should
-// be prepared to be invoked with every algorithm supported by the public key
-// format.
+// An AlgorithmSigner can't advertise the algorithms it supports, unless it also
+// implements MultiAlgorithmSigner, so it should be prepared to be invoked with
+// every algorithm supported by the public key format.
 type AlgorithmSigner interface {
 	Signer
 
@@ -349,6 +363,75 @@ type AlgorithmSigner interface {
 	SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error)
 }
 
+// MultiAlgorithmSigner is an AlgorithmSigner that also reports the algorithms
+// supported by that signer.
+type MultiAlgorithmSigner interface {
+	AlgorithmSigner
+
+	// Algorithms returns the available algorithms in preference order. The list
+	// must not be empty, and it must not include certificate types.
+	Algorithms() []string
+}
+
+// NewSignerWithAlgorithms returns a signer restricted to the specified
+// algorithms. The algorithms must be set in preference order. The list must not
+// be empty, and it must not include certificate types. An error is returned if
+// the specified algorithms are incompatible with the public key type.
+func NewSignerWithAlgorithms(signer AlgorithmSigner, algorithms []string) (MultiAlgorithmSigner, error) {
+	if len(algorithms) == 0 {
+		return nil, errors.New("ssh: please specify at least one valid signing algorithm")
+	}
+	var signerAlgos []string
+	supportedAlgos := algorithmsForKeyFormat(underlyingAlgo(signer.PublicKey().Type()))
+	if s, ok := signer.(*multiAlgorithmSigner); ok {
+		signerAlgos = s.Algorithms()
+	} else {
+		signerAlgos = supportedAlgos
+	}
+
+	for _, algo := range algorithms {
+		if !contains(supportedAlgos, algo) {
+			return nil, fmt.Errorf("ssh: algorithm %q is not supported for key type %q",
+				algo, signer.PublicKey().Type())
+		}
+		if !contains(signerAlgos, algo) {
+			return nil, fmt.Errorf("ssh: algorithm %q is restricted for the provided signer", algo)
+		}
+	}
+	return &multiAlgorithmSigner{
+		AlgorithmSigner:     signer,
+		supportedAlgorithms: algorithms,
+	}, nil
+}
+
+type multiAlgorithmSigner struct {
+	AlgorithmSigner
+	supportedAlgorithms []string
+}
+
+func (s *multiAlgorithmSigner) Algorithms() []string {
+	return s.supportedAlgorithms
+}
+
+func (s *multiAlgorithmSigner) isAlgorithmSupported(algorithm string) bool {
+	if algorithm == "" {
+		algorithm = underlyingAlgo(s.PublicKey().Type())
+	}
+	for _, algo := range s.supportedAlgorithms {
+		if algorithm == algo {
+			return true
+		}
+	}
+	return false
+}
+
+func (s *multiAlgorithmSigner) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error) {
+	if !s.isAlgorithmSupported(algorithm) {
+		return nil, fmt.Errorf("ssh: algorithm %q is not supported: %v", algorithm, s.supportedAlgorithms)
+	}
+	return s.AlgorithmSigner.SignWithAlgorithm(rand, data, algorithm)
+}
+
 type rsaPublicKey rsa.PublicKey
 
 func (r *rsaPublicKey) Type() string {
@@ -512,6 +595,10 @@ func (k *dsaPrivateKey) Sign(rand io.Reader, data []byte) (*Signature, error) {
 	return k.SignWithAlgorithm(rand, data, k.PublicKey().Type())
 }
 
+func (k *dsaPrivateKey) Algorithms() []string {
+	return []string{k.PublicKey().Type()}
+}
+
 func (k *dsaPrivateKey) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error) {
 	if algorithm != "" && algorithm != k.PublicKey().Type() {
 		return nil, fmt.Errorf("ssh: unsupported signature algorithm %s", algorithm)
@@ -961,13 +1048,16 @@ func (s *wrappedSigner) Sign(rand io.Reader, data []byte) (*Signature, error) {
 	return s.SignWithAlgorithm(rand, data, s.pubKey.Type())
 }
 
+func (s *wrappedSigner) Algorithms() []string {
+	return algorithmsForKeyFormat(s.pubKey.Type())
+}
+
 func (s *wrappedSigner) SignWithAlgorithm(rand io.Reader, data []byte, algorithm string) (*Signature, error) {
 	if algorithm == "" {
 		algorithm = s.pubKey.Type()
 	}
 
-	supportedAlgos := algorithmsForKeyFormat(s.pubKey.Type())
-	if !contains(supportedAlgos, algorithm) {
+	if !contains(s.Algorithms(), algorithm) {
 		return nil, fmt.Errorf("ssh: unsupported signature algorithm %q for key format %q", algorithm, s.pubKey.Type())
 	}
 
@@ -1241,28 +1331,106 @@ func passphraseProtectedOpenSSHKey(passphrase []byte) openSSHDecryptFunc {
 	}
 }
 
+func unencryptedOpenSSHMarshaler(privKeyBlock []byte) ([]byte, string, string, string, error) {
+	key := generateOpenSSHPadding(privKeyBlock, 8)
+	return key, "none", "none", "", nil
+}
+
+func passphraseProtectedOpenSSHMarshaler(passphrase []byte) openSSHEncryptFunc {
+	return func(privKeyBlock []byte) ([]byte, string, string, string, error) {
+		salt := make([]byte, 16)
+		if _, err := rand.Read(salt); err != nil {
+			return nil, "", "", "", err
+		}
+
+		opts := struct {
+			Salt   []byte
+			Rounds uint32
+		}{salt, 16}
+
+		// Derive key to encrypt the private key block.
+		k, err := bcrypt_pbkdf.Key(passphrase, salt, int(opts.Rounds), 32+aes.BlockSize)
+		if err != nil {
+			return nil, "", "", "", err
+		}
+
+		// Add padding matching the block size of AES.
+		keyBlock := generateOpenSSHPadding(privKeyBlock, aes.BlockSize)
+
+		// Encrypt the private key using the derived secret.
+
+		dst := make([]byte, len(keyBlock))
+		key, iv := k[:32], k[32:]
+		block, err := aes.NewCipher(key)
+		if err != nil {
+			return nil, "", "", "", err
+		}
+
+		stream := cipher.NewCTR(block, iv)
+		stream.XORKeyStream(dst, keyBlock)
+
+		return dst, "aes256-ctr", "bcrypt", string(Marshal(opts)), nil
+	}
+}
+
+const privateKeyAuthMagic = "openssh-key-v1\x00"
+
 type openSSHDecryptFunc func(CipherName, KdfName, KdfOpts string, PrivKeyBlock []byte) ([]byte, error)
+type openSSHEncryptFunc func(PrivKeyBlock []byte) (ProtectedKeyBlock []byte, cipherName, kdfName, kdfOptions string, err error)
+
+type openSSHEncryptedPrivateKey struct {
+	CipherName   string
+	KdfName      string
+	KdfOpts      string
+	NumKeys      uint32
+	PubKey       []byte
+	PrivKeyBlock []byte
+}
+
+type openSSHPrivateKey struct {
+	Check1  uint32
+	Check2  uint32
+	Keytype string
+	Rest    []byte `ssh:"rest"`
+}
+
+type openSSHRSAPrivateKey struct {
+	N       *big.Int
+	E       *big.Int
+	D       *big.Int
+	Iqmp    *big.Int
+	P       *big.Int
+	Q       *big.Int
+	Comment string
+	Pad     []byte `ssh:"rest"`
+}
+
+type openSSHEd25519PrivateKey struct {
+	Pub     []byte
+	Priv    []byte
+	Comment string
+	Pad     []byte `ssh:"rest"`
+}
+
+type openSSHECDSAPrivateKey struct {
+	Curve   string
+	Pub     []byte
+	D       *big.Int
+	Comment string
+	Pad     []byte `ssh:"rest"`
+}
 
 // parseOpenSSHPrivateKey parses an OpenSSH private key, using the decrypt
 // function to unwrap the encrypted portion. unencryptedOpenSSHKey can be used
 // as the decrypt function to parse an unencrypted private key. See
 // https://github.com/openssh/openssh-portable/blob/master/PROTOCOL.key.
 func parseOpenSSHPrivateKey(key []byte, decrypt openSSHDecryptFunc) (crypto.PrivateKey, error) {
-	const magic = "openssh-key-v1\x00"
-	if len(key) < len(magic) || string(key[:len(magic)]) != magic {
+	if len(key) < len(privateKeyAuthMagic) || string(key[:len(privateKeyAuthMagic)]) != privateKeyAuthMagic {
 		return nil, errors.New("ssh: invalid openssh private key format")
 	}
-	remaining := key[len(magic):]
-
-	var w struct {
-		CipherName   string
-		KdfName      string
-		KdfOpts      string
-		NumKeys      uint32
-		PubKey       []byte
-		PrivKeyBlock []byte
-	}
+	remaining := key[len(privateKeyAuthMagic):]
 
+	var w openSSHEncryptedPrivateKey
 	if err := Unmarshal(remaining, &w); err != nil {
 		return nil, err
 	}
@@ -1284,13 +1452,7 @@ func parseOpenSSHPrivateKey(key []byte, decrypt openSSHDecryptFunc) (crypto.Priv
 		return nil, err
 	}
 
-	pk1 := struct {
-		Check1  uint32
-		Check2  uint32
-		Keytype string
-		Rest    []byte `ssh:"rest"`
-	}{}
-
+	var pk1 openSSHPrivateKey
 	if err := Unmarshal(privKeyBlock, &pk1); err != nil || pk1.Check1 != pk1.Check2 {
 		if w.CipherName != "none" {
 			return nil, x509.IncorrectPasswordError
@@ -1300,18 +1462,7 @@ func parseOpenSSHPrivateKey(key []byte, decrypt openSSHDecryptFunc) (crypto.Priv
 
 	switch pk1.Keytype {
 	case KeyAlgoRSA:
-		// https://github.com/openssh/openssh-portable/blob/master/sshkey.c#L2760-L2773
-		key := struct {
-			N       *big.Int
-			E       *big.Int
-			D       *big.Int
-			Iqmp    *big.Int
-			P       *big.Int
-			Q       *big.Int
-			Comment string
-			Pad     []byte `ssh:"rest"`
-		}{}
-
+		var key openSSHRSAPrivateKey
 		if err := Unmarshal(pk1.Rest, &key); err != nil {
 			return nil, err
 		}
@@ -1337,13 +1488,7 @@ func parseOpenSSHPrivateKey(key []byte, decrypt openSSHDecryptFunc) (crypto.Priv
 
 		return pk, nil
 	case KeyAlgoED25519:
-		key := struct {
-			Pub     []byte
-			Priv    []byte
-			Comment string
-			Pad     []byte `ssh:"rest"`
-		}{}
-
+		var key openSSHEd25519PrivateKey
 		if err := Unmarshal(pk1.Rest, &key); err != nil {
 			return nil, err
 		}
@@ -1360,14 +1505,7 @@ func parseOpenSSHPrivateKey(key []byte, decrypt openSSHDecryptFunc) (crypto.Priv
 		copy(pk, key.Priv)
 		return &pk, nil
 	case KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521:
-		key := struct {
-			Curve   string
-			Pub     []byte
-			D       *big.Int
-			Comment string
-			Pad     []byte `ssh:"rest"`
-		}{}
-
+		var key openSSHECDSAPrivateKey
 		if err := Unmarshal(pk1.Rest, &key); err != nil {
 			return nil, err
 		}
@@ -1415,6 +1553,131 @@ func parseOpenSSHPrivateKey(key []byte, decrypt openSSHDecryptFunc) (crypto.Priv
 	}
 }
 
+func marshalOpenSSHPrivateKey(key crypto.PrivateKey, comment string, encrypt openSSHEncryptFunc) (*pem.Block, error) {
+	var w openSSHEncryptedPrivateKey
+	var pk1 openSSHPrivateKey
+
+	// Random check bytes.
+	var check uint32
+	if err := binary.Read(rand.Reader, binary.BigEndian, &check); err != nil {
+		return nil, err
+	}
+
+	pk1.Check1 = check
+	pk1.Check2 = check
+	w.NumKeys = 1
+
+	// Use a []byte directly on ed25519 keys.
+	if k, ok := key.(*ed25519.PrivateKey); ok {
+		key = *k
+	}
+
+	switch k := key.(type) {
+	case *rsa.PrivateKey:
+		E := new(big.Int).SetInt64(int64(k.PublicKey.E))
+		// Marshal public key:
+		// E and N are in reversed order in the public and private key.
+		pubKey := struct {
+			KeyType string
+			E       *big.Int
+			N       *big.Int
+		}{
+			KeyAlgoRSA,
+			E, k.PublicKey.N,
+		}
+		w.PubKey = Marshal(pubKey)
+
+		// Marshal private key.
+		key := openSSHRSAPrivateKey{
+			N:       k.PublicKey.N,
+			E:       E,
+			D:       k.D,
+			Iqmp:    k.Precomputed.Qinv,
+			P:       k.Primes[0],
+			Q:       k.Primes[1],
+			Comment: comment,
+		}
+		pk1.Keytype = KeyAlgoRSA
+		pk1.Rest = Marshal(key)
+	case ed25519.PrivateKey:
+		pub := make([]byte, ed25519.PublicKeySize)
+		priv := make([]byte, ed25519.PrivateKeySize)
+		copy(pub, k[32:])
+		copy(priv, k)
+
+		// Marshal public key.
+		pubKey := struct {
+			KeyType string
+			Pub     []byte
+		}{
+			KeyAlgoED25519, pub,
+		}
+		w.PubKey = Marshal(pubKey)
+
+		// Marshal private key.
+		key := openSSHEd25519PrivateKey{
+			Pub:     pub,
+			Priv:    priv,
+			Comment: comment,
+		}
+		pk1.Keytype = KeyAlgoED25519
+		pk1.Rest = Marshal(key)
+	case *ecdsa.PrivateKey:
+		var curve, keyType string
+		switch name := k.Curve.Params().Name; name {
+		case "P-256":
+			curve = "nistp256"
+			keyType = KeyAlgoECDSA256
+		case "P-384":
+			curve = "nistp384"
+			keyType = KeyAlgoECDSA384
+		case "P-521":
+			curve = "nistp521"
+			keyType = KeyAlgoECDSA521
+		default:
+			return nil, errors.New("ssh: unhandled elliptic curve " + name)
+		}
+
+		pub := elliptic.Marshal(k.Curve, k.PublicKey.X, k.PublicKey.Y)
+
+		// Marshal public key.
+		pubKey := struct {
+			KeyType string
+			Curve   string
+			Pub     []byte
+		}{
+			keyType, curve, pub,
+		}
+		w.PubKey = Marshal(pubKey)
+
+		// Marshal private key.
+		key := openSSHECDSAPrivateKey{
+			Curve:   curve,
+			Pub:     pub,
+			D:       k.D,
+			Comment: comment,
+		}
+		pk1.Keytype = keyType
+		pk1.Rest = Marshal(key)
+	default:
+		return nil, fmt.Errorf("ssh: unsupported key type %T", k)
+	}
+
+	var err error
+	// Add padding and encrypt the key if necessary.
+	w.PrivKeyBlock, w.CipherName, w.KdfName, w.KdfOpts, err = encrypt(Marshal(pk1))
+	if err != nil {
+		return nil, err
+	}
+
+	b := Marshal(w)
+	block := &pem.Block{
+		Type:  "OPENSSH PRIVATE KEY",
+		Bytes: append([]byte(privateKeyAuthMagic), b...),
+	}
+	return block, nil
+}
+
 func checkOpenSSHKeyPadding(pad []byte) error {
 	for i, b := range pad {
 		if int(b) != i+1 {
@@ -1424,6 +1687,13 @@ func checkOpenSSHKeyPadding(pad []byte) error {
 	return nil
 }
 
+func generateOpenSSHPadding(block []byte, blockSize int) []byte {
+	for i, l := 0, len(block); (l+i)%blockSize != 0; i++ {
+		block = append(block, byte(i+1))
+	}
+	return block
+}
+
 // FingerprintLegacyMD5 returns the user presentation of the key's
 // fingerprint as described by RFC 4716 section 4.
 func FingerprintLegacyMD5(pubKey PublicKey) string {
diff --git a/vendor/golang.org/x/crypto/ssh/messages.go b/vendor/golang.org/x/crypto/ssh/messages.go
index 922032d95..b55f86056 100644
--- a/vendor/golang.org/x/crypto/ssh/messages.go
+++ b/vendor/golang.org/x/crypto/ssh/messages.go
@@ -349,6 +349,20 @@ type userAuthGSSAPIError struct {
 	LanguageTag string
 }
 
+// Transport layer OpenSSH extension. See [PROTOCOL], section 1.9
+const msgPing = 192
+
+type pingMsg struct {
+	Data string `sshtype:"192"`
+}
+
+// Transport layer OpenSSH extension. See [PROTOCOL], section 1.9
+const msgPong = 193
+
+type pongMsg struct {
+	Data string `sshtype:"193"`
+}
+
 // typeTags returns the possible type bytes for the given reflect.Type, which
 // should be a struct. The possible values are separated by a '|' character.
 func typeTags(structType reflect.Type) (tags []byte) {
diff --git a/vendor/golang.org/x/crypto/ssh/mux.go b/vendor/golang.org/x/crypto/ssh/mux.go
index 9654c0186..d2d24c635 100644
--- a/vendor/golang.org/x/crypto/ssh/mux.go
+++ b/vendor/golang.org/x/crypto/ssh/mux.go
@@ -231,6 +231,12 @@ func (m *mux) onePacket() error {
 		return m.handleChannelOpen(packet)
 	case msgGlobalRequest, msgRequestSuccess, msgRequestFailure:
 		return m.handleGlobalPacket(packet)
+	case msgPing:
+		var msg pingMsg
+		if err := Unmarshal(packet, &msg); err != nil {
+			return fmt.Errorf("failed to unmarshal ping@openssh.com message: %w", err)
+		}
+		return m.sendMessage(pongMsg(msg))
 	}
 
 	// assume a channel packet.
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index b21322aff..727c71b9c 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -576,7 +576,16 @@ userAuthLoop:
 				if !ok || len(payload) > 0 {
 					return nil, parseError(msgUserAuthRequest)
 				}
-
+				// Ensure the declared public key algo is compatible with the
+				// decoded one. This check will ensure we don't accept e.g.
+				// ssh-rsa-cert-v01@openssh.com algorithm with ssh-rsa public
+				// key type. The algorithm and public key type must be
+				// consistent: both must be certificate algorithms, or neither.
+				if !contains(algorithmsForKeyFormat(pubKey.Type()), algo) {
+					authErr = fmt.Errorf("ssh: public key type %q not compatible with selected algorithm %q",
+						pubKey.Type(), algo)
+					break
+				}
 				// Ensure the public key algo and signature algo
 				// are supported.  Compare the private key
 				// algorithm name that corresponds to algo with
diff --git a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
index bd6c128af..ff7da60eb 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
@@ -7,6 +7,6 @@
 
 package cpu
 
-const cacheLineSize = 32
+const cacheLineSize = 64
 
 func initOptions() {}
diff --git a/vendor/golang.org/x/sys/cpu/hwcap_linux.go b/vendor/golang.org/x/sys/cpu/hwcap_linux.go
index 1d9d91f3e..34e49f955 100644
--- a/vendor/golang.org/x/sys/cpu/hwcap_linux.go
+++ b/vendor/golang.org/x/sys/cpu/hwcap_linux.go
@@ -5,7 +5,7 @@
 package cpu
 
 import (
-	"io/ioutil"
+	"os"
 )
 
 const (
@@ -39,7 +39,7 @@ func readHWCAP() error {
 		return nil
 	}
 
-	buf, err := ioutil.ReadFile(procAuxv)
+	buf, err := os.ReadFile(procAuxv)
 	if err != nil {
 		// e.g. on android /proc/self/auxv is not accessible, so silently
 		// ignore the error and leave Initialized = false. On some
diff --git a/vendor/golang.org/x/sys/internal/unsafeheader/unsafeheader.go b/vendor/golang.org/x/sys/internal/unsafeheader/unsafeheader.go
deleted file mode 100644
index e07899b90..000000000
--- a/vendor/golang.org/x/sys/internal/unsafeheader/unsafeheader.go
+++ /dev/null
@@ -1,30 +0,0 @@
-// Copyright 2020 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package unsafeheader contains header declarations for the Go runtime's
-// slice and string implementations.
-//
-// This package allows x/sys to use types equivalent to
-// reflect.SliceHeader and reflect.StringHeader without introducing
-// a dependency on the (relatively heavy) "reflect" package.
-package unsafeheader
-
-import (
-	"unsafe"
-)
-
-// Slice is the runtime representation of a slice.
-// It cannot be used safely or portably and its representation may change in a later release.
-type Slice struct {
-	Data unsafe.Pointer
-	Len  int
-	Cap  int
-}
-
-// String is the runtime representation of a string.
-// It cannot be used safely or portably and its representation may change in a later release.
-type String struct {
-	Data unsafe.Pointer
-	Len  int
-}
diff --git a/vendor/golang.org/x/sys/unix/ptrace_darwin.go b/vendor/golang.org/x/sys/unix/ptrace_darwin.go
index 39dba6ca6..463c3eff7 100644
--- a/vendor/golang.org/x/sys/unix/ptrace_darwin.go
+++ b/vendor/golang.org/x/sys/unix/ptrace_darwin.go
@@ -7,12 +7,6 @@
 
 package unix
 
-import "unsafe"
-
 func ptrace(request int, pid int, addr uintptr, data uintptr) error {
 	return ptrace1(request, pid, addr, data)
 }
-
-func ptracePtr(request int, pid int, addr uintptr, data unsafe.Pointer) error {
-	return ptrace1Ptr(request, pid, addr, data)
-}
diff --git a/vendor/golang.org/x/sys/unix/ptrace_ios.go b/vendor/golang.org/x/sys/unix/ptrace_ios.go
index 9ea66330a..ed0509a01 100644
--- a/vendor/golang.org/x/sys/unix/ptrace_ios.go
+++ b/vendor/golang.org/x/sys/unix/ptrace_ios.go
@@ -7,12 +7,6 @@
 
 package unix
 
-import "unsafe"
-
 func ptrace(request int, pid int, addr uintptr, data uintptr) (err error) {
 	return ENOTSUP
 }
-
-func ptracePtr(request int, pid int, addr uintptr, data unsafe.Pointer) (err error) {
-	return ENOTSUP
-}
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix.go b/vendor/golang.org/x/sys/unix/syscall_aix.go
index 9a6e5acac..e94e6cdac 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix.go
@@ -487,8 +487,6 @@ func Fsync(fd int) error {
 //sys	Unlinkat(dirfd int, path string, flags int) (err error)
 //sys	Ustat(dev int, ubuf *Ustat_t) (err error)
 //sys	write(fd int, p []byte) (n int, err error)
-//sys	readlen(fd int, p *byte, np int) (n int, err error) = read
-//sys	writelen(fd int, p *byte, np int) (n int, err error) = write
 
 //sys	Dup2(oldfd int, newfd int) (err error)
 //sys	Fadvise(fd int, offset int64, length int64, advice int) (err error) = posix_fadvise64
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go
index 135cc3cd7..59542a897 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go
@@ -644,189 +644,3 @@ func SysctlKinfoProcSlice(name string, args ...int) ([]KinfoProc, error) {
 //sys	write(fd int, p []byte) (n int, err error)
 //sys	mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
 //sys	munmap(addr uintptr, length uintptr) (err error)
-//sys	readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
-//sys	writelen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_WRITE
-
-/*
- * Unimplemented
- */
-// Profil
-// Sigaction
-// Sigprocmask
-// Getlogin
-// Sigpending
-// Sigaltstack
-// Ioctl
-// Reboot
-// Execve
-// Vfork
-// Sbrk
-// Sstk
-// Ovadvise
-// Mincore
-// Setitimer
-// Swapon
-// Select
-// Sigsuspend
-// Readv
-// Writev
-// Nfssvc
-// Getfh
-// Quotactl
-// Csops
-// Waitid
-// Add_profil
-// Kdebug_trace
-// Sigreturn
-// Atsocket
-// Kqueue_from_portset_np
-// Kqueue_portset
-// Getattrlist
-// Getdirentriesattr
-// Searchfs
-// Delete
-// Copyfile
-// Watchevent
-// Waitevent
-// Modwatch
-// Fsctl
-// Initgroups
-// Posix_spawn
-// Nfsclnt
-// Fhopen
-// Minherit
-// Semsys
-// Msgsys
-// Shmsys
-// Semctl
-// Semget
-// Semop
-// Msgctl
-// Msgget
-// Msgsnd
-// Msgrcv
-// Shm_open
-// Shm_unlink
-// Sem_open
-// Sem_close
-// Sem_unlink
-// Sem_wait
-// Sem_trywait
-// Sem_post
-// Sem_getvalue
-// Sem_init
-// Sem_destroy
-// Open_extended
-// Umask_extended
-// Stat_extended
-// Lstat_extended
-// Fstat_extended
-// Chmod_extended
-// Fchmod_extended
-// Access_extended
-// Settid
-// Gettid
-// Setsgroups
-// Getsgroups
-// Setwgroups
-// Getwgroups
-// Mkfifo_extended
-// Mkdir_extended
-// Identitysvc
-// Shared_region_check_np
-// Shared_region_map_np
-// __pthread_mutex_destroy
-// __pthread_mutex_init
-// __pthread_mutex_lock
-// __pthread_mutex_trylock
-// __pthread_mutex_unlock
-// __pthread_cond_init
-// __pthread_cond_destroy
-// __pthread_cond_broadcast
-// __pthread_cond_signal
-// Setsid_with_pid
-// __pthread_cond_timedwait
-// Aio_fsync
-// Aio_return
-// Aio_suspend
-// Aio_cancel
-// Aio_error
-// Aio_read
-// Aio_write
-// Lio_listio
-// __pthread_cond_wait
-// Iopolicysys
-// __pthread_kill
-// __pthread_sigmask
-// __sigwait
-// __disable_threadsignal
-// __pthread_markcancel
-// __pthread_canceled
-// __semwait_signal
-// Proc_info
-// sendfile
-// Stat64_extended
-// Lstat64_extended
-// Fstat64_extended
-// __pthread_chdir
-// __pthread_fchdir
-// Audit
-// Auditon
-// Getauid
-// Setauid
-// Getaudit
-// Setaudit
-// Getaudit_addr
-// Setaudit_addr
-// Auditctl
-// Bsdthread_create
-// Bsdthread_terminate
-// Stack_snapshot
-// Bsdthread_register
-// Workq_open
-// Workq_ops
-// __mac_execve
-// __mac_syscall
-// __mac_get_file
-// __mac_set_file
-// __mac_get_link
-// __mac_set_link
-// __mac_get_proc
-// __mac_set_proc
-// __mac_get_fd
-// __mac_set_fd
-// __mac_get_pid
-// __mac_get_lcid
-// __mac_get_lctx
-// __mac_set_lctx
-// Setlcid
-// Read_nocancel
-// Write_nocancel
-// Open_nocancel
-// Close_nocancel
-// Wait4_nocancel
-// Recvmsg_nocancel
-// Sendmsg_nocancel
-// Recvfrom_nocancel
-// Accept_nocancel
-// Fcntl_nocancel
-// Select_nocancel
-// Fsync_nocancel
-// Connect_nocancel
-// Sigsuspend_nocancel
-// Readv_nocancel
-// Writev_nocancel
-// Sendto_nocancel
-// Pread_nocancel
-// Pwrite_nocancel
-// Waitid_nocancel
-// Poll_nocancel
-// Msgsnd_nocancel
-// Msgrcv_nocancel
-// Sem_wait_nocancel
-// Aio_suspend_nocancel
-// __sigwait_nocancel
-// __semwait_signal_nocancel
-// __mac_mount
-// __mac_get_mount
-// __mac_getfsstat
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
index 9fa879806..b37310ce9 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
@@ -47,6 +47,5 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr,
 //sys	getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT64
 //sys	Lstat(path string, stat *Stat_t) (err error) = SYS_LSTAT64
 //sys	ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace
-//sys	ptrace1Ptr(request int, pid int, addr unsafe.Pointer, data uintptr) (err error) = SYS_ptrace
 //sys	Stat(path string, stat *Stat_t) (err error) = SYS_STAT64
 //sys	Statfs(path string, stat *Statfs_t) (err error) = SYS_STATFS64
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
index f17b8c526..d51ec9963 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
@@ -47,6 +47,5 @@ func Syscall9(num, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr,
 //sys	getfsstat(buf unsafe.Pointer, size uintptr, flags int) (n int, err error) = SYS_GETFSSTAT
 //sys	Lstat(path string, stat *Stat_t) (err error)
 //sys	ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) = SYS_ptrace
-//sys	ptrace1Ptr(request int, pid int, addr unsafe.Pointer, data uintptr) (err error) = SYS_ptrace
 //sys	Stat(path string, stat *Stat_t) (err error)
 //sys	Statfs(path string, stat *Statfs_t) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
index d4ce988e7..97cb916f2 100644
--- a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
+++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
@@ -343,203 +343,5 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 //sys	write(fd int, p []byte) (n int, err error)
 //sys	mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
 //sys	munmap(addr uintptr, length uintptr) (err error)
-//sys	readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
-//sys	writelen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_WRITE
 //sys	accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error)
 //sys	utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error)
-
-/*
- * Unimplemented
- * TODO(jsing): Update this list for DragonFly.
- */
-// Profil
-// Sigaction
-// Sigprocmask
-// Getlogin
-// Sigpending
-// Sigaltstack
-// Reboot
-// Execve
-// Vfork
-// Sbrk
-// Sstk
-// Ovadvise
-// Mincore
-// Setitimer
-// Swapon
-// Select
-// Sigsuspend
-// Readv
-// Writev
-// Nfssvc
-// Getfh
-// Quotactl
-// Mount
-// Csops
-// Waitid
-// Add_profil
-// Kdebug_trace
-// Sigreturn
-// Atsocket
-// Kqueue_from_portset_np
-// Kqueue_portset
-// Getattrlist
-// Setattrlist
-// Getdirentriesattr
-// Searchfs
-// Delete
-// Copyfile
-// Watchevent
-// Waitevent
-// Modwatch
-// Getxattr
-// Fgetxattr
-// Setxattr
-// Fsetxattr
-// Removexattr
-// Fremovexattr
-// Listxattr
-// Flistxattr
-// Fsctl
-// Initgroups
-// Posix_spawn
-// Nfsclnt
-// Fhopen
-// Minherit
-// Semsys
-// Msgsys
-// Shmsys
-// Semctl
-// Semget
-// Semop
-// Msgctl
-// Msgget
-// Msgsnd
-// Msgrcv
-// Shmat
-// Shmctl
-// Shmdt
-// Shmget
-// Shm_open
-// Shm_unlink
-// Sem_open
-// Sem_close
-// Sem_unlink
-// Sem_wait
-// Sem_trywait
-// Sem_post
-// Sem_getvalue
-// Sem_init
-// Sem_destroy
-// Open_extended
-// Umask_extended
-// Stat_extended
-// Lstat_extended
-// Fstat_extended
-// Chmod_extended
-// Fchmod_extended
-// Access_extended
-// Settid
-// Gettid
-// Setsgroups
-// Getsgroups
-// Setwgroups
-// Getwgroups
-// Mkfifo_extended
-// Mkdir_extended
-// Identitysvc
-// Shared_region_check_np
-// Shared_region_map_np
-// __pthread_mutex_destroy
-// __pthread_mutex_init
-// __pthread_mutex_lock
-// __pthread_mutex_trylock
-// __pthread_mutex_unlock
-// __pthread_cond_init
-// __pthread_cond_destroy
-// __pthread_cond_broadcast
-// __pthread_cond_signal
-// Setsid_with_pid
-// __pthread_cond_timedwait
-// Aio_fsync
-// Aio_return
-// Aio_suspend
-// Aio_cancel
-// Aio_error
-// Aio_read
-// Aio_write
-// Lio_listio
-// __pthread_cond_wait
-// Iopolicysys
-// __pthread_kill
-// __pthread_sigmask
-// __sigwait
-// __disable_threadsignal
-// __pthread_markcancel
-// __pthread_canceled
-// __semwait_signal
-// Proc_info
-// Stat64_extended
-// Lstat64_extended
-// Fstat64_extended
-// __pthread_chdir
-// __pthread_fchdir
-// Audit
-// Auditon
-// Getauid
-// Setauid
-// Getaudit
-// Setaudit
-// Getaudit_addr
-// Setaudit_addr
-// Auditctl
-// Bsdthread_create
-// Bsdthread_terminate
-// Stack_snapshot
-// Bsdthread_register
-// Workq_open
-// Workq_ops
-// __mac_execve
-// __mac_syscall
-// __mac_get_file
-// __mac_set_file
-// __mac_get_link
-// __mac_set_link
-// __mac_get_proc
-// __mac_set_proc
-// __mac_get_fd
-// __mac_set_fd
-// __mac_get_pid
-// __mac_get_lcid
-// __mac_get_lctx
-// __mac_set_lctx
-// Setlcid
-// Read_nocancel
-// Write_nocancel
-// Open_nocancel
-// Close_nocancel
-// Wait4_nocancel
-// Recvmsg_nocancel
-// Sendmsg_nocancel
-// Recvfrom_nocancel
-// Accept_nocancel
-// Fcntl_nocancel
-// Select_nocancel
-// Fsync_nocancel
-// Connect_nocancel
-// Sigsuspend_nocancel
-// Readv_nocancel
-// Writev_nocancel
-// Sendto_nocancel
-// Pread_nocancel
-// Pwrite_nocancel
-// Waitid_nocancel
-// Msgsnd_nocancel
-// Msgrcv_nocancel
-// Sem_wait_nocancel
-// Aio_suspend_nocancel
-// __sigwait_nocancel
-// __semwait_signal_nocancel
-// __mac_mount
-// __mac_get_mount
-// __mac_getfsstat
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd.go b/vendor/golang.org/x/sys/unix/syscall_freebsd.go
index afb10106f..64d1bb4db 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd.go
@@ -449,197 +449,5 @@ func Dup3(oldfd, newfd, flags int) error {
 //sys	write(fd int, p []byte) (n int, err error)
 //sys	mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
 //sys	munmap(addr uintptr, length uintptr) (err error)
-//sys	readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
-//sys	writelen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_WRITE
 //sys	accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error)
 //sys	utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error)
-
-/*
- * Unimplemented
- */
-// Profil
-// Sigaction
-// Sigprocmask
-// Getlogin
-// Sigpending
-// Sigaltstack
-// Ioctl
-// Reboot
-// Execve
-// Vfork
-// Sbrk
-// Sstk
-// Ovadvise
-// Mincore
-// Setitimer
-// Swapon
-// Select
-// Sigsuspend
-// Readv
-// Writev
-// Nfssvc
-// Getfh
-// Quotactl
-// Mount
-// Csops
-// Waitid
-// Add_profil
-// Kdebug_trace
-// Sigreturn
-// Atsocket
-// Kqueue_from_portset_np
-// Kqueue_portset
-// Getattrlist
-// Setattrlist
-// Getdents
-// Getdirentriesattr
-// Searchfs
-// Delete
-// Copyfile
-// Watchevent
-// Waitevent
-// Modwatch
-// Fsctl
-// Initgroups
-// Posix_spawn
-// Nfsclnt
-// Fhopen
-// Minherit
-// Semsys
-// Msgsys
-// Shmsys
-// Semctl
-// Semget
-// Semop
-// Msgctl
-// Msgget
-// Msgsnd
-// Msgrcv
-// Shmat
-// Shmctl
-// Shmdt
-// Shmget
-// Shm_open
-// Shm_unlink
-// Sem_open
-// Sem_close
-// Sem_unlink
-// Sem_wait
-// Sem_trywait
-// Sem_post
-// Sem_getvalue
-// Sem_init
-// Sem_destroy
-// Open_extended
-// Umask_extended
-// Stat_extended
-// Lstat_extended
-// Fstat_extended
-// Chmod_extended
-// Fchmod_extended
-// Access_extended
-// Settid
-// Gettid
-// Setsgroups
-// Getsgroups
-// Setwgroups
-// Getwgroups
-// Mkfifo_extended
-// Mkdir_extended
-// Identitysvc
-// Shared_region_check_np
-// Shared_region_map_np
-// __pthread_mutex_destroy
-// __pthread_mutex_init
-// __pthread_mutex_lock
-// __pthread_mutex_trylock
-// __pthread_mutex_unlock
-// __pthread_cond_init
-// __pthread_cond_destroy
-// __pthread_cond_broadcast
-// __pthread_cond_signal
-// Setsid_with_pid
-// __pthread_cond_timedwait
-// Aio_fsync
-// Aio_return
-// Aio_suspend
-// Aio_cancel
-// Aio_error
-// Aio_read
-// Aio_write
-// Lio_listio
-// __pthread_cond_wait
-// Iopolicysys
-// __pthread_kill
-// __pthread_sigmask
-// __sigwait
-// __disable_threadsignal
-// __pthread_markcancel
-// __pthread_canceled
-// __semwait_signal
-// Proc_info
-// Stat64_extended
-// Lstat64_extended
-// Fstat64_extended
-// __pthread_chdir
-// __pthread_fchdir
-// Audit
-// Auditon
-// Getauid
-// Setauid
-// Getaudit
-// Setaudit
-// Getaudit_addr
-// Setaudit_addr
-// Auditctl
-// Bsdthread_create
-// Bsdthread_terminate
-// Stack_snapshot
-// Bsdthread_register
-// Workq_open
-// Workq_ops
-// __mac_execve
-// __mac_syscall
-// __mac_get_file
-// __mac_set_file
-// __mac_get_link
-// __mac_set_link
-// __mac_get_proc
-// __mac_set_proc
-// __mac_get_fd
-// __mac_set_fd
-// __mac_get_pid
-// __mac_get_lcid
-// __mac_get_lctx
-// __mac_set_lctx
-// Setlcid
-// Read_nocancel
-// Write_nocancel
-// Open_nocancel
-// Close_nocancel
-// Wait4_nocancel
-// Recvmsg_nocancel
-// Sendmsg_nocancel
-// Recvfrom_nocancel
-// Accept_nocancel
-// Fcntl_nocancel
-// Select_nocancel
-// Fsync_nocancel
-// Connect_nocancel
-// Sigsuspend_nocancel
-// Readv_nocancel
-// Writev_nocancel
-// Sendto_nocancel
-// Pread_nocancel
-// Pwrite_nocancel
-// Waitid_nocancel
-// Poll_nocancel
-// Msgsnd_nocancel
-// Msgrcv_nocancel
-// Sem_wait_nocancel
-// Aio_suspend_nocancel
-// __sigwait_nocancel
-// __semwait_signal_nocancel
-// __mac_mount
-// __mac_get_mount
-// __mac_getfsstat
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index 0ba030197..fb4e50224 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -693,10 +693,10 @@ type SockaddrALG struct {
 
 func (sa *SockaddrALG) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	// Leave room for NUL byte terminator.
-	if len(sa.Type) > 13 {
+	if len(sa.Type) > len(sa.raw.Type)-1 {
 		return nil, 0, EINVAL
 	}
-	if len(sa.Name) > 63 {
+	if len(sa.Name) > len(sa.raw.Name)-1 {
 		return nil, 0, EINVAL
 	}
 
@@ -704,17 +704,8 @@ func (sa *SockaddrALG) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	sa.raw.Feat = sa.Feature
 	sa.raw.Mask = sa.Mask
 
-	typ, err := ByteSliceFromString(sa.Type)
-	if err != nil {
-		return nil, 0, err
-	}
-	name, err := ByteSliceFromString(sa.Name)
-	if err != nil {
-		return nil, 0, err
-	}
-
-	copy(sa.raw.Type[:], typ)
-	copy(sa.raw.Name[:], name)
+	copy(sa.raw.Type[:], sa.Type)
+	copy(sa.raw.Name[:], sa.Name)
 
 	return unsafe.Pointer(&sa.raw), SizeofSockaddrALG, nil
 }
@@ -1988,8 +1979,6 @@ func Signalfd(fd int, sigmask *Sigset_t, flags int) (newfd int, err error) {
 //sys	Unshare(flags int) (err error)
 //sys	write(fd int, p []byte) (n int, err error)
 //sys	exitThread(code int) (err error) = SYS_EXIT
-//sys	readlen(fd int, p *byte, np int) (n int, err error) = SYS_READ
-//sys	writelen(fd int, p *byte, np int) (n int, err error) = SYS_WRITE
 //sys	readv(fd int, iovs []Iovec) (n int, err error) = SYS_READV
 //sys	writev(fd int, iovs []Iovec) (n int, err error) = SYS_WRITEV
 //sys	preadv(fd int, iovs []Iovec, offs_l uintptr, offs_h uintptr) (n int, err error) = SYS_PREADV
@@ -2493,99 +2482,3 @@ func SchedGetAttr(pid int, flags uint) (*SchedAttr, error) {
 	}
 	return attr, nil
 }
-
-/*
- * Unimplemented
- */
-// AfsSyscall
-// ArchPrctl
-// Brk
-// ClockNanosleep
-// ClockSettime
-// Clone
-// EpollCtlOld
-// EpollPwait
-// EpollWaitOld
-// Execve
-// Fork
-// Futex
-// GetKernelSyms
-// GetMempolicy
-// GetRobustList
-// GetThreadArea
-// Getpmsg
-// IoCancel
-// IoDestroy
-// IoGetevents
-// IoSetup
-// IoSubmit
-// IoprioGet
-// IoprioSet
-// KexecLoad
-// LookupDcookie
-// Mbind
-// MigratePages
-// Mincore
-// ModifyLdt
-// Mount
-// MovePages
-// MqGetsetattr
-// MqNotify
-// MqOpen
-// MqTimedreceive
-// MqTimedsend
-// MqUnlink
-// Msgctl
-// Msgget
-// Msgrcv
-// Msgsnd
-// Nfsservctl
-// Personality
-// Pselect6
-// Ptrace
-// Putpmsg
-// Quotactl
-// Readahead
-// Readv
-// RemapFilePages
-// RestartSyscall
-// RtSigaction
-// RtSigpending
-// RtSigqueueinfo
-// RtSigreturn
-// RtSigsuspend
-// RtSigtimedwait
-// SchedGetPriorityMax
-// SchedGetPriorityMin
-// SchedGetparam
-// SchedGetscheduler
-// SchedRrGetInterval
-// SchedSetparam
-// SchedYield
-// Security
-// Semctl
-// Semget
-// Semop
-// Semtimedop
-// SetMempolicy
-// SetRobustList
-// SetThreadArea
-// SetTidAddress
-// Sigaltstack
-// Swapoff
-// Swapon
-// Sysfs
-// TimerCreate
-// TimerDelete
-// TimerGetoverrun
-// TimerGettime
-// TimerSettime
-// Tkill (obsolete)
-// Tuxcall
-// Umount2
-// Uselib
-// Utimensat
-// Vfork
-// Vhangup
-// Vserver
-// _Sysctl
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd.go b/vendor/golang.org/x/sys/unix/syscall_netbsd.go
index ddd1ac853..88162099a 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd.go
@@ -356,8 +356,6 @@ func Statvfs(path string, buf *Statvfs_t) (err error) {
 //sys	write(fd int, p []byte) (n int, err error)
 //sys	mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
 //sys	munmap(addr uintptr, length uintptr) (err error)
-//sys	readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
-//sys	writelen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_WRITE
 //sys	utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error)
 
 const (
@@ -371,262 +369,3 @@ const (
 func mremap(oldaddr uintptr, oldlength uintptr, newlength uintptr, flags int, newaddr uintptr) (uintptr, error) {
 	return mremapNetBSD(oldaddr, oldlength, newaddr, newlength, flags)
 }
-
-/*
- * Unimplemented
- */
-// ____semctl13
-// __clone
-// __fhopen40
-// __fhstat40
-// __fhstatvfs140
-// __fstat30
-// __getcwd
-// __getfh30
-// __getlogin
-// __lstat30
-// __mount50
-// __msgctl13
-// __msync13
-// __ntp_gettime30
-// __posix_chown
-// __posix_fchown
-// __posix_lchown
-// __posix_rename
-// __setlogin
-// __shmctl13
-// __sigaction_sigtramp
-// __sigaltstack14
-// __sigpending14
-// __sigprocmask14
-// __sigsuspend14
-// __sigtimedwait
-// __stat30
-// __syscall
-// __vfork14
-// _ksem_close
-// _ksem_destroy
-// _ksem_getvalue
-// _ksem_init
-// _ksem_open
-// _ksem_post
-// _ksem_trywait
-// _ksem_unlink
-// _ksem_wait
-// _lwp_continue
-// _lwp_create
-// _lwp_ctl
-// _lwp_detach
-// _lwp_exit
-// _lwp_getname
-// _lwp_getprivate
-// _lwp_kill
-// _lwp_park
-// _lwp_self
-// _lwp_setname
-// _lwp_setprivate
-// _lwp_suspend
-// _lwp_unpark
-// _lwp_unpark_all
-// _lwp_wait
-// _lwp_wakeup
-// _pset_bind
-// _sched_getaffinity
-// _sched_getparam
-// _sched_setaffinity
-// _sched_setparam
-// acct
-// aio_cancel
-// aio_error
-// aio_fsync
-// aio_read
-// aio_return
-// aio_suspend
-// aio_write
-// break
-// clock_getres
-// clock_gettime
-// clock_settime
-// compat_09_ogetdomainname
-// compat_09_osetdomainname
-// compat_09_ouname
-// compat_10_omsgsys
-// compat_10_osemsys
-// compat_10_oshmsys
-// compat_12_fstat12
-// compat_12_getdirentries
-// compat_12_lstat12
-// compat_12_msync
-// compat_12_oreboot
-// compat_12_oswapon
-// compat_12_stat12
-// compat_13_sigaction13
-// compat_13_sigaltstack13
-// compat_13_sigpending13
-// compat_13_sigprocmask13
-// compat_13_sigreturn13
-// compat_13_sigsuspend13
-// compat_14___semctl
-// compat_14_msgctl
-// compat_14_shmctl
-// compat_16___sigaction14
-// compat_16___sigreturn14
-// compat_20_fhstatfs
-// compat_20_fstatfs
-// compat_20_getfsstat
-// compat_20_statfs
-// compat_30___fhstat30
-// compat_30___fstat13
-// compat_30___lstat13
-// compat_30___stat13
-// compat_30_fhopen
-// compat_30_fhstat
-// compat_30_fhstatvfs1
-// compat_30_getdents
-// compat_30_getfh
-// compat_30_ntp_gettime
-// compat_30_socket
-// compat_40_mount
-// compat_43_fstat43
-// compat_43_lstat43
-// compat_43_oaccept
-// compat_43_ocreat
-// compat_43_oftruncate
-// compat_43_ogetdirentries
-// compat_43_ogetdtablesize
-// compat_43_ogethostid
-// compat_43_ogethostname
-// compat_43_ogetkerninfo
-// compat_43_ogetpagesize
-// compat_43_ogetpeername
-// compat_43_ogetrlimit
-// compat_43_ogetsockname
-// compat_43_okillpg
-// compat_43_olseek
-// compat_43_ommap
-// compat_43_oquota
-// compat_43_orecv
-// compat_43_orecvfrom
-// compat_43_orecvmsg
-// compat_43_osend
-// compat_43_osendmsg
-// compat_43_osethostid
-// compat_43_osethostname
-// compat_43_osigblock
-// compat_43_osigsetmask
-// compat_43_osigstack
-// compat_43_osigvec
-// compat_43_otruncate
-// compat_43_owait
-// compat_43_stat43
-// execve
-// extattr_delete_fd
-// extattr_delete_file
-// extattr_delete_link
-// extattr_get_fd
-// extattr_get_file
-// extattr_get_link
-// extattr_list_fd
-// extattr_list_file
-// extattr_list_link
-// extattr_set_fd
-// extattr_set_file
-// extattr_set_link
-// extattrctl
-// fchroot
-// fdatasync
-// fgetxattr
-// fktrace
-// flistxattr
-// fork
-// fremovexattr
-// fsetxattr
-// fstatvfs1
-// fsync_range
-// getcontext
-// getitimer
-// getvfsstat
-// getxattr
-// ktrace
-// lchflags
-// lchmod
-// lfs_bmapv
-// lfs_markv
-// lfs_segclean
-// lfs_segwait
-// lgetxattr
-// lio_listio
-// listxattr
-// llistxattr
-// lremovexattr
-// lseek
-// lsetxattr
-// lutimes
-// madvise
-// mincore
-// minherit
-// modctl
-// mq_close
-// mq_getattr
-// mq_notify
-// mq_open
-// mq_receive
-// mq_send
-// mq_setattr
-// mq_timedreceive
-// mq_timedsend
-// mq_unlink
-// msgget
-// msgrcv
-// msgsnd
-// nfssvc
-// ntp_adjtime
-// pmc_control
-// pmc_get_info
-// pollts
-// preadv
-// profil
-// pselect
-// pset_assign
-// pset_create
-// pset_destroy
-// ptrace
-// pwritev
-// quotactl
-// rasctl
-// readv
-// reboot
-// removexattr
-// sa_enable
-// sa_preempt
-// sa_register
-// sa_setconcurrency
-// sa_stacks
-// sa_yield
-// sbrk
-// sched_yield
-// semconfig
-// semget
-// semop
-// setcontext
-// setitimer
-// setxattr
-// shmat
-// shmdt
-// shmget
-// sstk
-// statvfs1
-// swapctl
-// sysarch
-// syscall
-// timer_create
-// timer_delete
-// timer_getoverrun
-// timer_gettime
-// timer_settime
-// undelete
-// utrace
-// uuidgen
-// vadvise
-// vfork
-// writev
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
index c5f166a11..6f34479b5 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
@@ -326,78 +326,4 @@ func Uname(uname *Utsname) error {
 //sys	write(fd int, p []byte) (n int, err error)
 //sys	mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
 //sys	munmap(addr uintptr, length uintptr) (err error)
-//sys	readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
-//sys	writelen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_WRITE
 //sys	utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error)
-
-/*
- * Unimplemented
- */
-// __getcwd
-// __semctl
-// __syscall
-// __sysctl
-// adjfreq
-// break
-// clock_getres
-// clock_gettime
-// clock_settime
-// closefrom
-// execve
-// fhopen
-// fhstat
-// fhstatfs
-// fork
-// futimens
-// getfh
-// getgid
-// getitimer
-// getlogin
-// getthrid
-// ktrace
-// lfs_bmapv
-// lfs_markv
-// lfs_segclean
-// lfs_segwait
-// mincore
-// minherit
-// mount
-// mquery
-// msgctl
-// msgget
-// msgrcv
-// msgsnd
-// nfssvc
-// nnpfspioctl
-// preadv
-// profil
-// pwritev
-// quotactl
-// readv
-// reboot
-// renameat
-// rfork
-// sched_yield
-// semget
-// semop
-// setgroups
-// setitimer
-// setsockopt
-// shmat
-// shmctl
-// shmdt
-// shmget
-// sigaction
-// sigaltstack
-// sigpending
-// sigprocmask
-// sigreturn
-// sigsuspend
-// sysarch
-// syscall
-// threxit
-// thrsigdivert
-// thrsleep
-// thrwakeup
-// vfork
-// writev
diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go
index 72d23575f..b99cfa134 100644
--- a/vendor/golang.org/x/sys/unix/syscall_solaris.go
+++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go
@@ -698,24 +698,6 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 //sys	setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) = libsocket.setsockopt
 //sys	recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) = libsocket.recvfrom
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procread)), 3, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf), 0, 0, 0)
-	n = int(r0)
-	if e1 != 0 {
-		err = e1
-	}
-	return
-}
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procwrite)), 3, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf), 0, 0, 0)
-	n = int(r0)
-	if e1 != 0 {
-		err = e1
-	}
-	return
-}
-
 // Event Ports
 
 type fileObjCookie struct {
diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
index 44e72edb4..4596d041c 100644
--- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
@@ -192,7 +192,6 @@ func (cmsg *Cmsghdr) SetLen(length int) {
 
 //sys   fcntl(fd int, cmd int, arg int) (val int, err error)
 //sys	read(fd int, p []byte) (n int, err error)
-//sys   readlen(fd int, buf *byte, nbuf int) (n int, err error) = SYS_READ
 //sys	write(fd int, p []byte) (n int, err error)
 
 //sys	accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) = SYS___ACCEPT_A
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index 0787a043b..f9c7f479b 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -2421,6 +2421,15 @@ const (
 	PR_PAC_GET_ENABLED_KEYS                     = 0x3d
 	PR_PAC_RESET_KEYS                           = 0x36
 	PR_PAC_SET_ENABLED_KEYS                     = 0x3c
+	PR_RISCV_V_GET_CONTROL                      = 0x46
+	PR_RISCV_V_SET_CONTROL                      = 0x45
+	PR_RISCV_V_VSTATE_CTRL_CUR_MASK             = 0x3
+	PR_RISCV_V_VSTATE_CTRL_DEFAULT              = 0x0
+	PR_RISCV_V_VSTATE_CTRL_INHERIT              = 0x10
+	PR_RISCV_V_VSTATE_CTRL_MASK                 = 0x1f
+	PR_RISCV_V_VSTATE_CTRL_NEXT_MASK            = 0xc
+	PR_RISCV_V_VSTATE_CTRL_OFF                  = 0x1
+	PR_RISCV_V_VSTATE_CTRL_ON                   = 0x2
 	PR_SCHED_CORE                               = 0x3e
 	PR_SCHED_CORE_CREATE                        = 0x1
 	PR_SCHED_CORE_GET                           = 0x0
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index cfb143001..30aee00a5 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -326,10 +326,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x10
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x11
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index df64f2d59..8ebfa5127 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -327,10 +327,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x10
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x11
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index 3025cd5b2..271a21cdc 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -333,10 +333,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x10
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x11
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index 09e1ffbef..910c330a3 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -323,10 +323,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x10
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x11
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
index a45723540..a640798c9 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
@@ -118,6 +118,8 @@ const (
 	IUCLC                            = 0x200
 	IXOFF                            = 0x1000
 	IXON                             = 0x400
+	LASX_CTX_MAGIC                   = 0x41535801
+	LSX_CTX_MAGIC                    = 0x53580001
 	MAP_ANON                         = 0x20
 	MAP_ANONYMOUS                    = 0x20
 	MAP_DENYWRITE                    = 0x800
@@ -317,10 +319,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x10
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x11
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index fee7dfb81..0d5925d34 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -326,10 +326,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0x100
 	SO_PASSCRED                      = 0x11
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x12
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1e
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x1028
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index a5b2373ae..d72a00e0b 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -326,10 +326,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0x100
 	SO_PASSCRED                      = 0x11
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x12
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1e
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x1028
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index 5dde82c98..02ba129f8 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -326,10 +326,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0x100
 	SO_PASSCRED                      = 0x11
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x12
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1e
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x1028
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index 2e80ea6b3..8daa6dd96 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -326,10 +326,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0x100
 	SO_PASSCRED                      = 0x11
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x12
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1e
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x1028
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index a65dcd7cb..63c8fa2f7 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -381,10 +381,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x14
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x15
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index cbd34e3d8..930799ec1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -385,10 +385,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x14
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x15
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index e4afa7a31..8605a7dd7 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -385,10 +385,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x14
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x15
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index 44f45a039..95a016f1c 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -314,10 +314,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x10
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x11
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 74733e260..1ae0108f5 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -389,10 +389,12 @@ const (
 	SO_NOFCS                         = 0x2b
 	SO_OOBINLINE                     = 0xa
 	SO_PASSCRED                      = 0x10
+	SO_PASSPIDFD                     = 0x4c
 	SO_PASSSEC                       = 0x22
 	SO_PEEK_OFF                      = 0x2a
 	SO_PEERCRED                      = 0x11
 	SO_PEERGROUPS                    = 0x3b
+	SO_PEERPIDFD                     = 0x4d
 	SO_PEERSEC                       = 0x1f
 	SO_PREFER_BUSY_POLL              = 0x45
 	SO_PROTOCOL                      = 0x26
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index f5f3934b1..1bb7c6333 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -428,10 +428,12 @@ const (
 	SO_NOFCS                         = 0x27
 	SO_OOBINLINE                     = 0x100
 	SO_PASSCRED                      = 0x2
+	SO_PASSPIDFD                     = 0x55
 	SO_PASSSEC                       = 0x1f
 	SO_PEEK_OFF                      = 0x26
 	SO_PEERCRED                      = 0x40
 	SO_PEERGROUPS                    = 0x3d
+	SO_PEERPIDFD                     = 0x56
 	SO_PEERSEC                       = 0x1e
 	SO_PREFER_BUSY_POLL              = 0x48
 	SO_PROTOCOL                      = 0x1028
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
index 9a257219d..d1d1d2331 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
@@ -817,28 +817,6 @@ func write(fd int, p []byte) (n int, err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, p *byte, np int) (n int, err error) {
-	r0, er := C.read(C.int(fd), C.uintptr_t(uintptr(unsafe.Pointer(p))), C.size_t(np))
-	n = int(r0)
-	if r0 == -1 && er != nil {
-		err = er
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, p *byte, np int) (n int, err error) {
-	r0, er := C.write(C.int(fd), C.uintptr_t(uintptr(unsafe.Pointer(p))), C.size_t(np))
-	n = int(r0)
-	if r0 == -1 && er != nil {
-		err = er
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Dup2(oldfd int, newfd int) (err error) {
 	r0, er := C.dup2(C.int(oldfd), C.int(newfd))
 	if r0 == -1 && er != nil {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
index 6de80c20c..f99a18adc 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
@@ -762,28 +762,6 @@ func write(fd int, p []byte) (n int, err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, p *byte, np int) (n int, err error) {
-	r0, e1 := callread(fd, uintptr(unsafe.Pointer(p)), np)
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, p *byte, np int) (n int, err error) {
-	r0, e1 := callwrite(fd, uintptr(unsafe.Pointer(p)), np)
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Dup2(oldfd int, newfd int) (err error) {
 	_, e1 := calldup2(oldfd, newfd)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
index 4037ccf7a..1cad561e9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
@@ -725,6 +725,12 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
 	return
 }
 
+var libc_ioctl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -733,10 +739,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	return
 }
 
-var libc_ioctl_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib"
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
@@ -2410,28 +2412,6 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Fstat(fd int, stat *Stat_t) (err error) {
 	_, _, e1 := syscall_syscall(libc_fstat64_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
 	if e1 != 0 {
@@ -2521,14 +2501,6 @@ func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) {
 	return
 }
 
-func ptrace1Ptr(request int, pid int, addr uintptr, data unsafe.Pointer) (err error) {
-	_, _, e1 := syscall_syscall6(libc_ptrace_trampoline_addr, uintptr(request), uintptr(pid), addr, uintptr(data), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 var libc_ptrace_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
index 4baaed0bc..8b8bb2840 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
@@ -5,703 +5,586 @@
 
 TEXT libc_fdopendir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fdopendir(SB)
-
 GLOBL	·libc_fdopendir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fdopendir_trampoline_addr(SB)/8, $libc_fdopendir_trampoline<>(SB)
 
 TEXT libc_getgroups_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getgroups(SB)
-
 GLOBL	·libc_getgroups_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getgroups_trampoline_addr(SB)/8, $libc_getgroups_trampoline<>(SB)
 
 TEXT libc_setgroups_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setgroups(SB)
-
 GLOBL	·libc_setgroups_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setgroups_trampoline_addr(SB)/8, $libc_setgroups_trampoline<>(SB)
 
 TEXT libc_wait4_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_wait4(SB)
-
 GLOBL	·libc_wait4_trampoline_addr(SB), RODATA, $8
 DATA	·libc_wait4_trampoline_addr(SB)/8, $libc_wait4_trampoline<>(SB)
 
 TEXT libc_accept_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_accept(SB)
-
 GLOBL	·libc_accept_trampoline_addr(SB), RODATA, $8
 DATA	·libc_accept_trampoline_addr(SB)/8, $libc_accept_trampoline<>(SB)
 
 TEXT libc_bind_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_bind(SB)
-
 GLOBL	·libc_bind_trampoline_addr(SB), RODATA, $8
 DATA	·libc_bind_trampoline_addr(SB)/8, $libc_bind_trampoline<>(SB)
 
 TEXT libc_connect_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_connect(SB)
-
 GLOBL	·libc_connect_trampoline_addr(SB), RODATA, $8
 DATA	·libc_connect_trampoline_addr(SB)/8, $libc_connect_trampoline<>(SB)
 
 TEXT libc_socket_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_socket(SB)
-
 GLOBL	·libc_socket_trampoline_addr(SB), RODATA, $8
 DATA	·libc_socket_trampoline_addr(SB)/8, $libc_socket_trampoline<>(SB)
 
 TEXT libc_getsockopt_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getsockopt(SB)
-
 GLOBL	·libc_getsockopt_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getsockopt_trampoline_addr(SB)/8, $libc_getsockopt_trampoline<>(SB)
 
 TEXT libc_setsockopt_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setsockopt(SB)
-
 GLOBL	·libc_setsockopt_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setsockopt_trampoline_addr(SB)/8, $libc_setsockopt_trampoline<>(SB)
 
 TEXT libc_getpeername_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpeername(SB)
-
 GLOBL	·libc_getpeername_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpeername_trampoline_addr(SB)/8, $libc_getpeername_trampoline<>(SB)
 
 TEXT libc_getsockname_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getsockname(SB)
-
 GLOBL	·libc_getsockname_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getsockname_trampoline_addr(SB)/8, $libc_getsockname_trampoline<>(SB)
 
 TEXT libc_shutdown_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shutdown(SB)
-
 GLOBL	·libc_shutdown_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shutdown_trampoline_addr(SB)/8, $libc_shutdown_trampoline<>(SB)
 
 TEXT libc_socketpair_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_socketpair(SB)
-
 GLOBL	·libc_socketpair_trampoline_addr(SB), RODATA, $8
 DATA	·libc_socketpair_trampoline_addr(SB)/8, $libc_socketpair_trampoline<>(SB)
 
 TEXT libc_recvfrom_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_recvfrom(SB)
-
 GLOBL	·libc_recvfrom_trampoline_addr(SB), RODATA, $8
 DATA	·libc_recvfrom_trampoline_addr(SB)/8, $libc_recvfrom_trampoline<>(SB)
 
 TEXT libc_sendto_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendto(SB)
-
 GLOBL	·libc_sendto_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sendto_trampoline_addr(SB)/8, $libc_sendto_trampoline<>(SB)
 
 TEXT libc_recvmsg_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_recvmsg(SB)
-
 GLOBL	·libc_recvmsg_trampoline_addr(SB), RODATA, $8
 DATA	·libc_recvmsg_trampoline_addr(SB)/8, $libc_recvmsg_trampoline<>(SB)
 
 TEXT libc_sendmsg_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendmsg(SB)
-
 GLOBL	·libc_sendmsg_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sendmsg_trampoline_addr(SB)/8, $libc_sendmsg_trampoline<>(SB)
 
 TEXT libc_kevent_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_kevent(SB)
-
 GLOBL	·libc_kevent_trampoline_addr(SB), RODATA, $8
 DATA	·libc_kevent_trampoline_addr(SB)/8, $libc_kevent_trampoline<>(SB)
 
 TEXT libc_utimes_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimes(SB)
-
 GLOBL	·libc_utimes_trampoline_addr(SB), RODATA, $8
 DATA	·libc_utimes_trampoline_addr(SB)/8, $libc_utimes_trampoline<>(SB)
 
 TEXT libc_futimes_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_futimes(SB)
-
 GLOBL	·libc_futimes_trampoline_addr(SB), RODATA, $8
 DATA	·libc_futimes_trampoline_addr(SB)/8, $libc_futimes_trampoline<>(SB)
 
 TEXT libc_poll_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_poll(SB)
-
 GLOBL	·libc_poll_trampoline_addr(SB), RODATA, $8
 DATA	·libc_poll_trampoline_addr(SB)/8, $libc_poll_trampoline<>(SB)
 
 TEXT libc_madvise_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_madvise(SB)
-
 GLOBL	·libc_madvise_trampoline_addr(SB), RODATA, $8
 DATA	·libc_madvise_trampoline_addr(SB)/8, $libc_madvise_trampoline<>(SB)
 
 TEXT libc_mlock_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mlock(SB)
-
 GLOBL	·libc_mlock_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mlock_trampoline_addr(SB)/8, $libc_mlock_trampoline<>(SB)
 
 TEXT libc_mlockall_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mlockall(SB)
-
 GLOBL	·libc_mlockall_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mlockall_trampoline_addr(SB)/8, $libc_mlockall_trampoline<>(SB)
 
 TEXT libc_mprotect_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mprotect(SB)
-
 GLOBL	·libc_mprotect_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mprotect_trampoline_addr(SB)/8, $libc_mprotect_trampoline<>(SB)
 
 TEXT libc_msync_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_msync(SB)
-
 GLOBL	·libc_msync_trampoline_addr(SB), RODATA, $8
 DATA	·libc_msync_trampoline_addr(SB)/8, $libc_msync_trampoline<>(SB)
 
 TEXT libc_munlock_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_munlock(SB)
-
 GLOBL	·libc_munlock_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munlock_trampoline_addr(SB)/8, $libc_munlock_trampoline<>(SB)
 
 TEXT libc_munlockall_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_munlockall(SB)
-
 GLOBL	·libc_munlockall_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munlockall_trampoline_addr(SB)/8, $libc_munlockall_trampoline<>(SB)
 
 TEXT libc_closedir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_closedir(SB)
-
 GLOBL	·libc_closedir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_closedir_trampoline_addr(SB)/8, $libc_closedir_trampoline<>(SB)
 
 TEXT libc_readdir_r_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_readdir_r(SB)
-
 GLOBL	·libc_readdir_r_trampoline_addr(SB), RODATA, $8
 DATA	·libc_readdir_r_trampoline_addr(SB)/8, $libc_readdir_r_trampoline<>(SB)
 
 TEXT libc_pipe_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_pipe(SB)
-
 GLOBL	·libc_pipe_trampoline_addr(SB), RODATA, $8
 DATA	·libc_pipe_trampoline_addr(SB)/8, $libc_pipe_trampoline<>(SB)
 
 TEXT libc_getxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getxattr(SB)
-
 GLOBL	·libc_getxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getxattr_trampoline_addr(SB)/8, $libc_getxattr_trampoline<>(SB)
 
 TEXT libc_fgetxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fgetxattr(SB)
-
 GLOBL	·libc_fgetxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fgetxattr_trampoline_addr(SB)/8, $libc_fgetxattr_trampoline<>(SB)
 
 TEXT libc_setxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setxattr(SB)
-
 GLOBL	·libc_setxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setxattr_trampoline_addr(SB)/8, $libc_setxattr_trampoline<>(SB)
 
 TEXT libc_fsetxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fsetxattr(SB)
-
 GLOBL	·libc_fsetxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fsetxattr_trampoline_addr(SB)/8, $libc_fsetxattr_trampoline<>(SB)
 
 TEXT libc_removexattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_removexattr(SB)
-
 GLOBL	·libc_removexattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_removexattr_trampoline_addr(SB)/8, $libc_removexattr_trampoline<>(SB)
 
 TEXT libc_fremovexattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fremovexattr(SB)
-
 GLOBL	·libc_fremovexattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fremovexattr_trampoline_addr(SB)/8, $libc_fremovexattr_trampoline<>(SB)
 
 TEXT libc_listxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_listxattr(SB)
-
 GLOBL	·libc_listxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_listxattr_trampoline_addr(SB)/8, $libc_listxattr_trampoline<>(SB)
 
 TEXT libc_flistxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_flistxattr(SB)
-
 GLOBL	·libc_flistxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_flistxattr_trampoline_addr(SB)/8, $libc_flistxattr_trampoline<>(SB)
 
 TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimensat(SB)
-
 GLOBL	·libc_utimensat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB)
 
 TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fcntl(SB)
-
 GLOBL	·libc_fcntl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB)
 
 TEXT libc_kill_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_kill(SB)
-
 GLOBL	·libc_kill_trampoline_addr(SB), RODATA, $8
 DATA	·libc_kill_trampoline_addr(SB)/8, $libc_kill_trampoline<>(SB)
 
 TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ioctl(SB)
-
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ioctl_trampoline_addr(SB)/8, $libc_ioctl_trampoline<>(SB)
 
 TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sysctl(SB)
-
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
 TEXT libc_sendfile_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendfile(SB)
-
 GLOBL	·libc_sendfile_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sendfile_trampoline_addr(SB)/8, $libc_sendfile_trampoline<>(SB)
 
 TEXT libc_shmat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shmat(SB)
-
 GLOBL	·libc_shmat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shmat_trampoline_addr(SB)/8, $libc_shmat_trampoline<>(SB)
 
 TEXT libc_shmctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shmctl(SB)
-
 GLOBL	·libc_shmctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shmctl_trampoline_addr(SB)/8, $libc_shmctl_trampoline<>(SB)
 
 TEXT libc_shmdt_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shmdt(SB)
-
 GLOBL	·libc_shmdt_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shmdt_trampoline_addr(SB)/8, $libc_shmdt_trampoline<>(SB)
 
 TEXT libc_shmget_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shmget(SB)
-
 GLOBL	·libc_shmget_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shmget_trampoline_addr(SB)/8, $libc_shmget_trampoline<>(SB)
 
 TEXT libc_access_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_access(SB)
-
 GLOBL	·libc_access_trampoline_addr(SB), RODATA, $8
 DATA	·libc_access_trampoline_addr(SB)/8, $libc_access_trampoline<>(SB)
 
 TEXT libc_adjtime_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_adjtime(SB)
-
 GLOBL	·libc_adjtime_trampoline_addr(SB), RODATA, $8
 DATA	·libc_adjtime_trampoline_addr(SB)/8, $libc_adjtime_trampoline<>(SB)
 
 TEXT libc_chdir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chdir(SB)
-
 GLOBL	·libc_chdir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chdir_trampoline_addr(SB)/8, $libc_chdir_trampoline<>(SB)
 
 TEXT libc_chflags_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chflags(SB)
-
 GLOBL	·libc_chflags_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chflags_trampoline_addr(SB)/8, $libc_chflags_trampoline<>(SB)
 
 TEXT libc_chmod_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chmod(SB)
-
 GLOBL	·libc_chmod_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chmod_trampoline_addr(SB)/8, $libc_chmod_trampoline<>(SB)
 
 TEXT libc_chown_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chown(SB)
-
 GLOBL	·libc_chown_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chown_trampoline_addr(SB)/8, $libc_chown_trampoline<>(SB)
 
 TEXT libc_chroot_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chroot(SB)
-
 GLOBL	·libc_chroot_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chroot_trampoline_addr(SB)/8, $libc_chroot_trampoline<>(SB)
 
 TEXT libc_clock_gettime_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_clock_gettime(SB)
-
 GLOBL	·libc_clock_gettime_trampoline_addr(SB), RODATA, $8
 DATA	·libc_clock_gettime_trampoline_addr(SB)/8, $libc_clock_gettime_trampoline<>(SB)
 
 TEXT libc_close_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_close(SB)
-
 GLOBL	·libc_close_trampoline_addr(SB), RODATA, $8
 DATA	·libc_close_trampoline_addr(SB)/8, $libc_close_trampoline<>(SB)
 
 TEXT libc_clonefile_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_clonefile(SB)
-
 GLOBL	·libc_clonefile_trampoline_addr(SB), RODATA, $8
 DATA	·libc_clonefile_trampoline_addr(SB)/8, $libc_clonefile_trampoline<>(SB)
 
 TEXT libc_clonefileat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_clonefileat(SB)
-
 GLOBL	·libc_clonefileat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_clonefileat_trampoline_addr(SB)/8, $libc_clonefileat_trampoline<>(SB)
 
 TEXT libc_dup_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_dup(SB)
-
 GLOBL	·libc_dup_trampoline_addr(SB), RODATA, $8
 DATA	·libc_dup_trampoline_addr(SB)/8, $libc_dup_trampoline<>(SB)
 
 TEXT libc_dup2_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_dup2(SB)
-
 GLOBL	·libc_dup2_trampoline_addr(SB), RODATA, $8
 DATA	·libc_dup2_trampoline_addr(SB)/8, $libc_dup2_trampoline<>(SB)
 
 TEXT libc_exchangedata_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_exchangedata(SB)
-
 GLOBL	·libc_exchangedata_trampoline_addr(SB), RODATA, $8
 DATA	·libc_exchangedata_trampoline_addr(SB)/8, $libc_exchangedata_trampoline<>(SB)
 
 TEXT libc_exit_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_exit(SB)
-
 GLOBL	·libc_exit_trampoline_addr(SB), RODATA, $8
 DATA	·libc_exit_trampoline_addr(SB)/8, $libc_exit_trampoline<>(SB)
 
 TEXT libc_faccessat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_faccessat(SB)
-
 GLOBL	·libc_faccessat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_faccessat_trampoline_addr(SB)/8, $libc_faccessat_trampoline<>(SB)
 
 TEXT libc_fchdir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchdir(SB)
-
 GLOBL	·libc_fchdir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchdir_trampoline_addr(SB)/8, $libc_fchdir_trampoline<>(SB)
 
 TEXT libc_fchflags_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchflags(SB)
-
 GLOBL	·libc_fchflags_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchflags_trampoline_addr(SB)/8, $libc_fchflags_trampoline<>(SB)
 
 TEXT libc_fchmod_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchmod(SB)
-
 GLOBL	·libc_fchmod_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchmod_trampoline_addr(SB)/8, $libc_fchmod_trampoline<>(SB)
 
 TEXT libc_fchmodat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchmodat(SB)
-
 GLOBL	·libc_fchmodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchmodat_trampoline_addr(SB)/8, $libc_fchmodat_trampoline<>(SB)
 
 TEXT libc_fchown_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchown(SB)
-
 GLOBL	·libc_fchown_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchown_trampoline_addr(SB)/8, $libc_fchown_trampoline<>(SB)
 
 TEXT libc_fchownat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchownat(SB)
-
 GLOBL	·libc_fchownat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchownat_trampoline_addr(SB)/8, $libc_fchownat_trampoline<>(SB)
 
 TEXT libc_fclonefileat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fclonefileat(SB)
-
 GLOBL	·libc_fclonefileat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fclonefileat_trampoline_addr(SB)/8, $libc_fclonefileat_trampoline<>(SB)
 
 TEXT libc_flock_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_flock(SB)
-
 GLOBL	·libc_flock_trampoline_addr(SB), RODATA, $8
 DATA	·libc_flock_trampoline_addr(SB)/8, $libc_flock_trampoline<>(SB)
 
 TEXT libc_fpathconf_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fpathconf(SB)
-
 GLOBL	·libc_fpathconf_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fpathconf_trampoline_addr(SB)/8, $libc_fpathconf_trampoline<>(SB)
 
 TEXT libc_fsync_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fsync(SB)
-
 GLOBL	·libc_fsync_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fsync_trampoline_addr(SB)/8, $libc_fsync_trampoline<>(SB)
 
 TEXT libc_ftruncate_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ftruncate(SB)
-
 GLOBL	·libc_ftruncate_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ftruncate_trampoline_addr(SB)/8, $libc_ftruncate_trampoline<>(SB)
 
 TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getcwd(SB)
-
 GLOBL	·libc_getcwd_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getcwd_trampoline_addr(SB)/8, $libc_getcwd_trampoline<>(SB)
 
 TEXT libc_getdtablesize_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getdtablesize(SB)
-
 GLOBL	·libc_getdtablesize_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getdtablesize_trampoline_addr(SB)/8, $libc_getdtablesize_trampoline<>(SB)
 
 TEXT libc_getegid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getegid(SB)
-
 GLOBL	·libc_getegid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getegid_trampoline_addr(SB)/8, $libc_getegid_trampoline<>(SB)
 
 TEXT libc_geteuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_geteuid(SB)
-
 GLOBL	·libc_geteuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_geteuid_trampoline_addr(SB)/8, $libc_geteuid_trampoline<>(SB)
 
 TEXT libc_getgid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getgid(SB)
-
 GLOBL	·libc_getgid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getgid_trampoline_addr(SB)/8, $libc_getgid_trampoline<>(SB)
 
 TEXT libc_getpgid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpgid(SB)
-
 GLOBL	·libc_getpgid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpgid_trampoline_addr(SB)/8, $libc_getpgid_trampoline<>(SB)
 
 TEXT libc_getpgrp_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpgrp(SB)
-
 GLOBL	·libc_getpgrp_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpgrp_trampoline_addr(SB)/8, $libc_getpgrp_trampoline<>(SB)
 
 TEXT libc_getpid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpid(SB)
-
 GLOBL	·libc_getpid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpid_trampoline_addr(SB)/8, $libc_getpid_trampoline<>(SB)
 
 TEXT libc_getppid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getppid(SB)
-
 GLOBL	·libc_getppid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getppid_trampoline_addr(SB)/8, $libc_getppid_trampoline<>(SB)
 
 TEXT libc_getpriority_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpriority(SB)
-
 GLOBL	·libc_getpriority_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpriority_trampoline_addr(SB)/8, $libc_getpriority_trampoline<>(SB)
 
 TEXT libc_getrlimit_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getrlimit(SB)
-
 GLOBL	·libc_getrlimit_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getrlimit_trampoline_addr(SB)/8, $libc_getrlimit_trampoline<>(SB)
 
 TEXT libc_getrusage_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getrusage(SB)
-
 GLOBL	·libc_getrusage_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getrusage_trampoline_addr(SB)/8, $libc_getrusage_trampoline<>(SB)
 
 TEXT libc_getsid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getsid(SB)
-
 GLOBL	·libc_getsid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getsid_trampoline_addr(SB)/8, $libc_getsid_trampoline<>(SB)
 
 TEXT libc_gettimeofday_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_gettimeofday(SB)
-
 GLOBL	·libc_gettimeofday_trampoline_addr(SB), RODATA, $8
 DATA	·libc_gettimeofday_trampoline_addr(SB)/8, $libc_gettimeofday_trampoline<>(SB)
 
 TEXT libc_getuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getuid(SB)
-
 GLOBL	·libc_getuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getuid_trampoline_addr(SB)/8, $libc_getuid_trampoline<>(SB)
 
 TEXT libc_issetugid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_issetugid(SB)
-
 GLOBL	·libc_issetugid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_issetugid_trampoline_addr(SB)/8, $libc_issetugid_trampoline<>(SB)
 
 TEXT libc_kqueue_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_kqueue(SB)
-
 GLOBL	·libc_kqueue_trampoline_addr(SB), RODATA, $8
 DATA	·libc_kqueue_trampoline_addr(SB)/8, $libc_kqueue_trampoline<>(SB)
 
 TEXT libc_lchown_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_lchown(SB)
-
 GLOBL	·libc_lchown_trampoline_addr(SB), RODATA, $8
 DATA	·libc_lchown_trampoline_addr(SB)/8, $libc_lchown_trampoline<>(SB)
 
 TEXT libc_link_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_link(SB)
-
 GLOBL	·libc_link_trampoline_addr(SB), RODATA, $8
 DATA	·libc_link_trampoline_addr(SB)/8, $libc_link_trampoline<>(SB)
 
 TEXT libc_linkat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_linkat(SB)
-
 GLOBL	·libc_linkat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_linkat_trampoline_addr(SB)/8, $libc_linkat_trampoline<>(SB)
 
 TEXT libc_listen_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_listen(SB)
-
 GLOBL	·libc_listen_trampoline_addr(SB), RODATA, $8
 DATA	·libc_listen_trampoline_addr(SB)/8, $libc_listen_trampoline<>(SB)
 
 TEXT libc_mkdir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mkdir(SB)
-
 GLOBL	·libc_mkdir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mkdir_trampoline_addr(SB)/8, $libc_mkdir_trampoline<>(SB)
 
 TEXT libc_mkdirat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mkdirat(SB)
-
 GLOBL	·libc_mkdirat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mkdirat_trampoline_addr(SB)/8, $libc_mkdirat_trampoline<>(SB)
 
 TEXT libc_mkfifo_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mkfifo(SB)
-
 GLOBL	·libc_mkfifo_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mkfifo_trampoline_addr(SB)/8, $libc_mkfifo_trampoline<>(SB)
 
 TEXT libc_mknod_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mknod(SB)
-
 GLOBL	·libc_mknod_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknod_trampoline_addr(SB)/8, $libc_mknod_trampoline<>(SB)
 
 TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mount(SB)
-
 GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
 
 TEXT libc_open_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_open(SB)
-
 GLOBL	·libc_open_trampoline_addr(SB), RODATA, $8
 DATA	·libc_open_trampoline_addr(SB)/8, $libc_open_trampoline<>(SB)
 
 TEXT libc_openat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_openat(SB)
-
 GLOBL	·libc_openat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_openat_trampoline_addr(SB)/8, $libc_openat_trampoline<>(SB)
 
 TEXT libc_pathconf_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_pathconf(SB)
-
 GLOBL	·libc_pathconf_trampoline_addr(SB), RODATA, $8
 DATA	·libc_pathconf_trampoline_addr(SB)/8, $libc_pathconf_trampoline<>(SB)
 
 TEXT libc_pread_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_pread(SB)
-
 GLOBL	·libc_pread_trampoline_addr(SB), RODATA, $8
 DATA	·libc_pread_trampoline_addr(SB)/8, $libc_pread_trampoline<>(SB)
 
 TEXT libc_pwrite_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_pwrite(SB)
-
 GLOBL	·libc_pwrite_trampoline_addr(SB), RODATA, $8
 DATA	·libc_pwrite_trampoline_addr(SB)/8, $libc_pwrite_trampoline<>(SB)
 
 TEXT libc_read_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_read(SB)
-
 GLOBL	·libc_read_trampoline_addr(SB), RODATA, $8
 DATA	·libc_read_trampoline_addr(SB)/8, $libc_read_trampoline<>(SB)
 
 TEXT libc_readlink_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_readlink(SB)
-
 GLOBL	·libc_readlink_trampoline_addr(SB), RODATA, $8
 DATA	·libc_readlink_trampoline_addr(SB)/8, $libc_readlink_trampoline<>(SB)
 
 TEXT libc_readlinkat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_readlinkat(SB)
-
 GLOBL	·libc_readlinkat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_readlinkat_trampoline_addr(SB)/8, $libc_readlinkat_trampoline<>(SB)
 
 TEXT libc_rename_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_rename(SB)
-
 GLOBL	·libc_rename_trampoline_addr(SB), RODATA, $8
 DATA	·libc_rename_trampoline_addr(SB)/8, $libc_rename_trampoline<>(SB)
 
 TEXT libc_renameat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_renameat(SB)
-
 GLOBL	·libc_renameat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_renameat_trampoline_addr(SB)/8, $libc_renameat_trampoline<>(SB)
 
 TEXT libc_revoke_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_revoke(SB)
-
 GLOBL	·libc_revoke_trampoline_addr(SB), RODATA, $8
 DATA	·libc_revoke_trampoline_addr(SB)/8, $libc_revoke_trampoline<>(SB)
 
 TEXT libc_rmdir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_rmdir(SB)
-
 GLOBL	·libc_rmdir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_rmdir_trampoline_addr(SB)/8, $libc_rmdir_trampoline<>(SB)
 
 TEXT libc_lseek_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_lseek(SB)
-
 GLOBL	·libc_lseek_trampoline_addr(SB), RODATA, $8
 DATA	·libc_lseek_trampoline_addr(SB)/8, $libc_lseek_trampoline<>(SB)
 
 TEXT libc_select_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_select(SB)
-
 GLOBL	·libc_select_trampoline_addr(SB), RODATA, $8
 DATA	·libc_select_trampoline_addr(SB)/8, $libc_select_trampoline<>(SB)
 
@@ -712,192 +595,160 @@ DATA	·libc_setattrlist_trampoline_addr(SB)/8, $libc_setattrlist_trampoline<>(SB
 
 TEXT libc_setegid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setegid(SB)
-
 GLOBL	·libc_setegid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setegid_trampoline_addr(SB)/8, $libc_setegid_trampoline<>(SB)
 
 TEXT libc_seteuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_seteuid(SB)
-
 GLOBL	·libc_seteuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_seteuid_trampoline_addr(SB)/8, $libc_seteuid_trampoline<>(SB)
 
 TEXT libc_setgid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setgid(SB)
-
 GLOBL	·libc_setgid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setgid_trampoline_addr(SB)/8, $libc_setgid_trampoline<>(SB)
 
 TEXT libc_setlogin_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setlogin(SB)
-
 GLOBL	·libc_setlogin_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setlogin_trampoline_addr(SB)/8, $libc_setlogin_trampoline<>(SB)
 
 TEXT libc_setpgid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setpgid(SB)
-
 GLOBL	·libc_setpgid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setpgid_trampoline_addr(SB)/8, $libc_setpgid_trampoline<>(SB)
 
 TEXT libc_setpriority_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setpriority(SB)
-
 GLOBL	·libc_setpriority_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setpriority_trampoline_addr(SB)/8, $libc_setpriority_trampoline<>(SB)
 
 TEXT libc_setprivexec_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setprivexec(SB)
-
 GLOBL	·libc_setprivexec_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setprivexec_trampoline_addr(SB)/8, $libc_setprivexec_trampoline<>(SB)
 
 TEXT libc_setregid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setregid(SB)
-
 GLOBL	·libc_setregid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setregid_trampoline_addr(SB)/8, $libc_setregid_trampoline<>(SB)
 
 TEXT libc_setreuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setreuid(SB)
-
 GLOBL	·libc_setreuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setreuid_trampoline_addr(SB)/8, $libc_setreuid_trampoline<>(SB)
 
 TEXT libc_setsid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setsid(SB)
-
 GLOBL	·libc_setsid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setsid_trampoline_addr(SB)/8, $libc_setsid_trampoline<>(SB)
 
 TEXT libc_settimeofday_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_settimeofday(SB)
-
 GLOBL	·libc_settimeofday_trampoline_addr(SB), RODATA, $8
 DATA	·libc_settimeofday_trampoline_addr(SB)/8, $libc_settimeofday_trampoline<>(SB)
 
 TEXT libc_setuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setuid(SB)
-
 GLOBL	·libc_setuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setuid_trampoline_addr(SB)/8, $libc_setuid_trampoline<>(SB)
 
 TEXT libc_symlink_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_symlink(SB)
-
 GLOBL	·libc_symlink_trampoline_addr(SB), RODATA, $8
 DATA	·libc_symlink_trampoline_addr(SB)/8, $libc_symlink_trampoline<>(SB)
 
 TEXT libc_symlinkat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_symlinkat(SB)
-
 GLOBL	·libc_symlinkat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_symlinkat_trampoline_addr(SB)/8, $libc_symlinkat_trampoline<>(SB)
 
 TEXT libc_sync_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sync(SB)
-
 GLOBL	·libc_sync_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sync_trampoline_addr(SB)/8, $libc_sync_trampoline<>(SB)
 
 TEXT libc_truncate_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_truncate(SB)
-
 GLOBL	·libc_truncate_trampoline_addr(SB), RODATA, $8
 DATA	·libc_truncate_trampoline_addr(SB)/8, $libc_truncate_trampoline<>(SB)
 
 TEXT libc_umask_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_umask(SB)
-
 GLOBL	·libc_umask_trampoline_addr(SB), RODATA, $8
 DATA	·libc_umask_trampoline_addr(SB)/8, $libc_umask_trampoline<>(SB)
 
 TEXT libc_undelete_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_undelete(SB)
-
 GLOBL	·libc_undelete_trampoline_addr(SB), RODATA, $8
 DATA	·libc_undelete_trampoline_addr(SB)/8, $libc_undelete_trampoline<>(SB)
 
 TEXT libc_unlink_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_unlink(SB)
-
 GLOBL	·libc_unlink_trampoline_addr(SB), RODATA, $8
 DATA	·libc_unlink_trampoline_addr(SB)/8, $libc_unlink_trampoline<>(SB)
 
 TEXT libc_unlinkat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_unlinkat(SB)
-
 GLOBL	·libc_unlinkat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_unlinkat_trampoline_addr(SB)/8, $libc_unlinkat_trampoline<>(SB)
 
 TEXT libc_unmount_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_unmount(SB)
-
 GLOBL	·libc_unmount_trampoline_addr(SB), RODATA, $8
 DATA	·libc_unmount_trampoline_addr(SB)/8, $libc_unmount_trampoline<>(SB)
 
 TEXT libc_write_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_write(SB)
-
 GLOBL	·libc_write_trampoline_addr(SB), RODATA, $8
 DATA	·libc_write_trampoline_addr(SB)/8, $libc_write_trampoline<>(SB)
 
 TEXT libc_mmap_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mmap(SB)
-
 GLOBL	·libc_mmap_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mmap_trampoline_addr(SB)/8, $libc_mmap_trampoline<>(SB)
 
 TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_munmap(SB)
-
 GLOBL	·libc_munmap_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
 
 TEXT libc_fstat64_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fstat64(SB)
-
 GLOBL	·libc_fstat64_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fstat64_trampoline_addr(SB)/8, $libc_fstat64_trampoline<>(SB)
 
 TEXT libc_fstatat64_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fstatat64(SB)
-
 GLOBL	·libc_fstatat64_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fstatat64_trampoline_addr(SB)/8, $libc_fstatat64_trampoline<>(SB)
 
 TEXT libc_fstatfs64_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fstatfs64(SB)
-
 GLOBL	·libc_fstatfs64_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fstatfs64_trampoline_addr(SB)/8, $libc_fstatfs64_trampoline<>(SB)
 
 TEXT libc_getfsstat64_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getfsstat64(SB)
-
 GLOBL	·libc_getfsstat64_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getfsstat64_trampoline_addr(SB)/8, $libc_getfsstat64_trampoline<>(SB)
 
 TEXT libc_lstat64_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_lstat64(SB)
-
 GLOBL	·libc_lstat64_trampoline_addr(SB), RODATA, $8
 DATA	·libc_lstat64_trampoline_addr(SB)/8, $libc_lstat64_trampoline<>(SB)
 
 TEXT libc_ptrace_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ptrace(SB)
-
 GLOBL	·libc_ptrace_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ptrace_trampoline_addr(SB)/8, $libc_ptrace_trampoline<>(SB)
 
 TEXT libc_stat64_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_stat64(SB)
-
 GLOBL	·libc_stat64_trampoline_addr(SB), RODATA, $8
 DATA	·libc_stat64_trampoline_addr(SB)/8, $libc_stat64_trampoline<>(SB)
 
 TEXT libc_statfs64_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_statfs64(SB)
-
 GLOBL	·libc_statfs64_trampoline_addr(SB), RODATA, $8
 DATA	·libc_statfs64_trampoline_addr(SB)/8, $libc_statfs64_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
index 51d6f3fb2..b18edbd0e 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
@@ -725,6 +725,12 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
 	return
 }
 
+var libc_ioctl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -733,10 +739,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	return
 }
 
-var libc_ioctl_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_ioctl ioctl "/usr/lib/libSystem.B.dylib"
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
@@ -2410,28 +2412,6 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Fstat(fd int, stat *Stat_t) (err error) {
 	_, _, e1 := syscall_syscall(libc_fstat_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
 	if e1 != 0 {
@@ -2521,14 +2501,6 @@ func ptrace1(request int, pid int, addr uintptr, data uintptr) (err error) {
 	return
 }
 
-func ptrace1Ptr(request int, pid int, addr uintptr, data unsafe.Pointer) (err error) {
-	_, _, e1 := syscall_syscall6(libc_ptrace_trampoline_addr, uintptr(request), uintptr(pid), addr, uintptr(data), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 var libc_ptrace_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_ptrace ptrace "/usr/lib/libSystem.B.dylib"
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
index c3b82c037..08362c1ab 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
@@ -5,703 +5,586 @@
 
 TEXT libc_fdopendir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fdopendir(SB)
-
 GLOBL	·libc_fdopendir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fdopendir_trampoline_addr(SB)/8, $libc_fdopendir_trampoline<>(SB)
 
 TEXT libc_getgroups_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getgroups(SB)
-
 GLOBL	·libc_getgroups_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getgroups_trampoline_addr(SB)/8, $libc_getgroups_trampoline<>(SB)
 
 TEXT libc_setgroups_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setgroups(SB)
-
 GLOBL	·libc_setgroups_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setgroups_trampoline_addr(SB)/8, $libc_setgroups_trampoline<>(SB)
 
 TEXT libc_wait4_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_wait4(SB)
-
 GLOBL	·libc_wait4_trampoline_addr(SB), RODATA, $8
 DATA	·libc_wait4_trampoline_addr(SB)/8, $libc_wait4_trampoline<>(SB)
 
 TEXT libc_accept_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_accept(SB)
-
 GLOBL	·libc_accept_trampoline_addr(SB), RODATA, $8
 DATA	·libc_accept_trampoline_addr(SB)/8, $libc_accept_trampoline<>(SB)
 
 TEXT libc_bind_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_bind(SB)
-
 GLOBL	·libc_bind_trampoline_addr(SB), RODATA, $8
 DATA	·libc_bind_trampoline_addr(SB)/8, $libc_bind_trampoline<>(SB)
 
 TEXT libc_connect_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_connect(SB)
-
 GLOBL	·libc_connect_trampoline_addr(SB), RODATA, $8
 DATA	·libc_connect_trampoline_addr(SB)/8, $libc_connect_trampoline<>(SB)
 
 TEXT libc_socket_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_socket(SB)
-
 GLOBL	·libc_socket_trampoline_addr(SB), RODATA, $8
 DATA	·libc_socket_trampoline_addr(SB)/8, $libc_socket_trampoline<>(SB)
 
 TEXT libc_getsockopt_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getsockopt(SB)
-
 GLOBL	·libc_getsockopt_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getsockopt_trampoline_addr(SB)/8, $libc_getsockopt_trampoline<>(SB)
 
 TEXT libc_setsockopt_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setsockopt(SB)
-
 GLOBL	·libc_setsockopt_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setsockopt_trampoline_addr(SB)/8, $libc_setsockopt_trampoline<>(SB)
 
 TEXT libc_getpeername_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpeername(SB)
-
 GLOBL	·libc_getpeername_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpeername_trampoline_addr(SB)/8, $libc_getpeername_trampoline<>(SB)
 
 TEXT libc_getsockname_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getsockname(SB)
-
 GLOBL	·libc_getsockname_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getsockname_trampoline_addr(SB)/8, $libc_getsockname_trampoline<>(SB)
 
 TEXT libc_shutdown_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shutdown(SB)
-
 GLOBL	·libc_shutdown_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shutdown_trampoline_addr(SB)/8, $libc_shutdown_trampoline<>(SB)
 
 TEXT libc_socketpair_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_socketpair(SB)
-
 GLOBL	·libc_socketpair_trampoline_addr(SB), RODATA, $8
 DATA	·libc_socketpair_trampoline_addr(SB)/8, $libc_socketpair_trampoline<>(SB)
 
 TEXT libc_recvfrom_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_recvfrom(SB)
-
 GLOBL	·libc_recvfrom_trampoline_addr(SB), RODATA, $8
 DATA	·libc_recvfrom_trampoline_addr(SB)/8, $libc_recvfrom_trampoline<>(SB)
 
 TEXT libc_sendto_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendto(SB)
-
 GLOBL	·libc_sendto_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sendto_trampoline_addr(SB)/8, $libc_sendto_trampoline<>(SB)
 
 TEXT libc_recvmsg_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_recvmsg(SB)
-
 GLOBL	·libc_recvmsg_trampoline_addr(SB), RODATA, $8
 DATA	·libc_recvmsg_trampoline_addr(SB)/8, $libc_recvmsg_trampoline<>(SB)
 
 TEXT libc_sendmsg_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendmsg(SB)
-
 GLOBL	·libc_sendmsg_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sendmsg_trampoline_addr(SB)/8, $libc_sendmsg_trampoline<>(SB)
 
 TEXT libc_kevent_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_kevent(SB)
-
 GLOBL	·libc_kevent_trampoline_addr(SB), RODATA, $8
 DATA	·libc_kevent_trampoline_addr(SB)/8, $libc_kevent_trampoline<>(SB)
 
 TEXT libc_utimes_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimes(SB)
-
 GLOBL	·libc_utimes_trampoline_addr(SB), RODATA, $8
 DATA	·libc_utimes_trampoline_addr(SB)/8, $libc_utimes_trampoline<>(SB)
 
 TEXT libc_futimes_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_futimes(SB)
-
 GLOBL	·libc_futimes_trampoline_addr(SB), RODATA, $8
 DATA	·libc_futimes_trampoline_addr(SB)/8, $libc_futimes_trampoline<>(SB)
 
 TEXT libc_poll_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_poll(SB)
-
 GLOBL	·libc_poll_trampoline_addr(SB), RODATA, $8
 DATA	·libc_poll_trampoline_addr(SB)/8, $libc_poll_trampoline<>(SB)
 
 TEXT libc_madvise_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_madvise(SB)
-
 GLOBL	·libc_madvise_trampoline_addr(SB), RODATA, $8
 DATA	·libc_madvise_trampoline_addr(SB)/8, $libc_madvise_trampoline<>(SB)
 
 TEXT libc_mlock_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mlock(SB)
-
 GLOBL	·libc_mlock_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mlock_trampoline_addr(SB)/8, $libc_mlock_trampoline<>(SB)
 
 TEXT libc_mlockall_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mlockall(SB)
-
 GLOBL	·libc_mlockall_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mlockall_trampoline_addr(SB)/8, $libc_mlockall_trampoline<>(SB)
 
 TEXT libc_mprotect_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mprotect(SB)
-
 GLOBL	·libc_mprotect_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mprotect_trampoline_addr(SB)/8, $libc_mprotect_trampoline<>(SB)
 
 TEXT libc_msync_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_msync(SB)
-
 GLOBL	·libc_msync_trampoline_addr(SB), RODATA, $8
 DATA	·libc_msync_trampoline_addr(SB)/8, $libc_msync_trampoline<>(SB)
 
 TEXT libc_munlock_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_munlock(SB)
-
 GLOBL	·libc_munlock_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munlock_trampoline_addr(SB)/8, $libc_munlock_trampoline<>(SB)
 
 TEXT libc_munlockall_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_munlockall(SB)
-
 GLOBL	·libc_munlockall_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munlockall_trampoline_addr(SB)/8, $libc_munlockall_trampoline<>(SB)
 
 TEXT libc_closedir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_closedir(SB)
-
 GLOBL	·libc_closedir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_closedir_trampoline_addr(SB)/8, $libc_closedir_trampoline<>(SB)
 
 TEXT libc_readdir_r_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_readdir_r(SB)
-
 GLOBL	·libc_readdir_r_trampoline_addr(SB), RODATA, $8
 DATA	·libc_readdir_r_trampoline_addr(SB)/8, $libc_readdir_r_trampoline<>(SB)
 
 TEXT libc_pipe_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_pipe(SB)
-
 GLOBL	·libc_pipe_trampoline_addr(SB), RODATA, $8
 DATA	·libc_pipe_trampoline_addr(SB)/8, $libc_pipe_trampoline<>(SB)
 
 TEXT libc_getxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getxattr(SB)
-
 GLOBL	·libc_getxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getxattr_trampoline_addr(SB)/8, $libc_getxattr_trampoline<>(SB)
 
 TEXT libc_fgetxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fgetxattr(SB)
-
 GLOBL	·libc_fgetxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fgetxattr_trampoline_addr(SB)/8, $libc_fgetxattr_trampoline<>(SB)
 
 TEXT libc_setxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setxattr(SB)
-
 GLOBL	·libc_setxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setxattr_trampoline_addr(SB)/8, $libc_setxattr_trampoline<>(SB)
 
 TEXT libc_fsetxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fsetxattr(SB)
-
 GLOBL	·libc_fsetxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fsetxattr_trampoline_addr(SB)/8, $libc_fsetxattr_trampoline<>(SB)
 
 TEXT libc_removexattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_removexattr(SB)
-
 GLOBL	·libc_removexattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_removexattr_trampoline_addr(SB)/8, $libc_removexattr_trampoline<>(SB)
 
 TEXT libc_fremovexattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fremovexattr(SB)
-
 GLOBL	·libc_fremovexattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fremovexattr_trampoline_addr(SB)/8, $libc_fremovexattr_trampoline<>(SB)
 
 TEXT libc_listxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_listxattr(SB)
-
 GLOBL	·libc_listxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_listxattr_trampoline_addr(SB)/8, $libc_listxattr_trampoline<>(SB)
 
 TEXT libc_flistxattr_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_flistxattr(SB)
-
 GLOBL	·libc_flistxattr_trampoline_addr(SB), RODATA, $8
 DATA	·libc_flistxattr_trampoline_addr(SB)/8, $libc_flistxattr_trampoline<>(SB)
 
 TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimensat(SB)
-
 GLOBL	·libc_utimensat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB)
 
 TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fcntl(SB)
-
 GLOBL	·libc_fcntl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB)
 
 TEXT libc_kill_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_kill(SB)
-
 GLOBL	·libc_kill_trampoline_addr(SB), RODATA, $8
 DATA	·libc_kill_trampoline_addr(SB)/8, $libc_kill_trampoline<>(SB)
 
 TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ioctl(SB)
-
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ioctl_trampoline_addr(SB)/8, $libc_ioctl_trampoline<>(SB)
 
 TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sysctl(SB)
-
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
 TEXT libc_sendfile_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendfile(SB)
-
 GLOBL	·libc_sendfile_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sendfile_trampoline_addr(SB)/8, $libc_sendfile_trampoline<>(SB)
 
 TEXT libc_shmat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shmat(SB)
-
 GLOBL	·libc_shmat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shmat_trampoline_addr(SB)/8, $libc_shmat_trampoline<>(SB)
 
 TEXT libc_shmctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shmctl(SB)
-
 GLOBL	·libc_shmctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shmctl_trampoline_addr(SB)/8, $libc_shmctl_trampoline<>(SB)
 
 TEXT libc_shmdt_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shmdt(SB)
-
 GLOBL	·libc_shmdt_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shmdt_trampoline_addr(SB)/8, $libc_shmdt_trampoline<>(SB)
 
 TEXT libc_shmget_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_shmget(SB)
-
 GLOBL	·libc_shmget_trampoline_addr(SB), RODATA, $8
 DATA	·libc_shmget_trampoline_addr(SB)/8, $libc_shmget_trampoline<>(SB)
 
 TEXT libc_access_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_access(SB)
-
 GLOBL	·libc_access_trampoline_addr(SB), RODATA, $8
 DATA	·libc_access_trampoline_addr(SB)/8, $libc_access_trampoline<>(SB)
 
 TEXT libc_adjtime_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_adjtime(SB)
-
 GLOBL	·libc_adjtime_trampoline_addr(SB), RODATA, $8
 DATA	·libc_adjtime_trampoline_addr(SB)/8, $libc_adjtime_trampoline<>(SB)
 
 TEXT libc_chdir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chdir(SB)
-
 GLOBL	·libc_chdir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chdir_trampoline_addr(SB)/8, $libc_chdir_trampoline<>(SB)
 
 TEXT libc_chflags_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chflags(SB)
-
 GLOBL	·libc_chflags_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chflags_trampoline_addr(SB)/8, $libc_chflags_trampoline<>(SB)
 
 TEXT libc_chmod_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chmod(SB)
-
 GLOBL	·libc_chmod_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chmod_trampoline_addr(SB)/8, $libc_chmod_trampoline<>(SB)
 
 TEXT libc_chown_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chown(SB)
-
 GLOBL	·libc_chown_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chown_trampoline_addr(SB)/8, $libc_chown_trampoline<>(SB)
 
 TEXT libc_chroot_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_chroot(SB)
-
 GLOBL	·libc_chroot_trampoline_addr(SB), RODATA, $8
 DATA	·libc_chroot_trampoline_addr(SB)/8, $libc_chroot_trampoline<>(SB)
 
 TEXT libc_clock_gettime_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_clock_gettime(SB)
-
 GLOBL	·libc_clock_gettime_trampoline_addr(SB), RODATA, $8
 DATA	·libc_clock_gettime_trampoline_addr(SB)/8, $libc_clock_gettime_trampoline<>(SB)
 
 TEXT libc_close_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_close(SB)
-
 GLOBL	·libc_close_trampoline_addr(SB), RODATA, $8
 DATA	·libc_close_trampoline_addr(SB)/8, $libc_close_trampoline<>(SB)
 
 TEXT libc_clonefile_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_clonefile(SB)
-
 GLOBL	·libc_clonefile_trampoline_addr(SB), RODATA, $8
 DATA	·libc_clonefile_trampoline_addr(SB)/8, $libc_clonefile_trampoline<>(SB)
 
 TEXT libc_clonefileat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_clonefileat(SB)
-
 GLOBL	·libc_clonefileat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_clonefileat_trampoline_addr(SB)/8, $libc_clonefileat_trampoline<>(SB)
 
 TEXT libc_dup_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_dup(SB)
-
 GLOBL	·libc_dup_trampoline_addr(SB), RODATA, $8
 DATA	·libc_dup_trampoline_addr(SB)/8, $libc_dup_trampoline<>(SB)
 
 TEXT libc_dup2_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_dup2(SB)
-
 GLOBL	·libc_dup2_trampoline_addr(SB), RODATA, $8
 DATA	·libc_dup2_trampoline_addr(SB)/8, $libc_dup2_trampoline<>(SB)
 
 TEXT libc_exchangedata_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_exchangedata(SB)
-
 GLOBL	·libc_exchangedata_trampoline_addr(SB), RODATA, $8
 DATA	·libc_exchangedata_trampoline_addr(SB)/8, $libc_exchangedata_trampoline<>(SB)
 
 TEXT libc_exit_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_exit(SB)
-
 GLOBL	·libc_exit_trampoline_addr(SB), RODATA, $8
 DATA	·libc_exit_trampoline_addr(SB)/8, $libc_exit_trampoline<>(SB)
 
 TEXT libc_faccessat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_faccessat(SB)
-
 GLOBL	·libc_faccessat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_faccessat_trampoline_addr(SB)/8, $libc_faccessat_trampoline<>(SB)
 
 TEXT libc_fchdir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchdir(SB)
-
 GLOBL	·libc_fchdir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchdir_trampoline_addr(SB)/8, $libc_fchdir_trampoline<>(SB)
 
 TEXT libc_fchflags_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchflags(SB)
-
 GLOBL	·libc_fchflags_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchflags_trampoline_addr(SB)/8, $libc_fchflags_trampoline<>(SB)
 
 TEXT libc_fchmod_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchmod(SB)
-
 GLOBL	·libc_fchmod_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchmod_trampoline_addr(SB)/8, $libc_fchmod_trampoline<>(SB)
 
 TEXT libc_fchmodat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchmodat(SB)
-
 GLOBL	·libc_fchmodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchmodat_trampoline_addr(SB)/8, $libc_fchmodat_trampoline<>(SB)
 
 TEXT libc_fchown_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchown(SB)
-
 GLOBL	·libc_fchown_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchown_trampoline_addr(SB)/8, $libc_fchown_trampoline<>(SB)
 
 TEXT libc_fchownat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fchownat(SB)
-
 GLOBL	·libc_fchownat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fchownat_trampoline_addr(SB)/8, $libc_fchownat_trampoline<>(SB)
 
 TEXT libc_fclonefileat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fclonefileat(SB)
-
 GLOBL	·libc_fclonefileat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fclonefileat_trampoline_addr(SB)/8, $libc_fclonefileat_trampoline<>(SB)
 
 TEXT libc_flock_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_flock(SB)
-
 GLOBL	·libc_flock_trampoline_addr(SB), RODATA, $8
 DATA	·libc_flock_trampoline_addr(SB)/8, $libc_flock_trampoline<>(SB)
 
 TEXT libc_fpathconf_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fpathconf(SB)
-
 GLOBL	·libc_fpathconf_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fpathconf_trampoline_addr(SB)/8, $libc_fpathconf_trampoline<>(SB)
 
 TEXT libc_fsync_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fsync(SB)
-
 GLOBL	·libc_fsync_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fsync_trampoline_addr(SB)/8, $libc_fsync_trampoline<>(SB)
 
 TEXT libc_ftruncate_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ftruncate(SB)
-
 GLOBL	·libc_ftruncate_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ftruncate_trampoline_addr(SB)/8, $libc_ftruncate_trampoline<>(SB)
 
 TEXT libc_getcwd_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getcwd(SB)
-
 GLOBL	·libc_getcwd_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getcwd_trampoline_addr(SB)/8, $libc_getcwd_trampoline<>(SB)
 
 TEXT libc_getdtablesize_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getdtablesize(SB)
-
 GLOBL	·libc_getdtablesize_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getdtablesize_trampoline_addr(SB)/8, $libc_getdtablesize_trampoline<>(SB)
 
 TEXT libc_getegid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getegid(SB)
-
 GLOBL	·libc_getegid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getegid_trampoline_addr(SB)/8, $libc_getegid_trampoline<>(SB)
 
 TEXT libc_geteuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_geteuid(SB)
-
 GLOBL	·libc_geteuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_geteuid_trampoline_addr(SB)/8, $libc_geteuid_trampoline<>(SB)
 
 TEXT libc_getgid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getgid(SB)
-
 GLOBL	·libc_getgid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getgid_trampoline_addr(SB)/8, $libc_getgid_trampoline<>(SB)
 
 TEXT libc_getpgid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpgid(SB)
-
 GLOBL	·libc_getpgid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpgid_trampoline_addr(SB)/8, $libc_getpgid_trampoline<>(SB)
 
 TEXT libc_getpgrp_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpgrp(SB)
-
 GLOBL	·libc_getpgrp_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpgrp_trampoline_addr(SB)/8, $libc_getpgrp_trampoline<>(SB)
 
 TEXT libc_getpid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpid(SB)
-
 GLOBL	·libc_getpid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpid_trampoline_addr(SB)/8, $libc_getpid_trampoline<>(SB)
 
 TEXT libc_getppid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getppid(SB)
-
 GLOBL	·libc_getppid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getppid_trampoline_addr(SB)/8, $libc_getppid_trampoline<>(SB)
 
 TEXT libc_getpriority_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getpriority(SB)
-
 GLOBL	·libc_getpriority_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getpriority_trampoline_addr(SB)/8, $libc_getpriority_trampoline<>(SB)
 
 TEXT libc_getrlimit_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getrlimit(SB)
-
 GLOBL	·libc_getrlimit_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getrlimit_trampoline_addr(SB)/8, $libc_getrlimit_trampoline<>(SB)
 
 TEXT libc_getrusage_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getrusage(SB)
-
 GLOBL	·libc_getrusage_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getrusage_trampoline_addr(SB)/8, $libc_getrusage_trampoline<>(SB)
 
 TEXT libc_getsid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getsid(SB)
-
 GLOBL	·libc_getsid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getsid_trampoline_addr(SB)/8, $libc_getsid_trampoline<>(SB)
 
 TEXT libc_gettimeofday_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_gettimeofday(SB)
-
 GLOBL	·libc_gettimeofday_trampoline_addr(SB), RODATA, $8
 DATA	·libc_gettimeofday_trampoline_addr(SB)/8, $libc_gettimeofday_trampoline<>(SB)
 
 TEXT libc_getuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getuid(SB)
-
 GLOBL	·libc_getuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getuid_trampoline_addr(SB)/8, $libc_getuid_trampoline<>(SB)
 
 TEXT libc_issetugid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_issetugid(SB)
-
 GLOBL	·libc_issetugid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_issetugid_trampoline_addr(SB)/8, $libc_issetugid_trampoline<>(SB)
 
 TEXT libc_kqueue_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_kqueue(SB)
-
 GLOBL	·libc_kqueue_trampoline_addr(SB), RODATA, $8
 DATA	·libc_kqueue_trampoline_addr(SB)/8, $libc_kqueue_trampoline<>(SB)
 
 TEXT libc_lchown_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_lchown(SB)
-
 GLOBL	·libc_lchown_trampoline_addr(SB), RODATA, $8
 DATA	·libc_lchown_trampoline_addr(SB)/8, $libc_lchown_trampoline<>(SB)
 
 TEXT libc_link_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_link(SB)
-
 GLOBL	·libc_link_trampoline_addr(SB), RODATA, $8
 DATA	·libc_link_trampoline_addr(SB)/8, $libc_link_trampoline<>(SB)
 
 TEXT libc_linkat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_linkat(SB)
-
 GLOBL	·libc_linkat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_linkat_trampoline_addr(SB)/8, $libc_linkat_trampoline<>(SB)
 
 TEXT libc_listen_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_listen(SB)
-
 GLOBL	·libc_listen_trampoline_addr(SB), RODATA, $8
 DATA	·libc_listen_trampoline_addr(SB)/8, $libc_listen_trampoline<>(SB)
 
 TEXT libc_mkdir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mkdir(SB)
-
 GLOBL	·libc_mkdir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mkdir_trampoline_addr(SB)/8, $libc_mkdir_trampoline<>(SB)
 
 TEXT libc_mkdirat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mkdirat(SB)
-
 GLOBL	·libc_mkdirat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mkdirat_trampoline_addr(SB)/8, $libc_mkdirat_trampoline<>(SB)
 
 TEXT libc_mkfifo_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mkfifo(SB)
-
 GLOBL	·libc_mkfifo_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mkfifo_trampoline_addr(SB)/8, $libc_mkfifo_trampoline<>(SB)
 
 TEXT libc_mknod_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mknod(SB)
-
 GLOBL	·libc_mknod_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknod_trampoline_addr(SB)/8, $libc_mknod_trampoline<>(SB)
 
 TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mount(SB)
-
 GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
 
 TEXT libc_open_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_open(SB)
-
 GLOBL	·libc_open_trampoline_addr(SB), RODATA, $8
 DATA	·libc_open_trampoline_addr(SB)/8, $libc_open_trampoline<>(SB)
 
 TEXT libc_openat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_openat(SB)
-
 GLOBL	·libc_openat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_openat_trampoline_addr(SB)/8, $libc_openat_trampoline<>(SB)
 
 TEXT libc_pathconf_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_pathconf(SB)
-
 GLOBL	·libc_pathconf_trampoline_addr(SB), RODATA, $8
 DATA	·libc_pathconf_trampoline_addr(SB)/8, $libc_pathconf_trampoline<>(SB)
 
 TEXT libc_pread_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_pread(SB)
-
 GLOBL	·libc_pread_trampoline_addr(SB), RODATA, $8
 DATA	·libc_pread_trampoline_addr(SB)/8, $libc_pread_trampoline<>(SB)
 
 TEXT libc_pwrite_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_pwrite(SB)
-
 GLOBL	·libc_pwrite_trampoline_addr(SB), RODATA, $8
 DATA	·libc_pwrite_trampoline_addr(SB)/8, $libc_pwrite_trampoline<>(SB)
 
 TEXT libc_read_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_read(SB)
-
 GLOBL	·libc_read_trampoline_addr(SB), RODATA, $8
 DATA	·libc_read_trampoline_addr(SB)/8, $libc_read_trampoline<>(SB)
 
 TEXT libc_readlink_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_readlink(SB)
-
 GLOBL	·libc_readlink_trampoline_addr(SB), RODATA, $8
 DATA	·libc_readlink_trampoline_addr(SB)/8, $libc_readlink_trampoline<>(SB)
 
 TEXT libc_readlinkat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_readlinkat(SB)
-
 GLOBL	·libc_readlinkat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_readlinkat_trampoline_addr(SB)/8, $libc_readlinkat_trampoline<>(SB)
 
 TEXT libc_rename_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_rename(SB)
-
 GLOBL	·libc_rename_trampoline_addr(SB), RODATA, $8
 DATA	·libc_rename_trampoline_addr(SB)/8, $libc_rename_trampoline<>(SB)
 
 TEXT libc_renameat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_renameat(SB)
-
 GLOBL	·libc_renameat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_renameat_trampoline_addr(SB)/8, $libc_renameat_trampoline<>(SB)
 
 TEXT libc_revoke_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_revoke(SB)
-
 GLOBL	·libc_revoke_trampoline_addr(SB), RODATA, $8
 DATA	·libc_revoke_trampoline_addr(SB)/8, $libc_revoke_trampoline<>(SB)
 
 TEXT libc_rmdir_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_rmdir(SB)
-
 GLOBL	·libc_rmdir_trampoline_addr(SB), RODATA, $8
 DATA	·libc_rmdir_trampoline_addr(SB)/8, $libc_rmdir_trampoline<>(SB)
 
 TEXT libc_lseek_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_lseek(SB)
-
 GLOBL	·libc_lseek_trampoline_addr(SB), RODATA, $8
 DATA	·libc_lseek_trampoline_addr(SB)/8, $libc_lseek_trampoline<>(SB)
 
 TEXT libc_select_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_select(SB)
-
 GLOBL	·libc_select_trampoline_addr(SB), RODATA, $8
 DATA	·libc_select_trampoline_addr(SB)/8, $libc_select_trampoline<>(SB)
 
@@ -712,192 +595,160 @@ DATA	·libc_setattrlist_trampoline_addr(SB)/8, $libc_setattrlist_trampoline<>(SB
 
 TEXT libc_setegid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setegid(SB)
-
 GLOBL	·libc_setegid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setegid_trampoline_addr(SB)/8, $libc_setegid_trampoline<>(SB)
 
 TEXT libc_seteuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_seteuid(SB)
-
 GLOBL	·libc_seteuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_seteuid_trampoline_addr(SB)/8, $libc_seteuid_trampoline<>(SB)
 
 TEXT libc_setgid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setgid(SB)
-
 GLOBL	·libc_setgid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setgid_trampoline_addr(SB)/8, $libc_setgid_trampoline<>(SB)
 
 TEXT libc_setlogin_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setlogin(SB)
-
 GLOBL	·libc_setlogin_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setlogin_trampoline_addr(SB)/8, $libc_setlogin_trampoline<>(SB)
 
 TEXT libc_setpgid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setpgid(SB)
-
 GLOBL	·libc_setpgid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setpgid_trampoline_addr(SB)/8, $libc_setpgid_trampoline<>(SB)
 
 TEXT libc_setpriority_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setpriority(SB)
-
 GLOBL	·libc_setpriority_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setpriority_trampoline_addr(SB)/8, $libc_setpriority_trampoline<>(SB)
 
 TEXT libc_setprivexec_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setprivexec(SB)
-
 GLOBL	·libc_setprivexec_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setprivexec_trampoline_addr(SB)/8, $libc_setprivexec_trampoline<>(SB)
 
 TEXT libc_setregid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setregid(SB)
-
 GLOBL	·libc_setregid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setregid_trampoline_addr(SB)/8, $libc_setregid_trampoline<>(SB)
 
 TEXT libc_setreuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setreuid(SB)
-
 GLOBL	·libc_setreuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setreuid_trampoline_addr(SB)/8, $libc_setreuid_trampoline<>(SB)
 
 TEXT libc_setsid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setsid(SB)
-
 GLOBL	·libc_setsid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setsid_trampoline_addr(SB)/8, $libc_setsid_trampoline<>(SB)
 
 TEXT libc_settimeofday_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_settimeofday(SB)
-
 GLOBL	·libc_settimeofday_trampoline_addr(SB), RODATA, $8
 DATA	·libc_settimeofday_trampoline_addr(SB)/8, $libc_settimeofday_trampoline<>(SB)
 
 TEXT libc_setuid_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_setuid(SB)
-
 GLOBL	·libc_setuid_trampoline_addr(SB), RODATA, $8
 DATA	·libc_setuid_trampoline_addr(SB)/8, $libc_setuid_trampoline<>(SB)
 
 TEXT libc_symlink_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_symlink(SB)
-
 GLOBL	·libc_symlink_trampoline_addr(SB), RODATA, $8
 DATA	·libc_symlink_trampoline_addr(SB)/8, $libc_symlink_trampoline<>(SB)
 
 TEXT libc_symlinkat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_symlinkat(SB)
-
 GLOBL	·libc_symlinkat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_symlinkat_trampoline_addr(SB)/8, $libc_symlinkat_trampoline<>(SB)
 
 TEXT libc_sync_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sync(SB)
-
 GLOBL	·libc_sync_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sync_trampoline_addr(SB)/8, $libc_sync_trampoline<>(SB)
 
 TEXT libc_truncate_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_truncate(SB)
-
 GLOBL	·libc_truncate_trampoline_addr(SB), RODATA, $8
 DATA	·libc_truncate_trampoline_addr(SB)/8, $libc_truncate_trampoline<>(SB)
 
 TEXT libc_umask_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_umask(SB)
-
 GLOBL	·libc_umask_trampoline_addr(SB), RODATA, $8
 DATA	·libc_umask_trampoline_addr(SB)/8, $libc_umask_trampoline<>(SB)
 
 TEXT libc_undelete_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_undelete(SB)
-
 GLOBL	·libc_undelete_trampoline_addr(SB), RODATA, $8
 DATA	·libc_undelete_trampoline_addr(SB)/8, $libc_undelete_trampoline<>(SB)
 
 TEXT libc_unlink_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_unlink(SB)
-
 GLOBL	·libc_unlink_trampoline_addr(SB), RODATA, $8
 DATA	·libc_unlink_trampoline_addr(SB)/8, $libc_unlink_trampoline<>(SB)
 
 TEXT libc_unlinkat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_unlinkat(SB)
-
 GLOBL	·libc_unlinkat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_unlinkat_trampoline_addr(SB)/8, $libc_unlinkat_trampoline<>(SB)
 
 TEXT libc_unmount_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_unmount(SB)
-
 GLOBL	·libc_unmount_trampoline_addr(SB), RODATA, $8
 DATA	·libc_unmount_trampoline_addr(SB)/8, $libc_unmount_trampoline<>(SB)
 
 TEXT libc_write_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_write(SB)
-
 GLOBL	·libc_write_trampoline_addr(SB), RODATA, $8
 DATA	·libc_write_trampoline_addr(SB)/8, $libc_write_trampoline<>(SB)
 
 TEXT libc_mmap_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_mmap(SB)
-
 GLOBL	·libc_mmap_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mmap_trampoline_addr(SB)/8, $libc_mmap_trampoline<>(SB)
 
 TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_munmap(SB)
-
 GLOBL	·libc_munmap_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
 
 TEXT libc_fstat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fstat(SB)
-
 GLOBL	·libc_fstat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fstat_trampoline_addr(SB)/8, $libc_fstat_trampoline<>(SB)
 
 TEXT libc_fstatat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fstatat(SB)
-
 GLOBL	·libc_fstatat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fstatat_trampoline_addr(SB)/8, $libc_fstatat_trampoline<>(SB)
 
 TEXT libc_fstatfs_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_fstatfs(SB)
-
 GLOBL	·libc_fstatfs_trampoline_addr(SB), RODATA, $8
 DATA	·libc_fstatfs_trampoline_addr(SB)/8, $libc_fstatfs_trampoline<>(SB)
 
 TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_getfsstat(SB)
-
 GLOBL	·libc_getfsstat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB)
 
 TEXT libc_lstat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_lstat(SB)
-
 GLOBL	·libc_lstat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_lstat_trampoline_addr(SB)/8, $libc_lstat_trampoline<>(SB)
 
 TEXT libc_ptrace_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ptrace(SB)
-
 GLOBL	·libc_ptrace_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ptrace_trampoline_addr(SB)/8, $libc_ptrace_trampoline<>(SB)
 
 TEXT libc_stat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_stat(SB)
-
 GLOBL	·libc_stat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_stat_trampoline_addr(SB)/8, $libc_stat_trampoline<>(SB)
 
 TEXT libc_statfs_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_statfs(SB)
-
 GLOBL	·libc_statfs_trampoline_addr(SB), RODATA, $8
 DATA	·libc_statfs_trampoline_addr(SB)/8, $libc_statfs_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go
index 0eabac7ad..0c67df64a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go
@@ -1642,28 +1642,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error) {
 	r0, _, e1 := Syscall6(SYS_ACCEPT4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
 	nfd = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go
index ee313eb00..e6e05d145 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go
@@ -1862,28 +1862,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error) {
 	r0, _, e1 := Syscall6(SYS_ACCEPT4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
 	nfd = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go
index 4c986e448..7508accac 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go
@@ -1862,28 +1862,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error) {
 	r0, _, e1 := Syscall6(SYS_ACCEPT4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
 	nfd = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go
index 555216944..7b56aead4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go
@@ -1862,28 +1862,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error) {
 	r0, _, e1 := Syscall6(SYS_ACCEPT4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
 	nfd = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go
index 67a226fbf..cc623dcaa 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go
@@ -1862,28 +1862,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error) {
 	r0, _, e1 := Syscall6(SYS_ACCEPT4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
 	nfd = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go
index f0b9ddaaa..581849197 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go
@@ -1862,28 +1862,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func accept4(fd int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (nfd int, err error) {
 	r0, _, e1 := Syscall6(SYS_ACCEPT4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
 	nfd = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go
index b57c7050d..6be25cd19 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go
@@ -40,7 +40,7 @@ func readv(fd int, iovs []Iovec) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procreadv)), 3, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(iovs)), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -55,7 +55,7 @@ func preadv(fd int, iovs []Iovec, off int64) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procpreadv)), 4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(iovs)), uintptr(off), 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -70,7 +70,7 @@ func writev(fd int, iovs []Iovec) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procwritev)), 3, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(iovs)), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -85,7 +85,7 @@ func pwritev(fd int, iovs []Iovec, off int64) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procpwritev)), 4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(iovs)), uintptr(off), 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -96,7 +96,7 @@ func accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int,
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procaccept4)), 4, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags), 0, 0)
 	fd = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 14ab34a56..1ff3aec74 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -1734,28 +1734,6 @@ func exitThread(code int) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, p *byte, np int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(p)), uintptr(np))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, p *byte, np int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(p)), uintptr(np))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func readv(fd int, iovs []Iovec) (n int, err error) {
 	var _p0 unsafe.Pointer
 	if len(iovs) > 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
index 35f499b32..2df3c5bac 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
@@ -1824,28 +1824,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
index 3cda65b0d..a60556bab 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
@@ -1824,28 +1824,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
index 1e1fea902..9f788917a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
@@ -1824,28 +1824,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
index 3b77da110..82a4cb2dc 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
@@ -1824,28 +1824,6 @@ func munmap(addr uintptr, length uintptr) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := Syscall(SYS_WRITE, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
index 9ab9abf72..66b3b6456 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
@@ -549,6 +549,12 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
 	return
 }
 
+var libc_ioctl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -557,10 +563,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	return
 }
 
-var libc_ioctl_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
@@ -2211,28 +2213,6 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
index 915761eab..c5c4cc112 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
@@ -2213,28 +2213,6 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
index 8e87fdf15..93bfbb328 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
@@ -549,6 +549,12 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
 	return
 }
 
+var libc_ioctl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -557,10 +563,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	return
 }
 
-var libc_ioctl_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
@@ -2211,28 +2213,6 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
index 12a7a2160..a107b8fda 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
@@ -549,6 +549,12 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
 	return
 }
 
+var libc_ioctl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -557,10 +563,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	return
 }
 
-var libc_ioctl_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
@@ -2211,28 +2213,6 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
index b19e8aa03..c427de509 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
@@ -549,6 +549,12 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
 	return
 }
 
+var libc_ioctl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -557,10 +563,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	return
 }
 
-var libc_ioctl_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
@@ -2211,28 +2213,6 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
index fb99594c9..60c1a99ae 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
@@ -549,6 +549,12 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
 	return
 }
 
+var libc_ioctl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -557,10 +563,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	return
 }
 
-var libc_ioctl_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
@@ -2211,28 +2213,6 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
index 32cbbbc52..52eba360f 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
@@ -549,6 +549,12 @@ func ioctl(fd int, req uint, arg uintptr) (err error) {
 	return
 }
 
+var libc_ioctl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	_, _, e1 := syscall_syscall(libc_ioctl_trampoline_addr, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
@@ -557,10 +563,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 	return
 }
 
-var libc_ioctl_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_ioctl ioctl "libc.so"
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
@@ -2211,28 +2213,6 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_read_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func writelen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(libc_write_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
index 609d1c598..b40189464 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
@@ -436,7 +436,7 @@ func pipe(p *[2]_C_int) (n int, err error) {
 	r0, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procpipe)), 1, uintptr(unsafe.Pointer(p)), 0, 0, 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -446,7 +446,7 @@ func pipe(p *[2]_C_int) (n int, err error) {
 func pipe2(p *[2]_C_int, flags int) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procpipe2)), 2, uintptr(unsafe.Pointer(p)), uintptr(flags), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -456,7 +456,7 @@ func pipe2(p *[2]_C_int, flags int) (err error) {
 func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procgetsockname)), 3, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -471,7 +471,7 @@ func Getcwd(buf []byte) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procGetcwd)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(len(buf)), 0, 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -482,7 +482,7 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) {
 	r0, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procgetgroups)), 2, uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0, 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -492,7 +492,7 @@ func getgroups(ngid int, gid *_Gid_t) (n int, err error) {
 func setgroups(ngid int, gid *_Gid_t) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procsetgroups)), 2, uintptr(ngid), uintptr(unsafe.Pointer(gid)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -503,7 +503,7 @@ func wait4(pid int32, statusp *_C_int, options int, rusage *Rusage) (wpid int32,
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procwait4)), 4, uintptr(pid), uintptr(unsafe.Pointer(statusp)), uintptr(options), uintptr(unsafe.Pointer(rusage)), 0, 0)
 	wpid = int32(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -518,7 +518,7 @@ func gethostname(buf []byte) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procgethostname)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(len(buf)), 0, 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -533,7 +533,7 @@ func utimes(path string, times *[2]Timeval) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procutimes)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(times)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -548,7 +548,7 @@ func utimensat(fd int, path string, times *[2]Timespec, flag int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procutimensat)), 4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(times)), uintptr(flag), 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -559,7 +559,7 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procfcntl)), 3, uintptr(fd), uintptr(cmd), uintptr(arg), 0, 0, 0)
 	val = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -569,7 +569,7 @@ func fcntl(fd int, cmd int, arg int) (val int, err error) {
 func futimesat(fildes int, path *byte, times *[2]Timeval) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procfutimesat)), 3, uintptr(fildes), uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(times)), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -580,7 +580,7 @@ func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procaccept)), 3, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), 0, 0, 0)
 	fd = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -591,7 +591,7 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&proc__xnet_recvmsg)), 3, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -602,7 +602,7 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&proc__xnet_sendmsg)), 3, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -612,7 +612,7 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
 func acct(path *byte) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procacct)), 1, uintptr(unsafe.Pointer(path)), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -647,7 +647,7 @@ func ioctlRet(fd int, req int, arg uintptr) (ret int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procioctl)), 3, uintptr(fd), uintptr(req), uintptr(arg), 0, 0, 0)
 	ret = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -658,7 +658,7 @@ func ioctlPtrRet(fd int, req int, arg unsafe.Pointer) (ret int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procioctl)), 3, uintptr(fd), uintptr(req), uintptr(arg), 0, 0, 0)
 	ret = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -669,7 +669,7 @@ func poll(fds *PollFd, nfds int, timeout int) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procpoll)), 3, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(timeout), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -684,7 +684,7 @@ func Access(path string, mode uint32) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procAccess)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -694,7 +694,7 @@ func Access(path string, mode uint32) (err error) {
 func Adjtime(delta *Timeval, olddelta *Timeval) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procAdjtime)), 2, uintptr(unsafe.Pointer(delta)), uintptr(unsafe.Pointer(olddelta)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -709,7 +709,7 @@ func Chdir(path string) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procChdir)), 1, uintptr(unsafe.Pointer(_p0)), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -724,7 +724,7 @@ func Chmod(path string, mode uint32) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procChmod)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -739,7 +739,7 @@ func Chown(path string, uid int, gid int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procChown)), 3, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -754,7 +754,7 @@ func Chroot(path string) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procChroot)), 1, uintptr(unsafe.Pointer(_p0)), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -764,7 +764,7 @@ func Chroot(path string) (err error) {
 func ClockGettime(clockid int32, time *Timespec) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procClockGettime)), 2, uintptr(clockid), uintptr(unsafe.Pointer(time)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -774,7 +774,7 @@ func ClockGettime(clockid int32, time *Timespec) (err error) {
 func Close(fd int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procClose)), 1, uintptr(fd), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -790,7 +790,7 @@ func Creat(path string, mode uint32) (fd int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procCreat)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0, 0, 0, 0)
 	fd = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -801,7 +801,7 @@ func Dup(fd int) (nfd int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procDup)), 1, uintptr(fd), 0, 0, 0, 0, 0)
 	nfd = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -811,7 +811,7 @@ func Dup(fd int) (nfd int, err error) {
 func Dup2(oldfd int, newfd int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procDup2)), 2, uintptr(oldfd), uintptr(newfd), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -833,7 +833,7 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFaccessat)), 4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -843,7 +843,7 @@ func Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
 func Fchdir(fd int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFchdir)), 1, uintptr(fd), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -853,7 +853,7 @@ func Fchdir(fd int) (err error) {
 func Fchmod(fd int, mode uint32) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFchmod)), 2, uintptr(fd), uintptr(mode), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -868,7 +868,7 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFchmodat)), 4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -878,7 +878,7 @@ func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
 func Fchown(fd int, uid int, gid int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFchown)), 3, uintptr(fd), uintptr(uid), uintptr(gid), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -893,7 +893,7 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFchownat)), 5, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), uintptr(flags), 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -903,7 +903,7 @@ func Fchownat(dirfd int, path string, uid int, gid int, flags int) (err error) {
 func Fdatasync(fd int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFdatasync)), 1, uintptr(fd), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -913,7 +913,7 @@ func Fdatasync(fd int) (err error) {
 func Flock(fd int, how int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFlock)), 2, uintptr(fd), uintptr(how), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -924,7 +924,7 @@ func Fpathconf(fd int, name int) (val int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFpathconf)), 2, uintptr(fd), uintptr(name), 0, 0, 0, 0)
 	val = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -934,7 +934,7 @@ func Fpathconf(fd int, name int) (val int, err error) {
 func Fstat(fd int, stat *Stat_t) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFstat)), 2, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -949,7 +949,7 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFstatat)), 4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags), 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -959,7 +959,7 @@ func Fstatat(fd int, path string, stat *Stat_t, flags int) (err error) {
 func Fstatvfs(fd int, vfsstat *Statvfs_t) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFstatvfs)), 2, uintptr(fd), uintptr(unsafe.Pointer(vfsstat)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -974,7 +974,7 @@ func Getdents(fd int, buf []byte, basep *uintptr) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procGetdents)), 4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(buf)), uintptr(unsafe.Pointer(basep)), 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1001,7 +1001,7 @@ func Getpgid(pid int) (pgid int, err error) {
 	r0, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procGetpgid)), 1, uintptr(pid), 0, 0, 0, 0, 0)
 	pgid = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1012,7 +1012,7 @@ func Getpgrp() (pgid int, err error) {
 	r0, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procGetpgrp)), 0, 0, 0, 0, 0, 0, 0)
 	pgid = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1047,7 +1047,7 @@ func Getpriority(which int, who int) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procGetpriority)), 2, uintptr(which), uintptr(who), 0, 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1057,7 +1057,7 @@ func Getpriority(which int, who int) (n int, err error) {
 func Getrlimit(which int, lim *Rlimit) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procGetrlimit)), 2, uintptr(which), uintptr(unsafe.Pointer(lim)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1067,7 +1067,7 @@ func Getrlimit(which int, lim *Rlimit) (err error) {
 func Getrusage(who int, rusage *Rusage) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procGetrusage)), 2, uintptr(who), uintptr(unsafe.Pointer(rusage)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1078,7 +1078,7 @@ func Getsid(pid int) (sid int, err error) {
 	r0, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procGetsid)), 1, uintptr(pid), 0, 0, 0, 0, 0)
 	sid = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1088,7 +1088,7 @@ func Getsid(pid int) (sid int, err error) {
 func Gettimeofday(tv *Timeval) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procGettimeofday)), 1, uintptr(unsafe.Pointer(tv)), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1106,7 +1106,7 @@ func Getuid() (uid int) {
 func Kill(pid int, signum syscall.Signal) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procKill)), 2, uintptr(pid), uintptr(signum), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1121,7 +1121,7 @@ func Lchown(path string, uid int, gid int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procLchown)), 3, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1141,7 +1141,7 @@ func Link(path string, link string) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procLink)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1151,7 +1151,7 @@ func Link(path string, link string) (err error) {
 func Listen(s int, backlog int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&proc__xnet_llisten)), 2, uintptr(s), uintptr(backlog), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1166,7 +1166,7 @@ func Lstat(path string, stat *Stat_t) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procLstat)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1180,7 +1180,7 @@ func Madvise(b []byte, advice int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMadvise)), 3, uintptr(unsafe.Pointer(_p0)), uintptr(len(b)), uintptr(advice), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1195,7 +1195,7 @@ func Mkdir(path string, mode uint32) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMkdir)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1210,7 +1210,7 @@ func Mkdirat(dirfd int, path string, mode uint32) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMkdirat)), 3, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1225,7 +1225,7 @@ func Mkfifo(path string, mode uint32) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMkfifo)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1240,7 +1240,7 @@ func Mkfifoat(dirfd int, path string, mode uint32) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMkfifoat)), 3, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1255,7 +1255,7 @@ func Mknod(path string, mode uint32, dev int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMknod)), 3, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1270,7 +1270,7 @@ func Mknodat(dirfd int, path string, mode uint32, dev int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMknodat)), 4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev), 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1284,7 +1284,7 @@ func Mlock(b []byte) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMlock)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(len(b)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1294,7 +1294,7 @@ func Mlock(b []byte) (err error) {
 func Mlockall(flags int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMlockall)), 1, uintptr(flags), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1308,7 +1308,7 @@ func Mprotect(b []byte, prot int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMprotect)), 3, uintptr(unsafe.Pointer(_p0)), uintptr(len(b)), uintptr(prot), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1322,7 +1322,7 @@ func Msync(b []byte, flags int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMsync)), 3, uintptr(unsafe.Pointer(_p0)), uintptr(len(b)), uintptr(flags), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1336,7 +1336,7 @@ func Munlock(b []byte) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMunlock)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(len(b)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1346,7 +1346,7 @@ func Munlock(b []byte) (err error) {
 func Munlockall() (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procMunlockall)), 0, 0, 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1356,7 +1356,7 @@ func Munlockall() (err error) {
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procNanosleep)), 2, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1372,7 +1372,7 @@ func Open(path string, mode int, perm uint32) (fd int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procOpen)), 3, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm), 0, 0, 0)
 	fd = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1388,7 +1388,7 @@ func Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error)
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procOpenat)), 4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), uintptr(mode), 0, 0)
 	fd = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1404,7 +1404,7 @@ func Pathconf(path string, name int) (val int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procPathconf)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(name), 0, 0, 0, 0)
 	val = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1414,7 +1414,7 @@ func Pathconf(path string, name int) (val int, err error) {
 func Pause() (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procPause)), 0, 0, 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1429,7 +1429,7 @@ func pread(fd int, p []byte, offset int64) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procpread)), 4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(p)), uintptr(offset), 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1444,7 +1444,7 @@ func pwrite(fd int, p []byte, offset int64) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procpwrite)), 4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(p)), uintptr(offset), 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1459,7 +1459,7 @@ func read(fd int, p []byte) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procread)), 3, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(p)), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1479,7 +1479,7 @@ func Readlink(path string, buf []byte) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procReadlink)), 3, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(len(buf)), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1499,7 +1499,7 @@ func Rename(from string, to string) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procRename)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1519,7 +1519,7 @@ func Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err e
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procRenameat)), 4, uintptr(olddirfd), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)), 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1534,7 +1534,7 @@ func Rmdir(path string) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procRmdir)), 1, uintptr(unsafe.Pointer(_p0)), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1545,7 +1545,7 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&proclseek)), 3, uintptr(fd), uintptr(offset), uintptr(whence), 0, 0, 0)
 	newoffset = int64(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1556,7 +1556,7 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procSelect)), 5, uintptr(nfd), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1566,7 +1566,7 @@ func Select(nfd int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (n int, err
 func Setegid(egid int) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetegid)), 1, uintptr(egid), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1576,7 +1576,7 @@ func Setegid(egid int) (err error) {
 func Seteuid(euid int) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSeteuid)), 1, uintptr(euid), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1586,7 +1586,7 @@ func Seteuid(euid int) (err error) {
 func Setgid(gid int) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetgid)), 1, uintptr(gid), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1600,7 +1600,7 @@ func Sethostname(p []byte) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procSethostname)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(len(p)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1610,7 +1610,7 @@ func Sethostname(p []byte) (err error) {
 func Setpgid(pid int, pgid int) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetpgid)), 2, uintptr(pid), uintptr(pgid), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1620,7 +1620,7 @@ func Setpgid(pid int, pgid int) (err error) {
 func Setpriority(which int, who int, prio int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procSetpriority)), 3, uintptr(which), uintptr(who), uintptr(prio), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1630,7 +1630,7 @@ func Setpriority(which int, who int, prio int) (err error) {
 func Setregid(rgid int, egid int) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetregid)), 2, uintptr(rgid), uintptr(egid), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1640,7 +1640,7 @@ func Setregid(rgid int, egid int) (err error) {
 func Setreuid(ruid int, euid int) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetreuid)), 2, uintptr(ruid), uintptr(euid), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1651,7 +1651,7 @@ func Setsid() (pid int, err error) {
 	r0, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetsid)), 0, 0, 0, 0, 0, 0, 0)
 	pid = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1661,7 +1661,7 @@ func Setsid() (pid int, err error) {
 func Setuid(uid int) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetuid)), 1, uintptr(uid), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1671,7 +1671,7 @@ func Setuid(uid int) (err error) {
 func Shutdown(s int, how int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procshutdown)), 2, uintptr(s), uintptr(how), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1686,7 +1686,7 @@ func Stat(path string, stat *Stat_t) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procStat)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1701,7 +1701,7 @@ func Statvfs(path string, vfsstat *Statvfs_t) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procStatvfs)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(vfsstat)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1721,7 +1721,7 @@ func Symlink(path string, link string) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procSymlink)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1731,7 +1731,7 @@ func Symlink(path string, link string) (err error) {
 func Sync() (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procSync)), 0, 0, 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1742,7 +1742,7 @@ func Sysconf(which int) (n int64, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procSysconf)), 1, uintptr(which), 0, 0, 0, 0, 0)
 	n = int64(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1753,7 +1753,7 @@ func Times(tms *Tms) (ticks uintptr, err error) {
 	r0, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procTimes)), 1, uintptr(unsafe.Pointer(tms)), 0, 0, 0, 0, 0)
 	ticks = uintptr(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1768,7 +1768,7 @@ func Truncate(path string, length int64) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procTruncate)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(length), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1778,7 +1778,7 @@ func Truncate(path string, length int64) (err error) {
 func Fsync(fd int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFsync)), 1, uintptr(fd), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1788,7 +1788,7 @@ func Fsync(fd int) (err error) {
 func Ftruncate(fd int, length int64) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procFtruncate)), 2, uintptr(fd), uintptr(length), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1806,7 +1806,7 @@ func Umask(mask int) (oldmask int) {
 func Uname(buf *Utsname) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procUname)), 1, uintptr(unsafe.Pointer(buf)), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1821,7 +1821,7 @@ func Unmount(target string, flags int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procumount)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1836,7 +1836,7 @@ func Unlink(path string) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procUnlink)), 1, uintptr(unsafe.Pointer(_p0)), 0, 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1851,7 +1851,7 @@ func Unlinkat(dirfd int, path string, flags int) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procUnlinkat)), 3, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1861,7 +1861,7 @@ func Unlinkat(dirfd int, path string, flags int) (err error) {
 func Ustat(dev int, ubuf *Ustat_t) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procUstat)), 2, uintptr(dev), uintptr(unsafe.Pointer(ubuf)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1876,7 +1876,7 @@ func Utime(path string, buf *Utimbuf) (err error) {
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procUtime)), 2, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(buf)), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1886,7 +1886,7 @@ func Utime(path string, buf *Utimbuf) (err error) {
 func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&proc__xnet_bind)), 3, uintptr(s), uintptr(addr), uintptr(addrlen), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1896,7 +1896,7 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
 func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&proc__xnet_connect)), 3, uintptr(s), uintptr(addr), uintptr(addrlen), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1907,7 +1907,7 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procmmap)), 6, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
 	ret = uintptr(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1917,7 +1917,7 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (
 func munmap(addr uintptr, length uintptr) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procmunmap)), 2, uintptr(addr), uintptr(length), 0, 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1928,7 +1928,7 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procsendfile)), 4, uintptr(outfd), uintptr(infd), uintptr(unsafe.Pointer(offset)), uintptr(count), 0, 0)
 	written = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1942,7 +1942,7 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (
 	}
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&proc__xnet_sendto)), 6, uintptr(s), uintptr(unsafe.Pointer(_p0)), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1953,7 +1953,7 @@ func socket(domain int, typ int, proto int) (fd int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&proc__xnet_socket)), 3, uintptr(domain), uintptr(typ), uintptr(proto), 0, 0, 0)
 	fd = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1963,7 +1963,7 @@ func socket(domain int, typ int, proto int) (fd int, err error) {
 func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&proc__xnet_socketpair)), 4, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1978,7 +1978,7 @@ func write(fd int, p []byte) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procwrite)), 3, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(p)), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1988,7 +1988,7 @@ func write(fd int, p []byte) (n int, err error) {
 func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&proc__xnet_getsockopt)), 5, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -1998,7 +1998,7 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen
 func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procgetpeername)), 3, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), 0, 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2008,7 +2008,7 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
 func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procsetsockopt)), 5, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2023,7 +2023,7 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procrecvfrom)), 6, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2034,7 +2034,7 @@ func port_create() (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_create)), 0, 0, 0, 0, 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2045,7 +2045,7 @@ func port_associate(port int, source int, object uintptr, events int, user *byte
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_associate)), 5, uintptr(port), uintptr(source), uintptr(object), uintptr(events), uintptr(unsafe.Pointer(user)), 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2056,7 +2056,7 @@ func port_dissociate(port int, source int, object uintptr) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_dissociate)), 3, uintptr(port), uintptr(source), uintptr(object), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2067,7 +2067,7 @@ func port_get(port int, pe *portEvent, timeout *Timespec) (n int, err error) {
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_get)), 3, uintptr(port), uintptr(unsafe.Pointer(pe)), uintptr(unsafe.Pointer(timeout)), 0, 0, 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2078,7 +2078,7 @@ func port_getn(port int, pe *portEvent, max uint32, nget *uint32, timeout *Times
 	r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_getn)), 5, uintptr(port), uintptr(unsafe.Pointer(pe)), uintptr(max), uintptr(unsafe.Pointer(nget)), uintptr(unsafe.Pointer(timeout)), 0)
 	n = int(r0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2088,7 +2088,7 @@ func port_getn(port int, pe *portEvent, max uint32, nget *uint32, timeout *Times
 func putmsg(fd int, clptr *strbuf, dataptr *strbuf, flags int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procputmsg)), 4, uintptr(fd), uintptr(unsafe.Pointer(clptr)), uintptr(unsafe.Pointer(dataptr)), uintptr(flags), 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2098,7 +2098,7 @@ func putmsg(fd int, clptr *strbuf, dataptr *strbuf, flags int) (err error) {
 func getmsg(fd int, clptr *strbuf, dataptr *strbuf, flags *int) (err error) {
 	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procgetmsg)), 4, uintptr(fd), uintptr(unsafe.Pointer(clptr)), uintptr(unsafe.Pointer(dataptr)), uintptr(unsafe.Pointer(flags)), 0, 0)
 	if e1 != 0 {
-		err = e1
+		err = errnoErr(e1)
 	}
 	return
 }
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
index c31681743..1d8fe1d4b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
@@ -40,17 +40,6 @@ func read(fd int, p []byte) (n int, err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func readlen(fd int, buf *byte, nbuf int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(SYS_READ, uintptr(fd), uintptr(unsafe.Pointer(buf)), uintptr(nbuf))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func write(fd int, p []byte) (n int, err error) {
 	var _p0 unsafe.Pointer
 	if len(p) > 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
index c9c4ad031..9862853d3 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
@@ -447,4 +447,5 @@ const (
 	SYS_PROCESS_MRELEASE             = 448
 	SYS_FUTEX_WAITV                  = 449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 450
+	SYS_CACHESTAT                    = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
index 12ff3417c..8901f0f4e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
@@ -369,4 +369,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 448
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
+	SYS_CACHESTAT               = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
index c3fb5e77a..6902c37ee 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
@@ -411,4 +411,5 @@ const (
 	SYS_PROCESS_MRELEASE             = 448
 	SYS_FUTEX_WAITV                  = 449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 450
+	SYS_CACHESTAT                    = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
index 358c847a4..a6d3dff81 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
@@ -314,4 +314,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 448
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
+	SYS_CACHESTAT               = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
index 81c4849b1..b18f3f710 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
@@ -308,4 +308,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 448
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
+	SYS_CACHESTAT               = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
index 202a57e90..0302e5e3d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
@@ -431,4 +431,5 @@ const (
 	SYS_PROCESS_MRELEASE             = 4448
 	SYS_FUTEX_WAITV                  = 4449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 4450
+	SYS_CACHESTAT                    = 4451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
index 1fbceb52d..6693ba4a0 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
@@ -361,4 +361,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 5448
 	SYS_FUTEX_WAITV             = 5449
 	SYS_SET_MEMPOLICY_HOME_NODE = 5450
+	SYS_CACHESTAT               = 5451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
index b4ffb7a20..fd93f4987 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
@@ -361,4 +361,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 5448
 	SYS_FUTEX_WAITV             = 5449
 	SYS_SET_MEMPOLICY_HOME_NODE = 5450
+	SYS_CACHESTAT               = 5451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
index 867985f9b..760ddcadc 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
@@ -431,4 +431,5 @@ const (
 	SYS_PROCESS_MRELEASE             = 4448
 	SYS_FUTEX_WAITV                  = 4449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 4450
+	SYS_CACHESTAT                    = 4451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
index a8cce69ed..cff2b2555 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
@@ -438,4 +438,5 @@ const (
 	SYS_PROCESS_MRELEASE             = 448
 	SYS_FUTEX_WAITV                  = 449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 450
+	SYS_CACHESTAT                    = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
index d44c5b39d..a4b2405d0 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
@@ -410,4 +410,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 448
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
+	SYS_CACHESTAT               = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
index 4214dd9c0..aca54b4e3 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
@@ -410,4 +410,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 448
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
+	SYS_CACHESTAT               = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index ef285c567..9d1738d64 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -315,4 +315,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 448
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
+	SYS_CACHESTAT               = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index e6ed7d637..022878dc8 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -376,4 +376,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 448
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
+	SYS_CACHESTAT               = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
index 92f628ef4..4100a761c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
@@ -389,4 +389,5 @@ const (
 	SYS_PROCESS_MRELEASE        = 448
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
+	SYS_CACHESTAT               = 451
 )
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 494493c78..18aa70b42 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -1977,7 +1977,7 @@ const (
 	NFT_MSG_GETFLOWTABLE              = 0x17
 	NFT_MSG_DELFLOWTABLE              = 0x18
 	NFT_MSG_GETRULE_RESET             = 0x19
-	NFT_MSG_MAX                       = 0x21
+	NFT_MSG_MAX                       = 0x22
 	NFTA_LIST_UNSPEC                  = 0x0
 	NFTA_LIST_ELEM                    = 0x1
 	NFTA_HOOK_UNSPEC                  = 0x0
@@ -4499,7 +4499,7 @@ const (
 	NL80211_ATTR_MAC_HINT                                   = 0xc8
 	NL80211_ATTR_MAC_MASK                                   = 0xd7
 	NL80211_ATTR_MAX_AP_ASSOC_STA                           = 0xca
-	NL80211_ATTR_MAX                                        = 0x145
+	NL80211_ATTR_MAX                                        = 0x146
 	NL80211_ATTR_MAX_CRIT_PROT_DURATION                     = 0xb4
 	NL80211_ATTR_MAX_CSA_COUNTERS                           = 0xce
 	NL80211_ATTR_MAX_MATCH_SETS                             = 0x85
@@ -4869,7 +4869,7 @@ const (
 	NL80211_CMD_LEAVE_IBSS                                  = 0x2c
 	NL80211_CMD_LEAVE_MESH                                  = 0x45
 	NL80211_CMD_LEAVE_OCB                                   = 0x6d
-	NL80211_CMD_MAX                                         = 0x99
+	NL80211_CMD_MAX                                         = 0x9a
 	NL80211_CMD_MICHAEL_MIC_FAILURE                         = 0x29
 	NL80211_CMD_MODIFY_LINK_STA                             = 0x97
 	NL80211_CMD_NAN_MATCH                                   = 0x78
@@ -5503,7 +5503,7 @@ const (
 	NL80211_RATE_INFO_HE_RU_ALLOC_52                        = 0x1
 	NL80211_RATE_INFO_HE_RU_ALLOC_996                       = 0x5
 	NL80211_RATE_INFO_HE_RU_ALLOC                           = 0x11
-	NL80211_RATE_INFO_MAX                                   = 0x16
+	NL80211_RATE_INFO_MAX                                   = 0x1d
 	NL80211_RATE_INFO_MCS                                   = 0x2
 	NL80211_RATE_INFO_SHORT_GI                              = 0x4
 	NL80211_RATE_INFO_VHT_MCS                               = 0x6
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
index 83c69c119..1b4c97c32 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
@@ -733,6 +733,10 @@ const (
 	RISCV_HWPROBE_KEY_IMA_EXT_0          = 0x4
 	RISCV_HWPROBE_IMA_FD                 = 0x1
 	RISCV_HWPROBE_IMA_C                  = 0x2
+	RISCV_HWPROBE_IMA_V                  = 0x4
+	RISCV_HWPROBE_EXT_ZBA                = 0x8
+	RISCV_HWPROBE_EXT_ZBB                = 0x10
+	RISCV_HWPROBE_EXT_ZBS                = 0x20
 	RISCV_HWPROBE_KEY_CPUPERF_0          = 0x5
 	RISCV_HWPROBE_MISALIGNED_UNKNOWN     = 0x0
 	RISCV_HWPROBE_MISALIGNED_EMULATED    = 0x1
diff --git a/vendor/golang.org/x/sys/windows/exec_windows.go b/vendor/golang.org/x/sys/windows/exec_windows.go
index a52e0331d..9cabbb694 100644
--- a/vendor/golang.org/x/sys/windows/exec_windows.go
+++ b/vendor/golang.org/x/sys/windows/exec_windows.go
@@ -22,7 +22,7 @@ import (
 //     but only if there is space or tab inside s.
 func EscapeArg(s string) string {
 	if len(s) == 0 {
-		return "\"\""
+		return `""`
 	}
 	n := len(s)
 	hasSpace := false
@@ -35,7 +35,7 @@ func EscapeArg(s string) string {
 		}
 	}
 	if hasSpace {
-		n += 2
+		n += 2 // Reserve space for quotes.
 	}
 	if n == len(s) {
 		return s
@@ -82,20 +82,68 @@ func EscapeArg(s string) string {
 // in CreateProcess's CommandLine argument, CreateService/ChangeServiceConfig's BinaryPathName argument,
 // or any program that uses CommandLineToArgv.
 func ComposeCommandLine(args []string) string {
-	var commandLine string
-	for i := range args {
-		if i > 0 {
-			commandLine += " "
+	if len(args) == 0 {
+		return ""
+	}
+
+	// Per https://learn.microsoft.com/en-us/windows/win32/api/shellapi/nf-shellapi-commandlinetoargvw:
+	// “This function accepts command lines that contain a program name; the
+	// program name can be enclosed in quotation marks or not.”
+	//
+	// Unfortunately, it provides no means of escaping interior quotation marks
+	// within that program name, and we have no way to report them here.
+	prog := args[0]
+	mustQuote := len(prog) == 0
+	for i := 0; i < len(prog); i++ {
+		c := prog[i]
+		if c <= ' ' || (c == '"' && i == 0) {
+			// Force quotes for not only the ASCII space and tab as described in the
+			// MSDN article, but also ASCII control characters.
+			// The documentation for CommandLineToArgvW doesn't say what happens when
+			// the first argument is not a valid program name, but it empirically
+			// seems to drop unquoted control characters.
+			mustQuote = true
+			break
+		}
+	}
+	var commandLine []byte
+	if mustQuote {
+		commandLine = make([]byte, 0, len(prog)+2)
+		commandLine = append(commandLine, '"')
+		for i := 0; i < len(prog); i++ {
+			c := prog[i]
+			if c == '"' {
+				// This quote would interfere with our surrounding quotes.
+				// We have no way to report an error, so just strip out
+				// the offending character instead.
+				continue
+			}
+			commandLine = append(commandLine, c)
 		}
-		commandLine += EscapeArg(args[i])
+		commandLine = append(commandLine, '"')
+	} else {
+		if len(args) == 1 {
+			// args[0] is a valid command line representing itself.
+			// No need to allocate a new slice or string for it.
+			return prog
+		}
+		commandLine = []byte(prog)
 	}
-	return commandLine
+
+	for _, arg := range args[1:] {
+		commandLine = append(commandLine, ' ')
+		// TODO(bcmills): since we're already appending to a slice, it would be nice
+		// to avoid the intermediate allocations of EscapeArg.
+		// Perhaps we can factor out an appendEscapedArg function.
+		commandLine = append(commandLine, EscapeArg(arg)...)
+	}
+	return string(commandLine)
 }
 
 // DecomposeCommandLine breaks apart its argument command line into unescaped parts using CommandLineToArgv,
 // as gathered from GetCommandLine, QUERY_SERVICE_CONFIG's BinaryPathName argument, or elsewhere that
 // command lines are passed around.
-// DecomposeCommandLine returns error if commandLine contains NUL.
+// DecomposeCommandLine returns an error if commandLine contains NUL.
 func DecomposeCommandLine(commandLine string) ([]string, error) {
 	if len(commandLine) == 0 {
 		return []string{}, nil
@@ -105,18 +153,35 @@ func DecomposeCommandLine(commandLine string) ([]string, error) {
 		return nil, errorspkg.New("string with NUL passed to DecomposeCommandLine")
 	}
 	var argc int32
-	argv, err := CommandLineToArgv(&utf16CommandLine[0], &argc)
+	argv, err := commandLineToArgv(&utf16CommandLine[0], &argc)
 	if err != nil {
 		return nil, err
 	}
 	defer LocalFree(Handle(unsafe.Pointer(argv)))
+
 	var args []string
-	for _, v := range (*argv)[:argc] {
-		args = append(args, UTF16ToString((*v)[:]))
+	for _, p := range unsafe.Slice(argv, argc) {
+		args = append(args, UTF16PtrToString(p))
 	}
 	return args, nil
 }
 
+// CommandLineToArgv parses a Unicode command line string and sets
+// argc to the number of parsed arguments.
+//
+// The returned memory should be freed using a single call to LocalFree.
+//
+// Note that although the return type of CommandLineToArgv indicates 8192
+// entries of up to 8192 characters each, the actual count of parsed arguments
+// may exceed 8192, and the documentation for CommandLineToArgvW does not mention
+// any bound on the lengths of the individual argument strings.
+// (See https://go.dev/issue/63236.)
+func CommandLineToArgv(cmd *uint16, argc *int32) (argv *[8192]*[8192]uint16, err error) {
+	argp, err := commandLineToArgv(cmd, argc)
+	argv = (*[8192]*[8192]uint16)(unsafe.Pointer(argp))
+	return argv, err
+}
+
 func CloseOnExec(fd Handle) {
 	SetHandleInformation(Handle(fd), HANDLE_FLAG_INHERIT, 0)
 }
diff --git a/vendor/golang.org/x/sys/windows/security_windows.go b/vendor/golang.org/x/sys/windows/security_windows.go
index d414ef13b..26be94a8a 100644
--- a/vendor/golang.org/x/sys/windows/security_windows.go
+++ b/vendor/golang.org/x/sys/windows/security_windows.go
@@ -7,8 +7,6 @@ package windows
 import (
 	"syscall"
 	"unsafe"
-
-	"golang.org/x/sys/internal/unsafeheader"
 )
 
 const (
@@ -1341,21 +1339,14 @@ func (selfRelativeSD *SECURITY_DESCRIPTOR) copySelfRelativeSecurityDescriptor()
 		sdLen = min
 	}
 
-	var src []byte
-	h := (*unsafeheader.Slice)(unsafe.Pointer(&src))
-	h.Data = unsafe.Pointer(selfRelativeSD)
-	h.Len = sdLen
-	h.Cap = sdLen
-
+	src := unsafe.Slice((*byte)(unsafe.Pointer(selfRelativeSD)), sdLen)
+	// SECURITY_DESCRIPTOR has pointers in it, which means checkptr expects for it to
+	// be aligned properly. When we're copying a Windows-allocated struct to a
+	// Go-allocated one, make sure that the Go allocation is aligned to the
+	// pointer size.
 	const psize = int(unsafe.Sizeof(uintptr(0)))
-
-	var dst []byte
-	h = (*unsafeheader.Slice)(unsafe.Pointer(&dst))
 	alloc := make([]uintptr, (sdLen+psize-1)/psize)
-	h.Data = (*unsafeheader.Slice)(unsafe.Pointer(&alloc)).Data
-	h.Len = sdLen
-	h.Cap = sdLen
-
+	dst := unsafe.Slice((*byte)(unsafe.Pointer(&alloc[0])), sdLen)
 	copy(dst, src)
 	return (*SECURITY_DESCRIPTOR)(unsafe.Pointer(&dst[0]))
 }
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 67bad0926..35cfc57ca 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -15,8 +15,6 @@ import (
 	"time"
 	"unicode/utf16"
 	"unsafe"
-
-	"golang.org/x/sys/internal/unsafeheader"
 )
 
 type Handle uintptr
@@ -240,7 +238,7 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	SetFileAttributes(name *uint16, attrs uint32) (err error) = kernel32.SetFileAttributesW
 //sys	GetFileAttributesEx(name *uint16, level uint32, info *byte) (err error) = kernel32.GetFileAttributesExW
 //sys	GetCommandLine() (cmd *uint16) = kernel32.GetCommandLineW
-//sys	CommandLineToArgv(cmd *uint16, argc *int32) (argv *[8192]*[8192]uint16, err error) [failretval==nil] = shell32.CommandLineToArgvW
+//sys	commandLineToArgv(cmd *uint16, argc *int32) (argv **uint16, err error) [failretval==nil] = shell32.CommandLineToArgvW
 //sys	LocalFree(hmem Handle) (handle Handle, err error) [failretval!=0]
 //sys	LocalAlloc(flags uint32, length uint32) (ptr uintptr, err error)
 //sys	SetHandleInformation(handle Handle, mask uint32, flags uint32) (err error)
@@ -299,12 +297,15 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	RegNotifyChangeKeyValue(key Handle, watchSubtree bool, notifyFilter uint32, event Handle, asynchronous bool) (regerrno error) = advapi32.RegNotifyChangeKeyValue
 //sys	GetCurrentProcessId() (pid uint32) = kernel32.GetCurrentProcessId
 //sys	ProcessIdToSessionId(pid uint32, sessionid *uint32) (err error) = kernel32.ProcessIdToSessionId
+//sys	ClosePseudoConsole(console Handle) = kernel32.ClosePseudoConsole
+//sys	createPseudoConsole(size uint32, in Handle, out Handle, flags uint32, pconsole *Handle) (hr error) = kernel32.CreatePseudoConsole
 //sys	GetConsoleMode(console Handle, mode *uint32) (err error) = kernel32.GetConsoleMode
 //sys	SetConsoleMode(console Handle, mode uint32) (err error) = kernel32.SetConsoleMode
 //sys	GetConsoleScreenBufferInfo(console Handle, info *ConsoleScreenBufferInfo) (err error) = kernel32.GetConsoleScreenBufferInfo
 //sys	setConsoleCursorPosition(console Handle, position uint32) (err error) = kernel32.SetConsoleCursorPosition
 //sys	WriteConsole(console Handle, buf *uint16, towrite uint32, written *uint32, reserved *byte) (err error) = kernel32.WriteConsoleW
 //sys	ReadConsole(console Handle, buf *uint16, toread uint32, read *uint32, inputControl *byte) (err error) = kernel32.ReadConsoleW
+//sys	resizePseudoConsole(pconsole Handle, size uint32) (hr error) = kernel32.ResizePseudoConsole
 //sys	CreateToolhelp32Snapshot(flags uint32, processId uint32) (handle Handle, err error) [failretval==InvalidHandle] = kernel32.CreateToolhelp32Snapshot
 //sys	Module32First(snapshot Handle, moduleEntry *ModuleEntry32) (err error) = kernel32.Module32FirstW
 //sys	Module32Next(snapshot Handle, moduleEntry *ModuleEntry32) (err error) = kernel32.Module32NextW
@@ -1667,12 +1668,8 @@ func NewNTUnicodeString(s string) (*NTUnicodeString, error) {
 
 // Slice returns a uint16 slice that aliases the data in the NTUnicodeString.
 func (s *NTUnicodeString) Slice() []uint16 {
-	var slice []uint16
-	hdr := (*unsafeheader.Slice)(unsafe.Pointer(&slice))
-	hdr.Data = unsafe.Pointer(s.Buffer)
-	hdr.Len = int(s.Length)
-	hdr.Cap = int(s.MaximumLength)
-	return slice
+	slice := unsafe.Slice(s.Buffer, s.MaximumLength)
+	return slice[:s.Length]
 }
 
 func (s *NTUnicodeString) String() string {
@@ -1695,12 +1692,8 @@ func NewNTString(s string) (*NTString, error) {
 
 // Slice returns a byte slice that aliases the data in the NTString.
 func (s *NTString) Slice() []byte {
-	var slice []byte
-	hdr := (*unsafeheader.Slice)(unsafe.Pointer(&slice))
-	hdr.Data = unsafe.Pointer(s.Buffer)
-	hdr.Len = int(s.Length)
-	hdr.Cap = int(s.MaximumLength)
-	return slice
+	slice := unsafe.Slice(s.Buffer, s.MaximumLength)
+	return slice[:s.Length]
 }
 
 func (s *NTString) String() string {
@@ -1752,10 +1745,7 @@ func LoadResourceData(module, resInfo Handle) (data []byte, err error) {
 	if err != nil {
 		return
 	}
-	h := (*unsafeheader.Slice)(unsafe.Pointer(&data))
-	h.Data = unsafe.Pointer(ptr)
-	h.Len = int(size)
-	h.Cap = int(size)
+	data = unsafe.Slice((*byte)(unsafe.Pointer(ptr)), size)
 	return
 }
 
@@ -1826,3 +1816,17 @@ type PSAPI_WORKING_SET_EX_INFORMATION struct {
 	// A PSAPI_WORKING_SET_EX_BLOCK union that indicates the attributes of the page at VirtualAddress.
 	VirtualAttributes PSAPI_WORKING_SET_EX_BLOCK
 }
+
+// CreatePseudoConsole creates a windows pseudo console.
+func CreatePseudoConsole(size Coord, in Handle, out Handle, flags uint32, pconsole *Handle) error {
+	// We need this wrapper to manually cast Coord to uint32. The autogenerated wrappers only
+	// accept arguments that can be casted to uintptr, and Coord can't.
+	return createPseudoConsole(*((*uint32)(unsafe.Pointer(&size))), in, out, flags, pconsole)
+}
+
+// ResizePseudoConsole resizes the internal buffers of the pseudo console to the width and height specified in `size`.
+func ResizePseudoConsole(pconsole Handle, size Coord) error {
+	// We need this wrapper to manually cast Coord to uint32. The autogenerated wrappers only
+	// accept arguments that can be casted to uintptr, and Coord can't.
+	return resizePseudoConsole(pconsole, *((*uint32)(unsafe.Pointer(&size))))
+}
diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go
index 88e62a638..b88dc7c85 100644
--- a/vendor/golang.org/x/sys/windows/types_windows.go
+++ b/vendor/golang.org/x/sys/windows/types_windows.go
@@ -247,6 +247,7 @@ const (
 	PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY = 0x00020007
 	PROC_THREAD_ATTRIBUTE_UMS_THREAD        = 0x00030006
 	PROC_THREAD_ATTRIBUTE_PROTECTION_LEVEL  = 0x0002000b
+	PROC_THREAD_ATTRIBUTE_PSEUDOCONSOLE     = 0x00020016
 )
 
 const (
@@ -2139,6 +2140,12 @@ const (
 	ENABLE_LVB_GRID_WORLDWIDE          = 0x10
 )
 
+// Pseudo console related constants used for the flags parameter to
+// CreatePseudoConsole. See: https://learn.microsoft.com/en-us/windows/console/createpseudoconsole
+const (
+	PSEUDOCONSOLE_INHERIT_CURSOR = 0x1
+)
+
 type Coord struct {
 	X int16
 	Y int16
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index 5c385580f..8b1688de4 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -188,6 +188,7 @@ var (
 	procCancelIo                                             = modkernel32.NewProc("CancelIo")
 	procCancelIoEx                                           = modkernel32.NewProc("CancelIoEx")
 	procCloseHandle                                          = modkernel32.NewProc("CloseHandle")
+	procClosePseudoConsole                                   = modkernel32.NewProc("ClosePseudoConsole")
 	procConnectNamedPipe                                     = modkernel32.NewProc("ConnectNamedPipe")
 	procCreateDirectoryW                                     = modkernel32.NewProc("CreateDirectoryW")
 	procCreateEventExW                                       = modkernel32.NewProc("CreateEventExW")
@@ -202,6 +203,7 @@ var (
 	procCreateNamedPipeW                                     = modkernel32.NewProc("CreateNamedPipeW")
 	procCreatePipe                                           = modkernel32.NewProc("CreatePipe")
 	procCreateProcessW                                       = modkernel32.NewProc("CreateProcessW")
+	procCreatePseudoConsole                                  = modkernel32.NewProc("CreatePseudoConsole")
 	procCreateSymbolicLinkW                                  = modkernel32.NewProc("CreateSymbolicLinkW")
 	procCreateToolhelp32Snapshot                             = modkernel32.NewProc("CreateToolhelp32Snapshot")
 	procDefineDosDeviceW                                     = modkernel32.NewProc("DefineDosDeviceW")
@@ -328,6 +330,7 @@ var (
 	procReleaseMutex                                         = modkernel32.NewProc("ReleaseMutex")
 	procRemoveDirectoryW                                     = modkernel32.NewProc("RemoveDirectoryW")
 	procResetEvent                                           = modkernel32.NewProc("ResetEvent")
+	procResizePseudoConsole                                  = modkernel32.NewProc("ResizePseudoConsole")
 	procResumeThread                                         = modkernel32.NewProc("ResumeThread")
 	procSetCommTimeouts                                      = modkernel32.NewProc("SetCommTimeouts")
 	procSetConsoleCursorPosition                             = modkernel32.NewProc("SetConsoleCursorPosition")
@@ -1633,6 +1636,11 @@ func CloseHandle(handle Handle) (err error) {
 	return
 }
 
+func ClosePseudoConsole(console Handle) {
+	syscall.Syscall(procClosePseudoConsole.Addr(), 1, uintptr(console), 0, 0)
+	return
+}
+
 func ConnectNamedPipe(pipe Handle, overlapped *Overlapped) (err error) {
 	r1, _, e1 := syscall.Syscall(procConnectNamedPipe.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(overlapped)), 0)
 	if r1 == 0 {
@@ -1762,6 +1770,14 @@ func CreateProcess(appName *uint16, commandLine *uint16, procSecurity *SecurityA
 	return
 }
 
+func createPseudoConsole(size uint32, in Handle, out Handle, flags uint32, pconsole *Handle) (hr error) {
+	r0, _, _ := syscall.Syscall6(procCreatePseudoConsole.Addr(), 5, uintptr(size), uintptr(in), uintptr(out), uintptr(flags), uintptr(unsafe.Pointer(pconsole)), 0)
+	if r0 != 0 {
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
 func CreateSymbolicLink(symlinkfilename *uint16, targetfilename *uint16, flags uint32) (err error) {
 	r1, _, e1 := syscall.Syscall(procCreateSymbolicLinkW.Addr(), 3, uintptr(unsafe.Pointer(symlinkfilename)), uintptr(unsafe.Pointer(targetfilename)), uintptr(flags))
 	if r1&0xff == 0 {
@@ -2862,6 +2878,14 @@ func ResetEvent(event Handle) (err error) {
 	return
 }
 
+func resizePseudoConsole(pconsole Handle, size uint32) (hr error) {
+	r0, _, _ := syscall.Syscall(procResizePseudoConsole.Addr(), 2, uintptr(pconsole), uintptr(size), 0)
+	if r0 != 0 {
+		hr = syscall.Errno(r0)
+	}
+	return
+}
+
 func ResumeThread(thread Handle) (ret uint32, err error) {
 	r0, _, e1 := syscall.Syscall(procResumeThread.Addr(), 1, uintptr(thread), 0, 0)
 	ret = uint32(r0)
@@ -3820,9 +3844,9 @@ func setupUninstallOEMInf(infFileName *uint16, flags SUOI, reserved uintptr) (er
 	return
 }
 
-func CommandLineToArgv(cmd *uint16, argc *int32) (argv *[8192]*[8192]uint16, err error) {
+func commandLineToArgv(cmd *uint16, argc *int32) (argv **uint16, err error) {
 	r0, _, e1 := syscall.Syscall(procCommandLineToArgvW.Addr(), 2, uintptr(unsafe.Pointer(cmd)), uintptr(unsafe.Pointer(argc)), 0)
-	argv = (*[8192]*[8192]uint16)(unsafe.Pointer(r0))
+	argv = (**uint16)(unsafe.Pointer(r0))
 	if argv == nil {
 		err = errnoErr(e1)
 	}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 38e6d2786..3e494f7bc 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -135,7 +135,7 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.13.0
+# golang.org/x/crypto v0.14.0
 ## explicit; go 1.17
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
@@ -157,10 +157,9 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 ## explicit; go 1.17
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.12.0
+# golang.org/x/sys v0.13.0
 ## explicit; go 1.17
 golang.org/x/sys/cpu
-golang.org/x/sys/internal/unsafeheader
 golang.org/x/sys/unix
 golang.org/x/sys/windows
 # golang.org/x/text v0.13.0

From f930541b691ca9a6edb6f0af04c7ee2e5c5a31f6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Oct 2023 15:42:37 +0000
Subject: [PATCH 44/73] build(deps): bump github.com/prometheus/client_golang

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.16.0...v1.17.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |   11 +-
 go.sum                                        |   21 +-
 .../client_golang/prometheus/counter.go       |   26 +-
 .../client_golang/prometheus/desc.go          |   28 +-
 .../prometheus/expvar_collector.go            |    2 +-
 .../client_golang/prometheus/gauge.go         |    8 +-
 .../client_golang/prometheus/histogram.go     |  118 +-
 .../prometheus/internal/difflib.go            |    2 +-
 .../client_golang/prometheus/labels.go        |   58 +-
 .../client_golang/prometheus/metric.go        |    3 +
 .../client_golang/prometheus/promauto/auto.go |    6 +-
 .../prometheus/promhttp/instrument_server.go  |    9 +-
 .../client_golang/prometheus/registry.go      |    6 +-
 .../client_golang/prometheus/summary.go       |   41 +-
 .../client_golang/prometheus/value.go         |   55 +-
 .../client_golang/prometheus/vec.go           |  106 +-
 .../prometheus/client_model/go/metrics.pb.go  |  347 +++---
 .../prometheus/common/expfmt/decode.go        |    5 +-
 .../prometheus/common/expfmt/encode.go        |   13 +-
 .../prometheus/common/expfmt/expfmt.go        |   26 +-
 .../prometheus/common/expfmt/text_parse.go    |    2 +-
 .../prometheus/procfs/.golangci.yml           |    3 +
 .../prometheus/procfs/Makefile.common         |    8 +-
 vendor/github.com/prometheus/procfs/README.md |    4 +-
 vendor/github.com/prometheus/procfs/arp.go    |    6 +-
 .../github.com/prometheus/procfs/buddyinfo.go |    6 +-
 .../github.com/prometheus/procfs/cpuinfo.go   |   17 +-
 vendor/github.com/prometheus/procfs/crypto.go |    7 +-
 vendor/github.com/prometheus/procfs/fs.go     |    8 +-
 .../prometheus/procfs/fs_statfs_notype.go     |    4 +-
 .../prometheus/procfs/fs_statfs_type.go       |    4 +-
 .../github.com/prometheus/procfs/fscache.go   |    6 +-
 vendor/github.com/prometheus/procfs/ipvs.go   |    7 +-
 .../github.com/prometheus/procfs/loadavg.go   |    4 +-
 vendor/github.com/prometheus/procfs/mdstat.go |   36 +-
 .../github.com/prometheus/procfs/meminfo.go   |    4 +-
 .../github.com/prometheus/procfs/mountinfo.go |   10 +-
 .../prometheus/procfs/mountstats.go           |   32 +-
 .../prometheus/procfs/net_conntrackstat.go    |    7 +-
 .../prometheus/procfs/net_ip_socket.go        |   32 +-
 .../prometheus/procfs/net_protocols.go        |    4 +-
 .../github.com/prometheus/procfs/net_route.go |  143 +++
 .../prometheus/procfs/net_sockstat.go         |    9 +-
 .../prometheus/procfs/net_softnet.go          |    4 +-
 .../github.com/prometheus/procfs/net_unix.go  |   16 +-
 .../prometheus/procfs/net_wireless.go         |   28 +-
 .../github.com/prometheus/procfs/net_xfrm.go  |    2 +-
 vendor/github.com/prometheus/procfs/proc.go   |   17 +-
 .../prometheus/procfs/proc_cgroup.go          |    4 +-
 .../prometheus/procfs/proc_cgroups.go         |    8 +-
 .../prometheus/procfs/proc_fdinfo.go          |    2 +-
 .../prometheus/procfs/proc_interrupts.go      |    2 +-
 .../prometheus/procfs/proc_limits.go          |    4 +-
 .../github.com/prometheus/procfs/proc_maps.go |    8 +-
 .../prometheus/procfs/proc_netstat.go         |    4 +-
 .../github.com/prometheus/procfs/proc_ns.go   |    6 +-
 .../github.com/prometheus/procfs/proc_psi.go  |    6 +-
 .../prometheus/procfs/proc_smaps.go           |    4 +-
 .../github.com/prometheus/procfs/proc_snmp.go |    4 +-
 .../github.com/prometheus/procfs/proc_stat.go |    2 +-
 .../github.com/prometheus/procfs/proc_sys.go  |    2 +-
 vendor/github.com/prometheus/procfs/slab.go   |    2 +-
 .../github.com/prometheus/procfs/softirqs.go  |   24 +-
 vendor/github.com/prometheus/procfs/stat.go   |   28 +-
 vendor/github.com/prometheus/procfs/swaps.go  |    8 +-
 vendor/github.com/prometheus/procfs/thread.go |    8 +-
 vendor/github.com/prometheus/procfs/vm.go     |    2 +-
 .../github.com/prometheus/procfs/zoneinfo.go  |    4 +-
 .../protobuf/encoding/prototext/encode.go     |   14 +-
 .../protobuf/internal/encoding/text/encode.go |   10 +-
 .../protobuf/internal/genid/descriptor_gen.go |   48 +
 .../protobuf/internal/genid/type_gen.go       |    6 +
 .../protobuf/internal/order/order.go          |    2 +-
 .../protobuf/internal/version/version.go      |    2 +-
 .../google.golang.org/protobuf/proto/size.go  |   10 +-
 .../reflect/protoreflect/source_gen.go        |   27 +
 .../types/descriptorpb/descriptor.pb.go       | 1011 +++++++++++------
 .../types/known/timestamppb/timestamp.pb.go   |    2 +-
 vendor/modules.txt                            |   14 +-
 79 files changed, 1647 insertions(+), 952 deletions(-)
 create mode 100644 vendor/github.com/prometheus/procfs/net_route.go

diff --git a/go.mod b/go.mod
index 038f50cb2..4b2de267c 100644
--- a/go.mod
+++ b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
 	github.com/mattn/go-sqlite3 v1.14.17
-	github.com/prometheus/client_golang v1.16.0
+	github.com/prometheus/client_golang v1.17.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
 	golang.org/x/crypto v0.14.0
@@ -28,16 +28,15 @@ require (
 	github.com/kylelemons/go-gypsy v1.0.0 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
 	github.com/pelletier/go-toml v1.9.3 // indirect
-	github.com/prometheus/client_model v0.4.0 // indirect
-	github.com/prometheus/common v0.42.0 // indirect
-	github.com/prometheus/procfs v0.10.1 // indirect
-	github.com/rogpeppe/go-internal v1.10.0 // indirect
+	github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 // indirect
+	github.com/prometheus/common v0.44.0 // indirect
+	github.com/prometheus/procfs v0.11.1 // indirect
 	github.com/stretchr/testify v1.8.4 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.10.0 // indirect
 	golang.org/x/sys v0.13.0 // indirect
 	golang.org/x/text v0.13.0 // indirect
-	google.golang.org/protobuf v1.30.0 // indirect
+	google.golang.org/protobuf v1.31.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
 )
diff --git a/go.sum b/go.sum
index b0dfb5d7e..f7c4a407b 100644
--- a/go.sum
+++ b/go.sum
@@ -280,30 +280,29 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
 github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8=
-github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc=
+github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q=
+github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY=
-github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU=
+github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 h1:v7DLqVdK4VrYkVD5diGdl4sxJurKJEMnODWRJlxV9oM=
+github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
 github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
 github.com/prometheus/common v0.31.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
-github.com/prometheus/common v0.42.0 h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM=
-github.com/prometheus/common v0.42.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc=
+github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY=
+github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
 github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
 github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
-github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg=
-github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM=
+github.com/prometheus/procfs v0.11.1 h1:xRC8Iq1yyca5ypa9n1EZnWZkt7dwcoRPQwX/5gwaUuI=
+github.com/prometheus/procfs v0.11.1/go.mod h1:eesXgaPo1q7lBpVMoMy0ZOFTth9hBn4W/y0/p/ScXhY=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
-github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
 github.com/schollz/closestmatch v2.1.0+incompatible/go.mod h1:RtP1ddjLong6gTkbtmuhtR2uUrrJOpYzYRvbcPAid+g=
@@ -679,8 +678,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.30.0 h1:kPPoIgf3TsEvrm0PFe15JQ+570QVxYzEvvHqChK+cng=
-google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/counter.go b/vendor/github.com/prometheus/client_golang/prometheus/counter.go
index 62de4dc59..4ce84e7a8 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/counter.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/counter.go
@@ -20,6 +20,7 @@ import (
 	"time"
 
 	dto "github.com/prometheus/client_model/go"
+	"google.golang.org/protobuf/types/known/timestamppb"
 )
 
 // Counter is a Metric that represents a single numerical value that only ever
@@ -66,7 +67,7 @@ type CounterVecOpts struct {
 	CounterOpts
 
 	// VariableLabels are used to partition the metric vector by the given set
-	// of labels. Each label value will be constrained with the optional Contraint
+	// of labels. Each label value will be constrained with the optional Constraint
 	// function, if provided.
 	VariableLabels ConstrainableLabels
 }
@@ -90,8 +91,12 @@ func NewCounter(opts CounterOpts) Counter {
 		nil,
 		opts.ConstLabels,
 	)
-	result := &counter{desc: desc, labelPairs: desc.constLabelPairs, now: time.Now}
+	if opts.now == nil {
+		opts.now = time.Now
+	}
+	result := &counter{desc: desc, labelPairs: desc.constLabelPairs, now: opts.now}
 	result.init(result) // Init self-collection.
+	result.createdTs = timestamppb.New(opts.now())
 	return result
 }
 
@@ -106,10 +111,12 @@ type counter struct {
 	selfCollector
 	desc *Desc
 
+	createdTs  *timestamppb.Timestamp
 	labelPairs []*dto.LabelPair
 	exemplar   atomic.Value // Containing nil or a *dto.Exemplar.
 
-	now func() time.Time // To mock out time.Now() for testing.
+	// now is for testing purposes, by default it's time.Now.
+	now func() time.Time
 }
 
 func (c *counter) Desc() *Desc {
@@ -159,8 +166,7 @@ func (c *counter) Write(out *dto.Metric) error {
 		exemplar = e.(*dto.Exemplar)
 	}
 	val := c.get()
-
-	return populateMetric(CounterValue, val, c.labelPairs, exemplar, out)
+	return populateMetric(CounterValue, val, c.labelPairs, exemplar, out, c.createdTs)
 }
 
 func (c *counter) updateExemplar(v float64, l Labels) {
@@ -200,13 +206,17 @@ func (v2) NewCounterVec(opts CounterVecOpts) *CounterVec {
 		opts.VariableLabels,
 		opts.ConstLabels,
 	)
+	if opts.now == nil {
+		opts.now = time.Now
+	}
 	return &CounterVec{
 		MetricVec: NewMetricVec(desc, func(lvs ...string) Metric {
-			if len(lvs) != len(desc.variableLabels) {
-				panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.labelNames(), lvs))
+			if len(lvs) != len(desc.variableLabels.names) {
+				panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.names, lvs))
 			}
-			result := &counter{desc: desc, labelPairs: MakeLabelPairs(desc, lvs), now: time.Now}
+			result := &counter{desc: desc, labelPairs: MakeLabelPairs(desc, lvs), now: opts.now}
 			result.init(result) // Init self-collection.
+			result.createdTs = timestamppb.New(opts.now())
 			return result
 		}),
 	}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/desc.go b/vendor/github.com/prometheus/client_golang/prometheus/desc.go
index deedc2dfb..68ffe3c24 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/desc.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/desc.go
@@ -52,7 +52,7 @@ type Desc struct {
 	constLabelPairs []*dto.LabelPair
 	// variableLabels contains names of labels and normalization function for
 	// which the metric maintains variable values.
-	variableLabels ConstrainedLabels
+	variableLabels *compiledLabels
 	// id is a hash of the values of the ConstLabels and fqName. This
 	// must be unique among all registered descriptors and can therefore be
 	// used as an identifier of the descriptor.
@@ -93,7 +93,7 @@ func (v2) NewDesc(fqName, help string, variableLabels ConstrainableLabels, const
 	d := &Desc{
 		fqName:         fqName,
 		help:           help,
-		variableLabels: variableLabels.constrainedLabels(),
+		variableLabels: variableLabels.compile(),
 	}
 	if !model.IsValidMetricName(model.LabelValue(fqName)) {
 		d.err = fmt.Errorf("%q is not a valid metric name", fqName)
@@ -103,7 +103,7 @@ func (v2) NewDesc(fqName, help string, variableLabels ConstrainableLabels, const
 	// their sorted label names) plus the fqName (at position 0).
 	labelValues := make([]string, 1, len(constLabels)+1)
 	labelValues[0] = fqName
-	labelNames := make([]string, 0, len(constLabels)+len(d.variableLabels))
+	labelNames := make([]string, 0, len(constLabels)+len(d.variableLabels.names))
 	labelNameSet := map[string]struct{}{}
 	// First add only the const label names and sort them...
 	for labelName := range constLabels {
@@ -128,13 +128,13 @@ func (v2) NewDesc(fqName, help string, variableLabels ConstrainableLabels, const
 	// Now add the variable label names, but prefix them with something that
 	// cannot be in a regular label name. That prevents matching the label
 	// dimension with a different mix between preset and variable labels.
-	for _, label := range d.variableLabels {
-		if !checkLabelName(label.Name) {
-			d.err = fmt.Errorf("%q is not a valid label name for metric %q", label.Name, fqName)
+	for _, label := range d.variableLabels.names {
+		if !checkLabelName(label) {
+			d.err = fmt.Errorf("%q is not a valid label name for metric %q", label, fqName)
 			return d
 		}
-		labelNames = append(labelNames, "$"+label.Name)
-		labelNameSet[label.Name] = struct{}{}
+		labelNames = append(labelNames, "$"+label)
+		labelNameSet[label] = struct{}{}
 	}
 	if len(labelNames) != len(labelNameSet) {
 		d.err = fmt.Errorf("duplicate label names in constant and variable labels for metric %q", fqName)
@@ -189,11 +189,19 @@ func (d *Desc) String() string {
 			fmt.Sprintf("%s=%q", lp.GetName(), lp.GetValue()),
 		)
 	}
+	vlStrings := make([]string, 0, len(d.variableLabels.names))
+	for _, vl := range d.variableLabels.names {
+		if fn, ok := d.variableLabels.labelConstraints[vl]; ok && fn != nil {
+			vlStrings = append(vlStrings, fmt.Sprintf("c(%s)", vl))
+		} else {
+			vlStrings = append(vlStrings, vl)
+		}
+	}
 	return fmt.Sprintf(
-		"Desc{fqName: %q, help: %q, constLabels: {%s}, variableLabels: %v}",
+		"Desc{fqName: %q, help: %q, constLabels: {%s}, variableLabels: {%s}}",
 		d.fqName,
 		d.help,
 		strings.Join(lpStrings, ","),
-		d.variableLabels,
+		strings.Join(vlStrings, ","),
 	)
 }
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/expvar_collector.go b/vendor/github.com/prometheus/client_golang/prometheus/expvar_collector.go
index c41ab37f3..de5a85629 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/expvar_collector.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/expvar_collector.go
@@ -48,7 +48,7 @@ func (e *expvarCollector) Collect(ch chan<- Metric) {
 			continue
 		}
 		var v interface{}
-		labels := make([]string, len(desc.variableLabels))
+		labels := make([]string, len(desc.variableLabels.names))
 		if err := json.Unmarshal([]byte(expVar.String()), &v); err != nil {
 			ch <- NewInvalidMetric(desc, err)
 			continue
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/gauge.go b/vendor/github.com/prometheus/client_golang/prometheus/gauge.go
index f1ea6c76f..dd2eac940 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/gauge.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/gauge.go
@@ -62,7 +62,7 @@ type GaugeVecOpts struct {
 	GaugeOpts
 
 	// VariableLabels are used to partition the metric vector by the given set
-	// of labels. Each label value will be constrained with the optional Contraint
+	// of labels. Each label value will be constrained with the optional Constraint
 	// function, if provided.
 	VariableLabels ConstrainableLabels
 }
@@ -135,7 +135,7 @@ func (g *gauge) Sub(val float64) {
 
 func (g *gauge) Write(out *dto.Metric) error {
 	val := math.Float64frombits(atomic.LoadUint64(&g.valBits))
-	return populateMetric(GaugeValue, val, g.labelPairs, nil, out)
+	return populateMetric(GaugeValue, val, g.labelPairs, nil, out, nil)
 }
 
 // GaugeVec is a Collector that bundles a set of Gauges that all share the same
@@ -166,8 +166,8 @@ func (v2) NewGaugeVec(opts GaugeVecOpts) *GaugeVec {
 	)
 	return &GaugeVec{
 		MetricVec: NewMetricVec(desc, func(lvs ...string) Metric {
-			if len(lvs) != len(desc.variableLabels) {
-				panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.labelNames(), lvs))
+			if len(lvs) != len(desc.variableLabels.names) {
+				panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.names, lvs))
 			}
 			result := &gauge{desc: desc, labelPairs: MakeLabelPairs(desc, lvs)}
 			result.init(result) // Init self-collection.
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
index 8d818afe9..1feba62c6 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
@@ -25,6 +25,7 @@ import (
 	dto "github.com/prometheus/client_model/go"
 
 	"google.golang.org/protobuf/proto"
+	"google.golang.org/protobuf/types/known/timestamppb"
 )
 
 // nativeHistogramBounds for the frac of observed values. Only relevant for
@@ -391,7 +392,7 @@ type HistogramOpts struct {
 	// zero, it is replaced by default buckets. The default buckets are
 	// DefBuckets if no buckets for a native histogram (see below) are used,
 	// otherwise the default is no buckets. (In other words, if you want to
-	// use both reguler buckets and buckets for a native histogram, you have
+	// use both regular buckets and buckets for a native histogram, you have
 	// to define the regular buckets here explicitly.)
 	Buckets []float64
 
@@ -413,8 +414,8 @@ type HistogramOpts struct {
 	// and 2, same as between 2 and 4, and 4 and 8, etc.).
 	//
 	// Details about the actually used factor: The factor is calculated as
-	// 2^(2^n), where n is an integer number between (and including) -8 and
-	// 4. n is chosen so that the resulting factor is the largest that is
+	// 2^(2^-n), where n is an integer number between (and including) -4 and
+	// 8. n is chosen so that the resulting factor is the largest that is
 	// still smaller or equal to NativeHistogramBucketFactor. Note that the
 	// smallest possible factor is therefore approx. 1.00271 (i.e. 2^(2^-8)
 	// ). If NativeHistogramBucketFactor is greater than 1 but smaller than
@@ -428,12 +429,12 @@ type HistogramOpts struct {
 	// a major version bump.
 	NativeHistogramBucketFactor float64
 	// All observations with an absolute value of less or equal
-	// NativeHistogramZeroThreshold are accumulated into a “zero”
-	// bucket. For best results, this should be close to a bucket
-	// boundary. This is usually the case if picking a power of two. If
+	// NativeHistogramZeroThreshold are accumulated into a “zero” bucket.
+	// For best results, this should be close to a bucket boundary. This is
+	// usually the case if picking a power of two. If
 	// NativeHistogramZeroThreshold is left at zero,
-	// DefNativeHistogramZeroThreshold is used as the threshold. To configure
-	// a zero bucket with an actual threshold of zero (i.e. only
+	// DefNativeHistogramZeroThreshold is used as the threshold. To
+	// configure a zero bucket with an actual threshold of zero (i.e. only
 	// observations of precisely zero will go into the zero bucket), set
 	// NativeHistogramZeroThreshold to the NativeHistogramZeroThresholdZero
 	// constant (or any negative float value).
@@ -446,26 +447,34 @@ type HistogramOpts struct {
 	// Histogram are sufficiently wide-spread. In particular, this could be
 	// used as a DoS attack vector. Where the observed values depend on
 	// external inputs, it is highly recommended to set a
-	// NativeHistogramMaxBucketNumber.)  Once the set
+	// NativeHistogramMaxBucketNumber.) Once the set
 	// NativeHistogramMaxBucketNumber is exceeded, the following strategy is
-	// enacted: First, if the last reset (or the creation) of the histogram
-	// is at least NativeHistogramMinResetDuration ago, then the whole
-	// histogram is reset to its initial state (including regular
-	// buckets). If less time has passed, or if
-	// NativeHistogramMinResetDuration is zero, no reset is
-	// performed. Instead, the zero threshold is increased sufficiently to
-	// reduce the number of buckets to or below
-	// NativeHistogramMaxBucketNumber, but not to more than
-	// NativeHistogramMaxZeroThreshold. Thus, if
-	// NativeHistogramMaxZeroThreshold is already at or below the current
-	// zero threshold, nothing happens at this step. After that, if the
-	// number of buckets still exceeds NativeHistogramMaxBucketNumber, the
-	// resolution of the histogram is reduced by doubling the width of the
-	// sparse buckets (up to a growth factor between one bucket to the next
-	// of 2^(2^4) = 65536, see above).
+	// enacted:
+	//  - First, if the last reset (or the creation) of the histogram is at
+	//    least NativeHistogramMinResetDuration ago, then the whole
+	//    histogram is reset to its initial state (including regular
+	//    buckets).
+	//  - If less time has passed, or if NativeHistogramMinResetDuration is
+	//    zero, no reset is performed. Instead, the zero threshold is
+	//    increased sufficiently to reduce the number of buckets to or below
+	//    NativeHistogramMaxBucketNumber, but not to more than
+	//    NativeHistogramMaxZeroThreshold. Thus, if
+	//    NativeHistogramMaxZeroThreshold is already at or below the current
+	//    zero threshold, nothing happens at this step.
+	//  - After that, if the number of buckets still exceeds
+	//    NativeHistogramMaxBucketNumber, the resolution of the histogram is
+	//    reduced by doubling the width of the sparse buckets (up to a
+	//    growth factor between one bucket to the next of 2^(2^4) = 65536,
+	//    see above).
+	//  - Any increased zero threshold or reduced resolution is reset back
+	//    to their original values once NativeHistogramMinResetDuration has
+	//    passed (since the last reset or the creation of the histogram).
 	NativeHistogramMaxBucketNumber  uint32
 	NativeHistogramMinResetDuration time.Duration
 	NativeHistogramMaxZeroThreshold float64
+
+	// now is for testing purposes, by default it's time.Now.
+	now func() time.Time
 }
 
 // HistogramVecOpts bundles the options to create a HistogramVec metric.
@@ -475,7 +484,7 @@ type HistogramVecOpts struct {
 	HistogramOpts
 
 	// VariableLabels are used to partition the metric vector by the given set
-	// of labels. Each label value will be constrained with the optional Contraint
+	// of labels. Each label value will be constrained with the optional Constraint
 	// function, if provided.
 	VariableLabels ConstrainableLabels
 }
@@ -499,12 +508,12 @@ func NewHistogram(opts HistogramOpts) Histogram {
 }
 
 func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogram {
-	if len(desc.variableLabels) != len(labelValues) {
-		panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.labelNames(), labelValues))
+	if len(desc.variableLabels.names) != len(labelValues) {
+		panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.names, labelValues))
 	}
 
-	for _, n := range desc.variableLabels {
-		if n.Name == bucketLabel {
+	for _, n := range desc.variableLabels.names {
+		if n == bucketLabel {
 			panic(errBucketLabelNotAllowed)
 		}
 	}
@@ -514,6 +523,10 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr
 		}
 	}
 
+	if opts.now == nil {
+		opts.now = time.Now
+	}
+
 	h := &histogram{
 		desc:                            desc,
 		upperBounds:                     opts.Buckets,
@@ -521,8 +534,8 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr
 		nativeHistogramMaxBuckets:       opts.NativeHistogramMaxBucketNumber,
 		nativeHistogramMaxZeroThreshold: opts.NativeHistogramMaxZeroThreshold,
 		nativeHistogramMinResetDuration: opts.NativeHistogramMinResetDuration,
-		lastResetTime:                   time.Now(),
-		now:                             time.Now,
+		lastResetTime:                   opts.now(),
+		now:                             opts.now,
 	}
 	if len(h.upperBounds) == 0 && opts.NativeHistogramBucketFactor <= 1 {
 		h.upperBounds = DefBuckets
@@ -701,9 +714,11 @@ type histogram struct {
 	nativeHistogramMaxZeroThreshold float64
 	nativeHistogramMaxBuckets       uint32
 	nativeHistogramMinResetDuration time.Duration
-	lastResetTime                   time.Time // Protected by mtx.
+	// lastResetTime is protected by mtx. It is also used as created timestamp.
+	lastResetTime time.Time
 
-	now func() time.Time // To mock out time.Now() for testing.
+	// now is for testing purposes, by default it's time.Now.
+	now func() time.Time
 }
 
 func (h *histogram) Desc() *Desc {
@@ -742,9 +757,10 @@ func (h *histogram) Write(out *dto.Metric) error {
 	waitForCooldown(count, coldCounts)
 
 	his := &dto.Histogram{
-		Bucket:      make([]*dto.Bucket, len(h.upperBounds)),
-		SampleCount: proto.Uint64(count),
-		SampleSum:   proto.Float64(math.Float64frombits(atomic.LoadUint64(&coldCounts.sumBits))),
+		Bucket:           make([]*dto.Bucket, len(h.upperBounds)),
+		SampleCount:      proto.Uint64(count),
+		SampleSum:        proto.Float64(math.Float64frombits(atomic.LoadUint64(&coldCounts.sumBits))),
+		CreatedTimestamp: timestamppb.New(h.lastResetTime),
 	}
 	out.Histogram = his
 	out.Label = h.labelPairs
@@ -782,6 +798,16 @@ func (h *histogram) Write(out *dto.Metric) error {
 		his.ZeroCount = proto.Uint64(zeroBucket)
 		his.NegativeSpan, his.NegativeDelta = makeBuckets(&coldCounts.nativeHistogramBucketsNegative)
 		his.PositiveSpan, his.PositiveDelta = makeBuckets(&coldCounts.nativeHistogramBucketsPositive)
+
+		// Add a no-op span to a histogram without observations and with
+		// a zero threshold of zero. Otherwise, a native histogram would
+		// look like a classic histogram to scrapers.
+		if *his.ZeroThreshold == 0 && *his.ZeroCount == 0 && len(his.PositiveSpan) == 0 && len(his.NegativeSpan) == 0 {
+			his.PositiveSpan = []*dto.BucketSpan{{
+				Offset: proto.Int32(0),
+				Length: proto.Uint32(0),
+			}}
+		}
 	}
 	addAndResetCounts(hotCounts, coldCounts)
 	return nil
@@ -854,20 +880,23 @@ func (h *histogram) limitBuckets(counts *histogramCounts, value float64, bucket
 	h.doubleBucketWidth(hotCounts, coldCounts)
 }
 
-// maybeReset resests the whole histogram if at least h.nativeHistogramMinResetDuration
+// maybeReset resets the whole histogram if at least h.nativeHistogramMinResetDuration
 // has been passed. It returns true if the histogram has been reset. The caller
 // must have locked h.mtx.
-func (h *histogram) maybeReset(hot, cold *histogramCounts, coldIdx uint64, value float64, bucket int) bool {
+func (h *histogram) maybeReset(
+	hot, cold *histogramCounts, coldIdx uint64, value float64, bucket int,
+) bool {
 	// We are using the possibly mocked h.now() rather than
 	// time.Since(h.lastResetTime) to enable testing.
-	if h.nativeHistogramMinResetDuration == 0 || h.now().Sub(h.lastResetTime) < h.nativeHistogramMinResetDuration {
+	if h.nativeHistogramMinResetDuration == 0 ||
+		h.now().Sub(h.lastResetTime) < h.nativeHistogramMinResetDuration {
 		return false
 	}
 	// Completely reset coldCounts.
 	h.resetCounts(cold)
 	// Repeat the latest observation to not lose it completely.
 	cold.observe(value, bucket, true)
-	// Make coldCounts the new hot counts while ressetting countAndHotIdx.
+	// Make coldCounts the new hot counts while resetting countAndHotIdx.
 	n := atomic.SwapUint64(&h.countAndHotIdx, (coldIdx<<63)+1)
 	count := n & ((1 << 63) - 1)
 	waitForCooldown(count, hot)
@@ -1176,6 +1205,7 @@ type constHistogram struct {
 	sum        float64
 	buckets    map[float64]uint64
 	labelPairs []*dto.LabelPair
+	createdTs  *timestamppb.Timestamp
 }
 
 func (h *constHistogram) Desc() *Desc {
@@ -1183,7 +1213,9 @@ func (h *constHistogram) Desc() *Desc {
 }
 
 func (h *constHistogram) Write(out *dto.Metric) error {
-	his := &dto.Histogram{}
+	his := &dto.Histogram{
+		CreatedTimestamp: h.createdTs,
+	}
 
 	buckets := make([]*dto.Bucket, 0, len(h.buckets))
 
@@ -1230,7 +1262,7 @@ func NewConstHistogram(
 	if desc.err != nil {
 		return nil, desc.err
 	}
-	if err := validateLabelValues(labelValues, len(desc.variableLabels)); err != nil {
+	if err := validateLabelValues(labelValues, len(desc.variableLabels.names)); err != nil {
 		return nil, err
 	}
 	return &constHistogram{
@@ -1324,7 +1356,7 @@ func makeBuckets(buckets *sync.Map) ([]*dto.BucketSpan, []int64) {
 		// Multiple spans with only small gaps in between are probably
 		// encoded more efficiently as one larger span with a few empty
 		// buckets. Needs some research to find the sweet spot. For now,
-		// we assume that gaps of one ore two buckets should not create
+		// we assume that gaps of one or two buckets should not create
 		// a new span.
 		iDelta := int32(i - nextI)
 		if n == 0 || iDelta > 2 {
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/internal/difflib.go b/vendor/github.com/prometheus/client_golang/prometheus/internal/difflib.go
index fd0750f2c..a595a2036 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/internal/difflib.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/internal/difflib.go
@@ -14,7 +14,7 @@
 // It provides tools to compare sequences of strings and generate textual diffs.
 //
 // Maintaining `GetUnifiedDiffString` here because original repository
-// (https://github.com/pmezard/go-difflib) is no loger maintained.
+// (https://github.com/pmezard/go-difflib) is no longer maintained.
 package internal
 
 import (
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/labels.go b/vendor/github.com/prometheus/client_golang/prometheus/labels.go
index 63ff8683c..b3c4eca2b 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/labels.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/labels.go
@@ -32,19 +32,15 @@ import (
 // create a Desc.
 type Labels map[string]string
 
+// LabelConstraint normalizes label values.
+type LabelConstraint func(string) string
+
 // ConstrainedLabels represents a label name and its constrain function
 // to normalize label values. This type is commonly used when constructing
 // metric vector Collectors.
 type ConstrainedLabel struct {
 	Name       string
-	Constraint func(string) string
-}
-
-func (cl ConstrainedLabel) Constrain(v string) string {
-	if cl.Constraint == nil {
-		return v
-	}
-	return cl.Constraint(v)
+	Constraint LabelConstraint
 }
 
 // ConstrainableLabels is an interface that allows creating of labels that can
@@ -58,7 +54,7 @@ func (cl ConstrainedLabel) Constrain(v string) string {
 //	  },
 //	})
 type ConstrainableLabels interface {
-	constrainedLabels() ConstrainedLabels
+	compile() *compiledLabels
 	labelNames() []string
 }
 
@@ -67,8 +63,20 @@ type ConstrainableLabels interface {
 // metric vector Collectors.
 type ConstrainedLabels []ConstrainedLabel
 
-func (cls ConstrainedLabels) constrainedLabels() ConstrainedLabels {
-	return cls
+func (cls ConstrainedLabels) compile() *compiledLabels {
+	compiled := &compiledLabels{
+		names:            make([]string, len(cls)),
+		labelConstraints: map[string]LabelConstraint{},
+	}
+
+	for i, label := range cls {
+		compiled.names[i] = label.Name
+		if label.Constraint != nil {
+			compiled.labelConstraints[label.Name] = label.Constraint
+		}
+	}
+
+	return compiled
 }
 
 func (cls ConstrainedLabels) labelNames() []string {
@@ -92,18 +100,36 @@ func (cls ConstrainedLabels) labelNames() []string {
 //	}
 type UnconstrainedLabels []string
 
-func (uls UnconstrainedLabels) constrainedLabels() ConstrainedLabels {
-	constrainedLabels := make([]ConstrainedLabel, len(uls))
-	for i, l := range uls {
-		constrainedLabels[i] = ConstrainedLabel{Name: l}
+func (uls UnconstrainedLabels) compile() *compiledLabels {
+	return &compiledLabels{
+		names: uls,
 	}
-	return constrainedLabels
 }
 
 func (uls UnconstrainedLabels) labelNames() []string {
 	return uls
 }
 
+type compiledLabels struct {
+	names            []string
+	labelConstraints map[string]LabelConstraint
+}
+
+func (cls *compiledLabels) compile() *compiledLabels {
+	return cls
+}
+
+func (cls *compiledLabels) labelNames() []string {
+	return cls.names
+}
+
+func (cls *compiledLabels) constrain(labelName, value string) string {
+	if fn, ok := cls.labelConstraints[labelName]; ok && fn != nil {
+		return fn(value)
+	}
+	return value
+}
+
 // reservedLabelPrefix is a prefix which is not legal in user-supplied
 // label names.
 const reservedLabelPrefix = "__"
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/metric.go b/vendor/github.com/prometheus/client_golang/prometheus/metric.go
index 07bbc9d76..f018e5723 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/metric.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/metric.go
@@ -92,6 +92,9 @@ type Opts struct {
 	// machine_role metric). See also
 	// https://prometheus.io/docs/instrumenting/writing_exporters/#target-labels-not-static-scraped-labels
 	ConstLabels Labels
+
+	// now is for testing purposes, by default it's time.Now.
+	now func() time.Time
 }
 
 // BuildFQName joins the given three name components by "_". Empty name
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promauto/auto.go b/vendor/github.com/prometheus/client_golang/prometheus/promauto/auto.go
index fa9011592..58f96599f 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/promauto/auto.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/promauto/auto.go
@@ -17,7 +17,7 @@
 // constructors register the Collectors with a registry before returning them.
 // There are two sets of constructors. The constructors in the first set are
 // top-level functions, while the constructors in the other set are methods of
-// the Factory type. The top-level function return Collectors registered with
+// the Factory type. The top-level functions return Collectors registered with
 // the global registry (prometheus.DefaultRegisterer), while the methods return
 // Collectors registered with the registry the Factory was constructed with. All
 // constructors panic if the registration fails.
@@ -85,7 +85,7 @@
 //	}
 //
 // A Factory is created with the With(prometheus.Registerer) function, which
-// enables two usage pattern. With(prometheus.Registerer) can be called once per
+// enables two usage patterns. With(prometheus.Registerer) can be called once per
 // line:
 //
 //	var (
@@ -153,7 +153,7 @@
 // importing a package.
 //
 // A separate package allows conservative users to entirely ignore it. And
-// whoever wants to use it, will do so explicitly, with an opportunity to read
+// whoever wants to use it will do so explicitly, with an opportunity to read
 // this warning.
 //
 // Enjoy promauto responsibly!
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go
index 3793036ad..356edb786 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/instrument_server.go
@@ -389,15 +389,12 @@ func isLabelCurried(c prometheus.Collector, label string) bool {
 	return true
 }
 
-// emptyLabels is a one-time allocation for non-partitioned metrics to avoid
-// unnecessary allocations on each request.
-var emptyLabels = prometheus.Labels{}
-
 func labels(code, method bool, reqMethod string, status int, extraMethods ...string) prometheus.Labels {
+	labels := prometheus.Labels{}
+
 	if !(code || method) {
-		return emptyLabels
+		return labels
 	}
-	labels := prometheus.Labels{}
 
 	if code {
 		labels["code"] = sanitizeCode(status)
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/registry.go b/vendor/github.com/prometheus/client_golang/prometheus/registry.go
index 44da9433b..5e2ced25a 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/registry.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/registry.go
@@ -548,7 +548,7 @@ func (r *Registry) Gather() ([]*dto.MetricFamily, error) {
 			goroutineBudget--
 			runtime.Gosched()
 		}
-		// Once both checkedMetricChan and uncheckdMetricChan are closed
+		// Once both checkedMetricChan and uncheckedMetricChan are closed
 		// and drained, the contraption above will nil out cmc and umc,
 		// and then we can leave the collect loop here.
 		if cmc == nil && umc == nil {
@@ -963,9 +963,9 @@ func checkDescConsistency(
 	// Is the desc consistent with the content of the metric?
 	lpsFromDesc := make([]*dto.LabelPair, len(desc.constLabelPairs), len(dtoMetric.Label))
 	copy(lpsFromDesc, desc.constLabelPairs)
-	for _, l := range desc.variableLabels {
+	for _, l := range desc.variableLabels.names {
 		lpsFromDesc = append(lpsFromDesc, &dto.LabelPair{
-			Name: proto.String(l.Name),
+			Name: proto.String(l),
 		})
 	}
 	if len(lpsFromDesc) != len(dtoMetric.Label) {
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/summary.go b/vendor/github.com/prometheus/client_golang/prometheus/summary.go
index dd359264e..146270444 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/summary.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/summary.go
@@ -26,6 +26,7 @@ import (
 
 	"github.com/beorn7/perks/quantile"
 	"google.golang.org/protobuf/proto"
+	"google.golang.org/protobuf/types/known/timestamppb"
 )
 
 // quantileLabel is used for the label that defines the quantile in a
@@ -145,6 +146,9 @@ type SummaryOpts struct {
 	// is the internal buffer size of the underlying package
 	// "github.com/bmizerany/perks/quantile").
 	BufCap uint32
+
+	// now is for testing purposes, by default it's time.Now.
+	now func() time.Time
 }
 
 // SummaryVecOpts bundles the options to create a SummaryVec metric.
@@ -154,7 +158,7 @@ type SummaryVecOpts struct {
 	SummaryOpts
 
 	// VariableLabels are used to partition the metric vector by the given set
-	// of labels. Each label value will be constrained with the optional Contraint
+	// of labels. Each label value will be constrained with the optional Constraint
 	// function, if provided.
 	VariableLabels ConstrainableLabels
 }
@@ -188,12 +192,12 @@ func NewSummary(opts SummaryOpts) Summary {
 }
 
 func newSummary(desc *Desc, opts SummaryOpts, labelValues ...string) Summary {
-	if len(desc.variableLabels) != len(labelValues) {
-		panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.labelNames(), labelValues))
+	if len(desc.variableLabels.names) != len(labelValues) {
+		panic(makeInconsistentCardinalityError(desc.fqName, desc.variableLabels.names, labelValues))
 	}
 
-	for _, n := range desc.variableLabels {
-		if n.Name == quantileLabel {
+	for _, n := range desc.variableLabels.names {
+		if n == quantileLabel {
 			panic(errQuantileLabelNotAllowed)
 		}
 	}
@@ -222,6 +226,9 @@ func newSummary(desc *Desc, opts SummaryOpts, labelValues ...string) Summary {
 		opts.BufCap = DefBufCap
 	}
 
+	if opts.now == nil {
+		opts.now = time.Now
+	}
 	if len(opts.Objectives) == 0 {
 		// Use the lock-free implementation of a Summary without objectives.
 		s := &noObjectivesSummary{
@@ -230,6 +237,7 @@ func newSummary(desc *Desc, opts SummaryOpts, labelValues ...string) Summary {
 			counts:     [2]*summaryCounts{{}, {}},
 		}
 		s.init(s) // Init self-collection.
+		s.createdTs = timestamppb.New(opts.now())
 		return s
 	}
 
@@ -245,7 +253,7 @@ func newSummary(desc *Desc, opts SummaryOpts, labelValues ...string) Summary {
 		coldBuf:        make([]float64, 0, opts.BufCap),
 		streamDuration: opts.MaxAge / time.Duration(opts.AgeBuckets),
 	}
-	s.headStreamExpTime = time.Now().Add(s.streamDuration)
+	s.headStreamExpTime = opts.now().Add(s.streamDuration)
 	s.hotBufExpTime = s.headStreamExpTime
 
 	for i := uint32(0); i < opts.AgeBuckets; i++ {
@@ -259,6 +267,7 @@ func newSummary(desc *Desc, opts SummaryOpts, labelValues ...string) Summary {
 	sort.Float64s(s.sortedObjectives)
 
 	s.init(s) // Init self-collection.
+	s.createdTs = timestamppb.New(opts.now())
 	return s
 }
 
@@ -286,6 +295,8 @@ type summary struct {
 	headStream                       *quantile.Stream
 	headStreamIdx                    int
 	headStreamExpTime, hotBufExpTime time.Time
+
+	createdTs *timestamppb.Timestamp
 }
 
 func (s *summary) Desc() *Desc {
@@ -307,7 +318,9 @@ func (s *summary) Observe(v float64) {
 }
 
 func (s *summary) Write(out *dto.Metric) error {
-	sum := &dto.Summary{}
+	sum := &dto.Summary{
+		CreatedTimestamp: s.createdTs,
+	}
 	qs := make([]*dto.Quantile, 0, len(s.objectives))
 
 	s.bufMtx.Lock()
@@ -440,6 +453,8 @@ type noObjectivesSummary struct {
 	counts [2]*summaryCounts
 
 	labelPairs []*dto.LabelPair
+
+	createdTs *timestamppb.Timestamp
 }
 
 func (s *noObjectivesSummary) Desc() *Desc {
@@ -490,8 +505,9 @@ func (s *noObjectivesSummary) Write(out *dto.Metric) error {
 	}
 
 	sum := &dto.Summary{
-		SampleCount: proto.Uint64(count),
-		SampleSum:   proto.Float64(math.Float64frombits(atomic.LoadUint64(&coldCounts.sumBits))),
+		SampleCount:      proto.Uint64(count),
+		SampleSum:        proto.Float64(math.Float64frombits(atomic.LoadUint64(&coldCounts.sumBits))),
+		CreatedTimestamp: s.createdTs,
 	}
 
 	out.Summary = sum
@@ -681,6 +697,7 @@ type constSummary struct {
 	sum        float64
 	quantiles  map[float64]float64
 	labelPairs []*dto.LabelPair
+	createdTs  *timestamppb.Timestamp
 }
 
 func (s *constSummary) Desc() *Desc {
@@ -688,7 +705,9 @@ func (s *constSummary) Desc() *Desc {
 }
 
 func (s *constSummary) Write(out *dto.Metric) error {
-	sum := &dto.Summary{}
+	sum := &dto.Summary{
+		CreatedTimestamp: s.createdTs,
+	}
 	qs := make([]*dto.Quantile, 0, len(s.quantiles))
 
 	sum.SampleCount = proto.Uint64(s.count)
@@ -737,7 +756,7 @@ func NewConstSummary(
 	if desc.err != nil {
 		return nil, desc.err
 	}
-	if err := validateLabelValues(labelValues, len(desc.variableLabels)); err != nil {
+	if err := validateLabelValues(labelValues, len(desc.variableLabels.names)); err != nil {
 		return nil, err
 	}
 	return &constSummary{
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/value.go b/vendor/github.com/prometheus/client_golang/prometheus/value.go
index 5f6bb8001..cc23011fa 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/value.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/value.go
@@ -14,6 +14,7 @@
 package prometheus
 
 import (
+	"errors"
 	"fmt"
 	"sort"
 	"time"
@@ -91,7 +92,7 @@ func (v *valueFunc) Desc() *Desc {
 }
 
 func (v *valueFunc) Write(out *dto.Metric) error {
-	return populateMetric(v.valType, v.function(), v.labelPairs, nil, out)
+	return populateMetric(v.valType, v.function(), v.labelPairs, nil, out, nil)
 }
 
 // NewConstMetric returns a metric with one fixed value that cannot be
@@ -105,12 +106,12 @@ func NewConstMetric(desc *Desc, valueType ValueType, value float64, labelValues
 	if desc.err != nil {
 		return nil, desc.err
 	}
-	if err := validateLabelValues(labelValues, len(desc.variableLabels)); err != nil {
+	if err := validateLabelValues(labelValues, len(desc.variableLabels.names)); err != nil {
 		return nil, err
 	}
 
 	metric := &dto.Metric{}
-	if err := populateMetric(valueType, value, MakeLabelPairs(desc, labelValues), nil, metric); err != nil {
+	if err := populateMetric(valueType, value, MakeLabelPairs(desc, labelValues), nil, metric, nil); err != nil {
 		return nil, err
 	}
 
@@ -130,6 +131,43 @@ func MustNewConstMetric(desc *Desc, valueType ValueType, value float64, labelVal
 	return m
 }
 
+// NewConstMetricWithCreatedTimestamp does the same thing as NewConstMetric, but generates Counters
+// with created timestamp set and returns an error for other metric types.
+func NewConstMetricWithCreatedTimestamp(desc *Desc, valueType ValueType, value float64, ct time.Time, labelValues ...string) (Metric, error) {
+	if desc.err != nil {
+		return nil, desc.err
+	}
+	if err := validateLabelValues(labelValues, len(desc.variableLabels.names)); err != nil {
+		return nil, err
+	}
+	switch valueType {
+	case CounterValue:
+		break
+	default:
+		return nil, errors.New("created timestamps are only supported for counters")
+	}
+
+	metric := &dto.Metric{}
+	if err := populateMetric(valueType, value, MakeLabelPairs(desc, labelValues), nil, metric, timestamppb.New(ct)); err != nil {
+		return nil, err
+	}
+
+	return &constMetric{
+		desc:   desc,
+		metric: metric,
+	}, nil
+}
+
+// MustNewConstMetricWithCreatedTimestamp is a version of NewConstMetricWithCreatedTimestamp that panics where
+// NewConstMetricWithCreatedTimestamp would have returned an error.
+func MustNewConstMetricWithCreatedTimestamp(desc *Desc, valueType ValueType, value float64, ct time.Time, labelValues ...string) Metric {
+	m, err := NewConstMetricWithCreatedTimestamp(desc, valueType, value, ct, labelValues...)
+	if err != nil {
+		panic(err)
+	}
+	return m
+}
+
 type constMetric struct {
 	desc   *Desc
 	metric *dto.Metric
@@ -153,11 +191,12 @@ func populateMetric(
 	labelPairs []*dto.LabelPair,
 	e *dto.Exemplar,
 	m *dto.Metric,
+	ct *timestamppb.Timestamp,
 ) error {
 	m.Label = labelPairs
 	switch t {
 	case CounterValue:
-		m.Counter = &dto.Counter{Value: proto.Float64(v), Exemplar: e}
+		m.Counter = &dto.Counter{Value: proto.Float64(v), Exemplar: e, CreatedTimestamp: ct}
 	case GaugeValue:
 		m.Gauge = &dto.Gauge{Value: proto.Float64(v)}
 	case UntypedValue:
@@ -176,19 +215,19 @@ func populateMetric(
 // This function is only needed for custom Metric implementations. See MetricVec
 // example.
 func MakeLabelPairs(desc *Desc, labelValues []string) []*dto.LabelPair {
-	totalLen := len(desc.variableLabels) + len(desc.constLabelPairs)
+	totalLen := len(desc.variableLabels.names) + len(desc.constLabelPairs)
 	if totalLen == 0 {
 		// Super fast path.
 		return nil
 	}
-	if len(desc.variableLabels) == 0 {
+	if len(desc.variableLabels.names) == 0 {
 		// Moderately fast path.
 		return desc.constLabelPairs
 	}
 	labelPairs := make([]*dto.LabelPair, 0, totalLen)
-	for i, l := range desc.variableLabels {
+	for i, l := range desc.variableLabels.names {
 		labelPairs = append(labelPairs, &dto.LabelPair{
-			Name:  proto.String(l.Name),
+			Name:  proto.String(l),
 			Value: proto.String(labelValues[i]),
 		})
 	}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/vec.go b/vendor/github.com/prometheus/client_golang/prometheus/vec.go
index f0d0015a0..955cfd59f 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/vec.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/vec.go
@@ -20,24 +20,6 @@ import (
 	"github.com/prometheus/common/model"
 )
 
-var labelsPool = &sync.Pool{
-	New: func() interface{} {
-		return make(Labels)
-	},
-}
-
-func getLabelsFromPool() Labels {
-	return labelsPool.Get().(Labels)
-}
-
-func putLabelsToPool(labels Labels) {
-	for k := range labels {
-		delete(labels, k)
-	}
-
-	labelsPool.Put(labels)
-}
-
 // MetricVec is a Collector to bundle metrics of the same name that differ in
 // their label values. MetricVec is not used directly but as a building block
 // for implementations of vectors of a given metric type, like GaugeVec,
@@ -91,6 +73,7 @@ func NewMetricVec(desc *Desc, newMetric func(lvs ...string) Metric) *MetricVec {
 // See also the CounterVec example.
 func (m *MetricVec) DeleteLabelValues(lvs ...string) bool {
 	lvs = constrainLabelValues(m.desc, lvs, m.curry)
+
 	h, err := m.hashLabelValues(lvs)
 	if err != nil {
 		return false
@@ -110,8 +93,8 @@ func (m *MetricVec) DeleteLabelValues(lvs ...string) bool {
 // This method is used for the same purpose as DeleteLabelValues(...string). See
 // there for pros and cons of the two methods.
 func (m *MetricVec) Delete(labels Labels) bool {
-	labels = constrainLabels(m.desc, labels)
-	defer putLabelsToPool(labels)
+	labels, closer := constrainLabels(m.desc, labels)
+	defer closer()
 
 	h, err := m.hashLabels(labels)
 	if err != nil {
@@ -128,8 +111,8 @@ func (m *MetricVec) Delete(labels Labels) bool {
 // Note that curried labels will never be matched if deleting from the curried vector.
 // To match curried labels with DeletePartialMatch, it must be called on the base vector.
 func (m *MetricVec) DeletePartialMatch(labels Labels) int {
-	labels = constrainLabels(m.desc, labels)
-	defer putLabelsToPool(labels)
+	labels, closer := constrainLabels(m.desc, labels)
+	defer closer()
 
 	return m.metricMap.deleteByLabels(labels, m.curry)
 }
@@ -169,11 +152,11 @@ func (m *MetricVec) CurryWith(labels Labels) (*MetricVec, error) {
 		oldCurry = m.curry
 		iCurry   int
 	)
-	for i, label := range m.desc.variableLabels {
-		val, ok := labels[label.Name]
+	for i, labelName := range m.desc.variableLabels.names {
+		val, ok := labels[labelName]
 		if iCurry < len(oldCurry) && oldCurry[iCurry].index == i {
 			if ok {
-				return nil, fmt.Errorf("label name %q is already curried", label.Name)
+				return nil, fmt.Errorf("label name %q is already curried", labelName)
 			}
 			newCurry = append(newCurry, oldCurry[iCurry])
 			iCurry++
@@ -181,7 +164,10 @@ func (m *MetricVec) CurryWith(labels Labels) (*MetricVec, error) {
 			if !ok {
 				continue // Label stays uncurried.
 			}
-			newCurry = append(newCurry, curriedLabelValue{i, label.Constrain(val)})
+			newCurry = append(newCurry, curriedLabelValue{
+				i,
+				m.desc.variableLabels.constrain(labelName, val),
+			})
 		}
 	}
 	if l := len(oldCurry) + len(labels) - len(newCurry); l > 0 {
@@ -250,8 +236,8 @@ func (m *MetricVec) GetMetricWithLabelValues(lvs ...string) (Metric, error) {
 // around MetricVec, implementing a vector for a specific Metric implementation,
 // for example GaugeVec.
 func (m *MetricVec) GetMetricWith(labels Labels) (Metric, error) {
-	labels = constrainLabels(m.desc, labels)
-	defer putLabelsToPool(labels)
+	labels, closer := constrainLabels(m.desc, labels)
+	defer closer()
 
 	h, err := m.hashLabels(labels)
 	if err != nil {
@@ -262,7 +248,7 @@ func (m *MetricVec) GetMetricWith(labels Labels) (Metric, error) {
 }
 
 func (m *MetricVec) hashLabelValues(vals []string) (uint64, error) {
-	if err := validateLabelValues(vals, len(m.desc.variableLabels)-len(m.curry)); err != nil {
+	if err := validateLabelValues(vals, len(m.desc.variableLabels.names)-len(m.curry)); err != nil {
 		return 0, err
 	}
 
@@ -271,7 +257,7 @@ func (m *MetricVec) hashLabelValues(vals []string) (uint64, error) {
 		curry         = m.curry
 		iVals, iCurry int
 	)
-	for i := 0; i < len(m.desc.variableLabels); i++ {
+	for i := 0; i < len(m.desc.variableLabels.names); i++ {
 		if iCurry < len(curry) && curry[iCurry].index == i {
 			h = m.hashAdd(h, curry[iCurry].value)
 			iCurry++
@@ -285,7 +271,7 @@ func (m *MetricVec) hashLabelValues(vals []string) (uint64, error) {
 }
 
 func (m *MetricVec) hashLabels(labels Labels) (uint64, error) {
-	if err := validateValuesInLabels(labels, len(m.desc.variableLabels)-len(m.curry)); err != nil {
+	if err := validateValuesInLabels(labels, len(m.desc.variableLabels.names)-len(m.curry)); err != nil {
 		return 0, err
 	}
 
@@ -294,17 +280,17 @@ func (m *MetricVec) hashLabels(labels Labels) (uint64, error) {
 		curry  = m.curry
 		iCurry int
 	)
-	for i, label := range m.desc.variableLabels {
-		val, ok := labels[label.Name]
+	for i, labelName := range m.desc.variableLabels.names {
+		val, ok := labels[labelName]
 		if iCurry < len(curry) && curry[iCurry].index == i {
 			if ok {
-				return 0, fmt.Errorf("label name %q is already curried", label.Name)
+				return 0, fmt.Errorf("label name %q is already curried", labelName)
 			}
 			h = m.hashAdd(h, curry[iCurry].value)
 			iCurry++
 		} else {
 			if !ok {
-				return 0, fmt.Errorf("label name %q missing in label map", label.Name)
+				return 0, fmt.Errorf("label name %q missing in label map", labelName)
 			}
 			h = m.hashAdd(h, val)
 		}
@@ -482,7 +468,7 @@ func valueMatchesVariableOrCurriedValue(targetValue string, index int, values []
 func matchPartialLabels(desc *Desc, values []string, labels Labels, curry []curriedLabelValue) bool {
 	for l, v := range labels {
 		// Check if the target label exists in our metrics and get the index.
-		varLabelIndex, validLabel := indexOf(l, desc.variableLabels.labelNames())
+		varLabelIndex, validLabel := indexOf(l, desc.variableLabels.names)
 		if validLabel {
 			// Check the value of that label against the target value.
 			// We don't consider curried values in partial matches.
@@ -626,7 +612,7 @@ func matchLabels(desc *Desc, values []string, labels Labels, curry []curriedLabe
 		return false
 	}
 	iCurry := 0
-	for i, k := range desc.variableLabels {
+	for i, k := range desc.variableLabels.names {
 		if iCurry < len(curry) && curry[iCurry].index == i {
 			if values[i] != curry[iCurry].value {
 				return false
@@ -634,7 +620,7 @@ func matchLabels(desc *Desc, values []string, labels Labels, curry []curriedLabe
 			iCurry++
 			continue
 		}
-		if values[i] != labels[k.Name] {
+		if values[i] != labels[k] {
 			return false
 		}
 	}
@@ -644,13 +630,13 @@ func matchLabels(desc *Desc, values []string, labels Labels, curry []curriedLabe
 func extractLabelValues(desc *Desc, labels Labels, curry []curriedLabelValue) []string {
 	labelValues := make([]string, len(labels)+len(curry))
 	iCurry := 0
-	for i, k := range desc.variableLabels {
+	for i, k := range desc.variableLabels.names {
 		if iCurry < len(curry) && curry[iCurry].index == i {
 			labelValues[i] = curry[iCurry].value
 			iCurry++
 			continue
 		}
-		labelValues[i] = labels[k.Name]
+		labelValues[i] = labels[k]
 	}
 	return labelValues
 }
@@ -670,20 +656,37 @@ func inlineLabelValues(lvs []string, curry []curriedLabelValue) []string {
 	return labelValues
 }
 
-func constrainLabels(desc *Desc, labels Labels) Labels {
-	constrainedLabels := getLabelsFromPool()
-	for l, v := range labels {
-		if i, ok := indexOf(l, desc.variableLabels.labelNames()); ok {
-			v = desc.variableLabels[i].Constrain(v)
-		}
+var labelsPool = &sync.Pool{
+	New: func() interface{} {
+		return make(Labels)
+	},
+}
 
-		constrainedLabels[l] = v
+func constrainLabels(desc *Desc, labels Labels) (Labels, func()) {
+	if len(desc.variableLabels.labelConstraints) == 0 {
+		// Fast path when there's no constraints
+		return labels, func() {}
 	}
 
-	return constrainedLabels
+	constrainedLabels := labelsPool.Get().(Labels)
+	for l, v := range labels {
+		constrainedLabels[l] = desc.variableLabels.constrain(l, v)
+	}
+
+	return constrainedLabels, func() {
+		for k := range constrainedLabels {
+			delete(constrainedLabels, k)
+		}
+		labelsPool.Put(constrainedLabels)
+	}
 }
 
 func constrainLabelValues(desc *Desc, lvs []string, curry []curriedLabelValue) []string {
+	if len(desc.variableLabels.labelConstraints) == 0 {
+		// Fast path when there's no constraints
+		return lvs
+	}
+
 	constrainedValues := make([]string, len(lvs))
 	var iCurry, iLVs int
 	for i := 0; i < len(lvs)+len(curry); i++ {
@@ -692,8 +695,11 @@ func constrainLabelValues(desc *Desc, lvs []string, curry []curriedLabelValue) [
 			continue
 		}
 
-		if i < len(desc.variableLabels) {
-			constrainedValues[iLVs] = desc.variableLabels[i].Constrain(lvs[iLVs])
+		if i < len(desc.variableLabels.names) {
+			constrainedValues[iLVs] = desc.variableLabels.constrain(
+				desc.variableLabels.names[i],
+				lvs[iLVs],
+			)
 		} else {
 			constrainedValues[iLVs] = lvs[iLVs]
 		}
diff --git a/vendor/github.com/prometheus/client_model/go/metrics.pb.go b/vendor/github.com/prometheus/client_model/go/metrics.pb.go
index 2b5bca4b9..84946b270 100644
--- a/vendor/github.com/prometheus/client_model/go/metrics.pb.go
+++ b/vendor/github.com/prometheus/client_model/go/metrics.pb.go
@@ -215,8 +215,9 @@ type Counter struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 
-	Value    *float64  `protobuf:"fixed64,1,opt,name=value" json:"value,omitempty"`
-	Exemplar *Exemplar `protobuf:"bytes,2,opt,name=exemplar" json:"exemplar,omitempty"`
+	Value            *float64               `protobuf:"fixed64,1,opt,name=value" json:"value,omitempty"`
+	Exemplar         *Exemplar              `protobuf:"bytes,2,opt,name=exemplar" json:"exemplar,omitempty"`
+	CreatedTimestamp *timestamppb.Timestamp `protobuf:"bytes,3,opt,name=created_timestamp,json=createdTimestamp" json:"created_timestamp,omitempty"`
 }
 
 func (x *Counter) Reset() {
@@ -265,6 +266,13 @@ func (x *Counter) GetExemplar() *Exemplar {
 	return nil
 }
 
+func (x *Counter) GetCreatedTimestamp() *timestamppb.Timestamp {
+	if x != nil {
+		return x.CreatedTimestamp
+	}
+	return nil
+}
+
 type Quantile struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
@@ -325,9 +333,10 @@ type Summary struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields
 
-	SampleCount *uint64     `protobuf:"varint,1,opt,name=sample_count,json=sampleCount" json:"sample_count,omitempty"`
-	SampleSum   *float64    `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum" json:"sample_sum,omitempty"`
-	Quantile    []*Quantile `protobuf:"bytes,3,rep,name=quantile" json:"quantile,omitempty"`
+	SampleCount      *uint64                `protobuf:"varint,1,opt,name=sample_count,json=sampleCount" json:"sample_count,omitempty"`
+	SampleSum        *float64               `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum" json:"sample_sum,omitempty"`
+	Quantile         []*Quantile            `protobuf:"bytes,3,rep,name=quantile" json:"quantile,omitempty"`
+	CreatedTimestamp *timestamppb.Timestamp `protobuf:"bytes,4,opt,name=created_timestamp,json=createdTimestamp" json:"created_timestamp,omitempty"`
 }
 
 func (x *Summary) Reset() {
@@ -383,6 +392,13 @@ func (x *Summary) GetQuantile() []*Quantile {
 	return nil
 }
 
+func (x *Summary) GetCreatedTimestamp() *timestamppb.Timestamp {
+	if x != nil {
+		return x.CreatedTimestamp
+	}
+	return nil
+}
+
 type Untyped struct {
 	state         protoimpl.MessageState
 	sizeCache     protoimpl.SizeCache
@@ -439,7 +455,8 @@ type Histogram struct {
 	SampleCountFloat *float64 `protobuf:"fixed64,4,opt,name=sample_count_float,json=sampleCountFloat" json:"sample_count_float,omitempty"` // Overrides sample_count if > 0.
 	SampleSum        *float64 `protobuf:"fixed64,2,opt,name=sample_sum,json=sampleSum" json:"sample_sum,omitempty"`
 	// Buckets for the conventional histogram.
-	Bucket []*Bucket `protobuf:"bytes,3,rep,name=bucket" json:"bucket,omitempty"` // Ordered in increasing order of upper_bound, +Inf bucket is optional.
+	Bucket           []*Bucket              `protobuf:"bytes,3,rep,name=bucket" json:"bucket,omitempty"` // Ordered in increasing order of upper_bound, +Inf bucket is optional.
+	CreatedTimestamp *timestamppb.Timestamp `protobuf:"bytes,15,opt,name=created_timestamp,json=createdTimestamp" json:"created_timestamp,omitempty"`
 	// schema defines the bucket schema. Currently, valid numbers are -4 <= n <= 8.
 	// They are all for base-2 bucket schemas, where 1 is a bucket boundary in each case, and
 	// then each power of two is divided into 2^n logarithmic buckets.
@@ -525,6 +542,13 @@ func (x *Histogram) GetBucket() []*Bucket {
 	return nil
 }
 
+func (x *Histogram) GetCreatedTimestamp() *timestamppb.Timestamp {
+	if x != nil {
+		return x.CreatedTimestamp
+	}
+	return nil
+}
+
 func (x *Histogram) GetSchema() int32 {
 	if x != nil && x.Schema != nil {
 		return *x.Schema
@@ -972,137 +996,151 @@ var file_io_prometheus_client_metrics_proto_rawDesc = []byte{
 	0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x05, 0x76, 0x61, 0x6c,
 	0x75, 0x65, 0x22, 0x1d, 0x0a, 0x05, 0x47, 0x61, 0x75, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76,
 	0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75,
-	0x65, 0x22, 0x5b, 0x0a, 0x07, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x12, 0x14, 0x0a, 0x05,
-	0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c,
-	0x75, 0x65, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x18, 0x02,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74,
-	0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x78, 0x65, 0x6d,
-	0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x22, 0x3c,
-	0x0a, 0x08, 0x51, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x71, 0x75,
-	0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x08, 0x71, 0x75,
-	0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18,
-	0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0x87, 0x01, 0x0a,
-	0x07, 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x61, 0x6d, 0x70,
+	0x65, 0x22, 0xa4, 0x01, 0x0a, 0x07, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x12, 0x14, 0x0a,
+	0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61,
+	0x6c, 0x75, 0x65, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
+	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x78, 0x65,
+	0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x12,
+	0x47, 0x0a, 0x11, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73,
+	0x74, 0x61, 0x6d, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f,
+	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d,
+	0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x10, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x54,
+	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x3c, 0x0a, 0x08, 0x51, 0x75, 0x61, 0x6e,
+	0x74, 0x69, 0x6c, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x71, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x01, 0x52, 0x08, 0x71, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65,
+	0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52,
+	0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xd0, 0x01, 0x0a, 0x07, 0x53, 0x75, 0x6d, 0x6d, 0x61,
+	0x72, 0x79, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x75,
+	0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65,
+	0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x5f,
+	0x73, 0x75, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x09, 0x73, 0x61, 0x6d, 0x70, 0x6c,
+	0x65, 0x53, 0x75, 0x6d, 0x12, 0x3a, 0x0a, 0x08, 0x71, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65,
+	0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d,
+	0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x51, 0x75,
+	0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x52, 0x08, 0x71, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65,
+	0x12, 0x47, 0x0a, 0x11, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65,
+	0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x10, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64,
+	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x1f, 0x0a, 0x07, 0x55, 0x6e, 0x74,
+	0x79, 0x70, 0x65, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xac, 0x05, 0x0a, 0x09, 0x48,
+	0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x61, 0x6d, 0x70,
 	0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b,
-	0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x73,
-	0x61, 0x6d, 0x70, 0x6c, 0x65, 0x5f, 0x73, 0x75, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52,
-	0x09, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x53, 0x75, 0x6d, 0x12, 0x3a, 0x0a, 0x08, 0x71, 0x75,
-	0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69,
+	0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x2c, 0x0a, 0x12, 0x73,
+	0x61, 0x6d, 0x70, 0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61,
+	0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x01, 0x52, 0x10, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x43,
+	0x6f, 0x75, 0x6e, 0x74, 0x46, 0x6c, 0x6f, 0x61, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x61, 0x6d,
+	0x70, 0x6c, 0x65, 0x5f, 0x73, 0x75, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x09, 0x73,
+	0x61, 0x6d, 0x70, 0x6c, 0x65, 0x53, 0x75, 0x6d, 0x12, 0x34, 0x0a, 0x06, 0x62, 0x75, 0x63, 0x6b,
+	0x65, 0x74, 0x18, 0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72,
+	0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e,
+	0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x52, 0x06, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x47,
+	0x0a, 0x11, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74,
+	0x61, 0x6d, 0x70, 0x18, 0x0f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
+	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65,
+	0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x10, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x54, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x63, 0x68, 0x65, 0x6d,
+	0x61, 0x18, 0x05, 0x20, 0x01, 0x28, 0x11, 0x52, 0x06, 0x73, 0x63, 0x68, 0x65, 0x6d, 0x61, 0x12,
+	0x25, 0x0a, 0x0e, 0x7a, 0x65, 0x72, 0x6f, 0x5f, 0x74, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c,
+	0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0d, 0x7a, 0x65, 0x72, 0x6f, 0x54, 0x68, 0x72,
+	0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x7a, 0x65, 0x72, 0x6f, 0x5f, 0x63,
+	0x6f, 0x75, 0x6e, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x04, 0x52, 0x09, 0x7a, 0x65, 0x72, 0x6f,
+	0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x28, 0x0a, 0x10, 0x7a, 0x65, 0x72, 0x6f, 0x5f, 0x63, 0x6f,
+	0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x08, 0x20, 0x01, 0x28, 0x01, 0x52,
+	0x0e, 0x7a, 0x65, 0x72, 0x6f, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x46, 0x6c, 0x6f, 0x61, 0x74, 0x12,
+	0x45, 0x0a, 0x0d, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x73, 0x70, 0x61, 0x6e,
+	0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d,
+	0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x42, 0x75,
+	0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, 0x6e, 0x52, 0x0c, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69,
+	0x76, 0x65, 0x53, 0x70, 0x61, 0x6e, 0x12, 0x25, 0x0a, 0x0e, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69,
+	0x76, 0x65, 0x5f, 0x64, 0x65, 0x6c, 0x74, 0x61, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x12, 0x52, 0x0d,
+	0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x12, 0x25, 0x0a,
+	0x0e, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18,
+	0x0b, 0x20, 0x03, 0x28, 0x01, 0x52, 0x0d, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43,
+	0x6f, 0x75, 0x6e, 0x74, 0x12, 0x45, 0x0a, 0x0d, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65,
+	0x5f, 0x73, 0x70, 0x61, 0x6e, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x69, 0x6f,
+	0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x2e, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, 0x6e, 0x52, 0x0c, 0x70,
+	0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x53, 0x70, 0x61, 0x6e, 0x12, 0x25, 0x0a, 0x0e, 0x70,
+	0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x64, 0x65, 0x6c, 0x74, 0x61, 0x18, 0x0d, 0x20,
+	0x03, 0x28, 0x12, 0x52, 0x0d, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x44, 0x65, 0x6c,
+	0x74, 0x61, 0x12, 0x25, 0x0a, 0x0e, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63,
+	0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0e, 0x20, 0x03, 0x28, 0x01, 0x52, 0x0d, 0x70, 0x6f, 0x73, 0x69,
+	0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xc6, 0x01, 0x0a, 0x06, 0x42, 0x75,
+	0x63, 0x6b, 0x65, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69,
+	0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0f,
+	0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12,
+	0x34, 0x0a, 0x16, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f,
+	0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x01, 0x52,
+	0x14, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74,
+	0x46, 0x6c, 0x6f, 0x61, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x75, 0x70, 0x70, 0x65, 0x72, 0x5f, 0x62,
+	0x6f, 0x75, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0a, 0x75, 0x70, 0x70, 0x65,
+	0x72, 0x42, 0x6f, 0x75, 0x6e, 0x64, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c,
+	0x61, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72,
+	0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e,
+	0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c,
+	0x61, 0x72, 0x22, 0x3c, 0x0a, 0x0a, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, 0x6e,
+	0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x11,
+	0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x6c, 0x65, 0x6e, 0x67,
+	0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68,
+	0x22, 0x91, 0x01, 0x0a, 0x08, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x12, 0x35, 0x0a,
+	0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69,
 	0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69,
-	0x65, 0x6e, 0x74, 0x2e, 0x51, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x52, 0x08, 0x71, 0x75,
-	0x61, 0x6e, 0x74, 0x69, 0x6c, 0x65, 0x22, 0x1f, 0x0a, 0x07, 0x55, 0x6e, 0x74, 0x79, 0x70, 0x65,
-	0x64, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x01,
-	0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xe3, 0x04, 0x0a, 0x09, 0x48, 0x69, 0x73, 0x74,
-	0x6f, 0x67, 0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x5f,
-	0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b, 0x73, 0x61, 0x6d,
-	0x70, 0x6c, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x2c, 0x0a, 0x12, 0x73, 0x61, 0x6d, 0x70,
-	0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x04,
-	0x20, 0x01, 0x28, 0x01, 0x52, 0x10, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x43, 0x6f, 0x75, 0x6e,
-	0x74, 0x46, 0x6c, 0x6f, 0x61, 0x74, 0x12, 0x1d, 0x0a, 0x0a, 0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65,
-	0x5f, 0x73, 0x75, 0x6d, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x09, 0x73, 0x61, 0x6d, 0x70,
-	0x6c, 0x65, 0x53, 0x75, 0x6d, 0x12, 0x34, 0x0a, 0x06, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x18,
-	0x03, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
-	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x42, 0x75, 0x63,
-	0x6b, 0x65, 0x74, 0x52, 0x06, 0x62, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73,
-	0x63, 0x68, 0x65, 0x6d, 0x61, 0x18, 0x05, 0x20, 0x01, 0x28, 0x11, 0x52, 0x06, 0x73, 0x63, 0x68,
-	0x65, 0x6d, 0x61, 0x12, 0x25, 0x0a, 0x0e, 0x7a, 0x65, 0x72, 0x6f, 0x5f, 0x74, 0x68, 0x72, 0x65,
-	0x73, 0x68, 0x6f, 0x6c, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0d, 0x7a, 0x65, 0x72,
-	0x6f, 0x54, 0x68, 0x72, 0x65, 0x73, 0x68, 0x6f, 0x6c, 0x64, 0x12, 0x1d, 0x0a, 0x0a, 0x7a, 0x65,
-	0x72, 0x6f, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x07, 0x20, 0x01, 0x28, 0x04, 0x52, 0x09,
-	0x7a, 0x65, 0x72, 0x6f, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x28, 0x0a, 0x10, 0x7a, 0x65, 0x72,
-	0x6f, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x08, 0x20,
-	0x01, 0x28, 0x01, 0x52, 0x0e, 0x7a, 0x65, 0x72, 0x6f, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x46, 0x6c,
-	0x6f, 0x61, 0x74, 0x12, 0x45, 0x0a, 0x0d, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f,
-	0x73, 0x70, 0x61, 0x6e, 0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x69, 0x6f, 0x2e,
+	0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, 0x72, 0x52, 0x05, 0x6c,
+	0x61, 0x62, 0x65, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73,
+	0x74, 0x61, 0x6d, 0x70, 0x22, 0xff, 0x02, 0x0a, 0x06, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x12,
+	0x35, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f,
+	0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63,
+	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, 0x72, 0x52,
+	0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x31, 0x0a, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
+	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x47, 0x61, 0x75,
+	0x67, 0x65, 0x52, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x12, 0x37, 0x0a, 0x07, 0x63, 0x6f, 0x75,
+	0x6e, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e,
 	0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e,
-	0x74, 0x2e, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, 0x6e, 0x52, 0x0c, 0x6e, 0x65,
-	0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x53, 0x70, 0x61, 0x6e, 0x12, 0x25, 0x0a, 0x0e, 0x6e, 0x65,
-	0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x64, 0x65, 0x6c, 0x74, 0x61, 0x18, 0x0a, 0x20, 0x03,
-	0x28, 0x12, 0x52, 0x0d, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x44, 0x65, 0x6c, 0x74,
-	0x61, 0x12, 0x25, 0x0a, 0x0e, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f,
-	0x75, 0x6e, 0x74, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x01, 0x52, 0x0d, 0x6e, 0x65, 0x67, 0x61, 0x74,
-	0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x45, 0x0a, 0x0d, 0x70, 0x6f, 0x73, 0x69,
-	0x74, 0x69, 0x76, 0x65, 0x5f, 0x73, 0x70, 0x61, 0x6e, 0x18, 0x0c, 0x20, 0x03, 0x28, 0x0b, 0x32,
-	0x20, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e,
-	0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61,
-	0x6e, 0x52, 0x0c, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x53, 0x70, 0x61, 0x6e, 0x12,
-	0x25, 0x0a, 0x0e, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x64, 0x65, 0x6c, 0x74,
-	0x61, 0x18, 0x0d, 0x20, 0x03, 0x28, 0x12, 0x52, 0x0d, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76,
-	0x65, 0x44, 0x65, 0x6c, 0x74, 0x61, 0x12, 0x25, 0x0a, 0x0e, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69,
-	0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0e, 0x20, 0x03, 0x28, 0x01, 0x52, 0x0d,
-	0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xc6, 0x01,
-	0x0a, 0x06, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x75, 0x6d, 0x75,
-	0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01,
-	0x28, 0x04, 0x52, 0x0f, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f,
-	0x75, 0x6e, 0x74, 0x12, 0x34, 0x0a, 0x16, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76,
-	0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x04, 0x20,
-	0x01, 0x28, 0x01, 0x52, 0x14, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43,
-	0x6f, 0x75, 0x6e, 0x74, 0x46, 0x6c, 0x6f, 0x61, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x75, 0x70, 0x70,
-	0x65, 0x72, 0x5f, 0x62, 0x6f, 0x75, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0a,
-	0x75, 0x70, 0x70, 0x65, 0x72, 0x42, 0x6f, 0x75, 0x6e, 0x64, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78,
-	0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69,
+	0x74, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x52, 0x07, 0x63, 0x6f, 0x75, 0x6e, 0x74,
+	0x65, 0x72, 0x12, 0x37, 0x0a, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68,
+	0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x53, 0x75, 0x6d, 0x6d, 0x61,
+	0x72, 0x79, 0x52, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x37, 0x0a, 0x07, 0x75,
+	0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69,
 	0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69,
-	0x65, 0x6e, 0x74, 0x2e, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78,
-	0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x22, 0x3c, 0x0a, 0x0a, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74,
-	0x53, 0x70, 0x61, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x11, 0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06,
-	0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x6c, 0x65,
-	0x6e, 0x67, 0x74, 0x68, 0x22, 0x91, 0x01, 0x0a, 0x08, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61,
-	0x72, 0x12, 0x35, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b,
-	0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73,
-	0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69,
-	0x72, 0x52, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75,
-	0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x38,
-	0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28,
-	0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2e, 0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74,
-	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0xff, 0x02, 0x0a, 0x06, 0x4d, 0x65, 0x74,
-	0x72, 0x69, 0x63, 0x12, 0x35, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03,
-	0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65,
-	0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50,
-	0x61, 0x69, 0x72, 0x52, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x31, 0x0a, 0x05, 0x67, 0x61,
-	0x75, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x69, 0x6f, 0x2e, 0x70,
-	0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x2e, 0x47, 0x61, 0x75, 0x67, 0x65, 0x52, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x12, 0x37, 0x0a,
-	0x07, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d,
-	0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63,
-	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x52, 0x07, 0x63,
-	0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x12, 0x37, 0x0a, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72,
-	0x79, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f,
-	0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x53,
-	0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x52, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12,
-	0x37, 0x0a, 0x07, 0x75, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73,
-	0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x55, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x52,
-	0x07, 0x75, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x12, 0x3d, 0x0a, 0x09, 0x68, 0x69, 0x73, 0x74,
-	0x6f, 0x67, 0x72, 0x61, 0x6d, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f,
-	0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65,
-	0x6e, 0x74, 0x2e, 0x48, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x52, 0x09, 0x68, 0x69,
-	0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x73,
-	0x74, 0x61, 0x6d, 0x70, 0x5f, 0x6d, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x74,
-	0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x4d, 0x73, 0x22, 0xa2, 0x01, 0x0a, 0x0c, 0x4d,
-	0x65, 0x74, 0x72, 0x69, 0x63, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
-	0x12, 0x0a, 0x04, 0x68, 0x65, 0x6c, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68,
-	0x65, 0x6c, 0x70, 0x12, 0x34, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28,
-	0x0e, 0x32, 0x20, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75,
-	0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54,
-	0x79, 0x70, 0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x34, 0x0a, 0x06, 0x6d, 0x65, 0x74,
-	0x72, 0x69, 0x63, 0x18, 0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70,
-	0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x2a,
-	0x62, 0x0a, 0x0a, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a,
-	0x07, 0x43, 0x4f, 0x55, 0x4e, 0x54, 0x45, 0x52, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x47, 0x41,
-	0x55, 0x47, 0x45, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x53, 0x55, 0x4d, 0x4d, 0x41, 0x52, 0x59,
-	0x10, 0x02, 0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x54, 0x59, 0x50, 0x45, 0x44, 0x10, 0x03, 0x12,
-	0x0d, 0x0a, 0x09, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x04, 0x12, 0x13,
-	0x0a, 0x0f, 0x47, 0x41, 0x55, 0x47, 0x45, 0x5f, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41,
-	0x4d, 0x10, 0x05, 0x42, 0x52, 0x0a, 0x14, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74,
-	0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5a, 0x3a, 0x67, 0x69, 0x74,
-	0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65,
-	0x75, 0x73, 0x2f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x2f,
-	0x67, 0x6f, 0x3b, 0x69, 0x6f, 0x5f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73,
-	0x5f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x65, 0x6e, 0x74, 0x2e, 0x55, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x52, 0x07, 0x75, 0x6e, 0x74,
+	0x79, 0x70, 0x65, 0x64, 0x12, 0x3d, 0x0a, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61,
+	0x6d, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f,
+	0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x48,
+	0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x52, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67,
+	0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
+	0x5f, 0x6d, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x73,
+	0x74, 0x61, 0x6d, 0x70, 0x4d, 0x73, 0x22, 0xa2, 0x01, 0x0a, 0x0c, 0x4d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x68,
+	0x65, 0x6c, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x65, 0x6c, 0x70, 0x12,
+	0x34, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e,
+	0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c,
+	0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x52,
+	0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x34, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x18,
+	0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
+	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74,
+	0x72, 0x69, 0x63, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x2a, 0x62, 0x0a, 0x0a, 0x4d,
+	0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x43, 0x4f, 0x55,
+	0x4e, 0x54, 0x45, 0x52, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x47, 0x41, 0x55, 0x47, 0x45, 0x10,
+	0x01, 0x12, 0x0b, 0x0a, 0x07, 0x53, 0x55, 0x4d, 0x4d, 0x41, 0x52, 0x59, 0x10, 0x02, 0x12, 0x0b,
+	0x0a, 0x07, 0x55, 0x4e, 0x54, 0x59, 0x50, 0x45, 0x44, 0x10, 0x03, 0x12, 0x0d, 0x0a, 0x09, 0x48,
+	0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x04, 0x12, 0x13, 0x0a, 0x0f, 0x47, 0x41,
+	0x55, 0x47, 0x45, 0x5f, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x05, 0x42,
+	0x52, 0x0a, 0x14, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73,
+	0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5a, 0x3a, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2f, 0x63,
+	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x2f, 0x67, 0x6f, 0x3b, 0x69,
+	0x6f, 0x5f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x5f, 0x63, 0x6c, 0x69,
+	0x65, 0x6e, 0x74,
 }
 
 var (
@@ -1137,26 +1175,29 @@ var file_io_prometheus_client_metrics_proto_goTypes = []interface{}{
 }
 var file_io_prometheus_client_metrics_proto_depIdxs = []int32{
 	10, // 0: io.prometheus.client.Counter.exemplar:type_name -> io.prometheus.client.Exemplar
-	4,  // 1: io.prometheus.client.Summary.quantile:type_name -> io.prometheus.client.Quantile
-	8,  // 2: io.prometheus.client.Histogram.bucket:type_name -> io.prometheus.client.Bucket
-	9,  // 3: io.prometheus.client.Histogram.negative_span:type_name -> io.prometheus.client.BucketSpan
-	9,  // 4: io.prometheus.client.Histogram.positive_span:type_name -> io.prometheus.client.BucketSpan
-	10, // 5: io.prometheus.client.Bucket.exemplar:type_name -> io.prometheus.client.Exemplar
-	1,  // 6: io.prometheus.client.Exemplar.label:type_name -> io.prometheus.client.LabelPair
-	13, // 7: io.prometheus.client.Exemplar.timestamp:type_name -> google.protobuf.Timestamp
-	1,  // 8: io.prometheus.client.Metric.label:type_name -> io.prometheus.client.LabelPair
-	2,  // 9: io.prometheus.client.Metric.gauge:type_name -> io.prometheus.client.Gauge
-	3,  // 10: io.prometheus.client.Metric.counter:type_name -> io.prometheus.client.Counter
-	5,  // 11: io.prometheus.client.Metric.summary:type_name -> io.prometheus.client.Summary
-	6,  // 12: io.prometheus.client.Metric.untyped:type_name -> io.prometheus.client.Untyped
-	7,  // 13: io.prometheus.client.Metric.histogram:type_name -> io.prometheus.client.Histogram
-	0,  // 14: io.prometheus.client.MetricFamily.type:type_name -> io.prometheus.client.MetricType
-	11, // 15: io.prometheus.client.MetricFamily.metric:type_name -> io.prometheus.client.Metric
-	16, // [16:16] is the sub-list for method output_type
-	16, // [16:16] is the sub-list for method input_type
-	16, // [16:16] is the sub-list for extension type_name
-	16, // [16:16] is the sub-list for extension extendee
-	0,  // [0:16] is the sub-list for field type_name
+	13, // 1: io.prometheus.client.Counter.created_timestamp:type_name -> google.protobuf.Timestamp
+	4,  // 2: io.prometheus.client.Summary.quantile:type_name -> io.prometheus.client.Quantile
+	13, // 3: io.prometheus.client.Summary.created_timestamp:type_name -> google.protobuf.Timestamp
+	8,  // 4: io.prometheus.client.Histogram.bucket:type_name -> io.prometheus.client.Bucket
+	13, // 5: io.prometheus.client.Histogram.created_timestamp:type_name -> google.protobuf.Timestamp
+	9,  // 6: io.prometheus.client.Histogram.negative_span:type_name -> io.prometheus.client.BucketSpan
+	9,  // 7: io.prometheus.client.Histogram.positive_span:type_name -> io.prometheus.client.BucketSpan
+	10, // 8: io.prometheus.client.Bucket.exemplar:type_name -> io.prometheus.client.Exemplar
+	1,  // 9: io.prometheus.client.Exemplar.label:type_name -> io.prometheus.client.LabelPair
+	13, // 10: io.prometheus.client.Exemplar.timestamp:type_name -> google.protobuf.Timestamp
+	1,  // 11: io.prometheus.client.Metric.label:type_name -> io.prometheus.client.LabelPair
+	2,  // 12: io.prometheus.client.Metric.gauge:type_name -> io.prometheus.client.Gauge
+	3,  // 13: io.prometheus.client.Metric.counter:type_name -> io.prometheus.client.Counter
+	5,  // 14: io.prometheus.client.Metric.summary:type_name -> io.prometheus.client.Summary
+	6,  // 15: io.prometheus.client.Metric.untyped:type_name -> io.prometheus.client.Untyped
+	7,  // 16: io.prometheus.client.Metric.histogram:type_name -> io.prometheus.client.Histogram
+	0,  // 17: io.prometheus.client.MetricFamily.type:type_name -> io.prometheus.client.MetricType
+	11, // 18: io.prometheus.client.MetricFamily.metric:type_name -> io.prometheus.client.Metric
+	19, // [19:19] is the sub-list for method output_type
+	19, // [19:19] is the sub-list for method input_type
+	19, // [19:19] is the sub-list for extension type_name
+	19, // [19:19] is the sub-list for extension extendee
+	0,  // [0:19] is the sub-list for field type_name
 }
 
 func init() { file_io_prometheus_client_metrics_proto_init() }
diff --git a/vendor/github.com/prometheus/common/expfmt/decode.go b/vendor/github.com/prometheus/common/expfmt/decode.go
index f4fc88455..906397815 100644
--- a/vendor/github.com/prometheus/common/expfmt/decode.go
+++ b/vendor/github.com/prometheus/common/expfmt/decode.go
@@ -132,7 +132,10 @@ func (d *textDecoder) Decode(v *dto.MetricFamily) error {
 	}
 	// Pick off one MetricFamily per Decode until there's nothing left.
 	for key, fam := range d.fams {
-		*v = *fam
+		v.Name = fam.Name
+		v.Help = fam.Help
+		v.Type = fam.Type
+		v.Metric = fam.Metric
 		delete(d.fams, key)
 		return nil
 	}
diff --git a/vendor/github.com/prometheus/common/expfmt/encode.go b/vendor/github.com/prometheus/common/expfmt/encode.go
index 64dc0eb40..7f611ffaa 100644
--- a/vendor/github.com/prometheus/common/expfmt/encode.go
+++ b/vendor/github.com/prometheus/common/expfmt/encode.go
@@ -18,9 +18,9 @@ import (
 	"io"
 	"net/http"
 
-	"github.com/golang/protobuf/proto" //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility.
 	"github.com/matttproud/golang_protobuf_extensions/pbutil"
 	"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg"
+	"google.golang.org/protobuf/encoding/prototext"
 
 	dto "github.com/prometheus/client_model/go"
 )
@@ -99,8 +99,11 @@ func NegotiateIncludingOpenMetrics(h http.Header) Format {
 		if ac.Type == "text" && ac.SubType == "plain" && (ver == TextVersion || ver == "") {
 			return FmtText
 		}
-		if ac.Type+"/"+ac.SubType == OpenMetricsType && (ver == OpenMetricsVersion || ver == "") {
-			return FmtOpenMetrics
+		if ac.Type+"/"+ac.SubType == OpenMetricsType && (ver == OpenMetricsVersion_0_0_1 || ver == OpenMetricsVersion_1_0_0 || ver == "") {
+			if ver == OpenMetricsVersion_1_0_0 {
+				return FmtOpenMetrics_1_0_0
+			}
+			return FmtOpenMetrics_0_0_1
 		}
 	}
 	return FmtText
@@ -133,7 +136,7 @@ func NewEncoder(w io.Writer, format Format) Encoder {
 	case FmtProtoText:
 		return encoderCloser{
 			encode: func(v *dto.MetricFamily) error {
-				_, err := fmt.Fprintln(w, proto.MarshalTextString(v))
+				_, err := fmt.Fprintln(w, prototext.Format(v))
 				return err
 			},
 			close: func() error { return nil },
@@ -146,7 +149,7 @@ func NewEncoder(w io.Writer, format Format) Encoder {
 			},
 			close: func() error { return nil },
 		}
-	case FmtOpenMetrics:
+	case FmtOpenMetrics_0_0_1, FmtOpenMetrics_1_0_0:
 		return encoderCloser{
 			encode: func(v *dto.MetricFamily) error {
 				_, err := MetricFamilyToOpenMetrics(w, v)
diff --git a/vendor/github.com/prometheus/common/expfmt/expfmt.go b/vendor/github.com/prometheus/common/expfmt/expfmt.go
index 0f176fa64..c4cb20f0d 100644
--- a/vendor/github.com/prometheus/common/expfmt/expfmt.go
+++ b/vendor/github.com/prometheus/common/expfmt/expfmt.go
@@ -19,20 +19,22 @@ type Format string
 
 // Constants to assemble the Content-Type values for the different wire protocols.
 const (
-	TextVersion        = "0.0.4"
-	ProtoType          = `application/vnd.google.protobuf`
-	ProtoProtocol      = `io.prometheus.client.MetricFamily`
-	ProtoFmt           = ProtoType + "; proto=" + ProtoProtocol + ";"
-	OpenMetricsType    = `application/openmetrics-text`
-	OpenMetricsVersion = "0.0.1"
+	TextVersion              = "0.0.4"
+	ProtoType                = `application/vnd.google.protobuf`
+	ProtoProtocol            = `io.prometheus.client.MetricFamily`
+	ProtoFmt                 = ProtoType + "; proto=" + ProtoProtocol + ";"
+	OpenMetricsType          = `application/openmetrics-text`
+	OpenMetricsVersion_0_0_1 = "0.0.1"
+	OpenMetricsVersion_1_0_0 = "1.0.0"
 
 	// The Content-Type values for the different wire protocols.
-	FmtUnknown      Format = ``
-	FmtText         Format = `text/plain; version=` + TextVersion + `; charset=utf-8`
-	FmtProtoDelim   Format = ProtoFmt + ` encoding=delimited`
-	FmtProtoText    Format = ProtoFmt + ` encoding=text`
-	FmtProtoCompact Format = ProtoFmt + ` encoding=compact-text`
-	FmtOpenMetrics  Format = OpenMetricsType + `; version=` + OpenMetricsVersion + `; charset=utf-8`
+	FmtUnknown           Format = ``
+	FmtText              Format = `text/plain; version=` + TextVersion + `; charset=utf-8`
+	FmtProtoDelim        Format = ProtoFmt + ` encoding=delimited`
+	FmtProtoText         Format = ProtoFmt + ` encoding=text`
+	FmtProtoCompact      Format = ProtoFmt + ` encoding=compact-text`
+	FmtOpenMetrics_1_0_0 Format = OpenMetricsType + `; version=` + OpenMetricsVersion_1_0_0 + `; charset=utf-8`
+	FmtOpenMetrics_0_0_1 Format = OpenMetricsType + `; version=` + OpenMetricsVersion_0_0_1 + `; charset=utf-8`
 )
 
 const (
diff --git a/vendor/github.com/prometheus/common/expfmt/text_parse.go b/vendor/github.com/prometheus/common/expfmt/text_parse.go
index ac2482782..35db1cc9d 100644
--- a/vendor/github.com/prometheus/common/expfmt/text_parse.go
+++ b/vendor/github.com/prometheus/common/expfmt/text_parse.go
@@ -24,8 +24,8 @@ import (
 
 	dto "github.com/prometheus/client_model/go"
 
-	"github.com/golang/protobuf/proto" //nolint:staticcheck // Ignore SA1019. Need to keep deprecated package for compatibility.
 	"github.com/prometheus/common/model"
+	"google.golang.org/protobuf/proto"
 )
 
 // A stateFn is a function that represents a state in a state machine. By
diff --git a/vendor/github.com/prometheus/procfs/.golangci.yml b/vendor/github.com/prometheus/procfs/.golangci.yml
index a197699a1..c24864a92 100644
--- a/vendor/github.com/prometheus/procfs/.golangci.yml
+++ b/vendor/github.com/prometheus/procfs/.golangci.yml
@@ -2,6 +2,7 @@
 linters:
   enable:
   - godot
+  - misspell
   - revive
 
 linter-settings:
@@ -10,3 +11,5 @@ linter-settings:
     exclude:
     # Ignore "See: URL"
     - 'See:'
+  misspell:
+    locale: US
diff --git a/vendor/github.com/prometheus/procfs/Makefile.common b/vendor/github.com/prometheus/procfs/Makefile.common
index b111d2562..0ce7ea461 100644
--- a/vendor/github.com/prometheus/procfs/Makefile.common
+++ b/vendor/github.com/prometheus/procfs/Makefile.common
@@ -49,19 +49,19 @@ endif
 GOTEST := $(GO) test
 GOTEST_DIR :=
 ifneq ($(CIRCLE_JOB),)
-ifneq ($(shell which gotestsum),)
+ifneq ($(shell command -v gotestsum > /dev/null),)
 	GOTEST_DIR := test-results
 	GOTEST := gotestsum --junitfile $(GOTEST_DIR)/unit-tests.xml --
 endif
 endif
 
-PROMU_VERSION ?= 0.14.0
+PROMU_VERSION ?= 0.15.0
 PROMU_URL     := https://github.com/prometheus/promu/releases/download/v$(PROMU_VERSION)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM).tar.gz
 
 SKIP_GOLANGCI_LINT :=
 GOLANGCI_LINT :=
 GOLANGCI_LINT_OPTS ?=
-GOLANGCI_LINT_VERSION ?= v1.51.2
+GOLANGCI_LINT_VERSION ?= v1.53.3
 # golangci-lint only supports linux, darwin and windows platforms on i386/amd64.
 # windows isn't included here because of the path separator being different.
 ifeq ($(GOHOSTOS),$(filter $(GOHOSTOS),linux darwin))
@@ -178,7 +178,7 @@ endif
 .PHONY: common-yamllint
 common-yamllint:
 	@echo ">> running yamllint on all YAML files in the repository"
-ifeq (, $(shell which yamllint))
+ifeq (, $(shell command -v yamllint > /dev/null))
 	@echo "yamllint not installed so skipping"
 else
 	yamllint .
diff --git a/vendor/github.com/prometheus/procfs/README.md b/vendor/github.com/prometheus/procfs/README.md
index 43c37735a..1224816c2 100644
--- a/vendor/github.com/prometheus/procfs/README.md
+++ b/vendor/github.com/prometheus/procfs/README.md
@@ -51,11 +51,11 @@ ensure the `fixtures` directory is up to date by removing the existing directory
 extracting the ttar file using `make fixtures/.unpacked` or just `make test`.
 
 ```bash
-rm -rf fixtures
+rm -rf testdata/fixtures
 make test
 ```
 
 Next, make the required changes to the extracted files in the `fixtures` directory.  When
 the changes are complete, run `make update_fixtures` to create a new `fixtures.ttar` file
 based on the updated `fixtures` directory.  And finally, verify the changes using
-`git diff fixtures.ttar`.
+`git diff testdata/fixtures.ttar`.
diff --git a/vendor/github.com/prometheus/procfs/arp.go b/vendor/github.com/prometheus/procfs/arp.go
index 68f36e888..28783e2dd 100644
--- a/vendor/github.com/prometheus/procfs/arp.go
+++ b/vendor/github.com/prometheus/procfs/arp.go
@@ -55,7 +55,7 @@ type ARPEntry struct {
 func (fs FS) GatherARPEntries() ([]ARPEntry, error) {
 	data, err := os.ReadFile(fs.proc.Path("net/arp"))
 	if err != nil {
-		return nil, fmt.Errorf("error reading arp %q: %w", fs.proc.Path("net/arp"), err)
+		return nil, fmt.Errorf("%s: error reading arp %s: %w", ErrFileRead, fs.proc.Path("net/arp"), err)
 	}
 
 	return parseARPEntries(data)
@@ -78,11 +78,11 @@ func parseARPEntries(data []byte) ([]ARPEntry, error) {
 		} else if width == expectedDataWidth {
 			entry, err := parseARPEntry(columns)
 			if err != nil {
-				return []ARPEntry{}, fmt.Errorf("failed to parse ARP entry: %w", err)
+				return []ARPEntry{}, fmt.Errorf("%s: Failed to parse ARP entry: %v: %w", ErrFileParse, entry, err)
 			}
 			entries = append(entries, entry)
 		} else {
-			return []ARPEntry{}, fmt.Errorf("%d columns were detected, but %d were expected", width, expectedDataWidth)
+			return []ARPEntry{}, fmt.Errorf("%s: %d columns found, but expected %d: %w", ErrFileParse, width, expectedDataWidth, err)
 		}
 
 	}
diff --git a/vendor/github.com/prometheus/procfs/buddyinfo.go b/vendor/github.com/prometheus/procfs/buddyinfo.go
index f5b7939b2..4a173636c 100644
--- a/vendor/github.com/prometheus/procfs/buddyinfo.go
+++ b/vendor/github.com/prometheus/procfs/buddyinfo.go
@@ -55,7 +55,7 @@ func parseBuddyInfo(r io.Reader) ([]BuddyInfo, error) {
 		parts := strings.Fields(line)
 
 		if len(parts) < 4 {
-			return nil, fmt.Errorf("invalid number of fields when parsing buddyinfo")
+			return nil, fmt.Errorf("%w: Invalid number of fields, found: %v", ErrFileParse, parts)
 		}
 
 		node := strings.TrimRight(parts[1], ",")
@@ -66,7 +66,7 @@ func parseBuddyInfo(r io.Reader) ([]BuddyInfo, error) {
 			bucketCount = arraySize
 		} else {
 			if bucketCount != arraySize {
-				return nil, fmt.Errorf("mismatch in number of buddyinfo buckets, previous count %d, new count %d", bucketCount, arraySize)
+				return nil, fmt.Errorf("%w: mismatch in number of buddyinfo buckets, previous count %d, new count %d", ErrFileParse, bucketCount, arraySize)
 			}
 		}
 
@@ -74,7 +74,7 @@ func parseBuddyInfo(r io.Reader) ([]BuddyInfo, error) {
 		for i := 0; i < arraySize; i++ {
 			sizes[i], err = strconv.ParseFloat(parts[i+4], 64)
 			if err != nil {
-				return nil, fmt.Errorf("invalid value in buddyinfo: %w", err)
+				return nil, fmt.Errorf("%s: Invalid valid in buddyinfo: %f: %w", ErrFileParse, sizes[i], err)
 			}
 		}
 
diff --git a/vendor/github.com/prometheus/procfs/cpuinfo.go b/vendor/github.com/prometheus/procfs/cpuinfo.go
index 06968ca2e..f4f5501c6 100644
--- a/vendor/github.com/prometheus/procfs/cpuinfo.go
+++ b/vendor/github.com/prometheus/procfs/cpuinfo.go
@@ -79,7 +79,7 @@ func parseCPUInfoX86(info []byte) ([]CPUInfo, error) {
 	// find the first "processor" line
 	firstLine := firstNonEmptyLine(scanner)
 	if !strings.HasPrefix(firstLine, "processor") || !strings.Contains(firstLine, ":") {
-		return nil, fmt.Errorf("invalid cpuinfo file: %q", firstLine)
+		return nil, fmt.Errorf("%w: Cannot parse  line: %q", ErrFileParse, firstLine)
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
 	v, err := strconv.ParseUint(field[1], 0, 32)
@@ -192,9 +192,10 @@ func parseCPUInfoARM(info []byte) ([]CPUInfo, error) {
 	scanner := bufio.NewScanner(bytes.NewReader(info))
 
 	firstLine := firstNonEmptyLine(scanner)
-	match, _ := regexp.MatchString("^[Pp]rocessor", firstLine)
+	match, err := regexp.MatchString("^[Pp]rocessor", firstLine)
 	if !match || !strings.Contains(firstLine, ":") {
-		return nil, fmt.Errorf("invalid cpuinfo file: %q", firstLine)
+		return nil, fmt.Errorf("%s: Cannot parse line: %q: %w", ErrFileParse, firstLine, err)
+
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
 	cpuinfo := []CPUInfo{}
@@ -258,7 +259,7 @@ func parseCPUInfoS390X(info []byte) ([]CPUInfo, error) {
 
 	firstLine := firstNonEmptyLine(scanner)
 	if !strings.HasPrefix(firstLine, "vendor_id") || !strings.Contains(firstLine, ":") {
-		return nil, fmt.Errorf("invalid cpuinfo file: %q", firstLine)
+		return nil, fmt.Errorf("%w: Cannot parse line: %q", ErrFileParse, firstLine)
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
 	cpuinfo := []CPUInfo{}
@@ -283,7 +284,7 @@ func parseCPUInfoS390X(info []byte) ([]CPUInfo, error) {
 		if strings.HasPrefix(line, "processor") {
 			match := cpuinfoS390XProcessorRegexp.FindStringSubmatch(line)
 			if len(match) < 2 {
-				return nil, fmt.Errorf("invalid cpuinfo file: %q", firstLine)
+				return nil, fmt.Errorf("%w: %q", ErrFileParse, firstLine)
 			}
 			cpu := commonCPUInfo
 			v, err := strconv.ParseUint(match[1], 0, 32)
@@ -343,7 +344,7 @@ func parseCPUInfoMips(info []byte) ([]CPUInfo, error) {
 	// find the first "processor" line
 	firstLine := firstNonEmptyLine(scanner)
 	if !strings.HasPrefix(firstLine, "system type") || !strings.Contains(firstLine, ":") {
-		return nil, fmt.Errorf("invalid cpuinfo file: %q", firstLine)
+		return nil, fmt.Errorf("%w: %q", ErrFileParse, firstLine)
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
 	cpuinfo := []CPUInfo{}
@@ -421,7 +422,7 @@ func parseCPUInfoPPC(info []byte) ([]CPUInfo, error) {
 
 	firstLine := firstNonEmptyLine(scanner)
 	if !strings.HasPrefix(firstLine, "processor") || !strings.Contains(firstLine, ":") {
-		return nil, fmt.Errorf("invalid cpuinfo file: %q", firstLine)
+		return nil, fmt.Errorf("%w: %q", ErrFileParse, firstLine)
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
 	v, err := strconv.ParseUint(field[1], 0, 32)
@@ -466,7 +467,7 @@ func parseCPUInfoRISCV(info []byte) ([]CPUInfo, error) {
 
 	firstLine := firstNonEmptyLine(scanner)
 	if !strings.HasPrefix(firstLine, "processor") || !strings.Contains(firstLine, ":") {
-		return nil, fmt.Errorf("invalid cpuinfo file: %q", firstLine)
+		return nil, fmt.Errorf("%w: %q", ErrFileParse, firstLine)
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
 	v, err := strconv.ParseUint(field[1], 0, 32)
diff --git a/vendor/github.com/prometheus/procfs/crypto.go b/vendor/github.com/prometheus/procfs/crypto.go
index 5048ad1f2..9a73e2639 100644
--- a/vendor/github.com/prometheus/procfs/crypto.go
+++ b/vendor/github.com/prometheus/procfs/crypto.go
@@ -55,12 +55,13 @@ func (fs FS) Crypto() ([]Crypto, error) {
 	path := fs.proc.Path("crypto")
 	b, err := util.ReadFileNoStat(path)
 	if err != nil {
-		return nil, fmt.Errorf("error reading crypto %q: %w", path, err)
+		return nil, fmt.Errorf("%s: Cannot read file %v: %w", ErrFileRead, b, err)
+
 	}
 
 	crypto, err := parseCrypto(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("error parsing crypto %q: %w", path, err)
+		return nil, fmt.Errorf("%s: Cannot parse %v: %w", ErrFileParse, crypto, err)
 	}
 
 	return crypto, nil
@@ -83,7 +84,7 @@ func parseCrypto(r io.Reader) ([]Crypto, error) {
 
 		kv := strings.Split(text, ":")
 		if len(kv) != 2 {
-			return nil, fmt.Errorf("malformed crypto line: %q", text)
+			return nil, fmt.Errorf("%w: Cannot parae line: %q", ErrFileParse, text)
 		}
 
 		k := strings.TrimSpace(kv[0])
diff --git a/vendor/github.com/prometheus/procfs/fs.go b/vendor/github.com/prometheus/procfs/fs.go
index 60c551e02..4980c875b 100644
--- a/vendor/github.com/prometheus/procfs/fs.go
+++ b/vendor/github.com/prometheus/procfs/fs.go
@@ -20,8 +20,8 @@ import (
 // FS represents the pseudo-filesystem sys, which provides an interface to
 // kernel data structures.
 type FS struct {
-	proc fs.FS
-	real bool
+	proc   fs.FS
+	isReal bool
 }
 
 // DefaultMountPoint is the common mount point of the proc filesystem.
@@ -41,10 +41,10 @@ func NewFS(mountPoint string) (FS, error) {
 		return FS{}, err
 	}
 
-	real, err := isRealProc(mountPoint)
+	isReal, err := isRealProc(mountPoint)
 	if err != nil {
 		return FS{}, err
 	}
 
-	return FS{fs, real}, nil
+	return FS{fs, isReal}, nil
 }
diff --git a/vendor/github.com/prometheus/procfs/fs_statfs_notype.go b/vendor/github.com/prometheus/procfs/fs_statfs_notype.go
index 800576968..13d74e395 100644
--- a/vendor/github.com/prometheus/procfs/fs_statfs_notype.go
+++ b/vendor/github.com/prometheus/procfs/fs_statfs_notype.go
@@ -11,8 +11,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-//go:build netbsd || openbsd || solaris || windows
-// +build netbsd openbsd solaris windows
+//go:build netbsd || openbsd || solaris || windows || nostatfs
+// +build netbsd openbsd solaris windows nostatfs
 
 package procfs
 
diff --git a/vendor/github.com/prometheus/procfs/fs_statfs_type.go b/vendor/github.com/prometheus/procfs/fs_statfs_type.go
index 6233217ad..bee151445 100644
--- a/vendor/github.com/prometheus/procfs/fs_statfs_type.go
+++ b/vendor/github.com/prometheus/procfs/fs_statfs_type.go
@@ -11,8 +11,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-//go:build !netbsd && !openbsd && !solaris && !windows
-// +build !netbsd,!openbsd,!solaris,!windows
+//go:build !netbsd && !openbsd && !solaris && !windows && !nostatfs
+// +build !netbsd,!openbsd,!solaris,!windows,!nostatfs
 
 package procfs
 
diff --git a/vendor/github.com/prometheus/procfs/fscache.go b/vendor/github.com/prometheus/procfs/fscache.go
index f8070e6e2..f560a8db3 100644
--- a/vendor/github.com/prometheus/procfs/fscache.go
+++ b/vendor/github.com/prometheus/procfs/fscache.go
@@ -236,7 +236,7 @@ func (fs FS) Fscacheinfo() (Fscacheinfo, error) {
 
 	m, err := parseFscacheinfo(bytes.NewReader(b))
 	if err != nil {
-		return Fscacheinfo{}, fmt.Errorf("failed to parse Fscacheinfo: %w", err)
+		return Fscacheinfo{}, fmt.Errorf("%s: Cannot parse %v: %w", ErrFileParse, m, err)
 	}
 
 	return *m, nil
@@ -245,7 +245,7 @@ func (fs FS) Fscacheinfo() (Fscacheinfo, error) {
 func setFSCacheFields(fields []string, setFields ...*uint64) error {
 	var err error
 	if len(fields) < len(setFields) {
-		return fmt.Errorf("Insufficient number of fields, expected %v, got %v", len(setFields), len(fields))
+		return fmt.Errorf("%s: Expected %d, but got %d: %w", ErrFileParse, len(setFields), len(fields), err)
 	}
 
 	for i := range setFields {
@@ -263,7 +263,7 @@ func parseFscacheinfo(r io.Reader) (*Fscacheinfo, error) {
 	for s.Scan() {
 		fields := strings.Fields(s.Text())
 		if len(fields) < 2 {
-			return nil, fmt.Errorf("malformed Fscacheinfo line: %q", s.Text())
+			return nil, fmt.Errorf("%w: malformed Fscacheinfo line: %q", ErrFileParse, s.Text())
 		}
 
 		switch fields[0] {
diff --git a/vendor/github.com/prometheus/procfs/ipvs.go b/vendor/github.com/prometheus/procfs/ipvs.go
index 391c07957..5a145bbfe 100644
--- a/vendor/github.com/prometheus/procfs/ipvs.go
+++ b/vendor/github.com/prometheus/procfs/ipvs.go
@@ -221,15 +221,16 @@ func parseIPPort(s string) (net.IP, uint16, error) {
 	case 46:
 		ip = net.ParseIP(s[1:40])
 		if ip == nil {
-			return nil, 0, fmt.Errorf("invalid IPv6 address: %s", s[1:40])
+			return nil, 0, fmt.Errorf("%s: Invalid IPv6 addr %s: %w", ErrFileParse, s[1:40], err)
 		}
 	default:
-		return nil, 0, fmt.Errorf("unexpected IP:Port: %s", s)
+		return nil, 0, fmt.Errorf("%s: Unexpected IP:Port %s: %w", ErrFileParse, s, err)
 	}
 
 	portString := s[len(s)-4:]
 	if len(portString) != 4 {
-		return nil, 0, fmt.Errorf("unexpected port string format: %s", portString)
+		return nil, 0,
+			fmt.Errorf("%s: Unexpected port string format %s: %w", ErrFileParse, portString, err)
 	}
 	port, err := strconv.ParseUint(portString, 16, 16)
 	if err != nil {
diff --git a/vendor/github.com/prometheus/procfs/loadavg.go b/vendor/github.com/prometheus/procfs/loadavg.go
index 0096cafbd..59465c5bb 100644
--- a/vendor/github.com/prometheus/procfs/loadavg.go
+++ b/vendor/github.com/prometheus/procfs/loadavg.go
@@ -44,14 +44,14 @@ func parseLoad(loadavgBytes []byte) (*LoadAvg, error) {
 	loads := make([]float64, 3)
 	parts := strings.Fields(string(loadavgBytes))
 	if len(parts) < 3 {
-		return nil, fmt.Errorf("malformed loadavg line: too few fields in loadavg string: %q", string(loadavgBytes))
+		return nil, fmt.Errorf("%w: Malformed line %q", ErrFileParse, string(loadavgBytes))
 	}
 
 	var err error
 	for i, load := range parts[0:3] {
 		loads[i], err = strconv.ParseFloat(load, 64)
 		if err != nil {
-			return nil, fmt.Errorf("could not parse load %q: %w", load, err)
+			return nil, fmt.Errorf("%s: Cannot parse load: %f: %w", ErrFileParse, loads[i], err)
 		}
 	}
 	return &LoadAvg{
diff --git a/vendor/github.com/prometheus/procfs/mdstat.go b/vendor/github.com/prometheus/procfs/mdstat.go
index a95c889cb..fdd4b9544 100644
--- a/vendor/github.com/prometheus/procfs/mdstat.go
+++ b/vendor/github.com/prometheus/procfs/mdstat.go
@@ -70,7 +70,7 @@ func (fs FS) MDStat() ([]MDStat, error) {
 	}
 	mdstat, err := parseMDStat(data)
 	if err != nil {
-		return nil, fmt.Errorf("error parsing mdstat %q: %w", fs.proc.Path("mdstat"), err)
+		return nil, fmt.Errorf("%s: Cannot parse %v: %w", ErrFileParse, fs.proc.Path("mdstat"), err)
 	}
 	return mdstat, nil
 }
@@ -90,13 +90,13 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 
 		deviceFields := strings.Fields(line)
 		if len(deviceFields) < 3 {
-			return nil, fmt.Errorf("not enough fields in mdline (expected at least 3): %s", line)
+			return nil, fmt.Errorf("%s: Expected 3+ lines, got %q", ErrFileParse, line)
 		}
 		mdName := deviceFields[0] // mdx
 		state := deviceFields[2]  // active or inactive
 
 		if len(lines) <= i+3 {
-			return nil, fmt.Errorf("error parsing %q: too few lines for md device", mdName)
+			return nil, fmt.Errorf("%w: Too few lines for md device: %q", ErrFileParse, mdName)
 		}
 
 		// Failed disks have the suffix (F) & Spare disks have the suffix (S).
@@ -105,7 +105,7 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 		active, total, down, size, err := evalStatusLine(lines[i], lines[i+1])
 
 		if err != nil {
-			return nil, fmt.Errorf("error parsing md device lines: %w", err)
+			return nil, fmt.Errorf("%s: Cannot parse md device lines: %v: %w", ErrFileParse, active, err)
 		}
 
 		syncLineIdx := i + 2
@@ -140,7 +140,7 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 			} else {
 				syncedBlocks, pct, finish, speed, err = evalRecoveryLine(lines[syncLineIdx])
 				if err != nil {
-					return nil, fmt.Errorf("error parsing sync line in md device %q: %w", mdName, err)
+					return nil, fmt.Errorf("%s: Cannot parse sync line in md device: %q: %w", ErrFileParse, mdName, err)
 				}
 			}
 		}
@@ -168,13 +168,13 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 func evalStatusLine(deviceLine, statusLine string) (active, total, down, size int64, err error) {
 	statusFields := strings.Fields(statusLine)
 	if len(statusFields) < 1 {
-		return 0, 0, 0, 0, fmt.Errorf("unexpected statusLine %q", statusLine)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
 	}
 
 	sizeStr := statusFields[0]
 	size, err = strconv.ParseInt(sizeStr, 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("unexpected statusLine %q: %w", statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
 	}
 
 	if strings.Contains(deviceLine, "raid0") || strings.Contains(deviceLine, "linear") {
@@ -189,17 +189,17 @@ func evalStatusLine(deviceLine, statusLine string) (active, total, down, size in
 
 	matches := statusLineRE.FindStringSubmatch(statusLine)
 	if len(matches) != 5 {
-		return 0, 0, 0, 0, fmt.Errorf("couldn't find all the substring matches: %s", statusLine)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Could not fild all substring matches %s: %w", ErrFileParse, statusLine, err)
 	}
 
 	total, err = strconv.ParseInt(matches[2], 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("unexpected statusLine %q: %w", statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
 	}
 
 	active, err = strconv.ParseInt(matches[3], 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("unexpected statusLine %q: %w", statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected active %d: %w", ErrFileParse, active, err)
 	}
 	down = int64(strings.Count(matches[4], "_"))
 
@@ -209,42 +209,42 @@ func evalStatusLine(deviceLine, statusLine string) (active, total, down, size in
 func evalRecoveryLine(recoveryLine string) (syncedBlocks int64, pct float64, finish float64, speed float64, err error) {
 	matches := recoveryLineBlocksRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return 0, 0, 0, 0, fmt.Errorf("unexpected recoveryLine: %s", recoveryLine)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected recoveryLine %s: %w", ErrFileParse, recoveryLine, err)
 	}
 
 	syncedBlocks, err = strconv.ParseInt(matches[1], 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("error parsing int from recoveryLine %q: %w", recoveryLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected parsing of recoveryLine %q: %w", ErrFileParse, recoveryLine, err)
 	}
 
 	// Get percentage complete
 	matches = recoveryLinePctRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return syncedBlocks, 0, 0, 0, fmt.Errorf("unexpected recoveryLine matching percentage: %s", recoveryLine)
+		return syncedBlocks, 0, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching percentage %s", ErrFileParse, recoveryLine)
 	}
 	pct, err = strconv.ParseFloat(strings.TrimSpace(matches[1]), 64)
 	if err != nil {
-		return syncedBlocks, 0, 0, 0, fmt.Errorf("error parsing float from recoveryLine %q: %w", recoveryLine, err)
+		return syncedBlocks, 0, 0, 0, fmt.Errorf("%w: Error parsing float from recoveryLine %q", ErrFileParse, recoveryLine)
 	}
 
 	// Get time expected left to complete
 	matches = recoveryLineFinishRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return syncedBlocks, pct, 0, 0, fmt.Errorf("unexpected recoveryLine matching est. finish time: %s", recoveryLine)
+		return syncedBlocks, pct, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching est. finish time: %s", ErrFileParse, recoveryLine)
 	}
 	finish, err = strconv.ParseFloat(matches[1], 64)
 	if err != nil {
-		return syncedBlocks, pct, 0, 0, fmt.Errorf("error parsing float from recoveryLine %q: %w", recoveryLine, err)
+		return syncedBlocks, pct, 0, 0, fmt.Errorf("%w: Unable to parse float from recoveryLine: %q", ErrFileParse, recoveryLine)
 	}
 
 	// Get recovery speed
 	matches = recoveryLineSpeedRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return syncedBlocks, pct, finish, 0, fmt.Errorf("unexpected recoveryLine matching speed: %s", recoveryLine)
+		return syncedBlocks, pct, finish, 0, fmt.Errorf("%w: Unexpected recoveryLine value: %s", ErrFileParse, recoveryLine)
 	}
 	speed, err = strconv.ParseFloat(matches[1], 64)
 	if err != nil {
-		return syncedBlocks, pct, finish, 0, fmt.Errorf("error parsing float from recoveryLine %q: %w", recoveryLine, err)
+		return syncedBlocks, pct, finish, 0, fmt.Errorf("%s: Error parsing float from recoveryLine: %q: %w", ErrFileParse, recoveryLine, err)
 	}
 
 	return syncedBlocks, pct, finish, speed, nil
diff --git a/vendor/github.com/prometheus/procfs/meminfo.go b/vendor/github.com/prometheus/procfs/meminfo.go
index f65e174e5..eaf00e224 100644
--- a/vendor/github.com/prometheus/procfs/meminfo.go
+++ b/vendor/github.com/prometheus/procfs/meminfo.go
@@ -152,7 +152,7 @@ func (fs FS) Meminfo() (Meminfo, error) {
 
 	m, err := parseMemInfo(bytes.NewReader(b))
 	if err != nil {
-		return Meminfo{}, fmt.Errorf("failed to parse meminfo: %w", err)
+		return Meminfo{}, fmt.Errorf("%s: %w", ErrFileParse, err)
 	}
 
 	return *m, nil
@@ -165,7 +165,7 @@ func parseMemInfo(r io.Reader) (*Meminfo, error) {
 		// Each line has at least a name and value; we ignore the unit.
 		fields := strings.Fields(s.Text())
 		if len(fields) < 2 {
-			return nil, fmt.Errorf("malformed meminfo line: %q", s.Text())
+			return nil, fmt.Errorf("%w: Malformed line %q", ErrFileParse, s.Text())
 		}
 
 		v, err := strconv.ParseUint(fields[1], 0, 64)
diff --git a/vendor/github.com/prometheus/procfs/mountinfo.go b/vendor/github.com/prometheus/procfs/mountinfo.go
index 59f4d5055..388ebf396 100644
--- a/vendor/github.com/prometheus/procfs/mountinfo.go
+++ b/vendor/github.com/prometheus/procfs/mountinfo.go
@@ -78,11 +78,11 @@ func parseMountInfoString(mountString string) (*MountInfo, error) {
 	mountInfo := strings.Split(mountString, " ")
 	mountInfoLength := len(mountInfo)
 	if mountInfoLength < 10 {
-		return nil, fmt.Errorf("couldn't find enough fields in mount string: %s", mountString)
+		return nil, fmt.Errorf("%w: Too few fields in mount string: %s", ErrFileParse, mountString)
 	}
 
 	if mountInfo[mountInfoLength-4] != "-" {
-		return nil, fmt.Errorf("couldn't find separator in expected field: %s", mountInfo[mountInfoLength-4])
+		return nil, fmt.Errorf("%w: couldn't find separator in expected field: %s", ErrFileParse, mountInfo[mountInfoLength-4])
 	}
 
 	mount := &MountInfo{
@@ -98,18 +98,18 @@ func parseMountInfoString(mountString string) (*MountInfo, error) {
 
 	mount.MountID, err = strconv.Atoi(mountInfo[0])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse mount ID")
+		return nil, fmt.Errorf("%w: mount ID: %q", ErrFileParse, mount.MountID)
 	}
 	mount.ParentID, err = strconv.Atoi(mountInfo[1])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse parent ID")
+		return nil, fmt.Errorf("%w: parent ID: %q", ErrFileParse, mount.ParentID)
 	}
 	// Has optional fields, which is a space separated list of values.
 	// Example: shared:2 master:7
 	if mountInfo[6] != "" {
 		mount.OptionalFields, err = mountOptionsParseOptionalFields(mountInfo[6 : mountInfoLength-4])
 		if err != nil {
-			return nil, err
+			return nil, fmt.Errorf("%s: %w", ErrFileParse, err)
 		}
 	}
 	return mount, nil
diff --git a/vendor/github.com/prometheus/procfs/mountstats.go b/vendor/github.com/prometheus/procfs/mountstats.go
index 7f68890cf..852c8c4a0 100644
--- a/vendor/github.com/prometheus/procfs/mountstats.go
+++ b/vendor/github.com/prometheus/procfs/mountstats.go
@@ -266,7 +266,7 @@ func parseMountStats(r io.Reader) ([]*Mount, error) {
 		if len(ss) > deviceEntryLen {
 			// Only NFSv3 and v4 are supported for parsing statistics
 			if m.Type != nfs3Type && m.Type != nfs4Type {
-				return nil, fmt.Errorf("cannot parse MountStats for fstype %q", m.Type)
+				return nil, fmt.Errorf("%w: Cannot parse MountStats for %q", ErrFileParse, m.Type)
 			}
 
 			statVersion := strings.TrimPrefix(ss[8], statVersionPrefix)
@@ -290,7 +290,7 @@ func parseMountStats(r io.Reader) ([]*Mount, error) {
 //	device [device] mounted on [mount] with fstype [type]
 func parseMount(ss []string) (*Mount, error) {
 	if len(ss) < deviceEntryLen {
-		return nil, fmt.Errorf("invalid device entry: %v", ss)
+		return nil, fmt.Errorf("%w: Invalid device %q", ErrFileParse, ss)
 	}
 
 	// Check for specific words appearing at specific indices to ensure
@@ -308,7 +308,7 @@ func parseMount(ss []string) (*Mount, error) {
 
 	for _, f := range format {
 		if ss[f.i] != f.s {
-			return nil, fmt.Errorf("invalid device entry: %v", ss)
+			return nil, fmt.Errorf("%w: Invalid device %q", ErrFileParse, ss)
 		}
 	}
 
@@ -345,7 +345,7 @@ func parseMountStatsNFS(s *bufio.Scanner, statVersion string) (*MountStatsNFS, e
 		switch ss[0] {
 		case fieldOpts:
 			if len(ss) < 2 {
-				return nil, fmt.Errorf("not enough information for NFS stats: %v", ss)
+				return nil, fmt.Errorf("%w: Incomplete information for NFS stats: %v", ErrFileParse, ss)
 			}
 			if stats.Opts == nil {
 				stats.Opts = map[string]string{}
@@ -360,7 +360,7 @@ func parseMountStatsNFS(s *bufio.Scanner, statVersion string) (*MountStatsNFS, e
 			}
 		case fieldAge:
 			if len(ss) < 2 {
-				return nil, fmt.Errorf("not enough information for NFS stats: %v", ss)
+				return nil, fmt.Errorf("%w: Incomplete information for NFS stats: %v", ErrFileParse, ss)
 			}
 			// Age integer is in seconds
 			d, err := time.ParseDuration(ss[1] + "s")
@@ -371,7 +371,7 @@ func parseMountStatsNFS(s *bufio.Scanner, statVersion string) (*MountStatsNFS, e
 			stats.Age = d
 		case fieldBytes:
 			if len(ss) < 2 {
-				return nil, fmt.Errorf("not enough information for NFS stats: %v", ss)
+				return nil, fmt.Errorf("%w: Incomplete information for NFS stats: %v", ErrFileParse, ss)
 			}
 			bstats, err := parseNFSBytesStats(ss[1:])
 			if err != nil {
@@ -381,7 +381,7 @@ func parseMountStatsNFS(s *bufio.Scanner, statVersion string) (*MountStatsNFS, e
 			stats.Bytes = *bstats
 		case fieldEvents:
 			if len(ss) < 2 {
-				return nil, fmt.Errorf("not enough information for NFS stats: %v", ss)
+				return nil, fmt.Errorf("%w: Incomplete information for NFS events: %v", ErrFileParse, ss)
 			}
 			estats, err := parseNFSEventsStats(ss[1:])
 			if err != nil {
@@ -391,7 +391,7 @@ func parseMountStatsNFS(s *bufio.Scanner, statVersion string) (*MountStatsNFS, e
 			stats.Events = *estats
 		case fieldTransport:
 			if len(ss) < 3 {
-				return nil, fmt.Errorf("not enough information for NFS transport stats: %v", ss)
+				return nil, fmt.Errorf("%w: Incomplete information for NFS transport stats: %v", ErrFileParse, ss)
 			}
 
 			tstats, err := parseNFSTransportStats(ss[1:], statVersion)
@@ -430,7 +430,7 @@ func parseMountStatsNFS(s *bufio.Scanner, statVersion string) (*MountStatsNFS, e
 // integer fields.
 func parseNFSBytesStats(ss []string) (*NFSBytesStats, error) {
 	if len(ss) != fieldBytesLen {
-		return nil, fmt.Errorf("invalid NFS bytes stats: %v", ss)
+		return nil, fmt.Errorf("%w: Invalid NFS bytes stats: %v", ErrFileParse, ss)
 	}
 
 	ns := make([]uint64, 0, fieldBytesLen)
@@ -459,7 +459,7 @@ func parseNFSBytesStats(ss []string) (*NFSBytesStats, error) {
 // integer fields.
 func parseNFSEventsStats(ss []string) (*NFSEventsStats, error) {
 	if len(ss) != fieldEventsLen {
-		return nil, fmt.Errorf("invalid NFS events stats: %v", ss)
+		return nil, fmt.Errorf("%w: invalid NFS events stats: %v", ErrFileParse, ss)
 	}
 
 	ns := make([]uint64, 0, fieldEventsLen)
@@ -523,7 +523,7 @@ func parseNFSOperationStats(s *bufio.Scanner) ([]NFSOperationStats, error) {
 		}
 
 		if len(ss) < minFields {
-			return nil, fmt.Errorf("invalid NFS per-operations stats: %v", ss)
+			return nil, fmt.Errorf("%w: invalid NFS per-operations stats: %v", ErrFileParse, ss)
 		}
 
 		// Skip string operation name for integers
@@ -576,10 +576,10 @@ func parseNFSTransportStats(ss []string, statVersion string) (*NFSTransportStats
 		} else if protocol == "udp" {
 			expectedLength = fieldTransport10UDPLen
 		} else {
-			return nil, fmt.Errorf("invalid NFS protocol \"%s\" in stats 1.0 statement: %v", protocol, ss)
+			return nil, fmt.Errorf("%w: Invalid NFS protocol \"%s\" in stats 1.0 statement: %v", ErrFileParse, protocol, ss)
 		}
 		if len(ss) != expectedLength {
-			return nil, fmt.Errorf("invalid NFS transport stats 1.0 statement: %v", ss)
+			return nil, fmt.Errorf("%w: Invalid NFS transport stats 1.0 statement: %v", ErrFileParse, ss)
 		}
 	case statVersion11:
 		var expectedLength int
@@ -588,13 +588,13 @@ func parseNFSTransportStats(ss []string, statVersion string) (*NFSTransportStats
 		} else if protocol == "udp" {
 			expectedLength = fieldTransport11UDPLen
 		} else {
-			return nil, fmt.Errorf("invalid NFS protocol \"%s\" in stats 1.1 statement: %v", protocol, ss)
+			return nil, fmt.Errorf("%w: invalid NFS protocol \"%s\" in stats 1.1 statement: %v", ErrFileParse, protocol, ss)
 		}
 		if len(ss) != expectedLength {
-			return nil, fmt.Errorf("invalid NFS transport stats 1.1 statement: %v", ss)
+			return nil, fmt.Errorf("%w: invalid NFS transport stats 1.1 statement: %v", ErrFileParse, ss)
 		}
 	default:
-		return nil, fmt.Errorf("unrecognized NFS transport stats version: %q", statVersion)
+		return nil, fmt.Errorf("%s: Unrecognized NFS transport stats version: %q", ErrFileParse, statVersion)
 	}
 
 	// Allocate enough for v1.1 stats since zero value for v1.1 stats will be okay
diff --git a/vendor/github.com/prometheus/procfs/net_conntrackstat.go b/vendor/github.com/prometheus/procfs/net_conntrackstat.go
index 64a0e9460..fdfa45611 100644
--- a/vendor/github.com/prometheus/procfs/net_conntrackstat.go
+++ b/vendor/github.com/prometheus/procfs/net_conntrackstat.go
@@ -58,7 +58,7 @@ func readConntrackStat(path string) ([]ConntrackStatEntry, error) {
 
 	stat, err := parseConntrackStat(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("failed to read conntrack stats from %q: %w", path, err)
+		return nil, fmt.Errorf("%s: Cannot read file: %v: %w", ErrFileRead, path, err)
 	}
 
 	return stat, nil
@@ -86,11 +86,12 @@ func parseConntrackStat(r io.Reader) ([]ConntrackStatEntry, error) {
 func parseConntrackStatEntry(fields []string) (*ConntrackStatEntry, error) {
 	entries, err := util.ParseHexUint64s(fields)
 	if err != nil {
-		return nil, fmt.Errorf("invalid conntrackstat entry, couldn't parse fields: %s", err)
+		return nil, fmt.Errorf("%s: Cannot parse entry: %d: %w", ErrFileParse, entries, err)
 	}
 	numEntries := len(entries)
 	if numEntries < 16 || numEntries > 17 {
-		return nil, fmt.Errorf("invalid conntrackstat entry, invalid number of fields: %d", numEntries)
+		return nil,
+			fmt.Errorf("%w: invalid conntrackstat entry, invalid number of fields: %d", ErrFileParse, numEntries)
 	}
 
 	stats := &ConntrackStatEntry{
diff --git a/vendor/github.com/prometheus/procfs/net_ip_socket.go b/vendor/github.com/prometheus/procfs/net_ip_socket.go
index 7fd57d7f4..4da81ea57 100644
--- a/vendor/github.com/prometheus/procfs/net_ip_socket.go
+++ b/vendor/github.com/prometheus/procfs/net_ip_socket.go
@@ -130,7 +130,7 @@ func parseIP(hexIP string) (net.IP, error) {
 	var byteIP []byte
 	byteIP, err := hex.DecodeString(hexIP)
 	if err != nil {
-		return nil, fmt.Errorf("cannot parse address field in socket line %q", hexIP)
+		return nil, fmt.Errorf("%s: Cannot parse socket field in %q: %w", ErrFileParse, hexIP, err)
 	}
 	switch len(byteIP) {
 	case 4:
@@ -144,7 +144,7 @@ func parseIP(hexIP string) (net.IP, error) {
 		}
 		return i, nil
 	default:
-		return nil, fmt.Errorf("Unable to parse IP %s", hexIP)
+		return nil, fmt.Errorf("%s: Unable to parse IP %s: %w", ErrFileParse, hexIP, nil)
 	}
 }
 
@@ -153,7 +153,8 @@ func parseNetIPSocketLine(fields []string) (*netIPSocketLine, error) {
 	line := &netIPSocketLine{}
 	if len(fields) < 10 {
 		return nil, fmt.Errorf(
-			"cannot parse net socket line as it has less then 10 columns %q",
+			"%w: Less than 10 columns found %q",
+			ErrFileParse,
 			strings.Join(fields, " "),
 		)
 	}
@@ -162,64 +163,65 @@ func parseNetIPSocketLine(fields []string) (*netIPSocketLine, error) {
 	// sl
 	s := strings.Split(fields[0], ":")
 	if len(s) != 2 {
-		return nil, fmt.Errorf("cannot parse sl field in socket line %q", fields[0])
+		return nil, fmt.Errorf("%w: Unable to parse sl field in line %q", ErrFileParse, fields[0])
 	}
 
 	if line.Sl, err = strconv.ParseUint(s[0], 0, 64); err != nil {
-		return nil, fmt.Errorf("cannot parse sl value in socket line: %w", err)
+		return nil, fmt.Errorf("%s: Unable to parse sl field in %q: %w", ErrFileParse, line.Sl, err)
 	}
 	// local_address
 	l := strings.Split(fields[1], ":")
 	if len(l) != 2 {
-		return nil, fmt.Errorf("cannot parse local_address field in socket line %q", fields[1])
+		return nil, fmt.Errorf("%w: Unable to parse local_address field in %q", ErrFileParse, fields[1])
 	}
 	if line.LocalAddr, err = parseIP(l[0]); err != nil {
 		return nil, err
 	}
 	if line.LocalPort, err = strconv.ParseUint(l[1], 16, 64); err != nil {
-		return nil, fmt.Errorf("cannot parse local_address port value in socket line: %w", err)
+		return nil, fmt.Errorf("%s: Unable to parse local_address port value line %q: %w", ErrFileParse, line.LocalPort, err)
 	}
 
 	// remote_address
 	r := strings.Split(fields[2], ":")
 	if len(r) != 2 {
-		return nil, fmt.Errorf("cannot parse rem_address field in socket line %q", fields[1])
+		return nil, fmt.Errorf("%w: Unable to parse rem_address field in %q", ErrFileParse, fields[1])
 	}
 	if line.RemAddr, err = parseIP(r[0]); err != nil {
 		return nil, err
 	}
 	if line.RemPort, err = strconv.ParseUint(r[1], 16, 64); err != nil {
-		return nil, fmt.Errorf("cannot parse rem_address port value in socket line: %w", err)
+		return nil, fmt.Errorf("%s: Cannot parse rem_address port value in %q: %w", ErrFileParse, line.RemPort, err)
 	}
 
 	// st
 	if line.St, err = strconv.ParseUint(fields[3], 16, 64); err != nil {
-		return nil, fmt.Errorf("cannot parse st value in socket line: %w", err)
+		return nil, fmt.Errorf("%s: Cannot parse st value in %q: %w", ErrFileParse, line.St, err)
 	}
 
 	// tx_queue and rx_queue
 	q := strings.Split(fields[4], ":")
 	if len(q) != 2 {
 		return nil, fmt.Errorf(
-			"cannot parse tx/rx queues in socket line as it has a missing colon %q",
+			"%w: Missing colon for tx/rx queues in socket line %q",
+			ErrFileParse,
 			fields[4],
 		)
 	}
 	if line.TxQueue, err = strconv.ParseUint(q[0], 16, 64); err != nil {
-		return nil, fmt.Errorf("cannot parse tx_queue value in socket line: %w", err)
+		return nil, fmt.Errorf("%s: Cannot parse tx_queue value in %q: %w", ErrFileParse, line.TxQueue, err)
 	}
 	if line.RxQueue, err = strconv.ParseUint(q[1], 16, 64); err != nil {
-		return nil, fmt.Errorf("cannot parse rx_queue value in socket line: %w", err)
+		return nil, fmt.Errorf("%s: Cannot parse trx_queue value in %q: %w", ErrFileParse, line.RxQueue, err)
 	}
 
 	// uid
 	if line.UID, err = strconv.ParseUint(fields[7], 0, 64); err != nil {
-		return nil, fmt.Errorf("cannot parse uid value in socket line: %w", err)
+		return nil, fmt.Errorf("%s: Cannot parse UID value in %q: %w", ErrFileParse, line.UID, err)
 	}
 
 	// inode
 	if line.Inode, err = strconv.ParseUint(fields[9], 0, 64); err != nil {
-		return nil, fmt.Errorf("cannot parse inode value in socket line: %w", err)
+		return nil, fmt.Errorf("%s: Cannot parse inode value in %q: %w", ErrFileParse, line.Inode, err)
 	}
 
 	return line, nil
diff --git a/vendor/github.com/prometheus/procfs/net_protocols.go b/vendor/github.com/prometheus/procfs/net_protocols.go
index 374b6f73f..b6c77b709 100644
--- a/vendor/github.com/prometheus/procfs/net_protocols.go
+++ b/vendor/github.com/prometheus/procfs/net_protocols.go
@@ -131,7 +131,7 @@ func (ps NetProtocolStats) parseLine(rawLine string) (*NetProtocolStatLine, erro
 	} else if fields[6] == disabled {
 		line.Slab = false
 	} else {
-		return nil, fmt.Errorf("unable to parse capability for protocol: %s", line.Name)
+		return nil, fmt.Errorf("%w: capability for protocol: %s", ErrFileParse, line.Name)
 	}
 	line.ModuleName = fields[7]
 
@@ -173,7 +173,7 @@ func (pc *NetProtocolCapabilities) parseCapabilities(capabilities []string) erro
 		} else if capabilities[i] == "n" {
 			*capabilityFields[i] = false
 		} else {
-			return fmt.Errorf("unable to parse capability block for protocol: position %d", i)
+			return fmt.Errorf("%w: capability block for protocol: position %d", ErrFileParse, i)
 		}
 	}
 	return nil
diff --git a/vendor/github.com/prometheus/procfs/net_route.go b/vendor/github.com/prometheus/procfs/net_route.go
new file mode 100644
index 000000000..deb7029fe
--- /dev/null
+++ b/vendor/github.com/prometheus/procfs/net_route.go
@@ -0,0 +1,143 @@
+// Copyright 2023 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package procfs
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"io"
+	"strconv"
+	"strings"
+
+	"github.com/prometheus/procfs/internal/util"
+)
+
+const (
+	blackholeRepresentation string = "*"
+	blackholeIfaceName      string = "blackhole"
+	routeLineColumns        int    = 11
+)
+
+// A NetRouteLine represents one line from net/route.
+type NetRouteLine struct {
+	Iface       string
+	Destination uint32
+	Gateway     uint32
+	Flags       uint32
+	RefCnt      uint32
+	Use         uint32
+	Metric      uint32
+	Mask        uint32
+	MTU         uint32
+	Window      uint32
+	IRTT        uint32
+}
+
+func (fs FS) NetRoute() ([]NetRouteLine, error) {
+	return readNetRoute(fs.proc.Path("net", "route"))
+}
+
+func readNetRoute(path string) ([]NetRouteLine, error) {
+	b, err := util.ReadFileNoStat(path)
+	if err != nil {
+		return nil, err
+	}
+
+	routelines, err := parseNetRoute(bytes.NewReader(b))
+	if err != nil {
+		return nil, fmt.Errorf("failed to read net route from %s: %w", path, err)
+	}
+	return routelines, nil
+}
+
+func parseNetRoute(r io.Reader) ([]NetRouteLine, error) {
+	var routelines []NetRouteLine
+
+	scanner := bufio.NewScanner(r)
+	scanner.Scan()
+	for scanner.Scan() {
+		fields := strings.Fields(scanner.Text())
+		routeline, err := parseNetRouteLine(fields)
+		if err != nil {
+			return nil, err
+		}
+		routelines = append(routelines, *routeline)
+	}
+	return routelines, nil
+}
+
+func parseNetRouteLine(fields []string) (*NetRouteLine, error) {
+	if len(fields) != routeLineColumns {
+		return nil, fmt.Errorf("invalid routeline, num of digits: %d", len(fields))
+	}
+	iface := fields[0]
+	if iface == blackholeRepresentation {
+		iface = blackholeIfaceName
+	}
+	destination, err := strconv.ParseUint(fields[1], 16, 32)
+	if err != nil {
+		return nil, err
+	}
+	gateway, err := strconv.ParseUint(fields[2], 16, 32)
+	if err != nil {
+		return nil, err
+	}
+	flags, err := strconv.ParseUint(fields[3], 10, 32)
+	if err != nil {
+		return nil, err
+	}
+	refcnt, err := strconv.ParseUint(fields[4], 10, 32)
+	if err != nil {
+		return nil, err
+	}
+	use, err := strconv.ParseUint(fields[5], 10, 32)
+	if err != nil {
+		return nil, err
+	}
+	metric, err := strconv.ParseUint(fields[6], 10, 32)
+	if err != nil {
+		return nil, err
+	}
+	mask, err := strconv.ParseUint(fields[7], 16, 32)
+	if err != nil {
+		return nil, err
+	}
+	mtu, err := strconv.ParseUint(fields[8], 10, 32)
+	if err != nil {
+		return nil, err
+	}
+	window, err := strconv.ParseUint(fields[9], 10, 32)
+	if err != nil {
+		return nil, err
+	}
+	irtt, err := strconv.ParseUint(fields[10], 10, 32)
+	if err != nil {
+		return nil, err
+	}
+	routeline := &NetRouteLine{
+		Iface:       iface,
+		Destination: uint32(destination),
+		Gateway:     uint32(gateway),
+		Flags:       uint32(flags),
+		RefCnt:      uint32(refcnt),
+		Use:         uint32(use),
+		Metric:      uint32(metric),
+		Mask:        uint32(mask),
+		MTU:         uint32(mtu),
+		Window:      uint32(window),
+		IRTT:        uint32(irtt),
+	}
+	return routeline, nil
+}
diff --git a/vendor/github.com/prometheus/procfs/net_sockstat.go b/vendor/github.com/prometheus/procfs/net_sockstat.go
index e36f4872d..360e36af7 100644
--- a/vendor/github.com/prometheus/procfs/net_sockstat.go
+++ b/vendor/github.com/prometheus/procfs/net_sockstat.go
@@ -16,7 +16,6 @@ package procfs
 import (
 	"bufio"
 	"bytes"
-	"errors"
 	"fmt"
 	"io"
 	"strings"
@@ -70,7 +69,7 @@ func readSockstat(name string) (*NetSockstat, error) {
 
 	stat, err := parseSockstat(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("failed to read sockstats from %q: %w", name, err)
+		return nil, fmt.Errorf("%s: sockstats from %q: %w", ErrFileRead, name, err)
 	}
 
 	return stat, nil
@@ -84,13 +83,13 @@ func parseSockstat(r io.Reader) (*NetSockstat, error) {
 		// Expect a minimum of a protocol and one key/value pair.
 		fields := strings.Split(s.Text(), " ")
 		if len(fields) < 3 {
-			return nil, fmt.Errorf("malformed sockstat line: %q", s.Text())
+			return nil, fmt.Errorf("%w: Malformed sockstat line: %q", ErrFileParse, s.Text())
 		}
 
 		// The remaining fields are key/value pairs.
 		kvs, err := parseSockstatKVs(fields[1:])
 		if err != nil {
-			return nil, fmt.Errorf("error parsing sockstat key/value pairs from %q: %w", s.Text(), err)
+			return nil, fmt.Errorf("%s: sockstat key/value pairs from %q: %w", ErrFileParse, s.Text(), err)
 		}
 
 		// The first field is the protocol. We must trim its colon suffix.
@@ -119,7 +118,7 @@ func parseSockstat(r io.Reader) (*NetSockstat, error) {
 // parseSockstatKVs parses a string slice into a map of key/value pairs.
 func parseSockstatKVs(kvs []string) (map[string]int, error) {
 	if len(kvs)%2 != 0 {
-		return nil, errors.New("odd number of fields in key/value pairs")
+		return nil, fmt.Errorf("%w:: Odd number of fields in key/value pairs %q", ErrFileParse, kvs)
 	}
 
 	// Iterate two values at a time to gather key/value pairs.
diff --git a/vendor/github.com/prometheus/procfs/net_softnet.go b/vendor/github.com/prometheus/procfs/net_softnet.go
index 540cea52c..c77085291 100644
--- a/vendor/github.com/prometheus/procfs/net_softnet.go
+++ b/vendor/github.com/prometheus/procfs/net_softnet.go
@@ -64,7 +64,7 @@ func (fs FS) NetSoftnetStat() ([]SoftnetStat, error) {
 
 	entries, err := parseSoftnet(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse /proc/net/softnet_stat: %w", err)
+		return nil, fmt.Errorf("%s: /proc/net/softnet_stat: %w", ErrFileParse, err)
 	}
 
 	return entries, nil
@@ -83,7 +83,7 @@ func parseSoftnet(r io.Reader) ([]SoftnetStat, error) {
 		softnetStat := SoftnetStat{}
 
 		if width < minColumns {
-			return nil, fmt.Errorf("%d columns were detected, but at least %d were expected", width, minColumns)
+			return nil, fmt.Errorf("%w: detected %d columns, but expected at least %d", ErrFileParse, width, minColumns)
 		}
 
 		// Linux 2.6.23 https://elixir.bootlin.com/linux/v2.6.23/source/net/core/dev.c#L2347
diff --git a/vendor/github.com/prometheus/procfs/net_unix.go b/vendor/github.com/prometheus/procfs/net_unix.go
index 98aa8e1c3..acbbc57ea 100644
--- a/vendor/github.com/prometheus/procfs/net_unix.go
+++ b/vendor/github.com/prometheus/procfs/net_unix.go
@@ -108,14 +108,14 @@ func parseNetUNIX(r io.Reader) (*NetUNIX, error) {
 		line := s.Text()
 		item, err := nu.parseLine(line, hasInode, minFields)
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse /proc/net/unix data %q: %w", line, err)
+			return nil, fmt.Errorf("%s: /proc/net/unix encountered data %q: %w", ErrFileParse, line, err)
 		}
 
 		nu.Rows = append(nu.Rows, item)
 	}
 
 	if err := s.Err(); err != nil {
-		return nil, fmt.Errorf("failed to scan /proc/net/unix data: %w", err)
+		return nil, fmt.Errorf("%s: /proc/net/unix encountered data: %w", ErrFileParse, err)
 	}
 
 	return &nu, nil
@@ -126,7 +126,7 @@ func (u *NetUNIX) parseLine(line string, hasInode bool, min int) (*NetUNIXLine,
 
 	l := len(fields)
 	if l < min {
-		return nil, fmt.Errorf("expected at least %d fields but got %d", min, l)
+		return nil, fmt.Errorf("%w: expected at least %d fields but got %d", ErrFileParse, min, l)
 	}
 
 	// Field offsets are as follows:
@@ -136,29 +136,29 @@ func (u *NetUNIX) parseLine(line string, hasInode bool, min int) (*NetUNIXLine,
 
 	users, err := u.parseUsers(fields[1])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse ref count %q: %w", fields[1], err)
+		return nil, fmt.Errorf("%s: ref count %q: %w", ErrFileParse, fields[1], err)
 	}
 
 	flags, err := u.parseFlags(fields[3])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse flags %q: %w", fields[3], err)
+		return nil, fmt.Errorf("%s: Unable to parse flags %q: %w", ErrFileParse, fields[3], err)
 	}
 
 	typ, err := u.parseType(fields[4])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse type %q: %w", fields[4], err)
+		return nil, fmt.Errorf("%s: Failed to parse type %q: %w", ErrFileParse, fields[4], err)
 	}
 
 	state, err := u.parseState(fields[5])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse state %q: %w", fields[5], err)
+		return nil, fmt.Errorf("%s: Failed to parse state %q: %w", ErrFileParse, fields[5], err)
 	}
 
 	var inode uint64
 	if hasInode {
 		inode, err = u.parseInode(fields[6])
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse inode %q: %w", fields[6], err)
+			return nil, fmt.Errorf("%s failed to parse inode %q: %w", ErrFileParse, fields[6], err)
 		}
 	}
 
diff --git a/vendor/github.com/prometheus/procfs/net_wireless.go b/vendor/github.com/prometheus/procfs/net_wireless.go
index c80fb1542..7443edca9 100644
--- a/vendor/github.com/prometheus/procfs/net_wireless.go
+++ b/vendor/github.com/prometheus/procfs/net_wireless.go
@@ -68,7 +68,7 @@ func (fs FS) Wireless() ([]*Wireless, error) {
 
 	m, err := parseWireless(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse wireless: %w", err)
+		return nil, fmt.Errorf("%s: wireless: %w", ErrFileParse, err)
 	}
 
 	return m, nil
@@ -97,64 +97,64 @@ func parseWireless(r io.Reader) ([]*Wireless, error) {
 
 		parts := strings.Split(line, ":")
 		if len(parts) != 2 {
-			return nil, fmt.Errorf("expected 2 parts after splitting line by ':', got %d for line %q", len(parts), line)
+			return nil, fmt.Errorf("%w: expected 2 parts after splitting line by ':', got %d for line %q", ErrFileParse, len(parts), line)
 		}
 
 		name := strings.TrimSpace(parts[0])
 		stats := strings.Fields(parts[1])
 
 		if len(stats) < 10 {
-			return nil, fmt.Errorf("invalid number of fields in line %d, expected at least 10, got %d: %q", n, len(stats), line)
+			return nil, fmt.Errorf("%w: invalid number of fields in line %d, expected 10+, got %d: %q", ErrFileParse, n, len(stats), line)
 		}
 
 		status, err := strconv.ParseUint(stats[0], 16, 16)
 		if err != nil {
-			return nil, fmt.Errorf("invalid status in line %d: %q", n, line)
+			return nil, fmt.Errorf("%w: invalid status in line %d: %q", ErrFileParse, n, line)
 		}
 
 		qlink, err := strconv.Atoi(strings.TrimSuffix(stats[1], "."))
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse Quality:link as integer %q: %w", qlink, err)
+			return nil, fmt.Errorf("%s: parse Quality:link as integer %q: %w", ErrFileParse, qlink, err)
 		}
 
 		qlevel, err := strconv.Atoi(strings.TrimSuffix(stats[2], "."))
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse Quality:level as integer %q: %w", qlevel, err)
+			return nil, fmt.Errorf("%s: Quality:level as integer %q: %w", ErrFileParse, qlevel, err)
 		}
 
 		qnoise, err := strconv.Atoi(strings.TrimSuffix(stats[3], "."))
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse Quality:noise as integer %q: %w", qnoise, err)
+			return nil, fmt.Errorf("%s: Quality:noise as integer %q: %w", ErrFileParse, qnoise, err)
 		}
 
 		dnwid, err := strconv.Atoi(stats[4])
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse Discarded:nwid as integer %q: %w", dnwid, err)
+			return nil, fmt.Errorf("%s: Discarded:nwid as integer %q: %w", ErrFileParse, dnwid, err)
 		}
 
 		dcrypt, err := strconv.Atoi(stats[5])
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse Discarded:crypt as integer %q: %w", dcrypt, err)
+			return nil, fmt.Errorf("%s: Discarded:crypt as integer %q: %w", ErrFileParse, dcrypt, err)
 		}
 
 		dfrag, err := strconv.Atoi(stats[6])
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse Discarded:frag as integer %q: %w", dfrag, err)
+			return nil, fmt.Errorf("%s: Discarded:frag as integer %q: %w", ErrFileParse, dfrag, err)
 		}
 
 		dretry, err := strconv.Atoi(stats[7])
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse Discarded:retry as integer %q: %w", dretry, err)
+			return nil, fmt.Errorf("%s: Discarded:retry as integer %q: %w", ErrFileParse, dretry, err)
 		}
 
 		dmisc, err := strconv.Atoi(stats[8])
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse Discarded:misc as integer %q: %w", dmisc, err)
+			return nil, fmt.Errorf("%s: Discarded:misc as integer %q: %w", ErrFileParse, dmisc, err)
 		}
 
 		mbeacon, err := strconv.Atoi(stats[9])
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse Missed:beacon as integer %q: %w", mbeacon, err)
+			return nil, fmt.Errorf("%s: Missed:beacon as integer %q: %w", ErrFileParse, mbeacon, err)
 		}
 
 		w := &Wireless{
@@ -175,7 +175,7 @@ func parseWireless(r io.Reader) ([]*Wireless, error) {
 	}
 
 	if err := scanner.Err(); err != nil {
-		return nil, fmt.Errorf("failed to scan /proc/net/wireless: %w", err)
+		return nil, fmt.Errorf("%s: Failed to scan /proc/net/wireless: %w", ErrFileRead, err)
 	}
 
 	return interfaces, nil
diff --git a/vendor/github.com/prometheus/procfs/net_xfrm.go b/vendor/github.com/prometheus/procfs/net_xfrm.go
index f9d9d243d..932ef2046 100644
--- a/vendor/github.com/prometheus/procfs/net_xfrm.go
+++ b/vendor/github.com/prometheus/procfs/net_xfrm.go
@@ -115,7 +115,7 @@ func (fs FS) NewXfrmStat() (XfrmStat, error) {
 		fields := strings.Fields(s.Text())
 
 		if len(fields) != 2 {
-			return XfrmStat{}, fmt.Errorf("couldn't parse %q line %q", file.Name(), s.Text())
+			return XfrmStat{}, fmt.Errorf("%w: %q line %q", ErrFileParse, file.Name(), s.Text())
 		}
 
 		name := fields[0]
diff --git a/vendor/github.com/prometheus/procfs/proc.go b/vendor/github.com/prometheus/procfs/proc.go
index 48f39dafd..d1f71caa5 100644
--- a/vendor/github.com/prometheus/procfs/proc.go
+++ b/vendor/github.com/prometheus/procfs/proc.go
@@ -15,6 +15,7 @@ package procfs
 
 import (
 	"bytes"
+	"errors"
 	"fmt"
 	"io"
 	"os"
@@ -35,6 +36,12 @@ type Proc struct {
 // Procs represents a list of Proc structs.
 type Procs []Proc
 
+var (
+	ErrFileParse  = errors.New("Error Parsing File")
+	ErrFileRead   = errors.New("Error Reading File")
+	ErrMountPoint = errors.New("Error Accessing Mount point")
+)
+
 func (p Procs) Len() int           { return len(p) }
 func (p Procs) Swap(i, j int)      { p[i], p[j] = p[j], p[i] }
 func (p Procs) Less(i, j int) bool { return p[i].PID < p[j].PID }
@@ -42,7 +49,7 @@ func (p Procs) Less(i, j int) bool { return p[i].PID < p[j].PID }
 // Self returns a process for the current process read via /proc/self.
 func Self() (Proc, error) {
 	fs, err := NewFS(DefaultMountPoint)
-	if err != nil {
+	if err != nil || errors.Unwrap(err) == ErrMountPoint {
 		return Proc{}, err
 	}
 	return fs.Self()
@@ -104,7 +111,7 @@ func (fs FS) AllProcs() (Procs, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return Procs{}, fmt.Errorf("could not read %q: %w", d.Name(), err)
+		return Procs{}, fmt.Errorf("%s: Cannot read file: %v: %w", ErrFileRead, names, err)
 	}
 
 	p := Procs{}
@@ -205,7 +212,7 @@ func (p Proc) FileDescriptors() ([]uintptr, error) {
 	for i, n := range names {
 		fd, err := strconv.ParseInt(n, 10, 32)
 		if err != nil {
-			return nil, fmt.Errorf("could not parse fd %q: %w", n, err)
+			return nil, fmt.Errorf("%s: Cannot parse line: %v: %w", ErrFileParse, i, err)
 		}
 		fds[i] = uintptr(fd)
 	}
@@ -237,7 +244,7 @@ func (p Proc) FileDescriptorTargets() ([]string, error) {
 // a process.
 func (p Proc) FileDescriptorsLen() (int, error) {
 	// Use fast path if available (Linux v6.2): https://github.com/torvalds/linux/commit/f1f1f2569901
-	if p.fs.real {
+	if p.fs.isReal {
 		stat, err := os.Stat(p.path("fd"))
 		if err != nil {
 			return 0, err
@@ -290,7 +297,7 @@ func (p Proc) fileDescriptors() ([]string, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return nil, fmt.Errorf("could not read %q: %w", d.Name(), err)
+		return nil, fmt.Errorf("%s: Cannot read file: %v: %w", ErrFileRead, names, err)
 	}
 
 	return names, nil
diff --git a/vendor/github.com/prometheus/procfs/proc_cgroup.go b/vendor/github.com/prometheus/procfs/proc_cgroup.go
index ea83a75ff..daeed7f57 100644
--- a/vendor/github.com/prometheus/procfs/proc_cgroup.go
+++ b/vendor/github.com/prometheus/procfs/proc_cgroup.go
@@ -51,7 +51,7 @@ func parseCgroupString(cgroupStr string) (*Cgroup, error) {
 
 	fields := strings.SplitN(cgroupStr, ":", 3)
 	if len(fields) < 3 {
-		return nil, fmt.Errorf("at least 3 fields required, found %d fields in cgroup string: %s", len(fields), cgroupStr)
+		return nil, fmt.Errorf("%w: 3+ fields required, found %d fields in cgroup string: %s", ErrFileParse, len(fields), cgroupStr)
 	}
 
 	cgroup := &Cgroup{
@@ -60,7 +60,7 @@ func parseCgroupString(cgroupStr string) (*Cgroup, error) {
 	}
 	cgroup.HierarchyID, err = strconv.Atoi(fields[0])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse hierarchy ID")
+		return nil, fmt.Errorf("%w: hierarchy ID: %q", ErrFileParse, cgroup.HierarchyID)
 	}
 	if fields[1] != "" {
 		ssNames := strings.Split(fields[1], ",")
diff --git a/vendor/github.com/prometheus/procfs/proc_cgroups.go b/vendor/github.com/prometheus/procfs/proc_cgroups.go
index 24d4dce9c..5dd493899 100644
--- a/vendor/github.com/prometheus/procfs/proc_cgroups.go
+++ b/vendor/github.com/prometheus/procfs/proc_cgroups.go
@@ -46,7 +46,7 @@ func parseCgroupSummaryString(CgroupSummaryStr string) (*CgroupSummary, error) {
 	fields := strings.Fields(CgroupSummaryStr)
 	// require at least 4 fields
 	if len(fields) < 4 {
-		return nil, fmt.Errorf("at least 4 fields required, found %d fields in cgroup info string: %s", len(fields), CgroupSummaryStr)
+		return nil, fmt.Errorf("%w: 4+ fields required, found %d fields in cgroup info string: %s", ErrFileParse, len(fields), CgroupSummaryStr)
 	}
 
 	CgroupSummary := &CgroupSummary{
@@ -54,15 +54,15 @@ func parseCgroupSummaryString(CgroupSummaryStr string) (*CgroupSummary, error) {
 	}
 	CgroupSummary.Hierarchy, err = strconv.Atoi(fields[1])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse hierarchy ID")
+		return nil, fmt.Errorf("%w: Unable to parse hierarchy ID from %q", ErrFileParse, fields[1])
 	}
 	CgroupSummary.Cgroups, err = strconv.Atoi(fields[2])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse Cgroup Num")
+		return nil, fmt.Errorf("%w: Unable to parse Cgroup Num from %q", ErrFileParse, fields[2])
 	}
 	CgroupSummary.Enabled, err = strconv.Atoi(fields[3])
 	if err != nil {
-		return nil, fmt.Errorf("failed to parse Enabled")
+		return nil, fmt.Errorf("%w: Unable to parse Enabled from %q", ErrFileParse, fields[3])
 	}
 	return CgroupSummary, nil
 }
diff --git a/vendor/github.com/prometheus/procfs/proc_fdinfo.go b/vendor/github.com/prometheus/procfs/proc_fdinfo.go
index 1bbdd4a8e..4b7933e4f 100644
--- a/vendor/github.com/prometheus/procfs/proc_fdinfo.go
+++ b/vendor/github.com/prometheus/procfs/proc_fdinfo.go
@@ -111,7 +111,7 @@ func parseInotifyInfo(line string) (*InotifyInfo, error) {
 		}
 		return i, nil
 	}
-	return nil, fmt.Errorf("invalid inode entry: %q", line)
+	return nil, fmt.Errorf("%w: invalid inode entry: %q", ErrFileParse, line)
 }
 
 // ProcFDInfos represents a list of ProcFDInfo structs.
diff --git a/vendor/github.com/prometheus/procfs/proc_interrupts.go b/vendor/github.com/prometheus/procfs/proc_interrupts.go
index 9df79c237..86b4b4524 100644
--- a/vendor/github.com/prometheus/procfs/proc_interrupts.go
+++ b/vendor/github.com/prometheus/procfs/proc_interrupts.go
@@ -66,7 +66,7 @@ func parseInterrupts(r io.Reader) (Interrupts, error) {
 			continue
 		}
 		if len(parts) < 2 {
-			return nil, fmt.Errorf("not enough fields in interrupts (expected at least 2 fields but got %d): %s", len(parts), parts)
+			return nil, fmt.Errorf("%w: Not enough fields in interrupts (expected 2+ fields but got %d): %s", ErrFileParse, len(parts), parts)
 		}
 		intName := parts[0][:len(parts[0])-1] // remove trailing :
 
diff --git a/vendor/github.com/prometheus/procfs/proc_limits.go b/vendor/github.com/prometheus/procfs/proc_limits.go
index 7a1388185..c86d815d7 100644
--- a/vendor/github.com/prometheus/procfs/proc_limits.go
+++ b/vendor/github.com/prometheus/procfs/proc_limits.go
@@ -103,7 +103,7 @@ func (p Proc) Limits() (ProcLimits, error) {
 		//fields := limitsMatch.Split(s.Text(), limitsFields)
 		fields := limitsMatch.FindStringSubmatch(s.Text())
 		if len(fields) != limitsFields {
-			return ProcLimits{}, fmt.Errorf("couldn't parse %q line %q", f.Name(), s.Text())
+			return ProcLimits{}, fmt.Errorf("%w: couldn't parse %q line %q", ErrFileParse, f.Name(), s.Text())
 		}
 
 		switch fields[1] {
@@ -154,7 +154,7 @@ func parseUint(s string) (uint64, error) {
 	}
 	i, err := strconv.ParseUint(s, 10, 64)
 	if err != nil {
-		return 0, fmt.Errorf("couldn't parse value %q: %w", s, err)
+		return 0, fmt.Errorf("%s: couldn't parse value %q: %w", ErrFileParse, s, err)
 	}
 	return i, nil
 }
diff --git a/vendor/github.com/prometheus/procfs/proc_maps.go b/vendor/github.com/prometheus/procfs/proc_maps.go
index f1bcbf32b..727549a13 100644
--- a/vendor/github.com/prometheus/procfs/proc_maps.go
+++ b/vendor/github.com/prometheus/procfs/proc_maps.go
@@ -65,7 +65,7 @@ type ProcMap struct {
 func parseDevice(s string) (uint64, error) {
 	toks := strings.Split(s, ":")
 	if len(toks) < 2 {
-		return 0, fmt.Errorf("unexpected number of fields")
+		return 0, fmt.Errorf("%w: unexpected number of fields, expected: 2, got: %q", ErrFileParse, len(toks))
 	}
 
 	major, err := strconv.ParseUint(toks[0], 16, 0)
@@ -95,7 +95,7 @@ func parseAddress(s string) (uintptr, error) {
 func parseAddresses(s string) (uintptr, uintptr, error) {
 	toks := strings.Split(s, "-")
 	if len(toks) < 2 {
-		return 0, 0, fmt.Errorf("invalid address")
+		return 0, 0, fmt.Errorf("%w: invalid address", ErrFileParse)
 	}
 
 	saddr, err := parseAddress(toks[0])
@@ -114,7 +114,7 @@ func parseAddresses(s string) (uintptr, uintptr, error) {
 // parsePermissions parses a token and returns any that are set.
 func parsePermissions(s string) (*ProcMapPermissions, error) {
 	if len(s) < 4 {
-		return nil, fmt.Errorf("invalid permissions token")
+		return nil, fmt.Errorf("%w: invalid permissions token", ErrFileParse)
 	}
 
 	perms := ProcMapPermissions{}
@@ -141,7 +141,7 @@ func parsePermissions(s string) (*ProcMapPermissions, error) {
 func parseProcMap(text string) (*ProcMap, error) {
 	fields := strings.Fields(text)
 	if len(fields) < 5 {
-		return nil, fmt.Errorf("truncated procmap entry")
+		return nil, fmt.Errorf("%w: truncated procmap entry", ErrFileParse)
 	}
 
 	saddr, eaddr, err := parseAddresses(fields[0])
diff --git a/vendor/github.com/prometheus/procfs/proc_netstat.go b/vendor/github.com/prometheus/procfs/proc_netstat.go
index 6a43bb245..8e3ff4d79 100644
--- a/vendor/github.com/prometheus/procfs/proc_netstat.go
+++ b/vendor/github.com/prometheus/procfs/proc_netstat.go
@@ -195,8 +195,8 @@ func parseProcNetstat(r io.Reader, fileName string) (ProcNetstat, error) {
 		// Remove trailing :.
 		protocol := strings.TrimSuffix(nameParts[0], ":")
 		if len(nameParts) != len(valueParts) {
-			return procNetstat, fmt.Errorf("mismatch field count mismatch in %s: %s",
-				fileName, protocol)
+			return procNetstat, fmt.Errorf("%w: mismatch field count mismatch in %s: %s",
+				ErrFileParse, fileName, protocol)
 		}
 		for i := 1; i < len(nameParts); i++ {
 			value, err := strconv.ParseFloat(valueParts[i], 64)
diff --git a/vendor/github.com/prometheus/procfs/proc_ns.go b/vendor/github.com/prometheus/procfs/proc_ns.go
index 391b4cbd1..c22666750 100644
--- a/vendor/github.com/prometheus/procfs/proc_ns.go
+++ b/vendor/github.com/prometheus/procfs/proc_ns.go
@@ -40,7 +40,7 @@ func (p Proc) Namespaces() (Namespaces, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return nil, fmt.Errorf("failed to read contents of ns dir: %w", err)
+		return nil, fmt.Errorf("%s: failed to read contents of ns dir: %w", ErrFileRead, err)
 	}
 
 	ns := make(Namespaces, len(names))
@@ -52,13 +52,13 @@ func (p Proc) Namespaces() (Namespaces, error) {
 
 		fields := strings.SplitN(target, ":", 2)
 		if len(fields) != 2 {
-			return nil, fmt.Errorf("failed to parse namespace type and inode from %q", target)
+			return nil, fmt.Errorf("%w: namespace type and inode from %q", ErrFileParse, target)
 		}
 
 		typ := fields[0]
 		inode, err := strconv.ParseUint(strings.Trim(fields[1], "[]"), 10, 32)
 		if err != nil {
-			return nil, fmt.Errorf("failed to parse inode from %q: %w", fields[1], err)
+			return nil, fmt.Errorf("%s: inode from %q: %w", ErrFileParse, fields[1], err)
 		}
 
 		ns[name] = Namespace{typ, uint32(inode)}
diff --git a/vendor/github.com/prometheus/procfs/proc_psi.go b/vendor/github.com/prometheus/procfs/proc_psi.go
index a68fe1529..fe9dbb425 100644
--- a/vendor/github.com/prometheus/procfs/proc_psi.go
+++ b/vendor/github.com/prometheus/procfs/proc_psi.go
@@ -61,14 +61,14 @@ type PSIStats struct {
 func (fs FS) PSIStatsForResource(resource string) (PSIStats, error) {
 	data, err := util.ReadFileNoStat(fs.proc.Path(fmt.Sprintf("%s/%s", "pressure", resource)))
 	if err != nil {
-		return PSIStats{}, fmt.Errorf("psi_stats: unavailable for %q: %w", resource, err)
+		return PSIStats{}, fmt.Errorf("%s: psi_stats: unavailable for %q: %w", ErrFileRead, resource, err)
 	}
 
-	return parsePSIStats(resource, bytes.NewReader(data))
+	return parsePSIStats(bytes.NewReader(data))
 }
 
 // parsePSIStats parses the specified file for pressure stall information.
-func parsePSIStats(resource string, r io.Reader) (PSIStats, error) {
+func parsePSIStats(r io.Reader) (PSIStats, error) {
 	psiStats := PSIStats{}
 
 	scanner := bufio.NewScanner(r)
diff --git a/vendor/github.com/prometheus/procfs/proc_smaps.go b/vendor/github.com/prometheus/procfs/proc_smaps.go
index 0e97d9957..ad8785a40 100644
--- a/vendor/github.com/prometheus/procfs/proc_smaps.go
+++ b/vendor/github.com/prometheus/procfs/proc_smaps.go
@@ -135,12 +135,12 @@ func (s *ProcSMapsRollup) parseLine(line string) error {
 	}
 	vBytes := vKBytes * 1024
 
-	s.addValue(k, v, vKBytes, vBytes)
+	s.addValue(k, vBytes)
 
 	return nil
 }
 
-func (s *ProcSMapsRollup) addValue(k string, vString string, vUint uint64, vUintBytes uint64) {
+func (s *ProcSMapsRollup) addValue(k string, vUintBytes uint64) {
 	switch k {
 	case "Rss":
 		s.Rss += vUintBytes
diff --git a/vendor/github.com/prometheus/procfs/proc_snmp.go b/vendor/github.com/prometheus/procfs/proc_snmp.go
index 6c46b7188..b9d2cf642 100644
--- a/vendor/github.com/prometheus/procfs/proc_snmp.go
+++ b/vendor/github.com/prometheus/procfs/proc_snmp.go
@@ -159,8 +159,8 @@ func parseSnmp(r io.Reader, fileName string) (ProcSnmp, error) {
 		// Remove trailing :.
 		protocol := strings.TrimSuffix(nameParts[0], ":")
 		if len(nameParts) != len(valueParts) {
-			return procSnmp, fmt.Errorf("mismatch field count mismatch in %s: %s",
-				fileName, protocol)
+			return procSnmp, fmt.Errorf("%w: mismatch field count mismatch in %s: %s",
+				ErrFileParse, fileName, protocol)
 		}
 		for i := 1; i < len(nameParts); i++ {
 			value, err := strconv.ParseFloat(valueParts[i], 64)
diff --git a/vendor/github.com/prometheus/procfs/proc_stat.go b/vendor/github.com/prometheus/procfs/proc_stat.go
index 14b249f4f..923e55005 100644
--- a/vendor/github.com/prometheus/procfs/proc_stat.go
+++ b/vendor/github.com/prometheus/procfs/proc_stat.go
@@ -138,7 +138,7 @@ func (p Proc) Stat() (ProcStat, error) {
 	)
 
 	if l < 0 || r < 0 {
-		return ProcStat{}, fmt.Errorf("unexpected format, couldn't extract comm %q", data)
+		return ProcStat{}, fmt.Errorf("%w: unexpected format, couldn't extract comm %q", ErrFileParse, data)
 	}
 
 	s.Comm = string(data[l+1 : r])
diff --git a/vendor/github.com/prometheus/procfs/proc_sys.go b/vendor/github.com/prometheus/procfs/proc_sys.go
index d46533ebf..12c5bf05b 100644
--- a/vendor/github.com/prometheus/procfs/proc_sys.go
+++ b/vendor/github.com/prometheus/procfs/proc_sys.go
@@ -44,7 +44,7 @@ func (fs FS) SysctlInts(sysctl string) ([]int, error) {
 		vp := util.NewValueParser(f)
 		values[i] = vp.Int()
 		if err := vp.Err(); err != nil {
-			return nil, fmt.Errorf("field %d in sysctl %s is not a valid int: %w", i, sysctl, err)
+			return nil, fmt.Errorf("%s: field %d in sysctl %s is not a valid int: %w", ErrFileParse, i, sysctl, err)
 		}
 	}
 	return values, nil
diff --git a/vendor/github.com/prometheus/procfs/slab.go b/vendor/github.com/prometheus/procfs/slab.go
index bc9aaf5c2..8611c9017 100644
--- a/vendor/github.com/prometheus/procfs/slab.go
+++ b/vendor/github.com/prometheus/procfs/slab.go
@@ -68,7 +68,7 @@ func parseV21SlabEntry(line string) (*Slab, error) {
 	l := slabSpace.ReplaceAllString(line, " ")
 	s := strings.Split(l, " ")
 	if len(s) != 16 {
-		return nil, fmt.Errorf("unable to parse: %q", line)
+		return nil, fmt.Errorf("%w: unable to parse: %q", ErrFileParse, line)
 	}
 	var err error
 	i := &Slab{Name: s[0]}
diff --git a/vendor/github.com/prometheus/procfs/softirqs.go b/vendor/github.com/prometheus/procfs/softirqs.go
index 559129cbc..b8fad677d 100644
--- a/vendor/github.com/prometheus/procfs/softirqs.go
+++ b/vendor/github.com/prometheus/procfs/softirqs.go
@@ -57,7 +57,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 	)
 
 	if !scanner.Scan() {
-		return Softirqs{}, fmt.Errorf("softirqs empty")
+		return Softirqs{}, fmt.Errorf("%w: softirqs empty", ErrFileRead)
 	}
 
 	for scanner.Scan() {
@@ -74,7 +74,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Hi = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Hi[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (HI%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (HI%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "TIMER:":
@@ -82,7 +82,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Timer = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Timer[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (TIMER%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (TIMER%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "NET_TX:":
@@ -90,7 +90,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.NetTx = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.NetTx[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (NET_TX%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (NET_TX%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "NET_RX:":
@@ -98,7 +98,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.NetRx = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.NetRx[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (NET_RX%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (NET_RX%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "BLOCK:":
@@ -106,7 +106,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Block = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Block[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (BLOCK%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (BLOCK%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "IRQ_POLL:":
@@ -114,7 +114,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.IRQPoll = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.IRQPoll[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (IRQ_POLL%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (IRQ_POLL%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "TASKLET:":
@@ -122,7 +122,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Tasklet = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Tasklet[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (TASKLET%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (TASKLET%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "SCHED:":
@@ -130,7 +130,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Sched = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Sched[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (SCHED%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (SCHED%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "HRTIMER:":
@@ -138,7 +138,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.HRTimer = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.HRTimer[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (HRTIMER%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (HRTIMER%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "RCU:":
@@ -146,14 +146,14 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.RCU = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.RCU[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("couldn't parse %q (RCU%d): %w", count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (RCU%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		}
 	}
 
 	if err := scanner.Err(); err != nil {
-		return Softirqs{}, fmt.Errorf("couldn't parse softirqs: %w", err)
+		return Softirqs{}, fmt.Errorf("%s: couldn't parse softirqs: %w", ErrFileParse, err)
 	}
 
 	return softirqs, scanner.Err()
diff --git a/vendor/github.com/prometheus/procfs/stat.go b/vendor/github.com/prometheus/procfs/stat.go
index 586af48af..34fc3ee21 100644
--- a/vendor/github.com/prometheus/procfs/stat.go
+++ b/vendor/github.com/prometheus/procfs/stat.go
@@ -93,10 +93,10 @@ func parseCPUStat(line string) (CPUStat, int64, error) {
 		&cpuStat.Guest, &cpuStat.GuestNice)
 
 	if err != nil && err != io.EOF {
-		return CPUStat{}, -1, fmt.Errorf("couldn't parse %q (cpu): %w", line, err)
+		return CPUStat{}, -1, fmt.Errorf("%s: couldn't parse %q (cpu): %w", ErrFileParse, line, err)
 	}
 	if count == 0 {
-		return CPUStat{}, -1, fmt.Errorf("couldn't parse %q (cpu): 0 elements parsed", line)
+		return CPUStat{}, -1, fmt.Errorf("%w: couldn't parse %q (cpu): 0 elements parsed", ErrFileParse, line)
 	}
 
 	cpuStat.User /= userHZ
@@ -116,7 +116,7 @@ func parseCPUStat(line string) (CPUStat, int64, error) {
 
 	cpuID, err := strconv.ParseInt(cpu[3:], 10, 64)
 	if err != nil {
-		return CPUStat{}, -1, fmt.Errorf("couldn't parse %q (cpu/cpuid): %w", line, err)
+		return CPUStat{}, -1, fmt.Errorf("%s: couldn't parse %q (cpu/cpuid): %w", ErrFileParse, line, err)
 	}
 
 	return cpuStat, cpuID, nil
@@ -136,7 +136,7 @@ func parseSoftIRQStat(line string) (SoftIRQStat, uint64, error) {
 		&softIRQStat.Hrtimer, &softIRQStat.Rcu)
 
 	if err != nil {
-		return SoftIRQStat{}, 0, fmt.Errorf("couldn't parse %q (softirq): %w", line, err)
+		return SoftIRQStat{}, 0, fmt.Errorf("%s: couldn't parse %q (softirq): %w", ErrFileParse, line, err)
 	}
 
 	return softIRQStat, total, nil
@@ -187,6 +187,10 @@ func parseStat(r io.Reader, fileName string) (Stat, error) {
 		err error
 	)
 
+	// Increase default scanner buffer to handle very long `intr` lines.
+	buf := make([]byte, 0, 8*1024)
+	scanner.Buffer(buf, 1024*1024)
+
 	for scanner.Scan() {
 		line := scanner.Text()
 		parts := strings.Fields(scanner.Text())
@@ -197,34 +201,34 @@ func parseStat(r io.Reader, fileName string) (Stat, error) {
 		switch {
 		case parts[0] == "btime":
 			if stat.BootTime, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("couldn't parse %q (btime): %w", parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (btime): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "intr":
 			if stat.IRQTotal, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("couldn't parse %q (intr): %w", parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (intr): %w", ErrFileParse, parts[1], err)
 			}
 			numberedIRQs := parts[2:]
 			stat.IRQ = make([]uint64, len(numberedIRQs))
 			for i, count := range numberedIRQs {
 				if stat.IRQ[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Stat{}, fmt.Errorf("couldn't parse %q (intr%d): %w", count, i, err)
+					return Stat{}, fmt.Errorf("%s: couldn't parse %q (intr%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "ctxt":
 			if stat.ContextSwitches, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("couldn't parse %q (ctxt): %w", parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (ctxt): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "processes":
 			if stat.ProcessCreated, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("couldn't parse %q (processes): %w", parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (processes): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "procs_running":
 			if stat.ProcessesRunning, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("couldn't parse %q (procs_running): %w", parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (procs_running): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "procs_blocked":
 			if stat.ProcessesBlocked, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("couldn't parse %q (procs_blocked): %w", parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (procs_blocked): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "softirq":
 			softIRQStats, total, err := parseSoftIRQStat(line)
@@ -247,7 +251,7 @@ func parseStat(r io.Reader, fileName string) (Stat, error) {
 	}
 
 	if err := scanner.Err(); err != nil {
-		return Stat{}, fmt.Errorf("couldn't parse %q: %w", fileName, err)
+		return Stat{}, fmt.Errorf("%s: couldn't parse %q: %w", ErrFileParse, fileName, err)
 	}
 
 	return stat, nil
diff --git a/vendor/github.com/prometheus/procfs/swaps.go b/vendor/github.com/prometheus/procfs/swaps.go
index 15edc2212..fa00f555d 100644
--- a/vendor/github.com/prometheus/procfs/swaps.go
+++ b/vendor/github.com/prometheus/procfs/swaps.go
@@ -64,7 +64,7 @@ func parseSwapString(swapString string) (*Swap, error) {
 	swapFields := strings.Fields(swapString)
 	swapLength := len(swapFields)
 	if swapLength < 5 {
-		return nil, fmt.Errorf("too few fields in swap string: %s", swapString)
+		return nil, fmt.Errorf("%w: too few fields in swap string: %s", ErrFileParse, swapString)
 	}
 
 	swap := &Swap{
@@ -74,15 +74,15 @@ func parseSwapString(swapString string) (*Swap, error) {
 
 	swap.Size, err = strconv.Atoi(swapFields[2])
 	if err != nil {
-		return nil, fmt.Errorf("invalid swap size: %s", swapFields[2])
+		return nil, fmt.Errorf("%s: invalid swap size: %s: %w", ErrFileParse, swapFields[2], err)
 	}
 	swap.Used, err = strconv.Atoi(swapFields[3])
 	if err != nil {
-		return nil, fmt.Errorf("invalid swap used: %s", swapFields[3])
+		return nil, fmt.Errorf("%s: invalid swap used: %s: %w", ErrFileParse, swapFields[3], err)
 	}
 	swap.Priority, err = strconv.Atoi(swapFields[4])
 	if err != nil {
-		return nil, fmt.Errorf("invalid swap priority: %s", swapFields[4])
+		return nil, fmt.Errorf("%s: invalid swap priority: %s: %w", ErrFileParse, swapFields[4], err)
 	}
 
 	return swap, nil
diff --git a/vendor/github.com/prometheus/procfs/thread.go b/vendor/github.com/prometheus/procfs/thread.go
index 490c14708..df2215ece 100644
--- a/vendor/github.com/prometheus/procfs/thread.go
+++ b/vendor/github.com/prometheus/procfs/thread.go
@@ -45,7 +45,7 @@ func (fs FS) AllThreads(pid int) (Procs, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return Procs{}, fmt.Errorf("could not read %q: %w", d.Name(), err)
+		return Procs{}, fmt.Errorf("%s: could not read %q: %w", ErrFileRead, d.Name(), err)
 	}
 
 	t := Procs{}
@@ -55,7 +55,7 @@ func (fs FS) AllThreads(pid int) (Procs, error) {
 			continue
 		}
 
-		t = append(t, Proc{PID: int(tid), fs: FS{fsi.FS(taskPath), fs.real}})
+		t = append(t, Proc{PID: int(tid), fs: FS{fsi.FS(taskPath), fs.isReal}})
 	}
 
 	return t, nil
@@ -67,12 +67,12 @@ func (fs FS) Thread(pid, tid int) (Proc, error) {
 	if _, err := os.Stat(taskPath); err != nil {
 		return Proc{}, err
 	}
-	return Proc{PID: tid, fs: FS{fsi.FS(taskPath), fs.real}}, nil
+	return Proc{PID: tid, fs: FS{fsi.FS(taskPath), fs.isReal}}, nil
 }
 
 // Thread returns a process for a given TID of Proc.
 func (proc Proc) Thread(tid int) (Proc, error) {
-	tfs := FS{fsi.FS(proc.path("task")), proc.fs.real}
+	tfs := FS{fsi.FS(proc.path("task")), proc.fs.isReal}
 	if _, err := os.Stat(tfs.proc.Path(strconv.Itoa(tid))); err != nil {
 		return Proc{}, err
 	}
diff --git a/vendor/github.com/prometheus/procfs/vm.go b/vendor/github.com/prometheus/procfs/vm.go
index cdedcae99..51c49d89e 100644
--- a/vendor/github.com/prometheus/procfs/vm.go
+++ b/vendor/github.com/prometheus/procfs/vm.go
@@ -86,7 +86,7 @@ func (fs FS) VM() (*VM, error) {
 		return nil, err
 	}
 	if !file.Mode().IsDir() {
-		return nil, fmt.Errorf("%s is not a directory", path)
+		return nil, fmt.Errorf("%w: %s is not a directory", ErrFileRead, path)
 	}
 
 	files, err := os.ReadDir(path)
diff --git a/vendor/github.com/prometheus/procfs/zoneinfo.go b/vendor/github.com/prometheus/procfs/zoneinfo.go
index c745a4c04..ce5fefa5b 100644
--- a/vendor/github.com/prometheus/procfs/zoneinfo.go
+++ b/vendor/github.com/prometheus/procfs/zoneinfo.go
@@ -75,11 +75,11 @@ var nodeZoneRE = regexp.MustCompile(`(\d+), zone\s+(\w+)`)
 func (fs FS) Zoneinfo() ([]Zoneinfo, error) {
 	data, err := os.ReadFile(fs.proc.Path("zoneinfo"))
 	if err != nil {
-		return nil, fmt.Errorf("error reading zoneinfo %q: %w", fs.proc.Path("zoneinfo"), err)
+		return nil, fmt.Errorf("%s: error reading zoneinfo %q: %w", ErrFileRead, fs.proc.Path("zoneinfo"), err)
 	}
 	zoneinfo, err := parseZoneinfo(data)
 	if err != nil {
-		return nil, fmt.Errorf("error parsing zoneinfo %q: %w", fs.proc.Path("zoneinfo"), err)
+		return nil, fmt.Errorf("%s: error parsing zoneinfo %q: %w", ErrFileParse, fs.proc.Path("zoneinfo"), err)
 	}
 	return zoneinfo, nil
 }
diff --git a/vendor/google.golang.org/protobuf/encoding/prototext/encode.go b/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
index ebf6c6528..722a7b41d 100644
--- a/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
+++ b/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
@@ -101,13 +101,19 @@ func (o MarshalOptions) Format(m proto.Message) string {
 // MarshalOptions object. Do not depend on the output being stable. It may
 // change over time across different versions of the program.
 func (o MarshalOptions) Marshal(m proto.Message) ([]byte, error) {
-	return o.marshal(m)
+	return o.marshal(nil, m)
+}
+
+// MarshalAppend appends the textproto format encoding of m to b,
+// returning the result.
+func (o MarshalOptions) MarshalAppend(b []byte, m proto.Message) ([]byte, error) {
+	return o.marshal(b, m)
 }
 
 // marshal is a centralized function that all marshal operations go through.
 // For profiling purposes, avoid changing the name of this function or
 // introducing other code paths for marshal that do not go through this.
-func (o MarshalOptions) marshal(m proto.Message) ([]byte, error) {
+func (o MarshalOptions) marshal(b []byte, m proto.Message) ([]byte, error) {
 	var delims = [2]byte{'{', '}'}
 
 	if o.Multiline && o.Indent == "" {
@@ -117,7 +123,7 @@ func (o MarshalOptions) marshal(m proto.Message) ([]byte, error) {
 		o.Resolver = protoregistry.GlobalTypes
 	}
 
-	internalEnc, err := text.NewEncoder(o.Indent, delims, o.EmitASCII)
+	internalEnc, err := text.NewEncoder(b, o.Indent, delims, o.EmitASCII)
 	if err != nil {
 		return nil, err
 	}
@@ -125,7 +131,7 @@ func (o MarshalOptions) marshal(m proto.Message) ([]byte, error) {
 	// Treat nil message interface as an empty message,
 	// in which case there is nothing to output.
 	if m == nil {
-		return []byte{}, nil
+		return b, nil
 	}
 
 	enc := encoder{internalEnc, o}
diff --git a/vendor/google.golang.org/protobuf/internal/encoding/text/encode.go b/vendor/google.golang.org/protobuf/internal/encoding/text/encode.go
index da289ccce..cf7aed77b 100644
--- a/vendor/google.golang.org/protobuf/internal/encoding/text/encode.go
+++ b/vendor/google.golang.org/protobuf/internal/encoding/text/encode.go
@@ -53,8 +53,10 @@ type encoderState struct {
 // If outputASCII is true, strings will be serialized in such a way that
 // multi-byte UTF-8 sequences are escaped. This property ensures that the
 // overall output is ASCII (as opposed to UTF-8).
-func NewEncoder(indent string, delims [2]byte, outputASCII bool) (*Encoder, error) {
-	e := &Encoder{}
+func NewEncoder(buf []byte, indent string, delims [2]byte, outputASCII bool) (*Encoder, error) {
+	e := &Encoder{
+		encoderState: encoderState{out: buf},
+	}
 	if len(indent) > 0 {
 		if strings.Trim(indent, " \t") != "" {
 			return nil, errors.New("indent may only be composed of space and tab characters")
@@ -195,13 +197,13 @@ func appendFloat(out []byte, n float64, bitSize int) []byte {
 // WriteInt writes out the given signed integer value.
 func (e *Encoder) WriteInt(n int64) {
 	e.prepareNext(scalar)
-	e.out = append(e.out, strconv.FormatInt(n, 10)...)
+	e.out = strconv.AppendInt(e.out, n, 10)
 }
 
 // WriteUint writes out the given unsigned integer value.
 func (e *Encoder) WriteUint(n uint64) {
 	e.prepareNext(scalar)
-	e.out = append(e.out, strconv.FormatUint(n, 10)...)
+	e.out = strconv.AppendUint(e.out, n, 10)
 }
 
 // WriteLiteral writes out the given string as a literal value without quotes.
diff --git a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
index 5c0e8f73f..136f1b215 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
@@ -183,13 +183,58 @@ const (
 // Field names for google.protobuf.ExtensionRangeOptions.
 const (
 	ExtensionRangeOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
+	ExtensionRangeOptions_Declaration_field_name         protoreflect.Name = "declaration"
+	ExtensionRangeOptions_Verification_field_name        protoreflect.Name = "verification"
 
 	ExtensionRangeOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.uninterpreted_option"
+	ExtensionRangeOptions_Declaration_field_fullname         protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.declaration"
+	ExtensionRangeOptions_Verification_field_fullname        protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.verification"
 )
 
 // Field numbers for google.protobuf.ExtensionRangeOptions.
 const (
 	ExtensionRangeOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
+	ExtensionRangeOptions_Declaration_field_number         protoreflect.FieldNumber = 2
+	ExtensionRangeOptions_Verification_field_number        protoreflect.FieldNumber = 3
+)
+
+// Full and short names for google.protobuf.ExtensionRangeOptions.VerificationState.
+const (
+	ExtensionRangeOptions_VerificationState_enum_fullname = "google.protobuf.ExtensionRangeOptions.VerificationState"
+	ExtensionRangeOptions_VerificationState_enum_name     = "VerificationState"
+)
+
+// Names for google.protobuf.ExtensionRangeOptions.Declaration.
+const (
+	ExtensionRangeOptions_Declaration_message_name     protoreflect.Name     = "Declaration"
+	ExtensionRangeOptions_Declaration_message_fullname protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration"
+)
+
+// Field names for google.protobuf.ExtensionRangeOptions.Declaration.
+const (
+	ExtensionRangeOptions_Declaration_Number_field_name     protoreflect.Name = "number"
+	ExtensionRangeOptions_Declaration_FullName_field_name   protoreflect.Name = "full_name"
+	ExtensionRangeOptions_Declaration_Type_field_name       protoreflect.Name = "type"
+	ExtensionRangeOptions_Declaration_IsRepeated_field_name protoreflect.Name = "is_repeated"
+	ExtensionRangeOptions_Declaration_Reserved_field_name   protoreflect.Name = "reserved"
+	ExtensionRangeOptions_Declaration_Repeated_field_name   protoreflect.Name = "repeated"
+
+	ExtensionRangeOptions_Declaration_Number_field_fullname     protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.number"
+	ExtensionRangeOptions_Declaration_FullName_field_fullname   protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.full_name"
+	ExtensionRangeOptions_Declaration_Type_field_fullname       protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.type"
+	ExtensionRangeOptions_Declaration_IsRepeated_field_fullname protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.is_repeated"
+	ExtensionRangeOptions_Declaration_Reserved_field_fullname   protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.reserved"
+	ExtensionRangeOptions_Declaration_Repeated_field_fullname   protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.repeated"
+)
+
+// Field numbers for google.protobuf.ExtensionRangeOptions.Declaration.
+const (
+	ExtensionRangeOptions_Declaration_Number_field_number     protoreflect.FieldNumber = 1
+	ExtensionRangeOptions_Declaration_FullName_field_number   protoreflect.FieldNumber = 2
+	ExtensionRangeOptions_Declaration_Type_field_number       protoreflect.FieldNumber = 3
+	ExtensionRangeOptions_Declaration_IsRepeated_field_number protoreflect.FieldNumber = 4
+	ExtensionRangeOptions_Declaration_Reserved_field_number   protoreflect.FieldNumber = 5
+	ExtensionRangeOptions_Declaration_Repeated_field_number   protoreflect.FieldNumber = 6
 )
 
 // Names for google.protobuf.FieldDescriptorProto.
@@ -540,6 +585,7 @@ const (
 	FieldOptions_DebugRedact_field_name         protoreflect.Name = "debug_redact"
 	FieldOptions_Retention_field_name           protoreflect.Name = "retention"
 	FieldOptions_Target_field_name              protoreflect.Name = "target"
+	FieldOptions_Targets_field_name             protoreflect.Name = "targets"
 	FieldOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
 	FieldOptions_Ctype_field_fullname               protoreflect.FullName = "google.protobuf.FieldOptions.ctype"
@@ -552,6 +598,7 @@ const (
 	FieldOptions_DebugRedact_field_fullname         protoreflect.FullName = "google.protobuf.FieldOptions.debug_redact"
 	FieldOptions_Retention_field_fullname           protoreflect.FullName = "google.protobuf.FieldOptions.retention"
 	FieldOptions_Target_field_fullname              protoreflect.FullName = "google.protobuf.FieldOptions.target"
+	FieldOptions_Targets_field_fullname             protoreflect.FullName = "google.protobuf.FieldOptions.targets"
 	FieldOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.uninterpreted_option"
 )
 
@@ -567,6 +614,7 @@ const (
 	FieldOptions_DebugRedact_field_number         protoreflect.FieldNumber = 16
 	FieldOptions_Retention_field_number           protoreflect.FieldNumber = 17
 	FieldOptions_Target_field_number              protoreflect.FieldNumber = 18
+	FieldOptions_Targets_field_number             protoreflect.FieldNumber = 19
 	FieldOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
 
diff --git a/vendor/google.golang.org/protobuf/internal/genid/type_gen.go b/vendor/google.golang.org/protobuf/internal/genid/type_gen.go
index 3bc710138..e0f75fea0 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/type_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/type_gen.go
@@ -32,6 +32,7 @@ const (
 	Type_Options_field_name       protoreflect.Name = "options"
 	Type_SourceContext_field_name protoreflect.Name = "source_context"
 	Type_Syntax_field_name        protoreflect.Name = "syntax"
+	Type_Edition_field_name       protoreflect.Name = "edition"
 
 	Type_Name_field_fullname          protoreflect.FullName = "google.protobuf.Type.name"
 	Type_Fields_field_fullname        protoreflect.FullName = "google.protobuf.Type.fields"
@@ -39,6 +40,7 @@ const (
 	Type_Options_field_fullname       protoreflect.FullName = "google.protobuf.Type.options"
 	Type_SourceContext_field_fullname protoreflect.FullName = "google.protobuf.Type.source_context"
 	Type_Syntax_field_fullname        protoreflect.FullName = "google.protobuf.Type.syntax"
+	Type_Edition_field_fullname       protoreflect.FullName = "google.protobuf.Type.edition"
 )
 
 // Field numbers for google.protobuf.Type.
@@ -49,6 +51,7 @@ const (
 	Type_Options_field_number       protoreflect.FieldNumber = 4
 	Type_SourceContext_field_number protoreflect.FieldNumber = 5
 	Type_Syntax_field_number        protoreflect.FieldNumber = 6
+	Type_Edition_field_number       protoreflect.FieldNumber = 7
 )
 
 // Names for google.protobuf.Field.
@@ -121,12 +124,14 @@ const (
 	Enum_Options_field_name       protoreflect.Name = "options"
 	Enum_SourceContext_field_name protoreflect.Name = "source_context"
 	Enum_Syntax_field_name        protoreflect.Name = "syntax"
+	Enum_Edition_field_name       protoreflect.Name = "edition"
 
 	Enum_Name_field_fullname          protoreflect.FullName = "google.protobuf.Enum.name"
 	Enum_Enumvalue_field_fullname     protoreflect.FullName = "google.protobuf.Enum.enumvalue"
 	Enum_Options_field_fullname       protoreflect.FullName = "google.protobuf.Enum.options"
 	Enum_SourceContext_field_fullname protoreflect.FullName = "google.protobuf.Enum.source_context"
 	Enum_Syntax_field_fullname        protoreflect.FullName = "google.protobuf.Enum.syntax"
+	Enum_Edition_field_fullname       protoreflect.FullName = "google.protobuf.Enum.edition"
 )
 
 // Field numbers for google.protobuf.Enum.
@@ -136,6 +141,7 @@ const (
 	Enum_Options_field_number       protoreflect.FieldNumber = 3
 	Enum_SourceContext_field_number protoreflect.FieldNumber = 4
 	Enum_Syntax_field_number        protoreflect.FieldNumber = 5
+	Enum_Edition_field_number       protoreflect.FieldNumber = 6
 )
 
 // Names for google.protobuf.EnumValue.
diff --git a/vendor/google.golang.org/protobuf/internal/order/order.go b/vendor/google.golang.org/protobuf/internal/order/order.go
index 33745ed06..dea522e12 100644
--- a/vendor/google.golang.org/protobuf/internal/order/order.go
+++ b/vendor/google.golang.org/protobuf/internal/order/order.go
@@ -33,7 +33,7 @@ var (
 			return !inOneof(ox) && inOneof(oy)
 		}
 		// Fields in disjoint oneof sets are sorted by declaration index.
-		if ox != nil && oy != nil && ox != oy {
+		if inOneof(ox) && inOneof(oy) && ox != oy {
 			return ox.Index() < oy.Index()
 		}
 		// Fields sorted by field number.
diff --git a/vendor/google.golang.org/protobuf/internal/version/version.go b/vendor/google.golang.org/protobuf/internal/version/version.go
index f7014cd51..0999f29d5 100644
--- a/vendor/google.golang.org/protobuf/internal/version/version.go
+++ b/vendor/google.golang.org/protobuf/internal/version/version.go
@@ -51,7 +51,7 @@ import (
 //  10. Send out the CL for review and submit it.
 const (
 	Major      = 1
-	Minor      = 30
+	Minor      = 31
 	Patch      = 0
 	PreRelease = ""
 )
diff --git a/vendor/google.golang.org/protobuf/proto/size.go b/vendor/google.golang.org/protobuf/proto/size.go
index 554b9c6c0..f1692b49b 100644
--- a/vendor/google.golang.org/protobuf/proto/size.go
+++ b/vendor/google.golang.org/protobuf/proto/size.go
@@ -73,23 +73,27 @@ func (o MarshalOptions) sizeField(fd protoreflect.FieldDescriptor, value protore
 }
 
 func (o MarshalOptions) sizeList(num protowire.Number, fd protoreflect.FieldDescriptor, list protoreflect.List) (size int) {
+	sizeTag := protowire.SizeTag(num)
+
 	if fd.IsPacked() && list.Len() > 0 {
 		content := 0
 		for i, llen := 0, list.Len(); i < llen; i++ {
 			content += o.sizeSingular(num, fd.Kind(), list.Get(i))
 		}
-		return protowire.SizeTag(num) + protowire.SizeBytes(content)
+		return sizeTag + protowire.SizeBytes(content)
 	}
 
 	for i, llen := 0, list.Len(); i < llen; i++ {
-		size += protowire.SizeTag(num) + o.sizeSingular(num, fd.Kind(), list.Get(i))
+		size += sizeTag + o.sizeSingular(num, fd.Kind(), list.Get(i))
 	}
 	return size
 }
 
 func (o MarshalOptions) sizeMap(num protowire.Number, fd protoreflect.FieldDescriptor, mapv protoreflect.Map) (size int) {
+	sizeTag := protowire.SizeTag(num)
+
 	mapv.Range(func(key protoreflect.MapKey, value protoreflect.Value) bool {
-		size += protowire.SizeTag(num)
+		size += sizeTag
 		size += protowire.SizeBytes(o.sizeField(fd.MapKey(), key.Value()) + o.sizeField(fd.MapValue(), value))
 		return true
 	})
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
index 54ce326df..717b106f3 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
@@ -363,6 +363,8 @@ func (p *SourcePath) appendFieldOptions(b []byte) []byte {
 		b = p.appendSingularField(b, "retention", nil)
 	case 18:
 		b = p.appendSingularField(b, "target", nil)
+	case 19:
+		b = p.appendRepeatedField(b, "targets", nil)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -418,6 +420,10 @@ func (p *SourcePath) appendExtensionRangeOptions(b []byte) []byte {
 	switch (*p)[0] {
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
+	case 2:
+		b = p.appendRepeatedField(b, "declaration", (*SourcePath).appendExtensionRangeOptions_Declaration)
+	case 3:
+		b = p.appendSingularField(b, "verification", nil)
 	}
 	return b
 }
@@ -473,3 +479,24 @@ func (p *SourcePath) appendUninterpretedOption_NamePart(b []byte) []byte {
 	}
 	return b
 }
+
+func (p *SourcePath) appendExtensionRangeOptions_Declaration(b []byte) []byte {
+	if len(*p) == 0 {
+		return b
+	}
+	switch (*p)[0] {
+	case 1:
+		b = p.appendSingularField(b, "number", nil)
+	case 2:
+		b = p.appendSingularField(b, "full_name", nil)
+	case 3:
+		b = p.appendSingularField(b, "type", nil)
+	case 4:
+		b = p.appendSingularField(b, "is_repeated", nil)
+	case 5:
+		b = p.appendSingularField(b, "reserved", nil)
+	case 6:
+		b = p.appendSingularField(b, "repeated", nil)
+	}
+	return b
+}
diff --git a/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go b/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go
index dac5671db..04c00f737 100644
--- a/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go
+++ b/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go
@@ -48,6 +48,64 @@ import (
 	sync "sync"
 )
 
+// The verification state of the extension range.
+type ExtensionRangeOptions_VerificationState int32
+
+const (
+	// All the extensions of the range must be declared.
+	ExtensionRangeOptions_DECLARATION ExtensionRangeOptions_VerificationState = 0
+	ExtensionRangeOptions_UNVERIFIED  ExtensionRangeOptions_VerificationState = 1
+)
+
+// Enum value maps for ExtensionRangeOptions_VerificationState.
+var (
+	ExtensionRangeOptions_VerificationState_name = map[int32]string{
+		0: "DECLARATION",
+		1: "UNVERIFIED",
+	}
+	ExtensionRangeOptions_VerificationState_value = map[string]int32{
+		"DECLARATION": 0,
+		"UNVERIFIED":  1,
+	}
+)
+
+func (x ExtensionRangeOptions_VerificationState) Enum() *ExtensionRangeOptions_VerificationState {
+	p := new(ExtensionRangeOptions_VerificationState)
+	*p = x
+	return p
+}
+
+func (x ExtensionRangeOptions_VerificationState) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (ExtensionRangeOptions_VerificationState) Descriptor() protoreflect.EnumDescriptor {
+	return file_google_protobuf_descriptor_proto_enumTypes[0].Descriptor()
+}
+
+func (ExtensionRangeOptions_VerificationState) Type() protoreflect.EnumType {
+	return &file_google_protobuf_descriptor_proto_enumTypes[0]
+}
+
+func (x ExtensionRangeOptions_VerificationState) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Do not use.
+func (x *ExtensionRangeOptions_VerificationState) UnmarshalJSON(b []byte) error {
+	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
+	if err != nil {
+		return err
+	}
+	*x = ExtensionRangeOptions_VerificationState(num)
+	return nil
+}
+
+// Deprecated: Use ExtensionRangeOptions_VerificationState.Descriptor instead.
+func (ExtensionRangeOptions_VerificationState) EnumDescriptor() ([]byte, []int) {
+	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{3, 0}
+}
+
 type FieldDescriptorProto_Type int32
 
 const (
@@ -137,11 +195,11 @@ func (x FieldDescriptorProto_Type) String() string {
 }
 
 func (FieldDescriptorProto_Type) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[0].Descriptor()
+	return file_google_protobuf_descriptor_proto_enumTypes[1].Descriptor()
 }
 
 func (FieldDescriptorProto_Type) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[0]
+	return &file_google_protobuf_descriptor_proto_enumTypes[1]
 }
 
 func (x FieldDescriptorProto_Type) Number() protoreflect.EnumNumber {
@@ -197,11 +255,11 @@ func (x FieldDescriptorProto_Label) String() string {
 }
 
 func (FieldDescriptorProto_Label) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[1].Descriptor()
+	return file_google_protobuf_descriptor_proto_enumTypes[2].Descriptor()
 }
 
 func (FieldDescriptorProto_Label) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[1]
+	return &file_google_protobuf_descriptor_proto_enumTypes[2]
 }
 
 func (x FieldDescriptorProto_Label) Number() protoreflect.EnumNumber {
@@ -258,11 +316,11 @@ func (x FileOptions_OptimizeMode) String() string {
 }
 
 func (FileOptions_OptimizeMode) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[2].Descriptor()
+	return file_google_protobuf_descriptor_proto_enumTypes[3].Descriptor()
 }
 
 func (FileOptions_OptimizeMode) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[2]
+	return &file_google_protobuf_descriptor_proto_enumTypes[3]
 }
 
 func (x FileOptions_OptimizeMode) Number() protoreflect.EnumNumber {
@@ -288,7 +346,13 @@ type FieldOptions_CType int32
 
 const (
 	// Default mode.
-	FieldOptions_STRING       FieldOptions_CType = 0
+	FieldOptions_STRING FieldOptions_CType = 0
+	// The option [ctype=CORD] may be applied to a non-repeated field of type
+	// "bytes". It indicates that in C++, the data should be stored in a Cord
+	// instead of a string.  For very large strings, this may reduce memory
+	// fragmentation. It may also allow better performance when parsing from a
+	// Cord, or when parsing with aliasing enabled, as the parsed Cord may then
+	// alias the original buffer.
 	FieldOptions_CORD         FieldOptions_CType = 1
 	FieldOptions_STRING_PIECE FieldOptions_CType = 2
 )
@@ -318,11 +382,11 @@ func (x FieldOptions_CType) String() string {
 }
 
 func (FieldOptions_CType) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[3].Descriptor()
+	return file_google_protobuf_descriptor_proto_enumTypes[4].Descriptor()
 }
 
 func (FieldOptions_CType) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[3]
+	return &file_google_protobuf_descriptor_proto_enumTypes[4]
 }
 
 func (x FieldOptions_CType) Number() protoreflect.EnumNumber {
@@ -380,11 +444,11 @@ func (x FieldOptions_JSType) String() string {
 }
 
 func (FieldOptions_JSType) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[4].Descriptor()
+	return file_google_protobuf_descriptor_proto_enumTypes[5].Descriptor()
 }
 
 func (FieldOptions_JSType) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[4]
+	return &file_google_protobuf_descriptor_proto_enumTypes[5]
 }
 
 func (x FieldOptions_JSType) Number() protoreflect.EnumNumber {
@@ -442,11 +506,11 @@ func (x FieldOptions_OptionRetention) String() string {
 }
 
 func (FieldOptions_OptionRetention) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[5].Descriptor()
+	return file_google_protobuf_descriptor_proto_enumTypes[6].Descriptor()
 }
 
 func (FieldOptions_OptionRetention) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[5]
+	return &file_google_protobuf_descriptor_proto_enumTypes[6]
 }
 
 func (x FieldOptions_OptionRetention) Number() protoreflect.EnumNumber {
@@ -526,11 +590,11 @@ func (x FieldOptions_OptionTargetType) String() string {
 }
 
 func (FieldOptions_OptionTargetType) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[6].Descriptor()
+	return file_google_protobuf_descriptor_proto_enumTypes[7].Descriptor()
 }
 
 func (FieldOptions_OptionTargetType) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[6]
+	return &file_google_protobuf_descriptor_proto_enumTypes[7]
 }
 
 func (x FieldOptions_OptionTargetType) Number() protoreflect.EnumNumber {
@@ -588,11 +652,11 @@ func (x MethodOptions_IdempotencyLevel) String() string {
 }
 
 func (MethodOptions_IdempotencyLevel) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[7].Descriptor()
+	return file_google_protobuf_descriptor_proto_enumTypes[8].Descriptor()
 }
 
 func (MethodOptions_IdempotencyLevel) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[7]
+	return &file_google_protobuf_descriptor_proto_enumTypes[8]
 }
 
 func (x MethodOptions_IdempotencyLevel) Number() protoreflect.EnumNumber {
@@ -652,11 +716,11 @@ func (x GeneratedCodeInfo_Annotation_Semantic) String() string {
 }
 
 func (GeneratedCodeInfo_Annotation_Semantic) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[8].Descriptor()
+	return file_google_protobuf_descriptor_proto_enumTypes[9].Descriptor()
 }
 
 func (GeneratedCodeInfo_Annotation_Semantic) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[8]
+	return &file_google_protobuf_descriptor_proto_enumTypes[9]
 }
 
 func (x GeneratedCodeInfo_Annotation_Semantic) Number() protoreflect.EnumNumber {
@@ -1015,7 +1079,21 @@ type ExtensionRangeOptions struct {
 
 	// The parser stores options it doesn't recognize here. See above.
 	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-}
+	// go/protobuf-stripping-extension-declarations
+	// Like Metadata, but we use a repeated field to hold all extension
+	// declarations. This should avoid the size increases of transforming a large
+	// extension range into small ranges in generated binaries.
+	Declaration []*ExtensionRangeOptions_Declaration `protobuf:"bytes,2,rep,name=declaration" json:"declaration,omitempty"`
+	// The verification state of the range.
+	// TODO(b/278783756): flip the default to DECLARATION once all empty ranges
+	// are marked as UNVERIFIED.
+	Verification *ExtensionRangeOptions_VerificationState `protobuf:"varint,3,opt,name=verification,enum=google.protobuf.ExtensionRangeOptions_VerificationState,def=1" json:"verification,omitempty"`
+}
+
+// Default values for ExtensionRangeOptions fields.
+const (
+	Default_ExtensionRangeOptions_Verification = ExtensionRangeOptions_UNVERIFIED
+)
 
 func (x *ExtensionRangeOptions) Reset() {
 	*x = ExtensionRangeOptions{}
@@ -1056,6 +1134,20 @@ func (x *ExtensionRangeOptions) GetUninterpretedOption() []*UninterpretedOption
 	return nil
 }
 
+func (x *ExtensionRangeOptions) GetDeclaration() []*ExtensionRangeOptions_Declaration {
+	if x != nil {
+		return x.Declaration
+	}
+	return nil
+}
+
+func (x *ExtensionRangeOptions) GetVerification() ExtensionRangeOptions_VerificationState {
+	if x != nil && x.Verification != nil {
+		return *x.Verification
+	}
+	return Default_ExtensionRangeOptions_Verification
+}
+
 // Describes a field within a message.
 type FieldDescriptorProto struct {
 	state         protoimpl.MessageState
@@ -2046,8 +2138,10 @@ type FieldOptions struct {
 
 	// The ctype option instructs the C++ code generator to use a different
 	// representation of the field than it normally would.  See the specific
-	// options below.  This option is not yet implemented in the open source
-	// release -- sorry, we'll try to include it in a future version!
+	// options below.  This option is only implemented to support use of
+	// [ctype=CORD] and [ctype=STRING] (the default) on non-repeated fields of
+	// type "bytes" in the open source release -- sorry, we'll try to include
+	// other types in a future version!
 	Ctype *FieldOptions_CType `protobuf:"varint,1,opt,name=ctype,enum=google.protobuf.FieldOptions_CType,def=0" json:"ctype,omitempty"`
 	// The packed option can be enabled for repeated primitive fields to enable
 	// a more efficient representation on the wire. Rather than repeatedly
@@ -2111,9 +2205,11 @@ type FieldOptions struct {
 	Weak *bool `protobuf:"varint,10,opt,name=weak,def=0" json:"weak,omitempty"`
 	// Indicate that the field value should not be printed out when using debug
 	// formats, e.g. when the field contains sensitive credentials.
-	DebugRedact *bool                          `protobuf:"varint,16,opt,name=debug_redact,json=debugRedact,def=0" json:"debug_redact,omitempty"`
-	Retention   *FieldOptions_OptionRetention  `protobuf:"varint,17,opt,name=retention,enum=google.protobuf.FieldOptions_OptionRetention" json:"retention,omitempty"`
-	Target      *FieldOptions_OptionTargetType `protobuf:"varint,18,opt,name=target,enum=google.protobuf.FieldOptions_OptionTargetType" json:"target,omitempty"`
+	DebugRedact *bool                         `protobuf:"varint,16,opt,name=debug_redact,json=debugRedact,def=0" json:"debug_redact,omitempty"`
+	Retention   *FieldOptions_OptionRetention `protobuf:"varint,17,opt,name=retention,enum=google.protobuf.FieldOptions_OptionRetention" json:"retention,omitempty"`
+	// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
+	Target  *FieldOptions_OptionTargetType  `protobuf:"varint,18,opt,name=target,enum=google.protobuf.FieldOptions_OptionTargetType" json:"target,omitempty"`
+	Targets []FieldOptions_OptionTargetType `protobuf:"varint,19,rep,name=targets,enum=google.protobuf.FieldOptions_OptionTargetType" json:"targets,omitempty"`
 	// The parser stores options it doesn't recognize here. See above.
 	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
 }
@@ -2224,6 +2320,7 @@ func (x *FieldOptions) GetRetention() FieldOptions_OptionRetention {
 	return FieldOptions_RETENTION_UNKNOWN
 }
 
+// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
 func (x *FieldOptions) GetTarget() FieldOptions_OptionTargetType {
 	if x != nil && x.Target != nil {
 		return *x.Target
@@ -2231,6 +2328,13 @@ func (x *FieldOptions) GetTarget() FieldOptions_OptionTargetType {
 	return FieldOptions_TARGET_TYPE_UNKNOWN
 }
 
+func (x *FieldOptions) GetTargets() []FieldOptions_OptionTargetType {
+	if x != nil {
+		return x.Targets
+	}
+	return nil
+}
+
 func (x *FieldOptions) GetUninterpretedOption() []*UninterpretedOption {
 	if x != nil {
 		return x.UninterpretedOption
@@ -2960,6 +3064,108 @@ func (x *DescriptorProto_ReservedRange) GetEnd() int32 {
 	return 0
 }
 
+type ExtensionRangeOptions_Declaration struct {
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
+	// The extension number declared within the extension range.
+	Number *int32 `protobuf:"varint,1,opt,name=number" json:"number,omitempty"`
+	// The fully-qualified name of the extension field. There must be a leading
+	// dot in front of the full name.
+	FullName *string `protobuf:"bytes,2,opt,name=full_name,json=fullName" json:"full_name,omitempty"`
+	// The fully-qualified type name of the extension field. Unlike
+	// Metadata.type, Declaration.type must have a leading dot for messages
+	// and enums.
+	Type *string `protobuf:"bytes,3,opt,name=type" json:"type,omitempty"`
+	// Deprecated. Please use "repeated".
+	//
+	// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
+	IsRepeated *bool `protobuf:"varint,4,opt,name=is_repeated,json=isRepeated" json:"is_repeated,omitempty"`
+	// If true, indicates that the number is reserved in the extension range,
+	// and any extension field with the number will fail to compile. Set this
+	// when a declared extension field is deleted.
+	Reserved *bool `protobuf:"varint,5,opt,name=reserved" json:"reserved,omitempty"`
+	// If true, indicates that the extension must be defined as repeated.
+	// Otherwise the extension must be defined as optional.
+	Repeated *bool `protobuf:"varint,6,opt,name=repeated" json:"repeated,omitempty"`
+}
+
+func (x *ExtensionRangeOptions_Declaration) Reset() {
+	*x = ExtensionRangeOptions_Declaration{}
+	if protoimpl.UnsafeEnabled {
+		mi := &file_google_protobuf_descriptor_proto_msgTypes[23]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
+}
+
+func (x *ExtensionRangeOptions_Declaration) String() string {
+	return protoimpl.X.MessageStringOf(x)
+}
+
+func (*ExtensionRangeOptions_Declaration) ProtoMessage() {}
+
+func (x *ExtensionRangeOptions_Declaration) ProtoReflect() protoreflect.Message {
+	mi := &file_google_protobuf_descriptor_proto_msgTypes[23]
+	if protoimpl.UnsafeEnabled && x != nil {
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		if ms.LoadMessageInfo() == nil {
+			ms.StoreMessageInfo(mi)
+		}
+		return ms
+	}
+	return mi.MessageOf(x)
+}
+
+// Deprecated: Use ExtensionRangeOptions_Declaration.ProtoReflect.Descriptor instead.
+func (*ExtensionRangeOptions_Declaration) Descriptor() ([]byte, []int) {
+	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{3, 0}
+}
+
+func (x *ExtensionRangeOptions_Declaration) GetNumber() int32 {
+	if x != nil && x.Number != nil {
+		return *x.Number
+	}
+	return 0
+}
+
+func (x *ExtensionRangeOptions_Declaration) GetFullName() string {
+	if x != nil && x.FullName != nil {
+		return *x.FullName
+	}
+	return ""
+}
+
+func (x *ExtensionRangeOptions_Declaration) GetType() string {
+	if x != nil && x.Type != nil {
+		return *x.Type
+	}
+	return ""
+}
+
+// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
+func (x *ExtensionRangeOptions_Declaration) GetIsRepeated() bool {
+	if x != nil && x.IsRepeated != nil {
+		return *x.IsRepeated
+	}
+	return false
+}
+
+func (x *ExtensionRangeOptions_Declaration) GetReserved() bool {
+	if x != nil && x.Reserved != nil {
+		return *x.Reserved
+	}
+	return false
+}
+
+func (x *ExtensionRangeOptions_Declaration) GetRepeated() bool {
+	if x != nil && x.Repeated != nil {
+		return *x.Repeated
+	}
+	return false
+}
+
 // Range of reserved numeric values. Reserved values may not be used by
 // entries in the same enum. Reserved ranges may not overlap.
 //
@@ -2978,7 +3184,7 @@ type EnumDescriptorProto_EnumReservedRange struct {
 func (x *EnumDescriptorProto_EnumReservedRange) Reset() {
 	*x = EnumDescriptorProto_EnumReservedRange{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[23]
+		mi := &file_google_protobuf_descriptor_proto_msgTypes[24]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -2991,7 +3197,7 @@ func (x *EnumDescriptorProto_EnumReservedRange) String() string {
 func (*EnumDescriptorProto_EnumReservedRange) ProtoMessage() {}
 
 func (x *EnumDescriptorProto_EnumReservedRange) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[23]
+	mi := &file_google_protobuf_descriptor_proto_msgTypes[24]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -3038,7 +3244,7 @@ type UninterpretedOption_NamePart struct {
 func (x *UninterpretedOption_NamePart) Reset() {
 	*x = UninterpretedOption_NamePart{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[24]
+		mi := &file_google_protobuf_descriptor_proto_msgTypes[25]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -3051,7 +3257,7 @@ func (x *UninterpretedOption_NamePart) String() string {
 func (*UninterpretedOption_NamePart) ProtoMessage() {}
 
 func (x *UninterpretedOption_NamePart) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[24]
+	mi := &file_google_protobuf_descriptor_proto_msgTypes[25]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -3182,7 +3388,7 @@ type SourceCodeInfo_Location struct {
 func (x *SourceCodeInfo_Location) Reset() {
 	*x = SourceCodeInfo_Location{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[25]
+		mi := &file_google_protobuf_descriptor_proto_msgTypes[26]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -3195,7 +3401,7 @@ func (x *SourceCodeInfo_Location) String() string {
 func (*SourceCodeInfo_Location) ProtoMessage() {}
 
 func (x *SourceCodeInfo_Location) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[25]
+	mi := &file_google_protobuf_descriptor_proto_msgTypes[26]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -3269,7 +3475,7 @@ type GeneratedCodeInfo_Annotation struct {
 func (x *GeneratedCodeInfo_Annotation) Reset() {
 	*x = GeneratedCodeInfo_Annotation{}
 	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[26]
+		mi := &file_google_protobuf_descriptor_proto_msgTypes[27]
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		ms.StoreMessageInfo(mi)
 	}
@@ -3282,7 +3488,7 @@ func (x *GeneratedCodeInfo_Annotation) String() string {
 func (*GeneratedCodeInfo_Annotation) ProtoMessage() {}
 
 func (x *GeneratedCodeInfo_Annotation) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[26]
+	mi := &file_google_protobuf_descriptor_proto_msgTypes[27]
 	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
@@ -3436,264 +3642,296 @@ var file_google_protobuf_descriptor_proto_rawDesc = []byte{
 	0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74,
 	0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a,
 	0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22,
-	0x7c, 0x0a, 0x15, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67,
-	0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e,
-	0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
-	0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65,
-	0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75,
-	0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69,
-	0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x22, 0xc1, 0x06,
-	0x0a, 0x14, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f,
-	0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x6e, 0x75,
-	0x6d, 0x62, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x6e, 0x75, 0x6d, 0x62,
-	0x65, 0x72, 0x12, 0x41, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28,
-	0x0e, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
-	0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x52, 0x05,
-	0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x3e, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x05, 0x20,
-	0x01, 0x28, 0x0e, 0x32, 0x2a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0xad, 0x04, 0x0a, 0x15, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e,
+	0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69,
+	0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13,
+	0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x12, 0x59, 0x0a, 0x0b, 0x64, 0x65, 0x63, 0x6c, 0x61, 0x72, 0x61, 0x74, 0x69,
+	0x6f, 0x6e, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e,
+	0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x2e, 0x44, 0x65, 0x63, 0x6c, 0x61, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x03, 0x88, 0x01,
+	0x02, 0x52, 0x0b, 0x64, 0x65, 0x63, 0x6c, 0x61, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x68,
+	0x0a, 0x0c, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0e, 0x32, 0x38, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
+	0x52, 0x61, 0x6e, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x56, 0x65, 0x72,
+	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x3a, 0x0a,
+	0x55, 0x4e, 0x56, 0x45, 0x52, 0x49, 0x46, 0x49, 0x45, 0x44, 0x52, 0x0c, 0x76, 0x65, 0x72, 0x69,
+	0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0xb3, 0x01, 0x0a, 0x0b, 0x44, 0x65, 0x63,
+	0x6c, 0x61, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x6e, 0x75, 0x6d, 0x62,
+	0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72,
+	0x12, 0x1b, 0x0a, 0x09, 0x66, 0x75, 0x6c, 0x6c, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x08, 0x66, 0x75, 0x6c, 0x6c, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a,
+	0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70,
+	0x65, 0x12, 0x23, 0x0a, 0x0b, 0x69, 0x73, 0x5f, 0x72, 0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64,
+	0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0a, 0x69, 0x73, 0x52, 0x65,
+	0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76,
+	0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76,
+	0x65, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x18, 0x06,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x72, 0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x22, 0x34,
+	0x0a, 0x11, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74,
+	0x61, 0x74, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x44, 0x45, 0x43, 0x4c, 0x41, 0x52, 0x41, 0x54, 0x49,
+	0x4f, 0x4e, 0x10, 0x00, 0x12, 0x0e, 0x0a, 0x0a, 0x55, 0x4e, 0x56, 0x45, 0x52, 0x49, 0x46, 0x49,
+	0x45, 0x44, 0x10, 0x01, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x22,
+	0xc1, 0x06, 0x0a, 0x14, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
+	0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06,
+	0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x6e, 0x75,
+	0x6d, 0x62, 0x65, 0x72, 0x12, 0x41, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0e, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
 	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72,
-	0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x54, 0x79, 0x70, 0x65, 0x52,
-	0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x74, 0x79, 0x70, 0x65, 0x5f, 0x6e, 0x61,
-	0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x74, 0x79, 0x70, 0x65, 0x4e, 0x61,
-	0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x65, 0x18, 0x02,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x65, 0x12, 0x23,
-	0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18,
-	0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x56, 0x61,
-	0x6c, 0x75, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x5f, 0x69, 0x6e, 0x64,
-	0x65, 0x78, 0x18, 0x09, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x49,
-	0x6e, 0x64, 0x65, 0x78, 0x12, 0x1b, 0x0a, 0x09, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x6e, 0x61, 0x6d,
-	0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6a, 0x73, 0x6f, 0x6e, 0x4e, 0x61, 0x6d,
-	0x65, 0x12, 0x37, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x08, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
-	0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x27, 0x0a, 0x0f, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x33, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x18, 0x11, 0x20,
-	0x01, 0x28, 0x08, 0x52, 0x0e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, 0x4f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x61, 0x6c, 0x22, 0xb6, 0x02, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0f, 0x0a, 0x0b,
-	0x54, 0x59, 0x50, 0x45, 0x5f, 0x44, 0x4f, 0x55, 0x42, 0x4c, 0x45, 0x10, 0x01, 0x12, 0x0e, 0x0a,
-	0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x4c, 0x4f, 0x41, 0x54, 0x10, 0x02, 0x12, 0x0e, 0x0a,
-	0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x03, 0x12, 0x0f, 0x0a,
-	0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x04, 0x12, 0x0e,
-	0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x05, 0x12, 0x10,
-	0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x49, 0x58, 0x45, 0x44, 0x36, 0x34, 0x10, 0x06,
-	0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x49, 0x58, 0x45, 0x44, 0x33, 0x32,
-	0x10, 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x42, 0x4f, 0x4f, 0x4c, 0x10,
-	0x08, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47,
-	0x10, 0x09, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x47, 0x52, 0x4f, 0x55, 0x50,
-	0x10, 0x0a, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4d, 0x45, 0x53, 0x53, 0x41,
-	0x47, 0x45, 0x10, 0x0b, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x42, 0x59, 0x54,
-	0x45, 0x53, 0x10, 0x0c, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x49, 0x4e,
-	0x54, 0x33, 0x32, 0x10, 0x0d, 0x12, 0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e,
-	0x55, 0x4d, 0x10, 0x0e, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x46, 0x49,
-	0x58, 0x45, 0x44, 0x33, 0x32, 0x10, 0x0f, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x59, 0x50, 0x45, 0x5f,
-	0x53, 0x46, 0x49, 0x58, 0x45, 0x44, 0x36, 0x34, 0x10, 0x10, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59,
-	0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x11, 0x12, 0x0f, 0x0a, 0x0b, 0x54,
-	0x59, 0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x12, 0x22, 0x43, 0x0a, 0x05,
-	0x4c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c, 0x5f, 0x4f,
-	0x50, 0x54, 0x49, 0x4f, 0x4e, 0x41, 0x4c, 0x10, 0x01, 0x12, 0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42,
-	0x45, 0x4c, 0x5f, 0x52, 0x45, 0x51, 0x55, 0x49, 0x52, 0x45, 0x44, 0x10, 0x02, 0x12, 0x12, 0x0a,
-	0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c, 0x5f, 0x52, 0x45, 0x50, 0x45, 0x41, 0x54, 0x45, 0x44, 0x10,
-	0x03, 0x22, 0x63, 0x0a, 0x14, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69,
-	0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
-	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a,
-	0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d,
+	0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c,
+	0x52, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x3e, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18,
+	0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73,
+	0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x54, 0x79, 0x70,
+	0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x74, 0x79, 0x70, 0x65, 0x5f,
+	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x74, 0x79, 0x70, 0x65,
+	0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x65,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x65,
+	0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75,
+	0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
+	0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x5f, 0x69,
+	0x6e, 0x64, 0x65, 0x78, 0x18, 0x09, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x6f, 0x6e, 0x65, 0x6f,
+	0x66, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x1b, 0x0a, 0x09, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6a, 0x73, 0x6f, 0x6e, 0x4e,
+	0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x08,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69,
+	0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x27, 0x0a, 0x0f,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x18,
+	0x11, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x22, 0xb6, 0x02, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0f,
+	0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x44, 0x4f, 0x55, 0x42, 0x4c, 0x45, 0x10, 0x01, 0x12,
+	0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x4c, 0x4f, 0x41, 0x54, 0x10, 0x02, 0x12,
+	0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x03, 0x12,
+	0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x04,
+	0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x05,
+	0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x49, 0x58, 0x45, 0x44, 0x36, 0x34,
+	0x10, 0x06, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x49, 0x58, 0x45, 0x44,
+	0x33, 0x32, 0x10, 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x42, 0x4f, 0x4f,
+	0x4c, 0x10, 0x08, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x54, 0x52, 0x49,
+	0x4e, 0x47, 0x10, 0x09, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x47, 0x52, 0x4f,
+	0x55, 0x50, 0x10, 0x0a, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4d, 0x45, 0x53,
+	0x53, 0x41, 0x47, 0x45, 0x10, 0x0b, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x42,
+	0x59, 0x54, 0x45, 0x53, 0x10, 0x0c, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55,
+	0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x0d, 0x12, 0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f,
+	0x45, 0x4e, 0x55, 0x4d, 0x10, 0x0e, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53,
+	0x46, 0x49, 0x58, 0x45, 0x44, 0x33, 0x32, 0x10, 0x0f, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x59, 0x50,
+	0x45, 0x5f, 0x53, 0x46, 0x49, 0x58, 0x45, 0x44, 0x36, 0x34, 0x10, 0x10, 0x12, 0x0f, 0x0a, 0x0b,
+	0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x11, 0x12, 0x0f, 0x0a,
+	0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x12, 0x22, 0x43,
+	0x0a, 0x05, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c,
+	0x5f, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x41, 0x4c, 0x10, 0x01, 0x12, 0x12, 0x0a, 0x0e, 0x4c,
+	0x41, 0x42, 0x45, 0x4c, 0x5f, 0x52, 0x45, 0x51, 0x55, 0x49, 0x52, 0x45, 0x44, 0x10, 0x02, 0x12,
+	0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c, 0x5f, 0x52, 0x45, 0x50, 0x45, 0x41, 0x54, 0x45,
+	0x44, 0x10, 0x03, 0x22, 0x63, 0x0a, 0x14, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x44, 0x65, 0x73, 0x63,
+	0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x37, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
+	0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
+	0x75, 0x66, 0x2e, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52,
+	0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xe3, 0x02, 0x0a, 0x13, 0x45, 0x6e, 0x75,
+	0x6d, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f,
+	0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
+	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3f, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44,
+	0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x05,
+	0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x36, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
+	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5d, 0x0a,
+	0x0e, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18,
+	0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x44, 0x65, 0x73, 0x63,
+	0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x45, 0x6e, 0x75, 0x6d,
+	0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0d, 0x72,
+	0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d,
+	0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20,
+	0x03, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x4e, 0x61, 0x6d,
+	0x65, 0x1a, 0x3b, 0x0a, 0x11, 0x45, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65,
+	0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03,
+	0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22, 0x83,
+	0x01, 0x0a, 0x18, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44, 0x65, 0x73, 0x63,
+	0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x16, 0x0a, 0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52,
+	0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56,
+	0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x22, 0xa7, 0x01, 0x0a, 0x16, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
+	0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12,
+	0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e,
+	0x61, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x02, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
+	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x44, 0x65, 0x73, 0x63,
+	0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x06, 0x6d, 0x65, 0x74,
+	0x68, 0x6f, 0x64, 0x12, 0x39, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
+	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4f, 0x70,
+	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x89,
+	0x02, 0x0a, 0x15, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
+	0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
+	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1d, 0x0a, 0x0a,
+	0x69, 0x6e, 0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x09, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6f,
+	0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x38, 0x0a, 0x07,
+	0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f,
+	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x30, 0x0a, 0x10, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08,
+	0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53,
+	0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x12, 0x30, 0x0a, 0x10, 0x73, 0x65, 0x72, 0x76,
+	0x65, 0x72, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x06, 0x20, 0x01,
+	0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x65,
+	0x72, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x22, 0x91, 0x09, 0x0a, 0x0b, 0x46,
+	0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x6a, 0x61,
+	0x76, 0x61, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0b, 0x6a, 0x61, 0x76, 0x61, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x30, 0x0a,
+	0x14, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6c, 0x61, 0x73,
+	0x73, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6a, 0x61, 0x76,
+	0x61, 0x4f, 0x75, 0x74, 0x65, 0x72, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x6e, 0x61, 0x6d, 0x65, 0x12,
+	0x35, 0x0a, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65,
+	0x5f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61,
+	0x6c, 0x73, 0x65, 0x52, 0x11, 0x6a, 0x61, 0x76, 0x61, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c,
+	0x65, 0x46, 0x69, 0x6c, 0x65, 0x73, 0x12, 0x44, 0x0a, 0x1d, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x67,
+	0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x65, 0x71, 0x75, 0x61, 0x6c, 0x73, 0x5f, 0x61,
+	0x6e, 0x64, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x18, 0x14, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18,
+	0x01, 0x52, 0x19, 0x6a, 0x61, 0x76, 0x61, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x45,
+	0x71, 0x75, 0x61, 0x6c, 0x73, 0x41, 0x6e, 0x64, 0x48, 0x61, 0x73, 0x68, 0x12, 0x3a, 0x0a, 0x16,
+	0x6a, 0x61, 0x76, 0x61, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x68, 0x65, 0x63,
+	0x6b, 0x5f, 0x75, 0x74, 0x66, 0x38, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61,
+	0x6c, 0x73, 0x65, 0x52, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x43,
+	0x68, 0x65, 0x63, 0x6b, 0x55, 0x74, 0x66, 0x38, 0x12, 0x53, 0x0a, 0x0c, 0x6f, 0x70, 0x74, 0x69,
+	0x6d, 0x69, 0x7a, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29,
 	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
-	0x2e, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xe3, 0x02, 0x0a, 0x13, 0x45, 0x6e, 0x75, 0x6d, 0x44,
-	0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12,
-	0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x12, 0x3f, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28,
-	0x0b, 0x32, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44, 0x65, 0x73,
-	0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x05, 0x76, 0x61,
-	0x6c, 0x75, 0x65, 0x12, 0x36, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x4f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5d, 0x0a, 0x0e, 0x72,
-	0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x04, 0x20,
-	0x03, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69,
-	0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x52, 0x65,
-	0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0d, 0x72, 0x65, 0x73,
-	0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65,
-	0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20, 0x03, 0x28,
-	0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x1a,
-	0x3b, 0x0a, 0x11, 0x45, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52,
-	0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e,
-	0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22, 0x83, 0x01, 0x0a,
-	0x18, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69,
-	0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
-	0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a,
-	0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x6e,
-	0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
-	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c,
-	0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x73, 0x22, 0xa7, 0x01, 0x0a, 0x16, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x44, 0x65,
-	0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a,
-	0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d,
-	0x65, 0x12, 0x3e, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x02, 0x20, 0x03, 0x28,
-	0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69,
-	0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f,
-	0x64, 0x12, 0x39, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03, 0x20, 0x01,
-	0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4f, 0x70, 0x74, 0x69,
-	0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x89, 0x02, 0x0a,
-	0x15, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f,
-	0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1d, 0x0a, 0x0a, 0x69, 0x6e,
-	0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x09,
-	0x69, 0x6e, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, 0x75, 0x74,
-	0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a,
-	0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x38, 0x0a, 0x07, 0x6f, 0x70,
-	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65,
-	0x74, 0x68, 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x73, 0x12, 0x30, 0x0a, 0x10, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x73,
-	0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05,
-	0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53, 0x74, 0x72,
-	0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x12, 0x30, 0x0a, 0x10, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72,
-	0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08,
-	0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x53,
-	0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x22, 0x91, 0x09, 0x0a, 0x0b, 0x46, 0x69, 0x6c,
-	0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x6a, 0x61, 0x76, 0x61,
-	0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b,
-	0x6a, 0x61, 0x76, 0x61, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x30, 0x0a, 0x14, 0x6a,
-	0x61, 0x76, 0x61, 0x5f, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x6e,
-	0x61, 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6a, 0x61, 0x76, 0x61, 0x4f,
-	0x75, 0x74, 0x65, 0x72, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x35, 0x0a,
-	0x13, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65, 0x5f, 0x66,
-	0x69, 0x6c, 0x65, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73,
-	0x65, 0x52, 0x11, 0x6a, 0x61, 0x76, 0x61, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65, 0x46,
-	0x69, 0x6c, 0x65, 0x73, 0x12, 0x44, 0x0a, 0x1d, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x67, 0x65, 0x6e,
-	0x65, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x65, 0x71, 0x75, 0x61, 0x6c, 0x73, 0x5f, 0x61, 0x6e, 0x64,
-	0x5f, 0x68, 0x61, 0x73, 0x68, 0x18, 0x14, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18, 0x01, 0x52,
-	0x19, 0x6a, 0x61, 0x76, 0x61, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x45, 0x71, 0x75,
-	0x61, 0x6c, 0x73, 0x41, 0x6e, 0x64, 0x48, 0x61, 0x73, 0x68, 0x12, 0x3a, 0x0a, 0x16, 0x6a, 0x61,
-	0x76, 0x61, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x68, 0x65, 0x63, 0x6b, 0x5f,
-	0x75, 0x74, 0x66, 0x38, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73,
-	0x65, 0x52, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x43, 0x68, 0x65,
-	0x63, 0x6b, 0x55, 0x74, 0x66, 0x38, 0x12, 0x53, 0x0a, 0x0c, 0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69,
-	0x7a, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46,
-	0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6d,
-	0x69, 0x7a, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x3a, 0x05, 0x53, 0x50, 0x45, 0x45, 0x44, 0x52, 0x0b,
-	0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x46, 0x6f, 0x72, 0x12, 0x1d, 0x0a, 0x0a, 0x67,
-	0x6f, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x09, 0x67, 0x6f, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x35, 0x0a, 0x13, 0x63, 0x63,
-	0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
-	0x73, 0x18, 0x10, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x11,
-	0x63, 0x63, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
-	0x73, 0x12, 0x39, 0x0a, 0x15, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69,
-	0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x11, 0x20, 0x01, 0x28, 0x08,
-	0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x47, 0x65, 0x6e,
-	0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x35, 0x0a, 0x13,
-	0x70, 0x79, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
-	0x63, 0x65, 0x73, 0x18, 0x12, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65,
-	0x52, 0x11, 0x70, 0x79, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69,
-	0x63, 0x65, 0x73, 0x12, 0x37, 0x0a, 0x14, 0x70, 0x68, 0x70, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72,
-	0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x2a, 0x20, 0x01, 0x28,
-	0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x12, 0x70, 0x68, 0x70, 0x47, 0x65, 0x6e,
-	0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x25, 0x0a, 0x0a,
-	0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x17, 0x20, 0x01, 0x28, 0x08,
-	0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61,
-	0x74, 0x65, 0x64, 0x12, 0x2e, 0x0a, 0x10, 0x63, 0x63, 0x5f, 0x65, 0x6e, 0x61, 0x62, 0x6c, 0x65,
-	0x5f, 0x61, 0x72, 0x65, 0x6e, 0x61, 0x73, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x04, 0x74,
-	0x72, 0x75, 0x65, 0x52, 0x0e, 0x63, 0x63, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x41, 0x72, 0x65,
-	0x6e, 0x61, 0x73, 0x12, 0x2a, 0x0a, 0x11, 0x6f, 0x62, 0x6a, 0x63, 0x5f, 0x63, 0x6c, 0x61, 0x73,
-	0x73, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x24, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f,
-	0x6f, 0x62, 0x6a, 0x63, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12,
-	0x29, 0x0a, 0x10, 0x63, 0x73, 0x68, 0x61, 0x72, 0x70, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70,
-	0x61, 0x63, 0x65, 0x18, 0x25, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x63, 0x73, 0x68, 0x61, 0x72,
-	0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x77,
-	0x69, 0x66, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x27, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x0b, 0x73, 0x77, 0x69, 0x66, 0x74, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x28, 0x0a,
-	0x10, 0x70, 0x68, 0x70, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69,
-	0x78, 0x18, 0x28, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x70, 0x68, 0x70, 0x43, 0x6c, 0x61, 0x73,
-	0x73, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x23, 0x0a, 0x0d, 0x70, 0x68, 0x70, 0x5f, 0x6e,
-	0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x29, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c,
-	0x70, 0x68, 0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x34, 0x0a, 0x16,
-	0x70, 0x68, 0x70, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x6e, 0x61, 0x6d,
-	0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x2c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x14, 0x70, 0x68,
-	0x70, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61,
-	0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x75, 0x62, 0x79, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61,
-	0x67, 0x65, 0x18, 0x2d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x72, 0x75, 0x62, 0x79, 0x50, 0x61,
-	0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72,
-	0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07,
-	0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72,
-	0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e,
-	0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22,
-	0x3a, 0x0a, 0x0c, 0x4f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x12,
-	0x09, 0x0a, 0x05, 0x53, 0x50, 0x45, 0x45, 0x44, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09, 0x43, 0x4f,
-	0x44, 0x45, 0x5f, 0x53, 0x49, 0x5a, 0x45, 0x10, 0x02, 0x12, 0x10, 0x0a, 0x0c, 0x4c, 0x49, 0x54,
-	0x45, 0x5f, 0x52, 0x55, 0x4e, 0x54, 0x49, 0x4d, 0x45, 0x10, 0x03, 0x2a, 0x09, 0x08, 0xe8, 0x07,
-	0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, 0x26, 0x10, 0x27, 0x22, 0xbb, 0x03, 0x0a,
-	0x0e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12,
-	0x3c, 0x0a, 0x17, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x65, 0x74, 0x5f, 0x77,
-	0x69, 0x72, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08,
-	0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x14, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65,
-	0x53, 0x65, 0x74, 0x57, 0x69, 0x72, 0x65, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12, 0x4c, 0x0a,
-	0x1f, 0x6e, 0x6f, 0x5f, 0x73, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x5f, 0x64, 0x65, 0x73,
-	0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72,
-	0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x1c, 0x6e,
-	0x6f, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
-	0x74, 0x6f, 0x72, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, 0x12, 0x25, 0x0a, 0x0a, 0x64,
-	0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x3a,
-	0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74,
-	0x65, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x6d, 0x61, 0x70, 0x5f, 0x65, 0x6e, 0x74, 0x72, 0x79, 0x18,
-	0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x6d, 0x61, 0x70, 0x45, 0x6e, 0x74, 0x72, 0x79, 0x12,
-	0x56, 0x0a, 0x26, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f, 0x6c, 0x65,
-	0x67, 0x61, 0x63, 0x79, 0x5f, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x5f,
-	0x63, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x18, 0x0b, 0x20, 0x01, 0x28, 0x08, 0x42,
-	0x02, 0x18, 0x01, 0x52, 0x22, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x4c,
-	0x65, 0x67, 0x61, 0x63, 0x79, 0x4a, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x43, 0x6f,
-	0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74,
+	0x2e, 0x46, 0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74,
+	0x69, 0x6d, 0x69, 0x7a, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x3a, 0x05, 0x53, 0x50, 0x45, 0x45, 0x44,
+	0x52, 0x0b, 0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x46, 0x6f, 0x72, 0x12, 0x1d, 0x0a,
+	0x0a, 0x67, 0x6f, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28,
+	0x09, 0x52, 0x09, 0x67, 0x6f, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x35, 0x0a, 0x13,
+	0x63, 0x63, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x73, 0x18, 0x10, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65,
+	0x52, 0x11, 0x63, 0x63, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69,
+	0x63, 0x65, 0x73, 0x12, 0x39, 0x0a, 0x15, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x67, 0x65, 0x6e, 0x65,
+	0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x11, 0x20, 0x01,
+	0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x47,
+	0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x35,
+	0x0a, 0x13, 0x70, 0x79, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x12, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c,
+	0x73, 0x65, 0x52, 0x11, 0x70, 0x79, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x37, 0x0a, 0x14, 0x70, 0x68, 0x70, 0x5f, 0x67, 0x65, 0x6e,
+	0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x2a, 0x20,
+	0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x12, 0x70, 0x68, 0x70, 0x47,
+	0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x25,
+	0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x17, 0x20, 0x01,
+	0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65,
+	0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x2e, 0x0a, 0x10, 0x63, 0x63, 0x5f, 0x65, 0x6e, 0x61, 0x62,
+	0x6c, 0x65, 0x5f, 0x61, 0x72, 0x65, 0x6e, 0x61, 0x73, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x08, 0x3a,
+	0x04, 0x74, 0x72, 0x75, 0x65, 0x52, 0x0e, 0x63, 0x63, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x41,
+	0x72, 0x65, 0x6e, 0x61, 0x73, 0x12, 0x2a, 0x0a, 0x11, 0x6f, 0x62, 0x6a, 0x63, 0x5f, 0x63, 0x6c,
+	0x61, 0x73, 0x73, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x24, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0f, 0x6f, 0x62, 0x6a, 0x63, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x50, 0x72, 0x65, 0x66, 0x69,
+	0x78, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x73, 0x68, 0x61, 0x72, 0x70, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
+	0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x25, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x63, 0x73, 0x68,
+	0x61, 0x72, 0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c,
+	0x73, 0x77, 0x69, 0x66, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x27, 0x20, 0x01,
+	0x28, 0x09, 0x52, 0x0b, 0x73, 0x77, 0x69, 0x66, 0x74, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12,
+	0x28, 0x0a, 0x10, 0x70, 0x68, 0x70, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x5f, 0x70, 0x72, 0x65,
+	0x66, 0x69, 0x78, 0x18, 0x28, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x70, 0x68, 0x70, 0x43, 0x6c,
+	0x61, 0x73, 0x73, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x23, 0x0a, 0x0d, 0x70, 0x68, 0x70,
+	0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x29, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0c, 0x70, 0x68, 0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x34,
+	0x0a, 0x16, 0x70, 0x68, 0x70, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x6e,
+	0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x2c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x14,
+	0x70, 0x68, 0x70, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4e, 0x61, 0x6d, 0x65, 0x73,
+	0x70, 0x61, 0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x75, 0x62, 0x79, 0x5f, 0x70, 0x61, 0x63,
+	0x6b, 0x61, 0x67, 0x65, 0x18, 0x2d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x72, 0x75, 0x62, 0x79,
+	0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74,
 	0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18,
 	0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
 	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72,
 	0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e,
 	0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, 0x04,
-	0x10, 0x05, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x06, 0x10, 0x07, 0x4a, 0x04,
-	0x08, 0x08, 0x10, 0x09, 0x4a, 0x04, 0x08, 0x09, 0x10, 0x0a, 0x22, 0xb7, 0x08, 0x0a, 0x0c, 0x46,
-	0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x41, 0x0a, 0x05, 0x63,
-	0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65,
-	0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x43, 0x54, 0x79, 0x70, 0x65, 0x3a,
-	0x06, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x52, 0x05, 0x63, 0x74, 0x79, 0x70, 0x65, 0x12, 0x16,
-	0x0a, 0x06, 0x70, 0x61, 0x63, 0x6b, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x06,
-	0x70, 0x61, 0x63, 0x6b, 0x65, 0x64, 0x12, 0x47, 0x0a, 0x06, 0x6a, 0x73, 0x74, 0x79, 0x70, 0x65,
-	0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70,
-	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4a, 0x53, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x09, 0x4a, 0x53,
-	0x5f, 0x4e, 0x4f, 0x52, 0x4d, 0x41, 0x4c, 0x52, 0x06, 0x6a, 0x73, 0x74, 0x79, 0x70, 0x65, 0x12,
-	0x19, 0x0a, 0x04, 0x6c, 0x61, 0x7a, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66,
-	0x61, 0x6c, 0x73, 0x65, 0x52, 0x04, 0x6c, 0x61, 0x7a, 0x79, 0x12, 0x2e, 0x0a, 0x0f, 0x75, 0x6e,
-	0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x5f, 0x6c, 0x61, 0x7a, 0x79, 0x18, 0x0f, 0x20,
-	0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0e, 0x75, 0x6e, 0x76, 0x65,
-	0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x4c, 0x61, 0x7a, 0x79, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65,
-	0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05,
-	0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65,
-	0x64, 0x12, 0x19, 0x0a, 0x04, 0x77, 0x65, 0x61, 0x6b, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x3a,
-	0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x04, 0x77, 0x65, 0x61, 0x6b, 0x12, 0x28, 0x0a, 0x0c,
-	0x64, 0x65, 0x62, 0x75, 0x67, 0x5f, 0x72, 0x65, 0x64, 0x61, 0x63, 0x74, 0x18, 0x10, 0x20, 0x01,
-	0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0b, 0x64, 0x65, 0x62, 0x75, 0x67,
-	0x52, 0x65, 0x64, 0x61, 0x63, 0x74, 0x12, 0x4b, 0x0a, 0x09, 0x72, 0x65, 0x74, 0x65, 0x6e, 0x74,
-	0x69, 0x6f, 0x6e, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c,
-	0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52,
-	0x65, 0x74, 0x65, 0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x09, 0x72, 0x65, 0x74, 0x65, 0x6e, 0x74,
-	0x69, 0x6f, 0x6e, 0x12, 0x46, 0x0a, 0x06, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x18, 0x12, 0x20,
-	0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x54,
-	0x79, 0x70, 0x65, 0x52, 0x06, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x12, 0x58, 0x0a, 0x14, 0x75,
+	0x6e, 0x22, 0x3a, 0x0a, 0x0c, 0x4f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x4d, 0x6f, 0x64,
+	0x65, 0x12, 0x09, 0x0a, 0x05, 0x53, 0x50, 0x45, 0x45, 0x44, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09,
+	0x43, 0x4f, 0x44, 0x45, 0x5f, 0x53, 0x49, 0x5a, 0x45, 0x10, 0x02, 0x12, 0x10, 0x0a, 0x0c, 0x4c,
+	0x49, 0x54, 0x45, 0x5f, 0x52, 0x55, 0x4e, 0x54, 0x49, 0x4d, 0x45, 0x10, 0x03, 0x2a, 0x09, 0x08,
+	0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, 0x26, 0x10, 0x27, 0x22, 0xbb,
+	0x03, 0x0a, 0x0e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x12, 0x3c, 0x0a, 0x17, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x65, 0x74,
+	0x5f, 0x77, 0x69, 0x72, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x14, 0x6d, 0x65, 0x73, 0x73, 0x61,
+	0x67, 0x65, 0x53, 0x65, 0x74, 0x57, 0x69, 0x72, 0x65, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12,
+	0x4c, 0x0a, 0x1f, 0x6e, 0x6f, 0x5f, 0x73, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x5f, 0x64,
+	0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73,
+	0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52,
+	0x1c, 0x6e, 0x6f, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72,
+	0x69, 0x70, 0x74, 0x6f, 0x72, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, 0x12, 0x25, 0x0a,
+	0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28,
+	0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63,
+	0x61, 0x74, 0x65, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x6d, 0x61, 0x70, 0x5f, 0x65, 0x6e, 0x74, 0x72,
+	0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x6d, 0x61, 0x70, 0x45, 0x6e, 0x74, 0x72,
+	0x79, 0x12, 0x56, 0x0a, 0x26, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f,
+	0x6c, 0x65, 0x67, 0x61, 0x63, 0x79, 0x5f, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x65, 0x6c,
+	0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x18, 0x0b, 0x20, 0x01, 0x28,
+	0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x22, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65,
+	0x64, 0x4c, 0x65, 0x67, 0x61, 0x63, 0x79, 0x4a, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x65, 0x6c, 0x64,
+	0x43, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69,
+	0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74,
+	0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13,
+	0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04,
+	0x08, 0x04, 0x10, 0x05, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x06, 0x10, 0x07,
+	0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x4a, 0x04, 0x08, 0x09, 0x10, 0x0a, 0x22, 0x85, 0x09, 0x0a,
+	0x0c, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x41, 0x0a,
+	0x05, 0x63, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, 0x2e, 0x67,
+	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46,
+	0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x43, 0x54, 0x79, 0x70,
+	0x65, 0x3a, 0x06, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x52, 0x05, 0x63, 0x74, 0x79, 0x70, 0x65,
+	0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, 0x63, 0x6b, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08,
+	0x52, 0x06, 0x70, 0x61, 0x63, 0x6b, 0x65, 0x64, 0x12, 0x47, 0x0a, 0x06, 0x6a, 0x73, 0x74, 0x79,
+	0x70, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
+	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64,
+	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4a, 0x53, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x09,
+	0x4a, 0x53, 0x5f, 0x4e, 0x4f, 0x52, 0x4d, 0x41, 0x4c, 0x52, 0x06, 0x6a, 0x73, 0x74, 0x79, 0x70,
+	0x65, 0x12, 0x19, 0x0a, 0x04, 0x6c, 0x61, 0x7a, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x3a,
+	0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x04, 0x6c, 0x61, 0x7a, 0x79, 0x12, 0x2e, 0x0a, 0x0f,
+	0x75, 0x6e, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x5f, 0x6c, 0x61, 0x7a, 0x79, 0x18,
+	0x0f, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0e, 0x75, 0x6e,
+	0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x4c, 0x61, 0x7a, 0x79, 0x12, 0x25, 0x0a, 0x0a,
+	0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08,
+	0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61,
+	0x74, 0x65, 0x64, 0x12, 0x19, 0x0a, 0x04, 0x77, 0x65, 0x61, 0x6b, 0x18, 0x0a, 0x20, 0x01, 0x28,
+	0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x04, 0x77, 0x65, 0x61, 0x6b, 0x12, 0x28,
+	0x0a, 0x0c, 0x64, 0x65, 0x62, 0x75, 0x67, 0x5f, 0x72, 0x65, 0x64, 0x61, 0x63, 0x74, 0x18, 0x10,
+	0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0b, 0x64, 0x65, 0x62,
+	0x75, 0x67, 0x52, 0x65, 0x64, 0x61, 0x63, 0x74, 0x12, 0x4b, 0x0a, 0x09, 0x72, 0x65, 0x74, 0x65,
+	0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2d, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69,
+	0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f,
+	0x6e, 0x52, 0x65, 0x74, 0x65, 0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x09, 0x72, 0x65, 0x74, 0x65,
+	0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x4a, 0x0a, 0x06, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x18,
+	0x12, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
+	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74,
+	0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x61, 0x72, 0x67, 0x65,
+	0x74, 0x54, 0x79, 0x70, 0x65, 0x42, 0x02, 0x18, 0x01, 0x52, 0x06, 0x74, 0x61, 0x72, 0x67, 0x65,
+	0x74, 0x12, 0x48, 0x0a, 0x07, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x18, 0x13, 0x20, 0x03,
+	0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
+	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
+	0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x54, 0x79,
+	0x70, 0x65, 0x52, 0x07, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75,
 	0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74,
 	0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f,
 	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69,
@@ -3885,98 +4123,103 @@ func file_google_protobuf_descriptor_proto_rawDescGZIP() []byte {
 	return file_google_protobuf_descriptor_proto_rawDescData
 }
 
-var file_google_protobuf_descriptor_proto_enumTypes = make([]protoimpl.EnumInfo, 9)
-var file_google_protobuf_descriptor_proto_msgTypes = make([]protoimpl.MessageInfo, 27)
+var file_google_protobuf_descriptor_proto_enumTypes = make([]protoimpl.EnumInfo, 10)
+var file_google_protobuf_descriptor_proto_msgTypes = make([]protoimpl.MessageInfo, 28)
 var file_google_protobuf_descriptor_proto_goTypes = []interface{}{
-	(FieldDescriptorProto_Type)(0),                // 0: google.protobuf.FieldDescriptorProto.Type
-	(FieldDescriptorProto_Label)(0),               // 1: google.protobuf.FieldDescriptorProto.Label
-	(FileOptions_OptimizeMode)(0),                 // 2: google.protobuf.FileOptions.OptimizeMode
-	(FieldOptions_CType)(0),                       // 3: google.protobuf.FieldOptions.CType
-	(FieldOptions_JSType)(0),                      // 4: google.protobuf.FieldOptions.JSType
-	(FieldOptions_OptionRetention)(0),             // 5: google.protobuf.FieldOptions.OptionRetention
-	(FieldOptions_OptionTargetType)(0),            // 6: google.protobuf.FieldOptions.OptionTargetType
-	(MethodOptions_IdempotencyLevel)(0),           // 7: google.protobuf.MethodOptions.IdempotencyLevel
-	(GeneratedCodeInfo_Annotation_Semantic)(0),    // 8: google.protobuf.GeneratedCodeInfo.Annotation.Semantic
-	(*FileDescriptorSet)(nil),                     // 9: google.protobuf.FileDescriptorSet
-	(*FileDescriptorProto)(nil),                   // 10: google.protobuf.FileDescriptorProto
-	(*DescriptorProto)(nil),                       // 11: google.protobuf.DescriptorProto
-	(*ExtensionRangeOptions)(nil),                 // 12: google.protobuf.ExtensionRangeOptions
-	(*FieldDescriptorProto)(nil),                  // 13: google.protobuf.FieldDescriptorProto
-	(*OneofDescriptorProto)(nil),                  // 14: google.protobuf.OneofDescriptorProto
-	(*EnumDescriptorProto)(nil),                   // 15: google.protobuf.EnumDescriptorProto
-	(*EnumValueDescriptorProto)(nil),              // 16: google.protobuf.EnumValueDescriptorProto
-	(*ServiceDescriptorProto)(nil),                // 17: google.protobuf.ServiceDescriptorProto
-	(*MethodDescriptorProto)(nil),                 // 18: google.protobuf.MethodDescriptorProto
-	(*FileOptions)(nil),                           // 19: google.protobuf.FileOptions
-	(*MessageOptions)(nil),                        // 20: google.protobuf.MessageOptions
-	(*FieldOptions)(nil),                          // 21: google.protobuf.FieldOptions
-	(*OneofOptions)(nil),                          // 22: google.protobuf.OneofOptions
-	(*EnumOptions)(nil),                           // 23: google.protobuf.EnumOptions
-	(*EnumValueOptions)(nil),                      // 24: google.protobuf.EnumValueOptions
-	(*ServiceOptions)(nil),                        // 25: google.protobuf.ServiceOptions
-	(*MethodOptions)(nil),                         // 26: google.protobuf.MethodOptions
-	(*UninterpretedOption)(nil),                   // 27: google.protobuf.UninterpretedOption
-	(*SourceCodeInfo)(nil),                        // 28: google.protobuf.SourceCodeInfo
-	(*GeneratedCodeInfo)(nil),                     // 29: google.protobuf.GeneratedCodeInfo
-	(*DescriptorProto_ExtensionRange)(nil),        // 30: google.protobuf.DescriptorProto.ExtensionRange
-	(*DescriptorProto_ReservedRange)(nil),         // 31: google.protobuf.DescriptorProto.ReservedRange
-	(*EnumDescriptorProto_EnumReservedRange)(nil), // 32: google.protobuf.EnumDescriptorProto.EnumReservedRange
-	(*UninterpretedOption_NamePart)(nil),          // 33: google.protobuf.UninterpretedOption.NamePart
-	(*SourceCodeInfo_Location)(nil),               // 34: google.protobuf.SourceCodeInfo.Location
-	(*GeneratedCodeInfo_Annotation)(nil),          // 35: google.protobuf.GeneratedCodeInfo.Annotation
+	(ExtensionRangeOptions_VerificationState)(0),  // 0: google.protobuf.ExtensionRangeOptions.VerificationState
+	(FieldDescriptorProto_Type)(0),                // 1: google.protobuf.FieldDescriptorProto.Type
+	(FieldDescriptorProto_Label)(0),               // 2: google.protobuf.FieldDescriptorProto.Label
+	(FileOptions_OptimizeMode)(0),                 // 3: google.protobuf.FileOptions.OptimizeMode
+	(FieldOptions_CType)(0),                       // 4: google.protobuf.FieldOptions.CType
+	(FieldOptions_JSType)(0),                      // 5: google.protobuf.FieldOptions.JSType
+	(FieldOptions_OptionRetention)(0),             // 6: google.protobuf.FieldOptions.OptionRetention
+	(FieldOptions_OptionTargetType)(0),            // 7: google.protobuf.FieldOptions.OptionTargetType
+	(MethodOptions_IdempotencyLevel)(0),           // 8: google.protobuf.MethodOptions.IdempotencyLevel
+	(GeneratedCodeInfo_Annotation_Semantic)(0),    // 9: google.protobuf.GeneratedCodeInfo.Annotation.Semantic
+	(*FileDescriptorSet)(nil),                     // 10: google.protobuf.FileDescriptorSet
+	(*FileDescriptorProto)(nil),                   // 11: google.protobuf.FileDescriptorProto
+	(*DescriptorProto)(nil),                       // 12: google.protobuf.DescriptorProto
+	(*ExtensionRangeOptions)(nil),                 // 13: google.protobuf.ExtensionRangeOptions
+	(*FieldDescriptorProto)(nil),                  // 14: google.protobuf.FieldDescriptorProto
+	(*OneofDescriptorProto)(nil),                  // 15: google.protobuf.OneofDescriptorProto
+	(*EnumDescriptorProto)(nil),                   // 16: google.protobuf.EnumDescriptorProto
+	(*EnumValueDescriptorProto)(nil),              // 17: google.protobuf.EnumValueDescriptorProto
+	(*ServiceDescriptorProto)(nil),                // 18: google.protobuf.ServiceDescriptorProto
+	(*MethodDescriptorProto)(nil),                 // 19: google.protobuf.MethodDescriptorProto
+	(*FileOptions)(nil),                           // 20: google.protobuf.FileOptions
+	(*MessageOptions)(nil),                        // 21: google.protobuf.MessageOptions
+	(*FieldOptions)(nil),                          // 22: google.protobuf.FieldOptions
+	(*OneofOptions)(nil),                          // 23: google.protobuf.OneofOptions
+	(*EnumOptions)(nil),                           // 24: google.protobuf.EnumOptions
+	(*EnumValueOptions)(nil),                      // 25: google.protobuf.EnumValueOptions
+	(*ServiceOptions)(nil),                        // 26: google.protobuf.ServiceOptions
+	(*MethodOptions)(nil),                         // 27: google.protobuf.MethodOptions
+	(*UninterpretedOption)(nil),                   // 28: google.protobuf.UninterpretedOption
+	(*SourceCodeInfo)(nil),                        // 29: google.protobuf.SourceCodeInfo
+	(*GeneratedCodeInfo)(nil),                     // 30: google.protobuf.GeneratedCodeInfo
+	(*DescriptorProto_ExtensionRange)(nil),        // 31: google.protobuf.DescriptorProto.ExtensionRange
+	(*DescriptorProto_ReservedRange)(nil),         // 32: google.protobuf.DescriptorProto.ReservedRange
+	(*ExtensionRangeOptions_Declaration)(nil),     // 33: google.protobuf.ExtensionRangeOptions.Declaration
+	(*EnumDescriptorProto_EnumReservedRange)(nil), // 34: google.protobuf.EnumDescriptorProto.EnumReservedRange
+	(*UninterpretedOption_NamePart)(nil),          // 35: google.protobuf.UninterpretedOption.NamePart
+	(*SourceCodeInfo_Location)(nil),               // 36: google.protobuf.SourceCodeInfo.Location
+	(*GeneratedCodeInfo_Annotation)(nil),          // 37: google.protobuf.GeneratedCodeInfo.Annotation
 }
 var file_google_protobuf_descriptor_proto_depIdxs = []int32{
-	10, // 0: google.protobuf.FileDescriptorSet.file:type_name -> google.protobuf.FileDescriptorProto
-	11, // 1: google.protobuf.FileDescriptorProto.message_type:type_name -> google.protobuf.DescriptorProto
-	15, // 2: google.protobuf.FileDescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto
-	17, // 3: google.protobuf.FileDescriptorProto.service:type_name -> google.protobuf.ServiceDescriptorProto
-	13, // 4: google.protobuf.FileDescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto
-	19, // 5: google.protobuf.FileDescriptorProto.options:type_name -> google.protobuf.FileOptions
-	28, // 6: google.protobuf.FileDescriptorProto.source_code_info:type_name -> google.protobuf.SourceCodeInfo
-	13, // 7: google.protobuf.DescriptorProto.field:type_name -> google.protobuf.FieldDescriptorProto
-	13, // 8: google.protobuf.DescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto
-	11, // 9: google.protobuf.DescriptorProto.nested_type:type_name -> google.protobuf.DescriptorProto
-	15, // 10: google.protobuf.DescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto
-	30, // 11: google.protobuf.DescriptorProto.extension_range:type_name -> google.protobuf.DescriptorProto.ExtensionRange
-	14, // 12: google.protobuf.DescriptorProto.oneof_decl:type_name -> google.protobuf.OneofDescriptorProto
-	20, // 13: google.protobuf.DescriptorProto.options:type_name -> google.protobuf.MessageOptions
-	31, // 14: google.protobuf.DescriptorProto.reserved_range:type_name -> google.protobuf.DescriptorProto.ReservedRange
-	27, // 15: google.protobuf.ExtensionRangeOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	1,  // 16: google.protobuf.FieldDescriptorProto.label:type_name -> google.protobuf.FieldDescriptorProto.Label
-	0,  // 17: google.protobuf.FieldDescriptorProto.type:type_name -> google.protobuf.FieldDescriptorProto.Type
-	21, // 18: google.protobuf.FieldDescriptorProto.options:type_name -> google.protobuf.FieldOptions
-	22, // 19: google.protobuf.OneofDescriptorProto.options:type_name -> google.protobuf.OneofOptions
-	16, // 20: google.protobuf.EnumDescriptorProto.value:type_name -> google.protobuf.EnumValueDescriptorProto
-	23, // 21: google.protobuf.EnumDescriptorProto.options:type_name -> google.protobuf.EnumOptions
-	32, // 22: google.protobuf.EnumDescriptorProto.reserved_range:type_name -> google.protobuf.EnumDescriptorProto.EnumReservedRange
-	24, // 23: google.protobuf.EnumValueDescriptorProto.options:type_name -> google.protobuf.EnumValueOptions
-	18, // 24: google.protobuf.ServiceDescriptorProto.method:type_name -> google.protobuf.MethodDescriptorProto
-	25, // 25: google.protobuf.ServiceDescriptorProto.options:type_name -> google.protobuf.ServiceOptions
-	26, // 26: google.protobuf.MethodDescriptorProto.options:type_name -> google.protobuf.MethodOptions
-	2,  // 27: google.protobuf.FileOptions.optimize_for:type_name -> google.protobuf.FileOptions.OptimizeMode
-	27, // 28: google.protobuf.FileOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	27, // 29: google.protobuf.MessageOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	3,  // 30: google.protobuf.FieldOptions.ctype:type_name -> google.protobuf.FieldOptions.CType
-	4,  // 31: google.protobuf.FieldOptions.jstype:type_name -> google.protobuf.FieldOptions.JSType
-	5,  // 32: google.protobuf.FieldOptions.retention:type_name -> google.protobuf.FieldOptions.OptionRetention
-	6,  // 33: google.protobuf.FieldOptions.target:type_name -> google.protobuf.FieldOptions.OptionTargetType
-	27, // 34: google.protobuf.FieldOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	27, // 35: google.protobuf.OneofOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	27, // 36: google.protobuf.EnumOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	27, // 37: google.protobuf.EnumValueOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	27, // 38: google.protobuf.ServiceOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	7,  // 39: google.protobuf.MethodOptions.idempotency_level:type_name -> google.protobuf.MethodOptions.IdempotencyLevel
-	27, // 40: google.protobuf.MethodOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	33, // 41: google.protobuf.UninterpretedOption.name:type_name -> google.protobuf.UninterpretedOption.NamePart
-	34, // 42: google.protobuf.SourceCodeInfo.location:type_name -> google.protobuf.SourceCodeInfo.Location
-	35, // 43: google.protobuf.GeneratedCodeInfo.annotation:type_name -> google.protobuf.GeneratedCodeInfo.Annotation
-	12, // 44: google.protobuf.DescriptorProto.ExtensionRange.options:type_name -> google.protobuf.ExtensionRangeOptions
-	8,  // 45: google.protobuf.GeneratedCodeInfo.Annotation.semantic:type_name -> google.protobuf.GeneratedCodeInfo.Annotation.Semantic
-	46, // [46:46] is the sub-list for method output_type
-	46, // [46:46] is the sub-list for method input_type
-	46, // [46:46] is the sub-list for extension type_name
-	46, // [46:46] is the sub-list for extension extendee
-	0,  // [0:46] is the sub-list for field type_name
+	11, // 0: google.protobuf.FileDescriptorSet.file:type_name -> google.protobuf.FileDescriptorProto
+	12, // 1: google.protobuf.FileDescriptorProto.message_type:type_name -> google.protobuf.DescriptorProto
+	16, // 2: google.protobuf.FileDescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto
+	18, // 3: google.protobuf.FileDescriptorProto.service:type_name -> google.protobuf.ServiceDescriptorProto
+	14, // 4: google.protobuf.FileDescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto
+	20, // 5: google.protobuf.FileDescriptorProto.options:type_name -> google.protobuf.FileOptions
+	29, // 6: google.protobuf.FileDescriptorProto.source_code_info:type_name -> google.protobuf.SourceCodeInfo
+	14, // 7: google.protobuf.DescriptorProto.field:type_name -> google.protobuf.FieldDescriptorProto
+	14, // 8: google.protobuf.DescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto
+	12, // 9: google.protobuf.DescriptorProto.nested_type:type_name -> google.protobuf.DescriptorProto
+	16, // 10: google.protobuf.DescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto
+	31, // 11: google.protobuf.DescriptorProto.extension_range:type_name -> google.protobuf.DescriptorProto.ExtensionRange
+	15, // 12: google.protobuf.DescriptorProto.oneof_decl:type_name -> google.protobuf.OneofDescriptorProto
+	21, // 13: google.protobuf.DescriptorProto.options:type_name -> google.protobuf.MessageOptions
+	32, // 14: google.protobuf.DescriptorProto.reserved_range:type_name -> google.protobuf.DescriptorProto.ReservedRange
+	28, // 15: google.protobuf.ExtensionRangeOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
+	33, // 16: google.protobuf.ExtensionRangeOptions.declaration:type_name -> google.protobuf.ExtensionRangeOptions.Declaration
+	0,  // 17: google.protobuf.ExtensionRangeOptions.verification:type_name -> google.protobuf.ExtensionRangeOptions.VerificationState
+	2,  // 18: google.protobuf.FieldDescriptorProto.label:type_name -> google.protobuf.FieldDescriptorProto.Label
+	1,  // 19: google.protobuf.FieldDescriptorProto.type:type_name -> google.protobuf.FieldDescriptorProto.Type
+	22, // 20: google.protobuf.FieldDescriptorProto.options:type_name -> google.protobuf.FieldOptions
+	23, // 21: google.protobuf.OneofDescriptorProto.options:type_name -> google.protobuf.OneofOptions
+	17, // 22: google.protobuf.EnumDescriptorProto.value:type_name -> google.protobuf.EnumValueDescriptorProto
+	24, // 23: google.protobuf.EnumDescriptorProto.options:type_name -> google.protobuf.EnumOptions
+	34, // 24: google.protobuf.EnumDescriptorProto.reserved_range:type_name -> google.protobuf.EnumDescriptorProto.EnumReservedRange
+	25, // 25: google.protobuf.EnumValueDescriptorProto.options:type_name -> google.protobuf.EnumValueOptions
+	19, // 26: google.protobuf.ServiceDescriptorProto.method:type_name -> google.protobuf.MethodDescriptorProto
+	26, // 27: google.protobuf.ServiceDescriptorProto.options:type_name -> google.protobuf.ServiceOptions
+	27, // 28: google.protobuf.MethodDescriptorProto.options:type_name -> google.protobuf.MethodOptions
+	3,  // 29: google.protobuf.FileOptions.optimize_for:type_name -> google.protobuf.FileOptions.OptimizeMode
+	28, // 30: google.protobuf.FileOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
+	28, // 31: google.protobuf.MessageOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
+	4,  // 32: google.protobuf.FieldOptions.ctype:type_name -> google.protobuf.FieldOptions.CType
+	5,  // 33: google.protobuf.FieldOptions.jstype:type_name -> google.protobuf.FieldOptions.JSType
+	6,  // 34: google.protobuf.FieldOptions.retention:type_name -> google.protobuf.FieldOptions.OptionRetention
+	7,  // 35: google.protobuf.FieldOptions.target:type_name -> google.protobuf.FieldOptions.OptionTargetType
+	7,  // 36: google.protobuf.FieldOptions.targets:type_name -> google.protobuf.FieldOptions.OptionTargetType
+	28, // 37: google.protobuf.FieldOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
+	28, // 38: google.protobuf.OneofOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
+	28, // 39: google.protobuf.EnumOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
+	28, // 40: google.protobuf.EnumValueOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
+	28, // 41: google.protobuf.ServiceOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
+	8,  // 42: google.protobuf.MethodOptions.idempotency_level:type_name -> google.protobuf.MethodOptions.IdempotencyLevel
+	28, // 43: google.protobuf.MethodOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
+	35, // 44: google.protobuf.UninterpretedOption.name:type_name -> google.protobuf.UninterpretedOption.NamePart
+	36, // 45: google.protobuf.SourceCodeInfo.location:type_name -> google.protobuf.SourceCodeInfo.Location
+	37, // 46: google.protobuf.GeneratedCodeInfo.annotation:type_name -> google.protobuf.GeneratedCodeInfo.Annotation
+	13, // 47: google.protobuf.DescriptorProto.ExtensionRange.options:type_name -> google.protobuf.ExtensionRangeOptions
+	9,  // 48: google.protobuf.GeneratedCodeInfo.Annotation.semantic:type_name -> google.protobuf.GeneratedCodeInfo.Annotation.Semantic
+	49, // [49:49] is the sub-list for method output_type
+	49, // [49:49] is the sub-list for method input_type
+	49, // [49:49] is the sub-list for extension type_name
+	49, // [49:49] is the sub-list for extension extendee
+	0,  // [0:49] is the sub-list for field type_name
 }
 
 func init() { file_google_protobuf_descriptor_proto_init() }
@@ -4280,7 +4523,7 @@ func file_google_protobuf_descriptor_proto_init() {
 			}
 		}
 		file_google_protobuf_descriptor_proto_msgTypes[23].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*EnumDescriptorProto_EnumReservedRange); i {
+			switch v := v.(*ExtensionRangeOptions_Declaration); i {
 			case 0:
 				return &v.state
 			case 1:
@@ -4292,7 +4535,7 @@ func file_google_protobuf_descriptor_proto_init() {
 			}
 		}
 		file_google_protobuf_descriptor_proto_msgTypes[24].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*UninterpretedOption_NamePart); i {
+			switch v := v.(*EnumDescriptorProto_EnumReservedRange); i {
 			case 0:
 				return &v.state
 			case 1:
@@ -4304,7 +4547,7 @@ func file_google_protobuf_descriptor_proto_init() {
 			}
 		}
 		file_google_protobuf_descriptor_proto_msgTypes[25].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*SourceCodeInfo_Location); i {
+			switch v := v.(*UninterpretedOption_NamePart); i {
 			case 0:
 				return &v.state
 			case 1:
@@ -4316,6 +4559,18 @@ func file_google_protobuf_descriptor_proto_init() {
 			}
 		}
 		file_google_protobuf_descriptor_proto_msgTypes[26].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*SourceCodeInfo_Location); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+		file_google_protobuf_descriptor_proto_msgTypes[27].Exporter = func(v interface{}, i int) interface{} {
 			switch v := v.(*GeneratedCodeInfo_Annotation); i {
 			case 0:
 				return &v.state
@@ -4333,8 +4588,8 @@ func file_google_protobuf_descriptor_proto_init() {
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_google_protobuf_descriptor_proto_rawDesc,
-			NumEnums:      9,
-			NumMessages:   27,
+			NumEnums:      10,
+			NumMessages:   28,
 			NumExtensions: 0,
 			NumServices:   0,
 		},
diff --git a/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go b/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
index 61f69fc11..81511a336 100644
--- a/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
+++ b/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
@@ -167,7 +167,7 @@ import (
 // [`strftime`](https://docs.python.org/2/library/time.html#time.strftime) with
 // the time format spec '%Y-%m-%dT%H:%M:%S.%fZ'. Likewise, in Java, one can use
 // the Joda Time's [`ISODateTimeFormat.dateTime()`](
-// http://www.joda.org/joda-time/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime%2D%2D
+// http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime()
 // ) to obtain a formatter capable of generating timestamps in this format.
 type Timestamp struct {
 	state         protoimpl.MessageState
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 3e494f7bc..dabf3c4c5 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -80,27 +80,25 @@ github.com/matttproud/golang_protobuf_extensions/pbutil
 # github.com/pelletier/go-toml v1.9.3
 ## explicit; go 1.12
 github.com/pelletier/go-toml
-# github.com/prometheus/client_golang v1.16.0
-## explicit; go 1.17
+# github.com/prometheus/client_golang v1.17.0
+## explicit; go 1.19
 github.com/prometheus/client_golang/prometheus
 github.com/prometheus/client_golang/prometheus/internal
 github.com/prometheus/client_golang/prometheus/promauto
 github.com/prometheus/client_golang/prometheus/promhttp
-# github.com/prometheus/client_model v0.4.0
+# github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16
 ## explicit; go 1.18
 github.com/prometheus/client_model/go
-# github.com/prometheus/common v0.42.0
+# github.com/prometheus/common v0.44.0
 ## explicit; go 1.18
 github.com/prometheus/common/expfmt
 github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg
 github.com/prometheus/common/model
-# github.com/prometheus/procfs v0.10.1
+# github.com/prometheus/procfs v0.11.1
 ## explicit; go 1.19
 github.com/prometheus/procfs
 github.com/prometheus/procfs/internal/fs
 github.com/prometheus/procfs/internal/util
-# github.com/rogpeppe/go-internal v1.10.0
-## explicit; go 1.19
 # github.com/stretchr/testify v1.8.4
 ## explicit; go 1.20
 # github.com/weppos/publicsuffix-go v0.30.0
@@ -168,7 +166,7 @@ golang.org/x/text/secure/bidirule
 golang.org/x/text/transform
 golang.org/x/text/unicode/bidi
 golang.org/x/text/unicode/norm
-# google.golang.org/protobuf v1.30.0
+# google.golang.org/protobuf v1.31.0
 ## explicit; go 1.11
 google.golang.org/protobuf/encoding/prototext
 google.golang.org/protobuf/encoding/protowire

From 73b6dc978e4f69528a4e3f30ad3ba37883a8478b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 11 Oct 2023 22:27:04 +0000
Subject: [PATCH 45/73] build(deps): bump golang.org/x/net from 0.10.0 to
 0.17.0

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.10.0 to 0.17.0.
- [Commits](https://github.com/golang/net/compare/v0.10.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                       |    2 +-
 go.sum                                       |    4 +-
 vendor/golang.org/x/net/idna/idna9.0.0.go    |    2 +-
 vendor/golang.org/x/net/idna/tables13.0.0.go | 2988 +++++-----
 vendor/golang.org/x/net/idna/tables15.0.0.go | 5145 ++++++++++++++++++
 vendor/golang.org/x/net/idna/trie.go         |   21 -
 vendor/golang.org/x/net/idna/trie12.0.0.go   |   31 +
 vendor/golang.org/x/net/idna/trie13.0.0.go   |   31 +
 vendor/modules.txt                           |    2 +-
 9 files changed, 6766 insertions(+), 1460 deletions(-)
 create mode 100644 vendor/golang.org/x/net/idna/tables15.0.0.go
 create mode 100644 vendor/golang.org/x/net/idna/trie12.0.0.go
 create mode 100644 vendor/golang.org/x/net/idna/trie13.0.0.go

diff --git a/go.mod b/go.mod
index 038f50cb2..7edc602a3 100644
--- a/go.mod
+++ b/go.mod
@@ -35,7 +35,7 @@ require (
 	github.com/stretchr/testify v1.8.4 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
-	golang.org/x/net v0.10.0 // indirect
+	golang.org/x/net v0.17.0 // indirect
 	golang.org/x/sys v0.13.0 // indirect
 	golang.org/x/text v0.13.0 // indirect
 	google.golang.org/protobuf v1.30.0 // indirect
diff --git a/go.sum b/go.sum
index b0dfb5d7e..b1f6cf9e1 100644
--- a/go.sum
+++ b/go.sum
@@ -462,8 +462,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M=
-golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
+golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
diff --git a/vendor/golang.org/x/net/idna/idna9.0.0.go b/vendor/golang.org/x/net/idna/idna9.0.0.go
index aae6aac87..ee1698cef 100644
--- a/vendor/golang.org/x/net/idna/idna9.0.0.go
+++ b/vendor/golang.org/x/net/idna/idna9.0.0.go
@@ -121,7 +121,7 @@ func CheckJoiners(enable bool) Option {
 	}
 }
 
-// StrictDomainName limits the set of permissable ASCII characters to those
+// StrictDomainName limits the set of permissible ASCII characters to those
 // allowed in domain names as defined in RFC 1034 (A-Z, a-z, 0-9 and the
 // hyphen). This is set by default for MapForLookup and ValidateForRegistration,
 // but is only useful if ValidateLabels is set.
diff --git a/vendor/golang.org/x/net/idna/tables13.0.0.go b/vendor/golang.org/x/net/idna/tables13.0.0.go
index 390c5e56d..66701eadf 100644
--- a/vendor/golang.org/x/net/idna/tables13.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables13.0.0.go
@@ -1,151 +1,294 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
-//go:build go1.16
-// +build go1.16
+//go:build go1.16 && !go1.21
+// +build go1.16,!go1.21
 
 package idna
 
 // UnicodeVersion is the Unicode version from which the tables in this package are derived.
 const UnicodeVersion = "13.0.0"
 
-var mappings string = "" + // Size: 8188 bytes
-	"\x00\x01 \x03 ̈\x01a\x03 ̄\x012\x013\x03 ́\x03 ̧\x011\x01o\x051⁄4\x051⁄2" +
-	"\x053⁄4\x03i̇\x03l·\x03ʼn\x01s\x03dž\x03ⱥ\x03ⱦ\x01h\x01j\x01r\x01w\x01y" +
-	"\x03 ̆\x03 ̇\x03 ̊\x03 ̨\x03 ̃\x03 ̋\x01l\x01x\x04̈́\x03 ι\x01;\x05 ̈́" +
-	"\x04եւ\x04اٴ\x04وٴ\x04ۇٴ\x04يٴ\x06क़\x06ख़\x06ग़\x06ज़\x06ड़\x06ढ़\x06फ़" +
-	"\x06य़\x06ড়\x06ঢ়\x06য়\x06ਲ਼\x06ਸ਼\x06ਖ਼\x06ਗ਼\x06ਜ਼\x06ਫ਼\x06ଡ଼\x06ଢ଼" +
-	"\x06ํา\x06ໍາ\x06ຫນ\x06ຫມ\x06གྷ\x06ཌྷ\x06དྷ\x06བྷ\x06ཛྷ\x06ཀྵ\x06ཱི\x06ཱུ" +
-	"\x06ྲྀ\x09ྲཱྀ\x06ླྀ\x09ླཱྀ\x06ཱྀ\x06ྒྷ\x06ྜྷ\x06ྡྷ\x06ྦྷ\x06ྫྷ\x06ྐྵ\x02" +
-	"в\x02д\x02о\x02с\x02т\x02ъ\x02ѣ\x02æ\x01b\x01d\x01e\x02ǝ\x01g\x01i\x01k" +
-	"\x01m\x01n\x02ȣ\x01p\x01t\x01u\x02ɐ\x02ɑ\x02ə\x02ɛ\x02ɜ\x02ŋ\x02ɔ\x02ɯ" +
-	"\x01v\x02β\x02γ\x02δ\x02φ\x02χ\x02ρ\x02н\x02ɒ\x01c\x02ɕ\x02ð\x01f\x02ɟ" +
-	"\x02ɡ\x02ɥ\x02ɨ\x02ɩ\x02ɪ\x02ʝ\x02ɭ\x02ʟ\x02ɱ\x02ɰ\x02ɲ\x02ɳ\x02ɴ\x02ɵ" +
-	"\x02ɸ\x02ʂ\x02ʃ\x02ƫ\x02ʉ\x02ʊ\x02ʋ\x02ʌ\x01z\x02ʐ\x02ʑ\x02ʒ\x02θ\x02ss" +
-	"\x02ά\x02έ\x02ή\x02ί\x02ό\x02ύ\x02ώ\x05ἀι\x05ἁι\x05ἂι\x05ἃι\x05ἄι\x05ἅι" +
-	"\x05ἆι\x05ἇι\x05ἠι\x05ἡι\x05ἢι\x05ἣι\x05ἤι\x05ἥι\x05ἦι\x05ἧι\x05ὠι\x05ὡι" +
-	"\x05ὢι\x05ὣι\x05ὤι\x05ὥι\x05ὦι\x05ὧι\x05ὰι\x04αι\x04άι\x05ᾶι\x02ι\x05 ̈͂" +
-	"\x05ὴι\x04ηι\x04ήι\x05ῆι\x05 ̓̀\x05 ̓́\x05 ̓͂\x02ΐ\x05 ̔̀\x05 ̔́\x05 ̔͂" +
-	"\x02ΰ\x05 ̈̀\x01`\x05ὼι\x04ωι\x04ώι\x05ῶι\x06′′\x09′′′\x06‵‵\x09‵‵‵\x02!" +
-	"!\x02??\x02?!\x02!?\x0c′′′′\x010\x014\x015\x016\x017\x018\x019\x01+\x01=" +
-	"\x01(\x01)\x02rs\x02ħ\x02no\x01q\x02sm\x02tm\x02ω\x02å\x02א\x02ב\x02ג" +
-	"\x02ד\x02π\x051⁄7\x051⁄9\x061⁄10\x051⁄3\x052⁄3\x051⁄5\x052⁄5\x053⁄5\x054" +
-	"⁄5\x051⁄6\x055⁄6\x051⁄8\x053⁄8\x055⁄8\x057⁄8\x041⁄\x02ii\x02iv\x02vi" +
-	"\x04viii\x02ix\x02xi\x050⁄3\x06∫∫\x09∫∫∫\x06∮∮\x09∮∮∮\x0210\x0211\x0212" +
-	"\x0213\x0214\x0215\x0216\x0217\x0218\x0219\x0220\x04(10)\x04(11)\x04(12)" +
-	"\x04(13)\x04(14)\x04(15)\x04(16)\x04(17)\x04(18)\x04(19)\x04(20)\x0c∫∫∫∫" +
-	"\x02==\x05⫝̸\x02ɫ\x02ɽ\x02ȿ\x02ɀ\x01.\x04 ゙\x04 ゚\x06より\x06コト\x05(ᄀ)\x05" +
-	"(ᄂ)\x05(ᄃ)\x05(ᄅ)\x05(ᄆ)\x05(ᄇ)\x05(ᄉ)\x05(ᄋ)\x05(ᄌ)\x05(ᄎ)\x05(ᄏ)\x05(ᄐ" +
-	")\x05(ᄑ)\x05(ᄒ)\x05(가)\x05(나)\x05(다)\x05(라)\x05(마)\x05(바)\x05(사)\x05(아)" +
-	"\x05(자)\x05(차)\x05(카)\x05(타)\x05(파)\x05(하)\x05(주)\x08(오전)\x08(오후)\x05(一)" +
-	"\x05(二)\x05(三)\x05(四)\x05(五)\x05(六)\x05(七)\x05(八)\x05(九)\x05(十)\x05(月)" +
-	"\x05(火)\x05(水)\x05(木)\x05(金)\x05(土)\x05(日)\x05(株)\x05(有)\x05(社)\x05(名)" +
-	"\x05(特)\x05(財)\x05(祝)\x05(労)\x05(代)\x05(呼)\x05(学)\x05(監)\x05(企)\x05(資)" +
-	"\x05(協)\x05(祭)\x05(休)\x05(自)\x05(至)\x0221\x0222\x0223\x0224\x0225\x0226" +
-	"\x0227\x0228\x0229\x0230\x0231\x0232\x0233\x0234\x0235\x06참고\x06주의\x0236" +
-	"\x0237\x0238\x0239\x0240\x0241\x0242\x0243\x0244\x0245\x0246\x0247\x0248" +
-	"\x0249\x0250\x041月\x042月\x043月\x044月\x045月\x046月\x047月\x048月\x049月\x0510" +
-	"月\x0511月\x0512月\x02hg\x02ev\x06令和\x0cアパート\x0cアルファ\x0cアンペア\x09アール\x0cイニ" +
-	"ング\x09インチ\x09ウォン\x0fエスクード\x0cエーカー\x09オンス\x09オーム\x09カイリ\x0cカラット\x0cカロリー" +
-	"\x09ガロン\x09ガンマ\x06ギガ\x09ギニー\x0cキュリー\x0cギルダー\x06キロ\x0fキログラム\x12キロメートル\x0f" +
-	"キロワット\x09グラム\x0fグラムトン\x0fクルゼイロ\x0cクローネ\x09ケース\x09コルナ\x09コーポ\x0cサイクル" +
-	"\x0fサンチーム\x0cシリング\x09センチ\x09セント\x09ダース\x06デシ\x06ドル\x06トン\x06ナノ\x09ノット" +
-	"\x09ハイツ\x0fパーセント\x09パーツ\x0cバーレル\x0fピアストル\x09ピクル\x06ピコ\x06ビル\x0fファラッド\x0c" +
-	"フィート\x0fブッシェル\x09フラン\x0fヘクタール\x06ペソ\x09ペニヒ\x09ヘルツ\x09ペンス\x09ページ\x09ベータ" +
-	"\x0cポイント\x09ボルト\x06ホン\x09ポンド\x09ホール\x09ホーン\x0cマイクロ\x09マイル\x09マッハ\x09マルク" +
-	"\x0fマンション\x0cミクロン\x06ミリ\x0fミリバール\x06メガ\x0cメガトン\x0cメートル\x09ヤード\x09ヤール\x09" +
-	"ユアン\x0cリットル\x06リラ\x09ルピー\x0cルーブル\x06レム\x0fレントゲン\x09ワット\x040点\x041点\x04" +
-	"2点\x043点\x044点\x045点\x046点\x047点\x048点\x049点\x0510点\x0511点\x0512点\x0513点" +
-	"\x0514点\x0515点\x0516点\x0517点\x0518点\x0519点\x0520点\x0521点\x0522点\x0523点" +
-	"\x0524点\x02da\x02au\x02ov\x02pc\x02dm\x02iu\x06平成\x06昭和\x06大正\x06明治\x0c株" +
-	"式会社\x02pa\x02na\x02ma\x02ka\x02kb\x02mb\x02gb\x04kcal\x02pf\x02nf\x02m" +
-	"g\x02kg\x02hz\x02ml\x02dl\x02kl\x02fm\x02nm\x02mm\x02cm\x02km\x02m2\x02m" +
-	"3\x05m∕s\x06m∕s2\x07rad∕s\x08rad∕s2\x02ps\x02ns\x02ms\x02pv\x02nv\x02mv" +
-	"\x02kv\x02pw\x02nw\x02mw\x02kw\x02bq\x02cc\x02cd\x06c∕kg\x02db\x02gy\x02" +
-	"ha\x02hp\x02in\x02kk\x02kt\x02lm\x02ln\x02lx\x02ph\x02pr\x02sr\x02sv\x02" +
-	"wb\x05v∕m\x05a∕m\x041日\x042日\x043日\x044日\x045日\x046日\x047日\x048日\x049日" +
-	"\x0510日\x0511日\x0512日\x0513日\x0514日\x0515日\x0516日\x0517日\x0518日\x0519日" +
-	"\x0520日\x0521日\x0522日\x0523日\x0524日\x0525日\x0526日\x0527日\x0528日\x0529日" +
-	"\x0530日\x0531日\x02ь\x02ɦ\x02ɬ\x02ʞ\x02ʇ\x02œ\x02ʍ\x04𤋮\x04𢡊\x04𢡄\x04𣏕" +
-	"\x04𥉉\x04𥳐\x04𧻓\x02ff\x02fi\x02fl\x02st\x04մն\x04մե\x04մի\x04վն\x04մխ" +
-	"\x04יִ\x04ײַ\x02ע\x02ה\x02כ\x02ל\x02ם\x02ר\x02ת\x04שׁ\x04שׂ\x06שּׁ\x06שּ" +
-	"ׂ\x04אַ\x04אָ\x04אּ\x04בּ\x04גּ\x04דּ\x04הּ\x04וּ\x04זּ\x04טּ\x04יּ\x04" +
-	"ךּ\x04כּ\x04לּ\x04מּ\x04נּ\x04סּ\x04ףּ\x04פּ\x04צּ\x04קּ\x04רּ\x04שּ" +
-	"\x04תּ\x04וֹ\x04בֿ\x04כֿ\x04פֿ\x04אל\x02ٱ\x02ٻ\x02پ\x02ڀ\x02ٺ\x02ٿ\x02ٹ" +
-	"\x02ڤ\x02ڦ\x02ڄ\x02ڃ\x02چ\x02ڇ\x02ڍ\x02ڌ\x02ڎ\x02ڈ\x02ژ\x02ڑ\x02ک\x02گ" +
-	"\x02ڳ\x02ڱ\x02ں\x02ڻ\x02ۀ\x02ہ\x02ھ\x02ے\x02ۓ\x02ڭ\x02ۇ\x02ۆ\x02ۈ\x02ۋ" +
-	"\x02ۅ\x02ۉ\x02ې\x02ى\x04ئا\x04ئە\x04ئو\x04ئۇ\x04ئۆ\x04ئۈ\x04ئې\x04ئى\x02" +
-	"ی\x04ئج\x04ئح\x04ئم\x04ئي\x04بج\x04بح\x04بخ\x04بم\x04بى\x04بي\x04تج\x04" +
-	"تح\x04تخ\x04تم\x04تى\x04تي\x04ثج\x04ثم\x04ثى\x04ثي\x04جح\x04جم\x04حج" +
-	"\x04حم\x04خج\x04خح\x04خم\x04سج\x04سح\x04سخ\x04سم\x04صح\x04صم\x04ضج\x04ضح" +
-	"\x04ضخ\x04ضم\x04طح\x04طم\x04ظم\x04عج\x04عم\x04غج\x04غم\x04فج\x04فح\x04فخ" +
-	"\x04فم\x04فى\x04في\x04قح\x04قم\x04قى\x04قي\x04كا\x04كج\x04كح\x04كخ\x04كل" +
-	"\x04كم\x04كى\x04كي\x04لج\x04لح\x04لخ\x04لم\x04لى\x04لي\x04مج\x04مح\x04مخ" +
-	"\x04مم\x04مى\x04مي\x04نج\x04نح\x04نخ\x04نم\x04نى\x04ني\x04هج\x04هم\x04هى" +
-	"\x04هي\x04يج\x04يح\x04يخ\x04يم\x04يى\x04يي\x04ذٰ\x04رٰ\x04ىٰ\x05 ٌّ\x05 " +
-	"ٍّ\x05 َّ\x05 ُّ\x05 ِّ\x05 ّٰ\x04ئر\x04ئز\x04ئن\x04بر\x04بز\x04بن\x04ت" +
-	"ر\x04تز\x04تن\x04ثر\x04ثز\x04ثن\x04ما\x04نر\x04نز\x04نن\x04ير\x04يز\x04" +
-	"ين\x04ئخ\x04ئه\x04به\x04ته\x04صخ\x04له\x04نه\x04هٰ\x04يه\x04ثه\x04سه" +
-	"\x04شم\x04شه\x06ـَّ\x06ـُّ\x06ـِّ\x04طى\x04طي\x04عى\x04عي\x04غى\x04غي" +
-	"\x04سى\x04سي\x04شى\x04شي\x04حى\x04حي\x04جى\x04جي\x04خى\x04خي\x04صى\x04صي" +
-	"\x04ضى\x04ضي\x04شج\x04شح\x04شخ\x04شر\x04سر\x04صر\x04ضر\x04اً\x06تجم\x06ت" +
-	"حج\x06تحم\x06تخم\x06تمج\x06تمح\x06تمخ\x06جمح\x06حمي\x06حمى\x06سحج\x06سج" +
-	"ح\x06سجى\x06سمح\x06سمج\x06سمم\x06صحح\x06صمم\x06شحم\x06شجي\x06شمخ\x06شمم" +
-	"\x06ضحى\x06ضخم\x06طمح\x06طمم\x06طمي\x06عجم\x06عمم\x06عمى\x06غمم\x06غمي" +
-	"\x06غمى\x06فخم\x06قمح\x06قمم\x06لحم\x06لحي\x06لحى\x06لجج\x06لخم\x06لمح" +
-	"\x06محج\x06محم\x06محي\x06مجح\x06مجم\x06مخج\x06مخم\x06مجخ\x06همج\x06همم" +
-	"\x06نحم\x06نحى\x06نجم\x06نجى\x06نمي\x06نمى\x06يمم\x06بخي\x06تجي\x06تجى" +
-	"\x06تخي\x06تخى\x06تمي\x06تمى\x06جمي\x06جحى\x06جمى\x06سخى\x06صحي\x06شحي" +
-	"\x06ضحي\x06لجي\x06لمي\x06يحي\x06يجي\x06يمي\x06ممي\x06قمي\x06نحي\x06عمي" +
-	"\x06كمي\x06نجح\x06مخي\x06لجم\x06كمم\x06جحي\x06حجي\x06مجي\x06فمي\x06بحي" +
-	"\x06سخي\x06نجي\x06صلے\x06قلے\x08الله\x08اكبر\x08محمد\x08صلعم\x08رسول\x08" +
-	"عليه\x08وسلم\x06صلى!صلى الله عليه وسلم\x0fجل جلاله\x08ریال\x01,\x01:" +
-	"\x01!\x01?\x01_\x01{\x01}\x01[\x01]\x01#\x01&\x01*\x01-\x01<\x01>\x01\\" +
-	"\x01$\x01%\x01@\x04ـً\x04ـَ\x04ـُ\x04ـِ\x04ـّ\x04ـْ\x02ء\x02آ\x02أ\x02ؤ" +
-	"\x02إ\x02ئ\x02ا\x02ب\x02ة\x02ت\x02ث\x02ج\x02ح\x02خ\x02د\x02ذ\x02ر\x02ز" +
-	"\x02س\x02ش\x02ص\x02ض\x02ط\x02ظ\x02ع\x02غ\x02ف\x02ق\x02ك\x02ل\x02م\x02ن" +
-	"\x02ه\x02و\x02ي\x04لآ\x04لأ\x04لإ\x04لا\x01\x22\x01'\x01/\x01^\x01|\x01~" +
-	"\x02¢\x02£\x02¬\x02¦\x02¥\x08𝅗𝅥\x08𝅘𝅥\x0c𝅘𝅥𝅮\x0c𝅘𝅥𝅯\x0c𝅘𝅥𝅰\x0c𝅘𝅥𝅱\x0c𝅘𝅥𝅲" +
-	"\x08𝆹𝅥\x08𝆺𝅥\x0c𝆹𝅥𝅮\x0c𝆺𝅥𝅮\x0c𝆹𝅥𝅯\x0c𝆺𝅥𝅯\x02ı\x02ȷ\x02α\x02ε\x02ζ\x02η" +
-	"\x02κ\x02λ\x02μ\x02ν\x02ξ\x02ο\x02σ\x02τ\x02υ\x02ψ\x03∇\x03∂\x02ϝ\x02ٮ" +
-	"\x02ڡ\x02ٯ\x020,\x021,\x022,\x023,\x024,\x025,\x026,\x027,\x028,\x029," +
-	"\x03(a)\x03(b)\x03(c)\x03(d)\x03(e)\x03(f)\x03(g)\x03(h)\x03(i)\x03(j)" +
-	"\x03(k)\x03(l)\x03(m)\x03(n)\x03(o)\x03(p)\x03(q)\x03(r)\x03(s)\x03(t)" +
-	"\x03(u)\x03(v)\x03(w)\x03(x)\x03(y)\x03(z)\x07〔s〕\x02wz\x02hv\x02sd\x03p" +
-	"pv\x02wc\x02mc\x02md\x02mr\x02dj\x06ほか\x06ココ\x03サ\x03手\x03字\x03双\x03デ" +
-	"\x03二\x03多\x03解\x03天\x03交\x03映\x03無\x03料\x03前\x03後\x03再\x03新\x03初\x03終" +
-	"\x03生\x03販\x03声\x03吹\x03演\x03投\x03捕\x03一\x03三\x03遊\x03左\x03中\x03右\x03指" +
-	"\x03走\x03打\x03禁\x03空\x03合\x03満\x03有\x03月\x03申\x03割\x03営\x03配\x09〔本〕\x09〔" +
-	"三〕\x09〔二〕\x09〔安〕\x09〔点〕\x09〔打〕\x09〔盗〕\x09〔勝〕\x09〔敗〕\x03得\x03可\x03丽\x03" +
-	"丸\x03乁\x03你\x03侮\x03侻\x03倂\x03偺\x03備\x03僧\x03像\x03㒞\x03免\x03兔\x03兤\x03" +
-	"具\x03㒹\x03內\x03冗\x03冤\x03仌\x03冬\x03况\x03凵\x03刃\x03㓟\x03刻\x03剆\x03剷\x03" +
-	"㔕\x03勇\x03勉\x03勤\x03勺\x03包\x03匆\x03北\x03卉\x03卑\x03博\x03即\x03卽\x03卿\x03" +
-	"灰\x03及\x03叟\x03叫\x03叱\x03吆\x03咞\x03吸\x03呈\x03周\x03咢\x03哶\x03唐\x03啓\x03" +
-	"啣\x03善\x03喙\x03喫\x03喳\x03嗂\x03圖\x03嘆\x03圗\x03噑\x03噴\x03切\x03壮\x03城\x03" +
-	"埴\x03堍\x03型\x03堲\x03報\x03墬\x03売\x03壷\x03夆\x03夢\x03奢\x03姬\x03娛\x03娧\x03" +
-	"姘\x03婦\x03㛮\x03嬈\x03嬾\x03寃\x03寘\x03寧\x03寳\x03寿\x03将\x03尢\x03㞁\x03屠\x03" +
-	"屮\x03峀\x03岍\x03嵃\x03嵮\x03嵫\x03嵼\x03巡\x03巢\x03㠯\x03巽\x03帨\x03帽\x03幩\x03" +
-	"㡢\x03㡼\x03庰\x03庳\x03庶\x03廊\x03廾\x03舁\x03弢\x03㣇\x03形\x03彫\x03㣣\x03徚\x03" +
-	"忍\x03志\x03忹\x03悁\x03㤺\x03㤜\x03悔\x03惇\x03慈\x03慌\x03慎\x03慺\x03憎\x03憲\x03" +
-	"憤\x03憯\x03懞\x03懲\x03懶\x03成\x03戛\x03扝\x03抱\x03拔\x03捐\x03挽\x03拼\x03捨\x03" +
-	"掃\x03揤\x03搢\x03揅\x03掩\x03㨮\x03摩\x03摾\x03撝\x03摷\x03㩬\x03敏\x03敬\x03旣\x03" +
-	"書\x03晉\x03㬙\x03暑\x03㬈\x03㫤\x03冒\x03冕\x03最\x03暜\x03肭\x03䏙\x03朗\x03望\x03" +
-	"朡\x03杞\x03杓\x03㭉\x03柺\x03枅\x03桒\x03梅\x03梎\x03栟\x03椔\x03㮝\x03楂\x03榣\x03" +
-	"槪\x03檨\x03櫛\x03㰘\x03次\x03歔\x03㱎\x03歲\x03殟\x03殺\x03殻\x03汎\x03沿\x03泍\x03" +
-	"汧\x03洖\x03派\x03海\x03流\x03浩\x03浸\x03涅\x03洴\x03港\x03湮\x03㴳\x03滋\x03滇\x03" +
-	"淹\x03潮\x03濆\x03瀹\x03瀞\x03瀛\x03㶖\x03灊\x03災\x03灷\x03炭\x03煅\x03熜\x03爨\x03" +
-	"爵\x03牐\x03犀\x03犕\x03獺\x03王\x03㺬\x03玥\x03㺸\x03瑇\x03瑜\x03瑱\x03璅\x03瓊\x03" +
-	"㼛\x03甤\x03甾\x03異\x03瘐\x03㿼\x03䀈\x03直\x03眞\x03真\x03睊\x03䀹\x03瞋\x03䁆\x03" +
-	"䂖\x03硎\x03碌\x03磌\x03䃣\x03祖\x03福\x03秫\x03䄯\x03穀\x03穊\x03穏\x03䈂\x03篆\x03" +
-	"築\x03䈧\x03糒\x03䊠\x03糨\x03糣\x03紀\x03絣\x03䌁\x03緇\x03縂\x03繅\x03䌴\x03䍙\x03" +
-	"罺\x03羕\x03翺\x03者\x03聠\x03聰\x03䏕\x03育\x03脃\x03䐋\x03脾\x03媵\x03舄\x03辞\x03" +
-	"䑫\x03芑\x03芋\x03芝\x03劳\x03花\x03芳\x03芽\x03苦\x03若\x03茝\x03荣\x03莭\x03茣\x03" +
-	"莽\x03菧\x03著\x03荓\x03菊\x03菌\x03菜\x03䔫\x03蓱\x03蓳\x03蔖\x03蕤\x03䕝\x03䕡\x03" +
-	"䕫\x03虐\x03虜\x03虧\x03虩\x03蚩\x03蚈\x03蜎\x03蛢\x03蝹\x03蜨\x03蝫\x03螆\x03蟡\x03" +
-	"蠁\x03䗹\x03衠\x03衣\x03裗\x03裞\x03䘵\x03裺\x03㒻\x03䚾\x03䛇\x03誠\x03諭\x03變\x03" +
-	"豕\x03貫\x03賁\x03贛\x03起\x03跋\x03趼\x03跰\x03軔\x03輸\x03邔\x03郱\x03鄑\x03鄛\x03" +
-	"鈸\x03鋗\x03鋘\x03鉼\x03鏹\x03鐕\x03開\x03䦕\x03閷\x03䧦\x03雃\x03嶲\x03霣\x03䩮\x03" +
-	"䩶\x03韠\x03䪲\x03頋\x03頩\x03飢\x03䬳\x03餩\x03馧\x03駂\x03駾\x03䯎\x03鬒\x03鱀\x03" +
-	"鳽\x03䳎\x03䳭\x03鵧\x03䳸\x03麻\x03䵖\x03黹\x03黾\x03鼅\x03鼏\x03鼖\x03鼻"
+var mappings string = "" + // Size: 6539 bytes
+	"  ̈a ̄23 ́ ̧1o1⁄41⁄23⁄4i̇l·ʼnsdžⱥⱦhjrwy ̆ ̇ ̊ ̨ ̃ ̋lẍ́ ι; ̈́եւاٴوٴۇٴيٴक" +
+	"़ख़ग़ज़ड़ढ़फ़य़ড়ঢ়য়ਲ਼ਸ਼ਖ਼ਗ਼ਜ਼ਫ਼ଡ଼ଢ଼ําໍາຫນຫມགྷཌྷདྷབྷཛྷཀྵཱཱིུྲྀྲཱྀླྀླཱ" +
+	"ཱྀྀྒྷྜྷྡྷྦྷྫྷྐྵвдостъѣæbdeǝgikmnȣptuɐɑəɛɜŋɔɯvβγδφχρнɒcɕðfɟɡɥɨɩɪʝɭʟɱɰɲɳ" +
+	"ɴɵɸʂʃƫʉʊʋʌzʐʑʒθssάέήίόύώἀιἁιἂιἃιἄιἅιἆιἇιἠιἡιἢιἣιἤιἥιἦιἧιὠιὡιὢιὣιὤιὥιὦιὧ" +
+	"ιὰιαιάιᾶιι ̈͂ὴιηιήιῆι ̓̀ ̓́ ̓͂ΐ ̔̀ ̔́ ̔͂ΰ ̈̀`ὼιωιώιῶι′′′′′‵‵‵‵‵!!???!!?" +
+	"′′′′0456789+=()rsħnoqsmtmωåאבגדπ1⁄71⁄91⁄101⁄32⁄31⁄52⁄53⁄54⁄51⁄65⁄61⁄83" +
+	"⁄85⁄87⁄81⁄iiivviviiiixxi0⁄3∫∫∫∫∫∮∮∮∮∮1011121314151617181920(10)(11)(12" +
+	")(13)(14)(15)(16)(17)(18)(19)(20)∫∫∫∫==⫝̸ɫɽȿɀ. ゙ ゚よりコト(ᄀ)(ᄂ)(ᄃ)(ᄅ)(ᄆ)(ᄇ)" +
+	"(ᄉ)(ᄋ)(ᄌ)(ᄎ)(ᄏ)(ᄐ)(ᄑ)(ᄒ)(가)(나)(다)(라)(마)(바)(사)(아)(자)(차)(카)(타)(파)(하)(주)(오전" +
+	")(오후)(一)(二)(三)(四)(五)(六)(七)(八)(九)(十)(月)(火)(水)(木)(金)(土)(日)(株)(有)(社)(名)(特)(" +
+	"財)(祝)(労)(代)(呼)(学)(監)(企)(資)(協)(祭)(休)(自)(至)21222324252627282930313233343" +
+	"5참고주의3637383940414243444546474849501月2月3月4月5月6月7月8月9月10月11月12月hgev令和アパート" +
+	"アルファアンペアアールイニングインチウォンエスクードエーカーオンスオームカイリカラットカロリーガロンガンマギガギニーキュリーギルダーキロキロ" +
+	"グラムキロメートルキロワットグラムグラムトンクルゼイロクローネケースコルナコーポサイクルサンチームシリングセンチセントダースデシドルトンナノ" +
+	"ノットハイツパーセントパーツバーレルピアストルピクルピコビルファラッドフィートブッシェルフランヘクタールペソペニヒヘルツペンスページベータポ" +
+	"イントボルトホンポンドホールホーンマイクロマイルマッハマルクマンションミクロンミリミリバールメガメガトンメートルヤードヤールユアンリットルリ" +
+	"ラルピールーブルレムレントゲンワット0点1点2点3点4点5点6点7点8点9点10点11点12点13点14点15点16点17点18点19点20" +
+	"点21点22点23点24点daauovpcdmiu平成昭和大正明治株式会社panamakakbmbgbkcalpfnfmgkghzmldlk" +
+	"lfmnmmmcmkmm2m3m∕sm∕s2rad∕srad∕s2psnsmspvnvmvkvpwnwmwkwbqcccdc∕kgdbgyhah" +
+	"pinkkktlmlnlxphprsrsvwbv∕ma∕m1日2日3日4日5日6日7日8日9日10日11日12日13日14日15日16日17日1" +
+	"8日19日20日21日22日23日24日25日26日27日28日29日30日31日ьɦɬʞʇœʍ𤋮𢡊𢡄𣏕𥉉𥳐𧻓fffiflstմնմեմիվնմ" +
+	"խיִײַעהכלםרתשׁשׂשּׁשּׂאַאָאּבּגּדּהּוּזּטּיּךּכּלּמּנּסּףּפּצּקּרּשּתּו" +
+	"ֹבֿכֿפֿאלٱٻپڀٺٿٹڤڦڄڃچڇڍڌڎڈژڑکگڳڱںڻۀہھےۓڭۇۆۈۋۅۉېىئائەئوئۇئۆئۈئېئىیئجئحئم" +
+	"ئيبجبحبخبمبىبيتجتحتختمتىتيثجثمثىثيجحجمحجحمخجخحخمسجسحسخسمصحصمضجضحضخضمطحط" +
+	"مظمعجعمغجغمفجفحفخفمفىفيقحقمقىقيكاكجكحكخكلكمكىكيلجلحلخلملىليمجمحمخمممىمي" +
+	"نجنحنخنمنىنيهجهمهىهييجيحيخيميىييذٰرٰىٰ ٌّ ٍّ َّ ُّ ِّ ّٰئرئزئنبربزبنترت" +
+	"زتنثرثزثنمانرنزننيريزينئخئهبهتهصخلهنههٰيهثهسهشمشهـَّـُّـِّطىطيعىعيغىغيس" +
+	"ىسيشىشيحىحيجىجيخىخيصىصيضىضيشجشحشخشرسرصرضراًتجمتحجتحمتخمتمجتمحتمخجمححميح" +
+	"مىسحجسجحسجىسمحسمجسممصححصممشحمشجيشمخشممضحىضخمطمحطممطميعجمعممعمىغممغميغمى" +
+	"فخمقمحقمملحملحيلحىلججلخملمحمحجمحممحيمجحمجممخجمخممجخهمجهممنحمنحىنجمنجىنم" +
+	"ينمىيممبخيتجيتجىتخيتخىتميتمىجميجحىجمىسخىصحيشحيضحيلجيلمييحييجييميمميقمين" +
+	"حيعميكمينجحمخيلجمكممجحيحجيمجيفميبحيسخينجيصلےقلےاللهاكبرمحمدصلعمرسولعليه" +
+	"وسلمصلىصلى الله عليه وسلمجل جلالهریال,:!?_{}[]#&*-<>\\$%@ـًـَـُـِـّـْءآ" +
+	"أؤإئابةتثجحخدذرزسشصضطظعغفقكلمنهويلآلألإلا\x22'/^|~¢£¬¦¥𝅗𝅥𝅘𝅥𝅘𝅥𝅮𝅘𝅥𝅯𝅘𝅥𝅰𝅘𝅥𝅱" +
+	"𝅘𝅥𝅲𝆹𝅥𝆺𝅥𝆹𝅥𝅮𝆺𝅥𝅮𝆹𝅥𝅯𝆺𝅥𝅯ıȷαεζηκλμνξοστυψ∇∂ϝٮڡٯ0,1,2,3,4,5,6,7,8,9,(a)(b)(c" +
+	")(d)(e)(f)(g)(h)(i)(j)(k)(l)(m)(n)(o)(p)(q)(r)(s)(t)(u)(v)(w)(x)(y)(z)〔s" +
+	"〕wzhvsdppvwcmcmdmrdjほかココサ手字双デ二多解天交映無料前後再新初終生販声吹演投捕一三遊左中右指走打禁空合満有月申割営配〔" +
+	"本〕〔三〕〔二〕〔安〕〔点〕〔打〕〔盗〕〔勝〕〔敗〕得可丽丸乁你侮侻倂偺備僧像㒞免兔兤具㒹內冗冤仌冬况凵刃㓟刻剆剷㔕勇勉勤勺包匆北卉卑博即卽" +
+	"卿灰及叟叫叱吆咞吸呈周咢哶唐啓啣善喙喫喳嗂圖嘆圗噑噴切壮城埴堍型堲報墬売壷夆夢奢姬娛娧姘婦㛮嬈嬾寃寘寧寳寿将尢㞁屠屮峀岍嵃嵮嵫嵼巡巢㠯巽帨帽" +
+	"幩㡢㡼庰庳庶廊廾舁弢㣇形彫㣣徚忍志忹悁㤺㤜悔惇慈慌慎慺憎憲憤憯懞懲懶成戛扝抱拔捐挽拼捨掃揤搢揅掩㨮摩摾撝摷㩬敏敬旣書晉㬙暑㬈㫤冒冕最暜肭䏙朗" +
+	"望朡杞杓㭉柺枅桒梅梎栟椔㮝楂榣槪檨櫛㰘次歔㱎歲殟殺殻汎沿泍汧洖派海流浩浸涅洴港湮㴳滋滇淹潮濆瀹瀞瀛㶖灊災灷炭煅熜爨爵牐犀犕獺王㺬玥㺸瑇瑜瑱璅" +
+	"瓊㼛甤甾異瘐㿼䀈直眞真睊䀹瞋䁆䂖硎碌磌䃣祖福秫䄯穀穊穏䈂篆築䈧糒䊠糨糣紀絣䌁緇縂繅䌴䍙罺羕翺者聠聰䏕育脃䐋脾媵舄辞䑫芑芋芝劳花芳芽苦若茝荣莭" +
+	"茣莽菧著荓菊菌菜䔫蓱蓳蔖蕤䕝䕡䕫虐虜虧虩蚩蚈蜎蛢蝹蜨蝫螆蟡蠁䗹衠衣裗裞䘵裺㒻䚾䛇誠諭變豕貫賁贛起跋趼跰軔輸邔郱鄑鄛鈸鋗鋘鉼鏹鐕開䦕閷䧦雃嶲霣" +
+	"䩮䩶韠䪲頋頩飢䬳餩馧駂駾䯎鬒鱀鳽䳎䳭鵧䳸麻䵖黹黾鼅鼏鼖鼻"
+
+var mappingIndex = []uint16{ // 1650 elements
+	// Entry 0 - 3F
+	0x0000, 0x0000, 0x0001, 0x0004, 0x0005, 0x0008, 0x0009, 0x000a,
+	0x000d, 0x0010, 0x0011, 0x0012, 0x0017, 0x001c, 0x0021, 0x0024,
+	0x0027, 0x002a, 0x002b, 0x002e, 0x0031, 0x0034, 0x0035, 0x0036,
+	0x0037, 0x0038, 0x0039, 0x003c, 0x003f, 0x0042, 0x0045, 0x0048,
+	0x004b, 0x004c, 0x004d, 0x0051, 0x0054, 0x0055, 0x005a, 0x005e,
+	0x0062, 0x0066, 0x006a, 0x006e, 0x0074, 0x007a, 0x0080, 0x0086,
+	0x008c, 0x0092, 0x0098, 0x009e, 0x00a4, 0x00aa, 0x00b0, 0x00b6,
+	0x00bc, 0x00c2, 0x00c8, 0x00ce, 0x00d4, 0x00da, 0x00e0, 0x00e6,
+	// Entry 40 - 7F
+	0x00ec, 0x00f2, 0x00f8, 0x00fe, 0x0104, 0x010a, 0x0110, 0x0116,
+	0x011c, 0x0122, 0x0128, 0x012e, 0x0137, 0x013d, 0x0146, 0x014c,
+	0x0152, 0x0158, 0x015e, 0x0164, 0x016a, 0x0170, 0x0172, 0x0174,
+	0x0176, 0x0178, 0x017a, 0x017c, 0x017e, 0x0180, 0x0181, 0x0182,
+	0x0183, 0x0185, 0x0186, 0x0187, 0x0188, 0x0189, 0x018a, 0x018c,
+	0x018d, 0x018e, 0x018f, 0x0191, 0x0193, 0x0195, 0x0197, 0x0199,
+	0x019b, 0x019d, 0x019f, 0x01a0, 0x01a2, 0x01a4, 0x01a6, 0x01a8,
+	0x01aa, 0x01ac, 0x01ae, 0x01b0, 0x01b1, 0x01b3, 0x01b5, 0x01b6,
+	// Entry 80 - BF
+	0x01b8, 0x01ba, 0x01bc, 0x01be, 0x01c0, 0x01c2, 0x01c4, 0x01c6,
+	0x01c8, 0x01ca, 0x01cc, 0x01ce, 0x01d0, 0x01d2, 0x01d4, 0x01d6,
+	0x01d8, 0x01da, 0x01dc, 0x01de, 0x01e0, 0x01e2, 0x01e4, 0x01e5,
+	0x01e7, 0x01e9, 0x01eb, 0x01ed, 0x01ef, 0x01f1, 0x01f3, 0x01f5,
+	0x01f7, 0x01f9, 0x01fb, 0x01fd, 0x0202, 0x0207, 0x020c, 0x0211,
+	0x0216, 0x021b, 0x0220, 0x0225, 0x022a, 0x022f, 0x0234, 0x0239,
+	0x023e, 0x0243, 0x0248, 0x024d, 0x0252, 0x0257, 0x025c, 0x0261,
+	0x0266, 0x026b, 0x0270, 0x0275, 0x027a, 0x027e, 0x0282, 0x0287,
+	// Entry C0 - FF
+	0x0289, 0x028e, 0x0293, 0x0297, 0x029b, 0x02a0, 0x02a5, 0x02aa,
+	0x02af, 0x02b1, 0x02b6, 0x02bb, 0x02c0, 0x02c2, 0x02c7, 0x02c8,
+	0x02cd, 0x02d1, 0x02d5, 0x02da, 0x02e0, 0x02e9, 0x02ef, 0x02f8,
+	0x02fa, 0x02fc, 0x02fe, 0x0300, 0x030c, 0x030d, 0x030e, 0x030f,
+	0x0310, 0x0311, 0x0312, 0x0313, 0x0314, 0x0315, 0x0316, 0x0317,
+	0x0319, 0x031b, 0x031d, 0x031e, 0x0320, 0x0322, 0x0324, 0x0326,
+	0x0328, 0x032a, 0x032c, 0x032e, 0x0330, 0x0335, 0x033a, 0x0340,
+	0x0345, 0x034a, 0x034f, 0x0354, 0x0359, 0x035e, 0x0363, 0x0368,
+	// Entry 100 - 13F
+	0x036d, 0x0372, 0x0377, 0x037c, 0x0380, 0x0382, 0x0384, 0x0386,
+	0x038a, 0x038c, 0x038e, 0x0393, 0x0399, 0x03a2, 0x03a8, 0x03b1,
+	0x03b3, 0x03b5, 0x03b7, 0x03b9, 0x03bb, 0x03bd, 0x03bf, 0x03c1,
+	0x03c3, 0x03c5, 0x03c7, 0x03cb, 0x03cf, 0x03d3, 0x03d7, 0x03db,
+	0x03df, 0x03e3, 0x03e7, 0x03eb, 0x03ef, 0x03f3, 0x03ff, 0x0401,
+	0x0406, 0x0408, 0x040a, 0x040c, 0x040e, 0x040f, 0x0413, 0x0417,
+	0x041d, 0x0423, 0x0428, 0x042d, 0x0432, 0x0437, 0x043c, 0x0441,
+	0x0446, 0x044b, 0x0450, 0x0455, 0x045a, 0x045f, 0x0464, 0x0469,
+	// Entry 140 - 17F
+	0x046e, 0x0473, 0x0478, 0x047d, 0x0482, 0x0487, 0x048c, 0x0491,
+	0x0496, 0x049b, 0x04a0, 0x04a5, 0x04aa, 0x04af, 0x04b4, 0x04bc,
+	0x04c4, 0x04c9, 0x04ce, 0x04d3, 0x04d8, 0x04dd, 0x04e2, 0x04e7,
+	0x04ec, 0x04f1, 0x04f6, 0x04fb, 0x0500, 0x0505, 0x050a, 0x050f,
+	0x0514, 0x0519, 0x051e, 0x0523, 0x0528, 0x052d, 0x0532, 0x0537,
+	0x053c, 0x0541, 0x0546, 0x054b, 0x0550, 0x0555, 0x055a, 0x055f,
+	0x0564, 0x0569, 0x056e, 0x0573, 0x0578, 0x057a, 0x057c, 0x057e,
+	0x0580, 0x0582, 0x0584, 0x0586, 0x0588, 0x058a, 0x058c, 0x058e,
+	// Entry 180 - 1BF
+	0x0590, 0x0592, 0x0594, 0x0596, 0x059c, 0x05a2, 0x05a4, 0x05a6,
+	0x05a8, 0x05aa, 0x05ac, 0x05ae, 0x05b0, 0x05b2, 0x05b4, 0x05b6,
+	0x05b8, 0x05ba, 0x05bc, 0x05be, 0x05c0, 0x05c4, 0x05c8, 0x05cc,
+	0x05d0, 0x05d4, 0x05d8, 0x05dc, 0x05e0, 0x05e4, 0x05e9, 0x05ee,
+	0x05f3, 0x05f5, 0x05f7, 0x05fd, 0x0609, 0x0615, 0x0621, 0x062a,
+	0x0636, 0x063f, 0x0648, 0x0657, 0x0663, 0x066c, 0x0675, 0x067e,
+	0x068a, 0x0696, 0x069f, 0x06a8, 0x06ae, 0x06b7, 0x06c3, 0x06cf,
+	0x06d5, 0x06e4, 0x06f6, 0x0705, 0x070e, 0x071d, 0x072c, 0x0738,
+	// Entry 1C0 - 1FF
+	0x0741, 0x074a, 0x0753, 0x075f, 0x076e, 0x077a, 0x0783, 0x078c,
+	0x0795, 0x079b, 0x07a1, 0x07a7, 0x07ad, 0x07b6, 0x07bf, 0x07ce,
+	0x07d7, 0x07e3, 0x07f2, 0x07fb, 0x0801, 0x0807, 0x0816, 0x0822,
+	0x0831, 0x083a, 0x0849, 0x084f, 0x0858, 0x0861, 0x086a, 0x0873,
+	0x087c, 0x0888, 0x0891, 0x0897, 0x08a0, 0x08a9, 0x08b2, 0x08be,
+	0x08c7, 0x08d0, 0x08d9, 0x08e8, 0x08f4, 0x08fa, 0x0909, 0x090f,
+	0x091b, 0x0927, 0x0930, 0x0939, 0x0942, 0x094e, 0x0954, 0x095d,
+	0x0969, 0x096f, 0x097e, 0x0987, 0x098b, 0x098f, 0x0993, 0x0997,
+	// Entry 200 - 23F
+	0x099b, 0x099f, 0x09a3, 0x09a7, 0x09ab, 0x09af, 0x09b4, 0x09b9,
+	0x09be, 0x09c3, 0x09c8, 0x09cd, 0x09d2, 0x09d7, 0x09dc, 0x09e1,
+	0x09e6, 0x09eb, 0x09f0, 0x09f5, 0x09fa, 0x09fc, 0x09fe, 0x0a00,
+	0x0a02, 0x0a04, 0x0a06, 0x0a0c, 0x0a12, 0x0a18, 0x0a1e, 0x0a2a,
+	0x0a2c, 0x0a2e, 0x0a30, 0x0a32, 0x0a34, 0x0a36, 0x0a38, 0x0a3c,
+	0x0a3e, 0x0a40, 0x0a42, 0x0a44, 0x0a46, 0x0a48, 0x0a4a, 0x0a4c,
+	0x0a4e, 0x0a50, 0x0a52, 0x0a54, 0x0a56, 0x0a58, 0x0a5a, 0x0a5f,
+	0x0a65, 0x0a6c, 0x0a74, 0x0a76, 0x0a78, 0x0a7a, 0x0a7c, 0x0a7e,
+	// Entry 240 - 27F
+	0x0a80, 0x0a82, 0x0a84, 0x0a86, 0x0a88, 0x0a8a, 0x0a8c, 0x0a8e,
+	0x0a90, 0x0a96, 0x0a98, 0x0a9a, 0x0a9c, 0x0a9e, 0x0aa0, 0x0aa2,
+	0x0aa4, 0x0aa6, 0x0aa8, 0x0aaa, 0x0aac, 0x0aae, 0x0ab0, 0x0ab2,
+	0x0ab4, 0x0ab9, 0x0abe, 0x0ac2, 0x0ac6, 0x0aca, 0x0ace, 0x0ad2,
+	0x0ad6, 0x0ada, 0x0ade, 0x0ae2, 0x0ae7, 0x0aec, 0x0af1, 0x0af6,
+	0x0afb, 0x0b00, 0x0b05, 0x0b0a, 0x0b0f, 0x0b14, 0x0b19, 0x0b1e,
+	0x0b23, 0x0b28, 0x0b2d, 0x0b32, 0x0b37, 0x0b3c, 0x0b41, 0x0b46,
+	0x0b4b, 0x0b50, 0x0b52, 0x0b54, 0x0b56, 0x0b58, 0x0b5a, 0x0b5c,
+	// Entry 280 - 2BF
+	0x0b5e, 0x0b62, 0x0b66, 0x0b6a, 0x0b6e, 0x0b72, 0x0b76, 0x0b7a,
+	0x0b7c, 0x0b7e, 0x0b80, 0x0b82, 0x0b86, 0x0b8a, 0x0b8e, 0x0b92,
+	0x0b96, 0x0b9a, 0x0b9e, 0x0ba0, 0x0ba2, 0x0ba4, 0x0ba6, 0x0ba8,
+	0x0baa, 0x0bac, 0x0bb0, 0x0bb4, 0x0bba, 0x0bc0, 0x0bc4, 0x0bc8,
+	0x0bcc, 0x0bd0, 0x0bd4, 0x0bd8, 0x0bdc, 0x0be0, 0x0be4, 0x0be8,
+	0x0bec, 0x0bf0, 0x0bf4, 0x0bf8, 0x0bfc, 0x0c00, 0x0c04, 0x0c08,
+	0x0c0c, 0x0c10, 0x0c14, 0x0c18, 0x0c1c, 0x0c20, 0x0c24, 0x0c28,
+	0x0c2c, 0x0c30, 0x0c34, 0x0c36, 0x0c38, 0x0c3a, 0x0c3c, 0x0c3e,
+	// Entry 2C0 - 2FF
+	0x0c40, 0x0c42, 0x0c44, 0x0c46, 0x0c48, 0x0c4a, 0x0c4c, 0x0c4e,
+	0x0c50, 0x0c52, 0x0c54, 0x0c56, 0x0c58, 0x0c5a, 0x0c5c, 0x0c5e,
+	0x0c60, 0x0c62, 0x0c64, 0x0c66, 0x0c68, 0x0c6a, 0x0c6c, 0x0c6e,
+	0x0c70, 0x0c72, 0x0c74, 0x0c76, 0x0c78, 0x0c7a, 0x0c7c, 0x0c7e,
+	0x0c80, 0x0c82, 0x0c86, 0x0c8a, 0x0c8e, 0x0c92, 0x0c96, 0x0c9a,
+	0x0c9e, 0x0ca2, 0x0ca4, 0x0ca8, 0x0cac, 0x0cb0, 0x0cb4, 0x0cb8,
+	0x0cbc, 0x0cc0, 0x0cc4, 0x0cc8, 0x0ccc, 0x0cd0, 0x0cd4, 0x0cd8,
+	0x0cdc, 0x0ce0, 0x0ce4, 0x0ce8, 0x0cec, 0x0cf0, 0x0cf4, 0x0cf8,
+	// Entry 300 - 33F
+	0x0cfc, 0x0d00, 0x0d04, 0x0d08, 0x0d0c, 0x0d10, 0x0d14, 0x0d18,
+	0x0d1c, 0x0d20, 0x0d24, 0x0d28, 0x0d2c, 0x0d30, 0x0d34, 0x0d38,
+	0x0d3c, 0x0d40, 0x0d44, 0x0d48, 0x0d4c, 0x0d50, 0x0d54, 0x0d58,
+	0x0d5c, 0x0d60, 0x0d64, 0x0d68, 0x0d6c, 0x0d70, 0x0d74, 0x0d78,
+	0x0d7c, 0x0d80, 0x0d84, 0x0d88, 0x0d8c, 0x0d90, 0x0d94, 0x0d98,
+	0x0d9c, 0x0da0, 0x0da4, 0x0da8, 0x0dac, 0x0db0, 0x0db4, 0x0db8,
+	0x0dbc, 0x0dc0, 0x0dc4, 0x0dc8, 0x0dcc, 0x0dd0, 0x0dd4, 0x0dd8,
+	0x0ddc, 0x0de0, 0x0de4, 0x0de8, 0x0dec, 0x0df0, 0x0df4, 0x0df8,
+	// Entry 340 - 37F
+	0x0dfc, 0x0e00, 0x0e04, 0x0e08, 0x0e0c, 0x0e10, 0x0e14, 0x0e18,
+	0x0e1d, 0x0e22, 0x0e27, 0x0e2c, 0x0e31, 0x0e36, 0x0e3a, 0x0e3e,
+	0x0e42, 0x0e46, 0x0e4a, 0x0e4e, 0x0e52, 0x0e56, 0x0e5a, 0x0e5e,
+	0x0e62, 0x0e66, 0x0e6a, 0x0e6e, 0x0e72, 0x0e76, 0x0e7a, 0x0e7e,
+	0x0e82, 0x0e86, 0x0e8a, 0x0e8e, 0x0e92, 0x0e96, 0x0e9a, 0x0e9e,
+	0x0ea2, 0x0ea6, 0x0eaa, 0x0eae, 0x0eb2, 0x0eb6, 0x0ebc, 0x0ec2,
+	0x0ec8, 0x0ecc, 0x0ed0, 0x0ed4, 0x0ed8, 0x0edc, 0x0ee0, 0x0ee4,
+	0x0ee8, 0x0eec, 0x0ef0, 0x0ef4, 0x0ef8, 0x0efc, 0x0f00, 0x0f04,
+	// Entry 380 - 3BF
+	0x0f08, 0x0f0c, 0x0f10, 0x0f14, 0x0f18, 0x0f1c, 0x0f20, 0x0f24,
+	0x0f28, 0x0f2c, 0x0f30, 0x0f34, 0x0f38, 0x0f3e, 0x0f44, 0x0f4a,
+	0x0f50, 0x0f56, 0x0f5c, 0x0f62, 0x0f68, 0x0f6e, 0x0f74, 0x0f7a,
+	0x0f80, 0x0f86, 0x0f8c, 0x0f92, 0x0f98, 0x0f9e, 0x0fa4, 0x0faa,
+	0x0fb0, 0x0fb6, 0x0fbc, 0x0fc2, 0x0fc8, 0x0fce, 0x0fd4, 0x0fda,
+	0x0fe0, 0x0fe6, 0x0fec, 0x0ff2, 0x0ff8, 0x0ffe, 0x1004, 0x100a,
+	0x1010, 0x1016, 0x101c, 0x1022, 0x1028, 0x102e, 0x1034, 0x103a,
+	0x1040, 0x1046, 0x104c, 0x1052, 0x1058, 0x105e, 0x1064, 0x106a,
+	// Entry 3C0 - 3FF
+	0x1070, 0x1076, 0x107c, 0x1082, 0x1088, 0x108e, 0x1094, 0x109a,
+	0x10a0, 0x10a6, 0x10ac, 0x10b2, 0x10b8, 0x10be, 0x10c4, 0x10ca,
+	0x10d0, 0x10d6, 0x10dc, 0x10e2, 0x10e8, 0x10ee, 0x10f4, 0x10fa,
+	0x1100, 0x1106, 0x110c, 0x1112, 0x1118, 0x111e, 0x1124, 0x112a,
+	0x1130, 0x1136, 0x113c, 0x1142, 0x1148, 0x114e, 0x1154, 0x115a,
+	0x1160, 0x1166, 0x116c, 0x1172, 0x1178, 0x1180, 0x1188, 0x1190,
+	0x1198, 0x11a0, 0x11a8, 0x11b0, 0x11b6, 0x11d7, 0x11e6, 0x11ee,
+	0x11ef, 0x11f0, 0x11f1, 0x11f2, 0x11f3, 0x11f4, 0x11f5, 0x11f6,
+	// Entry 400 - 43F
+	0x11f7, 0x11f8, 0x11f9, 0x11fa, 0x11fb, 0x11fc, 0x11fd, 0x11fe,
+	0x11ff, 0x1200, 0x1201, 0x1205, 0x1209, 0x120d, 0x1211, 0x1215,
+	0x1219, 0x121b, 0x121d, 0x121f, 0x1221, 0x1223, 0x1225, 0x1227,
+	0x1229, 0x122b, 0x122d, 0x122f, 0x1231, 0x1233, 0x1235, 0x1237,
+	0x1239, 0x123b, 0x123d, 0x123f, 0x1241, 0x1243, 0x1245, 0x1247,
+	0x1249, 0x124b, 0x124d, 0x124f, 0x1251, 0x1253, 0x1255, 0x1257,
+	0x1259, 0x125b, 0x125d, 0x125f, 0x1263, 0x1267, 0x126b, 0x126f,
+	0x1270, 0x1271, 0x1272, 0x1273, 0x1274, 0x1275, 0x1277, 0x1279,
+	// Entry 440 - 47F
+	0x127b, 0x127d, 0x127f, 0x1287, 0x128f, 0x129b, 0x12a7, 0x12b3,
+	0x12bf, 0x12cb, 0x12d3, 0x12db, 0x12e7, 0x12f3, 0x12ff, 0x130b,
+	0x130d, 0x130f, 0x1311, 0x1313, 0x1315, 0x1317, 0x1319, 0x131b,
+	0x131d, 0x131f, 0x1321, 0x1323, 0x1325, 0x1327, 0x1329, 0x132b,
+	0x132e, 0x1331, 0x1333, 0x1335, 0x1337, 0x1339, 0x133b, 0x133d,
+	0x133f, 0x1341, 0x1343, 0x1345, 0x1347, 0x1349, 0x134b, 0x134d,
+	0x1350, 0x1353, 0x1356, 0x1359, 0x135c, 0x135f, 0x1362, 0x1365,
+	0x1368, 0x136b, 0x136e, 0x1371, 0x1374, 0x1377, 0x137a, 0x137d,
+	// Entry 480 - 4BF
+	0x1380, 0x1383, 0x1386, 0x1389, 0x138c, 0x138f, 0x1392, 0x1395,
+	0x1398, 0x139b, 0x13a2, 0x13a4, 0x13a6, 0x13a8, 0x13ab, 0x13ad,
+	0x13af, 0x13b1, 0x13b3, 0x13b5, 0x13bb, 0x13c1, 0x13c4, 0x13c7,
+	0x13ca, 0x13cd, 0x13d0, 0x13d3, 0x13d6, 0x13d9, 0x13dc, 0x13df,
+	0x13e2, 0x13e5, 0x13e8, 0x13eb, 0x13ee, 0x13f1, 0x13f4, 0x13f7,
+	0x13fa, 0x13fd, 0x1400, 0x1403, 0x1406, 0x1409, 0x140c, 0x140f,
+	0x1412, 0x1415, 0x1418, 0x141b, 0x141e, 0x1421, 0x1424, 0x1427,
+	0x142a, 0x142d, 0x1430, 0x1433, 0x1436, 0x1439, 0x143c, 0x143f,
+	// Entry 4C0 - 4FF
+	0x1442, 0x1445, 0x1448, 0x1451, 0x145a, 0x1463, 0x146c, 0x1475,
+	0x147e, 0x1487, 0x1490, 0x1499, 0x149c, 0x149f, 0x14a2, 0x14a5,
+	0x14a8, 0x14ab, 0x14ae, 0x14b1, 0x14b4, 0x14b7, 0x14ba, 0x14bd,
+	0x14c0, 0x14c3, 0x14c6, 0x14c9, 0x14cc, 0x14cf, 0x14d2, 0x14d5,
+	0x14d8, 0x14db, 0x14de, 0x14e1, 0x14e4, 0x14e7, 0x14ea, 0x14ed,
+	0x14f0, 0x14f3, 0x14f6, 0x14f9, 0x14fc, 0x14ff, 0x1502, 0x1505,
+	0x1508, 0x150b, 0x150e, 0x1511, 0x1514, 0x1517, 0x151a, 0x151d,
+	0x1520, 0x1523, 0x1526, 0x1529, 0x152c, 0x152f, 0x1532, 0x1535,
+	// Entry 500 - 53F
+	0x1538, 0x153b, 0x153e, 0x1541, 0x1544, 0x1547, 0x154a, 0x154d,
+	0x1550, 0x1553, 0x1556, 0x1559, 0x155c, 0x155f, 0x1562, 0x1565,
+	0x1568, 0x156b, 0x156e, 0x1571, 0x1574, 0x1577, 0x157a, 0x157d,
+	0x1580, 0x1583, 0x1586, 0x1589, 0x158c, 0x158f, 0x1592, 0x1595,
+	0x1598, 0x159b, 0x159e, 0x15a1, 0x15a4, 0x15a7, 0x15aa, 0x15ad,
+	0x15b0, 0x15b3, 0x15b6, 0x15b9, 0x15bc, 0x15bf, 0x15c2, 0x15c5,
+	0x15c8, 0x15cb, 0x15ce, 0x15d1, 0x15d4, 0x15d7, 0x15da, 0x15dd,
+	0x15e0, 0x15e3, 0x15e6, 0x15e9, 0x15ec, 0x15ef, 0x15f2, 0x15f5,
+	// Entry 540 - 57F
+	0x15f8, 0x15fb, 0x15fe, 0x1601, 0x1604, 0x1607, 0x160a, 0x160d,
+	0x1610, 0x1613, 0x1616, 0x1619, 0x161c, 0x161f, 0x1622, 0x1625,
+	0x1628, 0x162b, 0x162e, 0x1631, 0x1634, 0x1637, 0x163a, 0x163d,
+	0x1640, 0x1643, 0x1646, 0x1649, 0x164c, 0x164f, 0x1652, 0x1655,
+	0x1658, 0x165b, 0x165e, 0x1661, 0x1664, 0x1667, 0x166a, 0x166d,
+	0x1670, 0x1673, 0x1676, 0x1679, 0x167c, 0x167f, 0x1682, 0x1685,
+	0x1688, 0x168b, 0x168e, 0x1691, 0x1694, 0x1697, 0x169a, 0x169d,
+	0x16a0, 0x16a3, 0x16a6, 0x16a9, 0x16ac, 0x16af, 0x16b2, 0x16b5,
+	// Entry 580 - 5BF
+	0x16b8, 0x16bb, 0x16be, 0x16c1, 0x16c4, 0x16c7, 0x16ca, 0x16cd,
+	0x16d0, 0x16d3, 0x16d6, 0x16d9, 0x16dc, 0x16df, 0x16e2, 0x16e5,
+	0x16e8, 0x16eb, 0x16ee, 0x16f1, 0x16f4, 0x16f7, 0x16fa, 0x16fd,
+	0x1700, 0x1703, 0x1706, 0x1709, 0x170c, 0x170f, 0x1712, 0x1715,
+	0x1718, 0x171b, 0x171e, 0x1721, 0x1724, 0x1727, 0x172a, 0x172d,
+	0x1730, 0x1733, 0x1736, 0x1739, 0x173c, 0x173f, 0x1742, 0x1745,
+	0x1748, 0x174b, 0x174e, 0x1751, 0x1754, 0x1757, 0x175a, 0x175d,
+	0x1760, 0x1763, 0x1766, 0x1769, 0x176c, 0x176f, 0x1772, 0x1775,
+	// Entry 5C0 - 5FF
+	0x1778, 0x177b, 0x177e, 0x1781, 0x1784, 0x1787, 0x178a, 0x178d,
+	0x1790, 0x1793, 0x1796, 0x1799, 0x179c, 0x179f, 0x17a2, 0x17a5,
+	0x17a8, 0x17ab, 0x17ae, 0x17b1, 0x17b4, 0x17b7, 0x17ba, 0x17bd,
+	0x17c0, 0x17c3, 0x17c6, 0x17c9, 0x17cc, 0x17cf, 0x17d2, 0x17d5,
+	0x17d8, 0x17db, 0x17de, 0x17e1, 0x17e4, 0x17e7, 0x17ea, 0x17ed,
+	0x17f0, 0x17f3, 0x17f6, 0x17f9, 0x17fc, 0x17ff, 0x1802, 0x1805,
+	0x1808, 0x180b, 0x180e, 0x1811, 0x1814, 0x1817, 0x181a, 0x181d,
+	0x1820, 0x1823, 0x1826, 0x1829, 0x182c, 0x182f, 0x1832, 0x1835,
+	// Entry 600 - 63F
+	0x1838, 0x183b, 0x183e, 0x1841, 0x1844, 0x1847, 0x184a, 0x184d,
+	0x1850, 0x1853, 0x1856, 0x1859, 0x185c, 0x185f, 0x1862, 0x1865,
+	0x1868, 0x186b, 0x186e, 0x1871, 0x1874, 0x1877, 0x187a, 0x187d,
+	0x1880, 0x1883, 0x1886, 0x1889, 0x188c, 0x188f, 0x1892, 0x1895,
+	0x1898, 0x189b, 0x189e, 0x18a1, 0x18a4, 0x18a7, 0x18aa, 0x18ad,
+	0x18b0, 0x18b3, 0x18b6, 0x18b9, 0x18bc, 0x18bf, 0x18c2, 0x18c5,
+	0x18c8, 0x18cb, 0x18ce, 0x18d1, 0x18d4, 0x18d7, 0x18da, 0x18dd,
+	0x18e0, 0x18e3, 0x18e6, 0x18e9, 0x18ec, 0x18ef, 0x18f2, 0x18f5,
+	// Entry 640 - 67F
+	0x18f8, 0x18fb, 0x18fe, 0x1901, 0x1904, 0x1907, 0x190a, 0x190d,
+	0x1910, 0x1913, 0x1916, 0x1919, 0x191c, 0x191f, 0x1922, 0x1925,
+	0x1928, 0x192b, 0x192e, 0x1931, 0x1934, 0x1937, 0x193a, 0x193d,
+	0x1940, 0x1943, 0x1946, 0x1949, 0x194c, 0x194f, 0x1952, 0x1955,
+	0x1958, 0x195b, 0x195e, 0x1961, 0x1964, 0x1967, 0x196a, 0x196d,
+	0x1970, 0x1973, 0x1976, 0x1979, 0x197c, 0x197f, 0x1982, 0x1985,
+	0x1988, 0x198b,
+} // Size: 3324 bytes
 
 var xorData string = "" + // Size: 4862 bytes
 	"\x02\x0c\x09\x02\xb0\xec\x02\xad\xd8\x02\xad\xd9\x02\x06\x07\x02\x0f\x12" +
@@ -547,7 +690,7 @@ func (t *idnaTrie) lookupStringUnsafe(s string) uint16 {
 	return 0
 }
 
-// idnaTrie. Total size: 30288 bytes (29.58 KiB). Checksum: c0cd84404a2f6f19.
+// idnaTrie. Total size: 30196 bytes (29.49 KiB). Checksum: e2ae95a945f04016.
 type idnaTrie struct{}
 
 func newIdnaTrie(i int) *idnaTrie {
@@ -600,11 +743,11 @@ var idnaValues = [8192]uint16{
 	0xd2: 0x0040, 0xd3: 0x0040, 0xd4: 0x0040, 0xd5: 0x0040, 0xd6: 0x0040, 0xd7: 0x0040,
 	0xd8: 0x0040, 0xd9: 0x0040, 0xda: 0x0040, 0xdb: 0x0040, 0xdc: 0x0040, 0xdd: 0x0040,
 	0xde: 0x0040, 0xdf: 0x0040, 0xe0: 0x000a, 0xe1: 0x0018, 0xe2: 0x0018, 0xe3: 0x0018,
-	0xe4: 0x0018, 0xe5: 0x0018, 0xe6: 0x0018, 0xe7: 0x0018, 0xe8: 0x001a, 0xe9: 0x0018,
-	0xea: 0x0039, 0xeb: 0x0018, 0xec: 0x0018, 0xed: 0x03c0, 0xee: 0x0018, 0xef: 0x004a,
-	0xf0: 0x0018, 0xf1: 0x0018, 0xf2: 0x0069, 0xf3: 0x0079, 0xf4: 0x008a, 0xf5: 0x0005,
-	0xf6: 0x0018, 0xf7: 0x0008, 0xf8: 0x00aa, 0xf9: 0x00c9, 0xfa: 0x00d9, 0xfb: 0x0018,
-	0xfc: 0x00e9, 0xfd: 0x0119, 0xfe: 0x0149, 0xff: 0x0018,
+	0xe4: 0x0018, 0xe5: 0x0018, 0xe6: 0x0018, 0xe7: 0x0018, 0xe8: 0x0012, 0xe9: 0x0018,
+	0xea: 0x0019, 0xeb: 0x0018, 0xec: 0x0018, 0xed: 0x03c0, 0xee: 0x0018, 0xef: 0x0022,
+	0xf0: 0x0018, 0xf1: 0x0018, 0xf2: 0x0029, 0xf3: 0x0031, 0xf4: 0x003a, 0xf5: 0x0005,
+	0xf6: 0x0018, 0xf7: 0x0008, 0xf8: 0x0042, 0xf9: 0x0049, 0xfa: 0x0051, 0xfb: 0x0018,
+	0xfc: 0x0059, 0xfd: 0x0061, 0xfe: 0x0069, 0xff: 0x0018,
 	// Block 0x4, offset 0x100
 	0x100: 0xe00d, 0x101: 0x0008, 0x102: 0xe00d, 0x103: 0x0008, 0x104: 0xe00d, 0x105: 0x0008,
 	0x106: 0xe00d, 0x107: 0x0008, 0x108: 0xe00d, 0x109: 0x0008, 0x10a: 0xe00d, 0x10b: 0x0008,
@@ -614,12 +757,12 @@ var idnaValues = [8192]uint16{
 	0x11e: 0xe00d, 0x11f: 0x0008, 0x120: 0xe00d, 0x121: 0x0008, 0x122: 0xe00d, 0x123: 0x0008,
 	0x124: 0xe00d, 0x125: 0x0008, 0x126: 0xe00d, 0x127: 0x0008, 0x128: 0xe00d, 0x129: 0x0008,
 	0x12a: 0xe00d, 0x12b: 0x0008, 0x12c: 0xe00d, 0x12d: 0x0008, 0x12e: 0xe00d, 0x12f: 0x0008,
-	0x130: 0x0179, 0x131: 0x0008, 0x132: 0x0035, 0x133: 0x004d, 0x134: 0xe00d, 0x135: 0x0008,
+	0x130: 0x0071, 0x131: 0x0008, 0x132: 0x0035, 0x133: 0x004d, 0x134: 0xe00d, 0x135: 0x0008,
 	0x136: 0xe00d, 0x137: 0x0008, 0x138: 0x0008, 0x139: 0xe01d, 0x13a: 0x0008, 0x13b: 0xe03d,
-	0x13c: 0x0008, 0x13d: 0xe01d, 0x13e: 0x0008, 0x13f: 0x0199,
+	0x13c: 0x0008, 0x13d: 0xe01d, 0x13e: 0x0008, 0x13f: 0x0079,
 	// Block 0x5, offset 0x140
-	0x140: 0x0199, 0x141: 0xe01d, 0x142: 0x0008, 0x143: 0xe03d, 0x144: 0x0008, 0x145: 0xe01d,
-	0x146: 0x0008, 0x147: 0xe07d, 0x148: 0x0008, 0x149: 0x01b9, 0x14a: 0xe00d, 0x14b: 0x0008,
+	0x140: 0x0079, 0x141: 0xe01d, 0x142: 0x0008, 0x143: 0xe03d, 0x144: 0x0008, 0x145: 0xe01d,
+	0x146: 0x0008, 0x147: 0xe07d, 0x148: 0x0008, 0x149: 0x0081, 0x14a: 0xe00d, 0x14b: 0x0008,
 	0x14c: 0xe00d, 0x14d: 0x0008, 0x14e: 0xe00d, 0x14f: 0x0008, 0x150: 0xe00d, 0x151: 0x0008,
 	0x152: 0xe00d, 0x153: 0x0008, 0x154: 0xe00d, 0x155: 0x0008, 0x156: 0xe00d, 0x157: 0x0008,
 	0x158: 0xe00d, 0x159: 0x0008, 0x15a: 0xe00d, 0x15b: 0x0008, 0x15c: 0xe00d, 0x15d: 0x0008,
@@ -628,7 +771,7 @@ var idnaValues = [8192]uint16{
 	0x16a: 0xe00d, 0x16b: 0x0008, 0x16c: 0xe00d, 0x16d: 0x0008, 0x16e: 0xe00d, 0x16f: 0x0008,
 	0x170: 0xe00d, 0x171: 0x0008, 0x172: 0xe00d, 0x173: 0x0008, 0x174: 0xe00d, 0x175: 0x0008,
 	0x176: 0xe00d, 0x177: 0x0008, 0x178: 0x0065, 0x179: 0xe01d, 0x17a: 0x0008, 0x17b: 0xe03d,
-	0x17c: 0x0008, 0x17d: 0xe01d, 0x17e: 0x0008, 0x17f: 0x01d9,
+	0x17c: 0x0008, 0x17d: 0xe01d, 0x17e: 0x0008, 0x17f: 0x0089,
 	// Block 0x6, offset 0x180
 	0x180: 0x0008, 0x181: 0x007d, 0x182: 0xe00d, 0x183: 0x0008, 0x184: 0xe00d, 0x185: 0x0008,
 	0x186: 0x007d, 0x187: 0xe07d, 0x188: 0x0008, 0x189: 0x0095, 0x18a: 0x00ad, 0x18b: 0xe03d,
@@ -642,8 +785,8 @@ var idnaValues = [8192]uint16{
 	0x1b6: 0x0008, 0x1b7: 0x01e5, 0x1b8: 0xe00d, 0x1b9: 0x0008, 0x1ba: 0x0008, 0x1bb: 0x0008,
 	0x1bc: 0xe00d, 0x1bd: 0x0008, 0x1be: 0x0008, 0x1bf: 0x0008,
 	// Block 0x7, offset 0x1c0
-	0x1c0: 0x0008, 0x1c1: 0x0008, 0x1c2: 0x0008, 0x1c3: 0x0008, 0x1c4: 0x01e9, 0x1c5: 0x01e9,
-	0x1c6: 0x01e9, 0x1c7: 0x01fd, 0x1c8: 0x0215, 0x1c9: 0x022d, 0x1ca: 0x0245, 0x1cb: 0x025d,
+	0x1c0: 0x0008, 0x1c1: 0x0008, 0x1c2: 0x0008, 0x1c3: 0x0008, 0x1c4: 0x0091, 0x1c5: 0x0091,
+	0x1c6: 0x0091, 0x1c7: 0x01fd, 0x1c8: 0x0215, 0x1c9: 0x022d, 0x1ca: 0x0245, 0x1cb: 0x025d,
 	0x1cc: 0x0275, 0x1cd: 0xe01d, 0x1ce: 0x0008, 0x1cf: 0xe0fd, 0x1d0: 0x0008, 0x1d1: 0xe01d,
 	0x1d2: 0x0008, 0x1d3: 0xe03d, 0x1d4: 0x0008, 0x1d5: 0xe01d, 0x1d6: 0x0008, 0x1d7: 0xe07d,
 	0x1d8: 0x0008, 0x1d9: 0xe01d, 0x1da: 0x0008, 0x1db: 0xe03d, 0x1dc: 0x0008, 0x1dd: 0x0008,
@@ -663,22 +806,22 @@ var idnaValues = [8192]uint16{
 	0x224: 0xe00d, 0x225: 0x0008, 0x226: 0xe00d, 0x227: 0x0008, 0x228: 0xe00d, 0x229: 0x0008,
 	0x22a: 0xe00d, 0x22b: 0x0008, 0x22c: 0xe00d, 0x22d: 0x0008, 0x22e: 0xe00d, 0x22f: 0x0008,
 	0x230: 0xe00d, 0x231: 0x0008, 0x232: 0xe00d, 0x233: 0x0008, 0x234: 0x0008, 0x235: 0x0008,
-	0x236: 0x0008, 0x237: 0x0008, 0x238: 0x0008, 0x239: 0x0008, 0x23a: 0x0209, 0x23b: 0xe03d,
-	0x23c: 0x0008, 0x23d: 0x031d, 0x23e: 0x0229, 0x23f: 0x0008,
+	0x236: 0x0008, 0x237: 0x0008, 0x238: 0x0008, 0x239: 0x0008, 0x23a: 0x0099, 0x23b: 0xe03d,
+	0x23c: 0x0008, 0x23d: 0x031d, 0x23e: 0x00a1, 0x23f: 0x0008,
 	// Block 0x9, offset 0x240
 	0x240: 0x0008, 0x241: 0x0008, 0x242: 0x0018, 0x243: 0x0018, 0x244: 0x0018, 0x245: 0x0018,
 	0x246: 0x0008, 0x247: 0x0008, 0x248: 0x0008, 0x249: 0x0008, 0x24a: 0x0008, 0x24b: 0x0008,
 	0x24c: 0x0008, 0x24d: 0x0008, 0x24e: 0x0008, 0x24f: 0x0008, 0x250: 0x0008, 0x251: 0x0008,
 	0x252: 0x0018, 0x253: 0x0018, 0x254: 0x0018, 0x255: 0x0018, 0x256: 0x0018, 0x257: 0x0018,
-	0x258: 0x029a, 0x259: 0x02ba, 0x25a: 0x02da, 0x25b: 0x02fa, 0x25c: 0x031a, 0x25d: 0x033a,
-	0x25e: 0x0018, 0x25f: 0x0018, 0x260: 0x03ad, 0x261: 0x0359, 0x262: 0x01d9, 0x263: 0x0369,
+	0x258: 0x00d2, 0x259: 0x00da, 0x25a: 0x00e2, 0x25b: 0x00ea, 0x25c: 0x00f2, 0x25d: 0x00fa,
+	0x25e: 0x0018, 0x25f: 0x0018, 0x260: 0x03ad, 0x261: 0x0101, 0x262: 0x0089, 0x263: 0x0109,
 	0x264: 0x03c5, 0x265: 0x0018, 0x266: 0x0018, 0x267: 0x0018, 0x268: 0x0018, 0x269: 0x0018,
 	0x26a: 0x0018, 0x26b: 0x0018, 0x26c: 0x0008, 0x26d: 0x0018, 0x26e: 0x0008, 0x26f: 0x0018,
 	0x270: 0x0018, 0x271: 0x0018, 0x272: 0x0018, 0x273: 0x0018, 0x274: 0x0018, 0x275: 0x0018,
 	0x276: 0x0018, 0x277: 0x0018, 0x278: 0x0018, 0x279: 0x0018, 0x27a: 0x0018, 0x27b: 0x0018,
 	0x27c: 0x0018, 0x27d: 0x0018, 0x27e: 0x0018, 0x27f: 0x0018,
 	// Block 0xa, offset 0x280
-	0x280: 0x03dd, 0x281: 0x03dd, 0x282: 0x3308, 0x283: 0x03f5, 0x284: 0x0379, 0x285: 0x040d,
+	0x280: 0x03dd, 0x281: 0x03dd, 0x282: 0x3308, 0x283: 0x03f5, 0x284: 0x0111, 0x285: 0x040d,
 	0x286: 0x3308, 0x287: 0x3308, 0x288: 0x3308, 0x289: 0x3308, 0x28a: 0x3308, 0x28b: 0x3308,
 	0x28c: 0x3308, 0x28d: 0x3308, 0x28e: 0x3308, 0x28f: 0x33c0, 0x290: 0x3308, 0x291: 0x3308,
 	0x292: 0x3308, 0x293: 0x3308, 0x294: 0x3308, 0x295: 0x3308, 0x296: 0x3308, 0x297: 0x3308,
@@ -687,10 +830,10 @@ var idnaValues = [8192]uint16{
 	0x2a4: 0x3308, 0x2a5: 0x3308, 0x2a6: 0x3308, 0x2a7: 0x3308, 0x2a8: 0x3308, 0x2a9: 0x3308,
 	0x2aa: 0x3308, 0x2ab: 0x3308, 0x2ac: 0x3308, 0x2ad: 0x3308, 0x2ae: 0x3308, 0x2af: 0x3308,
 	0x2b0: 0xe00d, 0x2b1: 0x0008, 0x2b2: 0xe00d, 0x2b3: 0x0008, 0x2b4: 0x0425, 0x2b5: 0x0008,
-	0x2b6: 0xe00d, 0x2b7: 0x0008, 0x2b8: 0x0040, 0x2b9: 0x0040, 0x2ba: 0x03a2, 0x2bb: 0x0008,
-	0x2bc: 0x0008, 0x2bd: 0x0008, 0x2be: 0x03c2, 0x2bf: 0x043d,
+	0x2b6: 0xe00d, 0x2b7: 0x0008, 0x2b8: 0x0040, 0x2b9: 0x0040, 0x2ba: 0x011a, 0x2bb: 0x0008,
+	0x2bc: 0x0008, 0x2bd: 0x0008, 0x2be: 0x0122, 0x2bf: 0x043d,
 	// Block 0xb, offset 0x2c0
-	0x2c0: 0x0040, 0x2c1: 0x0040, 0x2c2: 0x0040, 0x2c3: 0x0040, 0x2c4: 0x008a, 0x2c5: 0x03d2,
+	0x2c0: 0x0040, 0x2c1: 0x0040, 0x2c2: 0x0040, 0x2c3: 0x0040, 0x2c4: 0x003a, 0x2c5: 0x012a,
 	0x2c6: 0xe155, 0x2c7: 0x0455, 0x2c8: 0xe12d, 0x2c9: 0xe13d, 0x2ca: 0xe12d, 0x2cb: 0x0040,
 	0x2cc: 0x03dd, 0x2cd: 0x0040, 0x2ce: 0x046d, 0x2cf: 0x0485, 0x2d0: 0x0008, 0x2d1: 0xe105,
 	0x2d2: 0xe105, 0x2d3: 0xe105, 0x2d4: 0xe105, 0x2d5: 0xe105, 0x2d6: 0xe105, 0x2d7: 0xe105,
@@ -782,8 +925,8 @@ var idnaValues = [8192]uint16{
 	0x49e: 0x3308, 0x49f: 0x3308, 0x4a0: 0x0808, 0x4a1: 0x0808, 0x4a2: 0x0808, 0x4a3: 0x0808,
 	0x4a4: 0x0808, 0x4a5: 0x0808, 0x4a6: 0x0808, 0x4a7: 0x0808, 0x4a8: 0x0808, 0x4a9: 0x0808,
 	0x4aa: 0x0018, 0x4ab: 0x0818, 0x4ac: 0x0818, 0x4ad: 0x0818, 0x4ae: 0x0a08, 0x4af: 0x0a08,
-	0x4b0: 0x3308, 0x4b1: 0x0c08, 0x4b2: 0x0c08, 0x4b3: 0x0c08, 0x4b4: 0x0808, 0x4b5: 0x0429,
-	0x4b6: 0x0451, 0x4b7: 0x0479, 0x4b8: 0x04a1, 0x4b9: 0x0a08, 0x4ba: 0x0a08, 0x4bb: 0x0a08,
+	0x4b0: 0x3308, 0x4b1: 0x0c08, 0x4b2: 0x0c08, 0x4b3: 0x0c08, 0x4b4: 0x0808, 0x4b5: 0x0139,
+	0x4b6: 0x0141, 0x4b7: 0x0149, 0x4b8: 0x0151, 0x4b9: 0x0a08, 0x4ba: 0x0a08, 0x4bb: 0x0a08,
 	0x4bc: 0x0a08, 0x4bd: 0x0a08, 0x4be: 0x0a08, 0x4bf: 0x0a08,
 	// Block 0x13, offset 0x4c0
 	0x4c0: 0x0c08, 0x4c1: 0x0a08, 0x4c2: 0x0a08, 0x4c3: 0x0c08, 0x4c4: 0x0c08, 0x4c5: 0x0c08,
@@ -826,8 +969,8 @@ var idnaValues = [8192]uint16{
 	0x586: 0x3308, 0x587: 0x3308, 0x588: 0x3308, 0x589: 0x3008, 0x58a: 0x3008, 0x58b: 0x3008,
 	0x58c: 0x3008, 0x58d: 0x3b08, 0x58e: 0x3008, 0x58f: 0x3008, 0x590: 0x0008, 0x591: 0x3308,
 	0x592: 0x3308, 0x593: 0x3308, 0x594: 0x3308, 0x595: 0x3308, 0x596: 0x3308, 0x597: 0x3308,
-	0x598: 0x04c9, 0x599: 0x0501, 0x59a: 0x0539, 0x59b: 0x0571, 0x59c: 0x05a9, 0x59d: 0x05e1,
-	0x59e: 0x0619, 0x59f: 0x0651, 0x5a0: 0x0008, 0x5a1: 0x0008, 0x5a2: 0x3308, 0x5a3: 0x3308,
+	0x598: 0x0159, 0x599: 0x0161, 0x59a: 0x0169, 0x59b: 0x0171, 0x59c: 0x0179, 0x59d: 0x0181,
+	0x59e: 0x0189, 0x59f: 0x0191, 0x5a0: 0x0008, 0x5a1: 0x0008, 0x5a2: 0x3308, 0x5a3: 0x3308,
 	0x5a4: 0x0018, 0x5a5: 0x0018, 0x5a6: 0x0008, 0x5a7: 0x0008, 0x5a8: 0x0008, 0x5a9: 0x0008,
 	0x5aa: 0x0008, 0x5ab: 0x0008, 0x5ac: 0x0008, 0x5ad: 0x0008, 0x5ae: 0x0008, 0x5af: 0x0008,
 	0x5b0: 0x0018, 0x5b1: 0x0008, 0x5b2: 0x0008, 0x5b3: 0x0008, 0x5b4: 0x0008, 0x5b5: 0x0008,
@@ -850,8 +993,8 @@ var idnaValues = [8192]uint16{
 	0x606: 0x0040, 0x607: 0x3008, 0x608: 0x3008, 0x609: 0x0040, 0x60a: 0x0040, 0x60b: 0x3008,
 	0x60c: 0x3008, 0x60d: 0x3b08, 0x60e: 0x0008, 0x60f: 0x0040, 0x610: 0x0040, 0x611: 0x0040,
 	0x612: 0x0040, 0x613: 0x0040, 0x614: 0x0040, 0x615: 0x0040, 0x616: 0x0040, 0x617: 0x3008,
-	0x618: 0x0040, 0x619: 0x0040, 0x61a: 0x0040, 0x61b: 0x0040, 0x61c: 0x0689, 0x61d: 0x06c1,
-	0x61e: 0x0040, 0x61f: 0x06f9, 0x620: 0x0008, 0x621: 0x0008, 0x622: 0x3308, 0x623: 0x3308,
+	0x618: 0x0040, 0x619: 0x0040, 0x61a: 0x0040, 0x61b: 0x0040, 0x61c: 0x0199, 0x61d: 0x01a1,
+	0x61e: 0x0040, 0x61f: 0x01a9, 0x620: 0x0008, 0x621: 0x0008, 0x622: 0x3308, 0x623: 0x3308,
 	0x624: 0x0040, 0x625: 0x0040, 0x626: 0x0008, 0x627: 0x0008, 0x628: 0x0008, 0x629: 0x0008,
 	0x62a: 0x0008, 0x62b: 0x0008, 0x62c: 0x0008, 0x62d: 0x0008, 0x62e: 0x0008, 0x62f: 0x0008,
 	0x630: 0x0008, 0x631: 0x0008, 0x632: 0x0018, 0x633: 0x0018, 0x634: 0x0018, 0x635: 0x0018,
@@ -866,16 +1009,16 @@ var idnaValues = [8192]uint16{
 	0x65e: 0x0008, 0x65f: 0x0008, 0x660: 0x0008, 0x661: 0x0008, 0x662: 0x0008, 0x663: 0x0008,
 	0x664: 0x0008, 0x665: 0x0008, 0x666: 0x0008, 0x667: 0x0008, 0x668: 0x0008, 0x669: 0x0040,
 	0x66a: 0x0008, 0x66b: 0x0008, 0x66c: 0x0008, 0x66d: 0x0008, 0x66e: 0x0008, 0x66f: 0x0008,
-	0x670: 0x0008, 0x671: 0x0040, 0x672: 0x0008, 0x673: 0x0731, 0x674: 0x0040, 0x675: 0x0008,
-	0x676: 0x0769, 0x677: 0x0040, 0x678: 0x0008, 0x679: 0x0008, 0x67a: 0x0040, 0x67b: 0x0040,
+	0x670: 0x0008, 0x671: 0x0040, 0x672: 0x0008, 0x673: 0x01b1, 0x674: 0x0040, 0x675: 0x0008,
+	0x676: 0x01b9, 0x677: 0x0040, 0x678: 0x0008, 0x679: 0x0008, 0x67a: 0x0040, 0x67b: 0x0040,
 	0x67c: 0x3308, 0x67d: 0x0040, 0x67e: 0x3008, 0x67f: 0x3008,
 	// Block 0x1a, offset 0x680
 	0x680: 0x3008, 0x681: 0x3308, 0x682: 0x3308, 0x683: 0x0040, 0x684: 0x0040, 0x685: 0x0040,
 	0x686: 0x0040, 0x687: 0x3308, 0x688: 0x3308, 0x689: 0x0040, 0x68a: 0x0040, 0x68b: 0x3308,
 	0x68c: 0x3308, 0x68d: 0x3b08, 0x68e: 0x0040, 0x68f: 0x0040, 0x690: 0x0040, 0x691: 0x3308,
 	0x692: 0x0040, 0x693: 0x0040, 0x694: 0x0040, 0x695: 0x0040, 0x696: 0x0040, 0x697: 0x0040,
-	0x698: 0x0040, 0x699: 0x07a1, 0x69a: 0x07d9, 0x69b: 0x0811, 0x69c: 0x0008, 0x69d: 0x0040,
-	0x69e: 0x0849, 0x69f: 0x0040, 0x6a0: 0x0040, 0x6a1: 0x0040, 0x6a2: 0x0040, 0x6a3: 0x0040,
+	0x698: 0x0040, 0x699: 0x01c1, 0x69a: 0x01c9, 0x69b: 0x01d1, 0x69c: 0x0008, 0x69d: 0x0040,
+	0x69e: 0x01d9, 0x69f: 0x0040, 0x6a0: 0x0040, 0x6a1: 0x0040, 0x6a2: 0x0040, 0x6a3: 0x0040,
 	0x6a4: 0x0040, 0x6a5: 0x0040, 0x6a6: 0x0008, 0x6a7: 0x0008, 0x6a8: 0x0008, 0x6a9: 0x0008,
 	0x6aa: 0x0008, 0x6ab: 0x0008, 0x6ac: 0x0008, 0x6ad: 0x0008, 0x6ae: 0x0008, 0x6af: 0x0008,
 	0x6b0: 0x3308, 0x6b1: 0x3308, 0x6b2: 0x0008, 0x6b3: 0x0008, 0x6b4: 0x0008, 0x6b5: 0x3308,
@@ -922,7 +1065,7 @@ var idnaValues = [8192]uint16{
 	0x786: 0x0040, 0x787: 0x3008, 0x788: 0x3008, 0x789: 0x0040, 0x78a: 0x0040, 0x78b: 0x3008,
 	0x78c: 0x3008, 0x78d: 0x3b08, 0x78e: 0x0040, 0x78f: 0x0040, 0x790: 0x0040, 0x791: 0x0040,
 	0x792: 0x0040, 0x793: 0x0040, 0x794: 0x0040, 0x795: 0x3308, 0x796: 0x3308, 0x797: 0x3008,
-	0x798: 0x0040, 0x799: 0x0040, 0x79a: 0x0040, 0x79b: 0x0040, 0x79c: 0x0881, 0x79d: 0x08b9,
+	0x798: 0x0040, 0x799: 0x0040, 0x79a: 0x0040, 0x79b: 0x0040, 0x79c: 0x01e1, 0x79d: 0x01e9,
 	0x79e: 0x0040, 0x79f: 0x0008, 0x7a0: 0x0008, 0x7a1: 0x0008, 0x7a2: 0x3308, 0x7a3: 0x3308,
 	0x7a4: 0x0040, 0x7a5: 0x0040, 0x7a6: 0x0008, 0x7a7: 0x0008, 0x7a8: 0x0008, 0x7a9: 0x0008,
 	0x7aa: 0x0008, 0x7ab: 0x0008, 0x7ac: 0x0008, 0x7ad: 0x0008, 0x7ae: 0x0008, 0x7af: 0x0008,
@@ -998,32 +1141,32 @@ var idnaValues = [8192]uint16{
 	0x91e: 0x0008, 0x91f: 0x0008, 0x920: 0x0008, 0x921: 0x0008, 0x922: 0x0008, 0x923: 0x0008,
 	0x924: 0x0040, 0x925: 0x0008, 0x926: 0x0040, 0x927: 0x0008, 0x928: 0x0008, 0x929: 0x0008,
 	0x92a: 0x0008, 0x92b: 0x0008, 0x92c: 0x0008, 0x92d: 0x0008, 0x92e: 0x0008, 0x92f: 0x0008,
-	0x930: 0x0008, 0x931: 0x3308, 0x932: 0x0008, 0x933: 0x0929, 0x934: 0x3308, 0x935: 0x3308,
+	0x930: 0x0008, 0x931: 0x3308, 0x932: 0x0008, 0x933: 0x01f9, 0x934: 0x3308, 0x935: 0x3308,
 	0x936: 0x3308, 0x937: 0x3308, 0x938: 0x3308, 0x939: 0x3308, 0x93a: 0x3b08, 0x93b: 0x3308,
 	0x93c: 0x3308, 0x93d: 0x0008, 0x93e: 0x0040, 0x93f: 0x0040,
 	// Block 0x25, offset 0x940
-	0x940: 0x0008, 0x941: 0x0008, 0x942: 0x0008, 0x943: 0x09d1, 0x944: 0x0008, 0x945: 0x0008,
+	0x940: 0x0008, 0x941: 0x0008, 0x942: 0x0008, 0x943: 0x0211, 0x944: 0x0008, 0x945: 0x0008,
 	0x946: 0x0008, 0x947: 0x0008, 0x948: 0x0040, 0x949: 0x0008, 0x94a: 0x0008, 0x94b: 0x0008,
-	0x94c: 0x0008, 0x94d: 0x0a09, 0x94e: 0x0008, 0x94f: 0x0008, 0x950: 0x0008, 0x951: 0x0008,
-	0x952: 0x0a41, 0x953: 0x0008, 0x954: 0x0008, 0x955: 0x0008, 0x956: 0x0008, 0x957: 0x0a79,
-	0x958: 0x0008, 0x959: 0x0008, 0x95a: 0x0008, 0x95b: 0x0008, 0x95c: 0x0ab1, 0x95d: 0x0008,
+	0x94c: 0x0008, 0x94d: 0x0219, 0x94e: 0x0008, 0x94f: 0x0008, 0x950: 0x0008, 0x951: 0x0008,
+	0x952: 0x0221, 0x953: 0x0008, 0x954: 0x0008, 0x955: 0x0008, 0x956: 0x0008, 0x957: 0x0229,
+	0x958: 0x0008, 0x959: 0x0008, 0x95a: 0x0008, 0x95b: 0x0008, 0x95c: 0x0231, 0x95d: 0x0008,
 	0x95e: 0x0008, 0x95f: 0x0008, 0x960: 0x0008, 0x961: 0x0008, 0x962: 0x0008, 0x963: 0x0008,
-	0x964: 0x0008, 0x965: 0x0008, 0x966: 0x0008, 0x967: 0x0008, 0x968: 0x0008, 0x969: 0x0ae9,
+	0x964: 0x0008, 0x965: 0x0008, 0x966: 0x0008, 0x967: 0x0008, 0x968: 0x0008, 0x969: 0x0239,
 	0x96a: 0x0008, 0x96b: 0x0008, 0x96c: 0x0008, 0x96d: 0x0040, 0x96e: 0x0040, 0x96f: 0x0040,
-	0x970: 0x0040, 0x971: 0x3308, 0x972: 0x3308, 0x973: 0x0b21, 0x974: 0x3308, 0x975: 0x0b59,
-	0x976: 0x0b91, 0x977: 0x0bc9, 0x978: 0x0c19, 0x979: 0x0c51, 0x97a: 0x3308, 0x97b: 0x3308,
+	0x970: 0x0040, 0x971: 0x3308, 0x972: 0x3308, 0x973: 0x0241, 0x974: 0x3308, 0x975: 0x0249,
+	0x976: 0x0251, 0x977: 0x0259, 0x978: 0x0261, 0x979: 0x0269, 0x97a: 0x3308, 0x97b: 0x3308,
 	0x97c: 0x3308, 0x97d: 0x3308, 0x97e: 0x3308, 0x97f: 0x3008,
 	// Block 0x26, offset 0x980
-	0x980: 0x3308, 0x981: 0x0ca1, 0x982: 0x3308, 0x983: 0x3308, 0x984: 0x3b08, 0x985: 0x0018,
+	0x980: 0x3308, 0x981: 0x0271, 0x982: 0x3308, 0x983: 0x3308, 0x984: 0x3b08, 0x985: 0x0018,
 	0x986: 0x3308, 0x987: 0x3308, 0x988: 0x0008, 0x989: 0x0008, 0x98a: 0x0008, 0x98b: 0x0008,
 	0x98c: 0x0008, 0x98d: 0x3308, 0x98e: 0x3308, 0x98f: 0x3308, 0x990: 0x3308, 0x991: 0x3308,
-	0x992: 0x3308, 0x993: 0x0cd9, 0x994: 0x3308, 0x995: 0x3308, 0x996: 0x3308, 0x997: 0x3308,
-	0x998: 0x0040, 0x999: 0x3308, 0x99a: 0x3308, 0x99b: 0x3308, 0x99c: 0x3308, 0x99d: 0x0d11,
-	0x99e: 0x3308, 0x99f: 0x3308, 0x9a0: 0x3308, 0x9a1: 0x3308, 0x9a2: 0x0d49, 0x9a3: 0x3308,
-	0x9a4: 0x3308, 0x9a5: 0x3308, 0x9a6: 0x3308, 0x9a7: 0x0d81, 0x9a8: 0x3308, 0x9a9: 0x3308,
-	0x9aa: 0x3308, 0x9ab: 0x3308, 0x9ac: 0x0db9, 0x9ad: 0x3308, 0x9ae: 0x3308, 0x9af: 0x3308,
+	0x992: 0x3308, 0x993: 0x0279, 0x994: 0x3308, 0x995: 0x3308, 0x996: 0x3308, 0x997: 0x3308,
+	0x998: 0x0040, 0x999: 0x3308, 0x99a: 0x3308, 0x99b: 0x3308, 0x99c: 0x3308, 0x99d: 0x0281,
+	0x99e: 0x3308, 0x99f: 0x3308, 0x9a0: 0x3308, 0x9a1: 0x3308, 0x9a2: 0x0289, 0x9a3: 0x3308,
+	0x9a4: 0x3308, 0x9a5: 0x3308, 0x9a6: 0x3308, 0x9a7: 0x0291, 0x9a8: 0x3308, 0x9a9: 0x3308,
+	0x9aa: 0x3308, 0x9ab: 0x3308, 0x9ac: 0x0299, 0x9ad: 0x3308, 0x9ae: 0x3308, 0x9af: 0x3308,
 	0x9b0: 0x3308, 0x9b1: 0x3308, 0x9b2: 0x3308, 0x9b3: 0x3308, 0x9b4: 0x3308, 0x9b5: 0x3308,
-	0x9b6: 0x3308, 0x9b7: 0x3308, 0x9b8: 0x3308, 0x9b9: 0x0df1, 0x9ba: 0x3308, 0x9bb: 0x3308,
+	0x9b6: 0x3308, 0x9b7: 0x3308, 0x9b8: 0x3308, 0x9b9: 0x02a1, 0x9ba: 0x3308, 0x9bb: 0x3308,
 	0x9bc: 0x3308, 0x9bd: 0x0040, 0x9be: 0x0018, 0x9bf: 0x0018,
 	// Block 0x27, offset 0x9c0
 	0x9c0: 0x0008, 0x9c1: 0x0008, 0x9c2: 0x0008, 0x9c3: 0x0008, 0x9c4: 0x0008, 0x9c5: 0x0008,
@@ -1033,34 +1176,34 @@ var idnaValues = [8192]uint16{
 	0x9d8: 0x0008, 0x9d9: 0x0008, 0x9da: 0x0008, 0x9db: 0x0008, 0x9dc: 0x0008, 0x9dd: 0x0008,
 	0x9de: 0x0008, 0x9df: 0x0008, 0x9e0: 0x0008, 0x9e1: 0x0008, 0x9e2: 0x0008, 0x9e3: 0x0008,
 	0x9e4: 0x0008, 0x9e5: 0x0008, 0x9e6: 0x0008, 0x9e7: 0x0008, 0x9e8: 0x0008, 0x9e9: 0x0008,
-	0x9ea: 0x0008, 0x9eb: 0x0008, 0x9ec: 0x0039, 0x9ed: 0x0ed1, 0x9ee: 0x0ee9, 0x9ef: 0x0008,
-	0x9f0: 0x0ef9, 0x9f1: 0x0f09, 0x9f2: 0x0f19, 0x9f3: 0x0f31, 0x9f4: 0x0249, 0x9f5: 0x0f41,
-	0x9f6: 0x0259, 0x9f7: 0x0f51, 0x9f8: 0x0359, 0x9f9: 0x0f61, 0x9fa: 0x0f71, 0x9fb: 0x0008,
-	0x9fc: 0x00d9, 0x9fd: 0x0f81, 0x9fe: 0x0f99, 0x9ff: 0x0269,
+	0x9ea: 0x0008, 0x9eb: 0x0008, 0x9ec: 0x0019, 0x9ed: 0x02e1, 0x9ee: 0x02e9, 0x9ef: 0x0008,
+	0x9f0: 0x02f1, 0x9f1: 0x02f9, 0x9f2: 0x0301, 0x9f3: 0x0309, 0x9f4: 0x00a9, 0x9f5: 0x0311,
+	0x9f6: 0x00b1, 0x9f7: 0x0319, 0x9f8: 0x0101, 0x9f9: 0x0321, 0x9fa: 0x0329, 0x9fb: 0x0008,
+	0x9fc: 0x0051, 0x9fd: 0x0331, 0x9fe: 0x0339, 0x9ff: 0x00b9,
 	// Block 0x28, offset 0xa00
-	0xa00: 0x0fa9, 0xa01: 0x0fb9, 0xa02: 0x0279, 0xa03: 0x0039, 0xa04: 0x0fc9, 0xa05: 0x0fe1,
-	0xa06: 0x05b5, 0xa07: 0x0ee9, 0xa08: 0x0ef9, 0xa09: 0x0f09, 0xa0a: 0x0ff9, 0xa0b: 0x1011,
-	0xa0c: 0x1029, 0xa0d: 0x0f31, 0xa0e: 0x0008, 0xa0f: 0x0f51, 0xa10: 0x0f61, 0xa11: 0x1041,
-	0xa12: 0x00d9, 0xa13: 0x1059, 0xa14: 0x05cd, 0xa15: 0x05cd, 0xa16: 0x0f99, 0xa17: 0x0fa9,
-	0xa18: 0x0fb9, 0xa19: 0x05b5, 0xa1a: 0x1071, 0xa1b: 0x1089, 0xa1c: 0x05e5, 0xa1d: 0x1099,
-	0xa1e: 0x10b1, 0xa1f: 0x10c9, 0xa20: 0x10e1, 0xa21: 0x10f9, 0xa22: 0x0f41, 0xa23: 0x0269,
-	0xa24: 0x0fb9, 0xa25: 0x1089, 0xa26: 0x1099, 0xa27: 0x10b1, 0xa28: 0x1111, 0xa29: 0x10e1,
-	0xa2a: 0x10f9, 0xa2b: 0x0008, 0xa2c: 0x0008, 0xa2d: 0x0008, 0xa2e: 0x0008, 0xa2f: 0x0008,
+	0xa00: 0x0341, 0xa01: 0x0349, 0xa02: 0x00c1, 0xa03: 0x0019, 0xa04: 0x0351, 0xa05: 0x0359,
+	0xa06: 0x05b5, 0xa07: 0x02e9, 0xa08: 0x02f1, 0xa09: 0x02f9, 0xa0a: 0x0361, 0xa0b: 0x0369,
+	0xa0c: 0x0371, 0xa0d: 0x0309, 0xa0e: 0x0008, 0xa0f: 0x0319, 0xa10: 0x0321, 0xa11: 0x0379,
+	0xa12: 0x0051, 0xa13: 0x0381, 0xa14: 0x05cd, 0xa15: 0x05cd, 0xa16: 0x0339, 0xa17: 0x0341,
+	0xa18: 0x0349, 0xa19: 0x05b5, 0xa1a: 0x0389, 0xa1b: 0x0391, 0xa1c: 0x05e5, 0xa1d: 0x0399,
+	0xa1e: 0x03a1, 0xa1f: 0x03a9, 0xa20: 0x03b1, 0xa21: 0x03b9, 0xa22: 0x0311, 0xa23: 0x00b9,
+	0xa24: 0x0349, 0xa25: 0x0391, 0xa26: 0x0399, 0xa27: 0x03a1, 0xa28: 0x03c1, 0xa29: 0x03b1,
+	0xa2a: 0x03b9, 0xa2b: 0x0008, 0xa2c: 0x0008, 0xa2d: 0x0008, 0xa2e: 0x0008, 0xa2f: 0x0008,
 	0xa30: 0x0008, 0xa31: 0x0008, 0xa32: 0x0008, 0xa33: 0x0008, 0xa34: 0x0008, 0xa35: 0x0008,
-	0xa36: 0x0008, 0xa37: 0x0008, 0xa38: 0x1129, 0xa39: 0x0008, 0xa3a: 0x0008, 0xa3b: 0x0008,
+	0xa36: 0x0008, 0xa37: 0x0008, 0xa38: 0x03c9, 0xa39: 0x0008, 0xa3a: 0x0008, 0xa3b: 0x0008,
 	0xa3c: 0x0008, 0xa3d: 0x0008, 0xa3e: 0x0008, 0xa3f: 0x0008,
 	// Block 0x29, offset 0xa40
 	0xa40: 0x0008, 0xa41: 0x0008, 0xa42: 0x0008, 0xa43: 0x0008, 0xa44: 0x0008, 0xa45: 0x0008,
 	0xa46: 0x0008, 0xa47: 0x0008, 0xa48: 0x0008, 0xa49: 0x0008, 0xa4a: 0x0008, 0xa4b: 0x0008,
 	0xa4c: 0x0008, 0xa4d: 0x0008, 0xa4e: 0x0008, 0xa4f: 0x0008, 0xa50: 0x0008, 0xa51: 0x0008,
 	0xa52: 0x0008, 0xa53: 0x0008, 0xa54: 0x0008, 0xa55: 0x0008, 0xa56: 0x0008, 0xa57: 0x0008,
-	0xa58: 0x0008, 0xa59: 0x0008, 0xa5a: 0x0008, 0xa5b: 0x1141, 0xa5c: 0x1159, 0xa5d: 0x1169,
-	0xa5e: 0x1181, 0xa5f: 0x1029, 0xa60: 0x1199, 0xa61: 0x11a9, 0xa62: 0x11c1, 0xa63: 0x11d9,
-	0xa64: 0x11f1, 0xa65: 0x1209, 0xa66: 0x1221, 0xa67: 0x05fd, 0xa68: 0x1239, 0xa69: 0x1251,
-	0xa6a: 0xe17d, 0xa6b: 0x1269, 0xa6c: 0x1281, 0xa6d: 0x1299, 0xa6e: 0x12b1, 0xa6f: 0x12c9,
-	0xa70: 0x12e1, 0xa71: 0x12f9, 0xa72: 0x1311, 0xa73: 0x1329, 0xa74: 0x1341, 0xa75: 0x1359,
-	0xa76: 0x1371, 0xa77: 0x1389, 0xa78: 0x0615, 0xa79: 0x13a1, 0xa7a: 0x13b9, 0xa7b: 0x13d1,
-	0xa7c: 0x13e1, 0xa7d: 0x13f9, 0xa7e: 0x1411, 0xa7f: 0x1429,
+	0xa58: 0x0008, 0xa59: 0x0008, 0xa5a: 0x0008, 0xa5b: 0x03d1, 0xa5c: 0x03d9, 0xa5d: 0x03e1,
+	0xa5e: 0x03e9, 0xa5f: 0x0371, 0xa60: 0x03f1, 0xa61: 0x03f9, 0xa62: 0x0401, 0xa63: 0x0409,
+	0xa64: 0x0411, 0xa65: 0x0419, 0xa66: 0x0421, 0xa67: 0x05fd, 0xa68: 0x0429, 0xa69: 0x0431,
+	0xa6a: 0xe17d, 0xa6b: 0x0439, 0xa6c: 0x0441, 0xa6d: 0x0449, 0xa6e: 0x0451, 0xa6f: 0x0459,
+	0xa70: 0x0461, 0xa71: 0x0469, 0xa72: 0x0471, 0xa73: 0x0479, 0xa74: 0x0481, 0xa75: 0x0489,
+	0xa76: 0x0491, 0xa77: 0x0499, 0xa78: 0x0615, 0xa79: 0x04a1, 0xa7a: 0x04a9, 0xa7b: 0x04b1,
+	0xa7c: 0x04b9, 0xa7d: 0x04c1, 0xa7e: 0x04c9, 0xa7f: 0x04d1,
 	// Block 0x2a, offset 0xa80
 	0xa80: 0xe00d, 0xa81: 0x0008, 0xa82: 0xe00d, 0xa83: 0x0008, 0xa84: 0xe00d, 0xa85: 0x0008,
 	0xa86: 0xe00d, 0xa87: 0x0008, 0xa88: 0xe00d, 0xa89: 0x0008, 0xa8a: 0xe00d, 0xa8b: 0x0008,
@@ -1079,7 +1222,7 @@ var idnaValues = [8192]uint16{
 	0xacc: 0xe00d, 0xacd: 0x0008, 0xace: 0xe00d, 0xacf: 0x0008, 0xad0: 0xe00d, 0xad1: 0x0008,
 	0xad2: 0xe00d, 0xad3: 0x0008, 0xad4: 0xe00d, 0xad5: 0x0008, 0xad6: 0x0008, 0xad7: 0x0008,
 	0xad8: 0x0008, 0xad9: 0x0008, 0xada: 0x062d, 0xadb: 0x064d, 0xadc: 0x0008, 0xadd: 0x0008,
-	0xade: 0x1441, 0xadf: 0x0008, 0xae0: 0xe00d, 0xae1: 0x0008, 0xae2: 0xe00d, 0xae3: 0x0008,
+	0xade: 0x04d9, 0xadf: 0x0008, 0xae0: 0xe00d, 0xae1: 0x0008, 0xae2: 0xe00d, 0xae3: 0x0008,
 	0xae4: 0xe00d, 0xae5: 0x0008, 0xae6: 0xe00d, 0xae7: 0x0008, 0xae8: 0xe00d, 0xae9: 0x0008,
 	0xaea: 0xe00d, 0xaeb: 0x0008, 0xaec: 0xe00d, 0xaed: 0x0008, 0xaee: 0xe00d, 0xaef: 0x0008,
 	0xaf0: 0xe00d, 0xaf1: 0x0008, 0xaf2: 0xe00d, 0xaf3: 0x0008, 0xaf4: 0xe00d, 0xaf5: 0x0008,
@@ -1094,33 +1237,33 @@ var idnaValues = [8192]uint16{
 	0xb1e: 0x0040, 0xb1f: 0xe045, 0xb20: 0x0008, 0xb21: 0x0008, 0xb22: 0x0008, 0xb23: 0x0008,
 	0xb24: 0x0008, 0xb25: 0x0008, 0xb26: 0x0008, 0xb27: 0x0008, 0xb28: 0xe045, 0xb29: 0xe045,
 	0xb2a: 0xe045, 0xb2b: 0xe045, 0xb2c: 0xe045, 0xb2d: 0xe045, 0xb2e: 0xe045, 0xb2f: 0xe045,
-	0xb30: 0x0008, 0xb31: 0x1459, 0xb32: 0x0008, 0xb33: 0x1471, 0xb34: 0x0008, 0xb35: 0x1489,
-	0xb36: 0x0008, 0xb37: 0x14a1, 0xb38: 0x0008, 0xb39: 0x14b9, 0xb3a: 0x0008, 0xb3b: 0x14d1,
-	0xb3c: 0x0008, 0xb3d: 0x14e9, 0xb3e: 0x0040, 0xb3f: 0x0040,
+	0xb30: 0x0008, 0xb31: 0x04e1, 0xb32: 0x0008, 0xb33: 0x04e9, 0xb34: 0x0008, 0xb35: 0x04f1,
+	0xb36: 0x0008, 0xb37: 0x04f9, 0xb38: 0x0008, 0xb39: 0x0501, 0xb3a: 0x0008, 0xb3b: 0x0509,
+	0xb3c: 0x0008, 0xb3d: 0x0511, 0xb3e: 0x0040, 0xb3f: 0x0040,
 	// Block 0x2d, offset 0xb40
-	0xb40: 0x1501, 0xb41: 0x1531, 0xb42: 0x1561, 0xb43: 0x1591, 0xb44: 0x15c1, 0xb45: 0x15f1,
-	0xb46: 0x1621, 0xb47: 0x1651, 0xb48: 0x1501, 0xb49: 0x1531, 0xb4a: 0x1561, 0xb4b: 0x1591,
-	0xb4c: 0x15c1, 0xb4d: 0x15f1, 0xb4e: 0x1621, 0xb4f: 0x1651, 0xb50: 0x1681, 0xb51: 0x16b1,
-	0xb52: 0x16e1, 0xb53: 0x1711, 0xb54: 0x1741, 0xb55: 0x1771, 0xb56: 0x17a1, 0xb57: 0x17d1,
-	0xb58: 0x1681, 0xb59: 0x16b1, 0xb5a: 0x16e1, 0xb5b: 0x1711, 0xb5c: 0x1741, 0xb5d: 0x1771,
-	0xb5e: 0x17a1, 0xb5f: 0x17d1, 0xb60: 0x1801, 0xb61: 0x1831, 0xb62: 0x1861, 0xb63: 0x1891,
-	0xb64: 0x18c1, 0xb65: 0x18f1, 0xb66: 0x1921, 0xb67: 0x1951, 0xb68: 0x1801, 0xb69: 0x1831,
-	0xb6a: 0x1861, 0xb6b: 0x1891, 0xb6c: 0x18c1, 0xb6d: 0x18f1, 0xb6e: 0x1921, 0xb6f: 0x1951,
-	0xb70: 0x0008, 0xb71: 0x0008, 0xb72: 0x1981, 0xb73: 0x19b1, 0xb74: 0x19d9, 0xb75: 0x0040,
-	0xb76: 0x0008, 0xb77: 0x1a01, 0xb78: 0xe045, 0xb79: 0xe045, 0xb7a: 0x0665, 0xb7b: 0x1459,
-	0xb7c: 0x19b1, 0xb7d: 0x067e, 0xb7e: 0x1a31, 0xb7f: 0x069e,
+	0xb40: 0x0519, 0xb41: 0x0521, 0xb42: 0x0529, 0xb43: 0x0531, 0xb44: 0x0539, 0xb45: 0x0541,
+	0xb46: 0x0549, 0xb47: 0x0551, 0xb48: 0x0519, 0xb49: 0x0521, 0xb4a: 0x0529, 0xb4b: 0x0531,
+	0xb4c: 0x0539, 0xb4d: 0x0541, 0xb4e: 0x0549, 0xb4f: 0x0551, 0xb50: 0x0559, 0xb51: 0x0561,
+	0xb52: 0x0569, 0xb53: 0x0571, 0xb54: 0x0579, 0xb55: 0x0581, 0xb56: 0x0589, 0xb57: 0x0591,
+	0xb58: 0x0559, 0xb59: 0x0561, 0xb5a: 0x0569, 0xb5b: 0x0571, 0xb5c: 0x0579, 0xb5d: 0x0581,
+	0xb5e: 0x0589, 0xb5f: 0x0591, 0xb60: 0x0599, 0xb61: 0x05a1, 0xb62: 0x05a9, 0xb63: 0x05b1,
+	0xb64: 0x05b9, 0xb65: 0x05c1, 0xb66: 0x05c9, 0xb67: 0x05d1, 0xb68: 0x0599, 0xb69: 0x05a1,
+	0xb6a: 0x05a9, 0xb6b: 0x05b1, 0xb6c: 0x05b9, 0xb6d: 0x05c1, 0xb6e: 0x05c9, 0xb6f: 0x05d1,
+	0xb70: 0x0008, 0xb71: 0x0008, 0xb72: 0x05d9, 0xb73: 0x05e1, 0xb74: 0x05e9, 0xb75: 0x0040,
+	0xb76: 0x0008, 0xb77: 0x05f1, 0xb78: 0xe045, 0xb79: 0xe045, 0xb7a: 0x0665, 0xb7b: 0x04e1,
+	0xb7c: 0x05e1, 0xb7d: 0x067e, 0xb7e: 0x05f9, 0xb7f: 0x069e,
 	// Block 0x2e, offset 0xb80
-	0xb80: 0x06be, 0xb81: 0x1a4a, 0xb82: 0x1a79, 0xb83: 0x1aa9, 0xb84: 0x1ad1, 0xb85: 0x0040,
-	0xb86: 0x0008, 0xb87: 0x1af9, 0xb88: 0x06dd, 0xb89: 0x1471, 0xb8a: 0x06f5, 0xb8b: 0x1489,
-	0xb8c: 0x1aa9, 0xb8d: 0x1b2a, 0xb8e: 0x1b5a, 0xb8f: 0x1b8a, 0xb90: 0x0008, 0xb91: 0x0008,
-	0xb92: 0x0008, 0xb93: 0x1bb9, 0xb94: 0x0040, 0xb95: 0x0040, 0xb96: 0x0008, 0xb97: 0x0008,
-	0xb98: 0xe045, 0xb99: 0xe045, 0xb9a: 0x070d, 0xb9b: 0x14a1, 0xb9c: 0x0040, 0xb9d: 0x1bd2,
-	0xb9e: 0x1c02, 0xb9f: 0x1c32, 0xba0: 0x0008, 0xba1: 0x0008, 0xba2: 0x0008, 0xba3: 0x1c61,
+	0xb80: 0x06be, 0xb81: 0x0602, 0xb82: 0x0609, 0xb83: 0x0611, 0xb84: 0x0619, 0xb85: 0x0040,
+	0xb86: 0x0008, 0xb87: 0x0621, 0xb88: 0x06dd, 0xb89: 0x04e9, 0xb8a: 0x06f5, 0xb8b: 0x04f1,
+	0xb8c: 0x0611, 0xb8d: 0x062a, 0xb8e: 0x0632, 0xb8f: 0x063a, 0xb90: 0x0008, 0xb91: 0x0008,
+	0xb92: 0x0008, 0xb93: 0x0641, 0xb94: 0x0040, 0xb95: 0x0040, 0xb96: 0x0008, 0xb97: 0x0008,
+	0xb98: 0xe045, 0xb99: 0xe045, 0xb9a: 0x070d, 0xb9b: 0x04f9, 0xb9c: 0x0040, 0xb9d: 0x064a,
+	0xb9e: 0x0652, 0xb9f: 0x065a, 0xba0: 0x0008, 0xba1: 0x0008, 0xba2: 0x0008, 0xba3: 0x0661,
 	0xba4: 0x0008, 0xba5: 0x0008, 0xba6: 0x0008, 0xba7: 0x0008, 0xba8: 0xe045, 0xba9: 0xe045,
-	0xbaa: 0x0725, 0xbab: 0x14d1, 0xbac: 0xe04d, 0xbad: 0x1c7a, 0xbae: 0x03d2, 0xbaf: 0x1caa,
-	0xbb0: 0x0040, 0xbb1: 0x0040, 0xbb2: 0x1cb9, 0xbb3: 0x1ce9, 0xbb4: 0x1d11, 0xbb5: 0x0040,
-	0xbb6: 0x0008, 0xbb7: 0x1d39, 0xbb8: 0x073d, 0xbb9: 0x14b9, 0xbba: 0x0515, 0xbbb: 0x14e9,
-	0xbbc: 0x1ce9, 0xbbd: 0x0756, 0xbbe: 0x0776, 0xbbf: 0x0040,
+	0xbaa: 0x0725, 0xbab: 0x0509, 0xbac: 0xe04d, 0xbad: 0x066a, 0xbae: 0x012a, 0xbaf: 0x0672,
+	0xbb0: 0x0040, 0xbb1: 0x0040, 0xbb2: 0x0679, 0xbb3: 0x0681, 0xbb4: 0x0689, 0xbb5: 0x0040,
+	0xbb6: 0x0008, 0xbb7: 0x0691, 0xbb8: 0x073d, 0xbb9: 0x0501, 0xbba: 0x0515, 0xbbb: 0x0511,
+	0xbbc: 0x0681, 0xbbd: 0x0756, 0xbbe: 0x0776, 0xbbf: 0x0040,
 	// Block 0x2f, offset 0xbc0
 	0xbc0: 0x000a, 0xbc1: 0x000a, 0xbc2: 0x000a, 0xbc3: 0x000a, 0xbc4: 0x000a, 0xbc5: 0x000a,
 	0xbc6: 0x000a, 0xbc7: 0x000a, 0xbc8: 0x000a, 0xbc9: 0x000a, 0xbca: 0x000a, 0xbcb: 0x03c0,
@@ -1130,72 +1273,72 @@ var idnaValues = [8192]uint16{
 	0xbde: 0x0018, 0xbdf: 0x0018, 0xbe0: 0x0018, 0xbe1: 0x0018, 0xbe2: 0x0018, 0xbe3: 0x0018,
 	0xbe4: 0x0040, 0xbe5: 0x0040, 0xbe6: 0x0040, 0xbe7: 0x0018, 0xbe8: 0x0040, 0xbe9: 0x0040,
 	0xbea: 0x0340, 0xbeb: 0x0340, 0xbec: 0x0340, 0xbed: 0x0340, 0xbee: 0x0340, 0xbef: 0x000a,
-	0xbf0: 0x0018, 0xbf1: 0x0018, 0xbf2: 0x0018, 0xbf3: 0x1d69, 0xbf4: 0x1da1, 0xbf5: 0x0018,
-	0xbf6: 0x1df1, 0xbf7: 0x1e29, 0xbf8: 0x0018, 0xbf9: 0x0018, 0xbfa: 0x0018, 0xbfb: 0x0018,
-	0xbfc: 0x1e7a, 0xbfd: 0x0018, 0xbfe: 0x07b6, 0xbff: 0x0018,
+	0xbf0: 0x0018, 0xbf1: 0x0018, 0xbf2: 0x0018, 0xbf3: 0x0699, 0xbf4: 0x06a1, 0xbf5: 0x0018,
+	0xbf6: 0x06a9, 0xbf7: 0x06b1, 0xbf8: 0x0018, 0xbf9: 0x0018, 0xbfa: 0x0018, 0xbfb: 0x0018,
+	0xbfc: 0x06ba, 0xbfd: 0x0018, 0xbfe: 0x07b6, 0xbff: 0x0018,
 	// Block 0x30, offset 0xc00
 	0xc00: 0x0018, 0xc01: 0x0018, 0xc02: 0x0018, 0xc03: 0x0018, 0xc04: 0x0018, 0xc05: 0x0018,
-	0xc06: 0x0018, 0xc07: 0x1e92, 0xc08: 0x1eaa, 0xc09: 0x1ec2, 0xc0a: 0x0018, 0xc0b: 0x0018,
+	0xc06: 0x0018, 0xc07: 0x06c2, 0xc08: 0x06ca, 0xc09: 0x06d2, 0xc0a: 0x0018, 0xc0b: 0x0018,
 	0xc0c: 0x0018, 0xc0d: 0x0018, 0xc0e: 0x0018, 0xc0f: 0x0018, 0xc10: 0x0018, 0xc11: 0x0018,
-	0xc12: 0x0018, 0xc13: 0x0018, 0xc14: 0x0018, 0xc15: 0x0018, 0xc16: 0x0018, 0xc17: 0x1ed9,
+	0xc12: 0x0018, 0xc13: 0x0018, 0xc14: 0x0018, 0xc15: 0x0018, 0xc16: 0x0018, 0xc17: 0x06d9,
 	0xc18: 0x0018, 0xc19: 0x0018, 0xc1a: 0x0018, 0xc1b: 0x0018, 0xc1c: 0x0018, 0xc1d: 0x0018,
 	0xc1e: 0x0018, 0xc1f: 0x000a, 0xc20: 0x03c0, 0xc21: 0x0340, 0xc22: 0x0340, 0xc23: 0x0340,
 	0xc24: 0x03c0, 0xc25: 0x0040, 0xc26: 0x0040, 0xc27: 0x0040, 0xc28: 0x0040, 0xc29: 0x0040,
 	0xc2a: 0x0340, 0xc2b: 0x0340, 0xc2c: 0x0340, 0xc2d: 0x0340, 0xc2e: 0x0340, 0xc2f: 0x0340,
-	0xc30: 0x1f41, 0xc31: 0x0f41, 0xc32: 0x0040, 0xc33: 0x0040, 0xc34: 0x1f51, 0xc35: 0x1f61,
-	0xc36: 0x1f71, 0xc37: 0x1f81, 0xc38: 0x1f91, 0xc39: 0x1fa1, 0xc3a: 0x1fb2, 0xc3b: 0x07d5,
-	0xc3c: 0x1fc2, 0xc3d: 0x1fd2, 0xc3e: 0x1fe2, 0xc3f: 0x0f71,
+	0xc30: 0x06e1, 0xc31: 0x0311, 0xc32: 0x0040, 0xc33: 0x0040, 0xc34: 0x06e9, 0xc35: 0x06f1,
+	0xc36: 0x06f9, 0xc37: 0x0701, 0xc38: 0x0709, 0xc39: 0x0711, 0xc3a: 0x071a, 0xc3b: 0x07d5,
+	0xc3c: 0x0722, 0xc3d: 0x072a, 0xc3e: 0x0732, 0xc3f: 0x0329,
 	// Block 0x31, offset 0xc40
-	0xc40: 0x1f41, 0xc41: 0x00c9, 0xc42: 0x0069, 0xc43: 0x0079, 0xc44: 0x1f51, 0xc45: 0x1f61,
-	0xc46: 0x1f71, 0xc47: 0x1f81, 0xc48: 0x1f91, 0xc49: 0x1fa1, 0xc4a: 0x1fb2, 0xc4b: 0x07ed,
-	0xc4c: 0x1fc2, 0xc4d: 0x1fd2, 0xc4e: 0x1fe2, 0xc4f: 0x0040, 0xc50: 0x0039, 0xc51: 0x0f09,
-	0xc52: 0x00d9, 0xc53: 0x0369, 0xc54: 0x0ff9, 0xc55: 0x0249, 0xc56: 0x0f51, 0xc57: 0x0359,
-	0xc58: 0x0f61, 0xc59: 0x0f71, 0xc5a: 0x0f99, 0xc5b: 0x01d9, 0xc5c: 0x0fa9, 0xc5d: 0x0040,
+	0xc40: 0x06e1, 0xc41: 0x0049, 0xc42: 0x0029, 0xc43: 0x0031, 0xc44: 0x06e9, 0xc45: 0x06f1,
+	0xc46: 0x06f9, 0xc47: 0x0701, 0xc48: 0x0709, 0xc49: 0x0711, 0xc4a: 0x071a, 0xc4b: 0x07ed,
+	0xc4c: 0x0722, 0xc4d: 0x072a, 0xc4e: 0x0732, 0xc4f: 0x0040, 0xc50: 0x0019, 0xc51: 0x02f9,
+	0xc52: 0x0051, 0xc53: 0x0109, 0xc54: 0x0361, 0xc55: 0x00a9, 0xc56: 0x0319, 0xc57: 0x0101,
+	0xc58: 0x0321, 0xc59: 0x0329, 0xc5a: 0x0339, 0xc5b: 0x0089, 0xc5c: 0x0341, 0xc5d: 0x0040,
 	0xc5e: 0x0040, 0xc5f: 0x0040, 0xc60: 0x0018, 0xc61: 0x0018, 0xc62: 0x0018, 0xc63: 0x0018,
-	0xc64: 0x0018, 0xc65: 0x0018, 0xc66: 0x0018, 0xc67: 0x0018, 0xc68: 0x1ff1, 0xc69: 0x0018,
+	0xc64: 0x0018, 0xc65: 0x0018, 0xc66: 0x0018, 0xc67: 0x0018, 0xc68: 0x0739, 0xc69: 0x0018,
 	0xc6a: 0x0018, 0xc6b: 0x0018, 0xc6c: 0x0018, 0xc6d: 0x0018, 0xc6e: 0x0018, 0xc6f: 0x0018,
 	0xc70: 0x0018, 0xc71: 0x0018, 0xc72: 0x0018, 0xc73: 0x0018, 0xc74: 0x0018, 0xc75: 0x0018,
 	0xc76: 0x0018, 0xc77: 0x0018, 0xc78: 0x0018, 0xc79: 0x0018, 0xc7a: 0x0018, 0xc7b: 0x0018,
 	0xc7c: 0x0018, 0xc7d: 0x0018, 0xc7e: 0x0018, 0xc7f: 0x0018,
 	// Block 0x32, offset 0xc80
-	0xc80: 0x0806, 0xc81: 0x0826, 0xc82: 0x1159, 0xc83: 0x0845, 0xc84: 0x0018, 0xc85: 0x0866,
-	0xc86: 0x0886, 0xc87: 0x1011, 0xc88: 0x0018, 0xc89: 0x08a5, 0xc8a: 0x0f31, 0xc8b: 0x0249,
-	0xc8c: 0x0249, 0xc8d: 0x0249, 0xc8e: 0x0249, 0xc8f: 0x2009, 0xc90: 0x0f41, 0xc91: 0x0f41,
-	0xc92: 0x0359, 0xc93: 0x0359, 0xc94: 0x0018, 0xc95: 0x0f71, 0xc96: 0x2021, 0xc97: 0x0018,
-	0xc98: 0x0018, 0xc99: 0x0f99, 0xc9a: 0x2039, 0xc9b: 0x0269, 0xc9c: 0x0269, 0xc9d: 0x0269,
-	0xc9e: 0x0018, 0xc9f: 0x0018, 0xca0: 0x2049, 0xca1: 0x08c5, 0xca2: 0x2061, 0xca3: 0x0018,
-	0xca4: 0x13d1, 0xca5: 0x0018, 0xca6: 0x2079, 0xca7: 0x0018, 0xca8: 0x13d1, 0xca9: 0x0018,
-	0xcaa: 0x0f51, 0xcab: 0x2091, 0xcac: 0x0ee9, 0xcad: 0x1159, 0xcae: 0x0018, 0xcaf: 0x0f09,
-	0xcb0: 0x0f09, 0xcb1: 0x1199, 0xcb2: 0x0040, 0xcb3: 0x0f61, 0xcb4: 0x00d9, 0xcb5: 0x20a9,
-	0xcb6: 0x20c1, 0xcb7: 0x20d9, 0xcb8: 0x20f1, 0xcb9: 0x0f41, 0xcba: 0x0018, 0xcbb: 0x08e5,
-	0xcbc: 0x2109, 0xcbd: 0x10b1, 0xcbe: 0x10b1, 0xcbf: 0x2109,
+	0xc80: 0x0806, 0xc81: 0x0826, 0xc82: 0x03d9, 0xc83: 0x0845, 0xc84: 0x0018, 0xc85: 0x0866,
+	0xc86: 0x0886, 0xc87: 0x0369, 0xc88: 0x0018, 0xc89: 0x08a5, 0xc8a: 0x0309, 0xc8b: 0x00a9,
+	0xc8c: 0x00a9, 0xc8d: 0x00a9, 0xc8e: 0x00a9, 0xc8f: 0x0741, 0xc90: 0x0311, 0xc91: 0x0311,
+	0xc92: 0x0101, 0xc93: 0x0101, 0xc94: 0x0018, 0xc95: 0x0329, 0xc96: 0x0749, 0xc97: 0x0018,
+	0xc98: 0x0018, 0xc99: 0x0339, 0xc9a: 0x0751, 0xc9b: 0x00b9, 0xc9c: 0x00b9, 0xc9d: 0x00b9,
+	0xc9e: 0x0018, 0xc9f: 0x0018, 0xca0: 0x0759, 0xca1: 0x08c5, 0xca2: 0x0761, 0xca3: 0x0018,
+	0xca4: 0x04b1, 0xca5: 0x0018, 0xca6: 0x0769, 0xca7: 0x0018, 0xca8: 0x04b1, 0xca9: 0x0018,
+	0xcaa: 0x0319, 0xcab: 0x0771, 0xcac: 0x02e9, 0xcad: 0x03d9, 0xcae: 0x0018, 0xcaf: 0x02f9,
+	0xcb0: 0x02f9, 0xcb1: 0x03f1, 0xcb2: 0x0040, 0xcb3: 0x0321, 0xcb4: 0x0051, 0xcb5: 0x0779,
+	0xcb6: 0x0781, 0xcb7: 0x0789, 0xcb8: 0x0791, 0xcb9: 0x0311, 0xcba: 0x0018, 0xcbb: 0x08e5,
+	0xcbc: 0x0799, 0xcbd: 0x03a1, 0xcbe: 0x03a1, 0xcbf: 0x0799,
 	// Block 0x33, offset 0xcc0
-	0xcc0: 0x0905, 0xcc1: 0x0018, 0xcc2: 0x0018, 0xcc3: 0x0018, 0xcc4: 0x0018, 0xcc5: 0x0ef9,
-	0xcc6: 0x0ef9, 0xcc7: 0x0f09, 0xcc8: 0x0f41, 0xcc9: 0x0259, 0xcca: 0x0018, 0xccb: 0x0018,
-	0xccc: 0x0018, 0xccd: 0x0018, 0xcce: 0x0008, 0xccf: 0x0018, 0xcd0: 0x2121, 0xcd1: 0x2151,
-	0xcd2: 0x2181, 0xcd3: 0x21b9, 0xcd4: 0x21e9, 0xcd5: 0x2219, 0xcd6: 0x2249, 0xcd7: 0x2279,
-	0xcd8: 0x22a9, 0xcd9: 0x22d9, 0xcda: 0x2309, 0xcdb: 0x2339, 0xcdc: 0x2369, 0xcdd: 0x2399,
-	0xcde: 0x23c9, 0xcdf: 0x23f9, 0xce0: 0x0f41, 0xce1: 0x2421, 0xce2: 0x091d, 0xce3: 0x2439,
-	0xce4: 0x1089, 0xce5: 0x2451, 0xce6: 0x093d, 0xce7: 0x2469, 0xce8: 0x2491, 0xce9: 0x0369,
-	0xcea: 0x24a9, 0xceb: 0x095d, 0xcec: 0x0359, 0xced: 0x1159, 0xcee: 0x0ef9, 0xcef: 0x0f61,
-	0xcf0: 0x0f41, 0xcf1: 0x2421, 0xcf2: 0x097d, 0xcf3: 0x2439, 0xcf4: 0x1089, 0xcf5: 0x2451,
-	0xcf6: 0x099d, 0xcf7: 0x2469, 0xcf8: 0x2491, 0xcf9: 0x0369, 0xcfa: 0x24a9, 0xcfb: 0x09bd,
-	0xcfc: 0x0359, 0xcfd: 0x1159, 0xcfe: 0x0ef9, 0xcff: 0x0f61,
+	0xcc0: 0x0905, 0xcc1: 0x0018, 0xcc2: 0x0018, 0xcc3: 0x0018, 0xcc4: 0x0018, 0xcc5: 0x02f1,
+	0xcc6: 0x02f1, 0xcc7: 0x02f9, 0xcc8: 0x0311, 0xcc9: 0x00b1, 0xcca: 0x0018, 0xccb: 0x0018,
+	0xccc: 0x0018, 0xccd: 0x0018, 0xcce: 0x0008, 0xccf: 0x0018, 0xcd0: 0x07a1, 0xcd1: 0x07a9,
+	0xcd2: 0x07b1, 0xcd3: 0x07b9, 0xcd4: 0x07c1, 0xcd5: 0x07c9, 0xcd6: 0x07d1, 0xcd7: 0x07d9,
+	0xcd8: 0x07e1, 0xcd9: 0x07e9, 0xcda: 0x07f1, 0xcdb: 0x07f9, 0xcdc: 0x0801, 0xcdd: 0x0809,
+	0xcde: 0x0811, 0xcdf: 0x0819, 0xce0: 0x0311, 0xce1: 0x0821, 0xce2: 0x091d, 0xce3: 0x0829,
+	0xce4: 0x0391, 0xce5: 0x0831, 0xce6: 0x093d, 0xce7: 0x0839, 0xce8: 0x0841, 0xce9: 0x0109,
+	0xcea: 0x0849, 0xceb: 0x095d, 0xcec: 0x0101, 0xced: 0x03d9, 0xcee: 0x02f1, 0xcef: 0x0321,
+	0xcf0: 0x0311, 0xcf1: 0x0821, 0xcf2: 0x097d, 0xcf3: 0x0829, 0xcf4: 0x0391, 0xcf5: 0x0831,
+	0xcf6: 0x099d, 0xcf7: 0x0839, 0xcf8: 0x0841, 0xcf9: 0x0109, 0xcfa: 0x0849, 0xcfb: 0x09bd,
+	0xcfc: 0x0101, 0xcfd: 0x03d9, 0xcfe: 0x02f1, 0xcff: 0x0321,
 	// Block 0x34, offset 0xd00
 	0xd00: 0x0018, 0xd01: 0x0018, 0xd02: 0x0018, 0xd03: 0x0018, 0xd04: 0x0018, 0xd05: 0x0018,
 	0xd06: 0x0018, 0xd07: 0x0018, 0xd08: 0x0018, 0xd09: 0x0018, 0xd0a: 0x0018, 0xd0b: 0x0040,
 	0xd0c: 0x0040, 0xd0d: 0x0040, 0xd0e: 0x0040, 0xd0f: 0x0040, 0xd10: 0x0040, 0xd11: 0x0040,
 	0xd12: 0x0040, 0xd13: 0x0040, 0xd14: 0x0040, 0xd15: 0x0040, 0xd16: 0x0040, 0xd17: 0x0040,
 	0xd18: 0x0040, 0xd19: 0x0040, 0xd1a: 0x0040, 0xd1b: 0x0040, 0xd1c: 0x0040, 0xd1d: 0x0040,
-	0xd1e: 0x0040, 0xd1f: 0x0040, 0xd20: 0x00c9, 0xd21: 0x0069, 0xd22: 0x0079, 0xd23: 0x1f51,
-	0xd24: 0x1f61, 0xd25: 0x1f71, 0xd26: 0x1f81, 0xd27: 0x1f91, 0xd28: 0x1fa1, 0xd29: 0x2601,
-	0xd2a: 0x2619, 0xd2b: 0x2631, 0xd2c: 0x2649, 0xd2d: 0x2661, 0xd2e: 0x2679, 0xd2f: 0x2691,
-	0xd30: 0x26a9, 0xd31: 0x26c1, 0xd32: 0x26d9, 0xd33: 0x26f1, 0xd34: 0x0a1e, 0xd35: 0x0a3e,
+	0xd1e: 0x0040, 0xd1f: 0x0040, 0xd20: 0x0049, 0xd21: 0x0029, 0xd22: 0x0031, 0xd23: 0x06e9,
+	0xd24: 0x06f1, 0xd25: 0x06f9, 0xd26: 0x0701, 0xd27: 0x0709, 0xd28: 0x0711, 0xd29: 0x0879,
+	0xd2a: 0x0881, 0xd2b: 0x0889, 0xd2c: 0x0891, 0xd2d: 0x0899, 0xd2e: 0x08a1, 0xd2f: 0x08a9,
+	0xd30: 0x08b1, 0xd31: 0x08b9, 0xd32: 0x08c1, 0xd33: 0x08c9, 0xd34: 0x0a1e, 0xd35: 0x0a3e,
 	0xd36: 0x0a5e, 0xd37: 0x0a7e, 0xd38: 0x0a9e, 0xd39: 0x0abe, 0xd3a: 0x0ade, 0xd3b: 0x0afe,
-	0xd3c: 0x0b1e, 0xd3d: 0x270a, 0xd3e: 0x2732, 0xd3f: 0x275a,
+	0xd3c: 0x0b1e, 0xd3d: 0x08d2, 0xd3e: 0x08da, 0xd3f: 0x08e2,
 	// Block 0x35, offset 0xd40
-	0xd40: 0x2782, 0xd41: 0x27aa, 0xd42: 0x27d2, 0xd43: 0x27fa, 0xd44: 0x2822, 0xd45: 0x284a,
-	0xd46: 0x2872, 0xd47: 0x289a, 0xd48: 0x0040, 0xd49: 0x0040, 0xd4a: 0x0040, 0xd4b: 0x0040,
+	0xd40: 0x08ea, 0xd41: 0x08f2, 0xd42: 0x08fa, 0xd43: 0x0902, 0xd44: 0x090a, 0xd45: 0x0912,
+	0xd46: 0x091a, 0xd47: 0x0922, 0xd48: 0x0040, 0xd49: 0x0040, 0xd4a: 0x0040, 0xd4b: 0x0040,
 	0xd4c: 0x0040, 0xd4d: 0x0040, 0xd4e: 0x0040, 0xd4f: 0x0040, 0xd50: 0x0040, 0xd51: 0x0040,
 	0xd52: 0x0040, 0xd53: 0x0040, 0xd54: 0x0040, 0xd55: 0x0040, 0xd56: 0x0040, 0xd57: 0x0040,
 	0xd58: 0x0040, 0xd59: 0x0040, 0xd5a: 0x0040, 0xd5b: 0x0040, 0xd5c: 0x0b3e, 0xd5d: 0x0b5e,
@@ -1203,17 +1346,17 @@ var idnaValues = [8192]uint16{
 	0xd64: 0x0c3e, 0xd65: 0x0c5e, 0xd66: 0x0c7e, 0xd67: 0x0c9e, 0xd68: 0x0cbe, 0xd69: 0x0cde,
 	0xd6a: 0x0cfe, 0xd6b: 0x0d1e, 0xd6c: 0x0d3e, 0xd6d: 0x0d5e, 0xd6e: 0x0d7e, 0xd6f: 0x0d9e,
 	0xd70: 0x0dbe, 0xd71: 0x0dde, 0xd72: 0x0dfe, 0xd73: 0x0e1e, 0xd74: 0x0e3e, 0xd75: 0x0e5e,
-	0xd76: 0x0039, 0xd77: 0x0ee9, 0xd78: 0x1159, 0xd79: 0x0ef9, 0xd7a: 0x0f09, 0xd7b: 0x1199,
-	0xd7c: 0x0f31, 0xd7d: 0x0249, 0xd7e: 0x0f41, 0xd7f: 0x0259,
+	0xd76: 0x0019, 0xd77: 0x02e9, 0xd78: 0x03d9, 0xd79: 0x02f1, 0xd7a: 0x02f9, 0xd7b: 0x03f1,
+	0xd7c: 0x0309, 0xd7d: 0x00a9, 0xd7e: 0x0311, 0xd7f: 0x00b1,
 	// Block 0x36, offset 0xd80
-	0xd80: 0x0f51, 0xd81: 0x0359, 0xd82: 0x0f61, 0xd83: 0x0f71, 0xd84: 0x00d9, 0xd85: 0x0f99,
-	0xd86: 0x2039, 0xd87: 0x0269, 0xd88: 0x01d9, 0xd89: 0x0fa9, 0xd8a: 0x0fb9, 0xd8b: 0x1089,
-	0xd8c: 0x0279, 0xd8d: 0x0369, 0xd8e: 0x0289, 0xd8f: 0x13d1, 0xd90: 0x0039, 0xd91: 0x0ee9,
-	0xd92: 0x1159, 0xd93: 0x0ef9, 0xd94: 0x0f09, 0xd95: 0x1199, 0xd96: 0x0f31, 0xd97: 0x0249,
-	0xd98: 0x0f41, 0xd99: 0x0259, 0xd9a: 0x0f51, 0xd9b: 0x0359, 0xd9c: 0x0f61, 0xd9d: 0x0f71,
-	0xd9e: 0x00d9, 0xd9f: 0x0f99, 0xda0: 0x2039, 0xda1: 0x0269, 0xda2: 0x01d9, 0xda3: 0x0fa9,
-	0xda4: 0x0fb9, 0xda5: 0x1089, 0xda6: 0x0279, 0xda7: 0x0369, 0xda8: 0x0289, 0xda9: 0x13d1,
-	0xdaa: 0x1f41, 0xdab: 0x0018, 0xdac: 0x0018, 0xdad: 0x0018, 0xdae: 0x0018, 0xdaf: 0x0018,
+	0xd80: 0x0319, 0xd81: 0x0101, 0xd82: 0x0321, 0xd83: 0x0329, 0xd84: 0x0051, 0xd85: 0x0339,
+	0xd86: 0x0751, 0xd87: 0x00b9, 0xd88: 0x0089, 0xd89: 0x0341, 0xd8a: 0x0349, 0xd8b: 0x0391,
+	0xd8c: 0x00c1, 0xd8d: 0x0109, 0xd8e: 0x00c9, 0xd8f: 0x04b1, 0xd90: 0x0019, 0xd91: 0x02e9,
+	0xd92: 0x03d9, 0xd93: 0x02f1, 0xd94: 0x02f9, 0xd95: 0x03f1, 0xd96: 0x0309, 0xd97: 0x00a9,
+	0xd98: 0x0311, 0xd99: 0x00b1, 0xd9a: 0x0319, 0xd9b: 0x0101, 0xd9c: 0x0321, 0xd9d: 0x0329,
+	0xd9e: 0x0051, 0xd9f: 0x0339, 0xda0: 0x0751, 0xda1: 0x00b9, 0xda2: 0x0089, 0xda3: 0x0341,
+	0xda4: 0x0349, 0xda5: 0x0391, 0xda6: 0x00c1, 0xda7: 0x0109, 0xda8: 0x00c9, 0xda9: 0x04b1,
+	0xdaa: 0x06e1, 0xdab: 0x0018, 0xdac: 0x0018, 0xdad: 0x0018, 0xdae: 0x0018, 0xdaf: 0x0018,
 	0xdb0: 0x0018, 0xdb1: 0x0018, 0xdb2: 0x0018, 0xdb3: 0x0018, 0xdb4: 0x0018, 0xdb5: 0x0018,
 	0xdb6: 0x0018, 0xdb7: 0x0018, 0xdb8: 0x0018, 0xdb9: 0x0018, 0xdba: 0x0018, 0xdbb: 0x0018,
 	0xdbc: 0x0018, 0xdbd: 0x0018, 0xdbe: 0x0018, 0xdbf: 0x0018,
@@ -1223,12 +1366,12 @@ var idnaValues = [8192]uint16{
 	0xdcc: 0x0008, 0xdcd: 0x0008, 0xdce: 0x0008, 0xdcf: 0x0008, 0xdd0: 0x0008, 0xdd1: 0x0008,
 	0xdd2: 0x0008, 0xdd3: 0x0008, 0xdd4: 0x0008, 0xdd5: 0x0008, 0xdd6: 0x0008, 0xdd7: 0x0008,
 	0xdd8: 0x0008, 0xdd9: 0x0008, 0xdda: 0x0008, 0xddb: 0x0008, 0xddc: 0x0008, 0xddd: 0x0008,
-	0xdde: 0x0008, 0xddf: 0x0040, 0xde0: 0xe00d, 0xde1: 0x0008, 0xde2: 0x2971, 0xde3: 0x0ed5,
-	0xde4: 0x2989, 0xde5: 0x0008, 0xde6: 0x0008, 0xde7: 0xe07d, 0xde8: 0x0008, 0xde9: 0xe01d,
-	0xdea: 0x0008, 0xdeb: 0xe03d, 0xdec: 0x0008, 0xded: 0x0fe1, 0xdee: 0x1281, 0xdef: 0x0fc9,
-	0xdf0: 0x1141, 0xdf1: 0x0008, 0xdf2: 0xe00d, 0xdf3: 0x0008, 0xdf4: 0x0008, 0xdf5: 0xe01d,
+	0xdde: 0x0008, 0xddf: 0x0040, 0xde0: 0xe00d, 0xde1: 0x0008, 0xde2: 0x0941, 0xde3: 0x0ed5,
+	0xde4: 0x0949, 0xde5: 0x0008, 0xde6: 0x0008, 0xde7: 0xe07d, 0xde8: 0x0008, 0xde9: 0xe01d,
+	0xdea: 0x0008, 0xdeb: 0xe03d, 0xdec: 0x0008, 0xded: 0x0359, 0xdee: 0x0441, 0xdef: 0x0351,
+	0xdf0: 0x03d1, 0xdf1: 0x0008, 0xdf2: 0xe00d, 0xdf3: 0x0008, 0xdf4: 0x0008, 0xdf5: 0xe01d,
 	0xdf6: 0x0008, 0xdf7: 0x0008, 0xdf8: 0x0008, 0xdf9: 0x0008, 0xdfa: 0x0008, 0xdfb: 0x0008,
-	0xdfc: 0x0259, 0xdfd: 0x1089, 0xdfe: 0x29a1, 0xdff: 0x29b9,
+	0xdfc: 0x00b1, 0xdfd: 0x0391, 0xdfe: 0x0951, 0xdff: 0x0959,
 	// Block 0x38, offset 0xe00
 	0xe00: 0xe00d, 0xe01: 0x0008, 0xe02: 0xe00d, 0xe03: 0x0008, 0xe04: 0xe00d, 0xe05: 0x0008,
 	0xe06: 0xe00d, 0xe07: 0x0008, 0xe08: 0xe00d, 0xe09: 0x0008, 0xe0a: 0xe00d, 0xe0b: 0x0008,
@@ -1254,7 +1397,7 @@ var idnaValues = [8192]uint16{
 	0xe76: 0x0040, 0xe77: 0x0040, 0xe78: 0x0040, 0xe79: 0x0040, 0xe7a: 0x0040, 0xe7b: 0x0040,
 	0xe7c: 0x0040, 0xe7d: 0x0040, 0xe7e: 0x0040, 0xe7f: 0x0040,
 	// Block 0x3a, offset 0xe80
-	0xe80: 0x000a, 0xe81: 0x0018, 0xe82: 0x29d1, 0xe83: 0x0018, 0xe84: 0x0018, 0xe85: 0x0008,
+	0xe80: 0x000a, 0xe81: 0x0018, 0xe82: 0x0961, 0xe83: 0x0018, 0xe84: 0x0018, 0xe85: 0x0008,
 	0xe86: 0x0008, 0xe87: 0x0008, 0xe88: 0x0018, 0xe89: 0x0018, 0xe8a: 0x0018, 0xe8b: 0x0018,
 	0xe8c: 0x0018, 0xe8d: 0x0018, 0xe8e: 0x0018, 0xe8f: 0x0018, 0xe90: 0x0018, 0xe91: 0x0018,
 	0xe92: 0x0018, 0xe93: 0x0018, 0xe94: 0x0018, 0xe95: 0x0018, 0xe96: 0x0018, 0xe97: 0x0018,
@@ -1290,17 +1433,17 @@ var idnaValues = [8192]uint16{
 	0xf36: 0x0008, 0xf37: 0x0008, 0xf38: 0x0008, 0xf39: 0x0008, 0xf3a: 0x0008, 0xf3b: 0x0008,
 	0xf3c: 0x0008, 0xf3d: 0x0008, 0xf3e: 0x0008, 0xf3f: 0x0008,
 	// Block 0x3d, offset 0xf40
-	0xf40: 0x36a2, 0xf41: 0x36d2, 0xf42: 0x3702, 0xf43: 0x3732, 0xf44: 0x32d5, 0xf45: 0x32f5,
+	0xf40: 0x0b82, 0xf41: 0x0b8a, 0xf42: 0x0b92, 0xf43: 0x0b9a, 0xf44: 0x32d5, 0xf45: 0x32f5,
 	0xf46: 0x3315, 0xf47: 0x3335, 0xf48: 0x0018, 0xf49: 0x0018, 0xf4a: 0x0018, 0xf4b: 0x0018,
-	0xf4c: 0x0018, 0xf4d: 0x0018, 0xf4e: 0x0018, 0xf4f: 0x0018, 0xf50: 0x3355, 0xf51: 0x3761,
-	0xf52: 0x3779, 0xf53: 0x3791, 0xf54: 0x37a9, 0xf55: 0x37c1, 0xf56: 0x37d9, 0xf57: 0x37f1,
-	0xf58: 0x3809, 0xf59: 0x3821, 0xf5a: 0x3839, 0xf5b: 0x3851, 0xf5c: 0x3869, 0xf5d: 0x3881,
-	0xf5e: 0x3899, 0xf5f: 0x38b1, 0xf60: 0x3375, 0xf61: 0x3395, 0xf62: 0x33b5, 0xf63: 0x33d5,
+	0xf4c: 0x0018, 0xf4d: 0x0018, 0xf4e: 0x0018, 0xf4f: 0x0018, 0xf50: 0x3355, 0xf51: 0x0ba1,
+	0xf52: 0x0ba9, 0xf53: 0x0bb1, 0xf54: 0x0bb9, 0xf55: 0x0bc1, 0xf56: 0x0bc9, 0xf57: 0x0bd1,
+	0xf58: 0x0bd9, 0xf59: 0x0be1, 0xf5a: 0x0be9, 0xf5b: 0x0bf1, 0xf5c: 0x0bf9, 0xf5d: 0x0c01,
+	0xf5e: 0x0c09, 0xf5f: 0x0c11, 0xf60: 0x3375, 0xf61: 0x3395, 0xf62: 0x33b5, 0xf63: 0x33d5,
 	0xf64: 0x33f5, 0xf65: 0x33f5, 0xf66: 0x3415, 0xf67: 0x3435, 0xf68: 0x3455, 0xf69: 0x3475,
 	0xf6a: 0x3495, 0xf6b: 0x34b5, 0xf6c: 0x34d5, 0xf6d: 0x34f5, 0xf6e: 0x3515, 0xf6f: 0x3535,
 	0xf70: 0x3555, 0xf71: 0x3575, 0xf72: 0x3595, 0xf73: 0x35b5, 0xf74: 0x35d5, 0xf75: 0x35f5,
 	0xf76: 0x3615, 0xf77: 0x3635, 0xf78: 0x3655, 0xf79: 0x3675, 0xf7a: 0x3695, 0xf7b: 0x36b5,
-	0xf7c: 0x38c9, 0xf7d: 0x3901, 0xf7e: 0x36d5, 0xf7f: 0x0018,
+	0xf7c: 0x0c19, 0xf7d: 0x0c21, 0xf7e: 0x36d5, 0xf7f: 0x0018,
 	// Block 0x3e, offset 0xf80
 	0xf80: 0x36f5, 0xf81: 0x3715, 0xf82: 0x3735, 0xf83: 0x3755, 0xf84: 0x3775, 0xf85: 0x3795,
 	0xf86: 0x37b5, 0xf87: 0x37d5, 0xf88: 0x37f5, 0xf89: 0x3815, 0xf8a: 0x3835, 0xf8b: 0x3855,
@@ -1310,13 +1453,13 @@ var idnaValues = [8192]uint16{
 	0xf9e: 0x3ab5, 0xf9f: 0x3ad5, 0xfa0: 0x3af5, 0xfa1: 0x3b15, 0xfa2: 0x3b35, 0xfa3: 0x3b55,
 	0xfa4: 0x3b75, 0xfa5: 0x3b95, 0xfa6: 0x1295, 0xfa7: 0x3bb5, 0xfa8: 0x3bd5, 0xfa9: 0x3bf5,
 	0xfaa: 0x3c15, 0xfab: 0x3c35, 0xfac: 0x3c55, 0xfad: 0x3c75, 0xfae: 0x23b5, 0xfaf: 0x3c95,
-	0xfb0: 0x3cb5, 0xfb1: 0x3939, 0xfb2: 0x3951, 0xfb3: 0x3969, 0xfb4: 0x3981, 0xfb5: 0x3999,
-	0xfb6: 0x39b1, 0xfb7: 0x39c9, 0xfb8: 0x39e1, 0xfb9: 0x39f9, 0xfba: 0x3a11, 0xfbb: 0x3a29,
-	0xfbc: 0x3a41, 0xfbd: 0x3a59, 0xfbe: 0x3a71, 0xfbf: 0x3a89,
+	0xfb0: 0x3cb5, 0xfb1: 0x0c29, 0xfb2: 0x0c31, 0xfb3: 0x0c39, 0xfb4: 0x0c41, 0xfb5: 0x0c49,
+	0xfb6: 0x0c51, 0xfb7: 0x0c59, 0xfb8: 0x0c61, 0xfb9: 0x0c69, 0xfba: 0x0c71, 0xfbb: 0x0c79,
+	0xfbc: 0x0c81, 0xfbd: 0x0c89, 0xfbe: 0x0c91, 0xfbf: 0x0c99,
 	// Block 0x3f, offset 0xfc0
-	0xfc0: 0x3aa1, 0xfc1: 0x3ac9, 0xfc2: 0x3af1, 0xfc3: 0x3b19, 0xfc4: 0x3b41, 0xfc5: 0x3b69,
-	0xfc6: 0x3b91, 0xfc7: 0x3bb9, 0xfc8: 0x3be1, 0xfc9: 0x3c09, 0xfca: 0x3c39, 0xfcb: 0x3c69,
-	0xfcc: 0x3c99, 0xfcd: 0x3cd5, 0xfce: 0x3cb1, 0xfcf: 0x3cf5, 0xfd0: 0x3d15, 0xfd1: 0x3d2d,
+	0xfc0: 0x0ca1, 0xfc1: 0x0ca9, 0xfc2: 0x0cb1, 0xfc3: 0x0cb9, 0xfc4: 0x0cc1, 0xfc5: 0x0cc9,
+	0xfc6: 0x0cd1, 0xfc7: 0x0cd9, 0xfc8: 0x0ce1, 0xfc9: 0x0ce9, 0xfca: 0x0cf1, 0xfcb: 0x0cf9,
+	0xfcc: 0x0d01, 0xfcd: 0x3cd5, 0xfce: 0x0d09, 0xfcf: 0x3cf5, 0xfd0: 0x3d15, 0xfd1: 0x3d2d,
 	0xfd2: 0x3d45, 0xfd3: 0x3d5d, 0xfd4: 0x3d75, 0xfd5: 0x3d75, 0xfd6: 0x3d5d, 0xfd7: 0x3d8d,
 	0xfd8: 0x07d5, 0xfd9: 0x3da5, 0xfda: 0x3dbd, 0xfdb: 0x3dd5, 0xfdc: 0x3ded, 0xfdd: 0x3e05,
 	0xfde: 0x3e1d, 0xfdf: 0x3e35, 0xfe0: 0x3e4d, 0xfe1: 0x3e65, 0xfe2: 0x3e7d, 0xfe3: 0x3e95,
@@ -1324,769 +1467,769 @@ var idnaValues = [8192]uint16{
 	0xfea: 0x3ef5, 0xfeb: 0x3f0d, 0xfec: 0x3f25, 0xfed: 0x3f3d, 0xfee: 0x3f55, 0xfef: 0x3f55,
 	0xff0: 0x3f6d, 0xff1: 0x3f6d, 0xff2: 0x3f6d, 0xff3: 0x3f85, 0xff4: 0x3f9d, 0xff5: 0x3fb5,
 	0xff6: 0x3fcd, 0xff7: 0x3fb5, 0xff8: 0x3fe5, 0xff9: 0x3ffd, 0xffa: 0x3f85, 0xffb: 0x4015,
-	0xffc: 0x402d, 0xffd: 0x402d, 0xffe: 0x402d, 0xfff: 0x3cc9,
+	0xffc: 0x402d, 0xffd: 0x402d, 0xffe: 0x402d, 0xfff: 0x0d11,
 	// Block 0x40, offset 0x1000
-	0x1000: 0x3d01, 0x1001: 0x3d69, 0x1002: 0x3dd1, 0x1003: 0x3e39, 0x1004: 0x3e89, 0x1005: 0x3ef1,
-	0x1006: 0x3f41, 0x1007: 0x3f91, 0x1008: 0x4011, 0x1009: 0x4079, 0x100a: 0x40c9, 0x100b: 0x4119,
-	0x100c: 0x4169, 0x100d: 0x41d1, 0x100e: 0x4239, 0x100f: 0x4289, 0x1010: 0x42d9, 0x1011: 0x4311,
-	0x1012: 0x4361, 0x1013: 0x43c9, 0x1014: 0x4431, 0x1015: 0x4469, 0x1016: 0x44e9, 0x1017: 0x4581,
-	0x1018: 0x4601, 0x1019: 0x4651, 0x101a: 0x46d1, 0x101b: 0x4751, 0x101c: 0x47b9, 0x101d: 0x4809,
-	0x101e: 0x4859, 0x101f: 0x48a9, 0x1020: 0x4911, 0x1021: 0x4991, 0x1022: 0x49f9, 0x1023: 0x4a49,
-	0x1024: 0x4a99, 0x1025: 0x4ae9, 0x1026: 0x4b21, 0x1027: 0x4b59, 0x1028: 0x4b91, 0x1029: 0x4bc9,
-	0x102a: 0x4c19, 0x102b: 0x4c69, 0x102c: 0x4ce9, 0x102d: 0x4d39, 0x102e: 0x4da1, 0x102f: 0x4e21,
-	0x1030: 0x4e71, 0x1031: 0x4ea9, 0x1032: 0x4ee1, 0x1033: 0x4f61, 0x1034: 0x4fc9, 0x1035: 0x5049,
-	0x1036: 0x5099, 0x1037: 0x5119, 0x1038: 0x5151, 0x1039: 0x51a1, 0x103a: 0x51f1, 0x103b: 0x5241,
-	0x103c: 0x5291, 0x103d: 0x52e1, 0x103e: 0x5349, 0x103f: 0x5399,
+	0x1000: 0x10f9, 0x1001: 0x1101, 0x1002: 0x40a5, 0x1003: 0x1109, 0x1004: 0x1111, 0x1005: 0x1119,
+	0x1006: 0x1121, 0x1007: 0x1129, 0x1008: 0x40c5, 0x1009: 0x1131, 0x100a: 0x1139, 0x100b: 0x1141,
+	0x100c: 0x40e5, 0x100d: 0x40e5, 0x100e: 0x1149, 0x100f: 0x1151, 0x1010: 0x1159, 0x1011: 0x4105,
+	0x1012: 0x4125, 0x1013: 0x4145, 0x1014: 0x4165, 0x1015: 0x4185, 0x1016: 0x1161, 0x1017: 0x1169,
+	0x1018: 0x1171, 0x1019: 0x1179, 0x101a: 0x1181, 0x101b: 0x41a5, 0x101c: 0x1189, 0x101d: 0x1191,
+	0x101e: 0x1199, 0x101f: 0x41c5, 0x1020: 0x41e5, 0x1021: 0x11a1, 0x1022: 0x4205, 0x1023: 0x4225,
+	0x1024: 0x4245, 0x1025: 0x11a9, 0x1026: 0x4265, 0x1027: 0x11b1, 0x1028: 0x11b9, 0x1029: 0x10f9,
+	0x102a: 0x4285, 0x102b: 0x42a5, 0x102c: 0x42c5, 0x102d: 0x42e5, 0x102e: 0x11c1, 0x102f: 0x11c9,
+	0x1030: 0x11d1, 0x1031: 0x11d9, 0x1032: 0x4305, 0x1033: 0x11e1, 0x1034: 0x11e9, 0x1035: 0x11f1,
+	0x1036: 0x4325, 0x1037: 0x11f9, 0x1038: 0x1201, 0x1039: 0x11f9, 0x103a: 0x1209, 0x103b: 0x1211,
+	0x103c: 0x4345, 0x103d: 0x1219, 0x103e: 0x1221, 0x103f: 0x1219,
 	// Block 0x41, offset 0x1040
-	0x1040: 0x53d1, 0x1041: 0x5421, 0x1042: 0x5471, 0x1043: 0x54c1, 0x1044: 0x5529, 0x1045: 0x5579,
-	0x1046: 0x55c9, 0x1047: 0x5619, 0x1048: 0x5699, 0x1049: 0x5701, 0x104a: 0x5739, 0x104b: 0x57b9,
-	0x104c: 0x57f1, 0x104d: 0x5859, 0x104e: 0x58c1, 0x104f: 0x5911, 0x1050: 0x5961, 0x1051: 0x59b1,
-	0x1052: 0x5a19, 0x1053: 0x5a51, 0x1054: 0x5aa1, 0x1055: 0x5b09, 0x1056: 0x5b41, 0x1057: 0x5bc1,
-	0x1058: 0x5c11, 0x1059: 0x5c39, 0x105a: 0x5c61, 0x105b: 0x5c89, 0x105c: 0x5cb1, 0x105d: 0x5cd9,
-	0x105e: 0x5d01, 0x105f: 0x5d29, 0x1060: 0x5d51, 0x1061: 0x5d79, 0x1062: 0x5da1, 0x1063: 0x5dd1,
-	0x1064: 0x5e01, 0x1065: 0x5e31, 0x1066: 0x5e61, 0x1067: 0x5e91, 0x1068: 0x5ec1, 0x1069: 0x5ef1,
-	0x106a: 0x5f21, 0x106b: 0x5f51, 0x106c: 0x5f81, 0x106d: 0x5fb1, 0x106e: 0x5fe1, 0x106f: 0x6011,
-	0x1070: 0x6041, 0x1071: 0x4045, 0x1072: 0x6071, 0x1073: 0x6089, 0x1074: 0x4065, 0x1075: 0x60a1,
-	0x1076: 0x60b9, 0x1077: 0x60d1, 0x1078: 0x4085, 0x1079: 0x4085, 0x107a: 0x60e9, 0x107b: 0x6101,
-	0x107c: 0x6139, 0x107d: 0x6171, 0x107e: 0x61a9, 0x107f: 0x61e1,
+	0x1040: 0x4365, 0x1041: 0x4385, 0x1042: 0x0040, 0x1043: 0x1229, 0x1044: 0x1231, 0x1045: 0x1239,
+	0x1046: 0x1241, 0x1047: 0x0040, 0x1048: 0x1249, 0x1049: 0x1251, 0x104a: 0x1259, 0x104b: 0x1261,
+	0x104c: 0x1269, 0x104d: 0x1271, 0x104e: 0x1199, 0x104f: 0x1279, 0x1050: 0x1281, 0x1051: 0x1289,
+	0x1052: 0x43a5, 0x1053: 0x1291, 0x1054: 0x1121, 0x1055: 0x43c5, 0x1056: 0x43e5, 0x1057: 0x1299,
+	0x1058: 0x0040, 0x1059: 0x4405, 0x105a: 0x12a1, 0x105b: 0x12a9, 0x105c: 0x12b1, 0x105d: 0x12b9,
+	0x105e: 0x12c1, 0x105f: 0x12c9, 0x1060: 0x12d1, 0x1061: 0x12d9, 0x1062: 0x12e1, 0x1063: 0x12e9,
+	0x1064: 0x12f1, 0x1065: 0x12f9, 0x1066: 0x1301, 0x1067: 0x1309, 0x1068: 0x1311, 0x1069: 0x1319,
+	0x106a: 0x1321, 0x106b: 0x1329, 0x106c: 0x1331, 0x106d: 0x1339, 0x106e: 0x1341, 0x106f: 0x1349,
+	0x1070: 0x1351, 0x1071: 0x1359, 0x1072: 0x1361, 0x1073: 0x1369, 0x1074: 0x1371, 0x1075: 0x1379,
+	0x1076: 0x1381, 0x1077: 0x1389, 0x1078: 0x1391, 0x1079: 0x1399, 0x107a: 0x13a1, 0x107b: 0x13a9,
+	0x107c: 0x13b1, 0x107d: 0x13b9, 0x107e: 0x13c1, 0x107f: 0x4425,
 	// Block 0x42, offset 0x1080
-	0x1080: 0x6249, 0x1081: 0x6261, 0x1082: 0x40a5, 0x1083: 0x6279, 0x1084: 0x6291, 0x1085: 0x62a9,
-	0x1086: 0x62c1, 0x1087: 0x62d9, 0x1088: 0x40c5, 0x1089: 0x62f1, 0x108a: 0x6319, 0x108b: 0x6331,
-	0x108c: 0x40e5, 0x108d: 0x40e5, 0x108e: 0x6349, 0x108f: 0x6361, 0x1090: 0x6379, 0x1091: 0x4105,
-	0x1092: 0x4125, 0x1093: 0x4145, 0x1094: 0x4165, 0x1095: 0x4185, 0x1096: 0x6391, 0x1097: 0x63a9,
-	0x1098: 0x63c1, 0x1099: 0x63d9, 0x109a: 0x63f1, 0x109b: 0x41a5, 0x109c: 0x6409, 0x109d: 0x6421,
-	0x109e: 0x6439, 0x109f: 0x41c5, 0x10a0: 0x41e5, 0x10a1: 0x6451, 0x10a2: 0x4205, 0x10a3: 0x4225,
-	0x10a4: 0x4245, 0x10a5: 0x6469, 0x10a6: 0x4265, 0x10a7: 0x6481, 0x10a8: 0x64b1, 0x10a9: 0x6249,
-	0x10aa: 0x4285, 0x10ab: 0x42a5, 0x10ac: 0x42c5, 0x10ad: 0x42e5, 0x10ae: 0x64e9, 0x10af: 0x6529,
-	0x10b0: 0x6571, 0x10b1: 0x6589, 0x10b2: 0x4305, 0x10b3: 0x65a1, 0x10b4: 0x65b9, 0x10b5: 0x65d1,
-	0x10b6: 0x4325, 0x10b7: 0x65e9, 0x10b8: 0x6601, 0x10b9: 0x65e9, 0x10ba: 0x6619, 0x10bb: 0x6631,
-	0x10bc: 0x4345, 0x10bd: 0x6649, 0x10be: 0x6661, 0x10bf: 0x6649,
+	0x1080: 0xe00d, 0x1081: 0x0008, 0x1082: 0xe00d, 0x1083: 0x0008, 0x1084: 0xe00d, 0x1085: 0x0008,
+	0x1086: 0xe00d, 0x1087: 0x0008, 0x1088: 0xe00d, 0x1089: 0x0008, 0x108a: 0xe00d, 0x108b: 0x0008,
+	0x108c: 0xe00d, 0x108d: 0x0008, 0x108e: 0xe00d, 0x108f: 0x0008, 0x1090: 0xe00d, 0x1091: 0x0008,
+	0x1092: 0xe00d, 0x1093: 0x0008, 0x1094: 0xe00d, 0x1095: 0x0008, 0x1096: 0xe00d, 0x1097: 0x0008,
+	0x1098: 0xe00d, 0x1099: 0x0008, 0x109a: 0xe00d, 0x109b: 0x0008, 0x109c: 0xe00d, 0x109d: 0x0008,
+	0x109e: 0xe00d, 0x109f: 0x0008, 0x10a0: 0xe00d, 0x10a1: 0x0008, 0x10a2: 0xe00d, 0x10a3: 0x0008,
+	0x10a4: 0xe00d, 0x10a5: 0x0008, 0x10a6: 0xe00d, 0x10a7: 0x0008, 0x10a8: 0xe00d, 0x10a9: 0x0008,
+	0x10aa: 0xe00d, 0x10ab: 0x0008, 0x10ac: 0xe00d, 0x10ad: 0x0008, 0x10ae: 0x0008, 0x10af: 0x3308,
+	0x10b0: 0x3318, 0x10b1: 0x3318, 0x10b2: 0x3318, 0x10b3: 0x0018, 0x10b4: 0x3308, 0x10b5: 0x3308,
+	0x10b6: 0x3308, 0x10b7: 0x3308, 0x10b8: 0x3308, 0x10b9: 0x3308, 0x10ba: 0x3308, 0x10bb: 0x3308,
+	0x10bc: 0x3308, 0x10bd: 0x3308, 0x10be: 0x0018, 0x10bf: 0x0008,
 	// Block 0x43, offset 0x10c0
-	0x10c0: 0x4365, 0x10c1: 0x4385, 0x10c2: 0x0040, 0x10c3: 0x6679, 0x10c4: 0x6691, 0x10c5: 0x66a9,
-	0x10c6: 0x66c1, 0x10c7: 0x0040, 0x10c8: 0x66f9, 0x10c9: 0x6711, 0x10ca: 0x6729, 0x10cb: 0x6741,
-	0x10cc: 0x6759, 0x10cd: 0x6771, 0x10ce: 0x6439, 0x10cf: 0x6789, 0x10d0: 0x67a1, 0x10d1: 0x67b9,
-	0x10d2: 0x43a5, 0x10d3: 0x67d1, 0x10d4: 0x62c1, 0x10d5: 0x43c5, 0x10d6: 0x43e5, 0x10d7: 0x67e9,
-	0x10d8: 0x0040, 0x10d9: 0x4405, 0x10da: 0x6801, 0x10db: 0x6819, 0x10dc: 0x6831, 0x10dd: 0x6849,
-	0x10de: 0x6861, 0x10df: 0x6891, 0x10e0: 0x68c1, 0x10e1: 0x68e9, 0x10e2: 0x6911, 0x10e3: 0x6939,
-	0x10e4: 0x6961, 0x10e5: 0x6989, 0x10e6: 0x69b1, 0x10e7: 0x69d9, 0x10e8: 0x6a01, 0x10e9: 0x6a29,
-	0x10ea: 0x6a59, 0x10eb: 0x6a89, 0x10ec: 0x6ab9, 0x10ed: 0x6ae9, 0x10ee: 0x6b19, 0x10ef: 0x6b49,
-	0x10f0: 0x6b79, 0x10f1: 0x6ba9, 0x10f2: 0x6bd9, 0x10f3: 0x6c09, 0x10f4: 0x6c39, 0x10f5: 0x6c69,
-	0x10f6: 0x6c99, 0x10f7: 0x6cc9, 0x10f8: 0x6cf9, 0x10f9: 0x6d29, 0x10fa: 0x6d59, 0x10fb: 0x6d89,
-	0x10fc: 0x6db9, 0x10fd: 0x6de9, 0x10fe: 0x6e19, 0x10ff: 0x4425,
+	0x10c0: 0xe00d, 0x10c1: 0x0008, 0x10c2: 0xe00d, 0x10c3: 0x0008, 0x10c4: 0xe00d, 0x10c5: 0x0008,
+	0x10c6: 0xe00d, 0x10c7: 0x0008, 0x10c8: 0xe00d, 0x10c9: 0x0008, 0x10ca: 0xe00d, 0x10cb: 0x0008,
+	0x10cc: 0xe00d, 0x10cd: 0x0008, 0x10ce: 0xe00d, 0x10cf: 0x0008, 0x10d0: 0xe00d, 0x10d1: 0x0008,
+	0x10d2: 0xe00d, 0x10d3: 0x0008, 0x10d4: 0xe00d, 0x10d5: 0x0008, 0x10d6: 0xe00d, 0x10d7: 0x0008,
+	0x10d8: 0xe00d, 0x10d9: 0x0008, 0x10da: 0xe00d, 0x10db: 0x0008, 0x10dc: 0x02d1, 0x10dd: 0x13c9,
+	0x10de: 0x3308, 0x10df: 0x3308, 0x10e0: 0x0008, 0x10e1: 0x0008, 0x10e2: 0x0008, 0x10e3: 0x0008,
+	0x10e4: 0x0008, 0x10e5: 0x0008, 0x10e6: 0x0008, 0x10e7: 0x0008, 0x10e8: 0x0008, 0x10e9: 0x0008,
+	0x10ea: 0x0008, 0x10eb: 0x0008, 0x10ec: 0x0008, 0x10ed: 0x0008, 0x10ee: 0x0008, 0x10ef: 0x0008,
+	0x10f0: 0x0008, 0x10f1: 0x0008, 0x10f2: 0x0008, 0x10f3: 0x0008, 0x10f4: 0x0008, 0x10f5: 0x0008,
+	0x10f6: 0x0008, 0x10f7: 0x0008, 0x10f8: 0x0008, 0x10f9: 0x0008, 0x10fa: 0x0008, 0x10fb: 0x0008,
+	0x10fc: 0x0008, 0x10fd: 0x0008, 0x10fe: 0x0008, 0x10ff: 0x0008,
 	// Block 0x44, offset 0x1100
-	0x1100: 0xe00d, 0x1101: 0x0008, 0x1102: 0xe00d, 0x1103: 0x0008, 0x1104: 0xe00d, 0x1105: 0x0008,
-	0x1106: 0xe00d, 0x1107: 0x0008, 0x1108: 0xe00d, 0x1109: 0x0008, 0x110a: 0xe00d, 0x110b: 0x0008,
-	0x110c: 0xe00d, 0x110d: 0x0008, 0x110e: 0xe00d, 0x110f: 0x0008, 0x1110: 0xe00d, 0x1111: 0x0008,
-	0x1112: 0xe00d, 0x1113: 0x0008, 0x1114: 0xe00d, 0x1115: 0x0008, 0x1116: 0xe00d, 0x1117: 0x0008,
-	0x1118: 0xe00d, 0x1119: 0x0008, 0x111a: 0xe00d, 0x111b: 0x0008, 0x111c: 0xe00d, 0x111d: 0x0008,
-	0x111e: 0xe00d, 0x111f: 0x0008, 0x1120: 0xe00d, 0x1121: 0x0008, 0x1122: 0xe00d, 0x1123: 0x0008,
+	0x1100: 0x0018, 0x1101: 0x0018, 0x1102: 0x0018, 0x1103: 0x0018, 0x1104: 0x0018, 0x1105: 0x0018,
+	0x1106: 0x0018, 0x1107: 0x0018, 0x1108: 0x0018, 0x1109: 0x0018, 0x110a: 0x0018, 0x110b: 0x0018,
+	0x110c: 0x0018, 0x110d: 0x0018, 0x110e: 0x0018, 0x110f: 0x0018, 0x1110: 0x0018, 0x1111: 0x0018,
+	0x1112: 0x0018, 0x1113: 0x0018, 0x1114: 0x0018, 0x1115: 0x0018, 0x1116: 0x0018, 0x1117: 0x0008,
+	0x1118: 0x0008, 0x1119: 0x0008, 0x111a: 0x0008, 0x111b: 0x0008, 0x111c: 0x0008, 0x111d: 0x0008,
+	0x111e: 0x0008, 0x111f: 0x0008, 0x1120: 0x0018, 0x1121: 0x0018, 0x1122: 0xe00d, 0x1123: 0x0008,
 	0x1124: 0xe00d, 0x1125: 0x0008, 0x1126: 0xe00d, 0x1127: 0x0008, 0x1128: 0xe00d, 0x1129: 0x0008,
-	0x112a: 0xe00d, 0x112b: 0x0008, 0x112c: 0xe00d, 0x112d: 0x0008, 0x112e: 0x0008, 0x112f: 0x3308,
-	0x1130: 0x3318, 0x1131: 0x3318, 0x1132: 0x3318, 0x1133: 0x0018, 0x1134: 0x3308, 0x1135: 0x3308,
-	0x1136: 0x3308, 0x1137: 0x3308, 0x1138: 0x3308, 0x1139: 0x3308, 0x113a: 0x3308, 0x113b: 0x3308,
-	0x113c: 0x3308, 0x113d: 0x3308, 0x113e: 0x0018, 0x113f: 0x0008,
+	0x112a: 0xe00d, 0x112b: 0x0008, 0x112c: 0xe00d, 0x112d: 0x0008, 0x112e: 0xe00d, 0x112f: 0x0008,
+	0x1130: 0x0008, 0x1131: 0x0008, 0x1132: 0xe00d, 0x1133: 0x0008, 0x1134: 0xe00d, 0x1135: 0x0008,
+	0x1136: 0xe00d, 0x1137: 0x0008, 0x1138: 0xe00d, 0x1139: 0x0008, 0x113a: 0xe00d, 0x113b: 0x0008,
+	0x113c: 0xe00d, 0x113d: 0x0008, 0x113e: 0xe00d, 0x113f: 0x0008,
 	// Block 0x45, offset 0x1140
 	0x1140: 0xe00d, 0x1141: 0x0008, 0x1142: 0xe00d, 0x1143: 0x0008, 0x1144: 0xe00d, 0x1145: 0x0008,
 	0x1146: 0xe00d, 0x1147: 0x0008, 0x1148: 0xe00d, 0x1149: 0x0008, 0x114a: 0xe00d, 0x114b: 0x0008,
 	0x114c: 0xe00d, 0x114d: 0x0008, 0x114e: 0xe00d, 0x114f: 0x0008, 0x1150: 0xe00d, 0x1151: 0x0008,
 	0x1152: 0xe00d, 0x1153: 0x0008, 0x1154: 0xe00d, 0x1155: 0x0008, 0x1156: 0xe00d, 0x1157: 0x0008,
-	0x1158: 0xe00d, 0x1159: 0x0008, 0x115a: 0xe00d, 0x115b: 0x0008, 0x115c: 0x0ea1, 0x115d: 0x6e49,
-	0x115e: 0x3308, 0x115f: 0x3308, 0x1160: 0x0008, 0x1161: 0x0008, 0x1162: 0x0008, 0x1163: 0x0008,
-	0x1164: 0x0008, 0x1165: 0x0008, 0x1166: 0x0008, 0x1167: 0x0008, 0x1168: 0x0008, 0x1169: 0x0008,
-	0x116a: 0x0008, 0x116b: 0x0008, 0x116c: 0x0008, 0x116d: 0x0008, 0x116e: 0x0008, 0x116f: 0x0008,
-	0x1170: 0x0008, 0x1171: 0x0008, 0x1172: 0x0008, 0x1173: 0x0008, 0x1174: 0x0008, 0x1175: 0x0008,
-	0x1176: 0x0008, 0x1177: 0x0008, 0x1178: 0x0008, 0x1179: 0x0008, 0x117a: 0x0008, 0x117b: 0x0008,
-	0x117c: 0x0008, 0x117d: 0x0008, 0x117e: 0x0008, 0x117f: 0x0008,
+	0x1158: 0xe00d, 0x1159: 0x0008, 0x115a: 0xe00d, 0x115b: 0x0008, 0x115c: 0xe00d, 0x115d: 0x0008,
+	0x115e: 0xe00d, 0x115f: 0x0008, 0x1160: 0xe00d, 0x1161: 0x0008, 0x1162: 0xe00d, 0x1163: 0x0008,
+	0x1164: 0xe00d, 0x1165: 0x0008, 0x1166: 0xe00d, 0x1167: 0x0008, 0x1168: 0xe00d, 0x1169: 0x0008,
+	0x116a: 0xe00d, 0x116b: 0x0008, 0x116c: 0xe00d, 0x116d: 0x0008, 0x116e: 0xe00d, 0x116f: 0x0008,
+	0x1170: 0xe0fd, 0x1171: 0x0008, 0x1172: 0x0008, 0x1173: 0x0008, 0x1174: 0x0008, 0x1175: 0x0008,
+	0x1176: 0x0008, 0x1177: 0x0008, 0x1178: 0x0008, 0x1179: 0xe01d, 0x117a: 0x0008, 0x117b: 0xe03d,
+	0x117c: 0x0008, 0x117d: 0x4445, 0x117e: 0xe00d, 0x117f: 0x0008,
 	// Block 0x46, offset 0x1180
-	0x1180: 0x0018, 0x1181: 0x0018, 0x1182: 0x0018, 0x1183: 0x0018, 0x1184: 0x0018, 0x1185: 0x0018,
-	0x1186: 0x0018, 0x1187: 0x0018, 0x1188: 0x0018, 0x1189: 0x0018, 0x118a: 0x0018, 0x118b: 0x0018,
-	0x118c: 0x0018, 0x118d: 0x0018, 0x118e: 0x0018, 0x118f: 0x0018, 0x1190: 0x0018, 0x1191: 0x0018,
-	0x1192: 0x0018, 0x1193: 0x0018, 0x1194: 0x0018, 0x1195: 0x0018, 0x1196: 0x0018, 0x1197: 0x0008,
-	0x1198: 0x0008, 0x1199: 0x0008, 0x119a: 0x0008, 0x119b: 0x0008, 0x119c: 0x0008, 0x119d: 0x0008,
-	0x119e: 0x0008, 0x119f: 0x0008, 0x11a0: 0x0018, 0x11a1: 0x0018, 0x11a2: 0xe00d, 0x11a3: 0x0008,
+	0x1180: 0xe00d, 0x1181: 0x0008, 0x1182: 0xe00d, 0x1183: 0x0008, 0x1184: 0xe00d, 0x1185: 0x0008,
+	0x1186: 0xe00d, 0x1187: 0x0008, 0x1188: 0x0008, 0x1189: 0x0018, 0x118a: 0x0018, 0x118b: 0xe03d,
+	0x118c: 0x0008, 0x118d: 0x0409, 0x118e: 0x0008, 0x118f: 0x0008, 0x1190: 0xe00d, 0x1191: 0x0008,
+	0x1192: 0xe00d, 0x1193: 0x0008, 0x1194: 0x0008, 0x1195: 0x0008, 0x1196: 0xe00d, 0x1197: 0x0008,
+	0x1198: 0xe00d, 0x1199: 0x0008, 0x119a: 0xe00d, 0x119b: 0x0008, 0x119c: 0xe00d, 0x119d: 0x0008,
+	0x119e: 0xe00d, 0x119f: 0x0008, 0x11a0: 0xe00d, 0x11a1: 0x0008, 0x11a2: 0xe00d, 0x11a3: 0x0008,
 	0x11a4: 0xe00d, 0x11a5: 0x0008, 0x11a6: 0xe00d, 0x11a7: 0x0008, 0x11a8: 0xe00d, 0x11a9: 0x0008,
-	0x11aa: 0xe00d, 0x11ab: 0x0008, 0x11ac: 0xe00d, 0x11ad: 0x0008, 0x11ae: 0xe00d, 0x11af: 0x0008,
-	0x11b0: 0x0008, 0x11b1: 0x0008, 0x11b2: 0xe00d, 0x11b3: 0x0008, 0x11b4: 0xe00d, 0x11b5: 0x0008,
+	0x11aa: 0x13d1, 0x11ab: 0x0371, 0x11ac: 0x0401, 0x11ad: 0x13d9, 0x11ae: 0x0421, 0x11af: 0x0008,
+	0x11b0: 0x13e1, 0x11b1: 0x13e9, 0x11b2: 0x0429, 0x11b3: 0x4465, 0x11b4: 0xe00d, 0x11b5: 0x0008,
 	0x11b6: 0xe00d, 0x11b7: 0x0008, 0x11b8: 0xe00d, 0x11b9: 0x0008, 0x11ba: 0xe00d, 0x11bb: 0x0008,
 	0x11bc: 0xe00d, 0x11bd: 0x0008, 0x11be: 0xe00d, 0x11bf: 0x0008,
 	// Block 0x47, offset 0x11c0
-	0x11c0: 0xe00d, 0x11c1: 0x0008, 0x11c2: 0xe00d, 0x11c3: 0x0008, 0x11c4: 0xe00d, 0x11c5: 0x0008,
-	0x11c6: 0xe00d, 0x11c7: 0x0008, 0x11c8: 0xe00d, 0x11c9: 0x0008, 0x11ca: 0xe00d, 0x11cb: 0x0008,
-	0x11cc: 0xe00d, 0x11cd: 0x0008, 0x11ce: 0xe00d, 0x11cf: 0x0008, 0x11d0: 0xe00d, 0x11d1: 0x0008,
-	0x11d2: 0xe00d, 0x11d3: 0x0008, 0x11d4: 0xe00d, 0x11d5: 0x0008, 0x11d6: 0xe00d, 0x11d7: 0x0008,
-	0x11d8: 0xe00d, 0x11d9: 0x0008, 0x11da: 0xe00d, 0x11db: 0x0008, 0x11dc: 0xe00d, 0x11dd: 0x0008,
-	0x11de: 0xe00d, 0x11df: 0x0008, 0x11e0: 0xe00d, 0x11e1: 0x0008, 0x11e2: 0xe00d, 0x11e3: 0x0008,
-	0x11e4: 0xe00d, 0x11e5: 0x0008, 0x11e6: 0xe00d, 0x11e7: 0x0008, 0x11e8: 0xe00d, 0x11e9: 0x0008,
-	0x11ea: 0xe00d, 0x11eb: 0x0008, 0x11ec: 0xe00d, 0x11ed: 0x0008, 0x11ee: 0xe00d, 0x11ef: 0x0008,
-	0x11f0: 0xe0fd, 0x11f1: 0x0008, 0x11f2: 0x0008, 0x11f3: 0x0008, 0x11f4: 0x0008, 0x11f5: 0x0008,
-	0x11f6: 0x0008, 0x11f7: 0x0008, 0x11f8: 0x0008, 0x11f9: 0xe01d, 0x11fa: 0x0008, 0x11fb: 0xe03d,
-	0x11fc: 0x0008, 0x11fd: 0x4445, 0x11fe: 0xe00d, 0x11ff: 0x0008,
+	0x11c0: 0x650d, 0x11c1: 0x652d, 0x11c2: 0x654d, 0x11c3: 0x656d, 0x11c4: 0x658d, 0x11c5: 0x65ad,
+	0x11c6: 0x65cd, 0x11c7: 0x65ed, 0x11c8: 0x660d, 0x11c9: 0x662d, 0x11ca: 0x664d, 0x11cb: 0x666d,
+	0x11cc: 0x668d, 0x11cd: 0x66ad, 0x11ce: 0x0008, 0x11cf: 0x0008, 0x11d0: 0x66cd, 0x11d1: 0x0008,
+	0x11d2: 0x66ed, 0x11d3: 0x0008, 0x11d4: 0x0008, 0x11d5: 0x670d, 0x11d6: 0x672d, 0x11d7: 0x674d,
+	0x11d8: 0x676d, 0x11d9: 0x678d, 0x11da: 0x67ad, 0x11db: 0x67cd, 0x11dc: 0x67ed, 0x11dd: 0x680d,
+	0x11de: 0x682d, 0x11df: 0x0008, 0x11e0: 0x684d, 0x11e1: 0x0008, 0x11e2: 0x686d, 0x11e3: 0x0008,
+	0x11e4: 0x0008, 0x11e5: 0x688d, 0x11e6: 0x68ad, 0x11e7: 0x0008, 0x11e8: 0x0008, 0x11e9: 0x0008,
+	0x11ea: 0x68cd, 0x11eb: 0x68ed, 0x11ec: 0x690d, 0x11ed: 0x692d, 0x11ee: 0x694d, 0x11ef: 0x696d,
+	0x11f0: 0x698d, 0x11f1: 0x69ad, 0x11f2: 0x69cd, 0x11f3: 0x69ed, 0x11f4: 0x6a0d, 0x11f5: 0x6a2d,
+	0x11f6: 0x6a4d, 0x11f7: 0x6a6d, 0x11f8: 0x6a8d, 0x11f9: 0x6aad, 0x11fa: 0x6acd, 0x11fb: 0x6aed,
+	0x11fc: 0x6b0d, 0x11fd: 0x6b2d, 0x11fe: 0x6b4d, 0x11ff: 0x6b6d,
 	// Block 0x48, offset 0x1200
-	0x1200: 0xe00d, 0x1201: 0x0008, 0x1202: 0xe00d, 0x1203: 0x0008, 0x1204: 0xe00d, 0x1205: 0x0008,
-	0x1206: 0xe00d, 0x1207: 0x0008, 0x1208: 0x0008, 0x1209: 0x0018, 0x120a: 0x0018, 0x120b: 0xe03d,
-	0x120c: 0x0008, 0x120d: 0x11d9, 0x120e: 0x0008, 0x120f: 0x0008, 0x1210: 0xe00d, 0x1211: 0x0008,
-	0x1212: 0xe00d, 0x1213: 0x0008, 0x1214: 0x0008, 0x1215: 0x0008, 0x1216: 0xe00d, 0x1217: 0x0008,
-	0x1218: 0xe00d, 0x1219: 0x0008, 0x121a: 0xe00d, 0x121b: 0x0008, 0x121c: 0xe00d, 0x121d: 0x0008,
-	0x121e: 0xe00d, 0x121f: 0x0008, 0x1220: 0xe00d, 0x1221: 0x0008, 0x1222: 0xe00d, 0x1223: 0x0008,
-	0x1224: 0xe00d, 0x1225: 0x0008, 0x1226: 0xe00d, 0x1227: 0x0008, 0x1228: 0xe00d, 0x1229: 0x0008,
-	0x122a: 0x6e61, 0x122b: 0x1029, 0x122c: 0x11c1, 0x122d: 0x6e79, 0x122e: 0x1221, 0x122f: 0x0008,
-	0x1230: 0x6e91, 0x1231: 0x6ea9, 0x1232: 0x1239, 0x1233: 0x4465, 0x1234: 0xe00d, 0x1235: 0x0008,
-	0x1236: 0xe00d, 0x1237: 0x0008, 0x1238: 0xe00d, 0x1239: 0x0008, 0x123a: 0xe00d, 0x123b: 0x0008,
-	0x123c: 0xe00d, 0x123d: 0x0008, 0x123e: 0xe00d, 0x123f: 0x0008,
+	0x1200: 0x7acd, 0x1201: 0x7aed, 0x1202: 0x7b0d, 0x1203: 0x7b2d, 0x1204: 0x7b4d, 0x1205: 0x7b6d,
+	0x1206: 0x7b8d, 0x1207: 0x7bad, 0x1208: 0x7bcd, 0x1209: 0x7bed, 0x120a: 0x7c0d, 0x120b: 0x7c2d,
+	0x120c: 0x7c4d, 0x120d: 0x7c6d, 0x120e: 0x7c8d, 0x120f: 0x1409, 0x1210: 0x1411, 0x1211: 0x1419,
+	0x1212: 0x7cad, 0x1213: 0x7ccd, 0x1214: 0x7ced, 0x1215: 0x1421, 0x1216: 0x1429, 0x1217: 0x1431,
+	0x1218: 0x7d0d, 0x1219: 0x7d2d, 0x121a: 0x0040, 0x121b: 0x0040, 0x121c: 0x0040, 0x121d: 0x0040,
+	0x121e: 0x0040, 0x121f: 0x0040, 0x1220: 0x0040, 0x1221: 0x0040, 0x1222: 0x0040, 0x1223: 0x0040,
+	0x1224: 0x0040, 0x1225: 0x0040, 0x1226: 0x0040, 0x1227: 0x0040, 0x1228: 0x0040, 0x1229: 0x0040,
+	0x122a: 0x0040, 0x122b: 0x0040, 0x122c: 0x0040, 0x122d: 0x0040, 0x122e: 0x0040, 0x122f: 0x0040,
+	0x1230: 0x0040, 0x1231: 0x0040, 0x1232: 0x0040, 0x1233: 0x0040, 0x1234: 0x0040, 0x1235: 0x0040,
+	0x1236: 0x0040, 0x1237: 0x0040, 0x1238: 0x0040, 0x1239: 0x0040, 0x123a: 0x0040, 0x123b: 0x0040,
+	0x123c: 0x0040, 0x123d: 0x0040, 0x123e: 0x0040, 0x123f: 0x0040,
 	// Block 0x49, offset 0x1240
-	0x1240: 0x650d, 0x1241: 0x652d, 0x1242: 0x654d, 0x1243: 0x656d, 0x1244: 0x658d, 0x1245: 0x65ad,
-	0x1246: 0x65cd, 0x1247: 0x65ed, 0x1248: 0x660d, 0x1249: 0x662d, 0x124a: 0x664d, 0x124b: 0x666d,
-	0x124c: 0x668d, 0x124d: 0x66ad, 0x124e: 0x0008, 0x124f: 0x0008, 0x1250: 0x66cd, 0x1251: 0x0008,
-	0x1252: 0x66ed, 0x1253: 0x0008, 0x1254: 0x0008, 0x1255: 0x670d, 0x1256: 0x672d, 0x1257: 0x674d,
-	0x1258: 0x676d, 0x1259: 0x678d, 0x125a: 0x67ad, 0x125b: 0x67cd, 0x125c: 0x67ed, 0x125d: 0x680d,
-	0x125e: 0x682d, 0x125f: 0x0008, 0x1260: 0x684d, 0x1261: 0x0008, 0x1262: 0x686d, 0x1263: 0x0008,
-	0x1264: 0x0008, 0x1265: 0x688d, 0x1266: 0x68ad, 0x1267: 0x0008, 0x1268: 0x0008, 0x1269: 0x0008,
-	0x126a: 0x68cd, 0x126b: 0x68ed, 0x126c: 0x690d, 0x126d: 0x692d, 0x126e: 0x694d, 0x126f: 0x696d,
-	0x1270: 0x698d, 0x1271: 0x69ad, 0x1272: 0x69cd, 0x1273: 0x69ed, 0x1274: 0x6a0d, 0x1275: 0x6a2d,
-	0x1276: 0x6a4d, 0x1277: 0x6a6d, 0x1278: 0x6a8d, 0x1279: 0x6aad, 0x127a: 0x6acd, 0x127b: 0x6aed,
-	0x127c: 0x6b0d, 0x127d: 0x6b2d, 0x127e: 0x6b4d, 0x127f: 0x6b6d,
+	0x1240: 0x1439, 0x1241: 0x1441, 0x1242: 0x1449, 0x1243: 0x7d4d, 0x1244: 0x7d6d, 0x1245: 0x1451,
+	0x1246: 0x1451, 0x1247: 0x0040, 0x1248: 0x0040, 0x1249: 0x0040, 0x124a: 0x0040, 0x124b: 0x0040,
+	0x124c: 0x0040, 0x124d: 0x0040, 0x124e: 0x0040, 0x124f: 0x0040, 0x1250: 0x0040, 0x1251: 0x0040,
+	0x1252: 0x0040, 0x1253: 0x1459, 0x1254: 0x1461, 0x1255: 0x1469, 0x1256: 0x1471, 0x1257: 0x1479,
+	0x1258: 0x0040, 0x1259: 0x0040, 0x125a: 0x0040, 0x125b: 0x0040, 0x125c: 0x0040, 0x125d: 0x1481,
+	0x125e: 0x3308, 0x125f: 0x1489, 0x1260: 0x1491, 0x1261: 0x0779, 0x1262: 0x0791, 0x1263: 0x1499,
+	0x1264: 0x14a1, 0x1265: 0x14a9, 0x1266: 0x14b1, 0x1267: 0x14b9, 0x1268: 0x14c1, 0x1269: 0x071a,
+	0x126a: 0x14c9, 0x126b: 0x14d1, 0x126c: 0x14d9, 0x126d: 0x14e1, 0x126e: 0x14e9, 0x126f: 0x14f1,
+	0x1270: 0x14f9, 0x1271: 0x1501, 0x1272: 0x1509, 0x1273: 0x1511, 0x1274: 0x1519, 0x1275: 0x1521,
+	0x1276: 0x1529, 0x1277: 0x0040, 0x1278: 0x1531, 0x1279: 0x1539, 0x127a: 0x1541, 0x127b: 0x1549,
+	0x127c: 0x1551, 0x127d: 0x0040, 0x127e: 0x1559, 0x127f: 0x0040,
 	// Block 0x4a, offset 0x1280
-	0x1280: 0x7acd, 0x1281: 0x7aed, 0x1282: 0x7b0d, 0x1283: 0x7b2d, 0x1284: 0x7b4d, 0x1285: 0x7b6d,
-	0x1286: 0x7b8d, 0x1287: 0x7bad, 0x1288: 0x7bcd, 0x1289: 0x7bed, 0x128a: 0x7c0d, 0x128b: 0x7c2d,
-	0x128c: 0x7c4d, 0x128d: 0x7c6d, 0x128e: 0x7c8d, 0x128f: 0x6f19, 0x1290: 0x6f41, 0x1291: 0x6f69,
-	0x1292: 0x7cad, 0x1293: 0x7ccd, 0x1294: 0x7ced, 0x1295: 0x6f91, 0x1296: 0x6fb9, 0x1297: 0x6fe1,
-	0x1298: 0x7d0d, 0x1299: 0x7d2d, 0x129a: 0x0040, 0x129b: 0x0040, 0x129c: 0x0040, 0x129d: 0x0040,
-	0x129e: 0x0040, 0x129f: 0x0040, 0x12a0: 0x0040, 0x12a1: 0x0040, 0x12a2: 0x0040, 0x12a3: 0x0040,
-	0x12a4: 0x0040, 0x12a5: 0x0040, 0x12a6: 0x0040, 0x12a7: 0x0040, 0x12a8: 0x0040, 0x12a9: 0x0040,
-	0x12aa: 0x0040, 0x12ab: 0x0040, 0x12ac: 0x0040, 0x12ad: 0x0040, 0x12ae: 0x0040, 0x12af: 0x0040,
-	0x12b0: 0x0040, 0x12b1: 0x0040, 0x12b2: 0x0040, 0x12b3: 0x0040, 0x12b4: 0x0040, 0x12b5: 0x0040,
-	0x12b6: 0x0040, 0x12b7: 0x0040, 0x12b8: 0x0040, 0x12b9: 0x0040, 0x12ba: 0x0040, 0x12bb: 0x0040,
-	0x12bc: 0x0040, 0x12bd: 0x0040, 0x12be: 0x0040, 0x12bf: 0x0040,
+	0x1280: 0x1561, 0x1281: 0x1569, 0x1282: 0x0040, 0x1283: 0x1571, 0x1284: 0x1579, 0x1285: 0x0040,
+	0x1286: 0x1581, 0x1287: 0x1589, 0x1288: 0x1591, 0x1289: 0x1599, 0x128a: 0x15a1, 0x128b: 0x15a9,
+	0x128c: 0x15b1, 0x128d: 0x15b9, 0x128e: 0x15c1, 0x128f: 0x15c9, 0x1290: 0x15d1, 0x1291: 0x15d1,
+	0x1292: 0x15d9, 0x1293: 0x15d9, 0x1294: 0x15d9, 0x1295: 0x15d9, 0x1296: 0x15e1, 0x1297: 0x15e1,
+	0x1298: 0x15e1, 0x1299: 0x15e1, 0x129a: 0x15e9, 0x129b: 0x15e9, 0x129c: 0x15e9, 0x129d: 0x15e9,
+	0x129e: 0x15f1, 0x129f: 0x15f1, 0x12a0: 0x15f1, 0x12a1: 0x15f1, 0x12a2: 0x15f9, 0x12a3: 0x15f9,
+	0x12a4: 0x15f9, 0x12a5: 0x15f9, 0x12a6: 0x1601, 0x12a7: 0x1601, 0x12a8: 0x1601, 0x12a9: 0x1601,
+	0x12aa: 0x1609, 0x12ab: 0x1609, 0x12ac: 0x1609, 0x12ad: 0x1609, 0x12ae: 0x1611, 0x12af: 0x1611,
+	0x12b0: 0x1611, 0x12b1: 0x1611, 0x12b2: 0x1619, 0x12b3: 0x1619, 0x12b4: 0x1619, 0x12b5: 0x1619,
+	0x12b6: 0x1621, 0x12b7: 0x1621, 0x12b8: 0x1621, 0x12b9: 0x1621, 0x12ba: 0x1629, 0x12bb: 0x1629,
+	0x12bc: 0x1629, 0x12bd: 0x1629, 0x12be: 0x1631, 0x12bf: 0x1631,
 	// Block 0x4b, offset 0x12c0
-	0x12c0: 0x7009, 0x12c1: 0x7021, 0x12c2: 0x7039, 0x12c3: 0x7d4d, 0x12c4: 0x7d6d, 0x12c5: 0x7051,
-	0x12c6: 0x7051, 0x12c7: 0x0040, 0x12c8: 0x0040, 0x12c9: 0x0040, 0x12ca: 0x0040, 0x12cb: 0x0040,
-	0x12cc: 0x0040, 0x12cd: 0x0040, 0x12ce: 0x0040, 0x12cf: 0x0040, 0x12d0: 0x0040, 0x12d1: 0x0040,
-	0x12d2: 0x0040, 0x12d3: 0x7069, 0x12d4: 0x7091, 0x12d5: 0x70b9, 0x12d6: 0x70e1, 0x12d7: 0x7109,
-	0x12d8: 0x0040, 0x12d9: 0x0040, 0x12da: 0x0040, 0x12db: 0x0040, 0x12dc: 0x0040, 0x12dd: 0x7131,
-	0x12de: 0x3308, 0x12df: 0x7159, 0x12e0: 0x7181, 0x12e1: 0x20a9, 0x12e2: 0x20f1, 0x12e3: 0x7199,
-	0x12e4: 0x71b1, 0x12e5: 0x71c9, 0x12e6: 0x71e1, 0x12e7: 0x71f9, 0x12e8: 0x7211, 0x12e9: 0x1fb2,
-	0x12ea: 0x7229, 0x12eb: 0x7251, 0x12ec: 0x7279, 0x12ed: 0x72b1, 0x12ee: 0x72e9, 0x12ef: 0x7311,
-	0x12f0: 0x7339, 0x12f1: 0x7361, 0x12f2: 0x7389, 0x12f3: 0x73b1, 0x12f4: 0x73d9, 0x12f5: 0x7401,
-	0x12f6: 0x7429, 0x12f7: 0x0040, 0x12f8: 0x7451, 0x12f9: 0x7479, 0x12fa: 0x74a1, 0x12fb: 0x74c9,
-	0x12fc: 0x74f1, 0x12fd: 0x0040, 0x12fe: 0x7519, 0x12ff: 0x0040,
+	0x12c0: 0x1631, 0x12c1: 0x1631, 0x12c2: 0x1639, 0x12c3: 0x1639, 0x12c4: 0x1641, 0x12c5: 0x1641,
+	0x12c6: 0x1649, 0x12c7: 0x1649, 0x12c8: 0x1651, 0x12c9: 0x1651, 0x12ca: 0x1659, 0x12cb: 0x1659,
+	0x12cc: 0x1661, 0x12cd: 0x1661, 0x12ce: 0x1669, 0x12cf: 0x1669, 0x12d0: 0x1669, 0x12d1: 0x1669,
+	0x12d2: 0x1671, 0x12d3: 0x1671, 0x12d4: 0x1671, 0x12d5: 0x1671, 0x12d6: 0x1679, 0x12d7: 0x1679,
+	0x12d8: 0x1679, 0x12d9: 0x1679, 0x12da: 0x1681, 0x12db: 0x1681, 0x12dc: 0x1681, 0x12dd: 0x1681,
+	0x12de: 0x1689, 0x12df: 0x1689, 0x12e0: 0x1691, 0x12e1: 0x1691, 0x12e2: 0x1691, 0x12e3: 0x1691,
+	0x12e4: 0x1699, 0x12e5: 0x1699, 0x12e6: 0x16a1, 0x12e7: 0x16a1, 0x12e8: 0x16a1, 0x12e9: 0x16a1,
+	0x12ea: 0x16a9, 0x12eb: 0x16a9, 0x12ec: 0x16a9, 0x12ed: 0x16a9, 0x12ee: 0x16b1, 0x12ef: 0x16b1,
+	0x12f0: 0x16b9, 0x12f1: 0x16b9, 0x12f2: 0x0818, 0x12f3: 0x0818, 0x12f4: 0x0818, 0x12f5: 0x0818,
+	0x12f6: 0x0818, 0x12f7: 0x0818, 0x12f8: 0x0818, 0x12f9: 0x0818, 0x12fa: 0x0818, 0x12fb: 0x0818,
+	0x12fc: 0x0818, 0x12fd: 0x0818, 0x12fe: 0x0818, 0x12ff: 0x0818,
 	// Block 0x4c, offset 0x1300
-	0x1300: 0x7541, 0x1301: 0x7569, 0x1302: 0x0040, 0x1303: 0x7591, 0x1304: 0x75b9, 0x1305: 0x0040,
-	0x1306: 0x75e1, 0x1307: 0x7609, 0x1308: 0x7631, 0x1309: 0x7659, 0x130a: 0x7681, 0x130b: 0x76a9,
-	0x130c: 0x76d1, 0x130d: 0x76f9, 0x130e: 0x7721, 0x130f: 0x7749, 0x1310: 0x7771, 0x1311: 0x7771,
-	0x1312: 0x7789, 0x1313: 0x7789, 0x1314: 0x7789, 0x1315: 0x7789, 0x1316: 0x77a1, 0x1317: 0x77a1,
-	0x1318: 0x77a1, 0x1319: 0x77a1, 0x131a: 0x77b9, 0x131b: 0x77b9, 0x131c: 0x77b9, 0x131d: 0x77b9,
-	0x131e: 0x77d1, 0x131f: 0x77d1, 0x1320: 0x77d1, 0x1321: 0x77d1, 0x1322: 0x77e9, 0x1323: 0x77e9,
-	0x1324: 0x77e9, 0x1325: 0x77e9, 0x1326: 0x7801, 0x1327: 0x7801, 0x1328: 0x7801, 0x1329: 0x7801,
-	0x132a: 0x7819, 0x132b: 0x7819, 0x132c: 0x7819, 0x132d: 0x7819, 0x132e: 0x7831, 0x132f: 0x7831,
-	0x1330: 0x7831, 0x1331: 0x7831, 0x1332: 0x7849, 0x1333: 0x7849, 0x1334: 0x7849, 0x1335: 0x7849,
-	0x1336: 0x7861, 0x1337: 0x7861, 0x1338: 0x7861, 0x1339: 0x7861, 0x133a: 0x7879, 0x133b: 0x7879,
-	0x133c: 0x7879, 0x133d: 0x7879, 0x133e: 0x7891, 0x133f: 0x7891,
+	0x1300: 0x0818, 0x1301: 0x0818, 0x1302: 0x0040, 0x1303: 0x0040, 0x1304: 0x0040, 0x1305: 0x0040,
+	0x1306: 0x0040, 0x1307: 0x0040, 0x1308: 0x0040, 0x1309: 0x0040, 0x130a: 0x0040, 0x130b: 0x0040,
+	0x130c: 0x0040, 0x130d: 0x0040, 0x130e: 0x0040, 0x130f: 0x0040, 0x1310: 0x0040, 0x1311: 0x0040,
+	0x1312: 0x0040, 0x1313: 0x16c1, 0x1314: 0x16c1, 0x1315: 0x16c1, 0x1316: 0x16c1, 0x1317: 0x16c9,
+	0x1318: 0x16c9, 0x1319: 0x16d1, 0x131a: 0x16d1, 0x131b: 0x16d9, 0x131c: 0x16d9, 0x131d: 0x0149,
+	0x131e: 0x16e1, 0x131f: 0x16e1, 0x1320: 0x16e9, 0x1321: 0x16e9, 0x1322: 0x16f1, 0x1323: 0x16f1,
+	0x1324: 0x16f9, 0x1325: 0x16f9, 0x1326: 0x16f9, 0x1327: 0x16f9, 0x1328: 0x1701, 0x1329: 0x1701,
+	0x132a: 0x1709, 0x132b: 0x1709, 0x132c: 0x1711, 0x132d: 0x1711, 0x132e: 0x1719, 0x132f: 0x1719,
+	0x1330: 0x1721, 0x1331: 0x1721, 0x1332: 0x1729, 0x1333: 0x1729, 0x1334: 0x1731, 0x1335: 0x1731,
+	0x1336: 0x1739, 0x1337: 0x1739, 0x1338: 0x1739, 0x1339: 0x1741, 0x133a: 0x1741, 0x133b: 0x1741,
+	0x133c: 0x1749, 0x133d: 0x1749, 0x133e: 0x1749, 0x133f: 0x1749,
 	// Block 0x4d, offset 0x1340
-	0x1340: 0x7891, 0x1341: 0x7891, 0x1342: 0x78a9, 0x1343: 0x78a9, 0x1344: 0x78c1, 0x1345: 0x78c1,
-	0x1346: 0x78d9, 0x1347: 0x78d9, 0x1348: 0x78f1, 0x1349: 0x78f1, 0x134a: 0x7909, 0x134b: 0x7909,
-	0x134c: 0x7921, 0x134d: 0x7921, 0x134e: 0x7939, 0x134f: 0x7939, 0x1350: 0x7939, 0x1351: 0x7939,
-	0x1352: 0x7951, 0x1353: 0x7951, 0x1354: 0x7951, 0x1355: 0x7951, 0x1356: 0x7969, 0x1357: 0x7969,
-	0x1358: 0x7969, 0x1359: 0x7969, 0x135a: 0x7981, 0x135b: 0x7981, 0x135c: 0x7981, 0x135d: 0x7981,
-	0x135e: 0x7999, 0x135f: 0x7999, 0x1360: 0x79b1, 0x1361: 0x79b1, 0x1362: 0x79b1, 0x1363: 0x79b1,
-	0x1364: 0x79c9, 0x1365: 0x79c9, 0x1366: 0x79e1, 0x1367: 0x79e1, 0x1368: 0x79e1, 0x1369: 0x79e1,
-	0x136a: 0x79f9, 0x136b: 0x79f9, 0x136c: 0x79f9, 0x136d: 0x79f9, 0x136e: 0x7a11, 0x136f: 0x7a11,
-	0x1370: 0x7a29, 0x1371: 0x7a29, 0x1372: 0x0818, 0x1373: 0x0818, 0x1374: 0x0818, 0x1375: 0x0818,
-	0x1376: 0x0818, 0x1377: 0x0818, 0x1378: 0x0818, 0x1379: 0x0818, 0x137a: 0x0818, 0x137b: 0x0818,
-	0x137c: 0x0818, 0x137d: 0x0818, 0x137e: 0x0818, 0x137f: 0x0818,
+	0x1340: 0x1949, 0x1341: 0x1951, 0x1342: 0x1959, 0x1343: 0x1961, 0x1344: 0x1969, 0x1345: 0x1971,
+	0x1346: 0x1979, 0x1347: 0x1981, 0x1348: 0x1989, 0x1349: 0x1991, 0x134a: 0x1999, 0x134b: 0x19a1,
+	0x134c: 0x19a9, 0x134d: 0x19b1, 0x134e: 0x19b9, 0x134f: 0x19c1, 0x1350: 0x19c9, 0x1351: 0x19d1,
+	0x1352: 0x19d9, 0x1353: 0x19e1, 0x1354: 0x19e9, 0x1355: 0x19f1, 0x1356: 0x19f9, 0x1357: 0x1a01,
+	0x1358: 0x1a09, 0x1359: 0x1a11, 0x135a: 0x1a19, 0x135b: 0x1a21, 0x135c: 0x1a29, 0x135d: 0x1a31,
+	0x135e: 0x1a3a, 0x135f: 0x1a42, 0x1360: 0x1a4a, 0x1361: 0x1a52, 0x1362: 0x1a5a, 0x1363: 0x1a62,
+	0x1364: 0x1a69, 0x1365: 0x1a71, 0x1366: 0x1761, 0x1367: 0x1a79, 0x1368: 0x1741, 0x1369: 0x1769,
+	0x136a: 0x1a81, 0x136b: 0x1a89, 0x136c: 0x1789, 0x136d: 0x1a91, 0x136e: 0x1791, 0x136f: 0x1799,
+	0x1370: 0x1a99, 0x1371: 0x1aa1, 0x1372: 0x17b9, 0x1373: 0x1aa9, 0x1374: 0x17c1, 0x1375: 0x17c9,
+	0x1376: 0x1ab1, 0x1377: 0x1ab9, 0x1378: 0x17d9, 0x1379: 0x1ac1, 0x137a: 0x17e1, 0x137b: 0x17e9,
+	0x137c: 0x18d1, 0x137d: 0x18d9, 0x137e: 0x18f1, 0x137f: 0x18f9,
 	// Block 0x4e, offset 0x1380
-	0x1380: 0x0818, 0x1381: 0x0818, 0x1382: 0x0040, 0x1383: 0x0040, 0x1384: 0x0040, 0x1385: 0x0040,
-	0x1386: 0x0040, 0x1387: 0x0040, 0x1388: 0x0040, 0x1389: 0x0040, 0x138a: 0x0040, 0x138b: 0x0040,
-	0x138c: 0x0040, 0x138d: 0x0040, 0x138e: 0x0040, 0x138f: 0x0040, 0x1390: 0x0040, 0x1391: 0x0040,
-	0x1392: 0x0040, 0x1393: 0x7a41, 0x1394: 0x7a41, 0x1395: 0x7a41, 0x1396: 0x7a41, 0x1397: 0x7a59,
-	0x1398: 0x7a59, 0x1399: 0x7a71, 0x139a: 0x7a71, 0x139b: 0x7a89, 0x139c: 0x7a89, 0x139d: 0x0479,
-	0x139e: 0x7aa1, 0x139f: 0x7aa1, 0x13a0: 0x7ab9, 0x13a1: 0x7ab9, 0x13a2: 0x7ad1, 0x13a3: 0x7ad1,
-	0x13a4: 0x7ae9, 0x13a5: 0x7ae9, 0x13a6: 0x7ae9, 0x13a7: 0x7ae9, 0x13a8: 0x7b01, 0x13a9: 0x7b01,
-	0x13aa: 0x7b19, 0x13ab: 0x7b19, 0x13ac: 0x7b41, 0x13ad: 0x7b41, 0x13ae: 0x7b69, 0x13af: 0x7b69,
-	0x13b0: 0x7b91, 0x13b1: 0x7b91, 0x13b2: 0x7bb9, 0x13b3: 0x7bb9, 0x13b4: 0x7be1, 0x13b5: 0x7be1,
-	0x13b6: 0x7c09, 0x13b7: 0x7c09, 0x13b8: 0x7c09, 0x13b9: 0x7c31, 0x13ba: 0x7c31, 0x13bb: 0x7c31,
-	0x13bc: 0x7c59, 0x13bd: 0x7c59, 0x13be: 0x7c59, 0x13bf: 0x7c59,
+	0x1380: 0x1901, 0x1381: 0x1921, 0x1382: 0x1929, 0x1383: 0x1931, 0x1384: 0x1939, 0x1385: 0x1959,
+	0x1386: 0x1961, 0x1387: 0x1969, 0x1388: 0x1ac9, 0x1389: 0x1989, 0x138a: 0x1ad1, 0x138b: 0x1ad9,
+	0x138c: 0x19b9, 0x138d: 0x1ae1, 0x138e: 0x19c1, 0x138f: 0x19c9, 0x1390: 0x1a31, 0x1391: 0x1ae9,
+	0x1392: 0x1af1, 0x1393: 0x1a09, 0x1394: 0x1af9, 0x1395: 0x1a11, 0x1396: 0x1a19, 0x1397: 0x1751,
+	0x1398: 0x1759, 0x1399: 0x1b01, 0x139a: 0x1761, 0x139b: 0x1b09, 0x139c: 0x1771, 0x139d: 0x1779,
+	0x139e: 0x1781, 0x139f: 0x1789, 0x13a0: 0x1b11, 0x13a1: 0x17a1, 0x13a2: 0x17a9, 0x13a3: 0x17b1,
+	0x13a4: 0x17b9, 0x13a5: 0x1b19, 0x13a6: 0x17d9, 0x13a7: 0x17f1, 0x13a8: 0x17f9, 0x13a9: 0x1801,
+	0x13aa: 0x1809, 0x13ab: 0x1811, 0x13ac: 0x1821, 0x13ad: 0x1829, 0x13ae: 0x1831, 0x13af: 0x1839,
+	0x13b0: 0x1841, 0x13b1: 0x1849, 0x13b2: 0x1b21, 0x13b3: 0x1851, 0x13b4: 0x1859, 0x13b5: 0x1861,
+	0x13b6: 0x1869, 0x13b7: 0x1871, 0x13b8: 0x1879, 0x13b9: 0x1889, 0x13ba: 0x1891, 0x13bb: 0x1899,
+	0x13bc: 0x18a1, 0x13bd: 0x18a9, 0x13be: 0x18b1, 0x13bf: 0x18b9,
 	// Block 0x4f, offset 0x13c0
-	0x13c0: 0x8649, 0x13c1: 0x8671, 0x13c2: 0x8699, 0x13c3: 0x86c1, 0x13c4: 0x86e9, 0x13c5: 0x8711,
-	0x13c6: 0x8739, 0x13c7: 0x8761, 0x13c8: 0x8789, 0x13c9: 0x87b1, 0x13ca: 0x87d9, 0x13cb: 0x8801,
-	0x13cc: 0x8829, 0x13cd: 0x8851, 0x13ce: 0x8879, 0x13cf: 0x88a1, 0x13d0: 0x88c9, 0x13d1: 0x88f1,
-	0x13d2: 0x8919, 0x13d3: 0x8941, 0x13d4: 0x8969, 0x13d5: 0x8991, 0x13d6: 0x89b9, 0x13d7: 0x89e1,
-	0x13d8: 0x8a09, 0x13d9: 0x8a31, 0x13da: 0x8a59, 0x13db: 0x8a81, 0x13dc: 0x8aa9, 0x13dd: 0x8ad1,
-	0x13de: 0x8afa, 0x13df: 0x8b2a, 0x13e0: 0x8b5a, 0x13e1: 0x8b8a, 0x13e2: 0x8bba, 0x13e3: 0x8bea,
-	0x13e4: 0x8c19, 0x13e5: 0x8c41, 0x13e6: 0x7cc1, 0x13e7: 0x8c69, 0x13e8: 0x7c31, 0x13e9: 0x7ce9,
-	0x13ea: 0x8c91, 0x13eb: 0x8cb9, 0x13ec: 0x7d89, 0x13ed: 0x8ce1, 0x13ee: 0x7db1, 0x13ef: 0x7dd9,
-	0x13f0: 0x8d09, 0x13f1: 0x8d31, 0x13f2: 0x7e79, 0x13f3: 0x8d59, 0x13f4: 0x7ea1, 0x13f5: 0x7ec9,
-	0x13f6: 0x8d81, 0x13f7: 0x8da9, 0x13f8: 0x7f19, 0x13f9: 0x8dd1, 0x13fa: 0x7f41, 0x13fb: 0x7f69,
-	0x13fc: 0x83f1, 0x13fd: 0x8419, 0x13fe: 0x8491, 0x13ff: 0x84b9,
+	0x13c0: 0x18c1, 0x13c1: 0x18c9, 0x13c2: 0x18e1, 0x13c3: 0x18e9, 0x13c4: 0x1909, 0x13c5: 0x1911,
+	0x13c6: 0x1919, 0x13c7: 0x1921, 0x13c8: 0x1929, 0x13c9: 0x1941, 0x13ca: 0x1949, 0x13cb: 0x1951,
+	0x13cc: 0x1959, 0x13cd: 0x1b29, 0x13ce: 0x1971, 0x13cf: 0x1979, 0x13d0: 0x1981, 0x13d1: 0x1989,
+	0x13d2: 0x19a1, 0x13d3: 0x19a9, 0x13d4: 0x19b1, 0x13d5: 0x19b9, 0x13d6: 0x1b31, 0x13d7: 0x19d1,
+	0x13d8: 0x19d9, 0x13d9: 0x1b39, 0x13da: 0x19f1, 0x13db: 0x19f9, 0x13dc: 0x1a01, 0x13dd: 0x1a09,
+	0x13de: 0x1b41, 0x13df: 0x1761, 0x13e0: 0x1b09, 0x13e1: 0x1789, 0x13e2: 0x1b11, 0x13e3: 0x17b9,
+	0x13e4: 0x1b19, 0x13e5: 0x17d9, 0x13e6: 0x1b49, 0x13e7: 0x1841, 0x13e8: 0x1b51, 0x13e9: 0x1b59,
+	0x13ea: 0x1b61, 0x13eb: 0x1921, 0x13ec: 0x1929, 0x13ed: 0x1959, 0x13ee: 0x19b9, 0x13ef: 0x1b31,
+	0x13f0: 0x1a09, 0x13f1: 0x1b41, 0x13f2: 0x1b69, 0x13f3: 0x1b71, 0x13f4: 0x1b79, 0x13f5: 0x1b81,
+	0x13f6: 0x1b89, 0x13f7: 0x1b91, 0x13f8: 0x1b99, 0x13f9: 0x1ba1, 0x13fa: 0x1ba9, 0x13fb: 0x1bb1,
+	0x13fc: 0x1bb9, 0x13fd: 0x1bc1, 0x13fe: 0x1bc9, 0x13ff: 0x1bd1,
 	// Block 0x50, offset 0x1400
-	0x1400: 0x84e1, 0x1401: 0x8581, 0x1402: 0x85a9, 0x1403: 0x85d1, 0x1404: 0x85f9, 0x1405: 0x8699,
-	0x1406: 0x86c1, 0x1407: 0x86e9, 0x1408: 0x8df9, 0x1409: 0x8789, 0x140a: 0x8e21, 0x140b: 0x8e49,
-	0x140c: 0x8879, 0x140d: 0x8e71, 0x140e: 0x88a1, 0x140f: 0x88c9, 0x1410: 0x8ad1, 0x1411: 0x8e99,
-	0x1412: 0x8ec1, 0x1413: 0x8a09, 0x1414: 0x8ee9, 0x1415: 0x8a31, 0x1416: 0x8a59, 0x1417: 0x7c71,
-	0x1418: 0x7c99, 0x1419: 0x8f11, 0x141a: 0x7cc1, 0x141b: 0x8f39, 0x141c: 0x7d11, 0x141d: 0x7d39,
-	0x141e: 0x7d61, 0x141f: 0x7d89, 0x1420: 0x8f61, 0x1421: 0x7e01, 0x1422: 0x7e29, 0x1423: 0x7e51,
-	0x1424: 0x7e79, 0x1425: 0x8f89, 0x1426: 0x7f19, 0x1427: 0x7f91, 0x1428: 0x7fb9, 0x1429: 0x7fe1,
-	0x142a: 0x8009, 0x142b: 0x8031, 0x142c: 0x8081, 0x142d: 0x80a9, 0x142e: 0x80d1, 0x142f: 0x80f9,
-	0x1430: 0x8121, 0x1431: 0x8149, 0x1432: 0x8fb1, 0x1433: 0x8171, 0x1434: 0x8199, 0x1435: 0x81c1,
-	0x1436: 0x81e9, 0x1437: 0x8211, 0x1438: 0x8239, 0x1439: 0x8289, 0x143a: 0x82b1, 0x143b: 0x82d9,
-	0x143c: 0x8301, 0x143d: 0x8329, 0x143e: 0x8351, 0x143f: 0x8379,
+	0x1400: 0x1bd9, 0x1401: 0x1be1, 0x1402: 0x1be9, 0x1403: 0x1bf1, 0x1404: 0x1bf9, 0x1405: 0x1c01,
+	0x1406: 0x1c09, 0x1407: 0x1c11, 0x1408: 0x1c19, 0x1409: 0x1c21, 0x140a: 0x1c29, 0x140b: 0x1c31,
+	0x140c: 0x1b59, 0x140d: 0x1c39, 0x140e: 0x1c41, 0x140f: 0x1c49, 0x1410: 0x1c51, 0x1411: 0x1b81,
+	0x1412: 0x1b89, 0x1413: 0x1b91, 0x1414: 0x1b99, 0x1415: 0x1ba1, 0x1416: 0x1ba9, 0x1417: 0x1bb1,
+	0x1418: 0x1bb9, 0x1419: 0x1bc1, 0x141a: 0x1bc9, 0x141b: 0x1bd1, 0x141c: 0x1bd9, 0x141d: 0x1be1,
+	0x141e: 0x1be9, 0x141f: 0x1bf1, 0x1420: 0x1bf9, 0x1421: 0x1c01, 0x1422: 0x1c09, 0x1423: 0x1c11,
+	0x1424: 0x1c19, 0x1425: 0x1c21, 0x1426: 0x1c29, 0x1427: 0x1c31, 0x1428: 0x1b59, 0x1429: 0x1c39,
+	0x142a: 0x1c41, 0x142b: 0x1c49, 0x142c: 0x1c51, 0x142d: 0x1c21, 0x142e: 0x1c29, 0x142f: 0x1c31,
+	0x1430: 0x1b59, 0x1431: 0x1b51, 0x1432: 0x1b61, 0x1433: 0x1881, 0x1434: 0x1829, 0x1435: 0x1831,
+	0x1436: 0x1839, 0x1437: 0x1c21, 0x1438: 0x1c29, 0x1439: 0x1c31, 0x143a: 0x1881, 0x143b: 0x1889,
+	0x143c: 0x1c59, 0x143d: 0x1c59, 0x143e: 0x0018, 0x143f: 0x0018,
 	// Block 0x51, offset 0x1440
-	0x1440: 0x83a1, 0x1441: 0x83c9, 0x1442: 0x8441, 0x1443: 0x8469, 0x1444: 0x8509, 0x1445: 0x8531,
-	0x1446: 0x8559, 0x1447: 0x8581, 0x1448: 0x85a9, 0x1449: 0x8621, 0x144a: 0x8649, 0x144b: 0x8671,
-	0x144c: 0x8699, 0x144d: 0x8fd9, 0x144e: 0x8711, 0x144f: 0x8739, 0x1450: 0x8761, 0x1451: 0x8789,
-	0x1452: 0x8801, 0x1453: 0x8829, 0x1454: 0x8851, 0x1455: 0x8879, 0x1456: 0x9001, 0x1457: 0x88f1,
-	0x1458: 0x8919, 0x1459: 0x9029, 0x145a: 0x8991, 0x145b: 0x89b9, 0x145c: 0x89e1, 0x145d: 0x8a09,
-	0x145e: 0x9051, 0x145f: 0x7cc1, 0x1460: 0x8f39, 0x1461: 0x7d89, 0x1462: 0x8f61, 0x1463: 0x7e79,
-	0x1464: 0x8f89, 0x1465: 0x7f19, 0x1466: 0x9079, 0x1467: 0x8121, 0x1468: 0x90a1, 0x1469: 0x90c9,
-	0x146a: 0x90f1, 0x146b: 0x8581, 0x146c: 0x85a9, 0x146d: 0x8699, 0x146e: 0x8879, 0x146f: 0x9001,
-	0x1470: 0x8a09, 0x1471: 0x9051, 0x1472: 0x9119, 0x1473: 0x9151, 0x1474: 0x9189, 0x1475: 0x91c1,
-	0x1476: 0x91e9, 0x1477: 0x9211, 0x1478: 0x9239, 0x1479: 0x9261, 0x147a: 0x9289, 0x147b: 0x92b1,
-	0x147c: 0x92d9, 0x147d: 0x9301, 0x147e: 0x9329, 0x147f: 0x9351,
+	0x1440: 0x0040, 0x1441: 0x0040, 0x1442: 0x0040, 0x1443: 0x0040, 0x1444: 0x0040, 0x1445: 0x0040,
+	0x1446: 0x0040, 0x1447: 0x0040, 0x1448: 0x0040, 0x1449: 0x0040, 0x144a: 0x0040, 0x144b: 0x0040,
+	0x144c: 0x0040, 0x144d: 0x0040, 0x144e: 0x0040, 0x144f: 0x0040, 0x1450: 0x1c61, 0x1451: 0x1c69,
+	0x1452: 0x1c69, 0x1453: 0x1c71, 0x1454: 0x1c79, 0x1455: 0x1c81, 0x1456: 0x1c89, 0x1457: 0x1c91,
+	0x1458: 0x1c99, 0x1459: 0x1c99, 0x145a: 0x1ca1, 0x145b: 0x1ca9, 0x145c: 0x1cb1, 0x145d: 0x1cb9,
+	0x145e: 0x1cc1, 0x145f: 0x1cc9, 0x1460: 0x1cc9, 0x1461: 0x1cd1, 0x1462: 0x1cd9, 0x1463: 0x1cd9,
+	0x1464: 0x1ce1, 0x1465: 0x1ce1, 0x1466: 0x1ce9, 0x1467: 0x1cf1, 0x1468: 0x1cf1, 0x1469: 0x1cf9,
+	0x146a: 0x1d01, 0x146b: 0x1d01, 0x146c: 0x1d09, 0x146d: 0x1d09, 0x146e: 0x1d11, 0x146f: 0x1d19,
+	0x1470: 0x1d19, 0x1471: 0x1d21, 0x1472: 0x1d21, 0x1473: 0x1d29, 0x1474: 0x1d31, 0x1475: 0x1d39,
+	0x1476: 0x1d41, 0x1477: 0x1d41, 0x1478: 0x1d49, 0x1479: 0x1d51, 0x147a: 0x1d59, 0x147b: 0x1d61,
+	0x147c: 0x1d69, 0x147d: 0x1d69, 0x147e: 0x1d71, 0x147f: 0x1d79,
 	// Block 0x52, offset 0x1480
-	0x1480: 0x9379, 0x1481: 0x93a1, 0x1482: 0x93c9, 0x1483: 0x93f1, 0x1484: 0x9419, 0x1485: 0x9441,
-	0x1486: 0x9469, 0x1487: 0x9491, 0x1488: 0x94b9, 0x1489: 0x94e1, 0x148a: 0x9509, 0x148b: 0x9531,
-	0x148c: 0x90c9, 0x148d: 0x9559, 0x148e: 0x9581, 0x148f: 0x95a9, 0x1490: 0x95d1, 0x1491: 0x91c1,
-	0x1492: 0x91e9, 0x1493: 0x9211, 0x1494: 0x9239, 0x1495: 0x9261, 0x1496: 0x9289, 0x1497: 0x92b1,
-	0x1498: 0x92d9, 0x1499: 0x9301, 0x149a: 0x9329, 0x149b: 0x9351, 0x149c: 0x9379, 0x149d: 0x93a1,
-	0x149e: 0x93c9, 0x149f: 0x93f1, 0x14a0: 0x9419, 0x14a1: 0x9441, 0x14a2: 0x9469, 0x14a3: 0x9491,
-	0x14a4: 0x94b9, 0x14a5: 0x94e1, 0x14a6: 0x9509, 0x14a7: 0x9531, 0x14a8: 0x90c9, 0x14a9: 0x9559,
-	0x14aa: 0x9581, 0x14ab: 0x95a9, 0x14ac: 0x95d1, 0x14ad: 0x94e1, 0x14ae: 0x9509, 0x14af: 0x9531,
-	0x14b0: 0x90c9, 0x14b1: 0x90a1, 0x14b2: 0x90f1, 0x14b3: 0x8261, 0x14b4: 0x80a9, 0x14b5: 0x80d1,
-	0x14b6: 0x80f9, 0x14b7: 0x94e1, 0x14b8: 0x9509, 0x14b9: 0x9531, 0x14ba: 0x8261, 0x14bb: 0x8289,
-	0x14bc: 0x95f9, 0x14bd: 0x95f9, 0x14be: 0x0018, 0x14bf: 0x0018,
+	0x1480: 0x1f29, 0x1481: 0x1f31, 0x1482: 0x1f39, 0x1483: 0x1f11, 0x1484: 0x1d39, 0x1485: 0x1ce9,
+	0x1486: 0x1f41, 0x1487: 0x1f49, 0x1488: 0x0040, 0x1489: 0x0040, 0x148a: 0x0040, 0x148b: 0x0040,
+	0x148c: 0x0040, 0x148d: 0x0040, 0x148e: 0x0040, 0x148f: 0x0040, 0x1490: 0x0040, 0x1491: 0x0040,
+	0x1492: 0x0040, 0x1493: 0x0040, 0x1494: 0x0040, 0x1495: 0x0040, 0x1496: 0x0040, 0x1497: 0x0040,
+	0x1498: 0x0040, 0x1499: 0x0040, 0x149a: 0x0040, 0x149b: 0x0040, 0x149c: 0x0040, 0x149d: 0x0040,
+	0x149e: 0x0040, 0x149f: 0x0040, 0x14a0: 0x0040, 0x14a1: 0x0040, 0x14a2: 0x0040, 0x14a3: 0x0040,
+	0x14a4: 0x0040, 0x14a5: 0x0040, 0x14a6: 0x0040, 0x14a7: 0x0040, 0x14a8: 0x0040, 0x14a9: 0x0040,
+	0x14aa: 0x0040, 0x14ab: 0x0040, 0x14ac: 0x0040, 0x14ad: 0x0040, 0x14ae: 0x0040, 0x14af: 0x0040,
+	0x14b0: 0x1f51, 0x14b1: 0x1f59, 0x14b2: 0x1f61, 0x14b3: 0x1f69, 0x14b4: 0x1f71, 0x14b5: 0x1f79,
+	0x14b6: 0x1f81, 0x14b7: 0x1f89, 0x14b8: 0x1f91, 0x14b9: 0x1f99, 0x14ba: 0x1fa2, 0x14bb: 0x1faa,
+	0x14bc: 0x1fb1, 0x14bd: 0x0018, 0x14be: 0x0040, 0x14bf: 0x0040,
 	// Block 0x53, offset 0x14c0
-	0x14c0: 0x0040, 0x14c1: 0x0040, 0x14c2: 0x0040, 0x14c3: 0x0040, 0x14c4: 0x0040, 0x14c5: 0x0040,
-	0x14c6: 0x0040, 0x14c7: 0x0040, 0x14c8: 0x0040, 0x14c9: 0x0040, 0x14ca: 0x0040, 0x14cb: 0x0040,
-	0x14cc: 0x0040, 0x14cd: 0x0040, 0x14ce: 0x0040, 0x14cf: 0x0040, 0x14d0: 0x9621, 0x14d1: 0x9659,
-	0x14d2: 0x9659, 0x14d3: 0x9691, 0x14d4: 0x96c9, 0x14d5: 0x9701, 0x14d6: 0x9739, 0x14d7: 0x9771,
-	0x14d8: 0x97a9, 0x14d9: 0x97a9, 0x14da: 0x97e1, 0x14db: 0x9819, 0x14dc: 0x9851, 0x14dd: 0x9889,
-	0x14de: 0x98c1, 0x14df: 0x98f9, 0x14e0: 0x98f9, 0x14e1: 0x9931, 0x14e2: 0x9969, 0x14e3: 0x9969,
-	0x14e4: 0x99a1, 0x14e5: 0x99a1, 0x14e6: 0x99d9, 0x14e7: 0x9a11, 0x14e8: 0x9a11, 0x14e9: 0x9a49,
-	0x14ea: 0x9a81, 0x14eb: 0x9a81, 0x14ec: 0x9ab9, 0x14ed: 0x9ab9, 0x14ee: 0x9af1, 0x14ef: 0x9b29,
-	0x14f0: 0x9b29, 0x14f1: 0x9b61, 0x14f2: 0x9b61, 0x14f3: 0x9b99, 0x14f4: 0x9bd1, 0x14f5: 0x9c09,
-	0x14f6: 0x9c41, 0x14f7: 0x9c41, 0x14f8: 0x9c79, 0x14f9: 0x9cb1, 0x14fa: 0x9ce9, 0x14fb: 0x9d21,
-	0x14fc: 0x9d59, 0x14fd: 0x9d59, 0x14fe: 0x9d91, 0x14ff: 0x9dc9,
+	0x14c0: 0x33c0, 0x14c1: 0x33c0, 0x14c2: 0x33c0, 0x14c3: 0x33c0, 0x14c4: 0x33c0, 0x14c5: 0x33c0,
+	0x14c6: 0x33c0, 0x14c7: 0x33c0, 0x14c8: 0x33c0, 0x14c9: 0x33c0, 0x14ca: 0x33c0, 0x14cb: 0x33c0,
+	0x14cc: 0x33c0, 0x14cd: 0x33c0, 0x14ce: 0x33c0, 0x14cf: 0x33c0, 0x14d0: 0x1fba, 0x14d1: 0x7d8d,
+	0x14d2: 0x0040, 0x14d3: 0x1fc2, 0x14d4: 0x0122, 0x14d5: 0x1fca, 0x14d6: 0x1fd2, 0x14d7: 0x7dad,
+	0x14d8: 0x7dcd, 0x14d9: 0x0040, 0x14da: 0x0040, 0x14db: 0x0040, 0x14dc: 0x0040, 0x14dd: 0x0040,
+	0x14de: 0x0040, 0x14df: 0x0040, 0x14e0: 0x3308, 0x14e1: 0x3308, 0x14e2: 0x3308, 0x14e3: 0x3308,
+	0x14e4: 0x3308, 0x14e5: 0x3308, 0x14e6: 0x3308, 0x14e7: 0x3308, 0x14e8: 0x3308, 0x14e9: 0x3308,
+	0x14ea: 0x3308, 0x14eb: 0x3308, 0x14ec: 0x3308, 0x14ed: 0x3308, 0x14ee: 0x3308, 0x14ef: 0x3308,
+	0x14f0: 0x0040, 0x14f1: 0x7ded, 0x14f2: 0x7e0d, 0x14f3: 0x1fda, 0x14f4: 0x1fda, 0x14f5: 0x072a,
+	0x14f6: 0x0732, 0x14f7: 0x1fe2, 0x14f8: 0x1fea, 0x14f9: 0x7e2d, 0x14fa: 0x7e4d, 0x14fb: 0x7e6d,
+	0x14fc: 0x7e2d, 0x14fd: 0x7e8d, 0x14fe: 0x7ead, 0x14ff: 0x7e8d,
 	// Block 0x54, offset 0x1500
-	0x1500: 0xa999, 0x1501: 0xa9d1, 0x1502: 0xaa09, 0x1503: 0xa8f1, 0x1504: 0x9c09, 0x1505: 0x99d9,
-	0x1506: 0xaa41, 0x1507: 0xaa79, 0x1508: 0x0040, 0x1509: 0x0040, 0x150a: 0x0040, 0x150b: 0x0040,
-	0x150c: 0x0040, 0x150d: 0x0040, 0x150e: 0x0040, 0x150f: 0x0040, 0x1510: 0x0040, 0x1511: 0x0040,
-	0x1512: 0x0040, 0x1513: 0x0040, 0x1514: 0x0040, 0x1515: 0x0040, 0x1516: 0x0040, 0x1517: 0x0040,
-	0x1518: 0x0040, 0x1519: 0x0040, 0x151a: 0x0040, 0x151b: 0x0040, 0x151c: 0x0040, 0x151d: 0x0040,
-	0x151e: 0x0040, 0x151f: 0x0040, 0x1520: 0x0040, 0x1521: 0x0040, 0x1522: 0x0040, 0x1523: 0x0040,
-	0x1524: 0x0040, 0x1525: 0x0040, 0x1526: 0x0040, 0x1527: 0x0040, 0x1528: 0x0040, 0x1529: 0x0040,
-	0x152a: 0x0040, 0x152b: 0x0040, 0x152c: 0x0040, 0x152d: 0x0040, 0x152e: 0x0040, 0x152f: 0x0040,
-	0x1530: 0xaab1, 0x1531: 0xaae9, 0x1532: 0xab21, 0x1533: 0xab69, 0x1534: 0xabb1, 0x1535: 0xabf9,
-	0x1536: 0xac41, 0x1537: 0xac89, 0x1538: 0xacd1, 0x1539: 0xad19, 0x153a: 0xad52, 0x153b: 0xae62,
-	0x153c: 0xaee1, 0x153d: 0x0018, 0x153e: 0x0040, 0x153f: 0x0040,
+	0x1500: 0x7ecd, 0x1501: 0x7eed, 0x1502: 0x7f0d, 0x1503: 0x7eed, 0x1504: 0x7f2d, 0x1505: 0x0018,
+	0x1506: 0x0018, 0x1507: 0x1ff2, 0x1508: 0x1ffa, 0x1509: 0x7f4e, 0x150a: 0x7f6e, 0x150b: 0x7f8e,
+	0x150c: 0x7fae, 0x150d: 0x1fda, 0x150e: 0x1fda, 0x150f: 0x1fda, 0x1510: 0x1fba, 0x1511: 0x7fcd,
+	0x1512: 0x0040, 0x1513: 0x0040, 0x1514: 0x0122, 0x1515: 0x1fc2, 0x1516: 0x1fd2, 0x1517: 0x1fca,
+	0x1518: 0x7fed, 0x1519: 0x072a, 0x151a: 0x0732, 0x151b: 0x1fe2, 0x151c: 0x1fea, 0x151d: 0x7ecd,
+	0x151e: 0x7f2d, 0x151f: 0x2002, 0x1520: 0x200a, 0x1521: 0x2012, 0x1522: 0x071a, 0x1523: 0x2019,
+	0x1524: 0x2022, 0x1525: 0x202a, 0x1526: 0x0722, 0x1527: 0x0040, 0x1528: 0x2032, 0x1529: 0x203a,
+	0x152a: 0x2042, 0x152b: 0x204a, 0x152c: 0x0040, 0x152d: 0x0040, 0x152e: 0x0040, 0x152f: 0x0040,
+	0x1530: 0x800e, 0x1531: 0x2051, 0x1532: 0x802e, 0x1533: 0x0808, 0x1534: 0x804e, 0x1535: 0x0040,
+	0x1536: 0x806e, 0x1537: 0x2059, 0x1538: 0x808e, 0x1539: 0x2061, 0x153a: 0x80ae, 0x153b: 0x2069,
+	0x153c: 0x80ce, 0x153d: 0x2071, 0x153e: 0x80ee, 0x153f: 0x2079,
 	// Block 0x55, offset 0x1540
-	0x1540: 0x33c0, 0x1541: 0x33c0, 0x1542: 0x33c0, 0x1543: 0x33c0, 0x1544: 0x33c0, 0x1545: 0x33c0,
-	0x1546: 0x33c0, 0x1547: 0x33c0, 0x1548: 0x33c0, 0x1549: 0x33c0, 0x154a: 0x33c0, 0x154b: 0x33c0,
-	0x154c: 0x33c0, 0x154d: 0x33c0, 0x154e: 0x33c0, 0x154f: 0x33c0, 0x1550: 0xaf2a, 0x1551: 0x7d8d,
-	0x1552: 0x0040, 0x1553: 0xaf3a, 0x1554: 0x03c2, 0x1555: 0xaf4a, 0x1556: 0xaf5a, 0x1557: 0x7dad,
-	0x1558: 0x7dcd, 0x1559: 0x0040, 0x155a: 0x0040, 0x155b: 0x0040, 0x155c: 0x0040, 0x155d: 0x0040,
-	0x155e: 0x0040, 0x155f: 0x0040, 0x1560: 0x3308, 0x1561: 0x3308, 0x1562: 0x3308, 0x1563: 0x3308,
-	0x1564: 0x3308, 0x1565: 0x3308, 0x1566: 0x3308, 0x1567: 0x3308, 0x1568: 0x3308, 0x1569: 0x3308,
-	0x156a: 0x3308, 0x156b: 0x3308, 0x156c: 0x3308, 0x156d: 0x3308, 0x156e: 0x3308, 0x156f: 0x3308,
-	0x1570: 0x0040, 0x1571: 0x7ded, 0x1572: 0x7e0d, 0x1573: 0xaf6a, 0x1574: 0xaf6a, 0x1575: 0x1fd2,
-	0x1576: 0x1fe2, 0x1577: 0xaf7a, 0x1578: 0xaf8a, 0x1579: 0x7e2d, 0x157a: 0x7e4d, 0x157b: 0x7e6d,
-	0x157c: 0x7e2d, 0x157d: 0x7e8d, 0x157e: 0x7ead, 0x157f: 0x7e8d,
+	0x1540: 0x2081, 0x1541: 0x2089, 0x1542: 0x2089, 0x1543: 0x2091, 0x1544: 0x2091, 0x1545: 0x2099,
+	0x1546: 0x2099, 0x1547: 0x20a1, 0x1548: 0x20a1, 0x1549: 0x20a9, 0x154a: 0x20a9, 0x154b: 0x20a9,
+	0x154c: 0x20a9, 0x154d: 0x20b1, 0x154e: 0x20b1, 0x154f: 0x20b9, 0x1550: 0x20b9, 0x1551: 0x20b9,
+	0x1552: 0x20b9, 0x1553: 0x20c1, 0x1554: 0x20c1, 0x1555: 0x20c9, 0x1556: 0x20c9, 0x1557: 0x20c9,
+	0x1558: 0x20c9, 0x1559: 0x20d1, 0x155a: 0x20d1, 0x155b: 0x20d1, 0x155c: 0x20d1, 0x155d: 0x20d9,
+	0x155e: 0x20d9, 0x155f: 0x20d9, 0x1560: 0x20d9, 0x1561: 0x20e1, 0x1562: 0x20e1, 0x1563: 0x20e1,
+	0x1564: 0x20e1, 0x1565: 0x20e9, 0x1566: 0x20e9, 0x1567: 0x20e9, 0x1568: 0x20e9, 0x1569: 0x20f1,
+	0x156a: 0x20f1, 0x156b: 0x20f9, 0x156c: 0x20f9, 0x156d: 0x2101, 0x156e: 0x2101, 0x156f: 0x2109,
+	0x1570: 0x2109, 0x1571: 0x2111, 0x1572: 0x2111, 0x1573: 0x2111, 0x1574: 0x2111, 0x1575: 0x2119,
+	0x1576: 0x2119, 0x1577: 0x2119, 0x1578: 0x2119, 0x1579: 0x2121, 0x157a: 0x2121, 0x157b: 0x2121,
+	0x157c: 0x2121, 0x157d: 0x2129, 0x157e: 0x2129, 0x157f: 0x2129,
 	// Block 0x56, offset 0x1580
-	0x1580: 0x7ecd, 0x1581: 0x7eed, 0x1582: 0x7f0d, 0x1583: 0x7eed, 0x1584: 0x7f2d, 0x1585: 0x0018,
-	0x1586: 0x0018, 0x1587: 0xaf9a, 0x1588: 0xafaa, 0x1589: 0x7f4e, 0x158a: 0x7f6e, 0x158b: 0x7f8e,
-	0x158c: 0x7fae, 0x158d: 0xaf6a, 0x158e: 0xaf6a, 0x158f: 0xaf6a, 0x1590: 0xaf2a, 0x1591: 0x7fcd,
-	0x1592: 0x0040, 0x1593: 0x0040, 0x1594: 0x03c2, 0x1595: 0xaf3a, 0x1596: 0xaf5a, 0x1597: 0xaf4a,
-	0x1598: 0x7fed, 0x1599: 0x1fd2, 0x159a: 0x1fe2, 0x159b: 0xaf7a, 0x159c: 0xaf8a, 0x159d: 0x7ecd,
-	0x159e: 0x7f2d, 0x159f: 0xafba, 0x15a0: 0xafca, 0x15a1: 0xafda, 0x15a2: 0x1fb2, 0x15a3: 0xafe9,
-	0x15a4: 0xaffa, 0x15a5: 0xb00a, 0x15a6: 0x1fc2, 0x15a7: 0x0040, 0x15a8: 0xb01a, 0x15a9: 0xb02a,
-	0x15aa: 0xb03a, 0x15ab: 0xb04a, 0x15ac: 0x0040, 0x15ad: 0x0040, 0x15ae: 0x0040, 0x15af: 0x0040,
-	0x15b0: 0x800e, 0x15b1: 0xb059, 0x15b2: 0x802e, 0x15b3: 0x0808, 0x15b4: 0x804e, 0x15b5: 0x0040,
-	0x15b6: 0x806e, 0x15b7: 0xb081, 0x15b8: 0x808e, 0x15b9: 0xb0a9, 0x15ba: 0x80ae, 0x15bb: 0xb0d1,
-	0x15bc: 0x80ce, 0x15bd: 0xb0f9, 0x15be: 0x80ee, 0x15bf: 0xb121,
+	0x1580: 0x2129, 0x1581: 0x2131, 0x1582: 0x2131, 0x1583: 0x2131, 0x1584: 0x2131, 0x1585: 0x2139,
+	0x1586: 0x2139, 0x1587: 0x2139, 0x1588: 0x2139, 0x1589: 0x2141, 0x158a: 0x2141, 0x158b: 0x2141,
+	0x158c: 0x2141, 0x158d: 0x2149, 0x158e: 0x2149, 0x158f: 0x2149, 0x1590: 0x2149, 0x1591: 0x2151,
+	0x1592: 0x2151, 0x1593: 0x2151, 0x1594: 0x2151, 0x1595: 0x2159, 0x1596: 0x2159, 0x1597: 0x2159,
+	0x1598: 0x2159, 0x1599: 0x2161, 0x159a: 0x2161, 0x159b: 0x2161, 0x159c: 0x2161, 0x159d: 0x2169,
+	0x159e: 0x2169, 0x159f: 0x2169, 0x15a0: 0x2169, 0x15a1: 0x2171, 0x15a2: 0x2171, 0x15a3: 0x2171,
+	0x15a4: 0x2171, 0x15a5: 0x2179, 0x15a6: 0x2179, 0x15a7: 0x2179, 0x15a8: 0x2179, 0x15a9: 0x2181,
+	0x15aa: 0x2181, 0x15ab: 0x2181, 0x15ac: 0x2181, 0x15ad: 0x2189, 0x15ae: 0x2189, 0x15af: 0x1701,
+	0x15b0: 0x1701, 0x15b1: 0x2191, 0x15b2: 0x2191, 0x15b3: 0x2191, 0x15b4: 0x2191, 0x15b5: 0x2199,
+	0x15b6: 0x2199, 0x15b7: 0x21a1, 0x15b8: 0x21a1, 0x15b9: 0x21a9, 0x15ba: 0x21a9, 0x15bb: 0x21b1,
+	0x15bc: 0x21b1, 0x15bd: 0x0040, 0x15be: 0x0040, 0x15bf: 0x03c0,
 	// Block 0x57, offset 0x15c0
-	0x15c0: 0xb149, 0x15c1: 0xb161, 0x15c2: 0xb161, 0x15c3: 0xb179, 0x15c4: 0xb179, 0x15c5: 0xb191,
-	0x15c6: 0xb191, 0x15c7: 0xb1a9, 0x15c8: 0xb1a9, 0x15c9: 0xb1c1, 0x15ca: 0xb1c1, 0x15cb: 0xb1c1,
-	0x15cc: 0xb1c1, 0x15cd: 0xb1d9, 0x15ce: 0xb1d9, 0x15cf: 0xb1f1, 0x15d0: 0xb1f1, 0x15d1: 0xb1f1,
-	0x15d2: 0xb1f1, 0x15d3: 0xb209, 0x15d4: 0xb209, 0x15d5: 0xb221, 0x15d6: 0xb221, 0x15d7: 0xb221,
-	0x15d8: 0xb221, 0x15d9: 0xb239, 0x15da: 0xb239, 0x15db: 0xb239, 0x15dc: 0xb239, 0x15dd: 0xb251,
-	0x15de: 0xb251, 0x15df: 0xb251, 0x15e0: 0xb251, 0x15e1: 0xb269, 0x15e2: 0xb269, 0x15e3: 0xb269,
-	0x15e4: 0xb269, 0x15e5: 0xb281, 0x15e6: 0xb281, 0x15e7: 0xb281, 0x15e8: 0xb281, 0x15e9: 0xb299,
-	0x15ea: 0xb299, 0x15eb: 0xb2b1, 0x15ec: 0xb2b1, 0x15ed: 0xb2c9, 0x15ee: 0xb2c9, 0x15ef: 0xb2e1,
-	0x15f0: 0xb2e1, 0x15f1: 0xb2f9, 0x15f2: 0xb2f9, 0x15f3: 0xb2f9, 0x15f4: 0xb2f9, 0x15f5: 0xb311,
-	0x15f6: 0xb311, 0x15f7: 0xb311, 0x15f8: 0xb311, 0x15f9: 0xb329, 0x15fa: 0xb329, 0x15fb: 0xb329,
-	0x15fc: 0xb329, 0x15fd: 0xb341, 0x15fe: 0xb341, 0x15ff: 0xb341,
+	0x15c0: 0x0040, 0x15c1: 0x1fca, 0x15c2: 0x21ba, 0x15c3: 0x2002, 0x15c4: 0x203a, 0x15c5: 0x2042,
+	0x15c6: 0x200a, 0x15c7: 0x21c2, 0x15c8: 0x072a, 0x15c9: 0x0732, 0x15ca: 0x2012, 0x15cb: 0x071a,
+	0x15cc: 0x1fba, 0x15cd: 0x2019, 0x15ce: 0x0961, 0x15cf: 0x21ca, 0x15d0: 0x06e1, 0x15d1: 0x0049,
+	0x15d2: 0x0029, 0x15d3: 0x0031, 0x15d4: 0x06e9, 0x15d5: 0x06f1, 0x15d6: 0x06f9, 0x15d7: 0x0701,
+	0x15d8: 0x0709, 0x15d9: 0x0711, 0x15da: 0x1fc2, 0x15db: 0x0122, 0x15dc: 0x2022, 0x15dd: 0x0722,
+	0x15de: 0x202a, 0x15df: 0x1fd2, 0x15e0: 0x204a, 0x15e1: 0x0019, 0x15e2: 0x02e9, 0x15e3: 0x03d9,
+	0x15e4: 0x02f1, 0x15e5: 0x02f9, 0x15e6: 0x03f1, 0x15e7: 0x0309, 0x15e8: 0x00a9, 0x15e9: 0x0311,
+	0x15ea: 0x00b1, 0x15eb: 0x0319, 0x15ec: 0x0101, 0x15ed: 0x0321, 0x15ee: 0x0329, 0x15ef: 0x0051,
+	0x15f0: 0x0339, 0x15f1: 0x0751, 0x15f2: 0x00b9, 0x15f3: 0x0089, 0x15f4: 0x0341, 0x15f5: 0x0349,
+	0x15f6: 0x0391, 0x15f7: 0x00c1, 0x15f8: 0x0109, 0x15f9: 0x00c9, 0x15fa: 0x04b1, 0x15fb: 0x1ff2,
+	0x15fc: 0x2032, 0x15fd: 0x1ffa, 0x15fe: 0x21d2, 0x15ff: 0x1fda,
 	// Block 0x58, offset 0x1600
-	0x1600: 0xb341, 0x1601: 0xb359, 0x1602: 0xb359, 0x1603: 0xb359, 0x1604: 0xb359, 0x1605: 0xb371,
-	0x1606: 0xb371, 0x1607: 0xb371, 0x1608: 0xb371, 0x1609: 0xb389, 0x160a: 0xb389, 0x160b: 0xb389,
-	0x160c: 0xb389, 0x160d: 0xb3a1, 0x160e: 0xb3a1, 0x160f: 0xb3a1, 0x1610: 0xb3a1, 0x1611: 0xb3b9,
-	0x1612: 0xb3b9, 0x1613: 0xb3b9, 0x1614: 0xb3b9, 0x1615: 0xb3d1, 0x1616: 0xb3d1, 0x1617: 0xb3d1,
-	0x1618: 0xb3d1, 0x1619: 0xb3e9, 0x161a: 0xb3e9, 0x161b: 0xb3e9, 0x161c: 0xb3e9, 0x161d: 0xb401,
-	0x161e: 0xb401, 0x161f: 0xb401, 0x1620: 0xb401, 0x1621: 0xb419, 0x1622: 0xb419, 0x1623: 0xb419,
-	0x1624: 0xb419, 0x1625: 0xb431, 0x1626: 0xb431, 0x1627: 0xb431, 0x1628: 0xb431, 0x1629: 0xb449,
-	0x162a: 0xb449, 0x162b: 0xb449, 0x162c: 0xb449, 0x162d: 0xb461, 0x162e: 0xb461, 0x162f: 0x7b01,
-	0x1630: 0x7b01, 0x1631: 0xb479, 0x1632: 0xb479, 0x1633: 0xb479, 0x1634: 0xb479, 0x1635: 0xb491,
-	0x1636: 0xb491, 0x1637: 0xb4b9, 0x1638: 0xb4b9, 0x1639: 0xb4e1, 0x163a: 0xb4e1, 0x163b: 0xb509,
-	0x163c: 0xb509, 0x163d: 0x0040, 0x163e: 0x0040, 0x163f: 0x03c0,
+	0x1600: 0x0672, 0x1601: 0x0019, 0x1602: 0x02e9, 0x1603: 0x03d9, 0x1604: 0x02f1, 0x1605: 0x02f9,
+	0x1606: 0x03f1, 0x1607: 0x0309, 0x1608: 0x00a9, 0x1609: 0x0311, 0x160a: 0x00b1, 0x160b: 0x0319,
+	0x160c: 0x0101, 0x160d: 0x0321, 0x160e: 0x0329, 0x160f: 0x0051, 0x1610: 0x0339, 0x1611: 0x0751,
+	0x1612: 0x00b9, 0x1613: 0x0089, 0x1614: 0x0341, 0x1615: 0x0349, 0x1616: 0x0391, 0x1617: 0x00c1,
+	0x1618: 0x0109, 0x1619: 0x00c9, 0x161a: 0x04b1, 0x161b: 0x1fe2, 0x161c: 0x21da, 0x161d: 0x1fea,
+	0x161e: 0x21e2, 0x161f: 0x810d, 0x1620: 0x812d, 0x1621: 0x0961, 0x1622: 0x814d, 0x1623: 0x814d,
+	0x1624: 0x816d, 0x1625: 0x818d, 0x1626: 0x81ad, 0x1627: 0x81cd, 0x1628: 0x81ed, 0x1629: 0x820d,
+	0x162a: 0x822d, 0x162b: 0x824d, 0x162c: 0x826d, 0x162d: 0x828d, 0x162e: 0x82ad, 0x162f: 0x82cd,
+	0x1630: 0x82ed, 0x1631: 0x830d, 0x1632: 0x832d, 0x1633: 0x834d, 0x1634: 0x836d, 0x1635: 0x838d,
+	0x1636: 0x83ad, 0x1637: 0x83cd, 0x1638: 0x83ed, 0x1639: 0x840d, 0x163a: 0x842d, 0x163b: 0x844d,
+	0x163c: 0x81ed, 0x163d: 0x846d, 0x163e: 0x848d, 0x163f: 0x824d,
 	// Block 0x59, offset 0x1640
-	0x1640: 0x0040, 0x1641: 0xaf4a, 0x1642: 0xb532, 0x1643: 0xafba, 0x1644: 0xb02a, 0x1645: 0xb03a,
-	0x1646: 0xafca, 0x1647: 0xb542, 0x1648: 0x1fd2, 0x1649: 0x1fe2, 0x164a: 0xafda, 0x164b: 0x1fb2,
-	0x164c: 0xaf2a, 0x164d: 0xafe9, 0x164e: 0x29d1, 0x164f: 0xb552, 0x1650: 0x1f41, 0x1651: 0x00c9,
-	0x1652: 0x0069, 0x1653: 0x0079, 0x1654: 0x1f51, 0x1655: 0x1f61, 0x1656: 0x1f71, 0x1657: 0x1f81,
-	0x1658: 0x1f91, 0x1659: 0x1fa1, 0x165a: 0xaf3a, 0x165b: 0x03c2, 0x165c: 0xaffa, 0x165d: 0x1fc2,
-	0x165e: 0xb00a, 0x165f: 0xaf5a, 0x1660: 0xb04a, 0x1661: 0x0039, 0x1662: 0x0ee9, 0x1663: 0x1159,
-	0x1664: 0x0ef9, 0x1665: 0x0f09, 0x1666: 0x1199, 0x1667: 0x0f31, 0x1668: 0x0249, 0x1669: 0x0f41,
-	0x166a: 0x0259, 0x166b: 0x0f51, 0x166c: 0x0359, 0x166d: 0x0f61, 0x166e: 0x0f71, 0x166f: 0x00d9,
-	0x1670: 0x0f99, 0x1671: 0x2039, 0x1672: 0x0269, 0x1673: 0x01d9, 0x1674: 0x0fa9, 0x1675: 0x0fb9,
-	0x1676: 0x1089, 0x1677: 0x0279, 0x1678: 0x0369, 0x1679: 0x0289, 0x167a: 0x13d1, 0x167b: 0xaf9a,
-	0x167c: 0xb01a, 0x167d: 0xafaa, 0x167e: 0xb562, 0x167f: 0xaf6a,
+	0x1640: 0x84ad, 0x1641: 0x84cd, 0x1642: 0x84ed, 0x1643: 0x850d, 0x1644: 0x852d, 0x1645: 0x854d,
+	0x1646: 0x856d, 0x1647: 0x858d, 0x1648: 0x850d, 0x1649: 0x85ad, 0x164a: 0x850d, 0x164b: 0x85cd,
+	0x164c: 0x85cd, 0x164d: 0x85ed, 0x164e: 0x85ed, 0x164f: 0x860d, 0x1650: 0x854d, 0x1651: 0x862d,
+	0x1652: 0x864d, 0x1653: 0x862d, 0x1654: 0x866d, 0x1655: 0x864d, 0x1656: 0x868d, 0x1657: 0x868d,
+	0x1658: 0x86ad, 0x1659: 0x86ad, 0x165a: 0x86cd, 0x165b: 0x86cd, 0x165c: 0x864d, 0x165d: 0x814d,
+	0x165e: 0x86ed, 0x165f: 0x870d, 0x1660: 0x0040, 0x1661: 0x872d, 0x1662: 0x874d, 0x1663: 0x876d,
+	0x1664: 0x878d, 0x1665: 0x876d, 0x1666: 0x87ad, 0x1667: 0x87cd, 0x1668: 0x87ed, 0x1669: 0x87ed,
+	0x166a: 0x880d, 0x166b: 0x880d, 0x166c: 0x882d, 0x166d: 0x882d, 0x166e: 0x880d, 0x166f: 0x880d,
+	0x1670: 0x884d, 0x1671: 0x886d, 0x1672: 0x888d, 0x1673: 0x88ad, 0x1674: 0x88cd, 0x1675: 0x88ed,
+	0x1676: 0x88ed, 0x1677: 0x88ed, 0x1678: 0x890d, 0x1679: 0x890d, 0x167a: 0x890d, 0x167b: 0x890d,
+	0x167c: 0x87ed, 0x167d: 0x87ed, 0x167e: 0x87ed, 0x167f: 0x0040,
 	// Block 0x5a, offset 0x1680
-	0x1680: 0x1caa, 0x1681: 0x0039, 0x1682: 0x0ee9, 0x1683: 0x1159, 0x1684: 0x0ef9, 0x1685: 0x0f09,
-	0x1686: 0x1199, 0x1687: 0x0f31, 0x1688: 0x0249, 0x1689: 0x0f41, 0x168a: 0x0259, 0x168b: 0x0f51,
-	0x168c: 0x0359, 0x168d: 0x0f61, 0x168e: 0x0f71, 0x168f: 0x00d9, 0x1690: 0x0f99, 0x1691: 0x2039,
-	0x1692: 0x0269, 0x1693: 0x01d9, 0x1694: 0x0fa9, 0x1695: 0x0fb9, 0x1696: 0x1089, 0x1697: 0x0279,
-	0x1698: 0x0369, 0x1699: 0x0289, 0x169a: 0x13d1, 0x169b: 0xaf7a, 0x169c: 0xb572, 0x169d: 0xaf8a,
-	0x169e: 0xb582, 0x169f: 0x810d, 0x16a0: 0x812d, 0x16a1: 0x29d1, 0x16a2: 0x814d, 0x16a3: 0x814d,
-	0x16a4: 0x816d, 0x16a5: 0x818d, 0x16a6: 0x81ad, 0x16a7: 0x81cd, 0x16a8: 0x81ed, 0x16a9: 0x820d,
-	0x16aa: 0x822d, 0x16ab: 0x824d, 0x16ac: 0x826d, 0x16ad: 0x828d, 0x16ae: 0x82ad, 0x16af: 0x82cd,
-	0x16b0: 0x82ed, 0x16b1: 0x830d, 0x16b2: 0x832d, 0x16b3: 0x834d, 0x16b4: 0x836d, 0x16b5: 0x838d,
-	0x16b6: 0x83ad, 0x16b7: 0x83cd, 0x16b8: 0x83ed, 0x16b9: 0x840d, 0x16ba: 0x842d, 0x16bb: 0x844d,
-	0x16bc: 0x81ed, 0x16bd: 0x846d, 0x16be: 0x848d, 0x16bf: 0x824d,
+	0x1680: 0x0040, 0x1681: 0x0040, 0x1682: 0x874d, 0x1683: 0x872d, 0x1684: 0x892d, 0x1685: 0x872d,
+	0x1686: 0x874d, 0x1687: 0x872d, 0x1688: 0x0040, 0x1689: 0x0040, 0x168a: 0x894d, 0x168b: 0x874d,
+	0x168c: 0x896d, 0x168d: 0x892d, 0x168e: 0x896d, 0x168f: 0x874d, 0x1690: 0x0040, 0x1691: 0x0040,
+	0x1692: 0x898d, 0x1693: 0x89ad, 0x1694: 0x88ad, 0x1695: 0x896d, 0x1696: 0x892d, 0x1697: 0x896d,
+	0x1698: 0x0040, 0x1699: 0x0040, 0x169a: 0x89cd, 0x169b: 0x89ed, 0x169c: 0x89cd, 0x169d: 0x0040,
+	0x169e: 0x0040, 0x169f: 0x0040, 0x16a0: 0x21e9, 0x16a1: 0x21f1, 0x16a2: 0x21f9, 0x16a3: 0x8a0e,
+	0x16a4: 0x2201, 0x16a5: 0x2209, 0x16a6: 0x8a2d, 0x16a7: 0x0040, 0x16a8: 0x8a4d, 0x16a9: 0x8a6d,
+	0x16aa: 0x8a8d, 0x16ab: 0x8a6d, 0x16ac: 0x8aad, 0x16ad: 0x8acd, 0x16ae: 0x8aed, 0x16af: 0x0040,
+	0x16b0: 0x0040, 0x16b1: 0x0040, 0x16b2: 0x0040, 0x16b3: 0x0040, 0x16b4: 0x0040, 0x16b5: 0x0040,
+	0x16b6: 0x0040, 0x16b7: 0x0040, 0x16b8: 0x0040, 0x16b9: 0x0340, 0x16ba: 0x0340, 0x16bb: 0x0340,
+	0x16bc: 0x0040, 0x16bd: 0x0040, 0x16be: 0x0040, 0x16bf: 0x0040,
 	// Block 0x5b, offset 0x16c0
-	0x16c0: 0x84ad, 0x16c1: 0x84cd, 0x16c2: 0x84ed, 0x16c3: 0x850d, 0x16c4: 0x852d, 0x16c5: 0x854d,
-	0x16c6: 0x856d, 0x16c7: 0x858d, 0x16c8: 0x850d, 0x16c9: 0x85ad, 0x16ca: 0x850d, 0x16cb: 0x85cd,
-	0x16cc: 0x85cd, 0x16cd: 0x85ed, 0x16ce: 0x85ed, 0x16cf: 0x860d, 0x16d0: 0x854d, 0x16d1: 0x862d,
-	0x16d2: 0x864d, 0x16d3: 0x862d, 0x16d4: 0x866d, 0x16d5: 0x864d, 0x16d6: 0x868d, 0x16d7: 0x868d,
-	0x16d8: 0x86ad, 0x16d9: 0x86ad, 0x16da: 0x86cd, 0x16db: 0x86cd, 0x16dc: 0x864d, 0x16dd: 0x814d,
-	0x16de: 0x86ed, 0x16df: 0x870d, 0x16e0: 0x0040, 0x16e1: 0x872d, 0x16e2: 0x874d, 0x16e3: 0x876d,
-	0x16e4: 0x878d, 0x16e5: 0x876d, 0x16e6: 0x87ad, 0x16e7: 0x87cd, 0x16e8: 0x87ed, 0x16e9: 0x87ed,
-	0x16ea: 0x880d, 0x16eb: 0x880d, 0x16ec: 0x882d, 0x16ed: 0x882d, 0x16ee: 0x880d, 0x16ef: 0x880d,
-	0x16f0: 0x884d, 0x16f1: 0x886d, 0x16f2: 0x888d, 0x16f3: 0x88ad, 0x16f4: 0x88cd, 0x16f5: 0x88ed,
-	0x16f6: 0x88ed, 0x16f7: 0x88ed, 0x16f8: 0x890d, 0x16f9: 0x890d, 0x16fa: 0x890d, 0x16fb: 0x890d,
-	0x16fc: 0x87ed, 0x16fd: 0x87ed, 0x16fe: 0x87ed, 0x16ff: 0x0040,
+	0x16c0: 0x0a08, 0x16c1: 0x0a08, 0x16c2: 0x0a08, 0x16c3: 0x0a08, 0x16c4: 0x0a08, 0x16c5: 0x0c08,
+	0x16c6: 0x0808, 0x16c7: 0x0c08, 0x16c8: 0x0818, 0x16c9: 0x0c08, 0x16ca: 0x0c08, 0x16cb: 0x0808,
+	0x16cc: 0x0808, 0x16cd: 0x0908, 0x16ce: 0x0c08, 0x16cf: 0x0c08, 0x16d0: 0x0c08, 0x16d1: 0x0c08,
+	0x16d2: 0x0c08, 0x16d3: 0x0a08, 0x16d4: 0x0a08, 0x16d5: 0x0a08, 0x16d6: 0x0a08, 0x16d7: 0x0908,
+	0x16d8: 0x0a08, 0x16d9: 0x0a08, 0x16da: 0x0a08, 0x16db: 0x0a08, 0x16dc: 0x0a08, 0x16dd: 0x0c08,
+	0x16de: 0x0a08, 0x16df: 0x0a08, 0x16e0: 0x0a08, 0x16e1: 0x0c08, 0x16e2: 0x0808, 0x16e3: 0x0808,
+	0x16e4: 0x0c08, 0x16e5: 0x3308, 0x16e6: 0x3308, 0x16e7: 0x0040, 0x16e8: 0x0040, 0x16e9: 0x0040,
+	0x16ea: 0x0040, 0x16eb: 0x0a18, 0x16ec: 0x0a18, 0x16ed: 0x0a18, 0x16ee: 0x0a18, 0x16ef: 0x0c18,
+	0x16f0: 0x0818, 0x16f1: 0x0818, 0x16f2: 0x0818, 0x16f3: 0x0818, 0x16f4: 0x0818, 0x16f5: 0x0818,
+	0x16f6: 0x0818, 0x16f7: 0x0040, 0x16f8: 0x0040, 0x16f9: 0x0040, 0x16fa: 0x0040, 0x16fb: 0x0040,
+	0x16fc: 0x0040, 0x16fd: 0x0040, 0x16fe: 0x0040, 0x16ff: 0x0040,
 	// Block 0x5c, offset 0x1700
-	0x1700: 0x0040, 0x1701: 0x0040, 0x1702: 0x874d, 0x1703: 0x872d, 0x1704: 0x892d, 0x1705: 0x872d,
-	0x1706: 0x874d, 0x1707: 0x872d, 0x1708: 0x0040, 0x1709: 0x0040, 0x170a: 0x894d, 0x170b: 0x874d,
-	0x170c: 0x896d, 0x170d: 0x892d, 0x170e: 0x896d, 0x170f: 0x874d, 0x1710: 0x0040, 0x1711: 0x0040,
-	0x1712: 0x898d, 0x1713: 0x89ad, 0x1714: 0x88ad, 0x1715: 0x896d, 0x1716: 0x892d, 0x1717: 0x896d,
-	0x1718: 0x0040, 0x1719: 0x0040, 0x171a: 0x89cd, 0x171b: 0x89ed, 0x171c: 0x89cd, 0x171d: 0x0040,
-	0x171e: 0x0040, 0x171f: 0x0040, 0x1720: 0xb591, 0x1721: 0xb5a9, 0x1722: 0xb5c1, 0x1723: 0x8a0e,
-	0x1724: 0xb5d9, 0x1725: 0xb5f1, 0x1726: 0x8a2d, 0x1727: 0x0040, 0x1728: 0x8a4d, 0x1729: 0x8a6d,
-	0x172a: 0x8a8d, 0x172b: 0x8a6d, 0x172c: 0x8aad, 0x172d: 0x8acd, 0x172e: 0x8aed, 0x172f: 0x0040,
+	0x1700: 0x0a08, 0x1701: 0x0c08, 0x1702: 0x0a08, 0x1703: 0x0c08, 0x1704: 0x0c08, 0x1705: 0x0c08,
+	0x1706: 0x0a08, 0x1707: 0x0a08, 0x1708: 0x0a08, 0x1709: 0x0c08, 0x170a: 0x0a08, 0x170b: 0x0a08,
+	0x170c: 0x0c08, 0x170d: 0x0a08, 0x170e: 0x0c08, 0x170f: 0x0c08, 0x1710: 0x0a08, 0x1711: 0x0c08,
+	0x1712: 0x0040, 0x1713: 0x0040, 0x1714: 0x0040, 0x1715: 0x0040, 0x1716: 0x0040, 0x1717: 0x0040,
+	0x1718: 0x0040, 0x1719: 0x0818, 0x171a: 0x0818, 0x171b: 0x0818, 0x171c: 0x0818, 0x171d: 0x0040,
+	0x171e: 0x0040, 0x171f: 0x0040, 0x1720: 0x0040, 0x1721: 0x0040, 0x1722: 0x0040, 0x1723: 0x0040,
+	0x1724: 0x0040, 0x1725: 0x0040, 0x1726: 0x0040, 0x1727: 0x0040, 0x1728: 0x0040, 0x1729: 0x0c18,
+	0x172a: 0x0c18, 0x172b: 0x0c18, 0x172c: 0x0c18, 0x172d: 0x0a18, 0x172e: 0x0a18, 0x172f: 0x0818,
 	0x1730: 0x0040, 0x1731: 0x0040, 0x1732: 0x0040, 0x1733: 0x0040, 0x1734: 0x0040, 0x1735: 0x0040,
-	0x1736: 0x0040, 0x1737: 0x0040, 0x1738: 0x0040, 0x1739: 0x0340, 0x173a: 0x0340, 0x173b: 0x0340,
+	0x1736: 0x0040, 0x1737: 0x0040, 0x1738: 0x0040, 0x1739: 0x0040, 0x173a: 0x0040, 0x173b: 0x0040,
 	0x173c: 0x0040, 0x173d: 0x0040, 0x173e: 0x0040, 0x173f: 0x0040,
 	// Block 0x5d, offset 0x1740
-	0x1740: 0x0a08, 0x1741: 0x0a08, 0x1742: 0x0a08, 0x1743: 0x0a08, 0x1744: 0x0a08, 0x1745: 0x0c08,
-	0x1746: 0x0808, 0x1747: 0x0c08, 0x1748: 0x0818, 0x1749: 0x0c08, 0x174a: 0x0c08, 0x174b: 0x0808,
-	0x174c: 0x0808, 0x174d: 0x0908, 0x174e: 0x0c08, 0x174f: 0x0c08, 0x1750: 0x0c08, 0x1751: 0x0c08,
-	0x1752: 0x0c08, 0x1753: 0x0a08, 0x1754: 0x0a08, 0x1755: 0x0a08, 0x1756: 0x0a08, 0x1757: 0x0908,
-	0x1758: 0x0a08, 0x1759: 0x0a08, 0x175a: 0x0a08, 0x175b: 0x0a08, 0x175c: 0x0a08, 0x175d: 0x0c08,
-	0x175e: 0x0a08, 0x175f: 0x0a08, 0x1760: 0x0a08, 0x1761: 0x0c08, 0x1762: 0x0808, 0x1763: 0x0808,
-	0x1764: 0x0c08, 0x1765: 0x3308, 0x1766: 0x3308, 0x1767: 0x0040, 0x1768: 0x0040, 0x1769: 0x0040,
-	0x176a: 0x0040, 0x176b: 0x0a18, 0x176c: 0x0a18, 0x176d: 0x0a18, 0x176e: 0x0a18, 0x176f: 0x0c18,
-	0x1770: 0x0818, 0x1771: 0x0818, 0x1772: 0x0818, 0x1773: 0x0818, 0x1774: 0x0818, 0x1775: 0x0818,
-	0x1776: 0x0818, 0x1777: 0x0040, 0x1778: 0x0040, 0x1779: 0x0040, 0x177a: 0x0040, 0x177b: 0x0040,
-	0x177c: 0x0040, 0x177d: 0x0040, 0x177e: 0x0040, 0x177f: 0x0040,
+	0x1740: 0x3308, 0x1741: 0x3308, 0x1742: 0x3008, 0x1743: 0x3008, 0x1744: 0x0040, 0x1745: 0x0008,
+	0x1746: 0x0008, 0x1747: 0x0008, 0x1748: 0x0008, 0x1749: 0x0008, 0x174a: 0x0008, 0x174b: 0x0008,
+	0x174c: 0x0008, 0x174d: 0x0040, 0x174e: 0x0040, 0x174f: 0x0008, 0x1750: 0x0008, 0x1751: 0x0040,
+	0x1752: 0x0040, 0x1753: 0x0008, 0x1754: 0x0008, 0x1755: 0x0008, 0x1756: 0x0008, 0x1757: 0x0008,
+	0x1758: 0x0008, 0x1759: 0x0008, 0x175a: 0x0008, 0x175b: 0x0008, 0x175c: 0x0008, 0x175d: 0x0008,
+	0x175e: 0x0008, 0x175f: 0x0008, 0x1760: 0x0008, 0x1761: 0x0008, 0x1762: 0x0008, 0x1763: 0x0008,
+	0x1764: 0x0008, 0x1765: 0x0008, 0x1766: 0x0008, 0x1767: 0x0008, 0x1768: 0x0008, 0x1769: 0x0040,
+	0x176a: 0x0008, 0x176b: 0x0008, 0x176c: 0x0008, 0x176d: 0x0008, 0x176e: 0x0008, 0x176f: 0x0008,
+	0x1770: 0x0008, 0x1771: 0x0040, 0x1772: 0x0008, 0x1773: 0x0008, 0x1774: 0x0040, 0x1775: 0x0008,
+	0x1776: 0x0008, 0x1777: 0x0008, 0x1778: 0x0008, 0x1779: 0x0008, 0x177a: 0x0040, 0x177b: 0x3308,
+	0x177c: 0x3308, 0x177d: 0x0008, 0x177e: 0x3008, 0x177f: 0x3008,
 	// Block 0x5e, offset 0x1780
-	0x1780: 0x0a08, 0x1781: 0x0c08, 0x1782: 0x0a08, 0x1783: 0x0c08, 0x1784: 0x0c08, 0x1785: 0x0c08,
-	0x1786: 0x0a08, 0x1787: 0x0a08, 0x1788: 0x0a08, 0x1789: 0x0c08, 0x178a: 0x0a08, 0x178b: 0x0a08,
-	0x178c: 0x0c08, 0x178d: 0x0a08, 0x178e: 0x0c08, 0x178f: 0x0c08, 0x1790: 0x0a08, 0x1791: 0x0c08,
-	0x1792: 0x0040, 0x1793: 0x0040, 0x1794: 0x0040, 0x1795: 0x0040, 0x1796: 0x0040, 0x1797: 0x0040,
-	0x1798: 0x0040, 0x1799: 0x0818, 0x179a: 0x0818, 0x179b: 0x0818, 0x179c: 0x0818, 0x179d: 0x0040,
-	0x179e: 0x0040, 0x179f: 0x0040, 0x17a0: 0x0040, 0x17a1: 0x0040, 0x17a2: 0x0040, 0x17a3: 0x0040,
-	0x17a4: 0x0040, 0x17a5: 0x0040, 0x17a6: 0x0040, 0x17a7: 0x0040, 0x17a8: 0x0040, 0x17a9: 0x0c18,
-	0x17aa: 0x0c18, 0x17ab: 0x0c18, 0x17ac: 0x0c18, 0x17ad: 0x0a18, 0x17ae: 0x0a18, 0x17af: 0x0818,
-	0x17b0: 0x0040, 0x17b1: 0x0040, 0x17b2: 0x0040, 0x17b3: 0x0040, 0x17b4: 0x0040, 0x17b5: 0x0040,
+	0x1780: 0x3308, 0x1781: 0x3008, 0x1782: 0x3008, 0x1783: 0x3008, 0x1784: 0x3008, 0x1785: 0x0040,
+	0x1786: 0x0040, 0x1787: 0x3008, 0x1788: 0x3008, 0x1789: 0x0040, 0x178a: 0x0040, 0x178b: 0x3008,
+	0x178c: 0x3008, 0x178d: 0x3808, 0x178e: 0x0040, 0x178f: 0x0040, 0x1790: 0x0008, 0x1791: 0x0040,
+	0x1792: 0x0040, 0x1793: 0x0040, 0x1794: 0x0040, 0x1795: 0x0040, 0x1796: 0x0040, 0x1797: 0x3008,
+	0x1798: 0x0040, 0x1799: 0x0040, 0x179a: 0x0040, 0x179b: 0x0040, 0x179c: 0x0040, 0x179d: 0x0008,
+	0x179e: 0x0008, 0x179f: 0x0008, 0x17a0: 0x0008, 0x17a1: 0x0008, 0x17a2: 0x3008, 0x17a3: 0x3008,
+	0x17a4: 0x0040, 0x17a5: 0x0040, 0x17a6: 0x3308, 0x17a7: 0x3308, 0x17a8: 0x3308, 0x17a9: 0x3308,
+	0x17aa: 0x3308, 0x17ab: 0x3308, 0x17ac: 0x3308, 0x17ad: 0x0040, 0x17ae: 0x0040, 0x17af: 0x0040,
+	0x17b0: 0x3308, 0x17b1: 0x3308, 0x17b2: 0x3308, 0x17b3: 0x3308, 0x17b4: 0x3308, 0x17b5: 0x0040,
 	0x17b6: 0x0040, 0x17b7: 0x0040, 0x17b8: 0x0040, 0x17b9: 0x0040, 0x17ba: 0x0040, 0x17bb: 0x0040,
 	0x17bc: 0x0040, 0x17bd: 0x0040, 0x17be: 0x0040, 0x17bf: 0x0040,
 	// Block 0x5f, offset 0x17c0
-	0x17c0: 0x3308, 0x17c1: 0x3308, 0x17c2: 0x3008, 0x17c3: 0x3008, 0x17c4: 0x0040, 0x17c5: 0x0008,
-	0x17c6: 0x0008, 0x17c7: 0x0008, 0x17c8: 0x0008, 0x17c9: 0x0008, 0x17ca: 0x0008, 0x17cb: 0x0008,
-	0x17cc: 0x0008, 0x17cd: 0x0040, 0x17ce: 0x0040, 0x17cf: 0x0008, 0x17d0: 0x0008, 0x17d1: 0x0040,
-	0x17d2: 0x0040, 0x17d3: 0x0008, 0x17d4: 0x0008, 0x17d5: 0x0008, 0x17d6: 0x0008, 0x17d7: 0x0008,
+	0x17c0: 0x0008, 0x17c1: 0x0008, 0x17c2: 0x0008, 0x17c3: 0x0008, 0x17c4: 0x0008, 0x17c5: 0x0008,
+	0x17c6: 0x0008, 0x17c7: 0x0040, 0x17c8: 0x0040, 0x17c9: 0x0008, 0x17ca: 0x0040, 0x17cb: 0x0040,
+	0x17cc: 0x0008, 0x17cd: 0x0008, 0x17ce: 0x0008, 0x17cf: 0x0008, 0x17d0: 0x0008, 0x17d1: 0x0008,
+	0x17d2: 0x0008, 0x17d3: 0x0008, 0x17d4: 0x0040, 0x17d5: 0x0008, 0x17d6: 0x0008, 0x17d7: 0x0040,
 	0x17d8: 0x0008, 0x17d9: 0x0008, 0x17da: 0x0008, 0x17db: 0x0008, 0x17dc: 0x0008, 0x17dd: 0x0008,
 	0x17de: 0x0008, 0x17df: 0x0008, 0x17e0: 0x0008, 0x17e1: 0x0008, 0x17e2: 0x0008, 0x17e3: 0x0008,
-	0x17e4: 0x0008, 0x17e5: 0x0008, 0x17e6: 0x0008, 0x17e7: 0x0008, 0x17e8: 0x0008, 0x17e9: 0x0040,
+	0x17e4: 0x0008, 0x17e5: 0x0008, 0x17e6: 0x0008, 0x17e7: 0x0008, 0x17e8: 0x0008, 0x17e9: 0x0008,
 	0x17ea: 0x0008, 0x17eb: 0x0008, 0x17ec: 0x0008, 0x17ed: 0x0008, 0x17ee: 0x0008, 0x17ef: 0x0008,
-	0x17f0: 0x0008, 0x17f1: 0x0040, 0x17f2: 0x0008, 0x17f3: 0x0008, 0x17f4: 0x0040, 0x17f5: 0x0008,
-	0x17f6: 0x0008, 0x17f7: 0x0008, 0x17f8: 0x0008, 0x17f9: 0x0008, 0x17fa: 0x0040, 0x17fb: 0x3308,
-	0x17fc: 0x3308, 0x17fd: 0x0008, 0x17fe: 0x3008, 0x17ff: 0x3008,
+	0x17f0: 0x3008, 0x17f1: 0x3008, 0x17f2: 0x3008, 0x17f3: 0x3008, 0x17f4: 0x3008, 0x17f5: 0x3008,
+	0x17f6: 0x0040, 0x17f7: 0x3008, 0x17f8: 0x3008, 0x17f9: 0x0040, 0x17fa: 0x0040, 0x17fb: 0x3308,
+	0x17fc: 0x3308, 0x17fd: 0x3808, 0x17fe: 0x3b08, 0x17ff: 0x0008,
 	// Block 0x60, offset 0x1800
-	0x1800: 0x3308, 0x1801: 0x3008, 0x1802: 0x3008, 0x1803: 0x3008, 0x1804: 0x3008, 0x1805: 0x0040,
-	0x1806: 0x0040, 0x1807: 0x3008, 0x1808: 0x3008, 0x1809: 0x0040, 0x180a: 0x0040, 0x180b: 0x3008,
-	0x180c: 0x3008, 0x180d: 0x3808, 0x180e: 0x0040, 0x180f: 0x0040, 0x1810: 0x0008, 0x1811: 0x0040,
-	0x1812: 0x0040, 0x1813: 0x0040, 0x1814: 0x0040, 0x1815: 0x0040, 0x1816: 0x0040, 0x1817: 0x3008,
-	0x1818: 0x0040, 0x1819: 0x0040, 0x181a: 0x0040, 0x181b: 0x0040, 0x181c: 0x0040, 0x181d: 0x0008,
-	0x181e: 0x0008, 0x181f: 0x0008, 0x1820: 0x0008, 0x1821: 0x0008, 0x1822: 0x3008, 0x1823: 0x3008,
-	0x1824: 0x0040, 0x1825: 0x0040, 0x1826: 0x3308, 0x1827: 0x3308, 0x1828: 0x3308, 0x1829: 0x3308,
-	0x182a: 0x3308, 0x182b: 0x3308, 0x182c: 0x3308, 0x182d: 0x0040, 0x182e: 0x0040, 0x182f: 0x0040,
-	0x1830: 0x3308, 0x1831: 0x3308, 0x1832: 0x3308, 0x1833: 0x3308, 0x1834: 0x3308, 0x1835: 0x0040,
-	0x1836: 0x0040, 0x1837: 0x0040, 0x1838: 0x0040, 0x1839: 0x0040, 0x183a: 0x0040, 0x183b: 0x0040,
-	0x183c: 0x0040, 0x183d: 0x0040, 0x183e: 0x0040, 0x183f: 0x0040,
+	0x1800: 0x0019, 0x1801: 0x02e9, 0x1802: 0x03d9, 0x1803: 0x02f1, 0x1804: 0x02f9, 0x1805: 0x03f1,
+	0x1806: 0x0309, 0x1807: 0x00a9, 0x1808: 0x0311, 0x1809: 0x00b1, 0x180a: 0x0319, 0x180b: 0x0101,
+	0x180c: 0x0321, 0x180d: 0x0329, 0x180e: 0x0051, 0x180f: 0x0339, 0x1810: 0x0751, 0x1811: 0x00b9,
+	0x1812: 0x0089, 0x1813: 0x0341, 0x1814: 0x0349, 0x1815: 0x0391, 0x1816: 0x00c1, 0x1817: 0x0109,
+	0x1818: 0x00c9, 0x1819: 0x04b1, 0x181a: 0x0019, 0x181b: 0x02e9, 0x181c: 0x03d9, 0x181d: 0x02f1,
+	0x181e: 0x02f9, 0x181f: 0x03f1, 0x1820: 0x0309, 0x1821: 0x00a9, 0x1822: 0x0311, 0x1823: 0x00b1,
+	0x1824: 0x0319, 0x1825: 0x0101, 0x1826: 0x0321, 0x1827: 0x0329, 0x1828: 0x0051, 0x1829: 0x0339,
+	0x182a: 0x0751, 0x182b: 0x00b9, 0x182c: 0x0089, 0x182d: 0x0341, 0x182e: 0x0349, 0x182f: 0x0391,
+	0x1830: 0x00c1, 0x1831: 0x0109, 0x1832: 0x00c9, 0x1833: 0x04b1, 0x1834: 0x0019, 0x1835: 0x02e9,
+	0x1836: 0x03d9, 0x1837: 0x02f1, 0x1838: 0x02f9, 0x1839: 0x03f1, 0x183a: 0x0309, 0x183b: 0x00a9,
+	0x183c: 0x0311, 0x183d: 0x00b1, 0x183e: 0x0319, 0x183f: 0x0101,
 	// Block 0x61, offset 0x1840
-	0x1840: 0x0008, 0x1841: 0x0008, 0x1842: 0x0008, 0x1843: 0x0008, 0x1844: 0x0008, 0x1845: 0x0008,
-	0x1846: 0x0008, 0x1847: 0x0040, 0x1848: 0x0040, 0x1849: 0x0008, 0x184a: 0x0040, 0x184b: 0x0040,
-	0x184c: 0x0008, 0x184d: 0x0008, 0x184e: 0x0008, 0x184f: 0x0008, 0x1850: 0x0008, 0x1851: 0x0008,
-	0x1852: 0x0008, 0x1853: 0x0008, 0x1854: 0x0040, 0x1855: 0x0008, 0x1856: 0x0008, 0x1857: 0x0040,
-	0x1858: 0x0008, 0x1859: 0x0008, 0x185a: 0x0008, 0x185b: 0x0008, 0x185c: 0x0008, 0x185d: 0x0008,
-	0x185e: 0x0008, 0x185f: 0x0008, 0x1860: 0x0008, 0x1861: 0x0008, 0x1862: 0x0008, 0x1863: 0x0008,
-	0x1864: 0x0008, 0x1865: 0x0008, 0x1866: 0x0008, 0x1867: 0x0008, 0x1868: 0x0008, 0x1869: 0x0008,
-	0x186a: 0x0008, 0x186b: 0x0008, 0x186c: 0x0008, 0x186d: 0x0008, 0x186e: 0x0008, 0x186f: 0x0008,
-	0x1870: 0x3008, 0x1871: 0x3008, 0x1872: 0x3008, 0x1873: 0x3008, 0x1874: 0x3008, 0x1875: 0x3008,
-	0x1876: 0x0040, 0x1877: 0x3008, 0x1878: 0x3008, 0x1879: 0x0040, 0x187a: 0x0040, 0x187b: 0x3308,
-	0x187c: 0x3308, 0x187d: 0x3808, 0x187e: 0x3b08, 0x187f: 0x0008,
+	0x1840: 0x0321, 0x1841: 0x0329, 0x1842: 0x0051, 0x1843: 0x0339, 0x1844: 0x0751, 0x1845: 0x00b9,
+	0x1846: 0x0089, 0x1847: 0x0341, 0x1848: 0x0349, 0x1849: 0x0391, 0x184a: 0x00c1, 0x184b: 0x0109,
+	0x184c: 0x00c9, 0x184d: 0x04b1, 0x184e: 0x0019, 0x184f: 0x02e9, 0x1850: 0x03d9, 0x1851: 0x02f1,
+	0x1852: 0x02f9, 0x1853: 0x03f1, 0x1854: 0x0309, 0x1855: 0x0040, 0x1856: 0x0311, 0x1857: 0x00b1,
+	0x1858: 0x0319, 0x1859: 0x0101, 0x185a: 0x0321, 0x185b: 0x0329, 0x185c: 0x0051, 0x185d: 0x0339,
+	0x185e: 0x0751, 0x185f: 0x00b9, 0x1860: 0x0089, 0x1861: 0x0341, 0x1862: 0x0349, 0x1863: 0x0391,
+	0x1864: 0x00c1, 0x1865: 0x0109, 0x1866: 0x00c9, 0x1867: 0x04b1, 0x1868: 0x0019, 0x1869: 0x02e9,
+	0x186a: 0x03d9, 0x186b: 0x02f1, 0x186c: 0x02f9, 0x186d: 0x03f1, 0x186e: 0x0309, 0x186f: 0x00a9,
+	0x1870: 0x0311, 0x1871: 0x00b1, 0x1872: 0x0319, 0x1873: 0x0101, 0x1874: 0x0321, 0x1875: 0x0329,
+	0x1876: 0x0051, 0x1877: 0x0339, 0x1878: 0x0751, 0x1879: 0x00b9, 0x187a: 0x0089, 0x187b: 0x0341,
+	0x187c: 0x0349, 0x187d: 0x0391, 0x187e: 0x00c1, 0x187f: 0x0109,
 	// Block 0x62, offset 0x1880
-	0x1880: 0x0039, 0x1881: 0x0ee9, 0x1882: 0x1159, 0x1883: 0x0ef9, 0x1884: 0x0f09, 0x1885: 0x1199,
-	0x1886: 0x0f31, 0x1887: 0x0249, 0x1888: 0x0f41, 0x1889: 0x0259, 0x188a: 0x0f51, 0x188b: 0x0359,
-	0x188c: 0x0f61, 0x188d: 0x0f71, 0x188e: 0x00d9, 0x188f: 0x0f99, 0x1890: 0x2039, 0x1891: 0x0269,
-	0x1892: 0x01d9, 0x1893: 0x0fa9, 0x1894: 0x0fb9, 0x1895: 0x1089, 0x1896: 0x0279, 0x1897: 0x0369,
-	0x1898: 0x0289, 0x1899: 0x13d1, 0x189a: 0x0039, 0x189b: 0x0ee9, 0x189c: 0x1159, 0x189d: 0x0ef9,
-	0x189e: 0x0f09, 0x189f: 0x1199, 0x18a0: 0x0f31, 0x18a1: 0x0249, 0x18a2: 0x0f41, 0x18a3: 0x0259,
-	0x18a4: 0x0f51, 0x18a5: 0x0359, 0x18a6: 0x0f61, 0x18a7: 0x0f71, 0x18a8: 0x00d9, 0x18a9: 0x0f99,
-	0x18aa: 0x2039, 0x18ab: 0x0269, 0x18ac: 0x01d9, 0x18ad: 0x0fa9, 0x18ae: 0x0fb9, 0x18af: 0x1089,
-	0x18b0: 0x0279, 0x18b1: 0x0369, 0x18b2: 0x0289, 0x18b3: 0x13d1, 0x18b4: 0x0039, 0x18b5: 0x0ee9,
-	0x18b6: 0x1159, 0x18b7: 0x0ef9, 0x18b8: 0x0f09, 0x18b9: 0x1199, 0x18ba: 0x0f31, 0x18bb: 0x0249,
-	0x18bc: 0x0f41, 0x18bd: 0x0259, 0x18be: 0x0f51, 0x18bf: 0x0359,
+	0x1880: 0x00c9, 0x1881: 0x04b1, 0x1882: 0x0019, 0x1883: 0x02e9, 0x1884: 0x03d9, 0x1885: 0x02f1,
+	0x1886: 0x02f9, 0x1887: 0x03f1, 0x1888: 0x0309, 0x1889: 0x00a9, 0x188a: 0x0311, 0x188b: 0x00b1,
+	0x188c: 0x0319, 0x188d: 0x0101, 0x188e: 0x0321, 0x188f: 0x0329, 0x1890: 0x0051, 0x1891: 0x0339,
+	0x1892: 0x0751, 0x1893: 0x00b9, 0x1894: 0x0089, 0x1895: 0x0341, 0x1896: 0x0349, 0x1897: 0x0391,
+	0x1898: 0x00c1, 0x1899: 0x0109, 0x189a: 0x00c9, 0x189b: 0x04b1, 0x189c: 0x0019, 0x189d: 0x0040,
+	0x189e: 0x03d9, 0x189f: 0x02f1, 0x18a0: 0x0040, 0x18a1: 0x0040, 0x18a2: 0x0309, 0x18a3: 0x0040,
+	0x18a4: 0x0040, 0x18a5: 0x00b1, 0x18a6: 0x0319, 0x18a7: 0x0040, 0x18a8: 0x0040, 0x18a9: 0x0329,
+	0x18aa: 0x0051, 0x18ab: 0x0339, 0x18ac: 0x0751, 0x18ad: 0x0040, 0x18ae: 0x0089, 0x18af: 0x0341,
+	0x18b0: 0x0349, 0x18b1: 0x0391, 0x18b2: 0x00c1, 0x18b3: 0x0109, 0x18b4: 0x00c9, 0x18b5: 0x04b1,
+	0x18b6: 0x0019, 0x18b7: 0x02e9, 0x18b8: 0x03d9, 0x18b9: 0x02f1, 0x18ba: 0x0040, 0x18bb: 0x03f1,
+	0x18bc: 0x0040, 0x18bd: 0x00a9, 0x18be: 0x0311, 0x18bf: 0x00b1,
 	// Block 0x63, offset 0x18c0
-	0x18c0: 0x0f61, 0x18c1: 0x0f71, 0x18c2: 0x00d9, 0x18c3: 0x0f99, 0x18c4: 0x2039, 0x18c5: 0x0269,
-	0x18c6: 0x01d9, 0x18c7: 0x0fa9, 0x18c8: 0x0fb9, 0x18c9: 0x1089, 0x18ca: 0x0279, 0x18cb: 0x0369,
-	0x18cc: 0x0289, 0x18cd: 0x13d1, 0x18ce: 0x0039, 0x18cf: 0x0ee9, 0x18d0: 0x1159, 0x18d1: 0x0ef9,
-	0x18d2: 0x0f09, 0x18d3: 0x1199, 0x18d4: 0x0f31, 0x18d5: 0x0040, 0x18d6: 0x0f41, 0x18d7: 0x0259,
-	0x18d8: 0x0f51, 0x18d9: 0x0359, 0x18da: 0x0f61, 0x18db: 0x0f71, 0x18dc: 0x00d9, 0x18dd: 0x0f99,
-	0x18de: 0x2039, 0x18df: 0x0269, 0x18e0: 0x01d9, 0x18e1: 0x0fa9, 0x18e2: 0x0fb9, 0x18e3: 0x1089,
-	0x18e4: 0x0279, 0x18e5: 0x0369, 0x18e6: 0x0289, 0x18e7: 0x13d1, 0x18e8: 0x0039, 0x18e9: 0x0ee9,
-	0x18ea: 0x1159, 0x18eb: 0x0ef9, 0x18ec: 0x0f09, 0x18ed: 0x1199, 0x18ee: 0x0f31, 0x18ef: 0x0249,
-	0x18f0: 0x0f41, 0x18f1: 0x0259, 0x18f2: 0x0f51, 0x18f3: 0x0359, 0x18f4: 0x0f61, 0x18f5: 0x0f71,
-	0x18f6: 0x00d9, 0x18f7: 0x0f99, 0x18f8: 0x2039, 0x18f9: 0x0269, 0x18fa: 0x01d9, 0x18fb: 0x0fa9,
-	0x18fc: 0x0fb9, 0x18fd: 0x1089, 0x18fe: 0x0279, 0x18ff: 0x0369,
+	0x18c0: 0x0319, 0x18c1: 0x0101, 0x18c2: 0x0321, 0x18c3: 0x0329, 0x18c4: 0x0040, 0x18c5: 0x0339,
+	0x18c6: 0x0751, 0x18c7: 0x00b9, 0x18c8: 0x0089, 0x18c9: 0x0341, 0x18ca: 0x0349, 0x18cb: 0x0391,
+	0x18cc: 0x00c1, 0x18cd: 0x0109, 0x18ce: 0x00c9, 0x18cf: 0x04b1, 0x18d0: 0x0019, 0x18d1: 0x02e9,
+	0x18d2: 0x03d9, 0x18d3: 0x02f1, 0x18d4: 0x02f9, 0x18d5: 0x03f1, 0x18d6: 0x0309, 0x18d7: 0x00a9,
+	0x18d8: 0x0311, 0x18d9: 0x00b1, 0x18da: 0x0319, 0x18db: 0x0101, 0x18dc: 0x0321, 0x18dd: 0x0329,
+	0x18de: 0x0051, 0x18df: 0x0339, 0x18e0: 0x0751, 0x18e1: 0x00b9, 0x18e2: 0x0089, 0x18e3: 0x0341,
+	0x18e4: 0x0349, 0x18e5: 0x0391, 0x18e6: 0x00c1, 0x18e7: 0x0109, 0x18e8: 0x00c9, 0x18e9: 0x04b1,
+	0x18ea: 0x0019, 0x18eb: 0x02e9, 0x18ec: 0x03d9, 0x18ed: 0x02f1, 0x18ee: 0x02f9, 0x18ef: 0x03f1,
+	0x18f0: 0x0309, 0x18f1: 0x00a9, 0x18f2: 0x0311, 0x18f3: 0x00b1, 0x18f4: 0x0319, 0x18f5: 0x0101,
+	0x18f6: 0x0321, 0x18f7: 0x0329, 0x18f8: 0x0051, 0x18f9: 0x0339, 0x18fa: 0x0751, 0x18fb: 0x00b9,
+	0x18fc: 0x0089, 0x18fd: 0x0341, 0x18fe: 0x0349, 0x18ff: 0x0391,
 	// Block 0x64, offset 0x1900
-	0x1900: 0x0289, 0x1901: 0x13d1, 0x1902: 0x0039, 0x1903: 0x0ee9, 0x1904: 0x1159, 0x1905: 0x0ef9,
-	0x1906: 0x0f09, 0x1907: 0x1199, 0x1908: 0x0f31, 0x1909: 0x0249, 0x190a: 0x0f41, 0x190b: 0x0259,
-	0x190c: 0x0f51, 0x190d: 0x0359, 0x190e: 0x0f61, 0x190f: 0x0f71, 0x1910: 0x00d9, 0x1911: 0x0f99,
-	0x1912: 0x2039, 0x1913: 0x0269, 0x1914: 0x01d9, 0x1915: 0x0fa9, 0x1916: 0x0fb9, 0x1917: 0x1089,
-	0x1918: 0x0279, 0x1919: 0x0369, 0x191a: 0x0289, 0x191b: 0x13d1, 0x191c: 0x0039, 0x191d: 0x0040,
-	0x191e: 0x1159, 0x191f: 0x0ef9, 0x1920: 0x0040, 0x1921: 0x0040, 0x1922: 0x0f31, 0x1923: 0x0040,
-	0x1924: 0x0040, 0x1925: 0x0259, 0x1926: 0x0f51, 0x1927: 0x0040, 0x1928: 0x0040, 0x1929: 0x0f71,
-	0x192a: 0x00d9, 0x192b: 0x0f99, 0x192c: 0x2039, 0x192d: 0x0040, 0x192e: 0x01d9, 0x192f: 0x0fa9,
-	0x1930: 0x0fb9, 0x1931: 0x1089, 0x1932: 0x0279, 0x1933: 0x0369, 0x1934: 0x0289, 0x1935: 0x13d1,
-	0x1936: 0x0039, 0x1937: 0x0ee9, 0x1938: 0x1159, 0x1939: 0x0ef9, 0x193a: 0x0040, 0x193b: 0x1199,
-	0x193c: 0x0040, 0x193d: 0x0249, 0x193e: 0x0f41, 0x193f: 0x0259,
+	0x1900: 0x00c1, 0x1901: 0x0109, 0x1902: 0x00c9, 0x1903: 0x04b1, 0x1904: 0x0019, 0x1905: 0x02e9,
+	0x1906: 0x0040, 0x1907: 0x02f1, 0x1908: 0x02f9, 0x1909: 0x03f1, 0x190a: 0x0309, 0x190b: 0x0040,
+	0x190c: 0x0040, 0x190d: 0x00b1, 0x190e: 0x0319, 0x190f: 0x0101, 0x1910: 0x0321, 0x1911: 0x0329,
+	0x1912: 0x0051, 0x1913: 0x0339, 0x1914: 0x0751, 0x1915: 0x0040, 0x1916: 0x0089, 0x1917: 0x0341,
+	0x1918: 0x0349, 0x1919: 0x0391, 0x191a: 0x00c1, 0x191b: 0x0109, 0x191c: 0x00c9, 0x191d: 0x0040,
+	0x191e: 0x0019, 0x191f: 0x02e9, 0x1920: 0x03d9, 0x1921: 0x02f1, 0x1922: 0x02f9, 0x1923: 0x03f1,
+	0x1924: 0x0309, 0x1925: 0x00a9, 0x1926: 0x0311, 0x1927: 0x00b1, 0x1928: 0x0319, 0x1929: 0x0101,
+	0x192a: 0x0321, 0x192b: 0x0329, 0x192c: 0x0051, 0x192d: 0x0339, 0x192e: 0x0751, 0x192f: 0x00b9,
+	0x1930: 0x0089, 0x1931: 0x0341, 0x1932: 0x0349, 0x1933: 0x0391, 0x1934: 0x00c1, 0x1935: 0x0109,
+	0x1936: 0x00c9, 0x1937: 0x04b1, 0x1938: 0x0019, 0x1939: 0x02e9, 0x193a: 0x0040, 0x193b: 0x02f1,
+	0x193c: 0x02f9, 0x193d: 0x03f1, 0x193e: 0x0309, 0x193f: 0x0040,
 	// Block 0x65, offset 0x1940
-	0x1940: 0x0f51, 0x1941: 0x0359, 0x1942: 0x0f61, 0x1943: 0x0f71, 0x1944: 0x0040, 0x1945: 0x0f99,
-	0x1946: 0x2039, 0x1947: 0x0269, 0x1948: 0x01d9, 0x1949: 0x0fa9, 0x194a: 0x0fb9, 0x194b: 0x1089,
-	0x194c: 0x0279, 0x194d: 0x0369, 0x194e: 0x0289, 0x194f: 0x13d1, 0x1950: 0x0039, 0x1951: 0x0ee9,
-	0x1952: 0x1159, 0x1953: 0x0ef9, 0x1954: 0x0f09, 0x1955: 0x1199, 0x1956: 0x0f31, 0x1957: 0x0249,
-	0x1958: 0x0f41, 0x1959: 0x0259, 0x195a: 0x0f51, 0x195b: 0x0359, 0x195c: 0x0f61, 0x195d: 0x0f71,
-	0x195e: 0x00d9, 0x195f: 0x0f99, 0x1960: 0x2039, 0x1961: 0x0269, 0x1962: 0x01d9, 0x1963: 0x0fa9,
-	0x1964: 0x0fb9, 0x1965: 0x1089, 0x1966: 0x0279, 0x1967: 0x0369, 0x1968: 0x0289, 0x1969: 0x13d1,
-	0x196a: 0x0039, 0x196b: 0x0ee9, 0x196c: 0x1159, 0x196d: 0x0ef9, 0x196e: 0x0f09, 0x196f: 0x1199,
-	0x1970: 0x0f31, 0x1971: 0x0249, 0x1972: 0x0f41, 0x1973: 0x0259, 0x1974: 0x0f51, 0x1975: 0x0359,
-	0x1976: 0x0f61, 0x1977: 0x0f71, 0x1978: 0x00d9, 0x1979: 0x0f99, 0x197a: 0x2039, 0x197b: 0x0269,
-	0x197c: 0x01d9, 0x197d: 0x0fa9, 0x197e: 0x0fb9, 0x197f: 0x1089,
+	0x1940: 0x0311, 0x1941: 0x00b1, 0x1942: 0x0319, 0x1943: 0x0101, 0x1944: 0x0321, 0x1945: 0x0040,
+	0x1946: 0x0051, 0x1947: 0x0040, 0x1948: 0x0040, 0x1949: 0x0040, 0x194a: 0x0089, 0x194b: 0x0341,
+	0x194c: 0x0349, 0x194d: 0x0391, 0x194e: 0x00c1, 0x194f: 0x0109, 0x1950: 0x00c9, 0x1951: 0x0040,
+	0x1952: 0x0019, 0x1953: 0x02e9, 0x1954: 0x03d9, 0x1955: 0x02f1, 0x1956: 0x02f9, 0x1957: 0x03f1,
+	0x1958: 0x0309, 0x1959: 0x00a9, 0x195a: 0x0311, 0x195b: 0x00b1, 0x195c: 0x0319, 0x195d: 0x0101,
+	0x195e: 0x0321, 0x195f: 0x0329, 0x1960: 0x0051, 0x1961: 0x0339, 0x1962: 0x0751, 0x1963: 0x00b9,
+	0x1964: 0x0089, 0x1965: 0x0341, 0x1966: 0x0349, 0x1967: 0x0391, 0x1968: 0x00c1, 0x1969: 0x0109,
+	0x196a: 0x00c9, 0x196b: 0x04b1, 0x196c: 0x0019, 0x196d: 0x02e9, 0x196e: 0x03d9, 0x196f: 0x02f1,
+	0x1970: 0x02f9, 0x1971: 0x03f1, 0x1972: 0x0309, 0x1973: 0x00a9, 0x1974: 0x0311, 0x1975: 0x00b1,
+	0x1976: 0x0319, 0x1977: 0x0101, 0x1978: 0x0321, 0x1979: 0x0329, 0x197a: 0x0051, 0x197b: 0x0339,
+	0x197c: 0x0751, 0x197d: 0x00b9, 0x197e: 0x0089, 0x197f: 0x0341,
 	// Block 0x66, offset 0x1980
-	0x1980: 0x0279, 0x1981: 0x0369, 0x1982: 0x0289, 0x1983: 0x13d1, 0x1984: 0x0039, 0x1985: 0x0ee9,
-	0x1986: 0x0040, 0x1987: 0x0ef9, 0x1988: 0x0f09, 0x1989: 0x1199, 0x198a: 0x0f31, 0x198b: 0x0040,
-	0x198c: 0x0040, 0x198d: 0x0259, 0x198e: 0x0f51, 0x198f: 0x0359, 0x1990: 0x0f61, 0x1991: 0x0f71,
-	0x1992: 0x00d9, 0x1993: 0x0f99, 0x1994: 0x2039, 0x1995: 0x0040, 0x1996: 0x01d9, 0x1997: 0x0fa9,
-	0x1998: 0x0fb9, 0x1999: 0x1089, 0x199a: 0x0279, 0x199b: 0x0369, 0x199c: 0x0289, 0x199d: 0x0040,
-	0x199e: 0x0039, 0x199f: 0x0ee9, 0x19a0: 0x1159, 0x19a1: 0x0ef9, 0x19a2: 0x0f09, 0x19a3: 0x1199,
-	0x19a4: 0x0f31, 0x19a5: 0x0249, 0x19a6: 0x0f41, 0x19a7: 0x0259, 0x19a8: 0x0f51, 0x19a9: 0x0359,
-	0x19aa: 0x0f61, 0x19ab: 0x0f71, 0x19ac: 0x00d9, 0x19ad: 0x0f99, 0x19ae: 0x2039, 0x19af: 0x0269,
-	0x19b0: 0x01d9, 0x19b1: 0x0fa9, 0x19b2: 0x0fb9, 0x19b3: 0x1089, 0x19b4: 0x0279, 0x19b5: 0x0369,
-	0x19b6: 0x0289, 0x19b7: 0x13d1, 0x19b8: 0x0039, 0x19b9: 0x0ee9, 0x19ba: 0x0040, 0x19bb: 0x0ef9,
-	0x19bc: 0x0f09, 0x19bd: 0x1199, 0x19be: 0x0f31, 0x19bf: 0x0040,
+	0x1980: 0x0349, 0x1981: 0x0391, 0x1982: 0x00c1, 0x1983: 0x0109, 0x1984: 0x00c9, 0x1985: 0x04b1,
+	0x1986: 0x0019, 0x1987: 0x02e9, 0x1988: 0x03d9, 0x1989: 0x02f1, 0x198a: 0x02f9, 0x198b: 0x03f1,
+	0x198c: 0x0309, 0x198d: 0x00a9, 0x198e: 0x0311, 0x198f: 0x00b1, 0x1990: 0x0319, 0x1991: 0x0101,
+	0x1992: 0x0321, 0x1993: 0x0329, 0x1994: 0x0051, 0x1995: 0x0339, 0x1996: 0x0751, 0x1997: 0x00b9,
+	0x1998: 0x0089, 0x1999: 0x0341, 0x199a: 0x0349, 0x199b: 0x0391, 0x199c: 0x00c1, 0x199d: 0x0109,
+	0x199e: 0x00c9, 0x199f: 0x04b1, 0x19a0: 0x0019, 0x19a1: 0x02e9, 0x19a2: 0x03d9, 0x19a3: 0x02f1,
+	0x19a4: 0x02f9, 0x19a5: 0x03f1, 0x19a6: 0x0309, 0x19a7: 0x00a9, 0x19a8: 0x0311, 0x19a9: 0x00b1,
+	0x19aa: 0x0319, 0x19ab: 0x0101, 0x19ac: 0x0321, 0x19ad: 0x0329, 0x19ae: 0x0051, 0x19af: 0x0339,
+	0x19b0: 0x0751, 0x19b1: 0x00b9, 0x19b2: 0x0089, 0x19b3: 0x0341, 0x19b4: 0x0349, 0x19b5: 0x0391,
+	0x19b6: 0x00c1, 0x19b7: 0x0109, 0x19b8: 0x00c9, 0x19b9: 0x04b1, 0x19ba: 0x0019, 0x19bb: 0x02e9,
+	0x19bc: 0x03d9, 0x19bd: 0x02f1, 0x19be: 0x02f9, 0x19bf: 0x03f1,
 	// Block 0x67, offset 0x19c0
-	0x19c0: 0x0f41, 0x19c1: 0x0259, 0x19c2: 0x0f51, 0x19c3: 0x0359, 0x19c4: 0x0f61, 0x19c5: 0x0040,
-	0x19c6: 0x00d9, 0x19c7: 0x0040, 0x19c8: 0x0040, 0x19c9: 0x0040, 0x19ca: 0x01d9, 0x19cb: 0x0fa9,
-	0x19cc: 0x0fb9, 0x19cd: 0x1089, 0x19ce: 0x0279, 0x19cf: 0x0369, 0x19d0: 0x0289, 0x19d1: 0x0040,
-	0x19d2: 0x0039, 0x19d3: 0x0ee9, 0x19d4: 0x1159, 0x19d5: 0x0ef9, 0x19d6: 0x0f09, 0x19d7: 0x1199,
-	0x19d8: 0x0f31, 0x19d9: 0x0249, 0x19da: 0x0f41, 0x19db: 0x0259, 0x19dc: 0x0f51, 0x19dd: 0x0359,
-	0x19de: 0x0f61, 0x19df: 0x0f71, 0x19e0: 0x00d9, 0x19e1: 0x0f99, 0x19e2: 0x2039, 0x19e3: 0x0269,
-	0x19e4: 0x01d9, 0x19e5: 0x0fa9, 0x19e6: 0x0fb9, 0x19e7: 0x1089, 0x19e8: 0x0279, 0x19e9: 0x0369,
-	0x19ea: 0x0289, 0x19eb: 0x13d1, 0x19ec: 0x0039, 0x19ed: 0x0ee9, 0x19ee: 0x1159, 0x19ef: 0x0ef9,
-	0x19f0: 0x0f09, 0x19f1: 0x1199, 0x19f2: 0x0f31, 0x19f3: 0x0249, 0x19f4: 0x0f41, 0x19f5: 0x0259,
-	0x19f6: 0x0f51, 0x19f7: 0x0359, 0x19f8: 0x0f61, 0x19f9: 0x0f71, 0x19fa: 0x00d9, 0x19fb: 0x0f99,
-	0x19fc: 0x2039, 0x19fd: 0x0269, 0x19fe: 0x01d9, 0x19ff: 0x0fa9,
+	0x19c0: 0x0309, 0x19c1: 0x00a9, 0x19c2: 0x0311, 0x19c3: 0x00b1, 0x19c4: 0x0319, 0x19c5: 0x0101,
+	0x19c6: 0x0321, 0x19c7: 0x0329, 0x19c8: 0x0051, 0x19c9: 0x0339, 0x19ca: 0x0751, 0x19cb: 0x00b9,
+	0x19cc: 0x0089, 0x19cd: 0x0341, 0x19ce: 0x0349, 0x19cf: 0x0391, 0x19d0: 0x00c1, 0x19d1: 0x0109,
+	0x19d2: 0x00c9, 0x19d3: 0x04b1, 0x19d4: 0x0019, 0x19d5: 0x02e9, 0x19d6: 0x03d9, 0x19d7: 0x02f1,
+	0x19d8: 0x02f9, 0x19d9: 0x03f1, 0x19da: 0x0309, 0x19db: 0x00a9, 0x19dc: 0x0311, 0x19dd: 0x00b1,
+	0x19de: 0x0319, 0x19df: 0x0101, 0x19e0: 0x0321, 0x19e1: 0x0329, 0x19e2: 0x0051, 0x19e3: 0x0339,
+	0x19e4: 0x0751, 0x19e5: 0x00b9, 0x19e6: 0x0089, 0x19e7: 0x0341, 0x19e8: 0x0349, 0x19e9: 0x0391,
+	0x19ea: 0x00c1, 0x19eb: 0x0109, 0x19ec: 0x00c9, 0x19ed: 0x04b1, 0x19ee: 0x0019, 0x19ef: 0x02e9,
+	0x19f0: 0x03d9, 0x19f1: 0x02f1, 0x19f2: 0x02f9, 0x19f3: 0x03f1, 0x19f4: 0x0309, 0x19f5: 0x00a9,
+	0x19f6: 0x0311, 0x19f7: 0x00b1, 0x19f8: 0x0319, 0x19f9: 0x0101, 0x19fa: 0x0321, 0x19fb: 0x0329,
+	0x19fc: 0x0051, 0x19fd: 0x0339, 0x19fe: 0x0751, 0x19ff: 0x00b9,
 	// Block 0x68, offset 0x1a00
-	0x1a00: 0x0fb9, 0x1a01: 0x1089, 0x1a02: 0x0279, 0x1a03: 0x0369, 0x1a04: 0x0289, 0x1a05: 0x13d1,
-	0x1a06: 0x0039, 0x1a07: 0x0ee9, 0x1a08: 0x1159, 0x1a09: 0x0ef9, 0x1a0a: 0x0f09, 0x1a0b: 0x1199,
-	0x1a0c: 0x0f31, 0x1a0d: 0x0249, 0x1a0e: 0x0f41, 0x1a0f: 0x0259, 0x1a10: 0x0f51, 0x1a11: 0x0359,
-	0x1a12: 0x0f61, 0x1a13: 0x0f71, 0x1a14: 0x00d9, 0x1a15: 0x0f99, 0x1a16: 0x2039, 0x1a17: 0x0269,
-	0x1a18: 0x01d9, 0x1a19: 0x0fa9, 0x1a1a: 0x0fb9, 0x1a1b: 0x1089, 0x1a1c: 0x0279, 0x1a1d: 0x0369,
-	0x1a1e: 0x0289, 0x1a1f: 0x13d1, 0x1a20: 0x0039, 0x1a21: 0x0ee9, 0x1a22: 0x1159, 0x1a23: 0x0ef9,
-	0x1a24: 0x0f09, 0x1a25: 0x1199, 0x1a26: 0x0f31, 0x1a27: 0x0249, 0x1a28: 0x0f41, 0x1a29: 0x0259,
-	0x1a2a: 0x0f51, 0x1a2b: 0x0359, 0x1a2c: 0x0f61, 0x1a2d: 0x0f71, 0x1a2e: 0x00d9, 0x1a2f: 0x0f99,
-	0x1a30: 0x2039, 0x1a31: 0x0269, 0x1a32: 0x01d9, 0x1a33: 0x0fa9, 0x1a34: 0x0fb9, 0x1a35: 0x1089,
-	0x1a36: 0x0279, 0x1a37: 0x0369, 0x1a38: 0x0289, 0x1a39: 0x13d1, 0x1a3a: 0x0039, 0x1a3b: 0x0ee9,
-	0x1a3c: 0x1159, 0x1a3d: 0x0ef9, 0x1a3e: 0x0f09, 0x1a3f: 0x1199,
+	0x1a00: 0x0089, 0x1a01: 0x0341, 0x1a02: 0x0349, 0x1a03: 0x0391, 0x1a04: 0x00c1, 0x1a05: 0x0109,
+	0x1a06: 0x00c9, 0x1a07: 0x04b1, 0x1a08: 0x0019, 0x1a09: 0x02e9, 0x1a0a: 0x03d9, 0x1a0b: 0x02f1,
+	0x1a0c: 0x02f9, 0x1a0d: 0x03f1, 0x1a0e: 0x0309, 0x1a0f: 0x00a9, 0x1a10: 0x0311, 0x1a11: 0x00b1,
+	0x1a12: 0x0319, 0x1a13: 0x0101, 0x1a14: 0x0321, 0x1a15: 0x0329, 0x1a16: 0x0051, 0x1a17: 0x0339,
+	0x1a18: 0x0751, 0x1a19: 0x00b9, 0x1a1a: 0x0089, 0x1a1b: 0x0341, 0x1a1c: 0x0349, 0x1a1d: 0x0391,
+	0x1a1e: 0x00c1, 0x1a1f: 0x0109, 0x1a20: 0x00c9, 0x1a21: 0x04b1, 0x1a22: 0x0019, 0x1a23: 0x02e9,
+	0x1a24: 0x03d9, 0x1a25: 0x02f1, 0x1a26: 0x02f9, 0x1a27: 0x03f1, 0x1a28: 0x0309, 0x1a29: 0x00a9,
+	0x1a2a: 0x0311, 0x1a2b: 0x00b1, 0x1a2c: 0x0319, 0x1a2d: 0x0101, 0x1a2e: 0x0321, 0x1a2f: 0x0329,
+	0x1a30: 0x0051, 0x1a31: 0x0339, 0x1a32: 0x0751, 0x1a33: 0x00b9, 0x1a34: 0x0089, 0x1a35: 0x0341,
+	0x1a36: 0x0349, 0x1a37: 0x0391, 0x1a38: 0x00c1, 0x1a39: 0x0109, 0x1a3a: 0x00c9, 0x1a3b: 0x04b1,
+	0x1a3c: 0x0019, 0x1a3d: 0x02e9, 0x1a3e: 0x03d9, 0x1a3f: 0x02f1,
 	// Block 0x69, offset 0x1a40
-	0x1a40: 0x0f31, 0x1a41: 0x0249, 0x1a42: 0x0f41, 0x1a43: 0x0259, 0x1a44: 0x0f51, 0x1a45: 0x0359,
-	0x1a46: 0x0f61, 0x1a47: 0x0f71, 0x1a48: 0x00d9, 0x1a49: 0x0f99, 0x1a4a: 0x2039, 0x1a4b: 0x0269,
-	0x1a4c: 0x01d9, 0x1a4d: 0x0fa9, 0x1a4e: 0x0fb9, 0x1a4f: 0x1089, 0x1a50: 0x0279, 0x1a51: 0x0369,
-	0x1a52: 0x0289, 0x1a53: 0x13d1, 0x1a54: 0x0039, 0x1a55: 0x0ee9, 0x1a56: 0x1159, 0x1a57: 0x0ef9,
-	0x1a58: 0x0f09, 0x1a59: 0x1199, 0x1a5a: 0x0f31, 0x1a5b: 0x0249, 0x1a5c: 0x0f41, 0x1a5d: 0x0259,
-	0x1a5e: 0x0f51, 0x1a5f: 0x0359, 0x1a60: 0x0f61, 0x1a61: 0x0f71, 0x1a62: 0x00d9, 0x1a63: 0x0f99,
-	0x1a64: 0x2039, 0x1a65: 0x0269, 0x1a66: 0x01d9, 0x1a67: 0x0fa9, 0x1a68: 0x0fb9, 0x1a69: 0x1089,
-	0x1a6a: 0x0279, 0x1a6b: 0x0369, 0x1a6c: 0x0289, 0x1a6d: 0x13d1, 0x1a6e: 0x0039, 0x1a6f: 0x0ee9,
-	0x1a70: 0x1159, 0x1a71: 0x0ef9, 0x1a72: 0x0f09, 0x1a73: 0x1199, 0x1a74: 0x0f31, 0x1a75: 0x0249,
-	0x1a76: 0x0f41, 0x1a77: 0x0259, 0x1a78: 0x0f51, 0x1a79: 0x0359, 0x1a7a: 0x0f61, 0x1a7b: 0x0f71,
-	0x1a7c: 0x00d9, 0x1a7d: 0x0f99, 0x1a7e: 0x2039, 0x1a7f: 0x0269,
+	0x1a40: 0x02f9, 0x1a41: 0x03f1, 0x1a42: 0x0309, 0x1a43: 0x00a9, 0x1a44: 0x0311, 0x1a45: 0x00b1,
+	0x1a46: 0x0319, 0x1a47: 0x0101, 0x1a48: 0x0321, 0x1a49: 0x0329, 0x1a4a: 0x0051, 0x1a4b: 0x0339,
+	0x1a4c: 0x0751, 0x1a4d: 0x00b9, 0x1a4e: 0x0089, 0x1a4f: 0x0341, 0x1a50: 0x0349, 0x1a51: 0x0391,
+	0x1a52: 0x00c1, 0x1a53: 0x0109, 0x1a54: 0x00c9, 0x1a55: 0x04b1, 0x1a56: 0x0019, 0x1a57: 0x02e9,
+	0x1a58: 0x03d9, 0x1a59: 0x02f1, 0x1a5a: 0x02f9, 0x1a5b: 0x03f1, 0x1a5c: 0x0309, 0x1a5d: 0x00a9,
+	0x1a5e: 0x0311, 0x1a5f: 0x00b1, 0x1a60: 0x0319, 0x1a61: 0x0101, 0x1a62: 0x0321, 0x1a63: 0x0329,
+	0x1a64: 0x0051, 0x1a65: 0x0339, 0x1a66: 0x0751, 0x1a67: 0x00b9, 0x1a68: 0x0089, 0x1a69: 0x0341,
+	0x1a6a: 0x0349, 0x1a6b: 0x0391, 0x1a6c: 0x00c1, 0x1a6d: 0x0109, 0x1a6e: 0x00c9, 0x1a6f: 0x04b1,
+	0x1a70: 0x0019, 0x1a71: 0x02e9, 0x1a72: 0x03d9, 0x1a73: 0x02f1, 0x1a74: 0x02f9, 0x1a75: 0x03f1,
+	0x1a76: 0x0309, 0x1a77: 0x00a9, 0x1a78: 0x0311, 0x1a79: 0x00b1, 0x1a7a: 0x0319, 0x1a7b: 0x0101,
+	0x1a7c: 0x0321, 0x1a7d: 0x0329, 0x1a7e: 0x0051, 0x1a7f: 0x0339,
 	// Block 0x6a, offset 0x1a80
-	0x1a80: 0x01d9, 0x1a81: 0x0fa9, 0x1a82: 0x0fb9, 0x1a83: 0x1089, 0x1a84: 0x0279, 0x1a85: 0x0369,
-	0x1a86: 0x0289, 0x1a87: 0x13d1, 0x1a88: 0x0039, 0x1a89: 0x0ee9, 0x1a8a: 0x1159, 0x1a8b: 0x0ef9,
-	0x1a8c: 0x0f09, 0x1a8d: 0x1199, 0x1a8e: 0x0f31, 0x1a8f: 0x0249, 0x1a90: 0x0f41, 0x1a91: 0x0259,
-	0x1a92: 0x0f51, 0x1a93: 0x0359, 0x1a94: 0x0f61, 0x1a95: 0x0f71, 0x1a96: 0x00d9, 0x1a97: 0x0f99,
-	0x1a98: 0x2039, 0x1a99: 0x0269, 0x1a9a: 0x01d9, 0x1a9b: 0x0fa9, 0x1a9c: 0x0fb9, 0x1a9d: 0x1089,
-	0x1a9e: 0x0279, 0x1a9f: 0x0369, 0x1aa0: 0x0289, 0x1aa1: 0x13d1, 0x1aa2: 0x0039, 0x1aa3: 0x0ee9,
-	0x1aa4: 0x1159, 0x1aa5: 0x0ef9, 0x1aa6: 0x0f09, 0x1aa7: 0x1199, 0x1aa8: 0x0f31, 0x1aa9: 0x0249,
-	0x1aaa: 0x0f41, 0x1aab: 0x0259, 0x1aac: 0x0f51, 0x1aad: 0x0359, 0x1aae: 0x0f61, 0x1aaf: 0x0f71,
-	0x1ab0: 0x00d9, 0x1ab1: 0x0f99, 0x1ab2: 0x2039, 0x1ab3: 0x0269, 0x1ab4: 0x01d9, 0x1ab5: 0x0fa9,
-	0x1ab6: 0x0fb9, 0x1ab7: 0x1089, 0x1ab8: 0x0279, 0x1ab9: 0x0369, 0x1aba: 0x0289, 0x1abb: 0x13d1,
-	0x1abc: 0x0039, 0x1abd: 0x0ee9, 0x1abe: 0x1159, 0x1abf: 0x0ef9,
+	0x1a80: 0x0751, 0x1a81: 0x00b9, 0x1a82: 0x0089, 0x1a83: 0x0341, 0x1a84: 0x0349, 0x1a85: 0x0391,
+	0x1a86: 0x00c1, 0x1a87: 0x0109, 0x1a88: 0x00c9, 0x1a89: 0x04b1, 0x1a8a: 0x0019, 0x1a8b: 0x02e9,
+	0x1a8c: 0x03d9, 0x1a8d: 0x02f1, 0x1a8e: 0x02f9, 0x1a8f: 0x03f1, 0x1a90: 0x0309, 0x1a91: 0x00a9,
+	0x1a92: 0x0311, 0x1a93: 0x00b1, 0x1a94: 0x0319, 0x1a95: 0x0101, 0x1a96: 0x0321, 0x1a97: 0x0329,
+	0x1a98: 0x0051, 0x1a99: 0x0339, 0x1a9a: 0x0751, 0x1a9b: 0x00b9, 0x1a9c: 0x0089, 0x1a9d: 0x0341,
+	0x1a9e: 0x0349, 0x1a9f: 0x0391, 0x1aa0: 0x00c1, 0x1aa1: 0x0109, 0x1aa2: 0x00c9, 0x1aa3: 0x04b1,
+	0x1aa4: 0x2279, 0x1aa5: 0x2281, 0x1aa6: 0x0040, 0x1aa7: 0x0040, 0x1aa8: 0x2289, 0x1aa9: 0x0399,
+	0x1aaa: 0x03a1, 0x1aab: 0x03a9, 0x1aac: 0x2291, 0x1aad: 0x2299, 0x1aae: 0x22a1, 0x1aaf: 0x04d1,
+	0x1ab0: 0x05f9, 0x1ab1: 0x22a9, 0x1ab2: 0x22b1, 0x1ab3: 0x22b9, 0x1ab4: 0x22c1, 0x1ab5: 0x22c9,
+	0x1ab6: 0x22d1, 0x1ab7: 0x0799, 0x1ab8: 0x03c1, 0x1ab9: 0x04d1, 0x1aba: 0x22d9, 0x1abb: 0x22e1,
+	0x1abc: 0x22e9, 0x1abd: 0x03b1, 0x1abe: 0x03b9, 0x1abf: 0x22f1,
 	// Block 0x6b, offset 0x1ac0
-	0x1ac0: 0x0f09, 0x1ac1: 0x1199, 0x1ac2: 0x0f31, 0x1ac3: 0x0249, 0x1ac4: 0x0f41, 0x1ac5: 0x0259,
-	0x1ac6: 0x0f51, 0x1ac7: 0x0359, 0x1ac8: 0x0f61, 0x1ac9: 0x0f71, 0x1aca: 0x00d9, 0x1acb: 0x0f99,
-	0x1acc: 0x2039, 0x1acd: 0x0269, 0x1ace: 0x01d9, 0x1acf: 0x0fa9, 0x1ad0: 0x0fb9, 0x1ad1: 0x1089,
-	0x1ad2: 0x0279, 0x1ad3: 0x0369, 0x1ad4: 0x0289, 0x1ad5: 0x13d1, 0x1ad6: 0x0039, 0x1ad7: 0x0ee9,
-	0x1ad8: 0x1159, 0x1ad9: 0x0ef9, 0x1ada: 0x0f09, 0x1adb: 0x1199, 0x1adc: 0x0f31, 0x1add: 0x0249,
-	0x1ade: 0x0f41, 0x1adf: 0x0259, 0x1ae0: 0x0f51, 0x1ae1: 0x0359, 0x1ae2: 0x0f61, 0x1ae3: 0x0f71,
-	0x1ae4: 0x00d9, 0x1ae5: 0x0f99, 0x1ae6: 0x2039, 0x1ae7: 0x0269, 0x1ae8: 0x01d9, 0x1ae9: 0x0fa9,
-	0x1aea: 0x0fb9, 0x1aeb: 0x1089, 0x1aec: 0x0279, 0x1aed: 0x0369, 0x1aee: 0x0289, 0x1aef: 0x13d1,
-	0x1af0: 0x0039, 0x1af1: 0x0ee9, 0x1af2: 0x1159, 0x1af3: 0x0ef9, 0x1af4: 0x0f09, 0x1af5: 0x1199,
-	0x1af6: 0x0f31, 0x1af7: 0x0249, 0x1af8: 0x0f41, 0x1af9: 0x0259, 0x1afa: 0x0f51, 0x1afb: 0x0359,
-	0x1afc: 0x0f61, 0x1afd: 0x0f71, 0x1afe: 0x00d9, 0x1aff: 0x0f99,
+	0x1ac0: 0x0769, 0x1ac1: 0x22f9, 0x1ac2: 0x2289, 0x1ac3: 0x0399, 0x1ac4: 0x03a1, 0x1ac5: 0x03a9,
+	0x1ac6: 0x2291, 0x1ac7: 0x2299, 0x1ac8: 0x22a1, 0x1ac9: 0x04d1, 0x1aca: 0x05f9, 0x1acb: 0x22a9,
+	0x1acc: 0x22b1, 0x1acd: 0x22b9, 0x1ace: 0x22c1, 0x1acf: 0x22c9, 0x1ad0: 0x22d1, 0x1ad1: 0x0799,
+	0x1ad2: 0x03c1, 0x1ad3: 0x22d9, 0x1ad4: 0x22d9, 0x1ad5: 0x22e1, 0x1ad6: 0x22e9, 0x1ad7: 0x03b1,
+	0x1ad8: 0x03b9, 0x1ad9: 0x22f1, 0x1ada: 0x0769, 0x1adb: 0x2301, 0x1adc: 0x2291, 0x1add: 0x04d1,
+	0x1ade: 0x22a9, 0x1adf: 0x03b1, 0x1ae0: 0x03c1, 0x1ae1: 0x0799, 0x1ae2: 0x2289, 0x1ae3: 0x0399,
+	0x1ae4: 0x03a1, 0x1ae5: 0x03a9, 0x1ae6: 0x2291, 0x1ae7: 0x2299, 0x1ae8: 0x22a1, 0x1ae9: 0x04d1,
+	0x1aea: 0x05f9, 0x1aeb: 0x22a9, 0x1aec: 0x22b1, 0x1aed: 0x22b9, 0x1aee: 0x22c1, 0x1aef: 0x22c9,
+	0x1af0: 0x22d1, 0x1af1: 0x0799, 0x1af2: 0x03c1, 0x1af3: 0x04d1, 0x1af4: 0x22d9, 0x1af5: 0x22e1,
+	0x1af6: 0x22e9, 0x1af7: 0x03b1, 0x1af8: 0x03b9, 0x1af9: 0x22f1, 0x1afa: 0x0769, 0x1afb: 0x22f9,
+	0x1afc: 0x2289, 0x1afd: 0x0399, 0x1afe: 0x03a1, 0x1aff: 0x03a9,
 	// Block 0x6c, offset 0x1b00
-	0x1b00: 0x2039, 0x1b01: 0x0269, 0x1b02: 0x01d9, 0x1b03: 0x0fa9, 0x1b04: 0x0fb9, 0x1b05: 0x1089,
-	0x1b06: 0x0279, 0x1b07: 0x0369, 0x1b08: 0x0289, 0x1b09: 0x13d1, 0x1b0a: 0x0039, 0x1b0b: 0x0ee9,
-	0x1b0c: 0x1159, 0x1b0d: 0x0ef9, 0x1b0e: 0x0f09, 0x1b0f: 0x1199, 0x1b10: 0x0f31, 0x1b11: 0x0249,
-	0x1b12: 0x0f41, 0x1b13: 0x0259, 0x1b14: 0x0f51, 0x1b15: 0x0359, 0x1b16: 0x0f61, 0x1b17: 0x0f71,
-	0x1b18: 0x00d9, 0x1b19: 0x0f99, 0x1b1a: 0x2039, 0x1b1b: 0x0269, 0x1b1c: 0x01d9, 0x1b1d: 0x0fa9,
-	0x1b1e: 0x0fb9, 0x1b1f: 0x1089, 0x1b20: 0x0279, 0x1b21: 0x0369, 0x1b22: 0x0289, 0x1b23: 0x13d1,
-	0x1b24: 0xbad1, 0x1b25: 0xbae9, 0x1b26: 0x0040, 0x1b27: 0x0040, 0x1b28: 0xbb01, 0x1b29: 0x1099,
-	0x1b2a: 0x10b1, 0x1b2b: 0x10c9, 0x1b2c: 0xbb19, 0x1b2d: 0xbb31, 0x1b2e: 0xbb49, 0x1b2f: 0x1429,
-	0x1b30: 0x1a31, 0x1b31: 0xbb61, 0x1b32: 0xbb79, 0x1b33: 0xbb91, 0x1b34: 0xbba9, 0x1b35: 0xbbc1,
-	0x1b36: 0xbbd9, 0x1b37: 0x2109, 0x1b38: 0x1111, 0x1b39: 0x1429, 0x1b3a: 0xbbf1, 0x1b3b: 0xbc09,
-	0x1b3c: 0xbc21, 0x1b3d: 0x10e1, 0x1b3e: 0x10f9, 0x1b3f: 0xbc39,
+	0x1b00: 0x2291, 0x1b01: 0x2299, 0x1b02: 0x22a1, 0x1b03: 0x04d1, 0x1b04: 0x05f9, 0x1b05: 0x22a9,
+	0x1b06: 0x22b1, 0x1b07: 0x22b9, 0x1b08: 0x22c1, 0x1b09: 0x22c9, 0x1b0a: 0x22d1, 0x1b0b: 0x0799,
+	0x1b0c: 0x03c1, 0x1b0d: 0x22d9, 0x1b0e: 0x22d9, 0x1b0f: 0x22e1, 0x1b10: 0x22e9, 0x1b11: 0x03b1,
+	0x1b12: 0x03b9, 0x1b13: 0x22f1, 0x1b14: 0x0769, 0x1b15: 0x2301, 0x1b16: 0x2291, 0x1b17: 0x04d1,
+	0x1b18: 0x22a9, 0x1b19: 0x03b1, 0x1b1a: 0x03c1, 0x1b1b: 0x0799, 0x1b1c: 0x2289, 0x1b1d: 0x0399,
+	0x1b1e: 0x03a1, 0x1b1f: 0x03a9, 0x1b20: 0x2291, 0x1b21: 0x2299, 0x1b22: 0x22a1, 0x1b23: 0x04d1,
+	0x1b24: 0x05f9, 0x1b25: 0x22a9, 0x1b26: 0x22b1, 0x1b27: 0x22b9, 0x1b28: 0x22c1, 0x1b29: 0x22c9,
+	0x1b2a: 0x22d1, 0x1b2b: 0x0799, 0x1b2c: 0x03c1, 0x1b2d: 0x04d1, 0x1b2e: 0x22d9, 0x1b2f: 0x22e1,
+	0x1b30: 0x22e9, 0x1b31: 0x03b1, 0x1b32: 0x03b9, 0x1b33: 0x22f1, 0x1b34: 0x0769, 0x1b35: 0x22f9,
+	0x1b36: 0x2289, 0x1b37: 0x0399, 0x1b38: 0x03a1, 0x1b39: 0x03a9, 0x1b3a: 0x2291, 0x1b3b: 0x2299,
+	0x1b3c: 0x22a1, 0x1b3d: 0x04d1, 0x1b3e: 0x05f9, 0x1b3f: 0x22a9,
 	// Block 0x6d, offset 0x1b40
-	0x1b40: 0x2079, 0x1b41: 0xbc51, 0x1b42: 0xbb01, 0x1b43: 0x1099, 0x1b44: 0x10b1, 0x1b45: 0x10c9,
-	0x1b46: 0xbb19, 0x1b47: 0xbb31, 0x1b48: 0xbb49, 0x1b49: 0x1429, 0x1b4a: 0x1a31, 0x1b4b: 0xbb61,
-	0x1b4c: 0xbb79, 0x1b4d: 0xbb91, 0x1b4e: 0xbba9, 0x1b4f: 0xbbc1, 0x1b50: 0xbbd9, 0x1b51: 0x2109,
-	0x1b52: 0x1111, 0x1b53: 0xbbf1, 0x1b54: 0xbbf1, 0x1b55: 0xbc09, 0x1b56: 0xbc21, 0x1b57: 0x10e1,
-	0x1b58: 0x10f9, 0x1b59: 0xbc39, 0x1b5a: 0x2079, 0x1b5b: 0xbc71, 0x1b5c: 0xbb19, 0x1b5d: 0x1429,
-	0x1b5e: 0xbb61, 0x1b5f: 0x10e1, 0x1b60: 0x1111, 0x1b61: 0x2109, 0x1b62: 0xbb01, 0x1b63: 0x1099,
-	0x1b64: 0x10b1, 0x1b65: 0x10c9, 0x1b66: 0xbb19, 0x1b67: 0xbb31, 0x1b68: 0xbb49, 0x1b69: 0x1429,
-	0x1b6a: 0x1a31, 0x1b6b: 0xbb61, 0x1b6c: 0xbb79, 0x1b6d: 0xbb91, 0x1b6e: 0xbba9, 0x1b6f: 0xbbc1,
-	0x1b70: 0xbbd9, 0x1b71: 0x2109, 0x1b72: 0x1111, 0x1b73: 0x1429, 0x1b74: 0xbbf1, 0x1b75: 0xbc09,
-	0x1b76: 0xbc21, 0x1b77: 0x10e1, 0x1b78: 0x10f9, 0x1b79: 0xbc39, 0x1b7a: 0x2079, 0x1b7b: 0xbc51,
-	0x1b7c: 0xbb01, 0x1b7d: 0x1099, 0x1b7e: 0x10b1, 0x1b7f: 0x10c9,
+	0x1b40: 0x22b1, 0x1b41: 0x22b9, 0x1b42: 0x22c1, 0x1b43: 0x22c9, 0x1b44: 0x22d1, 0x1b45: 0x0799,
+	0x1b46: 0x03c1, 0x1b47: 0x22d9, 0x1b48: 0x22d9, 0x1b49: 0x22e1, 0x1b4a: 0x22e9, 0x1b4b: 0x03b1,
+	0x1b4c: 0x03b9, 0x1b4d: 0x22f1, 0x1b4e: 0x0769, 0x1b4f: 0x2301, 0x1b50: 0x2291, 0x1b51: 0x04d1,
+	0x1b52: 0x22a9, 0x1b53: 0x03b1, 0x1b54: 0x03c1, 0x1b55: 0x0799, 0x1b56: 0x2289, 0x1b57: 0x0399,
+	0x1b58: 0x03a1, 0x1b59: 0x03a9, 0x1b5a: 0x2291, 0x1b5b: 0x2299, 0x1b5c: 0x22a1, 0x1b5d: 0x04d1,
+	0x1b5e: 0x05f9, 0x1b5f: 0x22a9, 0x1b60: 0x22b1, 0x1b61: 0x22b9, 0x1b62: 0x22c1, 0x1b63: 0x22c9,
+	0x1b64: 0x22d1, 0x1b65: 0x0799, 0x1b66: 0x03c1, 0x1b67: 0x04d1, 0x1b68: 0x22d9, 0x1b69: 0x22e1,
+	0x1b6a: 0x22e9, 0x1b6b: 0x03b1, 0x1b6c: 0x03b9, 0x1b6d: 0x22f1, 0x1b6e: 0x0769, 0x1b6f: 0x22f9,
+	0x1b70: 0x2289, 0x1b71: 0x0399, 0x1b72: 0x03a1, 0x1b73: 0x03a9, 0x1b74: 0x2291, 0x1b75: 0x2299,
+	0x1b76: 0x22a1, 0x1b77: 0x04d1, 0x1b78: 0x05f9, 0x1b79: 0x22a9, 0x1b7a: 0x22b1, 0x1b7b: 0x22b9,
+	0x1b7c: 0x22c1, 0x1b7d: 0x22c9, 0x1b7e: 0x22d1, 0x1b7f: 0x0799,
 	// Block 0x6e, offset 0x1b80
-	0x1b80: 0xbb19, 0x1b81: 0xbb31, 0x1b82: 0xbb49, 0x1b83: 0x1429, 0x1b84: 0x1a31, 0x1b85: 0xbb61,
-	0x1b86: 0xbb79, 0x1b87: 0xbb91, 0x1b88: 0xbba9, 0x1b89: 0xbbc1, 0x1b8a: 0xbbd9, 0x1b8b: 0x2109,
-	0x1b8c: 0x1111, 0x1b8d: 0xbbf1, 0x1b8e: 0xbbf1, 0x1b8f: 0xbc09, 0x1b90: 0xbc21, 0x1b91: 0x10e1,
-	0x1b92: 0x10f9, 0x1b93: 0xbc39, 0x1b94: 0x2079, 0x1b95: 0xbc71, 0x1b96: 0xbb19, 0x1b97: 0x1429,
-	0x1b98: 0xbb61, 0x1b99: 0x10e1, 0x1b9a: 0x1111, 0x1b9b: 0x2109, 0x1b9c: 0xbb01, 0x1b9d: 0x1099,
-	0x1b9e: 0x10b1, 0x1b9f: 0x10c9, 0x1ba0: 0xbb19, 0x1ba1: 0xbb31, 0x1ba2: 0xbb49, 0x1ba3: 0x1429,
-	0x1ba4: 0x1a31, 0x1ba5: 0xbb61, 0x1ba6: 0xbb79, 0x1ba7: 0xbb91, 0x1ba8: 0xbba9, 0x1ba9: 0xbbc1,
-	0x1baa: 0xbbd9, 0x1bab: 0x2109, 0x1bac: 0x1111, 0x1bad: 0x1429, 0x1bae: 0xbbf1, 0x1baf: 0xbc09,
-	0x1bb0: 0xbc21, 0x1bb1: 0x10e1, 0x1bb2: 0x10f9, 0x1bb3: 0xbc39, 0x1bb4: 0x2079, 0x1bb5: 0xbc51,
-	0x1bb6: 0xbb01, 0x1bb7: 0x1099, 0x1bb8: 0x10b1, 0x1bb9: 0x10c9, 0x1bba: 0xbb19, 0x1bbb: 0xbb31,
-	0x1bbc: 0xbb49, 0x1bbd: 0x1429, 0x1bbe: 0x1a31, 0x1bbf: 0xbb61,
+	0x1b80: 0x03c1, 0x1b81: 0x22d9, 0x1b82: 0x22d9, 0x1b83: 0x22e1, 0x1b84: 0x22e9, 0x1b85: 0x03b1,
+	0x1b86: 0x03b9, 0x1b87: 0x22f1, 0x1b88: 0x0769, 0x1b89: 0x2301, 0x1b8a: 0x2291, 0x1b8b: 0x04d1,
+	0x1b8c: 0x22a9, 0x1b8d: 0x03b1, 0x1b8e: 0x03c1, 0x1b8f: 0x0799, 0x1b90: 0x2289, 0x1b91: 0x0399,
+	0x1b92: 0x03a1, 0x1b93: 0x03a9, 0x1b94: 0x2291, 0x1b95: 0x2299, 0x1b96: 0x22a1, 0x1b97: 0x04d1,
+	0x1b98: 0x05f9, 0x1b99: 0x22a9, 0x1b9a: 0x22b1, 0x1b9b: 0x22b9, 0x1b9c: 0x22c1, 0x1b9d: 0x22c9,
+	0x1b9e: 0x22d1, 0x1b9f: 0x0799, 0x1ba0: 0x03c1, 0x1ba1: 0x04d1, 0x1ba2: 0x22d9, 0x1ba3: 0x22e1,
+	0x1ba4: 0x22e9, 0x1ba5: 0x03b1, 0x1ba6: 0x03b9, 0x1ba7: 0x22f1, 0x1ba8: 0x0769, 0x1ba9: 0x22f9,
+	0x1baa: 0x2289, 0x1bab: 0x0399, 0x1bac: 0x03a1, 0x1bad: 0x03a9, 0x1bae: 0x2291, 0x1baf: 0x2299,
+	0x1bb0: 0x22a1, 0x1bb1: 0x04d1, 0x1bb2: 0x05f9, 0x1bb3: 0x22a9, 0x1bb4: 0x22b1, 0x1bb5: 0x22b9,
+	0x1bb6: 0x22c1, 0x1bb7: 0x22c9, 0x1bb8: 0x22d1, 0x1bb9: 0x0799, 0x1bba: 0x03c1, 0x1bbb: 0x22d9,
+	0x1bbc: 0x22d9, 0x1bbd: 0x22e1, 0x1bbe: 0x22e9, 0x1bbf: 0x03b1,
 	// Block 0x6f, offset 0x1bc0
-	0x1bc0: 0xbb79, 0x1bc1: 0xbb91, 0x1bc2: 0xbba9, 0x1bc3: 0xbbc1, 0x1bc4: 0xbbd9, 0x1bc5: 0x2109,
-	0x1bc6: 0x1111, 0x1bc7: 0xbbf1, 0x1bc8: 0xbbf1, 0x1bc9: 0xbc09, 0x1bca: 0xbc21, 0x1bcb: 0x10e1,
-	0x1bcc: 0x10f9, 0x1bcd: 0xbc39, 0x1bce: 0x2079, 0x1bcf: 0xbc71, 0x1bd0: 0xbb19, 0x1bd1: 0x1429,
-	0x1bd2: 0xbb61, 0x1bd3: 0x10e1, 0x1bd4: 0x1111, 0x1bd5: 0x2109, 0x1bd6: 0xbb01, 0x1bd7: 0x1099,
-	0x1bd8: 0x10b1, 0x1bd9: 0x10c9, 0x1bda: 0xbb19, 0x1bdb: 0xbb31, 0x1bdc: 0xbb49, 0x1bdd: 0x1429,
-	0x1bde: 0x1a31, 0x1bdf: 0xbb61, 0x1be0: 0xbb79, 0x1be1: 0xbb91, 0x1be2: 0xbba9, 0x1be3: 0xbbc1,
-	0x1be4: 0xbbd9, 0x1be5: 0x2109, 0x1be6: 0x1111, 0x1be7: 0x1429, 0x1be8: 0xbbf1, 0x1be9: 0xbc09,
-	0x1bea: 0xbc21, 0x1beb: 0x10e1, 0x1bec: 0x10f9, 0x1bed: 0xbc39, 0x1bee: 0x2079, 0x1bef: 0xbc51,
-	0x1bf0: 0xbb01, 0x1bf1: 0x1099, 0x1bf2: 0x10b1, 0x1bf3: 0x10c9, 0x1bf4: 0xbb19, 0x1bf5: 0xbb31,
-	0x1bf6: 0xbb49, 0x1bf7: 0x1429, 0x1bf8: 0x1a31, 0x1bf9: 0xbb61, 0x1bfa: 0xbb79, 0x1bfb: 0xbb91,
-	0x1bfc: 0xbba9, 0x1bfd: 0xbbc1, 0x1bfe: 0xbbd9, 0x1bff: 0x2109,
+	0x1bc0: 0x03b9, 0x1bc1: 0x22f1, 0x1bc2: 0x0769, 0x1bc3: 0x2301, 0x1bc4: 0x2291, 0x1bc5: 0x04d1,
+	0x1bc6: 0x22a9, 0x1bc7: 0x03b1, 0x1bc8: 0x03c1, 0x1bc9: 0x0799, 0x1bca: 0x2309, 0x1bcb: 0x2309,
+	0x1bcc: 0x0040, 0x1bcd: 0x0040, 0x1bce: 0x06e1, 0x1bcf: 0x0049, 0x1bd0: 0x0029, 0x1bd1: 0x0031,
+	0x1bd2: 0x06e9, 0x1bd3: 0x06f1, 0x1bd4: 0x06f9, 0x1bd5: 0x0701, 0x1bd6: 0x0709, 0x1bd7: 0x0711,
+	0x1bd8: 0x06e1, 0x1bd9: 0x0049, 0x1bda: 0x0029, 0x1bdb: 0x0031, 0x1bdc: 0x06e9, 0x1bdd: 0x06f1,
+	0x1bde: 0x06f9, 0x1bdf: 0x0701, 0x1be0: 0x0709, 0x1be1: 0x0711, 0x1be2: 0x06e1, 0x1be3: 0x0049,
+	0x1be4: 0x0029, 0x1be5: 0x0031, 0x1be6: 0x06e9, 0x1be7: 0x06f1, 0x1be8: 0x06f9, 0x1be9: 0x0701,
+	0x1bea: 0x0709, 0x1beb: 0x0711, 0x1bec: 0x06e1, 0x1bed: 0x0049, 0x1bee: 0x0029, 0x1bef: 0x0031,
+	0x1bf0: 0x06e9, 0x1bf1: 0x06f1, 0x1bf2: 0x06f9, 0x1bf3: 0x0701, 0x1bf4: 0x0709, 0x1bf5: 0x0711,
+	0x1bf6: 0x06e1, 0x1bf7: 0x0049, 0x1bf8: 0x0029, 0x1bf9: 0x0031, 0x1bfa: 0x06e9, 0x1bfb: 0x06f1,
+	0x1bfc: 0x06f9, 0x1bfd: 0x0701, 0x1bfe: 0x0709, 0x1bff: 0x0711,
 	// Block 0x70, offset 0x1c00
-	0x1c00: 0x1111, 0x1c01: 0xbbf1, 0x1c02: 0xbbf1, 0x1c03: 0xbc09, 0x1c04: 0xbc21, 0x1c05: 0x10e1,
-	0x1c06: 0x10f9, 0x1c07: 0xbc39, 0x1c08: 0x2079, 0x1c09: 0xbc71, 0x1c0a: 0xbb19, 0x1c0b: 0x1429,
-	0x1c0c: 0xbb61, 0x1c0d: 0x10e1, 0x1c0e: 0x1111, 0x1c0f: 0x2109, 0x1c10: 0xbb01, 0x1c11: 0x1099,
-	0x1c12: 0x10b1, 0x1c13: 0x10c9, 0x1c14: 0xbb19, 0x1c15: 0xbb31, 0x1c16: 0xbb49, 0x1c17: 0x1429,
-	0x1c18: 0x1a31, 0x1c19: 0xbb61, 0x1c1a: 0xbb79, 0x1c1b: 0xbb91, 0x1c1c: 0xbba9, 0x1c1d: 0xbbc1,
-	0x1c1e: 0xbbd9, 0x1c1f: 0x2109, 0x1c20: 0x1111, 0x1c21: 0x1429, 0x1c22: 0xbbf1, 0x1c23: 0xbc09,
-	0x1c24: 0xbc21, 0x1c25: 0x10e1, 0x1c26: 0x10f9, 0x1c27: 0xbc39, 0x1c28: 0x2079, 0x1c29: 0xbc51,
-	0x1c2a: 0xbb01, 0x1c2b: 0x1099, 0x1c2c: 0x10b1, 0x1c2d: 0x10c9, 0x1c2e: 0xbb19, 0x1c2f: 0xbb31,
-	0x1c30: 0xbb49, 0x1c31: 0x1429, 0x1c32: 0x1a31, 0x1c33: 0xbb61, 0x1c34: 0xbb79, 0x1c35: 0xbb91,
-	0x1c36: 0xbba9, 0x1c37: 0xbbc1, 0x1c38: 0xbbd9, 0x1c39: 0x2109, 0x1c3a: 0x1111, 0x1c3b: 0xbbf1,
-	0x1c3c: 0xbbf1, 0x1c3d: 0xbc09, 0x1c3e: 0xbc21, 0x1c3f: 0x10e1,
+	0x1c00: 0xe115, 0x1c01: 0xe115, 0x1c02: 0xe135, 0x1c03: 0xe135, 0x1c04: 0xe115, 0x1c05: 0xe115,
+	0x1c06: 0xe175, 0x1c07: 0xe175, 0x1c08: 0xe115, 0x1c09: 0xe115, 0x1c0a: 0xe135, 0x1c0b: 0xe135,
+	0x1c0c: 0xe115, 0x1c0d: 0xe115, 0x1c0e: 0xe1f5, 0x1c0f: 0xe1f5, 0x1c10: 0xe115, 0x1c11: 0xe115,
+	0x1c12: 0xe135, 0x1c13: 0xe135, 0x1c14: 0xe115, 0x1c15: 0xe115, 0x1c16: 0xe175, 0x1c17: 0xe175,
+	0x1c18: 0xe115, 0x1c19: 0xe115, 0x1c1a: 0xe135, 0x1c1b: 0xe135, 0x1c1c: 0xe115, 0x1c1d: 0xe115,
+	0x1c1e: 0x8b3d, 0x1c1f: 0x8b3d, 0x1c20: 0x04b5, 0x1c21: 0x04b5, 0x1c22: 0x0a08, 0x1c23: 0x0a08,
+	0x1c24: 0x0a08, 0x1c25: 0x0a08, 0x1c26: 0x0a08, 0x1c27: 0x0a08, 0x1c28: 0x0a08, 0x1c29: 0x0a08,
+	0x1c2a: 0x0a08, 0x1c2b: 0x0a08, 0x1c2c: 0x0a08, 0x1c2d: 0x0a08, 0x1c2e: 0x0a08, 0x1c2f: 0x0a08,
+	0x1c30: 0x0a08, 0x1c31: 0x0a08, 0x1c32: 0x0a08, 0x1c33: 0x0a08, 0x1c34: 0x0a08, 0x1c35: 0x0a08,
+	0x1c36: 0x0a08, 0x1c37: 0x0a08, 0x1c38: 0x0a08, 0x1c39: 0x0a08, 0x1c3a: 0x0a08, 0x1c3b: 0x0a08,
+	0x1c3c: 0x0a08, 0x1c3d: 0x0a08, 0x1c3e: 0x0a08, 0x1c3f: 0x0a08,
 	// Block 0x71, offset 0x1c40
-	0x1c40: 0x10f9, 0x1c41: 0xbc39, 0x1c42: 0x2079, 0x1c43: 0xbc71, 0x1c44: 0xbb19, 0x1c45: 0x1429,
-	0x1c46: 0xbb61, 0x1c47: 0x10e1, 0x1c48: 0x1111, 0x1c49: 0x2109, 0x1c4a: 0xbc91, 0x1c4b: 0xbc91,
-	0x1c4c: 0x0040, 0x1c4d: 0x0040, 0x1c4e: 0x1f41, 0x1c4f: 0x00c9, 0x1c50: 0x0069, 0x1c51: 0x0079,
-	0x1c52: 0x1f51, 0x1c53: 0x1f61, 0x1c54: 0x1f71, 0x1c55: 0x1f81, 0x1c56: 0x1f91, 0x1c57: 0x1fa1,
-	0x1c58: 0x1f41, 0x1c59: 0x00c9, 0x1c5a: 0x0069, 0x1c5b: 0x0079, 0x1c5c: 0x1f51, 0x1c5d: 0x1f61,
-	0x1c5e: 0x1f71, 0x1c5f: 0x1f81, 0x1c60: 0x1f91, 0x1c61: 0x1fa1, 0x1c62: 0x1f41, 0x1c63: 0x00c9,
-	0x1c64: 0x0069, 0x1c65: 0x0079, 0x1c66: 0x1f51, 0x1c67: 0x1f61, 0x1c68: 0x1f71, 0x1c69: 0x1f81,
-	0x1c6a: 0x1f91, 0x1c6b: 0x1fa1, 0x1c6c: 0x1f41, 0x1c6d: 0x00c9, 0x1c6e: 0x0069, 0x1c6f: 0x0079,
-	0x1c70: 0x1f51, 0x1c71: 0x1f61, 0x1c72: 0x1f71, 0x1c73: 0x1f81, 0x1c74: 0x1f91, 0x1c75: 0x1fa1,
-	0x1c76: 0x1f41, 0x1c77: 0x00c9, 0x1c78: 0x0069, 0x1c79: 0x0079, 0x1c7a: 0x1f51, 0x1c7b: 0x1f61,
-	0x1c7c: 0x1f71, 0x1c7d: 0x1f81, 0x1c7e: 0x1f91, 0x1c7f: 0x1fa1,
+	0x1c40: 0x20b1, 0x1c41: 0x20b9, 0x1c42: 0x20d9, 0x1c43: 0x20f1, 0x1c44: 0x0040, 0x1c45: 0x2189,
+	0x1c46: 0x2109, 0x1c47: 0x20e1, 0x1c48: 0x2131, 0x1c49: 0x2191, 0x1c4a: 0x2161, 0x1c4b: 0x2169,
+	0x1c4c: 0x2171, 0x1c4d: 0x2179, 0x1c4e: 0x2111, 0x1c4f: 0x2141, 0x1c50: 0x2151, 0x1c51: 0x2121,
+	0x1c52: 0x2159, 0x1c53: 0x2101, 0x1c54: 0x2119, 0x1c55: 0x20c9, 0x1c56: 0x20d1, 0x1c57: 0x20e9,
+	0x1c58: 0x20f9, 0x1c59: 0x2129, 0x1c5a: 0x2139, 0x1c5b: 0x2149, 0x1c5c: 0x2311, 0x1c5d: 0x1689,
+	0x1c5e: 0x2319, 0x1c5f: 0x2321, 0x1c60: 0x0040, 0x1c61: 0x20b9, 0x1c62: 0x20d9, 0x1c63: 0x0040,
+	0x1c64: 0x2181, 0x1c65: 0x0040, 0x1c66: 0x0040, 0x1c67: 0x20e1, 0x1c68: 0x0040, 0x1c69: 0x2191,
+	0x1c6a: 0x2161, 0x1c6b: 0x2169, 0x1c6c: 0x2171, 0x1c6d: 0x2179, 0x1c6e: 0x2111, 0x1c6f: 0x2141,
+	0x1c70: 0x2151, 0x1c71: 0x2121, 0x1c72: 0x2159, 0x1c73: 0x0040, 0x1c74: 0x2119, 0x1c75: 0x20c9,
+	0x1c76: 0x20d1, 0x1c77: 0x20e9, 0x1c78: 0x0040, 0x1c79: 0x2129, 0x1c7a: 0x0040, 0x1c7b: 0x2149,
+	0x1c7c: 0x0040, 0x1c7d: 0x0040, 0x1c7e: 0x0040, 0x1c7f: 0x0040,
 	// Block 0x72, offset 0x1c80
-	0x1c80: 0xe115, 0x1c81: 0xe115, 0x1c82: 0xe135, 0x1c83: 0xe135, 0x1c84: 0xe115, 0x1c85: 0xe115,
-	0x1c86: 0xe175, 0x1c87: 0xe175, 0x1c88: 0xe115, 0x1c89: 0xe115, 0x1c8a: 0xe135, 0x1c8b: 0xe135,
-	0x1c8c: 0xe115, 0x1c8d: 0xe115, 0x1c8e: 0xe1f5, 0x1c8f: 0xe1f5, 0x1c90: 0xe115, 0x1c91: 0xe115,
-	0x1c92: 0xe135, 0x1c93: 0xe135, 0x1c94: 0xe115, 0x1c95: 0xe115, 0x1c96: 0xe175, 0x1c97: 0xe175,
-	0x1c98: 0xe115, 0x1c99: 0xe115, 0x1c9a: 0xe135, 0x1c9b: 0xe135, 0x1c9c: 0xe115, 0x1c9d: 0xe115,
-	0x1c9e: 0x8b3d, 0x1c9f: 0x8b3d, 0x1ca0: 0x04b5, 0x1ca1: 0x04b5, 0x1ca2: 0x0a08, 0x1ca3: 0x0a08,
-	0x1ca4: 0x0a08, 0x1ca5: 0x0a08, 0x1ca6: 0x0a08, 0x1ca7: 0x0a08, 0x1ca8: 0x0a08, 0x1ca9: 0x0a08,
-	0x1caa: 0x0a08, 0x1cab: 0x0a08, 0x1cac: 0x0a08, 0x1cad: 0x0a08, 0x1cae: 0x0a08, 0x1caf: 0x0a08,
-	0x1cb0: 0x0a08, 0x1cb1: 0x0a08, 0x1cb2: 0x0a08, 0x1cb3: 0x0a08, 0x1cb4: 0x0a08, 0x1cb5: 0x0a08,
-	0x1cb6: 0x0a08, 0x1cb7: 0x0a08, 0x1cb8: 0x0a08, 0x1cb9: 0x0a08, 0x1cba: 0x0a08, 0x1cbb: 0x0a08,
-	0x1cbc: 0x0a08, 0x1cbd: 0x0a08, 0x1cbe: 0x0a08, 0x1cbf: 0x0a08,
+	0x1c80: 0x0040, 0x1c81: 0x0040, 0x1c82: 0x20d9, 0x1c83: 0x0040, 0x1c84: 0x0040, 0x1c85: 0x0040,
+	0x1c86: 0x0040, 0x1c87: 0x20e1, 0x1c88: 0x0040, 0x1c89: 0x2191, 0x1c8a: 0x0040, 0x1c8b: 0x2169,
+	0x1c8c: 0x0040, 0x1c8d: 0x2179, 0x1c8e: 0x2111, 0x1c8f: 0x2141, 0x1c90: 0x0040, 0x1c91: 0x2121,
+	0x1c92: 0x2159, 0x1c93: 0x0040, 0x1c94: 0x2119, 0x1c95: 0x0040, 0x1c96: 0x0040, 0x1c97: 0x20e9,
+	0x1c98: 0x0040, 0x1c99: 0x2129, 0x1c9a: 0x0040, 0x1c9b: 0x2149, 0x1c9c: 0x0040, 0x1c9d: 0x1689,
+	0x1c9e: 0x0040, 0x1c9f: 0x2321, 0x1ca0: 0x0040, 0x1ca1: 0x20b9, 0x1ca2: 0x20d9, 0x1ca3: 0x0040,
+	0x1ca4: 0x2181, 0x1ca5: 0x0040, 0x1ca6: 0x0040, 0x1ca7: 0x20e1, 0x1ca8: 0x2131, 0x1ca9: 0x2191,
+	0x1caa: 0x2161, 0x1cab: 0x0040, 0x1cac: 0x2171, 0x1cad: 0x2179, 0x1cae: 0x2111, 0x1caf: 0x2141,
+	0x1cb0: 0x2151, 0x1cb1: 0x2121, 0x1cb2: 0x2159, 0x1cb3: 0x0040, 0x1cb4: 0x2119, 0x1cb5: 0x20c9,
+	0x1cb6: 0x20d1, 0x1cb7: 0x20e9, 0x1cb8: 0x0040, 0x1cb9: 0x2129, 0x1cba: 0x2139, 0x1cbb: 0x2149,
+	0x1cbc: 0x2311, 0x1cbd: 0x0040, 0x1cbe: 0x2319, 0x1cbf: 0x0040,
 	// Block 0x73, offset 0x1cc0
-	0x1cc0: 0xb1d9, 0x1cc1: 0xb1f1, 0x1cc2: 0xb251, 0x1cc3: 0xb299, 0x1cc4: 0x0040, 0x1cc5: 0xb461,
-	0x1cc6: 0xb2e1, 0x1cc7: 0xb269, 0x1cc8: 0xb359, 0x1cc9: 0xb479, 0x1cca: 0xb3e9, 0x1ccb: 0xb401,
-	0x1ccc: 0xb419, 0x1ccd: 0xb431, 0x1cce: 0xb2f9, 0x1ccf: 0xb389, 0x1cd0: 0xb3b9, 0x1cd1: 0xb329,
-	0x1cd2: 0xb3d1, 0x1cd3: 0xb2c9, 0x1cd4: 0xb311, 0x1cd5: 0xb221, 0x1cd6: 0xb239, 0x1cd7: 0xb281,
-	0x1cd8: 0xb2b1, 0x1cd9: 0xb341, 0x1cda: 0xb371, 0x1cdb: 0xb3a1, 0x1cdc: 0xbca9, 0x1cdd: 0x7999,
-	0x1cde: 0xbcc1, 0x1cdf: 0xbcd9, 0x1ce0: 0x0040, 0x1ce1: 0xb1f1, 0x1ce2: 0xb251, 0x1ce3: 0x0040,
-	0x1ce4: 0xb449, 0x1ce5: 0x0040, 0x1ce6: 0x0040, 0x1ce7: 0xb269, 0x1ce8: 0x0040, 0x1ce9: 0xb479,
-	0x1cea: 0xb3e9, 0x1ceb: 0xb401, 0x1cec: 0xb419, 0x1ced: 0xb431, 0x1cee: 0xb2f9, 0x1cef: 0xb389,
-	0x1cf0: 0xb3b9, 0x1cf1: 0xb329, 0x1cf2: 0xb3d1, 0x1cf3: 0x0040, 0x1cf4: 0xb311, 0x1cf5: 0xb221,
-	0x1cf6: 0xb239, 0x1cf7: 0xb281, 0x1cf8: 0x0040, 0x1cf9: 0xb341, 0x1cfa: 0x0040, 0x1cfb: 0xb3a1,
+	0x1cc0: 0x20b1, 0x1cc1: 0x20b9, 0x1cc2: 0x20d9, 0x1cc3: 0x20f1, 0x1cc4: 0x2181, 0x1cc5: 0x2189,
+	0x1cc6: 0x2109, 0x1cc7: 0x20e1, 0x1cc8: 0x2131, 0x1cc9: 0x2191, 0x1cca: 0x0040, 0x1ccb: 0x2169,
+	0x1ccc: 0x2171, 0x1ccd: 0x2179, 0x1cce: 0x2111, 0x1ccf: 0x2141, 0x1cd0: 0x2151, 0x1cd1: 0x2121,
+	0x1cd2: 0x2159, 0x1cd3: 0x2101, 0x1cd4: 0x2119, 0x1cd5: 0x20c9, 0x1cd6: 0x20d1, 0x1cd7: 0x20e9,
+	0x1cd8: 0x20f9, 0x1cd9: 0x2129, 0x1cda: 0x2139, 0x1cdb: 0x2149, 0x1cdc: 0x0040, 0x1cdd: 0x0040,
+	0x1cde: 0x0040, 0x1cdf: 0x0040, 0x1ce0: 0x0040, 0x1ce1: 0x20b9, 0x1ce2: 0x20d9, 0x1ce3: 0x20f1,
+	0x1ce4: 0x0040, 0x1ce5: 0x2189, 0x1ce6: 0x2109, 0x1ce7: 0x20e1, 0x1ce8: 0x2131, 0x1ce9: 0x2191,
+	0x1cea: 0x0040, 0x1ceb: 0x2169, 0x1cec: 0x2171, 0x1ced: 0x2179, 0x1cee: 0x2111, 0x1cef: 0x2141,
+	0x1cf0: 0x2151, 0x1cf1: 0x2121, 0x1cf2: 0x2159, 0x1cf3: 0x2101, 0x1cf4: 0x2119, 0x1cf5: 0x20c9,
+	0x1cf6: 0x20d1, 0x1cf7: 0x20e9, 0x1cf8: 0x20f9, 0x1cf9: 0x2129, 0x1cfa: 0x2139, 0x1cfb: 0x2149,
 	0x1cfc: 0x0040, 0x1cfd: 0x0040, 0x1cfe: 0x0040, 0x1cff: 0x0040,
 	// Block 0x74, offset 0x1d00
-	0x1d00: 0x0040, 0x1d01: 0x0040, 0x1d02: 0xb251, 0x1d03: 0x0040, 0x1d04: 0x0040, 0x1d05: 0x0040,
-	0x1d06: 0x0040, 0x1d07: 0xb269, 0x1d08: 0x0040, 0x1d09: 0xb479, 0x1d0a: 0x0040, 0x1d0b: 0xb401,
-	0x1d0c: 0x0040, 0x1d0d: 0xb431, 0x1d0e: 0xb2f9, 0x1d0f: 0xb389, 0x1d10: 0x0040, 0x1d11: 0xb329,
-	0x1d12: 0xb3d1, 0x1d13: 0x0040, 0x1d14: 0xb311, 0x1d15: 0x0040, 0x1d16: 0x0040, 0x1d17: 0xb281,
-	0x1d18: 0x0040, 0x1d19: 0xb341, 0x1d1a: 0x0040, 0x1d1b: 0xb3a1, 0x1d1c: 0x0040, 0x1d1d: 0x7999,
-	0x1d1e: 0x0040, 0x1d1f: 0xbcd9, 0x1d20: 0x0040, 0x1d21: 0xb1f1, 0x1d22: 0xb251, 0x1d23: 0x0040,
-	0x1d24: 0xb449, 0x1d25: 0x0040, 0x1d26: 0x0040, 0x1d27: 0xb269, 0x1d28: 0xb359, 0x1d29: 0xb479,
-	0x1d2a: 0xb3e9, 0x1d2b: 0x0040, 0x1d2c: 0xb419, 0x1d2d: 0xb431, 0x1d2e: 0xb2f9, 0x1d2f: 0xb389,
-	0x1d30: 0xb3b9, 0x1d31: 0xb329, 0x1d32: 0xb3d1, 0x1d33: 0x0040, 0x1d34: 0xb311, 0x1d35: 0xb221,
-	0x1d36: 0xb239, 0x1d37: 0xb281, 0x1d38: 0x0040, 0x1d39: 0xb341, 0x1d3a: 0xb371, 0x1d3b: 0xb3a1,
-	0x1d3c: 0xbca9, 0x1d3d: 0x0040, 0x1d3e: 0xbcc1, 0x1d3f: 0x0040,
+	0x1d00: 0x0040, 0x1d01: 0x232a, 0x1d02: 0x2332, 0x1d03: 0x233a, 0x1d04: 0x2342, 0x1d05: 0x234a,
+	0x1d06: 0x2352, 0x1d07: 0x235a, 0x1d08: 0x2362, 0x1d09: 0x236a, 0x1d0a: 0x2372, 0x1d0b: 0x0018,
+	0x1d0c: 0x0018, 0x1d0d: 0x0018, 0x1d0e: 0x0018, 0x1d0f: 0x0018, 0x1d10: 0x237a, 0x1d11: 0x2382,
+	0x1d12: 0x238a, 0x1d13: 0x2392, 0x1d14: 0x239a, 0x1d15: 0x23a2, 0x1d16: 0x23aa, 0x1d17: 0x23b2,
+	0x1d18: 0x23ba, 0x1d19: 0x23c2, 0x1d1a: 0x23ca, 0x1d1b: 0x23d2, 0x1d1c: 0x23da, 0x1d1d: 0x23e2,
+	0x1d1e: 0x23ea, 0x1d1f: 0x23f2, 0x1d20: 0x23fa, 0x1d21: 0x2402, 0x1d22: 0x240a, 0x1d23: 0x2412,
+	0x1d24: 0x241a, 0x1d25: 0x2422, 0x1d26: 0x242a, 0x1d27: 0x2432, 0x1d28: 0x243a, 0x1d29: 0x2442,
+	0x1d2a: 0x2449, 0x1d2b: 0x03d9, 0x1d2c: 0x00b9, 0x1d2d: 0x1239, 0x1d2e: 0x2451, 0x1d2f: 0x0018,
+	0x1d30: 0x0019, 0x1d31: 0x02e9, 0x1d32: 0x03d9, 0x1d33: 0x02f1, 0x1d34: 0x02f9, 0x1d35: 0x03f1,
+	0x1d36: 0x0309, 0x1d37: 0x00a9, 0x1d38: 0x0311, 0x1d39: 0x00b1, 0x1d3a: 0x0319, 0x1d3b: 0x0101,
+	0x1d3c: 0x0321, 0x1d3d: 0x0329, 0x1d3e: 0x0051, 0x1d3f: 0x0339,
 	// Block 0x75, offset 0x1d40
-	0x1d40: 0xb1d9, 0x1d41: 0xb1f1, 0x1d42: 0xb251, 0x1d43: 0xb299, 0x1d44: 0xb449, 0x1d45: 0xb461,
-	0x1d46: 0xb2e1, 0x1d47: 0xb269, 0x1d48: 0xb359, 0x1d49: 0xb479, 0x1d4a: 0x0040, 0x1d4b: 0xb401,
-	0x1d4c: 0xb419, 0x1d4d: 0xb431, 0x1d4e: 0xb2f9, 0x1d4f: 0xb389, 0x1d50: 0xb3b9, 0x1d51: 0xb329,
-	0x1d52: 0xb3d1, 0x1d53: 0xb2c9, 0x1d54: 0xb311, 0x1d55: 0xb221, 0x1d56: 0xb239, 0x1d57: 0xb281,
-	0x1d58: 0xb2b1, 0x1d59: 0xb341, 0x1d5a: 0xb371, 0x1d5b: 0xb3a1, 0x1d5c: 0x0040, 0x1d5d: 0x0040,
-	0x1d5e: 0x0040, 0x1d5f: 0x0040, 0x1d60: 0x0040, 0x1d61: 0xb1f1, 0x1d62: 0xb251, 0x1d63: 0xb299,
-	0x1d64: 0x0040, 0x1d65: 0xb461, 0x1d66: 0xb2e1, 0x1d67: 0xb269, 0x1d68: 0xb359, 0x1d69: 0xb479,
-	0x1d6a: 0x0040, 0x1d6b: 0xb401, 0x1d6c: 0xb419, 0x1d6d: 0xb431, 0x1d6e: 0xb2f9, 0x1d6f: 0xb389,
-	0x1d70: 0xb3b9, 0x1d71: 0xb329, 0x1d72: 0xb3d1, 0x1d73: 0xb2c9, 0x1d74: 0xb311, 0x1d75: 0xb221,
-	0x1d76: 0xb239, 0x1d77: 0xb281, 0x1d78: 0xb2b1, 0x1d79: 0xb341, 0x1d7a: 0xb371, 0x1d7b: 0xb3a1,
-	0x1d7c: 0x0040, 0x1d7d: 0x0040, 0x1d7e: 0x0040, 0x1d7f: 0x0040,
+	0x1d40: 0x0751, 0x1d41: 0x00b9, 0x1d42: 0x0089, 0x1d43: 0x0341, 0x1d44: 0x0349, 0x1d45: 0x0391,
+	0x1d46: 0x00c1, 0x1d47: 0x0109, 0x1d48: 0x00c9, 0x1d49: 0x04b1, 0x1d4a: 0x2459, 0x1d4b: 0x11f9,
+	0x1d4c: 0x2461, 0x1d4d: 0x04d9, 0x1d4e: 0x2469, 0x1d4f: 0x2471, 0x1d50: 0x0018, 0x1d51: 0x0018,
+	0x1d52: 0x0018, 0x1d53: 0x0018, 0x1d54: 0x0018, 0x1d55: 0x0018, 0x1d56: 0x0018, 0x1d57: 0x0018,
+	0x1d58: 0x0018, 0x1d59: 0x0018, 0x1d5a: 0x0018, 0x1d5b: 0x0018, 0x1d5c: 0x0018, 0x1d5d: 0x0018,
+	0x1d5e: 0x0018, 0x1d5f: 0x0018, 0x1d60: 0x0018, 0x1d61: 0x0018, 0x1d62: 0x0018, 0x1d63: 0x0018,
+	0x1d64: 0x0018, 0x1d65: 0x0018, 0x1d66: 0x0018, 0x1d67: 0x0018, 0x1d68: 0x0018, 0x1d69: 0x0018,
+	0x1d6a: 0x2479, 0x1d6b: 0x2481, 0x1d6c: 0x2489, 0x1d6d: 0x0018, 0x1d6e: 0x0018, 0x1d6f: 0x0018,
+	0x1d70: 0x0018, 0x1d71: 0x0018, 0x1d72: 0x0018, 0x1d73: 0x0018, 0x1d74: 0x0018, 0x1d75: 0x0018,
+	0x1d76: 0x0018, 0x1d77: 0x0018, 0x1d78: 0x0018, 0x1d79: 0x0018, 0x1d7a: 0x0018, 0x1d7b: 0x0018,
+	0x1d7c: 0x0018, 0x1d7d: 0x0018, 0x1d7e: 0x0018, 0x1d7f: 0x0018,
 	// Block 0x76, offset 0x1d80
-	0x1d80: 0x0040, 0x1d81: 0xbcf2, 0x1d82: 0xbd0a, 0x1d83: 0xbd22, 0x1d84: 0xbd3a, 0x1d85: 0xbd52,
-	0x1d86: 0xbd6a, 0x1d87: 0xbd82, 0x1d88: 0xbd9a, 0x1d89: 0xbdb2, 0x1d8a: 0xbdca, 0x1d8b: 0x0018,
-	0x1d8c: 0x0018, 0x1d8d: 0x0018, 0x1d8e: 0x0018, 0x1d8f: 0x0018, 0x1d90: 0xbde2, 0x1d91: 0xbe02,
-	0x1d92: 0xbe22, 0x1d93: 0xbe42, 0x1d94: 0xbe62, 0x1d95: 0xbe82, 0x1d96: 0xbea2, 0x1d97: 0xbec2,
-	0x1d98: 0xbee2, 0x1d99: 0xbf02, 0x1d9a: 0xbf22, 0x1d9b: 0xbf42, 0x1d9c: 0xbf62, 0x1d9d: 0xbf82,
-	0x1d9e: 0xbfa2, 0x1d9f: 0xbfc2, 0x1da0: 0xbfe2, 0x1da1: 0xc002, 0x1da2: 0xc022, 0x1da3: 0xc042,
-	0x1da4: 0xc062, 0x1da5: 0xc082, 0x1da6: 0xc0a2, 0x1da7: 0xc0c2, 0x1da8: 0xc0e2, 0x1da9: 0xc102,
-	0x1daa: 0xc121, 0x1dab: 0x1159, 0x1dac: 0x0269, 0x1dad: 0x66a9, 0x1dae: 0xc161, 0x1daf: 0x0018,
-	0x1db0: 0x0039, 0x1db1: 0x0ee9, 0x1db2: 0x1159, 0x1db3: 0x0ef9, 0x1db4: 0x0f09, 0x1db5: 0x1199,
-	0x1db6: 0x0f31, 0x1db7: 0x0249, 0x1db8: 0x0f41, 0x1db9: 0x0259, 0x1dba: 0x0f51, 0x1dbb: 0x0359,
-	0x1dbc: 0x0f61, 0x1dbd: 0x0f71, 0x1dbe: 0x00d9, 0x1dbf: 0x0f99,
+	0x1d80: 0x2499, 0x1d81: 0x24a1, 0x1d82: 0x24a9, 0x1d83: 0x0040, 0x1d84: 0x0040, 0x1d85: 0x0040,
+	0x1d86: 0x0040, 0x1d87: 0x0040, 0x1d88: 0x0040, 0x1d89: 0x0040, 0x1d8a: 0x0040, 0x1d8b: 0x0040,
+	0x1d8c: 0x0040, 0x1d8d: 0x0040, 0x1d8e: 0x0040, 0x1d8f: 0x0040, 0x1d90: 0x24b1, 0x1d91: 0x24b9,
+	0x1d92: 0x24c1, 0x1d93: 0x24c9, 0x1d94: 0x24d1, 0x1d95: 0x24d9, 0x1d96: 0x24e1, 0x1d97: 0x24e9,
+	0x1d98: 0x24f1, 0x1d99: 0x24f9, 0x1d9a: 0x2501, 0x1d9b: 0x2509, 0x1d9c: 0x2511, 0x1d9d: 0x2519,
+	0x1d9e: 0x2521, 0x1d9f: 0x2529, 0x1da0: 0x2531, 0x1da1: 0x2539, 0x1da2: 0x2541, 0x1da3: 0x2549,
+	0x1da4: 0x2551, 0x1da5: 0x2559, 0x1da6: 0x2561, 0x1da7: 0x2569, 0x1da8: 0x2571, 0x1da9: 0x2579,
+	0x1daa: 0x2581, 0x1dab: 0x2589, 0x1dac: 0x2591, 0x1dad: 0x2599, 0x1dae: 0x25a1, 0x1daf: 0x25a9,
+	0x1db0: 0x25b1, 0x1db1: 0x25b9, 0x1db2: 0x25c1, 0x1db3: 0x25c9, 0x1db4: 0x25d1, 0x1db5: 0x25d9,
+	0x1db6: 0x25e1, 0x1db7: 0x25e9, 0x1db8: 0x25f1, 0x1db9: 0x25f9, 0x1dba: 0x2601, 0x1dbb: 0x2609,
+	0x1dbc: 0x0040, 0x1dbd: 0x0040, 0x1dbe: 0x0040, 0x1dbf: 0x0040,
 	// Block 0x77, offset 0x1dc0
-	0x1dc0: 0x2039, 0x1dc1: 0x0269, 0x1dc2: 0x01d9, 0x1dc3: 0x0fa9, 0x1dc4: 0x0fb9, 0x1dc5: 0x1089,
-	0x1dc6: 0x0279, 0x1dc7: 0x0369, 0x1dc8: 0x0289, 0x1dc9: 0x13d1, 0x1dca: 0xc179, 0x1dcb: 0x65e9,
-	0x1dcc: 0xc191, 0x1dcd: 0x1441, 0x1dce: 0xc1a9, 0x1dcf: 0xc1c9, 0x1dd0: 0x0018, 0x1dd1: 0x0018,
-	0x1dd2: 0x0018, 0x1dd3: 0x0018, 0x1dd4: 0x0018, 0x1dd5: 0x0018, 0x1dd6: 0x0018, 0x1dd7: 0x0018,
-	0x1dd8: 0x0018, 0x1dd9: 0x0018, 0x1dda: 0x0018, 0x1ddb: 0x0018, 0x1ddc: 0x0018, 0x1ddd: 0x0018,
-	0x1dde: 0x0018, 0x1ddf: 0x0018, 0x1de0: 0x0018, 0x1de1: 0x0018, 0x1de2: 0x0018, 0x1de3: 0x0018,
-	0x1de4: 0x0018, 0x1de5: 0x0018, 0x1de6: 0x0018, 0x1de7: 0x0018, 0x1de8: 0x0018, 0x1de9: 0x0018,
-	0x1dea: 0xc1e1, 0x1deb: 0xc1f9, 0x1dec: 0xc211, 0x1ded: 0x0018, 0x1dee: 0x0018, 0x1def: 0x0018,
-	0x1df0: 0x0018, 0x1df1: 0x0018, 0x1df2: 0x0018, 0x1df3: 0x0018, 0x1df4: 0x0018, 0x1df5: 0x0018,
-	0x1df6: 0x0018, 0x1df7: 0x0018, 0x1df8: 0x0018, 0x1df9: 0x0018, 0x1dfa: 0x0018, 0x1dfb: 0x0018,
-	0x1dfc: 0x0018, 0x1dfd: 0x0018, 0x1dfe: 0x0018, 0x1dff: 0x0018,
+	0x1dc0: 0x2669, 0x1dc1: 0x2671, 0x1dc2: 0x2679, 0x1dc3: 0x8b55, 0x1dc4: 0x2681, 0x1dc5: 0x2689,
+	0x1dc6: 0x2691, 0x1dc7: 0x2699, 0x1dc8: 0x26a1, 0x1dc9: 0x26a9, 0x1dca: 0x26b1, 0x1dcb: 0x26b9,
+	0x1dcc: 0x26c1, 0x1dcd: 0x8b75, 0x1dce: 0x26c9, 0x1dcf: 0x26d1, 0x1dd0: 0x26d9, 0x1dd1: 0x26e1,
+	0x1dd2: 0x8b95, 0x1dd3: 0x26e9, 0x1dd4: 0x26f1, 0x1dd5: 0x2521, 0x1dd6: 0x8bb5, 0x1dd7: 0x26f9,
+	0x1dd8: 0x2701, 0x1dd9: 0x2709, 0x1dda: 0x2711, 0x1ddb: 0x2719, 0x1ddc: 0x8bd5, 0x1ddd: 0x2721,
+	0x1dde: 0x2729, 0x1ddf: 0x2731, 0x1de0: 0x2739, 0x1de1: 0x2741, 0x1de2: 0x25f9, 0x1de3: 0x2749,
+	0x1de4: 0x2751, 0x1de5: 0x2759, 0x1de6: 0x2761, 0x1de7: 0x2769, 0x1de8: 0x2771, 0x1de9: 0x2779,
+	0x1dea: 0x2781, 0x1deb: 0x2789, 0x1dec: 0x2791, 0x1ded: 0x2799, 0x1dee: 0x27a1, 0x1def: 0x27a9,
+	0x1df0: 0x27b1, 0x1df1: 0x27b9, 0x1df2: 0x27b9, 0x1df3: 0x27b9, 0x1df4: 0x8bf5, 0x1df5: 0x27c1,
+	0x1df6: 0x27c9, 0x1df7: 0x27d1, 0x1df8: 0x8c15, 0x1df9: 0x27d9, 0x1dfa: 0x27e1, 0x1dfb: 0x27e9,
+	0x1dfc: 0x27f1, 0x1dfd: 0x27f9, 0x1dfe: 0x2801, 0x1dff: 0x2809,
 	// Block 0x78, offset 0x1e00
-	0x1e00: 0xc241, 0x1e01: 0xc279, 0x1e02: 0xc2b1, 0x1e03: 0x0040, 0x1e04: 0x0040, 0x1e05: 0x0040,
-	0x1e06: 0x0040, 0x1e07: 0x0040, 0x1e08: 0x0040, 0x1e09: 0x0040, 0x1e0a: 0x0040, 0x1e0b: 0x0040,
-	0x1e0c: 0x0040, 0x1e0d: 0x0040, 0x1e0e: 0x0040, 0x1e0f: 0x0040, 0x1e10: 0xc2d1, 0x1e11: 0xc2f1,
-	0x1e12: 0xc311, 0x1e13: 0xc331, 0x1e14: 0xc351, 0x1e15: 0xc371, 0x1e16: 0xc391, 0x1e17: 0xc3b1,
-	0x1e18: 0xc3d1, 0x1e19: 0xc3f1, 0x1e1a: 0xc411, 0x1e1b: 0xc431, 0x1e1c: 0xc451, 0x1e1d: 0xc471,
-	0x1e1e: 0xc491, 0x1e1f: 0xc4b1, 0x1e20: 0xc4d1, 0x1e21: 0xc4f1, 0x1e22: 0xc511, 0x1e23: 0xc531,
-	0x1e24: 0xc551, 0x1e25: 0xc571, 0x1e26: 0xc591, 0x1e27: 0xc5b1, 0x1e28: 0xc5d1, 0x1e29: 0xc5f1,
-	0x1e2a: 0xc611, 0x1e2b: 0xc631, 0x1e2c: 0xc651, 0x1e2d: 0xc671, 0x1e2e: 0xc691, 0x1e2f: 0xc6b1,
-	0x1e30: 0xc6d1, 0x1e31: 0xc6f1, 0x1e32: 0xc711, 0x1e33: 0xc731, 0x1e34: 0xc751, 0x1e35: 0xc771,
-	0x1e36: 0xc791, 0x1e37: 0xc7b1, 0x1e38: 0xc7d1, 0x1e39: 0xc7f1, 0x1e3a: 0xc811, 0x1e3b: 0xc831,
-	0x1e3c: 0x0040, 0x1e3d: 0x0040, 0x1e3e: 0x0040, 0x1e3f: 0x0040,
+	0x1e00: 0x2811, 0x1e01: 0x2819, 0x1e02: 0x2821, 0x1e03: 0x2829, 0x1e04: 0x2831, 0x1e05: 0x2839,
+	0x1e06: 0x2839, 0x1e07: 0x2841, 0x1e08: 0x2849, 0x1e09: 0x2851, 0x1e0a: 0x2859, 0x1e0b: 0x2861,
+	0x1e0c: 0x2869, 0x1e0d: 0x2871, 0x1e0e: 0x2879, 0x1e0f: 0x2881, 0x1e10: 0x2889, 0x1e11: 0x2891,
+	0x1e12: 0x2899, 0x1e13: 0x28a1, 0x1e14: 0x28a9, 0x1e15: 0x28b1, 0x1e16: 0x28b9, 0x1e17: 0x28c1,
+	0x1e18: 0x28c9, 0x1e19: 0x8c35, 0x1e1a: 0x28d1, 0x1e1b: 0x28d9, 0x1e1c: 0x28e1, 0x1e1d: 0x24d9,
+	0x1e1e: 0x28e9, 0x1e1f: 0x28f1, 0x1e20: 0x8c55, 0x1e21: 0x8c75, 0x1e22: 0x28f9, 0x1e23: 0x2901,
+	0x1e24: 0x2909, 0x1e25: 0x2911, 0x1e26: 0x2919, 0x1e27: 0x2921, 0x1e28: 0x2040, 0x1e29: 0x2929,
+	0x1e2a: 0x2931, 0x1e2b: 0x2931, 0x1e2c: 0x8c95, 0x1e2d: 0x2939, 0x1e2e: 0x2941, 0x1e2f: 0x2949,
+	0x1e30: 0x2951, 0x1e31: 0x8cb5, 0x1e32: 0x2959, 0x1e33: 0x2961, 0x1e34: 0x2040, 0x1e35: 0x2969,
+	0x1e36: 0x2971, 0x1e37: 0x2979, 0x1e38: 0x2981, 0x1e39: 0x2989, 0x1e3a: 0x2991, 0x1e3b: 0x8cd5,
+	0x1e3c: 0x2999, 0x1e3d: 0x8cf5, 0x1e3e: 0x29a1, 0x1e3f: 0x29a9,
 	// Block 0x79, offset 0x1e40
-	0x1e40: 0xcb61, 0x1e41: 0xcb81, 0x1e42: 0xcba1, 0x1e43: 0x8b55, 0x1e44: 0xcbc1, 0x1e45: 0xcbe1,
-	0x1e46: 0xcc01, 0x1e47: 0xcc21, 0x1e48: 0xcc41, 0x1e49: 0xcc61, 0x1e4a: 0xcc81, 0x1e4b: 0xcca1,
-	0x1e4c: 0xccc1, 0x1e4d: 0x8b75, 0x1e4e: 0xcce1, 0x1e4f: 0xcd01, 0x1e50: 0xcd21, 0x1e51: 0xcd41,
-	0x1e52: 0x8b95, 0x1e53: 0xcd61, 0x1e54: 0xcd81, 0x1e55: 0xc491, 0x1e56: 0x8bb5, 0x1e57: 0xcda1,
-	0x1e58: 0xcdc1, 0x1e59: 0xcde1, 0x1e5a: 0xce01, 0x1e5b: 0xce21, 0x1e5c: 0x8bd5, 0x1e5d: 0xce41,
-	0x1e5e: 0xce61, 0x1e5f: 0xce81, 0x1e60: 0xcea1, 0x1e61: 0xcec1, 0x1e62: 0xc7f1, 0x1e63: 0xcee1,
-	0x1e64: 0xcf01, 0x1e65: 0xcf21, 0x1e66: 0xcf41, 0x1e67: 0xcf61, 0x1e68: 0xcf81, 0x1e69: 0xcfa1,
-	0x1e6a: 0xcfc1, 0x1e6b: 0xcfe1, 0x1e6c: 0xd001, 0x1e6d: 0xd021, 0x1e6e: 0xd041, 0x1e6f: 0xd061,
-	0x1e70: 0xd081, 0x1e71: 0xd0a1, 0x1e72: 0xd0a1, 0x1e73: 0xd0a1, 0x1e74: 0x8bf5, 0x1e75: 0xd0c1,
-	0x1e76: 0xd0e1, 0x1e77: 0xd101, 0x1e78: 0x8c15, 0x1e79: 0xd121, 0x1e7a: 0xd141, 0x1e7b: 0xd161,
-	0x1e7c: 0xd181, 0x1e7d: 0xd1a1, 0x1e7e: 0xd1c1, 0x1e7f: 0xd1e1,
+	0x1e40: 0x29b1, 0x1e41: 0x29b9, 0x1e42: 0x29c1, 0x1e43: 0x29c9, 0x1e44: 0x29d1, 0x1e45: 0x29d9,
+	0x1e46: 0x29e1, 0x1e47: 0x29e9, 0x1e48: 0x29f1, 0x1e49: 0x8d15, 0x1e4a: 0x29f9, 0x1e4b: 0x2a01,
+	0x1e4c: 0x2a09, 0x1e4d: 0x2a11, 0x1e4e: 0x2a19, 0x1e4f: 0x8d35, 0x1e50: 0x2a21, 0x1e51: 0x8d55,
+	0x1e52: 0x8d75, 0x1e53: 0x2a29, 0x1e54: 0x2a31, 0x1e55: 0x2a31, 0x1e56: 0x2a39, 0x1e57: 0x8d95,
+	0x1e58: 0x8db5, 0x1e59: 0x2a41, 0x1e5a: 0x2a49, 0x1e5b: 0x2a51, 0x1e5c: 0x2a59, 0x1e5d: 0x2a61,
+	0x1e5e: 0x2a69, 0x1e5f: 0x2a71, 0x1e60: 0x2a79, 0x1e61: 0x2a81, 0x1e62: 0x2a89, 0x1e63: 0x2a91,
+	0x1e64: 0x8dd5, 0x1e65: 0x2a99, 0x1e66: 0x2aa1, 0x1e67: 0x2aa9, 0x1e68: 0x2ab1, 0x1e69: 0x2aa9,
+	0x1e6a: 0x2ab9, 0x1e6b: 0x2ac1, 0x1e6c: 0x2ac9, 0x1e6d: 0x2ad1, 0x1e6e: 0x2ad9, 0x1e6f: 0x2ae1,
+	0x1e70: 0x2ae9, 0x1e71: 0x2af1, 0x1e72: 0x2af9, 0x1e73: 0x2b01, 0x1e74: 0x2b09, 0x1e75: 0x2b11,
+	0x1e76: 0x2b19, 0x1e77: 0x2b21, 0x1e78: 0x8df5, 0x1e79: 0x2b29, 0x1e7a: 0x2b31, 0x1e7b: 0x2b39,
+	0x1e7c: 0x2b41, 0x1e7d: 0x2b49, 0x1e7e: 0x8e15, 0x1e7f: 0x2b51,
 	// Block 0x7a, offset 0x1e80
-	0x1e80: 0xd201, 0x1e81: 0xd221, 0x1e82: 0xd241, 0x1e83: 0xd261, 0x1e84: 0xd281, 0x1e85: 0xd2a1,
-	0x1e86: 0xd2a1, 0x1e87: 0xd2c1, 0x1e88: 0xd2e1, 0x1e89: 0xd301, 0x1e8a: 0xd321, 0x1e8b: 0xd341,
-	0x1e8c: 0xd361, 0x1e8d: 0xd381, 0x1e8e: 0xd3a1, 0x1e8f: 0xd3c1, 0x1e90: 0xd3e1, 0x1e91: 0xd401,
-	0x1e92: 0xd421, 0x1e93: 0xd441, 0x1e94: 0xd461, 0x1e95: 0xd481, 0x1e96: 0xd4a1, 0x1e97: 0xd4c1,
-	0x1e98: 0xd4e1, 0x1e99: 0x8c35, 0x1e9a: 0xd501, 0x1e9b: 0xd521, 0x1e9c: 0xd541, 0x1e9d: 0xc371,
-	0x1e9e: 0xd561, 0x1e9f: 0xd581, 0x1ea0: 0x8c55, 0x1ea1: 0x8c75, 0x1ea2: 0xd5a1, 0x1ea3: 0xd5c1,
-	0x1ea4: 0xd5e1, 0x1ea5: 0xd601, 0x1ea6: 0xd621, 0x1ea7: 0xd641, 0x1ea8: 0x2040, 0x1ea9: 0xd661,
-	0x1eaa: 0xd681, 0x1eab: 0xd681, 0x1eac: 0x8c95, 0x1ead: 0xd6a1, 0x1eae: 0xd6c1, 0x1eaf: 0xd6e1,
-	0x1eb0: 0xd701, 0x1eb1: 0x8cb5, 0x1eb2: 0xd721, 0x1eb3: 0xd741, 0x1eb4: 0x2040, 0x1eb5: 0xd761,
-	0x1eb6: 0xd781, 0x1eb7: 0xd7a1, 0x1eb8: 0xd7c1, 0x1eb9: 0xd7e1, 0x1eba: 0xd801, 0x1ebb: 0x8cd5,
-	0x1ebc: 0xd821, 0x1ebd: 0x8cf5, 0x1ebe: 0xd841, 0x1ebf: 0xd861,
+	0x1e80: 0x2b59, 0x1e81: 0x2b61, 0x1e82: 0x2b69, 0x1e83: 0x2b71, 0x1e84: 0x2b79, 0x1e85: 0x2b81,
+	0x1e86: 0x2b89, 0x1e87: 0x2b91, 0x1e88: 0x2b99, 0x1e89: 0x2ba1, 0x1e8a: 0x8e35, 0x1e8b: 0x2ba9,
+	0x1e8c: 0x2bb1, 0x1e8d: 0x2bb9, 0x1e8e: 0x2bc1, 0x1e8f: 0x2bc9, 0x1e90: 0x2bd1, 0x1e91: 0x2bd9,
+	0x1e92: 0x2be1, 0x1e93: 0x2be9, 0x1e94: 0x2bf1, 0x1e95: 0x2bf9, 0x1e96: 0x2c01, 0x1e97: 0x2c09,
+	0x1e98: 0x2c11, 0x1e99: 0x2c19, 0x1e9a: 0x2c21, 0x1e9b: 0x2c29, 0x1e9c: 0x2c31, 0x1e9d: 0x8e55,
+	0x1e9e: 0x2c39, 0x1e9f: 0x2c41, 0x1ea0: 0x2c49, 0x1ea1: 0x2c51, 0x1ea2: 0x2c59, 0x1ea3: 0x8e75,
+	0x1ea4: 0x2c61, 0x1ea5: 0x2c69, 0x1ea6: 0x2c71, 0x1ea7: 0x2c79, 0x1ea8: 0x2c81, 0x1ea9: 0x2c89,
+	0x1eaa: 0x2c91, 0x1eab: 0x2c99, 0x1eac: 0x7f0d, 0x1ead: 0x2ca1, 0x1eae: 0x2ca9, 0x1eaf: 0x2cb1,
+	0x1eb0: 0x8e95, 0x1eb1: 0x2cb9, 0x1eb2: 0x2cc1, 0x1eb3: 0x2cc9, 0x1eb4: 0x2cd1, 0x1eb5: 0x2cd9,
+	0x1eb6: 0x2ce1, 0x1eb7: 0x8eb5, 0x1eb8: 0x8ed5, 0x1eb9: 0x8ef5, 0x1eba: 0x2ce9, 0x1ebb: 0x8f15,
+	0x1ebc: 0x2cf1, 0x1ebd: 0x2cf9, 0x1ebe: 0x2d01, 0x1ebf: 0x2d09,
 	// Block 0x7b, offset 0x1ec0
-	0x1ec0: 0xd881, 0x1ec1: 0xd8a1, 0x1ec2: 0xd8c1, 0x1ec3: 0xd8e1, 0x1ec4: 0xd901, 0x1ec5: 0xd921,
-	0x1ec6: 0xd941, 0x1ec7: 0xd961, 0x1ec8: 0xd981, 0x1ec9: 0x8d15, 0x1eca: 0xd9a1, 0x1ecb: 0xd9c1,
-	0x1ecc: 0xd9e1, 0x1ecd: 0xda01, 0x1ece: 0xda21, 0x1ecf: 0x8d35, 0x1ed0: 0xda41, 0x1ed1: 0x8d55,
-	0x1ed2: 0x8d75, 0x1ed3: 0xda61, 0x1ed4: 0xda81, 0x1ed5: 0xda81, 0x1ed6: 0xdaa1, 0x1ed7: 0x8d95,
-	0x1ed8: 0x8db5, 0x1ed9: 0xdac1, 0x1eda: 0xdae1, 0x1edb: 0xdb01, 0x1edc: 0xdb21, 0x1edd: 0xdb41,
-	0x1ede: 0xdb61, 0x1edf: 0xdb81, 0x1ee0: 0xdba1, 0x1ee1: 0xdbc1, 0x1ee2: 0xdbe1, 0x1ee3: 0xdc01,
-	0x1ee4: 0x8dd5, 0x1ee5: 0xdc21, 0x1ee6: 0xdc41, 0x1ee7: 0xdc61, 0x1ee8: 0xdc81, 0x1ee9: 0xdc61,
-	0x1eea: 0xdca1, 0x1eeb: 0xdcc1, 0x1eec: 0xdce1, 0x1eed: 0xdd01, 0x1eee: 0xdd21, 0x1eef: 0xdd41,
-	0x1ef0: 0xdd61, 0x1ef1: 0xdd81, 0x1ef2: 0xdda1, 0x1ef3: 0xddc1, 0x1ef4: 0xdde1, 0x1ef5: 0xde01,
-	0x1ef6: 0xde21, 0x1ef7: 0xde41, 0x1ef8: 0x8df5, 0x1ef9: 0xde61, 0x1efa: 0xde81, 0x1efb: 0xdea1,
-	0x1efc: 0xdec1, 0x1efd: 0xdee1, 0x1efe: 0x8e15, 0x1eff: 0xdf01,
+	0x1ec0: 0x2d11, 0x1ec1: 0x2d19, 0x1ec2: 0x2d21, 0x1ec3: 0x2d29, 0x1ec4: 0x2d31, 0x1ec5: 0x2d39,
+	0x1ec6: 0x8f35, 0x1ec7: 0x2d41, 0x1ec8: 0x2d49, 0x1ec9: 0x2d51, 0x1eca: 0x2d59, 0x1ecb: 0x2d61,
+	0x1ecc: 0x2d69, 0x1ecd: 0x8f55, 0x1ece: 0x2d71, 0x1ecf: 0x2d79, 0x1ed0: 0x8f75, 0x1ed1: 0x8f95,
+	0x1ed2: 0x2d81, 0x1ed3: 0x2d89, 0x1ed4: 0x2d91, 0x1ed5: 0x2d99, 0x1ed6: 0x2da1, 0x1ed7: 0x2da9,
+	0x1ed8: 0x2db1, 0x1ed9: 0x2db9, 0x1eda: 0x2dc1, 0x1edb: 0x8fb5, 0x1edc: 0x2dc9, 0x1edd: 0x8fd5,
+	0x1ede: 0x2dd1, 0x1edf: 0x2040, 0x1ee0: 0x2dd9, 0x1ee1: 0x2de1, 0x1ee2: 0x2de9, 0x1ee3: 0x8ff5,
+	0x1ee4: 0x2df1, 0x1ee5: 0x2df9, 0x1ee6: 0x9015, 0x1ee7: 0x9035, 0x1ee8: 0x2e01, 0x1ee9: 0x2e09,
+	0x1eea: 0x2e11, 0x1eeb: 0x2e19, 0x1eec: 0x2e21, 0x1eed: 0x2e21, 0x1eee: 0x2e29, 0x1eef: 0x2e31,
+	0x1ef0: 0x2e39, 0x1ef1: 0x2e41, 0x1ef2: 0x2e49, 0x1ef3: 0x2e51, 0x1ef4: 0x2e59, 0x1ef5: 0x9055,
+	0x1ef6: 0x2e61, 0x1ef7: 0x9075, 0x1ef8: 0x2e69, 0x1ef9: 0x9095, 0x1efa: 0x2e71, 0x1efb: 0x90b5,
+	0x1efc: 0x90d5, 0x1efd: 0x90f5, 0x1efe: 0x2e79, 0x1eff: 0x2e81,
 	// Block 0x7c, offset 0x1f00
-	0x1f00: 0xe601, 0x1f01: 0xe621, 0x1f02: 0xe641, 0x1f03: 0xe661, 0x1f04: 0xe681, 0x1f05: 0xe6a1,
-	0x1f06: 0x8f35, 0x1f07: 0xe6c1, 0x1f08: 0xe6e1, 0x1f09: 0xe701, 0x1f0a: 0xe721, 0x1f0b: 0xe741,
-	0x1f0c: 0xe761, 0x1f0d: 0x8f55, 0x1f0e: 0xe781, 0x1f0f: 0xe7a1, 0x1f10: 0x8f75, 0x1f11: 0x8f95,
-	0x1f12: 0xe7c1, 0x1f13: 0xe7e1, 0x1f14: 0xe801, 0x1f15: 0xe821, 0x1f16: 0xe841, 0x1f17: 0xe861,
-	0x1f18: 0xe881, 0x1f19: 0xe8a1, 0x1f1a: 0xe8c1, 0x1f1b: 0x8fb5, 0x1f1c: 0xe8e1, 0x1f1d: 0x8fd5,
-	0x1f1e: 0xe901, 0x1f1f: 0x2040, 0x1f20: 0xe921, 0x1f21: 0xe941, 0x1f22: 0xe961, 0x1f23: 0x8ff5,
-	0x1f24: 0xe981, 0x1f25: 0xe9a1, 0x1f26: 0x9015, 0x1f27: 0x9035, 0x1f28: 0xe9c1, 0x1f29: 0xe9e1,
-	0x1f2a: 0xea01, 0x1f2b: 0xea21, 0x1f2c: 0xea41, 0x1f2d: 0xea41, 0x1f2e: 0xea61, 0x1f2f: 0xea81,
-	0x1f30: 0xeaa1, 0x1f31: 0xeac1, 0x1f32: 0xeae1, 0x1f33: 0xeb01, 0x1f34: 0xeb21, 0x1f35: 0x9055,
-	0x1f36: 0xeb41, 0x1f37: 0x9075, 0x1f38: 0xeb61, 0x1f39: 0x9095, 0x1f3a: 0xeb81, 0x1f3b: 0x90b5,
-	0x1f3c: 0x90d5, 0x1f3d: 0x90f5, 0x1f3e: 0xeba1, 0x1f3f: 0xebc1,
+	0x1f00: 0x2e89, 0x1f01: 0x9115, 0x1f02: 0x9135, 0x1f03: 0x9155, 0x1f04: 0x9175, 0x1f05: 0x2e91,
+	0x1f06: 0x2e99, 0x1f07: 0x2e99, 0x1f08: 0x2ea1, 0x1f09: 0x2ea9, 0x1f0a: 0x2eb1, 0x1f0b: 0x2eb9,
+	0x1f0c: 0x2ec1, 0x1f0d: 0x9195, 0x1f0e: 0x2ec9, 0x1f0f: 0x2ed1, 0x1f10: 0x2ed9, 0x1f11: 0x2ee1,
+	0x1f12: 0x91b5, 0x1f13: 0x2ee9, 0x1f14: 0x91d5, 0x1f15: 0x91f5, 0x1f16: 0x2ef1, 0x1f17: 0x2ef9,
+	0x1f18: 0x2f01, 0x1f19: 0x2f09, 0x1f1a: 0x2f11, 0x1f1b: 0x2f19, 0x1f1c: 0x9215, 0x1f1d: 0x9235,
+	0x1f1e: 0x9255, 0x1f1f: 0x2040, 0x1f20: 0x2f21, 0x1f21: 0x9275, 0x1f22: 0x2f29, 0x1f23: 0x2f31,
+	0x1f24: 0x2f39, 0x1f25: 0x9295, 0x1f26: 0x2f41, 0x1f27: 0x2f49, 0x1f28: 0x2f51, 0x1f29: 0x2f59,
+	0x1f2a: 0x2f61, 0x1f2b: 0x92b5, 0x1f2c: 0x2f69, 0x1f2d: 0x2f71, 0x1f2e: 0x2f79, 0x1f2f: 0x2f81,
+	0x1f30: 0x2f89, 0x1f31: 0x2f91, 0x1f32: 0x92d5, 0x1f33: 0x92f5, 0x1f34: 0x2f99, 0x1f35: 0x9315,
+	0x1f36: 0x2fa1, 0x1f37: 0x9335, 0x1f38: 0x2fa9, 0x1f39: 0x2fb1, 0x1f3a: 0x2fb9, 0x1f3b: 0x9355,
+	0x1f3c: 0x9375, 0x1f3d: 0x2fc1, 0x1f3e: 0x9395, 0x1f3f: 0x2fc9,
 	// Block 0x7d, offset 0x1f40
-	0x1f40: 0xebe1, 0x1f41: 0x9115, 0x1f42: 0x9135, 0x1f43: 0x9155, 0x1f44: 0x9175, 0x1f45: 0xec01,
-	0x1f46: 0xec21, 0x1f47: 0xec21, 0x1f48: 0xec41, 0x1f49: 0xec61, 0x1f4a: 0xec81, 0x1f4b: 0xeca1,
-	0x1f4c: 0xecc1, 0x1f4d: 0x9195, 0x1f4e: 0xece1, 0x1f4f: 0xed01, 0x1f50: 0xed21, 0x1f51: 0xed41,
-	0x1f52: 0x91b5, 0x1f53: 0xed61, 0x1f54: 0x91d5, 0x1f55: 0x91f5, 0x1f56: 0xed81, 0x1f57: 0xeda1,
-	0x1f58: 0xedc1, 0x1f59: 0xede1, 0x1f5a: 0xee01, 0x1f5b: 0xee21, 0x1f5c: 0x9215, 0x1f5d: 0x9235,
-	0x1f5e: 0x9255, 0x1f5f: 0x2040, 0x1f60: 0xee41, 0x1f61: 0x9275, 0x1f62: 0xee61, 0x1f63: 0xee81,
-	0x1f64: 0xeea1, 0x1f65: 0x9295, 0x1f66: 0xeec1, 0x1f67: 0xeee1, 0x1f68: 0xef01, 0x1f69: 0xef21,
-	0x1f6a: 0xef41, 0x1f6b: 0x92b5, 0x1f6c: 0xef61, 0x1f6d: 0xef81, 0x1f6e: 0xefa1, 0x1f6f: 0xefc1,
-	0x1f70: 0xefe1, 0x1f71: 0xf001, 0x1f72: 0x92d5, 0x1f73: 0x92f5, 0x1f74: 0xf021, 0x1f75: 0x9315,
-	0x1f76: 0xf041, 0x1f77: 0x9335, 0x1f78: 0xf061, 0x1f79: 0xf081, 0x1f7a: 0xf0a1, 0x1f7b: 0x9355,
-	0x1f7c: 0x9375, 0x1f7d: 0xf0c1, 0x1f7e: 0x9395, 0x1f7f: 0xf0e1,
+	0x1f40: 0x93b5, 0x1f41: 0x2fd1, 0x1f42: 0x2fd9, 0x1f43: 0x2fe1, 0x1f44: 0x2fe9, 0x1f45: 0x2ff1,
+	0x1f46: 0x2ff9, 0x1f47: 0x93d5, 0x1f48: 0x93f5, 0x1f49: 0x9415, 0x1f4a: 0x9435, 0x1f4b: 0x2a29,
+	0x1f4c: 0x3001, 0x1f4d: 0x3009, 0x1f4e: 0x3011, 0x1f4f: 0x3019, 0x1f50: 0x3021, 0x1f51: 0x3029,
+	0x1f52: 0x3031, 0x1f53: 0x3039, 0x1f54: 0x3041, 0x1f55: 0x3049, 0x1f56: 0x3051, 0x1f57: 0x9455,
+	0x1f58: 0x3059, 0x1f59: 0x3061, 0x1f5a: 0x3069, 0x1f5b: 0x3071, 0x1f5c: 0x3079, 0x1f5d: 0x3081,
+	0x1f5e: 0x3089, 0x1f5f: 0x3091, 0x1f60: 0x3099, 0x1f61: 0x30a1, 0x1f62: 0x30a9, 0x1f63: 0x30b1,
+	0x1f64: 0x9475, 0x1f65: 0x9495, 0x1f66: 0x94b5, 0x1f67: 0x30b9, 0x1f68: 0x30c1, 0x1f69: 0x30c9,
+	0x1f6a: 0x30d1, 0x1f6b: 0x94d5, 0x1f6c: 0x30d9, 0x1f6d: 0x94f5, 0x1f6e: 0x30e1, 0x1f6f: 0x30e9,
+	0x1f70: 0x9515, 0x1f71: 0x9535, 0x1f72: 0x30f1, 0x1f73: 0x30f9, 0x1f74: 0x3101, 0x1f75: 0x3109,
+	0x1f76: 0x3111, 0x1f77: 0x3119, 0x1f78: 0x3121, 0x1f79: 0x3129, 0x1f7a: 0x3131, 0x1f7b: 0x3139,
+	0x1f7c: 0x3141, 0x1f7d: 0x3149, 0x1f7e: 0x3151, 0x1f7f: 0x2040,
 	// Block 0x7e, offset 0x1f80
-	0x1f80: 0xf721, 0x1f81: 0xf741, 0x1f82: 0xf761, 0x1f83: 0xf781, 0x1f84: 0xf7a1, 0x1f85: 0x9555,
-	0x1f86: 0xf7c1, 0x1f87: 0xf7e1, 0x1f88: 0xf801, 0x1f89: 0xf821, 0x1f8a: 0xf841, 0x1f8b: 0x9575,
-	0x1f8c: 0x9595, 0x1f8d: 0xf861, 0x1f8e: 0xf881, 0x1f8f: 0xf8a1, 0x1f90: 0xf8c1, 0x1f91: 0xf8e1,
-	0x1f92: 0xf901, 0x1f93: 0x95b5, 0x1f94: 0xf921, 0x1f95: 0xf941, 0x1f96: 0xf961, 0x1f97: 0xf981,
-	0x1f98: 0x95d5, 0x1f99: 0x95f5, 0x1f9a: 0xf9a1, 0x1f9b: 0xf9c1, 0x1f9c: 0xf9e1, 0x1f9d: 0x9615,
-	0x1f9e: 0xfa01, 0x1f9f: 0xfa21, 0x1fa0: 0x684d, 0x1fa1: 0x9635, 0x1fa2: 0xfa41, 0x1fa3: 0xfa61,
-	0x1fa4: 0xfa81, 0x1fa5: 0x9655, 0x1fa6: 0xfaa1, 0x1fa7: 0xfac1, 0x1fa8: 0xfae1, 0x1fa9: 0xfb01,
-	0x1faa: 0xfb21, 0x1fab: 0xfb41, 0x1fac: 0xfb61, 0x1fad: 0x9675, 0x1fae: 0xfb81, 0x1faf: 0xfba1,
-	0x1fb0: 0xfbc1, 0x1fb1: 0x9695, 0x1fb2: 0xfbe1, 0x1fb3: 0xfc01, 0x1fb4: 0xfc21, 0x1fb5: 0xfc41,
-	0x1fb6: 0x7b6d, 0x1fb7: 0x96b5, 0x1fb8: 0xfc61, 0x1fb9: 0xfc81, 0x1fba: 0xfca1, 0x1fbb: 0x96d5,
-	0x1fbc: 0xfcc1, 0x1fbd: 0x96f5, 0x1fbe: 0xfce1, 0x1fbf: 0xfce1,
+	0x1f80: 0x3159, 0x1f81: 0x3161, 0x1f82: 0x3169, 0x1f83: 0x3171, 0x1f84: 0x3179, 0x1f85: 0x9555,
+	0x1f86: 0x3181, 0x1f87: 0x3189, 0x1f88: 0x3191, 0x1f89: 0x3199, 0x1f8a: 0x31a1, 0x1f8b: 0x9575,
+	0x1f8c: 0x9595, 0x1f8d: 0x31a9, 0x1f8e: 0x31b1, 0x1f8f: 0x31b9, 0x1f90: 0x31c1, 0x1f91: 0x31c9,
+	0x1f92: 0x31d1, 0x1f93: 0x95b5, 0x1f94: 0x31d9, 0x1f95: 0x31e1, 0x1f96: 0x31e9, 0x1f97: 0x31f1,
+	0x1f98: 0x95d5, 0x1f99: 0x95f5, 0x1f9a: 0x31f9, 0x1f9b: 0x3201, 0x1f9c: 0x3209, 0x1f9d: 0x9615,
+	0x1f9e: 0x3211, 0x1f9f: 0x3219, 0x1fa0: 0x684d, 0x1fa1: 0x9635, 0x1fa2: 0x3221, 0x1fa3: 0x3229,
+	0x1fa4: 0x3231, 0x1fa5: 0x9655, 0x1fa6: 0x3239, 0x1fa7: 0x3241, 0x1fa8: 0x3249, 0x1fa9: 0x3251,
+	0x1faa: 0x3259, 0x1fab: 0x3261, 0x1fac: 0x3269, 0x1fad: 0x9675, 0x1fae: 0x3271, 0x1faf: 0x3279,
+	0x1fb0: 0x3281, 0x1fb1: 0x9695, 0x1fb2: 0x3289, 0x1fb3: 0x3291, 0x1fb4: 0x3299, 0x1fb5: 0x32a1,
+	0x1fb6: 0x7b6d, 0x1fb7: 0x96b5, 0x1fb8: 0x32a9, 0x1fb9: 0x32b1, 0x1fba: 0x32b9, 0x1fbb: 0x96d5,
+	0x1fbc: 0x32c1, 0x1fbd: 0x96f5, 0x1fbe: 0x32c9, 0x1fbf: 0x32c9,
 	// Block 0x7f, offset 0x1fc0
-	0x1fc0: 0xfd01, 0x1fc1: 0x9715, 0x1fc2: 0xfd21, 0x1fc3: 0xfd41, 0x1fc4: 0xfd61, 0x1fc5: 0xfd81,
-	0x1fc6: 0xfda1, 0x1fc7: 0xfdc1, 0x1fc8: 0xfde1, 0x1fc9: 0x9735, 0x1fca: 0xfe01, 0x1fcb: 0xfe21,
-	0x1fcc: 0xfe41, 0x1fcd: 0xfe61, 0x1fce: 0xfe81, 0x1fcf: 0xfea1, 0x1fd0: 0x9755, 0x1fd1: 0xfec1,
-	0x1fd2: 0x9775, 0x1fd3: 0x9795, 0x1fd4: 0x97b5, 0x1fd5: 0xfee1, 0x1fd6: 0xff01, 0x1fd7: 0xff21,
-	0x1fd8: 0xff41, 0x1fd9: 0xff61, 0x1fda: 0xff81, 0x1fdb: 0xffa1, 0x1fdc: 0xffc1, 0x1fdd: 0x97d5,
+	0x1fc0: 0x32d1, 0x1fc1: 0x9715, 0x1fc2: 0x32d9, 0x1fc3: 0x32e1, 0x1fc4: 0x32e9, 0x1fc5: 0x32f1,
+	0x1fc6: 0x32f9, 0x1fc7: 0x3301, 0x1fc8: 0x3309, 0x1fc9: 0x9735, 0x1fca: 0x3311, 0x1fcb: 0x3319,
+	0x1fcc: 0x3321, 0x1fcd: 0x3329, 0x1fce: 0x3331, 0x1fcf: 0x3339, 0x1fd0: 0x9755, 0x1fd1: 0x3341,
+	0x1fd2: 0x9775, 0x1fd3: 0x9795, 0x1fd4: 0x97b5, 0x1fd5: 0x3349, 0x1fd6: 0x3351, 0x1fd7: 0x3359,
+	0x1fd8: 0x3361, 0x1fd9: 0x3369, 0x1fda: 0x3371, 0x1fdb: 0x3379, 0x1fdc: 0x3381, 0x1fdd: 0x97d5,
 	0x1fde: 0x0040, 0x1fdf: 0x0040, 0x1fe0: 0x0040, 0x1fe1: 0x0040, 0x1fe2: 0x0040, 0x1fe3: 0x0040,
 	0x1fe4: 0x0040, 0x1fe5: 0x0040, 0x1fe6: 0x0040, 0x1fe7: 0x0040, 0x1fe8: 0x0040, 0x1fe9: 0x0040,
 	0x1fea: 0x0040, 0x1feb: 0x0040, 0x1fec: 0x0040, 0x1fed: 0x0040, 0x1fee: 0x0040, 0x1fef: 0x0040,
@@ -2134,7 +2277,7 @@ var idnaIndex = [2368]uint16{
 	0x1b8: 0xd6, 0x1b9: 0xd7, 0x1ba: 0xd8, 0x1bb: 0xd9, 0x1bc: 0xda, 0x1bd: 0xdb, 0x1be: 0xdc, 0x1bf: 0x37,
 	// Block 0x7, offset 0x1c0
 	0x1c0: 0x38, 0x1c1: 0xdd, 0x1c2: 0xde, 0x1c3: 0xdf, 0x1c4: 0xe0, 0x1c5: 0x39, 0x1c6: 0x3a, 0x1c7: 0xe1,
-	0x1c8: 0xe2, 0x1c9: 0x3b, 0x1ca: 0x3c, 0x1cb: 0x3d, 0x1cc: 0x3e, 0x1cd: 0x3f, 0x1ce: 0x40, 0x1cf: 0x41,
+	0x1c8: 0xe2, 0x1c9: 0x3b, 0x1ca: 0x3c, 0x1cb: 0x3d, 0x1cc: 0xe3, 0x1cd: 0xe4, 0x1ce: 0x3e, 0x1cf: 0x3f,
 	0x1d0: 0xa0, 0x1d1: 0xa0, 0x1d2: 0xa0, 0x1d3: 0xa0, 0x1d4: 0xa0, 0x1d5: 0xa0, 0x1d6: 0xa0, 0x1d7: 0xa0,
 	0x1d8: 0xa0, 0x1d9: 0xa0, 0x1da: 0xa0, 0x1db: 0xa0, 0x1dc: 0xa0, 0x1dd: 0xa0, 0x1de: 0xa0, 0x1df: 0xa0,
 	0x1e0: 0xa0, 0x1e1: 0xa0, 0x1e2: 0xa0, 0x1e3: 0xa0, 0x1e4: 0xa0, 0x1e5: 0xa0, 0x1e6: 0xa0, 0x1e7: 0xa0,
@@ -2167,143 +2310,143 @@ var idnaIndex = [2368]uint16{
 	0x2a0: 0xa0, 0x2a1: 0xa0, 0x2a2: 0xa0, 0x2a3: 0xa0, 0x2a4: 0xa0, 0x2a5: 0xa0, 0x2a6: 0xa0, 0x2a7: 0xa0,
 	0x2a8: 0xa0, 0x2a9: 0xa0, 0x2aa: 0xa0, 0x2ab: 0xa0, 0x2ac: 0xa0, 0x2ad: 0xa0, 0x2ae: 0xa0, 0x2af: 0xa0,
 	0x2b0: 0xa0, 0x2b1: 0xa0, 0x2b2: 0xa0, 0x2b3: 0xa0, 0x2b4: 0xa0, 0x2b5: 0xa0, 0x2b6: 0xa0, 0x2b7: 0xa0,
-	0x2b8: 0xa0, 0x2b9: 0xa0, 0x2ba: 0xa0, 0x2bb: 0xa0, 0x2bc: 0xa0, 0x2bd: 0xa0, 0x2be: 0xa0, 0x2bf: 0xe3,
+	0x2b8: 0xa0, 0x2b9: 0xa0, 0x2ba: 0xa0, 0x2bb: 0xa0, 0x2bc: 0xa0, 0x2bd: 0xa0, 0x2be: 0xa0, 0x2bf: 0xe5,
 	// Block 0xb, offset 0x2c0
 	0x2c0: 0xa0, 0x2c1: 0xa0, 0x2c2: 0xa0, 0x2c3: 0xa0, 0x2c4: 0xa0, 0x2c5: 0xa0, 0x2c6: 0xa0, 0x2c7: 0xa0,
 	0x2c8: 0xa0, 0x2c9: 0xa0, 0x2ca: 0xa0, 0x2cb: 0xa0, 0x2cc: 0xa0, 0x2cd: 0xa0, 0x2ce: 0xa0, 0x2cf: 0xa0,
-	0x2d0: 0xa0, 0x2d1: 0xa0, 0x2d2: 0xe4, 0x2d3: 0xe5, 0x2d4: 0xa0, 0x2d5: 0xa0, 0x2d6: 0xa0, 0x2d7: 0xa0,
-	0x2d8: 0xe6, 0x2d9: 0x42, 0x2da: 0x43, 0x2db: 0xe7, 0x2dc: 0x44, 0x2dd: 0x45, 0x2de: 0x46, 0x2df: 0xe8,
-	0x2e0: 0xe9, 0x2e1: 0xea, 0x2e2: 0xeb, 0x2e3: 0xec, 0x2e4: 0xed, 0x2e5: 0xee, 0x2e6: 0xef, 0x2e7: 0xf0,
-	0x2e8: 0xf1, 0x2e9: 0xf2, 0x2ea: 0xf3, 0x2eb: 0xf4, 0x2ec: 0xf5, 0x2ed: 0xf6, 0x2ee: 0xf7, 0x2ef: 0xf8,
+	0x2d0: 0xa0, 0x2d1: 0xa0, 0x2d2: 0xe6, 0x2d3: 0xe7, 0x2d4: 0xa0, 0x2d5: 0xa0, 0x2d6: 0xa0, 0x2d7: 0xa0,
+	0x2d8: 0xe8, 0x2d9: 0x40, 0x2da: 0x41, 0x2db: 0xe9, 0x2dc: 0x42, 0x2dd: 0x43, 0x2de: 0x44, 0x2df: 0xea,
+	0x2e0: 0xeb, 0x2e1: 0xec, 0x2e2: 0xed, 0x2e3: 0xee, 0x2e4: 0xef, 0x2e5: 0xf0, 0x2e6: 0xf1, 0x2e7: 0xf2,
+	0x2e8: 0xf3, 0x2e9: 0xf4, 0x2ea: 0xf5, 0x2eb: 0xf6, 0x2ec: 0xf7, 0x2ed: 0xf8, 0x2ee: 0xf9, 0x2ef: 0xfa,
 	0x2f0: 0xa0, 0x2f1: 0xa0, 0x2f2: 0xa0, 0x2f3: 0xa0, 0x2f4: 0xa0, 0x2f5: 0xa0, 0x2f6: 0xa0, 0x2f7: 0xa0,
 	0x2f8: 0xa0, 0x2f9: 0xa0, 0x2fa: 0xa0, 0x2fb: 0xa0, 0x2fc: 0xa0, 0x2fd: 0xa0, 0x2fe: 0xa0, 0x2ff: 0xa0,
 	// Block 0xc, offset 0x300
 	0x300: 0xa0, 0x301: 0xa0, 0x302: 0xa0, 0x303: 0xa0, 0x304: 0xa0, 0x305: 0xa0, 0x306: 0xa0, 0x307: 0xa0,
 	0x308: 0xa0, 0x309: 0xa0, 0x30a: 0xa0, 0x30b: 0xa0, 0x30c: 0xa0, 0x30d: 0xa0, 0x30e: 0xa0, 0x30f: 0xa0,
 	0x310: 0xa0, 0x311: 0xa0, 0x312: 0xa0, 0x313: 0xa0, 0x314: 0xa0, 0x315: 0xa0, 0x316: 0xa0, 0x317: 0xa0,
-	0x318: 0xa0, 0x319: 0xa0, 0x31a: 0xa0, 0x31b: 0xa0, 0x31c: 0xa0, 0x31d: 0xa0, 0x31e: 0xf9, 0x31f: 0xfa,
+	0x318: 0xa0, 0x319: 0xa0, 0x31a: 0xa0, 0x31b: 0xa0, 0x31c: 0xa0, 0x31d: 0xa0, 0x31e: 0xfb, 0x31f: 0xfc,
 	// Block 0xd, offset 0x340
-	0x340: 0xfb, 0x341: 0xfb, 0x342: 0xfb, 0x343: 0xfb, 0x344: 0xfb, 0x345: 0xfb, 0x346: 0xfb, 0x347: 0xfb,
-	0x348: 0xfb, 0x349: 0xfb, 0x34a: 0xfb, 0x34b: 0xfb, 0x34c: 0xfb, 0x34d: 0xfb, 0x34e: 0xfb, 0x34f: 0xfb,
-	0x350: 0xfb, 0x351: 0xfb, 0x352: 0xfb, 0x353: 0xfb, 0x354: 0xfb, 0x355: 0xfb, 0x356: 0xfb, 0x357: 0xfb,
-	0x358: 0xfb, 0x359: 0xfb, 0x35a: 0xfb, 0x35b: 0xfb, 0x35c: 0xfb, 0x35d: 0xfb, 0x35e: 0xfb, 0x35f: 0xfb,
-	0x360: 0xfb, 0x361: 0xfb, 0x362: 0xfb, 0x363: 0xfb, 0x364: 0xfb, 0x365: 0xfb, 0x366: 0xfb, 0x367: 0xfb,
-	0x368: 0xfb, 0x369: 0xfb, 0x36a: 0xfb, 0x36b: 0xfb, 0x36c: 0xfb, 0x36d: 0xfb, 0x36e: 0xfb, 0x36f: 0xfb,
-	0x370: 0xfb, 0x371: 0xfb, 0x372: 0xfb, 0x373: 0xfb, 0x374: 0xfb, 0x375: 0xfb, 0x376: 0xfb, 0x377: 0xfb,
-	0x378: 0xfb, 0x379: 0xfb, 0x37a: 0xfb, 0x37b: 0xfb, 0x37c: 0xfb, 0x37d: 0xfb, 0x37e: 0xfb, 0x37f: 0xfb,
+	0x340: 0xfd, 0x341: 0xfd, 0x342: 0xfd, 0x343: 0xfd, 0x344: 0xfd, 0x345: 0xfd, 0x346: 0xfd, 0x347: 0xfd,
+	0x348: 0xfd, 0x349: 0xfd, 0x34a: 0xfd, 0x34b: 0xfd, 0x34c: 0xfd, 0x34d: 0xfd, 0x34e: 0xfd, 0x34f: 0xfd,
+	0x350: 0xfd, 0x351: 0xfd, 0x352: 0xfd, 0x353: 0xfd, 0x354: 0xfd, 0x355: 0xfd, 0x356: 0xfd, 0x357: 0xfd,
+	0x358: 0xfd, 0x359: 0xfd, 0x35a: 0xfd, 0x35b: 0xfd, 0x35c: 0xfd, 0x35d: 0xfd, 0x35e: 0xfd, 0x35f: 0xfd,
+	0x360: 0xfd, 0x361: 0xfd, 0x362: 0xfd, 0x363: 0xfd, 0x364: 0xfd, 0x365: 0xfd, 0x366: 0xfd, 0x367: 0xfd,
+	0x368: 0xfd, 0x369: 0xfd, 0x36a: 0xfd, 0x36b: 0xfd, 0x36c: 0xfd, 0x36d: 0xfd, 0x36e: 0xfd, 0x36f: 0xfd,
+	0x370: 0xfd, 0x371: 0xfd, 0x372: 0xfd, 0x373: 0xfd, 0x374: 0xfd, 0x375: 0xfd, 0x376: 0xfd, 0x377: 0xfd,
+	0x378: 0xfd, 0x379: 0xfd, 0x37a: 0xfd, 0x37b: 0xfd, 0x37c: 0xfd, 0x37d: 0xfd, 0x37e: 0xfd, 0x37f: 0xfd,
 	// Block 0xe, offset 0x380
-	0x380: 0xfb, 0x381: 0xfb, 0x382: 0xfb, 0x383: 0xfb, 0x384: 0xfb, 0x385: 0xfb, 0x386: 0xfb, 0x387: 0xfb,
-	0x388: 0xfb, 0x389: 0xfb, 0x38a: 0xfb, 0x38b: 0xfb, 0x38c: 0xfb, 0x38d: 0xfb, 0x38e: 0xfb, 0x38f: 0xfb,
-	0x390: 0xfb, 0x391: 0xfb, 0x392: 0xfb, 0x393: 0xfb, 0x394: 0xfb, 0x395: 0xfb, 0x396: 0xfb, 0x397: 0xfb,
-	0x398: 0xfb, 0x399: 0xfb, 0x39a: 0xfb, 0x39b: 0xfb, 0x39c: 0xfb, 0x39d: 0xfb, 0x39e: 0xfb, 0x39f: 0xfb,
-	0x3a0: 0xfb, 0x3a1: 0xfb, 0x3a2: 0xfb, 0x3a3: 0xfb, 0x3a4: 0xfc, 0x3a5: 0xfd, 0x3a6: 0xfe, 0x3a7: 0xff,
-	0x3a8: 0x47, 0x3a9: 0x100, 0x3aa: 0x101, 0x3ab: 0x48, 0x3ac: 0x49, 0x3ad: 0x4a, 0x3ae: 0x4b, 0x3af: 0x4c,
-	0x3b0: 0x102, 0x3b1: 0x4d, 0x3b2: 0x4e, 0x3b3: 0x4f, 0x3b4: 0x50, 0x3b5: 0x51, 0x3b6: 0x103, 0x3b7: 0x52,
-	0x3b8: 0x53, 0x3b9: 0x54, 0x3ba: 0x55, 0x3bb: 0x56, 0x3bc: 0x57, 0x3bd: 0x58, 0x3be: 0x59, 0x3bf: 0x5a,
+	0x380: 0xfd, 0x381: 0xfd, 0x382: 0xfd, 0x383: 0xfd, 0x384: 0xfd, 0x385: 0xfd, 0x386: 0xfd, 0x387: 0xfd,
+	0x388: 0xfd, 0x389: 0xfd, 0x38a: 0xfd, 0x38b: 0xfd, 0x38c: 0xfd, 0x38d: 0xfd, 0x38e: 0xfd, 0x38f: 0xfd,
+	0x390: 0xfd, 0x391: 0xfd, 0x392: 0xfd, 0x393: 0xfd, 0x394: 0xfd, 0x395: 0xfd, 0x396: 0xfd, 0x397: 0xfd,
+	0x398: 0xfd, 0x399: 0xfd, 0x39a: 0xfd, 0x39b: 0xfd, 0x39c: 0xfd, 0x39d: 0xfd, 0x39e: 0xfd, 0x39f: 0xfd,
+	0x3a0: 0xfd, 0x3a1: 0xfd, 0x3a2: 0xfd, 0x3a3: 0xfd, 0x3a4: 0xfe, 0x3a5: 0xff, 0x3a6: 0x100, 0x3a7: 0x101,
+	0x3a8: 0x45, 0x3a9: 0x102, 0x3aa: 0x103, 0x3ab: 0x46, 0x3ac: 0x47, 0x3ad: 0x48, 0x3ae: 0x49, 0x3af: 0x4a,
+	0x3b0: 0x104, 0x3b1: 0x4b, 0x3b2: 0x4c, 0x3b3: 0x4d, 0x3b4: 0x4e, 0x3b5: 0x4f, 0x3b6: 0x105, 0x3b7: 0x50,
+	0x3b8: 0x51, 0x3b9: 0x52, 0x3ba: 0x53, 0x3bb: 0x54, 0x3bc: 0x55, 0x3bd: 0x56, 0x3be: 0x57, 0x3bf: 0x58,
 	// Block 0xf, offset 0x3c0
-	0x3c0: 0x104, 0x3c1: 0x105, 0x3c2: 0xa0, 0x3c3: 0x106, 0x3c4: 0x107, 0x3c5: 0x9c, 0x3c6: 0x108, 0x3c7: 0x109,
-	0x3c8: 0xfb, 0x3c9: 0xfb, 0x3ca: 0x10a, 0x3cb: 0x10b, 0x3cc: 0x10c, 0x3cd: 0x10d, 0x3ce: 0x10e, 0x3cf: 0x10f,
-	0x3d0: 0x110, 0x3d1: 0xa0, 0x3d2: 0x111, 0x3d3: 0x112, 0x3d4: 0x113, 0x3d5: 0x114, 0x3d6: 0xfb, 0x3d7: 0xfb,
-	0x3d8: 0xa0, 0x3d9: 0xa0, 0x3da: 0xa0, 0x3db: 0xa0, 0x3dc: 0x115, 0x3dd: 0x116, 0x3de: 0xfb, 0x3df: 0xfb,
-	0x3e0: 0x117, 0x3e1: 0x118, 0x3e2: 0x119, 0x3e3: 0x11a, 0x3e4: 0x11b, 0x3e5: 0xfb, 0x3e6: 0x11c, 0x3e7: 0x11d,
-	0x3e8: 0x11e, 0x3e9: 0x11f, 0x3ea: 0x120, 0x3eb: 0x5b, 0x3ec: 0x121, 0x3ed: 0x122, 0x3ee: 0x5c, 0x3ef: 0xfb,
-	0x3f0: 0x123, 0x3f1: 0x124, 0x3f2: 0x125, 0x3f3: 0x126, 0x3f4: 0x127, 0x3f5: 0xfb, 0x3f6: 0xfb, 0x3f7: 0xfb,
-	0x3f8: 0xfb, 0x3f9: 0x128, 0x3fa: 0x129, 0x3fb: 0xfb, 0x3fc: 0x12a, 0x3fd: 0x12b, 0x3fe: 0x12c, 0x3ff: 0x12d,
+	0x3c0: 0x106, 0x3c1: 0x107, 0x3c2: 0xa0, 0x3c3: 0x108, 0x3c4: 0x109, 0x3c5: 0x9c, 0x3c6: 0x10a, 0x3c7: 0x10b,
+	0x3c8: 0xfd, 0x3c9: 0xfd, 0x3ca: 0x10c, 0x3cb: 0x10d, 0x3cc: 0x10e, 0x3cd: 0x10f, 0x3ce: 0x110, 0x3cf: 0x111,
+	0x3d0: 0x112, 0x3d1: 0xa0, 0x3d2: 0x113, 0x3d3: 0x114, 0x3d4: 0x115, 0x3d5: 0x116, 0x3d6: 0xfd, 0x3d7: 0xfd,
+	0x3d8: 0xa0, 0x3d9: 0xa0, 0x3da: 0xa0, 0x3db: 0xa0, 0x3dc: 0x117, 0x3dd: 0x118, 0x3de: 0xfd, 0x3df: 0xfd,
+	0x3e0: 0x119, 0x3e1: 0x11a, 0x3e2: 0x11b, 0x3e3: 0x11c, 0x3e4: 0x11d, 0x3e5: 0xfd, 0x3e6: 0x11e, 0x3e7: 0x11f,
+	0x3e8: 0x120, 0x3e9: 0x121, 0x3ea: 0x122, 0x3eb: 0x59, 0x3ec: 0x123, 0x3ed: 0x124, 0x3ee: 0x5a, 0x3ef: 0xfd,
+	0x3f0: 0x125, 0x3f1: 0x126, 0x3f2: 0x127, 0x3f3: 0x128, 0x3f4: 0x129, 0x3f5: 0xfd, 0x3f6: 0xfd, 0x3f7: 0xfd,
+	0x3f8: 0xfd, 0x3f9: 0x12a, 0x3fa: 0x12b, 0x3fb: 0xfd, 0x3fc: 0x12c, 0x3fd: 0x12d, 0x3fe: 0x12e, 0x3ff: 0x12f,
 	// Block 0x10, offset 0x400
-	0x400: 0x12e, 0x401: 0x12f, 0x402: 0x130, 0x403: 0x131, 0x404: 0x132, 0x405: 0x133, 0x406: 0x134, 0x407: 0x135,
-	0x408: 0x136, 0x409: 0xfb, 0x40a: 0x137, 0x40b: 0x138, 0x40c: 0x5d, 0x40d: 0x5e, 0x40e: 0xfb, 0x40f: 0xfb,
-	0x410: 0x139, 0x411: 0x13a, 0x412: 0x13b, 0x413: 0x13c, 0x414: 0xfb, 0x415: 0xfb, 0x416: 0x13d, 0x417: 0x13e,
-	0x418: 0x13f, 0x419: 0x140, 0x41a: 0x141, 0x41b: 0x142, 0x41c: 0x143, 0x41d: 0xfb, 0x41e: 0xfb, 0x41f: 0xfb,
-	0x420: 0x144, 0x421: 0xfb, 0x422: 0x145, 0x423: 0x146, 0x424: 0x5f, 0x425: 0x147, 0x426: 0x148, 0x427: 0x149,
-	0x428: 0x14a, 0x429: 0x14b, 0x42a: 0x14c, 0x42b: 0x14d, 0x42c: 0xfb, 0x42d: 0xfb, 0x42e: 0xfb, 0x42f: 0xfb,
-	0x430: 0x14e, 0x431: 0x14f, 0x432: 0x150, 0x433: 0xfb, 0x434: 0x151, 0x435: 0x152, 0x436: 0x153, 0x437: 0xfb,
-	0x438: 0xfb, 0x439: 0xfb, 0x43a: 0xfb, 0x43b: 0x154, 0x43c: 0xfb, 0x43d: 0xfb, 0x43e: 0x155, 0x43f: 0x156,
+	0x400: 0x130, 0x401: 0x131, 0x402: 0x132, 0x403: 0x133, 0x404: 0x134, 0x405: 0x135, 0x406: 0x136, 0x407: 0x137,
+	0x408: 0x138, 0x409: 0xfd, 0x40a: 0x139, 0x40b: 0x13a, 0x40c: 0x5b, 0x40d: 0x5c, 0x40e: 0xfd, 0x40f: 0xfd,
+	0x410: 0x13b, 0x411: 0x13c, 0x412: 0x13d, 0x413: 0x13e, 0x414: 0xfd, 0x415: 0xfd, 0x416: 0x13f, 0x417: 0x140,
+	0x418: 0x141, 0x419: 0x142, 0x41a: 0x143, 0x41b: 0x144, 0x41c: 0x145, 0x41d: 0xfd, 0x41e: 0xfd, 0x41f: 0xfd,
+	0x420: 0x146, 0x421: 0xfd, 0x422: 0x147, 0x423: 0x148, 0x424: 0x5d, 0x425: 0x149, 0x426: 0x14a, 0x427: 0x14b,
+	0x428: 0x14c, 0x429: 0x14d, 0x42a: 0x14e, 0x42b: 0x14f, 0x42c: 0xfd, 0x42d: 0xfd, 0x42e: 0xfd, 0x42f: 0xfd,
+	0x430: 0x150, 0x431: 0x151, 0x432: 0x152, 0x433: 0xfd, 0x434: 0x153, 0x435: 0x154, 0x436: 0x155, 0x437: 0xfd,
+	0x438: 0xfd, 0x439: 0xfd, 0x43a: 0xfd, 0x43b: 0x156, 0x43c: 0xfd, 0x43d: 0xfd, 0x43e: 0x157, 0x43f: 0x158,
 	// Block 0x11, offset 0x440
 	0x440: 0xa0, 0x441: 0xa0, 0x442: 0xa0, 0x443: 0xa0, 0x444: 0xa0, 0x445: 0xa0, 0x446: 0xa0, 0x447: 0xa0,
-	0x448: 0xa0, 0x449: 0xa0, 0x44a: 0xa0, 0x44b: 0xa0, 0x44c: 0xa0, 0x44d: 0xa0, 0x44e: 0x157, 0x44f: 0xfb,
-	0x450: 0x9c, 0x451: 0x158, 0x452: 0xa0, 0x453: 0xa0, 0x454: 0xa0, 0x455: 0x159, 0x456: 0xfb, 0x457: 0xfb,
-	0x458: 0xfb, 0x459: 0xfb, 0x45a: 0xfb, 0x45b: 0xfb, 0x45c: 0xfb, 0x45d: 0xfb, 0x45e: 0xfb, 0x45f: 0xfb,
-	0x460: 0xfb, 0x461: 0xfb, 0x462: 0xfb, 0x463: 0xfb, 0x464: 0xfb, 0x465: 0xfb, 0x466: 0xfb, 0x467: 0xfb,
-	0x468: 0xfb, 0x469: 0xfb, 0x46a: 0xfb, 0x46b: 0xfb, 0x46c: 0xfb, 0x46d: 0xfb, 0x46e: 0xfb, 0x46f: 0xfb,
-	0x470: 0xfb, 0x471: 0xfb, 0x472: 0xfb, 0x473: 0xfb, 0x474: 0xfb, 0x475: 0xfb, 0x476: 0xfb, 0x477: 0xfb,
-	0x478: 0xfb, 0x479: 0xfb, 0x47a: 0xfb, 0x47b: 0xfb, 0x47c: 0xfb, 0x47d: 0xfb, 0x47e: 0xfb, 0x47f: 0xfb,
+	0x448: 0xa0, 0x449: 0xa0, 0x44a: 0xa0, 0x44b: 0xa0, 0x44c: 0xa0, 0x44d: 0xa0, 0x44e: 0x159, 0x44f: 0xfd,
+	0x450: 0x9c, 0x451: 0x15a, 0x452: 0xa0, 0x453: 0xa0, 0x454: 0xa0, 0x455: 0x15b, 0x456: 0xfd, 0x457: 0xfd,
+	0x458: 0xfd, 0x459: 0xfd, 0x45a: 0xfd, 0x45b: 0xfd, 0x45c: 0xfd, 0x45d: 0xfd, 0x45e: 0xfd, 0x45f: 0xfd,
+	0x460: 0xfd, 0x461: 0xfd, 0x462: 0xfd, 0x463: 0xfd, 0x464: 0xfd, 0x465: 0xfd, 0x466: 0xfd, 0x467: 0xfd,
+	0x468: 0xfd, 0x469: 0xfd, 0x46a: 0xfd, 0x46b: 0xfd, 0x46c: 0xfd, 0x46d: 0xfd, 0x46e: 0xfd, 0x46f: 0xfd,
+	0x470: 0xfd, 0x471: 0xfd, 0x472: 0xfd, 0x473: 0xfd, 0x474: 0xfd, 0x475: 0xfd, 0x476: 0xfd, 0x477: 0xfd,
+	0x478: 0xfd, 0x479: 0xfd, 0x47a: 0xfd, 0x47b: 0xfd, 0x47c: 0xfd, 0x47d: 0xfd, 0x47e: 0xfd, 0x47f: 0xfd,
 	// Block 0x12, offset 0x480
 	0x480: 0xa0, 0x481: 0xa0, 0x482: 0xa0, 0x483: 0xa0, 0x484: 0xa0, 0x485: 0xa0, 0x486: 0xa0, 0x487: 0xa0,
 	0x488: 0xa0, 0x489: 0xa0, 0x48a: 0xa0, 0x48b: 0xa0, 0x48c: 0xa0, 0x48d: 0xa0, 0x48e: 0xa0, 0x48f: 0xa0,
-	0x490: 0x15a, 0x491: 0xfb, 0x492: 0xfb, 0x493: 0xfb, 0x494: 0xfb, 0x495: 0xfb, 0x496: 0xfb, 0x497: 0xfb,
-	0x498: 0xfb, 0x499: 0xfb, 0x49a: 0xfb, 0x49b: 0xfb, 0x49c: 0xfb, 0x49d: 0xfb, 0x49e: 0xfb, 0x49f: 0xfb,
-	0x4a0: 0xfb, 0x4a1: 0xfb, 0x4a2: 0xfb, 0x4a3: 0xfb, 0x4a4: 0xfb, 0x4a5: 0xfb, 0x4a6: 0xfb, 0x4a7: 0xfb,
-	0x4a8: 0xfb, 0x4a9: 0xfb, 0x4aa: 0xfb, 0x4ab: 0xfb, 0x4ac: 0xfb, 0x4ad: 0xfb, 0x4ae: 0xfb, 0x4af: 0xfb,
-	0x4b0: 0xfb, 0x4b1: 0xfb, 0x4b2: 0xfb, 0x4b3: 0xfb, 0x4b4: 0xfb, 0x4b5: 0xfb, 0x4b6: 0xfb, 0x4b7: 0xfb,
-	0x4b8: 0xfb, 0x4b9: 0xfb, 0x4ba: 0xfb, 0x4bb: 0xfb, 0x4bc: 0xfb, 0x4bd: 0xfb, 0x4be: 0xfb, 0x4bf: 0xfb,
+	0x490: 0x15c, 0x491: 0xfd, 0x492: 0xfd, 0x493: 0xfd, 0x494: 0xfd, 0x495: 0xfd, 0x496: 0xfd, 0x497: 0xfd,
+	0x498: 0xfd, 0x499: 0xfd, 0x49a: 0xfd, 0x49b: 0xfd, 0x49c: 0xfd, 0x49d: 0xfd, 0x49e: 0xfd, 0x49f: 0xfd,
+	0x4a0: 0xfd, 0x4a1: 0xfd, 0x4a2: 0xfd, 0x4a3: 0xfd, 0x4a4: 0xfd, 0x4a5: 0xfd, 0x4a6: 0xfd, 0x4a7: 0xfd,
+	0x4a8: 0xfd, 0x4a9: 0xfd, 0x4aa: 0xfd, 0x4ab: 0xfd, 0x4ac: 0xfd, 0x4ad: 0xfd, 0x4ae: 0xfd, 0x4af: 0xfd,
+	0x4b0: 0xfd, 0x4b1: 0xfd, 0x4b2: 0xfd, 0x4b3: 0xfd, 0x4b4: 0xfd, 0x4b5: 0xfd, 0x4b6: 0xfd, 0x4b7: 0xfd,
+	0x4b8: 0xfd, 0x4b9: 0xfd, 0x4ba: 0xfd, 0x4bb: 0xfd, 0x4bc: 0xfd, 0x4bd: 0xfd, 0x4be: 0xfd, 0x4bf: 0xfd,
 	// Block 0x13, offset 0x4c0
-	0x4c0: 0xfb, 0x4c1: 0xfb, 0x4c2: 0xfb, 0x4c3: 0xfb, 0x4c4: 0xfb, 0x4c5: 0xfb, 0x4c6: 0xfb, 0x4c7: 0xfb,
-	0x4c8: 0xfb, 0x4c9: 0xfb, 0x4ca: 0xfb, 0x4cb: 0xfb, 0x4cc: 0xfb, 0x4cd: 0xfb, 0x4ce: 0xfb, 0x4cf: 0xfb,
+	0x4c0: 0xfd, 0x4c1: 0xfd, 0x4c2: 0xfd, 0x4c3: 0xfd, 0x4c4: 0xfd, 0x4c5: 0xfd, 0x4c6: 0xfd, 0x4c7: 0xfd,
+	0x4c8: 0xfd, 0x4c9: 0xfd, 0x4ca: 0xfd, 0x4cb: 0xfd, 0x4cc: 0xfd, 0x4cd: 0xfd, 0x4ce: 0xfd, 0x4cf: 0xfd,
 	0x4d0: 0xa0, 0x4d1: 0xa0, 0x4d2: 0xa0, 0x4d3: 0xa0, 0x4d4: 0xa0, 0x4d5: 0xa0, 0x4d6: 0xa0, 0x4d7: 0xa0,
-	0x4d8: 0xa0, 0x4d9: 0x15b, 0x4da: 0xfb, 0x4db: 0xfb, 0x4dc: 0xfb, 0x4dd: 0xfb, 0x4de: 0xfb, 0x4df: 0xfb,
-	0x4e0: 0xfb, 0x4e1: 0xfb, 0x4e2: 0xfb, 0x4e3: 0xfb, 0x4e4: 0xfb, 0x4e5: 0xfb, 0x4e6: 0xfb, 0x4e7: 0xfb,
-	0x4e8: 0xfb, 0x4e9: 0xfb, 0x4ea: 0xfb, 0x4eb: 0xfb, 0x4ec: 0xfb, 0x4ed: 0xfb, 0x4ee: 0xfb, 0x4ef: 0xfb,
-	0x4f0: 0xfb, 0x4f1: 0xfb, 0x4f2: 0xfb, 0x4f3: 0xfb, 0x4f4: 0xfb, 0x4f5: 0xfb, 0x4f6: 0xfb, 0x4f7: 0xfb,
-	0x4f8: 0xfb, 0x4f9: 0xfb, 0x4fa: 0xfb, 0x4fb: 0xfb, 0x4fc: 0xfb, 0x4fd: 0xfb, 0x4fe: 0xfb, 0x4ff: 0xfb,
+	0x4d8: 0xa0, 0x4d9: 0x15d, 0x4da: 0xfd, 0x4db: 0xfd, 0x4dc: 0xfd, 0x4dd: 0xfd, 0x4de: 0xfd, 0x4df: 0xfd,
+	0x4e0: 0xfd, 0x4e1: 0xfd, 0x4e2: 0xfd, 0x4e3: 0xfd, 0x4e4: 0xfd, 0x4e5: 0xfd, 0x4e6: 0xfd, 0x4e7: 0xfd,
+	0x4e8: 0xfd, 0x4e9: 0xfd, 0x4ea: 0xfd, 0x4eb: 0xfd, 0x4ec: 0xfd, 0x4ed: 0xfd, 0x4ee: 0xfd, 0x4ef: 0xfd,
+	0x4f0: 0xfd, 0x4f1: 0xfd, 0x4f2: 0xfd, 0x4f3: 0xfd, 0x4f4: 0xfd, 0x4f5: 0xfd, 0x4f6: 0xfd, 0x4f7: 0xfd,
+	0x4f8: 0xfd, 0x4f9: 0xfd, 0x4fa: 0xfd, 0x4fb: 0xfd, 0x4fc: 0xfd, 0x4fd: 0xfd, 0x4fe: 0xfd, 0x4ff: 0xfd,
 	// Block 0x14, offset 0x500
-	0x500: 0xfb, 0x501: 0xfb, 0x502: 0xfb, 0x503: 0xfb, 0x504: 0xfb, 0x505: 0xfb, 0x506: 0xfb, 0x507: 0xfb,
-	0x508: 0xfb, 0x509: 0xfb, 0x50a: 0xfb, 0x50b: 0xfb, 0x50c: 0xfb, 0x50d: 0xfb, 0x50e: 0xfb, 0x50f: 0xfb,
-	0x510: 0xfb, 0x511: 0xfb, 0x512: 0xfb, 0x513: 0xfb, 0x514: 0xfb, 0x515: 0xfb, 0x516: 0xfb, 0x517: 0xfb,
-	0x518: 0xfb, 0x519: 0xfb, 0x51a: 0xfb, 0x51b: 0xfb, 0x51c: 0xfb, 0x51d: 0xfb, 0x51e: 0xfb, 0x51f: 0xfb,
+	0x500: 0xfd, 0x501: 0xfd, 0x502: 0xfd, 0x503: 0xfd, 0x504: 0xfd, 0x505: 0xfd, 0x506: 0xfd, 0x507: 0xfd,
+	0x508: 0xfd, 0x509: 0xfd, 0x50a: 0xfd, 0x50b: 0xfd, 0x50c: 0xfd, 0x50d: 0xfd, 0x50e: 0xfd, 0x50f: 0xfd,
+	0x510: 0xfd, 0x511: 0xfd, 0x512: 0xfd, 0x513: 0xfd, 0x514: 0xfd, 0x515: 0xfd, 0x516: 0xfd, 0x517: 0xfd,
+	0x518: 0xfd, 0x519: 0xfd, 0x51a: 0xfd, 0x51b: 0xfd, 0x51c: 0xfd, 0x51d: 0xfd, 0x51e: 0xfd, 0x51f: 0xfd,
 	0x520: 0xa0, 0x521: 0xa0, 0x522: 0xa0, 0x523: 0xa0, 0x524: 0xa0, 0x525: 0xa0, 0x526: 0xa0, 0x527: 0xa0,
-	0x528: 0x14d, 0x529: 0x15c, 0x52a: 0xfb, 0x52b: 0x15d, 0x52c: 0x15e, 0x52d: 0x15f, 0x52e: 0x160, 0x52f: 0xfb,
-	0x530: 0xfb, 0x531: 0xfb, 0x532: 0xfb, 0x533: 0xfb, 0x534: 0xfb, 0x535: 0xfb, 0x536: 0xfb, 0x537: 0xfb,
-	0x538: 0xfb, 0x539: 0x161, 0x53a: 0x162, 0x53b: 0xfb, 0x53c: 0xa0, 0x53d: 0x163, 0x53e: 0x164, 0x53f: 0x165,
+	0x528: 0x14f, 0x529: 0x15e, 0x52a: 0xfd, 0x52b: 0x15f, 0x52c: 0x160, 0x52d: 0x161, 0x52e: 0x162, 0x52f: 0xfd,
+	0x530: 0xfd, 0x531: 0xfd, 0x532: 0xfd, 0x533: 0xfd, 0x534: 0xfd, 0x535: 0xfd, 0x536: 0xfd, 0x537: 0xfd,
+	0x538: 0xfd, 0x539: 0x163, 0x53a: 0x164, 0x53b: 0xfd, 0x53c: 0xa0, 0x53d: 0x165, 0x53e: 0x166, 0x53f: 0x167,
 	// Block 0x15, offset 0x540
 	0x540: 0xa0, 0x541: 0xa0, 0x542: 0xa0, 0x543: 0xa0, 0x544: 0xa0, 0x545: 0xa0, 0x546: 0xa0, 0x547: 0xa0,
 	0x548: 0xa0, 0x549: 0xa0, 0x54a: 0xa0, 0x54b: 0xa0, 0x54c: 0xa0, 0x54d: 0xa0, 0x54e: 0xa0, 0x54f: 0xa0,
 	0x550: 0xa0, 0x551: 0xa0, 0x552: 0xa0, 0x553: 0xa0, 0x554: 0xa0, 0x555: 0xa0, 0x556: 0xa0, 0x557: 0xa0,
-	0x558: 0xa0, 0x559: 0xa0, 0x55a: 0xa0, 0x55b: 0xa0, 0x55c: 0xa0, 0x55d: 0xa0, 0x55e: 0xa0, 0x55f: 0x166,
+	0x558: 0xa0, 0x559: 0xa0, 0x55a: 0xa0, 0x55b: 0xa0, 0x55c: 0xa0, 0x55d: 0xa0, 0x55e: 0xa0, 0x55f: 0x168,
 	0x560: 0xa0, 0x561: 0xa0, 0x562: 0xa0, 0x563: 0xa0, 0x564: 0xa0, 0x565: 0xa0, 0x566: 0xa0, 0x567: 0xa0,
 	0x568: 0xa0, 0x569: 0xa0, 0x56a: 0xa0, 0x56b: 0xa0, 0x56c: 0xa0, 0x56d: 0xa0, 0x56e: 0xa0, 0x56f: 0xa0,
-	0x570: 0xa0, 0x571: 0xa0, 0x572: 0xa0, 0x573: 0x167, 0x574: 0x168, 0x575: 0xfb, 0x576: 0xfb, 0x577: 0xfb,
-	0x578: 0xfb, 0x579: 0xfb, 0x57a: 0xfb, 0x57b: 0xfb, 0x57c: 0xfb, 0x57d: 0xfb, 0x57e: 0xfb, 0x57f: 0xfb,
+	0x570: 0xa0, 0x571: 0xa0, 0x572: 0xa0, 0x573: 0x169, 0x574: 0x16a, 0x575: 0xfd, 0x576: 0xfd, 0x577: 0xfd,
+	0x578: 0xfd, 0x579: 0xfd, 0x57a: 0xfd, 0x57b: 0xfd, 0x57c: 0xfd, 0x57d: 0xfd, 0x57e: 0xfd, 0x57f: 0xfd,
 	// Block 0x16, offset 0x580
-	0x580: 0xa0, 0x581: 0xa0, 0x582: 0xa0, 0x583: 0xa0, 0x584: 0x169, 0x585: 0x16a, 0x586: 0xa0, 0x587: 0xa0,
-	0x588: 0xa0, 0x589: 0xa0, 0x58a: 0xa0, 0x58b: 0x16b, 0x58c: 0xfb, 0x58d: 0xfb, 0x58e: 0xfb, 0x58f: 0xfb,
-	0x590: 0xfb, 0x591: 0xfb, 0x592: 0xfb, 0x593: 0xfb, 0x594: 0xfb, 0x595: 0xfb, 0x596: 0xfb, 0x597: 0xfb,
-	0x598: 0xfb, 0x599: 0xfb, 0x59a: 0xfb, 0x59b: 0xfb, 0x59c: 0xfb, 0x59d: 0xfb, 0x59e: 0xfb, 0x59f: 0xfb,
-	0x5a0: 0xfb, 0x5a1: 0xfb, 0x5a2: 0xfb, 0x5a3: 0xfb, 0x5a4: 0xfb, 0x5a5: 0xfb, 0x5a6: 0xfb, 0x5a7: 0xfb,
-	0x5a8: 0xfb, 0x5a9: 0xfb, 0x5aa: 0xfb, 0x5ab: 0xfb, 0x5ac: 0xfb, 0x5ad: 0xfb, 0x5ae: 0xfb, 0x5af: 0xfb,
-	0x5b0: 0xa0, 0x5b1: 0x16c, 0x5b2: 0x16d, 0x5b3: 0xfb, 0x5b4: 0xfb, 0x5b5: 0xfb, 0x5b6: 0xfb, 0x5b7: 0xfb,
-	0x5b8: 0xfb, 0x5b9: 0xfb, 0x5ba: 0xfb, 0x5bb: 0xfb, 0x5bc: 0xfb, 0x5bd: 0xfb, 0x5be: 0xfb, 0x5bf: 0xfb,
+	0x580: 0xa0, 0x581: 0xa0, 0x582: 0xa0, 0x583: 0xa0, 0x584: 0x16b, 0x585: 0x16c, 0x586: 0xa0, 0x587: 0xa0,
+	0x588: 0xa0, 0x589: 0xa0, 0x58a: 0xa0, 0x58b: 0x16d, 0x58c: 0xfd, 0x58d: 0xfd, 0x58e: 0xfd, 0x58f: 0xfd,
+	0x590: 0xfd, 0x591: 0xfd, 0x592: 0xfd, 0x593: 0xfd, 0x594: 0xfd, 0x595: 0xfd, 0x596: 0xfd, 0x597: 0xfd,
+	0x598: 0xfd, 0x599: 0xfd, 0x59a: 0xfd, 0x59b: 0xfd, 0x59c: 0xfd, 0x59d: 0xfd, 0x59e: 0xfd, 0x59f: 0xfd,
+	0x5a0: 0xfd, 0x5a1: 0xfd, 0x5a2: 0xfd, 0x5a3: 0xfd, 0x5a4: 0xfd, 0x5a5: 0xfd, 0x5a6: 0xfd, 0x5a7: 0xfd,
+	0x5a8: 0xfd, 0x5a9: 0xfd, 0x5aa: 0xfd, 0x5ab: 0xfd, 0x5ac: 0xfd, 0x5ad: 0xfd, 0x5ae: 0xfd, 0x5af: 0xfd,
+	0x5b0: 0xa0, 0x5b1: 0x16e, 0x5b2: 0x16f, 0x5b3: 0xfd, 0x5b4: 0xfd, 0x5b5: 0xfd, 0x5b6: 0xfd, 0x5b7: 0xfd,
+	0x5b8: 0xfd, 0x5b9: 0xfd, 0x5ba: 0xfd, 0x5bb: 0xfd, 0x5bc: 0xfd, 0x5bd: 0xfd, 0x5be: 0xfd, 0x5bf: 0xfd,
 	// Block 0x17, offset 0x5c0
-	0x5c0: 0x9c, 0x5c1: 0x9c, 0x5c2: 0x9c, 0x5c3: 0x16e, 0x5c4: 0x16f, 0x5c5: 0x170, 0x5c6: 0x171, 0x5c7: 0x172,
-	0x5c8: 0x9c, 0x5c9: 0x173, 0x5ca: 0xfb, 0x5cb: 0x174, 0x5cc: 0x9c, 0x5cd: 0x175, 0x5ce: 0xfb, 0x5cf: 0xfb,
-	0x5d0: 0x60, 0x5d1: 0x61, 0x5d2: 0x62, 0x5d3: 0x63, 0x5d4: 0x64, 0x5d5: 0x65, 0x5d6: 0x66, 0x5d7: 0x67,
-	0x5d8: 0x68, 0x5d9: 0x69, 0x5da: 0x6a, 0x5db: 0x6b, 0x5dc: 0x6c, 0x5dd: 0x6d, 0x5de: 0x6e, 0x5df: 0x6f,
+	0x5c0: 0x9c, 0x5c1: 0x9c, 0x5c2: 0x9c, 0x5c3: 0x170, 0x5c4: 0x171, 0x5c5: 0x172, 0x5c6: 0x173, 0x5c7: 0x174,
+	0x5c8: 0x9c, 0x5c9: 0x175, 0x5ca: 0xfd, 0x5cb: 0x176, 0x5cc: 0x9c, 0x5cd: 0x177, 0x5ce: 0xfd, 0x5cf: 0xfd,
+	0x5d0: 0x5e, 0x5d1: 0x5f, 0x5d2: 0x60, 0x5d3: 0x61, 0x5d4: 0x62, 0x5d5: 0x63, 0x5d6: 0x64, 0x5d7: 0x65,
+	0x5d8: 0x66, 0x5d9: 0x67, 0x5da: 0x68, 0x5db: 0x69, 0x5dc: 0x6a, 0x5dd: 0x6b, 0x5de: 0x6c, 0x5df: 0x6d,
 	0x5e0: 0x9c, 0x5e1: 0x9c, 0x5e2: 0x9c, 0x5e3: 0x9c, 0x5e4: 0x9c, 0x5e5: 0x9c, 0x5e6: 0x9c, 0x5e7: 0x9c,
-	0x5e8: 0x176, 0x5e9: 0x177, 0x5ea: 0x178, 0x5eb: 0xfb, 0x5ec: 0xfb, 0x5ed: 0xfb, 0x5ee: 0xfb, 0x5ef: 0xfb,
-	0x5f0: 0xfb, 0x5f1: 0xfb, 0x5f2: 0xfb, 0x5f3: 0xfb, 0x5f4: 0xfb, 0x5f5: 0xfb, 0x5f6: 0xfb, 0x5f7: 0xfb,
-	0x5f8: 0xfb, 0x5f9: 0xfb, 0x5fa: 0xfb, 0x5fb: 0xfb, 0x5fc: 0xfb, 0x5fd: 0xfb, 0x5fe: 0xfb, 0x5ff: 0xfb,
+	0x5e8: 0x178, 0x5e9: 0x179, 0x5ea: 0x17a, 0x5eb: 0xfd, 0x5ec: 0xfd, 0x5ed: 0xfd, 0x5ee: 0xfd, 0x5ef: 0xfd,
+	0x5f0: 0xfd, 0x5f1: 0xfd, 0x5f2: 0xfd, 0x5f3: 0xfd, 0x5f4: 0xfd, 0x5f5: 0xfd, 0x5f6: 0xfd, 0x5f7: 0xfd,
+	0x5f8: 0xfd, 0x5f9: 0xfd, 0x5fa: 0xfd, 0x5fb: 0xfd, 0x5fc: 0xfd, 0x5fd: 0xfd, 0x5fe: 0xfd, 0x5ff: 0xfd,
 	// Block 0x18, offset 0x600
-	0x600: 0x179, 0x601: 0xfb, 0x602: 0xfb, 0x603: 0xfb, 0x604: 0x17a, 0x605: 0x17b, 0x606: 0xfb, 0x607: 0xfb,
-	0x608: 0xfb, 0x609: 0xfb, 0x60a: 0xfb, 0x60b: 0x17c, 0x60c: 0xfb, 0x60d: 0xfb, 0x60e: 0xfb, 0x60f: 0xfb,
-	0x610: 0xfb, 0x611: 0xfb, 0x612: 0xfb, 0x613: 0xfb, 0x614: 0xfb, 0x615: 0xfb, 0x616: 0xfb, 0x617: 0xfb,
-	0x618: 0xfb, 0x619: 0xfb, 0x61a: 0xfb, 0x61b: 0xfb, 0x61c: 0xfb, 0x61d: 0xfb, 0x61e: 0xfb, 0x61f: 0xfb,
-	0x620: 0x123, 0x621: 0x123, 0x622: 0x123, 0x623: 0x17d, 0x624: 0x70, 0x625: 0x17e, 0x626: 0xfb, 0x627: 0xfb,
-	0x628: 0xfb, 0x629: 0xfb, 0x62a: 0xfb, 0x62b: 0xfb, 0x62c: 0xfb, 0x62d: 0xfb, 0x62e: 0xfb, 0x62f: 0xfb,
-	0x630: 0xfb, 0x631: 0x17f, 0x632: 0x180, 0x633: 0xfb, 0x634: 0x181, 0x635: 0xfb, 0x636: 0xfb, 0x637: 0xfb,
-	0x638: 0x71, 0x639: 0x72, 0x63a: 0x73, 0x63b: 0x182, 0x63c: 0xfb, 0x63d: 0xfb, 0x63e: 0xfb, 0x63f: 0xfb,
+	0x600: 0x17b, 0x601: 0xfd, 0x602: 0xfd, 0x603: 0xfd, 0x604: 0x17c, 0x605: 0x17d, 0x606: 0xfd, 0x607: 0xfd,
+	0x608: 0xfd, 0x609: 0xfd, 0x60a: 0xfd, 0x60b: 0x17e, 0x60c: 0xfd, 0x60d: 0xfd, 0x60e: 0xfd, 0x60f: 0xfd,
+	0x610: 0xfd, 0x611: 0xfd, 0x612: 0xfd, 0x613: 0xfd, 0x614: 0xfd, 0x615: 0xfd, 0x616: 0xfd, 0x617: 0xfd,
+	0x618: 0xfd, 0x619: 0xfd, 0x61a: 0xfd, 0x61b: 0xfd, 0x61c: 0xfd, 0x61d: 0xfd, 0x61e: 0xfd, 0x61f: 0xfd,
+	0x620: 0x125, 0x621: 0x125, 0x622: 0x125, 0x623: 0x17f, 0x624: 0x6e, 0x625: 0x180, 0x626: 0xfd, 0x627: 0xfd,
+	0x628: 0xfd, 0x629: 0xfd, 0x62a: 0xfd, 0x62b: 0xfd, 0x62c: 0xfd, 0x62d: 0xfd, 0x62e: 0xfd, 0x62f: 0xfd,
+	0x630: 0xfd, 0x631: 0x181, 0x632: 0x182, 0x633: 0xfd, 0x634: 0x183, 0x635: 0xfd, 0x636: 0xfd, 0x637: 0xfd,
+	0x638: 0x6f, 0x639: 0x70, 0x63a: 0x71, 0x63b: 0x184, 0x63c: 0xfd, 0x63d: 0xfd, 0x63e: 0xfd, 0x63f: 0xfd,
 	// Block 0x19, offset 0x640
-	0x640: 0x183, 0x641: 0x9c, 0x642: 0x184, 0x643: 0x185, 0x644: 0x74, 0x645: 0x75, 0x646: 0x186, 0x647: 0x187,
-	0x648: 0x76, 0x649: 0x188, 0x64a: 0xfb, 0x64b: 0xfb, 0x64c: 0x9c, 0x64d: 0x9c, 0x64e: 0x9c, 0x64f: 0x9c,
+	0x640: 0x185, 0x641: 0x9c, 0x642: 0x186, 0x643: 0x187, 0x644: 0x72, 0x645: 0x73, 0x646: 0x188, 0x647: 0x189,
+	0x648: 0x74, 0x649: 0x18a, 0x64a: 0xfd, 0x64b: 0xfd, 0x64c: 0x9c, 0x64d: 0x9c, 0x64e: 0x9c, 0x64f: 0x9c,
 	0x650: 0x9c, 0x651: 0x9c, 0x652: 0x9c, 0x653: 0x9c, 0x654: 0x9c, 0x655: 0x9c, 0x656: 0x9c, 0x657: 0x9c,
-	0x658: 0x9c, 0x659: 0x9c, 0x65a: 0x9c, 0x65b: 0x189, 0x65c: 0x9c, 0x65d: 0x18a, 0x65e: 0x9c, 0x65f: 0x18b,
-	0x660: 0x18c, 0x661: 0x18d, 0x662: 0x18e, 0x663: 0xfb, 0x664: 0x9c, 0x665: 0x18f, 0x666: 0x9c, 0x667: 0x190,
-	0x668: 0x9c, 0x669: 0x191, 0x66a: 0x192, 0x66b: 0x193, 0x66c: 0x9c, 0x66d: 0x9c, 0x66e: 0x194, 0x66f: 0x195,
-	0x670: 0xfb, 0x671: 0xfb, 0x672: 0xfb, 0x673: 0xfb, 0x674: 0xfb, 0x675: 0xfb, 0x676: 0xfb, 0x677: 0xfb,
-	0x678: 0xfb, 0x679: 0xfb, 0x67a: 0xfb, 0x67b: 0xfb, 0x67c: 0xfb, 0x67d: 0xfb, 0x67e: 0xfb, 0x67f: 0xfb,
+	0x658: 0x9c, 0x659: 0x9c, 0x65a: 0x9c, 0x65b: 0x18b, 0x65c: 0x9c, 0x65d: 0x18c, 0x65e: 0x9c, 0x65f: 0x18d,
+	0x660: 0x18e, 0x661: 0x18f, 0x662: 0x190, 0x663: 0xfd, 0x664: 0x9c, 0x665: 0x191, 0x666: 0x9c, 0x667: 0x192,
+	0x668: 0x9c, 0x669: 0x193, 0x66a: 0x194, 0x66b: 0x195, 0x66c: 0x9c, 0x66d: 0x9c, 0x66e: 0x196, 0x66f: 0x197,
+	0x670: 0xfd, 0x671: 0xfd, 0x672: 0xfd, 0x673: 0xfd, 0x674: 0xfd, 0x675: 0xfd, 0x676: 0xfd, 0x677: 0xfd,
+	0x678: 0xfd, 0x679: 0xfd, 0x67a: 0xfd, 0x67b: 0xfd, 0x67c: 0xfd, 0x67d: 0xfd, 0x67e: 0xfd, 0x67f: 0xfd,
 	// Block 0x1a, offset 0x680
 	0x680: 0xa0, 0x681: 0xa0, 0x682: 0xa0, 0x683: 0xa0, 0x684: 0xa0, 0x685: 0xa0, 0x686: 0xa0, 0x687: 0xa0,
 	0x688: 0xa0, 0x689: 0xa0, 0x68a: 0xa0, 0x68b: 0xa0, 0x68c: 0xa0, 0x68d: 0xa0, 0x68e: 0xa0, 0x68f: 0xa0,
 	0x690: 0xa0, 0x691: 0xa0, 0x692: 0xa0, 0x693: 0xa0, 0x694: 0xa0, 0x695: 0xa0, 0x696: 0xa0, 0x697: 0xa0,
-	0x698: 0xa0, 0x699: 0xa0, 0x69a: 0xa0, 0x69b: 0x196, 0x69c: 0xa0, 0x69d: 0xa0, 0x69e: 0xa0, 0x69f: 0xa0,
+	0x698: 0xa0, 0x699: 0xa0, 0x69a: 0xa0, 0x69b: 0x198, 0x69c: 0xa0, 0x69d: 0xa0, 0x69e: 0xa0, 0x69f: 0xa0,
 	0x6a0: 0xa0, 0x6a1: 0xa0, 0x6a2: 0xa0, 0x6a3: 0xa0, 0x6a4: 0xa0, 0x6a5: 0xa0, 0x6a6: 0xa0, 0x6a7: 0xa0,
 	0x6a8: 0xa0, 0x6a9: 0xa0, 0x6aa: 0xa0, 0x6ab: 0xa0, 0x6ac: 0xa0, 0x6ad: 0xa0, 0x6ae: 0xa0, 0x6af: 0xa0,
 	0x6b0: 0xa0, 0x6b1: 0xa0, 0x6b2: 0xa0, 0x6b3: 0xa0, 0x6b4: 0xa0, 0x6b5: 0xa0, 0x6b6: 0xa0, 0x6b7: 0xa0,
@@ -2312,8 +2455,8 @@ var idnaIndex = [2368]uint16{
 	0x6c0: 0xa0, 0x6c1: 0xa0, 0x6c2: 0xa0, 0x6c3: 0xa0, 0x6c4: 0xa0, 0x6c5: 0xa0, 0x6c6: 0xa0, 0x6c7: 0xa0,
 	0x6c8: 0xa0, 0x6c9: 0xa0, 0x6ca: 0xa0, 0x6cb: 0xa0, 0x6cc: 0xa0, 0x6cd: 0xa0, 0x6ce: 0xa0, 0x6cf: 0xa0,
 	0x6d0: 0xa0, 0x6d1: 0xa0, 0x6d2: 0xa0, 0x6d3: 0xa0, 0x6d4: 0xa0, 0x6d5: 0xa0, 0x6d6: 0xa0, 0x6d7: 0xa0,
-	0x6d8: 0xa0, 0x6d9: 0xa0, 0x6da: 0xa0, 0x6db: 0xa0, 0x6dc: 0x197, 0x6dd: 0xa0, 0x6de: 0xa0, 0x6df: 0xa0,
-	0x6e0: 0x198, 0x6e1: 0xa0, 0x6e2: 0xa0, 0x6e3: 0xa0, 0x6e4: 0xa0, 0x6e5: 0xa0, 0x6e6: 0xa0, 0x6e7: 0xa0,
+	0x6d8: 0xa0, 0x6d9: 0xa0, 0x6da: 0xa0, 0x6db: 0xa0, 0x6dc: 0x199, 0x6dd: 0xa0, 0x6de: 0xa0, 0x6df: 0xa0,
+	0x6e0: 0x19a, 0x6e1: 0xa0, 0x6e2: 0xa0, 0x6e3: 0xa0, 0x6e4: 0xa0, 0x6e5: 0xa0, 0x6e6: 0xa0, 0x6e7: 0xa0,
 	0x6e8: 0xa0, 0x6e9: 0xa0, 0x6ea: 0xa0, 0x6eb: 0xa0, 0x6ec: 0xa0, 0x6ed: 0xa0, 0x6ee: 0xa0, 0x6ef: 0xa0,
 	0x6f0: 0xa0, 0x6f1: 0xa0, 0x6f2: 0xa0, 0x6f3: 0xa0, 0x6f4: 0xa0, 0x6f5: 0xa0, 0x6f6: 0xa0, 0x6f7: 0xa0,
 	0x6f8: 0xa0, 0x6f9: 0xa0, 0x6fa: 0xa0, 0x6fb: 0xa0, 0x6fc: 0xa0, 0x6fd: 0xa0, 0x6fe: 0xa0, 0x6ff: 0xa0,
@@ -2325,34 +2468,34 @@ var idnaIndex = [2368]uint16{
 	0x720: 0xa0, 0x721: 0xa0, 0x722: 0xa0, 0x723: 0xa0, 0x724: 0xa0, 0x725: 0xa0, 0x726: 0xa0, 0x727: 0xa0,
 	0x728: 0xa0, 0x729: 0xa0, 0x72a: 0xa0, 0x72b: 0xa0, 0x72c: 0xa0, 0x72d: 0xa0, 0x72e: 0xa0, 0x72f: 0xa0,
 	0x730: 0xa0, 0x731: 0xa0, 0x732: 0xa0, 0x733: 0xa0, 0x734: 0xa0, 0x735: 0xa0, 0x736: 0xa0, 0x737: 0xa0,
-	0x738: 0xa0, 0x739: 0xa0, 0x73a: 0x199, 0x73b: 0xa0, 0x73c: 0xa0, 0x73d: 0xa0, 0x73e: 0xa0, 0x73f: 0xa0,
+	0x738: 0xa0, 0x739: 0xa0, 0x73a: 0x19b, 0x73b: 0xa0, 0x73c: 0xa0, 0x73d: 0xa0, 0x73e: 0xa0, 0x73f: 0xa0,
 	// Block 0x1d, offset 0x740
 	0x740: 0xa0, 0x741: 0xa0, 0x742: 0xa0, 0x743: 0xa0, 0x744: 0xa0, 0x745: 0xa0, 0x746: 0xa0, 0x747: 0xa0,
 	0x748: 0xa0, 0x749: 0xa0, 0x74a: 0xa0, 0x74b: 0xa0, 0x74c: 0xa0, 0x74d: 0xa0, 0x74e: 0xa0, 0x74f: 0xa0,
 	0x750: 0xa0, 0x751: 0xa0, 0x752: 0xa0, 0x753: 0xa0, 0x754: 0xa0, 0x755: 0xa0, 0x756: 0xa0, 0x757: 0xa0,
 	0x758: 0xa0, 0x759: 0xa0, 0x75a: 0xa0, 0x75b: 0xa0, 0x75c: 0xa0, 0x75d: 0xa0, 0x75e: 0xa0, 0x75f: 0xa0,
 	0x760: 0xa0, 0x761: 0xa0, 0x762: 0xa0, 0x763: 0xa0, 0x764: 0xa0, 0x765: 0xa0, 0x766: 0xa0, 0x767: 0xa0,
-	0x768: 0xa0, 0x769: 0xa0, 0x76a: 0xa0, 0x76b: 0xa0, 0x76c: 0xa0, 0x76d: 0xa0, 0x76e: 0xa0, 0x76f: 0x19a,
-	0x770: 0xfb, 0x771: 0xfb, 0x772: 0xfb, 0x773: 0xfb, 0x774: 0xfb, 0x775: 0xfb, 0x776: 0xfb, 0x777: 0xfb,
-	0x778: 0xfb, 0x779: 0xfb, 0x77a: 0xfb, 0x77b: 0xfb, 0x77c: 0xfb, 0x77d: 0xfb, 0x77e: 0xfb, 0x77f: 0xfb,
+	0x768: 0xa0, 0x769: 0xa0, 0x76a: 0xa0, 0x76b: 0xa0, 0x76c: 0xa0, 0x76d: 0xa0, 0x76e: 0xa0, 0x76f: 0x19c,
+	0x770: 0xfd, 0x771: 0xfd, 0x772: 0xfd, 0x773: 0xfd, 0x774: 0xfd, 0x775: 0xfd, 0x776: 0xfd, 0x777: 0xfd,
+	0x778: 0xfd, 0x779: 0xfd, 0x77a: 0xfd, 0x77b: 0xfd, 0x77c: 0xfd, 0x77d: 0xfd, 0x77e: 0xfd, 0x77f: 0xfd,
 	// Block 0x1e, offset 0x780
-	0x780: 0xfb, 0x781: 0xfb, 0x782: 0xfb, 0x783: 0xfb, 0x784: 0xfb, 0x785: 0xfb, 0x786: 0xfb, 0x787: 0xfb,
-	0x788: 0xfb, 0x789: 0xfb, 0x78a: 0xfb, 0x78b: 0xfb, 0x78c: 0xfb, 0x78d: 0xfb, 0x78e: 0xfb, 0x78f: 0xfb,
-	0x790: 0xfb, 0x791: 0xfb, 0x792: 0xfb, 0x793: 0xfb, 0x794: 0xfb, 0x795: 0xfb, 0x796: 0xfb, 0x797: 0xfb,
-	0x798: 0xfb, 0x799: 0xfb, 0x79a: 0xfb, 0x79b: 0xfb, 0x79c: 0xfb, 0x79d: 0xfb, 0x79e: 0xfb, 0x79f: 0xfb,
-	0x7a0: 0x77, 0x7a1: 0x78, 0x7a2: 0x79, 0x7a3: 0x19b, 0x7a4: 0x7a, 0x7a5: 0x7b, 0x7a6: 0x19c, 0x7a7: 0x7c,
-	0x7a8: 0x7d, 0x7a9: 0xfb, 0x7aa: 0xfb, 0x7ab: 0xfb, 0x7ac: 0xfb, 0x7ad: 0xfb, 0x7ae: 0xfb, 0x7af: 0xfb,
-	0x7b0: 0xfb, 0x7b1: 0xfb, 0x7b2: 0xfb, 0x7b3: 0xfb, 0x7b4: 0xfb, 0x7b5: 0xfb, 0x7b6: 0xfb, 0x7b7: 0xfb,
-	0x7b8: 0xfb, 0x7b9: 0xfb, 0x7ba: 0xfb, 0x7bb: 0xfb, 0x7bc: 0xfb, 0x7bd: 0xfb, 0x7be: 0xfb, 0x7bf: 0xfb,
+	0x780: 0xfd, 0x781: 0xfd, 0x782: 0xfd, 0x783: 0xfd, 0x784: 0xfd, 0x785: 0xfd, 0x786: 0xfd, 0x787: 0xfd,
+	0x788: 0xfd, 0x789: 0xfd, 0x78a: 0xfd, 0x78b: 0xfd, 0x78c: 0xfd, 0x78d: 0xfd, 0x78e: 0xfd, 0x78f: 0xfd,
+	0x790: 0xfd, 0x791: 0xfd, 0x792: 0xfd, 0x793: 0xfd, 0x794: 0xfd, 0x795: 0xfd, 0x796: 0xfd, 0x797: 0xfd,
+	0x798: 0xfd, 0x799: 0xfd, 0x79a: 0xfd, 0x79b: 0xfd, 0x79c: 0xfd, 0x79d: 0xfd, 0x79e: 0xfd, 0x79f: 0xfd,
+	0x7a0: 0x75, 0x7a1: 0x76, 0x7a2: 0x77, 0x7a3: 0x78, 0x7a4: 0x79, 0x7a5: 0x7a, 0x7a6: 0x7b, 0x7a7: 0x7c,
+	0x7a8: 0x7d, 0x7a9: 0xfd, 0x7aa: 0xfd, 0x7ab: 0xfd, 0x7ac: 0xfd, 0x7ad: 0xfd, 0x7ae: 0xfd, 0x7af: 0xfd,
+	0x7b0: 0xfd, 0x7b1: 0xfd, 0x7b2: 0xfd, 0x7b3: 0xfd, 0x7b4: 0xfd, 0x7b5: 0xfd, 0x7b6: 0xfd, 0x7b7: 0xfd,
+	0x7b8: 0xfd, 0x7b9: 0xfd, 0x7ba: 0xfd, 0x7bb: 0xfd, 0x7bc: 0xfd, 0x7bd: 0xfd, 0x7be: 0xfd, 0x7bf: 0xfd,
 	// Block 0x1f, offset 0x7c0
 	0x7c0: 0xa0, 0x7c1: 0xa0, 0x7c2: 0xa0, 0x7c3: 0xa0, 0x7c4: 0xa0, 0x7c5: 0xa0, 0x7c6: 0xa0, 0x7c7: 0xa0,
-	0x7c8: 0xa0, 0x7c9: 0xa0, 0x7ca: 0xa0, 0x7cb: 0xa0, 0x7cc: 0xa0, 0x7cd: 0x19d, 0x7ce: 0xfb, 0x7cf: 0xfb,
-	0x7d0: 0xfb, 0x7d1: 0xfb, 0x7d2: 0xfb, 0x7d3: 0xfb, 0x7d4: 0xfb, 0x7d5: 0xfb, 0x7d6: 0xfb, 0x7d7: 0xfb,
-	0x7d8: 0xfb, 0x7d9: 0xfb, 0x7da: 0xfb, 0x7db: 0xfb, 0x7dc: 0xfb, 0x7dd: 0xfb, 0x7de: 0xfb, 0x7df: 0xfb,
-	0x7e0: 0xfb, 0x7e1: 0xfb, 0x7e2: 0xfb, 0x7e3: 0xfb, 0x7e4: 0xfb, 0x7e5: 0xfb, 0x7e6: 0xfb, 0x7e7: 0xfb,
-	0x7e8: 0xfb, 0x7e9: 0xfb, 0x7ea: 0xfb, 0x7eb: 0xfb, 0x7ec: 0xfb, 0x7ed: 0xfb, 0x7ee: 0xfb, 0x7ef: 0xfb,
-	0x7f0: 0xfb, 0x7f1: 0xfb, 0x7f2: 0xfb, 0x7f3: 0xfb, 0x7f4: 0xfb, 0x7f5: 0xfb, 0x7f6: 0xfb, 0x7f7: 0xfb,
-	0x7f8: 0xfb, 0x7f9: 0xfb, 0x7fa: 0xfb, 0x7fb: 0xfb, 0x7fc: 0xfb, 0x7fd: 0xfb, 0x7fe: 0xfb, 0x7ff: 0xfb,
+	0x7c8: 0xa0, 0x7c9: 0xa0, 0x7ca: 0xa0, 0x7cb: 0xa0, 0x7cc: 0xa0, 0x7cd: 0x19d, 0x7ce: 0xfd, 0x7cf: 0xfd,
+	0x7d0: 0xfd, 0x7d1: 0xfd, 0x7d2: 0xfd, 0x7d3: 0xfd, 0x7d4: 0xfd, 0x7d5: 0xfd, 0x7d6: 0xfd, 0x7d7: 0xfd,
+	0x7d8: 0xfd, 0x7d9: 0xfd, 0x7da: 0xfd, 0x7db: 0xfd, 0x7dc: 0xfd, 0x7dd: 0xfd, 0x7de: 0xfd, 0x7df: 0xfd,
+	0x7e0: 0xfd, 0x7e1: 0xfd, 0x7e2: 0xfd, 0x7e3: 0xfd, 0x7e4: 0xfd, 0x7e5: 0xfd, 0x7e6: 0xfd, 0x7e7: 0xfd,
+	0x7e8: 0xfd, 0x7e9: 0xfd, 0x7ea: 0xfd, 0x7eb: 0xfd, 0x7ec: 0xfd, 0x7ed: 0xfd, 0x7ee: 0xfd, 0x7ef: 0xfd,
+	0x7f0: 0xfd, 0x7f1: 0xfd, 0x7f2: 0xfd, 0x7f3: 0xfd, 0x7f4: 0xfd, 0x7f5: 0xfd, 0x7f6: 0xfd, 0x7f7: 0xfd,
+	0x7f8: 0xfd, 0x7f9: 0xfd, 0x7fa: 0xfd, 0x7fb: 0xfd, 0x7fc: 0xfd, 0x7fd: 0xfd, 0x7fe: 0xfd, 0x7ff: 0xfd,
 	// Block 0x20, offset 0x800
 	0x810: 0x0d, 0x811: 0x0e, 0x812: 0x0f, 0x813: 0x10, 0x814: 0x11, 0x815: 0x0b, 0x816: 0x12, 0x817: 0x07,
 	0x818: 0x13, 0x819: 0x0b, 0x81a: 0x0b, 0x81b: 0x14, 0x81c: 0x0b, 0x81d: 0x15, 0x81e: 0x16, 0x81f: 0x17,
@@ -2370,14 +2513,14 @@ var idnaIndex = [2368]uint16{
 	0x870: 0x0b, 0x871: 0x0b, 0x872: 0x0b, 0x873: 0x0b, 0x874: 0x0b, 0x875: 0x0b, 0x876: 0x0b, 0x877: 0x0b,
 	0x878: 0x0b, 0x879: 0x0b, 0x87a: 0x0b, 0x87b: 0x0b, 0x87c: 0x0b, 0x87d: 0x0b, 0x87e: 0x0b, 0x87f: 0x0b,
 	// Block 0x22, offset 0x880
-	0x880: 0x19e, 0x881: 0x19f, 0x882: 0xfb, 0x883: 0xfb, 0x884: 0x1a0, 0x885: 0x1a0, 0x886: 0x1a0, 0x887: 0x1a1,
-	0x888: 0xfb, 0x889: 0xfb, 0x88a: 0xfb, 0x88b: 0xfb, 0x88c: 0xfb, 0x88d: 0xfb, 0x88e: 0xfb, 0x88f: 0xfb,
-	0x890: 0xfb, 0x891: 0xfb, 0x892: 0xfb, 0x893: 0xfb, 0x894: 0xfb, 0x895: 0xfb, 0x896: 0xfb, 0x897: 0xfb,
-	0x898: 0xfb, 0x899: 0xfb, 0x89a: 0xfb, 0x89b: 0xfb, 0x89c: 0xfb, 0x89d: 0xfb, 0x89e: 0xfb, 0x89f: 0xfb,
-	0x8a0: 0xfb, 0x8a1: 0xfb, 0x8a2: 0xfb, 0x8a3: 0xfb, 0x8a4: 0xfb, 0x8a5: 0xfb, 0x8a6: 0xfb, 0x8a7: 0xfb,
-	0x8a8: 0xfb, 0x8a9: 0xfb, 0x8aa: 0xfb, 0x8ab: 0xfb, 0x8ac: 0xfb, 0x8ad: 0xfb, 0x8ae: 0xfb, 0x8af: 0xfb,
-	0x8b0: 0xfb, 0x8b1: 0xfb, 0x8b2: 0xfb, 0x8b3: 0xfb, 0x8b4: 0xfb, 0x8b5: 0xfb, 0x8b6: 0xfb, 0x8b7: 0xfb,
-	0x8b8: 0xfb, 0x8b9: 0xfb, 0x8ba: 0xfb, 0x8bb: 0xfb, 0x8bc: 0xfb, 0x8bd: 0xfb, 0x8be: 0xfb, 0x8bf: 0xfb,
+	0x880: 0x19e, 0x881: 0x19f, 0x882: 0xfd, 0x883: 0xfd, 0x884: 0x1a0, 0x885: 0x1a0, 0x886: 0x1a0, 0x887: 0x1a1,
+	0x888: 0xfd, 0x889: 0xfd, 0x88a: 0xfd, 0x88b: 0xfd, 0x88c: 0xfd, 0x88d: 0xfd, 0x88e: 0xfd, 0x88f: 0xfd,
+	0x890: 0xfd, 0x891: 0xfd, 0x892: 0xfd, 0x893: 0xfd, 0x894: 0xfd, 0x895: 0xfd, 0x896: 0xfd, 0x897: 0xfd,
+	0x898: 0xfd, 0x899: 0xfd, 0x89a: 0xfd, 0x89b: 0xfd, 0x89c: 0xfd, 0x89d: 0xfd, 0x89e: 0xfd, 0x89f: 0xfd,
+	0x8a0: 0xfd, 0x8a1: 0xfd, 0x8a2: 0xfd, 0x8a3: 0xfd, 0x8a4: 0xfd, 0x8a5: 0xfd, 0x8a6: 0xfd, 0x8a7: 0xfd,
+	0x8a8: 0xfd, 0x8a9: 0xfd, 0x8aa: 0xfd, 0x8ab: 0xfd, 0x8ac: 0xfd, 0x8ad: 0xfd, 0x8ae: 0xfd, 0x8af: 0xfd,
+	0x8b0: 0xfd, 0x8b1: 0xfd, 0x8b2: 0xfd, 0x8b3: 0xfd, 0x8b4: 0xfd, 0x8b5: 0xfd, 0x8b6: 0xfd, 0x8b7: 0xfd,
+	0x8b8: 0xfd, 0x8b9: 0xfd, 0x8ba: 0xfd, 0x8bb: 0xfd, 0x8bc: 0xfd, 0x8bd: 0xfd, 0x8be: 0xfd, 0x8bf: 0xfd,
 	// Block 0x23, offset 0x8c0
 	0x8c0: 0x0b, 0x8c1: 0x0b, 0x8c2: 0x0b, 0x8c3: 0x0b, 0x8c4: 0x0b, 0x8c5: 0x0b, 0x8c6: 0x0b, 0x8c7: 0x0b,
 	0x8c8: 0x0b, 0x8c9: 0x0b, 0x8ca: 0x0b, 0x8cb: 0x0b, 0x8cc: 0x0b, 0x8cd: 0x0b, 0x8ce: 0x0b, 0x8cf: 0x0b,
@@ -2393,10 +2536,10 @@ var idnaIndex = [2368]uint16{
 }
 
 // idnaSparseOffset: 292 entries, 584 bytes
-var idnaSparseOffset = []uint16{0x0, 0x8, 0x19, 0x25, 0x27, 0x2c, 0x33, 0x3e, 0x4a, 0x4e, 0x5d, 0x62, 0x6c, 0x78, 0x85, 0x8b, 0x94, 0xa4, 0xb2, 0xbd, 0xca, 0xdb, 0xe5, 0xec, 0xf9, 0x10a, 0x111, 0x11c, 0x12b, 0x139, 0x143, 0x145, 0x14a, 0x14d, 0x150, 0x152, 0x15e, 0x169, 0x171, 0x177, 0x17d, 0x182, 0x187, 0x18a, 0x18e, 0x194, 0x199, 0x1a5, 0x1af, 0x1b5, 0x1c6, 0x1d0, 0x1d3, 0x1db, 0x1de, 0x1eb, 0x1f3, 0x1f7, 0x1fe, 0x206, 0x216, 0x222, 0x225, 0x22f, 0x23b, 0x247, 0x253, 0x25b, 0x260, 0x26d, 0x27e, 0x282, 0x28d, 0x291, 0x29a, 0x2a2, 0x2a8, 0x2ad, 0x2b0, 0x2b4, 0x2ba, 0x2be, 0x2c2, 0x2c6, 0x2cc, 0x2d4, 0x2db, 0x2e6, 0x2f0, 0x2f4, 0x2f7, 0x2fd, 0x301, 0x303, 0x306, 0x308, 0x30b, 0x315, 0x318, 0x327, 0x32b, 0x330, 0x333, 0x337, 0x33c, 0x341, 0x347, 0x358, 0x368, 0x36e, 0x372, 0x381, 0x386, 0x38e, 0x398, 0x3a3, 0x3ab, 0x3bc, 0x3c5, 0x3d5, 0x3e2, 0x3ee, 0x3f3, 0x400, 0x404, 0x409, 0x40b, 0x40d, 0x411, 0x413, 0x417, 0x420, 0x426, 0x42a, 0x43a, 0x444, 0x449, 0x44c, 0x452, 0x459, 0x45e, 0x462, 0x468, 0x46d, 0x476, 0x47b, 0x481, 0x488, 0x48f, 0x496, 0x49a, 0x49f, 0x4a2, 0x4a7, 0x4b3, 0x4b9, 0x4be, 0x4c5, 0x4cd, 0x4d2, 0x4d6, 0x4e6, 0x4ed, 0x4f1, 0x4f5, 0x4fc, 0x4fe, 0x501, 0x504, 0x508, 0x511, 0x515, 0x51d, 0x525, 0x52d, 0x539, 0x545, 0x54b, 0x554, 0x560, 0x567, 0x570, 0x57b, 0x582, 0x591, 0x59e, 0x5ab, 0x5b4, 0x5b8, 0x5c7, 0x5cf, 0x5da, 0x5e3, 0x5e9, 0x5f1, 0x5fa, 0x605, 0x608, 0x614, 0x61d, 0x620, 0x625, 0x62e, 0x633, 0x640, 0x64b, 0x654, 0x65e, 0x661, 0x66b, 0x674, 0x680, 0x68d, 0x69a, 0x6a8, 0x6af, 0x6b3, 0x6b7, 0x6ba, 0x6bf, 0x6c2, 0x6c7, 0x6ca, 0x6d1, 0x6d8, 0x6dc, 0x6e7, 0x6ea, 0x6ed, 0x6f0, 0x6f6, 0x6fc, 0x705, 0x708, 0x70b, 0x70e, 0x711, 0x718, 0x71b, 0x720, 0x72a, 0x72d, 0x731, 0x740, 0x74c, 0x750, 0x755, 0x759, 0x75e, 0x762, 0x767, 0x770, 0x77b, 0x781, 0x787, 0x78d, 0x793, 0x79c, 0x79f, 0x7a2, 0x7a6, 0x7aa, 0x7ae, 0x7b4, 0x7ba, 0x7bf, 0x7c2, 0x7d2, 0x7d9, 0x7dc, 0x7e1, 0x7e5, 0x7eb, 0x7f2, 0x7f6, 0x7fa, 0x803, 0x80a, 0x80f, 0x813, 0x821, 0x824, 0x827, 0x82b, 0x82f, 0x832, 0x842, 0x853, 0x856, 0x85b, 0x85d, 0x85f}
+var idnaSparseOffset = []uint16{0x0, 0x8, 0x19, 0x25, 0x27, 0x2c, 0x33, 0x3e, 0x4a, 0x4e, 0x5d, 0x62, 0x6c, 0x78, 0x85, 0x8b, 0x94, 0xa4, 0xb2, 0xbd, 0xca, 0xdb, 0xe5, 0xec, 0xf9, 0x10a, 0x111, 0x11c, 0x12b, 0x139, 0x143, 0x145, 0x14a, 0x14d, 0x150, 0x152, 0x15e, 0x169, 0x171, 0x177, 0x17d, 0x182, 0x187, 0x18a, 0x18e, 0x194, 0x199, 0x1a5, 0x1af, 0x1b5, 0x1c6, 0x1d0, 0x1d3, 0x1db, 0x1de, 0x1eb, 0x1f3, 0x1f7, 0x1fe, 0x206, 0x216, 0x222, 0x225, 0x22f, 0x23b, 0x247, 0x253, 0x25b, 0x260, 0x26d, 0x27e, 0x282, 0x28d, 0x291, 0x29a, 0x2a2, 0x2a8, 0x2ad, 0x2b0, 0x2b4, 0x2ba, 0x2be, 0x2c2, 0x2c6, 0x2cc, 0x2d4, 0x2db, 0x2e6, 0x2f0, 0x2f4, 0x2f7, 0x2fd, 0x301, 0x303, 0x306, 0x308, 0x30b, 0x315, 0x318, 0x327, 0x32b, 0x32f, 0x331, 0x33a, 0x33d, 0x341, 0x346, 0x34b, 0x351, 0x362, 0x372, 0x378, 0x37c, 0x38b, 0x390, 0x398, 0x3a2, 0x3ad, 0x3b5, 0x3c6, 0x3cf, 0x3df, 0x3ec, 0x3f8, 0x3fd, 0x40a, 0x40e, 0x413, 0x415, 0x417, 0x41b, 0x41d, 0x421, 0x42a, 0x430, 0x434, 0x444, 0x44e, 0x453, 0x456, 0x45c, 0x463, 0x468, 0x46c, 0x472, 0x477, 0x480, 0x485, 0x48b, 0x492, 0x499, 0x4a0, 0x4a4, 0x4a9, 0x4ac, 0x4b1, 0x4bd, 0x4c3, 0x4c8, 0x4cf, 0x4d7, 0x4dc, 0x4e0, 0x4f0, 0x4f7, 0x4fb, 0x4ff, 0x506, 0x508, 0x50b, 0x50e, 0x512, 0x51b, 0x51f, 0x527, 0x52f, 0x537, 0x543, 0x54f, 0x555, 0x55e, 0x56a, 0x571, 0x57a, 0x585, 0x58c, 0x59b, 0x5a8, 0x5b5, 0x5be, 0x5c2, 0x5d1, 0x5d9, 0x5e4, 0x5ed, 0x5f3, 0x5fb, 0x604, 0x60f, 0x612, 0x61e, 0x627, 0x62a, 0x62f, 0x638, 0x63d, 0x64a, 0x655, 0x65e, 0x668, 0x66b, 0x675, 0x67e, 0x68a, 0x697, 0x6a4, 0x6b2, 0x6b9, 0x6bd, 0x6c1, 0x6c4, 0x6c9, 0x6cc, 0x6d1, 0x6d4, 0x6db, 0x6e2, 0x6e6, 0x6f1, 0x6f4, 0x6f7, 0x6fa, 0x700, 0x706, 0x70f, 0x712, 0x715, 0x718, 0x71b, 0x722, 0x725, 0x72a, 0x734, 0x737, 0x73b, 0x74a, 0x756, 0x75a, 0x75f, 0x763, 0x768, 0x76c, 0x771, 0x77a, 0x785, 0x78b, 0x791, 0x797, 0x79d, 0x7a6, 0x7a9, 0x7ac, 0x7b0, 0x7b4, 0x7b8, 0x7be, 0x7c4, 0x7c9, 0x7cc, 0x7dc, 0x7e3, 0x7e6, 0x7eb, 0x7ef, 0x7f5, 0x7fc, 0x800, 0x804, 0x80d, 0x814, 0x819, 0x81d, 0x82b, 0x82e, 0x831, 0x835, 0x839, 0x83c, 0x83f, 0x844, 0x846, 0x848}
 
-// idnaSparseValues: 2146 entries, 8584 bytes
-var idnaSparseValues = [2146]valueRange{
+// idnaSparseValues: 2123 entries, 8492 bytes
+var idnaSparseValues = [2123]valueRange{
 	// Block 0x0, offset 0x0
 	{value: 0x0000, lo: 0x07},
 	{value: 0xe105, lo: 0x80, hi: 0x96},
@@ -2427,15 +2570,15 @@ var idnaSparseValues = [2146]valueRange{
 	// Block 0x2, offset 0x19
 	{value: 0x0000, lo: 0x0b},
 	{value: 0x0008, lo: 0x80, hi: 0xaf},
-	{value: 0x0249, lo: 0xb0, hi: 0xb0},
+	{value: 0x00a9, lo: 0xb0, hi: 0xb0},
 	{value: 0x037d, lo: 0xb1, hi: 0xb1},
-	{value: 0x0259, lo: 0xb2, hi: 0xb2},
-	{value: 0x0269, lo: 0xb3, hi: 0xb3},
+	{value: 0x00b1, lo: 0xb2, hi: 0xb2},
+	{value: 0x00b9, lo: 0xb3, hi: 0xb3},
 	{value: 0x034d, lo: 0xb4, hi: 0xb4},
 	{value: 0x0395, lo: 0xb5, hi: 0xb5},
 	{value: 0xe1bd, lo: 0xb6, hi: 0xb6},
-	{value: 0x0279, lo: 0xb7, hi: 0xb7},
-	{value: 0x0289, lo: 0xb8, hi: 0xb8},
+	{value: 0x00c1, lo: 0xb7, hi: 0xb7},
+	{value: 0x00c9, lo: 0xb8, hi: 0xb8},
 	{value: 0x0008, lo: 0xb9, hi: 0xbf},
 	// Block 0x3, offset 0x25
 	{value: 0x0000, lo: 0x01},
@@ -2457,7 +2600,7 @@ var idnaSparseValues = [2146]valueRange{
 	// Block 0x6, offset 0x33
 	{value: 0x0000, lo: 0x0a},
 	{value: 0x0008, lo: 0x80, hi: 0x86},
-	{value: 0x0401, lo: 0x87, hi: 0x87},
+	{value: 0x0131, lo: 0x87, hi: 0x87},
 	{value: 0x0008, lo: 0x88, hi: 0x88},
 	{value: 0x0018, lo: 0x89, hi: 0x8a},
 	{value: 0x0040, lo: 0x8b, hi: 0x8c},
@@ -2643,7 +2786,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0x81, hi: 0xb0},
 	{value: 0x3308, lo: 0xb1, hi: 0xb1},
 	{value: 0x0008, lo: 0xb2, hi: 0xb2},
-	{value: 0x08f1, lo: 0xb3, hi: 0xb3},
+	{value: 0x01f1, lo: 0xb3, hi: 0xb3},
 	{value: 0x3308, lo: 0xb4, hi: 0xb9},
 	{value: 0x3b08, lo: 0xba, hi: 0xba},
 	{value: 0x0040, lo: 0xbb, hi: 0xbe},
@@ -2666,8 +2809,8 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x8e, hi: 0x8f},
 	{value: 0x0008, lo: 0x90, hi: 0x99},
 	{value: 0x0040, lo: 0x9a, hi: 0x9b},
-	{value: 0x0961, lo: 0x9c, hi: 0x9c},
-	{value: 0x0999, lo: 0x9d, hi: 0x9d},
+	{value: 0x0201, lo: 0x9c, hi: 0x9c},
+	{value: 0x0209, lo: 0x9d, hi: 0x9d},
 	{value: 0x0008, lo: 0x9e, hi: 0x9f},
 	{value: 0x0040, lo: 0xa0, hi: 0xbf},
 	// Block 0x18, offset 0xf9
@@ -3075,13 +3218,13 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0018, lo: 0xbe, hi: 0xbf},
 	// Block 0x44, offset 0x260
 	{value: 0x0000, lo: 0x0c},
-	{value: 0x0e29, lo: 0x80, hi: 0x80},
-	{value: 0x0e41, lo: 0x81, hi: 0x81},
-	{value: 0x0e59, lo: 0x82, hi: 0x82},
-	{value: 0x0e71, lo: 0x83, hi: 0x83},
-	{value: 0x0e89, lo: 0x84, hi: 0x85},
-	{value: 0x0ea1, lo: 0x86, hi: 0x86},
-	{value: 0x0eb9, lo: 0x87, hi: 0x87},
+	{value: 0x02a9, lo: 0x80, hi: 0x80},
+	{value: 0x02b1, lo: 0x81, hi: 0x81},
+	{value: 0x02b9, lo: 0x82, hi: 0x82},
+	{value: 0x02c1, lo: 0x83, hi: 0x83},
+	{value: 0x02c9, lo: 0x84, hi: 0x85},
+	{value: 0x02d1, lo: 0x86, hi: 0x86},
+	{value: 0x02d9, lo: 0x87, hi: 0x87},
 	{value: 0x057d, lo: 0x88, hi: 0x88},
 	{value: 0x0040, lo: 0x89, hi: 0x8f},
 	{value: 0x059d, lo: 0x90, hi: 0xba},
@@ -3133,18 +3276,18 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x83, hi: 0x83},
 	{value: 0x0008, lo: 0x84, hi: 0x84},
 	{value: 0x0018, lo: 0x85, hi: 0x88},
-	{value: 0x24c1, lo: 0x89, hi: 0x89},
+	{value: 0x0851, lo: 0x89, hi: 0x89},
 	{value: 0x0018, lo: 0x8a, hi: 0x8b},
 	{value: 0x0040, lo: 0x8c, hi: 0x8f},
 	{value: 0x0018, lo: 0x90, hi: 0xbf},
 	// Block 0x4a, offset 0x29a
 	{value: 0x0000, lo: 0x07},
 	{value: 0x0018, lo: 0x80, hi: 0xab},
-	{value: 0x24f1, lo: 0xac, hi: 0xac},
-	{value: 0x2529, lo: 0xad, hi: 0xad},
+	{value: 0x0859, lo: 0xac, hi: 0xac},
+	{value: 0x0861, lo: 0xad, hi: 0xad},
 	{value: 0x0018, lo: 0xae, hi: 0xae},
-	{value: 0x2579, lo: 0xaf, hi: 0xaf},
-	{value: 0x25b1, lo: 0xb0, hi: 0xb0},
+	{value: 0x0869, lo: 0xaf, hi: 0xaf},
+	{value: 0x0871, lo: 0xb0, hi: 0xb0},
 	{value: 0x0018, lo: 0xb1, hi: 0xbf},
 	// Block 0x4b, offset 0x2a2
 	{value: 0x0000, lo: 0x05},
@@ -3166,19 +3309,19 @@ var idnaSparseValues = [2146]valueRange{
 	// Block 0x4e, offset 0x2b0
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0018, lo: 0x80, hi: 0x8b},
-	{value: 0x28c1, lo: 0x8c, hi: 0x8c},
+	{value: 0x0929, lo: 0x8c, hi: 0x8c},
 	{value: 0x0018, lo: 0x8d, hi: 0xbf},
 	// Block 0x4f, offset 0x2b4
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0018, lo: 0x80, hi: 0xb3},
 	{value: 0x0e7e, lo: 0xb4, hi: 0xb4},
-	{value: 0x292a, lo: 0xb5, hi: 0xb5},
+	{value: 0x0932, lo: 0xb5, hi: 0xb5},
 	{value: 0x0e9e, lo: 0xb6, hi: 0xb6},
 	{value: 0x0018, lo: 0xb7, hi: 0xbf},
 	// Block 0x50, offset 0x2ba
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0018, lo: 0x80, hi: 0x9b},
-	{value: 0x2941, lo: 0x9c, hi: 0x9c},
+	{value: 0x0939, lo: 0x9c, hi: 0x9c},
 	{value: 0x0018, lo: 0x9d, hi: 0xbf},
 	// Block 0x51, offset 0x2be
 	{value: 0x0000, lo: 0x03},
@@ -3277,16 +3420,16 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0x80, hi: 0x96},
 	{value: 0x0040, lo: 0x97, hi: 0x98},
 	{value: 0x3308, lo: 0x99, hi: 0x9a},
-	{value: 0x29e2, lo: 0x9b, hi: 0x9b},
-	{value: 0x2a0a, lo: 0x9c, hi: 0x9c},
+	{value: 0x096a, lo: 0x9b, hi: 0x9b},
+	{value: 0x0972, lo: 0x9c, hi: 0x9c},
 	{value: 0x0008, lo: 0x9d, hi: 0x9e},
-	{value: 0x2a31, lo: 0x9f, hi: 0x9f},
+	{value: 0x0979, lo: 0x9f, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xa0},
 	{value: 0x0008, lo: 0xa1, hi: 0xbf},
 	// Block 0x61, offset 0x315
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0xbe},
-	{value: 0x2a69, lo: 0xbf, hi: 0xbf},
+	{value: 0x0981, lo: 0xbf, hi: 0xbf},
 	// Block 0x62, offset 0x318
 	{value: 0x0000, lo: 0x0e},
 	{value: 0x0040, lo: 0x80, hi: 0x84},
@@ -3309,46 +3452,58 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xa4, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xbf},
 	// Block 0x64, offset 0x32b
-	{value: 0x0030, lo: 0x04},
-	{value: 0x2aa2, lo: 0x80, hi: 0x9d},
-	{value: 0x305a, lo: 0x9e, hi: 0x9e},
+	{value: 0x0008, lo: 0x03},
+	{value: 0x098a, lo: 0x80, hi: 0x9e},
 	{value: 0x0040, lo: 0x9f, hi: 0x9f},
-	{value: 0x30a2, lo: 0xa0, hi: 0xbf},
-	// Block 0x65, offset 0x330
+	{value: 0x0a82, lo: 0xa0, hi: 0xbf},
+	// Block 0x65, offset 0x32f
+	{value: 0x0008, lo: 0x01},
+	{value: 0x0d19, lo: 0x80, hi: 0xbf},
+	// Block 0x66, offset 0x331
+	{value: 0x0008, lo: 0x08},
+	{value: 0x0f19, lo: 0x80, hi: 0xb0},
+	{value: 0x4045, lo: 0xb1, hi: 0xb1},
+	{value: 0x10a1, lo: 0xb2, hi: 0xb3},
+	{value: 0x4065, lo: 0xb4, hi: 0xb4},
+	{value: 0x10b1, lo: 0xb5, hi: 0xb7},
+	{value: 0x4085, lo: 0xb8, hi: 0xb8},
+	{value: 0x4085, lo: 0xb9, hi: 0xb9},
+	{value: 0x10c9, lo: 0xba, hi: 0xbf},
+	// Block 0x67, offset 0x33a
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0xbc},
 	{value: 0x0040, lo: 0xbd, hi: 0xbf},
-	// Block 0x66, offset 0x333
+	// Block 0x68, offset 0x33d
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0008, lo: 0x80, hi: 0x8c},
 	{value: 0x0040, lo: 0x8d, hi: 0x8f},
 	{value: 0x0018, lo: 0x90, hi: 0xbf},
-	// Block 0x67, offset 0x337
+	// Block 0x69, offset 0x341
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0018, lo: 0x80, hi: 0x86},
 	{value: 0x0040, lo: 0x87, hi: 0x8f},
 	{value: 0x0008, lo: 0x90, hi: 0xbd},
 	{value: 0x0018, lo: 0xbe, hi: 0xbf},
-	// Block 0x68, offset 0x33c
+	// Block 0x6a, offset 0x346
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0x8c},
 	{value: 0x0018, lo: 0x8d, hi: 0x8f},
 	{value: 0x0008, lo: 0x90, hi: 0xab},
 	{value: 0x0040, lo: 0xac, hi: 0xbf},
-	// Block 0x69, offset 0x341
+	// Block 0x6b, offset 0x34b
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0008, lo: 0x80, hi: 0xa5},
 	{value: 0x0018, lo: 0xa6, hi: 0xaf},
 	{value: 0x3308, lo: 0xb0, hi: 0xb1},
 	{value: 0x0018, lo: 0xb2, hi: 0xb7},
 	{value: 0x0040, lo: 0xb8, hi: 0xbf},
-	// Block 0x6a, offset 0x347
+	// Block 0x6c, offset 0x351
 	{value: 0x0000, lo: 0x10},
 	{value: 0x0040, lo: 0x80, hi: 0x81},
 	{value: 0xe00d, lo: 0x82, hi: 0x82},
 	{value: 0x0008, lo: 0x83, hi: 0x83},
 	{value: 0x03f5, lo: 0x84, hi: 0x84},
-	{value: 0x1329, lo: 0x85, hi: 0x85},
+	{value: 0x0479, lo: 0x85, hi: 0x85},
 	{value: 0x447d, lo: 0x86, hi: 0x86},
 	{value: 0xe07d, lo: 0x87, hi: 0x87},
 	{value: 0x0008, lo: 0x88, hi: 0x88},
@@ -3357,10 +3512,10 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x8b, hi: 0xb4},
 	{value: 0xe01d, lo: 0xb5, hi: 0xb5},
 	{value: 0x0008, lo: 0xb6, hi: 0xb7},
-	{value: 0x2009, lo: 0xb8, hi: 0xb8},
-	{value: 0x6ec1, lo: 0xb9, hi: 0xb9},
+	{value: 0x0741, lo: 0xb8, hi: 0xb8},
+	{value: 0x13f1, lo: 0xb9, hi: 0xb9},
 	{value: 0x0008, lo: 0xba, hi: 0xbf},
-	// Block 0x6b, offset 0x358
+	// Block 0x6d, offset 0x362
 	{value: 0x0000, lo: 0x0f},
 	{value: 0x0008, lo: 0x80, hi: 0x81},
 	{value: 0x3308, lo: 0x82, hi: 0x82},
@@ -3377,19 +3532,19 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xad, hi: 0xaf},
 	{value: 0x0018, lo: 0xb0, hi: 0xb9},
 	{value: 0x0040, lo: 0xba, hi: 0xbf},
-	// Block 0x6c, offset 0x368
+	// Block 0x6e, offset 0x372
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0208, lo: 0x80, hi: 0xb1},
 	{value: 0x0108, lo: 0xb2, hi: 0xb2},
 	{value: 0x0008, lo: 0xb3, hi: 0xb3},
 	{value: 0x0018, lo: 0xb4, hi: 0xb7},
 	{value: 0x0040, lo: 0xb8, hi: 0xbf},
-	// Block 0x6d, offset 0x36e
+	// Block 0x6f, offset 0x378
 	{value: 0x0000, lo: 0x03},
 	{value: 0x3008, lo: 0x80, hi: 0x81},
 	{value: 0x0008, lo: 0x82, hi: 0xb3},
 	{value: 0x3008, lo: 0xb4, hi: 0xbf},
-	// Block 0x6e, offset 0x372
+	// Block 0x70, offset 0x37c
 	{value: 0x0000, lo: 0x0e},
 	{value: 0x3008, lo: 0x80, hi: 0x83},
 	{value: 0x3b08, lo: 0x84, hi: 0x84},
@@ -3405,13 +3560,13 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0018, lo: 0xbc, hi: 0xbc},
 	{value: 0x0008, lo: 0xbd, hi: 0xbe},
 	{value: 0x3308, lo: 0xbf, hi: 0xbf},
-	// Block 0x6f, offset 0x381
+	// Block 0x71, offset 0x38b
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0xa5},
 	{value: 0x3308, lo: 0xa6, hi: 0xad},
 	{value: 0x0018, lo: 0xae, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xbf},
-	// Block 0x70, offset 0x386
+	// Block 0x72, offset 0x390
 	{value: 0x0000, lo: 0x07},
 	{value: 0x0008, lo: 0x80, hi: 0x86},
 	{value: 0x3308, lo: 0x87, hi: 0x91},
@@ -3420,7 +3575,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x94, hi: 0x9e},
 	{value: 0x0018, lo: 0x9f, hi: 0xbc},
 	{value: 0x0040, lo: 0xbd, hi: 0xbf},
-	// Block 0x71, offset 0x38e
+	// Block 0x73, offset 0x398
 	{value: 0x0000, lo: 0x09},
 	{value: 0x3308, lo: 0x80, hi: 0x82},
 	{value: 0x3008, lo: 0x83, hi: 0x83},
@@ -3431,7 +3586,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3008, lo: 0xba, hi: 0xbb},
 	{value: 0x3308, lo: 0xbc, hi: 0xbd},
 	{value: 0x3008, lo: 0xbe, hi: 0xbf},
-	// Block 0x72, offset 0x398
+	// Block 0x74, offset 0x3a2
 	{value: 0x0000, lo: 0x0a},
 	{value: 0x3808, lo: 0x80, hi: 0x80},
 	{value: 0x0018, lo: 0x81, hi: 0x8d},
@@ -3443,7 +3598,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xa5, hi: 0xa5},
 	{value: 0x0008, lo: 0xa6, hi: 0xbe},
 	{value: 0x0040, lo: 0xbf, hi: 0xbf},
-	// Block 0x73, offset 0x3a3
+	// Block 0x75, offset 0x3ad
 	{value: 0x0000, lo: 0x07},
 	{value: 0x0008, lo: 0x80, hi: 0xa8},
 	{value: 0x3308, lo: 0xa9, hi: 0xae},
@@ -3452,7 +3607,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3008, lo: 0xb3, hi: 0xb4},
 	{value: 0x3308, lo: 0xb5, hi: 0xb6},
 	{value: 0x0040, lo: 0xb7, hi: 0xbf},
-	// Block 0x74, offset 0x3ab
+	// Block 0x76, offset 0x3b5
 	{value: 0x0000, lo: 0x10},
 	{value: 0x0008, lo: 0x80, hi: 0x82},
 	{value: 0x3308, lo: 0x83, hi: 0x83},
@@ -3470,7 +3625,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xbc, hi: 0xbc},
 	{value: 0x3008, lo: 0xbd, hi: 0xbd},
 	{value: 0x0008, lo: 0xbe, hi: 0xbf},
-	// Block 0x75, offset 0x3bc
+	// Block 0x77, offset 0x3c6
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0008, lo: 0x80, hi: 0xaf},
 	{value: 0x3308, lo: 0xb0, hi: 0xb0},
@@ -3480,7 +3635,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xb7, hi: 0xb8},
 	{value: 0x0008, lo: 0xb9, hi: 0xbd},
 	{value: 0x3308, lo: 0xbe, hi: 0xbf},
-	// Block 0x76, offset 0x3c5
+	// Block 0x78, offset 0x3cf
 	{value: 0x0000, lo: 0x0f},
 	{value: 0x0008, lo: 0x80, hi: 0x80},
 	{value: 0x3308, lo: 0x81, hi: 0x81},
@@ -3497,7 +3652,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3008, lo: 0xb5, hi: 0xb5},
 	{value: 0x3b08, lo: 0xb6, hi: 0xb6},
 	{value: 0x0040, lo: 0xb7, hi: 0xbf},
-	// Block 0x77, offset 0x3d5
+	// Block 0x79, offset 0x3df
 	{value: 0x0000, lo: 0x0c},
 	{value: 0x0040, lo: 0x80, hi: 0x80},
 	{value: 0x0008, lo: 0x81, hi: 0x86},
@@ -3511,26 +3666,26 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0xa8, hi: 0xae},
 	{value: 0x0040, lo: 0xaf, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xbf},
-	// Block 0x78, offset 0x3e2
+	// Block 0x7a, offset 0x3ec
 	{value: 0x0000, lo: 0x0b},
 	{value: 0x0008, lo: 0x80, hi: 0x9a},
 	{value: 0x0018, lo: 0x9b, hi: 0x9b},
 	{value: 0x449d, lo: 0x9c, hi: 0x9c},
 	{value: 0x44b5, lo: 0x9d, hi: 0x9d},
-	{value: 0x2971, lo: 0x9e, hi: 0x9e},
+	{value: 0x0941, lo: 0x9e, hi: 0x9e},
 	{value: 0xe06d, lo: 0x9f, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xa8},
-	{value: 0x6ed9, lo: 0xa9, hi: 0xa9},
+	{value: 0x13f9, lo: 0xa9, hi: 0xa9},
 	{value: 0x0018, lo: 0xaa, hi: 0xab},
 	{value: 0x0040, lo: 0xac, hi: 0xaf},
 	{value: 0x44cd, lo: 0xb0, hi: 0xbf},
-	// Block 0x79, offset 0x3ee
+	// Block 0x7b, offset 0x3f8
 	{value: 0x0000, lo: 0x04},
 	{value: 0x44ed, lo: 0x80, hi: 0x8f},
 	{value: 0x450d, lo: 0x90, hi: 0x9f},
 	{value: 0x452d, lo: 0xa0, hi: 0xaf},
 	{value: 0x450d, lo: 0xb0, hi: 0xbf},
-	// Block 0x7a, offset 0x3f3
+	// Block 0x7c, offset 0x3fd
 	{value: 0x0000, lo: 0x0c},
 	{value: 0x0008, lo: 0x80, hi: 0xa2},
 	{value: 0x3008, lo: 0xa3, hi: 0xa4},
@@ -3544,76 +3699,76 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xae, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xb9},
 	{value: 0x0040, lo: 0xba, hi: 0xbf},
-	// Block 0x7b, offset 0x400
+	// Block 0x7d, offset 0x40a
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0008, lo: 0x80, hi: 0xa3},
 	{value: 0x0040, lo: 0xa4, hi: 0xaf},
 	{value: 0x0018, lo: 0xb0, hi: 0xbf},
-	// Block 0x7c, offset 0x404
+	// Block 0x7e, offset 0x40e
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0018, lo: 0x80, hi: 0x86},
 	{value: 0x0040, lo: 0x87, hi: 0x8a},
 	{value: 0x0018, lo: 0x8b, hi: 0xbb},
 	{value: 0x0040, lo: 0xbc, hi: 0xbf},
-	// Block 0x7d, offset 0x409
+	// Block 0x7f, offset 0x413
 	{value: 0x0000, lo: 0x01},
 	{value: 0x0040, lo: 0x80, hi: 0xbf},
-	// Block 0x7e, offset 0x40b
+	// Block 0x80, offset 0x415
 	{value: 0x0020, lo: 0x01},
 	{value: 0x454d, lo: 0x80, hi: 0xbf},
-	// Block 0x7f, offset 0x40d
+	// Block 0x81, offset 0x417
 	{value: 0x0020, lo: 0x03},
 	{value: 0x4d4d, lo: 0x80, hi: 0x94},
 	{value: 0x4b0d, lo: 0x95, hi: 0x95},
 	{value: 0x4fed, lo: 0x96, hi: 0xbf},
-	// Block 0x80, offset 0x411
+	// Block 0x82, offset 0x41b
 	{value: 0x0020, lo: 0x01},
 	{value: 0x552d, lo: 0x80, hi: 0xbf},
-	// Block 0x81, offset 0x413
+	// Block 0x83, offset 0x41d
 	{value: 0x0020, lo: 0x03},
 	{value: 0x5d2d, lo: 0x80, hi: 0x84},
 	{value: 0x568d, lo: 0x85, hi: 0x85},
 	{value: 0x5dcd, lo: 0x86, hi: 0xbf},
-	// Block 0x82, offset 0x417
+	// Block 0x84, offset 0x421
 	{value: 0x0020, lo: 0x08},
 	{value: 0x6b8d, lo: 0x80, hi: 0x8f},
 	{value: 0x6d4d, lo: 0x90, hi: 0x90},
 	{value: 0x6d8d, lo: 0x91, hi: 0xab},
-	{value: 0x6ef1, lo: 0xac, hi: 0xac},
+	{value: 0x1401, lo: 0xac, hi: 0xac},
 	{value: 0x70ed, lo: 0xad, hi: 0xad},
 	{value: 0x0040, lo: 0xae, hi: 0xae},
 	{value: 0x0040, lo: 0xaf, hi: 0xaf},
 	{value: 0x710d, lo: 0xb0, hi: 0xbf},
-	// Block 0x83, offset 0x420
+	// Block 0x85, offset 0x42a
 	{value: 0x0020, lo: 0x05},
 	{value: 0x730d, lo: 0x80, hi: 0xad},
 	{value: 0x656d, lo: 0xae, hi: 0xae},
 	{value: 0x78cd, lo: 0xaf, hi: 0xb5},
 	{value: 0x6f8d, lo: 0xb6, hi: 0xb6},
 	{value: 0x79ad, lo: 0xb7, hi: 0xbf},
-	// Block 0x84, offset 0x426
-	{value: 0x0028, lo: 0x03},
-	{value: 0x7c71, lo: 0x80, hi: 0x82},
-	{value: 0x7c31, lo: 0x83, hi: 0x83},
-	{value: 0x7ce9, lo: 0x84, hi: 0xbf},
-	// Block 0x85, offset 0x42a
-	{value: 0x0038, lo: 0x0f},
-	{value: 0x9e01, lo: 0x80, hi: 0x83},
-	{value: 0x9ea9, lo: 0x84, hi: 0x85},
-	{value: 0x9ee1, lo: 0x86, hi: 0x87},
-	{value: 0x9f19, lo: 0x88, hi: 0x8f},
+	// Block 0x86, offset 0x430
+	{value: 0x0008, lo: 0x03},
+	{value: 0x1751, lo: 0x80, hi: 0x82},
+	{value: 0x1741, lo: 0x83, hi: 0x83},
+	{value: 0x1769, lo: 0x84, hi: 0xbf},
+	// Block 0x87, offset 0x434
+	{value: 0x0008, lo: 0x0f},
+	{value: 0x1d81, lo: 0x80, hi: 0x83},
+	{value: 0x1d99, lo: 0x84, hi: 0x85},
+	{value: 0x1da1, lo: 0x86, hi: 0x87},
+	{value: 0x1da9, lo: 0x88, hi: 0x8f},
 	{value: 0x0040, lo: 0x90, hi: 0x90},
 	{value: 0x0040, lo: 0x91, hi: 0x91},
-	{value: 0xa0d9, lo: 0x92, hi: 0x97},
-	{value: 0xa1f1, lo: 0x98, hi: 0x9c},
-	{value: 0xa2d1, lo: 0x9d, hi: 0xb3},
-	{value: 0x9d91, lo: 0xb4, hi: 0xb4},
-	{value: 0x9e01, lo: 0xb5, hi: 0xb5},
-	{value: 0xa7d9, lo: 0xb6, hi: 0xbb},
-	{value: 0xa8b9, lo: 0xbc, hi: 0xbc},
-	{value: 0xa849, lo: 0xbd, hi: 0xbd},
-	{value: 0xa929, lo: 0xbe, hi: 0xbf},
-	// Block 0x86, offset 0x43a
+	{value: 0x1de9, lo: 0x92, hi: 0x97},
+	{value: 0x1e11, lo: 0x98, hi: 0x9c},
+	{value: 0x1e31, lo: 0x9d, hi: 0xb3},
+	{value: 0x1d71, lo: 0xb4, hi: 0xb4},
+	{value: 0x1d81, lo: 0xb5, hi: 0xb5},
+	{value: 0x1ee9, lo: 0xb6, hi: 0xbb},
+	{value: 0x1f09, lo: 0xbc, hi: 0xbc},
+	{value: 0x1ef9, lo: 0xbd, hi: 0xbd},
+	{value: 0x1f19, lo: 0xbe, hi: 0xbf},
+	// Block 0x88, offset 0x444
 	{value: 0x0000, lo: 0x09},
 	{value: 0x0008, lo: 0x80, hi: 0x8b},
 	{value: 0x0040, lo: 0x8c, hi: 0x8c},
@@ -3624,24 +3779,24 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0xbc, hi: 0xbd},
 	{value: 0x0040, lo: 0xbe, hi: 0xbe},
 	{value: 0x0008, lo: 0xbf, hi: 0xbf},
-	// Block 0x87, offset 0x444
+	// Block 0x89, offset 0x44e
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0x8d},
 	{value: 0x0040, lo: 0x8e, hi: 0x8f},
 	{value: 0x0008, lo: 0x90, hi: 0x9d},
 	{value: 0x0040, lo: 0x9e, hi: 0xbf},
-	// Block 0x88, offset 0x449
+	// Block 0x8a, offset 0x453
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0xba},
 	{value: 0x0040, lo: 0xbb, hi: 0xbf},
-	// Block 0x89, offset 0x44c
+	// Block 0x8b, offset 0x456
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0018, lo: 0x80, hi: 0x82},
 	{value: 0x0040, lo: 0x83, hi: 0x86},
 	{value: 0x0018, lo: 0x87, hi: 0xb3},
 	{value: 0x0040, lo: 0xb4, hi: 0xb6},
 	{value: 0x0018, lo: 0xb7, hi: 0xbf},
-	// Block 0x8a, offset 0x452
+	// Block 0x8c, offset 0x45c
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0018, lo: 0x80, hi: 0x8e},
 	{value: 0x0040, lo: 0x8f, hi: 0x8f},
@@ -3649,31 +3804,31 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x9d, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xa0},
 	{value: 0x0040, lo: 0xa1, hi: 0xbf},
-	// Block 0x8b, offset 0x459
+	// Block 0x8d, offset 0x463
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0040, lo: 0x80, hi: 0x8f},
 	{value: 0x0018, lo: 0x90, hi: 0xbc},
 	{value: 0x3308, lo: 0xbd, hi: 0xbd},
 	{value: 0x0040, lo: 0xbe, hi: 0xbf},
-	// Block 0x8c, offset 0x45e
+	// Block 0x8e, offset 0x468
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0008, lo: 0x80, hi: 0x9c},
 	{value: 0x0040, lo: 0x9d, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xbf},
-	// Block 0x8d, offset 0x462
+	// Block 0x8f, offset 0x46c
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0008, lo: 0x80, hi: 0x90},
 	{value: 0x0040, lo: 0x91, hi: 0x9f},
 	{value: 0x3308, lo: 0xa0, hi: 0xa0},
 	{value: 0x0018, lo: 0xa1, hi: 0xbb},
 	{value: 0x0040, lo: 0xbc, hi: 0xbf},
-	// Block 0x8e, offset 0x468
+	// Block 0x90, offset 0x472
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xa3},
 	{value: 0x0040, lo: 0xa4, hi: 0xac},
 	{value: 0x0008, lo: 0xad, hi: 0xbf},
-	// Block 0x8f, offset 0x46d
+	// Block 0x91, offset 0x477
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0008, lo: 0x80, hi: 0x80},
 	{value: 0x0018, lo: 0x81, hi: 0x81},
@@ -3683,20 +3838,20 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0x90, hi: 0xb5},
 	{value: 0x3308, lo: 0xb6, hi: 0xba},
 	{value: 0x0040, lo: 0xbb, hi: 0xbf},
-	// Block 0x90, offset 0x476
+	// Block 0x92, offset 0x480
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0x9d},
 	{value: 0x0040, lo: 0x9e, hi: 0x9e},
 	{value: 0x0018, lo: 0x9f, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xbf},
-	// Block 0x91, offset 0x47b
+	// Block 0x93, offset 0x485
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0008, lo: 0x80, hi: 0x83},
 	{value: 0x0040, lo: 0x84, hi: 0x87},
 	{value: 0x0008, lo: 0x88, hi: 0x8f},
 	{value: 0x0018, lo: 0x90, hi: 0x95},
 	{value: 0x0040, lo: 0x96, hi: 0xbf},
-	// Block 0x92, offset 0x481
+	// Block 0x94, offset 0x48b
 	{value: 0x0000, lo: 0x06},
 	{value: 0xe145, lo: 0x80, hi: 0x87},
 	{value: 0xe1c5, lo: 0x88, hi: 0x8f},
@@ -3704,7 +3859,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x8b0d, lo: 0x98, hi: 0x9f},
 	{value: 0x8b25, lo: 0xa0, hi: 0xa7},
 	{value: 0x0008, lo: 0xa8, hi: 0xbf},
-	// Block 0x93, offset 0x488
+	// Block 0x95, offset 0x492
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0008, lo: 0x80, hi: 0x9d},
 	{value: 0x0040, lo: 0x9e, hi: 0x9f},
@@ -3712,7 +3867,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xaa, hi: 0xaf},
 	{value: 0x8b25, lo: 0xb0, hi: 0xb7},
 	{value: 0x8b0d, lo: 0xb8, hi: 0xbf},
-	// Block 0x94, offset 0x48f
+	// Block 0x96, offset 0x499
 	{value: 0x0000, lo: 0x06},
 	{value: 0xe145, lo: 0x80, hi: 0x87},
 	{value: 0xe1c5, lo: 0x88, hi: 0x8f},
@@ -3720,28 +3875,28 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x94, hi: 0x97},
 	{value: 0x0008, lo: 0x98, hi: 0xbb},
 	{value: 0x0040, lo: 0xbc, hi: 0xbf},
-	// Block 0x95, offset 0x496
+	// Block 0x97, offset 0x4a0
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0008, lo: 0x80, hi: 0xa7},
 	{value: 0x0040, lo: 0xa8, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xbf},
-	// Block 0x96, offset 0x49a
+	// Block 0x98, offset 0x4a4
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0xa3},
 	{value: 0x0040, lo: 0xa4, hi: 0xae},
 	{value: 0x0018, lo: 0xaf, hi: 0xaf},
 	{value: 0x0040, lo: 0xb0, hi: 0xbf},
-	// Block 0x97, offset 0x49f
+	// Block 0x99, offset 0x4a9
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0xb6},
 	{value: 0x0040, lo: 0xb7, hi: 0xbf},
-	// Block 0x98, offset 0x4a2
+	// Block 0x9a, offset 0x4ac
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0x95},
 	{value: 0x0040, lo: 0x96, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xa7},
 	{value: 0x0040, lo: 0xa8, hi: 0xbf},
-	// Block 0x99, offset 0x4a7
+	// Block 0x9b, offset 0x4b1
 	{value: 0x0000, lo: 0x0b},
 	{value: 0x0808, lo: 0x80, hi: 0x85},
 	{value: 0x0040, lo: 0x86, hi: 0x87},
@@ -3754,20 +3909,20 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0808, lo: 0xbc, hi: 0xbc},
 	{value: 0x0040, lo: 0xbd, hi: 0xbe},
 	{value: 0x0808, lo: 0xbf, hi: 0xbf},
-	// Block 0x9a, offset 0x4b3
+	// Block 0x9c, offset 0x4bd
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0808, lo: 0x80, hi: 0x95},
 	{value: 0x0040, lo: 0x96, hi: 0x96},
 	{value: 0x0818, lo: 0x97, hi: 0x9f},
 	{value: 0x0808, lo: 0xa0, hi: 0xb6},
 	{value: 0x0818, lo: 0xb7, hi: 0xbf},
-	// Block 0x9b, offset 0x4b9
+	// Block 0x9d, offset 0x4c3
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0808, lo: 0x80, hi: 0x9e},
 	{value: 0x0040, lo: 0x9f, hi: 0xa6},
 	{value: 0x0818, lo: 0xa7, hi: 0xaf},
 	{value: 0x0040, lo: 0xb0, hi: 0xbf},
-	// Block 0x9c, offset 0x4be
+	// Block 0x9e, offset 0x4c8
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0040, lo: 0x80, hi: 0x9f},
 	{value: 0x0808, lo: 0xa0, hi: 0xb2},
@@ -3775,7 +3930,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0808, lo: 0xb4, hi: 0xb5},
 	{value: 0x0040, lo: 0xb6, hi: 0xba},
 	{value: 0x0818, lo: 0xbb, hi: 0xbf},
-	// Block 0x9d, offset 0x4c5
+	// Block 0x9f, offset 0x4cf
 	{value: 0x0000, lo: 0x07},
 	{value: 0x0808, lo: 0x80, hi: 0x95},
 	{value: 0x0818, lo: 0x96, hi: 0x9b},
@@ -3784,18 +3939,18 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0808, lo: 0xa0, hi: 0xb9},
 	{value: 0x0040, lo: 0xba, hi: 0xbe},
 	{value: 0x0818, lo: 0xbf, hi: 0xbf},
-	// Block 0x9e, offset 0x4cd
+	// Block 0xa0, offset 0x4d7
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0808, lo: 0x80, hi: 0xb7},
 	{value: 0x0040, lo: 0xb8, hi: 0xbb},
 	{value: 0x0818, lo: 0xbc, hi: 0xbd},
 	{value: 0x0808, lo: 0xbe, hi: 0xbf},
-	// Block 0x9f, offset 0x4d2
+	// Block 0xa1, offset 0x4dc
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0818, lo: 0x80, hi: 0x8f},
 	{value: 0x0040, lo: 0x90, hi: 0x91},
 	{value: 0x0818, lo: 0x92, hi: 0xbf},
-	// Block 0xa0, offset 0x4d6
+	// Block 0xa2, offset 0x4e0
 	{value: 0x0000, lo: 0x0f},
 	{value: 0x0808, lo: 0x80, hi: 0x80},
 	{value: 0x3308, lo: 0x81, hi: 0x83},
@@ -3812,7 +3967,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xb8, hi: 0xba},
 	{value: 0x0040, lo: 0xbb, hi: 0xbe},
 	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
-	// Block 0xa1, offset 0x4e6
+	// Block 0xa3, offset 0x4f0
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0818, lo: 0x80, hi: 0x88},
 	{value: 0x0040, lo: 0x89, hi: 0x8f},
@@ -3820,17 +3975,17 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x99, hi: 0x9f},
 	{value: 0x0808, lo: 0xa0, hi: 0xbc},
 	{value: 0x0818, lo: 0xbd, hi: 0xbf},
-	// Block 0xa2, offset 0x4ed
+	// Block 0xa4, offset 0x4f7
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0808, lo: 0x80, hi: 0x9c},
 	{value: 0x0818, lo: 0x9d, hi: 0x9f},
 	{value: 0x0040, lo: 0xa0, hi: 0xbf},
-	// Block 0xa3, offset 0x4f1
+	// Block 0xa5, offset 0x4fb
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0808, lo: 0x80, hi: 0xb5},
 	{value: 0x0040, lo: 0xb6, hi: 0xb8},
 	{value: 0x0018, lo: 0xb9, hi: 0xbf},
-	// Block 0xa4, offset 0x4f5
+	// Block 0xa6, offset 0x4ff
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0808, lo: 0x80, hi: 0x95},
 	{value: 0x0040, lo: 0x96, hi: 0x97},
@@ -3838,23 +3993,23 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0808, lo: 0xa0, hi: 0xb2},
 	{value: 0x0040, lo: 0xb3, hi: 0xb7},
 	{value: 0x0818, lo: 0xb8, hi: 0xbf},
-	// Block 0xa5, offset 0x4fc
+	// Block 0xa7, offset 0x506
 	{value: 0x0000, lo: 0x01},
 	{value: 0x0808, lo: 0x80, hi: 0xbf},
-	// Block 0xa6, offset 0x4fe
+	// Block 0xa8, offset 0x508
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0808, lo: 0x80, hi: 0x88},
 	{value: 0x0040, lo: 0x89, hi: 0xbf},
-	// Block 0xa7, offset 0x501
+	// Block 0xa9, offset 0x50b
 	{value: 0x0000, lo: 0x02},
 	{value: 0x03dd, lo: 0x80, hi: 0xb2},
 	{value: 0x0040, lo: 0xb3, hi: 0xbf},
-	// Block 0xa8, offset 0x504
+	// Block 0xaa, offset 0x50e
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0808, lo: 0x80, hi: 0xb2},
 	{value: 0x0040, lo: 0xb3, hi: 0xb9},
 	{value: 0x0818, lo: 0xba, hi: 0xbf},
-	// Block 0xa9, offset 0x508
+	// Block 0xab, offset 0x512
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0908, lo: 0x80, hi: 0x80},
 	{value: 0x0a08, lo: 0x81, hi: 0xa1},
@@ -3864,12 +4019,12 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xa8, hi: 0xaf},
 	{value: 0x0808, lo: 0xb0, hi: 0xb9},
 	{value: 0x0040, lo: 0xba, hi: 0xbf},
-	// Block 0xaa, offset 0x511
+	// Block 0xac, offset 0x51b
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0040, lo: 0x80, hi: 0x9f},
 	{value: 0x0818, lo: 0xa0, hi: 0xbe},
 	{value: 0x0040, lo: 0xbf, hi: 0xbf},
-	// Block 0xab, offset 0x515
+	// Block 0xad, offset 0x51f
 	{value: 0x0000, lo: 0x07},
 	{value: 0x0808, lo: 0x80, hi: 0xa9},
 	{value: 0x0040, lo: 0xaa, hi: 0xaa},
@@ -3878,7 +4033,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xae, hi: 0xaf},
 	{value: 0x0808, lo: 0xb0, hi: 0xb1},
 	{value: 0x0040, lo: 0xb2, hi: 0xbf},
-	// Block 0xac, offset 0x51d
+	// Block 0xae, offset 0x527
 	{value: 0x0000, lo: 0x07},
 	{value: 0x0808, lo: 0x80, hi: 0x9c},
 	{value: 0x0818, lo: 0x9d, hi: 0xa6},
@@ -3887,7 +4042,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0a08, lo: 0xb0, hi: 0xb2},
 	{value: 0x0c08, lo: 0xb3, hi: 0xb3},
 	{value: 0x0a08, lo: 0xb4, hi: 0xbf},
-	// Block 0xad, offset 0x525
+	// Block 0xaf, offset 0x52f
 	{value: 0x0000, lo: 0x07},
 	{value: 0x0a08, lo: 0x80, hi: 0x84},
 	{value: 0x0808, lo: 0x85, hi: 0x85},
@@ -3896,7 +4051,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0c18, lo: 0x94, hi: 0x94},
 	{value: 0x0818, lo: 0x95, hi: 0x99},
 	{value: 0x0040, lo: 0x9a, hi: 0xbf},
-	// Block 0xae, offset 0x52d
+	// Block 0xb0, offset 0x537
 	{value: 0x0000, lo: 0x0b},
 	{value: 0x0040, lo: 0x80, hi: 0xaf},
 	{value: 0x0a08, lo: 0xb0, hi: 0xb0},
@@ -3909,7 +4064,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0a08, lo: 0xbb, hi: 0xbc},
 	{value: 0x0c08, lo: 0xbd, hi: 0xbd},
 	{value: 0x0a08, lo: 0xbe, hi: 0xbf},
-	// Block 0xaf, offset 0x539
+	// Block 0xb1, offset 0x543
 	{value: 0x0000, lo: 0x0b},
 	{value: 0x0808, lo: 0x80, hi: 0x80},
 	{value: 0x0a08, lo: 0x81, hi: 0x81},
@@ -3922,14 +4077,14 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x8c, hi: 0x9f},
 	{value: 0x0808, lo: 0xa0, hi: 0xb6},
 	{value: 0x0040, lo: 0xb7, hi: 0xbf},
-	// Block 0xb0, offset 0x545
+	// Block 0xb2, offset 0x54f
 	{value: 0x0000, lo: 0x05},
 	{value: 0x3008, lo: 0x80, hi: 0x80},
 	{value: 0x3308, lo: 0x81, hi: 0x81},
 	{value: 0x3008, lo: 0x82, hi: 0x82},
 	{value: 0x0008, lo: 0x83, hi: 0xb7},
 	{value: 0x3308, lo: 0xb8, hi: 0xbf},
-	// Block 0xb1, offset 0x54b
+	// Block 0xb3, offset 0x555
 	{value: 0x0000, lo: 0x08},
 	{value: 0x3308, lo: 0x80, hi: 0x85},
 	{value: 0x3b08, lo: 0x86, hi: 0x86},
@@ -3939,7 +4094,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0xa6, hi: 0xaf},
 	{value: 0x0040, lo: 0xb0, hi: 0xbe},
 	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
-	// Block 0xb2, offset 0x554
+	// Block 0xb4, offset 0x55e
 	{value: 0x0000, lo: 0x0b},
 	{value: 0x3308, lo: 0x80, hi: 0x81},
 	{value: 0x3008, lo: 0x82, hi: 0x82},
@@ -3952,7 +4107,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0018, lo: 0xbb, hi: 0xbc},
 	{value: 0x0040, lo: 0xbd, hi: 0xbd},
 	{value: 0x0018, lo: 0xbe, hi: 0xbf},
-	// Block 0xb3, offset 0x560
+	// Block 0xb5, offset 0x56a
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0018, lo: 0x80, hi: 0x81},
 	{value: 0x0040, lo: 0x82, hi: 0x8f},
@@ -3960,7 +4115,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xa9, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xb9},
 	{value: 0x0040, lo: 0xba, hi: 0xbf},
-	// Block 0xb4, offset 0x567
+	// Block 0xb6, offset 0x571
 	{value: 0x0000, lo: 0x08},
 	{value: 0x3308, lo: 0x80, hi: 0x82},
 	{value: 0x0008, lo: 0x83, hi: 0xa6},
@@ -3970,7 +4125,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3b08, lo: 0xb3, hi: 0xb4},
 	{value: 0x0040, lo: 0xb5, hi: 0xb5},
 	{value: 0x0008, lo: 0xb6, hi: 0xbf},
-	// Block 0xb5, offset 0x570
+	// Block 0xb7, offset 0x57a
 	{value: 0x0000, lo: 0x0a},
 	{value: 0x0018, lo: 0x80, hi: 0x83},
 	{value: 0x0008, lo: 0x84, hi: 0x84},
@@ -3982,7 +4137,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0018, lo: 0xb4, hi: 0xb5},
 	{value: 0x0008, lo: 0xb6, hi: 0xb6},
 	{value: 0x0040, lo: 0xb7, hi: 0xbf},
-	// Block 0xb6, offset 0x57b
+	// Block 0xb8, offset 0x585
 	{value: 0x0000, lo: 0x06},
 	{value: 0x3308, lo: 0x80, hi: 0x81},
 	{value: 0x3008, lo: 0x82, hi: 0x82},
@@ -3990,7 +4145,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3008, lo: 0xb3, hi: 0xb5},
 	{value: 0x3308, lo: 0xb6, hi: 0xbe},
 	{value: 0x3008, lo: 0xbf, hi: 0xbf},
-	// Block 0xb7, offset 0x582
+	// Block 0xb9, offset 0x58c
 	{value: 0x0000, lo: 0x0e},
 	{value: 0x3808, lo: 0x80, hi: 0x80},
 	{value: 0x0008, lo: 0x81, hi: 0x84},
@@ -4006,7 +4161,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xa0, hi: 0xa0},
 	{value: 0x0018, lo: 0xa1, hi: 0xb4},
 	{value: 0x0040, lo: 0xb5, hi: 0xbf},
-	// Block 0xb8, offset 0x591
+	// Block 0xba, offset 0x59b
 	{value: 0x0000, lo: 0x0c},
 	{value: 0x0008, lo: 0x80, hi: 0x91},
 	{value: 0x0040, lo: 0x92, hi: 0x92},
@@ -4020,7 +4175,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0018, lo: 0xb8, hi: 0xbd},
 	{value: 0x3308, lo: 0xbe, hi: 0xbe},
 	{value: 0x0040, lo: 0xbf, hi: 0xbf},
-	// Block 0xb9, offset 0x59e
+	// Block 0xbb, offset 0x5a8
 	{value: 0x0000, lo: 0x0c},
 	{value: 0x0008, lo: 0x80, hi: 0x86},
 	{value: 0x0040, lo: 0x87, hi: 0x87},
@@ -4034,7 +4189,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0018, lo: 0xa9, hi: 0xa9},
 	{value: 0x0040, lo: 0xaa, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xbf},
-	// Block 0xba, offset 0x5ab
+	// Block 0xbc, offset 0x5b5
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0008, lo: 0x80, hi: 0x9e},
 	{value: 0x3308, lo: 0x9f, hi: 0x9f},
@@ -4044,12 +4199,12 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xab, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xb9},
 	{value: 0x0040, lo: 0xba, hi: 0xbf},
-	// Block 0xbb, offset 0x5b4
+	// Block 0xbd, offset 0x5be
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0008, lo: 0x80, hi: 0xb4},
 	{value: 0x3008, lo: 0xb5, hi: 0xb7},
 	{value: 0x3308, lo: 0xb8, hi: 0xbf},
-	// Block 0xbc, offset 0x5b8
+	// Block 0xbe, offset 0x5c2
 	{value: 0x0000, lo: 0x0e},
 	{value: 0x3008, lo: 0x80, hi: 0x81},
 	{value: 0x3b08, lo: 0x82, hi: 0x82},
@@ -4065,7 +4220,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0x9e, hi: 0x9e},
 	{value: 0x0008, lo: 0x9f, hi: 0xa1},
 	{value: 0x0040, lo: 0xa2, hi: 0xbf},
-	// Block 0xbd, offset 0x5c7
+	// Block 0xbf, offset 0x5d1
 	{value: 0x0000, lo: 0x07},
 	{value: 0x0008, lo: 0x80, hi: 0xaf},
 	{value: 0x3008, lo: 0xb0, hi: 0xb2},
@@ -4074,7 +4229,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xba, hi: 0xba},
 	{value: 0x3008, lo: 0xbb, hi: 0xbe},
 	{value: 0x3308, lo: 0xbf, hi: 0xbf},
-	// Block 0xbe, offset 0x5cf
+	// Block 0xc0, offset 0x5d9
 	{value: 0x0000, lo: 0x0a},
 	{value: 0x3308, lo: 0x80, hi: 0x80},
 	{value: 0x3008, lo: 0x81, hi: 0x81},
@@ -4086,7 +4241,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x88, hi: 0x8f},
 	{value: 0x0008, lo: 0x90, hi: 0x99},
 	{value: 0x0040, lo: 0x9a, hi: 0xbf},
-	// Block 0xbf, offset 0x5da
+	// Block 0xc1, offset 0x5e4
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0008, lo: 0x80, hi: 0xae},
 	{value: 0x3008, lo: 0xaf, hi: 0xb1},
@@ -4096,14 +4251,14 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xbc, hi: 0xbd},
 	{value: 0x3008, lo: 0xbe, hi: 0xbe},
 	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
-	// Block 0xc0, offset 0x5e3
+	// Block 0xc2, offset 0x5ed
 	{value: 0x0000, lo: 0x05},
 	{value: 0x3308, lo: 0x80, hi: 0x80},
 	{value: 0x0018, lo: 0x81, hi: 0x97},
 	{value: 0x0008, lo: 0x98, hi: 0x9b},
 	{value: 0x3308, lo: 0x9c, hi: 0x9d},
 	{value: 0x0040, lo: 0x9e, hi: 0xbf},
-	// Block 0xc1, offset 0x5e9
+	// Block 0xc3, offset 0x5f3
 	{value: 0x0000, lo: 0x07},
 	{value: 0x0008, lo: 0x80, hi: 0xaf},
 	{value: 0x3008, lo: 0xb0, hi: 0xb2},
@@ -4112,7 +4267,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xbd, hi: 0xbd},
 	{value: 0x3008, lo: 0xbe, hi: 0xbe},
 	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
-	// Block 0xc2, offset 0x5f1
+	// Block 0xc4, offset 0x5fb
 	{value: 0x0000, lo: 0x08},
 	{value: 0x3308, lo: 0x80, hi: 0x80},
 	{value: 0x0018, lo: 0x81, hi: 0x83},
@@ -4122,7 +4277,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x9a, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xac},
 	{value: 0x0040, lo: 0xad, hi: 0xbf},
-	// Block 0xc3, offset 0x5fa
+	// Block 0xc5, offset 0x604
 	{value: 0x0000, lo: 0x0a},
 	{value: 0x0008, lo: 0x80, hi: 0xaa},
 	{value: 0x3308, lo: 0xab, hi: 0xab},
@@ -4134,11 +4289,11 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xb7, hi: 0xb7},
 	{value: 0x0008, lo: 0xb8, hi: 0xb8},
 	{value: 0x0040, lo: 0xb9, hi: 0xbf},
-	// Block 0xc4, offset 0x605
+	// Block 0xc6, offset 0x60f
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x89},
 	{value: 0x0040, lo: 0x8a, hi: 0xbf},
-	// Block 0xc5, offset 0x608
+	// Block 0xc7, offset 0x612
 	{value: 0x0000, lo: 0x0b},
 	{value: 0x0008, lo: 0x80, hi: 0x9a},
 	{value: 0x0040, lo: 0x9b, hi: 0x9c},
@@ -4151,7 +4306,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xac, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xb9},
 	{value: 0x0018, lo: 0xba, hi: 0xbf},
-	// Block 0xc6, offset 0x614
+	// Block 0xc8, offset 0x61e
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0008, lo: 0x80, hi: 0xab},
 	{value: 0x3008, lo: 0xac, hi: 0xae},
@@ -4161,17 +4316,17 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xba, hi: 0xba},
 	{value: 0x0018, lo: 0xbb, hi: 0xbb},
 	{value: 0x0040, lo: 0xbc, hi: 0xbf},
-	// Block 0xc7, offset 0x61d
+	// Block 0xc9, offset 0x627
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0040, lo: 0x80, hi: 0x9f},
 	{value: 0x049d, lo: 0xa0, hi: 0xbf},
-	// Block 0xc8, offset 0x620
+	// Block 0xca, offset 0x62a
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0xa9},
 	{value: 0x0018, lo: 0xaa, hi: 0xb2},
 	{value: 0x0040, lo: 0xb3, hi: 0xbe},
 	{value: 0x0008, lo: 0xbf, hi: 0xbf},
-	// Block 0xc9, offset 0x625
+	// Block 0xcb, offset 0x62f
 	{value: 0x0000, lo: 0x08},
 	{value: 0x3008, lo: 0x80, hi: 0x80},
 	{value: 0x0008, lo: 0x81, hi: 0x81},
@@ -4181,13 +4336,13 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x87, hi: 0x8f},
 	{value: 0x0008, lo: 0x90, hi: 0x99},
 	{value: 0x0040, lo: 0x9a, hi: 0xbf},
-	// Block 0xca, offset 0x62e
+	// Block 0xcc, offset 0x638
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0040, lo: 0x80, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xa7},
 	{value: 0x0040, lo: 0xa8, hi: 0xa9},
 	{value: 0x0008, lo: 0xaa, hi: 0xbf},
-	// Block 0xcb, offset 0x633
+	// Block 0xcd, offset 0x63d
 	{value: 0x0000, lo: 0x0c},
 	{value: 0x0008, lo: 0x80, hi: 0x90},
 	{value: 0x3008, lo: 0x91, hi: 0x93},
@@ -4201,7 +4356,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0xa3, hi: 0xa3},
 	{value: 0x3008, lo: 0xa4, hi: 0xa4},
 	{value: 0x0040, lo: 0xa5, hi: 0xbf},
-	// Block 0xcc, offset 0x640
+	// Block 0xce, offset 0x64a
 	{value: 0x0000, lo: 0x0a},
 	{value: 0x0008, lo: 0x80, hi: 0x80},
 	{value: 0x3308, lo: 0x81, hi: 0x8a},
@@ -4213,7 +4368,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0xba, hi: 0xba},
 	{value: 0x3308, lo: 0xbb, hi: 0xbe},
 	{value: 0x0018, lo: 0xbf, hi: 0xbf},
-	// Block 0xcd, offset 0x64b
+	// Block 0xcf, offset 0x655
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0018, lo: 0x80, hi: 0x86},
 	{value: 0x3b08, lo: 0x87, hi: 0x87},
@@ -4223,7 +4378,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3008, lo: 0x97, hi: 0x98},
 	{value: 0x3308, lo: 0x99, hi: 0x9b},
 	{value: 0x0008, lo: 0x9c, hi: 0xbf},
-	// Block 0xce, offset 0x654
+	// Block 0xd0, offset 0x65e
 	{value: 0x0000, lo: 0x09},
 	{value: 0x0008, lo: 0x80, hi: 0x89},
 	{value: 0x3308, lo: 0x8a, hi: 0x96},
@@ -4234,11 +4389,11 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0x9d, hi: 0x9d},
 	{value: 0x0018, lo: 0x9e, hi: 0xa2},
 	{value: 0x0040, lo: 0xa3, hi: 0xbf},
-	// Block 0xcf, offset 0x65e
+	// Block 0xd1, offset 0x668
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0xb8},
 	{value: 0x0040, lo: 0xb9, hi: 0xbf},
-	// Block 0xd0, offset 0x661
+	// Block 0xd2, offset 0x66b
 	{value: 0x0000, lo: 0x09},
 	{value: 0x0008, lo: 0x80, hi: 0x88},
 	{value: 0x0040, lo: 0x89, hi: 0x89},
@@ -4249,7 +4404,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xb8, hi: 0xbd},
 	{value: 0x3008, lo: 0xbe, hi: 0xbe},
 	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
-	// Block 0xd1, offset 0x66b
+	// Block 0xd3, offset 0x675
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0008, lo: 0x80, hi: 0x80},
 	{value: 0x0018, lo: 0x81, hi: 0x85},
@@ -4259,7 +4414,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xad, hi: 0xaf},
 	{value: 0x0018, lo: 0xb0, hi: 0xb1},
 	{value: 0x0008, lo: 0xb2, hi: 0xbf},
-	// Block 0xd2, offset 0x674
+	// Block 0xd4, offset 0x67e
 	{value: 0x0000, lo: 0x0b},
 	{value: 0x0008, lo: 0x80, hi: 0x8f},
 	{value: 0x0040, lo: 0x90, hi: 0x91},
@@ -4272,7 +4427,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3008, lo: 0xb4, hi: 0xb4},
 	{value: 0x3308, lo: 0xb5, hi: 0xb6},
 	{value: 0x0040, lo: 0xb7, hi: 0xbf},
-	// Block 0xd3, offset 0x680
+	// Block 0xd5, offset 0x68a
 	{value: 0x0000, lo: 0x0c},
 	{value: 0x0008, lo: 0x80, hi: 0x86},
 	{value: 0x0040, lo: 0x87, hi: 0x87},
@@ -4286,7 +4441,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xbc, hi: 0xbd},
 	{value: 0x0040, lo: 0xbe, hi: 0xbe},
 	{value: 0x3308, lo: 0xbf, hi: 0xbf},
-	// Block 0xd4, offset 0x68d
+	// Block 0xd6, offset 0x697
 	{value: 0x0000, lo: 0x0c},
 	{value: 0x3308, lo: 0x80, hi: 0x83},
 	{value: 0x3b08, lo: 0x84, hi: 0x85},
@@ -4300,7 +4455,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0xa7, hi: 0xa8},
 	{value: 0x0040, lo: 0xa9, hi: 0xa9},
 	{value: 0x0008, lo: 0xaa, hi: 0xbf},
-	// Block 0xd5, offset 0x69a
+	// Block 0xd7, offset 0x6a4
 	{value: 0x0000, lo: 0x0d},
 	{value: 0x0008, lo: 0x80, hi: 0x89},
 	{value: 0x3008, lo: 0x8a, hi: 0x8e},
@@ -4315,7 +4470,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x99, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xa9},
 	{value: 0x0040, lo: 0xaa, hi: 0xbf},
-	// Block 0xd6, offset 0x6a8
+	// Block 0xd8, offset 0x6b2
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0040, lo: 0x80, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xb2},
@@ -4323,41 +4478,41 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3008, lo: 0xb5, hi: 0xb6},
 	{value: 0x0018, lo: 0xb7, hi: 0xb8},
 	{value: 0x0040, lo: 0xb9, hi: 0xbf},
-	// Block 0xd7, offset 0x6af
+	// Block 0xd9, offset 0x6b9
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0040, lo: 0x80, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xb0},
 	{value: 0x0040, lo: 0xb1, hi: 0xbf},
-	// Block 0xd8, offset 0x6b3
+	// Block 0xda, offset 0x6bd
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0018, lo: 0x80, hi: 0xb1},
 	{value: 0x0040, lo: 0xb2, hi: 0xbe},
 	{value: 0x0018, lo: 0xbf, hi: 0xbf},
-	// Block 0xd9, offset 0x6b7
+	// Block 0xdb, offset 0x6c1
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x99},
 	{value: 0x0040, lo: 0x9a, hi: 0xbf},
-	// Block 0xda, offset 0x6ba
+	// Block 0xdc, offset 0x6c4
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0018, lo: 0x80, hi: 0xae},
 	{value: 0x0040, lo: 0xaf, hi: 0xaf},
 	{value: 0x0018, lo: 0xb0, hi: 0xb4},
 	{value: 0x0040, lo: 0xb5, hi: 0xbf},
-	// Block 0xdb, offset 0x6bf
+	// Block 0xdd, offset 0x6c9
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x83},
 	{value: 0x0040, lo: 0x84, hi: 0xbf},
-	// Block 0xdc, offset 0x6c2
+	// Block 0xde, offset 0x6cc
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0xae},
 	{value: 0x0040, lo: 0xaf, hi: 0xaf},
 	{value: 0x0340, lo: 0xb0, hi: 0xb8},
 	{value: 0x0040, lo: 0xb9, hi: 0xbf},
-	// Block 0xdd, offset 0x6c7
+	// Block 0xdf, offset 0x6d1
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x86},
 	{value: 0x0040, lo: 0x87, hi: 0xbf},
-	// Block 0xde, offset 0x6ca
+	// Block 0xe0, offset 0x6d4
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0008, lo: 0x80, hi: 0x9e},
 	{value: 0x0040, lo: 0x9f, hi: 0x9f},
@@ -4365,7 +4520,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xaa, hi: 0xad},
 	{value: 0x0018, lo: 0xae, hi: 0xaf},
 	{value: 0x0040, lo: 0xb0, hi: 0xbf},
-	// Block 0xdf, offset 0x6d1
+	// Block 0xe1, offset 0x6db
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0040, lo: 0x80, hi: 0x8f},
 	{value: 0x0008, lo: 0x90, hi: 0xad},
@@ -4373,12 +4528,12 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x3308, lo: 0xb0, hi: 0xb4},
 	{value: 0x0018, lo: 0xb5, hi: 0xb5},
 	{value: 0x0040, lo: 0xb6, hi: 0xbf},
-	// Block 0xe0, offset 0x6d8
+	// Block 0xe2, offset 0x6e2
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0008, lo: 0x80, hi: 0xaf},
 	{value: 0x3308, lo: 0xb0, hi: 0xb6},
 	{value: 0x0018, lo: 0xb7, hi: 0xbf},
-	// Block 0xe1, offset 0x6dc
+	// Block 0xe3, offset 0x6e6
 	{value: 0x0000, lo: 0x0a},
 	{value: 0x0008, lo: 0x80, hi: 0x83},
 	{value: 0x0018, lo: 0x84, hi: 0x85},
@@ -4390,33 +4545,33 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0xa3, hi: 0xb7},
 	{value: 0x0040, lo: 0xb8, hi: 0xbc},
 	{value: 0x0008, lo: 0xbd, hi: 0xbf},
-	// Block 0xe2, offset 0x6e7
+	// Block 0xe4, offset 0x6f1
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x8f},
 	{value: 0x0040, lo: 0x90, hi: 0xbf},
-	// Block 0xe3, offset 0x6ea
+	// Block 0xe5, offset 0x6f4
 	{value: 0x0000, lo: 0x02},
 	{value: 0xe105, lo: 0x80, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xbf},
-	// Block 0xe4, offset 0x6ed
+	// Block 0xe6, offset 0x6f7
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0018, lo: 0x80, hi: 0x9a},
 	{value: 0x0040, lo: 0x9b, hi: 0xbf},
-	// Block 0xe5, offset 0x6f0
+	// Block 0xe7, offset 0x6fa
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0008, lo: 0x80, hi: 0x8a},
 	{value: 0x0040, lo: 0x8b, hi: 0x8e},
 	{value: 0x3308, lo: 0x8f, hi: 0x8f},
 	{value: 0x0008, lo: 0x90, hi: 0x90},
 	{value: 0x3008, lo: 0x91, hi: 0xbf},
-	// Block 0xe6, offset 0x6f6
+	// Block 0xe8, offset 0x700
 	{value: 0x0000, lo: 0x05},
 	{value: 0x3008, lo: 0x80, hi: 0x87},
 	{value: 0x0040, lo: 0x88, hi: 0x8e},
 	{value: 0x3308, lo: 0x8f, hi: 0x92},
 	{value: 0x0008, lo: 0x93, hi: 0x9f},
 	{value: 0x0040, lo: 0xa0, hi: 0xbf},
-	// Block 0xe7, offset 0x6fc
+	// Block 0xe9, offset 0x706
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0040, lo: 0x80, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xa1},
@@ -4426,23 +4581,23 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xa5, hi: 0xaf},
 	{value: 0x3008, lo: 0xb0, hi: 0xb1},
 	{value: 0x0040, lo: 0xb2, hi: 0xbf},
-	// Block 0xe8, offset 0x705
+	// Block 0xea, offset 0x70f
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0xb7},
 	{value: 0x0040, lo: 0xb8, hi: 0xbf},
-	// Block 0xe9, offset 0x708
+	// Block 0xeb, offset 0x712
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x95},
 	{value: 0x0040, lo: 0x96, hi: 0xbf},
-	// Block 0xea, offset 0x70b
+	// Block 0xec, offset 0x715
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x88},
 	{value: 0x0040, lo: 0x89, hi: 0xbf},
-	// Block 0xeb, offset 0x70e
+	// Block 0xed, offset 0x718
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x9e},
 	{value: 0x0040, lo: 0x9f, hi: 0xbf},
-	// Block 0xec, offset 0x711
+	// Block 0xee, offset 0x71b
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0040, lo: 0x80, hi: 0x8f},
 	{value: 0x0008, lo: 0x90, hi: 0x92},
@@ -4450,17 +4605,17 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0008, lo: 0xa4, hi: 0xa7},
 	{value: 0x0040, lo: 0xa8, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xbf},
-	// Block 0xed, offset 0x718
+	// Block 0xef, offset 0x722
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0xbb},
 	{value: 0x0040, lo: 0xbc, hi: 0xbf},
-	// Block 0xee, offset 0x71b
+	// Block 0xf0, offset 0x725
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0008, lo: 0x80, hi: 0xaa},
 	{value: 0x0040, lo: 0xab, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xbc},
 	{value: 0x0040, lo: 0xbd, hi: 0xbf},
-	// Block 0xef, offset 0x720
+	// Block 0xf1, offset 0x72a
 	{value: 0x0000, lo: 0x09},
 	{value: 0x0008, lo: 0x80, hi: 0x88},
 	{value: 0x0040, lo: 0x89, hi: 0x8f},
@@ -4471,32 +4626,32 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0018, lo: 0x9f, hi: 0x9f},
 	{value: 0x03c0, lo: 0xa0, hi: 0xa3},
 	{value: 0x0040, lo: 0xa4, hi: 0xbf},
-	// Block 0xf0, offset 0x72a
+	// Block 0xf2, offset 0x734
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0018, lo: 0x80, hi: 0xb5},
 	{value: 0x0040, lo: 0xb6, hi: 0xbf},
-	// Block 0xf1, offset 0x72d
+	// Block 0xf3, offset 0x737
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0018, lo: 0x80, hi: 0xa6},
 	{value: 0x0040, lo: 0xa7, hi: 0xa8},
 	{value: 0x0018, lo: 0xa9, hi: 0xbf},
-	// Block 0xf2, offset 0x731
+	// Block 0xf4, offset 0x73b
 	{value: 0x0000, lo: 0x0e},
 	{value: 0x0018, lo: 0x80, hi: 0x9d},
-	{value: 0xb609, lo: 0x9e, hi: 0x9e},
-	{value: 0xb651, lo: 0x9f, hi: 0x9f},
-	{value: 0xb699, lo: 0xa0, hi: 0xa0},
-	{value: 0xb701, lo: 0xa1, hi: 0xa1},
-	{value: 0xb769, lo: 0xa2, hi: 0xa2},
-	{value: 0xb7d1, lo: 0xa3, hi: 0xa3},
-	{value: 0xb839, lo: 0xa4, hi: 0xa4},
+	{value: 0x2211, lo: 0x9e, hi: 0x9e},
+	{value: 0x2219, lo: 0x9f, hi: 0x9f},
+	{value: 0x2221, lo: 0xa0, hi: 0xa0},
+	{value: 0x2229, lo: 0xa1, hi: 0xa1},
+	{value: 0x2231, lo: 0xa2, hi: 0xa2},
+	{value: 0x2239, lo: 0xa3, hi: 0xa3},
+	{value: 0x2241, lo: 0xa4, hi: 0xa4},
 	{value: 0x3018, lo: 0xa5, hi: 0xa6},
 	{value: 0x3318, lo: 0xa7, hi: 0xa9},
 	{value: 0x0018, lo: 0xaa, hi: 0xac},
 	{value: 0x3018, lo: 0xad, hi: 0xb2},
 	{value: 0x0340, lo: 0xb3, hi: 0xba},
 	{value: 0x3318, lo: 0xbb, hi: 0xbf},
-	// Block 0xf3, offset 0x740
+	// Block 0xf5, offset 0x74a
 	{value: 0x0000, lo: 0x0b},
 	{value: 0x3318, lo: 0x80, hi: 0x82},
 	{value: 0x0018, lo: 0x83, hi: 0x84},
@@ -4504,45 +4659,45 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0018, lo: 0x8c, hi: 0xa9},
 	{value: 0x3318, lo: 0xaa, hi: 0xad},
 	{value: 0x0018, lo: 0xae, hi: 0xba},
-	{value: 0xb8a1, lo: 0xbb, hi: 0xbb},
-	{value: 0xb8e9, lo: 0xbc, hi: 0xbc},
-	{value: 0xb931, lo: 0xbd, hi: 0xbd},
-	{value: 0xb999, lo: 0xbe, hi: 0xbe},
-	{value: 0xba01, lo: 0xbf, hi: 0xbf},
-	// Block 0xf4, offset 0x74c
+	{value: 0x2249, lo: 0xbb, hi: 0xbb},
+	{value: 0x2251, lo: 0xbc, hi: 0xbc},
+	{value: 0x2259, lo: 0xbd, hi: 0xbd},
+	{value: 0x2261, lo: 0xbe, hi: 0xbe},
+	{value: 0x2269, lo: 0xbf, hi: 0xbf},
+	// Block 0xf6, offset 0x756
 	{value: 0x0000, lo: 0x03},
-	{value: 0xba69, lo: 0x80, hi: 0x80},
+	{value: 0x2271, lo: 0x80, hi: 0x80},
 	{value: 0x0018, lo: 0x81, hi: 0xa8},
 	{value: 0x0040, lo: 0xa9, hi: 0xbf},
-	// Block 0xf5, offset 0x750
+	// Block 0xf7, offset 0x75a
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0018, lo: 0x80, hi: 0x81},
 	{value: 0x3318, lo: 0x82, hi: 0x84},
 	{value: 0x0018, lo: 0x85, hi: 0x85},
 	{value: 0x0040, lo: 0x86, hi: 0xbf},
-	// Block 0xf6, offset 0x755
+	// Block 0xf8, offset 0x75f
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0040, lo: 0x80, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xb3},
 	{value: 0x0040, lo: 0xb4, hi: 0xbf},
-	// Block 0xf7, offset 0x759
+	// Block 0xf9, offset 0x763
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0018, lo: 0x80, hi: 0x96},
 	{value: 0x0040, lo: 0x97, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xb8},
 	{value: 0x0040, lo: 0xb9, hi: 0xbf},
-	// Block 0xf8, offset 0x75e
+	// Block 0xfa, offset 0x768
 	{value: 0x0000, lo: 0x03},
 	{value: 0x3308, lo: 0x80, hi: 0xb6},
 	{value: 0x0018, lo: 0xb7, hi: 0xba},
 	{value: 0x3308, lo: 0xbb, hi: 0xbf},
-	// Block 0xf9, offset 0x762
+	// Block 0xfb, offset 0x76c
 	{value: 0x0000, lo: 0x04},
 	{value: 0x3308, lo: 0x80, hi: 0xac},
 	{value: 0x0018, lo: 0xad, hi: 0xb4},
 	{value: 0x3308, lo: 0xb5, hi: 0xb5},
 	{value: 0x0018, lo: 0xb6, hi: 0xbf},
-	// Block 0xfa, offset 0x767
+	// Block 0xfc, offset 0x771
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0018, lo: 0x80, hi: 0x83},
 	{value: 0x3308, lo: 0x84, hi: 0x84},
@@ -4552,7 +4707,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xa0, hi: 0xa0},
 	{value: 0x3308, lo: 0xa1, hi: 0xaf},
 	{value: 0x0040, lo: 0xb0, hi: 0xbf},
-	// Block 0xfb, offset 0x770
+	// Block 0xfd, offset 0x77a
 	{value: 0x0000, lo: 0x0a},
 	{value: 0x3308, lo: 0x80, hi: 0x86},
 	{value: 0x0040, lo: 0x87, hi: 0x87},
@@ -4564,35 +4719,35 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xa5, hi: 0xa5},
 	{value: 0x3308, lo: 0xa6, hi: 0xaa},
 	{value: 0x0040, lo: 0xab, hi: 0xbf},
-	// Block 0xfc, offset 0x77b
+	// Block 0xfe, offset 0x785
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0008, lo: 0x80, hi: 0xac},
 	{value: 0x0040, lo: 0xad, hi: 0xaf},
 	{value: 0x3308, lo: 0xb0, hi: 0xb6},
 	{value: 0x0008, lo: 0xb7, hi: 0xbd},
 	{value: 0x0040, lo: 0xbe, hi: 0xbf},
-	// Block 0xfd, offset 0x781
+	// Block 0xff, offset 0x78b
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0008, lo: 0x80, hi: 0x89},
 	{value: 0x0040, lo: 0x8a, hi: 0x8d},
 	{value: 0x0008, lo: 0x8e, hi: 0x8e},
 	{value: 0x0018, lo: 0x8f, hi: 0x8f},
 	{value: 0x0040, lo: 0x90, hi: 0xbf},
-	// Block 0xfe, offset 0x787
+	// Block 0x100, offset 0x791
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0008, lo: 0x80, hi: 0xab},
 	{value: 0x3308, lo: 0xac, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xb9},
 	{value: 0x0040, lo: 0xba, hi: 0xbe},
 	{value: 0x0018, lo: 0xbf, hi: 0xbf},
-	// Block 0xff, offset 0x78d
+	// Block 0x101, offset 0x797
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0808, lo: 0x80, hi: 0x84},
 	{value: 0x0040, lo: 0x85, hi: 0x86},
 	{value: 0x0818, lo: 0x87, hi: 0x8f},
 	{value: 0x3308, lo: 0x90, hi: 0x96},
 	{value: 0x0040, lo: 0x97, hi: 0xbf},
-	// Block 0x100, offset 0x793
+	// Block 0x102, offset 0x79d
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0a08, lo: 0x80, hi: 0x83},
 	{value: 0x3308, lo: 0x84, hi: 0x8a},
@@ -4602,71 +4757,71 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0x9a, hi: 0x9d},
 	{value: 0x0818, lo: 0x9e, hi: 0x9f},
 	{value: 0x0040, lo: 0xa0, hi: 0xbf},
-	// Block 0x101, offset 0x79c
+	// Block 0x103, offset 0x7a6
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0040, lo: 0x80, hi: 0xb0},
 	{value: 0x0818, lo: 0xb1, hi: 0xbf},
-	// Block 0x102, offset 0x79f
+	// Block 0x104, offset 0x7a9
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0818, lo: 0x80, hi: 0xb4},
 	{value: 0x0040, lo: 0xb5, hi: 0xbf},
-	// Block 0x103, offset 0x7a2
+	// Block 0x105, offset 0x7ac
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0040, lo: 0x80, hi: 0x80},
 	{value: 0x0818, lo: 0x81, hi: 0xbd},
 	{value: 0x0040, lo: 0xbe, hi: 0xbf},
-	// Block 0x104, offset 0x7a6
+	// Block 0x106, offset 0x7b0
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0040, lo: 0x80, hi: 0xaf},
 	{value: 0x0018, lo: 0xb0, hi: 0xb1},
 	{value: 0x0040, lo: 0xb2, hi: 0xbf},
-	// Block 0x105, offset 0x7aa
+	// Block 0x107, offset 0x7b4
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0018, lo: 0x80, hi: 0xab},
 	{value: 0x0040, lo: 0xac, hi: 0xaf},
 	{value: 0x0018, lo: 0xb0, hi: 0xbf},
-	// Block 0x106, offset 0x7ae
+	// Block 0x108, offset 0x7b8
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0018, lo: 0x80, hi: 0x93},
 	{value: 0x0040, lo: 0x94, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xae},
 	{value: 0x0040, lo: 0xaf, hi: 0xb0},
 	{value: 0x0018, lo: 0xb1, hi: 0xbf},
-	// Block 0x107, offset 0x7b4
+	// Block 0x109, offset 0x7be
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0040, lo: 0x80, hi: 0x80},
 	{value: 0x0018, lo: 0x81, hi: 0x8f},
 	{value: 0x0040, lo: 0x90, hi: 0x90},
 	{value: 0x0018, lo: 0x91, hi: 0xb5},
 	{value: 0x0040, lo: 0xb6, hi: 0xbf},
-	// Block 0x108, offset 0x7ba
+	// Block 0x10a, offset 0x7c4
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0018, lo: 0x80, hi: 0x8f},
-	{value: 0xc229, lo: 0x90, hi: 0x90},
+	{value: 0x2491, lo: 0x90, hi: 0x90},
 	{value: 0x0018, lo: 0x91, hi: 0xad},
 	{value: 0x0040, lo: 0xae, hi: 0xbf},
-	// Block 0x109, offset 0x7bf
+	// Block 0x10b, offset 0x7c9
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0040, lo: 0x80, hi: 0xa5},
 	{value: 0x0018, lo: 0xa6, hi: 0xbf},
-	// Block 0x10a, offset 0x7c2
+	// Block 0x10c, offset 0x7cc
 	{value: 0x0000, lo: 0x0f},
-	{value: 0xc851, lo: 0x80, hi: 0x80},
-	{value: 0xc8a1, lo: 0x81, hi: 0x81},
-	{value: 0xc8f1, lo: 0x82, hi: 0x82},
-	{value: 0xc941, lo: 0x83, hi: 0x83},
-	{value: 0xc991, lo: 0x84, hi: 0x84},
-	{value: 0xc9e1, lo: 0x85, hi: 0x85},
-	{value: 0xca31, lo: 0x86, hi: 0x86},
-	{value: 0xca81, lo: 0x87, hi: 0x87},
-	{value: 0xcad1, lo: 0x88, hi: 0x88},
+	{value: 0x2611, lo: 0x80, hi: 0x80},
+	{value: 0x2619, lo: 0x81, hi: 0x81},
+	{value: 0x2621, lo: 0x82, hi: 0x82},
+	{value: 0x2629, lo: 0x83, hi: 0x83},
+	{value: 0x2631, lo: 0x84, hi: 0x84},
+	{value: 0x2639, lo: 0x85, hi: 0x85},
+	{value: 0x2641, lo: 0x86, hi: 0x86},
+	{value: 0x2649, lo: 0x87, hi: 0x87},
+	{value: 0x2651, lo: 0x88, hi: 0x88},
 	{value: 0x0040, lo: 0x89, hi: 0x8f},
-	{value: 0xcb21, lo: 0x90, hi: 0x90},
-	{value: 0xcb41, lo: 0x91, hi: 0x91},
+	{value: 0x2659, lo: 0x90, hi: 0x90},
+	{value: 0x2661, lo: 0x91, hi: 0x91},
 	{value: 0x0040, lo: 0x92, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xa5},
 	{value: 0x0040, lo: 0xa6, hi: 0xbf},
-	// Block 0x10b, offset 0x7d2
+	// Block 0x10d, offset 0x7dc
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0018, lo: 0x80, hi: 0x97},
 	{value: 0x0040, lo: 0x98, hi: 0x9f},
@@ -4674,29 +4829,29 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xad, hi: 0xaf},
 	{value: 0x0018, lo: 0xb0, hi: 0xbc},
 	{value: 0x0040, lo: 0xbd, hi: 0xbf},
-	// Block 0x10c, offset 0x7d9
+	// Block 0x10e, offset 0x7e3
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0018, lo: 0x80, hi: 0xb3},
 	{value: 0x0040, lo: 0xb4, hi: 0xbf},
-	// Block 0x10d, offset 0x7dc
+	// Block 0x10f, offset 0x7e6
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0018, lo: 0x80, hi: 0x98},
 	{value: 0x0040, lo: 0x99, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xab},
 	{value: 0x0040, lo: 0xac, hi: 0xbf},
-	// Block 0x10e, offset 0x7e1
+	// Block 0x110, offset 0x7eb
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0018, lo: 0x80, hi: 0x8b},
 	{value: 0x0040, lo: 0x8c, hi: 0x8f},
 	{value: 0x0018, lo: 0x90, hi: 0xbf},
-	// Block 0x10f, offset 0x7e5
+	// Block 0x111, offset 0x7ef
 	{value: 0x0000, lo: 0x05},
 	{value: 0x0018, lo: 0x80, hi: 0x87},
 	{value: 0x0040, lo: 0x88, hi: 0x8f},
 	{value: 0x0018, lo: 0x90, hi: 0x99},
 	{value: 0x0040, lo: 0x9a, hi: 0x9f},
 	{value: 0x0018, lo: 0xa0, hi: 0xbf},
-	// Block 0x110, offset 0x7eb
+	// Block 0x112, offset 0x7f5
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0018, lo: 0x80, hi: 0x87},
 	{value: 0x0040, lo: 0x88, hi: 0x8f},
@@ -4704,17 +4859,17 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xae, hi: 0xaf},
 	{value: 0x0018, lo: 0xb0, hi: 0xb1},
 	{value: 0x0040, lo: 0xb2, hi: 0xbf},
-	// Block 0x111, offset 0x7f2
+	// Block 0x113, offset 0x7fc
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0018, lo: 0x80, hi: 0xb8},
 	{value: 0x0040, lo: 0xb9, hi: 0xb9},
 	{value: 0x0018, lo: 0xba, hi: 0xbf},
-	// Block 0x112, offset 0x7f6
+	// Block 0x114, offset 0x800
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0018, lo: 0x80, hi: 0x8b},
 	{value: 0x0040, lo: 0x8c, hi: 0x8c},
 	{value: 0x0018, lo: 0x8d, hi: 0xbf},
-	// Block 0x113, offset 0x7fa
+	// Block 0x115, offset 0x804
 	{value: 0x0000, lo: 0x08},
 	{value: 0x0018, lo: 0x80, hi: 0x93},
 	{value: 0x0040, lo: 0x94, hi: 0x9f},
@@ -4724,7 +4879,7 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xb5, hi: 0xb7},
 	{value: 0x0018, lo: 0xb8, hi: 0xba},
 	{value: 0x0040, lo: 0xbb, hi: 0xbf},
-	// Block 0x114, offset 0x803
+	// Block 0x116, offset 0x80d
 	{value: 0x0000, lo: 0x06},
 	{value: 0x0018, lo: 0x80, hi: 0x86},
 	{value: 0x0040, lo: 0x87, hi: 0x8f},
@@ -4732,109 +4887,74 @@ var idnaSparseValues = [2146]valueRange{
 	{value: 0x0040, lo: 0xa9, hi: 0xaf},
 	{value: 0x0018, lo: 0xb0, hi: 0xb6},
 	{value: 0x0040, lo: 0xb7, hi: 0xbf},
-	// Block 0x115, offset 0x80a
+	// Block 0x117, offset 0x814
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0018, lo: 0x80, hi: 0x82},
 	{value: 0x0040, lo: 0x83, hi: 0x8f},
 	{value: 0x0018, lo: 0x90, hi: 0x96},
 	{value: 0x0040, lo: 0x97, hi: 0xbf},
-	// Block 0x116, offset 0x80f
+	// Block 0x118, offset 0x819
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0018, lo: 0x80, hi: 0x92},
 	{value: 0x0040, lo: 0x93, hi: 0x93},
 	{value: 0x0018, lo: 0x94, hi: 0xbf},
-	// Block 0x117, offset 0x813
+	// Block 0x119, offset 0x81d
 	{value: 0x0000, lo: 0x0d},
 	{value: 0x0018, lo: 0x80, hi: 0x8a},
 	{value: 0x0040, lo: 0x8b, hi: 0xaf},
-	{value: 0x1f41, lo: 0xb0, hi: 0xb0},
-	{value: 0x00c9, lo: 0xb1, hi: 0xb1},
-	{value: 0x0069, lo: 0xb2, hi: 0xb2},
-	{value: 0x0079, lo: 0xb3, hi: 0xb3},
-	{value: 0x1f51, lo: 0xb4, hi: 0xb4},
-	{value: 0x1f61, lo: 0xb5, hi: 0xb5},
-	{value: 0x1f71, lo: 0xb6, hi: 0xb6},
-	{value: 0x1f81, lo: 0xb7, hi: 0xb7},
-	{value: 0x1f91, lo: 0xb8, hi: 0xb8},
-	{value: 0x1fa1, lo: 0xb9, hi: 0xb9},
+	{value: 0x06e1, lo: 0xb0, hi: 0xb0},
+	{value: 0x0049, lo: 0xb1, hi: 0xb1},
+	{value: 0x0029, lo: 0xb2, hi: 0xb2},
+	{value: 0x0031, lo: 0xb3, hi: 0xb3},
+	{value: 0x06e9, lo: 0xb4, hi: 0xb4},
+	{value: 0x06f1, lo: 0xb5, hi: 0xb5},
+	{value: 0x06f9, lo: 0xb6, hi: 0xb6},
+	{value: 0x0701, lo: 0xb7, hi: 0xb7},
+	{value: 0x0709, lo: 0xb8, hi: 0xb8},
+	{value: 0x0711, lo: 0xb9, hi: 0xb9},
 	{value: 0x0040, lo: 0xba, hi: 0xbf},
-	// Block 0x118, offset 0x821
+	// Block 0x11a, offset 0x82b
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x9d},
 	{value: 0x0040, lo: 0x9e, hi: 0xbf},
-	// Block 0x119, offset 0x824
+	// Block 0x11b, offset 0x82e
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0xb4},
 	{value: 0x0040, lo: 0xb5, hi: 0xbf},
-	// Block 0x11a, offset 0x827
+	// Block 0x11c, offset 0x831
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0008, lo: 0x80, hi: 0x9d},
 	{value: 0x0040, lo: 0x9e, hi: 0x9f},
 	{value: 0x0008, lo: 0xa0, hi: 0xbf},
-	// Block 0x11b, offset 0x82b
+	// Block 0x11d, offset 0x835
 	{value: 0x0000, lo: 0x03},
 	{value: 0x0008, lo: 0x80, hi: 0xa1},
 	{value: 0x0040, lo: 0xa2, hi: 0xaf},
 	{value: 0x0008, lo: 0xb0, hi: 0xbf},
-	// Block 0x11c, offset 0x82f
+	// Block 0x11e, offset 0x839
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0xa0},
 	{value: 0x0040, lo: 0xa1, hi: 0xbf},
-	// Block 0x11d, offset 0x832
-	{value: 0x0020, lo: 0x0f},
-	{value: 0xdf21, lo: 0x80, hi: 0x89},
-	{value: 0x8e35, lo: 0x8a, hi: 0x8a},
-	{value: 0xe061, lo: 0x8b, hi: 0x9c},
-	{value: 0x8e55, lo: 0x9d, hi: 0x9d},
-	{value: 0xe2a1, lo: 0x9e, hi: 0xa2},
-	{value: 0x8e75, lo: 0xa3, hi: 0xa3},
-	{value: 0xe341, lo: 0xa4, hi: 0xab},
-	{value: 0x7f0d, lo: 0xac, hi: 0xac},
-	{value: 0xe441, lo: 0xad, hi: 0xaf},
-	{value: 0x8e95, lo: 0xb0, hi: 0xb0},
-	{value: 0xe4a1, lo: 0xb1, hi: 0xb6},
-	{value: 0x8eb5, lo: 0xb7, hi: 0xb9},
-	{value: 0xe561, lo: 0xba, hi: 0xba},
-	{value: 0x8f15, lo: 0xbb, hi: 0xbb},
-	{value: 0xe581, lo: 0xbc, hi: 0xbf},
-	// Block 0x11e, offset 0x842
-	{value: 0x0020, lo: 0x10},
-	{value: 0x93b5, lo: 0x80, hi: 0x80},
-	{value: 0xf101, lo: 0x81, hi: 0x86},
-	{value: 0x93d5, lo: 0x87, hi: 0x8a},
-	{value: 0xda61, lo: 0x8b, hi: 0x8b},
-	{value: 0xf1c1, lo: 0x8c, hi: 0x96},
-	{value: 0x9455, lo: 0x97, hi: 0x97},
-	{value: 0xf321, lo: 0x98, hi: 0xa3},
-	{value: 0x9475, lo: 0xa4, hi: 0xa6},
-	{value: 0xf4a1, lo: 0xa7, hi: 0xaa},
-	{value: 0x94d5, lo: 0xab, hi: 0xab},
-	{value: 0xf521, lo: 0xac, hi: 0xac},
-	{value: 0x94f5, lo: 0xad, hi: 0xad},
-	{value: 0xf541, lo: 0xae, hi: 0xaf},
-	{value: 0x9515, lo: 0xb0, hi: 0xb1},
-	{value: 0xf581, lo: 0xb2, hi: 0xbe},
-	{value: 0x2040, lo: 0xbf, hi: 0xbf},
-	// Block 0x11f, offset 0x853
+	// Block 0x11f, offset 0x83c
 	{value: 0x0000, lo: 0x02},
 	{value: 0x0008, lo: 0x80, hi: 0x8a},
 	{value: 0x0040, lo: 0x8b, hi: 0xbf},
-	// Block 0x120, offset 0x856
+	// Block 0x120, offset 0x83f
 	{value: 0x0000, lo: 0x04},
 	{value: 0x0040, lo: 0x80, hi: 0x80},
 	{value: 0x0340, lo: 0x81, hi: 0x81},
 	{value: 0x0040, lo: 0x82, hi: 0x9f},
 	{value: 0x0340, lo: 0xa0, hi: 0xbf},
-	// Block 0x121, offset 0x85b
+	// Block 0x121, offset 0x844
 	{value: 0x0000, lo: 0x01},
 	{value: 0x0340, lo: 0x80, hi: 0xbf},
-	// Block 0x122, offset 0x85d
+	// Block 0x122, offset 0x846
 	{value: 0x0000, lo: 0x01},
 	{value: 0x33c0, lo: 0x80, hi: 0xbf},
-	// Block 0x123, offset 0x85f
+	// Block 0x123, offset 0x848
 	{value: 0x0000, lo: 0x02},
 	{value: 0x33c0, lo: 0x80, hi: 0xaf},
 	{value: 0x0040, lo: 0xb0, hi: 0xbf},
 }
 
-// Total table size 43370 bytes (42KiB); checksum: EBD909C0
+// Total table size 44953 bytes (43KiB); checksum: D51909DD
diff --git a/vendor/golang.org/x/net/idna/tables15.0.0.go b/vendor/golang.org/x/net/idna/tables15.0.0.go
new file mode 100644
index 000000000..40033778f
--- /dev/null
+++ b/vendor/golang.org/x/net/idna/tables15.0.0.go
@@ -0,0 +1,5145 @@
+// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+
+//go:build go1.21
+// +build go1.21
+
+package idna
+
+// UnicodeVersion is the Unicode version from which the tables in this package are derived.
+const UnicodeVersion = "15.0.0"
+
+var mappings string = "" + // Size: 6704 bytes
+	"  ̈a ̄23 ́ ̧1o1⁄41⁄23⁄4i̇l·ʼnsdžⱥⱦhjrwy ̆ ̇ ̊ ̨ ̃ ̋lẍ́ ι; ̈́եւاٴوٴۇٴيٴक" +
+	"़ख़ग़ज़ड़ढ़फ़य़ড়ঢ়য়ਲ਼ਸ਼ਖ਼ਗ਼ਜ਼ਫ਼ଡ଼ଢ଼ําໍາຫນຫມགྷཌྷདྷབྷཛྷཀྵཱཱིུྲྀྲཱྀླྀླཱ" +
+	"ཱྀྀྒྷྜྷྡྷྦྷྫྷྐྵвдостъѣæbdeǝgikmnȣptuɐɑəɛɜŋɔɯvβγδφχρнɒcɕðfɟɡɥɨɩɪʝɭʟɱɰɲɳ" +
+	"ɴɵɸʂʃƫʉʊʋʌzʐʑʒθssάέήίόύώἀιἁιἂιἃιἄιἅιἆιἇιἠιἡιἢιἣιἤιἥιἦιἧιὠιὡιὢιὣιὤιὥιὦιὧ" +
+	"ιὰιαιάιᾶιι ̈͂ὴιηιήιῆι ̓̀ ̓́ ̓͂ΐ ̔̀ ̔́ ̔͂ΰ ̈̀`ὼιωιώιῶι′′′′′‵‵‵‵‵!!???!!?" +
+	"′′′′0456789+=()rsħnoqsmtmωåאבגדπ1⁄71⁄91⁄101⁄32⁄31⁄52⁄53⁄54⁄51⁄65⁄61⁄83" +
+	"⁄85⁄87⁄81⁄iiivviviiiixxi0⁄3∫∫∫∫∫∮∮∮∮∮1011121314151617181920(10)(11)(12" +
+	")(13)(14)(15)(16)(17)(18)(19)(20)∫∫∫∫==⫝̸ɫɽȿɀ. ゙ ゚よりコト(ᄀ)(ᄂ)(ᄃ)(ᄅ)(ᄆ)(ᄇ)" +
+	"(ᄉ)(ᄋ)(ᄌ)(ᄎ)(ᄏ)(ᄐ)(ᄑ)(ᄒ)(가)(나)(다)(라)(마)(바)(사)(아)(자)(차)(카)(타)(파)(하)(주)(오전" +
+	")(오후)(一)(二)(三)(四)(五)(六)(七)(八)(九)(十)(月)(火)(水)(木)(金)(土)(日)(株)(有)(社)(名)(特)(" +
+	"財)(祝)(労)(代)(呼)(学)(監)(企)(資)(協)(祭)(休)(自)(至)21222324252627282930313233343" +
+	"5참고주의3637383940414243444546474849501月2月3月4月5月6月7月8月9月10月11月12月hgev令和アパート" +
+	"アルファアンペアアールイニングインチウォンエスクードエーカーオンスオームカイリカラットカロリーガロンガンマギガギニーキュリーギルダーキロキロ" +
+	"グラムキロメートルキロワットグラムグラムトンクルゼイロクローネケースコルナコーポサイクルサンチームシリングセンチセントダースデシドルトンナノ" +
+	"ノットハイツパーセントパーツバーレルピアストルピクルピコビルファラッドフィートブッシェルフランヘクタールペソペニヒヘルツペンスページベータポ" +
+	"イントボルトホンポンドホールホーンマイクロマイルマッハマルクマンションミクロンミリミリバールメガメガトンメートルヤードヤールユアンリットルリ" +
+	"ラルピールーブルレムレントゲンワット0点1点2点3点4点5点6点7点8点9点10点11点12点13点14点15点16点17点18点19点20" +
+	"点21点22点23点24点daauovpcdmiu平成昭和大正明治株式会社panamakakbmbgbkcalpfnfmgkghzmldlk" +
+	"lfmnmmmcmkmm2m3m∕sm∕s2rad∕srad∕s2psnsmspvnvmvkvpwnwmwkwbqcccdc∕kgdbgyhah" +
+	"pinkkktlmlnlxphprsrsvwbv∕ma∕m1日2日3日4日5日6日7日8日9日10日11日12日13日14日15日16日17日1" +
+	"8日19日20日21日22日23日24日25日26日27日28日29日30日31日ьɦɬʞʇœʍ𤋮𢡊𢡄𣏕𥉉𥳐𧻓fffiflstմնմեմիվնմ" +
+	"խיִײַעהכלםרתשׁשׂשּׁשּׂאַאָאּבּגּדּהּוּזּטּיּךּכּלּמּנּסּףּפּצּקּרּשּתּו" +
+	"ֹבֿכֿפֿאלٱٻپڀٺٿٹڤڦڄڃچڇڍڌڎڈژڑکگڳڱںڻۀہھےۓڭۇۆۈۋۅۉېىئائەئوئۇئۆئۈئېئىیئجئحئم" +
+	"ئيبجبحبخبمبىبيتجتحتختمتىتيثجثمثىثيجحجمحجحمخجخحخمسجسحسخسمصحصمضجضحضخضمطحط" +
+	"مظمعجعمغجغمفجفحفخفمفىفيقحقمقىقيكاكجكحكخكلكمكىكيلجلحلخلملىليمجمحمخمممىمي" +
+	"نجنحنخنمنىنيهجهمهىهييجيحيخيميىييذٰرٰىٰ ٌّ ٍّ َّ ُّ ِّ ّٰئرئزئنبربزبنترت" +
+	"زتنثرثزثنمانرنزننيريزينئخئهبهتهصخلهنههٰيهثهسهشمشهـَّـُّـِّطىطيعىعيغىغيس" +
+	"ىسيشىشيحىحيجىجيخىخيصىصيضىضيشجشحشخشرسرصرضراًتجمتحجتحمتخمتمجتمحتمخجمححميح" +
+	"مىسحجسجحسجىسمحسمجسممصححصممشحمشجيشمخشممضحىضخمطمحطممطميعجمعممعمىغممغميغمى" +
+	"فخمقمحقمملحملحيلحىلججلخملمحمحجمحممحيمجحمجممخجمخممجخهمجهممنحمنحىنجمنجىنم" +
+	"ينمىيممبخيتجيتجىتخيتخىتميتمىجميجحىجمىسخىصحيشحيضحيلجيلمييحييجييميمميقمين" +
+	"حيعميكمينجحمخيلجمكممجحيحجيمجيفميبحيسخينجيصلےقلےاللهاكبرمحمدصلعمرسولعليه" +
+	"وسلمصلىصلى الله عليه وسلمجل جلالهریال,:!?_{}[]#&*-<>\\$%@ـًـَـُـِـّـْءآ" +
+	"أؤإئابةتثجحخدذرزسشصضطظعغفقكلمنهويلآلألإلا\x22'/^|~¢£¬¦¥ːˑʙɓʣꭦʥʤɖɗᶑɘɞʩɤɢ" +
+	"ɠʛʜɧʄʪʫꞎɮʎøɶɷɺɾʀʨʦꭧʧʈⱱʏʡʢʘǀǁǂ𝅗𝅥𝅘𝅥𝅘𝅥𝅮𝅘𝅥𝅯𝅘𝅥𝅰𝅘𝅥𝅱𝅘𝅥𝅲𝆹𝅥𝆺𝅥𝆹𝅥𝅮𝆺𝅥𝅮𝆹𝅥𝅯𝆺𝅥𝅯ıȷαεζηκ" +
+	"λμνξοστυψ∇∂ϝабгежзиклмпруфхцчшыэюꚉәіјөүӏґѕџҫꙑұٮڡٯ0,1,2,3,4,5,6,7,8,9,(a" +
+	")(b)(c)(d)(e)(f)(g)(h)(i)(j)(k)(l)(m)(n)(o)(p)(q)(r)(s)(t)(u)(v)(w)(x)(y" +
+	")(z)〔s〕wzhvsdppvwcmcmdmrdjほかココサ手字双デ二多解天交映無料前後再新初終生販声吹演投捕一三遊左中右指走打禁空合満有月申" +
+	"割営配〔本〕〔三〕〔二〕〔安〕〔点〕〔打〕〔盗〕〔勝〕〔敗〕得可丽丸乁你侮侻倂偺備僧像㒞免兔兤具㒹內冗冤仌冬况凵刃㓟刻剆剷㔕勇勉勤勺包匆北卉" +
+	"卑博即卽卿灰及叟叫叱吆咞吸呈周咢哶唐啓啣善喙喫喳嗂圖嘆圗噑噴切壮城埴堍型堲報墬売壷夆夢奢姬娛娧姘婦㛮嬈嬾寃寘寧寳寿将尢㞁屠屮峀岍嵃嵮嵫嵼巡巢" +
+	"㠯巽帨帽幩㡢㡼庰庳庶廊廾舁弢㣇形彫㣣徚忍志忹悁㤺㤜悔惇慈慌慎慺憎憲憤憯懞懲懶成戛扝抱拔捐挽拼捨掃揤搢揅掩㨮摩摾撝摷㩬敏敬旣書晉㬙暑㬈㫤冒冕最" +
+	"暜肭䏙朗望朡杞杓㭉柺枅桒梅梎栟椔㮝楂榣槪檨櫛㰘次歔㱎歲殟殺殻汎沿泍汧洖派海流浩浸涅洴港湮㴳滋滇淹潮濆瀹瀞瀛㶖灊災灷炭煅熜爨爵牐犀犕獺王㺬玥㺸" +
+	"瑇瑜瑱璅瓊㼛甤甾異瘐㿼䀈直眞真睊䀹瞋䁆䂖硎碌磌䃣祖福秫䄯穀穊穏䈂篆築䈧糒䊠糨糣紀絣䌁緇縂繅䌴䍙罺羕翺者聠聰䏕育脃䐋脾媵舄辞䑫芑芋芝劳花芳芽苦" +
+	"若茝荣莭茣莽菧著荓菊菌菜䔫蓱蓳蔖蕤䕝䕡䕫虐虜虧虩蚩蚈蜎蛢蝹蜨蝫螆蟡蠁䗹衠衣裗裞䘵裺㒻䚾䛇誠諭變豕貫賁贛起跋趼跰軔輸邔郱鄑鄛鈸鋗鋘鉼鏹鐕開䦕閷" +
+	"䧦雃嶲霣䩮䩶韠䪲頋頩飢䬳餩馧駂駾䯎鬒鱀鳽䳎䳭鵧䳸麻䵖黹黾鼅鼏鼖鼻"
+
+var mappingIndex = []uint16{ // 1729 elements
+	// Entry 0 - 3F
+	0x0000, 0x0000, 0x0001, 0x0004, 0x0005, 0x0008, 0x0009, 0x000a,
+	0x000d, 0x0010, 0x0011, 0x0012, 0x0017, 0x001c, 0x0021, 0x0024,
+	0x0027, 0x002a, 0x002b, 0x002e, 0x0031, 0x0034, 0x0035, 0x0036,
+	0x0037, 0x0038, 0x0039, 0x003c, 0x003f, 0x0042, 0x0045, 0x0048,
+	0x004b, 0x004c, 0x004d, 0x0051, 0x0054, 0x0055, 0x005a, 0x005e,
+	0x0062, 0x0066, 0x006a, 0x006e, 0x0074, 0x007a, 0x0080, 0x0086,
+	0x008c, 0x0092, 0x0098, 0x009e, 0x00a4, 0x00aa, 0x00b0, 0x00b6,
+	0x00bc, 0x00c2, 0x00c8, 0x00ce, 0x00d4, 0x00da, 0x00e0, 0x00e6,
+	// Entry 40 - 7F
+	0x00ec, 0x00f2, 0x00f8, 0x00fe, 0x0104, 0x010a, 0x0110, 0x0116,
+	0x011c, 0x0122, 0x0128, 0x012e, 0x0137, 0x013d, 0x0146, 0x014c,
+	0x0152, 0x0158, 0x015e, 0x0164, 0x016a, 0x0170, 0x0172, 0x0174,
+	0x0176, 0x0178, 0x017a, 0x017c, 0x017e, 0x0180, 0x0181, 0x0182,
+	0x0183, 0x0185, 0x0186, 0x0187, 0x0188, 0x0189, 0x018a, 0x018c,
+	0x018d, 0x018e, 0x018f, 0x0191, 0x0193, 0x0195, 0x0197, 0x0199,
+	0x019b, 0x019d, 0x019f, 0x01a0, 0x01a2, 0x01a4, 0x01a6, 0x01a8,
+	0x01aa, 0x01ac, 0x01ae, 0x01b0, 0x01b1, 0x01b3, 0x01b5, 0x01b6,
+	// Entry 80 - BF
+	0x01b8, 0x01ba, 0x01bc, 0x01be, 0x01c0, 0x01c2, 0x01c4, 0x01c6,
+	0x01c8, 0x01ca, 0x01cc, 0x01ce, 0x01d0, 0x01d2, 0x01d4, 0x01d6,
+	0x01d8, 0x01da, 0x01dc, 0x01de, 0x01e0, 0x01e2, 0x01e4, 0x01e5,
+	0x01e7, 0x01e9, 0x01eb, 0x01ed, 0x01ef, 0x01f1, 0x01f3, 0x01f5,
+	0x01f7, 0x01f9, 0x01fb, 0x01fd, 0x0202, 0x0207, 0x020c, 0x0211,
+	0x0216, 0x021b, 0x0220, 0x0225, 0x022a, 0x022f, 0x0234, 0x0239,
+	0x023e, 0x0243, 0x0248, 0x024d, 0x0252, 0x0257, 0x025c, 0x0261,
+	0x0266, 0x026b, 0x0270, 0x0275, 0x027a, 0x027e, 0x0282, 0x0287,
+	// Entry C0 - FF
+	0x0289, 0x028e, 0x0293, 0x0297, 0x029b, 0x02a0, 0x02a5, 0x02aa,
+	0x02af, 0x02b1, 0x02b6, 0x02bb, 0x02c0, 0x02c2, 0x02c7, 0x02c8,
+	0x02cd, 0x02d1, 0x02d5, 0x02da, 0x02e0, 0x02e9, 0x02ef, 0x02f8,
+	0x02fa, 0x02fc, 0x02fe, 0x0300, 0x030c, 0x030d, 0x030e, 0x030f,
+	0x0310, 0x0311, 0x0312, 0x0313, 0x0314, 0x0315, 0x0316, 0x0317,
+	0x0319, 0x031b, 0x031d, 0x031e, 0x0320, 0x0322, 0x0324, 0x0326,
+	0x0328, 0x032a, 0x032c, 0x032e, 0x0330, 0x0335, 0x033a, 0x0340,
+	0x0345, 0x034a, 0x034f, 0x0354, 0x0359, 0x035e, 0x0363, 0x0368,
+	// Entry 100 - 13F
+	0x036d, 0x0372, 0x0377, 0x037c, 0x0380, 0x0382, 0x0384, 0x0386,
+	0x038a, 0x038c, 0x038e, 0x0393, 0x0399, 0x03a2, 0x03a8, 0x03b1,
+	0x03b3, 0x03b5, 0x03b7, 0x03b9, 0x03bb, 0x03bd, 0x03bf, 0x03c1,
+	0x03c3, 0x03c5, 0x03c7, 0x03cb, 0x03cf, 0x03d3, 0x03d7, 0x03db,
+	0x03df, 0x03e3, 0x03e7, 0x03eb, 0x03ef, 0x03f3, 0x03ff, 0x0401,
+	0x0406, 0x0408, 0x040a, 0x040c, 0x040e, 0x040f, 0x0413, 0x0417,
+	0x041d, 0x0423, 0x0428, 0x042d, 0x0432, 0x0437, 0x043c, 0x0441,
+	0x0446, 0x044b, 0x0450, 0x0455, 0x045a, 0x045f, 0x0464, 0x0469,
+	// Entry 140 - 17F
+	0x046e, 0x0473, 0x0478, 0x047d, 0x0482, 0x0487, 0x048c, 0x0491,
+	0x0496, 0x049b, 0x04a0, 0x04a5, 0x04aa, 0x04af, 0x04b4, 0x04bc,
+	0x04c4, 0x04c9, 0x04ce, 0x04d3, 0x04d8, 0x04dd, 0x04e2, 0x04e7,
+	0x04ec, 0x04f1, 0x04f6, 0x04fb, 0x0500, 0x0505, 0x050a, 0x050f,
+	0x0514, 0x0519, 0x051e, 0x0523, 0x0528, 0x052d, 0x0532, 0x0537,
+	0x053c, 0x0541, 0x0546, 0x054b, 0x0550, 0x0555, 0x055a, 0x055f,
+	0x0564, 0x0569, 0x056e, 0x0573, 0x0578, 0x057a, 0x057c, 0x057e,
+	0x0580, 0x0582, 0x0584, 0x0586, 0x0588, 0x058a, 0x058c, 0x058e,
+	// Entry 180 - 1BF
+	0x0590, 0x0592, 0x0594, 0x0596, 0x059c, 0x05a2, 0x05a4, 0x05a6,
+	0x05a8, 0x05aa, 0x05ac, 0x05ae, 0x05b0, 0x05b2, 0x05b4, 0x05b6,
+	0x05b8, 0x05ba, 0x05bc, 0x05be, 0x05c0, 0x05c4, 0x05c8, 0x05cc,
+	0x05d0, 0x05d4, 0x05d8, 0x05dc, 0x05e0, 0x05e4, 0x05e9, 0x05ee,
+	0x05f3, 0x05f5, 0x05f7, 0x05fd, 0x0609, 0x0615, 0x0621, 0x062a,
+	0x0636, 0x063f, 0x0648, 0x0657, 0x0663, 0x066c, 0x0675, 0x067e,
+	0x068a, 0x0696, 0x069f, 0x06a8, 0x06ae, 0x06b7, 0x06c3, 0x06cf,
+	0x06d5, 0x06e4, 0x06f6, 0x0705, 0x070e, 0x071d, 0x072c, 0x0738,
+	// Entry 1C0 - 1FF
+	0x0741, 0x074a, 0x0753, 0x075f, 0x076e, 0x077a, 0x0783, 0x078c,
+	0x0795, 0x079b, 0x07a1, 0x07a7, 0x07ad, 0x07b6, 0x07bf, 0x07ce,
+	0x07d7, 0x07e3, 0x07f2, 0x07fb, 0x0801, 0x0807, 0x0816, 0x0822,
+	0x0831, 0x083a, 0x0849, 0x084f, 0x0858, 0x0861, 0x086a, 0x0873,
+	0x087c, 0x0888, 0x0891, 0x0897, 0x08a0, 0x08a9, 0x08b2, 0x08be,
+	0x08c7, 0x08d0, 0x08d9, 0x08e8, 0x08f4, 0x08fa, 0x0909, 0x090f,
+	0x091b, 0x0927, 0x0930, 0x0939, 0x0942, 0x094e, 0x0954, 0x095d,
+	0x0969, 0x096f, 0x097e, 0x0987, 0x098b, 0x098f, 0x0993, 0x0997,
+	// Entry 200 - 23F
+	0x099b, 0x099f, 0x09a3, 0x09a7, 0x09ab, 0x09af, 0x09b4, 0x09b9,
+	0x09be, 0x09c3, 0x09c8, 0x09cd, 0x09d2, 0x09d7, 0x09dc, 0x09e1,
+	0x09e6, 0x09eb, 0x09f0, 0x09f5, 0x09fa, 0x09fc, 0x09fe, 0x0a00,
+	0x0a02, 0x0a04, 0x0a06, 0x0a0c, 0x0a12, 0x0a18, 0x0a1e, 0x0a2a,
+	0x0a2c, 0x0a2e, 0x0a30, 0x0a32, 0x0a34, 0x0a36, 0x0a38, 0x0a3c,
+	0x0a3e, 0x0a40, 0x0a42, 0x0a44, 0x0a46, 0x0a48, 0x0a4a, 0x0a4c,
+	0x0a4e, 0x0a50, 0x0a52, 0x0a54, 0x0a56, 0x0a58, 0x0a5a, 0x0a5f,
+	0x0a65, 0x0a6c, 0x0a74, 0x0a76, 0x0a78, 0x0a7a, 0x0a7c, 0x0a7e,
+	// Entry 240 - 27F
+	0x0a80, 0x0a82, 0x0a84, 0x0a86, 0x0a88, 0x0a8a, 0x0a8c, 0x0a8e,
+	0x0a90, 0x0a96, 0x0a98, 0x0a9a, 0x0a9c, 0x0a9e, 0x0aa0, 0x0aa2,
+	0x0aa4, 0x0aa6, 0x0aa8, 0x0aaa, 0x0aac, 0x0aae, 0x0ab0, 0x0ab2,
+	0x0ab4, 0x0ab9, 0x0abe, 0x0ac2, 0x0ac6, 0x0aca, 0x0ace, 0x0ad2,
+	0x0ad6, 0x0ada, 0x0ade, 0x0ae2, 0x0ae7, 0x0aec, 0x0af1, 0x0af6,
+	0x0afb, 0x0b00, 0x0b05, 0x0b0a, 0x0b0f, 0x0b14, 0x0b19, 0x0b1e,
+	0x0b23, 0x0b28, 0x0b2d, 0x0b32, 0x0b37, 0x0b3c, 0x0b41, 0x0b46,
+	0x0b4b, 0x0b50, 0x0b52, 0x0b54, 0x0b56, 0x0b58, 0x0b5a, 0x0b5c,
+	// Entry 280 - 2BF
+	0x0b5e, 0x0b62, 0x0b66, 0x0b6a, 0x0b6e, 0x0b72, 0x0b76, 0x0b7a,
+	0x0b7c, 0x0b7e, 0x0b80, 0x0b82, 0x0b86, 0x0b8a, 0x0b8e, 0x0b92,
+	0x0b96, 0x0b9a, 0x0b9e, 0x0ba0, 0x0ba2, 0x0ba4, 0x0ba6, 0x0ba8,
+	0x0baa, 0x0bac, 0x0bb0, 0x0bb4, 0x0bba, 0x0bc0, 0x0bc4, 0x0bc8,
+	0x0bcc, 0x0bd0, 0x0bd4, 0x0bd8, 0x0bdc, 0x0be0, 0x0be4, 0x0be8,
+	0x0bec, 0x0bf0, 0x0bf4, 0x0bf8, 0x0bfc, 0x0c00, 0x0c04, 0x0c08,
+	0x0c0c, 0x0c10, 0x0c14, 0x0c18, 0x0c1c, 0x0c20, 0x0c24, 0x0c28,
+	0x0c2c, 0x0c30, 0x0c34, 0x0c36, 0x0c38, 0x0c3a, 0x0c3c, 0x0c3e,
+	// Entry 2C0 - 2FF
+	0x0c40, 0x0c42, 0x0c44, 0x0c46, 0x0c48, 0x0c4a, 0x0c4c, 0x0c4e,
+	0x0c50, 0x0c52, 0x0c54, 0x0c56, 0x0c58, 0x0c5a, 0x0c5c, 0x0c5e,
+	0x0c60, 0x0c62, 0x0c64, 0x0c66, 0x0c68, 0x0c6a, 0x0c6c, 0x0c6e,
+	0x0c70, 0x0c72, 0x0c74, 0x0c76, 0x0c78, 0x0c7a, 0x0c7c, 0x0c7e,
+	0x0c80, 0x0c82, 0x0c86, 0x0c8a, 0x0c8e, 0x0c92, 0x0c96, 0x0c9a,
+	0x0c9e, 0x0ca2, 0x0ca4, 0x0ca8, 0x0cac, 0x0cb0, 0x0cb4, 0x0cb8,
+	0x0cbc, 0x0cc0, 0x0cc4, 0x0cc8, 0x0ccc, 0x0cd0, 0x0cd4, 0x0cd8,
+	0x0cdc, 0x0ce0, 0x0ce4, 0x0ce8, 0x0cec, 0x0cf0, 0x0cf4, 0x0cf8,
+	// Entry 300 - 33F
+	0x0cfc, 0x0d00, 0x0d04, 0x0d08, 0x0d0c, 0x0d10, 0x0d14, 0x0d18,
+	0x0d1c, 0x0d20, 0x0d24, 0x0d28, 0x0d2c, 0x0d30, 0x0d34, 0x0d38,
+	0x0d3c, 0x0d40, 0x0d44, 0x0d48, 0x0d4c, 0x0d50, 0x0d54, 0x0d58,
+	0x0d5c, 0x0d60, 0x0d64, 0x0d68, 0x0d6c, 0x0d70, 0x0d74, 0x0d78,
+	0x0d7c, 0x0d80, 0x0d84, 0x0d88, 0x0d8c, 0x0d90, 0x0d94, 0x0d98,
+	0x0d9c, 0x0da0, 0x0da4, 0x0da8, 0x0dac, 0x0db0, 0x0db4, 0x0db8,
+	0x0dbc, 0x0dc0, 0x0dc4, 0x0dc8, 0x0dcc, 0x0dd0, 0x0dd4, 0x0dd8,
+	0x0ddc, 0x0de0, 0x0de4, 0x0de8, 0x0dec, 0x0df0, 0x0df4, 0x0df8,
+	// Entry 340 - 37F
+	0x0dfc, 0x0e00, 0x0e04, 0x0e08, 0x0e0c, 0x0e10, 0x0e14, 0x0e18,
+	0x0e1d, 0x0e22, 0x0e27, 0x0e2c, 0x0e31, 0x0e36, 0x0e3a, 0x0e3e,
+	0x0e42, 0x0e46, 0x0e4a, 0x0e4e, 0x0e52, 0x0e56, 0x0e5a, 0x0e5e,
+	0x0e62, 0x0e66, 0x0e6a, 0x0e6e, 0x0e72, 0x0e76, 0x0e7a, 0x0e7e,
+	0x0e82, 0x0e86, 0x0e8a, 0x0e8e, 0x0e92, 0x0e96, 0x0e9a, 0x0e9e,
+	0x0ea2, 0x0ea6, 0x0eaa, 0x0eae, 0x0eb2, 0x0eb6, 0x0ebc, 0x0ec2,
+	0x0ec8, 0x0ecc, 0x0ed0, 0x0ed4, 0x0ed8, 0x0edc, 0x0ee0, 0x0ee4,
+	0x0ee8, 0x0eec, 0x0ef0, 0x0ef4, 0x0ef8, 0x0efc, 0x0f00, 0x0f04,
+	// Entry 380 - 3BF
+	0x0f08, 0x0f0c, 0x0f10, 0x0f14, 0x0f18, 0x0f1c, 0x0f20, 0x0f24,
+	0x0f28, 0x0f2c, 0x0f30, 0x0f34, 0x0f38, 0x0f3e, 0x0f44, 0x0f4a,
+	0x0f50, 0x0f56, 0x0f5c, 0x0f62, 0x0f68, 0x0f6e, 0x0f74, 0x0f7a,
+	0x0f80, 0x0f86, 0x0f8c, 0x0f92, 0x0f98, 0x0f9e, 0x0fa4, 0x0faa,
+	0x0fb0, 0x0fb6, 0x0fbc, 0x0fc2, 0x0fc8, 0x0fce, 0x0fd4, 0x0fda,
+	0x0fe0, 0x0fe6, 0x0fec, 0x0ff2, 0x0ff8, 0x0ffe, 0x1004, 0x100a,
+	0x1010, 0x1016, 0x101c, 0x1022, 0x1028, 0x102e, 0x1034, 0x103a,
+	0x1040, 0x1046, 0x104c, 0x1052, 0x1058, 0x105e, 0x1064, 0x106a,
+	// Entry 3C0 - 3FF
+	0x1070, 0x1076, 0x107c, 0x1082, 0x1088, 0x108e, 0x1094, 0x109a,
+	0x10a0, 0x10a6, 0x10ac, 0x10b2, 0x10b8, 0x10be, 0x10c4, 0x10ca,
+	0x10d0, 0x10d6, 0x10dc, 0x10e2, 0x10e8, 0x10ee, 0x10f4, 0x10fa,
+	0x1100, 0x1106, 0x110c, 0x1112, 0x1118, 0x111e, 0x1124, 0x112a,
+	0x1130, 0x1136, 0x113c, 0x1142, 0x1148, 0x114e, 0x1154, 0x115a,
+	0x1160, 0x1166, 0x116c, 0x1172, 0x1178, 0x1180, 0x1188, 0x1190,
+	0x1198, 0x11a0, 0x11a8, 0x11b0, 0x11b6, 0x11d7, 0x11e6, 0x11ee,
+	0x11ef, 0x11f0, 0x11f1, 0x11f2, 0x11f3, 0x11f4, 0x11f5, 0x11f6,
+	// Entry 400 - 43F
+	0x11f7, 0x11f8, 0x11f9, 0x11fa, 0x11fb, 0x11fc, 0x11fd, 0x11fe,
+	0x11ff, 0x1200, 0x1201, 0x1205, 0x1209, 0x120d, 0x1211, 0x1215,
+	0x1219, 0x121b, 0x121d, 0x121f, 0x1221, 0x1223, 0x1225, 0x1227,
+	0x1229, 0x122b, 0x122d, 0x122f, 0x1231, 0x1233, 0x1235, 0x1237,
+	0x1239, 0x123b, 0x123d, 0x123f, 0x1241, 0x1243, 0x1245, 0x1247,
+	0x1249, 0x124b, 0x124d, 0x124f, 0x1251, 0x1253, 0x1255, 0x1257,
+	0x1259, 0x125b, 0x125d, 0x125f, 0x1263, 0x1267, 0x126b, 0x126f,
+	0x1270, 0x1271, 0x1272, 0x1273, 0x1274, 0x1275, 0x1277, 0x1279,
+	// Entry 440 - 47F
+	0x127b, 0x127d, 0x127f, 0x1281, 0x1283, 0x1285, 0x1287, 0x1289,
+	0x128c, 0x128e, 0x1290, 0x1292, 0x1294, 0x1297, 0x1299, 0x129b,
+	0x129d, 0x129f, 0x12a1, 0x12a3, 0x12a5, 0x12a7, 0x12a9, 0x12ab,
+	0x12ad, 0x12af, 0x12b2, 0x12b4, 0x12b6, 0x12b8, 0x12ba, 0x12bc,
+	0x12be, 0x12c0, 0x12c2, 0x12c4, 0x12c6, 0x12c9, 0x12cb, 0x12cd,
+	0x12d0, 0x12d2, 0x12d4, 0x12d6, 0x12d8, 0x12da, 0x12dc, 0x12de,
+	0x12e6, 0x12ee, 0x12fa, 0x1306, 0x1312, 0x131e, 0x132a, 0x1332,
+	0x133a, 0x1346, 0x1352, 0x135e, 0x136a, 0x136c, 0x136e, 0x1370,
+	// Entry 480 - 4BF
+	0x1372, 0x1374, 0x1376, 0x1378, 0x137a, 0x137c, 0x137e, 0x1380,
+	0x1382, 0x1384, 0x1386, 0x1388, 0x138a, 0x138d, 0x1390, 0x1392,
+	0x1394, 0x1396, 0x1398, 0x139a, 0x139c, 0x139e, 0x13a0, 0x13a2,
+	0x13a4, 0x13a6, 0x13a8, 0x13aa, 0x13ac, 0x13ae, 0x13b0, 0x13b2,
+	0x13b4, 0x13b6, 0x13b8, 0x13ba, 0x13bc, 0x13bf, 0x13c1, 0x13c3,
+	0x13c5, 0x13c7, 0x13c9, 0x13cb, 0x13cd, 0x13cf, 0x13d1, 0x13d3,
+	0x13d6, 0x13d8, 0x13da, 0x13dc, 0x13de, 0x13e0, 0x13e2, 0x13e4,
+	0x13e6, 0x13e8, 0x13ea, 0x13ec, 0x13ee, 0x13f0, 0x13f2, 0x13f5,
+	// Entry 4C0 - 4FF
+	0x13f8, 0x13fb, 0x13fe, 0x1401, 0x1404, 0x1407, 0x140a, 0x140d,
+	0x1410, 0x1413, 0x1416, 0x1419, 0x141c, 0x141f, 0x1422, 0x1425,
+	0x1428, 0x142b, 0x142e, 0x1431, 0x1434, 0x1437, 0x143a, 0x143d,
+	0x1440, 0x1447, 0x1449, 0x144b, 0x144d, 0x1450, 0x1452, 0x1454,
+	0x1456, 0x1458, 0x145a, 0x1460, 0x1466, 0x1469, 0x146c, 0x146f,
+	0x1472, 0x1475, 0x1478, 0x147b, 0x147e, 0x1481, 0x1484, 0x1487,
+	0x148a, 0x148d, 0x1490, 0x1493, 0x1496, 0x1499, 0x149c, 0x149f,
+	0x14a2, 0x14a5, 0x14a8, 0x14ab, 0x14ae, 0x14b1, 0x14b4, 0x14b7,
+	// Entry 500 - 53F
+	0x14ba, 0x14bd, 0x14c0, 0x14c3, 0x14c6, 0x14c9, 0x14cc, 0x14cf,
+	0x14d2, 0x14d5, 0x14d8, 0x14db, 0x14de, 0x14e1, 0x14e4, 0x14e7,
+	0x14ea, 0x14ed, 0x14f6, 0x14ff, 0x1508, 0x1511, 0x151a, 0x1523,
+	0x152c, 0x1535, 0x153e, 0x1541, 0x1544, 0x1547, 0x154a, 0x154d,
+	0x1550, 0x1553, 0x1556, 0x1559, 0x155c, 0x155f, 0x1562, 0x1565,
+	0x1568, 0x156b, 0x156e, 0x1571, 0x1574, 0x1577, 0x157a, 0x157d,
+	0x1580, 0x1583, 0x1586, 0x1589, 0x158c, 0x158f, 0x1592, 0x1595,
+	0x1598, 0x159b, 0x159e, 0x15a1, 0x15a4, 0x15a7, 0x15aa, 0x15ad,
+	// Entry 540 - 57F
+	0x15b0, 0x15b3, 0x15b6, 0x15b9, 0x15bc, 0x15bf, 0x15c2, 0x15c5,
+	0x15c8, 0x15cb, 0x15ce, 0x15d1, 0x15d4, 0x15d7, 0x15da, 0x15dd,
+	0x15e0, 0x15e3, 0x15e6, 0x15e9, 0x15ec, 0x15ef, 0x15f2, 0x15f5,
+	0x15f8, 0x15fb, 0x15fe, 0x1601, 0x1604, 0x1607, 0x160a, 0x160d,
+	0x1610, 0x1613, 0x1616, 0x1619, 0x161c, 0x161f, 0x1622, 0x1625,
+	0x1628, 0x162b, 0x162e, 0x1631, 0x1634, 0x1637, 0x163a, 0x163d,
+	0x1640, 0x1643, 0x1646, 0x1649, 0x164c, 0x164f, 0x1652, 0x1655,
+	0x1658, 0x165b, 0x165e, 0x1661, 0x1664, 0x1667, 0x166a, 0x166d,
+	// Entry 580 - 5BF
+	0x1670, 0x1673, 0x1676, 0x1679, 0x167c, 0x167f, 0x1682, 0x1685,
+	0x1688, 0x168b, 0x168e, 0x1691, 0x1694, 0x1697, 0x169a, 0x169d,
+	0x16a0, 0x16a3, 0x16a6, 0x16a9, 0x16ac, 0x16af, 0x16b2, 0x16b5,
+	0x16b8, 0x16bb, 0x16be, 0x16c1, 0x16c4, 0x16c7, 0x16ca, 0x16cd,
+	0x16d0, 0x16d3, 0x16d6, 0x16d9, 0x16dc, 0x16df, 0x16e2, 0x16e5,
+	0x16e8, 0x16eb, 0x16ee, 0x16f1, 0x16f4, 0x16f7, 0x16fa, 0x16fd,
+	0x1700, 0x1703, 0x1706, 0x1709, 0x170c, 0x170f, 0x1712, 0x1715,
+	0x1718, 0x171b, 0x171e, 0x1721, 0x1724, 0x1727, 0x172a, 0x172d,
+	// Entry 5C0 - 5FF
+	0x1730, 0x1733, 0x1736, 0x1739, 0x173c, 0x173f, 0x1742, 0x1745,
+	0x1748, 0x174b, 0x174e, 0x1751, 0x1754, 0x1757, 0x175a, 0x175d,
+	0x1760, 0x1763, 0x1766, 0x1769, 0x176c, 0x176f, 0x1772, 0x1775,
+	0x1778, 0x177b, 0x177e, 0x1781, 0x1784, 0x1787, 0x178a, 0x178d,
+	0x1790, 0x1793, 0x1796, 0x1799, 0x179c, 0x179f, 0x17a2, 0x17a5,
+	0x17a8, 0x17ab, 0x17ae, 0x17b1, 0x17b4, 0x17b7, 0x17ba, 0x17bd,
+	0x17c0, 0x17c3, 0x17c6, 0x17c9, 0x17cc, 0x17cf, 0x17d2, 0x17d5,
+	0x17d8, 0x17db, 0x17de, 0x17e1, 0x17e4, 0x17e7, 0x17ea, 0x17ed,
+	// Entry 600 - 63F
+	0x17f0, 0x17f3, 0x17f6, 0x17f9, 0x17fc, 0x17ff, 0x1802, 0x1805,
+	0x1808, 0x180b, 0x180e, 0x1811, 0x1814, 0x1817, 0x181a, 0x181d,
+	0x1820, 0x1823, 0x1826, 0x1829, 0x182c, 0x182f, 0x1832, 0x1835,
+	0x1838, 0x183b, 0x183e, 0x1841, 0x1844, 0x1847, 0x184a, 0x184d,
+	0x1850, 0x1853, 0x1856, 0x1859, 0x185c, 0x185f, 0x1862, 0x1865,
+	0x1868, 0x186b, 0x186e, 0x1871, 0x1874, 0x1877, 0x187a, 0x187d,
+	0x1880, 0x1883, 0x1886, 0x1889, 0x188c, 0x188f, 0x1892, 0x1895,
+	0x1898, 0x189b, 0x189e, 0x18a1, 0x18a4, 0x18a7, 0x18aa, 0x18ad,
+	// Entry 640 - 67F
+	0x18b0, 0x18b3, 0x18b6, 0x18b9, 0x18bc, 0x18bf, 0x18c2, 0x18c5,
+	0x18c8, 0x18cb, 0x18ce, 0x18d1, 0x18d4, 0x18d7, 0x18da, 0x18dd,
+	0x18e0, 0x18e3, 0x18e6, 0x18e9, 0x18ec, 0x18ef, 0x18f2, 0x18f5,
+	0x18f8, 0x18fb, 0x18fe, 0x1901, 0x1904, 0x1907, 0x190a, 0x190d,
+	0x1910, 0x1913, 0x1916, 0x1919, 0x191c, 0x191f, 0x1922, 0x1925,
+	0x1928, 0x192b, 0x192e, 0x1931, 0x1934, 0x1937, 0x193a, 0x193d,
+	0x1940, 0x1943, 0x1946, 0x1949, 0x194c, 0x194f, 0x1952, 0x1955,
+	0x1958, 0x195b, 0x195e, 0x1961, 0x1964, 0x1967, 0x196a, 0x196d,
+	// Entry 680 - 6BF
+	0x1970, 0x1973, 0x1976, 0x1979, 0x197c, 0x197f, 0x1982, 0x1985,
+	0x1988, 0x198b, 0x198e, 0x1991, 0x1994, 0x1997, 0x199a, 0x199d,
+	0x19a0, 0x19a3, 0x19a6, 0x19a9, 0x19ac, 0x19af, 0x19b2, 0x19b5,
+	0x19b8, 0x19bb, 0x19be, 0x19c1, 0x19c4, 0x19c7, 0x19ca, 0x19cd,
+	0x19d0, 0x19d3, 0x19d6, 0x19d9, 0x19dc, 0x19df, 0x19e2, 0x19e5,
+	0x19e8, 0x19eb, 0x19ee, 0x19f1, 0x19f4, 0x19f7, 0x19fa, 0x19fd,
+	0x1a00, 0x1a03, 0x1a06, 0x1a09, 0x1a0c, 0x1a0f, 0x1a12, 0x1a15,
+	0x1a18, 0x1a1b, 0x1a1e, 0x1a21, 0x1a24, 0x1a27, 0x1a2a, 0x1a2d,
+	// Entry 6C0 - 6FF
+	0x1a30,
+} // Size: 3482 bytes
+
+var xorData string = "" + // Size: 4907 bytes
+	"\x02\x0c\x09\x02\xb0\xec\x02\xad\xd8\x02\xad\xd9\x02\x06\x07\x02\x0f\x12" +
+	"\x02\x0f\x1f\x02\x0f\x1d\x02\x01\x13\x02\x0f\x16\x02\x0f\x0b\x02\x0f3" +
+	"\x02\x0f7\x02\x0f?\x02\x0f/\x02\x0f*\x02\x0c&\x02\x0c*\x02\x0c;\x02\x0c9" +
+	"\x02\x0c%\x02\xab\xed\x02\xab\xe2\x02\xab\xe3\x02\xa9\xe0\x02\xa9\xe1" +
+	"\x02\xa9\xe6\x02\xa3\xcb\x02\xa3\xc8\x02\xa3\xc9\x02\x01#\x02\x01\x08" +
+	"\x02\x0e>\x02\x0e'\x02\x0f\x03\x02\x03\x0d\x02\x03\x09\x02\x03\x17\x02" +
+	"\x03\x0e\x02\x02\x03\x02\x011\x02\x01\x00\x02\x01\x10\x02\x03<\x02\x07" +
+	"\x0d\x02\x02\x0c\x02\x0c0\x02\x01\x03\x02\x01\x01\x02\x01 \x02\x01\x22" +
+	"\x02\x01)\x02\x01\x0a\x02\x01\x0c\x02\x02\x06\x02\x02\x02\x02\x03\x10" +
+	"\x03\x037 \x03\x0b+\x03\x021\x00\x02\x01\x04\x02\x01\x02\x02\x019\x02" +
+	"\x03\x1c\x02\x02$\x03\x80p$\x02\x03:\x02\x03\x0a\x03\xc1r.\x03\xc1r,\x03" +
+	"\xc1r\x02\x02\x02:\x02\x02>\x02\x02,\x02\x02\x10\x02\x02\x00\x03\xc1s<" +
+	"\x03\xc1s*\x03\xc2L$\x03\xc2L;\x02\x09)\x02\x0a\x19\x03\x83\xab\xe3\x03" +
+	"\x83\xab\xf2\x03 4\xe0\x03\x81\xab\xea\x03\x81\xab\xf3\x03 4\xef\x03\x96" +
+	"\xe1\xcd\x03\x84\xe5\xc3\x02\x0d\x11\x03\x8b\xec\xcb\x03\x94\xec\xcf\x03" +
+	"\x9a\xec\xc2\x03\x8b\xec\xdb\x03\x94\xec\xdf\x03\x9a\xec\xd2\x03\x01\x0c" +
+	"!\x03\x01\x0c#\x03ʠ\x9d\x03ʣ\x9c\x03ʢ\x9f\x03ʥ\x9e\x03ʤ\x91\x03ʧ\x90\x03" +
+	"ʦ\x93\x03ʩ\x92\x03ʨ\x95\x03\xca\xf3\xb5\x03\xca\xf0\xb4\x03\xca\xf1\xb7" +
+	"\x03\xca\xf6\xb6\x03\xca\xf7\x89\x03\xca\xf4\x88\x03\xca\xf5\x8b\x03\xca" +
+	"\xfa\x8a\x03\xca\xfb\x8d\x03\xca\xf8\x8c\x03\xca\xf9\x8f\x03\xca\xfe\x8e" +
+	"\x03\xca\xff\x81\x03\xca\xfc\x80\x03\xca\xfd\x83\x03\xca\xe2\x82\x03\xca" +
+	"\xe3\x85\x03\xca\xe0\x84\x03\xca\xe1\x87\x03\xca\xe6\x86\x03\xca\xe7\x99" +
+	"\x03\xca\xe4\x98\x03\xca\xe5\x9b\x03\xca\xea\x9a\x03\xca\xeb\x9d\x03\xca" +
+	"\xe8\x9c\x03ؓ\x89\x03ߔ\x8b\x02\x010\x03\x03\x04\x1e\x03\x04\x15\x12\x03" +
+	"\x0b\x05,\x03\x06\x04\x00\x03\x06\x04)\x03\x06\x044\x03\x06\x04<\x03\x06" +
+	"\x05\x1d\x03\x06\x06\x00\x03\x06\x06\x0a\x03\x06\x06'\x03\x06\x062\x03" +
+	"\x0786\x03\x079/\x03\x079 \x03\x07:\x0e\x03\x07:\x1b\x03\x07:%\x03\x07;/" +
+	"\x03\x07;%\x03\x074\x11\x03\x076\x09\x03\x077*\x03\x070\x01\x03\x070\x0f" +
+	"\x03\x070.\x03\x071\x16\x03\x071\x04\x03\x0710\x03\x072\x18\x03\x072-" +
+	"\x03\x073\x14\x03\x073>\x03\x07'\x09\x03\x07 \x00\x03\x07\x1f\x0b\x03" +
+	"\x07\x18#\x03\x07\x18(\x03\x07\x186\x03\x07\x18\x03\x03\x07\x19\x16\x03" +
+	"\x07\x116\x03\x07\x12'\x03\x07\x13\x10\x03\x07\x0c&\x03\x07\x0c\x08\x03" +
+	"\x07\x0c\x13\x03\x07\x0d\x02\x03\x07\x0d\x1c\x03\x07\x0b5\x03\x07\x0b" +
+	"\x0a\x03\x07\x0b\x01\x03\x07\x0b\x0f\x03\x07\x05\x00\x03\x07\x05\x09\x03" +
+	"\x07\x05\x0b\x03\x07\x07\x01\x03\x07\x07\x08\x03\x07\x00<\x03\x07\x00+" +
+	"\x03\x07\x01)\x03\x07\x01\x1b\x03\x07\x01\x08\x03\x07\x03?\x03\x0445\x03" +
+	"\x044\x08\x03\x0454\x03\x04)/\x03\x04)5\x03\x04+\x05\x03\x04+\x14\x03" +
+	"\x04+ \x03\x04+<\x03\x04*&\x03\x04*\x22\x03\x04&8\x03\x04!\x01\x03\x04!" +
+	"\x22\x03\x04\x11+\x03\x04\x10.\x03\x04\x104\x03\x04\x13=\x03\x04\x12\x04" +
+	"\x03\x04\x12\x0a\x03\x04\x0d\x1d\x03\x04\x0d\x07\x03\x04\x0d \x03\x05<>" +
+	"\x03\x055<\x03\x055!\x03\x055#\x03\x055&\x03\x054\x1d\x03\x054\x02\x03" +
+	"\x054\x07\x03\x0571\x03\x053\x1a\x03\x053\x16\x03\x05.<\x03\x05.\x07\x03" +
+	"\x05):\x03\x05)<\x03\x05)\x0c\x03\x05)\x15\x03\x05+-\x03\x05+5\x03\x05$" +
+	"\x1e\x03\x05$\x14\x03\x05'\x04\x03\x05'\x14\x03\x05&\x02\x03\x05\x226" +
+	"\x03\x05\x22\x0c\x03\x05\x22\x1c\x03\x05\x19\x0a\x03\x05\x1b\x09\x03\x05" +
+	"\x1b\x0c\x03\x05\x14\x07\x03\x05\x16?\x03\x05\x16\x0c\x03\x05\x0c\x05" +
+	"\x03\x05\x0e\x0f\x03\x05\x01\x0e\x03\x05\x00(\x03\x05\x030\x03\x05\x03" +
+	"\x06\x03\x0a==\x03\x0a=1\x03\x0a=,\x03\x0a=\x0c\x03\x0a??\x03\x0a<\x08" +
+	"\x03\x0a9!\x03\x0a9)\x03\x0a97\x03\x0a99\x03\x0a6\x0a\x03\x0a6\x1c\x03" +
+	"\x0a6\x17\x03\x0a7'\x03\x0a78\x03\x0a73\x03\x0a'\x01\x03\x0a'&\x03\x0a" +
+	"\x1f\x0e\x03\x0a\x1f\x03\x03\x0a\x1f3\x03\x0a\x1b/\x03\x0a\x18\x19\x03" +
+	"\x0a\x19\x01\x03\x0a\x16\x14\x03\x0a\x0e\x22\x03\x0a\x0f\x10\x03\x0a\x0f" +
+	"\x02\x03\x0a\x0f \x03\x0a\x0c\x04\x03\x0a\x0b>\x03\x0a\x0b+\x03\x0a\x08/" +
+	"\x03\x0a\x046\x03\x0a\x05\x14\x03\x0a\x00\x04\x03\x0a\x00\x10\x03\x0a" +
+	"\x00\x14\x03\x0b<3\x03\x0b;*\x03\x0b9\x22\x03\x0b9)\x03\x0b97\x03\x0b+" +
+	"\x10\x03\x0b((\x03\x0b&5\x03\x0b$\x1c\x03\x0b$\x12\x03\x0b%\x04\x03\x0b#" +
+	"<\x03\x0b#0\x03\x0b#\x0d\x03\x0b#\x19\x03\x0b!:\x03\x0b!\x1f\x03\x0b!" +
+	"\x00\x03\x0b\x1e5\x03\x0b\x1c\x1d\x03\x0b\x1d-\x03\x0b\x1d(\x03\x0b\x18." +
+	"\x03\x0b\x18 \x03\x0b\x18\x16\x03\x0b\x14\x13\x03\x0b\x15$\x03\x0b\x15" +
+	"\x22\x03\x0b\x12\x1b\x03\x0b\x12\x10\x03\x0b\x132\x03\x0b\x13=\x03\x0b" +
+	"\x12\x18\x03\x0b\x0c&\x03\x0b\x061\x03\x0b\x06:\x03\x0b\x05#\x03\x0b\x05" +
+	"<\x03\x0b\x04\x0b\x03\x0b\x04\x04\x03\x0b\x04\x1b\x03\x0b\x042\x03\x0b" +
+	"\x041\x03\x0b\x03\x03\x03\x0b\x03\x1d\x03\x0b\x03/\x03\x0b\x03+\x03\x0b" +
+	"\x02\x1b\x03\x0b\x02\x00\x03\x0b\x01\x1e\x03\x0b\x01\x08\x03\x0b\x015" +
+	"\x03\x06\x0d9\x03\x06\x0d=\x03\x06\x0d?\x03\x02\x001\x03\x02\x003\x03" +
+	"\x02\x02\x19\x03\x02\x006\x03\x02\x02\x1b\x03\x02\x004\x03\x02\x00<\x03" +
+	"\x02\x02\x0a\x03\x02\x02\x0e\x03\x02\x01\x1a\x03\x02\x01\x07\x03\x02\x01" +
+	"\x05\x03\x02\x01\x0b\x03\x02\x01%\x03\x02\x01\x0c\x03\x02\x01\x04\x03" +
+	"\x02\x01\x1c\x03\x02\x00.\x03\x02\x002\x03\x02\x00>\x03\x02\x00\x12\x03" +
+	"\x02\x00\x16\x03\x02\x011\x03\x02\x013\x03\x02\x02 \x03\x02\x02%\x03\x02" +
+	"\x02$\x03\x02\x028\x03\x02\x02;\x03\x02\x024\x03\x02\x012\x03\x02\x022" +
+	"\x03\x02\x02/\x03\x02\x01,\x03\x02\x01\x13\x03\x02\x01\x16\x03\x02\x01" +
+	"\x11\x03\x02\x01\x1e\x03\x02\x01\x15\x03\x02\x01\x17\x03\x02\x01\x0f\x03" +
+	"\x02\x01\x08\x03\x02\x00?\x03\x02\x03\x07\x03\x02\x03\x0d\x03\x02\x03" +
+	"\x13\x03\x02\x03\x1d\x03\x02\x03\x1f\x03\x02\x00\x03\x03\x02\x00\x0d\x03" +
+	"\x02\x00\x01\x03\x02\x00\x1b\x03\x02\x00\x19\x03\x02\x00\x18\x03\x02\x00" +
+	"\x13\x03\x02\x00/\x03\x07>\x12\x03\x07<\x1f\x03\x07>\x1d\x03\x06\x1d\x0e" +
+	"\x03\x07>\x1c\x03\x07>:\x03\x07>\x13\x03\x04\x12+\x03\x07?\x03\x03\x07>" +
+	"\x02\x03\x06\x224\x03\x06\x1a.\x03\x07<%\x03\x06\x1c\x0b\x03\x0609\x03" +
+	"\x05\x1f\x01\x03\x04'\x08\x03\x93\xfd\xf5\x03\x02\x0d \x03\x02\x0d#\x03" +
+	"\x02\x0d!\x03\x02\x0d&\x03\x02\x0d\x22\x03\x02\x0d/\x03\x02\x0d,\x03\x02" +
+	"\x0d$\x03\x02\x0d'\x03\x02\x0d%\x03\x02\x0d;\x03\x02\x0d=\x03\x02\x0d?" +
+	"\x03\x099.\x03\x08\x0b7\x03\x08\x02\x14\x03\x08\x14\x0d\x03\x08.:\x03" +
+	"\x089'\x03\x0f\x0b\x18\x03\x0f\x1c1\x03\x0f\x17&\x03\x0f9\x1f\x03\x0f0" +
+	"\x0c\x03\x0e\x0a9\x03\x0e\x056\x03\x0e\x1c#\x03\x0f\x13\x0e\x03\x072\x00" +
+	"\x03\x070\x0d\x03\x072\x0b\x03\x06\x11\x18\x03\x070\x10\x03\x06\x0f(\x03" +
+	"\x072\x05\x03\x06\x0f,\x03\x073\x15\x03\x06\x07\x08\x03\x05\x16\x02\x03" +
+	"\x04\x0b \x03\x05:8\x03\x05\x16%\x03\x0a\x0d\x1f\x03\x06\x16\x10\x03\x05" +
+	"\x1d5\x03\x05*;\x03\x05\x16\x1b\x03\x04.-\x03\x06\x1a\x19\x03\x04\x03," +
+	"\x03\x0b87\x03\x04/\x0a\x03\x06\x00,\x03\x04-\x01\x03\x04\x1e-\x03\x06/(" +
+	"\x03\x0a\x0b5\x03\x06\x0e7\x03\x06\x07.\x03\x0597\x03\x0a*%\x03\x0760" +
+	"\x03\x06\x0c;\x03\x05'\x00\x03\x072.\x03\x072\x08\x03\x06=\x01\x03\x06" +
+	"\x05\x1b\x03\x06\x06\x12\x03\x06$=\x03\x06'\x0d\x03\x04\x11\x0f\x03\x076" +
+	",\x03\x06\x07;\x03\x06.,\x03\x86\xf9\xea\x03\x8f\xff\xeb\x02\x092\x02" +
+	"\x095\x02\x094\x02\x09;\x02\x09>\x02\x098\x02\x09*\x02\x09/\x02\x09,\x02" +
+	"\x09%\x02\x09&\x02\x09#\x02\x09 \x02\x08!\x02\x08%\x02\x08$\x02\x08+\x02" +
+	"\x08.\x02\x08*\x02\x08&\x02\x088\x02\x08>\x02\x084\x02\x086\x02\x080\x02" +
+	"\x08\x10\x02\x08\x17\x02\x08\x12\x02\x08\x1d\x02\x08\x1f\x02\x08\x13\x02" +
+	"\x08\x15\x02\x08\x14\x02\x08\x0c\x03\x8b\xfd\xd0\x03\x81\xec\xc6\x03\x87" +
+	"\xe0\x8a\x03-2\xe3\x03\x80\xef\xe4\x03-2\xea\x03\x88\xe6\xeb\x03\x8e\xe6" +
+	"\xe8\x03\x84\xe6\xe9\x03\x97\xe6\xee\x03-2\xf9\x03-2\xf6\x03\x8e\xe3\xad" +
+	"\x03\x80\xe3\x92\x03\x88\xe3\x90\x03\x8e\xe3\x90\x03\x80\xe3\x97\x03\x88" +
+	"\xe3\x95\x03\x88\xfe\xcb\x03\x8e\xfe\xca\x03\x84\xfe\xcd\x03\x91\xef\xc9" +
+	"\x03-2\xc1\x03-2\xc0\x03-2\xcb\x03\x88@\x09\x03\x8e@\x08\x03\x8f\xe0\xf5" +
+	"\x03\x8e\xe6\xf9\x03\x8e\xe0\xfa\x03\x93\xff\xf4\x03\x84\xee\xd3\x03\x0b" +
+	"(\x04\x023 \x03\x0b)\x08\x021;\x02\x01*\x03\x0b#\x10\x03\x0b 0\x03\x0b!" +
+	"\x10\x03\x0b!0\x03\x07\x15\x08\x03\x09?5\x03\x07\x1f\x08\x03\x07\x17\x0b" +
+	"\x03\x09\x1f\x15\x03\x0b\x1c7\x03\x0a+#\x03\x06\x1a\x1b\x03\x06\x1a\x14" +
+	"\x03\x0a\x01\x18\x03\x06#\x1b\x03\x0a2\x0c\x03\x0a\x01\x04\x03\x09#;\x03" +
+	"\x08='\x03\x08\x1a\x0a\x03\x07\x03\x0a\x111\x03\x09\x1b\x09\x03\x073.\x03\x07" +
+	"\x01\x00\x03\x09/,\x03\x07#>\x03\x07\x048\x03\x0a\x1f\x22\x03\x098>\x03" +
+	"\x09\x11\x00\x03\x08/\x17\x03\x06'\x22\x03\x0b\x1a+\x03\x0a\x22\x19\x03" +
+	"\x0a/1\x03\x0974\x03\x09\x0f\x22\x03\x08,\x22\x03\x08?\x14\x03\x07$5\x03" +
+	"\x07<3\x03\x07=*\x03\x07\x13\x18\x03\x068\x0a\x03\x06\x09\x16\x03\x06" +
+	"\x13\x00\x03\x08\x067\x03\x08\x01\x03\x03\x08\x12\x1d\x03\x07+7\x03\x06(" +
+	";\x03\x06\x1c?\x03\x07\x0e\x17\x03\x0a\x06\x1d\x03\x0a\x19\x07\x03\x08" +
+	"\x14$\x03\x07$;\x03\x08,$\x03\x08\x06\x0d\x03\x07\x16\x0a\x03\x06>>\x03" +
+	"\x0a\x06\x12\x03\x0a\x14)\x03\x09\x0d\x1f\x03\x09\x12\x17\x03\x09\x19" +
+	"\x01\x03\x08\x11 \x03\x08\x1d'\x03\x06<\x1a\x03\x0a.\x00\x03\x07'\x18" +
+	"\x03\x0a\x22\x08\x03\x08\x0d\x0a\x03\x08\x13)\x03\x07*)\x03\x06<,\x03" +
+	"\x07\x0b\x1a\x03\x09.\x14\x03\x09\x0d\x1e\x03\x07\x0e#\x03\x0b\x1d'\x03" +
+	"\x0a\x0a8\x03\x09%2\x03\x08+&\x03\x080\x12\x03\x0a)4\x03\x08\x06\x1f\x03" +
+	"\x0b\x1b\x1a\x03\x0a\x1b\x0f\x03\x0b\x1d*\x03\x09\x16$\x03\x090\x11\x03" +
+	"\x08\x11\x08\x03\x0a*(\x03\x0a\x042\x03\x089,\x03\x074'\x03\x07\x0f\x05" +
+	"\x03\x09\x0b\x0a\x03\x07\x1b\x01\x03\x09\x17:\x03\x09.\x0d\x03\x07.\x11" +
+	"\x03\x09+\x15\x03\x080\x13\x03\x0b\x1f\x19\x03\x0a \x11\x03\x0a\x220\x03" +
+	"\x09\x07;\x03\x08\x16\x1c\x03\x07,\x13\x03\x07\x0e/\x03\x06\x221\x03\x0a" +
+	".\x0a\x03\x0a7\x02\x03\x0a\x032\x03\x0a\x1d.\x03\x091\x06\x03\x09\x19:" +
+	"\x03\x08\x02/\x03\x060+\x03\x06\x0f-\x03\x06\x1c\x1f\x03\x06\x1d\x07\x03" +
+	"\x0a,\x11\x03\x09=\x0d\x03\x09\x0b;\x03\x07\x1b/\x03\x0a\x1f:\x03\x09 " +
+	"\x1f\x03\x09.\x10\x03\x094\x0b\x03\x09\x1a1\x03\x08#\x1a\x03\x084\x1d" +
+	"\x03\x08\x01\x1f\x03\x08\x11\x22\x03\x07'8\x03\x07\x1a>\x03\x0757\x03" +
+	"\x06&9\x03\x06+\x11\x03\x0a.\x0b\x03\x0a,>\x03\x0a4#\x03\x08%\x17\x03" +
+	"\x07\x05\x22\x03\x07\x0c\x0b\x03\x0a\x1d+\x03\x0a\x19\x16\x03\x09+\x1f" +
+	"\x03\x09\x08\x0b\x03\x08\x16\x18\x03\x08+\x12\x03\x0b\x1d\x0c\x03\x0a=" +
+	"\x10\x03\x0a\x09\x0d\x03\x0a\x10\x11\x03\x09&0\x03\x08(\x1f\x03\x087\x07" +
+	"\x03\x08\x185\x03\x07'6\x03\x06.\x05\x03\x06=\x04\x03\x06;;\x03\x06\x06," +
+	"\x03\x0b\x18>\x03\x08\x00\x18\x03\x06 \x03\x03\x06<\x00\x03\x09%\x18\x03" +
+	"\x0b\x1c<\x03\x0a%!\x03\x0a\x09\x12\x03\x0a\x16\x02\x03\x090'\x03\x09" +
+	"\x0e=\x03\x08 \x0e\x03\x08>\x03\x03\x074>\x03\x06&?\x03\x06\x19\x09\x03" +
+	"\x06?(\x03\x0a-\x0e\x03\x09:3\x03\x098:\x03\x09\x12\x0b\x03\x09\x1d\x17" +
+	"\x03\x087\x05\x03\x082\x14\x03\x08\x06%\x03\x08\x13\x1f\x03\x06\x06\x0e" +
+	"\x03\x0a\x22<\x03\x09/<\x03\x06>+\x03\x0a'?\x03\x0a\x13\x0c\x03\x09\x10<" +
+	"\x03\x07\x1b=\x03\x0a\x19\x13\x03\x09\x22\x1d\x03\x09\x07\x0d\x03\x08)" +
+	"\x1c\x03\x06=\x1a\x03\x0a/4\x03\x0a7\x11\x03\x0a\x16:\x03\x09?3\x03\x09:" +
+	"/\x03\x09\x05\x0a\x03\x09\x14\x06\x03\x087\x22\x03\x080\x07\x03\x08\x1a" +
+	"\x1f\x03\x07\x04(\x03\x07\x04\x09\x03\x06 %\x03\x06<\x08\x03\x0a+\x14" +
+	"\x03\x09\x1d\x16\x03\x0a70\x03\x08 >\x03\x0857\x03\x070\x0a\x03\x06=\x12" +
+	"\x03\x06\x16%\x03\x06\x1d,\x03\x099#\x03\x09\x10>\x03\x07 \x1e\x03\x08" +
+	"\x0c<\x03\x08\x0b\x18\x03\x08\x15+\x03\x08,:\x03\x08%\x22\x03\x07\x0a$" +
+	"\x03\x0b\x1c=\x03\x07+\x08\x03\x0a/\x05\x03\x0a \x07\x03\x0a\x12'\x03" +
+	"\x09#\x11\x03\x08\x1b\x15\x03\x0a\x06\x01\x03\x09\x1c\x1b\x03\x0922\x03" +
+	"\x07\x14<\x03\x07\x09\x04\x03\x061\x04\x03\x07\x0e\x01\x03\x0a\x13\x18" +
+	"\x03\x0a-\x0c\x03\x0a?\x0d\x03\x0a\x09\x0a\x03\x091&\x03\x0a/\x0b\x03" +
+	"\x08$<\x03\x083\x1d\x03\x08\x0c$\x03\x08\x0d\x07\x03\x08\x0d?\x03\x08" +
+	"\x0e\x14\x03\x065\x0a\x03\x08\x1a#\x03\x08\x16#\x03\x0702\x03\x07\x03" +
+	"\x1a\x03\x06(\x1d\x03\x06+\x1b\x03\x06\x0b\x05\x03\x06\x0b\x17\x03\x06" +
+	"\x0c\x04\x03\x06\x1e\x19\x03\x06+0\x03\x062\x18\x03\x0b\x16\x1e\x03\x0a+" +
+	"\x16\x03\x0a-?\x03\x0a#:\x03\x0a#\x10\x03\x0a%$\x03\x0a>+\x03\x0a01\x03" +
+	"\x0a1\x10\x03\x0a\x099\x03\x0a\x0a\x12\x03\x0a\x19\x1f\x03\x0a\x19\x12" +
+	"\x03\x09*)\x03\x09-\x16\x03\x09.1\x03\x09.2\x03\x09<\x0e\x03\x09> \x03" +
+	"\x093\x12\x03\x09\x0b\x01\x03\x09\x1c2\x03\x09\x11\x1c\x03\x09\x15%\x03" +
+	"\x08,&\x03\x08!\x22\x03\x089(\x03\x08\x0b\x1a\x03\x08\x0d2\x03\x08\x0c" +
+	"\x04\x03\x08\x0c\x06\x03\x08\x0c\x1f\x03\x08\x0c\x0c\x03\x08\x0f\x1f\x03" +
+	"\x08\x0f\x1d\x03\x08\x00\x14\x03\x08\x03\x14\x03\x08\x06\x16\x03\x08\x1e" +
+	"#\x03\x08\x11\x11\x03\x08\x10\x18\x03\x08\x14(\x03\x07)\x1e\x03\x07.1" +
+	"\x03\x07 $\x03\x07 '\x03\x078\x08\x03\x07\x0d0\x03\x07\x0f7\x03\x07\x05#" +
+	"\x03\x07\x05\x1a\x03\x07\x1a7\x03\x07\x1d-\x03\x07\x17\x10\x03\x06)\x1f" +
+	"\x03\x062\x0b\x03\x066\x16\x03\x06\x09\x11\x03\x09(\x1e\x03\x07!5\x03" +
+	"\x0b\x11\x16\x03\x0a/\x04\x03\x0a,\x1a\x03\x0b\x173\x03\x0a,1\x03\x0a/5" +
+	"\x03\x0a\x221\x03\x0a\x22\x0d\x03\x0a?%\x03\x0a<,\x03\x0a?#\x03\x0a>\x19" +
+	"\x03\x0a\x08&\x03\x0a\x0b\x0e\x03\x0a\x0c:\x03\x0a\x0c+\x03\x0a\x03\x22" +
+	"\x03\x0a\x06)\x03\x0a\x11\x10\x03\x0a\x11\x1a\x03\x0a\x17-\x03\x0a\x14(" +
+	"\x03\x09)\x1e\x03\x09/\x09\x03\x09.\x00\x03\x09,\x07\x03\x09/*\x03\x09-9" +
+	"\x03\x09\x228\x03\x09%\x09\x03\x09:\x12\x03\x09;\x1d\x03\x09?\x06\x03" +
+	"\x093%\x03\x096\x05\x03\x096\x08\x03\x097\x02\x03\x09\x07,\x03\x09\x04," +
+	"\x03\x09\x1f\x16\x03\x09\x11\x03\x03\x09\x11\x12\x03\x09\x168\x03\x08*" +
+	"\x05\x03\x08/2\x03\x084:\x03\x08\x22+\x03\x08 0\x03\x08&\x0a\x03\x08;" +
+	"\x10\x03\x08>$\x03\x08>\x18\x03\x0829\x03\x082:\x03\x081,\x03\x081<\x03" +
+	"\x081\x1c\x03\x087#\x03\x087*\x03\x08\x09'\x03\x08\x00\x1d\x03\x08\x05-" +
+	"\x03\x08\x1f4\x03\x08\x1d\x04\x03\x08\x16\x0f\x03\x07*7\x03\x07'!\x03" +
+	"\x07%\x1b\x03\x077\x0c\x03\x07\x0c1\x03\x07\x0c.\x03\x07\x00\x06\x03\x07" +
+	"\x01\x02\x03\x07\x010\x03\x07\x06=\x03\x07\x01\x03\x03\x07\x01\x13\x03" +
+	"\x07\x06\x06\x03\x07\x05\x0a\x03\x07\x1f\x09\x03\x07\x17:\x03\x06*1\x03" +
+	"\x06-\x1d\x03\x06\x223\x03\x062:\x03\x060$\x03\x066\x1e\x03\x064\x12\x03" +
+	"\x0645\x03\x06\x0b\x00\x03\x06\x0b7\x03\x06\x07\x1f\x03\x06\x15\x12\x03" +
+	"\x0c\x05\x0f\x03\x0b+\x0b\x03\x0b+-\x03\x06\x16\x1b\x03\x06\x15\x17\x03" +
+	"\x89\xca\xea\x03\x89\xca\xe8\x03\x0c8\x10\x03\x0c8\x01\x03\x0c8\x0f\x03" +
+	"\x0d8%\x03\x0d8!\x03\x0c8-\x03\x0c8/\x03\x0c8+\x03\x0c87\x03\x0c85\x03" +
+	"\x0c9\x09\x03\x0c9\x0d\x03\x0c9\x0f\x03\x0c9\x0b\x03\xcfu\x0c\x03\xcfu" +
+	"\x0f\x03\xcfu\x0e\x03\xcfu\x09\x03\x0c9\x10\x03\x0d9\x0c\x03\xcf`;\x03" +
+	"\xcf`>\x03\xcf`9\x03\xcf`8\x03\xcf`7\x03\xcf`*\x03\xcf`-\x03\xcf`,\x03" +
+	"\x0d\x1b\x1a\x03\x0d\x1b&\x03\x0c=.\x03\x0c=%\x03\x0c>\x1e\x03\x0c>\x14" +
+	"\x03\x0c?\x06\x03\x0c?\x0b\x03\x0c?\x0c\x03\x0c?\x0d\x03\x0c?\x02\x03" +
+	"\x0c>\x0f\x03\x0c>\x08\x03\x0c>\x09\x03\x0c>,\x03\x0c>\x0c\x03\x0c?\x13" +
+	"\x03\x0c?\x16\x03\x0c?\x15\x03\x0c?\x1c\x03\x0c?\x1f\x03\x0c?\x1d\x03" +
+	"\x0c?\x1a\x03\x0c?\x17\x03\x0c?\x08\x03\x0c?\x09\x03\x0c?\x0e\x03\x0c?" +
+	"\x04\x03\x0c?\x05\x03\x0c" +
+	"\x03\x0c=2\x03\x0c=6\x03\x0c<\x07\x03\x0c<\x05\x03\x0e:!\x03\x0e:#\x03" +
+	"\x0e8\x09\x03\x0e:&\x03\x0e8\x0b\x03\x0e:$\x03\x0e:,\x03\x0e8\x1a\x03" +
+	"\x0e8\x1e\x03\x0e:*\x03\x0e:7\x03\x0e:5\x03\x0e:;\x03\x0e:\x15\x03\x0e:<" +
+	"\x03\x0e:4\x03\x0e:'\x03\x0e:-\x03\x0e:%\x03\x0e:?\x03\x0e:=\x03\x0e:)" +
+	"\x03\x0e:/\x03\xcfs'\x03\x0d=\x0f\x03\x0d+*\x03\x0d99\x03\x0d9;\x03\x0d9" +
+	"?\x03\x0d)\x0d\x03\x0d(%\x02\x01\x18\x02\x01(\x02\x03'\x02\x03)\x02\x03+" +
+	"\x02\x03/\x02\x03\x19\x02\x03\x1b\x02\x03\x1f\x03\x0d\x22\x18\x03\x0d" +
+	"\x22\x1a\x03\x0d\x22'\x03\x0d\x22/\x03\x0d\x223\x03\x0d\x22$\x02\x01\x1e" +
+	"\x03\x0f$!\x03\x0f87\x03\x0f4\x0e\x03\x0f5\x1d\x03\x06'\x03\x03\x0f\x08" +
+	"\x18\x03\x0f\x0d\x1b\x03\x0e2=\x03\x0e;\x08\x03\x0e:\x0b\x03\x0e\x06$" +
+	"\x03\x0e\x0d)\x03\x0e\x16\x1f\x03\x0e\x16\x1b\x03\x0d$\x0a\x03\x05,\x1d" +
+	"\x03\x0d. \x03\x0d.#\x03\x0c(/\x03\x09%\x02\x03\x0d90\x03\x0d\x0e4\x03" +
+	"\x0d\x0d\x0f\x03\x0c#\x00\x03\x0c,\x1e\x03\x0c2\x0e\x03\x0c\x01\x17\x03" +
+	"\x0c\x09:\x03\x0e\x173\x03\x0c\x08\x03\x03\x0c\x11\x07\x03\x0c\x10\x18" +
+	"\x03\x0c\x1f\x1c\x03\x0c\x19\x0e\x03\x0c\x1a\x1f\x03\x0f0>\x03\x0b->\x03" +
+	"\x0b<+\x03\x0b8\x13\x03\x0b\x043\x03\x0b\x14\x03\x03\x0b\x16%\x03\x0d" +
+	"\x22&\x03\x0b\x1a\x1a\x03\x0b\x1a\x04\x03\x0a%9\x03\x0a&2\x03\x0a&0\x03" +
+	"\x0a!\x1a\x03\x0a!7\x03\x0a5\x10\x03\x0a=4\x03\x0a?\x0e\x03\x0a>\x10\x03" +
+	"\x0a\x00 \x03\x0a\x0f:\x03\x0a\x0f9\x03\x0a\x0b\x0a\x03\x0a\x17%\x03\x0a" +
+	"\x1b-\x03\x09-\x1a\x03\x09,4\x03\x09.,\x03\x09)\x09\x03\x096!\x03\x091" +
+	"\x1f\x03\x093\x16\x03\x0c+\x1f\x03\x098 \x03\x098=\x03\x0c(\x1a\x03\x0c(" +
+	"\x16\x03\x09\x0a+\x03\x09\x16\x12\x03\x09\x13\x0e\x03\x09\x153\x03\x08)!" +
+	"\x03\x09\x1a\x01\x03\x09\x18\x01\x03\x08%#\x03\x08>\x22\x03\x08\x05%\x03" +
+	"\x08\x02*\x03\x08\x15;\x03\x08\x1b7\x03\x0f\x07\x1d\x03\x0f\x04\x03\x03" +
+	"\x070\x0c\x03\x07;\x0b\x03\x07\x08\x17\x03\x07\x12\x06\x03\x06/-\x03\x06" +
+	"71\x03\x065+\x03\x06>7\x03\x06\x049\x03\x05+\x1e\x03\x05,\x17\x03\x05 " +
+	"\x1d\x03\x05\x22\x05\x03\x050\x1d"
+
+// lookup returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *idnaTrie) lookup(s []byte) (v uint16, sz int) {
+	c0 := s[0]
+	switch {
+	case c0 < 0x80: // is ASCII
+		return idnaValues[c0], 1
+	case c0 < 0xC2:
+		return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+	case c0 < 0xE0: // 2-byte UTF-8
+		if len(s) < 2 {
+			return 0, 0
+		}
+		i := idnaIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c1), 2
+	case c0 < 0xF0: // 3-byte UTF-8
+		if len(s) < 3 {
+			return 0, 0
+		}
+		i := idnaIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = idnaIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c2), 3
+	case c0 < 0xF8: // 4-byte UTF-8
+		if len(s) < 4 {
+			return 0, 0
+		}
+		i := idnaIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = idnaIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		o = uint32(i)<<6 + uint32(c2)
+		i = idnaIndex[o]
+		c3 := s[3]
+		if c3 < 0x80 || 0xC0 <= c3 {
+			return 0, 3 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c3), 4
+	}
+	// Illegal rune
+	return 0, 1
+}
+
+// lookupUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *idnaTrie) lookupUnsafe(s []byte) uint16 {
+	c0 := s[0]
+	if c0 < 0x80 { // is ASCII
+		return idnaValues[c0]
+	}
+	i := idnaIndex[c0]
+	if c0 < 0xE0 { // 2-byte UTF-8
+		return t.lookupValue(uint32(i), s[1])
+	}
+	i = idnaIndex[uint32(i)<<6+uint32(s[1])]
+	if c0 < 0xF0 { // 3-byte UTF-8
+		return t.lookupValue(uint32(i), s[2])
+	}
+	i = idnaIndex[uint32(i)<<6+uint32(s[2])]
+	if c0 < 0xF8 { // 4-byte UTF-8
+		return t.lookupValue(uint32(i), s[3])
+	}
+	return 0
+}
+
+// lookupString returns the trie value for the first UTF-8 encoding in s and
+// the width in bytes of this encoding. The size will be 0 if s does not
+// hold enough bytes to complete the encoding. len(s) must be greater than 0.
+func (t *idnaTrie) lookupString(s string) (v uint16, sz int) {
+	c0 := s[0]
+	switch {
+	case c0 < 0x80: // is ASCII
+		return idnaValues[c0], 1
+	case c0 < 0xC2:
+		return 0, 1 // Illegal UTF-8: not a starter, not ASCII.
+	case c0 < 0xE0: // 2-byte UTF-8
+		if len(s) < 2 {
+			return 0, 0
+		}
+		i := idnaIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c1), 2
+	case c0 < 0xF0: // 3-byte UTF-8
+		if len(s) < 3 {
+			return 0, 0
+		}
+		i := idnaIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = idnaIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c2), 3
+	case c0 < 0xF8: // 4-byte UTF-8
+		if len(s) < 4 {
+			return 0, 0
+		}
+		i := idnaIndex[c0]
+		c1 := s[1]
+		if c1 < 0x80 || 0xC0 <= c1 {
+			return 0, 1 // Illegal UTF-8: not a continuation byte.
+		}
+		o := uint32(i)<<6 + uint32(c1)
+		i = idnaIndex[o]
+		c2 := s[2]
+		if c2 < 0x80 || 0xC0 <= c2 {
+			return 0, 2 // Illegal UTF-8: not a continuation byte.
+		}
+		o = uint32(i)<<6 + uint32(c2)
+		i = idnaIndex[o]
+		c3 := s[3]
+		if c3 < 0x80 || 0xC0 <= c3 {
+			return 0, 3 // Illegal UTF-8: not a continuation byte.
+		}
+		return t.lookupValue(uint32(i), c3), 4
+	}
+	// Illegal rune
+	return 0, 1
+}
+
+// lookupStringUnsafe returns the trie value for the first UTF-8 encoding in s.
+// s must start with a full and valid UTF-8 encoded rune.
+func (t *idnaTrie) lookupStringUnsafe(s string) uint16 {
+	c0 := s[0]
+	if c0 < 0x80 { // is ASCII
+		return idnaValues[c0]
+	}
+	i := idnaIndex[c0]
+	if c0 < 0xE0 { // 2-byte UTF-8
+		return t.lookupValue(uint32(i), s[1])
+	}
+	i = idnaIndex[uint32(i)<<6+uint32(s[1])]
+	if c0 < 0xF0 { // 3-byte UTF-8
+		return t.lookupValue(uint32(i), s[2])
+	}
+	i = idnaIndex[uint32(i)<<6+uint32(s[2])]
+	if c0 < 0xF8 { // 4-byte UTF-8
+		return t.lookupValue(uint32(i), s[3])
+	}
+	return 0
+}
+
+// idnaTrie. Total size: 31598 bytes (30.86 KiB). Checksum: d3118eda0d6b5360.
+type idnaTrie struct{}
+
+func newIdnaTrie(i int) *idnaTrie {
+	return &idnaTrie{}
+}
+
+// lookupValue determines the type of block n and looks up the value for b.
+func (t *idnaTrie) lookupValue(n uint32, b byte) uint16 {
+	switch {
+	case n < 133:
+		return uint16(idnaValues[n<<6+uint32(b)])
+	default:
+		n -= 133
+		return uint16(idnaSparse.lookup(n, b))
+	}
+}
+
+// idnaValues: 135 blocks, 8640 entries, 17280 bytes
+// The third block is the zero block.
+var idnaValues = [8640]uint16{
+	// Block 0x0, offset 0x0
+	0x00: 0x0080, 0x01: 0x0080, 0x02: 0x0080, 0x03: 0x0080, 0x04: 0x0080, 0x05: 0x0080,
+	0x06: 0x0080, 0x07: 0x0080, 0x08: 0x0080, 0x09: 0x0080, 0x0a: 0x0080, 0x0b: 0x0080,
+	0x0c: 0x0080, 0x0d: 0x0080, 0x0e: 0x0080, 0x0f: 0x0080, 0x10: 0x0080, 0x11: 0x0080,
+	0x12: 0x0080, 0x13: 0x0080, 0x14: 0x0080, 0x15: 0x0080, 0x16: 0x0080, 0x17: 0x0080,
+	0x18: 0x0080, 0x19: 0x0080, 0x1a: 0x0080, 0x1b: 0x0080, 0x1c: 0x0080, 0x1d: 0x0080,
+	0x1e: 0x0080, 0x1f: 0x0080, 0x20: 0x0080, 0x21: 0x0080, 0x22: 0x0080, 0x23: 0x0080,
+	0x24: 0x0080, 0x25: 0x0080, 0x26: 0x0080, 0x27: 0x0080, 0x28: 0x0080, 0x29: 0x0080,
+	0x2a: 0x0080, 0x2b: 0x0080, 0x2c: 0x0080, 0x2d: 0x0008, 0x2e: 0x0008, 0x2f: 0x0080,
+	0x30: 0x0008, 0x31: 0x0008, 0x32: 0x0008, 0x33: 0x0008, 0x34: 0x0008, 0x35: 0x0008,
+	0x36: 0x0008, 0x37: 0x0008, 0x38: 0x0008, 0x39: 0x0008, 0x3a: 0x0080, 0x3b: 0x0080,
+	0x3c: 0x0080, 0x3d: 0x0080, 0x3e: 0x0080, 0x3f: 0x0080,
+	// Block 0x1, offset 0x40
+	0x40: 0x0080, 0x41: 0xe105, 0x42: 0xe105, 0x43: 0xe105, 0x44: 0xe105, 0x45: 0xe105,
+	0x46: 0xe105, 0x47: 0xe105, 0x48: 0xe105, 0x49: 0xe105, 0x4a: 0xe105, 0x4b: 0xe105,
+	0x4c: 0xe105, 0x4d: 0xe105, 0x4e: 0xe105, 0x4f: 0xe105, 0x50: 0xe105, 0x51: 0xe105,
+	0x52: 0xe105, 0x53: 0xe105, 0x54: 0xe105, 0x55: 0xe105, 0x56: 0xe105, 0x57: 0xe105,
+	0x58: 0xe105, 0x59: 0xe105, 0x5a: 0xe105, 0x5b: 0x0080, 0x5c: 0x0080, 0x5d: 0x0080,
+	0x5e: 0x0080, 0x5f: 0x0080, 0x60: 0x0080, 0x61: 0x0008, 0x62: 0x0008, 0x63: 0x0008,
+	0x64: 0x0008, 0x65: 0x0008, 0x66: 0x0008, 0x67: 0x0008, 0x68: 0x0008, 0x69: 0x0008,
+	0x6a: 0x0008, 0x6b: 0x0008, 0x6c: 0x0008, 0x6d: 0x0008, 0x6e: 0x0008, 0x6f: 0x0008,
+	0x70: 0x0008, 0x71: 0x0008, 0x72: 0x0008, 0x73: 0x0008, 0x74: 0x0008, 0x75: 0x0008,
+	0x76: 0x0008, 0x77: 0x0008, 0x78: 0x0008, 0x79: 0x0008, 0x7a: 0x0008, 0x7b: 0x0080,
+	0x7c: 0x0080, 0x7d: 0x0080, 0x7e: 0x0080, 0x7f: 0x0080,
+	// Block 0x2, offset 0x80
+	// Block 0x3, offset 0xc0
+	0xc0: 0x0040, 0xc1: 0x0040, 0xc2: 0x0040, 0xc3: 0x0040, 0xc4: 0x0040, 0xc5: 0x0040,
+	0xc6: 0x0040, 0xc7: 0x0040, 0xc8: 0x0040, 0xc9: 0x0040, 0xca: 0x0040, 0xcb: 0x0040,
+	0xcc: 0x0040, 0xcd: 0x0040, 0xce: 0x0040, 0xcf: 0x0040, 0xd0: 0x0040, 0xd1: 0x0040,
+	0xd2: 0x0040, 0xd3: 0x0040, 0xd4: 0x0040, 0xd5: 0x0040, 0xd6: 0x0040, 0xd7: 0x0040,
+	0xd8: 0x0040, 0xd9: 0x0040, 0xda: 0x0040, 0xdb: 0x0040, 0xdc: 0x0040, 0xdd: 0x0040,
+	0xde: 0x0040, 0xdf: 0x0040, 0xe0: 0x000a, 0xe1: 0x0018, 0xe2: 0x0018, 0xe3: 0x0018,
+	0xe4: 0x0018, 0xe5: 0x0018, 0xe6: 0x0018, 0xe7: 0x0018, 0xe8: 0x0012, 0xe9: 0x0018,
+	0xea: 0x0019, 0xeb: 0x0018, 0xec: 0x0018, 0xed: 0x03c0, 0xee: 0x0018, 0xef: 0x0022,
+	0xf0: 0x0018, 0xf1: 0x0018, 0xf2: 0x0029, 0xf3: 0x0031, 0xf4: 0x003a, 0xf5: 0x0005,
+	0xf6: 0x0018, 0xf7: 0x0008, 0xf8: 0x0042, 0xf9: 0x0049, 0xfa: 0x0051, 0xfb: 0x0018,
+	0xfc: 0x0059, 0xfd: 0x0061, 0xfe: 0x0069, 0xff: 0x0018,
+	// Block 0x4, offset 0x100
+	0x100: 0xe00d, 0x101: 0x0008, 0x102: 0xe00d, 0x103: 0x0008, 0x104: 0xe00d, 0x105: 0x0008,
+	0x106: 0xe00d, 0x107: 0x0008, 0x108: 0xe00d, 0x109: 0x0008, 0x10a: 0xe00d, 0x10b: 0x0008,
+	0x10c: 0xe00d, 0x10d: 0x0008, 0x10e: 0xe00d, 0x10f: 0x0008, 0x110: 0xe00d, 0x111: 0x0008,
+	0x112: 0xe00d, 0x113: 0x0008, 0x114: 0xe00d, 0x115: 0x0008, 0x116: 0xe00d, 0x117: 0x0008,
+	0x118: 0xe00d, 0x119: 0x0008, 0x11a: 0xe00d, 0x11b: 0x0008, 0x11c: 0xe00d, 0x11d: 0x0008,
+	0x11e: 0xe00d, 0x11f: 0x0008, 0x120: 0xe00d, 0x121: 0x0008, 0x122: 0xe00d, 0x123: 0x0008,
+	0x124: 0xe00d, 0x125: 0x0008, 0x126: 0xe00d, 0x127: 0x0008, 0x128: 0xe00d, 0x129: 0x0008,
+	0x12a: 0xe00d, 0x12b: 0x0008, 0x12c: 0xe00d, 0x12d: 0x0008, 0x12e: 0xe00d, 0x12f: 0x0008,
+	0x130: 0x0071, 0x131: 0x0008, 0x132: 0x0035, 0x133: 0x004d, 0x134: 0xe00d, 0x135: 0x0008,
+	0x136: 0xe00d, 0x137: 0x0008, 0x138: 0x0008, 0x139: 0xe01d, 0x13a: 0x0008, 0x13b: 0xe03d,
+	0x13c: 0x0008, 0x13d: 0xe01d, 0x13e: 0x0008, 0x13f: 0x0079,
+	// Block 0x5, offset 0x140
+	0x140: 0x0079, 0x141: 0xe01d, 0x142: 0x0008, 0x143: 0xe03d, 0x144: 0x0008, 0x145: 0xe01d,
+	0x146: 0x0008, 0x147: 0xe07d, 0x148: 0x0008, 0x149: 0x0081, 0x14a: 0xe00d, 0x14b: 0x0008,
+	0x14c: 0xe00d, 0x14d: 0x0008, 0x14e: 0xe00d, 0x14f: 0x0008, 0x150: 0xe00d, 0x151: 0x0008,
+	0x152: 0xe00d, 0x153: 0x0008, 0x154: 0xe00d, 0x155: 0x0008, 0x156: 0xe00d, 0x157: 0x0008,
+	0x158: 0xe00d, 0x159: 0x0008, 0x15a: 0xe00d, 0x15b: 0x0008, 0x15c: 0xe00d, 0x15d: 0x0008,
+	0x15e: 0xe00d, 0x15f: 0x0008, 0x160: 0xe00d, 0x161: 0x0008, 0x162: 0xe00d, 0x163: 0x0008,
+	0x164: 0xe00d, 0x165: 0x0008, 0x166: 0xe00d, 0x167: 0x0008, 0x168: 0xe00d, 0x169: 0x0008,
+	0x16a: 0xe00d, 0x16b: 0x0008, 0x16c: 0xe00d, 0x16d: 0x0008, 0x16e: 0xe00d, 0x16f: 0x0008,
+	0x170: 0xe00d, 0x171: 0x0008, 0x172: 0xe00d, 0x173: 0x0008, 0x174: 0xe00d, 0x175: 0x0008,
+	0x176: 0xe00d, 0x177: 0x0008, 0x178: 0x0065, 0x179: 0xe01d, 0x17a: 0x0008, 0x17b: 0xe03d,
+	0x17c: 0x0008, 0x17d: 0xe01d, 0x17e: 0x0008, 0x17f: 0x0089,
+	// Block 0x6, offset 0x180
+	0x180: 0x0008, 0x181: 0x007d, 0x182: 0xe00d, 0x183: 0x0008, 0x184: 0xe00d, 0x185: 0x0008,
+	0x186: 0x007d, 0x187: 0xe07d, 0x188: 0x0008, 0x189: 0x0095, 0x18a: 0x00ad, 0x18b: 0xe03d,
+	0x18c: 0x0008, 0x18d: 0x0008, 0x18e: 0x00c5, 0x18f: 0x00dd, 0x190: 0x00f5, 0x191: 0xe01d,
+	0x192: 0x0008, 0x193: 0x010d, 0x194: 0x0125, 0x195: 0x0008, 0x196: 0x013d, 0x197: 0x013d,
+	0x198: 0xe00d, 0x199: 0x0008, 0x19a: 0x0008, 0x19b: 0x0008, 0x19c: 0x010d, 0x19d: 0x0155,
+	0x19e: 0x0008, 0x19f: 0x016d, 0x1a0: 0xe00d, 0x1a1: 0x0008, 0x1a2: 0xe00d, 0x1a3: 0x0008,
+	0x1a4: 0xe00d, 0x1a5: 0x0008, 0x1a6: 0x0185, 0x1a7: 0xe07d, 0x1a8: 0x0008, 0x1a9: 0x019d,
+	0x1aa: 0x0008, 0x1ab: 0x0008, 0x1ac: 0xe00d, 0x1ad: 0x0008, 0x1ae: 0x0185, 0x1af: 0xe0fd,
+	0x1b0: 0x0008, 0x1b1: 0x01b5, 0x1b2: 0x01cd, 0x1b3: 0xe03d, 0x1b4: 0x0008, 0x1b5: 0xe01d,
+	0x1b6: 0x0008, 0x1b7: 0x01e5, 0x1b8: 0xe00d, 0x1b9: 0x0008, 0x1ba: 0x0008, 0x1bb: 0x0008,
+	0x1bc: 0xe00d, 0x1bd: 0x0008, 0x1be: 0x0008, 0x1bf: 0x0008,
+	// Block 0x7, offset 0x1c0
+	0x1c0: 0x0008, 0x1c1: 0x0008, 0x1c2: 0x0008, 0x1c3: 0x0008, 0x1c4: 0x0091, 0x1c5: 0x0091,
+	0x1c6: 0x0091, 0x1c7: 0x01fd, 0x1c8: 0x0215, 0x1c9: 0x022d, 0x1ca: 0x0245, 0x1cb: 0x025d,
+	0x1cc: 0x0275, 0x1cd: 0xe01d, 0x1ce: 0x0008, 0x1cf: 0xe0fd, 0x1d0: 0x0008, 0x1d1: 0xe01d,
+	0x1d2: 0x0008, 0x1d3: 0xe03d, 0x1d4: 0x0008, 0x1d5: 0xe01d, 0x1d6: 0x0008, 0x1d7: 0xe07d,
+	0x1d8: 0x0008, 0x1d9: 0xe01d, 0x1da: 0x0008, 0x1db: 0xe03d, 0x1dc: 0x0008, 0x1dd: 0x0008,
+	0x1de: 0xe00d, 0x1df: 0x0008, 0x1e0: 0xe00d, 0x1e1: 0x0008, 0x1e2: 0xe00d, 0x1e3: 0x0008,
+	0x1e4: 0xe00d, 0x1e5: 0x0008, 0x1e6: 0xe00d, 0x1e7: 0x0008, 0x1e8: 0xe00d, 0x1e9: 0x0008,
+	0x1ea: 0xe00d, 0x1eb: 0x0008, 0x1ec: 0xe00d, 0x1ed: 0x0008, 0x1ee: 0xe00d, 0x1ef: 0x0008,
+	0x1f0: 0x0008, 0x1f1: 0x028d, 0x1f2: 0x02a5, 0x1f3: 0x02bd, 0x1f4: 0xe00d, 0x1f5: 0x0008,
+	0x1f6: 0x02d5, 0x1f7: 0x02ed, 0x1f8: 0xe00d, 0x1f9: 0x0008, 0x1fa: 0xe00d, 0x1fb: 0x0008,
+	0x1fc: 0xe00d, 0x1fd: 0x0008, 0x1fe: 0xe00d, 0x1ff: 0x0008,
+	// Block 0x8, offset 0x200
+	0x200: 0xe00d, 0x201: 0x0008, 0x202: 0xe00d, 0x203: 0x0008, 0x204: 0xe00d, 0x205: 0x0008,
+	0x206: 0xe00d, 0x207: 0x0008, 0x208: 0xe00d, 0x209: 0x0008, 0x20a: 0xe00d, 0x20b: 0x0008,
+	0x20c: 0xe00d, 0x20d: 0x0008, 0x20e: 0xe00d, 0x20f: 0x0008, 0x210: 0xe00d, 0x211: 0x0008,
+	0x212: 0xe00d, 0x213: 0x0008, 0x214: 0xe00d, 0x215: 0x0008, 0x216: 0xe00d, 0x217: 0x0008,
+	0x218: 0xe00d, 0x219: 0x0008, 0x21a: 0xe00d, 0x21b: 0x0008, 0x21c: 0xe00d, 0x21d: 0x0008,
+	0x21e: 0xe00d, 0x21f: 0x0008, 0x220: 0x0305, 0x221: 0x0008, 0x222: 0xe00d, 0x223: 0x0008,
+	0x224: 0xe00d, 0x225: 0x0008, 0x226: 0xe00d, 0x227: 0x0008, 0x228: 0xe00d, 0x229: 0x0008,
+	0x22a: 0xe00d, 0x22b: 0x0008, 0x22c: 0xe00d, 0x22d: 0x0008, 0x22e: 0xe00d, 0x22f: 0x0008,
+	0x230: 0xe00d, 0x231: 0x0008, 0x232: 0xe00d, 0x233: 0x0008, 0x234: 0x0008, 0x235: 0x0008,
+	0x236: 0x0008, 0x237: 0x0008, 0x238: 0x0008, 0x239: 0x0008, 0x23a: 0x0099, 0x23b: 0xe03d,
+	0x23c: 0x0008, 0x23d: 0x031d, 0x23e: 0x00a1, 0x23f: 0x0008,
+	// Block 0x9, offset 0x240
+	0x240: 0x0008, 0x241: 0x0008, 0x242: 0x0018, 0x243: 0x0018, 0x244: 0x0018, 0x245: 0x0018,
+	0x246: 0x0008, 0x247: 0x0008, 0x248: 0x0008, 0x249: 0x0008, 0x24a: 0x0008, 0x24b: 0x0008,
+	0x24c: 0x0008, 0x24d: 0x0008, 0x24e: 0x0008, 0x24f: 0x0008, 0x250: 0x0008, 0x251: 0x0008,
+	0x252: 0x0018, 0x253: 0x0018, 0x254: 0x0018, 0x255: 0x0018, 0x256: 0x0018, 0x257: 0x0018,
+	0x258: 0x00d2, 0x259: 0x00da, 0x25a: 0x00e2, 0x25b: 0x00ea, 0x25c: 0x00f2, 0x25d: 0x00fa,
+	0x25e: 0x0018, 0x25f: 0x0018, 0x260: 0x03ad, 0x261: 0x0101, 0x262: 0x0089, 0x263: 0x0109,
+	0x264: 0x03c5, 0x265: 0x0018, 0x266: 0x0018, 0x267: 0x0018, 0x268: 0x0018, 0x269: 0x0018,
+	0x26a: 0x0018, 0x26b: 0x0018, 0x26c: 0x0008, 0x26d: 0x0018, 0x26e: 0x0008, 0x26f: 0x0018,
+	0x270: 0x0018, 0x271: 0x0018, 0x272: 0x0018, 0x273: 0x0018, 0x274: 0x0018, 0x275: 0x0018,
+	0x276: 0x0018, 0x277: 0x0018, 0x278: 0x0018, 0x279: 0x0018, 0x27a: 0x0018, 0x27b: 0x0018,
+	0x27c: 0x0018, 0x27d: 0x0018, 0x27e: 0x0018, 0x27f: 0x0018,
+	// Block 0xa, offset 0x280
+	0x280: 0x03dd, 0x281: 0x03dd, 0x282: 0x3308, 0x283: 0x03f5, 0x284: 0x0111, 0x285: 0x040d,
+	0x286: 0x3308, 0x287: 0x3308, 0x288: 0x3308, 0x289: 0x3308, 0x28a: 0x3308, 0x28b: 0x3308,
+	0x28c: 0x3308, 0x28d: 0x3308, 0x28e: 0x3308, 0x28f: 0x33c0, 0x290: 0x3308, 0x291: 0x3308,
+	0x292: 0x3308, 0x293: 0x3308, 0x294: 0x3308, 0x295: 0x3308, 0x296: 0x3308, 0x297: 0x3308,
+	0x298: 0x3308, 0x299: 0x3308, 0x29a: 0x3308, 0x29b: 0x3308, 0x29c: 0x3308, 0x29d: 0x3308,
+	0x29e: 0x3308, 0x29f: 0x3308, 0x2a0: 0x3308, 0x2a1: 0x3308, 0x2a2: 0x3308, 0x2a3: 0x3308,
+	0x2a4: 0x3308, 0x2a5: 0x3308, 0x2a6: 0x3308, 0x2a7: 0x3308, 0x2a8: 0x3308, 0x2a9: 0x3308,
+	0x2aa: 0x3308, 0x2ab: 0x3308, 0x2ac: 0x3308, 0x2ad: 0x3308, 0x2ae: 0x3308, 0x2af: 0x3308,
+	0x2b0: 0xe00d, 0x2b1: 0x0008, 0x2b2: 0xe00d, 0x2b3: 0x0008, 0x2b4: 0x0425, 0x2b5: 0x0008,
+	0x2b6: 0xe00d, 0x2b7: 0x0008, 0x2b8: 0x0040, 0x2b9: 0x0040, 0x2ba: 0x011a, 0x2bb: 0x0008,
+	0x2bc: 0x0008, 0x2bd: 0x0008, 0x2be: 0x0122, 0x2bf: 0x043d,
+	// Block 0xb, offset 0x2c0
+	0x2c0: 0x0040, 0x2c1: 0x0040, 0x2c2: 0x0040, 0x2c3: 0x0040, 0x2c4: 0x003a, 0x2c5: 0x012a,
+	0x2c6: 0xe155, 0x2c7: 0x0455, 0x2c8: 0xe12d, 0x2c9: 0xe13d, 0x2ca: 0xe12d, 0x2cb: 0x0040,
+	0x2cc: 0x03dd, 0x2cd: 0x0040, 0x2ce: 0x046d, 0x2cf: 0x0485, 0x2d0: 0x0008, 0x2d1: 0xe105,
+	0x2d2: 0xe105, 0x2d3: 0xe105, 0x2d4: 0xe105, 0x2d5: 0xe105, 0x2d6: 0xe105, 0x2d7: 0xe105,
+	0x2d8: 0xe105, 0x2d9: 0xe105, 0x2da: 0xe105, 0x2db: 0xe105, 0x2dc: 0xe105, 0x2dd: 0xe105,
+	0x2de: 0xe105, 0x2df: 0xe105, 0x2e0: 0x049d, 0x2e1: 0x049d, 0x2e2: 0x0040, 0x2e3: 0x049d,
+	0x2e4: 0x049d, 0x2e5: 0x049d, 0x2e6: 0x049d, 0x2e7: 0x049d, 0x2e8: 0x049d, 0x2e9: 0x049d,
+	0x2ea: 0x049d, 0x2eb: 0x049d, 0x2ec: 0x0008, 0x2ed: 0x0008, 0x2ee: 0x0008, 0x2ef: 0x0008,
+	0x2f0: 0x0008, 0x2f1: 0x0008, 0x2f2: 0x0008, 0x2f3: 0x0008, 0x2f4: 0x0008, 0x2f5: 0x0008,
+	0x2f6: 0x0008, 0x2f7: 0x0008, 0x2f8: 0x0008, 0x2f9: 0x0008, 0x2fa: 0x0008, 0x2fb: 0x0008,
+	0x2fc: 0x0008, 0x2fd: 0x0008, 0x2fe: 0x0008, 0x2ff: 0x0008,
+	// Block 0xc, offset 0x300
+	0x300: 0x0008, 0x301: 0x0008, 0x302: 0xe00f, 0x303: 0x0008, 0x304: 0x0008, 0x305: 0x0008,
+	0x306: 0x0008, 0x307: 0x0008, 0x308: 0x0008, 0x309: 0x0008, 0x30a: 0x0008, 0x30b: 0x0008,
+	0x30c: 0x0008, 0x30d: 0x0008, 0x30e: 0x0008, 0x30f: 0xe0c5, 0x310: 0x04b5, 0x311: 0x04cd,
+	0x312: 0xe0bd, 0x313: 0xe0f5, 0x314: 0xe0fd, 0x315: 0xe09d, 0x316: 0xe0b5, 0x317: 0x0008,
+	0x318: 0xe00d, 0x319: 0x0008, 0x31a: 0xe00d, 0x31b: 0x0008, 0x31c: 0xe00d, 0x31d: 0x0008,
+	0x31e: 0xe00d, 0x31f: 0x0008, 0x320: 0xe00d, 0x321: 0x0008, 0x322: 0xe00d, 0x323: 0x0008,
+	0x324: 0xe00d, 0x325: 0x0008, 0x326: 0xe00d, 0x327: 0x0008, 0x328: 0xe00d, 0x329: 0x0008,
+	0x32a: 0xe00d, 0x32b: 0x0008, 0x32c: 0xe00d, 0x32d: 0x0008, 0x32e: 0xe00d, 0x32f: 0x0008,
+	0x330: 0x04e5, 0x331: 0xe185, 0x332: 0xe18d, 0x333: 0x0008, 0x334: 0x04fd, 0x335: 0x03dd,
+	0x336: 0x0018, 0x337: 0xe07d, 0x338: 0x0008, 0x339: 0xe1d5, 0x33a: 0xe00d, 0x33b: 0x0008,
+	0x33c: 0x0008, 0x33d: 0x0515, 0x33e: 0x052d, 0x33f: 0x052d,
+	// Block 0xd, offset 0x340
+	0x340: 0x0008, 0x341: 0x0008, 0x342: 0x0008, 0x343: 0x0008, 0x344: 0x0008, 0x345: 0x0008,
+	0x346: 0x0008, 0x347: 0x0008, 0x348: 0x0008, 0x349: 0x0008, 0x34a: 0x0008, 0x34b: 0x0008,
+	0x34c: 0x0008, 0x34d: 0x0008, 0x34e: 0x0008, 0x34f: 0x0008, 0x350: 0x0008, 0x351: 0x0008,
+	0x352: 0x0008, 0x353: 0x0008, 0x354: 0x0008, 0x355: 0x0008, 0x356: 0x0008, 0x357: 0x0008,
+	0x358: 0x0008, 0x359: 0x0008, 0x35a: 0x0008, 0x35b: 0x0008, 0x35c: 0x0008, 0x35d: 0x0008,
+	0x35e: 0x0008, 0x35f: 0x0008, 0x360: 0xe00d, 0x361: 0x0008, 0x362: 0xe00d, 0x363: 0x0008,
+	0x364: 0xe00d, 0x365: 0x0008, 0x366: 0xe00d, 0x367: 0x0008, 0x368: 0xe00d, 0x369: 0x0008,
+	0x36a: 0xe00d, 0x36b: 0x0008, 0x36c: 0xe00d, 0x36d: 0x0008, 0x36e: 0xe00d, 0x36f: 0x0008,
+	0x370: 0xe00d, 0x371: 0x0008, 0x372: 0xe00d, 0x373: 0x0008, 0x374: 0xe00d, 0x375: 0x0008,
+	0x376: 0xe00d, 0x377: 0x0008, 0x378: 0xe00d, 0x379: 0x0008, 0x37a: 0xe00d, 0x37b: 0x0008,
+	0x37c: 0xe00d, 0x37d: 0x0008, 0x37e: 0xe00d, 0x37f: 0x0008,
+	// Block 0xe, offset 0x380
+	0x380: 0xe00d, 0x381: 0x0008, 0x382: 0x0018, 0x383: 0x3308, 0x384: 0x3308, 0x385: 0x3308,
+	0x386: 0x3308, 0x387: 0x3308, 0x388: 0x3318, 0x389: 0x3318, 0x38a: 0xe00d, 0x38b: 0x0008,
+	0x38c: 0xe00d, 0x38d: 0x0008, 0x38e: 0xe00d, 0x38f: 0x0008, 0x390: 0xe00d, 0x391: 0x0008,
+	0x392: 0xe00d, 0x393: 0x0008, 0x394: 0xe00d, 0x395: 0x0008, 0x396: 0xe00d, 0x397: 0x0008,
+	0x398: 0xe00d, 0x399: 0x0008, 0x39a: 0xe00d, 0x39b: 0x0008, 0x39c: 0xe00d, 0x39d: 0x0008,
+	0x39e: 0xe00d, 0x39f: 0x0008, 0x3a0: 0xe00d, 0x3a1: 0x0008, 0x3a2: 0xe00d, 0x3a3: 0x0008,
+	0x3a4: 0xe00d, 0x3a5: 0x0008, 0x3a6: 0xe00d, 0x3a7: 0x0008, 0x3a8: 0xe00d, 0x3a9: 0x0008,
+	0x3aa: 0xe00d, 0x3ab: 0x0008, 0x3ac: 0xe00d, 0x3ad: 0x0008, 0x3ae: 0xe00d, 0x3af: 0x0008,
+	0x3b0: 0xe00d, 0x3b1: 0x0008, 0x3b2: 0xe00d, 0x3b3: 0x0008, 0x3b4: 0xe00d, 0x3b5: 0x0008,
+	0x3b6: 0xe00d, 0x3b7: 0x0008, 0x3b8: 0xe00d, 0x3b9: 0x0008, 0x3ba: 0xe00d, 0x3bb: 0x0008,
+	0x3bc: 0xe00d, 0x3bd: 0x0008, 0x3be: 0xe00d, 0x3bf: 0x0008,
+	// Block 0xf, offset 0x3c0
+	0x3c0: 0x0040, 0x3c1: 0xe01d, 0x3c2: 0x0008, 0x3c3: 0xe03d, 0x3c4: 0x0008, 0x3c5: 0xe01d,
+	0x3c6: 0x0008, 0x3c7: 0xe07d, 0x3c8: 0x0008, 0x3c9: 0xe01d, 0x3ca: 0x0008, 0x3cb: 0xe03d,
+	0x3cc: 0x0008, 0x3cd: 0xe01d, 0x3ce: 0x0008, 0x3cf: 0x0008, 0x3d0: 0xe00d, 0x3d1: 0x0008,
+	0x3d2: 0xe00d, 0x3d3: 0x0008, 0x3d4: 0xe00d, 0x3d5: 0x0008, 0x3d6: 0xe00d, 0x3d7: 0x0008,
+	0x3d8: 0xe00d, 0x3d9: 0x0008, 0x3da: 0xe00d, 0x3db: 0x0008, 0x3dc: 0xe00d, 0x3dd: 0x0008,
+	0x3de: 0xe00d, 0x3df: 0x0008, 0x3e0: 0xe00d, 0x3e1: 0x0008, 0x3e2: 0xe00d, 0x3e3: 0x0008,
+	0x3e4: 0xe00d, 0x3e5: 0x0008, 0x3e6: 0xe00d, 0x3e7: 0x0008, 0x3e8: 0xe00d, 0x3e9: 0x0008,
+	0x3ea: 0xe00d, 0x3eb: 0x0008, 0x3ec: 0xe00d, 0x3ed: 0x0008, 0x3ee: 0xe00d, 0x3ef: 0x0008,
+	0x3f0: 0xe00d, 0x3f1: 0x0008, 0x3f2: 0xe00d, 0x3f3: 0x0008, 0x3f4: 0xe00d, 0x3f5: 0x0008,
+	0x3f6: 0xe00d, 0x3f7: 0x0008, 0x3f8: 0xe00d, 0x3f9: 0x0008, 0x3fa: 0xe00d, 0x3fb: 0x0008,
+	0x3fc: 0xe00d, 0x3fd: 0x0008, 0x3fe: 0xe00d, 0x3ff: 0x0008,
+	// Block 0x10, offset 0x400
+	0x400: 0xe00d, 0x401: 0x0008, 0x402: 0xe00d, 0x403: 0x0008, 0x404: 0xe00d, 0x405: 0x0008,
+	0x406: 0xe00d, 0x407: 0x0008, 0x408: 0xe00d, 0x409: 0x0008, 0x40a: 0xe00d, 0x40b: 0x0008,
+	0x40c: 0xe00d, 0x40d: 0x0008, 0x40e: 0xe00d, 0x40f: 0x0008, 0x410: 0xe00d, 0x411: 0x0008,
+	0x412: 0xe00d, 0x413: 0x0008, 0x414: 0xe00d, 0x415: 0x0008, 0x416: 0xe00d, 0x417: 0x0008,
+	0x418: 0xe00d, 0x419: 0x0008, 0x41a: 0xe00d, 0x41b: 0x0008, 0x41c: 0xe00d, 0x41d: 0x0008,
+	0x41e: 0xe00d, 0x41f: 0x0008, 0x420: 0xe00d, 0x421: 0x0008, 0x422: 0xe00d, 0x423: 0x0008,
+	0x424: 0xe00d, 0x425: 0x0008, 0x426: 0xe00d, 0x427: 0x0008, 0x428: 0xe00d, 0x429: 0x0008,
+	0x42a: 0xe00d, 0x42b: 0x0008, 0x42c: 0xe00d, 0x42d: 0x0008, 0x42e: 0xe00d, 0x42f: 0x0008,
+	0x430: 0x0040, 0x431: 0x03f5, 0x432: 0x03f5, 0x433: 0x03f5, 0x434: 0x03f5, 0x435: 0x03f5,
+	0x436: 0x03f5, 0x437: 0x03f5, 0x438: 0x03f5, 0x439: 0x03f5, 0x43a: 0x03f5, 0x43b: 0x03f5,
+	0x43c: 0x03f5, 0x43d: 0x03f5, 0x43e: 0x03f5, 0x43f: 0x03f5,
+	// Block 0x11, offset 0x440
+	0x440: 0x0840, 0x441: 0x0840, 0x442: 0x0840, 0x443: 0x0840, 0x444: 0x0840, 0x445: 0x0840,
+	0x446: 0x0018, 0x447: 0x0018, 0x448: 0x0818, 0x449: 0x0018, 0x44a: 0x0018, 0x44b: 0x0818,
+	0x44c: 0x0018, 0x44d: 0x0818, 0x44e: 0x0018, 0x44f: 0x0018, 0x450: 0x3308, 0x451: 0x3308,
+	0x452: 0x3308, 0x453: 0x3308, 0x454: 0x3308, 0x455: 0x3308, 0x456: 0x3308, 0x457: 0x3308,
+	0x458: 0x3308, 0x459: 0x3308, 0x45a: 0x3308, 0x45b: 0x0818, 0x45c: 0x0b40, 0x45d: 0x0818,
+	0x45e: 0x0818, 0x45f: 0x0818, 0x460: 0x0a08, 0x461: 0x0808, 0x462: 0x0c08, 0x463: 0x0c08,
+	0x464: 0x0c08, 0x465: 0x0c08, 0x466: 0x0a08, 0x467: 0x0c08, 0x468: 0x0a08, 0x469: 0x0c08,
+	0x46a: 0x0a08, 0x46b: 0x0a08, 0x46c: 0x0a08, 0x46d: 0x0a08, 0x46e: 0x0a08, 0x46f: 0x0c08,
+	0x470: 0x0c08, 0x471: 0x0c08, 0x472: 0x0c08, 0x473: 0x0a08, 0x474: 0x0a08, 0x475: 0x0a08,
+	0x476: 0x0a08, 0x477: 0x0a08, 0x478: 0x0a08, 0x479: 0x0a08, 0x47a: 0x0a08, 0x47b: 0x0a08,
+	0x47c: 0x0a08, 0x47d: 0x0a08, 0x47e: 0x0a08, 0x47f: 0x0a08,
+	// Block 0x12, offset 0x480
+	0x480: 0x0818, 0x481: 0x0a08, 0x482: 0x0a08, 0x483: 0x0a08, 0x484: 0x0a08, 0x485: 0x0a08,
+	0x486: 0x0a08, 0x487: 0x0a08, 0x488: 0x0c08, 0x489: 0x0a08, 0x48a: 0x0a08, 0x48b: 0x3308,
+	0x48c: 0x3308, 0x48d: 0x3308, 0x48e: 0x3308, 0x48f: 0x3308, 0x490: 0x3308, 0x491: 0x3308,
+	0x492: 0x3308, 0x493: 0x3308, 0x494: 0x3308, 0x495: 0x3308, 0x496: 0x3308, 0x497: 0x3308,
+	0x498: 0x3308, 0x499: 0x3308, 0x49a: 0x3308, 0x49b: 0x3308, 0x49c: 0x3308, 0x49d: 0x3308,
+	0x49e: 0x3308, 0x49f: 0x3308, 0x4a0: 0x0808, 0x4a1: 0x0808, 0x4a2: 0x0808, 0x4a3: 0x0808,
+	0x4a4: 0x0808, 0x4a5: 0x0808, 0x4a6: 0x0808, 0x4a7: 0x0808, 0x4a8: 0x0808, 0x4a9: 0x0808,
+	0x4aa: 0x0018, 0x4ab: 0x0818, 0x4ac: 0x0818, 0x4ad: 0x0818, 0x4ae: 0x0a08, 0x4af: 0x0a08,
+	0x4b0: 0x3308, 0x4b1: 0x0c08, 0x4b2: 0x0c08, 0x4b3: 0x0c08, 0x4b4: 0x0808, 0x4b5: 0x0139,
+	0x4b6: 0x0141, 0x4b7: 0x0149, 0x4b8: 0x0151, 0x4b9: 0x0a08, 0x4ba: 0x0a08, 0x4bb: 0x0a08,
+	0x4bc: 0x0a08, 0x4bd: 0x0a08, 0x4be: 0x0a08, 0x4bf: 0x0a08,
+	// Block 0x13, offset 0x4c0
+	0x4c0: 0x0c08, 0x4c1: 0x0a08, 0x4c2: 0x0a08, 0x4c3: 0x0c08, 0x4c4: 0x0c08, 0x4c5: 0x0c08,
+	0x4c6: 0x0c08, 0x4c7: 0x0c08, 0x4c8: 0x0c08, 0x4c9: 0x0c08, 0x4ca: 0x0c08, 0x4cb: 0x0c08,
+	0x4cc: 0x0a08, 0x4cd: 0x0c08, 0x4ce: 0x0a08, 0x4cf: 0x0c08, 0x4d0: 0x0a08, 0x4d1: 0x0a08,
+	0x4d2: 0x0c08, 0x4d3: 0x0c08, 0x4d4: 0x0818, 0x4d5: 0x0c08, 0x4d6: 0x3308, 0x4d7: 0x3308,
+	0x4d8: 0x3308, 0x4d9: 0x3308, 0x4da: 0x3308, 0x4db: 0x3308, 0x4dc: 0x3308, 0x4dd: 0x0840,
+	0x4de: 0x0018, 0x4df: 0x3308, 0x4e0: 0x3308, 0x4e1: 0x3308, 0x4e2: 0x3308, 0x4e3: 0x3308,
+	0x4e4: 0x3308, 0x4e5: 0x0808, 0x4e6: 0x0808, 0x4e7: 0x3308, 0x4e8: 0x3308, 0x4e9: 0x0018,
+	0x4ea: 0x3308, 0x4eb: 0x3308, 0x4ec: 0x3308, 0x4ed: 0x3308, 0x4ee: 0x0c08, 0x4ef: 0x0c08,
+	0x4f0: 0x0008, 0x4f1: 0x0008, 0x4f2: 0x0008, 0x4f3: 0x0008, 0x4f4: 0x0008, 0x4f5: 0x0008,
+	0x4f6: 0x0008, 0x4f7: 0x0008, 0x4f8: 0x0008, 0x4f9: 0x0008, 0x4fa: 0x0a08, 0x4fb: 0x0a08,
+	0x4fc: 0x0a08, 0x4fd: 0x0808, 0x4fe: 0x0808, 0x4ff: 0x0a08,
+	// Block 0x14, offset 0x500
+	0x500: 0x0818, 0x501: 0x0818, 0x502: 0x0818, 0x503: 0x0818, 0x504: 0x0818, 0x505: 0x0818,
+	0x506: 0x0818, 0x507: 0x0818, 0x508: 0x0818, 0x509: 0x0818, 0x50a: 0x0818, 0x50b: 0x0818,
+	0x50c: 0x0818, 0x50d: 0x0818, 0x50e: 0x0040, 0x50f: 0x0b40, 0x510: 0x0c08, 0x511: 0x3308,
+	0x512: 0x0a08, 0x513: 0x0a08, 0x514: 0x0a08, 0x515: 0x0c08, 0x516: 0x0c08, 0x517: 0x0c08,
+	0x518: 0x0c08, 0x519: 0x0c08, 0x51a: 0x0a08, 0x51b: 0x0a08, 0x51c: 0x0a08, 0x51d: 0x0a08,
+	0x51e: 0x0c08, 0x51f: 0x0a08, 0x520: 0x0a08, 0x521: 0x0a08, 0x522: 0x0a08, 0x523: 0x0a08,
+	0x524: 0x0a08, 0x525: 0x0a08, 0x526: 0x0a08, 0x527: 0x0a08, 0x528: 0x0c08, 0x529: 0x0a08,
+	0x52a: 0x0c08, 0x52b: 0x0a08, 0x52c: 0x0c08, 0x52d: 0x0a08, 0x52e: 0x0a08, 0x52f: 0x0c08,
+	0x530: 0x3308, 0x531: 0x3308, 0x532: 0x3308, 0x533: 0x3308, 0x534: 0x3308, 0x535: 0x3308,
+	0x536: 0x3308, 0x537: 0x3308, 0x538: 0x3308, 0x539: 0x3308, 0x53a: 0x3308, 0x53b: 0x3308,
+	0x53c: 0x3308, 0x53d: 0x3308, 0x53e: 0x3308, 0x53f: 0x3308,
+	// Block 0x15, offset 0x540
+	0x540: 0x0c08, 0x541: 0x0a08, 0x542: 0x0a08, 0x543: 0x0a08, 0x544: 0x0a08, 0x545: 0x0a08,
+	0x546: 0x0c08, 0x547: 0x0c08, 0x548: 0x0a08, 0x549: 0x0c08, 0x54a: 0x0a08, 0x54b: 0x0a08,
+	0x54c: 0x0a08, 0x54d: 0x0a08, 0x54e: 0x0a08, 0x54f: 0x0a08, 0x550: 0x0a08, 0x551: 0x0a08,
+	0x552: 0x0a08, 0x553: 0x0a08, 0x554: 0x0c08, 0x555: 0x0a08, 0x556: 0x0c08, 0x557: 0x0c08,
+	0x558: 0x0c08, 0x559: 0x3308, 0x55a: 0x3308, 0x55b: 0x3308, 0x55c: 0x0040, 0x55d: 0x0040,
+	0x55e: 0x0818, 0x55f: 0x0040, 0x560: 0x0a08, 0x561: 0x0808, 0x562: 0x0a08, 0x563: 0x0a08,
+	0x564: 0x0a08, 0x565: 0x0a08, 0x566: 0x0808, 0x567: 0x0c08, 0x568: 0x0a08, 0x569: 0x0c08,
+	0x56a: 0x0c08, 0x56b: 0x0040, 0x56c: 0x0040, 0x56d: 0x0040, 0x56e: 0x0040, 0x56f: 0x0040,
+	0x570: 0x0c08, 0x571: 0x0c08, 0x572: 0x0c08, 0x573: 0x0c08, 0x574: 0x0c08, 0x575: 0x0c08,
+	0x576: 0x0c08, 0x577: 0x0c08, 0x578: 0x0c08, 0x579: 0x0c08, 0x57a: 0x0c08, 0x57b: 0x0c08,
+	0x57c: 0x0c08, 0x57d: 0x0c08, 0x57e: 0x0c08, 0x57f: 0x0c08,
+	// Block 0x16, offset 0x580
+	0x580: 0x0c08, 0x581: 0x0c08, 0x582: 0x0c08, 0x583: 0x0808, 0x584: 0x0808, 0x585: 0x0808,
+	0x586: 0x0a08, 0x587: 0x0808, 0x588: 0x0818, 0x589: 0x0a08, 0x58a: 0x0a08, 0x58b: 0x0a08,
+	0x58c: 0x0a08, 0x58d: 0x0a08, 0x58e: 0x0c08, 0x58f: 0x0040, 0x590: 0x0840, 0x591: 0x0840,
+	0x592: 0x0040, 0x593: 0x0040, 0x594: 0x0040, 0x595: 0x0040, 0x596: 0x0040, 0x597: 0x0040,
+	0x598: 0x3308, 0x599: 0x3308, 0x59a: 0x3308, 0x59b: 0x3308, 0x59c: 0x3308, 0x59d: 0x3308,
+	0x59e: 0x3308, 0x59f: 0x3308, 0x5a0: 0x0a08, 0x5a1: 0x0a08, 0x5a2: 0x0a08, 0x5a3: 0x0a08,
+	0x5a4: 0x0a08, 0x5a5: 0x0a08, 0x5a6: 0x0a08, 0x5a7: 0x0a08, 0x5a8: 0x0a08, 0x5a9: 0x0a08,
+	0x5aa: 0x0c08, 0x5ab: 0x0c08, 0x5ac: 0x0c08, 0x5ad: 0x0808, 0x5ae: 0x0c08, 0x5af: 0x0a08,
+	0x5b0: 0x0a08, 0x5b1: 0x0c08, 0x5b2: 0x0c08, 0x5b3: 0x0a08, 0x5b4: 0x0a08, 0x5b5: 0x0a08,
+	0x5b6: 0x0a08, 0x5b7: 0x0a08, 0x5b8: 0x0a08, 0x5b9: 0x0c08, 0x5ba: 0x0a08, 0x5bb: 0x0a08,
+	0x5bc: 0x0a08, 0x5bd: 0x0a08, 0x5be: 0x0a08, 0x5bf: 0x0a08,
+	// Block 0x17, offset 0x5c0
+	0x5c0: 0x3008, 0x5c1: 0x3308, 0x5c2: 0x3308, 0x5c3: 0x3308, 0x5c4: 0x3308, 0x5c5: 0x3308,
+	0x5c6: 0x3308, 0x5c7: 0x3308, 0x5c8: 0x3308, 0x5c9: 0x3008, 0x5ca: 0x3008, 0x5cb: 0x3008,
+	0x5cc: 0x3008, 0x5cd: 0x3b08, 0x5ce: 0x3008, 0x5cf: 0x3008, 0x5d0: 0x0008, 0x5d1: 0x3308,
+	0x5d2: 0x3308, 0x5d3: 0x3308, 0x5d4: 0x3308, 0x5d5: 0x3308, 0x5d6: 0x3308, 0x5d7: 0x3308,
+	0x5d8: 0x0159, 0x5d9: 0x0161, 0x5da: 0x0169, 0x5db: 0x0171, 0x5dc: 0x0179, 0x5dd: 0x0181,
+	0x5de: 0x0189, 0x5df: 0x0191, 0x5e0: 0x0008, 0x5e1: 0x0008, 0x5e2: 0x3308, 0x5e3: 0x3308,
+	0x5e4: 0x0018, 0x5e5: 0x0018, 0x5e6: 0x0008, 0x5e7: 0x0008, 0x5e8: 0x0008, 0x5e9: 0x0008,
+	0x5ea: 0x0008, 0x5eb: 0x0008, 0x5ec: 0x0008, 0x5ed: 0x0008, 0x5ee: 0x0008, 0x5ef: 0x0008,
+	0x5f0: 0x0018, 0x5f1: 0x0008, 0x5f2: 0x0008, 0x5f3: 0x0008, 0x5f4: 0x0008, 0x5f5: 0x0008,
+	0x5f6: 0x0008, 0x5f7: 0x0008, 0x5f8: 0x0008, 0x5f9: 0x0008, 0x5fa: 0x0008, 0x5fb: 0x0008,
+	0x5fc: 0x0008, 0x5fd: 0x0008, 0x5fe: 0x0008, 0x5ff: 0x0008,
+	// Block 0x18, offset 0x600
+	0x600: 0x0008, 0x601: 0x3308, 0x602: 0x3008, 0x603: 0x3008, 0x604: 0x0040, 0x605: 0x0008,
+	0x606: 0x0008, 0x607: 0x0008, 0x608: 0x0008, 0x609: 0x0008, 0x60a: 0x0008, 0x60b: 0x0008,
+	0x60c: 0x0008, 0x60d: 0x0040, 0x60e: 0x0040, 0x60f: 0x0008, 0x610: 0x0008, 0x611: 0x0040,
+	0x612: 0x0040, 0x613: 0x0008, 0x614: 0x0008, 0x615: 0x0008, 0x616: 0x0008, 0x617: 0x0008,
+	0x618: 0x0008, 0x619: 0x0008, 0x61a: 0x0008, 0x61b: 0x0008, 0x61c: 0x0008, 0x61d: 0x0008,
+	0x61e: 0x0008, 0x61f: 0x0008, 0x620: 0x0008, 0x621: 0x0008, 0x622: 0x0008, 0x623: 0x0008,
+	0x624: 0x0008, 0x625: 0x0008, 0x626: 0x0008, 0x627: 0x0008, 0x628: 0x0008, 0x629: 0x0040,
+	0x62a: 0x0008, 0x62b: 0x0008, 0x62c: 0x0008, 0x62d: 0x0008, 0x62e: 0x0008, 0x62f: 0x0008,
+	0x630: 0x0008, 0x631: 0x0040, 0x632: 0x0008, 0x633: 0x0040, 0x634: 0x0040, 0x635: 0x0040,
+	0x636: 0x0008, 0x637: 0x0008, 0x638: 0x0008, 0x639: 0x0008, 0x63a: 0x0040, 0x63b: 0x0040,
+	0x63c: 0x3308, 0x63d: 0x0008, 0x63e: 0x3008, 0x63f: 0x3008,
+	// Block 0x19, offset 0x640
+	0x640: 0x3008, 0x641: 0x3308, 0x642: 0x3308, 0x643: 0x3308, 0x644: 0x3308, 0x645: 0x0040,
+	0x646: 0x0040, 0x647: 0x3008, 0x648: 0x3008, 0x649: 0x0040, 0x64a: 0x0040, 0x64b: 0x3008,
+	0x64c: 0x3008, 0x64d: 0x3b08, 0x64e: 0x0008, 0x64f: 0x0040, 0x650: 0x0040, 0x651: 0x0040,
+	0x652: 0x0040, 0x653: 0x0040, 0x654: 0x0040, 0x655: 0x0040, 0x656: 0x0040, 0x657: 0x3008,
+	0x658: 0x0040, 0x659: 0x0040, 0x65a: 0x0040, 0x65b: 0x0040, 0x65c: 0x0199, 0x65d: 0x01a1,
+	0x65e: 0x0040, 0x65f: 0x01a9, 0x660: 0x0008, 0x661: 0x0008, 0x662: 0x3308, 0x663: 0x3308,
+	0x664: 0x0040, 0x665: 0x0040, 0x666: 0x0008, 0x667: 0x0008, 0x668: 0x0008, 0x669: 0x0008,
+	0x66a: 0x0008, 0x66b: 0x0008, 0x66c: 0x0008, 0x66d: 0x0008, 0x66e: 0x0008, 0x66f: 0x0008,
+	0x670: 0x0008, 0x671: 0x0008, 0x672: 0x0018, 0x673: 0x0018, 0x674: 0x0018, 0x675: 0x0018,
+	0x676: 0x0018, 0x677: 0x0018, 0x678: 0x0018, 0x679: 0x0018, 0x67a: 0x0018, 0x67b: 0x0018,
+	0x67c: 0x0008, 0x67d: 0x0018, 0x67e: 0x3308, 0x67f: 0x0040,
+	// Block 0x1a, offset 0x680
+	0x680: 0x0040, 0x681: 0x3308, 0x682: 0x3308, 0x683: 0x3008, 0x684: 0x0040, 0x685: 0x0008,
+	0x686: 0x0008, 0x687: 0x0008, 0x688: 0x0008, 0x689: 0x0008, 0x68a: 0x0008, 0x68b: 0x0040,
+	0x68c: 0x0040, 0x68d: 0x0040, 0x68e: 0x0040, 0x68f: 0x0008, 0x690: 0x0008, 0x691: 0x0040,
+	0x692: 0x0040, 0x693: 0x0008, 0x694: 0x0008, 0x695: 0x0008, 0x696: 0x0008, 0x697: 0x0008,
+	0x698: 0x0008, 0x699: 0x0008, 0x69a: 0x0008, 0x69b: 0x0008, 0x69c: 0x0008, 0x69d: 0x0008,
+	0x69e: 0x0008, 0x69f: 0x0008, 0x6a0: 0x0008, 0x6a1: 0x0008, 0x6a2: 0x0008, 0x6a3: 0x0008,
+	0x6a4: 0x0008, 0x6a5: 0x0008, 0x6a6: 0x0008, 0x6a7: 0x0008, 0x6a8: 0x0008, 0x6a9: 0x0040,
+	0x6aa: 0x0008, 0x6ab: 0x0008, 0x6ac: 0x0008, 0x6ad: 0x0008, 0x6ae: 0x0008, 0x6af: 0x0008,
+	0x6b0: 0x0008, 0x6b1: 0x0040, 0x6b2: 0x0008, 0x6b3: 0x01b1, 0x6b4: 0x0040, 0x6b5: 0x0008,
+	0x6b6: 0x01b9, 0x6b7: 0x0040, 0x6b8: 0x0008, 0x6b9: 0x0008, 0x6ba: 0x0040, 0x6bb: 0x0040,
+	0x6bc: 0x3308, 0x6bd: 0x0040, 0x6be: 0x3008, 0x6bf: 0x3008,
+	// Block 0x1b, offset 0x6c0
+	0x6c0: 0x3008, 0x6c1: 0x3308, 0x6c2: 0x3308, 0x6c3: 0x0040, 0x6c4: 0x0040, 0x6c5: 0x0040,
+	0x6c6: 0x0040, 0x6c7: 0x3308, 0x6c8: 0x3308, 0x6c9: 0x0040, 0x6ca: 0x0040, 0x6cb: 0x3308,
+	0x6cc: 0x3308, 0x6cd: 0x3b08, 0x6ce: 0x0040, 0x6cf: 0x0040, 0x6d0: 0x0040, 0x6d1: 0x3308,
+	0x6d2: 0x0040, 0x6d3: 0x0040, 0x6d4: 0x0040, 0x6d5: 0x0040, 0x6d6: 0x0040, 0x6d7: 0x0040,
+	0x6d8: 0x0040, 0x6d9: 0x01c1, 0x6da: 0x01c9, 0x6db: 0x01d1, 0x6dc: 0x0008, 0x6dd: 0x0040,
+	0x6de: 0x01d9, 0x6df: 0x0040, 0x6e0: 0x0040, 0x6e1: 0x0040, 0x6e2: 0x0040, 0x6e3: 0x0040,
+	0x6e4: 0x0040, 0x6e5: 0x0040, 0x6e6: 0x0008, 0x6e7: 0x0008, 0x6e8: 0x0008, 0x6e9: 0x0008,
+	0x6ea: 0x0008, 0x6eb: 0x0008, 0x6ec: 0x0008, 0x6ed: 0x0008, 0x6ee: 0x0008, 0x6ef: 0x0008,
+	0x6f0: 0x3308, 0x6f1: 0x3308, 0x6f2: 0x0008, 0x6f3: 0x0008, 0x6f4: 0x0008, 0x6f5: 0x3308,
+	0x6f6: 0x0018, 0x6f7: 0x0040, 0x6f8: 0x0040, 0x6f9: 0x0040, 0x6fa: 0x0040, 0x6fb: 0x0040,
+	0x6fc: 0x0040, 0x6fd: 0x0040, 0x6fe: 0x0040, 0x6ff: 0x0040,
+	// Block 0x1c, offset 0x700
+	0x700: 0x0040, 0x701: 0x3308, 0x702: 0x3308, 0x703: 0x3008, 0x704: 0x0040, 0x705: 0x0008,
+	0x706: 0x0008, 0x707: 0x0008, 0x708: 0x0008, 0x709: 0x0008, 0x70a: 0x0008, 0x70b: 0x0008,
+	0x70c: 0x0008, 0x70d: 0x0008, 0x70e: 0x0040, 0x70f: 0x0008, 0x710: 0x0008, 0x711: 0x0008,
+	0x712: 0x0040, 0x713: 0x0008, 0x714: 0x0008, 0x715: 0x0008, 0x716: 0x0008, 0x717: 0x0008,
+	0x718: 0x0008, 0x719: 0x0008, 0x71a: 0x0008, 0x71b: 0x0008, 0x71c: 0x0008, 0x71d: 0x0008,
+	0x71e: 0x0008, 0x71f: 0x0008, 0x720: 0x0008, 0x721: 0x0008, 0x722: 0x0008, 0x723: 0x0008,
+	0x724: 0x0008, 0x725: 0x0008, 0x726: 0x0008, 0x727: 0x0008, 0x728: 0x0008, 0x729: 0x0040,
+	0x72a: 0x0008, 0x72b: 0x0008, 0x72c: 0x0008, 0x72d: 0x0008, 0x72e: 0x0008, 0x72f: 0x0008,
+	0x730: 0x0008, 0x731: 0x0040, 0x732: 0x0008, 0x733: 0x0008, 0x734: 0x0040, 0x735: 0x0008,
+	0x736: 0x0008, 0x737: 0x0008, 0x738: 0x0008, 0x739: 0x0008, 0x73a: 0x0040, 0x73b: 0x0040,
+	0x73c: 0x3308, 0x73d: 0x0008, 0x73e: 0x3008, 0x73f: 0x3008,
+	// Block 0x1d, offset 0x740
+	0x740: 0x3008, 0x741: 0x3308, 0x742: 0x3308, 0x743: 0x3308, 0x744: 0x3308, 0x745: 0x3308,
+	0x746: 0x0040, 0x747: 0x3308, 0x748: 0x3308, 0x749: 0x3008, 0x74a: 0x0040, 0x74b: 0x3008,
+	0x74c: 0x3008, 0x74d: 0x3b08, 0x74e: 0x0040, 0x74f: 0x0040, 0x750: 0x0008, 0x751: 0x0040,
+	0x752: 0x0040, 0x753: 0x0040, 0x754: 0x0040, 0x755: 0x0040, 0x756: 0x0040, 0x757: 0x0040,
+	0x758: 0x0040, 0x759: 0x0040, 0x75a: 0x0040, 0x75b: 0x0040, 0x75c: 0x0040, 0x75d: 0x0040,
+	0x75e: 0x0040, 0x75f: 0x0040, 0x760: 0x0008, 0x761: 0x0008, 0x762: 0x3308, 0x763: 0x3308,
+	0x764: 0x0040, 0x765: 0x0040, 0x766: 0x0008, 0x767: 0x0008, 0x768: 0x0008, 0x769: 0x0008,
+	0x76a: 0x0008, 0x76b: 0x0008, 0x76c: 0x0008, 0x76d: 0x0008, 0x76e: 0x0008, 0x76f: 0x0008,
+	0x770: 0x0018, 0x771: 0x0018, 0x772: 0x0040, 0x773: 0x0040, 0x774: 0x0040, 0x775: 0x0040,
+	0x776: 0x0040, 0x777: 0x0040, 0x778: 0x0040, 0x779: 0x0008, 0x77a: 0x3308, 0x77b: 0x3308,
+	0x77c: 0x3308, 0x77d: 0x3308, 0x77e: 0x3308, 0x77f: 0x3308,
+	// Block 0x1e, offset 0x780
+	0x780: 0x0040, 0x781: 0x3308, 0x782: 0x3008, 0x783: 0x3008, 0x784: 0x0040, 0x785: 0x0008,
+	0x786: 0x0008, 0x787: 0x0008, 0x788: 0x0008, 0x789: 0x0008, 0x78a: 0x0008, 0x78b: 0x0008,
+	0x78c: 0x0008, 0x78d: 0x0040, 0x78e: 0x0040, 0x78f: 0x0008, 0x790: 0x0008, 0x791: 0x0040,
+	0x792: 0x0040, 0x793: 0x0008, 0x794: 0x0008, 0x795: 0x0008, 0x796: 0x0008, 0x797: 0x0008,
+	0x798: 0x0008, 0x799: 0x0008, 0x79a: 0x0008, 0x79b: 0x0008, 0x79c: 0x0008, 0x79d: 0x0008,
+	0x79e: 0x0008, 0x79f: 0x0008, 0x7a0: 0x0008, 0x7a1: 0x0008, 0x7a2: 0x0008, 0x7a3: 0x0008,
+	0x7a4: 0x0008, 0x7a5: 0x0008, 0x7a6: 0x0008, 0x7a7: 0x0008, 0x7a8: 0x0008, 0x7a9: 0x0040,
+	0x7aa: 0x0008, 0x7ab: 0x0008, 0x7ac: 0x0008, 0x7ad: 0x0008, 0x7ae: 0x0008, 0x7af: 0x0008,
+	0x7b0: 0x0008, 0x7b1: 0x0040, 0x7b2: 0x0008, 0x7b3: 0x0008, 0x7b4: 0x0040, 0x7b5: 0x0008,
+	0x7b6: 0x0008, 0x7b7: 0x0008, 0x7b8: 0x0008, 0x7b9: 0x0008, 0x7ba: 0x0040, 0x7bb: 0x0040,
+	0x7bc: 0x3308, 0x7bd: 0x0008, 0x7be: 0x3008, 0x7bf: 0x3308,
+	// Block 0x1f, offset 0x7c0
+	0x7c0: 0x3008, 0x7c1: 0x3308, 0x7c2: 0x3308, 0x7c3: 0x3308, 0x7c4: 0x3308, 0x7c5: 0x0040,
+	0x7c6: 0x0040, 0x7c7: 0x3008, 0x7c8: 0x3008, 0x7c9: 0x0040, 0x7ca: 0x0040, 0x7cb: 0x3008,
+	0x7cc: 0x3008, 0x7cd: 0x3b08, 0x7ce: 0x0040, 0x7cf: 0x0040, 0x7d0: 0x0040, 0x7d1: 0x0040,
+	0x7d2: 0x0040, 0x7d3: 0x0040, 0x7d4: 0x0040, 0x7d5: 0x3308, 0x7d6: 0x3308, 0x7d7: 0x3008,
+	0x7d8: 0x0040, 0x7d9: 0x0040, 0x7da: 0x0040, 0x7db: 0x0040, 0x7dc: 0x01e1, 0x7dd: 0x01e9,
+	0x7de: 0x0040, 0x7df: 0x0008, 0x7e0: 0x0008, 0x7e1: 0x0008, 0x7e2: 0x3308, 0x7e3: 0x3308,
+	0x7e4: 0x0040, 0x7e5: 0x0040, 0x7e6: 0x0008, 0x7e7: 0x0008, 0x7e8: 0x0008, 0x7e9: 0x0008,
+	0x7ea: 0x0008, 0x7eb: 0x0008, 0x7ec: 0x0008, 0x7ed: 0x0008, 0x7ee: 0x0008, 0x7ef: 0x0008,
+	0x7f0: 0x0018, 0x7f1: 0x0008, 0x7f2: 0x0018, 0x7f3: 0x0018, 0x7f4: 0x0018, 0x7f5: 0x0018,
+	0x7f6: 0x0018, 0x7f7: 0x0018, 0x7f8: 0x0040, 0x7f9: 0x0040, 0x7fa: 0x0040, 0x7fb: 0x0040,
+	0x7fc: 0x0040, 0x7fd: 0x0040, 0x7fe: 0x0040, 0x7ff: 0x0040,
+	// Block 0x20, offset 0x800
+	0x800: 0x0040, 0x801: 0x0040, 0x802: 0x3308, 0x803: 0x0008, 0x804: 0x0040, 0x805: 0x0008,
+	0x806: 0x0008, 0x807: 0x0008, 0x808: 0x0008, 0x809: 0x0008, 0x80a: 0x0008, 0x80b: 0x0040,
+	0x80c: 0x0040, 0x80d: 0x0040, 0x80e: 0x0008, 0x80f: 0x0008, 0x810: 0x0008, 0x811: 0x0040,
+	0x812: 0x0008, 0x813: 0x0008, 0x814: 0x0008, 0x815: 0x0008, 0x816: 0x0040, 0x817: 0x0040,
+	0x818: 0x0040, 0x819: 0x0008, 0x81a: 0x0008, 0x81b: 0x0040, 0x81c: 0x0008, 0x81d: 0x0040,
+	0x81e: 0x0008, 0x81f: 0x0008, 0x820: 0x0040, 0x821: 0x0040, 0x822: 0x0040, 0x823: 0x0008,
+	0x824: 0x0008, 0x825: 0x0040, 0x826: 0x0040, 0x827: 0x0040, 0x828: 0x0008, 0x829: 0x0008,
+	0x82a: 0x0008, 0x82b: 0x0040, 0x82c: 0x0040, 0x82d: 0x0040, 0x82e: 0x0008, 0x82f: 0x0008,
+	0x830: 0x0008, 0x831: 0x0008, 0x832: 0x0008, 0x833: 0x0008, 0x834: 0x0008, 0x835: 0x0008,
+	0x836: 0x0008, 0x837: 0x0008, 0x838: 0x0008, 0x839: 0x0008, 0x83a: 0x0040, 0x83b: 0x0040,
+	0x83c: 0x0040, 0x83d: 0x0040, 0x83e: 0x3008, 0x83f: 0x3008,
+	// Block 0x21, offset 0x840
+	0x840: 0x3308, 0x841: 0x3008, 0x842: 0x3008, 0x843: 0x3008, 0x844: 0x3008, 0x845: 0x0040,
+	0x846: 0x3308, 0x847: 0x3308, 0x848: 0x3308, 0x849: 0x0040, 0x84a: 0x3308, 0x84b: 0x3308,
+	0x84c: 0x3308, 0x84d: 0x3b08, 0x84e: 0x0040, 0x84f: 0x0040, 0x850: 0x0040, 0x851: 0x0040,
+	0x852: 0x0040, 0x853: 0x0040, 0x854: 0x0040, 0x855: 0x3308, 0x856: 0x3308, 0x857: 0x0040,
+	0x858: 0x0008, 0x859: 0x0008, 0x85a: 0x0008, 0x85b: 0x0040, 0x85c: 0x0040, 0x85d: 0x0008,
+	0x85e: 0x0040, 0x85f: 0x0040, 0x860: 0x0008, 0x861: 0x0008, 0x862: 0x3308, 0x863: 0x3308,
+	0x864: 0x0040, 0x865: 0x0040, 0x866: 0x0008, 0x867: 0x0008, 0x868: 0x0008, 0x869: 0x0008,
+	0x86a: 0x0008, 0x86b: 0x0008, 0x86c: 0x0008, 0x86d: 0x0008, 0x86e: 0x0008, 0x86f: 0x0008,
+	0x870: 0x0040, 0x871: 0x0040, 0x872: 0x0040, 0x873: 0x0040, 0x874: 0x0040, 0x875: 0x0040,
+	0x876: 0x0040, 0x877: 0x0018, 0x878: 0x0018, 0x879: 0x0018, 0x87a: 0x0018, 0x87b: 0x0018,
+	0x87c: 0x0018, 0x87d: 0x0018, 0x87e: 0x0018, 0x87f: 0x0018,
+	// Block 0x22, offset 0x880
+	0x880: 0x0008, 0x881: 0x3308, 0x882: 0x3008, 0x883: 0x3008, 0x884: 0x0018, 0x885: 0x0008,
+	0x886: 0x0008, 0x887: 0x0008, 0x888: 0x0008, 0x889: 0x0008, 0x88a: 0x0008, 0x88b: 0x0008,
+	0x88c: 0x0008, 0x88d: 0x0040, 0x88e: 0x0008, 0x88f: 0x0008, 0x890: 0x0008, 0x891: 0x0040,
+	0x892: 0x0008, 0x893: 0x0008, 0x894: 0x0008, 0x895: 0x0008, 0x896: 0x0008, 0x897: 0x0008,
+	0x898: 0x0008, 0x899: 0x0008, 0x89a: 0x0008, 0x89b: 0x0008, 0x89c: 0x0008, 0x89d: 0x0008,
+	0x89e: 0x0008, 0x89f: 0x0008, 0x8a0: 0x0008, 0x8a1: 0x0008, 0x8a2: 0x0008, 0x8a3: 0x0008,
+	0x8a4: 0x0008, 0x8a5: 0x0008, 0x8a6: 0x0008, 0x8a7: 0x0008, 0x8a8: 0x0008, 0x8a9: 0x0040,
+	0x8aa: 0x0008, 0x8ab: 0x0008, 0x8ac: 0x0008, 0x8ad: 0x0008, 0x8ae: 0x0008, 0x8af: 0x0008,
+	0x8b0: 0x0008, 0x8b1: 0x0008, 0x8b2: 0x0008, 0x8b3: 0x0008, 0x8b4: 0x0040, 0x8b5: 0x0008,
+	0x8b6: 0x0008, 0x8b7: 0x0008, 0x8b8: 0x0008, 0x8b9: 0x0008, 0x8ba: 0x0040, 0x8bb: 0x0040,
+	0x8bc: 0x3308, 0x8bd: 0x0008, 0x8be: 0x3008, 0x8bf: 0x3308,
+	// Block 0x23, offset 0x8c0
+	0x8c0: 0x3008, 0x8c1: 0x3008, 0x8c2: 0x3008, 0x8c3: 0x3008, 0x8c4: 0x3008, 0x8c5: 0x0040,
+	0x8c6: 0x3308, 0x8c7: 0x3008, 0x8c8: 0x3008, 0x8c9: 0x0040, 0x8ca: 0x3008, 0x8cb: 0x3008,
+	0x8cc: 0x3308, 0x8cd: 0x3b08, 0x8ce: 0x0040, 0x8cf: 0x0040, 0x8d0: 0x0040, 0x8d1: 0x0040,
+	0x8d2: 0x0040, 0x8d3: 0x0040, 0x8d4: 0x0040, 0x8d5: 0x3008, 0x8d6: 0x3008, 0x8d7: 0x0040,
+	0x8d8: 0x0040, 0x8d9: 0x0040, 0x8da: 0x0040, 0x8db: 0x0040, 0x8dc: 0x0040, 0x8dd: 0x0008,
+	0x8de: 0x0008, 0x8df: 0x0040, 0x8e0: 0x0008, 0x8e1: 0x0008, 0x8e2: 0x3308, 0x8e3: 0x3308,
+	0x8e4: 0x0040, 0x8e5: 0x0040, 0x8e6: 0x0008, 0x8e7: 0x0008, 0x8e8: 0x0008, 0x8e9: 0x0008,
+	0x8ea: 0x0008, 0x8eb: 0x0008, 0x8ec: 0x0008, 0x8ed: 0x0008, 0x8ee: 0x0008, 0x8ef: 0x0008,
+	0x8f0: 0x0040, 0x8f1: 0x0008, 0x8f2: 0x0008, 0x8f3: 0x3008, 0x8f4: 0x0040, 0x8f5: 0x0040,
+	0x8f6: 0x0040, 0x8f7: 0x0040, 0x8f8: 0x0040, 0x8f9: 0x0040, 0x8fa: 0x0040, 0x8fb: 0x0040,
+	0x8fc: 0x0040, 0x8fd: 0x0040, 0x8fe: 0x0040, 0x8ff: 0x0040,
+	// Block 0x24, offset 0x900
+	0x900: 0x3008, 0x901: 0x3308, 0x902: 0x3308, 0x903: 0x3308, 0x904: 0x3308, 0x905: 0x0040,
+	0x906: 0x3008, 0x907: 0x3008, 0x908: 0x3008, 0x909: 0x0040, 0x90a: 0x3008, 0x90b: 0x3008,
+	0x90c: 0x3008, 0x90d: 0x3b08, 0x90e: 0x0008, 0x90f: 0x0018, 0x910: 0x0040, 0x911: 0x0040,
+	0x912: 0x0040, 0x913: 0x0040, 0x914: 0x0008, 0x915: 0x0008, 0x916: 0x0008, 0x917: 0x3008,
+	0x918: 0x0018, 0x919: 0x0018, 0x91a: 0x0018, 0x91b: 0x0018, 0x91c: 0x0018, 0x91d: 0x0018,
+	0x91e: 0x0018, 0x91f: 0x0008, 0x920: 0x0008, 0x921: 0x0008, 0x922: 0x3308, 0x923: 0x3308,
+	0x924: 0x0040, 0x925: 0x0040, 0x926: 0x0008, 0x927: 0x0008, 0x928: 0x0008, 0x929: 0x0008,
+	0x92a: 0x0008, 0x92b: 0x0008, 0x92c: 0x0008, 0x92d: 0x0008, 0x92e: 0x0008, 0x92f: 0x0008,
+	0x930: 0x0018, 0x931: 0x0018, 0x932: 0x0018, 0x933: 0x0018, 0x934: 0x0018, 0x935: 0x0018,
+	0x936: 0x0018, 0x937: 0x0018, 0x938: 0x0018, 0x939: 0x0018, 0x93a: 0x0008, 0x93b: 0x0008,
+	0x93c: 0x0008, 0x93d: 0x0008, 0x93e: 0x0008, 0x93f: 0x0008,
+	// Block 0x25, offset 0x940
+	0x940: 0x0040, 0x941: 0x0008, 0x942: 0x0008, 0x943: 0x0040, 0x944: 0x0008, 0x945: 0x0040,
+	0x946: 0x0008, 0x947: 0x0008, 0x948: 0x0008, 0x949: 0x0008, 0x94a: 0x0008, 0x94b: 0x0040,
+	0x94c: 0x0008, 0x94d: 0x0008, 0x94e: 0x0008, 0x94f: 0x0008, 0x950: 0x0008, 0x951: 0x0008,
+	0x952: 0x0008, 0x953: 0x0008, 0x954: 0x0008, 0x955: 0x0008, 0x956: 0x0008, 0x957: 0x0008,
+	0x958: 0x0008, 0x959: 0x0008, 0x95a: 0x0008, 0x95b: 0x0008, 0x95c: 0x0008, 0x95d: 0x0008,
+	0x95e: 0x0008, 0x95f: 0x0008, 0x960: 0x0008, 0x961: 0x0008, 0x962: 0x0008, 0x963: 0x0008,
+	0x964: 0x0040, 0x965: 0x0008, 0x966: 0x0040, 0x967: 0x0008, 0x968: 0x0008, 0x969: 0x0008,
+	0x96a: 0x0008, 0x96b: 0x0008, 0x96c: 0x0008, 0x96d: 0x0008, 0x96e: 0x0008, 0x96f: 0x0008,
+	0x970: 0x0008, 0x971: 0x3308, 0x972: 0x0008, 0x973: 0x01f9, 0x974: 0x3308, 0x975: 0x3308,
+	0x976: 0x3308, 0x977: 0x3308, 0x978: 0x3308, 0x979: 0x3308, 0x97a: 0x3b08, 0x97b: 0x3308,
+	0x97c: 0x3308, 0x97d: 0x0008, 0x97e: 0x0040, 0x97f: 0x0040,
+	// Block 0x26, offset 0x980
+	0x980: 0x0008, 0x981: 0x0008, 0x982: 0x0008, 0x983: 0x0211, 0x984: 0x0008, 0x985: 0x0008,
+	0x986: 0x0008, 0x987: 0x0008, 0x988: 0x0040, 0x989: 0x0008, 0x98a: 0x0008, 0x98b: 0x0008,
+	0x98c: 0x0008, 0x98d: 0x0219, 0x98e: 0x0008, 0x98f: 0x0008, 0x990: 0x0008, 0x991: 0x0008,
+	0x992: 0x0221, 0x993: 0x0008, 0x994: 0x0008, 0x995: 0x0008, 0x996: 0x0008, 0x997: 0x0229,
+	0x998: 0x0008, 0x999: 0x0008, 0x99a: 0x0008, 0x99b: 0x0008, 0x99c: 0x0231, 0x99d: 0x0008,
+	0x99e: 0x0008, 0x99f: 0x0008, 0x9a0: 0x0008, 0x9a1: 0x0008, 0x9a2: 0x0008, 0x9a3: 0x0008,
+	0x9a4: 0x0008, 0x9a5: 0x0008, 0x9a6: 0x0008, 0x9a7: 0x0008, 0x9a8: 0x0008, 0x9a9: 0x0239,
+	0x9aa: 0x0008, 0x9ab: 0x0008, 0x9ac: 0x0008, 0x9ad: 0x0040, 0x9ae: 0x0040, 0x9af: 0x0040,
+	0x9b0: 0x0040, 0x9b1: 0x3308, 0x9b2: 0x3308, 0x9b3: 0x0241, 0x9b4: 0x3308, 0x9b5: 0x0249,
+	0x9b6: 0x0251, 0x9b7: 0x0259, 0x9b8: 0x0261, 0x9b9: 0x0269, 0x9ba: 0x3308, 0x9bb: 0x3308,
+	0x9bc: 0x3308, 0x9bd: 0x3308, 0x9be: 0x3308, 0x9bf: 0x3008,
+	// Block 0x27, offset 0x9c0
+	0x9c0: 0x3308, 0x9c1: 0x0271, 0x9c2: 0x3308, 0x9c3: 0x3308, 0x9c4: 0x3b08, 0x9c5: 0x0018,
+	0x9c6: 0x3308, 0x9c7: 0x3308, 0x9c8: 0x0008, 0x9c9: 0x0008, 0x9ca: 0x0008, 0x9cb: 0x0008,
+	0x9cc: 0x0008, 0x9cd: 0x3308, 0x9ce: 0x3308, 0x9cf: 0x3308, 0x9d0: 0x3308, 0x9d1: 0x3308,
+	0x9d2: 0x3308, 0x9d3: 0x0279, 0x9d4: 0x3308, 0x9d5: 0x3308, 0x9d6: 0x3308, 0x9d7: 0x3308,
+	0x9d8: 0x0040, 0x9d9: 0x3308, 0x9da: 0x3308, 0x9db: 0x3308, 0x9dc: 0x3308, 0x9dd: 0x0281,
+	0x9de: 0x3308, 0x9df: 0x3308, 0x9e0: 0x3308, 0x9e1: 0x3308, 0x9e2: 0x0289, 0x9e3: 0x3308,
+	0x9e4: 0x3308, 0x9e5: 0x3308, 0x9e6: 0x3308, 0x9e7: 0x0291, 0x9e8: 0x3308, 0x9e9: 0x3308,
+	0x9ea: 0x3308, 0x9eb: 0x3308, 0x9ec: 0x0299, 0x9ed: 0x3308, 0x9ee: 0x3308, 0x9ef: 0x3308,
+	0x9f0: 0x3308, 0x9f1: 0x3308, 0x9f2: 0x3308, 0x9f3: 0x3308, 0x9f4: 0x3308, 0x9f5: 0x3308,
+	0x9f6: 0x3308, 0x9f7: 0x3308, 0x9f8: 0x3308, 0x9f9: 0x02a1, 0x9fa: 0x3308, 0x9fb: 0x3308,
+	0x9fc: 0x3308, 0x9fd: 0x0040, 0x9fe: 0x0018, 0x9ff: 0x0018,
+	// Block 0x28, offset 0xa00
+	0xa00: 0x0008, 0xa01: 0x0008, 0xa02: 0x0008, 0xa03: 0x0008, 0xa04: 0x0008, 0xa05: 0x0008,
+	0xa06: 0x0008, 0xa07: 0x0008, 0xa08: 0x0008, 0xa09: 0x0008, 0xa0a: 0x0008, 0xa0b: 0x0008,
+	0xa0c: 0x0008, 0xa0d: 0x0008, 0xa0e: 0x0008, 0xa0f: 0x0008, 0xa10: 0x0008, 0xa11: 0x0008,
+	0xa12: 0x0008, 0xa13: 0x0008, 0xa14: 0x0008, 0xa15: 0x0008, 0xa16: 0x0008, 0xa17: 0x0008,
+	0xa18: 0x0008, 0xa19: 0x0008, 0xa1a: 0x0008, 0xa1b: 0x0008, 0xa1c: 0x0008, 0xa1d: 0x0008,
+	0xa1e: 0x0008, 0xa1f: 0x0008, 0xa20: 0x0008, 0xa21: 0x0008, 0xa22: 0x0008, 0xa23: 0x0008,
+	0xa24: 0x0008, 0xa25: 0x0008, 0xa26: 0x0008, 0xa27: 0x0008, 0xa28: 0x0008, 0xa29: 0x0008,
+	0xa2a: 0x0008, 0xa2b: 0x0008, 0xa2c: 0x0019, 0xa2d: 0x02e1, 0xa2e: 0x02e9, 0xa2f: 0x0008,
+	0xa30: 0x02f1, 0xa31: 0x02f9, 0xa32: 0x0301, 0xa33: 0x0309, 0xa34: 0x00a9, 0xa35: 0x0311,
+	0xa36: 0x00b1, 0xa37: 0x0319, 0xa38: 0x0101, 0xa39: 0x0321, 0xa3a: 0x0329, 0xa3b: 0x0008,
+	0xa3c: 0x0051, 0xa3d: 0x0331, 0xa3e: 0x0339, 0xa3f: 0x00b9,
+	// Block 0x29, offset 0xa40
+	0xa40: 0x0341, 0xa41: 0x0349, 0xa42: 0x00c1, 0xa43: 0x0019, 0xa44: 0x0351, 0xa45: 0x0359,
+	0xa46: 0x05b5, 0xa47: 0x02e9, 0xa48: 0x02f1, 0xa49: 0x02f9, 0xa4a: 0x0361, 0xa4b: 0x0369,
+	0xa4c: 0x0371, 0xa4d: 0x0309, 0xa4e: 0x0008, 0xa4f: 0x0319, 0xa50: 0x0321, 0xa51: 0x0379,
+	0xa52: 0x0051, 0xa53: 0x0381, 0xa54: 0x05cd, 0xa55: 0x05cd, 0xa56: 0x0339, 0xa57: 0x0341,
+	0xa58: 0x0349, 0xa59: 0x05b5, 0xa5a: 0x0389, 0xa5b: 0x0391, 0xa5c: 0x05e5, 0xa5d: 0x0399,
+	0xa5e: 0x03a1, 0xa5f: 0x03a9, 0xa60: 0x03b1, 0xa61: 0x03b9, 0xa62: 0x0311, 0xa63: 0x00b9,
+	0xa64: 0x0349, 0xa65: 0x0391, 0xa66: 0x0399, 0xa67: 0x03a1, 0xa68: 0x03c1, 0xa69: 0x03b1,
+	0xa6a: 0x03b9, 0xa6b: 0x0008, 0xa6c: 0x0008, 0xa6d: 0x0008, 0xa6e: 0x0008, 0xa6f: 0x0008,
+	0xa70: 0x0008, 0xa71: 0x0008, 0xa72: 0x0008, 0xa73: 0x0008, 0xa74: 0x0008, 0xa75: 0x0008,
+	0xa76: 0x0008, 0xa77: 0x0008, 0xa78: 0x03c9, 0xa79: 0x0008, 0xa7a: 0x0008, 0xa7b: 0x0008,
+	0xa7c: 0x0008, 0xa7d: 0x0008, 0xa7e: 0x0008, 0xa7f: 0x0008,
+	// Block 0x2a, offset 0xa80
+	0xa80: 0x0008, 0xa81: 0x0008, 0xa82: 0x0008, 0xa83: 0x0008, 0xa84: 0x0008, 0xa85: 0x0008,
+	0xa86: 0x0008, 0xa87: 0x0008, 0xa88: 0x0008, 0xa89: 0x0008, 0xa8a: 0x0008, 0xa8b: 0x0008,
+	0xa8c: 0x0008, 0xa8d: 0x0008, 0xa8e: 0x0008, 0xa8f: 0x0008, 0xa90: 0x0008, 0xa91: 0x0008,
+	0xa92: 0x0008, 0xa93: 0x0008, 0xa94: 0x0008, 0xa95: 0x0008, 0xa96: 0x0008, 0xa97: 0x0008,
+	0xa98: 0x0008, 0xa99: 0x0008, 0xa9a: 0x0008, 0xa9b: 0x03d1, 0xa9c: 0x03d9, 0xa9d: 0x03e1,
+	0xa9e: 0x03e9, 0xa9f: 0x0371, 0xaa0: 0x03f1, 0xaa1: 0x03f9, 0xaa2: 0x0401, 0xaa3: 0x0409,
+	0xaa4: 0x0411, 0xaa5: 0x0419, 0xaa6: 0x0421, 0xaa7: 0x05fd, 0xaa8: 0x0429, 0xaa9: 0x0431,
+	0xaaa: 0xe17d, 0xaab: 0x0439, 0xaac: 0x0441, 0xaad: 0x0449, 0xaae: 0x0451, 0xaaf: 0x0459,
+	0xab0: 0x0461, 0xab1: 0x0469, 0xab2: 0x0471, 0xab3: 0x0479, 0xab4: 0x0481, 0xab5: 0x0489,
+	0xab6: 0x0491, 0xab7: 0x0499, 0xab8: 0x0615, 0xab9: 0x04a1, 0xaba: 0x04a9, 0xabb: 0x04b1,
+	0xabc: 0x04b9, 0xabd: 0x04c1, 0xabe: 0x04c9, 0xabf: 0x04d1,
+	// Block 0x2b, offset 0xac0
+	0xac0: 0xe00d, 0xac1: 0x0008, 0xac2: 0xe00d, 0xac3: 0x0008, 0xac4: 0xe00d, 0xac5: 0x0008,
+	0xac6: 0xe00d, 0xac7: 0x0008, 0xac8: 0xe00d, 0xac9: 0x0008, 0xaca: 0xe00d, 0xacb: 0x0008,
+	0xacc: 0xe00d, 0xacd: 0x0008, 0xace: 0xe00d, 0xacf: 0x0008, 0xad0: 0xe00d, 0xad1: 0x0008,
+	0xad2: 0xe00d, 0xad3: 0x0008, 0xad4: 0xe00d, 0xad5: 0x0008, 0xad6: 0xe00d, 0xad7: 0x0008,
+	0xad8: 0xe00d, 0xad9: 0x0008, 0xada: 0xe00d, 0xadb: 0x0008, 0xadc: 0xe00d, 0xadd: 0x0008,
+	0xade: 0xe00d, 0xadf: 0x0008, 0xae0: 0xe00d, 0xae1: 0x0008, 0xae2: 0xe00d, 0xae3: 0x0008,
+	0xae4: 0xe00d, 0xae5: 0x0008, 0xae6: 0xe00d, 0xae7: 0x0008, 0xae8: 0xe00d, 0xae9: 0x0008,
+	0xaea: 0xe00d, 0xaeb: 0x0008, 0xaec: 0xe00d, 0xaed: 0x0008, 0xaee: 0xe00d, 0xaef: 0x0008,
+	0xaf0: 0xe00d, 0xaf1: 0x0008, 0xaf2: 0xe00d, 0xaf3: 0x0008, 0xaf4: 0xe00d, 0xaf5: 0x0008,
+	0xaf6: 0xe00d, 0xaf7: 0x0008, 0xaf8: 0xe00d, 0xaf9: 0x0008, 0xafa: 0xe00d, 0xafb: 0x0008,
+	0xafc: 0xe00d, 0xafd: 0x0008, 0xafe: 0xe00d, 0xaff: 0x0008,
+	// Block 0x2c, offset 0xb00
+	0xb00: 0xe00d, 0xb01: 0x0008, 0xb02: 0xe00d, 0xb03: 0x0008, 0xb04: 0xe00d, 0xb05: 0x0008,
+	0xb06: 0xe00d, 0xb07: 0x0008, 0xb08: 0xe00d, 0xb09: 0x0008, 0xb0a: 0xe00d, 0xb0b: 0x0008,
+	0xb0c: 0xe00d, 0xb0d: 0x0008, 0xb0e: 0xe00d, 0xb0f: 0x0008, 0xb10: 0xe00d, 0xb11: 0x0008,
+	0xb12: 0xe00d, 0xb13: 0x0008, 0xb14: 0xe00d, 0xb15: 0x0008, 0xb16: 0x0008, 0xb17: 0x0008,
+	0xb18: 0x0008, 0xb19: 0x0008, 0xb1a: 0x062d, 0xb1b: 0x064d, 0xb1c: 0x0008, 0xb1d: 0x0008,
+	0xb1e: 0x04d9, 0xb1f: 0x0008, 0xb20: 0xe00d, 0xb21: 0x0008, 0xb22: 0xe00d, 0xb23: 0x0008,
+	0xb24: 0xe00d, 0xb25: 0x0008, 0xb26: 0xe00d, 0xb27: 0x0008, 0xb28: 0xe00d, 0xb29: 0x0008,
+	0xb2a: 0xe00d, 0xb2b: 0x0008, 0xb2c: 0xe00d, 0xb2d: 0x0008, 0xb2e: 0xe00d, 0xb2f: 0x0008,
+	0xb30: 0xe00d, 0xb31: 0x0008, 0xb32: 0xe00d, 0xb33: 0x0008, 0xb34: 0xe00d, 0xb35: 0x0008,
+	0xb36: 0xe00d, 0xb37: 0x0008, 0xb38: 0xe00d, 0xb39: 0x0008, 0xb3a: 0xe00d, 0xb3b: 0x0008,
+	0xb3c: 0xe00d, 0xb3d: 0x0008, 0xb3e: 0xe00d, 0xb3f: 0x0008,
+	// Block 0x2d, offset 0xb40
+	0xb40: 0x0008, 0xb41: 0x0008, 0xb42: 0x0008, 0xb43: 0x0008, 0xb44: 0x0008, 0xb45: 0x0008,
+	0xb46: 0x0040, 0xb47: 0x0040, 0xb48: 0xe045, 0xb49: 0xe045, 0xb4a: 0xe045, 0xb4b: 0xe045,
+	0xb4c: 0xe045, 0xb4d: 0xe045, 0xb4e: 0x0040, 0xb4f: 0x0040, 0xb50: 0x0008, 0xb51: 0x0008,
+	0xb52: 0x0008, 0xb53: 0x0008, 0xb54: 0x0008, 0xb55: 0x0008, 0xb56: 0x0008, 0xb57: 0x0008,
+	0xb58: 0x0040, 0xb59: 0xe045, 0xb5a: 0x0040, 0xb5b: 0xe045, 0xb5c: 0x0040, 0xb5d: 0xe045,
+	0xb5e: 0x0040, 0xb5f: 0xe045, 0xb60: 0x0008, 0xb61: 0x0008, 0xb62: 0x0008, 0xb63: 0x0008,
+	0xb64: 0x0008, 0xb65: 0x0008, 0xb66: 0x0008, 0xb67: 0x0008, 0xb68: 0xe045, 0xb69: 0xe045,
+	0xb6a: 0xe045, 0xb6b: 0xe045, 0xb6c: 0xe045, 0xb6d: 0xe045, 0xb6e: 0xe045, 0xb6f: 0xe045,
+	0xb70: 0x0008, 0xb71: 0x04e1, 0xb72: 0x0008, 0xb73: 0x04e9, 0xb74: 0x0008, 0xb75: 0x04f1,
+	0xb76: 0x0008, 0xb77: 0x04f9, 0xb78: 0x0008, 0xb79: 0x0501, 0xb7a: 0x0008, 0xb7b: 0x0509,
+	0xb7c: 0x0008, 0xb7d: 0x0511, 0xb7e: 0x0040, 0xb7f: 0x0040,
+	// Block 0x2e, offset 0xb80
+	0xb80: 0x0519, 0xb81: 0x0521, 0xb82: 0x0529, 0xb83: 0x0531, 0xb84: 0x0539, 0xb85: 0x0541,
+	0xb86: 0x0549, 0xb87: 0x0551, 0xb88: 0x0519, 0xb89: 0x0521, 0xb8a: 0x0529, 0xb8b: 0x0531,
+	0xb8c: 0x0539, 0xb8d: 0x0541, 0xb8e: 0x0549, 0xb8f: 0x0551, 0xb90: 0x0559, 0xb91: 0x0561,
+	0xb92: 0x0569, 0xb93: 0x0571, 0xb94: 0x0579, 0xb95: 0x0581, 0xb96: 0x0589, 0xb97: 0x0591,
+	0xb98: 0x0559, 0xb99: 0x0561, 0xb9a: 0x0569, 0xb9b: 0x0571, 0xb9c: 0x0579, 0xb9d: 0x0581,
+	0xb9e: 0x0589, 0xb9f: 0x0591, 0xba0: 0x0599, 0xba1: 0x05a1, 0xba2: 0x05a9, 0xba3: 0x05b1,
+	0xba4: 0x05b9, 0xba5: 0x05c1, 0xba6: 0x05c9, 0xba7: 0x05d1, 0xba8: 0x0599, 0xba9: 0x05a1,
+	0xbaa: 0x05a9, 0xbab: 0x05b1, 0xbac: 0x05b9, 0xbad: 0x05c1, 0xbae: 0x05c9, 0xbaf: 0x05d1,
+	0xbb0: 0x0008, 0xbb1: 0x0008, 0xbb2: 0x05d9, 0xbb3: 0x05e1, 0xbb4: 0x05e9, 0xbb5: 0x0040,
+	0xbb6: 0x0008, 0xbb7: 0x05f1, 0xbb8: 0xe045, 0xbb9: 0xe045, 0xbba: 0x0665, 0xbbb: 0x04e1,
+	0xbbc: 0x05e1, 0xbbd: 0x067e, 0xbbe: 0x05f9, 0xbbf: 0x069e,
+	// Block 0x2f, offset 0xbc0
+	0xbc0: 0x06be, 0xbc1: 0x0602, 0xbc2: 0x0609, 0xbc3: 0x0611, 0xbc4: 0x0619, 0xbc5: 0x0040,
+	0xbc6: 0x0008, 0xbc7: 0x0621, 0xbc8: 0x06dd, 0xbc9: 0x04e9, 0xbca: 0x06f5, 0xbcb: 0x04f1,
+	0xbcc: 0x0611, 0xbcd: 0x062a, 0xbce: 0x0632, 0xbcf: 0x063a, 0xbd0: 0x0008, 0xbd1: 0x0008,
+	0xbd2: 0x0008, 0xbd3: 0x0641, 0xbd4: 0x0040, 0xbd5: 0x0040, 0xbd6: 0x0008, 0xbd7: 0x0008,
+	0xbd8: 0xe045, 0xbd9: 0xe045, 0xbda: 0x070d, 0xbdb: 0x04f9, 0xbdc: 0x0040, 0xbdd: 0x064a,
+	0xbde: 0x0652, 0xbdf: 0x065a, 0xbe0: 0x0008, 0xbe1: 0x0008, 0xbe2: 0x0008, 0xbe3: 0x0661,
+	0xbe4: 0x0008, 0xbe5: 0x0008, 0xbe6: 0x0008, 0xbe7: 0x0008, 0xbe8: 0xe045, 0xbe9: 0xe045,
+	0xbea: 0x0725, 0xbeb: 0x0509, 0xbec: 0xe04d, 0xbed: 0x066a, 0xbee: 0x012a, 0xbef: 0x0672,
+	0xbf0: 0x0040, 0xbf1: 0x0040, 0xbf2: 0x0679, 0xbf3: 0x0681, 0xbf4: 0x0689, 0xbf5: 0x0040,
+	0xbf6: 0x0008, 0xbf7: 0x0691, 0xbf8: 0x073d, 0xbf9: 0x0501, 0xbfa: 0x0515, 0xbfb: 0x0511,
+	0xbfc: 0x0681, 0xbfd: 0x0756, 0xbfe: 0x0776, 0xbff: 0x0040,
+	// Block 0x30, offset 0xc00
+	0xc00: 0x000a, 0xc01: 0x000a, 0xc02: 0x000a, 0xc03: 0x000a, 0xc04: 0x000a, 0xc05: 0x000a,
+	0xc06: 0x000a, 0xc07: 0x000a, 0xc08: 0x000a, 0xc09: 0x000a, 0xc0a: 0x000a, 0xc0b: 0x03c0,
+	0xc0c: 0x0003, 0xc0d: 0x0003, 0xc0e: 0x0340, 0xc0f: 0x0b40, 0xc10: 0x0018, 0xc11: 0xe00d,
+	0xc12: 0x0018, 0xc13: 0x0018, 0xc14: 0x0018, 0xc15: 0x0018, 0xc16: 0x0018, 0xc17: 0x0796,
+	0xc18: 0x0018, 0xc19: 0x0018, 0xc1a: 0x0018, 0xc1b: 0x0018, 0xc1c: 0x0018, 0xc1d: 0x0018,
+	0xc1e: 0x0018, 0xc1f: 0x0018, 0xc20: 0x0018, 0xc21: 0x0018, 0xc22: 0x0018, 0xc23: 0x0018,
+	0xc24: 0x0040, 0xc25: 0x0040, 0xc26: 0x0040, 0xc27: 0x0018, 0xc28: 0x0040, 0xc29: 0x0040,
+	0xc2a: 0x0340, 0xc2b: 0x0340, 0xc2c: 0x0340, 0xc2d: 0x0340, 0xc2e: 0x0340, 0xc2f: 0x000a,
+	0xc30: 0x0018, 0xc31: 0x0018, 0xc32: 0x0018, 0xc33: 0x0699, 0xc34: 0x06a1, 0xc35: 0x0018,
+	0xc36: 0x06a9, 0xc37: 0x06b1, 0xc38: 0x0018, 0xc39: 0x0018, 0xc3a: 0x0018, 0xc3b: 0x0018,
+	0xc3c: 0x06ba, 0xc3d: 0x0018, 0xc3e: 0x07b6, 0xc3f: 0x0018,
+	// Block 0x31, offset 0xc40
+	0xc40: 0x0018, 0xc41: 0x0018, 0xc42: 0x0018, 0xc43: 0x0018, 0xc44: 0x0018, 0xc45: 0x0018,
+	0xc46: 0x0018, 0xc47: 0x06c2, 0xc48: 0x06ca, 0xc49: 0x06d2, 0xc4a: 0x0018, 0xc4b: 0x0018,
+	0xc4c: 0x0018, 0xc4d: 0x0018, 0xc4e: 0x0018, 0xc4f: 0x0018, 0xc50: 0x0018, 0xc51: 0x0018,
+	0xc52: 0x0018, 0xc53: 0x0018, 0xc54: 0x0018, 0xc55: 0x0018, 0xc56: 0x0018, 0xc57: 0x06d9,
+	0xc58: 0x0018, 0xc59: 0x0018, 0xc5a: 0x0018, 0xc5b: 0x0018, 0xc5c: 0x0018, 0xc5d: 0x0018,
+	0xc5e: 0x0018, 0xc5f: 0x000a, 0xc60: 0x03c0, 0xc61: 0x0340, 0xc62: 0x0340, 0xc63: 0x0340,
+	0xc64: 0x03c0, 0xc65: 0x0040, 0xc66: 0x0040, 0xc67: 0x0040, 0xc68: 0x0040, 0xc69: 0x0040,
+	0xc6a: 0x0340, 0xc6b: 0x0340, 0xc6c: 0x0340, 0xc6d: 0x0340, 0xc6e: 0x0340, 0xc6f: 0x0340,
+	0xc70: 0x06e1, 0xc71: 0x0311, 0xc72: 0x0040, 0xc73: 0x0040, 0xc74: 0x06e9, 0xc75: 0x06f1,
+	0xc76: 0x06f9, 0xc77: 0x0701, 0xc78: 0x0709, 0xc79: 0x0711, 0xc7a: 0x071a, 0xc7b: 0x07d5,
+	0xc7c: 0x0722, 0xc7d: 0x072a, 0xc7e: 0x0732, 0xc7f: 0x0329,
+	// Block 0x32, offset 0xc80
+	0xc80: 0x06e1, 0xc81: 0x0049, 0xc82: 0x0029, 0xc83: 0x0031, 0xc84: 0x06e9, 0xc85: 0x06f1,
+	0xc86: 0x06f9, 0xc87: 0x0701, 0xc88: 0x0709, 0xc89: 0x0711, 0xc8a: 0x071a, 0xc8b: 0x07ed,
+	0xc8c: 0x0722, 0xc8d: 0x072a, 0xc8e: 0x0732, 0xc8f: 0x0040, 0xc90: 0x0019, 0xc91: 0x02f9,
+	0xc92: 0x0051, 0xc93: 0x0109, 0xc94: 0x0361, 0xc95: 0x00a9, 0xc96: 0x0319, 0xc97: 0x0101,
+	0xc98: 0x0321, 0xc99: 0x0329, 0xc9a: 0x0339, 0xc9b: 0x0089, 0xc9c: 0x0341, 0xc9d: 0x0040,
+	0xc9e: 0x0040, 0xc9f: 0x0040, 0xca0: 0x0018, 0xca1: 0x0018, 0xca2: 0x0018, 0xca3: 0x0018,
+	0xca4: 0x0018, 0xca5: 0x0018, 0xca6: 0x0018, 0xca7: 0x0018, 0xca8: 0x0739, 0xca9: 0x0018,
+	0xcaa: 0x0018, 0xcab: 0x0018, 0xcac: 0x0018, 0xcad: 0x0018, 0xcae: 0x0018, 0xcaf: 0x0018,
+	0xcb0: 0x0018, 0xcb1: 0x0018, 0xcb2: 0x0018, 0xcb3: 0x0018, 0xcb4: 0x0018, 0xcb5: 0x0018,
+	0xcb6: 0x0018, 0xcb7: 0x0018, 0xcb8: 0x0018, 0xcb9: 0x0018, 0xcba: 0x0018, 0xcbb: 0x0018,
+	0xcbc: 0x0018, 0xcbd: 0x0018, 0xcbe: 0x0018, 0xcbf: 0x0018,
+	// Block 0x33, offset 0xcc0
+	0xcc0: 0x0806, 0xcc1: 0x0826, 0xcc2: 0x03d9, 0xcc3: 0x0845, 0xcc4: 0x0018, 0xcc5: 0x0866,
+	0xcc6: 0x0886, 0xcc7: 0x0369, 0xcc8: 0x0018, 0xcc9: 0x08a5, 0xcca: 0x0309, 0xccb: 0x00a9,
+	0xccc: 0x00a9, 0xccd: 0x00a9, 0xcce: 0x00a9, 0xccf: 0x0741, 0xcd0: 0x0311, 0xcd1: 0x0311,
+	0xcd2: 0x0101, 0xcd3: 0x0101, 0xcd4: 0x0018, 0xcd5: 0x0329, 0xcd6: 0x0749, 0xcd7: 0x0018,
+	0xcd8: 0x0018, 0xcd9: 0x0339, 0xcda: 0x0751, 0xcdb: 0x00b9, 0xcdc: 0x00b9, 0xcdd: 0x00b9,
+	0xcde: 0x0018, 0xcdf: 0x0018, 0xce0: 0x0759, 0xce1: 0x08c5, 0xce2: 0x0761, 0xce3: 0x0018,
+	0xce4: 0x04b1, 0xce5: 0x0018, 0xce6: 0x0769, 0xce7: 0x0018, 0xce8: 0x04b1, 0xce9: 0x0018,
+	0xcea: 0x0319, 0xceb: 0x0771, 0xcec: 0x02e9, 0xced: 0x03d9, 0xcee: 0x0018, 0xcef: 0x02f9,
+	0xcf0: 0x02f9, 0xcf1: 0x03f1, 0xcf2: 0x0040, 0xcf3: 0x0321, 0xcf4: 0x0051, 0xcf5: 0x0779,
+	0xcf6: 0x0781, 0xcf7: 0x0789, 0xcf8: 0x0791, 0xcf9: 0x0311, 0xcfa: 0x0018, 0xcfb: 0x08e5,
+	0xcfc: 0x0799, 0xcfd: 0x03a1, 0xcfe: 0x03a1, 0xcff: 0x0799,
+	// Block 0x34, offset 0xd00
+	0xd00: 0x0905, 0xd01: 0x0018, 0xd02: 0x0018, 0xd03: 0x0018, 0xd04: 0x0018, 0xd05: 0x02f1,
+	0xd06: 0x02f1, 0xd07: 0x02f9, 0xd08: 0x0311, 0xd09: 0x00b1, 0xd0a: 0x0018, 0xd0b: 0x0018,
+	0xd0c: 0x0018, 0xd0d: 0x0018, 0xd0e: 0x0008, 0xd0f: 0x0018, 0xd10: 0x07a1, 0xd11: 0x07a9,
+	0xd12: 0x07b1, 0xd13: 0x07b9, 0xd14: 0x07c1, 0xd15: 0x07c9, 0xd16: 0x07d1, 0xd17: 0x07d9,
+	0xd18: 0x07e1, 0xd19: 0x07e9, 0xd1a: 0x07f1, 0xd1b: 0x07f9, 0xd1c: 0x0801, 0xd1d: 0x0809,
+	0xd1e: 0x0811, 0xd1f: 0x0819, 0xd20: 0x0311, 0xd21: 0x0821, 0xd22: 0x091d, 0xd23: 0x0829,
+	0xd24: 0x0391, 0xd25: 0x0831, 0xd26: 0x093d, 0xd27: 0x0839, 0xd28: 0x0841, 0xd29: 0x0109,
+	0xd2a: 0x0849, 0xd2b: 0x095d, 0xd2c: 0x0101, 0xd2d: 0x03d9, 0xd2e: 0x02f1, 0xd2f: 0x0321,
+	0xd30: 0x0311, 0xd31: 0x0821, 0xd32: 0x097d, 0xd33: 0x0829, 0xd34: 0x0391, 0xd35: 0x0831,
+	0xd36: 0x099d, 0xd37: 0x0839, 0xd38: 0x0841, 0xd39: 0x0109, 0xd3a: 0x0849, 0xd3b: 0x09bd,
+	0xd3c: 0x0101, 0xd3d: 0x03d9, 0xd3e: 0x02f1, 0xd3f: 0x0321,
+	// Block 0x35, offset 0xd40
+	0xd40: 0x0018, 0xd41: 0x0018, 0xd42: 0x0018, 0xd43: 0x0018, 0xd44: 0x0018, 0xd45: 0x0018,
+	0xd46: 0x0018, 0xd47: 0x0018, 0xd48: 0x0018, 0xd49: 0x0018, 0xd4a: 0x0018, 0xd4b: 0x0040,
+	0xd4c: 0x0040, 0xd4d: 0x0040, 0xd4e: 0x0040, 0xd4f: 0x0040, 0xd50: 0x0040, 0xd51: 0x0040,
+	0xd52: 0x0040, 0xd53: 0x0040, 0xd54: 0x0040, 0xd55: 0x0040, 0xd56: 0x0040, 0xd57: 0x0040,
+	0xd58: 0x0040, 0xd59: 0x0040, 0xd5a: 0x0040, 0xd5b: 0x0040, 0xd5c: 0x0040, 0xd5d: 0x0040,
+	0xd5e: 0x0040, 0xd5f: 0x0040, 0xd60: 0x0049, 0xd61: 0x0029, 0xd62: 0x0031, 0xd63: 0x06e9,
+	0xd64: 0x06f1, 0xd65: 0x06f9, 0xd66: 0x0701, 0xd67: 0x0709, 0xd68: 0x0711, 0xd69: 0x0879,
+	0xd6a: 0x0881, 0xd6b: 0x0889, 0xd6c: 0x0891, 0xd6d: 0x0899, 0xd6e: 0x08a1, 0xd6f: 0x08a9,
+	0xd70: 0x08b1, 0xd71: 0x08b9, 0xd72: 0x08c1, 0xd73: 0x08c9, 0xd74: 0x0a1e, 0xd75: 0x0a3e,
+	0xd76: 0x0a5e, 0xd77: 0x0a7e, 0xd78: 0x0a9e, 0xd79: 0x0abe, 0xd7a: 0x0ade, 0xd7b: 0x0afe,
+	0xd7c: 0x0b1e, 0xd7d: 0x08d2, 0xd7e: 0x08da, 0xd7f: 0x08e2,
+	// Block 0x36, offset 0xd80
+	0xd80: 0x08ea, 0xd81: 0x08f2, 0xd82: 0x08fa, 0xd83: 0x0902, 0xd84: 0x090a, 0xd85: 0x0912,
+	0xd86: 0x091a, 0xd87: 0x0922, 0xd88: 0x0040, 0xd89: 0x0040, 0xd8a: 0x0040, 0xd8b: 0x0040,
+	0xd8c: 0x0040, 0xd8d: 0x0040, 0xd8e: 0x0040, 0xd8f: 0x0040, 0xd90: 0x0040, 0xd91: 0x0040,
+	0xd92: 0x0040, 0xd93: 0x0040, 0xd94: 0x0040, 0xd95: 0x0040, 0xd96: 0x0040, 0xd97: 0x0040,
+	0xd98: 0x0040, 0xd99: 0x0040, 0xd9a: 0x0040, 0xd9b: 0x0040, 0xd9c: 0x0b3e, 0xd9d: 0x0b5e,
+	0xd9e: 0x0b7e, 0xd9f: 0x0b9e, 0xda0: 0x0bbe, 0xda1: 0x0bde, 0xda2: 0x0bfe, 0xda3: 0x0c1e,
+	0xda4: 0x0c3e, 0xda5: 0x0c5e, 0xda6: 0x0c7e, 0xda7: 0x0c9e, 0xda8: 0x0cbe, 0xda9: 0x0cde,
+	0xdaa: 0x0cfe, 0xdab: 0x0d1e, 0xdac: 0x0d3e, 0xdad: 0x0d5e, 0xdae: 0x0d7e, 0xdaf: 0x0d9e,
+	0xdb0: 0x0dbe, 0xdb1: 0x0dde, 0xdb2: 0x0dfe, 0xdb3: 0x0e1e, 0xdb4: 0x0e3e, 0xdb5: 0x0e5e,
+	0xdb6: 0x0019, 0xdb7: 0x02e9, 0xdb8: 0x03d9, 0xdb9: 0x02f1, 0xdba: 0x02f9, 0xdbb: 0x03f1,
+	0xdbc: 0x0309, 0xdbd: 0x00a9, 0xdbe: 0x0311, 0xdbf: 0x00b1,
+	// Block 0x37, offset 0xdc0
+	0xdc0: 0x0319, 0xdc1: 0x0101, 0xdc2: 0x0321, 0xdc3: 0x0329, 0xdc4: 0x0051, 0xdc5: 0x0339,
+	0xdc6: 0x0751, 0xdc7: 0x00b9, 0xdc8: 0x0089, 0xdc9: 0x0341, 0xdca: 0x0349, 0xdcb: 0x0391,
+	0xdcc: 0x00c1, 0xdcd: 0x0109, 0xdce: 0x00c9, 0xdcf: 0x04b1, 0xdd0: 0x0019, 0xdd1: 0x02e9,
+	0xdd2: 0x03d9, 0xdd3: 0x02f1, 0xdd4: 0x02f9, 0xdd5: 0x03f1, 0xdd6: 0x0309, 0xdd7: 0x00a9,
+	0xdd8: 0x0311, 0xdd9: 0x00b1, 0xdda: 0x0319, 0xddb: 0x0101, 0xddc: 0x0321, 0xddd: 0x0329,
+	0xdde: 0x0051, 0xddf: 0x0339, 0xde0: 0x0751, 0xde1: 0x00b9, 0xde2: 0x0089, 0xde3: 0x0341,
+	0xde4: 0x0349, 0xde5: 0x0391, 0xde6: 0x00c1, 0xde7: 0x0109, 0xde8: 0x00c9, 0xde9: 0x04b1,
+	0xdea: 0x06e1, 0xdeb: 0x0018, 0xdec: 0x0018, 0xded: 0x0018, 0xdee: 0x0018, 0xdef: 0x0018,
+	0xdf0: 0x0018, 0xdf1: 0x0018, 0xdf2: 0x0018, 0xdf3: 0x0018, 0xdf4: 0x0018, 0xdf5: 0x0018,
+	0xdf6: 0x0018, 0xdf7: 0x0018, 0xdf8: 0x0018, 0xdf9: 0x0018, 0xdfa: 0x0018, 0xdfb: 0x0018,
+	0xdfc: 0x0018, 0xdfd: 0x0018, 0xdfe: 0x0018, 0xdff: 0x0018,
+	// Block 0x38, offset 0xe00
+	0xe00: 0x0008, 0xe01: 0x0008, 0xe02: 0x0008, 0xe03: 0x0008, 0xe04: 0x0008, 0xe05: 0x0008,
+	0xe06: 0x0008, 0xe07: 0x0008, 0xe08: 0x0008, 0xe09: 0x0008, 0xe0a: 0x0008, 0xe0b: 0x0008,
+	0xe0c: 0x0008, 0xe0d: 0x0008, 0xe0e: 0x0008, 0xe0f: 0x0008, 0xe10: 0x0008, 0xe11: 0x0008,
+	0xe12: 0x0008, 0xe13: 0x0008, 0xe14: 0x0008, 0xe15: 0x0008, 0xe16: 0x0008, 0xe17: 0x0008,
+	0xe18: 0x0008, 0xe19: 0x0008, 0xe1a: 0x0008, 0xe1b: 0x0008, 0xe1c: 0x0008, 0xe1d: 0x0008,
+	0xe1e: 0x0008, 0xe1f: 0x0008, 0xe20: 0xe00d, 0xe21: 0x0008, 0xe22: 0x0941, 0xe23: 0x0ed5,
+	0xe24: 0x0949, 0xe25: 0x0008, 0xe26: 0x0008, 0xe27: 0xe07d, 0xe28: 0x0008, 0xe29: 0xe01d,
+	0xe2a: 0x0008, 0xe2b: 0xe03d, 0xe2c: 0x0008, 0xe2d: 0x0359, 0xe2e: 0x0441, 0xe2f: 0x0351,
+	0xe30: 0x03d1, 0xe31: 0x0008, 0xe32: 0xe00d, 0xe33: 0x0008, 0xe34: 0x0008, 0xe35: 0xe01d,
+	0xe36: 0x0008, 0xe37: 0x0008, 0xe38: 0x0008, 0xe39: 0x0008, 0xe3a: 0x0008, 0xe3b: 0x0008,
+	0xe3c: 0x00b1, 0xe3d: 0x0391, 0xe3e: 0x0951, 0xe3f: 0x0959,
+	// Block 0x39, offset 0xe40
+	0xe40: 0xe00d, 0xe41: 0x0008, 0xe42: 0xe00d, 0xe43: 0x0008, 0xe44: 0xe00d, 0xe45: 0x0008,
+	0xe46: 0xe00d, 0xe47: 0x0008, 0xe48: 0xe00d, 0xe49: 0x0008, 0xe4a: 0xe00d, 0xe4b: 0x0008,
+	0xe4c: 0xe00d, 0xe4d: 0x0008, 0xe4e: 0xe00d, 0xe4f: 0x0008, 0xe50: 0xe00d, 0xe51: 0x0008,
+	0xe52: 0xe00d, 0xe53: 0x0008, 0xe54: 0xe00d, 0xe55: 0x0008, 0xe56: 0xe00d, 0xe57: 0x0008,
+	0xe58: 0xe00d, 0xe59: 0x0008, 0xe5a: 0xe00d, 0xe5b: 0x0008, 0xe5c: 0xe00d, 0xe5d: 0x0008,
+	0xe5e: 0xe00d, 0xe5f: 0x0008, 0xe60: 0xe00d, 0xe61: 0x0008, 0xe62: 0xe00d, 0xe63: 0x0008,
+	0xe64: 0x0008, 0xe65: 0x0018, 0xe66: 0x0018, 0xe67: 0x0018, 0xe68: 0x0018, 0xe69: 0x0018,
+	0xe6a: 0x0018, 0xe6b: 0xe03d, 0xe6c: 0x0008, 0xe6d: 0xe01d, 0xe6e: 0x0008, 0xe6f: 0x3308,
+	0xe70: 0x3308, 0xe71: 0x3308, 0xe72: 0xe00d, 0xe73: 0x0008, 0xe74: 0x0040, 0xe75: 0x0040,
+	0xe76: 0x0040, 0xe77: 0x0040, 0xe78: 0x0040, 0xe79: 0x0018, 0xe7a: 0x0018, 0xe7b: 0x0018,
+	0xe7c: 0x0018, 0xe7d: 0x0018, 0xe7e: 0x0018, 0xe7f: 0x0018,
+	// Block 0x3a, offset 0xe80
+	0xe80: 0x2715, 0xe81: 0x2735, 0xe82: 0x2755, 0xe83: 0x2775, 0xe84: 0x2795, 0xe85: 0x27b5,
+	0xe86: 0x27d5, 0xe87: 0x27f5, 0xe88: 0x2815, 0xe89: 0x2835, 0xe8a: 0x2855, 0xe8b: 0x2875,
+	0xe8c: 0x2895, 0xe8d: 0x28b5, 0xe8e: 0x28d5, 0xe8f: 0x28f5, 0xe90: 0x2915, 0xe91: 0x2935,
+	0xe92: 0x2955, 0xe93: 0x2975, 0xe94: 0x2995, 0xe95: 0x29b5, 0xe96: 0x0040, 0xe97: 0x0040,
+	0xe98: 0x0040, 0xe99: 0x0040, 0xe9a: 0x0040, 0xe9b: 0x0040, 0xe9c: 0x0040, 0xe9d: 0x0040,
+	0xe9e: 0x0040, 0xe9f: 0x0040, 0xea0: 0x0040, 0xea1: 0x0040, 0xea2: 0x0040, 0xea3: 0x0040,
+	0xea4: 0x0040, 0xea5: 0x0040, 0xea6: 0x0040, 0xea7: 0x0040, 0xea8: 0x0040, 0xea9: 0x0040,
+	0xeaa: 0x0040, 0xeab: 0x0040, 0xeac: 0x0040, 0xead: 0x0040, 0xeae: 0x0040, 0xeaf: 0x0040,
+	0xeb0: 0x0040, 0xeb1: 0x0040, 0xeb2: 0x0040, 0xeb3: 0x0040, 0xeb4: 0x0040, 0xeb5: 0x0040,
+	0xeb6: 0x0040, 0xeb7: 0x0040, 0xeb8: 0x0040, 0xeb9: 0x0040, 0xeba: 0x0040, 0xebb: 0x0040,
+	0xebc: 0x0040, 0xebd: 0x0040, 0xebe: 0x0040, 0xebf: 0x0040,
+	// Block 0x3b, offset 0xec0
+	0xec0: 0x000a, 0xec1: 0x0018, 0xec2: 0x0961, 0xec3: 0x0018, 0xec4: 0x0018, 0xec5: 0x0008,
+	0xec6: 0x0008, 0xec7: 0x0008, 0xec8: 0x0018, 0xec9: 0x0018, 0xeca: 0x0018, 0xecb: 0x0018,
+	0xecc: 0x0018, 0xecd: 0x0018, 0xece: 0x0018, 0xecf: 0x0018, 0xed0: 0x0018, 0xed1: 0x0018,
+	0xed2: 0x0018, 0xed3: 0x0018, 0xed4: 0x0018, 0xed5: 0x0018, 0xed6: 0x0018, 0xed7: 0x0018,
+	0xed8: 0x0018, 0xed9: 0x0018, 0xeda: 0x0018, 0xedb: 0x0018, 0xedc: 0x0018, 0xedd: 0x0018,
+	0xede: 0x0018, 0xedf: 0x0018, 0xee0: 0x0018, 0xee1: 0x0018, 0xee2: 0x0018, 0xee3: 0x0018,
+	0xee4: 0x0018, 0xee5: 0x0018, 0xee6: 0x0018, 0xee7: 0x0018, 0xee8: 0x0018, 0xee9: 0x0018,
+	0xeea: 0x3308, 0xeeb: 0x3308, 0xeec: 0x3308, 0xeed: 0x3308, 0xeee: 0x3018, 0xeef: 0x3018,
+	0xef0: 0x0018, 0xef1: 0x0018, 0xef2: 0x0018, 0xef3: 0x0018, 0xef4: 0x0018, 0xef5: 0x0018,
+	0xef6: 0xe125, 0xef7: 0x0018, 0xef8: 0x29d5, 0xef9: 0x29f5, 0xefa: 0x2a15, 0xefb: 0x0018,
+	0xefc: 0x0008, 0xefd: 0x0018, 0xefe: 0x0018, 0xeff: 0x0018,
+	// Block 0x3c, offset 0xf00
+	0xf00: 0x2b55, 0xf01: 0x2b75, 0xf02: 0x2b95, 0xf03: 0x2bb5, 0xf04: 0x2bd5, 0xf05: 0x2bf5,
+	0xf06: 0x2bf5, 0xf07: 0x2bf5, 0xf08: 0x2c15, 0xf09: 0x2c15, 0xf0a: 0x2c15, 0xf0b: 0x2c15,
+	0xf0c: 0x2c35, 0xf0d: 0x2c35, 0xf0e: 0x2c35, 0xf0f: 0x2c55, 0xf10: 0x2c75, 0xf11: 0x2c75,
+	0xf12: 0x2a95, 0xf13: 0x2a95, 0xf14: 0x2c75, 0xf15: 0x2c75, 0xf16: 0x2c95, 0xf17: 0x2c95,
+	0xf18: 0x2c75, 0xf19: 0x2c75, 0xf1a: 0x2a95, 0xf1b: 0x2a95, 0xf1c: 0x2c75, 0xf1d: 0x2c75,
+	0xf1e: 0x2c55, 0xf1f: 0x2c55, 0xf20: 0x2cb5, 0xf21: 0x2cb5, 0xf22: 0x2cd5, 0xf23: 0x2cd5,
+	0xf24: 0x0040, 0xf25: 0x2cf5, 0xf26: 0x2d15, 0xf27: 0x2d35, 0xf28: 0x2d35, 0xf29: 0x2d55,
+	0xf2a: 0x2d75, 0xf2b: 0x2d95, 0xf2c: 0x2db5, 0xf2d: 0x2dd5, 0xf2e: 0x2df5, 0xf2f: 0x2e15,
+	0xf30: 0x2e35, 0xf31: 0x2e55, 0xf32: 0x2e55, 0xf33: 0x2e75, 0xf34: 0x2e95, 0xf35: 0x2e95,
+	0xf36: 0x2eb5, 0xf37: 0x2ed5, 0xf38: 0x2e75, 0xf39: 0x2ef5, 0xf3a: 0x2f15, 0xf3b: 0x2ef5,
+	0xf3c: 0x2e75, 0xf3d: 0x2f35, 0xf3e: 0x2f55, 0xf3f: 0x2f75,
+	// Block 0x3d, offset 0xf40
+	0xf40: 0x2f95, 0xf41: 0x2fb5, 0xf42: 0x2d15, 0xf43: 0x2cf5, 0xf44: 0x2fd5, 0xf45: 0x2ff5,
+	0xf46: 0x3015, 0xf47: 0x3035, 0xf48: 0x3055, 0xf49: 0x3075, 0xf4a: 0x3095, 0xf4b: 0x30b5,
+	0xf4c: 0x30d5, 0xf4d: 0x30f5, 0xf4e: 0x3115, 0xf4f: 0x0040, 0xf50: 0x0018, 0xf51: 0x0018,
+	0xf52: 0x3135, 0xf53: 0x3155, 0xf54: 0x3175, 0xf55: 0x3195, 0xf56: 0x31b5, 0xf57: 0x31d5,
+	0xf58: 0x31f5, 0xf59: 0x3215, 0xf5a: 0x3235, 0xf5b: 0x3255, 0xf5c: 0x3175, 0xf5d: 0x3275,
+	0xf5e: 0x3295, 0xf5f: 0x32b5, 0xf60: 0x0008, 0xf61: 0x0008, 0xf62: 0x0008, 0xf63: 0x0008,
+	0xf64: 0x0008, 0xf65: 0x0008, 0xf66: 0x0008, 0xf67: 0x0008, 0xf68: 0x0008, 0xf69: 0x0008,
+	0xf6a: 0x0008, 0xf6b: 0x0008, 0xf6c: 0x0008, 0xf6d: 0x0008, 0xf6e: 0x0008, 0xf6f: 0x0008,
+	0xf70: 0x0008, 0xf71: 0x0008, 0xf72: 0x0008, 0xf73: 0x0008, 0xf74: 0x0008, 0xf75: 0x0008,
+	0xf76: 0x0008, 0xf77: 0x0008, 0xf78: 0x0008, 0xf79: 0x0008, 0xf7a: 0x0008, 0xf7b: 0x0008,
+	0xf7c: 0x0008, 0xf7d: 0x0008, 0xf7e: 0x0008, 0xf7f: 0x0008,
+	// Block 0x3e, offset 0xf80
+	0xf80: 0x0b82, 0xf81: 0x0b8a, 0xf82: 0x0b92, 0xf83: 0x0b9a, 0xf84: 0x32d5, 0xf85: 0x32f5,
+	0xf86: 0x3315, 0xf87: 0x3335, 0xf88: 0x0018, 0xf89: 0x0018, 0xf8a: 0x0018, 0xf8b: 0x0018,
+	0xf8c: 0x0018, 0xf8d: 0x0018, 0xf8e: 0x0018, 0xf8f: 0x0018, 0xf90: 0x3355, 0xf91: 0x0ba1,
+	0xf92: 0x0ba9, 0xf93: 0x0bb1, 0xf94: 0x0bb9, 0xf95: 0x0bc1, 0xf96: 0x0bc9, 0xf97: 0x0bd1,
+	0xf98: 0x0bd9, 0xf99: 0x0be1, 0xf9a: 0x0be9, 0xf9b: 0x0bf1, 0xf9c: 0x0bf9, 0xf9d: 0x0c01,
+	0xf9e: 0x0c09, 0xf9f: 0x0c11, 0xfa0: 0x3375, 0xfa1: 0x3395, 0xfa2: 0x33b5, 0xfa3: 0x33d5,
+	0xfa4: 0x33f5, 0xfa5: 0x33f5, 0xfa6: 0x3415, 0xfa7: 0x3435, 0xfa8: 0x3455, 0xfa9: 0x3475,
+	0xfaa: 0x3495, 0xfab: 0x34b5, 0xfac: 0x34d5, 0xfad: 0x34f5, 0xfae: 0x3515, 0xfaf: 0x3535,
+	0xfb0: 0x3555, 0xfb1: 0x3575, 0xfb2: 0x3595, 0xfb3: 0x35b5, 0xfb4: 0x35d5, 0xfb5: 0x35f5,
+	0xfb6: 0x3615, 0xfb7: 0x3635, 0xfb8: 0x3655, 0xfb9: 0x3675, 0xfba: 0x3695, 0xfbb: 0x36b5,
+	0xfbc: 0x0c19, 0xfbd: 0x0c21, 0xfbe: 0x36d5, 0xfbf: 0x0018,
+	// Block 0x3f, offset 0xfc0
+	0xfc0: 0x36f5, 0xfc1: 0x3715, 0xfc2: 0x3735, 0xfc3: 0x3755, 0xfc4: 0x3775, 0xfc5: 0x3795,
+	0xfc6: 0x37b5, 0xfc7: 0x37d5, 0xfc8: 0x37f5, 0xfc9: 0x3815, 0xfca: 0x3835, 0xfcb: 0x3855,
+	0xfcc: 0x3875, 0xfcd: 0x3895, 0xfce: 0x38b5, 0xfcf: 0x38d5, 0xfd0: 0x38f5, 0xfd1: 0x3915,
+	0xfd2: 0x3935, 0xfd3: 0x3955, 0xfd4: 0x3975, 0xfd5: 0x3995, 0xfd6: 0x39b5, 0xfd7: 0x39d5,
+	0xfd8: 0x39f5, 0xfd9: 0x3a15, 0xfda: 0x3a35, 0xfdb: 0x3a55, 0xfdc: 0x3a75, 0xfdd: 0x3a95,
+	0xfde: 0x3ab5, 0xfdf: 0x3ad5, 0xfe0: 0x3af5, 0xfe1: 0x3b15, 0xfe2: 0x3b35, 0xfe3: 0x3b55,
+	0xfe4: 0x3b75, 0xfe5: 0x3b95, 0xfe6: 0x1295, 0xfe7: 0x3bb5, 0xfe8: 0x3bd5, 0xfe9: 0x3bf5,
+	0xfea: 0x3c15, 0xfeb: 0x3c35, 0xfec: 0x3c55, 0xfed: 0x3c75, 0xfee: 0x23b5, 0xfef: 0x3c95,
+	0xff0: 0x3cb5, 0xff1: 0x0c29, 0xff2: 0x0c31, 0xff3: 0x0c39, 0xff4: 0x0c41, 0xff5: 0x0c49,
+	0xff6: 0x0c51, 0xff7: 0x0c59, 0xff8: 0x0c61, 0xff9: 0x0c69, 0xffa: 0x0c71, 0xffb: 0x0c79,
+	0xffc: 0x0c81, 0xffd: 0x0c89, 0xffe: 0x0c91, 0xfff: 0x0c99,
+	// Block 0x40, offset 0x1000
+	0x1000: 0x0ca1, 0x1001: 0x0ca9, 0x1002: 0x0cb1, 0x1003: 0x0cb9, 0x1004: 0x0cc1, 0x1005: 0x0cc9,
+	0x1006: 0x0cd1, 0x1007: 0x0cd9, 0x1008: 0x0ce1, 0x1009: 0x0ce9, 0x100a: 0x0cf1, 0x100b: 0x0cf9,
+	0x100c: 0x0d01, 0x100d: 0x3cd5, 0x100e: 0x0d09, 0x100f: 0x3cf5, 0x1010: 0x3d15, 0x1011: 0x3d2d,
+	0x1012: 0x3d45, 0x1013: 0x3d5d, 0x1014: 0x3d75, 0x1015: 0x3d75, 0x1016: 0x3d5d, 0x1017: 0x3d8d,
+	0x1018: 0x07d5, 0x1019: 0x3da5, 0x101a: 0x3dbd, 0x101b: 0x3dd5, 0x101c: 0x3ded, 0x101d: 0x3e05,
+	0x101e: 0x3e1d, 0x101f: 0x3e35, 0x1020: 0x3e4d, 0x1021: 0x3e65, 0x1022: 0x3e7d, 0x1023: 0x3e95,
+	0x1024: 0x3ead, 0x1025: 0x3ead, 0x1026: 0x3ec5, 0x1027: 0x3ec5, 0x1028: 0x3edd, 0x1029: 0x3edd,
+	0x102a: 0x3ef5, 0x102b: 0x3f0d, 0x102c: 0x3f25, 0x102d: 0x3f3d, 0x102e: 0x3f55, 0x102f: 0x3f55,
+	0x1030: 0x3f6d, 0x1031: 0x3f6d, 0x1032: 0x3f6d, 0x1033: 0x3f85, 0x1034: 0x3f9d, 0x1035: 0x3fb5,
+	0x1036: 0x3fcd, 0x1037: 0x3fb5, 0x1038: 0x3fe5, 0x1039: 0x3ffd, 0x103a: 0x3f85, 0x103b: 0x4015,
+	0x103c: 0x402d, 0x103d: 0x402d, 0x103e: 0x402d, 0x103f: 0x0d11,
+	// Block 0x41, offset 0x1040
+	0x1040: 0x10f9, 0x1041: 0x1101, 0x1042: 0x40a5, 0x1043: 0x1109, 0x1044: 0x1111, 0x1045: 0x1119,
+	0x1046: 0x1121, 0x1047: 0x1129, 0x1048: 0x40c5, 0x1049: 0x1131, 0x104a: 0x1139, 0x104b: 0x1141,
+	0x104c: 0x40e5, 0x104d: 0x40e5, 0x104e: 0x1149, 0x104f: 0x1151, 0x1050: 0x1159, 0x1051: 0x4105,
+	0x1052: 0x4125, 0x1053: 0x4145, 0x1054: 0x4165, 0x1055: 0x4185, 0x1056: 0x1161, 0x1057: 0x1169,
+	0x1058: 0x1171, 0x1059: 0x1179, 0x105a: 0x1181, 0x105b: 0x41a5, 0x105c: 0x1189, 0x105d: 0x1191,
+	0x105e: 0x1199, 0x105f: 0x41c5, 0x1060: 0x41e5, 0x1061: 0x11a1, 0x1062: 0x4205, 0x1063: 0x4225,
+	0x1064: 0x4245, 0x1065: 0x11a9, 0x1066: 0x4265, 0x1067: 0x11b1, 0x1068: 0x11b9, 0x1069: 0x10f9,
+	0x106a: 0x4285, 0x106b: 0x42a5, 0x106c: 0x42c5, 0x106d: 0x42e5, 0x106e: 0x11c1, 0x106f: 0x11c9,
+	0x1070: 0x11d1, 0x1071: 0x11d9, 0x1072: 0x4305, 0x1073: 0x11e1, 0x1074: 0x11e9, 0x1075: 0x11f1,
+	0x1076: 0x4325, 0x1077: 0x11f9, 0x1078: 0x1201, 0x1079: 0x11f9, 0x107a: 0x1209, 0x107b: 0x1211,
+	0x107c: 0x4345, 0x107d: 0x1219, 0x107e: 0x1221, 0x107f: 0x1219,
+	// Block 0x42, offset 0x1080
+	0x1080: 0x4365, 0x1081: 0x4385, 0x1082: 0x0040, 0x1083: 0x1229, 0x1084: 0x1231, 0x1085: 0x1239,
+	0x1086: 0x1241, 0x1087: 0x0040, 0x1088: 0x1249, 0x1089: 0x1251, 0x108a: 0x1259, 0x108b: 0x1261,
+	0x108c: 0x1269, 0x108d: 0x1271, 0x108e: 0x1199, 0x108f: 0x1279, 0x1090: 0x1281, 0x1091: 0x1289,
+	0x1092: 0x43a5, 0x1093: 0x1291, 0x1094: 0x1121, 0x1095: 0x43c5, 0x1096: 0x43e5, 0x1097: 0x1299,
+	0x1098: 0x0040, 0x1099: 0x4405, 0x109a: 0x12a1, 0x109b: 0x12a9, 0x109c: 0x12b1, 0x109d: 0x12b9,
+	0x109e: 0x12c1, 0x109f: 0x12c9, 0x10a0: 0x12d1, 0x10a1: 0x12d9, 0x10a2: 0x12e1, 0x10a3: 0x12e9,
+	0x10a4: 0x12f1, 0x10a5: 0x12f9, 0x10a6: 0x1301, 0x10a7: 0x1309, 0x10a8: 0x1311, 0x10a9: 0x1319,
+	0x10aa: 0x1321, 0x10ab: 0x1329, 0x10ac: 0x1331, 0x10ad: 0x1339, 0x10ae: 0x1341, 0x10af: 0x1349,
+	0x10b0: 0x1351, 0x10b1: 0x1359, 0x10b2: 0x1361, 0x10b3: 0x1369, 0x10b4: 0x1371, 0x10b5: 0x1379,
+	0x10b6: 0x1381, 0x10b7: 0x1389, 0x10b8: 0x1391, 0x10b9: 0x1399, 0x10ba: 0x13a1, 0x10bb: 0x13a9,
+	0x10bc: 0x13b1, 0x10bd: 0x13b9, 0x10be: 0x13c1, 0x10bf: 0x4425,
+	// Block 0x43, offset 0x10c0
+	0x10c0: 0xe00d, 0x10c1: 0x0008, 0x10c2: 0xe00d, 0x10c3: 0x0008, 0x10c4: 0xe00d, 0x10c5: 0x0008,
+	0x10c6: 0xe00d, 0x10c7: 0x0008, 0x10c8: 0xe00d, 0x10c9: 0x0008, 0x10ca: 0xe00d, 0x10cb: 0x0008,
+	0x10cc: 0xe00d, 0x10cd: 0x0008, 0x10ce: 0xe00d, 0x10cf: 0x0008, 0x10d0: 0xe00d, 0x10d1: 0x0008,
+	0x10d2: 0xe00d, 0x10d3: 0x0008, 0x10d4: 0xe00d, 0x10d5: 0x0008, 0x10d6: 0xe00d, 0x10d7: 0x0008,
+	0x10d8: 0xe00d, 0x10d9: 0x0008, 0x10da: 0xe00d, 0x10db: 0x0008, 0x10dc: 0xe00d, 0x10dd: 0x0008,
+	0x10de: 0xe00d, 0x10df: 0x0008, 0x10e0: 0xe00d, 0x10e1: 0x0008, 0x10e2: 0xe00d, 0x10e3: 0x0008,
+	0x10e4: 0xe00d, 0x10e5: 0x0008, 0x10e6: 0xe00d, 0x10e7: 0x0008, 0x10e8: 0xe00d, 0x10e9: 0x0008,
+	0x10ea: 0xe00d, 0x10eb: 0x0008, 0x10ec: 0xe00d, 0x10ed: 0x0008, 0x10ee: 0x0008, 0x10ef: 0x3308,
+	0x10f0: 0x3318, 0x10f1: 0x3318, 0x10f2: 0x3318, 0x10f3: 0x0018, 0x10f4: 0x3308, 0x10f5: 0x3308,
+	0x10f6: 0x3308, 0x10f7: 0x3308, 0x10f8: 0x3308, 0x10f9: 0x3308, 0x10fa: 0x3308, 0x10fb: 0x3308,
+	0x10fc: 0x3308, 0x10fd: 0x3308, 0x10fe: 0x0018, 0x10ff: 0x0008,
+	// Block 0x44, offset 0x1100
+	0x1100: 0xe00d, 0x1101: 0x0008, 0x1102: 0xe00d, 0x1103: 0x0008, 0x1104: 0xe00d, 0x1105: 0x0008,
+	0x1106: 0xe00d, 0x1107: 0x0008, 0x1108: 0xe00d, 0x1109: 0x0008, 0x110a: 0xe00d, 0x110b: 0x0008,
+	0x110c: 0xe00d, 0x110d: 0x0008, 0x110e: 0xe00d, 0x110f: 0x0008, 0x1110: 0xe00d, 0x1111: 0x0008,
+	0x1112: 0xe00d, 0x1113: 0x0008, 0x1114: 0xe00d, 0x1115: 0x0008, 0x1116: 0xe00d, 0x1117: 0x0008,
+	0x1118: 0xe00d, 0x1119: 0x0008, 0x111a: 0xe00d, 0x111b: 0x0008, 0x111c: 0x02d1, 0x111d: 0x13c9,
+	0x111e: 0x3308, 0x111f: 0x3308, 0x1120: 0x0008, 0x1121: 0x0008, 0x1122: 0x0008, 0x1123: 0x0008,
+	0x1124: 0x0008, 0x1125: 0x0008, 0x1126: 0x0008, 0x1127: 0x0008, 0x1128: 0x0008, 0x1129: 0x0008,
+	0x112a: 0x0008, 0x112b: 0x0008, 0x112c: 0x0008, 0x112d: 0x0008, 0x112e: 0x0008, 0x112f: 0x0008,
+	0x1130: 0x0008, 0x1131: 0x0008, 0x1132: 0x0008, 0x1133: 0x0008, 0x1134: 0x0008, 0x1135: 0x0008,
+	0x1136: 0x0008, 0x1137: 0x0008, 0x1138: 0x0008, 0x1139: 0x0008, 0x113a: 0x0008, 0x113b: 0x0008,
+	0x113c: 0x0008, 0x113d: 0x0008, 0x113e: 0x0008, 0x113f: 0x0008,
+	// Block 0x45, offset 0x1140
+	0x1140: 0x0018, 0x1141: 0x0018, 0x1142: 0x0018, 0x1143: 0x0018, 0x1144: 0x0018, 0x1145: 0x0018,
+	0x1146: 0x0018, 0x1147: 0x0018, 0x1148: 0x0018, 0x1149: 0x0018, 0x114a: 0x0018, 0x114b: 0x0018,
+	0x114c: 0x0018, 0x114d: 0x0018, 0x114e: 0x0018, 0x114f: 0x0018, 0x1150: 0x0018, 0x1151: 0x0018,
+	0x1152: 0x0018, 0x1153: 0x0018, 0x1154: 0x0018, 0x1155: 0x0018, 0x1156: 0x0018, 0x1157: 0x0008,
+	0x1158: 0x0008, 0x1159: 0x0008, 0x115a: 0x0008, 0x115b: 0x0008, 0x115c: 0x0008, 0x115d: 0x0008,
+	0x115e: 0x0008, 0x115f: 0x0008, 0x1160: 0x0018, 0x1161: 0x0018, 0x1162: 0xe00d, 0x1163: 0x0008,
+	0x1164: 0xe00d, 0x1165: 0x0008, 0x1166: 0xe00d, 0x1167: 0x0008, 0x1168: 0xe00d, 0x1169: 0x0008,
+	0x116a: 0xe00d, 0x116b: 0x0008, 0x116c: 0xe00d, 0x116d: 0x0008, 0x116e: 0xe00d, 0x116f: 0x0008,
+	0x1170: 0x0008, 0x1171: 0x0008, 0x1172: 0xe00d, 0x1173: 0x0008, 0x1174: 0xe00d, 0x1175: 0x0008,
+	0x1176: 0xe00d, 0x1177: 0x0008, 0x1178: 0xe00d, 0x1179: 0x0008, 0x117a: 0xe00d, 0x117b: 0x0008,
+	0x117c: 0xe00d, 0x117d: 0x0008, 0x117e: 0xe00d, 0x117f: 0x0008,
+	// Block 0x46, offset 0x1180
+	0x1180: 0xe00d, 0x1181: 0x0008, 0x1182: 0xe00d, 0x1183: 0x0008, 0x1184: 0xe00d, 0x1185: 0x0008,
+	0x1186: 0xe00d, 0x1187: 0x0008, 0x1188: 0xe00d, 0x1189: 0x0008, 0x118a: 0xe00d, 0x118b: 0x0008,
+	0x118c: 0xe00d, 0x118d: 0x0008, 0x118e: 0xe00d, 0x118f: 0x0008, 0x1190: 0xe00d, 0x1191: 0x0008,
+	0x1192: 0xe00d, 0x1193: 0x0008, 0x1194: 0xe00d, 0x1195: 0x0008, 0x1196: 0xe00d, 0x1197: 0x0008,
+	0x1198: 0xe00d, 0x1199: 0x0008, 0x119a: 0xe00d, 0x119b: 0x0008, 0x119c: 0xe00d, 0x119d: 0x0008,
+	0x119e: 0xe00d, 0x119f: 0x0008, 0x11a0: 0xe00d, 0x11a1: 0x0008, 0x11a2: 0xe00d, 0x11a3: 0x0008,
+	0x11a4: 0xe00d, 0x11a5: 0x0008, 0x11a6: 0xe00d, 0x11a7: 0x0008, 0x11a8: 0xe00d, 0x11a9: 0x0008,
+	0x11aa: 0xe00d, 0x11ab: 0x0008, 0x11ac: 0xe00d, 0x11ad: 0x0008, 0x11ae: 0xe00d, 0x11af: 0x0008,
+	0x11b0: 0xe0fd, 0x11b1: 0x0008, 0x11b2: 0x0008, 0x11b3: 0x0008, 0x11b4: 0x0008, 0x11b5: 0x0008,
+	0x11b6: 0x0008, 0x11b7: 0x0008, 0x11b8: 0x0008, 0x11b9: 0xe01d, 0x11ba: 0x0008, 0x11bb: 0xe03d,
+	0x11bc: 0x0008, 0x11bd: 0x4445, 0x11be: 0xe00d, 0x11bf: 0x0008,
+	// Block 0x47, offset 0x11c0
+	0x11c0: 0xe00d, 0x11c1: 0x0008, 0x11c2: 0xe00d, 0x11c3: 0x0008, 0x11c4: 0xe00d, 0x11c5: 0x0008,
+	0x11c6: 0xe00d, 0x11c7: 0x0008, 0x11c8: 0x0008, 0x11c9: 0x0018, 0x11ca: 0x0018, 0x11cb: 0xe03d,
+	0x11cc: 0x0008, 0x11cd: 0x0409, 0x11ce: 0x0008, 0x11cf: 0x0008, 0x11d0: 0xe00d, 0x11d1: 0x0008,
+	0x11d2: 0xe00d, 0x11d3: 0x0008, 0x11d4: 0x0008, 0x11d5: 0x0008, 0x11d6: 0xe00d, 0x11d7: 0x0008,
+	0x11d8: 0xe00d, 0x11d9: 0x0008, 0x11da: 0xe00d, 0x11db: 0x0008, 0x11dc: 0xe00d, 0x11dd: 0x0008,
+	0x11de: 0xe00d, 0x11df: 0x0008, 0x11e0: 0xe00d, 0x11e1: 0x0008, 0x11e2: 0xe00d, 0x11e3: 0x0008,
+	0x11e4: 0xe00d, 0x11e5: 0x0008, 0x11e6: 0xe00d, 0x11e7: 0x0008, 0x11e8: 0xe00d, 0x11e9: 0x0008,
+	0x11ea: 0x13d1, 0x11eb: 0x0371, 0x11ec: 0x0401, 0x11ed: 0x13d9, 0x11ee: 0x0421, 0x11ef: 0x0008,
+	0x11f0: 0x13e1, 0x11f1: 0x13e9, 0x11f2: 0x0429, 0x11f3: 0x4465, 0x11f4: 0xe00d, 0x11f5: 0x0008,
+	0x11f6: 0xe00d, 0x11f7: 0x0008, 0x11f8: 0xe00d, 0x11f9: 0x0008, 0x11fa: 0xe00d, 0x11fb: 0x0008,
+	0x11fc: 0xe00d, 0x11fd: 0x0008, 0x11fe: 0xe00d, 0x11ff: 0x0008,
+	// Block 0x48, offset 0x1200
+	0x1200: 0xe00d, 0x1201: 0x0008, 0x1202: 0xe00d, 0x1203: 0x0008, 0x1204: 0x03f5, 0x1205: 0x0479,
+	0x1206: 0x447d, 0x1207: 0xe07d, 0x1208: 0x0008, 0x1209: 0xe01d, 0x120a: 0x0008, 0x120b: 0x0040,
+	0x120c: 0x0040, 0x120d: 0x0040, 0x120e: 0x0040, 0x120f: 0x0040, 0x1210: 0xe00d, 0x1211: 0x0008,
+	0x1212: 0x0040, 0x1213: 0x0008, 0x1214: 0x0040, 0x1215: 0x0008, 0x1216: 0xe00d, 0x1217: 0x0008,
+	0x1218: 0xe00d, 0x1219: 0x0008, 0x121a: 0x0040, 0x121b: 0x0040, 0x121c: 0x0040, 0x121d: 0x0040,
+	0x121e: 0x0040, 0x121f: 0x0040, 0x1220: 0x0040, 0x1221: 0x0040, 0x1222: 0x0040, 0x1223: 0x0040,
+	0x1224: 0x0040, 0x1225: 0x0040, 0x1226: 0x0040, 0x1227: 0x0040, 0x1228: 0x0040, 0x1229: 0x0040,
+	0x122a: 0x0040, 0x122b: 0x0040, 0x122c: 0x0040, 0x122d: 0x0040, 0x122e: 0x0040, 0x122f: 0x0040,
+	0x1230: 0x0040, 0x1231: 0x0040, 0x1232: 0x03d9, 0x1233: 0x03f1, 0x1234: 0x0751, 0x1235: 0xe01d,
+	0x1236: 0x0008, 0x1237: 0x0008, 0x1238: 0x0741, 0x1239: 0x13f1, 0x123a: 0x0008, 0x123b: 0x0008,
+	0x123c: 0x0008, 0x123d: 0x0008, 0x123e: 0x0008, 0x123f: 0x0008,
+	// Block 0x49, offset 0x1240
+	0x1240: 0x650d, 0x1241: 0x652d, 0x1242: 0x654d, 0x1243: 0x656d, 0x1244: 0x658d, 0x1245: 0x65ad,
+	0x1246: 0x65cd, 0x1247: 0x65ed, 0x1248: 0x660d, 0x1249: 0x662d, 0x124a: 0x664d, 0x124b: 0x666d,
+	0x124c: 0x668d, 0x124d: 0x66ad, 0x124e: 0x0008, 0x124f: 0x0008, 0x1250: 0x66cd, 0x1251: 0x0008,
+	0x1252: 0x66ed, 0x1253: 0x0008, 0x1254: 0x0008, 0x1255: 0x670d, 0x1256: 0x672d, 0x1257: 0x674d,
+	0x1258: 0x676d, 0x1259: 0x678d, 0x125a: 0x67ad, 0x125b: 0x67cd, 0x125c: 0x67ed, 0x125d: 0x680d,
+	0x125e: 0x682d, 0x125f: 0x0008, 0x1260: 0x684d, 0x1261: 0x0008, 0x1262: 0x686d, 0x1263: 0x0008,
+	0x1264: 0x0008, 0x1265: 0x688d, 0x1266: 0x68ad, 0x1267: 0x0008, 0x1268: 0x0008, 0x1269: 0x0008,
+	0x126a: 0x68cd, 0x126b: 0x68ed, 0x126c: 0x690d, 0x126d: 0x692d, 0x126e: 0x694d, 0x126f: 0x696d,
+	0x1270: 0x698d, 0x1271: 0x69ad, 0x1272: 0x69cd, 0x1273: 0x69ed, 0x1274: 0x6a0d, 0x1275: 0x6a2d,
+	0x1276: 0x6a4d, 0x1277: 0x6a6d, 0x1278: 0x6a8d, 0x1279: 0x6aad, 0x127a: 0x6acd, 0x127b: 0x6aed,
+	0x127c: 0x6b0d, 0x127d: 0x6b2d, 0x127e: 0x6b4d, 0x127f: 0x6b6d,
+	// Block 0x4a, offset 0x1280
+	0x1280: 0x7acd, 0x1281: 0x7aed, 0x1282: 0x7b0d, 0x1283: 0x7b2d, 0x1284: 0x7b4d, 0x1285: 0x7b6d,
+	0x1286: 0x7b8d, 0x1287: 0x7bad, 0x1288: 0x7bcd, 0x1289: 0x7bed, 0x128a: 0x7c0d, 0x128b: 0x7c2d,
+	0x128c: 0x7c4d, 0x128d: 0x7c6d, 0x128e: 0x7c8d, 0x128f: 0x1409, 0x1290: 0x1411, 0x1291: 0x1419,
+	0x1292: 0x7cad, 0x1293: 0x7ccd, 0x1294: 0x7ced, 0x1295: 0x1421, 0x1296: 0x1429, 0x1297: 0x1431,
+	0x1298: 0x7d0d, 0x1299: 0x7d2d, 0x129a: 0x0040, 0x129b: 0x0040, 0x129c: 0x0040, 0x129d: 0x0040,
+	0x129e: 0x0040, 0x129f: 0x0040, 0x12a0: 0x0040, 0x12a1: 0x0040, 0x12a2: 0x0040, 0x12a3: 0x0040,
+	0x12a4: 0x0040, 0x12a5: 0x0040, 0x12a6: 0x0040, 0x12a7: 0x0040, 0x12a8: 0x0040, 0x12a9: 0x0040,
+	0x12aa: 0x0040, 0x12ab: 0x0040, 0x12ac: 0x0040, 0x12ad: 0x0040, 0x12ae: 0x0040, 0x12af: 0x0040,
+	0x12b0: 0x0040, 0x12b1: 0x0040, 0x12b2: 0x0040, 0x12b3: 0x0040, 0x12b4: 0x0040, 0x12b5: 0x0040,
+	0x12b6: 0x0040, 0x12b7: 0x0040, 0x12b8: 0x0040, 0x12b9: 0x0040, 0x12ba: 0x0040, 0x12bb: 0x0040,
+	0x12bc: 0x0040, 0x12bd: 0x0040, 0x12be: 0x0040, 0x12bf: 0x0040,
+	// Block 0x4b, offset 0x12c0
+	0x12c0: 0x1439, 0x12c1: 0x1441, 0x12c2: 0x1449, 0x12c3: 0x7d4d, 0x12c4: 0x7d6d, 0x12c5: 0x1451,
+	0x12c6: 0x1451, 0x12c7: 0x0040, 0x12c8: 0x0040, 0x12c9: 0x0040, 0x12ca: 0x0040, 0x12cb: 0x0040,
+	0x12cc: 0x0040, 0x12cd: 0x0040, 0x12ce: 0x0040, 0x12cf: 0x0040, 0x12d0: 0x0040, 0x12d1: 0x0040,
+	0x12d2: 0x0040, 0x12d3: 0x1459, 0x12d4: 0x1461, 0x12d5: 0x1469, 0x12d6: 0x1471, 0x12d7: 0x1479,
+	0x12d8: 0x0040, 0x12d9: 0x0040, 0x12da: 0x0040, 0x12db: 0x0040, 0x12dc: 0x0040, 0x12dd: 0x1481,
+	0x12de: 0x3308, 0x12df: 0x1489, 0x12e0: 0x1491, 0x12e1: 0x0779, 0x12e2: 0x0791, 0x12e3: 0x1499,
+	0x12e4: 0x14a1, 0x12e5: 0x14a9, 0x12e6: 0x14b1, 0x12e7: 0x14b9, 0x12e8: 0x14c1, 0x12e9: 0x071a,
+	0x12ea: 0x14c9, 0x12eb: 0x14d1, 0x12ec: 0x14d9, 0x12ed: 0x14e1, 0x12ee: 0x14e9, 0x12ef: 0x14f1,
+	0x12f0: 0x14f9, 0x12f1: 0x1501, 0x12f2: 0x1509, 0x12f3: 0x1511, 0x12f4: 0x1519, 0x12f5: 0x1521,
+	0x12f6: 0x1529, 0x12f7: 0x0040, 0x12f8: 0x1531, 0x12f9: 0x1539, 0x12fa: 0x1541, 0x12fb: 0x1549,
+	0x12fc: 0x1551, 0x12fd: 0x0040, 0x12fe: 0x1559, 0x12ff: 0x0040,
+	// Block 0x4c, offset 0x1300
+	0x1300: 0x1561, 0x1301: 0x1569, 0x1302: 0x0040, 0x1303: 0x1571, 0x1304: 0x1579, 0x1305: 0x0040,
+	0x1306: 0x1581, 0x1307: 0x1589, 0x1308: 0x1591, 0x1309: 0x1599, 0x130a: 0x15a1, 0x130b: 0x15a9,
+	0x130c: 0x15b1, 0x130d: 0x15b9, 0x130e: 0x15c1, 0x130f: 0x15c9, 0x1310: 0x15d1, 0x1311: 0x15d1,
+	0x1312: 0x15d9, 0x1313: 0x15d9, 0x1314: 0x15d9, 0x1315: 0x15d9, 0x1316: 0x15e1, 0x1317: 0x15e1,
+	0x1318: 0x15e1, 0x1319: 0x15e1, 0x131a: 0x15e9, 0x131b: 0x15e9, 0x131c: 0x15e9, 0x131d: 0x15e9,
+	0x131e: 0x15f1, 0x131f: 0x15f1, 0x1320: 0x15f1, 0x1321: 0x15f1, 0x1322: 0x15f9, 0x1323: 0x15f9,
+	0x1324: 0x15f9, 0x1325: 0x15f9, 0x1326: 0x1601, 0x1327: 0x1601, 0x1328: 0x1601, 0x1329: 0x1601,
+	0x132a: 0x1609, 0x132b: 0x1609, 0x132c: 0x1609, 0x132d: 0x1609, 0x132e: 0x1611, 0x132f: 0x1611,
+	0x1330: 0x1611, 0x1331: 0x1611, 0x1332: 0x1619, 0x1333: 0x1619, 0x1334: 0x1619, 0x1335: 0x1619,
+	0x1336: 0x1621, 0x1337: 0x1621, 0x1338: 0x1621, 0x1339: 0x1621, 0x133a: 0x1629, 0x133b: 0x1629,
+	0x133c: 0x1629, 0x133d: 0x1629, 0x133e: 0x1631, 0x133f: 0x1631,
+	// Block 0x4d, offset 0x1340
+	0x1340: 0x1631, 0x1341: 0x1631, 0x1342: 0x1639, 0x1343: 0x1639, 0x1344: 0x1641, 0x1345: 0x1641,
+	0x1346: 0x1649, 0x1347: 0x1649, 0x1348: 0x1651, 0x1349: 0x1651, 0x134a: 0x1659, 0x134b: 0x1659,
+	0x134c: 0x1661, 0x134d: 0x1661, 0x134e: 0x1669, 0x134f: 0x1669, 0x1350: 0x1669, 0x1351: 0x1669,
+	0x1352: 0x1671, 0x1353: 0x1671, 0x1354: 0x1671, 0x1355: 0x1671, 0x1356: 0x1679, 0x1357: 0x1679,
+	0x1358: 0x1679, 0x1359: 0x1679, 0x135a: 0x1681, 0x135b: 0x1681, 0x135c: 0x1681, 0x135d: 0x1681,
+	0x135e: 0x1689, 0x135f: 0x1689, 0x1360: 0x1691, 0x1361: 0x1691, 0x1362: 0x1691, 0x1363: 0x1691,
+	0x1364: 0x1699, 0x1365: 0x1699, 0x1366: 0x16a1, 0x1367: 0x16a1, 0x1368: 0x16a1, 0x1369: 0x16a1,
+	0x136a: 0x16a9, 0x136b: 0x16a9, 0x136c: 0x16a9, 0x136d: 0x16a9, 0x136e: 0x16b1, 0x136f: 0x16b1,
+	0x1370: 0x16b9, 0x1371: 0x16b9, 0x1372: 0x0818, 0x1373: 0x0818, 0x1374: 0x0818, 0x1375: 0x0818,
+	0x1376: 0x0818, 0x1377: 0x0818, 0x1378: 0x0818, 0x1379: 0x0818, 0x137a: 0x0818, 0x137b: 0x0818,
+	0x137c: 0x0818, 0x137d: 0x0818, 0x137e: 0x0818, 0x137f: 0x0818,
+	// Block 0x4e, offset 0x1380
+	0x1380: 0x0818, 0x1381: 0x0818, 0x1382: 0x0818, 0x1383: 0x0040, 0x1384: 0x0040, 0x1385: 0x0040,
+	0x1386: 0x0040, 0x1387: 0x0040, 0x1388: 0x0040, 0x1389: 0x0040, 0x138a: 0x0040, 0x138b: 0x0040,
+	0x138c: 0x0040, 0x138d: 0x0040, 0x138e: 0x0040, 0x138f: 0x0040, 0x1390: 0x0040, 0x1391: 0x0040,
+	0x1392: 0x0040, 0x1393: 0x16c1, 0x1394: 0x16c1, 0x1395: 0x16c1, 0x1396: 0x16c1, 0x1397: 0x16c9,
+	0x1398: 0x16c9, 0x1399: 0x16d1, 0x139a: 0x16d1, 0x139b: 0x16d9, 0x139c: 0x16d9, 0x139d: 0x0149,
+	0x139e: 0x16e1, 0x139f: 0x16e1, 0x13a0: 0x16e9, 0x13a1: 0x16e9, 0x13a2: 0x16f1, 0x13a3: 0x16f1,
+	0x13a4: 0x16f9, 0x13a5: 0x16f9, 0x13a6: 0x16f9, 0x13a7: 0x16f9, 0x13a8: 0x1701, 0x13a9: 0x1701,
+	0x13aa: 0x1709, 0x13ab: 0x1709, 0x13ac: 0x1711, 0x13ad: 0x1711, 0x13ae: 0x1719, 0x13af: 0x1719,
+	0x13b0: 0x1721, 0x13b1: 0x1721, 0x13b2: 0x1729, 0x13b3: 0x1729, 0x13b4: 0x1731, 0x13b5: 0x1731,
+	0x13b6: 0x1739, 0x13b7: 0x1739, 0x13b8: 0x1739, 0x13b9: 0x1741, 0x13ba: 0x1741, 0x13bb: 0x1741,
+	0x13bc: 0x1749, 0x13bd: 0x1749, 0x13be: 0x1749, 0x13bf: 0x1749,
+	// Block 0x4f, offset 0x13c0
+	0x13c0: 0x1949, 0x13c1: 0x1951, 0x13c2: 0x1959, 0x13c3: 0x1961, 0x13c4: 0x1969, 0x13c5: 0x1971,
+	0x13c6: 0x1979, 0x13c7: 0x1981, 0x13c8: 0x1989, 0x13c9: 0x1991, 0x13ca: 0x1999, 0x13cb: 0x19a1,
+	0x13cc: 0x19a9, 0x13cd: 0x19b1, 0x13ce: 0x19b9, 0x13cf: 0x19c1, 0x13d0: 0x19c9, 0x13d1: 0x19d1,
+	0x13d2: 0x19d9, 0x13d3: 0x19e1, 0x13d4: 0x19e9, 0x13d5: 0x19f1, 0x13d6: 0x19f9, 0x13d7: 0x1a01,
+	0x13d8: 0x1a09, 0x13d9: 0x1a11, 0x13da: 0x1a19, 0x13db: 0x1a21, 0x13dc: 0x1a29, 0x13dd: 0x1a31,
+	0x13de: 0x1a3a, 0x13df: 0x1a42, 0x13e0: 0x1a4a, 0x13e1: 0x1a52, 0x13e2: 0x1a5a, 0x13e3: 0x1a62,
+	0x13e4: 0x1a69, 0x13e5: 0x1a71, 0x13e6: 0x1761, 0x13e7: 0x1a79, 0x13e8: 0x1741, 0x13e9: 0x1769,
+	0x13ea: 0x1a81, 0x13eb: 0x1a89, 0x13ec: 0x1789, 0x13ed: 0x1a91, 0x13ee: 0x1791, 0x13ef: 0x1799,
+	0x13f0: 0x1a99, 0x13f1: 0x1aa1, 0x13f2: 0x17b9, 0x13f3: 0x1aa9, 0x13f4: 0x17c1, 0x13f5: 0x17c9,
+	0x13f6: 0x1ab1, 0x13f7: 0x1ab9, 0x13f8: 0x17d9, 0x13f9: 0x1ac1, 0x13fa: 0x17e1, 0x13fb: 0x17e9,
+	0x13fc: 0x18d1, 0x13fd: 0x18d9, 0x13fe: 0x18f1, 0x13ff: 0x18f9,
+	// Block 0x50, offset 0x1400
+	0x1400: 0x1901, 0x1401: 0x1921, 0x1402: 0x1929, 0x1403: 0x1931, 0x1404: 0x1939, 0x1405: 0x1959,
+	0x1406: 0x1961, 0x1407: 0x1969, 0x1408: 0x1ac9, 0x1409: 0x1989, 0x140a: 0x1ad1, 0x140b: 0x1ad9,
+	0x140c: 0x19b9, 0x140d: 0x1ae1, 0x140e: 0x19c1, 0x140f: 0x19c9, 0x1410: 0x1a31, 0x1411: 0x1ae9,
+	0x1412: 0x1af1, 0x1413: 0x1a09, 0x1414: 0x1af9, 0x1415: 0x1a11, 0x1416: 0x1a19, 0x1417: 0x1751,
+	0x1418: 0x1759, 0x1419: 0x1b01, 0x141a: 0x1761, 0x141b: 0x1b09, 0x141c: 0x1771, 0x141d: 0x1779,
+	0x141e: 0x1781, 0x141f: 0x1789, 0x1420: 0x1b11, 0x1421: 0x17a1, 0x1422: 0x17a9, 0x1423: 0x17b1,
+	0x1424: 0x17b9, 0x1425: 0x1b19, 0x1426: 0x17d9, 0x1427: 0x17f1, 0x1428: 0x17f9, 0x1429: 0x1801,
+	0x142a: 0x1809, 0x142b: 0x1811, 0x142c: 0x1821, 0x142d: 0x1829, 0x142e: 0x1831, 0x142f: 0x1839,
+	0x1430: 0x1841, 0x1431: 0x1849, 0x1432: 0x1b21, 0x1433: 0x1851, 0x1434: 0x1859, 0x1435: 0x1861,
+	0x1436: 0x1869, 0x1437: 0x1871, 0x1438: 0x1879, 0x1439: 0x1889, 0x143a: 0x1891, 0x143b: 0x1899,
+	0x143c: 0x18a1, 0x143d: 0x18a9, 0x143e: 0x18b1, 0x143f: 0x18b9,
+	// Block 0x51, offset 0x1440
+	0x1440: 0x18c1, 0x1441: 0x18c9, 0x1442: 0x18e1, 0x1443: 0x18e9, 0x1444: 0x1909, 0x1445: 0x1911,
+	0x1446: 0x1919, 0x1447: 0x1921, 0x1448: 0x1929, 0x1449: 0x1941, 0x144a: 0x1949, 0x144b: 0x1951,
+	0x144c: 0x1959, 0x144d: 0x1b29, 0x144e: 0x1971, 0x144f: 0x1979, 0x1450: 0x1981, 0x1451: 0x1989,
+	0x1452: 0x19a1, 0x1453: 0x19a9, 0x1454: 0x19b1, 0x1455: 0x19b9, 0x1456: 0x1b31, 0x1457: 0x19d1,
+	0x1458: 0x19d9, 0x1459: 0x1b39, 0x145a: 0x19f1, 0x145b: 0x19f9, 0x145c: 0x1a01, 0x145d: 0x1a09,
+	0x145e: 0x1b41, 0x145f: 0x1761, 0x1460: 0x1b09, 0x1461: 0x1789, 0x1462: 0x1b11, 0x1463: 0x17b9,
+	0x1464: 0x1b19, 0x1465: 0x17d9, 0x1466: 0x1b49, 0x1467: 0x1841, 0x1468: 0x1b51, 0x1469: 0x1b59,
+	0x146a: 0x1b61, 0x146b: 0x1921, 0x146c: 0x1929, 0x146d: 0x1959, 0x146e: 0x19b9, 0x146f: 0x1b31,
+	0x1470: 0x1a09, 0x1471: 0x1b41, 0x1472: 0x1b69, 0x1473: 0x1b71, 0x1474: 0x1b79, 0x1475: 0x1b81,
+	0x1476: 0x1b89, 0x1477: 0x1b91, 0x1478: 0x1b99, 0x1479: 0x1ba1, 0x147a: 0x1ba9, 0x147b: 0x1bb1,
+	0x147c: 0x1bb9, 0x147d: 0x1bc1, 0x147e: 0x1bc9, 0x147f: 0x1bd1,
+	// Block 0x52, offset 0x1480
+	0x1480: 0x1bd9, 0x1481: 0x1be1, 0x1482: 0x1be9, 0x1483: 0x1bf1, 0x1484: 0x1bf9, 0x1485: 0x1c01,
+	0x1486: 0x1c09, 0x1487: 0x1c11, 0x1488: 0x1c19, 0x1489: 0x1c21, 0x148a: 0x1c29, 0x148b: 0x1c31,
+	0x148c: 0x1b59, 0x148d: 0x1c39, 0x148e: 0x1c41, 0x148f: 0x1c49, 0x1490: 0x1c51, 0x1491: 0x1b81,
+	0x1492: 0x1b89, 0x1493: 0x1b91, 0x1494: 0x1b99, 0x1495: 0x1ba1, 0x1496: 0x1ba9, 0x1497: 0x1bb1,
+	0x1498: 0x1bb9, 0x1499: 0x1bc1, 0x149a: 0x1bc9, 0x149b: 0x1bd1, 0x149c: 0x1bd9, 0x149d: 0x1be1,
+	0x149e: 0x1be9, 0x149f: 0x1bf1, 0x14a0: 0x1bf9, 0x14a1: 0x1c01, 0x14a2: 0x1c09, 0x14a3: 0x1c11,
+	0x14a4: 0x1c19, 0x14a5: 0x1c21, 0x14a6: 0x1c29, 0x14a7: 0x1c31, 0x14a8: 0x1b59, 0x14a9: 0x1c39,
+	0x14aa: 0x1c41, 0x14ab: 0x1c49, 0x14ac: 0x1c51, 0x14ad: 0x1c21, 0x14ae: 0x1c29, 0x14af: 0x1c31,
+	0x14b0: 0x1b59, 0x14b1: 0x1b51, 0x14b2: 0x1b61, 0x14b3: 0x1881, 0x14b4: 0x1829, 0x14b5: 0x1831,
+	0x14b6: 0x1839, 0x14b7: 0x1c21, 0x14b8: 0x1c29, 0x14b9: 0x1c31, 0x14ba: 0x1881, 0x14bb: 0x1889,
+	0x14bc: 0x1c59, 0x14bd: 0x1c59, 0x14be: 0x0018, 0x14bf: 0x0018,
+	// Block 0x53, offset 0x14c0
+	0x14c0: 0x0018, 0x14c1: 0x0018, 0x14c2: 0x0018, 0x14c3: 0x0018, 0x14c4: 0x0018, 0x14c5: 0x0018,
+	0x14c6: 0x0018, 0x14c7: 0x0018, 0x14c8: 0x0018, 0x14c9: 0x0018, 0x14ca: 0x0018, 0x14cb: 0x0018,
+	0x14cc: 0x0018, 0x14cd: 0x0018, 0x14ce: 0x0018, 0x14cf: 0x0018, 0x14d0: 0x1c61, 0x14d1: 0x1c69,
+	0x14d2: 0x1c69, 0x14d3: 0x1c71, 0x14d4: 0x1c79, 0x14d5: 0x1c81, 0x14d6: 0x1c89, 0x14d7: 0x1c91,
+	0x14d8: 0x1c99, 0x14d9: 0x1c99, 0x14da: 0x1ca1, 0x14db: 0x1ca9, 0x14dc: 0x1cb1, 0x14dd: 0x1cb9,
+	0x14de: 0x1cc1, 0x14df: 0x1cc9, 0x14e0: 0x1cc9, 0x14e1: 0x1cd1, 0x14e2: 0x1cd9, 0x14e3: 0x1cd9,
+	0x14e4: 0x1ce1, 0x14e5: 0x1ce1, 0x14e6: 0x1ce9, 0x14e7: 0x1cf1, 0x14e8: 0x1cf1, 0x14e9: 0x1cf9,
+	0x14ea: 0x1d01, 0x14eb: 0x1d01, 0x14ec: 0x1d09, 0x14ed: 0x1d09, 0x14ee: 0x1d11, 0x14ef: 0x1d19,
+	0x14f0: 0x1d19, 0x14f1: 0x1d21, 0x14f2: 0x1d21, 0x14f3: 0x1d29, 0x14f4: 0x1d31, 0x14f5: 0x1d39,
+	0x14f6: 0x1d41, 0x14f7: 0x1d41, 0x14f8: 0x1d49, 0x14f9: 0x1d51, 0x14fa: 0x1d59, 0x14fb: 0x1d61,
+	0x14fc: 0x1d69, 0x14fd: 0x1d69, 0x14fe: 0x1d71, 0x14ff: 0x1d79,
+	// Block 0x54, offset 0x1500
+	0x1500: 0x1f29, 0x1501: 0x1f31, 0x1502: 0x1f39, 0x1503: 0x1f11, 0x1504: 0x1d39, 0x1505: 0x1ce9,
+	0x1506: 0x1f41, 0x1507: 0x1f49, 0x1508: 0x0040, 0x1509: 0x0040, 0x150a: 0x0040, 0x150b: 0x0040,
+	0x150c: 0x0040, 0x150d: 0x0040, 0x150e: 0x0040, 0x150f: 0x0018, 0x1510: 0x0040, 0x1511: 0x0040,
+	0x1512: 0x0040, 0x1513: 0x0040, 0x1514: 0x0040, 0x1515: 0x0040, 0x1516: 0x0040, 0x1517: 0x0040,
+	0x1518: 0x0040, 0x1519: 0x0040, 0x151a: 0x0040, 0x151b: 0x0040, 0x151c: 0x0040, 0x151d: 0x0040,
+	0x151e: 0x0040, 0x151f: 0x0040, 0x1520: 0x0040, 0x1521: 0x0040, 0x1522: 0x0040, 0x1523: 0x0040,
+	0x1524: 0x0040, 0x1525: 0x0040, 0x1526: 0x0040, 0x1527: 0x0040, 0x1528: 0x0040, 0x1529: 0x0040,
+	0x152a: 0x0040, 0x152b: 0x0040, 0x152c: 0x0040, 0x152d: 0x0040, 0x152e: 0x0040, 0x152f: 0x0040,
+	0x1530: 0x1f51, 0x1531: 0x1f59, 0x1532: 0x1f61, 0x1533: 0x1f69, 0x1534: 0x1f71, 0x1535: 0x1f79,
+	0x1536: 0x1f81, 0x1537: 0x1f89, 0x1538: 0x1f91, 0x1539: 0x1f99, 0x153a: 0x1fa2, 0x153b: 0x1faa,
+	0x153c: 0x1fb1, 0x153d: 0x0018, 0x153e: 0x0018, 0x153f: 0x0018,
+	// Block 0x55, offset 0x1540
+	0x1540: 0x33c0, 0x1541: 0x33c0, 0x1542: 0x33c0, 0x1543: 0x33c0, 0x1544: 0x33c0, 0x1545: 0x33c0,
+	0x1546: 0x33c0, 0x1547: 0x33c0, 0x1548: 0x33c0, 0x1549: 0x33c0, 0x154a: 0x33c0, 0x154b: 0x33c0,
+	0x154c: 0x33c0, 0x154d: 0x33c0, 0x154e: 0x33c0, 0x154f: 0x33c0, 0x1550: 0x1fba, 0x1551: 0x7d8d,
+	0x1552: 0x0040, 0x1553: 0x1fc2, 0x1554: 0x0122, 0x1555: 0x1fca, 0x1556: 0x1fd2, 0x1557: 0x7dad,
+	0x1558: 0x7dcd, 0x1559: 0x0040, 0x155a: 0x0040, 0x155b: 0x0040, 0x155c: 0x0040, 0x155d: 0x0040,
+	0x155e: 0x0040, 0x155f: 0x0040, 0x1560: 0x3308, 0x1561: 0x3308, 0x1562: 0x3308, 0x1563: 0x3308,
+	0x1564: 0x3308, 0x1565: 0x3308, 0x1566: 0x3308, 0x1567: 0x3308, 0x1568: 0x3308, 0x1569: 0x3308,
+	0x156a: 0x3308, 0x156b: 0x3308, 0x156c: 0x3308, 0x156d: 0x3308, 0x156e: 0x3308, 0x156f: 0x3308,
+	0x1570: 0x0040, 0x1571: 0x7ded, 0x1572: 0x7e0d, 0x1573: 0x1fda, 0x1574: 0x1fda, 0x1575: 0x072a,
+	0x1576: 0x0732, 0x1577: 0x1fe2, 0x1578: 0x1fea, 0x1579: 0x7e2d, 0x157a: 0x7e4d, 0x157b: 0x7e6d,
+	0x157c: 0x7e2d, 0x157d: 0x7e8d, 0x157e: 0x7ead, 0x157f: 0x7e8d,
+	// Block 0x56, offset 0x1580
+	0x1580: 0x7ecd, 0x1581: 0x7eed, 0x1582: 0x7f0d, 0x1583: 0x7eed, 0x1584: 0x7f2d, 0x1585: 0x0018,
+	0x1586: 0x0018, 0x1587: 0x1ff2, 0x1588: 0x1ffa, 0x1589: 0x7f4e, 0x158a: 0x7f6e, 0x158b: 0x7f8e,
+	0x158c: 0x7fae, 0x158d: 0x1fda, 0x158e: 0x1fda, 0x158f: 0x1fda, 0x1590: 0x1fba, 0x1591: 0x7fcd,
+	0x1592: 0x0040, 0x1593: 0x0040, 0x1594: 0x0122, 0x1595: 0x1fc2, 0x1596: 0x1fd2, 0x1597: 0x1fca,
+	0x1598: 0x7fed, 0x1599: 0x072a, 0x159a: 0x0732, 0x159b: 0x1fe2, 0x159c: 0x1fea, 0x159d: 0x7ecd,
+	0x159e: 0x7f2d, 0x159f: 0x2002, 0x15a0: 0x200a, 0x15a1: 0x2012, 0x15a2: 0x071a, 0x15a3: 0x2019,
+	0x15a4: 0x2022, 0x15a5: 0x202a, 0x15a6: 0x0722, 0x15a7: 0x0040, 0x15a8: 0x2032, 0x15a9: 0x203a,
+	0x15aa: 0x2042, 0x15ab: 0x204a, 0x15ac: 0x0040, 0x15ad: 0x0040, 0x15ae: 0x0040, 0x15af: 0x0040,
+	0x15b0: 0x800e, 0x15b1: 0x2051, 0x15b2: 0x802e, 0x15b3: 0x0808, 0x15b4: 0x804e, 0x15b5: 0x0040,
+	0x15b6: 0x806e, 0x15b7: 0x2059, 0x15b8: 0x808e, 0x15b9: 0x2061, 0x15ba: 0x80ae, 0x15bb: 0x2069,
+	0x15bc: 0x80ce, 0x15bd: 0x2071, 0x15be: 0x80ee, 0x15bf: 0x2079,
+	// Block 0x57, offset 0x15c0
+	0x15c0: 0x2081, 0x15c1: 0x2089, 0x15c2: 0x2089, 0x15c3: 0x2091, 0x15c4: 0x2091, 0x15c5: 0x2099,
+	0x15c6: 0x2099, 0x15c7: 0x20a1, 0x15c8: 0x20a1, 0x15c9: 0x20a9, 0x15ca: 0x20a9, 0x15cb: 0x20a9,
+	0x15cc: 0x20a9, 0x15cd: 0x20b1, 0x15ce: 0x20b1, 0x15cf: 0x20b9, 0x15d0: 0x20b9, 0x15d1: 0x20b9,
+	0x15d2: 0x20b9, 0x15d3: 0x20c1, 0x15d4: 0x20c1, 0x15d5: 0x20c9, 0x15d6: 0x20c9, 0x15d7: 0x20c9,
+	0x15d8: 0x20c9, 0x15d9: 0x20d1, 0x15da: 0x20d1, 0x15db: 0x20d1, 0x15dc: 0x20d1, 0x15dd: 0x20d9,
+	0x15de: 0x20d9, 0x15df: 0x20d9, 0x15e0: 0x20d9, 0x15e1: 0x20e1, 0x15e2: 0x20e1, 0x15e3: 0x20e1,
+	0x15e4: 0x20e1, 0x15e5: 0x20e9, 0x15e6: 0x20e9, 0x15e7: 0x20e9, 0x15e8: 0x20e9, 0x15e9: 0x20f1,
+	0x15ea: 0x20f1, 0x15eb: 0x20f9, 0x15ec: 0x20f9, 0x15ed: 0x2101, 0x15ee: 0x2101, 0x15ef: 0x2109,
+	0x15f0: 0x2109, 0x15f1: 0x2111, 0x15f2: 0x2111, 0x15f3: 0x2111, 0x15f4: 0x2111, 0x15f5: 0x2119,
+	0x15f6: 0x2119, 0x15f7: 0x2119, 0x15f8: 0x2119, 0x15f9: 0x2121, 0x15fa: 0x2121, 0x15fb: 0x2121,
+	0x15fc: 0x2121, 0x15fd: 0x2129, 0x15fe: 0x2129, 0x15ff: 0x2129,
+	// Block 0x58, offset 0x1600
+	0x1600: 0x2129, 0x1601: 0x2131, 0x1602: 0x2131, 0x1603: 0x2131, 0x1604: 0x2131, 0x1605: 0x2139,
+	0x1606: 0x2139, 0x1607: 0x2139, 0x1608: 0x2139, 0x1609: 0x2141, 0x160a: 0x2141, 0x160b: 0x2141,
+	0x160c: 0x2141, 0x160d: 0x2149, 0x160e: 0x2149, 0x160f: 0x2149, 0x1610: 0x2149, 0x1611: 0x2151,
+	0x1612: 0x2151, 0x1613: 0x2151, 0x1614: 0x2151, 0x1615: 0x2159, 0x1616: 0x2159, 0x1617: 0x2159,
+	0x1618: 0x2159, 0x1619: 0x2161, 0x161a: 0x2161, 0x161b: 0x2161, 0x161c: 0x2161, 0x161d: 0x2169,
+	0x161e: 0x2169, 0x161f: 0x2169, 0x1620: 0x2169, 0x1621: 0x2171, 0x1622: 0x2171, 0x1623: 0x2171,
+	0x1624: 0x2171, 0x1625: 0x2179, 0x1626: 0x2179, 0x1627: 0x2179, 0x1628: 0x2179, 0x1629: 0x2181,
+	0x162a: 0x2181, 0x162b: 0x2181, 0x162c: 0x2181, 0x162d: 0x2189, 0x162e: 0x2189, 0x162f: 0x1701,
+	0x1630: 0x1701, 0x1631: 0x2191, 0x1632: 0x2191, 0x1633: 0x2191, 0x1634: 0x2191, 0x1635: 0x2199,
+	0x1636: 0x2199, 0x1637: 0x21a1, 0x1638: 0x21a1, 0x1639: 0x21a9, 0x163a: 0x21a9, 0x163b: 0x21b1,
+	0x163c: 0x21b1, 0x163d: 0x0040, 0x163e: 0x0040, 0x163f: 0x03c0,
+	// Block 0x59, offset 0x1640
+	0x1640: 0x0040, 0x1641: 0x1fca, 0x1642: 0x21ba, 0x1643: 0x2002, 0x1644: 0x203a, 0x1645: 0x2042,
+	0x1646: 0x200a, 0x1647: 0x21c2, 0x1648: 0x072a, 0x1649: 0x0732, 0x164a: 0x2012, 0x164b: 0x071a,
+	0x164c: 0x1fba, 0x164d: 0x2019, 0x164e: 0x0961, 0x164f: 0x21ca, 0x1650: 0x06e1, 0x1651: 0x0049,
+	0x1652: 0x0029, 0x1653: 0x0031, 0x1654: 0x06e9, 0x1655: 0x06f1, 0x1656: 0x06f9, 0x1657: 0x0701,
+	0x1658: 0x0709, 0x1659: 0x0711, 0x165a: 0x1fc2, 0x165b: 0x0122, 0x165c: 0x2022, 0x165d: 0x0722,
+	0x165e: 0x202a, 0x165f: 0x1fd2, 0x1660: 0x204a, 0x1661: 0x0019, 0x1662: 0x02e9, 0x1663: 0x03d9,
+	0x1664: 0x02f1, 0x1665: 0x02f9, 0x1666: 0x03f1, 0x1667: 0x0309, 0x1668: 0x00a9, 0x1669: 0x0311,
+	0x166a: 0x00b1, 0x166b: 0x0319, 0x166c: 0x0101, 0x166d: 0x0321, 0x166e: 0x0329, 0x166f: 0x0051,
+	0x1670: 0x0339, 0x1671: 0x0751, 0x1672: 0x00b9, 0x1673: 0x0089, 0x1674: 0x0341, 0x1675: 0x0349,
+	0x1676: 0x0391, 0x1677: 0x00c1, 0x1678: 0x0109, 0x1679: 0x00c9, 0x167a: 0x04b1, 0x167b: 0x1ff2,
+	0x167c: 0x2032, 0x167d: 0x1ffa, 0x167e: 0x21d2, 0x167f: 0x1fda,
+	// Block 0x5a, offset 0x1680
+	0x1680: 0x0672, 0x1681: 0x0019, 0x1682: 0x02e9, 0x1683: 0x03d9, 0x1684: 0x02f1, 0x1685: 0x02f9,
+	0x1686: 0x03f1, 0x1687: 0x0309, 0x1688: 0x00a9, 0x1689: 0x0311, 0x168a: 0x00b1, 0x168b: 0x0319,
+	0x168c: 0x0101, 0x168d: 0x0321, 0x168e: 0x0329, 0x168f: 0x0051, 0x1690: 0x0339, 0x1691: 0x0751,
+	0x1692: 0x00b9, 0x1693: 0x0089, 0x1694: 0x0341, 0x1695: 0x0349, 0x1696: 0x0391, 0x1697: 0x00c1,
+	0x1698: 0x0109, 0x1699: 0x00c9, 0x169a: 0x04b1, 0x169b: 0x1fe2, 0x169c: 0x21da, 0x169d: 0x1fea,
+	0x169e: 0x21e2, 0x169f: 0x810d, 0x16a0: 0x812d, 0x16a1: 0x0961, 0x16a2: 0x814d, 0x16a3: 0x814d,
+	0x16a4: 0x816d, 0x16a5: 0x818d, 0x16a6: 0x81ad, 0x16a7: 0x81cd, 0x16a8: 0x81ed, 0x16a9: 0x820d,
+	0x16aa: 0x822d, 0x16ab: 0x824d, 0x16ac: 0x826d, 0x16ad: 0x828d, 0x16ae: 0x82ad, 0x16af: 0x82cd,
+	0x16b0: 0x82ed, 0x16b1: 0x830d, 0x16b2: 0x832d, 0x16b3: 0x834d, 0x16b4: 0x836d, 0x16b5: 0x838d,
+	0x16b6: 0x83ad, 0x16b7: 0x83cd, 0x16b8: 0x83ed, 0x16b9: 0x840d, 0x16ba: 0x842d, 0x16bb: 0x844d,
+	0x16bc: 0x81ed, 0x16bd: 0x846d, 0x16be: 0x848d, 0x16bf: 0x824d,
+	// Block 0x5b, offset 0x16c0
+	0x16c0: 0x84ad, 0x16c1: 0x84cd, 0x16c2: 0x84ed, 0x16c3: 0x850d, 0x16c4: 0x852d, 0x16c5: 0x854d,
+	0x16c6: 0x856d, 0x16c7: 0x858d, 0x16c8: 0x850d, 0x16c9: 0x85ad, 0x16ca: 0x850d, 0x16cb: 0x85cd,
+	0x16cc: 0x85cd, 0x16cd: 0x85ed, 0x16ce: 0x85ed, 0x16cf: 0x860d, 0x16d0: 0x854d, 0x16d1: 0x862d,
+	0x16d2: 0x864d, 0x16d3: 0x862d, 0x16d4: 0x866d, 0x16d5: 0x864d, 0x16d6: 0x868d, 0x16d7: 0x868d,
+	0x16d8: 0x86ad, 0x16d9: 0x86ad, 0x16da: 0x86cd, 0x16db: 0x86cd, 0x16dc: 0x864d, 0x16dd: 0x814d,
+	0x16de: 0x86ed, 0x16df: 0x870d, 0x16e0: 0x0040, 0x16e1: 0x872d, 0x16e2: 0x874d, 0x16e3: 0x876d,
+	0x16e4: 0x878d, 0x16e5: 0x876d, 0x16e6: 0x87ad, 0x16e7: 0x87cd, 0x16e8: 0x87ed, 0x16e9: 0x87ed,
+	0x16ea: 0x880d, 0x16eb: 0x880d, 0x16ec: 0x882d, 0x16ed: 0x882d, 0x16ee: 0x880d, 0x16ef: 0x880d,
+	0x16f0: 0x884d, 0x16f1: 0x886d, 0x16f2: 0x888d, 0x16f3: 0x88ad, 0x16f4: 0x88cd, 0x16f5: 0x88ed,
+	0x16f6: 0x88ed, 0x16f7: 0x88ed, 0x16f8: 0x890d, 0x16f9: 0x890d, 0x16fa: 0x890d, 0x16fb: 0x890d,
+	0x16fc: 0x87ed, 0x16fd: 0x87ed, 0x16fe: 0x87ed, 0x16ff: 0x0040,
+	// Block 0x5c, offset 0x1700
+	0x1700: 0x0040, 0x1701: 0x0040, 0x1702: 0x874d, 0x1703: 0x872d, 0x1704: 0x892d, 0x1705: 0x872d,
+	0x1706: 0x874d, 0x1707: 0x872d, 0x1708: 0x0040, 0x1709: 0x0040, 0x170a: 0x894d, 0x170b: 0x874d,
+	0x170c: 0x896d, 0x170d: 0x892d, 0x170e: 0x896d, 0x170f: 0x874d, 0x1710: 0x0040, 0x1711: 0x0040,
+	0x1712: 0x898d, 0x1713: 0x89ad, 0x1714: 0x88ad, 0x1715: 0x896d, 0x1716: 0x892d, 0x1717: 0x896d,
+	0x1718: 0x0040, 0x1719: 0x0040, 0x171a: 0x89cd, 0x171b: 0x89ed, 0x171c: 0x89cd, 0x171d: 0x0040,
+	0x171e: 0x0040, 0x171f: 0x0040, 0x1720: 0x21e9, 0x1721: 0x21f1, 0x1722: 0x21f9, 0x1723: 0x8a0e,
+	0x1724: 0x2201, 0x1725: 0x2209, 0x1726: 0x8a2d, 0x1727: 0x0040, 0x1728: 0x8a4d, 0x1729: 0x8a6d,
+	0x172a: 0x8a8d, 0x172b: 0x8a6d, 0x172c: 0x8aad, 0x172d: 0x8acd, 0x172e: 0x8aed, 0x172f: 0x0040,
+	0x1730: 0x0040, 0x1731: 0x0040, 0x1732: 0x0040, 0x1733: 0x0040, 0x1734: 0x0040, 0x1735: 0x0040,
+	0x1736: 0x0040, 0x1737: 0x0040, 0x1738: 0x0040, 0x1739: 0x0340, 0x173a: 0x0340, 0x173b: 0x0340,
+	0x173c: 0x0040, 0x173d: 0x0040, 0x173e: 0x0040, 0x173f: 0x0040,
+	// Block 0x5d, offset 0x1740
+	0x1740: 0x0008, 0x1741: 0x0008, 0x1742: 0x0008, 0x1743: 0x0008, 0x1744: 0x0008, 0x1745: 0x0008,
+	0x1746: 0x0008, 0x1747: 0x0008, 0x1748: 0x0008, 0x1749: 0x0008, 0x174a: 0x0008, 0x174b: 0x0008,
+	0x174c: 0x0008, 0x174d: 0x0008, 0x174e: 0x0008, 0x174f: 0x0008, 0x1750: 0x0008, 0x1751: 0x0008,
+	0x1752: 0x0008, 0x1753: 0x0008, 0x1754: 0x0008, 0x1755: 0x0008, 0x1756: 0x0008, 0x1757: 0x0008,
+	0x1758: 0x0008, 0x1759: 0x0008, 0x175a: 0x0008, 0x175b: 0x0008, 0x175c: 0x0008, 0x175d: 0x0008,
+	0x175e: 0x0008, 0x175f: 0x0008, 0x1760: 0x0008, 0x1761: 0x0008, 0x1762: 0x0008, 0x1763: 0x0008,
+	0x1764: 0x0040, 0x1765: 0x0040, 0x1766: 0x0040, 0x1767: 0x0040, 0x1768: 0x0040, 0x1769: 0x0040,
+	0x176a: 0x0040, 0x176b: 0x0040, 0x176c: 0x0040, 0x176d: 0x0040, 0x176e: 0x0040, 0x176f: 0x0018,
+	0x1770: 0x8b3d, 0x1771: 0x8b55, 0x1772: 0x8b6d, 0x1773: 0x8b55, 0x1774: 0x8b85, 0x1775: 0x8b55,
+	0x1776: 0x8b6d, 0x1777: 0x8b55, 0x1778: 0x8b3d, 0x1779: 0x8b9d, 0x177a: 0x8bb5, 0x177b: 0x0040,
+	0x177c: 0x8bcd, 0x177d: 0x8b9d, 0x177e: 0x8bb5, 0x177f: 0x8b9d,
+	// Block 0x5e, offset 0x1780
+	0x1780: 0xe13d, 0x1781: 0xe14d, 0x1782: 0xe15d, 0x1783: 0xe14d, 0x1784: 0xe17d, 0x1785: 0xe14d,
+	0x1786: 0xe15d, 0x1787: 0xe14d, 0x1788: 0xe13d, 0x1789: 0xe1cd, 0x178a: 0xe1dd, 0x178b: 0x0040,
+	0x178c: 0xe1fd, 0x178d: 0xe1cd, 0x178e: 0xe1dd, 0x178f: 0xe1cd, 0x1790: 0xe13d, 0x1791: 0xe14d,
+	0x1792: 0xe15d, 0x1793: 0x0040, 0x1794: 0xe17d, 0x1795: 0xe14d, 0x1796: 0x0040, 0x1797: 0x0008,
+	0x1798: 0x0008, 0x1799: 0x0008, 0x179a: 0x0008, 0x179b: 0x0008, 0x179c: 0x0008, 0x179d: 0x0008,
+	0x179e: 0x0008, 0x179f: 0x0008, 0x17a0: 0x0008, 0x17a1: 0x0008, 0x17a2: 0x0040, 0x17a3: 0x0008,
+	0x17a4: 0x0008, 0x17a5: 0x0008, 0x17a6: 0x0008, 0x17a7: 0x0008, 0x17a8: 0x0008, 0x17a9: 0x0008,
+	0x17aa: 0x0008, 0x17ab: 0x0008, 0x17ac: 0x0008, 0x17ad: 0x0008, 0x17ae: 0x0008, 0x17af: 0x0008,
+	0x17b0: 0x0008, 0x17b1: 0x0008, 0x17b2: 0x0040, 0x17b3: 0x0008, 0x17b4: 0x0008, 0x17b5: 0x0008,
+	0x17b6: 0x0008, 0x17b7: 0x0008, 0x17b8: 0x0008, 0x17b9: 0x0008, 0x17ba: 0x0040, 0x17bb: 0x0008,
+	0x17bc: 0x0008, 0x17bd: 0x0040, 0x17be: 0x0040, 0x17bf: 0x0040,
+	// Block 0x5f, offset 0x17c0
+	0x17c0: 0x0008, 0x17c1: 0x2211, 0x17c2: 0x2219, 0x17c3: 0x02e1, 0x17c4: 0x2221, 0x17c5: 0x2229,
+	0x17c6: 0x0040, 0x17c7: 0x2231, 0x17c8: 0x2239, 0x17c9: 0x2241, 0x17ca: 0x2249, 0x17cb: 0x2251,
+	0x17cc: 0x2259, 0x17cd: 0x2261, 0x17ce: 0x2269, 0x17cf: 0x2271, 0x17d0: 0x2279, 0x17d1: 0x2281,
+	0x17d2: 0x2289, 0x17d3: 0x2291, 0x17d4: 0x2299, 0x17d5: 0x0741, 0x17d6: 0x22a1, 0x17d7: 0x22a9,
+	0x17d8: 0x22b1, 0x17d9: 0x22b9, 0x17da: 0x22c1, 0x17db: 0x13d9, 0x17dc: 0x8be5, 0x17dd: 0x22c9,
+	0x17de: 0x22d1, 0x17df: 0x8c05, 0x17e0: 0x22d9, 0x17e1: 0x8c25, 0x17e2: 0x22e1, 0x17e3: 0x22e9,
+	0x17e4: 0x22f1, 0x17e5: 0x0751, 0x17e6: 0x22f9, 0x17e7: 0x8c45, 0x17e8: 0x0949, 0x17e9: 0x2301,
+	0x17ea: 0x2309, 0x17eb: 0x2311, 0x17ec: 0x2319, 0x17ed: 0x2321, 0x17ee: 0x2329, 0x17ef: 0x2331,
+	0x17f0: 0x2339, 0x17f1: 0x0040, 0x17f2: 0x2341, 0x17f3: 0x2349, 0x17f4: 0x2351, 0x17f5: 0x2359,
+	0x17f6: 0x2361, 0x17f7: 0x2369, 0x17f8: 0x2371, 0x17f9: 0x8c65, 0x17fa: 0x8c85, 0x17fb: 0x0040,
+	0x17fc: 0x0040, 0x17fd: 0x0040, 0x17fe: 0x0040, 0x17ff: 0x0040,
+	// Block 0x60, offset 0x1800
+	0x1800: 0x0a08, 0x1801: 0x0a08, 0x1802: 0x0a08, 0x1803: 0x0a08, 0x1804: 0x0a08, 0x1805: 0x0c08,
+	0x1806: 0x0808, 0x1807: 0x0c08, 0x1808: 0x0818, 0x1809: 0x0c08, 0x180a: 0x0c08, 0x180b: 0x0808,
+	0x180c: 0x0808, 0x180d: 0x0908, 0x180e: 0x0c08, 0x180f: 0x0c08, 0x1810: 0x0c08, 0x1811: 0x0c08,
+	0x1812: 0x0c08, 0x1813: 0x0a08, 0x1814: 0x0a08, 0x1815: 0x0a08, 0x1816: 0x0a08, 0x1817: 0x0908,
+	0x1818: 0x0a08, 0x1819: 0x0a08, 0x181a: 0x0a08, 0x181b: 0x0a08, 0x181c: 0x0a08, 0x181d: 0x0c08,
+	0x181e: 0x0a08, 0x181f: 0x0a08, 0x1820: 0x0a08, 0x1821: 0x0c08, 0x1822: 0x0808, 0x1823: 0x0808,
+	0x1824: 0x0c08, 0x1825: 0x3308, 0x1826: 0x3308, 0x1827: 0x0040, 0x1828: 0x0040, 0x1829: 0x0040,
+	0x182a: 0x0040, 0x182b: 0x0a18, 0x182c: 0x0a18, 0x182d: 0x0a18, 0x182e: 0x0a18, 0x182f: 0x0c18,
+	0x1830: 0x0818, 0x1831: 0x0818, 0x1832: 0x0818, 0x1833: 0x0818, 0x1834: 0x0818, 0x1835: 0x0818,
+	0x1836: 0x0818, 0x1837: 0x0040, 0x1838: 0x0040, 0x1839: 0x0040, 0x183a: 0x0040, 0x183b: 0x0040,
+	0x183c: 0x0040, 0x183d: 0x0040, 0x183e: 0x0040, 0x183f: 0x0040,
+	// Block 0x61, offset 0x1840
+	0x1840: 0x0a08, 0x1841: 0x0c08, 0x1842: 0x0a08, 0x1843: 0x0c08, 0x1844: 0x0c08, 0x1845: 0x0c08,
+	0x1846: 0x0a08, 0x1847: 0x0a08, 0x1848: 0x0a08, 0x1849: 0x0c08, 0x184a: 0x0a08, 0x184b: 0x0a08,
+	0x184c: 0x0c08, 0x184d: 0x0a08, 0x184e: 0x0c08, 0x184f: 0x0c08, 0x1850: 0x0a08, 0x1851: 0x0c08,
+	0x1852: 0x0040, 0x1853: 0x0040, 0x1854: 0x0040, 0x1855: 0x0040, 0x1856: 0x0040, 0x1857: 0x0040,
+	0x1858: 0x0040, 0x1859: 0x0818, 0x185a: 0x0818, 0x185b: 0x0818, 0x185c: 0x0818, 0x185d: 0x0040,
+	0x185e: 0x0040, 0x185f: 0x0040, 0x1860: 0x0040, 0x1861: 0x0040, 0x1862: 0x0040, 0x1863: 0x0040,
+	0x1864: 0x0040, 0x1865: 0x0040, 0x1866: 0x0040, 0x1867: 0x0040, 0x1868: 0x0040, 0x1869: 0x0c18,
+	0x186a: 0x0c18, 0x186b: 0x0c18, 0x186c: 0x0c18, 0x186d: 0x0a18, 0x186e: 0x0a18, 0x186f: 0x0818,
+	0x1870: 0x0040, 0x1871: 0x0040, 0x1872: 0x0040, 0x1873: 0x0040, 0x1874: 0x0040, 0x1875: 0x0040,
+	0x1876: 0x0040, 0x1877: 0x0040, 0x1878: 0x0040, 0x1879: 0x0040, 0x187a: 0x0040, 0x187b: 0x0040,
+	0x187c: 0x0040, 0x187d: 0x0040, 0x187e: 0x0040, 0x187f: 0x0040,
+	// Block 0x62, offset 0x1880
+	0x1880: 0x3308, 0x1881: 0x3308, 0x1882: 0x3008, 0x1883: 0x3008, 0x1884: 0x0040, 0x1885: 0x0008,
+	0x1886: 0x0008, 0x1887: 0x0008, 0x1888: 0x0008, 0x1889: 0x0008, 0x188a: 0x0008, 0x188b: 0x0008,
+	0x188c: 0x0008, 0x188d: 0x0040, 0x188e: 0x0040, 0x188f: 0x0008, 0x1890: 0x0008, 0x1891: 0x0040,
+	0x1892: 0x0040, 0x1893: 0x0008, 0x1894: 0x0008, 0x1895: 0x0008, 0x1896: 0x0008, 0x1897: 0x0008,
+	0x1898: 0x0008, 0x1899: 0x0008, 0x189a: 0x0008, 0x189b: 0x0008, 0x189c: 0x0008, 0x189d: 0x0008,
+	0x189e: 0x0008, 0x189f: 0x0008, 0x18a0: 0x0008, 0x18a1: 0x0008, 0x18a2: 0x0008, 0x18a3: 0x0008,
+	0x18a4: 0x0008, 0x18a5: 0x0008, 0x18a6: 0x0008, 0x18a7: 0x0008, 0x18a8: 0x0008, 0x18a9: 0x0040,
+	0x18aa: 0x0008, 0x18ab: 0x0008, 0x18ac: 0x0008, 0x18ad: 0x0008, 0x18ae: 0x0008, 0x18af: 0x0008,
+	0x18b0: 0x0008, 0x18b1: 0x0040, 0x18b2: 0x0008, 0x18b3: 0x0008, 0x18b4: 0x0040, 0x18b5: 0x0008,
+	0x18b6: 0x0008, 0x18b7: 0x0008, 0x18b8: 0x0008, 0x18b9: 0x0008, 0x18ba: 0x0040, 0x18bb: 0x3308,
+	0x18bc: 0x3308, 0x18bd: 0x0008, 0x18be: 0x3008, 0x18bf: 0x3008,
+	// Block 0x63, offset 0x18c0
+	0x18c0: 0x3308, 0x18c1: 0x3008, 0x18c2: 0x3008, 0x18c3: 0x3008, 0x18c4: 0x3008, 0x18c5: 0x0040,
+	0x18c6: 0x0040, 0x18c7: 0x3008, 0x18c8: 0x3008, 0x18c9: 0x0040, 0x18ca: 0x0040, 0x18cb: 0x3008,
+	0x18cc: 0x3008, 0x18cd: 0x3808, 0x18ce: 0x0040, 0x18cf: 0x0040, 0x18d0: 0x0008, 0x18d1: 0x0040,
+	0x18d2: 0x0040, 0x18d3: 0x0040, 0x18d4: 0x0040, 0x18d5: 0x0040, 0x18d6: 0x0040, 0x18d7: 0x3008,
+	0x18d8: 0x0040, 0x18d9: 0x0040, 0x18da: 0x0040, 0x18db: 0x0040, 0x18dc: 0x0040, 0x18dd: 0x0008,
+	0x18de: 0x0008, 0x18df: 0x0008, 0x18e0: 0x0008, 0x18e1: 0x0008, 0x18e2: 0x3008, 0x18e3: 0x3008,
+	0x18e4: 0x0040, 0x18e5: 0x0040, 0x18e6: 0x3308, 0x18e7: 0x3308, 0x18e8: 0x3308, 0x18e9: 0x3308,
+	0x18ea: 0x3308, 0x18eb: 0x3308, 0x18ec: 0x3308, 0x18ed: 0x0040, 0x18ee: 0x0040, 0x18ef: 0x0040,
+	0x18f0: 0x3308, 0x18f1: 0x3308, 0x18f2: 0x3308, 0x18f3: 0x3308, 0x18f4: 0x3308, 0x18f5: 0x0040,
+	0x18f6: 0x0040, 0x18f7: 0x0040, 0x18f8: 0x0040, 0x18f9: 0x0040, 0x18fa: 0x0040, 0x18fb: 0x0040,
+	0x18fc: 0x0040, 0x18fd: 0x0040, 0x18fe: 0x0040, 0x18ff: 0x0040,
+	// Block 0x64, offset 0x1900
+	0x1900: 0x0008, 0x1901: 0x0008, 0x1902: 0x0008, 0x1903: 0x0008, 0x1904: 0x0008, 0x1905: 0x0008,
+	0x1906: 0x0008, 0x1907: 0x0040, 0x1908: 0x0040, 0x1909: 0x0008, 0x190a: 0x0040, 0x190b: 0x0040,
+	0x190c: 0x0008, 0x190d: 0x0008, 0x190e: 0x0008, 0x190f: 0x0008, 0x1910: 0x0008, 0x1911: 0x0008,
+	0x1912: 0x0008, 0x1913: 0x0008, 0x1914: 0x0040, 0x1915: 0x0008, 0x1916: 0x0008, 0x1917: 0x0040,
+	0x1918: 0x0008, 0x1919: 0x0008, 0x191a: 0x0008, 0x191b: 0x0008, 0x191c: 0x0008, 0x191d: 0x0008,
+	0x191e: 0x0008, 0x191f: 0x0008, 0x1920: 0x0008, 0x1921: 0x0008, 0x1922: 0x0008, 0x1923: 0x0008,
+	0x1924: 0x0008, 0x1925: 0x0008, 0x1926: 0x0008, 0x1927: 0x0008, 0x1928: 0x0008, 0x1929: 0x0008,
+	0x192a: 0x0008, 0x192b: 0x0008, 0x192c: 0x0008, 0x192d: 0x0008, 0x192e: 0x0008, 0x192f: 0x0008,
+	0x1930: 0x3008, 0x1931: 0x3008, 0x1932: 0x3008, 0x1933: 0x3008, 0x1934: 0x3008, 0x1935: 0x3008,
+	0x1936: 0x0040, 0x1937: 0x3008, 0x1938: 0x3008, 0x1939: 0x0040, 0x193a: 0x0040, 0x193b: 0x3308,
+	0x193c: 0x3308, 0x193d: 0x3808, 0x193e: 0x3b08, 0x193f: 0x0008,
+	// Block 0x65, offset 0x1940
+	0x1940: 0x0019, 0x1941: 0x02e9, 0x1942: 0x03d9, 0x1943: 0x02f1, 0x1944: 0x02f9, 0x1945: 0x03f1,
+	0x1946: 0x0309, 0x1947: 0x00a9, 0x1948: 0x0311, 0x1949: 0x00b1, 0x194a: 0x0319, 0x194b: 0x0101,
+	0x194c: 0x0321, 0x194d: 0x0329, 0x194e: 0x0051, 0x194f: 0x0339, 0x1950: 0x0751, 0x1951: 0x00b9,
+	0x1952: 0x0089, 0x1953: 0x0341, 0x1954: 0x0349, 0x1955: 0x0391, 0x1956: 0x00c1, 0x1957: 0x0109,
+	0x1958: 0x00c9, 0x1959: 0x04b1, 0x195a: 0x0019, 0x195b: 0x02e9, 0x195c: 0x03d9, 0x195d: 0x02f1,
+	0x195e: 0x02f9, 0x195f: 0x03f1, 0x1960: 0x0309, 0x1961: 0x00a9, 0x1962: 0x0311, 0x1963: 0x00b1,
+	0x1964: 0x0319, 0x1965: 0x0101, 0x1966: 0x0321, 0x1967: 0x0329, 0x1968: 0x0051, 0x1969: 0x0339,
+	0x196a: 0x0751, 0x196b: 0x00b9, 0x196c: 0x0089, 0x196d: 0x0341, 0x196e: 0x0349, 0x196f: 0x0391,
+	0x1970: 0x00c1, 0x1971: 0x0109, 0x1972: 0x00c9, 0x1973: 0x04b1, 0x1974: 0x0019, 0x1975: 0x02e9,
+	0x1976: 0x03d9, 0x1977: 0x02f1, 0x1978: 0x02f9, 0x1979: 0x03f1, 0x197a: 0x0309, 0x197b: 0x00a9,
+	0x197c: 0x0311, 0x197d: 0x00b1, 0x197e: 0x0319, 0x197f: 0x0101,
+	// Block 0x66, offset 0x1980
+	0x1980: 0x0321, 0x1981: 0x0329, 0x1982: 0x0051, 0x1983: 0x0339, 0x1984: 0x0751, 0x1985: 0x00b9,
+	0x1986: 0x0089, 0x1987: 0x0341, 0x1988: 0x0349, 0x1989: 0x0391, 0x198a: 0x00c1, 0x198b: 0x0109,
+	0x198c: 0x00c9, 0x198d: 0x04b1, 0x198e: 0x0019, 0x198f: 0x02e9, 0x1990: 0x03d9, 0x1991: 0x02f1,
+	0x1992: 0x02f9, 0x1993: 0x03f1, 0x1994: 0x0309, 0x1995: 0x0040, 0x1996: 0x0311, 0x1997: 0x00b1,
+	0x1998: 0x0319, 0x1999: 0x0101, 0x199a: 0x0321, 0x199b: 0x0329, 0x199c: 0x0051, 0x199d: 0x0339,
+	0x199e: 0x0751, 0x199f: 0x00b9, 0x19a0: 0x0089, 0x19a1: 0x0341, 0x19a2: 0x0349, 0x19a3: 0x0391,
+	0x19a4: 0x00c1, 0x19a5: 0x0109, 0x19a6: 0x00c9, 0x19a7: 0x04b1, 0x19a8: 0x0019, 0x19a9: 0x02e9,
+	0x19aa: 0x03d9, 0x19ab: 0x02f1, 0x19ac: 0x02f9, 0x19ad: 0x03f1, 0x19ae: 0x0309, 0x19af: 0x00a9,
+	0x19b0: 0x0311, 0x19b1: 0x00b1, 0x19b2: 0x0319, 0x19b3: 0x0101, 0x19b4: 0x0321, 0x19b5: 0x0329,
+	0x19b6: 0x0051, 0x19b7: 0x0339, 0x19b8: 0x0751, 0x19b9: 0x00b9, 0x19ba: 0x0089, 0x19bb: 0x0341,
+	0x19bc: 0x0349, 0x19bd: 0x0391, 0x19be: 0x00c1, 0x19bf: 0x0109,
+	// Block 0x67, offset 0x19c0
+	0x19c0: 0x00c9, 0x19c1: 0x04b1, 0x19c2: 0x0019, 0x19c3: 0x02e9, 0x19c4: 0x03d9, 0x19c5: 0x02f1,
+	0x19c6: 0x02f9, 0x19c7: 0x03f1, 0x19c8: 0x0309, 0x19c9: 0x00a9, 0x19ca: 0x0311, 0x19cb: 0x00b1,
+	0x19cc: 0x0319, 0x19cd: 0x0101, 0x19ce: 0x0321, 0x19cf: 0x0329, 0x19d0: 0x0051, 0x19d1: 0x0339,
+	0x19d2: 0x0751, 0x19d3: 0x00b9, 0x19d4: 0x0089, 0x19d5: 0x0341, 0x19d6: 0x0349, 0x19d7: 0x0391,
+	0x19d8: 0x00c1, 0x19d9: 0x0109, 0x19da: 0x00c9, 0x19db: 0x04b1, 0x19dc: 0x0019, 0x19dd: 0x0040,
+	0x19de: 0x03d9, 0x19df: 0x02f1, 0x19e0: 0x0040, 0x19e1: 0x0040, 0x19e2: 0x0309, 0x19e3: 0x0040,
+	0x19e4: 0x0040, 0x19e5: 0x00b1, 0x19e6: 0x0319, 0x19e7: 0x0040, 0x19e8: 0x0040, 0x19e9: 0x0329,
+	0x19ea: 0x0051, 0x19eb: 0x0339, 0x19ec: 0x0751, 0x19ed: 0x0040, 0x19ee: 0x0089, 0x19ef: 0x0341,
+	0x19f0: 0x0349, 0x19f1: 0x0391, 0x19f2: 0x00c1, 0x19f3: 0x0109, 0x19f4: 0x00c9, 0x19f5: 0x04b1,
+	0x19f6: 0x0019, 0x19f7: 0x02e9, 0x19f8: 0x03d9, 0x19f9: 0x02f1, 0x19fa: 0x0040, 0x19fb: 0x03f1,
+	0x19fc: 0x0040, 0x19fd: 0x00a9, 0x19fe: 0x0311, 0x19ff: 0x00b1,
+	// Block 0x68, offset 0x1a00
+	0x1a00: 0x0319, 0x1a01: 0x0101, 0x1a02: 0x0321, 0x1a03: 0x0329, 0x1a04: 0x0040, 0x1a05: 0x0339,
+	0x1a06: 0x0751, 0x1a07: 0x00b9, 0x1a08: 0x0089, 0x1a09: 0x0341, 0x1a0a: 0x0349, 0x1a0b: 0x0391,
+	0x1a0c: 0x00c1, 0x1a0d: 0x0109, 0x1a0e: 0x00c9, 0x1a0f: 0x04b1, 0x1a10: 0x0019, 0x1a11: 0x02e9,
+	0x1a12: 0x03d9, 0x1a13: 0x02f1, 0x1a14: 0x02f9, 0x1a15: 0x03f1, 0x1a16: 0x0309, 0x1a17: 0x00a9,
+	0x1a18: 0x0311, 0x1a19: 0x00b1, 0x1a1a: 0x0319, 0x1a1b: 0x0101, 0x1a1c: 0x0321, 0x1a1d: 0x0329,
+	0x1a1e: 0x0051, 0x1a1f: 0x0339, 0x1a20: 0x0751, 0x1a21: 0x00b9, 0x1a22: 0x0089, 0x1a23: 0x0341,
+	0x1a24: 0x0349, 0x1a25: 0x0391, 0x1a26: 0x00c1, 0x1a27: 0x0109, 0x1a28: 0x00c9, 0x1a29: 0x04b1,
+	0x1a2a: 0x0019, 0x1a2b: 0x02e9, 0x1a2c: 0x03d9, 0x1a2d: 0x02f1, 0x1a2e: 0x02f9, 0x1a2f: 0x03f1,
+	0x1a30: 0x0309, 0x1a31: 0x00a9, 0x1a32: 0x0311, 0x1a33: 0x00b1, 0x1a34: 0x0319, 0x1a35: 0x0101,
+	0x1a36: 0x0321, 0x1a37: 0x0329, 0x1a38: 0x0051, 0x1a39: 0x0339, 0x1a3a: 0x0751, 0x1a3b: 0x00b9,
+	0x1a3c: 0x0089, 0x1a3d: 0x0341, 0x1a3e: 0x0349, 0x1a3f: 0x0391,
+	// Block 0x69, offset 0x1a40
+	0x1a40: 0x00c1, 0x1a41: 0x0109, 0x1a42: 0x00c9, 0x1a43: 0x04b1, 0x1a44: 0x0019, 0x1a45: 0x02e9,
+	0x1a46: 0x0040, 0x1a47: 0x02f1, 0x1a48: 0x02f9, 0x1a49: 0x03f1, 0x1a4a: 0x0309, 0x1a4b: 0x0040,
+	0x1a4c: 0x0040, 0x1a4d: 0x00b1, 0x1a4e: 0x0319, 0x1a4f: 0x0101, 0x1a50: 0x0321, 0x1a51: 0x0329,
+	0x1a52: 0x0051, 0x1a53: 0x0339, 0x1a54: 0x0751, 0x1a55: 0x0040, 0x1a56: 0x0089, 0x1a57: 0x0341,
+	0x1a58: 0x0349, 0x1a59: 0x0391, 0x1a5a: 0x00c1, 0x1a5b: 0x0109, 0x1a5c: 0x00c9, 0x1a5d: 0x0040,
+	0x1a5e: 0x0019, 0x1a5f: 0x02e9, 0x1a60: 0x03d9, 0x1a61: 0x02f1, 0x1a62: 0x02f9, 0x1a63: 0x03f1,
+	0x1a64: 0x0309, 0x1a65: 0x00a9, 0x1a66: 0x0311, 0x1a67: 0x00b1, 0x1a68: 0x0319, 0x1a69: 0x0101,
+	0x1a6a: 0x0321, 0x1a6b: 0x0329, 0x1a6c: 0x0051, 0x1a6d: 0x0339, 0x1a6e: 0x0751, 0x1a6f: 0x00b9,
+	0x1a70: 0x0089, 0x1a71: 0x0341, 0x1a72: 0x0349, 0x1a73: 0x0391, 0x1a74: 0x00c1, 0x1a75: 0x0109,
+	0x1a76: 0x00c9, 0x1a77: 0x04b1, 0x1a78: 0x0019, 0x1a79: 0x02e9, 0x1a7a: 0x0040, 0x1a7b: 0x02f1,
+	0x1a7c: 0x02f9, 0x1a7d: 0x03f1, 0x1a7e: 0x0309, 0x1a7f: 0x0040,
+	// Block 0x6a, offset 0x1a80
+	0x1a80: 0x0311, 0x1a81: 0x00b1, 0x1a82: 0x0319, 0x1a83: 0x0101, 0x1a84: 0x0321, 0x1a85: 0x0040,
+	0x1a86: 0x0051, 0x1a87: 0x0040, 0x1a88: 0x0040, 0x1a89: 0x0040, 0x1a8a: 0x0089, 0x1a8b: 0x0341,
+	0x1a8c: 0x0349, 0x1a8d: 0x0391, 0x1a8e: 0x00c1, 0x1a8f: 0x0109, 0x1a90: 0x00c9, 0x1a91: 0x0040,
+	0x1a92: 0x0019, 0x1a93: 0x02e9, 0x1a94: 0x03d9, 0x1a95: 0x02f1, 0x1a96: 0x02f9, 0x1a97: 0x03f1,
+	0x1a98: 0x0309, 0x1a99: 0x00a9, 0x1a9a: 0x0311, 0x1a9b: 0x00b1, 0x1a9c: 0x0319, 0x1a9d: 0x0101,
+	0x1a9e: 0x0321, 0x1a9f: 0x0329, 0x1aa0: 0x0051, 0x1aa1: 0x0339, 0x1aa2: 0x0751, 0x1aa3: 0x00b9,
+	0x1aa4: 0x0089, 0x1aa5: 0x0341, 0x1aa6: 0x0349, 0x1aa7: 0x0391, 0x1aa8: 0x00c1, 0x1aa9: 0x0109,
+	0x1aaa: 0x00c9, 0x1aab: 0x04b1, 0x1aac: 0x0019, 0x1aad: 0x02e9, 0x1aae: 0x03d9, 0x1aaf: 0x02f1,
+	0x1ab0: 0x02f9, 0x1ab1: 0x03f1, 0x1ab2: 0x0309, 0x1ab3: 0x00a9, 0x1ab4: 0x0311, 0x1ab5: 0x00b1,
+	0x1ab6: 0x0319, 0x1ab7: 0x0101, 0x1ab8: 0x0321, 0x1ab9: 0x0329, 0x1aba: 0x0051, 0x1abb: 0x0339,
+	0x1abc: 0x0751, 0x1abd: 0x00b9, 0x1abe: 0x0089, 0x1abf: 0x0341,
+	// Block 0x6b, offset 0x1ac0
+	0x1ac0: 0x0349, 0x1ac1: 0x0391, 0x1ac2: 0x00c1, 0x1ac3: 0x0109, 0x1ac4: 0x00c9, 0x1ac5: 0x04b1,
+	0x1ac6: 0x0019, 0x1ac7: 0x02e9, 0x1ac8: 0x03d9, 0x1ac9: 0x02f1, 0x1aca: 0x02f9, 0x1acb: 0x03f1,
+	0x1acc: 0x0309, 0x1acd: 0x00a9, 0x1ace: 0x0311, 0x1acf: 0x00b1, 0x1ad0: 0x0319, 0x1ad1: 0x0101,
+	0x1ad2: 0x0321, 0x1ad3: 0x0329, 0x1ad4: 0x0051, 0x1ad5: 0x0339, 0x1ad6: 0x0751, 0x1ad7: 0x00b9,
+	0x1ad8: 0x0089, 0x1ad9: 0x0341, 0x1ada: 0x0349, 0x1adb: 0x0391, 0x1adc: 0x00c1, 0x1add: 0x0109,
+	0x1ade: 0x00c9, 0x1adf: 0x04b1, 0x1ae0: 0x0019, 0x1ae1: 0x02e9, 0x1ae2: 0x03d9, 0x1ae3: 0x02f1,
+	0x1ae4: 0x02f9, 0x1ae5: 0x03f1, 0x1ae6: 0x0309, 0x1ae7: 0x00a9, 0x1ae8: 0x0311, 0x1ae9: 0x00b1,
+	0x1aea: 0x0319, 0x1aeb: 0x0101, 0x1aec: 0x0321, 0x1aed: 0x0329, 0x1aee: 0x0051, 0x1aef: 0x0339,
+	0x1af0: 0x0751, 0x1af1: 0x00b9, 0x1af2: 0x0089, 0x1af3: 0x0341, 0x1af4: 0x0349, 0x1af5: 0x0391,
+	0x1af6: 0x00c1, 0x1af7: 0x0109, 0x1af8: 0x00c9, 0x1af9: 0x04b1, 0x1afa: 0x0019, 0x1afb: 0x02e9,
+	0x1afc: 0x03d9, 0x1afd: 0x02f1, 0x1afe: 0x02f9, 0x1aff: 0x03f1,
+	// Block 0x6c, offset 0x1b00
+	0x1b00: 0x0309, 0x1b01: 0x00a9, 0x1b02: 0x0311, 0x1b03: 0x00b1, 0x1b04: 0x0319, 0x1b05: 0x0101,
+	0x1b06: 0x0321, 0x1b07: 0x0329, 0x1b08: 0x0051, 0x1b09: 0x0339, 0x1b0a: 0x0751, 0x1b0b: 0x00b9,
+	0x1b0c: 0x0089, 0x1b0d: 0x0341, 0x1b0e: 0x0349, 0x1b0f: 0x0391, 0x1b10: 0x00c1, 0x1b11: 0x0109,
+	0x1b12: 0x00c9, 0x1b13: 0x04b1, 0x1b14: 0x0019, 0x1b15: 0x02e9, 0x1b16: 0x03d9, 0x1b17: 0x02f1,
+	0x1b18: 0x02f9, 0x1b19: 0x03f1, 0x1b1a: 0x0309, 0x1b1b: 0x00a9, 0x1b1c: 0x0311, 0x1b1d: 0x00b1,
+	0x1b1e: 0x0319, 0x1b1f: 0x0101, 0x1b20: 0x0321, 0x1b21: 0x0329, 0x1b22: 0x0051, 0x1b23: 0x0339,
+	0x1b24: 0x0751, 0x1b25: 0x00b9, 0x1b26: 0x0089, 0x1b27: 0x0341, 0x1b28: 0x0349, 0x1b29: 0x0391,
+	0x1b2a: 0x00c1, 0x1b2b: 0x0109, 0x1b2c: 0x00c9, 0x1b2d: 0x04b1, 0x1b2e: 0x0019, 0x1b2f: 0x02e9,
+	0x1b30: 0x03d9, 0x1b31: 0x02f1, 0x1b32: 0x02f9, 0x1b33: 0x03f1, 0x1b34: 0x0309, 0x1b35: 0x00a9,
+	0x1b36: 0x0311, 0x1b37: 0x00b1, 0x1b38: 0x0319, 0x1b39: 0x0101, 0x1b3a: 0x0321, 0x1b3b: 0x0329,
+	0x1b3c: 0x0051, 0x1b3d: 0x0339, 0x1b3e: 0x0751, 0x1b3f: 0x00b9,
+	// Block 0x6d, offset 0x1b40
+	0x1b40: 0x0089, 0x1b41: 0x0341, 0x1b42: 0x0349, 0x1b43: 0x0391, 0x1b44: 0x00c1, 0x1b45: 0x0109,
+	0x1b46: 0x00c9, 0x1b47: 0x04b1, 0x1b48: 0x0019, 0x1b49: 0x02e9, 0x1b4a: 0x03d9, 0x1b4b: 0x02f1,
+	0x1b4c: 0x02f9, 0x1b4d: 0x03f1, 0x1b4e: 0x0309, 0x1b4f: 0x00a9, 0x1b50: 0x0311, 0x1b51: 0x00b1,
+	0x1b52: 0x0319, 0x1b53: 0x0101, 0x1b54: 0x0321, 0x1b55: 0x0329, 0x1b56: 0x0051, 0x1b57: 0x0339,
+	0x1b58: 0x0751, 0x1b59: 0x00b9, 0x1b5a: 0x0089, 0x1b5b: 0x0341, 0x1b5c: 0x0349, 0x1b5d: 0x0391,
+	0x1b5e: 0x00c1, 0x1b5f: 0x0109, 0x1b60: 0x00c9, 0x1b61: 0x04b1, 0x1b62: 0x0019, 0x1b63: 0x02e9,
+	0x1b64: 0x03d9, 0x1b65: 0x02f1, 0x1b66: 0x02f9, 0x1b67: 0x03f1, 0x1b68: 0x0309, 0x1b69: 0x00a9,
+	0x1b6a: 0x0311, 0x1b6b: 0x00b1, 0x1b6c: 0x0319, 0x1b6d: 0x0101, 0x1b6e: 0x0321, 0x1b6f: 0x0329,
+	0x1b70: 0x0051, 0x1b71: 0x0339, 0x1b72: 0x0751, 0x1b73: 0x00b9, 0x1b74: 0x0089, 0x1b75: 0x0341,
+	0x1b76: 0x0349, 0x1b77: 0x0391, 0x1b78: 0x00c1, 0x1b79: 0x0109, 0x1b7a: 0x00c9, 0x1b7b: 0x04b1,
+	0x1b7c: 0x0019, 0x1b7d: 0x02e9, 0x1b7e: 0x03d9, 0x1b7f: 0x02f1,
+	// Block 0x6e, offset 0x1b80
+	0x1b80: 0x02f9, 0x1b81: 0x03f1, 0x1b82: 0x0309, 0x1b83: 0x00a9, 0x1b84: 0x0311, 0x1b85: 0x00b1,
+	0x1b86: 0x0319, 0x1b87: 0x0101, 0x1b88: 0x0321, 0x1b89: 0x0329, 0x1b8a: 0x0051, 0x1b8b: 0x0339,
+	0x1b8c: 0x0751, 0x1b8d: 0x00b9, 0x1b8e: 0x0089, 0x1b8f: 0x0341, 0x1b90: 0x0349, 0x1b91: 0x0391,
+	0x1b92: 0x00c1, 0x1b93: 0x0109, 0x1b94: 0x00c9, 0x1b95: 0x04b1, 0x1b96: 0x0019, 0x1b97: 0x02e9,
+	0x1b98: 0x03d9, 0x1b99: 0x02f1, 0x1b9a: 0x02f9, 0x1b9b: 0x03f1, 0x1b9c: 0x0309, 0x1b9d: 0x00a9,
+	0x1b9e: 0x0311, 0x1b9f: 0x00b1, 0x1ba0: 0x0319, 0x1ba1: 0x0101, 0x1ba2: 0x0321, 0x1ba3: 0x0329,
+	0x1ba4: 0x0051, 0x1ba5: 0x0339, 0x1ba6: 0x0751, 0x1ba7: 0x00b9, 0x1ba8: 0x0089, 0x1ba9: 0x0341,
+	0x1baa: 0x0349, 0x1bab: 0x0391, 0x1bac: 0x00c1, 0x1bad: 0x0109, 0x1bae: 0x00c9, 0x1baf: 0x04b1,
+	0x1bb0: 0x0019, 0x1bb1: 0x02e9, 0x1bb2: 0x03d9, 0x1bb3: 0x02f1, 0x1bb4: 0x02f9, 0x1bb5: 0x03f1,
+	0x1bb6: 0x0309, 0x1bb7: 0x00a9, 0x1bb8: 0x0311, 0x1bb9: 0x00b1, 0x1bba: 0x0319, 0x1bbb: 0x0101,
+	0x1bbc: 0x0321, 0x1bbd: 0x0329, 0x1bbe: 0x0051, 0x1bbf: 0x0339,
+	// Block 0x6f, offset 0x1bc0
+	0x1bc0: 0x0751, 0x1bc1: 0x00b9, 0x1bc2: 0x0089, 0x1bc3: 0x0341, 0x1bc4: 0x0349, 0x1bc5: 0x0391,
+	0x1bc6: 0x00c1, 0x1bc7: 0x0109, 0x1bc8: 0x00c9, 0x1bc9: 0x04b1, 0x1bca: 0x0019, 0x1bcb: 0x02e9,
+	0x1bcc: 0x03d9, 0x1bcd: 0x02f1, 0x1bce: 0x02f9, 0x1bcf: 0x03f1, 0x1bd0: 0x0309, 0x1bd1: 0x00a9,
+	0x1bd2: 0x0311, 0x1bd3: 0x00b1, 0x1bd4: 0x0319, 0x1bd5: 0x0101, 0x1bd6: 0x0321, 0x1bd7: 0x0329,
+	0x1bd8: 0x0051, 0x1bd9: 0x0339, 0x1bda: 0x0751, 0x1bdb: 0x00b9, 0x1bdc: 0x0089, 0x1bdd: 0x0341,
+	0x1bde: 0x0349, 0x1bdf: 0x0391, 0x1be0: 0x00c1, 0x1be1: 0x0109, 0x1be2: 0x00c9, 0x1be3: 0x04b1,
+	0x1be4: 0x23e1, 0x1be5: 0x23e9, 0x1be6: 0x0040, 0x1be7: 0x0040, 0x1be8: 0x23f1, 0x1be9: 0x0399,
+	0x1bea: 0x03a1, 0x1beb: 0x03a9, 0x1bec: 0x23f9, 0x1bed: 0x2401, 0x1bee: 0x2409, 0x1bef: 0x04d1,
+	0x1bf0: 0x05f9, 0x1bf1: 0x2411, 0x1bf2: 0x2419, 0x1bf3: 0x2421, 0x1bf4: 0x2429, 0x1bf5: 0x2431,
+	0x1bf6: 0x2439, 0x1bf7: 0x0799, 0x1bf8: 0x03c1, 0x1bf9: 0x04d1, 0x1bfa: 0x2441, 0x1bfb: 0x2449,
+	0x1bfc: 0x2451, 0x1bfd: 0x03b1, 0x1bfe: 0x03b9, 0x1bff: 0x2459,
+	// Block 0x70, offset 0x1c00
+	0x1c00: 0x0769, 0x1c01: 0x2461, 0x1c02: 0x23f1, 0x1c03: 0x0399, 0x1c04: 0x03a1, 0x1c05: 0x03a9,
+	0x1c06: 0x23f9, 0x1c07: 0x2401, 0x1c08: 0x2409, 0x1c09: 0x04d1, 0x1c0a: 0x05f9, 0x1c0b: 0x2411,
+	0x1c0c: 0x2419, 0x1c0d: 0x2421, 0x1c0e: 0x2429, 0x1c0f: 0x2431, 0x1c10: 0x2439, 0x1c11: 0x0799,
+	0x1c12: 0x03c1, 0x1c13: 0x2441, 0x1c14: 0x2441, 0x1c15: 0x2449, 0x1c16: 0x2451, 0x1c17: 0x03b1,
+	0x1c18: 0x03b9, 0x1c19: 0x2459, 0x1c1a: 0x0769, 0x1c1b: 0x2469, 0x1c1c: 0x23f9, 0x1c1d: 0x04d1,
+	0x1c1e: 0x2411, 0x1c1f: 0x03b1, 0x1c20: 0x03c1, 0x1c21: 0x0799, 0x1c22: 0x23f1, 0x1c23: 0x0399,
+	0x1c24: 0x03a1, 0x1c25: 0x03a9, 0x1c26: 0x23f9, 0x1c27: 0x2401, 0x1c28: 0x2409, 0x1c29: 0x04d1,
+	0x1c2a: 0x05f9, 0x1c2b: 0x2411, 0x1c2c: 0x2419, 0x1c2d: 0x2421, 0x1c2e: 0x2429, 0x1c2f: 0x2431,
+	0x1c30: 0x2439, 0x1c31: 0x0799, 0x1c32: 0x03c1, 0x1c33: 0x04d1, 0x1c34: 0x2441, 0x1c35: 0x2449,
+	0x1c36: 0x2451, 0x1c37: 0x03b1, 0x1c38: 0x03b9, 0x1c39: 0x2459, 0x1c3a: 0x0769, 0x1c3b: 0x2461,
+	0x1c3c: 0x23f1, 0x1c3d: 0x0399, 0x1c3e: 0x03a1, 0x1c3f: 0x03a9,
+	// Block 0x71, offset 0x1c40
+	0x1c40: 0x23f9, 0x1c41: 0x2401, 0x1c42: 0x2409, 0x1c43: 0x04d1, 0x1c44: 0x05f9, 0x1c45: 0x2411,
+	0x1c46: 0x2419, 0x1c47: 0x2421, 0x1c48: 0x2429, 0x1c49: 0x2431, 0x1c4a: 0x2439, 0x1c4b: 0x0799,
+	0x1c4c: 0x03c1, 0x1c4d: 0x2441, 0x1c4e: 0x2441, 0x1c4f: 0x2449, 0x1c50: 0x2451, 0x1c51: 0x03b1,
+	0x1c52: 0x03b9, 0x1c53: 0x2459, 0x1c54: 0x0769, 0x1c55: 0x2469, 0x1c56: 0x23f9, 0x1c57: 0x04d1,
+	0x1c58: 0x2411, 0x1c59: 0x03b1, 0x1c5a: 0x03c1, 0x1c5b: 0x0799, 0x1c5c: 0x23f1, 0x1c5d: 0x0399,
+	0x1c5e: 0x03a1, 0x1c5f: 0x03a9, 0x1c60: 0x23f9, 0x1c61: 0x2401, 0x1c62: 0x2409, 0x1c63: 0x04d1,
+	0x1c64: 0x05f9, 0x1c65: 0x2411, 0x1c66: 0x2419, 0x1c67: 0x2421, 0x1c68: 0x2429, 0x1c69: 0x2431,
+	0x1c6a: 0x2439, 0x1c6b: 0x0799, 0x1c6c: 0x03c1, 0x1c6d: 0x04d1, 0x1c6e: 0x2441, 0x1c6f: 0x2449,
+	0x1c70: 0x2451, 0x1c71: 0x03b1, 0x1c72: 0x03b9, 0x1c73: 0x2459, 0x1c74: 0x0769, 0x1c75: 0x2461,
+	0x1c76: 0x23f1, 0x1c77: 0x0399, 0x1c78: 0x03a1, 0x1c79: 0x03a9, 0x1c7a: 0x23f9, 0x1c7b: 0x2401,
+	0x1c7c: 0x2409, 0x1c7d: 0x04d1, 0x1c7e: 0x05f9, 0x1c7f: 0x2411,
+	// Block 0x72, offset 0x1c80
+	0x1c80: 0x2419, 0x1c81: 0x2421, 0x1c82: 0x2429, 0x1c83: 0x2431, 0x1c84: 0x2439, 0x1c85: 0x0799,
+	0x1c86: 0x03c1, 0x1c87: 0x2441, 0x1c88: 0x2441, 0x1c89: 0x2449, 0x1c8a: 0x2451, 0x1c8b: 0x03b1,
+	0x1c8c: 0x03b9, 0x1c8d: 0x2459, 0x1c8e: 0x0769, 0x1c8f: 0x2469, 0x1c90: 0x23f9, 0x1c91: 0x04d1,
+	0x1c92: 0x2411, 0x1c93: 0x03b1, 0x1c94: 0x03c1, 0x1c95: 0x0799, 0x1c96: 0x23f1, 0x1c97: 0x0399,
+	0x1c98: 0x03a1, 0x1c99: 0x03a9, 0x1c9a: 0x23f9, 0x1c9b: 0x2401, 0x1c9c: 0x2409, 0x1c9d: 0x04d1,
+	0x1c9e: 0x05f9, 0x1c9f: 0x2411, 0x1ca0: 0x2419, 0x1ca1: 0x2421, 0x1ca2: 0x2429, 0x1ca3: 0x2431,
+	0x1ca4: 0x2439, 0x1ca5: 0x0799, 0x1ca6: 0x03c1, 0x1ca7: 0x04d1, 0x1ca8: 0x2441, 0x1ca9: 0x2449,
+	0x1caa: 0x2451, 0x1cab: 0x03b1, 0x1cac: 0x03b9, 0x1cad: 0x2459, 0x1cae: 0x0769, 0x1caf: 0x2461,
+	0x1cb0: 0x23f1, 0x1cb1: 0x0399, 0x1cb2: 0x03a1, 0x1cb3: 0x03a9, 0x1cb4: 0x23f9, 0x1cb5: 0x2401,
+	0x1cb6: 0x2409, 0x1cb7: 0x04d1, 0x1cb8: 0x05f9, 0x1cb9: 0x2411, 0x1cba: 0x2419, 0x1cbb: 0x2421,
+	0x1cbc: 0x2429, 0x1cbd: 0x2431, 0x1cbe: 0x2439, 0x1cbf: 0x0799,
+	// Block 0x73, offset 0x1cc0
+	0x1cc0: 0x03c1, 0x1cc1: 0x2441, 0x1cc2: 0x2441, 0x1cc3: 0x2449, 0x1cc4: 0x2451, 0x1cc5: 0x03b1,
+	0x1cc6: 0x03b9, 0x1cc7: 0x2459, 0x1cc8: 0x0769, 0x1cc9: 0x2469, 0x1cca: 0x23f9, 0x1ccb: 0x04d1,
+	0x1ccc: 0x2411, 0x1ccd: 0x03b1, 0x1cce: 0x03c1, 0x1ccf: 0x0799, 0x1cd0: 0x23f1, 0x1cd1: 0x0399,
+	0x1cd2: 0x03a1, 0x1cd3: 0x03a9, 0x1cd4: 0x23f9, 0x1cd5: 0x2401, 0x1cd6: 0x2409, 0x1cd7: 0x04d1,
+	0x1cd8: 0x05f9, 0x1cd9: 0x2411, 0x1cda: 0x2419, 0x1cdb: 0x2421, 0x1cdc: 0x2429, 0x1cdd: 0x2431,
+	0x1cde: 0x2439, 0x1cdf: 0x0799, 0x1ce0: 0x03c1, 0x1ce1: 0x04d1, 0x1ce2: 0x2441, 0x1ce3: 0x2449,
+	0x1ce4: 0x2451, 0x1ce5: 0x03b1, 0x1ce6: 0x03b9, 0x1ce7: 0x2459, 0x1ce8: 0x0769, 0x1ce9: 0x2461,
+	0x1cea: 0x23f1, 0x1ceb: 0x0399, 0x1cec: 0x03a1, 0x1ced: 0x03a9, 0x1cee: 0x23f9, 0x1cef: 0x2401,
+	0x1cf0: 0x2409, 0x1cf1: 0x04d1, 0x1cf2: 0x05f9, 0x1cf3: 0x2411, 0x1cf4: 0x2419, 0x1cf5: 0x2421,
+	0x1cf6: 0x2429, 0x1cf7: 0x2431, 0x1cf8: 0x2439, 0x1cf9: 0x0799, 0x1cfa: 0x03c1, 0x1cfb: 0x2441,
+	0x1cfc: 0x2441, 0x1cfd: 0x2449, 0x1cfe: 0x2451, 0x1cff: 0x03b1,
+	// Block 0x74, offset 0x1d00
+	0x1d00: 0x03b9, 0x1d01: 0x2459, 0x1d02: 0x0769, 0x1d03: 0x2469, 0x1d04: 0x23f9, 0x1d05: 0x04d1,
+	0x1d06: 0x2411, 0x1d07: 0x03b1, 0x1d08: 0x03c1, 0x1d09: 0x0799, 0x1d0a: 0x2471, 0x1d0b: 0x2471,
+	0x1d0c: 0x0040, 0x1d0d: 0x0040, 0x1d0e: 0x06e1, 0x1d0f: 0x0049, 0x1d10: 0x0029, 0x1d11: 0x0031,
+	0x1d12: 0x06e9, 0x1d13: 0x06f1, 0x1d14: 0x06f9, 0x1d15: 0x0701, 0x1d16: 0x0709, 0x1d17: 0x0711,
+	0x1d18: 0x06e1, 0x1d19: 0x0049, 0x1d1a: 0x0029, 0x1d1b: 0x0031, 0x1d1c: 0x06e9, 0x1d1d: 0x06f1,
+	0x1d1e: 0x06f9, 0x1d1f: 0x0701, 0x1d20: 0x0709, 0x1d21: 0x0711, 0x1d22: 0x06e1, 0x1d23: 0x0049,
+	0x1d24: 0x0029, 0x1d25: 0x0031, 0x1d26: 0x06e9, 0x1d27: 0x06f1, 0x1d28: 0x06f9, 0x1d29: 0x0701,
+	0x1d2a: 0x0709, 0x1d2b: 0x0711, 0x1d2c: 0x06e1, 0x1d2d: 0x0049, 0x1d2e: 0x0029, 0x1d2f: 0x0031,
+	0x1d30: 0x06e9, 0x1d31: 0x06f1, 0x1d32: 0x06f9, 0x1d33: 0x0701, 0x1d34: 0x0709, 0x1d35: 0x0711,
+	0x1d36: 0x06e1, 0x1d37: 0x0049, 0x1d38: 0x0029, 0x1d39: 0x0031, 0x1d3a: 0x06e9, 0x1d3b: 0x06f1,
+	0x1d3c: 0x06f9, 0x1d3d: 0x0701, 0x1d3e: 0x0709, 0x1d3f: 0x0711,
+	// Block 0x75, offset 0x1d40
+	0x1d40: 0x3308, 0x1d41: 0x3308, 0x1d42: 0x3308, 0x1d43: 0x3308, 0x1d44: 0x3308, 0x1d45: 0x3308,
+	0x1d46: 0x3308, 0x1d47: 0x0040, 0x1d48: 0x3308, 0x1d49: 0x3308, 0x1d4a: 0x3308, 0x1d4b: 0x3308,
+	0x1d4c: 0x3308, 0x1d4d: 0x3308, 0x1d4e: 0x3308, 0x1d4f: 0x3308, 0x1d50: 0x3308, 0x1d51: 0x3308,
+	0x1d52: 0x3308, 0x1d53: 0x3308, 0x1d54: 0x3308, 0x1d55: 0x3308, 0x1d56: 0x3308, 0x1d57: 0x3308,
+	0x1d58: 0x3308, 0x1d59: 0x0040, 0x1d5a: 0x0040, 0x1d5b: 0x3308, 0x1d5c: 0x3308, 0x1d5d: 0x3308,
+	0x1d5e: 0x3308, 0x1d5f: 0x3308, 0x1d60: 0x3308, 0x1d61: 0x3308, 0x1d62: 0x0040, 0x1d63: 0x3308,
+	0x1d64: 0x3308, 0x1d65: 0x0040, 0x1d66: 0x3308, 0x1d67: 0x3308, 0x1d68: 0x3308, 0x1d69: 0x3308,
+	0x1d6a: 0x3308, 0x1d6b: 0x0040, 0x1d6c: 0x0040, 0x1d6d: 0x0040, 0x1d6e: 0x0040, 0x1d6f: 0x0040,
+	0x1d70: 0x2479, 0x1d71: 0x2481, 0x1d72: 0x02a9, 0x1d73: 0x2489, 0x1d74: 0x02b1, 0x1d75: 0x2491,
+	0x1d76: 0x2499, 0x1d77: 0x24a1, 0x1d78: 0x24a9, 0x1d79: 0x24b1, 0x1d7a: 0x24b9, 0x1d7b: 0x24c1,
+	0x1d7c: 0x02b9, 0x1d7d: 0x24c9, 0x1d7e: 0x24d1, 0x1d7f: 0x02c1,
+	// Block 0x76, offset 0x1d80
+	0x1d80: 0x02c9, 0x1d81: 0x24d9, 0x1d82: 0x24e1, 0x1d83: 0x24e9, 0x1d84: 0x24f1, 0x1d85: 0x24f9,
+	0x1d86: 0x2501, 0x1d87: 0x2509, 0x1d88: 0x2511, 0x1d89: 0x2519, 0x1d8a: 0x2521, 0x1d8b: 0x2529,
+	0x1d8c: 0x2531, 0x1d8d: 0x2539, 0x1d8e: 0x2541, 0x1d8f: 0x2549, 0x1d90: 0x2551, 0x1d91: 0x2479,
+	0x1d92: 0x2481, 0x1d93: 0x02a9, 0x1d94: 0x2489, 0x1d95: 0x02b1, 0x1d96: 0x2491, 0x1d97: 0x2499,
+	0x1d98: 0x24a1, 0x1d99: 0x24a9, 0x1d9a: 0x24b1, 0x1d9b: 0x24b9, 0x1d9c: 0x02b9, 0x1d9d: 0x24c9,
+	0x1d9e: 0x02c1, 0x1d9f: 0x24d9, 0x1da0: 0x24e1, 0x1da1: 0x24e9, 0x1da2: 0x24f1, 0x1da3: 0x24f9,
+	0x1da4: 0x2501, 0x1da5: 0x02d1, 0x1da6: 0x2509, 0x1da7: 0x2559, 0x1da8: 0x2531, 0x1da9: 0x2561,
+	0x1daa: 0x2569, 0x1dab: 0x2571, 0x1dac: 0x2579, 0x1dad: 0x2581, 0x1dae: 0x0040, 0x1daf: 0x0040,
+	0x1db0: 0x0040, 0x1db1: 0x0040, 0x1db2: 0x0040, 0x1db3: 0x0040, 0x1db4: 0x0040, 0x1db5: 0x0040,
+	0x1db6: 0x0040, 0x1db7: 0x0040, 0x1db8: 0x0040, 0x1db9: 0x0040, 0x1dba: 0x0040, 0x1dbb: 0x0040,
+	0x1dbc: 0x0040, 0x1dbd: 0x0040, 0x1dbe: 0x0040, 0x1dbf: 0x0040,
+	// Block 0x77, offset 0x1dc0
+	0x1dc0: 0xe115, 0x1dc1: 0xe115, 0x1dc2: 0xe135, 0x1dc3: 0xe135, 0x1dc4: 0xe115, 0x1dc5: 0xe115,
+	0x1dc6: 0xe175, 0x1dc7: 0xe175, 0x1dc8: 0xe115, 0x1dc9: 0xe115, 0x1dca: 0xe135, 0x1dcb: 0xe135,
+	0x1dcc: 0xe115, 0x1dcd: 0xe115, 0x1dce: 0xe1f5, 0x1dcf: 0xe1f5, 0x1dd0: 0xe115, 0x1dd1: 0xe115,
+	0x1dd2: 0xe135, 0x1dd3: 0xe135, 0x1dd4: 0xe115, 0x1dd5: 0xe115, 0x1dd6: 0xe175, 0x1dd7: 0xe175,
+	0x1dd8: 0xe115, 0x1dd9: 0xe115, 0x1dda: 0xe135, 0x1ddb: 0xe135, 0x1ddc: 0xe115, 0x1ddd: 0xe115,
+	0x1dde: 0x8ca5, 0x1ddf: 0x8ca5, 0x1de0: 0x04b5, 0x1de1: 0x04b5, 0x1de2: 0x0a08, 0x1de3: 0x0a08,
+	0x1de4: 0x0a08, 0x1de5: 0x0a08, 0x1de6: 0x0a08, 0x1de7: 0x0a08, 0x1de8: 0x0a08, 0x1de9: 0x0a08,
+	0x1dea: 0x0a08, 0x1deb: 0x0a08, 0x1dec: 0x0a08, 0x1ded: 0x0a08, 0x1dee: 0x0a08, 0x1def: 0x0a08,
+	0x1df0: 0x0a08, 0x1df1: 0x0a08, 0x1df2: 0x0a08, 0x1df3: 0x0a08, 0x1df4: 0x0a08, 0x1df5: 0x0a08,
+	0x1df6: 0x0a08, 0x1df7: 0x0a08, 0x1df8: 0x0a08, 0x1df9: 0x0a08, 0x1dfa: 0x0a08, 0x1dfb: 0x0a08,
+	0x1dfc: 0x0a08, 0x1dfd: 0x0a08, 0x1dfe: 0x0a08, 0x1dff: 0x0a08,
+	// Block 0x78, offset 0x1e00
+	0x1e00: 0x20b1, 0x1e01: 0x20b9, 0x1e02: 0x20d9, 0x1e03: 0x20f1, 0x1e04: 0x0040, 0x1e05: 0x2189,
+	0x1e06: 0x2109, 0x1e07: 0x20e1, 0x1e08: 0x2131, 0x1e09: 0x2191, 0x1e0a: 0x2161, 0x1e0b: 0x2169,
+	0x1e0c: 0x2171, 0x1e0d: 0x2179, 0x1e0e: 0x2111, 0x1e0f: 0x2141, 0x1e10: 0x2151, 0x1e11: 0x2121,
+	0x1e12: 0x2159, 0x1e13: 0x2101, 0x1e14: 0x2119, 0x1e15: 0x20c9, 0x1e16: 0x20d1, 0x1e17: 0x20e9,
+	0x1e18: 0x20f9, 0x1e19: 0x2129, 0x1e1a: 0x2139, 0x1e1b: 0x2149, 0x1e1c: 0x2589, 0x1e1d: 0x1689,
+	0x1e1e: 0x2591, 0x1e1f: 0x2599, 0x1e20: 0x0040, 0x1e21: 0x20b9, 0x1e22: 0x20d9, 0x1e23: 0x0040,
+	0x1e24: 0x2181, 0x1e25: 0x0040, 0x1e26: 0x0040, 0x1e27: 0x20e1, 0x1e28: 0x0040, 0x1e29: 0x2191,
+	0x1e2a: 0x2161, 0x1e2b: 0x2169, 0x1e2c: 0x2171, 0x1e2d: 0x2179, 0x1e2e: 0x2111, 0x1e2f: 0x2141,
+	0x1e30: 0x2151, 0x1e31: 0x2121, 0x1e32: 0x2159, 0x1e33: 0x0040, 0x1e34: 0x2119, 0x1e35: 0x20c9,
+	0x1e36: 0x20d1, 0x1e37: 0x20e9, 0x1e38: 0x0040, 0x1e39: 0x2129, 0x1e3a: 0x0040, 0x1e3b: 0x2149,
+	0x1e3c: 0x0040, 0x1e3d: 0x0040, 0x1e3e: 0x0040, 0x1e3f: 0x0040,
+	// Block 0x79, offset 0x1e40
+	0x1e40: 0x0040, 0x1e41: 0x0040, 0x1e42: 0x20d9, 0x1e43: 0x0040, 0x1e44: 0x0040, 0x1e45: 0x0040,
+	0x1e46: 0x0040, 0x1e47: 0x20e1, 0x1e48: 0x0040, 0x1e49: 0x2191, 0x1e4a: 0x0040, 0x1e4b: 0x2169,
+	0x1e4c: 0x0040, 0x1e4d: 0x2179, 0x1e4e: 0x2111, 0x1e4f: 0x2141, 0x1e50: 0x0040, 0x1e51: 0x2121,
+	0x1e52: 0x2159, 0x1e53: 0x0040, 0x1e54: 0x2119, 0x1e55: 0x0040, 0x1e56: 0x0040, 0x1e57: 0x20e9,
+	0x1e58: 0x0040, 0x1e59: 0x2129, 0x1e5a: 0x0040, 0x1e5b: 0x2149, 0x1e5c: 0x0040, 0x1e5d: 0x1689,
+	0x1e5e: 0x0040, 0x1e5f: 0x2599, 0x1e60: 0x0040, 0x1e61: 0x20b9, 0x1e62: 0x20d9, 0x1e63: 0x0040,
+	0x1e64: 0x2181, 0x1e65: 0x0040, 0x1e66: 0x0040, 0x1e67: 0x20e1, 0x1e68: 0x2131, 0x1e69: 0x2191,
+	0x1e6a: 0x2161, 0x1e6b: 0x0040, 0x1e6c: 0x2171, 0x1e6d: 0x2179, 0x1e6e: 0x2111, 0x1e6f: 0x2141,
+	0x1e70: 0x2151, 0x1e71: 0x2121, 0x1e72: 0x2159, 0x1e73: 0x0040, 0x1e74: 0x2119, 0x1e75: 0x20c9,
+	0x1e76: 0x20d1, 0x1e77: 0x20e9, 0x1e78: 0x0040, 0x1e79: 0x2129, 0x1e7a: 0x2139, 0x1e7b: 0x2149,
+	0x1e7c: 0x2589, 0x1e7d: 0x0040, 0x1e7e: 0x2591, 0x1e7f: 0x0040,
+	// Block 0x7a, offset 0x1e80
+	0x1e80: 0x20b1, 0x1e81: 0x20b9, 0x1e82: 0x20d9, 0x1e83: 0x20f1, 0x1e84: 0x2181, 0x1e85: 0x2189,
+	0x1e86: 0x2109, 0x1e87: 0x20e1, 0x1e88: 0x2131, 0x1e89: 0x2191, 0x1e8a: 0x0040, 0x1e8b: 0x2169,
+	0x1e8c: 0x2171, 0x1e8d: 0x2179, 0x1e8e: 0x2111, 0x1e8f: 0x2141, 0x1e90: 0x2151, 0x1e91: 0x2121,
+	0x1e92: 0x2159, 0x1e93: 0x2101, 0x1e94: 0x2119, 0x1e95: 0x20c9, 0x1e96: 0x20d1, 0x1e97: 0x20e9,
+	0x1e98: 0x20f9, 0x1e99: 0x2129, 0x1e9a: 0x2139, 0x1e9b: 0x2149, 0x1e9c: 0x0040, 0x1e9d: 0x0040,
+	0x1e9e: 0x0040, 0x1e9f: 0x0040, 0x1ea0: 0x0040, 0x1ea1: 0x20b9, 0x1ea2: 0x20d9, 0x1ea3: 0x20f1,
+	0x1ea4: 0x0040, 0x1ea5: 0x2189, 0x1ea6: 0x2109, 0x1ea7: 0x20e1, 0x1ea8: 0x2131, 0x1ea9: 0x2191,
+	0x1eaa: 0x0040, 0x1eab: 0x2169, 0x1eac: 0x2171, 0x1ead: 0x2179, 0x1eae: 0x2111, 0x1eaf: 0x2141,
+	0x1eb0: 0x2151, 0x1eb1: 0x2121, 0x1eb2: 0x2159, 0x1eb3: 0x2101, 0x1eb4: 0x2119, 0x1eb5: 0x20c9,
+	0x1eb6: 0x20d1, 0x1eb7: 0x20e9, 0x1eb8: 0x20f9, 0x1eb9: 0x2129, 0x1eba: 0x2139, 0x1ebb: 0x2149,
+	0x1ebc: 0x0040, 0x1ebd: 0x0040, 0x1ebe: 0x0040, 0x1ebf: 0x0040,
+	// Block 0x7b, offset 0x1ec0
+	0x1ec0: 0x0040, 0x1ec1: 0x25a2, 0x1ec2: 0x25aa, 0x1ec3: 0x25b2, 0x1ec4: 0x25ba, 0x1ec5: 0x25c2,
+	0x1ec6: 0x25ca, 0x1ec7: 0x25d2, 0x1ec8: 0x25da, 0x1ec9: 0x25e2, 0x1eca: 0x25ea, 0x1ecb: 0x0018,
+	0x1ecc: 0x0018, 0x1ecd: 0x0018, 0x1ece: 0x0018, 0x1ecf: 0x0018, 0x1ed0: 0x25f2, 0x1ed1: 0x25fa,
+	0x1ed2: 0x2602, 0x1ed3: 0x260a, 0x1ed4: 0x2612, 0x1ed5: 0x261a, 0x1ed6: 0x2622, 0x1ed7: 0x262a,
+	0x1ed8: 0x2632, 0x1ed9: 0x263a, 0x1eda: 0x2642, 0x1edb: 0x264a, 0x1edc: 0x2652, 0x1edd: 0x265a,
+	0x1ede: 0x2662, 0x1edf: 0x266a, 0x1ee0: 0x2672, 0x1ee1: 0x267a, 0x1ee2: 0x2682, 0x1ee3: 0x268a,
+	0x1ee4: 0x2692, 0x1ee5: 0x269a, 0x1ee6: 0x26a2, 0x1ee7: 0x26aa, 0x1ee8: 0x26b2, 0x1ee9: 0x26ba,
+	0x1eea: 0x26c1, 0x1eeb: 0x03d9, 0x1eec: 0x00b9, 0x1eed: 0x1239, 0x1eee: 0x26c9, 0x1eef: 0x0018,
+	0x1ef0: 0x0019, 0x1ef1: 0x02e9, 0x1ef2: 0x03d9, 0x1ef3: 0x02f1, 0x1ef4: 0x02f9, 0x1ef5: 0x03f1,
+	0x1ef6: 0x0309, 0x1ef7: 0x00a9, 0x1ef8: 0x0311, 0x1ef9: 0x00b1, 0x1efa: 0x0319, 0x1efb: 0x0101,
+	0x1efc: 0x0321, 0x1efd: 0x0329, 0x1efe: 0x0051, 0x1eff: 0x0339,
+	// Block 0x7c, offset 0x1f00
+	0x1f00: 0x0751, 0x1f01: 0x00b9, 0x1f02: 0x0089, 0x1f03: 0x0341, 0x1f04: 0x0349, 0x1f05: 0x0391,
+	0x1f06: 0x00c1, 0x1f07: 0x0109, 0x1f08: 0x00c9, 0x1f09: 0x04b1, 0x1f0a: 0x26d1, 0x1f0b: 0x11f9,
+	0x1f0c: 0x26d9, 0x1f0d: 0x04d9, 0x1f0e: 0x26e1, 0x1f0f: 0x26e9, 0x1f10: 0x0018, 0x1f11: 0x0018,
+	0x1f12: 0x0018, 0x1f13: 0x0018, 0x1f14: 0x0018, 0x1f15: 0x0018, 0x1f16: 0x0018, 0x1f17: 0x0018,
+	0x1f18: 0x0018, 0x1f19: 0x0018, 0x1f1a: 0x0018, 0x1f1b: 0x0018, 0x1f1c: 0x0018, 0x1f1d: 0x0018,
+	0x1f1e: 0x0018, 0x1f1f: 0x0018, 0x1f20: 0x0018, 0x1f21: 0x0018, 0x1f22: 0x0018, 0x1f23: 0x0018,
+	0x1f24: 0x0018, 0x1f25: 0x0018, 0x1f26: 0x0018, 0x1f27: 0x0018, 0x1f28: 0x0018, 0x1f29: 0x0018,
+	0x1f2a: 0x26f1, 0x1f2b: 0x26f9, 0x1f2c: 0x2701, 0x1f2d: 0x0018, 0x1f2e: 0x0018, 0x1f2f: 0x0018,
+	0x1f30: 0x0018, 0x1f31: 0x0018, 0x1f32: 0x0018, 0x1f33: 0x0018, 0x1f34: 0x0018, 0x1f35: 0x0018,
+	0x1f36: 0x0018, 0x1f37: 0x0018, 0x1f38: 0x0018, 0x1f39: 0x0018, 0x1f3a: 0x0018, 0x1f3b: 0x0018,
+	0x1f3c: 0x0018, 0x1f3d: 0x0018, 0x1f3e: 0x0018, 0x1f3f: 0x0018,
+	// Block 0x7d, offset 0x1f40
+	0x1f40: 0x2711, 0x1f41: 0x2719, 0x1f42: 0x2721, 0x1f43: 0x0040, 0x1f44: 0x0040, 0x1f45: 0x0040,
+	0x1f46: 0x0040, 0x1f47: 0x0040, 0x1f48: 0x0040, 0x1f49: 0x0040, 0x1f4a: 0x0040, 0x1f4b: 0x0040,
+	0x1f4c: 0x0040, 0x1f4d: 0x0040, 0x1f4e: 0x0040, 0x1f4f: 0x0040, 0x1f50: 0x2729, 0x1f51: 0x2731,
+	0x1f52: 0x2739, 0x1f53: 0x2741, 0x1f54: 0x2749, 0x1f55: 0x2751, 0x1f56: 0x2759, 0x1f57: 0x2761,
+	0x1f58: 0x2769, 0x1f59: 0x2771, 0x1f5a: 0x2779, 0x1f5b: 0x2781, 0x1f5c: 0x2789, 0x1f5d: 0x2791,
+	0x1f5e: 0x2799, 0x1f5f: 0x27a1, 0x1f60: 0x27a9, 0x1f61: 0x27b1, 0x1f62: 0x27b9, 0x1f63: 0x27c1,
+	0x1f64: 0x27c9, 0x1f65: 0x27d1, 0x1f66: 0x27d9, 0x1f67: 0x27e1, 0x1f68: 0x27e9, 0x1f69: 0x27f1,
+	0x1f6a: 0x27f9, 0x1f6b: 0x2801, 0x1f6c: 0x2809, 0x1f6d: 0x2811, 0x1f6e: 0x2819, 0x1f6f: 0x2821,
+	0x1f70: 0x2829, 0x1f71: 0x2831, 0x1f72: 0x2839, 0x1f73: 0x2841, 0x1f74: 0x2849, 0x1f75: 0x2851,
+	0x1f76: 0x2859, 0x1f77: 0x2861, 0x1f78: 0x2869, 0x1f79: 0x2871, 0x1f7a: 0x2879, 0x1f7b: 0x2881,
+	0x1f7c: 0x0040, 0x1f7d: 0x0040, 0x1f7e: 0x0040, 0x1f7f: 0x0040,
+	// Block 0x7e, offset 0x1f80
+	0x1f80: 0x28e1, 0x1f81: 0x28e9, 0x1f82: 0x28f1, 0x1f83: 0x8cbd, 0x1f84: 0x28f9, 0x1f85: 0x2901,
+	0x1f86: 0x2909, 0x1f87: 0x2911, 0x1f88: 0x2919, 0x1f89: 0x2921, 0x1f8a: 0x2929, 0x1f8b: 0x2931,
+	0x1f8c: 0x2939, 0x1f8d: 0x8cdd, 0x1f8e: 0x2941, 0x1f8f: 0x2949, 0x1f90: 0x2951, 0x1f91: 0x2959,
+	0x1f92: 0x8cfd, 0x1f93: 0x2961, 0x1f94: 0x2969, 0x1f95: 0x2799, 0x1f96: 0x8d1d, 0x1f97: 0x2971,
+	0x1f98: 0x2979, 0x1f99: 0x2981, 0x1f9a: 0x2989, 0x1f9b: 0x2991, 0x1f9c: 0x8d3d, 0x1f9d: 0x2999,
+	0x1f9e: 0x29a1, 0x1f9f: 0x29a9, 0x1fa0: 0x29b1, 0x1fa1: 0x29b9, 0x1fa2: 0x2871, 0x1fa3: 0x29c1,
+	0x1fa4: 0x29c9, 0x1fa5: 0x29d1, 0x1fa6: 0x29d9, 0x1fa7: 0x29e1, 0x1fa8: 0x29e9, 0x1fa9: 0x29f1,
+	0x1faa: 0x29f9, 0x1fab: 0x2a01, 0x1fac: 0x2a09, 0x1fad: 0x2a11, 0x1fae: 0x2a19, 0x1faf: 0x2a21,
+	0x1fb0: 0x2a29, 0x1fb1: 0x2a31, 0x1fb2: 0x2a31, 0x1fb3: 0x2a31, 0x1fb4: 0x8d5d, 0x1fb5: 0x2a39,
+	0x1fb6: 0x2a41, 0x1fb7: 0x2a49, 0x1fb8: 0x8d7d, 0x1fb9: 0x2a51, 0x1fba: 0x2a59, 0x1fbb: 0x2a61,
+	0x1fbc: 0x2a69, 0x1fbd: 0x2a71, 0x1fbe: 0x2a79, 0x1fbf: 0x2a81,
+	// Block 0x7f, offset 0x1fc0
+	0x1fc0: 0x2a89, 0x1fc1: 0x2a91, 0x1fc2: 0x2a99, 0x1fc3: 0x2aa1, 0x1fc4: 0x2aa9, 0x1fc5: 0x2ab1,
+	0x1fc6: 0x2ab1, 0x1fc7: 0x2ab9, 0x1fc8: 0x2ac1, 0x1fc9: 0x2ac9, 0x1fca: 0x2ad1, 0x1fcb: 0x2ad9,
+	0x1fcc: 0x2ae1, 0x1fcd: 0x2ae9, 0x1fce: 0x2af1, 0x1fcf: 0x2af9, 0x1fd0: 0x2b01, 0x1fd1: 0x2b09,
+	0x1fd2: 0x2b11, 0x1fd3: 0x2b19, 0x1fd4: 0x2b21, 0x1fd5: 0x2b29, 0x1fd6: 0x2b31, 0x1fd7: 0x2b39,
+	0x1fd8: 0x2b41, 0x1fd9: 0x8d9d, 0x1fda: 0x2b49, 0x1fdb: 0x2b51, 0x1fdc: 0x2b59, 0x1fdd: 0x2751,
+	0x1fde: 0x2b61, 0x1fdf: 0x2b69, 0x1fe0: 0x8dbd, 0x1fe1: 0x8ddd, 0x1fe2: 0x2b71, 0x1fe3: 0x2b79,
+	0x1fe4: 0x2b81, 0x1fe5: 0x2b89, 0x1fe6: 0x2b91, 0x1fe7: 0x2b99, 0x1fe8: 0x2040, 0x1fe9: 0x2ba1,
+	0x1fea: 0x2ba9, 0x1feb: 0x2ba9, 0x1fec: 0x8dfd, 0x1fed: 0x2bb1, 0x1fee: 0x2bb9, 0x1fef: 0x2bc1,
+	0x1ff0: 0x2bc9, 0x1ff1: 0x8e1d, 0x1ff2: 0x2bd1, 0x1ff3: 0x2bd9, 0x1ff4: 0x2040, 0x1ff5: 0x2be1,
+	0x1ff6: 0x2be9, 0x1ff7: 0x2bf1, 0x1ff8: 0x2bf9, 0x1ff9: 0x2c01, 0x1ffa: 0x2c09, 0x1ffb: 0x8e3d,
+	0x1ffc: 0x2c11, 0x1ffd: 0x8e5d, 0x1ffe: 0x2c19, 0x1fff: 0x2c21,
+	// Block 0x80, offset 0x2000
+	0x2000: 0x2c29, 0x2001: 0x2c31, 0x2002: 0x2c39, 0x2003: 0x2c41, 0x2004: 0x2c49, 0x2005: 0x2c51,
+	0x2006: 0x2c59, 0x2007: 0x2c61, 0x2008: 0x2c69, 0x2009: 0x8e7d, 0x200a: 0x2c71, 0x200b: 0x2c79,
+	0x200c: 0x2c81, 0x200d: 0x2c89, 0x200e: 0x2c91, 0x200f: 0x8e9d, 0x2010: 0x2c99, 0x2011: 0x8ebd,
+	0x2012: 0x8edd, 0x2013: 0x2ca1, 0x2014: 0x2ca9, 0x2015: 0x2ca9, 0x2016: 0x2cb1, 0x2017: 0x8efd,
+	0x2018: 0x8f1d, 0x2019: 0x2cb9, 0x201a: 0x2cc1, 0x201b: 0x2cc9, 0x201c: 0x2cd1, 0x201d: 0x2cd9,
+	0x201e: 0x2ce1, 0x201f: 0x2ce9, 0x2020: 0x2cf1, 0x2021: 0x2cf9, 0x2022: 0x2d01, 0x2023: 0x2d09,
+	0x2024: 0x8f3d, 0x2025: 0x2d11, 0x2026: 0x2d19, 0x2027: 0x2d21, 0x2028: 0x2d29, 0x2029: 0x2d21,
+	0x202a: 0x2d31, 0x202b: 0x2d39, 0x202c: 0x2d41, 0x202d: 0x2d49, 0x202e: 0x2d51, 0x202f: 0x2d59,
+	0x2030: 0x2d61, 0x2031: 0x2d69, 0x2032: 0x2d71, 0x2033: 0x2d79, 0x2034: 0x2d81, 0x2035: 0x2d89,
+	0x2036: 0x2d91, 0x2037: 0x2d99, 0x2038: 0x8f5d, 0x2039: 0x2da1, 0x203a: 0x2da9, 0x203b: 0x2db1,
+	0x203c: 0x2db9, 0x203d: 0x2dc1, 0x203e: 0x8f7d, 0x203f: 0x2dc9,
+	// Block 0x81, offset 0x2040
+	0x2040: 0x2dd1, 0x2041: 0x2dd9, 0x2042: 0x2de1, 0x2043: 0x2de9, 0x2044: 0x2df1, 0x2045: 0x2df9,
+	0x2046: 0x2e01, 0x2047: 0x2e09, 0x2048: 0x2e11, 0x2049: 0x2e19, 0x204a: 0x8f9d, 0x204b: 0x2e21,
+	0x204c: 0x2e29, 0x204d: 0x2e31, 0x204e: 0x2e39, 0x204f: 0x2e41, 0x2050: 0x2e49, 0x2051: 0x2e51,
+	0x2052: 0x2e59, 0x2053: 0x2e61, 0x2054: 0x2e69, 0x2055: 0x2e71, 0x2056: 0x2e79, 0x2057: 0x2e81,
+	0x2058: 0x2e89, 0x2059: 0x2e91, 0x205a: 0x2e99, 0x205b: 0x2ea1, 0x205c: 0x2ea9, 0x205d: 0x8fbd,
+	0x205e: 0x2eb1, 0x205f: 0x2eb9, 0x2060: 0x2ec1, 0x2061: 0x2ec9, 0x2062: 0x2ed1, 0x2063: 0x8fdd,
+	0x2064: 0x2ed9, 0x2065: 0x2ee1, 0x2066: 0x2ee9, 0x2067: 0x2ef1, 0x2068: 0x2ef9, 0x2069: 0x2f01,
+	0x206a: 0x2f09, 0x206b: 0x2f11, 0x206c: 0x7f0d, 0x206d: 0x2f19, 0x206e: 0x2f21, 0x206f: 0x2f29,
+	0x2070: 0x8ffd, 0x2071: 0x2f31, 0x2072: 0x2f39, 0x2073: 0x2f41, 0x2074: 0x2f49, 0x2075: 0x2f51,
+	0x2076: 0x2f59, 0x2077: 0x901d, 0x2078: 0x903d, 0x2079: 0x905d, 0x207a: 0x2f61, 0x207b: 0x907d,
+	0x207c: 0x2f69, 0x207d: 0x2f71, 0x207e: 0x2f79, 0x207f: 0x2f81,
+	// Block 0x82, offset 0x2080
+	0x2080: 0x2f89, 0x2081: 0x2f91, 0x2082: 0x2f99, 0x2083: 0x2fa1, 0x2084: 0x2fa9, 0x2085: 0x2fb1,
+	0x2086: 0x909d, 0x2087: 0x2fb9, 0x2088: 0x2fc1, 0x2089: 0x2fc9, 0x208a: 0x2fd1, 0x208b: 0x2fd9,
+	0x208c: 0x2fe1, 0x208d: 0x90bd, 0x208e: 0x2fe9, 0x208f: 0x2ff1, 0x2090: 0x90dd, 0x2091: 0x90fd,
+	0x2092: 0x2ff9, 0x2093: 0x3001, 0x2094: 0x3009, 0x2095: 0x3011, 0x2096: 0x3019, 0x2097: 0x3021,
+	0x2098: 0x3029, 0x2099: 0x3031, 0x209a: 0x3039, 0x209b: 0x911d, 0x209c: 0x3041, 0x209d: 0x913d,
+	0x209e: 0x3049, 0x209f: 0x2040, 0x20a0: 0x3051, 0x20a1: 0x3059, 0x20a2: 0x3061, 0x20a3: 0x915d,
+	0x20a4: 0x3069, 0x20a5: 0x3071, 0x20a6: 0x917d, 0x20a7: 0x919d, 0x20a8: 0x3079, 0x20a9: 0x3081,
+	0x20aa: 0x3089, 0x20ab: 0x3091, 0x20ac: 0x3099, 0x20ad: 0x3099, 0x20ae: 0x30a1, 0x20af: 0x30a9,
+	0x20b0: 0x30b1, 0x20b1: 0x30b9, 0x20b2: 0x30c1, 0x20b3: 0x30c9, 0x20b4: 0x30d1, 0x20b5: 0x91bd,
+	0x20b6: 0x30d9, 0x20b7: 0x91dd, 0x20b8: 0x30e1, 0x20b9: 0x91fd, 0x20ba: 0x30e9, 0x20bb: 0x921d,
+	0x20bc: 0x923d, 0x20bd: 0x925d, 0x20be: 0x30f1, 0x20bf: 0x30f9,
+	// Block 0x83, offset 0x20c0
+	0x20c0: 0x3101, 0x20c1: 0x927d, 0x20c2: 0x929d, 0x20c3: 0x92bd, 0x20c4: 0x92dd, 0x20c5: 0x3109,
+	0x20c6: 0x3111, 0x20c7: 0x3111, 0x20c8: 0x3119, 0x20c9: 0x3121, 0x20ca: 0x3129, 0x20cb: 0x3131,
+	0x20cc: 0x3139, 0x20cd: 0x92fd, 0x20ce: 0x3141, 0x20cf: 0x3149, 0x20d0: 0x3151, 0x20d1: 0x3159,
+	0x20d2: 0x931d, 0x20d3: 0x3161, 0x20d4: 0x933d, 0x20d5: 0x935d, 0x20d6: 0x3169, 0x20d7: 0x3171,
+	0x20d8: 0x3179, 0x20d9: 0x3181, 0x20da: 0x3189, 0x20db: 0x3191, 0x20dc: 0x937d, 0x20dd: 0x939d,
+	0x20de: 0x93bd, 0x20df: 0x2040, 0x20e0: 0x3199, 0x20e1: 0x93dd, 0x20e2: 0x31a1, 0x20e3: 0x31a9,
+	0x20e4: 0x31b1, 0x20e5: 0x93fd, 0x20e6: 0x31b9, 0x20e7: 0x31c1, 0x20e8: 0x31c9, 0x20e9: 0x31d1,
+	0x20ea: 0x31d9, 0x20eb: 0x941d, 0x20ec: 0x31e1, 0x20ed: 0x31e9, 0x20ee: 0x31f1, 0x20ef: 0x31f9,
+	0x20f0: 0x3201, 0x20f1: 0x3209, 0x20f2: 0x943d, 0x20f3: 0x945d, 0x20f4: 0x3211, 0x20f5: 0x947d,
+	0x20f6: 0x3219, 0x20f7: 0x949d, 0x20f8: 0x3221, 0x20f9: 0x3229, 0x20fa: 0x3231, 0x20fb: 0x94bd,
+	0x20fc: 0x94dd, 0x20fd: 0x3239, 0x20fe: 0x94fd, 0x20ff: 0x3241,
+	// Block 0x84, offset 0x2100
+	0x2100: 0x951d, 0x2101: 0x3249, 0x2102: 0x3251, 0x2103: 0x3259, 0x2104: 0x3261, 0x2105: 0x3269,
+	0x2106: 0x3271, 0x2107: 0x953d, 0x2108: 0x955d, 0x2109: 0x957d, 0x210a: 0x959d, 0x210b: 0x2ca1,
+	0x210c: 0x3279, 0x210d: 0x3281, 0x210e: 0x3289, 0x210f: 0x3291, 0x2110: 0x3299, 0x2111: 0x32a1,
+	0x2112: 0x32a9, 0x2113: 0x32b1, 0x2114: 0x32b9, 0x2115: 0x32c1, 0x2116: 0x32c9, 0x2117: 0x95bd,
+	0x2118: 0x32d1, 0x2119: 0x32d9, 0x211a: 0x32e1, 0x211b: 0x32e9, 0x211c: 0x32f1, 0x211d: 0x32f9,
+	0x211e: 0x3301, 0x211f: 0x3309, 0x2120: 0x3311, 0x2121: 0x3319, 0x2122: 0x3321, 0x2123: 0x3329,
+	0x2124: 0x95dd, 0x2125: 0x95fd, 0x2126: 0x961d, 0x2127: 0x3331, 0x2128: 0x3339, 0x2129: 0x3341,
+	0x212a: 0x3349, 0x212b: 0x963d, 0x212c: 0x3351, 0x212d: 0x965d, 0x212e: 0x3359, 0x212f: 0x3361,
+	0x2130: 0x967d, 0x2131: 0x969d, 0x2132: 0x3369, 0x2133: 0x3371, 0x2134: 0x3379, 0x2135: 0x3381,
+	0x2136: 0x3389, 0x2137: 0x3391, 0x2138: 0x3399, 0x2139: 0x33a1, 0x213a: 0x33a9, 0x213b: 0x33b1,
+	0x213c: 0x33b9, 0x213d: 0x33c1, 0x213e: 0x33c9, 0x213f: 0x2040,
+	// Block 0x85, offset 0x2140
+	0x2140: 0x33d1, 0x2141: 0x33d9, 0x2142: 0x33e1, 0x2143: 0x33e9, 0x2144: 0x33f1, 0x2145: 0x96bd,
+	0x2146: 0x33f9, 0x2147: 0x3401, 0x2148: 0x3409, 0x2149: 0x3411, 0x214a: 0x3419, 0x214b: 0x96dd,
+	0x214c: 0x96fd, 0x214d: 0x3421, 0x214e: 0x3429, 0x214f: 0x3431, 0x2150: 0x3439, 0x2151: 0x3441,
+	0x2152: 0x3449, 0x2153: 0x971d, 0x2154: 0x3451, 0x2155: 0x3459, 0x2156: 0x3461, 0x2157: 0x3469,
+	0x2158: 0x973d, 0x2159: 0x975d, 0x215a: 0x3471, 0x215b: 0x3479, 0x215c: 0x3481, 0x215d: 0x977d,
+	0x215e: 0x3489, 0x215f: 0x3491, 0x2160: 0x684d, 0x2161: 0x979d, 0x2162: 0x3499, 0x2163: 0x34a1,
+	0x2164: 0x34a9, 0x2165: 0x97bd, 0x2166: 0x34b1, 0x2167: 0x34b9, 0x2168: 0x34c1, 0x2169: 0x34c9,
+	0x216a: 0x34d1, 0x216b: 0x34d9, 0x216c: 0x34e1, 0x216d: 0x97dd, 0x216e: 0x34e9, 0x216f: 0x34f1,
+	0x2170: 0x34f9, 0x2171: 0x97fd, 0x2172: 0x3501, 0x2173: 0x3509, 0x2174: 0x3511, 0x2175: 0x3519,
+	0x2176: 0x7b6d, 0x2177: 0x981d, 0x2178: 0x3521, 0x2179: 0x3529, 0x217a: 0x3531, 0x217b: 0x983d,
+	0x217c: 0x3539, 0x217d: 0x985d, 0x217e: 0x3541, 0x217f: 0x3541,
+	// Block 0x86, offset 0x2180
+	0x2180: 0x3549, 0x2181: 0x987d, 0x2182: 0x3551, 0x2183: 0x3559, 0x2184: 0x3561, 0x2185: 0x3569,
+	0x2186: 0x3571, 0x2187: 0x3579, 0x2188: 0x3581, 0x2189: 0x989d, 0x218a: 0x3589, 0x218b: 0x3591,
+	0x218c: 0x3599, 0x218d: 0x35a1, 0x218e: 0x35a9, 0x218f: 0x35b1, 0x2190: 0x98bd, 0x2191: 0x35b9,
+	0x2192: 0x98dd, 0x2193: 0x98fd, 0x2194: 0x991d, 0x2195: 0x35c1, 0x2196: 0x35c9, 0x2197: 0x35d1,
+	0x2198: 0x35d9, 0x2199: 0x35e1, 0x219a: 0x35e9, 0x219b: 0x35f1, 0x219c: 0x35f9, 0x219d: 0x993d,
+	0x219e: 0x0040, 0x219f: 0x0040, 0x21a0: 0x0040, 0x21a1: 0x0040, 0x21a2: 0x0040, 0x21a3: 0x0040,
+	0x21a4: 0x0040, 0x21a5: 0x0040, 0x21a6: 0x0040, 0x21a7: 0x0040, 0x21a8: 0x0040, 0x21a9: 0x0040,
+	0x21aa: 0x0040, 0x21ab: 0x0040, 0x21ac: 0x0040, 0x21ad: 0x0040, 0x21ae: 0x0040, 0x21af: 0x0040,
+	0x21b0: 0x0040, 0x21b1: 0x0040, 0x21b2: 0x0040, 0x21b3: 0x0040, 0x21b4: 0x0040, 0x21b5: 0x0040,
+	0x21b6: 0x0040, 0x21b7: 0x0040, 0x21b8: 0x0040, 0x21b9: 0x0040, 0x21ba: 0x0040, 0x21bb: 0x0040,
+	0x21bc: 0x0040, 0x21bd: 0x0040, 0x21be: 0x0040, 0x21bf: 0x0040,
+}
+
+// idnaIndex: 39 blocks, 2496 entries, 4992 bytes
+// Block 0 is the zero block.
+var idnaIndex = [2496]uint16{
+	// Block 0x0, offset 0x0
+	// Block 0x1, offset 0x40
+	// Block 0x2, offset 0x80
+	// Block 0x3, offset 0xc0
+	0xc2: 0x01, 0xc3: 0x85, 0xc4: 0x02, 0xc5: 0x03, 0xc6: 0x04, 0xc7: 0x05,
+	0xc8: 0x06, 0xc9: 0x86, 0xca: 0x87, 0xcb: 0x07, 0xcc: 0x88, 0xcd: 0x08, 0xce: 0x09, 0xcf: 0x0a,
+	0xd0: 0x89, 0xd1: 0x0b, 0xd2: 0x0c, 0xd3: 0x0d, 0xd4: 0x0e, 0xd5: 0x8a, 0xd6: 0x8b, 0xd7: 0x8c,
+	0xd8: 0x0f, 0xd9: 0x10, 0xda: 0x8d, 0xdb: 0x11, 0xdc: 0x12, 0xdd: 0x8e, 0xde: 0x8f, 0xdf: 0x90,
+	0xe0: 0x02, 0xe1: 0x03, 0xe2: 0x04, 0xe3: 0x05, 0xe4: 0x06, 0xe5: 0x07, 0xe6: 0x07, 0xe7: 0x07,
+	0xe8: 0x07, 0xe9: 0x07, 0xea: 0x08, 0xeb: 0x07, 0xec: 0x07, 0xed: 0x09, 0xee: 0x0a, 0xef: 0x0b,
+	0xf0: 0x20, 0xf1: 0x21, 0xf2: 0x21, 0xf3: 0x23, 0xf4: 0x24,
+	// Block 0x4, offset 0x100
+	0x120: 0x91, 0x121: 0x13, 0x122: 0x14, 0x123: 0x92, 0x124: 0x93, 0x125: 0x15, 0x126: 0x16, 0x127: 0x17,
+	0x128: 0x18, 0x129: 0x19, 0x12a: 0x1a, 0x12b: 0x1b, 0x12c: 0x1c, 0x12d: 0x1d, 0x12e: 0x1e, 0x12f: 0x94,
+	0x130: 0x95, 0x131: 0x1f, 0x132: 0x20, 0x133: 0x21, 0x134: 0x96, 0x135: 0x22, 0x136: 0x97, 0x137: 0x98,
+	0x138: 0x99, 0x139: 0x9a, 0x13a: 0x23, 0x13b: 0x9b, 0x13c: 0x9c, 0x13d: 0x24, 0x13e: 0x25, 0x13f: 0x9d,
+	// Block 0x5, offset 0x140
+	0x140: 0x9e, 0x141: 0x9f, 0x142: 0xa0, 0x143: 0xa1, 0x144: 0xa2, 0x145: 0xa3, 0x146: 0xa4, 0x147: 0xa5,
+	0x148: 0xa6, 0x149: 0xa7, 0x14a: 0xa8, 0x14b: 0xa9, 0x14c: 0xaa, 0x14d: 0xab, 0x14e: 0xac, 0x14f: 0xad,
+	0x150: 0xae, 0x151: 0xa6, 0x152: 0xa6, 0x153: 0xa6, 0x154: 0xa6, 0x155: 0xa6, 0x156: 0xa6, 0x157: 0xa6,
+	0x158: 0xa6, 0x159: 0xaf, 0x15a: 0xb0, 0x15b: 0xb1, 0x15c: 0xb2, 0x15d: 0xb3, 0x15e: 0xb4, 0x15f: 0xb5,
+	0x160: 0xb6, 0x161: 0xb7, 0x162: 0xb8, 0x163: 0xb9, 0x164: 0xba, 0x165: 0xbb, 0x166: 0xbc, 0x167: 0xbd,
+	0x168: 0xbe, 0x169: 0xbf, 0x16a: 0xc0, 0x16b: 0xc1, 0x16c: 0xc2, 0x16d: 0xc3, 0x16e: 0xc4, 0x16f: 0xc5,
+	0x170: 0xc6, 0x171: 0xc7, 0x172: 0xc8, 0x173: 0xc9, 0x174: 0x26, 0x175: 0x27, 0x176: 0x28, 0x177: 0x88,
+	0x178: 0x29, 0x179: 0x29, 0x17a: 0x2a, 0x17b: 0x29, 0x17c: 0xca, 0x17d: 0x2b, 0x17e: 0x2c, 0x17f: 0x2d,
+	// Block 0x6, offset 0x180
+	0x180: 0x2e, 0x181: 0x2f, 0x182: 0x30, 0x183: 0xcb, 0x184: 0x31, 0x185: 0x32, 0x186: 0xcc, 0x187: 0xa2,
+	0x188: 0xcd, 0x189: 0xce, 0x18a: 0xa2, 0x18b: 0xa2, 0x18c: 0xcf, 0x18d: 0xa2, 0x18e: 0xa2, 0x18f: 0xa2,
+	0x190: 0xd0, 0x191: 0x33, 0x192: 0x34, 0x193: 0x35, 0x194: 0xa2, 0x195: 0xa2, 0x196: 0xa2, 0x197: 0xa2,
+	0x198: 0xa2, 0x199: 0xa2, 0x19a: 0xa2, 0x19b: 0xa2, 0x19c: 0xa2, 0x19d: 0xa2, 0x19e: 0xa2, 0x19f: 0xa2,
+	0x1a0: 0xa2, 0x1a1: 0xa2, 0x1a2: 0xa2, 0x1a3: 0xa2, 0x1a4: 0xa2, 0x1a5: 0xa2, 0x1a6: 0xa2, 0x1a7: 0xa2,
+	0x1a8: 0xd1, 0x1a9: 0xd2, 0x1aa: 0xa2, 0x1ab: 0xd3, 0x1ac: 0xa2, 0x1ad: 0xd4, 0x1ae: 0xd5, 0x1af: 0xa2,
+	0x1b0: 0xd6, 0x1b1: 0x36, 0x1b2: 0x29, 0x1b3: 0x37, 0x1b4: 0xd7, 0x1b5: 0xd8, 0x1b6: 0xd9, 0x1b7: 0xda,
+	0x1b8: 0xdb, 0x1b9: 0xdc, 0x1ba: 0xdd, 0x1bb: 0xde, 0x1bc: 0xdf, 0x1bd: 0xe0, 0x1be: 0xe1, 0x1bf: 0x38,
+	// Block 0x7, offset 0x1c0
+	0x1c0: 0x39, 0x1c1: 0xe2, 0x1c2: 0xe3, 0x1c3: 0xe4, 0x1c4: 0xe5, 0x1c5: 0x3a, 0x1c6: 0x3b, 0x1c7: 0xe6,
+	0x1c8: 0xe7, 0x1c9: 0x3c, 0x1ca: 0x3d, 0x1cb: 0x3e, 0x1cc: 0xe8, 0x1cd: 0xe9, 0x1ce: 0x3f, 0x1cf: 0x40,
+	0x1d0: 0xa6, 0x1d1: 0xa6, 0x1d2: 0xa6, 0x1d3: 0xa6, 0x1d4: 0xa6, 0x1d5: 0xa6, 0x1d6: 0xa6, 0x1d7: 0xa6,
+	0x1d8: 0xa6, 0x1d9: 0xa6, 0x1da: 0xa6, 0x1db: 0xa6, 0x1dc: 0xa6, 0x1dd: 0xa6, 0x1de: 0xa6, 0x1df: 0xa6,
+	0x1e0: 0xa6, 0x1e1: 0xa6, 0x1e2: 0xa6, 0x1e3: 0xa6, 0x1e4: 0xa6, 0x1e5: 0xa6, 0x1e6: 0xa6, 0x1e7: 0xa6,
+	0x1e8: 0xa6, 0x1e9: 0xa6, 0x1ea: 0xa6, 0x1eb: 0xa6, 0x1ec: 0xa6, 0x1ed: 0xa6, 0x1ee: 0xa6, 0x1ef: 0xa6,
+	0x1f0: 0xa6, 0x1f1: 0xa6, 0x1f2: 0xa6, 0x1f3: 0xa6, 0x1f4: 0xa6, 0x1f5: 0xa6, 0x1f6: 0xa6, 0x1f7: 0xa6,
+	0x1f8: 0xa6, 0x1f9: 0xa6, 0x1fa: 0xa6, 0x1fb: 0xa6, 0x1fc: 0xa6, 0x1fd: 0xa6, 0x1fe: 0xa6, 0x1ff: 0xa6,
+	// Block 0x8, offset 0x200
+	0x200: 0xa6, 0x201: 0xa6, 0x202: 0xa6, 0x203: 0xa6, 0x204: 0xa6, 0x205: 0xa6, 0x206: 0xa6, 0x207: 0xa6,
+	0x208: 0xa6, 0x209: 0xa6, 0x20a: 0xa6, 0x20b: 0xa6, 0x20c: 0xa6, 0x20d: 0xa6, 0x20e: 0xa6, 0x20f: 0xa6,
+	0x210: 0xa6, 0x211: 0xa6, 0x212: 0xa6, 0x213: 0xa6, 0x214: 0xa6, 0x215: 0xa6, 0x216: 0xa6, 0x217: 0xa6,
+	0x218: 0xa6, 0x219: 0xa6, 0x21a: 0xa6, 0x21b: 0xa6, 0x21c: 0xa6, 0x21d: 0xa6, 0x21e: 0xa6, 0x21f: 0xa6,
+	0x220: 0xa6, 0x221: 0xa6, 0x222: 0xa6, 0x223: 0xa6, 0x224: 0xa6, 0x225: 0xa6, 0x226: 0xa6, 0x227: 0xa6,
+	0x228: 0xa6, 0x229: 0xa6, 0x22a: 0xa6, 0x22b: 0xa6, 0x22c: 0xa6, 0x22d: 0xa6, 0x22e: 0xa6, 0x22f: 0xa6,
+	0x230: 0xa6, 0x231: 0xa6, 0x232: 0xa6, 0x233: 0xa6, 0x234: 0xa6, 0x235: 0xa6, 0x236: 0xa6, 0x237: 0xa2,
+	0x238: 0xa6, 0x239: 0xa6, 0x23a: 0xa6, 0x23b: 0xa6, 0x23c: 0xa6, 0x23d: 0xa6, 0x23e: 0xa6, 0x23f: 0xa6,
+	// Block 0x9, offset 0x240
+	0x240: 0xa6, 0x241: 0xa6, 0x242: 0xa6, 0x243: 0xa6, 0x244: 0xa6, 0x245: 0xa6, 0x246: 0xa6, 0x247: 0xa6,
+	0x248: 0xa6, 0x249: 0xa6, 0x24a: 0xa6, 0x24b: 0xa6, 0x24c: 0xa6, 0x24d: 0xa6, 0x24e: 0xa6, 0x24f: 0xa6,
+	0x250: 0xa6, 0x251: 0xa6, 0x252: 0xa6, 0x253: 0xa6, 0x254: 0xa6, 0x255: 0xa6, 0x256: 0xa6, 0x257: 0xa6,
+	0x258: 0xa6, 0x259: 0xa6, 0x25a: 0xa6, 0x25b: 0xa6, 0x25c: 0xa6, 0x25d: 0xa6, 0x25e: 0xa6, 0x25f: 0xa6,
+	0x260: 0xa6, 0x261: 0xa6, 0x262: 0xa6, 0x263: 0xa6, 0x264: 0xa6, 0x265: 0xa6, 0x266: 0xa6, 0x267: 0xa6,
+	0x268: 0xa6, 0x269: 0xa6, 0x26a: 0xa6, 0x26b: 0xa6, 0x26c: 0xa6, 0x26d: 0xa6, 0x26e: 0xa6, 0x26f: 0xa6,
+	0x270: 0xa6, 0x271: 0xa6, 0x272: 0xa6, 0x273: 0xa6, 0x274: 0xa6, 0x275: 0xa6, 0x276: 0xa6, 0x277: 0xa6,
+	0x278: 0xa6, 0x279: 0xa6, 0x27a: 0xa6, 0x27b: 0xa6, 0x27c: 0xa6, 0x27d: 0xa6, 0x27e: 0xa6, 0x27f: 0xa6,
+	// Block 0xa, offset 0x280
+	0x280: 0xa6, 0x281: 0xa6, 0x282: 0xa6, 0x283: 0xa6, 0x284: 0xa6, 0x285: 0xa6, 0x286: 0xa6, 0x287: 0xa6,
+	0x288: 0xa6, 0x289: 0xa6, 0x28a: 0xa6, 0x28b: 0xa6, 0x28c: 0xa6, 0x28d: 0xa6, 0x28e: 0xa6, 0x28f: 0xa6,
+	0x290: 0xa6, 0x291: 0xa6, 0x292: 0xea, 0x293: 0xeb, 0x294: 0xa6, 0x295: 0xa6, 0x296: 0xa6, 0x297: 0xa6,
+	0x298: 0xec, 0x299: 0x41, 0x29a: 0x42, 0x29b: 0xed, 0x29c: 0x43, 0x29d: 0x44, 0x29e: 0x45, 0x29f: 0x46,
+	0x2a0: 0xee, 0x2a1: 0xef, 0x2a2: 0xf0, 0x2a3: 0xf1, 0x2a4: 0xf2, 0x2a5: 0xf3, 0x2a6: 0xf4, 0x2a7: 0xf5,
+	0x2a8: 0xf6, 0x2a9: 0xf7, 0x2aa: 0xf8, 0x2ab: 0xf9, 0x2ac: 0xfa, 0x2ad: 0xfb, 0x2ae: 0xfc, 0x2af: 0xfd,
+	0x2b0: 0xa6, 0x2b1: 0xa6, 0x2b2: 0xa6, 0x2b3: 0xa6, 0x2b4: 0xa6, 0x2b5: 0xa6, 0x2b6: 0xa6, 0x2b7: 0xa6,
+	0x2b8: 0xa6, 0x2b9: 0xa6, 0x2ba: 0xa6, 0x2bb: 0xa6, 0x2bc: 0xa6, 0x2bd: 0xa6, 0x2be: 0xa6, 0x2bf: 0xa6,
+	// Block 0xb, offset 0x2c0
+	0x2c0: 0xa6, 0x2c1: 0xa6, 0x2c2: 0xa6, 0x2c3: 0xa6, 0x2c4: 0xa6, 0x2c5: 0xa6, 0x2c6: 0xa6, 0x2c7: 0xa6,
+	0x2c8: 0xa6, 0x2c9: 0xa6, 0x2ca: 0xa6, 0x2cb: 0xa6, 0x2cc: 0xa6, 0x2cd: 0xa6, 0x2ce: 0xa6, 0x2cf: 0xa6,
+	0x2d0: 0xa6, 0x2d1: 0xa6, 0x2d2: 0xa6, 0x2d3: 0xa6, 0x2d4: 0xa6, 0x2d5: 0xa6, 0x2d6: 0xa6, 0x2d7: 0xa6,
+	0x2d8: 0xa6, 0x2d9: 0xa6, 0x2da: 0xa6, 0x2db: 0xa6, 0x2dc: 0xa6, 0x2dd: 0xa6, 0x2de: 0xfe, 0x2df: 0xff,
+	// Block 0xc, offset 0x300
+	0x300: 0x100, 0x301: 0x100, 0x302: 0x100, 0x303: 0x100, 0x304: 0x100, 0x305: 0x100, 0x306: 0x100, 0x307: 0x100,
+	0x308: 0x100, 0x309: 0x100, 0x30a: 0x100, 0x30b: 0x100, 0x30c: 0x100, 0x30d: 0x100, 0x30e: 0x100, 0x30f: 0x100,
+	0x310: 0x100, 0x311: 0x100, 0x312: 0x100, 0x313: 0x100, 0x314: 0x100, 0x315: 0x100, 0x316: 0x100, 0x317: 0x100,
+	0x318: 0x100, 0x319: 0x100, 0x31a: 0x100, 0x31b: 0x100, 0x31c: 0x100, 0x31d: 0x100, 0x31e: 0x100, 0x31f: 0x100,
+	0x320: 0x100, 0x321: 0x100, 0x322: 0x100, 0x323: 0x100, 0x324: 0x100, 0x325: 0x100, 0x326: 0x100, 0x327: 0x100,
+	0x328: 0x100, 0x329: 0x100, 0x32a: 0x100, 0x32b: 0x100, 0x32c: 0x100, 0x32d: 0x100, 0x32e: 0x100, 0x32f: 0x100,
+	0x330: 0x100, 0x331: 0x100, 0x332: 0x100, 0x333: 0x100, 0x334: 0x100, 0x335: 0x100, 0x336: 0x100, 0x337: 0x100,
+	0x338: 0x100, 0x339: 0x100, 0x33a: 0x100, 0x33b: 0x100, 0x33c: 0x100, 0x33d: 0x100, 0x33e: 0x100, 0x33f: 0x100,
+	// Block 0xd, offset 0x340
+	0x340: 0x100, 0x341: 0x100, 0x342: 0x100, 0x343: 0x100, 0x344: 0x100, 0x345: 0x100, 0x346: 0x100, 0x347: 0x100,
+	0x348: 0x100, 0x349: 0x100, 0x34a: 0x100, 0x34b: 0x100, 0x34c: 0x100, 0x34d: 0x100, 0x34e: 0x100, 0x34f: 0x100,
+	0x350: 0x100, 0x351: 0x100, 0x352: 0x100, 0x353: 0x100, 0x354: 0x100, 0x355: 0x100, 0x356: 0x100, 0x357: 0x100,
+	0x358: 0x100, 0x359: 0x100, 0x35a: 0x100, 0x35b: 0x100, 0x35c: 0x100, 0x35d: 0x100, 0x35e: 0x100, 0x35f: 0x100,
+	0x360: 0x100, 0x361: 0x100, 0x362: 0x100, 0x363: 0x100, 0x364: 0x101, 0x365: 0x102, 0x366: 0x103, 0x367: 0x104,
+	0x368: 0x47, 0x369: 0x105, 0x36a: 0x106, 0x36b: 0x48, 0x36c: 0x49, 0x36d: 0x4a, 0x36e: 0x4b, 0x36f: 0x4c,
+	0x370: 0x107, 0x371: 0x4d, 0x372: 0x4e, 0x373: 0x4f, 0x374: 0x50, 0x375: 0x51, 0x376: 0x108, 0x377: 0x52,
+	0x378: 0x53, 0x379: 0x54, 0x37a: 0x55, 0x37b: 0x56, 0x37c: 0x57, 0x37d: 0x58, 0x37e: 0x59, 0x37f: 0x5a,
+	// Block 0xe, offset 0x380
+	0x380: 0x109, 0x381: 0x10a, 0x382: 0xa6, 0x383: 0x10b, 0x384: 0x10c, 0x385: 0xa2, 0x386: 0x10d, 0x387: 0x10e,
+	0x388: 0x100, 0x389: 0x100, 0x38a: 0x10f, 0x38b: 0x110, 0x38c: 0x111, 0x38d: 0x112, 0x38e: 0x113, 0x38f: 0x114,
+	0x390: 0x115, 0x391: 0xa6, 0x392: 0x116, 0x393: 0x117, 0x394: 0x118, 0x395: 0x5b, 0x396: 0x5c, 0x397: 0x100,
+	0x398: 0xa6, 0x399: 0xa6, 0x39a: 0xa6, 0x39b: 0xa6, 0x39c: 0x119, 0x39d: 0x11a, 0x39e: 0x5d, 0x39f: 0x100,
+	0x3a0: 0x11b, 0x3a1: 0x11c, 0x3a2: 0x11d, 0x3a3: 0x11e, 0x3a4: 0x11f, 0x3a5: 0x100, 0x3a6: 0x120, 0x3a7: 0x121,
+	0x3a8: 0x122, 0x3a9: 0x123, 0x3aa: 0x124, 0x3ab: 0x5e, 0x3ac: 0x125, 0x3ad: 0x126, 0x3ae: 0x5f, 0x3af: 0x100,
+	0x3b0: 0x127, 0x3b1: 0x128, 0x3b2: 0x129, 0x3b3: 0x12a, 0x3b4: 0x12b, 0x3b5: 0x100, 0x3b6: 0x100, 0x3b7: 0x100,
+	0x3b8: 0x100, 0x3b9: 0x12c, 0x3ba: 0x12d, 0x3bb: 0x12e, 0x3bc: 0x12f, 0x3bd: 0x130, 0x3be: 0x131, 0x3bf: 0x132,
+	// Block 0xf, offset 0x3c0
+	0x3c0: 0x133, 0x3c1: 0x134, 0x3c2: 0x135, 0x3c3: 0x136, 0x3c4: 0x137, 0x3c5: 0x138, 0x3c6: 0x139, 0x3c7: 0x13a,
+	0x3c8: 0x13b, 0x3c9: 0x13c, 0x3ca: 0x13d, 0x3cb: 0x13e, 0x3cc: 0x60, 0x3cd: 0x61, 0x3ce: 0x100, 0x3cf: 0x100,
+	0x3d0: 0x13f, 0x3d1: 0x140, 0x3d2: 0x141, 0x3d3: 0x142, 0x3d4: 0x100, 0x3d5: 0x100, 0x3d6: 0x143, 0x3d7: 0x144,
+	0x3d8: 0x145, 0x3d9: 0x146, 0x3da: 0x147, 0x3db: 0x148, 0x3dc: 0x149, 0x3dd: 0x14a, 0x3de: 0x100, 0x3df: 0x100,
+	0x3e0: 0x14b, 0x3e1: 0x100, 0x3e2: 0x14c, 0x3e3: 0x14d, 0x3e4: 0x62, 0x3e5: 0x14e, 0x3e6: 0x14f, 0x3e7: 0x150,
+	0x3e8: 0x151, 0x3e9: 0x152, 0x3ea: 0x153, 0x3eb: 0x154, 0x3ec: 0x155, 0x3ed: 0x100, 0x3ee: 0x100, 0x3ef: 0x100,
+	0x3f0: 0x156, 0x3f1: 0x157, 0x3f2: 0x158, 0x3f3: 0x100, 0x3f4: 0x159, 0x3f5: 0x15a, 0x3f6: 0x15b, 0x3f7: 0x100,
+	0x3f8: 0x100, 0x3f9: 0x100, 0x3fa: 0x100, 0x3fb: 0x15c, 0x3fc: 0x15d, 0x3fd: 0x15e, 0x3fe: 0x15f, 0x3ff: 0x160,
+	// Block 0x10, offset 0x400
+	0x400: 0xa6, 0x401: 0xa6, 0x402: 0xa6, 0x403: 0xa6, 0x404: 0xa6, 0x405: 0xa6, 0x406: 0xa6, 0x407: 0xa6,
+	0x408: 0xa6, 0x409: 0xa6, 0x40a: 0xa6, 0x40b: 0xa6, 0x40c: 0xa6, 0x40d: 0xa6, 0x40e: 0x161, 0x40f: 0x100,
+	0x410: 0xa2, 0x411: 0x162, 0x412: 0xa6, 0x413: 0xa6, 0x414: 0xa6, 0x415: 0x163, 0x416: 0x100, 0x417: 0x100,
+	0x418: 0x100, 0x419: 0x100, 0x41a: 0x100, 0x41b: 0x100, 0x41c: 0x100, 0x41d: 0x100, 0x41e: 0x100, 0x41f: 0x100,
+	0x420: 0x100, 0x421: 0x100, 0x422: 0x100, 0x423: 0x100, 0x424: 0x100, 0x425: 0x100, 0x426: 0x100, 0x427: 0x100,
+	0x428: 0x100, 0x429: 0x100, 0x42a: 0x100, 0x42b: 0x100, 0x42c: 0x100, 0x42d: 0x100, 0x42e: 0x100, 0x42f: 0x100,
+	0x430: 0x100, 0x431: 0x100, 0x432: 0x100, 0x433: 0x100, 0x434: 0x100, 0x435: 0x100, 0x436: 0x100, 0x437: 0x100,
+	0x438: 0x100, 0x439: 0x100, 0x43a: 0x100, 0x43b: 0x100, 0x43c: 0x100, 0x43d: 0x100, 0x43e: 0x164, 0x43f: 0x165,
+	// Block 0x11, offset 0x440
+	0x440: 0xa6, 0x441: 0xa6, 0x442: 0xa6, 0x443: 0xa6, 0x444: 0xa6, 0x445: 0xa6, 0x446: 0xa6, 0x447: 0xa6,
+	0x448: 0xa6, 0x449: 0xa6, 0x44a: 0xa6, 0x44b: 0xa6, 0x44c: 0xa6, 0x44d: 0xa6, 0x44e: 0xa6, 0x44f: 0xa6,
+	0x450: 0x166, 0x451: 0x167, 0x452: 0x100, 0x453: 0x100, 0x454: 0x100, 0x455: 0x100, 0x456: 0x100, 0x457: 0x100,
+	0x458: 0x100, 0x459: 0x100, 0x45a: 0x100, 0x45b: 0x100, 0x45c: 0x100, 0x45d: 0x100, 0x45e: 0x100, 0x45f: 0x100,
+	0x460: 0x100, 0x461: 0x100, 0x462: 0x100, 0x463: 0x100, 0x464: 0x100, 0x465: 0x100, 0x466: 0x100, 0x467: 0x100,
+	0x468: 0x100, 0x469: 0x100, 0x46a: 0x100, 0x46b: 0x100, 0x46c: 0x100, 0x46d: 0x100, 0x46e: 0x100, 0x46f: 0x100,
+	0x470: 0x100, 0x471: 0x100, 0x472: 0x100, 0x473: 0x100, 0x474: 0x100, 0x475: 0x100, 0x476: 0x100, 0x477: 0x100,
+	0x478: 0x100, 0x479: 0x100, 0x47a: 0x100, 0x47b: 0x100, 0x47c: 0x100, 0x47d: 0x100, 0x47e: 0x100, 0x47f: 0x100,
+	// Block 0x12, offset 0x480
+	0x480: 0x100, 0x481: 0x100, 0x482: 0x100, 0x483: 0x100, 0x484: 0x100, 0x485: 0x100, 0x486: 0x100, 0x487: 0x100,
+	0x488: 0x100, 0x489: 0x100, 0x48a: 0x100, 0x48b: 0x100, 0x48c: 0x100, 0x48d: 0x100, 0x48e: 0x100, 0x48f: 0x100,
+	0x490: 0xa6, 0x491: 0xa6, 0x492: 0xa6, 0x493: 0xa6, 0x494: 0xa6, 0x495: 0xa6, 0x496: 0xa6, 0x497: 0xa6,
+	0x498: 0xa6, 0x499: 0x14a, 0x49a: 0x100, 0x49b: 0x100, 0x49c: 0x100, 0x49d: 0x100, 0x49e: 0x100, 0x49f: 0x100,
+	0x4a0: 0x100, 0x4a1: 0x100, 0x4a2: 0x100, 0x4a3: 0x100, 0x4a4: 0x100, 0x4a5: 0x100, 0x4a6: 0x100, 0x4a7: 0x100,
+	0x4a8: 0x100, 0x4a9: 0x100, 0x4aa: 0x100, 0x4ab: 0x100, 0x4ac: 0x100, 0x4ad: 0x100, 0x4ae: 0x100, 0x4af: 0x100,
+	0x4b0: 0x100, 0x4b1: 0x100, 0x4b2: 0x100, 0x4b3: 0x100, 0x4b4: 0x100, 0x4b5: 0x100, 0x4b6: 0x100, 0x4b7: 0x100,
+	0x4b8: 0x100, 0x4b9: 0x100, 0x4ba: 0x100, 0x4bb: 0x100, 0x4bc: 0x100, 0x4bd: 0x100, 0x4be: 0x100, 0x4bf: 0x100,
+	// Block 0x13, offset 0x4c0
+	0x4c0: 0x100, 0x4c1: 0x100, 0x4c2: 0x100, 0x4c3: 0x100, 0x4c4: 0x100, 0x4c5: 0x100, 0x4c6: 0x100, 0x4c7: 0x100,
+	0x4c8: 0x100, 0x4c9: 0x100, 0x4ca: 0x100, 0x4cb: 0x100, 0x4cc: 0x100, 0x4cd: 0x100, 0x4ce: 0x100, 0x4cf: 0x100,
+	0x4d0: 0x100, 0x4d1: 0x100, 0x4d2: 0x100, 0x4d3: 0x100, 0x4d4: 0x100, 0x4d5: 0x100, 0x4d6: 0x100, 0x4d7: 0x100,
+	0x4d8: 0x100, 0x4d9: 0x100, 0x4da: 0x100, 0x4db: 0x100, 0x4dc: 0x100, 0x4dd: 0x100, 0x4de: 0x100, 0x4df: 0x100,
+	0x4e0: 0xa6, 0x4e1: 0xa6, 0x4e2: 0xa6, 0x4e3: 0xa6, 0x4e4: 0xa6, 0x4e5: 0xa6, 0x4e6: 0xa6, 0x4e7: 0xa6,
+	0x4e8: 0x154, 0x4e9: 0x168, 0x4ea: 0x169, 0x4eb: 0x16a, 0x4ec: 0x16b, 0x4ed: 0x16c, 0x4ee: 0x16d, 0x4ef: 0x100,
+	0x4f0: 0x100, 0x4f1: 0x100, 0x4f2: 0x100, 0x4f3: 0x100, 0x4f4: 0x100, 0x4f5: 0x100, 0x4f6: 0x100, 0x4f7: 0x100,
+	0x4f8: 0x100, 0x4f9: 0x16e, 0x4fa: 0x16f, 0x4fb: 0x100, 0x4fc: 0xa6, 0x4fd: 0x170, 0x4fe: 0x171, 0x4ff: 0x172,
+	// Block 0x14, offset 0x500
+	0x500: 0xa6, 0x501: 0xa6, 0x502: 0xa6, 0x503: 0xa6, 0x504: 0xa6, 0x505: 0xa6, 0x506: 0xa6, 0x507: 0xa6,
+	0x508: 0xa6, 0x509: 0xa6, 0x50a: 0xa6, 0x50b: 0xa6, 0x50c: 0xa6, 0x50d: 0xa6, 0x50e: 0xa6, 0x50f: 0xa6,
+	0x510: 0xa6, 0x511: 0xa6, 0x512: 0xa6, 0x513: 0xa6, 0x514: 0xa6, 0x515: 0xa6, 0x516: 0xa6, 0x517: 0xa6,
+	0x518: 0xa6, 0x519: 0xa6, 0x51a: 0xa6, 0x51b: 0xa6, 0x51c: 0xa6, 0x51d: 0xa6, 0x51e: 0xa6, 0x51f: 0x173,
+	0x520: 0xa6, 0x521: 0xa6, 0x522: 0xa6, 0x523: 0xa6, 0x524: 0xa6, 0x525: 0xa6, 0x526: 0xa6, 0x527: 0xa6,
+	0x528: 0xa6, 0x529: 0xa6, 0x52a: 0xa6, 0x52b: 0xa6, 0x52c: 0xa6, 0x52d: 0xa6, 0x52e: 0xa6, 0x52f: 0xa6,
+	0x530: 0xa6, 0x531: 0xa6, 0x532: 0xa6, 0x533: 0x174, 0x534: 0x175, 0x535: 0x100, 0x536: 0x100, 0x537: 0x100,
+	0x538: 0x100, 0x539: 0x100, 0x53a: 0x100, 0x53b: 0x100, 0x53c: 0x100, 0x53d: 0x100, 0x53e: 0x100, 0x53f: 0x100,
+	// Block 0x15, offset 0x540
+	0x540: 0x100, 0x541: 0x100, 0x542: 0x100, 0x543: 0x100, 0x544: 0x100, 0x545: 0x100, 0x546: 0x100, 0x547: 0x100,
+	0x548: 0x100, 0x549: 0x100, 0x54a: 0x100, 0x54b: 0x100, 0x54c: 0x100, 0x54d: 0x100, 0x54e: 0x100, 0x54f: 0x100,
+	0x550: 0x100, 0x551: 0x100, 0x552: 0x100, 0x553: 0x100, 0x554: 0x100, 0x555: 0x100, 0x556: 0x100, 0x557: 0x100,
+	0x558: 0x100, 0x559: 0x100, 0x55a: 0x100, 0x55b: 0x100, 0x55c: 0x100, 0x55d: 0x100, 0x55e: 0x100, 0x55f: 0x100,
+	0x560: 0x100, 0x561: 0x100, 0x562: 0x100, 0x563: 0x100, 0x564: 0x100, 0x565: 0x100, 0x566: 0x100, 0x567: 0x100,
+	0x568: 0x100, 0x569: 0x100, 0x56a: 0x100, 0x56b: 0x100, 0x56c: 0x100, 0x56d: 0x100, 0x56e: 0x100, 0x56f: 0x100,
+	0x570: 0x100, 0x571: 0x100, 0x572: 0x100, 0x573: 0x100, 0x574: 0x100, 0x575: 0x100, 0x576: 0x100, 0x577: 0x100,
+	0x578: 0x100, 0x579: 0x100, 0x57a: 0x100, 0x57b: 0x100, 0x57c: 0x100, 0x57d: 0x100, 0x57e: 0x100, 0x57f: 0x176,
+	// Block 0x16, offset 0x580
+	0x580: 0xa6, 0x581: 0xa6, 0x582: 0xa6, 0x583: 0xa6, 0x584: 0x177, 0x585: 0x178, 0x586: 0xa6, 0x587: 0xa6,
+	0x588: 0xa6, 0x589: 0xa6, 0x58a: 0xa6, 0x58b: 0x179, 0x58c: 0x100, 0x58d: 0x100, 0x58e: 0x100, 0x58f: 0x100,
+	0x590: 0x100, 0x591: 0x100, 0x592: 0x100, 0x593: 0x100, 0x594: 0x100, 0x595: 0x100, 0x596: 0x100, 0x597: 0x100,
+	0x598: 0x100, 0x599: 0x100, 0x59a: 0x100, 0x59b: 0x100, 0x59c: 0x100, 0x59d: 0x100, 0x59e: 0x100, 0x59f: 0x100,
+	0x5a0: 0x100, 0x5a1: 0x100, 0x5a2: 0x100, 0x5a3: 0x100, 0x5a4: 0x100, 0x5a5: 0x100, 0x5a6: 0x100, 0x5a7: 0x100,
+	0x5a8: 0x100, 0x5a9: 0x100, 0x5aa: 0x100, 0x5ab: 0x100, 0x5ac: 0x100, 0x5ad: 0x100, 0x5ae: 0x100, 0x5af: 0x100,
+	0x5b0: 0xa6, 0x5b1: 0x17a, 0x5b2: 0x17b, 0x5b3: 0x100, 0x5b4: 0x100, 0x5b5: 0x100, 0x5b6: 0x100, 0x5b7: 0x100,
+	0x5b8: 0x100, 0x5b9: 0x100, 0x5ba: 0x100, 0x5bb: 0x100, 0x5bc: 0x100, 0x5bd: 0x100, 0x5be: 0x100, 0x5bf: 0x100,
+	// Block 0x17, offset 0x5c0
+	0x5c0: 0x100, 0x5c1: 0x100, 0x5c2: 0x100, 0x5c3: 0x100, 0x5c4: 0x100, 0x5c5: 0x100, 0x5c6: 0x100, 0x5c7: 0x100,
+	0x5c8: 0x100, 0x5c9: 0x100, 0x5ca: 0x100, 0x5cb: 0x100, 0x5cc: 0x100, 0x5cd: 0x100, 0x5ce: 0x100, 0x5cf: 0x100,
+	0x5d0: 0x100, 0x5d1: 0x100, 0x5d2: 0x100, 0x5d3: 0x100, 0x5d4: 0x100, 0x5d5: 0x100, 0x5d6: 0x100, 0x5d7: 0x100,
+	0x5d8: 0x100, 0x5d9: 0x100, 0x5da: 0x100, 0x5db: 0x100, 0x5dc: 0x100, 0x5dd: 0x100, 0x5de: 0x100, 0x5df: 0x100,
+	0x5e0: 0x100, 0x5e1: 0x100, 0x5e2: 0x100, 0x5e3: 0x100, 0x5e4: 0x100, 0x5e5: 0x100, 0x5e6: 0x100, 0x5e7: 0x100,
+	0x5e8: 0x100, 0x5e9: 0x100, 0x5ea: 0x100, 0x5eb: 0x100, 0x5ec: 0x100, 0x5ed: 0x100, 0x5ee: 0x100, 0x5ef: 0x100,
+	0x5f0: 0x100, 0x5f1: 0x100, 0x5f2: 0x100, 0x5f3: 0x100, 0x5f4: 0x100, 0x5f5: 0x100, 0x5f6: 0x100, 0x5f7: 0x100,
+	0x5f8: 0x100, 0x5f9: 0x100, 0x5fa: 0x100, 0x5fb: 0x100, 0x5fc: 0x17c, 0x5fd: 0x17d, 0x5fe: 0xa2, 0x5ff: 0x17e,
+	// Block 0x18, offset 0x600
+	0x600: 0xa2, 0x601: 0xa2, 0x602: 0xa2, 0x603: 0x17f, 0x604: 0x180, 0x605: 0x181, 0x606: 0x182, 0x607: 0x183,
+	0x608: 0xa2, 0x609: 0x184, 0x60a: 0x100, 0x60b: 0x185, 0x60c: 0xa2, 0x60d: 0x186, 0x60e: 0x100, 0x60f: 0x100,
+	0x610: 0x63, 0x611: 0x64, 0x612: 0x65, 0x613: 0x66, 0x614: 0x67, 0x615: 0x68, 0x616: 0x69, 0x617: 0x6a,
+	0x618: 0x6b, 0x619: 0x6c, 0x61a: 0x6d, 0x61b: 0x6e, 0x61c: 0x6f, 0x61d: 0x70, 0x61e: 0x71, 0x61f: 0x72,
+	0x620: 0xa2, 0x621: 0xa2, 0x622: 0xa2, 0x623: 0xa2, 0x624: 0xa2, 0x625: 0xa2, 0x626: 0xa2, 0x627: 0xa2,
+	0x628: 0x187, 0x629: 0x188, 0x62a: 0x189, 0x62b: 0x100, 0x62c: 0x100, 0x62d: 0x100, 0x62e: 0x100, 0x62f: 0x100,
+	0x630: 0x100, 0x631: 0x100, 0x632: 0x100, 0x633: 0x100, 0x634: 0x100, 0x635: 0x100, 0x636: 0x100, 0x637: 0x100,
+	0x638: 0x100, 0x639: 0x100, 0x63a: 0x100, 0x63b: 0x100, 0x63c: 0x18a, 0x63d: 0x100, 0x63e: 0x100, 0x63f: 0x100,
+	// Block 0x19, offset 0x640
+	0x640: 0x73, 0x641: 0x74, 0x642: 0x18b, 0x643: 0x100, 0x644: 0x18c, 0x645: 0x18d, 0x646: 0x100, 0x647: 0x100,
+	0x648: 0x100, 0x649: 0x100, 0x64a: 0x18e, 0x64b: 0x18f, 0x64c: 0x100, 0x64d: 0x100, 0x64e: 0x100, 0x64f: 0x100,
+	0x650: 0x100, 0x651: 0x100, 0x652: 0x100, 0x653: 0x190, 0x654: 0x100, 0x655: 0x100, 0x656: 0x100, 0x657: 0x100,
+	0x658: 0x100, 0x659: 0x100, 0x65a: 0x100, 0x65b: 0x100, 0x65c: 0x100, 0x65d: 0x100, 0x65e: 0x100, 0x65f: 0x191,
+	0x660: 0x127, 0x661: 0x127, 0x662: 0x127, 0x663: 0x192, 0x664: 0x75, 0x665: 0x193, 0x666: 0x100, 0x667: 0x100,
+	0x668: 0x100, 0x669: 0x100, 0x66a: 0x100, 0x66b: 0x100, 0x66c: 0x100, 0x66d: 0x100, 0x66e: 0x100, 0x66f: 0x100,
+	0x670: 0x100, 0x671: 0x194, 0x672: 0x195, 0x673: 0x100, 0x674: 0x196, 0x675: 0x100, 0x676: 0x100, 0x677: 0x100,
+	0x678: 0x76, 0x679: 0x77, 0x67a: 0x78, 0x67b: 0x197, 0x67c: 0x100, 0x67d: 0x100, 0x67e: 0x100, 0x67f: 0x100,
+	// Block 0x1a, offset 0x680
+	0x680: 0x198, 0x681: 0xa2, 0x682: 0x199, 0x683: 0x19a, 0x684: 0x79, 0x685: 0x7a, 0x686: 0x19b, 0x687: 0x19c,
+	0x688: 0x7b, 0x689: 0x19d, 0x68a: 0x100, 0x68b: 0x100, 0x68c: 0xa2, 0x68d: 0xa2, 0x68e: 0xa2, 0x68f: 0xa2,
+	0x690: 0xa2, 0x691: 0xa2, 0x692: 0xa2, 0x693: 0xa2, 0x694: 0xa2, 0x695: 0xa2, 0x696: 0xa2, 0x697: 0xa2,
+	0x698: 0xa2, 0x699: 0xa2, 0x69a: 0xa2, 0x69b: 0x19e, 0x69c: 0xa2, 0x69d: 0x19f, 0x69e: 0xa2, 0x69f: 0x1a0,
+	0x6a0: 0x1a1, 0x6a1: 0x1a2, 0x6a2: 0x1a3, 0x6a3: 0x100, 0x6a4: 0xa2, 0x6a5: 0xa2, 0x6a6: 0xa2, 0x6a7: 0xa2,
+	0x6a8: 0xa2, 0x6a9: 0x1a4, 0x6aa: 0x1a5, 0x6ab: 0x1a6, 0x6ac: 0xa2, 0x6ad: 0xa2, 0x6ae: 0x1a7, 0x6af: 0x1a8,
+	0x6b0: 0x100, 0x6b1: 0x100, 0x6b2: 0x100, 0x6b3: 0x100, 0x6b4: 0x100, 0x6b5: 0x100, 0x6b6: 0x100, 0x6b7: 0x100,
+	0x6b8: 0x100, 0x6b9: 0x100, 0x6ba: 0x100, 0x6bb: 0x100, 0x6bc: 0x100, 0x6bd: 0x100, 0x6be: 0x100, 0x6bf: 0x100,
+	// Block 0x1b, offset 0x6c0
+	0x6c0: 0xa6, 0x6c1: 0xa6, 0x6c2: 0xa6, 0x6c3: 0xa6, 0x6c4: 0xa6, 0x6c5: 0xa6, 0x6c6: 0xa6, 0x6c7: 0xa6,
+	0x6c8: 0xa6, 0x6c9: 0xa6, 0x6ca: 0xa6, 0x6cb: 0xa6, 0x6cc: 0xa6, 0x6cd: 0xa6, 0x6ce: 0xa6, 0x6cf: 0xa6,
+	0x6d0: 0xa6, 0x6d1: 0xa6, 0x6d2: 0xa6, 0x6d3: 0xa6, 0x6d4: 0xa6, 0x6d5: 0xa6, 0x6d6: 0xa6, 0x6d7: 0xa6,
+	0x6d8: 0xa6, 0x6d9: 0xa6, 0x6da: 0xa6, 0x6db: 0x1a9, 0x6dc: 0xa6, 0x6dd: 0xa6, 0x6de: 0xa6, 0x6df: 0xa6,
+	0x6e0: 0xa6, 0x6e1: 0xa6, 0x6e2: 0xa6, 0x6e3: 0xa6, 0x6e4: 0xa6, 0x6e5: 0xa6, 0x6e6: 0xa6, 0x6e7: 0xa6,
+	0x6e8: 0xa6, 0x6e9: 0xa6, 0x6ea: 0xa6, 0x6eb: 0xa6, 0x6ec: 0xa6, 0x6ed: 0xa6, 0x6ee: 0xa6, 0x6ef: 0xa6,
+	0x6f0: 0xa6, 0x6f1: 0xa6, 0x6f2: 0xa6, 0x6f3: 0xa6, 0x6f4: 0xa6, 0x6f5: 0xa6, 0x6f6: 0xa6, 0x6f7: 0xa6,
+	0x6f8: 0xa6, 0x6f9: 0xa6, 0x6fa: 0xa6, 0x6fb: 0xa6, 0x6fc: 0xa6, 0x6fd: 0xa6, 0x6fe: 0xa6, 0x6ff: 0xa6,
+	// Block 0x1c, offset 0x700
+	0x700: 0xa6, 0x701: 0xa6, 0x702: 0xa6, 0x703: 0xa6, 0x704: 0xa6, 0x705: 0xa6, 0x706: 0xa6, 0x707: 0xa6,
+	0x708: 0xa6, 0x709: 0xa6, 0x70a: 0xa6, 0x70b: 0xa6, 0x70c: 0xa6, 0x70d: 0xa6, 0x70e: 0xa6, 0x70f: 0xa6,
+	0x710: 0xa6, 0x711: 0xa6, 0x712: 0xa6, 0x713: 0xa6, 0x714: 0xa6, 0x715: 0xa6, 0x716: 0xa6, 0x717: 0xa6,
+	0x718: 0xa6, 0x719: 0xa6, 0x71a: 0xa6, 0x71b: 0xa6, 0x71c: 0x1aa, 0x71d: 0xa6, 0x71e: 0xa6, 0x71f: 0xa6,
+	0x720: 0x1ab, 0x721: 0xa6, 0x722: 0xa6, 0x723: 0xa6, 0x724: 0xa6, 0x725: 0xa6, 0x726: 0xa6, 0x727: 0xa6,
+	0x728: 0xa6, 0x729: 0xa6, 0x72a: 0xa6, 0x72b: 0xa6, 0x72c: 0xa6, 0x72d: 0xa6, 0x72e: 0xa6, 0x72f: 0xa6,
+	0x730: 0xa6, 0x731: 0xa6, 0x732: 0xa6, 0x733: 0xa6, 0x734: 0xa6, 0x735: 0xa6, 0x736: 0xa6, 0x737: 0xa6,
+	0x738: 0xa6, 0x739: 0xa6, 0x73a: 0xa6, 0x73b: 0xa6, 0x73c: 0xa6, 0x73d: 0xa6, 0x73e: 0xa6, 0x73f: 0xa6,
+	// Block 0x1d, offset 0x740
+	0x740: 0xa6, 0x741: 0xa6, 0x742: 0xa6, 0x743: 0xa6, 0x744: 0xa6, 0x745: 0xa6, 0x746: 0xa6, 0x747: 0xa6,
+	0x748: 0xa6, 0x749: 0xa6, 0x74a: 0xa6, 0x74b: 0xa6, 0x74c: 0xa6, 0x74d: 0xa6, 0x74e: 0xa6, 0x74f: 0xa6,
+	0x750: 0xa6, 0x751: 0xa6, 0x752: 0xa6, 0x753: 0xa6, 0x754: 0xa6, 0x755: 0xa6, 0x756: 0xa6, 0x757: 0xa6,
+	0x758: 0xa6, 0x759: 0xa6, 0x75a: 0xa6, 0x75b: 0xa6, 0x75c: 0xa6, 0x75d: 0xa6, 0x75e: 0xa6, 0x75f: 0xa6,
+	0x760: 0xa6, 0x761: 0xa6, 0x762: 0xa6, 0x763: 0xa6, 0x764: 0xa6, 0x765: 0xa6, 0x766: 0xa6, 0x767: 0xa6,
+	0x768: 0xa6, 0x769: 0xa6, 0x76a: 0xa6, 0x76b: 0xa6, 0x76c: 0xa6, 0x76d: 0xa6, 0x76e: 0xa6, 0x76f: 0xa6,
+	0x770: 0xa6, 0x771: 0xa6, 0x772: 0xa6, 0x773: 0xa6, 0x774: 0xa6, 0x775: 0xa6, 0x776: 0xa6, 0x777: 0xa6,
+	0x778: 0xa6, 0x779: 0xa6, 0x77a: 0x1ac, 0x77b: 0xa6, 0x77c: 0xa6, 0x77d: 0xa6, 0x77e: 0xa6, 0x77f: 0xa6,
+	// Block 0x1e, offset 0x780
+	0x780: 0xa6, 0x781: 0xa6, 0x782: 0xa6, 0x783: 0xa6, 0x784: 0xa6, 0x785: 0xa6, 0x786: 0xa6, 0x787: 0xa6,
+	0x788: 0xa6, 0x789: 0xa6, 0x78a: 0xa6, 0x78b: 0xa6, 0x78c: 0xa6, 0x78d: 0xa6, 0x78e: 0xa6, 0x78f: 0xa6,
+	0x790: 0xa6, 0x791: 0xa6, 0x792: 0xa6, 0x793: 0xa6, 0x794: 0xa6, 0x795: 0xa6, 0x796: 0xa6, 0x797: 0xa6,
+	0x798: 0xa6, 0x799: 0xa6, 0x79a: 0xa6, 0x79b: 0xa6, 0x79c: 0xa6, 0x79d: 0xa6, 0x79e: 0xa6, 0x79f: 0xa6,
+	0x7a0: 0xa6, 0x7a1: 0xa6, 0x7a2: 0xa6, 0x7a3: 0xa6, 0x7a4: 0xa6, 0x7a5: 0xa6, 0x7a6: 0xa6, 0x7a7: 0xa6,
+	0x7a8: 0xa6, 0x7a9: 0xa6, 0x7aa: 0xa6, 0x7ab: 0xa6, 0x7ac: 0xa6, 0x7ad: 0xa6, 0x7ae: 0xa6, 0x7af: 0x1ad,
+	0x7b0: 0x100, 0x7b1: 0x100, 0x7b2: 0x100, 0x7b3: 0x100, 0x7b4: 0x100, 0x7b5: 0x100, 0x7b6: 0x100, 0x7b7: 0x100,
+	0x7b8: 0x100, 0x7b9: 0x100, 0x7ba: 0x100, 0x7bb: 0x100, 0x7bc: 0x100, 0x7bd: 0x100, 0x7be: 0x100, 0x7bf: 0x100,
+	// Block 0x1f, offset 0x7c0
+	0x7c0: 0x100, 0x7c1: 0x100, 0x7c2: 0x100, 0x7c3: 0x100, 0x7c4: 0x100, 0x7c5: 0x100, 0x7c6: 0x100, 0x7c7: 0x100,
+	0x7c8: 0x100, 0x7c9: 0x100, 0x7ca: 0x100, 0x7cb: 0x100, 0x7cc: 0x100, 0x7cd: 0x100, 0x7ce: 0x100, 0x7cf: 0x100,
+	0x7d0: 0x100, 0x7d1: 0x100, 0x7d2: 0x100, 0x7d3: 0x100, 0x7d4: 0x100, 0x7d5: 0x100, 0x7d6: 0x100, 0x7d7: 0x100,
+	0x7d8: 0x100, 0x7d9: 0x100, 0x7da: 0x100, 0x7db: 0x100, 0x7dc: 0x100, 0x7dd: 0x100, 0x7de: 0x100, 0x7df: 0x100,
+	0x7e0: 0x7c, 0x7e1: 0x7d, 0x7e2: 0x7e, 0x7e3: 0x7f, 0x7e4: 0x80, 0x7e5: 0x81, 0x7e6: 0x82, 0x7e7: 0x83,
+	0x7e8: 0x84, 0x7e9: 0x100, 0x7ea: 0x100, 0x7eb: 0x100, 0x7ec: 0x100, 0x7ed: 0x100, 0x7ee: 0x100, 0x7ef: 0x100,
+	0x7f0: 0x100, 0x7f1: 0x100, 0x7f2: 0x100, 0x7f3: 0x100, 0x7f4: 0x100, 0x7f5: 0x100, 0x7f6: 0x100, 0x7f7: 0x100,
+	0x7f8: 0x100, 0x7f9: 0x100, 0x7fa: 0x100, 0x7fb: 0x100, 0x7fc: 0x100, 0x7fd: 0x100, 0x7fe: 0x100, 0x7ff: 0x100,
+	// Block 0x20, offset 0x800
+	0x800: 0xa6, 0x801: 0xa6, 0x802: 0xa6, 0x803: 0xa6, 0x804: 0xa6, 0x805: 0xa6, 0x806: 0xa6, 0x807: 0xa6,
+	0x808: 0xa6, 0x809: 0xa6, 0x80a: 0xa6, 0x80b: 0xa6, 0x80c: 0xa6, 0x80d: 0x1ae, 0x80e: 0xa6, 0x80f: 0xa6,
+	0x810: 0xa6, 0x811: 0xa6, 0x812: 0xa6, 0x813: 0xa6, 0x814: 0xa6, 0x815: 0xa6, 0x816: 0xa6, 0x817: 0xa6,
+	0x818: 0xa6, 0x819: 0xa6, 0x81a: 0xa6, 0x81b: 0xa6, 0x81c: 0xa6, 0x81d: 0xa6, 0x81e: 0xa6, 0x81f: 0xa6,
+	0x820: 0xa6, 0x821: 0xa6, 0x822: 0xa6, 0x823: 0xa6, 0x824: 0xa6, 0x825: 0xa6, 0x826: 0xa6, 0x827: 0xa6,
+	0x828: 0xa6, 0x829: 0xa6, 0x82a: 0xa6, 0x82b: 0xa6, 0x82c: 0xa6, 0x82d: 0xa6, 0x82e: 0xa6, 0x82f: 0xa6,
+	0x830: 0xa6, 0x831: 0xa6, 0x832: 0xa6, 0x833: 0xa6, 0x834: 0xa6, 0x835: 0xa6, 0x836: 0xa6, 0x837: 0xa6,
+	0x838: 0xa6, 0x839: 0xa6, 0x83a: 0xa6, 0x83b: 0xa6, 0x83c: 0xa6, 0x83d: 0xa6, 0x83e: 0xa6, 0x83f: 0xa6,
+	// Block 0x21, offset 0x840
+	0x840: 0xa6, 0x841: 0xa6, 0x842: 0xa6, 0x843: 0xa6, 0x844: 0xa6, 0x845: 0xa6, 0x846: 0xa6, 0x847: 0xa6,
+	0x848: 0xa6, 0x849: 0xa6, 0x84a: 0xa6, 0x84b: 0xa6, 0x84c: 0xa6, 0x84d: 0xa6, 0x84e: 0x1af, 0x84f: 0x100,
+	0x850: 0x100, 0x851: 0x100, 0x852: 0x100, 0x853: 0x100, 0x854: 0x100, 0x855: 0x100, 0x856: 0x100, 0x857: 0x100,
+	0x858: 0x100, 0x859: 0x100, 0x85a: 0x100, 0x85b: 0x100, 0x85c: 0x100, 0x85d: 0x100, 0x85e: 0x100, 0x85f: 0x100,
+	0x860: 0x100, 0x861: 0x100, 0x862: 0x100, 0x863: 0x100, 0x864: 0x100, 0x865: 0x100, 0x866: 0x100, 0x867: 0x100,
+	0x868: 0x100, 0x869: 0x100, 0x86a: 0x100, 0x86b: 0x100, 0x86c: 0x100, 0x86d: 0x100, 0x86e: 0x100, 0x86f: 0x100,
+	0x870: 0x100, 0x871: 0x100, 0x872: 0x100, 0x873: 0x100, 0x874: 0x100, 0x875: 0x100, 0x876: 0x100, 0x877: 0x100,
+	0x878: 0x100, 0x879: 0x100, 0x87a: 0x100, 0x87b: 0x100, 0x87c: 0x100, 0x87d: 0x100, 0x87e: 0x100, 0x87f: 0x100,
+	// Block 0x22, offset 0x880
+	0x890: 0x0c, 0x891: 0x0d, 0x892: 0x0e, 0x893: 0x0f, 0x894: 0x10, 0x895: 0x0a, 0x896: 0x11, 0x897: 0x07,
+	0x898: 0x12, 0x899: 0x0a, 0x89a: 0x13, 0x89b: 0x14, 0x89c: 0x15, 0x89d: 0x16, 0x89e: 0x17, 0x89f: 0x18,
+	0x8a0: 0x07, 0x8a1: 0x07, 0x8a2: 0x07, 0x8a3: 0x07, 0x8a4: 0x07, 0x8a5: 0x07, 0x8a6: 0x07, 0x8a7: 0x07,
+	0x8a8: 0x07, 0x8a9: 0x07, 0x8aa: 0x19, 0x8ab: 0x1a, 0x8ac: 0x1b, 0x8ad: 0x07, 0x8ae: 0x1c, 0x8af: 0x1d,
+	0x8b0: 0x07, 0x8b1: 0x1e, 0x8b2: 0x1f, 0x8b3: 0x0a, 0x8b4: 0x0a, 0x8b5: 0x0a, 0x8b6: 0x0a, 0x8b7: 0x0a,
+	0x8b8: 0x0a, 0x8b9: 0x0a, 0x8ba: 0x0a, 0x8bb: 0x0a, 0x8bc: 0x0a, 0x8bd: 0x0a, 0x8be: 0x0a, 0x8bf: 0x0a,
+	// Block 0x23, offset 0x8c0
+	0x8c0: 0x0a, 0x8c1: 0x0a, 0x8c2: 0x0a, 0x8c3: 0x0a, 0x8c4: 0x0a, 0x8c5: 0x0a, 0x8c6: 0x0a, 0x8c7: 0x0a,
+	0x8c8: 0x0a, 0x8c9: 0x0a, 0x8ca: 0x0a, 0x8cb: 0x0a, 0x8cc: 0x0a, 0x8cd: 0x0a, 0x8ce: 0x0a, 0x8cf: 0x0a,
+	0x8d0: 0x0a, 0x8d1: 0x0a, 0x8d2: 0x0a, 0x8d3: 0x0a, 0x8d4: 0x0a, 0x8d5: 0x0a, 0x8d6: 0x0a, 0x8d7: 0x0a,
+	0x8d8: 0x0a, 0x8d9: 0x0a, 0x8da: 0x0a, 0x8db: 0x0a, 0x8dc: 0x0a, 0x8dd: 0x0a, 0x8de: 0x0a, 0x8df: 0x0a,
+	0x8e0: 0x0a, 0x8e1: 0x0a, 0x8e2: 0x0a, 0x8e3: 0x0a, 0x8e4: 0x0a, 0x8e5: 0x0a, 0x8e6: 0x0a, 0x8e7: 0x0a,
+	0x8e8: 0x0a, 0x8e9: 0x0a, 0x8ea: 0x0a, 0x8eb: 0x0a, 0x8ec: 0x0a, 0x8ed: 0x0a, 0x8ee: 0x0a, 0x8ef: 0x0a,
+	0x8f0: 0x0a, 0x8f1: 0x0a, 0x8f2: 0x0a, 0x8f3: 0x0a, 0x8f4: 0x0a, 0x8f5: 0x0a, 0x8f6: 0x0a, 0x8f7: 0x0a,
+	0x8f8: 0x0a, 0x8f9: 0x0a, 0x8fa: 0x0a, 0x8fb: 0x0a, 0x8fc: 0x0a, 0x8fd: 0x0a, 0x8fe: 0x0a, 0x8ff: 0x0a,
+	// Block 0x24, offset 0x900
+	0x900: 0x1b0, 0x901: 0x1b1, 0x902: 0x100, 0x903: 0x100, 0x904: 0x1b2, 0x905: 0x1b2, 0x906: 0x1b2, 0x907: 0x1b3,
+	0x908: 0x100, 0x909: 0x100, 0x90a: 0x100, 0x90b: 0x100, 0x90c: 0x100, 0x90d: 0x100, 0x90e: 0x100, 0x90f: 0x100,
+	0x910: 0x100, 0x911: 0x100, 0x912: 0x100, 0x913: 0x100, 0x914: 0x100, 0x915: 0x100, 0x916: 0x100, 0x917: 0x100,
+	0x918: 0x100, 0x919: 0x100, 0x91a: 0x100, 0x91b: 0x100, 0x91c: 0x100, 0x91d: 0x100, 0x91e: 0x100, 0x91f: 0x100,
+	0x920: 0x100, 0x921: 0x100, 0x922: 0x100, 0x923: 0x100, 0x924: 0x100, 0x925: 0x100, 0x926: 0x100, 0x927: 0x100,
+	0x928: 0x100, 0x929: 0x100, 0x92a: 0x100, 0x92b: 0x100, 0x92c: 0x100, 0x92d: 0x100, 0x92e: 0x100, 0x92f: 0x100,
+	0x930: 0x100, 0x931: 0x100, 0x932: 0x100, 0x933: 0x100, 0x934: 0x100, 0x935: 0x100, 0x936: 0x100, 0x937: 0x100,
+	0x938: 0x100, 0x939: 0x100, 0x93a: 0x100, 0x93b: 0x100, 0x93c: 0x100, 0x93d: 0x100, 0x93e: 0x100, 0x93f: 0x100,
+	// Block 0x25, offset 0x940
+	0x940: 0x0a, 0x941: 0x0a, 0x942: 0x0a, 0x943: 0x0a, 0x944: 0x0a, 0x945: 0x0a, 0x946: 0x0a, 0x947: 0x0a,
+	0x948: 0x0a, 0x949: 0x0a, 0x94a: 0x0a, 0x94b: 0x0a, 0x94c: 0x0a, 0x94d: 0x0a, 0x94e: 0x0a, 0x94f: 0x0a,
+	0x950: 0x0a, 0x951: 0x0a, 0x952: 0x0a, 0x953: 0x0a, 0x954: 0x0a, 0x955: 0x0a, 0x956: 0x0a, 0x957: 0x0a,
+	0x958: 0x0a, 0x959: 0x0a, 0x95a: 0x0a, 0x95b: 0x0a, 0x95c: 0x0a, 0x95d: 0x0a, 0x95e: 0x0a, 0x95f: 0x0a,
+	0x960: 0x22, 0x961: 0x0a, 0x962: 0x0a, 0x963: 0x0a, 0x964: 0x0a, 0x965: 0x0a, 0x966: 0x0a, 0x967: 0x0a,
+	0x968: 0x0a, 0x969: 0x0a, 0x96a: 0x0a, 0x96b: 0x0a, 0x96c: 0x0a, 0x96d: 0x0a, 0x96e: 0x0a, 0x96f: 0x0a,
+	0x970: 0x0a, 0x971: 0x0a, 0x972: 0x0a, 0x973: 0x0a, 0x974: 0x0a, 0x975: 0x0a, 0x976: 0x0a, 0x977: 0x0a,
+	0x978: 0x0a, 0x979: 0x0a, 0x97a: 0x0a, 0x97b: 0x0a, 0x97c: 0x0a, 0x97d: 0x0a, 0x97e: 0x0a, 0x97f: 0x0a,
+	// Block 0x26, offset 0x980
+	0x980: 0x0a, 0x981: 0x0a, 0x982: 0x0a, 0x983: 0x0a, 0x984: 0x0a, 0x985: 0x0a, 0x986: 0x0a, 0x987: 0x0a,
+	0x988: 0x0a, 0x989: 0x0a, 0x98a: 0x0a, 0x98b: 0x0a, 0x98c: 0x0a, 0x98d: 0x0a, 0x98e: 0x0a, 0x98f: 0x0a,
+}
+
+// idnaSparseOffset: 303 entries, 606 bytes
+var idnaSparseOffset = []uint16{0x0, 0x8, 0x19, 0x25, 0x27, 0x2c, 0x33, 0x3e, 0x4a, 0x4e, 0x5d, 0x62, 0x6c, 0x78, 0x7e, 0x87, 0x97, 0xa6, 0xb1, 0xbe, 0xcf, 0xd9, 0xe0, 0xed, 0xfe, 0x105, 0x110, 0x11f, 0x12d, 0x137, 0x139, 0x13e, 0x141, 0x144, 0x146, 0x152, 0x15d, 0x165, 0x16b, 0x171, 0x176, 0x17b, 0x17e, 0x182, 0x188, 0x18d, 0x198, 0x1a2, 0x1a8, 0x1b9, 0x1c4, 0x1c7, 0x1cf, 0x1d2, 0x1df, 0x1e7, 0x1eb, 0x1f2, 0x1fa, 0x20a, 0x216, 0x219, 0x223, 0x22f, 0x23b, 0x247, 0x24f, 0x254, 0x261, 0x272, 0x27d, 0x282, 0x28b, 0x293, 0x299, 0x29e, 0x2a1, 0x2a5, 0x2ab, 0x2af, 0x2b3, 0x2b7, 0x2bc, 0x2c4, 0x2cb, 0x2d6, 0x2e0, 0x2e4, 0x2e7, 0x2ed, 0x2f1, 0x2f3, 0x2f6, 0x2f8, 0x2fb, 0x305, 0x308, 0x317, 0x31b, 0x31f, 0x321, 0x32a, 0x32e, 0x333, 0x338, 0x33e, 0x34e, 0x354, 0x358, 0x367, 0x36c, 0x374, 0x37e, 0x389, 0x391, 0x3a2, 0x3ab, 0x3bb, 0x3c8, 0x3d4, 0x3d9, 0x3e6, 0x3ea, 0x3ef, 0x3f1, 0x3f3, 0x3f7, 0x3f9, 0x3fd, 0x406, 0x40c, 0x410, 0x420, 0x42a, 0x42f, 0x432, 0x438, 0x43f, 0x444, 0x448, 0x44e, 0x453, 0x45c, 0x461, 0x467, 0x46e, 0x475, 0x47c, 0x480, 0x483, 0x488, 0x494, 0x49a, 0x49f, 0x4a6, 0x4ae, 0x4b3, 0x4b7, 0x4c7, 0x4ce, 0x4d2, 0x4d6, 0x4dd, 0x4df, 0x4e2, 0x4e5, 0x4e9, 0x4f2, 0x4f6, 0x4fe, 0x501, 0x509, 0x514, 0x523, 0x52f, 0x535, 0x542, 0x54e, 0x556, 0x55f, 0x56a, 0x571, 0x580, 0x58d, 0x591, 0x59e, 0x5a7, 0x5ab, 0x5ba, 0x5c2, 0x5cd, 0x5d6, 0x5dc, 0x5e4, 0x5ed, 0x5f9, 0x5fc, 0x608, 0x60b, 0x614, 0x617, 0x61c, 0x625, 0x62a, 0x637, 0x642, 0x64b, 0x656, 0x659, 0x65c, 0x666, 0x66f, 0x67b, 0x688, 0x695, 0x6a3, 0x6aa, 0x6b5, 0x6bc, 0x6c0, 0x6c4, 0x6c7, 0x6cc, 0x6cf, 0x6d2, 0x6d6, 0x6d9, 0x6de, 0x6e5, 0x6e8, 0x6f0, 0x6f4, 0x6ff, 0x702, 0x705, 0x708, 0x70e, 0x714, 0x71d, 0x720, 0x723, 0x726, 0x72e, 0x733, 0x73c, 0x73f, 0x744, 0x74e, 0x752, 0x756, 0x759, 0x75c, 0x760, 0x76f, 0x77b, 0x77f, 0x784, 0x789, 0x78e, 0x792, 0x797, 0x7a0, 0x7a5, 0x7a9, 0x7af, 0x7b5, 0x7ba, 0x7c0, 0x7c6, 0x7d0, 0x7d6, 0x7df, 0x7e2, 0x7e5, 0x7e9, 0x7ed, 0x7f1, 0x7f7, 0x7fd, 0x802, 0x805, 0x815, 0x81c, 0x820, 0x827, 0x82b, 0x831, 0x838, 0x83f, 0x845, 0x84e, 0x852, 0x860, 0x863, 0x866, 0x86a, 0x86e, 0x871, 0x875, 0x878, 0x87d, 0x87f, 0x881}
+
+// idnaSparseValues: 2180 entries, 8720 bytes
+var idnaSparseValues = [2180]valueRange{
+	// Block 0x0, offset 0x0
+	{value: 0x0000, lo: 0x07},
+	{value: 0xe105, lo: 0x80, hi: 0x96},
+	{value: 0x0018, lo: 0x97, hi: 0x97},
+	{value: 0xe105, lo: 0x98, hi: 0x9e},
+	{value: 0x001f, lo: 0x9f, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xb6},
+	{value: 0x0018, lo: 0xb7, hi: 0xb7},
+	{value: 0x0008, lo: 0xb8, hi: 0xbf},
+	// Block 0x1, offset 0x8
+	{value: 0x0000, lo: 0x10},
+	{value: 0x0008, lo: 0x80, hi: 0x80},
+	{value: 0xe01d, lo: 0x81, hi: 0x81},
+	{value: 0x0008, lo: 0x82, hi: 0x82},
+	{value: 0x0335, lo: 0x83, hi: 0x83},
+	{value: 0x034d, lo: 0x84, hi: 0x84},
+	{value: 0x0365, lo: 0x85, hi: 0x85},
+	{value: 0xe00d, lo: 0x86, hi: 0x86},
+	{value: 0x0008, lo: 0x87, hi: 0x87},
+	{value: 0xe00d, lo: 0x88, hi: 0x88},
+	{value: 0x0008, lo: 0x89, hi: 0x89},
+	{value: 0xe00d, lo: 0x8a, hi: 0x8a},
+	{value: 0x0008, lo: 0x8b, hi: 0x8b},
+	{value: 0xe00d, lo: 0x8c, hi: 0x8c},
+	{value: 0x0008, lo: 0x8d, hi: 0x8d},
+	{value: 0xe00d, lo: 0x8e, hi: 0x8e},
+	{value: 0x0008, lo: 0x8f, hi: 0xbf},
+	// Block 0x2, offset 0x19
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0008, lo: 0x80, hi: 0xaf},
+	{value: 0x00a9, lo: 0xb0, hi: 0xb0},
+	{value: 0x037d, lo: 0xb1, hi: 0xb1},
+	{value: 0x00b1, lo: 0xb2, hi: 0xb2},
+	{value: 0x00b9, lo: 0xb3, hi: 0xb3},
+	{value: 0x034d, lo: 0xb4, hi: 0xb4},
+	{value: 0x0395, lo: 0xb5, hi: 0xb5},
+	{value: 0xe1bd, lo: 0xb6, hi: 0xb6},
+	{value: 0x00c1, lo: 0xb7, hi: 0xb7},
+	{value: 0x00c9, lo: 0xb8, hi: 0xb8},
+	{value: 0x0008, lo: 0xb9, hi: 0xbf},
+	// Block 0x3, offset 0x25
+	{value: 0x0000, lo: 0x01},
+	{value: 0x3308, lo: 0x80, hi: 0xbf},
+	// Block 0x4, offset 0x27
+	{value: 0x0000, lo: 0x04},
+	{value: 0x03f5, lo: 0x80, hi: 0x8f},
+	{value: 0xe105, lo: 0x90, hi: 0x9f},
+	{value: 0x049d, lo: 0xa0, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x5, offset 0x2c
+	{value: 0x0000, lo: 0x06},
+	{value: 0xe185, lo: 0x80, hi: 0x8f},
+	{value: 0x0545, lo: 0x90, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x98},
+	{value: 0x0008, lo: 0x99, hi: 0x99},
+	{value: 0x0018, lo: 0x9a, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xbf},
+	// Block 0x6, offset 0x33
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0008, lo: 0x80, hi: 0x86},
+	{value: 0x0131, lo: 0x87, hi: 0x87},
+	{value: 0x0008, lo: 0x88, hi: 0x88},
+	{value: 0x0018, lo: 0x89, hi: 0x8a},
+	{value: 0x0040, lo: 0x8b, hi: 0x8c},
+	{value: 0x0018, lo: 0x8d, hi: 0x8f},
+	{value: 0x0040, lo: 0x90, hi: 0x90},
+	{value: 0x3308, lo: 0x91, hi: 0xbd},
+	{value: 0x0818, lo: 0xbe, hi: 0xbe},
+	{value: 0x3308, lo: 0xbf, hi: 0xbf},
+	// Block 0x7, offset 0x3e
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0818, lo: 0x80, hi: 0x80},
+	{value: 0x3308, lo: 0x81, hi: 0x82},
+	{value: 0x0818, lo: 0x83, hi: 0x83},
+	{value: 0x3308, lo: 0x84, hi: 0x85},
+	{value: 0x0818, lo: 0x86, hi: 0x86},
+	{value: 0x3308, lo: 0x87, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8f},
+	{value: 0x0808, lo: 0x90, hi: 0xaa},
+	{value: 0x0040, lo: 0xab, hi: 0xae},
+	{value: 0x0808, lo: 0xaf, hi: 0xb4},
+	{value: 0x0040, lo: 0xb5, hi: 0xbf},
+	// Block 0x8, offset 0x4a
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0a08, lo: 0x80, hi: 0x87},
+	{value: 0x0c08, lo: 0x88, hi: 0x99},
+	{value: 0x0a08, lo: 0x9a, hi: 0xbf},
+	// Block 0x9, offset 0x4e
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x3308, lo: 0x80, hi: 0x8a},
+	{value: 0x0040, lo: 0x8b, hi: 0x8c},
+	{value: 0x0c08, lo: 0x8d, hi: 0x8d},
+	{value: 0x0a08, lo: 0x8e, hi: 0x98},
+	{value: 0x0c08, lo: 0x99, hi: 0x9b},
+	{value: 0x0a08, lo: 0x9c, hi: 0xaa},
+	{value: 0x0c08, lo: 0xab, hi: 0xac},
+	{value: 0x0a08, lo: 0xad, hi: 0xb0},
+	{value: 0x0c08, lo: 0xb1, hi: 0xb1},
+	{value: 0x0a08, lo: 0xb2, hi: 0xb2},
+	{value: 0x0c08, lo: 0xb3, hi: 0xb4},
+	{value: 0x0a08, lo: 0xb5, hi: 0xb7},
+	{value: 0x0c08, lo: 0xb8, hi: 0xb9},
+	{value: 0x0a08, lo: 0xba, hi: 0xbf},
+	// Block 0xa, offset 0x5d
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0808, lo: 0x80, hi: 0xa5},
+	{value: 0x3308, lo: 0xa6, hi: 0xb0},
+	{value: 0x0808, lo: 0xb1, hi: 0xb1},
+	{value: 0x0040, lo: 0xb2, hi: 0xbf},
+	// Block 0xb, offset 0x62
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0808, lo: 0x80, hi: 0x89},
+	{value: 0x0a08, lo: 0x8a, hi: 0xaa},
+	{value: 0x3308, lo: 0xab, hi: 0xb3},
+	{value: 0x0808, lo: 0xb4, hi: 0xb5},
+	{value: 0x0018, lo: 0xb6, hi: 0xb9},
+	{value: 0x0818, lo: 0xba, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbc},
+	{value: 0x3308, lo: 0xbd, hi: 0xbd},
+	{value: 0x0818, lo: 0xbe, hi: 0xbf},
+	// Block 0xc, offset 0x6c
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0808, lo: 0x80, hi: 0x95},
+	{value: 0x3308, lo: 0x96, hi: 0x99},
+	{value: 0x0808, lo: 0x9a, hi: 0x9a},
+	{value: 0x3308, lo: 0x9b, hi: 0xa3},
+	{value: 0x0808, lo: 0xa4, hi: 0xa4},
+	{value: 0x3308, lo: 0xa5, hi: 0xa7},
+	{value: 0x0808, lo: 0xa8, hi: 0xa8},
+	{value: 0x3308, lo: 0xa9, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x0818, lo: 0xb0, hi: 0xbe},
+	{value: 0x0040, lo: 0xbf, hi: 0xbf},
+	// Block 0xd, offset 0x78
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0a08, lo: 0x80, hi: 0x88},
+	{value: 0x0808, lo: 0x89, hi: 0x89},
+	{value: 0x3308, lo: 0x8a, hi: 0xa1},
+	{value: 0x0840, lo: 0xa2, hi: 0xa2},
+	{value: 0x3308, lo: 0xa3, hi: 0xbf},
+	// Block 0xe, offset 0x7e
+	{value: 0x0000, lo: 0x08},
+	{value: 0x3308, lo: 0x80, hi: 0x82},
+	{value: 0x3008, lo: 0x83, hi: 0x83},
+	{value: 0x0008, lo: 0x84, hi: 0xb9},
+	{value: 0x3308, lo: 0xba, hi: 0xba},
+	{value: 0x3008, lo: 0xbb, hi: 0xbb},
+	{value: 0x3308, lo: 0xbc, hi: 0xbc},
+	{value: 0x0008, lo: 0xbd, hi: 0xbd},
+	{value: 0x3008, lo: 0xbe, hi: 0xbf},
+	// Block 0xf, offset 0x87
+	{value: 0x0000, lo: 0x0f},
+	{value: 0x3308, lo: 0x80, hi: 0x80},
+	{value: 0x3008, lo: 0x81, hi: 0x82},
+	{value: 0x0040, lo: 0x83, hi: 0x85},
+	{value: 0x3008, lo: 0x86, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x89},
+	{value: 0x3008, lo: 0x8a, hi: 0x8c},
+	{value: 0x3b08, lo: 0x8d, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x90},
+	{value: 0x0040, lo: 0x91, hi: 0x96},
+	{value: 0x3008, lo: 0x97, hi: 0x97},
+	{value: 0x0040, lo: 0x98, hi: 0xa5},
+	{value: 0x0008, lo: 0xa6, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbf},
+	// Block 0x10, offset 0x97
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x3308, lo: 0x80, hi: 0x80},
+	{value: 0x3008, lo: 0x81, hi: 0x83},
+	{value: 0x3308, lo: 0x84, hi: 0x84},
+	{value: 0x0008, lo: 0x85, hi: 0x8c},
+	{value: 0x0040, lo: 0x8d, hi: 0x8d},
+	{value: 0x0008, lo: 0x8e, hi: 0x90},
+	{value: 0x0040, lo: 0x91, hi: 0x91},
+	{value: 0x0008, lo: 0x92, hi: 0xa8},
+	{value: 0x0040, lo: 0xa9, hi: 0xa9},
+	{value: 0x0008, lo: 0xaa, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbb},
+	{value: 0x3308, lo: 0xbc, hi: 0xbc},
+	{value: 0x0008, lo: 0xbd, hi: 0xbd},
+	{value: 0x3308, lo: 0xbe, hi: 0xbf},
+	// Block 0x11, offset 0xa6
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x3308, lo: 0x80, hi: 0x81},
+	{value: 0x3008, lo: 0x82, hi: 0x83},
+	{value: 0x0008, lo: 0x84, hi: 0x8c},
+	{value: 0x0040, lo: 0x8d, hi: 0x8d},
+	{value: 0x0008, lo: 0x8e, hi: 0x90},
+	{value: 0x0040, lo: 0x91, hi: 0x91},
+	{value: 0x0008, lo: 0x92, hi: 0xba},
+	{value: 0x3b08, lo: 0xbb, hi: 0xbc},
+	{value: 0x0008, lo: 0xbd, hi: 0xbd},
+	{value: 0x3008, lo: 0xbe, hi: 0xbf},
+	// Block 0x12, offset 0xb1
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x0040, lo: 0x80, hi: 0x80},
+	{value: 0x3308, lo: 0x81, hi: 0x81},
+	{value: 0x3008, lo: 0x82, hi: 0x83},
+	{value: 0x0040, lo: 0x84, hi: 0x84},
+	{value: 0x0008, lo: 0x85, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x99},
+	{value: 0x0008, lo: 0x9a, hi: 0xb1},
+	{value: 0x0040, lo: 0xb2, hi: 0xb2},
+	{value: 0x0008, lo: 0xb3, hi: 0xbb},
+	{value: 0x0040, lo: 0xbc, hi: 0xbc},
+	{value: 0x0008, lo: 0xbd, hi: 0xbd},
+	{value: 0x0040, lo: 0xbe, hi: 0xbf},
+	// Block 0x13, offset 0xbe
+	{value: 0x0000, lo: 0x10},
+	{value: 0x0008, lo: 0x80, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x89},
+	{value: 0x3b08, lo: 0x8a, hi: 0x8a},
+	{value: 0x0040, lo: 0x8b, hi: 0x8e},
+	{value: 0x3008, lo: 0x8f, hi: 0x91},
+	{value: 0x3308, lo: 0x92, hi: 0x94},
+	{value: 0x0040, lo: 0x95, hi: 0x95},
+	{value: 0x3308, lo: 0x96, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x97},
+	{value: 0x3008, lo: 0x98, hi: 0x9f},
+	{value: 0x0040, lo: 0xa0, hi: 0xa5},
+	{value: 0x0008, lo: 0xa6, hi: 0xaf},
+	{value: 0x0040, lo: 0xb0, hi: 0xb1},
+	{value: 0x3008, lo: 0xb2, hi: 0xb3},
+	{value: 0x0018, lo: 0xb4, hi: 0xb4},
+	{value: 0x0040, lo: 0xb5, hi: 0xbf},
+	// Block 0x14, offset 0xcf
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0040, lo: 0x80, hi: 0x80},
+	{value: 0x0008, lo: 0x81, hi: 0xb0},
+	{value: 0x3308, lo: 0xb1, hi: 0xb1},
+	{value: 0x0008, lo: 0xb2, hi: 0xb2},
+	{value: 0x01f1, lo: 0xb3, hi: 0xb3},
+	{value: 0x3308, lo: 0xb4, hi: 0xb9},
+	{value: 0x3b08, lo: 0xba, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbe},
+	{value: 0x0018, lo: 0xbf, hi: 0xbf},
+	// Block 0x15, offset 0xd9
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0008, lo: 0x80, hi: 0x86},
+	{value: 0x3308, lo: 0x87, hi: 0x8e},
+	{value: 0x0018, lo: 0x8f, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0018, lo: 0x9a, hi: 0x9b},
+	{value: 0x0040, lo: 0x9c, hi: 0xbf},
+	// Block 0x16, offset 0xe0
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x0008, lo: 0x80, hi: 0x84},
+	{value: 0x0040, lo: 0x85, hi: 0x85},
+	{value: 0x0008, lo: 0x86, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x87},
+	{value: 0x3308, lo: 0x88, hi: 0x8e},
+	{value: 0x0040, lo: 0x8f, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9b},
+	{value: 0x0201, lo: 0x9c, hi: 0x9c},
+	{value: 0x0209, lo: 0x9d, hi: 0x9d},
+	{value: 0x0008, lo: 0x9e, hi: 0x9f},
+	{value: 0x0040, lo: 0xa0, hi: 0xbf},
+	// Block 0x17, offset 0xed
+	{value: 0x0000, lo: 0x10},
+	{value: 0x0008, lo: 0x80, hi: 0x80},
+	{value: 0x0018, lo: 0x81, hi: 0x8a},
+	{value: 0x0008, lo: 0x8b, hi: 0x8b},
+	{value: 0xe03d, lo: 0x8c, hi: 0x8c},
+	{value: 0x0018, lo: 0x8d, hi: 0x97},
+	{value: 0x3308, lo: 0x98, hi: 0x99},
+	{value: 0x0018, lo: 0x9a, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa9},
+	{value: 0x0018, lo: 0xaa, hi: 0xb4},
+	{value: 0x3308, lo: 0xb5, hi: 0xb5},
+	{value: 0x0018, lo: 0xb6, hi: 0xb6},
+	{value: 0x3308, lo: 0xb7, hi: 0xb7},
+	{value: 0x0018, lo: 0xb8, hi: 0xb8},
+	{value: 0x3308, lo: 0xb9, hi: 0xb9},
+	{value: 0x0018, lo: 0xba, hi: 0xbd},
+	{value: 0x3008, lo: 0xbe, hi: 0xbf},
+	// Block 0x18, offset 0xfe
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0018, lo: 0x80, hi: 0x85},
+	{value: 0x3308, lo: 0x86, hi: 0x86},
+	{value: 0x0018, lo: 0x87, hi: 0x8c},
+	{value: 0x0040, lo: 0x8d, hi: 0x8d},
+	{value: 0x0018, lo: 0x8e, hi: 0x9a},
+	{value: 0x0040, lo: 0x9b, hi: 0xbf},
+	// Block 0x19, offset 0x105
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0008, lo: 0x80, hi: 0xaa},
+	{value: 0x3008, lo: 0xab, hi: 0xac},
+	{value: 0x3308, lo: 0xad, hi: 0xb0},
+	{value: 0x3008, lo: 0xb1, hi: 0xb1},
+	{value: 0x3308, lo: 0xb2, hi: 0xb7},
+	{value: 0x3008, lo: 0xb8, hi: 0xb8},
+	{value: 0x3b08, lo: 0xb9, hi: 0xba},
+	{value: 0x3008, lo: 0xbb, hi: 0xbc},
+	{value: 0x3308, lo: 0xbd, hi: 0xbe},
+	{value: 0x0008, lo: 0xbf, hi: 0xbf},
+	// Block 0x1a, offset 0x110
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x0008, lo: 0x80, hi: 0x89},
+	{value: 0x0018, lo: 0x8a, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x95},
+	{value: 0x3008, lo: 0x96, hi: 0x97},
+	{value: 0x3308, lo: 0x98, hi: 0x99},
+	{value: 0x0008, lo: 0x9a, hi: 0x9d},
+	{value: 0x3308, lo: 0x9e, hi: 0xa0},
+	{value: 0x0008, lo: 0xa1, hi: 0xa1},
+	{value: 0x3008, lo: 0xa2, hi: 0xa4},
+	{value: 0x0008, lo: 0xa5, hi: 0xa6},
+	{value: 0x3008, lo: 0xa7, hi: 0xad},
+	{value: 0x0008, lo: 0xae, hi: 0xb0},
+	{value: 0x3308, lo: 0xb1, hi: 0xb4},
+	{value: 0x0008, lo: 0xb5, hi: 0xbf},
+	// Block 0x1b, offset 0x11f
+	{value: 0x0000, lo: 0x0d},
+	{value: 0x0008, lo: 0x80, hi: 0x81},
+	{value: 0x3308, lo: 0x82, hi: 0x82},
+	{value: 0x3008, lo: 0x83, hi: 0x84},
+	{value: 0x3308, lo: 0x85, hi: 0x86},
+	{value: 0x3008, lo: 0x87, hi: 0x8c},
+	{value: 0x3308, lo: 0x8d, hi: 0x8d},
+	{value: 0x0008, lo: 0x8e, hi: 0x8e},
+	{value: 0x3008, lo: 0x8f, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x3008, lo: 0x9a, hi: 0x9c},
+	{value: 0x3308, lo: 0x9d, hi: 0x9d},
+	{value: 0x0018, lo: 0x9e, hi: 0x9f},
+	{value: 0x0040, lo: 0xa0, hi: 0xbf},
+	// Block 0x1c, offset 0x12d
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0040, lo: 0x80, hi: 0x86},
+	{value: 0x055d, lo: 0x87, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8c},
+	{value: 0x055d, lo: 0x8d, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xba},
+	{value: 0x0018, lo: 0xbb, hi: 0xbb},
+	{value: 0xe105, lo: 0xbc, hi: 0xbc},
+	{value: 0x0008, lo: 0xbd, hi: 0xbf},
+	// Block 0x1d, offset 0x137
+	{value: 0x0000, lo: 0x01},
+	{value: 0x0018, lo: 0x80, hi: 0xbf},
+	// Block 0x1e, offset 0x139
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0x9e},
+	{value: 0x0040, lo: 0x9f, hi: 0xa0},
+	{value: 0x2018, lo: 0xa1, hi: 0xb5},
+	{value: 0x0018, lo: 0xb6, hi: 0xbf},
+	// Block 0x1f, offset 0x13e
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0018, lo: 0x80, hi: 0xa7},
+	{value: 0x2018, lo: 0xa8, hi: 0xbf},
+	// Block 0x20, offset 0x141
+	{value: 0x0000, lo: 0x02},
+	{value: 0x2018, lo: 0x80, hi: 0x82},
+	{value: 0x0018, lo: 0x83, hi: 0xbf},
+	// Block 0x21, offset 0x144
+	{value: 0x0000, lo: 0x01},
+	{value: 0x0008, lo: 0x80, hi: 0xbf},
+	// Block 0x22, offset 0x146
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0008, lo: 0x80, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x89},
+	{value: 0x0008, lo: 0x8a, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x97},
+	{value: 0x0008, lo: 0x98, hi: 0x98},
+	{value: 0x0040, lo: 0x99, hi: 0x99},
+	{value: 0x0008, lo: 0x9a, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xbf},
+	// Block 0x23, offset 0x152
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0008, lo: 0x80, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x89},
+	{value: 0x0008, lo: 0x8a, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xb0},
+	{value: 0x0040, lo: 0xb1, hi: 0xb1},
+	{value: 0x0008, lo: 0xb2, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xb7},
+	{value: 0x0008, lo: 0xb8, hi: 0xbe},
+	{value: 0x0040, lo: 0xbf, hi: 0xbf},
+	// Block 0x24, offset 0x15d
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0x80},
+	{value: 0x0040, lo: 0x81, hi: 0x81},
+	{value: 0x0008, lo: 0x82, hi: 0x85},
+	{value: 0x0040, lo: 0x86, hi: 0x87},
+	{value: 0x0008, lo: 0x88, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x97},
+	{value: 0x0008, lo: 0x98, hi: 0xbf},
+	// Block 0x25, offset 0x165
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0x90},
+	{value: 0x0040, lo: 0x91, hi: 0x91},
+	{value: 0x0008, lo: 0x92, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0x97},
+	{value: 0x0008, lo: 0x98, hi: 0xbf},
+	// Block 0x26, offset 0x16b
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0x9a},
+	{value: 0x0040, lo: 0x9b, hi: 0x9c},
+	{value: 0x3308, lo: 0x9d, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xbc},
+	{value: 0x0040, lo: 0xbd, hi: 0xbf},
+	// Block 0x27, offset 0x171
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xbf},
+	// Block 0x28, offset 0x176
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xb7},
+	{value: 0xe045, lo: 0xb8, hi: 0xbd},
+	{value: 0x0040, lo: 0xbe, hi: 0xbf},
+	// Block 0x29, offset 0x17b
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0018, lo: 0x80, hi: 0x80},
+	{value: 0x0008, lo: 0x81, hi: 0xbf},
+	// Block 0x2a, offset 0x17e
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0xac},
+	{value: 0x0018, lo: 0xad, hi: 0xae},
+	{value: 0x0008, lo: 0xaf, hi: 0xbf},
+	// Block 0x2b, offset 0x182
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0040, lo: 0x80, hi: 0x80},
+	{value: 0x0008, lo: 0x81, hi: 0x9a},
+	{value: 0x0018, lo: 0x9b, hi: 0x9c},
+	{value: 0x0040, lo: 0x9d, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xbf},
+	// Block 0x2c, offset 0x188
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0xaa},
+	{value: 0x0018, lo: 0xab, hi: 0xb0},
+	{value: 0x0008, lo: 0xb1, hi: 0xb8},
+	{value: 0x0040, lo: 0xb9, hi: 0xbf},
+	// Block 0x2d, offset 0x18d
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0008, lo: 0x80, hi: 0x91},
+	{value: 0x3308, lo: 0x92, hi: 0x93},
+	{value: 0x3b08, lo: 0x94, hi: 0x94},
+	{value: 0x3808, lo: 0x95, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0x9e},
+	{value: 0x0008, lo: 0x9f, hi: 0xb1},
+	{value: 0x3308, lo: 0xb2, hi: 0xb3},
+	{value: 0x3808, lo: 0xb4, hi: 0xb4},
+	{value: 0x0018, lo: 0xb5, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xbf},
+	// Block 0x2e, offset 0x198
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0008, lo: 0x80, hi: 0x91},
+	{value: 0x3308, lo: 0x92, hi: 0x93},
+	{value: 0x0040, lo: 0x94, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xac},
+	{value: 0x0040, lo: 0xad, hi: 0xad},
+	{value: 0x0008, lo: 0xae, hi: 0xb0},
+	{value: 0x0040, lo: 0xb1, hi: 0xb1},
+	{value: 0x3308, lo: 0xb2, hi: 0xb3},
+	{value: 0x0040, lo: 0xb4, hi: 0xbf},
+	// Block 0x2f, offset 0x1a2
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0xb3},
+	{value: 0x3340, lo: 0xb4, hi: 0xb5},
+	{value: 0x3008, lo: 0xb6, hi: 0xb6},
+	{value: 0x3308, lo: 0xb7, hi: 0xbd},
+	{value: 0x3008, lo: 0xbe, hi: 0xbf},
+	// Block 0x30, offset 0x1a8
+	{value: 0x0000, lo: 0x10},
+	{value: 0x3008, lo: 0x80, hi: 0x85},
+	{value: 0x3308, lo: 0x86, hi: 0x86},
+	{value: 0x3008, lo: 0x87, hi: 0x88},
+	{value: 0x3308, lo: 0x89, hi: 0x91},
+	{value: 0x3b08, lo: 0x92, hi: 0x92},
+	{value: 0x3308, lo: 0x93, hi: 0x93},
+	{value: 0x0018, lo: 0x94, hi: 0x96},
+	{value: 0x0008, lo: 0x97, hi: 0x97},
+	{value: 0x0018, lo: 0x98, hi: 0x9b},
+	{value: 0x0008, lo: 0x9c, hi: 0x9c},
+	{value: 0x3308, lo: 0x9d, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa9},
+	{value: 0x0040, lo: 0xaa, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0x31, offset 0x1b9
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0018, lo: 0x80, hi: 0x85},
+	{value: 0x0040, lo: 0x86, hi: 0x86},
+	{value: 0x0218, lo: 0x87, hi: 0x87},
+	{value: 0x0018, lo: 0x88, hi: 0x8a},
+	{value: 0x33c0, lo: 0x8b, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x8e},
+	{value: 0x33c0, lo: 0x8f, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9f},
+	{value: 0x0208, lo: 0xa0, hi: 0xbf},
+	// Block 0x32, offset 0x1c4
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0208, lo: 0x80, hi: 0xb8},
+	{value: 0x0040, lo: 0xb9, hi: 0xbf},
+	// Block 0x33, offset 0x1c7
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0x84},
+	{value: 0x3308, lo: 0x85, hi: 0x86},
+	{value: 0x0208, lo: 0x87, hi: 0xa8},
+	{value: 0x3308, lo: 0xa9, hi: 0xa9},
+	{value: 0x0208, lo: 0xaa, hi: 0xaa},
+	{value: 0x0040, lo: 0xab, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x34, offset 0x1cf
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xbf},
+	// Block 0x35, offset 0x1d2
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x0008, lo: 0x80, hi: 0x9e},
+	{value: 0x0040, lo: 0x9f, hi: 0x9f},
+	{value: 0x3308, lo: 0xa0, hi: 0xa2},
+	{value: 0x3008, lo: 0xa3, hi: 0xa6},
+	{value: 0x3308, lo: 0xa7, hi: 0xa8},
+	{value: 0x3008, lo: 0xa9, hi: 0xab},
+	{value: 0x0040, lo: 0xac, hi: 0xaf},
+	{value: 0x3008, lo: 0xb0, hi: 0xb1},
+	{value: 0x3308, lo: 0xb2, hi: 0xb2},
+	{value: 0x3008, lo: 0xb3, hi: 0xb8},
+	{value: 0x3308, lo: 0xb9, hi: 0xbb},
+	{value: 0x0040, lo: 0xbc, hi: 0xbf},
+	// Block 0x36, offset 0x1df
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0018, lo: 0x80, hi: 0x80},
+	{value: 0x0040, lo: 0x81, hi: 0x83},
+	{value: 0x0018, lo: 0x84, hi: 0x85},
+	{value: 0x0008, lo: 0x86, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb4},
+	{value: 0x0040, lo: 0xb5, hi: 0xbf},
+	// Block 0x37, offset 0x1e7
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0xab},
+	{value: 0x0040, lo: 0xac, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x38, offset 0x1eb
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0008, lo: 0x80, hi: 0x89},
+	{value: 0x0040, lo: 0x8a, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0028, lo: 0x9a, hi: 0x9a},
+	{value: 0x0040, lo: 0x9b, hi: 0x9d},
+	{value: 0x0018, lo: 0x9e, hi: 0xbf},
+	// Block 0x39, offset 0x1f2
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0x96},
+	{value: 0x3308, lo: 0x97, hi: 0x98},
+	{value: 0x3008, lo: 0x99, hi: 0x9a},
+	{value: 0x3308, lo: 0x9b, hi: 0x9b},
+	{value: 0x0040, lo: 0x9c, hi: 0x9d},
+	{value: 0x0018, lo: 0x9e, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xbf},
+	// Block 0x3a, offset 0x1fa
+	{value: 0x0000, lo: 0x0f},
+	{value: 0x0008, lo: 0x80, hi: 0x94},
+	{value: 0x3008, lo: 0x95, hi: 0x95},
+	{value: 0x3308, lo: 0x96, hi: 0x96},
+	{value: 0x3008, lo: 0x97, hi: 0x97},
+	{value: 0x3308, lo: 0x98, hi: 0x9e},
+	{value: 0x0040, lo: 0x9f, hi: 0x9f},
+	{value: 0x3b08, lo: 0xa0, hi: 0xa0},
+	{value: 0x3008, lo: 0xa1, hi: 0xa1},
+	{value: 0x3308, lo: 0xa2, hi: 0xa2},
+	{value: 0x3008, lo: 0xa3, hi: 0xa4},
+	{value: 0x3308, lo: 0xa5, hi: 0xac},
+	{value: 0x3008, lo: 0xad, hi: 0xb2},
+	{value: 0x3308, lo: 0xb3, hi: 0xbc},
+	{value: 0x0040, lo: 0xbd, hi: 0xbe},
+	{value: 0x3308, lo: 0xbf, hi: 0xbf},
+	// Block 0x3b, offset 0x20a
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0008, lo: 0x80, hi: 0x89},
+	{value: 0x0040, lo: 0x8a, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xa6},
+	{value: 0x0008, lo: 0xa7, hi: 0xa7},
+	{value: 0x0018, lo: 0xa8, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x3308, lo: 0xb0, hi: 0xbd},
+	{value: 0x3318, lo: 0xbe, hi: 0xbe},
+	{value: 0x3308, lo: 0xbf, hi: 0xbf},
+	// Block 0x3c, offset 0x216
+	{value: 0x0000, lo: 0x02},
+	{value: 0x3308, lo: 0x80, hi: 0x8e},
+	{value: 0x0040, lo: 0x8f, hi: 0xbf},
+	// Block 0x3d, offset 0x219
+	{value: 0x0000, lo: 0x09},
+	{value: 0x3308, lo: 0x80, hi: 0x83},
+	{value: 0x3008, lo: 0x84, hi: 0x84},
+	{value: 0x0008, lo: 0x85, hi: 0xb3},
+	{value: 0x3308, lo: 0xb4, hi: 0xb4},
+	{value: 0x3008, lo: 0xb5, hi: 0xb5},
+	{value: 0x3308, lo: 0xb6, hi: 0xba},
+	{value: 0x3008, lo: 0xbb, hi: 0xbb},
+	{value: 0x3308, lo: 0xbc, hi: 0xbc},
+	{value: 0x3008, lo: 0xbd, hi: 0xbf},
+	// Block 0x3e, offset 0x223
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x3008, lo: 0x80, hi: 0x81},
+	{value: 0x3308, lo: 0x82, hi: 0x82},
+	{value: 0x3008, lo: 0x83, hi: 0x83},
+	{value: 0x3808, lo: 0x84, hi: 0x84},
+	{value: 0x0008, lo: 0x85, hi: 0x8c},
+	{value: 0x0040, lo: 0x8d, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0018, lo: 0x9a, hi: 0xaa},
+	{value: 0x3308, lo: 0xab, hi: 0xb3},
+	{value: 0x0018, lo: 0xb4, hi: 0xbe},
+	{value: 0x0040, lo: 0xbf, hi: 0xbf},
+	// Block 0x3f, offset 0x22f
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x3308, lo: 0x80, hi: 0x81},
+	{value: 0x3008, lo: 0x82, hi: 0x82},
+	{value: 0x0008, lo: 0x83, hi: 0xa0},
+	{value: 0x3008, lo: 0xa1, hi: 0xa1},
+	{value: 0x3308, lo: 0xa2, hi: 0xa5},
+	{value: 0x3008, lo: 0xa6, hi: 0xa7},
+	{value: 0x3308, lo: 0xa8, hi: 0xa9},
+	{value: 0x3808, lo: 0xaa, hi: 0xaa},
+	{value: 0x3b08, lo: 0xab, hi: 0xab},
+	{value: 0x3308, lo: 0xac, hi: 0xad},
+	{value: 0x0008, lo: 0xae, hi: 0xbf},
+	// Block 0x40, offset 0x23b
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0008, lo: 0x80, hi: 0xa5},
+	{value: 0x3308, lo: 0xa6, hi: 0xa6},
+	{value: 0x3008, lo: 0xa7, hi: 0xa7},
+	{value: 0x3308, lo: 0xa8, hi: 0xa9},
+	{value: 0x3008, lo: 0xaa, hi: 0xac},
+	{value: 0x3308, lo: 0xad, hi: 0xad},
+	{value: 0x3008, lo: 0xae, hi: 0xae},
+	{value: 0x3308, lo: 0xaf, hi: 0xb1},
+	{value: 0x3808, lo: 0xb2, hi: 0xb3},
+	{value: 0x0040, lo: 0xb4, hi: 0xbb},
+	{value: 0x0018, lo: 0xbc, hi: 0xbf},
+	// Block 0x41, offset 0x247
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0xa3},
+	{value: 0x3008, lo: 0xa4, hi: 0xab},
+	{value: 0x3308, lo: 0xac, hi: 0xb3},
+	{value: 0x3008, lo: 0xb4, hi: 0xb5},
+	{value: 0x3308, lo: 0xb6, hi: 0xb7},
+	{value: 0x0040, lo: 0xb8, hi: 0xba},
+	{value: 0x0018, lo: 0xbb, hi: 0xbf},
+	// Block 0x42, offset 0x24f
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0x89},
+	{value: 0x0040, lo: 0x8a, hi: 0x8c},
+	{value: 0x0008, lo: 0x8d, hi: 0xbd},
+	{value: 0x0018, lo: 0xbe, hi: 0xbf},
+	// Block 0x43, offset 0x254
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x02a9, lo: 0x80, hi: 0x80},
+	{value: 0x02b1, lo: 0x81, hi: 0x81},
+	{value: 0x02b9, lo: 0x82, hi: 0x82},
+	{value: 0x02c1, lo: 0x83, hi: 0x83},
+	{value: 0x02c9, lo: 0x84, hi: 0x85},
+	{value: 0x02d1, lo: 0x86, hi: 0x86},
+	{value: 0x02d9, lo: 0x87, hi: 0x87},
+	{value: 0x057d, lo: 0x88, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x8f},
+	{value: 0x059d, lo: 0x90, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbc},
+	{value: 0x059d, lo: 0xbd, hi: 0xbf},
+	// Block 0x44, offset 0x261
+	{value: 0x0000, lo: 0x10},
+	{value: 0x0018, lo: 0x80, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8f},
+	{value: 0x3308, lo: 0x90, hi: 0x92},
+	{value: 0x0018, lo: 0x93, hi: 0x93},
+	{value: 0x3308, lo: 0x94, hi: 0xa0},
+	{value: 0x3008, lo: 0xa1, hi: 0xa1},
+	{value: 0x3308, lo: 0xa2, hi: 0xa8},
+	{value: 0x0008, lo: 0xa9, hi: 0xac},
+	{value: 0x3308, lo: 0xad, hi: 0xad},
+	{value: 0x0008, lo: 0xae, hi: 0xb3},
+	{value: 0x3308, lo: 0xb4, hi: 0xb4},
+	{value: 0x0008, lo: 0xb5, hi: 0xb6},
+	{value: 0x3008, lo: 0xb7, hi: 0xb7},
+	{value: 0x3308, lo: 0xb8, hi: 0xb9},
+	{value: 0x0008, lo: 0xba, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbf},
+	// Block 0x45, offset 0x272
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0008, lo: 0x80, hi: 0x87},
+	{value: 0xe045, lo: 0x88, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0x97},
+	{value: 0xe045, lo: 0x98, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa7},
+	{value: 0xe045, lo: 0xa8, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb7},
+	{value: 0xe045, lo: 0xb8, hi: 0xbf},
+	// Block 0x46, offset 0x27d
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0x80},
+	{value: 0x0040, lo: 0x81, hi: 0x8f},
+	{value: 0x3318, lo: 0x90, hi: 0xb0},
+	{value: 0x0040, lo: 0xb1, hi: 0xbf},
+	// Block 0x47, offset 0x282
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0018, lo: 0x80, hi: 0x82},
+	{value: 0x0040, lo: 0x83, hi: 0x83},
+	{value: 0x0008, lo: 0x84, hi: 0x84},
+	{value: 0x0018, lo: 0x85, hi: 0x88},
+	{value: 0x0851, lo: 0x89, hi: 0x89},
+	{value: 0x0018, lo: 0x8a, hi: 0x8b},
+	{value: 0x0040, lo: 0x8c, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0xbf},
+	// Block 0x48, offset 0x28b
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0018, lo: 0x80, hi: 0xab},
+	{value: 0x0859, lo: 0xac, hi: 0xac},
+	{value: 0x0861, lo: 0xad, hi: 0xad},
+	{value: 0x0018, lo: 0xae, hi: 0xae},
+	{value: 0x0869, lo: 0xaf, hi: 0xaf},
+	{value: 0x0871, lo: 0xb0, hi: 0xb0},
+	{value: 0x0018, lo: 0xb1, hi: 0xbf},
+	// Block 0x49, offset 0x293
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0018, lo: 0x80, hi: 0x9f},
+	{value: 0x0080, lo: 0xa0, hi: 0xa0},
+	{value: 0x0018, lo: 0xa1, hi: 0xad},
+	{value: 0x0080, lo: 0xae, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xbf},
+	// Block 0x4a, offset 0x299
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0xa8},
+	{value: 0x09dd, lo: 0xa9, hi: 0xa9},
+	{value: 0x09fd, lo: 0xaa, hi: 0xaa},
+	{value: 0x0018, lo: 0xab, hi: 0xbf},
+	// Block 0x4b, offset 0x29e
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0018, lo: 0x80, hi: 0xa6},
+	{value: 0x0040, lo: 0xa7, hi: 0xbf},
+	// Block 0x4c, offset 0x2a1
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0x8b},
+	{value: 0x0929, lo: 0x8c, hi: 0x8c},
+	{value: 0x0018, lo: 0x8d, hi: 0xbf},
+	// Block 0x4d, offset 0x2a5
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0018, lo: 0x80, hi: 0xb3},
+	{value: 0x0e7e, lo: 0xb4, hi: 0xb4},
+	{value: 0x0932, lo: 0xb5, hi: 0xb5},
+	{value: 0x0e9e, lo: 0xb6, hi: 0xb6},
+	{value: 0x0018, lo: 0xb7, hi: 0xbf},
+	// Block 0x4e, offset 0x2ab
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0x9b},
+	{value: 0x0939, lo: 0x9c, hi: 0x9c},
+	{value: 0x0018, lo: 0x9d, hi: 0xbf},
+	// Block 0x4f, offset 0x2af
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0xb3},
+	{value: 0x0040, lo: 0xb4, hi: 0xb5},
+	{value: 0x0018, lo: 0xb6, hi: 0xbf},
+	// Block 0x50, offset 0x2b3
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0x96},
+	{value: 0x0018, lo: 0x97, hi: 0xbf},
+	// Block 0x51, offset 0x2b7
+	{value: 0x0000, lo: 0x04},
+	{value: 0xe185, lo: 0x80, hi: 0x8f},
+	{value: 0x03f5, lo: 0x90, hi: 0x9f},
+	{value: 0x0ebd, lo: 0xa0, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x52, offset 0x2bc
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0xa5},
+	{value: 0x0040, lo: 0xa6, hi: 0xa6},
+	{value: 0x0008, lo: 0xa7, hi: 0xa7},
+	{value: 0x0040, lo: 0xa8, hi: 0xac},
+	{value: 0x0008, lo: 0xad, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x53, offset 0x2c4
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0008, lo: 0x80, hi: 0xa7},
+	{value: 0x0040, lo: 0xa8, hi: 0xae},
+	{value: 0xe075, lo: 0xaf, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb0},
+	{value: 0x0040, lo: 0xb1, hi: 0xbe},
+	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
+	// Block 0x54, offset 0x2cb
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0008, lo: 0x80, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa6},
+	{value: 0x0040, lo: 0xa7, hi: 0xa7},
+	{value: 0x0008, lo: 0xa8, hi: 0xae},
+	{value: 0x0040, lo: 0xaf, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xb7},
+	{value: 0x0008, lo: 0xb8, hi: 0xbe},
+	{value: 0x0040, lo: 0xbf, hi: 0xbf},
+	// Block 0x55, offset 0x2d6
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0008, lo: 0x80, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x87},
+	{value: 0x0008, lo: 0x88, hi: 0x8e},
+	{value: 0x0040, lo: 0x8f, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x97},
+	{value: 0x0008, lo: 0x98, hi: 0x9e},
+	{value: 0x0040, lo: 0x9f, hi: 0x9f},
+	{value: 0x3308, lo: 0xa0, hi: 0xbf},
+	// Block 0x56, offset 0x2e0
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0xae},
+	{value: 0x0008, lo: 0xaf, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xbf},
+	// Block 0x57, offset 0x2e4
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0018, lo: 0x80, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0xbf},
+	// Block 0x58, offset 0x2e7
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0018, lo: 0x80, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9a},
+	{value: 0x0018, lo: 0x9b, hi: 0x9e},
+	{value: 0x0ef5, lo: 0x9f, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xbf},
+	// Block 0x59, offset 0x2ed
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0xb2},
+	{value: 0x0f15, lo: 0xb3, hi: 0xb3},
+	{value: 0x0040, lo: 0xb4, hi: 0xbf},
+	// Block 0x5a, offset 0x2f1
+	{value: 0x0020, lo: 0x01},
+	{value: 0x0f35, lo: 0x80, hi: 0xbf},
+	// Block 0x5b, offset 0x2f3
+	{value: 0x0020, lo: 0x02},
+	{value: 0x1735, lo: 0x80, hi: 0x8f},
+	{value: 0x1915, lo: 0x90, hi: 0xbf},
+	// Block 0x5c, offset 0x2f6
+	{value: 0x0020, lo: 0x01},
+	{value: 0x1f15, lo: 0x80, hi: 0xbf},
+	// Block 0x5d, offset 0x2f8
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0040, lo: 0x80, hi: 0x80},
+	{value: 0x0008, lo: 0x81, hi: 0xbf},
+	// Block 0x5e, offset 0x2fb
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0008, lo: 0x80, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x98},
+	{value: 0x3308, lo: 0x99, hi: 0x9a},
+	{value: 0x096a, lo: 0x9b, hi: 0x9b},
+	{value: 0x0972, lo: 0x9c, hi: 0x9c},
+	{value: 0x0008, lo: 0x9d, hi: 0x9e},
+	{value: 0x0979, lo: 0x9f, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xa0},
+	{value: 0x0008, lo: 0xa1, hi: 0xbf},
+	// Block 0x5f, offset 0x305
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xbe},
+	{value: 0x0981, lo: 0xbf, hi: 0xbf},
+	// Block 0x60, offset 0x308
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x0040, lo: 0x80, hi: 0x84},
+	{value: 0x0008, lo: 0x85, hi: 0xaf},
+	{value: 0x0040, lo: 0xb0, hi: 0xb0},
+	{value: 0x2a35, lo: 0xb1, hi: 0xb1},
+	{value: 0x2a55, lo: 0xb2, hi: 0xb2},
+	{value: 0x2a75, lo: 0xb3, hi: 0xb3},
+	{value: 0x2a95, lo: 0xb4, hi: 0xb4},
+	{value: 0x2a75, lo: 0xb5, hi: 0xb5},
+	{value: 0x2ab5, lo: 0xb6, hi: 0xb6},
+	{value: 0x2ad5, lo: 0xb7, hi: 0xb7},
+	{value: 0x2af5, lo: 0xb8, hi: 0xb9},
+	{value: 0x2b15, lo: 0xba, hi: 0xbb},
+	{value: 0x2b35, lo: 0xbc, hi: 0xbd},
+	{value: 0x2b15, lo: 0xbe, hi: 0xbf},
+	// Block 0x61, offset 0x317
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0xa3},
+	{value: 0x0040, lo: 0xa4, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x62, offset 0x31b
+	{value: 0x0008, lo: 0x03},
+	{value: 0x098a, lo: 0x80, hi: 0x9e},
+	{value: 0x0040, lo: 0x9f, hi: 0x9f},
+	{value: 0x0a82, lo: 0xa0, hi: 0xbf},
+	// Block 0x63, offset 0x31f
+	{value: 0x0008, lo: 0x01},
+	{value: 0x0d19, lo: 0x80, hi: 0xbf},
+	// Block 0x64, offset 0x321
+	{value: 0x0008, lo: 0x08},
+	{value: 0x0f19, lo: 0x80, hi: 0xb0},
+	{value: 0x4045, lo: 0xb1, hi: 0xb1},
+	{value: 0x10a1, lo: 0xb2, hi: 0xb3},
+	{value: 0x4065, lo: 0xb4, hi: 0xb4},
+	{value: 0x10b1, lo: 0xb5, hi: 0xb7},
+	{value: 0x4085, lo: 0xb8, hi: 0xb8},
+	{value: 0x4085, lo: 0xb9, hi: 0xb9},
+	{value: 0x10c9, lo: 0xba, hi: 0xbf},
+	// Block 0x65, offset 0x32a
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0x8c},
+	{value: 0x0040, lo: 0x8d, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0xbf},
+	// Block 0x66, offset 0x32e
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xbd},
+	{value: 0x0018, lo: 0xbe, hi: 0xbf},
+	// Block 0x67, offset 0x333
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0x8c},
+	{value: 0x0018, lo: 0x8d, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xab},
+	{value: 0x0040, lo: 0xac, hi: 0xbf},
+	// Block 0x68, offset 0x338
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0xa5},
+	{value: 0x0018, lo: 0xa6, hi: 0xaf},
+	{value: 0x3308, lo: 0xb0, hi: 0xb1},
+	{value: 0x0018, lo: 0xb2, hi: 0xb7},
+	{value: 0x0040, lo: 0xb8, hi: 0xbf},
+	// Block 0x69, offset 0x33e
+	{value: 0x0000, lo: 0x0f},
+	{value: 0x0008, lo: 0x80, hi: 0x81},
+	{value: 0x3308, lo: 0x82, hi: 0x82},
+	{value: 0x0008, lo: 0x83, hi: 0x85},
+	{value: 0x3b08, lo: 0x86, hi: 0x86},
+	{value: 0x0008, lo: 0x87, hi: 0x8a},
+	{value: 0x3308, lo: 0x8b, hi: 0x8b},
+	{value: 0x0008, lo: 0x8c, hi: 0xa2},
+	{value: 0x3008, lo: 0xa3, hi: 0xa4},
+	{value: 0x3308, lo: 0xa5, hi: 0xa6},
+	{value: 0x3008, lo: 0xa7, hi: 0xa7},
+	{value: 0x0018, lo: 0xa8, hi: 0xab},
+	{value: 0x3b08, lo: 0xac, hi: 0xac},
+	{value: 0x0040, lo: 0xad, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0x6a, offset 0x34e
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0208, lo: 0x80, hi: 0xb1},
+	{value: 0x0108, lo: 0xb2, hi: 0xb2},
+	{value: 0x0008, lo: 0xb3, hi: 0xb3},
+	{value: 0x0018, lo: 0xb4, hi: 0xb7},
+	{value: 0x0040, lo: 0xb8, hi: 0xbf},
+	// Block 0x6b, offset 0x354
+	{value: 0x0000, lo: 0x03},
+	{value: 0x3008, lo: 0x80, hi: 0x81},
+	{value: 0x0008, lo: 0x82, hi: 0xb3},
+	{value: 0x3008, lo: 0xb4, hi: 0xbf},
+	// Block 0x6c, offset 0x358
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x3008, lo: 0x80, hi: 0x83},
+	{value: 0x3b08, lo: 0x84, hi: 0x84},
+	{value: 0x3308, lo: 0x85, hi: 0x85},
+	{value: 0x0040, lo: 0x86, hi: 0x8d},
+	{value: 0x0018, lo: 0x8e, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9f},
+	{value: 0x3308, lo: 0xa0, hi: 0xb1},
+	{value: 0x0008, lo: 0xb2, hi: 0xb7},
+	{value: 0x0018, lo: 0xb8, hi: 0xba},
+	{value: 0x0008, lo: 0xbb, hi: 0xbb},
+	{value: 0x0018, lo: 0xbc, hi: 0xbc},
+	{value: 0x0008, lo: 0xbd, hi: 0xbe},
+	{value: 0x3308, lo: 0xbf, hi: 0xbf},
+	// Block 0x6d, offset 0x367
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0xa5},
+	{value: 0x3308, lo: 0xa6, hi: 0xad},
+	{value: 0x0018, lo: 0xae, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x6e, offset 0x36c
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0x86},
+	{value: 0x3308, lo: 0x87, hi: 0x91},
+	{value: 0x3008, lo: 0x92, hi: 0x92},
+	{value: 0x3808, lo: 0x93, hi: 0x93},
+	{value: 0x0040, lo: 0x94, hi: 0x9e},
+	{value: 0x0018, lo: 0x9f, hi: 0xbc},
+	{value: 0x0040, lo: 0xbd, hi: 0xbf},
+	// Block 0x6f, offset 0x374
+	{value: 0x0000, lo: 0x09},
+	{value: 0x3308, lo: 0x80, hi: 0x82},
+	{value: 0x3008, lo: 0x83, hi: 0x83},
+	{value: 0x0008, lo: 0x84, hi: 0xb2},
+	{value: 0x3308, lo: 0xb3, hi: 0xb3},
+	{value: 0x3008, lo: 0xb4, hi: 0xb5},
+	{value: 0x3308, lo: 0xb6, hi: 0xb9},
+	{value: 0x3008, lo: 0xba, hi: 0xbb},
+	{value: 0x3308, lo: 0xbc, hi: 0xbd},
+	{value: 0x3008, lo: 0xbe, hi: 0xbf},
+	// Block 0x70, offset 0x37e
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x3808, lo: 0x80, hi: 0x80},
+	{value: 0x0018, lo: 0x81, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x8e},
+	{value: 0x0008, lo: 0x8f, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9d},
+	{value: 0x0018, lo: 0x9e, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa4},
+	{value: 0x3308, lo: 0xa5, hi: 0xa5},
+	{value: 0x0008, lo: 0xa6, hi: 0xbe},
+	{value: 0x0040, lo: 0xbf, hi: 0xbf},
+	// Block 0x71, offset 0x389
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0xa8},
+	{value: 0x3308, lo: 0xa9, hi: 0xae},
+	{value: 0x3008, lo: 0xaf, hi: 0xb0},
+	{value: 0x3308, lo: 0xb1, hi: 0xb2},
+	{value: 0x3008, lo: 0xb3, hi: 0xb4},
+	{value: 0x3308, lo: 0xb5, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xbf},
+	// Block 0x72, offset 0x391
+	{value: 0x0000, lo: 0x10},
+	{value: 0x0008, lo: 0x80, hi: 0x82},
+	{value: 0x3308, lo: 0x83, hi: 0x83},
+	{value: 0x0008, lo: 0x84, hi: 0x8b},
+	{value: 0x3308, lo: 0x8c, hi: 0x8c},
+	{value: 0x3008, lo: 0x8d, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9b},
+	{value: 0x0018, lo: 0x9c, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xb6},
+	{value: 0x0018, lo: 0xb7, hi: 0xb9},
+	{value: 0x0008, lo: 0xba, hi: 0xba},
+	{value: 0x3008, lo: 0xbb, hi: 0xbb},
+	{value: 0x3308, lo: 0xbc, hi: 0xbc},
+	{value: 0x3008, lo: 0xbd, hi: 0xbd},
+	{value: 0x0008, lo: 0xbe, hi: 0xbf},
+	// Block 0x73, offset 0x3a2
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0008, lo: 0x80, hi: 0xaf},
+	{value: 0x3308, lo: 0xb0, hi: 0xb0},
+	{value: 0x0008, lo: 0xb1, hi: 0xb1},
+	{value: 0x3308, lo: 0xb2, hi: 0xb4},
+	{value: 0x0008, lo: 0xb5, hi: 0xb6},
+	{value: 0x3308, lo: 0xb7, hi: 0xb8},
+	{value: 0x0008, lo: 0xb9, hi: 0xbd},
+	{value: 0x3308, lo: 0xbe, hi: 0xbf},
+	// Block 0x74, offset 0x3ab
+	{value: 0x0000, lo: 0x0f},
+	{value: 0x0008, lo: 0x80, hi: 0x80},
+	{value: 0x3308, lo: 0x81, hi: 0x81},
+	{value: 0x0008, lo: 0x82, hi: 0x82},
+	{value: 0x0040, lo: 0x83, hi: 0x9a},
+	{value: 0x0008, lo: 0x9b, hi: 0x9d},
+	{value: 0x0018, lo: 0x9e, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xaa},
+	{value: 0x3008, lo: 0xab, hi: 0xab},
+	{value: 0x3308, lo: 0xac, hi: 0xad},
+	{value: 0x3008, lo: 0xae, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb1},
+	{value: 0x0008, lo: 0xb2, hi: 0xb4},
+	{value: 0x3008, lo: 0xb5, hi: 0xb5},
+	{value: 0x3b08, lo: 0xb6, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xbf},
+	// Block 0x75, offset 0x3bb
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x0040, lo: 0x80, hi: 0x80},
+	{value: 0x0008, lo: 0x81, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x88},
+	{value: 0x0008, lo: 0x89, hi: 0x8e},
+	{value: 0x0040, lo: 0x8f, hi: 0x90},
+	{value: 0x0008, lo: 0x91, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa6},
+	{value: 0x0040, lo: 0xa7, hi: 0xa7},
+	{value: 0x0008, lo: 0xa8, hi: 0xae},
+	{value: 0x0040, lo: 0xaf, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x76, offset 0x3c8
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0008, lo: 0x80, hi: 0x9a},
+	{value: 0x0018, lo: 0x9b, hi: 0x9b},
+	{value: 0x449d, lo: 0x9c, hi: 0x9c},
+	{value: 0x44b5, lo: 0x9d, hi: 0x9d},
+	{value: 0x0941, lo: 0x9e, hi: 0x9e},
+	{value: 0xe06d, lo: 0x9f, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa8},
+	{value: 0x13f9, lo: 0xa9, hi: 0xa9},
+	{value: 0x0018, lo: 0xaa, hi: 0xab},
+	{value: 0x0040, lo: 0xac, hi: 0xaf},
+	{value: 0x44cd, lo: 0xb0, hi: 0xbf},
+	// Block 0x77, offset 0x3d4
+	{value: 0x0000, lo: 0x04},
+	{value: 0x44ed, lo: 0x80, hi: 0x8f},
+	{value: 0x450d, lo: 0x90, hi: 0x9f},
+	{value: 0x452d, lo: 0xa0, hi: 0xaf},
+	{value: 0x450d, lo: 0xb0, hi: 0xbf},
+	// Block 0x78, offset 0x3d9
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x0008, lo: 0x80, hi: 0xa2},
+	{value: 0x3008, lo: 0xa3, hi: 0xa4},
+	{value: 0x3308, lo: 0xa5, hi: 0xa5},
+	{value: 0x3008, lo: 0xa6, hi: 0xa7},
+	{value: 0x3308, lo: 0xa8, hi: 0xa8},
+	{value: 0x3008, lo: 0xa9, hi: 0xaa},
+	{value: 0x0018, lo: 0xab, hi: 0xab},
+	{value: 0x3008, lo: 0xac, hi: 0xac},
+	{value: 0x3b08, lo: 0xad, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0x79, offset 0x3e6
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0xa3},
+	{value: 0x0040, lo: 0xa4, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xbf},
+	// Block 0x7a, offset 0x3ea
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x8a},
+	{value: 0x0018, lo: 0x8b, hi: 0xbb},
+	{value: 0x0040, lo: 0xbc, hi: 0xbf},
+	// Block 0x7b, offset 0x3ef
+	{value: 0x0000, lo: 0x01},
+	{value: 0x0040, lo: 0x80, hi: 0xbf},
+	// Block 0x7c, offset 0x3f1
+	{value: 0x0020, lo: 0x01},
+	{value: 0x454d, lo: 0x80, hi: 0xbf},
+	// Block 0x7d, offset 0x3f3
+	{value: 0x0020, lo: 0x03},
+	{value: 0x4d4d, lo: 0x80, hi: 0x94},
+	{value: 0x4b0d, lo: 0x95, hi: 0x95},
+	{value: 0x4fed, lo: 0x96, hi: 0xbf},
+	// Block 0x7e, offset 0x3f7
+	{value: 0x0020, lo: 0x01},
+	{value: 0x552d, lo: 0x80, hi: 0xbf},
+	// Block 0x7f, offset 0x3f9
+	{value: 0x0020, lo: 0x03},
+	{value: 0x5d2d, lo: 0x80, hi: 0x84},
+	{value: 0x568d, lo: 0x85, hi: 0x85},
+	{value: 0x5dcd, lo: 0x86, hi: 0xbf},
+	// Block 0x80, offset 0x3fd
+	{value: 0x0020, lo: 0x08},
+	{value: 0x6b8d, lo: 0x80, hi: 0x8f},
+	{value: 0x6d4d, lo: 0x90, hi: 0x90},
+	{value: 0x6d8d, lo: 0x91, hi: 0xab},
+	{value: 0x1401, lo: 0xac, hi: 0xac},
+	{value: 0x70ed, lo: 0xad, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xae},
+	{value: 0x0040, lo: 0xaf, hi: 0xaf},
+	{value: 0x710d, lo: 0xb0, hi: 0xbf},
+	// Block 0x81, offset 0x406
+	{value: 0x0020, lo: 0x05},
+	{value: 0x730d, lo: 0x80, hi: 0xad},
+	{value: 0x656d, lo: 0xae, hi: 0xae},
+	{value: 0x78cd, lo: 0xaf, hi: 0xb5},
+	{value: 0x6f8d, lo: 0xb6, hi: 0xb6},
+	{value: 0x79ad, lo: 0xb7, hi: 0xbf},
+	// Block 0x82, offset 0x40c
+	{value: 0x0008, lo: 0x03},
+	{value: 0x1751, lo: 0x80, hi: 0x82},
+	{value: 0x1741, lo: 0x83, hi: 0x83},
+	{value: 0x1769, lo: 0x84, hi: 0xbf},
+	// Block 0x83, offset 0x410
+	{value: 0x0008, lo: 0x0f},
+	{value: 0x1d81, lo: 0x80, hi: 0x83},
+	{value: 0x1d99, lo: 0x84, hi: 0x85},
+	{value: 0x1da1, lo: 0x86, hi: 0x87},
+	{value: 0x1da9, lo: 0x88, hi: 0x8f},
+	{value: 0x0040, lo: 0x90, hi: 0x90},
+	{value: 0x0040, lo: 0x91, hi: 0x91},
+	{value: 0x1de9, lo: 0x92, hi: 0x97},
+	{value: 0x1e11, lo: 0x98, hi: 0x9c},
+	{value: 0x1e31, lo: 0x9d, hi: 0xb3},
+	{value: 0x1d71, lo: 0xb4, hi: 0xb4},
+	{value: 0x1d81, lo: 0xb5, hi: 0xb5},
+	{value: 0x1ee9, lo: 0xb6, hi: 0xbb},
+	{value: 0x1f09, lo: 0xbc, hi: 0xbc},
+	{value: 0x1ef9, lo: 0xbd, hi: 0xbd},
+	{value: 0x1f19, lo: 0xbe, hi: 0xbf},
+	// Block 0x84, offset 0x420
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0008, lo: 0x80, hi: 0x8b},
+	{value: 0x0040, lo: 0x8c, hi: 0x8c},
+	{value: 0x0008, lo: 0x8d, hi: 0xa6},
+	{value: 0x0040, lo: 0xa7, hi: 0xa7},
+	{value: 0x0008, lo: 0xa8, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbb},
+	{value: 0x0008, lo: 0xbc, hi: 0xbd},
+	{value: 0x0040, lo: 0xbe, hi: 0xbe},
+	{value: 0x0008, lo: 0xbf, hi: 0xbf},
+	// Block 0x85, offset 0x42a
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0xbf},
+	// Block 0x86, offset 0x42f
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbf},
+	// Block 0x87, offset 0x432
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0018, lo: 0x80, hi: 0x82},
+	{value: 0x0040, lo: 0x83, hi: 0x86},
+	{value: 0x0018, lo: 0x87, hi: 0xb3},
+	{value: 0x0040, lo: 0xb4, hi: 0xb6},
+	{value: 0x0018, lo: 0xb7, hi: 0xbf},
+	// Block 0x88, offset 0x438
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0018, lo: 0x80, hi: 0x8e},
+	{value: 0x0040, lo: 0x8f, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0x9c},
+	{value: 0x0040, lo: 0x9d, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xa0},
+	{value: 0x0040, lo: 0xa1, hi: 0xbf},
+	// Block 0x89, offset 0x43f
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0040, lo: 0x80, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0xbc},
+	{value: 0x3308, lo: 0xbd, hi: 0xbd},
+	{value: 0x0040, lo: 0xbe, hi: 0xbf},
+	// Block 0x8a, offset 0x444
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0x9c},
+	{value: 0x0040, lo: 0x9d, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xbf},
+	// Block 0x8b, offset 0x448
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0x90},
+	{value: 0x0040, lo: 0x91, hi: 0x9f},
+	{value: 0x3308, lo: 0xa0, hi: 0xa0},
+	{value: 0x0018, lo: 0xa1, hi: 0xbb},
+	{value: 0x0040, lo: 0xbc, hi: 0xbf},
+	// Block 0x8c, offset 0x44e
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xa3},
+	{value: 0x0040, lo: 0xa4, hi: 0xac},
+	{value: 0x0008, lo: 0xad, hi: 0xbf},
+	// Block 0x8d, offset 0x453
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0008, lo: 0x80, hi: 0x80},
+	{value: 0x0018, lo: 0x81, hi: 0x81},
+	{value: 0x0008, lo: 0x82, hi: 0x89},
+	{value: 0x0018, lo: 0x8a, hi: 0x8a},
+	{value: 0x0040, lo: 0x8b, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xb5},
+	{value: 0x3308, lo: 0xb6, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbf},
+	// Block 0x8e, offset 0x45c
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0x9e},
+	{value: 0x0018, lo: 0x9f, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xbf},
+	// Block 0x8f, offset 0x461
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0x83},
+	{value: 0x0040, lo: 0x84, hi: 0x87},
+	{value: 0x0008, lo: 0x88, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0xbf},
+	// Block 0x90, offset 0x467
+	{value: 0x0000, lo: 0x06},
+	{value: 0xe145, lo: 0x80, hi: 0x87},
+	{value: 0xe1c5, lo: 0x88, hi: 0x8f},
+	{value: 0xe145, lo: 0x90, hi: 0x97},
+	{value: 0x8b0d, lo: 0x98, hi: 0x9f},
+	{value: 0x8b25, lo: 0xa0, hi: 0xa7},
+	{value: 0x0008, lo: 0xa8, hi: 0xbf},
+	// Block 0x91, offset 0x46e
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0008, lo: 0x80, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa9},
+	{value: 0x0040, lo: 0xaa, hi: 0xaf},
+	{value: 0x8b25, lo: 0xb0, hi: 0xb7},
+	{value: 0x8b0d, lo: 0xb8, hi: 0xbf},
+	// Block 0x92, offset 0x475
+	{value: 0x0000, lo: 0x06},
+	{value: 0xe145, lo: 0x80, hi: 0x87},
+	{value: 0xe1c5, lo: 0x88, hi: 0x8f},
+	{value: 0xe145, lo: 0x90, hi: 0x93},
+	{value: 0x0040, lo: 0x94, hi: 0x97},
+	{value: 0x0008, lo: 0x98, hi: 0xbb},
+	{value: 0x0040, lo: 0xbc, hi: 0xbf},
+	// Block 0x93, offset 0x47c
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0xa7},
+	{value: 0x0040, lo: 0xa8, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x94, offset 0x480
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xbf},
+	// Block 0x95, offset 0x483
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa7},
+	{value: 0x0040, lo: 0xa8, hi: 0xbf},
+	// Block 0x96, offset 0x488
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0808, lo: 0x80, hi: 0x85},
+	{value: 0x0040, lo: 0x86, hi: 0x87},
+	{value: 0x0808, lo: 0x88, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x89},
+	{value: 0x0808, lo: 0x8a, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xb6},
+	{value: 0x0808, lo: 0xb7, hi: 0xb8},
+	{value: 0x0040, lo: 0xb9, hi: 0xbb},
+	{value: 0x0808, lo: 0xbc, hi: 0xbc},
+	{value: 0x0040, lo: 0xbd, hi: 0xbe},
+	{value: 0x0808, lo: 0xbf, hi: 0xbf},
+	// Block 0x97, offset 0x494
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0808, lo: 0x80, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0x96},
+	{value: 0x0818, lo: 0x97, hi: 0x9f},
+	{value: 0x0808, lo: 0xa0, hi: 0xb6},
+	{value: 0x0818, lo: 0xb7, hi: 0xbf},
+	// Block 0x98, offset 0x49a
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0808, lo: 0x80, hi: 0x9e},
+	{value: 0x0040, lo: 0x9f, hi: 0xa6},
+	{value: 0x0818, lo: 0xa7, hi: 0xaf},
+	{value: 0x0040, lo: 0xb0, hi: 0xbf},
+	// Block 0x99, offset 0x49f
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0040, lo: 0x80, hi: 0x9f},
+	{value: 0x0808, lo: 0xa0, hi: 0xb2},
+	{value: 0x0040, lo: 0xb3, hi: 0xb3},
+	{value: 0x0808, lo: 0xb4, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xba},
+	{value: 0x0818, lo: 0xbb, hi: 0xbf},
+	// Block 0x9a, offset 0x4a6
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0808, lo: 0x80, hi: 0x95},
+	{value: 0x0818, lo: 0x96, hi: 0x9b},
+	{value: 0x0040, lo: 0x9c, hi: 0x9e},
+	{value: 0x0018, lo: 0x9f, hi: 0x9f},
+	{value: 0x0808, lo: 0xa0, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbe},
+	{value: 0x0818, lo: 0xbf, hi: 0xbf},
+	// Block 0x9b, offset 0x4ae
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0808, lo: 0x80, hi: 0xb7},
+	{value: 0x0040, lo: 0xb8, hi: 0xbb},
+	{value: 0x0818, lo: 0xbc, hi: 0xbd},
+	{value: 0x0808, lo: 0xbe, hi: 0xbf},
+	// Block 0x9c, offset 0x4b3
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0818, lo: 0x80, hi: 0x8f},
+	{value: 0x0040, lo: 0x90, hi: 0x91},
+	{value: 0x0818, lo: 0x92, hi: 0xbf},
+	// Block 0x9d, offset 0x4b7
+	{value: 0x0000, lo: 0x0f},
+	{value: 0x0808, lo: 0x80, hi: 0x80},
+	{value: 0x3308, lo: 0x81, hi: 0x83},
+	{value: 0x0040, lo: 0x84, hi: 0x84},
+	{value: 0x3308, lo: 0x85, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x8b},
+	{value: 0x3308, lo: 0x8c, hi: 0x8f},
+	{value: 0x0808, lo: 0x90, hi: 0x93},
+	{value: 0x0040, lo: 0x94, hi: 0x94},
+	{value: 0x0808, lo: 0x95, hi: 0x97},
+	{value: 0x0040, lo: 0x98, hi: 0x98},
+	{value: 0x0808, lo: 0x99, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xb7},
+	{value: 0x3308, lo: 0xb8, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbe},
+	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
+	// Block 0x9e, offset 0x4c7
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0818, lo: 0x80, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x8f},
+	{value: 0x0818, lo: 0x90, hi: 0x98},
+	{value: 0x0040, lo: 0x99, hi: 0x9f},
+	{value: 0x0808, lo: 0xa0, hi: 0xbc},
+	{value: 0x0818, lo: 0xbd, hi: 0xbf},
+	// Block 0x9f, offset 0x4ce
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0808, lo: 0x80, hi: 0x9c},
+	{value: 0x0818, lo: 0x9d, hi: 0x9f},
+	{value: 0x0040, lo: 0xa0, hi: 0xbf},
+	// Block 0xa0, offset 0x4d2
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0808, lo: 0x80, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xb8},
+	{value: 0x0018, lo: 0xb9, hi: 0xbf},
+	// Block 0xa1, offset 0x4d6
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0808, lo: 0x80, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0x97},
+	{value: 0x0818, lo: 0x98, hi: 0x9f},
+	{value: 0x0808, lo: 0xa0, hi: 0xb2},
+	{value: 0x0040, lo: 0xb3, hi: 0xb7},
+	{value: 0x0818, lo: 0xb8, hi: 0xbf},
+	// Block 0xa2, offset 0x4dd
+	{value: 0x0000, lo: 0x01},
+	{value: 0x0808, lo: 0x80, hi: 0xbf},
+	// Block 0xa3, offset 0x4df
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0808, lo: 0x80, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0xbf},
+	// Block 0xa4, offset 0x4e2
+	{value: 0x0000, lo: 0x02},
+	{value: 0x03dd, lo: 0x80, hi: 0xb2},
+	{value: 0x0040, lo: 0xb3, hi: 0xbf},
+	// Block 0xa5, offset 0x4e5
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0808, lo: 0x80, hi: 0xb2},
+	{value: 0x0040, lo: 0xb3, hi: 0xb9},
+	{value: 0x0818, lo: 0xba, hi: 0xbf},
+	// Block 0xa6, offset 0x4e9
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0908, lo: 0x80, hi: 0x80},
+	{value: 0x0a08, lo: 0x81, hi: 0xa1},
+	{value: 0x0c08, lo: 0xa2, hi: 0xa2},
+	{value: 0x0a08, lo: 0xa3, hi: 0xa3},
+	{value: 0x3308, lo: 0xa4, hi: 0xa7},
+	{value: 0x0040, lo: 0xa8, hi: 0xaf},
+	{value: 0x0808, lo: 0xb0, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0xa7, offset 0x4f2
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0040, lo: 0x80, hi: 0x9f},
+	{value: 0x0818, lo: 0xa0, hi: 0xbe},
+	{value: 0x0040, lo: 0xbf, hi: 0xbf},
+	// Block 0xa8, offset 0x4f6
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0808, lo: 0x80, hi: 0xa9},
+	{value: 0x0040, lo: 0xaa, hi: 0xaa},
+	{value: 0x3308, lo: 0xab, hi: 0xac},
+	{value: 0x0818, lo: 0xad, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x0808, lo: 0xb0, hi: 0xb1},
+	{value: 0x0040, lo: 0xb2, hi: 0xbf},
+	// Block 0xa9, offset 0x4fe
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0040, lo: 0x80, hi: 0xbc},
+	{value: 0x3308, lo: 0xbd, hi: 0xbf},
+	// Block 0xaa, offset 0x501
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0808, lo: 0x80, hi: 0x9c},
+	{value: 0x0818, lo: 0x9d, hi: 0xa6},
+	{value: 0x0808, lo: 0xa7, hi: 0xa7},
+	{value: 0x0040, lo: 0xa8, hi: 0xaf},
+	{value: 0x0a08, lo: 0xb0, hi: 0xb2},
+	{value: 0x0c08, lo: 0xb3, hi: 0xb3},
+	{value: 0x0a08, lo: 0xb4, hi: 0xbf},
+	// Block 0xab, offset 0x509
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0a08, lo: 0x80, hi: 0x84},
+	{value: 0x0808, lo: 0x85, hi: 0x85},
+	{value: 0x3308, lo: 0x86, hi: 0x90},
+	{value: 0x0a18, lo: 0x91, hi: 0x93},
+	{value: 0x0c18, lo: 0x94, hi: 0x94},
+	{value: 0x0818, lo: 0x95, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0xaf},
+	{value: 0x0a08, lo: 0xb0, hi: 0xb3},
+	{value: 0x0c08, lo: 0xb4, hi: 0xb5},
+	{value: 0x0a08, lo: 0xb6, hi: 0xbf},
+	// Block 0xac, offset 0x514
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x0a08, lo: 0x80, hi: 0x81},
+	{value: 0x3308, lo: 0x82, hi: 0x85},
+	{value: 0x0818, lo: 0x86, hi: 0x89},
+	{value: 0x0040, lo: 0x8a, hi: 0xaf},
+	{value: 0x0a08, lo: 0xb0, hi: 0xb0},
+	{value: 0x0808, lo: 0xb1, hi: 0xb1},
+	{value: 0x0a08, lo: 0xb2, hi: 0xb3},
+	{value: 0x0c08, lo: 0xb4, hi: 0xb6},
+	{value: 0x0808, lo: 0xb7, hi: 0xb7},
+	{value: 0x0a08, lo: 0xb8, hi: 0xb8},
+	{value: 0x0c08, lo: 0xb9, hi: 0xba},
+	{value: 0x0a08, lo: 0xbb, hi: 0xbc},
+	{value: 0x0c08, lo: 0xbd, hi: 0xbd},
+	{value: 0x0a08, lo: 0xbe, hi: 0xbf},
+	// Block 0xad, offset 0x523
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0808, lo: 0x80, hi: 0x80},
+	{value: 0x0a08, lo: 0x81, hi: 0x81},
+	{value: 0x0c08, lo: 0x82, hi: 0x83},
+	{value: 0x0a08, lo: 0x84, hi: 0x84},
+	{value: 0x0818, lo: 0x85, hi: 0x88},
+	{value: 0x0c18, lo: 0x89, hi: 0x89},
+	{value: 0x0a18, lo: 0x8a, hi: 0x8a},
+	{value: 0x0918, lo: 0x8b, hi: 0x8b},
+	{value: 0x0040, lo: 0x8c, hi: 0x9f},
+	{value: 0x0808, lo: 0xa0, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xbf},
+	// Block 0xae, offset 0x52f
+	{value: 0x0000, lo: 0x05},
+	{value: 0x3008, lo: 0x80, hi: 0x80},
+	{value: 0x3308, lo: 0x81, hi: 0x81},
+	{value: 0x3008, lo: 0x82, hi: 0x82},
+	{value: 0x0008, lo: 0x83, hi: 0xb7},
+	{value: 0x3308, lo: 0xb8, hi: 0xbf},
+	// Block 0xaf, offset 0x535
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x3308, lo: 0x80, hi: 0x85},
+	{value: 0x3b08, lo: 0x86, hi: 0x86},
+	{value: 0x0018, lo: 0x87, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x91},
+	{value: 0x0018, lo: 0x92, hi: 0xa5},
+	{value: 0x0008, lo: 0xa6, hi: 0xaf},
+	{value: 0x3b08, lo: 0xb0, hi: 0xb0},
+	{value: 0x0008, lo: 0xb1, hi: 0xb2},
+	{value: 0x3308, lo: 0xb3, hi: 0xb4},
+	{value: 0x0008, lo: 0xb5, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xbe},
+	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
+	// Block 0xb0, offset 0x542
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x3308, lo: 0x80, hi: 0x81},
+	{value: 0x3008, lo: 0x82, hi: 0x82},
+	{value: 0x0008, lo: 0x83, hi: 0xaf},
+	{value: 0x3008, lo: 0xb0, hi: 0xb2},
+	{value: 0x3308, lo: 0xb3, hi: 0xb6},
+	{value: 0x3008, lo: 0xb7, hi: 0xb8},
+	{value: 0x3b08, lo: 0xb9, hi: 0xb9},
+	{value: 0x3308, lo: 0xba, hi: 0xba},
+	{value: 0x0018, lo: 0xbb, hi: 0xbc},
+	{value: 0x0040, lo: 0xbd, hi: 0xbd},
+	{value: 0x0018, lo: 0xbe, hi: 0xbf},
+	// Block 0xb1, offset 0x54e
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0018, lo: 0x80, hi: 0x81},
+	{value: 0x3308, lo: 0x82, hi: 0x82},
+	{value: 0x0040, lo: 0x83, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xa8},
+	{value: 0x0040, lo: 0xa9, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0xb2, offset 0x556
+	{value: 0x0000, lo: 0x08},
+	{value: 0x3308, lo: 0x80, hi: 0x82},
+	{value: 0x0008, lo: 0x83, hi: 0xa6},
+	{value: 0x3308, lo: 0xa7, hi: 0xab},
+	{value: 0x3008, lo: 0xac, hi: 0xac},
+	{value: 0x3308, lo: 0xad, hi: 0xb2},
+	{value: 0x3b08, lo: 0xb3, hi: 0xb4},
+	{value: 0x0040, lo: 0xb5, hi: 0xb5},
+	{value: 0x0008, lo: 0xb6, hi: 0xbf},
+	// Block 0xb3, offset 0x55f
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0018, lo: 0x80, hi: 0x83},
+	{value: 0x0008, lo: 0x84, hi: 0x84},
+	{value: 0x3008, lo: 0x85, hi: 0x86},
+	{value: 0x0008, lo: 0x87, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xb2},
+	{value: 0x3308, lo: 0xb3, hi: 0xb3},
+	{value: 0x0018, lo: 0xb4, hi: 0xb5},
+	{value: 0x0008, lo: 0xb6, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xbf},
+	// Block 0xb4, offset 0x56a
+	{value: 0x0000, lo: 0x06},
+	{value: 0x3308, lo: 0x80, hi: 0x81},
+	{value: 0x3008, lo: 0x82, hi: 0x82},
+	{value: 0x0008, lo: 0x83, hi: 0xb2},
+	{value: 0x3008, lo: 0xb3, hi: 0xb5},
+	{value: 0x3308, lo: 0xb6, hi: 0xbe},
+	{value: 0x3008, lo: 0xbf, hi: 0xbf},
+	// Block 0xb5, offset 0x571
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x3808, lo: 0x80, hi: 0x80},
+	{value: 0x0008, lo: 0x81, hi: 0x84},
+	{value: 0x0018, lo: 0x85, hi: 0x88},
+	{value: 0x3308, lo: 0x89, hi: 0x8c},
+	{value: 0x0018, lo: 0x8d, hi: 0x8d},
+	{value: 0x3008, lo: 0x8e, hi: 0x8e},
+	{value: 0x3308, lo: 0x8f, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x9a},
+	{value: 0x0018, lo: 0x9b, hi: 0x9b},
+	{value: 0x0008, lo: 0x9c, hi: 0x9c},
+	{value: 0x0018, lo: 0x9d, hi: 0x9f},
+	{value: 0x0040, lo: 0xa0, hi: 0xa0},
+	{value: 0x0018, lo: 0xa1, hi: 0xb4},
+	{value: 0x0040, lo: 0xb5, hi: 0xbf},
+	// Block 0xb6, offset 0x580
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x0008, lo: 0x80, hi: 0x91},
+	{value: 0x0040, lo: 0x92, hi: 0x92},
+	{value: 0x0008, lo: 0x93, hi: 0xab},
+	{value: 0x3008, lo: 0xac, hi: 0xae},
+	{value: 0x3308, lo: 0xaf, hi: 0xb1},
+	{value: 0x3008, lo: 0xb2, hi: 0xb3},
+	{value: 0x3308, lo: 0xb4, hi: 0xb4},
+	{value: 0x3808, lo: 0xb5, hi: 0xb5},
+	{value: 0x3308, lo: 0xb6, hi: 0xb7},
+	{value: 0x0018, lo: 0xb8, hi: 0xbd},
+	{value: 0x3308, lo: 0xbe, hi: 0xbe},
+	{value: 0x0008, lo: 0xbf, hi: 0xbf},
+	// Block 0xb7, offset 0x58d
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0x80},
+	{value: 0x3308, lo: 0x81, hi: 0x81},
+	{value: 0x0040, lo: 0x82, hi: 0xbf},
+	// Block 0xb8, offset 0x591
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x0008, lo: 0x80, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x87},
+	{value: 0x0008, lo: 0x88, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x89},
+	{value: 0x0008, lo: 0x8a, hi: 0x8d},
+	{value: 0x0040, lo: 0x8e, hi: 0x8e},
+	{value: 0x0008, lo: 0x8f, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0x9e},
+	{value: 0x0008, lo: 0x9f, hi: 0xa8},
+	{value: 0x0018, lo: 0xa9, hi: 0xa9},
+	{value: 0x0040, lo: 0xaa, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0xb9, offset 0x59e
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0008, lo: 0x80, hi: 0x9e},
+	{value: 0x3308, lo: 0x9f, hi: 0x9f},
+	{value: 0x3008, lo: 0xa0, hi: 0xa2},
+	{value: 0x3308, lo: 0xa3, hi: 0xa9},
+	{value: 0x3b08, lo: 0xaa, hi: 0xaa},
+	{value: 0x0040, lo: 0xab, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0xba, offset 0x5a7
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0xb4},
+	{value: 0x3008, lo: 0xb5, hi: 0xb7},
+	{value: 0x3308, lo: 0xb8, hi: 0xbf},
+	// Block 0xbb, offset 0x5ab
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x3008, lo: 0x80, hi: 0x81},
+	{value: 0x3b08, lo: 0x82, hi: 0x82},
+	{value: 0x3308, lo: 0x83, hi: 0x84},
+	{value: 0x3008, lo: 0x85, hi: 0x85},
+	{value: 0x3308, lo: 0x86, hi: 0x86},
+	{value: 0x0008, lo: 0x87, hi: 0x8a},
+	{value: 0x0018, lo: 0x8b, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0018, lo: 0x9a, hi: 0x9b},
+	{value: 0x0040, lo: 0x9c, hi: 0x9c},
+	{value: 0x0018, lo: 0x9d, hi: 0x9d},
+	{value: 0x3308, lo: 0x9e, hi: 0x9e},
+	{value: 0x0008, lo: 0x9f, hi: 0xa1},
+	{value: 0x0040, lo: 0xa2, hi: 0xbf},
+	// Block 0xbc, offset 0x5ba
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0xaf},
+	{value: 0x3008, lo: 0xb0, hi: 0xb2},
+	{value: 0x3308, lo: 0xb3, hi: 0xb8},
+	{value: 0x3008, lo: 0xb9, hi: 0xb9},
+	{value: 0x3308, lo: 0xba, hi: 0xba},
+	{value: 0x3008, lo: 0xbb, hi: 0xbe},
+	{value: 0x3308, lo: 0xbf, hi: 0xbf},
+	// Block 0xbd, offset 0x5c2
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x3308, lo: 0x80, hi: 0x80},
+	{value: 0x3008, lo: 0x81, hi: 0x81},
+	{value: 0x3b08, lo: 0x82, hi: 0x82},
+	{value: 0x3308, lo: 0x83, hi: 0x83},
+	{value: 0x0008, lo: 0x84, hi: 0x85},
+	{value: 0x0018, lo: 0x86, hi: 0x86},
+	{value: 0x0008, lo: 0x87, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0xbf},
+	// Block 0xbe, offset 0x5cd
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0008, lo: 0x80, hi: 0xae},
+	{value: 0x3008, lo: 0xaf, hi: 0xb1},
+	{value: 0x3308, lo: 0xb2, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xb7},
+	{value: 0x3008, lo: 0xb8, hi: 0xbb},
+	{value: 0x3308, lo: 0xbc, hi: 0xbd},
+	{value: 0x3008, lo: 0xbe, hi: 0xbe},
+	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
+	// Block 0xbf, offset 0x5d6
+	{value: 0x0000, lo: 0x05},
+	{value: 0x3308, lo: 0x80, hi: 0x80},
+	{value: 0x0018, lo: 0x81, hi: 0x97},
+	{value: 0x0008, lo: 0x98, hi: 0x9b},
+	{value: 0x3308, lo: 0x9c, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0xbf},
+	// Block 0xc0, offset 0x5dc
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0xaf},
+	{value: 0x3008, lo: 0xb0, hi: 0xb2},
+	{value: 0x3308, lo: 0xb3, hi: 0xba},
+	{value: 0x3008, lo: 0xbb, hi: 0xbc},
+	{value: 0x3308, lo: 0xbd, hi: 0xbd},
+	{value: 0x3008, lo: 0xbe, hi: 0xbe},
+	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
+	// Block 0xc1, offset 0x5e4
+	{value: 0x0000, lo: 0x08},
+	{value: 0x3308, lo: 0x80, hi: 0x80},
+	{value: 0x0018, lo: 0x81, hi: 0x83},
+	{value: 0x0008, lo: 0x84, hi: 0x84},
+	{value: 0x0040, lo: 0x85, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xac},
+	{value: 0x0040, lo: 0xad, hi: 0xbf},
+	// Block 0xc2, offset 0x5ed
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0008, lo: 0x80, hi: 0xaa},
+	{value: 0x3308, lo: 0xab, hi: 0xab},
+	{value: 0x3008, lo: 0xac, hi: 0xac},
+	{value: 0x3308, lo: 0xad, hi: 0xad},
+	{value: 0x3008, lo: 0xae, hi: 0xaf},
+	{value: 0x3308, lo: 0xb0, hi: 0xb5},
+	{value: 0x3808, lo: 0xb6, hi: 0xb6},
+	{value: 0x3308, lo: 0xb7, hi: 0xb7},
+	{value: 0x0008, lo: 0xb8, hi: 0xb8},
+	{value: 0x0018, lo: 0xb9, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0xc3, offset 0x5f9
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0x89},
+	{value: 0x0040, lo: 0x8a, hi: 0xbf},
+	// Block 0xc4, offset 0x5fc
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0008, lo: 0x80, hi: 0x9a},
+	{value: 0x0040, lo: 0x9b, hi: 0x9c},
+	{value: 0x3308, lo: 0x9d, hi: 0x9f},
+	{value: 0x3008, lo: 0xa0, hi: 0xa1},
+	{value: 0x3308, lo: 0xa2, hi: 0xa5},
+	{value: 0x3008, lo: 0xa6, hi: 0xa6},
+	{value: 0x3308, lo: 0xa7, hi: 0xaa},
+	{value: 0x3b08, lo: 0xab, hi: 0xab},
+	{value: 0x0040, lo: 0xac, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb9},
+	{value: 0x0018, lo: 0xba, hi: 0xbf},
+	// Block 0xc5, offset 0x608
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0xbf},
+	// Block 0xc6, offset 0x60b
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0008, lo: 0x80, hi: 0xab},
+	{value: 0x3008, lo: 0xac, hi: 0xae},
+	{value: 0x3308, lo: 0xaf, hi: 0xb7},
+	{value: 0x3008, lo: 0xb8, hi: 0xb8},
+	{value: 0x3b08, lo: 0xb9, hi: 0xb9},
+	{value: 0x3308, lo: 0xba, hi: 0xba},
+	{value: 0x0018, lo: 0xbb, hi: 0xbb},
+	{value: 0x0040, lo: 0xbc, hi: 0xbf},
+	// Block 0xc7, offset 0x614
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0040, lo: 0x80, hi: 0x9f},
+	{value: 0x049d, lo: 0xa0, hi: 0xbf},
+	// Block 0xc8, offset 0x617
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0xa9},
+	{value: 0x0018, lo: 0xaa, hi: 0xb2},
+	{value: 0x0040, lo: 0xb3, hi: 0xbe},
+	{value: 0x0008, lo: 0xbf, hi: 0xbf},
+	// Block 0xc9, offset 0x61c
+	{value: 0x0000, lo: 0x08},
+	{value: 0x3008, lo: 0x80, hi: 0x80},
+	{value: 0x0008, lo: 0x81, hi: 0x81},
+	{value: 0x3008, lo: 0x82, hi: 0x82},
+	{value: 0x3308, lo: 0x83, hi: 0x83},
+	{value: 0x0018, lo: 0x84, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0xbf},
+	// Block 0xca, offset 0x625
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0040, lo: 0x80, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa7},
+	{value: 0x0040, lo: 0xa8, hi: 0xa9},
+	{value: 0x0008, lo: 0xaa, hi: 0xbf},
+	// Block 0xcb, offset 0x62a
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x0008, lo: 0x80, hi: 0x90},
+	{value: 0x3008, lo: 0x91, hi: 0x93},
+	{value: 0x3308, lo: 0x94, hi: 0x97},
+	{value: 0x0040, lo: 0x98, hi: 0x99},
+	{value: 0x3308, lo: 0x9a, hi: 0x9b},
+	{value: 0x3008, lo: 0x9c, hi: 0x9f},
+	{value: 0x3b08, lo: 0xa0, hi: 0xa0},
+	{value: 0x0008, lo: 0xa1, hi: 0xa1},
+	{value: 0x0018, lo: 0xa2, hi: 0xa2},
+	{value: 0x0008, lo: 0xa3, hi: 0xa3},
+	{value: 0x3008, lo: 0xa4, hi: 0xa4},
+	{value: 0x0040, lo: 0xa5, hi: 0xbf},
+	// Block 0xcc, offset 0x637
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0008, lo: 0x80, hi: 0x80},
+	{value: 0x3308, lo: 0x81, hi: 0x8a},
+	{value: 0x0008, lo: 0x8b, hi: 0xb2},
+	{value: 0x3308, lo: 0xb3, hi: 0xb3},
+	{value: 0x3b08, lo: 0xb4, hi: 0xb4},
+	{value: 0x3308, lo: 0xb5, hi: 0xb8},
+	{value: 0x3008, lo: 0xb9, hi: 0xb9},
+	{value: 0x0008, lo: 0xba, hi: 0xba},
+	{value: 0x3308, lo: 0xbb, hi: 0xbe},
+	{value: 0x0018, lo: 0xbf, hi: 0xbf},
+	// Block 0xcd, offset 0x642
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0018, lo: 0x80, hi: 0x86},
+	{value: 0x3b08, lo: 0x87, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x90},
+	{value: 0x3308, lo: 0x91, hi: 0x96},
+	{value: 0x3008, lo: 0x97, hi: 0x98},
+	{value: 0x3308, lo: 0x99, hi: 0x9b},
+	{value: 0x0008, lo: 0x9c, hi: 0xbf},
+	// Block 0xce, offset 0x64b
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0008, lo: 0x80, hi: 0x89},
+	{value: 0x3308, lo: 0x8a, hi: 0x96},
+	{value: 0x3008, lo: 0x97, hi: 0x97},
+	{value: 0x3308, lo: 0x98, hi: 0x98},
+	{value: 0x3b08, lo: 0x99, hi: 0x99},
+	{value: 0x0018, lo: 0x9a, hi: 0x9c},
+	{value: 0x0008, lo: 0x9d, hi: 0x9d},
+	{value: 0x0018, lo: 0x9e, hi: 0xa2},
+	{value: 0x0040, lo: 0xa3, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0xcf, offset 0x656
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xb8},
+	{value: 0x0040, lo: 0xb9, hi: 0xbf},
+	// Block 0xd0, offset 0x659
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0018, lo: 0x80, hi: 0x89},
+	{value: 0x0040, lo: 0x8a, hi: 0xbf},
+	// Block 0xd1, offset 0x65c
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0008, lo: 0x80, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x89},
+	{value: 0x0008, lo: 0x8a, hi: 0xae},
+	{value: 0x3008, lo: 0xaf, hi: 0xaf},
+	{value: 0x3308, lo: 0xb0, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xb7},
+	{value: 0x3308, lo: 0xb8, hi: 0xbd},
+	{value: 0x3008, lo: 0xbe, hi: 0xbe},
+	{value: 0x3b08, lo: 0xbf, hi: 0xbf},
+	// Block 0xd2, offset 0x666
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0008, lo: 0x80, hi: 0x80},
+	{value: 0x0018, lo: 0x81, hi: 0x85},
+	{value: 0x0040, lo: 0x86, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0018, lo: 0x9a, hi: 0xac},
+	{value: 0x0040, lo: 0xad, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb1},
+	{value: 0x0008, lo: 0xb2, hi: 0xbf},
+	// Block 0xd3, offset 0x66f
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x0008, lo: 0x80, hi: 0x8f},
+	{value: 0x0040, lo: 0x90, hi: 0x91},
+	{value: 0x3308, lo: 0x92, hi: 0xa7},
+	{value: 0x0040, lo: 0xa8, hi: 0xa8},
+	{value: 0x3008, lo: 0xa9, hi: 0xa9},
+	{value: 0x3308, lo: 0xaa, hi: 0xb0},
+	{value: 0x3008, lo: 0xb1, hi: 0xb1},
+	{value: 0x3308, lo: 0xb2, hi: 0xb3},
+	{value: 0x3008, lo: 0xb4, hi: 0xb4},
+	{value: 0x3308, lo: 0xb5, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xbf},
+	// Block 0xd4, offset 0x67b
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x0008, lo: 0x80, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x87},
+	{value: 0x0008, lo: 0x88, hi: 0x89},
+	{value: 0x0040, lo: 0x8a, hi: 0x8a},
+	{value: 0x0008, lo: 0x8b, hi: 0xb0},
+	{value: 0x3308, lo: 0xb1, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xb9},
+	{value: 0x3308, lo: 0xba, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbb},
+	{value: 0x3308, lo: 0xbc, hi: 0xbd},
+	{value: 0x0040, lo: 0xbe, hi: 0xbe},
+	{value: 0x3308, lo: 0xbf, hi: 0xbf},
+	// Block 0xd5, offset 0x688
+	{value: 0x0000, lo: 0x0c},
+	{value: 0x3308, lo: 0x80, hi: 0x83},
+	{value: 0x3b08, lo: 0x84, hi: 0x85},
+	{value: 0x0008, lo: 0x86, hi: 0x86},
+	{value: 0x3308, lo: 0x87, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa5},
+	{value: 0x0040, lo: 0xa6, hi: 0xa6},
+	{value: 0x0008, lo: 0xa7, hi: 0xa8},
+	{value: 0x0040, lo: 0xa9, hi: 0xa9},
+	{value: 0x0008, lo: 0xaa, hi: 0xbf},
+	// Block 0xd6, offset 0x695
+	{value: 0x0000, lo: 0x0d},
+	{value: 0x0008, lo: 0x80, hi: 0x89},
+	{value: 0x3008, lo: 0x8a, hi: 0x8e},
+	{value: 0x0040, lo: 0x8f, hi: 0x8f},
+	{value: 0x3308, lo: 0x90, hi: 0x91},
+	{value: 0x0040, lo: 0x92, hi: 0x92},
+	{value: 0x3008, lo: 0x93, hi: 0x94},
+	{value: 0x3308, lo: 0x95, hi: 0x95},
+	{value: 0x3008, lo: 0x96, hi: 0x96},
+	{value: 0x3b08, lo: 0x97, hi: 0x97},
+	{value: 0x0008, lo: 0x98, hi: 0x98},
+	{value: 0x0040, lo: 0x99, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa9},
+	{value: 0x0040, lo: 0xaa, hi: 0xbf},
+	// Block 0xd7, offset 0x6a3
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0040, lo: 0x80, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xb2},
+	{value: 0x3308, lo: 0xb3, hi: 0xb4},
+	{value: 0x3008, lo: 0xb5, hi: 0xb6},
+	{value: 0x0018, lo: 0xb7, hi: 0xb8},
+	{value: 0x0040, lo: 0xb9, hi: 0xbf},
+	// Block 0xd8, offset 0x6aa
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x3308, lo: 0x80, hi: 0x81},
+	{value: 0x0008, lo: 0x82, hi: 0x82},
+	{value: 0x3008, lo: 0x83, hi: 0x83},
+	{value: 0x0008, lo: 0x84, hi: 0x90},
+	{value: 0x0040, lo: 0x91, hi: 0x91},
+	{value: 0x0008, lo: 0x92, hi: 0xb3},
+	{value: 0x3008, lo: 0xb4, hi: 0xb5},
+	{value: 0x3308, lo: 0xb6, hi: 0xba},
+	{value: 0x0040, lo: 0xbb, hi: 0xbd},
+	{value: 0x3008, lo: 0xbe, hi: 0xbf},
+	// Block 0xd9, offset 0x6b5
+	{value: 0x0000, lo: 0x06},
+	{value: 0x3308, lo: 0x80, hi: 0x80},
+	{value: 0x3808, lo: 0x81, hi: 0x81},
+	{value: 0x3b08, lo: 0x82, hi: 0x82},
+	{value: 0x0018, lo: 0x83, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0xbf},
+	// Block 0xda, offset 0x6bc
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0040, lo: 0x80, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb0},
+	{value: 0x0040, lo: 0xb1, hi: 0xbf},
+	// Block 0xdb, offset 0x6c0
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0xb1},
+	{value: 0x0040, lo: 0xb2, hi: 0xbe},
+	{value: 0x0018, lo: 0xbf, hi: 0xbf},
+	// Block 0xdc, offset 0x6c4
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0xbf},
+	// Block 0xdd, offset 0x6c7
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0xae},
+	{value: 0x0040, lo: 0xaf, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb4},
+	{value: 0x0040, lo: 0xb5, hi: 0xbf},
+	// Block 0xde, offset 0x6cc
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0x83},
+	{value: 0x0040, lo: 0x84, hi: 0xbf},
+	// Block 0xdf, offset 0x6cf
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0040, lo: 0x80, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xbf},
+	// Block 0xe0, offset 0x6d2
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0xb0},
+	{value: 0x0018, lo: 0xb1, hi: 0xb2},
+	{value: 0x0040, lo: 0xb3, hi: 0xbf},
+	// Block 0xe1, offset 0x6d6
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xaf},
+	{value: 0x0340, lo: 0xb0, hi: 0xbf},
+	// Block 0xe2, offset 0x6d9
+	{value: 0x0000, lo: 0x04},
+	{value: 0x3308, lo: 0x80, hi: 0x80},
+	{value: 0x0008, lo: 0x81, hi: 0x86},
+	{value: 0x3308, lo: 0x87, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0xbf},
+	// Block 0xe3, offset 0x6de
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0008, lo: 0x80, hi: 0x9e},
+	{value: 0x0040, lo: 0x9f, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa9},
+	{value: 0x0040, lo: 0xaa, hi: 0xad},
+	{value: 0x0018, lo: 0xae, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0xe4, offset 0x6e5
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xbe},
+	{value: 0x0040, lo: 0xbf, hi: 0xbf},
+	// Block 0xe5, offset 0x6e8
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0008, lo: 0x80, hi: 0x89},
+	{value: 0x0040, lo: 0x8a, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x3308, lo: 0xb0, hi: 0xb4},
+	{value: 0x0018, lo: 0xb5, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xbf},
+	// Block 0xe6, offset 0x6f0
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0xaf},
+	{value: 0x3308, lo: 0xb0, hi: 0xb6},
+	{value: 0x0018, lo: 0xb7, hi: 0xbf},
+	// Block 0xe7, offset 0x6f4
+	{value: 0x0000, lo: 0x0a},
+	{value: 0x0008, lo: 0x80, hi: 0x83},
+	{value: 0x0018, lo: 0x84, hi: 0x85},
+	{value: 0x0040, lo: 0x86, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9a},
+	{value: 0x0018, lo: 0x9b, hi: 0xa1},
+	{value: 0x0040, lo: 0xa2, hi: 0xa2},
+	{value: 0x0008, lo: 0xa3, hi: 0xb7},
+	{value: 0x0040, lo: 0xb8, hi: 0xbc},
+	{value: 0x0008, lo: 0xbd, hi: 0xbf},
+	// Block 0xe8, offset 0x6ff
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0x8f},
+	{value: 0x0040, lo: 0x90, hi: 0xbf},
+	// Block 0xe9, offset 0x702
+	{value: 0x0000, lo: 0x02},
+	{value: 0xe105, lo: 0x80, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xbf},
+	// Block 0xea, offset 0x705
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0018, lo: 0x80, hi: 0x9a},
+	{value: 0x0040, lo: 0x9b, hi: 0xbf},
+	// Block 0xeb, offset 0x708
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0x8a},
+	{value: 0x0040, lo: 0x8b, hi: 0x8e},
+	{value: 0x3308, lo: 0x8f, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x90},
+	{value: 0x3008, lo: 0x91, hi: 0xbf},
+	// Block 0xec, offset 0x70e
+	{value: 0x0000, lo: 0x05},
+	{value: 0x3008, lo: 0x80, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8e},
+	{value: 0x3308, lo: 0x8f, hi: 0x92},
+	{value: 0x0008, lo: 0x93, hi: 0x9f},
+	{value: 0x0040, lo: 0xa0, hi: 0xbf},
+	// Block 0xed, offset 0x714
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0040, lo: 0x80, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa1},
+	{value: 0x0018, lo: 0xa2, hi: 0xa2},
+	{value: 0x0008, lo: 0xa3, hi: 0xa3},
+	{value: 0x3308, lo: 0xa4, hi: 0xa4},
+	{value: 0x0040, lo: 0xa5, hi: 0xaf},
+	{value: 0x3008, lo: 0xb0, hi: 0xb1},
+	{value: 0x0040, lo: 0xb2, hi: 0xbf},
+	// Block 0xee, offset 0x71d
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xb7},
+	{value: 0x0040, lo: 0xb8, hi: 0xbf},
+	// Block 0xef, offset 0x720
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0xbf},
+	// Block 0xf0, offset 0x723
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0xbf},
+	// Block 0xf1, offset 0x726
+	{value: 0x0000, lo: 0x07},
+	{value: 0x0040, lo: 0x80, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb3},
+	{value: 0x0040, lo: 0xb4, hi: 0xb4},
+	{value: 0x0008, lo: 0xb5, hi: 0xbb},
+	{value: 0x0040, lo: 0xbc, hi: 0xbc},
+	{value: 0x0008, lo: 0xbd, hi: 0xbe},
+	{value: 0x0040, lo: 0xbf, hi: 0xbf},
+	// Block 0xf2, offset 0x72e
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0xa2},
+	{value: 0x0040, lo: 0xa3, hi: 0xb1},
+	{value: 0x0008, lo: 0xb2, hi: 0xb2},
+	{value: 0x0040, lo: 0xb3, hi: 0xbf},
+	// Block 0xf3, offset 0x733
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0040, lo: 0x80, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x92},
+	{value: 0x0040, lo: 0x93, hi: 0x94},
+	{value: 0x0008, lo: 0x95, hi: 0x95},
+	{value: 0x0040, lo: 0x96, hi: 0xa3},
+	{value: 0x0008, lo: 0xa4, hi: 0xa7},
+	{value: 0x0040, lo: 0xa8, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0xf4, offset 0x73c
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xbb},
+	{value: 0x0040, lo: 0xbc, hi: 0xbf},
+	// Block 0xf5, offset 0x73f
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0xaa},
+	{value: 0x0040, lo: 0xab, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbc},
+	{value: 0x0040, lo: 0xbd, hi: 0xbf},
+	// Block 0xf6, offset 0x744
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0008, lo: 0x80, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9b},
+	{value: 0x0018, lo: 0x9c, hi: 0x9c},
+	{value: 0x3308, lo: 0x9d, hi: 0x9e},
+	{value: 0x0018, lo: 0x9f, hi: 0x9f},
+	{value: 0x03c0, lo: 0xa0, hi: 0xa3},
+	{value: 0x0040, lo: 0xa4, hi: 0xbf},
+	// Block 0xf7, offset 0x74e
+	{value: 0x0000, lo: 0x03},
+	{value: 0x3308, lo: 0x80, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x3308, lo: 0xb0, hi: 0xbf},
+	// Block 0xf8, offset 0x752
+	{value: 0x0000, lo: 0x03},
+	{value: 0x3308, lo: 0x80, hi: 0x86},
+	{value: 0x0040, lo: 0x87, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0xbf},
+	// Block 0xf9, offset 0x756
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0018, lo: 0x80, hi: 0x83},
+	{value: 0x0040, lo: 0x84, hi: 0xbf},
+	// Block 0xfa, offset 0x759
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0018, lo: 0x80, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xbf},
+	// Block 0xfb, offset 0x75c
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0xa6},
+	{value: 0x0040, lo: 0xa7, hi: 0xa8},
+	{value: 0x0018, lo: 0xa9, hi: 0xbf},
+	// Block 0xfc, offset 0x760
+	{value: 0x0000, lo: 0x0e},
+	{value: 0x0018, lo: 0x80, hi: 0x9d},
+	{value: 0x2379, lo: 0x9e, hi: 0x9e},
+	{value: 0x2381, lo: 0x9f, hi: 0x9f},
+	{value: 0x2389, lo: 0xa0, hi: 0xa0},
+	{value: 0x2391, lo: 0xa1, hi: 0xa1},
+	{value: 0x2399, lo: 0xa2, hi: 0xa2},
+	{value: 0x23a1, lo: 0xa3, hi: 0xa3},
+	{value: 0x23a9, lo: 0xa4, hi: 0xa4},
+	{value: 0x3018, lo: 0xa5, hi: 0xa6},
+	{value: 0x3318, lo: 0xa7, hi: 0xa9},
+	{value: 0x0018, lo: 0xaa, hi: 0xac},
+	{value: 0x3018, lo: 0xad, hi: 0xb2},
+	{value: 0x0340, lo: 0xb3, hi: 0xba},
+	{value: 0x3318, lo: 0xbb, hi: 0xbf},
+	// Block 0xfd, offset 0x76f
+	{value: 0x0000, lo: 0x0b},
+	{value: 0x3318, lo: 0x80, hi: 0x82},
+	{value: 0x0018, lo: 0x83, hi: 0x84},
+	{value: 0x3318, lo: 0x85, hi: 0x8b},
+	{value: 0x0018, lo: 0x8c, hi: 0xa9},
+	{value: 0x3318, lo: 0xaa, hi: 0xad},
+	{value: 0x0018, lo: 0xae, hi: 0xba},
+	{value: 0x23b1, lo: 0xbb, hi: 0xbb},
+	{value: 0x23b9, lo: 0xbc, hi: 0xbc},
+	{value: 0x23c1, lo: 0xbd, hi: 0xbd},
+	{value: 0x23c9, lo: 0xbe, hi: 0xbe},
+	{value: 0x23d1, lo: 0xbf, hi: 0xbf},
+	// Block 0xfe, offset 0x77b
+	{value: 0x0000, lo: 0x03},
+	{value: 0x23d9, lo: 0x80, hi: 0x80},
+	{value: 0x0018, lo: 0x81, hi: 0xaa},
+	{value: 0x0040, lo: 0xab, hi: 0xbf},
+	// Block 0xff, offset 0x77f
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0x81},
+	{value: 0x3318, lo: 0x82, hi: 0x84},
+	{value: 0x0018, lo: 0x85, hi: 0x85},
+	{value: 0x0040, lo: 0x86, hi: 0xbf},
+	// Block 0x100, offset 0x784
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0x93},
+	{value: 0x0040, lo: 0x94, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xb3},
+	{value: 0x0040, lo: 0xb4, hi: 0xbf},
+	// Block 0x101, offset 0x789
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xb8},
+	{value: 0x0040, lo: 0xb9, hi: 0xbf},
+	// Block 0x102, offset 0x78e
+	{value: 0x0000, lo: 0x03},
+	{value: 0x3308, lo: 0x80, hi: 0xb6},
+	{value: 0x0018, lo: 0xb7, hi: 0xba},
+	{value: 0x3308, lo: 0xbb, hi: 0xbf},
+	// Block 0x103, offset 0x792
+	{value: 0x0000, lo: 0x04},
+	{value: 0x3308, lo: 0x80, hi: 0xac},
+	{value: 0x0018, lo: 0xad, hi: 0xb4},
+	{value: 0x3308, lo: 0xb5, hi: 0xb5},
+	{value: 0x0018, lo: 0xb6, hi: 0xbf},
+	// Block 0x104, offset 0x797
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0018, lo: 0x80, hi: 0x83},
+	{value: 0x3308, lo: 0x84, hi: 0x84},
+	{value: 0x0018, lo: 0x85, hi: 0x8b},
+	{value: 0x0040, lo: 0x8c, hi: 0x9a},
+	{value: 0x3308, lo: 0x9b, hi: 0x9f},
+	{value: 0x0040, lo: 0xa0, hi: 0xa0},
+	{value: 0x3308, lo: 0xa1, hi: 0xaf},
+	{value: 0x0040, lo: 0xb0, hi: 0xbf},
+	// Block 0x105, offset 0x7a0
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0008, lo: 0x80, hi: 0x9e},
+	{value: 0x0040, lo: 0x9f, hi: 0xa4},
+	{value: 0x0008, lo: 0xa5, hi: 0xaa},
+	{value: 0x0040, lo: 0xab, hi: 0xbf},
+	// Block 0x106, offset 0x7a5
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0040, lo: 0x80, hi: 0x8e},
+	{value: 0x3308, lo: 0x8f, hi: 0x8f},
+	{value: 0x0040, lo: 0x90, hi: 0xbf},
+	// Block 0x107, offset 0x7a9
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0xac},
+	{value: 0x0040, lo: 0xad, hi: 0xaf},
+	{value: 0x3308, lo: 0xb0, hi: 0xb6},
+	{value: 0x0008, lo: 0xb7, hi: 0xbd},
+	{value: 0x0040, lo: 0xbe, hi: 0xbf},
+	// Block 0x108, offset 0x7af
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0x89},
+	{value: 0x0040, lo: 0x8a, hi: 0x8d},
+	{value: 0x0008, lo: 0x8e, hi: 0x8e},
+	{value: 0x0018, lo: 0x8f, hi: 0x8f},
+	{value: 0x0040, lo: 0x90, hi: 0xbf},
+	// Block 0x109, offset 0x7b5
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0040, lo: 0x80, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xad},
+	{value: 0x3308, lo: 0xae, hi: 0xae},
+	{value: 0x0040, lo: 0xaf, hi: 0xbf},
+	// Block 0x10a, offset 0x7ba
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0008, lo: 0x80, hi: 0xab},
+	{value: 0x3308, lo: 0xac, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbe},
+	{value: 0x0018, lo: 0xbf, hi: 0xbf},
+	// Block 0x10b, offset 0x7c0
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0040, lo: 0x80, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xab},
+	{value: 0x3308, lo: 0xac, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0x10c, offset 0x7c6
+	{value: 0x0000, lo: 0x09},
+	{value: 0x0040, lo: 0x80, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xa6},
+	{value: 0x0040, lo: 0xa7, hi: 0xa7},
+	{value: 0x0008, lo: 0xa8, hi: 0xab},
+	{value: 0x0040, lo: 0xac, hi: 0xac},
+	{value: 0x0008, lo: 0xad, hi: 0xae},
+	{value: 0x0040, lo: 0xaf, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbe},
+	{value: 0x0040, lo: 0xbf, hi: 0xbf},
+	// Block 0x10d, offset 0x7d0
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0808, lo: 0x80, hi: 0x84},
+	{value: 0x0040, lo: 0x85, hi: 0x86},
+	{value: 0x0818, lo: 0x87, hi: 0x8f},
+	{value: 0x3308, lo: 0x90, hi: 0x96},
+	{value: 0x0040, lo: 0x97, hi: 0xbf},
+	// Block 0x10e, offset 0x7d6
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0a08, lo: 0x80, hi: 0x83},
+	{value: 0x3308, lo: 0x84, hi: 0x8a},
+	{value: 0x0b08, lo: 0x8b, hi: 0x8b},
+	{value: 0x0040, lo: 0x8c, hi: 0x8f},
+	{value: 0x0808, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9d},
+	{value: 0x0818, lo: 0x9e, hi: 0x9f},
+	{value: 0x0040, lo: 0xa0, hi: 0xbf},
+	// Block 0x10f, offset 0x7df
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0040, lo: 0x80, hi: 0xb0},
+	{value: 0x0818, lo: 0xb1, hi: 0xbf},
+	// Block 0x110, offset 0x7e2
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0818, lo: 0x80, hi: 0xb4},
+	{value: 0x0040, lo: 0xb5, hi: 0xbf},
+	// Block 0x111, offset 0x7e5
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0040, lo: 0x80, hi: 0x80},
+	{value: 0x0818, lo: 0x81, hi: 0xbd},
+	{value: 0x0040, lo: 0xbe, hi: 0xbf},
+	// Block 0x112, offset 0x7e9
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0040, lo: 0x80, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb1},
+	{value: 0x0040, lo: 0xb2, hi: 0xbf},
+	// Block 0x113, offset 0x7ed
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0xab},
+	{value: 0x0040, lo: 0xac, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xbf},
+	// Block 0x114, offset 0x7f1
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0018, lo: 0x80, hi: 0x93},
+	{value: 0x0040, lo: 0x94, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xae},
+	{value: 0x0040, lo: 0xaf, hi: 0xb0},
+	{value: 0x0018, lo: 0xb1, hi: 0xbf},
+	// Block 0x115, offset 0x7f7
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0040, lo: 0x80, hi: 0x80},
+	{value: 0x0018, lo: 0x81, hi: 0x8f},
+	{value: 0x0040, lo: 0x90, hi: 0x90},
+	{value: 0x0018, lo: 0x91, hi: 0xb5},
+	{value: 0x0040, lo: 0xb6, hi: 0xbf},
+	// Block 0x116, offset 0x7fd
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0018, lo: 0x80, hi: 0x8f},
+	{value: 0x2709, lo: 0x90, hi: 0x90},
+	{value: 0x0018, lo: 0x91, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xbf},
+	// Block 0x117, offset 0x802
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0040, lo: 0x80, hi: 0xa5},
+	{value: 0x0018, lo: 0xa6, hi: 0xbf},
+	// Block 0x118, offset 0x805
+	{value: 0x0000, lo: 0x0f},
+	{value: 0x2889, lo: 0x80, hi: 0x80},
+	{value: 0x2891, lo: 0x81, hi: 0x81},
+	{value: 0x2899, lo: 0x82, hi: 0x82},
+	{value: 0x28a1, lo: 0x83, hi: 0x83},
+	{value: 0x28a9, lo: 0x84, hi: 0x84},
+	{value: 0x28b1, lo: 0x85, hi: 0x85},
+	{value: 0x28b9, lo: 0x86, hi: 0x86},
+	{value: 0x28c1, lo: 0x87, hi: 0x87},
+	{value: 0x28c9, lo: 0x88, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x8f},
+	{value: 0x28d1, lo: 0x90, hi: 0x90},
+	{value: 0x28d9, lo: 0x91, hi: 0x91},
+	{value: 0x0040, lo: 0x92, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xa5},
+	{value: 0x0040, lo: 0xa6, hi: 0xbf},
+	// Block 0x119, offset 0x815
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0018, lo: 0x80, hi: 0x97},
+	{value: 0x0040, lo: 0x98, hi: 0x9b},
+	{value: 0x0018, lo: 0x9c, hi: 0xac},
+	{value: 0x0040, lo: 0xad, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xbc},
+	{value: 0x0040, lo: 0xbd, hi: 0xbf},
+	// Block 0x11a, offset 0x81c
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0xb6},
+	{value: 0x0040, lo: 0xb7, hi: 0xba},
+	{value: 0x0018, lo: 0xbb, hi: 0xbf},
+	// Block 0x11b, offset 0x820
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0018, lo: 0x80, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xab},
+	{value: 0x0040, lo: 0xac, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb0},
+	{value: 0x0040, lo: 0xb1, hi: 0xbf},
+	// Block 0x11c, offset 0x827
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0x8b},
+	{value: 0x0040, lo: 0x8c, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0xbf},
+	// Block 0x11d, offset 0x82b
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0018, lo: 0x80, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0x99},
+	{value: 0x0040, lo: 0x9a, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xbf},
+	// Block 0x11e, offset 0x831
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0018, lo: 0x80, hi: 0x87},
+	{value: 0x0040, lo: 0x88, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb1},
+	{value: 0x0040, lo: 0xb2, hi: 0xbf},
+	// Block 0x11f, offset 0x838
+	{value: 0x0000, lo: 0x06},
+	{value: 0x0018, lo: 0x80, hi: 0x93},
+	{value: 0x0040, lo: 0x94, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xad},
+	{value: 0x0040, lo: 0xae, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xbc},
+	{value: 0x0040, lo: 0xbd, hi: 0xbf},
+	// Block 0x120, offset 0x83f
+	{value: 0x0000, lo: 0x05},
+	{value: 0x0018, lo: 0x80, hi: 0x88},
+	{value: 0x0040, lo: 0x89, hi: 0x8f},
+	{value: 0x0018, lo: 0x90, hi: 0xbd},
+	{value: 0x0040, lo: 0xbe, hi: 0xbe},
+	{value: 0x0018, lo: 0xbf, hi: 0xbf},
+	// Block 0x121, offset 0x845
+	{value: 0x0000, lo: 0x08},
+	{value: 0x0018, lo: 0x80, hi: 0x85},
+	{value: 0x0040, lo: 0x86, hi: 0x8d},
+	{value: 0x0018, lo: 0x8e, hi: 0x9b},
+	{value: 0x0040, lo: 0x9c, hi: 0x9f},
+	{value: 0x0018, lo: 0xa0, hi: 0xa8},
+	{value: 0x0040, lo: 0xa9, hi: 0xaf},
+	{value: 0x0018, lo: 0xb0, hi: 0xb8},
+	{value: 0x0040, lo: 0xb9, hi: 0xbf},
+	// Block 0x122, offset 0x84e
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0018, lo: 0x80, hi: 0x92},
+	{value: 0x0040, lo: 0x93, hi: 0x93},
+	{value: 0x0018, lo: 0x94, hi: 0xbf},
+	// Block 0x123, offset 0x852
+	{value: 0x0000, lo: 0x0d},
+	{value: 0x0018, lo: 0x80, hi: 0x8a},
+	{value: 0x0040, lo: 0x8b, hi: 0xaf},
+	{value: 0x06e1, lo: 0xb0, hi: 0xb0},
+	{value: 0x0049, lo: 0xb1, hi: 0xb1},
+	{value: 0x0029, lo: 0xb2, hi: 0xb2},
+	{value: 0x0031, lo: 0xb3, hi: 0xb3},
+	{value: 0x06e9, lo: 0xb4, hi: 0xb4},
+	{value: 0x06f1, lo: 0xb5, hi: 0xb5},
+	{value: 0x06f9, lo: 0xb6, hi: 0xb6},
+	{value: 0x0701, lo: 0xb7, hi: 0xb7},
+	{value: 0x0709, lo: 0xb8, hi: 0xb8},
+	{value: 0x0711, lo: 0xb9, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0x124, offset 0x860
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0x9f},
+	{value: 0x0040, lo: 0xa0, hi: 0xbf},
+	// Block 0x125, offset 0x863
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xb9},
+	{value: 0x0040, lo: 0xba, hi: 0xbf},
+	// Block 0x126, offset 0x866
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0x9d},
+	{value: 0x0040, lo: 0x9e, hi: 0x9f},
+	{value: 0x0008, lo: 0xa0, hi: 0xbf},
+	// Block 0x127, offset 0x86a
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0xa1},
+	{value: 0x0040, lo: 0xa2, hi: 0xaf},
+	{value: 0x0008, lo: 0xb0, hi: 0xbf},
+	// Block 0x128, offset 0x86e
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xa0},
+	{value: 0x0040, lo: 0xa1, hi: 0xbf},
+	// Block 0x129, offset 0x871
+	{value: 0x0000, lo: 0x03},
+	{value: 0x0008, lo: 0x80, hi: 0x8a},
+	{value: 0x0040, lo: 0x8b, hi: 0x8f},
+	{value: 0x0008, lo: 0x90, hi: 0xbf},
+	// Block 0x12a, offset 0x875
+	{value: 0x0000, lo: 0x02},
+	{value: 0x0008, lo: 0x80, hi: 0xaf},
+	{value: 0x0040, lo: 0xb0, hi: 0xbf},
+	// Block 0x12b, offset 0x878
+	{value: 0x0000, lo: 0x04},
+	{value: 0x0040, lo: 0x80, hi: 0x80},
+	{value: 0x0340, lo: 0x81, hi: 0x81},
+	{value: 0x0040, lo: 0x82, hi: 0x9f},
+	{value: 0x0340, lo: 0xa0, hi: 0xbf},
+	// Block 0x12c, offset 0x87d
+	{value: 0x0000, lo: 0x01},
+	{value: 0x0340, lo: 0x80, hi: 0xbf},
+	// Block 0x12d, offset 0x87f
+	{value: 0x0000, lo: 0x01},
+	{value: 0x33c0, lo: 0x80, hi: 0xbf},
+	// Block 0x12e, offset 0x881
+	{value: 0x0000, lo: 0x02},
+	{value: 0x33c0, lo: 0x80, hi: 0xaf},
+	{value: 0x0040, lo: 0xb0, hi: 0xbf},
+}
+
+// Total table size 46723 bytes (45KiB); checksum: 4CF3143A
diff --git a/vendor/golang.org/x/net/idna/trie.go b/vendor/golang.org/x/net/idna/trie.go
index c4ef847e7..421274172 100644
--- a/vendor/golang.org/x/net/idna/trie.go
+++ b/vendor/golang.org/x/net/idna/trie.go
@@ -6,27 +6,6 @@
 
 package idna
 
-// appendMapping appends the mapping for the respective rune. isMapped must be
-// true. A mapping is a categorization of a rune as defined in UTS #46.
-func (c info) appendMapping(b []byte, s string) []byte {
-	index := int(c >> indexShift)
-	if c&xorBit == 0 {
-		s := mappings[index:]
-		return append(b, s[1:s[0]+1]...)
-	}
-	b = append(b, s...)
-	if c&inlineXOR == inlineXOR {
-		// TODO: support and handle two-byte inline masks
-		b[len(b)-1] ^= byte(index)
-	} else {
-		for p := len(b) - int(xorData[index]); p < len(b); p++ {
-			index++
-			b[p] ^= xorData[index]
-		}
-	}
-	return b
-}
-
 // Sparse block handling code.
 
 type valueRange struct {
diff --git a/vendor/golang.org/x/net/idna/trie12.0.0.go b/vendor/golang.org/x/net/idna/trie12.0.0.go
new file mode 100644
index 000000000..bb63f904b
--- /dev/null
+++ b/vendor/golang.org/x/net/idna/trie12.0.0.go
@@ -0,0 +1,31 @@
+// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !go1.16
+// +build !go1.16
+
+package idna
+
+// appendMapping appends the mapping for the respective rune. isMapped must be
+// true. A mapping is a categorization of a rune as defined in UTS #46.
+func (c info) appendMapping(b []byte, s string) []byte {
+	index := int(c >> indexShift)
+	if c&xorBit == 0 {
+		s := mappings[index:]
+		return append(b, s[1:s[0]+1]...)
+	}
+	b = append(b, s...)
+	if c&inlineXOR == inlineXOR {
+		// TODO: support and handle two-byte inline masks
+		b[len(b)-1] ^= byte(index)
+	} else {
+		for p := len(b) - int(xorData[index]); p < len(b); p++ {
+			index++
+			b[p] ^= xorData[index]
+		}
+	}
+	return b
+}
diff --git a/vendor/golang.org/x/net/idna/trie13.0.0.go b/vendor/golang.org/x/net/idna/trie13.0.0.go
new file mode 100644
index 000000000..7d68a8dc1
--- /dev/null
+++ b/vendor/golang.org/x/net/idna/trie13.0.0.go
@@ -0,0 +1,31 @@
+// Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
+
+// Copyright 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build go1.16
+// +build go1.16
+
+package idna
+
+// appendMapping appends the mapping for the respective rune. isMapped must be
+// true. A mapping is a categorization of a rune as defined in UTS #46.
+func (c info) appendMapping(b []byte, s string) []byte {
+	index := int(c >> indexShift)
+	if c&xorBit == 0 {
+		p := index
+		return append(b, mappings[mappingIndex[p]:mappingIndex[p+1]]...)
+	}
+	b = append(b, s...)
+	if c&inlineXOR == inlineXOR {
+		// TODO: support and handle two-byte inline masks
+		b[len(b)-1] ^= byte(index)
+	} else {
+		for p := len(b) - int(xorData[index]); p < len(b); p++ {
+			index++
+			b[p] ^= xorData[index]
+		}
+	}
+	return b
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 3e494f7bc..3a0fd82aa 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -153,7 +153,7 @@ golang.org/x/crypto/pkcs12/internal/rc2
 golang.org/x/crypto/scrypt
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
-# golang.org/x/net v0.10.0
+# golang.org/x/net v0.17.0
 ## explicit; go 1.17
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna

From 5690a9139400899b94983e030f23794939be9e34 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 6 Nov 2023 03:26:07 +0000
Subject: [PATCH 46/73] build(deps): bump github.com/mattn/go-sqlite3 from
 1.14.17 to 1.14.18

Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.17 to 1.14.18.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.17...v1.14.18)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |     2 +-
 go.sum                                        |     4 +-
 .../mattn/go-sqlite3/sqlite3-binding.c        | 12588 +++++++++++-----
 .../mattn/go-sqlite3/sqlite3-binding.h        |   291 +-
 .../github.com/mattn/go-sqlite3/sqlite3ext.h  |    10 +
 vendor/modules.txt                            |     2 +-
 6 files changed, 9039 insertions(+), 3858 deletions(-)

diff --git a/go.mod b/go.mod
index d00976270..0ce8fc212 100644
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
-	github.com/mattn/go-sqlite3 v1.14.17
+	github.com/mattn/go-sqlite3 v1.14.18
 	github.com/prometheus/client_golang v1.17.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
diff --git a/go.sum b/go.sum
index 5050c5faa..de18fda71 100644
--- a/go.sum
+++ b/go.sum
@@ -238,8 +238,8 @@ github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
 github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
-github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM=
-github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
+github.com/mattn/go-sqlite3 v1.14.18 h1:JL0eqdCOq6DJVNPSvArO/bIV9/P7fbGrV00LZHc+5aI=
+github.com/mattn/go-sqlite3 v1.14.18/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
 github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
index a1d6a285d..454512ad2 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
@@ -1,7 +1,7 @@
 #ifndef USE_LIBSQLITE3
 /******************************************************************************
 ** This file is an amalgamation of many separate C source files from SQLite
-** version 3.42.0.  By combining all the individual C code files into this
+** version 3.44.0.  By combining all the individual C code files into this
 ** single large file, the entire code can be compiled as a single translation
 ** unit.  This allows many compilers to do optimizations that would not be
 ** possible if the files were compiled separately.  Performance improvements
@@ -17,6 +17,9 @@
 ** if you want a wrapper to interface SQLite with your choice of programming
 ** language. The code for the "sqlite3" command-line shell is also in a
 ** separate file. This file contains only code for the core SQLite library.
+**
+** The content in this amalgamation comes from Fossil check-in
+** 17129ba1ff7f0daf37100ee82d507aef7827.
 */
 #define SQLITE_CORE 1
 #define SQLITE_AMALGAMATION 1
@@ -51,11 +54,11 @@
 **                                  used on lines of code that actually
 **                                  implement parts of coverage testing.
 **
-**    OPTIMIZATION-IF-TRUE        - This branch is allowed to alway be false
+**    OPTIMIZATION-IF-TRUE        - This branch is allowed to always be false
 **                                  and the correct answer is still obtained,
 **                                  though perhaps more slowly.
 **
-**    OPTIMIZATION-IF-FALSE       - This branch is allowed to alway be true
+**    OPTIMIZATION-IF-FALSE       - This branch is allowed to always be true
 **                                  and the correct answer is still obtained,
 **                                  though perhaps more slowly.
 **
@@ -457,9 +460,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.42.0"
-#define SQLITE_VERSION_NUMBER 3042000
-#define SQLITE_SOURCE_ID      "2023-05-16 12:36:15 831d0fb2836b71c9bc51067c49fee4b8f18047814f2ff22d817d25195cf350b0"
+#define SQLITE_VERSION        "3.44.0"
+#define SQLITE_VERSION_NUMBER 3044000
+#define SQLITE_SOURCE_ID      "2023-11-01 11:23:50 17129ba1ff7f0daf37100ee82d507aef7827cf38de1866e2633096ae6ad81301"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -839,6 +842,7 @@ SQLITE_API int sqlite3_exec(
 #define SQLITE_IOERR_ROLLBACK_ATOMIC   (SQLITE_IOERR | (31<<8))
 #define SQLITE_IOERR_DATA              (SQLITE_IOERR | (32<<8))
 #define SQLITE_IOERR_CORRUPTFS         (SQLITE_IOERR | (33<<8))
+#define SQLITE_IOERR_IN_PAGE           (SQLITE_IOERR | (34<<8))
 #define SQLITE_LOCKED_SHAREDCACHE      (SQLITE_LOCKED |  (1<<8))
 #define SQLITE_LOCKED_VTAB             (SQLITE_LOCKED |  (2<<8))
 #define SQLITE_BUSY_RECOVERY           (SQLITE_BUSY   |  (1<<8))
@@ -1501,7 +1505,7 @@ struct sqlite3_io_methods {
 ** by clients within the current process, only within other processes.
 **
 ** 
    13. [[SQLITE_FCNTL_CKSM_FILE]]
-** The [SQLITE_FCNTL_CKSM_FILE] opcode is for use interally by the
+** The [SQLITE_FCNTL_CKSM_FILE] opcode is for use internally by the
 ** [checksum VFS shim] only.
 **
 ** 
    14. [[SQLITE_FCNTL_RESET_CACHE]]
@@ -2437,7 +2441,7 @@ struct sqlite3_mem_methods {
 ** is stored in each sorted record and the required column values loaded
 ** from the database as records are returned in sorted order. The default
 ** value for this option is to never use this optimization. Specifying a
-** negative value for this option restores the default behaviour.
+** negative value for this option restores the default behavior.
 ** This option is only available if SQLite is compiled with the
 ** [SQLITE_ENABLE_SORTER_REFERENCES] compile-time option.
 **
@@ -2612,7 +2616,7 @@ struct sqlite3_mem_methods {
 ** database handle, SQLite checks if this will mean that there are now no
 ** connections at all to the database. If so, it performs a checkpoint
 ** operation before closing the connection. This option may be used to
-** override this behaviour. The first parameter passed to this operation
+** override this behavior. The first parameter passed to this operation
 ** is an integer - positive to disable checkpoints-on-close, or zero (the
 ** default) to enable them, and negative to leave the setting unchanged.
 ** The second parameter is a pointer to an integer
@@ -2765,7 +2769,7 @@ struct sqlite3_mem_methods {
 ** the [VACUUM] command will fail with an obscure error when attempting to
 ** process a table with generated columns and a descending index.  This is
 ** not considered a bug since SQLite versions 3.3.0 and earlier do not support
-** either generated columns or decending indexes.
+** either generated columns or descending indexes.
 ** 
      15. 
 **
 ** [[SQLITE_DBCONFIG_STMT_SCANSTATUS]]
@@ -3046,6 +3050,7 @@ SQLITE_API sqlite3_int64 sqlite3_total_changes64(sqlite3*);
 **
 ** ^The [sqlite3_is_interrupted(D)] interface can be used to determine whether
 ** or not an interrupt is currently in effect for [database connection] D.
+** It returns 1 if an interrupt is currently in effect, or 0 otherwise.
 */
 SQLITE_API void sqlite3_interrupt(sqlite3*);
 SQLITE_API int sqlite3_is_interrupted(sqlite3*);
@@ -3699,8 +3704,10 @@ SQLITE_API SQLITE_DEPRECATED void *sqlite3_profile(sqlite3*,
 ** M argument should be the bitwise OR-ed combination of
 ** zero or more [SQLITE_TRACE] constants.
 **
-** ^Each call to either sqlite3_trace() or sqlite3_trace_v2() overrides
-** (cancels) any prior calls to sqlite3_trace() or sqlite3_trace_v2().
+** ^Each call to either sqlite3_trace(D,X,P) or sqlite3_trace_v2(D,M,X,P)
+** overrides (cancels) all prior calls to sqlite3_trace(D,X,P) or
+** sqlite3_trace_v2(D,M,X,P) for the [database connection] D.  Each
+** database connection may have at most one trace callback.
 **
 ** ^The X callback is invoked whenever any of the events identified by
 ** mask M occur.  ^The integer return value from the callback is currently
@@ -4069,7 +4076,7 @@ SQLITE_API int sqlite3_open_v2(
 ** as F) must be one of:
 ** 
        
 ** 
      •  A database filename pointer created by the SQLite core and
-** passed into the xOpen() method of a VFS implemention, or
+** passed into the xOpen() method of a VFS implementation, or
 ** 
      •  A filename obtained from [sqlite3_db_filename()], or
 ** 
      •  A new filename constructed using [sqlite3_create_filename()].
 ** 
      
@@ -4182,7 +4189,7 @@ SQLITE_API sqlite3_file *sqlite3_database_file_object(const char*);
 /*
 ** CAPI3REF: Create and Destroy VFS Filenames
 **
-** These interfces are provided for use by [VFS shim] implementations and
+** These interfaces are provided for use by [VFS shim] implementations and
 ** are not useful outside of that context.
 **
 ** The sqlite3_create_filename(D,J,W,N,P) allocates memory to hold a version of
@@ -4262,6 +4269,7 @@ SQLITE_API void sqlite3_free_filename(sqlite3_filename);
 **
 ** ^The sqlite3_errmsg() and sqlite3_errmsg16() return English-language
 ** text that describes the error, as either UTF-8 or UTF-16 respectively.
+** (See how SQLite handles [invalid UTF] for exceptions to this rule.)
 ** ^(Memory to hold the error message string is managed internally.
 ** The application does not need to worry about freeing the result.
 ** However, the error string might be overwritten or deallocated by
@@ -4729,6 +4737,41 @@ SQLITE_API int sqlite3_stmt_readonly(sqlite3_stmt *pStmt);
 */
 SQLITE_API int sqlite3_stmt_isexplain(sqlite3_stmt *pStmt);
 
+/*
+** CAPI3REF: Change The EXPLAIN Setting For A Prepared Statement
+** METHOD: sqlite3_stmt
+**
+** The sqlite3_stmt_explain(S,E) interface changes the EXPLAIN
+** setting for [prepared statement] S.  If E is zero, then S becomes
+** a normal prepared statement.  If E is 1, then S behaves as if
+** its SQL text began with "[EXPLAIN]".  If E is 2, then S behaves as if
+** its SQL text began with "[EXPLAIN QUERY PLAN]".
+**
+** Calling sqlite3_stmt_explain(S,E) might cause S to be reprepared.
+** SQLite tries to avoid a reprepare, but a reprepare might be necessary
+** on the first transition into EXPLAIN or EXPLAIN QUERY PLAN mode.
+**
+** Because of the potential need to reprepare, a call to
+** sqlite3_stmt_explain(S,E) will fail with SQLITE_ERROR if S cannot be
+** reprepared because it was created using [sqlite3_prepare()] instead of
+** the newer [sqlite3_prepare_v2()] or [sqlite3_prepare_v3()] interfaces and
+** hence has no saved SQL text with which to reprepare.
+**
+** Changing the explain setting for a prepared statement does not change
+** the original SQL text for the statement.  Hence, if the SQL text originally
+** began with EXPLAIN or EXPLAIN QUERY PLAN, but sqlite3_stmt_explain(S,0)
+** is called to convert the statement into an ordinary statement, the EXPLAIN
+** or EXPLAIN QUERY PLAN keywords will still appear in the sqlite3_sql(S)
+** output, even though the statement now acts like a normal SQL statement.
+**
+** This routine returns SQLITE_OK if the explain mode is successfully
+** changed, or an error code if the explain mode could not be changed.
+** The explain mode cannot be changed while a statement is active.
+** Hence, it is good practice to call [sqlite3_reset(S)]
+** immediately prior to calling sqlite3_stmt_explain(S,E).
+*/
+SQLITE_API int sqlite3_stmt_explain(sqlite3_stmt *pStmt, int eMode);
+
 /*
 ** CAPI3REF: Determine If A Prepared Statement Has Been Reset
 ** METHOD: sqlite3_stmt
@@ -4892,7 +4935,7 @@ typedef struct sqlite3_context sqlite3_context;
 ** with it may be passed. ^It is called to dispose of the BLOB or string even
 ** if the call to the bind API fails, except the destructor is not called if
 ** the third parameter is a NULL pointer or the fourth parameter is negative.
-** ^ (2) The special constant, [SQLITE_STATIC], may be passsed to indicate that
+** ^ (2) The special constant, [SQLITE_STATIC], may be passed to indicate that
 ** the application remains responsible for disposing of the object. ^In this
 ** case, the object and the provided pointer to it must remain valid until
 ** either the prepared statement is finalized or the same SQL parameter is
@@ -5571,20 +5614,33 @@ SQLITE_API int sqlite3_finalize(sqlite3_stmt *pStmt);
 ** ^The [sqlite3_reset(S)] interface resets the [prepared statement] S
 ** back to the beginning of its program.
 **
-** ^If the most recent call to [sqlite3_step(S)] for the
-** [prepared statement] S returned [SQLITE_ROW] or [SQLITE_DONE],
-** or if [sqlite3_step(S)] has never before been called on S,
-** then [sqlite3_reset(S)] returns [SQLITE_OK].
+** ^The return code from [sqlite3_reset(S)] indicates whether or not
+** the previous evaluation of prepared statement S completed successfully.
+** ^If [sqlite3_step(S)] has never before been called on S or if
+** [sqlite3_step(S)] has not been called since the previous call
+** to [sqlite3_reset(S)], then [sqlite3_reset(S)] will return
+** [SQLITE_OK].
 **
 ** ^If the most recent call to [sqlite3_step(S)] for the
 ** [prepared statement] S indicated an error, then
 ** [sqlite3_reset(S)] returns an appropriate [error code].
+** ^The [sqlite3_reset(S)] interface might also return an [error code]
+** if there were no prior errors but the process of resetting
+** the prepared statement caused a new error. ^For example, if an
+** [INSERT] statement with a [RETURNING] clause is only stepped one time,
+** that one call to [sqlite3_step(S)] might return SQLITE_ROW but
+** the overall statement might still fail and the [sqlite3_reset(S)] call
+** might return SQLITE_BUSY if locking constraints prevent the
+** database change from committing.  Therefore, it is important that
+** applications check the return code from [sqlite3_reset(S)] even if
+** no prior call to [sqlite3_step(S)] indicated a problem.
 **
 ** ^The [sqlite3_reset(S)] interface does not change the values
 ** of any [sqlite3_bind_blob|bindings] on the [prepared statement] S.
 */
 SQLITE_API int sqlite3_reset(sqlite3_stmt *pStmt);
 
+
 /*
 ** CAPI3REF: Create Or Redefine SQL Functions
 ** KEYWORDS: {function creation routines}
@@ -5795,7 +5851,7 @@ SQLITE_API int sqlite3_create_window_function(
 ** [application-defined SQL function]
 ** that has side-effects or that could potentially leak sensitive information.
 ** This will prevent attacks in which an application is tricked
-** into using a database file that has had its schema surreptiously
+** into using a database file that has had its schema surreptitiously
 ** modified to invoke the application-defined function in ways that are
 ** harmful.
 ** 
      
@@ -6139,32 +6195,32 @@ SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context*);
 ** METHOD: sqlite3_context
 **
 ** These functions may be used by (non-aggregate) SQL functions to
-** associate metadata with argument values. If the same value is passed to
-** multiple invocations of the same SQL function during query execution, under
-** some circumstances the associated metadata may be preserved.  An example
-** of where this might be useful is in a regular-expression matching
-** function. The compiled version of the regular expression can be stored as
-** metadata associated with the pattern string.
+** associate auxiliary data with argument values. If the same argument
+** value is passed to multiple invocations of the same SQL function during
+** query execution, under some circumstances the associated auxiliary data
+** might be preserved.  An example of where this might be useful is in a
+** regular-expression matching function. The compiled version of the regular
+** expression can be stored as auxiliary data associated with the pattern string.
 ** Then as long as the pattern string remains the same,
 ** the compiled regular expression can be reused on multiple
 ** invocations of the same function.
 **
-** ^The sqlite3_get_auxdata(C,N) interface returns a pointer to the metadata
+** ^The sqlite3_get_auxdata(C,N) interface returns a pointer to the auxiliary data
 ** associated by the sqlite3_set_auxdata(C,N,P,X) function with the Nth argument
 ** value to the application-defined function.  ^N is zero for the left-most
-** function argument.  ^If there is no metadata
+** function argument.  ^If there is no auxiliary data
 ** associated with the function argument, the sqlite3_get_auxdata(C,N) interface
 ** returns a NULL pointer.
 **
-** ^The sqlite3_set_auxdata(C,N,P,X) interface saves P as metadata for the N-th
-** argument of the application-defined function.  ^Subsequent
+** ^The sqlite3_set_auxdata(C,N,P,X) interface saves P as auxiliary data for the
+** N-th argument of the application-defined function.  ^Subsequent
 ** calls to sqlite3_get_auxdata(C,N) return P from the most recent
-** sqlite3_set_auxdata(C,N,P,X) call if the metadata is still valid or
-** NULL if the metadata has been discarded.
+** sqlite3_set_auxdata(C,N,P,X) call if the auxiliary data is still valid or
+** NULL if the auxiliary data has been discarded.
 ** ^After each call to sqlite3_set_auxdata(C,N,P,X) where X is not NULL,
 ** SQLite will invoke the destructor function X with parameter P exactly
-** once, when the metadata is discarded.
-** SQLite is free to discard the metadata at any time, including: 
        
+** once, when the auxiliary data is discarded.
+** SQLite is free to discard the auxiliary data at any time, including: 
          
 ** 
        •  ^(when the corresponding function parameter changes)^, or
 ** 
        •  ^(when [sqlite3_reset()] or [sqlite3_finalize()] is called for the
 **      SQL statement)^, or
@@ -6180,7 +6236,7 @@ SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context*);
 ** function implementation should not make any use of P after
 ** sqlite3_set_auxdata() has been called.
 **
-** ^(In practice, metadata is preserved between function calls for
+** ^(In practice, auxiliary data is preserved between function calls for
 ** function parameters that are compile-time constants, including literal
 ** values and [parameters] and expressions composed from the same.)^
 **
@@ -6190,10 +6246,67 @@ SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context*);
 **
 ** These routines must be called from the same thread in which
 ** the SQL function is running.
+**
+** See also: [sqlite3_get_clientdata()] and [sqlite3_set_clientdata()].
 */
 SQLITE_API void *sqlite3_get_auxdata(sqlite3_context*, int N);
 SQLITE_API void sqlite3_set_auxdata(sqlite3_context*, int N, void*, void (*)(void*));
 
+/*
+** CAPI3REF: Database Connection Client Data
+** METHOD: sqlite3
+**
+** These functions are used to associate one or more named pointers
+** with a [database connection].
+** A call to sqlite3_set_clientdata(D,N,P,X) causes the pointer P
+** to be attached to [database connection] D using name N.  Subsequent
+** calls to sqlite3_get_clientdata(D,N) will return a copy of pointer P
+** or a NULL pointer if there were no prior calls to
+** sqlite3_set_clientdata() with the same values of D and N.
+** Names are compared using strcmp() and are thus case sensitive.
+**
+** If P and X are both non-NULL, then the destructor X is invoked with
+** argument P on the first of the following occurrences:
+** 
            
+** 
          •  An out-of-memory error occurs during the call to
+**      sqlite3_set_clientdata() which attempts to register pointer P.
+** 
          •  A subsequent call to sqlite3_set_clientdata(D,N,P,X) is made
+**      with the same D and N parameters.
+** 
          •  The database connection closes.  SQLite does not make any guarantees
+**      about the order in which destructors are called, only that all
+**      destructors will be called exactly once at some point during the
+**      database connection closing process.
+** 
          
+**
+** SQLite does not do anything with client data other than invoke
+** destructors on the client data at the appropriate time.  The intended
+** use for client data is to provide a mechanism for wrapper libraries
+** to store additional information about an SQLite database connection.
+**
+** There is no limit (other than available memory) on the number of different
+** client data pointers (with different names) that can be attached to a
+** single database connection.  However, the implementation is optimized
+** for the case of having only one or two different client data names.
+** Applications and wrapper libraries are discouraged from using more than
+** one client data name each.
+**
+** There is no way to enumerate the client data pointers
+** associated with a database connection.  The N parameter can be thought
+** of as a secret key such that only code that knows the secret key is able
+** to access the associated data.
+**
+** Security Warning:  These interfaces should not be exposed in scripting
+** languages or in other circumstances where it might be possible for an
+** an attacker to invoke them.  Any agent that can invoke these interfaces
+** can probably also take control of the process.
+**
+** Database connection client data is only available for SQLite
+** version 3.44.0 ([dateof:3.44.0]) and later.
+**
+** See also: [sqlite3_set_auxdata()] and [sqlite3_get_auxdata()].
+*/
+SQLITE_API void *sqlite3_get_clientdata(sqlite3*,const char*);
+SQLITE_API int sqlite3_set_clientdata(sqlite3*, const char*, void*, void(*)(void*));
 
 /*
 ** CAPI3REF: Constants Defining Special Destructor Behavior
@@ -6826,7 +6939,7 @@ SQLITE_API int sqlite3_db_readonly(sqlite3 *db, const char *zDbName);
 SQLITE_API int sqlite3_txn_state(sqlite3*,const char *zSchema);
 
 /*
-** CAPI3REF: Allowed return values from [sqlite3_txn_state()]
+** CAPI3REF: Allowed return values from sqlite3_txn_state()
 ** KEYWORDS: {transaction state}
 **
 ** These constants define the current transaction state of a database file.
@@ -6958,7 +7071,7 @@ SQLITE_API void *sqlite3_rollback_hook(sqlite3*, void(*)(void *), void*);
 ** ^Each call to the sqlite3_autovacuum_pages() interface overrides all
 ** previous invocations for that database connection.  ^If the callback
 ** argument (C) to sqlite3_autovacuum_pages(D,C,P,X) is a NULL pointer,
-** then the autovacuum steps callback is cancelled.  The return value
+** then the autovacuum steps callback is canceled.  The return value
 ** from sqlite3_autovacuum_pages() is normally SQLITE_OK, but might
 ** be some other error code if something goes wrong.  The current
 ** implementation will only return SQLITE_OK or SQLITE_MISUSE, but other
@@ -7477,6 +7590,10 @@ struct sqlite3_module {
   /* The methods above are in versions 1 and 2 of the sqlite_module object.
   ** Those below are for version 3 and greater. */
   int (*xShadowName)(const char*);
+  /* The methods above are in versions 1 through 3 of the sqlite_module object.
+  ** Those below are for version 4 and greater. */
+  int (*xIntegrity)(sqlite3_vtab *pVTab, const char *zSchema,
+                    const char *zTabName, int mFlags, char **pzErr);
 };
 
 /*
@@ -7964,7 +8081,7 @@ SQLITE_API int sqlite3_blob_reopen(sqlite3_blob *, sqlite3_int64);
 ** code is returned and the transaction rolled back.
 **
 ** Calling this function with an argument that is not a NULL pointer or an
-** open blob handle results in undefined behaviour. ^Calling this routine
+** open blob handle results in undefined behavior. ^Calling this routine
 ** with a null pointer (such as would be returned by a failed call to
 ** [sqlite3_blob_open()]) is a harmless no-op. ^Otherwise, if this function
 ** is passed a valid open blob handle, the values returned by the
@@ -8444,6 +8561,7 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 #define SQLITE_TESTCTRL_PRNG_SAVE                5
 #define SQLITE_TESTCTRL_PRNG_RESTORE             6
 #define SQLITE_TESTCTRL_PRNG_RESET               7  /* NOT USED */
+#define SQLITE_TESTCTRL_FK_NO_ACTION             7
 #define SQLITE_TESTCTRL_BITVEC_TEST              8
 #define SQLITE_TESTCTRL_FAULT_INSTALL            9
 #define SQLITE_TESTCTRL_BENIGN_MALLOC_HOOKS     10
@@ -8472,7 +8590,8 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 #define SQLITE_TESTCTRL_TRACEFLAGS              31
 #define SQLITE_TESTCTRL_TUNE                    32
 #define SQLITE_TESTCTRL_LOGEST                  33
-#define SQLITE_TESTCTRL_LAST                    33  /* Largest TESTCTRL */
+#define SQLITE_TESTCTRL_USELONGDOUBLE           34
+#define SQLITE_TESTCTRL_LAST                    34  /* Largest TESTCTRL */
 
 /*
 ** CAPI3REF: SQL Keyword Checking
@@ -9928,7 +10047,7 @@ SQLITE_API int sqlite3_vtab_config(sqlite3*, int op, ...);
 ** [[SQLITE_VTAB_DIRECTONLY]]
          SQLITE_VTAB_DIRECTONLY
          
 ** 
          Calls of the form
 ** [sqlite3_vtab_config](db,SQLITE_VTAB_DIRECTONLY) from within the
-** the [xConnect] or [xCreate] methods of a [virtual table] implmentation
+** the [xConnect] or [xCreate] methods of a [virtual table] implementation
 ** prohibits that virtual table from being used from within triggers and
 ** views.
 ** 
          
@@ -10118,7 +10237,7 @@ SQLITE_API int sqlite3_vtab_distinct(sqlite3_index_info*);
 ** communicated to the xBestIndex method as a
 ** [SQLITE_INDEX_CONSTRAINT_EQ] constraint.)^  If xBestIndex wants to use
 ** this constraint, it must set the corresponding
-** aConstraintUsage[].argvIndex to a postive integer.  ^(Then, under
+** aConstraintUsage[].argvIndex to a positive integer.  ^(Then, under
 ** the usual mode of handling IN operators, SQLite generates [bytecode]
 ** that invokes the [xFilter|xFilter() method] once for each value
 ** on the right-hand side of the IN operator.)^  Thus the virtual table
@@ -10547,7 +10666,7 @@ SQLITE_API int sqlite3_db_cacheflush(sqlite3*);
 ** When the [sqlite3_blob_write()] API is used to update a blob column,
 ** the pre-update hook is invoked with SQLITE_DELETE. This is because the
 ** in this case the new values are not available. In this case, when a
-** callback made with op==SQLITE_DELETE is actuall a write using the
+** callback made with op==SQLITE_DELETE is actually a write using the
 ** sqlite3_blob_write() API, the [sqlite3_preupdate_blobwrite()] returns
 ** the index of the column being written. In other cases, where the
 ** pre-update hook is being invoked for some other reason, including a
@@ -10808,6 +10927,13 @@ SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_recover(sqlite3 *db, const c
 ** SQLITE_SERIALIZE_NOCOPY bit is set but no contiguous copy
 ** of the database exists.
 **
+** After the call, if the SQLITE_SERIALIZE_NOCOPY bit had been set,
+** the returned buffer content will remain accessible and unchanged
+** until either the next write operation on the connection or when
+** the connection is closed, and applications must not modify the
+** buffer. If the bit had been clear, the returned buffer will not
+** be accessed by SQLite after the call.
+**
 ** A call to sqlite3_serialize(D,S,P,F) might return NULL even if the
 ** SQLITE_SERIALIZE_NOCOPY bit is omitted from argument F if a memory
 ** allocation error occurs.
@@ -10856,6 +10982,9 @@ SQLITE_API unsigned char *sqlite3_serialize(
 ** SQLite will try to increase the buffer size using sqlite3_realloc64()
 ** if writes on the database cause it to grow larger than M bytes.
 **
+** Applications must not modify the buffer P or invalidate it before
+** the database connection D is closed.
+**
 ** The sqlite3_deserialize() interface will fail with SQLITE_BUSY if the
 ** database is currently in a read transaction or is involved in a backup
 ** operation.
@@ -10864,6 +10993,13 @@ SQLITE_API unsigned char *sqlite3_serialize(
 ** S argument to sqlite3_deserialize(D,S,P,N,M,F) is "temp" then the
 ** function returns SQLITE_ERROR.
 **
+** The deserialized database should not be in [WAL mode].  If the database
+** is in WAL mode, then any attempt to use the database file will result
+** in an [SQLITE_CANTOPEN] error.  The application can set the
+** [file format version numbers] (bytes 18 and 19) of the input database P
+** to 0x01 prior to invoking sqlite3_deserialize(D,S,P,N,M,F) to force the
+** database file into rollback mode and work around this limitation.
+**
 ** If sqlite3_deserialize(D,S,P,N,M,F) fails for any reason and if the
 ** SQLITE_DESERIALIZE_FREEONCLOSE bit is set in argument F, then
 ** [sqlite3_free()] is invoked on argument P prior to returning.
@@ -11936,6 +12072,18 @@ SQLITE_API int sqlite3changeset_concat(
 );
 
 
+/*
+** CAPI3REF: Upgrade the Schema of a Changeset/Patchset
+*/
+SQLITE_API int sqlite3changeset_upgrade(
+  sqlite3 *db,
+  const char *zDb,
+  int nIn, const void *pIn,       /* Input changeset */
+  int *pnOut, void **ppOut        /* OUT: Inverse of input */
+);
+
+
+
 /*
 ** CAPI3REF: Changegroup Handle
 **
@@ -11982,6 +12130,38 @@ typedef struct sqlite3_changegroup sqlite3_changegroup;
 */
 SQLITE_API int sqlite3changegroup_new(sqlite3_changegroup **pp);
 
+/*
+** CAPI3REF: Add a Schema to a Changegroup
+** METHOD: sqlite3_changegroup_schema
+**
+** This method may be used to optionally enforce the rule that the changesets
+** added to the changegroup handle must match the schema of database zDb
+** ("main", "temp", or the name of an attached database). If
+** sqlite3changegroup_add() is called to add a changeset that is not compatible
+** with the configured schema, SQLITE_SCHEMA is returned and the changegroup
+** object is left in an undefined state.
+**
+** A changeset schema is considered compatible with the database schema in
+** the same way as for sqlite3changeset_apply(). Specifically, for each
+** table in the changeset, there exists a database table with:
+**
+** 
            
+**   
          •  The name identified by the changeset, and
+**   
          •  at least as many columns as recorded in the changeset, and
+**   
          •  the primary key columns in the same position as recorded in
+**        the changeset.
+** 
          
+**
+** The output of the changegroup object always has the same schema as the
+** database nominated using this function. In cases where changesets passed
+** to sqlite3changegroup_add() have fewer columns than the corresponding table
+** in the database schema, these are filled in using the default column
+** values from the database schema. This makes it possible to combined
+** changesets that have different numbers of columns for a single table
+** within a changegroup, provided that they are otherwise compatible.
+*/
+SQLITE_API int sqlite3changegroup_schema(sqlite3_changegroup*, sqlite3*, const char *zDb);
+
 /*
 ** CAPI3REF: Add A Changeset To A Changegroup
 ** METHOD: sqlite3_changegroup
@@ -12050,13 +12230,18 @@ SQLITE_API int sqlite3changegroup_new(sqlite3_changegroup **pp);
 ** If the new changeset contains changes to a table that is already present
 ** in the changegroup, then the number of columns and the position of the
 ** primary key columns for the table must be consistent. If this is not the
-** case, this function fails with SQLITE_SCHEMA. If the input changeset
-** appears to be corrupt and the corruption is detected, SQLITE_CORRUPT is
-** returned. Or, if an out-of-memory condition occurs during processing, this
-** function returns SQLITE_NOMEM. In all cases, if an error occurs the state
-** of the final contents of the changegroup is undefined.
+** case, this function fails with SQLITE_SCHEMA. Except, if the changegroup
+** object has been configured with a database schema using the
+** sqlite3changegroup_schema() API, then it is possible to combine changesets
+** with different numbers of columns for a single table, provided that
+** they are otherwise compatible.
+**
+** If the input changeset appears to be corrupt and the corruption is
+** detected, SQLITE_CORRUPT is returned. Or, if an out-of-memory condition
+** occurs during processing, this function returns SQLITE_NOMEM.
 **
-** If no error occurs, SQLITE_OK is returned.
+** In all cases, if an error occurs the state of the final contents of the
+** changegroup is undefined. If no error occurs, SQLITE_OK is returned.
 */
 SQLITE_API int sqlite3changegroup_add(sqlite3_changegroup*, int nData, void *pData);
 
@@ -12321,10 +12506,17 @@ SQLITE_API int sqlite3changeset_apply_v2(
 **    
        • an insert change if all fields of the conflicting row match
 **        the row being inserted.
 **    
        
+**
+** 
        SQLITE_CHANGESETAPPLY_FKNOACTION 
        
+**   If this flag it set, then all foreign key constraints in the target
+**   database behave as if they were declared with "ON UPDATE NO ACTION ON
+**   DELETE NO ACTION", even if they are actually CASCADE, RESTRICT, SET NULL
+**   or SET DEFAULT.
 */
 #define SQLITE_CHANGESETAPPLY_NOSAVEPOINT   0x0001
 #define SQLITE_CHANGESETAPPLY_INVERT        0x0002
 #define SQLITE_CHANGESETAPPLY_IGNORENOOP    0x0004
+#define SQLITE_CHANGESETAPPLY_FKNOACTION    0x0008
 
 /*
 ** CAPI3REF: Constants Passed To The Conflict Handler
@@ -13065,7 +13257,7 @@ struct Fts5PhraseIter {
 **   See xPhraseFirstColumn above.
 */
 struct Fts5ExtensionApi {
-  int iVersion;                   /* Currently always set to 3 */
+  int iVersion;                   /* Currently always set to 2 */
 
   void *(*xUserData)(Fts5Context*);
 
@@ -13294,8 +13486,8 @@ struct Fts5ExtensionApi {
 **   as separate queries of the FTS index are required for each synonym.
 **
 **   When using methods (2) or (3), it is important that the tokenizer only
-**   provide synonyms when tokenizing document text (method (2)) or query
-**   text (method (3)), not both. Doing so will not cause any errors, but is
+**   provide synonyms when tokenizing document text (method (3)) or query
+**   text (method (2)), not both. Doing so will not cause any errors, but is
 **   inefficient.
 */
 typedef struct Fts5Tokenizer Fts5Tokenizer;
@@ -13343,7 +13535,7 @@ struct fts5_api {
   int (*xCreateTokenizer)(
     fts5_api *pApi,
     const char *zName,
-    void *pContext,
+    void *pUserData,
     fts5_tokenizer *pTokenizer,
     void (*xDestroy)(void*)
   );
@@ -13352,7 +13544,7 @@ struct fts5_api {
   int (*xFindTokenizer)(
     fts5_api *pApi,
     const char *zName,
-    void **ppContext,
+    void **ppUserData,
     fts5_tokenizer *pTokenizer
   );
 
@@ -13360,7 +13552,7 @@ struct fts5_api {
   int (*xCreateFunction)(
     fts5_api *pApi,
     const char *zName,
-    void *pContext,
+    void *pUserData,
     fts5_extension_function xFunction,
     void (*xDestroy)(void*)
   );
@@ -13471,7 +13663,7 @@ struct fts5_api {
 ** level of recursion for each term.  A stack overflow can result
 ** if the number of terms is too large.  In practice, most SQL
 ** never has more than 3 or 4 terms.  Use a value of 0 to disable
-** any limit on the number of terms in a compount SELECT.
+** any limit on the number of terms in a compound SELECT.
 */
 #ifndef SQLITE_MAX_COMPOUND_SELECT
 # define SQLITE_MAX_COMPOUND_SELECT 500
@@ -13715,6 +13907,16 @@ struct fts5_api {
 #  endif
 #endif
 
+/*
+** Enable SQLITE_USE_SEH by default on MSVC builds.  Only omit
+** SEH support if the -DSQLITE_OMIT_SEH option is given.
+*/
+#if defined(_MSC_VER) && !defined(SQLITE_OMIT_SEH)
+# define SQLITE_USE_SEH 1
+#else
+# undef SQLITE_USE_SEH
+#endif
+
 /*
 ** The SQLITE_THREADSAFE macro must be defined as 0, 1, or 2.
 ** 0 means mutexes are permanently disable and the library is never
@@ -14574,8 +14776,31 @@ typedef INT16_TYPE LogEst;
 ** the end of buffer S.  This macro returns true if P points to something
 ** contained within the buffer S.
 */
-#define SQLITE_WITHIN(P,S,E) (((uptr)(P)>=(uptr)(S))&&((uptr)(P)<(uptr)(E)))
+#define SQLITE_WITHIN(P,S,E)   (((uptr)(P)>=(uptr)(S))&&((uptr)(P)<(uptr)(E)))
 
+/*
+** P is one byte past the end of a large buffer. Return true if a span of bytes
+** between S..E crosses the end of that buffer.  In other words, return true
+** if the sub-buffer S..E-1 overflows the buffer whose last byte is P-1.
+**
+** S is the start of the span.  E is one byte past the end of end of span.
+**
+**                        P
+**     |-----------------|                FALSE
+**               |-------|
+**               S        E
+**
+**                        P
+**     |-----------------|
+**                    |-------|           TRUE
+**                    S        E
+**
+**                        P
+**     |-----------------|
+**                        |-------|       FALSE
+**                        S        E
+*/
+#define SQLITE_OVERFLOW(P,S,E) (((uptr)(S)<(uptr)(P))&&((uptr)(E)>(uptr)(P)))
 
 /*
 ** Macros to determine whether the machine is big or little endian,
@@ -14585,16 +14810,33 @@ typedef INT16_TYPE LogEst;
 ** using C-preprocessor macros.  If that is unsuccessful, or if
 ** -DSQLITE_BYTEORDER=0 is set, then byte-order is determined
 ** at run-time.
+**
+** If you are building SQLite on some obscure platform for which the
+** following ifdef magic does not work, you can always include either:
+**
+**    -DSQLITE_BYTEORDER=1234
+**
+** or
+**
+**    -DSQLITE_BYTEORDER=4321
+**
+** to cause the build to work for little-endian or big-endian processors,
+** respectively.
 */
-#ifndef SQLITE_BYTEORDER
-# if defined(i386)      || defined(__i386__)      || defined(_M_IX86) ||    \
+#ifndef SQLITE_BYTEORDER  /* Replicate changes at tag-20230904a */
+# if defined(__BYTE_ORDER__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
+#   define SQLITE_BYTEORDER 4321
+# elif defined(__BYTE_ORDER__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
+#   define SQLITE_BYTEORDER 1234
+# elif defined(__BIG_ENDIAN__) && __BIG_ENDIAN__==1
+#   define SQLITE_BYTEORDER 4321
+# elif defined(i386)    || defined(__i386__)      || defined(_M_IX86) ||    \
      defined(__x86_64)  || defined(__x86_64__)    || defined(_M_X64)  ||    \
      defined(_M_AMD64)  || defined(_M_ARM)        || defined(__x86)   ||    \
      defined(__ARMEL__) || defined(__AARCH64EL__) || defined(_M_ARM64)
-#   define SQLITE_BYTEORDER    1234
-# elif defined(sparc)     || defined(__ppc__) || \
-       defined(__ARMEB__) || defined(__AARCH64EB__)
-#   define SQLITE_BYTEORDER    4321
+#   define SQLITE_BYTEORDER 1234
+# elif defined(sparc)   || defined(__ARMEB__)     || defined(__AARCH64EB__)
+#   define SQLITE_BYTEORDER 4321
 # else
 #   define SQLITE_BYTEORDER 0
 # endif
@@ -14809,7 +15051,7 @@ struct BusyHandler {
 /*
 ** Name of table that holds the database schema.
 **
-** The PREFERRED names are used whereever possible.  But LEGACY is also
+** The PREFERRED names are used wherever possible.  But LEGACY is also
 ** used for backwards compatibility.
 **
 **  1.  Queries can use either the PREFERRED or the LEGACY names
@@ -14918,11 +15160,13 @@ typedef struct Column Column;
 typedef struct Cte Cte;
 typedef struct CteUse CteUse;
 typedef struct Db Db;
+typedef struct DbClientData DbClientData;
 typedef struct DbFixer DbFixer;
 typedef struct Schema Schema;
 typedef struct Expr Expr;
 typedef struct ExprList ExprList;
 typedef struct FKey FKey;
+typedef struct FpDecode FpDecode;
 typedef struct FuncDestructor FuncDestructor;
 typedef struct FuncDef FuncDef;
 typedef struct FuncDefHash FuncDefHash;
@@ -14941,6 +15185,7 @@ typedef struct Parse Parse;
 typedef struct ParseCleanup ParseCleanup;
 typedef struct PreUpdate PreUpdate;
 typedef struct PrintfArguments PrintfArguments;
+typedef struct RCStr RCStr;
 typedef struct RenameToken RenameToken;
 typedef struct Returning Returning;
 typedef struct RowSet RowSet;
@@ -15578,6 +15823,10 @@ SQLITE_PRIVATE   void sqlite3PagerRefdump(Pager*);
 # define enable_simulated_io_errors()
 #endif
 
+#if defined(SQLITE_USE_SEH) && !defined(SQLITE_OMIT_WAL)
+SQLITE_PRIVATE int sqlite3PagerWalSystemErrno(Pager*);
+#endif
+
 #endif /* SQLITE_PAGER_H */
 
 /************** End of pager.h ***********************************************/
@@ -15907,9 +16156,7 @@ SQLITE_PRIVATE int sqlite3BtreePrevious(BtCursor*, int flags);
 SQLITE_PRIVATE i64 sqlite3BtreeIntegerKey(BtCursor*);
 SQLITE_PRIVATE void sqlite3BtreeCursorPin(BtCursor*);
 SQLITE_PRIVATE void sqlite3BtreeCursorUnpin(BtCursor*);
-#ifdef SQLITE_ENABLE_OFFSET_SQL_FUNC
 SQLITE_PRIVATE i64 sqlite3BtreeOffset(BtCursor*);
-#endif
 SQLITE_PRIVATE int sqlite3BtreePayload(BtCursor*, u32 offset, u32 amt, void*);
 SQLITE_PRIVATE const void *sqlite3BtreePayloadFetch(BtCursor*, u32 *pAmt);
 SQLITE_PRIVATE u32 sqlite3BtreePayloadSize(BtCursor*);
@@ -16354,19 +16601,20 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_VCreate       171
 #define OP_VDestroy      172
 #define OP_VOpen         173
-#define OP_VInitIn       174 /* synopsis: r[P2]=ValueList(P1,P3)           */
-#define OP_VColumn       175 /* synopsis: r[P3]=vcolumn(P2)                */
-#define OP_VRename       176
-#define OP_Pagecount     177
-#define OP_MaxPgcnt      178
-#define OP_ClrSubtype    179 /* synopsis: r[P1].subtype = 0                */
-#define OP_FilterAdd     180 /* synopsis: filter(P1) += key(P3@P4)         */
-#define OP_Trace         181
-#define OP_CursorHint    182
-#define OP_ReleaseReg    183 /* synopsis: release r[P1@P2] mask P3         */
-#define OP_Noop          184
-#define OP_Explain       185
-#define OP_Abortable     186
+#define OP_VCheck        174
+#define OP_VInitIn       175 /* synopsis: r[P2]=ValueList(P1,P3)           */
+#define OP_VColumn       176 /* synopsis: r[P3]=vcolumn(P2)                */
+#define OP_VRename       177
+#define OP_Pagecount     178
+#define OP_MaxPgcnt      179
+#define OP_ClrSubtype    180 /* synopsis: r[P1].subtype = 0                */
+#define OP_FilterAdd     181 /* synopsis: filter(P1) += key(P3@P4)         */
+#define OP_Trace         182
+#define OP_CursorHint    183
+#define OP_ReleaseReg    184 /* synopsis: release r[P1@P2] mask P3         */
+#define OP_Noop          185
+#define OP_Explain       186
+#define OP_Abortable     187
 
 /* Properties such as "out2" or "jump" that are specified in
 ** comments following the "case" for each opcode in the vdbe.c
@@ -16384,7 +16632,7 @@ typedef struct VdbeOpList VdbeOpList;
 /*   8 */ 0x01, 0x01, 0x01, 0x01, 0x03, 0x03, 0x01, 0x01,\
 /*  16 */ 0x03, 0x03, 0x01, 0x12, 0x01, 0x49, 0x49, 0x49,\
 /*  24 */ 0x49, 0x01, 0x49, 0x49, 0x49, 0x49, 0x49, 0x49,\
-/*  32 */ 0x41, 0x01, 0x01, 0x01, 0x41, 0x01, 0x41, 0x41,\
+/*  32 */ 0x41, 0x01, 0x41, 0x41, 0x41, 0x01, 0x41, 0x41,\
 /*  40 */ 0x41, 0x41, 0x41, 0x26, 0x26, 0x41, 0x23, 0x0b,\
 /*  48 */ 0x01, 0x01, 0x03, 0x03, 0x0b, 0x0b, 0x0b, 0x0b,\
 /*  56 */ 0x0b, 0x0b, 0x01, 0x03, 0x03, 0x03, 0x01, 0x41,\
@@ -16396,14 +16644,14 @@ typedef struct VdbeOpList VdbeOpList;
 /* 104 */ 0x26, 0x26, 0x26, 0x26, 0x26, 0x26, 0x26, 0x26,\
 /* 112 */ 0x40, 0x00, 0x12, 0x40, 0x40, 0x10, 0x40, 0x00,\
 /* 120 */ 0x00, 0x00, 0x40, 0x00, 0x40, 0x40, 0x10, 0x10,\
-/* 128 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x50,\
+/* 128 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x50,\
 /* 136 */ 0x00, 0x40, 0x04, 0x04, 0x00, 0x40, 0x50, 0x40,\
 /* 144 */ 0x10, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00,\
 /* 152 */ 0x00, 0x10, 0x00, 0x00, 0x06, 0x10, 0x00, 0x04,\
 /* 160 */ 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\
-/* 168 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x50, 0x40,\
-/* 176 */ 0x00, 0x10, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00,\
-/* 184 */ 0x00, 0x00, 0x00,}
+/* 168 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x10, 0x50,\
+/* 176 */ 0x40, 0x00, 0x10, 0x10, 0x02, 0x00, 0x00, 0x00,\
+/* 184 */ 0x00, 0x00, 0x00, 0x00,}
 
 /* The resolve3P2Values() routine is able to run faster if it knows
 ** the value of the largest JUMP opcode.  The smaller the maximum
@@ -16578,7 +16826,7 @@ SQLITE_PRIVATE   void sqlite3VdbeNoopComment(Vdbe*, const char*, ...);
 ** The VdbeCoverage macros are used to set a coverage testing point
 ** for VDBE branch instructions.  The coverage testing points are line
 ** numbers in the sqlite3.c source file.  VDBE branch coverage testing
-** only works with an amalagmation build.  That's ok since a VDBE branch
+** only works with an amalgamation build.  That's ok since a VDBE branch
 ** coverage build designed for testing the test suite only.  No application
 ** should ever ship with VDBE branch coverage measuring turned on.
 **
@@ -16596,7 +16844,7 @@ SQLITE_PRIVATE   void sqlite3VdbeNoopComment(Vdbe*, const char*, ...);
 **                                     // NULL option is not possible
 **
 **    VdbeCoverageEqNe(v)              // Previous OP_Jump is only interested
-**                                     // in distingishing equal and not-equal.
+**                                     // in distinguishing equal and not-equal.
 **
 ** Every VDBE branch operation must be tagged with one of the macros above.
 ** If not, then when "make test" is run with -DSQLITE_VDBE_COVERAGE and
@@ -16606,7 +16854,7 @@ SQLITE_PRIVATE   void sqlite3VdbeNoopComment(Vdbe*, const char*, ...);
 ** During testing, the test application will invoke
 ** sqlite3_test_control(SQLITE_TESTCTRL_VDBE_COVERAGE,...) to set a callback
 ** routine that is invoked as each bytecode branch is taken.  The callback
-** contains the sqlite3.c source line number ov the VdbeCoverage macro and
+** contains the sqlite3.c source line number of the VdbeCoverage macro and
 ** flags to indicate whether or not the branch was taken.  The test application
 ** is responsible for keeping track of this and reporting byte-code branches
 ** that are never taken.
@@ -16945,7 +17193,7 @@ SQLITE_API int sqlite3_mutex_held(sqlite3_mutex*);
 /*
 ** Default synchronous levels.
 **
-** Note that (for historcal reasons) the PAGER_SYNCHRONOUS_* macros differ
+** Note that (for historical reasons) the PAGER_SYNCHRONOUS_* macros differ
 ** from the SQLITE_DEFAULT_SYNCHRONOUS value by 1.
 **
 **           PAGER_SYNCHRONOUS       DEFAULT_SYNCHRONOUS
@@ -16984,7 +17232,7 @@ struct Db {
 ** An instance of the following structure stores a database schema.
 **
 ** Most Schema objects are associated with a Btree.  The exception is
-** the Schema for the TEMP databaes (sqlite3.aDb[1]) which is free-standing.
+** the Schema for the TEMP database (sqlite3.aDb[1]) which is free-standing.
 ** In shared cache mode, a single Schema object can be shared by multiple
 ** Btrees that refer to the same underlying BtShared object.
 **
@@ -17095,7 +17343,7 @@ struct Lookaside {
   LookasideSlot *pInit;   /* List of buffers not previously used */
   LookasideSlot *pFree;   /* List of available buffers */
 #ifndef SQLITE_OMIT_TWOSIZE_LOOKASIDE
-  LookasideSlot *pSmallInit; /* List of small buffers not prediously used */
+  LookasideSlot *pSmallInit; /* List of small buffers not previously used */
   LookasideSlot *pSmallFree; /* List of available small buffers */
   void *pMiddle;          /* First byte past end of full-size buffers and
                           ** the first byte of LOOKASIDE_SMALL buffers */
@@ -17112,7 +17360,7 @@ struct LookasideSlot {
 #define EnableLookaside   db->lookaside.bDisable--;\
    db->lookaside.sz=db->lookaside.bDisable?0:db->lookaside.szTrue
 
-/* Size of the smaller allocations in two-size lookside */
+/* Size of the smaller allocations in two-size lookaside */
 #ifdef SQLITE_OMIT_TWOSIZE_LOOKASIDE
 #  define LOOKASIDE_SMALL           0
 #else
@@ -17312,6 +17560,7 @@ struct sqlite3 {
   i64 nDeferredCons;            /* Net deferred constraints this transaction. */
   i64 nDeferredImmCons;         /* Net deferred immediate constraints */
   int *pnBytesFreed;            /* If not NULL, increment this in DbFree() */
+  DbClientData *pDbData;        /* sqlite3_set_clientdata() content */
 #ifdef SQLITE_ENABLE_UNLOCK_NOTIFY
   /* The following variables are all protected by the STATIC_MAIN
   ** mutex, not by sqlite3.mutex. They are used by code in notify.c.
@@ -17394,6 +17643,7 @@ struct sqlite3 {
                                           /*   the count using a callback. */
 #define SQLITE_CorruptRdOnly  HI(0x00002) /* Prohibit writes due to error */
 #define SQLITE_ReadUncommit   HI(0x00004) /* READ UNCOMMITTED in shared-cache */
+#define SQLITE_FkNoAction     HI(0x00008) /* Treat all FK as NO ACTION */
 
 /* Flags used only if debugging */
 #ifdef SQLITE_DEBUG
@@ -17451,6 +17701,7 @@ struct sqlite3 {
 #define SQLITE_IndexedExpr    0x01000000 /* Pull exprs from index when able */
 #define SQLITE_Coroutines     0x02000000 /* Co-routines for subqueries */
 #define SQLITE_NullUnusedCols 0x04000000 /* NULL unused columns in subqueries */
+#define SQLITE_OnePass        0x08000000 /* Single-pass DELETE and UPDATE */
 #define SQLITE_AllOpts        0xffffffff /* All optimizations */
 
 /*
@@ -17533,6 +17784,7 @@ struct FuncDestructor {
 **     SQLITE_FUNC_ANYORDER    ==  NC_OrderAgg       == SF_OrderByReqd
 **     SQLITE_FUNC_LENGTH      ==  OPFLAG_LENGTHARG
 **     SQLITE_FUNC_TYPEOF      ==  OPFLAG_TYPEOFARG
+**     SQLITE_FUNC_BYTELEN     ==  OPFLAG_BYTELENARG
 **     SQLITE_FUNC_CONSTANT    ==  SQLITE_DETERMINISTIC from the API
 **     SQLITE_FUNC_DIRECT      ==  SQLITE_DIRECTONLY from the API
 **     SQLITE_FUNC_UNSAFE      ==  SQLITE_INNOCUOUS  -- opposite meanings!!!
@@ -17540,7 +17792,7 @@ struct FuncDestructor {
 **
 ** Note that even though SQLITE_FUNC_UNSAFE and SQLITE_INNOCUOUS have the
 ** same bit value, their meanings are inverted.  SQLITE_FUNC_UNSAFE is
-** used internally and if set means tha the function has side effects.
+** used internally and if set means that the function has side effects.
 ** SQLITE_INNOCUOUS is used by application code and means "not unsafe".
 ** See multiple instances of tag-20230109-1.
 */
@@ -17551,6 +17803,7 @@ struct FuncDestructor {
 #define SQLITE_FUNC_NEEDCOLL 0x0020 /* sqlite3GetFuncCollSeq() might be called*/
 #define SQLITE_FUNC_LENGTH   0x0040 /* Built-in length() function */
 #define SQLITE_FUNC_TYPEOF   0x0080 /* Built-in typeof() function */
+#define SQLITE_FUNC_BYTELEN  0x00c0 /* Built-in octet_length() function */
 #define SQLITE_FUNC_COUNT    0x0100 /* Built-in count(*) aggregate */
 /*                           0x0200 -- available for reuse */
 #define SQLITE_FUNC_UNLIKELY 0x0400 /* Built-in unlikely() function */
@@ -18130,7 +18383,7 @@ struct FKey {
 ** foreign key.
 **
 ** The OE_Default value is a place holder that means to use whatever
-** conflict resolution algorthm is required from context.
+** conflict resolution algorithm is required from context.
 **
 ** The following symbolic values are used to record which type
 ** of conflict resolution action to take.
@@ -18406,6 +18659,9 @@ struct AggInfo {
     FuncDef *pFunc;          /* The aggregate function implementation */
     int iDistinct;           /* Ephemeral table used to enforce DISTINCT */
     int iDistAddr;           /* Address of OP_OpenEphemeral */
+    int iOBTab;              /* Ephemeral table to implement ORDER BY */
+    u8 bOBPayload;           /* iOBTab has payload columns separate from key */
+    u8 bOBUnique;            /* Enforce uniqueness on iOBTab keys */
   } *aFunc;
   int nFunc;              /* Number of entries in aFunc[] */
   u32 selId;              /* Select to which this AggInfo belongs */
@@ -18544,7 +18800,7 @@ struct Expr {
                          ** TK_REGISTER: register number
                          ** TK_TRIGGER: 1 -> new, 0 -> old
                          ** EP_Unlikely:  134217728 times likelihood
-                         ** TK_IN: ephemerial table holding RHS
+                         ** TK_IN: ephemeral table holding RHS
                          ** TK_SELECT_COLUMN: Number of columns on the LHS
                          ** TK_SELECT: 1st register of result vector */
   ynVar iColumn;         /* TK_COLUMN: column index.  -1 for rowid.
@@ -18590,7 +18846,7 @@ struct Expr {
 #define EP_Reduced    0x004000 /* Expr struct EXPR_REDUCEDSIZE bytes only */
 #define EP_Win        0x008000 /* Contains window functions */
 #define EP_TokenOnly  0x010000 /* Expr struct EXPR_TOKENONLYSIZE bytes only */
-                   /* 0x020000 // Available for reuse */
+#define EP_FullSize   0x020000 /* Expr structure must remain full sized */
 #define EP_IfNullRow  0x040000 /* The TK_IF_NULL_ROW opcode */
 #define EP_Unlikely   0x080000 /* unlikely() or likelihood() function */
 #define EP_ConstFunc  0x100000 /* A SQLITE_FUNC_CONSTANT or _SLOCHNG function */
@@ -18620,12 +18876,15 @@ struct Expr {
 #define ExprClearProperty(E,P)   (E)->flags&=~(P)
 #define ExprAlwaysTrue(E)   (((E)->flags&(EP_OuterON|EP_IsTrue))==EP_IsTrue)
 #define ExprAlwaysFalse(E)  (((E)->flags&(EP_OuterON|EP_IsFalse))==EP_IsFalse)
+#define ExprIsFullSize(E)   (((E)->flags&(EP_Reduced|EP_TokenOnly))==0)
 
 /* Macros used to ensure that the correct members of unions are accessed
 ** in Expr.
 */
 #define ExprUseUToken(E)    (((E)->flags&EP_IntValue)==0)
 #define ExprUseUValue(E)    (((E)->flags&EP_IntValue)!=0)
+#define ExprUseWOfst(E)     (((E)->flags&(EP_InnerON|EP_OuterON))==0)
+#define ExprUseWJoin(E)     (((E)->flags&(EP_InnerON|EP_OuterON))!=0)
 #define ExprUseXList(E)     (((E)->flags&EP_xIsSelect)==0)
 #define ExprUseXSelect(E)   (((E)->flags&EP_xIsSelect)!=0)
 #define ExprUseYTab(E)      (((E)->flags&(EP_WinFunc|EP_Subrtn))==0)
@@ -18735,6 +18994,7 @@ struct ExprList {
 #define ENAME_NAME  0       /* The AS clause of a result set */
 #define ENAME_SPAN  1       /* Complete text of the result set expression */
 #define ENAME_TAB   2       /* "DB.TABLE.NAME" for the result set */
+#define ENAME_ROWID 3       /* "DB.TABLE._rowid_" for * expansion of rowid */
 
 /*
 ** An instance of this structure can hold a simple list of identifiers,
@@ -18814,7 +19074,7 @@ struct SrcItem {
     unsigned notCte :1;        /* This item may not match a CTE */
     unsigned isUsing :1;       /* u3.pUsing is valid */
     unsigned isOn :1;          /* u3.pOn was once valid and non-NULL */
-    unsigned isSynthUsing :1;  /* u3.pUsing is synthensized from NATURAL */
+    unsigned isSynthUsing :1;  /* u3.pUsing is synthesized from NATURAL */
     unsigned isNestedFrom :1;  /* pSelect is a SF_NestedFrom subquery */
   } fg;
   int iCursor;      /* The VDBE cursor number used to access this table */
@@ -19343,6 +19603,7 @@ struct Parse {
   int *aLabel;         /* Space to hold the labels */
   ExprList *pConstExpr;/* Constant expressions */
   IndexedExpr *pIdxEpr;/* List of expressions used by active indexes */
+  IndexedExpr *pIdxPartExpr; /* Exprs constrained by index WHERE clauses */
   Token constraintName;/* Name of the constraint currently being parsed */
   yDbMask writeMask;   /* Start a write transaction on these databases */
   yDbMask cookieMask;  /* Bitmask of schema verified databases */
@@ -19350,6 +19611,9 @@ struct Parse {
   int regRoot;         /* Register holding root page number for new objects */
   int nMaxArg;         /* Max args passed to user function by sub-program */
   int nSelect;         /* Number of SELECT stmts. Counter for Select.selId */
+#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
+  u32 nProgressSteps;  /* xProgress steps taken during sqlite3_prepare() */
+#endif
 #ifndef SQLITE_OMIT_SHARED_CACHE
   int nTableLock;        /* Number of locks in aTableLock */
   TableLock *aTableLock; /* Required table locks for shared-cache mode */
@@ -19363,12 +19627,9 @@ struct Parse {
     int addrCrTab;         /* Address of OP_CreateBtree on CREATE TABLE */
     Returning *pReturning; /* The RETURNING clause */
   } u1;
-  u32 nQueryLoop;      /* Est number of iterations of a query (10*log2(N)) */
   u32 oldmask;         /* Mask of old.* columns referenced */
   u32 newmask;         /* Mask of new.* columns referenced */
-#ifndef SQLITE_OMIT_PROGRESS_CALLBACK
-  u32 nProgressSteps;  /* xProgress steps taken during sqlite3_prepare() */
-#endif
+  LogEst nQueryLoop;   /* Est number of iterations of a query (10*log2(N)) */
   u8 eTriggerOp;       /* TK_UPDATE, TK_INSERT or TK_DELETE */
   u8 bReturning;       /* Coding a RETURNING trigger */
   u8 eOrconf;          /* Default ON CONFLICT policy for trigger steps */
@@ -19492,6 +19753,7 @@ struct AuthContext {
 #define OPFLAG_ISNOOP        0x40    /* OP_Delete does pre-update-hook only */
 #define OPFLAG_LENGTHARG     0x40    /* OP_Column only used for length() */
 #define OPFLAG_TYPEOFARG     0x80    /* OP_Column only used for typeof() */
+#define OPFLAG_BYTELENARG    0xc0    /* OP_Column only for octet_length() */
 #define OPFLAG_BULKCSR       0x01    /* OP_Open** used to open bulk cursor */
 #define OPFLAG_SEEKEQ        0x02    /* OP_Open** cursor uses EQ seek only */
 #define OPFLAG_FORDELETE     0x08    /* OP_Open should use BTREE_FORDELETE */
@@ -19613,6 +19875,7 @@ struct Returning {
   int iRetCur;          /* Transient table holding RETURNING results */
   int nRetCol;          /* Number of in pReturnEL after expansion */
   int iRetReg;          /* Register array for holding a row of RETURNING */
+  char zName[40];       /* Name of trigger: "sqlite_returning_%p" */
 };
 
 /*
@@ -19634,6 +19897,25 @@ struct sqlite3_str {
 
 #define isMalloced(X)  (((X)->printfFlags & SQLITE_PRINTF_MALLOCED)!=0)
 
+/*
+** The following object is the header for an "RCStr" or "reference-counted
+** string".  An RCStr is passed around and used like any other char*
+** that has been dynamically allocated.  The important interface
+** differences:
+**
+**   1.  RCStr strings are reference counted.  They are deallocated
+**       when the reference count reaches zero.
+**
+**   2.  Use sqlite3RCStrUnref() to free an RCStr string rather than
+**       sqlite3_free()
+**
+**   3.  Make a (read-only) copy of a read-only RCStr string using
+**       sqlite3RCStrRef().
+*/
+struct RCStr {
+  u64 nRCRef;            /* Number of references */
+  /* Total structure size should be a multiple of 8 bytes for alignment */
+};
 
 /*
 ** A pointer to this structure is used to communicate information
@@ -19660,7 +19942,7 @@ typedef struct {
 /* Tuning parameters are set using SQLITE_TESTCTRL_TUNE and are controlled
 ** on debug-builds of the CLI using ".testctrl tune ID VALUE".  Tuning
 ** parameters are for temporary use during development, to help find
-** optimial values for parameters in the query planner.  The should not
+** optimal values for parameters in the query planner.  The should not
 ** be used on trunk check-ins.  They are a temporary mechanism available
 ** for transient development builds only.
 **
@@ -19686,6 +19968,7 @@ struct Sqlite3Config {
   u8 bUseCis;                       /* Use covering indices for full-scans */
   u8 bSmallMalloc;                  /* Avoid large memory allocations if true */
   u8 bExtraSchemaChecks;            /* Verify type,name,tbl_name in schema */
+  u8 bUseLongDouble;                /* Make use of long double */
   int mxStrlen;                     /* Maximum string length */
   int neverCorrupt;                 /* Database is always well-formed */
   int szLookaside;                  /* Default lookaside buffer size */
@@ -19772,6 +20055,7 @@ struct Walker {
   void (*xSelectCallback2)(Walker*,Select*);/* Second callback for SELECTs */
   int walkerDepth;                          /* Number of subqueries */
   u16 eCode;                                /* A small processing code */
+  u16 mWFlags;                              /* Use-dependent flags */
   union {                                   /* Extra data for callback */
     NameContext *pNC;                         /* Naming context */
     int n;                                    /* A counter */
@@ -19811,6 +20095,7 @@ struct DbFixer {
 
 /* Forward declarations */
 SQLITE_PRIVATE int sqlite3WalkExpr(Walker*, Expr*);
+SQLITE_PRIVATE int sqlite3WalkExprNN(Walker*, Expr*);
 SQLITE_PRIVATE int sqlite3WalkExprList(Walker*, ExprList*);
 SQLITE_PRIVATE int sqlite3WalkSelect(Walker*, Select*);
 SQLITE_PRIVATE int sqlite3WalkSelectExpr(Walker*, Select*);
@@ -19891,6 +20176,16 @@ struct CteUse {
 };
 
 
+/* Client data associated with sqlite3_set_clientdata() and
+** sqlite3_get_clientdata().
+*/
+struct DbClientData {
+  DbClientData *pNext;        /* Next in a linked list */
+  void *pData;                /* The data */
+  void (*xDestructor)(void*); /* Destructor.  Might be NULL */
+  char zName[1];              /* Name of this client data. MUST BE LAST */
+};
+
 #ifdef SQLITE_DEBUG
 /*
 ** An instance of the TreeView object is used for printing the content of
@@ -20192,6 +20487,20 @@ struct PrintfArguments {
   sqlite3_value **apArg;   /* The argument values */
 };
 
+/*
+** An instance of this object receives the decoding of a floating point
+** value into an approximate decimal representation.
+*/
+struct FpDecode {
+  char sign;           /* '+' or '-' */
+  char isSpecial;      /* 1: Infinity  2: NaN */
+  int n;               /* Significant digits in the decode */
+  int iDP;             /* Location of the decimal point */
+  char *z;             /* Start of significant digits */
+  char zBuf[24];       /* Storage for significant digits */
+};
+
+SQLITE_PRIVATE void sqlite3FpDecode(FpDecode*,double,int,int);
 SQLITE_PRIVATE char *sqlite3MPrintf(sqlite3*,const char*, ...);
 SQLITE_PRIVATE char *sqlite3VMPrintf(sqlite3*,const char*, va_list);
 #if defined(SQLITE_DEBUG) || defined(SQLITE_HAVE_OS_TRACE)
@@ -20281,6 +20590,8 @@ SQLITE_PRIVATE void sqlite3PExprAddSelect(Parse*, Expr*, Select*);
 SQLITE_PRIVATE Expr *sqlite3ExprAnd(Parse*,Expr*, Expr*);
 SQLITE_PRIVATE Expr *sqlite3ExprSimplifiedAndOr(Expr*);
 SQLITE_PRIVATE Expr *sqlite3ExprFunction(Parse*,ExprList*, const Token*, int);
+SQLITE_PRIVATE void sqlite3ExprAddFunctionOrderBy(Parse*,Expr*,ExprList*);
+SQLITE_PRIVATE void sqlite3ExprOrderByAggregateError(Parse*,Expr*);
 SQLITE_PRIVATE void sqlite3ExprFunctionUsable(Parse*,const Expr*,const FuncDef*);
 SQLITE_PRIVATE void sqlite3ExprAssignVarNumber(Parse*, Expr*, u32);
 SQLITE_PRIVATE void sqlite3ExprDelete(sqlite3*, Expr*);
@@ -20482,7 +20793,7 @@ SQLITE_PRIVATE int sqlite3ExprCompare(const Parse*,const Expr*,const Expr*, int)
 SQLITE_PRIVATE int sqlite3ExprCompareSkip(Expr*,Expr*,int);
 SQLITE_PRIVATE int sqlite3ExprListCompare(const ExprList*,const ExprList*, int);
 SQLITE_PRIVATE int sqlite3ExprImpliesExpr(const Parse*,const Expr*,const Expr*, int);
-SQLITE_PRIVATE int sqlite3ExprImpliesNonNullRow(Expr*,int);
+SQLITE_PRIVATE int sqlite3ExprImpliesNonNullRow(Expr*,int,int);
 SQLITE_PRIVATE void sqlite3AggInfoPersistWalkerInit(Walker*,Parse*);
 SQLITE_PRIVATE void sqlite3ExprAnalyzeAggregates(NameContext*, Expr*);
 SQLITE_PRIVATE void sqlite3ExprAnalyzeAggList(NameContext*,ExprList*);
@@ -20517,6 +20828,7 @@ SQLITE_PRIVATE int sqlite3ExprIsInteger(const Expr*, int*);
 SQLITE_PRIVATE int sqlite3ExprCanBeNull(const Expr*);
 SQLITE_PRIVATE int sqlite3ExprNeedsNoAffinityChange(const Expr*, char);
 SQLITE_PRIVATE int sqlite3IsRowid(const char*);
+SQLITE_PRIVATE const char *sqlite3RowidAlias(Table *pTab);
 SQLITE_PRIVATE void sqlite3GenerateRowDelete(
     Parse*,Table*,Trigger*,int,int,int,i16,u8,u8,u8,int);
 SQLITE_PRIVATE void sqlite3GenerateRowIndexDelete(Parse*, Table*, int, int, int*, int);
@@ -20631,6 +20943,7 @@ SQLITE_PRIVATE int sqlite3FixSrcList(DbFixer*, SrcList*);
 SQLITE_PRIVATE int sqlite3FixSelect(DbFixer*, Select*);
 SQLITE_PRIVATE int sqlite3FixExpr(DbFixer*, Expr*);
 SQLITE_PRIVATE int sqlite3FixTriggerStep(DbFixer*, TriggerStep*);
+
 SQLITE_PRIVATE int sqlite3RealSameAsInt(double,sqlite3_int64);
 SQLITE_PRIVATE i64 sqlite3RealToI64(double);
 SQLITE_PRIVATE int sqlite3Int64ToText(i64,char*);
@@ -20735,6 +21048,7 @@ SQLITE_PRIVATE void sqlite3FileSuffix3(const char*, char*);
 SQLITE_PRIVATE u8 sqlite3GetBoolean(const char *z,u8);
 
 SQLITE_PRIVATE const void *sqlite3ValueText(sqlite3_value*, u8);
+SQLITE_PRIVATE int sqlite3ValueIsOfClass(const sqlite3_value*, void(*)(void*));
 SQLITE_PRIVATE int sqlite3ValueBytes(sqlite3_value*, u8);
 SQLITE_PRIVATE void sqlite3ValueSetStr(sqlite3_value*, int, const void *,u8,
                         void(*)(void*));
@@ -20786,7 +21100,8 @@ SQLITE_PRIVATE int sqlite3MatchEName(
   const struct ExprList_item*,
   const char*,
   const char*,
-  const char*
+  const char*,
+  int*
 );
 SQLITE_PRIVATE Bitmask sqlite3ExprColUsed(Expr*);
 SQLITE_PRIVATE u8 sqlite3StrIHash(const char*);
@@ -20842,6 +21157,11 @@ SQLITE_PRIVATE void sqlite3OomClear(sqlite3*);
 SQLITE_PRIVATE int sqlite3ApiExit(sqlite3 *db, int);
 SQLITE_PRIVATE int sqlite3OpenTempDatabase(Parse *);
 
+SQLITE_PRIVATE char *sqlite3RCStrRef(char*);
+SQLITE_PRIVATE void sqlite3RCStrUnref(void*);
+SQLITE_PRIVATE char *sqlite3RCStrNew(u64);
+SQLITE_PRIVATE char *sqlite3RCStrResize(char*,u64);
+
 SQLITE_PRIVATE void sqlite3StrAccumInit(StrAccum*, sqlite3*, char*, int, int);
 SQLITE_PRIVATE int sqlite3StrAccumEnlarge(StrAccum*, i64);
 SQLITE_PRIVATE char *sqlite3StrAccumFinish(StrAccum*);
@@ -21093,6 +21413,7 @@ SQLITE_PRIVATE   int sqlite3ExprCheckHeight(Parse*, int);
   #define sqlite3SelectExprHeight(x) 0
   #define sqlite3ExprCheckHeight(x,y)
 #endif
+SQLITE_PRIVATE void sqlite3ExprSetErrorOffset(Expr*,int);
 
 SQLITE_PRIVATE u32 sqlite3Get4byte(const u8*);
 SQLITE_PRIVATE void sqlite3Put4byte(u8*, u32);
@@ -21378,9 +21699,6 @@ static const char * const sqlite3azCompileOpt[] = {
 #ifdef SQLITE_4_BYTE_ALIGNED_MALLOC
   "4_BYTE_ALIGNED_MALLOC",
 #endif
-#ifdef SQLITE_64BIT_STATS
-  "64BIT_STATS",
-#endif
 #ifdef SQLITE_ALLOW_COVERING_INDEX_SCAN
 # if SQLITE_ALLOW_COVERING_INDEX_SCAN != 1
   "ALLOW_COVERING_INDEX_SCAN=" CTIMEOPT_VAL(SQLITE_ALLOW_COVERING_INDEX_SCAN),
@@ -21676,6 +21994,9 @@ static const char * const sqlite3azCompileOpt[] = {
 #ifdef SQLITE_EXPLAIN_ESTIMATED_ROWS
   "EXPLAIN_ESTIMATED_ROWS",
 #endif
+#ifdef SQLITE_EXTRA_AUTOEXT
+  "EXTRA_AUTOEXT=" CTIMEOPT_VAL(SQLITE_EXTRA_AUTOEXT),
+#endif
 #ifdef SQLITE_EXTRA_IFNULLROW
   "EXTRA_IFNULLROW",
 #endif
@@ -21717,6 +22038,9 @@ static const char * const sqlite3azCompileOpt[] = {
 #ifdef SQLITE_INTEGRITY_CHECK_ERROR_MAX
   "INTEGRITY_CHECK_ERROR_MAX=" CTIMEOPT_VAL(SQLITE_INTEGRITY_CHECK_ERROR_MAX),
 #endif
+#ifdef SQLITE_LEGACY_JSON_VALID
+  "LEGACY_JSON_VALID",
+#endif
 #ifdef SQLITE_LIKE_DOESNT_MATCH_BLOBS
   "LIKE_DOESNT_MATCH_BLOBS",
 #endif
@@ -21954,6 +22278,9 @@ static const char * const sqlite3azCompileOpt[] = {
 #ifdef SQLITE_OMIT_SCHEMA_VERSION_PRAGMAS
   "OMIT_SCHEMA_VERSION_PRAGMAS",
 #endif
+#ifdef SQLITE_OMIT_SEH
+  "OMIT_SEH",
+#endif
 #ifdef SQLITE_OMIT_SHARED_CACHE
   "OMIT_SHARED_CACHE",
 #endif
@@ -22351,6 +22678,7 @@ SQLITE_PRIVATE SQLITE_WSD struct Sqlite3Config sqlite3Config = {
    SQLITE_ALLOW_COVERING_INDEX_SCAN,   /* bUseCis */
    0,                         /* bSmallMalloc */
    1,                         /* bExtraSchemaChecks */
+   sizeof(LONGDOUBLE_TYPE)>8, /* bUseLongDouble */
    0x7ffffffe,                /* mxStrlen */
    0,                         /* neverCorrupt */
    SQLITE_DEFAULT_LOOKASIDE,  /* szLookaside, nLookaside */
@@ -22580,6 +22908,9 @@ typedef struct VdbeSorter VdbeSorter;
 /* Elements of the linked list at Vdbe.pAuxData */
 typedef struct AuxData AuxData;
 
+/* A cache of large TEXT or BLOB values in a VdbeCursor */
+typedef struct VdbeTxtBlbCache VdbeTxtBlbCache;
+
 /* Types of VDBE cursors */
 #define CURTYPE_BTREE       0
 #define CURTYPE_SORTER      1
@@ -22611,6 +22942,7 @@ struct VdbeCursor {
   Bool useRandomRowid:1;  /* Generate new record numbers semi-randomly */
   Bool isOrdered:1;       /* True if the table is not BTREE_UNORDERED */
   Bool noReuse:1;         /* OpenEphemeral may not reuse this cursor */
+  Bool colCache:1;        /* pCache pointer is initialized and non-NULL */
   u16 seekHit;            /* See the OP_SeekHit and OP_IfNoHope opcodes */
   union {                 /* pBtx for isEphermeral.  pAltMap otherwise */
     Btree *pBtx;            /* Separate file holding temporary table */
@@ -22651,6 +22983,7 @@ struct VdbeCursor {
 #ifdef SQLITE_ENABLE_COLUMN_USED_MASK
   u64 maskUsed;           /* Mask of columns used by this cursor */
 #endif
+  VdbeTxtBlbCache *pCache; /* Cache of large TEXT or BLOB values */
 
   /* 2*nField extra array elements allocated for aType[], beyond the one
   ** static element declared in the structure.  nField total array slots for
@@ -22663,12 +22996,25 @@ struct VdbeCursor {
 #define IsNullCursor(P) \
   ((P)->eCurType==CURTYPE_PSEUDO && (P)->nullRow && (P)->seekResult==0)
 
-
 /*
 ** A value for VdbeCursor.cacheStatus that means the cache is always invalid.
 */
 #define CACHE_STALE 0
 
+/*
+** Large TEXT or BLOB values can be slow to load, so we want to avoid
+** loading them more than once.  For that reason, large TEXT and BLOB values
+** can be stored in a cache defined by this object, and attached to the
+** VdbeCursor using the pCache field.
+*/
+struct VdbeTxtBlbCache {
+  char *pCValue;        /* A RCStr buffer to hold the value */
+  i64 iOffset;          /* File offset of the row being cached */
+  int iCol;             /* Column for which the cache is valid */
+  u32 cacheStatus;      /* Vdbe.cacheCtr value */
+  u32 colCacheCtr;      /* Column cache counter */
+};
+
 /*
 ** When a sub-program is executed (OP_Program), a structure of this type
 ** is allocated to store the current value of the program counter, as
@@ -22989,16 +23335,18 @@ struct Vdbe {
   u32 nWrite;             /* Number of write operations that have occurred */
 #endif
   u16 nResColumn;         /* Number of columns in one row of the result set */
+  u16 nResAlloc;          /* Column slots allocated to aColName[] */
   u8 errorAction;         /* Recovery action to do in case of an error */
   u8 minWriteFileFormat;  /* Minimum file format for writable database files */
   u8 prepFlags;           /* SQLITE_PREPARE_* flags */
   u8 eVdbeState;          /* On of the VDBE_*_STATE values */
   bft expired:2;          /* 1: recompile VM immediately  2: when convenient */
-  bft explain:2;          /* True if EXPLAIN present on SQL command */
+  bft explain:2;          /* 0: normal, 1: EXPLAIN, 2: EXPLAIN QUERY PLAN */
   bft changeCntOn:1;      /* True to update the change-counter */
   bft usesStmtJournal:1;  /* True if uses a statement journal */
   bft readOnly:1;         /* True for statements that do not write */
   bft bIsReader:1;        /* True for statements that read */
+  bft haveEqpOps:1;       /* Bytecode supports EXPLAIN QUERY PLAN */
   yDbMask btreeMask;      /* Bitmask of db->aDb[] entries referenced */
   yDbMask lockMask;       /* Subset of btreeMask that requires a lock */
   u32 aCounter[9];        /* Counters used by sqlite3_stmt_status() */
@@ -23045,7 +23393,7 @@ struct PreUpdate {
   i64 iKey1;                      /* First key value passed to hook */
   i64 iKey2;                      /* Second key value passed to hook */
   Mem *aNew;                      /* Array of new.* values */
-  Table *pTab;                    /* Schema object being upated */
+  Table *pTab;                    /* Schema object being updated */
   Index *pPk;                     /* PK index if pTab is WITHOUT ROWID */
 };
 
@@ -23135,6 +23483,7 @@ SQLITE_PRIVATE int sqlite3VdbeMemSetZeroBlob(Mem*,int);
 SQLITE_PRIVATE int sqlite3VdbeMemIsRowSet(const Mem*);
 #endif
 SQLITE_PRIVATE int sqlite3VdbeMemSetRowSet(Mem*);
+SQLITE_PRIVATE void sqlite3VdbeMemZeroTerminateIfAble(Mem*);
 SQLITE_PRIVATE int sqlite3VdbeMemMakeWriteable(Mem*);
 SQLITE_PRIVATE int sqlite3VdbeMemStringify(Mem*, u8, u8);
 SQLITE_PRIVATE int sqlite3IntFloatCompare(i64,double);
@@ -23731,8 +24080,8 @@ struct DateTime {
 */
 static int getDigits(const char *zDate, const char *zFormat, ...){
   /* The aMx[] array translates the 3rd character of each format
-  ** spec into a max size:    a   b   c   d   e     f */
-  static const u16 aMx[] = { 12, 14, 24, 31, 59, 9999 };
+  ** spec into a max size:    a   b   c   d   e      f */
+  static const u16 aMx[] = { 12, 14, 24, 31, 59, 14712 };
   va_list ap;
   int cnt = 0;
   char nextC;
@@ -24073,17 +24422,14 @@ static void computeYMD(DateTime *p){
 ** Compute the Hour, Minute, and Seconds from the julian day number.
 */
 static void computeHMS(DateTime *p){
-  int s;
+  int day_ms, day_min; /* milliseconds, minutes into the day */
   if( p->validHMS ) return;
   computeJD(p);
-  s = (int)((p->iJD + 43200000) % 86400000);
-  p->s = s/1000.0;
-  s = (int)p->s;
-  p->s -= s;
-  p->h = s/3600;
-  s -= p->h*3600;
-  p->m = s/60;
-  p->s += s - p->m*60;
+  day_ms = (int)((p->iJD + 43200000) % 86400000);
+  p->s = (day_ms % 60000)/1000.0;
+  day_min = day_ms/60000;
+  p->m = day_min % 60;
+  p->h = day_min / 60;
   p->rawS = 0;
   p->validHMS = 1;
 }
@@ -24262,6 +24608,25 @@ static const struct {
   { 4, "year",   14713.0,   31536000.0  },
 };
 
+/*
+** If the DateTime p is raw number, try to figure out if it is
+** a julian day number of a unix timestamp.  Set the p value
+** appropriately.
+*/
+static void autoAdjustDate(DateTime *p){
+  if( !p->rawS || p->validJD ){
+    p->rawS = 0;
+  }else if( p->s>=-21086676*(i64)10000        /* -4713-11-24 12:00:00 */
+         && p->s<=(25340230*(i64)10000)+799   /*  9999-12-31 23:59:59 */
+  ){
+    double r = p->s*1000.0 + 210866760000000.0;
+    clearYMD_HMS_TZ(p);
+    p->iJD = (sqlite3_int64)(r + 0.5);
+    p->validJD = 1;
+    p->rawS = 0;
+  }
+}
+
 /*
 ** Process a modifier to a date-time stamp.  The modifiers are
 ** as follows:
@@ -24305,19 +24670,8 @@ static int parseModifier(
       */
       if( sqlite3_stricmp(z, "auto")==0 ){
         if( idx>1 ) return 1; /* IMP: R-33611-57934 */
-        if( !p->rawS || p->validJD ){
-          rc = 0;
-          p->rawS = 0;
-        }else if( p->s>=-21086676*(i64)10000        /* -4713-11-24 12:00:00 */
-               && p->s<=(25340230*(i64)10000)+799   /*  9999-12-31 23:59:59 */
-        ){
-          r = p->s*1000.0 + 210866760000000.0;
-          clearYMD_HMS_TZ(p);
-          p->iJD = (sqlite3_int64)(r + 0.5);
-          p->validJD = 1;
-          p->rawS = 0;
-          rc = 0;
-        }
+        autoAdjustDate(p);
+        rc = 0;
       }
       break;
     }
@@ -24483,18 +24837,73 @@ static int parseModifier(
     case '9': {
       double rRounder;
       int i;
-      for(n=1; z[n] && z[n]!=':' && !sqlite3Isspace(z[n]); n++){}
+      int Y,M,D,h,m,x;
+      const char *z2 = z;
+      char z0 = z[0];
+      for(n=1; z[n]; n++){
+        if( z[n]==':' ) break;
+        if( sqlite3Isspace(z[n]) ) break;
+        if( z[n]=='-' ){
+          if( n==5 && getDigits(&z[1], "40f", &Y)==1 ) break;
+          if( n==6 && getDigits(&z[1], "50f", &Y)==1 ) break;
+        }
+      }
       if( sqlite3AtoF(z, &r, n, SQLITE_UTF8)<=0 ){
-        rc = 1;
+        assert( rc==1 );
         break;
       }
-      if( z[n]==':' ){
+      if( z[n]=='-' ){
+        /* A modifier of the form (+|-)YYYY-MM-DD adds or subtracts the
+        ** specified number of years, months, and days.  MM is limited to
+        ** the range 0-11 and DD is limited to 0-30.
+        */
+        if( z0!='+' && z0!='-' ) break;  /* Must start with +/- */
+        if( n==5 ){
+          if( getDigits(&z[1], "40f-20a-20d", &Y, &M, &D)!=3 ) break;
+        }else{
+          assert( n==6 );
+          if( getDigits(&z[1], "50f-20a-20d", &Y, &M, &D)!=3 ) break;
+          z++;
+        }
+        if( M>=12 ) break;                   /* M range 0..11 */
+        if( D>=31 ) break;                   /* D range 0..30 */
+        computeYMD_HMS(p);
+        p->validJD = 0;
+        if( z0=='-' ){
+          p->Y -= Y;
+          p->M -= M;
+          D = -D;
+        }else{
+          p->Y += Y;
+          p->M += M;
+        }
+        x = p->M>0 ? (p->M-1)/12 : (p->M-12)/12;
+        p->Y += x;
+        p->M -= x*12;
+        computeJD(p);
+        p->validHMS = 0;
+        p->validYMD = 0;
+        p->iJD += (i64)D*86400000;
+        if( z[11]==0 ){
+          rc = 0;
+          break;
+        }
+        if( sqlite3Isspace(z[11])
+         && getDigits(&z[12], "20c:20e", &h, &m)==2
+        ){
+          z2 = &z[12];
+          n = 2;
+        }else{
+          break;
+        }
+      }
+      if( z2[n]==':' ){
         /* A modifier of the form (+|-)HH:MM:SS.FFF adds (or subtracts) the
         ** specified number of hours, minutes, seconds, and fractional seconds
         ** to the time.  The ".FFF" may be omitted.  The ":SS.FFF" may be
         ** omitted.
         */
-        const char *z2 = z;
+
         DateTime tx;
         sqlite3_int64 day;
         if( !sqlite3Isdigit(*z2) ) z2++;
@@ -24504,7 +24913,7 @@ static int parseModifier(
         tx.iJD -= 43200000;
         day = tx.iJD/86400000;
         tx.iJD -= day*86400000;
-        if( z[0]=='-' ) tx.iJD = -tx.iJD;
+        if( z0=='-' ) tx.iJD = -tx.iJD;
         computeJD(p);
         clearYMD_HMS_TZ(p);
         p->iJD += tx.iJD;
@@ -24520,7 +24929,7 @@ static int parseModifier(
       if( n>10 || n<3 ) break;
       if( sqlite3UpperToLower[(u8)z[n-1]]=='s' ) n--;
       computeJD(p);
-      rc = 1;
+      assert( rc==1 );
       rRounder = r<0 ? -0.5 : +0.5;
       for(i=0; iM += (int)r;
@@ -24688,7 +25096,7 @@ static void datetimeFunc(
     zBuf[16] = '0' + (x.m)%10;
     zBuf[17] = ':';
     if( x.useSubsec ){
-      s = (int)1000.0*x.s;
+      s = (int)(1000.0*x.s + 0.5);
       zBuf[18] = '0' + (s/10000)%10;
       zBuf[19] = '0' + (s/1000)%10;
       zBuf[20] = '.';
@@ -24735,7 +25143,7 @@ static void timeFunc(
     zBuf[4] = '0' + (x.m)%10;
     zBuf[5] = ':';
     if( x.useSubsec ){
-      s = (int)1000.0*x.s;
+      s = (int)(1000.0*x.s + 0.5);
       zBuf[6] = '0' + (s/10000)%10;
       zBuf[7] = '0' + (s/1000)%10;
       zBuf[8] = '.';
@@ -24806,7 +25214,7 @@ static void dateFunc(
 **   %M  minute 00-59
 **   %s  seconds since 1970-01-01
 **   %S  seconds 00-59
-**   %w  day of week 0-6  sunday==0
+**   %w  day of week 0-6  Sunday==0
 **   %W  week of year 00-53
 **   %Y  year 0000-9999
 **   %%  %
@@ -24832,13 +25240,16 @@ static void strftimeFunc(
   computeJD(&x);
   computeYMD_HMS(&x);
   for(i=j=0; zFmt[i]; i++){
+    char cf;
     if( zFmt[i]!='%' ) continue;
     if( j12 ) h -= 12;
+        if( h==0 ) h = 12;
+        sqlite3_str_appendf(&sRes, cf=='I' ? "%02d" : "%2d", h);
         break;
       }
       case 'W': /* Fall thru */
@@ -24860,7 +25284,7 @@ static void strftimeFunc(
         y.D = 1;
         computeJD(&y);
         nDay = (int)((x.iJD-y.iJD+43200000)/86400000);
-        if( zFmt[i]=='W' ){
+        if( cf=='W' ){
           int wd;   /* 0=Monday, 1=Tuesday, ... 6=Sunday */
           wd = (int)(((x.iJD+43200000)/86400000)%7);
           sqlite3_str_appendf(&sRes,"%02d",(nDay+7-wd)/7);
@@ -24881,6 +25305,19 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes,"%02d",x.m);
         break;
       }
+      case 'p': /* Fall thru */
+      case 'P': {
+        if( x.h>=12 ){
+          sqlite3_str_append(&sRes, cf=='p' ? "PM" : "pm", 2);
+        }else{
+          sqlite3_str_append(&sRes, cf=='p' ? "AM" : "am", 2);
+        }
+        break;
+      }
+      case 'R': {
+        sqlite3_str_appendf(&sRes, "%02d:%02d", x.h, x.m);
+        break;
+      }
       case 's': {
         if( x.useSubsec ){
           sqlite3_str_appendf(&sRes,"%.3f",
@@ -24895,9 +25332,15 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes,"%02d",(int)x.s);
         break;
       }
+      case 'T': {
+        sqlite3_str_appendf(&sRes,"%02d:%02d:%02d", x.h, x.m, (int)x.s);
+        break;
+      }
+      case 'u': /* Fall thru */
       case 'w': {
-        sqlite3_str_appendchar(&sRes, 1,
-                       (char)(((x.iJD+129600000)/86400000) % 7) + '0');
+        char c = (char)(((x.iJD+129600000)/86400000) % 7) + '0';
+        if( c=='0' && cf=='u' ) c = '7';
+        sqlite3_str_appendchar(&sRes, 1, c);
         break;
       }
       case 'Y': {
@@ -24946,6 +25389,117 @@ static void cdateFunc(
   dateFunc(context, 0, 0);
 }
 
+/*
+** timediff(DATE1, DATE2)
+**
+** Return the amount of time that must be added to DATE2 in order to
+** convert it into DATE2.  The time difference format is:
+**
+**     +YYYY-MM-DD HH:MM:SS.SSS
+**
+** The initial "+" becomes "-" if DATE1 occurs before DATE2.  For
+** date/time values A and B, the following invariant should hold:
+**
+**     datetime(A) == (datetime(B, timediff(A,B))
+**
+** Both DATE arguments must be either a julian day number, or an
+** ISO-8601 string.  The unix timestamps are not supported by this
+** routine.
+*/
+static void timediffFunc(
+  sqlite3_context *context,
+  int NotUsed1,
+  sqlite3_value **argv
+){
+  char sign;
+  int Y, M;
+  DateTime d1, d2;
+  sqlite3_str sRes;
+  UNUSED_PARAMETER(NotUsed1);
+  if( isDate(context, 1, &argv[0], &d1) ) return;
+  if( isDate(context, 1, &argv[1], &d2) ) return;
+  computeYMD_HMS(&d1);
+  computeYMD_HMS(&d2);
+  if( d1.iJD>=d2.iJD ){
+    sign = '+';
+    Y = d1.Y - d2.Y;
+    if( Y ){
+      d2.Y = d1.Y;
+      d2.validJD = 0;
+      computeJD(&d2);
+    }
+    M = d1.M - d2.M;
+    if( M<0 ){
+      Y--;
+      M += 12;
+    }
+    if( M!=0 ){
+      d2.M = d1.M;
+      d2.validJD = 0;
+      computeJD(&d2);
+    }
+    while( d1.iJDd2.iJD ){
+      M--;
+      if( M<0 ){
+        M = 11;
+        Y--;
+      }
+      d2.M++;
+      if( d2.M>12 ){
+        d2.M = 1;
+        d2.Y++;
+      }
+      d2.validJD = 0;
+      computeJD(&d2);
+    }
+    d1.iJD = d2.iJD - d1.iJD;
+    d1.iJD += (u64)1486995408 * (u64)100000;
+  }
+  d1.validYMD = 0;
+  d1.validHMS = 0;
+  d1.validTZ = 0;
+  computeYMD_HMS(&d1);
+  sqlite3StrAccumInit(&sRes, 0, 0, 0, 100);
+  sqlite3_str_appendf(&sRes, "%c%04d-%02d-%02d %02d:%02d:%06.3f",
+       sign, Y, M, d1.D-1, d1.h, d1.m, d1.s);
+  sqlite3ResultStrAccum(context, &sRes);
+}
+
+
 /*
 ** current_timestamp()
 **
@@ -25020,6 +25574,7 @@ SQLITE_PRIVATE void sqlite3RegisterDateTimeFunctions(void){
     PURE_DATE(time,             -1, 0, 0, timeFunc      ),
     PURE_DATE(datetime,         -1, 0, 0, datetimeFunc  ),
     PURE_DATE(strftime,         -1, 0, 0, strftimeFunc  ),
+    PURE_DATE(timediff,          2, 0, 0, timediffFunc  ),
     DFUNCTION(current_time,      0, 0, 0, ctimeFunc     ),
     DFUNCTION(current_timestamp, 0, 0, 0, ctimestampFunc),
     DFUNCTION(current_date,      0, 0, 0, cdateFunc     ),
@@ -25173,7 +25728,7 @@ SQLITE_PRIVATE int sqlite3OsFileControl(sqlite3_file *id, int op, void *pArg){
     /* Faults are not injected into COMMIT_PHASETWO because, assuming SQLite
     ** is using a regular VFS, it is called after the corresponding
     ** transaction has been committed. Injecting a fault at this point
-    ** confuses the test scripts - the COMMIT comand returns SQLITE_NOMEM
+    ** confuses the test scripts - the COMMIT command returns SQLITE_NOMEM
     ** but the transaction is committed anyway.
     **
     ** The core must call OsFileControl() though, not OsFileControlHint(),
@@ -25794,7 +26349,7 @@ static void *sqlite3MemMalloc(int nByte){
 ** or sqlite3MemRealloc().
 **
 ** For this low-level routine, we already know that pPrior!=0 since
-** cases where pPrior==0 will have been intecepted and dealt with
+** cases where pPrior==0 will have been intercepted and dealt with
 ** by higher-level routines.
 */
 static void sqlite3MemFree(void *pPrior){
@@ -25882,7 +26437,7 @@ static int sqlite3MemInit(void *NotUsed){
     return SQLITE_OK;
   }
   len = sizeof(cpuCount);
-  /* One usually wants to use hw.acctivecpu for MT decisions, but not here */
+  /* One usually wants to use hw.activecpu for MT decisions, but not here */
   sysctlbyname("hw.ncpu", &cpuCount, &len, NULL, 0);
   if( cpuCount>1 ){
     /* defer MT decisions to system malloc */
@@ -27874,7 +28429,7 @@ static void checkMutexFree(sqlite3_mutex *p){
   assert( SQLITE_MUTEX_FAST<2 );
   assert( SQLITE_MUTEX_WARNONCONTENTION<2 );
 
-#if SQLITE_ENABLE_API_ARMOR
+#ifdef SQLITE_ENABLE_API_ARMOR
   if( ((CheckMutex*)p)->iType<2 )
 #endif
   {
@@ -28349,7 +28904,7 @@ SQLITE_PRIVATE sqlite3_mutex_methods const *sqlite3DefaultMutex(void){
 
 /*
 ** The sqlite3_mutex.id, sqlite3_mutex.nRef, and sqlite3_mutex.owner fields
-** are necessary under two condidtions:  (1) Debug builds and (2) using
+** are necessary under two conditions:  (1) Debug builds and (2) using
 ** home-grown mutexes.  Encapsulate these conditions into a single #define.
 */
 #if defined(SQLITE_DEBUG) || defined(SQLITE_HOMEGROWN_RECURSIVE_MUTEX)
@@ -28546,7 +29101,7 @@ static sqlite3_mutex *pthreadMutexAlloc(int iType){
 */
 static void pthreadMutexFree(sqlite3_mutex *p){
   assert( p->nRef==0 );
-#if SQLITE_ENABLE_API_ARMOR
+#ifdef SQLITE_ENABLE_API_ARMOR
   if( p->id==SQLITE_MUTEX_FAST || p->id==SQLITE_MUTEX_RECURSIVE )
 #endif
   {
@@ -28850,7 +29405,7 @@ struct sqlite3_mutex {
   CRITICAL_SECTION mutex;    /* Mutex controlling the lock */
   int id;                    /* Mutex type */
 #ifdef SQLITE_DEBUG
-  volatile int nRef;         /* Number of enterances */
+  volatile int nRef;         /* Number of entrances */
   volatile DWORD owner;      /* Thread holding this mutex */
   volatile LONG trace;       /* True to trace changes */
 #endif
@@ -30110,7 +30665,7 @@ SQLITE_PRIVATE int sqlite3ApiExit(sqlite3* db, int rc){
   if( db->mallocFailed || rc ){
     return apiHandleError(db, rc);
   }
-  return rc & db->errMask;
+  return 0;
 }
 
 /************** End of malloc.c **********************************************/
@@ -30222,57 +30777,6 @@ static const et_info fmtinfo[] = {
 **    %!S   Like %S but prefer the zName over the zAlias
 */
 
-/* Floating point constants used for rounding */
-static const double arRound[] = {
-  5.0e-01, 5.0e-02, 5.0e-03, 5.0e-04, 5.0e-05,
-  5.0e-06, 5.0e-07, 5.0e-08, 5.0e-09, 5.0e-10,
-};
-
-/*
-** If SQLITE_OMIT_FLOATING_POINT is defined, then none of the floating point
-** conversions will work.
-*/
-#ifndef SQLITE_OMIT_FLOATING_POINT
-/*
-** "*val" is a double such that 0.1 <= *val < 10.0
-** Return the ascii code for the leading digit of *val, then
-** multiply "*val" by 10.0 to renormalize.
-**
-** Example:
-**     input:     *val = 3.14159
-**     output:    *val = 1.4159    function return = '3'
-**
-** The counter *cnt is incremented each time.  After counter exceeds
-** 16 (the number of significant digits in a 64-bit float) '0' is
-** always returned.
-*/
-static char et_getdigit(LONGDOUBLE_TYPE *val, int *cnt){
-  int digit;
-  LONGDOUBLE_TYPE d;
-  if( (*cnt)<=0 ) return '0';
-  (*cnt)--;
-  digit = (int)*val;
-  d = digit;
-  digit += '0';
-  *val = (*val - d)*10.0;
-  return (char)digit;
-}
-#endif /* SQLITE_OMIT_FLOATING_POINT */
-
-#ifndef SQLITE_OMIT_FLOATING_POINT
-/*
-** "*val" is a u64.  *msd is a divisor used to extract the
-** most significant digit of *val.  Extract that most significant
-** digit and return it.
-*/
-static char et_getdigit_int(u64 *val, u64 *msd){
-  u64 x = (*val)/(*msd);
-  *val -= x*(*msd);
-  if( *msd>=10 ) *msd /= 10;
-  return '0' + (char)(x & 15);
-}
-#endif /* SQLITE_OMIT_FLOATING_POINT */
-
 /*
 ** Set the StrAccum object to an error mode.
 */
@@ -30364,20 +30868,15 @@ SQLITE_API void sqlite3_str_vappendf(
   u8 bArgList;               /* True for SQLITE_PRINTF_SQLFUNC */
   char prefix;               /* Prefix character.  "+" or "-" or " " or '\0'. */
   sqlite_uint64 longvalue;   /* Value for integer types */
-  LONGDOUBLE_TYPE realvalue; /* Value for real types */
-  sqlite_uint64 msd;         /* Divisor to get most-significant-digit
-                             ** of longvalue */
+  double realvalue;          /* Value for real types */
   const et_info *infop;      /* Pointer to the appropriate info structure */
   char *zOut;                /* Rendering buffer */
   int nOut;                  /* Size of the rendering buffer */
   char *zExtra = 0;          /* Malloced memory used by some conversion */
-#ifndef SQLITE_OMIT_FLOATING_POINT
-  int  exp, e2;              /* exponent of real numbers */
-  int nsd;                   /* Number of significant digits returned */
-  double rounder;            /* Used for rounding floating point values */
+  int exp, e2;               /* exponent of real numbers */
   etByte flag_dp;            /* True if decimal point should be shown */
   etByte flag_rtz;           /* True if trailing zeros should be removed */
-#endif
+
   PrintfArguments *pArgList = 0; /* Arguments for SQLITE_PRINTF_SQLFUNC */
   char buf[etBUFSIZE];       /* Conversion buffer */
 
@@ -30652,94 +31151,61 @@ SQLITE_API void sqlite3_str_vappendf(
         break;
       case etFLOAT:
       case etEXP:
-      case etGENERIC:
+      case etGENERIC: {
+        FpDecode s;
+        int iRound;
+        int j;
+
         if( bArgList ){
           realvalue = getDoubleArg(pArgList);
         }else{
           realvalue = va_arg(ap,double);
         }
-#ifdef SQLITE_OMIT_FLOATING_POINT
-        length = 0;
-#else
         if( precision<0 ) precision = 6;         /* Set default precision */
 #ifdef SQLITE_FP_PRECISION_LIMIT
         if( precision>SQLITE_FP_PRECISION_LIMIT ){
           precision = SQLITE_FP_PRECISION_LIMIT;
         }
 #endif
-        if( realvalue<0.0 ){
-          realvalue = -realvalue;
-          prefix = '-';
+        if( xtype==etFLOAT ){
+          iRound = -precision;
+        }else if( xtype==etGENERIC ){
+          iRound = precision;
         }else{
-          prefix = flag_prefix;
+          iRound = precision+1;
         }
-        exp = 0;
-        if( xtype==etGENERIC && precision>0 ) precision--;
-        testcase( precision>0xfff );
-        if( realvalue<1.0e+16
-         && realvalue==(LONGDOUBLE_TYPE)(longvalue = (u64)realvalue)
-        ){
-          /* Number is a pure integer that can be represented as u64 */
-          for(msd=1; msd*10<=longvalue; msd *= 10, exp++){}
-          if( exp>precision && xtype!=etFLOAT ){
-            u64 rnd = msd/2;
-            int kk = precision;
-            while( kk-- > 0 ){  rnd /= 10; }
-            longvalue += rnd;
-          }
-        }else{
-          msd = 0;
-          longvalue = 0;  /* To prevent a compiler warning */
-          idx = precision & 0xfff;
-          rounder = arRound[idx%10];
-          while( idx>=10 ){ rounder *= 1.0e-10; idx -= 10; }
-          if( xtype==etFLOAT ){
-            double rx = (double)realvalue;
-            sqlite3_uint64 u;
-            int ex;
-            memcpy(&u, &rx, sizeof(u));
-            ex = -1023 + (int)((u>>52)&0x7ff);
-            if( precision+(ex/3) < 15 ) rounder += realvalue*3e-16;
-            realvalue += rounder;
-          }
-          if( sqlite3IsNaN((double)realvalue) ){
-            if( flag_zeropad ){
-              bufpt = "null";
-              length = 4;
+        sqlite3FpDecode(&s, realvalue, iRound, flag_altform2 ? 26 : 16);
+        if( s.isSpecial ){
+          if( s.isSpecial==2 ){
+            bufpt = flag_zeropad ? "null" : "NaN";
+            length = sqlite3Strlen30(bufpt);
+            break;
+          }else if( flag_zeropad ){
+            s.z[0] = '9';
+            s.iDP = 1000;
+            s.n = 1;
+          }else{
+            memcpy(buf, "-Inf", 5);
+            bufpt = buf;
+            if( s.sign=='-' ){
+              /* no-op */
+            }else if( flag_prefix ){
+              buf[0] = flag_prefix;
             }else{
-              bufpt = "NaN";
-              length = 3;
+              bufpt++;
             }
+            length = sqlite3Strlen30(bufpt);
             break;
           }
-
-          /* Normalize realvalue to within 10.0 > realvalue >= 1.0 */
-          if( ALWAYS(realvalue>0.0) ){
-            LONGDOUBLE_TYPE scale = 1.0;
-            while( realvalue>=1e100*scale && exp<=350){ scale*=1e100;exp+=100;}
-            while( realvalue>=1e10*scale && exp<=350 ){ scale*=1e10; exp+=10; }
-            while( realvalue>=10.0*scale && exp<=350 ){ scale *= 10.0; exp++; }
-            realvalue /= scale;
-            while( realvalue<1e-8 ){ realvalue *= 1e8; exp-=8; }
-            while( realvalue<1.0 ){ realvalue *= 10.0; exp--; }
-            if( exp>350 ){
-              if( flag_zeropad ){
-                realvalue = 9.0;
-                exp = 999;
-              }else{
-                bufpt = buf;
-                buf[0] = prefix;
-                memcpy(buf+(prefix!=0),"Inf",4);
-                length = 3+(prefix!=0);
-                break;
-              }
-            }
-            if( xtype!=etFLOAT ){
-              realvalue += rounder;
-              if( realvalue>=10.0 ){ realvalue *= 0.1; exp++; }
-            }
-          }
         }
+        if( s.sign=='-' ){
+          prefix = '-';
+        }else{
+          prefix = flag_prefix;
+        }
+
+        exp = s.iDP-1;
+        if( xtype==etGENERIC && precision>0 ) precision--;
 
         /*
         ** If the field type is etGENERIC, then convert to either etEXP
@@ -30759,9 +31225,8 @@ SQLITE_API void sqlite3_str_vappendf(
         if( xtype==etEXP ){
           e2 = 0;
         }else{
-          e2 = exp;
+          e2 = s.iDP - 1;
         }
-        nsd = 16 + flag_altform2*10;
         bufpt = buf;
         {
           i64 szBufNeeded;           /* Size of a temporary buffer needed */
@@ -30779,16 +31244,12 @@ SQLITE_API void sqlite3_str_vappendf(
           *(bufpt++) = prefix;
         }
         /* Digits prior to the decimal point */
+        j = 0;
         if( e2<0 ){
           *(bufpt++) = '0';
-        }else if( msd>0 ){
-          for(; e2>=0; e2--){
-            *(bufpt++) = et_getdigit_int(&longvalue,&msd);
-            if( cThousand && (e2%3)==0 && e2>1 ) *(bufpt++) = ',';
-          }
         }else{
           for(; e2>=0; e2--){
-            *(bufpt++) = et_getdigit(&realvalue,&nsd);
+            *(bufpt++) = j1 ) *(bufpt++) = ',';
           }
         }
@@ -30798,19 +31259,12 @@ SQLITE_API void sqlite3_str_vappendf(
         }
         /* "0" digits after the decimal point but before the first
         ** significant digit of the number */
-        for(e2++; e2<0; precision--, e2++){
-          assert( precision>0 );
+        for(e2++; e2<0 && precision>0; precision--, e2++){
           *(bufpt++) = '0';
         }
         /* Significant digits after the decimal point */
-        if( msd>0 ){
-          while( (precision--)>0 ){
-            *(bufpt++) = et_getdigit_int(&longvalue,&msd);
-          }
-        }else{
-          while( (precision--)>0 ){
-            *(bufpt++) = et_getdigit(&realvalue,&nsd);
-          }
+        while( (precision--)>0 ){
+          *(bufpt++) = jcharset];
           if( exp<0 ){
             *(bufpt++) = '-'; exp = -exp;
@@ -30859,8 +31314,8 @@ SQLITE_API void sqlite3_str_vappendf(
           while( nPad-- ) bufpt[i++] = '0';
           length = width;
         }
-#endif /* !defined(SQLITE_OMIT_FLOATING_POINT) */
         break;
+      }
       case etSIZE:
         if( !bArgList ){
           *(va_arg(ap,int*)) = pAccum->nChar;
@@ -31584,6 +32039,75 @@ SQLITE_API void sqlite3_str_appendf(StrAccum *p, const char *zFormat, ...){
   va_end(ap);
 }
 
+
+/*****************************************************************************
+** Reference counted string storage
+*****************************************************************************/
+
+/*
+** Increase the reference count of the string by one.
+**
+** The input parameter is returned.
+*/
+SQLITE_PRIVATE char *sqlite3RCStrRef(char *z){
+  RCStr *p = (RCStr*)z;
+  assert( p!=0 );
+  p--;
+  p->nRCRef++;
+  return z;
+}
+
+/*
+** Decrease the reference count by one.  Free the string when the
+** reference count reaches zero.
+*/
+SQLITE_PRIVATE void sqlite3RCStrUnref(void *z){
+  RCStr *p = (RCStr*)z;
+  assert( p!=0 );
+  p--;
+  assert( p->nRCRef>0 );
+  if( p->nRCRef>=2 ){
+    p->nRCRef--;
+  }else{
+    sqlite3_free(p);
+  }
+}
+
+/*
+** Create a new string that is capable of holding N bytes of text, not counting
+** the zero byte at the end.  The string is uninitialized.
+**
+** The reference count is initially 1.  Call sqlite3RCStrUnref() to free the
+** newly allocated string.
+**
+** This routine returns 0 on an OOM.
+*/
+SQLITE_PRIVATE char *sqlite3RCStrNew(u64 N){
+  RCStr *p = sqlite3_malloc64( N + sizeof(*p) + 1 );
+  if( p==0 ) return 0;
+  p->nRCRef = 1;
+  return (char*)&p[1];
+}
+
+/*
+** Change the size of the string so that it is able to hold N bytes.
+** The string might be reallocated, so return the new allocation.
+*/
+SQLITE_PRIVATE char *sqlite3RCStrResize(char *z, u64 N){
+  RCStr *p = (RCStr*)z;
+  RCStr *pNew;
+  assert( p!=0 );
+  p--;
+  assert( p->nRCRef==1 );
+  pNew = sqlite3_realloc64(p, N+sizeof(RCStr)+1);
+  if( pNew==0 ){
+    sqlite3_free(p);
+    return 0;
+  }else{
+    return (char*)&pNew[1];
+  }
+}
+
 /************** End of printf.c **********************************************/
 /************** Begin file treeview.c ****************************************/
 /*
@@ -32000,6 +32524,7 @@ SQLITE_PRIVATE void sqlite3TreeViewWindow(TreeView *pView, const Window *pWin, u
     sqlite3TreeViewItem(pView, "FILTER", 1);
     sqlite3TreeViewExpr(pView, pWin->pFilter, 0);
     sqlite3TreeViewPop(&pView);
+    if( pWin->eFrmType==TK_FILTER ) return;
   }
   sqlite3TreeViewPush(&pView, more);
   if( pWin->zName ){
@@ -32009,7 +32534,7 @@ SQLITE_PRIVATE void sqlite3TreeViewWindow(TreeView *pView, const Window *pWin, u
   }
   if( pWin->zBase )    nElement++;
   if( pWin->pOrderBy ) nElement++;
-  if( pWin->eFrmType ) nElement++;
+  if( pWin->eFrmType!=0 && pWin->eFrmType!=TK_FILTER ) nElement++;
   if( pWin->eExclude ) nElement++;
   if( pWin->zBase ){
     sqlite3TreeViewPush(&pView, (--nElement)>0);
@@ -32022,7 +32547,7 @@ SQLITE_PRIVATE void sqlite3TreeViewWindow(TreeView *pView, const Window *pWin, u
   if( pWin->pOrderBy ){
     sqlite3TreeViewExprList(pView, pWin->pOrderBy, (--nElement)>0, "ORDER-BY");
   }
-  if( pWin->eFrmType ){
+  if( pWin->eFrmType!=0 && pWin->eFrmType!=TK_FILTER ){
     char zBuf[30];
     const char *zFrmType = "ROWS";
     if( pWin->eFrmType==TK_RANGE ) zFrmType = "RANGE";
@@ -32231,7 +32756,8 @@ SQLITE_PRIVATE void sqlite3TreeViewExpr(TreeView *pView, const Expr *pExpr, u8 m
       };
       assert( pExpr->op2==TK_IS || pExpr->op2==TK_ISNOT );
       assert( pExpr->pRight );
-      assert( sqlite3ExprSkipCollate(pExpr->pRight)->op==TK_TRUEFALSE );
+      assert( sqlite3ExprSkipCollateAndLikely(pExpr->pRight)->op
+                  == TK_TRUEFALSE );
       x = (pExpr->op2==TK_ISNOT)*2 + sqlite3ExprTruthValue(pExpr->pRight);
       zUniOp = azOp[x];
       break;
@@ -32269,7 +32795,7 @@ SQLITE_PRIVATE void sqlite3TreeViewExpr(TreeView *pView, const Expr *pExpr, u8 m
         assert( ExprUseXList(pExpr) );
         pFarg = pExpr->x.pList;
 #ifndef SQLITE_OMIT_WINDOWFUNC
-        pWin = ExprHasProperty(pExpr, EP_WinFunc) ? pExpr->y.pWin : 0;
+        pWin = IsWindowFunc(pExpr) ? pExpr->y.pWin : 0;
 #else
         pWin = 0;
 #endif
@@ -32295,7 +32821,13 @@ SQLITE_PRIVATE void sqlite3TreeViewExpr(TreeView *pView, const Expr *pExpr, u8 m
         sqlite3TreeViewLine(pView, "FUNCTION %Q%s", pExpr->u.zToken, zFlgs);
       }
       if( pFarg ){
-        sqlite3TreeViewExprList(pView, pFarg, pWin!=0, 0);
+        sqlite3TreeViewExprList(pView, pFarg, pWin!=0 || pExpr->pLeft, 0);
+        if( pExpr->pLeft ){
+          Expr *pOB = pExpr->pLeft;
+          assert( pOB->op==TK_ORDER );
+          assert( ExprUseXList(pOB) );
+          sqlite3TreeViewExprList(pView, pOB->x.pList, pWin!=0, "ORDERBY");
+        }
       }
 #ifndef SQLITE_OMIT_WINDOWFUNC
       if( pWin ){
@@ -32304,6 +32836,10 @@ SQLITE_PRIVATE void sqlite3TreeViewExpr(TreeView *pView, const Expr *pExpr, u8 m
 #endif
       break;
     }
+    case TK_ORDER: {
+      sqlite3TreeViewExprList(pView, pExpr->x.pList, 0, "ORDERBY");
+      break;
+    }
 #ifndef SQLITE_OMIT_SUBQUERY
     case TK_EXISTS: {
       assert( ExprUseXSelect(pExpr) );
@@ -33890,7 +34426,7 @@ SQLITE_PRIVATE void sqlite3UtfSelfTest(void){
 /*
 ** Calls to sqlite3FaultSim() are used to simulate a failure during testing,
 ** or to bypass normal error detection during testing in order to let
-** execute proceed futher downstream.
+** execute proceed further downstream.
 **
 ** In deployment, sqlite3FaultSim() *always* return SQLITE_OK (0).  The
 ** sqlite3FaultSim() function only returns non-zero during testing.
@@ -34007,6 +34543,23 @@ SQLITE_PRIVATE void sqlite3ErrorClear(sqlite3 *db){
 */
 SQLITE_PRIVATE void sqlite3SystemError(sqlite3 *db, int rc){
   if( rc==SQLITE_IOERR_NOMEM ) return;
+#ifdef SQLITE_USE_SEH
+  if( rc==SQLITE_IOERR_IN_PAGE ){
+    int ii;
+    int iErr;
+    sqlite3BtreeEnterAll(db);
+    for(ii=0; iinDb; ii++){
+      if( db->aDb[ii].pBt ){
+        iErr = sqlite3PagerWalSystemErrno(sqlite3BtreePager(db->aDb[ii].pBt));
+        if( iErr ){
+          db->iSysErrno = iErr;
+        }
+      }
+    }
+    sqlite3BtreeLeaveAll(db);
+    return;
+  }
+#endif
   rc &= 0xff;
   if( rc==SQLITE_CANTOPEN || rc==SQLITE_IOERR ){
     db->iSysErrno = sqlite3OsGetLastError(db->pVfs);
@@ -34051,12 +34604,16 @@ SQLITE_PRIVATE void sqlite3ProgressCheck(Parse *p){
     p->rc = SQLITE_INTERRUPT;
   }
 #ifndef SQLITE_OMIT_PROGRESS_CALLBACK
-  if( db->xProgress && (++p->nProgressSteps)>=db->nProgressOps ){
-    if( db->xProgress(db->pProgressArg) ){
-      p->nErr++;
-      p->rc = SQLITE_INTERRUPT;
+  if( db->xProgress ){
+    if( p->rc==SQLITE_INTERRUPT ){
+      p->nProgressSteps = 0;
+    }else if( (++p->nProgressSteps)>=db->nProgressOps ){
+      if( db->xProgress(db->pProgressArg) ){
+        p->nErr++;
+        p->rc = SQLITE_INTERRUPT;
+      }
+      p->nProgressSteps = 0;
     }
-    p->nProgressSteps = 0;
   }
 #endif
 }
@@ -34252,43 +34809,40 @@ SQLITE_PRIVATE u8 sqlite3StrIHash(const char *z){
   return h;
 }
 
-/*
-** Compute 10 to the E-th power.  Examples:  E==1 results in 10.
-** E==2 results in 100.  E==50 results in 1.0e50.
+/* Double-Double multiplication.  (x[0],x[1]) *= (y,yy)
 **
-** This routine only works for values of E between 1 and 341.
+** Reference:
+**   T. J. Dekker, "A Floating-Point Technique for Extending the
+**   Available Precision".  1971-07-26.
 */
-static LONGDOUBLE_TYPE sqlite3Pow10(int E){
-#if defined(_MSC_VER)
-  static const LONGDOUBLE_TYPE x[] = {
-    1.0e+001L,
-    1.0e+002L,
-    1.0e+004L,
-    1.0e+008L,
-    1.0e+016L,
-    1.0e+032L,
-    1.0e+064L,
-    1.0e+128L,
-    1.0e+256L
-  };
-  LONGDOUBLE_TYPE r = 1.0;
-  int i;
-  assert( E>=0 && E<=307 );
-  for(i=0; E!=0; i++, E >>=1){
-    if( E & 1 ) r *= x[i];
-  }
-  return r;
-#else
-  LONGDOUBLE_TYPE x = 10.0;
-  LONGDOUBLE_TYPE r = 1.0;
-  while(1){
-    if( E & 1 ) r *= x;
-    E >>= 1;
-    if( E==0 ) break;
-    x *= x;
-  }
-  return r;
-#endif
+static void dekkerMul2(volatile double *x, double y, double yy){
+  /*
+  ** The "volatile" keywords on parameter x[] and on local variables
+  ** below are needed force intermediate results to be truncated to
+  ** binary64 rather than be carried around in an extended-precision
+  ** format.  The truncation is necessary for the Dekker algorithm to
+  ** work.  Intel x86 floating point might omit the truncation without
+  ** the use of volatile.
+  */
+  volatile double tx, ty, p, q, c, cc;
+  double hx, hy;
+  u64 m;
+  memcpy(&m, (void*)&x[0], 8);
+  m &= 0xfffffffffc000000LL;
+  memcpy(&hx, &m, 8);
+  tx = x[0] - hx;
+  memcpy(&m, &y, 8);
+  m &= 0xfffffffffc000000LL;
+  memcpy(&hy, &m, 8);
+  ty = y - hy;
+  p = hx*hy;
+  q = hx*ty + tx*hy;
+  c = p+q;
+  cc = p - c + q + tx*ty;
+  cc = x[0]*yy + x[1]*y + cc;
+  x[0] = c + cc;
+  x[1] = c - x[0];
+  x[1] += cc;
 }
 
 /*
@@ -34329,12 +34883,11 @@ SQLITE_PRIVATE int sqlite3AtoF(const char *z, double *pResult, int length, u8 en
   const char *zEnd;
   /* sign * significand * (10 ^ (esign * exponent)) */
   int sign = 1;    /* sign of significand */
-  i64 s = 0;       /* significand */
+  u64 s = 0;       /* significand */
   int d = 0;       /* adjust exponent for shifting decimal point */
   int esign = 1;   /* sign of exponent */
   int e = 0;       /* exponent */
   int eValid = 1;  /* True exponent is either not used or is well-formed */
-  double result;
   int nDigit = 0;  /* Number of digits processed */
   int eType = 1;   /* 1: pure integer,  2+: fractional  -1 or less: bad UTF16 */
 
@@ -34374,7 +34927,7 @@ SQLITE_PRIVATE int sqlite3AtoF(const char *z, double *pResult, int length, u8 en
   while( z=((LARGEST_INT64-9)/10) ){
+    if( s>=((LARGEST_UINT64-9)/10) ){
       /* skip non-significant significand digits
       ** (increase exponent by d to shift decimal left) */
       while( z0 ){                                       /*OPTIMIZATION-IF-TRUE*/
-      if( esign>0 ){
-        if( s>=(LARGEST_INT64/10) ) break;             /*OPTIMIZATION-IF-FALSE*/
-        s *= 10;
-      }else{
-        if( s%10!=0 ) break;                           /*OPTIMIZATION-IF-FALSE*/
-        s /= 10;
-      }
-      e--;
-    }
+  /* adjust exponent by d, and update sign */
+  e = (e*esign) + d;
 
-    /* adjust the sign of significand */
-    s = sign<0 ? -s : s;
+  /* Try to adjust the exponent to make it smaller */
+  while( e>0 && s<(LARGEST_UINT64/10) ){
+    s *= 10;
+    e--;
+  }
+  while( e<0 && (s%10)==0 ){
+    s /= 10;
+    e++;
+  }
 
-    if( e==0 ){                                         /*OPTIMIZATION-IF-TRUE*/
-      result = (double)s;
+  if( e==0 ){
+    *pResult = s;
+  }else if( sqlite3Config.bUseLongDouble ){
+    LONGDOUBLE_TYPE r = (LONGDOUBLE_TYPE)s;
+    if( e>0 ){
+      while( e>=100  ){ e-=100; r *= 1.0e+100L; }
+      while( e>=10   ){ e-=10;  r *= 1.0e+10L;  }
+      while( e>=1    ){ e-=1;   r *= 1.0e+01L;  }
     }else{
-      /* attempt to handle extremely small/large numbers better */
-      if( e>307 ){                                      /*OPTIMIZATION-IF-TRUE*/
-        if( e<342 ){                                    /*OPTIMIZATION-IF-TRUE*/
-          LONGDOUBLE_TYPE scale = sqlite3Pow10(e-308);
-          if( esign<0 ){
-            result = s / scale;
-            result /= 1.0e+308;
-          }else{
-            result = s * scale;
-            result *= 1.0e+308;
-          }
-        }else{ assert( e>=342 );
-          if( esign<0 ){
-            result = 0.0*s;
-          }else{
+      while( e<=-100 ){ e+=100; r *= 1.0e-100L; }
+      while( e<=-10  ){ e+=10;  r *= 1.0e-10L;  }
+      while( e<=-1   ){ e+=1;   r *= 1.0e-01L;  }
+    }
+    assert( r>=0.0 );
+    if( r>+1.7976931348623157081452742373e+308L ){
 #ifdef INFINITY
-            result = INFINITY*s;
+      *pResult = +INFINITY;
 #else
-            result = 1e308*1e308*s;  /* Infinity */
+      *pResult = 1.0e308*10.0;
 #endif
-          }
-        }
-      }else{
-        LONGDOUBLE_TYPE scale = sqlite3Pow10(e);
-        if( esign<0 ){
-          result = s / scale;
-        }else{
-          result = s * scale;
-        }
+    }else{
+      *pResult = (double)r;
+    }
+  }else{
+    double rr[2];
+    u64 s2;
+    rr[0] = (double)s;
+    s2 = (u64)rr[0];
+    rr[1] = s>=s2 ? (double)(s - s2) : -(double)(s2 - s);
+    if( e>0 ){
+      while( e>=100  ){
+        e -= 100;
+        dekkerMul2(rr, 1.0e+100, -1.5902891109759918046e+83);
+      }
+      while( e>=10   ){
+        e -= 10;
+        dekkerMul2(rr, 1.0e+10, 0.0);
+      }
+      while( e>=1    ){
+        e -= 1;
+        dekkerMul2(rr, 1.0e+01, 0.0);
+      }
+    }else{
+      while( e<=-100 ){
+        e += 100;
+        dekkerMul2(rr, 1.0e-100, -1.99918998026028836196e-117);
+      }
+      while( e<=-10  ){
+        e += 10;
+        dekkerMul2(rr, 1.0e-10, -3.6432197315497741579e-27);
+      }
+      while( e<=-1   ){
+        e += 1;
+        dekkerMul2(rr, 1.0e-01, -5.5511151231257827021e-18);
       }
     }
+    *pResult = rr[0]+rr[1];
+    if( sqlite3IsNaN(*pResult) ) *pResult = 1e300*1e300;
   }
+  if( sign<0 ) *pResult = -*pResult;
+  assert( !sqlite3IsNaN(*pResult) );
 
-  /* store the result */
-  *pResult = result;
-
-  /* return true if number and no extra non-whitespace chracters after */
+atof_return:
+  /* return true if number and no extra non-whitespace characters after */
   if( z==zEnd && nDigit>0 && eValid && eType>0 ){
     return eType;
   }else if( eType>=2 && (eType==3 || eValid) && nDigit>0 ){
@@ -34637,7 +35200,7 @@ SQLITE_PRIVATE int sqlite3Atoi64(const char *zNum, i64 *pNum, int length, u8 enc
     /* This test and assignment is needed only to suppress UB warnings
     ** from clang and -fsanitize=undefined.  This test and assignment make
     ** the code a little larger and slower, and no harm comes from omitting
-    ** them, but we must appaise the undefined-behavior pharisees. */
+    ** them, but we must appease the undefined-behavior pharisees. */
     *pNum = neg ? SMALLEST_INT64 : LARGEST_INT64;
   }else if( neg ){
     *pNum = -(i64)u;
@@ -34715,7 +35278,9 @@ SQLITE_PRIVATE int sqlite3DecOrHexToI64(const char *z, i64 *pOut){
   }else
 #endif /* SQLITE_OMIT_HEX_INTEGER */
   {
-    return sqlite3Atoi64(z, pOut, sqlite3Strlen30(z), SQLITE_UTF8);
+    int n = (int)(0x3fffffff&strspn(z,"+- \n\t0123456789"));
+    if( z[n] ) n++;
+    return sqlite3Atoi64(z, pOut, n, SQLITE_UTF8);
   }
 }
 
@@ -34794,6 +35359,153 @@ SQLITE_PRIVATE int sqlite3Atoi(const char *z){
   return x;
 }
 
+/*
+** Decode a floating-point value into an approximate decimal
+** representation.
+**
+** Round the decimal representation to n significant digits if
+** n is positive.  Or round to -n signficant digits after the
+** decimal point if n is negative.  No rounding is performed if
+** n is zero.
+**
+** The significant digits of the decimal representation are
+** stored in p->z[] which is a often (but not always) a pointer
+** into the middle of p->zBuf[].  There are p->n significant digits.
+** The p->z[] array is *not* zero-terminated.
+*/
+SQLITE_PRIVATE void sqlite3FpDecode(FpDecode *p, double r, int iRound, int mxRound){
+  int i;
+  u64 v;
+  int e, exp = 0;
+  p->isSpecial = 0;
+  p->z = p->zBuf;
+
+  /* Convert negative numbers to positive.  Deal with Infinity, 0.0, and
+  ** NaN. */
+  if( r<0.0 ){
+    p->sign = '-';
+    r = -r;
+  }else if( r==0.0 ){
+    p->sign = '+';
+    p->n = 1;
+    p->iDP = 1;
+    p->z = "0";
+    return;
+  }else{
+    p->sign = '+';
+  }
+  memcpy(&v,&r,8);
+  e = v>>52;
+  if( (e&0x7ff)==0x7ff ){
+    p->isSpecial = 1 + (v!=0x7ff0000000000000LL);
+    p->n = 0;
+    p->iDP = 0;
+    return;
+  }
+
+  /* Multiply r by powers of ten until it lands somewhere in between
+  ** 1.0e+19 and 1.0e+17.
+  */
+  if( sqlite3Config.bUseLongDouble ){
+    LONGDOUBLE_TYPE rr = r;
+    if( rr>=1.0e+19 ){
+      while( rr>=1.0e+119L ){ exp+=100; rr *= 1.0e-100L; }
+      while( rr>=1.0e+29L  ){ exp+=10;  rr *= 1.0e-10L;  }
+      while( rr>=1.0e+19L  ){ exp++;    rr *= 1.0e-1L;   }
+    }else{
+      while( rr<1.0e-97L   ){ exp-=100; rr *= 1.0e+100L; }
+      while( rr<1.0e+07L   ){ exp-=10;  rr *= 1.0e+10L;  }
+      while( rr<1.0e+17L   ){ exp--;    rr *= 1.0e+1L;   }
+    }
+    v = (u64)rr;
+  }else{
+    /* If high-precision floating point is not available using "long double",
+    ** then use Dekker-style double-double computation to increase the
+    ** precision.
+    **
+    ** The error terms on constants like 1.0e+100 computed using the
+    ** decimal extension, for example as follows:
+    **
+    **   SELECT decimal_exp(decimal_sub('1.0e+100',decimal(1.0e+100)));
+    */
+    double rr[2];
+    rr[0] = r;
+    rr[1] = 0.0;
+    if( rr[0]>9.223372036854774784e+18 ){
+      while( rr[0]>9.223372036854774784e+118 ){
+        exp += 100;
+        dekkerMul2(rr, 1.0e-100, -1.99918998026028836196e-117);
+      }
+      while( rr[0]>9.223372036854774784e+28 ){
+        exp += 10;
+        dekkerMul2(rr, 1.0e-10, -3.6432197315497741579e-27);
+      }
+      while( rr[0]>9.223372036854774784e+18 ){
+        exp += 1;
+        dekkerMul2(rr, 1.0e-01, -5.5511151231257827021e-18);
+      }
+    }else{
+      while( rr[0]<9.223372036854774784e-83  ){
+        exp -= 100;
+        dekkerMul2(rr, 1.0e+100, -1.5902891109759918046e+83);
+      }
+      while( rr[0]<9.223372036854774784e+07  ){
+        exp -= 10;
+        dekkerMul2(rr, 1.0e+10, 0.0);
+      }
+      while( rr[0]<9.22337203685477478e+17  ){
+        exp -= 1;
+        dekkerMul2(rr, 1.0e+01, 0.0);
+      }
+    }
+    v = rr[1]<0.0 ? (u64)rr[0]-(u64)(-rr[1]) : (u64)rr[0]+(u64)rr[1];
+  }
+
+
+  /* Extract significant digits. */
+  i = sizeof(p->zBuf)-1;
+  assert( v>0 );
+  while( v ){  p->zBuf[i--] = (v%10) + '0'; v /= 10; }
+  assert( i>=0 && izBuf)-1 );
+  p->n = sizeof(p->zBuf) - 1 - i;
+  assert( p->n>0 );
+  assert( p->nzBuf) );
+  p->iDP = p->n + exp;
+  if( iRound<0 ){
+    iRound = p->iDP - iRound;
+    if( iRound==0 && p->zBuf[i+1]>='5' ){
+      iRound = 1;
+      p->zBuf[i--] = '0';
+      p->n++;
+      p->iDP++;
+    }
+  }
+  if( iRound>0 && (iRoundn || p->n>mxRound) ){
+    char *z = &p->zBuf[i+1];
+    if( iRound>mxRound ) iRound = mxRound;
+    p->n = iRound;
+    if( z[iRound]>='5' ){
+      int j = iRound-1;
+      while( 1 /*exit-by-break*/ ){
+        z[j]++;
+        if( z[j]<='9' ) break;
+        z[j] = '0';
+        if( j==0 ){
+          p->z[i--] = '1';
+          p->n++;
+          p->iDP++;
+          break;
+        }else{
+          j--;
+        }
+      }
+    }
+  }
+  p->z = &p->zBuf[i+1];
+  assert( i+p->n < sizeof(p->zBuf) );
+  while( ALWAYS(p->n>0) && p->z[p->n-1]=='0' ){ p->n--; }
+}
+
 /*
 ** Try to convert z into an unsigned 32-bit integer.  Return true on
 ** success and false if there is an error.
@@ -35057,121 +35769,32 @@ SQLITE_PRIVATE u8 sqlite3GetVarint(const unsigned char *p, u64 *v){
 ** this function assumes the single-byte case has already been handled.
 */
 SQLITE_PRIVATE u8 sqlite3GetVarint32(const unsigned char *p, u32 *v){
-  u32 a,b;
+  u64 v64;
+  u8 n;
 
-  /* The 1-byte case.  Overwhelmingly the most common.  Handled inline
-  ** by the getVarin32() macro */
-  a = *p;
-  /* a: p0 (unmasked) */
-#ifndef getVarint32
-  if (!(a&0x80))
-  {
-    /* Values between 0 and 127 */
-    *v = a;
-    return 1;
-  }
-#endif
+  /* Assume that the single-byte case has already been handled by
+  ** the getVarint32() macro */
+  assert( (p[0] & 0x80)!=0 );
 
-  /* The 2-byte case */
-  p++;
-  b = *p;
-  /* b: p1 (unmasked) */
-  if (!(b&0x80))
-  {
-    /* Values between 128 and 16383 */
-    a &= 0x7f;
-    a = a<<7;
-    *v = a | b;
+  if( (p[1] & 0x80)==0 ){
+    /* This is the two-byte case */
+    *v = ((p[0]&0x7f)<<7) | p[1];
     return 2;
   }
-
-  /* The 3-byte case */
-  p++;
-  a = a<<14;
-  a |= *p;
-  /* a: p0<<14 | p2 (unmasked) */
-  if (!(a&0x80))
-  {
-    /* Values between 16384 and 2097151 */
-    a &= (0x7f<<14)|(0x7f);
-    b &= 0x7f;
-    b = b<<7;
-    *v = a | b;
+  if( (p[2] & 0x80)==0 ){
+    /* This is the three-byte case */
+    *v = ((p[0]&0x7f)<<14) | ((p[1]&0x7f)<<7) | p[2];
     return 3;
   }
-
-  /* A 32-bit varint is used to store size information in btrees.
-  ** Objects are rarely larger than 2MiB limit of a 3-byte varint.
-  ** A 3-byte varint is sufficient, for example, to record the size
-  ** of a 1048569-byte BLOB or string.
-  **
-  ** We only unroll the first 1-, 2-, and 3- byte cases.  The very
-  ** rare larger cases can be handled by the slower 64-bit varint
-  ** routine.
-  */
-#if 1
-  {
-    u64 v64;
-    u8 n;
-
-    n = sqlite3GetVarint(p-2, &v64);
-    assert( n>3 && n<=9 );
-    if( (v64 & SQLITE_MAX_U32)!=v64 ){
-      *v = 0xffffffff;
-    }else{
-      *v = (u32)v64;
-    }
-    return n;
-  }
-
-#else
-  /* For following code (kept for historical record only) shows an
-  ** unrolling for the 3- and 4-byte varint cases.  This code is
-  ** slightly faster, but it is also larger and much harder to test.
-  */
-  p++;
-  b = b<<14;
-  b |= *p;
-  /* b: p1<<14 | p3 (unmasked) */
-  if (!(b&0x80))
-  {
-    /* Values between 2097152 and 268435455 */
-    b &= (0x7f<<14)|(0x7f);
-    a &= (0x7f<<14)|(0x7f);
-    a = a<<7;
-    *v = a | b;
-    return 4;
-  }
-
-  p++;
-  a = a<<14;
-  a |= *p;
-  /* a: p0<<28 | p2<<14 | p4 (unmasked) */
-  if (!(a&0x80))
-  {
-    /* Values  between 268435456 and 34359738367 */
-    a &= SLOT_4_2_0;
-    b &= SLOT_4_2_0;
-    b = b<<7;
-    *v = a | b;
-    return 5;
-  }
-
-  /* We can only reach this point when reading a corrupt database
-  ** file.  In that case we are not in any hurry.  Use the (relatively
-  ** slow) general-purpose sqlite3GetVarint() routine to extract the
-  ** value. */
-  {
-    u64 v64;
-    u8 n;
-
-    p -= 4;
-    n = sqlite3GetVarint(p, &v64);
-    assert( n>5 && n<=9 );
+  /* four or more bytes */
+  n = sqlite3GetVarint(p, &v64);
+  assert( n>3 && n<=9 );
+  if( (v64 & SQLITE_MAX_U32)!=v64 ){
+    *v = 0xffffffff;
+  }else{
     *v = (u32)v64;
-    return n;
   }
-#endif
+  return n;
 }
 
 /*
@@ -35322,7 +35945,7 @@ SQLITE_PRIVATE int sqlite3SafetyCheckSickOrOk(sqlite3 *db){
 }
 
 /*
-** Attempt to add, substract, or multiply the 64-bit signed value iB against
+** Attempt to add, subtract, or multiply the 64-bit signed value iB against
 ** the other 64-bit signed integer at *pA and store the result in *pA.
 ** Return 0 on success.  Or if the operation would have resulted in an
 ** overflow, leave *pA unchanged and return 1.
@@ -35635,7 +36258,7 @@ SQLITE_PRIVATE int sqlite3VListNameToNum(VList *pIn, const char *zName, int nNam
 #define SQLITE_HWTIME_H
 
 /*
-** The following routine only works on pentium-class (or newer) processors.
+** The following routine only works on Pentium-class (or newer) processors.
 ** It uses the RDTSC opcode to read the cycle count value out of the
 ** processor and returns that value.  This can be used for high-res
 ** profiling.
@@ -35807,7 +36430,7 @@ static void insertElement(
 }
 
 
-/* Resize the hash table so that it cantains "new_size" buckets.
+/* Resize the hash table so that it contains "new_size" buckets.
 **
 ** The hash table might fail to resize if sqlite3_malloc() fails or
 ** if the new size is the same as the prior size.
@@ -36167,19 +36790,20 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
     /* 171 */ "VCreate"          OpHelp(""),
     /* 172 */ "VDestroy"         OpHelp(""),
     /* 173 */ "VOpen"            OpHelp(""),
-    /* 174 */ "VInitIn"          OpHelp("r[P2]=ValueList(P1,P3)"),
-    /* 175 */ "VColumn"          OpHelp("r[P3]=vcolumn(P2)"),
-    /* 176 */ "VRename"          OpHelp(""),
-    /* 177 */ "Pagecount"        OpHelp(""),
-    /* 178 */ "MaxPgcnt"         OpHelp(""),
-    /* 179 */ "ClrSubtype"       OpHelp("r[P1].subtype = 0"),
-    /* 180 */ "FilterAdd"        OpHelp("filter(P1) += key(P3@P4)"),
-    /* 181 */ "Trace"            OpHelp(""),
-    /* 182 */ "CursorHint"       OpHelp(""),
-    /* 183 */ "ReleaseReg"       OpHelp("release r[P1@P2] mask P3"),
-    /* 184 */ "Noop"             OpHelp(""),
-    /* 185 */ "Explain"          OpHelp(""),
-    /* 186 */ "Abortable"        OpHelp(""),
+    /* 174 */ "VCheck"           OpHelp(""),
+    /* 175 */ "VInitIn"          OpHelp("r[P2]=ValueList(P1,P3)"),
+    /* 176 */ "VColumn"          OpHelp("r[P3]=vcolumn(P2)"),
+    /* 177 */ "VRename"          OpHelp(""),
+    /* 178 */ "Pagecount"        OpHelp(""),
+    /* 179 */ "MaxPgcnt"         OpHelp(""),
+    /* 180 */ "ClrSubtype"       OpHelp("r[P1].subtype = 0"),
+    /* 181 */ "FilterAdd"        OpHelp("filter(P1) += key(P3@P4)"),
+    /* 182 */ "Trace"            OpHelp(""),
+    /* 183 */ "CursorHint"       OpHelp(""),
+    /* 184 */ "ReleaseReg"       OpHelp("release r[P1@P2] mask P3"),
+    /* 185 */ "Noop"             OpHelp(""),
+    /* 186 */ "Explain"          OpHelp(""),
+    /* 187 */ "Abortable"        OpHelp(""),
   };
   return azName[i];
 }
@@ -37193,7 +37817,7 @@ SQLITE_PRIVATE int sqlite3KvvfsInit(void){
 ** This source file is organized into divisions where the logic for various
 ** subfunctions is contained within the appropriate division.  PLEASE
 ** KEEP THE STRUCTURE OF THIS FILE INTACT.  New code should be placed
-** in the correct division and should be clearly labeled.
+** in the correct division and should be clearly labelled.
 **
 ** The layout of divisions is as follows:
 **
@@ -37780,7 +38404,7 @@ static int robustFchown(int fd, uid_t uid, gid_t gid){
 
 /*
 ** This is the xSetSystemCall() method of sqlite3_vfs for all of the
-** "unix" VFSes.  Return SQLITE_OK opon successfully updating the
+** "unix" VFSes.  Return SQLITE_OK upon successfully updating the
 ** system call pointer, or SQLITE_NOTFOUND if there is no configurable
 ** system call named zName.
 */
@@ -38302,7 +38926,7 @@ static void vxworksReleaseFileId(struct vxworksFileId *pId){
 ** If you close a file descriptor that points to a file that has locks,
 ** all locks on that file that are owned by the current process are
 ** released.  To work around this problem, each unixInodeInfo object
-** maintains a count of the number of pending locks on tha inode.
+** maintains a count of the number of pending locks on the inode.
 ** When an attempt is made to close an unixFile, if there are
 ** other unixFile open on the same inode that are holding locks, the call
 ** to close() the file descriptor is deferred until all of the locks clear.
@@ -38316,7 +38940,7 @@ static void vxworksReleaseFileId(struct vxworksFileId *pId){
 ** not posix compliant.  Under LinuxThreads, a lock created by thread
 ** A cannot be modified or overridden by a different thread B.
 ** Only thread A can modify the lock.  Locking behavior is correct
-** if the appliation uses the newer Native Posix Thread Library (NPTL)
+** if the application uses the newer Native Posix Thread Library (NPTL)
 ** on linux - with NPTL a lock created by thread A can override locks
 ** in thread B.  But there is no way to know at compile-time which
 ** threading library is being used.  So there is no way to know at
@@ -38518,7 +39142,7 @@ static void storeLastErrno(unixFile *pFile, int error){
 }
 
 /*
-** Close all file descriptors accumuated in the unixInodeInfo->pUnused list.
+** Close all file descriptors accumulated in the unixInodeInfo->pUnused list.
 */
 static void closePendingFds(unixFile *pFile){
   unixInodeInfo *pInode = pFile->pInode;
@@ -38881,7 +39505,7 @@ static int unixLock(sqlite3_file *id, int eFileLock){
   ** slightly in order to be compatible with Windows95 systems simultaneously
   ** accessing the same database file, in case that is ever required.
   **
-  ** Symbols defined in os.h indentify the 'pending byte' and the 'reserved
+  ** Symbols defined in os.h identify the 'pending byte' and the 'reserved
   ** byte', each single bytes at well known offsets, and the 'shared byte
   ** range', a range of 510 bytes at a well known offset.
   **
@@ -38889,7 +39513,7 @@ static int unixLock(sqlite3_file *id, int eFileLock){
   ** byte'.  If this is successful, 'shared byte range' is read-locked
   ** and the lock on the 'pending byte' released.  (Legacy note:  When
   ** SQLite was first developed, Windows95 systems were still very common,
-  ** and Widnows95 lacks a shared-lock capability.  So on Windows95, a
+  ** and Windows95 lacks a shared-lock capability.  So on Windows95, a
   ** single randomly selected by from the 'shared byte range' is locked.
   ** Windows95 is now pretty much extinct, but this work-around for the
   ** lack of shared-locks on Windows95 lives on, for backwards
@@ -38910,7 +39534,7 @@ static int unixLock(sqlite3_file *id, int eFileLock){
   ** obtaining a write-lock on the 'pending byte'. This ensures that no new
   ** SHARED locks can be obtained, but existing SHARED locks are allowed to
   ** persist. If the call to this function fails to obtain the EXCLUSIVE
-  ** lock in this case, it holds the PENDING lock intead. The client may
+  ** lock in this case, it holds the PENDING lock instead. The client may
   ** then re-attempt the EXCLUSIVE lock later on, after existing SHARED
   ** locks have cleared.
   */
@@ -38938,7 +39562,7 @@ static int unixLock(sqlite3_file *id, int eFileLock){
 
   /* Make sure the locking sequence is correct.
   **  (1) We never move from unlocked to anything higher than shared lock.
-  **  (2) SQLite never explicitly requests a pendig lock.
+  **  (2) SQLite never explicitly requests a pending lock.
   **  (3) A shared lock is always held when a reserve lock is requested.
   */
   assert( pFile->eFileLock!=NO_LOCK || eFileLock==SHARED_LOCK );
@@ -40156,7 +40780,7 @@ static int afpLock(sqlite3_file *id, int eFileLock){
 
   /* Make sure the locking sequence is correct
   **  (1) We never move from unlocked to anything higher than shared lock.
-  **  (2) SQLite never explicitly requests a pendig lock.
+  **  (2) SQLite never explicitly requests a pending lock.
   **  (3) A shared lock is always held when a reserve lock is requested.
   */
   assert( pFile->eFileLock!=NO_LOCK || eFileLock==SHARED_LOCK );
@@ -40272,7 +40896,7 @@ static int afpLock(sqlite3_file *id, int eFileLock){
       if( !(failed = afpSetLock(context->dbPath, pFile, SHARED_FIRST +
                          pInode->sharedByte, 1, 0)) ){
         int failed2 = SQLITE_OK;
-        /* now attemmpt to get the exclusive lock range */
+        /* now attempt to get the exclusive lock range */
         failed = afpSetLock(context->dbPath, pFile, SHARED_FIRST,
                                SHARED_SIZE, 1);
         if( failed && (failed2 = afpSetLock(context->dbPath, pFile,
@@ -40321,9 +40945,6 @@ static int afpUnlock(sqlite3_file *id, int eFileLock) {
   unixInodeInfo *pInode;
   afpLockingContext *context = (afpLockingContext *) pFile->lockingContext;
   int skipShared = 0;
-#ifdef SQLITE_TEST
-  int h = pFile->h;
-#endif
 
   assert( pFile );
   OSTRACE(("UNLOCK  %d %d was %d(%d,%d) pid=%d (afp)\n", pFile->h, eFileLock,
@@ -40339,9 +40960,6 @@ static int afpUnlock(sqlite3_file *id, int eFileLock) {
   assert( pInode->nShared!=0 );
   if( pFile->eFileLock>SHARED_LOCK ){
     assert( pInode->eFileLock==pFile->eFileLock );
-    SimulateIOErrorBenign(1);
-    SimulateIOError( h=(-1) )
-    SimulateIOErrorBenign(0);
 
 #ifdef SQLITE_DEBUG
     /* When reducing a lock such that other processes can start
@@ -40390,9 +41008,6 @@ static int afpUnlock(sqlite3_file *id, int eFileLock) {
     unsigned long long sharedLockByte = SHARED_FIRST+pInode->sharedByte;
     pInode->nShared--;
     if( pInode->nShared==0 ){
-      SimulateIOErrorBenign(1);
-      SimulateIOError( h=(-1) )
-      SimulateIOErrorBenign(0);
       if( !skipShared ){
         rc = afpSetLock(context->dbPath, pFile, sharedLockByte, 1, 0);
       }
@@ -40567,7 +41182,7 @@ static int unixRead(
 #endif
 
 #if SQLITE_MAX_MMAP_SIZE>0
-  /* Deal with as much of this read request as possible by transfering
+  /* Deal with as much of this read request as possible by transferring
   ** data from the memory mapping using memcpy().  */
   if( offsetmmapSize ){
     if( offset+amt <= pFile->mmapSize ){
@@ -40719,7 +41334,7 @@ static int unixWrite(
 #endif
 
 #if defined(SQLITE_MMAP_READWRITE) && SQLITE_MAX_MMAP_SIZE>0
-  /* Deal with as much of this write request as possible by transfering
+  /* Deal with as much of this write request as possible by transferring
   ** data from the memory mapping using memcpy().  */
   if( offsetmmapSize ){
     if( offset+amt <= pFile->mmapSize ){
@@ -40841,7 +41456,7 @@ static int full_fsync(int fd, int fullSync, int dataOnly){
   /* If we compiled with the SQLITE_NO_SYNC flag, then syncing is a
   ** no-op.  But go ahead and call fstat() to validate the file
   ** descriptor as we need a method to provoke a failure during
-  ** coverate testing.
+  ** coverage testing.
   */
 #ifdef SQLITE_NO_SYNC
   {
@@ -43886,12 +44501,17 @@ static int unixRandomness(sqlite3_vfs *NotUsed, int nBuf, char *zBuf){
 ** than the argument.
 */
 static int unixSleep(sqlite3_vfs *NotUsed, int microseconds){
-#if OS_VXWORKS || _POSIX_C_SOURCE >= 199309L
+#if !defined(HAVE_NANOSLEEP) || HAVE_NANOSLEEP+0
   struct timespec sp;
-
   sp.tv_sec = microseconds / 1000000;
   sp.tv_nsec = (microseconds % 1000000) * 1000;
+
+  /* Almost all modern unix systems support nanosleep().  But if you are
+  ** compiling for one of the rare exceptions, you can use
+  ** -DHAVE_NANOSLEEP=0 (perhaps in conjuction with -DHAVE_USLEEP if
+  ** usleep() is available) in order to bypass the use of nanosleep() */
   nanosleep(&sp, NULL);
+
   UNUSED_PARAMETER(NotUsed);
   return microseconds;
 #elif defined(HAVE_USLEEP) && HAVE_USLEEP
@@ -46481,7 +47101,7 @@ static struct win_syscall {
 
 /*
 ** This is the xSetSystemCall() method of sqlite3_vfs for all of the
-** "win32" VFSes.  Return SQLITE_OK opon successfully updating the
+** "win32" VFSes.  Return SQLITE_OK upon successfully updating the
 ** system call pointer, or SQLITE_NOTFOUND if there is no configurable
 ** system call named zName.
 */
@@ -48061,7 +48681,7 @@ static int winRead(
            pFile->h, pBuf, amt, offset, pFile->locktype));
 
 #if SQLITE_MAX_MMAP_SIZE>0
-  /* Deal with as much of this read request as possible by transfering
+  /* Deal with as much of this read request as possible by transferring
   ** data from the memory mapping using memcpy().  */
   if( offsetmmapSize ){
     if( offset+amt <= pFile->mmapSize ){
@@ -48139,7 +48759,7 @@ static int winWrite(
            pFile->h, pBuf, amt, offset, pFile->locktype));
 
 #if defined(SQLITE_MMAP_READWRITE) && SQLITE_MAX_MMAP_SIZE>0
-  /* Deal with as much of this write request as possible by transfering
+  /* Deal with as much of this write request as possible by transferring
   ** data from the memory mapping using memcpy().  */
   if( offsetmmapSize ){
     if( offset+amt <= pFile->mmapSize ){
@@ -48249,7 +48869,7 @@ static int winTruncate(sqlite3_file *id, sqlite3_int64 nByte){
     ** all references to memory-mapped content are closed.  That is doable,
     ** but involves adding a few branches in the common write code path which
     ** could slow down normal operations slightly.  Hence, we have decided for
-    ** now to simply make trancations a no-op if there are pending reads.  We
+    ** now to simply make transactions a no-op if there are pending reads.  We
     ** can maybe revisit this decision in the future.
     */
     return SQLITE_OK;
@@ -48308,7 +48928,7 @@ static int winTruncate(sqlite3_file *id, sqlite3_int64 nByte){
 #ifdef SQLITE_TEST
 /*
 ** Count the number of fullsyncs and normal syncs.  This is used to test
-** that syncs and fullsyncs are occuring at the right times.
+** that syncs and fullsyncs are occurring at the right times.
 */
 SQLITE_API int sqlite3_sync_count = 0;
 SQLITE_API int sqlite3_fullsync_count = 0;
@@ -48665,7 +49285,7 @@ static int winLock(sqlite3_file *id, int locktype){
   */
   if( locktype==EXCLUSIVE_LOCK && res ){
     assert( pFile->locktype>=SHARED_LOCK );
-    res = winUnlockReadLock(pFile);
+    (void)winUnlockReadLock(pFile);
     res = winLockFile(&pFile->h, SQLITE_LOCKFILE_FLAGS, SHARED_FIRST, 0,
                       SHARED_SIZE, 0);
     if( res ){
@@ -50069,6 +50689,7 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
     "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
     "0123456789";
   size_t i, j;
+  DWORD pid;
   int nPre = sqlite3Strlen30(SQLITE_TEMP_FILE_PREFIX);
   int nMax, nBuf, nDir, nLen;
   char *zBuf;
@@ -50281,7 +50902,10 @@ static int winGetTempname(sqlite3_vfs *pVfs, char **pzBuf){
 
   j = sqlite3Strlen30(zBuf);
   sqlite3_randomness(15, &zBuf[j]);
+  pid = osGetCurrentProcessId();
   for(i=0; i<15; i++, j++){
+    zBuf[j] += pid & 0xff;
+    pid >>= 8;
     zBuf[j] = (char)zChars[ ((unsigned char)zBuf[j])%(sizeof(zChars)-1) ];
   }
   zBuf[j] = 0;
@@ -52646,7 +53270,7 @@ SQLITE_PRIVATE int sqlite3BitvecSet(Bitvec *p, u32 i){
   h = BITVEC_HASH(i++);
   /* if there wasn't a hash collision, and this doesn't */
   /* completely fill the hash, then just add it without */
-  /* worring about sub-dividing and re-hashing. */
+  /* worrying about sub-dividing and re-hashing. */
   if( !p->u.aHash[h] ){
     if (p->nSet<(BITVEC_NINT-1)) {
       goto bitvec_set_end;
@@ -52979,7 +53603,7 @@ struct PCache {
 ** Return 1 if pPg is on the dirty list for pCache.  Return 0 if not.
 ** This routine runs inside of assert() statements only.
 */
-#ifdef SQLITE_DEBUG
+#if defined(SQLITE_ENABLE_EXPENSIVE_ASSERT)
 static int pageOnDirtyList(PCache *pCache, PgHdr *pPg){
   PgHdr *p;
   for(p=pCache->pDirty; p; p=p->pDirtyNext){
@@ -52987,6 +53611,16 @@ static int pageOnDirtyList(PCache *pCache, PgHdr *pPg){
   }
   return 0;
 }
+static int pageNotOnDirtyList(PCache *pCache, PgHdr *pPg){
+  PgHdr *p;
+  for(p=pCache->pDirty; p; p=p->pDirtyNext){
+    if( p==pPg ) return 0;
+  }
+  return 1;
+}
+#else
+# define pageOnDirtyList(A,B)    1
+# define pageNotOnDirtyList(A,B) 1
 #endif
 
 /*
@@ -53007,7 +53641,7 @@ SQLITE_PRIVATE int sqlite3PcachePageSanity(PgHdr *pPg){
   assert( pCache!=0 );      /* Every page has an associated PCache */
   if( pPg->flags & PGHDR_CLEAN ){
     assert( (pPg->flags & PGHDR_DIRTY)==0 );/* Cannot be both CLEAN and DIRTY */
-    assert( !pageOnDirtyList(pCache, pPg) );/* CLEAN pages not on dirty list */
+    assert( pageNotOnDirtyList(pCache, pPg) );/* CLEAN pages not on dirtylist */
   }else{
     assert( (pPg->flags & PGHDR_DIRTY)!=0 );/* If not CLEAN must be DIRTY */
     assert( pPg->pDirtyNext==0 || pPg->pDirtyNext->pDirtyPrev==pPg );
@@ -53143,7 +53777,7 @@ static int numberOfCachePages(PCache *p){
     return p->szCache;
   }else{
     i64 n;
-    /* IMPLEMANTATION-OF: R-59858-46238 If the argument N is negative, then the
+    /* IMPLEMENTATION-OF: R-59858-46238 If the argument N is negative, then the
     ** number of cache pages is adjusted to be a number of pages that would
     ** use approximately abs(N*1024) bytes of memory based on the current
     ** page size. */
@@ -53631,7 +54265,7 @@ static PgHdr *pcacheMergeDirtyList(PgHdr *pA, PgHdr *pB){
 }
 
 /*
-** Sort the list of pages in accending order by pgno.  Pages are
+** Sort the list of pages in ascending order by pgno.  Pages are
 ** connected by pDirty pointers.  The pDirtyPrev pointers are
 ** corrupted by this sort.
 **
@@ -53871,7 +54505,7 @@ SQLITE_PRIVATE void sqlite3PcacheIterateDirty(PCache *pCache, void (*xIter)(PgHd
 ** If N is positive, then N pages worth of memory are allocated using a single
 ** sqlite3Malloc() call and that memory is used for the first N pages allocated.
 ** Or if N is negative, then -1024*N bytes of memory are allocated and used
-** for as many pages as can be accomodated.
+** for as many pages as can be accommodated.
 **
 ** Only one of (2) or (3) can be used.  Once the memory available to (2) or
 ** (3) is exhausted, subsequent allocations fail over to the general-purpose
@@ -53905,7 +54539,7 @@ typedef struct PGroup PGroup;
 ** in memory directly after the associated page data, if the database is
 ** corrupt, code at the b-tree layer may overread the page buffer and
 ** read part of this structure before the corruption is detected. This
-** can cause a valgrind error if the unitialized gap is accessed. Using u16
+** can cause a valgrind error if the uninitialized gap is accessed. Using u16
 ** ensures there is no such gap, and therefore no bytes of uninitialized
 ** memory in the structure.
 **
@@ -55125,7 +55759,7 @@ SQLITE_PRIVATE void sqlite3PcacheStats(
 ** The TEST primitive includes a "batch" number.  The TEST primitive
 ** will only see elements that were inserted before the last change
 ** in the batch number.  In other words, if an INSERT occurs between
-** two TESTs where the TESTs have the same batch nubmer, then the
+** two TESTs where the TESTs have the same batch number, then the
 ** value added by the INSERT will not be visible to the second TEST.
 ** The initial batch number is zero, so if the very first TEST contains
 ** a non-zero batch number, it will see all prior INSERTs.
@@ -55657,6 +56291,7 @@ SQLITE_PRIVATE int sqlite3RowSetTest(RowSet *pRowSet, int iBatch, sqlite3_int64
 # define sqlite3WalFramesize(z)                  0
 # define sqlite3WalFindFrame(x,y,z)              0
 # define sqlite3WalFile(x)                       0
+# undef SQLITE_USE_SEH
 #else
 
 #define WAL_SAVEPOINT_NDATA 4
@@ -55763,6 +56398,10 @@ SQLITE_PRIVATE int sqlite3WalWriteLock(Wal *pWal, int bLock);
 SQLITE_PRIVATE void sqlite3WalDb(Wal *pWal, sqlite3 *db);
 #endif
 
+#ifdef SQLITE_USE_SEH
+SQLITE_PRIVATE int sqlite3WalSystemErrno(Wal*);
+#endif
+
 #endif /* ifndef SQLITE_OMIT_WAL */
 #endif /* SQLITE_WAL_H */
 
@@ -56048,7 +56687,7 @@ int sqlite3PagerTrace=1;  /* True to enable tracing */
 **    outstanding transactions have been abandoned, the pager is able to
 **    transition back to OPEN state, discarding the contents of the
 **    page-cache and any other in-memory state at the same time. Everything
-**    is reloaded from disk (and, if necessary, hot-journal rollback peformed)
+**    is reloaded from disk (and, if necessary, hot-journal rollback performed)
 **    when a read-transaction is next opened on the pager (transitioning
 **    the pager into READER state). At that point the system has recovered
 **    from the error.
@@ -57239,9 +57878,32 @@ static int writeJournalHdr(Pager *pPager){
     memset(zHeader, 0, sizeof(aJournalMagic)+4);
   }
 
+
+
   /* The random check-hash initializer */
-  sqlite3_randomness(sizeof(pPager->cksumInit), &pPager->cksumInit);
+  if( pPager->journalMode!=PAGER_JOURNALMODE_MEMORY ){
+    sqlite3_randomness(sizeof(pPager->cksumInit), &pPager->cksumInit);
+  }
+#ifdef SQLITE_DEBUG
+  else{
+    /* The Pager.cksumInit variable is usually randomized above to protect
+    ** against there being existing records in the journal file. This is
+    ** dangerous, as following a crash they may be mistaken for records
+    ** written by the current transaction and rolled back into the database
+    ** file, causing corruption. The following assert statements verify
+    ** that this is not required in "journal_mode=memory" mode, as in that
+    ** case the journal file is always 0 bytes in size at this point.
+    ** It is advantageous to avoid the sqlite3_randomness() call if possible
+    ** as it takes the global PRNG mutex.  */
+    i64 sz = 0;
+    sqlite3OsFileSize(pPager->jfd, &sz);
+    assert( sz==0 );
+    assert( pPager->journalOff==journalHdrOffset(pPager) );
+    assert( sqlite3JournalIsInMemory(pPager->jfd) );
+  }
+#endif
   put32bits(&zHeader[sizeof(aJournalMagic)+4], pPager->cksumInit);
+
   /* The initial database size */
   put32bits(&zHeader[sizeof(aJournalMagic)+8], pPager->dbOrigSize);
   /* The assumed sector size for this process */
@@ -57421,7 +58083,7 @@ static int readJournalHdr(
 **   + 4 bytes: super-journal name checksum.
 **   + 8 bytes: aJournalMagic[].
 **
-** The super-journal page checksum is the sum of the bytes in thesuper-journal
+** The super-journal page checksum is the sum of the bytes in the super-journal
 ** name, where each byte is interpreted as a signed 8-bit integer.
 **
 ** If zSuper is a NULL pointer (occurs for a single database transaction),
@@ -57474,7 +58136,7 @@ static int writeSuperJournal(Pager *pPager, const char *zSuper){
   }
   pPager->journalOff += (nSuper+20);
 
-  /* If the pager is in peristent-journal mode, then the physical
+  /* If the pager is in persistent-journal mode, then the physical
   ** journal-file may extend past the end of the super-journal name
   ** and 8 bytes of magic data just written to the file. This is
   ** dangerous because the code to rollback a hot-journal file
@@ -57644,7 +58306,7 @@ static void pager_unlock(Pager *pPager){
 
 /*
 ** This function is called whenever an IOERR or FULL error that requires
-** the pager to transition into the ERROR state may ahve occurred.
+** the pager to transition into the ERROR state may have occurred.
 ** The first argument is a pointer to the pager structure, the second
 ** the error-code about to be returned by a pager API function. The
 ** value returned is a copy of the second argument to this function.
@@ -57885,6 +58547,9 @@ static int pager_end_transaction(Pager *pPager, int hasSuper, int bCommit){
   return (rc==SQLITE_OK?rc2:rc);
 }
 
+/* Forward reference */
+static int pager_playback(Pager *pPager, int isHot);
+
 /*
 ** Execute a rollback if a transaction is active and unlock the
 ** database file.
@@ -57913,13 +58578,28 @@ static void pagerUnlockAndRollback(Pager *pPager){
       assert( pPager->eState==PAGER_READER );
       pager_end_transaction(pPager, 0, 0);
     }
+  }else if( pPager->eState==PAGER_ERROR
+         && pPager->journalMode==PAGER_JOURNALMODE_MEMORY
+         && isOpen(pPager->jfd)
+  ){
+    /* Special case for a ROLLBACK due to I/O error with an in-memory
+    ** journal:  We have to rollback immediately, before the journal is
+    ** closed, because once it is closed, all content is forgotten. */
+    int errCode = pPager->errCode;
+    u8 eLock = pPager->eLock;
+    pPager->eState = PAGER_OPEN;
+    pPager->errCode = SQLITE_OK;
+    pPager->eLock = EXCLUSIVE_LOCK;
+    pager_playback(pPager, 1);
+    pPager->errCode = errCode;
+    pPager->eLock = eLock;
   }
   pager_unlock(pPager);
 }
 
 /*
 ** Parameter aData must point to a buffer of pPager->pageSize bytes
-** of data. Compute and return a checksum based ont the contents of the
+** of data. Compute and return a checksum based on the contents of the
 ** page of data and the current value of pPager->cksumInit.
 **
 ** This is not a real checksum. It is really just the sum of the
@@ -58885,7 +59565,7 @@ static int pagerWalFrames(
   assert( pPager->pWal );
   assert( pList );
 #ifdef SQLITE_DEBUG
-  /* Verify that the page list is in accending order */
+  /* Verify that the page list is in ascending order */
   for(p=pList; p && p->pDirty; p=p->pDirty){
     assert( p->pgno < p->pDirty->pgno );
   }
@@ -59016,7 +59696,7 @@ static int pagerPagecount(Pager *pPager, Pgno *pnPage){
 #ifndef SQLITE_OMIT_WAL
 /*
 ** Check if the *-wal file that corresponds to the database opened by pPager
-** exists if the database is not empy, or verify that the *-wal file does
+** exists if the database is not empty, or verify that the *-wal file does
 ** not exist (by deleting it) if the database file is empty.
 **
 ** If the database is not empty and the *-wal file exists, open the pager
@@ -60426,11 +61106,7 @@ SQLITE_PRIVATE int sqlite3PagerOpen(
   int rc = SQLITE_OK;      /* Return code */
   int tempFile = 0;        /* True for temp files (incl. in-memory files) */
   int memDb = 0;           /* True if this is an in-memory file */
-#ifndef SQLITE_OMIT_DESERIALIZE
   int memJM = 0;           /* Memory journal mode */
-#else
-# define memJM 0
-#endif
   int readOnly = 0;        /* True if this is a read-only file */
   int journalFileSize;     /* Bytes to allocate for each journal fd */
   char *zPathname = 0;     /* Full path to database file */
@@ -60549,12 +61225,13 @@ SQLITE_PRIVATE int sqlite3PagerOpen(
   ** specific formatting and order of the various filenames, so if the format
   ** changes here, be sure to change it there as well.
   */
+  assert( SQLITE_PTRSIZE==sizeof(Pager*) );
   pPtr = (u8 *)sqlite3MallocZero(
     ROUND8(sizeof(*pPager)) +            /* Pager structure */
     ROUND8(pcacheSize) +                 /* PCache object */
     ROUND8(pVfs->szOsFile) +             /* The main db file */
     journalFileSize * 2 +                /* The two journal files */
-    sizeof(pPager) +                     /* Space to hold a pointer */
+    SQLITE_PTRSIZE +                     /* Space to hold a pointer */
     4 +                                  /* Database prefix */
     nPathname + 1 +                      /* database filename */
     nUriByte +                           /* query parameters */
@@ -60575,7 +61252,7 @@ SQLITE_PRIVATE int sqlite3PagerOpen(
   pPager->sjfd = (sqlite3_file*)pPtr;     pPtr += journalFileSize;
   pPager->jfd =  (sqlite3_file*)pPtr;     pPtr += journalFileSize;
   assert( EIGHT_BYTE_ALIGNMENT(pPager->jfd) );
-  memcpy(pPtr, &pPager, sizeof(pPager));  pPtr += sizeof(pPager);
+  memcpy(pPtr, &pPager, SQLITE_PTRSIZE);  pPtr += SQLITE_PTRSIZE;
 
   /* Fill in the Pager.zFilename and pPager.zQueryParam fields */
                                           pPtr += 4;  /* Skip zero prefix */
@@ -60629,9 +61306,7 @@ SQLITE_PRIVATE int sqlite3PagerOpen(
     int fout = 0;                    /* VFS flags returned by xOpen() */
     rc = sqlite3OsOpen(pVfs, pPager->zFilename, pPager->fd, vfsFlags, &fout);
     assert( !memDb );
-#ifndef SQLITE_OMIT_DESERIALIZE
     pPager->memVfs = memJM = (fout&SQLITE_OPEN_MEMORY)!=0;
-#endif
     readOnly = (fout&SQLITE_OPEN_READONLY)!=0;
 
     /* If the file was successfully opened for read/write access,
@@ -60768,7 +61443,7 @@ SQLITE_PRIVATE int sqlite3PagerOpen(
 
 /*
 ** Return the sqlite3_file for the main database given the name
-** of the corresonding WAL or Journal name as passed into
+** of the corresponding WAL or Journal name as passed into
 ** xOpen.
 */
 SQLITE_API sqlite3_file *sqlite3_database_file_object(const char *zName){
@@ -61410,8 +62085,20 @@ SQLITE_PRIVATE int sqlite3PagerGet(
   DbPage **ppPage,    /* Write a pointer to the page here */
   int flags           /* PAGER_GET_XXX flags */
 ){
-  /* printf("PAGE %u\n", pgno); fflush(stdout); */
+#if 0   /* Trace page fetch by setting to 1 */
+  int rc;
+  printf("PAGE %u\n", pgno);
+  fflush(stdout);
+  rc = pPager->xGet(pPager, pgno, ppPage, flags);
+  if( rc ){
+    printf("PAGE %u failed with 0x%02x\n", pgno, rc);
+    fflush(stdout);
+  }
+  return rc;
+#else
+  /* Normal, high-speed version of sqlite3PagerGet() */
   return pPager->xGet(pPager, pgno, ppPage, flags);
+#endif
 }
 
 /*
@@ -62287,6 +62974,13 @@ SQLITE_PRIVATE int sqlite3PagerCommitPhaseOne(
         rc = sqlite3OsFileControl(fd, SQLITE_FCNTL_BEGIN_ATOMIC_WRITE, 0);
         if( rc==SQLITE_OK ){
           rc = pager_write_pagelist(pPager, pList);
+          if( rc==SQLITE_OK && pPager->dbSize>pPager->dbFileSize ){
+            char *pTmp = pPager->pTmpSpace;
+            int szPage = (int)pPager->pageSize;
+            memset(pTmp, 0, szPage);
+            rc = sqlite3OsWrite(pPager->fd, pTmp, szPage,
+                      ((i64)pPager->dbSize*pPager->pageSize)-szPage);
+          }
           if( rc==SQLITE_OK ){
             rc = sqlite3OsFileControl(fd, SQLITE_FCNTL_COMMIT_ATOMIC_WRITE, 0);
           }
@@ -63053,7 +63747,7 @@ SQLITE_PRIVATE int sqlite3PagerSetJournalMode(Pager *pPager, int eMode){
     assert( pPager->eState!=PAGER_ERROR );
     pPager->journalMode = (u8)eMode;
 
-    /* When transistioning from TRUNCATE or PERSIST to any other journal
+    /* When transitioning from TRUNCATE or PERSIST to any other journal
     ** mode except WAL, unless the pager is in locking_mode=exclusive mode,
     ** delete the journal file.
     */
@@ -63098,7 +63792,7 @@ SQLITE_PRIVATE int sqlite3PagerSetJournalMode(Pager *pPager, int eMode){
         }
         assert( state==pPager->eState );
       }
-    }else if( eMode==PAGER_JOURNALMODE_OFF ){
+    }else if( eMode==PAGER_JOURNALMODE_OFF || eMode==PAGER_JOURNALMODE_MEMORY ){
       sqlite3OsClose(pPager->jfd);
     }
   }
@@ -63481,6 +64175,12 @@ SQLITE_PRIVATE int sqlite3PagerWalFramesize(Pager *pPager){
 }
 #endif
 
+#ifdef SQLITE_USE_SEH
+SQLITE_PRIVATE int sqlite3PagerWalSystemErrno(Pager *pPager){
+  return sqlite3WalSystemErrno(pPager->pWal);
+}
+#endif
+
 #endif /* SQLITE_OMIT_DISKIO */
 
 /************** End of pager.c ***********************************************/
@@ -63771,7 +64471,7 @@ SQLITE_PRIVATE int sqlite3WalTrace = 0;
 **
 ** Technically, the various VFSes are free to implement these locks however
 ** they see fit.  However, compatibility is encouraged so that VFSes can
-** interoperate.  The standard implemention used on both unix and windows
+** interoperate.  The standard implementation used on both unix and windows
 ** is for the index number to indicate a byte offset into the
 ** WalCkptInfo.aLock[] array in the wal-index header.  In other words, all
 ** locks are on the shm file.  The WALINDEX_LOCK_OFFSET constant (which
@@ -63847,7 +64547,7 @@ struct WalIndexHdr {
 ** the mxFrame for that reader.  The value READMARK_NOT_USED (0xffffffff)
 ** for any aReadMark[] means that entry is unused.  aReadMark[0] is
 ** a special case; its value is never used and it exists as a place-holder
-** to avoid having to offset aReadMark[] indexs by one.  Readers holding
+** to avoid having to offset aReadMark[] indexes by one.  Readers holding
 ** WAL_READ_LOCK(0) always ignore the entire WAL and read all content
 ** directly from the database.
 **
@@ -64015,7 +64715,15 @@ struct Wal {
   u32 iReCksum;              /* On commit, recalculate checksums from here */
   const char *zWalName;      /* Name of WAL file */
   u32 nCkpt;                 /* Checkpoint sequence counter in the wal-header */
+#ifdef SQLITE_USE_SEH
+  u32 lockMask;              /* Mask of locks held */
+  void *pFree;               /* Pointer to sqlite3_free() if exception thrown */
+  u32 *pWiValue;             /* Value to write into apWiData[iWiPg] */
+  int iWiPg;                 /* Write pWiValue into apWiData[iWiPg] */
+  int iSysErrno;             /* System error code following exception */
+#endif
 #ifdef SQLITE_DEBUG
+  int nSehTry;               /* Number of nested SEH_TRY{} blocks */
   u8 lockError;              /* True if a locking error has occurred */
 #endif
 #ifdef SQLITE_ENABLE_SNAPSHOT
@@ -64097,6 +64805,113 @@ struct WalIterator {
     sizeof(ht_slot)*HASHTABLE_NSLOT + HASHTABLE_NPAGE*sizeof(u32) \
 )
 
+/*
+** Structured Exception Handling (SEH) is a Windows-specific technique
+** for catching exceptions raised while accessing memory-mapped files.
+**
+** The -DSQLITE_USE_SEH compile-time option means to use SEH to catch and
+** deal with system-level errors that arise during WAL -shm file processing.
+** Without this compile-time option, any system-level faults that appear
+** while accessing the memory-mapped -shm file will cause a process-wide
+** signal to be deliver, which will more than likely cause the entire
+** process to exit.
+*/
+#ifdef SQLITE_USE_SEH
+#include 
+
+/* Beginning of a block of code in which an exception might occur */
+# define SEH_TRY    __try { \
+   assert( walAssertLockmask(pWal) && pWal->nSehTry==0 ); \
+   VVA_ONLY(pWal->nSehTry++);
+
+/* The end of a block of code in which an exception might occur */
+# define SEH_EXCEPT(X) \
+   VVA_ONLY(pWal->nSehTry--); \
+   assert( pWal->nSehTry==0 ); \
+   } __except( sehExceptionFilter(pWal, GetExceptionCode(), GetExceptionInformation() ) ){ X }
+
+/* Simulate a memory-mapping fault in the -shm file for testing purposes */
+# define SEH_INJECT_FAULT sehInjectFault(pWal)
+
+/*
+** The second argument is the return value of GetExceptionCode() for the
+** current exception. Return EXCEPTION_EXECUTE_HANDLER if the exception code
+** indicates that the exception may have been caused by accessing the *-shm
+** file mapping. Or EXCEPTION_CONTINUE_SEARCH otherwise.
+*/
+static int sehExceptionFilter(Wal *pWal, int eCode, EXCEPTION_POINTERS *p){
+  VVA_ONLY(pWal->nSehTry--);
+  if( eCode==EXCEPTION_IN_PAGE_ERROR ){
+    if( p && p->ExceptionRecord && p->ExceptionRecord->NumberParameters>=3 ){
+      /* From MSDN: For this type of exception, the first element of the
+      ** ExceptionInformation[] array is a read-write flag - 0 if the exception
+      ** was thrown while reading, 1 if while writing. The second element is
+      ** the virtual address being accessed. The "third array element specifies
+      ** the underlying NTSTATUS code that resulted in the exception". */
+      pWal->iSysErrno = (int)p->ExceptionRecord->ExceptionInformation[2];
+    }
+    return EXCEPTION_EXECUTE_HANDLER;
+  }
+  return EXCEPTION_CONTINUE_SEARCH;
+}
+
+/*
+** If one is configured, invoke the xTestCallback callback with 650 as
+** the argument. If it returns true, throw the same exception that is
+** thrown by the system if the *-shm file mapping is accessed after it
+** has been invalidated.
+*/
+static void sehInjectFault(Wal *pWal){
+  int res;
+  assert( pWal->nSehTry>0 );
+
+  res = sqlite3FaultSim(650);
+  if( res!=0 ){
+    ULONG_PTR aArg[3];
+    aArg[0] = 0;
+    aArg[1] = 0;
+    aArg[2] = (ULONG_PTR)res;
+    RaiseException(EXCEPTION_IN_PAGE_ERROR, 0, 3, (const ULONG_PTR*)aArg);
+  }
+}
+
+/*
+** There are two ways to use this macro. To set a pointer to be freed
+** if an exception is thrown:
+**
+**   SEH_FREE_ON_ERROR(0, pPtr);
+**
+** and to cancel the same:
+**
+**   SEH_FREE_ON_ERROR(pPtr, 0);
+**
+** In the first case, there must not already be a pointer registered to
+** be freed. In the second case, pPtr must be the registered pointer.
+*/
+#define SEH_FREE_ON_ERROR(X,Y) \
+  assert( (X==0 || Y==0) && pWal->pFree==X ); pWal->pFree = Y
+
+/*
+** There are two ways to use this macro. To arrange for pWal->apWiData[iPg]
+** to be set to pValue if an exception is thrown:
+**
+**   SEH_SET_ON_ERROR(iPg, pValue);
+**
+** and to cancel the same:
+**
+**   SEH_SET_ON_ERROR(0, 0);
+*/
+#define SEH_SET_ON_ERROR(X,Y)  pWal->iWiPg = X; pWal->pWiValue = Y
+
+#else
+# define SEH_TRY          VVA_ONLY(pWal->nSehTry++);
+# define SEH_EXCEPT(X)    VVA_ONLY(pWal->nSehTry--); assert( pWal->nSehTry==0 );
+# define SEH_INJECT_FAULT assert( pWal->nSehTry>0 );
+# define SEH_FREE_ON_ERROR(X,Y)
+# define SEH_SET_ON_ERROR(X,Y)
+#endif /* ifdef SQLITE_USE_SEH */
+
+
 /*
 ** Obtain a pointer to the iPage'th page of the wal-index. The wal-index
 ** is broken into pages of WALINDEX_PGSZ bytes. Wal-index pages are
@@ -64169,6 +64984,7 @@ static int walIndexPage(
   int iPage,               /* The page we seek */
   volatile u32 **ppPage    /* Write the page pointer here */
 ){
+  SEH_INJECT_FAULT;
   if( pWal->nWiData<=iPage || (*ppPage = pWal->apWiData[iPage])==0 ){
     return walIndexPageRealloc(pWal, iPage, ppPage);
   }
@@ -64180,6 +64996,7 @@ static int walIndexPage(
 */
 static volatile WalCkptInfo *walCkptInfo(Wal *pWal){
   assert( pWal->nWiData>0 && pWal->apWiData[0] );
+  SEH_INJECT_FAULT;
   return (volatile WalCkptInfo*)&(pWal->apWiData[0][sizeof(WalIndexHdr)/2]);
 }
 
@@ -64188,6 +65005,7 @@ static volatile WalCkptInfo *walCkptInfo(Wal *pWal){
 */
 static volatile WalIndexHdr *walIndexHdr(Wal *pWal){
   assert( pWal->nWiData>0 && pWal->apWiData[0] );
+  SEH_INJECT_FAULT;
   return (volatile WalIndexHdr*)pWal->apWiData[0];
 }
 
@@ -64377,7 +65195,7 @@ static int walDecodeFrame(
     return 0;
   }
 
-  /* A frame is only valid if the page number is creater than zero.
+  /* A frame is only valid if the page number is greater than zero.
   */
   pgno = sqlite3Get4byte(&aFrame[0]);
   if( pgno==0 ){
@@ -64385,7 +65203,7 @@ static int walDecodeFrame(
   }
 
   /* A frame is only valid if a checksum of the WAL header,
-  ** all prior frams, the first 16 bytes of this frame-header,
+  ** all prior frames, the first 16 bytes of this frame-header,
   ** and the frame-data matches the checksum in the last 8
   ** bytes of this frame-header.
   */
@@ -64445,12 +65263,18 @@ static int walLockShared(Wal *pWal, int lockIdx){
   WALTRACE(("WAL%p: acquire SHARED-%s %s\n", pWal,
             walLockName(lockIdx), rc ? "failed" : "ok"));
   VVA_ONLY( pWal->lockError = (u8)(rc!=SQLITE_OK && (rc&0xFF)!=SQLITE_BUSY); )
+#ifdef SQLITE_USE_SEH
+  if( rc==SQLITE_OK ) pWal->lockMask |= (1 << lockIdx);
+#endif
   return rc;
 }
 static void walUnlockShared(Wal *pWal, int lockIdx){
   if( pWal->exclusiveMode ) return;
   (void)sqlite3OsShmLock(pWal->pDbFd, lockIdx, 1,
                          SQLITE_SHM_UNLOCK | SQLITE_SHM_SHARED);
+#ifdef SQLITE_USE_SEH
+  pWal->lockMask &= ~(1 << lockIdx);
+#endif
   WALTRACE(("WAL%p: release SHARED-%s\n", pWal, walLockName(lockIdx)));
 }
 static int walLockExclusive(Wal *pWal, int lockIdx, int n){
@@ -64461,12 +65285,20 @@ static int walLockExclusive(Wal *pWal, int lockIdx, int n){
   WALTRACE(("WAL%p: acquire EXCLUSIVE-%s cnt=%d %s\n", pWal,
             walLockName(lockIdx), n, rc ? "failed" : "ok"));
   VVA_ONLY( pWal->lockError = (u8)(rc!=SQLITE_OK && (rc&0xFF)!=SQLITE_BUSY); )
+#ifdef SQLITE_USE_SEH
+  if( rc==SQLITE_OK ){
+    pWal->lockMask |= (((1<exclusiveMode ) return;
   (void)sqlite3OsShmLock(pWal->pDbFd, lockIdx, n,
                          SQLITE_SHM_UNLOCK | SQLITE_SHM_EXCLUSIVE);
+#ifdef SQLITE_USE_SEH
+  pWal->lockMask &= ~(((1<apWiData[0][WALINDEX_HDR_SIZE/sizeof(u32) + iFrame - 1];
   }
@@ -64817,6 +65650,7 @@ static int walIndexRecover(Wal *pWal){
     /* Malloc a buffer to read frames into. */
     szFrame = szPage + WAL_FRAME_HDRSIZE;
     aFrame = (u8 *)sqlite3_malloc64(szFrame + WALINDEX_PGSZ);
+    SEH_FREE_ON_ERROR(0, aFrame);
     if( !aFrame ){
       rc = SQLITE_NOMEM_BKPT;
       goto recovery_error;
@@ -64835,6 +65669,7 @@ static int walIndexRecover(Wal *pWal){
       rc = walIndexPage(pWal, iPg, (volatile u32**)&aShare);
       assert( aShare!=0 || rc!=SQLITE_OK );
       if( aShare==0 ) break;
+      SEH_SET_ON_ERROR(iPg, aShare);
       pWal->apWiData[iPg] = aPrivate;
 
       for(iFrame=iFirst; iFrame<=iLast; iFrame++){
@@ -64862,6 +65697,7 @@ static int walIndexRecover(Wal *pWal){
         }
       }
       pWal->apWiData[iPg] = aShare;
+      SEH_SET_ON_ERROR(0,0);
       nHdr = (iPg==0 ? WALINDEX_HDR_SIZE : 0);
       nHdr32 = nHdr / sizeof(u32);
 #ifndef SQLITE_SAFER_WALINDEX_RECOVERY
@@ -64892,9 +65728,11 @@ static int walIndexRecover(Wal *pWal){
         }
       }
 #endif
+      SEH_INJECT_FAULT;
       if( iFrame<=iLast ) break;
     }
 
+    SEH_FREE_ON_ERROR(aFrame, 0);
     sqlite3_free(aFrame);
   }
 
@@ -64922,6 +65760,7 @@ static int walIndexRecover(Wal *pWal){
         }else{
           pInfo->aReadMark[i] = READMARK_NOT_USED;
         }
+        SEH_INJECT_FAULT;
         walUnlockExclusive(pWal, WAL_READ_LOCK(i), 1);
       }else if( rc!=SQLITE_BUSY ){
         goto recovery_error;
@@ -65079,7 +65918,7 @@ SQLITE_PRIVATE int sqlite3WalOpen(
 }
 
 /*
-** Change the size to which the WAL file is trucated on each reset.
+** Change the size to which the WAL file is truncated on each reset.
 */
 SQLITE_PRIVATE void sqlite3WalLimit(Wal *pWal, i64 iLimit){
   if( pWal ) pWal->mxWalSize = iLimit;
@@ -65305,23 +66144,16 @@ static int walIteratorInit(Wal *pWal, u32 nBackfill, WalIterator **pp){
   nByte = sizeof(WalIterator)
         + (nSegment-1)*sizeof(struct WalSegment)
         + iLast*sizeof(ht_slot);
-  p = (WalIterator *)sqlite3_malloc64(nByte);
+  p = (WalIterator *)sqlite3_malloc64(nByte
+      + sizeof(ht_slot) * (iLast>HASHTABLE_NPAGE?HASHTABLE_NPAGE:iLast)
+  );
   if( !p ){
     return SQLITE_NOMEM_BKPT;
   }
   memset(p, 0, nByte);
   p->nSegment = nSegment;
-
-  /* Allocate temporary space used by the merge-sort routine. This block
-  ** of memory will be freed before this function returns.
-  */
-  aTmp = (ht_slot *)sqlite3_malloc64(
-      sizeof(ht_slot) * (iLast>HASHTABLE_NPAGE?HASHTABLE_NPAGE:iLast)
-  );
-  if( !aTmp ){
-    rc = SQLITE_NOMEM_BKPT;
-  }
-
+  aTmp = (ht_slot*)&(((u8*)p)[nByte]);
+  SEH_FREE_ON_ERROR(0, p);
   for(i=walFramePage(nBackfill+1); rc==SQLITE_OK && iaSegment[i].aPgno = (u32 *)sLoc.aPgno;
     }
   }
-  sqlite3_free(aTmp);
-
   if( rc!=SQLITE_OK ){
+    SEH_FREE_ON_ERROR(p, 0);
     walIteratorFree(p);
     p = 0;
   }
@@ -65577,13 +66408,13 @@ static int walCheckpoint(
     mxSafeFrame = pWal->hdr.mxFrame;
     mxPage = pWal->hdr.nPage;
     for(i=1; iaReadMark+i);
+      u32 y = AtomicLoad(pInfo->aReadMark+i); SEH_INJECT_FAULT;
       if( mxSafeFrame>y ){
         assert( y<=pWal->hdr.mxFrame );
         rc = walBusyLock(pWal, xBusy, pBusyArg, WAL_READ_LOCK(i), 1);
         if( rc==SQLITE_OK ){
           u32 iMark = (i==1 ? mxSafeFrame : READMARK_NOT_USED);
-          AtomicStore(pInfo->aReadMark+i, iMark);
+          AtomicStore(pInfo->aReadMark+i, iMark); SEH_INJECT_FAULT;
           walUnlockExclusive(pWal, WAL_READ_LOCK(i), 1);
         }else if( rc==SQLITE_BUSY ){
           mxSafeFrame = y;
@@ -65604,8 +66435,7 @@ static int walCheckpoint(
      && (rc = walBusyLock(pWal,xBusy,pBusyArg,WAL_READ_LOCK(0),1))==SQLITE_OK
     ){
       u32 nBackfill = pInfo->nBackfill;
-
-      pInfo->nBackfillAttempted = mxSafeFrame;
+      pInfo->nBackfillAttempted = mxSafeFrame; SEH_INJECT_FAULT;
 
       /* Sync the WAL to disk */
       rc = sqlite3OsSync(pWal->pWalFd, CKPT_SYNC_FLAGS(sync_flags));
@@ -65636,6 +66466,7 @@ static int walCheckpoint(
       while( rc==SQLITE_OK && 0==walIteratorNext(pIter, &iDbpage, &iFrame) ){
         i64 iOffset;
         assert( walFramePgno(pWal, iFrame)==iDbpage );
+        SEH_INJECT_FAULT;
         if( AtomicLoad(&db->u1.isInterrupted) ){
           rc = db->mallocFailed ? SQLITE_NOMEM_BKPT : SQLITE_INTERRUPT;
           break;
@@ -65665,7 +66496,7 @@ static int walCheckpoint(
           }
         }
         if( rc==SQLITE_OK ){
-          AtomicStore(&pInfo->nBackfill, mxSafeFrame);
+          AtomicStore(&pInfo->nBackfill, mxSafeFrame); SEH_INJECT_FAULT;
         }
       }
 
@@ -65687,6 +66518,7 @@ static int walCheckpoint(
   */
   if( rc==SQLITE_OK && eMode!=SQLITE_CHECKPOINT_PASSIVE ){
     assert( pWal->writeLock );
+    SEH_INJECT_FAULT;
     if( pInfo->nBackfillhdr.mxFrame ){
       rc = SQLITE_BUSY;
     }else if( eMode>=SQLITE_CHECKPOINT_RESTART ){
@@ -65718,6 +66550,7 @@ static int walCheckpoint(
   }
 
  walcheckpoint_out:
+  SEH_FREE_ON_ERROR(pIter, 0);
   walIteratorFree(pIter);
   return rc;
 }
@@ -65740,6 +66573,93 @@ static void walLimitSize(Wal *pWal, i64 nMax){
   }
 }
 
+#ifdef SQLITE_USE_SEH
+/*
+** This is the "standard" exception handler used in a few places to handle
+** an exception thrown by reading from the *-shm mapping after it has become
+** invalid in SQLITE_USE_SEH builds. It is used as follows:
+**
+**   SEH_TRY { ... }
+**   SEH_EXCEPT( rc = walHandleException(pWal); )
+**
+** This function does three things:
+**
+**   1) Determines the locks that should be held, based on the contents of
+**      the Wal.readLock, Wal.writeLock and Wal.ckptLock variables. All other
+**      held locks are assumed to be transient locks that would have been
+**      released had the exception not been thrown and are dropped.
+**
+**   2) Frees the pointer at Wal.pFree, if any, using sqlite3_free().
+**
+**   3) Set pWal->apWiData[pWal->iWiPg] to pWal->pWiValue if not NULL
+**
+**   4) Returns SQLITE_IOERR.
+*/
+static int walHandleException(Wal *pWal){
+  if( pWal->exclusiveMode==0 ){
+    static const int S = 1;
+    static const int E = (1<lockMask & ~(
+        (pWal->readLock<0 ? 0 : (S << WAL_READ_LOCK(pWal->readLock)))
+        | (pWal->writeLock ? (E << WAL_WRITE_LOCK) : 0)
+        | (pWal->ckptLock ? (E << WAL_CKPT_LOCK) : 0)
+        );
+    for(ii=0; iipFree);
+  pWal->pFree = 0;
+  if( pWal->pWiValue ){
+    pWal->apWiData[pWal->iWiPg] = pWal->pWiValue;
+    pWal->pWiValue = 0;
+  }
+  return SQLITE_IOERR_IN_PAGE;
+}
+
+/*
+** Assert that the Wal.lockMask mask, which indicates the locks held
+** by the connenction, is consistent with the Wal.readLock, Wal.writeLock
+** and Wal.ckptLock variables. To be used as:
+**
+**   assert( walAssertLockmask(pWal) );
+*/
+static int walAssertLockmask(Wal *pWal){
+  if( pWal->exclusiveMode==0 ){
+    static const int S = 1;
+    static const int E = (1<readLock<0 ? 0 : (S << WAL_READ_LOCK(pWal->readLock)))
+      | (pWal->writeLock ? (E << WAL_WRITE_LOCK) : 0)
+      | (pWal->ckptLock ? (E << WAL_CKPT_LOCK) : 0)
+#ifdef SQLITE_ENABLE_SNAPSHOT
+      | (pWal->pSnapshot ? (pWal->lockMask & (1 << WAL_CKPT_LOCK)) : 0)
+#endif
+    );
+    assert( mExpect==pWal->lockMask );
+  }
+  return 1;
+}
+
+/*
+** Return and zero the "system error" field set when an
+** EXCEPTION_IN_PAGE_ERROR exception is caught.
+*/
+SQLITE_PRIVATE int sqlite3WalSystemErrno(Wal *pWal){
+  int iRet = 0;
+  if( pWal ){
+    iRet = pWal->iSysErrno;
+    pWal->iSysErrno = 0;
+  }
+  return iRet;
+}
+
+#else
+# define walAssertLockmask(x) 1
+#endif /* ifdef SQLITE_USE_SEH */
+
 /*
 ** Close a connection to a log file.
 */
@@ -65754,6 +66674,8 @@ SQLITE_PRIVATE int sqlite3WalClose(
   if( pWal ){
     int isDelete = 0;             /* True to unlink wal and wal-index files */
 
+    assert( walAssertLockmask(pWal) );
+
     /* If an EXCLUSIVE lock can be obtained on the database file (using the
     ** ordinary, rollback-mode locking methods, this guarantees that the
     ** connection associated with this log file is the only connection to
@@ -65778,7 +66700,7 @@ SQLITE_PRIVATE int sqlite3WalClose(
         );
         if( bPersist!=1 ){
           /* Try to delete the WAL file if the checkpoint completed and
-          ** fsyned (rc==SQLITE_OK) and if we are not in persistent-wal
+          ** fsynced (rc==SQLITE_OK) and if we are not in persistent-wal
           ** mode (!bPersist) */
           isDelete = 1;
         }else if( pWal->mxWalSize>=0 ){
@@ -65845,7 +66767,7 @@ static SQLITE_NO_TSAN int walIndexTryHdr(Wal *pWal, int *pChanged){
   ** give false-positive warnings about these accesses because the tools do not
   ** account for the double-read and the memory barrier. The use of mutexes
   ** here would be problematic as the memory being accessed is potentially
-  ** shared among multiple processes and not all mutex implementions work
+  ** shared among multiple processes and not all mutex implementations work
   ** reliably in that environment.
   */
   aHdr = walIndexHdr(pWal);
@@ -66296,6 +67218,7 @@ static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int cnt){
   assert( pWal->nWiData>0 );
   assert( pWal->apWiData[0]!=0 );
   pInfo = walCkptInfo(pWal);
+  SEH_INJECT_FAULT;
   if( !useWal && AtomicLoad(&pInfo->nBackfill)==pWal->hdr.mxFrame
 #ifdef SQLITE_ENABLE_SNAPSHOT
    && (pWal->pSnapshot==0 || pWal->hdr.mxFrame==0)
@@ -66345,7 +67268,7 @@ static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int cnt){
   }
 #endif
   for(i=1; iaReadMark+i);
+    u32 thisMark = AtomicLoad(pInfo->aReadMark+i); SEH_INJECT_FAULT;
     if( mxReadMark<=thisMark && thisMark<=mxFrame ){
       assert( thisMark!=READMARK_NOT_USED );
       mxReadMark = thisMark;
@@ -66411,7 +67334,7 @@ static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int cnt){
   ** we can guarantee that the checkpointer that set nBackfill could not
   ** see any pages past pWal->hdr.mxFrame, this problem does not come up.
   */
-  pWal->minFrame = AtomicLoad(&pInfo->nBackfill)+1;
+  pWal->minFrame = AtomicLoad(&pInfo->nBackfill)+1; SEH_INJECT_FAULT;
   walShmBarrier(pWal);
   if( AtomicLoad(pInfo->aReadMark+mxI)!=mxReadMark
    || memcmp((void *)walIndexHdr(pWal), &pWal->hdr, sizeof(WalIndexHdr))
@@ -66426,6 +67349,54 @@ static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int cnt){
 }
 
 #ifdef SQLITE_ENABLE_SNAPSHOT
+/*
+** This function does the work of sqlite3WalSnapshotRecover().
+*/
+static int walSnapshotRecover(
+  Wal *pWal,                      /* WAL handle */
+  void *pBuf1,                    /* Temp buffer pWal->szPage bytes in size */
+  void *pBuf2                     /* Temp buffer pWal->szPage bytes in size */
+){
+  int szPage = (int)pWal->szPage;
+  int rc;
+  i64 szDb;                       /* Size of db file in bytes */
+
+  rc = sqlite3OsFileSize(pWal->pDbFd, &szDb);
+  if( rc==SQLITE_OK ){
+    volatile WalCkptInfo *pInfo = walCkptInfo(pWal);
+    u32 i = pInfo->nBackfillAttempted;
+    for(i=pInfo->nBackfillAttempted; i>AtomicLoad(&pInfo->nBackfill); i--){
+      WalHashLoc sLoc;          /* Hash table location */
+      u32 pgno;                 /* Page number in db file */
+      i64 iDbOff;               /* Offset of db file entry */
+      i64 iWalOff;              /* Offset of wal file entry */
+
+      rc = walHashGet(pWal, walFramePage(i), &sLoc);
+      if( rc!=SQLITE_OK ) break;
+      assert( i - sLoc.iZero - 1 >=0 );
+      pgno = sLoc.aPgno[i-sLoc.iZero-1];
+      iDbOff = (i64)(pgno-1) * szPage;
+
+      if( iDbOff+szPage<=szDb ){
+        iWalOff = walFrameOffset(i, szPage) + WAL_FRAME_HDRSIZE;
+        rc = sqlite3OsRead(pWal->pWalFd, pBuf1, szPage, iWalOff);
+
+        if( rc==SQLITE_OK ){
+          rc = sqlite3OsRead(pWal->pDbFd, pBuf2, szPage, iDbOff);
+        }
+
+        if( rc!=SQLITE_OK || 0==memcmp(pBuf1, pBuf2, szPage) ){
+          break;
+        }
+      }
+
+      pInfo->nBackfillAttempted = i-1;
+    }
+  }
+
+  return rc;
+}
+
 /*
 ** Attempt to reduce the value of the WalCkptInfo.nBackfillAttempted
 ** variable so that older snapshots can be accessed. To do this, loop
@@ -66451,50 +67422,21 @@ SQLITE_PRIVATE int sqlite3WalSnapshotRecover(Wal *pWal){
   assert( pWal->readLock>=0 );
   rc = walLockExclusive(pWal, WAL_CKPT_LOCK, 1);
   if( rc==SQLITE_OK ){
-    volatile WalCkptInfo *pInfo = walCkptInfo(pWal);
-    int szPage = (int)pWal->szPage;
-    i64 szDb;                   /* Size of db file in bytes */
-
-    rc = sqlite3OsFileSize(pWal->pDbFd, &szDb);
-    if( rc==SQLITE_OK ){
-      void *pBuf1 = sqlite3_malloc(szPage);
-      void *pBuf2 = sqlite3_malloc(szPage);
-      if( pBuf1==0 || pBuf2==0 ){
-        rc = SQLITE_NOMEM;
-      }else{
-        u32 i = pInfo->nBackfillAttempted;
-        for(i=pInfo->nBackfillAttempted; i>AtomicLoad(&pInfo->nBackfill); i--){
-          WalHashLoc sLoc;          /* Hash table location */
-          u32 pgno;                 /* Page number in db file */
-          i64 iDbOff;               /* Offset of db file entry */
-          i64 iWalOff;              /* Offset of wal file entry */
-
-          rc = walHashGet(pWal, walFramePage(i), &sLoc);
-          if( rc!=SQLITE_OK ) break;
-          assert( i - sLoc.iZero - 1 >=0 );
-          pgno = sLoc.aPgno[i-sLoc.iZero-1];
-          iDbOff = (i64)(pgno-1) * szPage;
-
-          if( iDbOff+szPage<=szDb ){
-            iWalOff = walFrameOffset(i, szPage) + WAL_FRAME_HDRSIZE;
-            rc = sqlite3OsRead(pWal->pWalFd, pBuf1, szPage, iWalOff);
-
-            if( rc==SQLITE_OK ){
-              rc = sqlite3OsRead(pWal->pDbFd, pBuf2, szPage, iDbOff);
-            }
-
-            if( rc!=SQLITE_OK || 0==memcmp(pBuf1, pBuf2, szPage) ){
-              break;
-            }
-          }
-
-          pInfo->nBackfillAttempted = i-1;
-        }
+    void *pBuf1 = sqlite3_malloc(pWal->szPage);
+    void *pBuf2 = sqlite3_malloc(pWal->szPage);
+    if( pBuf1==0 || pBuf2==0 ){
+      rc = SQLITE_NOMEM;
+    }else{
+      pWal->ckptLock = 1;
+      SEH_TRY {
+        rc = walSnapshotRecover(pWal, pBuf1, pBuf2);
       }
-
-      sqlite3_free(pBuf1);
-      sqlite3_free(pBuf2);
+      SEH_EXCEPT( rc = SQLITE_IOERR_IN_PAGE; )
+      pWal->ckptLock = 0;
     }
+
+    sqlite3_free(pBuf1);
+    sqlite3_free(pBuf2);
     walUnlockExclusive(pWal, WAL_CKPT_LOCK, 1);
   }
 
@@ -66503,28 +67445,20 @@ SQLITE_PRIVATE int sqlite3WalSnapshotRecover(Wal *pWal){
 #endif /* SQLITE_ENABLE_SNAPSHOT */
 
 /*
-** Begin a read transaction on the database.
-**
-** This routine used to be called sqlite3OpenSnapshot() and with good reason:
-** it takes a snapshot of the state of the WAL and wal-index for the current
-** instant in time.  The current thread will continue to use this snapshot.
-** Other threads might append new content to the WAL and wal-index but
-** that extra content is ignored by the current thread.
-**
-** If the database contents have changes since the previous read
-** transaction, then *pChanged is set to 1 before returning.  The
-** Pager layer will use this to know that its cache is stale and
-** needs to be flushed.
+** This function does the work of sqlite3WalBeginReadTransaction() (see
+** below). That function simply calls this one inside an SEH_TRY{...} block.
 */
-SQLITE_PRIVATE int sqlite3WalBeginReadTransaction(Wal *pWal, int *pChanged){
+static int walBeginReadTransaction(Wal *pWal, int *pChanged){
   int rc;                         /* Return code */
   int cnt = 0;                    /* Number of TryBeginRead attempts */
 #ifdef SQLITE_ENABLE_SNAPSHOT
+  int ckptLock = 0;
   int bChanged = 0;
   WalIndexHdr *pSnapshot = pWal->pSnapshot;
 #endif
 
   assert( pWal->ckptLock==0 );
+  assert( pWal->nSehTry>0 );
 
 #ifdef SQLITE_ENABLE_SNAPSHOT
   if( pSnapshot ){
@@ -66547,7 +67481,7 @@ SQLITE_PRIVATE int sqlite3WalBeginReadTransaction(Wal *pWal, int *pChanged){
     if( rc!=SQLITE_OK ){
       return rc;
     }
-    pWal->ckptLock = 1;
+    ckptLock = 1;
   }
 #endif
 
@@ -66611,15 +67545,37 @@ SQLITE_PRIVATE int sqlite3WalBeginReadTransaction(Wal *pWal, int *pChanged){
   }
 
   /* Release the shared CKPT lock obtained above. */
-  if( pWal->ckptLock ){
+  if( ckptLock ){
     assert( pSnapshot );
     walUnlockShared(pWal, WAL_CKPT_LOCK);
-    pWal->ckptLock = 0;
   }
 #endif
   return rc;
 }
 
+/*
+** Begin a read transaction on the database.
+**
+** This routine used to be called sqlite3OpenSnapshot() and with good reason:
+** it takes a snapshot of the state of the WAL and wal-index for the current
+** instant in time.  The current thread will continue to use this snapshot.
+** Other threads might append new content to the WAL and wal-index but
+** that extra content is ignored by the current thread.
+**
+** If the database contents have changes since the previous read
+** transaction, then *pChanged is set to 1 before returning.  The
+** Pager layer will use this to know that its cache is stale and
+** needs to be flushed.
+*/
+SQLITE_PRIVATE int sqlite3WalBeginReadTransaction(Wal *pWal, int *pChanged){
+  int rc;
+  SEH_TRY {
+    rc = walBeginReadTransaction(pWal, pChanged);
+  }
+  SEH_EXCEPT( rc = walHandleException(pWal); )
+  return rc;
+}
+
 /*
 ** Finish with a read transaction.  All this does is release the
 ** read-lock.
@@ -66640,7 +67596,7 @@ SQLITE_PRIVATE void sqlite3WalEndReadTransaction(Wal *pWal){
 ** Return SQLITE_OK if successful, or an error code if an error occurs. If an
 ** error does occur, the final value of *piRead is undefined.
 */
-SQLITE_PRIVATE int sqlite3WalFindFrame(
+static int walFindFrame(
   Wal *pWal,                      /* WAL handle */
   Pgno pgno,                      /* Database page number to read data for */
   u32 *piRead                     /* OUT: Frame number (or zero) */
@@ -66703,6 +67659,7 @@ SQLITE_PRIVATE int sqlite3WalFindFrame(
     }
     nCollide = HASHTABLE_NSLOT;
     iKey = walHash(pgno);
+    SEH_INJECT_FAULT;
     while( (iH = AtomicLoad(&sLoc.aHash[iKey]))!=0 ){
       u32 iFrame = iH + sLoc.iZero;
       if( iFrame<=iLast && iFrame>=pWal->minFrame && sLoc.aPgno[iH-1]==pgno ){
@@ -66739,6 +67696,30 @@ SQLITE_PRIVATE int sqlite3WalFindFrame(
   return SQLITE_OK;
 }
 
+/*
+** Search the wal file for page pgno. If found, set *piRead to the frame that
+** contains the page. Otherwise, if pgno is not in the wal file, set *piRead
+** to zero.
+**
+** Return SQLITE_OK if successful, or an error code if an error occurs. If an
+** error does occur, the final value of *piRead is undefined.
+**
+** The difference between this function and walFindFrame() is that this
+** function wraps walFindFrame() in an SEH_TRY{...} block.
+*/
+SQLITE_PRIVATE int sqlite3WalFindFrame(
+  Wal *pWal,                      /* WAL handle */
+  Pgno pgno,                      /* Database page number to read data for */
+  u32 *piRead                     /* OUT: Frame number (or zero) */
+){
+  int rc;
+  SEH_TRY {
+    rc = walFindFrame(pWal, pgno, piRead);
+  }
+  SEH_EXCEPT( rc = SQLITE_IOERR_IN_PAGE; )
+  return rc;
+}
+
 /*
 ** Read the contents of frame iRead from the wal file into buffer pOut
 ** (which is nOut bytes in size). Return SQLITE_OK if successful, or an
@@ -66820,12 +67801,17 @@ SQLITE_PRIVATE int sqlite3WalBeginWriteTransaction(Wal *pWal){
   ** time the read transaction on this connection was started, then
   ** the write is disallowed.
   */
-  if( memcmp(&pWal->hdr, (void *)walIndexHdr(pWal), sizeof(WalIndexHdr))!=0 ){
+  SEH_TRY {
+    if( memcmp(&pWal->hdr, (void *)walIndexHdr(pWal), sizeof(WalIndexHdr))!=0 ){
+      rc = SQLITE_BUSY_SNAPSHOT;
+    }
+  }
+  SEH_EXCEPT( rc = SQLITE_IOERR_IN_PAGE; )
+
+  if( rc!=SQLITE_OK ){
     walUnlockExclusive(pWal, WAL_WRITE_LOCK, 1);
     pWal->writeLock = 0;
-    rc = SQLITE_BUSY_SNAPSHOT;
   }
-
   return rc;
 }
 
@@ -66861,30 +67847,33 @@ SQLITE_PRIVATE int sqlite3WalUndo(Wal *pWal, int (*xUndo)(void *, Pgno), void *p
     Pgno iMax = pWal->hdr.mxFrame;
     Pgno iFrame;
 
-    /* Restore the clients cache of the wal-index header to the state it
-    ** was in before the client began writing to the database.
-    */
-    memcpy(&pWal->hdr, (void *)walIndexHdr(pWal), sizeof(WalIndexHdr));
-
-    for(iFrame=pWal->hdr.mxFrame+1;
-        ALWAYS(rc==SQLITE_OK) && iFrame<=iMax;
-        iFrame++
-    ){
-      /* This call cannot fail. Unless the page for which the page number
-      ** is passed as the second argument is (a) in the cache and
-      ** (b) has an outstanding reference, then xUndo is either a no-op
-      ** (if (a) is false) or simply expels the page from the cache (if (b)
-      ** is false).
-      **
-      ** If the upper layer is doing a rollback, it is guaranteed that there
-      ** are no outstanding references to any page other than page 1. And
-      ** page 1 is never written to the log until the transaction is
-      ** committed. As a result, the call to xUndo may not fail.
+    SEH_TRY {
+      /* Restore the clients cache of the wal-index header to the state it
+      ** was in before the client began writing to the database.
       */
-      assert( walFramePgno(pWal, iFrame)!=1 );
-      rc = xUndo(pUndoCtx, walFramePgno(pWal, iFrame));
+      memcpy(&pWal->hdr, (void *)walIndexHdr(pWal), sizeof(WalIndexHdr));
+
+      for(iFrame=pWal->hdr.mxFrame+1;
+          ALWAYS(rc==SQLITE_OK) && iFrame<=iMax;
+          iFrame++
+      ){
+        /* This call cannot fail. Unless the page for which the page number
+        ** is passed as the second argument is (a) in the cache and
+        ** (b) has an outstanding reference, then xUndo is either a no-op
+        ** (if (a) is false) or simply expels the page from the cache (if (b)
+        ** is false).
+        **
+        ** If the upper layer is doing a rollback, it is guaranteed that there
+        ** are no outstanding references to any page other than page 1. And
+        ** page 1 is never written to the log until the transaction is
+        ** committed. As a result, the call to xUndo may not fail.
+        */
+        assert( walFramePgno(pWal, iFrame)!=1 );
+        rc = xUndo(pUndoCtx, walFramePgno(pWal, iFrame));
+      }
+      if( iMax!=pWal->hdr.mxFrame ) walCleanupHash(pWal);
     }
-    if( iMax!=pWal->hdr.mxFrame ) walCleanupHash(pWal);
+    SEH_EXCEPT( rc = SQLITE_IOERR_IN_PAGE; )
   }
   return rc;
 }
@@ -66928,7 +67917,10 @@ SQLITE_PRIVATE int sqlite3WalSavepointUndo(Wal *pWal, u32 *aWalData){
     pWal->hdr.mxFrame = aWalData[0];
     pWal->hdr.aFrameCksum[0] = aWalData[1];
     pWal->hdr.aFrameCksum[1] = aWalData[2];
-    walCleanupHash(pWal);
+    SEH_TRY {
+      walCleanupHash(pWal);
+    }
+    SEH_EXCEPT( rc = SQLITE_IOERR_IN_PAGE; )
   }
 
   return rc;
@@ -67109,7 +68101,7 @@ static int walRewriteChecksums(Wal *pWal, u32 iLast){
 ** Write a set of frames to the log. The caller must hold the write-lock
 ** on the log file (obtained using sqlite3WalBeginWriteTransaction()).
 */
-SQLITE_PRIVATE int sqlite3WalFrames(
+static int walFrames(
   Wal *pWal,                      /* Wal handle to write to */
   int szPage,                     /* Database page-size in bytes */
   PgHdr *pList,                   /* List of dirty pages to write */
@@ -67220,7 +68212,7 @@ SQLITE_PRIVATE int sqlite3WalFrames(
     ** checksums must be recomputed when the transaction is committed.  */
     if( iFirst && (p->pDirty || isCommit==0) ){
       u32 iWrite = 0;
-      VVA_ONLY(rc =) sqlite3WalFindFrame(pWal, p->pgno, &iWrite);
+      VVA_ONLY(rc =) walFindFrame(pWal, p->pgno, &iWrite);
       assert( rc==SQLITE_OK || iWrite==0 );
       if( iWrite>=iFirst ){
         i64 iOff = walFrameOffset(iWrite, szPage) + WAL_FRAME_HDRSIZE;
@@ -67339,6 +68331,29 @@ SQLITE_PRIVATE int sqlite3WalFrames(
   return rc;
 }
 
+/*
+** Write a set of frames to the log. The caller must hold the write-lock
+** on the log file (obtained using sqlite3WalBeginWriteTransaction()).
+**
+** The difference between this function and walFrames() is that this
+** function wraps walFrames() in an SEH_TRY{...} block.
+*/
+SQLITE_PRIVATE int sqlite3WalFrames(
+  Wal *pWal,                      /* Wal handle to write to */
+  int szPage,                     /* Database page-size in bytes */
+  PgHdr *pList,                   /* List of dirty pages to write */
+  Pgno nTruncate,                 /* Database size after this commit */
+  int isCommit,                   /* True if this is a commit */
+  int sync_flags                  /* Flags to pass to OsSync() (or 0) */
+){
+  int rc;
+  SEH_TRY {
+    rc = walFrames(pWal, szPage, pList, nTruncate, isCommit, sync_flags);
+  }
+  SEH_EXCEPT( rc = walHandleException(pWal); )
+  return rc;
+}
+
 /*
 ** This routine is called to implement sqlite3_wal_checkpoint() and
 ** related interfaces.
@@ -67418,30 +68433,33 @@ SQLITE_PRIVATE int sqlite3WalCheckpoint(
 
 
   /* Read the wal-index header. */
-  if( rc==SQLITE_OK ){
-    walDisableBlocking(pWal);
-    rc = walIndexReadHdr(pWal, &isChanged);
-    (void)walEnableBlocking(pWal);
-    if( isChanged && pWal->pDbFd->pMethods->iVersion>=3 ){
-      sqlite3OsUnfetch(pWal->pDbFd, 0, 0);
+  SEH_TRY {
+    if( rc==SQLITE_OK ){
+      walDisableBlocking(pWal);
+      rc = walIndexReadHdr(pWal, &isChanged);
+      (void)walEnableBlocking(pWal);
+      if( isChanged && pWal->pDbFd->pMethods->iVersion>=3 ){
+        sqlite3OsUnfetch(pWal->pDbFd, 0, 0);
+      }
     }
-  }
-
-  /* Copy data from the log to the database file. */
-  if( rc==SQLITE_OK ){
 
-    if( pWal->hdr.mxFrame && walPagesize(pWal)!=nBuf ){
-      rc = SQLITE_CORRUPT_BKPT;
-    }else{
-      rc = walCheckpoint(pWal, db, eMode2, xBusy2, pBusyArg, sync_flags, zBuf);
-    }
+    /* Copy data from the log to the database file. */
+    if( rc==SQLITE_OK ){
+      if( pWal->hdr.mxFrame && walPagesize(pWal)!=nBuf ){
+        rc = SQLITE_CORRUPT_BKPT;
+      }else{
+        rc = walCheckpoint(pWal, db, eMode2, xBusy2, pBusyArg, sync_flags,zBuf);
+      }
 
-    /* If no error occurred, set the output variables. */
-    if( rc==SQLITE_OK || rc==SQLITE_BUSY ){
-      if( pnLog ) *pnLog = (int)pWal->hdr.mxFrame;
-      if( pnCkpt ) *pnCkpt = (int)(walCkptInfo(pWal)->nBackfill);
+      /* If no error occurred, set the output variables. */
+      if( rc==SQLITE_OK || rc==SQLITE_BUSY ){
+        if( pnLog ) *pnLog = (int)pWal->hdr.mxFrame;
+        SEH_INJECT_FAULT;
+        if( pnCkpt ) *pnCkpt = (int)(walCkptInfo(pWal)->nBackfill);
+      }
     }
   }
+  SEH_EXCEPT( rc = walHandleException(pWal); )
 
   if( isChanged ){
     /* If a new wal-index header was loaded before the checkpoint was
@@ -67518,7 +68536,9 @@ SQLITE_PRIVATE int sqlite3WalExclusiveMode(Wal *pWal, int op){
   ** locks are taken in this case). Nor should the pager attempt to
   ** upgrade to exclusive-mode following such an error.
   */
+#ifndef SQLITE_USE_SEH
   assert( pWal->readLock>=0 || pWal->lockError );
+#endif
   assert( pWal->readLock>=0 || (op<=0 && pWal->exclusiveMode==0) );
 
   if( op==0 ){
@@ -67619,16 +68639,19 @@ SQLITE_API int sqlite3_snapshot_cmp(sqlite3_snapshot *p1, sqlite3_snapshot *p2){
 */
 SQLITE_PRIVATE int sqlite3WalSnapshotCheck(Wal *pWal, sqlite3_snapshot *pSnapshot){
   int rc;
-  rc = walLockShared(pWal, WAL_CKPT_LOCK);
-  if( rc==SQLITE_OK ){
-    WalIndexHdr *pNew = (WalIndexHdr*)pSnapshot;
-    if( memcmp(pNew->aSalt, pWal->hdr.aSalt, sizeof(pWal->hdr.aSalt))
-     || pNew->mxFramenBackfillAttempted
-    ){
-      rc = SQLITE_ERROR_SNAPSHOT;
-      walUnlockShared(pWal, WAL_CKPT_LOCK);
+  SEH_TRY {
+    rc = walLockShared(pWal, WAL_CKPT_LOCK);
+    if( rc==SQLITE_OK ){
+      WalIndexHdr *pNew = (WalIndexHdr*)pSnapshot;
+      if( memcmp(pNew->aSalt, pWal->hdr.aSalt, sizeof(pWal->hdr.aSalt))
+       || pNew->mxFramenBackfillAttempted
+      ){
+        rc = SQLITE_ERROR_SNAPSHOT;
+        walUnlockShared(pWal, WAL_CKPT_LOCK);
+      }
     }
   }
+  SEH_EXCEPT( rc = walHandleException(pWal); )
   return rc;
 }
 
@@ -67867,7 +68890,7 @@ SQLITE_PRIVATE sqlite3_file *sqlite3WalFile(Wal *pWal){
 **    0x81 0x00                 becomes  0x00000080
 **    0x82 0x00                 becomes  0x00000100
 **    0x80 0x7f                 becomes  0x0000007f
-**    0x8a 0x91 0xd1 0xac 0x78  becomes  0x12345678
+**    0x81 0x91 0xd1 0xac 0x78  becomes  0x12345678
 **    0x81 0x81 0x81 0x81 0x01  becomes  0x10204081
 **
 ** Variable length integers are used for rowids and to hold the number of
@@ -67950,7 +68973,7 @@ typedef struct CellInfo CellInfo;
 ** page that has been loaded into memory.  The information in this object
 ** is derived from the raw on-disk page content.
 **
-** As each database page is loaded into memory, the pager allocats an
+** As each database page is loaded into memory, the pager allocates an
 ** instance of this object and zeros the first 8 bytes.  (This is the
 ** "extra" information associated with each page of the pager.)
 **
@@ -68382,7 +69405,7 @@ struct IntegrityCk {
   BtShared *pBt;    /* The tree being checked out */
   Pager *pPager;    /* The associated pager.  Also accessible by pBt->pPager */
   u8 *aPgRef;       /* 1 bit per page in the db (see above) */
-  Pgno nPage;       /* Number of pages in the database */
+  Pgno nCkPage;     /* Pages in the database.  0 for partial check */
   int mxErr;        /* Stop accumulating errors when this reaches zero */
   int nErr;         /* Number of messages written to zErrMsg so far */
   int rc;           /* SQLITE_OK, SQLITE_NOMEM, or SQLITE_INTERRUPT */
@@ -68406,7 +69429,7 @@ struct IntegrityCk {
 
 /*
 ** get2byteAligned(), unlike get2byte(), requires that its argument point to a
-** two-byte aligned address.  get2bytea() is only used for accessing the
+** two-byte aligned address.  get2byteAligned() is only used for accessing the
 ** cell addresses in a btree header.
 */
 #if SQLITE_BYTEORDER==4321
@@ -68583,7 +69606,7 @@ SQLITE_PRIVATE int sqlite3BtreeHoldsMutex(Btree *p){
 **
 ** There is a corresponding leave-all procedures.
 **
-** Enter the mutexes in accending order by BtShared pointer address
+** Enter the mutexes in ascending order by BtShared pointer address
 ** to avoid the possibility of deadlock when two threads with
 ** two or more btrees in common both try to lock all their btrees
 ** at the same instant.
@@ -70250,7 +71273,7 @@ static void ptrmapPutOvflPtr(MemPage *pPage, MemPage *pSrc, u8 *pCell,int *pRC){
   pPage->xParseCell(pPage, pCell, &info);
   if( info.nLocalaDataEnd, pCell, pCell+info.nLocal) ){
+    if( SQLITE_OVERFLOW(pSrc->aDataEnd, pCell, pCell+info.nLocal) ){
       testcase( pSrc!=pPage );
       *pRC = SQLITE_CORRUPT_BKPT;
       return;
@@ -70351,7 +71374,7 @@ static int defragmentPage(MemPage *pPage, int nMaxFrag){
   iCellStart = get2byte(&data[hdr+5]);
   if( nCell>0 ){
     temp = sqlite3PagerTempSpace(pPage->pBt->pPager);
-    memcpy(&temp[iCellStart], &data[iCellStart], usableSize - iCellStart);
+    memcpy(temp, data, usableSize);
     src = temp;
     for(i=0; iiPage.
-**
-** The page is fetched as read-write unless pCur is not NULL and is
-** a read-only cursor.
-**
-** If an error occurs, then *ppPage is undefined. It
-** may remain unchanged, or it may be set to an invalid value.
 */
 static int getAndInitPage(
   BtShared *pBt,                  /* The database file */
   Pgno pgno,                      /* Number of the page to get */
   MemPage **ppPage,               /* Write the page pointer here */
-  BtCursor *pCur,                 /* Cursor to receive the page, or NULL */
   int bReadOnly                   /* True for a read-only page */
 ){
   int rc;
   DbPage *pDbPage;
+  MemPage *pPage;
   assert( sqlite3_mutex_held(pBt->mutex) );
-  assert( pCur==0 || ppPage==&pCur->pPage );
-  assert( pCur==0 || bReadOnly==pCur->curPagerFlags );
-  assert( pCur==0 || pCur->iPage>0 );
 
   if( pgno>btreePagecount(pBt) ){
-    rc = SQLITE_CORRUPT_BKPT;
-    goto getAndInitPage_error1;
+    *ppPage = 0;
+    return SQLITE_CORRUPT_BKPT;
   }
   rc = sqlite3PagerGet(pBt->pPager, pgno, (DbPage**)&pDbPage, bReadOnly);
   if( rc ){
-    goto getAndInitPage_error1;
+    *ppPage = 0;
+    return rc;
   }
-  *ppPage = (MemPage*)sqlite3PagerGetExtra(pDbPage);
-  if( (*ppPage)->isInit==0 ){
+  pPage = (MemPage*)sqlite3PagerGetExtra(pDbPage);
+  if( pPage->isInit==0 ){
     btreePageFromDbPage(pDbPage, pgno, pBt);
-    rc = btreeInitPage(*ppPage);
+    rc = btreeInitPage(pPage);
     if( rc!=SQLITE_OK ){
-      goto getAndInitPage_error2;
+      releasePage(pPage);
+      *ppPage = 0;
+      return rc;
     }
   }
-  assert( (*ppPage)->pgno==pgno || CORRUPT_DB );
-  assert( (*ppPage)->aData==sqlite3PagerGetData(pDbPage) );
-
-  /* If obtaining a child page for a cursor, we must verify that the page is
-  ** compatible with the root page. */
-  if( pCur && ((*ppPage)->nCell<1 || (*ppPage)->intKey!=pCur->curIntKey) ){
-    rc = SQLITE_CORRUPT_PGNO(pgno);
-    goto getAndInitPage_error2;
-  }
+  assert( pPage->pgno==pgno || CORRUPT_DB );
+  assert( pPage->aData==sqlite3PagerGetData(pDbPage) );
+  *ppPage = pPage;
   return SQLITE_OK;
-
-getAndInitPage_error2:
-  releasePage(*ppPage);
-getAndInitPage_error1:
-  if( pCur ){
-    pCur->iPage--;
-    pCur->pPage = pCur->apPage[pCur->iPage];
-  }
-  testcase( pgno==0 );
-  assert( pgno!=0 || rc!=SQLITE_OK );
-  return rc;
 }
 
 /*
@@ -71178,7 +72174,7 @@ static void pageReinit(DbPage *pData){
       ** call to btreeInitPage() will likely return SQLITE_CORRUPT.
       ** But no harm is done by this.  And it is very important that
       ** btreeInitPage() be called on every btree page so we make
-      ** the call for every page that comes in for re-initing. */
+      ** the call for every page that comes in for re-initializing. */
       btreeInitPage(pPage);
     }
   }
@@ -71357,6 +72353,9 @@ SQLITE_PRIVATE int sqlite3BtreeOpen(
     assert( sizeof(u16)==2 );
     assert( sizeof(Pgno)==4 );
 
+    /* Suppress false-positive compiler warning from PVS-Studio */
+    memset(&zDbHeader[16], 0, 8);
+
     pBt = sqlite3MallocZero( sizeof(*pBt) );
     if( pBt==0 ){
       rc = SQLITE_NOMEM_BKPT;
@@ -71573,7 +72572,7 @@ static SQLITE_NOINLINE int allocateTempSpace(BtShared *pBt){
   ** can mean that fillInCell() only initializes the first 2 or 3
   ** bytes of pTmpSpace, but that the first 4 bytes are copied from
   ** it into a database page. This is not actually a problem, but it
-  ** does cause a valgrind error when the 1 or 2 bytes of unitialized
+  ** does cause a valgrind error when the 1 or 2 bytes of uninitialized
   ** data is passed to system call write(). So to avoid this error,
   ** zero the first 4 bytes of temp space here.
   **
@@ -71808,7 +72807,7 @@ SQLITE_PRIVATE int sqlite3BtreeGetReserveNoMutex(Btree *p){
 
 /*
 ** Return the number of bytes of space at the end of every page that
-** are intentually left unused.  This is the "reserved" space that is
+** are intentionally left unused.  This is the "reserved" space that is
 ** sometimes used by extensions.
 **
 ** The value returned is the larger of the current reserve size and
@@ -72055,7 +73054,6 @@ static int lockBtree(BtShared *pBt){
     ){
       goto page1_init_failed;
     }
-    pBt->btsFlags |= BTS_PAGESIZE_FIXED;
     assert( (pageSize & 7)==0 );
     /* EVIDENCE-OF: R-59310-51205 The "reserved space" size in the 1-byte
     ** integer at offset 20 is the number of bytes of space at the end of
@@ -72075,6 +73073,7 @@ static int lockBtree(BtShared *pBt){
       releasePageOne(pPage1);
       pBt->usableSize = usableSize;
       pBt->pageSize = pageSize;
+      pBt->btsFlags |= BTS_PAGESIZE_FIXED;
       freeTempSpace(pBt);
       rc = sqlite3PagerSetPagesize(pBt->pPager, &pBt->pageSize,
                                    pageSize-usableSize);
@@ -72094,6 +73093,7 @@ static int lockBtree(BtShared *pBt){
     if( usableSize<480 ){
       goto page1_init_failed;
     }
+    pBt->btsFlags |= BTS_PAGESIZE_FIXED;
     pBt->pageSize = pageSize;
     pBt->usableSize = usableSize;
 #ifndef SQLITE_OMIT_AUTOVACUUM
@@ -72272,7 +73272,11 @@ SQLITE_PRIVATE int sqlite3BtreeNewDb(Btree *p){
 ** when A already has a read lock, we encourage A to give up and let B
 ** proceed.
 */
-SQLITE_PRIVATE int sqlite3BtreeBeginTrans(Btree *p, int wrflag, int *pSchemaVersion){
+static SQLITE_NOINLINE int btreeBeginTrans(
+  Btree *p,                 /* The btree in which to start the transaction */
+  int wrflag,               /* True to start a write transaction */
+  int *pSchemaVersion       /* Put schema version number here, if not NULL */
+){
   BtShared *pBt = p->pBt;
   Pager *pPager = pBt->pPager;
   int rc = SQLITE_OK;
@@ -72444,6 +73448,28 @@ SQLITE_PRIVATE int sqlite3BtreeBeginTrans(Btree *p, int wrflag, int *pSchemaVers
   sqlite3BtreeLeave(p);
   return rc;
 }
+SQLITE_PRIVATE int sqlite3BtreeBeginTrans(Btree *p, int wrflag, int *pSchemaVersion){
+  BtShared *pBt;
+  if( p->sharable
+   || p->inTrans==TRANS_NONE
+   || (p->inTrans==TRANS_READ && wrflag!=0)
+  ){
+    return btreeBeginTrans(p,wrflag,pSchemaVersion);
+  }
+  pBt = p->pBt;
+  if( pSchemaVersion ){
+    *pSchemaVersion = get4byte(&pBt->pPage1->aData[40]);
+  }
+  if( wrflag ){
+    /* This call makes sure that the pager has the correct number of
+    ** open savepoints. If the second parameter is greater than 0 and
+    ** the sub-journal is not already open, then it will be opened here.
+    */
+    return sqlite3PagerOpenSavepoint(pBt->pPager, p->db->nSavepoint);
+  }else{
+    return SQLITE_OK;
+  }
+}
 
 #ifndef SQLITE_OMIT_AUTOVACUUM
 
@@ -73539,7 +74565,6 @@ SQLITE_PRIVATE void sqlite3BtreeCursorUnpin(BtCursor *pCur){
   pCur->curFlags &= ~BTCF_Pinned;
 }
 
-#ifdef SQLITE_ENABLE_OFFSET_SQL_FUNC
 /*
 ** Return the offset into the database file for the start of the
 ** payload to which the cursor is pointing.
@@ -73551,7 +74576,6 @@ SQLITE_PRIVATE i64 sqlite3BtreeOffset(BtCursor *pCur){
   return (i64)pCur->pBt->pageSize*((i64)pCur->pPage->pgno - 1) +
          (i64)(pCur->info.pPayload - pCur->pPage->aData);
 }
-#endif /* SQLITE_ENABLE_OFFSET_SQL_FUNC */
 
 /*
 ** Return the number of bytes of payload for the entry that pCur is
@@ -73577,7 +74601,7 @@ SQLITE_PRIVATE u32 sqlite3BtreePayloadSize(BtCursor *pCur){
 ** routine always returns 2147483647 (which is the largest record
 ** that SQLite can handle) or more.  But returning a smaller value might
 ** prevent large memory allocations when trying to interpret a
-** corrupt datrabase.
+** corrupt database.
 **
 ** The current implementation merely returns the size of the underlying
 ** database file.
@@ -74039,6 +75063,7 @@ SQLITE_PRIVATE const void *sqlite3BtreePayloadFetch(BtCursor *pCur, u32 *pAmt){
 ** vice-versa).
 */
 static int moveToChild(BtCursor *pCur, u32 newPgno){
+  int rc;
   assert( cursorOwnsBtShared(pCur) );
   assert( pCur->eState==CURSOR_VALID );
   assert( pCur->iPageapPage[pCur->iPage] = pCur->pPage;
   pCur->ix = 0;
   pCur->iPage++;
-  return getAndInitPage(pCur->pBt, newPgno, &pCur->pPage, pCur,
-                        pCur->curPagerFlags);
+  rc = getAndInitPage(pCur->pBt, newPgno, &pCur->pPage, pCur->curPagerFlags);
+  assert( pCur->pPage!=0 || rc!=SQLITE_OK );
+  if( rc==SQLITE_OK
+   && (pCur->pPage->nCell<1 || pCur->pPage->intKey!=pCur->curIntKey)
+  ){
+    releasePage(pCur->pPage);
+    rc = SQLITE_CORRUPT_PGNO(newPgno);
+  }
+  if( rc ){
+    pCur->pPage = pCur->apPage[--pCur->iPage];
+  }
+  return rc;
 }
 
 #ifdef SQLITE_DEBUG
@@ -74160,7 +75195,7 @@ static int moveToRoot(BtCursor *pCur){
       sqlite3BtreeClearCursor(pCur);
     }
     rc = getAndInitPage(pCur->pBt, pCur->pgnoRoot, &pCur->pPage,
-                        0, pCur->curPagerFlags);
+                        pCur->curPagerFlags);
     if( rc!=SQLITE_OK ){
       pCur->eState = CURSOR_INVALID;
       return rc;
@@ -74272,7 +75307,7 @@ SQLITE_PRIVATE int sqlite3BtreeFirst(BtCursor *pCur, int *pRes){
     *pRes = 0;
     rc = moveToLeftmost(pCur);
   }else if( rc==SQLITE_EMPTY ){
-    assert( pCur->pgnoRoot==0 || pCur->pPage->nCell==0 );
+    assert( pCur->pgnoRoot==0 || (pCur->pPage!=0 && pCur->pPage->nCell==0) );
     *pRes = 1;
     rc = SQLITE_OK;
   }
@@ -74377,7 +75412,7 @@ SQLITE_PRIVATE int sqlite3BtreeTableMoveto(
       /* If the requested key is one more than the previous key, then
       ** try to get there using sqlite3BtreeNext() rather than a full
       ** binary search.  This is an optimization only.  The correct answer
-      ** is still obtained without this case, only a little more slowely */
+      ** is still obtained without this case, only a little more slowly. */
       if( pCur->info.nKey+1==intKey ){
         *pRes = 0;
         rc = sqlite3BtreeNext(pCur, 0);
@@ -74773,10 +75808,36 @@ SQLITE_PRIVATE int sqlite3BtreeIndexMoveto(
     }else{
       chldPg = get4byte(findCell(pPage, lwr));
     }
-    pCur->ix = (u16)lwr;
-    rc = moveToChild(pCur, chldPg);
-    if( rc ) break;
-  }
+
+    /* This block is similar to an in-lined version of:
+    **
+    **    pCur->ix = (u16)lwr;
+    **    rc = moveToChild(pCur, chldPg);
+    **    if( rc ) break;
+    */
+    pCur->info.nSize = 0;
+    pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl);
+    if( pCur->iPage>=(BTCURSOR_MAX_DEPTH-1) ){
+      return SQLITE_CORRUPT_BKPT;
+    }
+    pCur->aiIdx[pCur->iPage] = (u16)lwr;
+    pCur->apPage[pCur->iPage] = pCur->pPage;
+    pCur->ix = 0;
+    pCur->iPage++;
+    rc = getAndInitPage(pCur->pBt, chldPg, &pCur->pPage, pCur->curPagerFlags);
+    if( rc==SQLITE_OK
+     && (pCur->pPage->nCell<1 || pCur->pPage->intKey!=pCur->curIntKey)
+    ){
+      releasePage(pCur->pPage);
+      rc = SQLITE_CORRUPT_PGNO(chldPg);
+    }
+    if( rc ){
+      pCur->pPage = pCur->apPage[--pCur->iPage];
+      break;
+    }
+    /*
+    ***** End of in-lined moveToChild() call */
+ }
 moveto_index_finish:
   pCur->info.nSize = 0;
   assert( (pCur->curFlags & BTCF_ValidOvfl)==0 );
@@ -75560,7 +76621,7 @@ static SQLITE_NOINLINE int clearCellOverflow(
 
 /* Call xParseCell to compute the size of a cell.  If the cell contains
 ** overflow, then invoke cellClearOverflow to clear out that overflow.
-** STore the result code (SQLITE_OK or some error code) in rc.
+** Store the result code (SQLITE_OK or some error code) in rc.
 **
 ** Implemented as macro to force inlining for performance.
 */
@@ -76171,12 +77232,13 @@ static int rebuildPage(
   int k;                          /* Current slot in pCArray->apEnd[] */
   u8 *pSrcEnd;                    /* Current pCArray->apEnd[k] value */
 
+  assert( nCell>0 );
   assert( i(u32)usableSize) ){ j = 0; }
+  if( j>(u32)usableSize ){ j = 0; }
   memcpy(&pTmp[j], &aData[j], usableSize - j);
 
-  for(k=0; pCArray->ixNx[k]<=i && ALWAYS(kixNx[k]<=i; k++){}
   pSrcEnd = pCArray->apEnd[k];
 
   pData = pEnd;
@@ -76239,7 +77301,7 @@ static int rebuildPage(
 ** Finally, argument pBegin points to the byte immediately following the
 ** end of the space required by this page for the cell-pointer area (for
 ** all cells - not just those inserted by the current call). If the content
-** area must be extended to before this point in order to accomodate all
+** area must be extended to before this point in order to accommodate all
 ** cells in apCell[], then the cells do not fit and non-zero is returned.
 */
 static int pageInsertArray(
@@ -76259,7 +77321,7 @@ static int pageInsertArray(
   u8 *pEnd;                       /* Maximum extent of cell data */
   assert( CORRUPT_DB || pPg->hdrOffset==0 );    /* Never called on page 1 */
   if( iEnd<=iFirst ) return 0;
-  for(k=0; pCArray->ixNx[k]<=i && ALWAYS(kixNx[k]<=i ; k++){}
   pEnd = pCArray->apEnd[k];
   while( 1 /*Exit by break*/ ){
     int sz, rc;
@@ -76477,6 +77539,7 @@ static int editPage(
   return SQLITE_OK;
  editpage_fail:
   /* Unable to edit this page. Rebuild it from scratch instead. */
+  if( nNew<1 ) return SQLITE_CORRUPT_BKPT;
   populateCellCache(pCArray, iNew, nNew);
   return rebuildPage(pCArray, iNew, nNew, pPg);
 }
@@ -76554,7 +77617,7 @@ static int balance_quick(MemPage *pParent, MemPage *pPage, u8 *pSpace){
     ** with entries for the new page, and any pointer from the
     ** cell on the page to an overflow page. If either of these
     ** operations fails, the return code is set, but the contents
-    ** of the parent page are still manipulated by thh code below.
+    ** of the parent page are still manipulated by the code below.
     ** That is Ok, at this point the parent page is guaranteed to
     ** be marked as dirty. Returning an error code will cause a
     ** rollback, undoing any changes made to the parent page.
@@ -76830,7 +77893,7 @@ static int balance_nonroot(
   pgno = get4byte(pRight);
   while( 1 ){
     if( rc==SQLITE_OK ){
-      rc = getAndInitPage(pBt, pgno, &apOld[i], 0, 0);
+      rc = getAndInitPage(pBt, pgno, &apOld[i], 0);
     }
     if( rc ){
       memset(apOld, 0, (i+1)*sizeof(MemPage*));
@@ -77144,7 +78207,7 @@ static int balance_nonroot(
     }
   }
 
-  /* Sanity check:  For a non-corrupt database file one of the follwing
+  /* Sanity check:  For a non-corrupt database file one of the following
   ** must be true:
   **    (1) We found one or more cells (cntNew[0])>0), or
   **    (2) pPage is a virtual root page.  A virtual root page is when
@@ -77369,9 +78432,9 @@ static int balance_nonroot(
     iOvflSpace += sz;
     assert( sz<=pBt->maxLocal+23 );
     assert( iOvflSpace <= (int)pBt->pageSize );
-    for(k=0; b.ixNx[k]<=j && ALWAYS(k=0 && iPg=1 || i>=0 );
+    assert( iPg=0                            /* On the upwards pass, or... */
      || cntOld[iPg-1]>=cntNew[iPg-1]    /* Condition (1) is true */
@@ -77761,7 +78826,7 @@ static int btreeOverwriteContent(
 ){
   int nData = pX->nData - iOffset;
   if( nData<=0 ){
-    /* Overwritting with zeros */
+    /* Overwriting with zeros */
     int i;
     for(i=0; ipData to write */
@@ -78544,7 +79609,7 @@ static int btreeCreateTable(Btree *p, Pgno *piTable, int createTabFlags){
   MemPage *pRoot;
   Pgno pgnoRoot;
   int rc;
-  int ptfFlags;          /* Page-type flage for the root page of new table */
+  int ptfFlags;          /* Page-type flags for the root page of new table */
 
   assert( sqlite3BtreeHoldsMutex(p) );
   assert( pBt->inTransaction==TRANS_WRITE );
@@ -78713,7 +79778,7 @@ static int clearDatabasePage(
   if( pgno>btreePagecount(pBt) ){
     return SQLITE_CORRUPT_BKPT;
   }
-  rc = getAndInitPage(pBt, pgno, &pPage, 0, 0);
+  rc = getAndInitPage(pBt, pgno, &pPage, 0);
   if( rc ) return rc;
   if( (pBt->openFlags & BTREE_SINGLE)==0
    && sqlite3PagerPageRefcount(pPage->pDbPage) != (1 + (pgno==1))
@@ -79134,7 +80199,8 @@ static void checkAppendMsg(
 ** corresponds to page iPg is already set.
 */
 static int getPageReferenced(IntegrityCk *pCheck, Pgno iPg){
-  assert( iPg<=pCheck->nPage && sizeof(pCheck->aPgRef[0])==1 );
+  assert( pCheck->aPgRef!=0 );
+  assert( iPg<=pCheck->nCkPage && sizeof(pCheck->aPgRef[0])==1 );
   return (pCheck->aPgRef[iPg/8] & (1 << (iPg & 0x07)));
 }
 
@@ -79142,7 +80208,8 @@ static int getPageReferenced(IntegrityCk *pCheck, Pgno iPg){
 ** Set the bit in the IntegrityCk.aPgRef[] array that corresponds to page iPg.
 */
 static void setPageReferenced(IntegrityCk *pCheck, Pgno iPg){
-  assert( iPg<=pCheck->nPage && sizeof(pCheck->aPgRef[0])==1 );
+  assert( pCheck->aPgRef!=0 );
+  assert( iPg<=pCheck->nCkPage && sizeof(pCheck->aPgRef[0])==1 );
   pCheck->aPgRef[iPg/8] |= (1 << (iPg & 0x07));
 }
 
@@ -79156,7 +80223,7 @@ static void setPageReferenced(IntegrityCk *pCheck, Pgno iPg){
 ** Also check that the page number is in bounds.
 */
 static int checkRef(IntegrityCk *pCheck, Pgno iPage){
-  if( iPage>pCheck->nPage || iPage==0 ){
+  if( iPage>pCheck->nCkPage || iPage==0 ){
     checkAppendMsg(pCheck, "invalid page number %u", iPage);
     return 1;
   }
@@ -79379,10 +80446,11 @@ static int checkTreePage(
   if( iPage==0 ) return 0;
   if( checkRef(pCheck, iPage) ) return 0;
   pCheck->zPfx = "Tree %u page %u: ";
-  pCheck->v0 = pCheck->v1 = iPage;
+  pCheck->v1 = iPage;
   if( (rc = btreeGetPage(pBt, iPage, &pPage, 0))!=0 ){
     checkAppendMsg(pCheck,
        "unable to get the page. error code=%d", rc);
+    if( rc==SQLITE_IOERR_NOMEM ) pCheck->rc = SQLITE_NOMEM;
     goto end_of_check;
   }
 
@@ -79653,15 +80721,15 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   sCheck.db = db;
   sCheck.pBt = pBt;
   sCheck.pPager = pBt->pPager;
-  sCheck.nPage = btreePagecount(sCheck.pBt);
+  sCheck.nCkPage = btreePagecount(sCheck.pBt);
   sCheck.mxErr = mxErr;
   sqlite3StrAccumInit(&sCheck.errMsg, 0, zErr, sizeof(zErr), SQLITE_MAX_LENGTH);
   sCheck.errMsg.printfFlags = SQLITE_PRINTF_INTERNAL;
-  if( sCheck.nPage==0 ){
+  if( sCheck.nCkPage==0 ){
     goto integrity_ck_cleanup;
   }
 
-  sCheck.aPgRef = sqlite3MallocZero((sCheck.nPage / 8)+ 1);
+  sCheck.aPgRef = sqlite3MallocZero((sCheck.nCkPage / 8)+ 1);
   if( !sCheck.aPgRef ){
     checkOom(&sCheck);
     goto integrity_ck_cleanup;
@@ -79673,7 +80741,7 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   }
 
   i = PENDING_BYTE_PAGE(pBt);
-  if( i<=sCheck.nPage ) setPageReferenced(&sCheck, i);
+  if( i<=sCheck.nCkPage ) setPageReferenced(&sCheck, i);
 
   /* Check the integrity of the freelist
   */
@@ -79716,6 +80784,7 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
       checkPtrmap(&sCheck, aRoot[i], PTRMAP_ROOTPAGE, 0);
     }
 #endif
+    sCheck.v0 = aRoot[i];
     checkTreePage(&sCheck, aRoot[i], ¬Used, LARGEST_INT64);
   }
   pBt->db->flags = savedDbFlags;
@@ -79723,7 +80792,7 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   /* Make sure every page in the file is referenced
   */
   if( !bPartial ){
-    for(i=1; i<=sCheck.nPage && sCheck.mxErr; i++){
+    for(i=1; i<=sCheck.nCkPage && sCheck.mxErr; i++){
 #ifdef SQLITE_OMIT_AUTOVACUUM
       if( getPageReferenced(&sCheck, i)==0 ){
         checkAppendMsg(&sCheck, "Page %u: never used", i);
@@ -81142,6 +82211,40 @@ SQLITE_PRIVATE int sqlite3VdbeMemClearAndResize(Mem *pMem, int szNew){
   return SQLITE_OK;
 }
 
+/*
+** If pMem is already a string, detect if it is a zero-terminated
+** string, or make it into one if possible, and mark it as such.
+**
+** This is an optimization.  Correct operation continues even if
+** this routine is a no-op.
+*/
+SQLITE_PRIVATE void sqlite3VdbeMemZeroTerminateIfAble(Mem *pMem){
+  if( (pMem->flags & (MEM_Str|MEM_Term|MEM_Ephem|MEM_Static))!=MEM_Str ){
+    /* pMem must be a string, and it cannot be an ephemeral or static string */
+    return;
+  }
+  if( pMem->enc!=SQLITE_UTF8 ) return;
+  if( NEVER(pMem->z==0) ) return;
+  if( pMem->flags & MEM_Dyn ){
+    if( pMem->xDel==sqlite3_free
+     && sqlite3_msize(pMem->z) >= (u64)(pMem->n+1)
+    ){
+      pMem->z[pMem->n] = 0;
+      pMem->flags |= MEM_Term;
+      return;
+    }
+    if( pMem->xDel==sqlite3RCStrUnref ){
+      /* Blindly assume that all RCStr objects are zero-terminated */
+      pMem->flags |= MEM_Term;
+      return;
+    }
+  }else if( pMem->szMalloc >= pMem->n+1 ){
+    pMem->z[pMem->n] = 0;
+    pMem->flags |= MEM_Term;
+    return;
+  }
+}
+
 /*
 ** It is already known that pMem contains an unterminated string.
 ** Add the zero terminator.
@@ -81403,36 +82506,6 @@ SQLITE_PRIVATE void sqlite3VdbeMemReleaseMalloc(Mem *p){
   if( p->szMalloc ) vdbeMemClear(p);
 }
 
-/*
-** Convert a 64-bit IEEE double into a 64-bit signed integer.
-** If the double is out of range of a 64-bit signed integer then
-** return the closest available 64-bit signed integer.
-*/
-static SQLITE_NOINLINE i64 doubleToInt64(double r){
-#ifdef SQLITE_OMIT_FLOATING_POINT
-  /* When floating-point is omitted, double and int64 are the same thing */
-  return r;
-#else
-  /*
-  ** Many compilers we encounter do not define constants for the
-  ** minimum and maximum 64-bit integers, or they define them
-  ** inconsistently.  And many do not understand the "LL" notation.
-  ** So we define our own static constants here using nothing
-  ** larger than a 32-bit integer constant.
-  */
-  static const i64 maxInt = LARGEST_INT64;
-  static const i64 minInt = SMALLEST_INT64;
-
-  if( r<=(double)minInt ){
-    return minInt;
-  }else if( r>=(double)maxInt ){
-    return maxInt;
-  }else{
-    return (i64)r;
-  }
-#endif
-}
-
 /*
 ** Return some kind of integer value which is the best we can do
 ** at representing the value that *pMem describes as an integer.
@@ -81459,7 +82532,7 @@ SQLITE_PRIVATE i64 sqlite3VdbeIntValue(const Mem *pMem){
     testcase( flags & MEM_IntReal );
     return pMem->u.i;
   }else if( flags & MEM_Real ){
-    return doubleToInt64(pMem->u.r);
+    return sqlite3RealToI64(pMem->u.r);
   }else if( (flags & (MEM_Str|MEM_Blob))!=0 && pMem->z!=0 ){
     return memIntValue(pMem);
   }else{
@@ -81521,7 +82594,7 @@ SQLITE_PRIVATE void sqlite3VdbeIntegerAffinity(Mem *pMem){
   if( pMem->flags & MEM_IntReal ){
     MemSetTypeFlag(pMem, MEM_Int);
   }else{
-    i64 ix = doubleToInt64(pMem->u.r);
+    i64 ix = sqlite3RealToI64(pMem->u.r);
 
     /* Only mark the value as an integer if
     **
@@ -81589,8 +82662,8 @@ SQLITE_PRIVATE int sqlite3RealSameAsInt(double r1, sqlite3_int64 i){
 ** from UBSAN.
 */
 SQLITE_PRIVATE i64 sqlite3RealToI64(double r){
-  if( r<=(double)SMALLEST_INT64 ) return SMALLEST_INT64;
-  if( r>=(double)LARGEST_INT64) return LARGEST_INT64;
+  if( r<-9223372036854774784.0 ) return SMALLEST_INT64;
+  if( r>+9223372036854774784.0 ) return LARGEST_INT64;
   return (i64)r;
 }
 
@@ -81661,6 +82734,7 @@ SQLITE_PRIVATE int sqlite3VdbeMemCast(Mem *pMem, u8 aff, u8 encoding){
       break;
     }
     default: {
+      int rc;
       assert( aff==SQLITE_AFF_TEXT );
       assert( MEM_Str==(MEM_Blob>>3) );
       pMem->flags |= (pMem->flags&MEM_Blob)>>3;
@@ -81668,7 +82742,9 @@ SQLITE_PRIVATE int sqlite3VdbeMemCast(Mem *pMem, u8 aff, u8 encoding){
       assert( pMem->flags & MEM_Str || pMem->db->mallocFailed );
       pMem->flags &= ~(MEM_Int|MEM_Real|MEM_IntReal|MEM_Blob|MEM_Zero);
       if( encoding!=SQLITE_UTF8 ) pMem->n &= ~1;
-      return sqlite3VdbeChangeEncoding(pMem, encoding);
+      rc = sqlite3VdbeChangeEncoding(pMem, encoding);
+      if( rc ) return rc;
+      sqlite3VdbeMemZeroTerminateIfAble(pMem);
     }
   }
   return SQLITE_OK;
@@ -82192,6 +83268,24 @@ SQLITE_PRIVATE const void *sqlite3ValueText(sqlite3_value* pVal, u8 enc){
   return valueToText(pVal, enc);
 }
 
+/* Return true if sqlit3_value object pVal is a string or blob value
+** that uses the destructor specified in the second argument.
+**
+** TODO:  Maybe someday promote this interface into a published API so
+** that third-party extensions can get access to it?
+*/
+SQLITE_PRIVATE int sqlite3ValueIsOfClass(const sqlite3_value *pVal, void(*xFree)(void*)){
+  if( ALWAYS(pVal!=0)
+   && ALWAYS((pVal->flags & (MEM_Str|MEM_Blob))!=0)
+   && (pVal->flags & MEM_Dyn)!=0
+   && pVal->xDel==xFree
+  ){
+    return 1;
+  }else{
+    return 0;
+  }
+}
+
 /*
 ** Create a new sqlite3_value object.
 */
@@ -82259,6 +83353,7 @@ static sqlite3_value *valueNew(sqlite3 *db, struct ValueNewStat4Ctx *p){
     }
 
     pRec->nField = p->iVal+1;
+    sqlite3VdbeMemSetNull(&pRec->aMem[p->iVal]);
     return &pRec->aMem[p->iVal];
   }
 #else
@@ -82518,6 +83613,7 @@ static int valueFromExpr(
     if( pVal ){
       pVal->flags = MEM_Int;
       pVal->u.i = pExpr->u.zToken[4]==0;
+      sqlite3ValueApplyAffinity(pVal, affinity, enc);
     }
   }
 
@@ -83047,6 +84143,35 @@ static void test_addop_breakpoint(int pc, Op *pOp){
 }
 #endif
 
+/*
+** Slow paths for sqlite3VdbeAddOp3() and sqlite3VdbeAddOp4Int() for the
+** unusual case when we need to increase the size of the Vdbe.aOp[] array
+** before adding the new opcode.
+*/
+static SQLITE_NOINLINE int growOp3(Vdbe *p, int op, int p1, int p2, int p3){
+  assert( p->nOpAlloc<=p->nOp );
+  if( growOpArray(p, 1) ) return 1;
+  assert( p->nOpAlloc>p->nOp );
+  return sqlite3VdbeAddOp3(p, op, p1, p2, p3);
+}
+static SQLITE_NOINLINE int addOp4IntSlow(
+  Vdbe *p,            /* Add the opcode to this VM */
+  int op,             /* The new opcode */
+  int p1,             /* The P1 operand */
+  int p2,             /* The P2 operand */
+  int p3,             /* The P3 operand */
+  int p4              /* The P4 operand as an integer */
+){
+  int addr = sqlite3VdbeAddOp3(p, op, p1, p2, p3);
+  if( p->db->mallocFailed==0 ){
+    VdbeOp *pOp = &p->aOp[addr];
+    pOp->p4type = P4_INT32;
+    pOp->p4.i = p4;
+  }
+  return addr;
+}
+
+
 /*
 ** Add a new instruction to the list of instructions current in the
 ** VDBE.  Return the address of the new instruction.
@@ -83057,17 +84182,16 @@ static void test_addop_breakpoint(int pc, Op *pOp){
 **
 **    op              The opcode for this instruction
 **
-**    p1, p2, p3      Operands
-**
-** Use the sqlite3VdbeResolveLabel() function to fix an address and
-** the sqlite3VdbeChangeP4() function to change the value of the P4
-** operand.
+**    p1, p2, p3, p4  Operands
 */
-static SQLITE_NOINLINE int growOp3(Vdbe *p, int op, int p1, int p2, int p3){
-  assert( p->nOpAlloc<=p->nOp );
-  if( growOpArray(p, 1) ) return 1;
-  assert( p->nOpAlloc>p->nOp );
-  return sqlite3VdbeAddOp3(p, op, p1, p2, p3);
+SQLITE_PRIVATE int sqlite3VdbeAddOp0(Vdbe *p, int op){
+  return sqlite3VdbeAddOp3(p, op, 0, 0, 0);
+}
+SQLITE_PRIVATE int sqlite3VdbeAddOp1(Vdbe *p, int op, int p1){
+  return sqlite3VdbeAddOp3(p, op, p1, 0, 0);
+}
+SQLITE_PRIVATE int sqlite3VdbeAddOp2(Vdbe *p, int op, int p1, int p2){
+  return sqlite3VdbeAddOp3(p, op, p1, p2, 0);
 }
 SQLITE_PRIVATE int sqlite3VdbeAddOp3(Vdbe *p, int op, int p1, int p2, int p3){
   int i;
@@ -83090,6 +84214,9 @@ SQLITE_PRIVATE int sqlite3VdbeAddOp3(Vdbe *p, int op, int p1, int p2, int p3){
   pOp->p3 = p3;
   pOp->p4.p = 0;
   pOp->p4type = P4_NOTUSED;
+
+  /* Replicate this logic in sqlite3VdbeAddOp4Int()
+  ** vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv   */
 #ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
   pOp->zComment = 0;
 #endif
@@ -83106,16 +84233,59 @@ SQLITE_PRIVATE int sqlite3VdbeAddOp3(Vdbe *p, int op, int p1, int p2, int p3){
 #ifdef SQLITE_VDBE_COVERAGE
   pOp->iSrcLine = 0;
 #endif
+  /* ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+  ** Replicate in sqlite3VdbeAddOp4Int() */
+
   return i;
 }
-SQLITE_PRIVATE int sqlite3VdbeAddOp0(Vdbe *p, int op){
-  return sqlite3VdbeAddOp3(p, op, 0, 0, 0);
-}
-SQLITE_PRIVATE int sqlite3VdbeAddOp1(Vdbe *p, int op, int p1){
-  return sqlite3VdbeAddOp3(p, op, p1, 0, 0);
-}
-SQLITE_PRIVATE int sqlite3VdbeAddOp2(Vdbe *p, int op, int p1, int p2){
-  return sqlite3VdbeAddOp3(p, op, p1, p2, 0);
+SQLITE_PRIVATE int sqlite3VdbeAddOp4Int(
+  Vdbe *p,            /* Add the opcode to this VM */
+  int op,             /* The new opcode */
+  int p1,             /* The P1 operand */
+  int p2,             /* The P2 operand */
+  int p3,             /* The P3 operand */
+  int p4              /* The P4 operand as an integer */
+){
+  int i;
+  VdbeOp *pOp;
+
+  i = p->nOp;
+  if( p->nOpAlloc<=i ){
+    return addOp4IntSlow(p, op, p1, p2, p3, p4);
+  }
+  p->nOp++;
+  pOp = &p->aOp[i];
+  assert( pOp!=0 );
+  pOp->opcode = (u8)op;
+  pOp->p5 = 0;
+  pOp->p1 = p1;
+  pOp->p2 = p2;
+  pOp->p3 = p3;
+  pOp->p4.i = p4;
+  pOp->p4type = P4_INT32;
+
+  /* Replicate this logic in sqlite3VdbeAddOp3()
+  ** vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv   */
+#ifdef SQLITE_ENABLE_EXPLAIN_COMMENTS
+  pOp->zComment = 0;
+#endif
+#if defined(SQLITE_ENABLE_STMT_SCANSTATUS) || defined(VDBE_PROFILE)
+  pOp->nExec = 0;
+  pOp->nCycle = 0;
+#endif
+#ifdef SQLITE_DEBUG
+  if( p->db->flags & SQLITE_VdbeAddopTrace ){
+    sqlite3VdbePrintOp(0, i, &p->aOp[i]);
+    test_addop_breakpoint(i, &p->aOp[i]);
+  }
+#endif
+#ifdef SQLITE_VDBE_COVERAGE
+  pOp->iSrcLine = 0;
+#endif
+  /* ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+  ** Replicate in sqlite3VdbeAddOp3() */
+
+  return i;
 }
 
 /* Generate code for an unconditional jump to instruction iDest
@@ -83293,7 +84463,7 @@ SQLITE_PRIVATE int sqlite3VdbeExplain(Parse *pParse, u8 bPush, const char *zFmt,
     if( bPush){
       pParse->addrExplain = iThis;
     }
-    sqlite3VdbeScanStatus(v, iThis, 0, 0, 0, 0);
+    sqlite3VdbeScanStatus(v, iThis, -1, -1, 0, 0);
   }
   return addr;
 }
@@ -83323,26 +84493,6 @@ SQLITE_PRIVATE void sqlite3VdbeAddParseSchemaOp(Vdbe *p, int iDb, char *zWhere,
   sqlite3MayAbort(p->pParse);
 }
 
-/*
-** Add an opcode that includes the p4 value as an integer.
-*/
-SQLITE_PRIVATE int sqlite3VdbeAddOp4Int(
-  Vdbe *p,            /* Add the opcode to this VM */
-  int op,             /* The new opcode */
-  int p1,             /* The P1 operand */
-  int p2,             /* The P2 operand */
-  int p3,             /* The P3 operand */
-  int p4              /* The P4 operand as an integer */
-){
-  int addr = sqlite3VdbeAddOp3(p, op, p1, p2, p3);
-  if( p->db->mallocFailed==0 ){
-    VdbeOp *pOp = &p->aOp[addr];
-    pOp->p4type = P4_INT32;
-    pOp->p4.i = p4;
-  }
-  return addr;
-}
-
 /* Insert the end of a co-routine
 */
 SQLITE_PRIVATE void sqlite3VdbeEndCoroutine(Vdbe *v, int regYield){
@@ -83655,7 +84805,7 @@ static void resolveP2Values(Vdbe *p, int *pMaxFuncArgs){
   p->bIsReader = 0;
   pOp = &p->aOp[p->nOp-1];
   assert( p->aOp[0].opcode==OP_Init );
-  while( 1 /* Loop termates when it reaches the OP_Init opcode */ ){
+  while( 1 /* Loop terminates when it reaches the OP_Init opcode */ ){
     /* Only JUMP opcodes and the short list of special opcodes in the switch
     ** below need to be considered.  The mkopcodeh.tcl generator script groups
     ** all these opcodes together near the front of the opcode list.  Skip
@@ -83777,6 +84927,10 @@ SQLITE_PRIVATE void sqlite3VdbeNoJumpsOutsideSubrtn(
       int iDest = pOp->p2;   /* Jump destination */
       if( iDest==0 ) continue;
       if( pOp->opcode==OP_Gosub ) continue;
+      if( pOp->p3==20230325 && pOp->opcode==OP_NotNull ){
+        /* This is a deliberately taken illegal branch.  tag-20230325-2 */
+        continue;
+      }
       if( iDest<0 ){
         int j = ADDR(iDest);
         assert( j>=0 );
@@ -84025,8 +85179,8 @@ SQLITE_PRIVATE void sqlite3VdbeScanStatusCounters(
       pScan = 0;
     }
     if( pScan ){
-      pScan->addrLoop = addrLoop;
-      pScan->addrVisit = addrVisit;
+      if( addrLoop>0 ) pScan->addrLoop = addrLoop;
+      if( addrVisit>0 ) pScan->addrVisit = addrVisit;
     }
   }
 }
@@ -84109,7 +85263,7 @@ SQLITE_PRIVATE void sqlite3VdbeJumpHereOrPopInst(Vdbe *p, int addr){
 
 /*
 ** If the input FuncDef structure is ephemeral, then free it.  If
-** the FuncDef is not ephermal, then do nothing.
+** the FuncDef is not ephemeral, then do nothing.
 */
 static void freeEphemeralFunction(sqlite3 *db, FuncDef *pDef){
   assert( db!=0 );
@@ -84273,7 +85427,6 @@ SQLITE_PRIVATE void sqlite3VdbeReleaseRegisters(
 }
 #endif /* SQLITE_DEBUG */
 
-
 /*
 ** Change the value of the P4 operand for a specific instruction.
 ** This routine is useful when a large program is loaded from a
@@ -85194,7 +86347,7 @@ SQLITE_PRIVATE int sqlite3VdbeList(
         sqlite3VdbeMemSetInt64(pMem+1, pOp->p2);
         sqlite3VdbeMemSetInt64(pMem+2, pOp->p3);
         sqlite3VdbeMemSetStr(pMem+3, zP4, -1, SQLITE_UTF8, sqlite3_free);
-        p->nResColumn = 4;
+        assert( p->nResColumn==4 );
       }else{
         sqlite3VdbeMemSetInt64(pMem+0, i);
         sqlite3VdbeMemSetStr(pMem+1, (char*)sqlite3OpcodeName(pOp->opcode),
@@ -85213,7 +86366,7 @@ SQLITE_PRIVATE int sqlite3VdbeList(
         sqlite3VdbeMemSetNull(pMem+7);
 #endif
         sqlite3VdbeMemSetStr(pMem+5, zP4, -1, SQLITE_UTF8, sqlite3_free);
-        p->nResColumn = 8;
+        assert( p->nResColumn==8 );
       }
       p->pResultRow = pMem;
       if( db->mallocFailed ){
@@ -85427,26 +86580,9 @@ SQLITE_PRIVATE void sqlite3VdbeMakeReady(
   resolveP2Values(p, &nArg);
   p->usesStmtJournal = (u8)(pParse->isMultiWrite && pParse->mayAbort);
   if( pParse->explain ){
-    static const char * const azColName[] = {
-       "addr", "opcode", "p1", "p2", "p3", "p4", "p5", "comment",
-       "id", "parent", "notused", "detail"
-    };
-    int iFirst, mx, i;
     if( nMem<10 ) nMem = 10;
     p->explain = pParse->explain;
-    if( pParse->explain==2 ){
-      sqlite3VdbeSetNumCols(p, 4);
-      iFirst = 8;
-      mx = 12;
-    }else{
-      sqlite3VdbeSetNumCols(p, 8);
-      iFirst = 0;
-      mx = 8;
-    }
-    for(i=iFirst; inResColumn = 12 - 4*p->explain;
   }
   p->expired = 0;
 
@@ -85498,7 +86634,23 @@ SQLITE_PRIVATE void sqlite3VdbeMakeReady(
 SQLITE_PRIVATE void sqlite3VdbeFreeCursor(Vdbe *p, VdbeCursor *pCx){
   if( pCx ) sqlite3VdbeFreeCursorNN(p,pCx);
 }
+static SQLITE_NOINLINE void freeCursorWithCache(Vdbe *p, VdbeCursor *pCx){
+  VdbeTxtBlbCache *pCache = pCx->pCache;
+  assert( pCx->colCache );
+  pCx->colCache = 0;
+  pCx->pCache = 0;
+  if( pCache->pCValue ){
+    sqlite3RCStrUnref(pCache->pCValue);
+    pCache->pCValue = 0;
+  }
+  sqlite3DbFree(p->db, pCache);
+  sqlite3VdbeFreeCursorNN(p, pCx);
+}
 SQLITE_PRIVATE void sqlite3VdbeFreeCursorNN(Vdbe *p, VdbeCursor *pCx){
+  if( pCx->colCache ){
+    freeCursorWithCache(p, pCx);
+    return;
+  }
   switch( pCx->eCurType ){
     case CURTYPE_SORTER: {
       sqlite3VdbeSorterClose(p->db, pCx);
@@ -85599,12 +86751,12 @@ SQLITE_PRIVATE void sqlite3VdbeSetNumCols(Vdbe *p, int nResColumn){
   int n;
   sqlite3 *db = p->db;
 
-  if( p->nResColumn ){
-    releaseMemArray(p->aColName, p->nResColumn*COLNAME_N);
+  if( p->nResAlloc ){
+    releaseMemArray(p->aColName, p->nResAlloc*COLNAME_N);
     sqlite3DbFree(db, p->aColName);
   }
   n = nResColumn*COLNAME_N;
-  p->nResColumn = (u16)nResColumn;
+  p->nResColumn = p->nResAlloc = (u16)nResColumn;
   p->aColName = (Mem*)sqlite3DbMallocRawNN(db, sizeof(Mem)*n );
   if( p->aColName==0 ) return;
   initMemArray(p->aColName, n, db, MEM_Null);
@@ -85629,14 +86781,14 @@ SQLITE_PRIVATE int sqlite3VdbeSetColName(
 ){
   int rc;
   Mem *pColName;
-  assert( idxnResColumn );
+  assert( idxnResAlloc );
   assert( vardb->mallocFailed ){
     assert( !zName || xDel!=SQLITE_DYNAMIC );
     return SQLITE_NOMEM_BKPT;
   }
   assert( p->aColName!=0 );
-  pColName = &(p->aColName[idx+var*p->nResColumn]);
+  pColName = &(p->aColName[idx+var*p->nResAlloc]);
   rc = sqlite3VdbeMemSetStr(pColName, zName, -1, SQLITE_UTF8, xDel);
   assert( rc!=0 || !zName || (pColName->flags&MEM_Term)!=0 );
   return rc;
@@ -86149,6 +87301,7 @@ SQLITE_PRIVATE int sqlite3VdbeHalt(Vdbe *p){
           sqlite3VdbeLeave(p);
           return SQLITE_BUSY;
         }else if( rc!=SQLITE_OK ){
+          sqlite3SystemError(db, rc);
           p->rc = rc;
           sqlite3RollbackAll(db, SQLITE_OK);
           p->nChange = 0;
@@ -86460,7 +87613,7 @@ static void sqlite3VdbeClearObject(sqlite3 *db, Vdbe *p){
   assert( db!=0 );
   assert( p->db==0 || p->db==db );
   if( p->aColName ){
-    releaseMemArray(p->aColName, p->nResColumn*COLNAME_N);
+    releaseMemArray(p->aColName, p->nResAlloc*COLNAME_N);
     sqlite3DbNNFreeNN(db, p->aColName);
   }
   for(pSub=p->pProgram; pSub; pSub=pNext){
@@ -87060,6 +88213,15 @@ static int vdbeRecordCompareDebug(
     if( d1+(u64)serial_type1+2>(u64)nKey1
      && d1+(u64)sqlite3VdbeSerialTypeLen(serial_type1)>(u64)nKey1
     ){
+      if( serial_type1>=1
+       && serial_type1<=7
+       && d1+(u64)sqlite3VdbeSerialTypeLen(serial_type1)<=(u64)nKey1+8
+       && CORRUPT_DB
+      ){
+        return 1;  /* corrupt record not detected by
+                   ** sqlite3VdbeRecordCompareWithSkip().  Return true
+                   ** to avoid firing the assert() */
+      }
       break;
     }
 
@@ -87228,20 +88390,33 @@ SQLITE_PRIVATE SQLITE_NOINLINE int sqlite3BlobCompare(const Mem *pB1, const Mem
   return n1 - n2;
 }
 
+/* The following two functions are used only within testcase() to prove
+** test coverage.  These functions do no exist for production builds.
+** We must use separate SQLITE_NOINLINE functions here, since otherwise
+** optimizer code movement causes gcov to become very confused.
+*/
+#if  defined(SQLITE_COVERAGE_TEST) || defined(SQLITE_DEBUG)
+static int SQLITE_NOINLINE doubleLt(double a, double b){ return a8 ){
+  if( sqlite3IsNaN(r) ){
+    /* SQLite considers NaN to be a NULL. And all integer values are greater
+    ** than NULL */
+    return 1;
+  }
+  if( sqlite3Config.bUseLongDouble ){
     LONGDOUBLE_TYPE x = (LONGDOUBLE_TYPE)i;
     testcase( xr );
     testcase( x==r );
-    if( xr ) return +1;  /*NO_TEST*/ /* work around bugs in gcov */
-    return 0;             /*NO_TEST*/ /* work around bugs in gcov */
+    return (xr);
   }else{
     i64 y;
     double s;
@@ -87251,9 +88426,10 @@ SQLITE_PRIVATE int sqlite3IntFloatCompare(i64 i, double r){
     if( iy ) return +1;
     s = (double)i;
-    if( sr ) return +1;
-    return 0;
+    testcase( doubleLt(s,r) );
+    testcase( doubleLt(r,s) );
+    testcase( doubleEq(r,s) );
+    return (sr);
   }
 }
 
@@ -87503,7 +88679,7 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
         /* Serial types 12 or greater are strings and blobs (greater than
         ** numbers). Types 10 and 11 are currently "reserved for future
         ** use", so it doesn't really matter what the results of comparing
-        ** them to numberic values are.  */
+        ** them to numeric values are.  */
         rc = serial_type==10 ? -1 : +1;
       }else if( serial_type==0 ){
         rc = -1;
@@ -88621,7 +89797,7 @@ SQLITE_API void sqlite3_value_free(sqlite3_value *pOld){
 ** is too big or if an OOM occurs.
 **
 ** The invokeValueDestructor(P,X) routine invokes destructor function X()
-** on value P is not going to be used and need to be destroyed.
+** on value P if P is not going to be used and need to be destroyed.
 */
 static void setResultStrOrError(
   sqlite3_context *pCtx,  /* Function context */
@@ -88651,7 +89827,7 @@ static void setResultStrOrError(
 static int invokeValueDestructor(
   const void *p,             /* Value to destroy */
   void (*xDel)(void*),       /* The destructor */
-  sqlite3_context *pCtx      /* Set a SQLITE_TOOBIG error if no NULL */
+  sqlite3_context *pCtx      /* Set a SQLITE_TOOBIG error if not NULL */
 ){
   assert( xDel!=SQLITE_DYNAMIC );
   if( xDel==0 ){
@@ -88661,7 +89837,14 @@ static int invokeValueDestructor(
   }else{
     xDel((void*)p);
   }
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx!=0 ){
+    sqlite3_result_error_toobig(pCtx);
+  }
+#else
+  assert( pCtx!=0 );
   sqlite3_result_error_toobig(pCtx);
+#endif
   return SQLITE_TOOBIG;
 }
 SQLITE_API void sqlite3_result_blob(
@@ -88670,6 +89853,12 @@ SQLITE_API void sqlite3_result_blob(
   int n,
   void (*xDel)(void *)
 ){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 || n<0 ){
+    invokeValueDestructor(z, xDel, pCtx);
+    return;
+  }
+#endif
   assert( n>=0 );
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   setResultStrOrError(pCtx, z, n, 0, xDel);
@@ -88680,8 +89869,14 @@ SQLITE_API void sqlite3_result_blob64(
   sqlite3_uint64 n,
   void (*xDel)(void *)
 ){
-  assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   assert( xDel!=SQLITE_DYNAMIC );
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ){
+    invokeValueDestructor(z, xDel, 0);
+    return;
+  }
+#endif
+  assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   if( n>0x7fffffff ){
     (void)invokeValueDestructor(z, xDel, pCtx);
   }else{
@@ -88689,30 +89884,48 @@ SQLITE_API void sqlite3_result_blob64(
   }
 }
 SQLITE_API void sqlite3_result_double(sqlite3_context *pCtx, double rVal){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   sqlite3VdbeMemSetDouble(pCtx->pOut, rVal);
 }
 SQLITE_API void sqlite3_result_error(sqlite3_context *pCtx, const char *z, int n){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   pCtx->isError = SQLITE_ERROR;
   sqlite3VdbeMemSetStr(pCtx->pOut, z, n, SQLITE_UTF8, SQLITE_TRANSIENT);
 }
 #ifndef SQLITE_OMIT_UTF16
 SQLITE_API void sqlite3_result_error16(sqlite3_context *pCtx, const void *z, int n){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   pCtx->isError = SQLITE_ERROR;
   sqlite3VdbeMemSetStr(pCtx->pOut, z, n, SQLITE_UTF16NATIVE, SQLITE_TRANSIENT);
 }
 #endif
 SQLITE_API void sqlite3_result_int(sqlite3_context *pCtx, int iVal){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   sqlite3VdbeMemSetInt64(pCtx->pOut, (i64)iVal);
 }
 SQLITE_API void sqlite3_result_int64(sqlite3_context *pCtx, i64 iVal){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   sqlite3VdbeMemSetInt64(pCtx->pOut, iVal);
 }
 SQLITE_API void sqlite3_result_null(sqlite3_context *pCtx){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   sqlite3VdbeMemSetNull(pCtx->pOut);
 }
@@ -88722,14 +89935,25 @@ SQLITE_API void sqlite3_result_pointer(
   const char *zPType,
   void (*xDestructor)(void*)
 ){
-  Mem *pOut = pCtx->pOut;
+  Mem *pOut;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ){
+    invokeValueDestructor(pPtr, xDestructor, 0);
+    return;
+  }
+#endif
+  pOut = pCtx->pOut;
   assert( sqlite3_mutex_held(pOut->db->mutex) );
   sqlite3VdbeMemRelease(pOut);
   pOut->flags = MEM_Null;
   sqlite3VdbeMemSetPointer(pOut, pPtr, zPType, xDestructor);
 }
 SQLITE_API void sqlite3_result_subtype(sqlite3_context *pCtx, unsigned int eSubtype){
-  Mem *pOut = pCtx->pOut;
+  Mem *pOut;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
+  pOut = pCtx->pOut;
   assert( sqlite3_mutex_held(pOut->db->mutex) );
   pOut->eSubtype = eSubtype & 0xff;
   pOut->flags |= MEM_Subtype;
@@ -88740,6 +89964,12 @@ SQLITE_API void sqlite3_result_text(
   int n,
   void (*xDel)(void *)
 ){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ){
+    invokeValueDestructor(z, xDel, 0);
+    return;
+  }
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   setResultStrOrError(pCtx, z, n, SQLITE_UTF8, xDel);
 }
@@ -88750,6 +89980,12 @@ SQLITE_API void sqlite3_result_text64(
   void (*xDel)(void *),
   unsigned char enc
 ){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ){
+    invokeValueDestructor(z, xDel, 0);
+    return;
+  }
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   assert( xDel!=SQLITE_DYNAMIC );
   if( enc!=SQLITE_UTF8 ){
@@ -88760,6 +89996,7 @@ SQLITE_API void sqlite3_result_text64(
     (void)invokeValueDestructor(z, xDel, pCtx);
   }else{
     setResultStrOrError(pCtx, z, (int)n, enc, xDel);
+    sqlite3VdbeMemZeroTerminateIfAble(pCtx->pOut);
   }
 }
 #ifndef SQLITE_OMIT_UTF16
@@ -88792,7 +90029,16 @@ SQLITE_API void sqlite3_result_text16le(
 }
 #endif /* SQLITE_OMIT_UTF16 */
 SQLITE_API void sqlite3_result_value(sqlite3_context *pCtx, sqlite3_value *pValue){
-  Mem *pOut = pCtx->pOut;
+  Mem *pOut;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+  if( pValue==0 ){
+    sqlite3_result_null(pCtx);
+    return;
+  }
+#endif
+  pOut = pCtx->pOut;
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   sqlite3VdbeMemCopy(pOut, pValue);
   sqlite3VdbeChangeEncoding(pOut, pCtx->enc);
@@ -88804,7 +90050,12 @@ SQLITE_API void sqlite3_result_zeroblob(sqlite3_context *pCtx, int n){
   sqlite3_result_zeroblob64(pCtx, n>0 ? n : 0);
 }
 SQLITE_API int sqlite3_result_zeroblob64(sqlite3_context *pCtx, u64 n){
-  Mem *pOut = pCtx->pOut;
+  Mem *pOut;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+  pOut = pCtx->pOut;
   assert( sqlite3_mutex_held(pOut->db->mutex) );
   if( n>(u64)pOut->db->aLimit[SQLITE_LIMIT_LENGTH] ){
     sqlite3_result_error_toobig(pCtx);
@@ -88818,6 +90069,9 @@ SQLITE_API int sqlite3_result_zeroblob64(sqlite3_context *pCtx, u64 n){
 #endif
 }
 SQLITE_API void sqlite3_result_error_code(sqlite3_context *pCtx, int errCode){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
   pCtx->isError = errCode ? errCode : -1;
 #ifdef SQLITE_DEBUG
   if( pCtx->pVdbe ) pCtx->pVdbe->rcApp = errCode;
@@ -88830,6 +90084,9 @@ SQLITE_API void sqlite3_result_error_code(sqlite3_context *pCtx, int errCode){
 
 /* Force an SQLITE_TOOBIG error. */
 SQLITE_API void sqlite3_result_error_toobig(sqlite3_context *pCtx){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   pCtx->isError = SQLITE_TOOBIG;
   sqlite3VdbeMemSetStr(pCtx->pOut, "string or blob too big", -1,
@@ -88838,6 +90095,9 @@ SQLITE_API void sqlite3_result_error_toobig(sqlite3_context *pCtx){
 
 /* An SQLITE_NOMEM error. */
 SQLITE_API void sqlite3_result_error_nomem(sqlite3_context *pCtx){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
   sqlite3VdbeMemSetNull(pCtx->pOut);
   pCtx->isError = SQLITE_NOMEM_BKPT;
@@ -89090,7 +90350,11 @@ SQLITE_API int sqlite3_step(sqlite3_stmt *pStmt){
 ** pointer to it.
 */
 SQLITE_API void *sqlite3_user_data(sqlite3_context *p){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( p==0 ) return 0;
+#else
   assert( p && p->pFunc );
+#endif
   return p->pFunc->pUserData;
 }
 
@@ -89105,7 +90369,11 @@ SQLITE_API void *sqlite3_user_data(sqlite3_context *p){
 ** application defined function.
 */
 SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context *p){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( p==0 ) return 0;
+#else
   assert( p && p->pOut );
+#endif
   return p->pOut->db;
 }
 
@@ -89124,7 +90392,11 @@ SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context *p){
 ** value, as a signal to the xUpdate routine that the column is unchanged.
 */
 SQLITE_API int sqlite3_vtab_nochange(sqlite3_context *p){
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( p==0 ) return 0;
+#else
   assert( p );
+#endif
   return sqlite3_value_nochange(p->pOut);
 }
 
@@ -89132,7 +90404,7 @@ SQLITE_API int sqlite3_vtab_nochange(sqlite3_context *p){
 ** The destructor function for a ValueList object.  This needs to be
 ** a separate function, unknowable to the application, to ensure that
 ** calls to sqlite3_vtab_in_first()/sqlite3_vtab_in_next() that are not
-** preceeded by activation of IN processing via sqlite3_vtab_int() do not
+** preceded by activation of IN processing via sqlite3_vtab_int() do not
 ** try to access a fake ValueList object inserted by a hostile extension.
 */
 SQLITE_PRIVATE void sqlite3VdbeValueListFree(void *pToDelete){
@@ -89152,7 +90424,7 @@ static int valueFromValueList(
   ValueList *pRhs;
 
   *ppOut = 0;
-  if( pVal==0 ) return SQLITE_MISUSE;
+  if( pVal==0 ) return SQLITE_MISUSE_BKPT;
   if( (pVal->flags & MEM_Dyn)==0 || pVal->xDel!=sqlite3VdbeValueListFree ){
     return SQLITE_ERROR;
   }else{
@@ -89283,6 +90555,9 @@ SQLITE_API void *sqlite3_aggregate_context(sqlite3_context *p, int nByte){
 SQLITE_API void *sqlite3_get_auxdata(sqlite3_context *pCtx, int iArg){
   AuxData *pAuxData;
 
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return 0;
+#endif
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
 #if SQLITE_ENABLE_STAT4
   if( pCtx->pVdbe==0 ) return 0;
@@ -89315,8 +90590,12 @@ SQLITE_API void sqlite3_set_auxdata(
   void (*xDelete)(void*)
 ){
   AuxData *pAuxData;
-  Vdbe *pVdbe = pCtx->pVdbe;
+  Vdbe *pVdbe;
 
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pCtx==0 ) return;
+#endif
+  pVdbe= pCtx->pVdbe;
   assert( sqlite3_mutex_held(pCtx->pOut->db->mutex) );
 #ifdef SQLITE_ENABLE_STAT4
   if( pVdbe==0 ) goto failed;
@@ -89372,7 +90651,8 @@ SQLITE_API int sqlite3_aggregate_count(sqlite3_context *p){
 */
 SQLITE_API int sqlite3_column_count(sqlite3_stmt *pStmt){
   Vdbe *pVm = (Vdbe *)pStmt;
-  return pVm ? pVm->nResColumn : 0;
+  if( pVm==0 ) return 0;
+  return pVm->nResColumn;
 }
 
 /*
@@ -89461,7 +90741,7 @@ static Mem *columnMem(sqlite3_stmt *pStmt, int i){
 **     sqlite3_column_real()
 **     sqlite3_column_bytes()
 **     sqlite3_column_bytes16()
-**     sqiite3_column_blob()
+**     sqlite3_column_blob()
 */
 static void columnMallocFailure(sqlite3_stmt *pStmt)
 {
@@ -89545,6 +90825,32 @@ SQLITE_API int sqlite3_column_type(sqlite3_stmt *pStmt, int i){
   return iType;
 }
 
+/*
+** Column names appropriate for EXPLAIN or EXPLAIN QUERY PLAN.
+*/
+static const char * const azExplainColNames8[] = {
+   "addr", "opcode", "p1", "p2", "p3", "p4", "p5", "comment",  /* EXPLAIN */
+   "id", "parent", "notused", "detail"                         /* EQP */
+};
+static const u16 azExplainColNames16data[] = {
+  /*   0 */  'a', 'd', 'd', 'r',                0,
+  /*   5 */  'o', 'p', 'c', 'o', 'd', 'e',      0,
+  /*  12 */  'p', '1',                          0,
+  /*  15 */  'p', '2',                          0,
+  /*  18 */  'p', '3',                          0,
+  /*  21 */  'p', '4',                          0,
+  /*  24 */  'p', '5',                          0,
+  /*  27 */  'c', 'o', 'm', 'm', 'e', 'n', 't', 0,
+  /*  35 */  'i', 'd',                          0,
+  /*  38 */  'p', 'a', 'r', 'e', 'n', 't',      0,
+  /*  45 */  'n', 'o', 't', 'u', 's', 'e', 'd', 0,
+  /*  53 */  'd', 'e', 't', 'a', 'i', 'l',      0
+};
+static const u8 iExplainColNames16[] = {
+  0, 5, 12, 15, 18, 21, 24, 27,
+  35, 38, 45, 53
+};
+
 /*
 ** Convert the N-th element of pStmt->pColName[] into a string using
 ** xFunc() then return that string.  If N is out of range, return 0.
@@ -89577,15 +90883,29 @@ static const void *columnName(
     return 0;
   }
 #endif
+  if( N<0 ) return 0;
   ret = 0;
   p = (Vdbe *)pStmt;
   db = p->db;
   assert( db!=0 );
-  n = sqlite3_column_count(pStmt);
-  if( N=0 ){
+  sqlite3_mutex_enter(db->mutex);
+
+  if( p->explain ){
+    if( useType>0 ) goto columnName_end;
+    n = p->explain==1 ? 8 : 4;
+    if( N>=n ) goto columnName_end;
+    if( useUtf16 ){
+      int i = iExplainColNames16[N + 8*p->explain - 8];
+      ret = (void*)&azExplainColNames16data[i];
+    }else{
+      ret = (void*)azExplainColNames8[N + 8*p->explain - 8];
+    }
+    goto columnName_end;
+  }
+  n = p->nResColumn;
+  if( NmallocFailed;
     N += useType*n;
-    sqlite3_mutex_enter(db->mutex);
 #ifndef SQLITE_OMIT_UTF16
     if( useUtf16 ){
       ret = sqlite3_value_text16((sqlite3_value*)&p->aColName[N]);
@@ -89602,8 +90922,9 @@ static const void *columnName(
       sqlite3OomClear(db);
       ret = 0;
     }
-    sqlite3_mutex_leave(db->mutex);
   }
+columnName_end:
+  sqlite3_mutex_leave(db->mutex);
   return ret;
 }
 
@@ -89696,7 +91017,7 @@ SQLITE_API const void *sqlite3_column_origin_name16(sqlite3_stmt *pStmt, int N){
 /*
 ** Unbind the value bound to variable i in virtual machine p. This is the
 ** the same as binding a NULL value to the column. If the "i" parameter is
-** out of range, then SQLITE_RANGE is returned. Othewise SQLITE_OK.
+** out of range, then SQLITE_RANGE is returned. Otherwise SQLITE_OK.
 **
 ** A successful evaluation of this routine acquires the mutex on p.
 ** the mutex is released if any kind of error occurs.
@@ -89711,7 +91032,7 @@ static int vdbeUnbind(Vdbe *p, unsigned int i){
   }
   sqlite3_mutex_enter(p->db->mutex);
   if( p->eVdbeState!=VDBE_READY_STATE ){
-    sqlite3Error(p->db, SQLITE_MISUSE);
+    sqlite3Error(p->db, SQLITE_MISUSE_BKPT);
     sqlite3_mutex_leave(p->db->mutex);
     sqlite3_log(SQLITE_MISUSE,
         "bind on a busy prepared statement: [%s]", p->zSql);
@@ -89940,6 +91261,9 @@ SQLITE_API int sqlite3_bind_zeroblob(sqlite3_stmt *pStmt, int i, int n){
 SQLITE_API int sqlite3_bind_zeroblob64(sqlite3_stmt *pStmt, int i, sqlite3_uint64 n){
   int rc;
   Vdbe *p = (Vdbe *)pStmt;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( p==0 ) return SQLITE_MISUSE_BKPT;
+#endif
   sqlite3_mutex_enter(p->db->mutex);
   if( n>(u64)p->db->aLimit[SQLITE_LIMIT_LENGTH] ){
     rc = SQLITE_TOOBIG;
@@ -90060,6 +91384,42 @@ SQLITE_API int sqlite3_stmt_isexplain(sqlite3_stmt *pStmt){
   return pStmt ? ((Vdbe*)pStmt)->explain : 0;
 }
 
+/*
+** Set the explain mode for a statement.
+*/
+SQLITE_API int sqlite3_stmt_explain(sqlite3_stmt *pStmt, int eMode){
+  Vdbe *v = (Vdbe*)pStmt;
+  int rc;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pStmt==0 ) return SQLITE_MISUSE_BKPT;
+#endif
+  sqlite3_mutex_enter(v->db->mutex);
+  if( ((int)v->explain)==eMode ){
+    rc = SQLITE_OK;
+  }else if( eMode<0 || eMode>2 ){
+    rc = SQLITE_ERROR;
+  }else if( (v->prepFlags & SQLITE_PREPARE_SAVESQL)==0 ){
+    rc = SQLITE_ERROR;
+  }else if( v->eVdbeState!=VDBE_READY_STATE ){
+    rc = SQLITE_BUSY;
+  }else if( v->nMem>=10 && (eMode!=2 || v->haveEqpOps) ){
+    /* No reprepare necessary */
+    v->explain = eMode;
+    rc = SQLITE_OK;
+  }else{
+    v->explain = eMode;
+    rc = sqlite3Reprepare(v);
+    v->haveEqpOps = eMode==2;
+  }
+  if( v->explain ){
+    v->nResColumn = 12 - 4*v->explain;
+  }else{
+    v->nResColumn = v->nResAlloc;
+  }
+  sqlite3_mutex_leave(v->db->mutex);
+  return rc;
+}
+
 /*
 ** Return true if the prepared statement is in need of being reset.
 */
@@ -90199,10 +91559,16 @@ static UnpackedRecord *vdbeUnpackRecord(
 ** a field of the row currently being updated or deleted.
 */
 SQLITE_API int sqlite3_preupdate_old(sqlite3 *db, int iIdx, sqlite3_value **ppValue){
-  PreUpdate *p = db->pPreUpdate;
+  PreUpdate *p;
   Mem *pMem;
   int rc = SQLITE_OK;
 
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( db==0 || ppValue==0 ){
+    return SQLITE_MISUSE_BKPT;
+  }
+#endif
+  p = db->pPreUpdate;
   /* Test that this call is being made from within an SQLITE_DELETE or
   ** SQLITE_UPDATE pre-update callback, and that iIdx is within range. */
   if( !p || p->op==SQLITE_INSERT ){
@@ -90263,7 +91629,12 @@ SQLITE_API int sqlite3_preupdate_old(sqlite3 *db, int iIdx, sqlite3_value **ppVa
 ** the number of columns in the row being updated, deleted or inserted.
 */
 SQLITE_API int sqlite3_preupdate_count(sqlite3 *db){
-  PreUpdate *p = db->pPreUpdate;
+  PreUpdate *p;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  p = db!=0 ? db->pPreUpdate : 0;
+#else
+  p = db->pPreUpdate;
+#endif
   return (p ? p->keyinfo.nKeyField : 0);
 }
 #endif /* SQLITE_ENABLE_PREUPDATE_HOOK */
@@ -90281,7 +91652,12 @@ SQLITE_API int sqlite3_preupdate_count(sqlite3 *db){
 ** or SET DEFAULT action is considered a trigger.
 */
 SQLITE_API int sqlite3_preupdate_depth(sqlite3 *db){
-  PreUpdate *p = db->pPreUpdate;
+  PreUpdate *p;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  p = db!=0 ? db->pPreUpdate : 0;
+#else
+  p = db->pPreUpdate;
+#endif
   return (p ? p->v->nFrame : 0);
 }
 #endif /* SQLITE_ENABLE_PREUPDATE_HOOK */
@@ -90292,7 +91668,12 @@ SQLITE_API int sqlite3_preupdate_depth(sqlite3 *db){
 ** only.
 */
 SQLITE_API int sqlite3_preupdate_blobwrite(sqlite3 *db){
-  PreUpdate *p = db->pPreUpdate;
+  PreUpdate *p;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  p = db!=0 ? db->pPreUpdate : 0;
+#else
+  p = db->pPreUpdate;
+#endif
   return (p ? p->iBlobWrite : -1);
 }
 #endif
@@ -90303,10 +91684,16 @@ SQLITE_API int sqlite3_preupdate_blobwrite(sqlite3 *db){
 ** a field of the row currently being updated or inserted.
 */
 SQLITE_API int sqlite3_preupdate_new(sqlite3 *db, int iIdx, sqlite3_value **ppValue){
-  PreUpdate *p = db->pPreUpdate;
+  PreUpdate *p;
   int rc = SQLITE_OK;
   Mem *pMem;
 
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( db==0 || ppValue==0 ){
+    return SQLITE_MISUSE_BKPT;
+  }
+#endif
+  p = db->pPreUpdate;
   if( !p || p->op==SQLITE_DELETE ){
     rc = SQLITE_MISUSE_BKPT;
     goto preupdate_new_out;
@@ -90385,11 +91772,20 @@ SQLITE_API int sqlite3_stmt_scanstatus_v2(
   void *pOut                      /* OUT: Write the answer here */
 ){
   Vdbe *p = (Vdbe*)pStmt;
-  VdbeOp *aOp = p->aOp;
-  int nOp = p->nOp;
+  VdbeOp *aOp;
+  int nOp;
   ScanStatus *pScan = 0;
   int idx;
 
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( p==0 || pOut==0
+      || iScanStatusOpSQLITE_SCANSTAT_NCYCLE ){
+    return 1;
+  }
+#endif
+  aOp = p->aOp;
+  nOp = p->nOp;
   if( p->pFrame ){
     VdbeFrame *pFrame;
     for(pFrame=p->pFrame; pFrame->pParent; pFrame=pFrame->pParent);
@@ -90536,7 +91932,7 @@ SQLITE_API int sqlite3_stmt_scanstatus(
 SQLITE_API void sqlite3_stmt_scanstatus_reset(sqlite3_stmt *pStmt){
   Vdbe *p = (Vdbe*)pStmt;
   int ii;
-  for(ii=0; iinOp; ii++){
+  for(ii=0; p!=0 && iinOp; ii++){
     Op *pOp = &p->aOp[ii];
     pOp->nExec = 0;
     pOp->nCycle = 0;
@@ -91299,6 +92695,9 @@ SQLITE_PRIVATE void sqlite3VdbeMemPrettyPrint(Mem *pMem, StrAccum *pStr){
       sqlite3_str_appendchar(pStr, 1, (c>=0x20&&c<=0x7f) ? c : '.');
     }
     sqlite3_str_appendf(pStr, "]%s", encnames[pMem->enc]);
+    if( f & MEM_Term ){
+      sqlite3_str_appendf(pStr, "(0-term)");
+    }
   }
 }
 #endif
@@ -91435,6 +92834,93 @@ static u64 filterHash(const Mem *aMem, const Op *pOp){
   return h;
 }
 
+
+/*
+** For OP_Column, factor out the case where content is loaded from
+** overflow pages, so that the code to implement this case is separate
+** the common case where all content fits on the page.  Factoring out
+** the code reduces register pressure and helps the common case
+** to run faster.
+*/
+static SQLITE_NOINLINE int vdbeColumnFromOverflow(
+  VdbeCursor *pC,       /* The BTree cursor from which we are reading */
+  int iCol,             /* The column to read */
+  int t,                /* The serial-type code for the column value */
+  i64 iOffset,          /* Offset to the start of the content value */
+  u32 cacheStatus,      /* Current Vdbe.cacheCtr value */
+  u32 colCacheCtr,      /* Current value of the column cache counter */
+  Mem *pDest            /* Store the value into this register. */
+){
+  int rc;
+  sqlite3 *db = pDest->db;
+  int encoding = pDest->enc;
+  int len = sqlite3VdbeSerialTypeLen(t);
+  assert( pC->eCurType==CURTYPE_BTREE );
+  if( len>db->aLimit[SQLITE_LIMIT_LENGTH] ) return SQLITE_TOOBIG;
+  if( len > 4000 && pC->pKeyInfo==0 ){
+    /* Cache large column values that are on overflow pages using
+    ** an RCStr (reference counted string) so that if they are reloaded,
+    ** that do not have to be copied a second time.  The overhead of
+    ** creating and managing the cache is such that this is only
+    ** profitable for larger TEXT and BLOB values.
+    **
+    ** Only do this on table-btrees so that writes to index-btrees do not
+    ** need to clear the cache.  This buys performance in the common case
+    ** in exchange for generality.
+    */
+    VdbeTxtBlbCache *pCache;
+    char *pBuf;
+    if( pC->colCache==0 ){
+      pC->pCache = sqlite3DbMallocZero(db, sizeof(VdbeTxtBlbCache) );
+      if( pC->pCache==0 ) return SQLITE_NOMEM;
+      pC->colCache = 1;
+    }
+    pCache = pC->pCache;
+    if( pCache->pCValue==0
+     || pCache->iCol!=iCol
+     || pCache->cacheStatus!=cacheStatus
+     || pCache->colCacheCtr!=colCacheCtr
+     || pCache->iOffset!=sqlite3BtreeOffset(pC->uc.pCursor)
+    ){
+      if( pCache->pCValue ) sqlite3RCStrUnref(pCache->pCValue);
+      pBuf = pCache->pCValue = sqlite3RCStrNew( len+3 );
+      if( pBuf==0 ) return SQLITE_NOMEM;
+      rc = sqlite3BtreePayload(pC->uc.pCursor, iOffset, len, pBuf);
+      if( rc ) return rc;
+      pBuf[len] = 0;
+      pBuf[len+1] = 0;
+      pBuf[len+2] = 0;
+      pCache->iCol = iCol;
+      pCache->cacheStatus = cacheStatus;
+      pCache->colCacheCtr = colCacheCtr;
+      pCache->iOffset = sqlite3BtreeOffset(pC->uc.pCursor);
+    }else{
+      pBuf = pCache->pCValue;
+    }
+    assert( t>=12 );
+    sqlite3RCStrRef(pBuf);
+    if( t&1 ){
+      rc = sqlite3VdbeMemSetStr(pDest, pBuf, len, encoding,
+                                sqlite3RCStrUnref);
+      pDest->flags |= MEM_Term;
+    }else{
+      rc = sqlite3VdbeMemSetStr(pDest, pBuf, len, 0,
+                                sqlite3RCStrUnref);
+    }
+  }else{
+    rc = sqlite3VdbeMemFromBtree(pC->uc.pCursor, iOffset, len, pDest);
+    if( rc ) return rc;
+    sqlite3VdbeSerialGet((const u8*)pDest->z, t, pDest);
+    if( (t&1)!=0 && encoding==SQLITE_UTF8 ){
+      pDest->z[len] = 0;
+      pDest->flags |= MEM_Term;
+    }
+  }
+  pDest->flags &= ~MEM_Ephem;
+  return rc;
+}
+
+
 /*
 ** Return the symbolic name for the data type of a pMem
 */
@@ -91477,6 +92963,7 @@ SQLITE_PRIVATE int sqlite3VdbeExec(
   Mem *pIn2 = 0;             /* 2nd input operand */
   Mem *pIn3 = 0;             /* 3rd input operand */
   Mem *pOut = 0;             /* Output operand */
+  u32 colCacheCtr = 0;       /* Column cache counter */
 #if defined(SQLITE_ENABLE_STMT_SCANSTATUS) || defined(VDBE_PROFILE)
   u64 *pnCycle = 0;
   int bStmtScanStatus = IS_STMT_SCANSTATUS(db)!=0;
@@ -91672,8 +93159,8 @@ SQLITE_PRIVATE int sqlite3VdbeExec(
 case OP_Goto: {             /* jump */
 
 #ifdef SQLITE_DEBUG
-  /* In debuggging mode, when the p5 flags is set on an OP_Goto, that
-  ** means we should really jump back to the preceeding OP_ReleaseReg
+  /* In debugging mode, when the p5 flags is set on an OP_Goto, that
+  ** means we should really jump back to the preceding OP_ReleaseReg
   ** instruction. */
   if( pOp->p5 ){
     assert( pOp->p2 < (int)(pOp - aOp) );
@@ -91881,7 +93368,7 @@ case OP_HaltIfNull: {      /* in3 */
 ** P5 is a value between 0 and 4, inclusive, that modifies the P4 string.
 **
 **    0:  (no change)
-**    1:  NOT NULL contraint failed: P4
+**    1:  NOT NULL constraint failed: P4
 **    2:  UNIQUE constraint failed: P4
 **    3:  CHECK constraint failed: P4
 **    4:  FOREIGN KEY constraint failed: P4
@@ -93012,10 +94499,10 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
 ** opcodes are allowed to occur between this instruction and the previous
 ** OP_Lt or OP_Gt.
 **
-** If result of an OP_Eq comparison on the same two operands as the
-** prior OP_Lt or OP_Gt would have been true, then jump to P2.
-** If the result of an OP_Eq comparison on the two previous
-** operands would have been false or NULL, then fall through.
+** If the result of an OP_Eq comparison on the same two operands as
+** the prior OP_Lt or OP_Gt would have been true, then jump to P2.  If
+** the result of an OP_Eq comparison on the two previous operands
+** would have been false or NULL, then fall through.
 */
 case OP_ElseEq: {       /* same as TK_ESCAPE, jump */
 
@@ -93445,7 +94932,7 @@ case OP_IsType: {        /* jump */
 /* Opcode: ZeroOrNull P1 P2 P3 * *
 ** Synopsis: r[P2] = 0 OR NULL
 **
-** If all both registers P1 and P3 are NOT NULL, then store a zero in
+** If both registers P1 and P3 are NOT NULL, then store a zero in
 ** register P2.  If either registers P1 or P3 are NULL then put
 ** a NULL in register P2.
 */
@@ -93799,11 +95286,16 @@ case OP_Column: {            /* ncycle */
       pDest->flags = aFlag[t&1];
     }
   }else{
+    u8 p5;
     pDest->enc = encoding;
+    assert( pDest->db==db );
     /* This branch happens only when content is on overflow pages */
-    if( ((pOp->p5 & (OPFLAG_LENGTHARG|OPFLAG_TYPEOFARG))!=0
-          && ((t>=12 && (t&1)==0) || (pOp->p5 & OPFLAG_TYPEOFARG)!=0))
-     || (len = sqlite3VdbeSerialTypeLen(t))==0
+    if( ((p5 = (pOp->p5 & OPFLAG_BYTELENARG))!=0
+          && (p5==OPFLAG_TYPEOFARG
+              || (t>=12 && ((t&1)==0 || p5==OPFLAG_BYTELENARG))
+             )
+        )
+     || sqlite3VdbeSerialTypeLen(t)==0
     ){
       /* Content is irrelevant for
       **    1. the typeof() function,
@@ -93820,11 +95312,13 @@ case OP_Column: {            /* ncycle */
       */
       sqlite3VdbeSerialGet((u8*)sqlite3CtypeMap, t, pDest);
     }else{
-      if( len>db->aLimit[SQLITE_LIMIT_LENGTH] ) goto too_big;
-      rc = sqlite3VdbeMemFromBtree(pC->uc.pCursor, aOffset[p2], len, pDest);
-      if( rc!=SQLITE_OK ) goto abort_due_to_error;
-      sqlite3VdbeSerialGet((const u8*)pDest->z, t, pDest);
-      pDest->flags &= ~MEM_Ephem;
+      rc = vdbeColumnFromOverflow(pC, p2, t, aOffset[p2],
+                p->cacheCtr, colCacheCtr, pDest);
+      if( rc ){
+        if( rc==SQLITE_NOMEM ) goto no_mem;
+        if( rc==SQLITE_TOOBIG ) goto too_big;
+        goto abort_due_to_error;
+      }
     }
   }
 
@@ -94286,7 +95780,6 @@ case OP_MakeRecord: {
         /* NULL value.  No change in zPayload */
       }else{
         u64 v;
-        u32 i;
         if( serial_type==7 ){
           assert( sizeof(v)==sizeof(pRec->u.r) );
           memcpy(&v, &pRec->u.r, sizeof(v));
@@ -94294,12 +95787,17 @@ case OP_MakeRecord: {
         }else{
           v = pRec->u.i;
         }
-        len = i = sqlite3SmallTypeSizes[serial_type];
-        assert( i>0 );
-        while( 1 /*exit-by-break*/ ){
-          zPayload[--i] = (u8)(v&0xFF);
-          if( i==0 ) break;
-          v >>= 8;
+        len = sqlite3SmallTypeSizes[serial_type];
+        assert( len>=1 && len<=8 && len!=5 && len!=7 );
+        switch( len ){
+          default: zPayload[7] = (u8)(v&0xff); v >>= 8;
+                   zPayload[6] = (u8)(v&0xff); v >>= 8;
+          case 6:  zPayload[5] = (u8)(v&0xff); v >>= 8;
+                   zPayload[4] = (u8)(v&0xff); v >>= 8;
+          case 4:  zPayload[3] = (u8)(v&0xff); v >>= 8;
+          case 3:  zPayload[2] = (u8)(v&0xff); v >>= 8;
+          case 2:  zPayload[1] = (u8)(v&0xff); v >>= 8;
+          case 1:  zPayload[0] = (u8)(v&0xff);
         }
         zPayload += len;
       }
@@ -95108,7 +96606,7 @@ case OP_OpenEphemeral: {     /* ncycle */
   }
   pCx = p->apCsr[pOp->p1];
   if( pCx && !pCx->noReuse &&  ALWAYS(pOp->p2<=pCx->nField) ){
-    /* If the ephermeral table is already open and has no duplicates from
+    /* If the ephemeral table is already open and has no duplicates from
     ** OP_OpenDup, then erase all existing content so that the table is
     ** empty again, rather than creating a new table. */
     assert( pCx->isEphemeral );
@@ -95599,7 +97097,7 @@ case OP_SeekGT: {       /* jump, in3, group, ncycle */
 ** row.  If This.P5 is false (0) then a jump is made to SeekGE.P2.  If
 ** This.P5 is true (non-zero) then a jump is made to This.P2.  The P5==0
 ** case occurs when there are no inequality constraints to the right of
-** the IN constraing.  The jump to SeekGE.P2 ends the loop.  The P5!=0 case
+** the IN constraint.  The jump to SeekGE.P2 ends the loop.  The P5!=0 case
 ** occurs when there are inequality constraints to the right of the IN
 ** operator.  In that case, the This.P2 will point either directly to or
 ** to setup code prior to the OP_IdxGT or OP_IdxGE opcode that checks for
@@ -95607,7 +97105,7 @@ case OP_SeekGT: {       /* jump, in3, group, ncycle */
 **
 ** Possible outcomes from this opcode:
          
 **
-** 
        1.  If the cursor is initally not pointed to any valid row, then
+** 
        2.  If the cursor is initially not pointed to any valid row, then
 **      fall through into the subsequent OP_SeekGE opcode.
 **
 ** 
        3.  If the cursor is left pointing to a row that is before the target
@@ -95839,13 +97337,13 @@ case OP_IfNotOpen: {        /* jump */
 ** operands to OP_NotFound and OP_IdxGT.
 **
 ** This opcode is an optimization attempt only.  If this opcode always
-** falls through, the correct answer is still obtained, but extra works
+** falls through, the correct answer is still obtained, but extra work
 ** is performed.
 **
 ** A value of N in the seekHit flag of cursor P1 means that there exists
 ** a key P3:N that will match some record in the index.  We want to know
 ** if it is possible for a record P3:P4 to match some record in the
-** index.  If it is not possible, we can skips some work.  So if seekHit
+** index.  If it is not possible, we can skip some work.  So if seekHit
 ** is less than P4, attempt to find out if a match is possible by running
 ** OP_NotFound.
 **
@@ -96357,6 +97855,7 @@ case OP_Insert: {
   );
   pC->deferredMoveto = 0;
   pC->cacheStatus = CACHE_STALE;
+  colCacheCtr++;
 
   /* Invoke the update-hook if required. */
   if( rc ) goto abort_due_to_error;
@@ -96410,13 +97909,18 @@ case OP_RowCell: {
 ** left in an undefined state.
 **
 ** If the OPFLAG_AUXDELETE bit is set on P5, that indicates that this
-** delete one of several associated with deleting a table row and all its
-** associated index entries.  Exactly one of those deletes is the "primary"
-** delete.  The others are all on OPFLAG_FORDELETE cursors or else are
-** marked with the AUXDELETE flag.
+** delete is one of several associated with deleting a table row and
+** all its associated index entries.  Exactly one of those deletes is
+** the "primary" delete.  The others are all on OPFLAG_FORDELETE
+** cursors or else are marked with the AUXDELETE flag.
+**
+** If the OPFLAG_NCHANGE (0x01) flag of P2 (NB: P2 not P5) is set, then
+** the row change count is incremented (otherwise not).
 **
-** If the OPFLAG_NCHANGE flag of P2 (NB: P2 not P5) is set, then the row
-** change count is incremented (otherwise not).
+** If the OPFLAG_ISNOOP (0x40) flag of P2 (not P5!) is set, then the
+** pre-update-hook for deletes is run, but the btree is otherwise unchanged.
+** This happens when the OP_Delete is to be shortly followed by an OP_Insert
+** with the same key, causing the btree entry to be overwritten.
 **
 ** P1 must not be pseudo-table.  It has to be a real table with
 ** multiple rows.
@@ -96517,6 +98021,7 @@ case OP_Delete: {
 
   rc = sqlite3BtreeDelete(pC->uc.pCursor, pOp->p5);
   pC->cacheStatus = CACHE_STALE;
+  colCacheCtr++;
   pC->seekResult = 0;
   if( rc ) goto abort_due_to_error;
 
@@ -96584,13 +98089,13 @@ case OP_SorterCompare: {
 ** Write into register P2 the current sorter data for sorter cursor P1.
 ** Then clear the column header cache on cursor P3.
 **
-** This opcode is normally use to move a record out of the sorter and into
+** This opcode is normally used to move a record out of the sorter and into
 ** a register that is the source for a pseudo-table cursor created using
 ** OpenPseudo.  That pseudo-table cursor is the one that is identified by
 ** parameter P3.  Clearing the P3 column cache as part of this opcode saves
 ** us from having to issue a separate NullRow instruction to clear that cache.
 */
-case OP_SorterData: {
+case OP_SorterData: {       /* ncycle */
   VdbeCursor *pC;
 
   pOut = &aMem[pOp->p2];
@@ -96865,8 +98370,8 @@ case OP_IfSmaller: {        /* jump */
 ** regression tests can determine whether or not the optimizer is
 ** correctly optimizing out sorts.
 */
-case OP_SorterSort:    /* jump */
-case OP_Sort: {        /* jump */
+case OP_SorterSort:    /* jump ncycle */
+case OP_Sort: {        /* jump ncycle */
 #ifdef SQLITE_TEST
   sqlite3_sort_count++;
   sqlite3_search_count--;
@@ -97393,7 +98898,7 @@ case OP_IdxGE:  {       /* jump, ncycle */
 ** file is given by P1.
 **
 ** The table being destroyed is in the main database file if P3==0.  If
-** P3==1 then the table to be clear is in the auxiliary database file
+** P3==1 then the table to be destroyed is in the auxiliary database file
 ** that is used to store tables create using CREATE TEMPORARY TABLE.
 **
 ** If AUTOVACUUM is enabled then it is possible that another root page
@@ -97453,8 +98958,8 @@ case OP_Destroy: {     /* out2 */
 ** in the database file is given by P1.  But, unlike Destroy, do not
 ** remove the table or index from the database file.
 **
-** The table being clear is in the main database file if P2==0.  If
-** P2==1 then the table to be clear is in the auxiliary database file
+** The table being cleared is in the main database file if P2==0.  If
+** P2==1 then the table to be cleared is in the auxiliary database file
 ** that is used to store tables create using CREATE TEMPORARY TABLE.
 **
 ** If the P3 value is non-zero, then the row change count is incremented
@@ -97540,13 +99045,41 @@ case OP_CreateBtree: {          /* out2 */
 /* Opcode: SqlExec * * * P4 *
 **
 ** Run the SQL statement or statements specified in the P4 string.
+** Disable Auth and Trace callbacks while those statements are running if
+** P1 is true.
 */
 case OP_SqlExec: {
+  char *zErr;
+#ifndef SQLITE_OMIT_AUTHORIZATION
+  sqlite3_xauth xAuth;
+#endif
+  u8 mTrace;
+
   sqlite3VdbeIncrWriteCounter(p, 0);
   db->nSqlExec++;
-  rc = sqlite3_exec(db, pOp->p4.z, 0, 0, 0);
+  zErr = 0;
+#ifndef SQLITE_OMIT_AUTHORIZATION
+  xAuth = db->xAuth;
+#endif
+  mTrace = db->mTrace;
+  if( pOp->p1 ){
+#ifndef SQLITE_OMIT_AUTHORIZATION
+    db->xAuth = 0;
+#endif
+    db->mTrace = 0;
+  }
+  rc = sqlite3_exec(db, pOp->p4.z, 0, 0, &zErr);
   db->nSqlExec--;
-  if( rc ) goto abort_due_to_error;
+#ifndef SQLITE_OMIT_AUTHORIZATION
+  db->xAuth = xAuth;
+#endif
+  db->mTrace = mTrace;
+  if( zErr || rc ){
+    sqlite3VdbeError(p, "%s", zErr);
+    sqlite3_free(zErr);
+    if( rc==SQLITE_NOMEM ) goto no_mem;
+    goto abort_due_to_error;
+  }
   break;
 }
 
@@ -98280,7 +99813,7 @@ case OP_AggStep1: {
   /* If this function is inside of a trigger, the register array in aMem[]
   ** might change from one evaluation to the next.  The next block of code
   ** checks to see if the register array has changed, and if so it
-  ** reinitializes the relavant parts of the sqlite3_context object */
+  ** reinitializes the relevant parts of the sqlite3_context object */
   if( pCtx->pMem != pMem ){
     pCtx->pMem = pMem;
     for(i=pCtx->argc-1; i>=0; i--) pCtx->argv[i] = &aMem[pOp->p2+i];
@@ -98767,6 +100300,53 @@ case OP_VOpen: {             /* ncycle */
 }
 #endif /* SQLITE_OMIT_VIRTUALTABLE */
 
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+/* Opcode: VCheck P1 P2 P3 P4 *
+**
+** P4 is a pointer to a Table object that is a virtual table in schema P1
+** that supports the xIntegrity() method.  This opcode runs the xIntegrity()
+** method for that virtual table, using P3 as the integer argument.  If
+** an error is reported back, the table name is prepended to the error
+** message and that message is stored in P2.  If no errors are seen,
+** register P2 is set to NULL.
+*/
+case OP_VCheck: {             /* out2 */
+  Table *pTab;
+  sqlite3_vtab *pVtab;
+  const sqlite3_module *pModule;
+  char *zErr = 0;
+
+  pOut = &aMem[pOp->p2];
+  sqlite3VdbeMemSetNull(pOut);  /* Innocent until proven guilty */
+  assert( pOp->p4type==P4_TABLE );
+  pTab = pOp->p4.pTab;
+  assert( pTab!=0 );
+  assert( IsVirtual(pTab) );
+  assert( pTab->u.vtab.p!=0 );
+  pVtab = pTab->u.vtab.p->pVtab;
+  assert( pVtab!=0 );
+  pModule = pVtab->pModule;
+  assert( pModule!=0 );
+  assert( pModule->iVersion>=4 );
+  assert( pModule->xIntegrity!=0 );
+  pTab->nTabRef++;
+  sqlite3VtabLock(pTab->u.vtab.p);
+  assert( pOp->p1>=0 && pOp->p1nDb );
+  rc = pModule->xIntegrity(pVtab, db->aDb[pOp->p1].zDbSName, pTab->zName,
+                           pOp->p3, &zErr);
+  sqlite3VtabUnlock(pTab->u.vtab.p);
+  sqlite3DeleteTable(db, pTab);
+  if( rc ){
+    sqlite3_free(zErr);
+    goto abort_due_to_error;
+  }
+  if( zErr ){
+    sqlite3VdbeMemSetStr(pOut, zErr, -1, SQLITE_UTF8, sqlite3_free);
+  }
+  break;
+}
+#endif /* SQLITE_OMIT_VIRTUALTABLE */
+
 #ifndef SQLITE_OMIT_VIRTUALTABLE
 /* Opcode: VInitIn P1 P2 P3 * *
 ** Synopsis: r[P2]=ValueList(P1,P3)
@@ -99158,7 +100738,7 @@ case OP_MaxPgcnt: {            /* out2 */
 ** This opcode works exactly like OP_Function.  The only difference is in
 ** its name.  This opcode is used in places where the function must be
 ** purely non-deterministic.  Some built-in date/time functions can be
-** either determinitic of non-deterministic, depending on their arguments.
+** either deterministic of non-deterministic, depending on their arguments.
 ** When those function are used in a non-deterministic way, they will check
 ** to see if they were called using OP_PureFunc instead of OP_Function, and
 ** if they were, they throw an error.
@@ -99176,7 +100756,7 @@ case OP_Function: {            /* group */
   /* If this function is inside of a trigger, the register array in aMem[]
   ** might change from one evaluation to the next.  The next block of code
   ** checks to see if the register array has changed, and if so it
-  ** reinitializes the relavant parts of the sqlite3_context object */
+  ** reinitializes the relevant parts of the sqlite3_context object */
   pOut = &aMem[pOp->p3];
   if( pCtx->pOut != pOut ){
     pCtx->pVdbe = p;
@@ -99252,7 +100832,7 @@ case OP_FilterAdd: {
     printf("hash: %llu modulo %d -> %u\n", h, pIn1->n, (int)(h%pIn1->n));
   }
 #endif
-  h %= pIn1->n;
+  h %= (pIn1->n*8);
   pIn1->z[h/8] |= 1<<(h&7);
   break;
 }
@@ -99288,7 +100868,7 @@ case OP_Filter: {          /* jump */
     printf("hash: %llu modulo %d -> %u\n", h, pIn1->n, (int)(h%pIn1->n));
   }
 #endif
-  h %= pIn1->n;
+  h %= (pIn1->n*8);
   if( (pIn1->z[h/8] & (1<<(h&7)))==0 ){
     VdbeBranchTaken(1, 2);
     p->aCounter[SQLITE_STMTSTATUS_FILTER_HIT]++;
@@ -99540,7 +101120,7 @@ default: {          /* This is really OP_Noop, OP_Explain */
       }
       if( opProperty==0xff ){
         /* Never happens.  This code exists to avoid a harmless linkage
-        ** warning aboud sqlite3VdbeRegisterDump() being defined but not
+        ** warning about sqlite3VdbeRegisterDump() being defined but not
         ** used. */
         sqlite3VdbeRegisterDump(p);
       }
@@ -99713,8 +101293,7 @@ static int blobSeekToRow(Incrblob *p, sqlite3_int64 iRow, char **pzErr){
   /* Set the value of register r[1] in the SQL statement to integer iRow.
   ** This is done directly as a performance optimization
   */
-  v->aMem[1].flags = MEM_Int;
-  v->aMem[1].u.i = iRow;
+  sqlite3VdbeMemSetInt64(&v->aMem[1], iRow);
 
   /* If the statement has been run before (and is paused at the OP_ResultRow)
   ** then back it up to the point where it does the OP_NotExists.  This could
@@ -99797,7 +101376,7 @@ SQLITE_API int sqlite3_blob_open(
 #endif
   *ppBlob = 0;
 #ifdef SQLITE_ENABLE_API_ARMOR
-  if( !sqlite3SafetyCheckOk(db) || zTable==0 ){
+  if( !sqlite3SafetyCheckOk(db) || zTable==0 || zColumn==0 ){
     return SQLITE_MISUSE_BKPT;
   }
 #endif
@@ -100258,7 +101837,7 @@ SQLITE_API int sqlite3_blob_reopen(sqlite3_blob *pBlob, sqlite3_int64 iRow){
 ** The threshold for the amount of main memory to use before flushing
 ** records to a PMA is roughly the same as the limit configured for the
 ** page-cache of the main database. Specifically, the threshold is set to
-** the value returned by "PRAGMA main.page_size" multipled by
+** the value returned by "PRAGMA main.page_size" multiplied by
 ** that returned by "PRAGMA main.cache_size", in bytes.
 **
 ** If the sorter is running in single-threaded mode, then all PMAs generated
@@ -100281,7 +101860,7 @@ SQLITE_API int sqlite3_blob_reopen(sqlite3_blob *pBlob, sqlite3_int64 iRow){
 **
 ** If there are fewer than SORTER_MAX_MERGE_COUNT PMAs in total and the
 ** sorter is running in single-threaded mode, then these PMAs are merged
-** incrementally as keys are retreived from the sorter by the VDBE.  The
+** incrementally as keys are retrieved from the sorter by the VDBE.  The
 ** MergeEngine object, described in further detail below, performs this
 ** merge.
 **
@@ -100359,7 +101938,7 @@ struct SorterFile {
 struct SorterList {
   SorterRecord *pList;            /* Linked list of records */
   u8 *aMemory;                    /* If non-NULL, bulk memory to hold pList */
-  int szPMA;                      /* Size of pList as PMA in bytes */
+  i64 szPMA;                      /* Size of pList as PMA in bytes */
 };
 
 /*
@@ -100444,7 +102023,7 @@ struct MergeEngine {
 **
 ** Essentially, this structure contains all those fields of the VdbeSorter
 ** structure for which each thread requires a separate instance. For example,
-** each thread requries its own UnpackedRecord object to unpack records in
+** each thread requeries its own UnpackedRecord object to unpack records in
 ** as part of comparison operations.
 **
 ** Before a background thread is launched, variable bDone is set to 0. Then,
@@ -100468,10 +102047,10 @@ typedef int (*SorterCompare)(SortSubtask*,int*,const void*,int,const void*,int);
 struct SortSubtask {
   SQLiteThread *pThread;          /* Background thread, if any */
   int bDone;                      /* Set if thread is finished but not joined */
+  int nPMA;                       /* Number of PMAs currently in file */
   VdbeSorter *pSorter;            /* Sorter that owns this sub-task */
   UnpackedRecord *pUnpacked;      /* Space to unpack a record */
   SorterList list;                /* List for thread to write to a PMA */
-  int nPMA;                       /* Number of PMAs currently in file */
   SorterCompare xCompare;         /* Compare function to use */
   SorterFile file;                /* Temp file for level-0 PMAs */
   SorterFile file2;               /* Space for other PMAs */
@@ -100516,7 +102095,7 @@ struct VdbeSorter {
 ** PMA, in sorted order.  The next key to be read is cached in nKey/aKey.
 ** aKey might point into aMap or into aBuffer.  If neither of those locations
 ** contain a contiguous representation of the key, then aAlloc is allocated
-** and the key is copied into aAlloc and aKey is made to poitn to aAlloc.
+** and the key is copied into aAlloc and aKey is made to point to aAlloc.
 **
 ** pFd==0 at EOF.
 */
@@ -101887,7 +103466,7 @@ static int vdbeSorterFlushPMA(VdbeSorter *pSorter){
   ** the background thread from a sub-tasks previous turn is still running,
   ** skip it. If the first (pSorter->nTask-1) sub-tasks are all still busy,
   ** fall back to using the final sub-task. The first (pSorter->nTask-1)
-  ** sub-tasks are prefered as they use background threads - the final
+  ** sub-tasks are preferred as they use background threads - the final
   ** sub-task uses the main thread. */
   for(i=0; iiPrev + i + 1) % nWorker;
@@ -101945,8 +103524,8 @@ SQLITE_PRIVATE int sqlite3VdbeSorterWrite(
   int rc = SQLITE_OK;             /* Return Code */
   SorterRecord *pNew;             /* New list element */
   int bFlush;                     /* True to flush contents of memory to PMA */
-  int nReq;                       /* Bytes of memory required */
-  int nPMA;                       /* Bytes of PMA space required */
+  i64 nReq;                       /* Bytes of memory required */
+  i64 nPMA;                       /* Bytes of PMA space required */
   int t;                          /* serial type of first record field */
 
   assert( pCsr->eCurType==CURTYPE_SORTER );
@@ -102371,7 +103950,7 @@ static int vdbePmaReaderIncrMergeInit(PmaReader *pReadr, int eMode){
 
   rc = vdbeMergeEngineInit(pTask, pIncr->pMerger, eMode);
 
-  /* Set up the required files for pIncr. A multi-theaded IncrMerge object
+  /* Set up the required files for pIncr. A multi-threaded IncrMerge object
   ** requires two temp files to itself, whereas a single-threaded object
   ** only requires a region of pTask->file2. */
   if( rc==SQLITE_OK ){
@@ -103011,6 +104590,8 @@ static int bytecodevtabConnect(
       "p5 INT,"
       "comment TEXT,"
       "subprog TEXT,"
+      "nexec INT,"
+      "ncycle INT,"
       "stmt HIDDEN"
     ");",
 
@@ -103173,7 +104754,7 @@ static int bytecodevtabColumn(
           }
         }
       }
-      i += 10;
+      i += 20;
     }
   }
   switch( i ){
@@ -103223,16 +104804,31 @@ static int bytecodevtabColumn(
       }
       break;
     }
-    case 10:  /* tables_used.type */
+
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+    case 9:     /* nexec */
+      sqlite3_result_int(ctx, pOp->nExec);
+      break;
+    case 10:    /* ncycle */
+      sqlite3_result_int(ctx, pOp->nCycle);
+      break;
+#else
+    case 9:     /* nexec */
+    case 10:    /* ncycle */
+      sqlite3_result_int(ctx, 0);
+      break;
+#endif
+
+    case 20:  /* tables_used.type */
       sqlite3_result_text(ctx, pCur->zType, -1, SQLITE_STATIC);
       break;
-    case 11:  /* tables_used.schema */
+    case 21:  /* tables_used.schema */
       sqlite3_result_text(ctx, pCur->zSchema, -1, SQLITE_STATIC);
       break;
-    case 12:  /* tables_used.name */
+    case 22:  /* tables_used.name */
       sqlite3_result_text(ctx, pCur->zName, -1, SQLITE_STATIC);
       break;
-    case 13:  /* tables_used.wr */
+    case 23:  /* tables_used.wr */
       sqlite3_result_int(ctx, pOp->opcode==OP_OpenWrite);
       break;
   }
@@ -103306,7 +104902,7 @@ static int bytecodevtabBestIndex(
   int rc = SQLITE_CONSTRAINT;
   struct sqlite3_index_constraint *p;
   bytecodevtab *pVTab = (bytecodevtab*)tab;
-  int iBaseCol = pVTab->bTablesUsed ? 4 : 8;
+  int iBaseCol = pVTab->bTablesUsed ? 4 : 10;
   pIdxInfo->estimatedCost = (double)100;
   pIdxInfo->estimatedRows = 100;
   pIdxInfo->idxNum = 0;
@@ -103353,7 +104949,8 @@ static sqlite3_module bytecodevtabModule = {
   /* xSavepoint  */ 0,
   /* xRelease    */ 0,
   /* xRollbackTo */ 0,
-  /* xShadowName */ 0
+  /* xShadowName */ 0,
+  /* xIntegrity  */ 0
 };
 
 
@@ -103877,7 +105474,7 @@ static int walkWindowList(Walker *pWalker, Window *pList, int bOneOnly){
 ** The return value from this routine is WRC_Abort to abandon the tree walk
 ** and WRC_Continue to continue.
 */
-static SQLITE_NOINLINE int walkExpr(Walker *pWalker, Expr *pExpr){
+SQLITE_PRIVATE SQLITE_NOINLINE int sqlite3WalkExprNN(Walker *pWalker, Expr *pExpr){
   int rc;
   testcase( ExprHasProperty(pExpr, EP_TokenOnly) );
   testcase( ExprHasProperty(pExpr, EP_Reduced) );
@@ -103886,7 +105483,9 @@ static SQLITE_NOINLINE int walkExpr(Walker *pWalker, Expr *pExpr){
     if( rc ) return rc & WRC_Abort;
     if( !ExprHasProperty(pExpr,(EP_TokenOnly|EP_Leaf)) ){
       assert( pExpr->x.pList==0 || pExpr->pRight==0 );
-      if( pExpr->pLeft && walkExpr(pWalker, pExpr->pLeft) ) return WRC_Abort;
+      if( pExpr->pLeft && sqlite3WalkExprNN(pWalker, pExpr->pLeft) ){
+        return WRC_Abort;
+      }
       if( pExpr->pRight ){
         assert( !ExprHasProperty(pExpr, EP_WinFunc) );
         pExpr = pExpr->pRight;
@@ -103910,7 +105509,7 @@ static SQLITE_NOINLINE int walkExpr(Walker *pWalker, Expr *pExpr){
   return WRC_Continue;
 }
 SQLITE_PRIVATE int sqlite3WalkExpr(Walker *pWalker, Expr *pExpr){
-  return pExpr ? walkExpr(pWalker,pExpr) : WRC_Continue;
+  return pExpr ? sqlite3WalkExprNN(pWalker,pExpr) : WRC_Continue;
 }
 
 /*
@@ -104036,7 +105635,7 @@ SQLITE_PRIVATE int sqlite3WalkSelect(Walker *pWalker, Select *p){
 }
 
 /* Increase the walkerDepth when entering a subquery, and
-** descrease when leaving the subquery.
+** decrease when leaving the subquery.
 */
 SQLITE_PRIVATE int sqlite3WalkerDepthIncrease(Walker *pWalker, Select *pSelect){
   UNUSED_PARAMETER(pSelect);
@@ -104180,21 +105779,36 @@ static void resolveAlias(
 }
 
 /*
-** Subqueries stores the original database, table and column names for their
-** result sets in ExprList.a[].zSpan, in the form "DATABASE.TABLE.COLUMN".
-** Check to see if the zSpan given to this routine matches the zDb, zTab,
-** and zCol.  If any of zDb, zTab, and zCol are NULL then those fields will
-** match anything.
+** Subqueries store the original database, table and column names for their
+** result sets in ExprList.a[].zSpan, in the form "DATABASE.TABLE.COLUMN",
+** and mark the expression-list item by setting ExprList.a[].fg.eEName
+** to ENAME_TAB.
+**
+** Check to see if the zSpan/eEName of the expression-list item passed to this
+** routine matches the zDb, zTab, and zCol.  If any of zDb, zTab, and zCol are
+** NULL then those fields will match anything. Return true if there is a match,
+** or false otherwise.
+**
+** SF_NestedFrom subqueries also store an entry for the implicit rowid (or
+** _rowid_, or oid) column by setting ExprList.a[].fg.eEName to ENAME_ROWID,
+** and setting zSpan to "DATABASE.TABLE.". This type of pItem
+** argument matches if zCol is a rowid alias. If it is not NULL, (*pbRowid)
+** is set to 1 if there is this kind of match.
 */
 SQLITE_PRIVATE int sqlite3MatchEName(
   const struct ExprList_item *pItem,
   const char *zCol,
   const char *zTab,
-  const char *zDb
+  const char *zDb,
+  int *pbRowid
 ){
   int n;
   const char *zSpan;
-  if( pItem->fg.eEName!=ENAME_TAB ) return 0;
+  int eEName = pItem->fg.eEName;
+  if( eEName!=ENAME_TAB && (eEName!=ENAME_ROWID || NEVER(pbRowid==0)) ){
+    return 0;
+  }
+  assert( pbRowid==0 || *pbRowid==0 );
   zSpan = pItem->zEName;
   for(n=0; ALWAYS(zSpan[n]) && zSpan[n]!='.'; n++){}
   if( zDb && (sqlite3StrNICmp(zSpan, zDb, n)!=0 || zDb[n]!=0) ){
@@ -104206,9 +105820,11 @@ SQLITE_PRIVATE int sqlite3MatchEName(
     return 0;
   }
   zSpan += n+1;
-  if( zCol && sqlite3StrICmp(zSpan, zCol)!=0 ){
-    return 0;
+  if( zCol ){
+    if( eEName==ENAME_TAB && sqlite3StrICmp(zSpan, zCol)!=0 ) return 0;
+    if( eEName==ENAME_ROWID && sqlite3IsRowid(zCol)==0 ) return 0;
   }
+  if( eEName==ENAME_ROWID ) *pbRowid = 1;
   return 1;
 }
 
@@ -104341,7 +105957,7 @@ static int lookupName(
 ){
   int i, j;                         /* Loop counters */
   int cnt = 0;                      /* Number of matching column names */
-  int cntTab = 0;                   /* Number of matching table names */
+  int cntTab = 0;                   /* Number of potential "rowid" matches */
   int nSubquery = 0;                /* How many levels of subquery */
   sqlite3 *db = pParse->db;         /* The database connection */
   SrcItem *pItem;                   /* Use for looping over pSrcList items */
@@ -104418,39 +106034,49 @@ static int lookupName(
           assert( pEList!=0 );
           assert( pEList->nExpr==pTab->nCol );
           for(j=0; jnExpr; j++){
-            if( !sqlite3MatchEName(&pEList->a[j], zCol, zTab, zDb) ){
+            int bRowid = 0;       /* True if possible rowid match */
+            if( !sqlite3MatchEName(&pEList->a[j], zCol, zTab, zDb, &bRowid) ){
               continue;
             }
-            if( cnt>0 ){
-              if( pItem->fg.isUsing==0
-               || sqlite3IdListIndex(pItem->u3.pUsing, zCol)<0
-              ){
-                /* Two or more tables have the same column name which is
-                ** not joined by USING.  This is an error.  Signal as much
-                ** by clearing pFJMatch and letting cnt go above 1. */
-                sqlite3ExprListDelete(db, pFJMatch);
-                pFJMatch = 0;
-              }else
-              if( (pItem->fg.jointype & JT_RIGHT)==0 ){
-                /* An INNER or LEFT JOIN.  Use the left-most table */
-                continue;
-              }else
-              if( (pItem->fg.jointype & JT_LEFT)==0 ){
-                /* A RIGHT JOIN.  Use the right-most table */
-                cnt = 0;
-                sqlite3ExprListDelete(db, pFJMatch);
-                pFJMatch = 0;
-              }else{
-                /* For a FULL JOIN, we must construct a coalesce() func */
-                extendFJMatch(pParse, &pFJMatch, pMatch, pExpr->iColumn);
+            if( bRowid==0 ){
+              if( cnt>0 ){
+                if( pItem->fg.isUsing==0
+                 || sqlite3IdListIndex(pItem->u3.pUsing, zCol)<0
+                ){
+                  /* Two or more tables have the same column name which is
+                  ** not joined by USING.  This is an error.  Signal as much
+                  ** by clearing pFJMatch and letting cnt go above 1. */
+                  sqlite3ExprListDelete(db, pFJMatch);
+                  pFJMatch = 0;
+                }else
+                if( (pItem->fg.jointype & JT_RIGHT)==0 ){
+                  /* An INNER or LEFT JOIN.  Use the left-most table */
+                  continue;
+                }else
+                if( (pItem->fg.jointype & JT_LEFT)==0 ){
+                  /* A RIGHT JOIN.  Use the right-most table */
+                  cnt = 0;
+                  sqlite3ExprListDelete(db, pFJMatch);
+                  pFJMatch = 0;
+                }else{
+                  /* For a FULL JOIN, we must construct a coalesce() func */
+                  extendFJMatch(pParse, &pFJMatch, pMatch, pExpr->iColumn);
+                }
               }
+              cnt++;
+              hit = 1;
+            }else if( cnt>0 ){
+              /* This is a potential rowid match, but there has already been
+              ** a real match found. So this can be ignored.  */
+              continue;
             }
-            cnt++;
-            cntTab = 2;
+            cntTab++;
             pMatch = pItem;
             pExpr->iColumn = j;
             pEList->a[j].fg.bUsed = 1;
-            hit = 1;
+
+            /* rowid cannot be part of a USING clause - assert() this. */
+            assert( bRowid==0 || pEList->a[j].fg.bUsingTerm==0 );
             if( pEList->a[j].fg.bUsingTerm ) break;
           }
           if( hit || zTab==0 ) continue;
@@ -104645,10 +106271,10 @@ static int lookupName(
      && pMatch
      && (pNC->ncFlags & (NC_IdxExpr|NC_GenCol))==0
      && sqlite3IsRowid(zCol)
-     && ALWAYS(VisibleRowid(pMatch->pTab))
+     && ALWAYS(VisibleRowid(pMatch->pTab) || pMatch->fg.isNestedFrom)
     ){
       cnt = 1;
-      pExpr->iColumn = -1;
+      if( pMatch->fg.isNestedFrom==0 ) pExpr->iColumn = -1;
       pExpr->affExpr = SQLITE_AFF_INTEGER;
     }
 
@@ -105101,6 +106727,7 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
       Window *pWin = (IsWindowFunc(pExpr) ? pExpr->y.pWin : 0);
 #endif
       assert( !ExprHasProperty(pExpr, EP_xIsSelect|EP_IntValue) );
+      assert( pExpr->pLeft==0 || pExpr->pLeft->op==TK_ORDER );
       zId = pExpr->u.zToken;
       pDef = sqlite3FindFunction(pParse->db, zId, n, enc, 0);
       if( pDef==0 ){
@@ -105242,6 +106869,10 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
           pNC->nNcErr++;
         }
 #endif
+        else if( is_agg==0 && pExpr->pLeft ){
+          sqlite3ExprOrderByAggregateError(pParse, pExpr);
+          pNC->nNcErr++;
+        }
         if( is_agg ){
           /* Window functions may not be arguments of aggregate functions.
           ** Or arguments of other window functions. But aggregate functions
@@ -105260,6 +106891,11 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
 #endif
       sqlite3WalkExprList(pWalker, pList);
       if( is_agg ){
+        if( pExpr->pLeft ){
+          assert( pExpr->pLeft->op==TK_ORDER );
+          assert( ExprUseXList(pExpr->pLeft) );
+          sqlite3WalkExprList(pWalker, pExpr->pLeft->x.pList);
+        }
 #ifndef SQLITE_OMIT_WINDOWFUNC
         if( pWin ){
           Select *pSel = pNC->pWinSelect;
@@ -105770,7 +107406,7 @@ static int resolveOrderGroupBy(
     }
     for(j=0; jpEList->nExpr; j++){
       if( sqlite3ExprCompare(0, pE, pSelect->pEList->a[j].pExpr, -1)==0 ){
-        /* Since this expresion is being changed into a reference
+        /* Since this expression is being changed into a reference
         ** to an identical expression in the result set, remove all Window
         ** objects belonging to the expression from the Select.pWin list. */
         windowRemoveExprFromSelect(pSelect, pE);
@@ -105823,10 +107459,8 @@ static int resolveSelectStep(Walker *pWalker, Select *p){
   while( p ){
     assert( (p->selFlags & SF_Expanded)!=0 );
     assert( (p->selFlags & SF_Resolved)==0 );
-    assert( db->suppressErr==0 ); /* SF_Resolved not set if errors suppressed */
     p->selFlags |= SF_Resolved;
 
-
     /* Resolve the expressions in the LIMIT and OFFSET clauses. These
     ** are not allowed to refer to any names, so pass an empty NameContext.
     */
@@ -106093,7 +107727,8 @@ SQLITE_PRIVATE int sqlite3ResolveExprNames(
     return SQLITE_ERROR;
   }
 #endif
-  sqlite3WalkExpr(&w, pExpr);
+  assert( pExpr!=0 );
+  sqlite3WalkExprNN(&w, pExpr);
 #if SQLITE_MAX_EXPR_DEPTH>0
   w.pParse->nHeight -= pExpr->nHeight;
 #endif
@@ -106135,7 +107770,7 @@ SQLITE_PRIVATE int sqlite3ResolveExprListNames(
       return WRC_Abort;
     }
 #endif
-    sqlite3WalkExpr(&w, pExpr);
+    sqlite3WalkExprNN(&w, pExpr);
 #if SQLITE_MAX_EXPR_DEPTH>0
     w.pParse->nHeight -= pExpr->nHeight;
 #endif
@@ -106157,7 +107792,7 @@ SQLITE_PRIVATE int sqlite3ResolveExprListNames(
 
 /*
 ** Resolve all names in all expressions of a SELECT and in all
-** decendents of the SELECT, including compounds off of p->pPrior,
+** descendants of the SELECT, including compounds off of p->pPrior,
 ** subqueries in expressions, and subqueries used as FROM clause
 ** terms.
 **
@@ -106307,6 +107942,7 @@ SQLITE_PRIVATE char sqlite3ExprAffinity(const Expr *pExpr){
     if( op==TK_SELECT_COLUMN ){
       assert( pExpr->pLeft!=0 && ExprUseXSelect(pExpr->pLeft) );
       assert( pExpr->iColumn < pExpr->iTable );
+      assert( pExpr->iColumn >= 0 );
       assert( pExpr->iTable==pExpr->pLeft->x.pSelect->pEList->nExpr );
       return sqlite3ExprAffinity(
           pExpr->pLeft->x.pSelect->pEList->a[pExpr->iColumn].pExpr
@@ -106543,7 +108179,7 @@ SQLITE_PRIVATE CollSeq *sqlite3ExprCollSeq(Parse *pParse, const Expr *pExpr){
 /*
 ** Return the collation sequence for the expression pExpr. If
 ** there is no defined collating sequence, return a pointer to the
-** defautl collation sequence.
+** default collation sequence.
 **
 ** See also: sqlite3ExprCollSeq()
 **
@@ -106673,7 +108309,7 @@ SQLITE_PRIVATE CollSeq *sqlite3BinaryCompareCollSeq(
   return pColl;
 }
 
-/* Expresssion p is a comparison operator.  Return a collation sequence
+/* Expression p is a comparison operator.  Return a collation sequence
 ** appropriate for the comparison operator.
 **
 ** This is normally just a wrapper around sqlite3BinaryCompareCollSeq().
@@ -106830,6 +108466,7 @@ SQLITE_PRIVATE Expr *sqlite3ExprForVectorField(
     */
     pRet = sqlite3PExpr(pParse, TK_SELECT_COLUMN, 0, 0);
     if( pRet ){
+      ExprSetProperty(pRet, EP_FullSize);
       pRet->iTable = nField;
       pRet->iColumn = iField;
       pRet->pLeft = pVector;
@@ -107129,6 +108766,15 @@ SQLITE_PRIVATE void sqlite3ExprSetHeightAndFlags(Parse *pParse, Expr *p){
 #define exprSetHeight(y)
 #endif /* SQLITE_MAX_EXPR_DEPTH>0 */
 
+/*
+** Set the error offset for an Expr node, if possible.
+*/
+SQLITE_PRIVATE void sqlite3ExprSetErrorOffset(Expr *pExpr, int iOfst){
+  if( pExpr==0 ) return;
+  if( NEVER(ExprUseWJoin(pExpr)) ) return;
+  pExpr->w.iOfst = iOfst;
+}
+
 /*
 ** This routine is the core allocator for Expr nodes.
 **
@@ -107411,6 +109057,69 @@ SQLITE_PRIVATE Expr *sqlite3ExprFunction(
   return pNew;
 }
 
+/*
+** Report an error when attempting to use an ORDER BY clause within
+** the arguments of a non-aggregate function.
+*/
+SQLITE_PRIVATE void sqlite3ExprOrderByAggregateError(Parse *pParse, Expr *p){
+  sqlite3ErrorMsg(pParse,
+     "ORDER BY may not be used with non-aggregate %#T()", p
+  );
+}
+
+/*
+** Attach an ORDER BY clause to a function call.
+**
+**     functionname( arguments ORDER BY sortlist )
+**     \_____________________/          \______/
+**             pExpr                    pOrderBy
+**
+** The ORDER BY clause is inserted into a new Expr node of type TK_ORDER
+** and added to the Expr.pLeft field of the parent TK_FUNCTION node.
+*/
+SQLITE_PRIVATE void sqlite3ExprAddFunctionOrderBy(
+  Parse *pParse,        /* Parsing context */
+  Expr *pExpr,          /* The function call to which ORDER BY is to be added */
+  ExprList *pOrderBy    /* The ORDER BY clause to add */
+){
+  Expr *pOB;
+  sqlite3 *db = pParse->db;
+  if( NEVER(pOrderBy==0) ){
+    assert( db->mallocFailed );
+    return;
+  }
+  if( pExpr==0 ){
+    assert( db->mallocFailed );
+    sqlite3ExprListDelete(db, pOrderBy);
+    return;
+  }
+  assert( pExpr->op==TK_FUNCTION );
+  assert( pExpr->pLeft==0 );
+  assert( ExprUseXList(pExpr) );
+  if( pExpr->x.pList==0 || NEVER(pExpr->x.pList->nExpr==0) ){
+    /* Ignore ORDER BY on zero-argument aggregates */
+    sqlite3ParserAddCleanup(pParse,
+        (void(*)(sqlite3*,void*))sqlite3ExprListDelete,
+        pOrderBy);
+    return;
+  }
+  if( IsWindowFunc(pExpr) ){
+    sqlite3ExprOrderByAggregateError(pParse, pExpr);
+    sqlite3ExprListDelete(db, pOrderBy);
+    return;
+  }
+
+  pOB = sqlite3ExprAlloc(db, TK_ORDER, 0, 0);
+  if( pOB==0 ){
+    sqlite3ExprListDelete(db, pOrderBy);
+    return;
+  }
+  pOB->x.pList = pOrderBy;
+  assert( ExprUseXList(pOB) );
+  pExpr->pLeft = pOB;
+  ExprSetProperty(pOB, EP_FullSize);
+}
+
 /*
 ** Check to see if a function is usable according to current access
 ** rules:
@@ -107589,7 +109298,7 @@ SQLITE_PRIVATE void sqlite3ClearOnOrUsing(sqlite3 *db, OnOrUsing *p){
 /*
 ** Arrange to cause pExpr to be deleted when the pParse is deleted.
 ** This is similar to sqlite3ExprDelete() except that the delete is
-** deferred untilthe pParse is deleted.
+** deferred until the pParse is deleted.
 **
 ** The pExpr might be deleted immediately on an OOM error.
 **
@@ -107664,11 +109373,7 @@ static int dupedExprStructSize(const Expr *p, int flags){
   assert( flags==EXPRDUP_REDUCE || flags==0 ); /* Only one flag value allowed */
   assert( EXPR_FULLSIZE<=0xfff );
   assert( (0xfff & (EP_Reduced|EP_TokenOnly))==0 );
-  if( 0==flags || p->op==TK_SELECT_COLUMN
-#ifndef SQLITE_OMIT_WINDOWFUNC
-   || ExprHasProperty(p, EP_WinFunc)
-#endif
-  ){
+  if( 0==flags || ExprHasProperty(p, EP_FullSize) ){
     nSize = EXPR_FULLSIZE;
   }else{
     assert( !ExprHasProperty(p, EP_TokenOnly|EP_Reduced) );
@@ -107699,56 +109404,93 @@ static int dupedExprNodeSize(const Expr *p, int flags){
 
 /*
 ** Return the number of bytes required to create a duplicate of the
-** expression passed as the first argument. The second argument is a
-** mask containing EXPRDUP_XXX flags.
+** expression passed as the first argument.
 **
 ** The value returned includes space to create a copy of the Expr struct
 ** itself and the buffer referred to by Expr.u.zToken, if any.
 **
-** If the EXPRDUP_REDUCE flag is set, then the return value includes
-** space to duplicate all Expr nodes in the tree formed by Expr.pLeft
-** and Expr.pRight variables (but not for any structures pointed to or
-** descended from the Expr.x.pList or Expr.x.pSelect variables).
+** The return value includes space to duplicate all Expr nodes in the
+** tree formed by Expr.pLeft and Expr.pRight, but not any other
+** substructure such as Expr.x.pList, Expr.x.pSelect, and Expr.y.pWin.
 */
-static int dupedExprSize(const Expr *p, int flags){
-  int nByte = 0;
-  if( p ){
-    nByte = dupedExprNodeSize(p, flags);
-    if( flags&EXPRDUP_REDUCE ){
-      nByte += dupedExprSize(p->pLeft, flags) + dupedExprSize(p->pRight, flags);
-    }
-  }
+static int dupedExprSize(const Expr *p){
+  int nByte;
+  assert( p!=0 );
+  nByte = dupedExprNodeSize(p, EXPRDUP_REDUCE);
+  if( p->pLeft ) nByte += dupedExprSize(p->pLeft);
+  if( p->pRight ) nByte += dupedExprSize(p->pRight);
+  assert( nByte==ROUND8(nByte) );
   return nByte;
 }
 
 /*
-** This function is similar to sqlite3ExprDup(), except that if pzBuffer
-** is not NULL then *pzBuffer is assumed to point to a buffer large enough
-** to store the copy of expression p, the copies of p->u.zToken
-** (if applicable), and the copies of the p->pLeft and p->pRight expressions,
-** if any. Before returning, *pzBuffer is set to the first byte past the
-** portion of the buffer copied into by this function.
+** An EdupBuf is a memory allocation used to stored multiple Expr objects
+** together with their Expr.zToken content.  This is used to help implement
+** compression while doing sqlite3ExprDup().  The top-level Expr does the
+** allocation for itself and many of its decendents, then passes an instance
+** of the structure down into exprDup() so that they decendents can have
+** access to that memory.
 */
-static Expr *exprDup(sqlite3 *db, const Expr *p, int dupFlags, u8 **pzBuffer){
+typedef struct EdupBuf EdupBuf;
+struct EdupBuf {
+  u8 *zAlloc;          /* Memory space available for storage */
+#ifdef SQLITE_DEBUG
+  u8 *zEnd;            /* First byte past the end of memory */
+#endif
+};
+
+/*
+** This function is similar to sqlite3ExprDup(), except that if pEdupBuf
+** is not NULL then it points to memory that can be used to store a copy
+** of the input Expr p together with its p->u.zToken (if any).  pEdupBuf
+** is updated with the new buffer tail prior to returning.
+*/
+static Expr *exprDup(
+  sqlite3 *db,          /* Database connection (for memory allocation) */
+  const Expr *p,        /* Expr tree to be duplicated */
+  int dupFlags,         /* EXPRDUP_REDUCE for compression.  0 if not */
+  EdupBuf *pEdupBuf     /* Preallocated storage space, or NULL */
+){
   Expr *pNew;           /* Value to return */
-  u8 *zAlloc;           /* Memory space from which to build Expr object */
+  EdupBuf sEdupBuf;     /* Memory space from which to build Expr object */
   u32 staticFlag;       /* EP_Static if space not obtained from malloc */
+  int nToken = -1;       /* Space needed for p->u.zToken.  -1 means unknown */
 
   assert( db!=0 );
   assert( p );
   assert( dupFlags==0 || dupFlags==EXPRDUP_REDUCE );
-  assert( pzBuffer==0 || dupFlags==EXPRDUP_REDUCE );
+  assert( pEdupBuf==0 || dupFlags==EXPRDUP_REDUCE );
 
   /* Figure out where to write the new Expr structure. */
-  if( pzBuffer ){
-    zAlloc = *pzBuffer;
+  if( pEdupBuf ){
+    sEdupBuf.zAlloc = pEdupBuf->zAlloc;
+#ifdef SQLITE_DEBUG
+    sEdupBuf.zEnd = pEdupBuf->zEnd;
+#endif
     staticFlag = EP_Static;
-    assert( zAlloc!=0 );
+    assert( sEdupBuf.zAlloc!=0 );
+    assert( dupFlags==EXPRDUP_REDUCE );
   }else{
-    zAlloc = sqlite3DbMallocRawNN(db, dupedExprSize(p, dupFlags));
+    int nAlloc;
+    if( dupFlags ){
+      nAlloc = dupedExprSize(p);
+    }else if( !ExprHasProperty(p, EP_IntValue) && p->u.zToken ){
+      nToken = sqlite3Strlen30NN(p->u.zToken)+1;
+      nAlloc = ROUND8(EXPR_FULLSIZE + nToken);
+    }else{
+      nToken = 0;
+      nAlloc = ROUND8(EXPR_FULLSIZE);
+    }
+    assert( nAlloc==ROUND8(nAlloc) );
+    sEdupBuf.zAlloc = sqlite3DbMallocRawNN(db, nAlloc);
+#ifdef SQLITE_DEBUG
+    sEdupBuf.zEnd = sEdupBuf.zAlloc ? sEdupBuf.zAlloc+nAlloc : 0;
+#endif
+
     staticFlag = 0;
   }
-  pNew = (Expr *)zAlloc;
+  pNew = (Expr *)sEdupBuf.zAlloc;
+  assert( EIGHT_BYTE_ALIGNMENT(pNew) );
 
   if( pNew ){
     /* Set nNewSize to the size allocated for the structure pointed to
@@ -107757,22 +109499,27 @@ static Expr *exprDup(sqlite3 *db, const Expr *p, int dupFlags, u8 **pzBuffer){
     ** by the copy of the p->u.zToken string (if any).
     */
     const unsigned nStructSize = dupedExprStructSize(p, dupFlags);
-    const int nNewSize = nStructSize & 0xfff;
-    int nToken;
-    if( !ExprHasProperty(p, EP_IntValue) && p->u.zToken ){
-      nToken = sqlite3Strlen30(p->u.zToken) + 1;
-    }else{
-      nToken = 0;
+    int nNewSize = nStructSize & 0xfff;
+    if( nToken<0 ){
+      if( !ExprHasProperty(p, EP_IntValue) && p->u.zToken ){
+        nToken = sqlite3Strlen30(p->u.zToken) + 1;
+      }else{
+        nToken = 0;
+      }
     }
     if( dupFlags ){
+      assert( (int)(sEdupBuf.zEnd - sEdupBuf.zAlloc) >= nNewSize+nToken );
       assert( ExprHasProperty(p, EP_Reduced)==0 );
-      memcpy(zAlloc, p, nNewSize);
+      memcpy(sEdupBuf.zAlloc, p, nNewSize);
     }else{
       u32 nSize = (u32)exprStructSize(p);
-      memcpy(zAlloc, p, nSize);
+      assert( (int)(sEdupBuf.zEnd - sEdupBuf.zAlloc) >=
+                                                   (int)EXPR_FULLSIZE+nToken );
+      memcpy(sEdupBuf.zAlloc, p, nSize);
       if( nSizeu.zToken string, if any. */
-    if( nToken ){
-      char *zToken = pNew->u.zToken = (char*)&zAlloc[nNewSize];
+    assert( nToken>=0 );
+    if( nToken>0 ){
+      char *zToken = pNew->u.zToken = (char*)&sEdupBuf.zAlloc[nNewSize];
       memcpy(zToken, p->u.zToken, nToken);
+      nNewSize += nToken;
     }
+    sEdupBuf.zAlloc += ROUND8(nNewSize);
+
+    if( ((p->flags|pNew->flags)&(EP_TokenOnly|EP_Leaf))==0 ){
 
-    if( 0==((p->flags|pNew->flags) & (EP_TokenOnly|EP_Leaf)) ){
       /* Fill in the pNew->x.pSelect or pNew->x.pList member. */
       if( ExprUseXSelect(p) ){
         pNew->x.pSelect = sqlite3SelectDup(db, p->x.pSelect, dupFlags);
       }else{
-        pNew->x.pList = sqlite3ExprListDup(db, p->x.pList, dupFlags);
+        pNew->x.pList = sqlite3ExprListDup(db, p->x.pList,
+                           p->op!=TK_ORDER ? dupFlags : 0);
       }
-    }
 
-    /* Fill in pNew->pLeft and pNew->pRight. */
-    if( ExprHasProperty(pNew, EP_Reduced|EP_TokenOnly|EP_WinFunc) ){
-      zAlloc += dupedExprNodeSize(p, dupFlags);
-      if( !ExprHasProperty(pNew, EP_TokenOnly|EP_Leaf) ){
-        pNew->pLeft = p->pLeft ?
-                      exprDup(db, p->pLeft, EXPRDUP_REDUCE, &zAlloc) : 0;
-        pNew->pRight = p->pRight ?
-                       exprDup(db, p->pRight, EXPRDUP_REDUCE, &zAlloc) : 0;
-      }
 #ifndef SQLITE_OMIT_WINDOWFUNC
       if( ExprHasProperty(p, EP_WinFunc) ){
         pNew->y.pWin = sqlite3WindowDup(db, pNew, p->y.pWin);
         assert( ExprHasProperty(pNew, EP_WinFunc) );
       }
 #endif /* SQLITE_OMIT_WINDOWFUNC */
-      if( pzBuffer ){
-        *pzBuffer = zAlloc;
-      }
-    }else{
-      if( !ExprHasProperty(p, EP_TokenOnly|EP_Leaf) ){
-        if( pNew->op==TK_SELECT_COLUMN ){
+
+      /* Fill in pNew->pLeft and pNew->pRight. */
+      if( dupFlags ){
+        if( p->op==TK_SELECT_COLUMN ){
           pNew->pLeft = p->pLeft;
-          assert( p->pRight==0  || p->pRight==p->pLeft
-                                || ExprHasProperty(p->pLeft, EP_Subquery) );
+          assert( p->pRight==0
+               || p->pRight==p->pLeft
+               || ExprHasProperty(p->pLeft, EP_Subquery) );
+        }else{
+          pNew->pLeft = p->pLeft ?
+                      exprDup(db, p->pLeft, EXPRDUP_REDUCE, &sEdupBuf) : 0;
+        }
+        pNew->pRight = p->pRight ?
+                       exprDup(db, p->pRight, EXPRDUP_REDUCE, &sEdupBuf) : 0;
+      }else{
+        if( p->op==TK_SELECT_COLUMN ){
+          pNew->pLeft = p->pLeft;
+          assert( p->pRight==0
+               || p->pRight==p->pLeft
+               || ExprHasProperty(p->pLeft, EP_Subquery) );
         }else{
           pNew->pLeft = sqlite3ExprDup(db, p->pLeft, 0);
         }
@@ -107830,6 +109583,8 @@ static Expr *exprDup(sqlite3 *db, const Expr *p, int dupFlags, u8 **pzBuffer){
       }
     }
   }
+  if( pEdupBuf ) memcpy(pEdupBuf, &sEdupBuf, sizeof(sEdupBuf));
+  assert( sEdupBuf.zAlloc <= sEdupBuf.zEnd );
   return pNew;
 }
 
@@ -108094,11 +109849,7 @@ SQLITE_PRIVATE Select *sqlite3SelectDup(sqlite3 *db, const Select *p, int flags)
 ** initially NULL, then create a new expression list.
 **
 ** The pList argument must be either NULL or a pointer to an ExprList
-** obtained from a prior call to sqlite3ExprListAppend().  This routine
-** may not be used with an ExprList obtained from sqlite3ExprListDup().
-** Reason:  This routine assumes that the number of slots in pList->a[]
-** is a power of two.  That is true for sqlite3ExprListAppend() returns
-** but is not necessarily true from the return value of sqlite3ExprListDup().
+** obtained from a prior call to sqlite3ExprListAppend().
 **
 ** If a memory allocation error occurs, the entire list is freed and
 ** NULL is returned.  If non-NULL is returned, then it is guaranteed
@@ -108431,7 +110182,7 @@ SQLITE_PRIVATE int sqlite3ExprIdToTrueFalse(Expr *pExpr){
 ** and 0 if it is FALSE.
 */
 SQLITE_PRIVATE int sqlite3ExprTruthValue(const Expr *pExpr){
-  pExpr = sqlite3ExprSkipCollate((Expr*)pExpr);
+  pExpr = sqlite3ExprSkipCollateAndLikely((Expr*)pExpr);
   assert( pExpr->op==TK_TRUEFALSE );
   assert( !ExprHasProperty(pExpr, EP_IntValue) );
   assert( sqlite3StrICmp(pExpr->u.zToken,"true")==0
@@ -108924,6 +110675,27 @@ SQLITE_PRIVATE int sqlite3IsRowid(const char *z){
   return 0;
 }
 
+/*
+** Return a pointer to a buffer containing a usable rowid alias for table
+** pTab. An alias is usable if there is not an explicit user-defined column
+** of the same name.
+*/
+SQLITE_PRIVATE const char *sqlite3RowidAlias(Table *pTab){
+  const char *azOpt[] = {"_ROWID_", "ROWID", "OID"};
+  int ii;
+  assert( VisibleRowid(pTab) );
+  for(ii=0; iinCol; iCol++){
+      if( sqlite3_stricmp(azOpt[ii], pTab->aCol[iCol].zCnName)==0 ) break;
+    }
+    if( iCol==pTab->nCol ){
+      return azOpt[ii];
+    }
+  }
+  return 0;
+}
+
 /*
 ** pX is the RHS of an IN operator.  If pX is a SELECT statement
 ** that can be simplified to a direct table access, then return
@@ -109024,7 +110796,7 @@ static int sqlite3InRhsIsConstant(Expr *pIn){
 **   IN_INDEX_INDEX_ASC  - The cursor was opened on an ascending index.
 **   IN_INDEX_INDEX_DESC - The cursor was opened on a descending index.
 **   IN_INDEX_EPH        - The cursor was opened on a specially created and
-**                         populated epheremal table.
+**                         populated ephemeral table.
 **   IN_INDEX_NOOP       - No cursor was allocated.  The IN operator must be
 **                         implemented as a sequence of comparisons.
 **
@@ -109037,7 +110809,7 @@ static int sqlite3InRhsIsConstant(Expr *pIn){
 ** an ephemeral table might need to be generated from the RHS and then
 ** pX->iTable made to point to the ephemeral table instead of an
 ** existing table.  In this case, the creation and initialization of the
-** ephmeral table might be put inside of a subroutine, the EP_Subrtn flag
+** ephemeral table might be put inside of a subroutine, the EP_Subrtn flag
 ** will be set on pX and the pX->y.sub fields will be set to show where
 ** the subroutine is coded.
 **
@@ -109049,12 +110821,12 @@ static int sqlite3InRhsIsConstant(Expr *pIn){
 **
 ** When IN_INDEX_LOOP is used (and the b-tree will be used to iterate
 ** through the set members) then the b-tree must not contain duplicates.
-** An epheremal table will be created unless the selected columns are guaranteed
+** An ephemeral table will be created unless the selected columns are guaranteed
 ** to be unique - either because it is an INTEGER PRIMARY KEY or due to
 ** a UNIQUE constraint or index.
 **
 ** When IN_INDEX_MEMBERSHIP is used (and the b-tree will be used
-** for fast set membership tests) then an epheremal table must
+** for fast set membership tests) then an ephemeral table must
 ** be used unless  is a single INTEGER PRIMARY KEY column or an
 ** index can be found with the specified  as its left-most.
 **
@@ -109387,7 +111159,7 @@ SQLITE_PRIVATE void sqlite3VectorErrorMsg(Parse *pParse, Expr *pExpr){
 **     x IN (SELECT a FROM b)     -- IN operator with subquery on the right
 **
 ** The pExpr parameter is the IN operator.  The cursor number for the
-** constructed ephermeral table is returned.  The first time the ephemeral
+** constructed ephemeral table is returned.  The first time the ephemeral
 ** table is computed, the cursor number is also stored in pExpr->iTable,
 ** however the cursor number returned might not be the same, as it might
 ** have been duplicated using OP_OpenDup.
@@ -110202,10 +111974,13 @@ SQLITE_PRIVATE int sqlite3ExprCodeGetColumn(
   u8 p5            /* P5 value for OP_Column + FLAGS */
 ){
   assert( pParse->pVdbe!=0 );
+  assert( (p5 & (OPFLAG_NOCHNG|OPFLAG_TYPEOFARG|OPFLAG_LENGTHARG))==p5 );
+  assert( IsVirtual(pTab) || (p5 & OPFLAG_NOCHNG)==0 );
   sqlite3ExprCodeGetColumnOfTable(pParse->pVdbe, pTab, iTable, iColumn, iReg);
   if( p5 ){
     VdbeOp *pOp = sqlite3VdbeGetLastOp(pParse->pVdbe);
     if( pOp->opcode==OP_Column ) pOp->p5 = p5;
+    if( pOp->opcode==OP_VColumn ) pOp->p5 = (p5 & OPFLAG_NOCHNG);
   }
   return iReg;
 }
@@ -110234,7 +112009,7 @@ static void exprToRegister(Expr *pExpr, int iReg){
 
 /*
 ** Evaluate an expression (either a vector or a scalar expression) and store
-** the result in continguous temporary registers.  Return the index of
+** the result in contiguous temporary registers.  Return the index of
 ** the first register used to store the result.
 **
 ** If the returned result register is a temporary scalar, then also write
@@ -110274,7 +112049,7 @@ static int exprCodeVector(Parse *pParse, Expr *p, int *piFreeable){
 */
 static void setDoNotMergeFlagOnCopy(Vdbe *v){
   if( sqlite3VdbeGetLastOp(v)->opcode==OP_Copy ){
-    sqlite3VdbeChangeP5(v, 1);  /* Tag trailing OP_Copy as not mergable */
+    sqlite3VdbeChangeP5(v, 1);  /* Tag trailing OP_Copy as not mergeable */
   }
 }
 
@@ -110364,13 +112139,13 @@ static int exprCodeInlineFunction(
     }
 
     case INLINEFUNC_implies_nonnull_row: {
-      /* REsult of sqlite3ExprImpliesNonNullRow() */
+      /* Result of sqlite3ExprImpliesNonNullRow() */
       Expr *pA1;
       assert( nFarg==2 );
       pA1 = pFarg->a[1].pExpr;
       if( pA1->op==TK_COLUMN ){
         sqlite3VdbeAddOp2(v, OP_Integer,
-           sqlite3ExprImpliesNonNullRow(pFarg->a[0].pExpr,pA1->iTable),
+           sqlite3ExprImpliesNonNullRow(pFarg->a[0].pExpr,pA1->iTable,1),
            target);
       }else{
         sqlite3VdbeAddOp2(v, OP_Null, 0, target);
@@ -110458,6 +112233,41 @@ static SQLITE_NOINLINE int sqlite3IndexedExprLookup(
 }
 
 
+/*
+** Expresion pExpr is guaranteed to be a TK_COLUMN or equivalent. This
+** function checks the Parse.pIdxPartExpr list to see if this column
+** can be replaced with a constant value. If so, it generates code to
+** put the constant value in a register (ideally, but not necessarily,
+** register iTarget) and returns the register number.
+**
+** Or, if the TK_COLUMN cannot be replaced by a constant, zero is
+** returned.
+*/
+static int exprPartidxExprLookup(Parse *pParse, Expr *pExpr, int iTarget){
+  IndexedExpr *p;
+  for(p=pParse->pIdxPartExpr; p; p=p->pIENext){
+    if( pExpr->iColumn==p->iIdxCol && pExpr->iTable==p->iDataCur ){
+      Vdbe *v = pParse->pVdbe;
+      int addr = 0;
+      int ret;
+
+      if( p->bMaybeNullRow ){
+        addr = sqlite3VdbeAddOp1(v, OP_IfNullRow, p->iIdxCur);
+      }
+      ret = sqlite3ExprCodeTarget(pParse, p->pExpr, iTarget);
+      sqlite3VdbeAddOp4(pParse->pVdbe, OP_Affinity, ret, 1, 0,
+                        (const char*)&p->aff, 1);
+      if( addr ){
+        sqlite3VdbeJumpHere(v, addr);
+        sqlite3VdbeChangeP3(v, addr, ret);
+      }
+      return ret;
+    }
+  }
+  return 0;
+}
+
+
 /*
 ** Generate code into the current Vdbe to evaluate the given
 ** expression.  Attempt to store the results in register "target".
@@ -110494,6 +112304,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
     assert( !ExprHasVVAProperty(pExpr,EP_Immutable) );
     op = pExpr->op;
   }
+  assert( op!=TK_ORDER );
   switch( op ){
     case TK_AGG_COLUMN: {
       AggInfo *pAggInfo = pExpr->pAggInfo;
@@ -110507,7 +112318,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
 #ifdef SQLITE_VDBE_COVERAGE
         /* Verify that the OP_Null above is exercised by tests
         ** tag-20230325-2 */
-        sqlite3VdbeAddOp2(v, OP_NotNull, target, 1);
+        sqlite3VdbeAddOp3(v, OP_NotNull, target, 1, 20230325);
         VdbeCoverageNeverTaken(v);
 #endif
         break;
@@ -110546,7 +112357,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       if( ExprHasProperty(pExpr, EP_FixedCol) ){
         /* This COLUMN expression is really a constant due to WHERE clause
         ** constraints, and that constant is coded by the pExpr->pLeft
-        ** expresssion.  However, make sure the constant has the correct
+        ** expression.  However, make sure the constant has the correct
         ** datatype by applying the Affinity of the table column to the
         ** constant.
         */
@@ -110615,6 +112426,11 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
           iTab = pParse->iSelfTab - 1;
         }
       }
+      else if( pParse->pIdxPartExpr
+       && 0!=(r1 = exprPartidxExprLookup(pParse, pExpr, target))
+      ){
+        return r1;
+      }
       assert( ExprUseYTab(pExpr) );
       assert( pExpr->y.pTab!=0 );
       iReg = sqlite3ExprCodeGetColumn(pParse, pExpr->y.pTab,
@@ -110872,7 +112688,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
         sqlite3ErrorMsg(pParse, "unknown function: %#T()", pExpr);
         break;
       }
-      if( pDef->funcFlags & SQLITE_FUNC_INLINE ){
+      if( (pDef->funcFlags & SQLITE_FUNC_INLINE)!=0 && ALWAYS(pFarg!=0) ){
         assert( (pDef->funcFlags & SQLITE_FUNC_UNSAFE)==0 );
         assert( (pDef->funcFlags & SQLITE_FUNC_DIRECT)==0 );
         return exprCodeInlineFunction(pParse, pFarg,
@@ -110898,10 +112714,10 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
           r1 = sqlite3GetTempRange(pParse, nFarg);
         }
 
-        /* For length() and typeof() functions with a column argument,
+        /* For length() and typeof() and octet_length() functions,
         ** set the P5 parameter to the OP_Column opcode to OPFLAG_LENGTHARG
-        ** or OPFLAG_TYPEOFARG respectively, to avoid unnecessary data
-        ** loading.
+        ** or OPFLAG_TYPEOFARG or OPFLAG_BYTELENARG respectively, to avoid
+        ** unnecessary data loading.
         */
         if( (pDef->funcFlags & (SQLITE_FUNC_LENGTH|SQLITE_FUNC_TYPEOF))!=0 ){
           u8 exprOp;
@@ -110911,14 +112727,16 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
           if( exprOp==TK_COLUMN || exprOp==TK_AGG_COLUMN ){
             assert( SQLITE_FUNC_LENGTH==OPFLAG_LENGTHARG );
             assert( SQLITE_FUNC_TYPEOF==OPFLAG_TYPEOFARG );
-            testcase( pDef->funcFlags & OPFLAG_LENGTHARG );
-            pFarg->a[0].pExpr->op2 =
-                  pDef->funcFlags & (OPFLAG_LENGTHARG|OPFLAG_TYPEOFARG);
+            assert( SQLITE_FUNC_BYTELEN==OPFLAG_BYTELENARG );
+            assert( (OPFLAG_LENGTHARG|OPFLAG_TYPEOFARG)==OPFLAG_BYTELENARG );
+            testcase( (pDef->funcFlags & OPFLAG_BYTELENARG)==OPFLAG_LENGTHARG );
+            testcase( (pDef->funcFlags & OPFLAG_BYTELENARG)==OPFLAG_TYPEOFARG );
+            testcase( (pDef->funcFlags & OPFLAG_BYTELENARG)==OPFLAG_BYTELENARG);
+            pFarg->a[0].pExpr->op2 = pDef->funcFlags & OPFLAG_BYTELENARG;
           }
         }
 
-        sqlite3ExprCodeExprList(pParse, pFarg, r1, 0,
-                                SQLITE_ECEL_DUP|SQLITE_ECEL_FACTOR);
+        sqlite3ExprCodeExprList(pParse, pFarg, r1, 0, SQLITE_ECEL_FACTOR);
       }else{
         r1 = 0;
       }
@@ -111273,9 +113091,9 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
 ** once. If no functions are involved, then factor the code out and put it at
 ** the end of the prepared statement in the initialization section.
 **
-** If regDest>=0 then the result is always stored in that register and the
+** If regDest>0 then the result is always stored in that register and the
 ** result is not reusable.  If regDest<0 then this routine is free to
-** store the value whereever it wants.  The register where the expression
+** store the value wherever it wants.  The register where the expression
 ** is stored is returned.  When regDest<0, two identical expressions might
 ** code to the same register, if they do not contain function calls and hence
 ** are factored out into the initialization section at the end of the
@@ -111288,6 +113106,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeRunJustOnce(
 ){
   ExprList *p;
   assert( ConstFactorOk(pParse) );
+  assert( regDest!=0 );
   p = pParse->pConstExpr;
   if( regDest<0 && p ){
     struct ExprList_item *pItem;
@@ -112193,7 +114012,7 @@ static int exprImpliesNotNull(
 **     pE1: x!=123     pE2: x IS NOT NULL    Result: true
 **     pE1: x!=?1      pE2: x IS NOT NULL    Result: true
 **     pE1: x IS NULL  pE2: x IS NOT NULL    Result: false
-**     pE1: x IS ?2    pE2: x IS NOT NULL    Reuslt: false
+**     pE1: x IS ?2    pE2: x IS NOT NULL    Result: false
 **
 ** When comparing TK_COLUMN nodes between pE1 and pE2, if pE2 has
 ** Expr.iTable<0 then assume a table number given by iTab.
@@ -112230,11 +114049,29 @@ SQLITE_PRIVATE int sqlite3ExprImpliesExpr(
   return 0;
 }
 
+/* This is a helper function to impliesNotNullRow().  In this routine,
+** set pWalker->eCode to one only if *both* of the input expressions
+** separately have the implies-not-null-row property.
+*/
+static void bothImplyNotNullRow(Walker *pWalker, Expr *pE1, Expr *pE2){
+  if( pWalker->eCode==0 ){
+    sqlite3WalkExpr(pWalker, pE1);
+    if( pWalker->eCode ){
+      pWalker->eCode = 0;
+      sqlite3WalkExpr(pWalker, pE2);
+    }
+  }
+}
+
 /*
 ** This is the Expr node callback for sqlite3ExprImpliesNonNullRow().
 ** If the expression node requires that the table at pWalker->iCur
 ** have one or more non-NULL column, then set pWalker->eCode to 1 and abort.
 **
+** pWalker->mWFlags is non-zero if this inquiry is being undertaking on
+** behalf of a RIGHT JOIN (or FULL JOIN).  That makes a difference when
+** evaluating terms in the ON clause of an inner join.
+**
 ** This routine controls an optimization.  False positives (setting
 ** pWalker->eCode to 1 when it should not be) are deadly, but false-negatives
 ** (never setting pWalker->eCode) is a harmless missed optimization.
@@ -112243,28 +114080,33 @@ static int impliesNotNullRow(Walker *pWalker, Expr *pExpr){
   testcase( pExpr->op==TK_AGG_COLUMN );
   testcase( pExpr->op==TK_AGG_FUNCTION );
   if( ExprHasProperty(pExpr, EP_OuterON) ) return WRC_Prune;
+  if( ExprHasProperty(pExpr, EP_InnerON) && pWalker->mWFlags ){
+    /* If iCur is used in an inner-join ON clause to the left of a
+    ** RIGHT JOIN, that does *not* mean that the table must be non-null.
+    ** But it is difficult to check for that condition precisely.
+    ** To keep things simple, any use of iCur from any inner-join is
+    ** ignored while attempting to simplify a RIGHT JOIN. */
+    return WRC_Prune;
+  }
   switch( pExpr->op ){
     case TK_ISNOT:
     case TK_ISNULL:
     case TK_NOTNULL:
     case TK_IS:
-    case TK_OR:
     case TK_VECTOR:
-    case TK_CASE:
-    case TK_IN:
     case TK_FUNCTION:
     case TK_TRUTH:
+    case TK_CASE:
       testcase( pExpr->op==TK_ISNOT );
       testcase( pExpr->op==TK_ISNULL );
       testcase( pExpr->op==TK_NOTNULL );
       testcase( pExpr->op==TK_IS );
-      testcase( pExpr->op==TK_OR );
       testcase( pExpr->op==TK_VECTOR );
-      testcase( pExpr->op==TK_CASE );
-      testcase( pExpr->op==TK_IN );
       testcase( pExpr->op==TK_FUNCTION );
       testcase( pExpr->op==TK_TRUTH );
+      testcase( pExpr->op==TK_CASE );
       return WRC_Prune;
+
     case TK_COLUMN:
       if( pWalker->u.iCur==pExpr->iTable ){
         pWalker->eCode = 1;
@@ -112272,21 +114114,38 @@ static int impliesNotNullRow(Walker *pWalker, Expr *pExpr){
       }
       return WRC_Prune;
 
+    case TK_OR:
     case TK_AND:
-      if( pWalker->eCode==0 ){
+      /* Both sides of an AND or OR must separately imply non-null-row.
+      ** Consider these cases:
+      **    1.  NOT (x AND y)
+      **    2.  x OR y
+      ** If only one of x or y is non-null-row, then the overall expression
+      ** can be true if the other arm is false (case 1) or true (case 2).
+      */
+      testcase( pExpr->op==TK_OR );
+      testcase( pExpr->op==TK_AND );
+      bothImplyNotNullRow(pWalker, pExpr->pLeft, pExpr->pRight);
+      return WRC_Prune;
+
+    case TK_IN:
+      /* Beware of "x NOT IN ()" and "x NOT IN (SELECT 1 WHERE false)",
+      ** both of which can be true.  But apart from these cases, if
+      ** the left-hand side of the IN is NULL then the IN itself will be
+      ** NULL. */
+      if( ExprUseXList(pExpr) && ALWAYS(pExpr->x.pList->nExpr>0) ){
         sqlite3WalkExpr(pWalker, pExpr->pLeft);
-        if( pWalker->eCode ){
-          pWalker->eCode = 0;
-          sqlite3WalkExpr(pWalker, pExpr->pRight);
-        }
       }
       return WRC_Prune;
 
     case TK_BETWEEN:
-      if( sqlite3WalkExpr(pWalker, pExpr->pLeft)==WRC_Abort ){
-        assert( pWalker->eCode );
-        return WRC_Abort;
-      }
+      /* In "x NOT BETWEEN y AND z" either x must be non-null-row or else
+      ** both y and z must be non-null row */
+      assert( ExprUseXList(pExpr) );
+      assert( pExpr->x.pList->nExpr==2 );
+      sqlite3WalkExpr(pWalker, pExpr->pLeft);
+      bothImplyNotNullRow(pWalker, pExpr->x.pList->a[0].pExpr,
+                                   pExpr->x.pList->a[1].pExpr);
       return WRC_Prune;
 
     /* Virtual tables are allowed to use constraints like x=NULL.  So
@@ -112348,7 +114207,7 @@ static int impliesNotNullRow(Walker *pWalker, Expr *pExpr){
 ** be non-NULL, then the LEFT JOIN can be safely converted into an
 ** ordinary join.
 */
-SQLITE_PRIVATE int sqlite3ExprImpliesNonNullRow(Expr *p, int iTab){
+SQLITE_PRIVATE int sqlite3ExprImpliesNonNullRow(Expr *p, int iTab, int isRJ){
   Walker w;
   p = sqlite3ExprSkipCollateAndLikely(p);
   if( p==0 ) return 0;
@@ -112356,7 +114215,7 @@ SQLITE_PRIVATE int sqlite3ExprImpliesNonNullRow(Expr *p, int iTab){
     p = p->pLeft;
   }else{
     while( p->op==TK_AND ){
-      if( sqlite3ExprImpliesNonNullRow(p->pLeft, iTab) ) return 1;
+      if( sqlite3ExprImpliesNonNullRow(p->pLeft, iTab, isRJ) ) return 1;
       p = p->pRight;
     }
   }
@@ -112364,6 +114223,7 @@ SQLITE_PRIVATE int sqlite3ExprImpliesNonNullRow(Expr *p, int iTab){
   w.xSelectCallback = 0;
   w.xSelectCallback2 = 0;
   w.eCode = 0;
+  w.mWFlags = isRJ!=0;
   w.u.iCur = iTab;
   sqlite3WalkExpr(&w, p);
   return w.eCode;
@@ -112424,7 +114284,7 @@ SQLITE_PRIVATE int sqlite3ExprCoveredByIndex(
 }
 
 
-/* Structure used to pass information throught the Walker in order to
+/* Structure used to pass information throughout the Walker in order to
 ** implement sqlite3ReferencesSrcList().
 */
 struct RefSrcList {
@@ -112531,6 +114391,12 @@ SQLITE_PRIVATE int sqlite3ReferencesSrcList(Parse *pParse, Expr *pExpr, SrcList
   assert( pExpr->op==TK_AGG_FUNCTION );
   assert( ExprUseXList(pExpr) );
   sqlite3WalkExprList(&w, pExpr->x.pList);
+  if( pExpr->pLeft ){
+    assert( pExpr->pLeft->op==TK_ORDER );
+    assert( ExprUseXList(pExpr->pLeft) );
+    assert( pExpr->pLeft->x.pList!=0 );
+    sqlite3WalkExprList(&w, pExpr->pLeft->x.pList);
+  }
 #ifndef SQLITE_OMIT_WINDOWFUNC
   if( ExprHasProperty(pExpr, EP_WinFunc) ){
     sqlite3WalkExpr(&w, pExpr->y.pWin->pFilter);
@@ -112640,7 +114506,7 @@ static int addAggInfoFunc(sqlite3 *db, AggInfo *pInfo){
 ** Return the index in aCol[] of the entry that describes that column.
 **
 ** If no prior entry is found, create a new one and return -1.  The
-** new column will have an idex of pAggInfo->nColumn-1.
+** new column will have an index of pAggInfo->nColumn-1.
 */
 static void findOrCreateAggInfoColumn(
   Parse *pParse,       /* Parsing context */
@@ -112653,6 +114519,7 @@ static void findOrCreateAggInfoColumn(
   assert( pAggInfo->iFirstReg==0 );
   pCol = pAggInfo->aCol;
   for(k=0; knColumn; k++, pCol++){
+    if( pCol->pCExpr==pExpr ) return;
     if( pCol->iTable==pExpr->iTable
      && pCol->iColumn==pExpr->iColumn
      && pExpr->op!=TK_IF_NULL_ROW
@@ -112794,14 +114661,42 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
           u8 enc = ENC(pParse->db);
           i = addAggInfoFunc(pParse->db, pAggInfo);
           if( i>=0 ){
+            int nArg;
             assert( !ExprHasProperty(pExpr, EP_xIsSelect) );
             pItem = &pAggInfo->aFunc[i];
             pItem->pFExpr = pExpr;
             assert( ExprUseUToken(pExpr) );
+            nArg = pExpr->x.pList ? pExpr->x.pList->nExpr : 0;
             pItem->pFunc = sqlite3FindFunction(pParse->db,
-                   pExpr->u.zToken,
-                   pExpr->x.pList ? pExpr->x.pList->nExpr : 0, enc, 0);
-            if( pExpr->flags & EP_Distinct ){
+                                         pExpr->u.zToken, nArg, enc, 0);
+            assert( pItem->bOBUnique==0 );
+            if( pExpr->pLeft
+             && (pItem->pFunc->funcFlags & SQLITE_FUNC_NEEDCOLL)==0
+            ){
+              /* The NEEDCOLL test above causes any ORDER BY clause on
+              ** aggregate min() or max() to be ignored. */
+              ExprList *pOBList;
+              assert( nArg>0 );
+              assert( pExpr->pLeft->op==TK_ORDER );
+              assert( ExprUseXList(pExpr->pLeft) );
+              pItem->iOBTab = pParse->nTab++;
+              pOBList = pExpr->pLeft->x.pList;
+              assert( pOBList->nExpr>0 );
+              assert( pItem->bOBUnique==0 );
+              if( pOBList->nExpr==1
+               && nArg==1
+               && sqlite3ExprCompare(0,pOBList->a[0].pExpr,
+                               pExpr->x.pList->a[0].pExpr,0)==0
+              ){
+                pItem->bOBPayload = 0;
+                pItem->bOBUnique = ExprHasProperty(pExpr, EP_Distinct);
+              }else{
+                pItem->bOBPayload = 1;
+              }
+            }else{
+              pItem->iOBTab = -1;
+            }
+            if( ExprHasProperty(pExpr, EP_Distinct) && !pItem->bOBUnique ){
               pItem->iDistinct = pParse->nTab++;
             }else{
               pItem->iDistinct = -1;
@@ -113437,14 +115332,19 @@ SQLITE_PRIVATE void sqlite3AlterFinishAddColumn(Parse *pParse, Token *pColDef){
     /* Verify that constraints are still satisfied */
     if( pNew->pCheck!=0
      || (pCol->notNull && (pCol->colFlags & COLFLAG_GENERATED)!=0)
+     || (pTab->tabFlags & TF_Strict)!=0
     ){
       sqlite3NestedParse(pParse,
         "SELECT CASE WHEN quick_check GLOB 'CHECK*'"
         " THEN raise(ABORT,'CHECK constraint failed')"
+        " WHEN quick_check GLOB 'non-* value in*'"
+        " THEN raise(ABORT,'type mismatch on DEFAULT')"
         " ELSE raise(ABORT,'NOT NULL constraint failed')"
         " END"
         "  FROM pragma_quick_check(%Q,%Q)"
-        " WHERE quick_check GLOB 'CHECK*' OR quick_check GLOB 'NULL*'",
+        " WHERE quick_check GLOB 'CHECK*'"
+        " OR quick_check GLOB 'NULL*'"
+        " OR quick_check GLOB 'non-* value in*'",
         zTab, zDb
       );
     }
@@ -113533,7 +115433,7 @@ SQLITE_PRIVATE void sqlite3AlterBeginAddColumn(Parse *pParse, SrcList *pSrc){
   pNew->u.tab.pDfltList = sqlite3ExprListDup(db, pTab->u.tab.pDfltList, 0);
   pNew->pSchema = db->aDb[iDb].pSchema;
   pNew->u.tab.addColOffset = pTab->u.tab.addColOffset;
-  pNew->nTabRef = 1;
+  assert( pNew->nTabRef==1 );
 
 exit_begin_add_column:
   sqlite3SrcListDelete(db, pSrc);
@@ -114038,7 +115938,7 @@ static RenameToken *renameColumnTokenNext(RenameCtx *pCtx){
 }
 
 /*
-** An error occured while parsing or otherwise processing a database
+** An error occurred while parsing or otherwise processing a database
 ** object (either pParse->pNewTable, pNewIndex or pNewTrigger) as part of an
 ** ALTER TABLE RENAME COLUMN program. The error message emitted by the
 ** sub-routine is currently stored in pParse->zErrMsg. This function
@@ -117144,14 +119044,15 @@ static int loadStatTbl(
     decodeIntArray((char*)sqlite3_column_text(pStmt,2),nCol,pSample->anLt,0,0);
     decodeIntArray((char*)sqlite3_column_text(pStmt,3),nCol,pSample->anDLt,0,0);
 
-    /* Take a copy of the sample. Add two 0x00 bytes the end of the buffer.
+    /* Take a copy of the sample. Add 8 extra 0x00 bytes the end of the buffer.
     ** This is in case the sample record is corrupted. In that case, the
     ** sqlite3VdbeRecordCompare() may read up to two varints past the
     ** end of the allocated buffer before it realizes it is dealing with
-    ** a corrupt record. Adding the two 0x00 bytes prevents this from causing
+    ** a corrupt record.  Or it might try to read a large integer from the
+    ** buffer.  In any case, eight 0x00 bytes prevents this from causing
     ** a buffer overread.  */
     pSample->n = sqlite3_column_bytes(pStmt, 4);
-    pSample->p = sqlite3DbMallocZero(db, pSample->n + 2);
+    pSample->p = sqlite3DbMallocZero(db, pSample->n + 8);
     if( pSample->p==0 ){
       sqlite3_finalize(pStmt);
       return SQLITE_NOMEM_BKPT;
@@ -118109,7 +120010,7 @@ SQLITE_PRIVATE int sqlite3AuthCheck(
   sqlite3 *db = pParse->db;
   int rc;
 
-  /* Don't do any authorization checks if the database is initialising
+  /* Don't do any authorization checks if the database is initializing
   ** or if the parser is being invoked from within sqlite3_declare_vtab.
   */
   assert( !IN_RENAME_OBJECT || db->xAuth==0 );
@@ -118410,29 +120311,26 @@ SQLITE_PRIVATE void sqlite3FinishCoding(Parse *pParse){
     pParse->nVtabLock = 0;
 #endif
 
+#ifndef SQLITE_OMIT_SHARED_CACHE
     /* Once all the cookies have been verified and transactions opened,
     ** obtain the required table-locks. This is a no-op unless the
     ** shared-cache feature is enabled.
     */
-    codeTableLocks(pParse);
+    if( pParse->nTableLock ) codeTableLocks(pParse);
+#endif
 
     /* Initialize any AUTOINCREMENT data structures required.
     */
-    sqlite3AutoincrementBegin(pParse);
+    if( pParse->pAinc ) sqlite3AutoincrementBegin(pParse);
 
-    /* Code constant expressions that where factored out of inner loops.
-    **
-    ** The pConstExpr list might also contain expressions that we simply
-    ** want to keep around until the Parse object is deleted.  Such
-    ** expressions have iConstExprReg==0.  Do not generate code for
-    ** those expressions, of course.
+    /* Code constant expressions that were factored out of inner loops.
     */
     if( pParse->pConstExpr ){
       ExprList *pEL = pParse->pConstExpr;
       pParse->okConstFactor = 0;
       for(i=0; inExpr; i++){
-        int iReg = pEL->a[i].u.iConstExprReg;
-        sqlite3ExprCode(pParse, pEL->a[i].pExpr, iReg);
+        assert( pEL->a[i].u.iConstExprReg>0 );
+        sqlite3ExprCode(pParse, pEL->a[i].pExpr, pEL->a[i].u.iConstExprReg);
       }
     }
 
@@ -118931,7 +120829,7 @@ SQLITE_PRIVATE void sqlite3ColumnSetColl(
 }
 
 /*
-** Return the collating squence name for a column
+** Return the collating sequence name for a column
 */
 SQLITE_PRIVATE const char *sqlite3ColumnColl(Column *pCol){
   const char *z;
@@ -119586,20 +121484,13 @@ SQLITE_PRIVATE void sqlite3ColumnPropertiesFromName(Table *pTab, Column *pCol){
 }
 #endif
 
-/*
-** Name of the special TEMP trigger used to implement RETURNING.  The
-** name begins with "sqlite_" so that it is guaranteed not to collide
-** with any application-generated triggers.
-*/
-#define RETURNING_TRIGGER_NAME  "sqlite_returning"
-
 /*
 ** Clean up the data structures associated with the RETURNING clause.
 */
 static void sqlite3DeleteReturning(sqlite3 *db, Returning *pRet){
   Hash *pHash;
   pHash = &(db->aDb[1].pSchema->trigHash);
-  sqlite3HashInsert(pHash, RETURNING_TRIGGER_NAME, 0);
+  sqlite3HashInsert(pHash, pRet->zName, 0);
   sqlite3ExprListDelete(db, pRet->pReturnEL);
   sqlite3DbFree(db, pRet);
 }
@@ -119642,7 +121533,9 @@ SQLITE_PRIVATE void sqlite3AddReturning(Parse *pParse, ExprList *pList){
      (void(*)(sqlite3*,void*))sqlite3DeleteReturning, pRet);
   testcase( pParse->earlyCleanup );
   if( db->mallocFailed ) return;
-  pRet->retTrig.zName = RETURNING_TRIGGER_NAME;
+  sqlite3_snprintf(sizeof(pRet->zName), pRet->zName,
+                   "sqlite_returning_%p", pParse);
+  pRet->retTrig.zName = pRet->zName;
   pRet->retTrig.op = TK_RETURNING;
   pRet->retTrig.tr_tm = TRIGGER_AFTER;
   pRet->retTrig.bReturning = 1;
@@ -119653,9 +121546,9 @@ SQLITE_PRIVATE void sqlite3AddReturning(Parse *pParse, ExprList *pList){
   pRet->retTStep.pTrig = &pRet->retTrig;
   pRet->retTStep.pExprList = pList;
   pHash = &(db->aDb[1].pSchema->trigHash);
-  assert( sqlite3HashFind(pHash, RETURNING_TRIGGER_NAME)==0
+  assert( sqlite3HashFind(pHash, pRet->zName)==0
           || pParse->nErr  || pParse->ifNotExists );
-  if( sqlite3HashInsert(pHash, RETURNING_TRIGGER_NAME, &pRet->retTrig)
+  if( sqlite3HashInsert(pHash, pRet->zName, &pRet->retTrig)
           ==&pRet->retTrig ){
     sqlite3OomFault(db);
   }
@@ -119689,7 +121582,7 @@ SQLITE_PRIVATE void sqlite3AddColumn(Parse *pParse, Token sName, Token sType){
   }
   if( !IN_RENAME_OBJECT ) sqlite3DequoteToken(&sName);
 
-  /* Because keywords GENERATE ALWAYS can be converted into indentifiers
+  /* Because keywords GENERATE ALWAYS can be converted into identifiers
   ** by the parser, we can sometimes end up with a typename that ends
   ** with "generated always".  Check for this case and omit the surplus
   ** text. */
@@ -119910,7 +121803,7 @@ SQLITE_PRIVATE void sqlite3AddDefaultValue(
   Parse *pParse,           /* Parsing context */
   Expr *pExpr,             /* The parsed expression of the default value */
   const char *zStart,      /* Start of the default value text */
-  const char *zEnd         /* First character past end of defaut value text */
+  const char *zEnd         /* First character past end of default value text */
 ){
   Table *p;
   Column *pCol;
@@ -120258,7 +122151,7 @@ static int identLength(const char *z){
 ** to the specified offset in the buffer and updates *pIdx to refer
 ** to the first byte after the last byte written before returning.
 **
-** If the string zSignedIdent consists entirely of alpha-numeric
+** If the string zSignedIdent consists entirely of alphanumeric
 ** characters, does not begin with a digit and is not an SQL keyword,
 ** then it is copied to the output buffer exactly as it is. Otherwise,
 ** it is quoted using double-quotes.
@@ -120410,7 +122303,7 @@ static void estimateIndexWidth(Index *pIdx){
   for(i=0; inColumn; i++){
     i16 x = pIdx->aiColumn[i];
     assert( xpTable->nCol );
-    wIndex += x<0 ? 1 : aCol[pIdx->aiColumn[i]].szEst;
+    wIndex += x<0 ? 1 : aCol[x].szEst;
   }
   pIdx->szIdxRow = sqlite3LogEst(wIndex*4);
 }
@@ -121099,6 +122992,17 @@ SQLITE_PRIVATE void sqlite3EndTable(
     /* Reparse everything to update our internal data structures */
     sqlite3VdbeAddParseSchemaOp(v, iDb,
            sqlite3MPrintf(db, "tbl_name='%q' AND type!='trigger'", p->zName),0);
+
+    /* Test for cycles in generated columns and illegal expressions
+    ** in CHECK constraints and in DEFAULT clauses. */
+    if( p->tabFlags & TF_HasGenerated ){
+      sqlite3VdbeAddOp4(v, OP_SqlExec, 1, 0, 0,
+             sqlite3MPrintf(db, "SELECT*FROM\"%w\".\"%w\"",
+                   db->aDb[iDb].zDbSName, p->zName), P4_DYNAMIC);
+    }
+    sqlite3VdbeAddOp4(v, OP_SqlExec, 1, 0, 0,
+           sqlite3MPrintf(db, "PRAGMA \"%w\".integrity_check(%Q)",
+                 db->aDb[iDb].zDbSName, p->zName), P4_DYNAMIC);
   }
 
   /* Add the table to the in-memory representation of the database.
@@ -122148,7 +124052,7 @@ SQLITE_PRIVATE void sqlite3CreateIndex(
 #ifndef SQLITE_OMIT_TEMPDB
     /* If the index name was unqualified, check if the table
     ** is a temp table. If so, set the database to 1. Do not do this
-    ** if initialising a database schema.
+    ** if initializing a database schema.
     */
     if( !db->init.busy ){
       pTab = sqlite3SrcListLookup(pParse, pTblName);
@@ -123805,7 +125709,7 @@ SQLITE_PRIVATE void sqlite3CteDelete(sqlite3 *db, Cte *pCte){
 
 /*
 ** This routine is invoked once per CTE by the parser while parsing a
-** WITH clause.  The CTE described by teh third argument is added to
+** WITH clause.  The CTE described by the third argument is added to
 ** the WITH clause of the second argument.  If the second argument is
 ** NULL, then a new WITH argument is created.
 */
@@ -124447,8 +126351,9 @@ SQLITE_PRIVATE Table *sqlite3SrcListLookup(Parse *pParse, SrcList *pSrc){
   Table *pTab;
   assert( pItem && pSrc->nSrc>=1 );
   pTab = sqlite3LocateTableItem(pParse, 0, pItem);
-  sqlite3DeleteTable(pParse->db, pItem->pTab);
+  if( pItem->pTab ) sqlite3DeleteTable(pParse->db, pItem->pTab);
   pItem->pTab = pTab;
+  pItem->fg.notCte = 1;
   if( pTab ){
     pTab->nTabRef++;
     if( pItem->fg.isIndexedBy && sqlite3IndexedByLookup(pParse, pItem) ){
@@ -124601,7 +126506,7 @@ SQLITE_PRIVATE Expr *sqlite3LimitWhere(
   sqlite3 *db = pParse->db;
   Expr *pLhs = NULL;           /* LHS of IN(SELECT...) operator */
   Expr *pInClause = NULL;      /* WHERE rowid IN ( select ) */
-  ExprList *pEList = NULL;     /* Expression list contaning only pSelectRowid */
+  ExprList *pEList = NULL;     /* Expression list containing only pSelectRowid*/
   SrcList *pSelectSrc = NULL;  /* SELECT rowid FROM x ... (dup of pSrc) */
   Select *pSelect = NULL;      /* Complete SELECT tree */
   Table *pTab;
@@ -124639,14 +126544,20 @@ SQLITE_PRIVATE Expr *sqlite3LimitWhere(
     );
   }else{
     Index *pPk = sqlite3PrimaryKeyIndex(pTab);
+    assert( pPk!=0 );
+    assert( pPk->nKeyCol>=1 );
     if( pPk->nKeyCol==1 ){
-      const char *zName = pTab->aCol[pPk->aiColumn[0]].zCnName;
+      const char *zName;
+      assert( pPk->aiColumn[0]>=0 && pPk->aiColumn[0]nCol );
+      zName = pTab->aCol[pPk->aiColumn[0]].zCnName;
       pLhs = sqlite3Expr(db, TK_ID, zName);
       pEList = sqlite3ExprListAppend(pParse, 0, sqlite3Expr(db, TK_ID, zName));
     }else{
       int i;
       for(i=0; inKeyCol; i++){
-        Expr *p = sqlite3Expr(db, TK_ID, pTab->aCol[pPk->aiColumn[i]].zCnName);
+        Expr *p;
+        assert( pPk->aiColumn[i]>=0 && pPk->aiColumn[i]nCol );
+        p = sqlite3Expr(db, TK_ID, pTab->aCol[pPk->aiColumn[i]].zCnName);
         pEList = sqlite3ExprListAppend(pParse, pEList, p);
       }
       pLhs = sqlite3PExpr(pParse, TK_VECTOR, 0, 0);
@@ -124675,7 +126586,7 @@ SQLITE_PRIVATE Expr *sqlite3LimitWhere(
       pOrderBy,0,pLimit
   );
 
-  /* now generate the new WHERE rowid IN clause for the DELETE/UDPATE */
+  /* now generate the new WHERE rowid IN clause for the DELETE/UPDATE */
   pInClause = sqlite3PExpr(pParse, TK_IN, pLhs, 0);
   sqlite3PExprAddSelect(pParse, pInClause, pSelect);
   return pInClause;
@@ -124904,7 +126815,7 @@ SQLITE_PRIVATE void sqlite3DeleteFrom(
     if( HasRowid(pTab) ){
       /* For a rowid table, initialize the RowSet to an empty set */
       pPk = 0;
-      nPk = 1;
+      assert( nPk==1 );
       iRowSet = ++pParse->nMem;
       sqlite3VdbeAddOp2(v, OP_Null, 0, iRowSet);
     }else{
@@ -124932,7 +126843,8 @@ SQLITE_PRIVATE void sqlite3DeleteFrom(
     if( pWInfo==0 ) goto delete_from_cleanup;
     eOnePass = sqlite3WhereOkOnePass(pWInfo, aiCurOnePass);
     assert( IsVirtual(pTab)==0 || eOnePass!=ONEPASS_MULTI );
-    assert( IsVirtual(pTab) || bComplex || eOnePass!=ONEPASS_OFF );
+    assert( IsVirtual(pTab) || bComplex || eOnePass!=ONEPASS_OFF
+            || OptimizationDisabled(db, SQLITE_OnePass) );
     if( eOnePass!=ONEPASS_SINGLE ) sqlite3MultiWrite(pParse);
     if( sqlite3WhereUsesDeferredSeek(pWInfo) ){
       sqlite3VdbeAddOp1(v, OP_FinishSeek, iTabCur);
@@ -125269,9 +127181,11 @@ SQLITE_PRIVATE void sqlite3GenerateRowDelete(
   sqlite3FkActions(pParse, pTab, 0, iOld, 0, 0);
 
   /* Invoke AFTER DELETE trigger programs. */
-  sqlite3CodeRowTrigger(pParse, pTrigger,
-      TK_DELETE, 0, TRIGGER_AFTER, pTab, iOld, onconf, iLabel
-  );
+  if( pTrigger ){
+    sqlite3CodeRowTrigger(pParse, pTrigger,
+        TK_DELETE, 0, TRIGGER_AFTER, pTab, iOld, onconf, iLabel
+    );
+  }
 
   /* Jump here if the row had already been deleted before any BEFORE
   ** trigger programs were invoked. Or if a trigger program throws a
@@ -125584,6 +127498,42 @@ static void lengthFunc(
   }
 }
 
+/*
+** Implementation of the octet_length() function
+*/
+static void bytelengthFunc(
+  sqlite3_context *context,
+  int argc,
+  sqlite3_value **argv
+){
+  assert( argc==1 );
+  UNUSED_PARAMETER(argc);
+  switch( sqlite3_value_type(argv[0]) ){
+    case SQLITE_BLOB: {
+      sqlite3_result_int(context, sqlite3_value_bytes(argv[0]));
+      break;
+    }
+    case SQLITE_INTEGER:
+    case SQLITE_FLOAT: {
+      i64 m = sqlite3_context_db_handle(context)->enc<=SQLITE_UTF8 ? 1 : 2;
+      sqlite3_result_int64(context, sqlite3_value_bytes(argv[0])*m);
+      break;
+    }
+    case SQLITE_TEXT: {
+      if( sqlite3_value_encoding(argv[0])<=SQLITE_UTF8 ){
+        sqlite3_result_int(context, sqlite3_value_bytes(argv[0]));
+      }else{
+        sqlite3_result_int(context, sqlite3_value_bytes16(argv[0]));
+      }
+      break;
+    }
+    default: {
+      sqlite3_result_null(context);
+      break;
+    }
+  }
+}
+
 /*
 ** Implementation of the abs() function.
 **
@@ -125860,7 +127810,7 @@ static void roundFunc(sqlite3_context *context, int argc, sqlite3_value **argv){
   }else if( n==0 ){
     r = (double)((sqlite_int64)(r+(r<0?-0.5:+0.5)));
   }else{
-    zBuf = sqlite3_mprintf("%.*f",n,r);
+    zBuf = sqlite3_mprintf("%!.*f",n,r);
     if( zBuf==0 ){
       sqlite3_result_error_nomem(context);
       return;
@@ -126060,7 +128010,7 @@ struct compareInfo {
 
 /*
 ** For LIKE and GLOB matching on EBCDIC machines, assume that every
-** character is exactly one byte in size.  Also, provde the Utf8Read()
+** character is exactly one byte in size.  Also, provide the Utf8Read()
 ** macro for fast reading of the next character in the common case where
 ** the next character is ASCII.
 */
@@ -126293,7 +128243,7 @@ SQLITE_API int sqlite3_like_count = 0;
 
 /*
 ** Implementation of the like() SQL function.  This function implements
-** the build-in LIKE operator.  The first argument to the function is the
+** the built-in LIKE operator.  The first argument to the function is the
 ** pattern and the second argument is the string.  So, the SQL statements:
 **
 **       A LIKE B
@@ -126626,6 +128576,7 @@ static void charFunc(
       *zOut++ = 0x80 + (u8)(c & 0x3F);
     }                                                    \
   }
+  *zOut = 0;
   sqlite3_result_text64(context, (char*)z, zOut-z, sqlite3_free, SQLITE_UTF8);
 }
 
@@ -126654,7 +128605,8 @@ static void hexFunc(
       *(z++) = hexdigits[c&0xf];
     }
     *z = 0;
-    sqlite3_result_text(context, zHex, n*2, sqlite3_free);
+    sqlite3_result_text64(context, zHex, (u64)(z-zHex),
+                          sqlite3_free, SQLITE_UTF8);
   }
 }
 
@@ -126679,7 +128631,7 @@ static int strContainsChar(const u8 *zStr, int nStr, u32 ch){
 ** decoded and returned as a blob.
 **
 ** If there is only a single argument, then it must consist only of an
-** even number of hexadeximal digits. Otherwise, return NULL.
+** even number of hexadecimal digits. Otherwise, return NULL.
 **
 ** Or, if there is a second argument, then any character that appears in
 ** the second argument is also allowed to appear between pairs of hexadecimal
@@ -126948,6 +128900,81 @@ static void trimFunc(
   sqlite3_result_text(context, (char*)zIn, nIn, SQLITE_TRANSIENT);
 }
 
+/* The core implementation of the CONCAT(...) and CONCAT_WS(SEP,...)
+** functions.
+**
+** Return a string value that is the concatenation of all non-null
+** entries in argv[].  Use zSep as the separator.
+*/
+static void concatFuncCore(
+  sqlite3_context *context,
+  int argc,
+  sqlite3_value **argv,
+  int nSep,
+  const char *zSep
+){
+  i64 j, k, n = 0;
+  int i;
+  char *z;
+  for(i=0; i0 ){
+      const char *v = (const char*)sqlite3_value_text(argv[i]);
+      if( v!=0 ){
+        if( j>0 && nSep>0 ){
+          memcpy(&z[j], zSep, nSep);
+          j += nSep;
+        }
+        memcpy(&z[j], v, k);
+        j += k;
+      }
+    }
+  }
+  z[j] = 0;
+  assert( j<=n );
+  sqlite3_result_text64(context, z, j, sqlite3_free, SQLITE_UTF8);
+}
+
+/*
+** The CONCAT(...) function.  Generate a string result that is the
+** concatentation of all non-null arguments.
+*/
+static void concatFunc(
+  sqlite3_context *context,
+  int argc,
+  sqlite3_value **argv
+){
+  concatFuncCore(context, argc, argv, 0, "");
+}
+
+/*
+** The CONCAT_WS(separator, ...) function.
+**
+** Generate a string that is the concatenation of 2nd through the Nth
+** argument.  Use the first argument (which must be non-NULL) as the
+** separator.
+*/
+static void concatwsFunc(
+  sqlite3_context *context,
+  int argc,
+  sqlite3_value **argv
+){
+  int nSep = sqlite3_value_bytes(argv[0]);
+  const char *zSep = (const char*)sqlite3_value_text(argv[0]);
+  if( zSep==0 ) return;
+  concatFuncCore(context, argc-1, argv+1, nSep, zSep);
+}
+
 
 #ifdef SQLITE_ENABLE_UNKNOWN_SQL_FUNCTION
 /*
@@ -127069,13 +129096,68 @@ static void loadExt(sqlite3_context *context, int argc, sqlite3_value **argv){
 */
 typedef struct SumCtx SumCtx;
 struct SumCtx {
-  double rSum;      /* Floating point sum */
-  i64 iSum;         /* Integer sum */
+  double rSum;      /* Running sum as as a double */
+  double rErr;      /* Error term for Kahan-Babushka-Neumaier summation */
+  i64 iSum;         /* Running sum as a signed integer */
   i64 cnt;          /* Number of elements summed */
-  u8 overflow;      /* True if integer overflow seen */
-  u8 approx;        /* True if non-integer value was input to the sum */
+  u8 approx;        /* True if any non-integer value was input to the sum */
+  u8 ovrfl;         /* Integer overflow seen */
 };
 
+/*
+** Do one step of the Kahan-Babushka-Neumaier summation.
+**
+** https://en.wikipedia.org/wiki/Kahan_summation_algorithm
+**
+** Variables are marked "volatile" to defeat c89 x86 floating point
+** optimizations can mess up this algorithm.
+*/
+static void kahanBabuskaNeumaierStep(
+  volatile SumCtx *pSum,
+  volatile double r
+){
+  volatile double s = pSum->rSum;
+  volatile double t = s + r;
+  if( fabs(s) > fabs(r) ){
+    pSum->rErr += (s - t) + r;
+  }else{
+    pSum->rErr += (r - t) + s;
+  }
+  pSum->rSum = t;
+}
+
+/*
+** Add a (possibly large) integer to the running sum.
+*/
+static void kahanBabuskaNeumaierStepInt64(volatile SumCtx *pSum, i64 iVal){
+  if( iVal<=-4503599627370496LL || iVal>=+4503599627370496LL ){
+    i64 iBig, iSm;
+    iSm = iVal % 16384;
+    iBig = iVal - iSm;
+    kahanBabuskaNeumaierStep(pSum, iBig);
+    kahanBabuskaNeumaierStep(pSum, iSm);
+  }else{
+    kahanBabuskaNeumaierStep(pSum, (double)iVal);
+  }
+}
+
+/*
+** Initialize the Kahan-Babaska-Neumaier sum from a 64-bit integer
+*/
+static void kahanBabuskaNeumaierInit(
+  volatile SumCtx *p,
+  i64 iVal
+){
+  if( iVal<=-4503599627370496LL || iVal>=+4503599627370496LL ){
+    i64 iSm = iVal % 16384;
+    p->rSum = (double)(iVal - iSm);
+    p->rErr = (double)iSm;
+  }else{
+    p->rSum = (double)iVal;
+    p->rErr = 0.0;
+  }
+}
+
 /*
 ** Routines used to compute the sum, average, and total.
 **
@@ -127095,15 +129177,29 @@ static void sumStep(sqlite3_context *context, int argc, sqlite3_value **argv){
   type = sqlite3_value_numeric_type(argv[0]);
   if( p && type!=SQLITE_NULL ){
     p->cnt++;
-    if( type==SQLITE_INTEGER ){
-      i64 v = sqlite3_value_int64(argv[0]);
-      p->rSum += v;
-      if( (p->approx|p->overflow)==0 && sqlite3AddInt64(&p->iSum, v) ){
-        p->approx = p->overflow = 1;
+    if( p->approx==0 ){
+      if( type!=SQLITE_INTEGER ){
+        kahanBabuskaNeumaierInit(p, p->iSum);
+        p->approx = 1;
+        kahanBabuskaNeumaierStep(p, sqlite3_value_double(argv[0]));
+      }else{
+        i64 x = p->iSum;
+        if( sqlite3AddInt64(&x, sqlite3_value_int64(argv[0]))==0 ){
+          p->iSum = x;
+        }else{
+          p->ovrfl = 1;
+          kahanBabuskaNeumaierInit(p, p->iSum);
+          p->approx = 1;
+          kahanBabuskaNeumaierStepInt64(p, sqlite3_value_int64(argv[0]));
+        }
       }
     }else{
-      p->rSum += sqlite3_value_double(argv[0]);
-      p->approx = 1;
+      if( type==SQLITE_INTEGER ){
+        kahanBabuskaNeumaierStepInt64(p, sqlite3_value_int64(argv[0]));
+      }else{
+        p->ovrfl = 0;
+        kahanBabuskaNeumaierStep(p, sqlite3_value_double(argv[0]));
+      }
     }
   }
 }
@@ -127120,13 +129216,18 @@ static void sumInverse(sqlite3_context *context, int argc, sqlite3_value**argv){
   if( ALWAYS(p) && type!=SQLITE_NULL ){
     assert( p->cnt>0 );
     p->cnt--;
-    assert( type==SQLITE_INTEGER || p->approx );
-    if( type==SQLITE_INTEGER && p->approx==0 ){
-      i64 v = sqlite3_value_int64(argv[0]);
-      p->rSum -= v;
-      p->iSum -= v;
+    if( !p->approx ){
+      p->iSum -= sqlite3_value_int64(argv[0]);
+    }else if( type==SQLITE_INTEGER ){
+      i64 iVal = sqlite3_value_int64(argv[0]);
+      if( iVal!=SMALLEST_INT64 ){
+        kahanBabuskaNeumaierStepInt64(p, -iVal);
+      }else{
+        kahanBabuskaNeumaierStepInt64(p, LARGEST_INT64);
+        kahanBabuskaNeumaierStepInt64(p, 1);
+      }
     }else{
-      p->rSum -= sqlite3_value_double(argv[0]);
+      kahanBabuskaNeumaierStep(p, -sqlite3_value_double(argv[0]));
     }
   }
 }
@@ -127137,10 +129238,14 @@ static void sumFinalize(sqlite3_context *context){
   SumCtx *p;
   p = sqlite3_aggregate_context(context, 0);
   if( p && p->cnt>0 ){
-    if( p->overflow ){
-      sqlite3_result_error(context,"integer overflow",-1);
-    }else if( p->approx ){
-      sqlite3_result_double(context, p->rSum);
+    if( p->approx ){
+      if( p->ovrfl ){
+        sqlite3_result_error(context,"integer overflow",-1);
+      }else if( !sqlite3IsNaN(p->rErr) ){
+        sqlite3_result_double(context, p->rSum+p->rErr);
+      }else{
+        sqlite3_result_double(context, p->rSum);
+      }
     }else{
       sqlite3_result_int64(context, p->iSum);
     }
@@ -127150,14 +129255,29 @@ static void avgFinalize(sqlite3_context *context){
   SumCtx *p;
   p = sqlite3_aggregate_context(context, 0);
   if( p && p->cnt>0 ){
-    sqlite3_result_double(context, p->rSum/(double)p->cnt);
+    double r;
+    if( p->approx ){
+      r = p->rSum;
+      if( !sqlite3IsNaN(p->rErr) ) r += p->rErr;
+    }else{
+      r = (double)(p->iSum);
+    }
+    sqlite3_result_double(context, r/(double)p->cnt);
   }
 }
 static void totalFinalize(sqlite3_context *context){
   SumCtx *p;
+  double r = 0.0;
   p = sqlite3_aggregate_context(context, 0);
-  /* (double)0 In case of SQLITE_OMIT_FLOATING_POINT... */
-  sqlite3_result_double(context, p ? p->rSum : (double)0);
+  if( p ){
+    if( p->approx ){
+      r = p->rSum;
+      if( !sqlite3IsNaN(p->rErr) ) r += p->rErr;
+    }else{
+      r = (double)(p->iSum);
+    }
+  }
+  sqlite3_result_double(context, r);
 }
 
 /*
@@ -127276,6 +129396,7 @@ static void minMaxFinalize(sqlite3_context *context){
 
 /*
 ** group_concat(EXPR, ?SEPARATOR?)
+** string_agg(EXPR, SEPARATOR)
 **
 ** The SEPARATOR goes before the EXPR string.  This is tragic.  The
 ** groupConcatInverse() implementation would have been easier if the
@@ -127379,7 +129500,7 @@ static void groupConcatInverse(
   if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
   pGCC = (GroupConcatCtx*)sqlite3_aggregate_context(context, sizeof(*pGCC));
   /* pGCC is always non-NULL since groupConcatStep() will have always
-  ** run frist to initialize it */
+  ** run first to initialize it */
   if( ALWAYS(pGCC) ){
     int nVS;
     /* Must call sqlite3_value_text() to convert the argument into text prior
@@ -127463,8 +129584,10 @@ SQLITE_PRIVATE void sqlite3RegisterPerConnectionBuiltinFunctions(sqlite3 *db){
 ** sensitive.
 */
 SQLITE_PRIVATE void sqlite3RegisterLikeFunctions(sqlite3 *db, int caseSensitive){
+  FuncDef *pDef;
   struct compareInfo *pInfo;
   int flags;
+  int nArg;
   if( caseSensitive ){
     pInfo = (struct compareInfo*)&likeInfoAlt;
     flags = SQLITE_FUNC_LIKE | SQLITE_FUNC_CASE;
@@ -127472,10 +129595,13 @@ SQLITE_PRIVATE void sqlite3RegisterLikeFunctions(sqlite3 *db, int caseSensitive)
     pInfo = (struct compareInfo*)&likeInfoNorm;
     flags = SQLITE_FUNC_LIKE;
   }
-  sqlite3CreateFunc(db, "like", 2, SQLITE_UTF8, pInfo, likeFunc, 0, 0, 0, 0, 0);
-  sqlite3CreateFunc(db, "like", 3, SQLITE_UTF8, pInfo, likeFunc, 0, 0, 0, 0, 0);
-  sqlite3FindFunction(db, "like", 2, SQLITE_UTF8, 0)->funcFlags |= flags;
-  sqlite3FindFunction(db, "like", 3, SQLITE_UTF8, 0)->funcFlags |= flags;
+  for(nArg=2; nArg<=3; nArg++){
+    sqlite3CreateFunc(db, "like", nArg, SQLITE_UTF8, pInfo, likeFunc,
+                      0, 0, 0, 0, 0);
+    pDef = sqlite3FindFunction(db, "like", nArg, SQLITE_UTF8, 0);
+    pDef->funcFlags |= flags;
+    pDef->funcFlags &= ~SQLITE_FUNC_UNSAFE;
+  }
 }
 
 /*
@@ -127747,6 +129873,37 @@ static void signFunc(
   sqlite3_result_int(context, x<0.0 ? -1 : x>0.0 ? +1 : 0);
 }
 
+#ifdef SQLITE_DEBUG
+/*
+** Implementation of fpdecode(x,y,z) function.
+**
+** x is a real number that is to be decoded.  y is the precision.
+** z is the maximum real precision.
+*/
+static void fpdecodeFunc(
+  sqlite3_context *context,
+  int argc,
+  sqlite3_value **argv
+){
+  FpDecode s;
+  double x;
+  int y, z;
+  char zBuf[100];
+  UNUSED_PARAMETER(argc);
+  assert( argc==3 );
+  x = sqlite3_value_double(argv[0]);
+  y = sqlite3_value_int(argv[1]);
+  z = sqlite3_value_int(argv[2]);
+  sqlite3FpDecode(&s, x, y, z);
+  if( s.isSpecial==2 ){
+    sqlite3_snprintf(sizeof(zBuf), zBuf, "NaN");
+  }else{
+    sqlite3_snprintf(sizeof(zBuf), zBuf, "%c%.*s/%d", s.sign, s.n, s.z, s.iDP);
+  }
+  sqlite3_result_text(context, zBuf, -1, SQLITE_TRANSIENT);
+}
+#endif /* SQLITE_DEBUG */
+
 /*
 ** All of the FuncDef structures in the aBuiltinFunc[] array above
 ** to the global function hash table.  This occurs at start-time (as
@@ -127811,12 +129968,16 @@ SQLITE_PRIVATE void sqlite3RegisterBuiltinFunctions(void){
     FUNCTION2(typeof,            1, 0, 0, typeofFunc,  SQLITE_FUNC_TYPEOF),
     FUNCTION2(subtype,           1, 0, 0, subtypeFunc, SQLITE_FUNC_TYPEOF),
     FUNCTION2(length,            1, 0, 0, lengthFunc,  SQLITE_FUNC_LENGTH),
+    FUNCTION2(octet_length,      1, 0, 0, bytelengthFunc,SQLITE_FUNC_BYTELEN),
     FUNCTION(instr,              2, 0, 0, instrFunc        ),
     FUNCTION(printf,            -1, 0, 0, printfFunc       ),
     FUNCTION(format,            -1, 0, 0, printfFunc       ),
     FUNCTION(unicode,            1, 0, 0, unicodeFunc      ),
     FUNCTION(char,              -1, 0, 0, charFunc         ),
     FUNCTION(abs,                1, 0, 0, absFunc          ),
+#ifdef SQLITE_DEBUG
+    FUNCTION(fpdecode,           3, 0, 0, fpdecodeFunc     ),
+#endif
 #ifndef SQLITE_OMIT_FLOATING_POINT
     FUNCTION(round,              1, 0, 0, roundFunc        ),
     FUNCTION(round,              2, 0, 0, roundFunc        ),
@@ -127826,6 +129987,11 @@ SQLITE_PRIVATE void sqlite3RegisterBuiltinFunctions(void){
     FUNCTION(hex,                1, 0, 0, hexFunc          ),
     FUNCTION(unhex,              1, 0, 0, unhexFunc        ),
     FUNCTION(unhex,              2, 0, 0, unhexFunc        ),
+    FUNCTION(concat,            -1, 0, 0, concatFunc       ),
+    FUNCTION(concat,             0, 0, 0, 0                ),
+    FUNCTION(concat_ws,         -1, 0, 0, concatwsFunc     ),
+    FUNCTION(concat_ws,          0, 0, 0, 0                ),
+    FUNCTION(concat_ws,          1, 0, 0, 0                ),
     INLINE_FUNC(ifnull,          2, INLINEFUNC_coalesce, 0 ),
     VFUNCTION(random,            0, 0, 0, randomFunc       ),
     VFUNCTION(randomblob,        1, 0, 0, randomBlob       ),
@@ -127855,6 +130021,8 @@ SQLITE_PRIVATE void sqlite3RegisterBuiltinFunctions(void){
         groupConcatFinalize, groupConcatValue, groupConcatInverse, 0),
     WAGGREGATE(group_concat, 2, 0, 0, groupConcatStep,
         groupConcatFinalize, groupConcatValue, groupConcatInverse, 0),
+    WAGGREGATE(string_agg,   2, 0, 0, groupConcatStep,
+        groupConcatFinalize, groupConcatValue, groupConcatInverse, 0),
 
     LIKEFUNC(glob, 2, &globInfo, SQLITE_FUNC_LIKE|SQLITE_FUNC_CASE),
 #ifdef SQLITE_CASE_SENSITIVE_LIKE
@@ -128797,6 +130965,7 @@ static int isSetNullAction(Parse *pParse, FKey *pFKey){
     if( (p==pFKey->apTrigger[0] && pFKey->aAction[0]==OE_SetNull)
      || (p==pFKey->apTrigger[1] && pFKey->aAction[1]==OE_SetNull)
     ){
+      assert( (pTop->db->flags & SQLITE_FkNoAction)==0 );
       return 1;
     }
   }
@@ -128991,6 +131160,8 @@ SQLITE_PRIVATE void sqlite3FkCheck(
       }
       if( regOld!=0 ){
         int eAction = pFKey->aAction[aChange!=0];
+        if( (db->flags & SQLITE_FkNoAction) ) eAction = OE_None;
+
         fkScanChildren(pParse, pSrc, pTab, pIdx, pFKey, aiCol, regOld, 1);
         /* If this is a deferred FK constraint, or a CASCADE or SET NULL
         ** action applies, then any foreign key violations caused by
@@ -129106,7 +131277,11 @@ SQLITE_PRIVATE int sqlite3FkRequired(
       /* Check if any parent key columns are being modified. */
       for(p=sqlite3FkReferences(pTab); p; p=p->pNextTo){
         if( fkParentIsModified(pTab, p, aChange, chngRowid) ){
-          if( p->aAction[1]!=OE_None ) return 2;
+          if( (pParse->db->flags & SQLITE_FkNoAction)==0
+           && p->aAction[1]!=OE_None
+          ){
+            return 2;
+          }
           bHaveFK = 1;
         }
       }
@@ -129156,6 +131331,7 @@ static Trigger *fkActionTrigger(
   int iAction = (pChanges!=0);    /* 1 for UPDATE, 0 for DELETE */
 
   action = pFKey->aAction[iAction];
+  if( (db->flags & SQLITE_FkNoAction) ) action = OE_None;
   if( action==OE_Restrict && (db->flags & SQLITE_DeferFKs) ){
     return 0;
   }
@@ -129387,9 +131563,8 @@ SQLITE_PRIVATE void sqlite3FkDelete(sqlite3 *db, Table *pTab){
       if( pFKey->pPrevTo ){
         pFKey->pPrevTo->pNextTo = pFKey->pNextTo;
       }else{
-        void *p = (void *)pFKey->pNextTo;
-        const char *z = (p ? pFKey->pNextTo->zTo : pFKey->zTo);
-        sqlite3HashInsert(&pTab->pSchema->fkeyHash, z, p);
+        const char *z = (pFKey->pNextTo ? pFKey->pNextTo->zTo : pFKey->zTo);
+        sqlite3HashInsert(&pTab->pSchema->fkeyHash, z, pFKey->pNextTo);
       }
       if( pFKey->pNextTo ){
         pFKey->pNextTo->pPrevTo = pFKey->pPrevTo;
@@ -129452,8 +131627,10 @@ SQLITE_PRIVATE void sqlite3OpenTable(
   assert( pParse->pVdbe!=0 );
   v = pParse->pVdbe;
   assert( opcode==OP_OpenWrite || opcode==OP_OpenRead );
-  sqlite3TableLock(pParse, iDb, pTab->tnum,
-                   (opcode==OP_OpenWrite)?1:0, pTab->zName);
+  if( !pParse->db->noSharedCache ){
+    sqlite3TableLock(pParse, iDb, pTab->tnum,
+                     (opcode==OP_OpenWrite)?1:0, pTab->zName);
+  }
   if( HasRowid(pTab) ){
     sqlite3VdbeAddOp4Int(v, opcode, iCur, pTab->tnum, iDb, pTab->nNVCol);
     VdbeComment((v, "%s", pTab->zName));
@@ -129582,7 +131759,7 @@ SQLITE_PRIVATE char *sqlite3TableAffinityStr(sqlite3 *db, const Table *pTab){
 ** For STRICT tables:
 ** ------------------
 **
-** Generate an appropropriate OP_TypeCheck opcode that will verify the
+** Generate an appropriate OP_TypeCheck opcode that will verify the
 ** datatypes against the column definitions in pTab.  If iReg==0, that
 ** means an OP_MakeRecord opcode has already been generated and should be
 ** the last opcode generated.  The new OP_TypeCheck needs to be inserted
@@ -130874,7 +133051,7 @@ SQLITE_PRIVATE void sqlite3Insert(
 /* This is the Walker callback from sqlite3ExprReferencesUpdatedColumn().
 *  Set bit 0x01 of pWalker->eCode if pWalker->eCode to 0 and if this
 ** expression node references any of the
-** columns that are being modifed by an UPDATE statement.
+** columns that are being modified by an UPDATE statement.
 */
 static int checkConstraintExprNode(Walker *pWalker, Expr *pExpr){
   if( pExpr->op==TK_COLUMN ){
@@ -131097,7 +133274,7 @@ SQLITE_PRIVATE void sqlite3GenerateConstraintChecks(
   int *aiChng,         /* column i is unchanged if aiChng[i]<0 */
   Upsert *pUpsert      /* ON CONFLICT clauses, if any.  NULL otherwise */
 ){
-  Vdbe *v;             /* VDBE under constrution */
+  Vdbe *v;             /* VDBE under construction */
   Index *pIdx;         /* Pointer to one of the indices */
   Index *pPk = 0;      /* The PRIMARY KEY index for WITHOUT ROWID tables */
   sqlite3 *db;         /* Database connection */
@@ -131580,7 +133757,7 @@ SQLITE_PRIVATE void sqlite3GenerateConstraintChecks(
       pIdx;
       pIdx = indexIteratorNext(&sIdxIter, &ix)
   ){
-    int regIdx;          /* Range of registers hold conent for pIdx */
+    int regIdx;          /* Range of registers holding content for pIdx */
     int regR;            /* Range of registers holding conflicting PK */
     int iThisCur;        /* Cursor for this UNIQUE index */
     int addrUniqueOk;    /* Jump here if the UNIQUE constraint is satisfied */
@@ -132075,6 +134252,8 @@ SQLITE_PRIVATE int sqlite3OpenTableAndIndices(
 
   assert( op==OP_OpenRead || op==OP_OpenWrite );
   assert( op==OP_OpenWrite || p5==0 );
+  assert( piDataCur!=0 );
+  assert( piIdxCur!=0 );
   if( IsVirtual(pTab) ){
     /* This routine is a no-op for virtual tables. Leave the output
     ** variables *piDataCur and *piIdxCur set to illegal cursor numbers
@@ -132087,18 +134266,18 @@ SQLITE_PRIVATE int sqlite3OpenTableAndIndices(
   assert( v!=0 );
   if( iBase<0 ) iBase = pParse->nTab;
   iDataCur = iBase++;
-  if( piDataCur ) *piDataCur = iDataCur;
+  *piDataCur = iDataCur;
   if( HasRowid(pTab) && (aToOpen==0 || aToOpen[0]) ){
     sqlite3OpenTable(pParse, iDataCur, iDb, pTab, op);
-  }else{
+  }else if( pParse->db->noSharedCache==0 ){
     sqlite3TableLock(pParse, iDb, pTab->tnum, op==OP_OpenWrite, pTab->zName);
   }
-  if( piIdxCur ) *piIdxCur = iBase;
+  *piIdxCur = iBase;
   for(i=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, i++){
     int iIdxCur = iBase++;
     assert( pIdx->pSchema==pTab->pSchema );
     if( IsPrimaryKeyIndex(pIdx) && !HasRowid(pTab) ){
-      if( piDataCur ) *piDataCur = iIdxCur;
+      *piDataCur = iIdxCur;
       p5 = 0;
     }
     if( aToOpen==0 || aToOpen[i+1] ){
@@ -132396,7 +134575,7 @@ static int xferOptimization(
   }
 #endif
 #ifndef SQLITE_OMIT_FOREIGN_KEY
-  /* Disallow the transfer optimization if the destination table constains
+  /* Disallow the transfer optimization if the destination table contains
   ** any foreign key constraints.  This is more restrictive than necessary.
   ** But the main beneficiary of the transfer optimization is the VACUUM
   ** command, and the VACUUM command disables foreign key constraints.  So
@@ -133106,6 +135285,11 @@ struct sqlite3_api_routines {
   int (*value_encoding)(sqlite3_value*);
   /* Version 3.41.0 and later */
   int (*is_interrupted)(sqlite3*);
+  /* Version 3.43.0 and later */
+  int (*stmt_explain)(sqlite3_stmt*,int);
+  /* Version 3.44.0 and later */
+  void *(*get_clientdata)(sqlite3*,const char*);
+  int (*set_clientdata)(sqlite3*, const char*, void*, void(*)(void*));
 };
 
 /*
@@ -133434,6 +135618,11 @@ typedef int (*sqlite3_loadext_entry)(
 #define sqlite3_value_encoding         sqlite3_api->value_encoding
 /* Version 3.41.0 and later */
 #define sqlite3_is_interrupted         sqlite3_api->is_interrupted
+/* Version 3.43.0 and later */
+#define sqlite3_stmt_explain           sqlite3_api->stmt_explain
+/* Version 3.44.0 and later */
+#define sqlite3_get_clientdata         sqlite3_api->get_clientdata
+#define sqlite3_set_clientdata         sqlite3_api->set_clientdata
 #endif /* !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION) */
 
 #if !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
@@ -133950,7 +136139,12 @@ static const sqlite3_api_routines sqlite3Apis = {
   /* Version 3.40.0 and later */
   sqlite3_value_encoding,
   /* Version 3.41.0 and later */
-  sqlite3_is_interrupted
+  sqlite3_is_interrupted,
+  /* Version 3.43.0 and later */
+  sqlite3_stmt_explain,
+  /* Version 3.44.0 and later */
+  sqlite3_get_clientdata,
+  sqlite3_set_clientdata
 };
 
 /* True if x is the directory separator character
@@ -134030,6 +136224,10 @@ static int sqlite3LoadExtension(
   */
   if( nMsg>SQLITE_MAX_PATHLEN ) goto extension_not_found;
 
+  /* Do not allow sqlite3_load_extension() to link to a copy of the
+  ** running application, by passing in an empty filename. */
+  if( nMsg==0 ) goto extension_not_found;
+
   handle = sqlite3OsDlOpen(pVfs, zFile);
 #if SQLITE_OS_UNIX || SQLITE_OS_WIN
   for(ii=0; iimutex);
   if( onoff ){
     db->flags |= SQLITE_LoadExtension|SQLITE_LoadExtFunc;
@@ -134211,6 +136412,9 @@ SQLITE_API int sqlite3_auto_extension(
   void (*xInit)(void)
 ){
   int rc = SQLITE_OK;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( xInit==0 ) return SQLITE_MISUSE_BKPT;
+#endif
 #ifndef SQLITE_OMIT_AUTOINIT
   rc = sqlite3_initialize();
   if( rc ){
@@ -134263,6 +136467,9 @@ SQLITE_API int sqlite3_cancel_auto_extension(
   int i;
   int n = 0;
   wsdAutoextInit;
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( xInit==0 ) return 0;
+#endif
   sqlite3_mutex_enter(mutex);
   for(i=(int)wsdAutoext.nExt-1; i>=0; i--){
     if( wsdAutoext.aExt[i]==xInit ){
@@ -135862,7 +138069,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
   **
   ** The first form reports the current local setting for the
   ** page cache spill size. The second form turns cache spill on
-  ** or off.  When turnning cache spill on, the size is set to the
+  ** or off.  When turning cache spill on, the size is set to the
   ** current cache_size.  The third form sets a spill size that
   ** may be different form the cache size.
   ** If N is positive then that is the
@@ -136132,7 +138339,11 @@ SQLITE_PRIVATE void sqlite3Pragma(
 #endif
 
       if( sqlite3GetBoolean(zRight, 0) ){
-        db->flags |= mask;
+        if( (mask & SQLITE_WriteSchema)==0
+         || (db->flags & SQLITE_Defensive)==0
+        ){
+          db->flags |= mask;
+        }
       }else{
         db->flags &= ~mask;
         if( mask==SQLITE_DeferFKs ) db->nDeferredImmCons = 0;
@@ -136640,9 +138851,9 @@ SQLITE_PRIVATE void sqlite3Pragma(
   ** The "quick_check" is reduced version of
   ** integrity_check designed to detect most database corruption
   ** without the overhead of cross-checking indexes.  Quick_check
-  ** is linear time wherease integrity_check is O(NlogN).
+  ** is linear time whereas integrity_check is O(NlogN).
   **
-  ** The maximum nubmer of errors is 100 by default.  A different default
+  ** The maximum number of errors is 100 by default.  A different default
   ** can be specified using a numeric parameter N.
   **
   ** Or, the parameter N can be the name of a table.  In that case, only
@@ -136765,8 +138976,31 @@ SQLITE_PRIVATE void sqlite3Pragma(
         int r2;                 /* Previous key for WITHOUT ROWID tables */
         int mxCol;              /* Maximum non-virtual column number */
 
-        if( !IsOrdinaryTable(pTab) ) continue;
         if( pObjTab && pObjTab!=pTab ) continue;
+        if( !IsOrdinaryTable(pTab) ){
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+          sqlite3_vtab *pVTab;
+          int a1;
+          if( !IsVirtual(pTab) ) continue;
+          if( pTab->nCol<=0 ){
+            const char *zMod = pTab->u.vtab.azArg[0];
+            if( sqlite3HashFind(&db->aModule, zMod)==0 ) continue;
+          }
+          sqlite3ViewGetColumnNames(pParse, pTab);
+          if( pTab->u.vtab.p==0 ) continue;
+          pVTab = pTab->u.vtab.p->pVtab;
+          if( NEVER(pVTab==0) ) continue;
+          if( NEVER(pVTab->pModule==0) ) continue;
+          if( pVTab->pModule->iVersion<4 ) continue;
+          if( pVTab->pModule->xIntegrity==0 ) continue;
+          sqlite3VdbeAddOp3(v, OP_VCheck, i, 3, isQuick);
+          sqlite3VdbeAppendP4(v, pTab, P4_TABLE);
+          a1 = sqlite3VdbeAddOp1(v, OP_IsNull, 3); VdbeCoverage(v);
+          integrityCheckResultRow(v);
+          sqlite3VdbeJumpHere(v, a1);
+#endif
+          continue;
+        }
         if( isQuick || HasRowid(pTab) ){
           pPk = 0;
           r2 = 0;
@@ -137400,7 +139634,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
     Schema *pSchema;       /* The current schema */
     Table *pTab;           /* A table in the schema */
     Index *pIdx;           /* An index of the table */
-    LogEst szThreshold;    /* Size threshold above which reanalysis is needd */
+    LogEst szThreshold;    /* Size threshold above which reanalysis needed */
     char *zSubSql;         /* SQL statement for the OP_SqlExec opcode */
     u32 opMask;            /* Mask of operations to perform */
 
@@ -137892,7 +140126,8 @@ static const sqlite3_module pragmaVtabModule = {
   0,                           /* xSavepoint */
   0,                           /* xRelease */
   0,                           /* xRollbackTo */
-  0                            /* xShadowName */
+  0,                           /* xShadowName */
+  0                            /* xIntegrity */
 };
 
 /*
@@ -138516,8 +140751,6 @@ SQLITE_PRIVATE void sqlite3ParseObjectReset(Parse *pParse){
   db->lookaside.sz = db->lookaside.bDisable ? 0 : db->lookaside.szTrue;
   assert( pParse->db->pParse==pParse );
   db->pParse = pParse->pOuterParse;
-  pParse->db = 0;
-  pParse->disableLookaside = 0;
 }
 
 /*
@@ -138526,7 +140759,7 @@ SQLITE_PRIVATE void sqlite3ParseObjectReset(Parse *pParse){
 ** immediately.
 **
 ** Use this mechanism for uncommon cleanups.  There is a higher setup
-** cost for this mechansim (an extra malloc), so it should not be used
+** cost for this mechanism (an extra malloc), so it should not be used
 ** for common cleanups that happen on most calls.  But for less
 ** common cleanups, we save a single NULL-pointer comparison in
 ** sqlite3ParseObjectReset(), which reduces the total CPU cycle count.
@@ -138618,7 +140851,12 @@ static int sqlite3Prepare(
   sParse.pOuterParse = db->pParse;
   db->pParse = &sParse;
   sParse.db = db;
-  sParse.pReprepare = pReprepare;
+  if( pReprepare ){
+    sParse.pReprepare = pReprepare;
+    sParse.explain = sqlite3_stmt_isexplain((sqlite3_stmt*)pReprepare);
+  }else{
+    assert( sParse.pReprepare==0 );
+  }
   assert( ppStmt && *ppStmt==0 );
   if( db->mallocFailed ){
     sqlite3ErrorMsg(&sParse, "out of memory");
@@ -139228,7 +141466,7 @@ static Select *findRightmost(Select *p){
 **     NATURAL  FULL     OUTER               JT_NATRUAL|JT_LEFT|JT_RIGHT
 **
 ** To preserve historical compatibly, SQLite also accepts a variety
-** of other non-standard and in many cases non-sensical join types.
+** of other non-standard and in many cases nonsensical join types.
 ** This routine makes as much sense at it can from the nonsense join
 ** type and returns a result.  Examples of accepted nonsense join types
 ** include but are not limited to:
@@ -139450,6 +141688,7 @@ static void unsetJoinExpr(Expr *p, int iTable, int nullable){
     }
     if( p->op==TK_FUNCTION ){
       assert( ExprUseXList(p) );
+      assert( p->pLeft==0 );
       if( p->x.pList ){
         int i;
         for(i=0; ix.pList->nExpr; i++){
@@ -139499,7 +141738,7 @@ static int sqlite3ProcessJoin(Parse *pParse, Select *p){
     if( NEVER(pLeft->pTab==0 || pRightTab==0) ) continue;
     joinType = (pRight->fg.jointype & JT_OUTER)!=0 ? EP_OuterON : EP_InnerON;
 
-    /* If this is a NATURAL join, synthesize an approprate USING clause
+    /* If this is a NATURAL join, synthesize an appropriate USING clause
     ** to specify which columns should be joined.
     */
     if( pRight->fg.jointype & JT_NATURAL ){
@@ -139715,7 +141954,7 @@ static void pushOntoSorter(
   **   (3) Some output columns are omitted from the sort record due to
   **       the SQLITE_ENABLE_SORTER_REFERENCES optimization, or due to the
   **       SQLITE_ECEL_OMITREF optimization, or due to the
-  **       SortCtx.pDeferredRowLoad optimiation.  In any of these cases
+  **       SortCtx.pDeferredRowLoad optimization.  In any of these cases
   **       regOrigData is 0 to prevent this routine from trying to copy
   **       values that might not yet exist.
   */
@@ -139771,7 +142010,7 @@ static void pushOntoSorter(
     testcase( pKI->nAllField > pKI->nKeyField+2 );
     pOp->p4.pKeyInfo = sqlite3KeyInfoFromExprList(pParse,pSort->pOrderBy,nOBSat,
                                            pKI->nAllField-pKI->nKeyField-1);
-    pOp = 0; /* Ensure pOp not used after sqltie3VdbeAddOp3() */
+    pOp = 0; /* Ensure pOp not used after sqlite3VdbeAddOp3() */
     addrJmp = sqlite3VdbeCurrentAddr(v);
     sqlite3VdbeAddOp3(v, OP_Jump, addrJmp+1, 0, addrJmp+1); VdbeCoverage(v);
     pSort->labelBkOut = sqlite3VdbeMakeLabel(pParse);
@@ -139865,7 +142104,7 @@ static void codeOffset(
 **     The returned value in this case is a copy of parameter iTab.
 **
 **   WHERE_DISTINCT_ORDERED:
-**     In this case rows are being delivered sorted order. The ephermal
+**     In this case rows are being delivered sorted order. The ephemeral
 **     table is not required. Instead, the current set of values
 **     is compared against previous row. If they match, the new row
 **     is not distinct and control jumps to VM address addrRepeat. Otherwise,
@@ -140294,6 +142533,16 @@ static void selectInnerLoop(
       testcase( eDest==SRT_Fifo );
       testcase( eDest==SRT_DistFifo );
       sqlite3VdbeAddOp3(v, OP_MakeRecord, regResult, nResultCol, r1+nPrefixReg);
+#if !defined(SQLITE_ENABLE_NULL_TRIM) && defined(SQLITE_DEBUG)
+      /* A destination of SRT_Table and a non-zero iSDParm2 parameter means
+      ** that this is an "UPDATE ... FROM" on a virtual table or view. In this
+      ** case set the p5 parameter of the OP_MakeRecord to OPFLAG_NOCHNG_MAGIC.
+      ** This does not affect operation in any way - it just allows MakeRecord
+      ** to process OPFLAG_NOCHANGE values without an assert() failing. */
+      if( eDest==SRT_Table && pDest->iSDParm2 ){
+        sqlite3VdbeChangeP5(v, OPFLAG_NOCHNG_MAGIC);
+      }
+#endif
 #ifndef SQLITE_OMIT_CTE
       if( eDest==SRT_DistFifo ){
         /* If the destination is DistFifo, then cursor (iParm+1) is open
@@ -141097,13 +143346,6 @@ SQLITE_PRIVATE void sqlite3GenerateColumnNames(
   int fullName;    /* TABLE.COLUMN if no AS clause and is a direct table ref */
   int srcName;     /* COLUMN or TABLE.COLUMN if no AS clause and is direct */
 
-#ifndef SQLITE_OMIT_EXPLAIN
-  /* If this is an EXPLAIN, skip this step */
-  if( pParse->explain ){
-    return;
-  }
-#endif
-
   if( pParse->colNamesSet ) return;
   /* Column names are determined by the left-most term of a compound select */
   while( pSelect->pPrior ) pSelect = pSelect->pPrior;
@@ -141290,7 +143532,7 @@ SQLITE_PRIVATE int sqlite3ColumnsFromExprList(
 ** kind (maybe a parenthesized subquery in the FROM clause of a larger
 ** query, or a VIEW, or a CTE).  This routine computes type information
 ** for that Table object based on the Select object that implements the
-** subquery.  For the purposes of this routine, "type infomation" means:
+** subquery.  For the purposes of this routine, "type information" means:
 **
 **    *   The datatype name, as it might appear in a CREATE TABLE statement
 **    *   Which collating sequence to use for the column
@@ -141619,7 +143861,7 @@ static void generateWithRecursiveQuery(
   int iQueue;                   /* The Queue table */
   int iDistinct = 0;            /* To ensure unique results if UNION */
   int eDest = SRT_Fifo;         /* How to write to Queue */
-  SelectDest destQueue;         /* SelectDest targetting the Queue table */
+  SelectDest destQueue;         /* SelectDest targeting the Queue table */
   int i;                        /* Loop counter */
   int rc;                       /* Result code */
   ExprList *pOrderBy;           /* The ORDER BY clause */
@@ -142219,7 +144461,7 @@ SQLITE_PRIVATE void sqlite3SelectWrongNumTermsError(Parse *pParse, Select *p){
 
 /*
 ** Code an output subroutine for a coroutine implementation of a
-** SELECT statment.
+** SELECT statement.
 **
 ** The data to be output is contained in pIn->iSdst.  There are
 ** pIn->nSdst columns to be output.  pDest is where the output should
@@ -142441,7 +144683,7 @@ static int generateOutputSubroutine(
 **
 ** We call AltB, AeqB, AgtB, EofA, and EofB "subroutines" but they are not
 ** actually called using Gosub and they do not Return.  EofA and EofB loop
-** until all data is exhausted then jump to the "end" labe.  AltB, AeqB,
+** until all data is exhausted then jump to the "end" label.  AltB, AeqB,
 ** and AgtB jump to either L2 or to one of EofA or EofB.
 */
 #ifndef SQLITE_OMIT_COMPOUND_SELECT
@@ -142478,7 +144720,7 @@ static int multiSelectOrderBy(
   int savedOffset;      /* Saved value of p->iOffset */
   int labelCmpr;        /* Label for the start of the merge algorithm */
   int labelEnd;         /* Label for the end of the overall SELECT stmt */
-  int addr1;            /* Jump instructions that get retargetted */
+  int addr1;            /* Jump instructions that get retargeted */
   int op;               /* One of TK_ALL, TK_UNION, TK_EXCEPT, TK_INTERSECT */
   KeyInfo *pKeyDup = 0; /* Comparison information for duplicate removal */
   KeyInfo *pKeyMerge;   /* Comparison information for merging rows */
@@ -142847,11 +145089,14 @@ static Expr *substExpr(
 #endif
     {
       Expr *pNew;
-      int iColumn = pExpr->iColumn;
-      Expr *pCopy = pSubst->pEList->a[iColumn].pExpr;
+      int iColumn;
+      Expr *pCopy;
       Expr ifNullRow;
+      iColumn = pExpr->iColumn;
+      assert( iColumn>=0 );
       assert( pSubst->pEList!=0 && iColumnpEList->nExpr );
       assert( pExpr->pRight==0 );
+      pCopy = pSubst->pEList->a[iColumn].pExpr;
       if( sqlite3ExprIsVector(pCopy) ){
         sqlite3VectorErrorMsg(pSubst->pParse, pCopy);
       }else{
@@ -143200,7 +145445,7 @@ static int compoundHasDifferentAffinities(Select *p){
 **   (9)  If the subquery uses LIMIT then the outer query may not be aggregate.
 **
 **  (**)  Restriction (10) was removed from the code on 2005-02-05 but we
-**        accidently carried the comment forward until 2014-09-15.  Original
+**        accidentally carried the comment forward until 2014-09-15.  Original
 **        constraint: "If the subquery is aggregate then the outer query
 **        may not use LIMIT."
 **
@@ -143292,7 +145537,8 @@ static int compoundHasDifferentAffinities(Select *p){
 **        (27b) the subquery is a compound query and the RIGHT JOIN occurs
 **              in any arm of the compound query.  (See also (17g).)
 **
-**  (28)  The subquery is not a MATERIALIZED CTE.
+**  (28)  The subquery is not a MATERIALIZED CTE.  (This is handled
+**        in the caller before ever reaching this routine.)
 **
 **
 ** In this routine, the "p" parameter is a pointer to the outer query.
@@ -143402,9 +145648,9 @@ static int flattenSubquery(
   if( iFrom>0 && (pSubSrc->a[0].fg.jointype & JT_LTORJ)!=0 ){
     return 0;   /* Restriction (27a) */
   }
-  if( pSubitem->fg.isCte && pSubitem->u2.pCteUse->eM10d==M10d_Yes ){
-    return 0;       /* (28) */
-  }
+
+  /* Condition (28) is blocked by the caller */
+  assert( !pSubitem->fg.isCte || pSubitem->u2.pCteUse->eM10d!=M10d_Yes );
 
   /* Restriction (17): If the sub-query is a compound SELECT, then it must
   ** use only the UNION ALL operator. And none of the simple select queries
@@ -143474,7 +145720,7 @@ static int flattenSubquery(
   testcase( i==SQLITE_DENY );
   pParse->zAuthContext = zSavedAuthContext;
 
-  /* Delete the transient structures associated with thesubquery */
+  /* Delete the transient structures associated with the subquery */
   pSub1 = pSubitem->pSelect;
   sqlite3DbFree(db, pSubitem->zDatabase);
   sqlite3DbFree(db, pSubitem->zName);
@@ -143656,7 +145902,7 @@ static int flattenSubquery(
       ** ORDER BY column expression is identical to the iOrderByCol'th
       ** expression returned by SELECT statement pSub. Since these values
       ** do not necessarily correspond to columns in SELECT statement pParent,
-      ** zero them before transfering the ORDER BY clause.
+      ** zero them before transferring the ORDER BY clause.
       **
       ** Not doing this may cause an error if a subsequent call to this
       ** function attempts to flatten a compound sub-query into pParent
@@ -143716,8 +145962,7 @@ static int flattenSubquery(
     }
   }
 
-  /* Finially, delete what is left of the subquery and return
-  ** success.
+  /* Finally, delete what is left of the subquery and return success.
   */
   sqlite3AggInfoPersistWalkerInit(&w, pParse);
   sqlite3WalkSelect(&w,pSub1);
@@ -143752,7 +145997,7 @@ struct WhereConst {
 
 /*
 ** Add a new entry to the pConst object.  Except, do not add duplicate
-** pColumn entires.  Also, do not add if doing so would not be appropriate.
+** pColumn entries.  Also, do not add if doing so would not be appropriate.
 **
 ** The caller guarantees the pColumn is a column and pValue is a constant.
 ** This routine has to do some additional checks before completing the
@@ -143938,7 +146183,7 @@ static int propagateConstantExprRewrite(Walker *pWalker, Expr *pExpr){
 **    SELECT * FROM t1 WHERE a=123 AND b=123;
 **
 ** The two SELECT statements above should return different answers.  b=a
-** is alway true because the comparison uses numeric affinity, but b=123
+** is always true because the comparison uses numeric affinity, but b=123
 ** is false because it uses text affinity and '0123' is not the same as '123'.
 ** To work around this, the expression tree is not actually changed from
 ** "b=a" to "b=123" but rather the "a" in "b=a" is tagged with EP_FixedCol
@@ -144022,7 +146267,7 @@ static int propagateConstants(
 ** At the time this function is called it is guaranteed that
 **
 **   * the sub-query uses only one distinct window frame, and
-**   * that the window frame has a PARTITION BY clase.
+**   * that the window frame has a PARTITION BY clause.
 */
 static int pushDownWindowCheck(Parse *pParse, Select *pSubq, Expr *pExpr){
   assert( pSubq->pWin->pPartition );
@@ -144291,12 +146536,12 @@ static int disableUnusedSubqueryResultColumns(SrcItem *pItem){
   assert( pItem->pSelect!=0 );
   pSub = pItem->pSelect;
   assert( pSub->pEList->nExpr==pTab->nCol );
-  if( (pSub->selFlags & (SF_Distinct|SF_Aggregate))!=0 ){
-    testcase( pSub->selFlags & SF_Distinct );
-    testcase( pSub->selFlags & SF_Aggregate );
-    return 0;
-  }
   for(pX=pSub; pX; pX=pX->pPrior){
+    if( (pX->selFlags & (SF_Distinct|SF_Aggregate))!=0 ){
+      testcase( pX->selFlags & SF_Distinct );
+      testcase( pX->selFlags & SF_Aggregate );
+      return 0;
+    }
     if( pX->pPrior && pX->op!=TK_ALL ){
       /* This optimization does not work for compound subqueries that
       ** use UNION, INTERSECT, or EXCEPT.  Only UNION ALL is allowed. */
@@ -145102,12 +147347,20 @@ static int selectExpander(Walker *pWalker, Select *p){
         ** expanded. */
         int tableSeen = 0;      /* Set to 1 when TABLE matches */
         char *zTName = 0;       /* text of name of TABLE */
+        int iErrOfst;
         if( pE->op==TK_DOT ){
+          assert( (selFlags & SF_NestedFrom)==0 );
           assert( pE->pLeft!=0 );
           assert( !ExprHasProperty(pE->pLeft, EP_IntValue) );
           zTName = pE->pLeft->u.zToken;
+          assert( ExprUseWOfst(pE->pLeft) );
+          iErrOfst = pE->pRight->w.iOfst;
+        }else{
+          assert( ExprUseWOfst(pE) );
+          iErrOfst = pE->w.iOfst;
         }
         for(i=0, pFrom=pTabList->a; inSrc; i++, pFrom++){
+          int nAdd;                    /* Number of cols including rowid */
           Table *pTab = pFrom->pTab;   /* Table for this data source */
           ExprList *pNestedFrom;       /* Result-set of a nested FROM clause */
           char *zTabName;              /* AS name for this data source */
@@ -145125,6 +147378,7 @@ static int selectExpander(Walker *pWalker, Select *p){
             pNestedFrom = pFrom->pSelect->pEList;
             assert( pNestedFrom!=0 );
             assert( pNestedFrom->nExpr==pTab->nCol );
+            assert( VisibleRowid(pTab)==0 );
           }else{
             if( zTName && sqlite3StrICmp(zTName, zTabName)!=0 ){
               continue;
@@ -145142,6 +147396,7 @@ static int selectExpander(Walker *pWalker, Select *p){
             for(ii=0; iinId; ii++){
               const char *zUName = pUsing->a[ii].zName;
               pRight = sqlite3Expr(db, TK_ID, zUName);
+              sqlite3ExprSetErrorOffset(pRight, iErrOfst);
               pNew = sqlite3ExprListAppend(pParse, pNew, pRight);
               if( pNew ){
                 struct ExprList_item *pX = &pNew->a[pNew->nExpr-1];
@@ -145154,33 +147409,48 @@ static int selectExpander(Walker *pWalker, Select *p){
           }else{
             pUsing = 0;
           }
-          for(j=0; jnCol; j++){
-            char *zName = pTab->aCol[j].zCnName;
+
+          nAdd = pTab->nCol + (VisibleRowid(pTab) && (selFlags&SF_NestedFrom));
+          for(j=0; ja[j], 0, zTName, 0)==0
-            ){
-              continue;
-            }
+            if( j==pTab->nCol ){
+              zName = sqlite3RowidAlias(pTab);
+              if( zName==0 ) continue;
+            }else{
+              zName = pTab->aCol[j].zCnName;
 
-            /* If a column is marked as 'hidden', omit it from the expanded
-            ** result-set list unless the SELECT has the SF_IncludeHidden
-            ** bit set.
-            */
-            if( (p->selFlags & SF_IncludeHidden)==0
-             && IsHiddenColumn(&pTab->aCol[j])
-            ){
-              continue;
-            }
-            if( (pTab->aCol[j].colFlags & COLFLAG_NOEXPAND)!=0
-             && zTName==0
-             && (selFlags & (SF_NestedFrom))==0
-            ){
-              continue;
+              /* If pTab is actually an SF_NestedFrom sub-select, do not
+              ** expand any ENAME_ROWID columns.  */
+              if( pNestedFrom && pNestedFrom->a[j].fg.eEName==ENAME_ROWID ){
+                continue;
+              }
+
+              if( zTName
+               && pNestedFrom
+               && sqlite3MatchEName(&pNestedFrom->a[j], 0, zTName, 0, 0)==0
+              ){
+                continue;
+              }
+
+              /* If a column is marked as 'hidden', omit it from the expanded
+              ** result-set list unless the SELECT has the SF_IncludeHidden
+              ** bit set.
+              */
+              if( (p->selFlags & SF_IncludeHidden)==0
+                && IsHiddenColumn(&pTab->aCol[j])
+              ){
+                continue;
+              }
+              if( (pTab->aCol[j].colFlags & COLFLAG_NOEXPAND)!=0
+               && zTName==0
+               && (selFlags & (SF_NestedFrom))==0
+              ){
+                continue;
+              }
             }
+            assert( zName );
             tableSeen = 1;
 
             if( i>0 && zTName==0 && (selFlags & SF_NestedFrom)==0 ){
@@ -145214,6 +147484,7 @@ static int selectExpander(Walker *pWalker, Select *p){
             }else{
               pExpr = pRight;
             }
+            sqlite3ExprSetErrorOffset(pExpr, iErrOfst);
             pNew = sqlite3ExprListAppend(pParse, pNew, pExpr);
             if( pNew==0 ){
               break;  /* OOM */
@@ -145229,11 +147500,11 @@ static int selectExpander(Walker *pWalker, Select *p){
                                            zSchemaName, zTabName, zName);
                 testcase( pX->zEName==0 );
               }
-              pX->fg.eEName = ENAME_TAB;
+              pX->fg.eEName = (j==pTab->nCol ? ENAME_ROWID : ENAME_TAB);
               if( (pFrom->fg.isUsing
                    && sqlite3IdListIndex(pFrom->u3.pUsing, zName)>=0)
                || (pUsing && sqlite3IdListIndex(pUsing, zName)>=0)
-               || (pTab->aCol[j].colFlags & COLFLAG_NOEXPAND)!=0
+               || (jnCol && (pTab->aCol[j].colFlags & COLFLAG_NOEXPAND))
               ){
                 pX->fg.bNoExpand = 1;
               }
@@ -145454,8 +147725,14 @@ static void analyzeAggFuncArgs(
   pNC->ncFlags |= NC_InAggFunc;
   for(i=0; inFunc; i++){
     Expr *pExpr = pAggInfo->aFunc[i].pFExpr;
+    assert( pExpr->op==TK_FUNCTION || pExpr->op==TK_AGG_FUNCTION );
     assert( ExprUseXList(pExpr) );
     sqlite3ExprAnalyzeAggList(pNC, pExpr->x.pList);
+    if( pExpr->pLeft ){
+      assert( pExpr->pLeft->op==TK_ORDER );
+      assert( ExprUseXList(pExpr->pLeft) );
+      sqlite3ExprAnalyzeAggList(pNC, pExpr->pLeft->x.pList);
+    }
 #ifndef SQLITE_OMIT_WINDOWFUNC
     assert( !IsWindowFunc(pExpr) );
     if( ExprHasProperty(pExpr, EP_WinFunc) ){
@@ -145530,7 +147807,7 @@ static int aggregateIdxEprRefToColCallback(Walker *pWalker, Expr *pExpr){
   pExpr->op = TK_AGG_COLUMN;
   pExpr->iTable = pCol->iTable;
   pExpr->iColumn = pCol->iColumn;
-  ExprClearProperty(pExpr, EP_Skip|EP_Collate);
+  ExprClearProperty(pExpr, EP_Skip|EP_Collate|EP_Unlikely);
   return WRC_Prune;
 }
 
@@ -145561,7 +147838,7 @@ static void aggregateConvertIndexedExprRefToColumn(AggInfo *pAggInfo){
 **     *  The aCol[] and aFunc[] arrays may be modified
 **     *  The AggInfoColumnReg() and AggInfoFuncReg() macros may not be used
 **
-** After clling this routine:
+** After calling this routine:
 **
 **     *  The aCol[] and aFunc[] arrays are fixed
 **     *  The AggInfoColumnReg() and AggInfoFuncReg() macros may be used
@@ -145610,6 +147887,32 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
                           pFunc->pFunc->zName));
       }
     }
+    if( pFunc->iOBTab>=0 ){
+      ExprList *pOBList;
+      KeyInfo *pKeyInfo;
+      int nExtra = 0;
+      assert( pFunc->pFExpr->pLeft!=0 );
+      assert( pFunc->pFExpr->pLeft->op==TK_ORDER );
+      assert( ExprUseXList(pFunc->pFExpr->pLeft) );
+      pOBList = pFunc->pFExpr->pLeft->x.pList;
+      if( !pFunc->bOBUnique ){
+        nExtra++;  /* One extra column for the OP_Sequence */
+      }
+      if( pFunc->bOBPayload ){
+        /* extra columns for the function arguments */
+        assert( ExprUseXList(pFunc->pFExpr) );
+        nExtra += pFunc->pFExpr->x.pList->nExpr;
+      }
+      pKeyInfo = sqlite3KeyInfoFromExprList(pParse, pOBList, 0, nExtra);
+      if( !pFunc->bOBUnique && pParse->nErr==0 ){
+        pKeyInfo->nKeyField++;
+      }
+      sqlite3VdbeAddOp4(v, OP_OpenEphemeral,
+            pFunc->iOBTab, pOBList->nExpr+nExtra, 0,
+            (char*)pKeyInfo, P4_KEYINFO);
+      ExplainQueryPlan((pParse, 0, "USE TEMP B-TREE FOR %s(ORDER BY)",
+                          pFunc->pFunc->zName));
+    }
   }
 }
 
@@ -145625,13 +147928,46 @@ static void finalizeAggFunctions(Parse *pParse, AggInfo *pAggInfo){
     ExprList *pList;
     assert( ExprUseXList(pF->pFExpr) );
     pList = pF->pFExpr->x.pList;
+    if( pF->iOBTab>=0 ){
+      /* For an ORDER BY aggregate, calls to OP_AggStep where deferred and
+      ** all content was stored in emphermal table pF->iOBTab.  Extract that
+      ** content now (in ORDER BY order) and make all calls to OP_AggStep
+      ** before doing the OP_AggFinal call. */
+      int iTop;        /* Start of loop for extracting columns */
+      int nArg;        /* Number of columns to extract */
+      int nKey;        /* Key columns to be skipped */
+      int regAgg;      /* Extract into this array */
+      int j;           /* Loop counter */
+
+      nArg = pList->nExpr;
+      regAgg = sqlite3GetTempRange(pParse, nArg);
+
+      if( pF->bOBPayload==0 ){
+        nKey = 0;
+      }else{
+        assert( pF->pFExpr->pLeft!=0 );
+        assert( ExprUseXList(pF->pFExpr->pLeft) );
+        assert( pF->pFExpr->pLeft->x.pList!=0 );
+        nKey = pF->pFExpr->pLeft->x.pList->nExpr;
+        if( ALWAYS(!pF->bOBUnique) ) nKey++;
+      }
+      iTop = sqlite3VdbeAddOp1(v, OP_Rewind, pF->iOBTab); VdbeCoverage(v);
+      for(j=nArg-1; j>=0; j--){
+        sqlite3VdbeAddOp3(v, OP_Column, pF->iOBTab, nKey+j, regAgg+j);
+      }
+      sqlite3VdbeAddOp3(v, OP_AggStep, 0, regAgg, AggInfoFuncReg(pAggInfo,i));
+      sqlite3VdbeAppendP4(v, pF->pFunc, P4_FUNCDEF);
+      sqlite3VdbeChangeP5(v, (u8)nArg);
+      sqlite3VdbeAddOp2(v, OP_Next, pF->iOBTab, iTop+1); VdbeCoverage(v);
+      sqlite3VdbeJumpHere(v, iTop);
+      sqlite3ReleaseTempRange(pParse, regAgg, nArg);
+    }
     sqlite3VdbeAddOp2(v, OP_AggFinal, AggInfoFuncReg(pAggInfo,i),
                       pList ? pList->nExpr : 0);
     sqlite3VdbeAppendP4(v, pF->pFunc, P4_FUNCDEF);
   }
 }
 
-
 /*
 ** Generate code that will update the accumulator memory cells for an
 ** aggregate based on the current cursor position.
@@ -145640,6 +147976,13 @@ static void finalizeAggFunctions(Parse *pParse, AggInfo *pAggInfo){
 ** in pAggInfo, then only populate the pAggInfo->nAccumulator accumulator
 ** registers if register regAcc contains 0. The caller will take care
 ** of setting and clearing regAcc.
+**
+** For an ORDER BY aggregate, the actual accumulator memory cell update
+** is deferred until after all input rows have been received, so that they
+** can be run in the requested order.  In that case, instead of invoking
+** OP_AggStep to update the accumulator, just add the arguments that would
+** have been passed into OP_AggStep into the sorting ephemeral table
+** (along with the appropriate sort key).
 */
 static void updateAccumulator(
   Parse *pParse,
@@ -145661,6 +148004,8 @@ static void updateAccumulator(
     int nArg;
     int addrNext = 0;
     int regAgg;
+    int regAggSz = 0;
+    int regDistinct = 0;
     ExprList *pList;
     assert( ExprUseXList(pF->pFExpr) );
     assert( !IsWindowFunc(pF->pFExpr) );
@@ -145687,9 +148032,44 @@ static void updateAccumulator(
       addrNext = sqlite3VdbeMakeLabel(pParse);
       sqlite3ExprIfFalse(pParse, pFilter, addrNext, SQLITE_JUMPIFNULL);
     }
-    if( pList ){
+    if( pF->iOBTab>=0 ){
+      /* Instead of invoking AggStep, we must push the arguments that would
+      ** have been passed to AggStep onto the sorting table. */
+      int jj;                /* Registered used so far in building the record */
+      ExprList *pOBList;     /* The ORDER BY clause */
+      assert( pList!=0 );
+      nArg = pList->nExpr;
+      assert( nArg>0 );
+      assert( pF->pFExpr->pLeft!=0 );
+      assert( pF->pFExpr->pLeft->op==TK_ORDER );
+      assert( ExprUseXList(pF->pFExpr->pLeft) );
+      pOBList = pF->pFExpr->pLeft->x.pList;
+      assert( pOBList!=0 );
+      assert( pOBList->nExpr>0 );
+      regAggSz = pOBList->nExpr;
+      if( !pF->bOBUnique ){
+        regAggSz++;   /* One register for OP_Sequence */
+      }
+      if( pF->bOBPayload ){
+        regAggSz += nArg;
+      }
+      regAggSz++;  /* One extra register to hold result of MakeRecord */
+      regAgg = sqlite3GetTempRange(pParse, regAggSz);
+      regDistinct = regAgg;
+      sqlite3ExprCodeExprList(pParse, pOBList, regAgg, 0, SQLITE_ECEL_DUP);
+      jj = pOBList->nExpr;
+      if( !pF->bOBUnique ){
+        sqlite3VdbeAddOp2(v, OP_Sequence, pF->iOBTab, regAgg+jj);
+        jj++;
+      }
+      if( pF->bOBPayload ){
+        regDistinct = regAgg+jj;
+        sqlite3ExprCodeExprList(pParse, pList, regDistinct, 0, SQLITE_ECEL_DUP);
+      }
+    }else if( pList ){
       nArg = pList->nExpr;
       regAgg = sqlite3GetTempRange(pParse, nArg);
+      regDistinct = regAgg;
       sqlite3ExprCodeExprList(pParse, pList, regAgg, 0, SQLITE_ECEL_DUP);
     }else{
       nArg = 0;
@@ -145700,26 +148080,37 @@ static void updateAccumulator(
         addrNext = sqlite3VdbeMakeLabel(pParse);
       }
       pF->iDistinct = codeDistinct(pParse, eDistinctType,
-          pF->iDistinct, addrNext, pList, regAgg);
-    }
-    if( pF->pFunc->funcFlags & SQLITE_FUNC_NEEDCOLL ){
-      CollSeq *pColl = 0;
-      struct ExprList_item *pItem;
-      int j;
-      assert( pList!=0 );  /* pList!=0 if pF->pFunc has NEEDCOLL */
-      for(j=0, pItem=pList->a; !pColl && jpExpr);
-      }
-      if( !pColl ){
-        pColl = pParse->db->pDfltColl;
+          pF->iDistinct, addrNext, pList, regDistinct);
+    }
+    if( pF->iOBTab>=0 ){
+      /* Insert a new record into the ORDER BY table */
+      sqlite3VdbeAddOp3(v, OP_MakeRecord, regAgg, regAggSz-1,
+                        regAgg+regAggSz-1);
+      sqlite3VdbeAddOp4Int(v, OP_IdxInsert, pF->iOBTab, regAgg+regAggSz-1,
+                           regAgg, regAggSz-1);
+      sqlite3ReleaseTempRange(pParse, regAgg, regAggSz);
+    }else{
+      /* Invoke the AggStep function */
+      if( pF->pFunc->funcFlags & SQLITE_FUNC_NEEDCOLL ){
+        CollSeq *pColl = 0;
+        struct ExprList_item *pItem;
+        int j;
+        assert( pList!=0 );  /* pList!=0 if pF->pFunc has NEEDCOLL */
+        for(j=0, pItem=pList->a; !pColl && jpExpr);
+        }
+        if( !pColl ){
+          pColl = pParse->db->pDfltColl;
+        }
+        if( regHit==0 && pAggInfo->nAccumulator ) regHit = ++pParse->nMem;
+        sqlite3VdbeAddOp4(v, OP_CollSeq, regHit, 0, 0,
+                         (char *)pColl, P4_COLLSEQ);
       }
-      if( regHit==0 && pAggInfo->nAccumulator ) regHit = ++pParse->nMem;
-      sqlite3VdbeAddOp4(v, OP_CollSeq, regHit, 0, 0, (char *)pColl, P4_COLLSEQ);
+      sqlite3VdbeAddOp3(v, OP_AggStep, 0, regAgg, AggInfoFuncReg(pAggInfo,i));
+      sqlite3VdbeAppendP4(v, pF->pFunc, P4_FUNCDEF);
+      sqlite3VdbeChangeP5(v, (u8)nArg);
+      sqlite3ReleaseTempRange(pParse, regAgg, nArg);
     }
-    sqlite3VdbeAddOp3(v, OP_AggStep, 0, regAgg, AggInfoFuncReg(pAggInfo,i));
-    sqlite3VdbeAppendP4(v, pF->pFunc, P4_FUNCDEF);
-    sqlite3VdbeChangeP5(v, (u8)nArg);
-    sqlite3ReleaseTempRange(pParse, regAgg, nArg);
     if( addrNext ){
       sqlite3VdbeResolveLabel(v, addrNext);
     }
@@ -146215,22 +148606,59 @@ SQLITE_PRIVATE int sqlite3Select(
     ** to a real table */
     assert( pTab!=0 );
 
-    /* Convert LEFT JOIN into JOIN if there are terms of the right table
-    ** of the LEFT JOIN used in the WHERE clause.
+    /* Try to simplify joins:
+    **
+    **      LEFT JOIN  ->  JOIN
+    **     RIGHT JOIN  ->  JOIN
+    **      FULL JOIN  ->  RIGHT JOIN
+    **
+    ** If terms of the i-th table are used in the WHERE clause in such a
+    ** way that the i-th table cannot be the NULL row of a join, then
+    ** perform the appropriate simplification. This is called
+    ** "OUTER JOIN strength reduction" in the SQLite documentation.
     */
-    if( (pItem->fg.jointype & (JT_LEFT|JT_RIGHT))==JT_LEFT
-     && sqlite3ExprImpliesNonNullRow(p->pWhere, pItem->iCursor)
+    if( (pItem->fg.jointype & (JT_LEFT|JT_LTORJ))!=0
+     && sqlite3ExprImpliesNonNullRow(p->pWhere, pItem->iCursor,
+                                     pItem->fg.jointype & JT_LTORJ)
      && OptimizationEnabled(db, SQLITE_SimplifyJoin)
     ){
-      TREETRACE(0x1000,pParse,p,
-                ("LEFT-JOIN simplifies to JOIN on term %d\n",i));
-      pItem->fg.jointype &= ~(JT_LEFT|JT_OUTER);
+      if( pItem->fg.jointype & JT_LEFT ){
+        if( pItem->fg.jointype & JT_RIGHT ){
+          TREETRACE(0x1000,pParse,p,
+                    ("FULL-JOIN simplifies to RIGHT-JOIN on term %d\n",i));
+          pItem->fg.jointype &= ~JT_LEFT;
+        }else{
+          TREETRACE(0x1000,pParse,p,
+                    ("LEFT-JOIN simplifies to JOIN on term %d\n",i));
+          pItem->fg.jointype &= ~(JT_LEFT|JT_OUTER);
+        }
+      }
+      if( pItem->fg.jointype & JT_LTORJ ){
+        for(j=i+1; jnSrc; j++){
+          SrcItem *pI2 = &pTabList->a[j];
+          if( pI2->fg.jointype & JT_RIGHT ){
+            if( pI2->fg.jointype & JT_LEFT ){
+              TREETRACE(0x1000,pParse,p,
+                        ("FULL-JOIN simplifies to LEFT-JOIN on term %d\n",j));
+              pI2->fg.jointype &= ~JT_RIGHT;
+            }else{
+              TREETRACE(0x1000,pParse,p,
+                        ("RIGHT-JOIN simplifies to JOIN on term %d\n",j));
+              pI2->fg.jointype &= ~(JT_RIGHT|JT_OUTER);
+            }
+          }
+        }
+        for(j=pTabList->nSrc-1; j>=i; j--){
+          pTabList->a[j].fg.jointype &= ~JT_LTORJ;
+          if( pTabList->a[j].fg.jointype & JT_RIGHT ) break;
+        }
+      }
       assert( pItem->iCursor>=0 );
       unsetJoinExpr(p->pWhere, pItem->iCursor,
                     pTabList->a[0].fg.jointype & JT_LTORJ);
     }
 
-    /* No futher action if this term of the FROM clause is not a subquery */
+    /* No further action if this term of the FROM clause is not a subquery */
     if( pSub==0 ) continue;
 
     /* Catch mismatch in the declared columns of a view and the number of
@@ -146241,6 +148669,14 @@ SQLITE_PRIVATE int sqlite3Select(
       goto select_end;
     }
 
+    /* Do not attempt the usual optimizations (flattening and ORDER BY
+    ** elimination) on a MATERIALIZED common table expression because
+    ** a MATERIALIZED common table expression is an optimization fence.
+    */
+    if( pItem->fg.isCte && pItem->u2.pCteUse->eM10d==M10d_Yes ){
+      continue;
+    }
+
     /* Do not try to flatten an aggregate subquery.
     **
     ** Flattening an aggregate subquery is only possible if the outer query
@@ -146270,6 +148706,8 @@ SQLITE_PRIVATE int sqlite3Select(
     **            (a)  The outer query has a different ORDER BY clause
     **            (b)  The subquery is part of a join
     **          See forum post 062d576715d277c8
+    **
+    ** Also retain the ORDER BY if the OmitOrderBy optimization is disabled.
     */
     if( pSub->pOrderBy!=0
      && (p->pOrderBy!=0 || pTabList->nSrc>1)      /* Condition (5) */
@@ -146484,7 +148922,7 @@ SQLITE_PRIVATE int sqlite3Select(
     }else if( pItem->fg.isCte && pItem->u2.pCteUse->addrM9e>0 ){
       /* This is a CTE for which materialization code has already been
       ** generated.  Invoke the subroutine to compute the materialization,
-      ** the make the pItem->iCursor be a copy of the ephemerial table that
+      ** the make the pItem->iCursor be a copy of the ephemeral table that
       ** holds the result of the materialization. */
       CteUse *pCteUse = pItem->u2.pCteUse;
       sqlite3VdbeAddOp2(v, OP_Gosub, pCteUse->regRtn, pCteUse->addrM9e);
@@ -146867,7 +149305,7 @@ SQLITE_PRIVATE int sqlite3Select(
     */
     if( pGroupBy ){
       KeyInfo *pKeyInfo;  /* Keying information for the group by clause */
-      int addr1;          /* A-vs-B comparision jump */
+      int addr1;          /* A-vs-B comparison jump */
       int addrOutputRow;  /* Start of subroutine that outputs a result row */
       int regOutputRow;   /* Return address register for output subroutine */
       int addrSetAbort;   /* Set the abort flag and return */
@@ -146958,9 +149396,13 @@ SQLITE_PRIVATE int sqlite3Select(
         int nCol;
         int nGroupBy;
 
-        explainTempTable(pParse,
+#ifdef SQLITE_ENABLE_STMT_SCANSTATUS
+        int addrExp;              /* Address of OP_Explain instruction */
+#endif
+        ExplainQueryPlan2(addrExp, (pParse, 0, "USE TEMP B-TREE FOR %s",
             (sDistinct.isTnct && (p->selFlags&SF_Distinct)==0) ?
-                    "DISTINCT" : "GROUP BY");
+                    "DISTINCT" : "GROUP BY"
+        ));
 
         groupBySort = 1;
         nGroupBy = pGroupBy->nExpr;
@@ -146985,18 +149427,23 @@ SQLITE_PRIVATE int sqlite3Select(
         }
         pAggInfo->directMode = 0;
         regRecord = sqlite3GetTempReg(pParse);
+        sqlite3VdbeScanStatusCounters(v, addrExp, 0, sqlite3VdbeCurrentAddr(v));
         sqlite3VdbeAddOp3(v, OP_MakeRecord, regBase, nCol, regRecord);
         sqlite3VdbeAddOp2(v, OP_SorterInsert, pAggInfo->sortingIdx, regRecord);
+        sqlite3VdbeScanStatusRange(v, addrExp, sqlite3VdbeCurrentAddr(v)-2, -1);
         sqlite3ReleaseTempReg(pParse, regRecord);
         sqlite3ReleaseTempRange(pParse, regBase, nCol);
         TREETRACE(0x2,pParse,p,("WhereEnd\n"));
         sqlite3WhereEnd(pWInfo);
         pAggInfo->sortingIdxPTab = sortPTab = pParse->nTab++;
         sortOut = sqlite3GetTempReg(pParse);
+        sqlite3VdbeScanStatusCounters(v, addrExp, sqlite3VdbeCurrentAddr(v), 0);
         sqlite3VdbeAddOp3(v, OP_OpenPseudo, sortPTab, sortOut, nCol);
         sqlite3VdbeAddOp2(v, OP_SorterSort, pAggInfo->sortingIdx, addrEnd);
         VdbeComment((v, "GROUP BY sort")); VdbeCoverage(v);
         pAggInfo->useSortingIdx = 1;
+        sqlite3VdbeScanStatusRange(v, addrExp, -1, sortPTab);
+        sqlite3VdbeScanStatusRange(v, addrExp, -1, pAggInfo->sortingIdx);
       }
 
       /* If there are entries in pAgggInfo->aFunc[] that contain subexpressions
@@ -147724,6 +150171,10 @@ SQLITE_PRIVATE void sqlite3BeginTrigger(
     sqlite3ErrorMsg(pParse, "cannot create triggers on virtual tables");
     goto trigger_orphan_error;
   }
+  if( (pTab->tabFlags & TF_Shadow)!=0 && sqlite3ReadOnlyShadowTables(db) ){
+    sqlite3ErrorMsg(pParse, "cannot create triggers on shadow tables");
+    goto trigger_orphan_error;
+  }
 
   /* Check that the trigger name is not reserved and that no trigger of the
   ** specified name exists */
@@ -148507,10 +150958,17 @@ static void codeReturningTrigger(
   SrcList sFrom;
 
   assert( v!=0 );
-  assert( pParse->bReturning );
+  if( !pParse->bReturning ){
+    /* This RETURNING trigger must be for a different statement as
+    ** this statement lacks a RETURNING clause. */
+    return;
+  }
   assert( db->pParse==pParse );
   pReturning = pParse->u1.pReturning;
-  assert( pTrigger == &(pReturning->retTrig) );
+  if( pTrigger != &(pReturning->retTrig) ){
+    /* This RETURNING trigger is for a different statement */
+    return;
+  }
   memset(&sSelect, 0, sizeof(sSelect));
   memset(&sFrom, 0, sizeof(sFrom));
   sSelect.pEList = sqlite3ExprListDup(db, pReturning->pReturnEL, 0);
@@ -149247,7 +151705,7 @@ static void updateFromSelect(
 
   assert( pTabList->nSrc>1 );
   if( pSrc ){
-    pSrc->a[0].fg.notCte = 1;
+    assert( pSrc->a[0].fg.notCte );
     pSrc->a[0].iCursor = -1;
     pSrc->a[0].pTab->nTabRef--;
     pSrc->a[0].pTab = 0;
@@ -149764,7 +152222,7 @@ SQLITE_PRIVATE void sqlite3Update(
        && !hasFK
        && !chngKey
        && !bReplace
-       && (sNC.ncFlags & NC_Subquery)==0
+       && (pWhere==0 || !ExprHasProperty(pWhere, EP_Subquery))
       ){
         flags |= WHERE_ONEPASS_MULTIROW;
       }
@@ -149836,6 +152294,8 @@ SQLITE_PRIVATE void sqlite3Update(
 
     if( !isView ){
       int addrOnce = 0;
+      int iNotUsed1 = 0;
+      int iNotUsed2 = 0;
 
       /* Open every index that needs updating. */
       if( eOnePass!=ONEPASS_OFF ){
@@ -149847,7 +152307,7 @@ SQLITE_PRIVATE void sqlite3Update(
         addrOnce = sqlite3VdbeAddOp0(v, OP_Once); VdbeCoverage(v);
       }
       sqlite3OpenTableAndIndices(pParse, pTab, OP_OpenWrite, 0, iBaseCur,
-                                 aToOpen, 0, 0);
+                                 aToOpen, &iNotUsed1, &iNotUsed2);
       if( addrOnce ){
         sqlite3VdbeJumpHereOrPopInst(v, addrOnce);
       }
@@ -150138,8 +152598,10 @@ SQLITE_PRIVATE void sqlite3Update(
     sqlite3VdbeAddOp2(v, OP_AddImm, regRowCount, 1);
   }
 
-  sqlite3CodeRowTrigger(pParse, pTrigger, TK_UPDATE, pChanges,
-      TRIGGER_AFTER, pTab, regOldRowid, onError, labelContinue);
+  if( pTrigger ){
+    sqlite3CodeRowTrigger(pParse, pTrigger, TK_UPDATE, pChanges,
+        TRIGGER_AFTER, pTab, regOldRowid, onError, labelContinue);
+  }
 
   /* Repeat the above with the next record to be updated, until
   ** all record selected by the WHERE clause have been updated.
@@ -150234,7 +152696,7 @@ static void updateVirtualTable(
   int nArg = 2 + pTab->nCol;      /* Number of arguments to VUpdate */
   int regArg;                     /* First register in VUpdate arg array */
   int regRec;                     /* Register in which to assemble record */
-  int regRowid;                   /* Register for ephem table rowid */
+  int regRowid;                   /* Register for ephemeral table rowid */
   int iCsr = pSrc->a[0].iCursor;  /* Cursor used for virtual table scan */
   int aDummy[2];                  /* Unused arg for sqlite3WhereOkOnePass() */
   int eOnePass;                   /* True to use onepass strategy */
@@ -150278,7 +152740,9 @@ static void updateVirtualTable(
           sqlite3ExprDup(db, pChanges->a[aXRef[i]].pExpr, 0)
         );
       }else{
-        pList = sqlite3ExprListAppend(pParse, pList, exprRowColumn(pParse, i));
+        Expr *pRowExpr = exprRowColumn(pParse, i);
+        if( pRowExpr ) pRowExpr->op2 = OPFLAG_NOCHNG;
+        pList = sqlite3ExprListAppend(pParse, pList, pRowExpr);
       }
     }
 
@@ -150355,7 +152819,7 @@ static void updateVirtualTable(
       sqlite3WhereEnd(pWInfo);
     }
 
-    /* Begin scannning through the ephemeral table. */
+    /* Begin scanning through the ephemeral table. */
     addr = sqlite3VdbeAddOp1(v, OP_Rewind, ephemTab); VdbeCoverage(v);
 
     /* Extract arguments from the current row of the ephemeral table and
@@ -150563,7 +153027,7 @@ SQLITE_PRIVATE int sqlite3UpsertAnalyzeTarget(
           pExpr = &sCol[0];
         }
         for(jj=0; jja[jj].pExpr,pExpr,iCursor)<2 ){
+          if( sqlite3ExprCompare(0,pTarget->a[jj].pExpr,pExpr,iCursor)<2 ){
             break;  /* Column ii of the index matches column jj of target */
           }
         }
@@ -150912,7 +153376,7 @@ SQLITE_PRIVATE SQLITE_NOINLINE int sqlite3RunVacuum(
   ** (possibly synchronous) transaction opened on the main database before
   ** sqlite3BtreeCopyFile() is called.
   **
-  ** An optimisation would be to use a non-journaled pager.
+  ** An optimization would be to use a non-journaled pager.
   ** (Later:) I tried setting "PRAGMA vacuum_db.journal_mode=OFF" but
   ** that actually made the VACUUM run slower.  Very little journalling
   ** actually occurs when doing a vacuum since the vacuum_db is initially
@@ -151601,7 +154065,7 @@ SQLITE_PRIVATE void sqlite3VtabFinishParse(Parse *pParse, Token *pEnd){
     ** the information we've collected.
     **
     ** The VM register number pParse->regRowid holds the rowid of an
-    ** entry in the sqlite_schema table tht was created for this vtab
+    ** entry in the sqlite_schema table that was created for this vtab
     ** by sqlite3StartTable().
     */
     iDb = sqlite3SchemaToIndex(db, pTab->pSchema);
@@ -151941,7 +154405,7 @@ SQLITE_API int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){
   sqlite3_mutex_enter(db->mutex);
   pCtx = db->pVtabCtx;
   if( !pCtx || pCtx->bDeclared ){
-    sqlite3Error(db, SQLITE_MISUSE);
+    sqlite3Error(db, SQLITE_MISUSE_BKPT);
     sqlite3_mutex_leave(db->mutex);
     return SQLITE_MISUSE_BKPT;
   }
@@ -152345,7 +154809,7 @@ SQLITE_PRIVATE void sqlite3VtabMakeWritable(Parse *pParse, Table *pTab){
 **
 ** An eponymous virtual table instance is one that is named after its
 ** module, and more importantly, does not require a CREATE VIRTUAL TABLE
-** statement in order to come into existance.  Eponymous virtual table
+** statement in order to come into existence.  Eponymous virtual table
 ** instances always exist.  They cannot be DROP-ed.
 **
 ** Any virtual table module for which xConnect and xCreate are the same
@@ -152536,7 +155000,7 @@ typedef struct WhereRightJoin WhereRightJoin;
 
 /*
 ** This object is a header on a block of allocated memory that will be
-** automatically freed when its WInfo oject is destructed.
+** automatically freed when its WInfo object is destructed.
 */
 struct WhereMemBlock {
   WhereMemBlock *pNext;      /* Next block in the chain */
@@ -152597,7 +155061,7 @@ struct WhereLevel {
         int iCur;              /* The VDBE cursor used by this IN operator */
         int addrInTop;         /* Top of the IN loop */
         int iBase;             /* Base register of multi-key index record */
-        int nPrefix;           /* Number of prior entires in the key */
+        int nPrefix;           /* Number of prior entries in the key */
         u8 eEndLoopOp;         /* IN Loop terminator. OP_Next or OP_Prev */
       } *aInLoop;           /* Information about each nested IN operator */
     } in;                 /* Used when pWLoop->wsFlags&WHERE_IN_ABLE */
@@ -152847,7 +155311,7 @@ struct WhereClause {
   int nTerm;               /* Number of terms */
   int nSlot;               /* Number of entries in a[] */
   int nBase;               /* Number of terms through the last non-Virtual */
-  WhereTerm *a;            /* Each a[] describes a term of the WHERE cluase */
+  WhereTerm *a;            /* Each a[] describes a term of the WHERE clause */
 #if defined(SQLITE_SMALL_STACK)
   WhereTerm aStatic[1];    /* Initial static space for a[] */
 #else
@@ -153132,7 +155596,7 @@ SQLITE_PRIVATE void sqlite3WhereTabFuncArgs(Parse*, SrcItem*, WhereClause*);
 #define WHERE_BLOOMFILTER  0x00400000  /* Consider using a Bloom-filter */
 #define WHERE_SELFCULL     0x00800000  /* nOut reduced by extra WHERE terms */
 #define WHERE_OMIT_OFFSET  0x01000000  /* Set offset counter to zero */
-#define WHERE_VIEWSCAN     0x02000000  /* A full-scan of a VIEW or subquery */
+                      /*   0x02000000  -- available for reuse */
 #define WHERE_EXPRIDX      0x04000000  /* Uses an index-on-expressions */
 
 #endif /* !defined(SQLITE_WHEREINT_H) */
@@ -153435,6 +155899,12 @@ SQLITE_PRIVATE void sqlite3WhereAddScanStatus(
       if( wsFlags & WHERE_INDEXED ){
         sqlite3VdbeScanStatusRange(v, addrExplain, -1, pLvl->iIdxCur);
       }
+    }else{
+      int addr = pSrclist->a[pLvl->iFrom].addrFillSub;
+      VdbeOp *pOp = sqlite3VdbeGetOp(v, addr-1);
+      assert( sqlite3VdbeDb(v)->mallocFailed || pOp->opcode==OP_InitCoroutine );
+      assert( sqlite3VdbeDb(v)->mallocFailed || pOp->p2>addr );
+      sqlite3VdbeScanStatusRange(v, addrExplain, addr, pOp->p2-1);
     }
   }
 }
@@ -153932,7 +156402,7 @@ static int codeAllEqualityTerms(
   /* Figure out how many memory cells we will need then allocate them.
   */
   regBase = pParse->nMem + 1;
-  nReg = pLoop->u.btree.nEq + nExtraReg;
+  nReg = nEq + nExtraReg;
   pParse->nMem += nReg;
 
   zAff = sqlite3DbStrDup(pParse->db,sqlite3IndexAffinityStr(pParse->db,pIdx));
@@ -153979,9 +156449,6 @@ static int codeAllEqualityTerms(
         sqlite3VdbeAddOp2(v, OP_Copy, r1, regBase+j);
       }
     }
-  }
-  for(j=nSkip; jaLTerm[j];
     if( pTerm->eOperator & WO_IN ){
       if( pTerm->pExpr->flags & EP_xIsSelect ){
         /* No affinity ever needs to be (or should be) applied to a value
@@ -154124,7 +156591,7 @@ static int codeCursorHintIsOrFunction(Walker *pWalker, Expr *pExpr){
 **   2) transform the expression node to a TK_REGISTER node that reads
 **      from the newly populated register.
 **
-** Also, if the node is a TK_COLUMN that does access the table idenified
+** Also, if the node is a TK_COLUMN that does access the table identified
 ** by pCCurHint.iTabCur, and an index is being used (which we will
 ** know because CCurHint.pIdx!=0) then transform the TK_COLUMN into
 ** an access of the index rather than the original table.
@@ -154742,7 +157209,7 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
       };
       assert( TK_LE==TK_GT+1 );      /* Make sure the ordering.. */
       assert( TK_LT==TK_GT+2 );      /*  ... of the TK_xx values... */
-      assert( TK_GE==TK_GT+3 );      /*  ... is correcct. */
+      assert( TK_GE==TK_GT+3 );      /*  ... is correct. */
 
       assert( (pStart->wtFlags & TERM_VNULL)==0 );
       testcase( pStart->wtFlags & TERM_VIRTUAL );
@@ -155922,7 +158389,7 @@ SQLITE_PRIVATE SQLITE_NOINLINE void sqlite3WhereRightJoinLoop(
 ** the WHERE clause of SQL statements.
 **
 ** This file was originally part of where.c but was split out to improve
-** readability and editabiliity.  This file contains utility routines for
+** readability and editability.  This file contains utility routines for
 ** analyzing Expr objects in the WHERE clause.
 */
 /* #include "sqliteInt.h" */
@@ -156138,7 +158605,7 @@ static int isLikeOrGlob(
     ** range search. The third is because the caller assumes that the pattern
     ** consists of at least one character after all escapes have been
     ** removed.  */
-    if( cnt!=0 && 255!=(u8)z[cnt-1] && (cnt>1 || z[0]!=wc[3]) ){
+    if( (cnt>1 || (cnt>0 && z[0]!=wc[3])) && 255!=(u8)z[cnt-1] ){
       Expr *pPrefix;
 
       /* A "complete" match if the pattern ends with "*" or "%" */
@@ -156711,7 +159178,7 @@ static void exprAnalyzeOrTerm(
                                             pOrTerm->leftCursor))==0 ){
           /* This term must be of the form t1.a==t2.b where t2 is in the
           ** chngToIN set but t1 is not.  This term will be either preceded
-          ** or follwed by an inverted copy (t2.b==t1.a).  Skip this term
+          ** or followed by an inverted copy (t2.b==t1.a).  Skip this term
           ** and use its inversion. */
           testcase( pOrTerm->wtFlags & TERM_COPIED );
           testcase( pOrTerm->wtFlags & TERM_VIRTUAL );
@@ -156973,8 +159440,8 @@ static void exprAnalyze(
   WhereTerm *pTerm;                /* The term to be analyzed */
   WhereMaskSet *pMaskSet;          /* Set of table index masks */
   Expr *pExpr;                     /* The expression to be analyzed */
-  Bitmask prereqLeft;              /* Prerequesites of the pExpr->pLeft */
-  Bitmask prereqAll;               /* Prerequesites of pExpr */
+  Bitmask prereqLeft;              /* Prerequisites of the pExpr->pLeft */
+  Bitmask prereqAll;               /* Prerequisites of pExpr */
   Bitmask extraRight = 0;          /* Extra dependencies on LEFT JOIN */
   Expr *pStr1 = 0;                 /* RHS of LIKE/GLOB operator */
   int isComplete = 0;              /* RHS of LIKE/GLOB ends with wildcard */
@@ -158924,13 +161391,17 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
   WhereLoop *pLoop = pLevel->pWLoop;   /* The loop being coded */
   int iCur;                            /* Cursor for table getting the filter */
   IndexedExpr *saved_pIdxEpr;          /* saved copy of Parse.pIdxEpr */
+  IndexedExpr *saved_pIdxPartExpr;     /* saved copy of Parse.pIdxPartExpr */
 
   saved_pIdxEpr = pParse->pIdxEpr;
+  saved_pIdxPartExpr = pParse->pIdxPartExpr;
   pParse->pIdxEpr = 0;
+  pParse->pIdxPartExpr = 0;
 
   assert( pLoop!=0 );
   assert( v!=0 );
   assert( pLoop->wsFlags & WHERE_BLOOMFILTER );
+  assert( (pLoop->wsFlags & WHERE_IDX_ONLY)==0 );
 
   addrOnce = sqlite3VdbeAddOp0(v, OP_Once); VdbeCoverage(v);
   do{
@@ -159020,6 +161491,7 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
   }while( iLevel < pWInfo->nLevel );
   sqlite3VdbeJumpHere(v, addrOnce);
   pParse->pIdxEpr = saved_pIdxEpr;
+  pParse->pIdxPartExpr = saved_pIdxPartExpr;
 }
 
 
@@ -159535,7 +162007,7 @@ SQLITE_PRIVATE char sqlite3IndexColumnAffinity(sqlite3 *db, Index *pIdx, int iCo
 ** Value pLoop->nOut is currently set to the estimated number of rows
 ** visited for scanning (a=? AND b=?). This function reduces that estimate
 ** by some factor to account for the (c BETWEEN ? AND ?) expression based
-** on the stat4 data for the index. this scan will be peformed multiple
+** on the stat4 data for the index. this scan will be performed multiple
 ** times (once for each (a,b) combination that matches a=?) is dealt with
 ** by the caller.
 **
@@ -160290,7 +162762,7 @@ static WhereLoop **whereLoopFindLesser(
     ** rSetup. Call this SETUP-INVARIANT */
     assert( p->rSetup>=pTemplate->rSetup );
 
-    /* Any loop using an appliation-defined index (or PRIMARY KEY or
+    /* Any loop using an application-defined index (or PRIMARY KEY or
     ** UNIQUE constraint) with one or more == constraints is better
     ** than an automatic index. Unless it is a skip-scan. */
     if( (p->wsFlags & WHERE_AUTO_INDEX)!=0
@@ -160317,7 +162789,7 @@ static WhereLoop **whereLoopFindLesser(
 
     /* If pTemplate is always better than p, then cause p to be overwritten
     ** with pTemplate.  pTemplate is better than p if:
-    **   (1)  pTemplate has no more dependences than p, and
+    **   (1)  pTemplate has no more dependencies than p, and
     **   (2)  pTemplate has an equal or lower cost than p.
     */
     if( (p->prereq & pTemplate->prereq)==pTemplate->prereq   /* (1)  */
@@ -160435,7 +162907,7 @@ static int whereLoopInsert(WhereLoopBuilder *pBuilder, WhereLoop *pTemplate){
   }else{
     /* We will be overwriting WhereLoop p[].  But before we do, first
     ** go through the rest of the list and delete any other entries besides
-    ** p[] that are also supplated by pTemplate */
+    ** p[] that are also supplanted by pTemplate */
     WhereLoop **ppTail = &p->pNextLoop;
     WhereLoop *pToDel;
     while( *ppTail ){
@@ -160635,7 +163107,7 @@ static int whereRangeVectorLen(
 }
 
 /*
-** Adjust the cost C by the costMult facter T.  This only occurs if
+** Adjust the cost C by the costMult factor T.  This only occurs if
 ** compiled with -DSQLITE_ENABLE_COSTMULT
 */
 #ifdef SQLITE_ENABLE_COSTMULT
@@ -160662,7 +163134,7 @@ static int whereLoopAddBtreeIndex(
   Index *pProbe,                  /* An index on pSrc */
   LogEst nInMul                   /* log(Number of iterations due to IN) */
 ){
-  WhereInfo *pWInfo = pBuilder->pWInfo;  /* WHERE analyse context */
+  WhereInfo *pWInfo = pBuilder->pWInfo;  /* WHERE analyze context */
   Parse *pParse = pWInfo->pParse;        /* Parsing context */
   sqlite3 *db = pParse->db;       /* Database connection malloc context */
   WhereLoop *pNew;                /* Template WhereLoop under construction */
@@ -160972,7 +163444,7 @@ static int whereLoopAddBtreeIndex(
     assert( pSrc->pTab->szTabRow>0 );
     if( pProbe->idxType==SQLITE_IDXTYPE_IPK ){
       /* The pProbe->szIdxRow is low for an IPK table since the interior
-      ** pages are small.  Thuse szIdxRow gives a good estimate of seek cost.
+      ** pages are small.  Thus szIdxRow gives a good estimate of seek cost.
       ** But the leaf pages are full-size, so pProbe->szIdxRow would badly
       ** under-estimate the scanning cost. */
       rCostIdx = pNew->nOut + 16;
@@ -161279,6 +163751,100 @@ static SQLITE_NOINLINE u32 whereIsCoveringIndex(
   return rc;
 }
 
+/*
+** This is an sqlite3ParserAddCleanup() callback that is invoked to
+** free the Parse->pIdxEpr list when the Parse object is destroyed.
+*/
+static void whereIndexedExprCleanup(sqlite3 *db, void *pObject){
+  IndexedExpr **pp = (IndexedExpr**)pObject;
+  while( *pp!=0 ){
+    IndexedExpr *p = *pp;
+    *pp = p->pIENext;
+    sqlite3ExprDelete(db, p->pExpr);
+    sqlite3DbFreeNN(db, p);
+  }
+}
+
+/*
+** This function is called for a partial index - one with a WHERE clause - in
+** two scenarios. In both cases, it determines whether or not the WHERE
+** clause on the index implies that a column of the table may be safely
+** replaced by a constant expression. For example, in the following
+** SELECT:
+**
+**   CREATE INDEX i1 ON t1(b, c) WHERE a=;
+**   SELECT a, b, c FROM t1 WHERE a= AND b=?;
+**
+** The "a" in the select-list may be replaced by , iff:
+**
+**    (a)  is a constant expression, and
+**    (b) The (a=) comparison uses the BINARY collation sequence, and
+**    (c) Column "a" has an affinity other than NONE or BLOB.
+**
+** If argument pItem is NULL, then pMask must not be NULL. In this case this
+** function is being called as part of determining whether or not pIdx
+** is a covering index. This function clears any bits in (*pMask)
+** corresponding to columns that may be replaced by constants as described
+** above.
+**
+** Otherwise, if pItem is not NULL, then this function is being called
+** as part of coding a loop that uses index pIdx. In this case, add entries
+** to the Parse.pIdxPartExpr list for each column that can be replaced
+** by a constant.
+*/
+static void wherePartIdxExpr(
+  Parse *pParse,                  /* Parse context */
+  Index *pIdx,                    /* Partial index being processed */
+  Expr *pPart,                    /* WHERE clause being processed */
+  Bitmask *pMask,                 /* Mask to clear bits in */
+  int iIdxCur,                    /* Cursor number for index */
+  SrcItem *pItem                  /* The FROM clause entry for the table */
+){
+  assert( pItem==0 || (pItem->fg.jointype & JT_RIGHT)==0 );
+  assert( (pItem==0 || pMask==0) && (pMask!=0 || pItem!=0) );
+
+  if( pPart->op==TK_AND ){
+    wherePartIdxExpr(pParse, pIdx, pPart->pRight, pMask, iIdxCur, pItem);
+    pPart = pPart->pLeft;
+  }
+
+  if( (pPart->op==TK_EQ || pPart->op==TK_IS) ){
+    Expr *pLeft = pPart->pLeft;
+    Expr *pRight = pPart->pRight;
+    u8 aff;
+
+    if( pLeft->op!=TK_COLUMN ) return;
+    if( !sqlite3ExprIsConstant(pRight) ) return;
+    if( !sqlite3IsBinary(sqlite3ExprCompareCollSeq(pParse, pPart)) ) return;
+    if( pLeft->iColumn<0 ) return;
+    aff = pIdx->pTable->aCol[pLeft->iColumn].affinity;
+    if( aff>=SQLITE_AFF_TEXT ){
+      if( pItem ){
+        sqlite3 *db = pParse->db;
+        IndexedExpr *p = (IndexedExpr*)sqlite3DbMallocRaw(db, sizeof(*p));
+        if( p ){
+          int bNullRow = (pItem->fg.jointype&(JT_LEFT|JT_LTORJ))!=0;
+          p->pExpr = sqlite3ExprDup(db, pRight, 0);
+          p->iDataCur = pItem->iCursor;
+          p->iIdxCur = iIdxCur;
+          p->iIdxCol = pLeft->iColumn;
+          p->bMaybeNullRow = bNullRow;
+          p->pIENext = pParse->pIdxPartExpr;
+          p->aff = aff;
+          pParse->pIdxPartExpr = p;
+          if( p->pIENext==0 ){
+            void *pArg = (void*)&pParse->pIdxPartExpr;
+            sqlite3ParserAddCleanup(pParse, whereIndexedExprCleanup, pArg);
+          }
+        }
+      }else if( pLeft->iColumn<(BMS-1) ){
+        *pMask &= ~((Bitmask)1 << pLeft->iColumn);
+      }
+    }
+  }
+}
+
+
 /*
 ** Add all WhereLoop objects for a single table of the join where the table
 ** is identified by pBuilder->pNew->iTab.  That table is guaranteed to be
@@ -161317,7 +163883,7 @@ static SQLITE_NOINLINE u32 whereIsCoveringIndex(
 */
 static int whereLoopAddBtree(
   WhereLoopBuilder *pBuilder, /* WHERE clause information */
-  Bitmask mPrereq             /* Extra prerequesites for using this table */
+  Bitmask mPrereq             /* Extra prerequisites for using this table */
 ){
   WhereInfo *pWInfo;          /* WHERE analysis context */
   Index *pProbe;              /* An index we are evaluating */
@@ -161482,9 +164048,6 @@ static int whereLoopAddBtree(
 #else
       pNew->rRun = rSize + 16;
 #endif
-      if( IsView(pTab) || (pTab->tabFlags & TF_Ephemeral)!=0 ){
-        pNew->wsFlags |= WHERE_VIEWSCAN;
-      }
       ApplyCostMultiplier(pNew->rRun, pTab->costMult);
       whereLoopOutputAdjust(pWC, pNew, rSize);
       rc = whereLoopInsert(pBuilder, pNew);
@@ -161497,6 +164060,11 @@ static int whereLoopAddBtree(
         pNew->wsFlags = WHERE_IDX_ONLY | WHERE_INDEXED;
       }else{
         m = pSrc->colUsed & pProbe->colNotIdxed;
+        if( pProbe->pPartIdxWhere ){
+          wherePartIdxExpr(
+              pWInfo->pParse, pProbe, pProbe->pPartIdxWhere, &m, 0, 0
+          );
+        }
         pNew->wsFlags = WHERE_INDEXED;
         if( m==TOPBIT || (pProbe->bHasExpr && !pProbe->bHasVCol && m!=0) ){
           u32 isCov = whereIsCoveringIndex(pWInfo, pProbe, pSrc->iCursor);
@@ -161824,7 +164392,7 @@ static int whereLoopAddVirtualOne(
 **
 ** Return a pointer to the collation name:
 **
-**    1. If there is an explicit COLLATE operator on the constaint, return it.
+**    1. If there is an explicit COLLATE operator on the constraint, return it.
 **
 **    2. Else, if the column has an alternative collation, return that.
 **
@@ -161879,7 +164447,7 @@ SQLITE_API int sqlite3_vtab_rhs_value(
   sqlite3_value *pVal = 0;
   int rc = SQLITE_OK;
   if( iCons<0 || iCons>=pIdxInfo->nConstraint ){
-    rc = SQLITE_MISUSE; /* EV: R-30545-25046 */
+    rc = SQLITE_MISUSE_BKPT; /* EV: R-30545-25046 */
   }else{
     if( pH->aRhs[iCons]==0 ){
       WhereTerm *pTerm = &pH->pWC->a[pIdxInfo->aConstraint[iCons].iTermOffset];
@@ -162785,7 +165353,8 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
   ** For joins of 3 or more tables, track the 10 best paths */
   mxChoice = (nLoop<=1) ? 1 : (nLoop==2 ? 5 : 10);
   assert( nLoop<=pWInfo->pTabList->nSrc );
-  WHERETRACE(0x002, ("---- begin solver.  (nRowEst=%d)\n", nRowEst));
+  WHERETRACE(0x002, ("---- begin solver.  (nRowEst=%d, nQueryLoop=%d)\n",
+                     nRowEst, pParse->nQueryLoop));
 
   /* If nRowEst is zero and there is an ORDER BY clause, ignore it. In this
   ** case the purpose of this call is to estimate the number of rows returned
@@ -162888,7 +165457,7 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
             );
           }
           /* TUNING:  Add a small extra penalty (3) to sorting as an
-          ** extra encouragment to the query planner to select a plan
+          ** extra encouragement to the query planner to select a plan
           ** where the rows emerge in the correct order without any sorting
           ** required. */
           rCost = sqlite3LogEstAdd(rUnsorted, aSortCost[isOrdered]) + 3;
@@ -162902,13 +165471,6 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
           rUnsorted -= 2;  /* TUNING:  Slight bias in favor of no-sort plans */
         }
 
-        /* TUNING:  A full-scan of a VIEW or subquery in the outer loop
-        ** is not so bad. */
-        if( iLoop==0 && (pWLoop->wsFlags & WHERE_VIEWSCAN)!=0 ){
-          rCost += -10;
-          nOut += -30;
-        }
-
         /* Check to see if pWLoop should be added to the set of
         ** mxChoice best-so-far paths.
         **
@@ -163458,20 +166020,6 @@ static SQLITE_NOINLINE void whereCheckIfBloomFilterIsUseful(
   }
 }
 
-/*
-** This is an sqlite3ParserAddCleanup() callback that is invoked to
-** free the Parse->pIdxEpr list when the Parse object is destroyed.
-*/
-static void whereIndexedExprCleanup(sqlite3 *db, void *pObject){
-  Parse *pParse = (Parse*)pObject;
-  while( pParse->pIdxEpr!=0 ){
-    IndexedExpr *p = pParse->pIdxEpr;
-    pParse->pIdxEpr = p->pIENext;
-    sqlite3ExprDelete(db, p->pExpr);
-    sqlite3DbFreeNN(db, p);
-  }
-}
-
 /*
 ** The index pIdx is used by a query and contains one or more expressions.
 ** In other words pIdx is an index on an expression.  iIdxCur is the cursor
@@ -163533,7 +166081,30 @@ static SQLITE_NOINLINE void whereAddIndexedExpr(
 #endif
     pParse->pIdxEpr = p;
     if( p->pIENext==0 ){
-      sqlite3ParserAddCleanup(pParse, whereIndexedExprCleanup, pParse);
+      void *pArg = (void*)&pParse->pIdxEpr;
+      sqlite3ParserAddCleanup(pParse, whereIndexedExprCleanup, pArg);
+    }
+  }
+}
+
+/*
+** Set the reverse-scan order mask to one for all tables in the query
+** with the exception of MATERIALIZED common table expressions that have
+** their own internal ORDER BY clauses.
+**
+** This implements the PRAGMA reverse_unordered_selects=ON setting.
+** (Also SQLITE_DBCONFIG_REVERSE_SCANORDER).
+*/
+static SQLITE_NOINLINE void whereReverseScanOrder(WhereInfo *pWInfo){
+  int ii;
+  for(ii=0; iipTabList->nSrc; ii++){
+    SrcItem *pItem = &pWInfo->pTabList->a[ii];
+    if( !pItem->fg.isCte
+     || pItem->u2.pCteUse->eM10d!=M10d_Yes
+     || NEVER(pItem->pSelect==0)
+     || pItem->pSelect->pOrderBy==0
+    ){
+      pWInfo->revMask |= MASKBIT(ii);
     }
   }
 }
@@ -163596,7 +166167,7 @@ static SQLITE_NOINLINE void whereAddIndexedExpr(
 **
 ** OUTER JOINS
 **
-** An outer join of tables t1 and t2 is conceptally coded as follows:
+** An outer join of tables t1 and t2 is conceptually coded as follows:
 **
 **    foreach row1 in t1 do
 **      flag = 0
@@ -163751,7 +166322,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
     **
     ** The N-th term of the FROM clause is assigned a bitmask of 1<nRowOut+1);
        if( db->mallocFailed ) goto whereBeginError;
     }
+
+    /* TUNING:  Assume that a DISTINCT clause on a subquery reduces
+    ** the output size by a factor of 8 (LogEst -30).
+    */
+    if( (pWInfo->wctrlFlags & WHERE_WANT_DISTINCT)!=0 ){
+      WHERETRACE(0x0080,("nRowOut reduced from %d to %d due to DISTINCT\n",
+                         pWInfo->nRowOut, pWInfo->nRowOut-30));
+      pWInfo->nRowOut -= 30;
+    }
+
   }
+  assert( pWInfo->pTabList!=0 );
   if( pWInfo->pOrderBy==0 && (db->flags & SQLITE_ReverseOrder)!=0 ){
-     pWInfo->revMask = ALLBITS;
+    whereReverseScanOrder(pWInfo);
   }
   if( pParse->nErr ){
     goto whereBeginError;
@@ -164003,6 +166585,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
         0!=(wctrlFlags & WHERE_ONEPASS_MULTIROW)
      && !IsVirtual(pTabList->a[0].pTab)
      && (0==(wsFlags & WHERE_MULTI_OR) || (wctrlFlags & WHERE_DUPLICATES_OK))
+     && OptimizationEnabled(db, SQLITE_OnePass)
     )){
       pWInfo->eOnePass = bOnerow ? ONEPASS_SINGLE : ONEPASS_MULTI;
       if( HasRowid(pTabList->a[0].pTab) && (wsFlags & WHERE_IDX_ONLY) ){
@@ -164111,6 +166694,11 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
         if( pIx->bHasExpr && OptimizationEnabled(db, SQLITE_IndexedExpr) ){
           whereAddIndexedExpr(pParse, pIx, iIndexCur, pTabItem);
         }
+        if( pIx->pPartIdxWhere && (pTabItem->fg.jointype & JT_RIGHT)==0 ){
+          wherePartIdxExpr(
+              pParse, pIx, pIx->pPartIdxWhere, 0, iIndexCur, pTabItem
+          );
+        }
       }
       pLevel->iIdxCur = iIndexCur;
       assert( pIx!=0 );
@@ -164732,7 +167320,7 @@ SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
 **
 **   These are the same built-in window functions supported by Postgres.
 **   Although the behaviour of aggregate window functions (functions that
-**   can be used as either aggregates or window funtions) allows them to
+**   can be used as either aggregates or window functions) allows them to
 **   be implemented using an API, built-in window functions are much more
 **   esoteric. Additionally, some window functions (e.g. nth_value())
 **   may only be implemented by caching the entire partition in memory.
@@ -165262,7 +167850,7 @@ static Window *windowFind(Parse *pParse, Window *pList, const char *zName){
 ** is the Window object representing the associated OVER clause. This
 ** function updates the contents of pWin as follows:
 **
-**   * If the OVER clause refered to a named window (as in "max(x) OVER win"),
+**   * If the OVER clause referred to a named window (as in "max(x) OVER win"),
 **     search list pList for a matching WINDOW definition, and update pWin
 **     accordingly. If no such WINDOW clause can be found, leave an error
 **     in pParse.
@@ -165883,7 +168471,7 @@ SQLITE_PRIVATE Window *sqlite3WindowAssemble(
 }
 
 /*
-** Window *pWin has just been created from a WINDOW clause. Tokne pBase
+** Window *pWin has just been created from a WINDOW clause. Token pBase
 ** is the base window. Earlier windows from the same WINDOW clause are
 ** stored in the linked list starting at pWin->pNextWin. This function
 ** either updates *pWin according to the base specification, or else
@@ -165927,8 +168515,9 @@ SQLITE_PRIVATE void sqlite3WindowAttach(Parse *pParse, Expr *p, Window *pWin){
   if( p ){
     assert( p->op==TK_FUNCTION );
     assert( pWin );
+    assert( ExprIsFullSize(p) );
     p->y.pWin = pWin;
-    ExprSetProperty(p, EP_WinFunc);
+    ExprSetProperty(p, EP_WinFunc|EP_FullSize);
     pWin->pOwner = p;
     if( (p->flags & EP_Distinct) && pWin->eFrmType!=TK_FILTER ){
       sqlite3ErrorMsg(pParse,
@@ -166189,7 +168778,7 @@ struct WindowCsrAndReg {
 **
 **     (ORDER BY a, b GROUPS BETWEEN 2 PRECEDING AND 2 FOLLOWING)
 **
-**   The windows functions implmentation caches the input rows in a temp
+**   The windows functions implementation caches the input rows in a temp
 **   table, sorted by "a, b" (it actually populates the cache lazily, and
 **   aggressively removes rows once they are no longer required, but that's
 **   a mere detail). It keeps three cursors open on the temp table. One
@@ -167198,7 +169787,7 @@ static int windowExprGtZero(Parse *pParse, Expr *pExpr){
 **
 ** For the most part, the patterns above are adapted to support UNBOUNDED by
 ** assuming that it is equivalent to "infinity PRECEDING/FOLLOWING" and
-** CURRENT ROW by assuming that it is equivilent to "0 PRECEDING/FOLLOWING".
+** CURRENT ROW by assuming that it is equivalent to "0 PRECEDING/FOLLOWING".
 ** This is optimized of course - branches that will never be taken and
 ** conditions that are always true are omitted from the VM code. The only
 ** exceptional case is:
@@ -167477,7 +170066,7 @@ SQLITE_PRIVATE void sqlite3WindowCodeStep(
   }
 
   /* Allocate registers for the array of values from the sub-query, the
-  ** samve values in record form, and the rowid used to insert said record
+  ** same values in record form, and the rowid used to insert said record
   ** into the ephemeral table.  */
   regNew = pParse->nMem+1;
   pParse->nMem += nInput;
@@ -167718,7 +170307,8 @@ SQLITE_PRIVATE void sqlite3WindowCodeStep(
 /************** End of window.c **********************************************/
 /************** Begin file parse.c *******************************************/
 /* This file is automatically generated by Lemon from input grammar
-** source file "parse.y". */
+** source file "parse.y".
+*/
 /*
 ** 2001-09-15
 **
@@ -167735,7 +170325,7 @@ SQLITE_PRIVATE void sqlite3WindowCodeStep(
 ** The canonical source code to this file ("parse.y") is a Lemon grammar
 ** file that specifies the input grammar and actions to take while parsing.
 ** That input file is processed by Lemon to generate a C-language
-** implementation of a parser for the given grammer.  You might be reading
+** implementation of a parser for the given grammar.  You might be reading
 ** this comment as part of the translated C-code.  Edits should be made
 ** to the original parse.y sources.
 */
@@ -168229,18 +170819,18 @@ typedef union {
 #define sqlite3ParserCTX_FETCH Parse *pParse=yypParser->pParse;
 #define sqlite3ParserCTX_STORE yypParser->pParse=pParse;
 #define YYFALLBACK 1
-#define YYNSTATE             575
-#define YYNRULE              403
+#define YYNSTATE             579
+#define YYNRULE              405
 #define YYNRULE_WITH_ACTION  340
 #define YYNTOKEN             185
-#define YY_MAX_SHIFT         574
-#define YY_MIN_SHIFTREDUCE   833
-#define YY_MAX_SHIFTREDUCE   1235
-#define YY_ERROR_ACTION      1236
-#define YY_ACCEPT_ACTION     1237
-#define YY_NO_ACTION         1238
-#define YY_MIN_REDUCE        1239
-#define YY_MAX_REDUCE        1641
+#define YY_MAX_SHIFT         578
+#define YY_MIN_SHIFTREDUCE   838
+#define YY_MAX_SHIFTREDUCE   1242
+#define YY_ERROR_ACTION      1243
+#define YY_ACCEPT_ACTION     1244
+#define YY_NO_ACTION         1245
+#define YY_MIN_REDUCE        1246
+#define YY_MAX_REDUCE        1650
 /************* End control #defines *******************************************/
 #define YY_NLOOKAHEAD ((int)(sizeof(yy_lookahead)/sizeof(yy_lookahead[0])))
 
@@ -168307,218 +170897,218 @@ typedef union {
 **  yy_default[]       Default action for each state.
 **
 *********** Begin parsing tables **********************************************/
-#define YY_ACTTAB_COUNT (2096)
+#define YY_ACTTAB_COUNT (2100)
 static const YYACTIONTYPE yy_action[] = {
- /*     0 */   568,  208,  568,  118,  115,  229,  568,  118,  115,  229,
- /*    10 */   568, 1310,  377, 1289,  408,  562,  562,  562,  568,  409,
- /*    20 */   378, 1310, 1272,   41,   41,   41,   41,  208, 1520,   71,
- /*    30 */    71,  969,  419,   41,   41,  491,  303,  279,  303,  970,
- /*    40 */   397,   71,   71,  125,  126,   80, 1212, 1212, 1047, 1050,
- /*    50 */  1037, 1037,  123,  123,  124,  124,  124,  124,  476,  409,
- /*    60 */  1237,    1,    1,  574,    2, 1241,  550,  118,  115,  229,
- /*    70 */   317,  480,  146,  480,  524,  118,  115,  229,  529, 1323,
- /*    80 */   417,  523,  142,  125,  126,   80, 1212, 1212, 1047, 1050,
- /*    90 */  1037, 1037,  123,  123,  124,  124,  124,  124,  118,  115,
- /*   100 */   229,  327,  122,  122,  122,  122,  121,  121,  120,  120,
- /*   110 */   120,  119,  116,  444,  284,  284,  284,  284,  442,  442,
- /*   120 */   442, 1561,  376, 1563, 1188,  375, 1159,  565, 1159,  565,
- /*   130 */   409, 1561,  537,  259,  226,  444,  101,  145,  449,  316,
- /*   140 */   559,  240,  122,  122,  122,  122,  121,  121,  120,  120,
- /*   150 */   120,  119,  116,  444,  125,  126,   80, 1212, 1212, 1047,
- /*   160 */  1050, 1037, 1037,  123,  123,  124,  124,  124,  124,  142,
- /*   170 */   294, 1188,  339,  448,  120,  120,  120,  119,  116,  444,
- /*   180 */   127, 1188, 1189, 1188,  148,  441,  440,  568,  119,  116,
- /*   190 */   444,  124,  124,  124,  124,  117,  122,  122,  122,  122,
- /*   200 */   121,  121,  120,  120,  120,  119,  116,  444,  454,  113,
- /*   210 */    13,   13,  546,  122,  122,  122,  122,  121,  121,  120,
- /*   220 */   120,  120,  119,  116,  444,  422,  316,  559, 1188, 1189,
- /*   230 */  1188,  149, 1220,  409, 1220,  124,  124,  124,  124,  122,
- /*   240 */   122,  122,  122,  121,  121,  120,  120,  120,  119,  116,
- /*   250 */   444,  465,  342, 1034, 1034, 1048, 1051,  125,  126,   80,
- /*   260 */  1212, 1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,
- /*   270 */   124,  124, 1275,  522,  222, 1188,  568,  409,  224,  514,
- /*   280 */   175,   82,   83,  122,  122,  122,  122,  121,  121,  120,
- /*   290 */   120,  120,  119,  116,  444, 1005,   16,   16, 1188,  133,
- /*   300 */   133,  125,  126,   80, 1212, 1212, 1047, 1050, 1037, 1037,
- /*   310 */   123,  123,  124,  124,  124,  124,  122,  122,  122,  122,
- /*   320 */   121,  121,  120,  120,  120,  119,  116,  444, 1038,  546,
- /*   330 */  1188,  373, 1188, 1189, 1188,  252, 1429,  399,  504,  501,
- /*   340 */   500,  111,  560,  566,    4,  924,  924,  433,  499,  340,
- /*   350 */   460,  328,  360,  394, 1233, 1188, 1189, 1188,  563,  568,
- /*   360 */   122,  122,  122,  122,  121,  121,  120,  120,  120,  119,
- /*   370 */   116,  444,  284,  284,  369, 1574, 1600,  441,  440,  154,
- /*   380 */   409,  445,   71,   71, 1282,  565, 1217, 1188, 1189, 1188,
- /*   390 */    85, 1219,  271,  557,  543,  515, 1555,  568,   98, 1218,
- /*   400 */     6, 1274,  472,  142,  125,  126,   80, 1212, 1212, 1047,
- /*   410 */  1050, 1037, 1037,  123,  123,  124,  124,  124,  124,  550,
- /*   420 */    13,   13, 1024,  507, 1220, 1188, 1220,  549,  109,  109,
- /*   430 */   222,  568, 1234,  175,  568,  427,  110,  197,  445,  569,
- /*   440 */   445,  430, 1546, 1014,  325,  551, 1188,  270,  287,  368,
- /*   450 */   510,  363,  509,  257,   71,   71,  543,   71,   71,  359,
- /*   460 */   316,  559, 1606,  122,  122,  122,  122,  121,  121,  120,
- /*   470 */   120,  120,  119,  116,  444, 1014, 1014, 1016, 1017,   27,
- /*   480 */   284,  284, 1188, 1189, 1188, 1154,  568, 1605,  409,  899,
- /*   490 */   190,  550,  356,  565,  550,  935,  533,  517, 1154,  516,
- /*   500 */   413, 1154,  552, 1188, 1189, 1188,  568,  544, 1548,   51,
- /*   510 */    51,  214,  125,  126,   80, 1212, 1212, 1047, 1050, 1037,
- /*   520 */  1037,  123,  123,  124,  124,  124,  124, 1188,  474,  135,
- /*   530 */   135,  409,  284,  284, 1484,  505,  121,  121,  120,  120,
- /*   540 */   120,  119,  116,  444, 1005,  565,  518,  217,  541, 1555,
- /*   550 */   316,  559,  142,    6,  532,  125,  126,   80, 1212, 1212,
- /*   560 */  1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,  124,
- /*   570 */  1549,  122,  122,  122,  122,  121,  121,  120,  120,  120,
- /*   580 */   119,  116,  444,  485, 1188, 1189, 1188,  482,  281, 1263,
- /*   590 */   955,  252, 1188,  373,  504,  501,  500, 1188,  340,  570,
- /*   600 */  1188,  570,  409,  292,  499,  955,  874,  191,  480,  316,
- /*   610 */   559,  384,  290,  380,  122,  122,  122,  122,  121,  121,
- /*   620 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1212,
- /*   630 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
- /*   640 */   124,  409,  394, 1132, 1188,  867,  100,  284,  284, 1188,
- /*   650 */  1189, 1188,  373, 1089, 1188, 1189, 1188, 1188, 1189, 1188,
- /*   660 */   565,  455,   32,  373,  233,  125,  126,   80, 1212, 1212,
- /*   670 */  1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,  124,
- /*   680 */  1428,  957,  568,  228,  956,  122,  122,  122,  122,  121,
- /*   690 */   121,  120,  120,  120,  119,  116,  444, 1154,  228, 1188,
- /*   700 */   157, 1188, 1189, 1188, 1547,   13,   13,  301,  955, 1228,
- /*   710 */  1154,  153,  409, 1154,  373, 1577, 1172,    5,  369, 1574,
- /*   720 */   429, 1234,    3,  955,  122,  122,  122,  122,  121,  121,
- /*   730 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1212,
- /*   740 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
- /*   750 */   124,  409,  208,  567, 1188, 1025, 1188, 1189, 1188, 1188,
- /*   760 */   388,  850,  155, 1546,  286,  402, 1094, 1094,  488,  568,
- /*   770 */   465,  342, 1315, 1315, 1546,  125,  126,   80, 1212, 1212,
- /*   780 */  1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,  124,
- /*   790 */   129,  568,   13,   13,  374,  122,  122,  122,  122,  121,
- /*   800 */   121,  120,  120,  120,  119,  116,  444,  302,  568,  453,
- /*   810 */   528, 1188, 1189, 1188,   13,   13, 1188, 1189, 1188, 1293,
- /*   820 */   463, 1263,  409, 1313, 1313, 1546, 1010,  453,  452,  200,
- /*   830 */   299,   71,   71, 1261,  122,  122,  122,  122,  121,  121,
- /*   840 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1212,
- /*   850 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
- /*   860 */   124,  409,  227, 1069, 1154,  284,  284,  419,  312,  278,
- /*   870 */   278,  285,  285, 1415,  406,  405,  382, 1154,  565,  568,
- /*   880 */  1154, 1191,  565, 1594,  565,  125,  126,   80, 1212, 1212,
- /*   890 */  1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,  124,
- /*   900 */   453, 1476,   13,   13, 1530,  122,  122,  122,  122,  121,
- /*   910 */   121,  120,  120,  120,  119,  116,  444,  201,  568,  354,
- /*   920 */  1580,  574,    2, 1241,  838,  839,  840, 1556,  317, 1207,
- /*   930 */   146,    6,  409,  255,  254,  253,  206, 1323,    9, 1191,
- /*   940 */   262,   71,   71,  424,  122,  122,  122,  122,  121,  121,
- /*   950 */   120,  120,  120,  119,  116,  444,  125,  126,   80, 1212,
- /*   960 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
- /*   970 */   124,  568,  284,  284,  568, 1208,  409,  573,  313, 1241,
- /*   980 */   349, 1292,  352,  419,  317,  565,  146,  491,  525, 1637,
- /*   990 */   395,  371,  491, 1323,   70,   70, 1291,   71,   71,  240,
- /*  1000 */  1321,  104,   80, 1212, 1212, 1047, 1050, 1037, 1037,  123,
- /*  1010 */   123,  124,  124,  124,  124,  122,  122,  122,  122,  121,
- /*  1020 */   121,  120,  120,  120,  119,  116,  444, 1110,  284,  284,
- /*  1030 */   428,  448, 1519, 1208,  439,  284,  284, 1483, 1348,  311,
- /*  1040 */   474,  565, 1111,  969,  491,  491,  217, 1259,  565, 1532,
- /*  1050 */   568,  970,  207,  568, 1024,  240,  383, 1112,  519,  122,
- /*  1060 */   122,  122,  122,  121,  121,  120,  120,  120,  119,  116,
- /*  1070 */   444, 1015,  107,   71,   71, 1014,   13,   13,  910,  568,
- /*  1080 */  1489,  568,  284,  284,   97,  526,  491,  448,  911, 1322,
- /*  1090 */  1318,  545,  409,  284,  284,  565,  151,  209, 1489, 1491,
- /*  1100 */   262,  450,   55,   55,   56,   56,  565, 1014, 1014, 1016,
- /*  1110 */   443,  332,  409,  527,   12,  295,  125,  126,   80, 1212,
- /*  1120 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
- /*  1130 */   124,  347,  409,  862, 1528, 1208,  125,  126,   80, 1212,
- /*  1140 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
- /*  1150 */   124, 1133, 1635,  474, 1635,  371,  125,  114,   80, 1212,
- /*  1160 */  1212, 1047, 1050, 1037, 1037,  123,  123,  124,  124,  124,
- /*  1170 */   124, 1489,  329,  474,  331,  122,  122,  122,  122,  121,
- /*  1180 */   121,  120,  120,  120,  119,  116,  444,  203, 1415,  568,
- /*  1190 */  1290,  862,  464, 1208,  436,  122,  122,  122,  122,  121,
- /*  1200 */   121,  120,  120,  120,  119,  116,  444,  553, 1133, 1636,
- /*  1210 */   539, 1636,   15,   15,  890,  122,  122,  122,  122,  121,
- /*  1220 */   121,  120,  120,  120,  119,  116,  444,  568,  298,  538,
- /*  1230 */  1131, 1415, 1553, 1554, 1327,  409,    6,    6, 1165, 1264,
- /*  1240 */   415,  320,  284,  284, 1415,  508,  565,  525,  300,  457,
- /*  1250 */    43,   43,  568,  891,   12,  565,  330,  478,  425,  407,
- /*  1260 */   126,   80, 1212, 1212, 1047, 1050, 1037, 1037,  123,  123,
- /*  1270 */   124,  124,  124,  124,  568,   57,   57,  288, 1188, 1415,
- /*  1280 */   496,  458,  392,  392,  391,  273,  389, 1131, 1552,  847,
- /*  1290 */  1165,  407,    6,  568,  321, 1154,  470,   44,   44, 1551,
- /*  1300 */  1110,  426,  234,    6,  323,  256,  540,  256, 1154,  431,
- /*  1310 */   568, 1154,  322,   17,  487, 1111,   58,   58,  122,  122,
- /*  1320 */   122,  122,  121,  121,  120,  120,  120,  119,  116,  444,
- /*  1330 */  1112,  216,  481,   59,   59, 1188, 1189, 1188,  111,  560,
- /*  1340 */   324,    4,  236,  456,  526,  568,  237,  456,  568,  437,
- /*  1350 */   168,  556,  420,  141,  479,  563,  568,  293,  568, 1091,
- /*  1360 */   568,  293,  568, 1091,  531,  568,  870,    8,   60,   60,
- /*  1370 */   235,   61,   61,  568,  414,  568,  414,  568,  445,   62,
- /*  1380 */    62,   45,   45,   46,   46,   47,   47,  199,   49,   49,
- /*  1390 */   557,  568,  359,  568,  100,  486,   50,   50,   63,   63,
- /*  1400 */    64,   64,  561,  415,  535,  410,  568, 1024,  568,  534,
- /*  1410 */   316,  559,  316,  559,   65,   65,   14,   14,  568, 1024,
- /*  1420 */   568,  512,  930,  870, 1015,  109,  109,  929, 1014,   66,
- /*  1430 */    66,  131,  131,  110,  451,  445,  569,  445,  416,  177,
- /*  1440 */  1014,  132,  132,   67,   67,  568,  467,  568,  930,  471,
- /*  1450 */  1360,  283,  226,  929,  315, 1359,  407,  568,  459,  407,
- /*  1460 */  1014, 1014, 1016,  239,  407,   86,  213, 1346,   52,   52,
- /*  1470 */    68,   68, 1014, 1014, 1016, 1017,   27, 1579, 1176,  447,
- /*  1480 */    69,   69,  288,   97,  108, 1535,  106,  392,  392,  391,
- /*  1490 */   273,  389,  568,  877,  847,  881,  568,  111,  560,  466,
- /*  1500 */     4,  568,  152,   30,   38,  568, 1128,  234,  396,  323,
- /*  1510 */   111,  560,  527,    4,  563,   53,   53,  322,  568,  163,
- /*  1520 */   163,  568,  337,  468,  164,  164,  333,  563,   76,   76,
- /*  1530 */   568,  289, 1508,  568,   31, 1507,  568,  445,  338,  483,
- /*  1540 */   100,   54,   54,  344,   72,   72,  296,  236, 1076,  557,
- /*  1550 */   445,  877, 1356,  134,  134,  168,   73,   73,  141,  161,
- /*  1560 */   161, 1568,  557,  535,  568,  319,  568,  348,  536, 1007,
- /*  1570 */   473,  261,  261,  889,  888,  235,  535,  568, 1024,  568,
- /*  1580 */   475,  534,  261,  367,  109,  109,  521,  136,  136,  130,
- /*  1590 */   130, 1024,  110,  366,  445,  569,  445,  109,  109, 1014,
- /*  1600 */   162,  162,  156,  156,  568,  110, 1076,  445,  569,  445,
- /*  1610 */   410,  351, 1014,  568,  353,  316,  559,  568,  343,  568,
- /*  1620 */   100,  497,  357,  258,  100,  896,  897,  140,  140,  355,
- /*  1630 */  1306, 1014, 1014, 1016, 1017,   27,  139,  139,  362,  451,
- /*  1640 */   137,  137,  138,  138, 1014, 1014, 1016, 1017,   27, 1176,
- /*  1650 */   447,  568,  372,  288,  111,  560, 1018,    4,  392,  392,
- /*  1660 */   391,  273,  389,  568, 1137,  847,  568, 1072,  568,  258,
- /*  1670 */   492,  563,  568,  211,   75,   75,  555,  960,  234,  261,
- /*  1680 */   323,  111,  560,  927,    4,  113,   77,   77,  322,   74,
- /*  1690 */    74,   42,   42, 1369,  445,   48,   48, 1414,  563,  972,
- /*  1700 */   973, 1088, 1087, 1088, 1087,  860,  557,  150,  928, 1342,
- /*  1710 */   113, 1354,  554, 1419, 1018, 1271, 1262, 1250,  236, 1249,
- /*  1720 */  1251,  445, 1587, 1339,  308,  276,  168,  309,   11,  141,
- /*  1730 */   393,  310,  232,  557, 1401, 1024,  335,  291, 1396,  219,
- /*  1740 */   336,  109,  109,  934,  297, 1406,  235,  341,  477,  110,
- /*  1750 */   502,  445,  569,  445, 1389, 1405, 1014,  400, 1289,  365,
- /*  1760 */   223, 1480, 1024, 1479, 1351, 1352, 1350, 1349,  109,  109,
- /*  1770 */   204, 1590, 1228,  558,  265,  218,  110,  205,  445,  569,
- /*  1780 */   445,  410,  387, 1014, 1527,  179,  316,  559, 1014, 1014,
- /*  1790 */  1016, 1017,   27,  230, 1525, 1225,   79,  560,   85,    4,
- /*  1800 */   418,  215,  548,   81,   84,  188, 1402,  173,  181,  461,
- /*  1810 */   451,   35,  462,  563,  183, 1014, 1014, 1016, 1017,   27,
- /*  1820 */   184, 1485,  185,  186,  495,  242,   98,  398, 1408,   36,
- /*  1830 */  1407,  484,   91,  469,  401, 1410,  445,  192, 1474,  246,
- /*  1840 */  1496,  490,  346,  277,  248,  196,  493,  511,  557,  350,
- /*  1850 */  1252,  249,  250,  403, 1309, 1308,  111,  560,  432,    4,
- /*  1860 */  1307, 1300,   93, 1604,  881, 1603,  224,  404,  434,  520,
- /*  1870 */   263,  435, 1573,  563, 1279, 1278,  364, 1024,  306, 1277,
- /*  1880 */   264, 1602, 1559,  109,  109,  370, 1299,  307, 1558,  438,
- /*  1890 */   128,  110, 1374,  445,  569,  445,  445,  546, 1014,   10,
- /*  1900 */  1461,  105,  381, 1373,   34,  571,   99, 1332,  557,  314,
- /*  1910 */  1182,  530,  272,  274,  379,  210, 1331,  547,  385,  386,
- /*  1920 */   275,  572, 1247, 1242,  411,  412, 1512,  165,  178, 1513,
- /*  1930 */  1014, 1014, 1016, 1017,   27, 1511, 1510, 1024,   78,  147,
- /*  1940 */   166,  220,  221,  109,  109,  834,  304,  167,  446,  212,
- /*  1950 */   318,  110,  231,  445,  569,  445,  144, 1086, 1014, 1084,
- /*  1960 */   326,  180,  169, 1207,  182,  334,  238,  913,  241, 1100,
- /*  1970 */   187,  170,  171,  421,   87,   88,  423,  189,   89,   90,
- /*  1980 */   172, 1103,  243, 1099,  244,  158,   18,  245,  345,  247,
- /*  1990 */  1014, 1014, 1016, 1017,   27,  261, 1092,  193, 1222,  489,
- /*  2000 */   194,   37,  366,  849,  494,  251,  195,  506,   92,   19,
- /*  2010 */   498,  358,   20,  503,  879,  361,   94,  892,  305,  159,
- /*  2020 */   513,   39,   95, 1170,  160, 1053,  964, 1139,   96,  174,
- /*  2030 */  1138,  225,  280,  282,  198,  958,  113, 1160, 1156,  260,
- /*  2040 */    21,   22,   23, 1158, 1164, 1163, 1144,   24,   33,   25,
- /*  2050 */   202,  542,   26,  100, 1067,  102, 1054,  103,    7, 1052,
- /*  2060 */  1056, 1109, 1057, 1108,  266,  267,   28,   40,  390, 1019,
- /*  2070 */   861,  112,   29,  564, 1178, 1177,  268,  176,  143,  923,
- /*  2080 */  1238, 1238, 1238, 1238, 1238, 1238, 1238, 1238, 1238, 1238,
- /*  2090 */  1238, 1238, 1238, 1238,  269, 1595,
+ /*     0 */   572,  210,  572,  119,  116,  231,  572,  119,  116,  231,
+ /*    10 */   572, 1317,  379, 1296,  410,  566,  566,  566,  572,  411,
+ /*    20 */   380, 1317, 1279,   42,   42,   42,   42,  210, 1529,   72,
+ /*    30 */    72,  974,  421,   42,   42,  495,  305,  281,  305,  975,
+ /*    40 */   399,   72,   72,  126,  127,   81, 1217, 1217, 1054, 1057,
+ /*    50 */  1044, 1044,  124,  124,  125,  125,  125,  125,  480,  411,
+ /*    60 */  1244,    1,    1,  578,    2, 1248,  554,  119,  116,  231,
+ /*    70 */   319,  484,  147,  484,  528,  119,  116,  231,  533, 1330,
+ /*    80 */   419,  527,  143,  126,  127,   81, 1217, 1217, 1054, 1057,
+ /*    90 */  1044, 1044,  124,  124,  125,  125,  125,  125,  119,  116,
+ /*   100 */   231,  329,  123,  123,  123,  123,  122,  122,  121,  121,
+ /*   110 */   121,  120,  117,  448,  286,  286,  286,  286,  446,  446,
+ /*   120 */   446, 1568,  378, 1570, 1193,  377, 1164,  569, 1164,  569,
+ /*   130 */   411, 1568,  541,  261,  228,  448,  102,  146,  453,  318,
+ /*   140 */   563,  242,  123,  123,  123,  123,  122,  122,  121,  121,
+ /*   150 */   121,  120,  117,  448,  126,  127,   81, 1217, 1217, 1054,
+ /*   160 */  1057, 1044, 1044,  124,  124,  125,  125,  125,  125,  143,
+ /*   170 */   296, 1193,  341,  452,  121,  121,  121,  120,  117,  448,
+ /*   180 */   128, 1193, 1194, 1193,  149,  445,  444,  572,  120,  117,
+ /*   190 */   448,  125,  125,  125,  125,  118,  123,  123,  123,  123,
+ /*   200 */   122,  122,  121,  121,  121,  120,  117,  448,  458,  114,
+ /*   210 */    13,   13,  550,  123,  123,  123,  123,  122,  122,  121,
+ /*   220 */   121,  121,  120,  117,  448,  424,  318,  563, 1193, 1194,
+ /*   230 */  1193,  150, 1225,  411, 1225,  125,  125,  125,  125,  123,
+ /*   240 */   123,  123,  123,  122,  122,  121,  121,  121,  120,  117,
+ /*   250 */   448,  469,  344, 1041, 1041, 1055, 1058,  126,  127,   81,
+ /*   260 */  1217, 1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,
+ /*   270 */   125,  125, 1282,  526,  224, 1193,  572,  411,  226,  519,
+ /*   280 */   177,   83,   84,  123,  123,  123,  123,  122,  122,  121,
+ /*   290 */   121,  121,  120,  117,  448, 1010,   16,   16, 1193,  134,
+ /*   300 */   134,  126,  127,   81, 1217, 1217, 1054, 1057, 1044, 1044,
+ /*   310 */   124,  124,  125,  125,  125,  125,  123,  123,  123,  123,
+ /*   320 */   122,  122,  121,  121,  121,  120,  117,  448, 1045,  550,
+ /*   330 */  1193,  375, 1193, 1194, 1193,  254, 1438,  401,  508,  505,
+ /*   340 */   504,  112,  564,  570,    4,  929,  929,  435,  503,  342,
+ /*   350 */   464,  330,  362,  396, 1238, 1193, 1194, 1193,  567,  572,
+ /*   360 */   123,  123,  123,  123,  122,  122,  121,  121,  121,  120,
+ /*   370 */   117,  448,  286,  286,  371, 1581, 1607,  445,  444,  155,
+ /*   380 */   411,  449,   72,   72, 1289,  569, 1222, 1193, 1194, 1193,
+ /*   390 */    86, 1224,  273,  561,  547,  520,  520,  572,   99, 1223,
+ /*   400 */     6, 1281,  476,  143,  126,  127,   81, 1217, 1217, 1054,
+ /*   410 */  1057, 1044, 1044,  124,  124,  125,  125,  125,  125,  554,
+ /*   420 */    13,   13, 1031,  511, 1225, 1193, 1225,  553,  110,  110,
+ /*   430 */   224,  572, 1239,  177,  572,  429,  111,  199,  449,  573,
+ /*   440 */   449,  432, 1555, 1019,  327,  555, 1193,  272,  289,  370,
+ /*   450 */   514,  365,  513,  259,   72,   72,  547,   72,   72,  361,
+ /*   460 */   318,  563, 1613,  123,  123,  123,  123,  122,  122,  121,
+ /*   470 */   121,  121,  120,  117,  448, 1019, 1019, 1021, 1022,   28,
+ /*   480 */   286,  286, 1193, 1194, 1193, 1159,  572, 1612,  411,  904,
+ /*   490 */   192,  554,  358,  569,  554,  940,  537,  521, 1159,  437,
+ /*   500 */   415, 1159,  556, 1193, 1194, 1193,  572,  548,  548,   52,
+ /*   510 */    52,  216,  126,  127,   81, 1217, 1217, 1054, 1057, 1044,
+ /*   520 */  1044,  124,  124,  125,  125,  125,  125, 1193,  478,  136,
+ /*   530 */   136,  411,  286,  286, 1493,  509,  122,  122,  121,  121,
+ /*   540 */   121,  120,  117,  448, 1010,  569,  522,  219,  545,  545,
+ /*   550 */   318,  563,  143,    6,  536,  126,  127,   81, 1217, 1217,
+ /*   560 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
+ /*   570 */  1557,  123,  123,  123,  123,  122,  122,  121,  121,  121,
+ /*   580 */   120,  117,  448,  489, 1193, 1194, 1193,  486,  283, 1270,
+ /*   590 */   960,  254, 1193,  375,  508,  505,  504, 1193,  342,  574,
+ /*   600 */  1193,  574,  411,  294,  503,  960,  879,  193,  484,  318,
+ /*   610 */   563,  386,  292,  382,  123,  123,  123,  123,  122,  122,
+ /*   620 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
+ /*   630 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*   640 */   125,  411,  396, 1139, 1193,  872,  101,  286,  286, 1193,
+ /*   650 */  1194, 1193,  375, 1096, 1193, 1194, 1193, 1193, 1194, 1193,
+ /*   660 */   569,  459,   33,  375,  235,  126,  127,   81, 1217, 1217,
+ /*   670 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
+ /*   680 */  1437,  962,  572,  230,  961,  123,  123,  123,  123,  122,
+ /*   690 */   122,  121,  121,  121,  120,  117,  448, 1159,  230, 1193,
+ /*   700 */   158, 1193, 1194, 1193, 1556,   13,   13,  303,  960, 1233,
+ /*   710 */  1159,  154,  411, 1159,  375, 1584, 1177,    5,  371, 1581,
+ /*   720 */   431, 1239,    3,  960,  123,  123,  123,  123,  122,  122,
+ /*   730 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
+ /*   740 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*   750 */   125,  411,  210,  571, 1193, 1032, 1193, 1194, 1193, 1193,
+ /*   760 */   390,  855,  156, 1555,  376,  404, 1101, 1101,  492,  572,
+ /*   770 */   469,  344, 1322, 1322, 1555,  126,  127,   81, 1217, 1217,
+ /*   780 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
+ /*   790 */   130,  572,   13,   13,  532,  123,  123,  123,  123,  122,
+ /*   800 */   122,  121,  121,  121,  120,  117,  448,  304,  572,  457,
+ /*   810 */   229, 1193, 1194, 1193,   13,   13, 1193, 1194, 1193, 1300,
+ /*   820 */   467, 1270,  411, 1320, 1320, 1555, 1015,  457,  456,  436,
+ /*   830 */   301,   72,   72, 1268,  123,  123,  123,  123,  122,  122,
+ /*   840 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
+ /*   850 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*   860 */   125,  411,  384, 1076, 1159,  286,  286,  421,  314,  280,
+ /*   870 */   280,  287,  287,  461,  408,  407, 1539, 1159,  569,  572,
+ /*   880 */  1159, 1196,  569,  409,  569,  126,  127,   81, 1217, 1217,
+ /*   890 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
+ /*   900 */   457, 1485,   13,   13, 1541,  123,  123,  123,  123,  122,
+ /*   910 */   122,  121,  121,  121,  120,  117,  448,  202,  572,  462,
+ /*   920 */  1587,  578,    2, 1248,  843,  844,  845, 1563,  319,  409,
+ /*   930 */   147,    6,  411,  257,  256,  255,  208, 1330,    9, 1196,
+ /*   940 */   264,   72,   72, 1436,  123,  123,  123,  123,  122,  122,
+ /*   950 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
+ /*   960 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*   970 */   125,  572,  286,  286,  572, 1213,  411,  577,  315, 1248,
+ /*   980 */   421,  371, 1581,  356,  319,  569,  147,  495,  529, 1644,
+ /*   990 */   397,  935,  495, 1330,   71,   71,  934,   72,   72,  242,
+ /*  1000 */  1328,  105,   81, 1217, 1217, 1054, 1057, 1044, 1044,  124,
+ /*  1010 */   124,  125,  125,  125,  125,  123,  123,  123,  123,  122,
+ /*  1020 */   122,  121,  121,  121,  120,  117,  448, 1117,  286,  286,
+ /*  1030 */  1422,  452, 1528, 1213,  443,  286,  286, 1492, 1355,  313,
+ /*  1040 */   478,  569, 1118,  454,  351,  495,  354, 1266,  569,  209,
+ /*  1050 */   572,  418,  179,  572, 1031,  242,  385, 1119,  523,  123,
+ /*  1060 */   123,  123,  123,  122,  122,  121,  121,  121,  120,  117,
+ /*  1070 */   448, 1020,  108,   72,   72, 1019,   13,   13,  915,  572,
+ /*  1080 */  1498,  572,  286,  286,   98,  530, 1537,  452,  916, 1334,
+ /*  1090 */  1329,  203,  411,  286,  286,  569,  152,  211, 1498, 1500,
+ /*  1100 */   426,  569,   56,   56,   57,   57,  569, 1019, 1019, 1021,
+ /*  1110 */   447,  572,  411,  531,   12,  297,  126,  127,   81, 1217,
+ /*  1120 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*  1130 */   125,  572,  411,  867,   15,   15,  126,  127,   81, 1217,
+ /*  1140 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*  1150 */   125,  373,  529,  264,   44,   44,  126,  115,   81, 1217,
+ /*  1160 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*  1170 */   125, 1498,  478, 1271,  417,  123,  123,  123,  123,  122,
+ /*  1180 */   122,  121,  121,  121,  120,  117,  448,  205, 1213,  495,
+ /*  1190 */   430,  867,  468,  322,  495,  123,  123,  123,  123,  122,
+ /*  1200 */   122,  121,  121,  121,  120,  117,  448,  572,  557, 1140,
+ /*  1210 */  1642, 1422, 1642,  543,  572,  123,  123,  123,  123,  122,
+ /*  1220 */   122,  121,  121,  121,  120,  117,  448,  572, 1422,  572,
+ /*  1230 */    13,   13,  542,  323, 1325,  411,  334,   58,   58,  349,
+ /*  1240 */  1422, 1170,  326,  286,  286,  549, 1213,  300,  895,  530,
+ /*  1250 */    45,   45,   59,   59, 1140, 1643,  569, 1643,  565,  417,
+ /*  1260 */   127,   81, 1217, 1217, 1054, 1057, 1044, 1044,  124,  124,
+ /*  1270 */   125,  125,  125,  125, 1367,  373,  500,  290, 1193,  512,
+ /*  1280 */  1366,  427,  394,  394,  393,  275,  391,  896, 1138,  852,
+ /*  1290 */   478,  258, 1422, 1170,  463, 1159,   12,  331,  428,  333,
+ /*  1300 */  1117,  460,  236,  258,  325,  460,  544, 1544, 1159, 1098,
+ /*  1310 */   491, 1159,  324, 1098,  440, 1118,  335,  516,  123,  123,
+ /*  1320 */   123,  123,  122,  122,  121,  121,  121,  120,  117,  448,
+ /*  1330 */  1119,  318,  563, 1138,  572, 1193, 1194, 1193,  112,  564,
+ /*  1340 */   201,    4,  238,  433,  935,  490,  285,  228, 1517,  934,
+ /*  1350 */   170,  560,  572,  142, 1516,  567,  572,   60,   60,  572,
+ /*  1360 */   416,  572,  441,  572,  535,  302,  875,    8,  487,  572,
+ /*  1370 */   237,  572,  416,  572,  485,   61,   61,  572,  449,   62,
+ /*  1380 */    62,  332,   63,   63,   46,   46,   47,   47,  361,  572,
+ /*  1390 */   561,  572,   48,   48,   50,   50,   51,   51,  572,  295,
+ /*  1400 */    64,   64,  482,  295,  539,  412,  471, 1031,  572,  538,
+ /*  1410 */   318,  563,   65,   65,   66,   66,  409,  475,  572, 1031,
+ /*  1420 */   572,   14,   14,  875, 1020,  110,  110,  409, 1019,  572,
+ /*  1430 */   474,   67,   67,  111,  455,  449,  573,  449,   98,  317,
+ /*  1440 */  1019,  132,  132,  133,  133,  572, 1561,  572,  974,  409,
+ /*  1450 */     6, 1562,   68,   68, 1560,    6,  975,  572,    6, 1559,
+ /*  1460 */  1019, 1019, 1021,    6,  346,  218,  101,  531,   53,   53,
+ /*  1470 */    69,   69, 1019, 1019, 1021, 1022,   28, 1586, 1181,  451,
+ /*  1480 */    70,   70,  290,   87,  215,   31, 1363,  394,  394,  393,
+ /*  1490 */   275,  391,  350,  109,  852,  107,  572,  112,  564,  483,
+ /*  1500 */     4, 1212,  572,  239,  153,  572,   39,  236, 1299,  325,
+ /*  1510 */   112,  564, 1298,    4,  567,  572,   32,  324,  572,   54,
+ /*  1520 */    54,  572, 1135,  353,  398,  165,  165,  567,  166,  166,
+ /*  1530 */   572,  291,  355,  572,   17,  357,  572,  449,   77,   77,
+ /*  1540 */  1313,   55,   55, 1297,   73,   73,  572,  238,  470,  561,
+ /*  1550 */   449,  472,  364,  135,  135,  170,   74,   74,  142,  163,
+ /*  1560 */   163,  374,  561,  539,  572,  321,  572,  886,  540,  137,
+ /*  1570 */   137,  339, 1353,  422,  298,  237,  539,  572, 1031,  572,
+ /*  1580 */   340,  538,  101,  369,  110,  110,  162,  131,  131,  164,
+ /*  1590 */   164, 1031,  111,  368,  449,  573,  449,  110,  110, 1019,
+ /*  1600 */   157,  157,  141,  141,  572,  111,  572,  449,  573,  449,
+ /*  1610 */   412,  288, 1019,  572,  882,  318,  563,  572,  219,  572,
+ /*  1620 */   241, 1012,  477,  263,  263,  894,  893,  140,  140,  138,
+ /*  1630 */   138, 1019, 1019, 1021, 1022,   28,  139,  139,  525,  455,
+ /*  1640 */    76,   76,   78,   78, 1019, 1019, 1021, 1022,   28, 1181,
+ /*  1650 */   451,  572, 1083,  290,  112,  564, 1575,    4,  394,  394,
+ /*  1660 */   393,  275,  391,  572, 1023,  852,  572,  479,  345,  263,
+ /*  1670 */   101,  567,  882, 1376,   75,   75, 1421,  501,  236,  260,
+ /*  1680 */   325,  112,  564,  359,    4,  101,   43,   43,  324,   49,
+ /*  1690 */    49,  901,  902,  161,  449,  101,  977,  978,  567, 1079,
+ /*  1700 */  1349,  260,  965,  932,  263,  114,  561, 1095,  517, 1095,
+ /*  1710 */  1083, 1094,  865, 1094,  151,  933, 1144,  114,  238, 1361,
+ /*  1720 */   558,  449, 1023,  559, 1426, 1278,  170, 1269, 1257,  142,
+ /*  1730 */  1601, 1256, 1258,  561, 1594, 1031,  496,  278,  213, 1346,
+ /*  1740 */   310,  110,  110,  939,  311,  312,  237,   11,  234,  111,
+ /*  1750 */   221,  449,  573,  449,  293,  395, 1019, 1408,  337, 1403,
+ /*  1760 */  1396,  338, 1031,  299,  343, 1413, 1412,  481,  110,  110,
+ /*  1770 */   506,  402,  225, 1296,  206,  367,  111, 1358,  449,  573,
+ /*  1780 */   449,  412, 1359, 1019, 1489, 1488,  318,  563, 1019, 1019,
+ /*  1790 */  1021, 1022,   28,  562,  207,  220,   80,  564,  389,    4,
+ /*  1800 */  1597, 1357,  552, 1356, 1233,  181,  267,  232, 1536, 1534,
+ /*  1810 */   455, 1230,  420,  567,   82, 1019, 1019, 1021, 1022,   28,
+ /*  1820 */    86,  217,   85, 1494,  190,  175,  183,  465,  185,  466,
+ /*  1830 */    36, 1409,  186,  187,  188,  499,  449,  244,   37,   99,
+ /*  1840 */   400, 1415, 1414,  488, 1417,  194,  473,  403,  561, 1483,
+ /*  1850 */   248,   92, 1505,  494,  198,  279,  112,  564,  250,    4,
+ /*  1860 */   348,  497,  405,  352, 1259,  251,  252,  515, 1316,  434,
+ /*  1870 */  1315, 1314,   94,  567, 1307,  886, 1306, 1031,  226,  406,
+ /*  1880 */  1611, 1610,  438,  110,  110, 1580, 1286,  524,  439,  308,
+ /*  1890 */   266,  111, 1285,  449,  573,  449,  449,  309, 1019,  366,
+ /*  1900 */  1284, 1609,  265, 1566, 1565,  442,  372, 1381,  561,  129,
+ /*  1910 */   550, 1380,   10, 1470,  383,  106,  316,  551,  100,   35,
+ /*  1920 */   534,  575,  212, 1339,  381,  387, 1187, 1338,  274,  276,
+ /*  1930 */  1019, 1019, 1021, 1022,   28,  277,  413, 1031,  576, 1254,
+ /*  1940 */   388, 1521, 1249,  110,  110,  167, 1522,  168,  148, 1520,
+ /*  1950 */  1519,  111,  306,  449,  573,  449,  222,  223, 1019,  839,
+ /*  1960 */   169,   79,  450,  214,  414,  233,  320,  145, 1093, 1091,
+ /*  1970 */   328,  182,  171, 1212,  918,  184,  240,  336,  243, 1107,
+ /*  1980 */   189,  172,  173,  423,  425,   88,  180,  191,   89,   90,
+ /*  1990 */  1019, 1019, 1021, 1022,   28,   91,  174, 1110,  245, 1106,
+ /*  2000 */   246,  159,   18,  247,  347, 1099,  263,  195, 1227,  493,
+ /*  2010 */   249,  196,   38,  854,  498,  368,  253,  360,  897,  197,
+ /*  2020 */   502,   93,   19,   20,  507,  884,  363,  510,   95,  307,
+ /*  2030 */   160,   96,  518,   97, 1175, 1060, 1146,   40,   21,  227,
+ /*  2040 */   176, 1145,  282,  284,  969,  200,  963,  114,  262, 1165,
+ /*  2050 */    22,   23,   24, 1161, 1169,   25, 1163, 1150,   34,   26,
+ /*  2060 */  1168,  546,   27,  204,  101,  103,  104, 1074,    7, 1061,
+ /*  2070 */  1059, 1063, 1116, 1064, 1115,  268,  269,   29,   41,  270,
+ /*  2080 */  1024,  866,  113,   30,  568,  392, 1183,  144,  178, 1182,
+ /*  2090 */   271,  928, 1245, 1245, 1245, 1245, 1245, 1245, 1245, 1602,
 };
 static const YYCODETYPE yy_lookahead[] = {
  /*     0 */   193,  193,  193,  274,  275,  276,  193,  274,  275,  276,
@@ -168597,7 +171187,7 @@ static const YYCODETYPE yy_lookahead[] = {
  /*   730 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   740 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
  /*   750 */    57,   19,  193,  193,   59,   23,  116,  117,  118,   59,
- /*   760 */   201,   21,  241,  304,   22,  206,  127,  128,  129,  193,
+ /*   760 */   201,   21,  241,  304,  193,  206,  127,  128,  129,  193,
  /*   770 */   128,  129,  235,  236,  304,   43,   44,   45,   46,   47,
  /*   780 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
  /*   790 */    22,  193,  216,  217,  193,  102,  103,  104,  105,  106,
@@ -168608,129 +171198,129 @@ static const YYCODETYPE yy_lookahead[] = {
  /*   840 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   850 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
  /*   860 */    57,   19,  193,  123,   76,  239,  240,  193,  253,  239,
- /*   870 */   240,  239,  240,  193,  106,  107,  193,   89,  252,  193,
- /*   880 */    92,   59,  252,  141,  252,   43,   44,   45,   46,   47,
+ /*   870 */   240,  239,  240,  244,  106,  107,  193,   89,  252,  193,
+ /*   880 */    92,   59,  252,  254,  252,   43,   44,   45,   46,   47,
  /*   890 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
  /*   900 */   284,  161,  216,  217,  193,  102,  103,  104,  105,  106,
- /*   910 */   107,  108,  109,  110,  111,  112,  113,  231,  193,   16,
- /*   920 */   187,  188,  189,  190,    7,    8,    9,  309,  195,   25,
+ /*   910 */   107,  108,  109,  110,  111,  112,  113,  231,  193,  244,
+ /*   920 */   187,  188,  189,  190,    7,    8,    9,  309,  195,  254,
  /*   930 */   197,  313,   19,  127,  128,  129,  262,  204,   22,  117,
- /*   940 */    24,  216,  217,  263,  102,  103,  104,  105,  106,  107,
+ /*   940 */    24,  216,  217,  273,  102,  103,  104,  105,  106,  107,
  /*   950 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   960 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
  /*   970 */    57,  193,  239,  240,  193,   59,   19,  188,  253,  190,
- /*   980 */    77,  226,   79,  193,  195,  252,  197,  193,   19,  301,
- /*   990 */   302,  193,  193,  204,  216,  217,  226,  216,  217,  266,
+ /*   980 */   193,  311,  312,   16,  195,  252,  197,  193,   19,  301,
+ /*   990 */   302,  135,  193,  204,  216,  217,  140,  216,  217,  266,
  /*  1000 */   204,  159,   45,   46,   47,   48,   49,   50,   51,   52,
  /*  1010 */    53,   54,   55,   56,   57,  102,  103,  104,  105,  106,
  /*  1020 */   107,  108,  109,  110,  111,  112,  113,   12,  239,  240,
- /*  1030 */   232,  298,  238,  117,  253,  239,  240,  238,  259,  260,
- /*  1040 */   193,  252,   27,   31,  193,  193,  142,  204,  252,  193,
- /*  1050 */   193,   39,  262,  193,  100,  266,  278,   42,  204,  102,
+ /*  1030 */   193,  298,  238,  117,  253,  239,  240,  238,  259,  260,
+ /*  1040 */   193,  252,   27,  193,   77,  193,   79,  204,  252,  262,
+ /*  1050 */   193,  299,  300,  193,  100,  266,  278,   42,  204,  102,
  /*  1060 */   103,  104,  105,  106,  107,  108,  109,  110,  111,  112,
  /*  1070 */   113,  117,  159,  216,  217,  121,  216,  217,   63,  193,
- /*  1080 */   193,  193,  239,  240,  115,  116,  193,  298,   73,  238,
+ /*  1080 */   193,  193,  239,  240,  115,  116,  193,  298,   73,  240,
  /*  1090 */   238,  231,   19,  239,  240,  252,   22,   24,  211,  212,
- /*  1100 */    24,  193,  216,  217,  216,  217,  252,  153,  154,  155,
- /*  1110 */   253,   16,   19,  144,  213,  268,   43,   44,   45,   46,
+ /*  1100 */   263,  252,  216,  217,  216,  217,  252,  153,  154,  155,
+ /*  1110 */   253,  193,   19,  144,  213,  268,   43,   44,   45,   46,
  /*  1120 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*  1130 */    57,  238,   19,   59,  193,   59,   43,   44,   45,   46,
+ /*  1130 */    57,  193,   19,   59,  216,  217,   43,   44,   45,   46,
  /*  1140 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*  1150 */    57,   22,   23,  193,   25,  193,   43,   44,   45,   46,
+ /*  1150 */    57,  193,   19,   24,  216,  217,   43,   44,   45,   46,
  /*  1160 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*  1170 */    57,  284,   77,  193,   79,  102,  103,  104,  105,  106,
- /*  1180 */   107,  108,  109,  110,  111,  112,  113,  286,  193,  193,
- /*  1190 */   193,  117,  291,  117,  232,  102,  103,  104,  105,  106,
- /*  1200 */   107,  108,  109,  110,  111,  112,  113,  204,   22,   23,
- /*  1210 */    66,   25,  216,  217,   35,  102,  103,  104,  105,  106,
- /*  1220 */   107,  108,  109,  110,  111,  112,  113,  193,  268,   85,
- /*  1230 */   101,  193,  309,  309,  240,   19,  313,  313,   94,  208,
- /*  1240 */   209,  193,  239,  240,  193,   66,  252,   19,  268,  244,
- /*  1250 */   216,  217,  193,   74,  213,  252,  161,   19,  263,  254,
+ /*  1170 */    57,  284,  193,  208,  209,  102,  103,  104,  105,  106,
+ /*  1180 */   107,  108,  109,  110,  111,  112,  113,  286,   59,  193,
+ /*  1190 */   232,  117,  291,  193,  193,  102,  103,  104,  105,  106,
+ /*  1200 */   107,  108,  109,  110,  111,  112,  113,  193,  204,   22,
+ /*  1210 */    23,  193,   25,   66,  193,  102,  103,  104,  105,  106,
+ /*  1220 */   107,  108,  109,  110,  111,  112,  113,  193,  193,  193,
+ /*  1230 */   216,  217,   85,  193,  238,   19,   16,  216,  217,  238,
+ /*  1240 */   193,   94,  193,  239,  240,  231,  117,  268,   35,  116,
+ /*  1250 */   216,  217,  216,  217,   22,   23,  252,   25,  208,  209,
  /*  1260 */    44,   45,   46,   47,   48,   49,   50,   51,   52,   53,
- /*  1270 */    54,   55,   56,   57,  193,  216,  217,    5,   59,  193,
- /*  1280 */    19,  244,   10,   11,   12,   13,   14,  101,  309,   17,
- /*  1290 */   146,  254,  313,  193,  193,   76,  115,  216,  217,  309,
- /*  1300 */    12,  263,   30,  313,   32,   46,   87,   46,   89,  130,
- /*  1310 */   193,   92,   40,   22,  263,   27,  216,  217,  102,  103,
+ /*  1270 */    54,   55,   56,   57,  193,  193,   19,    5,   59,   66,
+ /*  1280 */   193,  263,   10,   11,   12,   13,   14,   74,  101,   17,
+ /*  1290 */   193,   46,  193,  146,  193,   76,  213,   77,  263,   79,
+ /*  1300 */    12,  260,   30,   46,   32,  264,   87,  193,   89,   29,
+ /*  1310 */   263,   92,   40,   33,  232,   27,  193,  108,  102,  103,
  /*  1320 */   104,  105,  106,  107,  108,  109,  110,  111,  112,  113,
- /*  1330 */    42,  150,  291,  216,  217,  116,  117,  118,   19,   20,
- /*  1340 */   193,   22,   70,  260,  116,  193,   24,  264,  193,  263,
- /*  1350 */    78,   63,   61,   81,  116,   36,  193,  260,  193,   29,
- /*  1360 */   193,  264,  193,   33,  145,  193,   59,   48,  216,  217,
- /*  1370 */    98,  216,  217,  193,  115,  193,  115,  193,   59,  216,
- /*  1380 */   217,  216,  217,  216,  217,  216,  217,  255,  216,  217,
- /*  1390 */    71,  193,  131,  193,   25,   65,  216,  217,  216,  217,
- /*  1400 */   216,  217,  208,  209,   85,  133,  193,  100,  193,   90,
- /*  1410 */   138,  139,  138,  139,  216,  217,  216,  217,  193,  100,
- /*  1420 */   193,  108,  135,  116,  117,  106,  107,  140,  121,  216,
- /*  1430 */   217,  216,  217,  114,  162,  116,  117,  118,  299,  300,
- /*  1440 */   121,  216,  217,  216,  217,  193,  244,  193,  135,  244,
- /*  1450 */   193,  256,  257,  140,  244,  193,  254,  193,  193,  254,
- /*  1460 */   153,  154,  155,  141,  254,  149,  150,  258,  216,  217,
+ /*  1330 */    42,  138,  139,  101,  193,  116,  117,  118,   19,   20,
+ /*  1340 */   255,   22,   70,  130,  135,   65,  256,  257,  193,  140,
+ /*  1350 */    78,   63,  193,   81,  193,   36,  193,  216,  217,  193,
+ /*  1360 */   115,  193,  263,  193,  145,  268,   59,   48,  193,  193,
+ /*  1370 */    98,  193,  115,  193,  291,  216,  217,  193,   59,  216,
+ /*  1380 */   217,  161,  216,  217,  216,  217,  216,  217,  131,  193,
+ /*  1390 */    71,  193,  216,  217,  216,  217,  216,  217,  193,  260,
+ /*  1400 */   216,  217,   19,  264,   85,  133,  244,  100,  193,   90,
+ /*  1410 */   138,  139,  216,  217,  216,  217,  254,  244,  193,  100,
+ /*  1420 */   193,  216,  217,  116,  117,  106,  107,  254,  121,  193,
+ /*  1430 */   115,  216,  217,  114,  162,  116,  117,  118,  115,  244,
+ /*  1440 */   121,  216,  217,  216,  217,  193,  309,  193,   31,  254,
+ /*  1450 */   313,  309,  216,  217,  309,  313,   39,  193,  313,  309,
+ /*  1460 */   153,  154,  155,  313,  193,  150,   25,  144,  216,  217,
  /*  1470 */   216,  217,  153,  154,  155,  156,  157,    0,    1,    2,
- /*  1480 */   216,  217,    5,  115,  158,  193,  160,   10,   11,   12,
- /*  1490 */    13,   14,  193,   59,   17,  126,  193,   19,   20,  129,
- /*  1500 */    22,  193,   22,   22,   24,  193,   23,   30,   25,   32,
- /*  1510 */    19,   20,  144,   22,   36,  216,  217,   40,  193,  216,
- /*  1520 */   217,  193,  152,  129,  216,  217,  193,   36,  216,  217,
- /*  1530 */   193,   99,  193,  193,   53,  193,  193,   59,   23,  193,
- /*  1540 */    25,  216,  217,  193,  216,  217,  152,   70,   59,   71,
- /*  1550 */    59,  117,  193,  216,  217,   78,  216,  217,   81,  216,
- /*  1560 */   217,  318,   71,   85,  193,  133,  193,  193,   90,   23,
- /*  1570 */    23,   25,   25,  120,  121,   98,   85,  193,  100,  193,
- /*  1580 */    23,   90,   25,  121,  106,  107,   19,  216,  217,  216,
+ /*  1480 */   216,  217,    5,  149,  150,   22,  193,   10,   11,   12,
+ /*  1490 */    13,   14,  193,  158,   17,  160,  193,   19,   20,  116,
+ /*  1500 */    22,   25,  193,   24,   22,  193,   24,   30,  226,   32,
+ /*  1510 */    19,   20,  226,   22,   36,  193,   53,   40,  193,  216,
+ /*  1520 */   217,  193,   23,  193,   25,  216,  217,   36,  216,  217,
+ /*  1530 */   193,   99,  193,  193,   22,  193,  193,   59,  216,  217,
+ /*  1540 */   193,  216,  217,  193,  216,  217,  193,   70,  129,   71,
+ /*  1550 */    59,  129,  193,  216,  217,   78,  216,  217,   81,  216,
+ /*  1560 */   217,  193,   71,   85,  193,  133,  193,  126,   90,  216,
+ /*  1570 */   217,  152,  258,   61,  152,   98,   85,  193,  100,  193,
+ /*  1580 */    23,   90,   25,  121,  106,  107,   23,  216,  217,  216,
  /*  1590 */   217,  100,  114,  131,  116,  117,  118,  106,  107,  121,
- /*  1600 */   216,  217,  216,  217,  193,  114,  117,  116,  117,  118,
- /*  1610 */   133,  193,  121,  193,  193,  138,  139,  193,   23,  193,
- /*  1620 */    25,   23,   23,   25,   25,    7,    8,  216,  217,  193,
- /*  1630 */   193,  153,  154,  155,  156,  157,  216,  217,  193,  162,
+ /*  1600 */   216,  217,  216,  217,  193,  114,  193,  116,  117,  118,
+ /*  1610 */   133,   22,  121,  193,   59,  138,  139,  193,  142,  193,
+ /*  1620 */   141,   23,   23,   25,   25,  120,  121,  216,  217,  216,
+ /*  1630 */   217,  153,  154,  155,  156,  157,  216,  217,   19,  162,
  /*  1640 */   216,  217,  216,  217,  153,  154,  155,  156,  157,    1,
- /*  1650 */     2,  193,  193,    5,   19,   20,   59,   22,   10,   11,
- /*  1660 */    12,   13,   14,  193,   97,   17,  193,   23,  193,   25,
- /*  1670 */   288,   36,  193,  242,  216,  217,  236,   23,   30,   25,
+ /*  1650 */     2,  193,   59,    5,   19,   20,  318,   22,   10,   11,
+ /*  1660 */    12,   13,   14,  193,   59,   17,  193,   23,   23,   25,
+ /*  1670 */    25,   36,  117,  193,  216,  217,  193,   23,   30,   25,
  /*  1680 */    32,   19,   20,   23,   22,   25,  216,  217,   40,  216,
- /*  1690 */   217,  216,  217,  193,   59,  216,  217,  193,   36,   83,
- /*  1700 */    84,  153,  153,  155,  155,   23,   71,   25,   23,  193,
- /*  1710 */    25,  193,  193,  193,  117,  193,  193,  193,   70,  193,
- /*  1720 */   193,   59,  193,  255,  255,  287,   78,  255,  243,   81,
- /*  1730 */   191,  255,  297,   71,  271,  100,  293,  245,  267,  214,
- /*  1740 */   246,  106,  107,  108,  246,  271,   98,  245,  293,  114,
- /*  1750 */   220,  116,  117,  118,  267,  271,  121,  271,  225,  219,
- /*  1760 */   229,  219,  100,  219,  259,  259,  259,  259,  106,  107,
- /*  1770 */   249,  196,   60,  280,  141,  243,  114,  249,  116,  117,
- /*  1780 */   118,  133,  245,  121,  200,  297,  138,  139,  153,  154,
- /*  1790 */   155,  156,  157,  297,  200,   38,   19,   20,  151,   22,
- /*  1800 */   200,  150,  140,  294,  294,   22,  272,   43,  234,   18,
- /*  1810 */   162,  270,  200,   36,  237,  153,  154,  155,  156,  157,
- /*  1820 */   237,  283,  237,  237,   18,  199,  149,  246,  272,  270,
- /*  1830 */   272,  200,  158,  246,  246,  234,   59,  234,  246,  199,
- /*  1840 */   290,   62,  289,  200,  199,   22,  221,  115,   71,  200,
- /*  1850 */   200,  199,  199,  221,  218,  218,   19,   20,   64,   22,
- /*  1860 */   218,  227,   22,  224,  126,  224,  165,  221,   24,  305,
- /*  1870 */   200,  113,  312,   36,  218,  220,  218,  100,  282,  218,
- /*  1880 */    91,  218,  317,  106,  107,  221,  227,  282,  317,   82,
- /*  1890 */   148,  114,  265,  116,  117,  118,   59,  145,  121,   22,
- /*  1900 */   277,  158,  200,  265,   25,  202,  147,  250,   71,  279,
- /*  1910 */    13,  146,  194,  194,  249,  248,  250,  140,  247,  246,
- /*  1920 */     6,  192,  192,  192,  303,  303,  213,  207,  300,  213,
- /*  1930 */   153,  154,  155,  156,  157,  213,  213,  100,  213,  222,
- /*  1940 */   207,  214,  214,  106,  107,    4,  222,  207,    3,   22,
- /*  1950 */   163,  114,   15,  116,  117,  118,   16,   23,  121,   23,
- /*  1960 */   139,  151,  130,   25,  142,   16,   24,   20,  144,    1,
- /*  1970 */   142,  130,  130,   61,   53,   53,   37,  151,   53,   53,
- /*  1980 */   130,  116,   34,    1,  141,    5,   22,  115,  161,  141,
- /*  1990 */   153,  154,  155,  156,  157,   25,   68,   68,   75,   41,
- /*  2000 */   115,   24,  131,   20,   19,  125,   22,   96,   22,   22,
- /*  2010 */    67,   23,   22,   67,   59,   24,   22,   28,   67,   23,
- /*  2020 */    22,   22,  149,   23,   23,   23,  116,   23,   25,   37,
- /*  2030 */    97,  141,   23,   23,   22,  143,   25,   75,   88,   34,
- /*  2040 */    34,   34,   34,   86,   75,   93,   23,   34,   22,   34,
- /*  2050 */    25,   24,   34,   25,   23,  142,   23,  142,   44,   23,
- /*  2060 */    23,   23,   11,   23,   25,   22,   22,   22,   15,   23,
- /*  2070 */    23,   22,   22,   25,    1,    1,  141,   25,   23,  135,
- /*  2080 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2090 */   319,  319,  319,  319,  141,  141,  319,  319,  319,  319,
+ /*  1690 */   217,    7,    8,   23,   59,   25,   83,   84,   36,   23,
+ /*  1700 */   193,   25,   23,   23,   25,   25,   71,  153,  145,  155,
+ /*  1710 */   117,  153,   23,  155,   25,   23,   97,   25,   70,  193,
+ /*  1720 */   193,   59,  117,  236,  193,  193,   78,  193,  193,   81,
+ /*  1730 */   141,  193,  193,   71,  193,  100,  288,  287,  242,  255,
+ /*  1740 */   255,  106,  107,  108,  255,  255,   98,  243,  297,  114,
+ /*  1750 */   214,  116,  117,  118,  245,  191,  121,  271,  293,  267,
+ /*  1760 */   267,  246,  100,  246,  245,  271,  271,  293,  106,  107,
+ /*  1770 */   220,  271,  229,  225,  249,  219,  114,  259,  116,  117,
+ /*  1780 */   118,  133,  259,  121,  219,  219,  138,  139,  153,  154,
+ /*  1790 */   155,  156,  157,  280,  249,  243,   19,   20,  245,   22,
+ /*  1800 */   196,  259,  140,  259,   60,  297,  141,  297,  200,  200,
+ /*  1810 */   162,   38,  200,   36,  294,  153,  154,  155,  156,  157,
+ /*  1820 */   151,  150,  294,  283,   22,   43,  234,   18,  237,  200,
+ /*  1830 */   270,  272,  237,  237,  237,   18,   59,  199,  270,  149,
+ /*  1840 */   246,  272,  272,  200,  234,  234,  246,  246,   71,  246,
+ /*  1850 */   199,  158,  290,   62,   22,  200,   19,   20,  199,   22,
+ /*  1860 */   289,  221,  221,  200,  200,  199,  199,  115,  218,   64,
+ /*  1870 */   218,  218,   22,   36,  227,  126,  227,  100,  165,  221,
+ /*  1880 */   224,  224,   24,  106,  107,  312,  218,  305,  113,  282,
+ /*  1890 */    91,  114,  220,  116,  117,  118,   59,  282,  121,  218,
+ /*  1900 */   218,  218,  200,  317,  317,   82,  221,  265,   71,  148,
+ /*  1910 */   145,  265,   22,  277,  200,  158,  279,  140,  147,   25,
+ /*  1920 */   146,  202,  248,  250,  249,  247,   13,  250,  194,  194,
+ /*  1930 */   153,  154,  155,  156,  157,    6,  303,  100,  192,  192,
+ /*  1940 */   246,  213,  192,  106,  107,  207,  213,  207,  222,  213,
+ /*  1950 */   213,  114,  222,  116,  117,  118,  214,  214,  121,    4,
+ /*  1960 */   207,  213,    3,   22,  303,   15,  163,   16,   23,   23,
+ /*  1970 */   139,  151,  130,   25,   20,  142,   24,   16,  144,    1,
+ /*  1980 */   142,  130,  130,   61,   37,   53,  300,  151,   53,   53,
+ /*  1990 */   153,  154,  155,  156,  157,   53,  130,  116,   34,    1,
+ /*  2000 */   141,    5,   22,  115,  161,   68,   25,   68,   75,   41,
+ /*  2010 */   141,  115,   24,   20,   19,  131,  125,   23,   28,   22,
+ /*  2020 */    67,   22,   22,   22,   67,   59,   24,   96,   22,   67,
+ /*  2030 */    23,  149,   22,   25,   23,   23,   23,   22,   34,  141,
+ /*  2040 */    37,   97,   23,   23,  116,   22,  143,   25,   34,   75,
+ /*  2050 */    34,   34,   34,   88,   75,   34,   86,   23,   22,   34,
+ /*  2060 */    93,   24,   34,   25,   25,  142,  142,   23,   44,   23,
+ /*  2070 */    23,   23,   23,   11,   23,   25,   22,   22,   22,  141,
+ /*  2080 */    23,   23,   22,   22,   25,   15,    1,   23,   25,    1,
+ /*  2090 */   141,  135,  319,  319,  319,  319,  319,  319,  319,  141,
  /*  2100 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
  /*  2110 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
  /*  2120 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
@@ -168749,176 +171339,177 @@ static const YYCODETYPE yy_lookahead[] = {
  /*  2250 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
  /*  2260 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
  /*  2270 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2280 */   319,
+ /*  2280 */   319,  319,  319,  319,  319,
 };
-#define YY_SHIFT_COUNT    (574)
+#define YY_SHIFT_COUNT    (578)
 #define YY_SHIFT_MIN      (0)
-#define YY_SHIFT_MAX      (2074)
+#define YY_SHIFT_MAX      (2088)
 static const unsigned short int yy_shift_ofst[] = {
  /*     0 */  1648, 1477, 1272,  322,  322,    1, 1319, 1478, 1491, 1837,
  /*    10 */  1837, 1837,  471,    0,    0,  214, 1093, 1837, 1837, 1837,
  /*    20 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
- /*    30 */   271,  271, 1219, 1219,  216,   88,    1,    1,    1,    1,
- /*    40 */     1,   40,  111,  258,  361,  469,  512,  583,  622,  693,
- /*    50 */   732,  803,  842,  913, 1073, 1093, 1093, 1093, 1093, 1093,
+ /*    30 */  1837,  271,  271, 1219, 1219,  216,   88,    1,    1,    1,
+ /*    40 */     1,    1,   40,  111,  258,  361,  469,  512,  583,  622,
+ /*    50 */   693,  732,  803,  842,  913, 1073, 1093, 1093, 1093, 1093,
  /*    60 */  1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093,
- /*    70 */  1093, 1093, 1093, 1113, 1093, 1216,  957,  957, 1635, 1662,
- /*    80 */  1777, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
+ /*    70 */  1093, 1093, 1093, 1093, 1113, 1093, 1216,  957,  957, 1635,
+ /*    80 */  1662, 1777, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
  /*    90 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
  /*   100 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
  /*   110 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
  /*   120 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
- /*   130 */   137,  181,  181,  181,  181,  181,  181,  181,   94,  430,
- /*   140 */    66,   65,  112,  366,  533,  533,  740, 1261,  533,  533,
- /*   150 */    79,   79,  533,  412,  412,  412,   77,  412,  123,  113,
- /*   160 */   113,   22,   22, 2096, 2096,  328,  328,  328,  239,  468,
- /*   170 */   468,  468,  468, 1015, 1015,  409,  366, 1129, 1186,  533,
- /*   180 */   533,  533,  533,  533,  533,  533,  533,  533,  533,  533,
- /*   190 */   533,  533,  533,  533,  533,  533,  533,  533,  533,  969,
- /*   200 */   621,  621,  533,  642,  788,  788, 1228, 1228,  822,  822,
- /*   210 */    67, 1274, 2096, 2096, 2096, 2096, 2096, 2096, 2096, 1307,
- /*   220 */   954,  954,  585,  472,  640,  387,  695,  538,  541,  700,
- /*   230 */   533,  533,  533,  533,  533,  533,  533,  533,  533,  533,
- /*   240 */   222,  533,  533,  533,  533,  533,  533,  533,  533,  533,
- /*   250 */   533,  533,  533, 1179, 1179, 1179,  533,  533,  533,  565,
- /*   260 */   533,  533,  533,  916, 1144,  533,  533, 1288,  533,  533,
- /*   270 */   533,  533,  533,  533,  533,  533,  639, 1330,  209, 1076,
- /*   280 */  1076, 1076, 1076,  580,  209,  209, 1313,  768,  917,  649,
- /*   290 */  1181, 1316,  405, 1316, 1238,  249, 1181, 1181,  249, 1181,
- /*   300 */   405, 1238, 1369,  464, 1259, 1012, 1012, 1012, 1368, 1368,
- /*   310 */  1368, 1368,  184,  184, 1326,  904, 1287, 1480, 1712, 1712,
- /*   320 */  1633, 1633, 1757, 1757, 1633, 1647, 1651, 1783, 1764, 1791,
- /*   330 */  1791, 1791, 1791, 1633, 1806, 1677, 1651, 1651, 1677, 1783,
- /*   340 */  1764, 1677, 1764, 1677, 1633, 1806, 1674, 1779, 1633, 1806,
- /*   350 */  1823, 1633, 1806, 1633, 1806, 1823, 1732, 1732, 1732, 1794,
- /*   360 */  1840, 1840, 1823, 1732, 1738, 1732, 1794, 1732, 1732, 1701,
- /*   370 */  1844, 1758, 1758, 1823, 1633, 1789, 1789, 1807, 1807, 1742,
- /*   380 */  1752, 1877, 1633, 1743, 1742, 1759, 1765, 1677, 1879, 1897,
- /*   390 */  1897, 1914, 1914, 1914, 2096, 2096, 2096, 2096, 2096, 2096,
- /*   400 */  2096, 2096, 2096, 2096, 2096, 2096, 2096, 2096, 2096,  207,
- /*   410 */  1095,  331,  620,  903,  806, 1074, 1483, 1432, 1481, 1322,
- /*   420 */  1370, 1394, 1515, 1291, 1546, 1547, 1557, 1595, 1598, 1599,
- /*   430 */  1434, 1453, 1618, 1462, 1567, 1489, 1644, 1654, 1616, 1660,
- /*   440 */  1548, 1549, 1682, 1685, 1597,  742, 1941, 1945, 1927, 1787,
- /*   450 */  1937, 1940, 1934, 1936, 1821, 1810, 1832, 1938, 1938, 1942,
- /*   460 */  1822, 1947, 1824, 1949, 1968, 1828, 1841, 1938, 1842, 1912,
- /*   470 */  1939, 1938, 1826, 1921, 1922, 1925, 1926, 1850, 1865, 1948,
- /*   480 */  1843, 1982, 1980, 1964, 1872, 1827, 1928, 1970, 1929, 1923,
- /*   490 */  1958, 1848, 1885, 1977, 1983, 1985, 1871, 1880, 1984, 1943,
- /*   500 */  1986, 1987, 1988, 1990, 1946, 1955, 1991, 1911, 1989, 1994,
- /*   510 */  1951, 1992, 1996, 1873, 1998, 2000, 2001, 2002, 2003, 2004,
- /*   520 */  1999, 1933, 1890, 2009, 2010, 1910, 2005, 2012, 1892, 2011,
- /*   530 */  2006, 2007, 2008, 2013, 1950, 1962, 1957, 2014, 1969, 1952,
- /*   540 */  2015, 2023, 2026, 2027, 2025, 2028, 2018, 1913, 1915, 2031,
- /*   550 */  2011, 2033, 2036, 2037, 2038, 2039, 2040, 2043, 2051, 2044,
- /*   560 */  2045, 2046, 2047, 2049, 2050, 2048, 1944, 1935, 1953, 1954,
- /*   570 */  2052, 2055, 2053, 2073, 2074,
+ /*   130 */  1837,  137,  181,  181,  181,  181,  181,  181,  181,   94,
+ /*   140 */   430,   66,   65,  112,  366,  533,  533,  740, 1257,  533,
+ /*   150 */   533,   79,   79,  533,  412,  412,  412,   77,  412,  123,
+ /*   160 */   113,  113,  113,   22,   22, 2100, 2100,  328,  328,  328,
+ /*   170 */   239,  468,  468,  468,  468, 1015, 1015,  409,  366, 1187,
+ /*   180 */  1232,  533,  533,  533,  533,  533,  533,  533,  533,  533,
+ /*   190 */   533,  533,  533,  533,  533,  533,  533,  533,  533,  533,
+ /*   200 */   533,  969,  621,  621,  533,  642,  788,  788, 1133, 1133,
+ /*   210 */   822,  822,   67, 1193, 2100, 2100, 2100, 2100, 2100, 2100,
+ /*   220 */  2100, 1307,  954,  954,  585,  472,  640,  387,  695,  538,
+ /*   230 */   541,  700,  533,  533,  533,  533,  533,  533,  533,  533,
+ /*   240 */   533,  533,  222,  533,  533,  533,  533,  533,  533,  533,
+ /*   250 */   533,  533,  533,  533,  533, 1213, 1213, 1213,  533,  533,
+ /*   260 */   533,  565,  533,  533,  533,  916, 1147,  533,  533, 1288,
+ /*   270 */   533,  533,  533,  533,  533,  533,  533,  533,  639, 1280,
+ /*   280 */   209, 1129, 1129, 1129, 1129,  580,  209,  209, 1209,  768,
+ /*   290 */   917,  649, 1315, 1334,  405, 1334, 1383,  249, 1315, 1315,
+ /*   300 */   249, 1315,  405, 1383, 1441,  464, 1245, 1417, 1417, 1417,
+ /*   310 */  1323, 1323, 1323, 1323,  184,  184, 1335, 1476,  856, 1482,
+ /*   320 */  1744, 1744, 1665, 1665, 1773, 1773, 1665, 1669, 1671, 1802,
+ /*   330 */  1782, 1809, 1809, 1809, 1809, 1665, 1817, 1690, 1671, 1671,
+ /*   340 */  1690, 1802, 1782, 1690, 1782, 1690, 1665, 1817, 1693, 1791,
+ /*   350 */  1665, 1817, 1832, 1665, 1817, 1665, 1817, 1832, 1752, 1752,
+ /*   360 */  1752, 1805, 1850, 1850, 1832, 1752, 1749, 1752, 1805, 1752,
+ /*   370 */  1752, 1713, 1858, 1775, 1775, 1832, 1665, 1799, 1799, 1823,
+ /*   380 */  1823, 1761, 1765, 1890, 1665, 1757, 1761, 1771, 1774, 1690,
+ /*   390 */  1894, 1913, 1913, 1929, 1929, 1929, 2100, 2100, 2100, 2100,
+ /*   400 */  2100, 2100, 2100, 2100, 2100, 2100, 2100, 2100, 2100, 2100,
+ /*   410 */  2100,  207, 1220,  331,  620,  967,  806, 1074, 1499, 1432,
+ /*   420 */  1463, 1479, 1419, 1422, 1557, 1512, 1598, 1599, 1644, 1645,
+ /*   430 */  1654, 1660, 1555, 1505, 1684, 1462, 1670, 1563, 1619, 1593,
+ /*   440 */  1676, 1679, 1613, 1680, 1554, 1558, 1689, 1692, 1605, 1589,
+ /*   450 */  1955, 1959, 1941, 1803, 1950, 1951, 1945, 1946, 1831, 1820,
+ /*   460 */  1842, 1948, 1948, 1952, 1833, 1954, 1834, 1961, 1978, 1838,
+ /*   470 */  1851, 1948, 1852, 1922, 1947, 1948, 1836, 1932, 1935, 1936,
+ /*   480 */  1942, 1866, 1881, 1964, 1859, 1998, 1996, 1980, 1888, 1843,
+ /*   490 */  1937, 1981, 1939, 1933, 1968, 1869, 1896, 1988, 1993, 1995,
+ /*   500 */  1884, 1891, 1997, 1953, 1999, 2000, 1994, 2001, 1957, 1966,
+ /*   510 */  2002, 1931, 1990, 2006, 1962, 2003, 2007, 2004, 1882, 2010,
+ /*   520 */  2011, 2012, 2008, 2013, 2015, 1944, 1898, 2019, 2020, 1928,
+ /*   530 */  2014, 2023, 1903, 2022, 2016, 2017, 2018, 2021, 1965, 1974,
+ /*   540 */  1970, 2024, 1979, 1967, 2025, 2034, 2036, 2037, 2038, 2039,
+ /*   550 */  2028, 1923, 1924, 2044, 2022, 2046, 2047, 2048, 2049, 2050,
+ /*   560 */  2051, 2054, 2062, 2055, 2056, 2057, 2058, 2060, 2061, 2059,
+ /*   570 */  1956, 1938, 1949, 1958, 2063, 2064, 2070, 2085, 2088,
 };
-#define YY_REDUCE_COUNT (408)
+#define YY_REDUCE_COUNT (410)
 #define YY_REDUCE_MIN   (-271)
-#define YY_REDUCE_MAX   (1740)
+#define YY_REDUCE_MAX   (1753)
 static const short yy_reduce_ofst[] = {
  /*     0 */  -125,  733,  789,  241,  293, -123, -193, -191, -183, -187,
  /*    10 */   166,  238,  133, -207, -199, -267, -176,   -6,  204,  489,
- /*    20 */   576, -175,  598,  686,  615,  725,  860,  778,  781,  857,
- /*    30 */   616,  887,   87,  240, -192,  408,  626,  796,  843,  854,
- /*    40 */  1003, -271, -271, -271, -271, -271, -271, -271, -271, -271,
+ /*    20 */   576,  598, -175,  686,  860,  615,  725, 1014,  778,  781,
+ /*    30 */   857,  616,  887,   87,  240, -192,  408,  626,  796,  843,
+ /*    40 */   854, 1004, -271, -271, -271, -271, -271, -271, -271, -271,
  /*    50 */  -271, -271, -271, -271, -271, -271, -271, -271, -271, -271,
  /*    60 */  -271, -271, -271, -271, -271, -271, -271, -271, -271, -271,
- /*    70 */  -271, -271, -271, -271, -271, -271, -271, -271,   80,   83,
- /*    80 */   313,  886,  888,  996, 1034, 1059, 1081, 1100, 1117, 1152,
- /*    90 */  1155, 1163, 1165, 1167, 1169, 1172, 1180, 1182, 1184, 1198,
- /*   100 */  1200, 1213, 1215, 1225, 1227, 1252, 1254, 1264, 1299, 1303,
- /*   110 */  1308, 1312, 1325, 1328, 1337, 1340, 1343, 1371, 1373, 1384,
- /*   120 */  1386, 1411, 1420, 1424, 1426, 1458, 1470, 1473, 1475, 1479,
- /*   130 */  -271, -271, -271, -271, -271, -271, -271, -271, -271, -271,
- /*   140 */  -271,  138,  459,  396, -158,  470,  302, -212,  521,  201,
- /*   150 */  -195,  -92,  559,  630,  632,  630, -271,  632,  901,   63,
- /*   160 */   407, -271, -271, -271, -271,  161,  161,  161,  251,  335,
- /*   170 */   847,  960,  980,  537,  588,  618,  628,  688,  688, -166,
- /*   180 */  -161,  674,  790,  794,  799,  851,  852, -122,  680, -120,
- /*   190 */   995, 1038,  415, 1051,  893,  798,  962,  400, 1086,  779,
- /*   200 */   923,  924,  263, 1041,  979,  990, 1083, 1097, 1031, 1194,
- /*   210 */   362,  994, 1139, 1005, 1037, 1202, 1205, 1195, 1210, -194,
- /*   220 */    56,  185, -135,  232,  522,  560,  601,  617,  669,  683,
- /*   230 */   711,  856,  908,  941, 1048, 1101, 1147, 1257, 1262, 1265,
- /*   240 */   392, 1292, 1333, 1339, 1342, 1346, 1350, 1359, 1374, 1418,
- /*   250 */  1421, 1436, 1437,  593,  755,  770,  997, 1445, 1459, 1209,
- /*   260 */  1500, 1504, 1516, 1132, 1243, 1518, 1519, 1440, 1520,  560,
- /*   270 */  1522, 1523, 1524, 1526, 1527, 1529, 1382, 1438, 1431, 1468,
- /*   280 */  1469, 1472, 1476, 1209, 1431, 1431, 1485, 1525, 1539, 1435,
- /*   290 */  1463, 1471, 1492, 1487, 1443, 1494, 1474, 1484, 1498, 1486,
- /*   300 */  1502, 1455, 1530, 1531, 1533, 1540, 1542, 1544, 1505, 1506,
- /*   310 */  1507, 1508, 1521, 1528, 1493, 1537, 1532, 1575, 1488, 1496,
- /*   320 */  1584, 1594, 1509, 1510, 1600, 1538, 1534, 1541, 1574, 1577,
- /*   330 */  1583, 1585, 1586, 1612, 1626, 1581, 1556, 1558, 1587, 1559,
- /*   340 */  1601, 1588, 1603, 1592, 1631, 1640, 1550, 1553, 1643, 1645,
- /*   350 */  1625, 1649, 1652, 1650, 1653, 1632, 1636, 1637, 1642, 1634,
- /*   360 */  1639, 1641, 1646, 1656, 1655, 1658, 1659, 1661, 1663, 1560,
- /*   370 */  1564, 1596, 1605, 1664, 1670, 1565, 1571, 1627, 1638, 1657,
- /*   380 */  1665, 1623, 1702, 1630, 1666, 1667, 1671, 1673, 1703, 1718,
- /*   390 */  1719, 1729, 1730, 1731, 1621, 1622, 1628, 1720, 1713, 1716,
- /*   400 */  1722, 1723, 1733, 1717, 1724, 1727, 1728, 1725, 1740,
+ /*    70 */  -271, -271, -271, -271, -271, -271, -271, -271, -271,   80,
+ /*    80 */    83,  313,  886,  888,  918,  938, 1021, 1034, 1036, 1141,
+ /*    90 */  1159, 1163, 1166, 1168, 1170, 1176, 1178, 1180, 1184, 1196,
+ /*   100 */  1198, 1205, 1215, 1225, 1227, 1236, 1252, 1254, 1264, 1303,
+ /*   110 */  1309, 1312, 1322, 1325, 1328, 1337, 1340, 1343, 1353, 1371,
+ /*   120 */  1373, 1384, 1386, 1411, 1413, 1420, 1424, 1426, 1458, 1470,
+ /*   130 */  1473, -271, -271, -271, -271, -271, -271, -271, -271, -271,
+ /*   140 */  -271, -271,  138,  459,  396, -158,  470,  302, -212,  521,
+ /*   150 */   201, -195,  -92,  559,  630,  632,  630, -271,  632,  901,
+ /*   160 */    63,  407,  670, -271, -271, -271, -271,  161,  161,  161,
+ /*   170 */   251,  335,  847,  979, 1097,  537,  588,  618,  628,  688,
+ /*   180 */   688, -166, -161,  674,  787,  794,  799,  852,  996, -122,
+ /*   190 */   837, -120, 1018, 1035,  415, 1047, 1001,  958, 1082,  400,
+ /*   200 */  1099,  779, 1137, 1142,  263, 1083, 1145, 1150, 1041, 1139,
+ /*   210 */   965, 1050,  362,  849,  752,  629,  675, 1162, 1173, 1090,
+ /*   220 */  1195, -194,   56,  185, -135,  232,  522,  560,  571,  601,
+ /*   230 */   617,  669,  683,  711,  850,  893, 1000, 1040, 1049, 1081,
+ /*   240 */  1087, 1101,  392, 1114, 1123, 1155, 1161, 1175, 1271, 1293,
+ /*   250 */  1299, 1330, 1339, 1342, 1347,  593, 1282, 1286, 1350, 1359,
+ /*   260 */  1368, 1314, 1480, 1483, 1507, 1085, 1338, 1526, 1527, 1487,
+ /*   270 */  1531,  560, 1532, 1534, 1535, 1538, 1539, 1541, 1448, 1450,
+ /*   280 */  1496, 1484, 1485, 1489, 1490, 1314, 1496, 1496, 1504, 1536,
+ /*   290 */  1564, 1451, 1486, 1492, 1509, 1493, 1465, 1515, 1494, 1495,
+ /*   300 */  1517, 1500, 1519, 1474, 1550, 1543, 1548, 1556, 1565, 1566,
+ /*   310 */  1518, 1523, 1542, 1544, 1525, 1545, 1513, 1553, 1552, 1604,
+ /*   320 */  1508, 1510, 1608, 1609, 1520, 1528, 1612, 1540, 1559, 1560,
+ /*   330 */  1592, 1591, 1595, 1596, 1597, 1629, 1638, 1594, 1569, 1570,
+ /*   340 */  1600, 1568, 1610, 1601, 1611, 1603, 1643, 1651, 1562, 1571,
+ /*   350 */  1655, 1659, 1640, 1663, 1666, 1664, 1667, 1641, 1650, 1652,
+ /*   360 */  1653, 1647, 1656, 1657, 1658, 1668, 1672, 1681, 1649, 1682,
+ /*   370 */  1683, 1573, 1582, 1607, 1615, 1685, 1702, 1586, 1587, 1642,
+ /*   380 */  1646, 1673, 1675, 1636, 1714, 1637, 1677, 1674, 1678, 1694,
+ /*   390 */  1719, 1734, 1735, 1746, 1747, 1750, 1633, 1661, 1686, 1738,
+ /*   400 */  1728, 1733, 1736, 1737, 1740, 1726, 1730, 1742, 1743, 1748,
+ /*   410 */  1753,
 };
 static const YYACTIONTYPE yy_default[] = {
- /*     0 */  1641, 1641, 1641, 1469, 1236, 1347, 1236, 1236, 1236, 1469,
- /*    10 */  1469, 1469, 1236, 1377, 1377, 1522, 1269, 1236, 1236, 1236,
- /*    20 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1468, 1236, 1236,
- /*    30 */  1236, 1236, 1557, 1557, 1236, 1236, 1236, 1236, 1236, 1236,
- /*    40 */  1236, 1236, 1386, 1236, 1393, 1236, 1236, 1236, 1236, 1236,
- /*    50 */  1470, 1471, 1236, 1236, 1236, 1521, 1523, 1486, 1400, 1399,
- /*    60 */  1398, 1397, 1504, 1365, 1391, 1384, 1388, 1465, 1466, 1464,
- /*    70 */  1619, 1471, 1470, 1236, 1387, 1433, 1449, 1432, 1236, 1236,
- /*    80 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*    90 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   100 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   110 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   120 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   130 */  1441, 1448, 1447, 1446, 1455, 1445, 1442, 1435, 1434, 1436,
- /*   140 */  1437, 1236, 1236, 1260, 1236, 1236, 1257, 1311, 1236, 1236,
- /*   150 */  1236, 1236, 1236, 1541, 1540, 1236, 1438, 1236, 1269, 1427,
- /*   160 */  1426, 1452, 1439, 1451, 1450, 1529, 1593, 1592, 1487, 1236,
- /*   170 */  1236, 1236, 1236, 1236, 1236, 1557, 1236, 1236, 1236, 1236,
- /*   180 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   190 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1367,
- /*   200 */  1557, 1557, 1236, 1269, 1557, 1557, 1368, 1368, 1265, 1265,
- /*   210 */  1371, 1236, 1536, 1338, 1338, 1338, 1338, 1347, 1338, 1236,
- /*   220 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   230 */  1236, 1236, 1236, 1236, 1526, 1524, 1236, 1236, 1236, 1236,
- /*   240 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   250 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   260 */  1236, 1236, 1236, 1343, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   270 */  1236, 1236, 1236, 1236, 1236, 1586, 1236, 1499, 1325, 1343,
- /*   280 */  1343, 1343, 1343, 1345, 1326, 1324, 1337, 1270, 1243, 1633,
- /*   290 */  1403, 1392, 1344, 1392, 1630, 1390, 1403, 1403, 1390, 1403,
- /*   300 */  1344, 1630, 1286, 1608, 1281, 1377, 1377, 1377, 1367, 1367,
- /*   310 */  1367, 1367, 1371, 1371, 1467, 1344, 1337, 1236, 1633, 1633,
- /*   320 */  1353, 1353, 1632, 1632, 1353, 1487, 1616, 1412, 1314, 1320,
- /*   330 */  1320, 1320, 1320, 1353, 1254, 1390, 1616, 1616, 1390, 1412,
- /*   340 */  1314, 1390, 1314, 1390, 1353, 1254, 1503, 1627, 1353, 1254,
- /*   350 */  1477, 1353, 1254, 1353, 1254, 1477, 1312, 1312, 1312, 1301,
- /*   360 */  1236, 1236, 1477, 1312, 1286, 1312, 1301, 1312, 1312, 1575,
- /*   370 */  1236, 1481, 1481, 1477, 1353, 1567, 1567, 1380, 1380, 1385,
- /*   380 */  1371, 1472, 1353, 1236, 1385, 1383, 1381, 1390, 1304, 1589,
- /*   390 */  1589, 1585, 1585, 1585, 1638, 1638, 1536, 1601, 1269, 1269,
- /*   400 */  1269, 1269, 1601, 1288, 1288, 1270, 1270, 1269, 1601, 1236,
- /*   410 */  1236, 1236, 1236, 1236, 1236, 1596, 1236, 1531, 1488, 1357,
- /*   420 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   430 */  1236, 1236, 1236, 1236, 1542, 1236, 1236, 1236, 1236, 1236,
- /*   440 */  1236, 1236, 1236, 1236, 1236, 1417, 1236, 1239, 1533, 1236,
- /*   450 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1394, 1395, 1358,
- /*   460 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1409, 1236, 1236,
- /*   470 */  1236, 1404, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   480 */  1629, 1236, 1236, 1236, 1236, 1236, 1236, 1502, 1501, 1236,
- /*   490 */  1236, 1355, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   500 */  1236, 1236, 1236, 1236, 1236, 1284, 1236, 1236, 1236, 1236,
- /*   510 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   520 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1382,
- /*   530 */  1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   540 */  1236, 1236, 1236, 1236, 1572, 1372, 1236, 1236, 1236, 1236,
- /*   550 */  1620, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236, 1236,
- /*   560 */  1236, 1236, 1236, 1236, 1236, 1612, 1328, 1418, 1236, 1421,
- /*   570 */  1258, 1236, 1248, 1236, 1236,
+ /*     0 */  1648, 1648, 1648, 1478, 1243, 1354, 1243, 1243, 1243, 1478,
+ /*    10 */  1478, 1478, 1243, 1384, 1384, 1531, 1276, 1243, 1243, 1243,
+ /*    20 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1477, 1243,
+ /*    30 */  1243, 1243, 1243, 1564, 1564, 1243, 1243, 1243, 1243, 1243,
+ /*    40 */  1243, 1243, 1243, 1393, 1243, 1400, 1243, 1243, 1243, 1243,
+ /*    50 */  1243, 1479, 1480, 1243, 1243, 1243, 1530, 1532, 1495, 1407,
+ /*    60 */  1406, 1405, 1404, 1513, 1372, 1398, 1391, 1395, 1474, 1475,
+ /*    70 */  1473, 1626, 1480, 1479, 1243, 1394, 1442, 1458, 1441, 1243,
+ /*    80 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*    90 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   100 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   110 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   120 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   130 */  1243, 1450, 1457, 1456, 1455, 1464, 1454, 1451, 1444, 1443,
+ /*   140 */  1445, 1446, 1243, 1243, 1267, 1243, 1243, 1264, 1318, 1243,
+ /*   150 */  1243, 1243, 1243, 1243, 1550, 1549, 1243, 1447, 1243, 1276,
+ /*   160 */  1435, 1434, 1433, 1461, 1448, 1460, 1459, 1538, 1600, 1599,
+ /*   170 */  1496, 1243, 1243, 1243, 1243, 1243, 1243, 1564, 1243, 1243,
+ /*   180 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   190 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   200 */  1243, 1374, 1564, 1564, 1243, 1276, 1564, 1564, 1375, 1375,
+ /*   210 */  1272, 1272, 1378, 1243, 1545, 1345, 1345, 1345, 1345, 1354,
+ /*   220 */  1345, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   230 */  1243, 1243, 1243, 1243, 1243, 1243, 1535, 1533, 1243, 1243,
+ /*   240 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   250 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   260 */  1243, 1243, 1243, 1243, 1243, 1350, 1243, 1243, 1243, 1243,
+ /*   270 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1593, 1243, 1508,
+ /*   280 */  1332, 1350, 1350, 1350, 1350, 1352, 1333, 1331, 1344, 1277,
+ /*   290 */  1250, 1640, 1410, 1399, 1351, 1399, 1637, 1397, 1410, 1410,
+ /*   300 */  1397, 1410, 1351, 1637, 1293, 1615, 1288, 1384, 1384, 1384,
+ /*   310 */  1374, 1374, 1374, 1374, 1378, 1378, 1476, 1351, 1344, 1243,
+ /*   320 */  1640, 1640, 1360, 1360, 1639, 1639, 1360, 1496, 1623, 1419,
+ /*   330 */  1321, 1327, 1327, 1327, 1327, 1360, 1261, 1397, 1623, 1623,
+ /*   340 */  1397, 1419, 1321, 1397, 1321, 1397, 1360, 1261, 1512, 1634,
+ /*   350 */  1360, 1261, 1486, 1360, 1261, 1360, 1261, 1486, 1319, 1319,
+ /*   360 */  1319, 1308, 1243, 1243, 1486, 1319, 1293, 1319, 1308, 1319,
+ /*   370 */  1319, 1582, 1243, 1490, 1490, 1486, 1360, 1574, 1574, 1387,
+ /*   380 */  1387, 1392, 1378, 1481, 1360, 1243, 1392, 1390, 1388, 1397,
+ /*   390 */  1311, 1596, 1596, 1592, 1592, 1592, 1645, 1645, 1545, 1608,
+ /*   400 */  1276, 1276, 1276, 1276, 1608, 1295, 1295, 1277, 1277, 1276,
+ /*   410 */  1608, 1243, 1243, 1243, 1243, 1243, 1243, 1603, 1243, 1540,
+ /*   420 */  1497, 1364, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   430 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1551, 1243,
+ /*   440 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1424,
+ /*   450 */  1243, 1246, 1542, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   460 */  1243, 1401, 1402, 1365, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   470 */  1243, 1416, 1243, 1243, 1243, 1411, 1243, 1243, 1243, 1243,
+ /*   480 */  1243, 1243, 1243, 1243, 1636, 1243, 1243, 1243, 1243, 1243,
+ /*   490 */  1243, 1511, 1510, 1243, 1243, 1362, 1243, 1243, 1243, 1243,
+ /*   500 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1291,
+ /*   510 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   520 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   530 */  1243, 1243, 1243, 1389, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   540 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1579, 1379,
+ /*   550 */  1243, 1243, 1243, 1243, 1627, 1243, 1243, 1243, 1243, 1243,
+ /*   560 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1619,
+ /*   570 */  1335, 1425, 1243, 1428, 1265, 1243, 1255, 1243, 1243,
 };
 /********** End of lemon-generated parsing tables *****************************/
 
@@ -169725,135 +172316,135 @@ static const char *const yyRuleName[] = {
  /* 185 */ "expr ::= expr COLLATE ID|STRING",
  /* 186 */ "expr ::= CAST LP expr AS typetoken RP",
  /* 187 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP",
- /* 188 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP",
- /* 189 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over",
- /* 190 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over",
- /* 191 */ "term ::= CTIME_KW",
- /* 192 */ "expr ::= LP nexprlist COMMA expr RP",
- /* 193 */ "expr ::= expr AND expr",
- /* 194 */ "expr ::= expr OR expr",
- /* 195 */ "expr ::= expr LT|GT|GE|LE expr",
- /* 196 */ "expr ::= expr EQ|NE expr",
- /* 197 */ "expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr",
- /* 198 */ "expr ::= expr PLUS|MINUS expr",
- /* 199 */ "expr ::= expr STAR|SLASH|REM expr",
- /* 200 */ "expr ::= expr CONCAT expr",
- /* 201 */ "likeop ::= NOT LIKE_KW|MATCH",
- /* 202 */ "expr ::= expr likeop expr",
- /* 203 */ "expr ::= expr likeop expr ESCAPE expr",
- /* 204 */ "expr ::= expr ISNULL|NOTNULL",
- /* 205 */ "expr ::= expr NOT NULL",
- /* 206 */ "expr ::= expr IS expr",
- /* 207 */ "expr ::= expr IS NOT expr",
- /* 208 */ "expr ::= expr IS NOT DISTINCT FROM expr",
- /* 209 */ "expr ::= expr IS DISTINCT FROM expr",
- /* 210 */ "expr ::= NOT expr",
- /* 211 */ "expr ::= BITNOT expr",
- /* 212 */ "expr ::= PLUS|MINUS expr",
- /* 213 */ "expr ::= expr PTR expr",
- /* 214 */ "between_op ::= BETWEEN",
- /* 215 */ "between_op ::= NOT BETWEEN",
- /* 216 */ "expr ::= expr between_op expr AND expr",
- /* 217 */ "in_op ::= IN",
- /* 218 */ "in_op ::= NOT IN",
- /* 219 */ "expr ::= expr in_op LP exprlist RP",
- /* 220 */ "expr ::= LP select RP",
- /* 221 */ "expr ::= expr in_op LP select RP",
- /* 222 */ "expr ::= expr in_op nm dbnm paren_exprlist",
- /* 223 */ "expr ::= EXISTS LP select RP",
- /* 224 */ "expr ::= CASE case_operand case_exprlist case_else END",
- /* 225 */ "case_exprlist ::= case_exprlist WHEN expr THEN expr",
- /* 226 */ "case_exprlist ::= WHEN expr THEN expr",
- /* 227 */ "case_else ::= ELSE expr",
- /* 228 */ "case_else ::=",
- /* 229 */ "case_operand ::=",
- /* 230 */ "exprlist ::=",
- /* 231 */ "nexprlist ::= nexprlist COMMA expr",
- /* 232 */ "nexprlist ::= expr",
- /* 233 */ "paren_exprlist ::=",
- /* 234 */ "paren_exprlist ::= LP exprlist RP",
- /* 235 */ "cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt",
- /* 236 */ "uniqueflag ::= UNIQUE",
- /* 237 */ "uniqueflag ::=",
- /* 238 */ "eidlist_opt ::=",
- /* 239 */ "eidlist_opt ::= LP eidlist RP",
- /* 240 */ "eidlist ::= eidlist COMMA nm collate sortorder",
- /* 241 */ "eidlist ::= nm collate sortorder",
- /* 242 */ "collate ::=",
- /* 243 */ "collate ::= COLLATE ID|STRING",
- /* 244 */ "cmd ::= DROP INDEX ifexists fullname",
- /* 245 */ "cmd ::= VACUUM vinto",
- /* 246 */ "cmd ::= VACUUM nm vinto",
- /* 247 */ "vinto ::= INTO expr",
- /* 248 */ "vinto ::=",
- /* 249 */ "cmd ::= PRAGMA nm dbnm",
- /* 250 */ "cmd ::= PRAGMA nm dbnm EQ nmnum",
- /* 251 */ "cmd ::= PRAGMA nm dbnm LP nmnum RP",
- /* 252 */ "cmd ::= PRAGMA nm dbnm EQ minus_num",
- /* 253 */ "cmd ::= PRAGMA nm dbnm LP minus_num RP",
- /* 254 */ "plus_num ::= PLUS INTEGER|FLOAT",
- /* 255 */ "minus_num ::= MINUS INTEGER|FLOAT",
- /* 256 */ "cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END",
- /* 257 */ "trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause",
- /* 258 */ "trigger_time ::= BEFORE|AFTER",
- /* 259 */ "trigger_time ::= INSTEAD OF",
- /* 260 */ "trigger_time ::=",
- /* 261 */ "trigger_event ::= DELETE|INSERT",
- /* 262 */ "trigger_event ::= UPDATE",
- /* 263 */ "trigger_event ::= UPDATE OF idlist",
- /* 264 */ "when_clause ::=",
- /* 265 */ "when_clause ::= WHEN expr",
- /* 266 */ "trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI",
- /* 267 */ "trigger_cmd_list ::= trigger_cmd SEMI",
- /* 268 */ "trnm ::= nm DOT nm",
- /* 269 */ "tridxby ::= INDEXED BY nm",
- /* 270 */ "tridxby ::= NOT INDEXED",
- /* 271 */ "trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt",
- /* 272 */ "trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt",
- /* 273 */ "trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt",
- /* 274 */ "trigger_cmd ::= scanpt select scanpt",
- /* 275 */ "expr ::= RAISE LP IGNORE RP",
- /* 276 */ "expr ::= RAISE LP raisetype COMMA nm RP",
- /* 277 */ "raisetype ::= ROLLBACK",
- /* 278 */ "raisetype ::= ABORT",
- /* 279 */ "raisetype ::= FAIL",
- /* 280 */ "cmd ::= DROP TRIGGER ifexists fullname",
- /* 281 */ "cmd ::= ATTACH database_kw_opt expr AS expr key_opt",
- /* 282 */ "cmd ::= DETACH database_kw_opt expr",
- /* 283 */ "key_opt ::=",
- /* 284 */ "key_opt ::= KEY expr",
- /* 285 */ "cmd ::= REINDEX",
- /* 286 */ "cmd ::= REINDEX nm dbnm",
- /* 287 */ "cmd ::= ANALYZE",
- /* 288 */ "cmd ::= ANALYZE nm dbnm",
- /* 289 */ "cmd ::= ALTER TABLE fullname RENAME TO nm",
- /* 290 */ "cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist",
- /* 291 */ "cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm",
- /* 292 */ "add_column_fullname ::= fullname",
- /* 293 */ "cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm",
- /* 294 */ "cmd ::= create_vtab",
- /* 295 */ "cmd ::= create_vtab LP vtabarglist RP",
- /* 296 */ "create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm",
- /* 297 */ "vtabarg ::=",
- /* 298 */ "vtabargtoken ::= ANY",
- /* 299 */ "vtabargtoken ::= lp anylist RP",
- /* 300 */ "lp ::= LP",
- /* 301 */ "with ::= WITH wqlist",
- /* 302 */ "with ::= WITH RECURSIVE wqlist",
- /* 303 */ "wqas ::= AS",
- /* 304 */ "wqas ::= AS MATERIALIZED",
- /* 305 */ "wqas ::= AS NOT MATERIALIZED",
- /* 306 */ "wqitem ::= nm eidlist_opt wqas LP select RP",
- /* 307 */ "wqlist ::= wqitem",
- /* 308 */ "wqlist ::= wqlist COMMA wqitem",
- /* 309 */ "windowdefn_list ::= windowdefn",
- /* 310 */ "windowdefn_list ::= windowdefn_list COMMA windowdefn",
- /* 311 */ "windowdefn ::= nm AS LP window RP",
- /* 312 */ "window ::= PARTITION BY nexprlist orderby_opt frame_opt",
- /* 313 */ "window ::= nm PARTITION BY nexprlist orderby_opt frame_opt",
- /* 314 */ "window ::= ORDER BY sortlist frame_opt",
- /* 315 */ "window ::= nm ORDER BY sortlist frame_opt",
- /* 316 */ "window ::= frame_opt",
+ /* 188 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP",
+ /* 189 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP",
+ /* 190 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over",
+ /* 191 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over",
+ /* 192 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over",
+ /* 193 */ "term ::= CTIME_KW",
+ /* 194 */ "expr ::= LP nexprlist COMMA expr RP",
+ /* 195 */ "expr ::= expr AND expr",
+ /* 196 */ "expr ::= expr OR expr",
+ /* 197 */ "expr ::= expr LT|GT|GE|LE expr",
+ /* 198 */ "expr ::= expr EQ|NE expr",
+ /* 199 */ "expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr",
+ /* 200 */ "expr ::= expr PLUS|MINUS expr",
+ /* 201 */ "expr ::= expr STAR|SLASH|REM expr",
+ /* 202 */ "expr ::= expr CONCAT expr",
+ /* 203 */ "likeop ::= NOT LIKE_KW|MATCH",
+ /* 204 */ "expr ::= expr likeop expr",
+ /* 205 */ "expr ::= expr likeop expr ESCAPE expr",
+ /* 206 */ "expr ::= expr ISNULL|NOTNULL",
+ /* 207 */ "expr ::= expr NOT NULL",
+ /* 208 */ "expr ::= expr IS expr",
+ /* 209 */ "expr ::= expr IS NOT expr",
+ /* 210 */ "expr ::= expr IS NOT DISTINCT FROM expr",
+ /* 211 */ "expr ::= expr IS DISTINCT FROM expr",
+ /* 212 */ "expr ::= NOT expr",
+ /* 213 */ "expr ::= BITNOT expr",
+ /* 214 */ "expr ::= PLUS|MINUS expr",
+ /* 215 */ "expr ::= expr PTR expr",
+ /* 216 */ "between_op ::= BETWEEN",
+ /* 217 */ "between_op ::= NOT BETWEEN",
+ /* 218 */ "expr ::= expr between_op expr AND expr",
+ /* 219 */ "in_op ::= IN",
+ /* 220 */ "in_op ::= NOT IN",
+ /* 221 */ "expr ::= expr in_op LP exprlist RP",
+ /* 222 */ "expr ::= LP select RP",
+ /* 223 */ "expr ::= expr in_op LP select RP",
+ /* 224 */ "expr ::= expr in_op nm dbnm paren_exprlist",
+ /* 225 */ "expr ::= EXISTS LP select RP",
+ /* 226 */ "expr ::= CASE case_operand case_exprlist case_else END",
+ /* 227 */ "case_exprlist ::= case_exprlist WHEN expr THEN expr",
+ /* 228 */ "case_exprlist ::= WHEN expr THEN expr",
+ /* 229 */ "case_else ::= ELSE expr",
+ /* 230 */ "case_else ::=",
+ /* 231 */ "case_operand ::=",
+ /* 232 */ "exprlist ::=",
+ /* 233 */ "nexprlist ::= nexprlist COMMA expr",
+ /* 234 */ "nexprlist ::= expr",
+ /* 235 */ "paren_exprlist ::=",
+ /* 236 */ "paren_exprlist ::= LP exprlist RP",
+ /* 237 */ "cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt",
+ /* 238 */ "uniqueflag ::= UNIQUE",
+ /* 239 */ "uniqueflag ::=",
+ /* 240 */ "eidlist_opt ::=",
+ /* 241 */ "eidlist_opt ::= LP eidlist RP",
+ /* 242 */ "eidlist ::= eidlist COMMA nm collate sortorder",
+ /* 243 */ "eidlist ::= nm collate sortorder",
+ /* 244 */ "collate ::=",
+ /* 245 */ "collate ::= COLLATE ID|STRING",
+ /* 246 */ "cmd ::= DROP INDEX ifexists fullname",
+ /* 247 */ "cmd ::= VACUUM vinto",
+ /* 248 */ "cmd ::= VACUUM nm vinto",
+ /* 249 */ "vinto ::= INTO expr",
+ /* 250 */ "vinto ::=",
+ /* 251 */ "cmd ::= PRAGMA nm dbnm",
+ /* 252 */ "cmd ::= PRAGMA nm dbnm EQ nmnum",
+ /* 253 */ "cmd ::= PRAGMA nm dbnm LP nmnum RP",
+ /* 254 */ "cmd ::= PRAGMA nm dbnm EQ minus_num",
+ /* 255 */ "cmd ::= PRAGMA nm dbnm LP minus_num RP",
+ /* 256 */ "plus_num ::= PLUS INTEGER|FLOAT",
+ /* 257 */ "minus_num ::= MINUS INTEGER|FLOAT",
+ /* 258 */ "cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END",
+ /* 259 */ "trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause",
+ /* 260 */ "trigger_time ::= BEFORE|AFTER",
+ /* 261 */ "trigger_time ::= INSTEAD OF",
+ /* 262 */ "trigger_time ::=",
+ /* 263 */ "trigger_event ::= DELETE|INSERT",
+ /* 264 */ "trigger_event ::= UPDATE",
+ /* 265 */ "trigger_event ::= UPDATE OF idlist",
+ /* 266 */ "when_clause ::=",
+ /* 267 */ "when_clause ::= WHEN expr",
+ /* 268 */ "trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI",
+ /* 269 */ "trigger_cmd_list ::= trigger_cmd SEMI",
+ /* 270 */ "trnm ::= nm DOT nm",
+ /* 271 */ "tridxby ::= INDEXED BY nm",
+ /* 272 */ "tridxby ::= NOT INDEXED",
+ /* 273 */ "trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt",
+ /* 274 */ "trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt",
+ /* 275 */ "trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt",
+ /* 276 */ "trigger_cmd ::= scanpt select scanpt",
+ /* 277 */ "expr ::= RAISE LP IGNORE RP",
+ /* 278 */ "expr ::= RAISE LP raisetype COMMA nm RP",
+ /* 279 */ "raisetype ::= ROLLBACK",
+ /* 280 */ "raisetype ::= ABORT",
+ /* 281 */ "raisetype ::= FAIL",
+ /* 282 */ "cmd ::= DROP TRIGGER ifexists fullname",
+ /* 283 */ "cmd ::= ATTACH database_kw_opt expr AS expr key_opt",
+ /* 284 */ "cmd ::= DETACH database_kw_opt expr",
+ /* 285 */ "key_opt ::=",
+ /* 286 */ "key_opt ::= KEY expr",
+ /* 287 */ "cmd ::= REINDEX",
+ /* 288 */ "cmd ::= REINDEX nm dbnm",
+ /* 289 */ "cmd ::= ANALYZE",
+ /* 290 */ "cmd ::= ANALYZE nm dbnm",
+ /* 291 */ "cmd ::= ALTER TABLE fullname RENAME TO nm",
+ /* 292 */ "cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist",
+ /* 293 */ "cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm",
+ /* 294 */ "add_column_fullname ::= fullname",
+ /* 295 */ "cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm",
+ /* 296 */ "cmd ::= create_vtab",
+ /* 297 */ "cmd ::= create_vtab LP vtabarglist RP",
+ /* 298 */ "create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm",
+ /* 299 */ "vtabarg ::=",
+ /* 300 */ "vtabargtoken ::= ANY",
+ /* 301 */ "vtabargtoken ::= lp anylist RP",
+ /* 302 */ "lp ::= LP",
+ /* 303 */ "with ::= WITH wqlist",
+ /* 304 */ "with ::= WITH RECURSIVE wqlist",
+ /* 305 */ "wqas ::= AS",
+ /* 306 */ "wqas ::= AS MATERIALIZED",
+ /* 307 */ "wqas ::= AS NOT MATERIALIZED",
+ /* 308 */ "wqitem ::= nm eidlist_opt wqas LP select RP",
+ /* 309 */ "wqlist ::= wqitem",
+ /* 310 */ "wqlist ::= wqlist COMMA wqitem",
+ /* 311 */ "windowdefn_list ::= windowdefn_list COMMA windowdefn",
+ /* 312 */ "windowdefn ::= nm AS LP window RP",
+ /* 313 */ "window ::= PARTITION BY nexprlist orderby_opt frame_opt",
+ /* 314 */ "window ::= nm PARTITION BY nexprlist orderby_opt frame_opt",
+ /* 315 */ "window ::= ORDER BY sortlist frame_opt",
+ /* 316 */ "window ::= nm ORDER BY sortlist frame_opt",
  /* 317 */ "window ::= nm frame_opt",
  /* 318 */ "frame_opt ::=",
  /* 319 */ "frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt",
@@ -169940,6 +172531,8 @@ static const char *const yyRuleName[] = {
  /* 400 */ "anylist ::= anylist LP anylist RP",
  /* 401 */ "anylist ::= anylist ANY",
  /* 402 */ "with ::=",
+ /* 403 */ "windowdefn_list ::= windowdefn",
+ /* 404 */ "window ::= frame_opt",
 };
 #endif /* NDEBUG */
 
@@ -170634,135 +173227,135 @@ static const YYCODETYPE yyRuleInfoLhs[] = {
    217,  /* (185) expr ::= expr COLLATE ID|STRING */
    217,  /* (186) expr ::= CAST LP expr AS typetoken RP */
    217,  /* (187) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
-   217,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
-   217,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
-   217,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
-   216,  /* (191) term ::= CTIME_KW */
-   217,  /* (192) expr ::= LP nexprlist COMMA expr RP */
-   217,  /* (193) expr ::= expr AND expr */
-   217,  /* (194) expr ::= expr OR expr */
-   217,  /* (195) expr ::= expr LT|GT|GE|LE expr */
-   217,  /* (196) expr ::= expr EQ|NE expr */
-   217,  /* (197) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
-   217,  /* (198) expr ::= expr PLUS|MINUS expr */
-   217,  /* (199) expr ::= expr STAR|SLASH|REM expr */
-   217,  /* (200) expr ::= expr CONCAT expr */
-   274,  /* (201) likeop ::= NOT LIKE_KW|MATCH */
-   217,  /* (202) expr ::= expr likeop expr */
-   217,  /* (203) expr ::= expr likeop expr ESCAPE expr */
-   217,  /* (204) expr ::= expr ISNULL|NOTNULL */
-   217,  /* (205) expr ::= expr NOT NULL */
-   217,  /* (206) expr ::= expr IS expr */
-   217,  /* (207) expr ::= expr IS NOT expr */
-   217,  /* (208) expr ::= expr IS NOT DISTINCT FROM expr */
-   217,  /* (209) expr ::= expr IS DISTINCT FROM expr */
-   217,  /* (210) expr ::= NOT expr */
-   217,  /* (211) expr ::= BITNOT expr */
-   217,  /* (212) expr ::= PLUS|MINUS expr */
-   217,  /* (213) expr ::= expr PTR expr */
-   275,  /* (214) between_op ::= BETWEEN */
-   275,  /* (215) between_op ::= NOT BETWEEN */
-   217,  /* (216) expr ::= expr between_op expr AND expr */
-   276,  /* (217) in_op ::= IN */
-   276,  /* (218) in_op ::= NOT IN */
-   217,  /* (219) expr ::= expr in_op LP exprlist RP */
-   217,  /* (220) expr ::= LP select RP */
-   217,  /* (221) expr ::= expr in_op LP select RP */
-   217,  /* (222) expr ::= expr in_op nm dbnm paren_exprlist */
-   217,  /* (223) expr ::= EXISTS LP select RP */
-   217,  /* (224) expr ::= CASE case_operand case_exprlist case_else END */
-   279,  /* (225) case_exprlist ::= case_exprlist WHEN expr THEN expr */
-   279,  /* (226) case_exprlist ::= WHEN expr THEN expr */
-   280,  /* (227) case_else ::= ELSE expr */
-   280,  /* (228) case_else ::= */
-   278,  /* (229) case_operand ::= */
-   261,  /* (230) exprlist ::= */
-   253,  /* (231) nexprlist ::= nexprlist COMMA expr */
-   253,  /* (232) nexprlist ::= expr */
-   277,  /* (233) paren_exprlist ::= */
-   277,  /* (234) paren_exprlist ::= LP exprlist RP */
-   190,  /* (235) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
-   281,  /* (236) uniqueflag ::= UNIQUE */
-   281,  /* (237) uniqueflag ::= */
-   221,  /* (238) eidlist_opt ::= */
-   221,  /* (239) eidlist_opt ::= LP eidlist RP */
-   232,  /* (240) eidlist ::= eidlist COMMA nm collate sortorder */
-   232,  /* (241) eidlist ::= nm collate sortorder */
-   282,  /* (242) collate ::= */
-   282,  /* (243) collate ::= COLLATE ID|STRING */
-   190,  /* (244) cmd ::= DROP INDEX ifexists fullname */
-   190,  /* (245) cmd ::= VACUUM vinto */
-   190,  /* (246) cmd ::= VACUUM nm vinto */
-   283,  /* (247) vinto ::= INTO expr */
-   283,  /* (248) vinto ::= */
-   190,  /* (249) cmd ::= PRAGMA nm dbnm */
-   190,  /* (250) cmd ::= PRAGMA nm dbnm EQ nmnum */
-   190,  /* (251) cmd ::= PRAGMA nm dbnm LP nmnum RP */
-   190,  /* (252) cmd ::= PRAGMA nm dbnm EQ minus_num */
-   190,  /* (253) cmd ::= PRAGMA nm dbnm LP minus_num RP */
-   211,  /* (254) plus_num ::= PLUS INTEGER|FLOAT */
-   212,  /* (255) minus_num ::= MINUS INTEGER|FLOAT */
-   190,  /* (256) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
-   285,  /* (257) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
-   287,  /* (258) trigger_time ::= BEFORE|AFTER */
-   287,  /* (259) trigger_time ::= INSTEAD OF */
-   287,  /* (260) trigger_time ::= */
-   288,  /* (261) trigger_event ::= DELETE|INSERT */
-   288,  /* (262) trigger_event ::= UPDATE */
-   288,  /* (263) trigger_event ::= UPDATE OF idlist */
-   290,  /* (264) when_clause ::= */
-   290,  /* (265) when_clause ::= WHEN expr */
-   286,  /* (266) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
-   286,  /* (267) trigger_cmd_list ::= trigger_cmd SEMI */
-   292,  /* (268) trnm ::= nm DOT nm */
-   293,  /* (269) tridxby ::= INDEXED BY nm */
-   293,  /* (270) tridxby ::= NOT INDEXED */
-   291,  /* (271) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-   291,  /* (272) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
-   291,  /* (273) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-   291,  /* (274) trigger_cmd ::= scanpt select scanpt */
-   217,  /* (275) expr ::= RAISE LP IGNORE RP */
-   217,  /* (276) expr ::= RAISE LP raisetype COMMA nm RP */
-   236,  /* (277) raisetype ::= ROLLBACK */
-   236,  /* (278) raisetype ::= ABORT */
-   236,  /* (279) raisetype ::= FAIL */
-   190,  /* (280) cmd ::= DROP TRIGGER ifexists fullname */
-   190,  /* (281) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
-   190,  /* (282) cmd ::= DETACH database_kw_opt expr */
-   295,  /* (283) key_opt ::= */
-   295,  /* (284) key_opt ::= KEY expr */
-   190,  /* (285) cmd ::= REINDEX */
-   190,  /* (286) cmd ::= REINDEX nm dbnm */
-   190,  /* (287) cmd ::= ANALYZE */
-   190,  /* (288) cmd ::= ANALYZE nm dbnm */
-   190,  /* (289) cmd ::= ALTER TABLE fullname RENAME TO nm */
-   190,  /* (290) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
-   190,  /* (291) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
-   296,  /* (292) add_column_fullname ::= fullname */
-   190,  /* (293) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
-   190,  /* (294) cmd ::= create_vtab */
-   190,  /* (295) cmd ::= create_vtab LP vtabarglist RP */
-   298,  /* (296) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
-   300,  /* (297) vtabarg ::= */
-   301,  /* (298) vtabargtoken ::= ANY */
-   301,  /* (299) vtabargtoken ::= lp anylist RP */
-   302,  /* (300) lp ::= LP */
-   266,  /* (301) with ::= WITH wqlist */
-   266,  /* (302) with ::= WITH RECURSIVE wqlist */
-   305,  /* (303) wqas ::= AS */
-   305,  /* (304) wqas ::= AS MATERIALIZED */
-   305,  /* (305) wqas ::= AS NOT MATERIALIZED */
-   304,  /* (306) wqitem ::= nm eidlist_opt wqas LP select RP */
-   241,  /* (307) wqlist ::= wqitem */
-   241,  /* (308) wqlist ::= wqlist COMMA wqitem */
-   306,  /* (309) windowdefn_list ::= windowdefn */
-   306,  /* (310) windowdefn_list ::= windowdefn_list COMMA windowdefn */
-   307,  /* (311) windowdefn ::= nm AS LP window RP */
-   308,  /* (312) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
-   308,  /* (313) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
-   308,  /* (314) window ::= ORDER BY sortlist frame_opt */
-   308,  /* (315) window ::= nm ORDER BY sortlist frame_opt */
-   308,  /* (316) window ::= frame_opt */
+   217,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
+   217,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+   217,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+   217,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
+   217,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+   216,  /* (193) term ::= CTIME_KW */
+   217,  /* (194) expr ::= LP nexprlist COMMA expr RP */
+   217,  /* (195) expr ::= expr AND expr */
+   217,  /* (196) expr ::= expr OR expr */
+   217,  /* (197) expr ::= expr LT|GT|GE|LE expr */
+   217,  /* (198) expr ::= expr EQ|NE expr */
+   217,  /* (199) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
+   217,  /* (200) expr ::= expr PLUS|MINUS expr */
+   217,  /* (201) expr ::= expr STAR|SLASH|REM expr */
+   217,  /* (202) expr ::= expr CONCAT expr */
+   274,  /* (203) likeop ::= NOT LIKE_KW|MATCH */
+   217,  /* (204) expr ::= expr likeop expr */
+   217,  /* (205) expr ::= expr likeop expr ESCAPE expr */
+   217,  /* (206) expr ::= expr ISNULL|NOTNULL */
+   217,  /* (207) expr ::= expr NOT NULL */
+   217,  /* (208) expr ::= expr IS expr */
+   217,  /* (209) expr ::= expr IS NOT expr */
+   217,  /* (210) expr ::= expr IS NOT DISTINCT FROM expr */
+   217,  /* (211) expr ::= expr IS DISTINCT FROM expr */
+   217,  /* (212) expr ::= NOT expr */
+   217,  /* (213) expr ::= BITNOT expr */
+   217,  /* (214) expr ::= PLUS|MINUS expr */
+   217,  /* (215) expr ::= expr PTR expr */
+   275,  /* (216) between_op ::= BETWEEN */
+   275,  /* (217) between_op ::= NOT BETWEEN */
+   217,  /* (218) expr ::= expr between_op expr AND expr */
+   276,  /* (219) in_op ::= IN */
+   276,  /* (220) in_op ::= NOT IN */
+   217,  /* (221) expr ::= expr in_op LP exprlist RP */
+   217,  /* (222) expr ::= LP select RP */
+   217,  /* (223) expr ::= expr in_op LP select RP */
+   217,  /* (224) expr ::= expr in_op nm dbnm paren_exprlist */
+   217,  /* (225) expr ::= EXISTS LP select RP */
+   217,  /* (226) expr ::= CASE case_operand case_exprlist case_else END */
+   279,  /* (227) case_exprlist ::= case_exprlist WHEN expr THEN expr */
+   279,  /* (228) case_exprlist ::= WHEN expr THEN expr */
+   280,  /* (229) case_else ::= ELSE expr */
+   280,  /* (230) case_else ::= */
+   278,  /* (231) case_operand ::= */
+   261,  /* (232) exprlist ::= */
+   253,  /* (233) nexprlist ::= nexprlist COMMA expr */
+   253,  /* (234) nexprlist ::= expr */
+   277,  /* (235) paren_exprlist ::= */
+   277,  /* (236) paren_exprlist ::= LP exprlist RP */
+   190,  /* (237) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+   281,  /* (238) uniqueflag ::= UNIQUE */
+   281,  /* (239) uniqueflag ::= */
+   221,  /* (240) eidlist_opt ::= */
+   221,  /* (241) eidlist_opt ::= LP eidlist RP */
+   232,  /* (242) eidlist ::= eidlist COMMA nm collate sortorder */
+   232,  /* (243) eidlist ::= nm collate sortorder */
+   282,  /* (244) collate ::= */
+   282,  /* (245) collate ::= COLLATE ID|STRING */
+   190,  /* (246) cmd ::= DROP INDEX ifexists fullname */
+   190,  /* (247) cmd ::= VACUUM vinto */
+   190,  /* (248) cmd ::= VACUUM nm vinto */
+   283,  /* (249) vinto ::= INTO expr */
+   283,  /* (250) vinto ::= */
+   190,  /* (251) cmd ::= PRAGMA nm dbnm */
+   190,  /* (252) cmd ::= PRAGMA nm dbnm EQ nmnum */
+   190,  /* (253) cmd ::= PRAGMA nm dbnm LP nmnum RP */
+   190,  /* (254) cmd ::= PRAGMA nm dbnm EQ minus_num */
+   190,  /* (255) cmd ::= PRAGMA nm dbnm LP minus_num RP */
+   211,  /* (256) plus_num ::= PLUS INTEGER|FLOAT */
+   212,  /* (257) minus_num ::= MINUS INTEGER|FLOAT */
+   190,  /* (258) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+   285,  /* (259) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+   287,  /* (260) trigger_time ::= BEFORE|AFTER */
+   287,  /* (261) trigger_time ::= INSTEAD OF */
+   287,  /* (262) trigger_time ::= */
+   288,  /* (263) trigger_event ::= DELETE|INSERT */
+   288,  /* (264) trigger_event ::= UPDATE */
+   288,  /* (265) trigger_event ::= UPDATE OF idlist */
+   290,  /* (266) when_clause ::= */
+   290,  /* (267) when_clause ::= WHEN expr */
+   286,  /* (268) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+   286,  /* (269) trigger_cmd_list ::= trigger_cmd SEMI */
+   292,  /* (270) trnm ::= nm DOT nm */
+   293,  /* (271) tridxby ::= INDEXED BY nm */
+   293,  /* (272) tridxby ::= NOT INDEXED */
+   291,  /* (273) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+   291,  /* (274) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+   291,  /* (275) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+   291,  /* (276) trigger_cmd ::= scanpt select scanpt */
+   217,  /* (277) expr ::= RAISE LP IGNORE RP */
+   217,  /* (278) expr ::= RAISE LP raisetype COMMA nm RP */
+   236,  /* (279) raisetype ::= ROLLBACK */
+   236,  /* (280) raisetype ::= ABORT */
+   236,  /* (281) raisetype ::= FAIL */
+   190,  /* (282) cmd ::= DROP TRIGGER ifexists fullname */
+   190,  /* (283) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+   190,  /* (284) cmd ::= DETACH database_kw_opt expr */
+   295,  /* (285) key_opt ::= */
+   295,  /* (286) key_opt ::= KEY expr */
+   190,  /* (287) cmd ::= REINDEX */
+   190,  /* (288) cmd ::= REINDEX nm dbnm */
+   190,  /* (289) cmd ::= ANALYZE */
+   190,  /* (290) cmd ::= ANALYZE nm dbnm */
+   190,  /* (291) cmd ::= ALTER TABLE fullname RENAME TO nm */
+   190,  /* (292) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+   190,  /* (293) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+   296,  /* (294) add_column_fullname ::= fullname */
+   190,  /* (295) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+   190,  /* (296) cmd ::= create_vtab */
+   190,  /* (297) cmd ::= create_vtab LP vtabarglist RP */
+   298,  /* (298) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+   300,  /* (299) vtabarg ::= */
+   301,  /* (300) vtabargtoken ::= ANY */
+   301,  /* (301) vtabargtoken ::= lp anylist RP */
+   302,  /* (302) lp ::= LP */
+   266,  /* (303) with ::= WITH wqlist */
+   266,  /* (304) with ::= WITH RECURSIVE wqlist */
+   305,  /* (305) wqas ::= AS */
+   305,  /* (306) wqas ::= AS MATERIALIZED */
+   305,  /* (307) wqas ::= AS NOT MATERIALIZED */
+   304,  /* (308) wqitem ::= nm eidlist_opt wqas LP select RP */
+   241,  /* (309) wqlist ::= wqitem */
+   241,  /* (310) wqlist ::= wqlist COMMA wqitem */
+   306,  /* (311) windowdefn_list ::= windowdefn_list COMMA windowdefn */
+   307,  /* (312) windowdefn ::= nm AS LP window RP */
+   308,  /* (313) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+   308,  /* (314) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+   308,  /* (315) window ::= ORDER BY sortlist frame_opt */
+   308,  /* (316) window ::= nm ORDER BY sortlist frame_opt */
    308,  /* (317) window ::= nm frame_opt */
    309,  /* (318) frame_opt ::= */
    309,  /* (319) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
@@ -170849,6 +173442,8 @@ static const YYCODETYPE yyRuleInfoLhs[] = {
    303,  /* (400) anylist ::= anylist LP anylist RP */
    303,  /* (401) anylist ::= anylist ANY */
    266,  /* (402) with ::= */
+   306,  /* (403) windowdefn_list ::= windowdefn */
+   308,  /* (404) window ::= frame_opt */
 };
 
 /* For rule J, yyRuleInfoNRhs[J] contains the negative of the number
@@ -171042,135 +173637,135 @@ static const signed char yyRuleInfoNRhs[] = {
    -3,  /* (185) expr ::= expr COLLATE ID|STRING */
    -6,  /* (186) expr ::= CAST LP expr AS typetoken RP */
    -5,  /* (187) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
-   -4,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
-   -6,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
-   -5,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
-   -1,  /* (191) term ::= CTIME_KW */
-   -5,  /* (192) expr ::= LP nexprlist COMMA expr RP */
-   -3,  /* (193) expr ::= expr AND expr */
-   -3,  /* (194) expr ::= expr OR expr */
-   -3,  /* (195) expr ::= expr LT|GT|GE|LE expr */
-   -3,  /* (196) expr ::= expr EQ|NE expr */
-   -3,  /* (197) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
-   -3,  /* (198) expr ::= expr PLUS|MINUS expr */
-   -3,  /* (199) expr ::= expr STAR|SLASH|REM expr */
-   -3,  /* (200) expr ::= expr CONCAT expr */
-   -2,  /* (201) likeop ::= NOT LIKE_KW|MATCH */
-   -3,  /* (202) expr ::= expr likeop expr */
-   -5,  /* (203) expr ::= expr likeop expr ESCAPE expr */
-   -2,  /* (204) expr ::= expr ISNULL|NOTNULL */
-   -3,  /* (205) expr ::= expr NOT NULL */
-   -3,  /* (206) expr ::= expr IS expr */
-   -4,  /* (207) expr ::= expr IS NOT expr */
-   -6,  /* (208) expr ::= expr IS NOT DISTINCT FROM expr */
-   -5,  /* (209) expr ::= expr IS DISTINCT FROM expr */
-   -2,  /* (210) expr ::= NOT expr */
-   -2,  /* (211) expr ::= BITNOT expr */
-   -2,  /* (212) expr ::= PLUS|MINUS expr */
-   -3,  /* (213) expr ::= expr PTR expr */
-   -1,  /* (214) between_op ::= BETWEEN */
-   -2,  /* (215) between_op ::= NOT BETWEEN */
-   -5,  /* (216) expr ::= expr between_op expr AND expr */
-   -1,  /* (217) in_op ::= IN */
-   -2,  /* (218) in_op ::= NOT IN */
-   -5,  /* (219) expr ::= expr in_op LP exprlist RP */
-   -3,  /* (220) expr ::= LP select RP */
-   -5,  /* (221) expr ::= expr in_op LP select RP */
-   -5,  /* (222) expr ::= expr in_op nm dbnm paren_exprlist */
-   -4,  /* (223) expr ::= EXISTS LP select RP */
-   -5,  /* (224) expr ::= CASE case_operand case_exprlist case_else END */
-   -5,  /* (225) case_exprlist ::= case_exprlist WHEN expr THEN expr */
-   -4,  /* (226) case_exprlist ::= WHEN expr THEN expr */
-   -2,  /* (227) case_else ::= ELSE expr */
-    0,  /* (228) case_else ::= */
-    0,  /* (229) case_operand ::= */
-    0,  /* (230) exprlist ::= */
-   -3,  /* (231) nexprlist ::= nexprlist COMMA expr */
-   -1,  /* (232) nexprlist ::= expr */
-    0,  /* (233) paren_exprlist ::= */
-   -3,  /* (234) paren_exprlist ::= LP exprlist RP */
-  -12,  /* (235) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
-   -1,  /* (236) uniqueflag ::= UNIQUE */
-    0,  /* (237) uniqueflag ::= */
-    0,  /* (238) eidlist_opt ::= */
-   -3,  /* (239) eidlist_opt ::= LP eidlist RP */
-   -5,  /* (240) eidlist ::= eidlist COMMA nm collate sortorder */
-   -3,  /* (241) eidlist ::= nm collate sortorder */
-    0,  /* (242) collate ::= */
-   -2,  /* (243) collate ::= COLLATE ID|STRING */
-   -4,  /* (244) cmd ::= DROP INDEX ifexists fullname */
-   -2,  /* (245) cmd ::= VACUUM vinto */
-   -3,  /* (246) cmd ::= VACUUM nm vinto */
-   -2,  /* (247) vinto ::= INTO expr */
-    0,  /* (248) vinto ::= */
-   -3,  /* (249) cmd ::= PRAGMA nm dbnm */
-   -5,  /* (250) cmd ::= PRAGMA nm dbnm EQ nmnum */
-   -6,  /* (251) cmd ::= PRAGMA nm dbnm LP nmnum RP */
-   -5,  /* (252) cmd ::= PRAGMA nm dbnm EQ minus_num */
-   -6,  /* (253) cmd ::= PRAGMA nm dbnm LP minus_num RP */
-   -2,  /* (254) plus_num ::= PLUS INTEGER|FLOAT */
-   -2,  /* (255) minus_num ::= MINUS INTEGER|FLOAT */
-   -5,  /* (256) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
-  -11,  /* (257) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
-   -1,  /* (258) trigger_time ::= BEFORE|AFTER */
-   -2,  /* (259) trigger_time ::= INSTEAD OF */
-    0,  /* (260) trigger_time ::= */
-   -1,  /* (261) trigger_event ::= DELETE|INSERT */
-   -1,  /* (262) trigger_event ::= UPDATE */
-   -3,  /* (263) trigger_event ::= UPDATE OF idlist */
-    0,  /* (264) when_clause ::= */
-   -2,  /* (265) when_clause ::= WHEN expr */
-   -3,  /* (266) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
-   -2,  /* (267) trigger_cmd_list ::= trigger_cmd SEMI */
-   -3,  /* (268) trnm ::= nm DOT nm */
-   -3,  /* (269) tridxby ::= INDEXED BY nm */
-   -2,  /* (270) tridxby ::= NOT INDEXED */
-   -9,  /* (271) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-   -8,  /* (272) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
-   -6,  /* (273) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-   -3,  /* (274) trigger_cmd ::= scanpt select scanpt */
-   -4,  /* (275) expr ::= RAISE LP IGNORE RP */
-   -6,  /* (276) expr ::= RAISE LP raisetype COMMA nm RP */
-   -1,  /* (277) raisetype ::= ROLLBACK */
-   -1,  /* (278) raisetype ::= ABORT */
-   -1,  /* (279) raisetype ::= FAIL */
-   -4,  /* (280) cmd ::= DROP TRIGGER ifexists fullname */
-   -6,  /* (281) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
-   -3,  /* (282) cmd ::= DETACH database_kw_opt expr */
-    0,  /* (283) key_opt ::= */
-   -2,  /* (284) key_opt ::= KEY expr */
-   -1,  /* (285) cmd ::= REINDEX */
-   -3,  /* (286) cmd ::= REINDEX nm dbnm */
-   -1,  /* (287) cmd ::= ANALYZE */
-   -3,  /* (288) cmd ::= ANALYZE nm dbnm */
-   -6,  /* (289) cmd ::= ALTER TABLE fullname RENAME TO nm */
-   -7,  /* (290) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
-   -6,  /* (291) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
-   -1,  /* (292) add_column_fullname ::= fullname */
-   -8,  /* (293) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
-   -1,  /* (294) cmd ::= create_vtab */
-   -4,  /* (295) cmd ::= create_vtab LP vtabarglist RP */
-   -8,  /* (296) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
-    0,  /* (297) vtabarg ::= */
-   -1,  /* (298) vtabargtoken ::= ANY */
-   -3,  /* (299) vtabargtoken ::= lp anylist RP */
-   -1,  /* (300) lp ::= LP */
-   -2,  /* (301) with ::= WITH wqlist */
-   -3,  /* (302) with ::= WITH RECURSIVE wqlist */
-   -1,  /* (303) wqas ::= AS */
-   -2,  /* (304) wqas ::= AS MATERIALIZED */
-   -3,  /* (305) wqas ::= AS NOT MATERIALIZED */
-   -6,  /* (306) wqitem ::= nm eidlist_opt wqas LP select RP */
-   -1,  /* (307) wqlist ::= wqitem */
-   -3,  /* (308) wqlist ::= wqlist COMMA wqitem */
-   -1,  /* (309) windowdefn_list ::= windowdefn */
-   -3,  /* (310) windowdefn_list ::= windowdefn_list COMMA windowdefn */
-   -5,  /* (311) windowdefn ::= nm AS LP window RP */
-   -5,  /* (312) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
-   -6,  /* (313) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
-   -4,  /* (314) window ::= ORDER BY sortlist frame_opt */
-   -5,  /* (315) window ::= nm ORDER BY sortlist frame_opt */
-   -1,  /* (316) window ::= frame_opt */
+   -8,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
+   -4,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+   -6,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+   -9,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
+   -5,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+   -1,  /* (193) term ::= CTIME_KW */
+   -5,  /* (194) expr ::= LP nexprlist COMMA expr RP */
+   -3,  /* (195) expr ::= expr AND expr */
+   -3,  /* (196) expr ::= expr OR expr */
+   -3,  /* (197) expr ::= expr LT|GT|GE|LE expr */
+   -3,  /* (198) expr ::= expr EQ|NE expr */
+   -3,  /* (199) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
+   -3,  /* (200) expr ::= expr PLUS|MINUS expr */
+   -3,  /* (201) expr ::= expr STAR|SLASH|REM expr */
+   -3,  /* (202) expr ::= expr CONCAT expr */
+   -2,  /* (203) likeop ::= NOT LIKE_KW|MATCH */
+   -3,  /* (204) expr ::= expr likeop expr */
+   -5,  /* (205) expr ::= expr likeop expr ESCAPE expr */
+   -2,  /* (206) expr ::= expr ISNULL|NOTNULL */
+   -3,  /* (207) expr ::= expr NOT NULL */
+   -3,  /* (208) expr ::= expr IS expr */
+   -4,  /* (209) expr ::= expr IS NOT expr */
+   -6,  /* (210) expr ::= expr IS NOT DISTINCT FROM expr */
+   -5,  /* (211) expr ::= expr IS DISTINCT FROM expr */
+   -2,  /* (212) expr ::= NOT expr */
+   -2,  /* (213) expr ::= BITNOT expr */
+   -2,  /* (214) expr ::= PLUS|MINUS expr */
+   -3,  /* (215) expr ::= expr PTR expr */
+   -1,  /* (216) between_op ::= BETWEEN */
+   -2,  /* (217) between_op ::= NOT BETWEEN */
+   -5,  /* (218) expr ::= expr between_op expr AND expr */
+   -1,  /* (219) in_op ::= IN */
+   -2,  /* (220) in_op ::= NOT IN */
+   -5,  /* (221) expr ::= expr in_op LP exprlist RP */
+   -3,  /* (222) expr ::= LP select RP */
+   -5,  /* (223) expr ::= expr in_op LP select RP */
+   -5,  /* (224) expr ::= expr in_op nm dbnm paren_exprlist */
+   -4,  /* (225) expr ::= EXISTS LP select RP */
+   -5,  /* (226) expr ::= CASE case_operand case_exprlist case_else END */
+   -5,  /* (227) case_exprlist ::= case_exprlist WHEN expr THEN expr */
+   -4,  /* (228) case_exprlist ::= WHEN expr THEN expr */
+   -2,  /* (229) case_else ::= ELSE expr */
+    0,  /* (230) case_else ::= */
+    0,  /* (231) case_operand ::= */
+    0,  /* (232) exprlist ::= */
+   -3,  /* (233) nexprlist ::= nexprlist COMMA expr */
+   -1,  /* (234) nexprlist ::= expr */
+    0,  /* (235) paren_exprlist ::= */
+   -3,  /* (236) paren_exprlist ::= LP exprlist RP */
+  -12,  /* (237) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+   -1,  /* (238) uniqueflag ::= UNIQUE */
+    0,  /* (239) uniqueflag ::= */
+    0,  /* (240) eidlist_opt ::= */
+   -3,  /* (241) eidlist_opt ::= LP eidlist RP */
+   -5,  /* (242) eidlist ::= eidlist COMMA nm collate sortorder */
+   -3,  /* (243) eidlist ::= nm collate sortorder */
+    0,  /* (244) collate ::= */
+   -2,  /* (245) collate ::= COLLATE ID|STRING */
+   -4,  /* (246) cmd ::= DROP INDEX ifexists fullname */
+   -2,  /* (247) cmd ::= VACUUM vinto */
+   -3,  /* (248) cmd ::= VACUUM nm vinto */
+   -2,  /* (249) vinto ::= INTO expr */
+    0,  /* (250) vinto ::= */
+   -3,  /* (251) cmd ::= PRAGMA nm dbnm */
+   -5,  /* (252) cmd ::= PRAGMA nm dbnm EQ nmnum */
+   -6,  /* (253) cmd ::= PRAGMA nm dbnm LP nmnum RP */
+   -5,  /* (254) cmd ::= PRAGMA nm dbnm EQ minus_num */
+   -6,  /* (255) cmd ::= PRAGMA nm dbnm LP minus_num RP */
+   -2,  /* (256) plus_num ::= PLUS INTEGER|FLOAT */
+   -2,  /* (257) minus_num ::= MINUS INTEGER|FLOAT */
+   -5,  /* (258) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+  -11,  /* (259) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+   -1,  /* (260) trigger_time ::= BEFORE|AFTER */
+   -2,  /* (261) trigger_time ::= INSTEAD OF */
+    0,  /* (262) trigger_time ::= */
+   -1,  /* (263) trigger_event ::= DELETE|INSERT */
+   -1,  /* (264) trigger_event ::= UPDATE */
+   -3,  /* (265) trigger_event ::= UPDATE OF idlist */
+    0,  /* (266) when_clause ::= */
+   -2,  /* (267) when_clause ::= WHEN expr */
+   -3,  /* (268) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+   -2,  /* (269) trigger_cmd_list ::= trigger_cmd SEMI */
+   -3,  /* (270) trnm ::= nm DOT nm */
+   -3,  /* (271) tridxby ::= INDEXED BY nm */
+   -2,  /* (272) tridxby ::= NOT INDEXED */
+   -9,  /* (273) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+   -8,  /* (274) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+   -6,  /* (275) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+   -3,  /* (276) trigger_cmd ::= scanpt select scanpt */
+   -4,  /* (277) expr ::= RAISE LP IGNORE RP */
+   -6,  /* (278) expr ::= RAISE LP raisetype COMMA nm RP */
+   -1,  /* (279) raisetype ::= ROLLBACK */
+   -1,  /* (280) raisetype ::= ABORT */
+   -1,  /* (281) raisetype ::= FAIL */
+   -4,  /* (282) cmd ::= DROP TRIGGER ifexists fullname */
+   -6,  /* (283) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+   -3,  /* (284) cmd ::= DETACH database_kw_opt expr */
+    0,  /* (285) key_opt ::= */
+   -2,  /* (286) key_opt ::= KEY expr */
+   -1,  /* (287) cmd ::= REINDEX */
+   -3,  /* (288) cmd ::= REINDEX nm dbnm */
+   -1,  /* (289) cmd ::= ANALYZE */
+   -3,  /* (290) cmd ::= ANALYZE nm dbnm */
+   -6,  /* (291) cmd ::= ALTER TABLE fullname RENAME TO nm */
+   -7,  /* (292) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+   -6,  /* (293) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+   -1,  /* (294) add_column_fullname ::= fullname */
+   -8,  /* (295) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+   -1,  /* (296) cmd ::= create_vtab */
+   -4,  /* (297) cmd ::= create_vtab LP vtabarglist RP */
+   -8,  /* (298) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+    0,  /* (299) vtabarg ::= */
+   -1,  /* (300) vtabargtoken ::= ANY */
+   -3,  /* (301) vtabargtoken ::= lp anylist RP */
+   -1,  /* (302) lp ::= LP */
+   -2,  /* (303) with ::= WITH wqlist */
+   -3,  /* (304) with ::= WITH RECURSIVE wqlist */
+   -1,  /* (305) wqas ::= AS */
+   -2,  /* (306) wqas ::= AS MATERIALIZED */
+   -3,  /* (307) wqas ::= AS NOT MATERIALIZED */
+   -6,  /* (308) wqitem ::= nm eidlist_opt wqas LP select RP */
+   -1,  /* (309) wqlist ::= wqitem */
+   -3,  /* (310) wqlist ::= wqlist COMMA wqitem */
+   -3,  /* (311) windowdefn_list ::= windowdefn_list COMMA windowdefn */
+   -5,  /* (312) windowdefn ::= nm AS LP window RP */
+   -5,  /* (313) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+   -6,  /* (314) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+   -4,  /* (315) window ::= ORDER BY sortlist frame_opt */
+   -5,  /* (316) window ::= nm ORDER BY sortlist frame_opt */
    -2,  /* (317) window ::= nm frame_opt */
     0,  /* (318) frame_opt ::= */
    -3,  /* (319) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
@@ -171257,6 +173852,8 @@ static const signed char yyRuleInfoNRhs[] = {
    -4,  /* (400) anylist ::= anylist LP anylist RP */
    -2,  /* (401) anylist ::= anylist ANY */
     0,  /* (402) with ::= */
+   -1,  /* (403) windowdefn_list ::= windowdefn */
+   -1,  /* (404) window ::= frame_opt */
 };
 
 static void yy_accept(yyParser*);  /* Forward Declaration */
@@ -171299,10 +173896,10 @@ static YYACTIONTYPE yy_reduce(
 /********** Begin reduce actions **********************************************/
         YYMINORTYPE yylhsminor;
       case 0: /* explain ::= EXPLAIN */
-{ pParse->explain = 1; }
+{ if( pParse->pReprepare==0 ) pParse->explain = 1; }
         break;
       case 1: /* explain ::= EXPLAIN QUERY PLAN */
-{ pParse->explain = 2; }
+{ if( pParse->pReprepare==0 ) pParse->explain = 2; }
         break;
       case 2: /* cmdx ::= cmd */
 { sqlite3FinishCoding(pParse); }
@@ -171353,7 +173950,7 @@ static YYACTIONTYPE yy_reduce(
       case 72: /* defer_subclause_opt ::= */ yytestcase(yyruleno==72);
       case 81: /* ifexists ::= */ yytestcase(yyruleno==81);
       case 98: /* distinct ::= */ yytestcase(yyruleno==98);
-      case 242: /* collate ::= */ yytestcase(yyruleno==242);
+      case 244: /* collate ::= */ yytestcase(yyruleno==244);
 {yymsp[1].minor.yy394 = 0;}
         break;
       case 16: /* ifnotexists ::= IF NOT EXISTS */
@@ -171537,9 +174134,9 @@ static YYACTIONTYPE yy_reduce(
         break;
       case 63: /* init_deferred_pred_opt ::= INITIALLY DEFERRED */
       case 80: /* ifexists ::= IF EXISTS */ yytestcase(yyruleno==80);
-      case 215: /* between_op ::= NOT BETWEEN */ yytestcase(yyruleno==215);
-      case 218: /* in_op ::= NOT IN */ yytestcase(yyruleno==218);
-      case 243: /* collate ::= COLLATE ID|STRING */ yytestcase(yyruleno==243);
+      case 217: /* between_op ::= NOT BETWEEN */ yytestcase(yyruleno==217);
+      case 220: /* in_op ::= NOT IN */ yytestcase(yyruleno==220);
+      case 245: /* collate ::= COLLATE ID|STRING */ yytestcase(yyruleno==245);
 {yymsp[-1].minor.yy394 = 1;}
         break;
       case 64: /* init_deferred_pred_opt ::= INITIALLY IMMEDIATE */
@@ -171612,7 +174209,6 @@ static YYACTIONTYPE yy_reduce(
   if( p ){
     parserDoubleLinkSelect(pParse, p);
   }
-  yymsp[0].minor.yy47 = p; /*A-overwrites-X*/
 }
         break;
       case 88: /* selectnowith ::= selectnowith multiselect_op oneselect */
@@ -171689,9 +174285,9 @@ static YYACTIONTYPE yy_reduce(
       case 99: /* sclp ::= */
       case 132: /* orderby_opt ::= */ yytestcase(yyruleno==132);
       case 142: /* groupby_opt ::= */ yytestcase(yyruleno==142);
-      case 230: /* exprlist ::= */ yytestcase(yyruleno==230);
-      case 233: /* paren_exprlist ::= */ yytestcase(yyruleno==233);
-      case 238: /* eidlist_opt ::= */ yytestcase(yyruleno==238);
+      case 232: /* exprlist ::= */ yytestcase(yyruleno==232);
+      case 235: /* paren_exprlist ::= */ yytestcase(yyruleno==235);
+      case 240: /* eidlist_opt ::= */ yytestcase(yyruleno==240);
 {yymsp[1].minor.yy322 = 0;}
         break;
       case 100: /* selcollist ::= sclp scanpt expr scanpt as */
@@ -171704,21 +174300,24 @@ static YYACTIONTYPE yy_reduce(
       case 101: /* selcollist ::= sclp scanpt STAR */
 {
   Expr *p = sqlite3Expr(pParse->db, TK_ASTERISK, 0);
+  sqlite3ExprSetErrorOffset(p, (int)(yymsp[0].minor.yy0.z - pParse->zTail));
   yymsp[-2].minor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-2].minor.yy322, p);
 }
         break;
       case 102: /* selcollist ::= sclp scanpt nm DOT STAR */
 {
-  Expr *pRight = sqlite3PExpr(pParse, TK_ASTERISK, 0, 0);
-  Expr *pLeft = tokenExpr(pParse, TK_ID, yymsp[-2].minor.yy0);
-  Expr *pDot = sqlite3PExpr(pParse, TK_DOT, pLeft, pRight);
+  Expr *pRight, *pLeft, *pDot;
+  pRight = sqlite3PExpr(pParse, TK_ASTERISK, 0, 0);
+  sqlite3ExprSetErrorOffset(pRight, (int)(yymsp[0].minor.yy0.z - pParse->zTail));
+  pLeft = tokenExpr(pParse, TK_ID, yymsp[-2].minor.yy0);
+  pDot = sqlite3PExpr(pParse, TK_DOT, pLeft, pRight);
   yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, pDot);
 }
         break;
       case 103: /* as ::= AS nm */
       case 115: /* dbnm ::= DOT nm */ yytestcase(yyruleno==115);
-      case 254: /* plus_num ::= PLUS INTEGER|FLOAT */ yytestcase(yyruleno==254);
-      case 255: /* minus_num ::= MINUS INTEGER|FLOAT */ yytestcase(yyruleno==255);
+      case 256: /* plus_num ::= PLUS INTEGER|FLOAT */ yytestcase(yyruleno==256);
+      case 257: /* minus_num ::= MINUS INTEGER|FLOAT */ yytestcase(yyruleno==257);
 {yymsp[-1].minor.yy0 = yymsp[0].minor.yy0;}
         break;
       case 105: /* from ::= */
@@ -171890,16 +174489,16 @@ static YYACTIONTYPE yy_reduce(
       case 146: /* limit_opt ::= */ yytestcase(yyruleno==146);
       case 151: /* where_opt ::= */ yytestcase(yyruleno==151);
       case 153: /* where_opt_ret ::= */ yytestcase(yyruleno==153);
-      case 228: /* case_else ::= */ yytestcase(yyruleno==228);
-      case 229: /* case_operand ::= */ yytestcase(yyruleno==229);
-      case 248: /* vinto ::= */ yytestcase(yyruleno==248);
+      case 230: /* case_else ::= */ yytestcase(yyruleno==230);
+      case 231: /* case_operand ::= */ yytestcase(yyruleno==231);
+      case 250: /* vinto ::= */ yytestcase(yyruleno==250);
 {yymsp[1].minor.yy528 = 0;}
         break;
       case 145: /* having_opt ::= HAVING expr */
       case 152: /* where_opt ::= WHERE expr */ yytestcase(yyruleno==152);
       case 154: /* where_opt_ret ::= WHERE expr */ yytestcase(yyruleno==154);
-      case 227: /* case_else ::= ELSE expr */ yytestcase(yyruleno==227);
-      case 247: /* vinto ::= INTO expr */ yytestcase(yyruleno==247);
+      case 229: /* case_else ::= ELSE expr */ yytestcase(yyruleno==229);
+      case 249: /* vinto ::= INTO expr */ yytestcase(yyruleno==249);
 {yymsp[-1].minor.yy528 = yymsp[0].minor.yy528;}
         break;
       case 147: /* limit_opt ::= LIMIT expr */
@@ -172085,33 +174684,48 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-4].minor.yy528 = yylhsminor.yy528;
         break;
-      case 188: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+      case 188: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
+{
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-4].minor.yy322, &yymsp[-7].minor.yy0, yymsp[-5].minor.yy394);
+  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy528, yymsp[-1].minor.yy322);
+}
+  yymsp[-7].minor.yy528 = yylhsminor.yy528;
+        break;
+      case 189: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
 {
   yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[-3].minor.yy0, 0);
 }
   yymsp[-3].minor.yy528 = yylhsminor.yy528;
         break;
-      case 189: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+      case 190: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
 {
   yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-2].minor.yy322, &yymsp[-5].minor.yy0, yymsp[-3].minor.yy394);
   sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
 }
   yymsp[-5].minor.yy528 = yylhsminor.yy528;
         break;
-      case 190: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+      case 191: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
+{
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-5].minor.yy322, &yymsp[-8].minor.yy0, yymsp[-6].minor.yy394);
+  sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
+  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy528, yymsp[-2].minor.yy322);
+}
+  yymsp[-8].minor.yy528 = yylhsminor.yy528;
+        break;
+      case 192: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
 {
   yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[-4].minor.yy0, 0);
   sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
 }
   yymsp[-4].minor.yy528 = yylhsminor.yy528;
         break;
-      case 191: /* term ::= CTIME_KW */
+      case 193: /* term ::= CTIME_KW */
 {
   yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[0].minor.yy0, 0);
 }
   yymsp[0].minor.yy528 = yylhsminor.yy528;
         break;
-      case 192: /* expr ::= LP nexprlist COMMA expr RP */
+      case 194: /* expr ::= LP nexprlist COMMA expr RP */
 {
   ExprList *pList = sqlite3ExprListAppend(pParse, yymsp[-3].minor.yy322, yymsp[-1].minor.yy528);
   yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_VECTOR, 0, 0);
@@ -172125,22 +174739,22 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 193: /* expr ::= expr AND expr */
+      case 195: /* expr ::= expr AND expr */
 {yymsp[-2].minor.yy528=sqlite3ExprAnd(pParse,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
         break;
-      case 194: /* expr ::= expr OR expr */
-      case 195: /* expr ::= expr LT|GT|GE|LE expr */ yytestcase(yyruleno==195);
-      case 196: /* expr ::= expr EQ|NE expr */ yytestcase(yyruleno==196);
-      case 197: /* expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */ yytestcase(yyruleno==197);
-      case 198: /* expr ::= expr PLUS|MINUS expr */ yytestcase(yyruleno==198);
-      case 199: /* expr ::= expr STAR|SLASH|REM expr */ yytestcase(yyruleno==199);
-      case 200: /* expr ::= expr CONCAT expr */ yytestcase(yyruleno==200);
+      case 196: /* expr ::= expr OR expr */
+      case 197: /* expr ::= expr LT|GT|GE|LE expr */ yytestcase(yyruleno==197);
+      case 198: /* expr ::= expr EQ|NE expr */ yytestcase(yyruleno==198);
+      case 199: /* expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */ yytestcase(yyruleno==199);
+      case 200: /* expr ::= expr PLUS|MINUS expr */ yytestcase(yyruleno==200);
+      case 201: /* expr ::= expr STAR|SLASH|REM expr */ yytestcase(yyruleno==201);
+      case 202: /* expr ::= expr CONCAT expr */ yytestcase(yyruleno==202);
 {yymsp[-2].minor.yy528=sqlite3PExpr(pParse,yymsp[-1].major,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
         break;
-      case 201: /* likeop ::= NOT LIKE_KW|MATCH */
+      case 203: /* likeop ::= NOT LIKE_KW|MATCH */
 {yymsp[-1].minor.yy0=yymsp[0].minor.yy0; yymsp[-1].minor.yy0.n|=0x80000000; /*yymsp[-1].minor.yy0-overwrite-yymsp[0].minor.yy0*/}
         break;
-      case 202: /* expr ::= expr likeop expr */
+      case 204: /* expr ::= expr likeop expr */
 {
   ExprList *pList;
   int bNot = yymsp[-1].minor.yy0.n & 0x80000000;
@@ -172152,7 +174766,7 @@ static YYACTIONTYPE yy_reduce(
   if( yymsp[-2].minor.yy528 ) yymsp[-2].minor.yy528->flags |= EP_InfixFunc;
 }
         break;
-      case 203: /* expr ::= expr likeop expr ESCAPE expr */
+      case 205: /* expr ::= expr likeop expr ESCAPE expr */
 {
   ExprList *pList;
   int bNot = yymsp[-3].minor.yy0.n & 0x80000000;
@@ -172165,47 +174779,47 @@ static YYACTIONTYPE yy_reduce(
   if( yymsp[-4].minor.yy528 ) yymsp[-4].minor.yy528->flags |= EP_InfixFunc;
 }
         break;
-      case 204: /* expr ::= expr ISNULL|NOTNULL */
+      case 206: /* expr ::= expr ISNULL|NOTNULL */
 {yymsp[-1].minor.yy528 = sqlite3PExpr(pParse,yymsp[0].major,yymsp[-1].minor.yy528,0);}
         break;
-      case 205: /* expr ::= expr NOT NULL */
+      case 207: /* expr ::= expr NOT NULL */
 {yymsp[-2].minor.yy528 = sqlite3PExpr(pParse,TK_NOTNULL,yymsp[-2].minor.yy528,0);}
         break;
-      case 206: /* expr ::= expr IS expr */
+      case 208: /* expr ::= expr IS expr */
 {
   yymsp[-2].minor.yy528 = sqlite3PExpr(pParse,TK_IS,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);
   binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-2].minor.yy528, TK_ISNULL);
 }
         break;
-      case 207: /* expr ::= expr IS NOT expr */
+      case 209: /* expr ::= expr IS NOT expr */
 {
   yymsp[-3].minor.yy528 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-3].minor.yy528,yymsp[0].minor.yy528);
   binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-3].minor.yy528, TK_NOTNULL);
 }
         break;
-      case 208: /* expr ::= expr IS NOT DISTINCT FROM expr */
+      case 210: /* expr ::= expr IS NOT DISTINCT FROM expr */
 {
   yymsp[-5].minor.yy528 = sqlite3PExpr(pParse,TK_IS,yymsp[-5].minor.yy528,yymsp[0].minor.yy528);
   binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-5].minor.yy528, TK_ISNULL);
 }
         break;
-      case 209: /* expr ::= expr IS DISTINCT FROM expr */
+      case 211: /* expr ::= expr IS DISTINCT FROM expr */
 {
   yymsp[-4].minor.yy528 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-4].minor.yy528,yymsp[0].minor.yy528);
   binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-4].minor.yy528, TK_NOTNULL);
 }
         break;
-      case 210: /* expr ::= NOT expr */
-      case 211: /* expr ::= BITNOT expr */ yytestcase(yyruleno==211);
+      case 212: /* expr ::= NOT expr */
+      case 213: /* expr ::= BITNOT expr */ yytestcase(yyruleno==213);
 {yymsp[-1].minor.yy528 = sqlite3PExpr(pParse, yymsp[-1].major, yymsp[0].minor.yy528, 0);/*A-overwrites-B*/}
         break;
-      case 212: /* expr ::= PLUS|MINUS expr */
+      case 214: /* expr ::= PLUS|MINUS expr */
 {
   yymsp[-1].minor.yy528 = sqlite3PExpr(pParse, yymsp[-1].major==TK_PLUS ? TK_UPLUS : TK_UMINUS, yymsp[0].minor.yy528, 0);
   /*A-overwrites-B*/
 }
         break;
-      case 213: /* expr ::= expr PTR expr */
+      case 215: /* expr ::= expr PTR expr */
 {
   ExprList *pList = sqlite3ExprListAppend(pParse, 0, yymsp[-2].minor.yy528);
   pList = sqlite3ExprListAppend(pParse, pList, yymsp[0].minor.yy528);
@@ -172213,11 +174827,11 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-2].minor.yy528 = yylhsminor.yy528;
         break;
-      case 214: /* between_op ::= BETWEEN */
-      case 217: /* in_op ::= IN */ yytestcase(yyruleno==217);
+      case 216: /* between_op ::= BETWEEN */
+      case 219: /* in_op ::= IN */ yytestcase(yyruleno==219);
 {yymsp[0].minor.yy394 = 0;}
         break;
-      case 216: /* expr ::= expr between_op expr AND expr */
+      case 218: /* expr ::= expr between_op expr AND expr */
 {
   ExprList *pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
   pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy528);
@@ -172230,7 +174844,7 @@ static YYACTIONTYPE yy_reduce(
   if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
 }
         break;
-      case 219: /* expr ::= expr in_op LP exprlist RP */
+      case 221: /* expr ::= expr in_op LP exprlist RP */
 {
     if( yymsp[-1].minor.yy322==0 ){
       /* Expressions of the form
@@ -172276,20 +174890,20 @@ static YYACTIONTYPE yy_reduce(
     }
   }
         break;
-      case 220: /* expr ::= LP select RP */
+      case 222: /* expr ::= LP select RP */
 {
     yymsp[-2].minor.yy528 = sqlite3PExpr(pParse, TK_SELECT, 0, 0);
     sqlite3PExprAddSelect(pParse, yymsp[-2].minor.yy528, yymsp[-1].minor.yy47);
   }
         break;
-      case 221: /* expr ::= expr in_op LP select RP */
+      case 223: /* expr ::= expr in_op LP select RP */
 {
     yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
     sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, yymsp[-1].minor.yy47);
     if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
   }
         break;
-      case 222: /* expr ::= expr in_op nm dbnm paren_exprlist */
+      case 224: /* expr ::= expr in_op nm dbnm paren_exprlist */
 {
     SrcList *pSrc = sqlite3SrcListAppend(pParse, 0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0);
     Select *pSelect = sqlite3SelectNew(pParse, 0,pSrc,0,0,0,0,0,0);
@@ -172299,14 +174913,14 @@ static YYACTIONTYPE yy_reduce(
     if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
   }
         break;
-      case 223: /* expr ::= EXISTS LP select RP */
+      case 225: /* expr ::= EXISTS LP select RP */
 {
     Expr *p;
     p = yymsp[-3].minor.yy528 = sqlite3PExpr(pParse, TK_EXISTS, 0, 0);
     sqlite3PExprAddSelect(pParse, p, yymsp[-1].minor.yy47);
   }
         break;
-      case 224: /* expr ::= CASE case_operand case_exprlist case_else END */
+      case 226: /* expr ::= CASE case_operand case_exprlist case_else END */
 {
   yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_CASE, yymsp[-3].minor.yy528, 0);
   if( yymsp[-4].minor.yy528 ){
@@ -172318,29 +174932,29 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 225: /* case_exprlist ::= case_exprlist WHEN expr THEN expr */
+      case 227: /* case_exprlist ::= case_exprlist WHEN expr THEN expr */
 {
   yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, yymsp[-2].minor.yy528);
   yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, yymsp[0].minor.yy528);
 }
         break;
-      case 226: /* case_exprlist ::= WHEN expr THEN expr */
+      case 228: /* case_exprlist ::= WHEN expr THEN expr */
 {
   yymsp[-3].minor.yy322 = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
   yymsp[-3].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-3].minor.yy322, yymsp[0].minor.yy528);
 }
         break;
-      case 231: /* nexprlist ::= nexprlist COMMA expr */
+      case 233: /* nexprlist ::= nexprlist COMMA expr */
 {yymsp[-2].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy322,yymsp[0].minor.yy528);}
         break;
-      case 232: /* nexprlist ::= expr */
+      case 234: /* nexprlist ::= expr */
 {yymsp[0].minor.yy322 = sqlite3ExprListAppend(pParse,0,yymsp[0].minor.yy528); /*A-overwrites-Y*/}
         break;
-      case 234: /* paren_exprlist ::= LP exprlist RP */
-      case 239: /* eidlist_opt ::= LP eidlist RP */ yytestcase(yyruleno==239);
+      case 236: /* paren_exprlist ::= LP exprlist RP */
+      case 241: /* eidlist_opt ::= LP eidlist RP */ yytestcase(yyruleno==241);
 {yymsp[-2].minor.yy322 = yymsp[-1].minor.yy322;}
         break;
-      case 235: /* cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+      case 237: /* cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
 {
   sqlite3CreateIndex(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0,
                      sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,0), yymsp[-2].minor.yy322, yymsp[-10].minor.yy394,
@@ -172350,48 +174964,48 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 236: /* uniqueflag ::= UNIQUE */
-      case 278: /* raisetype ::= ABORT */ yytestcase(yyruleno==278);
+      case 238: /* uniqueflag ::= UNIQUE */
+      case 280: /* raisetype ::= ABORT */ yytestcase(yyruleno==280);
 {yymsp[0].minor.yy394 = OE_Abort;}
         break;
-      case 237: /* uniqueflag ::= */
+      case 239: /* uniqueflag ::= */
 {yymsp[1].minor.yy394 = OE_None;}
         break;
-      case 240: /* eidlist ::= eidlist COMMA nm collate sortorder */
+      case 242: /* eidlist ::= eidlist COMMA nm collate sortorder */
 {
   yymsp[-4].minor.yy322 = parserAddExprIdListTerm(pParse, yymsp[-4].minor.yy322, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy394, yymsp[0].minor.yy394);
 }
         break;
-      case 241: /* eidlist ::= nm collate sortorder */
+      case 243: /* eidlist ::= nm collate sortorder */
 {
   yymsp[-2].minor.yy322 = parserAddExprIdListTerm(pParse, 0, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy394, yymsp[0].minor.yy394); /*A-overwrites-Y*/
 }
         break;
-      case 244: /* cmd ::= DROP INDEX ifexists fullname */
+      case 246: /* cmd ::= DROP INDEX ifexists fullname */
 {sqlite3DropIndex(pParse, yymsp[0].minor.yy131, yymsp[-1].minor.yy394);}
         break;
-      case 245: /* cmd ::= VACUUM vinto */
+      case 247: /* cmd ::= VACUUM vinto */
 {sqlite3Vacuum(pParse,0,yymsp[0].minor.yy528);}
         break;
-      case 246: /* cmd ::= VACUUM nm vinto */
+      case 248: /* cmd ::= VACUUM nm vinto */
 {sqlite3Vacuum(pParse,&yymsp[-1].minor.yy0,yymsp[0].minor.yy528);}
         break;
-      case 249: /* cmd ::= PRAGMA nm dbnm */
+      case 251: /* cmd ::= PRAGMA nm dbnm */
 {sqlite3Pragma(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,0,0);}
         break;
-      case 250: /* cmd ::= PRAGMA nm dbnm EQ nmnum */
+      case 252: /* cmd ::= PRAGMA nm dbnm EQ nmnum */
 {sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,0);}
         break;
-      case 251: /* cmd ::= PRAGMA nm dbnm LP nmnum RP */
+      case 253: /* cmd ::= PRAGMA nm dbnm LP nmnum RP */
 {sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,0);}
         break;
-      case 252: /* cmd ::= PRAGMA nm dbnm EQ minus_num */
+      case 254: /* cmd ::= PRAGMA nm dbnm EQ minus_num */
 {sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,1);}
         break;
-      case 253: /* cmd ::= PRAGMA nm dbnm LP minus_num RP */
+      case 255: /* cmd ::= PRAGMA nm dbnm LP minus_num RP */
 {sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,1);}
         break;
-      case 256: /* cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+      case 258: /* cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
 {
   Token all;
   all.z = yymsp[-3].minor.yy0.z;
@@ -172399,50 +175013,50 @@ static YYACTIONTYPE yy_reduce(
   sqlite3FinishTrigger(pParse, yymsp[-1].minor.yy33, &all);
 }
         break;
-      case 257: /* trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+      case 259: /* trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
 {
   sqlite3BeginTrigger(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0, yymsp[-5].minor.yy394, yymsp[-4].minor.yy180.a, yymsp[-4].minor.yy180.b, yymsp[-2].minor.yy131, yymsp[0].minor.yy528, yymsp[-10].minor.yy394, yymsp[-8].minor.yy394);
   yymsp[-10].minor.yy0 = (yymsp[-6].minor.yy0.n==0?yymsp[-7].minor.yy0:yymsp[-6].minor.yy0); /*A-overwrites-T*/
 }
         break;
-      case 258: /* trigger_time ::= BEFORE|AFTER */
+      case 260: /* trigger_time ::= BEFORE|AFTER */
 { yymsp[0].minor.yy394 = yymsp[0].major; /*A-overwrites-X*/ }
         break;
-      case 259: /* trigger_time ::= INSTEAD OF */
+      case 261: /* trigger_time ::= INSTEAD OF */
 { yymsp[-1].minor.yy394 = TK_INSTEAD;}
         break;
-      case 260: /* trigger_time ::= */
+      case 262: /* trigger_time ::= */
 { yymsp[1].minor.yy394 = TK_BEFORE; }
         break;
-      case 261: /* trigger_event ::= DELETE|INSERT */
-      case 262: /* trigger_event ::= UPDATE */ yytestcase(yyruleno==262);
+      case 263: /* trigger_event ::= DELETE|INSERT */
+      case 264: /* trigger_event ::= UPDATE */ yytestcase(yyruleno==264);
 {yymsp[0].minor.yy180.a = yymsp[0].major; /*A-overwrites-X*/ yymsp[0].minor.yy180.b = 0;}
         break;
-      case 263: /* trigger_event ::= UPDATE OF idlist */
+      case 265: /* trigger_event ::= UPDATE OF idlist */
 {yymsp[-2].minor.yy180.a = TK_UPDATE; yymsp[-2].minor.yy180.b = yymsp[0].minor.yy254;}
         break;
-      case 264: /* when_clause ::= */
-      case 283: /* key_opt ::= */ yytestcase(yyruleno==283);
+      case 266: /* when_clause ::= */
+      case 285: /* key_opt ::= */ yytestcase(yyruleno==285);
 { yymsp[1].minor.yy528 = 0; }
         break;
-      case 265: /* when_clause ::= WHEN expr */
-      case 284: /* key_opt ::= KEY expr */ yytestcase(yyruleno==284);
+      case 267: /* when_clause ::= WHEN expr */
+      case 286: /* key_opt ::= KEY expr */ yytestcase(yyruleno==286);
 { yymsp[-1].minor.yy528 = yymsp[0].minor.yy528; }
         break;
-      case 266: /* trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+      case 268: /* trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
 {
   assert( yymsp[-2].minor.yy33!=0 );
   yymsp[-2].minor.yy33->pLast->pNext = yymsp[-1].minor.yy33;
   yymsp[-2].minor.yy33->pLast = yymsp[-1].minor.yy33;
 }
         break;
-      case 267: /* trigger_cmd_list ::= trigger_cmd SEMI */
+      case 269: /* trigger_cmd_list ::= trigger_cmd SEMI */
 {
   assert( yymsp[-1].minor.yy33!=0 );
   yymsp[-1].minor.yy33->pLast = yymsp[-1].minor.yy33;
 }
         break;
-      case 268: /* trnm ::= nm DOT nm */
+      case 270: /* trnm ::= nm DOT nm */
 {
   yymsp[-2].minor.yy0 = yymsp[0].minor.yy0;
   sqlite3ErrorMsg(pParse,
@@ -172450,39 +175064,39 @@ static YYACTIONTYPE yy_reduce(
         "statements within triggers");
 }
         break;
-      case 269: /* tridxby ::= INDEXED BY nm */
+      case 271: /* tridxby ::= INDEXED BY nm */
 {
   sqlite3ErrorMsg(pParse,
         "the INDEXED BY clause is not allowed on UPDATE or DELETE statements "
         "within triggers");
 }
         break;
-      case 270: /* tridxby ::= NOT INDEXED */
+      case 272: /* tridxby ::= NOT INDEXED */
 {
   sqlite3ErrorMsg(pParse,
         "the NOT INDEXED clause is not allowed on UPDATE or DELETE statements "
         "within triggers");
 }
         break;
-      case 271: /* trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+      case 273: /* trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
 {yylhsminor.yy33 = sqlite3TriggerUpdateStep(pParse, &yymsp[-6].minor.yy0, yymsp[-2].minor.yy131, yymsp[-3].minor.yy322, yymsp[-1].minor.yy528, yymsp[-7].minor.yy394, yymsp[-8].minor.yy0.z, yymsp[0].minor.yy522);}
   yymsp[-8].minor.yy33 = yylhsminor.yy33;
         break;
-      case 272: /* trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+      case 274: /* trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
 {
    yylhsminor.yy33 = sqlite3TriggerInsertStep(pParse,&yymsp[-4].minor.yy0,yymsp[-3].minor.yy254,yymsp[-2].minor.yy47,yymsp[-6].minor.yy394,yymsp[-1].minor.yy444,yymsp[-7].minor.yy522,yymsp[0].minor.yy522);/*yylhsminor.yy33-overwrites-yymsp[-6].minor.yy394*/
 }
   yymsp[-7].minor.yy33 = yylhsminor.yy33;
         break;
-      case 273: /* trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+      case 275: /* trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
 {yylhsminor.yy33 = sqlite3TriggerDeleteStep(pParse, &yymsp[-3].minor.yy0, yymsp[-1].minor.yy528, yymsp[-5].minor.yy0.z, yymsp[0].minor.yy522);}
   yymsp[-5].minor.yy33 = yylhsminor.yy33;
         break;
-      case 274: /* trigger_cmd ::= scanpt select scanpt */
+      case 276: /* trigger_cmd ::= scanpt select scanpt */
 {yylhsminor.yy33 = sqlite3TriggerSelectStep(pParse->db, yymsp[-1].minor.yy47, yymsp[-2].minor.yy522, yymsp[0].minor.yy522); /*yylhsminor.yy33-overwrites-yymsp[-1].minor.yy47*/}
   yymsp[-2].minor.yy33 = yylhsminor.yy33;
         break;
-      case 275: /* expr ::= RAISE LP IGNORE RP */
+      case 277: /* expr ::= RAISE LP IGNORE RP */
 {
   yymsp[-3].minor.yy528 = sqlite3PExpr(pParse, TK_RAISE, 0, 0);
   if( yymsp[-3].minor.yy528 ){
@@ -172490,7 +175104,7 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 276: /* expr ::= RAISE LP raisetype COMMA nm RP */
+      case 278: /* expr ::= RAISE LP raisetype COMMA nm RP */
 {
   yymsp[-5].minor.yy528 = sqlite3ExprAlloc(pParse->db, TK_RAISE, &yymsp[-1].minor.yy0, 1);
   if( yymsp[-5].minor.yy528 ) {
@@ -172498,118 +175112,114 @@ static YYACTIONTYPE yy_reduce(
   }
 }
         break;
-      case 277: /* raisetype ::= ROLLBACK */
+      case 279: /* raisetype ::= ROLLBACK */
 {yymsp[0].minor.yy394 = OE_Rollback;}
         break;
-      case 279: /* raisetype ::= FAIL */
+      case 281: /* raisetype ::= FAIL */
 {yymsp[0].minor.yy394 = OE_Fail;}
         break;
-      case 280: /* cmd ::= DROP TRIGGER ifexists fullname */
+      case 282: /* cmd ::= DROP TRIGGER ifexists fullname */
 {
   sqlite3DropTrigger(pParse,yymsp[0].minor.yy131,yymsp[-1].minor.yy394);
 }
         break;
-      case 281: /* cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+      case 283: /* cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
 {
   sqlite3Attach(pParse, yymsp[-3].minor.yy528, yymsp[-1].minor.yy528, yymsp[0].minor.yy528);
 }
         break;
-      case 282: /* cmd ::= DETACH database_kw_opt expr */
+      case 284: /* cmd ::= DETACH database_kw_opt expr */
 {
   sqlite3Detach(pParse, yymsp[0].minor.yy528);
 }
         break;
-      case 285: /* cmd ::= REINDEX */
+      case 287: /* cmd ::= REINDEX */
 {sqlite3Reindex(pParse, 0, 0);}
         break;
-      case 286: /* cmd ::= REINDEX nm dbnm */
+      case 288: /* cmd ::= REINDEX nm dbnm */
 {sqlite3Reindex(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
         break;
-      case 287: /* cmd ::= ANALYZE */
+      case 289: /* cmd ::= ANALYZE */
 {sqlite3Analyze(pParse, 0, 0);}
         break;
-      case 288: /* cmd ::= ANALYZE nm dbnm */
+      case 290: /* cmd ::= ANALYZE nm dbnm */
 {sqlite3Analyze(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
         break;
-      case 289: /* cmd ::= ALTER TABLE fullname RENAME TO nm */
+      case 291: /* cmd ::= ALTER TABLE fullname RENAME TO nm */
 {
   sqlite3AlterRenameTable(pParse,yymsp[-3].minor.yy131,&yymsp[0].minor.yy0);
 }
         break;
-      case 290: /* cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+      case 292: /* cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
 {
   yymsp[-1].minor.yy0.n = (int)(pParse->sLastToken.z-yymsp[-1].minor.yy0.z) + pParse->sLastToken.n;
   sqlite3AlterFinishAddColumn(pParse, &yymsp[-1].minor.yy0);
 }
         break;
-      case 291: /* cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+      case 293: /* cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
 {
   sqlite3AlterDropColumn(pParse, yymsp[-3].minor.yy131, &yymsp[0].minor.yy0);
 }
         break;
-      case 292: /* add_column_fullname ::= fullname */
+      case 294: /* add_column_fullname ::= fullname */
 {
   disableLookaside(pParse);
   sqlite3AlterBeginAddColumn(pParse, yymsp[0].minor.yy131);
 }
         break;
-      case 293: /* cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+      case 295: /* cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
 {
   sqlite3AlterRenameColumn(pParse, yymsp[-5].minor.yy131, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0);
 }
         break;
-      case 294: /* cmd ::= create_vtab */
+      case 296: /* cmd ::= create_vtab */
 {sqlite3VtabFinishParse(pParse,0);}
         break;
-      case 295: /* cmd ::= create_vtab LP vtabarglist RP */
+      case 297: /* cmd ::= create_vtab LP vtabarglist RP */
 {sqlite3VtabFinishParse(pParse,&yymsp[0].minor.yy0);}
         break;
-      case 296: /* create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+      case 298: /* create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
 {
     sqlite3VtabBeginParse(pParse, &yymsp[-3].minor.yy0, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0, yymsp[-4].minor.yy394);
 }
         break;
-      case 297: /* vtabarg ::= */
+      case 299: /* vtabarg ::= */
 {sqlite3VtabArgInit(pParse);}
         break;
-      case 298: /* vtabargtoken ::= ANY */
-      case 299: /* vtabargtoken ::= lp anylist RP */ yytestcase(yyruleno==299);
-      case 300: /* lp ::= LP */ yytestcase(yyruleno==300);
+      case 300: /* vtabargtoken ::= ANY */
+      case 301: /* vtabargtoken ::= lp anylist RP */ yytestcase(yyruleno==301);
+      case 302: /* lp ::= LP */ yytestcase(yyruleno==302);
 {sqlite3VtabArgExtend(pParse,&yymsp[0].minor.yy0);}
         break;
-      case 301: /* with ::= WITH wqlist */
-      case 302: /* with ::= WITH RECURSIVE wqlist */ yytestcase(yyruleno==302);
+      case 303: /* with ::= WITH wqlist */
+      case 304: /* with ::= WITH RECURSIVE wqlist */ yytestcase(yyruleno==304);
 { sqlite3WithPush(pParse, yymsp[0].minor.yy521, 1); }
         break;
-      case 303: /* wqas ::= AS */
+      case 305: /* wqas ::= AS */
 {yymsp[0].minor.yy516 = M10d_Any;}
         break;
-      case 304: /* wqas ::= AS MATERIALIZED */
+      case 306: /* wqas ::= AS MATERIALIZED */
 {yymsp[-1].minor.yy516 = M10d_Yes;}
         break;
-      case 305: /* wqas ::= AS NOT MATERIALIZED */
+      case 307: /* wqas ::= AS NOT MATERIALIZED */
 {yymsp[-2].minor.yy516 = M10d_No;}
         break;
-      case 306: /* wqitem ::= nm eidlist_opt wqas LP select RP */
+      case 308: /* wqitem ::= nm eidlist_opt wqas LP select RP */
 {
   yymsp[-5].minor.yy385 = sqlite3CteNew(pParse, &yymsp[-5].minor.yy0, yymsp[-4].minor.yy322, yymsp[-1].minor.yy47, yymsp[-3].minor.yy516); /*A-overwrites-X*/
 }
         break;
-      case 307: /* wqlist ::= wqitem */
+      case 309: /* wqlist ::= wqitem */
 {
   yymsp[0].minor.yy521 = sqlite3WithAdd(pParse, 0, yymsp[0].minor.yy385); /*A-overwrites-X*/
 }
         break;
-      case 308: /* wqlist ::= wqlist COMMA wqitem */
+      case 310: /* wqlist ::= wqlist COMMA wqitem */
 {
   yymsp[-2].minor.yy521 = sqlite3WithAdd(pParse, yymsp[-2].minor.yy521, yymsp[0].minor.yy385);
 }
         break;
-      case 309: /* windowdefn_list ::= windowdefn */
-{ yylhsminor.yy41 = yymsp[0].minor.yy41; }
-  yymsp[0].minor.yy41 = yylhsminor.yy41;
-        break;
-      case 310: /* windowdefn_list ::= windowdefn_list COMMA windowdefn */
+      case 311: /* windowdefn_list ::= windowdefn_list COMMA windowdefn */
 {
   assert( yymsp[0].minor.yy41!=0 );
   sqlite3WindowChain(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy41);
@@ -172618,7 +175228,7 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-2].minor.yy41 = yylhsminor.yy41;
         break;
-      case 311: /* windowdefn ::= nm AS LP window RP */
+      case 312: /* windowdefn ::= nm AS LP window RP */
 {
   if( ALWAYS(yymsp[-1].minor.yy41) ){
     yymsp[-1].minor.yy41->zName = sqlite3DbStrNDup(pParse->db, yymsp[-4].minor.yy0.z, yymsp[-4].minor.yy0.n);
@@ -172627,35 +175237,28 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-4].minor.yy41 = yylhsminor.yy41;
         break;
-      case 312: /* window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+      case 313: /* window ::= PARTITION BY nexprlist orderby_opt frame_opt */
 {
   yymsp[-4].minor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy322, yymsp[-1].minor.yy322, 0);
 }
         break;
-      case 313: /* window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+      case 314: /* window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
 {
   yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy322, yymsp[-1].minor.yy322, &yymsp[-5].minor.yy0);
 }
   yymsp[-5].minor.yy41 = yylhsminor.yy41;
         break;
-      case 314: /* window ::= ORDER BY sortlist frame_opt */
+      case 315: /* window ::= ORDER BY sortlist frame_opt */
 {
   yymsp[-3].minor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, yymsp[-1].minor.yy322, 0);
 }
         break;
-      case 315: /* window ::= nm ORDER BY sortlist frame_opt */
+      case 316: /* window ::= nm ORDER BY sortlist frame_opt */
 {
   yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, yymsp[-1].minor.yy322, &yymsp[-4].minor.yy0);
 }
   yymsp[-4].minor.yy41 = yylhsminor.yy41;
         break;
-      case 316: /* window ::= frame_opt */
-      case 335: /* filter_over ::= over_clause */ yytestcase(yyruleno==335);
-{
-  yylhsminor.yy41 = yymsp[0].minor.yy41;
-}
-  yymsp[0].minor.yy41 = yylhsminor.yy41;
-        break;
       case 317: /* window ::= nm frame_opt */
 {
   yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, 0, &yymsp[-1].minor.yy0);
@@ -172721,6 +175324,12 @@ static YYACTIONTYPE yy_reduce(
 }
   yymsp[-1].minor.yy41 = yylhsminor.yy41;
         break;
+      case 335: /* filter_over ::= over_clause */
+{
+  yylhsminor.yy41 = yymsp[0].minor.yy41;
+}
+  yymsp[0].minor.yy41 = yylhsminor.yy41;
+        break;
       case 336: /* filter_over ::= filter_clause */
 {
   yylhsminor.yy41 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
@@ -172814,6 +175423,8 @@ static YYACTIONTYPE yy_reduce(
       /* (400) anylist ::= anylist LP anylist RP */ yytestcase(yyruleno==400);
       /* (401) anylist ::= anylist ANY */ yytestcase(yyruleno==401);
       /* (402) with ::= */ yytestcase(yyruleno==402);
+      /* (403) windowdefn_list ::= windowdefn (OPTIMIZED OUT) */ assert(yyruleno!=403);
+      /* (404) window ::= frame_opt (OPTIMIZED OUT) */ assert(yyruleno!=404);
         break;
 /********** End reduce actions ************************************************/
   };
@@ -173602,180 +176213,179 @@ static const unsigned char aKWCode[148] = {0,
 static int keywordCode(const char *z, int n, int *pType){
   int i, j;
   const char *zKW;
-  if( n>=2 ){
-    i = ((charMap(z[0])*4) ^ (charMap(z[n-1])*3) ^ n*1) % 127;
-    for(i=(int)aKWHash[i]; i>0; i=aKWNext[i]){
-      if( aKWLen[i]!=n ) continue;
-      zKW = &zKWText[aKWOffset[i]];
+  assert( n>=2 );
+  i = ((charMap(z[0])*4) ^ (charMap(z[n-1])*3) ^ n*1) % 127;
+  for(i=(int)aKWHash[i]; i>0; i=aKWNext[i]){
+    if( aKWLen[i]!=n ) continue;
+    zKW = &zKWText[aKWOffset[i]];
 #ifdef SQLITE_ASCII
-      if( (z[0]&~0x20)!=zKW[0] ) continue;
-      if( (z[1]&~0x20)!=zKW[1] ) continue;
-      j = 2;
-      while( j=2 ) keywordCode((char*)z, n, &id);
   return id;
 }
 #define SQLITE_N_KEYWORD 147
@@ -174080,7 +176690,7 @@ SQLITE_PRIVATE int sqlite3GetToken(const unsigned char *z, int *tokenType){
       testcase( z[0]=='0' );  testcase( z[0]=='1' );  testcase( z[0]=='2' );
       testcase( z[0]=='3' );  testcase( z[0]=='4' );  testcase( z[0]=='5' );
       testcase( z[0]=='6' );  testcase( z[0]=='7' );  testcase( z[0]=='8' );
-      testcase( z[0]=='9' );
+      testcase( z[0]=='9' );  testcase( z[0]=='.' );
       *tokenType = TK_INTEGER;
 #ifndef SQLITE_OMIT_HEX_INTEGER
       if( z[0]=='0' && (z[1]=='x' || z[1]=='X') && sqlite3Isxdigit(z[2]) ){
@@ -174152,7 +176762,8 @@ SQLITE_PRIVATE int sqlite3GetToken(const unsigned char *z, int *tokenType){
       return i;
     }
     case CC_KYWD0: {
-      for(i=1; aiClass[z[i]]<=CC_KYWD; i++){}
+      if( aiClass[z[1]]>CC_KYWD ){ i = 1;  break; }
+      for(i=2; aiClass[z[i]]<=CC_KYWD; i++){}
       if( IdChar(z[i]) ){
         /* This token started out using characters that can appear in keywords,
         ** but z[i] is a character not allowed within keywords, so this must
@@ -174931,30 +177542,20 @@ static int sqlite3TestExtInit(sqlite3 *db){
 ** Forward declarations of external module initializer functions
 ** for modules that need them.
 */
-#ifdef SQLITE_ENABLE_FTS1
-SQLITE_PRIVATE int sqlite3Fts1Init(sqlite3*);
-#endif
-#ifdef SQLITE_ENABLE_FTS2
-SQLITE_PRIVATE int sqlite3Fts2Init(sqlite3*);
-#endif
 #ifdef SQLITE_ENABLE_FTS5
 SQLITE_PRIVATE int sqlite3Fts5Init(sqlite3*);
 #endif
 #ifdef SQLITE_ENABLE_STMTVTAB
 SQLITE_PRIVATE int sqlite3StmtVtabInit(sqlite3*);
 #endif
-
+#ifdef SQLITE_EXTRA_AUTOEXT
+int SQLITE_EXTRA_AUTOEXT(sqlite3*);
+#endif
 /*
 ** An array of pointers to extension initializer functions for
 ** built-in extensions.
 */
 static int (*const sqlite3BuiltinExtensions[])(sqlite3*) = {
-#ifdef SQLITE_ENABLE_FTS1
-  sqlite3Fts1Init,
-#endif
-#ifdef SQLITE_ENABLE_FTS2
-  sqlite3Fts2Init,
-#endif
 #ifdef SQLITE_ENABLE_FTS3
   sqlite3Fts3Init,
 #endif
@@ -174983,6 +177584,9 @@ static int (*const sqlite3BuiltinExtensions[])(sqlite3*) = {
 #ifdef SQLITE_ENABLE_BYTECODE_VTAB
   sqlite3VdbeBytecodeVtabInit,
 #endif
+#ifdef SQLITE_EXTRA_AUTOEXT
+  SQLITE_EXTRA_AUTOEXT,
+#endif
 };
 
 #ifndef SQLITE_AMALGAMATION
@@ -175056,6 +177660,32 @@ SQLITE_API char *sqlite3_temp_directory = 0;
 */
 SQLITE_API char *sqlite3_data_directory = 0;
 
+/*
+** Determine whether or not high-precision (long double) floating point
+** math works correctly on CPU currently running.
+*/
+static SQLITE_NOINLINE int hasHighPrecisionDouble(int rc){
+  if( sizeof(LONGDOUBLE_TYPE)<=8 ){
+    /* If the size of "long double" is not more than 8, then
+    ** high-precision math is not possible. */
+    return 0;
+  }else{
+    /* Just because sizeof(long double)>8 does not mean that the underlying
+    ** hardware actually supports high-precision floating point.  For example,
+    ** clearing the 0x100 bit in the floating-point control word on Intel
+    ** processors will make long double work like double, even though long
+    ** double takes up more space.  The only way to determine if long double
+    ** actually works is to run an experiment. */
+    LONGDOUBLE_TYPE a, b, c;
+    rc++;
+    a = 1.0+rc*0.1;
+    b = 1.0e+18+rc*25.0;
+    c = a+b;
+    return b!=c;
+  }
+}
+
+
 /*
 ** Initialize SQLite.
 **
@@ -175251,6 +177881,12 @@ SQLITE_API int sqlite3_initialize(void){
   }
 #endif
 
+  /* Experimentally determine if high-precision floating point is
+  ** available. */
+#ifndef SQLITE_OMIT_WSD
+  sqlite3Config.bUseLongDouble = hasHighPrecisionDouble(rc);
+#endif
+
   return rc;
 }
 
@@ -175821,6 +178457,10 @@ SQLITE_API int sqlite3_db_cacheflush(sqlite3 *db){
 SQLITE_API int sqlite3_db_config(sqlite3 *db, int op, ...){
   va_list ap;
   int rc;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
   sqlite3_mutex_enter(db->mutex);
   va_start(ap, op);
   switch( op ){
@@ -176150,6 +178790,14 @@ static int sqlite3Close(sqlite3 *db, int forceZombie){
   }
 #endif
 
+  while( db->pDbData ){
+    DbClientData *p = db->pDbData;
+    db->pDbData = p->pNext;
+    assert( p->pData!=0 );
+    if( p->xDestructor ) p->xDestructor(p->pData);
+    sqlite3_free(p);
+  }
+
   /* Convert the connection into a zombie and then close it.
   */
   db->eOpenState = SQLITE_STATE_ZOMBIE;
@@ -176567,9 +179215,9 @@ static int sqliteDefaultBusyCallback(
   void *ptr,               /* Database connection */
   int count                /* Number of times table has been busy */
 ){
-#if SQLITE_OS_WIN || HAVE_USLEEP
+#if SQLITE_OS_WIN || !defined(HAVE_NANOSLEEP) || HAVE_NANOSLEEP
   /* This case is for systems that have support for sleeping for fractions of
-  ** a second.  Examples:  All windows systems, unix systems with usleep() */
+  ** a second.  Examples:  All windows systems, unix systems with nanosleep() */
   static const u8 delays[] =
      { 1, 2, 5, 10, 15, 20, 25, 25,  25,  50,  50, 100 };
   static const u8 totals[] =
@@ -177224,6 +179872,12 @@ SQLITE_API void *sqlite3_preupdate_hook(
   void *pArg                /* First callback argument */
 ){
   void *pRet;
+
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( db==0 ){
+    return 0;
+  }
+#endif
   sqlite3_mutex_enter(db->mutex);
   pRet = db->pPreUpdateArg;
   db->xPreUpdateCallback = xCallback;
@@ -177370,7 +180024,7 @@ SQLITE_API int sqlite3_wal_checkpoint_v2(
   if( eModeSQLITE_CHECKPOINT_TRUNCATE ){
     /* EVIDENCE-OF: R-03996-12088 The M parameter must be a valid checkpoint
     ** mode: */
-    return SQLITE_MISUSE;
+    return SQLITE_MISUSE_BKPT;
   }
 
   sqlite3_mutex_enter(db->mutex);
@@ -178207,7 +180861,7 @@ static int openDatabase(
 **         0                  off                         off
 **
 ** Legacy behavior is 3 (double-quoted string literals are allowed anywhere)
-** and so that is the default.  But developers are encouranged to use
+** and so that is the default.  But developers are encouraged to use
 ** -DSQLITE_DQS=0 (best) or -DSQLITE_DQS=1 (second choice) if possible.
 */
 #if !defined(SQLITE_DQS)
@@ -178607,6 +181261,69 @@ SQLITE_API int sqlite3_collation_needed16(
 }
 #endif /* SQLITE_OMIT_UTF16 */
 
+/*
+** Find existing client data.
+*/
+SQLITE_API void *sqlite3_get_clientdata(sqlite3 *db, const char *zName){
+  DbClientData *p;
+  sqlite3_mutex_enter(db->mutex);
+  for(p=db->pDbData; p; p=p->pNext){
+    if( strcmp(p->zName, zName)==0 ){
+      void *pResult = p->pData;
+      sqlite3_mutex_leave(db->mutex);
+      return pResult;
+    }
+  }
+  sqlite3_mutex_leave(db->mutex);
+  return 0;
+}
+
+/*
+** Add new client data to a database connection.
+*/
+SQLITE_API int sqlite3_set_clientdata(
+  sqlite3 *db,                   /* Attach client data to this connection */
+  const char *zName,             /* Name of the client data */
+  void *pData,                   /* The client data itself */
+  void (*xDestructor)(void*)     /* Destructor */
+){
+  DbClientData *p, **pp;
+  sqlite3_mutex_enter(db->mutex);
+  pp = &db->pDbData;
+  for(p=db->pDbData; p && strcmp(p->zName,zName); p=p->pNext){
+    pp = &p->pNext;
+  }
+  if( p ){
+    assert( p->pData!=0 );
+    if( p->xDestructor ) p->xDestructor(p->pData);
+    if( pData==0 ){
+      *pp = p->pNext;
+      sqlite3_free(p);
+      sqlite3_mutex_leave(db->mutex);
+      return SQLITE_OK;
+    }
+  }else if( pData==0 ){
+    sqlite3_mutex_leave(db->mutex);
+    return SQLITE_OK;
+  }else{
+    size_t n = strlen(zName);
+    p = sqlite3_malloc64( sizeof(DbClientData)+n+1 );
+    if( p==0 ){
+      if( xDestructor ) xDestructor(pData);
+      sqlite3_mutex_leave(db->mutex);
+      return SQLITE_NOMEM;
+    }
+    memcpy(p->zName, zName, n+1);
+    p->pNext = db->pDbData;
+    db->pDbData = p;
+  }
+  p->pData = pData;
+  p->xDestructor = xDestructor;
+  sqlite3_mutex_leave(db->mutex);
+  return SQLITE_OK;
+}
+
+
 #ifndef SQLITE_OMIT_DEPRECATED
 /*
 ** This function is now an anachronism. It used to be used to recover from a
@@ -178742,7 +181459,7 @@ SQLITE_API int sqlite3_table_column_metadata(
 
   /* Find the column for which info is requested */
   if( zColumnName==0 ){
-    /* Query for existance of table only */
+    /* Query for existence of table only */
   }else{
     for(iCol=0; iColnCol; iCol++){
       pCol = &pTab->aCol[iCol];
@@ -178956,6 +181673,28 @@ SQLITE_API int sqlite3_test_control(int op, ...){
     }
 #endif
 
+    /*  sqlite3_test_control(SQLITE_TESTCTRL_FK_NO_ACTION, sqlite3 *db, int b);
+    **
+    ** If b is true, then activate the SQLITE_FkNoAction setting.  If b is
+    ** false then clearn that setting.  If the SQLITE_FkNoAction setting is
+    ** abled, all foreign key ON DELETE and ON UPDATE actions behave as if
+    ** they were NO ACTION, regardless of how they are defined.
+    **
+    ** NB:  One must usually run "PRAGMA writable_schema=RESET" after
+    ** using this test-control, before it will take full effect.  failing
+    ** to reset the schema can result in some unexpected behavior.
+    */
+    case SQLITE_TESTCTRL_FK_NO_ACTION: {
+      sqlite3 *db = va_arg(ap, sqlite3*);
+      int b = va_arg(ap, int);
+      if( b ){
+        db->flags |= SQLITE_FkNoAction;
+      }else{
+        db->flags &= ~SQLITE_FkNoAction;
+      }
+      break;
+    }
+
     /*
     **  sqlite3_test_control(BITVEC_TEST, size, program)
     **
@@ -179062,10 +181801,12 @@ SQLITE_API int sqlite3_test_control(int op, ...){
         sqlite3ShowSrcList(0);
         sqlite3ShowWith(0);
         sqlite3ShowUpsert(0);
+#ifndef SQLITE_OMIT_TRIGGER
         sqlite3ShowTriggerStep(0);
         sqlite3ShowTriggerStepList(0);
         sqlite3ShowTrigger(0);
         sqlite3ShowTriggerList(0);
+#endif
 #ifndef SQLITE_OMIT_WINDOWFUNC
         sqlite3ShowWindow(0);
         sqlite3ShowWinFunc(0);
@@ -179182,7 +181923,7 @@ SQLITE_API int sqlite3_test_control(int op, ...){
     ** formed and never corrupt.  This flag is clear by default, indicating that
     ** database files might have arbitrary corruption.  Setting the flag during
     ** testing causes certain assert() statements in the code to be activated
-    ** that demonstrat invariants on well-formed database files.
+    ** that demonstrate invariants on well-formed database files.
     */
     case SQLITE_TESTCTRL_NEVER_CORRUPT: {
       sqlite3GlobalConfig.neverCorrupt = va_arg(ap, int);
@@ -179336,7 +182077,7 @@ SQLITE_API int sqlite3_test_control(int op, ...){
     **
     **   op==0       Store the current sqlite3TreeTrace in *ptr
     **   op==1       Set sqlite3TreeTrace to the value *ptr
-    **   op==3       Store the current sqlite3WhereTrace in *ptr
+    **   op==2       Store the current sqlite3WhereTrace in *ptr
     **   op==3       Set sqlite3WhereTrace to the value *ptr
     */
     case SQLITE_TESTCTRL_TRACEFLAGS: {
@@ -179372,6 +182113,23 @@ SQLITE_API int sqlite3_test_control(int op, ...){
       break;
     }
 
+#if !defined(SQLITE_OMIT_WSD)
+    /* sqlite3_test_control(SQLITE_TESTCTRL_USELONGDOUBLE, int X);
+    **
+    **   X<0     Make no changes to the bUseLongDouble.  Just report value.
+    **   X==0    Disable bUseLongDouble
+    **   X==1    Enable bUseLongDouble
+    **   X>=2    Set bUseLongDouble to its default value for this platform
+    */
+    case SQLITE_TESTCTRL_USELONGDOUBLE: {
+      int b = va_arg(ap, int);
+      if( b>=2 ) b = hasHighPrecisionDouble(b);
+      if( b>=0 ) sqlite3Config.bUseLongDouble = b>0;
+      rc = sqlite3Config.bUseLongDouble!=0;
+      break;
+    }
+#endif
+
 
 #if defined(SQLITE_DEBUG) && !defined(SQLITE_OMIT_WSD)
     /* sqlite3_test_control(SQLITE_TESTCTRL_TUNE, id, *piValue)
@@ -179672,7 +182430,7 @@ SQLITE_API int sqlite3_snapshot_get(
 }
 
 /*
-** Open a read-transaction on the snapshot idendified by pSnapshot.
+** Open a read-transaction on the snapshot identified by pSnapshot.
 */
 SQLITE_API int sqlite3_snapshot_open(
   sqlite3 *db,
@@ -179779,7 +182537,7 @@ SQLITE_API int sqlite3_compileoption_used(const char *zOptName){
   int nOpt;
   const char **azCompileOpt;
 
-#if SQLITE_ENABLE_API_ARMOR
+#ifdef SQLITE_ENABLE_API_ARMOR
   if( zOptName==0 ){
     (void)SQLITE_MISUSE_BKPT;
     return 0;
@@ -179974,6 +182732,9 @@ SQLITE_API int sqlite3_unlock_notify(
 ){
   int rc = SQLITE_OK;
 
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( !sqlite3SafetyCheckOk(db) ) return SQLITE_MISUSE_BKPT;
+#endif
   sqlite3_mutex_enter(db->mutex);
   enterMutex();
 
@@ -180995,6 +183756,7 @@ struct Fts3Table {
   int nPgsz;                      /* Page size for host database */
   char *zSegmentsTbl;             /* Name of %_segments table */
   sqlite3_blob *pSegments;        /* Blob handle open on %_segments table */
+  int iSavepoint;
 
   /*
   ** The following array of hash tables is used to buffer pending index
@@ -181738,6 +184500,7 @@ static void fts3DeclareVtab(int *pRc, Fts3Table *p){
 
     zLanguageid = (p->zLanguageid ? p->zLanguageid : "__langid");
     sqlite3_vtab_config(p->db, SQLITE_VTAB_CONSTRAINT_SUPPORT, 1);
+    sqlite3_vtab_config(p->db, SQLITE_VTAB_INNOCUOUS);
 
     /* Create a list of user columns for the virtual table */
     zCols = sqlite3_mprintf("%Q, ", p->azColumn[0]);
@@ -184987,6 +187750,8 @@ static int fts3RenameMethod(
     rc = sqlite3Fts3PendingTermsFlush(p);
   }
 
+  p->bIgnoreSavepoint = 1;
+
   if( p->zContentTbl==0 ){
     fts3DbExec(&rc, db,
       "ALTER TABLE %Q.'%q_content'  RENAME TO '%q_content';",
@@ -185014,6 +187779,8 @@ static int fts3RenameMethod(
     "ALTER TABLE %Q.'%q_segdir'   RENAME TO '%q_segdir';",
     p->zDb, p->zName, zName
   );
+
+  p->bIgnoreSavepoint = 0;
   return rc;
 }
 
@@ -185024,12 +187791,28 @@ static int fts3RenameMethod(
 */
 static int fts3SavepointMethod(sqlite3_vtab *pVtab, int iSavepoint){
   int rc = SQLITE_OK;
-  UNUSED_PARAMETER(iSavepoint);
-  assert( ((Fts3Table *)pVtab)->inTransaction );
-  assert( ((Fts3Table *)pVtab)->mxSavepoint <= iSavepoint );
-  TESTONLY( ((Fts3Table *)pVtab)->mxSavepoint = iSavepoint );
-  if( ((Fts3Table *)pVtab)->bIgnoreSavepoint==0 ){
-    rc = fts3SyncMethod(pVtab);
+  Fts3Table *pTab = (Fts3Table*)pVtab;
+  assert( pTab->inTransaction );
+  assert( pTab->mxSavepoint<=iSavepoint );
+  TESTONLY( pTab->mxSavepoint = iSavepoint );
+
+  if( pTab->bIgnoreSavepoint==0 ){
+    if( fts3HashCount(&pTab->aIndex[0].hPending)>0 ){
+      char *zSql = sqlite3_mprintf("INSERT INTO %Q.%Q(%Q) VALUES('flush')",
+          pTab->zDb, pTab->zName, pTab->zName
+          );
+      if( zSql ){
+        pTab->bIgnoreSavepoint = 1;
+        rc = sqlite3_exec(pTab->db, zSql, 0, 0, 0);
+        pTab->bIgnoreSavepoint = 0;
+        sqlite3_free(zSql);
+      }else{
+        rc = SQLITE_NOMEM;
+      }
+    }
+    if( rc==SQLITE_OK ){
+      pTab->iSavepoint = iSavepoint+1;
+    }
   }
   return rc;
 }
@@ -185040,12 +187823,11 @@ static int fts3SavepointMethod(sqlite3_vtab *pVtab, int iSavepoint){
 ** This is a no-op.
 */
 static int fts3ReleaseMethod(sqlite3_vtab *pVtab, int iSavepoint){
-  TESTONLY( Fts3Table *p = (Fts3Table*)pVtab );
-  UNUSED_PARAMETER(iSavepoint);
-  UNUSED_PARAMETER(pVtab);
-  assert( p->inTransaction );
-  assert( p->mxSavepoint >= iSavepoint );
-  TESTONLY( p->mxSavepoint = iSavepoint-1 );
+  Fts3Table *pTab = (Fts3Table*)pVtab;
+  assert( pTab->inTransaction );
+  assert( pTab->mxSavepoint >= iSavepoint );
+  TESTONLY( pTab->mxSavepoint = iSavepoint-1 );
+  pTab->iSavepoint = iSavepoint;
   return SQLITE_OK;
 }
 
@@ -185055,11 +187837,13 @@ static int fts3ReleaseMethod(sqlite3_vtab *pVtab, int iSavepoint){
 ** Discard the contents of the pending terms table.
 */
 static int fts3RollbackToMethod(sqlite3_vtab *pVtab, int iSavepoint){
-  Fts3Table *p = (Fts3Table*)pVtab;
+  Fts3Table *pTab = (Fts3Table*)pVtab;
   UNUSED_PARAMETER(iSavepoint);
-  assert( p->inTransaction );
-  TESTONLY( p->mxSavepoint = iSavepoint );
-  sqlite3Fts3PendingTermsClear(p);
+  assert( pTab->inTransaction );
+  TESTONLY( pTab->mxSavepoint = iSavepoint );
+  if( (iSavepoint+1)<=pTab->iSavepoint ){
+    sqlite3Fts3PendingTermsClear(pTab);
+  }
   return SQLITE_OK;
 }
 
@@ -185078,8 +187862,49 @@ static int fts3ShadowName(const char *zName){
   return 0;
 }
 
+/*
+** Implementation of the xIntegrity() method on the FTS3/FTS4 virtual
+** table.
+*/
+static int fts3Integrity(
+  sqlite3_vtab *pVtab,      /* The virtual table to be checked */
+  const char *zSchema,      /* Name of schema in which pVtab lives */
+  const char *zTabname,     /* Name of the pVTab table */
+  int isQuick,              /* True if this is a quick_check */
+  char **pzErr              /* Write error message here */
+){
+  Fts3Table *p = (Fts3Table*)pVtab;
+  char *zSql;
+  int rc;
+  char *zErr = 0;
+
+  assert( pzErr!=0 );
+  assert( *pzErr==0 );
+  UNUSED_PARAMETER(isQuick);
+  zSql = sqlite3_mprintf(
+            "INSERT INTO \"%w\".\"%w\"(\"%w\") VALUES('integrity-check');",
+            zSchema, zTabname, zTabname);
+  if( zSql==0 ){
+    return SQLITE_NOMEM;
+  }
+  rc = sqlite3_exec(p->db, zSql, 0, 0, &zErr);
+  sqlite3_free(zSql);
+  if( (rc&0xff)==SQLITE_CORRUPT ){
+    *pzErr = sqlite3_mprintf("malformed inverted index for FTS%d table %s.%s",
+                p->bFts4 ? 4 : 3, zSchema, zTabname);
+  }else if( rc!=SQLITE_OK ){
+    *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
+                             " FTS%d table %s.%s: %s",
+                p->bFts4 ? 4 : 3, zSchema, zTabname, zErr);
+  }
+  sqlite3_free(zErr);
+  return SQLITE_OK;
+}
+
+
+
 static const sqlite3_module fts3Module = {
-  /* iVersion      */ 3,
+  /* iVersion      */ 4,
   /* xCreate       */ fts3CreateMethod,
   /* xConnect      */ fts3ConnectMethod,
   /* xBestIndex    */ fts3BestIndexMethod,
@@ -185103,6 +187928,7 @@ static const sqlite3_module fts3Module = {
   /* xRelease      */ fts3ReleaseMethod,
   /* xRollbackTo   */ fts3RollbackToMethod,
   /* xShadowName   */ fts3ShadowName,
+  /* xIntegrity    */ fts3Integrity,
 };
 
 /*
@@ -187778,7 +190604,8 @@ SQLITE_PRIVATE int sqlite3Fts3InitAux(sqlite3 *db){
      0,                           /* xSavepoint    */
      0,                           /* xRelease      */
      0,                           /* xRollbackTo   */
-     0                            /* xShadowName   */
+     0,                           /* xShadowName   */
+     0                            /* xIntegrity    */
   };
   int rc;                         /* Return code */
 
@@ -191344,7 +194171,8 @@ SQLITE_PRIVATE int sqlite3Fts3InitTok(sqlite3 *db, Fts3Hash *pHash, void(*xDestr
      0,                           /* xSavepoint    */
      0,                           /* xRelease      */
      0,                           /* xRollbackTo   */
-     0                            /* xShadowName   */
+     0,                           /* xShadowName   */
+     0                            /* xIntegrity    */
   };
   int rc;                         /* Return code */
 
@@ -194685,7 +197513,6 @@ SQLITE_PRIVATE int sqlite3Fts3PendingTermsFlush(Fts3Table *p){
     rc = fts3SegmentMerge(p, p->iPrevLangid, i, FTS3_SEGCURSOR_PENDING);
     if( rc==SQLITE_DONE ) rc = SQLITE_OK;
   }
-  sqlite3Fts3PendingTermsClear(p);
 
   /* Determine the auto-incr-merge setting if unknown.  If enabled,
   ** estimate the number of leaf blocks of content to be written
@@ -194707,6 +197534,10 @@ SQLITE_PRIVATE int sqlite3Fts3PendingTermsFlush(Fts3Table *p){
       rc = sqlite3_reset(pStmt);
     }
   }
+
+  if( rc==SQLITE_OK ){
+    sqlite3Fts3PendingTermsClear(p);
+  }
   return rc;
 }
 
@@ -195338,6 +198169,8 @@ static int fts3AppendToNode(
 
   blobGrowBuffer(pPrev, nTerm, &rc);
   if( rc!=SQLITE_OK ) return rc;
+  assert( pPrev!=0 );
+  assert( pPrev->a!=0 );
 
   nPrefix = fts3PrefixCompress(pPrev->a, pPrev->n, zTerm, nTerm);
   nSuffix = nTerm - nPrefix;
@@ -195394,9 +198227,13 @@ static int fts3IncrmergeAppend(
   nSpace += sqlite3Fts3VarintLen(nDoclist) + nDoclist;
 
   /* If the current block is not empty, and if adding this term/doclist
-  ** to the current block would make it larger than Fts3Table.nNodeSize
-  ** bytes, write this block out to the database. */
-  if( pLeaf->block.n>0 && (pLeaf->block.n + nSpace)>p->nNodeSize ){
+  ** to the current block would make it larger than Fts3Table.nNodeSize bytes,
+  ** and if there is still room for another leaf page, write this block out to
+  ** the database. */
+  if( pLeaf->block.n>0
+   && (pLeaf->block.n + nSpace)>p->nNodeSize
+   && pLeaf->iBlock < (pWriter->iStart + pWriter->nLeafEst)
+  ){
     rc = fts3WriteSegment(p, pLeaf->iBlock, pLeaf->block.a, pLeaf->block.n);
     pWriter->nWork++;
 
@@ -195707,6 +198544,7 @@ static int fts3IncrmergeLoad(
 
       for(i=nHeight; i>=0 && rc==SQLITE_OK; i--){
         NodeReader reader;
+        memset(&reader, 0, sizeof(reader));
         pNode = &pWriter->aNodeWriter[i];
 
         if( pNode->block.a){
@@ -195727,7 +198565,7 @@ static int fts3IncrmergeLoad(
               rc = sqlite3Fts3ReadBlock(p, reader.iChild, &aBlock, &nBlock,0);
               blobGrowBuffer(&pNode->block,
                   MAX(nBlock, p->nNodeSize)+FTS3_NODE_PADDING, &rc
-                  );
+              );
               if( rc==SQLITE_OK ){
                 memcpy(pNode->block.a, aBlock, nBlock);
                 pNode->block.n = nBlock;
@@ -196577,7 +199415,7 @@ static u64 fts3ChecksumIndex(
   int rc;
   u64 cksum = 0;
 
-  assert( *pRc==SQLITE_OK );
+  if( *pRc ) return 0;
 
   memset(&filter, 0, sizeof(filter));
   memset(&csr, 0, sizeof(csr));
@@ -196792,8 +199630,11 @@ static int fts3SpecialInsert(Fts3Table *p, sqlite3_value *pVal){
     rc = fts3DoIncrmerge(p, &zVal[6]);
   }else if( nVal>10 && 0==sqlite3_strnicmp(zVal, "automerge=", 10) ){
     rc = fts3DoAutoincrmerge(p, &zVal[10]);
+  }else if( nVal==5 && 0==sqlite3_strnicmp(zVal, "flush", 5) ){
+    rc = sqlite3Fts3PendingTermsFlush(p);
+  }
 #if defined(SQLITE_DEBUG) || defined(SQLITE_TEST)
-  }else{
+  else{
     int v;
     if( nVal>9 && 0==sqlite3_strnicmp(zVal, "nodesize=", 9) ){
       v = atoi(&zVal[9]);
@@ -196811,8 +199652,8 @@ static int fts3SpecialInsert(Fts3Table *p, sqlite3_value *pVal){
       if( v>=4 && v<=FTS3_MERGE_COUNT && (v&1)==0 ) p->nMergeCount = v;
       rc = SQLITE_OK;
     }
-#endif
   }
+#endif
   return rc;
 }
 
@@ -199753,25 +202594,51 @@ SQLITE_PRIVATE int sqlite3FtsUnicodeFold(int c, int eRemoveDiacritic){
 ** increase for the parser.  (Ubuntu14.10 gcc 4.8.4 x64 with -Os).
 */
 static const char jsonIsSpace[] = {
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 1, 1, 0, 0, 1, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  1, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
-  0, 0, 0, 0, 0, 0, 0, 0,     0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 1, 1, 0, 0, 1, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  1, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
 };
 #define fast_isspace(x) (jsonIsSpace[(unsigned char)x])
 
+/*
+** Characters that are special to JSON.  Control charaters,
+** '"' and '\\'.
+*/
+static const char jsonIsOk[256] = {
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
+  1, 1, 0, 1, 1, 1, 1, 0,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 0, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1,
+  1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1
+};
+
+
 #if !defined(SQLITE_DEBUG) && !defined(SQLITE_COVERAGE_TEST)
 #  define VVA(X)
 #else
@@ -199782,6 +202649,7 @@ static const char jsonIsSpace[] = {
 typedef struct JsonString JsonString;
 typedef struct JsonNode JsonNode;
 typedef struct JsonParse JsonParse;
+typedef struct JsonCleanup JsonCleanup;
 
 /* An instance of this object represents a JSON string
 ** under construction.  Really, this is a generic string accumulator
@@ -199797,16 +202665,26 @@ struct JsonString {
   char zSpace[100];        /* Initial static space */
 };
 
+/* A deferred cleanup task.  A list of JsonCleanup objects might be
+** run when the JsonParse object is destroyed.
+*/
+struct JsonCleanup {
+  JsonCleanup *pJCNext;    /* Next in a list */
+  void (*xOp)(void*);      /* Routine to run */
+  void *pArg;              /* Argument to xOp() */
+};
+
 /* JSON type values
 */
-#define JSON_NULL     0
-#define JSON_TRUE     1
-#define JSON_FALSE    2
-#define JSON_INT      3
-#define JSON_REAL     4
-#define JSON_STRING   5
-#define JSON_ARRAY    6
-#define JSON_OBJECT   7
+#define JSON_SUBST    0    /* Special edit node.  Uses u.iPrev */
+#define JSON_NULL     1
+#define JSON_TRUE     2
+#define JSON_FALSE    3
+#define JSON_INT      4
+#define JSON_REAL     5
+#define JSON_STRING   6
+#define JSON_ARRAY    7
+#define JSON_OBJECT   8
 
 /* The "subtype" set for JSON values */
 #define JSON_SUBTYPE  74    /* Ascii for "J" */
@@ -199815,52 +202693,87 @@ struct JsonString {
 ** Names of the various JSON types:
 */
 static const char * const jsonType[] = {
+  "subst",
   "null", "true", "false", "integer", "real", "text", "array", "object"
 };
 
 /* Bit values for the JsonNode.jnFlag field
 */
-#define JNODE_RAW     0x01         /* Content is raw, not JSON encoded */
-#define JNODE_ESCAPE  0x02         /* Content is text with \ escapes */
-#define JNODE_REMOVE  0x04         /* Do not output */
-#define JNODE_REPLACE 0x08         /* Replace with JsonNode.u.iReplace */
-#define JNODE_PATCH   0x10         /* Patch with JsonNode.u.pPatch */
-#define JNODE_APPEND  0x20         /* More ARRAY/OBJECT entries at u.iAppend */
-#define JNODE_LABEL   0x40         /* Is a label of an object */
-#define JNODE_JSON5   0x80         /* Node contains JSON5 enhancements */
+#define JNODE_RAW     0x01  /* Content is raw, not JSON encoded */
+#define JNODE_ESCAPE  0x02  /* Content is text with \ escapes */
+#define JNODE_REMOVE  0x04  /* Do not output */
+#define JNODE_REPLACE 0x08  /* Target of a JSON_SUBST node */
+#define JNODE_APPEND  0x10  /* More ARRAY/OBJECT entries at u.iAppend */
+#define JNODE_LABEL   0x20  /* Is a label of an object */
+#define JNODE_JSON5   0x40  /* Node contains JSON5 enhancements */
 
 
-/* A single node of parsed JSON
+/* A single node of parsed JSON.  An array of these nodes describes
+** a parse of JSON + edits.
+**
+** Use the json_parse() SQL function (available when compiled with
+** -DSQLITE_DEBUG) to see a dump of complete JsonParse objects, including
+** a complete listing and decoding of the array of JsonNodes.
 */
 struct JsonNode {
   u8 eType;              /* One of the JSON_ type values */
   u8 jnFlags;            /* JNODE flags */
   u8 eU;                 /* Which union element to use */
-  u32 n;                 /* Bytes of content, or number of sub-nodes */
+  u32 n;                 /* Bytes of content for INT, REAL or STRING
+                         ** Number of sub-nodes for ARRAY and OBJECT
+                         ** Node that SUBST applies to */
   union {
     const char *zJContent; /* 1: Content for INT, REAL, and STRING */
     u32 iAppend;           /* 2: More terms for ARRAY and OBJECT */
     u32 iKey;              /* 3: Key for ARRAY objects in json_tree() */
-    u32 iReplace;          /* 4: Replacement content for JNODE_REPLACE */
-    JsonNode *pPatch;      /* 5: Node chain of patch for JNODE_PATCH */
+    u32 iPrev;             /* 4: Previous SUBST node, or 0 */
   } u;
 };
 
-/* A completely parsed JSON string
+
+/* A parsed and possibly edited JSON string.  Lifecycle:
+**
+**   1.  JSON comes in and is parsed into an array aNode[].  The original
+**       JSON text is stored in zJson.
+**
+**   2.  Zero or more changes are made (via json_remove() or json_replace()
+**       or similar) to the aNode[] array.
+**
+**   3.  A new, edited and mimified JSON string is generated from aNode
+**       and stored in zAlt.  The JsonParse object always owns zAlt.
+**
+** Step 1 always happens.  Step 2 and 3 may or may not happen, depending
+** on the operation.
+**
+** aNode[].u.zJContent entries typically point into zJson.  Hence zJson
+** must remain valid for the lifespan of the parse.  For edits,
+** aNode[].u.zJContent might point to malloced space other than zJson.
+** Entries in pClup are responsible for freeing that extra malloced space.
+**
+** When walking the parse tree in aNode[], edits are ignored if useMod is
+** false.
 */
 struct JsonParse {
   u32 nNode;         /* Number of slots of aNode[] used */
   u32 nAlloc;        /* Number of slots of aNode[] allocated */
   JsonNode *aNode;   /* Array of nodes containing the parse */
-  const char *zJson; /* Original JSON string */
+  char *zJson;       /* Original JSON string (before edits) */
+  char *zAlt;        /* Revised and/or mimified JSON */
   u32 *aUp;          /* Index of parent of each node */
+  JsonCleanup *pClup;/* Cleanup operations prior to freeing this object */
   u16 iDepth;        /* Nesting depth */
   u8 nErr;           /* Number of errors seen */
   u8 oom;            /* Set to true if out of memory */
+  u8 bJsonIsRCStr;   /* True if zJson is an RCStr */
   u8 hasNonstd;      /* True if input uses non-standard features like JSON5 */
+  u8 useMod;         /* Actually use the edits contain inside aNode */
+  u8 hasMod;         /* aNode contains edits from the original zJson */
+  u32 nJPRef;        /* Number of references to this object */
   int nJson;         /* Length of the zJson string in bytes */
+  int nAlt;          /* Length of alternative JSON string zAlt, in bytes */
   u32 iErr;          /* Error location in zJson[] */
-  u32 iHold;         /* Replace cache line with the lowest iHold value */
+  u32 iSubst;        /* Last JSON_SUBST entry in aNode[] */
+  u32 iHold;         /* Age of this entry in the cache for LRU replacement */
 };
 
 /*
@@ -199893,16 +202806,14 @@ static void jsonInit(JsonString *p, sqlite3_context *pCtx){
   jsonZero(p);
 }
 
-
 /* Free all allocated memory and reset the JsonString object back to its
 ** initial state.
 */
 static void jsonReset(JsonString *p){
-  if( !p->bStatic ) sqlite3_free(p->zBuf);
+  if( !p->bStatic ) sqlite3RCStrUnref(p->zBuf);
   jsonZero(p);
 }
 
-
 /* Report an out-of-memory (OOM) condition
 */
 static void jsonOom(JsonString *p){
@@ -199919,7 +202830,7 @@ static int jsonGrow(JsonString *p, u32 N){
   char *zNew;
   if( p->bStatic ){
     if( p->bErr ) return 1;
-    zNew = sqlite3_malloc64(nTotal);
+    zNew = sqlite3RCStrNew(nTotal);
     if( zNew==0 ){
       jsonOom(p);
       return SQLITE_NOMEM;
@@ -199928,12 +202839,12 @@ static int jsonGrow(JsonString *p, u32 N){
     p->zBuf = zNew;
     p->bStatic = 0;
   }else{
-    zNew = sqlite3_realloc64(p->zBuf, nTotal);
-    if( zNew==0 ){
-      jsonOom(p);
+    p->zBuf = sqlite3RCStrResize(p->zBuf, nTotal);
+    if( p->zBuf==0 ){
+      p->bErr = 1;
+      jsonZero(p);
       return SQLITE_NOMEM;
     }
-    p->zBuf = zNew;
   }
   p->nAlloc = nTotal;
   return SQLITE_OK;
@@ -199941,12 +202852,35 @@ static int jsonGrow(JsonString *p, u32 N){
 
 /* Append N bytes from zIn onto the end of the JsonString string.
 */
-static void jsonAppendRaw(JsonString *p, const char *zIn, u32 N){
-  if( N==0 ) return;
-  if( (N+p->nUsed >= p->nAlloc) && jsonGrow(p,N)!=0 ) return;
+static SQLITE_NOINLINE void jsonAppendExpand(
+  JsonString *p,
+  const char *zIn,
+  u32 N
+){
+  assert( N>0 );
+  if( jsonGrow(p,N) ) return;
   memcpy(p->zBuf+p->nUsed, zIn, N);
   p->nUsed += N;
 }
+static void jsonAppendRaw(JsonString *p, const char *zIn, u32 N){
+  if( N==0 ) return;
+  if( N+p->nUsed >= p->nAlloc ){
+    jsonAppendExpand(p,zIn,N);
+  }else{
+    memcpy(p->zBuf+p->nUsed, zIn, N);
+    p->nUsed += N;
+  }
+}
+static void jsonAppendRawNZ(JsonString *p, const char *zIn, u32 N){
+  assert( N>0 );
+  if( N+p->nUsed >= p->nAlloc ){
+    jsonAppendExpand(p,zIn,N);
+  }else{
+    memcpy(p->zBuf+p->nUsed, zIn, N);
+    p->nUsed += N;
+  }
+}
+
 
 /* Append formatted text (not to exceed N bytes) to the JsonString.
 */
@@ -199961,10 +202895,35 @@ static void jsonPrintf(int N, JsonString *p, const char *zFormat, ...){
 
 /* Append a single character
 */
-static void jsonAppendChar(JsonString *p, char c){
-  if( p->nUsed>=p->nAlloc && jsonGrow(p,1)!=0 ) return;
+static SQLITE_NOINLINE void jsonAppendCharExpand(JsonString *p, char c){
+  if( jsonGrow(p,1) ) return;
   p->zBuf[p->nUsed++] = c;
 }
+static void jsonAppendChar(JsonString *p, char c){
+  if( p->nUsed>=p->nAlloc ){
+    jsonAppendCharExpand(p,c);
+  }else{
+    p->zBuf[p->nUsed++] = c;
+  }
+}
+
+/* Try to force the string to be a zero-terminated RCStr string.
+**
+** Return true on success.  Return false if an OOM prevents this
+** from happening.
+*/
+static int jsonForceRCStr(JsonString *p){
+  jsonAppendChar(p, 0);
+  if( p->bErr ) return 0;
+  p->nUsed--;
+  if( p->bStatic==0 ) return 1;
+  p->nAlloc = 0;
+  p->nUsed++;
+  jsonGrow(p, p->nUsed);
+  p->nUsed--;
+  return p->bStatic==0;
+}
+
 
 /* Append a comma separator to the output buffer, if the previous
 ** character is not '[' or '{'.
@@ -199973,7 +202932,8 @@ static void jsonAppendSeparator(JsonString *p){
   char c;
   if( p->nUsed==0 ) return;
   c = p->zBuf[p->nUsed-1];
-  if( c!='[' && c!='{' ) jsonAppendChar(p, ',');
+  if( c=='[' || c=='{' ) return;
+  jsonAppendChar(p, ',');
 }
 
 /* Append the N-byte string in zIn to the end of the JsonString string
@@ -199987,11 +202947,16 @@ static void jsonAppendString(JsonString *p, const char *zIn, u32 N){
   p->zBuf[p->nUsed++] = '"';
   for(i=0; izBuf[p->nUsed++] = c;
+    }else if( c=='"' || c=='\\' ){
       json_simple_escape:
       if( (p->nUsed+N+3-i > p->nAlloc) && jsonGrow(p,N+3-i)!=0 ) return;
       p->zBuf[p->nUsed++] = '\\';
-    }else if( c<=0x1f ){
+      p->zBuf[p->nUsed++] = c;
+    }else if( c=='\'' ){
+      p->zBuf[p->nUsed++] = c;
+    }else{
       static const char aSpecial[] = {
          0, 0, 0, 0, 0, 0, 0, 0, 'b', 't', 'n', 0, 'f', 'r', 0, 0,
          0, 0, 0, 0, 0, 0, 0, 0,   0,   0,   0, 0,   0,   0, 0, 0
@@ -200002,6 +202967,7 @@ static void jsonAppendString(JsonString *p, const char *zIn, u32 N){
       assert( aSpecial['\n']=='n' );
       assert( aSpecial['\r']=='r' );
       assert( aSpecial['\t']=='t' );
+      assert( c>=0 && czBuf[p->nUsed++] = 'u';
       p->zBuf[p->nUsed++] = '0';
       p->zBuf[p->nUsed++] = '0';
-      p->zBuf[p->nUsed++] = '0' + (c>>4);
-      c = "0123456789abcdef"[c&0xf];
+      p->zBuf[p->nUsed++] = "0123456789abcdef"[c>>4];
+      p->zBuf[p->nUsed++] = "0123456789abcdef"[c&0xf];
     }
-    p->zBuf[p->nUsed++] = c;
   }
   p->zBuf[p->nUsed++] = '"';
   assert( p->nUsednAlloc );
@@ -200033,7 +202998,7 @@ static void jsonAppendNormalizedString(JsonString *p, const char *zIn, u32 N){
   while( N>0 ){
     for(i=0; i0 ){
-      jsonAppendRaw(p, zIn, i);
+      jsonAppendRawNZ(p, zIn, i);
       zIn += i;
       N -= i;
       if( N==0 ) break;
@@ -200044,16 +203009,16 @@ static void jsonAppendNormalizedString(JsonString *p, const char *zIn, u32 N){
         jsonAppendChar(p, '\'');
         break;
       case 'v':
-        jsonAppendRaw(p, "\\u0009", 6);
+        jsonAppendRawNZ(p, "\\u0009", 6);
         break;
       case 'x':
-        jsonAppendRaw(p, "\\u00", 4);
-        jsonAppendRaw(p, &zIn[2], 2);
+        jsonAppendRawNZ(p, "\\u00", 4);
+        jsonAppendRawNZ(p, &zIn[2], 2);
         zIn += 2;
         N -= 2;
         break;
       case '0':
-        jsonAppendRaw(p, "\\u0000", 6);
+        jsonAppendRawNZ(p, "\\u0000", 6);
         break;
       case '\r':
         if( zIn[2]=='\n' ){
@@ -200071,7 +203036,7 @@ static void jsonAppendNormalizedString(JsonString *p, const char *zIn, u32 N){
         N -= 2;
         break;
       default:
-        jsonAppendRaw(p, zIn, 2);
+        jsonAppendRawNZ(p, zIn, 2);
         break;
     }
     zIn += 2;
@@ -200101,11 +203066,12 @@ static void jsonAppendNormalizedInt(JsonString *p, const char *zIn, u32 N){
       jsonPrintf(100,p,"%lld",i);
     }else{
       assert( rc==2 );
-      jsonAppendRaw(p, "9.0e999", 7);
+      jsonAppendRawNZ(p, "9.0e999", 7);
     }
     return;
   }
-  jsonAppendRaw(p, zIn, N);
+  assert( N>0 );
+  jsonAppendRawNZ(p, zIn, N);
 }
 
 /*
@@ -200137,7 +203103,7 @@ static void jsonAppendNormalizedReal(JsonString *p, const char *zIn, u32 N){
     }
   }
   if( N>0 ){
-    jsonAppendRaw(p, zIn, N);
+    jsonAppendRawNZ(p, zIn, N);
   }
 }
 
@@ -200153,7 +203119,7 @@ static void jsonAppendValue(
 ){
   switch( sqlite3_value_type(pValue) ){
     case SQLITE_NULL: {
-      jsonAppendRaw(p, "null", 4);
+      jsonAppendRawNZ(p, "null", 4);
       break;
     }
     case SQLITE_FLOAT: {
@@ -200189,15 +203155,25 @@ static void jsonAppendValue(
 
 
 /* Make the JSON in p the result of the SQL function.
+**
+** The JSON string is reset.
 */
 static void jsonResult(JsonString *p){
   if( p->bErr==0 ){
-    sqlite3_result_text64(p->pCtx, p->zBuf, p->nUsed,
-                          p->bStatic ? SQLITE_TRANSIENT : sqlite3_free,
-                          SQLITE_UTF8);
-    jsonZero(p);
+    if( p->bStatic ){
+      sqlite3_result_text64(p->pCtx, p->zBuf, p->nUsed,
+                            SQLITE_TRANSIENT, SQLITE_UTF8);
+    }else if( jsonForceRCStr(p) ){
+      sqlite3RCStrRef(p->zBuf);
+      sqlite3_result_text64(p->pCtx, p->zBuf, p->nUsed,
+                            sqlite3RCStrUnref,
+                            SQLITE_UTF8);
+    }
+  }
+  if( p->bErr==1 ){
+    sqlite3_result_error_nomem(p->pCtx);
   }
-  assert( p->bStatic );
+  jsonReset(p);
 }
 
 /**************************************************************************
@@ -200222,20 +203198,73 @@ static u32 jsonNodeSize(JsonNode *pNode){
 ** delete the JsonParse object itself.
 */
 static void jsonParseReset(JsonParse *pParse){
-  sqlite3_free(pParse->aNode);
-  pParse->aNode = 0;
+  while( pParse->pClup ){
+    JsonCleanup *pTask = pParse->pClup;
+    pParse->pClup = pTask->pJCNext;
+    pTask->xOp(pTask->pArg);
+    sqlite3_free(pTask);
+  }
+  assert( pParse->nJPRef<=1 );
+  if( pParse->aNode ){
+    sqlite3_free(pParse->aNode);
+    pParse->aNode = 0;
+  }
   pParse->nNode = 0;
   pParse->nAlloc = 0;
-  sqlite3_free(pParse->aUp);
-  pParse->aUp = 0;
+  if( pParse->aUp ){
+    sqlite3_free(pParse->aUp);
+    pParse->aUp = 0;
+  }
+  if( pParse->bJsonIsRCStr ){
+    sqlite3RCStrUnref(pParse->zJson);
+    pParse->zJson = 0;
+    pParse->bJsonIsRCStr = 0;
+  }
+  if( pParse->zAlt ){
+    sqlite3RCStrUnref(pParse->zAlt);
+    pParse->zAlt = 0;
+  }
 }
 
 /*
 ** Free a JsonParse object that was obtained from sqlite3_malloc().
+**
+** Note that destroying JsonParse might call sqlite3RCStrUnref() to
+** destroy the zJson value.  The RCStr object might recursively invoke
+** JsonParse to destroy this pParse object again.  Take care to ensure
+** that this recursive destructor sequence terminates harmlessly.
 */
 static void jsonParseFree(JsonParse *pParse){
-  jsonParseReset(pParse);
-  sqlite3_free(pParse);
+  if( pParse->nJPRef>1 ){
+    pParse->nJPRef--;
+  }else{
+    jsonParseReset(pParse);
+    sqlite3_free(pParse);
+  }
+}
+
+/*
+** Add a cleanup task to the JsonParse object.
+**
+** If an OOM occurs, the cleanup operation happens immediately
+** and this function returns SQLITE_NOMEM.
+*/
+static int jsonParseAddCleanup(
+  JsonParse *pParse,          /* Add the cleanup task to this parser */
+  void(*xOp)(void*),          /* The cleanup task */
+  void *pArg                  /* Argument to the cleanup */
+){
+  JsonCleanup *pTask = sqlite3_malloc64( sizeof(*pTask) );
+  if( pTask==0 ){
+    pParse->oom = 1;
+    xOp(pArg);
+    return SQLITE_ERROR;
+  }
+  pTask->pJCNext = pParse->pClup;
+  pParse->pClup = pTask;
+  pTask->xOp = xOp;
+  pTask->pArg = pArg;
+  return SQLITE_OK;
 }
 
 /*
@@ -200244,32 +203273,38 @@ static void jsonParseFree(JsonParse *pParse){
 ** the number of JsonNode objects that are encoded.
 */
 static void jsonRenderNode(
+  JsonParse *pParse,             /* the complete parse of the JSON */
   JsonNode *pNode,               /* The node to render */
-  JsonString *pOut,              /* Write JSON here */
-  sqlite3_value **aReplace       /* Replacement values */
+  JsonString *pOut               /* Write JSON here */
 ){
   assert( pNode!=0 );
-  if( pNode->jnFlags & (JNODE_REPLACE|JNODE_PATCH) ){
-    if( (pNode->jnFlags & JNODE_REPLACE)!=0 && ALWAYS(aReplace!=0) ){
-      assert( pNode->eU==4 );
-      jsonAppendValue(pOut, aReplace[pNode->u.iReplace]);
-      return;
+  while( (pNode->jnFlags & JNODE_REPLACE)!=0 && pParse->useMod ){
+    u32 idx = (u32)(pNode - pParse->aNode);
+    u32 i = pParse->iSubst;
+    while( 1 /*exit-by-break*/ ){
+      assert( inNode );
+      assert( pParse->aNode[i].eType==JSON_SUBST );
+      assert( pParse->aNode[i].eU==4 );
+      assert( pParse->aNode[i].u.iPrevaNode[i].n==idx ){
+        pNode = &pParse->aNode[i+1];
+        break;
+      }
+      i = pParse->aNode[i].u.iPrev;
     }
-    assert( pNode->eU==5 );
-    pNode = pNode->u.pPatch;
   }
   switch( pNode->eType ){
     default: {
       assert( pNode->eType==JSON_NULL );
-      jsonAppendRaw(pOut, "null", 4);
+      jsonAppendRawNZ(pOut, "null", 4);
       break;
     }
     case JSON_TRUE: {
-      jsonAppendRaw(pOut, "true", 4);
+      jsonAppendRawNZ(pOut, "true", 4);
       break;
     }
     case JSON_FALSE: {
-      jsonAppendRaw(pOut, "false", 5);
+      jsonAppendRawNZ(pOut, "false", 5);
       break;
     }
     case JSON_STRING: {
@@ -200285,7 +203320,8 @@ static void jsonRenderNode(
       }else if( pNode->jnFlags & JNODE_JSON5 ){
         jsonAppendNormalizedString(pOut, pNode->u.zJContent, pNode->n);
       }else{
-        jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
+        assert( pNode->n>0 );
+        jsonAppendRawNZ(pOut, pNode->u.zJContent, pNode->n);
       }
       break;
     }
@@ -200294,7 +203330,8 @@ static void jsonRenderNode(
       if( pNode->jnFlags & JNODE_JSON5 ){
         jsonAppendNormalizedReal(pOut, pNode->u.zJContent, pNode->n);
       }else{
-        jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
+        assert( pNode->n>0 );
+        jsonAppendRawNZ(pOut, pNode->u.zJContent, pNode->n);
       }
       break;
     }
@@ -200303,7 +203340,8 @@ static void jsonRenderNode(
       if( pNode->jnFlags & JNODE_JSON5 ){
         jsonAppendNormalizedInt(pOut, pNode->u.zJContent, pNode->n);
       }else{
-        jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
+        assert( pNode->n>0 );
+        jsonAppendRawNZ(pOut, pNode->u.zJContent, pNode->n);
       }
       break;
     }
@@ -200312,15 +203350,16 @@ static void jsonRenderNode(
       jsonAppendChar(pOut, '[');
       for(;;){
         while( j<=pNode->n ){
-          if( (pNode[j].jnFlags & JNODE_REMOVE)==0 ){
+          if( (pNode[j].jnFlags & JNODE_REMOVE)==0 || pParse->useMod==0 ){
             jsonAppendSeparator(pOut);
-            jsonRenderNode(&pNode[j], pOut, aReplace);
+            jsonRenderNode(pParse, &pNode[j], pOut);
           }
           j += jsonNodeSize(&pNode[j]);
         }
         if( (pNode->jnFlags & JNODE_APPEND)==0 ) break;
+        if( pParse->useMod==0 ) break;
         assert( pNode->eU==2 );
-        pNode = &pNode[pNode->u.iAppend];
+        pNode = &pParse->aNode[pNode->u.iAppend];
         j = 1;
       }
       jsonAppendChar(pOut, ']');
@@ -200331,17 +203370,18 @@ static void jsonRenderNode(
       jsonAppendChar(pOut, '{');
       for(;;){
         while( j<=pNode->n ){
-          if( (pNode[j+1].jnFlags & JNODE_REMOVE)==0 ){
+          if( (pNode[j+1].jnFlags & JNODE_REMOVE)==0 || pParse->useMod==0 ){
             jsonAppendSeparator(pOut);
-            jsonRenderNode(&pNode[j], pOut, aReplace);
+            jsonRenderNode(pParse, &pNode[j], pOut);
             jsonAppendChar(pOut, ':');
-            jsonRenderNode(&pNode[j+1], pOut, aReplace);
+            jsonRenderNode(pParse, &pNode[j+1], pOut);
           }
           j += 1 + jsonNodeSize(&pNode[j+1]);
         }
         if( (pNode->jnFlags & JNODE_APPEND)==0 ) break;
+        if( pParse->useMod==0 ) break;
         assert( pNode->eU==2 );
-        pNode = &pNode[pNode->u.iAppend];
+        pNode = &pParse->aNode[pNode->u.iAppend];
         j = 1;
       }
       jsonAppendChar(pOut, '}');
@@ -200351,18 +203391,29 @@ static void jsonRenderNode(
 }
 
 /*
-** Return a JsonNode and all its descendents as a JSON string.
+** Return a JsonNode and all its descendants as a JSON string.
 */
 static void jsonReturnJson(
+  JsonParse *pParse,          /* The complete JSON */
   JsonNode *pNode,            /* Node to return */
   sqlite3_context *pCtx,      /* Return value for this function */
-  sqlite3_value **aReplace    /* Array of replacement values */
+  int bGenerateAlt            /* Also store the rendered text in zAlt */
 ){
   JsonString s;
-  jsonInit(&s, pCtx);
-  jsonRenderNode(pNode, &s, aReplace);
-  jsonResult(&s);
-  sqlite3_result_subtype(pCtx, JSON_SUBTYPE);
+  if( pParse->oom ){
+    sqlite3_result_error_nomem(pCtx);
+    return;
+  }
+  if( pParse->nErr==0 ){
+    jsonInit(&s, pCtx);
+    jsonRenderNode(pParse, pNode, &s);
+    if( bGenerateAlt && pParse->zAlt==0 && jsonForceRCStr(&s) ){
+      pParse->zAlt = sqlite3RCStrRef(s.zBuf);
+      pParse->nAlt = s.nUsed;
+    }
+    jsonResult(&s);
+    sqlite3_result_subtype(pCtx, JSON_SUBTYPE);
+  }
 }
 
 /*
@@ -200400,9 +203451,9 @@ static u32 jsonHexToInt4(const char *z){
 ** Make the JsonNode the return value of the function.
 */
 static void jsonReturn(
+  JsonParse *pParse,          /* Complete JSON parse tree */
   JsonNode *pNode,            /* Node to return */
-  sqlite3_context *pCtx,      /* Return value for this function */
-  sqlite3_value **aReplace    /* Array of replacement values */
+  sqlite3_context *pCtx       /* Return value for this function */
 ){
   switch( pNode->eType ){
     default: {
@@ -200424,7 +203475,6 @@ static void jsonReturn(
       int bNeg = 0;
       const char *z;
 
-
       assert( pNode->eU==1 );
       z = pNode->u.zJContent;
       if( z[0]=='-' ){ z++; bNeg = 1; }
@@ -200549,7 +203599,7 @@ static void jsonReturn(
     }
     case JSON_ARRAY:
     case JSON_OBJECT: {
-      jsonReturnJson(pNode, pCtx, aReplace);
+      jsonReturnJson(pParse, pNode, pCtx, 0);
       break;
     }
   }
@@ -200571,6 +203621,12 @@ static int jsonParseAddNode(JsonParse*,u32,u32,const char*);
 #endif
 
 
+/*
+** Add a single node to pParse->aNode after first expanding the
+** size of the aNode array.  Return the index of the new node.
+**
+** If an OOM error occurs, set pParse->oom and return -1.
+*/
 static JSON_NOINLINE int jsonParseAddNodeExpand(
   JsonParse *pParse,        /* Append the node to this object */
   u32 eType,                /* Node type */
@@ -200587,7 +203643,7 @@ static JSON_NOINLINE int jsonParseAddNodeExpand(
     pParse->oom = 1;
     return -1;
   }
-  pParse->nAlloc = nNew;
+  pParse->nAlloc = sqlite3_msize(pNew)/sizeof(JsonNode);
   pParse->aNode = pNew;
   assert( pParse->nNodenAlloc );
   return jsonParseAddNode(pParse, eType, n, zContent);
@@ -200605,10 +203661,13 @@ static int jsonParseAddNode(
   const char *zContent      /* Content */
 ){
   JsonNode *p;
-  if( pParse->aNode==0 || pParse->nNode>=pParse->nAlloc ){
+  assert( pParse->aNode!=0 || pParse->nNode>=pParse->nAlloc );
+  if( pParse->nNode>=pParse->nAlloc ){
     return jsonParseAddNodeExpand(pParse, eType, n, zContent);
   }
+  assert( pParse->aNode!=0 );
   p = &pParse->aNode[pParse->nNode];
+  assert( p!=0 );
   p->eType = (u8)(eType & 0xff);
   p->jnFlags = (u8)(eType >> 8);
   VVA( p->eU = zContent ? 1 : 0 );
@@ -200617,6 +203676,52 @@ static int jsonParseAddNode(
   return pParse->nNode++;
 }
 
+/*
+** Add an array of new nodes to the current pParse->aNode array.
+** Return the index of the first node added.
+**
+** If an OOM error occurs, set pParse->oom.
+*/
+static void jsonParseAddNodeArray(
+  JsonParse *pParse,        /* Append the node to this object */
+  JsonNode *aNode,          /* Array of nodes to add */
+  u32 nNode                 /* Number of elements in aNew */
+){
+  assert( aNode!=0 );
+  assert( nNode>=1 );
+  if( pParse->nNode + nNode > pParse->nAlloc ){
+    u32 nNew = pParse->nNode + nNode;
+    JsonNode *aNew = sqlite3_realloc64(pParse->aNode, nNew*sizeof(JsonNode));
+    if( aNew==0 ){
+      pParse->oom = 1;
+      return;
+    }
+    pParse->nAlloc = sqlite3_msize(aNew)/sizeof(JsonNode);
+    pParse->aNode = aNew;
+  }
+  memcpy(&pParse->aNode[pParse->nNode], aNode, nNode*sizeof(JsonNode));
+  pParse->nNode += nNode;
+}
+
+/*
+** Add a new JSON_SUBST node.  The node immediately following
+** this new node will be the substitute content for iNode.
+*/
+static int jsonParseAddSubstNode(
+  JsonParse *pParse,       /* Add the JSON_SUBST here */
+  u32 iNode                /* References this node */
+){
+  int idx = jsonParseAddNode(pParse, JSON_SUBST, iNode, 0);
+  if( pParse->oom ) return -1;
+  pParse->aNode[iNode].jnFlags |= JNODE_REPLACE;
+  pParse->aNode[idx].eU = 4;
+  pParse->aNode[idx].u.iPrev = pParse->iSubst;
+  pParse->iSubst = idx;
+  pParse->hasMod = 1;
+  pParse->useMod = 1;
+  return idx;
+}
+
 /*
 ** Return true if z[] begins with 2 (or more) hexadecimal digits
 */
@@ -200783,7 +203888,7 @@ static const struct NanInfName {
 **
 ** Special return values:
 **
-**      0    End if input
+**      0    End of input
 **     -1    Syntax error
 **     -2    '}' seen
 **     -3    ']' seen
@@ -200958,15 +204063,12 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
     jnFlags = 0;
   parse_string:
     cDelim = z[i];
-    j = i+1;
-    for(;;){
+    for(j=i+1; 1; j++){
+      if( jsonIsOk[(unsigned char)z[j]] ) continue;
       c = z[j];
-      if( (c & ~0x1f)==0 ){
-        /* Control characters are not allowed in strings */
-        pParse->iErr = j;
-        return -1;
-      }
-      if( c=='\\' ){
+      if( c==cDelim ){
+        break;
+      }else if( c=='\\' ){
         c = z[++j];
         if( c=='"' || c=='\\' || c=='/' || c=='b' || c=='f'
            || c=='n' || c=='r' || c=='t'
@@ -200986,10 +204088,11 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
           pParse->iErr = j;
           return -1;
         }
-      }else if( c==cDelim ){
-        break;
+      }else if( c<=0x1f ){
+        /* Control characters are not allowed in strings */
+        pParse->iErr = j;
+        return -1;
       }
-      j++;
     }
     jsonParseAddNode(pParse, JSON_STRING | (jnFlags<<8), j+1-i, &z[i]);
     return j+1;
@@ -201225,20 +204328,18 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
 
 /*
 ** Parse a complete JSON string.  Return 0 on success or non-zero if there
-** are any errors.  If an error occurs, free all memory associated with
-** pParse.
+** are any errors.  If an error occurs, free all memory held by pParse,
+** but not pParse itself.
 **
-** pParse is uninitialized when this routine is called.
+** pParse must be initialized to an empty parse object prior to calling
+** this routine.
 */
 static int jsonParse(
   JsonParse *pParse,           /* Initialize and fill this JsonParse object */
-  sqlite3_context *pCtx,       /* Report errors here */
-  const char *zJson            /* Input JSON text to be parsed */
+  sqlite3_context *pCtx        /* Report errors here */
 ){
   int i;
-  memset(pParse, 0, sizeof(*pParse));
-  if( zJson==0 ) return 1;
-  pParse->zJson = zJson;
+  const char *zJson = pParse->zJson;
   i = jsonParseValue(pParse, 0);
   if( pParse->oom ) i = -1;
   if( i>0 ){
@@ -201267,6 +204368,7 @@ static int jsonParse(
   return 0;
 }
 
+
 /* Mark node i of pParse as being a child of iParent.  Call recursively
 ** to fill in all the descendants of node i.
 */
@@ -201316,35 +204418,49 @@ static int jsonParseFindParents(JsonParse *pParse){
 #define JSON_CACHE_SZ  4          /* Max number of cache entries */
 
 /*
-** Obtain a complete parse of the JSON found in the first argument
-** of the argv array.  Use the sqlite3_get_auxdata() cache for this
-** parse if it is available.  If the cache is not available or if it
-** is no longer valid, parse the JSON again and return the new parse,
-** and also register the new parse so that it will be available for
+** Obtain a complete parse of the JSON found in the pJson argument
+**
+** Use the sqlite3_get_auxdata() cache to find a preexisting parse
+** if it is available.  If the cache is not available or if it
+** is no longer valid, parse the JSON again and return the new parse.
+** Also register the new parse so that it will be available for
 ** future sqlite3_get_auxdata() calls.
 **
 ** If an error occurs and pErrCtx!=0 then report the error on pErrCtx
 ** and return NULL.
 **
-** If an error occurs and pErrCtx==0 then return the Parse object with
-** JsonParse.nErr non-zero.  If the caller invokes this routine with
-** pErrCtx==0 and it gets back a JsonParse with nErr!=0, then the caller
-** is responsible for invoking jsonParseFree() on the returned value.
-** But the caller may invoke jsonParseFree() *only* if pParse->nErr!=0.
+** The returned pointer (if it is not NULL) is owned by the cache in
+** most cases, not the caller.  The caller does NOT need to invoke
+** jsonParseFree(), in most cases.
+**
+** Except, if an error occurs and pErrCtx==0 then return the JsonParse
+** object with JsonParse.nErr non-zero and the caller will own the JsonParse
+** object.  In that case, it will be the responsibility of the caller to
+** invoke jsonParseFree().  To summarize:
+**
+**   pErrCtx!=0 || p->nErr==0      ==>   Return value p is owned by the
+**                                       cache.  Call does not need to
+**                                       free it.
+**
+**   pErrCtx==0 && p->nErr!=0      ==>   Return value is owned by the caller
+**                                       and so the caller must free it.
 */
 static JsonParse *jsonParseCached(
-  sqlite3_context *pCtx,
-  sqlite3_value **argv,
-  sqlite3_context *pErrCtx
+  sqlite3_context *pCtx,         /* Context to use for cache search */
+  sqlite3_value *pJson,          /* Function param containing JSON text */
+  sqlite3_context *pErrCtx,      /* Write parse errors here if not NULL */
+  int bUnedited                  /* No prior edits allowed */
 ){
-  const char *zJson = (const char*)sqlite3_value_text(argv[0]);
-  int nJson = sqlite3_value_bytes(argv[0]);
+  char *zJson = (char*)sqlite3_value_text(pJson);
+  int nJson = sqlite3_value_bytes(pJson);
   JsonParse *p;
   JsonParse *pMatch = 0;
   int iKey;
   int iMinKey = 0;
   u32 iMinHold = 0xffffffff;
   u32 iMaxHold = 0;
+  int bJsonRCStr;
+
   if( zJson==0 ) return 0;
   for(iKey=0; iKeynJson==nJson
-     && memcmp(p->zJson,zJson,nJson)==0
+     && (p->hasMod==0 || bUnedited==0)
+     && (p->zJson==zJson || memcmp(p->zJson,zJson,nJson)==0)
+    ){
+      p->nErr = 0;
+      p->useMod = 0;
+      pMatch = p;
+    }else
+    if( pMatch==0
+     && p->zAlt!=0
+     && bUnedited==0
+     && p->nAlt==nJson
+     && memcmp(p->zAlt, zJson, nJson)==0
     ){
       p->nErr = 0;
+      p->useMod = 1;
       pMatch = p;
     }else if( p->iHoldiHold;
@@ -201367,28 +204495,44 @@ static JsonParse *jsonParseCached(
     }
   }
   if( pMatch ){
+    /* The input JSON text was found in the cache.  Use the preexisting
+    ** parse of this JSON */
     pMatch->nErr = 0;
     pMatch->iHold = iMaxHold+1;
+    assert( pMatch->nJPRef>0 ); /* pMatch is owned by the cache */
     return pMatch;
   }
-  p = sqlite3_malloc64( sizeof(*p) + nJson + 1 );
+
+  /* The input JSON was not found anywhere in the cache.  We will need
+  ** to parse it ourselves and generate a new JsonParse object.
+  */
+  bJsonRCStr = sqlite3ValueIsOfClass(pJson,sqlite3RCStrUnref);
+  p = sqlite3_malloc64( sizeof(*p) + (bJsonRCStr ? 0 : nJson+1) );
   if( p==0 ){
     sqlite3_result_error_nomem(pCtx);
     return 0;
   }
   memset(p, 0, sizeof(*p));
-  p->zJson = (char*)&p[1];
-  memcpy((char*)p->zJson, zJson, nJson+1);
-  if( jsonParse(p, pErrCtx, p->zJson) ){
+  if( bJsonRCStr ){
+    p->zJson = sqlite3RCStrRef(zJson);
+    p->bJsonIsRCStr = 1;
+  }else{
+    p->zJson = (char*)&p[1];
+    memcpy(p->zJson, zJson, nJson+1);
+  }
+  p->nJPRef = 1;
+  if( jsonParse(p, pErrCtx) ){
     if( pErrCtx==0 ){
       p->nErr = 1;
+      assert( p->nJPRef==1 ); /* Caller will own the new JsonParse object p */
       return p;
     }
-    sqlite3_free(p);
+    jsonParseFree(p);
     return 0;
   }
   p->nJson = nJson;
   p->iHold = iMaxHold+1;
+  /* Transfer ownership of the new JsonParse to the cache */
   sqlite3_set_auxdata(pCtx, JSON_CACHE_ID+iMinKey, p,
                       (void(*)(void*))jsonParseFree);
   return (JsonParse*)sqlite3_get_auxdata(pCtx, JSON_CACHE_ID+iMinKey);
@@ -201439,9 +204583,31 @@ static JsonNode *jsonLookupStep(
 ){
   u32 i, j, nKey;
   const char *zKey;
-  JsonNode *pRoot = &pParse->aNode[iRoot];
+  JsonNode *pRoot;
+  if( pParse->oom ) return 0;
+  pRoot = &pParse->aNode[iRoot];
+  if( pRoot->jnFlags & (JNODE_REPLACE|JNODE_REMOVE) && pParse->useMod ){
+    while( (pRoot->jnFlags & JNODE_REPLACE)!=0 ){
+      u32 idx = (u32)(pRoot - pParse->aNode);
+      i = pParse->iSubst;
+      while( 1 /*exit-by-break*/ ){
+        assert( inNode );
+        assert( pParse->aNode[i].eType==JSON_SUBST );
+        assert( pParse->aNode[i].eU==4 );
+        assert( pParse->aNode[i].u.iPrevaNode[i].n==idx ){
+          pRoot = &pParse->aNode[i+1];
+          iRoot = i+1;
+          break;
+        }
+        i = pParse->aNode[i].u.iPrev;
+      }
+    }
+    if( pRoot->jnFlags & JNODE_REMOVE ){
+      return 0;
+    }
+  }
   if( zPath[0]==0 ) return pRoot;
-  if( pRoot->jnFlags & JNODE_REPLACE ) return 0;
   if( zPath[0]=='.' ){
     if( pRoot->eType!=JSON_OBJECT ) return 0;
     zPath++;
@@ -201475,14 +204641,16 @@ static JsonNode *jsonLookupStep(
         j += jsonNodeSize(&pRoot[j]);
       }
       if( (pRoot->jnFlags & JNODE_APPEND)==0 ) break;
+      if( pParse->useMod==0 ) break;
       assert( pRoot->eU==2 );
-      iRoot += pRoot->u.iAppend;
+      iRoot = pRoot->u.iAppend;
       pRoot = &pParse->aNode[iRoot];
       j = 1;
     }
     if( pApnd ){
       u32 iStart, iLabel;
       JsonNode *pNode;
+      assert( pParse->useMod );
       iStart = jsonParseAddNode(pParse, JSON_OBJECT, 2, 0);
       iLabel = jsonParseAddNode(pParse, JSON_STRING, nKey, zKey);
       zPath += i;
@@ -201491,7 +204659,7 @@ static JsonNode *jsonLookupStep(
       if( pNode ){
         pRoot = &pParse->aNode[iRoot];
         assert( pRoot->eU==0 );
-        pRoot->u.iAppend = iStart - iRoot;
+        pRoot->u.iAppend = iStart;
         pRoot->jnFlags |= JNODE_APPEND;
         VVA( pRoot->eU = 2 );
         pParse->aNode[iLabel].jnFlags |= JNODE_RAW;
@@ -201512,12 +204680,13 @@ static JsonNode *jsonLookupStep(
         if( pRoot->eType!=JSON_ARRAY ) return 0;
         for(;;){
           while( j<=pBase->n ){
-            if( (pBase[j].jnFlags & JNODE_REMOVE)==0 ) i++;
+            if( (pBase[j].jnFlags & JNODE_REMOVE)==0 || pParse->useMod==0 ) i++;
             j += jsonNodeSize(&pBase[j]);
           }
           if( (pBase->jnFlags & JNODE_APPEND)==0 ) break;
+          if( pParse->useMod==0 ) break;
           assert( pBase->eU==2 );
-          iBase += pBase->u.iAppend;
+          iBase = pBase->u.iAppend;
           pBase = &pParse->aNode[iBase];
           j = 1;
         }
@@ -201545,13 +204714,17 @@ static JsonNode *jsonLookupStep(
     zPath += j + 1;
     j = 1;
     for(;;){
-      while( j<=pRoot->n && (i>0 || (pRoot[j].jnFlags & JNODE_REMOVE)!=0) ){
-        if( (pRoot[j].jnFlags & JNODE_REMOVE)==0 ) i--;
+      while( j<=pRoot->n
+         && (i>0 || ((pRoot[j].jnFlags & JNODE_REMOVE)!=0 && pParse->useMod))
+      ){
+        if( (pRoot[j].jnFlags & JNODE_REMOVE)==0 || pParse->useMod==0 ) i--;
         j += jsonNodeSize(&pRoot[j]);
       }
+      if( i==0 && j<=pRoot->n ) break;
       if( (pRoot->jnFlags & JNODE_APPEND)==0 ) break;
+      if( pParse->useMod==0 ) break;
       assert( pRoot->eU==2 );
-      iRoot += pRoot->u.iAppend;
+      iRoot = pRoot->u.iAppend;
       pRoot = &pParse->aNode[iRoot];
       j = 1;
     }
@@ -201561,13 +204734,14 @@ static JsonNode *jsonLookupStep(
     if( i==0 && pApnd ){
       u32 iStart;
       JsonNode *pNode;
+      assert( pParse->useMod );
       iStart = jsonParseAddNode(pParse, JSON_ARRAY, 1, 0);
       pNode = jsonLookupAppend(pParse, zPath, pApnd, pzErr);
       if( pParse->oom ) return 0;
       if( pNode ){
         pRoot = &pParse->aNode[iRoot];
         assert( pRoot->eU==0 );
-        pRoot->u.iAppend = iStart - iRoot;
+        pRoot->u.iAppend = iStart;
         pRoot->jnFlags |= JNODE_APPEND;
         VVA( pRoot->eU = 2 );
       }
@@ -201694,47 +204868,90 @@ static void jsonRemoveAllNulls(JsonNode *pNode){
 ** SQL functions used for testing and debugging
 ****************************************************************************/
 
+#if SQLITE_DEBUG
+/*
+** Print N node entries.
+*/
+static void jsonDebugPrintNodeEntries(
+  JsonNode *aNode,  /* First node entry to print */
+  int N             /* Number of node entries to print */
+){
+  int i;
+  for(i=0; iaNode, p->nNode);
+}
+static void jsonDebugPrintNode(JsonNode *pNode){
+  jsonDebugPrintNodeEntries(pNode, jsonNodeSize(pNode));
+}
+#else
+   /* The usual case */
+# define jsonDebugPrintNode(X)
+# define jsonDebugPrintParse(X)
+#endif
+
 #ifdef SQLITE_DEBUG
 /*
-** The json_parse(JSON) function returns a string which describes
-** a parse of the JSON provided.  Or it returns NULL if JSON is not
-** well-formed.
+** SQL function:   json_parse(JSON)
+**
+** Parse JSON using jsonParseCached().  Then print a dump of that
+** parse on standard output.  Return the mimified JSON result, just
+** like the json() function.
 */
 static void jsonParseFunc(
   sqlite3_context *ctx,
   int argc,
   sqlite3_value **argv
 ){
-  JsonString s;       /* Output string - not real JSON */
-  JsonParse x;        /* The parse */
-  u32 i;
+  JsonParse *p;        /* The parse */
 
   assert( argc==1 );
-  if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
-  jsonParseFindParents(&x);
-  jsonInit(&s, ctx);
-  for(i=0; inNode);
+  printf("nAlloc    = %u\n", p->nAlloc);
+  printf("nJson     = %d\n", p->nJson);
+  printf("nAlt      = %d\n", p->nAlt);
+  printf("nErr      = %u\n", p->nErr);
+  printf("oom       = %u\n", p->oom);
+  printf("hasNonstd = %u\n", p->hasNonstd);
+  printf("useMod    = %u\n", p->useMod);
+  printf("hasMod    = %u\n", p->hasMod);
+  printf("nJPRef    = %u\n", p->nJPRef);
+  printf("iSubst    = %u\n", p->iSubst);
+  printf("iHold     = %u\n", p->iHold);
+  jsonDebugPrintNodeEntries(p->aNode, p->nNode);
+  jsonReturnJson(p, p->aNode, ctx, 1);
 }
 
 /*
@@ -201818,7 +205035,7 @@ static void jsonArrayLengthFunc(
   u32 i;
   JsonNode *pNode;
 
-  p = jsonParseCached(ctx, argv, ctx);
+  p = jsonParseCached(ctx, argv[0], ctx, 0);
   if( p==0 ) return;
   assert( p->nNode );
   if( argc==2 ){
@@ -201831,9 +205048,16 @@ static void jsonArrayLengthFunc(
     return;
   }
   if( pNode->eType==JSON_ARRAY ){
-    assert( (pNode->jnFlags & JNODE_APPEND)==0 );
-    for(i=1; i<=pNode->n; n++){
-      i += jsonNodeSize(&pNode[i]);
+    while( 1 /*exit-by-break*/ ){
+      i = 1;
+      while( i<=pNode->n ){
+        if( (pNode[i].jnFlags & JNODE_REMOVE)==0 ) n++;
+        i += jsonNodeSize(&pNode[i]);
+      }
+      if( (pNode->jnFlags & JNODE_APPEND)==0 ) break;
+      if( p->useMod==0 ) break;
+      assert( pNode->eU==2 );
+      pNode = &p->aNode[pNode->u.iAppend];
     }
   }
   sqlite3_result_int64(ctx, n);
@@ -201880,7 +205104,7 @@ static void jsonExtractFunc(
   JsonString jx;
 
   if( argc<2 ) return;
-  p = jsonParseCached(ctx, argv, ctx);
+  p = jsonParseCached(ctx, argv[0], ctx, 0);
   if( p==0 ) return;
   if( argc==2 ){
     /* With a single PATH argument */
@@ -201898,11 +205122,11 @@ static void jsonExtractFunc(
         */
         jsonInit(&jx, ctx);
         if( sqlite3Isdigit(zPath[0]) ){
-          jsonAppendRaw(&jx, "$[", 2);
+          jsonAppendRawNZ(&jx, "$[", 2);
           jsonAppendRaw(&jx, zPath, (int)strlen(zPath));
-          jsonAppendRaw(&jx, "]", 2);
+          jsonAppendRawNZ(&jx, "]", 2);
         }else{
-          jsonAppendRaw(&jx, "$.", 1 + (zPath[0]!='['));
+          jsonAppendRawNZ(&jx, "$.", 1 + (zPath[0]!='['));
           jsonAppendRaw(&jx, zPath, (int)strlen(zPath));
           jsonAppendChar(&jx, 0);
         }
@@ -201913,15 +205137,15 @@ static void jsonExtractFunc(
       }
       if( pNode ){
         if( flags & JSON_JSON ){
-          jsonReturnJson(pNode, ctx, 0);
+          jsonReturnJson(p, pNode, ctx, 0);
         }else{
-          jsonReturn(pNode, ctx, 0);
+          jsonReturn(p, pNode, ctx);
           sqlite3_result_subtype(ctx, 0);
         }
       }
     }else{
       pNode = jsonLookup(p, zPath, 0, ctx);
-      if( p->nErr==0 && pNode ) jsonReturn(pNode, ctx, 0);
+      if( p->nErr==0 && pNode ) jsonReturn(p, pNode, ctx);
     }
   }else{
     /* Two or more PATH arguments results in a JSON array with each
@@ -201935,9 +205159,9 @@ static void jsonExtractFunc(
       if( p->nErr ) break;
       jsonAppendSeparator(&jx);
       if( pNode ){
-        jsonRenderNode(pNode, &jx, 0);
+        jsonRenderNode(p, pNode, &jx);
       }else{
-        jsonAppendRaw(&jx, "null", 4);
+        jsonAppendRawNZ(&jx, "null", 4);
       }
     }
     if( i==argc ){
@@ -201982,45 +205206,38 @@ static JsonNode *jsonMergePatch(
       assert( pTarget[j].eType==JSON_STRING );
       assert( pTarget[j].jnFlags & JNODE_LABEL );
       if( jsonSameLabel(&pPatch[i], &pTarget[j]) ){
-        if( pTarget[j+1].jnFlags & (JNODE_REMOVE|JNODE_PATCH) ) break;
+        if( pTarget[j+1].jnFlags & (JNODE_REMOVE|JNODE_REPLACE) ) break;
         if( pPatch[i+1].eType==JSON_NULL ){
           pTarget[j+1].jnFlags |= JNODE_REMOVE;
         }else{
           JsonNode *pNew = jsonMergePatch(pParse, iTarget+j+1, &pPatch[i+1]);
           if( pNew==0 ) return 0;
-          pTarget = &pParse->aNode[iTarget];
-          if( pNew!=&pTarget[j+1] ){
-            assert( pTarget[j+1].eU==0
-                 || pTarget[j+1].eU==1
-                 || pTarget[j+1].eU==2 );
-            testcase( pTarget[j+1].eU==1 );
-            testcase( pTarget[j+1].eU==2 );
-            VVA( pTarget[j+1].eU = 5 );
-            pTarget[j+1].u.pPatch = pNew;
-            pTarget[j+1].jnFlags |= JNODE_PATCH;
+          if( pNew!=&pParse->aNode[iTarget+j+1] ){
+            jsonParseAddSubstNode(pParse, iTarget+j+1);
+            jsonParseAddNodeArray(pParse, pNew, jsonNodeSize(pNew));
           }
+          pTarget = &pParse->aNode[iTarget];
         }
         break;
       }
     }
     if( j>=pTarget->n && pPatch[i+1].eType!=JSON_NULL ){
-      int iStart, iPatch;
-      iStart = jsonParseAddNode(pParse, JSON_OBJECT, 2, 0);
+      int iStart;
+      JsonNode *pApnd;
+      u32 nApnd;
+      iStart = jsonParseAddNode(pParse, JSON_OBJECT, 0, 0);
       jsonParseAddNode(pParse, JSON_STRING, nKey, zKey);
-      iPatch = jsonParseAddNode(pParse, JSON_TRUE, 0, 0);
+      pApnd = &pPatch[i+1];
+      if( pApnd->eType==JSON_OBJECT ) jsonRemoveAllNulls(pApnd);
+      nApnd = jsonNodeSize(pApnd);
+      jsonParseAddNodeArray(pParse, pApnd, jsonNodeSize(pApnd));
       if( pParse->oom ) return 0;
-      jsonRemoveAllNulls(pPatch);
-      pTarget = &pParse->aNode[iTarget];
-      assert( pParse->aNode[iRoot].eU==0 || pParse->aNode[iRoot].eU==2 );
-      testcase( pParse->aNode[iRoot].eU==2 );
+      pParse->aNode[iStart].n = 1+nApnd;
       pParse->aNode[iRoot].jnFlags |= JNODE_APPEND;
+      pParse->aNode[iRoot].u.iAppend = iStart;
       VVA( pParse->aNode[iRoot].eU = 2 );
-      pParse->aNode[iRoot].u.iAppend = iStart - iRoot;
       iRoot = iStart;
-      assert( pParse->aNode[iPatch].eU==0 );
-      VVA( pParse->aNode[iPatch].eU = 5 );
-      pParse->aNode[iPatch].jnFlags |= JNODE_PATCH;
-      pParse->aNode[iPatch].u.pPatch = &pPatch[i+1];
+      pTarget = &pParse->aNode[iTarget];
     }
   }
   return pTarget;
@@ -202036,25 +205253,28 @@ static void jsonPatchFunc(
   int argc,
   sqlite3_value **argv
 ){
-  JsonParse x;     /* The JSON that is being patched */
-  JsonParse y;     /* The patch */
+  JsonParse *pX;     /* The JSON that is being patched */
+  JsonParse *pY;     /* The patch */
   JsonNode *pResult;   /* The result of the merge */
 
   UNUSED_PARAMETER(argc);
-  if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
-  if( jsonParse(&y, ctx, (const char*)sqlite3_value_text(argv[1])) ){
-    jsonParseReset(&x);
-    return;
-  }
-  pResult = jsonMergePatch(&x, 0, y.aNode);
-  assert( pResult!=0 || x.oom );
-  if( pResult ){
-    jsonReturnJson(pResult, ctx, 0);
+  pX = jsonParseCached(ctx, argv[0], ctx, 1);
+  if( pX==0 ) return;
+  assert( pX->hasMod==0 );
+  pX->hasMod = 1;
+  pY = jsonParseCached(ctx, argv[1], ctx, 1);
+  if( pY==0 ) return;
+  pX->useMod = 1;
+  pY->useMod = 1;
+  pResult = jsonMergePatch(pX, 0, pY->aNode);
+  assert( pResult!=0 || pX->oom );
+  if( pResult && pX->oom==0 ){
+    jsonDebugPrintParse(pX);
+    jsonDebugPrintNode(pResult);
+    jsonReturnJson(pX, pResult, ctx, 0);
   }else{
     sqlite3_result_error_nomem(ctx);
   }
-  jsonParseReset(&x);
-  jsonParseReset(&y);
 }
 
 
@@ -202110,26 +205330,120 @@ static void jsonRemoveFunc(
   int argc,
   sqlite3_value **argv
 ){
-  JsonParse x;          /* The parse */
+  JsonParse *pParse;          /* The parse */
   JsonNode *pNode;
   const char *zPath;
   u32 i;
 
   if( argc<1 ) return;
-  if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
-  assert( x.nNode );
+  pParse = jsonParseCached(ctx, argv[0], ctx, argc>1);
+  if( pParse==0 ) return;
   for(i=1; i<(u32)argc; i++){
     zPath = (const char*)sqlite3_value_text(argv[i]);
     if( zPath==0 ) goto remove_done;
-    pNode = jsonLookup(&x, zPath, 0, ctx);
-    if( x.nErr ) goto remove_done;
-    if( pNode ) pNode->jnFlags |= JNODE_REMOVE;
+    pNode = jsonLookup(pParse, zPath, 0, ctx);
+    if( pParse->nErr ) goto remove_done;
+    if( pNode ){
+      pNode->jnFlags |= JNODE_REMOVE;
+      pParse->hasMod = 1;
+      pParse->useMod = 1;
+    }
   }
-  if( (x.aNode[0].jnFlags & JNODE_REMOVE)==0 ){
-    jsonReturnJson(x.aNode, ctx, 0);
+  if( (pParse->aNode[0].jnFlags & JNODE_REMOVE)==0 ){
+    jsonReturnJson(pParse, pParse->aNode, ctx, 1);
   }
 remove_done:
-  jsonParseReset(&x);
+  jsonDebugPrintParse(p);
+}
+
+/*
+** Substitute the value at iNode with the pValue parameter.
+*/
+static void jsonReplaceNode(
+  sqlite3_context *pCtx,
+  JsonParse *p,
+  int iNode,
+  sqlite3_value *pValue
+){
+  int idx = jsonParseAddSubstNode(p, iNode);
+  if( idx<=0 ){
+    assert( p->oom );
+    return;
+  }
+  switch( sqlite3_value_type(pValue) ){
+    case SQLITE_NULL: {
+      jsonParseAddNode(p, JSON_NULL, 0, 0);
+      break;
+    }
+    case SQLITE_FLOAT: {
+      char *z = sqlite3_mprintf("%!0.15g", sqlite3_value_double(pValue));
+      int n;
+      if( z==0 ){
+        p->oom = 1;
+        break;
+      }
+      n = sqlite3Strlen30(z);
+      jsonParseAddNode(p, JSON_REAL, n, z);
+      jsonParseAddCleanup(p, sqlite3_free, z);
+      break;
+    }
+    case SQLITE_INTEGER: {
+      char *z = sqlite3_mprintf("%lld", sqlite3_value_int64(pValue));
+      int n;
+      if( z==0 ){
+        p->oom = 1;
+        break;
+      }
+      n = sqlite3Strlen30(z);
+      jsonParseAddNode(p, JSON_INT, n, z);
+      jsonParseAddCleanup(p, sqlite3_free, z);
+
+      break;
+    }
+    case SQLITE_TEXT: {
+      const char *z = (const char*)sqlite3_value_text(pValue);
+      u32 n = (u32)sqlite3_value_bytes(pValue);
+      if( z==0 ){
+         p->oom = 1;
+         break;
+      }
+      if( sqlite3_value_subtype(pValue)!=JSON_SUBTYPE ){
+        char *zCopy = sqlite3_malloc64( n+1 );
+        int k;
+        if( zCopy ){
+          memcpy(zCopy, z, n);
+          zCopy[n] = 0;
+          jsonParseAddCleanup(p, sqlite3_free, zCopy);
+        }else{
+          p->oom = 1;
+          sqlite3_result_error_nomem(pCtx);
+        }
+        k = jsonParseAddNode(p, JSON_STRING, n, zCopy);
+        assert( k>0 || p->oom );
+        if( p->oom==0 ) p->aNode[k].jnFlags |= JNODE_RAW;
+      }else{
+        JsonParse *pPatch = jsonParseCached(pCtx, pValue, pCtx, 1);
+        if( pPatch==0 ){
+          p->oom = 1;
+          break;
+        }
+        jsonParseAddNodeArray(p, pPatch->aNode, pPatch->nNode);
+        /* The nodes copied out of pPatch and into p likely contain
+        ** u.zJContent pointers into pPatch->zJson.  So preserve the
+        ** content of pPatch until p is destroyed. */
+        assert( pPatch->nJPRef>=1 );
+        pPatch->nJPRef++;
+        jsonParseAddCleanup(p, (void(*)(void*))jsonParseFree, pPatch);
+      }
+      break;
+    }
+    default: {
+      jsonParseAddNode(p, JSON_NULL, 0, 0);
+      sqlite3_result_error(pCtx, "JSON cannot hold BLOB values", -1);
+      p->nErr++;
+      break;
+    }
+  }
 }
 
 /*
@@ -202143,7 +205457,7 @@ static void jsonReplaceFunc(
   int argc,
   sqlite3_value **argv
 ){
-  JsonParse x;          /* The parse */
+  JsonParse *pParse;          /* The parse */
   JsonNode *pNode;
   const char *zPath;
   u32 i;
@@ -202153,28 +205467,22 @@ static void jsonReplaceFunc(
     jsonWrongNumArgs(ctx, "replace");
     return;
   }
-  if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
-  assert( x.nNode );
+  pParse = jsonParseCached(ctx, argv[0], ctx, argc>1);
+  if( pParse==0 ) return;
+  pParse->nJPRef++;
   for(i=1; i<(u32)argc; i+=2){
     zPath = (const char*)sqlite3_value_text(argv[i]);
-    pNode = jsonLookup(&x, zPath, 0, ctx);
-    if( x.nErr ) goto replace_err;
+    pParse->useMod = 1;
+    pNode = jsonLookup(pParse, zPath, 0, ctx);
+    if( pParse->nErr ) goto replace_err;
     if( pNode ){
-      assert( pNode->eU==0 || pNode->eU==1 || pNode->eU==4 );
-      testcase( pNode->eU!=0 && pNode->eU!=1 );
-      pNode->jnFlags |= (u8)JNODE_REPLACE;
-      VVA( pNode->eU =  4 );
-      pNode->u.iReplace = i + 1;
+      jsonReplaceNode(ctx, pParse, (u32)(pNode - pParse->aNode), argv[i+1]);
     }
   }
-  if( x.aNode[0].jnFlags & JNODE_REPLACE ){
-    assert( x.aNode[0].eU==4 );
-    sqlite3_result_value(ctx, argv[x.aNode[0].u.iReplace]);
-  }else{
-    jsonReturnJson(x.aNode, ctx, argv);
-  }
+  jsonReturnJson(pParse, pParse->aNode, ctx, 1);
 replace_err:
-  jsonParseReset(&x);
+  jsonDebugPrintParse(pParse);
+  jsonParseFree(pParse);
 }
 
 
@@ -202195,7 +205503,7 @@ static void jsonSetFunc(
   int argc,
   sqlite3_value **argv
 ){
-  JsonParse x;          /* The parse */
+  JsonParse *pParse;       /* The parse */
   JsonNode *pNode;
   const char *zPath;
   u32 i;
@@ -202207,33 +205515,27 @@ static void jsonSetFunc(
     jsonWrongNumArgs(ctx, bIsSet ? "set" : "insert");
     return;
   }
-  if( jsonParse(&x, ctx, (const char*)sqlite3_value_text(argv[0])) ) return;
-  assert( x.nNode );
+  pParse = jsonParseCached(ctx, argv[0], ctx, argc>1);
+  if( pParse==0 ) return;
+  pParse->nJPRef++;
   for(i=1; i<(u32)argc; i+=2){
     zPath = (const char*)sqlite3_value_text(argv[i]);
     bApnd = 0;
-    pNode = jsonLookup(&x, zPath, &bApnd, ctx);
-    if( x.oom ){
+    pParse->useMod = 1;
+    pNode = jsonLookup(pParse, zPath, &bApnd, ctx);
+    if( pParse->oom ){
       sqlite3_result_error_nomem(ctx);
       goto jsonSetDone;
-    }else if( x.nErr ){
+    }else if( pParse->nErr ){
       goto jsonSetDone;
     }else if( pNode && (bApnd || bIsSet) ){
-      testcase( pNode->eU!=0 && pNode->eU!=1 );
-      assert( pNode->eU!=3 && pNode->eU!=5 );
-      VVA( pNode->eU = 4 );
-      pNode->jnFlags |= (u8)JNODE_REPLACE;
-      pNode->u.iReplace = i + 1;
+      jsonReplaceNode(ctx, pParse, (u32)(pNode - pParse->aNode), argv[i+1]);
     }
   }
-  if( x.aNode[0].jnFlags & JNODE_REPLACE ){
-    assert( x.aNode[0].eU==4 );
-    sqlite3_result_value(ctx, argv[x.aNode[0].u.iReplace]);
-  }else{
-    jsonReturnJson(x.aNode, ctx, argv);
-  }
+  jsonDebugPrintParse(pParse);
+  jsonReturnJson(pParse, pParse->aNode, ctx, 1);
 jsonSetDone:
-  jsonParseReset(&x);
+  jsonParseFree(pParse);
 }
 
 /*
@@ -202252,7 +205554,7 @@ static void jsonTypeFunc(
   const char *zPath;
   JsonNode *pNode;
 
-  p = jsonParseCached(ctx, argv, ctx);
+  p = jsonParseCached(ctx, argv[0], ctx, 0);
   if( p==0 ) return;
   if( argc==2 ){
     zPath = (const char*)sqlite3_value_text(argv[1]);
@@ -202278,13 +205580,19 @@ static void jsonValidFunc(
 ){
   JsonParse *p;          /* The parse */
   UNUSED_PARAMETER(argc);
-  if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
-  p = jsonParseCached(ctx, argv, 0);
+  if( sqlite3_value_type(argv[0])==SQLITE_NULL ){
+#ifdef SQLITE_LEGACY_JSON_VALID
+    /* Incorrect legacy behavior was to return FALSE for a NULL input */
+    sqlite3_result_int(ctx, 0);
+#endif
+    return;
+  }
+  p = jsonParseCached(ctx, argv[0], 0, 0);
   if( p==0 || p->oom ){
     sqlite3_result_error_nomem(ctx);
     sqlite3_free(p);
   }else{
-    sqlite3_result_int(ctx, p->nErr==0 && p->hasNonstd==0);
+    sqlite3_result_int(ctx, p->nErr==0 && (p->hasNonstd==0 || p->useMod));
     if( p->nErr ) jsonParseFree(p);
   }
 }
@@ -202325,7 +205633,7 @@ static void jsonErrorFunc(
   JsonParse *p;          /* The parse */
   UNUSED_PARAMETER(argc);
   if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
-  p = jsonParseCached(ctx, argv, 0);
+  p = jsonParseCached(ctx, argv[0], 0, 0);
   if( p==0 || p->oom ){
     sqlite3_result_error_nomem(ctx);
     sqlite3_free(p);
@@ -202334,7 +205642,7 @@ static void jsonErrorFunc(
   }else{
     int n = 1;
     u32 i;
-    const char *z = p->zJson;
+    const char *z = (const char*)sqlite3_value_text(argv[0]);
     for(i=0; iiErr && ALWAYS(z[i]); i++){
       if( (z[i]&0xc0)!=0x80 ) n++;
     }
@@ -202382,7 +205690,8 @@ static void jsonArrayCompute(sqlite3_context *ctx, int isFinal){
       assert( pStr->bStatic );
     }else if( isFinal ){
       sqlite3_result_text(ctx, pStr->zBuf, (int)pStr->nUsed,
-                          pStr->bStatic ? SQLITE_TRANSIENT : sqlite3_free);
+                          pStr->bStatic ? SQLITE_TRANSIENT :
+                              sqlite3RCStrUnref);
       pStr->bStatic = 1;
     }else{
       sqlite3_result_text(ctx, pStr->zBuf, (int)pStr->nUsed, SQLITE_TRANSIENT);
@@ -202423,7 +205732,7 @@ static void jsonGroupInverse(
   pStr = (JsonString*)sqlite3_aggregate_context(ctx, 0);
 #ifdef NEVER
   /* pStr is always non-NULL since jsonArrayStep() or jsonObjectStep() will
-  ** always have been called to initalize it */
+  ** always have been called to initialize it */
   if( NEVER(!pStr) ) return;
 #endif
   z = pStr->zBuf;
@@ -202490,7 +205799,8 @@ static void jsonObjectCompute(sqlite3_context *ctx, int isFinal){
       assert( pStr->bStatic );
     }else if( isFinal ){
       sqlite3_result_text(ctx, pStr->zBuf, (int)pStr->nUsed,
-                          pStr->bStatic ? SQLITE_TRANSIENT : sqlite3_free);
+                          pStr->bStatic ? SQLITE_TRANSIENT :
+                          sqlite3RCStrUnref);
       pStr->bStatic = 1;
     }else{
       sqlite3_result_text(ctx, pStr->zBuf, (int)pStr->nUsed, SQLITE_TRANSIENT);
@@ -202601,7 +205911,6 @@ static int jsonEachOpenTree(sqlite3_vtab *p, sqlite3_vtab_cursor **ppCursor){
 /* Reset a JsonEachCursor back to its original state.  Free any memory
 ** held. */
 static void jsonEachCursorReset(JsonEachCursor *p){
-  sqlite3_free(p->zJson);
   sqlite3_free(p->zRoot);
   jsonParseReset(&p->sParse);
   p->iRowid = 0;
@@ -202739,7 +206048,7 @@ static int jsonEachColumn(
     case JEACH_KEY: {
       if( p->i==0 ) break;
       if( p->eType==JSON_OBJECT ){
-        jsonReturn(pThis, ctx, 0);
+        jsonReturn(&p->sParse, pThis, ctx);
       }else if( p->eType==JSON_ARRAY ){
         u32 iKey;
         if( p->bRecursive ){
@@ -202755,7 +206064,7 @@ static int jsonEachColumn(
     }
     case JEACH_VALUE: {
       if( pThis->jnFlags & JNODE_LABEL ) pThis++;
-      jsonReturn(pThis, ctx, 0);
+      jsonReturn(&p->sParse, pThis, ctx);
       break;
     }
     case JEACH_TYPE: {
@@ -202766,7 +206075,7 @@ static int jsonEachColumn(
     case JEACH_ATOM: {
       if( pThis->jnFlags & JNODE_LABEL ) pThis++;
       if( pThis->eType>=JSON_ARRAY ) break;
-      jsonReturn(pThis, ctx, 0);
+      jsonReturn(&p->sParse, pThis, ctx);
       break;
     }
     case JEACH_ID: {
@@ -202921,11 +206230,19 @@ static int jsonEachFilter(
   if( idxNum==0 ) return SQLITE_OK;
   z = (const char*)sqlite3_value_text(argv[0]);
   if( z==0 ) return SQLITE_OK;
-  n = sqlite3_value_bytes(argv[0]);
-  p->zJson = sqlite3_malloc64( n+1 );
-  if( p->zJson==0 ) return SQLITE_NOMEM;
-  memcpy(p->zJson, z, (size_t)n+1);
-  if( jsonParse(&p->sParse, 0, p->zJson) ){
+  memset(&p->sParse, 0, sizeof(p->sParse));
+  p->sParse.nJPRef = 1;
+  if( sqlite3ValueIsOfClass(argv[0], sqlite3RCStrUnref) ){
+    p->sParse.zJson = sqlite3RCStrRef((char*)z);
+  }else{
+    n = sqlite3_value_bytes(argv[0]);
+    p->sParse.zJson = sqlite3RCStrNew( n+1 );
+    if( p->sParse.zJson==0 ) return SQLITE_NOMEM;
+    memcpy(p->sParse.zJson, z, (size_t)n+1);
+  }
+  p->sParse.bJsonIsRCStr = 1;
+  p->zJson = p->sParse.zJson;
+  if( jsonParse(&p->sParse, 0) ){
     int rc = SQLITE_NOMEM;
     if( p->sParse.oom==0 ){
       sqlite3_free(cur->pVtab->zErrMsg);
@@ -203010,7 +206327,8 @@ static sqlite3_module jsonEachModule = {
   0,                         /* xSavepoint */
   0,                         /* xRelease */
   0,                         /* xRollbackTo */
-  0                          /* xShadowName */
+  0,                         /* xShadowName */
+  0                          /* xIntegrity */
 };
 
 /* The methods of the json_tree virtual table. */
@@ -203038,7 +206356,8 @@ static sqlite3_module jsonTreeModule = {
   0,                         /* xSavepoint */
   0,                         /* xRelease */
   0,                         /* xRollbackTo */
-  0                          /* xShadowName */
+  0,                         /* xShadowName */
+  0                          /* xIntegrity */
 };
 #endif /* SQLITE_OMIT_VIRTUALTABLE */
 #endif /* !defined(SQLITE_OMIT_JSON) */
@@ -203203,6 +206522,11 @@ typedef unsigned int u32;
 #endif
 #endif /* !defined(SQLITE_AMALGAMATION) */
 
+/* Macro to check for 4-byte alignment.  Only used inside of assert() */
+#ifdef SQLITE_DEBUG
+# define FOUR_BYTE_ALIGNED(X)  ((((char*)(X) - (char*)0) & 3)==0)
+#endif
+
 /* #include  */
 /* #include  */
 /* #include  */
@@ -203268,6 +206592,7 @@ struct Rtree {
   int iDepth;                 /* Current depth of the r-tree structure */
   char *zDb;                  /* Name of database containing r-tree table */
   char *zName;                /* Name of r-tree table */
+  char *zNodeName;            /* Name of the %_node table */
   u32 nBusy;                  /* Current number of users of this structure */
   i64 nRowEst;                /* Estimated number of rows in this table */
   u32 nCursor;                /* Number of open cursors */
@@ -203280,7 +206605,6 @@ struct Rtree {
   ** headed by the node (leaf nodes have RtreeNode.iNode==0).
   */
   RtreeNode *pDeleted;
-  int iReinsertHeight;        /* Height of sub-trees Reinsert() has run on */
 
   /* Blob I/O on xxx_node */
   sqlite3_blob *pNodeBlob;
@@ -203577,15 +206901,20 @@ struct RtreeMatchArg {
 ** -DSQLITE_RUNTIME_BYTEORDER=1 is set, then byte-order is determined
 ** at run-time.
 */
-#ifndef SQLITE_BYTEORDER
-# if defined(i386)      || defined(__i386__)      || defined(_M_IX86) ||    \
+#ifndef SQLITE_BYTEORDER /* Replicate changes at tag-20230904a */
+# if defined(__BYTE_ORDER__) && __BYTE_ORDER__==__ORDER_BIG_ENDIAN__
+#   define SQLITE_BYTEORDER 4321
+# elif defined(__BYTE_ORDER__) && __BYTE_ORDER__==__ORDER_LITTLE_ENDIAN__
+#   define SQLITE_BYTEORDER 1234
+# elif defined(__BIG_ENDIAN__) && __BIG_ENDIAN__==1
+#   define SQLITE_BYTEORDER 4321
+# elif defined(i386)    || defined(__i386__)      || defined(_M_IX86) ||    \
      defined(__x86_64)  || defined(__x86_64__)    || defined(_M_X64)  ||    \
      defined(_M_AMD64)  || defined(_M_ARM)        || defined(__x86)   ||    \
      defined(__ARMEL__) || defined(__AARCH64EL__) || defined(_M_ARM64)
-#   define SQLITE_BYTEORDER    1234
-# elif defined(sparc)     || defined(__ppc__) || \
-       defined(__ARMEB__) || defined(__AARCH64EB__)
-#   define SQLITE_BYTEORDER    4321
+#   define SQLITE_BYTEORDER 1234
+# elif defined(sparc)   || defined(__ARMEB__)     || defined(__AARCH64EB__)
+#   define SQLITE_BYTEORDER 4321
 # else
 #   define SQLITE_BYTEORDER 0
 # endif
@@ -203609,7 +206938,7 @@ static int readInt16(u8 *p){
   return (p[0]<<8) + p[1];
 }
 static void readCoord(u8 *p, RtreeCoord *pCoord){
-  assert( (((sqlite3_uint64)p)&3)==0 );  /* p is always 4-byte aligned */
+  assert( FOUR_BYTE_ALIGNED(p) );
 #if SQLITE_BYTEORDER==1234 && MSVC_VERSION>=1300
   pCoord->u = _byteswap_ulong(*(u32*)p);
 #elif SQLITE_BYTEORDER==1234 && GCC_VERSION>=4003000
@@ -203663,7 +206992,7 @@ static void writeInt16(u8 *p, int i){
 }
 static int writeCoord(u8 *p, RtreeCoord *pCoord){
   u32 i;
-  assert( (((sqlite3_uint64)p)&3)==0 );  /* p is always 4-byte aligned */
+  assert( FOUR_BYTE_ALIGNED(p) );
   assert( sizeof(RtreeCoord)==4 );
   assert( sizeof(u32)==4 );
 #if SQLITE_BYTEORDER==1234 && GCC_VERSION>=4003000
@@ -203834,11 +207163,9 @@ static int nodeAcquire(
     }
   }
   if( pRtree->pNodeBlob==0 ){
-    char *zTab = sqlite3_mprintf("%s_node", pRtree->zName);
-    if( zTab==0 ) return SQLITE_NOMEM;
-    rc = sqlite3_blob_open(pRtree->db, pRtree->zDb, zTab, "data", iNode, 0,
+    rc = sqlite3_blob_open(pRtree->db, pRtree->zDb, pRtree->zNodeName,
+                           "data", iNode, 0,
                            &pRtree->pNodeBlob);
-    sqlite3_free(zTab);
   }
   if( rc ){
     nodeBlobReset(pRtree);
@@ -204391,7 +207718,7 @@ static void rtreeNonleafConstraint(
   assert(p->op==RTREE_LE || p->op==RTREE_LT || p->op==RTREE_GE
       || p->op==RTREE_GT || p->op==RTREE_EQ || p->op==RTREE_TRUE
       || p->op==RTREE_FALSE );
-  assert( (((sqlite3_uint64)pCellData)&3)==0 );  /* 4-byte aligned */
+  assert( FOUR_BYTE_ALIGNED(pCellData) );
   switch( p->op ){
     case RTREE_TRUE:  return;   /* Always satisfied */
     case RTREE_FALSE: break;    /* Never satisfied */
@@ -204444,7 +207771,7 @@ static void rtreeLeafConstraint(
       || p->op==RTREE_GT || p->op==RTREE_EQ || p->op==RTREE_TRUE
       || p->op==RTREE_FALSE );
   pCellData += 8 + p->iCoord*4;
-  assert( (((sqlite3_uint64)pCellData)&3)==0 );  /* 4-byte aligned */
+  assert( FOUR_BYTE_ALIGNED(pCellData) );
   RTREE_DECODE_COORD(eInt, pCellData, xN);
   switch( p->op ){
     case RTREE_TRUE:  return;   /* Always satisfied */
@@ -205014,7 +208341,20 @@ static int rtreeFilter(
             p->pInfo->nCoord = pRtree->nDim2;
             p->pInfo->anQueue = pCsr->anQueue;
             p->pInfo->mxLevel = pRtree->iDepth + 1;
-          }else if( eType==SQLITE_INTEGER || eType==SQLITE_FLOAT ){
+          }else if( eType==SQLITE_INTEGER ){
+            sqlite3_int64 iVal = sqlite3_value_int64(argv[ii]);
+#ifdef SQLITE_RTREE_INT_ONLY
+            p->u.rValue = iVal;
+#else
+            p->u.rValue = (double)iVal;
+            if( iVal>=((sqlite3_int64)1)<<48
+             || iVal<=-(((sqlite3_int64)1)<<48)
+            ){
+              if( p->op==RTREE_LT ) p->op = RTREE_LE;
+              if( p->op==RTREE_GT ) p->op = RTREE_GE;
+            }
+#endif
+          }else if( eType==SQLITE_FLOAT ){
 #ifdef SQLITE_RTREE_INT_ONLY
             p->u.rValue = sqlite3_value_int64(argv[ii]);
 #else
@@ -205145,11 +208485,12 @@ static int rtreeBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
         || p->op==SQLITE_INDEX_CONSTRAINT_MATCH)
     ){
       u8 op;
+      u8 doOmit = 1;
       switch( p->op ){
-        case SQLITE_INDEX_CONSTRAINT_EQ:    op = RTREE_EQ;    break;
-        case SQLITE_INDEX_CONSTRAINT_GT:    op = RTREE_GT;    break;
+        case SQLITE_INDEX_CONSTRAINT_EQ:    op = RTREE_EQ;    doOmit = 0; break;
+        case SQLITE_INDEX_CONSTRAINT_GT:    op = RTREE_GT;    doOmit = 0; break;
         case SQLITE_INDEX_CONSTRAINT_LE:    op = RTREE_LE;    break;
-        case SQLITE_INDEX_CONSTRAINT_LT:    op = RTREE_LT;    break;
+        case SQLITE_INDEX_CONSTRAINT_LT:    op = RTREE_LT;    doOmit = 0; break;
         case SQLITE_INDEX_CONSTRAINT_GE:    op = RTREE_GE;    break;
         case SQLITE_INDEX_CONSTRAINT_MATCH: op = RTREE_MATCH; break;
         default:                            op = 0;           break;
@@ -205158,15 +208499,19 @@ static int rtreeBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
         zIdxStr[iIdx++] = op;
         zIdxStr[iIdx++] = (char)(p->iColumn - 1 + '0');
         pIdxInfo->aConstraintUsage[ii].argvIndex = (iIdx/2);
-        pIdxInfo->aConstraintUsage[ii].omit = 1;
+        pIdxInfo->aConstraintUsage[ii].omit = doOmit;
       }
     }
   }
 
   pIdxInfo->idxNum = 2;
   pIdxInfo->needToFreeIdxStr = 1;
-  if( iIdx>0 && 0==(pIdxInfo->idxStr = sqlite3_mprintf("%s", zIdxStr)) ){
-    return SQLITE_NOMEM;
+  if( iIdx>0 ){
+    pIdxInfo->idxStr = sqlite3_malloc( iIdx+1 );
+    if( pIdxInfo->idxStr==0 ){
+      return SQLITE_NOMEM;
+    }
+    memcpy(pIdxInfo->idxStr, zIdxStr, iIdx+1);
   }
 
   nRow = pRtree->nRowEst >> (iIdx/2);
@@ -205245,31 +208590,22 @@ static void cellUnion(Rtree *pRtree, RtreeCell *p1, RtreeCell *p2){
 */
 static int cellContains(Rtree *pRtree, RtreeCell *p1, RtreeCell *p2){
   int ii;
-  int isInt = (pRtree->eCoordType==RTREE_COORD_INT32);
-  for(ii=0; iinDim2; ii+=2){
-    RtreeCoord *a1 = &p1->aCoord[ii];
-    RtreeCoord *a2 = &p2->aCoord[ii];
-    if( (!isInt && (a2[0].fa1[1].f))
-     || ( isInt && (a2[0].ia1[1].i))
-    ){
-      return 0;
+  if( pRtree->eCoordType==RTREE_COORD_INT32 ){
+    for(ii=0; iinDim2; ii+=2){
+      RtreeCoord *a1 = &p1->aCoord[ii];
+      RtreeCoord *a2 = &p2->aCoord[ii];
+      if( a2[0].ia1[1].i ) return 0;
+    }
+  }else{
+    for(ii=0; iinDim2; ii+=2){
+      RtreeCoord *a1 = &p1->aCoord[ii];
+      RtreeCoord *a2 = &p2->aCoord[ii];
+      if( a2[0].fa1[1].f ) return 0;
     }
   }
   return 1;
 }
 
-/*
-** Return the amount cell p would grow by if it were unioned with pCell.
-*/
-static RtreeDValue cellGrowth(Rtree *pRtree, RtreeCell *p, RtreeCell *pCell){
-  RtreeDValue area;
-  RtreeCell cell;
-  memcpy(&cell, p, sizeof(RtreeCell));
-  area = cellArea(pRtree, &cell);
-  cellUnion(pRtree, &cell, pCell);
-  return (cellArea(pRtree, &cell)-area);
-}
-
 static RtreeDValue cellOverlap(
   Rtree *pRtree,
   RtreeCell *p,
@@ -205316,38 +208652,52 @@ static int ChooseLeaf(
   for(ii=0; rc==SQLITE_OK && ii<(pRtree->iDepth-iHeight); ii++){
     int iCell;
     sqlite3_int64 iBest = 0;
-
+    int bFound = 0;
     RtreeDValue fMinGrowth = RTREE_ZERO;
     RtreeDValue fMinArea = RTREE_ZERO;
-
     int nCell = NCELL(pNode);
-    RtreeCell cell;
     RtreeNode *pChild = 0;
 
-    RtreeCell *aCell = 0;
-
-    /* Select the child node which will be enlarged the least if pCell
-    ** is inserted into it. Resolve ties by choosing the entry with
-    ** the smallest area.
+    /* First check to see if there is are any cells in pNode that completely
+    ** contains pCell.  If two or more cells in pNode completely contain pCell
+    ** then pick the smallest.
     */
     for(iCell=0; iCell1 ){
-    int iLeft = 0;
-    int iRight = 0;
-
-    int nLeft = nIdx/2;
-    int nRight = nIdx-nLeft;
-    int *aLeft = aIdx;
-    int *aRight = &aIdx[nLeft];
-
-    SortByDistance(aLeft, nLeft, aDistance, aSpare);
-    SortByDistance(aRight, nRight, aDistance, aSpare);
-
-    memcpy(aSpare, aLeft, sizeof(int)*nLeft);
-    aLeft = aSpare;
-
-    while( iLeftnDim; iDim++){
-      aCenterCoord[iDim] += DCOORD(aCell[ii].aCoord[iDim*2]);
-      aCenterCoord[iDim] += DCOORD(aCell[ii].aCoord[iDim*2+1]);
-    }
-  }
-  for(iDim=0; iDimnDim; iDim++){
-    aCenterCoord[iDim] = (aCenterCoord[iDim]/(nCell*(RtreeDValue)2));
-  }
-
-  for(ii=0; iinDim; iDim++){
-      RtreeDValue coord = (DCOORD(aCell[ii].aCoord[iDim*2+1]) -
-                               DCOORD(aCell[ii].aCoord[iDim*2]));
-      aDistance[ii] += (coord-aCenterCoord[iDim])*(coord-aCenterCoord[iDim]);
-    }
-  }
-
-  SortByDistance(aOrder, nCell, aDistance, aSpare);
-  nodeZero(pRtree, pNode);
-
-  for(ii=0; rc==SQLITE_OK && ii<(nCell-(RTREE_MINCELLS(pRtree)+1)); ii++){
-    RtreeCell *p = &aCell[aOrder[ii]];
-    nodeInsertCell(pRtree, pNode, p);
-    if( p->iRowid==pCell->iRowid ){
-      if( iHeight==0 ){
-        rc = rowidWrite(pRtree, p->iRowid, pNode->iNode);
-      }else{
-        rc = parentWrite(pRtree, p->iRowid, pNode->iNode);
-      }
-    }
-  }
-  if( rc==SQLITE_OK ){
-    rc = fixBoundingBox(pRtree, pNode);
-  }
-  for(; rc==SQLITE_OK && iiiNode currently contains
-    ** the height of the sub-tree headed by the cell.
-    */
-    RtreeNode *pInsert;
-    RtreeCell *p = &aCell[aOrder[ii]];
-    rc = ChooseLeaf(pRtree, p, iHeight, &pInsert);
-    if( rc==SQLITE_OK ){
-      int rc2;
-      rc = rtreeInsertCell(pRtree, pInsert, p, iHeight);
-      rc2 = nodeRelease(pRtree, pInsert);
-      if( rc==SQLITE_OK ){
-        rc = rc2;
-      }
-    }
-  }
-
-  sqlite3_free(aCell);
-  return rc;
-}
-
 /*
 ** Insert cell pCell into node pNode. Node pNode is the head of a
 ** subtree iHeight high (leaf nodes have iHeight==0).
@@ -206096,12 +209274,7 @@ static int rtreeInsertCell(
     }
   }
   if( nodeInsertCell(pRtree, pNode, pCell) ){
-    if( iHeight<=pRtree->iReinsertHeight || pNode->iNode==1){
-      rc = SplitNode(pRtree, pNode, pCell, iHeight);
-    }else{
-      pRtree->iReinsertHeight = iHeight;
-      rc = Reinsert(pRtree, pNode, pCell, iHeight);
-    }
+    rc = SplitNode(pRtree, pNode, pCell, iHeight);
   }else{
     rc = AdjustTree(pRtree, pNode, pCell);
     if( ALWAYS(rc==SQLITE_OK) ){
@@ -206444,7 +209617,6 @@ static int rtreeUpdate(
     }
     if( rc==SQLITE_OK ){
       int rc2;
-      pRtree->iReinsertHeight = -1;
       rc = rtreeInsertCell(pRtree, pLeaf, &cell, 0);
       rc2 = nodeRelease(pRtree, pLeaf);
       if( rc==SQLITE_OK ){
@@ -206585,8 +209757,11 @@ static int rtreeShadowName(const char *zName){
   return 0;
 }
 
+/* Forward declaration */
+static int rtreeIntegrity(sqlite3_vtab*, const char*, const char*, int, char**);
+
 static sqlite3_module rtreeModule = {
-  3,                          /* iVersion */
+  4,                          /* iVersion */
   rtreeCreate,                /* xCreate - create a table */
   rtreeConnect,               /* xConnect - connect to an existing table */
   rtreeBestIndex,             /* xBestIndex - Determine search strategy */
@@ -206609,7 +209784,8 @@ static sqlite3_module rtreeModule = {
   rtreeSavepoint,             /* xSavepoint */
   0,                          /* xRelease */
   0,                          /* xRollbackTo */
-  rtreeShadowName             /* xShadowName */
+  rtreeShadowName,            /* xShadowName */
+  rtreeIntegrity              /* xIntegrity */
 };
 
 static int rtreeSqlInit(
@@ -206865,22 +210041,27 @@ static int rtreeInit(
   }
 
   sqlite3_vtab_config(db, SQLITE_VTAB_CONSTRAINT_SUPPORT, 1);
+  sqlite3_vtab_config(db, SQLITE_VTAB_INNOCUOUS);
+
 
   /* Allocate the sqlite3_vtab structure */
   nDb = (int)strlen(argv[1]);
   nName = (int)strlen(argv[2]);
-  pRtree = (Rtree *)sqlite3_malloc64(sizeof(Rtree)+nDb+nName+2);
+  pRtree = (Rtree *)sqlite3_malloc64(sizeof(Rtree)+nDb+nName*2+8);
   if( !pRtree ){
     return SQLITE_NOMEM;
   }
-  memset(pRtree, 0, sizeof(Rtree)+nDb+nName+2);
+  memset(pRtree, 0, sizeof(Rtree)+nDb+nName*2+8);
   pRtree->nBusy = 1;
   pRtree->base.pModule = &rtreeModule;
   pRtree->zDb = (char *)&pRtree[1];
   pRtree->zName = &pRtree->zDb[nDb+1];
+  pRtree->zNodeName = &pRtree->zName[nName+1];
   pRtree->eCoordType = (u8)eCoordType;
   memcpy(pRtree->zDb, argv[1], nDb);
   memcpy(pRtree->zName, argv[2], nName);
+  memcpy(pRtree->zNodeName, argv[2], nName);
+  memcpy(&pRtree->zNodeName[nName], "_node", 6);
 
 
   /* Create/Connect to the underlying relational database schema. If
@@ -207377,7 +210558,6 @@ static int rtreeCheckTable(
 ){
   RtreeCheck check;               /* Common context for various routines */
   sqlite3_stmt *pStmt = 0;        /* Used to find column count of rtree table */
-  int bEnd = 0;                   /* True if transaction should be closed */
   int nAux = 0;                   /* Number of extra columns. */
 
   /* Initialize the context object */
@@ -207386,14 +210566,6 @@ static int rtreeCheckTable(
   check.zDb = zDb;
   check.zTab = zTab;
 
-  /* If there is not already an open transaction, open one now. This is
-  ** to ensure that the queries run as part of this integrity-check operate
-  ** on a consistent snapshot.  */
-  if( sqlite3_get_autocommit(db) ){
-    check.rc = sqlite3_exec(db, "BEGIN", 0, 0, 0);
-    bEnd = 1;
-  }
-
   /* Find the number of auxiliary columns */
   if( check.rc==SQLITE_OK ){
     pStmt = rtreeCheckPrepare(&check, "SELECT * FROM %Q.'%q_rowid'", zDb, zTab);
@@ -207434,15 +210606,34 @@ static int rtreeCheckTable(
   sqlite3_finalize(check.aCheckMapping[0]);
   sqlite3_finalize(check.aCheckMapping[1]);
 
-  /* If one was opened, close the transaction */
-  if( bEnd ){
-    int rc = sqlite3_exec(db, "END", 0, 0, 0);
-    if( check.rc==SQLITE_OK ) check.rc = rc;
-  }
   *pzReport = check.zReport;
   return check.rc;
 }
 
+/*
+** Implementation of the xIntegrity method for Rtree.
+*/
+static int rtreeIntegrity(
+  sqlite3_vtab *pVtab,   /* The virtual table to check */
+  const char *zSchema,   /* Schema in which the virtual table lives */
+  const char *zName,     /* Name of the virtual table */
+  int isQuick,           /* True for a quick_check */
+  char **pzErr           /* Write results here */
+){
+  Rtree *pRtree = (Rtree*)pVtab;
+  int rc;
+  assert( pzErr!=0 && *pzErr==0 );
+  UNUSED_PARAMETER(zSchema);
+  UNUSED_PARAMETER(zName);
+  UNUSED_PARAMETER(isQuick);
+  rc = rtreeCheckTable(pRtree->db, pRtree->zDb, pRtree->zName, pzErr);
+  if( rc==SQLITE_OK && *pzErr ){
+    *pzErr = sqlite3_mprintf("In RTree %s.%s:\n%z",
+                 pRtree->zDb, pRtree->zName, *pzErr);
+  }
+  return rc;
+}
+
 /*
 ** Usage:
 **
@@ -208764,24 +211955,28 @@ static int geopolyInit(
   (void)pAux;
 
   sqlite3_vtab_config(db, SQLITE_VTAB_CONSTRAINT_SUPPORT, 1);
+  sqlite3_vtab_config(db, SQLITE_VTAB_INNOCUOUS);
 
   /* Allocate the sqlite3_vtab structure */
   nDb = strlen(argv[1]);
   nName = strlen(argv[2]);
-  pRtree = (Rtree *)sqlite3_malloc64(sizeof(Rtree)+nDb+nName+2);
+  pRtree = (Rtree *)sqlite3_malloc64(sizeof(Rtree)+nDb+nName*2+8);
   if( !pRtree ){
     return SQLITE_NOMEM;
   }
-  memset(pRtree, 0, sizeof(Rtree)+nDb+nName+2);
+  memset(pRtree, 0, sizeof(Rtree)+nDb+nName*2+8);
   pRtree->nBusy = 1;
   pRtree->base.pModule = &rtreeModule;
   pRtree->zDb = (char *)&pRtree[1];
   pRtree->zName = &pRtree->zDb[nDb+1];
+  pRtree->zNodeName = &pRtree->zName[nName+1];
   pRtree->eCoordType = RTREE_COORD_REAL32;
   pRtree->nDim = 2;
   pRtree->nDim2 = 4;
   memcpy(pRtree->zDb, argv[1], nDb);
   memcpy(pRtree->zName, argv[2], nName);
+  memcpy(pRtree->zNodeName, argv[2], nName);
+  memcpy(&pRtree->zNodeName[nName], "_node", 6);
 
 
   /* Create/Connect to the underlying relational database schema. If
@@ -209195,7 +212390,6 @@ static int geopolyUpdate(
     }
     if( rc==SQLITE_OK ){
       int rc2;
-      pRtree->iReinsertHeight = -1;
       rc = rtreeInsertCell(pRtree, pLeaf, &cell, 0);
       rc2 = nodeRelease(pRtree, pLeaf);
       if( rc==SQLITE_OK ){
@@ -209292,7 +212486,8 @@ static sqlite3_module geopolyModule = {
   rtreeSavepoint,             /* xSavepoint */
   0,                          /* xRelease */
   0,                          /* xRollbackTo */
-  rtreeShadowName             /* xShadowName */
+  rtreeShadowName,            /* xShadowName */
+  rtreeIntegrity              /* xIntegrity */
 };
 
 static int sqlite3_geopoly_init(sqlite3 *db){
@@ -217306,7 +220501,8 @@ SQLITE_PRIVATE int sqlite3DbstatRegister(sqlite3 *db){
     0,                            /* xSavepoint */
     0,                            /* xRelease */
     0,                            /* xRollbackTo */
-    0                             /* xShadowName */
+    0,                            /* xShadowName */
+    0                             /* xIntegrity */
   };
   return sqlite3_create_module(db, "dbstat", &dbstat_module, 0);
 }
@@ -217743,7 +220939,8 @@ SQLITE_PRIVATE int sqlite3DbpageRegister(sqlite3 *db){
     0,                            /* xSavepoint */
     0,                            /* xRelease */
     0,                            /* xRollbackTo */
-    0                             /* xShadowName */
+    0,                            /* xShadowName */
+    0                             /* xIntegrity */
   };
   return sqlite3_create_module(db, "sqlite_dbpage", &dbpage_module, 0);
 }
@@ -217874,6 +221071,18 @@ struct sqlite3_changeset_iter {
 ** The data associated with each hash-table entry is a structure containing
 ** a subset of the initial values that the modified row contained at the
 ** start of the session. Or no initial values if the row was inserted.
+**
+** pDfltStmt:
+**   This is only used by the sqlite3changegroup_xxx() APIs, not by
+**   regular sqlite3_session objects. It is a SELECT statement that
+**   selects the default value for each table column. For example,
+**   if the table is
+**
+**      CREATE TABLE xx(a DEFAULT 1, b, c DEFAULT 'abc')
+**
+**   then this variable is the compiled version of:
+**
+**      SELECT 1, NULL, 'abc'
 */
 struct SessionTable {
   SessionTable *pNext;
@@ -217882,10 +221091,12 @@ struct SessionTable {
   int bStat1;                     /* True if this is sqlite_stat1 */
   int bRowid;                     /* True if this table uses rowid for PK */
   const char **azCol;             /* Column names */
+  const char **azDflt;            /* Default value expressions */
   u8 *abPK;                       /* Array of primary key flags */
   int nEntry;                     /* Total number of entries in hash table */
   int nChange;                    /* Size of apChange[] array */
   SessionChange **apChange;       /* Hash table buckets */
+  sqlite3_stmt *pDfltStmt;
 };
 
 /*
@@ -218054,6 +221265,7 @@ struct SessionTable {
 struct SessionChange {
   u8 op;                          /* One of UPDATE, DELETE, INSERT */
   u8 bIndirect;                   /* True if this change is "indirect" */
+  u16 nRecordField;               /* Number of fields in aRecord[] */
   int nMaxSize;                   /* Max size of eventual changeset record */
   int nRecord;                    /* Number of bytes in buffer aRecord[] */
   u8 *aRecord;                    /* Buffer containing old.* record */
@@ -218079,7 +221291,7 @@ static int sessionVarintLen(int iVal){
 ** Read a varint value from aBuf[] into *piVal. Return the number of
 ** bytes read.
 */
-static int sessionVarintGet(u8 *aBuf, int *piVal){
+static int sessionVarintGet(const u8 *aBuf, int *piVal){
   return getVarint32(aBuf, *piVal);
 }
 
@@ -218342,9 +221554,11 @@ static int sessionPreupdateHash(
 ** Return the number of bytes of space occupied by the value (including
 ** the type byte).
 */
-static int sessionSerialLen(u8 *a){
-  int e = *a;
+static int sessionSerialLen(const u8 *a){
+  int e;
   int n;
+  assert( a!=0 );
+  e = *a;
   if( e==0 || e==0xFF ) return 1;
   if( e==SQLITE_NULL ) return 1;
   if( e==SQLITE_INTEGER || e==SQLITE_FLOAT ) return 9;
@@ -218646,6 +221860,7 @@ static int sessionPreupdateEqual(
         rc = pSession->hook.xOld(pSession->hook.pCtx, iCol, &pVal);
       }
       assert( rc==SQLITE_OK );
+      (void)rc;                   /* Suppress warning about unused variable */
       if( sqlite3_value_type(pVal)!=eType ) return 0;
 
       /* A SessionChange object never has a NULL value in a PK column */
@@ -218748,13 +221963,14 @@ static int sessionGrowHash(
 **
 ** For example, if the table is declared as:
 **
-**     CREATE TABLE tbl1(w, x, y, z, PRIMARY KEY(w, z));
+**     CREATE TABLE tbl1(w, x DEFAULT 'abc', y, z, PRIMARY KEY(w, z));
 **
-** Then the four output variables are populated as follows:
+** Then the five output variables are populated as follows:
 **
 **     *pnCol  = 4
 **     *pzTab  = "tbl1"
 **     *pazCol = {"w", "x", "y", "z"}
+**     *pazDflt = {NULL, 'abc', NULL, NULL}
 **     *pabPK  = {1, 0, 0, 1}
 **
 ** All returned buffers are part of the same single allocation, which must
@@ -218768,6 +221984,7 @@ static int sessionTableInfo(
   int *pnCol,                     /* OUT: number of columns */
   const char **pzTab,             /* OUT: Copy of zThis */
   const char ***pazCol,           /* OUT: Array of column names for table */
+  const char ***pazDflt,          /* OUT: Array of default value expressions */
   u8 **pabPK,                     /* OUT: Array of booleans - true for PK col */
   int *pbRowid                    /* OUT: True if only PK is a rowid */
 ){
@@ -218780,11 +221997,18 @@ static int sessionTableInfo(
   int i;
   u8 *pAlloc = 0;
   char **azCol = 0;
+  char **azDflt = 0;
   u8 *abPK = 0;
   int bRowid = 0;                 /* Set to true to use rowid as PK */
 
   assert( pazCol && pabPK );
 
+  *pazCol = 0;
+  *pabPK = 0;
+  *pnCol = 0;
+  if( pzTab ) *pzTab = 0;
+  if( pazDflt ) *pazDflt = 0;
+
   nThis = sqlite3Strlen30(zThis);
   if( nThis==12 && 0==sqlite3_stricmp("sqlite_stat1", zThis) ){
     rc = sqlite3_table_column_metadata(db, zDb, zThis, 0, 0, 0, 0, 0, 0);
@@ -218798,39 +222022,28 @@ static int sessionTableInfo(
     }else if( rc==SQLITE_ERROR ){
       zPragma = sqlite3_mprintf("");
     }else{
-      *pazCol = 0;
-      *pabPK = 0;
-      *pnCol = 0;
-      if( pzTab ) *pzTab = 0;
       return rc;
     }
   }else{
     zPragma = sqlite3_mprintf("PRAGMA '%q'.table_info('%q')", zDb, zThis);
   }
   if( !zPragma ){
-    *pazCol = 0;
-    *pabPK = 0;
-    *pnCol = 0;
-    if( pzTab ) *pzTab = 0;
     return SQLITE_NOMEM;
   }
 
   rc = sqlite3_prepare_v2(db, zPragma, -1, &pStmt, 0);
   sqlite3_free(zPragma);
   if( rc!=SQLITE_OK ){
-    *pazCol = 0;
-    *pabPK = 0;
-    *pnCol = 0;
-    if( pzTab ) *pzTab = 0;
     return rc;
   }
 
   nByte = nThis + 1;
   bRowid = (pbRowid!=0);
   while( SQLITE_ROW==sqlite3_step(pStmt) ){
-    nByte += sqlite3_column_bytes(pStmt, 1);
+    nByte += sqlite3_column_bytes(pStmt, 1);          /* name */
+    nByte += sqlite3_column_bytes(pStmt, 4);          /* dflt_value */
     nDbCol++;
-    if( sqlite3_column_int(pStmt, 5) ) bRowid = 0;
+    if( sqlite3_column_int(pStmt, 5) ) bRowid = 0;    /* pk */
   }
   if( nDbCol==0 ) bRowid = 0;
   nDbCol += bRowid;
@@ -218838,15 +222051,18 @@ static int sessionTableInfo(
   rc = sqlite3_reset(pStmt);
 
   if( rc==SQLITE_OK ){
-    nByte += nDbCol * (sizeof(const char *) + sizeof(u8) + 1);
+    nByte += nDbCol * (sizeof(const char *)*2 + sizeof(u8) + 1 + 1);
     pAlloc = sessionMalloc64(pSession, nByte);
     if( pAlloc==0 ){
       rc = SQLITE_NOMEM;
+    }else{
+      memset(pAlloc, 0, nByte);
     }
   }
   if( rc==SQLITE_OK ){
     azCol = (char **)pAlloc;
-    pAlloc = (u8 *)&azCol[nDbCol];
+    azDflt = (char**)&azCol[nDbCol];
+    pAlloc = (u8 *)&azDflt[nDbCol];
     abPK = (u8 *)pAlloc;
     pAlloc = &abPK[nDbCol];
     if( pzTab ){
@@ -218866,11 +222082,21 @@ static int sessionTableInfo(
     }
     while( SQLITE_ROW==sqlite3_step(pStmt) ){
       int nName = sqlite3_column_bytes(pStmt, 1);
+      int nDflt = sqlite3_column_bytes(pStmt, 4);
       const unsigned char *zName = sqlite3_column_text(pStmt, 1);
+      const unsigned char *zDflt = sqlite3_column_text(pStmt, 4);
+
       if( zName==0 ) break;
       memcpy(pAlloc, zName, nName+1);
       azCol[i] = (char *)pAlloc;
       pAlloc += nName+1;
+      if( zDflt ){
+        memcpy(pAlloc, zDflt, nDflt+1);
+        azDflt[i] = (char *)pAlloc;
+        pAlloc += nDflt+1;
+      }else{
+        azDflt[i] = 0;
+      }
       abPK[i] = sqlite3_column_int(pStmt, 5);
       i++;
     }
@@ -218881,14 +222107,11 @@ static int sessionTableInfo(
   ** free any allocation made. An error code will be returned in this case.
   */
   if( rc==SQLITE_OK ){
-    *pazCol = (const char **)azCol;
+    *pazCol = (const char**)azCol;
+    if( pazDflt ) *pazDflt = (const char**)azDflt;
     *pabPK = abPK;
     *pnCol = nDbCol;
   }else{
-    *pazCol = 0;
-    *pabPK = 0;
-    *pnCol = 0;
-    if( pzTab ) *pzTab = 0;
     sessionFree(pSession, azCol);
   }
   if( pbRowid ) *pbRowid = bRowid;
@@ -218897,10 +222120,9 @@ static int sessionTableInfo(
 }
 
 /*
-** This function is only called from within a pre-update handler for a
-** write to table pTab, part of session pSession. If this is the first
-** write to this table, initalize the SessionTable.nCol, azCol[] and
-** abPK[] arrays accordingly.
+** This function is called to initialize the SessionTable.nCol, azCol[]
+** abPK[] and azDflt[] members of SessionTable object pTab. If these
+** fields are already initilialized, this function is a no-op.
 **
 ** If an error occurs, an error code is stored in sqlite3_session.rc and
 ** non-zero returned. Or, if no error occurs but the table has no primary
@@ -218908,15 +222130,22 @@ static int sessionTableInfo(
 ** indicate that updates on this table should be ignored. SessionTable.abPK
 ** is set to NULL in this case.
 */
-static int sessionInitTable(sqlite3_session *pSession, SessionTable *pTab){
+static int sessionInitTable(
+  sqlite3_session *pSession,      /* Optional session handle */
+  SessionTable *pTab,             /* Table object to initialize */
+  sqlite3 *db,                    /* Database handle to read schema from */
+  const char *zDb                 /* Name of db - "main", "temp" etc. */
+){
+  int rc = SQLITE_OK;
+
   if( pTab->nCol==0 ){
     u8 *abPK;
     assert( pTab->azCol==0 || pTab->abPK==0 );
-    pSession->rc = sessionTableInfo(pSession, pSession->db, pSession->zDb,
-        pTab->zName, &pTab->nCol, 0, &pTab->azCol, &abPK,
-        (pSession->bImplicitPK ? &pTab->bRowid : 0)
+    rc = sessionTableInfo(pSession, db, zDb,
+        pTab->zName, &pTab->nCol, 0, &pTab->azCol, &pTab->azDflt, &abPK,
+        ((pSession==0 || pSession->bImplicitPK) ? &pTab->bRowid : 0)
     );
-    if( pSession->rc==SQLITE_OK ){
+    if( rc==SQLITE_OK ){
       int i;
       for(i=0; inCol; i++){
         if( abPK[i] ){
@@ -218928,14 +222157,321 @@ static int sessionInitTable(sqlite3_session *pSession, SessionTable *pTab){
         pTab->bStat1 = 1;
       }
 
-      if( pSession->bEnableSize ){
+      if( pSession && pSession->bEnableSize ){
         pSession->nMaxChangesetSize += (
           1 + sessionVarintLen(pTab->nCol) + pTab->nCol + strlen(pTab->zName)+1
         );
       }
     }
   }
-  return (pSession->rc || pTab->abPK==0);
+
+  if( pSession ){
+    pSession->rc = rc;
+    return (rc || pTab->abPK==0);
+  }
+  return rc;
+}
+
+/*
+** Re-initialize table object pTab.
+*/
+static int sessionReinitTable(sqlite3_session *pSession, SessionTable *pTab){
+  int nCol = 0;
+  const char **azCol = 0;
+  const char **azDflt = 0;
+  u8 *abPK = 0;
+  int bRowid = 0;
+
+  assert( pSession->rc==SQLITE_OK );
+
+  pSession->rc = sessionTableInfo(pSession, pSession->db, pSession->zDb,
+      pTab->zName, &nCol, 0, &azCol, &azDflt, &abPK,
+      (pSession->bImplicitPK ? &bRowid : 0)
+  );
+  if( pSession->rc==SQLITE_OK ){
+    if( pTab->nCol>nCol || pTab->bRowid!=bRowid ){
+      pSession->rc = SQLITE_SCHEMA;
+    }else{
+      int ii;
+      int nOldCol = pTab->nCol;
+      for(ii=0; iinCol ){
+          if( pTab->abPK[ii]!=abPK[ii] ){
+            pSession->rc = SQLITE_SCHEMA;
+          }
+        }else if( abPK[ii] ){
+          pSession->rc = SQLITE_SCHEMA;
+        }
+      }
+
+      if( pSession->rc==SQLITE_OK ){
+        const char **a = pTab->azCol;
+        pTab->azCol = azCol;
+        pTab->nCol = nCol;
+        pTab->azDflt = azDflt;
+        pTab->abPK = abPK;
+        azCol = a;
+      }
+      if( pSession->bEnableSize ){
+        pSession->nMaxChangesetSize += (nCol - nOldCol);
+        pSession->nMaxChangesetSize += sessionVarintLen(nCol);
+        pSession->nMaxChangesetSize -= sessionVarintLen(nOldCol);
+      }
+    }
+  }
+
+  sqlite3_free((char*)azCol);
+  return pSession->rc;
+}
+
+/*
+** Session-change object (*pp) contains an old.* record with fewer than
+** nCol fields. This function updates it with the default values for
+** the missing fields.
+*/
+static void sessionUpdateOneChange(
+  sqlite3_session *pSession,      /* For memory accounting */
+  int *pRc,                       /* IN/OUT: Error code */
+  SessionChange **pp,             /* IN/OUT: Change object to update */
+  int nCol,                       /* Number of columns now in table */
+  sqlite3_stmt *pDflt             /* SELECT  */
+){
+  SessionChange *pOld = *pp;
+
+  while( pOld->nRecordFieldnRecordField;
+    int eType = sqlite3_column_type(pDflt, iField);
+    switch( eType ){
+      case SQLITE_NULL:
+        nIncr = 1;
+        break;
+      case SQLITE_INTEGER:
+      case SQLITE_FLOAT:
+        nIncr = 9;
+        break;
+      default: {
+        int n = sqlite3_column_bytes(pDflt, iField);
+        nIncr = 1 + sessionVarintLen(n) + n;
+        assert( eType==SQLITE_TEXT || eType==SQLITE_BLOB );
+        break;
+      }
+    }
+
+    nByte = nIncr + (sizeof(SessionChange) + pOld->nRecord);
+    pNew = sessionMalloc64(pSession, nByte);
+    if( pNew==0 ){
+      *pRc = SQLITE_NOMEM;
+      return;
+    }else{
+      memcpy(pNew, pOld, sizeof(SessionChange));
+      pNew->aRecord = (u8*)&pNew[1];
+      memcpy(pNew->aRecord, pOld->aRecord, pOld->nRecord);
+      pNew->aRecord[pNew->nRecord++] = (u8)eType;
+      switch( eType ){
+        case SQLITE_INTEGER: {
+          i64 iVal = sqlite3_column_int64(pDflt, iField);
+          sessionPutI64(&pNew->aRecord[pNew->nRecord], iVal);
+          pNew->nRecord += 8;
+          break;
+        }
+
+        case SQLITE_FLOAT: {
+          double rVal = sqlite3_column_double(pDflt, iField);
+          i64 iVal = 0;
+          memcpy(&iVal, &rVal, sizeof(rVal));
+          sessionPutI64(&pNew->aRecord[pNew->nRecord], iVal);
+          pNew->nRecord += 8;
+          break;
+        }
+
+        case SQLITE_TEXT: {
+          int n = sqlite3_column_bytes(pDflt, iField);
+          const char *z = (const char*)sqlite3_column_text(pDflt, iField);
+          pNew->nRecord += sessionVarintPut(&pNew->aRecord[pNew->nRecord], n);
+          memcpy(&pNew->aRecord[pNew->nRecord], z, n);
+          pNew->nRecord += n;
+          break;
+        }
+
+        case SQLITE_BLOB: {
+          int n = sqlite3_column_bytes(pDflt, iField);
+          const u8 *z = (const u8*)sqlite3_column_blob(pDflt, iField);
+          pNew->nRecord += sessionVarintPut(&pNew->aRecord[pNew->nRecord], n);
+          memcpy(&pNew->aRecord[pNew->nRecord], z, n);
+          pNew->nRecord += n;
+          break;
+        }
+
+        default:
+          assert( eType==SQLITE_NULL );
+          break;
+      }
+
+      sessionFree(pSession, pOld);
+      *pp = pOld = pNew;
+      pNew->nRecordField++;
+      pNew->nMaxSize += nIncr;
+      if( pSession ){
+        pSession->nMaxChangesetSize += nIncr;
+      }
+    }
+  }
+}
+
+/*
+** Ensure that there is room in the buffer to append nByte bytes of data.
+** If not, use sqlite3_realloc() to grow the buffer so that there is.
+**
+** If successful, return zero. Otherwise, if an OOM condition is encountered,
+** set *pRc to SQLITE_NOMEM and return non-zero.
+*/
+static int sessionBufferGrow(SessionBuffer *p, i64 nByte, int *pRc){
+#define SESSION_MAX_BUFFER_SZ (0x7FFFFF00 - 1)
+  i64 nReq = p->nBuf + nByte;
+  if( *pRc==SQLITE_OK && nReq>p->nAlloc ){
+    u8 *aNew;
+    i64 nNew = p->nAlloc ? p->nAlloc : 128;
+
+    do {
+      nNew = nNew*2;
+    }while( nNewSESSION_MAX_BUFFER_SZ ){
+      nNew = SESSION_MAX_BUFFER_SZ;
+      if( nNewaBuf, nNew);
+    if( 0==aNew ){
+      *pRc = SQLITE_NOMEM;
+    }else{
+      p->aBuf = aNew;
+      p->nAlloc = nNew;
+    }
+  }
+  return (*pRc!=SQLITE_OK);
+}
+
+
+/*
+** This function is a no-op if *pRc is other than SQLITE_OK when it is
+** called. Otherwise, append a string to the buffer. All bytes in the string
+** up to (but not including) the nul-terminator are written to the buffer.
+**
+** If an OOM condition is encountered, set *pRc to SQLITE_NOMEM before
+** returning.
+*/
+static void sessionAppendStr(
+  SessionBuffer *p,
+  const char *zStr,
+  int *pRc
+){
+  int nStr = sqlite3Strlen30(zStr);
+  if( 0==sessionBufferGrow(p, nStr+1, pRc) ){
+    memcpy(&p->aBuf[p->nBuf], zStr, nStr);
+    p->nBuf += nStr;
+    p->aBuf[p->nBuf] = 0x00;
+  }
+}
+
+/*
+** Format a string using printf() style formatting and then append it to the
+** buffer using sessionAppendString().
+*/
+static void sessionAppendPrintf(
+  SessionBuffer *p,               /* Buffer to append to */
+  int *pRc,
+  const char *zFmt,
+  ...
+){
+  if( *pRc==SQLITE_OK ){
+    char *zApp = 0;
+    va_list ap;
+    va_start(ap, zFmt);
+    zApp = sqlite3_vmprintf(zFmt, ap);
+    if( zApp==0 ){
+      *pRc = SQLITE_NOMEM;
+    }else{
+      sessionAppendStr(p, zApp, pRc);
+    }
+    va_end(ap);
+    sqlite3_free(zApp);
+  }
+}
+
+/*
+** Prepare a statement against database handle db that SELECTs a single
+** row containing the default values for each column in table pTab. For
+** example, if pTab is declared as:
+**
+**   CREATE TABLE pTab(a PRIMARY KEY, b DEFAULT 123, c DEFAULT 'abcd');
+**
+** Then this function prepares and returns the SQL statement:
+**
+**   SELECT NULL, 123, 'abcd';
+*/
+static int sessionPrepareDfltStmt(
+  sqlite3 *db,                    /* Database handle */
+  SessionTable *pTab,             /* Table to prepare statement for */
+  sqlite3_stmt **ppStmt           /* OUT: Statement handle */
+){
+  SessionBuffer sql = {0,0,0};
+  int rc = SQLITE_OK;
+  const char *zSep = " ";
+  int ii = 0;
+
+  *ppStmt = 0;
+  sessionAppendPrintf(&sql, &rc, "SELECT");
+  for(ii=0; iinCol; ii++){
+    const char *zDflt = pTab->azDflt[ii] ? pTab->azDflt[ii] : "NULL";
+    sessionAppendPrintf(&sql, &rc, "%s%s", zSep, zDflt);
+    zSep = ", ";
+  }
+  if( rc==SQLITE_OK ){
+    rc = sqlite3_prepare_v2(db, (const char*)sql.aBuf, -1, ppStmt, 0);
+  }
+  sqlite3_free(sql.aBuf);
+
+  return rc;
+}
+
+/*
+** Table pTab has one or more existing change-records with old.* records
+** with fewer than pTab->nCol columns. This function updates all such
+** change-records with the default values for the missing columns.
+*/
+static int sessionUpdateChanges(sqlite3_session *pSession, SessionTable *pTab){
+  sqlite3_stmt *pStmt = 0;
+  int rc = pSession->rc;
+
+  rc = sessionPrepareDfltStmt(pSession->db, pTab, &pStmt);
+  if( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pStmt) ){
+    int ii = 0;
+    SessionChange **pp = 0;
+    for(ii=0; iinChange; ii++){
+      for(pp=&pTab->apChange[ii]; *pp; pp=&((*pp)->pNext)){
+        if( (*pp)->nRecordField!=pTab->nCol ){
+          sessionUpdateOneChange(pSession, &rc, pp, pTab->nCol, pStmt);
+        }
+      }
+    }
+  }
+
+  pSession->rc = rc;
+  rc = sqlite3_finalize(pStmt);
+  if( pSession->rc==SQLITE_OK ) pSession->rc = rc;
+  return pSession->rc;
 }
 
 /*
@@ -219098,16 +222634,22 @@ static void sessionPreupdateOneChange(
   int iHash;
   int bNull = 0;
   int rc = SQLITE_OK;
+  int nExpect = 0;
   SessionStat1Ctx stat1 = {{0,0,0,0,0},0};
 
   if( pSession->rc ) return;
 
   /* Load table details if required */
-  if( sessionInitTable(pSession, pTab) ) return;
+  if( sessionInitTable(pSession, pTab, pSession->db, pSession->zDb) ) return;
 
   /* Check the number of columns in this xPreUpdate call matches the
   ** number of columns in the table.  */
-  if( (pTab->nCol-pTab->bRowid)!=pSession->hook.xCount(pSession->hook.pCtx) ){
+  nExpect = pSession->hook.xCount(pSession->hook.pCtx);
+  if( (pTab->nCol-pTab->bRowid)nCol-pTab->bRowid)!=nExpect ){
     pSession->rc = SQLITE_SCHEMA;
     return;
   }
@@ -219184,7 +222726,7 @@ static void sessionPreupdateOneChange(
       }
 
       /* Allocate the change object */
-      pC = (SessionChange *)sessionMalloc64(pSession, nByte);
+      pC = (SessionChange*)sessionMalloc64(pSession, nByte);
       if( !pC ){
         rc = SQLITE_NOMEM;
         goto error_out;
@@ -219217,6 +222759,7 @@ static void sessionPreupdateOneChange(
       if( pSession->bIndirect || pSession->hook.xDepth(pSession->hook.pCtx) ){
         pC->bIndirect = 1;
       }
+      pC->nRecordField = pTab->nCol;
       pC->nRecord = nByte;
       pC->op = op;
       pC->pNext = pTab->apChange[iHash];
@@ -219596,7 +223139,7 @@ SQLITE_API int sqlite3session_diff(
     /* Locate and if necessary initialize the target table object */
     rc = sessionFindTable(pSession, zTbl, &pTo);
     if( pTo==0 ) goto diff_out;
-    if( sessionInitTable(pSession, pTo) ){
+    if( sessionInitTable(pSession, pTo, pSession->db, pSession->zDb) ){
       rc = pSession->rc;
       goto diff_out;
     }
@@ -219609,7 +223152,7 @@ SQLITE_API int sqlite3session_diff(
       int bRowid = 0;
       u8 *abPK;
       const char **azCol = 0;
-      rc = sessionTableInfo(0, db, zFrom, zTbl, &nCol, 0, &azCol, &abPK,
+      rc = sessionTableInfo(0, db, zFrom, zTbl, &nCol, 0, &azCol, 0, &abPK,
           pSession->bImplicitPK ? &bRowid : 0
       );
       if( rc==SQLITE_OK ){
@@ -219724,6 +223267,7 @@ static void sessionDeleteTable(sqlite3_session *pSession, SessionTable *pList){
         sessionFree(pSession, p);
       }
     }
+    sqlite3_finalize(pTab->pDfltStmt);
     sessionFree(pSession, (char*)pTab->azCol);  /* cast works around VC++ bug */
     sessionFree(pSession, pTab->apChange);
     sessionFree(pSession, pTab);
@@ -219758,7 +223302,7 @@ SQLITE_API void sqlite3session_delete(sqlite3_session *pSession){
 
   /* Assert that all allocations have been freed and then free the
   ** session object itself. */
-  assert( pSession->nMalloc==0 );
+  // assert( pSession->nMalloc==0 );
   sqlite3_free(pSession);
 }
 
@@ -219829,48 +223373,6 @@ SQLITE_API int sqlite3session_attach(
   return rc;
 }
 
-/*
-** Ensure that there is room in the buffer to append nByte bytes of data.
-** If not, use sqlite3_realloc() to grow the buffer so that there is.
-**
-** If successful, return zero. Otherwise, if an OOM condition is encountered,
-** set *pRc to SQLITE_NOMEM and return non-zero.
-*/
-static int sessionBufferGrow(SessionBuffer *p, i64 nByte, int *pRc){
-#define SESSION_MAX_BUFFER_SZ (0x7FFFFF00 - 1)
-  i64 nReq = p->nBuf + nByte;
-  if( *pRc==SQLITE_OK && nReq>p->nAlloc ){
-    u8 *aNew;
-    i64 nNew = p->nAlloc ? p->nAlloc : 128;
-
-    do {
-      nNew = nNew*2;
-    }while( nNewSESSION_MAX_BUFFER_SZ ){
-      nNew = SESSION_MAX_BUFFER_SZ;
-      if( nNewaBuf, nNew);
-    if( 0==aNew ){
-      *pRc = SQLITE_NOMEM;
-    }else{
-      p->aBuf = aNew;
-      p->nAlloc = nNew;
-    }
-  }
-  return (*pRc!=SQLITE_OK);
-}
-
 /*
 ** Append the value passed as the second argument to the buffer passed
 ** as the first.
@@ -219939,27 +223441,6 @@ static void sessionAppendBlob(
   }
 }
 
-/*
-** This function is a no-op if *pRc is other than SQLITE_OK when it is
-** called. Otherwise, append a string to the buffer. All bytes in the string
-** up to (but not including) the nul-terminator are written to the buffer.
-**
-** If an OOM condition is encountered, set *pRc to SQLITE_NOMEM before
-** returning.
-*/
-static void sessionAppendStr(
-  SessionBuffer *p,
-  const char *zStr,
-  int *pRc
-){
-  int nStr = sqlite3Strlen30(zStr);
-  if( 0==sessionBufferGrow(p, nStr+1, pRc) ){
-    memcpy(&p->aBuf[p->nBuf], zStr, nStr);
-    p->nBuf += nStr;
-    p->aBuf[p->nBuf] = 0x00;
-  }
-}
-
 /*
 ** This function is a no-op if *pRc is other than SQLITE_OK when it is
 ** called. Otherwise, append the string representation of integer iVal
@@ -219978,27 +223459,6 @@ static void sessionAppendInteger(
   sessionAppendStr(p, aBuf, pRc);
 }
 
-static void sessionAppendPrintf(
-  SessionBuffer *p,               /* Buffer to append to */
-  int *pRc,
-  const char *zFmt,
-  ...
-){
-  if( *pRc==SQLITE_OK ){
-    char *zApp = 0;
-    va_list ap;
-    va_start(ap, zFmt);
-    zApp = sqlite3_vmprintf(zFmt, ap);
-    if( zApp==0 ){
-      *pRc = SQLITE_NOMEM;
-    }else{
-      sessionAppendStr(p, zApp, pRc);
-    }
-    va_end(ap);
-    sqlite3_free(zApp);
-  }
-}
-
 /*
 ** This function is a no-op if *pRc is other than SQLITE_OK when it is
 ** called. Otherwise, append the string zStr enclosed in quotes (") and
@@ -220489,26 +223949,16 @@ static int sessionGenerateChangeset(
   for(pTab=pSession->pTable; rc==SQLITE_OK && pTab; pTab=pTab->pNext){
     if( pTab->nEntry ){
       const char *zName = pTab->zName;
-      int nCol = 0;               /* Number of columns in table */
-      u8 *abPK = 0;               /* Primary key array */
-      const char **azCol = 0;     /* Table columns */
       int i;                      /* Used to iterate through hash buckets */
       sqlite3_stmt *pSel = 0;     /* SELECT statement to query table pTab */
       int nRewind = buf.nBuf;     /* Initial size of write buffer */
       int nNoop;                  /* Size of buffer after writing tbl header */
-      int bRowid = 0;
+      int nOldCol = pTab->nCol;
 
       /* Check the table schema is still Ok. */
-      rc = sessionTableInfo(
-          0, db, pSession->zDb, zName, &nCol, 0, &azCol, &abPK,
-          (pSession->bImplicitPK ? &bRowid : 0)
-      );
-      if( rc==SQLITE_OK && (
-          pTab->nCol!=nCol
-       || pTab->bRowid!=bRowid
-       || memcmp(abPK, pTab->abPK, nCol)
-      )){
-        rc = SQLITE_SCHEMA;
+      rc = sessionReinitTable(pSession, pTab);
+      if( rc==SQLITE_OK && pTab->nCol!=nOldCol ){
+        rc = sessionUpdateChanges(pSession, pTab);
       }
 
       /* Write a table header */
@@ -220516,8 +223966,8 @@ static int sessionGenerateChangeset(
 
       /* Build and compile a statement to execute: */
       if( rc==SQLITE_OK ){
-        rc = sessionSelectStmt(
-            db, 0, pSession->zDb, zName, bRowid, nCol, azCol, abPK, &pSel
+        rc = sessionSelectStmt(db, 0, pSession->zDb,
+            zName, pTab->bRowid, pTab->nCol, pTab->azCol, pTab->abPK, &pSel
         );
       }
 
@@ -220526,22 +223976,22 @@ static int sessionGenerateChangeset(
         SessionChange *p;         /* Used to iterate through changes */
 
         for(p=pTab->apChange[i]; rc==SQLITE_OK && p; p=p->pNext){
-          rc = sessionSelectBind(pSel, nCol, abPK, p);
+          rc = sessionSelectBind(pSel, pTab->nCol, pTab->abPK, p);
           if( rc!=SQLITE_OK ) continue;
           if( sqlite3_step(pSel)==SQLITE_ROW ){
             if( p->op==SQLITE_INSERT ){
               int iCol;
               sessionAppendByte(&buf, SQLITE_INSERT, &rc);
               sessionAppendByte(&buf, p->bIndirect, &rc);
-              for(iCol=0; iColnCol; iCol++){
                 sessionAppendCol(&buf, pSel, iCol, &rc);
               }
             }else{
-              assert( abPK!=0 );  /* Because sessionSelectStmt() returned ok */
-              rc = sessionAppendUpdate(&buf, bPatchset, pSel, p, abPK);
+              assert( pTab->abPK!=0 );
+              rc = sessionAppendUpdate(&buf, bPatchset, pSel, p, pTab->abPK);
             }
           }else if( p->op!=SQLITE_INSERT ){
-            rc = sessionAppendDelete(&buf, bPatchset, p, nCol, abPK);
+            rc = sessionAppendDelete(&buf, bPatchset, p, pTab->nCol,pTab->abPK);
           }
           if( rc==SQLITE_OK ){
             rc = sqlite3_reset(pSel);
@@ -220566,7 +224016,6 @@ static int sessionGenerateChangeset(
       if( buf.nBuf==nNoop ){
         buf.nBuf = nRewind;
       }
-      sqlite3_free((char*)azCol);  /* cast works around VC++ bug */
     }
   }
 
@@ -220990,15 +224439,19 @@ static int sessionReadRecord(
         }
       }
       if( eType==SQLITE_INTEGER || eType==SQLITE_FLOAT ){
-        sqlite3_int64 v = sessionGetI64(aVal);
-        if( eType==SQLITE_INTEGER ){
-          sqlite3VdbeMemSetInt64(apOut[i], v);
+        if( (pIn->nData-pIn->iNext)<8 ){
+          rc = SQLITE_CORRUPT_BKPT;
         }else{
-          double d;
-          memcpy(&d, &v, 8);
-          sqlite3VdbeMemSetDouble(apOut[i], d);
+          sqlite3_int64 v = sessionGetI64(aVal);
+          if( eType==SQLITE_INTEGER ){
+            sqlite3VdbeMemSetInt64(apOut[i], v);
+          }else{
+            double d;
+            memcpy(&d, &v, 8);
+            sqlite3VdbeMemSetDouble(apOut[i], d);
+          }
+          pIn->iNext += 8;
         }
-        pIn->iNext += 8;
       }
     }
   }
@@ -222691,7 +226144,7 @@ static int sessionChangesetApply(
 
         sqlite3changeset_pk(pIter, &abPK, 0);
         rc = sessionTableInfo(0, db, "main", zNew,
-            &sApply.nCol, &zTab, &sApply.azCol, &sApply.abPK, &sApply.bRowid
+            &sApply.nCol, &zTab, &sApply.azCol, 0, &sApply.abPK, &sApply.bRowid
         );
         if( rc!=SQLITE_OK ) break;
         for(i=0; iflags & SQLITE_FkNoAction;
+
+  if( flags & SQLITE_CHANGESETAPPLY_FKNOACTION ){
+    db->flags |= ((u64)SQLITE_FkNoAction);
+    db->aDb[0].pSchema->schema_cookie -= 32;
+  }
+
   if( rc==SQLITE_OK ){
     rc = sessionChangesetApply(
         db, pIter, xFilter, xConflict, pCtx, ppRebase, pnRebase, flags
     );
   }
+
+  if( (flags & SQLITE_CHANGESETAPPLY_FKNOACTION) && savedFlag==0 ){
+    assert( db->flags & SQLITE_FkNoAction );
+    db->flags &= ~((u64)SQLITE_FkNoAction);
+    db->aDb[0].pSchema->schema_cookie -= 32;
+  }
   return rc;
 }
 
@@ -222915,6 +226381,9 @@ struct sqlite3_changegroup {
   int rc;                         /* Error code */
   int bPatch;                     /* True to accumulate patchsets */
   SessionTable *pList;            /* List of tables in current patch */
+
+  sqlite3 *db;                    /* Configured by changegroup_schema() */
+  char *zDb;                      /* Configured by changegroup_schema() */
 };
 
 /*
@@ -222935,6 +226404,7 @@ static int sessionChangeMerge(
 ){
   SessionChange *pNew = 0;
   int rc = SQLITE_OK;
+  assert( aRec!=0 );
 
   if( !pExist ){
     pNew = (SessionChange *)sqlite3_malloc64(sizeof(SessionChange) + nRec);
@@ -223100,6 +226570,114 @@ static int sessionChangeMerge(
   return rc;
 }
 
+/*
+** Check if a changeset entry with nCol columns and the PK array passed
+** as the final argument to this function is compatible with SessionTable
+** pTab. If so, return 1. Otherwise, if they are incompatible in some way,
+** return 0.
+*/
+static int sessionChangesetCheckCompat(
+  SessionTable *pTab,
+  int nCol,
+  u8 *abPK
+){
+  if( pTab->azCol && nColnCol ){
+    int ii;
+    for(ii=0; iinCol; ii++){
+      u8 bPK = (ii < nCol) ? abPK[ii] : 0;
+      if( pTab->abPK[ii]!=bPK ) return 0;
+    }
+    return 1;
+  }
+  return (pTab->nCol==nCol && 0==memcmp(abPK, pTab->abPK, nCol));
+}
+
+static int sessionChangesetExtendRecord(
+  sqlite3_changegroup *pGrp,
+  SessionTable *pTab,
+  int nCol,
+  int op,
+  const u8 *aRec,
+  int nRec,
+  SessionBuffer *pOut
+){
+  int rc = SQLITE_OK;
+  int ii = 0;
+
+  assert( pTab->azCol );
+  assert( nColnCol );
+
+  pOut->nBuf = 0;
+  if( op==SQLITE_INSERT || (op==SQLITE_DELETE && pGrp->bPatch==0) ){
+    /* Append the missing default column values to the record. */
+    sessionAppendBlob(pOut, aRec, nRec, &rc);
+    if( rc==SQLITE_OK && pTab->pDfltStmt==0 ){
+      rc = sessionPrepareDfltStmt(pGrp->db, pTab, &pTab->pDfltStmt);
+    }
+    for(ii=nCol; rc==SQLITE_OK && iinCol; ii++){
+      int eType = sqlite3_column_type(pTab->pDfltStmt, ii);
+      sessionAppendByte(pOut, eType, &rc);
+      switch( eType ){
+        case SQLITE_FLOAT:
+        case SQLITE_INTEGER: {
+          i64 iVal;
+          if( eType==SQLITE_INTEGER ){
+            iVal = sqlite3_column_int64(pTab->pDfltStmt, ii);
+          }else{
+            double rVal = sqlite3_column_int64(pTab->pDfltStmt, ii);
+            memcpy(&iVal, &rVal, sizeof(i64));
+          }
+          if( SQLITE_OK==sessionBufferGrow(pOut, 8, &rc) ){
+            sessionPutI64(&pOut->aBuf[pOut->nBuf], iVal);
+          }
+          break;
+        }
+
+        case SQLITE_BLOB:
+        case SQLITE_TEXT: {
+          int n = sqlite3_column_bytes(pTab->pDfltStmt, ii);
+          sessionAppendVarint(pOut, n, &rc);
+          if( eType==SQLITE_TEXT ){
+            const u8 *z = (const u8*)sqlite3_column_text(pTab->pDfltStmt, ii);
+            sessionAppendBlob(pOut, z, n, &rc);
+          }else{
+            const u8 *z = (const u8*)sqlite3_column_blob(pTab->pDfltStmt, ii);
+            sessionAppendBlob(pOut, z, n, &rc);
+          }
+          break;
+        }
+
+        default:
+          assert( eType==SQLITE_NULL );
+          break;
+      }
+    }
+  }else if( op==SQLITE_UPDATE ){
+    /* Append missing "undefined" entries to the old.* record. And, if this
+    ** is an UPDATE, to the new.* record as well.  */
+    int iOff = 0;
+    if( pGrp->bPatch==0 ){
+      for(ii=0; iinCol-nCol); ii++){
+        sessionAppendByte(pOut, 0x00, &rc);
+      }
+    }
+
+    sessionAppendBlob(pOut, &aRec[iOff], nRec-iOff, &rc);
+    for(ii=0; ii<(pTab->nCol-nCol); ii++){
+      sessionAppendByte(pOut, 0x00, &rc);
+    }
+  }else{
+    assert( op==SQLITE_DELETE && pGrp->bPatch );
+    sessionAppendBlob(pOut, aRec, nRec, &rc);
+  }
+
+  return rc;
+}
+
 /*
 ** Add all changes in the changeset traversed by the iterator passed as
 ** the first argument to the changegroup hash tables.
@@ -223113,6 +226691,7 @@ static int sessionChangesetToHash(
   int nRec;
   int rc = SQLITE_OK;
   SessionTable *pTab = 0;
+  SessionBuffer rec = {0, 0, 0};
 
   while( SQLITE_ROW==sessionChangesetNext(pIter, &aRec, &nRec, 0) ){
     const char *zNew;
@@ -223124,6 +226703,9 @@ static int sessionChangesetToHash(
     SessionChange *pExist = 0;
     SessionChange **pp;
 
+    /* Ensure that only changesets, or only patchsets, but not a mixture
+    ** of both, are being combined. It is an error to try to combine a
+    ** changeset and a patchset.  */
     if( pGrp->pList==0 ){
       pGrp->bPatch = pIter->bPatchset;
     }else if( pIter->bPatchset!=pGrp->bPatch ){
@@ -223156,18 +226738,38 @@ static int sessionChangesetToHash(
         pTab->zName = (char*)&pTab->abPK[nCol];
         memcpy(pTab->zName, zNew, nNew+1);
 
+        if( pGrp->db ){
+          pTab->nCol = 0;
+          rc = sessionInitTable(0, pTab, pGrp->db, pGrp->zDb);
+          if( rc ){
+            assert( pTab->azCol==0 );
+            sqlite3_free(pTab);
+            break;
+          }
+        }
+
         /* The new object must be linked on to the end of the list, not
         ** simply added to the start of it. This is to ensure that the
         ** tables within the output of sqlite3changegroup_output() are in
         ** the right order.  */
         for(ppTab=&pGrp->pList; *ppTab; ppTab=&(*ppTab)->pNext);
         *ppTab = pTab;
-      }else if( pTab->nCol!=nCol || memcmp(pTab->abPK, abPK, nCol) ){
+      }
+
+      if( !sessionChangesetCheckCompat(pTab, nCol, abPK) ){
         rc = SQLITE_SCHEMA;
         break;
       }
     }
 
+    if( nColnCol ){
+      assert( pGrp->db );
+      rc = sessionChangesetExtendRecord(pGrp, pTab, nCol, op, aRec, nRec, &rec);
+      if( rc ) break;
+      aRec = rec.aBuf;
+      nRec = rec.nBuf;
+    }
+
     if( sessionGrowHash(0, pIter->bPatchset, pTab) ){
       rc = SQLITE_NOMEM;
       break;
@@ -223205,6 +226807,7 @@ static int sessionChangesetToHash(
     }
   }
 
+  sqlite3_free(rec.aBuf);
   if( rc==SQLITE_OK ) rc = pIter->rc;
   return rc;
 }
@@ -223291,6 +226894,31 @@ SQLITE_API int sqlite3changegroup_new(sqlite3_changegroup **pp){
   return rc;
 }
 
+/*
+** Provide a database schema to the changegroup object.
+*/
+SQLITE_API int sqlite3changegroup_schema(
+  sqlite3_changegroup *pGrp,
+  sqlite3 *db,
+  const char *zDb
+){
+  int rc = SQLITE_OK;
+
+  if( pGrp->pList || pGrp->db ){
+    /* Cannot add a schema after one or more calls to sqlite3changegroup_add(),
+    ** or after sqlite3changegroup_schema() has already been called. */
+    rc = SQLITE_MISUSE;
+  }else{
+    pGrp->zDb = sqlite3_mprintf("%s", zDb);
+    if( pGrp->zDb==0 ){
+      rc = SQLITE_NOMEM;
+    }else{
+      pGrp->db = db;
+    }
+  }
+  return rc;
+}
+
 /*
 ** Add the changeset currently stored in buffer pData, size nData bytes,
 ** to changeset-group p.
@@ -223354,6 +226982,7 @@ SQLITE_API int sqlite3changegroup_output_strm(
 */
 SQLITE_API void sqlite3changegroup_delete(sqlite3_changegroup *pGrp){
   if( pGrp ){
+    sqlite3_free(pGrp->zDb);
     sessionDeleteTable(0, pGrp->pList);
     sqlite3_free(pGrp);
   }
@@ -224061,7 +227690,7 @@ struct Fts5PhraseIter {
 **   See xPhraseFirstColumn above.
 */
 struct Fts5ExtensionApi {
-  int iVersion;                   /* Currently always set to 3 */
+  int iVersion;                   /* Currently always set to 2 */
 
   void *(*xUserData)(Fts5Context*);
 
@@ -224290,8 +227919,8 @@ struct Fts5ExtensionApi {
 **   as separate queries of the FTS index are required for each synonym.
 **
 **   When using methods (2) or (3), it is important that the tokenizer only
-**   provide synonyms when tokenizing document text (method (2)) or query
-**   text (method (3)), not both. Doing so will not cause any errors, but is
+**   provide synonyms when tokenizing document text (method (3)) or query
+**   text (method (2)), not both. Doing so will not cause any errors, but is
 **   inefficient.
 */
 typedef struct Fts5Tokenizer Fts5Tokenizer;
@@ -224339,7 +227968,7 @@ struct fts5_api {
   int (*xCreateTokenizer)(
     fts5_api *pApi,
     const char *zName,
-    void *pContext,
+    void *pUserData,
     fts5_tokenizer *pTokenizer,
     void (*xDestroy)(void*)
   );
@@ -224348,7 +227977,7 @@ struct fts5_api {
   int (*xFindTokenizer)(
     fts5_api *pApi,
     const char *zName,
-    void **ppContext,
+    void **ppUserData,
     fts5_tokenizer *pTokenizer
   );
 
@@ -224356,7 +227985,7 @@ struct fts5_api {
   int (*xCreateFunction)(
     fts5_api *pApi,
     const char *zName,
-    void *pContext,
+    void *pUserData,
     fts5_extension_function xFunction,
     void (*xDestroy)(void*)
   );
@@ -224528,6 +228157,10 @@ typedef struct Fts5Config Fts5Config;
 **   attempt to merge together. A value of 1 sets the object to use the
 **   compile time default. Zero disables auto-merge altogether.
 **
+** bContentlessDelete:
+**   True if the contentless_delete option was present in the CREATE
+**   VIRTUAL TABLE statement.
+**
 ** zContent:
 **
 ** zContentRowid:
@@ -224562,6 +228195,7 @@ struct Fts5Config {
   int nPrefix;                    /* Number of prefix indexes */
   int *aPrefix;                   /* Sizes in bytes of nPrefix prefix indexes */
   int eContent;                   /* An FTS5_CONTENT value */
+  int bContentlessDelete;         /* "contentless_delete=" option (dflt==0) */
   char *zContent;                 /* content table */
   char *zContentRowid;            /* "content_rowid=" option value */
   int bColumnsize;                /* "columnsize=" option value (dflt==1) */
@@ -224583,6 +228217,7 @@ struct Fts5Config {
   char *zRank;                    /* Name of rank function */
   char *zRankArgs;                /* Arguments to rank function */
   int bSecureDelete;              /* 'secure-delete' */
+  int nDeleteMerge;           /* 'deletemerge' */
 
   /* If non-NULL, points to sqlite3_vtab.base.zErrmsg. Often NULL. */
   char **pzErrmsg;
@@ -224905,6 +228540,9 @@ static int sqlite3Fts5IndexReset(Fts5Index *p);
 
 static int sqlite3Fts5IndexLoadConfig(Fts5Index *p);
 
+static int sqlite3Fts5IndexGetOrigin(Fts5Index *p, i64 *piOrigin);
+static int sqlite3Fts5IndexContentlessDelete(Fts5Index *p, i64 iOrigin, i64 iRowid);
+
 /*
 ** End of interface to code in fts5_index.c.
 **************************************************************************/
@@ -224989,6 +228627,11 @@ static int sqlite3Fts5HashWrite(
 */
 static void sqlite3Fts5HashClear(Fts5Hash*);
 
+/*
+** Return true if the hash is empty, false otherwise.
+*/
+static int sqlite3Fts5HashIsEmpty(Fts5Hash*);
+
 static int sqlite3Fts5HashQuery(
   Fts5Hash*,                      /* Hash table to query */
   int nPre,
@@ -225010,6 +228653,7 @@ static void sqlite3Fts5HashScanEntry(Fts5Hash *,
 );
 
 
+
 /*
 ** End of interface to code in fts5_hash.c.
 **************************************************************************/
@@ -225253,7 +228897,8 @@ static void sqlite3Fts5UnicodeAscii(u8*, u8*);
 #define FTS5_STAR                            15
 
 /* This file is automatically generated by Lemon from input grammar
-** source file "fts5parse.y". */
+** source file "fts5parse.y".
+*/
 /*
 ** 2000-05-29
 **
@@ -226843,15 +230488,19 @@ static int fts5CInstIterInit(
 */
 typedef struct HighlightContext HighlightContext;
 struct HighlightContext {
-  CInstIter iter;                 /* Coalesced Instance Iterator */
-  int iPos;                       /* Current token offset in zIn[] */
+  /* Constant parameters to fts5HighlightCb() */
   int iRangeStart;                /* First token to include */
   int iRangeEnd;                  /* If non-zero, last token to include */
   const char *zOpen;              /* Opening highlight */
   const char *zClose;             /* Closing highlight */
   const char *zIn;                /* Input text */
   int nIn;                        /* Size of input text in bytes */
-  int iOff;                       /* Current offset within zIn[] */
+
+  /* Variables modified by fts5HighlightCb() */
+  CInstIter iter;                 /* Coalesced Instance Iterator */
+  int iPos;                       /* Current token offset in zIn[] */
+  int iOff;                       /* Have copied up to this offset in zIn[] */
+  int bOpen;                      /* True if highlight is open */
   char *zOut;                     /* Output value */
 };
 
@@ -226884,8 +230533,8 @@ static int fts5HighlightCb(
   int tflags,                     /* Mask of FTS5_TOKEN_* flags */
   const char *pToken,             /* Buffer containing token */
   int nToken,                     /* Size of token in bytes */
-  int iStartOff,                  /* Start offset of token */
-  int iEndOff                     /* End offset of token */
+  int iStartOff,                  /* Start byte offset of token */
+  int iEndOff                     /* End byte offset of token */
 ){
   HighlightContext *p = (HighlightContext*)pContext;
   int rc = SQLITE_OK;
@@ -226901,30 +230550,47 @@ static int fts5HighlightCb(
     if( p->iRangeStart && iPos==p->iRangeStart ) p->iOff = iStartOff;
   }
 
-  if( iPos==p->iter.iStart ){
+  /* If the parenthesis is open, and this token is not part of the current
+  ** phrase, and the starting byte offset of this token is past the point
+  ** that has currently been copied into the output buffer, close the
+  ** parenthesis. */
+  if( p->bOpen
+   && (iPos<=p->iter.iStart || p->iter.iStart<0)
+   && iStartOff>p->iOff
+  ){
+    fts5HighlightAppend(&rc, p, p->zClose, -1);
+    p->bOpen = 0;
+  }
+
+  /* If this is the start of a new phrase, and the highlight is not open:
+  **
+  **   * copy text from the input up to the start of the phrase, and
+  **   * open the highlight.
+  */
+  if( iPos==p->iter.iStart && p->bOpen==0 ){
     fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iStartOff - p->iOff);
     fts5HighlightAppend(&rc, p, p->zOpen, -1);
     p->iOff = iStartOff;
+    p->bOpen = 1;
   }
 
   if( iPos==p->iter.iEnd ){
-    if( p->iRangeEnd>=0 && p->iter.iStartiRangeStart ){
+    if( p->bOpen==0 ){
+      assert( p->iRangeEnd>=0 );
       fts5HighlightAppend(&rc, p, p->zOpen, -1);
+      p->bOpen = 1;
     }
     fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iEndOff - p->iOff);
-    fts5HighlightAppend(&rc, p, p->zClose, -1);
     p->iOff = iEndOff;
+
     if( rc==SQLITE_OK ){
       rc = fts5CInstIterNext(&p->iter);
     }
   }
 
-  if( p->iRangeEnd>=0 && iPos==p->iRangeEnd ){
+  if( iPos==p->iRangeEnd ){
     fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iEndOff - p->iOff);
     p->iOff = iEndOff;
-    if( iPos>=p->iter.iStart && iPositer.iEnd ){
-      fts5HighlightAppend(&rc, p, p->zClose, -1);
-    }
   }
 
   return rc;
@@ -226965,6 +230631,9 @@ static void fts5HighlightFunction(
     if( rc==SQLITE_OK ){
       rc = pApi->xTokenize(pFts, ctx.zIn, ctx.nIn, (void*)&ctx,fts5HighlightCb);
     }
+    if( ctx.bOpen ){
+      fts5HighlightAppend(&rc, &ctx, ctx.zClose, -1);
+    }
     fts5HighlightAppend(&rc, &ctx, &ctx.zIn[ctx.iOff], ctx.nIn - ctx.iOff);
 
     if( rc==SQLITE_OK ){
@@ -227243,6 +230912,9 @@ static void fts5SnippetFunction(
     if( rc==SQLITE_OK ){
       rc = pApi->xTokenize(pFts, ctx.zIn, ctx.nIn, (void*)&ctx,fts5HighlightCb);
     }
+    if( ctx.bOpen ){
+      fts5HighlightAppend(&rc, &ctx, ctx.zClose, -1);
+    }
     if( ctx.iRangeEnd>=(nColSize-1) ){
       fts5HighlightAppend(&rc, &ctx, &ctx.zIn[ctx.iOff], ctx.nIn - ctx.iOff);
     }else{
@@ -227881,6 +231553,8 @@ static void sqlite3Fts5TermsetFree(Fts5Termset *p){
 #define FTS5_DEFAULT_CRISISMERGE   16
 #define FTS5_DEFAULT_HASHSIZE    (1024*1024)
 
+#define FTS5_DEFAULT_DELETE_AUTOMERGE 10      /* default 10% */
+
 /* Maximum allowed page size */
 #define FTS5_MAX_PAGE_SIZE (64*1024)
 
@@ -228211,6 +231885,16 @@ static int fts5ConfigParseSpecial(
     return rc;
   }
 
+  if( sqlite3_strnicmp("contentless_delete", zCmd, nCmd)==0 ){
+    if( (zArg[0]!='0' && zArg[0]!='1') || zArg[1]!='\0' ){
+      *pzErr = sqlite3_mprintf("malformed contentless_delete=... directive");
+      rc = SQLITE_ERROR;
+    }else{
+      pConfig->bContentlessDelete = (zArg[0]=='1');
+    }
+    return rc;
+  }
+
   if( sqlite3_strnicmp("content_rowid", zCmd, nCmd)==0 ){
     if( pConfig->zContentRowid ){
       *pzErr = sqlite3_mprintf("multiple content_rowid=... directives");
@@ -228455,6 +232139,28 @@ static int sqlite3Fts5ConfigParse(
     sqlite3_free(zTwo);
   }
 
+  /* We only allow contentless_delete=1 if the table is indeed contentless. */
+  if( rc==SQLITE_OK
+   && pRet->bContentlessDelete
+   && pRet->eContent!=FTS5_CONTENT_NONE
+  ){
+    *pzErr = sqlite3_mprintf(
+        "contentless_delete=1 requires a contentless table"
+    );
+    rc = SQLITE_ERROR;
+  }
+
+  /* We only allow contentless_delete=1 if columnsize=0 is not present.
+  **
+  ** This restriction may be removed at some point.
+  */
+  if( rc==SQLITE_OK && pRet->bContentlessDelete && pRet->bColumnsize==0 ){
+    *pzErr = sqlite3_mprintf(
+        "contentless_delete=1 is incompatible with columnsize=0"
+    );
+    rc = SQLITE_ERROR;
+  }
+
   /* If a tokenizer= option was successfully parsed, the tokenizer has
   ** already been allocated. Otherwise, allocate an instance of the default
   ** tokenizer (unicode61) now.  */
@@ -228749,6 +232455,18 @@ static int sqlite3Fts5ConfigSetValue(
     }
   }
 
+  else if( 0==sqlite3_stricmp(zKey, "deletemerge") ){
+    int nVal = -1;
+    if( SQLITE_INTEGER==sqlite3_value_numeric_type(pVal) ){
+      nVal = sqlite3_value_int(pVal);
+    }else{
+      *pbBadkey = 1;
+    }
+    if( nVal<0 ) nVal = FTS5_DEFAULT_DELETE_AUTOMERGE;
+    if( nVal>100 ) nVal = 0;
+    pConfig->nDeleteMerge = nVal;
+  }
+
   else if( 0==sqlite3_stricmp(zKey, "rank") ){
     const char *zIn = (const char*)sqlite3_value_text(pVal);
     char *zRank;
@@ -228797,6 +232515,7 @@ static int sqlite3Fts5ConfigLoad(Fts5Config *pConfig, int iCookie){
   pConfig->nUsermerge = FTS5_DEFAULT_USERMERGE;
   pConfig->nCrisisMerge = FTS5_DEFAULT_CRISISMERGE;
   pConfig->nHashSize = FTS5_DEFAULT_HASHSIZE;
+  pConfig->nDeleteMerge = FTS5_DEFAULT_DELETE_AUTOMERGE;
 
   zSql = sqlite3Fts5Mprintf(&rc, zSelect, pConfig->zDb, pConfig->zName);
   if( zSql ){
@@ -231320,7 +235039,7 @@ static Fts5ExprNode *sqlite3Fts5ParseImplicitAnd(
   return pRet;
 }
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 static char *fts5ExprTermPrint(Fts5ExprTerm *pTerm){
   sqlite3_int64 nByte = 0;
   Fts5ExprTerm *p;
@@ -231426,6 +235145,8 @@ static char *fts5ExprPrintTcl(
       if( zRet==0 ) return 0;
     }
 
+  }else if( pExpr->eType==0 ){
+    zRet = sqlite3_mprintf("{}");
   }else{
     char const *zOp = 0;
     int i;
@@ -231687,14 +235408,14 @@ static void fts5ExprFold(
     sqlite3_result_int(pCtx, sqlite3Fts5UnicodeFold(iCode, bRemoveDiacritics));
   }
 }
-#endif /* ifdef SQLITE_TEST */
+#endif /* if SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
 /*
 ** This is called during initialization to register the fts5_expr() scalar
 ** UDF with the SQLite handle passed as the only argument.
 */
 static int sqlite3Fts5ExprInit(Fts5Global *pGlobal, sqlite3 *db){
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
   struct Fts5ExprFunc {
     const char *z;
     void (*x)(sqlite3_context*,int,sqlite3_value**);
@@ -232454,7 +236175,6 @@ static int fts5HashEntrySort(
     pList = fts5HashEntryMerge(pList, ap[i]);
   }
 
-  pHash->nEntry = 0;
   sqlite3_free(ap);
   *ppSorted = pList;
   return SQLITE_OK;
@@ -232508,6 +236228,28 @@ static int sqlite3Fts5HashScanInit(
   return fts5HashEntrySort(p, pTerm, nTerm, &p->pScan);
 }
 
+#ifdef SQLITE_DEBUG
+static int fts5HashCount(Fts5Hash *pHash){
+  int nEntry = 0;
+  int ii;
+  for(ii=0; iinSlot; ii++){
+    Fts5HashEntry *p = 0;
+    for(p=pHash->aSlot[ii]; p; p=p->pHashNext){
+      nEntry++;
+    }
+  }
+  return nEntry;
+}
+#endif
+
+/*
+** Return true if the hash table is empty, false otherwise.
+*/
+static int sqlite3Fts5HashIsEmpty(Fts5Hash *pHash){
+  assert( pHash->nEntry==fts5HashCount(pHash) );
+  return pHash->nEntry==0;
+}
+
 static void sqlite3Fts5HashScanNext(Fts5Hash *p){
   assert( !sqlite3Fts5HashScanEof(p) );
   p->pScan = p->pScan->pScanNext;
@@ -232596,6 +236338,24 @@ static void sqlite3Fts5HashScanEntry(
 
 #define FTS5_MAX_LEVEL 64
 
+/*
+** There are two versions of the format used for the structure record:
+**
+**   1. the legacy format, that may be read by all fts5 versions, and
+**
+**   2. the V2 format, which is used by contentless_delete=1 databases.
+**
+** Both begin with a 4-byte "configuration cookie" value. Then, a legacy
+** format structure record contains a varint - the number of levels in
+** the structure. Whereas a V2 structure record contains the constant
+** 4 bytes [0xff 0x00 0x00 0x01]. This is unambiguous as the value of a
+** varint has to be at least 16256 to begin with "0xFF". And the default
+** maximum number of levels is 64.
+**
+** See below for more on structure record formats.
+*/
+#define FTS5_STRUCTURE_V2 "\xFF\x00\x00\x01"
+
 /*
 ** Details:
 **
@@ -232603,7 +236363,7 @@ static void sqlite3Fts5HashScanEntry(
 **
 **     CREATE TABLE %_data(id INTEGER PRIMARY KEY, block BLOB);
 **
-** , contains the following 5 types of records. See the comments surrounding
+** , contains the following 6 types of records. See the comments surrounding
 ** the FTS5_*_ROWID macros below for a description of how %_data rowids are
 ** assigned to each fo them.
 **
@@ -232612,12 +236372,12 @@ static void sqlite3Fts5HashScanEntry(
 **   The set of segments that make up an index - the index structure - are
 **   recorded in a single record within the %_data table. The record consists
 **   of a single 32-bit configuration cookie value followed by a list of
-**   SQLite varints. If the FTS table features more than one index (because
-**   there are one or more prefix indexes), it is guaranteed that all share
-**   the same cookie value.
+**   SQLite varints.
+**
+**   If the structure record is a V2 record, the configuration cookie is
+**   followed by the following 4 bytes: [0xFF 0x00 0x00 0x01].
 **
-**   Immediately following the configuration cookie, the record begins with
-**   three varints:
+**   Next, the record continues with three varints:
 **
 **     + number of levels,
 **     + total number of segments on all levels,
@@ -232632,6 +236392,12 @@ static void sqlite3Fts5HashScanEntry(
 **         + first leaf page number (often 1, always greater than 0)
 **         + final leaf page number
 **
+**      Then, for V2 structures only:
+**
+**         + lower origin counter value,
+**         + upper origin counter value,
+**         + the number of tombstone hash pages.
+**
 ** 2. The Averages Record:
 **
 **   A single record within the %_data table. The data is a list of varints.
@@ -232747,6 +236513,38 @@ static void sqlite3Fts5HashScanEntry(
 **     * A list of delta-encoded varints - the first rowid on each subsequent
 **       child page.
 **
+** 6. Tombstone Hash Page
+**
+**   These records are only ever present in contentless_delete=1 tables.
+**   There are zero or more of these associated with each segment. They
+**   are used to store the tombstone rowids for rows contained in the
+**   associated segments.
+**
+**   The set of nHashPg tombstone hash pages associated with a single
+**   segment together form a single hash table containing tombstone rowids.
+**   To find the page of the hash on which a key might be stored:
+**
+**       iPg = (rowid % nHashPg)
+**
+**   Then, within page iPg, which has nSlot slots:
+**
+**       iSlot = (rowid / nHashPg) % nSlot
+**
+**   Each tombstone hash page begins with an 8 byte header:
+**
+**     1-byte:  Key-size (the size in bytes of each slot). Either 4 or 8.
+**     1-byte:  rowid-0-tombstone flag. This flag is only valid on the
+**              first tombstone hash page for each segment (iPg=0). If set,
+**              the hash table contains rowid 0. If clear, it does not.
+**              Rowid 0 is handled specially.
+**     2-bytes: unused.
+**     4-bytes: Big-endian integer containing number of entries on page.
+**
+**   Following this are nSlot 4 or 8 byte slots (depending on the key-size
+**   in the first byte of the page header). The number of slots may be
+**   determined based on the size of the page record and the key-size:
+**
+**     nSlot = (nByte - 8) / key-size
 */
 
 /*
@@ -232780,6 +236578,7 @@ static void sqlite3Fts5HashScanEntry(
 
 #define FTS5_SEGMENT_ROWID(segid, pgno)       fts5_dri(segid, 0, 0, pgno)
 #define FTS5_DLIDX_ROWID(segid, height, pgno) fts5_dri(segid, 1, height, pgno)
+#define FTS5_TOMBSTONE_ROWID(segid,ipg)       fts5_dri(segid+(1<<16), 0, 0, ipg)
 
 #ifdef SQLITE_DEBUG
 static int sqlite3Fts5Corrupt() { return SQLITE_CORRUPT_VTAB; }
@@ -232815,6 +236614,12 @@ struct Fts5Data {
 
 /*
 ** One object per %_data table.
+**
+** nContentlessDelete:
+**   The number of contentless delete operations since the most recent
+**   call to fts5IndexFlush() or fts5IndexDiscardData(). This is tracked
+**   so that extra auto-merge work can be done by fts5IndexFlush() to
+**   account for the delete operations.
 */
 struct Fts5Index {
   Fts5Config *pConfig;            /* Virtual table configuration */
@@ -232829,6 +236634,8 @@ struct Fts5Index {
   int nPendingData;               /* Current bytes of pending data */
   i64 iWriteRowid;                /* Rowid for current doc being written */
   int bDelete;                    /* Current write is a delete */
+  int nContentlessDelete;         /* Number of contentless delete ops */
+  int nPendingRow;                /* Number of INSERT in hash table */
 
   /* Error state. */
   int rc;                         /* Current error code */
@@ -232863,11 +236670,23 @@ struct Fts5DoclistIter {
 ** The contents of the "structure" record for each index are represented
 ** using an Fts5Structure record in memory. Which uses instances of the
 ** other Fts5StructureXXX types as components.
+**
+** nOriginCntr:
+**   This value is set to non-zero for structure records created for
+**   contentlessdelete=1 tables only. In that case it represents the
+**   origin value to apply to the next top-level segment created.
 */
 struct Fts5StructureSegment {
   int iSegid;                     /* Segment id */
   int pgnoFirst;                  /* First leaf page number in segment */
   int pgnoLast;                   /* Last leaf page number in segment */
+
+  /* contentlessdelete=1 tables only: */
+  u64 iOrigin1;
+  u64 iOrigin2;
+  int nPgTombstone;               /* Number of tombstone hash table pages */
+  u64 nEntryTombstone;            /* Number of tombstone entries that "count" */
+  u64 nEntry;                     /* Number of rows in this segment */
 };
 struct Fts5StructureLevel {
   int nMerge;                     /* Number of segments in incr-merge */
@@ -232877,6 +236696,7 @@ struct Fts5StructureLevel {
 struct Fts5Structure {
   int nRef;                       /* Object reference count */
   u64 nWriteCounter;              /* Total leaves written to level 0 */
+  u64 nOriginCntr;                /* Origin value for next top-level segment */
   int nSegment;                   /* Total segments in this structure */
   int nLevel;                     /* Number of levels in this index */
   Fts5StructureLevel aLevel[1];   /* Array of nLevel level objects */
@@ -232965,6 +236785,13 @@ struct Fts5CResult {
 **
 ** iTermIdx:
 **     Index of current term on iTermLeafPgno.
+**
+** apTombstone/nTombstone:
+**     These are used for contentless_delete=1 tables only. When the cursor
+**     is first allocated, the apTombstone[] array is allocated so that it
+**     is large enough for all tombstones hash pages associated with the
+**     segment. The pages themselves are loaded lazily from the database as
+**     they are required.
 */
 struct Fts5SegIter {
   Fts5StructureSegment *pSeg;     /* Segment to iterate through */
@@ -232973,6 +236800,8 @@ struct Fts5SegIter {
   Fts5Data *pLeaf;                /* Current leaf data */
   Fts5Data *pNextLeaf;            /* Leaf page (iLeafPgno+1) */
   i64 iLeafOffset;                /* Byte offset within current leaf */
+  Fts5Data **apTombstone;         /* Array of tombstone pages */
+  int nTombstone;
 
   /* Next method */
   void (*xNext)(Fts5Index*, Fts5SegIter*, int*);
@@ -233102,6 +236931,60 @@ static u16 fts5GetU16(const u8 *aIn){
   return ((u16)aIn[0] << 8) + aIn[1];
 }
 
+/*
+** The only argument points to a buffer at least 8 bytes in size. This
+** function interprets the first 8 bytes of the buffer as a 64-bit big-endian
+** unsigned integer and returns the result.
+*/
+static u64 fts5GetU64(u8 *a){
+  return ((u64)a[0] << 56)
+       + ((u64)a[1] << 48)
+       + ((u64)a[2] << 40)
+       + ((u64)a[3] << 32)
+       + ((u64)a[4] << 24)
+       + ((u64)a[5] << 16)
+       + ((u64)a[6] << 8)
+       + ((u64)a[7] << 0);
+}
+
+/*
+** The only argument points to a buffer at least 4 bytes in size. This
+** function interprets the first 4 bytes of the buffer as a 32-bit big-endian
+** unsigned integer and returns the result.
+*/
+static u32 fts5GetU32(const u8 *a){
+  return ((u32)a[0] << 24)
+       + ((u32)a[1] << 16)
+       + ((u32)a[2] << 8)
+       + ((u32)a[3] << 0);
+}
+
+/*
+** Write iVal, formated as a 64-bit big-endian unsigned integer, to the
+** buffer indicated by the first argument.
+*/
+static void fts5PutU64(u8 *a, u64 iVal){
+  a[0] = ((iVal >> 56) & 0xFF);
+  a[1] = ((iVal >> 48) & 0xFF);
+  a[2] = ((iVal >> 40) & 0xFF);
+  a[3] = ((iVal >> 32) & 0xFF);
+  a[4] = ((iVal >> 24) & 0xFF);
+  a[5] = ((iVal >> 16) & 0xFF);
+  a[6] = ((iVal >>  8) & 0xFF);
+  a[7] = ((iVal >>  0) & 0xFF);
+}
+
+/*
+** Write iVal, formated as a 32-bit big-endian unsigned integer, to the
+** buffer indicated by the first argument.
+*/
+static void fts5PutU32(u8 *a, u32 iVal){
+  a[0] = ((iVal >> 24) & 0xFF);
+  a[1] = ((iVal >> 16) & 0xFF);
+  a[2] = ((iVal >>  8) & 0xFF);
+  a[3] = ((iVal >>  0) & 0xFF);
+}
+
 /*
 ** Allocate and return a buffer at least nByte bytes in size.
 **
@@ -233329,10 +237212,17 @@ static void fts5DataDelete(Fts5Index *p, i64 iFirst, i64 iLast){
 /*
 ** Remove all records associated with segment iSegid.
 */
-static void fts5DataRemoveSegment(Fts5Index *p, int iSegid){
+static void fts5DataRemoveSegment(Fts5Index *p, Fts5StructureSegment *pSeg){
+  int iSegid = pSeg->iSegid;
   i64 iFirst = FTS5_SEGMENT_ROWID(iSegid, 0);
   i64 iLast = FTS5_SEGMENT_ROWID(iSegid+1, 0)-1;
   fts5DataDelete(p, iFirst, iLast);
+
+  if( pSeg->nPgTombstone ){
+    i64 iTomb1 = FTS5_TOMBSTONE_ROWID(iSegid, 0);
+    i64 iTomb2 = FTS5_TOMBSTONE_ROWID(iSegid, pSeg->nPgTombstone-1);
+    fts5DataDelete(p, iTomb1, iTomb2);
+  }
   if( p->pIdxDeleter==0 ){
     Fts5Config *pConfig = p->pConfig;
     fts5IndexPrepareStmt(p, &p->pIdxDeleter, sqlite3_mprintf(
@@ -233443,11 +237333,19 @@ static int fts5StructureDecode(
   int nSegment = 0;
   sqlite3_int64 nByte;            /* Bytes of space to allocate at pRet */
   Fts5Structure *pRet = 0;        /* Structure object to return */
+  int bStructureV2 = 0;           /* True for FTS5_STRUCTURE_V2 */
+  u64 nOriginCntr = 0;            /* Largest origin value seen so far */
 
   /* Grab the cookie value */
   if( piCookie ) *piCookie = sqlite3Fts5Get32(pData);
   i = 4;
 
+  /* Check if this is a V2 structure record. Set bStructureV2 if it is. */
+  if( 0==memcmp(&pData[i], FTS5_STRUCTURE_V2, 4) ){
+    i += 4;
+    bStructureV2 = 1;
+  }
+
   /* Read the total number of levels and segments from the start of the
   ** structure record.  */
   i += fts5GetVarint32(&pData[i], nLevel);
@@ -233498,6 +237396,14 @@ static int fts5StructureDecode(
           i += fts5GetVarint32(&pData[i], pSeg->iSegid);
           i += fts5GetVarint32(&pData[i], pSeg->pgnoFirst);
           i += fts5GetVarint32(&pData[i], pSeg->pgnoLast);
+          if( bStructureV2 ){
+            i += fts5GetVarint(&pData[i], &pSeg->iOrigin1);
+            i += fts5GetVarint(&pData[i], &pSeg->iOrigin2);
+            i += fts5GetVarint32(&pData[i], pSeg->nPgTombstone);
+            i += fts5GetVarint(&pData[i], &pSeg->nEntryTombstone);
+            i += fts5GetVarint(&pData[i], &pSeg->nEntry);
+            nOriginCntr = MAX(nOriginCntr, pSeg->iOrigin2);
+          }
           if( pSeg->pgnoLastpgnoFirst ){
             rc = FTS5_CORRUPT;
             break;
@@ -233508,6 +237414,9 @@ static int fts5StructureDecode(
       }
     }
     if( nSegment!=0 && rc==SQLITE_OK ) rc = FTS5_CORRUPT;
+    if( bStructureV2 ){
+      pRet->nOriginCntr = nOriginCntr+1;
+    }
 
     if( rc!=SQLITE_OK ){
       fts5StructureRelease(pRet);
@@ -233720,6 +237629,7 @@ static void fts5StructureWrite(Fts5Index *p, Fts5Structure *pStruct){
     Fts5Buffer buf;               /* Buffer to serialize record into */
     int iLvl;                     /* Used to iterate through levels */
     int iCookie;                  /* Cookie value to store */
+    int nHdr = (pStruct->nOriginCntr>0 ? (4+4+9+9+9) : (4+9+9));
 
     assert( pStruct->nSegment==fts5StructureCountSegments(pStruct) );
     memset(&buf, 0, sizeof(Fts5Buffer));
@@ -233728,9 +237638,12 @@ static void fts5StructureWrite(Fts5Index *p, Fts5Structure *pStruct){
     iCookie = p->pConfig->iCookie;
     if( iCookie<0 ) iCookie = 0;
 
-    if( 0==sqlite3Fts5BufferSize(&p->rc, &buf, 4+9+9+9) ){
+    if( 0==sqlite3Fts5BufferSize(&p->rc, &buf, nHdr) ){
       sqlite3Fts5Put32(buf.p, iCookie);
       buf.n = 4;
+      if( pStruct->nOriginCntr>0 ){
+        fts5BufferSafeAppendBlob(&buf, FTS5_STRUCTURE_V2, 4);
+      }
       fts5BufferSafeAppendVarint(&buf, pStruct->nLevel);
       fts5BufferSafeAppendVarint(&buf, pStruct->nSegment);
       fts5BufferSafeAppendVarint(&buf, (i64)pStruct->nWriteCounter);
@@ -233744,9 +237657,17 @@ static void fts5StructureWrite(Fts5Index *p, Fts5Structure *pStruct){
       assert( pLvl->nMerge<=pLvl->nSeg );
 
       for(iSeg=0; iSegnSeg; iSeg++){
-        fts5BufferAppendVarint(&p->rc, &buf, pLvl->aSeg[iSeg].iSegid);
-        fts5BufferAppendVarint(&p->rc, &buf, pLvl->aSeg[iSeg].pgnoFirst);
-        fts5BufferAppendVarint(&p->rc, &buf, pLvl->aSeg[iSeg].pgnoLast);
+        Fts5StructureSegment *pSeg = &pLvl->aSeg[iSeg];
+        fts5BufferAppendVarint(&p->rc, &buf, pSeg->iSegid);
+        fts5BufferAppendVarint(&p->rc, &buf, pSeg->pgnoFirst);
+        fts5BufferAppendVarint(&p->rc, &buf, pSeg->pgnoLast);
+        if( pStruct->nOriginCntr>0 ){
+          fts5BufferAppendVarint(&p->rc, &buf, pSeg->iOrigin1);
+          fts5BufferAppendVarint(&p->rc, &buf, pSeg->iOrigin2);
+          fts5BufferAppendVarint(&p->rc, &buf, pSeg->nPgTombstone);
+          fts5BufferAppendVarint(&p->rc, &buf, pSeg->nEntryTombstone);
+          fts5BufferAppendVarint(&p->rc, &buf, pSeg->nEntry);
+        }
       }
     }
 
@@ -234269,6 +238190,23 @@ static void fts5SegIterSetNext(Fts5Index *p, Fts5SegIter *pIter){
   }
 }
 
+/*
+** Allocate a tombstone hash page array (pIter->apTombstone) for the
+** iterator passed as the second argument. If an OOM error occurs, leave
+** an error in the Fts5Index object.
+*/
+static void fts5SegIterAllocTombstone(Fts5Index *p, Fts5SegIter *pIter){
+  const int nTomb = pIter->pSeg->nPgTombstone;
+  if( nTomb>0 ){
+    Fts5Data **apTomb = 0;
+    apTomb = (Fts5Data**)sqlite3Fts5MallocZero(&p->rc, sizeof(Fts5Data)*nTomb);
+    if( apTomb ){
+      pIter->apTombstone = apTomb;
+      pIter->nTombstone = nTomb;
+    }
+  }
+}
+
 /*
 ** Initialize the iterator object pIter to iterate through the entries in
 ** segment pSeg. The iterator is left pointing to the first entry when
@@ -234310,6 +238248,7 @@ static void fts5SegIterInit(
     pIter->iPgidxOff = pIter->pLeaf->szLeaf+1;
     fts5SegIterLoadTerm(p, pIter, 0);
     fts5SegIterLoadNPos(p, pIter);
+    fts5SegIterAllocTombstone(p, pIter);
   }
 }
 
@@ -235011,6 +238950,7 @@ static void fts5SegIterSeekInit(
   }
 
   fts5SegIterSetNext(p, pIter);
+  fts5SegIterAllocTombstone(p, pIter);
 
   /* Either:
   **
@@ -235091,6 +239031,20 @@ static void fts5SegIterHashInit(
   fts5SegIterSetNext(p, pIter);
 }
 
+/*
+** Array ap[] contains n elements. Release each of these elements using
+** fts5DataRelease(). Then free the array itself using sqlite3_free().
+*/
+static void fts5IndexFreeArray(Fts5Data **ap, int n){
+  if( ap ){
+    int ii;
+    for(ii=0; iiterm);
   fts5DataRelease(pIter->pLeaf);
   fts5DataRelease(pIter->pNextLeaf);
+  fts5IndexFreeArray(pIter->apTombstone, pIter->nTombstone);
   fts5DlidxIterFree(pIter->pDlidx);
   sqlite3_free(pIter->aRowidOffset);
   memset(pIter, 0, sizeof(Fts5SegIter));
@@ -235231,7 +239186,6 @@ static int fts5MultiIterDoCompare(Fts5Iter *pIter, int iOut){
       assert_nc( i2!=0 );
       pRes->bTermEq = 1;
       if( p1->iRowid==p2->iRowid ){
-        p1->bDel = p2->bDel;
         return i2;
       }
       res = ((p1->iRowid > p2->iRowid)==pIter->bRev) ? -1 : +1;
@@ -235435,6 +239389,84 @@ static void fts5MultiIterSetEof(Fts5Iter *pIter){
   pIter->iSwitchRowid = pSeg->iRowid;
 }
 
+/*
+** The argument to this macro must be an Fts5Data structure containing a
+** tombstone hash page. This macro returns the key-size of the hash-page.
+*/
+#define TOMBSTONE_KEYSIZE(pPg) (pPg->p[0]==4 ? 4 : 8)
+
+#define TOMBSTONE_NSLOT(pPg)   \
+  ((pPg->nn > 16) ? ((pPg->nn-8) / TOMBSTONE_KEYSIZE(pPg)) : 1)
+
+/*
+** Query a single tombstone hash table for rowid iRowid. Return true if
+** it is found or false otherwise. The tombstone hash table is one of
+** nHashTable tables.
+*/
+static int fts5IndexTombstoneQuery(
+  Fts5Data *pHash,                /* Hash table page to query */
+  int nHashTable,                 /* Number of pages attached to segment */
+  u64 iRowid                      /* Rowid to query hash for */
+){
+  const int szKey = TOMBSTONE_KEYSIZE(pHash);
+  const int nSlot = TOMBSTONE_NSLOT(pHash);
+  int iSlot = (iRowid / nHashTable) % nSlot;
+  int nCollide = nSlot;
+
+  if( iRowid==0 ){
+    return pHash->p[1];
+  }else if( szKey==4 ){
+    u32 *aSlot = (u32*)&pHash->p[8];
+    while( aSlot[iSlot] ){
+      if( fts5GetU32((u8*)&aSlot[iSlot])==iRowid ) return 1;
+      if( nCollide--==0 ) break;
+      iSlot = (iSlot+1)%nSlot;
+    }
+  }else{
+    u64 *aSlot = (u64*)&pHash->p[8];
+    while( aSlot[iSlot] ){
+      if( fts5GetU64((u8*)&aSlot[iSlot])==iRowid ) return 1;
+      if( nCollide--==0 ) break;
+      iSlot = (iSlot+1)%nSlot;
+    }
+  }
+
+  return 0;
+}
+
+/*
+** Return true if the iterator passed as the only argument points
+** to an segment entry for which there is a tombstone. Return false
+** if there is no tombstone or if the iterator is already at EOF.
+*/
+static int fts5MultiIterIsDeleted(Fts5Iter *pIter){
+  int iFirst = pIter->aFirst[1].iFirst;
+  Fts5SegIter *pSeg = &pIter->aSeg[iFirst];
+
+  if( pSeg->pLeaf && pSeg->nTombstone ){
+    /* Figure out which page the rowid might be present on. */
+    int iPg = ((u64)pSeg->iRowid) % pSeg->nTombstone;
+    assert( iPg>=0 );
+
+    /* If tombstone hash page iPg has not yet been loaded from the
+    ** database, load it now. */
+    if( pSeg->apTombstone[iPg]==0 ){
+      pSeg->apTombstone[iPg] = fts5DataRead(pIter->pIndex,
+          FTS5_TOMBSTONE_ROWID(pSeg->pSeg->iSegid, iPg)
+      );
+      if( pSeg->apTombstone[iPg]==0 ) return 0;
+    }
+
+    return fts5IndexTombstoneQuery(
+        pSeg->apTombstone[iPg],
+        pSeg->nTombstone,
+        pSeg->iRowid
+    );
+  }
+
+  return 0;
+}
+
 /*
 ** Move the iterator to the next entry.
 **
@@ -235472,7 +239504,9 @@ static void fts5MultiIterNext(
 
     fts5AssertMultiIterSetup(p, pIter);
     assert( pSeg==&pIter->aSeg[pIter->aFirst[1].iFirst] && pSeg->pLeaf );
-    if( pIter->bSkipEmpty==0 || pSeg->nPos ){
+    if( (pIter->bSkipEmpty==0 || pSeg->nPos)
+      && 0==fts5MultiIterIsDeleted(pIter)
+    ){
       pIter->xSetOutputs(pIter, pSeg);
       return;
     }
@@ -235504,7 +239538,9 @@ static void fts5MultiIterNext2(
       }
       fts5AssertMultiIterSetup(p, pIter);
 
-    }while( fts5MultiIterIsEmpty(p, pIter) );
+    }while( (fts5MultiIterIsEmpty(p, pIter) || fts5MultiIterIsDeleted(pIter))
+         && (p->rc==SQLITE_OK)
+    );
   }
 }
 
@@ -235517,7 +239553,7 @@ static Fts5Iter *fts5MultiIterAlloc(
   int nSeg
 ){
   Fts5Iter *pNew;
-  int nSlot;                      /* Power of two >= nSeg */
+  i64 nSlot;                      /* Power of two >= nSeg */
 
   for(nSlot=2; nSlotbSkipEmpty && fts5MultiIterIsEmpty(p, pNew) ){
+    if( (pNew->bSkipEmpty && fts5MultiIterIsEmpty(p, pNew))
+     || fts5MultiIterIsDeleted(pNew)
+    ){
       fts5MultiIterNext(p, pNew, 0, 0);
     }else if( pNew->base.bEof==0 ){
       Fts5SegIter *pSeg = &pNew->aSeg[pNew->aFirst[1].iFirst];
@@ -236237,7 +240275,9 @@ static void fts5IndexDiscardData(Fts5Index *p){
   if( p->pHash ){
     sqlite3Fts5HashClear(p->pHash);
     p->nPendingData = 0;
+    p->nPendingRow = 0;
   }
+  p->nContentlessDelete = 0;
 }
 
 /*
@@ -236874,6 +240914,12 @@ static void fts5IndexMergeLevel(
 
     /* Read input from all segments in the input level */
     nInput = pLvl->nSeg;
+
+    /* Set the range of origins that will go into the output segment. */
+    if( pStruct->nOriginCntr>0 ){
+      pSeg->iOrigin1 = pLvl->aSeg[0].iOrigin1;
+      pSeg->iOrigin2 = pLvl->aSeg[pLvl->nSeg-1].iOrigin2;
+    }
   }
   bOldest = (pLvlOut->nSeg==1 && pStruct->nLevel==iLvl+2);
 
@@ -236933,8 +240979,11 @@ static void fts5IndexMergeLevel(
     int i;
 
     /* Remove the redundant segments from the %_data table */
+    assert( pSeg->nEntry==0 );
     for(i=0; iaSeg[i].iSegid);
+      Fts5StructureSegment *pOld = &pLvl->aSeg[i];
+      pSeg->nEntry += (pOld->nEntry - pOld->nEntryTombstone);
+      fts5DataRemoveSegment(p, pOld);
     }
 
     /* Remove the redundant segments from the input level */
@@ -236960,6 +241009,43 @@ static void fts5IndexMergeLevel(
   if( pnRem ) *pnRem -= writer.nLeafWritten;
 }
 
+/*
+** If this is not a contentless_delete=1 table, or if the 'deletemerge'
+** configuration option is set to 0, then this function always returns -1.
+** Otherwise, it searches the structure object passed as the second argument
+** for a level suitable for merging due to having a large number of
+** tombstones in the tombstone hash. If one is found, its index is returned.
+** Otherwise, if there is no suitable level, -1.
+*/
+static int fts5IndexFindDeleteMerge(Fts5Index *p, Fts5Structure *pStruct){
+  Fts5Config *pConfig = p->pConfig;
+  int iRet = -1;
+  if( pConfig->bContentlessDelete && pConfig->nDeleteMerge>0 ){
+    int ii;
+    int nBest = 0;
+
+    for(ii=0; iinLevel; ii++){
+      Fts5StructureLevel *pLvl = &pStruct->aLevel[ii];
+      i64 nEntry = 0;
+      i64 nTomb = 0;
+      int iSeg;
+      for(iSeg=0; iSegnSeg; iSeg++){
+        nEntry += pLvl->aSeg[iSeg].nEntry;
+        nTomb += pLvl->aSeg[iSeg].nEntryTombstone;
+      }
+      assert_nc( nEntry>0 || pLvl->nSeg==0 );
+      if( nEntry>0 ){
+        int nPercent = (nTomb * 100) / nEntry;
+        if( nPercent>=pConfig->nDeleteMerge && nPercent>nBest ){
+          iRet = ii;
+          nBest = nPercent;
+        }
+      }
+    }
+  }
+  return iRet;
+}
+
 /*
 ** Do up to nPg pages of automerge work on the index.
 **
@@ -236979,14 +241065,15 @@ static int fts5IndexMerge(
     int iBestLvl = 0;           /* Level offering the most input segments */
     int nBest = 0;              /* Number of input segments on best level */
 
-    /* Set iBestLvl to the level to read input segments from. */
+    /* Set iBestLvl to the level to read input segments from. Or to -1 if
+    ** there is no level suitable to merge segments from.  */
     assert( pStruct->nLevel>0 );
     for(iLvl=0; iLvlnLevel; iLvl++){
       Fts5StructureLevel *pLvl = &pStruct->aLevel[iLvl];
       if( pLvl->nMerge ){
         if( pLvl->nMerge>nBest ){
           iBestLvl = iLvl;
-          nBest = pLvl->nMerge;
+          nBest = nMin;
         }
         break;
       }
@@ -236995,22 +241082,18 @@ static int fts5IndexMerge(
         iBestLvl = iLvl;
       }
     }
-
-    /* If nBest is still 0, then the index must be empty. */
-#ifdef SQLITE_DEBUG
-    for(iLvl=0; nBest==0 && iLvlnLevel; iLvl++){
-      assert( pStruct->aLevel[iLvl].nSeg==0 );
+    if( nBestaLevel[iBestLvl].nMerge==0 ){
-      break;
-    }
+    if( iBestLvl<0 ) break;
     bRet = 1;
     fts5IndexMergeLevel(p, &pStruct, iBestLvl, &nRem);
     if( p->rc==SQLITE_OK && pStruct->aLevel[iBestLvl].nMerge==0 ){
       fts5StructurePromote(p, iBestLvl+1, pStruct);
     }
+
+    if( nMin==1 ) nMin = 2;
   }
   *ppStruct = pStruct;
   return bRet;
@@ -237176,7 +241259,7 @@ static void fts5SecureDeleteOverflow(
       pLeaf = 0;
     }else if( bDetailNone ){
       break;
-    }else if( iNext>=pLeaf->szLeaf || iNext<4 ){
+    }else if( iNext>=pLeaf->szLeaf || pLeaf->nnszLeaf || iNext<4 ){
       p->rc = FTS5_CORRUPT;
       break;
     }else{
@@ -237195,9 +241278,13 @@ static void fts5SecureDeleteOverflow(
         int i1 = pLeaf->szLeaf;
         int i2 = 0;
 
+        i1 += fts5GetVarint32(&aPg[i1], iFirst);
+        if( iFirstrc = FTS5_CORRUPT;
+          break;
+        }
         aIdx = sqlite3Fts5MallocZero(&p->rc, (pLeaf->nn-pLeaf->szLeaf)+2);
         if( aIdx==0 ) break;
-        i1 += fts5GetVarint32(&aPg[i1], iFirst);
         i2 = sqlite3Fts5PutVarint(aIdx, iFirst-nShift);
         if( i1nn ){
           memcpy(&aIdx[i2], &aPg[i1], pLeaf->nn-i1);
@@ -237242,7 +241329,6 @@ static void fts5DoSecureDelete(
   int iPgIdx = pSeg->pLeaf->szLeaf;
 
   u64 iDelta = 0;
-  u64 iNextDelta = 0;
   int iNextOff = 0;
   int iOff = 0;
   int nIdx = 0;
@@ -237250,8 +241336,6 @@ static void fts5DoSecureDelete(
   int bLastInDoclist = 0;
   int iIdx = 0;
   int iStart = 0;
-  int iKeyOff = 0;
-  int iPrevKeyOff = 0;
   int iDelKeyOff = 0;       /* Offset of deleted key, if any */
 
   nIdx = nPg-iPgIdx;
@@ -237276,10 +241360,21 @@ static void fts5DoSecureDelete(
   ** This block sets the following variables:
   **
   **   iStart:
+  **     The offset of the first byte of the rowid or delta-rowid
+  **     value for the doclist entry being removed.
+  **
   **   iDelta:
+  **     The value of the rowid or delta-rowid value for the doclist
+  **     entry being removed.
+  **
+  **   iNextOff:
+  **     The offset of the next entry following the position list
+  **     for the one being removed. If the position list for this
+  **     entry overflows onto the next leaf page, this value will be
+  **     greater than pLeaf->szLeaf.
   */
   {
-    int iSOP;
+    int iSOP;                     /* Start-Of-Position-list */
     if( pSeg->iLeafPgno==pSeg->iTermLeafPgno ){
       iStart = pSeg->iTermLeafOffset;
     }else{
@@ -237315,47 +241410,75 @@ static void fts5DoSecureDelete(
   }
 
   iOff = iStart;
-  if( iNextOff>=iPgIdx ){
-    int pgno = pSeg->iLeafPgno+1;
-    fts5SecureDeleteOverflow(p, pSeg->pSeg, pgno, &bLastInDoclist);
-    iNextOff = iPgIdx;
-  }else{
-    /* Set bLastInDoclist to true if the entry being removed is the last
-    ** in its doclist.  */
-    for(iIdx=0, iKeyOff=0; iIdxbDel==0 ){
+    if( iNextOff>=iPgIdx ){
+      int pgno = pSeg->iLeafPgno+1;
+      fts5SecureDeleteOverflow(p, pSeg->pSeg, pgno, &bLastInDoclist);
+      iNextOff = iPgIdx;
+    }else{
+      /* Loop through the page-footer. If iNextOff (offset of the
+      ** entry following the one we are removing) is equal to the
+      ** offset of a key on this page, then the entry is the last
+      ** in its doclist.  */
+      int iKeyOff = 0;
+      for(iIdx=0; iIdxbDel ){
+    iOff += sqlite3Fts5PutVarint(&aPg[iOff], iDelta);
+    aPg[iOff++] = 0x01;
+  }else if( bLastInDoclist==0 ){
     if( iNextOff!=iPgIdx ){
+      u64 iNextDelta = 0;
       iNextOff += fts5GetVarint(&aPg[iNextOff], &iNextDelta);
       iOff += sqlite3Fts5PutVarint(&aPg[iOff], iDelta + iNextDelta);
     }
   }else if(
-      iStart==pSeg->iTermLeafOffset && pSeg->iLeafPgno==pSeg->iTermLeafPgno
+      pSeg->iLeafPgno==pSeg->iTermLeafPgno
+   && iStart==pSeg->iTermLeafOffset
   ){
     /* The entry being removed was the only position list in its
     ** doclist. Therefore the term needs to be removed as well. */
     int iKey = 0;
-    for(iIdx=0, iKeyOff=0; iIdx(u32)iStart ) break;
       iKeyOff += iVal;
     }
+    assert_nc( iKey>=1 );
 
+    /* Set iDelKeyOff to the value of the footer entry to remove from
+    ** the page. */
     iDelKeyOff = iOff = iKeyOff;
+
     if( iNextOff!=iPgIdx ){
+      /* This is the only position-list associated with the term, and there
+      ** is another term following it on this page. So the subsequent term
+      ** needs to be moved to replace the term associated with the entry
+      ** being removed. */
       int nPrefix = 0;
       int nSuffix = 0;
       int nPrefix2 = 0;
@@ -237380,7 +241503,9 @@ static void fts5DoSecureDelete(
           iOff += sqlite3Fts5PutVarint(&aPg[iOff], nPrefix);
         }
         iOff += sqlite3Fts5PutVarint(&aPg[iOff], nSuffix);
-        if( nPrefix2>nPrefix ){
+        if( nPrefix2>pSeg->term.n ){
+          p->rc = FTS5_CORRUPT;
+        }else if( nPrefix2>nPrefix ){
           memcpy(&aPg[iOff], &pSeg->term.p[nPrefix], nPrefix2-nPrefix);
           iOff += (nPrefix2-nPrefix);
         }
@@ -237390,80 +241515,88 @@ static void fts5DoSecureDelete(
       }
     }
   }else if( iStart==4 ){
-      int iPgno;
-
-      assert_nc( pSeg->iLeafPgno>pSeg->iTermLeafPgno );
-      /* The entry being removed may be the only position list in
-      ** its doclist. */
-      for(iPgno=pSeg->iLeafPgno-1; iPgno>pSeg->iTermLeafPgno; iPgno-- ){
-        Fts5Data *pPg = fts5DataRead(p, FTS5_SEGMENT_ROWID(iSegid, iPgno));
-        int bEmpty = (pPg && pPg->nn==4);
-        fts5DataRelease(pPg);
-        if( bEmpty==0 ) break;
-      }
-
-      if( iPgno==pSeg->iTermLeafPgno ){
-        i64 iId = FTS5_SEGMENT_ROWID(iSegid, pSeg->iTermLeafPgno);
-        Fts5Data *pTerm = fts5DataRead(p, iId);
-        if( pTerm && pTerm->szLeaf==pSeg->iTermLeafOffset ){
-          u8 *aTermIdx = &pTerm->p[pTerm->szLeaf];
-          int nTermIdx = pTerm->nn - pTerm->szLeaf;
-          int iTermIdx = 0;
-          int iTermOff = 0;
-
-          while( 1 ){
-            u32 iVal = 0;
-            int nByte = fts5GetVarint32(&aTermIdx[iTermIdx], iVal);
-            iTermOff += iVal;
-            if( (iTermIdx+nByte)>=nTermIdx ) break;
-            iTermIdx += nByte;
-          }
-          nTermIdx = iTermIdx;
+    int iPgno;
+
+    assert_nc( pSeg->iLeafPgno>pSeg->iTermLeafPgno );
+    /* The entry being removed may be the only position list in
+    ** its doclist. */
+    for(iPgno=pSeg->iLeafPgno-1; iPgno>pSeg->iTermLeafPgno; iPgno-- ){
+      Fts5Data *pPg = fts5DataRead(p, FTS5_SEGMENT_ROWID(iSegid, iPgno));
+      int bEmpty = (pPg && pPg->nn==4);
+      fts5DataRelease(pPg);
+      if( bEmpty==0 ) break;
+    }
+
+    if( iPgno==pSeg->iTermLeafPgno ){
+      i64 iId = FTS5_SEGMENT_ROWID(iSegid, pSeg->iTermLeafPgno);
+      Fts5Data *pTerm = fts5DataRead(p, iId);
+      if( pTerm && pTerm->szLeaf==pSeg->iTermLeafOffset ){
+        u8 *aTermIdx = &pTerm->p[pTerm->szLeaf];
+        int nTermIdx = pTerm->nn - pTerm->szLeaf;
+        int iTermIdx = 0;
+        int iTermOff = 0;
 
-          memmove(&pTerm->p[iTermOff], &pTerm->p[pTerm->szLeaf], nTermIdx);
-          fts5PutU16(&pTerm->p[2], iTermOff);
+        while( 1 ){
+          u32 iVal = 0;
+          int nByte = fts5GetVarint32(&aTermIdx[iTermIdx], iVal);
+          iTermOff += iVal;
+          if( (iTermIdx+nByte)>=nTermIdx ) break;
+          iTermIdx += nByte;
+        }
+        nTermIdx = iTermIdx;
 
-          fts5DataWrite(p, iId, pTerm->p, iTermOff+nTermIdx);
-          if( nTermIdx==0 ){
-            fts5SecureDeleteIdxEntry(p, iSegid, pSeg->iTermLeafPgno);
-          }
+        memmove(&pTerm->p[iTermOff], &pTerm->p[pTerm->szLeaf], nTermIdx);
+        fts5PutU16(&pTerm->p[2], iTermOff);
+
+        fts5DataWrite(p, iId, pTerm->p, iTermOff+nTermIdx);
+        if( nTermIdx==0 ){
+          fts5SecureDeleteIdxEntry(p, iSegid, pSeg->iTermLeafPgno);
         }
-        fts5DataRelease(pTerm);
       }
+      fts5DataRelease(pTerm);
     }
+  }
 
-    if( p->rc==SQLITE_OK ){
-      const int nMove = nPg - iNextOff;
-      int nShift = 0;
+  /* Assuming no error has occurred, this block does final edits to the
+  ** leaf page before writing it back to disk. Input variables are:
+  **
+  **   nPg: Total initial size of leaf page.
+  **   iPgIdx: Initial offset of page footer.
+  **
+  **   iOff: Offset to move data to
+  **   iNextOff: Offset to move data from
+  */
+  if( p->rc==SQLITE_OK ){
+    const int nMove = nPg - iNextOff;     /* Number of bytes to move */
+    int nShift = iNextOff - iOff;         /* Distance to move them */
 
-      memmove(&aPg[iOff], &aPg[iNextOff], nMove);
-      iPgIdx -= (iNextOff - iOff);
-      nPg = iPgIdx;
-      fts5PutU16(&aPg[2], iPgIdx);
+    int iPrevKeyOut = 0;
+    int iKeyIn = 0;
 
-      nShift = iNextOff - iOff;
-      for(iIdx=0, iKeyOff=0, iPrevKeyOff=0; iIdxiOff ){
-            iKeyOff -= nShift;
-            nShift = 0;
-          }
-          nPg += sqlite3Fts5PutVarint(&aPg[nPg], iKeyOff - iPrevKeyOff);
-          iPrevKeyOff = iKeyOff;
-        }
-      }
+    memmove(&aPg[iOff], &aPg[iNextOff], nMove);
+    iPgIdx -= nShift;
+    nPg = iPgIdx;
+    fts5PutU16(&aPg[2], iPgIdx);
 
-      if( iPgIdx==nPg && nIdx>0 && pSeg->iLeafPgno!=1 ){
-        fts5SecureDeleteIdxEntry(p, iSegid, pSeg->iLeafPgno);
+    for(iIdx=0; iIdxiOff ? nShift : 0));
+        nPg += sqlite3Fts5PutVarint(&aPg[nPg], iKeyOut - iPrevKeyOut);
+        iPrevKeyOut = iKeyOut;
       }
+    }
 
-      assert_nc( nPg>4 || fts5GetU16(aPg)==0 );
-      fts5DataWrite(p, FTS5_SEGMENT_ROWID(iSegid,pSeg->iLeafPgno), aPg,nPg);
+    if( iPgIdx==nPg && nIdx>0 && pSeg->iLeafPgno!=1 ){
+      fts5SecureDeleteIdxEntry(p, iSegid, pSeg->iLeafPgno);
     }
-    sqlite3_free(aIdx);
+
+    assert_nc( nPg>4 || fts5GetU16(aPg)==0 );
+    fts5DataWrite(p, FTS5_SEGMENT_ROWID(iSegid,pSeg->iLeafPgno), aPg, nPg);
+  }
+  sqlite3_free(aIdx);
 }
 
 /*
@@ -237517,184 +241650,198 @@ static void fts5FlushOneHash(Fts5Index *p){
   /* Obtain a reference to the index structure and allocate a new segment-id
   ** for the new level-0 segment.  */
   pStruct = fts5StructureRead(p);
-  iSegid = fts5AllocateSegid(p, pStruct);
   fts5StructureInvalidate(p);
 
-  if( iSegid ){
-    const int pgsz = p->pConfig->pgsz;
-    int eDetail = p->pConfig->eDetail;
-    int bSecureDelete = p->pConfig->bSecureDelete;
-    Fts5StructureSegment *pSeg;   /* New segment within pStruct */
-    Fts5Buffer *pBuf;             /* Buffer in which to assemble leaf page */
-    Fts5Buffer *pPgidx;           /* Buffer in which to assemble pgidx */
-
-    Fts5SegWriter writer;
-    fts5WriteInit(p, &writer, iSegid);
-
-    pBuf = &writer.writer.buf;
-    pPgidx = &writer.writer.pgidx;
-
-    /* fts5WriteInit() should have initialized the buffers to (most likely)
-    ** the maximum space required. */
-    assert( p->rc || pBuf->nSpace>=(pgsz + FTS5_DATA_PADDING) );
-    assert( p->rc || pPgidx->nSpace>=(pgsz + FTS5_DATA_PADDING) );
+  if( sqlite3Fts5HashIsEmpty(pHash)==0 ){
+    iSegid = fts5AllocateSegid(p, pStruct);
+    if( iSegid ){
+      const int pgsz = p->pConfig->pgsz;
+      int eDetail = p->pConfig->eDetail;
+      int bSecureDelete = p->pConfig->bSecureDelete;
+      Fts5StructureSegment *pSeg; /* New segment within pStruct */
+      Fts5Buffer *pBuf;           /* Buffer in which to assemble leaf page */
+      Fts5Buffer *pPgidx;         /* Buffer in which to assemble pgidx */
+
+      Fts5SegWriter writer;
+      fts5WriteInit(p, &writer, iSegid);
+
+      pBuf = &writer.writer.buf;
+      pPgidx = &writer.writer.pgidx;
+
+      /* fts5WriteInit() should have initialized the buffers to (most likely)
+      ** the maximum space required. */
+      assert( p->rc || pBuf->nSpace>=(pgsz + FTS5_DATA_PADDING) );
+      assert( p->rc || pPgidx->nSpace>=(pgsz + FTS5_DATA_PADDING) );
+
+      /* Begin scanning through hash table entries. This loop runs once for each
+      ** term/doclist currently stored within the hash table. */
+      if( p->rc==SQLITE_OK ){
+        p->rc = sqlite3Fts5HashScanInit(pHash, 0, 0);
+      }
+      while( p->rc==SQLITE_OK && 0==sqlite3Fts5HashScanEof(pHash) ){
+        const char *zTerm;        /* Buffer containing term */
+        int nTerm;                /* Size of zTerm in bytes */
+        const u8 *pDoclist;       /* Pointer to doclist for this term */
+        int nDoclist;             /* Size of doclist in bytes */
+
+        /* Get the term and doclist for this entry. */
+        sqlite3Fts5HashScanEntry(pHash, &zTerm, &pDoclist, &nDoclist);
+        nTerm = (int)strlen(zTerm);
+        if( bSecureDelete==0 ){
+          fts5WriteAppendTerm(p, &writer, nTerm, (const u8*)zTerm);
+          if( p->rc!=SQLITE_OK ) break;
+          assert( writer.bFirstRowidInPage==0 );
+        }
 
-    /* Begin scanning through hash table entries. This loop runs once for each
-    ** term/doclist currently stored within the hash table. */
-    if( p->rc==SQLITE_OK ){
-      p->rc = sqlite3Fts5HashScanInit(pHash, 0, 0);
-    }
-    while( p->rc==SQLITE_OK && 0==sqlite3Fts5HashScanEof(pHash) ){
-      const char *zTerm;          /* Buffer containing term */
-      int nTerm;                  /* Size of zTerm in bytes */
-      const u8 *pDoclist;         /* Pointer to doclist for this term */
-      int nDoclist;               /* Size of doclist in bytes */
-
-      /* Get the term and doclist for this entry. */
-      sqlite3Fts5HashScanEntry(pHash, &zTerm, &pDoclist, &nDoclist);
-      nTerm = (int)strlen(zTerm);
-      if( bSecureDelete==0 ){
-        fts5WriteAppendTerm(p, &writer, nTerm, (const u8*)zTerm);
-        if( p->rc!=SQLITE_OK ) break;
-        assert( writer.bFirstRowidInPage==0 );
-      }
-
-      if( !bSecureDelete && pgsz>=(pBuf->n + pPgidx->n + nDoclist + 1) ){
-        /* The entire doclist will fit on the current leaf. */
-        fts5BufferSafeAppendBlob(pBuf, pDoclist, nDoclist);
-      }else{
-        int bTermWritten = !bSecureDelete;
-        i64 iRowid = 0;
-        i64 iPrev = 0;
-        int iOff = 0;
-
-        /* The entire doclist will not fit on this leaf. The following
-        ** loop iterates through the poslists that make up the current
-        ** doclist.  */
-        while( p->rc==SQLITE_OK && iOff=(pBuf->n + pPgidx->n + nDoclist + 1) ){
+          /* The entire doclist will fit on the current leaf. */
+          fts5BufferSafeAppendBlob(pBuf, pDoclist, nDoclist);
+        }else{
+          int bTermWritten = !bSecureDelete;
+          i64 iRowid = 0;
+          i64 iPrev = 0;
+          int iOff = 0;
+
+          /* The entire doclist will not fit on this leaf. The following
+          ** loop iterates through the poslists that make up the current
+          ** doclist.  */
+          while( p->rc==SQLITE_OK && iOffrc!=SQLITE_OK || pDoclist[iOff]==0x01 ){
                   iOff++;
-                  nDoclist = 0;
-                }else{
                   continue;
                 }
               }
-            }else if( (pDoclist[iOff] & 0x01) ){
-              fts5FlushSecureDelete(p, pStruct, zTerm, iRowid);
-              if( p->rc!=SQLITE_OK || pDoclist[iOff]==0x01 ){
-                iOff++;
-                continue;
-              }
             }
-          }
 
-          if( p->rc==SQLITE_OK && bTermWritten==0 ){
-            fts5WriteAppendTerm(p, &writer, nTerm, (const u8*)zTerm);
-            bTermWritten = 1;
-            assert( p->rc!=SQLITE_OK || writer.bFirstRowidInPage==0 );
-          }
+            if( p->rc==SQLITE_OK && bTermWritten==0 ){
+              fts5WriteAppendTerm(p, &writer, nTerm, (const u8*)zTerm);
+              bTermWritten = 1;
+              assert( p->rc!=SQLITE_OK || writer.bFirstRowidInPage==0 );
+            }
 
-          if( writer.bFirstRowidInPage ){
-            fts5PutU16(&pBuf->p[0], (u16)pBuf->n);   /* first rowid on page */
-            pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iRowid);
-            writer.bFirstRowidInPage = 0;
-            fts5WriteDlidxAppend(p, &writer, iRowid);
-          }else{
-            pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iRowid-iPrev);
-          }
-          if( p->rc!=SQLITE_OK ) break;
-          assert( pBuf->n<=pBuf->nSpace );
-          iPrev = iRowid;
+            if( writer.bFirstRowidInPage ){
+              fts5PutU16(&pBuf->p[0], (u16)pBuf->n);   /* first rowid on page */
+              pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iRowid);
+              writer.bFirstRowidInPage = 0;
+              fts5WriteDlidxAppend(p, &writer, iRowid);
+            }else{
+              u64 iRowidDelta = (u64)iRowid - (u64)iPrev;
+              pBuf->n += sqlite3Fts5PutVarint(&pBuf->p[pBuf->n], iRowidDelta);
+            }
+            if( p->rc!=SQLITE_OK ) break;
+            assert( pBuf->n<=pBuf->nSpace );
+            iPrev = iRowid;
 
-          if( eDetail==FTS5_DETAIL_NONE ){
-            if( iOffp[pBuf->n++] = 0;
-              iOff++;
+            if( eDetail==FTS5_DETAIL_NONE ){
               if( iOffp[pBuf->n++] = 0;
                 iOff++;
+                if( iOffp[pBuf->n++] = 0;
+                  iOff++;
+                }
+              }
+              if( (pBuf->n + pPgidx->n)>=pgsz ){
+                fts5WriteFlushLeaf(p, &writer);
               }
-            }
-            if( (pBuf->n + pPgidx->n)>=pgsz ){
-              fts5WriteFlushLeaf(p, &writer);
-            }
-          }else{
-            int bDummy;
-            int nPos;
-            int nCopy = fts5GetPoslistSize(&pDoclist[iOff], &nPos, &bDummy);
-            nCopy += nPos;
-            if( (pBuf->n + pPgidx->n + nCopy) <= pgsz ){
-              /* The entire poslist will fit on the current leaf. So copy
-              ** it in one go. */
-              fts5BufferSafeAppendBlob(pBuf, &pDoclist[iOff], nCopy);
             }else{
-              /* The entire poslist will not fit on this leaf. So it needs
-              ** to be broken into sections. The only qualification being
-              ** that each varint must be stored contiguously.  */
-              const u8 *pPoslist = &pDoclist[iOff];
-              int iPos = 0;
-              while( p->rc==SQLITE_OK ){
-                int nSpace = pgsz - pBuf->n - pPgidx->n;
-                int n = 0;
-                if( (nCopy - iPos)<=nSpace ){
-                  n = nCopy - iPos;
-                }else{
-                  n = fts5PoslistPrefix(&pPoslist[iPos], nSpace);
-                }
-                assert( n>0 );
-                fts5BufferSafeAppendBlob(pBuf, &pPoslist[iPos], n);
-                iPos += n;
-                if( (pBuf->n + pPgidx->n)>=pgsz ){
-                  fts5WriteFlushLeaf(p, &writer);
+              int bDel = 0;
+              int nPos = 0;
+              int nCopy = fts5GetPoslistSize(&pDoclist[iOff], &nPos, &bDel);
+              if( bDel && bSecureDelete ){
+                fts5BufferAppendVarint(&p->rc, pBuf, nPos*2);
+                iOff += nCopy;
+                nCopy = nPos;
+              }else{
+                nCopy += nPos;
+              }
+              if( (pBuf->n + pPgidx->n + nCopy) <= pgsz ){
+                /* The entire poslist will fit on the current leaf. So copy
+                ** it in one go. */
+                fts5BufferSafeAppendBlob(pBuf, &pDoclist[iOff], nCopy);
+              }else{
+                /* The entire poslist will not fit on this leaf. So it needs
+                ** to be broken into sections. The only qualification being
+                ** that each varint must be stored contiguously.  */
+                const u8 *pPoslist = &pDoclist[iOff];
+                int iPos = 0;
+                while( p->rc==SQLITE_OK ){
+                  int nSpace = pgsz - pBuf->n - pPgidx->n;
+                  int n = 0;
+                  if( (nCopy - iPos)<=nSpace ){
+                    n = nCopy - iPos;
+                  }else{
+                    n = fts5PoslistPrefix(&pPoslist[iPos], nSpace);
+                  }
+                  assert( n>0 );
+                  fts5BufferSafeAppendBlob(pBuf, &pPoslist[iPos], n);
+                  iPos += n;
+                  if( (pBuf->n + pPgidx->n)>=pgsz ){
+                    fts5WriteFlushLeaf(p, &writer);
+                  }
+                  if( iPos>=nCopy ) break;
                 }
-                if( iPos>=nCopy ) break;
               }
+              iOff += nCopy;
             }
-            iOff += nCopy;
           }
         }
-      }
 
-      /* TODO2: Doclist terminator written here. */
-      /* pBuf->p[pBuf->n++] = '\0'; */
-      assert( pBuf->n<=pBuf->nSpace );
-      if( p->rc==SQLITE_OK ) sqlite3Fts5HashScanNext(pHash);
-    }
-    sqlite3Fts5HashClear(pHash);
-    fts5WriteFinish(p, &writer, &pgnoLast);
-
-    assert( p->rc!=SQLITE_OK || bSecureDelete || pgnoLast>0 );
-    if( pgnoLast>0 ){
-      /* Update the Fts5Structure. It is written back to the database by the
-      ** fts5StructureRelease() call below.  */
-      if( pStruct->nLevel==0 ){
-        fts5StructureAddLevel(&p->rc, &pStruct);
+        /* TODO2: Doclist terminator written here. */
+        /* pBuf->p[pBuf->n++] = '\0'; */
+        assert( pBuf->n<=pBuf->nSpace );
+        if( p->rc==SQLITE_OK ) sqlite3Fts5HashScanNext(pHash);
       }
-      fts5StructureExtendLevel(&p->rc, pStruct, 0, 1, 0);
-      if( p->rc==SQLITE_OK ){
-        pSeg = &pStruct->aLevel[0].aSeg[ pStruct->aLevel[0].nSeg++ ];
-        pSeg->iSegid = iSegid;
-        pSeg->pgnoFirst = 1;
-        pSeg->pgnoLast = pgnoLast;
-        pStruct->nSegment++;
+      fts5WriteFinish(p, &writer, &pgnoLast);
+
+      assert( p->rc!=SQLITE_OK || bSecureDelete || pgnoLast>0 );
+      if( pgnoLast>0 ){
+        /* Update the Fts5Structure. It is written back to the database by the
+        ** fts5StructureRelease() call below.  */
+        if( pStruct->nLevel==0 ){
+          fts5StructureAddLevel(&p->rc, &pStruct);
+        }
+        fts5StructureExtendLevel(&p->rc, pStruct, 0, 1, 0);
+        if( p->rc==SQLITE_OK ){
+          pSeg = &pStruct->aLevel[0].aSeg[ pStruct->aLevel[0].nSeg++ ];
+          pSeg->iSegid = iSegid;
+          pSeg->pgnoFirst = 1;
+          pSeg->pgnoLast = pgnoLast;
+          if( pStruct->nOriginCntr>0 ){
+            pSeg->iOrigin1 = pStruct->nOriginCntr;
+            pSeg->iOrigin2 = pStruct->nOriginCntr;
+            pSeg->nEntry = p->nPendingRow;
+            pStruct->nOriginCntr++;
+          }
+          pStruct->nSegment++;
+        }
+        fts5StructurePromote(p, 0, pStruct);
       }
-      fts5StructurePromote(p, 0, pStruct);
     }
   }
 
-  fts5IndexAutomerge(p, &pStruct, pgnoLast);
+  fts5IndexAutomerge(p, &pStruct, pgnoLast + p->nContentlessDelete);
   fts5IndexCrisismerge(p, &pStruct);
   fts5StructureWrite(p, pStruct);
   fts5StructureRelease(pStruct);
@@ -237705,10 +241852,15 @@ static void fts5FlushOneHash(Fts5Index *p){
 */
 static void fts5IndexFlush(Fts5Index *p){
   /* Unless it is empty, flush the hash table to disk */
-  if( p->nPendingData ){
+  if( p->nPendingData || p->nContentlessDelete ){
     assert( p->pHash );
-    p->nPendingData = 0;
     fts5FlushOneHash(p);
+    if( p->rc==SQLITE_OK ){
+      sqlite3Fts5HashClear(p->pHash);
+      p->nPendingData = 0;
+      p->nPendingRow = 0;
+      p->nContentlessDelete = 0;
+    }
   }
 }
 
@@ -237724,17 +241876,22 @@ static Fts5Structure *fts5IndexOptimizeStruct(
   /* Figure out if this structure requires optimization. A structure does
   ** not require optimization if either:
   **
-  **  + it consists of fewer than two segments, or
-  **  + all segments are on the same level, or
-  **  + all segments except one are currently inputs to a merge operation.
+  **  1. it consists of fewer than two segments, or
+  **  2. all segments are on the same level, or
+  **  3. all segments except one are currently inputs to a merge operation.
   **
-  ** In the first case, return NULL. In the second, increment the ref-count
-  ** on *pStruct and return a copy of the pointer to it.
+  ** In the first case, if there are no tombstone hash pages, return NULL. In
+  ** the second, increment the ref-count on *pStruct and return a copy of the
+  ** pointer to it.
   */
-  if( nSeg<2 ) return 0;
+  if( nSeg==0 ) return 0;
   for(i=0; inLevel; i++){
     int nThis = pStruct->aLevel[i].nSeg;
-    if( nThis==nSeg || (nThis==nSeg-1 && pStruct->aLevel[i].nMerge==nThis) ){
+    int nMerge = pStruct->aLevel[i].nMerge;
+    if( nThis>0 && (nThis==nSeg || (nThis==nSeg-1 && nMerge==nThis)) ){
+      if( nSeg==1 && nThis==1 && pStruct->aLevel[i].aSeg[0].nPgTombstone==0 ){
+        return 0;
+      }
       fts5StructureRef(pStruct);
       return pStruct;
     }
@@ -237750,6 +241907,7 @@ static Fts5Structure *fts5IndexOptimizeStruct(
     pNew->nLevel = MIN(pStruct->nLevel+1, FTS5_MAX_LEVEL);
     pNew->nRef = 1;
     pNew->nWriteCounter = pStruct->nWriteCounter;
+    pNew->nOriginCntr = pStruct->nOriginCntr;
     pLvl = &pNew->aLevel[pNew->nLevel-1];
     pLvl->aSeg = (Fts5StructureSegment*)sqlite3Fts5MallocZero(&p->rc, nByte);
     if( pLvl->aSeg ){
@@ -237780,6 +241938,7 @@ static int sqlite3Fts5IndexOptimize(Fts5Index *p){
 
   assert( p->rc==SQLITE_OK );
   fts5IndexFlush(p);
+  assert( p->nContentlessDelete==0 );
   pStruct = fts5StructureRead(p);
   fts5StructureInvalidate(p);
 
@@ -237809,7 +241968,10 @@ static int sqlite3Fts5IndexOptimize(Fts5Index *p){
 ** INSERT command.
 */
 static int sqlite3Fts5IndexMerge(Fts5Index *p, int nMerge){
-  Fts5Structure *pStruct = fts5StructureRead(p);
+  Fts5Structure *pStruct = 0;
+
+  fts5IndexFlush(p);
+  pStruct = fts5StructureRead(p);
   if( pStruct ){
     int nMin = p->pConfig->nUsermerge;
     fts5StructureInvalidate(p);
@@ -237817,7 +241979,7 @@ static int sqlite3Fts5IndexMerge(Fts5Index *p, int nMerge){
       Fts5Structure *pNew = fts5IndexOptimizeStruct(p, pStruct);
       fts5StructureRelease(pStruct);
       pStruct = pNew;
-      nMin = 2;
+      nMin = 1;
       nMerge = nMerge*-1;
     }
     if( pStruct && pStruct->nLevel ){
@@ -238331,6 +242493,9 @@ static int sqlite3Fts5IndexBeginWrite(Fts5Index *p, int bDelete, i64 iRowid){
 
   p->iWriteRowid = iRowid;
   p->bDelete = bDelete;
+  if( bDelete==0 ){
+    p->nPendingRow++;
+  }
   return fts5IndexReturn(p);
 }
 
@@ -238368,6 +242533,9 @@ static int sqlite3Fts5IndexReinit(Fts5Index *p){
   fts5StructureInvalidate(p);
   fts5IndexDiscardData(p);
   memset(&s, 0, sizeof(Fts5Structure));
+  if( p->pConfig->bContentlessDelete ){
+    s.nOriginCntr = 1;
+  }
   fts5DataWrite(p, FTS5_AVERAGES_ROWID, (const u8*)"", 0);
   fts5StructureWrite(p, &s);
   return fts5IndexReturn(p);
@@ -238759,6 +242927,347 @@ static int sqlite3Fts5IndexLoadConfig(Fts5Index *p){
   return fts5IndexReturn(p);
 }
 
+/*
+** Retrieve the origin value that will be used for the segment currently
+** being accumulated in the in-memory hash table when it is flushed to
+** disk. If successful, SQLITE_OK is returned and (*piOrigin) set to
+** the queried value. Or, if an error occurs, an error code is returned
+** and the final value of (*piOrigin) is undefined.
+*/
+static int sqlite3Fts5IndexGetOrigin(Fts5Index *p, i64 *piOrigin){
+  Fts5Structure *pStruct;
+  pStruct = fts5StructureRead(p);
+  if( pStruct ){
+    *piOrigin = pStruct->nOriginCntr;
+    fts5StructureRelease(pStruct);
+  }
+  return fts5IndexReturn(p);
+}
+
+/*
+** Buffer pPg contains a page of a tombstone hash table - one of nPg pages
+** associated with the same segment. This function adds rowid iRowid to
+** the hash table. The caller is required to guarantee that there is at
+** least one free slot on the page.
+**
+** If parameter bForce is false and the hash table is deemed to be full
+** (more than half of the slots are occupied), then non-zero is returned
+** and iRowid not inserted. Or, if bForce is true or if the hash table page
+** is not full, iRowid is inserted and zero returned.
+*/
+static int fts5IndexTombstoneAddToPage(
+  Fts5Data *pPg,
+  int bForce,
+  int nPg,
+  u64 iRowid
+){
+  const int szKey = TOMBSTONE_KEYSIZE(pPg);
+  const int nSlot = TOMBSTONE_NSLOT(pPg);
+  const int nElem = fts5GetU32(&pPg->p[4]);
+  int iSlot = (iRowid / nPg) % nSlot;
+  int nCollide = nSlot;
+
+  if( szKey==4 && iRowid>0xFFFFFFFF ) return 2;
+  if( iRowid==0 ){
+    pPg->p[1] = 0x01;
+    return 0;
+  }
+
+  if( bForce==0 && nElem>=(nSlot/2) ){
+    return 1;
+  }
+
+  fts5PutU32(&pPg->p[4], nElem+1);
+  if( szKey==4 ){
+    u32 *aSlot = (u32*)&pPg->p[8];
+    while( aSlot[iSlot] ){
+      iSlot = (iSlot + 1) % nSlot;
+      if( nCollide--==0 ) return 0;
+    }
+    fts5PutU32((u8*)&aSlot[iSlot], (u32)iRowid);
+  }else{
+    u64 *aSlot = (u64*)&pPg->p[8];
+    while( aSlot[iSlot] ){
+      iSlot = (iSlot + 1) % nSlot;
+      if( nCollide--==0 ) return 0;
+    }
+    fts5PutU64((u8*)&aSlot[iSlot], iRowid);
+  }
+
+  return 0;
+}
+
+/*
+** This function attempts to build a new hash containing all the keys
+** currently in the tombstone hash table for segment pSeg. The new
+** hash will be stored in the nOut buffers passed in array apOut[].
+** All pages of the new hash use key-size szKey (4 or 8).
+**
+** Return 0 if the hash is successfully rebuilt into the nOut pages.
+** Or non-zero if it is not (because one page became overfull). In this
+** case the caller should retry with a larger nOut parameter.
+**
+** Parameter pData1 is page iPg1 of the hash table being rebuilt.
+*/
+static int fts5IndexTombstoneRehash(
+  Fts5Index *p,
+  Fts5StructureSegment *pSeg,     /* Segment to rebuild hash of */
+  Fts5Data *pData1,               /* One page of current hash - or NULL */
+  int iPg1,                       /* Which page of the current hash is pData1 */
+  int szKey,                      /* 4 or 8, the keysize */
+  int nOut,                       /* Number of output pages */
+  Fts5Data **apOut                /* Array of output hash pages */
+){
+  int ii;
+  int res = 0;
+
+  /* Initialize the headers of all the output pages */
+  for(ii=0; iip[0] = szKey;
+    fts5PutU32(&apOut[ii]->p[4], 0);
+  }
+
+  /* Loop through the current pages of the hash table. */
+  for(ii=0; res==0 && iinPgTombstone; ii++){
+    Fts5Data *pData = 0;          /* Page ii of the current hash table */
+    Fts5Data *pFree = 0;          /* Free this at the end of the loop */
+
+    if( iPg1==ii ){
+      pData = pData1;
+    }else{
+      pFree = pData = fts5DataRead(p, FTS5_TOMBSTONE_ROWID(pSeg->iSegid, ii));
+    }
+
+    if( pData ){
+      int szKeyIn = TOMBSTONE_KEYSIZE(pData);
+      int nSlotIn = (pData->nn - 8) / szKeyIn;
+      int iIn;
+      for(iIn=0; iInp[8];
+          if( aSlot[iIn] ) iVal = fts5GetU32((u8*)&aSlot[iIn]);
+        }else{
+          u64 *aSlot = (u64*)&pData->p[8];
+          if( aSlot[iIn] ) iVal = fts5GetU64((u8*)&aSlot[iIn]);
+        }
+
+        /* If iVal is not 0 at this point, insert it into the new hash table */
+        if( iVal ){
+          Fts5Data *pPg = apOut[(iVal % nOut)];
+          res = fts5IndexTombstoneAddToPage(pPg, 0, nOut, iVal);
+          if( res ) break;
+        }
+      }
+
+      /* If this is page 0 of the old hash, copy the rowid-0-flag from the
+      ** old hash to the new.  */
+      if( ii==0 ){
+        apOut[0]->p[1] = pData->p[1];
+      }
+    }
+    fts5DataRelease(pFree);
+  }
+
+  return res;
+}
+
+/*
+** This is called to rebuild the hash table belonging to segment pSeg.
+** If parameter pData1 is not NULL, then one page of the existing hash table
+** has already been loaded - pData1, which is page iPg1. The key-size for
+** the new hash table is szKey (4 or 8).
+**
+** If successful, the new hash table is not written to disk. Instead,
+** output parameter (*pnOut) is set to the number of pages in the new
+** hash table, and (*papOut) to point to an array of buffers containing
+** the new page data.
+**
+** If an error occurs, an error code is left in the Fts5Index object and
+** both output parameters set to 0 before returning.
+*/
+static void fts5IndexTombstoneRebuild(
+  Fts5Index *p,
+  Fts5StructureSegment *pSeg,     /* Segment to rebuild hash of */
+  Fts5Data *pData1,               /* One page of current hash - or NULL */
+  int iPg1,                       /* Which page of the current hash is pData1 */
+  int szKey,                      /* 4 or 8, the keysize */
+  int *pnOut,                     /* OUT: Number of output pages */
+  Fts5Data ***papOut              /* OUT: Output hash pages */
+){
+  const int MINSLOT = 32;
+  int nSlotPerPage = MAX(MINSLOT, (p->pConfig->pgsz - 8) / szKey);
+  int nSlot = 0;                  /* Number of slots in each output page */
+  int nOut = 0;
+
+  /* Figure out how many output pages (nOut) and how many slots per
+  ** page (nSlot).  There are three possibilities:
+  **
+  **   1. The hash table does not yet exist. In this case the new hash
+  **      table will consist of a single page with MINSLOT slots.
+  **
+  **   2. The hash table exists but is currently a single page. In this
+  **      case an attempt is made to grow the page to accommodate the new
+  **      entry. The page is allowed to grow up to nSlotPerPage (see above)
+  **      slots.
+  **
+  **   3. The hash table already consists of more than one page, or of
+  **      a single page already so large that it cannot be grown. In this
+  **      case the new hash consists of (nPg*2+1) pages of nSlotPerPage
+  **      slots each, where nPg is the current number of pages in the
+  **      hash table.
+  */
+  if( pSeg->nPgTombstone==0 ){
+    /* Case 1. */
+    nOut = 1;
+    nSlot = MINSLOT;
+  }else if( pSeg->nPgTombstone==1 ){
+    /* Case 2. */
+    int nElem = (int)fts5GetU32(&pData1->p[4]);
+    assert( pData1 && iPg1==0 );
+    nOut = 1;
+    nSlot = MAX(nElem*4, MINSLOT);
+    if( nSlot>nSlotPerPage ) nOut = 0;
+  }
+  if( nOut==0 ){
+    /* Case 3. */
+    nOut = (pSeg->nPgTombstone * 2 + 1);
+    nSlot = nSlotPerPage;
+  }
+
+  /* Allocate the required array and output pages */
+  while( 1 ){
+    int res = 0;
+    int ii = 0;
+    int szPage = 0;
+    Fts5Data **apOut = 0;
+
+    /* Allocate space for the new hash table */
+    assert( nSlot>=MINSLOT );
+    apOut = (Fts5Data**)sqlite3Fts5MallocZero(&p->rc, sizeof(Fts5Data*) * nOut);
+    szPage = 8 + nSlot*szKey;
+    for(ii=0; iirc,
+          sizeof(Fts5Data)+szPage
+      );
+      if( pNew ){
+        pNew->nn = szPage;
+        pNew->p = (u8*)&pNew[1];
+        apOut[ii] = pNew;
+      }
+    }
+
+    /* Rebuild the hash table. */
+    if( p->rc==SQLITE_OK ){
+      res = fts5IndexTombstoneRehash(p, pSeg, pData1, iPg1, szKey, nOut, apOut);
+    }
+    if( res==0 ){
+      if( p->rc ){
+        fts5IndexFreeArray(apOut, nOut);
+        apOut = 0;
+        nOut = 0;
+      }
+      *pnOut = nOut;
+      *papOut = apOut;
+      break;
+    }
+
+    /* If control flows to here, it was not possible to rebuild the hash
+    ** table. Free all buffers and then try again with more pages. */
+    assert( p->rc==SQLITE_OK );
+    fts5IndexFreeArray(apOut, nOut);
+    nSlot = nSlotPerPage;
+    nOut = nOut*2 + 1;
+  }
+}
+
+
+/*
+** Add a tombstone for rowid iRowid to segment pSeg.
+*/
+static void fts5IndexTombstoneAdd(
+  Fts5Index *p,
+  Fts5StructureSegment *pSeg,
+  u64 iRowid
+){
+  Fts5Data *pPg = 0;
+  int iPg = -1;
+  int szKey = 0;
+  int nHash = 0;
+  Fts5Data **apHash = 0;
+
+  p->nContentlessDelete++;
+
+  if( pSeg->nPgTombstone>0 ){
+    iPg = iRowid % pSeg->nPgTombstone;
+    pPg = fts5DataRead(p, FTS5_TOMBSTONE_ROWID(pSeg->iSegid,iPg));
+    if( pPg==0 ){
+      assert( p->rc!=SQLITE_OK );
+      return;
+    }
+
+    if( 0==fts5IndexTombstoneAddToPage(pPg, 0, pSeg->nPgTombstone, iRowid) ){
+      fts5DataWrite(p, FTS5_TOMBSTONE_ROWID(pSeg->iSegid,iPg), pPg->p, pPg->nn);
+      fts5DataRelease(pPg);
+      return;
+    }
+  }
+
+  /* Have to rebuild the hash table. First figure out the key-size (4 or 8). */
+  szKey = pPg ? TOMBSTONE_KEYSIZE(pPg) : 4;
+  if( iRowid>0xFFFFFFFF ) szKey = 8;
+
+  /* Rebuild the hash table */
+  fts5IndexTombstoneRebuild(p, pSeg, pPg, iPg, szKey, &nHash, &apHash);
+  assert( p->rc==SQLITE_OK || (nHash==0 && apHash==0) );
+
+  /* If all has succeeded, write the new rowid into one of the new hash
+  ** table pages, then write them all out to disk. */
+  if( nHash ){
+    int ii = 0;
+    fts5IndexTombstoneAddToPage(apHash[iRowid % nHash], 1, nHash, iRowid);
+    for(ii=0; iiiSegid, ii);
+      fts5DataWrite(p, iTombstoneRowid, apHash[ii]->p, apHash[ii]->nn);
+    }
+    pSeg->nPgTombstone = nHash;
+    fts5StructureWrite(p, p->pStruct);
+  }
+
+  fts5DataRelease(pPg);
+  fts5IndexFreeArray(apHash, nHash);
+}
+
+/*
+** Add iRowid to the tombstone list of the segment or segments that contain
+** rows from origin iOrigin. Return SQLITE_OK if successful, or an SQLite
+** error code otherwise.
+*/
+static int sqlite3Fts5IndexContentlessDelete(Fts5Index *p, i64 iOrigin, i64 iRowid){
+  Fts5Structure *pStruct;
+  pStruct = fts5StructureRead(p);
+  if( pStruct ){
+    int bFound = 0;               /* True after pSeg->nEntryTombstone incr. */
+    int iLvl;
+    for(iLvl=pStruct->nLevel-1; iLvl>=0; iLvl--){
+      int iSeg;
+      for(iSeg=pStruct->aLevel[iLvl].nSeg-1; iSeg>=0; iSeg--){
+        Fts5StructureSegment *pSeg = &pStruct->aLevel[iLvl].aSeg[iSeg];
+        if( pSeg->iOrigin1<=(u64)iOrigin && pSeg->iOrigin2>=(u64)iOrigin ){
+          if( bFound==0 ){
+            pSeg->nEntryTombstone++;
+            bFound = 1;
+          }
+          fts5IndexTombstoneAdd(p, pSeg, iRowid);
+        }
+      }
+    }
+    fts5StructureRelease(pStruct);
+  }
+  return fts5IndexReturn(p);
+}
 
 /*************************************************************************
 **************************************************************************
@@ -239310,13 +243819,14 @@ static int sqlite3Fts5IndexIntegrityCheck(Fts5Index *p, u64 cksum, int bUseCksum
 ** function only.
 */
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 /*
 ** Decode a segment-data rowid from the %_data table. This function is
 ** the opposite of macro FTS5_SEGMENT_ROWID().
 */
 static void fts5DecodeRowid(
   i64 iRowid,                     /* Rowid from %_data table */
+  int *pbTombstone,               /* OUT: Tombstone hash flag */
   int *piSegid,                   /* OUT: Segment id */
   int *pbDlidx,                   /* OUT: Dlidx flag */
   int *piHeight,                  /* OUT: Height */
@@ -239332,13 +243842,16 @@ static void fts5DecodeRowid(
   iRowid >>= FTS5_DATA_DLI_B;
 
   *piSegid = (int)(iRowid & (((i64)1 << FTS5_DATA_ID_B) - 1));
+  iRowid >>= FTS5_DATA_ID_B;
+
+  *pbTombstone = (int)(iRowid & 0x0001);
 }
-#endif /* SQLITE_TEST */
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 static void fts5DebugRowid(int *pRc, Fts5Buffer *pBuf, i64 iKey){
-  int iSegid, iHeight, iPgno, bDlidx;       /* Rowid compenents */
-  fts5DecodeRowid(iKey, &iSegid, &bDlidx, &iHeight, &iPgno);
+  int iSegid, iHeight, iPgno, bDlidx, bTomb;     /* Rowid compenents */
+  fts5DecodeRowid(iKey, &bTomb, &iSegid, &bDlidx, &iHeight, &iPgno);
 
   if( iSegid==0 ){
     if( iKey==FTS5_AVERAGES_ROWID ){
@@ -239348,14 +243861,16 @@ static void fts5DebugRowid(int *pRc, Fts5Buffer *pBuf, i64 iKey){
     }
   }
   else{
-    sqlite3Fts5BufferAppendPrintf(pRc, pBuf, "{%ssegid=%d h=%d pgno=%d}",
-        bDlidx ? "dlidx " : "", iSegid, iHeight, iPgno
+    sqlite3Fts5BufferAppendPrintf(pRc, pBuf, "{%s%ssegid=%d h=%d pgno=%d}",
+        bDlidx ? "dlidx " : "",
+        bTomb ? "tombstone " : "",
+        iSegid, iHeight, iPgno
     );
   }
 }
-#endif /* SQLITE_TEST */
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 static void fts5DebugStructure(
   int *pRc,                       /* IN/OUT: error code */
   Fts5Buffer *pBuf,
@@ -239370,16 +243885,22 @@ static void fts5DebugStructure(
     );
     for(iSeg=0; iSegnSeg; iSeg++){
       Fts5StructureSegment *pSeg = &pLvl->aSeg[iSeg];
-      sqlite3Fts5BufferAppendPrintf(pRc, pBuf, " {id=%d leaves=%d..%d}",
+      sqlite3Fts5BufferAppendPrintf(pRc, pBuf, " {id=%d leaves=%d..%d",
           pSeg->iSegid, pSeg->pgnoFirst, pSeg->pgnoLast
       );
+      if( pSeg->iOrigin1>0 ){
+        sqlite3Fts5BufferAppendPrintf(pRc, pBuf, " origin=%lld..%lld",
+            pSeg->iOrigin1, pSeg->iOrigin2
+        );
+      }
+      sqlite3Fts5BufferAppendPrintf(pRc, pBuf, "}");
     }
     sqlite3Fts5BufferAppendPrintf(pRc, pBuf, "}");
   }
 }
-#endif /* SQLITE_TEST */
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 /*
 ** This is part of the fts5_decode() debugging aid.
 **
@@ -239404,9 +243925,9 @@ static void fts5DecodeStructure(
   fts5DebugStructure(pRc, pBuf, p);
   fts5StructureRelease(p);
 }
-#endif /* SQLITE_TEST */
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 /*
 ** This is part of the fts5_decode() debugging aid.
 **
@@ -239429,9 +243950,9 @@ static void fts5DecodeAverages(
     zSpace = " ";
   }
 }
-#endif /* SQLITE_TEST */
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 /*
 ** Buffer (a/n) is assumed to contain a list of serialized varints. Read
 ** each varint and append its string representation to buffer pBuf. Return
@@ -239448,9 +243969,9 @@ static int fts5DecodePoslist(int *pRc, Fts5Buffer *pBuf, const u8 *a, int n){
   }
   return iOff;
 }
-#endif /* SQLITE_TEST */
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 /*
 ** The start of buffer (a/n) contains the start of a doclist. The doclist
 ** may or may not finish within the buffer. This function appends a text
@@ -239483,9 +244004,9 @@ static int fts5DecodeDoclist(int *pRc, Fts5Buffer *pBuf, const u8 *a, int n){
 
   return iOff;
 }
-#endif /* SQLITE_TEST */
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 /*
 ** This function is part of the fts5_decode() debugging function. It is
 ** only ever used with detail=none tables.
@@ -239526,9 +244047,9 @@ static void fts5DecodeRowidList(
     sqlite3Fts5BufferAppendPrintf(pRc, pBuf, " %lld%s", iRowid, zApp);
   }
 }
-#endif /* SQLITE_TEST */
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 /*
 ** The implementation of user-defined scalar function fts5_decode().
 */
@@ -239539,6 +244060,7 @@ static void fts5DecodeFunction(
 ){
   i64 iRowid;                     /* Rowid for record being decoded */
   int iSegid,iHeight,iPgno,bDlidx;/* Rowid components */
+  int bTomb;
   const u8 *aBlob; int n;         /* Record to decode */
   u8 *a = 0;
   Fts5Buffer s;                   /* Build up text to return here */
@@ -239561,7 +244083,7 @@ static void fts5DecodeFunction(
   if( a==0 ) goto decode_out;
   if( n>0 ) memcpy(a, aBlob, n);
 
-  fts5DecodeRowid(iRowid, &iSegid, &bDlidx, &iHeight, &iPgno);
+  fts5DecodeRowid(iRowid, &bTomb, &iSegid, &bDlidx, &iHeight, &iPgno);
 
   fts5DebugRowid(&rc, &s, iRowid);
   if( bDlidx ){
@@ -239580,6 +244102,28 @@ static void fts5DecodeFunction(
           " %d(%lld)", lvl.iLeafPgno, lvl.iRowid
       );
     }
+  }else if( bTomb ){
+    u32 nElem  = fts5GetU32(&a[4]);
+    int szKey = (aBlob[0]==4 || aBlob[0]==8) ? aBlob[0] : 8;
+    int nSlot = (n - 8) / szKey;
+    int ii;
+    sqlite3Fts5BufferAppendPrintf(&rc, &s, " nElem=%d", (int)nElem);
+    if( aBlob[1] ){
+      sqlite3Fts5BufferAppendPrintf(&rc, &s, " 0");
+    }
+    for(ii=0; iiszLeaf ){
+        rc = FTS5_CORRUPT;
+      }else{
+        fts5DecodeRowidList(&rc, &s, &a[iOff], iTermOff-iOff);
+      }
       iOff = iTermOff;
       if( iOffestimatedCost = (double)100;
+  pIdxInfo->estimatedRows = 100;
+  pIdxInfo->idxNum = 0;
+  for(i=0, p=pIdxInfo->aConstraint; inConstraint; i++, p++){
+    if( p->usable==0 ) continue;
+    if( p->op==SQLITE_INDEX_CONSTRAINT_EQ && p->iColumn==11 ){
+      rc = SQLITE_OK;
+      pIdxInfo->aConstraintUsage[i].omit = 1;
+      pIdxInfo->aConstraintUsage[i].argvIndex = 1;
+      break;
+    }
+  }
+  return rc;
+}
+
+/*
+** This method is the destructor for bytecodevtab objects.
+*/
+static int fts5structDisconnectMethod(sqlite3_vtab *pVtab){
+  Fts5StructVtab *p = (Fts5StructVtab*)pVtab;
+  sqlite3_free(p);
+  return SQLITE_OK;
+}
+
+/*
+** Constructor for a new bytecodevtab_cursor object.
+*/
+static int fts5structOpenMethod(sqlite3_vtab *p, sqlite3_vtab_cursor **ppCsr){
+  int rc = SQLITE_OK;
+  Fts5StructVcsr *pNew = 0;
+
+  pNew = sqlite3Fts5MallocZero(&rc, sizeof(*pNew));
+  *ppCsr = (sqlite3_vtab_cursor*)pNew;
+
+  return SQLITE_OK;
+}
+
+/*
+** Destructor for a bytecodevtab_cursor.
+*/
+static int fts5structCloseMethod(sqlite3_vtab_cursor *cur){
+  Fts5StructVcsr *pCsr = (Fts5StructVcsr*)cur;
+  fts5StructureRelease(pCsr->pStruct);
+  sqlite3_free(pCsr);
+  return SQLITE_OK;
+}
+
+
+/*
+** Advance a bytecodevtab_cursor to its next row of output.
+*/
+static int fts5structNextMethod(sqlite3_vtab_cursor *cur){
+  Fts5StructVcsr *pCsr = (Fts5StructVcsr*)cur;
+  Fts5Structure *p = pCsr->pStruct;
+
+  assert( pCsr->pStruct );
+  pCsr->iSeg++;
+  pCsr->iRowid++;
+  while( pCsr->iLevelnLevel && pCsr->iSeg>=p->aLevel[pCsr->iLevel].nSeg ){
+    pCsr->iLevel++;
+    pCsr->iSeg = 0;
+  }
+  if( pCsr->iLevel>=p->nLevel ){
+    fts5StructureRelease(pCsr->pStruct);
+    pCsr->pStruct = 0;
+  }
+  return SQLITE_OK;
+}
+
+/*
+** Return TRUE if the cursor has been moved off of the last
+** row of output.
+*/
+static int fts5structEofMethod(sqlite3_vtab_cursor *cur){
+  Fts5StructVcsr *pCsr = (Fts5StructVcsr*)cur;
+  return pCsr->pStruct==0;
+}
+
+static int fts5structRowidMethod(
+  sqlite3_vtab_cursor *cur,
+  sqlite_int64 *piRowid
+){
+  Fts5StructVcsr *pCsr = (Fts5StructVcsr*)cur;
+  *piRowid = pCsr->iRowid;
+  return SQLITE_OK;
+}
+
+/*
+** Return values of columns for the row at which the bytecodevtab_cursor
+** is currently pointing.
+*/
+static int fts5structColumnMethod(
+  sqlite3_vtab_cursor *cur,   /* The cursor */
+  sqlite3_context *ctx,       /* First argument to sqlite3_result_...() */
+  int i                       /* Which column to return */
+){
+  Fts5StructVcsr *pCsr = (Fts5StructVcsr*)cur;
+  Fts5Structure *p = pCsr->pStruct;
+  Fts5StructureSegment *pSeg = &p->aLevel[pCsr->iLevel].aSeg[pCsr->iSeg];
+
+  switch( i ){
+    case 0: /* level */
+      sqlite3_result_int(ctx, pCsr->iLevel);
+      break;
+    case 1: /* segment */
+      sqlite3_result_int(ctx, pCsr->iSeg);
+      break;
+    case 2: /* merge */
+      sqlite3_result_int(ctx, pCsr->iSeg < p->aLevel[pCsr->iLevel].nMerge);
+      break;
+    case 3: /* segid */
+      sqlite3_result_int(ctx, pSeg->iSegid);
+      break;
+    case 4: /* leaf1 */
+      sqlite3_result_int(ctx, pSeg->pgnoFirst);
+      break;
+    case 5: /* leaf2 */
+      sqlite3_result_int(ctx, pSeg->pgnoLast);
+      break;
+    case 6: /* origin1 */
+      sqlite3_result_int64(ctx, pSeg->iOrigin1);
+      break;
+    case 7: /* origin2 */
+      sqlite3_result_int64(ctx, pSeg->iOrigin2);
+      break;
+    case 8: /* npgtombstone */
+      sqlite3_result_int(ctx, pSeg->nPgTombstone);
+      break;
+    case 9: /* nentrytombstone */
+      sqlite3_result_int64(ctx, pSeg->nEntryTombstone);
+      break;
+    case 10: /* nentry */
+      sqlite3_result_int64(ctx, pSeg->nEntry);
+      break;
+  }
+  return SQLITE_OK;
+}
+
+/*
+** Initialize a cursor.
+**
+**    idxNum==0     means show all subprograms
+**    idxNum==1     means show only the main bytecode and omit subprograms.
+*/
+static int fts5structFilterMethod(
+  sqlite3_vtab_cursor *pVtabCursor,
+  int idxNum, const char *idxStr,
+  int argc, sqlite3_value **argv
+){
+  Fts5StructVcsr *pCsr = (Fts5StructVcsr *)pVtabCursor;
+  int rc = SQLITE_OK;
+
+  const u8 *aBlob = 0;
+  int nBlob = 0;
+
+  assert( argc==1 );
+  fts5StructureRelease(pCsr->pStruct);
+  pCsr->pStruct = 0;
+
+  nBlob = sqlite3_value_bytes(argv[0]);
+  aBlob = (const u8*)sqlite3_value_blob(argv[0]);
+  rc = fts5StructureDecode(aBlob, nBlob, 0, &pCsr->pStruct);
+  if( rc==SQLITE_OK ){
+    pCsr->iLevel = 0;
+    pCsr->iRowid = 0;
+    pCsr->iSeg = -1;
+    rc = fts5structNextMethod(pVtabCursor);
+  }
+
+  return rc;
+}
+
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
 /*
 ** This is called as part of registering the FTS5 module with database
@@ -239784,7 +244559,7 @@ static void fts5RowidFunction(
 ** SQLite error code is returned instead.
 */
 static int sqlite3Fts5IndexInit(sqlite3 *db){
-#ifdef SQLITE_TEST
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
   int rc = sqlite3_create_function(
       db, "fts5_decode", 2, SQLITE_UTF8, 0, fts5DecodeFunction, 0, 0
   );
@@ -239801,6 +244576,37 @@ static int sqlite3Fts5IndexInit(sqlite3 *db){
         db, "fts5_rowid", -1, SQLITE_UTF8, 0, fts5RowidFunction, 0, 0
     );
   }
+
+  if( rc==SQLITE_OK ){
+    static const sqlite3_module fts5structure_module = {
+      0,                           /* iVersion      */
+      0,                           /* xCreate       */
+      fts5structConnectMethod,     /* xConnect      */
+      fts5structBestIndexMethod,   /* xBestIndex    */
+      fts5structDisconnectMethod,  /* xDisconnect   */
+      0,                           /* xDestroy      */
+      fts5structOpenMethod,        /* xOpen         */
+      fts5structCloseMethod,       /* xClose        */
+      fts5structFilterMethod,      /* xFilter       */
+      fts5structNextMethod,        /* xNext         */
+      fts5structEofMethod,         /* xEof          */
+      fts5structColumnMethod,      /* xColumn       */
+      fts5structRowidMethod,       /* xRowid        */
+      0,                           /* xUpdate       */
+      0,                           /* xBegin        */
+      0,                           /* xSync         */
+      0,                           /* xCommit       */
+      0,                           /* xRollback     */
+      0,                           /* xFindFunction */
+      0,                           /* xRename       */
+      0,                           /* xSavepoint    */
+      0,                           /* xRelease      */
+      0,                           /* xRollbackTo   */
+      0,                           /* xShadowName   */
+      0                            /* xIntegrity    */
+    };
+    rc = sqlite3_create_module(db, "fts5_structure", &fts5structure_module, 0);
+  }
   return rc;
 #else
   return SQLITE_OK;
@@ -239936,6 +244742,8 @@ struct Fts5FullTable {
   Fts5Storage *pStorage;          /* Document store */
   Fts5Global *pGlobal;            /* Global (connection wide) data */
   Fts5Cursor *pSortCsr;           /* Sort data from this cursor */
+  int iSavepoint;                 /* Successful xSavepoint()+1 */
+  int bInSavepoint;
 #ifdef SQLITE_DEBUG
   struct Fts5TransactionState ts;
 #endif
@@ -240224,6 +245032,13 @@ static int fts5InitVtab(
     pConfig->pzErrmsg = 0;
   }
 
+  if( rc==SQLITE_OK && pConfig->eContent==FTS5_CONTENT_NORMAL ){
+    rc = sqlite3_vtab_config(db, SQLITE_VTAB_CONSTRAINT_SUPPORT, (int)1);
+  }
+  if( rc==SQLITE_OK ){
+    rc = sqlite3_vtab_config(db, SQLITE_VTAB_INNOCUOUS);
+  }
+
   if( rc!=SQLITE_OK ){
     fts5FreeVtab(pTab);
     pTab = 0;
@@ -241148,6 +245963,9 @@ static int fts5FilterMethod(
     pCsr->iFirstRowid = fts5GetRowidLimit(pRowidGe, SMALLEST_INT64);
   }
 
+  rc = sqlite3Fts5IndexLoadConfig(pTab->p.pIndex);
+  if( rc!=SQLITE_OK ) goto filter_out;
+
   if( pTab->pSortCsr ){
     /* If pSortCsr is non-NULL, then this call is being made as part of
     ** processing for a "... MATCH  ORDER BY rank" query (ePlan is
@@ -241170,6 +245988,7 @@ static int fts5FilterMethod(
     pCsr->pExpr = pTab->pSortCsr->pExpr;
     rc = fts5CursorFirst(pTab, pCsr, bDesc);
   }else if( pCsr->pExpr ){
+    assert( rc==SQLITE_OK );
     rc = fts5CursorParseRank(pConfig, pCsr, pRank);
     if( rc==SQLITE_OK ){
       if( bOrderByRank ){
@@ -241341,6 +246160,7 @@ static int fts5SpecialInsert(
   Fts5Config *pConfig = pTab->p.pConfig;
   int rc = SQLITE_OK;
   int bError = 0;
+  int bLoadConfig = 0;
 
   if( 0==sqlite3_stricmp("delete-all", zCmd) ){
     if( pConfig->eContent==FTS5_CONTENT_NORMAL ){
@@ -241352,6 +246172,7 @@ static int fts5SpecialInsert(
     }else{
       rc = sqlite3Fts5StorageDeleteAll(pTab->pStorage);
     }
+    bLoadConfig = 1;
   }else if( 0==sqlite3_stricmp("rebuild", zCmd) ){
     if( pConfig->eContent==FTS5_CONTENT_NONE ){
       fts5SetVtabError(pTab,
@@ -241361,6 +246182,7 @@ static int fts5SpecialInsert(
     }else{
       rc = sqlite3Fts5StorageRebuild(pTab->pStorage);
     }
+    bLoadConfig = 1;
   }else if( 0==sqlite3_stricmp("optimize", zCmd) ){
     rc = sqlite3Fts5StorageOptimize(pTab->pStorage);
   }else if( 0==sqlite3_stricmp("merge", zCmd) ){
@@ -241373,6 +246195,8 @@ static int fts5SpecialInsert(
   }else if( 0==sqlite3_stricmp("prefix-index", zCmd) ){
     pConfig->bPrefixIndex = sqlite3_value_int(pVal);
 #endif
+  }else if( 0==sqlite3_stricmp("flush", zCmd) ){
+    rc = sqlite3Fts5FlushToDisk(&pTab->p);
   }else{
     rc = sqlite3Fts5IndexLoadConfig(pTab->p.pIndex);
     if( rc==SQLITE_OK ){
@@ -241386,6 +246210,12 @@ static int fts5SpecialInsert(
       }
     }
   }
+
+  if( rc==SQLITE_OK && bLoadConfig ){
+    pTab->p.pConfig->iCookie--;
+    rc = sqlite3Fts5IndexLoadConfig(pTab->p.pIndex);
+  }
+
   return rc;
 }
 
@@ -241444,7 +246274,6 @@ static int fts5UpdateMethod(
   int rc = SQLITE_OK;             /* Return code */
   int bUpdateOrDelete = 0;
 
-
   /* A transaction must be open when this is called. */
   assert( pTab->ts.eState==1 || pTab->ts.eState==2 );
 
@@ -241473,7 +246302,14 @@ static int fts5UpdateMethod(
     if( pConfig->eContent!=FTS5_CONTENT_NORMAL
       && 0==sqlite3_stricmp("delete", z)
     ){
-      rc = fts5SpecialDelete(pTab, apVal);
+      if( pConfig->bContentlessDelete ){
+        fts5SetVtabError(pTab,
+            "'delete' may not be used with a contentless_delete=1 table"
+        );
+        rc = SQLITE_ERROR;
+      }else{
+        rc = fts5SpecialDelete(pTab, apVal);
+      }
     }else{
       rc = fts5SpecialInsert(pTab, z, apVal[2 + pConfig->nCol + 1]);
     }
@@ -241490,7 +246326,7 @@ static int fts5UpdateMethod(
     ** Cases 3 and 4 may violate the rowid constraint.
     */
     int eConflict = SQLITE_ABORT;
-    if( pConfig->eContent==FTS5_CONTENT_NORMAL ){
+    if( pConfig->eContent==FTS5_CONTENT_NORMAL || pConfig->bContentlessDelete ){
       eConflict = sqlite3_vtab_on_conflict(pConfig->db);
     }
 
@@ -241498,8 +246334,12 @@ static int fts5UpdateMethod(
     assert( nArg!=1 || eType0==SQLITE_INTEGER );
 
     /* Filter out attempts to run UPDATE or DELETE on contentless tables.
-    ** This is not suported.  */
-    if( eType0==SQLITE_INTEGER && fts5IsContentless(pTab) ){
+    ** This is not suported. Except - they are both supported if the CREATE
+    ** VIRTUAL TABLE statement contained "contentless_delete=1". */
+    if( eType0==SQLITE_INTEGER
+     && pConfig->eContent==FTS5_CONTENT_NONE
+     && pConfig->bContentlessDelete==0
+    ){
       pTab->p.base.zErrMsg = sqlite3_mprintf(
           "cannot %s contentless fts5 table: %s",
           (nArg>1 ? "UPDATE" : "DELETE from"), pConfig->zName
@@ -241523,7 +246363,8 @@ static int fts5UpdateMethod(
       }
 
       else if( eType0!=SQLITE_INTEGER ){
-        /* If this is a REPLACE, first remove the current entry (if any) */
+        /* An INSERT statement. If the conflict-mode is REPLACE, first remove
+        ** the current entry (if any). */
         if( eConflict==SQLITE_REPLACE && eType1==SQLITE_INTEGER ){
           i64 iNew = sqlite3_value_int64(apVal[1]);  /* Rowid to delete */
           rc = sqlite3Fts5StorageDelete(pTab->pStorage, iNew, 0);
@@ -241586,8 +246427,7 @@ static int fts5SyncMethod(sqlite3_vtab *pVtab){
   Fts5FullTable *pTab = (Fts5FullTable*)pVtab;
   fts5CheckTransactionState(pTab, FTS5_SYNC, 0);
   pTab->p.pConfig->pzErrmsg = &pTab->p.base.zErrMsg;
-  fts5TripCursors(pTab);
-  rc = sqlite3Fts5StorageSync(pTab->pStorage);
+  rc = sqlite3Fts5FlushToDisk(&pTab->p);
   pTab->p.pConfig->pzErrmsg = 0;
   return rc;
 }
@@ -242354,6 +247194,12 @@ static int fts5ColumnMethod(
       sqlite3_result_value(pCtx, sqlite3_column_value(pCsr->pStmt, iCol+1));
     }
     pConfig->pzErrmsg = 0;
+  }else if( pConfig->bContentlessDelete && sqlite3_vtab_nochange(pCtx) ){
+    char *zErr = sqlite3_mprintf("cannot UPDATE a subset of "
+        "columns on fts5 contentless-delete table: %s", pConfig->zName
+    );
+    sqlite3_result_error(pCtx, zErr, -1);
+    sqlite3_free(zErr);
   }
   return rc;
 }
@@ -242392,8 +247238,12 @@ static int fts5RenameMethod(
   sqlite3_vtab *pVtab,            /* Virtual table handle */
   const char *zName               /* New name of table */
 ){
+  int rc;
   Fts5FullTable *pTab = (Fts5FullTable*)pVtab;
-  return sqlite3Fts5StorageRename(pTab->pStorage, zName);
+  pTab->bInSavepoint = 1;
+  rc = sqlite3Fts5StorageRename(pTab->pStorage, zName);
+  pTab->bInSavepoint = 0;
+  return rc;
 }
 
 static int sqlite3Fts5FlushToDisk(Fts5Table *pTab){
@@ -242407,9 +247257,29 @@ static int sqlite3Fts5FlushToDisk(Fts5Table *pTab){
 ** Flush the contents of the pending-terms table to disk.
 */
 static int fts5SavepointMethod(sqlite3_vtab *pVtab, int iSavepoint){
-  UNUSED_PARAM(iSavepoint);  /* Call below is a no-op for NDEBUG builds */
-  fts5CheckTransactionState((Fts5FullTable*)pVtab, FTS5_SAVEPOINT, iSavepoint);
-  return sqlite3Fts5FlushToDisk((Fts5Table*)pVtab);
+  Fts5FullTable *pTab = (Fts5FullTable*)pVtab;
+  int rc = SQLITE_OK;
+  char *zSql = 0;
+  fts5CheckTransactionState(pTab, FTS5_SAVEPOINT, iSavepoint);
+
+  if( pTab->bInSavepoint==0 ){
+    zSql = sqlite3_mprintf("INSERT INTO %Q.%Q(%Q) VALUES('flush')",
+        pTab->p.pConfig->zDb, pTab->p.pConfig->zName, pTab->p.pConfig->zName
+    );
+    if( zSql ){
+      pTab->bInSavepoint = 1;
+      rc = sqlite3_exec(pTab->p.pConfig->db, zSql, 0, 0, 0);
+      pTab->bInSavepoint = 0;
+      sqlite3_free(zSql);
+    }else{
+      rc = SQLITE_NOMEM;
+    }
+    if( rc==SQLITE_OK ){
+      pTab->iSavepoint = iSavepoint+1;
+    }
+  }
+
+  return rc;
 }
 
 /*
@@ -242418,9 +247288,16 @@ static int fts5SavepointMethod(sqlite3_vtab *pVtab, int iSavepoint){
 ** This is a no-op.
 */
 static int fts5ReleaseMethod(sqlite3_vtab *pVtab, int iSavepoint){
-  UNUSED_PARAM(iSavepoint);  /* Call below is a no-op for NDEBUG builds */
-  fts5CheckTransactionState((Fts5FullTable*)pVtab, FTS5_RELEASE, iSavepoint);
-  return sqlite3Fts5FlushToDisk((Fts5Table*)pVtab);
+  Fts5FullTable *pTab = (Fts5FullTable*)pVtab;
+  int rc = SQLITE_OK;
+  fts5CheckTransactionState(pTab, FTS5_RELEASE, iSavepoint);
+  if( (iSavepoint+1)iSavepoint ){
+    rc = sqlite3Fts5FlushToDisk(&pTab->p);
+    if( rc==SQLITE_OK ){
+      pTab->iSavepoint = iSavepoint;
+    }
+  }
+  return rc;
 }
 
 /*
@@ -242430,11 +247307,14 @@ static int fts5ReleaseMethod(sqlite3_vtab *pVtab, int iSavepoint){
 */
 static int fts5RollbackToMethod(sqlite3_vtab *pVtab, int iSavepoint){
   Fts5FullTable *pTab = (Fts5FullTable*)pVtab;
-  UNUSED_PARAM(iSavepoint);  /* Call below is a no-op for NDEBUG builds */
+  int rc = SQLITE_OK;
   fts5CheckTransactionState(pTab, FTS5_ROLLBACKTO, iSavepoint);
   fts5TripCursors(pTab);
   pTab->p.pConfig->pgsz = 0;
-  return sqlite3Fts5StorageRollback(pTab->pStorage);
+  if( (iSavepoint+1)<=pTab->iSavepoint ){
+    rc = sqlite3Fts5StorageRollback(pTab->pStorage);
+  }
+  return rc;
 }
 
 /*
@@ -242636,7 +247516,7 @@ static void fts5SourceIdFunc(
 ){
   assert( nArg==0 );
   UNUSED_PARAM2(nArg, apUnused);
-  sqlite3_result_text(pCtx, "fts5: 2023-05-16 12:36:15 831d0fb2836b71c9bc51067c49fee4b8f18047814f2ff22d817d25195cf350b0", -1, SQLITE_TRANSIENT);
+  sqlite3_result_text(pCtx, "fts5: 2023-11-01 11:23:50 17129ba1ff7f0daf37100ee82d507aef7827cf38de1866e2633096ae6ad81301", -1, SQLITE_TRANSIENT);
 }
 
 /*
@@ -242654,9 +247534,46 @@ static int fts5ShadowName(const char *zName){
   return 0;
 }
 
+/*
+** Run an integrity check on the FTS5 data structures.  Return a string
+** if anything is found amiss.  Return a NULL pointer if everything is
+** OK.
+*/
+static int fts5Integrity(
+  sqlite3_vtab *pVtab,    /* the FTS5 virtual table to check */
+  const char *zSchema,    /* Name of schema in which this table lives */
+  const char *zTabname,   /* Name of the table itself */
+  int isQuick,            /* True if this is a quick-check */
+  char **pzErr            /* Write error message here */
+){
+  Fts5FullTable *pTab = (Fts5FullTable*)pVtab;
+  Fts5Config *pConfig = pTab->p.pConfig;
+  char *zSql;
+  char *zErr = 0;
+  int rc;
+  assert( pzErr!=0 && *pzErr==0 );
+  UNUSED_PARAM(isQuick);
+  zSql = sqlite3_mprintf(
+            "INSERT INTO \"%w\".\"%w\"(\"%w\") VALUES('integrity-check');",
+            zSchema, zTabname, pConfig->zName);
+  if( zSql==0 ) return SQLITE_NOMEM;
+  rc = sqlite3_exec(pConfig->db, zSql, 0, 0, &zErr);
+  sqlite3_free(zSql);
+  if( (rc&0xff)==SQLITE_CORRUPT ){
+    *pzErr = sqlite3_mprintf("malformed inverted index for FTS5 table %s.%s",
+                zSchema, zTabname);
+  }else if( rc!=SQLITE_OK ){
+    *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
+                             " FTS5 table %s.%s: %s",
+                zSchema, zTabname, zErr);
+  }
+  sqlite3_free(zErr);
+  return SQLITE_OK;
+}
+
 static int fts5Init(sqlite3 *db){
   static const sqlite3_module fts5Mod = {
-    /* iVersion      */ 3,
+    /* iVersion      */ 4,
     /* xCreate       */ fts5CreateMethod,
     /* xConnect      */ fts5ConnectMethod,
     /* xBestIndex    */ fts5BestIndexMethod,
@@ -242679,7 +247596,8 @@ static int fts5Init(sqlite3 *db){
     /* xSavepoint    */ fts5SavepointMethod,
     /* xRelease      */ fts5ReleaseMethod,
     /* xRollbackTo   */ fts5RollbackToMethod,
-    /* xShadowName   */ fts5ShadowName
+    /* xShadowName   */ fts5ShadowName,
+    /* xIntegrity    */ fts5Integrity
   };
 
   int rc;
@@ -242849,10 +247767,10 @@ static int fts5StorageGetStmt(
       "INSERT INTO %Q.'%q_content' VALUES(%s)",         /* INSERT_CONTENT  */
       "REPLACE INTO %Q.'%q_content' VALUES(%s)",        /* REPLACE_CONTENT */
       "DELETE FROM %Q.'%q_content' WHERE id=?",         /* DELETE_CONTENT  */
-      "REPLACE INTO %Q.'%q_docsize' VALUES(?,?)",       /* REPLACE_DOCSIZE  */
+      "REPLACE INTO %Q.'%q_docsize' VALUES(?,?%s)",     /* REPLACE_DOCSIZE  */
       "DELETE FROM %Q.'%q_docsize' WHERE id=?",         /* DELETE_DOCSIZE  */
 
-      "SELECT sz FROM %Q.'%q_docsize' WHERE id=?",      /* LOOKUP_DOCSIZE  */
+      "SELECT sz%s FROM %Q.'%q_docsize' WHERE id=?",    /* LOOKUP_DOCSIZE  */
 
       "REPLACE INTO %Q.'%q_config' VALUES(?,?)",        /* REPLACE_CONFIG */
       "SELECT %s FROM %s AS T",                         /* SCAN */
@@ -242900,6 +247818,19 @@ static int fts5StorageGetStmt(
         break;
       }
 
+      case FTS5_STMT_REPLACE_DOCSIZE:
+        zSql = sqlite3_mprintf(azStmt[eStmt], pC->zDb, pC->zName,
+          (pC->bContentlessDelete ? ",?" : "")
+        );
+        break;
+
+      case FTS5_STMT_LOOKUP_DOCSIZE:
+        zSql = sqlite3_mprintf(azStmt[eStmt],
+            (pC->bContentlessDelete ? ",origin" : ""),
+            pC->zDb, pC->zName
+        );
+        break;
+
       default:
         zSql = sqlite3_mprintf(azStmt[eStmt], pC->zDb, pC->zName);
         break;
@@ -243089,9 +248020,11 @@ static int sqlite3Fts5StorageOpen(
     }
 
     if( rc==SQLITE_OK && pConfig->bColumnsize ){
-      rc = sqlite3Fts5CreateTable(
-          pConfig, "docsize", "id INTEGER PRIMARY KEY, sz BLOB", 0, pzErr
-      );
+      const char *zCols = "id INTEGER PRIMARY KEY, sz BLOB";
+      if( pConfig->bContentlessDelete ){
+        zCols = "id INTEGER PRIMARY KEY, sz BLOB, origin INTEGER";
+      }
+      rc = sqlite3Fts5CreateTable(pConfig, "docsize", zCols, 0, pzErr);
     }
     if( rc==SQLITE_OK ){
       rc = sqlite3Fts5CreateTable(
@@ -243168,7 +248101,7 @@ static int fts5StorageDeleteFromIndex(
 ){
   Fts5Config *pConfig = p->pConfig;
   sqlite3_stmt *pSeek = 0;        /* SELECT to read row iDel from %_data */
-  int rc;                         /* Return code */
+  int rc = SQLITE_OK;             /* Return code */
   int rc2;                        /* sqlite3_reset() return code */
   int iCol;
   Fts5InsertCtx ctx;
@@ -243184,7 +248117,6 @@ static int fts5StorageDeleteFromIndex(
 
   ctx.pStorage = p;
   ctx.iCol = -1;
-  rc = sqlite3Fts5IndexBeginWrite(p->pIndex, 1, iDel);
   for(iCol=1; rc==SQLITE_OK && iCol<=pConfig->nCol; iCol++){
     if( pConfig->abUnindexed[iCol-1]==0 ){
       const char *zText;
@@ -243221,6 +248153,37 @@ static int fts5StorageDeleteFromIndex(
   return rc;
 }
 
+/*
+** This function is called to process a DELETE on a contentless_delete=1
+** table. It adds the tombstone required to delete the entry with rowid
+** iDel. If successful, SQLITE_OK is returned. Or, if an error occurs,
+** an SQLite error code.
+*/
+static int fts5StorageContentlessDelete(Fts5Storage *p, i64 iDel){
+  i64 iOrigin = 0;
+  sqlite3_stmt *pLookup = 0;
+  int rc = SQLITE_OK;
+
+  assert( p->pConfig->bContentlessDelete );
+  assert( p->pConfig->eContent==FTS5_CONTENT_NONE );
+
+  /* Look up the origin of the document in the %_docsize table. Store
+  ** this in stack variable iOrigin.  */
+  rc = fts5StorageGetStmt(p, FTS5_STMT_LOOKUP_DOCSIZE, &pLookup, 0);
+  if( rc==SQLITE_OK ){
+    sqlite3_bind_int64(pLookup, 1, iDel);
+    if( SQLITE_ROW==sqlite3_step(pLookup) ){
+      iOrigin = sqlite3_column_int64(pLookup, 1);
+    }
+    rc = sqlite3_reset(pLookup);
+  }
+
+  if( rc==SQLITE_OK && iOrigin!=0 ){
+    rc = sqlite3Fts5IndexContentlessDelete(p->pIndex, iOrigin, iDel);
+  }
+
+  return rc;
+}
 
 /*
 ** Insert a record into the %_docsize table. Specifically, do:
@@ -243241,10 +248204,17 @@ static int fts5StorageInsertDocsize(
     rc = fts5StorageGetStmt(p, FTS5_STMT_REPLACE_DOCSIZE, &pReplace, 0);
     if( rc==SQLITE_OK ){
       sqlite3_bind_int64(pReplace, 1, iRowid);
-      sqlite3_bind_blob(pReplace, 2, pBuf->p, pBuf->n, SQLITE_STATIC);
-      sqlite3_step(pReplace);
-      rc = sqlite3_reset(pReplace);
-      sqlite3_bind_null(pReplace, 2);
+      if( p->pConfig->bContentlessDelete ){
+        i64 iOrigin = 0;
+        rc = sqlite3Fts5IndexGetOrigin(p->pIndex, &iOrigin);
+        sqlite3_bind_int64(pReplace, 3, iOrigin);
+      }
+      if( rc==SQLITE_OK ){
+        sqlite3_bind_blob(pReplace, 2, pBuf->p, pBuf->n, SQLITE_STATIC);
+        sqlite3_step(pReplace);
+        rc = sqlite3_reset(pReplace);
+        sqlite3_bind_null(pReplace, 2);
+      }
     }
   }
   return rc;
@@ -243308,7 +248278,15 @@ static int sqlite3Fts5StorageDelete(Fts5Storage *p, i64 iDel, sqlite3_value **ap
 
   /* Delete the index records */
   if( rc==SQLITE_OK ){
-    rc = fts5StorageDeleteFromIndex(p, iDel, apVal);
+    rc = sqlite3Fts5IndexBeginWrite(p->pIndex, 1, iDel);
+  }
+
+  if( rc==SQLITE_OK ){
+    if( p->pConfig->bContentlessDelete ){
+      rc = fts5StorageContentlessDelete(p, iDel);
+    }else{
+      rc = fts5StorageDeleteFromIndex(p, iDel, apVal);
+    }
   }
 
   /* Delete the %_docsize record */
@@ -243896,7 +248874,9 @@ static int sqlite3Fts5StorageSync(Fts5Storage *p){
   i64 iLastRowid = sqlite3_last_insert_rowid(p->pConfig->db);
   if( p->bTotalsValid ){
     rc = fts5StorageSaveTotals(p);
-    p->bTotalsValid = 0;
+    if( rc==SQLITE_OK ){
+      p->bTotalsValid = 0;
+    }
   }
   if( rc==SQLITE_OK ){
     rc = sqlite3Fts5IndexSync(p->pIndex);
@@ -247264,7 +252244,8 @@ static int sqlite3Fts5VocabInit(Fts5Global *pGlobal, sqlite3 *db){
     /* xSavepoint    */ 0,
     /* xRelease      */ 0,
     /* xRollbackTo   */ 0,
-    /* xShadowName   */ 0
+    /* xShadowName   */ 0,
+    /* xIntegrity    */ 0
   };
   void *p = (void*)pGlobal;
 
@@ -247593,6 +252574,7 @@ static sqlite3_module stmtModule = {
   0,                         /* xRelease */
   0,                         /* xRollbackTo */
   0,                         /* xShadowName */
+  0                          /* xIntegrity */
 };
 
 #endif /* SQLITE_OMIT_VIRTUALTABLE */
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
index 57eac0abf..4eff82d9d 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
@@ -147,9 +147,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.42.0"
-#define SQLITE_VERSION_NUMBER 3042000
-#define SQLITE_SOURCE_ID      "2023-05-16 12:36:15 831d0fb2836b71c9bc51067c49fee4b8f18047814f2ff22d817d25195cf350b0"
+#define SQLITE_VERSION        "3.44.0"
+#define SQLITE_VERSION_NUMBER 3044000
+#define SQLITE_SOURCE_ID      "2023-11-01 11:23:50 17129ba1ff7f0daf37100ee82d507aef7827cf38de1866e2633096ae6ad81301"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -529,6 +529,7 @@ SQLITE_API int sqlite3_exec(
 #define SQLITE_IOERR_ROLLBACK_ATOMIC   (SQLITE_IOERR | (31<<8))
 #define SQLITE_IOERR_DATA              (SQLITE_IOERR | (32<<8))
 #define SQLITE_IOERR_CORRUPTFS         (SQLITE_IOERR | (33<<8))
+#define SQLITE_IOERR_IN_PAGE           (SQLITE_IOERR | (34<<8))
 #define SQLITE_LOCKED_SHAREDCACHE      (SQLITE_LOCKED |  (1<<8))
 #define SQLITE_LOCKED_VTAB             (SQLITE_LOCKED |  (2<<8))
 #define SQLITE_BUSY_RECOVERY           (SQLITE_BUSY   |  (1<<8))
@@ -1191,7 +1192,7 @@ struct sqlite3_io_methods {
 ** by clients within the current process, only within other processes.
 **
 ** 
        4. [[SQLITE_FCNTL_CKSM_FILE]]
-** The [SQLITE_FCNTL_CKSM_FILE] opcode is for use interally by the
+** The [SQLITE_FCNTL_CKSM_FILE] opcode is for use internally by the
 ** [checksum VFS shim] only.
 **
 ** 
        5. [[SQLITE_FCNTL_RESET_CACHE]]
@@ -2127,7 +2128,7 @@ struct sqlite3_mem_methods {
 ** is stored in each sorted record and the required column values loaded
 ** from the database as records are returned in sorted order. The default
 ** value for this option is to never use this optimization. Specifying a
-** negative value for this option restores the default behaviour.
+** negative value for this option restores the default behavior.
 ** This option is only available if SQLite is compiled with the
 ** [SQLITE_ENABLE_SORTER_REFERENCES] compile-time option.
 **
@@ -2302,7 +2303,7 @@ struct sqlite3_mem_methods {
 ** database handle, SQLite checks if this will mean that there are now no
 ** connections at all to the database. If so, it performs a checkpoint
 ** operation before closing the connection. This option may be used to
-** override this behaviour. The first parameter passed to this operation
+** override this behavior. The first parameter passed to this operation
 ** is an integer - positive to disable checkpoints-on-close, or zero (the
 ** default) to enable them, and negative to leave the setting unchanged.
 ** The second parameter is a pointer to an integer
@@ -2455,7 +2456,7 @@ struct sqlite3_mem_methods {
 ** the [VACUUM] command will fail with an obscure error when attempting to
 ** process a table with generated columns and a descending index.  This is
 ** not considered a bug since SQLite versions 3.3.0 and earlier do not support
-** either generated columns or decending indexes.
+** either generated columns or descending indexes.
 ** 
        
 **
 ** [[SQLITE_DBCONFIG_STMT_SCANSTATUS]]
@@ -2736,6 +2737,7 @@ SQLITE_API sqlite3_int64 sqlite3_total_changes64(sqlite3*);
 **
 ** ^The [sqlite3_is_interrupted(D)] interface can be used to determine whether
 ** or not an interrupt is currently in effect for [database connection] D.
+** It returns 1 if an interrupt is currently in effect, or 0 otherwise.
 */
 SQLITE_API void sqlite3_interrupt(sqlite3*);
 SQLITE_API int sqlite3_is_interrupted(sqlite3*);
@@ -3389,8 +3391,10 @@ SQLITE_API SQLITE_DEPRECATED void *sqlite3_profile(sqlite3*,
 ** M argument should be the bitwise OR-ed combination of
 ** zero or more [SQLITE_TRACE] constants.
 **
-** ^Each call to either sqlite3_trace() or sqlite3_trace_v2() overrides
-** (cancels) any prior calls to sqlite3_trace() or sqlite3_trace_v2().
+** ^Each call to either sqlite3_trace(D,X,P) or sqlite3_trace_v2(D,M,X,P)
+** overrides (cancels) all prior calls to sqlite3_trace(D,X,P) or
+** sqlite3_trace_v2(D,M,X,P) for the [database connection] D.  Each
+** database connection may have at most one trace callback.
 **
 ** ^The X callback is invoked whenever any of the events identified by
 ** mask M occur.  ^The integer return value from the callback is currently
@@ -3759,7 +3763,7 @@ SQLITE_API int sqlite3_open_v2(
 ** as F) must be one of:
 ** 
          
 ** 
        •  A database filename pointer created by the SQLite core and
-** passed into the xOpen() method of a VFS implemention, or
+** passed into the xOpen() method of a VFS implementation, or
 ** 
        •  A filename obtained from [sqlite3_db_filename()], or
 ** 
        •  A new filename constructed using [sqlite3_create_filename()].
 ** 
        
@@ -3872,7 +3876,7 @@ SQLITE_API sqlite3_file *sqlite3_database_file_object(const char*);
 /*
 ** CAPI3REF: Create and Destroy VFS Filenames
 **
-** These interfces are provided for use by [VFS shim] implementations and
+** These interfaces are provided for use by [VFS shim] implementations and
 ** are not useful outside of that context.
 **
 ** The sqlite3_create_filename(D,J,W,N,P) allocates memory to hold a version of
@@ -3952,6 +3956,7 @@ SQLITE_API void sqlite3_free_filename(sqlite3_filename);
 **
 ** ^The sqlite3_errmsg() and sqlite3_errmsg16() return English-language
 ** text that describes the error, as either UTF-8 or UTF-16 respectively.
+** (See how SQLite handles [invalid UTF] for exceptions to this rule.)
 ** ^(Memory to hold the error message string is managed internally.
 ** The application does not need to worry about freeing the result.
 ** However, the error string might be overwritten or deallocated by
@@ -4419,6 +4424,41 @@ SQLITE_API int sqlite3_stmt_readonly(sqlite3_stmt *pStmt);
 */
 SQLITE_API int sqlite3_stmt_isexplain(sqlite3_stmt *pStmt);
 
+/*
+** CAPI3REF: Change The EXPLAIN Setting For A Prepared Statement
+** METHOD: sqlite3_stmt
+**
+** The sqlite3_stmt_explain(S,E) interface changes the EXPLAIN
+** setting for [prepared statement] S.  If E is zero, then S becomes
+** a normal prepared statement.  If E is 1, then S behaves as if
+** its SQL text began with "[EXPLAIN]".  If E is 2, then S behaves as if
+** its SQL text began with "[EXPLAIN QUERY PLAN]".
+**
+** Calling sqlite3_stmt_explain(S,E) might cause S to be reprepared.
+** SQLite tries to avoid a reprepare, but a reprepare might be necessary
+** on the first transition into EXPLAIN or EXPLAIN QUERY PLAN mode.
+**
+** Because of the potential need to reprepare, a call to
+** sqlite3_stmt_explain(S,E) will fail with SQLITE_ERROR if S cannot be
+** reprepared because it was created using [sqlite3_prepare()] instead of
+** the newer [sqlite3_prepare_v2()] or [sqlite3_prepare_v3()] interfaces and
+** hence has no saved SQL text with which to reprepare.
+**
+** Changing the explain setting for a prepared statement does not change
+** the original SQL text for the statement.  Hence, if the SQL text originally
+** began with EXPLAIN or EXPLAIN QUERY PLAN, but sqlite3_stmt_explain(S,0)
+** is called to convert the statement into an ordinary statement, the EXPLAIN
+** or EXPLAIN QUERY PLAN keywords will still appear in the sqlite3_sql(S)
+** output, even though the statement now acts like a normal SQL statement.
+**
+** This routine returns SQLITE_OK if the explain mode is successfully
+** changed, or an error code if the explain mode could not be changed.
+** The explain mode cannot be changed while a statement is active.
+** Hence, it is good practice to call [sqlite3_reset(S)]
+** immediately prior to calling sqlite3_stmt_explain(S,E).
+*/
+SQLITE_API int sqlite3_stmt_explain(sqlite3_stmt *pStmt, int eMode);
+
 /*
 ** CAPI3REF: Determine If A Prepared Statement Has Been Reset
 ** METHOD: sqlite3_stmt
@@ -4582,7 +4622,7 @@ typedef struct sqlite3_context sqlite3_context;
 ** with it may be passed. ^It is called to dispose of the BLOB or string even
 ** if the call to the bind API fails, except the destructor is not called if
 ** the third parameter is a NULL pointer or the fourth parameter is negative.
-** ^ (2) The special constant, [SQLITE_STATIC], may be passsed to indicate that
+** ^ (2) The special constant, [SQLITE_STATIC], may be passed to indicate that
 ** the application remains responsible for disposing of the object. ^In this
 ** case, the object and the provided pointer to it must remain valid until
 ** either the prepared statement is finalized or the same SQL parameter is
@@ -5261,20 +5301,33 @@ SQLITE_API int sqlite3_finalize(sqlite3_stmt *pStmt);
 ** ^The [sqlite3_reset(S)] interface resets the [prepared statement] S
 ** back to the beginning of its program.
 **
-** ^If the most recent call to [sqlite3_step(S)] for the
-** [prepared statement] S returned [SQLITE_ROW] or [SQLITE_DONE],
-** or if [sqlite3_step(S)] has never before been called on S,
-** then [sqlite3_reset(S)] returns [SQLITE_OK].
+** ^The return code from [sqlite3_reset(S)] indicates whether or not
+** the previous evaluation of prepared statement S completed successfully.
+** ^If [sqlite3_step(S)] has never before been called on S or if
+** [sqlite3_step(S)] has not been called since the previous call
+** to [sqlite3_reset(S)], then [sqlite3_reset(S)] will return
+** [SQLITE_OK].
 **
 ** ^If the most recent call to [sqlite3_step(S)] for the
 ** [prepared statement] S indicated an error, then
 ** [sqlite3_reset(S)] returns an appropriate [error code].
+** ^The [sqlite3_reset(S)] interface might also return an [error code]
+** if there were no prior errors but the process of resetting
+** the prepared statement caused a new error. ^For example, if an
+** [INSERT] statement with a [RETURNING] clause is only stepped one time,
+** that one call to [sqlite3_step(S)] might return SQLITE_ROW but
+** the overall statement might still fail and the [sqlite3_reset(S)] call
+** might return SQLITE_BUSY if locking constraints prevent the
+** database change from committing.  Therefore, it is important that
+** applications check the return code from [sqlite3_reset(S)] even if
+** no prior call to [sqlite3_step(S)] indicated a problem.
 **
 ** ^The [sqlite3_reset(S)] interface does not change the values
 ** of any [sqlite3_bind_blob|bindings] on the [prepared statement] S.
 */
 SQLITE_API int sqlite3_reset(sqlite3_stmt *pStmt);
 
+
 /*
 ** CAPI3REF: Create Or Redefine SQL Functions
 ** KEYWORDS: {function creation routines}
@@ -5485,7 +5538,7 @@ SQLITE_API int sqlite3_create_window_function(
 ** [application-defined SQL function]
 ** that has side-effects or that could potentially leak sensitive information.
 ** This will prevent attacks in which an application is tricked
-** into using a database file that has had its schema surreptiously
+** into using a database file that has had its schema surreptitiously
 ** modified to invoke the application-defined function in ways that are
 ** harmful.
 ** 
        
@@ -5829,32 +5882,32 @@ SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context*);
 ** METHOD: sqlite3_context
 **
 ** These functions may be used by (non-aggregate) SQL functions to
-** associate metadata with argument values. If the same value is passed to
-** multiple invocations of the same SQL function during query execution, under
-** some circumstances the associated metadata may be preserved.  An example
-** of where this might be useful is in a regular-expression matching
-** function. The compiled version of the regular expression can be stored as
-** metadata associated with the pattern string.
+** associate auxiliary data with argument values. If the same argument
+** value is passed to multiple invocations of the same SQL function during
+** query execution, under some circumstances the associated auxiliary data
+** might be preserved.  An example of where this might be useful is in a
+** regular-expression matching function. The compiled version of the regular
+** expression can be stored as auxiliary data associated with the pattern string.
 ** Then as long as the pattern string remains the same,
 ** the compiled regular expression can be reused on multiple
 ** invocations of the same function.
 **
-** ^The sqlite3_get_auxdata(C,N) interface returns a pointer to the metadata
+** ^The sqlite3_get_auxdata(C,N) interface returns a pointer to the auxiliary data
 ** associated by the sqlite3_set_auxdata(C,N,P,X) function with the Nth argument
 ** value to the application-defined function.  ^N is zero for the left-most
-** function argument.  ^If there is no metadata
+** function argument.  ^If there is no auxiliary data
 ** associated with the function argument, the sqlite3_get_auxdata(C,N) interface
 ** returns a NULL pointer.
 **
-** ^The sqlite3_set_auxdata(C,N,P,X) interface saves P as metadata for the N-th
-** argument of the application-defined function.  ^Subsequent
+** ^The sqlite3_set_auxdata(C,N,P,X) interface saves P as auxiliary data for the
+** N-th argument of the application-defined function.  ^Subsequent
 ** calls to sqlite3_get_auxdata(C,N) return P from the most recent
-** sqlite3_set_auxdata(C,N,P,X) call if the metadata is still valid or
-** NULL if the metadata has been discarded.
+** sqlite3_set_auxdata(C,N,P,X) call if the auxiliary data is still valid or
+** NULL if the auxiliary data has been discarded.
 ** ^After each call to sqlite3_set_auxdata(C,N,P,X) where X is not NULL,
 ** SQLite will invoke the destructor function X with parameter P exactly
-** once, when the metadata is discarded.
-** SQLite is free to discard the metadata at any time, including: 
          
+** once, when the auxiliary data is discarded.
+** SQLite is free to discard the auxiliary data at any time, including: 
            
 ** 
          •  ^(when the corresponding function parameter changes)^, or
 ** 
          •  ^(when [sqlite3_reset()] or [sqlite3_finalize()] is called for the
 **      SQL statement)^, or
@@ -5870,7 +5923,7 @@ SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context*);
 ** function implementation should not make any use of P after
 ** sqlite3_set_auxdata() has been called.
 **
-** ^(In practice, metadata is preserved between function calls for
+** ^(In practice, auxiliary data is preserved between function calls for
 ** function parameters that are compile-time constants, including literal
 ** values and [parameters] and expressions composed from the same.)^
 **
@@ -5880,10 +5933,67 @@ SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context*);
 **
 ** These routines must be called from the same thread in which
 ** the SQL function is running.
+**
+** See also: [sqlite3_get_clientdata()] and [sqlite3_set_clientdata()].
 */
 SQLITE_API void *sqlite3_get_auxdata(sqlite3_context*, int N);
 SQLITE_API void sqlite3_set_auxdata(sqlite3_context*, int N, void*, void (*)(void*));
 
+/*
+** CAPI3REF: Database Connection Client Data
+** METHOD: sqlite3
+**
+** These functions are used to associate one or more named pointers
+** with a [database connection].
+** A call to sqlite3_set_clientdata(D,N,P,X) causes the pointer P
+** to be attached to [database connection] D using name N.  Subsequent
+** calls to sqlite3_get_clientdata(D,N) will return a copy of pointer P
+** or a NULL pointer if there were no prior calls to
+** sqlite3_set_clientdata() with the same values of D and N.
+** Names are compared using strcmp() and are thus case sensitive.
+**
+** If P and X are both non-NULL, then the destructor X is invoked with
+** argument P on the first of the following occurrences:
+** 
              
+** 
            •  An out-of-memory error occurs during the call to
+**      sqlite3_set_clientdata() which attempts to register pointer P.
+** 
            •  A subsequent call to sqlite3_set_clientdata(D,N,P,X) is made
+**      with the same D and N parameters.
+** 
            •  The database connection closes.  SQLite does not make any guarantees
+**      about the order in which destructors are called, only that all
+**      destructors will be called exactly once at some point during the
+**      database connection closing process.
+** 
            
+**
+** SQLite does not do anything with client data other than invoke
+** destructors on the client data at the appropriate time.  The intended
+** use for client data is to provide a mechanism for wrapper libraries
+** to store additional information about an SQLite database connection.
+**
+** There is no limit (other than available memory) on the number of different
+** client data pointers (with different names) that can be attached to a
+** single database connection.  However, the implementation is optimized
+** for the case of having only one or two different client data names.
+** Applications and wrapper libraries are discouraged from using more than
+** one client data name each.
+**
+** There is no way to enumerate the client data pointers
+** associated with a database connection.  The N parameter can be thought
+** of as a secret key such that only code that knows the secret key is able
+** to access the associated data.
+**
+** Security Warning:  These interfaces should not be exposed in scripting
+** languages or in other circumstances where it might be possible for an
+** an attacker to invoke them.  Any agent that can invoke these interfaces
+** can probably also take control of the process.
+**
+** Database connection client data is only available for SQLite
+** version 3.44.0 ([dateof:3.44.0]) and later.
+**
+** See also: [sqlite3_set_auxdata()] and [sqlite3_get_auxdata()].
+*/
+SQLITE_API void *sqlite3_get_clientdata(sqlite3*,const char*);
+SQLITE_API int sqlite3_set_clientdata(sqlite3*, const char*, void*, void(*)(void*));
 
 /*
 ** CAPI3REF: Constants Defining Special Destructor Behavior
@@ -6516,7 +6626,7 @@ SQLITE_API int sqlite3_db_readonly(sqlite3 *db, const char *zDbName);
 SQLITE_API int sqlite3_txn_state(sqlite3*,const char *zSchema);
 
 /*
-** CAPI3REF: Allowed return values from [sqlite3_txn_state()]
+** CAPI3REF: Allowed return values from sqlite3_txn_state()
 ** KEYWORDS: {transaction state}
 **
 ** These constants define the current transaction state of a database file.
@@ -6648,7 +6758,7 @@ SQLITE_API void *sqlite3_rollback_hook(sqlite3*, void(*)(void *), void*);
 ** ^Each call to the sqlite3_autovacuum_pages() interface overrides all
 ** previous invocations for that database connection.  ^If the callback
 ** argument (C) to sqlite3_autovacuum_pages(D,C,P,X) is a NULL pointer,
-** then the autovacuum steps callback is cancelled.  The return value
+** then the autovacuum steps callback is canceled.  The return value
 ** from sqlite3_autovacuum_pages() is normally SQLITE_OK, but might
 ** be some other error code if something goes wrong.  The current
 ** implementation will only return SQLITE_OK or SQLITE_MISUSE, but other
@@ -7167,6 +7277,10 @@ struct sqlite3_module {
   /* The methods above are in versions 1 and 2 of the sqlite_module object.
   ** Those below are for version 3 and greater. */
   int (*xShadowName)(const char*);
+  /* The methods above are in versions 1 through 3 of the sqlite_module object.
+  ** Those below are for version 4 and greater. */
+  int (*xIntegrity)(sqlite3_vtab *pVTab, const char *zSchema,
+                    const char *zTabName, int mFlags, char **pzErr);
 };
 
 /*
@@ -7654,7 +7768,7 @@ SQLITE_API int sqlite3_blob_reopen(sqlite3_blob *, sqlite3_int64);
 ** code is returned and the transaction rolled back.
 **
 ** Calling this function with an argument that is not a NULL pointer or an
-** open blob handle results in undefined behaviour. ^Calling this routine
+** open blob handle results in undefined behavior. ^Calling this routine
 ** with a null pointer (such as would be returned by a failed call to
 ** [sqlite3_blob_open()]) is a harmless no-op. ^Otherwise, if this function
 ** is passed a valid open blob handle, the values returned by the
@@ -8134,6 +8248,7 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 #define SQLITE_TESTCTRL_PRNG_SAVE                5
 #define SQLITE_TESTCTRL_PRNG_RESTORE             6
 #define SQLITE_TESTCTRL_PRNG_RESET               7  /* NOT USED */
+#define SQLITE_TESTCTRL_FK_NO_ACTION             7
 #define SQLITE_TESTCTRL_BITVEC_TEST              8
 #define SQLITE_TESTCTRL_FAULT_INSTALL            9
 #define SQLITE_TESTCTRL_BENIGN_MALLOC_HOOKS     10
@@ -8162,7 +8277,8 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 #define SQLITE_TESTCTRL_TRACEFLAGS              31
 #define SQLITE_TESTCTRL_TUNE                    32
 #define SQLITE_TESTCTRL_LOGEST                  33
-#define SQLITE_TESTCTRL_LAST                    33  /* Largest TESTCTRL */
+#define SQLITE_TESTCTRL_USELONGDOUBLE           34
+#define SQLITE_TESTCTRL_LAST                    34  /* Largest TESTCTRL */
 
 /*
 ** CAPI3REF: SQL Keyword Checking
@@ -9618,7 +9734,7 @@ SQLITE_API int sqlite3_vtab_config(sqlite3*, int op, ...);
 ** [[SQLITE_VTAB_DIRECTONLY]]
            SQLITE_VTAB_DIRECTONLY
            
 ** 
            Calls of the form
 ** [sqlite3_vtab_config](db,SQLITE_VTAB_DIRECTONLY) from within the
-** the [xConnect] or [xCreate] methods of a [virtual table] implmentation
+** the [xConnect] or [xCreate] methods of a [virtual table] implementation
 ** prohibits that virtual table from being used from within triggers and
 ** views.
 ** 
            
@@ -9808,7 +9924,7 @@ SQLITE_API int sqlite3_vtab_distinct(sqlite3_index_info*);
 ** communicated to the xBestIndex method as a
 ** [SQLITE_INDEX_CONSTRAINT_EQ] constraint.)^  If xBestIndex wants to use
 ** this constraint, it must set the corresponding
-** aConstraintUsage[].argvIndex to a postive integer.  ^(Then, under
+** aConstraintUsage[].argvIndex to a positive integer.  ^(Then, under
 ** the usual mode of handling IN operators, SQLite generates [bytecode]
 ** that invokes the [xFilter|xFilter() method] once for each value
 ** on the right-hand side of the IN operator.)^  Thus the virtual table
@@ -10237,7 +10353,7 @@ SQLITE_API int sqlite3_db_cacheflush(sqlite3*);
 ** When the [sqlite3_blob_write()] API is used to update a blob column,
 ** the pre-update hook is invoked with SQLITE_DELETE. This is because the
 ** in this case the new values are not available. In this case, when a
-** callback made with op==SQLITE_DELETE is actuall a write using the
+** callback made with op==SQLITE_DELETE is actually a write using the
 ** sqlite3_blob_write() API, the [sqlite3_preupdate_blobwrite()] returns
 ** the index of the column being written. In other cases, where the
 ** pre-update hook is being invoked for some other reason, including a
@@ -10498,6 +10614,13 @@ SQLITE_API SQLITE_EXPERIMENTAL int sqlite3_snapshot_recover(sqlite3 *db, const c
 ** SQLITE_SERIALIZE_NOCOPY bit is set but no contiguous copy
 ** of the database exists.
 **
+** After the call, if the SQLITE_SERIALIZE_NOCOPY bit had been set,
+** the returned buffer content will remain accessible and unchanged
+** until either the next write operation on the connection or when
+** the connection is closed, and applications must not modify the
+** buffer. If the bit had been clear, the returned buffer will not
+** be accessed by SQLite after the call.
+**
 ** A call to sqlite3_serialize(D,S,P,F) might return NULL even if the
 ** SQLITE_SERIALIZE_NOCOPY bit is omitted from argument F if a memory
 ** allocation error occurs.
@@ -10546,6 +10669,9 @@ SQLITE_API unsigned char *sqlite3_serialize(
 ** SQLite will try to increase the buffer size using sqlite3_realloc64()
 ** if writes on the database cause it to grow larger than M bytes.
 **
+** Applications must not modify the buffer P or invalidate it before
+** the database connection D is closed.
+**
 ** The sqlite3_deserialize() interface will fail with SQLITE_BUSY if the
 ** database is currently in a read transaction or is involved in a backup
 ** operation.
@@ -10554,6 +10680,13 @@ SQLITE_API unsigned char *sqlite3_serialize(
 ** S argument to sqlite3_deserialize(D,S,P,N,M,F) is "temp" then the
 ** function returns SQLITE_ERROR.
 **
+** The deserialized database should not be in [WAL mode].  If the database
+** is in WAL mode, then any attempt to use the database file will result
+** in an [SQLITE_CANTOPEN] error.  The application can set the
+** [file format version numbers] (bytes 18 and 19) of the input database P
+** to 0x01 prior to invoking sqlite3_deserialize(D,S,P,N,M,F) to force the
+** database file into rollback mode and work around this limitation.
+**
 ** If sqlite3_deserialize(D,S,P,N,M,F) fails for any reason and if the
 ** SQLITE_DESERIALIZE_FREEONCLOSE bit is set in argument F, then
 ** [sqlite3_free()] is invoked on argument P prior to returning.
@@ -11626,6 +11759,18 @@ SQLITE_API int sqlite3changeset_concat(
 );
 
 
+/*
+** CAPI3REF: Upgrade the Schema of a Changeset/Patchset
+*/
+SQLITE_API int sqlite3changeset_upgrade(
+  sqlite3 *db,
+  const char *zDb,
+  int nIn, const void *pIn,       /* Input changeset */
+  int *pnOut, void **ppOut        /* OUT: Inverse of input */
+);
+
+
+
 /*
 ** CAPI3REF: Changegroup Handle
 **
@@ -11672,6 +11817,38 @@ typedef struct sqlite3_changegroup sqlite3_changegroup;
 */
 SQLITE_API int sqlite3changegroup_new(sqlite3_changegroup **pp);
 
+/*
+** CAPI3REF: Add a Schema to a Changegroup
+** METHOD: sqlite3_changegroup_schema
+**
+** This method may be used to optionally enforce the rule that the changesets
+** added to the changegroup handle must match the schema of database zDb
+** ("main", "temp", or the name of an attached database). If
+** sqlite3changegroup_add() is called to add a changeset that is not compatible
+** with the configured schema, SQLITE_SCHEMA is returned and the changegroup
+** object is left in an undefined state.
+**
+** A changeset schema is considered compatible with the database schema in
+** the same way as for sqlite3changeset_apply(). Specifically, for each
+** table in the changeset, there exists a database table with:
+**
+** 
              
+**   
            •  The name identified by the changeset, and
+**   
            •  at least as many columns as recorded in the changeset, and
+**   
            •  the primary key columns in the same position as recorded in
+**        the changeset.
+** 
            
+**
+** The output of the changegroup object always has the same schema as the
+** database nominated using this function. In cases where changesets passed
+** to sqlite3changegroup_add() have fewer columns than the corresponding table
+** in the database schema, these are filled in using the default column
+** values from the database schema. This makes it possible to combined
+** changesets that have different numbers of columns for a single table
+** within a changegroup, provided that they are otherwise compatible.
+*/
+SQLITE_API int sqlite3changegroup_schema(sqlite3_changegroup*, sqlite3*, const char *zDb);
+
 /*
 ** CAPI3REF: Add A Changeset To A Changegroup
 ** METHOD: sqlite3_changegroup
@@ -11740,13 +11917,18 @@ SQLITE_API int sqlite3changegroup_new(sqlite3_changegroup **pp);
 ** If the new changeset contains changes to a table that is already present
 ** in the changegroup, then the number of columns and the position of the
 ** primary key columns for the table must be consistent. If this is not the
-** case, this function fails with SQLITE_SCHEMA. If the input changeset
-** appears to be corrupt and the corruption is detected, SQLITE_CORRUPT is
-** returned. Or, if an out-of-memory condition occurs during processing, this
-** function returns SQLITE_NOMEM. In all cases, if an error occurs the state
-** of the final contents of the changegroup is undefined.
+** case, this function fails with SQLITE_SCHEMA. Except, if the changegroup
+** object has been configured with a database schema using the
+** sqlite3changegroup_schema() API, then it is possible to combine changesets
+** with different numbers of columns for a single table, provided that
+** they are otherwise compatible.
 **
-** If no error occurs, SQLITE_OK is returned.
+** If the input changeset appears to be corrupt and the corruption is
+** detected, SQLITE_CORRUPT is returned. Or, if an out-of-memory condition
+** occurs during processing, this function returns SQLITE_NOMEM.
+**
+** In all cases, if an error occurs the state of the final contents of the
+** changegroup is undefined. If no error occurs, SQLITE_OK is returned.
 */
 SQLITE_API int sqlite3changegroup_add(sqlite3_changegroup*, int nData, void *pData);
 
@@ -12011,10 +12193,17 @@ SQLITE_API int sqlite3changeset_apply_v2(
 **    
          • an insert change if all fields of the conflicting row match
 **        the row being inserted.
 **    
          
+**
+** 
          SQLITE_CHANGESETAPPLY_FKNOACTION 
          
+**   If this flag it set, then all foreign key constraints in the target
+**   database behave as if they were declared with "ON UPDATE NO ACTION ON
+**   DELETE NO ACTION", even if they are actually CASCADE, RESTRICT, SET NULL
+**   or SET DEFAULT.
 */
 #define SQLITE_CHANGESETAPPLY_NOSAVEPOINT   0x0001
 #define SQLITE_CHANGESETAPPLY_INVERT        0x0002
 #define SQLITE_CHANGESETAPPLY_IGNORENOOP    0x0004
+#define SQLITE_CHANGESETAPPLY_FKNOACTION    0x0008
 
 /*
 ** CAPI3REF: Constants Passed To The Conflict Handler
@@ -12755,7 +12944,7 @@ struct Fts5PhraseIter {
 **   See xPhraseFirstColumn above.
 */
 struct Fts5ExtensionApi {
-  int iVersion;                   /* Currently always set to 3 */
+  int iVersion;                   /* Currently always set to 2 */
 
   void *(*xUserData)(Fts5Context*);
 
@@ -12984,8 +13173,8 @@ struct Fts5ExtensionApi {
 **   as separate queries of the FTS index are required for each synonym.
 **
 **   When using methods (2) or (3), it is important that the tokenizer only
-**   provide synonyms when tokenizing document text (method (2)) or query
-**   text (method (3)), not both. Doing so will not cause any errors, but is
+**   provide synonyms when tokenizing document text (method (3)) or query
+**   text (method (2)), not both. Doing so will not cause any errors, but is
 **   inefficient.
 */
 typedef struct Fts5Tokenizer Fts5Tokenizer;
@@ -13033,7 +13222,7 @@ struct fts5_api {
   int (*xCreateTokenizer)(
     fts5_api *pApi,
     const char *zName,
-    void *pContext,
+    void *pUserData,
     fts5_tokenizer *pTokenizer,
     void (*xDestroy)(void*)
   );
@@ -13042,7 +13231,7 @@ struct fts5_api {
   int (*xFindTokenizer)(
     fts5_api *pApi,
     const char *zName,
-    void **ppContext,
+    void **ppUserData,
     fts5_tokenizer *pTokenizer
   );
 
@@ -13050,7 +13239,7 @@ struct fts5_api {
   int (*xCreateFunction)(
     fts5_api *pApi,
     const char *zName,
-    void *pContext,
+    void *pUserData,
     fts5_extension_function xFunction,
     void (*xDestroy)(void*)
   );
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3ext.h b/vendor/github.com/mattn/go-sqlite3/sqlite3ext.h
index 819e2e357..935437bb6 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3ext.h
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3ext.h
@@ -366,6 +366,11 @@ struct sqlite3_api_routines {
   int (*value_encoding)(sqlite3_value*);
   /* Version 3.41.0 and later */
   int (*is_interrupted)(sqlite3*);
+  /* Version 3.43.0 and later */
+  int (*stmt_explain)(sqlite3_stmt*,int);
+  /* Version 3.44.0 and later */
+  void *(*get_clientdata)(sqlite3*,const char*);
+  int (*set_clientdata)(sqlite3*, const char*, void*, void(*)(void*));
 };
 
 /*
@@ -694,6 +699,11 @@ typedef int (*sqlite3_loadext_entry)(
 #define sqlite3_value_encoding         sqlite3_api->value_encoding
 /* Version 3.41.0 and later */
 #define sqlite3_is_interrupted         sqlite3_api->is_interrupted
+/* Version 3.43.0 and later */
+#define sqlite3_stmt_explain           sqlite3_api->stmt_explain
+/* Version 3.44.0 and later */
+#define sqlite3_get_clientdata         sqlite3_api->get_clientdata
+#define sqlite3_set_clientdata         sqlite3_api->set_clientdata
 #endif /* !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION) */
 
 #if !defined(SQLITE_CORE) && !defined(SQLITE_OMIT_LOAD_EXTENSION)
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 127e0fad1..0de30b9b7 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -71,7 +71,7 @@ github.com/kylelemons/go-gypsy/yaml
 github.com/lib/pq
 github.com/lib/pq/oid
 github.com/lib/pq/scram
-# github.com/mattn/go-sqlite3 v1.14.17
+# github.com/mattn/go-sqlite3 v1.14.18
 ## explicit; go 1.16
 github.com/mattn/go-sqlite3
 # github.com/matttproud/golang_protobuf_extensions v1.0.4

From df32d8809739cec59aa572521fcac16a684eaf4f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 6 Nov 2023 03:26:12 +0000
Subject: [PATCH 47/73] build(deps): bump
 github.com/google/certificate-transparency-go

Bumps [github.com/google/certificate-transparency-go](https://github.com/google/certificate-transparency-go) from 1.1.6 to 1.1.7.
- [Release notes](https://github.com/google/certificate-transparency-go/releases)
- [Changelog](https://github.com/google/certificate-transparency-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/certificate-transparency-go/compare/v1.1.6...v1.1.7)

---
updated-dependencies:
- dependency-name: github.com/google/certificate-transparency-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |   13 +-
 go.sum                                        |   28 +-
 vendor/github.com/go-logr/logr/.golangci.yaml |    3 -
 vendor/github.com/go-logr/logr/discard.go     |   32 +-
 vendor/github.com/go-logr/logr/logr.go        |  166 +-
 vendor/github.com/golang/protobuf/AUTHORS     |    3 -
 .../github.com/golang/protobuf/CONTRIBUTORS   |    3 -
 vendor/github.com/golang/protobuf/LICENSE     |   28 -
 .../golang/protobuf/proto/buffer.go           |  324 --
 .../golang/protobuf/proto/defaults.go         |   63 -
 .../golang/protobuf/proto/deprecated.go       |  113 -
 .../golang/protobuf/proto/discard.go          |   58 -
 .../golang/protobuf/proto/extensions.go       |  356 --
 .../golang/protobuf/proto/properties.go       |  306 --
 .../github.com/golang/protobuf/proto/proto.go |  167 -
 .../golang/protobuf/proto/registry.go         |  317 --
 .../golang/protobuf/proto/text_decode.go      |  801 ---
 .../golang/protobuf/proto/text_encode.go      |  560 --
 .../github.com/golang/protobuf/proto/wire.go  |   78 -
 .../golang/protobuf/proto/wrappers.go         |   34 -
 .../certificate-transparency-go/CHANGELOG.md  |  143 +-
 .../certificate-transparency-go/README.md     |    4 +-
 .../cloudbuild.yaml                           |    1 -
 .../cloudbuild_master.yaml                    |    1 -
 .../cloudbuild_tag.yaml                       |    1 -
 .../jsonclient/client.go                      |    2 +-
 .../certificate-transparency-go/tls/tls.go    |    2 +-
 .../certificate-transparency-go/types.go      |    2 +-
 .../x509/root_unix.go                         |    4 +-
 .../x509/root_wasip1.go                       |   19 +
 .../x509/root_zos.go                          |   13 +
 .../{ => v2}/LICENSE                          |    0
 .../{ => v2}/NOTICE                           |    0
 .../{ => v2}/pbutil/.gitignore                |    0
 .../{ => v2}/pbutil/Makefile                  |    0
 .../{ => v2}/pbutil/decode.go                 |   16 +-
 .../{ => v2}/pbutil/doc.go                    |    0
 .../{ => v2}/pbutil/encode.go                 |    5 +-
 .../prometheus/client_model/go/metrics.pb.go  |    3 +
 .../prometheus/common/expfmt/decode.go        |    2 +-
 .../prometheus/common/expfmt/encode.go        |    2 +-
 .../prometheus/procfs/Makefile.common         |    2 +-
 .../prometheus/procfs/fs_statfs_notype.go     |    4 +-
 .../prometheus/procfs/fs_statfs_type.go       |    4 +-
 .../prometheus/procfs/mountstats.go           |   83 +-
 .../prometheus/procfs/proc_fdinfo.go          |    8 +-
 .../github.com/prometheus/procfs/proc_maps.go |   20 +-
 .../prometheus/procfs/proc_status.go          |   21 +-
 .../protobuf/reflect/protodesc/desc.go        |  276 -
 .../protobuf/reflect/protodesc/desc_init.go   |  248 -
 .../reflect/protodesc/desc_resolve.go         |  286 -
 .../reflect/protodesc/desc_validate.go        |  374 --
 .../protobuf/reflect/protodesc/proto.go       |  252 -
 .../types/descriptorpb/descriptor.pb.go       | 4605 -----------------
 vendor/modules.txt                            |   27 +-
 55 files changed, 448 insertions(+), 9435 deletions(-)
 delete mode 100644 vendor/github.com/golang/protobuf/AUTHORS
 delete mode 100644 vendor/github.com/golang/protobuf/CONTRIBUTORS
 delete mode 100644 vendor/github.com/golang/protobuf/LICENSE
 delete mode 100644 vendor/github.com/golang/protobuf/proto/buffer.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/defaults.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/deprecated.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/discard.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/extensions.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/properties.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/proto.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/registry.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/text_decode.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/text_encode.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/wire.go
 delete mode 100644 vendor/github.com/golang/protobuf/proto/wrappers.go
 create mode 100644 vendor/github.com/google/certificate-transparency-go/x509/root_wasip1.go
 create mode 100644 vendor/github.com/google/certificate-transparency-go/x509/root_zos.go
 rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/LICENSE (100%)
 rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/NOTICE (100%)
 rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/.gitignore (100%)
 rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/Makefile (100%)
 rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/decode.go (83%)
 rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/doc.go (100%)
 rename vendor/github.com/matttproud/golang_protobuf_extensions/{ => v2}/pbutil/encode.go (91%)
 delete mode 100644 vendor/google.golang.org/protobuf/reflect/protodesc/desc.go
 delete mode 100644 vendor/google.golang.org/protobuf/reflect/protodesc/desc_init.go
 delete mode 100644 vendor/google.golang.org/protobuf/reflect/protodesc/desc_resolve.go
 delete mode 100644 vendor/google.golang.org/protobuf/reflect/protodesc/desc_validate.go
 delete mode 100644 vendor/google.golang.org/protobuf/reflect/protodesc/proto.go
 delete mode 100644 vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go

diff --git a/go.mod b/go.mod
index d00976270..2d4f1a821 100644
--- a/go.mod
+++ b/go.mod
@@ -7,7 +7,7 @@ require (
 	github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a
 	github.com/cloudflare/redoctober v0.0.0-20211013234631-6a74ccc611f6
 	github.com/go-sql-driver/mysql v1.7.1
-	github.com/google/certificate-transparency-go v1.1.6
+	github.com/google/certificate-transparency-go v1.1.7
 	github.com/jmhodges/clock v1.2.0
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
@@ -23,14 +23,13 @@ require (
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/getsentry/sentry-go v0.11.0 // indirect
-	github.com/go-logr/logr v1.2.3 // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
+	github.com/go-logr/logr v1.2.4 // indirect
 	github.com/kylelemons/go-gypsy v1.0.0 // indirect
-	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
+	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
 	github.com/pelletier/go-toml v1.9.3 // indirect
-	github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 // indirect
-	github.com/prometheus/common v0.44.0 // indirect
-	github.com/prometheus/procfs v0.11.1 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/common v0.45.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/stretchr/testify v1.8.4 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
diff --git a/go.sum b/go.sum
index 5050c5faa..4612292d9 100644
--- a/go.sum
+++ b/go.sum
@@ -106,8 +106,8 @@ github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
 github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
 github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0=
-github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
+github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
@@ -144,13 +144,11 @@ github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw
 github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
-github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
-github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/gomodule/redigo v1.7.1-0.20190724094224-574c33c3df38/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/certificate-transparency-go v1.1.6 h1:SW5K3sr7ptST/pIvNkSVWMiJqemRmkjJPPT0jzXdOOY=
-github.com/google/certificate-transparency-go v1.1.6/go.mod h1:0OJjOsOk+wj6aYQgP7FU0ioQ0AJUmnWPFMqTjQeazPQ=
+github.com/google/certificate-transparency-go v1.1.7 h1:IASD+NtgSTJLPdzkthwvAG1ZVbF2WtFg4IvoA68XGSw=
+github.com/google/certificate-transparency-go v1.1.7/go.mod h1:FSSBo8fyMVgqptbfF6j5p/XNdgQftAhSmXcIxV9iphE=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@@ -160,7 +158,7 @@ github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
+github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
 github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -242,8 +240,8 @@ github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6
 github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
 github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
-github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
+github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
+github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k=
 github.com/mediocregopher/radix/v3 v3.4.2/go.mod h1:8FL3F6UQRXHXIBSPUs5h0RybMF8i4n7wVopoX3x7Bv8=
 github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/leAFZyRl6bYmGDlGc=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
@@ -286,21 +284,21 @@ github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16 h1:v7DLqVdK4VrYkVD5diGdl4sxJurKJEMnODWRJlxV9oM=
-github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU=
+github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
+github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
 github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
 github.com/prometheus/common v0.31.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
-github.com/prometheus/common v0.44.0 h1:+5BrQJwiBB9xsMygAB3TNvpQKOwlkc25LbISbrdOOfY=
-github.com/prometheus/common v0.44.0/go.mod h1:ofAIvZbQ1e/nugmZGz4/qCb9Ap1VoSTIO7x0VV9VvuY=
+github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM=
+github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
 github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
 github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
-github.com/prometheus/procfs v0.11.1 h1:xRC8Iq1yyca5ypa9n1EZnWZkt7dwcoRPQwX/5gwaUuI=
-github.com/prometheus/procfs v0.11.1/go.mod h1:eesXgaPo1q7lBpVMoMy0ZOFTth9hBn4W/y0/p/ScXhY=
+github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
+github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
diff --git a/vendor/github.com/go-logr/logr/.golangci.yaml b/vendor/github.com/go-logr/logr/.golangci.yaml
index 94ff801df..0cffafa7b 100644
--- a/vendor/github.com/go-logr/logr/.golangci.yaml
+++ b/vendor/github.com/go-logr/logr/.golangci.yaml
@@ -6,7 +6,6 @@ linters:
   disable-all: true
   enable:
     - asciicheck
-    - deadcode
     - errcheck
     - forcetypeassert
     - gocritic
@@ -18,10 +17,8 @@ linters:
     - misspell
     - revive
     - staticcheck
-    - structcheck
     - typecheck
     - unused
-    - varcheck
 
 issues:
   exclude-use-default: false
diff --git a/vendor/github.com/go-logr/logr/discard.go b/vendor/github.com/go-logr/logr/discard.go
index 9d92a38f1..99fe8be93 100644
--- a/vendor/github.com/go-logr/logr/discard.go
+++ b/vendor/github.com/go-logr/logr/discard.go
@@ -20,35 +20,5 @@ package logr
 // used whenever the caller is not interested in the logs.  Logger instances
 // produced by this function always compare as equal.
 func Discard() Logger {
-	return Logger{
-		level: 0,
-		sink:  discardLogSink{},
-	}
-}
-
-// discardLogSink is a LogSink that discards all messages.
-type discardLogSink struct{}
-
-// Verify that it actually implements the interface
-var _ LogSink = discardLogSink{}
-
-func (l discardLogSink) Init(RuntimeInfo) {
-}
-
-func (l discardLogSink) Enabled(int) bool {
-	return false
-}
-
-func (l discardLogSink) Info(int, string, ...interface{}) {
-}
-
-func (l discardLogSink) Error(error, string, ...interface{}) {
-}
-
-func (l discardLogSink) WithValues(...interface{}) LogSink {
-	return l
-}
-
-func (l discardLogSink) WithName(string) LogSink {
-	return l
+	return New(nil)
 }
diff --git a/vendor/github.com/go-logr/logr/logr.go b/vendor/github.com/go-logr/logr/logr.go
index c3b56b3d2..e027aea3f 100644
--- a/vendor/github.com/go-logr/logr/logr.go
+++ b/vendor/github.com/go-logr/logr/logr.go
@@ -21,7 +21,7 @@ limitations under the License.
 // to back that API.  Packages in the Go ecosystem can depend on this package,
 // while callers can implement logging with whatever backend is appropriate.
 //
-// Usage
+// # Usage
 //
 // Logging is done using a Logger instance.  Logger is a concrete type with
 // methods, which defers the actual logging to a LogSink interface.  The main
@@ -30,16 +30,20 @@ limitations under the License.
 // "structured logging".
 //
 // With Go's standard log package, we might write:
-//   log.Printf("setting target value %s", targetValue)
+//
+//	log.Printf("setting target value %s", targetValue)
 //
 // With logr's structured logging, we'd write:
-//   logger.Info("setting target", "value", targetValue)
+//
+//	logger.Info("setting target", "value", targetValue)
 //
 // Errors are much the same.  Instead of:
-//   log.Printf("failed to open the pod bay door for user %s: %v", user, err)
+//
+//	log.Printf("failed to open the pod bay door for user %s: %v", user, err)
 //
 // We'd write:
-//   logger.Error(err, "failed to open the pod bay door", "user", user)
+//
+//	logger.Error(err, "failed to open the pod bay door", "user", user)
 //
 // Info() and Error() are very similar, but they are separate methods so that
 // LogSink implementations can choose to do things like attach additional
@@ -47,7 +51,7 @@ limitations under the License.
 // always logged, regardless of the current verbosity.  If there is no error
 // instance available, passing nil is valid.
 //
-// Verbosity
+// # Verbosity
 //
 // Often we want to log information only when the application in "verbose
 // mode".  To write log lines that are more verbose, Logger has a V() method.
@@ -58,20 +62,22 @@ limitations under the License.
 // Error messages do not have a verbosity level and are always logged.
 //
 // Where we might have written:
-//   if flVerbose >= 2 {
-//       log.Printf("an unusual thing happened")
-//   }
+//
+//	if flVerbose >= 2 {
+//	    log.Printf("an unusual thing happened")
+//	}
 //
 // We can write:
-//   logger.V(2).Info("an unusual thing happened")
 //
-// Logger Names
+//	logger.V(2).Info("an unusual thing happened")
+//
+// # Logger Names
 //
 // Logger instances can have name strings so that all messages logged through
 // that instance have additional context.  For example, you might want to add
 // a subsystem name:
 //
-//   logger.WithName("compactor").Info("started", "time", time.Now())
+//	logger.WithName("compactor").Info("started", "time", time.Now())
 //
 // The WithName() method returns a new Logger, which can be passed to
 // constructors or other functions for further use.  Repeated use of WithName()
@@ -82,25 +88,27 @@ limitations under the License.
 // joining operation (e.g. whitespace, commas, periods, slashes, brackets,
 // quotes, etc).
 //
-// Saved Values
+// # Saved Values
 //
 // Logger instances can store any number of key/value pairs, which will be
 // logged alongside all messages logged through that instance.  For example,
 // you might want to create a Logger instance per managed object:
 //
 // With the standard log package, we might write:
-//   log.Printf("decided to set field foo to value %q for object %s/%s",
-//       targetValue, object.Namespace, object.Name)
+//
+//	log.Printf("decided to set field foo to value %q for object %s/%s",
+//	    targetValue, object.Namespace, object.Name)
 //
 // With logr we'd write:
-//   // Elsewhere: set up the logger to log the object name.
-//   obj.logger = mainLogger.WithValues(
-//       "name", obj.name, "namespace", obj.namespace)
 //
-//   // later on...
-//   obj.logger.Info("setting foo", "value", targetValue)
+//	// Elsewhere: set up the logger to log the object name.
+//	obj.logger = mainLogger.WithValues(
+//	    "name", obj.name, "namespace", obj.namespace)
+//
+//	// later on...
+//	obj.logger.Info("setting foo", "value", targetValue)
 //
-// Best Practices
+// # Best Practices
 //
 // Logger has very few hard rules, with the goal that LogSink implementations
 // might have a lot of freedom to differentiate.  There are, however, some
@@ -124,15 +132,15 @@ limitations under the License.
 // around. For cases where passing a logger is optional, a pointer to Logger
 // should be used.
 //
-// Key Naming Conventions
+// # Key Naming Conventions
 //
 // Keys are not strictly required to conform to any specification or regex, but
 // it is recommended that they:
-//   * be human-readable and meaningful (not auto-generated or simple ordinals)
-//   * be constant (not dependent on input data)
-//   * contain only printable characters
-//   * not contain whitespace or punctuation
-//   * use lower case for simple keys and lowerCamelCase for more complex ones
+//   - be human-readable and meaningful (not auto-generated or simple ordinals)
+//   - be constant (not dependent on input data)
+//   - contain only printable characters
+//   - not contain whitespace or punctuation
+//   - use lower case for simple keys and lowerCamelCase for more complex ones
 //
 // These guidelines help ensure that log data is processed properly regardless
 // of the log implementation.  For example, log implementations will try to
@@ -141,51 +149,54 @@ limitations under the License.
 // While users are generally free to use key names of their choice, it's
 // generally best to avoid using the following keys, as they're frequently used
 // by implementations:
-//   * "caller": the calling information (file/line) of a particular log line
-//   * "error": the underlying error value in the `Error` method
-//   * "level": the log level
-//   * "logger": the name of the associated logger
-//   * "msg": the log message
-//   * "stacktrace": the stack trace associated with a particular log line or
-//                   error (often from the `Error` message)
-//   * "ts": the timestamp for a log line
+//   - "caller": the calling information (file/line) of a particular log line
+//   - "error": the underlying error value in the `Error` method
+//   - "level": the log level
+//   - "logger": the name of the associated logger
+//   - "msg": the log message
+//   - "stacktrace": the stack trace associated with a particular log line or
+//     error (often from the `Error` message)
+//   - "ts": the timestamp for a log line
 //
 // Implementations are encouraged to make use of these keys to represent the
 // above concepts, when necessary (for example, in a pure-JSON output form, it
 // would be necessary to represent at least message and timestamp as ordinary
 // named values).
 //
-// Break Glass
+// # Break Glass
 //
 // Implementations may choose to give callers access to the underlying
 // logging implementation.  The recommended pattern for this is:
-//   // Underlier exposes access to the underlying logging implementation.
-//   // Since callers only have a logr.Logger, they have to know which
-//   // implementation is in use, so this interface is less of an abstraction
-//   // and more of way to test type conversion.
-//   type Underlier interface {
-//       GetUnderlying() 
-//   }
+//
+//	// Underlier exposes access to the underlying logging implementation.
+//	// Since callers only have a logr.Logger, they have to know which
+//	// implementation is in use, so this interface is less of an abstraction
+//	// and more of way to test type conversion.
+//	type Underlier interface {
+//	    GetUnderlying() 
+//	}
 //
 // Logger grants access to the sink to enable type assertions like this:
-//   func DoSomethingWithImpl(log logr.Logger) {
-//       if underlier, ok := log.GetSink()(impl.Underlier) {
-//          implLogger := underlier.GetUnderlying()
-//          ...
-//       }
-//   }
+//
+//	func DoSomethingWithImpl(log logr.Logger) {
+//	    if underlier, ok := log.GetSink().(impl.Underlier); ok {
+//	       implLogger := underlier.GetUnderlying()
+//	       ...
+//	    }
+//	}
 //
 // Custom `With*` functions can be implemented by copying the complete
 // Logger struct and replacing the sink in the copy:
-//   // WithFooBar changes the foobar parameter in the log sink and returns a
-//   // new logger with that modified sink.  It does nothing for loggers where
-//   // the sink doesn't support that parameter.
-//   func WithFoobar(log logr.Logger, foobar int) logr.Logger {
-//      if foobarLogSink, ok := log.GetSink()(FoobarSink); ok {
-//         log = log.WithSink(foobarLogSink.WithFooBar(foobar))
-//      }
-//      return log
-//   }
+//
+//	// WithFooBar changes the foobar parameter in the log sink and returns a
+//	// new logger with that modified sink.  It does nothing for loggers where
+//	// the sink doesn't support that parameter.
+//	func WithFoobar(log logr.Logger, foobar int) logr.Logger {
+//	   if foobarLogSink, ok := log.GetSink().(FoobarSink); ok {
+//	      log = log.WithSink(foobarLogSink.WithFooBar(foobar))
+//	   }
+//	   return log
+//	}
 //
 // Don't use New to construct a new Logger with a LogSink retrieved from an
 // existing Logger. Source code attribution might not work correctly and
@@ -201,11 +212,14 @@ import (
 )
 
 // New returns a new Logger instance.  This is primarily used by libraries
-// implementing LogSink, rather than end users.
+// implementing LogSink, rather than end users.  Passing a nil sink will create
+// a Logger which discards all log lines.
 func New(sink LogSink) Logger {
 	logger := Logger{}
 	logger.setSink(sink)
-	sink.Init(runtimeInfo)
+	if sink != nil {
+		sink.Init(runtimeInfo)
+	}
 	return logger
 }
 
@@ -244,7 +258,7 @@ type Logger struct {
 // Enabled tests whether this Logger is enabled.  For example, commandline
 // flags might be used to set the logging verbosity and disable some info logs.
 func (l Logger) Enabled() bool {
-	return l.sink.Enabled(l.level)
+	return l.sink != nil && l.sink.Enabled(l.level)
 }
 
 // Info logs a non-error message with the given key/value pairs as context.
@@ -254,6 +268,9 @@ func (l Logger) Enabled() bool {
 // information.  The key/value pairs must alternate string keys and arbitrary
 // values.
 func (l Logger) Info(msg string, keysAndValues ...interface{}) {
+	if l.sink == nil {
+		return
+	}
 	if l.Enabled() {
 		if withHelper, ok := l.sink.(CallStackHelperLogSink); ok {
 			withHelper.GetCallStackHelper()()
@@ -273,6 +290,9 @@ func (l Logger) Info(msg string, keysAndValues ...interface{}) {
 // triggered this log line, if present. The err parameter is optional
 // and nil may be passed instead of an error instance.
 func (l Logger) Error(err error, msg string, keysAndValues ...interface{}) {
+	if l.sink == nil {
+		return
+	}
 	if withHelper, ok := l.sink.(CallStackHelperLogSink); ok {
 		withHelper.GetCallStackHelper()()
 	}
@@ -284,6 +304,9 @@ func (l Logger) Error(err error, msg string, keysAndValues ...interface{}) {
 // level means a log message is less important.  Negative V-levels are treated
 // as 0.
 func (l Logger) V(level int) Logger {
+	if l.sink == nil {
+		return l
+	}
 	if level < 0 {
 		level = 0
 	}
@@ -294,6 +317,9 @@ func (l Logger) V(level int) Logger {
 // WithValues returns a new Logger instance with additional key/value pairs.
 // See Info for documentation on how key/value pairs work.
 func (l Logger) WithValues(keysAndValues ...interface{}) Logger {
+	if l.sink == nil {
+		return l
+	}
 	l.setSink(l.sink.WithValues(keysAndValues...))
 	return l
 }
@@ -304,6 +330,9 @@ func (l Logger) WithValues(keysAndValues ...interface{}) Logger {
 // contain only letters, digits, and hyphens (see the package documentation for
 // more information).
 func (l Logger) WithName(name string) Logger {
+	if l.sink == nil {
+		return l
+	}
 	l.setSink(l.sink.WithName(name))
 	return l
 }
@@ -324,6 +353,9 @@ func (l Logger) WithName(name string) Logger {
 // WithCallDepth(1) because it works with implementions that support the
 // CallDepthLogSink and/or CallStackHelperLogSink interfaces.
 func (l Logger) WithCallDepth(depth int) Logger {
+	if l.sink == nil {
+		return l
+	}
 	if withCallDepth, ok := l.sink.(CallDepthLogSink); ok {
 		l.setSink(withCallDepth.WithCallDepth(depth))
 	}
@@ -345,6 +377,9 @@ func (l Logger) WithCallDepth(depth int) Logger {
 // implementation does not support either of these, the original Logger will be
 // returned.
 func (l Logger) WithCallStackHelper() (func(), Logger) {
+	if l.sink == nil {
+		return func() {}, l
+	}
 	var helper func()
 	if withCallDepth, ok := l.sink.(CallDepthLogSink); ok {
 		l.setSink(withCallDepth.WithCallDepth(1))
@@ -357,6 +392,11 @@ func (l Logger) WithCallStackHelper() (func(), Logger) {
 	return helper, l
 }
 
+// IsZero returns true if this logger is an uninitialized zero value
+func (l Logger) IsZero() bool {
+	return l.sink == nil
+}
+
 // contextKey is how we find Loggers in a context.Context.
 type contextKey struct{}
 
@@ -442,7 +482,7 @@ type LogSink interface {
 	WithName(name string) LogSink
 }
 
-// CallDepthLogSink represents a Logger that knows how to climb the call stack
+// CallDepthLogSink represents a LogSink that knows how to climb the call stack
 // to identify the original call site and can offset the depth by a specified
 // number of frames.  This is useful for users who have helper functions
 // between the "real" call site and the actual calls to Logger methods.
@@ -467,7 +507,7 @@ type CallDepthLogSink interface {
 	WithCallDepth(depth int) LogSink
 }
 
-// CallStackHelperLogSink represents a Logger that knows how to climb
+// CallStackHelperLogSink represents a LogSink that knows how to climb
 // the call stack to identify the original call site and can skip
 // intermediate helper functions if they mark themselves as
 // helper. Go's testing package uses that approach.
diff --git a/vendor/github.com/golang/protobuf/AUTHORS b/vendor/github.com/golang/protobuf/AUTHORS
deleted file mode 100644
index 15167cd74..000000000
--- a/vendor/github.com/golang/protobuf/AUTHORS
+++ /dev/null
@@ -1,3 +0,0 @@
-# This source code refers to The Go Authors for copyright purposes.
-# The master list of authors is in the main Go distribution,
-# visible at http://tip.golang.org/AUTHORS.
diff --git a/vendor/github.com/golang/protobuf/CONTRIBUTORS b/vendor/github.com/golang/protobuf/CONTRIBUTORS
deleted file mode 100644
index 1c4577e96..000000000
--- a/vendor/github.com/golang/protobuf/CONTRIBUTORS
+++ /dev/null
@@ -1,3 +0,0 @@
-# This source code was written by the Go contributors.
-# The master list of contributors is in the main Go distribution,
-# visible at http://tip.golang.org/CONTRIBUTORS.
diff --git a/vendor/github.com/golang/protobuf/LICENSE b/vendor/github.com/golang/protobuf/LICENSE
deleted file mode 100644
index 0f646931a..000000000
--- a/vendor/github.com/golang/protobuf/LICENSE
+++ /dev/null
@@ -1,28 +0,0 @@
-Copyright 2010 The Go Authors.  All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-    * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-    * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-    * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
diff --git a/vendor/github.com/golang/protobuf/proto/buffer.go b/vendor/github.com/golang/protobuf/proto/buffer.go
deleted file mode 100644
index e810e6fea..000000000
--- a/vendor/github.com/golang/protobuf/proto/buffer.go
+++ /dev/null
@@ -1,324 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"errors"
-	"fmt"
-
-	"google.golang.org/protobuf/encoding/prototext"
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-const (
-	WireVarint     = 0
-	WireFixed32    = 5
-	WireFixed64    = 1
-	WireBytes      = 2
-	WireStartGroup = 3
-	WireEndGroup   = 4
-)
-
-// EncodeVarint returns the varint encoded bytes of v.
-func EncodeVarint(v uint64) []byte {
-	return protowire.AppendVarint(nil, v)
-}
-
-// SizeVarint returns the length of the varint encoded bytes of v.
-// This is equal to len(EncodeVarint(v)).
-func SizeVarint(v uint64) int {
-	return protowire.SizeVarint(v)
-}
-
-// DecodeVarint parses a varint encoded integer from b,
-// returning the integer value and the length of the varint.
-// It returns (0, 0) if there is a parse error.
-func DecodeVarint(b []byte) (uint64, int) {
-	v, n := protowire.ConsumeVarint(b)
-	if n < 0 {
-		return 0, 0
-	}
-	return v, n
-}
-
-// Buffer is a buffer for encoding and decoding the protobuf wire format.
-// It may be reused between invocations to reduce memory usage.
-type Buffer struct {
-	buf           []byte
-	idx           int
-	deterministic bool
-}
-
-// NewBuffer allocates a new Buffer initialized with buf,
-// where the contents of buf are considered the unread portion of the buffer.
-func NewBuffer(buf []byte) *Buffer {
-	return &Buffer{buf: buf}
-}
-
-// SetDeterministic specifies whether to use deterministic serialization.
-//
-// Deterministic serialization guarantees that for a given binary, equal
-// messages will always be serialized to the same bytes. This implies:
-//
-//   - Repeated serialization of a message will return the same bytes.
-//   - Different processes of the same binary (which may be executing on
-//     different machines) will serialize equal messages to the same bytes.
-//
-// Note that the deterministic serialization is NOT canonical across
-// languages. It is not guaranteed to remain stable over time. It is unstable
-// across different builds with schema changes due to unknown fields.
-// Users who need canonical serialization (e.g., persistent storage in a
-// canonical form, fingerprinting, etc.) should define their own
-// canonicalization specification and implement their own serializer rather
-// than relying on this API.
-//
-// If deterministic serialization is requested, map entries will be sorted
-// by keys in lexographical order. This is an implementation detail and
-// subject to change.
-func (b *Buffer) SetDeterministic(deterministic bool) {
-	b.deterministic = deterministic
-}
-
-// SetBuf sets buf as the internal buffer,
-// where the contents of buf are considered the unread portion of the buffer.
-func (b *Buffer) SetBuf(buf []byte) {
-	b.buf = buf
-	b.idx = 0
-}
-
-// Reset clears the internal buffer of all written and unread data.
-func (b *Buffer) Reset() {
-	b.buf = b.buf[:0]
-	b.idx = 0
-}
-
-// Bytes returns the internal buffer.
-func (b *Buffer) Bytes() []byte {
-	return b.buf
-}
-
-// Unread returns the unread portion of the buffer.
-func (b *Buffer) Unread() []byte {
-	return b.buf[b.idx:]
-}
-
-// Marshal appends the wire-format encoding of m to the buffer.
-func (b *Buffer) Marshal(m Message) error {
-	var err error
-	b.buf, err = marshalAppend(b.buf, m, b.deterministic)
-	return err
-}
-
-// Unmarshal parses the wire-format message in the buffer and
-// places the decoded results in m.
-// It does not reset m before unmarshaling.
-func (b *Buffer) Unmarshal(m Message) error {
-	err := UnmarshalMerge(b.Unread(), m)
-	b.idx = len(b.buf)
-	return err
-}
-
-type unknownFields struct{ XXX_unrecognized protoimpl.UnknownFields }
-
-func (m *unknownFields) String() string { panic("not implemented") }
-func (m *unknownFields) Reset()         { panic("not implemented") }
-func (m *unknownFields) ProtoMessage()  { panic("not implemented") }
-
-// DebugPrint dumps the encoded bytes of b with a header and footer including s
-// to stdout. This is only intended for debugging.
-func (*Buffer) DebugPrint(s string, b []byte) {
-	m := MessageReflect(new(unknownFields))
-	m.SetUnknown(b)
-	b, _ = prototext.MarshalOptions{AllowPartial: true, Indent: "\t"}.Marshal(m.Interface())
-	fmt.Printf("==== %s ====\n%s==== %s ====\n", s, b, s)
-}
-
-// EncodeVarint appends an unsigned varint encoding to the buffer.
-func (b *Buffer) EncodeVarint(v uint64) error {
-	b.buf = protowire.AppendVarint(b.buf, v)
-	return nil
-}
-
-// EncodeZigzag32 appends a 32-bit zig-zag varint encoding to the buffer.
-func (b *Buffer) EncodeZigzag32(v uint64) error {
-	return b.EncodeVarint(uint64((uint32(v) << 1) ^ uint32((int32(v) >> 31))))
-}
-
-// EncodeZigzag64 appends a 64-bit zig-zag varint encoding to the buffer.
-func (b *Buffer) EncodeZigzag64(v uint64) error {
-	return b.EncodeVarint(uint64((uint64(v) << 1) ^ uint64((int64(v) >> 63))))
-}
-
-// EncodeFixed32 appends a 32-bit little-endian integer to the buffer.
-func (b *Buffer) EncodeFixed32(v uint64) error {
-	b.buf = protowire.AppendFixed32(b.buf, uint32(v))
-	return nil
-}
-
-// EncodeFixed64 appends a 64-bit little-endian integer to the buffer.
-func (b *Buffer) EncodeFixed64(v uint64) error {
-	b.buf = protowire.AppendFixed64(b.buf, uint64(v))
-	return nil
-}
-
-// EncodeRawBytes appends a length-prefixed raw bytes to the buffer.
-func (b *Buffer) EncodeRawBytes(v []byte) error {
-	b.buf = protowire.AppendBytes(b.buf, v)
-	return nil
-}
-
-// EncodeStringBytes appends a length-prefixed raw bytes to the buffer.
-// It does not validate whether v contains valid UTF-8.
-func (b *Buffer) EncodeStringBytes(v string) error {
-	b.buf = protowire.AppendString(b.buf, v)
-	return nil
-}
-
-// EncodeMessage appends a length-prefixed encoded message to the buffer.
-func (b *Buffer) EncodeMessage(m Message) error {
-	var err error
-	b.buf = protowire.AppendVarint(b.buf, uint64(Size(m)))
-	b.buf, err = marshalAppend(b.buf, m, b.deterministic)
-	return err
-}
-
-// DecodeVarint consumes an encoded unsigned varint from the buffer.
-func (b *Buffer) DecodeVarint() (uint64, error) {
-	v, n := protowire.ConsumeVarint(b.buf[b.idx:])
-	if n < 0 {
-		return 0, protowire.ParseError(n)
-	}
-	b.idx += n
-	return uint64(v), nil
-}
-
-// DecodeZigzag32 consumes an encoded 32-bit zig-zag varint from the buffer.
-func (b *Buffer) DecodeZigzag32() (uint64, error) {
-	v, err := b.DecodeVarint()
-	if err != nil {
-		return 0, err
-	}
-	return uint64((uint32(v) >> 1) ^ uint32((int32(v&1)<<31)>>31)), nil
-}
-
-// DecodeZigzag64 consumes an encoded 64-bit zig-zag varint from the buffer.
-func (b *Buffer) DecodeZigzag64() (uint64, error) {
-	v, err := b.DecodeVarint()
-	if err != nil {
-		return 0, err
-	}
-	return uint64((uint64(v) >> 1) ^ uint64((int64(v&1)<<63)>>63)), nil
-}
-
-// DecodeFixed32 consumes a 32-bit little-endian integer from the buffer.
-func (b *Buffer) DecodeFixed32() (uint64, error) {
-	v, n := protowire.ConsumeFixed32(b.buf[b.idx:])
-	if n < 0 {
-		return 0, protowire.ParseError(n)
-	}
-	b.idx += n
-	return uint64(v), nil
-}
-
-// DecodeFixed64 consumes a 64-bit little-endian integer from the buffer.
-func (b *Buffer) DecodeFixed64() (uint64, error) {
-	v, n := protowire.ConsumeFixed64(b.buf[b.idx:])
-	if n < 0 {
-		return 0, protowire.ParseError(n)
-	}
-	b.idx += n
-	return uint64(v), nil
-}
-
-// DecodeRawBytes consumes a length-prefixed raw bytes from the buffer.
-// If alloc is specified, it returns a copy the raw bytes
-// rather than a sub-slice of the buffer.
-func (b *Buffer) DecodeRawBytes(alloc bool) ([]byte, error) {
-	v, n := protowire.ConsumeBytes(b.buf[b.idx:])
-	if n < 0 {
-		return nil, protowire.ParseError(n)
-	}
-	b.idx += n
-	if alloc {
-		v = append([]byte(nil), v...)
-	}
-	return v, nil
-}
-
-// DecodeStringBytes consumes a length-prefixed raw bytes from the buffer.
-// It does not validate whether the raw bytes contain valid UTF-8.
-func (b *Buffer) DecodeStringBytes() (string, error) {
-	v, n := protowire.ConsumeString(b.buf[b.idx:])
-	if n < 0 {
-		return "", protowire.ParseError(n)
-	}
-	b.idx += n
-	return v, nil
-}
-
-// DecodeMessage consumes a length-prefixed message from the buffer.
-// It does not reset m before unmarshaling.
-func (b *Buffer) DecodeMessage(m Message) error {
-	v, err := b.DecodeRawBytes(false)
-	if err != nil {
-		return err
-	}
-	return UnmarshalMerge(v, m)
-}
-
-// DecodeGroup consumes a message group from the buffer.
-// It assumes that the start group marker has already been consumed and
-// consumes all bytes until (and including the end group marker).
-// It does not reset m before unmarshaling.
-func (b *Buffer) DecodeGroup(m Message) error {
-	v, n, err := consumeGroup(b.buf[b.idx:])
-	if err != nil {
-		return err
-	}
-	b.idx += n
-	return UnmarshalMerge(v, m)
-}
-
-// consumeGroup parses b until it finds an end group marker, returning
-// the raw bytes of the message (excluding the end group marker) and the
-// the total length of the message (including the end group marker).
-func consumeGroup(b []byte) ([]byte, int, error) {
-	b0 := b
-	depth := 1 // assume this follows a start group marker
-	for {
-		_, wtyp, tagLen := protowire.ConsumeTag(b)
-		if tagLen < 0 {
-			return nil, 0, protowire.ParseError(tagLen)
-		}
-		b = b[tagLen:]
-
-		var valLen int
-		switch wtyp {
-		case protowire.VarintType:
-			_, valLen = protowire.ConsumeVarint(b)
-		case protowire.Fixed32Type:
-			_, valLen = protowire.ConsumeFixed32(b)
-		case protowire.Fixed64Type:
-			_, valLen = protowire.ConsumeFixed64(b)
-		case protowire.BytesType:
-			_, valLen = protowire.ConsumeBytes(b)
-		case protowire.StartGroupType:
-			depth++
-		case protowire.EndGroupType:
-			depth--
-		default:
-			return nil, 0, errors.New("proto: cannot parse reserved wire type")
-		}
-		if valLen < 0 {
-			return nil, 0, protowire.ParseError(valLen)
-		}
-		b = b[valLen:]
-
-		if depth == 0 {
-			return b0[:len(b0)-len(b)-tagLen], len(b0) - len(b), nil
-		}
-	}
-}
diff --git a/vendor/github.com/golang/protobuf/proto/defaults.go b/vendor/github.com/golang/protobuf/proto/defaults.go
deleted file mode 100644
index d399bf069..000000000
--- a/vendor/github.com/golang/protobuf/proto/defaults.go
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"google.golang.org/protobuf/reflect/protoreflect"
-)
-
-// SetDefaults sets unpopulated scalar fields to their default values.
-// Fields within a oneof are not set even if they have a default value.
-// SetDefaults is recursively called upon any populated message fields.
-func SetDefaults(m Message) {
-	if m != nil {
-		setDefaults(MessageReflect(m))
-	}
-}
-
-func setDefaults(m protoreflect.Message) {
-	fds := m.Descriptor().Fields()
-	for i := 0; i < fds.Len(); i++ {
-		fd := fds.Get(i)
-		if !m.Has(fd) {
-			if fd.HasDefault() && fd.ContainingOneof() == nil {
-				v := fd.Default()
-				if fd.Kind() == protoreflect.BytesKind {
-					v = protoreflect.ValueOf(append([]byte(nil), v.Bytes()...)) // copy the default bytes
-				}
-				m.Set(fd, v)
-			}
-			continue
-		}
-	}
-
-	m.Range(func(fd protoreflect.FieldDescriptor, v protoreflect.Value) bool {
-		switch {
-		// Handle singular message.
-		case fd.Cardinality() != protoreflect.Repeated:
-			if fd.Message() != nil {
-				setDefaults(m.Get(fd).Message())
-			}
-		// Handle list of messages.
-		case fd.IsList():
-			if fd.Message() != nil {
-				ls := m.Get(fd).List()
-				for i := 0; i < ls.Len(); i++ {
-					setDefaults(ls.Get(i).Message())
-				}
-			}
-		// Handle map of messages.
-		case fd.IsMap():
-			if fd.MapValue().Message() != nil {
-				ms := m.Get(fd).Map()
-				ms.Range(func(_ protoreflect.MapKey, v protoreflect.Value) bool {
-					setDefaults(v.Message())
-					return true
-				})
-			}
-		}
-		return true
-	})
-}
diff --git a/vendor/github.com/golang/protobuf/proto/deprecated.go b/vendor/github.com/golang/protobuf/proto/deprecated.go
deleted file mode 100644
index e8db57e09..000000000
--- a/vendor/github.com/golang/protobuf/proto/deprecated.go
+++ /dev/null
@@ -1,113 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"strconv"
-
-	protoV2 "google.golang.org/protobuf/proto"
-)
-
-var (
-	// Deprecated: No longer returned.
-	ErrNil = errors.New("proto: Marshal called with nil")
-
-	// Deprecated: No longer returned.
-	ErrTooLarge = errors.New("proto: message encodes to over 2 GB")
-
-	// Deprecated: No longer returned.
-	ErrInternalBadWireType = errors.New("proto: internal error: bad wiretype for oneof")
-)
-
-// Deprecated: Do not use.
-type Stats struct{ Emalloc, Dmalloc, Encode, Decode, Chit, Cmiss, Size uint64 }
-
-// Deprecated: Do not use.
-func GetStats() Stats { return Stats{} }
-
-// Deprecated: Do not use.
-func MarshalMessageSet(interface{}) ([]byte, error) {
-	return nil, errors.New("proto: not implemented")
-}
-
-// Deprecated: Do not use.
-func UnmarshalMessageSet([]byte, interface{}) error {
-	return errors.New("proto: not implemented")
-}
-
-// Deprecated: Do not use.
-func MarshalMessageSetJSON(interface{}) ([]byte, error) {
-	return nil, errors.New("proto: not implemented")
-}
-
-// Deprecated: Do not use.
-func UnmarshalMessageSetJSON([]byte, interface{}) error {
-	return errors.New("proto: not implemented")
-}
-
-// Deprecated: Do not use.
-func RegisterMessageSetType(Message, int32, string) {}
-
-// Deprecated: Do not use.
-func EnumName(m map[int32]string, v int32) string {
-	s, ok := m[v]
-	if ok {
-		return s
-	}
-	return strconv.Itoa(int(v))
-}
-
-// Deprecated: Do not use.
-func UnmarshalJSONEnum(m map[string]int32, data []byte, enumName string) (int32, error) {
-	if data[0] == '"' {
-		// New style: enums are strings.
-		var repr string
-		if err := json.Unmarshal(data, &repr); err != nil {
-			return -1, err
-		}
-		val, ok := m[repr]
-		if !ok {
-			return 0, fmt.Errorf("unrecognized enum %s value %q", enumName, repr)
-		}
-		return val, nil
-	}
-	// Old style: enums are ints.
-	var val int32
-	if err := json.Unmarshal(data, &val); err != nil {
-		return 0, fmt.Errorf("cannot unmarshal %#q into enum %s", data, enumName)
-	}
-	return val, nil
-}
-
-// Deprecated: Do not use; this type existed for intenal-use only.
-type InternalMessageInfo struct{}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) DiscardUnknown(m Message) {
-	DiscardUnknown(m)
-}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) Marshal(b []byte, m Message, deterministic bool) ([]byte, error) {
-	return protoV2.MarshalOptions{Deterministic: deterministic}.MarshalAppend(b, MessageV2(m))
-}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) Merge(dst, src Message) {
-	protoV2.Merge(MessageV2(dst), MessageV2(src))
-}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) Size(m Message) int {
-	return protoV2.Size(MessageV2(m))
-}
-
-// Deprecated: Do not use; this method existed for intenal-use only.
-func (*InternalMessageInfo) Unmarshal(m Message, b []byte) error {
-	return protoV2.UnmarshalOptions{Merge: true}.Unmarshal(b, MessageV2(m))
-}
diff --git a/vendor/github.com/golang/protobuf/proto/discard.go b/vendor/github.com/golang/protobuf/proto/discard.go
deleted file mode 100644
index 2187e877f..000000000
--- a/vendor/github.com/golang/protobuf/proto/discard.go
+++ /dev/null
@@ -1,58 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"google.golang.org/protobuf/reflect/protoreflect"
-)
-
-// DiscardUnknown recursively discards all unknown fields from this message
-// and all embedded messages.
-//
-// When unmarshaling a message with unrecognized fields, the tags and values
-// of such fields are preserved in the Message. This allows a later call to
-// marshal to be able to produce a message that continues to have those
-// unrecognized fields. To avoid this, DiscardUnknown is used to
-// explicitly clear the unknown fields after unmarshaling.
-func DiscardUnknown(m Message) {
-	if m != nil {
-		discardUnknown(MessageReflect(m))
-	}
-}
-
-func discardUnknown(m protoreflect.Message) {
-	m.Range(func(fd protoreflect.FieldDescriptor, val protoreflect.Value) bool {
-		switch {
-		// Handle singular message.
-		case fd.Cardinality() != protoreflect.Repeated:
-			if fd.Message() != nil {
-				discardUnknown(m.Get(fd).Message())
-			}
-		// Handle list of messages.
-		case fd.IsList():
-			if fd.Message() != nil {
-				ls := m.Get(fd).List()
-				for i := 0; i < ls.Len(); i++ {
-					discardUnknown(ls.Get(i).Message())
-				}
-			}
-		// Handle map of messages.
-		case fd.IsMap():
-			if fd.MapValue().Message() != nil {
-				ms := m.Get(fd).Map()
-				ms.Range(func(_ protoreflect.MapKey, v protoreflect.Value) bool {
-					discardUnknown(v.Message())
-					return true
-				})
-			}
-		}
-		return true
-	})
-
-	// Discard unknown fields.
-	if len(m.GetUnknown()) > 0 {
-		m.SetUnknown(nil)
-	}
-}
diff --git a/vendor/github.com/golang/protobuf/proto/extensions.go b/vendor/github.com/golang/protobuf/proto/extensions.go
deleted file mode 100644
index 42fc120c9..000000000
--- a/vendor/github.com/golang/protobuf/proto/extensions.go
+++ /dev/null
@@ -1,356 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"errors"
-	"fmt"
-	"reflect"
-
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-	"google.golang.org/protobuf/runtime/protoiface"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-type (
-	// ExtensionDesc represents an extension descriptor and
-	// is used to interact with an extension field in a message.
-	//
-	// Variables of this type are generated in code by protoc-gen-go.
-	ExtensionDesc = protoimpl.ExtensionInfo
-
-	// ExtensionRange represents a range of message extensions.
-	// Used in code generated by protoc-gen-go.
-	ExtensionRange = protoiface.ExtensionRangeV1
-
-	// Deprecated: Do not use; this is an internal type.
-	Extension = protoimpl.ExtensionFieldV1
-
-	// Deprecated: Do not use; this is an internal type.
-	XXX_InternalExtensions = protoimpl.ExtensionFields
-)
-
-// ErrMissingExtension reports whether the extension was not present.
-var ErrMissingExtension = errors.New("proto: missing extension")
-
-var errNotExtendable = errors.New("proto: not an extendable proto.Message")
-
-// HasExtension reports whether the extension field is present in m
-// either as an explicitly populated field or as an unknown field.
-func HasExtension(m Message, xt *ExtensionDesc) (has bool) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return false
-	}
-
-	// Check whether any populated known field matches the field number.
-	xtd := xt.TypeDescriptor()
-	if isValidExtension(mr.Descriptor(), xtd) {
-		has = mr.Has(xtd)
-	} else {
-		mr.Range(func(fd protoreflect.FieldDescriptor, _ protoreflect.Value) bool {
-			has = int32(fd.Number()) == xt.Field
-			return !has
-		})
-	}
-
-	// Check whether any unknown field matches the field number.
-	for b := mr.GetUnknown(); !has && len(b) > 0; {
-		num, _, n := protowire.ConsumeField(b)
-		has = int32(num) == xt.Field
-		b = b[n:]
-	}
-	return has
-}
-
-// ClearExtension removes the extension field from m
-// either as an explicitly populated field or as an unknown field.
-func ClearExtension(m Message, xt *ExtensionDesc) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return
-	}
-
-	xtd := xt.TypeDescriptor()
-	if isValidExtension(mr.Descriptor(), xtd) {
-		mr.Clear(xtd)
-	} else {
-		mr.Range(func(fd protoreflect.FieldDescriptor, _ protoreflect.Value) bool {
-			if int32(fd.Number()) == xt.Field {
-				mr.Clear(fd)
-				return false
-			}
-			return true
-		})
-	}
-	clearUnknown(mr, fieldNum(xt.Field))
-}
-
-// ClearAllExtensions clears all extensions from m.
-// This includes populated fields and unknown fields in the extension range.
-func ClearAllExtensions(m Message) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return
-	}
-
-	mr.Range(func(fd protoreflect.FieldDescriptor, _ protoreflect.Value) bool {
-		if fd.IsExtension() {
-			mr.Clear(fd)
-		}
-		return true
-	})
-	clearUnknown(mr, mr.Descriptor().ExtensionRanges())
-}
-
-// GetExtension retrieves a proto2 extended field from m.
-//
-// If the descriptor is type complete (i.e., ExtensionDesc.ExtensionType is non-nil),
-// then GetExtension parses the encoded field and returns a Go value of the specified type.
-// If the field is not present, then the default value is returned (if one is specified),
-// otherwise ErrMissingExtension is reported.
-//
-// If the descriptor is type incomplete (i.e., ExtensionDesc.ExtensionType is nil),
-// then GetExtension returns the raw encoded bytes for the extension field.
-func GetExtension(m Message, xt *ExtensionDesc) (interface{}, error) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() || mr.Descriptor().ExtensionRanges().Len() == 0 {
-		return nil, errNotExtendable
-	}
-
-	// Retrieve the unknown fields for this extension field.
-	var bo protoreflect.RawFields
-	for bi := mr.GetUnknown(); len(bi) > 0; {
-		num, _, n := protowire.ConsumeField(bi)
-		if int32(num) == xt.Field {
-			bo = append(bo, bi[:n]...)
-		}
-		bi = bi[n:]
-	}
-
-	// For type incomplete descriptors, only retrieve the unknown fields.
-	if xt.ExtensionType == nil {
-		return []byte(bo), nil
-	}
-
-	// If the extension field only exists as unknown fields, unmarshal it.
-	// This is rarely done since proto.Unmarshal eagerly unmarshals extensions.
-	xtd := xt.TypeDescriptor()
-	if !isValidExtension(mr.Descriptor(), xtd) {
-		return nil, fmt.Errorf("proto: bad extended type; %T does not extend %T", xt.ExtendedType, m)
-	}
-	if !mr.Has(xtd) && len(bo) > 0 {
-		m2 := mr.New()
-		if err := (proto.UnmarshalOptions{
-			Resolver: extensionResolver{xt},
-		}.Unmarshal(bo, m2.Interface())); err != nil {
-			return nil, err
-		}
-		if m2.Has(xtd) {
-			mr.Set(xtd, m2.Get(xtd))
-			clearUnknown(mr, fieldNum(xt.Field))
-		}
-	}
-
-	// Check whether the message has the extension field set or a default.
-	var pv protoreflect.Value
-	switch {
-	case mr.Has(xtd):
-		pv = mr.Get(xtd)
-	case xtd.HasDefault():
-		pv = xtd.Default()
-	default:
-		return nil, ErrMissingExtension
-	}
-
-	v := xt.InterfaceOf(pv)
-	rv := reflect.ValueOf(v)
-	if isScalarKind(rv.Kind()) {
-		rv2 := reflect.New(rv.Type())
-		rv2.Elem().Set(rv)
-		v = rv2.Interface()
-	}
-	return v, nil
-}
-
-// extensionResolver is a custom extension resolver that stores a single
-// extension type that takes precedence over the global registry.
-type extensionResolver struct{ xt protoreflect.ExtensionType }
-
-func (r extensionResolver) FindExtensionByName(field protoreflect.FullName) (protoreflect.ExtensionType, error) {
-	if xtd := r.xt.TypeDescriptor(); xtd.FullName() == field {
-		return r.xt, nil
-	}
-	return protoregistry.GlobalTypes.FindExtensionByName(field)
-}
-
-func (r extensionResolver) FindExtensionByNumber(message protoreflect.FullName, field protoreflect.FieldNumber) (protoreflect.ExtensionType, error) {
-	if xtd := r.xt.TypeDescriptor(); xtd.ContainingMessage().FullName() == message && xtd.Number() == field {
-		return r.xt, nil
-	}
-	return protoregistry.GlobalTypes.FindExtensionByNumber(message, field)
-}
-
-// GetExtensions returns a list of the extensions values present in m,
-// corresponding with the provided list of extension descriptors, xts.
-// If an extension is missing in m, the corresponding value is nil.
-func GetExtensions(m Message, xts []*ExtensionDesc) ([]interface{}, error) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return nil, errNotExtendable
-	}
-
-	vs := make([]interface{}, len(xts))
-	for i, xt := range xts {
-		v, err := GetExtension(m, xt)
-		if err != nil {
-			if err == ErrMissingExtension {
-				continue
-			}
-			return vs, err
-		}
-		vs[i] = v
-	}
-	return vs, nil
-}
-
-// SetExtension sets an extension field in m to the provided value.
-func SetExtension(m Message, xt *ExtensionDesc, v interface{}) error {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() || mr.Descriptor().ExtensionRanges().Len() == 0 {
-		return errNotExtendable
-	}
-
-	rv := reflect.ValueOf(v)
-	if reflect.TypeOf(v) != reflect.TypeOf(xt.ExtensionType) {
-		return fmt.Errorf("proto: bad extension value type. got: %T, want: %T", v, xt.ExtensionType)
-	}
-	if rv.Kind() == reflect.Ptr {
-		if rv.IsNil() {
-			return fmt.Errorf("proto: SetExtension called with nil value of type %T", v)
-		}
-		if isScalarKind(rv.Elem().Kind()) {
-			v = rv.Elem().Interface()
-		}
-	}
-
-	xtd := xt.TypeDescriptor()
-	if !isValidExtension(mr.Descriptor(), xtd) {
-		return fmt.Errorf("proto: bad extended type; %T does not extend %T", xt.ExtendedType, m)
-	}
-	mr.Set(xtd, xt.ValueOf(v))
-	clearUnknown(mr, fieldNum(xt.Field))
-	return nil
-}
-
-// SetRawExtension inserts b into the unknown fields of m.
-//
-// Deprecated: Use Message.ProtoReflect.SetUnknown instead.
-func SetRawExtension(m Message, fnum int32, b []byte) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return
-	}
-
-	// Verify that the raw field is valid.
-	for b0 := b; len(b0) > 0; {
-		num, _, n := protowire.ConsumeField(b0)
-		if int32(num) != fnum {
-			panic(fmt.Sprintf("mismatching field number: got %d, want %d", num, fnum))
-		}
-		b0 = b0[n:]
-	}
-
-	ClearExtension(m, &ExtensionDesc{Field: fnum})
-	mr.SetUnknown(append(mr.GetUnknown(), b...))
-}
-
-// ExtensionDescs returns a list of extension descriptors found in m,
-// containing descriptors for both populated extension fields in m and
-// also unknown fields of m that are in the extension range.
-// For the later case, an type incomplete descriptor is provided where only
-// the ExtensionDesc.Field field is populated.
-// The order of the extension descriptors is undefined.
-func ExtensionDescs(m Message) ([]*ExtensionDesc, error) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() || mr.Descriptor().ExtensionRanges().Len() == 0 {
-		return nil, errNotExtendable
-	}
-
-	// Collect a set of known extension descriptors.
-	extDescs := make(map[protoreflect.FieldNumber]*ExtensionDesc)
-	mr.Range(func(fd protoreflect.FieldDescriptor, v protoreflect.Value) bool {
-		if fd.IsExtension() {
-			xt := fd.(protoreflect.ExtensionTypeDescriptor)
-			if xd, ok := xt.Type().(*ExtensionDesc); ok {
-				extDescs[fd.Number()] = xd
-			}
-		}
-		return true
-	})
-
-	// Collect a set of unknown extension descriptors.
-	extRanges := mr.Descriptor().ExtensionRanges()
-	for b := mr.GetUnknown(); len(b) > 0; {
-		num, _, n := protowire.ConsumeField(b)
-		if extRanges.Has(num) && extDescs[num] == nil {
-			extDescs[num] = nil
-		}
-		b = b[n:]
-	}
-
-	// Transpose the set of descriptors into a list.
-	var xts []*ExtensionDesc
-	for num, xt := range extDescs {
-		if xt == nil {
-			xt = &ExtensionDesc{Field: int32(num)}
-		}
-		xts = append(xts, xt)
-	}
-	return xts, nil
-}
-
-// isValidExtension reports whether xtd is a valid extension descriptor for md.
-func isValidExtension(md protoreflect.MessageDescriptor, xtd protoreflect.ExtensionTypeDescriptor) bool {
-	return xtd.ContainingMessage() == md && md.ExtensionRanges().Has(xtd.Number())
-}
-
-// isScalarKind reports whether k is a protobuf scalar kind (except bytes).
-// This function exists for historical reasons since the representation of
-// scalars differs between v1 and v2, where v1 uses *T and v2 uses T.
-func isScalarKind(k reflect.Kind) bool {
-	switch k {
-	case reflect.Bool, reflect.Int32, reflect.Int64, reflect.Uint32, reflect.Uint64, reflect.Float32, reflect.Float64, reflect.String:
-		return true
-	default:
-		return false
-	}
-}
-
-// clearUnknown removes unknown fields from m where remover.Has reports true.
-func clearUnknown(m protoreflect.Message, remover interface {
-	Has(protoreflect.FieldNumber) bool
-}) {
-	var bo protoreflect.RawFields
-	for bi := m.GetUnknown(); len(bi) > 0; {
-		num, _, n := protowire.ConsumeField(bi)
-		if !remover.Has(num) {
-			bo = append(bo, bi[:n]...)
-		}
-		bi = bi[n:]
-	}
-	if bi := m.GetUnknown(); len(bi) != len(bo) {
-		m.SetUnknown(bo)
-	}
-}
-
-type fieldNum protoreflect.FieldNumber
-
-func (n1 fieldNum) Has(n2 protoreflect.FieldNumber) bool {
-	return protoreflect.FieldNumber(n1) == n2
-}
diff --git a/vendor/github.com/golang/protobuf/proto/properties.go b/vendor/github.com/golang/protobuf/proto/properties.go
deleted file mode 100644
index dcdc2202f..000000000
--- a/vendor/github.com/golang/protobuf/proto/properties.go
+++ /dev/null
@@ -1,306 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"fmt"
-	"reflect"
-	"strconv"
-	"strings"
-	"sync"
-
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-// StructProperties represents protocol buffer type information for a
-// generated protobuf message in the open-struct API.
-//
-// Deprecated: Do not use.
-type StructProperties struct {
-	// Prop are the properties for each field.
-	//
-	// Fields belonging to a oneof are stored in OneofTypes instead, with a
-	// single Properties representing the parent oneof held here.
-	//
-	// The order of Prop matches the order of fields in the Go struct.
-	// Struct fields that are not related to protobufs have a "XXX_" prefix
-	// in the Properties.Name and must be ignored by the user.
-	Prop []*Properties
-
-	// OneofTypes contains information about the oneof fields in this message.
-	// It is keyed by the protobuf field name.
-	OneofTypes map[string]*OneofProperties
-}
-
-// Properties represents the type information for a protobuf message field.
-//
-// Deprecated: Do not use.
-type Properties struct {
-	// Name is a placeholder name with little meaningful semantic value.
-	// If the name has an "XXX_" prefix, the entire Properties must be ignored.
-	Name string
-	// OrigName is the protobuf field name or oneof name.
-	OrigName string
-	// JSONName is the JSON name for the protobuf field.
-	JSONName string
-	// Enum is a placeholder name for enums.
-	// For historical reasons, this is neither the Go name for the enum,
-	// nor the protobuf name for the enum.
-	Enum string // Deprecated: Do not use.
-	// Weak contains the full name of the weakly referenced message.
-	Weak string
-	// Wire is a string representation of the wire type.
-	Wire string
-	// WireType is the protobuf wire type for the field.
-	WireType int
-	// Tag is the protobuf field number.
-	Tag int
-	// Required reports whether this is a required field.
-	Required bool
-	// Optional reports whether this is a optional field.
-	Optional bool
-	// Repeated reports whether this is a repeated field.
-	Repeated bool
-	// Packed reports whether this is a packed repeated field of scalars.
-	Packed bool
-	// Proto3 reports whether this field operates under the proto3 syntax.
-	Proto3 bool
-	// Oneof reports whether this field belongs within a oneof.
-	Oneof bool
-
-	// Default is the default value in string form.
-	Default string
-	// HasDefault reports whether the field has a default value.
-	HasDefault bool
-
-	// MapKeyProp is the properties for the key field for a map field.
-	MapKeyProp *Properties
-	// MapValProp is the properties for the value field for a map field.
-	MapValProp *Properties
-}
-
-// OneofProperties represents the type information for a protobuf oneof.
-//
-// Deprecated: Do not use.
-type OneofProperties struct {
-	// Type is a pointer to the generated wrapper type for the field value.
-	// This is nil for messages that are not in the open-struct API.
-	Type reflect.Type
-	// Field is the index into StructProperties.Prop for the containing oneof.
-	Field int
-	// Prop is the properties for the field.
-	Prop *Properties
-}
-
-// String formats the properties in the protobuf struct field tag style.
-func (p *Properties) String() string {
-	s := p.Wire
-	s += "," + strconv.Itoa(p.Tag)
-	if p.Required {
-		s += ",req"
-	}
-	if p.Optional {
-		s += ",opt"
-	}
-	if p.Repeated {
-		s += ",rep"
-	}
-	if p.Packed {
-		s += ",packed"
-	}
-	s += ",name=" + p.OrigName
-	if p.JSONName != "" {
-		s += ",json=" + p.JSONName
-	}
-	if len(p.Enum) > 0 {
-		s += ",enum=" + p.Enum
-	}
-	if len(p.Weak) > 0 {
-		s += ",weak=" + p.Weak
-	}
-	if p.Proto3 {
-		s += ",proto3"
-	}
-	if p.Oneof {
-		s += ",oneof"
-	}
-	if p.HasDefault {
-		s += ",def=" + p.Default
-	}
-	return s
-}
-
-// Parse populates p by parsing a string in the protobuf struct field tag style.
-func (p *Properties) Parse(tag string) {
-	// For example: "bytes,49,opt,name=foo,def=hello!"
-	for len(tag) > 0 {
-		i := strings.IndexByte(tag, ',')
-		if i < 0 {
-			i = len(tag)
-		}
-		switch s := tag[:i]; {
-		case strings.HasPrefix(s, "name="):
-			p.OrigName = s[len("name="):]
-		case strings.HasPrefix(s, "json="):
-			p.JSONName = s[len("json="):]
-		case strings.HasPrefix(s, "enum="):
-			p.Enum = s[len("enum="):]
-		case strings.HasPrefix(s, "weak="):
-			p.Weak = s[len("weak="):]
-		case strings.Trim(s, "0123456789") == "":
-			n, _ := strconv.ParseUint(s, 10, 32)
-			p.Tag = int(n)
-		case s == "opt":
-			p.Optional = true
-		case s == "req":
-			p.Required = true
-		case s == "rep":
-			p.Repeated = true
-		case s == "varint" || s == "zigzag32" || s == "zigzag64":
-			p.Wire = s
-			p.WireType = WireVarint
-		case s == "fixed32":
-			p.Wire = s
-			p.WireType = WireFixed32
-		case s == "fixed64":
-			p.Wire = s
-			p.WireType = WireFixed64
-		case s == "bytes":
-			p.Wire = s
-			p.WireType = WireBytes
-		case s == "group":
-			p.Wire = s
-			p.WireType = WireStartGroup
-		case s == "packed":
-			p.Packed = true
-		case s == "proto3":
-			p.Proto3 = true
-		case s == "oneof":
-			p.Oneof = true
-		case strings.HasPrefix(s, "def="):
-			// The default tag is special in that everything afterwards is the
-			// default regardless of the presence of commas.
-			p.HasDefault = true
-			p.Default, i = tag[len("def="):], len(tag)
-		}
-		tag = strings.TrimPrefix(tag[i:], ",")
-	}
-}
-
-// Init populates the properties from a protocol buffer struct tag.
-//
-// Deprecated: Do not use.
-func (p *Properties) Init(typ reflect.Type, name, tag string, f *reflect.StructField) {
-	p.Name = name
-	p.OrigName = name
-	if tag == "" {
-		return
-	}
-	p.Parse(tag)
-
-	if typ != nil && typ.Kind() == reflect.Map {
-		p.MapKeyProp = new(Properties)
-		p.MapKeyProp.Init(nil, "Key", f.Tag.Get("protobuf_key"), nil)
-		p.MapValProp = new(Properties)
-		p.MapValProp.Init(nil, "Value", f.Tag.Get("protobuf_val"), nil)
-	}
-}
-
-var propertiesCache sync.Map // map[reflect.Type]*StructProperties
-
-// GetProperties returns the list of properties for the type represented by t,
-// which must be a generated protocol buffer message in the open-struct API,
-// where protobuf message fields are represented by exported Go struct fields.
-//
-// Deprecated: Use protobuf reflection instead.
-func GetProperties(t reflect.Type) *StructProperties {
-	if p, ok := propertiesCache.Load(t); ok {
-		return p.(*StructProperties)
-	}
-	p, _ := propertiesCache.LoadOrStore(t, newProperties(t))
-	return p.(*StructProperties)
-}
-
-func newProperties(t reflect.Type) *StructProperties {
-	if t.Kind() != reflect.Struct {
-		panic(fmt.Sprintf("%v is not a generated message in the open-struct API", t))
-	}
-
-	var hasOneof bool
-	prop := new(StructProperties)
-
-	// Construct a list of properties for each field in the struct.
-	for i := 0; i < t.NumField(); i++ {
-		p := new(Properties)
-		f := t.Field(i)
-		tagField := f.Tag.Get("protobuf")
-		p.Init(f.Type, f.Name, tagField, &f)
-
-		tagOneof := f.Tag.Get("protobuf_oneof")
-		if tagOneof != "" {
-			hasOneof = true
-			p.OrigName = tagOneof
-		}
-
-		// Rename unrelated struct fields with the "XXX_" prefix since so much
-		// user code simply checks for this to exclude special fields.
-		if tagField == "" && tagOneof == "" && !strings.HasPrefix(p.Name, "XXX_") {
-			p.Name = "XXX_" + p.Name
-			p.OrigName = "XXX_" + p.OrigName
-		} else if p.Weak != "" {
-			p.Name = p.OrigName // avoid possible "XXX_" prefix on weak field
-		}
-
-		prop.Prop = append(prop.Prop, p)
-	}
-
-	// Construct a mapping of oneof field names to properties.
-	if hasOneof {
-		var oneofWrappers []interface{}
-		if fn, ok := reflect.PtrTo(t).MethodByName("XXX_OneofFuncs"); ok {
-			oneofWrappers = fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))})[3].Interface().([]interface{})
-		}
-		if fn, ok := reflect.PtrTo(t).MethodByName("XXX_OneofWrappers"); ok {
-			oneofWrappers = fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))})[0].Interface().([]interface{})
-		}
-		if m, ok := reflect.Zero(reflect.PtrTo(t)).Interface().(protoreflect.ProtoMessage); ok {
-			if m, ok := m.ProtoReflect().(interface{ ProtoMessageInfo() *protoimpl.MessageInfo }); ok {
-				oneofWrappers = m.ProtoMessageInfo().OneofWrappers
-			}
-		}
-
-		prop.OneofTypes = make(map[string]*OneofProperties)
-		for _, wrapper := range oneofWrappers {
-			p := &OneofProperties{
-				Type: reflect.ValueOf(wrapper).Type(), // *T
-				Prop: new(Properties),
-			}
-			f := p.Type.Elem().Field(0)
-			p.Prop.Name = f.Name
-			p.Prop.Parse(f.Tag.Get("protobuf"))
-
-			// Determine the struct field that contains this oneof.
-			// Each wrapper is assignable to exactly one parent field.
-			var foundOneof bool
-			for i := 0; i < t.NumField() && !foundOneof; i++ {
-				if p.Type.AssignableTo(t.Field(i).Type) {
-					p.Field = i
-					foundOneof = true
-				}
-			}
-			if !foundOneof {
-				panic(fmt.Sprintf("%v is not a generated message in the open-struct API", t))
-			}
-			prop.OneofTypes[p.Prop.OrigName] = p
-		}
-	}
-
-	return prop
-}
-
-func (sp *StructProperties) Len() int           { return len(sp.Prop) }
-func (sp *StructProperties) Less(i, j int) bool { return false }
-func (sp *StructProperties) Swap(i, j int)      { return }
diff --git a/vendor/github.com/golang/protobuf/proto/proto.go b/vendor/github.com/golang/protobuf/proto/proto.go
deleted file mode 100644
index 5aee89c32..000000000
--- a/vendor/github.com/golang/protobuf/proto/proto.go
+++ /dev/null
@@ -1,167 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package proto provides functionality for handling protocol buffer messages.
-// In particular, it provides marshaling and unmarshaling between a protobuf
-// message and the binary wire format.
-//
-// See https://developers.google.com/protocol-buffers/docs/gotutorial for
-// more information.
-//
-// Deprecated: Use the "google.golang.org/protobuf/proto" package instead.
-package proto
-
-import (
-	protoV2 "google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/runtime/protoiface"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-const (
-	ProtoPackageIsVersion1 = true
-	ProtoPackageIsVersion2 = true
-	ProtoPackageIsVersion3 = true
-	ProtoPackageIsVersion4 = true
-)
-
-// GeneratedEnum is any enum type generated by protoc-gen-go
-// which is a named int32 kind.
-// This type exists for documentation purposes.
-type GeneratedEnum interface{}
-
-// GeneratedMessage is any message type generated by protoc-gen-go
-// which is a pointer to a named struct kind.
-// This type exists for documentation purposes.
-type GeneratedMessage interface{}
-
-// Message is a protocol buffer message.
-//
-// This is the v1 version of the message interface and is marginally better
-// than an empty interface as it lacks any method to programatically interact
-// with the contents of the message.
-//
-// A v2 message is declared in "google.golang.org/protobuf/proto".Message and
-// exposes protobuf reflection as a first-class feature of the interface.
-//
-// To convert a v1 message to a v2 message, use the MessageV2 function.
-// To convert a v2 message to a v1 message, use the MessageV1 function.
-type Message = protoiface.MessageV1
-
-// MessageV1 converts either a v1 or v2 message to a v1 message.
-// It returns nil if m is nil.
-func MessageV1(m GeneratedMessage) protoiface.MessageV1 {
-	return protoimpl.X.ProtoMessageV1Of(m)
-}
-
-// MessageV2 converts either a v1 or v2 message to a v2 message.
-// It returns nil if m is nil.
-func MessageV2(m GeneratedMessage) protoV2.Message {
-	return protoimpl.X.ProtoMessageV2Of(m)
-}
-
-// MessageReflect returns a reflective view for a message.
-// It returns nil if m is nil.
-func MessageReflect(m Message) protoreflect.Message {
-	return protoimpl.X.MessageOf(m)
-}
-
-// Marshaler is implemented by messages that can marshal themselves.
-// This interface is used by the following functions: Size, Marshal,
-// Buffer.Marshal, and Buffer.EncodeMessage.
-//
-// Deprecated: Do not implement.
-type Marshaler interface {
-	// Marshal formats the encoded bytes of the message.
-	// It should be deterministic and emit valid protobuf wire data.
-	// The caller takes ownership of the returned buffer.
-	Marshal() ([]byte, error)
-}
-
-// Unmarshaler is implemented by messages that can unmarshal themselves.
-// This interface is used by the following functions: Unmarshal, UnmarshalMerge,
-// Buffer.Unmarshal, Buffer.DecodeMessage, and Buffer.DecodeGroup.
-//
-// Deprecated: Do not implement.
-type Unmarshaler interface {
-	// Unmarshal parses the encoded bytes of the protobuf wire input.
-	// The provided buffer is only valid for during method call.
-	// It should not reset the receiver message.
-	Unmarshal([]byte) error
-}
-
-// Merger is implemented by messages that can merge themselves.
-// This interface is used by the following functions: Clone and Merge.
-//
-// Deprecated: Do not implement.
-type Merger interface {
-	// Merge merges the contents of src into the receiver message.
-	// It clones all data structures in src such that it aliases no mutable
-	// memory referenced by src.
-	Merge(src Message)
-}
-
-// RequiredNotSetError is an error type returned when
-// marshaling or unmarshaling a message with missing required fields.
-type RequiredNotSetError struct {
-	err error
-}
-
-func (e *RequiredNotSetError) Error() string {
-	if e.err != nil {
-		return e.err.Error()
-	}
-	return "proto: required field not set"
-}
-func (e *RequiredNotSetError) RequiredNotSet() bool {
-	return true
-}
-
-func checkRequiredNotSet(m protoV2.Message) error {
-	if err := protoV2.CheckInitialized(m); err != nil {
-		return &RequiredNotSetError{err: err}
-	}
-	return nil
-}
-
-// Clone returns a deep copy of src.
-func Clone(src Message) Message {
-	return MessageV1(protoV2.Clone(MessageV2(src)))
-}
-
-// Merge merges src into dst, which must be messages of the same type.
-//
-// Populated scalar fields in src are copied to dst, while populated
-// singular messages in src are merged into dst by recursively calling Merge.
-// The elements of every list field in src is appended to the corresponded
-// list fields in dst. The entries of every map field in src is copied into
-// the corresponding map field in dst, possibly replacing existing entries.
-// The unknown fields of src are appended to the unknown fields of dst.
-func Merge(dst, src Message) {
-	protoV2.Merge(MessageV2(dst), MessageV2(src))
-}
-
-// Equal reports whether two messages are equal.
-// If two messages marshal to the same bytes under deterministic serialization,
-// then Equal is guaranteed to report true.
-//
-// Two messages are equal if they are the same protobuf message type,
-// have the same set of populated known and extension field values,
-// and the same set of unknown fields values.
-//
-// Scalar values are compared with the equivalent of the == operator in Go,
-// except bytes values which are compared using bytes.Equal and
-// floating point values which specially treat NaNs as equal.
-// Message values are compared by recursively calling Equal.
-// Lists are equal if each element value is also equal.
-// Maps are equal if they have the same set of keys, where the pair of values
-// for each key is also equal.
-func Equal(x, y Message) bool {
-	return protoV2.Equal(MessageV2(x), MessageV2(y))
-}
-
-func isMessageSet(md protoreflect.MessageDescriptor) bool {
-	ms, ok := md.(interface{ IsMessageSet() bool })
-	return ok && ms.IsMessageSet()
-}
diff --git a/vendor/github.com/golang/protobuf/proto/registry.go b/vendor/github.com/golang/protobuf/proto/registry.go
deleted file mode 100644
index 066b4323b..000000000
--- a/vendor/github.com/golang/protobuf/proto/registry.go
+++ /dev/null
@@ -1,317 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"bytes"
-	"compress/gzip"
-	"fmt"
-	"io/ioutil"
-	"reflect"
-	"strings"
-	"sync"
-
-	"google.golang.org/protobuf/reflect/protodesc"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-	"google.golang.org/protobuf/runtime/protoimpl"
-)
-
-// filePath is the path to the proto source file.
-type filePath = string // e.g., "google/protobuf/descriptor.proto"
-
-// fileDescGZIP is the compressed contents of the encoded FileDescriptorProto.
-type fileDescGZIP = []byte
-
-var fileCache sync.Map // map[filePath]fileDescGZIP
-
-// RegisterFile is called from generated code to register the compressed
-// FileDescriptorProto with the file path for a proto source file.
-//
-// Deprecated: Use protoregistry.GlobalFiles.RegisterFile instead.
-func RegisterFile(s filePath, d fileDescGZIP) {
-	// Decompress the descriptor.
-	zr, err := gzip.NewReader(bytes.NewReader(d))
-	if err != nil {
-		panic(fmt.Sprintf("proto: invalid compressed file descriptor: %v", err))
-	}
-	b, err := ioutil.ReadAll(zr)
-	if err != nil {
-		panic(fmt.Sprintf("proto: invalid compressed file descriptor: %v", err))
-	}
-
-	// Construct a protoreflect.FileDescriptor from the raw descriptor.
-	// Note that DescBuilder.Build automatically registers the constructed
-	// file descriptor with the v2 registry.
-	protoimpl.DescBuilder{RawDescriptor: b}.Build()
-
-	// Locally cache the raw descriptor form for the file.
-	fileCache.Store(s, d)
-}
-
-// FileDescriptor returns the compressed FileDescriptorProto given the file path
-// for a proto source file. It returns nil if not found.
-//
-// Deprecated: Use protoregistry.GlobalFiles.FindFileByPath instead.
-func FileDescriptor(s filePath) fileDescGZIP {
-	if v, ok := fileCache.Load(s); ok {
-		return v.(fileDescGZIP)
-	}
-
-	// Find the descriptor in the v2 registry.
-	var b []byte
-	if fd, _ := protoregistry.GlobalFiles.FindFileByPath(s); fd != nil {
-		b, _ = Marshal(protodesc.ToFileDescriptorProto(fd))
-	}
-
-	// Locally cache the raw descriptor form for the file.
-	if len(b) > 0 {
-		v, _ := fileCache.LoadOrStore(s, protoimpl.X.CompressGZIP(b))
-		return v.(fileDescGZIP)
-	}
-	return nil
-}
-
-// enumName is the name of an enum. For historical reasons, the enum name is
-// neither the full Go name nor the full protobuf name of the enum.
-// The name is the dot-separated combination of just the proto package that the
-// enum is declared within followed by the Go type name of the generated enum.
-type enumName = string // e.g., "my.proto.package.GoMessage_GoEnum"
-
-// enumsByName maps enum values by name to their numeric counterpart.
-type enumsByName = map[string]int32
-
-// enumsByNumber maps enum values by number to their name counterpart.
-type enumsByNumber = map[int32]string
-
-var enumCache sync.Map     // map[enumName]enumsByName
-var numFilesCache sync.Map // map[protoreflect.FullName]int
-
-// RegisterEnum is called from the generated code to register the mapping of
-// enum value names to enum numbers for the enum identified by s.
-//
-// Deprecated: Use protoregistry.GlobalTypes.RegisterEnum instead.
-func RegisterEnum(s enumName, _ enumsByNumber, m enumsByName) {
-	if _, ok := enumCache.Load(s); ok {
-		panic("proto: duplicate enum registered: " + s)
-	}
-	enumCache.Store(s, m)
-
-	// This does not forward registration to the v2 registry since this API
-	// lacks sufficient information to construct a complete v2 enum descriptor.
-}
-
-// EnumValueMap returns the mapping from enum value names to enum numbers for
-// the enum of the given name. It returns nil if not found.
-//
-// Deprecated: Use protoregistry.GlobalTypes.FindEnumByName instead.
-func EnumValueMap(s enumName) enumsByName {
-	if v, ok := enumCache.Load(s); ok {
-		return v.(enumsByName)
-	}
-
-	// Check whether the cache is stale. If the number of files in the current
-	// package differs, then it means that some enums may have been recently
-	// registered upstream that we do not know about.
-	var protoPkg protoreflect.FullName
-	if i := strings.LastIndexByte(s, '.'); i >= 0 {
-		protoPkg = protoreflect.FullName(s[:i])
-	}
-	v, _ := numFilesCache.Load(protoPkg)
-	numFiles, _ := v.(int)
-	if protoregistry.GlobalFiles.NumFilesByPackage(protoPkg) == numFiles {
-		return nil // cache is up-to-date; was not found earlier
-	}
-
-	// Update the enum cache for all enums declared in the given proto package.
-	numFiles = 0
-	protoregistry.GlobalFiles.RangeFilesByPackage(protoPkg, func(fd protoreflect.FileDescriptor) bool {
-		walkEnums(fd, func(ed protoreflect.EnumDescriptor) {
-			name := protoimpl.X.LegacyEnumName(ed)
-			if _, ok := enumCache.Load(name); !ok {
-				m := make(enumsByName)
-				evs := ed.Values()
-				for i := evs.Len() - 1; i >= 0; i-- {
-					ev := evs.Get(i)
-					m[string(ev.Name())] = int32(ev.Number())
-				}
-				enumCache.LoadOrStore(name, m)
-			}
-		})
-		numFiles++
-		return true
-	})
-	numFilesCache.Store(protoPkg, numFiles)
-
-	// Check cache again for enum map.
-	if v, ok := enumCache.Load(s); ok {
-		return v.(enumsByName)
-	}
-	return nil
-}
-
-// walkEnums recursively walks all enums declared in d.
-func walkEnums(d interface {
-	Enums() protoreflect.EnumDescriptors
-	Messages() protoreflect.MessageDescriptors
-}, f func(protoreflect.EnumDescriptor)) {
-	eds := d.Enums()
-	for i := eds.Len() - 1; i >= 0; i-- {
-		f(eds.Get(i))
-	}
-	mds := d.Messages()
-	for i := mds.Len() - 1; i >= 0; i-- {
-		walkEnums(mds.Get(i), f)
-	}
-}
-
-// messageName is the full name of protobuf message.
-type messageName = string
-
-var messageTypeCache sync.Map // map[messageName]reflect.Type
-
-// RegisterType is called from generated code to register the message Go type
-// for a message of the given name.
-//
-// Deprecated: Use protoregistry.GlobalTypes.RegisterMessage instead.
-func RegisterType(m Message, s messageName) {
-	mt := protoimpl.X.LegacyMessageTypeOf(m, protoreflect.FullName(s))
-	if err := protoregistry.GlobalTypes.RegisterMessage(mt); err != nil {
-		panic(err)
-	}
-	messageTypeCache.Store(s, reflect.TypeOf(m))
-}
-
-// RegisterMapType is called from generated code to register the Go map type
-// for a protobuf message representing a map entry.
-//
-// Deprecated: Do not use.
-func RegisterMapType(m interface{}, s messageName) {
-	t := reflect.TypeOf(m)
-	if t.Kind() != reflect.Map {
-		panic(fmt.Sprintf("invalid map kind: %v", t))
-	}
-	if _, ok := messageTypeCache.Load(s); ok {
-		panic(fmt.Errorf("proto: duplicate proto message registered: %s", s))
-	}
-	messageTypeCache.Store(s, t)
-}
-
-// MessageType returns the message type for a named message.
-// It returns nil if not found.
-//
-// Deprecated: Use protoregistry.GlobalTypes.FindMessageByName instead.
-func MessageType(s messageName) reflect.Type {
-	if v, ok := messageTypeCache.Load(s); ok {
-		return v.(reflect.Type)
-	}
-
-	// Derive the message type from the v2 registry.
-	var t reflect.Type
-	if mt, _ := protoregistry.GlobalTypes.FindMessageByName(protoreflect.FullName(s)); mt != nil {
-		t = messageGoType(mt)
-	}
-
-	// If we could not get a concrete type, it is possible that it is a
-	// pseudo-message for a map entry.
-	if t == nil {
-		d, _ := protoregistry.GlobalFiles.FindDescriptorByName(protoreflect.FullName(s))
-		if md, _ := d.(protoreflect.MessageDescriptor); md != nil && md.IsMapEntry() {
-			kt := goTypeForField(md.Fields().ByNumber(1))
-			vt := goTypeForField(md.Fields().ByNumber(2))
-			t = reflect.MapOf(kt, vt)
-		}
-	}
-
-	// Locally cache the message type for the given name.
-	if t != nil {
-		v, _ := messageTypeCache.LoadOrStore(s, t)
-		return v.(reflect.Type)
-	}
-	return nil
-}
-
-func goTypeForField(fd protoreflect.FieldDescriptor) reflect.Type {
-	switch k := fd.Kind(); k {
-	case protoreflect.EnumKind:
-		if et, _ := protoregistry.GlobalTypes.FindEnumByName(fd.Enum().FullName()); et != nil {
-			return enumGoType(et)
-		}
-		return reflect.TypeOf(protoreflect.EnumNumber(0))
-	case protoreflect.MessageKind, protoreflect.GroupKind:
-		if mt, _ := protoregistry.GlobalTypes.FindMessageByName(fd.Message().FullName()); mt != nil {
-			return messageGoType(mt)
-		}
-		return reflect.TypeOf((*protoreflect.Message)(nil)).Elem()
-	default:
-		return reflect.TypeOf(fd.Default().Interface())
-	}
-}
-
-func enumGoType(et protoreflect.EnumType) reflect.Type {
-	return reflect.TypeOf(et.New(0))
-}
-
-func messageGoType(mt protoreflect.MessageType) reflect.Type {
-	return reflect.TypeOf(MessageV1(mt.Zero().Interface()))
-}
-
-// MessageName returns the full protobuf name for the given message type.
-//
-// Deprecated: Use protoreflect.MessageDescriptor.FullName instead.
-func MessageName(m Message) messageName {
-	if m == nil {
-		return ""
-	}
-	if m, ok := m.(interface{ XXX_MessageName() messageName }); ok {
-		return m.XXX_MessageName()
-	}
-	return messageName(protoimpl.X.MessageDescriptorOf(m).FullName())
-}
-
-// RegisterExtension is called from the generated code to register
-// the extension descriptor.
-//
-// Deprecated: Use protoregistry.GlobalTypes.RegisterExtension instead.
-func RegisterExtension(d *ExtensionDesc) {
-	if err := protoregistry.GlobalTypes.RegisterExtension(d); err != nil {
-		panic(err)
-	}
-}
-
-type extensionsByNumber = map[int32]*ExtensionDesc
-
-var extensionCache sync.Map // map[messageName]extensionsByNumber
-
-// RegisteredExtensions returns a map of the registered extensions for the
-// provided protobuf message, indexed by the extension field number.
-//
-// Deprecated: Use protoregistry.GlobalTypes.RangeExtensionsByMessage instead.
-func RegisteredExtensions(m Message) extensionsByNumber {
-	// Check whether the cache is stale. If the number of extensions for
-	// the given message differs, then it means that some extensions were
-	// recently registered upstream that we do not know about.
-	s := MessageName(m)
-	v, _ := extensionCache.Load(s)
-	xs, _ := v.(extensionsByNumber)
-	if protoregistry.GlobalTypes.NumExtensionsByMessage(protoreflect.FullName(s)) == len(xs) {
-		return xs // cache is up-to-date
-	}
-
-	// Cache is stale, re-compute the extensions map.
-	xs = make(extensionsByNumber)
-	protoregistry.GlobalTypes.RangeExtensionsByMessage(protoreflect.FullName(s), func(xt protoreflect.ExtensionType) bool {
-		if xd, ok := xt.(*ExtensionDesc); ok {
-			xs[int32(xt.TypeDescriptor().Number())] = xd
-		} else {
-			// TODO: This implies that the protoreflect.ExtensionType is a
-			// custom type not generated by protoc-gen-go. We could try and
-			// convert the type to an ExtensionDesc.
-		}
-		return true
-	})
-	extensionCache.Store(s, xs)
-	return xs
-}
diff --git a/vendor/github.com/golang/protobuf/proto/text_decode.go b/vendor/github.com/golang/protobuf/proto/text_decode.go
deleted file mode 100644
index 47eb3e445..000000000
--- a/vendor/github.com/golang/protobuf/proto/text_decode.go
+++ /dev/null
@@ -1,801 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"encoding"
-	"errors"
-	"fmt"
-	"reflect"
-	"strconv"
-	"strings"
-	"unicode/utf8"
-
-	"google.golang.org/protobuf/encoding/prototext"
-	protoV2 "google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-)
-
-const wrapTextUnmarshalV2 = false
-
-// ParseError is returned by UnmarshalText.
-type ParseError struct {
-	Message string
-
-	// Deprecated: Do not use.
-	Line, Offset int
-}
-
-func (e *ParseError) Error() string {
-	if wrapTextUnmarshalV2 {
-		return e.Message
-	}
-	if e.Line == 1 {
-		return fmt.Sprintf("line 1.%d: %v", e.Offset, e.Message)
-	}
-	return fmt.Sprintf("line %d: %v", e.Line, e.Message)
-}
-
-// UnmarshalText parses a proto text formatted string into m.
-func UnmarshalText(s string, m Message) error {
-	if u, ok := m.(encoding.TextUnmarshaler); ok {
-		return u.UnmarshalText([]byte(s))
-	}
-
-	m.Reset()
-	mi := MessageV2(m)
-
-	if wrapTextUnmarshalV2 {
-		err := prototext.UnmarshalOptions{
-			AllowPartial: true,
-		}.Unmarshal([]byte(s), mi)
-		if err != nil {
-			return &ParseError{Message: err.Error()}
-		}
-		return checkRequiredNotSet(mi)
-	} else {
-		if err := newTextParser(s).unmarshalMessage(mi.ProtoReflect(), ""); err != nil {
-			return err
-		}
-		return checkRequiredNotSet(mi)
-	}
-}
-
-type textParser struct {
-	s            string // remaining input
-	done         bool   // whether the parsing is finished (success or error)
-	backed       bool   // whether back() was called
-	offset, line int
-	cur          token
-}
-
-type token struct {
-	value    string
-	err      *ParseError
-	line     int    // line number
-	offset   int    // byte number from start of input, not start of line
-	unquoted string // the unquoted version of value, if it was a quoted string
-}
-
-func newTextParser(s string) *textParser {
-	p := new(textParser)
-	p.s = s
-	p.line = 1
-	p.cur.line = 1
-	return p
-}
-
-func (p *textParser) unmarshalMessage(m protoreflect.Message, terminator string) (err error) {
-	md := m.Descriptor()
-	fds := md.Fields()
-
-	// A struct is a sequence of "name: value", terminated by one of
-	// '>' or '}', or the end of the input.  A name may also be
-	// "[extension]" or "[type/url]".
-	//
-	// The whole struct can also be an expanded Any message, like:
-	// [type/url] < ... struct contents ... >
-	seen := make(map[protoreflect.FieldNumber]bool)
-	for {
-		tok := p.next()
-		if tok.err != nil {
-			return tok.err
-		}
-		if tok.value == terminator {
-			break
-		}
-		if tok.value == "[" {
-			if err := p.unmarshalExtensionOrAny(m, seen); err != nil {
-				return err
-			}
-			continue
-		}
-
-		// This is a normal, non-extension field.
-		name := protoreflect.Name(tok.value)
-		fd := fds.ByName(name)
-		switch {
-		case fd == nil:
-			gd := fds.ByName(protoreflect.Name(strings.ToLower(string(name))))
-			if gd != nil && gd.Kind() == protoreflect.GroupKind && gd.Message().Name() == name {
-				fd = gd
-			}
-		case fd.Kind() == protoreflect.GroupKind && fd.Message().Name() != name:
-			fd = nil
-		case fd.IsWeak() && fd.Message().IsPlaceholder():
-			fd = nil
-		}
-		if fd == nil {
-			typeName := string(md.FullName())
-			if m, ok := m.Interface().(Message); ok {
-				t := reflect.TypeOf(m)
-				if t.Kind() == reflect.Ptr {
-					typeName = t.Elem().String()
-				}
-			}
-			return p.errorf("unknown field name %q in %v", name, typeName)
-		}
-		if od := fd.ContainingOneof(); od != nil && m.WhichOneof(od) != nil {
-			return p.errorf("field '%s' would overwrite already parsed oneof '%s'", name, od.Name())
-		}
-		if fd.Cardinality() != protoreflect.Repeated && seen[fd.Number()] {
-			return p.errorf("non-repeated field %q was repeated", fd.Name())
-		}
-		seen[fd.Number()] = true
-
-		// Consume any colon.
-		if err := p.checkForColon(fd); err != nil {
-			return err
-		}
-
-		// Parse into the field.
-		v := m.Get(fd)
-		if !m.Has(fd) && (fd.IsList() || fd.IsMap() || fd.Message() != nil) {
-			v = m.Mutable(fd)
-		}
-		if v, err = p.unmarshalValue(v, fd); err != nil {
-			return err
-		}
-		m.Set(fd, v)
-
-		if err := p.consumeOptionalSeparator(); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (p *textParser) unmarshalExtensionOrAny(m protoreflect.Message, seen map[protoreflect.FieldNumber]bool) error {
-	name, err := p.consumeExtensionOrAnyName()
-	if err != nil {
-		return err
-	}
-
-	// If it contains a slash, it's an Any type URL.
-	if slashIdx := strings.LastIndex(name, "/"); slashIdx >= 0 {
-		tok := p.next()
-		if tok.err != nil {
-			return tok.err
-		}
-		// consume an optional colon
-		if tok.value == ":" {
-			tok = p.next()
-			if tok.err != nil {
-				return tok.err
-			}
-		}
-
-		var terminator string
-		switch tok.value {
-		case "<":
-			terminator = ">"
-		case "{":
-			terminator = "}"
-		default:
-			return p.errorf("expected '{' or '<', found %q", tok.value)
-		}
-
-		mt, err := protoregistry.GlobalTypes.FindMessageByURL(name)
-		if err != nil {
-			return p.errorf("unrecognized message %q in google.protobuf.Any", name[slashIdx+len("/"):])
-		}
-		m2 := mt.New()
-		if err := p.unmarshalMessage(m2, terminator); err != nil {
-			return err
-		}
-		b, err := protoV2.Marshal(m2.Interface())
-		if err != nil {
-			return p.errorf("failed to marshal message of type %q: %v", name[slashIdx+len("/"):], err)
-		}
-
-		urlFD := m.Descriptor().Fields().ByName("type_url")
-		valFD := m.Descriptor().Fields().ByName("value")
-		if seen[urlFD.Number()] {
-			return p.errorf("Any message unpacked multiple times, or %q already set", urlFD.Name())
-		}
-		if seen[valFD.Number()] {
-			return p.errorf("Any message unpacked multiple times, or %q already set", valFD.Name())
-		}
-		m.Set(urlFD, protoreflect.ValueOfString(name))
-		m.Set(valFD, protoreflect.ValueOfBytes(b))
-		seen[urlFD.Number()] = true
-		seen[valFD.Number()] = true
-		return nil
-	}
-
-	xname := protoreflect.FullName(name)
-	xt, _ := protoregistry.GlobalTypes.FindExtensionByName(xname)
-	if xt == nil && isMessageSet(m.Descriptor()) {
-		xt, _ = protoregistry.GlobalTypes.FindExtensionByName(xname.Append("message_set_extension"))
-	}
-	if xt == nil {
-		return p.errorf("unrecognized extension %q", name)
-	}
-	fd := xt.TypeDescriptor()
-	if fd.ContainingMessage().FullName() != m.Descriptor().FullName() {
-		return p.errorf("extension field %q does not extend message %q", name, m.Descriptor().FullName())
-	}
-
-	if err := p.checkForColon(fd); err != nil {
-		return err
-	}
-
-	v := m.Get(fd)
-	if !m.Has(fd) && (fd.IsList() || fd.IsMap() || fd.Message() != nil) {
-		v = m.Mutable(fd)
-	}
-	v, err = p.unmarshalValue(v, fd)
-	if err != nil {
-		return err
-	}
-	m.Set(fd, v)
-	return p.consumeOptionalSeparator()
-}
-
-func (p *textParser) unmarshalValue(v protoreflect.Value, fd protoreflect.FieldDescriptor) (protoreflect.Value, error) {
-	tok := p.next()
-	if tok.err != nil {
-		return v, tok.err
-	}
-	if tok.value == "" {
-		return v, p.errorf("unexpected EOF")
-	}
-
-	switch {
-	case fd.IsList():
-		lv := v.List()
-		var err error
-		if tok.value == "[" {
-			// Repeated field with list notation, like [1,2,3].
-			for {
-				vv := lv.NewElement()
-				vv, err = p.unmarshalSingularValue(vv, fd)
-				if err != nil {
-					return v, err
-				}
-				lv.Append(vv)
-
-				tok := p.next()
-				if tok.err != nil {
-					return v, tok.err
-				}
-				if tok.value == "]" {
-					break
-				}
-				if tok.value != "," {
-					return v, p.errorf("Expected ']' or ',' found %q", tok.value)
-				}
-			}
-			return v, nil
-		}
-
-		// One value of the repeated field.
-		p.back()
-		vv := lv.NewElement()
-		vv, err = p.unmarshalSingularValue(vv, fd)
-		if err != nil {
-			return v, err
-		}
-		lv.Append(vv)
-		return v, nil
-	case fd.IsMap():
-		// The map entry should be this sequence of tokens:
-		//	< key : KEY value : VALUE >
-		// However, implementations may omit key or value, and technically
-		// we should support them in any order.
-		var terminator string
-		switch tok.value {
-		case "<":
-			terminator = ">"
-		case "{":
-			terminator = "}"
-		default:
-			return v, p.errorf("expected '{' or '<', found %q", tok.value)
-		}
-
-		keyFD := fd.MapKey()
-		valFD := fd.MapValue()
-
-		mv := v.Map()
-		kv := keyFD.Default()
-		vv := mv.NewValue()
-		for {
-			tok := p.next()
-			if tok.err != nil {
-				return v, tok.err
-			}
-			if tok.value == terminator {
-				break
-			}
-			var err error
-			switch tok.value {
-			case "key":
-				if err := p.consumeToken(":"); err != nil {
-					return v, err
-				}
-				if kv, err = p.unmarshalSingularValue(kv, keyFD); err != nil {
-					return v, err
-				}
-				if err := p.consumeOptionalSeparator(); err != nil {
-					return v, err
-				}
-			case "value":
-				if err := p.checkForColon(valFD); err != nil {
-					return v, err
-				}
-				if vv, err = p.unmarshalSingularValue(vv, valFD); err != nil {
-					return v, err
-				}
-				if err := p.consumeOptionalSeparator(); err != nil {
-					return v, err
-				}
-			default:
-				p.back()
-				return v, p.errorf(`expected "key", "value", or %q, found %q`, terminator, tok.value)
-			}
-		}
-		mv.Set(kv.MapKey(), vv)
-		return v, nil
-	default:
-		p.back()
-		return p.unmarshalSingularValue(v, fd)
-	}
-}
-
-func (p *textParser) unmarshalSingularValue(v protoreflect.Value, fd protoreflect.FieldDescriptor) (protoreflect.Value, error) {
-	tok := p.next()
-	if tok.err != nil {
-		return v, tok.err
-	}
-	if tok.value == "" {
-		return v, p.errorf("unexpected EOF")
-	}
-
-	switch fd.Kind() {
-	case protoreflect.BoolKind:
-		switch tok.value {
-		case "true", "1", "t", "True":
-			return protoreflect.ValueOfBool(true), nil
-		case "false", "0", "f", "False":
-			return protoreflect.ValueOfBool(false), nil
-		}
-	case protoreflect.Int32Kind, protoreflect.Sint32Kind, protoreflect.Sfixed32Kind:
-		if x, err := strconv.ParseInt(tok.value, 0, 32); err == nil {
-			return protoreflect.ValueOfInt32(int32(x)), nil
-		}
-
-		// The C++ parser accepts large positive hex numbers that uses
-		// two's complement arithmetic to represent negative numbers.
-		// This feature is here for backwards compatibility with C++.
-		if strings.HasPrefix(tok.value, "0x") {
-			if x, err := strconv.ParseUint(tok.value, 0, 32); err == nil {
-				return protoreflect.ValueOfInt32(int32(-(int64(^x) + 1))), nil
-			}
-		}
-	case protoreflect.Int64Kind, protoreflect.Sint64Kind, protoreflect.Sfixed64Kind:
-		if x, err := strconv.ParseInt(tok.value, 0, 64); err == nil {
-			return protoreflect.ValueOfInt64(int64(x)), nil
-		}
-
-		// The C++ parser accepts large positive hex numbers that uses
-		// two's complement arithmetic to represent negative numbers.
-		// This feature is here for backwards compatibility with C++.
-		if strings.HasPrefix(tok.value, "0x") {
-			if x, err := strconv.ParseUint(tok.value, 0, 64); err == nil {
-				return protoreflect.ValueOfInt64(int64(-(int64(^x) + 1))), nil
-			}
-		}
-	case protoreflect.Uint32Kind, protoreflect.Fixed32Kind:
-		if x, err := strconv.ParseUint(tok.value, 0, 32); err == nil {
-			return protoreflect.ValueOfUint32(uint32(x)), nil
-		}
-	case protoreflect.Uint64Kind, protoreflect.Fixed64Kind:
-		if x, err := strconv.ParseUint(tok.value, 0, 64); err == nil {
-			return protoreflect.ValueOfUint64(uint64(x)), nil
-		}
-	case protoreflect.FloatKind:
-		// Ignore 'f' for compatibility with output generated by C++,
-		// but don't remove 'f' when the value is "-inf" or "inf".
-		v := tok.value
-		if strings.HasSuffix(v, "f") && v != "-inf" && v != "inf" {
-			v = v[:len(v)-len("f")]
-		}
-		if x, err := strconv.ParseFloat(v, 32); err == nil {
-			return protoreflect.ValueOfFloat32(float32(x)), nil
-		}
-	case protoreflect.DoubleKind:
-		// Ignore 'f' for compatibility with output generated by C++,
-		// but don't remove 'f' when the value is "-inf" or "inf".
-		v := tok.value
-		if strings.HasSuffix(v, "f") && v != "-inf" && v != "inf" {
-			v = v[:len(v)-len("f")]
-		}
-		if x, err := strconv.ParseFloat(v, 64); err == nil {
-			return protoreflect.ValueOfFloat64(float64(x)), nil
-		}
-	case protoreflect.StringKind:
-		if isQuote(tok.value[0]) {
-			return protoreflect.ValueOfString(tok.unquoted), nil
-		}
-	case protoreflect.BytesKind:
-		if isQuote(tok.value[0]) {
-			return protoreflect.ValueOfBytes([]byte(tok.unquoted)), nil
-		}
-	case protoreflect.EnumKind:
-		if x, err := strconv.ParseInt(tok.value, 0, 32); err == nil {
-			return protoreflect.ValueOfEnum(protoreflect.EnumNumber(x)), nil
-		}
-		vd := fd.Enum().Values().ByName(protoreflect.Name(tok.value))
-		if vd != nil {
-			return protoreflect.ValueOfEnum(vd.Number()), nil
-		}
-	case protoreflect.MessageKind, protoreflect.GroupKind:
-		var terminator string
-		switch tok.value {
-		case "{":
-			terminator = "}"
-		case "<":
-			terminator = ">"
-		default:
-			return v, p.errorf("expected '{' or '<', found %q", tok.value)
-		}
-		err := p.unmarshalMessage(v.Message(), terminator)
-		return v, err
-	default:
-		panic(fmt.Sprintf("invalid kind %v", fd.Kind()))
-	}
-	return v, p.errorf("invalid %v: %v", fd.Kind(), tok.value)
-}
-
-// Consume a ':' from the input stream (if the next token is a colon),
-// returning an error if a colon is needed but not present.
-func (p *textParser) checkForColon(fd protoreflect.FieldDescriptor) *ParseError {
-	tok := p.next()
-	if tok.err != nil {
-		return tok.err
-	}
-	if tok.value != ":" {
-		if fd.Message() == nil {
-			return p.errorf("expected ':', found %q", tok.value)
-		}
-		p.back()
-	}
-	return nil
-}
-
-// consumeExtensionOrAnyName consumes an extension name or an Any type URL and
-// the following ']'. It returns the name or URL consumed.
-func (p *textParser) consumeExtensionOrAnyName() (string, error) {
-	tok := p.next()
-	if tok.err != nil {
-		return "", tok.err
-	}
-
-	// If extension name or type url is quoted, it's a single token.
-	if len(tok.value) > 2 && isQuote(tok.value[0]) && tok.value[len(tok.value)-1] == tok.value[0] {
-		name, err := unquoteC(tok.value[1:len(tok.value)-1], rune(tok.value[0]))
-		if err != nil {
-			return "", err
-		}
-		return name, p.consumeToken("]")
-	}
-
-	// Consume everything up to "]"
-	var parts []string
-	for tok.value != "]" {
-		parts = append(parts, tok.value)
-		tok = p.next()
-		if tok.err != nil {
-			return "", p.errorf("unrecognized type_url or extension name: %s", tok.err)
-		}
-		if p.done && tok.value != "]" {
-			return "", p.errorf("unclosed type_url or extension name")
-		}
-	}
-	return strings.Join(parts, ""), nil
-}
-
-// consumeOptionalSeparator consumes an optional semicolon or comma.
-// It is used in unmarshalMessage to provide backward compatibility.
-func (p *textParser) consumeOptionalSeparator() error {
-	tok := p.next()
-	if tok.err != nil {
-		return tok.err
-	}
-	if tok.value != ";" && tok.value != "," {
-		p.back()
-	}
-	return nil
-}
-
-func (p *textParser) errorf(format string, a ...interface{}) *ParseError {
-	pe := &ParseError{fmt.Sprintf(format, a...), p.cur.line, p.cur.offset}
-	p.cur.err = pe
-	p.done = true
-	return pe
-}
-
-func (p *textParser) skipWhitespace() {
-	i := 0
-	for i < len(p.s) && (isWhitespace(p.s[i]) || p.s[i] == '#') {
-		if p.s[i] == '#' {
-			// comment; skip to end of line or input
-			for i < len(p.s) && p.s[i] != '\n' {
-				i++
-			}
-			if i == len(p.s) {
-				break
-			}
-		}
-		if p.s[i] == '\n' {
-			p.line++
-		}
-		i++
-	}
-	p.offset += i
-	p.s = p.s[i:len(p.s)]
-	if len(p.s) == 0 {
-		p.done = true
-	}
-}
-
-func (p *textParser) advance() {
-	// Skip whitespace
-	p.skipWhitespace()
-	if p.done {
-		return
-	}
-
-	// Start of non-whitespace
-	p.cur.err = nil
-	p.cur.offset, p.cur.line = p.offset, p.line
-	p.cur.unquoted = ""
-	switch p.s[0] {
-	case '<', '>', '{', '}', ':', '[', ']', ';', ',', '/':
-		// Single symbol
-		p.cur.value, p.s = p.s[0:1], p.s[1:len(p.s)]
-	case '"', '\'':
-		// Quoted string
-		i := 1
-		for i < len(p.s) && p.s[i] != p.s[0] && p.s[i] != '\n' {
-			if p.s[i] == '\\' && i+1 < len(p.s) {
-				// skip escaped char
-				i++
-			}
-			i++
-		}
-		if i >= len(p.s) || p.s[i] != p.s[0] {
-			p.errorf("unmatched quote")
-			return
-		}
-		unq, err := unquoteC(p.s[1:i], rune(p.s[0]))
-		if err != nil {
-			p.errorf("invalid quoted string %s: %v", p.s[0:i+1], err)
-			return
-		}
-		p.cur.value, p.s = p.s[0:i+1], p.s[i+1:len(p.s)]
-		p.cur.unquoted = unq
-	default:
-		i := 0
-		for i < len(p.s) && isIdentOrNumberChar(p.s[i]) {
-			i++
-		}
-		if i == 0 {
-			p.errorf("unexpected byte %#x", p.s[0])
-			return
-		}
-		p.cur.value, p.s = p.s[0:i], p.s[i:len(p.s)]
-	}
-	p.offset += len(p.cur.value)
-}
-
-// Back off the parser by one token. Can only be done between calls to next().
-// It makes the next advance() a no-op.
-func (p *textParser) back() { p.backed = true }
-
-// Advances the parser and returns the new current token.
-func (p *textParser) next() *token {
-	if p.backed || p.done {
-		p.backed = false
-		return &p.cur
-	}
-	p.advance()
-	if p.done {
-		p.cur.value = ""
-	} else if len(p.cur.value) > 0 && isQuote(p.cur.value[0]) {
-		// Look for multiple quoted strings separated by whitespace,
-		// and concatenate them.
-		cat := p.cur
-		for {
-			p.skipWhitespace()
-			if p.done || !isQuote(p.s[0]) {
-				break
-			}
-			p.advance()
-			if p.cur.err != nil {
-				return &p.cur
-			}
-			cat.value += " " + p.cur.value
-			cat.unquoted += p.cur.unquoted
-		}
-		p.done = false // parser may have seen EOF, but we want to return cat
-		p.cur = cat
-	}
-	return &p.cur
-}
-
-func (p *textParser) consumeToken(s string) error {
-	tok := p.next()
-	if tok.err != nil {
-		return tok.err
-	}
-	if tok.value != s {
-		p.back()
-		return p.errorf("expected %q, found %q", s, tok.value)
-	}
-	return nil
-}
-
-var errBadUTF8 = errors.New("proto: bad UTF-8")
-
-func unquoteC(s string, quote rune) (string, error) {
-	// This is based on C++'s tokenizer.cc.
-	// Despite its name, this is *not* parsing C syntax.
-	// For instance, "\0" is an invalid quoted string.
-
-	// Avoid allocation in trivial cases.
-	simple := true
-	for _, r := range s {
-		if r == '\\' || r == quote {
-			simple = false
-			break
-		}
-	}
-	if simple {
-		return s, nil
-	}
-
-	buf := make([]byte, 0, 3*len(s)/2)
-	for len(s) > 0 {
-		r, n := utf8.DecodeRuneInString(s)
-		if r == utf8.RuneError && n == 1 {
-			return "", errBadUTF8
-		}
-		s = s[n:]
-		if r != '\\' {
-			if r < utf8.RuneSelf {
-				buf = append(buf, byte(r))
-			} else {
-				buf = append(buf, string(r)...)
-			}
-			continue
-		}
-
-		ch, tail, err := unescape(s)
-		if err != nil {
-			return "", err
-		}
-		buf = append(buf, ch...)
-		s = tail
-	}
-	return string(buf), nil
-}
-
-func unescape(s string) (ch string, tail string, err error) {
-	r, n := utf8.DecodeRuneInString(s)
-	if r == utf8.RuneError && n == 1 {
-		return "", "", errBadUTF8
-	}
-	s = s[n:]
-	switch r {
-	case 'a':
-		return "\a", s, nil
-	case 'b':
-		return "\b", s, nil
-	case 'f':
-		return "\f", s, nil
-	case 'n':
-		return "\n", s, nil
-	case 'r':
-		return "\r", s, nil
-	case 't':
-		return "\t", s, nil
-	case 'v':
-		return "\v", s, nil
-	case '?':
-		return "?", s, nil // trigraph workaround
-	case '\'', '"', '\\':
-		return string(r), s, nil
-	case '0', '1', '2', '3', '4', '5', '6', '7':
-		if len(s) < 2 {
-			return "", "", fmt.Errorf(`\%c requires 2 following digits`, r)
-		}
-		ss := string(r) + s[:2]
-		s = s[2:]
-		i, err := strconv.ParseUint(ss, 8, 8)
-		if err != nil {
-			return "", "", fmt.Errorf(`\%s contains non-octal digits`, ss)
-		}
-		return string([]byte{byte(i)}), s, nil
-	case 'x', 'X', 'u', 'U':
-		var n int
-		switch r {
-		case 'x', 'X':
-			n = 2
-		case 'u':
-			n = 4
-		case 'U':
-			n = 8
-		}
-		if len(s) < n {
-			return "", "", fmt.Errorf(`\%c requires %d following digits`, r, n)
-		}
-		ss := s[:n]
-		s = s[n:]
-		i, err := strconv.ParseUint(ss, 16, 64)
-		if err != nil {
-			return "", "", fmt.Errorf(`\%c%s contains non-hexadecimal digits`, r, ss)
-		}
-		if r == 'x' || r == 'X' {
-			return string([]byte{byte(i)}), s, nil
-		}
-		if i > utf8.MaxRune {
-			return "", "", fmt.Errorf(`\%c%s is not a valid Unicode code point`, r, ss)
-		}
-		return string(rune(i)), s, nil
-	}
-	return "", "", fmt.Errorf(`unknown escape \%c`, r)
-}
-
-func isIdentOrNumberChar(c byte) bool {
-	switch {
-	case 'A' <= c && c <= 'Z', 'a' <= c && c <= 'z':
-		return true
-	case '0' <= c && c <= '9':
-		return true
-	}
-	switch c {
-	case '-', '+', '.', '_':
-		return true
-	}
-	return false
-}
-
-func isWhitespace(c byte) bool {
-	switch c {
-	case ' ', '\t', '\n', '\r':
-		return true
-	}
-	return false
-}
-
-func isQuote(c byte) bool {
-	switch c {
-	case '"', '\'':
-		return true
-	}
-	return false
-}
diff --git a/vendor/github.com/golang/protobuf/proto/text_encode.go b/vendor/github.com/golang/protobuf/proto/text_encode.go
deleted file mode 100644
index a31134eeb..000000000
--- a/vendor/github.com/golang/protobuf/proto/text_encode.go
+++ /dev/null
@@ -1,560 +0,0 @@
-// Copyright 2010 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	"bytes"
-	"encoding"
-	"fmt"
-	"io"
-	"math"
-	"sort"
-	"strings"
-
-	"google.golang.org/protobuf/encoding/prototext"
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-)
-
-const wrapTextMarshalV2 = false
-
-// TextMarshaler is a configurable text format marshaler.
-type TextMarshaler struct {
-	Compact   bool // use compact text format (one line)
-	ExpandAny bool // expand google.protobuf.Any messages of known types
-}
-
-// Marshal writes the proto text format of m to w.
-func (tm *TextMarshaler) Marshal(w io.Writer, m Message) error {
-	b, err := tm.marshal(m)
-	if len(b) > 0 {
-		if _, err := w.Write(b); err != nil {
-			return err
-		}
-	}
-	return err
-}
-
-// Text returns a proto text formatted string of m.
-func (tm *TextMarshaler) Text(m Message) string {
-	b, _ := tm.marshal(m)
-	return string(b)
-}
-
-func (tm *TextMarshaler) marshal(m Message) ([]byte, error) {
-	mr := MessageReflect(m)
-	if mr == nil || !mr.IsValid() {
-		return []byte(""), nil
-	}
-
-	if wrapTextMarshalV2 {
-		if m, ok := m.(encoding.TextMarshaler); ok {
-			return m.MarshalText()
-		}
-
-		opts := prototext.MarshalOptions{
-			AllowPartial: true,
-			EmitUnknown:  true,
-		}
-		if !tm.Compact {
-			opts.Indent = "  "
-		}
-		if !tm.ExpandAny {
-			opts.Resolver = (*protoregistry.Types)(nil)
-		}
-		return opts.Marshal(mr.Interface())
-	} else {
-		w := &textWriter{
-			compact:   tm.Compact,
-			expandAny: tm.ExpandAny,
-			complete:  true,
-		}
-
-		if m, ok := m.(encoding.TextMarshaler); ok {
-			b, err := m.MarshalText()
-			if err != nil {
-				return nil, err
-			}
-			w.Write(b)
-			return w.buf, nil
-		}
-
-		err := w.writeMessage(mr)
-		return w.buf, err
-	}
-}
-
-var (
-	defaultTextMarshaler = TextMarshaler{}
-	compactTextMarshaler = TextMarshaler{Compact: true}
-)
-
-// MarshalText writes the proto text format of m to w.
-func MarshalText(w io.Writer, m Message) error { return defaultTextMarshaler.Marshal(w, m) }
-
-// MarshalTextString returns a proto text formatted string of m.
-func MarshalTextString(m Message) string { return defaultTextMarshaler.Text(m) }
-
-// CompactText writes the compact proto text format of m to w.
-func CompactText(w io.Writer, m Message) error { return compactTextMarshaler.Marshal(w, m) }
-
-// CompactTextString returns a compact proto text formatted string of m.
-func CompactTextString(m Message) string { return compactTextMarshaler.Text(m) }
-
-var (
-	newline         = []byte("\n")
-	endBraceNewline = []byte("}\n")
-	posInf          = []byte("inf")
-	negInf          = []byte("-inf")
-	nan             = []byte("nan")
-)
-
-// textWriter is an io.Writer that tracks its indentation level.
-type textWriter struct {
-	compact   bool // same as TextMarshaler.Compact
-	expandAny bool // same as TextMarshaler.ExpandAny
-	complete  bool // whether the current position is a complete line
-	indent    int  // indentation level; never negative
-	buf       []byte
-}
-
-func (w *textWriter) Write(p []byte) (n int, _ error) {
-	newlines := bytes.Count(p, newline)
-	if newlines == 0 {
-		if !w.compact && w.complete {
-			w.writeIndent()
-		}
-		w.buf = append(w.buf, p...)
-		w.complete = false
-		return len(p), nil
-	}
-
-	frags := bytes.SplitN(p, newline, newlines+1)
-	if w.compact {
-		for i, frag := range frags {
-			if i > 0 {
-				w.buf = append(w.buf, ' ')
-				n++
-			}
-			w.buf = append(w.buf, frag...)
-			n += len(frag)
-		}
-		return n, nil
-	}
-
-	for i, frag := range frags {
-		if w.complete {
-			w.writeIndent()
-		}
-		w.buf = append(w.buf, frag...)
-		n += len(frag)
-		if i+1 < len(frags) {
-			w.buf = append(w.buf, '\n')
-			n++
-		}
-	}
-	w.complete = len(frags[len(frags)-1]) == 0
-	return n, nil
-}
-
-func (w *textWriter) WriteByte(c byte) error {
-	if w.compact && c == '\n' {
-		c = ' '
-	}
-	if !w.compact && w.complete {
-		w.writeIndent()
-	}
-	w.buf = append(w.buf, c)
-	w.complete = c == '\n'
-	return nil
-}
-
-func (w *textWriter) writeName(fd protoreflect.FieldDescriptor) {
-	if !w.compact && w.complete {
-		w.writeIndent()
-	}
-	w.complete = false
-
-	if fd.Kind() != protoreflect.GroupKind {
-		w.buf = append(w.buf, fd.Name()...)
-		w.WriteByte(':')
-	} else {
-		// Use message type name for group field name.
-		w.buf = append(w.buf, fd.Message().Name()...)
-	}
-
-	if !w.compact {
-		w.WriteByte(' ')
-	}
-}
-
-func requiresQuotes(u string) bool {
-	// When type URL contains any characters except [0-9A-Za-z./\-]*, it must be quoted.
-	for _, ch := range u {
-		switch {
-		case ch == '.' || ch == '/' || ch == '_':
-			continue
-		case '0' <= ch && ch <= '9':
-			continue
-		case 'A' <= ch && ch <= 'Z':
-			continue
-		case 'a' <= ch && ch <= 'z':
-			continue
-		default:
-			return true
-		}
-	}
-	return false
-}
-
-// writeProto3Any writes an expanded google.protobuf.Any message.
-//
-// It returns (false, nil) if sv value can't be unmarshaled (e.g. because
-// required messages are not linked in).
-//
-// It returns (true, error) when sv was written in expanded format or an error
-// was encountered.
-func (w *textWriter) writeProto3Any(m protoreflect.Message) (bool, error) {
-	md := m.Descriptor()
-	fdURL := md.Fields().ByName("type_url")
-	fdVal := md.Fields().ByName("value")
-
-	url := m.Get(fdURL).String()
-	mt, err := protoregistry.GlobalTypes.FindMessageByURL(url)
-	if err != nil {
-		return false, nil
-	}
-
-	b := m.Get(fdVal).Bytes()
-	m2 := mt.New()
-	if err := proto.Unmarshal(b, m2.Interface()); err != nil {
-		return false, nil
-	}
-	w.Write([]byte("["))
-	if requiresQuotes(url) {
-		w.writeQuotedString(url)
-	} else {
-		w.Write([]byte(url))
-	}
-	if w.compact {
-		w.Write([]byte("]:<"))
-	} else {
-		w.Write([]byte("]: <\n"))
-		w.indent++
-	}
-	if err := w.writeMessage(m2); err != nil {
-		return true, err
-	}
-	if w.compact {
-		w.Write([]byte("> "))
-	} else {
-		w.indent--
-		w.Write([]byte(">\n"))
-	}
-	return true, nil
-}
-
-func (w *textWriter) writeMessage(m protoreflect.Message) error {
-	md := m.Descriptor()
-	if w.expandAny && md.FullName() == "google.protobuf.Any" {
-		if canExpand, err := w.writeProto3Any(m); canExpand {
-			return err
-		}
-	}
-
-	fds := md.Fields()
-	for i := 0; i < fds.Len(); {
-		fd := fds.Get(i)
-		if od := fd.ContainingOneof(); od != nil {
-			fd = m.WhichOneof(od)
-			i += od.Fields().Len()
-		} else {
-			i++
-		}
-		if fd == nil || !m.Has(fd) {
-			continue
-		}
-
-		switch {
-		case fd.IsList():
-			lv := m.Get(fd).List()
-			for j := 0; j < lv.Len(); j++ {
-				w.writeName(fd)
-				v := lv.Get(j)
-				if err := w.writeSingularValue(v, fd); err != nil {
-					return err
-				}
-				w.WriteByte('\n')
-			}
-		case fd.IsMap():
-			kfd := fd.MapKey()
-			vfd := fd.MapValue()
-			mv := m.Get(fd).Map()
-
-			type entry struct{ key, val protoreflect.Value }
-			var entries []entry
-			mv.Range(func(k protoreflect.MapKey, v protoreflect.Value) bool {
-				entries = append(entries, entry{k.Value(), v})
-				return true
-			})
-			sort.Slice(entries, func(i, j int) bool {
-				switch kfd.Kind() {
-				case protoreflect.BoolKind:
-					return !entries[i].key.Bool() && entries[j].key.Bool()
-				case protoreflect.Int32Kind, protoreflect.Sint32Kind, protoreflect.Sfixed32Kind, protoreflect.Int64Kind, protoreflect.Sint64Kind, protoreflect.Sfixed64Kind:
-					return entries[i].key.Int() < entries[j].key.Int()
-				case protoreflect.Uint32Kind, protoreflect.Fixed32Kind, protoreflect.Uint64Kind, protoreflect.Fixed64Kind:
-					return entries[i].key.Uint() < entries[j].key.Uint()
-				case protoreflect.StringKind:
-					return entries[i].key.String() < entries[j].key.String()
-				default:
-					panic("invalid kind")
-				}
-			})
-			for _, entry := range entries {
-				w.writeName(fd)
-				w.WriteByte('<')
-				if !w.compact {
-					w.WriteByte('\n')
-				}
-				w.indent++
-				w.writeName(kfd)
-				if err := w.writeSingularValue(entry.key, kfd); err != nil {
-					return err
-				}
-				w.WriteByte('\n')
-				w.writeName(vfd)
-				if err := w.writeSingularValue(entry.val, vfd); err != nil {
-					return err
-				}
-				w.WriteByte('\n')
-				w.indent--
-				w.WriteByte('>')
-				w.WriteByte('\n')
-			}
-		default:
-			w.writeName(fd)
-			if err := w.writeSingularValue(m.Get(fd), fd); err != nil {
-				return err
-			}
-			w.WriteByte('\n')
-		}
-	}
-
-	if b := m.GetUnknown(); len(b) > 0 {
-		w.writeUnknownFields(b)
-	}
-	return w.writeExtensions(m)
-}
-
-func (w *textWriter) writeSingularValue(v protoreflect.Value, fd protoreflect.FieldDescriptor) error {
-	switch fd.Kind() {
-	case protoreflect.FloatKind, protoreflect.DoubleKind:
-		switch vf := v.Float(); {
-		case math.IsInf(vf, +1):
-			w.Write(posInf)
-		case math.IsInf(vf, -1):
-			w.Write(negInf)
-		case math.IsNaN(vf):
-			w.Write(nan)
-		default:
-			fmt.Fprint(w, v.Interface())
-		}
-	case protoreflect.StringKind:
-		// NOTE: This does not validate UTF-8 for historical reasons.
-		w.writeQuotedString(string(v.String()))
-	case protoreflect.BytesKind:
-		w.writeQuotedString(string(v.Bytes()))
-	case protoreflect.MessageKind, protoreflect.GroupKind:
-		var bra, ket byte = '<', '>'
-		if fd.Kind() == protoreflect.GroupKind {
-			bra, ket = '{', '}'
-		}
-		w.WriteByte(bra)
-		if !w.compact {
-			w.WriteByte('\n')
-		}
-		w.indent++
-		m := v.Message()
-		if m2, ok := m.Interface().(encoding.TextMarshaler); ok {
-			b, err := m2.MarshalText()
-			if err != nil {
-				return err
-			}
-			w.Write(b)
-		} else {
-			w.writeMessage(m)
-		}
-		w.indent--
-		w.WriteByte(ket)
-	case protoreflect.EnumKind:
-		if ev := fd.Enum().Values().ByNumber(v.Enum()); ev != nil {
-			fmt.Fprint(w, ev.Name())
-		} else {
-			fmt.Fprint(w, v.Enum())
-		}
-	default:
-		fmt.Fprint(w, v.Interface())
-	}
-	return nil
-}
-
-// writeQuotedString writes a quoted string in the protocol buffer text format.
-func (w *textWriter) writeQuotedString(s string) {
-	w.WriteByte('"')
-	for i := 0; i < len(s); i++ {
-		switch c := s[i]; c {
-		case '\n':
-			w.buf = append(w.buf, `\n`...)
-		case '\r':
-			w.buf = append(w.buf, `\r`...)
-		case '\t':
-			w.buf = append(w.buf, `\t`...)
-		case '"':
-			w.buf = append(w.buf, `\"`...)
-		case '\\':
-			w.buf = append(w.buf, `\\`...)
-		default:
-			if isPrint := c >= 0x20 && c < 0x7f; isPrint {
-				w.buf = append(w.buf, c)
-			} else {
-				w.buf = append(w.buf, fmt.Sprintf(`\%03o`, c)...)
-			}
-		}
-	}
-	w.WriteByte('"')
-}
-
-func (w *textWriter) writeUnknownFields(b []byte) {
-	if !w.compact {
-		fmt.Fprintf(w, "/* %d unknown bytes */\n", len(b))
-	}
-
-	for len(b) > 0 {
-		num, wtyp, n := protowire.ConsumeTag(b)
-		if n < 0 {
-			return
-		}
-		b = b[n:]
-
-		if wtyp == protowire.EndGroupType {
-			w.indent--
-			w.Write(endBraceNewline)
-			continue
-		}
-		fmt.Fprint(w, num)
-		if wtyp != protowire.StartGroupType {
-			w.WriteByte(':')
-		}
-		if !w.compact || wtyp == protowire.StartGroupType {
-			w.WriteByte(' ')
-		}
-		switch wtyp {
-		case protowire.VarintType:
-			v, n := protowire.ConsumeVarint(b)
-			if n < 0 {
-				return
-			}
-			b = b[n:]
-			fmt.Fprint(w, v)
-		case protowire.Fixed32Type:
-			v, n := protowire.ConsumeFixed32(b)
-			if n < 0 {
-				return
-			}
-			b = b[n:]
-			fmt.Fprint(w, v)
-		case protowire.Fixed64Type:
-			v, n := protowire.ConsumeFixed64(b)
-			if n < 0 {
-				return
-			}
-			b = b[n:]
-			fmt.Fprint(w, v)
-		case protowire.BytesType:
-			v, n := protowire.ConsumeBytes(b)
-			if n < 0 {
-				return
-			}
-			b = b[n:]
-			fmt.Fprintf(w, "%q", v)
-		case protowire.StartGroupType:
-			w.WriteByte('{')
-			w.indent++
-		default:
-			fmt.Fprintf(w, "/* unknown wire type %d */", wtyp)
-		}
-		w.WriteByte('\n')
-	}
-}
-
-// writeExtensions writes all the extensions in m.
-func (w *textWriter) writeExtensions(m protoreflect.Message) error {
-	md := m.Descriptor()
-	if md.ExtensionRanges().Len() == 0 {
-		return nil
-	}
-
-	type ext struct {
-		desc protoreflect.FieldDescriptor
-		val  protoreflect.Value
-	}
-	var exts []ext
-	m.Range(func(fd protoreflect.FieldDescriptor, v protoreflect.Value) bool {
-		if fd.IsExtension() {
-			exts = append(exts, ext{fd, v})
-		}
-		return true
-	})
-	sort.Slice(exts, func(i, j int) bool {
-		return exts[i].desc.Number() < exts[j].desc.Number()
-	})
-
-	for _, ext := range exts {
-		// For message set, use the name of the message as the extension name.
-		name := string(ext.desc.FullName())
-		if isMessageSet(ext.desc.ContainingMessage()) {
-			name = strings.TrimSuffix(name, ".message_set_extension")
-		}
-
-		if !ext.desc.IsList() {
-			if err := w.writeSingularExtension(name, ext.val, ext.desc); err != nil {
-				return err
-			}
-		} else {
-			lv := ext.val.List()
-			for i := 0; i < lv.Len(); i++ {
-				if err := w.writeSingularExtension(name, lv.Get(i), ext.desc); err != nil {
-					return err
-				}
-			}
-		}
-	}
-	return nil
-}
-
-func (w *textWriter) writeSingularExtension(name string, v protoreflect.Value, fd protoreflect.FieldDescriptor) error {
-	fmt.Fprintf(w, "[%s]:", name)
-	if !w.compact {
-		w.WriteByte(' ')
-	}
-	if err := w.writeSingularValue(v, fd); err != nil {
-		return err
-	}
-	w.WriteByte('\n')
-	return nil
-}
-
-func (w *textWriter) writeIndent() {
-	if !w.complete {
-		return
-	}
-	for i := 0; i < w.indent*2; i++ {
-		w.buf = append(w.buf, ' ')
-	}
-	w.complete = false
-}
diff --git a/vendor/github.com/golang/protobuf/proto/wire.go b/vendor/github.com/golang/protobuf/proto/wire.go
deleted file mode 100644
index d7c28da5a..000000000
--- a/vendor/github.com/golang/protobuf/proto/wire.go
+++ /dev/null
@@ -1,78 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-import (
-	protoV2 "google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/runtime/protoiface"
-)
-
-// Size returns the size in bytes of the wire-format encoding of m.
-func Size(m Message) int {
-	if m == nil {
-		return 0
-	}
-	mi := MessageV2(m)
-	return protoV2.Size(mi)
-}
-
-// Marshal returns the wire-format encoding of m.
-func Marshal(m Message) ([]byte, error) {
-	b, err := marshalAppend(nil, m, false)
-	if b == nil {
-		b = zeroBytes
-	}
-	return b, err
-}
-
-var zeroBytes = make([]byte, 0, 0)
-
-func marshalAppend(buf []byte, m Message, deterministic bool) ([]byte, error) {
-	if m == nil {
-		return nil, ErrNil
-	}
-	mi := MessageV2(m)
-	nbuf, err := protoV2.MarshalOptions{
-		Deterministic: deterministic,
-		AllowPartial:  true,
-	}.MarshalAppend(buf, mi)
-	if err != nil {
-		return buf, err
-	}
-	if len(buf) == len(nbuf) {
-		if !mi.ProtoReflect().IsValid() {
-			return buf, ErrNil
-		}
-	}
-	return nbuf, checkRequiredNotSet(mi)
-}
-
-// Unmarshal parses a wire-format message in b and places the decoded results in m.
-//
-// Unmarshal resets m before starting to unmarshal, so any existing data in m is always
-// removed. Use UnmarshalMerge to preserve and append to existing data.
-func Unmarshal(b []byte, m Message) error {
-	m.Reset()
-	return UnmarshalMerge(b, m)
-}
-
-// UnmarshalMerge parses a wire-format message in b and places the decoded results in m.
-func UnmarshalMerge(b []byte, m Message) error {
-	mi := MessageV2(m)
-	out, err := protoV2.UnmarshalOptions{
-		AllowPartial: true,
-		Merge:        true,
-	}.UnmarshalState(protoiface.UnmarshalInput{
-		Buf:     b,
-		Message: mi.ProtoReflect(),
-	})
-	if err != nil {
-		return err
-	}
-	if out.Flags&protoiface.UnmarshalInitialized > 0 {
-		return nil
-	}
-	return checkRequiredNotSet(mi)
-}
diff --git a/vendor/github.com/golang/protobuf/proto/wrappers.go b/vendor/github.com/golang/protobuf/proto/wrappers.go
deleted file mode 100644
index 398e34859..000000000
--- a/vendor/github.com/golang/protobuf/proto/wrappers.go
+++ /dev/null
@@ -1,34 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-// Bool stores v in a new bool value and returns a pointer to it.
-func Bool(v bool) *bool { return &v }
-
-// Int stores v in a new int32 value and returns a pointer to it.
-//
-// Deprecated: Use Int32 instead.
-func Int(v int) *int32 { return Int32(int32(v)) }
-
-// Int32 stores v in a new int32 value and returns a pointer to it.
-func Int32(v int32) *int32 { return &v }
-
-// Int64 stores v in a new int64 value and returns a pointer to it.
-func Int64(v int64) *int64 { return &v }
-
-// Uint32 stores v in a new uint32 value and returns a pointer to it.
-func Uint32(v uint32) *uint32 { return &v }
-
-// Uint64 stores v in a new uint64 value and returns a pointer to it.
-func Uint64(v uint64) *uint64 { return &v }
-
-// Float32 stores v in a new float32 value and returns a pointer to it.
-func Float32(v float32) *float32 { return &v }
-
-// Float64 stores v in a new float64 value and returns a pointer to it.
-func Float64(v float64) *float64 { return &v }
-
-// String stores v in a new string value and returns a pointer to it.
-func String(v string) *string { return &v }
diff --git a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
index 4bff3ed0f..3c56553dc 100644
--- a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
+++ b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
@@ -2,12 +2,143 @@
 
 ## HEAD
 
+## v1.1.7
+
+* Recommended Go version for development: 1.20
+  * This is the version used by the Cloud Build presubmits. Using a different version can lead to presubmits failing due to unexpected diffs.
+
+* Bump golangci-lint from 1.51.1 to 1.55.1 (developers should update to this version).
+
+### Add support for WASI port
+
+* Add build tags for wasip1 GOOS by @flavio in https://github.com/google/certificate-transparency-go/pull/1089
+
+### Add support for IBM Z operating system z/OS
+
+* Add build tags for zOS by @onlywork1984 in https://github.com/google/certificate-transparency-go/pull/1088
+
+### Log List
+
+* Add support for "is_all_logs" field in loglist3 by @phbnf in https://github.com/google/certificate-transparency-go/pull/1095
+
+### Documentation
+
+* Improve Dockerized Test Deployment documentation by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1179
+
+### Misc
+
+* Escape forward slashes in certificate Subject names when used as user quota id strings by @robstradling in https://github.com/google/certificate-transparency-go/pull/1059
+* Search whole chain looking for issuer match by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1112
+* Use proper check per @AGWA instead of buggy check introduced in #1112 by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1114
+* Build the ctfe/ct_server binary without depending on glibc by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1119
+* Migrate CTFE Ingress manifest to support GKE version 1.23 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1086
+* Remove Dependabot ignore configuration by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1097
+* Add "github-actions" and "docker" Dependabot config by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1101
+* Add top level permission in CodeQL workflow by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1102
+* Pin Docker image dependencies by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1110
+* Remove GO111MODULE from Dockerfile and Cloud Build yaml files by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1113
+* Add docker Dependabot config by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1126
+* Export is_mirror = 0.0 for non mirror instead of nothing by @phbnf in https://github.com/google/certificate-transparency-go/pull/1133
+* Add govulncheck GitHub action by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1145
+* Spelling by @jsoref in https://github.com/google/certificate-transparency-go/pull/1144
+
+### Dependency update
+
+* Bump Go from 1.19 to 1.20 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1146
+* Bump golangci-lint from 1.51.1 to 1.55.1 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1214
+* Bump go.etcd.io/etcd/v3 from 3.5.8 to 3.5.9 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1083
+* Bump golang.org/x/crypto from 0.8.0 to 0.9.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/108
+* Bump github.com/mattn/go-sqlite3 from 1.14.16 to 1.14.17 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1092
+* Bump golang.org/x/net from 0.10.0 to 0.11.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1094
+* Bump github.com/prometheus/client_golang from 1.15.1 to 1.16.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1098
+* Bump google.golang.org/protobuf from 1.30.0 to 1.31.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1099
+* Bump golang.org/x/net from 0.11.0 to 0.12.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1108
+* Bump actions/checkout from 3.1.0 to 3.5.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1103
+* Bump github/codeql-action from 2.1.27 to 2.20.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1104
+* Bump ossf/scorecard-action from 2.0.6 to 2.2.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1105
+* Bump actions/upload-artifact from 3.1.0 to 3.1.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1106
+* Bump github/codeql-action from 2.20.3 to 2.20.4 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1115
+* Bump github/codeql-action from 2.20.4 to 2.21.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1117
+* Bump golang.org/x/net from 0.12.0 to 0.14.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1124
+* Bump github/codeql-action from 2.21.0 to 2.21.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1121
+* Bump github/codeql-action from 2.21.2 to 2.21.4 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1125
+* Bump golang from `fd9306e` to `eb3f9ac` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1127
+* Bump alpine from 3.8 to 3.18 in /trillian/examples/deployment/docker/envsubst by @dependabot in https://github.com/google/certificate-transparency-go/pull/1129
+* Bump golang from `fd9306e` to `eb3f9ac` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1128
+* Bump alpine from `82d1e9d` to `7144f7b` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1130
+* Bump golang from `fd9306e` to `eb3f9ac` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1131
+* Bump golang from 1.19-alpine to 1.21-alpine in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1132
+* Bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1134
+* Bump github/codeql-action from 2.21.4 to 2.21.5 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1135
+* Bump distroless/base from `73deaaf` to `46c5b9b` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1136
+* Bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1137
+* Bump golang.org/x/net from 0.14.0 to 0.15.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1139
+* Bump github.com/rs/cors from 1.9.0 to 1.10.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1140
+* Bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1141
+* Bump golang from `445f340` to `96634e5` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1142
+* Bump github/codeql-action from 2.21.5 to 2.21.6 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1149
+* Bump Docker golang base images to 1.21.1 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1147
+* Bump github/codeql-action from 2.21.6 to 2.21.7 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1150
+* Bump github/codeql-action from 2.21.7 to 2.21.8 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1152
+* Bump golang from `d3114db` to `a0b3bc4` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1155
+* Bump golang from `d3114db` to `a0b3bc4` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1157
+* Bump golang from `d3114db` to `a0b3bc4` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1156
+* Bump golang from `d3114db` to `a0b3bc4` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1158
+* Bump golang from `e06b3a4` to `114b9cc` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1159
+* Bump golang from `a0b3bc4` to `114b9cc` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1160
+* Bump golang from `a0b3bc4` to `114b9cc` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1161
+* Bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1162
+* Bump golang from `114b9cc` to `9c7ea4a` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1163
+* Bump golang from `114b9cc` to `9c7ea4a` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1166
+* Bump golang from `114b9cc` to `9c7ea4a` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1165
+* Bump golang from `114b9cc` to `9c7ea4a` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1164
+* Bump github/codeql-action from 2.21.8 to 2.21.9 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1169
+* Bump golang from `9c7ea4a` to `61f84bc` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1168
+* Bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1172
+* Bump golang from `9c7ea4a` to `61f84bc` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1170
+* Bump github.com/rs/cors from 1.10.0 to 1.10.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1176
+* Bump alpine from `7144f7b` to `eece025` in /trillian/examples/deployment/docker/envsubst by @dependabot in https://github.com/google/certificate-transparency-go/pull/1174
+* Bump alpine from `7144f7b` to `eece025` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1175
+* Bump golang from `9c7ea4a` to `61f84bc` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1171
+* Bump golang from `9c7ea4a` to `61f84bc` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1173
+* Bump distroless/base from `46c5b9b` to `a35b652` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1177
+* Bump golang.org/x/crypto from 0.13.0 to 0.14.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1178
+* Bump github/codeql-action from 2.21.9 to 2.22.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1180
+* Bump golang from 1.21.1-bookworm to 1.21.2-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1181
+* Bump golang.org/x/net from 0.15.0 to 0.16.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1184
+* Bump golang from 1.21.1-bookworm to 1.21.2-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1182
+* Bump golang from 1.21.1-bookworm to 1.21.2-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1185
+* Bump golang from 1.21.1-bookworm to 1.21.2-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1183
+* Bump github/codeql-action from 2.22.0 to 2.22.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1186
+* Bump distroless/base from `a35b652` to `b31a6e0` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1188
+* Bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1187
+* Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1189
+* Bump golang.org/x/net from 0.16.0 to 0.17.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1190
+* Bump go-version-input from 1.20.8 to 1.20.10 in govulncheck by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1195
+* Bump golang from 1.21.2-bookworm to 1.21.3-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1193
+* Bump golang from 1.21.2-bookworm to 1.21.3-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1191
+* Bump golang from 1.21.2-bookworm to 1.21.3-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1194
+* Bump golang from 1.21.2-bookworm to 1.21.3-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1192
+* Bump golang from `a94b089` to `8f9a1ec` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1196
+* Bump github/codeql-action from 2.22.1 to 2.22.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1197
+* Bump golang from `a94b089` to `5cc7ddc` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1200
+* Bump golang from `a94b089` to `5cc7ddc` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1199
+* Bump github/codeql-action from 2.22.2 to 2.22.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1202
+* Bump golang from `5cc7ddc` to `20f9ab5` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1203
+* Bump golang from `a94b089` to `20f9ab5` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1198
+* Bump golang from `8f9a1ec` to `20f9ab5` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1201
+* Bump actions/checkout from 4.1.0 to 4.1.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1204
+* Bump github/codeql-action from 2.22.3 to 2.22.4 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1206
+* Bump ossf/scorecard-action from 2.3.0 to 2.3.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1207
+* Bump github/codeql-action from 2.22.4 to 2.22.5 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1209
+* Bump multiple Go module dependencies by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1213
+
 ## v1.1.6
 
-## Dependency update
+### Dependency update
 
- * Bump Trillian to v1.5.2
- * Bump Prometheus to v0.43.1
+* Bump Trillian to v1.5.2
+* Bump Prometheus to v0.43.1
 
 ## v1.1.5
 
@@ -20,7 +151,7 @@
 
  * Remove v2 log list package files.
 
- ### Misc
+### Misc
 
  * Updated golangci-lint to v1.51.1 (developers should update to this version).
  * Bump Go version from 1.17 to 1.19.
@@ -146,7 +277,7 @@ entries whose `start` parameter does not fall on a multiple of the maximum
 permitted number of entries, will have their responses truncated such that
 subsequent requests will align with this boundary.
 This is intended to coerce callers of `get-entries` into all using the same
-`start` and `end` parameters and thereby increase the cachability of
+`start` and `end` parameters and thereby increase the cacheability of
 these requests.
 
 e.g.:
@@ -582,7 +713,7 @@ Commit [3955e4a00c42e83ff17ce25003976159c5d0f0f9](https://api.github.com/repos/g
 
 Published 2018-06-01 14:02:58 +0000 UTC
 
-This release is mostly fixes to the `x509` and `asn1` packages. Some command line utilties were also updated.
+This release is mostly fixes to the `x509` and `asn1` packages. Some command line utilities were also updated.
 
 Commit [ae40d07cce12f1227c6e658e61c9dddb7646f97b](https://api.github.com/repos/google/certificate-transparency-go/commits/ae40d07cce12f1227c6e658e61c9dddb7646f97b) Download [zip](https://api.github.com/repos/google/certificate-transparency-go/zipball/v1.0.5)
 
diff --git a/vendor/github.com/google/certificate-transparency-go/README.md b/vendor/github.com/google/certificate-transparency-go/README.md
index fc015ed70..a7b9ccea5 100644
--- a/vendor/github.com/google/certificate-transparency-go/README.md
+++ b/vendor/github.com/google/certificate-transparency-go/README.md
@@ -6,7 +6,7 @@
 
 This repository holds Go code related to
 [Certificate Transparency](https://www.certificate-transparency.org/) (CT).  The
-repository requires Go version 1.19.
+repository requires Go version 1.20.
 
  - [Repository Structure](#repository-structure)
  - [Trillian CT Personality](#trillian-ct-personality)
@@ -81,7 +81,7 @@ pull requests for review.
 
 ```bash
 # Install golangci-lint
-go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.51.1
+go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.55.1
 
 # Run code generation, build, test and linters
 ./scripts/presubmit.sh
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
index 93888a209..1c3ee20bf 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
@@ -14,7 +14,6 @@ options:
   - name: go-modules
     path: /go
   env:
-  - GO111MODULE=on
   - GOPROXY=https://proxy.golang.org
   - PROJECT_ROOT=github.com/google/certificate-transparency-go
   - GOPATH=/go
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
index 238c8eda4..9cb105e57 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
@@ -14,7 +14,6 @@ options:
   - name: go-modules
     path: /go
   env:
-  - GO111MODULE=on
   - GOPROXY=https://proxy.golang.org
   - PROJECT_ROOT=github.com/google/certificate-transparency-go
   - GOPATH=/go
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml
index f1182ecd9..2cd19f910 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml
@@ -14,7 +14,6 @@ options:
   - name: go-modules
     path: /go
   env:
-  - GO111MODULE=on
   - GOPROXY=https://proxy.golang.org
   - PROJECT_ROOT=github.com/google/certificate-transparency-go
   - GOPATH=/go
diff --git a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
index 46d5dde80..a95f19ccd 100644
--- a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
+++ b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
@@ -274,7 +274,7 @@ func (c *JSONClient) waitForBackoff(ctx context.Context) error {
 }
 
 // PostAndParseWithRetry makes a HTTP POST call, but retries (with backoff) on
-// retriable errors; the caller should set a deadline on the provided context
+// retryable errors; the caller should set a deadline on the provided context
 // to prevent infinite retries.  Return values are as for PostAndParse.
 func (c *JSONClient) PostAndParseWithRetry(ctx context.Context, path string, req, rsp interface{}) (*http.Response, []byte, error) {
 	if ctx == nil {
diff --git a/vendor/github.com/google/certificate-transparency-go/tls/tls.go b/vendor/github.com/google/certificate-transparency-go/tls/tls.go
index 030074c19..a48c998f4 100644
--- a/vendor/github.com/google/certificate-transparency-go/tls/tls.go
+++ b/vendor/github.com/google/certificate-transparency-go/tls/tls.go
@@ -638,7 +638,7 @@ func marshalField(out *bytes.Buffer, v reflect.Value, info *fieldInfo) error {
 			}
 		}
 		// Now we have seen all fields in the structure, check that all select(Enum) {..} selector
-		// fields found a source field get get their data from.
+		// fields found a source field to get their data from.
 		for selector, seen := range selectorSeen {
 			if !seen {
 				return syntaxError{info.fieldName(), selector + ": unhandled value for selector"}
diff --git a/vendor/github.com/google/certificate-transparency-go/types.go b/vendor/github.com/google/certificate-transparency-go/types.go
index c797d9ceb..b6af606bf 100644
--- a/vendor/github.com/google/certificate-transparency-go/types.go
+++ b/vendor/github.com/google/certificate-transparency-go/types.go
@@ -555,7 +555,7 @@ type LeafEntry struct {
 	ExtraData []byte `json:"extra_data"`
 }
 
-// GetEntriesResponse respresents the JSON response to the get-entries GET method
+// GetEntriesResponse represents the JSON response to the get-entries GET method
 // from section 4.6.
 type GetEntriesResponse struct {
 	Entries []LeafEntry `json:"entries"` // the list of returned entries
diff --git a/vendor/github.com/google/certificate-transparency-go/x509/root_unix.go b/vendor/github.com/google/certificate-transparency-go/x509/root_unix.go
index d00842a81..8f2821b1d 100644
--- a/vendor/github.com/google/certificate-transparency-go/x509/root_unix.go
+++ b/vendor/github.com/google/certificate-transparency-go/x509/root_unix.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build dragonfly || freebsd || linux || netbsd || openbsd || solaris
-// +build dragonfly freebsd linux netbsd openbsd solaris
+//go:build dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build dragonfly freebsd linux netbsd openbsd solaris zos
 
 package x509
 
diff --git a/vendor/github.com/google/certificate-transparency-go/x509/root_wasip1.go b/vendor/github.com/google/certificate-transparency-go/x509/root_wasip1.go
new file mode 100644
index 000000000..e5cf98e0a
--- /dev/null
+++ b/vendor/github.com/google/certificate-transparency-go/x509/root_wasip1.go
@@ -0,0 +1,19 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build wasip1
+// +build wasip1
+
+package x509
+
+// Possible certificate files; stop after finding one.
+var certFiles = []string{}
+
+func loadSystemRoots() (*CertPool, error) {
+	return NewCertPool(), nil
+}
+
+func (c *Certificate) systemVerify(opts *VerifyOptions) (chains [][]*Certificate, err error) {
+	return nil, nil
+}
diff --git a/vendor/github.com/google/certificate-transparency-go/x509/root_zos.go b/vendor/github.com/google/certificate-transparency-go/x509/root_zos.go
new file mode 100644
index 000000000..54f240af0
--- /dev/null
+++ b/vendor/github.com/google/certificate-transparency-go/x509/root_zos.go
@@ -0,0 +1,13 @@
+// Copyright 2015 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos
+// +build zos
+
+package x509
+
+// Possible certificate files; stop after finding one.
+var certFiles = []string{
+	"/etc/cacert.pem", // IBM zOS default
+}
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/LICENSE b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/LICENSE
similarity index 100%
rename from vendor/github.com/matttproud/golang_protobuf_extensions/LICENSE
rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/LICENSE
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/NOTICE b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/NOTICE
similarity index 100%
rename from vendor/github.com/matttproud/golang_protobuf_extensions/NOTICE
rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/NOTICE
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/.gitignore b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/.gitignore
similarity index 100%
rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/.gitignore
rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/.gitignore
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/Makefile b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/Makefile
similarity index 100%
rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/Makefile
rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/Makefile
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/decode.go b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go
similarity index 83%
rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/decode.go
rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go
index 258c0636a..7c08e564f 100644
--- a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/decode.go
+++ b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go
@@ -19,9 +19,10 @@ import (
 	"errors"
 	"io"
 
-	"github.com/golang/protobuf/proto"
+	"google.golang.org/protobuf/proto"
 )
 
+// TODO: Give error package name prefix in next minor release.
 var errInvalidVarint = errors.New("invalid varint32 encountered")
 
 // ReadDelimited decodes a message from the provided length-delimited stream,
@@ -36,6 +37,12 @@ var errInvalidVarint = errors.New("invalid varint32 encountered")
 // of the stream has been reached in doing so.  In that case, any subsequent
 // calls return (0, io.EOF).
 func ReadDelimited(r io.Reader, m proto.Message) (n int, err error) {
+	// TODO: Consider allowing the caller to specify a decode buffer in the
+	// next major version.
+
+	// TODO: Consider using error wrapping to annotate error state in pass-
+	// through cases in the next minor version.
+
 	// Per AbstractParser#parsePartialDelimitedFrom with
 	// CodedInputStream#readRawVarint32.
 	var headerBuf [binary.MaxVarintLen32]byte
@@ -53,15 +60,14 @@ func ReadDelimited(r io.Reader, m proto.Message) (n int, err error) {
 			if err != nil {
 				return bytesRead, err
 			}
-			// A Reader should not return (0, nil), but if it does,
-			// it should be treated as no-op (according to the
-			// Reader contract). So let's go on...
+			// A Reader should not return (0, nil); but if it does, it should
+			// be treated as no-op according to the Reader contract.
 			continue
 		}
 		bytesRead += newBytesRead
 		// Now present everything read so far to the varint decoder and
 		// see if a varint can be decoded already.
-		messageLength, varIntBytes = proto.DecodeVarint(headerBuf[:bytesRead])
+		messageLength, varIntBytes = binary.Uvarint(headerBuf[:bytesRead])
 	}
 
 	messageBuf := make([]byte, messageLength)
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/doc.go b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/doc.go
similarity index 100%
rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/doc.go
rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/doc.go
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/encode.go b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go
similarity index 91%
rename from vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/encode.go
rename to vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go
index 8fb59ad22..e58dd9d29 100644
--- a/vendor/github.com/matttproud/golang_protobuf_extensions/pbutil/encode.go
+++ b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go
@@ -18,7 +18,7 @@ import (
 	"encoding/binary"
 	"io"
 
-	"github.com/golang/protobuf/proto"
+	"google.golang.org/protobuf/proto"
 )
 
 // WriteDelimited encodes and dumps a message to the provided writer prefixed
@@ -28,6 +28,9 @@ import (
 // number of bytes written and any applicable error.  This is roughly
 // equivalent to the companion Java API's MessageLite#writeDelimitedTo.
 func WriteDelimited(w io.Writer, m proto.Message) (n int, err error) {
+	// TODO: Consider allowing the caller to specify an encode buffer in the
+	// next major version.
+
 	buffer, err := proto.Marshal(m)
 	if err != nil {
 		return 0, err
diff --git a/vendor/github.com/prometheus/client_model/go/metrics.pb.go b/vendor/github.com/prometheus/client_model/go/metrics.pb.go
index 84946b270..cee360db7 100644
--- a/vendor/github.com/prometheus/client_model/go/metrics.pb.go
+++ b/vendor/github.com/prometheus/client_model/go/metrics.pb.go
@@ -474,6 +474,9 @@ type Histogram struct {
 	NegativeDelta []int64   `protobuf:"zigzag64,10,rep,name=negative_delta,json=negativeDelta" json:"negative_delta,omitempty"` // Count delta of each bucket compared to previous one (or to zero for 1st bucket).
 	NegativeCount []float64 `protobuf:"fixed64,11,rep,name=negative_count,json=negativeCount" json:"negative_count,omitempty"`  // Absolute count of each bucket.
 	// Positive buckets for the native histogram.
+	// Use a no-op span (offset 0, length 0) for a native histogram without any
+	// observations yet and with a zero_threshold of 0. Otherwise, it would be
+	// indistinguishable from a classic histogram.
 	PositiveSpan []*BucketSpan `protobuf:"bytes,12,rep,name=positive_span,json=positiveSpan" json:"positive_span,omitempty"`
 	// Use either "positive_delta" or "positive_count", the former for
 	// regular histograms with integer counts, the latter for float
diff --git a/vendor/github.com/prometheus/common/expfmt/decode.go b/vendor/github.com/prometheus/common/expfmt/decode.go
index 906397815..0ca86a3dc 100644
--- a/vendor/github.com/prometheus/common/expfmt/decode.go
+++ b/vendor/github.com/prometheus/common/expfmt/decode.go
@@ -22,7 +22,7 @@ import (
 
 	dto "github.com/prometheus/client_model/go"
 
-	"github.com/matttproud/golang_protobuf_extensions/pbutil"
+	"github.com/matttproud/golang_protobuf_extensions/v2/pbutil"
 	"github.com/prometheus/common/model"
 )
 
diff --git a/vendor/github.com/prometheus/common/expfmt/encode.go b/vendor/github.com/prometheus/common/expfmt/encode.go
index 7f611ffaa..ca2140600 100644
--- a/vendor/github.com/prometheus/common/expfmt/encode.go
+++ b/vendor/github.com/prometheus/common/expfmt/encode.go
@@ -18,7 +18,7 @@ import (
 	"io"
 	"net/http"
 
-	"github.com/matttproud/golang_protobuf_extensions/pbutil"
+	"github.com/matttproud/golang_protobuf_extensions/v2/pbutil"
 	"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg"
 	"google.golang.org/protobuf/encoding/prototext"
 
diff --git a/vendor/github.com/prometheus/procfs/Makefile.common b/vendor/github.com/prometheus/procfs/Makefile.common
index 0ce7ea461..062a28185 100644
--- a/vendor/github.com/prometheus/procfs/Makefile.common
+++ b/vendor/github.com/prometheus/procfs/Makefile.common
@@ -61,7 +61,7 @@ PROMU_URL     := https://github.com/prometheus/promu/releases/download/v$(PROMU_
 SKIP_GOLANGCI_LINT :=
 GOLANGCI_LINT :=
 GOLANGCI_LINT_OPTS ?=
-GOLANGCI_LINT_VERSION ?= v1.53.3
+GOLANGCI_LINT_VERSION ?= v1.54.2
 # golangci-lint only supports linux, darwin and windows platforms on i386/amd64.
 # windows isn't included here because of the path separator being different.
 ifeq ($(GOHOSTOS),$(filter $(GOHOSTOS),linux darwin))
diff --git a/vendor/github.com/prometheus/procfs/fs_statfs_notype.go b/vendor/github.com/prometheus/procfs/fs_statfs_notype.go
index 13d74e395..134767d69 100644
--- a/vendor/github.com/prometheus/procfs/fs_statfs_notype.go
+++ b/vendor/github.com/prometheus/procfs/fs_statfs_notype.go
@@ -11,8 +11,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-//go:build netbsd || openbsd || solaris || windows || nostatfs
-// +build netbsd openbsd solaris windows nostatfs
+//go:build !freebsd && !linux
+// +build !freebsd,!linux
 
 package procfs
 
diff --git a/vendor/github.com/prometheus/procfs/fs_statfs_type.go b/vendor/github.com/prometheus/procfs/fs_statfs_type.go
index bee151445..80df79c31 100644
--- a/vendor/github.com/prometheus/procfs/fs_statfs_type.go
+++ b/vendor/github.com/prometheus/procfs/fs_statfs_type.go
@@ -11,8 +11,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-//go:build !netbsd && !openbsd && !solaris && !windows && !nostatfs
-// +build !netbsd,!openbsd,!solaris,!windows,!nostatfs
+//go:build freebsd || linux
+// +build freebsd linux
 
 package procfs
 
diff --git a/vendor/github.com/prometheus/procfs/mountstats.go b/vendor/github.com/prometheus/procfs/mountstats.go
index 852c8c4a0..9d8af6db7 100644
--- a/vendor/github.com/prometheus/procfs/mountstats.go
+++ b/vendor/github.com/prometheus/procfs/mountstats.go
@@ -44,6 +44,14 @@ const (
 
 	fieldTransport11TCPLen = 13
 	fieldTransport11UDPLen = 10
+
+	// kernel version >= 4.14 MaxLen
+	// See: https://elixir.bootlin.com/linux/v6.4.8/source/net/sunrpc/xprtrdma/xprt_rdma.h#L393
+	fieldTransport11RDMAMaxLen = 28
+
+	// kernel version <= 4.2 MinLen
+	// See: https://elixir.bootlin.com/linux/v4.2.8/source/net/sunrpc/xprtrdma/xprt_rdma.h#L331
+	fieldTransport11RDMAMinLen = 20
 )
 
 // A Mount is a device mount parsed from /proc/[pid]/mountstats.
@@ -233,6 +241,33 @@ type NFSTransportStats struct {
 	// A running counter, incremented on each request as the current size of the
 	// pending queue.
 	CumulativePendingQueue uint64
+
+	// Stats below only available with stat version 1.1.
+	// Transport over RDMA
+
+	// accessed when sending a call
+	ReadChunkCount   uint64
+	WriteChunkCount  uint64
+	ReplyChunkCount  uint64
+	TotalRdmaRequest uint64
+
+	// rarely accessed error counters
+	PullupCopyCount      uint64
+	HardwayRegisterCount uint64
+	FailedMarshalCount   uint64
+	BadReplyCount        uint64
+	MrsRecovered         uint64
+	MrsOrphaned          uint64
+	MrsAllocated         uint64
+	EmptySendctxQ        uint64
+
+	// accessed when receiving a reply
+	TotalRdmaReply    uint64
+	FixupCopyCount    uint64
+	ReplyWaitsForSend uint64
+	LocalInvNeeded    uint64
+	NomsgCallCount    uint64
+	BcallCount        uint64
 }
 
 // parseMountStats parses a /proc/[pid]/mountstats file and returns a slice
@@ -587,14 +622,17 @@ func parseNFSTransportStats(ss []string, statVersion string) (*NFSTransportStats
 			expectedLength = fieldTransport11TCPLen
 		} else if protocol == "udp" {
 			expectedLength = fieldTransport11UDPLen
+		} else if protocol == "rdma" {
+			expectedLength = fieldTransport11RDMAMinLen
 		} else {
 			return nil, fmt.Errorf("%w: invalid NFS protocol \"%s\" in stats 1.1 statement: %v", ErrFileParse, protocol, ss)
 		}
-		if len(ss) != expectedLength {
-			return nil, fmt.Errorf("%w: invalid NFS transport stats 1.1 statement: %v", ErrFileParse, ss)
+		if (len(ss) != expectedLength && (protocol == "tcp" || protocol == "udp")) ||
+			(protocol == "rdma" && len(ss) < expectedLength) {
+			return nil, fmt.Errorf("%w: invalid NFS transport stats 1.1 statement: %v, protocol: %v", ErrFileParse, ss, protocol)
 		}
 	default:
-		return nil, fmt.Errorf("%s: Unrecognized NFS transport stats version: %q", ErrFileParse, statVersion)
+		return nil, fmt.Errorf("%s: Unrecognized NFS transport stats version: %q, protocol: %v", ErrFileParse, statVersion, protocol)
 	}
 
 	// Allocate enough for v1.1 stats since zero value for v1.1 stats will be okay
@@ -604,7 +642,9 @@ func parseNFSTransportStats(ss []string, statVersion string) (*NFSTransportStats
 	// Note: slice length must be set to length of v1.1 stats to avoid a panic when
 	// only v1.0 stats are present.
 	// See: https://github.com/prometheus/node_exporter/issues/571.
-	ns := make([]uint64, fieldTransport11TCPLen)
+	//
+	// Note: NFS Over RDMA slice length is fieldTransport11RDMAMaxLen
+	ns := make([]uint64, fieldTransport11RDMAMaxLen+3)
 	for i, s := range ss {
 		n, err := strconv.ParseUint(s, 10, 64)
 		if err != nil {
@@ -622,9 +662,14 @@ func parseNFSTransportStats(ss []string, statVersion string) (*NFSTransportStats
 	// we set them to 0 here.
 	if protocol == "udp" {
 		ns = append(ns[:2], append(make([]uint64, 3), ns[2:]...)...)
+	} else if protocol == "tcp" {
+		ns = append(ns[:fieldTransport11TCPLen], make([]uint64, fieldTransport11RDMAMaxLen-fieldTransport11TCPLen+3)...)
+	} else if protocol == "rdma" {
+		ns = append(ns[:fieldTransport10TCPLen], append(make([]uint64, 3), ns[fieldTransport10TCPLen:]...)...)
 	}
 
 	return &NFSTransportStats{
+		// NFS xprt over tcp or udp
 		Protocol:                 protocol,
 		Port:                     ns[0],
 		Bind:                     ns[1],
@@ -636,8 +681,32 @@ func parseNFSTransportStats(ss []string, statVersion string) (*NFSTransportStats
 		BadTransactionIDs:        ns[7],
 		CumulativeActiveRequests: ns[8],
 		CumulativeBacklog:        ns[9],
-		MaximumRPCSlotsUsed:      ns[10],
-		CumulativeSendingQueue:   ns[11],
-		CumulativePendingQueue:   ns[12],
+
+		// NFS xprt over tcp or udp
+		// And statVersion 1.1
+		MaximumRPCSlotsUsed:    ns[10],
+		CumulativeSendingQueue: ns[11],
+		CumulativePendingQueue: ns[12],
+
+		// NFS xprt over rdma
+		// And stat Version 1.1
+		ReadChunkCount:       ns[13],
+		WriteChunkCount:      ns[14],
+		ReplyChunkCount:      ns[15],
+		TotalRdmaRequest:     ns[16],
+		PullupCopyCount:      ns[17],
+		HardwayRegisterCount: ns[18],
+		FailedMarshalCount:   ns[19],
+		BadReplyCount:        ns[20],
+		MrsRecovered:         ns[21],
+		MrsOrphaned:          ns[22],
+		MrsAllocated:         ns[23],
+		EmptySendctxQ:        ns[24],
+		TotalRdmaReply:       ns[25],
+		FixupCopyCount:       ns[26],
+		ReplyWaitsForSend:    ns[27],
+		LocalInvNeeded:       ns[28],
+		NomsgCallCount:       ns[29],
+		BcallCount:           ns[30],
 	}, nil
 }
diff --git a/vendor/github.com/prometheus/procfs/proc_fdinfo.go b/vendor/github.com/prometheus/procfs/proc_fdinfo.go
index 4b7933e4f..fa761b352 100644
--- a/vendor/github.com/prometheus/procfs/proc_fdinfo.go
+++ b/vendor/github.com/prometheus/procfs/proc_fdinfo.go
@@ -26,6 +26,7 @@ var (
 	rPos          = regexp.MustCompile(`^pos:\s+(\d+)$`)
 	rFlags        = regexp.MustCompile(`^flags:\s+(\d+)$`)
 	rMntID        = regexp.MustCompile(`^mnt_id:\s+(\d+)$`)
+	rIno          = regexp.MustCompile(`^ino:\s+(\d+)$`)
 	rInotify      = regexp.MustCompile(`^inotify`)
 	rInotifyParts = regexp.MustCompile(`^inotify\s+wd:([0-9a-f]+)\s+ino:([0-9a-f]+)\s+sdev:([0-9a-f]+)(?:\s+mask:([0-9a-f]+))?`)
 )
@@ -40,6 +41,8 @@ type ProcFDInfo struct {
 	Flags string
 	// Mount point ID
 	MntID string
+	// Inode number
+	Ino string
 	// List of inotify lines (structured) in the fdinfo file (kernel 3.8+ only)
 	InotifyInfos []InotifyInfo
 }
@@ -51,7 +54,7 @@ func (p Proc) FDInfo(fd string) (*ProcFDInfo, error) {
 		return nil, err
 	}
 
-	var text, pos, flags, mntid string
+	var text, pos, flags, mntid, ino string
 	var inotify []InotifyInfo
 
 	scanner := bufio.NewScanner(bytes.NewReader(data))
@@ -63,6 +66,8 @@ func (p Proc) FDInfo(fd string) (*ProcFDInfo, error) {
 			flags = rFlags.FindStringSubmatch(text)[1]
 		} else if rMntID.MatchString(text) {
 			mntid = rMntID.FindStringSubmatch(text)[1]
+		} else if rIno.MatchString(text) {
+			ino = rIno.FindStringSubmatch(text)[1]
 		} else if rInotify.MatchString(text) {
 			newInotify, err := parseInotifyInfo(text)
 			if err != nil {
@@ -77,6 +82,7 @@ func (p Proc) FDInfo(fd string) (*ProcFDInfo, error) {
 		Pos:          pos,
 		Flags:        flags,
 		MntID:        mntid,
+		Ino:          ino,
 		InotifyInfos: inotify,
 	}
 
diff --git a/vendor/github.com/prometheus/procfs/proc_maps.go b/vendor/github.com/prometheus/procfs/proc_maps.go
index 727549a13..7e75c286b 100644
--- a/vendor/github.com/prometheus/procfs/proc_maps.go
+++ b/vendor/github.com/prometheus/procfs/proc_maps.go
@@ -63,17 +63,17 @@ type ProcMap struct {
 // parseDevice parses the device token of a line and converts it to a dev_t
 // (mkdev) like structure.
 func parseDevice(s string) (uint64, error) {
-	toks := strings.Split(s, ":")
-	if len(toks) < 2 {
-		return 0, fmt.Errorf("%w: unexpected number of fields, expected: 2, got: %q", ErrFileParse, len(toks))
+	i := strings.Index(s, ":")
+	if i == -1 {
+		return 0, fmt.Errorf("%w: expected separator `:` in %s", ErrFileParse, s)
 	}
 
-	major, err := strconv.ParseUint(toks[0], 16, 0)
+	major, err := strconv.ParseUint(s[0:i], 16, 0)
 	if err != nil {
 		return 0, err
 	}
 
-	minor, err := strconv.ParseUint(toks[1], 16, 0)
+	minor, err := strconv.ParseUint(s[i+1:], 16, 0)
 	if err != nil {
 		return 0, err
 	}
@@ -93,17 +93,17 @@ func parseAddress(s string) (uintptr, error) {
 
 // parseAddresses parses the start-end address.
 func parseAddresses(s string) (uintptr, uintptr, error) {
-	toks := strings.Split(s, "-")
-	if len(toks) < 2 {
-		return 0, 0, fmt.Errorf("%w: invalid address", ErrFileParse)
+	idx := strings.Index(s, "-")
+	if idx == -1 {
+		return 0, 0, fmt.Errorf("%w: expected separator `-` in %s", ErrFileParse, s)
 	}
 
-	saddr, err := parseAddress(toks[0])
+	saddr, err := parseAddress(s[0:idx])
 	if err != nil {
 		return 0, 0, err
 	}
 
-	eaddr, err := parseAddress(toks[1])
+	eaddr, err := parseAddress(s[idx+1:])
 	if err != nil {
 		return 0, 0, err
 	}
diff --git a/vendor/github.com/prometheus/procfs/proc_status.go b/vendor/github.com/prometheus/procfs/proc_status.go
index c055d075d..46307f572 100644
--- a/vendor/github.com/prometheus/procfs/proc_status.go
+++ b/vendor/github.com/prometheus/procfs/proc_status.go
@@ -23,7 +23,7 @@ import (
 )
 
 // ProcStatus provides status information about the process,
-// read from /proc/[pid]/stat.
+// read from /proc/[pid]/status.
 type ProcStatus struct {
 	// The process ID.
 	PID int
@@ -32,6 +32,8 @@ type ProcStatus struct {
 
 	// Thread group ID.
 	TGID int
+	// List of Pid namespace.
+	NSpids []uint64
 
 	// Peak virtual memory size.
 	VmPeak uint64 // nolint:revive
@@ -127,6 +129,8 @@ func (s *ProcStatus) fillStatus(k string, vString string, vUint uint64, vUintByt
 		copy(s.UIDs[:], strings.Split(vString, "\t"))
 	case "Gid":
 		copy(s.GIDs[:], strings.Split(vString, "\t"))
+	case "NSpid":
+		s.NSpids = calcNSPidsList(vString)
 	case "VmPeak":
 		s.VmPeak = vUintBytes
 	case "VmSize":
@@ -200,3 +204,18 @@ func calcCpusAllowedList(cpuString string) []uint64 {
 	sort.Slice(g, func(i, j int) bool { return g[i] < g[j] })
 	return g
 }
+
+func calcNSPidsList(nspidsString string) []uint64 {
+	s := strings.Split(nspidsString, " ")
+	var nspids []uint64
+
+	for _, nspid := range s {
+		nspid, _ := strconv.ParseUint(nspid, 10, 64)
+		if nspid == 0 {
+			continue
+		}
+		nspids = append(nspids, nspid)
+	}
+
+	return nspids
+}
diff --git a/vendor/google.golang.org/protobuf/reflect/protodesc/desc.go b/vendor/google.golang.org/protobuf/reflect/protodesc/desc.go
deleted file mode 100644
index e4dfb1205..000000000
--- a/vendor/google.golang.org/protobuf/reflect/protodesc/desc.go
+++ /dev/null
@@ -1,276 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package protodesc provides functionality for converting
-// FileDescriptorProto messages to/from protoreflect.FileDescriptor values.
-//
-// The google.protobuf.FileDescriptorProto is a protobuf message that describes
-// the type information for a .proto file in a form that is easily serializable.
-// The protoreflect.FileDescriptor is a more structured representation of
-// the FileDescriptorProto message where references and remote dependencies
-// can be directly followed.
-package protodesc
-
-import (
-	"google.golang.org/protobuf/internal/errors"
-	"google.golang.org/protobuf/internal/filedesc"
-	"google.golang.org/protobuf/internal/pragma"
-	"google.golang.org/protobuf/internal/strs"
-	"google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-
-	"google.golang.org/protobuf/types/descriptorpb"
-)
-
-// Resolver is the resolver used by NewFile to resolve dependencies.
-// The enums and messages provided must belong to some parent file,
-// which is also registered.
-//
-// It is implemented by protoregistry.Files.
-type Resolver interface {
-	FindFileByPath(string) (protoreflect.FileDescriptor, error)
-	FindDescriptorByName(protoreflect.FullName) (protoreflect.Descriptor, error)
-}
-
-// FileOptions configures the construction of file descriptors.
-type FileOptions struct {
-	pragma.NoUnkeyedLiterals
-
-	// AllowUnresolvable configures New to permissively allow unresolvable
-	// file, enum, or message dependencies. Unresolved dependencies are replaced
-	// by placeholder equivalents.
-	//
-	// The following dependencies may be left unresolved:
-	//	• Resolving an imported file.
-	//	• Resolving the type for a message field or extension field.
-	//	If the kind of the field is unknown, then a placeholder is used for both
-	//	the Enum and Message accessors on the protoreflect.FieldDescriptor.
-	//	• Resolving an enum value set as the default for an optional enum field.
-	//	If unresolvable, the protoreflect.FieldDescriptor.Default is set to the
-	//	first value in the associated enum (or zero if the also enum dependency
-	//	is also unresolvable). The protoreflect.FieldDescriptor.DefaultEnumValue
-	//	is populated with a placeholder.
-	//	• Resolving the extended message type for an extension field.
-	//	• Resolving the input or output message type for a service method.
-	//
-	// If the unresolved dependency uses a relative name,
-	// then the placeholder will contain an invalid FullName with a "*." prefix,
-	// indicating that the starting prefix of the full name is unknown.
-	AllowUnresolvable bool
-}
-
-// NewFile creates a new protoreflect.FileDescriptor from the provided
-// file descriptor message. See FileOptions.New for more information.
-func NewFile(fd *descriptorpb.FileDescriptorProto, r Resolver) (protoreflect.FileDescriptor, error) {
-	return FileOptions{}.New(fd, r)
-}
-
-// NewFiles creates a new protoregistry.Files from the provided
-// FileDescriptorSet message. See FileOptions.NewFiles for more information.
-func NewFiles(fd *descriptorpb.FileDescriptorSet) (*protoregistry.Files, error) {
-	return FileOptions{}.NewFiles(fd)
-}
-
-// New creates a new protoreflect.FileDescriptor from the provided
-// file descriptor message. The file must represent a valid proto file according
-// to protobuf semantics. The returned descriptor is a deep copy of the input.
-//
-// Any imported files, enum types, or message types referenced in the file are
-// resolved using the provided registry. When looking up an import file path,
-// the path must be unique. The newly created file descriptor is not registered
-// back into the provided file registry.
-func (o FileOptions) New(fd *descriptorpb.FileDescriptorProto, r Resolver) (protoreflect.FileDescriptor, error) {
-	if r == nil {
-		r = (*protoregistry.Files)(nil) // empty resolver
-	}
-
-	// Handle the file descriptor content.
-	f := &filedesc.File{L2: &filedesc.FileL2{}}
-	switch fd.GetSyntax() {
-	case "proto2", "":
-		f.L1.Syntax = protoreflect.Proto2
-	case "proto3":
-		f.L1.Syntax = protoreflect.Proto3
-	default:
-		return nil, errors.New("invalid syntax: %q", fd.GetSyntax())
-	}
-	f.L1.Path = fd.GetName()
-	if f.L1.Path == "" {
-		return nil, errors.New("file path must be populated")
-	}
-	f.L1.Package = protoreflect.FullName(fd.GetPackage())
-	if !f.L1.Package.IsValid() && f.L1.Package != "" {
-		return nil, errors.New("invalid package: %q", f.L1.Package)
-	}
-	if opts := fd.GetOptions(); opts != nil {
-		opts = proto.Clone(opts).(*descriptorpb.FileOptions)
-		f.L2.Options = func() protoreflect.ProtoMessage { return opts }
-	}
-
-	f.L2.Imports = make(filedesc.FileImports, len(fd.GetDependency()))
-	for _, i := range fd.GetPublicDependency() {
-		if !(0 <= i && int(i) < len(f.L2.Imports)) || f.L2.Imports[i].IsPublic {
-			return nil, errors.New("invalid or duplicate public import index: %d", i)
-		}
-		f.L2.Imports[i].IsPublic = true
-	}
-	for _, i := range fd.GetWeakDependency() {
-		if !(0 <= i && int(i) < len(f.L2.Imports)) || f.L2.Imports[i].IsWeak {
-			return nil, errors.New("invalid or duplicate weak import index: %d", i)
-		}
-		f.L2.Imports[i].IsWeak = true
-	}
-	imps := importSet{f.Path(): true}
-	for i, path := range fd.GetDependency() {
-		imp := &f.L2.Imports[i]
-		f, err := r.FindFileByPath(path)
-		if err == protoregistry.NotFound && (o.AllowUnresolvable || imp.IsWeak) {
-			f = filedesc.PlaceholderFile(path)
-		} else if err != nil {
-			return nil, errors.New("could not resolve import %q: %v", path, err)
-		}
-		imp.FileDescriptor = f
-
-		if imps[imp.Path()] {
-			return nil, errors.New("already imported %q", path)
-		}
-		imps[imp.Path()] = true
-	}
-	for i := range fd.GetDependency() {
-		imp := &f.L2.Imports[i]
-		imps.importPublic(imp.Imports())
-	}
-
-	// Handle source locations.
-	f.L2.Locations.File = f
-	for _, loc := range fd.GetSourceCodeInfo().GetLocation() {
-		var l protoreflect.SourceLocation
-		// TODO: Validate that the path points to an actual declaration?
-		l.Path = protoreflect.SourcePath(loc.GetPath())
-		s := loc.GetSpan()
-		switch len(s) {
-		case 3:
-			l.StartLine, l.StartColumn, l.EndLine, l.EndColumn = int(s[0]), int(s[1]), int(s[0]), int(s[2])
-		case 4:
-			l.StartLine, l.StartColumn, l.EndLine, l.EndColumn = int(s[0]), int(s[1]), int(s[2]), int(s[3])
-		default:
-			return nil, errors.New("invalid span: %v", s)
-		}
-		// TODO: Validate that the span information is sensible?
-		// See https://github.com/protocolbuffers/protobuf/issues/6378.
-		if false && (l.EndLine < l.StartLine || l.StartLine < 0 || l.StartColumn < 0 || l.EndColumn < 0 ||
-			(l.StartLine == l.EndLine && l.EndColumn <= l.StartColumn)) {
-			return nil, errors.New("invalid span: %v", s)
-		}
-		l.LeadingDetachedComments = loc.GetLeadingDetachedComments()
-		l.LeadingComments = loc.GetLeadingComments()
-		l.TrailingComments = loc.GetTrailingComments()
-		f.L2.Locations.List = append(f.L2.Locations.List, l)
-	}
-
-	// Step 1: Allocate and derive the names for all declarations.
-	// This copies all fields from the descriptor proto except:
-	//	google.protobuf.FieldDescriptorProto.type_name
-	//	google.protobuf.FieldDescriptorProto.default_value
-	//	google.protobuf.FieldDescriptorProto.oneof_index
-	//	google.protobuf.FieldDescriptorProto.extendee
-	//	google.protobuf.MethodDescriptorProto.input
-	//	google.protobuf.MethodDescriptorProto.output
-	var err error
-	sb := new(strs.Builder)
-	r1 := make(descsByName)
-	if f.L1.Enums.List, err = r1.initEnumDeclarations(fd.GetEnumType(), f, sb); err != nil {
-		return nil, err
-	}
-	if f.L1.Messages.List, err = r1.initMessagesDeclarations(fd.GetMessageType(), f, sb); err != nil {
-		return nil, err
-	}
-	if f.L1.Extensions.List, err = r1.initExtensionDeclarations(fd.GetExtension(), f, sb); err != nil {
-		return nil, err
-	}
-	if f.L1.Services.List, err = r1.initServiceDeclarations(fd.GetService(), f, sb); err != nil {
-		return nil, err
-	}
-
-	// Step 2: Resolve every dependency reference not handled by step 1.
-	r2 := &resolver{local: r1, remote: r, imports: imps, allowUnresolvable: o.AllowUnresolvable}
-	if err := r2.resolveMessageDependencies(f.L1.Messages.List, fd.GetMessageType()); err != nil {
-		return nil, err
-	}
-	if err := r2.resolveExtensionDependencies(f.L1.Extensions.List, fd.GetExtension()); err != nil {
-		return nil, err
-	}
-	if err := r2.resolveServiceDependencies(f.L1.Services.List, fd.GetService()); err != nil {
-		return nil, err
-	}
-
-	// Step 3: Validate every enum, message, and extension declaration.
-	if err := validateEnumDeclarations(f.L1.Enums.List, fd.GetEnumType()); err != nil {
-		return nil, err
-	}
-	if err := validateMessageDeclarations(f.L1.Messages.List, fd.GetMessageType()); err != nil {
-		return nil, err
-	}
-	if err := validateExtensionDeclarations(f.L1.Extensions.List, fd.GetExtension()); err != nil {
-		return nil, err
-	}
-
-	return f, nil
-}
-
-type importSet map[string]bool
-
-func (is importSet) importPublic(imps protoreflect.FileImports) {
-	for i := 0; i < imps.Len(); i++ {
-		if imp := imps.Get(i); imp.IsPublic {
-			is[imp.Path()] = true
-			is.importPublic(imp.Imports())
-		}
-	}
-}
-
-// NewFiles creates a new protoregistry.Files from the provided
-// FileDescriptorSet message. The descriptor set must include only
-// valid files according to protobuf semantics. The returned descriptors
-// are a deep copy of the input.
-func (o FileOptions) NewFiles(fds *descriptorpb.FileDescriptorSet) (*protoregistry.Files, error) {
-	files := make(map[string]*descriptorpb.FileDescriptorProto)
-	for _, fd := range fds.File {
-		if _, ok := files[fd.GetName()]; ok {
-			return nil, errors.New("file appears multiple times: %q", fd.GetName())
-		}
-		files[fd.GetName()] = fd
-	}
-	r := &protoregistry.Files{}
-	for _, fd := range files {
-		if err := o.addFileDeps(r, fd, files); err != nil {
-			return nil, err
-		}
-	}
-	return r, nil
-}
-func (o FileOptions) addFileDeps(r *protoregistry.Files, fd *descriptorpb.FileDescriptorProto, files map[string]*descriptorpb.FileDescriptorProto) error {
-	// Set the entry to nil while descending into a file's dependencies to detect cycles.
-	files[fd.GetName()] = nil
-	for _, dep := range fd.Dependency {
-		depfd, ok := files[dep]
-		if depfd == nil {
-			if ok {
-				return errors.New("import cycle in file: %q", dep)
-			}
-			continue
-		}
-		if err := o.addFileDeps(r, depfd, files); err != nil {
-			return err
-		}
-	}
-	// Delete the entry once dependencies are processed.
-	delete(files, fd.GetName())
-	f, err := o.New(fd, r)
-	if err != nil {
-		return err
-	}
-	return r.RegisterFile(f)
-}
diff --git a/vendor/google.golang.org/protobuf/reflect/protodesc/desc_init.go b/vendor/google.golang.org/protobuf/reflect/protodesc/desc_init.go
deleted file mode 100644
index 37efda1af..000000000
--- a/vendor/google.golang.org/protobuf/reflect/protodesc/desc_init.go
+++ /dev/null
@@ -1,248 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package protodesc
-
-import (
-	"google.golang.org/protobuf/internal/errors"
-	"google.golang.org/protobuf/internal/filedesc"
-	"google.golang.org/protobuf/internal/strs"
-	"google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-
-	"google.golang.org/protobuf/types/descriptorpb"
-)
-
-type descsByName map[protoreflect.FullName]protoreflect.Descriptor
-
-func (r descsByName) initEnumDeclarations(eds []*descriptorpb.EnumDescriptorProto, parent protoreflect.Descriptor, sb *strs.Builder) (es []filedesc.Enum, err error) {
-	es = make([]filedesc.Enum, len(eds)) // allocate up-front to ensure stable pointers
-	for i, ed := range eds {
-		e := &es[i]
-		e.L2 = new(filedesc.EnumL2)
-		if e.L0, err = r.makeBase(e, parent, ed.GetName(), i, sb); err != nil {
-			return nil, err
-		}
-		if opts := ed.GetOptions(); opts != nil {
-			opts = proto.Clone(opts).(*descriptorpb.EnumOptions)
-			e.L2.Options = func() protoreflect.ProtoMessage { return opts }
-		}
-		for _, s := range ed.GetReservedName() {
-			e.L2.ReservedNames.List = append(e.L2.ReservedNames.List, protoreflect.Name(s))
-		}
-		for _, rr := range ed.GetReservedRange() {
-			e.L2.ReservedRanges.List = append(e.L2.ReservedRanges.List, [2]protoreflect.EnumNumber{
-				protoreflect.EnumNumber(rr.GetStart()),
-				protoreflect.EnumNumber(rr.GetEnd()),
-			})
-		}
-		if e.L2.Values.List, err = r.initEnumValuesFromDescriptorProto(ed.GetValue(), e, sb); err != nil {
-			return nil, err
-		}
-	}
-	return es, nil
-}
-
-func (r descsByName) initEnumValuesFromDescriptorProto(vds []*descriptorpb.EnumValueDescriptorProto, parent protoreflect.Descriptor, sb *strs.Builder) (vs []filedesc.EnumValue, err error) {
-	vs = make([]filedesc.EnumValue, len(vds)) // allocate up-front to ensure stable pointers
-	for i, vd := range vds {
-		v := &vs[i]
-		if v.L0, err = r.makeBase(v, parent, vd.GetName(), i, sb); err != nil {
-			return nil, err
-		}
-		if opts := vd.GetOptions(); opts != nil {
-			opts = proto.Clone(opts).(*descriptorpb.EnumValueOptions)
-			v.L1.Options = func() protoreflect.ProtoMessage { return opts }
-		}
-		v.L1.Number = protoreflect.EnumNumber(vd.GetNumber())
-	}
-	return vs, nil
-}
-
-func (r descsByName) initMessagesDeclarations(mds []*descriptorpb.DescriptorProto, parent protoreflect.Descriptor, sb *strs.Builder) (ms []filedesc.Message, err error) {
-	ms = make([]filedesc.Message, len(mds)) // allocate up-front to ensure stable pointers
-	for i, md := range mds {
-		m := &ms[i]
-		m.L2 = new(filedesc.MessageL2)
-		if m.L0, err = r.makeBase(m, parent, md.GetName(), i, sb); err != nil {
-			return nil, err
-		}
-		if opts := md.GetOptions(); opts != nil {
-			opts = proto.Clone(opts).(*descriptorpb.MessageOptions)
-			m.L2.Options = func() protoreflect.ProtoMessage { return opts }
-			m.L1.IsMapEntry = opts.GetMapEntry()
-			m.L1.IsMessageSet = opts.GetMessageSetWireFormat()
-		}
-		for _, s := range md.GetReservedName() {
-			m.L2.ReservedNames.List = append(m.L2.ReservedNames.List, protoreflect.Name(s))
-		}
-		for _, rr := range md.GetReservedRange() {
-			m.L2.ReservedRanges.List = append(m.L2.ReservedRanges.List, [2]protoreflect.FieldNumber{
-				protoreflect.FieldNumber(rr.GetStart()),
-				protoreflect.FieldNumber(rr.GetEnd()),
-			})
-		}
-		for _, xr := range md.GetExtensionRange() {
-			m.L2.ExtensionRanges.List = append(m.L2.ExtensionRanges.List, [2]protoreflect.FieldNumber{
-				protoreflect.FieldNumber(xr.GetStart()),
-				protoreflect.FieldNumber(xr.GetEnd()),
-			})
-			var optsFunc func() protoreflect.ProtoMessage
-			if opts := xr.GetOptions(); opts != nil {
-				opts = proto.Clone(opts).(*descriptorpb.ExtensionRangeOptions)
-				optsFunc = func() protoreflect.ProtoMessage { return opts }
-			}
-			m.L2.ExtensionRangeOptions = append(m.L2.ExtensionRangeOptions, optsFunc)
-		}
-		if m.L2.Fields.List, err = r.initFieldsFromDescriptorProto(md.GetField(), m, sb); err != nil {
-			return nil, err
-		}
-		if m.L2.Oneofs.List, err = r.initOneofsFromDescriptorProto(md.GetOneofDecl(), m, sb); err != nil {
-			return nil, err
-		}
-		if m.L1.Enums.List, err = r.initEnumDeclarations(md.GetEnumType(), m, sb); err != nil {
-			return nil, err
-		}
-		if m.L1.Messages.List, err = r.initMessagesDeclarations(md.GetNestedType(), m, sb); err != nil {
-			return nil, err
-		}
-		if m.L1.Extensions.List, err = r.initExtensionDeclarations(md.GetExtension(), m, sb); err != nil {
-			return nil, err
-		}
-	}
-	return ms, nil
-}
-
-func (r descsByName) initFieldsFromDescriptorProto(fds []*descriptorpb.FieldDescriptorProto, parent protoreflect.Descriptor, sb *strs.Builder) (fs []filedesc.Field, err error) {
-	fs = make([]filedesc.Field, len(fds)) // allocate up-front to ensure stable pointers
-	for i, fd := range fds {
-		f := &fs[i]
-		if f.L0, err = r.makeBase(f, parent, fd.GetName(), i, sb); err != nil {
-			return nil, err
-		}
-		f.L1.IsProto3Optional = fd.GetProto3Optional()
-		if opts := fd.GetOptions(); opts != nil {
-			opts = proto.Clone(opts).(*descriptorpb.FieldOptions)
-			f.L1.Options = func() protoreflect.ProtoMessage { return opts }
-			f.L1.IsWeak = opts.GetWeak()
-			f.L1.HasPacked = opts.Packed != nil
-			f.L1.IsPacked = opts.GetPacked()
-		}
-		f.L1.Number = protoreflect.FieldNumber(fd.GetNumber())
-		f.L1.Cardinality = protoreflect.Cardinality(fd.GetLabel())
-		if fd.Type != nil {
-			f.L1.Kind = protoreflect.Kind(fd.GetType())
-		}
-		if fd.JsonName != nil {
-			f.L1.StringName.InitJSON(fd.GetJsonName())
-		}
-	}
-	return fs, nil
-}
-
-func (r descsByName) initOneofsFromDescriptorProto(ods []*descriptorpb.OneofDescriptorProto, parent protoreflect.Descriptor, sb *strs.Builder) (os []filedesc.Oneof, err error) {
-	os = make([]filedesc.Oneof, len(ods)) // allocate up-front to ensure stable pointers
-	for i, od := range ods {
-		o := &os[i]
-		if o.L0, err = r.makeBase(o, parent, od.GetName(), i, sb); err != nil {
-			return nil, err
-		}
-		if opts := od.GetOptions(); opts != nil {
-			opts = proto.Clone(opts).(*descriptorpb.OneofOptions)
-			o.L1.Options = func() protoreflect.ProtoMessage { return opts }
-		}
-	}
-	return os, nil
-}
-
-func (r descsByName) initExtensionDeclarations(xds []*descriptorpb.FieldDescriptorProto, parent protoreflect.Descriptor, sb *strs.Builder) (xs []filedesc.Extension, err error) {
-	xs = make([]filedesc.Extension, len(xds)) // allocate up-front to ensure stable pointers
-	for i, xd := range xds {
-		x := &xs[i]
-		x.L2 = new(filedesc.ExtensionL2)
-		if x.L0, err = r.makeBase(x, parent, xd.GetName(), i, sb); err != nil {
-			return nil, err
-		}
-		if opts := xd.GetOptions(); opts != nil {
-			opts = proto.Clone(opts).(*descriptorpb.FieldOptions)
-			x.L2.Options = func() protoreflect.ProtoMessage { return opts }
-			x.L2.IsPacked = opts.GetPacked()
-		}
-		x.L1.Number = protoreflect.FieldNumber(xd.GetNumber())
-		x.L1.Cardinality = protoreflect.Cardinality(xd.GetLabel())
-		if xd.Type != nil {
-			x.L1.Kind = protoreflect.Kind(xd.GetType())
-		}
-		if xd.JsonName != nil {
-			x.L2.StringName.InitJSON(xd.GetJsonName())
-		}
-	}
-	return xs, nil
-}
-
-func (r descsByName) initServiceDeclarations(sds []*descriptorpb.ServiceDescriptorProto, parent protoreflect.Descriptor, sb *strs.Builder) (ss []filedesc.Service, err error) {
-	ss = make([]filedesc.Service, len(sds)) // allocate up-front to ensure stable pointers
-	for i, sd := range sds {
-		s := &ss[i]
-		s.L2 = new(filedesc.ServiceL2)
-		if s.L0, err = r.makeBase(s, parent, sd.GetName(), i, sb); err != nil {
-			return nil, err
-		}
-		if opts := sd.GetOptions(); opts != nil {
-			opts = proto.Clone(opts).(*descriptorpb.ServiceOptions)
-			s.L2.Options = func() protoreflect.ProtoMessage { return opts }
-		}
-		if s.L2.Methods.List, err = r.initMethodsFromDescriptorProto(sd.GetMethod(), s, sb); err != nil {
-			return nil, err
-		}
-	}
-	return ss, nil
-}
-
-func (r descsByName) initMethodsFromDescriptorProto(mds []*descriptorpb.MethodDescriptorProto, parent protoreflect.Descriptor, sb *strs.Builder) (ms []filedesc.Method, err error) {
-	ms = make([]filedesc.Method, len(mds)) // allocate up-front to ensure stable pointers
-	for i, md := range mds {
-		m := &ms[i]
-		if m.L0, err = r.makeBase(m, parent, md.GetName(), i, sb); err != nil {
-			return nil, err
-		}
-		if opts := md.GetOptions(); opts != nil {
-			opts = proto.Clone(opts).(*descriptorpb.MethodOptions)
-			m.L1.Options = func() protoreflect.ProtoMessage { return opts }
-		}
-		m.L1.IsStreamingClient = md.GetClientStreaming()
-		m.L1.IsStreamingServer = md.GetServerStreaming()
-	}
-	return ms, nil
-}
-
-func (r descsByName) makeBase(child, parent protoreflect.Descriptor, name string, idx int, sb *strs.Builder) (filedesc.BaseL0, error) {
-	if !protoreflect.Name(name).IsValid() {
-		return filedesc.BaseL0{}, errors.New("descriptor %q has an invalid nested name: %q", parent.FullName(), name)
-	}
-
-	// Derive the full name of the child.
-	// Note that enum values are a sibling to the enum parent in the namespace.
-	var fullName protoreflect.FullName
-	if _, ok := parent.(protoreflect.EnumDescriptor); ok {
-		fullName = sb.AppendFullName(parent.FullName().Parent(), protoreflect.Name(name))
-	} else {
-		fullName = sb.AppendFullName(parent.FullName(), protoreflect.Name(name))
-	}
-	if _, ok := r[fullName]; ok {
-		return filedesc.BaseL0{}, errors.New("descriptor %q already declared", fullName)
-	}
-	r[fullName] = child
-
-	// TODO: Verify that the full name does not already exist in the resolver?
-	// This is not as critical since most usages of NewFile will register
-	// the created file back into the registry, which will perform this check.
-
-	return filedesc.BaseL0{
-		FullName:   fullName,
-		ParentFile: parent.ParentFile().(*filedesc.File),
-		Parent:     parent,
-		Index:      idx,
-	}, nil
-}
diff --git a/vendor/google.golang.org/protobuf/reflect/protodesc/desc_resolve.go b/vendor/google.golang.org/protobuf/reflect/protodesc/desc_resolve.go
deleted file mode 100644
index 27d7e3501..000000000
--- a/vendor/google.golang.org/protobuf/reflect/protodesc/desc_resolve.go
+++ /dev/null
@@ -1,286 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package protodesc
-
-import (
-	"google.golang.org/protobuf/internal/encoding/defval"
-	"google.golang.org/protobuf/internal/errors"
-	"google.golang.org/protobuf/internal/filedesc"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/reflect/protoregistry"
-
-	"google.golang.org/protobuf/types/descriptorpb"
-)
-
-// resolver is a wrapper around a local registry of declarations within the file
-// and the remote resolver. The remote resolver is restricted to only return
-// descriptors that have been imported.
-type resolver struct {
-	local   descsByName
-	remote  Resolver
-	imports importSet
-
-	allowUnresolvable bool
-}
-
-func (r *resolver) resolveMessageDependencies(ms []filedesc.Message, mds []*descriptorpb.DescriptorProto) (err error) {
-	for i, md := range mds {
-		m := &ms[i]
-		for j, fd := range md.GetField() {
-			f := &m.L2.Fields.List[j]
-			if f.L1.Cardinality == protoreflect.Required {
-				m.L2.RequiredNumbers.List = append(m.L2.RequiredNumbers.List, f.L1.Number)
-			}
-			if fd.OneofIndex != nil {
-				k := int(fd.GetOneofIndex())
-				if !(0 <= k && k < len(md.GetOneofDecl())) {
-					return errors.New("message field %q has an invalid oneof index: %d", f.FullName(), k)
-				}
-				o := &m.L2.Oneofs.List[k]
-				f.L1.ContainingOneof = o
-				o.L1.Fields.List = append(o.L1.Fields.List, f)
-			}
-
-			if f.L1.Kind, f.L1.Enum, f.L1.Message, err = r.findTarget(f.Kind(), f.Parent().FullName(), partialName(fd.GetTypeName()), f.IsWeak()); err != nil {
-				return errors.New("message field %q cannot resolve type: %v", f.FullName(), err)
-			}
-			if fd.DefaultValue != nil {
-				v, ev, err := unmarshalDefault(fd.GetDefaultValue(), f, r.allowUnresolvable)
-				if err != nil {
-					return errors.New("message field %q has invalid default: %v", f.FullName(), err)
-				}
-				f.L1.Default = filedesc.DefaultValue(v, ev)
-			}
-		}
-
-		if err := r.resolveMessageDependencies(m.L1.Messages.List, md.GetNestedType()); err != nil {
-			return err
-		}
-		if err := r.resolveExtensionDependencies(m.L1.Extensions.List, md.GetExtension()); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func (r *resolver) resolveExtensionDependencies(xs []filedesc.Extension, xds []*descriptorpb.FieldDescriptorProto) (err error) {
-	for i, xd := range xds {
-		x := &xs[i]
-		if x.L1.Extendee, err = r.findMessageDescriptor(x.Parent().FullName(), partialName(xd.GetExtendee()), false); err != nil {
-			return errors.New("extension field %q cannot resolve extendee: %v", x.FullName(), err)
-		}
-		if x.L1.Kind, x.L2.Enum, x.L2.Message, err = r.findTarget(x.Kind(), x.Parent().FullName(), partialName(xd.GetTypeName()), false); err != nil {
-			return errors.New("extension field %q cannot resolve type: %v", x.FullName(), err)
-		}
-		if xd.DefaultValue != nil {
-			v, ev, err := unmarshalDefault(xd.GetDefaultValue(), x, r.allowUnresolvable)
-			if err != nil {
-				return errors.New("extension field %q has invalid default: %v", x.FullName(), err)
-			}
-			x.L2.Default = filedesc.DefaultValue(v, ev)
-		}
-	}
-	return nil
-}
-
-func (r *resolver) resolveServiceDependencies(ss []filedesc.Service, sds []*descriptorpb.ServiceDescriptorProto) (err error) {
-	for i, sd := range sds {
-		s := &ss[i]
-		for j, md := range sd.GetMethod() {
-			m := &s.L2.Methods.List[j]
-			m.L1.Input, err = r.findMessageDescriptor(m.Parent().FullName(), partialName(md.GetInputType()), false)
-			if err != nil {
-				return errors.New("service method %q cannot resolve input: %v", m.FullName(), err)
-			}
-			m.L1.Output, err = r.findMessageDescriptor(s.FullName(), partialName(md.GetOutputType()), false)
-			if err != nil {
-				return errors.New("service method %q cannot resolve output: %v", m.FullName(), err)
-			}
-		}
-	}
-	return nil
-}
-
-// findTarget finds an enum or message descriptor if k is an enum, message,
-// group, or unknown. If unknown, and the name could be resolved, the kind
-// returned kind is set based on the type of the resolved descriptor.
-func (r *resolver) findTarget(k protoreflect.Kind, scope protoreflect.FullName, ref partialName, isWeak bool) (protoreflect.Kind, protoreflect.EnumDescriptor, protoreflect.MessageDescriptor, error) {
-	switch k {
-	case protoreflect.EnumKind:
-		ed, err := r.findEnumDescriptor(scope, ref, isWeak)
-		if err != nil {
-			return 0, nil, nil, err
-		}
-		return k, ed, nil, nil
-	case protoreflect.MessageKind, protoreflect.GroupKind:
-		md, err := r.findMessageDescriptor(scope, ref, isWeak)
-		if err != nil {
-			return 0, nil, nil, err
-		}
-		return k, nil, md, nil
-	case 0:
-		// Handle unspecified kinds (possible with parsers that operate
-		// on a per-file basis without knowledge of dependencies).
-		d, err := r.findDescriptor(scope, ref)
-		if err == protoregistry.NotFound && (r.allowUnresolvable || isWeak) {
-			return k, filedesc.PlaceholderEnum(ref.FullName()), filedesc.PlaceholderMessage(ref.FullName()), nil
-		} else if err == protoregistry.NotFound {
-			return 0, nil, nil, errors.New("%q not found", ref.FullName())
-		} else if err != nil {
-			return 0, nil, nil, err
-		}
-		switch d := d.(type) {
-		case protoreflect.EnumDescriptor:
-			return protoreflect.EnumKind, d, nil, nil
-		case protoreflect.MessageDescriptor:
-			return protoreflect.MessageKind, nil, d, nil
-		default:
-			return 0, nil, nil, errors.New("unknown kind")
-		}
-	default:
-		if ref != "" {
-			return 0, nil, nil, errors.New("target name cannot be specified for %v", k)
-		}
-		if !k.IsValid() {
-			return 0, nil, nil, errors.New("invalid kind: %d", k)
-		}
-		return k, nil, nil, nil
-	}
-}
-
-// findDescriptor finds the descriptor by name,
-// which may be a relative name within some scope.
-//
-// Suppose the scope was "fizz.buzz" and the reference was "Foo.Bar",
-// then the following full names are searched:
-//   - fizz.buzz.Foo.Bar
-//   - fizz.Foo.Bar
-//   - Foo.Bar
-func (r *resolver) findDescriptor(scope protoreflect.FullName, ref partialName) (protoreflect.Descriptor, error) {
-	if !ref.IsValid() {
-		return nil, errors.New("invalid name reference: %q", ref)
-	}
-	if ref.IsFull() {
-		scope, ref = "", ref[1:]
-	}
-	var foundButNotImported protoreflect.Descriptor
-	for {
-		// Derive the full name to search.
-		s := protoreflect.FullName(ref)
-		if scope != "" {
-			s = scope + "." + s
-		}
-
-		// Check the current file for the descriptor.
-		if d, ok := r.local[s]; ok {
-			return d, nil
-		}
-
-		// Check the remote registry for the descriptor.
-		d, err := r.remote.FindDescriptorByName(s)
-		if err == nil {
-			// Only allow descriptors covered by one of the imports.
-			if r.imports[d.ParentFile().Path()] {
-				return d, nil
-			}
-			foundButNotImported = d
-		} else if err != protoregistry.NotFound {
-			return nil, errors.Wrap(err, "%q", s)
-		}
-
-		// Continue on at a higher level of scoping.
-		if scope == "" {
-			if d := foundButNotImported; d != nil {
-				return nil, errors.New("resolved %q, but %q is not imported", d.FullName(), d.ParentFile().Path())
-			}
-			return nil, protoregistry.NotFound
-		}
-		scope = scope.Parent()
-	}
-}
-
-func (r *resolver) findEnumDescriptor(scope protoreflect.FullName, ref partialName, isWeak bool) (protoreflect.EnumDescriptor, error) {
-	d, err := r.findDescriptor(scope, ref)
-	if err == protoregistry.NotFound && (r.allowUnresolvable || isWeak) {
-		return filedesc.PlaceholderEnum(ref.FullName()), nil
-	} else if err == protoregistry.NotFound {
-		return nil, errors.New("%q not found", ref.FullName())
-	} else if err != nil {
-		return nil, err
-	}
-	ed, ok := d.(protoreflect.EnumDescriptor)
-	if !ok {
-		return nil, errors.New("resolved %q, but it is not an enum", d.FullName())
-	}
-	return ed, nil
-}
-
-func (r *resolver) findMessageDescriptor(scope protoreflect.FullName, ref partialName, isWeak bool) (protoreflect.MessageDescriptor, error) {
-	d, err := r.findDescriptor(scope, ref)
-	if err == protoregistry.NotFound && (r.allowUnresolvable || isWeak) {
-		return filedesc.PlaceholderMessage(ref.FullName()), nil
-	} else if err == protoregistry.NotFound {
-		return nil, errors.New("%q not found", ref.FullName())
-	} else if err != nil {
-		return nil, err
-	}
-	md, ok := d.(protoreflect.MessageDescriptor)
-	if !ok {
-		return nil, errors.New("resolved %q, but it is not an message", d.FullName())
-	}
-	return md, nil
-}
-
-// partialName is the partial name. A leading dot means that the name is full,
-// otherwise the name is relative to some current scope.
-// See google.protobuf.FieldDescriptorProto.type_name.
-type partialName string
-
-func (s partialName) IsFull() bool {
-	return len(s) > 0 && s[0] == '.'
-}
-
-func (s partialName) IsValid() bool {
-	if s.IsFull() {
-		return protoreflect.FullName(s[1:]).IsValid()
-	}
-	return protoreflect.FullName(s).IsValid()
-}
-
-const unknownPrefix = "*."
-
-// FullName converts the partial name to a full name on a best-effort basis.
-// If relative, it creates an invalid full name, using a "*." prefix
-// to indicate that the start of the full name is unknown.
-func (s partialName) FullName() protoreflect.FullName {
-	if s.IsFull() {
-		return protoreflect.FullName(s[1:])
-	}
-	return protoreflect.FullName(unknownPrefix + s)
-}
-
-func unmarshalDefault(s string, fd protoreflect.FieldDescriptor, allowUnresolvable bool) (protoreflect.Value, protoreflect.EnumValueDescriptor, error) {
-	var evs protoreflect.EnumValueDescriptors
-	if fd.Enum() != nil {
-		evs = fd.Enum().Values()
-	}
-	v, ev, err := defval.Unmarshal(s, fd.Kind(), evs, defval.Descriptor)
-	if err != nil && allowUnresolvable && evs != nil && protoreflect.Name(s).IsValid() {
-		v = protoreflect.ValueOfEnum(0)
-		if evs.Len() > 0 {
-			v = protoreflect.ValueOfEnum(evs.Get(0).Number())
-		}
-		ev = filedesc.PlaceholderEnumValue(fd.Enum().FullName().Parent().Append(protoreflect.Name(s)))
-	} else if err != nil {
-		return v, ev, err
-	}
-	if fd.Syntax() == protoreflect.Proto3 {
-		return v, ev, errors.New("cannot be specified under proto3 semantics")
-	}
-	if fd.Kind() == protoreflect.MessageKind || fd.Kind() == protoreflect.GroupKind || fd.Cardinality() == protoreflect.Repeated {
-		return v, ev, errors.New("cannot be specified on composite types")
-	}
-	return v, ev, nil
-}
diff --git a/vendor/google.golang.org/protobuf/reflect/protodesc/desc_validate.go b/vendor/google.golang.org/protobuf/reflect/protodesc/desc_validate.go
deleted file mode 100644
index 9af1d5648..000000000
--- a/vendor/google.golang.org/protobuf/reflect/protodesc/desc_validate.go
+++ /dev/null
@@ -1,374 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package protodesc
-
-import (
-	"strings"
-	"unicode"
-
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/internal/errors"
-	"google.golang.org/protobuf/internal/filedesc"
-	"google.golang.org/protobuf/internal/flags"
-	"google.golang.org/protobuf/internal/genid"
-	"google.golang.org/protobuf/internal/strs"
-	"google.golang.org/protobuf/reflect/protoreflect"
-
-	"google.golang.org/protobuf/types/descriptorpb"
-)
-
-func validateEnumDeclarations(es []filedesc.Enum, eds []*descriptorpb.EnumDescriptorProto) error {
-	for i, ed := range eds {
-		e := &es[i]
-		if err := e.L2.ReservedNames.CheckValid(); err != nil {
-			return errors.New("enum %q reserved names has %v", e.FullName(), err)
-		}
-		if err := e.L2.ReservedRanges.CheckValid(); err != nil {
-			return errors.New("enum %q reserved ranges has %v", e.FullName(), err)
-		}
-		if len(ed.GetValue()) == 0 {
-			return errors.New("enum %q must contain at least one value declaration", e.FullName())
-		}
-		allowAlias := ed.GetOptions().GetAllowAlias()
-		foundAlias := false
-		for i := 0; i < e.Values().Len(); i++ {
-			v1 := e.Values().Get(i)
-			if v2 := e.Values().ByNumber(v1.Number()); v1 != v2 {
-				foundAlias = true
-				if !allowAlias {
-					return errors.New("enum %q has conflicting non-aliased values on number %d: %q with %q", e.FullName(), v1.Number(), v1.Name(), v2.Name())
-				}
-			}
-		}
-		if allowAlias && !foundAlias {
-			return errors.New("enum %q allows aliases, but none were found", e.FullName())
-		}
-		if e.Syntax() == protoreflect.Proto3 {
-			if v := e.Values().Get(0); v.Number() != 0 {
-				return errors.New("enum %q using proto3 semantics must have zero number for the first value", v.FullName())
-			}
-			// Verify that value names in proto3 do not conflict if the
-			// case-insensitive prefix is removed.
-			// See protoc v3.8.0: src/google/protobuf/descriptor.cc:4991-5055
-			names := map[string]protoreflect.EnumValueDescriptor{}
-			prefix := strings.Replace(strings.ToLower(string(e.Name())), "_", "", -1)
-			for i := 0; i < e.Values().Len(); i++ {
-				v1 := e.Values().Get(i)
-				s := strs.EnumValueName(strs.TrimEnumPrefix(string(v1.Name()), prefix))
-				if v2, ok := names[s]; ok && v1.Number() != v2.Number() {
-					return errors.New("enum %q using proto3 semantics has conflict: %q with %q", e.FullName(), v1.Name(), v2.Name())
-				}
-				names[s] = v1
-			}
-		}
-
-		for j, vd := range ed.GetValue() {
-			v := &e.L2.Values.List[j]
-			if vd.Number == nil {
-				return errors.New("enum value %q must have a specified number", v.FullName())
-			}
-			if e.L2.ReservedNames.Has(v.Name()) {
-				return errors.New("enum value %q must not use reserved name", v.FullName())
-			}
-			if e.L2.ReservedRanges.Has(v.Number()) {
-				return errors.New("enum value %q must not use reserved number %d", v.FullName(), v.Number())
-			}
-		}
-	}
-	return nil
-}
-
-func validateMessageDeclarations(ms []filedesc.Message, mds []*descriptorpb.DescriptorProto) error {
-	for i, md := range mds {
-		m := &ms[i]
-
-		// Handle the message descriptor itself.
-		isMessageSet := md.GetOptions().GetMessageSetWireFormat()
-		if err := m.L2.ReservedNames.CheckValid(); err != nil {
-			return errors.New("message %q reserved names has %v", m.FullName(), err)
-		}
-		if err := m.L2.ReservedRanges.CheckValid(isMessageSet); err != nil {
-			return errors.New("message %q reserved ranges has %v", m.FullName(), err)
-		}
-		if err := m.L2.ExtensionRanges.CheckValid(isMessageSet); err != nil {
-			return errors.New("message %q extension ranges has %v", m.FullName(), err)
-		}
-		if err := (*filedesc.FieldRanges).CheckOverlap(&m.L2.ReservedRanges, &m.L2.ExtensionRanges); err != nil {
-			return errors.New("message %q reserved and extension ranges has %v", m.FullName(), err)
-		}
-		for i := 0; i < m.Fields().Len(); i++ {
-			f1 := m.Fields().Get(i)
-			if f2 := m.Fields().ByNumber(f1.Number()); f1 != f2 {
-				return errors.New("message %q has conflicting fields: %q with %q", m.FullName(), f1.Name(), f2.Name())
-			}
-		}
-		if isMessageSet && !flags.ProtoLegacy {
-			return errors.New("message %q is a MessageSet, which is a legacy proto1 feature that is no longer supported", m.FullName())
-		}
-		if isMessageSet && (m.Syntax() != protoreflect.Proto2 || m.Fields().Len() > 0 || m.ExtensionRanges().Len() == 0) {
-			return errors.New("message %q is an invalid proto1 MessageSet", m.FullName())
-		}
-		if m.Syntax() == protoreflect.Proto3 {
-			if m.ExtensionRanges().Len() > 0 {
-				return errors.New("message %q using proto3 semantics cannot have extension ranges", m.FullName())
-			}
-			// Verify that field names in proto3 do not conflict if lowercased
-			// with all underscores removed.
-			// See protoc v3.8.0: src/google/protobuf/descriptor.cc:5830-5847
-			names := map[string]protoreflect.FieldDescriptor{}
-			for i := 0; i < m.Fields().Len(); i++ {
-				f1 := m.Fields().Get(i)
-				s := strings.Replace(strings.ToLower(string(f1.Name())), "_", "", -1)
-				if f2, ok := names[s]; ok {
-					return errors.New("message %q using proto3 semantics has conflict: %q with %q", m.FullName(), f1.Name(), f2.Name())
-				}
-				names[s] = f1
-			}
-		}
-
-		for j, fd := range md.GetField() {
-			f := &m.L2.Fields.List[j]
-			if m.L2.ReservedNames.Has(f.Name()) {
-				return errors.New("message field %q must not use reserved name", f.FullName())
-			}
-			if !f.Number().IsValid() {
-				return errors.New("message field %q has an invalid number: %d", f.FullName(), f.Number())
-			}
-			if !f.Cardinality().IsValid() {
-				return errors.New("message field %q has an invalid cardinality: %d", f.FullName(), f.Cardinality())
-			}
-			if m.L2.ReservedRanges.Has(f.Number()) {
-				return errors.New("message field %q must not use reserved number %d", f.FullName(), f.Number())
-			}
-			if m.L2.ExtensionRanges.Has(f.Number()) {
-				return errors.New("message field %q with number %d in extension range", f.FullName(), f.Number())
-			}
-			if fd.Extendee != nil {
-				return errors.New("message field %q may not have extendee: %q", f.FullName(), fd.GetExtendee())
-			}
-			if f.L1.IsProto3Optional {
-				if f.Syntax() != protoreflect.Proto3 {
-					return errors.New("message field %q under proto3 optional semantics must be specified in the proto3 syntax", f.FullName())
-				}
-				if f.Cardinality() != protoreflect.Optional {
-					return errors.New("message field %q under proto3 optional semantics must have optional cardinality", f.FullName())
-				}
-				if f.ContainingOneof() != nil && f.ContainingOneof().Fields().Len() != 1 {
-					return errors.New("message field %q under proto3 optional semantics must be within a single element oneof", f.FullName())
-				}
-			}
-			if f.IsWeak() && !flags.ProtoLegacy {
-				return errors.New("message field %q is a weak field, which is a legacy proto1 feature that is no longer supported", f.FullName())
-			}
-			if f.IsWeak() && (f.Syntax() != protoreflect.Proto2 || !isOptionalMessage(f) || f.ContainingOneof() != nil) {
-				return errors.New("message field %q may only be weak for an optional message", f.FullName())
-			}
-			if f.IsPacked() && !isPackable(f) {
-				return errors.New("message field %q is not packable", f.FullName())
-			}
-			if err := checkValidGroup(f); err != nil {
-				return errors.New("message field %q is an invalid group: %v", f.FullName(), err)
-			}
-			if err := checkValidMap(f); err != nil {
-				return errors.New("message field %q is an invalid map: %v", f.FullName(), err)
-			}
-			if f.Syntax() == protoreflect.Proto3 {
-				if f.Cardinality() == protoreflect.Required {
-					return errors.New("message field %q using proto3 semantics cannot be required", f.FullName())
-				}
-				if f.Enum() != nil && !f.Enum().IsPlaceholder() && f.Enum().Syntax() != protoreflect.Proto3 {
-					return errors.New("message field %q using proto3 semantics may only depend on a proto3 enum", f.FullName())
-				}
-			}
-		}
-		seenSynthetic := false // synthetic oneofs for proto3 optional must come after real oneofs
-		for j := range md.GetOneofDecl() {
-			o := &m.L2.Oneofs.List[j]
-			if o.Fields().Len() == 0 {
-				return errors.New("message oneof %q must contain at least one field declaration", o.FullName())
-			}
-			if n := o.Fields().Len(); n-1 != (o.Fields().Get(n-1).Index() - o.Fields().Get(0).Index()) {
-				return errors.New("message oneof %q must have consecutively declared fields", o.FullName())
-			}
-
-			if o.IsSynthetic() {
-				seenSynthetic = true
-				continue
-			}
-			if !o.IsSynthetic() && seenSynthetic {
-				return errors.New("message oneof %q must be declared before synthetic oneofs", o.FullName())
-			}
-
-			for i := 0; i < o.Fields().Len(); i++ {
-				f := o.Fields().Get(i)
-				if f.Cardinality() != protoreflect.Optional {
-					return errors.New("message field %q belongs in a oneof and must be optional", f.FullName())
-				}
-				if f.IsWeak() {
-					return errors.New("message field %q belongs in a oneof and must not be a weak reference", f.FullName())
-				}
-			}
-		}
-
-		if err := validateEnumDeclarations(m.L1.Enums.List, md.GetEnumType()); err != nil {
-			return err
-		}
-		if err := validateMessageDeclarations(m.L1.Messages.List, md.GetNestedType()); err != nil {
-			return err
-		}
-		if err := validateExtensionDeclarations(m.L1.Extensions.List, md.GetExtension()); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func validateExtensionDeclarations(xs []filedesc.Extension, xds []*descriptorpb.FieldDescriptorProto) error {
-	for i, xd := range xds {
-		x := &xs[i]
-		// NOTE: Avoid using the IsValid method since extensions to MessageSet
-		// may have a field number higher than normal. This check only verifies
-		// that the number is not negative or reserved. We check again later
-		// if we know that the extendee is definitely not a MessageSet.
-		if n := x.Number(); n < 0 || (protowire.FirstReservedNumber <= n && n <= protowire.LastReservedNumber) {
-			return errors.New("extension field %q has an invalid number: %d", x.FullName(), x.Number())
-		}
-		if !x.Cardinality().IsValid() || x.Cardinality() == protoreflect.Required {
-			return errors.New("extension field %q has an invalid cardinality: %d", x.FullName(), x.Cardinality())
-		}
-		if xd.JsonName != nil {
-			// A bug in older versions of protoc would always populate the
-			// "json_name" option for extensions when it is meaningless.
-			// When it did so, it would always use the camel-cased field name.
-			if xd.GetJsonName() != strs.JSONCamelCase(string(x.Name())) {
-				return errors.New("extension field %q may not have an explicitly set JSON name: %q", x.FullName(), xd.GetJsonName())
-			}
-		}
-		if xd.OneofIndex != nil {
-			return errors.New("extension field %q may not be part of a oneof", x.FullName())
-		}
-		if md := x.ContainingMessage(); !md.IsPlaceholder() {
-			if !md.ExtensionRanges().Has(x.Number()) {
-				return errors.New("extension field %q extends %q with non-extension field number: %d", x.FullName(), md.FullName(), x.Number())
-			}
-			isMessageSet := md.Options().(*descriptorpb.MessageOptions).GetMessageSetWireFormat()
-			if isMessageSet && !isOptionalMessage(x) {
-				return errors.New("extension field %q extends MessageSet and must be an optional message", x.FullName())
-			}
-			if !isMessageSet && !x.Number().IsValid() {
-				return errors.New("extension field %q has an invalid number: %d", x.FullName(), x.Number())
-			}
-		}
-		if xd.GetOptions().GetWeak() {
-			return errors.New("extension field %q cannot be a weak reference", x.FullName())
-		}
-		if x.IsPacked() && !isPackable(x) {
-			return errors.New("extension field %q is not packable", x.FullName())
-		}
-		if err := checkValidGroup(x); err != nil {
-			return errors.New("extension field %q is an invalid group: %v", x.FullName(), err)
-		}
-		if md := x.Message(); md != nil && md.IsMapEntry() {
-			return errors.New("extension field %q cannot be a map entry", x.FullName())
-		}
-		if x.Syntax() == protoreflect.Proto3 {
-			switch x.ContainingMessage().FullName() {
-			case (*descriptorpb.FileOptions)(nil).ProtoReflect().Descriptor().FullName():
-			case (*descriptorpb.EnumOptions)(nil).ProtoReflect().Descriptor().FullName():
-			case (*descriptorpb.EnumValueOptions)(nil).ProtoReflect().Descriptor().FullName():
-			case (*descriptorpb.MessageOptions)(nil).ProtoReflect().Descriptor().FullName():
-			case (*descriptorpb.FieldOptions)(nil).ProtoReflect().Descriptor().FullName():
-			case (*descriptorpb.OneofOptions)(nil).ProtoReflect().Descriptor().FullName():
-			case (*descriptorpb.ExtensionRangeOptions)(nil).ProtoReflect().Descriptor().FullName():
-			case (*descriptorpb.ServiceOptions)(nil).ProtoReflect().Descriptor().FullName():
-			case (*descriptorpb.MethodOptions)(nil).ProtoReflect().Descriptor().FullName():
-			default:
-				return errors.New("extension field %q cannot be declared in proto3 unless extended descriptor options", x.FullName())
-			}
-		}
-	}
-	return nil
-}
-
-// isOptionalMessage reports whether this is an optional message.
-// If the kind is unknown, it is assumed to be a message.
-func isOptionalMessage(fd protoreflect.FieldDescriptor) bool {
-	return (fd.Kind() == 0 || fd.Kind() == protoreflect.MessageKind) && fd.Cardinality() == protoreflect.Optional
-}
-
-// isPackable checks whether the pack option can be specified.
-func isPackable(fd protoreflect.FieldDescriptor) bool {
-	switch fd.Kind() {
-	case protoreflect.StringKind, protoreflect.BytesKind, protoreflect.MessageKind, protoreflect.GroupKind:
-		return false
-	}
-	return fd.IsList()
-}
-
-// checkValidGroup reports whether fd is a valid group according to the same
-// rules that protoc imposes.
-func checkValidGroup(fd protoreflect.FieldDescriptor) error {
-	md := fd.Message()
-	switch {
-	case fd.Kind() != protoreflect.GroupKind:
-		return nil
-	case fd.Syntax() != protoreflect.Proto2:
-		return errors.New("invalid under proto2 semantics")
-	case md == nil || md.IsPlaceholder():
-		return errors.New("message must be resolvable")
-	case fd.FullName().Parent() != md.FullName().Parent():
-		return errors.New("message and field must be declared in the same scope")
-	case !unicode.IsUpper(rune(md.Name()[0])):
-		return errors.New("message name must start with an uppercase")
-	case fd.Name() != protoreflect.Name(strings.ToLower(string(md.Name()))):
-		return errors.New("field name must be lowercased form of the message name")
-	}
-	return nil
-}
-
-// checkValidMap checks whether the field is a valid map according to the same
-// rules that protoc imposes.
-// See protoc v3.8.0: src/google/protobuf/descriptor.cc:6045-6115
-func checkValidMap(fd protoreflect.FieldDescriptor) error {
-	md := fd.Message()
-	switch {
-	case md == nil || !md.IsMapEntry():
-		return nil
-	case fd.FullName().Parent() != md.FullName().Parent():
-		return errors.New("message and field must be declared in the same scope")
-	case md.Name() != protoreflect.Name(strs.MapEntryName(string(fd.Name()))):
-		return errors.New("incorrect implicit map entry name")
-	case fd.Cardinality() != protoreflect.Repeated:
-		return errors.New("field must be repeated")
-	case md.Fields().Len() != 2:
-		return errors.New("message must have exactly two fields")
-	case md.ExtensionRanges().Len() > 0:
-		return errors.New("message must not have any extension ranges")
-	case md.Enums().Len()+md.Messages().Len()+md.Extensions().Len() > 0:
-		return errors.New("message must not have any nested declarations")
-	}
-	kf := md.Fields().Get(0)
-	vf := md.Fields().Get(1)
-	switch {
-	case kf.Name() != genid.MapEntry_Key_field_name || kf.Number() != genid.MapEntry_Key_field_number || kf.Cardinality() != protoreflect.Optional || kf.ContainingOneof() != nil || kf.HasDefault():
-		return errors.New("invalid key field")
-	case vf.Name() != genid.MapEntry_Value_field_name || vf.Number() != genid.MapEntry_Value_field_number || vf.Cardinality() != protoreflect.Optional || vf.ContainingOneof() != nil || vf.HasDefault():
-		return errors.New("invalid value field")
-	}
-	switch kf.Kind() {
-	case protoreflect.BoolKind: // bool
-	case protoreflect.Int32Kind, protoreflect.Sint32Kind, protoreflect.Sfixed32Kind: // int32
-	case protoreflect.Int64Kind, protoreflect.Sint64Kind, protoreflect.Sfixed64Kind: // int64
-	case protoreflect.Uint32Kind, protoreflect.Fixed32Kind: // uint32
-	case protoreflect.Uint64Kind, protoreflect.Fixed64Kind: // uint64
-	case protoreflect.StringKind: // string
-	default:
-		return errors.New("invalid key kind: %v", kf.Kind())
-	}
-	if e := vf.Enum(); e != nil && e.Values().Len() > 0 && e.Values().Get(0).Number() != 0 {
-		return errors.New("map enum value must have zero number for the first value")
-	}
-	return nil
-}
diff --git a/vendor/google.golang.org/protobuf/reflect/protodesc/proto.go b/vendor/google.golang.org/protobuf/reflect/protodesc/proto.go
deleted file mode 100644
index a7c5ceffc..000000000
--- a/vendor/google.golang.org/protobuf/reflect/protodesc/proto.go
+++ /dev/null
@@ -1,252 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package protodesc
-
-import (
-	"fmt"
-	"strings"
-
-	"google.golang.org/protobuf/internal/encoding/defval"
-	"google.golang.org/protobuf/internal/strs"
-	"google.golang.org/protobuf/proto"
-	"google.golang.org/protobuf/reflect/protoreflect"
-
-	"google.golang.org/protobuf/types/descriptorpb"
-)
-
-// ToFileDescriptorProto copies a protoreflect.FileDescriptor into a
-// google.protobuf.FileDescriptorProto message.
-func ToFileDescriptorProto(file protoreflect.FileDescriptor) *descriptorpb.FileDescriptorProto {
-	p := &descriptorpb.FileDescriptorProto{
-		Name:    proto.String(file.Path()),
-		Options: proto.Clone(file.Options()).(*descriptorpb.FileOptions),
-	}
-	if file.Package() != "" {
-		p.Package = proto.String(string(file.Package()))
-	}
-	for i, imports := 0, file.Imports(); i < imports.Len(); i++ {
-		imp := imports.Get(i)
-		p.Dependency = append(p.Dependency, imp.Path())
-		if imp.IsPublic {
-			p.PublicDependency = append(p.PublicDependency, int32(i))
-		}
-		if imp.IsWeak {
-			p.WeakDependency = append(p.WeakDependency, int32(i))
-		}
-	}
-	for i, locs := 0, file.SourceLocations(); i < locs.Len(); i++ {
-		loc := locs.Get(i)
-		l := &descriptorpb.SourceCodeInfo_Location{}
-		l.Path = append(l.Path, loc.Path...)
-		if loc.StartLine == loc.EndLine {
-			l.Span = []int32{int32(loc.StartLine), int32(loc.StartColumn), int32(loc.EndColumn)}
-		} else {
-			l.Span = []int32{int32(loc.StartLine), int32(loc.StartColumn), int32(loc.EndLine), int32(loc.EndColumn)}
-		}
-		l.LeadingDetachedComments = append([]string(nil), loc.LeadingDetachedComments...)
-		if loc.LeadingComments != "" {
-			l.LeadingComments = proto.String(loc.LeadingComments)
-		}
-		if loc.TrailingComments != "" {
-			l.TrailingComments = proto.String(loc.TrailingComments)
-		}
-		if p.SourceCodeInfo == nil {
-			p.SourceCodeInfo = &descriptorpb.SourceCodeInfo{}
-		}
-		p.SourceCodeInfo.Location = append(p.SourceCodeInfo.Location, l)
-
-	}
-	for i, messages := 0, file.Messages(); i < messages.Len(); i++ {
-		p.MessageType = append(p.MessageType, ToDescriptorProto(messages.Get(i)))
-	}
-	for i, enums := 0, file.Enums(); i < enums.Len(); i++ {
-		p.EnumType = append(p.EnumType, ToEnumDescriptorProto(enums.Get(i)))
-	}
-	for i, services := 0, file.Services(); i < services.Len(); i++ {
-		p.Service = append(p.Service, ToServiceDescriptorProto(services.Get(i)))
-	}
-	for i, exts := 0, file.Extensions(); i < exts.Len(); i++ {
-		p.Extension = append(p.Extension, ToFieldDescriptorProto(exts.Get(i)))
-	}
-	if syntax := file.Syntax(); syntax != protoreflect.Proto2 {
-		p.Syntax = proto.String(file.Syntax().String())
-	}
-	return p
-}
-
-// ToDescriptorProto copies a protoreflect.MessageDescriptor into a
-// google.protobuf.DescriptorProto message.
-func ToDescriptorProto(message protoreflect.MessageDescriptor) *descriptorpb.DescriptorProto {
-	p := &descriptorpb.DescriptorProto{
-		Name:    proto.String(string(message.Name())),
-		Options: proto.Clone(message.Options()).(*descriptorpb.MessageOptions),
-	}
-	for i, fields := 0, message.Fields(); i < fields.Len(); i++ {
-		p.Field = append(p.Field, ToFieldDescriptorProto(fields.Get(i)))
-	}
-	for i, exts := 0, message.Extensions(); i < exts.Len(); i++ {
-		p.Extension = append(p.Extension, ToFieldDescriptorProto(exts.Get(i)))
-	}
-	for i, messages := 0, message.Messages(); i < messages.Len(); i++ {
-		p.NestedType = append(p.NestedType, ToDescriptorProto(messages.Get(i)))
-	}
-	for i, enums := 0, message.Enums(); i < enums.Len(); i++ {
-		p.EnumType = append(p.EnumType, ToEnumDescriptorProto(enums.Get(i)))
-	}
-	for i, xranges := 0, message.ExtensionRanges(); i < xranges.Len(); i++ {
-		xrange := xranges.Get(i)
-		p.ExtensionRange = append(p.ExtensionRange, &descriptorpb.DescriptorProto_ExtensionRange{
-			Start:   proto.Int32(int32(xrange[0])),
-			End:     proto.Int32(int32(xrange[1])),
-			Options: proto.Clone(message.ExtensionRangeOptions(i)).(*descriptorpb.ExtensionRangeOptions),
-		})
-	}
-	for i, oneofs := 0, message.Oneofs(); i < oneofs.Len(); i++ {
-		p.OneofDecl = append(p.OneofDecl, ToOneofDescriptorProto(oneofs.Get(i)))
-	}
-	for i, ranges := 0, message.ReservedRanges(); i < ranges.Len(); i++ {
-		rrange := ranges.Get(i)
-		p.ReservedRange = append(p.ReservedRange, &descriptorpb.DescriptorProto_ReservedRange{
-			Start: proto.Int32(int32(rrange[0])),
-			End:   proto.Int32(int32(rrange[1])),
-		})
-	}
-	for i, names := 0, message.ReservedNames(); i < names.Len(); i++ {
-		p.ReservedName = append(p.ReservedName, string(names.Get(i)))
-	}
-	return p
-}
-
-// ToFieldDescriptorProto copies a protoreflect.FieldDescriptor into a
-// google.protobuf.FieldDescriptorProto message.
-func ToFieldDescriptorProto(field protoreflect.FieldDescriptor) *descriptorpb.FieldDescriptorProto {
-	p := &descriptorpb.FieldDescriptorProto{
-		Name:    proto.String(string(field.Name())),
-		Number:  proto.Int32(int32(field.Number())),
-		Label:   descriptorpb.FieldDescriptorProto_Label(field.Cardinality()).Enum(),
-		Options: proto.Clone(field.Options()).(*descriptorpb.FieldOptions),
-	}
-	if field.IsExtension() {
-		p.Extendee = fullNameOf(field.ContainingMessage())
-	}
-	if field.Kind().IsValid() {
-		p.Type = descriptorpb.FieldDescriptorProto_Type(field.Kind()).Enum()
-	}
-	if field.Enum() != nil {
-		p.TypeName = fullNameOf(field.Enum())
-	}
-	if field.Message() != nil {
-		p.TypeName = fullNameOf(field.Message())
-	}
-	if field.HasJSONName() {
-		// A bug in older versions of protoc would always populate the
-		// "json_name" option for extensions when it is meaningless.
-		// When it did so, it would always use the camel-cased field name.
-		if field.IsExtension() {
-			p.JsonName = proto.String(strs.JSONCamelCase(string(field.Name())))
-		} else {
-			p.JsonName = proto.String(field.JSONName())
-		}
-	}
-	if field.Syntax() == protoreflect.Proto3 && field.HasOptionalKeyword() {
-		p.Proto3Optional = proto.Bool(true)
-	}
-	if field.HasDefault() {
-		def, err := defval.Marshal(field.Default(), field.DefaultEnumValue(), field.Kind(), defval.Descriptor)
-		if err != nil && field.DefaultEnumValue() != nil {
-			def = string(field.DefaultEnumValue().Name()) // occurs for unresolved enum values
-		} else if err != nil {
-			panic(fmt.Sprintf("%v: %v", field.FullName(), err))
-		}
-		p.DefaultValue = proto.String(def)
-	}
-	if oneof := field.ContainingOneof(); oneof != nil {
-		p.OneofIndex = proto.Int32(int32(oneof.Index()))
-	}
-	return p
-}
-
-// ToOneofDescriptorProto copies a protoreflect.OneofDescriptor into a
-// google.protobuf.OneofDescriptorProto message.
-func ToOneofDescriptorProto(oneof protoreflect.OneofDescriptor) *descriptorpb.OneofDescriptorProto {
-	return &descriptorpb.OneofDescriptorProto{
-		Name:    proto.String(string(oneof.Name())),
-		Options: proto.Clone(oneof.Options()).(*descriptorpb.OneofOptions),
-	}
-}
-
-// ToEnumDescriptorProto copies a protoreflect.EnumDescriptor into a
-// google.protobuf.EnumDescriptorProto message.
-func ToEnumDescriptorProto(enum protoreflect.EnumDescriptor) *descriptorpb.EnumDescriptorProto {
-	p := &descriptorpb.EnumDescriptorProto{
-		Name:    proto.String(string(enum.Name())),
-		Options: proto.Clone(enum.Options()).(*descriptorpb.EnumOptions),
-	}
-	for i, values := 0, enum.Values(); i < values.Len(); i++ {
-		p.Value = append(p.Value, ToEnumValueDescriptorProto(values.Get(i)))
-	}
-	for i, ranges := 0, enum.ReservedRanges(); i < ranges.Len(); i++ {
-		rrange := ranges.Get(i)
-		p.ReservedRange = append(p.ReservedRange, &descriptorpb.EnumDescriptorProto_EnumReservedRange{
-			Start: proto.Int32(int32(rrange[0])),
-			End:   proto.Int32(int32(rrange[1])),
-		})
-	}
-	for i, names := 0, enum.ReservedNames(); i < names.Len(); i++ {
-		p.ReservedName = append(p.ReservedName, string(names.Get(i)))
-	}
-	return p
-}
-
-// ToEnumValueDescriptorProto copies a protoreflect.EnumValueDescriptor into a
-// google.protobuf.EnumValueDescriptorProto message.
-func ToEnumValueDescriptorProto(value protoreflect.EnumValueDescriptor) *descriptorpb.EnumValueDescriptorProto {
-	return &descriptorpb.EnumValueDescriptorProto{
-		Name:    proto.String(string(value.Name())),
-		Number:  proto.Int32(int32(value.Number())),
-		Options: proto.Clone(value.Options()).(*descriptorpb.EnumValueOptions),
-	}
-}
-
-// ToServiceDescriptorProto copies a protoreflect.ServiceDescriptor into a
-// google.protobuf.ServiceDescriptorProto message.
-func ToServiceDescriptorProto(service protoreflect.ServiceDescriptor) *descriptorpb.ServiceDescriptorProto {
-	p := &descriptorpb.ServiceDescriptorProto{
-		Name:    proto.String(string(service.Name())),
-		Options: proto.Clone(service.Options()).(*descriptorpb.ServiceOptions),
-	}
-	for i, methods := 0, service.Methods(); i < methods.Len(); i++ {
-		p.Method = append(p.Method, ToMethodDescriptorProto(methods.Get(i)))
-	}
-	return p
-}
-
-// ToMethodDescriptorProto copies a protoreflect.MethodDescriptor into a
-// google.protobuf.MethodDescriptorProto message.
-func ToMethodDescriptorProto(method protoreflect.MethodDescriptor) *descriptorpb.MethodDescriptorProto {
-	p := &descriptorpb.MethodDescriptorProto{
-		Name:       proto.String(string(method.Name())),
-		InputType:  fullNameOf(method.Input()),
-		OutputType: fullNameOf(method.Output()),
-		Options:    proto.Clone(method.Options()).(*descriptorpb.MethodOptions),
-	}
-	if method.IsStreamingClient() {
-		p.ClientStreaming = proto.Bool(true)
-	}
-	if method.IsStreamingServer() {
-		p.ServerStreaming = proto.Bool(true)
-	}
-	return p
-}
-
-func fullNameOf(d protoreflect.Descriptor) *string {
-	if d == nil {
-		return nil
-	}
-	if strings.HasPrefix(string(d.FullName()), unknownPrefix) {
-		return proto.String(string(d.FullName()[len(unknownPrefix):]))
-	}
-	return proto.String("." + string(d.FullName()))
-}
diff --git a/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go b/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go
deleted file mode 100644
index 04c00f737..000000000
--- a/vendor/google.golang.org/protobuf/types/descriptorpb/descriptor.pb.go
+++ /dev/null
@@ -1,4605 +0,0 @@
-// Protocol Buffers - Google's data interchange format
-// Copyright 2008 Google Inc.  All rights reserved.
-// https://developers.google.com/protocol-buffers/
-//
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-//     * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-//     * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following disclaimer
-// in the documentation and/or other materials provided with the
-// distribution.
-//     * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived from
-// this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-// Author: kenton@google.com (Kenton Varda)
-//  Based on original Protocol Buffers design by
-//  Sanjay Ghemawat, Jeff Dean, and others.
-//
-// The messages in this file describe the definitions found in .proto files.
-// A valid .proto file can be translated directly to a FileDescriptorProto
-// without any other information (e.g. without reading its imports).
-
-// Code generated by protoc-gen-go. DO NOT EDIT.
-// source: google/protobuf/descriptor.proto
-
-package descriptorpb
-
-import (
-	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
-	protoimpl "google.golang.org/protobuf/runtime/protoimpl"
-	reflect "reflect"
-	sync "sync"
-)
-
-// The verification state of the extension range.
-type ExtensionRangeOptions_VerificationState int32
-
-const (
-	// All the extensions of the range must be declared.
-	ExtensionRangeOptions_DECLARATION ExtensionRangeOptions_VerificationState = 0
-	ExtensionRangeOptions_UNVERIFIED  ExtensionRangeOptions_VerificationState = 1
-)
-
-// Enum value maps for ExtensionRangeOptions_VerificationState.
-var (
-	ExtensionRangeOptions_VerificationState_name = map[int32]string{
-		0: "DECLARATION",
-		1: "UNVERIFIED",
-	}
-	ExtensionRangeOptions_VerificationState_value = map[string]int32{
-		"DECLARATION": 0,
-		"UNVERIFIED":  1,
-	}
-)
-
-func (x ExtensionRangeOptions_VerificationState) Enum() *ExtensionRangeOptions_VerificationState {
-	p := new(ExtensionRangeOptions_VerificationState)
-	*p = x
-	return p
-}
-
-func (x ExtensionRangeOptions_VerificationState) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (ExtensionRangeOptions_VerificationState) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[0].Descriptor()
-}
-
-func (ExtensionRangeOptions_VerificationState) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[0]
-}
-
-func (x ExtensionRangeOptions_VerificationState) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *ExtensionRangeOptions_VerificationState) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = ExtensionRangeOptions_VerificationState(num)
-	return nil
-}
-
-// Deprecated: Use ExtensionRangeOptions_VerificationState.Descriptor instead.
-func (ExtensionRangeOptions_VerificationState) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{3, 0}
-}
-
-type FieldDescriptorProto_Type int32
-
-const (
-	// 0 is reserved for errors.
-	// Order is weird for historical reasons.
-	FieldDescriptorProto_TYPE_DOUBLE FieldDescriptorProto_Type = 1
-	FieldDescriptorProto_TYPE_FLOAT  FieldDescriptorProto_Type = 2
-	// Not ZigZag encoded.  Negative numbers take 10 bytes.  Use TYPE_SINT64 if
-	// negative values are likely.
-	FieldDescriptorProto_TYPE_INT64  FieldDescriptorProto_Type = 3
-	FieldDescriptorProto_TYPE_UINT64 FieldDescriptorProto_Type = 4
-	// Not ZigZag encoded.  Negative numbers take 10 bytes.  Use TYPE_SINT32 if
-	// negative values are likely.
-	FieldDescriptorProto_TYPE_INT32   FieldDescriptorProto_Type = 5
-	FieldDescriptorProto_TYPE_FIXED64 FieldDescriptorProto_Type = 6
-	FieldDescriptorProto_TYPE_FIXED32 FieldDescriptorProto_Type = 7
-	FieldDescriptorProto_TYPE_BOOL    FieldDescriptorProto_Type = 8
-	FieldDescriptorProto_TYPE_STRING  FieldDescriptorProto_Type = 9
-	// Tag-delimited aggregate.
-	// Group type is deprecated and not supported in proto3. However, Proto3
-	// implementations should still be able to parse the group wire format and
-	// treat group fields as unknown fields.
-	FieldDescriptorProto_TYPE_GROUP   FieldDescriptorProto_Type = 10
-	FieldDescriptorProto_TYPE_MESSAGE FieldDescriptorProto_Type = 11 // Length-delimited aggregate.
-	// New in version 2.
-	FieldDescriptorProto_TYPE_BYTES    FieldDescriptorProto_Type = 12
-	FieldDescriptorProto_TYPE_UINT32   FieldDescriptorProto_Type = 13
-	FieldDescriptorProto_TYPE_ENUM     FieldDescriptorProto_Type = 14
-	FieldDescriptorProto_TYPE_SFIXED32 FieldDescriptorProto_Type = 15
-	FieldDescriptorProto_TYPE_SFIXED64 FieldDescriptorProto_Type = 16
-	FieldDescriptorProto_TYPE_SINT32   FieldDescriptorProto_Type = 17 // Uses ZigZag encoding.
-	FieldDescriptorProto_TYPE_SINT64   FieldDescriptorProto_Type = 18 // Uses ZigZag encoding.
-)
-
-// Enum value maps for FieldDescriptorProto_Type.
-var (
-	FieldDescriptorProto_Type_name = map[int32]string{
-		1:  "TYPE_DOUBLE",
-		2:  "TYPE_FLOAT",
-		3:  "TYPE_INT64",
-		4:  "TYPE_UINT64",
-		5:  "TYPE_INT32",
-		6:  "TYPE_FIXED64",
-		7:  "TYPE_FIXED32",
-		8:  "TYPE_BOOL",
-		9:  "TYPE_STRING",
-		10: "TYPE_GROUP",
-		11: "TYPE_MESSAGE",
-		12: "TYPE_BYTES",
-		13: "TYPE_UINT32",
-		14: "TYPE_ENUM",
-		15: "TYPE_SFIXED32",
-		16: "TYPE_SFIXED64",
-		17: "TYPE_SINT32",
-		18: "TYPE_SINT64",
-	}
-	FieldDescriptorProto_Type_value = map[string]int32{
-		"TYPE_DOUBLE":   1,
-		"TYPE_FLOAT":    2,
-		"TYPE_INT64":    3,
-		"TYPE_UINT64":   4,
-		"TYPE_INT32":    5,
-		"TYPE_FIXED64":  6,
-		"TYPE_FIXED32":  7,
-		"TYPE_BOOL":     8,
-		"TYPE_STRING":   9,
-		"TYPE_GROUP":    10,
-		"TYPE_MESSAGE":  11,
-		"TYPE_BYTES":    12,
-		"TYPE_UINT32":   13,
-		"TYPE_ENUM":     14,
-		"TYPE_SFIXED32": 15,
-		"TYPE_SFIXED64": 16,
-		"TYPE_SINT32":   17,
-		"TYPE_SINT64":   18,
-	}
-)
-
-func (x FieldDescriptorProto_Type) Enum() *FieldDescriptorProto_Type {
-	p := new(FieldDescriptorProto_Type)
-	*p = x
-	return p
-}
-
-func (x FieldDescriptorProto_Type) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (FieldDescriptorProto_Type) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[1].Descriptor()
-}
-
-func (FieldDescriptorProto_Type) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[1]
-}
-
-func (x FieldDescriptorProto_Type) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *FieldDescriptorProto_Type) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = FieldDescriptorProto_Type(num)
-	return nil
-}
-
-// Deprecated: Use FieldDescriptorProto_Type.Descriptor instead.
-func (FieldDescriptorProto_Type) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{4, 0}
-}
-
-type FieldDescriptorProto_Label int32
-
-const (
-	// 0 is reserved for errors
-	FieldDescriptorProto_LABEL_OPTIONAL FieldDescriptorProto_Label = 1
-	FieldDescriptorProto_LABEL_REQUIRED FieldDescriptorProto_Label = 2
-	FieldDescriptorProto_LABEL_REPEATED FieldDescriptorProto_Label = 3
-)
-
-// Enum value maps for FieldDescriptorProto_Label.
-var (
-	FieldDescriptorProto_Label_name = map[int32]string{
-		1: "LABEL_OPTIONAL",
-		2: "LABEL_REQUIRED",
-		3: "LABEL_REPEATED",
-	}
-	FieldDescriptorProto_Label_value = map[string]int32{
-		"LABEL_OPTIONAL": 1,
-		"LABEL_REQUIRED": 2,
-		"LABEL_REPEATED": 3,
-	}
-)
-
-func (x FieldDescriptorProto_Label) Enum() *FieldDescriptorProto_Label {
-	p := new(FieldDescriptorProto_Label)
-	*p = x
-	return p
-}
-
-func (x FieldDescriptorProto_Label) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (FieldDescriptorProto_Label) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[2].Descriptor()
-}
-
-func (FieldDescriptorProto_Label) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[2]
-}
-
-func (x FieldDescriptorProto_Label) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *FieldDescriptorProto_Label) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = FieldDescriptorProto_Label(num)
-	return nil
-}
-
-// Deprecated: Use FieldDescriptorProto_Label.Descriptor instead.
-func (FieldDescriptorProto_Label) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{4, 1}
-}
-
-// Generated classes can be optimized for speed or code size.
-type FileOptions_OptimizeMode int32
-
-const (
-	FileOptions_SPEED FileOptions_OptimizeMode = 1 // Generate complete code for parsing, serialization,
-	// etc.
-	FileOptions_CODE_SIZE    FileOptions_OptimizeMode = 2 // Use ReflectionOps to implement these methods.
-	FileOptions_LITE_RUNTIME FileOptions_OptimizeMode = 3 // Generate code using MessageLite and the lite runtime.
-)
-
-// Enum value maps for FileOptions_OptimizeMode.
-var (
-	FileOptions_OptimizeMode_name = map[int32]string{
-		1: "SPEED",
-		2: "CODE_SIZE",
-		3: "LITE_RUNTIME",
-	}
-	FileOptions_OptimizeMode_value = map[string]int32{
-		"SPEED":        1,
-		"CODE_SIZE":    2,
-		"LITE_RUNTIME": 3,
-	}
-)
-
-func (x FileOptions_OptimizeMode) Enum() *FileOptions_OptimizeMode {
-	p := new(FileOptions_OptimizeMode)
-	*p = x
-	return p
-}
-
-func (x FileOptions_OptimizeMode) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (FileOptions_OptimizeMode) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[3].Descriptor()
-}
-
-func (FileOptions_OptimizeMode) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[3]
-}
-
-func (x FileOptions_OptimizeMode) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *FileOptions_OptimizeMode) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = FileOptions_OptimizeMode(num)
-	return nil
-}
-
-// Deprecated: Use FileOptions_OptimizeMode.Descriptor instead.
-func (FileOptions_OptimizeMode) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{10, 0}
-}
-
-type FieldOptions_CType int32
-
-const (
-	// Default mode.
-	FieldOptions_STRING FieldOptions_CType = 0
-	// The option [ctype=CORD] may be applied to a non-repeated field of type
-	// "bytes". It indicates that in C++, the data should be stored in a Cord
-	// instead of a string.  For very large strings, this may reduce memory
-	// fragmentation. It may also allow better performance when parsing from a
-	// Cord, or when parsing with aliasing enabled, as the parsed Cord may then
-	// alias the original buffer.
-	FieldOptions_CORD         FieldOptions_CType = 1
-	FieldOptions_STRING_PIECE FieldOptions_CType = 2
-)
-
-// Enum value maps for FieldOptions_CType.
-var (
-	FieldOptions_CType_name = map[int32]string{
-		0: "STRING",
-		1: "CORD",
-		2: "STRING_PIECE",
-	}
-	FieldOptions_CType_value = map[string]int32{
-		"STRING":       0,
-		"CORD":         1,
-		"STRING_PIECE": 2,
-	}
-)
-
-func (x FieldOptions_CType) Enum() *FieldOptions_CType {
-	p := new(FieldOptions_CType)
-	*p = x
-	return p
-}
-
-func (x FieldOptions_CType) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (FieldOptions_CType) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[4].Descriptor()
-}
-
-func (FieldOptions_CType) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[4]
-}
-
-func (x FieldOptions_CType) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *FieldOptions_CType) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = FieldOptions_CType(num)
-	return nil
-}
-
-// Deprecated: Use FieldOptions_CType.Descriptor instead.
-func (FieldOptions_CType) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{12, 0}
-}
-
-type FieldOptions_JSType int32
-
-const (
-	// Use the default type.
-	FieldOptions_JS_NORMAL FieldOptions_JSType = 0
-	// Use JavaScript strings.
-	FieldOptions_JS_STRING FieldOptions_JSType = 1
-	// Use JavaScript numbers.
-	FieldOptions_JS_NUMBER FieldOptions_JSType = 2
-)
-
-// Enum value maps for FieldOptions_JSType.
-var (
-	FieldOptions_JSType_name = map[int32]string{
-		0: "JS_NORMAL",
-		1: "JS_STRING",
-		2: "JS_NUMBER",
-	}
-	FieldOptions_JSType_value = map[string]int32{
-		"JS_NORMAL": 0,
-		"JS_STRING": 1,
-		"JS_NUMBER": 2,
-	}
-)
-
-func (x FieldOptions_JSType) Enum() *FieldOptions_JSType {
-	p := new(FieldOptions_JSType)
-	*p = x
-	return p
-}
-
-func (x FieldOptions_JSType) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (FieldOptions_JSType) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[5].Descriptor()
-}
-
-func (FieldOptions_JSType) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[5]
-}
-
-func (x FieldOptions_JSType) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *FieldOptions_JSType) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = FieldOptions_JSType(num)
-	return nil
-}
-
-// Deprecated: Use FieldOptions_JSType.Descriptor instead.
-func (FieldOptions_JSType) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{12, 1}
-}
-
-// If set to RETENTION_SOURCE, the option will be omitted from the binary.
-// Note: as of January 2023, support for this is in progress and does not yet
-// have an effect (b/264593489).
-type FieldOptions_OptionRetention int32
-
-const (
-	FieldOptions_RETENTION_UNKNOWN FieldOptions_OptionRetention = 0
-	FieldOptions_RETENTION_RUNTIME FieldOptions_OptionRetention = 1
-	FieldOptions_RETENTION_SOURCE  FieldOptions_OptionRetention = 2
-)
-
-// Enum value maps for FieldOptions_OptionRetention.
-var (
-	FieldOptions_OptionRetention_name = map[int32]string{
-		0: "RETENTION_UNKNOWN",
-		1: "RETENTION_RUNTIME",
-		2: "RETENTION_SOURCE",
-	}
-	FieldOptions_OptionRetention_value = map[string]int32{
-		"RETENTION_UNKNOWN": 0,
-		"RETENTION_RUNTIME": 1,
-		"RETENTION_SOURCE":  2,
-	}
-)
-
-func (x FieldOptions_OptionRetention) Enum() *FieldOptions_OptionRetention {
-	p := new(FieldOptions_OptionRetention)
-	*p = x
-	return p
-}
-
-func (x FieldOptions_OptionRetention) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (FieldOptions_OptionRetention) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[6].Descriptor()
-}
-
-func (FieldOptions_OptionRetention) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[6]
-}
-
-func (x FieldOptions_OptionRetention) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *FieldOptions_OptionRetention) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = FieldOptions_OptionRetention(num)
-	return nil
-}
-
-// Deprecated: Use FieldOptions_OptionRetention.Descriptor instead.
-func (FieldOptions_OptionRetention) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{12, 2}
-}
-
-// This indicates the types of entities that the field may apply to when used
-// as an option. If it is unset, then the field may be freely used as an
-// option on any kind of entity. Note: as of January 2023, support for this is
-// in progress and does not yet have an effect (b/264593489).
-type FieldOptions_OptionTargetType int32
-
-const (
-	FieldOptions_TARGET_TYPE_UNKNOWN         FieldOptions_OptionTargetType = 0
-	FieldOptions_TARGET_TYPE_FILE            FieldOptions_OptionTargetType = 1
-	FieldOptions_TARGET_TYPE_EXTENSION_RANGE FieldOptions_OptionTargetType = 2
-	FieldOptions_TARGET_TYPE_MESSAGE         FieldOptions_OptionTargetType = 3
-	FieldOptions_TARGET_TYPE_FIELD           FieldOptions_OptionTargetType = 4
-	FieldOptions_TARGET_TYPE_ONEOF           FieldOptions_OptionTargetType = 5
-	FieldOptions_TARGET_TYPE_ENUM            FieldOptions_OptionTargetType = 6
-	FieldOptions_TARGET_TYPE_ENUM_ENTRY      FieldOptions_OptionTargetType = 7
-	FieldOptions_TARGET_TYPE_SERVICE         FieldOptions_OptionTargetType = 8
-	FieldOptions_TARGET_TYPE_METHOD          FieldOptions_OptionTargetType = 9
-)
-
-// Enum value maps for FieldOptions_OptionTargetType.
-var (
-	FieldOptions_OptionTargetType_name = map[int32]string{
-		0: "TARGET_TYPE_UNKNOWN",
-		1: "TARGET_TYPE_FILE",
-		2: "TARGET_TYPE_EXTENSION_RANGE",
-		3: "TARGET_TYPE_MESSAGE",
-		4: "TARGET_TYPE_FIELD",
-		5: "TARGET_TYPE_ONEOF",
-		6: "TARGET_TYPE_ENUM",
-		7: "TARGET_TYPE_ENUM_ENTRY",
-		8: "TARGET_TYPE_SERVICE",
-		9: "TARGET_TYPE_METHOD",
-	}
-	FieldOptions_OptionTargetType_value = map[string]int32{
-		"TARGET_TYPE_UNKNOWN":         0,
-		"TARGET_TYPE_FILE":            1,
-		"TARGET_TYPE_EXTENSION_RANGE": 2,
-		"TARGET_TYPE_MESSAGE":         3,
-		"TARGET_TYPE_FIELD":           4,
-		"TARGET_TYPE_ONEOF":           5,
-		"TARGET_TYPE_ENUM":            6,
-		"TARGET_TYPE_ENUM_ENTRY":      7,
-		"TARGET_TYPE_SERVICE":         8,
-		"TARGET_TYPE_METHOD":          9,
-	}
-)
-
-func (x FieldOptions_OptionTargetType) Enum() *FieldOptions_OptionTargetType {
-	p := new(FieldOptions_OptionTargetType)
-	*p = x
-	return p
-}
-
-func (x FieldOptions_OptionTargetType) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (FieldOptions_OptionTargetType) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[7].Descriptor()
-}
-
-func (FieldOptions_OptionTargetType) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[7]
-}
-
-func (x FieldOptions_OptionTargetType) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *FieldOptions_OptionTargetType) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = FieldOptions_OptionTargetType(num)
-	return nil
-}
-
-// Deprecated: Use FieldOptions_OptionTargetType.Descriptor instead.
-func (FieldOptions_OptionTargetType) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{12, 3}
-}
-
-// Is this method side-effect-free (or safe in HTTP parlance), or idempotent,
-// or neither? HTTP based RPC implementation may choose GET verb for safe
-// methods, and PUT verb for idempotent methods instead of the default POST.
-type MethodOptions_IdempotencyLevel int32
-
-const (
-	MethodOptions_IDEMPOTENCY_UNKNOWN MethodOptions_IdempotencyLevel = 0
-	MethodOptions_NO_SIDE_EFFECTS     MethodOptions_IdempotencyLevel = 1 // implies idempotent
-	MethodOptions_IDEMPOTENT          MethodOptions_IdempotencyLevel = 2 // idempotent, but may have side effects
-)
-
-// Enum value maps for MethodOptions_IdempotencyLevel.
-var (
-	MethodOptions_IdempotencyLevel_name = map[int32]string{
-		0: "IDEMPOTENCY_UNKNOWN",
-		1: "NO_SIDE_EFFECTS",
-		2: "IDEMPOTENT",
-	}
-	MethodOptions_IdempotencyLevel_value = map[string]int32{
-		"IDEMPOTENCY_UNKNOWN": 0,
-		"NO_SIDE_EFFECTS":     1,
-		"IDEMPOTENT":          2,
-	}
-)
-
-func (x MethodOptions_IdempotencyLevel) Enum() *MethodOptions_IdempotencyLevel {
-	p := new(MethodOptions_IdempotencyLevel)
-	*p = x
-	return p
-}
-
-func (x MethodOptions_IdempotencyLevel) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (MethodOptions_IdempotencyLevel) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[8].Descriptor()
-}
-
-func (MethodOptions_IdempotencyLevel) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[8]
-}
-
-func (x MethodOptions_IdempotencyLevel) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *MethodOptions_IdempotencyLevel) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = MethodOptions_IdempotencyLevel(num)
-	return nil
-}
-
-// Deprecated: Use MethodOptions_IdempotencyLevel.Descriptor instead.
-func (MethodOptions_IdempotencyLevel) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{17, 0}
-}
-
-// Represents the identified object's effect on the element in the original
-// .proto file.
-type GeneratedCodeInfo_Annotation_Semantic int32
-
-const (
-	// There is no effect or the effect is indescribable.
-	GeneratedCodeInfo_Annotation_NONE GeneratedCodeInfo_Annotation_Semantic = 0
-	// The element is set or otherwise mutated.
-	GeneratedCodeInfo_Annotation_SET GeneratedCodeInfo_Annotation_Semantic = 1
-	// An alias to the element is returned.
-	GeneratedCodeInfo_Annotation_ALIAS GeneratedCodeInfo_Annotation_Semantic = 2
-)
-
-// Enum value maps for GeneratedCodeInfo_Annotation_Semantic.
-var (
-	GeneratedCodeInfo_Annotation_Semantic_name = map[int32]string{
-		0: "NONE",
-		1: "SET",
-		2: "ALIAS",
-	}
-	GeneratedCodeInfo_Annotation_Semantic_value = map[string]int32{
-		"NONE":  0,
-		"SET":   1,
-		"ALIAS": 2,
-	}
-)
-
-func (x GeneratedCodeInfo_Annotation_Semantic) Enum() *GeneratedCodeInfo_Annotation_Semantic {
-	p := new(GeneratedCodeInfo_Annotation_Semantic)
-	*p = x
-	return p
-}
-
-func (x GeneratedCodeInfo_Annotation_Semantic) String() string {
-	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
-}
-
-func (GeneratedCodeInfo_Annotation_Semantic) Descriptor() protoreflect.EnumDescriptor {
-	return file_google_protobuf_descriptor_proto_enumTypes[9].Descriptor()
-}
-
-func (GeneratedCodeInfo_Annotation_Semantic) Type() protoreflect.EnumType {
-	return &file_google_protobuf_descriptor_proto_enumTypes[9]
-}
-
-func (x GeneratedCodeInfo_Annotation_Semantic) Number() protoreflect.EnumNumber {
-	return protoreflect.EnumNumber(x)
-}
-
-// Deprecated: Do not use.
-func (x *GeneratedCodeInfo_Annotation_Semantic) UnmarshalJSON(b []byte) error {
-	num, err := protoimpl.X.UnmarshalJSONEnum(x.Descriptor(), b)
-	if err != nil {
-		return err
-	}
-	*x = GeneratedCodeInfo_Annotation_Semantic(num)
-	return nil
-}
-
-// Deprecated: Use GeneratedCodeInfo_Annotation_Semantic.Descriptor instead.
-func (GeneratedCodeInfo_Annotation_Semantic) EnumDescriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{20, 0, 0}
-}
-
-// The protocol compiler can output a FileDescriptorSet containing the .proto
-// files it parses.
-type FileDescriptorSet struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	File []*FileDescriptorProto `protobuf:"bytes,1,rep,name=file" json:"file,omitempty"`
-}
-
-func (x *FileDescriptorSet) Reset() {
-	*x = FileDescriptorSet{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[0]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *FileDescriptorSet) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*FileDescriptorSet) ProtoMessage() {}
-
-func (x *FileDescriptorSet) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[0]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use FileDescriptorSet.ProtoReflect.Descriptor instead.
-func (*FileDescriptorSet) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{0}
-}
-
-func (x *FileDescriptorSet) GetFile() []*FileDescriptorProto {
-	if x != nil {
-		return x.File
-	}
-	return nil
-}
-
-// Describes a complete .proto file.
-type FileDescriptorProto struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Name    *string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`       // file name, relative to root of source tree
-	Package *string `protobuf:"bytes,2,opt,name=package" json:"package,omitempty"` // e.g. "foo", "foo.bar", etc.
-	// Names of files imported by this file.
-	Dependency []string `protobuf:"bytes,3,rep,name=dependency" json:"dependency,omitempty"`
-	// Indexes of the public imported files in the dependency list above.
-	PublicDependency []int32 `protobuf:"varint,10,rep,name=public_dependency,json=publicDependency" json:"public_dependency,omitempty"`
-	// Indexes of the weak imported files in the dependency list.
-	// For Google-internal migration only. Do not use.
-	WeakDependency []int32 `protobuf:"varint,11,rep,name=weak_dependency,json=weakDependency" json:"weak_dependency,omitempty"`
-	// All top-level definitions in this file.
-	MessageType []*DescriptorProto        `protobuf:"bytes,4,rep,name=message_type,json=messageType" json:"message_type,omitempty"`
-	EnumType    []*EnumDescriptorProto    `protobuf:"bytes,5,rep,name=enum_type,json=enumType" json:"enum_type,omitempty"`
-	Service     []*ServiceDescriptorProto `protobuf:"bytes,6,rep,name=service" json:"service,omitempty"`
-	Extension   []*FieldDescriptorProto   `protobuf:"bytes,7,rep,name=extension" json:"extension,omitempty"`
-	Options     *FileOptions              `protobuf:"bytes,8,opt,name=options" json:"options,omitempty"`
-	// This field contains optional information about the original source code.
-	// You may safely remove this entire field without harming runtime
-	// functionality of the descriptors -- the information is needed only by
-	// development tools.
-	SourceCodeInfo *SourceCodeInfo `protobuf:"bytes,9,opt,name=source_code_info,json=sourceCodeInfo" json:"source_code_info,omitempty"`
-	// The syntax of the proto file.
-	// The supported values are "proto2", "proto3", and "editions".
-	//
-	// If `edition` is present, this value must be "editions".
-	Syntax *string `protobuf:"bytes,12,opt,name=syntax" json:"syntax,omitempty"`
-	// The edition of the proto file, which is an opaque string.
-	Edition *string `protobuf:"bytes,13,opt,name=edition" json:"edition,omitempty"`
-}
-
-func (x *FileDescriptorProto) Reset() {
-	*x = FileDescriptorProto{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[1]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *FileDescriptorProto) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*FileDescriptorProto) ProtoMessage() {}
-
-func (x *FileDescriptorProto) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[1]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use FileDescriptorProto.ProtoReflect.Descriptor instead.
-func (*FileDescriptorProto) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{1}
-}
-
-func (x *FileDescriptorProto) GetName() string {
-	if x != nil && x.Name != nil {
-		return *x.Name
-	}
-	return ""
-}
-
-func (x *FileDescriptorProto) GetPackage() string {
-	if x != nil && x.Package != nil {
-		return *x.Package
-	}
-	return ""
-}
-
-func (x *FileDescriptorProto) GetDependency() []string {
-	if x != nil {
-		return x.Dependency
-	}
-	return nil
-}
-
-func (x *FileDescriptorProto) GetPublicDependency() []int32 {
-	if x != nil {
-		return x.PublicDependency
-	}
-	return nil
-}
-
-func (x *FileDescriptorProto) GetWeakDependency() []int32 {
-	if x != nil {
-		return x.WeakDependency
-	}
-	return nil
-}
-
-func (x *FileDescriptorProto) GetMessageType() []*DescriptorProto {
-	if x != nil {
-		return x.MessageType
-	}
-	return nil
-}
-
-func (x *FileDescriptorProto) GetEnumType() []*EnumDescriptorProto {
-	if x != nil {
-		return x.EnumType
-	}
-	return nil
-}
-
-func (x *FileDescriptorProto) GetService() []*ServiceDescriptorProto {
-	if x != nil {
-		return x.Service
-	}
-	return nil
-}
-
-func (x *FileDescriptorProto) GetExtension() []*FieldDescriptorProto {
-	if x != nil {
-		return x.Extension
-	}
-	return nil
-}
-
-func (x *FileDescriptorProto) GetOptions() *FileOptions {
-	if x != nil {
-		return x.Options
-	}
-	return nil
-}
-
-func (x *FileDescriptorProto) GetSourceCodeInfo() *SourceCodeInfo {
-	if x != nil {
-		return x.SourceCodeInfo
-	}
-	return nil
-}
-
-func (x *FileDescriptorProto) GetSyntax() string {
-	if x != nil && x.Syntax != nil {
-		return *x.Syntax
-	}
-	return ""
-}
-
-func (x *FileDescriptorProto) GetEdition() string {
-	if x != nil && x.Edition != nil {
-		return *x.Edition
-	}
-	return ""
-}
-
-// Describes a message type.
-type DescriptorProto struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Name           *string                           `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
-	Field          []*FieldDescriptorProto           `protobuf:"bytes,2,rep,name=field" json:"field,omitempty"`
-	Extension      []*FieldDescriptorProto           `protobuf:"bytes,6,rep,name=extension" json:"extension,omitempty"`
-	NestedType     []*DescriptorProto                `protobuf:"bytes,3,rep,name=nested_type,json=nestedType" json:"nested_type,omitempty"`
-	EnumType       []*EnumDescriptorProto            `protobuf:"bytes,4,rep,name=enum_type,json=enumType" json:"enum_type,omitempty"`
-	ExtensionRange []*DescriptorProto_ExtensionRange `protobuf:"bytes,5,rep,name=extension_range,json=extensionRange" json:"extension_range,omitempty"`
-	OneofDecl      []*OneofDescriptorProto           `protobuf:"bytes,8,rep,name=oneof_decl,json=oneofDecl" json:"oneof_decl,omitempty"`
-	Options        *MessageOptions                   `protobuf:"bytes,7,opt,name=options" json:"options,omitempty"`
-	ReservedRange  []*DescriptorProto_ReservedRange  `protobuf:"bytes,9,rep,name=reserved_range,json=reservedRange" json:"reserved_range,omitempty"`
-	// Reserved field names, which may not be used by fields in the same message.
-	// A given name may only be reserved once.
-	ReservedName []string `protobuf:"bytes,10,rep,name=reserved_name,json=reservedName" json:"reserved_name,omitempty"`
-}
-
-func (x *DescriptorProto) Reset() {
-	*x = DescriptorProto{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[2]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *DescriptorProto) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*DescriptorProto) ProtoMessage() {}
-
-func (x *DescriptorProto) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[2]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use DescriptorProto.ProtoReflect.Descriptor instead.
-func (*DescriptorProto) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{2}
-}
-
-func (x *DescriptorProto) GetName() string {
-	if x != nil && x.Name != nil {
-		return *x.Name
-	}
-	return ""
-}
-
-func (x *DescriptorProto) GetField() []*FieldDescriptorProto {
-	if x != nil {
-		return x.Field
-	}
-	return nil
-}
-
-func (x *DescriptorProto) GetExtension() []*FieldDescriptorProto {
-	if x != nil {
-		return x.Extension
-	}
-	return nil
-}
-
-func (x *DescriptorProto) GetNestedType() []*DescriptorProto {
-	if x != nil {
-		return x.NestedType
-	}
-	return nil
-}
-
-func (x *DescriptorProto) GetEnumType() []*EnumDescriptorProto {
-	if x != nil {
-		return x.EnumType
-	}
-	return nil
-}
-
-func (x *DescriptorProto) GetExtensionRange() []*DescriptorProto_ExtensionRange {
-	if x != nil {
-		return x.ExtensionRange
-	}
-	return nil
-}
-
-func (x *DescriptorProto) GetOneofDecl() []*OneofDescriptorProto {
-	if x != nil {
-		return x.OneofDecl
-	}
-	return nil
-}
-
-func (x *DescriptorProto) GetOptions() *MessageOptions {
-	if x != nil {
-		return x.Options
-	}
-	return nil
-}
-
-func (x *DescriptorProto) GetReservedRange() []*DescriptorProto_ReservedRange {
-	if x != nil {
-		return x.ReservedRange
-	}
-	return nil
-}
-
-func (x *DescriptorProto) GetReservedName() []string {
-	if x != nil {
-		return x.ReservedName
-	}
-	return nil
-}
-
-type ExtensionRangeOptions struct {
-	state           protoimpl.MessageState
-	sizeCache       protoimpl.SizeCache
-	unknownFields   protoimpl.UnknownFields
-	extensionFields protoimpl.ExtensionFields
-
-	// The parser stores options it doesn't recognize here. See above.
-	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-	// go/protobuf-stripping-extension-declarations
-	// Like Metadata, but we use a repeated field to hold all extension
-	// declarations. This should avoid the size increases of transforming a large
-	// extension range into small ranges in generated binaries.
-	Declaration []*ExtensionRangeOptions_Declaration `protobuf:"bytes,2,rep,name=declaration" json:"declaration,omitempty"`
-	// The verification state of the range.
-	// TODO(b/278783756): flip the default to DECLARATION once all empty ranges
-	// are marked as UNVERIFIED.
-	Verification *ExtensionRangeOptions_VerificationState `protobuf:"varint,3,opt,name=verification,enum=google.protobuf.ExtensionRangeOptions_VerificationState,def=1" json:"verification,omitempty"`
-}
-
-// Default values for ExtensionRangeOptions fields.
-const (
-	Default_ExtensionRangeOptions_Verification = ExtensionRangeOptions_UNVERIFIED
-)
-
-func (x *ExtensionRangeOptions) Reset() {
-	*x = ExtensionRangeOptions{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[3]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *ExtensionRangeOptions) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*ExtensionRangeOptions) ProtoMessage() {}
-
-func (x *ExtensionRangeOptions) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[3]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use ExtensionRangeOptions.ProtoReflect.Descriptor instead.
-func (*ExtensionRangeOptions) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{3}
-}
-
-func (x *ExtensionRangeOptions) GetUninterpretedOption() []*UninterpretedOption {
-	if x != nil {
-		return x.UninterpretedOption
-	}
-	return nil
-}
-
-func (x *ExtensionRangeOptions) GetDeclaration() []*ExtensionRangeOptions_Declaration {
-	if x != nil {
-		return x.Declaration
-	}
-	return nil
-}
-
-func (x *ExtensionRangeOptions) GetVerification() ExtensionRangeOptions_VerificationState {
-	if x != nil && x.Verification != nil {
-		return *x.Verification
-	}
-	return Default_ExtensionRangeOptions_Verification
-}
-
-// Describes a field within a message.
-type FieldDescriptorProto struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Name   *string                     `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
-	Number *int32                      `protobuf:"varint,3,opt,name=number" json:"number,omitempty"`
-	Label  *FieldDescriptorProto_Label `protobuf:"varint,4,opt,name=label,enum=google.protobuf.FieldDescriptorProto_Label" json:"label,omitempty"`
-	// If type_name is set, this need not be set.  If both this and type_name
-	// are set, this must be one of TYPE_ENUM, TYPE_MESSAGE or TYPE_GROUP.
-	Type *FieldDescriptorProto_Type `protobuf:"varint,5,opt,name=type,enum=google.protobuf.FieldDescriptorProto_Type" json:"type,omitempty"`
-	// For message and enum types, this is the name of the type.  If the name
-	// starts with a '.', it is fully-qualified.  Otherwise, C++-like scoping
-	// rules are used to find the type (i.e. first the nested types within this
-	// message are searched, then within the parent, on up to the root
-	// namespace).
-	TypeName *string `protobuf:"bytes,6,opt,name=type_name,json=typeName" json:"type_name,omitempty"`
-	// For extensions, this is the name of the type being extended.  It is
-	// resolved in the same manner as type_name.
-	Extendee *string `protobuf:"bytes,2,opt,name=extendee" json:"extendee,omitempty"`
-	// For numeric types, contains the original text representation of the value.
-	// For booleans, "true" or "false".
-	// For strings, contains the default text contents (not escaped in any way).
-	// For bytes, contains the C escaped value.  All bytes >= 128 are escaped.
-	DefaultValue *string `protobuf:"bytes,7,opt,name=default_value,json=defaultValue" json:"default_value,omitempty"`
-	// If set, gives the index of a oneof in the containing type's oneof_decl
-	// list.  This field is a member of that oneof.
-	OneofIndex *int32 `protobuf:"varint,9,opt,name=oneof_index,json=oneofIndex" json:"oneof_index,omitempty"`
-	// JSON name of this field. The value is set by protocol compiler. If the
-	// user has set a "json_name" option on this field, that option's value
-	// will be used. Otherwise, it's deduced from the field's name by converting
-	// it to camelCase.
-	JsonName *string       `protobuf:"bytes,10,opt,name=json_name,json=jsonName" json:"json_name,omitempty"`
-	Options  *FieldOptions `protobuf:"bytes,8,opt,name=options" json:"options,omitempty"`
-	// If true, this is a proto3 "optional". When a proto3 field is optional, it
-	// tracks presence regardless of field type.
-	//
-	// When proto3_optional is true, this field must be belong to a oneof to
-	// signal to old proto3 clients that presence is tracked for this field. This
-	// oneof is known as a "synthetic" oneof, and this field must be its sole
-	// member (each proto3 optional field gets its own synthetic oneof). Synthetic
-	// oneofs exist in the descriptor only, and do not generate any API. Synthetic
-	// oneofs must be ordered after all "real" oneofs.
-	//
-	// For message fields, proto3_optional doesn't create any semantic change,
-	// since non-repeated message fields always track presence. However it still
-	// indicates the semantic detail of whether the user wrote "optional" or not.
-	// This can be useful for round-tripping the .proto file. For consistency we
-	// give message fields a synthetic oneof also, even though it is not required
-	// to track presence. This is especially important because the parser can't
-	// tell if a field is a message or an enum, so it must always create a
-	// synthetic oneof.
-	//
-	// Proto2 optional fields do not set this flag, because they already indicate
-	// optional with `LABEL_OPTIONAL`.
-	Proto3Optional *bool `protobuf:"varint,17,opt,name=proto3_optional,json=proto3Optional" json:"proto3_optional,omitempty"`
-}
-
-func (x *FieldDescriptorProto) Reset() {
-	*x = FieldDescriptorProto{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[4]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *FieldDescriptorProto) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*FieldDescriptorProto) ProtoMessage() {}
-
-func (x *FieldDescriptorProto) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[4]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use FieldDescriptorProto.ProtoReflect.Descriptor instead.
-func (*FieldDescriptorProto) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{4}
-}
-
-func (x *FieldDescriptorProto) GetName() string {
-	if x != nil && x.Name != nil {
-		return *x.Name
-	}
-	return ""
-}
-
-func (x *FieldDescriptorProto) GetNumber() int32 {
-	if x != nil && x.Number != nil {
-		return *x.Number
-	}
-	return 0
-}
-
-func (x *FieldDescriptorProto) GetLabel() FieldDescriptorProto_Label {
-	if x != nil && x.Label != nil {
-		return *x.Label
-	}
-	return FieldDescriptorProto_LABEL_OPTIONAL
-}
-
-func (x *FieldDescriptorProto) GetType() FieldDescriptorProto_Type {
-	if x != nil && x.Type != nil {
-		return *x.Type
-	}
-	return FieldDescriptorProto_TYPE_DOUBLE
-}
-
-func (x *FieldDescriptorProto) GetTypeName() string {
-	if x != nil && x.TypeName != nil {
-		return *x.TypeName
-	}
-	return ""
-}
-
-func (x *FieldDescriptorProto) GetExtendee() string {
-	if x != nil && x.Extendee != nil {
-		return *x.Extendee
-	}
-	return ""
-}
-
-func (x *FieldDescriptorProto) GetDefaultValue() string {
-	if x != nil && x.DefaultValue != nil {
-		return *x.DefaultValue
-	}
-	return ""
-}
-
-func (x *FieldDescriptorProto) GetOneofIndex() int32 {
-	if x != nil && x.OneofIndex != nil {
-		return *x.OneofIndex
-	}
-	return 0
-}
-
-func (x *FieldDescriptorProto) GetJsonName() string {
-	if x != nil && x.JsonName != nil {
-		return *x.JsonName
-	}
-	return ""
-}
-
-func (x *FieldDescriptorProto) GetOptions() *FieldOptions {
-	if x != nil {
-		return x.Options
-	}
-	return nil
-}
-
-func (x *FieldDescriptorProto) GetProto3Optional() bool {
-	if x != nil && x.Proto3Optional != nil {
-		return *x.Proto3Optional
-	}
-	return false
-}
-
-// Describes a oneof.
-type OneofDescriptorProto struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Name    *string       `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
-	Options *OneofOptions `protobuf:"bytes,2,opt,name=options" json:"options,omitempty"`
-}
-
-func (x *OneofDescriptorProto) Reset() {
-	*x = OneofDescriptorProto{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[5]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *OneofDescriptorProto) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*OneofDescriptorProto) ProtoMessage() {}
-
-func (x *OneofDescriptorProto) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[5]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use OneofDescriptorProto.ProtoReflect.Descriptor instead.
-func (*OneofDescriptorProto) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{5}
-}
-
-func (x *OneofDescriptorProto) GetName() string {
-	if x != nil && x.Name != nil {
-		return *x.Name
-	}
-	return ""
-}
-
-func (x *OneofDescriptorProto) GetOptions() *OneofOptions {
-	if x != nil {
-		return x.Options
-	}
-	return nil
-}
-
-// Describes an enum type.
-type EnumDescriptorProto struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Name    *string                     `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
-	Value   []*EnumValueDescriptorProto `protobuf:"bytes,2,rep,name=value" json:"value,omitempty"`
-	Options *EnumOptions                `protobuf:"bytes,3,opt,name=options" json:"options,omitempty"`
-	// Range of reserved numeric values. Reserved numeric values may not be used
-	// by enum values in the same enum declaration. Reserved ranges may not
-	// overlap.
-	ReservedRange []*EnumDescriptorProto_EnumReservedRange `protobuf:"bytes,4,rep,name=reserved_range,json=reservedRange" json:"reserved_range,omitempty"`
-	// Reserved enum value names, which may not be reused. A given name may only
-	// be reserved once.
-	ReservedName []string `protobuf:"bytes,5,rep,name=reserved_name,json=reservedName" json:"reserved_name,omitempty"`
-}
-
-func (x *EnumDescriptorProto) Reset() {
-	*x = EnumDescriptorProto{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[6]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *EnumDescriptorProto) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*EnumDescriptorProto) ProtoMessage() {}
-
-func (x *EnumDescriptorProto) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[6]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use EnumDescriptorProto.ProtoReflect.Descriptor instead.
-func (*EnumDescriptorProto) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{6}
-}
-
-func (x *EnumDescriptorProto) GetName() string {
-	if x != nil && x.Name != nil {
-		return *x.Name
-	}
-	return ""
-}
-
-func (x *EnumDescriptorProto) GetValue() []*EnumValueDescriptorProto {
-	if x != nil {
-		return x.Value
-	}
-	return nil
-}
-
-func (x *EnumDescriptorProto) GetOptions() *EnumOptions {
-	if x != nil {
-		return x.Options
-	}
-	return nil
-}
-
-func (x *EnumDescriptorProto) GetReservedRange() []*EnumDescriptorProto_EnumReservedRange {
-	if x != nil {
-		return x.ReservedRange
-	}
-	return nil
-}
-
-func (x *EnumDescriptorProto) GetReservedName() []string {
-	if x != nil {
-		return x.ReservedName
-	}
-	return nil
-}
-
-// Describes a value within an enum.
-type EnumValueDescriptorProto struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Name    *string           `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
-	Number  *int32            `protobuf:"varint,2,opt,name=number" json:"number,omitempty"`
-	Options *EnumValueOptions `protobuf:"bytes,3,opt,name=options" json:"options,omitempty"`
-}
-
-func (x *EnumValueDescriptorProto) Reset() {
-	*x = EnumValueDescriptorProto{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[7]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *EnumValueDescriptorProto) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*EnumValueDescriptorProto) ProtoMessage() {}
-
-func (x *EnumValueDescriptorProto) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[7]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use EnumValueDescriptorProto.ProtoReflect.Descriptor instead.
-func (*EnumValueDescriptorProto) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{7}
-}
-
-func (x *EnumValueDescriptorProto) GetName() string {
-	if x != nil && x.Name != nil {
-		return *x.Name
-	}
-	return ""
-}
-
-func (x *EnumValueDescriptorProto) GetNumber() int32 {
-	if x != nil && x.Number != nil {
-		return *x.Number
-	}
-	return 0
-}
-
-func (x *EnumValueDescriptorProto) GetOptions() *EnumValueOptions {
-	if x != nil {
-		return x.Options
-	}
-	return nil
-}
-
-// Describes a service.
-type ServiceDescriptorProto struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Name    *string                  `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
-	Method  []*MethodDescriptorProto `protobuf:"bytes,2,rep,name=method" json:"method,omitempty"`
-	Options *ServiceOptions          `protobuf:"bytes,3,opt,name=options" json:"options,omitempty"`
-}
-
-func (x *ServiceDescriptorProto) Reset() {
-	*x = ServiceDescriptorProto{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[8]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *ServiceDescriptorProto) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*ServiceDescriptorProto) ProtoMessage() {}
-
-func (x *ServiceDescriptorProto) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[8]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use ServiceDescriptorProto.ProtoReflect.Descriptor instead.
-func (*ServiceDescriptorProto) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{8}
-}
-
-func (x *ServiceDescriptorProto) GetName() string {
-	if x != nil && x.Name != nil {
-		return *x.Name
-	}
-	return ""
-}
-
-func (x *ServiceDescriptorProto) GetMethod() []*MethodDescriptorProto {
-	if x != nil {
-		return x.Method
-	}
-	return nil
-}
-
-func (x *ServiceDescriptorProto) GetOptions() *ServiceOptions {
-	if x != nil {
-		return x.Options
-	}
-	return nil
-}
-
-// Describes a method of a service.
-type MethodDescriptorProto struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Name *string `protobuf:"bytes,1,opt,name=name" json:"name,omitempty"`
-	// Input and output type names.  These are resolved in the same way as
-	// FieldDescriptorProto.type_name, but must refer to a message type.
-	InputType  *string        `protobuf:"bytes,2,opt,name=input_type,json=inputType" json:"input_type,omitempty"`
-	OutputType *string        `protobuf:"bytes,3,opt,name=output_type,json=outputType" json:"output_type,omitempty"`
-	Options    *MethodOptions `protobuf:"bytes,4,opt,name=options" json:"options,omitempty"`
-	// Identifies if client streams multiple client messages
-	ClientStreaming *bool `protobuf:"varint,5,opt,name=client_streaming,json=clientStreaming,def=0" json:"client_streaming,omitempty"`
-	// Identifies if server streams multiple server messages
-	ServerStreaming *bool `protobuf:"varint,6,opt,name=server_streaming,json=serverStreaming,def=0" json:"server_streaming,omitempty"`
-}
-
-// Default values for MethodDescriptorProto fields.
-const (
-	Default_MethodDescriptorProto_ClientStreaming = bool(false)
-	Default_MethodDescriptorProto_ServerStreaming = bool(false)
-)
-
-func (x *MethodDescriptorProto) Reset() {
-	*x = MethodDescriptorProto{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[9]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *MethodDescriptorProto) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*MethodDescriptorProto) ProtoMessage() {}
-
-func (x *MethodDescriptorProto) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[9]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use MethodDescriptorProto.ProtoReflect.Descriptor instead.
-func (*MethodDescriptorProto) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{9}
-}
-
-func (x *MethodDescriptorProto) GetName() string {
-	if x != nil && x.Name != nil {
-		return *x.Name
-	}
-	return ""
-}
-
-func (x *MethodDescriptorProto) GetInputType() string {
-	if x != nil && x.InputType != nil {
-		return *x.InputType
-	}
-	return ""
-}
-
-func (x *MethodDescriptorProto) GetOutputType() string {
-	if x != nil && x.OutputType != nil {
-		return *x.OutputType
-	}
-	return ""
-}
-
-func (x *MethodDescriptorProto) GetOptions() *MethodOptions {
-	if x != nil {
-		return x.Options
-	}
-	return nil
-}
-
-func (x *MethodDescriptorProto) GetClientStreaming() bool {
-	if x != nil && x.ClientStreaming != nil {
-		return *x.ClientStreaming
-	}
-	return Default_MethodDescriptorProto_ClientStreaming
-}
-
-func (x *MethodDescriptorProto) GetServerStreaming() bool {
-	if x != nil && x.ServerStreaming != nil {
-		return *x.ServerStreaming
-	}
-	return Default_MethodDescriptorProto_ServerStreaming
-}
-
-type FileOptions struct {
-	state           protoimpl.MessageState
-	sizeCache       protoimpl.SizeCache
-	unknownFields   protoimpl.UnknownFields
-	extensionFields protoimpl.ExtensionFields
-
-	// Sets the Java package where classes generated from this .proto will be
-	// placed.  By default, the proto package is used, but this is often
-	// inappropriate because proto packages do not normally start with backwards
-	// domain names.
-	JavaPackage *string `protobuf:"bytes,1,opt,name=java_package,json=javaPackage" json:"java_package,omitempty"`
-	// Controls the name of the wrapper Java class generated for the .proto file.
-	// That class will always contain the .proto file's getDescriptor() method as
-	// well as any top-level extensions defined in the .proto file.
-	// If java_multiple_files is disabled, then all the other classes from the
-	// .proto file will be nested inside the single wrapper outer class.
-	JavaOuterClassname *string `protobuf:"bytes,8,opt,name=java_outer_classname,json=javaOuterClassname" json:"java_outer_classname,omitempty"`
-	// If enabled, then the Java code generator will generate a separate .java
-	// file for each top-level message, enum, and service defined in the .proto
-	// file.  Thus, these types will *not* be nested inside the wrapper class
-	// named by java_outer_classname.  However, the wrapper class will still be
-	// generated to contain the file's getDescriptor() method as well as any
-	// top-level extensions defined in the file.
-	JavaMultipleFiles *bool `protobuf:"varint,10,opt,name=java_multiple_files,json=javaMultipleFiles,def=0" json:"java_multiple_files,omitempty"`
-	// This option does nothing.
-	//
-	// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-	JavaGenerateEqualsAndHash *bool `protobuf:"varint,20,opt,name=java_generate_equals_and_hash,json=javaGenerateEqualsAndHash" json:"java_generate_equals_and_hash,omitempty"`
-	// If set true, then the Java2 code generator will generate code that
-	// throws an exception whenever an attempt is made to assign a non-UTF-8
-	// byte sequence to a string field.
-	// Message reflection will do the same.
-	// However, an extension field still accepts non-UTF-8 byte sequences.
-	// This option has no effect on when used with the lite runtime.
-	JavaStringCheckUtf8 *bool                     `protobuf:"varint,27,opt,name=java_string_check_utf8,json=javaStringCheckUtf8,def=0" json:"java_string_check_utf8,omitempty"`
-	OptimizeFor         *FileOptions_OptimizeMode `protobuf:"varint,9,opt,name=optimize_for,json=optimizeFor,enum=google.protobuf.FileOptions_OptimizeMode,def=1" json:"optimize_for,omitempty"`
-	// Sets the Go package where structs generated from this .proto will be
-	// placed. If omitted, the Go package will be derived from the following:
-	//   - The basename of the package import path, if provided.
-	//   - Otherwise, the package statement in the .proto file, if present.
-	//   - Otherwise, the basename of the .proto file, without extension.
-	GoPackage *string `protobuf:"bytes,11,opt,name=go_package,json=goPackage" json:"go_package,omitempty"`
-	// Should generic services be generated in each language?  "Generic" services
-	// are not specific to any particular RPC system.  They are generated by the
-	// main code generators in each language (without additional plugins).
-	// Generic services were the only kind of service generation supported by
-	// early versions of google.protobuf.
-	//
-	// Generic services are now considered deprecated in favor of using plugins
-	// that generate code specific to your particular RPC system.  Therefore,
-	// these default to false.  Old code which depends on generic services should
-	// explicitly set them to true.
-	CcGenericServices   *bool `protobuf:"varint,16,opt,name=cc_generic_services,json=ccGenericServices,def=0" json:"cc_generic_services,omitempty"`
-	JavaGenericServices *bool `protobuf:"varint,17,opt,name=java_generic_services,json=javaGenericServices,def=0" json:"java_generic_services,omitempty"`
-	PyGenericServices   *bool `protobuf:"varint,18,opt,name=py_generic_services,json=pyGenericServices,def=0" json:"py_generic_services,omitempty"`
-	PhpGenericServices  *bool `protobuf:"varint,42,opt,name=php_generic_services,json=phpGenericServices,def=0" json:"php_generic_services,omitempty"`
-	// Is this file deprecated?
-	// Depending on the target platform, this can emit Deprecated annotations
-	// for everything in the file, or it will be completely ignored; in the very
-	// least, this is a formalization for deprecating files.
-	Deprecated *bool `protobuf:"varint,23,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
-	// Enables the use of arenas for the proto messages in this file. This applies
-	// only to generated classes for C++.
-	CcEnableArenas *bool `protobuf:"varint,31,opt,name=cc_enable_arenas,json=ccEnableArenas,def=1" json:"cc_enable_arenas,omitempty"`
-	// Sets the objective c class prefix which is prepended to all objective c
-	// generated classes from this .proto. There is no default.
-	ObjcClassPrefix *string `protobuf:"bytes,36,opt,name=objc_class_prefix,json=objcClassPrefix" json:"objc_class_prefix,omitempty"`
-	// Namespace for generated classes; defaults to the package.
-	CsharpNamespace *string `protobuf:"bytes,37,opt,name=csharp_namespace,json=csharpNamespace" json:"csharp_namespace,omitempty"`
-	// By default Swift generators will take the proto package and CamelCase it
-	// replacing '.' with underscore and use that to prefix the types/symbols
-	// defined. When this options is provided, they will use this value instead
-	// to prefix the types/symbols defined.
-	SwiftPrefix *string `protobuf:"bytes,39,opt,name=swift_prefix,json=swiftPrefix" json:"swift_prefix,omitempty"`
-	// Sets the php class prefix which is prepended to all php generated classes
-	// from this .proto. Default is empty.
-	PhpClassPrefix *string `protobuf:"bytes,40,opt,name=php_class_prefix,json=phpClassPrefix" json:"php_class_prefix,omitempty"`
-	// Use this option to change the namespace of php generated classes. Default
-	// is empty. When this option is empty, the package name will be used for
-	// determining the namespace.
-	PhpNamespace *string `protobuf:"bytes,41,opt,name=php_namespace,json=phpNamespace" json:"php_namespace,omitempty"`
-	// Use this option to change the namespace of php generated metadata classes.
-	// Default is empty. When this option is empty, the proto file name will be
-	// used for determining the namespace.
-	PhpMetadataNamespace *string `protobuf:"bytes,44,opt,name=php_metadata_namespace,json=phpMetadataNamespace" json:"php_metadata_namespace,omitempty"`
-	// Use this option to change the package of ruby generated classes. Default
-	// is empty. When this option is not set, the package name will be used for
-	// determining the ruby package.
-	RubyPackage *string `protobuf:"bytes,45,opt,name=ruby_package,json=rubyPackage" json:"ruby_package,omitempty"`
-	// The parser stores options it doesn't recognize here.
-	// See the documentation for the "Options" section above.
-	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-}
-
-// Default values for FileOptions fields.
-const (
-	Default_FileOptions_JavaMultipleFiles   = bool(false)
-	Default_FileOptions_JavaStringCheckUtf8 = bool(false)
-	Default_FileOptions_OptimizeFor         = FileOptions_SPEED
-	Default_FileOptions_CcGenericServices   = bool(false)
-	Default_FileOptions_JavaGenericServices = bool(false)
-	Default_FileOptions_PyGenericServices   = bool(false)
-	Default_FileOptions_PhpGenericServices  = bool(false)
-	Default_FileOptions_Deprecated          = bool(false)
-	Default_FileOptions_CcEnableArenas      = bool(true)
-)
-
-func (x *FileOptions) Reset() {
-	*x = FileOptions{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[10]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *FileOptions) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*FileOptions) ProtoMessage() {}
-
-func (x *FileOptions) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[10]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use FileOptions.ProtoReflect.Descriptor instead.
-func (*FileOptions) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{10}
-}
-
-func (x *FileOptions) GetJavaPackage() string {
-	if x != nil && x.JavaPackage != nil {
-		return *x.JavaPackage
-	}
-	return ""
-}
-
-func (x *FileOptions) GetJavaOuterClassname() string {
-	if x != nil && x.JavaOuterClassname != nil {
-		return *x.JavaOuterClassname
-	}
-	return ""
-}
-
-func (x *FileOptions) GetJavaMultipleFiles() bool {
-	if x != nil && x.JavaMultipleFiles != nil {
-		return *x.JavaMultipleFiles
-	}
-	return Default_FileOptions_JavaMultipleFiles
-}
-
-// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-func (x *FileOptions) GetJavaGenerateEqualsAndHash() bool {
-	if x != nil && x.JavaGenerateEqualsAndHash != nil {
-		return *x.JavaGenerateEqualsAndHash
-	}
-	return false
-}
-
-func (x *FileOptions) GetJavaStringCheckUtf8() bool {
-	if x != nil && x.JavaStringCheckUtf8 != nil {
-		return *x.JavaStringCheckUtf8
-	}
-	return Default_FileOptions_JavaStringCheckUtf8
-}
-
-func (x *FileOptions) GetOptimizeFor() FileOptions_OptimizeMode {
-	if x != nil && x.OptimizeFor != nil {
-		return *x.OptimizeFor
-	}
-	return Default_FileOptions_OptimizeFor
-}
-
-func (x *FileOptions) GetGoPackage() string {
-	if x != nil && x.GoPackage != nil {
-		return *x.GoPackage
-	}
-	return ""
-}
-
-func (x *FileOptions) GetCcGenericServices() bool {
-	if x != nil && x.CcGenericServices != nil {
-		return *x.CcGenericServices
-	}
-	return Default_FileOptions_CcGenericServices
-}
-
-func (x *FileOptions) GetJavaGenericServices() bool {
-	if x != nil && x.JavaGenericServices != nil {
-		return *x.JavaGenericServices
-	}
-	return Default_FileOptions_JavaGenericServices
-}
-
-func (x *FileOptions) GetPyGenericServices() bool {
-	if x != nil && x.PyGenericServices != nil {
-		return *x.PyGenericServices
-	}
-	return Default_FileOptions_PyGenericServices
-}
-
-func (x *FileOptions) GetPhpGenericServices() bool {
-	if x != nil && x.PhpGenericServices != nil {
-		return *x.PhpGenericServices
-	}
-	return Default_FileOptions_PhpGenericServices
-}
-
-func (x *FileOptions) GetDeprecated() bool {
-	if x != nil && x.Deprecated != nil {
-		return *x.Deprecated
-	}
-	return Default_FileOptions_Deprecated
-}
-
-func (x *FileOptions) GetCcEnableArenas() bool {
-	if x != nil && x.CcEnableArenas != nil {
-		return *x.CcEnableArenas
-	}
-	return Default_FileOptions_CcEnableArenas
-}
-
-func (x *FileOptions) GetObjcClassPrefix() string {
-	if x != nil && x.ObjcClassPrefix != nil {
-		return *x.ObjcClassPrefix
-	}
-	return ""
-}
-
-func (x *FileOptions) GetCsharpNamespace() string {
-	if x != nil && x.CsharpNamespace != nil {
-		return *x.CsharpNamespace
-	}
-	return ""
-}
-
-func (x *FileOptions) GetSwiftPrefix() string {
-	if x != nil && x.SwiftPrefix != nil {
-		return *x.SwiftPrefix
-	}
-	return ""
-}
-
-func (x *FileOptions) GetPhpClassPrefix() string {
-	if x != nil && x.PhpClassPrefix != nil {
-		return *x.PhpClassPrefix
-	}
-	return ""
-}
-
-func (x *FileOptions) GetPhpNamespace() string {
-	if x != nil && x.PhpNamespace != nil {
-		return *x.PhpNamespace
-	}
-	return ""
-}
-
-func (x *FileOptions) GetPhpMetadataNamespace() string {
-	if x != nil && x.PhpMetadataNamespace != nil {
-		return *x.PhpMetadataNamespace
-	}
-	return ""
-}
-
-func (x *FileOptions) GetRubyPackage() string {
-	if x != nil && x.RubyPackage != nil {
-		return *x.RubyPackage
-	}
-	return ""
-}
-
-func (x *FileOptions) GetUninterpretedOption() []*UninterpretedOption {
-	if x != nil {
-		return x.UninterpretedOption
-	}
-	return nil
-}
-
-type MessageOptions struct {
-	state           protoimpl.MessageState
-	sizeCache       protoimpl.SizeCache
-	unknownFields   protoimpl.UnknownFields
-	extensionFields protoimpl.ExtensionFields
-
-	// Set true to use the old proto1 MessageSet wire format for extensions.
-	// This is provided for backwards-compatibility with the MessageSet wire
-	// format.  You should not use this for any other reason:  It's less
-	// efficient, has fewer features, and is more complicated.
-	//
-	// The message must be defined exactly as follows:
-	//
-	//	message Foo {
-	//	  option message_set_wire_format = true;
-	//	  extensions 4 to max;
-	//	}
-	//
-	// Note that the message cannot have any defined fields; MessageSets only
-	// have extensions.
-	//
-	// All extensions of your type must be singular messages; e.g. they cannot
-	// be int32s, enums, or repeated messages.
-	//
-	// Because this is an option, the above two restrictions are not enforced by
-	// the protocol compiler.
-	MessageSetWireFormat *bool `protobuf:"varint,1,opt,name=message_set_wire_format,json=messageSetWireFormat,def=0" json:"message_set_wire_format,omitempty"`
-	// Disables the generation of the standard "descriptor()" accessor, which can
-	// conflict with a field of the same name.  This is meant to make migration
-	// from proto1 easier; new code should avoid fields named "descriptor".
-	NoStandardDescriptorAccessor *bool `protobuf:"varint,2,opt,name=no_standard_descriptor_accessor,json=noStandardDescriptorAccessor,def=0" json:"no_standard_descriptor_accessor,omitempty"`
-	// Is this message deprecated?
-	// Depending on the target platform, this can emit Deprecated annotations
-	// for the message, or it will be completely ignored; in the very least,
-	// this is a formalization for deprecating messages.
-	Deprecated *bool `protobuf:"varint,3,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
-	// NOTE: Do not set the option in .proto files. Always use the maps syntax
-	// instead. The option should only be implicitly set by the proto compiler
-	// parser.
-	//
-	// Whether the message is an automatically generated map entry type for the
-	// maps field.
-	//
-	// For maps fields:
-	//
-	//	map map_field = 1;
-	//
-	// The parsed descriptor looks like:
-	//
-	//	message MapFieldEntry {
-	//	    option map_entry = true;
-	//	    optional KeyType key = 1;
-	//	    optional ValueType value = 2;
-	//	}
-	//	repeated MapFieldEntry map_field = 1;
-	//
-	// Implementations may choose not to generate the map_entry=true message, but
-	// use a native map in the target language to hold the keys and values.
-	// The reflection APIs in such implementations still need to work as
-	// if the field is a repeated message field.
-	MapEntry *bool `protobuf:"varint,7,opt,name=map_entry,json=mapEntry" json:"map_entry,omitempty"`
-	// Enable the legacy handling of JSON field name conflicts.  This lowercases
-	// and strips underscored from the fields before comparison in proto3 only.
-	// The new behavior takes `json_name` into account and applies to proto2 as
-	// well.
-	//
-	// This should only be used as a temporary measure against broken builds due
-	// to the change in behavior for JSON field name conflicts.
-	//
-	// TODO(b/261750190) This is legacy behavior we plan to remove once downstream
-	// teams have had time to migrate.
-	//
-	// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-	DeprecatedLegacyJsonFieldConflicts *bool `protobuf:"varint,11,opt,name=deprecated_legacy_json_field_conflicts,json=deprecatedLegacyJsonFieldConflicts" json:"deprecated_legacy_json_field_conflicts,omitempty"`
-	// The parser stores options it doesn't recognize here. See above.
-	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-}
-
-// Default values for MessageOptions fields.
-const (
-	Default_MessageOptions_MessageSetWireFormat         = bool(false)
-	Default_MessageOptions_NoStandardDescriptorAccessor = bool(false)
-	Default_MessageOptions_Deprecated                   = bool(false)
-)
-
-func (x *MessageOptions) Reset() {
-	*x = MessageOptions{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[11]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *MessageOptions) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*MessageOptions) ProtoMessage() {}
-
-func (x *MessageOptions) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[11]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use MessageOptions.ProtoReflect.Descriptor instead.
-func (*MessageOptions) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{11}
-}
-
-func (x *MessageOptions) GetMessageSetWireFormat() bool {
-	if x != nil && x.MessageSetWireFormat != nil {
-		return *x.MessageSetWireFormat
-	}
-	return Default_MessageOptions_MessageSetWireFormat
-}
-
-func (x *MessageOptions) GetNoStandardDescriptorAccessor() bool {
-	if x != nil && x.NoStandardDescriptorAccessor != nil {
-		return *x.NoStandardDescriptorAccessor
-	}
-	return Default_MessageOptions_NoStandardDescriptorAccessor
-}
-
-func (x *MessageOptions) GetDeprecated() bool {
-	if x != nil && x.Deprecated != nil {
-		return *x.Deprecated
-	}
-	return Default_MessageOptions_Deprecated
-}
-
-func (x *MessageOptions) GetMapEntry() bool {
-	if x != nil && x.MapEntry != nil {
-		return *x.MapEntry
-	}
-	return false
-}
-
-// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-func (x *MessageOptions) GetDeprecatedLegacyJsonFieldConflicts() bool {
-	if x != nil && x.DeprecatedLegacyJsonFieldConflicts != nil {
-		return *x.DeprecatedLegacyJsonFieldConflicts
-	}
-	return false
-}
-
-func (x *MessageOptions) GetUninterpretedOption() []*UninterpretedOption {
-	if x != nil {
-		return x.UninterpretedOption
-	}
-	return nil
-}
-
-type FieldOptions struct {
-	state           protoimpl.MessageState
-	sizeCache       protoimpl.SizeCache
-	unknownFields   protoimpl.UnknownFields
-	extensionFields protoimpl.ExtensionFields
-
-	// The ctype option instructs the C++ code generator to use a different
-	// representation of the field than it normally would.  See the specific
-	// options below.  This option is only implemented to support use of
-	// [ctype=CORD] and [ctype=STRING] (the default) on non-repeated fields of
-	// type "bytes" in the open source release -- sorry, we'll try to include
-	// other types in a future version!
-	Ctype *FieldOptions_CType `protobuf:"varint,1,opt,name=ctype,enum=google.protobuf.FieldOptions_CType,def=0" json:"ctype,omitempty"`
-	// The packed option can be enabled for repeated primitive fields to enable
-	// a more efficient representation on the wire. Rather than repeatedly
-	// writing the tag and type for each element, the entire array is encoded as
-	// a single length-delimited blob. In proto3, only explicit setting it to
-	// false will avoid using packed encoding.
-	Packed *bool `protobuf:"varint,2,opt,name=packed" json:"packed,omitempty"`
-	// The jstype option determines the JavaScript type used for values of the
-	// field.  The option is permitted only for 64 bit integral and fixed types
-	// (int64, uint64, sint64, fixed64, sfixed64).  A field with jstype JS_STRING
-	// is represented as JavaScript string, which avoids loss of precision that
-	// can happen when a large value is converted to a floating point JavaScript.
-	// Specifying JS_NUMBER for the jstype causes the generated JavaScript code to
-	// use the JavaScript "number" type.  The behavior of the default option
-	// JS_NORMAL is implementation dependent.
-	//
-	// This option is an enum to permit additional types to be added, e.g.
-	// goog.math.Integer.
-	Jstype *FieldOptions_JSType `protobuf:"varint,6,opt,name=jstype,enum=google.protobuf.FieldOptions_JSType,def=0" json:"jstype,omitempty"`
-	// Should this field be parsed lazily?  Lazy applies only to message-type
-	// fields.  It means that when the outer message is initially parsed, the
-	// inner message's contents will not be parsed but instead stored in encoded
-	// form.  The inner message will actually be parsed when it is first accessed.
-	//
-	// This is only a hint.  Implementations are free to choose whether to use
-	// eager or lazy parsing regardless of the value of this option.  However,
-	// setting this option true suggests that the protocol author believes that
-	// using lazy parsing on this field is worth the additional bookkeeping
-	// overhead typically needed to implement it.
-	//
-	// This option does not affect the public interface of any generated code;
-	// all method signatures remain the same.  Furthermore, thread-safety of the
-	// interface is not affected by this option; const methods remain safe to
-	// call from multiple threads concurrently, while non-const methods continue
-	// to require exclusive access.
-	//
-	// Note that implementations may choose not to check required fields within
-	// a lazy sub-message.  That is, calling IsInitialized() on the outer message
-	// may return true even if the inner message has missing required fields.
-	// This is necessary because otherwise the inner message would have to be
-	// parsed in order to perform the check, defeating the purpose of lazy
-	// parsing.  An implementation which chooses not to check required fields
-	// must be consistent about it.  That is, for any particular sub-message, the
-	// implementation must either *always* check its required fields, or *never*
-	// check its required fields, regardless of whether or not the message has
-	// been parsed.
-	//
-	// As of May 2022, lazy verifies the contents of the byte stream during
-	// parsing.  An invalid byte stream will cause the overall parsing to fail.
-	Lazy *bool `protobuf:"varint,5,opt,name=lazy,def=0" json:"lazy,omitempty"`
-	// unverified_lazy does no correctness checks on the byte stream. This should
-	// only be used where lazy with verification is prohibitive for performance
-	// reasons.
-	UnverifiedLazy *bool `protobuf:"varint,15,opt,name=unverified_lazy,json=unverifiedLazy,def=0" json:"unverified_lazy,omitempty"`
-	// Is this field deprecated?
-	// Depending on the target platform, this can emit Deprecated annotations
-	// for accessors, or it will be completely ignored; in the very least, this
-	// is a formalization for deprecating fields.
-	Deprecated *bool `protobuf:"varint,3,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
-	// For Google-internal migration only. Do not use.
-	Weak *bool `protobuf:"varint,10,opt,name=weak,def=0" json:"weak,omitempty"`
-	// Indicate that the field value should not be printed out when using debug
-	// formats, e.g. when the field contains sensitive credentials.
-	DebugRedact *bool                         `protobuf:"varint,16,opt,name=debug_redact,json=debugRedact,def=0" json:"debug_redact,omitempty"`
-	Retention   *FieldOptions_OptionRetention `protobuf:"varint,17,opt,name=retention,enum=google.protobuf.FieldOptions_OptionRetention" json:"retention,omitempty"`
-	// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-	Target  *FieldOptions_OptionTargetType  `protobuf:"varint,18,opt,name=target,enum=google.protobuf.FieldOptions_OptionTargetType" json:"target,omitempty"`
-	Targets []FieldOptions_OptionTargetType `protobuf:"varint,19,rep,name=targets,enum=google.protobuf.FieldOptions_OptionTargetType" json:"targets,omitempty"`
-	// The parser stores options it doesn't recognize here. See above.
-	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-}
-
-// Default values for FieldOptions fields.
-const (
-	Default_FieldOptions_Ctype          = FieldOptions_STRING
-	Default_FieldOptions_Jstype         = FieldOptions_JS_NORMAL
-	Default_FieldOptions_Lazy           = bool(false)
-	Default_FieldOptions_UnverifiedLazy = bool(false)
-	Default_FieldOptions_Deprecated     = bool(false)
-	Default_FieldOptions_Weak           = bool(false)
-	Default_FieldOptions_DebugRedact    = bool(false)
-)
-
-func (x *FieldOptions) Reset() {
-	*x = FieldOptions{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[12]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *FieldOptions) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*FieldOptions) ProtoMessage() {}
-
-func (x *FieldOptions) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[12]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use FieldOptions.ProtoReflect.Descriptor instead.
-func (*FieldOptions) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{12}
-}
-
-func (x *FieldOptions) GetCtype() FieldOptions_CType {
-	if x != nil && x.Ctype != nil {
-		return *x.Ctype
-	}
-	return Default_FieldOptions_Ctype
-}
-
-func (x *FieldOptions) GetPacked() bool {
-	if x != nil && x.Packed != nil {
-		return *x.Packed
-	}
-	return false
-}
-
-func (x *FieldOptions) GetJstype() FieldOptions_JSType {
-	if x != nil && x.Jstype != nil {
-		return *x.Jstype
-	}
-	return Default_FieldOptions_Jstype
-}
-
-func (x *FieldOptions) GetLazy() bool {
-	if x != nil && x.Lazy != nil {
-		return *x.Lazy
-	}
-	return Default_FieldOptions_Lazy
-}
-
-func (x *FieldOptions) GetUnverifiedLazy() bool {
-	if x != nil && x.UnverifiedLazy != nil {
-		return *x.UnverifiedLazy
-	}
-	return Default_FieldOptions_UnverifiedLazy
-}
-
-func (x *FieldOptions) GetDeprecated() bool {
-	if x != nil && x.Deprecated != nil {
-		return *x.Deprecated
-	}
-	return Default_FieldOptions_Deprecated
-}
-
-func (x *FieldOptions) GetWeak() bool {
-	if x != nil && x.Weak != nil {
-		return *x.Weak
-	}
-	return Default_FieldOptions_Weak
-}
-
-func (x *FieldOptions) GetDebugRedact() bool {
-	if x != nil && x.DebugRedact != nil {
-		return *x.DebugRedact
-	}
-	return Default_FieldOptions_DebugRedact
-}
-
-func (x *FieldOptions) GetRetention() FieldOptions_OptionRetention {
-	if x != nil && x.Retention != nil {
-		return *x.Retention
-	}
-	return FieldOptions_RETENTION_UNKNOWN
-}
-
-// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-func (x *FieldOptions) GetTarget() FieldOptions_OptionTargetType {
-	if x != nil && x.Target != nil {
-		return *x.Target
-	}
-	return FieldOptions_TARGET_TYPE_UNKNOWN
-}
-
-func (x *FieldOptions) GetTargets() []FieldOptions_OptionTargetType {
-	if x != nil {
-		return x.Targets
-	}
-	return nil
-}
-
-func (x *FieldOptions) GetUninterpretedOption() []*UninterpretedOption {
-	if x != nil {
-		return x.UninterpretedOption
-	}
-	return nil
-}
-
-type OneofOptions struct {
-	state           protoimpl.MessageState
-	sizeCache       protoimpl.SizeCache
-	unknownFields   protoimpl.UnknownFields
-	extensionFields protoimpl.ExtensionFields
-
-	// The parser stores options it doesn't recognize here. See above.
-	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-}
-
-func (x *OneofOptions) Reset() {
-	*x = OneofOptions{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[13]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *OneofOptions) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*OneofOptions) ProtoMessage() {}
-
-func (x *OneofOptions) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[13]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use OneofOptions.ProtoReflect.Descriptor instead.
-func (*OneofOptions) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{13}
-}
-
-func (x *OneofOptions) GetUninterpretedOption() []*UninterpretedOption {
-	if x != nil {
-		return x.UninterpretedOption
-	}
-	return nil
-}
-
-type EnumOptions struct {
-	state           protoimpl.MessageState
-	sizeCache       protoimpl.SizeCache
-	unknownFields   protoimpl.UnknownFields
-	extensionFields protoimpl.ExtensionFields
-
-	// Set this option to true to allow mapping different tag names to the same
-	// value.
-	AllowAlias *bool `protobuf:"varint,2,opt,name=allow_alias,json=allowAlias" json:"allow_alias,omitempty"`
-	// Is this enum deprecated?
-	// Depending on the target platform, this can emit Deprecated annotations
-	// for the enum, or it will be completely ignored; in the very least, this
-	// is a formalization for deprecating enums.
-	Deprecated *bool `protobuf:"varint,3,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
-	// Enable the legacy handling of JSON field name conflicts.  This lowercases
-	// and strips underscored from the fields before comparison in proto3 only.
-	// The new behavior takes `json_name` into account and applies to proto2 as
-	// well.
-	// TODO(b/261750190) Remove this legacy behavior once downstream teams have
-	// had time to migrate.
-	//
-	// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-	DeprecatedLegacyJsonFieldConflicts *bool `protobuf:"varint,6,opt,name=deprecated_legacy_json_field_conflicts,json=deprecatedLegacyJsonFieldConflicts" json:"deprecated_legacy_json_field_conflicts,omitempty"`
-	// The parser stores options it doesn't recognize here. See above.
-	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-}
-
-// Default values for EnumOptions fields.
-const (
-	Default_EnumOptions_Deprecated = bool(false)
-)
-
-func (x *EnumOptions) Reset() {
-	*x = EnumOptions{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[14]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *EnumOptions) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*EnumOptions) ProtoMessage() {}
-
-func (x *EnumOptions) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[14]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use EnumOptions.ProtoReflect.Descriptor instead.
-func (*EnumOptions) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{14}
-}
-
-func (x *EnumOptions) GetAllowAlias() bool {
-	if x != nil && x.AllowAlias != nil {
-		return *x.AllowAlias
-	}
-	return false
-}
-
-func (x *EnumOptions) GetDeprecated() bool {
-	if x != nil && x.Deprecated != nil {
-		return *x.Deprecated
-	}
-	return Default_EnumOptions_Deprecated
-}
-
-// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-func (x *EnumOptions) GetDeprecatedLegacyJsonFieldConflicts() bool {
-	if x != nil && x.DeprecatedLegacyJsonFieldConflicts != nil {
-		return *x.DeprecatedLegacyJsonFieldConflicts
-	}
-	return false
-}
-
-func (x *EnumOptions) GetUninterpretedOption() []*UninterpretedOption {
-	if x != nil {
-		return x.UninterpretedOption
-	}
-	return nil
-}
-
-type EnumValueOptions struct {
-	state           protoimpl.MessageState
-	sizeCache       protoimpl.SizeCache
-	unknownFields   protoimpl.UnknownFields
-	extensionFields protoimpl.ExtensionFields
-
-	// Is this enum value deprecated?
-	// Depending on the target platform, this can emit Deprecated annotations
-	// for the enum value, or it will be completely ignored; in the very least,
-	// this is a formalization for deprecating enum values.
-	Deprecated *bool `protobuf:"varint,1,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
-	// The parser stores options it doesn't recognize here. See above.
-	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-}
-
-// Default values for EnumValueOptions fields.
-const (
-	Default_EnumValueOptions_Deprecated = bool(false)
-)
-
-func (x *EnumValueOptions) Reset() {
-	*x = EnumValueOptions{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[15]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *EnumValueOptions) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*EnumValueOptions) ProtoMessage() {}
-
-func (x *EnumValueOptions) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[15]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use EnumValueOptions.ProtoReflect.Descriptor instead.
-func (*EnumValueOptions) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{15}
-}
-
-func (x *EnumValueOptions) GetDeprecated() bool {
-	if x != nil && x.Deprecated != nil {
-		return *x.Deprecated
-	}
-	return Default_EnumValueOptions_Deprecated
-}
-
-func (x *EnumValueOptions) GetUninterpretedOption() []*UninterpretedOption {
-	if x != nil {
-		return x.UninterpretedOption
-	}
-	return nil
-}
-
-type ServiceOptions struct {
-	state           protoimpl.MessageState
-	sizeCache       protoimpl.SizeCache
-	unknownFields   protoimpl.UnknownFields
-	extensionFields protoimpl.ExtensionFields
-
-	// Is this service deprecated?
-	// Depending on the target platform, this can emit Deprecated annotations
-	// for the service, or it will be completely ignored; in the very least,
-	// this is a formalization for deprecating services.
-	Deprecated *bool `protobuf:"varint,33,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
-	// The parser stores options it doesn't recognize here. See above.
-	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-}
-
-// Default values for ServiceOptions fields.
-const (
-	Default_ServiceOptions_Deprecated = bool(false)
-)
-
-func (x *ServiceOptions) Reset() {
-	*x = ServiceOptions{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[16]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *ServiceOptions) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*ServiceOptions) ProtoMessage() {}
-
-func (x *ServiceOptions) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[16]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use ServiceOptions.ProtoReflect.Descriptor instead.
-func (*ServiceOptions) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{16}
-}
-
-func (x *ServiceOptions) GetDeprecated() bool {
-	if x != nil && x.Deprecated != nil {
-		return *x.Deprecated
-	}
-	return Default_ServiceOptions_Deprecated
-}
-
-func (x *ServiceOptions) GetUninterpretedOption() []*UninterpretedOption {
-	if x != nil {
-		return x.UninterpretedOption
-	}
-	return nil
-}
-
-type MethodOptions struct {
-	state           protoimpl.MessageState
-	sizeCache       protoimpl.SizeCache
-	unknownFields   protoimpl.UnknownFields
-	extensionFields protoimpl.ExtensionFields
-
-	// Is this method deprecated?
-	// Depending on the target platform, this can emit Deprecated annotations
-	// for the method, or it will be completely ignored; in the very least,
-	// this is a formalization for deprecating methods.
-	Deprecated       *bool                           `protobuf:"varint,33,opt,name=deprecated,def=0" json:"deprecated,omitempty"`
-	IdempotencyLevel *MethodOptions_IdempotencyLevel `protobuf:"varint,34,opt,name=idempotency_level,json=idempotencyLevel,enum=google.protobuf.MethodOptions_IdempotencyLevel,def=0" json:"idempotency_level,omitempty"`
-	// The parser stores options it doesn't recognize here. See above.
-	UninterpretedOption []*UninterpretedOption `protobuf:"bytes,999,rep,name=uninterpreted_option,json=uninterpretedOption" json:"uninterpreted_option,omitempty"`
-}
-
-// Default values for MethodOptions fields.
-const (
-	Default_MethodOptions_Deprecated       = bool(false)
-	Default_MethodOptions_IdempotencyLevel = MethodOptions_IDEMPOTENCY_UNKNOWN
-)
-
-func (x *MethodOptions) Reset() {
-	*x = MethodOptions{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[17]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *MethodOptions) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*MethodOptions) ProtoMessage() {}
-
-func (x *MethodOptions) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[17]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use MethodOptions.ProtoReflect.Descriptor instead.
-func (*MethodOptions) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{17}
-}
-
-func (x *MethodOptions) GetDeprecated() bool {
-	if x != nil && x.Deprecated != nil {
-		return *x.Deprecated
-	}
-	return Default_MethodOptions_Deprecated
-}
-
-func (x *MethodOptions) GetIdempotencyLevel() MethodOptions_IdempotencyLevel {
-	if x != nil && x.IdempotencyLevel != nil {
-		return *x.IdempotencyLevel
-	}
-	return Default_MethodOptions_IdempotencyLevel
-}
-
-func (x *MethodOptions) GetUninterpretedOption() []*UninterpretedOption {
-	if x != nil {
-		return x.UninterpretedOption
-	}
-	return nil
-}
-
-// A message representing a option the parser does not recognize. This only
-// appears in options protos created by the compiler::Parser class.
-// DescriptorPool resolves these when building Descriptor objects. Therefore,
-// options protos in descriptor objects (e.g. returned by Descriptor::options(),
-// or produced by Descriptor::CopyTo()) will never have UninterpretedOptions
-// in them.
-type UninterpretedOption struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Name []*UninterpretedOption_NamePart `protobuf:"bytes,2,rep,name=name" json:"name,omitempty"`
-	// The value of the uninterpreted option, in whatever type the tokenizer
-	// identified it as during parsing. Exactly one of these should be set.
-	IdentifierValue  *string  `protobuf:"bytes,3,opt,name=identifier_value,json=identifierValue" json:"identifier_value,omitempty"`
-	PositiveIntValue *uint64  `protobuf:"varint,4,opt,name=positive_int_value,json=positiveIntValue" json:"positive_int_value,omitempty"`
-	NegativeIntValue *int64   `protobuf:"varint,5,opt,name=negative_int_value,json=negativeIntValue" json:"negative_int_value,omitempty"`
-	DoubleValue      *float64 `protobuf:"fixed64,6,opt,name=double_value,json=doubleValue" json:"double_value,omitempty"`
-	StringValue      []byte   `protobuf:"bytes,7,opt,name=string_value,json=stringValue" json:"string_value,omitempty"`
-	AggregateValue   *string  `protobuf:"bytes,8,opt,name=aggregate_value,json=aggregateValue" json:"aggregate_value,omitempty"`
-}
-
-func (x *UninterpretedOption) Reset() {
-	*x = UninterpretedOption{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[18]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *UninterpretedOption) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*UninterpretedOption) ProtoMessage() {}
-
-func (x *UninterpretedOption) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[18]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use UninterpretedOption.ProtoReflect.Descriptor instead.
-func (*UninterpretedOption) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{18}
-}
-
-func (x *UninterpretedOption) GetName() []*UninterpretedOption_NamePart {
-	if x != nil {
-		return x.Name
-	}
-	return nil
-}
-
-func (x *UninterpretedOption) GetIdentifierValue() string {
-	if x != nil && x.IdentifierValue != nil {
-		return *x.IdentifierValue
-	}
-	return ""
-}
-
-func (x *UninterpretedOption) GetPositiveIntValue() uint64 {
-	if x != nil && x.PositiveIntValue != nil {
-		return *x.PositiveIntValue
-	}
-	return 0
-}
-
-func (x *UninterpretedOption) GetNegativeIntValue() int64 {
-	if x != nil && x.NegativeIntValue != nil {
-		return *x.NegativeIntValue
-	}
-	return 0
-}
-
-func (x *UninterpretedOption) GetDoubleValue() float64 {
-	if x != nil && x.DoubleValue != nil {
-		return *x.DoubleValue
-	}
-	return 0
-}
-
-func (x *UninterpretedOption) GetStringValue() []byte {
-	if x != nil {
-		return x.StringValue
-	}
-	return nil
-}
-
-func (x *UninterpretedOption) GetAggregateValue() string {
-	if x != nil && x.AggregateValue != nil {
-		return *x.AggregateValue
-	}
-	return ""
-}
-
-// Encapsulates information about the original source file from which a
-// FileDescriptorProto was generated.
-type SourceCodeInfo struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	// A Location identifies a piece of source code in a .proto file which
-	// corresponds to a particular definition.  This information is intended
-	// to be useful to IDEs, code indexers, documentation generators, and similar
-	// tools.
-	//
-	// For example, say we have a file like:
-	//
-	//	message Foo {
-	//	  optional string foo = 1;
-	//	}
-	//
-	// Let's look at just the field definition:
-	//
-	//	optional string foo = 1;
-	//	^       ^^     ^^  ^  ^^^
-	//	a       bc     de  f  ghi
-	//
-	// We have the following locations:
-	//
-	//	span   path               represents
-	//	[a,i)  [ 4, 0, 2, 0 ]     The whole field definition.
-	//	[a,b)  [ 4, 0, 2, 0, 4 ]  The label (optional).
-	//	[c,d)  [ 4, 0, 2, 0, 5 ]  The type (string).
-	//	[e,f)  [ 4, 0, 2, 0, 1 ]  The name (foo).
-	//	[g,h)  [ 4, 0, 2, 0, 3 ]  The number (1).
-	//
-	// Notes:
-	//   - A location may refer to a repeated field itself (i.e. not to any
-	//     particular index within it).  This is used whenever a set of elements are
-	//     logically enclosed in a single code segment.  For example, an entire
-	//     extend block (possibly containing multiple extension definitions) will
-	//     have an outer location whose path refers to the "extensions" repeated
-	//     field without an index.
-	//   - Multiple locations may have the same path.  This happens when a single
-	//     logical declaration is spread out across multiple places.  The most
-	//     obvious example is the "extend" block again -- there may be multiple
-	//     extend blocks in the same scope, each of which will have the same path.
-	//   - A location's span is not always a subset of its parent's span.  For
-	//     example, the "extendee" of an extension declaration appears at the
-	//     beginning of the "extend" block and is shared by all extensions within
-	//     the block.
-	//   - Just because a location's span is a subset of some other location's span
-	//     does not mean that it is a descendant.  For example, a "group" defines
-	//     both a type and a field in a single declaration.  Thus, the locations
-	//     corresponding to the type and field and their components will overlap.
-	//   - Code which tries to interpret locations should probably be designed to
-	//     ignore those that it doesn't understand, as more types of locations could
-	//     be recorded in the future.
-	Location []*SourceCodeInfo_Location `protobuf:"bytes,1,rep,name=location" json:"location,omitempty"`
-}
-
-func (x *SourceCodeInfo) Reset() {
-	*x = SourceCodeInfo{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[19]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *SourceCodeInfo) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*SourceCodeInfo) ProtoMessage() {}
-
-func (x *SourceCodeInfo) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[19]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use SourceCodeInfo.ProtoReflect.Descriptor instead.
-func (*SourceCodeInfo) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{19}
-}
-
-func (x *SourceCodeInfo) GetLocation() []*SourceCodeInfo_Location {
-	if x != nil {
-		return x.Location
-	}
-	return nil
-}
-
-// Describes the relationship between generated code and its original source
-// file. A GeneratedCodeInfo message is associated with only one generated
-// source file, but may contain references to different source .proto files.
-type GeneratedCodeInfo struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	// An Annotation connects some span of text in generated code to an element
-	// of its generating .proto file.
-	Annotation []*GeneratedCodeInfo_Annotation `protobuf:"bytes,1,rep,name=annotation" json:"annotation,omitempty"`
-}
-
-func (x *GeneratedCodeInfo) Reset() {
-	*x = GeneratedCodeInfo{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[20]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *GeneratedCodeInfo) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*GeneratedCodeInfo) ProtoMessage() {}
-
-func (x *GeneratedCodeInfo) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[20]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use GeneratedCodeInfo.ProtoReflect.Descriptor instead.
-func (*GeneratedCodeInfo) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{20}
-}
-
-func (x *GeneratedCodeInfo) GetAnnotation() []*GeneratedCodeInfo_Annotation {
-	if x != nil {
-		return x.Annotation
-	}
-	return nil
-}
-
-type DescriptorProto_ExtensionRange struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Start   *int32                 `protobuf:"varint,1,opt,name=start" json:"start,omitempty"` // Inclusive.
-	End     *int32                 `protobuf:"varint,2,opt,name=end" json:"end,omitempty"`     // Exclusive.
-	Options *ExtensionRangeOptions `protobuf:"bytes,3,opt,name=options" json:"options,omitempty"`
-}
-
-func (x *DescriptorProto_ExtensionRange) Reset() {
-	*x = DescriptorProto_ExtensionRange{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[21]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *DescriptorProto_ExtensionRange) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*DescriptorProto_ExtensionRange) ProtoMessage() {}
-
-func (x *DescriptorProto_ExtensionRange) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[21]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use DescriptorProto_ExtensionRange.ProtoReflect.Descriptor instead.
-func (*DescriptorProto_ExtensionRange) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{2, 0}
-}
-
-func (x *DescriptorProto_ExtensionRange) GetStart() int32 {
-	if x != nil && x.Start != nil {
-		return *x.Start
-	}
-	return 0
-}
-
-func (x *DescriptorProto_ExtensionRange) GetEnd() int32 {
-	if x != nil && x.End != nil {
-		return *x.End
-	}
-	return 0
-}
-
-func (x *DescriptorProto_ExtensionRange) GetOptions() *ExtensionRangeOptions {
-	if x != nil {
-		return x.Options
-	}
-	return nil
-}
-
-// Range of reserved tag numbers. Reserved tag numbers may not be used by
-// fields or extension ranges in the same message. Reserved ranges may
-// not overlap.
-type DescriptorProto_ReservedRange struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Start *int32 `protobuf:"varint,1,opt,name=start" json:"start,omitempty"` // Inclusive.
-	End   *int32 `protobuf:"varint,2,opt,name=end" json:"end,omitempty"`     // Exclusive.
-}
-
-func (x *DescriptorProto_ReservedRange) Reset() {
-	*x = DescriptorProto_ReservedRange{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[22]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *DescriptorProto_ReservedRange) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*DescriptorProto_ReservedRange) ProtoMessage() {}
-
-func (x *DescriptorProto_ReservedRange) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[22]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use DescriptorProto_ReservedRange.ProtoReflect.Descriptor instead.
-func (*DescriptorProto_ReservedRange) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{2, 1}
-}
-
-func (x *DescriptorProto_ReservedRange) GetStart() int32 {
-	if x != nil && x.Start != nil {
-		return *x.Start
-	}
-	return 0
-}
-
-func (x *DescriptorProto_ReservedRange) GetEnd() int32 {
-	if x != nil && x.End != nil {
-		return *x.End
-	}
-	return 0
-}
-
-type ExtensionRangeOptions_Declaration struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	// The extension number declared within the extension range.
-	Number *int32 `protobuf:"varint,1,opt,name=number" json:"number,omitempty"`
-	// The fully-qualified name of the extension field. There must be a leading
-	// dot in front of the full name.
-	FullName *string `protobuf:"bytes,2,opt,name=full_name,json=fullName" json:"full_name,omitempty"`
-	// The fully-qualified type name of the extension field. Unlike
-	// Metadata.type, Declaration.type must have a leading dot for messages
-	// and enums.
-	Type *string `protobuf:"bytes,3,opt,name=type" json:"type,omitempty"`
-	// Deprecated. Please use "repeated".
-	//
-	// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-	IsRepeated *bool `protobuf:"varint,4,opt,name=is_repeated,json=isRepeated" json:"is_repeated,omitempty"`
-	// If true, indicates that the number is reserved in the extension range,
-	// and any extension field with the number will fail to compile. Set this
-	// when a declared extension field is deleted.
-	Reserved *bool `protobuf:"varint,5,opt,name=reserved" json:"reserved,omitempty"`
-	// If true, indicates that the extension must be defined as repeated.
-	// Otherwise the extension must be defined as optional.
-	Repeated *bool `protobuf:"varint,6,opt,name=repeated" json:"repeated,omitempty"`
-}
-
-func (x *ExtensionRangeOptions_Declaration) Reset() {
-	*x = ExtensionRangeOptions_Declaration{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[23]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *ExtensionRangeOptions_Declaration) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*ExtensionRangeOptions_Declaration) ProtoMessage() {}
-
-func (x *ExtensionRangeOptions_Declaration) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[23]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use ExtensionRangeOptions_Declaration.ProtoReflect.Descriptor instead.
-func (*ExtensionRangeOptions_Declaration) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{3, 0}
-}
-
-func (x *ExtensionRangeOptions_Declaration) GetNumber() int32 {
-	if x != nil && x.Number != nil {
-		return *x.Number
-	}
-	return 0
-}
-
-func (x *ExtensionRangeOptions_Declaration) GetFullName() string {
-	if x != nil && x.FullName != nil {
-		return *x.FullName
-	}
-	return ""
-}
-
-func (x *ExtensionRangeOptions_Declaration) GetType() string {
-	if x != nil && x.Type != nil {
-		return *x.Type
-	}
-	return ""
-}
-
-// Deprecated: Marked as deprecated in google/protobuf/descriptor.proto.
-func (x *ExtensionRangeOptions_Declaration) GetIsRepeated() bool {
-	if x != nil && x.IsRepeated != nil {
-		return *x.IsRepeated
-	}
-	return false
-}
-
-func (x *ExtensionRangeOptions_Declaration) GetReserved() bool {
-	if x != nil && x.Reserved != nil {
-		return *x.Reserved
-	}
-	return false
-}
-
-func (x *ExtensionRangeOptions_Declaration) GetRepeated() bool {
-	if x != nil && x.Repeated != nil {
-		return *x.Repeated
-	}
-	return false
-}
-
-// Range of reserved numeric values. Reserved values may not be used by
-// entries in the same enum. Reserved ranges may not overlap.
-//
-// Note that this is distinct from DescriptorProto.ReservedRange in that it
-// is inclusive such that it can appropriately represent the entire int32
-// domain.
-type EnumDescriptorProto_EnumReservedRange struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	Start *int32 `protobuf:"varint,1,opt,name=start" json:"start,omitempty"` // Inclusive.
-	End   *int32 `protobuf:"varint,2,opt,name=end" json:"end,omitempty"`     // Inclusive.
-}
-
-func (x *EnumDescriptorProto_EnumReservedRange) Reset() {
-	*x = EnumDescriptorProto_EnumReservedRange{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[24]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *EnumDescriptorProto_EnumReservedRange) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*EnumDescriptorProto_EnumReservedRange) ProtoMessage() {}
-
-func (x *EnumDescriptorProto_EnumReservedRange) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[24]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use EnumDescriptorProto_EnumReservedRange.ProtoReflect.Descriptor instead.
-func (*EnumDescriptorProto_EnumReservedRange) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{6, 0}
-}
-
-func (x *EnumDescriptorProto_EnumReservedRange) GetStart() int32 {
-	if x != nil && x.Start != nil {
-		return *x.Start
-	}
-	return 0
-}
-
-func (x *EnumDescriptorProto_EnumReservedRange) GetEnd() int32 {
-	if x != nil && x.End != nil {
-		return *x.End
-	}
-	return 0
-}
-
-// The name of the uninterpreted option.  Each string represents a segment in
-// a dot-separated name.  is_extension is true iff a segment represents an
-// extension (denoted with parentheses in options specs in .proto files).
-// E.g.,{ ["foo", false], ["bar.baz", true], ["moo", false] } represents
-// "foo.(bar.baz).moo".
-type UninterpretedOption_NamePart struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	NamePart    *string `protobuf:"bytes,1,req,name=name_part,json=namePart" json:"name_part,omitempty"`
-	IsExtension *bool   `protobuf:"varint,2,req,name=is_extension,json=isExtension" json:"is_extension,omitempty"`
-}
-
-func (x *UninterpretedOption_NamePart) Reset() {
-	*x = UninterpretedOption_NamePart{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[25]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *UninterpretedOption_NamePart) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*UninterpretedOption_NamePart) ProtoMessage() {}
-
-func (x *UninterpretedOption_NamePart) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[25]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use UninterpretedOption_NamePart.ProtoReflect.Descriptor instead.
-func (*UninterpretedOption_NamePart) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{18, 0}
-}
-
-func (x *UninterpretedOption_NamePart) GetNamePart() string {
-	if x != nil && x.NamePart != nil {
-		return *x.NamePart
-	}
-	return ""
-}
-
-func (x *UninterpretedOption_NamePart) GetIsExtension() bool {
-	if x != nil && x.IsExtension != nil {
-		return *x.IsExtension
-	}
-	return false
-}
-
-type SourceCodeInfo_Location struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	// Identifies which part of the FileDescriptorProto was defined at this
-	// location.
-	//
-	// Each element is a field number or an index.  They form a path from
-	// the root FileDescriptorProto to the place where the definition occurs.
-	// For example, this path:
-	//
-	//	[ 4, 3, 2, 7, 1 ]
-	//
-	// refers to:
-	//
-	//	file.message_type(3)  // 4, 3
-	//	    .field(7)         // 2, 7
-	//	    .name()           // 1
-	//
-	// This is because FileDescriptorProto.message_type has field number 4:
-	//
-	//	repeated DescriptorProto message_type = 4;
-	//
-	// and DescriptorProto.field has field number 2:
-	//
-	//	repeated FieldDescriptorProto field = 2;
-	//
-	// and FieldDescriptorProto.name has field number 1:
-	//
-	//	optional string name = 1;
-	//
-	// Thus, the above path gives the location of a field name.  If we removed
-	// the last element:
-	//
-	//	[ 4, 3, 2, 7 ]
-	//
-	// this path refers to the whole field declaration (from the beginning
-	// of the label to the terminating semicolon).
-	Path []int32 `protobuf:"varint,1,rep,packed,name=path" json:"path,omitempty"`
-	// Always has exactly three or four elements: start line, start column,
-	// end line (optional, otherwise assumed same as start line), end column.
-	// These are packed into a single field for efficiency.  Note that line
-	// and column numbers are zero-based -- typically you will want to add
-	// 1 to each before displaying to a user.
-	Span []int32 `protobuf:"varint,2,rep,packed,name=span" json:"span,omitempty"`
-	// If this SourceCodeInfo represents a complete declaration, these are any
-	// comments appearing before and after the declaration which appear to be
-	// attached to the declaration.
-	//
-	// A series of line comments appearing on consecutive lines, with no other
-	// tokens appearing on those lines, will be treated as a single comment.
-	//
-	// leading_detached_comments will keep paragraphs of comments that appear
-	// before (but not connected to) the current element. Each paragraph,
-	// separated by empty lines, will be one comment element in the repeated
-	// field.
-	//
-	// Only the comment content is provided; comment markers (e.g. //) are
-	// stripped out.  For block comments, leading whitespace and an asterisk
-	// will be stripped from the beginning of each line other than the first.
-	// Newlines are included in the output.
-	//
-	// Examples:
-	//
-	//	optional int32 foo = 1;  // Comment attached to foo.
-	//	// Comment attached to bar.
-	//	optional int32 bar = 2;
-	//
-	//	optional string baz = 3;
-	//	// Comment attached to baz.
-	//	// Another line attached to baz.
-	//
-	//	// Comment attached to moo.
-	//	//
-	//	// Another line attached to moo.
-	//	optional double moo = 4;
-	//
-	//	// Detached comment for corge. This is not leading or trailing comments
-	//	// to moo or corge because there are blank lines separating it from
-	//	// both.
-	//
-	//	// Detached comment for corge paragraph 2.
-	//
-	//	optional string corge = 5;
-	//	/* Block comment attached
-	//	 * to corge.  Leading asterisks
-	//	 * will be removed. */
-	//	/* Block comment attached to
-	//	 * grault. */
-	//	optional int32 grault = 6;
-	//
-	//	// ignored detached comments.
-	LeadingComments         *string  `protobuf:"bytes,3,opt,name=leading_comments,json=leadingComments" json:"leading_comments,omitempty"`
-	TrailingComments        *string  `protobuf:"bytes,4,opt,name=trailing_comments,json=trailingComments" json:"trailing_comments,omitempty"`
-	LeadingDetachedComments []string `protobuf:"bytes,6,rep,name=leading_detached_comments,json=leadingDetachedComments" json:"leading_detached_comments,omitempty"`
-}
-
-func (x *SourceCodeInfo_Location) Reset() {
-	*x = SourceCodeInfo_Location{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[26]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *SourceCodeInfo_Location) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*SourceCodeInfo_Location) ProtoMessage() {}
-
-func (x *SourceCodeInfo_Location) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[26]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use SourceCodeInfo_Location.ProtoReflect.Descriptor instead.
-func (*SourceCodeInfo_Location) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{19, 0}
-}
-
-func (x *SourceCodeInfo_Location) GetPath() []int32 {
-	if x != nil {
-		return x.Path
-	}
-	return nil
-}
-
-func (x *SourceCodeInfo_Location) GetSpan() []int32 {
-	if x != nil {
-		return x.Span
-	}
-	return nil
-}
-
-func (x *SourceCodeInfo_Location) GetLeadingComments() string {
-	if x != nil && x.LeadingComments != nil {
-		return *x.LeadingComments
-	}
-	return ""
-}
-
-func (x *SourceCodeInfo_Location) GetTrailingComments() string {
-	if x != nil && x.TrailingComments != nil {
-		return *x.TrailingComments
-	}
-	return ""
-}
-
-func (x *SourceCodeInfo_Location) GetLeadingDetachedComments() []string {
-	if x != nil {
-		return x.LeadingDetachedComments
-	}
-	return nil
-}
-
-type GeneratedCodeInfo_Annotation struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
-	// Identifies the element in the original source .proto file. This field
-	// is formatted the same as SourceCodeInfo.Location.path.
-	Path []int32 `protobuf:"varint,1,rep,packed,name=path" json:"path,omitempty"`
-	// Identifies the filesystem path to the original source .proto.
-	SourceFile *string `protobuf:"bytes,2,opt,name=source_file,json=sourceFile" json:"source_file,omitempty"`
-	// Identifies the starting offset in bytes in the generated code
-	// that relates to the identified object.
-	Begin *int32 `protobuf:"varint,3,opt,name=begin" json:"begin,omitempty"`
-	// Identifies the ending offset in bytes in the generated code that
-	// relates to the identified object. The end offset should be one past
-	// the last relevant byte (so the length of the text = end - begin).
-	End      *int32                                 `protobuf:"varint,4,opt,name=end" json:"end,omitempty"`
-	Semantic *GeneratedCodeInfo_Annotation_Semantic `protobuf:"varint,5,opt,name=semantic,enum=google.protobuf.GeneratedCodeInfo_Annotation_Semantic" json:"semantic,omitempty"`
-}
-
-func (x *GeneratedCodeInfo_Annotation) Reset() {
-	*x = GeneratedCodeInfo_Annotation{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_descriptor_proto_msgTypes[27]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
-}
-
-func (x *GeneratedCodeInfo_Annotation) String() string {
-	return protoimpl.X.MessageStringOf(x)
-}
-
-func (*GeneratedCodeInfo_Annotation) ProtoMessage() {}
-
-func (x *GeneratedCodeInfo_Annotation) ProtoReflect() protoreflect.Message {
-	mi := &file_google_protobuf_descriptor_proto_msgTypes[27]
-	if protoimpl.UnsafeEnabled && x != nil {
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		if ms.LoadMessageInfo() == nil {
-			ms.StoreMessageInfo(mi)
-		}
-		return ms
-	}
-	return mi.MessageOf(x)
-}
-
-// Deprecated: Use GeneratedCodeInfo_Annotation.ProtoReflect.Descriptor instead.
-func (*GeneratedCodeInfo_Annotation) Descriptor() ([]byte, []int) {
-	return file_google_protobuf_descriptor_proto_rawDescGZIP(), []int{20, 0}
-}
-
-func (x *GeneratedCodeInfo_Annotation) GetPath() []int32 {
-	if x != nil {
-		return x.Path
-	}
-	return nil
-}
-
-func (x *GeneratedCodeInfo_Annotation) GetSourceFile() string {
-	if x != nil && x.SourceFile != nil {
-		return *x.SourceFile
-	}
-	return ""
-}
-
-func (x *GeneratedCodeInfo_Annotation) GetBegin() int32 {
-	if x != nil && x.Begin != nil {
-		return *x.Begin
-	}
-	return 0
-}
-
-func (x *GeneratedCodeInfo_Annotation) GetEnd() int32 {
-	if x != nil && x.End != nil {
-		return *x.End
-	}
-	return 0
-}
-
-func (x *GeneratedCodeInfo_Annotation) GetSemantic() GeneratedCodeInfo_Annotation_Semantic {
-	if x != nil && x.Semantic != nil {
-		return *x.Semantic
-	}
-	return GeneratedCodeInfo_Annotation_NONE
-}
-
-var File_google_protobuf_descriptor_proto protoreflect.FileDescriptor
-
-var file_google_protobuf_descriptor_proto_rawDesc = []byte{
-	0x0a, 0x20, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2f, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x12, 0x0f, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x22, 0x4d, 0x0a, 0x11, 0x46, 0x69, 0x6c, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72,
-	0x69, 0x70, 0x74, 0x6f, 0x72, 0x53, 0x65, 0x74, 0x12, 0x38, 0x0a, 0x04, 0x66, 0x69, 0x6c, 0x65,
-	0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x6c, 0x65, 0x44, 0x65, 0x73,
-	0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x04, 0x66, 0x69,
-	0x6c, 0x65, 0x22, 0xfe, 0x04, 0x0a, 0x13, 0x46, 0x69, 0x6c, 0x65, 0x44, 0x65, 0x73, 0x63, 0x72,
-	0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x18,
-	0x0a, 0x07, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x07, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x1e, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x65,
-	0x6e, 0x64, 0x65, 0x6e, 0x63, 0x79, 0x18, 0x03, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0a, 0x64, 0x65,
-	0x70, 0x65, 0x6e, 0x64, 0x65, 0x6e, 0x63, 0x79, 0x12, 0x2b, 0x0a, 0x11, 0x70, 0x75, 0x62, 0x6c,
-	0x69, 0x63, 0x5f, 0x64, 0x65, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x6e, 0x63, 0x79, 0x18, 0x0a, 0x20,
-	0x03, 0x28, 0x05, 0x52, 0x10, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x44, 0x65, 0x70, 0x65, 0x6e,
-	0x64, 0x65, 0x6e, 0x63, 0x79, 0x12, 0x27, 0x0a, 0x0f, 0x77, 0x65, 0x61, 0x6b, 0x5f, 0x64, 0x65,
-	0x70, 0x65, 0x6e, 0x64, 0x65, 0x6e, 0x63, 0x79, 0x18, 0x0b, 0x20, 0x03, 0x28, 0x05, 0x52, 0x0e,
-	0x77, 0x65, 0x61, 0x6b, 0x44, 0x65, 0x70, 0x65, 0x6e, 0x64, 0x65, 0x6e, 0x63, 0x79, 0x12, 0x43,
-	0x0a, 0x0c, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x04,
-	0x20, 0x03, 0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f,
-	0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x0b, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x54,
-	0x79, 0x70, 0x65, 0x12, 0x41, 0x0a, 0x09, 0x65, 0x6e, 0x75, 0x6d, 0x5f, 0x74, 0x79, 0x70, 0x65,
-	0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x44, 0x65, 0x73,
-	0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x08, 0x65, 0x6e,
-	0x75, 0x6d, 0x54, 0x79, 0x70, 0x65, 0x12, 0x41, 0x0a, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
-	0x65, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x27, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
-	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
-	0x65, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f,
-	0x52, 0x07, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x43, 0x0a, 0x09, 0x65, 0x78, 0x74,
-	0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46,
-	0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72,
-	0x6f, 0x74, 0x6f, 0x52, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x36,
-	0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x0b, 0x32,
-	0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2e, 0x46, 0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x49, 0x0a, 0x10, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65,
-	0x5f, 0x63, 0x6f, 0x64, 0x65, 0x5f, 0x69, 0x6e, 0x66, 0x6f, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
-	0x75, 0x66, 0x2e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66,
-	0x6f, 0x52, 0x0e, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66,
-	0x6f, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x79, 0x6e, 0x74, 0x61, 0x78, 0x18, 0x0c, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x06, 0x73, 0x79, 0x6e, 0x74, 0x61, 0x78, 0x12, 0x18, 0x0a, 0x07, 0x65, 0x64, 0x69,
-	0x74, 0x69, 0x6f, 0x6e, 0x18, 0x0d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x07, 0x65, 0x64, 0x69, 0x74,
-	0x69, 0x6f, 0x6e, 0x22, 0xb9, 0x06, 0x0a, 0x0f, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74,
-	0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3b, 0x0a, 0x05, 0x66,
-	0x69, 0x65, 0x6c, 0x64, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65,
-	0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74,
-	0x6f, 0x52, 0x05, 0x66, 0x69, 0x65, 0x6c, 0x64, 0x12, 0x43, 0x0a, 0x09, 0x65, 0x78, 0x74, 0x65,
-	0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x18, 0x06, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x25, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69,
-	0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f,
-	0x74, 0x6f, 0x52, 0x09, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x41, 0x0a,
-	0x0b, 0x6e, 0x65, 0x73, 0x74, 0x65, 0x64, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x03,
-	0x28, 0x0b, 0x32, 0x20, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50,
-	0x72, 0x6f, 0x74, 0x6f, 0x52, 0x0a, 0x6e, 0x65, 0x73, 0x74, 0x65, 0x64, 0x54, 0x79, 0x70, 0x65,
-	0x12, 0x41, 0x0a, 0x09, 0x65, 0x6e, 0x75, 0x6d, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x04, 0x20,
-	0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69,
-	0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x08, 0x65, 0x6e, 0x75, 0x6d, 0x54,
-	0x79, 0x70, 0x65, 0x12, 0x58, 0x0a, 0x0f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
-	0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18, 0x05, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2f, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44,
-	0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x45,
-	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0e, 0x65,
-	0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x44, 0x0a,
-	0x0a, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x5f, 0x64, 0x65, 0x63, 0x6c, 0x18, 0x08, 0x20, 0x03, 0x28,
-	0x0b, 0x32, 0x25, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f,
-	0x62, 0x75, 0x66, 0x2e, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
-	0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x09, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x44,
-	0x65, 0x63, 0x6c, 0x12, 0x39, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x07,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70,
-	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x55,
-	0x0a, 0x0e, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65,
-	0x18, 0x09, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
-	0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65,
-	0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0d, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64,
-	0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65,
-	0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x0a, 0x20, 0x03, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65,
-	0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x4e, 0x61, 0x6d, 0x65, 0x1a, 0x7a, 0x0a, 0x0e, 0x45, 0x78,
-	0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05,
-	0x73, 0x74, 0x61, 0x72, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61,
-	0x72, 0x74, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52,
-	0x03, 0x65, 0x6e, 0x64, 0x12, 0x40, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18,
-	0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
-	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
-	0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x1a, 0x37, 0x0a, 0x0d, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76,
-	0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a,
-	0x03, 0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22,
-	0xad, 0x04, 0x0a, 0x15, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e,
-	0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69,
-	0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74,
-	0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13,
-	0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x12, 0x59, 0x0a, 0x0b, 0x64, 0x65, 0x63, 0x6c, 0x61, 0x72, 0x61, 0x74, 0x69,
-	0x6f, 0x6e, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x32, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e,
-	0x73, 0x69, 0x6f, 0x6e, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
-	0x2e, 0x44, 0x65, 0x63, 0x6c, 0x61, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x42, 0x03, 0x88, 0x01,
-	0x02, 0x52, 0x0b, 0x64, 0x65, 0x63, 0x6c, 0x61, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x68,
-	0x0a, 0x0c, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03,
-	0x20, 0x01, 0x28, 0x0e, 0x32, 0x38, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f, 0x6e,
-	0x52, 0x61, 0x6e, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x56, 0x65, 0x72,
-	0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74, 0x61, 0x74, 0x65, 0x3a, 0x0a,
-	0x55, 0x4e, 0x56, 0x45, 0x52, 0x49, 0x46, 0x49, 0x45, 0x44, 0x52, 0x0c, 0x76, 0x65, 0x72, 0x69,
-	0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0xb3, 0x01, 0x0a, 0x0b, 0x44, 0x65, 0x63,
-	0x6c, 0x61, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x06, 0x6e, 0x75, 0x6d, 0x62,
-	0x65, 0x72, 0x18, 0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72,
-	0x12, 0x1b, 0x0a, 0x09, 0x66, 0x75, 0x6c, 0x6c, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x09, 0x52, 0x08, 0x66, 0x75, 0x6c, 0x6c, 0x4e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a,
-	0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x74, 0x79, 0x70,
-	0x65, 0x12, 0x23, 0x0a, 0x0b, 0x69, 0x73, 0x5f, 0x72, 0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64,
-	0x18, 0x04, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x0a, 0x69, 0x73, 0x52, 0x65,
-	0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76,
-	0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76,
-	0x65, 0x64, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x18, 0x06,
-	0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x72, 0x65, 0x70, 0x65, 0x61, 0x74, 0x65, 0x64, 0x22, 0x34,
-	0x0a, 0x11, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x74,
-	0x61, 0x74, 0x65, 0x12, 0x0f, 0x0a, 0x0b, 0x44, 0x45, 0x43, 0x4c, 0x41, 0x52, 0x41, 0x54, 0x49,
-	0x4f, 0x4e, 0x10, 0x00, 0x12, 0x0e, 0x0a, 0x0a, 0x55, 0x4e, 0x56, 0x45, 0x52, 0x49, 0x46, 0x49,
-	0x45, 0x44, 0x10, 0x01, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x22,
-	0xc1, 0x06, 0x0a, 0x14, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
-	0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x16, 0x0a, 0x06,
-	0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x06, 0x6e, 0x75,
-	0x6d, 0x62, 0x65, 0x72, 0x12, 0x41, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x04, 0x20,
-	0x01, 0x28, 0x0e, 0x32, 0x2b, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72,
-	0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c,
-	0x52, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x3e, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18,
-	0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2a, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
-	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x44, 0x65, 0x73,
-	0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x54, 0x79, 0x70,
-	0x65, 0x52, 0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x1b, 0x0a, 0x09, 0x74, 0x79, 0x70, 0x65, 0x5f,
-	0x6e, 0x61, 0x6d, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x74, 0x79, 0x70, 0x65,
-	0x4e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x65,
-	0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x64, 0x65, 0x65,
-	0x12, 0x23, 0x0a, 0x0d, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75,
-	0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x64, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74,
-	0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6f, 0x6e, 0x65, 0x6f, 0x66, 0x5f, 0x69,
-	0x6e, 0x64, 0x65, 0x78, 0x18, 0x09, 0x20, 0x01, 0x28, 0x05, 0x52, 0x0a, 0x6f, 0x6e, 0x65, 0x6f,
-	0x66, 0x49, 0x6e, 0x64, 0x65, 0x78, 0x12, 0x1b, 0x0a, 0x09, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x6e,
-	0x61, 0x6d, 0x65, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x6a, 0x73, 0x6f, 0x6e, 0x4e,
-	0x61, 0x6d, 0x65, 0x12, 0x37, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x08,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69,
-	0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x27, 0x0a, 0x0f,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x18,
-	0x11, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, 0x4f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x22, 0xb6, 0x02, 0x0a, 0x04, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0f,
-	0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x44, 0x4f, 0x55, 0x42, 0x4c, 0x45, 0x10, 0x01, 0x12,
-	0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x4c, 0x4f, 0x41, 0x54, 0x10, 0x02, 0x12,
-	0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x03, 0x12,
-	0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x04,
-	0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x05,
-	0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x49, 0x58, 0x45, 0x44, 0x36, 0x34,
-	0x10, 0x06, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x46, 0x49, 0x58, 0x45, 0x44,
-	0x33, 0x32, 0x10, 0x07, 0x12, 0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x42, 0x4f, 0x4f,
-	0x4c, 0x10, 0x08, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x54, 0x52, 0x49,
-	0x4e, 0x47, 0x10, 0x09, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x47, 0x52, 0x4f,
-	0x55, 0x50, 0x10, 0x0a, 0x12, 0x10, 0x0a, 0x0c, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4d, 0x45, 0x53,
-	0x53, 0x41, 0x47, 0x45, 0x10, 0x0b, 0x12, 0x0e, 0x0a, 0x0a, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x42,
-	0x59, 0x54, 0x45, 0x53, 0x10, 0x0c, 0x12, 0x0f, 0x0a, 0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55,
-	0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x0d, 0x12, 0x0d, 0x0a, 0x09, 0x54, 0x59, 0x50, 0x45, 0x5f,
-	0x45, 0x4e, 0x55, 0x4d, 0x10, 0x0e, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53,
-	0x46, 0x49, 0x58, 0x45, 0x44, 0x33, 0x32, 0x10, 0x0f, 0x12, 0x11, 0x0a, 0x0d, 0x54, 0x59, 0x50,
-	0x45, 0x5f, 0x53, 0x46, 0x49, 0x58, 0x45, 0x44, 0x36, 0x34, 0x10, 0x10, 0x12, 0x0f, 0x0a, 0x0b,
-	0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x33, 0x32, 0x10, 0x11, 0x12, 0x0f, 0x0a,
-	0x0b, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x49, 0x4e, 0x54, 0x36, 0x34, 0x10, 0x12, 0x22, 0x43,
-	0x0a, 0x05, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c,
-	0x5f, 0x4f, 0x50, 0x54, 0x49, 0x4f, 0x4e, 0x41, 0x4c, 0x10, 0x01, 0x12, 0x12, 0x0a, 0x0e, 0x4c,
-	0x41, 0x42, 0x45, 0x4c, 0x5f, 0x52, 0x45, 0x51, 0x55, 0x49, 0x52, 0x45, 0x44, 0x10, 0x02, 0x12,
-	0x12, 0x0a, 0x0e, 0x4c, 0x41, 0x42, 0x45, 0x4c, 0x5f, 0x52, 0x45, 0x50, 0x45, 0x41, 0x54, 0x45,
-	0x44, 0x10, 0x03, 0x22, 0x63, 0x0a, 0x14, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x44, 0x65, 0x73, 0x63,
-	0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
-	0x37, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b,
-	0x32, 0x1d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62,
-	0x75, 0x66, 0x2e, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52,
-	0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0xe3, 0x02, 0x0a, 0x13, 0x45, 0x6e, 0x75,
-	0x6d, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f,
-	0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04,
-	0x6e, 0x61, 0x6d, 0x65, 0x12, 0x3f, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
-	0x03, 0x28, 0x0b, 0x32, 0x29, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44,
-	0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x05,
-	0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x36, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73,
-	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x4f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x5d, 0x0a,
-	0x0e, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x72, 0x61, 0x6e, 0x67, 0x65, 0x18,
-	0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x36, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
-	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x44, 0x65, 0x73, 0x63,
-	0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x45, 0x6e, 0x75, 0x6d,
-	0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x52, 0x0d, 0x72,
-	0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x23, 0x0a, 0x0d,
-	0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x05, 0x20,
-	0x03, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65, 0x64, 0x4e, 0x61, 0x6d,
-	0x65, 0x1a, 0x3b, 0x0a, 0x11, 0x45, 0x6e, 0x75, 0x6d, 0x52, 0x65, 0x73, 0x65, 0x72, 0x76, 0x65,
-	0x64, 0x52, 0x61, 0x6e, 0x67, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x73, 0x74, 0x61, 0x72, 0x74, 0x12, 0x10, 0x0a, 0x03,
-	0x65, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03, 0x65, 0x6e, 0x64, 0x22, 0x83,
-	0x01, 0x0a, 0x18, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x44, 0x65, 0x73, 0x63,
-	0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12,
-	0x16, 0x0a, 0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x05, 0x52,
-	0x06, 0x6e, 0x75, 0x6d, 0x62, 0x65, 0x72, 0x12, 0x3b, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x21, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6e, 0x75, 0x6d, 0x56,
-	0x61, 0x6c, 0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x73, 0x22, 0xa7, 0x01, 0x0a, 0x16, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65,
-	0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12,
-	0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e,
-	0x61, 0x6d, 0x65, 0x12, 0x3e, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x18, 0x02, 0x20,
-	0x03, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x44, 0x65, 0x73, 0x63,
-	0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x52, 0x06, 0x6d, 0x65, 0x74,
-	0x68, 0x6f, 0x64, 0x12, 0x39, 0x0a, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x03,
-	0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4f, 0x70,
-	0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x22, 0x89,
-	0x02, 0x0a, 0x15, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70,
-	0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65,
-	0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1d, 0x0a, 0x0a,
-	0x69, 0x6e, 0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x09, 0x69, 0x6e, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1f, 0x0a, 0x0b, 0x6f,
-	0x75, 0x74, 0x70, 0x75, 0x74, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x0a, 0x6f, 0x75, 0x74, 0x70, 0x75, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x38, 0x0a, 0x07,
-	0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
-	0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x52, 0x07, 0x6f,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x30, 0x0a, 0x10, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74,
-	0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08,
-	0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x53,
-	0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x12, 0x30, 0x0a, 0x10, 0x73, 0x65, 0x72, 0x76,
-	0x65, 0x72, 0x5f, 0x73, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x18, 0x06, 0x20, 0x01,
-	0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0f, 0x73, 0x65, 0x72, 0x76, 0x65,
-	0x72, 0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x69, 0x6e, 0x67, 0x22, 0x91, 0x09, 0x0a, 0x0b, 0x46,
-	0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x21, 0x0a, 0x0c, 0x6a, 0x61,
-	0x76, 0x61, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x0b, 0x6a, 0x61, 0x76, 0x61, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x30, 0x0a,
-	0x14, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x6f, 0x75, 0x74, 0x65, 0x72, 0x5f, 0x63, 0x6c, 0x61, 0x73,
-	0x73, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x12, 0x6a, 0x61, 0x76,
-	0x61, 0x4f, 0x75, 0x74, 0x65, 0x72, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x6e, 0x61, 0x6d, 0x65, 0x12,
-	0x35, 0x0a, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x6d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c, 0x65,
-	0x5f, 0x66, 0x69, 0x6c, 0x65, 0x73, 0x18, 0x0a, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61,
-	0x6c, 0x73, 0x65, 0x52, 0x11, 0x6a, 0x61, 0x76, 0x61, 0x4d, 0x75, 0x6c, 0x74, 0x69, 0x70, 0x6c,
-	0x65, 0x46, 0x69, 0x6c, 0x65, 0x73, 0x12, 0x44, 0x0a, 0x1d, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x67,
-	0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x5f, 0x65, 0x71, 0x75, 0x61, 0x6c, 0x73, 0x5f, 0x61,
-	0x6e, 0x64, 0x5f, 0x68, 0x61, 0x73, 0x68, 0x18, 0x14, 0x20, 0x01, 0x28, 0x08, 0x42, 0x02, 0x18,
-	0x01, 0x52, 0x19, 0x6a, 0x61, 0x76, 0x61, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x45,
-	0x71, 0x75, 0x61, 0x6c, 0x73, 0x41, 0x6e, 0x64, 0x48, 0x61, 0x73, 0x68, 0x12, 0x3a, 0x0a, 0x16,
-	0x6a, 0x61, 0x76, 0x61, 0x5f, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x68, 0x65, 0x63,
-	0x6b, 0x5f, 0x75, 0x74, 0x66, 0x38, 0x18, 0x1b, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61,
-	0x6c, 0x73, 0x65, 0x52, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x53, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x43,
-	0x68, 0x65, 0x63, 0x6b, 0x55, 0x74, 0x66, 0x38, 0x12, 0x53, 0x0a, 0x0c, 0x6f, 0x70, 0x74, 0x69,
-	0x6d, 0x69, 0x7a, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x29,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
-	0x2e, 0x46, 0x69, 0x6c, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74,
-	0x69, 0x6d, 0x69, 0x7a, 0x65, 0x4d, 0x6f, 0x64, 0x65, 0x3a, 0x05, 0x53, 0x50, 0x45, 0x45, 0x44,
-	0x52, 0x0b, 0x6f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x46, 0x6f, 0x72, 0x12, 0x1d, 0x0a,
-	0x0a, 0x67, 0x6f, 0x5f, 0x70, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x18, 0x0b, 0x20, 0x01, 0x28,
-	0x09, 0x52, 0x09, 0x67, 0x6f, 0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x35, 0x0a, 0x13,
-	0x63, 0x63, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69,
-	0x63, 0x65, 0x73, 0x18, 0x10, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65,
-	0x52, 0x11, 0x63, 0x63, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69,
-	0x63, 0x65, 0x73, 0x12, 0x39, 0x0a, 0x15, 0x6a, 0x61, 0x76, 0x61, 0x5f, 0x67, 0x65, 0x6e, 0x65,
-	0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x11, 0x20, 0x01,
-	0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x13, 0x6a, 0x61, 0x76, 0x61, 0x47,
-	0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x35,
-	0x0a, 0x13, 0x70, 0x79, 0x5f, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72,
-	0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x12, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c,
-	0x73, 0x65, 0x52, 0x11, 0x70, 0x79, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72,
-	0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x37, 0x0a, 0x14, 0x70, 0x68, 0x70, 0x5f, 0x67, 0x65, 0x6e,
-	0x65, 0x72, 0x69, 0x63, 0x5f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x18, 0x2a, 0x20,
-	0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x12, 0x70, 0x68, 0x70, 0x47,
-	0x65, 0x6e, 0x65, 0x72, 0x69, 0x63, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x12, 0x25,
-	0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x17, 0x20, 0x01,
-	0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65,
-	0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x2e, 0x0a, 0x10, 0x63, 0x63, 0x5f, 0x65, 0x6e, 0x61, 0x62,
-	0x6c, 0x65, 0x5f, 0x61, 0x72, 0x65, 0x6e, 0x61, 0x73, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x08, 0x3a,
-	0x04, 0x74, 0x72, 0x75, 0x65, 0x52, 0x0e, 0x63, 0x63, 0x45, 0x6e, 0x61, 0x62, 0x6c, 0x65, 0x41,
-	0x72, 0x65, 0x6e, 0x61, 0x73, 0x12, 0x2a, 0x0a, 0x11, 0x6f, 0x62, 0x6a, 0x63, 0x5f, 0x63, 0x6c,
-	0x61, 0x73, 0x73, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x24, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x0f, 0x6f, 0x62, 0x6a, 0x63, 0x43, 0x6c, 0x61, 0x73, 0x73, 0x50, 0x72, 0x65, 0x66, 0x69,
-	0x78, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x73, 0x68, 0x61, 0x72, 0x70, 0x5f, 0x6e, 0x61, 0x6d, 0x65,
-	0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x25, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x63, 0x73, 0x68,
-	0x61, 0x72, 0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c,
-	0x73, 0x77, 0x69, 0x66, 0x74, 0x5f, 0x70, 0x72, 0x65, 0x66, 0x69, 0x78, 0x18, 0x27, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x0b, 0x73, 0x77, 0x69, 0x66, 0x74, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12,
-	0x28, 0x0a, 0x10, 0x70, 0x68, 0x70, 0x5f, 0x63, 0x6c, 0x61, 0x73, 0x73, 0x5f, 0x70, 0x72, 0x65,
-	0x66, 0x69, 0x78, 0x18, 0x28, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x70, 0x68, 0x70, 0x43, 0x6c,
-	0x61, 0x73, 0x73, 0x50, 0x72, 0x65, 0x66, 0x69, 0x78, 0x12, 0x23, 0x0a, 0x0d, 0x70, 0x68, 0x70,
-	0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x29, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x0c, 0x70, 0x68, 0x70, 0x4e, 0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x12, 0x34,
-	0x0a, 0x16, 0x70, 0x68, 0x70, 0x5f, 0x6d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x5f, 0x6e,
-	0x61, 0x6d, 0x65, 0x73, 0x70, 0x61, 0x63, 0x65, 0x18, 0x2c, 0x20, 0x01, 0x28, 0x09, 0x52, 0x14,
-	0x70, 0x68, 0x70, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0x4e, 0x61, 0x6d, 0x65, 0x73,
-	0x70, 0x61, 0x63, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x72, 0x75, 0x62, 0x79, 0x5f, 0x70, 0x61, 0x63,
-	0x6b, 0x61, 0x67, 0x65, 0x18, 0x2d, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x72, 0x75, 0x62, 0x79,
-	0x50, 0x61, 0x63, 0x6b, 0x61, 0x67, 0x65, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74,
-	0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18,
-	0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72,
-	0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e,
-	0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x22, 0x3a, 0x0a, 0x0c, 0x4f, 0x70, 0x74, 0x69, 0x6d, 0x69, 0x7a, 0x65, 0x4d, 0x6f, 0x64,
-	0x65, 0x12, 0x09, 0x0a, 0x05, 0x53, 0x50, 0x45, 0x45, 0x44, 0x10, 0x01, 0x12, 0x0d, 0x0a, 0x09,
-	0x43, 0x4f, 0x44, 0x45, 0x5f, 0x53, 0x49, 0x5a, 0x45, 0x10, 0x02, 0x12, 0x10, 0x0a, 0x0c, 0x4c,
-	0x49, 0x54, 0x45, 0x5f, 0x52, 0x55, 0x4e, 0x54, 0x49, 0x4d, 0x45, 0x10, 0x03, 0x2a, 0x09, 0x08,
-	0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04, 0x08, 0x26, 0x10, 0x27, 0x22, 0xbb,
-	0x03, 0x0a, 0x0e, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
-	0x73, 0x12, 0x3c, 0x0a, 0x17, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x5f, 0x73, 0x65, 0x74,
-	0x5f, 0x77, 0x69, 0x72, 0x65, 0x5f, 0x66, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x18, 0x01, 0x20, 0x01,
-	0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x14, 0x6d, 0x65, 0x73, 0x73, 0x61,
-	0x67, 0x65, 0x53, 0x65, 0x74, 0x57, 0x69, 0x72, 0x65, 0x46, 0x6f, 0x72, 0x6d, 0x61, 0x74, 0x12,
-	0x4c, 0x0a, 0x1f, 0x6e, 0x6f, 0x5f, 0x73, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x5f, 0x64,
-	0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x5f, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73,
-	0x6f, 0x72, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52,
-	0x1c, 0x6e, 0x6f, 0x53, 0x74, 0x61, 0x6e, 0x64, 0x61, 0x72, 0x64, 0x44, 0x65, 0x73, 0x63, 0x72,
-	0x69, 0x70, 0x74, 0x6f, 0x72, 0x41, 0x63, 0x63, 0x65, 0x73, 0x73, 0x6f, 0x72, 0x12, 0x25, 0x0a,
-	0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28,
-	0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63,
-	0x61, 0x74, 0x65, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x6d, 0x61, 0x70, 0x5f, 0x65, 0x6e, 0x74, 0x72,
-	0x79, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08, 0x52, 0x08, 0x6d, 0x61, 0x70, 0x45, 0x6e, 0x74, 0x72,
-	0x79, 0x12, 0x56, 0x0a, 0x26, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f,
-	0x6c, 0x65, 0x67, 0x61, 0x63, 0x79, 0x5f, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x65, 0x6c,
-	0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x18, 0x0b, 0x20, 0x01, 0x28,
-	0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x22, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65,
-	0x64, 0x4c, 0x65, 0x67, 0x61, 0x63, 0x79, 0x4a, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x65, 0x6c, 0x64,
-	0x43, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69,
-	0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74,
-	0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13,
-	0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04,
-	0x08, 0x04, 0x10, 0x05, 0x4a, 0x04, 0x08, 0x05, 0x10, 0x06, 0x4a, 0x04, 0x08, 0x06, 0x10, 0x07,
-	0x4a, 0x04, 0x08, 0x08, 0x10, 0x09, 0x4a, 0x04, 0x08, 0x09, 0x10, 0x0a, 0x22, 0x85, 0x09, 0x0a,
-	0x0c, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x41, 0x0a,
-	0x05, 0x63, 0x74, 0x79, 0x70, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x23, 0x2e, 0x67,
-	0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46,
-	0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x43, 0x54, 0x79, 0x70,
-	0x65, 0x3a, 0x06, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x52, 0x05, 0x63, 0x74, 0x79, 0x70, 0x65,
-	0x12, 0x16, 0x0a, 0x06, 0x70, 0x61, 0x63, 0x6b, 0x65, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08,
-	0x52, 0x06, 0x70, 0x61, 0x63, 0x6b, 0x65, 0x64, 0x12, 0x47, 0x0a, 0x06, 0x6a, 0x73, 0x74, 0x79,
-	0x70, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64,
-	0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4a, 0x53, 0x54, 0x79, 0x70, 0x65, 0x3a, 0x09,
-	0x4a, 0x53, 0x5f, 0x4e, 0x4f, 0x52, 0x4d, 0x41, 0x4c, 0x52, 0x06, 0x6a, 0x73, 0x74, 0x79, 0x70,
-	0x65, 0x12, 0x19, 0x0a, 0x04, 0x6c, 0x61, 0x7a, 0x79, 0x18, 0x05, 0x20, 0x01, 0x28, 0x08, 0x3a,
-	0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x04, 0x6c, 0x61, 0x7a, 0x79, 0x12, 0x2e, 0x0a, 0x0f,
-	0x75, 0x6e, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x5f, 0x6c, 0x61, 0x7a, 0x79, 0x18,
-	0x0f, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0e, 0x75, 0x6e,
-	0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x65, 0x64, 0x4c, 0x61, 0x7a, 0x79, 0x12, 0x25, 0x0a, 0x0a,
-	0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08,
-	0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61,
-	0x74, 0x65, 0x64, 0x12, 0x19, 0x0a, 0x04, 0x77, 0x65, 0x61, 0x6b, 0x18, 0x0a, 0x20, 0x01, 0x28,
-	0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x04, 0x77, 0x65, 0x61, 0x6b, 0x12, 0x28,
-	0x0a, 0x0c, 0x64, 0x65, 0x62, 0x75, 0x67, 0x5f, 0x72, 0x65, 0x64, 0x61, 0x63, 0x74, 0x18, 0x10,
-	0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0b, 0x64, 0x65, 0x62,
-	0x75, 0x67, 0x52, 0x65, 0x64, 0x61, 0x63, 0x74, 0x12, 0x4b, 0x0a, 0x09, 0x72, 0x65, 0x74, 0x65,
-	0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x11, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2d, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69,
-	0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x52, 0x65, 0x74, 0x65, 0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x09, 0x72, 0x65, 0x74, 0x65,
-	0x6e, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x4a, 0x0a, 0x06, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x18,
-	0x12, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
-	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x61, 0x72, 0x67, 0x65,
-	0x74, 0x54, 0x79, 0x70, 0x65, 0x42, 0x02, 0x18, 0x01, 0x52, 0x06, 0x74, 0x61, 0x72, 0x67, 0x65,
-	0x74, 0x12, 0x48, 0x0a, 0x07, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x18, 0x13, 0x20, 0x03,
-	0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74,
-	0x6f, 0x62, 0x75, 0x66, 0x2e, 0x46, 0x69, 0x65, 0x6c, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
-	0x73, 0x2e, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x54, 0x79,
-	0x70, 0x65, 0x52, 0x07, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75,
-	0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f,
-	0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69,
-	0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e,
-	0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x2f, 0x0a, 0x05, 0x43, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0a,
-	0x0a, 0x06, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x43, 0x4f,
-	0x52, 0x44, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x5f, 0x50,
-	0x49, 0x45, 0x43, 0x45, 0x10, 0x02, 0x22, 0x35, 0x0a, 0x06, 0x4a, 0x53, 0x54, 0x79, 0x70, 0x65,
-	0x12, 0x0d, 0x0a, 0x09, 0x4a, 0x53, 0x5f, 0x4e, 0x4f, 0x52, 0x4d, 0x41, 0x4c, 0x10, 0x00, 0x12,
-	0x0d, 0x0a, 0x09, 0x4a, 0x53, 0x5f, 0x53, 0x54, 0x52, 0x49, 0x4e, 0x47, 0x10, 0x01, 0x12, 0x0d,
-	0x0a, 0x09, 0x4a, 0x53, 0x5f, 0x4e, 0x55, 0x4d, 0x42, 0x45, 0x52, 0x10, 0x02, 0x22, 0x55, 0x0a,
-	0x0f, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x65, 0x74, 0x65, 0x6e, 0x74, 0x69, 0x6f, 0x6e,
-	0x12, 0x15, 0x0a, 0x11, 0x52, 0x45, 0x54, 0x45, 0x4e, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x55, 0x4e,
-	0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x15, 0x0a, 0x11, 0x52, 0x45, 0x54, 0x45, 0x4e,
-	0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x52, 0x55, 0x4e, 0x54, 0x49, 0x4d, 0x45, 0x10, 0x01, 0x12, 0x14,
-	0x0a, 0x10, 0x52, 0x45, 0x54, 0x45, 0x4e, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x53, 0x4f, 0x55, 0x52,
-	0x43, 0x45, 0x10, 0x02, 0x22, 0x8c, 0x02, 0x0a, 0x10, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x54,
-	0x61, 0x72, 0x67, 0x65, 0x74, 0x54, 0x79, 0x70, 0x65, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x52,
-	0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e,
-	0x10, 0x00, 0x12, 0x14, 0x0a, 0x10, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50,
-	0x45, 0x5f, 0x46, 0x49, 0x4c, 0x45, 0x10, 0x01, 0x12, 0x1f, 0x0a, 0x1b, 0x54, 0x41, 0x52, 0x47,
-	0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x58, 0x54, 0x45, 0x4e, 0x53, 0x49, 0x4f,
-	0x4e, 0x5f, 0x52, 0x41, 0x4e, 0x47, 0x45, 0x10, 0x02, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x52,
-	0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4d, 0x45, 0x53, 0x53, 0x41, 0x47, 0x45,
-	0x10, 0x03, 0x12, 0x15, 0x0a, 0x11, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50,
-	0x45, 0x5f, 0x46, 0x49, 0x45, 0x4c, 0x44, 0x10, 0x04, 0x12, 0x15, 0x0a, 0x11, 0x54, 0x41, 0x52,
-	0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4f, 0x4e, 0x45, 0x4f, 0x46, 0x10, 0x05,
-	0x12, 0x14, 0x0a, 0x10, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f,
-	0x45, 0x4e, 0x55, 0x4d, 0x10, 0x06, 0x12, 0x1a, 0x0a, 0x16, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54,
-	0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x45, 0x4e, 0x55, 0x4d, 0x5f, 0x45, 0x4e, 0x54, 0x52, 0x59,
-	0x10, 0x07, 0x12, 0x17, 0x0a, 0x13, 0x54, 0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50,
-	0x45, 0x5f, 0x53, 0x45, 0x52, 0x56, 0x49, 0x43, 0x45, 0x10, 0x08, 0x12, 0x16, 0x0a, 0x12, 0x54,
-	0x41, 0x52, 0x47, 0x45, 0x54, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x4d, 0x45, 0x54, 0x48, 0x4f,
-	0x44, 0x10, 0x09, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04,
-	0x08, 0x04, 0x10, 0x05, 0x22, 0x73, 0x0a, 0x0c, 0x4f, 0x6e, 0x65, 0x6f, 0x66, 0x4f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70,
-	0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20,
-	0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65,
-	0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74,
-	0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0x09,
-	0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x22, 0x98, 0x02, 0x0a, 0x0b, 0x45, 0x6e,
-	0x75, 0x6d, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x1f, 0x0a, 0x0b, 0x61, 0x6c, 0x6c,
-	0x6f, 0x77, 0x5f, 0x61, 0x6c, 0x69, 0x61, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0a,
-	0x61, 0x6c, 0x6c, 0x6f, 0x77, 0x41, 0x6c, 0x69, 0x61, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65,
-	0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05,
-	0x66, 0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65,
-	0x64, 0x12, 0x56, 0x0a, 0x26, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x5f,
-	0x6c, 0x65, 0x67, 0x61, 0x63, 0x79, 0x5f, 0x6a, 0x73, 0x6f, 0x6e, 0x5f, 0x66, 0x69, 0x65, 0x6c,
-	0x64, 0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28,
-	0x08, 0x42, 0x02, 0x18, 0x01, 0x52, 0x22, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65,
-	0x64, 0x4c, 0x65, 0x67, 0x61, 0x63, 0x79, 0x4a, 0x73, 0x6f, 0x6e, 0x46, 0x69, 0x65, 0x6c, 0x64,
-	0x43, 0x6f, 0x6e, 0x66, 0x6c, 0x69, 0x63, 0x74, 0x73, 0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69,
-	0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f,
-	0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74,
-	0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13,
-	0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x4a, 0x04,
-	0x08, 0x05, 0x10, 0x06, 0x22, 0x9e, 0x01, 0x0a, 0x10, 0x45, 0x6e, 0x75, 0x6d, 0x56, 0x61, 0x6c,
-	0x75, 0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70,
-	0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66,
-	0x61, 0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64,
-	0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65,
-	0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32,
-	0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72,
-	0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10,
-	0x80, 0x80, 0x80, 0x80, 0x02, 0x22, 0x9c, 0x01, 0x0a, 0x0e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
-	0x65, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72,
-	0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x18, 0x21, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61,
-	0x6c, 0x73, 0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12,
-	0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64,
-	0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x24,
-	0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66,
-	0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70,
-	0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65,
-	0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x2a, 0x09, 0x08, 0xe8, 0x07, 0x10, 0x80,
-	0x80, 0x80, 0x80, 0x02, 0x22, 0xe0, 0x02, 0x0a, 0x0d, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x4f,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x12, 0x25, 0x0a, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63,
-	0x61, 0x74, 0x65, 0x64, 0x18, 0x21, 0x20, 0x01, 0x28, 0x08, 0x3a, 0x05, 0x66, 0x61, 0x6c, 0x73,
-	0x65, 0x52, 0x0a, 0x64, 0x65, 0x70, 0x72, 0x65, 0x63, 0x61, 0x74, 0x65, 0x64, 0x12, 0x71, 0x0a,
-	0x11, 0x69, 0x64, 0x65, 0x6d, 0x70, 0x6f, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x5f, 0x6c, 0x65, 0x76,
-	0x65, 0x6c, 0x18, 0x22, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2f, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x4d, 0x65, 0x74, 0x68, 0x6f,
-	0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x73, 0x2e, 0x49, 0x64, 0x65, 0x6d, 0x70, 0x6f, 0x74,
-	0x65, 0x6e, 0x63, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x3a, 0x13, 0x49, 0x44, 0x45, 0x4d, 0x50,
-	0x4f, 0x54, 0x45, 0x4e, 0x43, 0x59, 0x5f, 0x55, 0x4e, 0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x52, 0x10,
-	0x69, 0x64, 0x65, 0x6d, 0x70, 0x6f, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c,
-	0x12, 0x58, 0x0a, 0x14, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65,
-	0x64, 0x5f, 0x6f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0xe7, 0x07, 0x20, 0x03, 0x28, 0x0b, 0x32,
-	0x24, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75,
-	0x66, 0x2e, 0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f,
-	0x70, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x13, 0x75, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72,
-	0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x22, 0x50, 0x0a, 0x10, 0x49, 0x64,
-	0x65, 0x6d, 0x70, 0x6f, 0x74, 0x65, 0x6e, 0x63, 0x79, 0x4c, 0x65, 0x76, 0x65, 0x6c, 0x12, 0x17,
-	0x0a, 0x13, 0x49, 0x44, 0x45, 0x4d, 0x50, 0x4f, 0x54, 0x45, 0x4e, 0x43, 0x59, 0x5f, 0x55, 0x4e,
-	0x4b, 0x4e, 0x4f, 0x57, 0x4e, 0x10, 0x00, 0x12, 0x13, 0x0a, 0x0f, 0x4e, 0x4f, 0x5f, 0x53, 0x49,
-	0x44, 0x45, 0x5f, 0x45, 0x46, 0x46, 0x45, 0x43, 0x54, 0x53, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a,
-	0x49, 0x44, 0x45, 0x4d, 0x50, 0x4f, 0x54, 0x45, 0x4e, 0x54, 0x10, 0x02, 0x2a, 0x09, 0x08, 0xe8,
-	0x07, 0x10, 0x80, 0x80, 0x80, 0x80, 0x02, 0x22, 0x9a, 0x03, 0x0a, 0x13, 0x55, 0x6e, 0x69, 0x6e,
-	0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x12,
-	0x41, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
-	0x55, 0x6e, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x70, 0x72, 0x65, 0x74, 0x65, 0x64, 0x4f, 0x70, 0x74,
-	0x69, 0x6f, 0x6e, 0x2e, 0x4e, 0x61, 0x6d, 0x65, 0x50, 0x61, 0x72, 0x74, 0x52, 0x04, 0x6e, 0x61,
-	0x6d, 0x65, 0x12, 0x29, 0x0a, 0x10, 0x69, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72,
-	0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x69, 0x64,
-	0x65, 0x6e, 0x74, 0x69, 0x66, 0x69, 0x65, 0x72, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x2c, 0x0a,
-	0x12, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61,
-	0x6c, 0x75, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x04, 0x52, 0x10, 0x70, 0x6f, 0x73, 0x69, 0x74,
-	0x69, 0x76, 0x65, 0x49, 0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x2c, 0x0a, 0x12, 0x6e,
-	0x65, 0x67, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x69, 0x6e, 0x74, 0x5f, 0x76, 0x61, 0x6c, 0x75,
-	0x65, 0x18, 0x05, 0x20, 0x01, 0x28, 0x03, 0x52, 0x10, 0x6e, 0x65, 0x67, 0x61, 0x74, 0x69, 0x76,
-	0x65, 0x49, 0x6e, 0x74, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x21, 0x0a, 0x0c, 0x64, 0x6f, 0x75,
-	0x62, 0x6c, 0x65, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x06, 0x20, 0x01, 0x28, 0x01, 0x52,
-	0x0b, 0x64, 0x6f, 0x75, 0x62, 0x6c, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x21, 0x0a, 0x0c,
-	0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x5f, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x07, 0x20, 0x01,
-	0x28, 0x0c, 0x52, 0x0b, 0x73, 0x74, 0x72, 0x69, 0x6e, 0x67, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x12,
-	0x27, 0x0a, 0x0f, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67, 0x61, 0x74, 0x65, 0x5f, 0x76, 0x61, 0x6c,
-	0x75, 0x65, 0x18, 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0e, 0x61, 0x67, 0x67, 0x72, 0x65, 0x67,
-	0x61, 0x74, 0x65, 0x56, 0x61, 0x6c, 0x75, 0x65, 0x1a, 0x4a, 0x0a, 0x08, 0x4e, 0x61, 0x6d, 0x65,
-	0x50, 0x61, 0x72, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x6e, 0x61, 0x6d, 0x65, 0x5f, 0x70, 0x61, 0x72,
-	0x74, 0x18, 0x01, 0x20, 0x02, 0x28, 0x09, 0x52, 0x08, 0x6e, 0x61, 0x6d, 0x65, 0x50, 0x61, 0x72,
-	0x74, 0x12, 0x21, 0x0a, 0x0c, 0x69, 0x73, 0x5f, 0x65, 0x78, 0x74, 0x65, 0x6e, 0x73, 0x69, 0x6f,
-	0x6e, 0x18, 0x02, 0x20, 0x02, 0x28, 0x08, 0x52, 0x0b, 0x69, 0x73, 0x45, 0x78, 0x74, 0x65, 0x6e,
-	0x73, 0x69, 0x6f, 0x6e, 0x22, 0xa7, 0x02, 0x0a, 0x0e, 0x53, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x43,
-	0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x12, 0x44, 0x0a, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x28, 0x2e, 0x67, 0x6f, 0x6f, 0x67,
-	0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x6f, 0x75, 0x72,
-	0x63, 0x65, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x4c, 0x6f, 0x63, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x52, 0x08, 0x6c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x1a, 0xce, 0x01,
-	0x0a, 0x08, 0x4c, 0x6f, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x04, 0x70, 0x61,
-	0x74, 0x68, 0x18, 0x01, 0x20, 0x03, 0x28, 0x05, 0x42, 0x02, 0x10, 0x01, 0x52, 0x04, 0x70, 0x61,
-	0x74, 0x68, 0x12, 0x16, 0x0a, 0x04, 0x73, 0x70, 0x61, 0x6e, 0x18, 0x02, 0x20, 0x03, 0x28, 0x05,
-	0x42, 0x02, 0x10, 0x01, 0x52, 0x04, 0x73, 0x70, 0x61, 0x6e, 0x12, 0x29, 0x0a, 0x10, 0x6c, 0x65,
-	0x61, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x03,
-	0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x6c, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6d,
-	0x6d, 0x65, 0x6e, 0x74, 0x73, 0x12, 0x2b, 0x0a, 0x11, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x69, 0x6e,
-	0x67, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09,
-	0x52, 0x10, 0x74, 0x72, 0x61, 0x69, 0x6c, 0x69, 0x6e, 0x67, 0x43, 0x6f, 0x6d, 0x6d, 0x65, 0x6e,
-	0x74, 0x73, 0x12, 0x3a, 0x0a, 0x19, 0x6c, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x5f, 0x64, 0x65,
-	0x74, 0x61, 0x63, 0x68, 0x65, 0x64, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x18,
-	0x06, 0x20, 0x03, 0x28, 0x09, 0x52, 0x17, 0x6c, 0x65, 0x61, 0x64, 0x69, 0x6e, 0x67, 0x44, 0x65,
-	0x74, 0x61, 0x63, 0x68, 0x65, 0x64, 0x43, 0x6f, 0x6d, 0x6d, 0x65, 0x6e, 0x74, 0x73, 0x22, 0xd0,
-	0x02, 0x0a, 0x11, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x64, 0x65,
-	0x49, 0x6e, 0x66, 0x6f, 0x12, 0x4d, 0x0a, 0x0a, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
-	0x6f, 0x6e, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x2d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c,
-	0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72,
-	0x61, 0x74, 0x65, 0x64, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x41, 0x6e, 0x6e,
-	0x6f, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x61, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74,
-	0x69, 0x6f, 0x6e, 0x1a, 0xeb, 0x01, 0x0a, 0x0a, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61, 0x74, 0x69,
-	0x6f, 0x6e, 0x12, 0x16, 0x0a, 0x04, 0x70, 0x61, 0x74, 0x68, 0x18, 0x01, 0x20, 0x03, 0x28, 0x05,
-	0x42, 0x02, 0x10, 0x01, 0x52, 0x04, 0x70, 0x61, 0x74, 0x68, 0x12, 0x1f, 0x0a, 0x0b, 0x73, 0x6f,
-	0x75, 0x72, 0x63, 0x65, 0x5f, 0x66, 0x69, 0x6c, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52,
-	0x0a, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x46, 0x69, 0x6c, 0x65, 0x12, 0x14, 0x0a, 0x05, 0x62,
-	0x65, 0x67, 0x69, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x05, 0x52, 0x05, 0x62, 0x65, 0x67, 0x69,
-	0x6e, 0x12, 0x10, 0x0a, 0x03, 0x65, 0x6e, 0x64, 0x18, 0x04, 0x20, 0x01, 0x28, 0x05, 0x52, 0x03,
-	0x65, 0x6e, 0x64, 0x12, 0x52, 0x0a, 0x08, 0x73, 0x65, 0x6d, 0x61, 0x6e, 0x74, 0x69, 0x63, 0x18,
-	0x05, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x36, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70,
-	0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x47, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65,
-	0x64, 0x43, 0x6f, 0x64, 0x65, 0x49, 0x6e, 0x66, 0x6f, 0x2e, 0x41, 0x6e, 0x6e, 0x6f, 0x74, 0x61,
-	0x74, 0x69, 0x6f, 0x6e, 0x2e, 0x53, 0x65, 0x6d, 0x61, 0x6e, 0x74, 0x69, 0x63, 0x52, 0x08, 0x73,
-	0x65, 0x6d, 0x61, 0x6e, 0x74, 0x69, 0x63, 0x22, 0x28, 0x0a, 0x08, 0x53, 0x65, 0x6d, 0x61, 0x6e,
-	0x74, 0x69, 0x63, 0x12, 0x08, 0x0a, 0x04, 0x4e, 0x4f, 0x4e, 0x45, 0x10, 0x00, 0x12, 0x07, 0x0a,
-	0x03, 0x53, 0x45, 0x54, 0x10, 0x01, 0x12, 0x09, 0x0a, 0x05, 0x41, 0x4c, 0x49, 0x41, 0x53, 0x10,
-	0x02, 0x42, 0x7e, 0x0a, 0x13, 0x63, 0x6f, 0x6d, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x42, 0x10, 0x44, 0x65, 0x73, 0x63, 0x72, 0x69,
-	0x70, 0x74, 0x6f, 0x72, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x73, 0x48, 0x01, 0x5a, 0x2d, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x67, 0x6f, 0x6c, 0x61, 0x6e, 0x67, 0x2e, 0x6f, 0x72, 0x67, 0x2f,
-	0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x74, 0x79, 0x70, 0x65, 0x73, 0x2f, 0x64,
-	0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x6f, 0x72, 0x70, 0x62, 0xf8, 0x01, 0x01, 0xa2, 0x02,
-	0x03, 0x47, 0x50, 0x42, 0xaa, 0x02, 0x1a, 0x47, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x50, 0x72,
-	0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x52, 0x65, 0x66, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f,
-	0x6e,
-}
-
-var (
-	file_google_protobuf_descriptor_proto_rawDescOnce sync.Once
-	file_google_protobuf_descriptor_proto_rawDescData = file_google_protobuf_descriptor_proto_rawDesc
-)
-
-func file_google_protobuf_descriptor_proto_rawDescGZIP() []byte {
-	file_google_protobuf_descriptor_proto_rawDescOnce.Do(func() {
-		file_google_protobuf_descriptor_proto_rawDescData = protoimpl.X.CompressGZIP(file_google_protobuf_descriptor_proto_rawDescData)
-	})
-	return file_google_protobuf_descriptor_proto_rawDescData
-}
-
-var file_google_protobuf_descriptor_proto_enumTypes = make([]protoimpl.EnumInfo, 10)
-var file_google_protobuf_descriptor_proto_msgTypes = make([]protoimpl.MessageInfo, 28)
-var file_google_protobuf_descriptor_proto_goTypes = []interface{}{
-	(ExtensionRangeOptions_VerificationState)(0),  // 0: google.protobuf.ExtensionRangeOptions.VerificationState
-	(FieldDescriptorProto_Type)(0),                // 1: google.protobuf.FieldDescriptorProto.Type
-	(FieldDescriptorProto_Label)(0),               // 2: google.protobuf.FieldDescriptorProto.Label
-	(FileOptions_OptimizeMode)(0),                 // 3: google.protobuf.FileOptions.OptimizeMode
-	(FieldOptions_CType)(0),                       // 4: google.protobuf.FieldOptions.CType
-	(FieldOptions_JSType)(0),                      // 5: google.protobuf.FieldOptions.JSType
-	(FieldOptions_OptionRetention)(0),             // 6: google.protobuf.FieldOptions.OptionRetention
-	(FieldOptions_OptionTargetType)(0),            // 7: google.protobuf.FieldOptions.OptionTargetType
-	(MethodOptions_IdempotencyLevel)(0),           // 8: google.protobuf.MethodOptions.IdempotencyLevel
-	(GeneratedCodeInfo_Annotation_Semantic)(0),    // 9: google.protobuf.GeneratedCodeInfo.Annotation.Semantic
-	(*FileDescriptorSet)(nil),                     // 10: google.protobuf.FileDescriptorSet
-	(*FileDescriptorProto)(nil),                   // 11: google.protobuf.FileDescriptorProto
-	(*DescriptorProto)(nil),                       // 12: google.protobuf.DescriptorProto
-	(*ExtensionRangeOptions)(nil),                 // 13: google.protobuf.ExtensionRangeOptions
-	(*FieldDescriptorProto)(nil),                  // 14: google.protobuf.FieldDescriptorProto
-	(*OneofDescriptorProto)(nil),                  // 15: google.protobuf.OneofDescriptorProto
-	(*EnumDescriptorProto)(nil),                   // 16: google.protobuf.EnumDescriptorProto
-	(*EnumValueDescriptorProto)(nil),              // 17: google.protobuf.EnumValueDescriptorProto
-	(*ServiceDescriptorProto)(nil),                // 18: google.protobuf.ServiceDescriptorProto
-	(*MethodDescriptorProto)(nil),                 // 19: google.protobuf.MethodDescriptorProto
-	(*FileOptions)(nil),                           // 20: google.protobuf.FileOptions
-	(*MessageOptions)(nil),                        // 21: google.protobuf.MessageOptions
-	(*FieldOptions)(nil),                          // 22: google.protobuf.FieldOptions
-	(*OneofOptions)(nil),                          // 23: google.protobuf.OneofOptions
-	(*EnumOptions)(nil),                           // 24: google.protobuf.EnumOptions
-	(*EnumValueOptions)(nil),                      // 25: google.protobuf.EnumValueOptions
-	(*ServiceOptions)(nil),                        // 26: google.protobuf.ServiceOptions
-	(*MethodOptions)(nil),                         // 27: google.protobuf.MethodOptions
-	(*UninterpretedOption)(nil),                   // 28: google.protobuf.UninterpretedOption
-	(*SourceCodeInfo)(nil),                        // 29: google.protobuf.SourceCodeInfo
-	(*GeneratedCodeInfo)(nil),                     // 30: google.protobuf.GeneratedCodeInfo
-	(*DescriptorProto_ExtensionRange)(nil),        // 31: google.protobuf.DescriptorProto.ExtensionRange
-	(*DescriptorProto_ReservedRange)(nil),         // 32: google.protobuf.DescriptorProto.ReservedRange
-	(*ExtensionRangeOptions_Declaration)(nil),     // 33: google.protobuf.ExtensionRangeOptions.Declaration
-	(*EnumDescriptorProto_EnumReservedRange)(nil), // 34: google.protobuf.EnumDescriptorProto.EnumReservedRange
-	(*UninterpretedOption_NamePart)(nil),          // 35: google.protobuf.UninterpretedOption.NamePart
-	(*SourceCodeInfo_Location)(nil),               // 36: google.protobuf.SourceCodeInfo.Location
-	(*GeneratedCodeInfo_Annotation)(nil),          // 37: google.protobuf.GeneratedCodeInfo.Annotation
-}
-var file_google_protobuf_descriptor_proto_depIdxs = []int32{
-	11, // 0: google.protobuf.FileDescriptorSet.file:type_name -> google.protobuf.FileDescriptorProto
-	12, // 1: google.protobuf.FileDescriptorProto.message_type:type_name -> google.protobuf.DescriptorProto
-	16, // 2: google.protobuf.FileDescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto
-	18, // 3: google.protobuf.FileDescriptorProto.service:type_name -> google.protobuf.ServiceDescriptorProto
-	14, // 4: google.protobuf.FileDescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto
-	20, // 5: google.protobuf.FileDescriptorProto.options:type_name -> google.protobuf.FileOptions
-	29, // 6: google.protobuf.FileDescriptorProto.source_code_info:type_name -> google.protobuf.SourceCodeInfo
-	14, // 7: google.protobuf.DescriptorProto.field:type_name -> google.protobuf.FieldDescriptorProto
-	14, // 8: google.protobuf.DescriptorProto.extension:type_name -> google.protobuf.FieldDescriptorProto
-	12, // 9: google.protobuf.DescriptorProto.nested_type:type_name -> google.protobuf.DescriptorProto
-	16, // 10: google.protobuf.DescriptorProto.enum_type:type_name -> google.protobuf.EnumDescriptorProto
-	31, // 11: google.protobuf.DescriptorProto.extension_range:type_name -> google.protobuf.DescriptorProto.ExtensionRange
-	15, // 12: google.protobuf.DescriptorProto.oneof_decl:type_name -> google.protobuf.OneofDescriptorProto
-	21, // 13: google.protobuf.DescriptorProto.options:type_name -> google.protobuf.MessageOptions
-	32, // 14: google.protobuf.DescriptorProto.reserved_range:type_name -> google.protobuf.DescriptorProto.ReservedRange
-	28, // 15: google.protobuf.ExtensionRangeOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	33, // 16: google.protobuf.ExtensionRangeOptions.declaration:type_name -> google.protobuf.ExtensionRangeOptions.Declaration
-	0,  // 17: google.protobuf.ExtensionRangeOptions.verification:type_name -> google.protobuf.ExtensionRangeOptions.VerificationState
-	2,  // 18: google.protobuf.FieldDescriptorProto.label:type_name -> google.protobuf.FieldDescriptorProto.Label
-	1,  // 19: google.protobuf.FieldDescriptorProto.type:type_name -> google.protobuf.FieldDescriptorProto.Type
-	22, // 20: google.protobuf.FieldDescriptorProto.options:type_name -> google.protobuf.FieldOptions
-	23, // 21: google.protobuf.OneofDescriptorProto.options:type_name -> google.protobuf.OneofOptions
-	17, // 22: google.protobuf.EnumDescriptorProto.value:type_name -> google.protobuf.EnumValueDescriptorProto
-	24, // 23: google.protobuf.EnumDescriptorProto.options:type_name -> google.protobuf.EnumOptions
-	34, // 24: google.protobuf.EnumDescriptorProto.reserved_range:type_name -> google.protobuf.EnumDescriptorProto.EnumReservedRange
-	25, // 25: google.protobuf.EnumValueDescriptorProto.options:type_name -> google.protobuf.EnumValueOptions
-	19, // 26: google.protobuf.ServiceDescriptorProto.method:type_name -> google.protobuf.MethodDescriptorProto
-	26, // 27: google.protobuf.ServiceDescriptorProto.options:type_name -> google.protobuf.ServiceOptions
-	27, // 28: google.protobuf.MethodDescriptorProto.options:type_name -> google.protobuf.MethodOptions
-	3,  // 29: google.protobuf.FileOptions.optimize_for:type_name -> google.protobuf.FileOptions.OptimizeMode
-	28, // 30: google.protobuf.FileOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	28, // 31: google.protobuf.MessageOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	4,  // 32: google.protobuf.FieldOptions.ctype:type_name -> google.protobuf.FieldOptions.CType
-	5,  // 33: google.protobuf.FieldOptions.jstype:type_name -> google.protobuf.FieldOptions.JSType
-	6,  // 34: google.protobuf.FieldOptions.retention:type_name -> google.protobuf.FieldOptions.OptionRetention
-	7,  // 35: google.protobuf.FieldOptions.target:type_name -> google.protobuf.FieldOptions.OptionTargetType
-	7,  // 36: google.protobuf.FieldOptions.targets:type_name -> google.protobuf.FieldOptions.OptionTargetType
-	28, // 37: google.protobuf.FieldOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	28, // 38: google.protobuf.OneofOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	28, // 39: google.protobuf.EnumOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	28, // 40: google.protobuf.EnumValueOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	28, // 41: google.protobuf.ServiceOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	8,  // 42: google.protobuf.MethodOptions.idempotency_level:type_name -> google.protobuf.MethodOptions.IdempotencyLevel
-	28, // 43: google.protobuf.MethodOptions.uninterpreted_option:type_name -> google.protobuf.UninterpretedOption
-	35, // 44: google.protobuf.UninterpretedOption.name:type_name -> google.protobuf.UninterpretedOption.NamePart
-	36, // 45: google.protobuf.SourceCodeInfo.location:type_name -> google.protobuf.SourceCodeInfo.Location
-	37, // 46: google.protobuf.GeneratedCodeInfo.annotation:type_name -> google.protobuf.GeneratedCodeInfo.Annotation
-	13, // 47: google.protobuf.DescriptorProto.ExtensionRange.options:type_name -> google.protobuf.ExtensionRangeOptions
-	9,  // 48: google.protobuf.GeneratedCodeInfo.Annotation.semantic:type_name -> google.protobuf.GeneratedCodeInfo.Annotation.Semantic
-	49, // [49:49] is the sub-list for method output_type
-	49, // [49:49] is the sub-list for method input_type
-	49, // [49:49] is the sub-list for extension type_name
-	49, // [49:49] is the sub-list for extension extendee
-	0,  // [0:49] is the sub-list for field type_name
-}
-
-func init() { file_google_protobuf_descriptor_proto_init() }
-func file_google_protobuf_descriptor_proto_init() {
-	if File_google_protobuf_descriptor_proto != nil {
-		return
-	}
-	if !protoimpl.UnsafeEnabled {
-		file_google_protobuf_descriptor_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*FileDescriptorSet); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[1].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*FileDescriptorProto); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[2].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*DescriptorProto); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[3].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*ExtensionRangeOptions); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			case 3:
-				return &v.extensionFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[4].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*FieldDescriptorProto); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*OneofDescriptorProto); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*EnumDescriptorProto); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*EnumValueDescriptorProto); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*ServiceDescriptorProto); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*MethodDescriptorProto); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*FileOptions); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			case 3:
-				return &v.extensionFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[11].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*MessageOptions); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			case 3:
-				return &v.extensionFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[12].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*FieldOptions); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			case 3:
-				return &v.extensionFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[13].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*OneofOptions); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			case 3:
-				return &v.extensionFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[14].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*EnumOptions); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			case 3:
-				return &v.extensionFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[15].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*EnumValueOptions); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			case 3:
-				return &v.extensionFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[16].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*ServiceOptions); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			case 3:
-				return &v.extensionFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[17].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*MethodOptions); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			case 3:
-				return &v.extensionFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[18].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*UninterpretedOption); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[19].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*SourceCodeInfo); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[20].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*GeneratedCodeInfo); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[21].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*DescriptorProto_ExtensionRange); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[22].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*DescriptorProto_ReservedRange); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[23].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*ExtensionRangeOptions_Declaration); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[24].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*EnumDescriptorProto_EnumReservedRange); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[25].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*UninterpretedOption_NamePart); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[26].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*SourceCodeInfo_Location); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-		file_google_protobuf_descriptor_proto_msgTypes[27].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*GeneratedCodeInfo_Annotation); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-	}
-	type x struct{}
-	out := protoimpl.TypeBuilder{
-		File: protoimpl.DescBuilder{
-			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
-			RawDescriptor: file_google_protobuf_descriptor_proto_rawDesc,
-			NumEnums:      10,
-			NumMessages:   28,
-			NumExtensions: 0,
-			NumServices:   0,
-		},
-		GoTypes:           file_google_protobuf_descriptor_proto_goTypes,
-		DependencyIndexes: file_google_protobuf_descriptor_proto_depIdxs,
-		EnumInfos:         file_google_protobuf_descriptor_proto_enumTypes,
-		MessageInfos:      file_google_protobuf_descriptor_proto_msgTypes,
-	}.Build()
-	File_google_protobuf_descriptor_proto = out.File
-	file_google_protobuf_descriptor_proto_rawDesc = nil
-	file_google_protobuf_descriptor_proto_goTypes = nil
-	file_google_protobuf_descriptor_proto_depIdxs = nil
-}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 127e0fad1..9ca80c9d1 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -33,17 +33,14 @@ github.com/getsentry/sentry-go
 github.com/getsentry/sentry-go/internal/crypto/randutil
 github.com/getsentry/sentry-go/internal/debug
 github.com/getsentry/sentry-go/internal/ratelimit
-# github.com/go-logr/logr v1.2.3
+# github.com/go-logr/logr v1.2.4
 ## explicit; go 1.16
 github.com/go-logr/logr
 # github.com/go-sql-driver/mysql v1.7.1
 ## explicit; go 1.13
 github.com/go-sql-driver/mysql
-# github.com/golang/protobuf v1.5.3
-## explicit; go 1.9
-github.com/golang/protobuf/proto
-# github.com/google/certificate-transparency-go v1.1.6
-## explicit; go 1.19
+# github.com/google/certificate-transparency-go v1.1.7
+## explicit; go 1.20
 github.com/google/certificate-transparency-go
 github.com/google/certificate-transparency-go/asn1
 github.com/google/certificate-transparency-go/client
@@ -74,9 +71,9 @@ github.com/lib/pq/scram
 # github.com/mattn/go-sqlite3 v1.14.17
 ## explicit; go 1.16
 github.com/mattn/go-sqlite3
-# github.com/matttproud/golang_protobuf_extensions v1.0.4
-## explicit; go 1.9
-github.com/matttproud/golang_protobuf_extensions/pbutil
+# github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0
+## explicit; go 1.19
+github.com/matttproud/golang_protobuf_extensions/v2/pbutil
 # github.com/pelletier/go-toml v1.9.3
 ## explicit; go 1.12
 github.com/pelletier/go-toml
@@ -86,15 +83,15 @@ github.com/prometheus/client_golang/prometheus
 github.com/prometheus/client_golang/prometheus/internal
 github.com/prometheus/client_golang/prometheus/promauto
 github.com/prometheus/client_golang/prometheus/promhttp
-# github.com/prometheus/client_model v0.4.1-0.20230718164431-9a2bf3000d16
-## explicit; go 1.18
+# github.com/prometheus/client_model v0.5.0
+## explicit; go 1.19
 github.com/prometheus/client_model/go
-# github.com/prometheus/common v0.44.0
-## explicit; go 1.18
+# github.com/prometheus/common v0.45.0
+## explicit; go 1.20
 github.com/prometheus/common/expfmt
 github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg
 github.com/prometheus/common/model
-# github.com/prometheus/procfs v0.11.1
+# github.com/prometheus/procfs v0.12.0
 ## explicit; go 1.19
 github.com/prometheus/procfs
 github.com/prometheus/procfs/internal/fs
@@ -189,12 +186,10 @@ google.golang.org/protobuf/internal/set
 google.golang.org/protobuf/internal/strs
 google.golang.org/protobuf/internal/version
 google.golang.org/protobuf/proto
-google.golang.org/protobuf/reflect/protodesc
 google.golang.org/protobuf/reflect/protoreflect
 google.golang.org/protobuf/reflect/protoregistry
 google.golang.org/protobuf/runtime/protoiface
 google.golang.org/protobuf/runtime/protoimpl
-google.golang.org/protobuf/types/descriptorpb
 google.golang.org/protobuf/types/known/timestamppb
 # k8s.io/klog/v2 v2.100.1
 ## explicit; go 1.13

From d124eca11bd1f4b2b9d7101db4db7eef82442bee Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 13 Nov 2023 03:43:57 +0000
Subject: [PATCH 48/73] build(deps): bump golang.org/x/crypto from 0.14.0 to
 0.15.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/crypto/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |  6 +-
 go.sum                                        | 14 +--
 .../x/crypto/chacha20/chacha_arm64.go         |  1 -
 .../x/crypto/chacha20/chacha_arm64.s          |  1 -
 .../x/crypto/chacha20/chacha_noasm.go         |  1 -
 .../x/crypto/chacha20/chacha_ppc64le.go       |  1 -
 .../x/crypto/chacha20/chacha_ppc64le.s        |  1 -
 .../x/crypto/chacha20/chacha_s390x.go         |  1 -
 .../x/crypto/chacha20/chacha_s390x.s          |  1 -
 .../curve25519/internal/field/fe_amd64.go     |  1 -
 .../curve25519/internal/field/fe_amd64.s      |  1 -
 .../internal/field/fe_amd64_noasm.go          |  1 -
 .../curve25519/internal/field/fe_arm64.go     |  1 -
 .../curve25519/internal/field/fe_arm64.s      |  1 -
 .../internal/field/fe_arm64_noasm.go          |  1 -
 .../x/crypto/internal/alias/alias.go          |  1 -
 .../x/crypto/internal/alias/alias_purego.go   |  1 -
 .../x/crypto/internal/poly1305/bits_compat.go |  1 -
 .../x/crypto/internal/poly1305/bits_go1.13.go |  1 -
 .../x/crypto/internal/poly1305/mac_noasm.go   |  1 -
 .../x/crypto/internal/poly1305/sum_amd64.go   |  1 -
 .../x/crypto/internal/poly1305/sum_amd64.s    |  1 -
 .../x/crypto/internal/poly1305/sum_ppc64le.go |  1 -
 .../x/crypto/internal/poly1305/sum_ppc64le.s  |  1 -
 .../x/crypto/internal/poly1305/sum_s390x.go   |  1 -
 .../x/crypto/internal/poly1305/sum_s390x.s    |  1 -
 vendor/golang.org/x/crypto/ssh/common.go      |  3 -
 vendor/golang.org/x/crypto/ssh/handshake.go   |  7 ++
 vendor/golang.org/x/crypto/ssh/keys.go        | 19 +++-
 vendor/golang.org/x/crypto/ssh/server.go      | 20 +++-
 vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s   |  1 -
 vendor/golang.org/x/sys/cpu/cpu_aix.go        |  1 -
 vendor/golang.org/x/sys/cpu/cpu_arm64.s       |  1 -
 vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go   |  1 -
 vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go   |  1 -
 vendor/golang.org/x/sys/cpu/cpu_gc_x86.go     |  2 -
 .../golang.org/x/sys/cpu/cpu_gccgo_arm64.go   |  1 -
 .../golang.org/x/sys/cpu/cpu_gccgo_s390x.go   |  1 -
 vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c   |  2 -
 vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go  |  2 -
 vendor/golang.org/x/sys/cpu/cpu_linux.go      |  1 -
 .../golang.org/x/sys/cpu/cpu_linux_mips64x.go |  2 -
 .../golang.org/x/sys/cpu/cpu_linux_noinit.go  |  1 -
 .../golang.org/x/sys/cpu/cpu_linux_ppc64x.go  |  2 -
 vendor/golang.org/x/sys/cpu/cpu_loong64.go    |  1 -
 vendor/golang.org/x/sys/cpu/cpu_mips64x.go    |  1 -
 vendor/golang.org/x/sys/cpu/cpu_mipsx.go      |  1 -
 vendor/golang.org/x/sys/cpu/cpu_other_arm.go  |  1 -
 .../golang.org/x/sys/cpu/cpu_other_arm64.go   |  1 -
 .../golang.org/x/sys/cpu/cpu_other_mips64x.go |  2 -
 .../golang.org/x/sys/cpu/cpu_other_ppc64x.go  |  3 -
 .../golang.org/x/sys/cpu/cpu_other_riscv64.go |  1 -
 vendor/golang.org/x/sys/cpu/cpu_ppc64x.go     |  1 -
 vendor/golang.org/x/sys/cpu/cpu_riscv64.go    |  1 -
 vendor/golang.org/x/sys/cpu/cpu_s390x.s       |  1 -
 vendor/golang.org/x/sys/cpu/cpu_wasm.go       |  1 -
 vendor/golang.org/x/sys/cpu/cpu_x86.go        |  1 -
 vendor/golang.org/x/sys/cpu/cpu_x86.s         |  2 -
 vendor/golang.org/x/sys/cpu/endian_big.go     |  1 -
 vendor/golang.org/x/sys/cpu/endian_little.go  |  1 -
 .../x/sys/cpu/proc_cpuinfo_linux.go           |  1 -
 .../x/sys/cpu/runtime_auxv_go121.go           |  1 -
 .../golang.org/x/sys/cpu/syscall_aix_gccgo.go |  1 -
 .../x/sys/cpu/syscall_aix_ppc64_gc.go         |  1 -
 vendor/golang.org/x/sys/unix/aliases.go       |  2 -
 vendor/golang.org/x/sys/unix/asm_aix_ppc64.s  |  1 -
 vendor/golang.org/x/sys/unix/asm_bsd_386.s    |  2 -
 vendor/golang.org/x/sys/unix/asm_bsd_amd64.s  |  2 -
 vendor/golang.org/x/sys/unix/asm_bsd_arm.s    |  2 -
 vendor/golang.org/x/sys/unix/asm_bsd_arm64.s  |  2 -
 vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s  |  2 -
 .../golang.org/x/sys/unix/asm_bsd_riscv64.s   |  2 -
 vendor/golang.org/x/sys/unix/asm_linux_386.s  |  1 -
 .../golang.org/x/sys/unix/asm_linux_amd64.s   |  1 -
 vendor/golang.org/x/sys/unix/asm_linux_arm.s  |  1 -
 .../golang.org/x/sys/unix/asm_linux_arm64.s   |  3 -
 .../golang.org/x/sys/unix/asm_linux_loong64.s |  3 -
 .../golang.org/x/sys/unix/asm_linux_mips64x.s |  3 -
 .../golang.org/x/sys/unix/asm_linux_mipsx.s   |  3 -
 .../golang.org/x/sys/unix/asm_linux_ppc64x.s  |  3 -
 .../golang.org/x/sys/unix/asm_linux_riscv64.s |  2 -
 .../golang.org/x/sys/unix/asm_linux_s390x.s   |  3 -
 .../x/sys/unix/asm_openbsd_mips64.s           |  1 -
 .../golang.org/x/sys/unix/asm_solaris_amd64.s |  1 -
 vendor/golang.org/x/sys/unix/asm_zos_s390x.s  |  3 -
 vendor/golang.org/x/sys/unix/cap_freebsd.go   |  1 -
 vendor/golang.org/x/sys/unix/constants.go     |  1 -
 vendor/golang.org/x/sys/unix/dev_aix_ppc.go   |  1 -
 vendor/golang.org/x/sys/unix/dev_aix_ppc64.go |  1 -
 vendor/golang.org/x/sys/unix/dev_zos.go       |  1 -
 vendor/golang.org/x/sys/unix/dirent.go        |  1 -
 vendor/golang.org/x/sys/unix/endian_big.go    |  1 -
 vendor/golang.org/x/sys/unix/endian_little.go |  1 -
 vendor/golang.org/x/sys/unix/env_unix.go      |  1 -
 vendor/golang.org/x/sys/unix/epoll_zos.go     |  1 -
 vendor/golang.org/x/sys/unix/fcntl.go         |  1 -
 .../x/sys/unix/fcntl_linux_32bit.go           |  1 -
 vendor/golang.org/x/sys/unix/fdset.go         |  1 -
 vendor/golang.org/x/sys/unix/fstatfs_zos.go   |  1 -
 vendor/golang.org/x/sys/unix/gccgo.go         |  1 -
 vendor/golang.org/x/sys/unix/gccgo_c.c        |  1 -
 .../x/sys/unix/gccgo_linux_amd64.go           |  1 -
 vendor/golang.org/x/sys/unix/ifreq_linux.go   |  1 -
 vendor/golang.org/x/sys/unix/ioctl_signed.go  |  1 -
 .../golang.org/x/sys/unix/ioctl_unsigned.go   |  1 -
 vendor/golang.org/x/sys/unix/ioctl_zos.go     |  1 -
 vendor/golang.org/x/sys/unix/mkerrors.sh      |  1 -
 vendor/golang.org/x/sys/unix/mmap_nomremap.go |  1 -
 vendor/golang.org/x/sys/unix/mremap.go        |  1 -
 vendor/golang.org/x/sys/unix/pagesize_unix.go |  1 -
 .../golang.org/x/sys/unix/pledge_openbsd.go   | 92 ++++---------------
 vendor/golang.org/x/sys/unix/ptrace_darwin.go |  1 -
 vendor/golang.org/x/sys/unix/ptrace_ios.go    |  1 -
 vendor/golang.org/x/sys/unix/race.go          |  1 -
 vendor/golang.org/x/sys/unix/race0.go         |  1 -
 .../x/sys/unix/readdirent_getdents.go         |  1 -
 .../x/sys/unix/readdirent_getdirentries.go    |  1 -
 vendor/golang.org/x/sys/unix/sockcmsg_unix.go |  1 -
 .../x/sys/unix/sockcmsg_unix_other.go         |  1 -
 vendor/golang.org/x/sys/unix/syscall.go       |  1 -
 vendor/golang.org/x/sys/unix/syscall_aix.go   |  4 +-
 .../golang.org/x/sys/unix/syscall_aix_ppc.go  |  1 -
 .../x/sys/unix/syscall_aix_ppc64.go           |  1 -
 vendor/golang.org/x/sys/unix/syscall_bsd.go   |  1 -
 .../x/sys/unix/syscall_darwin_amd64.go        |  1 -
 .../x/sys/unix/syscall_darwin_arm64.go        |  1 -
 .../x/sys/unix/syscall_darwin_libSystem.go    |  1 -
 .../x/sys/unix/syscall_dragonfly_amd64.go     |  1 -
 .../x/sys/unix/syscall_freebsd_386.go         |  1 -
 .../x/sys/unix/syscall_freebsd_amd64.go       |  1 -
 .../x/sys/unix/syscall_freebsd_arm.go         |  1 -
 .../x/sys/unix/syscall_freebsd_arm64.go       |  1 -
 .../x/sys/unix/syscall_freebsd_riscv64.go     |  1 -
 vendor/golang.org/x/sys/unix/syscall_hurd.go  |  1 -
 .../golang.org/x/sys/unix/syscall_hurd_386.go |  1 -
 .../golang.org/x/sys/unix/syscall_illumos.go  |  1 -
 vendor/golang.org/x/sys/unix/syscall_linux.go |  5 +-
 .../x/sys/unix/syscall_linux_386.go           |  1 -
 .../x/sys/unix/syscall_linux_alarm.go         |  2 -
 .../x/sys/unix/syscall_linux_amd64.go         |  1 -
 .../x/sys/unix/syscall_linux_amd64_gc.go      |  1 -
 .../x/sys/unix/syscall_linux_arm.go           |  1 -
 .../x/sys/unix/syscall_linux_arm64.go         |  1 -
 .../golang.org/x/sys/unix/syscall_linux_gc.go |  1 -
 .../x/sys/unix/syscall_linux_gc_386.go        |  1 -
 .../x/sys/unix/syscall_linux_gc_arm.go        |  1 -
 .../x/sys/unix/syscall_linux_gccgo_386.go     |  1 -
 .../x/sys/unix/syscall_linux_gccgo_arm.go     |  1 -
 .../x/sys/unix/syscall_linux_loong64.go       |  1 -
 .../x/sys/unix/syscall_linux_mips64x.go       |  2 -
 .../x/sys/unix/syscall_linux_mipsx.go         |  2 -
 .../x/sys/unix/syscall_linux_ppc.go           |  1 -
 .../x/sys/unix/syscall_linux_ppc64x.go        |  2 -
 .../x/sys/unix/syscall_linux_riscv64.go       |  1 -
 .../x/sys/unix/syscall_linux_s390x.go         |  1 -
 .../x/sys/unix/syscall_linux_sparc64.go       |  1 -
 .../x/sys/unix/syscall_netbsd_386.go          |  1 -
 .../x/sys/unix/syscall_netbsd_amd64.go        |  1 -
 .../x/sys/unix/syscall_netbsd_arm.go          |  1 -
 .../x/sys/unix/syscall_netbsd_arm64.go        |  1 -
 .../golang.org/x/sys/unix/syscall_openbsd.go  | 14 ++-
 .../x/sys/unix/syscall_openbsd_386.go         |  1 -
 .../x/sys/unix/syscall_openbsd_amd64.go       |  1 -
 .../x/sys/unix/syscall_openbsd_arm.go         |  1 -
 .../x/sys/unix/syscall_openbsd_arm64.go       |  1 -
 .../x/sys/unix/syscall_openbsd_libc.go        |  1 -
 .../x/sys/unix/syscall_openbsd_ppc64.go       |  1 -
 .../x/sys/unix/syscall_openbsd_riscv64.go     |  1 -
 .../golang.org/x/sys/unix/syscall_solaris.go  |  3 +-
 .../x/sys/unix/syscall_solaris_amd64.go       |  1 -
 vendor/golang.org/x/sys/unix/syscall_unix.go  |  1 -
 .../golang.org/x/sys/unix/syscall_unix_gc.go  |  2 -
 .../x/sys/unix/syscall_unix_gc_ppc64x.go      |  3 -
 .../x/sys/unix/syscall_zos_s390x.go           |  1 -
 vendor/golang.org/x/sys/unix/sysvshm_linux.go |  1 -
 vendor/golang.org/x/sys/unix/sysvshm_unix.go  |  1 -
 .../x/sys/unix/sysvshm_unix_other.go          |  1 -
 vendor/golang.org/x/sys/unix/timestruct.go    |  1 -
 .../golang.org/x/sys/unix/unveil_openbsd.go   | 41 +++++----
 vendor/golang.org/x/sys/unix/xattr_bsd.go     |  1 -
 .../golang.org/x/sys/unix/zerrors_aix_ppc.go  |  1 -
 .../x/sys/unix/zerrors_aix_ppc64.go           |  1 -
 .../x/sys/unix/zerrors_darwin_amd64.go        |  1 -
 .../x/sys/unix/zerrors_darwin_arm64.go        |  1 -
 .../x/sys/unix/zerrors_dragonfly_amd64.go     |  1 -
 .../x/sys/unix/zerrors_freebsd_386.go         |  1 -
 .../x/sys/unix/zerrors_freebsd_amd64.go       |  1 -
 .../x/sys/unix/zerrors_freebsd_arm.go         |  1 -
 .../x/sys/unix/zerrors_freebsd_arm64.go       |  1 -
 .../x/sys/unix/zerrors_freebsd_riscv64.go     |  1 -
 vendor/golang.org/x/sys/unix/zerrors_linux.go | 14 ++-
 .../x/sys/unix/zerrors_linux_386.go           |  1 -
 .../x/sys/unix/zerrors_linux_amd64.go         |  1 -
 .../x/sys/unix/zerrors_linux_arm.go           |  1 -
 .../x/sys/unix/zerrors_linux_arm64.go         |  1 -
 .../x/sys/unix/zerrors_linux_loong64.go       |  2 +-
 .../x/sys/unix/zerrors_linux_mips.go          |  1 -
 .../x/sys/unix/zerrors_linux_mips64.go        |  1 -
 .../x/sys/unix/zerrors_linux_mips64le.go      |  1 -
 .../x/sys/unix/zerrors_linux_mipsle.go        |  1 -
 .../x/sys/unix/zerrors_linux_ppc.go           |  1 -
 .../x/sys/unix/zerrors_linux_ppc64.go         |  1 -
 .../x/sys/unix/zerrors_linux_ppc64le.go       |  1 -
 .../x/sys/unix/zerrors_linux_riscv64.go       |  4 +-
 .../x/sys/unix/zerrors_linux_s390x.go         |  1 -
 .../x/sys/unix/zerrors_linux_sparc64.go       |  1 -
 .../x/sys/unix/zerrors_netbsd_386.go          |  1 -
 .../x/sys/unix/zerrors_netbsd_amd64.go        |  1 -
 .../x/sys/unix/zerrors_netbsd_arm.go          |  1 -
 .../x/sys/unix/zerrors_netbsd_arm64.go        |  1 -
 .../x/sys/unix/zerrors_openbsd_386.go         |  1 -
 .../x/sys/unix/zerrors_openbsd_amd64.go       |  1 -
 .../x/sys/unix/zerrors_openbsd_arm.go         |  1 -
 .../x/sys/unix/zerrors_openbsd_arm64.go       |  1 -
 .../x/sys/unix/zerrors_openbsd_mips64.go      |  1 -
 .../x/sys/unix/zerrors_openbsd_ppc64.go       |  1 -
 .../x/sys/unix/zerrors_openbsd_riscv64.go     |  1 -
 .../x/sys/unix/zerrors_solaris_amd64.go       |  1 -
 .../x/sys/unix/zerrors_zos_s390x.go           |  1 -
 .../x/sys/unix/zptrace_armnn_linux.go         |  2 -
 .../x/sys/unix/zptrace_mipsnn_linux.go        |  2 -
 .../x/sys/unix/zptrace_mipsnnle_linux.go      |  2 -
 .../x/sys/unix/zptrace_x86_linux.go           |  2 -
 .../golang.org/x/sys/unix/zsyscall_aix_ppc.go |  1 -
 .../x/sys/unix/zsyscall_aix_ppc64.go          |  1 -
 .../x/sys/unix/zsyscall_aix_ppc64_gc.go       |  1 -
 .../x/sys/unix/zsyscall_aix_ppc64_gccgo.go    |  1 -
 .../x/sys/unix/zsyscall_darwin_amd64.go       |  1 -
 .../x/sys/unix/zsyscall_darwin_arm64.go       |  1 -
 .../x/sys/unix/zsyscall_dragonfly_amd64.go    |  1 -
 .../x/sys/unix/zsyscall_freebsd_386.go        |  1 -
 .../x/sys/unix/zsyscall_freebsd_amd64.go      |  1 -
 .../x/sys/unix/zsyscall_freebsd_arm.go        |  1 -
 .../x/sys/unix/zsyscall_freebsd_arm64.go      |  1 -
 .../x/sys/unix/zsyscall_freebsd_riscv64.go    |  1 -
 .../x/sys/unix/zsyscall_illumos_amd64.go      |  1 -
 .../golang.org/x/sys/unix/zsyscall_linux.go   | 11 ++-
 .../x/sys/unix/zsyscall_linux_386.go          |  1 -
 .../x/sys/unix/zsyscall_linux_amd64.go        |  1 -
 .../x/sys/unix/zsyscall_linux_arm.go          |  1 -
 .../x/sys/unix/zsyscall_linux_arm64.go        |  1 -
 .../x/sys/unix/zsyscall_linux_loong64.go      |  1 -
 .../x/sys/unix/zsyscall_linux_mips.go         |  1 -
 .../x/sys/unix/zsyscall_linux_mips64.go       |  1 -
 .../x/sys/unix/zsyscall_linux_mips64le.go     |  1 -
 .../x/sys/unix/zsyscall_linux_mipsle.go       |  1 -
 .../x/sys/unix/zsyscall_linux_ppc.go          |  1 -
 .../x/sys/unix/zsyscall_linux_ppc64.go        |  1 -
 .../x/sys/unix/zsyscall_linux_ppc64le.go      |  1 -
 .../x/sys/unix/zsyscall_linux_riscv64.go      |  1 -
 .../x/sys/unix/zsyscall_linux_s390x.go        |  1 -
 .../x/sys/unix/zsyscall_linux_sparc64.go      |  1 -
 .../x/sys/unix/zsyscall_netbsd_386.go         |  1 -
 .../x/sys/unix/zsyscall_netbsd_amd64.go       |  1 -
 .../x/sys/unix/zsyscall_netbsd_arm.go         |  1 -
 .../x/sys/unix/zsyscall_netbsd_arm64.go       |  1 -
 .../x/sys/unix/zsyscall_openbsd_386.go        | 46 +++++++++-
 .../x/sys/unix/zsyscall_openbsd_386.s         | 15 +++
 .../x/sys/unix/zsyscall_openbsd_amd64.go      | 46 +++++++++-
 .../x/sys/unix/zsyscall_openbsd_amd64.s       | 15 +++
 .../x/sys/unix/zsyscall_openbsd_arm.go        | 46 +++++++++-
 .../x/sys/unix/zsyscall_openbsd_arm.s         | 15 +++
 .../x/sys/unix/zsyscall_openbsd_arm64.go      | 46 +++++++++-
 .../x/sys/unix/zsyscall_openbsd_arm64.s       | 15 +++
 .../x/sys/unix/zsyscall_openbsd_mips64.go     | 46 +++++++++-
 .../x/sys/unix/zsyscall_openbsd_mips64.s      | 15 +++
 .../x/sys/unix/zsyscall_openbsd_ppc64.go      | 46 +++++++++-
 .../x/sys/unix/zsyscall_openbsd_ppc64.s       | 18 ++++
 .../x/sys/unix/zsyscall_openbsd_riscv64.go    | 46 +++++++++-
 .../x/sys/unix/zsyscall_openbsd_riscv64.s     | 15 +++
 .../x/sys/unix/zsyscall_solaris_amd64.go      |  1 -
 .../x/sys/unix/zsyscall_zos_s390x.go          |  1 -
 .../x/sys/unix/zsysctl_openbsd_386.go         |  1 -
 .../x/sys/unix/zsysctl_openbsd_amd64.go       |  1 -
 .../x/sys/unix/zsysctl_openbsd_arm.go         |  1 -
 .../x/sys/unix/zsysctl_openbsd_arm64.go       |  1 -
 .../x/sys/unix/zsysctl_openbsd_mips64.go      |  1 -
 .../x/sys/unix/zsysctl_openbsd_ppc64.go       |  1 -
 .../x/sys/unix/zsysctl_openbsd_riscv64.go     |  1 -
 .../x/sys/unix/zsysnum_darwin_amd64.go        |  1 -
 .../x/sys/unix/zsysnum_darwin_arm64.go        |  1 -
 .../x/sys/unix/zsysnum_dragonfly_amd64.go     |  1 -
 .../x/sys/unix/zsysnum_freebsd_386.go         |  1 -
 .../x/sys/unix/zsysnum_freebsd_amd64.go       |  1 -
 .../x/sys/unix/zsysnum_freebsd_arm.go         |  1 -
 .../x/sys/unix/zsysnum_freebsd_arm64.go       |  1 -
 .../x/sys/unix/zsysnum_freebsd_riscv64.go     |  1 -
 .../x/sys/unix/zsysnum_linux_386.go           |  2 +-
 .../x/sys/unix/zsysnum_linux_amd64.go         |  3 +-
 .../x/sys/unix/zsysnum_linux_arm.go           |  2 +-
 .../x/sys/unix/zsysnum_linux_arm64.go         |  2 +-
 .../x/sys/unix/zsysnum_linux_loong64.go       |  2 +-
 .../x/sys/unix/zsysnum_linux_mips.go          |  2 +-
 .../x/sys/unix/zsysnum_linux_mips64.go        |  2 +-
 .../x/sys/unix/zsysnum_linux_mips64le.go      |  2 +-
 .../x/sys/unix/zsysnum_linux_mipsle.go        |  2 +-
 .../x/sys/unix/zsysnum_linux_ppc.go           |  2 +-
 .../x/sys/unix/zsysnum_linux_ppc64.go         |  2 +-
 .../x/sys/unix/zsysnum_linux_ppc64le.go       |  2 +-
 .../x/sys/unix/zsysnum_linux_riscv64.go       |  2 +-
 .../x/sys/unix/zsysnum_linux_s390x.go         |  2 +-
 .../x/sys/unix/zsysnum_linux_sparc64.go       |  2 +-
 .../x/sys/unix/zsysnum_netbsd_386.go          |  1 -
 .../x/sys/unix/zsysnum_netbsd_amd64.go        |  1 -
 .../x/sys/unix/zsysnum_netbsd_arm.go          |  1 -
 .../x/sys/unix/zsysnum_netbsd_arm64.go        |  1 -
 .../x/sys/unix/zsysnum_openbsd_386.go         |  1 -
 .../x/sys/unix/zsysnum_openbsd_amd64.go       |  1 -
 .../x/sys/unix/zsysnum_openbsd_arm.go         |  1 -
 .../x/sys/unix/zsysnum_openbsd_arm64.go       |  1 -
 .../x/sys/unix/zsysnum_openbsd_mips64.go      |  1 -
 .../x/sys/unix/zsysnum_openbsd_ppc64.go       |  1 -
 .../x/sys/unix/zsysnum_openbsd_riscv64.go     |  1 -
 .../x/sys/unix/zsysnum_zos_s390x.go           |  1 -
 .../golang.org/x/sys/unix/ztypes_aix_ppc.go   |  1 -
 .../golang.org/x/sys/unix/ztypes_aix_ppc64.go |  1 -
 .../x/sys/unix/ztypes_darwin_amd64.go         |  1 -
 .../x/sys/unix/ztypes_darwin_arm64.go         |  1 -
 .../x/sys/unix/ztypes_dragonfly_amd64.go      |  1 -
 .../x/sys/unix/ztypes_freebsd_386.go          |  1 -
 .../x/sys/unix/ztypes_freebsd_amd64.go        |  1 -
 .../x/sys/unix/ztypes_freebsd_arm.go          |  1 -
 .../x/sys/unix/ztypes_freebsd_arm64.go        |  1 -
 .../x/sys/unix/ztypes_freebsd_riscv64.go      |  1 -
 vendor/golang.org/x/sys/unix/ztypes_linux.go  | 13 ++-
 .../golang.org/x/sys/unix/ztypes_linux_386.go |  1 -
 .../x/sys/unix/ztypes_linux_amd64.go          |  1 -
 .../golang.org/x/sys/unix/ztypes_linux_arm.go |  1 -
 .../x/sys/unix/ztypes_linux_arm64.go          |  1 -
 .../x/sys/unix/ztypes_linux_loong64.go        |  1 -
 .../x/sys/unix/ztypes_linux_mips.go           |  1 -
 .../x/sys/unix/ztypes_linux_mips64.go         |  1 -
 .../x/sys/unix/ztypes_linux_mips64le.go       |  1 -
 .../x/sys/unix/ztypes_linux_mipsle.go         |  1 -
 .../golang.org/x/sys/unix/ztypes_linux_ppc.go |  1 -
 .../x/sys/unix/ztypes_linux_ppc64.go          |  1 -
 .../x/sys/unix/ztypes_linux_ppc64le.go        |  1 -
 .../x/sys/unix/ztypes_linux_riscv64.go        |  1 -
 .../x/sys/unix/ztypes_linux_s390x.go          |  1 -
 .../x/sys/unix/ztypes_linux_sparc64.go        |  1 -
 .../x/sys/unix/ztypes_netbsd_386.go           |  1 -
 .../x/sys/unix/ztypes_netbsd_amd64.go         |  1 -
 .../x/sys/unix/ztypes_netbsd_arm.go           |  1 -
 .../x/sys/unix/ztypes_netbsd_arm64.go         |  1 -
 .../x/sys/unix/ztypes_openbsd_386.go          |  1 -
 .../x/sys/unix/ztypes_openbsd_amd64.go        |  1 -
 .../x/sys/unix/ztypes_openbsd_arm.go          |  1 -
 .../x/sys/unix/ztypes_openbsd_arm64.go        |  1 -
 .../x/sys/unix/ztypes_openbsd_mips64.go       |  1 -
 .../x/sys/unix/ztypes_openbsd_ppc64.go        |  1 -
 .../x/sys/unix/ztypes_openbsd_riscv64.go      |  1 -
 .../x/sys/unix/ztypes_solaris_amd64.go        |  1 -
 .../golang.org/x/sys/unix/ztypes_zos_s390x.go |  1 -
 vendor/golang.org/x/sys/windows/aliases.go    |  1 -
 vendor/golang.org/x/sys/windows/empty.s       |  1 -
 vendor/golang.org/x/sys/windows/eventlog.go   |  1 -
 vendor/golang.org/x/sys/windows/mksyscall.go  |  1 -
 vendor/golang.org/x/sys/windows/race.go       |  1 -
 vendor/golang.org/x/sys/windows/race0.go      |  1 -
 vendor/golang.org/x/sys/windows/service.go    |  1 -
 vendor/golang.org/x/sys/windows/str.go        |  1 -
 vendor/golang.org/x/sys/windows/syscall.go    |  1 -
 .../x/sys/windows/syscall_windows.go          |  4 +-
 .../golang.org/x/sys/windows/types_windows.go | 28 +++++-
 .../x/sys/windows/zsyscall_windows.go         |  9 ++
 .../x/text/secure/bidirule/bidirule10.0.0.go  |  1 -
 .../x/text/secure/bidirule/bidirule9.0.0.go   |  1 -
 .../x/text/unicode/bidi/tables10.0.0.go       |  1 -
 .../x/text/unicode/bidi/tables11.0.0.go       |  1 -
 .../x/text/unicode/bidi/tables12.0.0.go       |  1 -
 .../x/text/unicode/bidi/tables13.0.0.go       |  1 -
 .../x/text/unicode/bidi/tables15.0.0.go       |  1 -
 .../x/text/unicode/bidi/tables9.0.0.go        |  1 -
 .../x/text/unicode/norm/tables10.0.0.go       |  1 -
 .../x/text/unicode/norm/tables11.0.0.go       |  1 -
 .../x/text/unicode/norm/tables12.0.0.go       |  1 -
 .../x/text/unicode/norm/tables13.0.0.go       |  1 -
 .../x/text/unicode/norm/tables15.0.0.go       |  1 -
 .../x/text/unicode/norm/tables9.0.0.go        |  1 -
 vendor/modules.txt                            | 12 +--
 380 files changed, 631 insertions(+), 527 deletions(-)

diff --git a/go.mod b/go.mod
index 3cc5b5584..ac0a90a3a 100644
--- a/go.mod
+++ b/go.mod
@@ -16,7 +16,7 @@ require (
 	github.com/prometheus/client_golang v1.17.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.14.0
+	golang.org/x/crypto v0.15.0
 )
 
 require (
@@ -34,8 +34,8 @@ require (
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.13.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
+	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
 )
diff --git a/go.sum b/go.sum
index 540313840..c8da97b69 100644
--- a/go.sum
+++ b/go.sum
@@ -385,8 +385,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
-golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA=
+golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -528,14 +528,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
-golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
+golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
+golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -546,8 +546,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
-golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.go b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.go
index 5dfacbb98..661ea132e 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s
index f1f66230d..7dd2638e8 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_arm64.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
index 02ff3d05e..db42e6676 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (!arm64 && !s390x && !ppc64le) || !gc || purego
-// +build !arm64,!s390x,!ppc64le !gc purego
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
index da420b2e9..3a4287f99 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
index 5c0fed26f..66aebae25 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
@@ -20,7 +20,6 @@
 // due to the calling conventions and initialization of constants.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_s390x.go b/vendor/golang.org/x/crypto/chacha20/chacha_s390x.go
index 4652247b8..683ccfd1c 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_s390x.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_s390x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_s390x.s b/vendor/golang.org/x/crypto/chacha20/chacha_s390x.s
index f3ef5a019..1eda91a3d 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_s390x.s
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_s390x.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 #include "go_asm.h"
 #include "textflag.h"
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go
index edcf163c4..70c541692 100644
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go
@@ -1,7 +1,6 @@
 // Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
 
 //go:build amd64 && gc && !purego
-// +build amd64,gc,!purego
 
 package field
 
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s
index 293f013c9..60817acc4 100644
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s
@@ -1,7 +1,6 @@
 // Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
 
 //go:build amd64 && gc && !purego
-// +build amd64,gc,!purego
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go
index ddb6c9b8f..9da280d1d 100644
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !amd64 || !gc || purego
-// +build !amd64 !gc purego
 
 package field
 
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go
index af459ef51..075fe9b92 100644
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm64 && gc && !purego
-// +build arm64,gc,!purego
 
 package field
 
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s
index 5c91e4589..3126a4341 100644
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm64 && gc && !purego
-// +build arm64,gc,!purego
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go
index 234a5b2e5..fc029ac12 100644
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !arm64 || !gc || purego
-// +build !arm64 !gc purego
 
 package field
 
diff --git a/vendor/golang.org/x/crypto/internal/alias/alias.go b/vendor/golang.org/x/crypto/internal/alias/alias.go
index 69c17f822..551ff0c35 100644
--- a/vendor/golang.org/x/crypto/internal/alias/alias.go
+++ b/vendor/golang.org/x/crypto/internal/alias/alias.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !purego
-// +build !purego
 
 // Package alias implements memory aliasing tests.
 package alias
diff --git a/vendor/golang.org/x/crypto/internal/alias/alias_purego.go b/vendor/golang.org/x/crypto/internal/alias/alias_purego.go
index 4775b0a43..6fe61b5c6 100644
--- a/vendor/golang.org/x/crypto/internal/alias/alias_purego.go
+++ b/vendor/golang.org/x/crypto/internal/alias/alias_purego.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build purego
-// +build purego
 
 // Package alias implements memory aliasing tests.
 package alias
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go b/vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go
index 45b5c966b..d33c8890f 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !go1.13
-// +build !go1.13
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go b/vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go
index ed52b3418..495c1fa69 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build go1.13
-// +build go1.13
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go b/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
index f184b67d9..333da285b 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (!amd64 && !ppc64le && !s390x) || !gc || purego
-// +build !amd64,!ppc64le,!s390x !gc purego
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.go b/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.go
index 6d522333f..164cd47d3 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s b/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s
index 1d74f0f88..e0d3c6475 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
index 4a069941a..4aec4874b 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
index 58422aad2..d2ca5deeb 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.go b/vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.go
index ec9596688..e1d033a49 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.s b/vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.s
index aa9e0494c..0fe3a7c21 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.s
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_s390x.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc && !purego
-// +build gc,!purego
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go
index b419c761e..dd2ab0d69 100644
--- a/vendor/golang.org/x/crypto/ssh/common.go
+++ b/vendor/golang.org/x/crypto/ssh/common.go
@@ -10,7 +10,6 @@ import (
 	"fmt"
 	"io"
 	"math"
-	"strings"
 	"sync"
 
 	_ "crypto/sha1"
@@ -140,8 +139,6 @@ var supportedPubKeyAuthAlgos = []string{
 	KeyAlgoDSA,
 }
 
-var supportedPubKeyAuthAlgosList = strings.Join(supportedPubKeyAuthAlgos, ",")
-
 // unexpectedMessageError results when the SSH message that we received didn't
 // match what we wanted.
 func unexpectedMessageError(expected, got uint8) error {
diff --git a/vendor/golang.org/x/crypto/ssh/handshake.go b/vendor/golang.org/x/crypto/ssh/handshake.go
index 70a7369ff..49bbba769 100644
--- a/vendor/golang.org/x/crypto/ssh/handshake.go
+++ b/vendor/golang.org/x/crypto/ssh/handshake.go
@@ -11,6 +11,7 @@ import (
 	"io"
 	"log"
 	"net"
+	"strings"
 	"sync"
 )
 
@@ -50,6 +51,10 @@ type handshakeTransport struct {
 	// connection.
 	hostKeys []Signer
 
+	// publicKeyAuthAlgorithms is non-empty if we are the server. In that case,
+	// it contains the supported client public key authentication algorithms.
+	publicKeyAuthAlgorithms []string
+
 	// hostKeyAlgorithms is non-empty if we are the client. In that case,
 	// we accept these key types from the server as host key.
 	hostKeyAlgorithms []string
@@ -141,6 +146,7 @@ func newClientTransport(conn keyingTransport, clientVersion, serverVersion []byt
 func newServerTransport(conn keyingTransport, clientVersion, serverVersion []byte, config *ServerConfig) *handshakeTransport {
 	t := newHandshakeTransport(conn, &config.Config, clientVersion, serverVersion)
 	t.hostKeys = config.hostKeys
+	t.publicKeyAuthAlgorithms = config.PublicKeyAuthAlgorithms
 	go t.readLoop()
 	go t.kexLoop()
 	return t
@@ -649,6 +655,7 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 	// message with the server-sig-algs extension if the client supports it. See
 	// RFC 8308, Sections 2.4 and 3.1, and [PROTOCOL], Section 1.9.
 	if !isClient && firstKeyExchange && contains(clientInit.KexAlgos, "ext-info-c") {
+		supportedPubKeyAuthAlgosList := strings.Join(t.publicKeyAuthAlgorithms, ",")
 		extInfo := &extInfoMsg{
 			NumExtensions: 2,
 			Payload:       make([]byte, 0, 4+15+4+len(supportedPubKeyAuthAlgosList)+4+16+4+1),
diff --git a/vendor/golang.org/x/crypto/ssh/keys.go b/vendor/golang.org/x/crypto/ssh/keys.go
index ef1bad731..df4ebdada 100644
--- a/vendor/golang.org/x/crypto/ssh/keys.go
+++ b/vendor/golang.org/x/crypto/ssh/keys.go
@@ -1232,16 +1232,27 @@ func ParseRawPrivateKeyWithPassphrase(pemBytes, passphrase []byte) (interface{},
 		return nil, fmt.Errorf("ssh: cannot decode encrypted private keys: %v", err)
 	}
 
+	var result interface{}
+
 	switch block.Type {
 	case "RSA PRIVATE KEY":
-		return x509.ParsePKCS1PrivateKey(buf)
+		result, err = x509.ParsePKCS1PrivateKey(buf)
 	case "EC PRIVATE KEY":
-		return x509.ParseECPrivateKey(buf)
+		result, err = x509.ParseECPrivateKey(buf)
 	case "DSA PRIVATE KEY":
-		return ParseDSAPrivateKey(buf)
+		result, err = ParseDSAPrivateKey(buf)
 	default:
-		return nil, fmt.Errorf("ssh: unsupported key type %q", block.Type)
+		err = fmt.Errorf("ssh: unsupported key type %q", block.Type)
 	}
+	// Because of deficiencies in the format, DecryptPEMBlock does not always
+	// detect an incorrect password. In these cases decrypted DER bytes is
+	// random noise. If the parsing of the key returns an asn1.StructuralError
+	// we return x509.IncorrectPasswordError.
+	if _, ok := err.(asn1.StructuralError); ok {
+		return nil, x509.IncorrectPasswordError
+	}
+
+	return result, err
 }
 
 // ParseDSAPrivateKey returns a DSA private key from its ASN.1 DER encoding, as
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index 727c71b9c..8f1505af9 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -64,6 +64,13 @@ type ServerConfig struct {
 	// Config contains configuration shared between client and server.
 	Config
 
+	// PublicKeyAuthAlgorithms specifies the supported client public key
+	// authentication algorithms. Note that this should not include certificate
+	// types since those use the underlying algorithm. This list is sent to the
+	// client if it supports the server-sig-algs extension. Order is irrelevant.
+	// If unspecified then a default set of algorithms is used.
+	PublicKeyAuthAlgorithms []string
+
 	hostKeys []Signer
 
 	// NoClientAuth is true if clients are allowed to connect without
@@ -201,6 +208,15 @@ func NewServerConn(c net.Conn, config *ServerConfig) (*ServerConn, <-chan NewCha
 	if fullConf.MaxAuthTries == 0 {
 		fullConf.MaxAuthTries = 6
 	}
+	if len(fullConf.PublicKeyAuthAlgorithms) == 0 {
+		fullConf.PublicKeyAuthAlgorithms = supportedPubKeyAuthAlgos
+	} else {
+		for _, algo := range fullConf.PublicKeyAuthAlgorithms {
+			if !contains(supportedPubKeyAuthAlgos, algo) {
+				return nil, nil, nil, fmt.Errorf("ssh: unsupported public key authentication algorithm %s", algo)
+			}
+		}
+	}
 	// Check if the config contains any unsupported key exchanges
 	for _, kex := range fullConf.KeyExchanges {
 		if _, ok := serverForbiddenKexAlgos[kex]; ok {
@@ -524,7 +540,7 @@ userAuthLoop:
 				return nil, parseError(msgUserAuthRequest)
 			}
 			algo := string(algoBytes)
-			if !contains(supportedPubKeyAuthAlgos, underlyingAlgo(algo)) {
+			if !contains(config.PublicKeyAuthAlgorithms, underlyingAlgo(algo)) {
 				authErr = fmt.Errorf("ssh: algorithm %q not accepted", algo)
 				break
 			}
@@ -591,7 +607,7 @@ userAuthLoop:
 				// algorithm name that corresponds to algo with
 				// sig.Format.  This is usually the same, but
 				// for certs, the names differ.
-				if !contains(supportedPubKeyAuthAlgos, sig.Format) {
+				if !contains(config.PublicKeyAuthAlgorithms, sig.Format) {
 					authErr = fmt.Errorf("ssh: algorithm %q not accepted", sig.Format)
 					break
 				}
diff --git a/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s b/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s
index db9171c2e..269e173ca 100644
--- a/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s
+++ b/vendor/golang.org/x/sys/cpu/asm_aix_ppc64.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_aix.go b/vendor/golang.org/x/sys/cpu/cpu_aix.go
index 8aaeef545..9bf0c32eb 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_aix.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_aix.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix
-// +build aix
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.s b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
index c61f95a05..fcb9a3888 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_arm64.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
index ccf542a73..a8acd3e32 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go
index 0af2f2484..c8ae6ddc1 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_s390x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
index fa7cdb9bc..910728fb1 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (386 || amd64 || amd64p32) && gc
-// +build 386 amd64 amd64p32
-// +build gc
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go
index 2aff31891..7f1946780 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gccgo
-// +build gccgo
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_s390x.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_s390x.go
index 4bfbda619..9526d2ce3 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_s390x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_s390x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gccgo
-// +build gccgo
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c
index 6cc73109f..3f73a05dc 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.c
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (386 || amd64 || amd64p32) && gccgo
-// +build 386 amd64 amd64p32
-// +build gccgo
 
 #include 
 #include 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
index 863d415ab..99c60fe9f 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (386 || amd64 || amd64p32) && gccgo
-// +build 386 amd64 amd64p32
-// +build gccgo
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux.go b/vendor/golang.org/x/sys/cpu/cpu_linux.go
index 159a686f6..743eb5435 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !386 && !amd64 && !amd64p32 && !arm64
-// +build !386,!amd64,!amd64p32,!arm64
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_mips64x.go b/vendor/golang.org/x/sys/cpu/cpu_linux_mips64x.go
index 6000db4cd..4686c1d54 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_mips64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_mips64x.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (mips64 || mips64le)
-// +build linux
-// +build mips64 mips64le
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go b/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
index f4992b1a5..cd63e7335 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && !arm && !arm64 && !mips64 && !mips64le && !ppc64 && !ppc64le && !s390x
-// +build linux,!arm,!arm64,!mips64,!mips64le,!ppc64,!ppc64le,!s390x
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_ppc64x.go b/vendor/golang.org/x/sys/cpu/cpu_linux_ppc64x.go
index 021356d6d..197188e67 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_ppc64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_ppc64x.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (ppc64 || ppc64le)
-// +build linux
-// +build ppc64 ppc64le
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_loong64.go b/vendor/golang.org/x/sys/cpu/cpu_loong64.go
index 0f57b05bd..558635850 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_loong64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_loong64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build loong64
-// +build loong64
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_mips64x.go b/vendor/golang.org/x/sys/cpu/cpu_mips64x.go
index f4063c664..fedb00cc4 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_mips64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_mips64x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build mips64 || mips64le
-// +build mips64 mips64le
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_mipsx.go b/vendor/golang.org/x/sys/cpu/cpu_mipsx.go
index 07c4e36d8..ffb4ec7eb 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_mipsx.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_mipsx.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build mips || mipsle
-// +build mips mipsle
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_arm.go b/vendor/golang.org/x/sys/cpu/cpu_other_arm.go
index d7b4fb4cc..e9ecf2a45 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_other_arm.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_arm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !linux && arm
-// +build !linux,arm
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go
index f3cde129b..5341e7f88 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !linux && !netbsd && !openbsd && arm64
-// +build !linux,!netbsd,!openbsd,arm64
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go b/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go
index 0dafe9644..5f8f2419a 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_mips64x.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !linux && (mips64 || mips64le)
-// +build !linux
-// +build mips64 mips64le
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_ppc64x.go b/vendor/golang.org/x/sys/cpu/cpu_other_ppc64x.go
index 060d46b6e..89608fba2 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_other_ppc64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_ppc64x.go
@@ -3,9 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !aix && !linux && (ppc64 || ppc64le)
-// +build !aix
-// +build !linux
-// +build ppc64 ppc64le
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_riscv64.go b/vendor/golang.org/x/sys/cpu/cpu_other_riscv64.go
index dd10eb79f..5ab87808f 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_other_riscv64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_riscv64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !linux && riscv64
-// +build !linux,riscv64
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_ppc64x.go b/vendor/golang.org/x/sys/cpu/cpu_ppc64x.go
index 4e8acd165..c14f12b14 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_ppc64x.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_ppc64x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build ppc64 || ppc64le
-// +build ppc64 ppc64le
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
index ff7da60eb..7f0c79c00 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build riscv64
-// +build riscv64
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_s390x.s b/vendor/golang.org/x/sys/cpu/cpu_s390x.s
index 96f81e209..1fb4b7013 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_s390x.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_s390x.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_wasm.go b/vendor/golang.org/x/sys/cpu/cpu_wasm.go
index 7747d888a..384787ea3 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_wasm.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_wasm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build wasm
-// +build wasm
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.go b/vendor/golang.org/x/sys/cpu/cpu_x86.go
index 2dcde8285..c29f5e4c5 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build 386 || amd64 || amd64p32
-// +build 386 amd64 amd64p32
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.s b/vendor/golang.org/x/sys/cpu/cpu_x86.s
index 39acab2ff..7d7ba33ef 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.s
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (386 || amd64 || amd64p32) && gc
-// +build 386 amd64 amd64p32
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/cpu/endian_big.go b/vendor/golang.org/x/sys/cpu/endian_big.go
index 93ce03a34..7fe04b0a1 100644
--- a/vendor/golang.org/x/sys/cpu/endian_big.go
+++ b/vendor/golang.org/x/sys/cpu/endian_big.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build armbe || arm64be || m68k || mips || mips64 || mips64p32 || ppc || ppc64 || s390 || s390x || shbe || sparc || sparc64
-// +build armbe arm64be m68k mips mips64 mips64p32 ppc ppc64 s390 s390x shbe sparc sparc64
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/endian_little.go b/vendor/golang.org/x/sys/cpu/endian_little.go
index 55db853ef..48eccc4c7 100644
--- a/vendor/golang.org/x/sys/cpu/endian_little.go
+++ b/vendor/golang.org/x/sys/cpu/endian_little.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh || wasm
-// +build 386 amd64 amd64p32 alpha arm arm64 loong64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh wasm
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/proc_cpuinfo_linux.go b/vendor/golang.org/x/sys/cpu/proc_cpuinfo_linux.go
index d87bd6b3e..4cd64c704 100644
--- a/vendor/golang.org/x/sys/cpu/proc_cpuinfo_linux.go
+++ b/vendor/golang.org/x/sys/cpu/proc_cpuinfo_linux.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && arm64
-// +build linux,arm64
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/runtime_auxv_go121.go b/vendor/golang.org/x/sys/cpu/runtime_auxv_go121.go
index b975ea2a0..4c9788ea8 100644
--- a/vendor/golang.org/x/sys/cpu/runtime_auxv_go121.go
+++ b/vendor/golang.org/x/sys/cpu/runtime_auxv_go121.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build go1.21
-// +build go1.21
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/syscall_aix_gccgo.go b/vendor/golang.org/x/sys/cpu/syscall_aix_gccgo.go
index 96134157a..1b9ccb091 100644
--- a/vendor/golang.org/x/sys/cpu/syscall_aix_gccgo.go
+++ b/vendor/golang.org/x/sys/cpu/syscall_aix_gccgo.go
@@ -9,7 +9,6 @@
 // gccgo's libgo and thus must not used a CGo method.
 
 //go:build aix && gccgo
-// +build aix,gccgo
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go
index 904be42ff..e8b6cdbe9 100644
--- a/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go
+++ b/vendor/golang.org/x/sys/cpu/syscall_aix_ppc64_gc.go
@@ -7,7 +7,6 @@
 // (See golang.org/issue/32102)
 
 //go:build aix && ppc64 && gc
-// +build aix,ppc64,gc
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/unix/aliases.go b/vendor/golang.org/x/sys/unix/aliases.go
index abc89c104..e7d3df4bd 100644
--- a/vendor/golang.org/x/sys/unix/aliases.go
+++ b/vendor/golang.org/x/sys/unix/aliases.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos) && go1.9
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
-// +build go1.9
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s b/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s
index db9171c2e..269e173ca 100644
--- a/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s
+++ b/vendor/golang.org/x/sys/unix/asm_aix_ppc64.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_bsd_386.s b/vendor/golang.org/x/sys/unix/asm_bsd_386.s
index e0fcd9b3d..a4fcef0e0 100644
--- a/vendor/golang.org/x/sys/unix/asm_bsd_386.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_386.s
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (freebsd || netbsd || openbsd) && gc
-// +build freebsd netbsd openbsd
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s b/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s
index 2b99c349a..1e63615c5 100644
--- a/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_amd64.s
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (darwin || dragonfly || freebsd || netbsd || openbsd) && gc
-// +build darwin dragonfly freebsd netbsd openbsd
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_bsd_arm.s b/vendor/golang.org/x/sys/unix/asm_bsd_arm.s
index d702d4adc..6496c3100 100644
--- a/vendor/golang.org/x/sys/unix/asm_bsd_arm.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_arm.s
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (freebsd || netbsd || openbsd) && gc
-// +build freebsd netbsd openbsd
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s b/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s
index fe36a7391..4fd1f54da 100644
--- a/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_arm64.s
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (darwin || freebsd || netbsd || openbsd) && gc
-// +build darwin freebsd netbsd openbsd
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s b/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s
index e5b9a8489..42f7eb9e4 100644
--- a/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_ppc64.s
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (darwin || freebsd || netbsd || openbsd) && gc
-// +build darwin freebsd netbsd openbsd
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s b/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s
index d560019ea..f8902667e 100644
--- a/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s
+++ b/vendor/golang.org/x/sys/unix/asm_bsd_riscv64.s
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (darwin || freebsd || netbsd || openbsd) && gc
-// +build darwin freebsd netbsd openbsd
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_386.s b/vendor/golang.org/x/sys/unix/asm_linux_386.s
index 8fd101d07..3b4734870 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_386.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_386.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_amd64.s b/vendor/golang.org/x/sys/unix/asm_linux_amd64.s
index 7ed38e43c..67e29f317 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_amd64.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_amd64.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_arm.s b/vendor/golang.org/x/sys/unix/asm_linux_arm.s
index 8ef1d5140..d6ae269ce 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_arm.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_arm.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_arm64.s b/vendor/golang.org/x/sys/unix/asm_linux_arm64.s
index 98ae02760..01e5e253c 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_arm64.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_arm64.s
@@ -3,9 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && arm64 && gc
-// +build linux
-// +build arm64
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_loong64.s b/vendor/golang.org/x/sys/unix/asm_linux_loong64.s
index 565357288..2abf12f6e 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_loong64.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_loong64.s
@@ -3,9 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && loong64 && gc
-// +build linux
-// +build loong64
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s b/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s
index 21231d2ce..f84bae712 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_mips64x.s
@@ -3,9 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (mips64 || mips64le) && gc
-// +build linux
-// +build mips64 mips64le
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s b/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s
index 6783b26c6..f08f62807 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_mipsx.s
@@ -3,9 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (mips || mipsle) && gc
-// +build linux
-// +build mips mipsle
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s b/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s
index 19d498934..bdfc024d2 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_ppc64x.s
@@ -3,9 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (ppc64 || ppc64le) && gc
-// +build linux
-// +build ppc64 ppc64le
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s b/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s
index e42eb81d5..2e8c99612 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_riscv64.s
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build riscv64 && gc
-// +build riscv64
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_linux_s390x.s b/vendor/golang.org/x/sys/unix/asm_linux_s390x.s
index c46aab339..2c394b11e 100644
--- a/vendor/golang.org/x/sys/unix/asm_linux_s390x.s
+++ b/vendor/golang.org/x/sys/unix/asm_linux_s390x.s
@@ -3,9 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && s390x && gc
-// +build linux
-// +build s390x
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s
index 5e7a1169c..fab586a2c 100644
--- a/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s
+++ b/vendor/golang.org/x/sys/unix/asm_openbsd_mips64.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s b/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s
index f8c5394c1..f949ec547 100644
--- a/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s
+++ b/vendor/golang.org/x/sys/unix/asm_solaris_amd64.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gc
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/asm_zos_s390x.s b/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
index 3b54e1858..2f67ba86d 100644
--- a/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
+++ b/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
@@ -3,9 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build zos && s390x && gc
-// +build zos
-// +build s390x
-// +build gc
 
 #include "textflag.h"
 
diff --git a/vendor/golang.org/x/sys/unix/cap_freebsd.go b/vendor/golang.org/x/sys/unix/cap_freebsd.go
index 0b7c6adb8..a08657890 100644
--- a/vendor/golang.org/x/sys/unix/cap_freebsd.go
+++ b/vendor/golang.org/x/sys/unix/cap_freebsd.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build freebsd
-// +build freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/constants.go b/vendor/golang.org/x/sys/unix/constants.go
index 394a3965b..6fb7cb77d 100644
--- a/vendor/golang.org/x/sys/unix/constants.go
+++ b/vendor/golang.org/x/sys/unix/constants.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/dev_aix_ppc.go b/vendor/golang.org/x/sys/unix/dev_aix_ppc.go
index 65a998508..d78513461 100644
--- a/vendor/golang.org/x/sys/unix/dev_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/dev_aix_ppc.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix && ppc
-// +build aix,ppc
 
 // Functions to access/create device major and minor numbers matching the
 // encoding used by AIX.
diff --git a/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go b/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go
index 8fc08ad0a..623a5e697 100644
--- a/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/dev_aix_ppc64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix && ppc64
-// +build aix,ppc64
 
 // Functions to access/create device major and minor numbers matching the
 // encoding used AIX.
diff --git a/vendor/golang.org/x/sys/unix/dev_zos.go b/vendor/golang.org/x/sys/unix/dev_zos.go
index a388e59a0..bb6a64fe9 100644
--- a/vendor/golang.org/x/sys/unix/dev_zos.go
+++ b/vendor/golang.org/x/sys/unix/dev_zos.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build zos && s390x
-// +build zos,s390x
 
 // Functions to access/create device major and minor numbers matching the
 // encoding used by z/OS.
diff --git a/vendor/golang.org/x/sys/unix/dirent.go b/vendor/golang.org/x/sys/unix/dirent.go
index 2499f977b..1ebf11782 100644
--- a/vendor/golang.org/x/sys/unix/dirent.go
+++ b/vendor/golang.org/x/sys/unix/dirent.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/endian_big.go b/vendor/golang.org/x/sys/unix/endian_big.go
index a52026557..1095fd31d 100644
--- a/vendor/golang.org/x/sys/unix/endian_big.go
+++ b/vendor/golang.org/x/sys/unix/endian_big.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 //
 //go:build armbe || arm64be || m68k || mips || mips64 || mips64p32 || ppc || ppc64 || s390 || s390x || shbe || sparc || sparc64
-// +build armbe arm64be m68k mips mips64 mips64p32 ppc ppc64 s390 s390x shbe sparc sparc64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/endian_little.go b/vendor/golang.org/x/sys/unix/endian_little.go
index b0f2bc4ae..b9f0e277b 100644
--- a/vendor/golang.org/x/sys/unix/endian_little.go
+++ b/vendor/golang.org/x/sys/unix/endian_little.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 //
 //go:build 386 || amd64 || amd64p32 || alpha || arm || arm64 || loong64 || mipsle || mips64le || mips64p32le || nios2 || ppc64le || riscv || riscv64 || sh
-// +build 386 amd64 amd64p32 alpha arm arm64 loong64 mipsle mips64le mips64p32le nios2 ppc64le riscv riscv64 sh
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/env_unix.go b/vendor/golang.org/x/sys/unix/env_unix.go
index 29ccc4d13..a96da71f4 100644
--- a/vendor/golang.org/x/sys/unix/env_unix.go
+++ b/vendor/golang.org/x/sys/unix/env_unix.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
 
 // Unix environment variables.
 
diff --git a/vendor/golang.org/x/sys/unix/epoll_zos.go b/vendor/golang.org/x/sys/unix/epoll_zos.go
index cedaf7e02..7753fddea 100644
--- a/vendor/golang.org/x/sys/unix/epoll_zos.go
+++ b/vendor/golang.org/x/sys/unix/epoll_zos.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build zos && s390x
-// +build zos,s390x
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/fcntl.go b/vendor/golang.org/x/sys/unix/fcntl.go
index e9b991258..58c6bfc70 100644
--- a/vendor/golang.org/x/sys/unix/fcntl.go
+++ b/vendor/golang.org/x/sys/unix/fcntl.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build dragonfly || freebsd || linux || netbsd || openbsd
-// +build dragonfly freebsd linux netbsd openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go b/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go
index 29d44808b..13b4acd5c 100644
--- a/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go
+++ b/vendor/golang.org/x/sys/unix/fcntl_linux_32bit.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (linux && 386) || (linux && arm) || (linux && mips) || (linux && mipsle) || (linux && ppc)
-// +build linux,386 linux,arm linux,mips linux,mipsle linux,ppc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/fdset.go b/vendor/golang.org/x/sys/unix/fdset.go
index a8068f94f..9e83d18cd 100644
--- a/vendor/golang.org/x/sys/unix/fdset.go
+++ b/vendor/golang.org/x/sys/unix/fdset.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/fstatfs_zos.go b/vendor/golang.org/x/sys/unix/fstatfs_zos.go
index e377cc9f4..c8bde601e 100644
--- a/vendor/golang.org/x/sys/unix/fstatfs_zos.go
+++ b/vendor/golang.org/x/sys/unix/fstatfs_zos.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build zos && s390x
-// +build zos,s390x
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/gccgo.go b/vendor/golang.org/x/sys/unix/gccgo.go
index b06f52d74..aca5721dd 100644
--- a/vendor/golang.org/x/sys/unix/gccgo.go
+++ b/vendor/golang.org/x/sys/unix/gccgo.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gccgo && !aix && !hurd
-// +build gccgo,!aix,!hurd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/gccgo_c.c b/vendor/golang.org/x/sys/unix/gccgo_c.c
index f98a1c542..d468b7b47 100644
--- a/vendor/golang.org/x/sys/unix/gccgo_c.c
+++ b/vendor/golang.org/x/sys/unix/gccgo_c.c
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gccgo && !aix && !hurd
-// +build gccgo,!aix,!hurd
 
 #include 
 #include 
diff --git a/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go b/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go
index e60e49a3d..972d61bd7 100644
--- a/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/gccgo_linux_amd64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build gccgo && linux && amd64
-// +build gccgo,linux,amd64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ifreq_linux.go b/vendor/golang.org/x/sys/unix/ifreq_linux.go
index 15721a510..848840ae4 100644
--- a/vendor/golang.org/x/sys/unix/ifreq_linux.go
+++ b/vendor/golang.org/x/sys/unix/ifreq_linux.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux
-// +build linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ioctl_signed.go b/vendor/golang.org/x/sys/unix/ioctl_signed.go
index 7def9580e..5b0759bd8 100644
--- a/vendor/golang.org/x/sys/unix/ioctl_signed.go
+++ b/vendor/golang.org/x/sys/unix/ioctl_signed.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || solaris
-// +build aix solaris
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ioctl_unsigned.go b/vendor/golang.org/x/sys/unix/ioctl_unsigned.go
index 649913d1e..20f470b9d 100644
--- a/vendor/golang.org/x/sys/unix/ioctl_unsigned.go
+++ b/vendor/golang.org/x/sys/unix/ioctl_unsigned.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build darwin || dragonfly || freebsd || hurd || linux || netbsd || openbsd
-// +build darwin dragonfly freebsd hurd linux netbsd openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ioctl_zos.go b/vendor/golang.org/x/sys/unix/ioctl_zos.go
index cdc21bf76..c8b2a750f 100644
--- a/vendor/golang.org/x/sys/unix/ioctl_zos.go
+++ b/vendor/golang.org/x/sys/unix/ioctl_zos.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build zos && s390x
-// +build zos,s390x
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index 47fa6a7eb..cbe24150a 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -663,7 +663,6 @@ echo '// mkerrors.sh' "$@"
 echo '// Code generated by the command above; see README.md. DO NOT EDIT.'
 echo
 echo "//go:build ${GOARCH} && ${GOOS}"
-echo "// +build ${GOARCH},${GOOS}"
 echo
 go tool cgo -godefs -- "$@" _const.go >_error.out
 cat _error.out | grep -vf _error.grep | grep -vf _signal.grep
diff --git a/vendor/golang.org/x/sys/unix/mmap_nomremap.go b/vendor/golang.org/x/sys/unix/mmap_nomremap.go
index ca0513632..4b68e5978 100644
--- a/vendor/golang.org/x/sys/unix/mmap_nomremap.go
+++ b/vendor/golang.org/x/sys/unix/mmap_nomremap.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || openbsd || solaris
-// +build aix darwin dragonfly freebsd openbsd solaris
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/mremap.go b/vendor/golang.org/x/sys/unix/mremap.go
index fa93d0aa9..fd45fe529 100644
--- a/vendor/golang.org/x/sys/unix/mremap.go
+++ b/vendor/golang.org/x/sys/unix/mremap.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux || netbsd
-// +build linux netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/pagesize_unix.go b/vendor/golang.org/x/sys/unix/pagesize_unix.go
index 53f1b4c5b..4d0a3430e 100644
--- a/vendor/golang.org/x/sys/unix/pagesize_unix.go
+++ b/vendor/golang.org/x/sys/unix/pagesize_unix.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
 
 // For Unix, get the pagesize from the runtime.
 
diff --git a/vendor/golang.org/x/sys/unix/pledge_openbsd.go b/vendor/golang.org/x/sys/unix/pledge_openbsd.go
index eb48294b2..6a09af53e 100644
--- a/vendor/golang.org/x/sys/unix/pledge_openbsd.go
+++ b/vendor/golang.org/x/sys/unix/pledge_openbsd.go
@@ -8,54 +8,31 @@ import (
 	"errors"
 	"fmt"
 	"strconv"
-	"syscall"
-	"unsafe"
 )
 
 // Pledge implements the pledge syscall.
 //
-// The pledge syscall does not accept execpromises on OpenBSD releases
-// before 6.3.
-//
-// execpromises must be empty when Pledge is called on OpenBSD
-// releases predating 6.3, otherwise an error will be returned.
+// This changes both the promises and execpromises; use PledgePromises or
+// PledgeExecpromises to only change the promises or execpromises
+// respectively.
 //
 // For more information see pledge(2).
 func Pledge(promises, execpromises string) error {
-	maj, min, err := majmin()
-	if err != nil {
+	if err := pledgeAvailable(); err != nil {
 		return err
 	}
 
-	err = pledgeAvailable(maj, min, execpromises)
+	pptr, err := BytePtrFromString(promises)
 	if err != nil {
 		return err
 	}
 
-	pptr, err := syscall.BytePtrFromString(promises)
+	exptr, err := BytePtrFromString(execpromises)
 	if err != nil {
 		return err
 	}
 
-	// This variable will hold either a nil unsafe.Pointer or
-	// an unsafe.Pointer to a string (execpromises).
-	var expr unsafe.Pointer
-
-	// If we're running on OpenBSD > 6.2, pass execpromises to the syscall.
-	if maj > 6 || (maj == 6 && min > 2) {
-		exptr, err := syscall.BytePtrFromString(execpromises)
-		if err != nil {
-			return err
-		}
-		expr = unsafe.Pointer(exptr)
-	}
-
-	_, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(expr), 0)
-	if e != 0 {
-		return e
-	}
-
-	return nil
+	return pledge(pptr, exptr)
 }
 
 // PledgePromises implements the pledge syscall.
@@ -64,30 +41,16 @@ func Pledge(promises, execpromises string) error {
 //
 // For more information see pledge(2).
 func PledgePromises(promises string) error {
-	maj, min, err := majmin()
-	if err != nil {
-		return err
-	}
-
-	err = pledgeAvailable(maj, min, "")
-	if err != nil {
+	if err := pledgeAvailable(); err != nil {
 		return err
 	}
 
-	// This variable holds the execpromises and is always nil.
-	var expr unsafe.Pointer
-
-	pptr, err := syscall.BytePtrFromString(promises)
+	pptr, err := BytePtrFromString(promises)
 	if err != nil {
 		return err
 	}
 
-	_, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(unsafe.Pointer(pptr)), uintptr(expr), 0)
-	if e != 0 {
-		return e
-	}
-
-	return nil
+	return pledge(pptr, nil)
 }
 
 // PledgeExecpromises implements the pledge syscall.
@@ -96,30 +59,16 @@ func PledgePromises(promises string) error {
 //
 // For more information see pledge(2).
 func PledgeExecpromises(execpromises string) error {
-	maj, min, err := majmin()
-	if err != nil {
+	if err := pledgeAvailable(); err != nil {
 		return err
 	}
 
-	err = pledgeAvailable(maj, min, execpromises)
+	exptr, err := BytePtrFromString(execpromises)
 	if err != nil {
 		return err
 	}
 
-	// This variable holds the promises and is always nil.
-	var pptr unsafe.Pointer
-
-	exptr, err := syscall.BytePtrFromString(execpromises)
-	if err != nil {
-		return err
-	}
-
-	_, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(pptr), uintptr(unsafe.Pointer(exptr)), 0)
-	if e != 0 {
-		return e
-	}
-
-	return nil
+	return pledge(nil, exptr)
 }
 
 // majmin returns major and minor version number for an OpenBSD system.
@@ -147,16 +96,15 @@ func majmin() (major int, minor int, err error) {
 
 // pledgeAvailable checks for availability of the pledge(2) syscall
 // based on the running OpenBSD version.
-func pledgeAvailable(maj, min int, execpromises string) error {
-	// If OpenBSD <= 5.9, pledge is not available.
-	if (maj == 5 && min != 9) || maj < 5 {
-		return fmt.Errorf("pledge syscall is not available on OpenBSD %d.%d", maj, min)
+func pledgeAvailable() error {
+	maj, min, err := majmin()
+	if err != nil {
+		return err
 	}
 
-	// If OpenBSD <= 6.2 and execpromises is not empty,
-	// return an error - execpromises is not available before 6.3
-	if (maj < 6 || (maj == 6 && min <= 2)) && execpromises != "" {
-		return fmt.Errorf("cannot use execpromises on OpenBSD %d.%d", maj, min)
+	// Require OpenBSD 6.4 as a minimum.
+	if maj < 6 || (maj == 6 && min <= 3) {
+		return fmt.Errorf("cannot call Pledge on OpenBSD %d.%d", maj, min)
 	}
 
 	return nil
diff --git a/vendor/golang.org/x/sys/unix/ptrace_darwin.go b/vendor/golang.org/x/sys/unix/ptrace_darwin.go
index 463c3eff7..3f0975f3d 100644
--- a/vendor/golang.org/x/sys/unix/ptrace_darwin.go
+++ b/vendor/golang.org/x/sys/unix/ptrace_darwin.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build darwin && !ios
-// +build darwin,!ios
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ptrace_ios.go b/vendor/golang.org/x/sys/unix/ptrace_ios.go
index ed0509a01..a4d35db5d 100644
--- a/vendor/golang.org/x/sys/unix/ptrace_ios.go
+++ b/vendor/golang.org/x/sys/unix/ptrace_ios.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build ios
-// +build ios
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/race.go b/vendor/golang.org/x/sys/unix/race.go
index 6f6c5fec5..714d2aae7 100644
--- a/vendor/golang.org/x/sys/unix/race.go
+++ b/vendor/golang.org/x/sys/unix/race.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (darwin && race) || (linux && race) || (freebsd && race)
-// +build darwin,race linux,race freebsd,race
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/race0.go b/vendor/golang.org/x/sys/unix/race0.go
index 706e1322a..4a9f6634c 100644
--- a/vendor/golang.org/x/sys/unix/race0.go
+++ b/vendor/golang.org/x/sys/unix/race0.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || (darwin && !race) || (linux && !race) || (freebsd && !race) || netbsd || openbsd || solaris || dragonfly || zos
-// +build aix darwin,!race linux,!race freebsd,!race netbsd openbsd solaris dragonfly zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/readdirent_getdents.go b/vendor/golang.org/x/sys/unix/readdirent_getdents.go
index 4d6257569..dbd2b6ccb 100644
--- a/vendor/golang.org/x/sys/unix/readdirent_getdents.go
+++ b/vendor/golang.org/x/sys/unix/readdirent_getdents.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || dragonfly || freebsd || linux || netbsd || openbsd
-// +build aix dragonfly freebsd linux netbsd openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go b/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
index 2a4ba47c4..130398b6b 100644
--- a/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
+++ b/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build darwin
-// +build darwin
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/sockcmsg_unix.go b/vendor/golang.org/x/sys/unix/sockcmsg_unix.go
index 3865943f6..c3a62dbb1 100644
--- a/vendor/golang.org/x/sys/unix/sockcmsg_unix.go
+++ b/vendor/golang.org/x/sys/unix/sockcmsg_unix.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
 
 // Socket control messages
 
diff --git a/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go b/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go
index 0840fe4a5..4a1eab37e 100644
--- a/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go
+++ b/vendor/golang.org/x/sys/unix/sockcmsg_unix_other.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || freebsd || linux || netbsd || openbsd || solaris || zos
-// +build aix darwin freebsd linux netbsd openbsd solaris zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall.go b/vendor/golang.org/x/sys/unix/syscall.go
index 63e8c8383..5ea74da98 100644
--- a/vendor/golang.org/x/sys/unix/syscall.go
+++ b/vendor/golang.org/x/sys/unix/syscall.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
 
 // Package unix contains an interface to the low-level operating system
 // primitives. OS details vary depending on the underlying system, and
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix.go b/vendor/golang.org/x/sys/unix/syscall_aix.go
index e94e6cdac..67ce6cef2 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix
-// +build aix
 
 // Aix system calls.
 // This file is compiled as ordinary Go code,
@@ -107,7 +106,8 @@ func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	if n > 0 {
 		sl += _Socklen(n) + 1
 	}
-	if sa.raw.Path[0] == '@' {
+	if sa.raw.Path[0] == '@' || (sa.raw.Path[0] == 0 && sl > 3) {
+		// Check sl > 3 so we don't change unnamed socket behavior.
 		sa.raw.Path[0] = 0
 		// Don't count trailing NUL for abstract address.
 		sl--
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go b/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go
index f2871fa95..1fdaa4760 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix_ppc.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix && ppc
-// +build aix,ppc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go b/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go
index 75718ec0f..c87f9a9f4 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix_ppc64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix && ppc64
-// +build aix,ppc64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go
index 4217de518..6f328e3a5 100644
--- a/vendor/golang.org/x/sys/unix/syscall_bsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build darwin || dragonfly || freebsd || netbsd || openbsd
-// +build darwin dragonfly freebsd netbsd openbsd
 
 // BSD system call wrappers shared by *BSD based systems
 // including OS X (Darwin) and FreeBSD.  Like the other
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
index b37310ce9..0eaecf5fc 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin_amd64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build amd64 && darwin
-// +build amd64,darwin
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
index d51ec9963..f36c6707c 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm64 && darwin
-// +build arm64,darwin
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go b/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
index 53c96641f..16dc69937 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build darwin && go1.12
-// +build darwin,go1.12
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go
index 4e2d32120..14bab6b2d 100644
--- a/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly_amd64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build amd64 && dragonfly
-// +build amd64,dragonfly
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go
index b8da51004..3967bca77 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_386.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build 386 && freebsd
-// +build 386,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go
index 47155c483..eff19ada2 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_amd64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build amd64 && freebsd
-// +build amd64,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go
index 08932093f..4f24b517a 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm && freebsd
-// +build arm,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go
index d151a0d0e..ac30759ec 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm64 && freebsd
-// +build arm64,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go
index d5cd64b37..aab725ca7 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd_riscv64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build riscv64 && freebsd
-// +build riscv64,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_hurd.go b/vendor/golang.org/x/sys/unix/syscall_hurd.go
index 381fd4673..ba46651f8 100644
--- a/vendor/golang.org/x/sys/unix/syscall_hurd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_hurd.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build hurd
-// +build hurd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_hurd_386.go b/vendor/golang.org/x/sys/unix/syscall_hurd_386.go
index 7cf54a3e4..df89f9e6b 100644
--- a/vendor/golang.org/x/sys/unix/syscall_hurd_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_hurd_386.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build 386 && hurd
-// +build 386,hurd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_illumos.go b/vendor/golang.org/x/sys/unix/syscall_illumos.go
index 87db5a6a8..a863f7052 100644
--- a/vendor/golang.org/x/sys/unix/syscall_illumos.go
+++ b/vendor/golang.org/x/sys/unix/syscall_illumos.go
@@ -5,7 +5,6 @@
 // illumos system calls not present on Solaris.
 
 //go:build amd64 && illumos
-// +build amd64,illumos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index fb4e50224..a5e1c10e3 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -417,7 +417,8 @@ func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	if n > 0 {
 		sl += _Socklen(n) + 1
 	}
-	if sa.raw.Path[0] == '@' {
+	if sa.raw.Path[0] == '@' || (sa.raw.Path[0] == 0 && sl > 3) {
+		// Check sl > 3 so we don't change unnamed socket behavior.
 		sa.raw.Path[0] = 0
 		// Don't count trailing NUL for abstract address.
 		sl--
@@ -2482,3 +2483,5 @@ func SchedGetAttr(pid int, flags uint) (*SchedAttr, error) {
 	}
 	return attr, nil
 }
+
+//sys	Cachestat(fd uint, crange *CachestatRange, cstat *Cachestat_t, flags uint) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_386.go
index c7d9945ea..506dafa7b 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_386.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build 386 && linux
-// +build 386,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_alarm.go b/vendor/golang.org/x/sys/unix/syscall_linux_alarm.go
index 08086ac6a..38d55641b 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_alarm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_alarm.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (386 || amd64 || mips || mipsle || mips64 || mipsle || ppc64 || ppc64le || ppc || s390x || sparc64)
-// +build linux
-// +build 386 amd64 mips mipsle mips64 mipsle ppc64 ppc64le ppc s390x sparc64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go
index 70601ce36..d557cf8de 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_amd64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build amd64 && linux
-// +build amd64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go b/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go
index 8b0f0f3aa..facdb83b2 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_amd64_gc.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build amd64 && linux && gc
-// +build amd64,linux,gc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go
index da2986415..cd2dd797f 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm && linux
-// +build arm,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
index f5266689a..cf2ee6c75 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm64 && linux
-// +build arm64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc.go
index 2b1168d7d..ffc4c2b63 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && gc
-// +build linux,gc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go
index 9843fb489..9ebfdcf44 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc_386.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && gc && 386
-// +build linux,gc,386
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go
index a6008fccd..5f2b57c4c 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gc_arm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm && gc && linux
-// +build arm,gc,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go b/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go
index 7740af242..d1a3ad826 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_386.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && gccgo && 386
-// +build linux,gccgo,386
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go b/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go
index e16a12299..f2f67423e 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_gccgo_arm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && gccgo && arm
-// +build linux,gccgo,arm
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
index f6ab02ec1..3d0e98451 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build loong64 && linux
-// +build loong64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go
index 93fe59d25..70963a95a 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (mips64 || mips64le)
-// +build linux
-// +build mips64 mips64le
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go
index aae7f0ffd..c218ebd28 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_mipsx.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (mips || mipsle)
-// +build linux
-// +build mips mipsle
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go
index 66eff19a3..e6c48500c 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && ppc
-// +build linux,ppc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go b/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go
index 806aa2574..7286a9aa8 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_ppc64x.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (ppc64 || ppc64le)
-// +build linux
-// +build ppc64 ppc64le
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
index 5e6ceee12..6f5a28894 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build riscv64 && linux
-// +build riscv64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go b/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go
index 2f89e8f5d..66f31210d 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_s390x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build s390x && linux
-// +build s390x,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go b/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go
index 7ca064ae7..11d1f1698 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_sparc64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build sparc64 && linux
-// +build sparc64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go b/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go
index 5199d282f..7a5eb5743 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd_386.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build 386 && netbsd
-// +build 386,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go
index 70a9c52e9..62d8957ae 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd_amd64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build amd64 && netbsd
-// +build amd64,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go b/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go
index 3eb5942f9..ce6a06885 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd_arm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm && netbsd
-// +build arm,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go
index fc6ccfd81..d46d689d1 100644
--- a/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_netbsd_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm64 && netbsd
-// +build arm64,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
index 6f34479b5..d2882ee04 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
@@ -137,18 +137,13 @@ func sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 }
 
 func Getfsstat(buf []Statfs_t, flags int) (n int, err error) {
-	var _p0 unsafe.Pointer
+	var bufptr *Statfs_t
 	var bufsize uintptr
 	if len(buf) > 0 {
-		_p0 = unsafe.Pointer(&buf[0])
+		bufptr = &buf[0]
 		bufsize = unsafe.Sizeof(Statfs_t{}) * uintptr(len(buf))
 	}
-	r0, _, e1 := Syscall(SYS_GETFSSTAT, uintptr(_p0), bufsize, uintptr(flags))
-	n = int(r0)
-	if e1 != 0 {
-		err = e1
-	}
-	return
+	return getfsstat(bufptr, bufsize, flags)
 }
 
 //sysnb	getresuid(ruid *_C_int, euid *_C_int, suid *_C_int)
@@ -326,4 +321,7 @@ func Uname(uname *Utsname) error {
 //sys	write(fd int, p []byte) (n int, err error)
 //sys	mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error)
 //sys	munmap(addr uintptr, length uintptr) (err error)
+//sys	getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error)
 //sys	utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error)
+//sys	pledge(promises *byte, execpromises *byte) (err error)
+//sys	unveil(path *byte, flags *byte) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go
index 6baabcdcb..9ddc89f4f 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_386.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build 386 && openbsd
-// +build 386,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go
index bab25360e..70a3c96ee 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_amd64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build amd64 && openbsd
-// +build amd64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go
index 8eed3c4d4..265caa87f 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_arm.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm && openbsd
-// +build arm,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go
index 483dde99d..ac4fda171 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_arm64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build arm64 && openbsd
-// +build arm64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_libc.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_libc.go
index 04aa43f41..0a451e6dd 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_libc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_libc.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build openbsd
-// +build openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_ppc64.go
index c2796139c..30a308cbb 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_ppc64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build ppc64 && openbsd
-// +build ppc64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_openbsd_riscv64.go
index 23199a7ff..ea954330f 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd_riscv64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build riscv64 && openbsd
-// +build riscv64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go
index b99cfa134..60c8142d4 100644
--- a/vendor/golang.org/x/sys/unix/syscall_solaris.go
+++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go
@@ -128,7 +128,8 @@ func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	if n > 0 {
 		sl += _Socklen(n) + 1
 	}
-	if sa.raw.Path[0] == '@' {
+	if sa.raw.Path[0] == '@' || (sa.raw.Path[0] == 0 && sl > 3) {
+		// Check sl > 3 so we don't change unnamed socket behavior.
 		sa.raw.Path[0] = 0
 		// Don't count trailing NUL for abstract address.
 		sl--
diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go
index 0bd25ef81..e02d8ceae 100644
--- a/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_solaris_amd64.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build amd64 && solaris
-// +build amd64,solaris
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix.go b/vendor/golang.org/x/sys/unix/syscall_unix.go
index f6eda2705..77081de8c 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix_gc.go b/vendor/golang.org/x/sys/unix/syscall_unix_gc.go
index b6919ca58..05c95bccf 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix_gc.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix_gc.go
@@ -3,8 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (darwin || dragonfly || freebsd || (linux && !ppc64 && !ppc64le) || netbsd || openbsd || solaris) && gc
-// +build darwin dragonfly freebsd linux,!ppc64,!ppc64le netbsd openbsd solaris
-// +build gc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go b/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go
index f6f707acf..23f39b7af 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix_gc_ppc64x.go
@@ -3,9 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux && (ppc64le || ppc64) && gc
-// +build linux
-// +build ppc64le ppc64
-// +build gc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
index 4596d041c..d99d05f1b 100644
--- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build zos && s390x
-// +build zos,s390x
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/sysvshm_linux.go b/vendor/golang.org/x/sys/unix/sysvshm_linux.go
index 2c3a4437f..4fcd38de2 100644
--- a/vendor/golang.org/x/sys/unix/sysvshm_linux.go
+++ b/vendor/golang.org/x/sys/unix/sysvshm_linux.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build linux
-// +build linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/sysvshm_unix.go b/vendor/golang.org/x/sys/unix/sysvshm_unix.go
index 5bb41d17b..79a84f18b 100644
--- a/vendor/golang.org/x/sys/unix/sysvshm_unix.go
+++ b/vendor/golang.org/x/sys/unix/sysvshm_unix.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build (darwin && !ios) || linux
-// +build darwin,!ios linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go b/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go
index 71bddefdb..9eb0db664 100644
--- a/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go
+++ b/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build darwin && !ios
-// +build darwin,!ios
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/timestruct.go b/vendor/golang.org/x/sys/unix/timestruct.go
index 616b1b284..7997b1902 100644
--- a/vendor/golang.org/x/sys/unix/timestruct.go
+++ b/vendor/golang.org/x/sys/unix/timestruct.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
-// +build aix darwin dragonfly freebsd linux netbsd openbsd solaris zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/unveil_openbsd.go b/vendor/golang.org/x/sys/unix/unveil_openbsd.go
index 168d5ae77..cb7e598ce 100644
--- a/vendor/golang.org/x/sys/unix/unveil_openbsd.go
+++ b/vendor/golang.org/x/sys/unix/unveil_openbsd.go
@@ -4,39 +4,48 @@
 
 package unix
 
-import (
-	"syscall"
-	"unsafe"
-)
+import "fmt"
 
 // Unveil implements the unveil syscall.
 // For more information see unveil(2).
 // Note that the special case of blocking further
 // unveil calls is handled by UnveilBlock.
 func Unveil(path string, flags string) error {
-	pathPtr, err := syscall.BytePtrFromString(path)
-	if err != nil {
+	if err := supportsUnveil(); err != nil {
 		return err
 	}
-	flagsPtr, err := syscall.BytePtrFromString(flags)
+	pathPtr, err := BytePtrFromString(path)
 	if err != nil {
 		return err
 	}
-	_, _, e := syscall.Syscall(SYS_UNVEIL, uintptr(unsafe.Pointer(pathPtr)), uintptr(unsafe.Pointer(flagsPtr)), 0)
-	if e != 0 {
-		return e
+	flagsPtr, err := BytePtrFromString(flags)
+	if err != nil {
+		return err
 	}
-	return nil
+	return unveil(pathPtr, flagsPtr)
 }
 
 // UnveilBlock blocks future unveil calls.
 // For more information see unveil(2).
 func UnveilBlock() error {
-	// Both pointers must be nil.
-	var pathUnsafe, flagsUnsafe unsafe.Pointer
-	_, _, e := syscall.Syscall(SYS_UNVEIL, uintptr(pathUnsafe), uintptr(flagsUnsafe), 0)
-	if e != 0 {
-		return e
+	if err := supportsUnveil(); err != nil {
+		return err
 	}
+	return unveil(nil, nil)
+}
+
+// supportsUnveil checks for availability of the unveil(2) system call based
+// on the running OpenBSD version.
+func supportsUnveil() error {
+	maj, min, err := majmin()
+	if err != nil {
+		return err
+	}
+
+	// unveil is not available before 6.4
+	if maj < 6 || (maj == 6 && min <= 3) {
+		return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, min)
+	}
+
 	return nil
 }
diff --git a/vendor/golang.org/x/sys/unix/xattr_bsd.go b/vendor/golang.org/x/sys/unix/xattr_bsd.go
index f5f8e9f36..e16879396 100644
--- a/vendor/golang.org/x/sys/unix/xattr_bsd.go
+++ b/vendor/golang.org/x/sys/unix/xattr_bsd.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build freebsd || netbsd
-// +build freebsd netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go
index ca9799b79..2fb219d78 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_aix_ppc.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc && aix
-// +build ppc,aix
 
 // Created by cgo -godefs - DO NOT EDIT
 // cgo -godefs -- -maix32 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go
index 200c8c26f..b0e6f5c85 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_aix_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64 && aix
-// +build ppc64,aix
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -maix64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
index 143007627..e40fa8524 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && darwin
-// +build amd64,darwin
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
index ab044a742..bb02aa6c0 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && darwin
-// +build arm64,darwin
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go
index 17bba0e44..c0e0f8694 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_dragonfly_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && dragonfly
-// +build amd64,dragonfly
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go b/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go
index f8c2c5138..6c6923906 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && freebsd
-// +build 386,freebsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m32 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go
index 96310c3be..dd9163f8e 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && freebsd
-// +build amd64,freebsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go b/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go
index 777b69def..493a2a793 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && freebsd
-// +build arm,freebsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go
index c557ac2db..8b437b307 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && freebsd
-// +build arm64,freebsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_freebsd_riscv64.go
index 341b4d962..67c02dd57 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_freebsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_freebsd_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && freebsd
-// +build riscv64,freebsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index f9c7f479b..9c00cbf51 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -1,7 +1,6 @@
 // Code generated by mkmerge; DO NOT EDIT.
 
 //go:build linux
-// +build linux
 
 package unix
 
@@ -481,10 +480,14 @@ const (
 	BPF_FROM_BE                                 = 0x8
 	BPF_FROM_LE                                 = 0x0
 	BPF_FS_MAGIC                                = 0xcafe4a11
+	BPF_F_AFTER                                 = 0x10
 	BPF_F_ALLOW_MULTI                           = 0x2
 	BPF_F_ALLOW_OVERRIDE                        = 0x1
 	BPF_F_ANY_ALIGNMENT                         = 0x2
-	BPF_F_KPROBE_MULTI_RETURN                   = 0x1
+	BPF_F_BEFORE                                = 0x8
+	BPF_F_ID                                    = 0x20
+	BPF_F_LINK                                  = 0x2000
+	BPF_F_NETFILTER_IP_DEFRAG                   = 0x1
 	BPF_F_QUERY_EFFECTIVE                       = 0x1
 	BPF_F_REPLACE                               = 0x4
 	BPF_F_SLEEPABLE                             = 0x10
@@ -521,6 +524,7 @@ const (
 	BPF_MAJOR_VERSION                           = 0x1
 	BPF_MAXINSNS                                = 0x1000
 	BPF_MEM                                     = 0x60
+	BPF_MEMSX                                   = 0x80
 	BPF_MEMWORDS                                = 0x10
 	BPF_MINOR_VERSION                           = 0x1
 	BPF_MISC                                    = 0x7
@@ -776,6 +780,8 @@ const (
 	DEVLINK_GENL_MCGRP_CONFIG_NAME              = "config"
 	DEVLINK_GENL_NAME                           = "devlink"
 	DEVLINK_GENL_VERSION                        = 0x1
+	DEVLINK_PORT_FN_CAP_IPSEC_CRYPTO            = 0x4
+	DEVLINK_PORT_FN_CAP_IPSEC_PACKET            = 0x8
 	DEVLINK_PORT_FN_CAP_MIGRATABLE              = 0x2
 	DEVLINK_PORT_FN_CAP_ROCE                    = 0x1
 	DEVLINK_SB_THRESHOLD_TO_ALPHA_MAX           = 0x14
@@ -1698,6 +1704,7 @@ const (
 	KEXEC_ON_CRASH                              = 0x1
 	KEXEC_PRESERVE_CONTEXT                      = 0x2
 	KEXEC_SEGMENT_MAX                           = 0x10
+	KEXEC_UPDATE_ELFCOREHDR                     = 0x4
 	KEYCTL_ASSUME_AUTHORITY                     = 0x10
 	KEYCTL_CAPABILITIES                         = 0x1f
 	KEYCTL_CAPS0_BIG_KEY                        = 0x10
@@ -2275,6 +2282,7 @@ const (
 	PERF_MEM_LVLNUM_PMEM                        = 0xe
 	PERF_MEM_LVLNUM_RAM                         = 0xd
 	PERF_MEM_LVLNUM_SHIFT                       = 0x21
+	PERF_MEM_LVLNUM_UNC                         = 0x8
 	PERF_MEM_LVL_HIT                            = 0x2
 	PERF_MEM_LVL_IO                             = 0x1000
 	PERF_MEM_LVL_L1                             = 0x8
@@ -3461,6 +3469,7 @@ const (
 	XDP_PACKET_HEADROOM                         = 0x100
 	XDP_PGOFF_RX_RING                           = 0x0
 	XDP_PGOFF_TX_RING                           = 0x80000000
+	XDP_PKT_CONTD                               = 0x1
 	XDP_RING_NEED_WAKEUP                        = 0x1
 	XDP_RX_RING                                 = 0x2
 	XDP_SHARED_UMEM                             = 0x1
@@ -3473,6 +3482,7 @@ const (
 	XDP_UMEM_REG                                = 0x4
 	XDP_UMEM_UNALIGNED_CHUNK_FLAG               = 0x1
 	XDP_USE_NEED_WAKEUP                         = 0x8
+	XDP_USE_SG                                  = 0x10
 	XDP_ZEROCOPY                                = 0x4
 	XENFS_SUPER_MAGIC                           = 0xabba1974
 	XFS_SUPER_MAGIC                             = 0x58465342
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index 30aee00a5..4920821cf 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && linux
-// +build 386,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/386/include -m32 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index 8ebfa5127..a0c1e4112 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && linux
-// +build amd64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/amd64/include -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index 271a21cdc..c63985560 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && linux
-// +build arm,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/arm/include _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index 910c330a3..47cc62e25 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && linux
-// +build arm64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/arm64/include -fsigned-char _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
index a640798c9..27ac4a09e 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build loong64 && linux
-// +build loong64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/loong64/include _const.go
@@ -119,6 +118,7 @@ const (
 	IXOFF                            = 0x1000
 	IXON                             = 0x400
 	LASX_CTX_MAGIC                   = 0x41535801
+	LBT_CTX_MAGIC                    = 0x42540001
 	LSX_CTX_MAGIC                    = 0x53580001
 	MAP_ANON                         = 0x20
 	MAP_ANONYMOUS                    = 0x20
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index 0d5925d34..54694642a 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips && linux
-// +build mips,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/mips/include _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index d72a00e0b..3adb81d75 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64 && linux
-// +build mips64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/mips64/include _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index 02ba129f8..2dfe98f0d 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64le && linux
-// +build mips64le,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/mips64le/include _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index 8daa6dd96..f5398f84f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mipsle && linux
-// +build mipsle,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/mipsle/include _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index 63c8fa2f7..c54f152d6 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc && linux
-// +build ppc,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/ppc/include _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index 930799ec1..76057dc72 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64 && linux
-// +build ppc64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/ppc64/include _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index 8605a7dd7..e0c3725e2 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64le && linux
-// +build ppc64le,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/ppc64le/include _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index 95a016f1c..18f2813ed 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && linux
-// +build riscv64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/riscv64/include _const.go
@@ -228,6 +227,9 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTRACE_GETFDPIC                  = 0x21
+	PTRACE_GETFDPIC_EXEC             = 0x0
+	PTRACE_GETFDPIC_INTERP           = 0x1
 	RLIMIT_AS                        = 0x9
 	RLIMIT_MEMLOCK                   = 0x8
 	RLIMIT_NOFILE                    = 0x7
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 1ae0108f5..11619d4ec 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build s390x && linux
-// +build s390x,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/s390x/include -fsigned-char _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index 1bb7c6333..396d994da 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build sparc64 && linux
-// +build sparc64,linux
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -Wall -Werror -static -I/tmp/sparc64/include _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go b/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go
index 72f7420d2..130085df4 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_netbsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && netbsd
-// +build 386,netbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m32 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go
index 8d4eb0c08..84769a1a3 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_netbsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && netbsd
-// +build amd64,netbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go
index 9eef9749f..602ded003 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && netbsd
-// +build arm,netbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -marm _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go
index 3b62ba192..efc0406ee 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_netbsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && netbsd
-// +build arm64,netbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
index af20e474b..5a6500f83 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && openbsd
-// +build 386,openbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m32 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go
index 6015fcb2b..a5aeeb979 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && openbsd
-// +build amd64,openbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
index 8d44955e4..0e9748a72 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && openbsd
-// +build arm,openbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go
index ae16fe754..4f4449abc 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && openbsd
-// +build arm64,openbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go
index 03d90fe35..76a363f0f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_mips64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64 && openbsd
-// +build mips64,openbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_ppc64.go
index 8e2c51b1e..43ca0cdfd 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64 && openbsd
-// +build ppc64,openbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_openbsd_riscv64.go
index 13d403031..b1b8bb200 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_openbsd_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && openbsd
-// +build riscv64,openbsd
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go
index 1afee6a08..d2ddd3176 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_solaris_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && solaris
-// +build amd64,solaris
 
 // Code generated by cmd/cgo -godefs; DO NOT EDIT.
 // cgo -godefs -- -m64 _const.go
diff --git a/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
index fc7d0506f..4dfd2e051 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build zos && s390x
-// +build zos,s390x
 
 // Hand edited based on zerrors_linux_s390x.go
 // TODO: auto-generate.
diff --git a/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go b/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go
index 97f20ca28..586317c78 100644
--- a/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go
+++ b/vendor/golang.org/x/sys/unix/zptrace_armnn_linux.go
@@ -1,8 +1,6 @@
 // Code generated by linux/mkall.go generatePtracePair("arm", "arm64"). DO NOT EDIT.
 
 //go:build linux && (arm || arm64)
-// +build linux
-// +build arm arm64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go b/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go
index 0b5f79430..d7c881be7 100644
--- a/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go
+++ b/vendor/golang.org/x/sys/unix/zptrace_mipsnn_linux.go
@@ -1,8 +1,6 @@
 // Code generated by linux/mkall.go generatePtracePair("mips", "mips64"). DO NOT EDIT.
 
 //go:build linux && (mips || mips64)
-// +build linux
-// +build mips mips64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go b/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go
index 2807f7e64..2d2de5d29 100644
--- a/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go
+++ b/vendor/golang.org/x/sys/unix/zptrace_mipsnnle_linux.go
@@ -1,8 +1,6 @@
 // Code generated by linux/mkall.go generatePtracePair("mipsle", "mips64le"). DO NOT EDIT.
 
 //go:build linux && (mipsle || mips64le)
-// +build linux
-// +build mipsle mips64le
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go b/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go
index 281ea64e3..5adc79fb5 100644
--- a/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go
+++ b/vendor/golang.org/x/sys/unix/zptrace_x86_linux.go
@@ -1,8 +1,6 @@
 // Code generated by linux/mkall.go generatePtracePair("386", "amd64"). DO NOT EDIT.
 
 //go:build linux && (386 || amd64)
-// +build linux
-// +build 386 amd64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
index d1d1d2331..6ea64a3c0 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build aix && ppc
-// +build aix,ppc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
index f99a18adc..99ee4399a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build aix && ppc64
-// +build aix,ppc64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go
index c4d50ae50..b68a78362 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gc.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build aix && ppc64 && gc
-// +build aix,ppc64,gc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go
index 6903d3b09..0a87450bf 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_aix_ppc64_gccgo.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build aix && ppc64 && gccgo
-// +build aix,ppc64,gccgo
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
index 1cad561e9..ccb02f240 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build darwin && amd64
-// +build darwin,amd64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
index b18edbd0e..1b40b997b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build darwin && arm64
-// +build darwin,arm64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go
index 0c67df64a..aad65fc79 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_dragonfly_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build dragonfly && amd64
-// +build dragonfly,amd64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go
index e6e05d145..c0096391a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build freebsd && 386
-// +build freebsd,386
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go
index 7508accac..7664df749 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build freebsd && amd64
-// +build freebsd,amd64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go
index 7b56aead4..ae099182c 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build freebsd && arm
-// +build freebsd,arm
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go
index cc623dcaa..11fd5d45b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build freebsd && arm64
-// +build freebsd,arm64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go
index 581849197..c3d2d6530 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_freebsd_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build freebsd && riscv64
-// +build freebsd,riscv64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go
index 6be25cd19..c698cbc01 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_illumos_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build illumos && amd64
-// +build illumos,amd64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 1ff3aec74..faca7a557 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -1,7 +1,6 @@
 // Code generated by mkmerge; DO NOT EDIT.
 
 //go:build linux
-// +build linux
 
 package unix
 
@@ -2195,3 +2194,13 @@ func schedGetattr(pid int, attr *SchedAttr, size uint, flags uint) (err error) {
 	}
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Cachestat(fd uint, crange *CachestatRange, cstat *Cachestat_t, flags uint) (err error) {
+	_, _, e1 := Syscall6(SYS_CACHESTAT, uintptr(fd), uintptr(unsafe.Pointer(crange)), uintptr(unsafe.Pointer(cstat)), uintptr(flags), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go
index 07b549cc2..4def3e9fc 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && 386
-// +build linux,386
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go
index 5f481bf83..fef2bc8ba 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && amd64
-// +build linux,amd64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go
index 824cd52c7..a9fd76a88 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && arm
-// +build linux,arm
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go
index e77aecfe9..460065028 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && arm64
-// +build linux,arm64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_loong64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_loong64.go
index 806ffd1e1..c8987d264 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_loong64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && loong64
-// +build linux,loong64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go
index 961a3afb7..921f43061 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && mips
-// +build linux,mips
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go
index ed05005e9..44f067829 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && mips64
-// +build linux,mips64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go
index d365b718f..e7fa0abf0 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && mips64le
-// +build linux,mips64le
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go
index c3f1b8bbd..8c5125675 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_mipsle.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && mipsle
-// +build linux,mipsle
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go
index a6574cf98..7392fd45e 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && ppc
-// +build linux,ppc
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go
index f40990264..41180434e 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && ppc64
-// +build linux,ppc64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go
index 9dfcc2997..40c6ce7ae 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_ppc64le.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && ppc64le
-// +build linux,ppc64le
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go
index 0ab4f2ed7..2cfe34adb 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && riscv64
-// +build linux,riscv64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go
index 6cde32237..61e6f0709 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_s390x.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && s390x
-// +build linux,s390x
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go
index 5253d65bf..834b84204 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux_sparc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build linux && sparc64
-// +build linux,sparc64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
index 2df3c5bac..e91ebc14a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build netbsd && 386
-// +build netbsd,386
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
index a60556bab..be28babbc 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build netbsd && amd64
-// +build netbsd,amd64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
index 9f788917a..fb587e826 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build netbsd && arm
-// +build netbsd,arm
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
index 82a4cb2dc..d576438bb 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_netbsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build netbsd && arm64
-// +build netbsd,arm64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
index 66b3b6456..88bfc2885 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build openbsd && 386
-// +build openbsd,386
 
 package unix
 
@@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_getfsstat_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
@@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 var libc_utimensat_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_utimensat utimensat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pledge(promises *byte, execpromises *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pledge_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pledge pledge "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func unveil(path *byte, flags *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_unveil_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_unveil unveil "libc.so"
+
+
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
index 3dcacd30d..4cbeff171 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
@@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_munmap_trampoline_addr(SB), RODATA, $4
 DATA	·libc_munmap_trampoline_addr(SB)/4, $libc_munmap_trampoline<>(SB)
 
+TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getfsstat(SB)
+GLOBL	·libc_getfsstat_trampoline_addr(SB), RODATA, $4
+DATA	·libc_getfsstat_trampoline_addr(SB)/4, $libc_getfsstat_trampoline<>(SB)
+
 TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimensat(SB)
 GLOBL	·libc_utimensat_trampoline_addr(SB), RODATA, $4
 DATA	·libc_utimensat_trampoline_addr(SB)/4, $libc_utimensat_trampoline<>(SB)
+
+TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pledge(SB)
+GLOBL	·libc_pledge_trampoline_addr(SB), RODATA, $4
+DATA	·libc_pledge_trampoline_addr(SB)/4, $libc_pledge_trampoline<>(SB)
+
+TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_unveil(SB)
+GLOBL	·libc_unveil_trampoline_addr(SB), RODATA, $4
+DATA	·libc_unveil_trampoline_addr(SB)/4, $libc_unveil_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
index c5c4cc112..b8a67b99a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build openbsd && amd64
-// +build openbsd,amd64
 
 package unix
 
@@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_getfsstat_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
@@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 var libc_utimensat_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_utimensat utimensat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pledge(promises *byte, execpromises *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pledge_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pledge pledge "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func unveil(path *byte, flags *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_unveil_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_unveil unveil "libc.so"
+
+
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
index 2763620b0..1123f2757 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
@@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_munmap_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
 
+TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getfsstat(SB)
+GLOBL	·libc_getfsstat_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB)
+
 TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimensat(SB)
 GLOBL	·libc_utimensat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB)
+
+TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pledge(SB)
+GLOBL	·libc_pledge_trampoline_addr(SB), RODATA, $8
+DATA	·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB)
+
+TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_unveil(SB)
+GLOBL	·libc_unveil_trampoline_addr(SB), RODATA, $8
+DATA	·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
index 93bfbb328..af50a65c0 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build openbsd && arm
-// +build openbsd,arm
 
 package unix
 
@@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_getfsstat_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
@@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 var libc_utimensat_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_utimensat utimensat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pledge(promises *byte, execpromises *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pledge_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pledge pledge "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func unveil(path *byte, flags *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_unveil_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_unveil unveil "libc.so"
+
+
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
index c92231404..82badae39 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
@@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_munmap_trampoline_addr(SB), RODATA, $4
 DATA	·libc_munmap_trampoline_addr(SB)/4, $libc_munmap_trampoline<>(SB)
 
+TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getfsstat(SB)
+GLOBL	·libc_getfsstat_trampoline_addr(SB), RODATA, $4
+DATA	·libc_getfsstat_trampoline_addr(SB)/4, $libc_getfsstat_trampoline<>(SB)
+
 TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimensat(SB)
 GLOBL	·libc_utimensat_trampoline_addr(SB), RODATA, $4
 DATA	·libc_utimensat_trampoline_addr(SB)/4, $libc_utimensat_trampoline<>(SB)
+
+TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pledge(SB)
+GLOBL	·libc_pledge_trampoline_addr(SB), RODATA, $4
+DATA	·libc_pledge_trampoline_addr(SB)/4, $libc_pledge_trampoline<>(SB)
+
+TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_unveil(SB)
+GLOBL	·libc_unveil_trampoline_addr(SB), RODATA, $4
+DATA	·libc_unveil_trampoline_addr(SB)/4, $libc_unveil_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
index a107b8fda..8fb4ff36a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build openbsd && arm64
-// +build openbsd,arm64
 
 package unix
 
@@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_getfsstat_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
@@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 var libc_utimensat_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_utimensat utimensat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pledge(promises *byte, execpromises *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pledge_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pledge pledge "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func unveil(path *byte, flags *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_unveil_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_unveil unveil "libc.so"
+
+
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
index a6bc32c92..24d7eecb9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
@@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_munmap_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
 
+TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getfsstat(SB)
+GLOBL	·libc_getfsstat_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB)
+
 TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimensat(SB)
 GLOBL	·libc_utimensat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB)
+
+TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pledge(SB)
+GLOBL	·libc_pledge_trampoline_addr(SB), RODATA, $8
+DATA	·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB)
+
+TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_unveil(SB)
+GLOBL	·libc_unveil_trampoline_addr(SB), RODATA, $8
+DATA	·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
index c427de509..f469a83ee 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build openbsd && mips64
-// +build openbsd,mips64
 
 package unix
 
@@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_getfsstat_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
@@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 var libc_utimensat_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_utimensat utimensat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pledge(promises *byte, execpromises *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pledge_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pledge pledge "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func unveil(path *byte, flags *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_unveil_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_unveil unveil "libc.so"
+
+
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
index b4e7bceab..9a498a067 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
@@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_munmap_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
 
+TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getfsstat(SB)
+GLOBL	·libc_getfsstat_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB)
+
 TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimensat(SB)
 GLOBL	·libc_utimensat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB)
+
+TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pledge(SB)
+GLOBL	·libc_pledge_trampoline_addr(SB), RODATA, $8
+DATA	·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB)
+
+TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_unveil(SB)
+GLOBL	·libc_unveil_trampoline_addr(SB), RODATA, $8
+DATA	·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
index 60c1a99ae..c26ca2e1a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build openbsd && ppc64
-// +build openbsd,ppc64
 
 package unix
 
@@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_getfsstat_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
@@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 var libc_utimensat_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_utimensat utimensat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pledge(promises *byte, execpromises *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pledge_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pledge pledge "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func unveil(path *byte, flags *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_unveil_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_unveil unveil "libc.so"
+
+
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
index ca3f76600..1f224aa41 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
@@ -801,8 +801,26 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_munmap_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
 
+TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0
+	CALL	libc_getfsstat(SB)
+	RET
+GLOBL	·libc_getfsstat_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB)
+
 TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0
 	CALL	libc_utimensat(SB)
 	RET
 GLOBL	·libc_utimensat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB)
+
+TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0
+	CALL	libc_pledge(SB)
+	RET
+GLOBL	·libc_pledge_trampoline_addr(SB), RODATA, $8
+DATA	·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB)
+
+TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0
+	CALL	libc_unveil(SB)
+	RET
+GLOBL	·libc_unveil_trampoline_addr(SB), RODATA, $8
+DATA	·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
index 52eba360f..bcc920dd2 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build openbsd && riscv64
-// +build openbsd,riscv64
 
 package unix
 
@@ -2213,6 +2212,21 @@ var libc_munmap_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func getfsstat(stat *Statfs_t, bufsize uintptr, flags int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_getfsstat_trampoline_addr, uintptr(unsafe.Pointer(stat)), uintptr(bufsize), uintptr(flags))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_getfsstat_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_getfsstat getfsstat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
@@ -2229,3 +2243,33 @@ func utimensat(dirfd int, path string, times *[2]Timespec, flags int) (err error
 var libc_utimensat_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_utimensat utimensat "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pledge(promises *byte, execpromises *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_pledge_trampoline_addr, uintptr(unsafe.Pointer(promises)), uintptr(unsafe.Pointer(execpromises)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pledge_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pledge pledge "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func unveil(path *byte, flags *byte) (err error) {
+	_, _, e1 := syscall_syscall(libc_unveil_trampoline_addr, uintptr(unsafe.Pointer(path)), uintptr(unsafe.Pointer(flags)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_unveil_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_unveil unveil "libc.so"
+
+
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
index 477a7d5b2..87a79c709 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
@@ -668,7 +668,22 @@ TEXT libc_munmap_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_munmap_trampoline_addr(SB), RODATA, $8
 DATA	·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
 
+TEXT libc_getfsstat_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_getfsstat(SB)
+GLOBL	·libc_getfsstat_trampoline_addr(SB), RODATA, $8
+DATA	·libc_getfsstat_trampoline_addr(SB)/8, $libc_getfsstat_trampoline<>(SB)
+
 TEXT libc_utimensat_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_utimensat(SB)
 GLOBL	·libc_utimensat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_utimensat_trampoline_addr(SB)/8, $libc_utimensat_trampoline<>(SB)
+
+TEXT libc_pledge_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pledge(SB)
+GLOBL	·libc_pledge_trampoline_addr(SB), RODATA, $8
+DATA	·libc_pledge_trampoline_addr(SB)/8, $libc_pledge_trampoline<>(SB)
+
+TEXT libc_unveil_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_unveil(SB)
+GLOBL	·libc_unveil_trampoline_addr(SB), RODATA, $8
+DATA	·libc_unveil_trampoline_addr(SB)/8, $libc_unveil_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
index b40189464..829b87feb 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build solaris && amd64
-// +build solaris,amd64
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
index 1d8fe1d4b..94f011238 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build zos && s390x
-// +build zos,s390x
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go
index 55e048471..3a58ae819 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; DO NOT EDIT.
 
 //go:build 386 && openbsd
-// +build 386,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go
index d2243cf83..dcb7a0eb7 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; DO NOT EDIT.
 
 //go:build amd64 && openbsd
-// +build amd64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go
index 82dc51bd8..db5a7bf13 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; DO NOT EDIT.
 
 //go:build arm && openbsd
-// +build arm,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go
index cbdda1a4a..7be575a77 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; DO NOT EDIT.
 
 //go:build arm64 && openbsd
-// +build arm64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go
index f55eae1a8..d6e3174c6 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_mips64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; DO NOT EDIT.
 
 //go:build mips64 && openbsd
-// +build mips64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_ppc64.go
index e44054470..ee97157d0 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; DO NOT EDIT.
 
 //go:build ppc64 && openbsd
-// +build ppc64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_riscv64.go
index a0db82fce..35c3b91d0 100644
--- a/vendor/golang.org/x/sys/unix/zsysctl_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysctl_openbsd_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; DO NOT EDIT.
 
 //go:build riscv64 && openbsd
-// +build riscv64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go
index f8298ff9b..5edda7687 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && darwin
-// +build amd64,darwin
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go
index 5eb433bbf..0dc9e8b4d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_darwin_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && darwin
-// +build arm64,darwin
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go
index 703675c0c..308ddf3a1 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_dragonfly_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && dragonfly
-// +build amd64,dragonfly
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go
index 4e0d96107..418664e3d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && freebsd
-// +build 386,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go
index 01636b838..34d0b86d7 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && freebsd
-// +build amd64,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go
index ad99bc106..b71cf45e2 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && freebsd
-// +build arm,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go
index 89dcc4274..e32df1c1e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && freebsd
-// +build arm64,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_riscv64.go
index ee37aaa0c..15ad6111f 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_freebsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_freebsd_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && freebsd
-// +build riscv64,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
index 9862853d3..fcf3ecbdd 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && linux
-// +build 386,linux
 
 package unix
 
@@ -448,4 +447,5 @@ const (
 	SYS_FUTEX_WAITV                  = 449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 450
 	SYS_CACHESTAT                    = 451
+	SYS_FCHMODAT2                    = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
index 8901f0f4e..f56dc2504 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && linux
-// +build amd64,linux
 
 package unix
 
@@ -370,4 +369,6 @@ const (
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
+	SYS_FCHMODAT2               = 452
+	SYS_MAP_SHADOW_STACK        = 453
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
index 6902c37ee..974bf2467 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && linux
-// +build arm,linux
 
 package unix
 
@@ -412,4 +411,5 @@ const (
 	SYS_FUTEX_WAITV                  = 449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 450
 	SYS_CACHESTAT                    = 451
+	SYS_FCHMODAT2                    = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
index a6d3dff81..39a2739e2 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && linux
-// +build arm64,linux
 
 package unix
 
@@ -315,4 +314,5 @@ const (
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
+	SYS_FCHMODAT2               = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
index b18f3f710..cf9c9d77e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build loong64 && linux
-// +build loong64,linux
 
 package unix
 
@@ -309,4 +308,5 @@ const (
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
+	SYS_FCHMODAT2               = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
index 0302e5e3d..10b7362ef 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips && linux
-// +build mips,linux
 
 package unix
 
@@ -432,4 +431,5 @@ const (
 	SYS_FUTEX_WAITV                  = 4449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 4450
 	SYS_CACHESTAT                    = 4451
+	SYS_FCHMODAT2                    = 4452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
index 6693ba4a0..cd4d8b4fd 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64 && linux
-// +build mips64,linux
 
 package unix
 
@@ -362,4 +361,5 @@ const (
 	SYS_FUTEX_WAITV             = 5449
 	SYS_SET_MEMPOLICY_HOME_NODE = 5450
 	SYS_CACHESTAT               = 5451
+	SYS_FCHMODAT2               = 5452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
index fd93f4987..2c0efca81 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64le && linux
-// +build mips64le,linux
 
 package unix
 
@@ -362,4 +361,5 @@ const (
 	SYS_FUTEX_WAITV             = 5449
 	SYS_SET_MEMPOLICY_HOME_NODE = 5450
 	SYS_CACHESTAT               = 5451
+	SYS_FCHMODAT2               = 5452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
index 760ddcadc..a72e31d39 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mipsle && linux
-// +build mipsle,linux
 
 package unix
 
@@ -432,4 +431,5 @@ const (
 	SYS_FUTEX_WAITV                  = 4449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 4450
 	SYS_CACHESTAT                    = 4451
+	SYS_FCHMODAT2                    = 4452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
index cff2b2555..c7d1e3747 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc && linux
-// +build ppc,linux
 
 package unix
 
@@ -439,4 +438,5 @@ const (
 	SYS_FUTEX_WAITV                  = 449
 	SYS_SET_MEMPOLICY_HOME_NODE      = 450
 	SYS_CACHESTAT                    = 451
+	SYS_FCHMODAT2                    = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
index a4b2405d0..f4d4838c8 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64 && linux
-// +build ppc64,linux
 
 package unix
 
@@ -411,4 +410,5 @@ const (
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
+	SYS_FCHMODAT2               = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
index aca54b4e3..b64f0e591 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64le && linux
-// +build ppc64le,linux
 
 package unix
 
@@ -411,4 +410,5 @@ const (
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
+	SYS_FCHMODAT2               = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index 9d1738d64..95711195a 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && linux
-// +build riscv64,linux
 
 package unix
 
@@ -316,4 +315,5 @@ const (
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
+	SYS_FCHMODAT2               = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index 022878dc8..f94e943bc 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build s390x && linux
-// +build s390x,linux
 
 package unix
 
@@ -377,4 +376,5 @@ const (
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
+	SYS_FCHMODAT2               = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
index 4100a761c..ba0c2bc51 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build sparc64 && linux
-// +build sparc64,linux
 
 package unix
 
@@ -390,4 +389,5 @@ const (
 	SYS_FUTEX_WAITV             = 449
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
+	SYS_FCHMODAT2               = 452
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go
index 3a6699eba..b2aa8cd49 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && netbsd
-// +build 386,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go
index 5677cd4f1..524a1b1c9 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && netbsd
-// +build amd64,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go
index e784cb6db..d59b943ac 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && netbsd
-// +build arm,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go
index bd4952efa..31e771d53 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_netbsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; DO NOT EDIT.
 
 //go:build arm64 && netbsd
-// +build arm64,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go
index 597733813..9fd77c6cb 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && openbsd
-// +build 386,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go
index 16af29189..af10af28c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && openbsd
-// +build amd64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go
index f59b18a97..cc2028af4 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && openbsd
-// +build arm,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go
index 721ef5910..c06dd4415 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && openbsd
-// +build arm64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go
index 01c43a01f..9ddbf3e08 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_mips64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64 && openbsd
-// +build mips64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_ppc64.go
index f258cfa24..19a6ee413 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64 && openbsd
-// +build ppc64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_riscv64.go
index 07919e0ec..05192a782 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_openbsd_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && openbsd
-// +build riscv64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
index 073daad43..b2e308581 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build zos && s390x
-// +build zos,s390x
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go
index 7a8161c1d..3e6d57cae 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc && aix
-// +build ppc,aix
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go
index 07ed733c5..3a219bdce 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_aix_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64 && aix
-// +build ppc64,aix
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
index 690cefc3d..091d107f3 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && darwin
-// +build amd64,darwin
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
index 5bffc10ea..28ff4ef74 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && darwin
-// +build arm64,darwin
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go
index d0ba8e9b8..30e405bb4 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && dragonfly
-// +build amd64,dragonfly
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
index 29dc48337..6cbd094a3 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && freebsd
-// +build 386,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
index 0a89b2890..7c03b6ee7 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && freebsd
-// +build amd64,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
index c8666bb15..422107ee8 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && freebsd
-// +build arm,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
index 88fb48a88..505a12acf 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && freebsd
-// +build arm64,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go
index 698dc975e..cc986c790 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && freebsd
-// +build riscv64,freebsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 18aa70b42..997bcd55a 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -1,7 +1,6 @@
 // Code generated by mkmerge; DO NOT EDIT.
 
 //go:build linux
-// +build linux
 
 package unix
 
@@ -5883,3 +5882,15 @@ type SchedAttr struct {
 }
 
 const SizeofSchedAttr = 0x38
+
+type Cachestat_t struct {
+	Cache            uint64
+	Dirty            uint64
+	Writeback        uint64
+	Evicted          uint64
+	Recently_evicted uint64
+}
+type CachestatRange struct {
+	Off uint64
+	Len uint64
+}
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
index 6d8acbcc5..438a30aff 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && linux
-// +build 386,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
index 59293c688..adceca355 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && linux
-// +build amd64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
index 40cfa38c2..eeaa00a37 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && linux
-// +build arm,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
index 055bc4216..6739aa91d 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && linux
-// +build arm64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
index f28affbc6..9920ef631 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build loong64 && linux
-// +build loong64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
index 9d71e7ccd..2923b799a 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips && linux
-// +build mips,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
index fd5ccd332..ce2750ee4 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64 && linux
-// +build mips64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
index 7704de77a..3038811d7 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64le && linux
-// +build mips64le,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
index df00b8757..efc6fed18 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mipsle && linux
-// +build mipsle,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
index 0942840db..9a654b75a 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc && linux
-// +build ppc,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
index 034874395..40d358e33 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64 && linux
-// +build ppc64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
index bad067047..148c6ceb8 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64le && linux
-// +build ppc64le,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
index 1b4c97c32..72ba81543 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && linux
-// +build riscv64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
index aa268d025..71e765508 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build s390x && linux
-// +build s390x,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
index 444045b6c..4abbdb9de 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build sparc64 && linux
-// +build sparc64,linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go
index 9bc4c8f9d..f22e7947d 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && netbsd
-// +build 386,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go
index bb05f655d..066a7d83d 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && netbsd
-// +build amd64,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go
index db40e3a19..439548ec9 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && netbsd
-// +build arm,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go
index 11121151c..16085d3bb 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && netbsd
-// +build arm64,netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go
index 26eba23b7..afd13a3af 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_386.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build 386 && openbsd
-// +build 386,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go
index 5a5479886..5d97f1f9b 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && openbsd
-// +build amd64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go
index be58c4e1f..34871cdc1 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm && openbsd
-// +build arm,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go
index 52338266c..5911bceb3 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_arm64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build arm64 && openbsd
-// +build arm64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go
index 605cfdb12..e4f24f3bc 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_mips64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build mips64 && openbsd
-// +build mips64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_ppc64.go
index d6724c010..ca50a7930 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_ppc64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build ppc64 && openbsd
-// +build ppc64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_openbsd_riscv64.go
index ddfd27a43..d7d7f7902 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_openbsd_riscv64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build riscv64 && openbsd
-// +build riscv64,openbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go
index 0400747c6..14160576d 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_solaris_amd64.go
@@ -2,7 +2,6 @@
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build amd64 && solaris
-// +build amd64,solaris
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
index aec1efcb3..54f31be63 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build zos && s390x
-// +build zos,s390x
 
 // Hand edited based on ztypes_linux_s390x.go
 // TODO: auto-generate.
diff --git a/vendor/golang.org/x/sys/windows/aliases.go b/vendor/golang.org/x/sys/windows/aliases.go
index a20ebea63..ce2d713d6 100644
--- a/vendor/golang.org/x/sys/windows/aliases.go
+++ b/vendor/golang.org/x/sys/windows/aliases.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build windows && go1.9
-// +build windows,go1.9
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/empty.s b/vendor/golang.org/x/sys/windows/empty.s
index fdbbbcd31..ba64caca5 100644
--- a/vendor/golang.org/x/sys/windows/empty.s
+++ b/vendor/golang.org/x/sys/windows/empty.s
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !go1.12
-// +build !go1.12
 
 // This file is here to allow bodyless functions with go:linkname for Go 1.11
 // and earlier (see https://golang.org/issue/23311).
diff --git a/vendor/golang.org/x/sys/windows/eventlog.go b/vendor/golang.org/x/sys/windows/eventlog.go
index 2cd60645e..6c366955d 100644
--- a/vendor/golang.org/x/sys/windows/eventlog.go
+++ b/vendor/golang.org/x/sys/windows/eventlog.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build windows
-// +build windows
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/mksyscall.go b/vendor/golang.org/x/sys/windows/mksyscall.go
index 8563f79c5..dbcdb090c 100644
--- a/vendor/golang.org/x/sys/windows/mksyscall.go
+++ b/vendor/golang.org/x/sys/windows/mksyscall.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build generate
-// +build generate
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/race.go b/vendor/golang.org/x/sys/windows/race.go
index 9196b089c..0f1bdc386 100644
--- a/vendor/golang.org/x/sys/windows/race.go
+++ b/vendor/golang.org/x/sys/windows/race.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build windows && race
-// +build windows,race
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/race0.go b/vendor/golang.org/x/sys/windows/race0.go
index 7bae4817a..0c78da78b 100644
--- a/vendor/golang.org/x/sys/windows/race0.go
+++ b/vendor/golang.org/x/sys/windows/race0.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build windows && !race
-// +build windows,!race
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/service.go b/vendor/golang.org/x/sys/windows/service.go
index c44a1b963..a9dc6308d 100644
--- a/vendor/golang.org/x/sys/windows/service.go
+++ b/vendor/golang.org/x/sys/windows/service.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build windows
-// +build windows
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/str.go b/vendor/golang.org/x/sys/windows/str.go
index 4fc01434e..6a4f9ce6a 100644
--- a/vendor/golang.org/x/sys/windows/str.go
+++ b/vendor/golang.org/x/sys/windows/str.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build windows
-// +build windows
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/syscall.go b/vendor/golang.org/x/sys/windows/syscall.go
index 8732cdb95..e85ed6b9c 100644
--- a/vendor/golang.org/x/sys/windows/syscall.go
+++ b/vendor/golang.org/x/sys/windows/syscall.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build windows
-// +build windows
 
 // Package windows contains an interface to the low-level operating system
 // primitives. OS details vary depending on the underlying system, and
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 35cfc57ca..fb6cfd046 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -233,6 +233,7 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	CreateEnvironmentBlock(block **uint16, token Token, inheritExisting bool) (err error) = userenv.CreateEnvironmentBlock
 //sys	DestroyEnvironmentBlock(block *uint16) (err error) = userenv.DestroyEnvironmentBlock
 //sys	getTickCount64() (ms uint64) = kernel32.GetTickCount64
+//sys   GetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error)
 //sys	SetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error)
 //sys	GetFileAttributes(name *uint16) (attrs uint32, err error) [failretval==INVALID_FILE_ATTRIBUTES] = kernel32.GetFileAttributesW
 //sys	SetFileAttributes(name *uint16, attrs uint32) (err error) = kernel32.SetFileAttributesW
@@ -969,7 +970,8 @@ func (sa *SockaddrUnix) sockaddr() (unsafe.Pointer, int32, error) {
 	if n > 0 {
 		sl += int32(n) + 1
 	}
-	if sa.raw.Path[0] == '@' {
+	if sa.raw.Path[0] == '@' || (sa.raw.Path[0] == 0 && sl > 3) {
+		// Check sl > 3 so we don't change unnamed socket behavior.
 		sa.raw.Path[0] = 0
 		// Don't count trailing NUL for abstract address.
 		sl--
diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go
index b88dc7c85..359780f6a 100644
--- a/vendor/golang.org/x/sys/windows/types_windows.go
+++ b/vendor/golang.org/x/sys/windows/types_windows.go
@@ -1094,7 +1094,33 @@ const (
 
 	SOMAXCONN = 0x7fffffff
 
-	TCP_NODELAY = 1
+	TCP_NODELAY                    = 1
+	TCP_EXPEDITED_1122             = 2
+	TCP_KEEPALIVE                  = 3
+	TCP_MAXSEG                     = 4
+	TCP_MAXRT                      = 5
+	TCP_STDURG                     = 6
+	TCP_NOURG                      = 7
+	TCP_ATMARK                     = 8
+	TCP_NOSYNRETRIES               = 9
+	TCP_TIMESTAMPS                 = 10
+	TCP_OFFLOAD_PREFERENCE         = 11
+	TCP_CONGESTION_ALGORITHM       = 12
+	TCP_DELAY_FIN_ACK              = 13
+	TCP_MAXRTMS                    = 14
+	TCP_FASTOPEN                   = 15
+	TCP_KEEPCNT                    = 16
+	TCP_KEEPIDLE                   = TCP_KEEPALIVE
+	TCP_KEEPINTVL                  = 17
+	TCP_FAIL_CONNECT_ON_ICMP_ERROR = 18
+	TCP_ICMP_ERROR_INFO            = 19
+
+	UDP_NOCHECKSUM              = 1
+	UDP_SEND_MSG_SIZE           = 2
+	UDP_RECV_MAX_COALESCED_SIZE = 3
+	UDP_CHECKSUM_COVERAGE       = 20
+
+	UDP_COALESCED_INFO = 3
 
 	SHUT_RD   = 0
 	SHUT_WR   = 1
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index 8b1688de4..db6282e00 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -253,6 +253,7 @@ var (
 	procGetFileAttributesW                                   = modkernel32.NewProc("GetFileAttributesW")
 	procGetFileInformationByHandle                           = modkernel32.NewProc("GetFileInformationByHandle")
 	procGetFileInformationByHandleEx                         = modkernel32.NewProc("GetFileInformationByHandleEx")
+	procGetFileTime                                          = modkernel32.NewProc("GetFileTime")
 	procGetFileType                                          = modkernel32.NewProc("GetFileType")
 	procGetFinalPathNameByHandleW                            = modkernel32.NewProc("GetFinalPathNameByHandleW")
 	procGetFullPathNameW                                     = modkernel32.NewProc("GetFullPathNameW")
@@ -2185,6 +2186,14 @@ func GetFileInformationByHandleEx(handle Handle, class uint32, outBuffer *byte,
 	return
 }
 
+func GetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetime) (err error) {
+	r1, _, e1 := syscall.Syscall6(procGetFileTime.Addr(), 4, uintptr(handle), uintptr(unsafe.Pointer(ctime)), uintptr(unsafe.Pointer(atime)), uintptr(unsafe.Pointer(wtime)), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func GetFileType(filehandle Handle) (n uint32, err error) {
 	r0, _, e1 := syscall.Syscall(procGetFileType.Addr(), 1, uintptr(filehandle), 0, 0)
 	n = uint32(r0)
diff --git a/vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go b/vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go
index 8a7392c4a..784bb8808 100644
--- a/vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go
+++ b/vendor/golang.org/x/text/secure/bidirule/bidirule10.0.0.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build go1.10
-// +build go1.10
 
 package bidirule
 
diff --git a/vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go b/vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go
index bb0a92001..8e1e94395 100644
--- a/vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go
+++ b/vendor/golang.org/x/text/secure/bidirule/bidirule9.0.0.go
@@ -3,7 +3,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !go1.10
-// +build !go1.10
 
 package bidirule
 
diff --git a/vendor/golang.org/x/text/unicode/bidi/tables10.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables10.0.0.go
index 42fa8d72c..d2bd71181 100644
--- a/vendor/golang.org/x/text/unicode/bidi/tables10.0.0.go
+++ b/vendor/golang.org/x/text/unicode/bidi/tables10.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.10 && !go1.13
-// +build go1.10,!go1.13
 
 package bidi
 
diff --git a/vendor/golang.org/x/text/unicode/bidi/tables11.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables11.0.0.go
index 56a0e1ea2..f76bdca27 100644
--- a/vendor/golang.org/x/text/unicode/bidi/tables11.0.0.go
+++ b/vendor/golang.org/x/text/unicode/bidi/tables11.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.13 && !go1.14
-// +build go1.13,!go1.14
 
 package bidi
 
diff --git a/vendor/golang.org/x/text/unicode/bidi/tables12.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables12.0.0.go
index baacf32b4..3aa2c3bdf 100644
--- a/vendor/golang.org/x/text/unicode/bidi/tables12.0.0.go
+++ b/vendor/golang.org/x/text/unicode/bidi/tables12.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.14 && !go1.16
-// +build go1.14,!go1.16
 
 package bidi
 
diff --git a/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go
index ffadb7beb..a71375790 100644
--- a/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go
+++ b/vendor/golang.org/x/text/unicode/bidi/tables13.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.16 && !go1.21
-// +build go1.16,!go1.21
 
 package bidi
 
diff --git a/vendor/golang.org/x/text/unicode/bidi/tables15.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables15.0.0.go
index 92cce5802..f15746f7d 100644
--- a/vendor/golang.org/x/text/unicode/bidi/tables15.0.0.go
+++ b/vendor/golang.org/x/text/unicode/bidi/tables15.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.21
-// +build go1.21
 
 package bidi
 
diff --git a/vendor/golang.org/x/text/unicode/bidi/tables9.0.0.go b/vendor/golang.org/x/text/unicode/bidi/tables9.0.0.go
index f517fdb20..c164d3791 100644
--- a/vendor/golang.org/x/text/unicode/bidi/tables9.0.0.go
+++ b/vendor/golang.org/x/text/unicode/bidi/tables9.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build !go1.10
-// +build !go1.10
 
 package bidi
 
diff --git a/vendor/golang.org/x/text/unicode/norm/tables10.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables10.0.0.go
index f5a078827..1af161c75 100644
--- a/vendor/golang.org/x/text/unicode/norm/tables10.0.0.go
+++ b/vendor/golang.org/x/text/unicode/norm/tables10.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.10 && !go1.13
-// +build go1.10,!go1.13
 
 package norm
 
diff --git a/vendor/golang.org/x/text/unicode/norm/tables11.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables11.0.0.go
index cb7239c43..eb73ecc37 100644
--- a/vendor/golang.org/x/text/unicode/norm/tables11.0.0.go
+++ b/vendor/golang.org/x/text/unicode/norm/tables11.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.13 && !go1.14
-// +build go1.13,!go1.14
 
 package norm
 
diff --git a/vendor/golang.org/x/text/unicode/norm/tables12.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables12.0.0.go
index 11b273300..276cb8d8c 100644
--- a/vendor/golang.org/x/text/unicode/norm/tables12.0.0.go
+++ b/vendor/golang.org/x/text/unicode/norm/tables12.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.14 && !go1.16
-// +build go1.14,!go1.16
 
 package norm
 
diff --git a/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go
index f65785e8a..0cceffd73 100644
--- a/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go
+++ b/vendor/golang.org/x/text/unicode/norm/tables13.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.16 && !go1.21
-// +build go1.16,!go1.21
 
 package norm
 
diff --git a/vendor/golang.org/x/text/unicode/norm/tables15.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables15.0.0.go
index e1858b879..b0819e42d 100644
--- a/vendor/golang.org/x/text/unicode/norm/tables15.0.0.go
+++ b/vendor/golang.org/x/text/unicode/norm/tables15.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.21
-// +build go1.21
 
 package norm
 
diff --git a/vendor/golang.org/x/text/unicode/norm/tables9.0.0.go b/vendor/golang.org/x/text/unicode/norm/tables9.0.0.go
index 0175eae50..bf65457d9 100644
--- a/vendor/golang.org/x/text/unicode/norm/tables9.0.0.go
+++ b/vendor/golang.org/x/text/unicode/norm/tables9.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build !go1.10
-// +build !go1.10
 
 package norm
 
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 751df3665..cf05fb64d 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -130,8 +130,8 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.14.0
-## explicit; go 1.17
+# golang.org/x/crypto v0.15.0
+## explicit; go 1.18
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
 golang.org/x/crypto/cryptobyte
@@ -152,13 +152,13 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 ## explicit; go 1.17
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.13.0
-## explicit; go 1.17
+# golang.org/x/sys v0.14.0
+## explicit; go 1.18
 golang.org/x/sys/cpu
 golang.org/x/sys/unix
 golang.org/x/sys/windows
-# golang.org/x/text v0.13.0
-## explicit; go 1.17
+# golang.org/x/text v0.14.0
+## explicit; go 1.18
 golang.org/x/text/secure/bidirule
 golang.org/x/text/transform
 golang.org/x/text/unicode/bidi

From 3d88142b80d67fb6fe695588654ea3d8c8573c74 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 Dec 2023 03:41:10 +0000
Subject: [PATCH 49/73] build(deps): bump actions/setup-go from 4 to 5

Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/go.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index d5556fc22..d18e8234a 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -53,7 +53,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Set up Go
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v5
         with:
           go-version: ${{ matrix.go }}
 
@@ -70,7 +70,7 @@ jobs:
     name: lint
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/setup-go@v4
+      - uses: actions/setup-go@v5
         with:
           go-version: 1.18
       - uses: actions/checkout@v4

From 7af06692928357e5f7b345111bd5ff1940616477 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Dec 2023 03:43:11 +0000
Subject: [PATCH 50/73] build(deps): bump github.com/mattn/go-sqlite3 from
 1.14.18 to 1.14.19

Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.18 to 1.14.19.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.18...v1.14.19)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |  2 +-
 go.sum                                        |  4 ++--
 vendor/github.com/mattn/go-sqlite3/sqlite3.go | 13 ++++++++++++-
 vendor/modules.txt                            |  2 +-
 4 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/go.mod b/go.mod
index ac0a90a3a..c6e49acd6 100644
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
-	github.com/mattn/go-sqlite3 v1.14.18
+	github.com/mattn/go-sqlite3 v1.14.19
 	github.com/prometheus/client_golang v1.17.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
diff --git a/go.sum b/go.sum
index c8da97b69..95af2969e 100644
--- a/go.sum
+++ b/go.sum
@@ -236,8 +236,8 @@ github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
 github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
-github.com/mattn/go-sqlite3 v1.14.18 h1:JL0eqdCOq6DJVNPSvArO/bIV9/P7fbGrV00LZHc+5aI=
-github.com/mattn/go-sqlite3 v1.14.18/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
+github.com/mattn/go-sqlite3 v1.14.19 h1:fhGleo2h1p8tVChob4I9HpmVFIAkKGpiukdrgQbWfGI=
+github.com/mattn/go-sqlite3 v1.14.19/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
 github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
index 5e4e2ff57..576418233 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
@@ -21,7 +21,6 @@ package sqlite3
 #cgo CFLAGS: -DSQLITE_DEFAULT_WAL_SYNCHRONOUS=1
 #cgo CFLAGS: -DSQLITE_ENABLE_UPDATE_DELETE_LIMIT
 #cgo CFLAGS: -Wno-deprecated-declarations
-#cgo linux,!android CFLAGS: -DHAVE_PREAD64=1 -DHAVE_PWRITE64=1
 #cgo openbsd CFLAGS: -I/usr/local/include
 #cgo openbsd LDFLAGS: -L/usr/local/lib
 #ifndef USE_LIBSQLITE3
@@ -48,6 +47,18 @@ package sqlite3
 # define SQLITE_DETERMINISTIC 0
 #endif
 
+#if defined(HAVE_PREAD64) && defined(HAVE_PWRITE64)
+# undef USE_PREAD
+# undef USE_PWRITE
+# define USE_PREAD64 1
+# define USE_PWRITE64 1
+#elif defined(HAVE_PREAD) && defined(HAVE_PWRITE)
+# undef USE_PREAD
+# undef USE_PWRITE
+# define USE_PREAD64 1
+# define USE_PWRITE64 1
+#endif
+
 static int
 _sqlite3_open_v2(const char *filename, sqlite3 **ppDb, int flags, const char *zVfs) {
 #ifdef SQLITE_OPEN_URI
diff --git a/vendor/modules.txt b/vendor/modules.txt
index cf05fb64d..12f7b1118 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -68,7 +68,7 @@ github.com/kylelemons/go-gypsy/yaml
 github.com/lib/pq
 github.com/lib/pq/oid
 github.com/lib/pq/scram
-# github.com/mattn/go-sqlite3 v1.14.18
+# github.com/mattn/go-sqlite3 v1.14.19
 ## explicit; go 1.16
 github.com/mattn/go-sqlite3
 # github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0

From 15955d7e145040770311d68453a7adc1b595cd11 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Dec 2023 03:49:22 +0000
Subject: [PATCH 51/73] build(deps): bump actions/upload-artifact from 3 to 4

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/snapshot.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/snapshot.yml b/.github/workflows/snapshot.yml
index 26678505f..0d11090e8 100644
--- a/.github/workflows/snapshot.yml
+++ b/.github/workflows/snapshot.yml
@@ -12,7 +12,7 @@ jobs:
       - uses: actions/checkout@v4
       - run: make snapshot
       - name: Archive snapshot artifacts
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: binaries
           path: dist/

From 9243529bd864977a651ddde87af44d25ce027e9c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Dec 2023 23:57:46 +0000
Subject: [PATCH 52/73] build(deps): bump golang.org/x/crypto from 0.15.0 to
 0.17.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.15.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |  4 +-
 go.sum                                        | 10 ++--
 vendor/golang.org/x/crypto/cryptobyte/asn1.go | 13 +++--
 vendor/golang.org/x/crypto/ssh/channel.go     | 28 +++++++---
 vendor/golang.org/x/crypto/ssh/client.go      |  2 +-
 vendor/golang.org/x/crypto/ssh/client_auth.go | 20 ++++++-
 vendor/golang.org/x/crypto/ssh/common.go      |  8 +++
 vendor/golang.org/x/crypto/ssh/handshake.go   | 56 +++++++++++++++++--
 vendor/golang.org/x/crypto/ssh/server.go      |  7 ++-
 vendor/golang.org/x/crypto/ssh/tcpip.go       | 35 ++++++++++++
 vendor/golang.org/x/crypto/ssh/transport.go   | 32 +++++++++--
 vendor/golang.org/x/sys/unix/fcntl.go         |  2 +-
 vendor/golang.org/x/sys/unix/ioctl_linux.go   |  5 ++
 vendor/golang.org/x/sys/unix/mkerrors.sh      |  3 +-
 vendor/golang.org/x/sys/unix/syscall_bsd.go   |  2 +-
 vendor/golang.org/x/sys/unix/syscall_linux.go | 28 ++++++----
 .../golang.org/x/sys/unix/syscall_openbsd.go  | 14 +++++
 .../golang.org/x/sys/unix/syscall_solaris.go  |  2 +-
 .../x/sys/unix/syscall_zos_s390x.go           |  2 +-
 vendor/golang.org/x/sys/unix/zerrors_linux.go |  2 +-
 .../golang.org/x/sys/unix/zsyscall_linux.go   | 15 +++++
 .../x/sys/unix/zsyscall_openbsd_386.go        | 26 +++++++++
 .../x/sys/unix/zsyscall_openbsd_386.s         |  5 ++
 .../x/sys/unix/zsyscall_openbsd_amd64.go      | 26 +++++++++
 .../x/sys/unix/zsyscall_openbsd_amd64.s       |  5 ++
 .../x/sys/unix/zsyscall_openbsd_arm.go        | 26 +++++++++
 .../x/sys/unix/zsyscall_openbsd_arm.s         |  5 ++
 .../x/sys/unix/zsyscall_openbsd_arm64.go      | 26 +++++++++
 .../x/sys/unix/zsyscall_openbsd_arm64.s       |  5 ++
 .../x/sys/unix/zsyscall_openbsd_mips64.go     | 26 +++++++++
 .../x/sys/unix/zsyscall_openbsd_mips64.s      |  5 ++
 .../x/sys/unix/zsyscall_openbsd_ppc64.go      | 26 +++++++++
 .../x/sys/unix/zsyscall_openbsd_ppc64.s       |  6 ++
 .../x/sys/unix/zsyscall_openbsd_riscv64.go    | 26 +++++++++
 .../x/sys/unix/zsyscall_openbsd_riscv64.s     |  5 ++
 vendor/golang.org/x/sys/unix/ztypes_linux.go  | 32 +++++++++++
 .../x/sys/windows/syscall_windows.go          |  2 +
 .../x/sys/windows/zsyscall_windows.go         | 19 +++++++
 vendor/modules.txt                            |  4 +-
 39 files changed, 513 insertions(+), 52 deletions(-)

diff --git a/go.mod b/go.mod
index ac0a90a3a..0e4a8c528 100644
--- a/go.mod
+++ b/go.mod
@@ -16,7 +16,7 @@ require (
 	github.com/prometheus/client_golang v1.17.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.15.0
+	golang.org/x/crypto v0.17.0
 )
 
 require (
@@ -34,7 +34,7 @@ require (
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.14.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
diff --git a/go.sum b/go.sum
index c8da97b69..2a4ad9973 100644
--- a/go.sum
+++ b/go.sum
@@ -385,8 +385,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.15.0 h1:frVn1TEaCEaZcn3Tmd7Y2b5KKPaZ+I32Q2OA3kYp5TA=
-golang.org/x/crypto v0.15.0/go.mod h1:4ChreQoLWfG3xLDer1WdlH5NdlQ3+mwnQq1YTKY+72g=
+golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
+golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -528,14 +528,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q=
-golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8=
+golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
diff --git a/vendor/golang.org/x/crypto/cryptobyte/asn1.go b/vendor/golang.org/x/crypto/cryptobyte/asn1.go
index 6fc2838a3..2492f796a 100644
--- a/vendor/golang.org/x/crypto/cryptobyte/asn1.go
+++ b/vendor/golang.org/x/crypto/cryptobyte/asn1.go
@@ -733,13 +733,14 @@ func (s *String) ReadOptionalASN1OctetString(out *[]byte, outPresent *bool, tag
 	return true
 }
 
-// ReadOptionalASN1Boolean sets *out to the value of the next ASN.1 BOOLEAN or,
-// if the next bytes are not an ASN.1 BOOLEAN, to the value of defaultValue.
-// It reports whether the operation was successful.
-func (s *String) ReadOptionalASN1Boolean(out *bool, defaultValue bool) bool {
+// ReadOptionalASN1Boolean attempts to read an optional ASN.1 BOOLEAN
+// explicitly tagged with tag into out and advances. If no element with a
+// matching tag is present, it sets "out" to defaultValue instead. It reports
+// whether the read was successful.
+func (s *String) ReadOptionalASN1Boolean(out *bool, tag asn1.Tag, defaultValue bool) bool {
 	var present bool
 	var child String
-	if !s.ReadOptionalASN1(&child, &present, asn1.BOOLEAN) {
+	if !s.ReadOptionalASN1(&child, &present, tag) {
 		return false
 	}
 
@@ -748,7 +749,7 @@ func (s *String) ReadOptionalASN1Boolean(out *bool, defaultValue bool) bool {
 		return true
 	}
 
-	return s.ReadASN1Boolean(out)
+	return child.ReadASN1Boolean(out)
 }
 
 func (s *String) readASN1(out *String, outTag *asn1.Tag, skipHeader bool) bool {
diff --git a/vendor/golang.org/x/crypto/ssh/channel.go b/vendor/golang.org/x/crypto/ssh/channel.go
index c0834c00d..cc0bb7ab6 100644
--- a/vendor/golang.org/x/crypto/ssh/channel.go
+++ b/vendor/golang.org/x/crypto/ssh/channel.go
@@ -187,9 +187,11 @@ type channel struct {
 	pending    *buffer
 	extPending *buffer
 
-	// windowMu protects myWindow, the flow-control window.
-	windowMu sync.Mutex
-	myWindow uint32
+	// windowMu protects myWindow, the flow-control window, and myConsumed,
+	// the number of bytes consumed since we last increased myWindow
+	windowMu   sync.Mutex
+	myWindow   uint32
+	myConsumed uint32
 
 	// writeMu serializes calls to mux.conn.writePacket() and
 	// protects sentClose and packetPool. This mutex must be
@@ -332,14 +334,24 @@ func (ch *channel) handleData(packet []byte) error {
 	return nil
 }
 
-func (c *channel) adjustWindow(n uint32) error {
+func (c *channel) adjustWindow(adj uint32) error {
 	c.windowMu.Lock()
-	// Since myWindow is managed on our side, and can never exceed
-	// the initial window setting, we don't worry about overflow.
-	c.myWindow += uint32(n)
+	// Since myConsumed and myWindow are managed on our side, and can never
+	// exceed the initial window setting, we don't worry about overflow.
+	c.myConsumed += adj
+	var sendAdj uint32
+	if (channelWindowSize-c.myWindow > 3*c.maxIncomingPayload) ||
+		(c.myWindow < channelWindowSize/2) {
+		sendAdj = c.myConsumed
+		c.myConsumed = 0
+		c.myWindow += sendAdj
+	}
 	c.windowMu.Unlock()
+	if sendAdj == 0 {
+		return nil
+	}
 	return c.sendMessage(windowAdjustMsg{
-		AdditionalBytes: uint32(n),
+		AdditionalBytes: sendAdj,
 	})
 }
 
diff --git a/vendor/golang.org/x/crypto/ssh/client.go b/vendor/golang.org/x/crypto/ssh/client.go
index bdc356cbd..fd8c49749 100644
--- a/vendor/golang.org/x/crypto/ssh/client.go
+++ b/vendor/golang.org/x/crypto/ssh/client.go
@@ -82,7 +82,7 @@ func NewClientConn(c net.Conn, addr string, config *ClientConfig) (Conn, <-chan
 
 	if err := conn.clientHandshake(addr, &fullConf); err != nil {
 		c.Close()
-		return nil, nil, nil, fmt.Errorf("ssh: handshake failed: %v", err)
+		return nil, nil, nil, fmt.Errorf("ssh: handshake failed: %w", err)
 	}
 	conn.mux = newMux(conn.transport)
 	return conn, conn.mux.incomingChannels, conn.mux.incomingRequests, nil
diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go
index 5c3bc2572..34bf089d0 100644
--- a/vendor/golang.org/x/crypto/ssh/client_auth.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth.go
@@ -307,7 +307,10 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
 	}
 	var methods []string
 	var errSigAlgo error
-	for _, signer := range signers {
+
+	origSignersLen := len(signers)
+	for idx := 0; idx < len(signers); idx++ {
+		signer := signers[idx]
 		pub := signer.PublicKey()
 		as, algo, err := pickSignatureAlgorithm(signer, extensions)
 		if err != nil && errSigAlgo == nil {
@@ -321,6 +324,21 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
 		if err != nil {
 			return authFailure, nil, err
 		}
+		// OpenSSH 7.2-7.7 advertises support for rsa-sha2-256 and rsa-sha2-512
+		// in the "server-sig-algs" extension but doesn't support these
+		// algorithms for certificate authentication, so if the server rejects
+		// the key try to use the obtained algorithm as if "server-sig-algs" had
+		// not been implemented if supported from the algorithm signer.
+		if !ok && idx < origSignersLen && isRSACert(algo) && algo != CertAlgoRSAv01 {
+			if contains(as.Algorithms(), KeyAlgoRSA) {
+				// We retry using the compat algorithm after all signers have
+				// been tried normally.
+				signers = append(signers, &multiAlgorithmSigner{
+					AlgorithmSigner:     as,
+					supportedAlgorithms: []string{KeyAlgoRSA},
+				})
+			}
+		}
 		if !ok {
 			continue
 		}
diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go
index dd2ab0d69..7e9c2cbc6 100644
--- a/vendor/golang.org/x/crypto/ssh/common.go
+++ b/vendor/golang.org/x/crypto/ssh/common.go
@@ -127,6 +127,14 @@ func isRSA(algo string) bool {
 	return contains(algos, underlyingAlgo(algo))
 }
 
+func isRSACert(algo string) bool {
+	_, ok := certKeyAlgoNames[algo]
+	if !ok {
+		return false
+	}
+	return isRSA(algo)
+}
+
 // supportedPubKeyAuthAlgos specifies the supported client public key
 // authentication algorithms. Note that this doesn't include certificate types
 // since those use the underlying algorithm. This list is sent to the client if
diff --git a/vendor/golang.org/x/crypto/ssh/handshake.go b/vendor/golang.org/x/crypto/ssh/handshake.go
index 49bbba769..56cdc7c21 100644
--- a/vendor/golang.org/x/crypto/ssh/handshake.go
+++ b/vendor/golang.org/x/crypto/ssh/handshake.go
@@ -35,6 +35,16 @@ type keyingTransport interface {
 	// direction will be effected if a msgNewKeys message is sent
 	// or received.
 	prepareKeyChange(*algorithms, *kexResult) error
+
+	// setStrictMode sets the strict KEX mode, notably triggering
+	// sequence number resets on sending or receiving msgNewKeys.
+	// If the sequence number is already > 1 when setStrictMode
+	// is called, an error is returned.
+	setStrictMode() error
+
+	// setInitialKEXDone indicates to the transport that the initial key exchange
+	// was completed
+	setInitialKEXDone()
 }
 
 // handshakeTransport implements rekeying on top of a keyingTransport
@@ -100,6 +110,10 @@ type handshakeTransport struct {
 
 	// The session ID or nil if first kex did not complete yet.
 	sessionID []byte
+
+	// strictMode indicates if the other side of the handshake indicated
+	// that we should be following the strict KEX protocol restrictions.
+	strictMode bool
 }
 
 type pendingKex struct {
@@ -209,7 +223,10 @@ func (t *handshakeTransport) readLoop() {
 			close(t.incoming)
 			break
 		}
-		if p[0] == msgIgnore || p[0] == msgDebug {
+		// If this is the first kex, and strict KEX mode is enabled,
+		// we don't ignore any messages, as they may be used to manipulate
+		// the packet sequence numbers.
+		if !(t.sessionID == nil && t.strictMode) && (p[0] == msgIgnore || p[0] == msgDebug) {
 			continue
 		}
 		t.incoming <- p
@@ -441,6 +458,11 @@ func (t *handshakeTransport) readOnePacket(first bool) ([]byte, error) {
 	return successPacket, nil
 }
 
+const (
+	kexStrictClient = "kex-strict-c-v00@openssh.com"
+	kexStrictServer = "kex-strict-s-v00@openssh.com"
+)
+
 // sendKexInit sends a key change message.
 func (t *handshakeTransport) sendKexInit() error {
 	t.mu.Lock()
@@ -454,7 +476,6 @@ func (t *handshakeTransport) sendKexInit() error {
 	}
 
 	msg := &kexInitMsg{
-		KexAlgos:                t.config.KeyExchanges,
 		CiphersClientServer:     t.config.Ciphers,
 		CiphersServerClient:     t.config.Ciphers,
 		MACsClientServer:        t.config.MACs,
@@ -464,6 +485,13 @@ func (t *handshakeTransport) sendKexInit() error {
 	}
 	io.ReadFull(rand.Reader, msg.Cookie[:])
 
+	// We mutate the KexAlgos slice, in order to add the kex-strict extension algorithm,
+	// and possibly to add the ext-info extension algorithm. Since the slice may be the
+	// user owned KeyExchanges, we create our own slice in order to avoid using user
+	// owned memory by mistake.
+	msg.KexAlgos = make([]string, 0, len(t.config.KeyExchanges)+2) // room for kex-strict and ext-info
+	msg.KexAlgos = append(msg.KexAlgos, t.config.KeyExchanges...)
+
 	isServer := len(t.hostKeys) > 0
 	if isServer {
 		for _, k := range t.hostKeys {
@@ -488,17 +516,24 @@ func (t *handshakeTransport) sendKexInit() error {
 				msg.ServerHostKeyAlgos = append(msg.ServerHostKeyAlgos, keyFormat)
 			}
 		}
+
+		if t.sessionID == nil {
+			msg.KexAlgos = append(msg.KexAlgos, kexStrictServer)
+		}
 	} else {
 		msg.ServerHostKeyAlgos = t.hostKeyAlgorithms
 
 		// As a client we opt in to receiving SSH_MSG_EXT_INFO so we know what
 		// algorithms the server supports for public key authentication. See RFC
 		// 8308, Section 2.1.
+		//
+		// We also send the strict KEX mode extension algorithm, in order to opt
+		// into the strict KEX mode.
 		if firstKeyExchange := t.sessionID == nil; firstKeyExchange {
-			msg.KexAlgos = make([]string, 0, len(t.config.KeyExchanges)+1)
-			msg.KexAlgos = append(msg.KexAlgos, t.config.KeyExchanges...)
 			msg.KexAlgos = append(msg.KexAlgos, "ext-info-c")
+			msg.KexAlgos = append(msg.KexAlgos, kexStrictClient)
 		}
+
 	}
 
 	packet := Marshal(msg)
@@ -604,6 +639,13 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 		return err
 	}
 
+	if t.sessionID == nil && ((isClient && contains(serverInit.KexAlgos, kexStrictServer)) || (!isClient && contains(clientInit.KexAlgos, kexStrictClient))) {
+		t.strictMode = true
+		if err := t.conn.setStrictMode(); err != nil {
+			return err
+		}
+	}
+
 	// We don't send FirstKexFollows, but we handle receiving it.
 	//
 	// RFC 4253 section 7 defines the kex and the agreement method for
@@ -679,6 +721,12 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
 		return unexpectedMessageError(msgNewKeys, packet[0])
 	}
 
+	if firstKeyExchange {
+		// Indicates to the transport that the first key exchange is completed
+		// after receiving SSH_MSG_NEWKEYS.
+		t.conn.setInitialKEXDone()
+	}
+
 	return nil
 }
 
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index 8f1505af9..c2dfe3268 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -213,6 +213,7 @@ func NewServerConn(c net.Conn, config *ServerConfig) (*ServerConn, <-chan NewCha
 	} else {
 		for _, algo := range fullConf.PublicKeyAuthAlgorithms {
 			if !contains(supportedPubKeyAuthAlgos, algo) {
+				c.Close()
 				return nil, nil, nil, fmt.Errorf("ssh: unsupported public key authentication algorithm %s", algo)
 			}
 		}
@@ -220,6 +221,7 @@ func NewServerConn(c net.Conn, config *ServerConfig) (*ServerConn, <-chan NewCha
 	// Check if the config contains any unsupported key exchanges
 	for _, kex := range fullConf.KeyExchanges {
 		if _, ok := serverForbiddenKexAlgos[kex]; ok {
+			c.Close()
 			return nil, nil, nil, fmt.Errorf("ssh: unsupported key exchange %s for server", kex)
 		}
 	}
@@ -337,7 +339,7 @@ func checkSourceAddress(addr net.Addr, sourceAddrs string) error {
 	return fmt.Errorf("ssh: remote address %v is not allowed because of source-address restriction", addr)
 }
 
-func gssExchangeToken(gssapiConfig *GSSAPIWithMICConfig, firstToken []byte, s *connection,
+func gssExchangeToken(gssapiConfig *GSSAPIWithMICConfig, token []byte, s *connection,
 	sessionID []byte, userAuthReq userAuthRequestMsg) (authErr error, perms *Permissions, err error) {
 	gssAPIServer := gssapiConfig.Server
 	defer gssAPIServer.DeleteSecContext()
@@ -347,7 +349,7 @@ func gssExchangeToken(gssapiConfig *GSSAPIWithMICConfig, firstToken []byte, s *c
 			outToken     []byte
 			needContinue bool
 		)
-		outToken, srcName, needContinue, err = gssAPIServer.AcceptSecContext(firstToken)
+		outToken, srcName, needContinue, err = gssAPIServer.AcceptSecContext(token)
 		if err != nil {
 			return err, nil, nil
 		}
@@ -369,6 +371,7 @@ func gssExchangeToken(gssapiConfig *GSSAPIWithMICConfig, firstToken []byte, s *c
 		if err := Unmarshal(packet, userAuthGSSAPITokenReq); err != nil {
 			return nil, nil, err
 		}
+		token = userAuthGSSAPITokenReq.Token
 	}
 	packet, err := s.transport.readPacket()
 	if err != nil {
diff --git a/vendor/golang.org/x/crypto/ssh/tcpip.go b/vendor/golang.org/x/crypto/ssh/tcpip.go
index 80d35f5ec..ef5059a11 100644
--- a/vendor/golang.org/x/crypto/ssh/tcpip.go
+++ b/vendor/golang.org/x/crypto/ssh/tcpip.go
@@ -5,6 +5,7 @@
 package ssh
 
 import (
+	"context"
 	"errors"
 	"fmt"
 	"io"
@@ -332,6 +333,40 @@ func (l *tcpListener) Addr() net.Addr {
 	return l.laddr
 }
 
+// DialContext initiates a connection to the addr from the remote host.
+//
+// The provided Context must be non-nil. If the context expires before the
+// connection is complete, an error is returned. Once successfully connected,
+// any expiration of the context will not affect the connection.
+//
+// See func Dial for additional information.
+func (c *Client) DialContext(ctx context.Context, n, addr string) (net.Conn, error) {
+	if err := ctx.Err(); err != nil {
+		return nil, err
+	}
+	type connErr struct {
+		conn net.Conn
+		err  error
+	}
+	ch := make(chan connErr)
+	go func() {
+		conn, err := c.Dial(n, addr)
+		select {
+		case ch <- connErr{conn, err}:
+		case <-ctx.Done():
+			if conn != nil {
+				conn.Close()
+			}
+		}
+	}()
+	select {
+	case res := <-ch:
+		return res.conn, res.err
+	case <-ctx.Done():
+		return nil, ctx.Err()
+	}
+}
+
 // Dial initiates a connection to the addr from the remote host.
 // The resulting connection has a zero LocalAddr() and RemoteAddr().
 func (c *Client) Dial(n, addr string) (net.Conn, error) {
diff --git a/vendor/golang.org/x/crypto/ssh/transport.go b/vendor/golang.org/x/crypto/ssh/transport.go
index da015801e..0424d2d37 100644
--- a/vendor/golang.org/x/crypto/ssh/transport.go
+++ b/vendor/golang.org/x/crypto/ssh/transport.go
@@ -49,6 +49,9 @@ type transport struct {
 	rand      io.Reader
 	isClient  bool
 	io.Closer
+
+	strictMode     bool
+	initialKEXDone bool
 }
 
 // packetCipher represents a combination of SSH encryption/MAC
@@ -74,6 +77,18 @@ type connectionState struct {
 	pendingKeyChange chan packetCipher
 }
 
+func (t *transport) setStrictMode() error {
+	if t.reader.seqNum != 1 {
+		return errors.New("ssh: sequence number != 1 when strict KEX mode requested")
+	}
+	t.strictMode = true
+	return nil
+}
+
+func (t *transport) setInitialKEXDone() {
+	t.initialKEXDone = true
+}
+
 // prepareKeyChange sets up key material for a keychange. The key changes in
 // both directions are triggered by reading and writing a msgNewKey packet
 // respectively.
@@ -112,11 +127,12 @@ func (t *transport) printPacket(p []byte, write bool) {
 // Read and decrypt next packet.
 func (t *transport) readPacket() (p []byte, err error) {
 	for {
-		p, err = t.reader.readPacket(t.bufReader)
+		p, err = t.reader.readPacket(t.bufReader, t.strictMode)
 		if err != nil {
 			break
 		}
-		if len(p) == 0 || (p[0] != msgIgnore && p[0] != msgDebug) {
+		// in strict mode we pass through DEBUG and IGNORE packets only during the initial KEX
+		if len(p) == 0 || (t.strictMode && !t.initialKEXDone) || (p[0] != msgIgnore && p[0] != msgDebug) {
 			break
 		}
 	}
@@ -127,7 +143,7 @@ func (t *transport) readPacket() (p []byte, err error) {
 	return p, err
 }
 
-func (s *connectionState) readPacket(r *bufio.Reader) ([]byte, error) {
+func (s *connectionState) readPacket(r *bufio.Reader, strictMode bool) ([]byte, error) {
 	packet, err := s.packetCipher.readCipherPacket(s.seqNum, r)
 	s.seqNum++
 	if err == nil && len(packet) == 0 {
@@ -140,6 +156,9 @@ func (s *connectionState) readPacket(r *bufio.Reader) ([]byte, error) {
 			select {
 			case cipher := <-s.pendingKeyChange:
 				s.packetCipher = cipher
+				if strictMode {
+					s.seqNum = 0
+				}
 			default:
 				return nil, errors.New("ssh: got bogus newkeys message")
 			}
@@ -170,10 +189,10 @@ func (t *transport) writePacket(packet []byte) error {
 	if debugTransport {
 		t.printPacket(packet, true)
 	}
-	return t.writer.writePacket(t.bufWriter, t.rand, packet)
+	return t.writer.writePacket(t.bufWriter, t.rand, packet, t.strictMode)
 }
 
-func (s *connectionState) writePacket(w *bufio.Writer, rand io.Reader, packet []byte) error {
+func (s *connectionState) writePacket(w *bufio.Writer, rand io.Reader, packet []byte, strictMode bool) error {
 	changeKeys := len(packet) > 0 && packet[0] == msgNewKeys
 
 	err := s.packetCipher.writeCipherPacket(s.seqNum, w, rand, packet)
@@ -188,6 +207,9 @@ func (s *connectionState) writePacket(w *bufio.Writer, rand io.Reader, packet []
 		select {
 		case cipher := <-s.pendingKeyChange:
 			s.packetCipher = cipher
+			if strictMode {
+				s.seqNum = 0
+			}
 		default:
 			panic("ssh: no key material for msgNewKeys")
 		}
diff --git a/vendor/golang.org/x/sys/unix/fcntl.go b/vendor/golang.org/x/sys/unix/fcntl.go
index 58c6bfc70..6200876fb 100644
--- a/vendor/golang.org/x/sys/unix/fcntl.go
+++ b/vendor/golang.org/x/sys/unix/fcntl.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build dragonfly || freebsd || linux || netbsd || openbsd
+//go:build dragonfly || freebsd || linux || netbsd
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go
index 0d12c0851..dbe680eab 100644
--- a/vendor/golang.org/x/sys/unix/ioctl_linux.go
+++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go
@@ -231,3 +231,8 @@ func IoctlLoopGetStatus64(fd int) (*LoopInfo64, error) {
 func IoctlLoopSetStatus64(fd int, value *LoopInfo64) error {
 	return ioctlPtr(fd, LOOP_SET_STATUS64, unsafe.Pointer(value))
 }
+
+// IoctlLoopConfigure configures all loop device parameters in a single step
+func IoctlLoopConfigure(fd int, value *LoopConfig) error {
+	return ioctlPtr(fd, LOOP_CONFIGURE, unsafe.Pointer(value))
+}
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index cbe24150a..6202638ba 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -519,6 +519,7 @@ ccflags="$@"
 		$2 ~ /^LOCK_(SH|EX|NB|UN)$/ ||
 		$2 ~ /^LO_(KEY|NAME)_SIZE$/ ||
 		$2 ~ /^LOOP_(CLR|CTL|GET|SET)_/ ||
+		$2 == "LOOP_CONFIGURE" ||
 		$2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MREMAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ ||
 		$2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ ||
 		$2 ~ /^NFC_.*_(MAX)?SIZE$/ ||
@@ -560,7 +561,7 @@ ccflags="$@"
 		$2 ~ /^RLIMIT_(AS|CORE|CPU|DATA|FSIZE|LOCKS|MEMLOCK|MSGQUEUE|NICE|NOFILE|NPROC|RSS|RTPRIO|RTTIME|SIGPENDING|STACK)|RLIM_INFINITY/ ||
 		$2 ~ /^PRIO_(PROCESS|PGRP|USER)/ ||
 		$2 ~ /^CLONE_[A-Z_]+/ ||
-		$2 !~ /^(BPF_TIMEVAL|BPF_FIB_LOOKUP_[A-Z]+)$/ &&
+		$2 !~ /^(BPF_TIMEVAL|BPF_FIB_LOOKUP_[A-Z]+|BPF_F_LINK)$/ &&
 		$2 ~ /^(BPF|DLT)_/ ||
 		$2 ~ /^AUDIT_/ ||
 		$2 ~ /^(CLOCK|TIMER)_/ ||
diff --git a/vendor/golang.org/x/sys/unix/syscall_bsd.go b/vendor/golang.org/x/sys/unix/syscall_bsd.go
index 6f328e3a5..a00c3e545 100644
--- a/vendor/golang.org/x/sys/unix/syscall_bsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_bsd.go
@@ -316,7 +316,7 @@ func GetsockoptString(fd, level, opt int) (string, error) {
 	if err != nil {
 		return "", err
 	}
-	return string(buf[:vallen-1]), nil
+	return ByteSliceToString(buf[:vallen]), nil
 }
 
 //sys	recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index a5e1c10e3..0f85e29e6 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -61,15 +61,23 @@ func FanotifyMark(fd int, flags uint, mask uint64, dirFd int, pathname string) (
 }
 
 //sys	fchmodat(dirfd int, path string, mode uint32) (err error)
-
-func Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
-	// Linux fchmodat doesn't support the flags parameter. Mimick glibc's behavior
-	// and check the flags. Otherwise the mode would be applied to the symlink
-	// destination which is not what the user expects.
-	if flags&^AT_SYMLINK_NOFOLLOW != 0 {
-		return EINVAL
-	} else if flags&AT_SYMLINK_NOFOLLOW != 0 {
-		return EOPNOTSUPP
+//sys	fchmodat2(dirfd int, path string, mode uint32, flags int) (err error)
+
+func Fchmodat(dirfd int, path string, mode uint32, flags int) error {
+	// Linux fchmodat doesn't support the flags parameter, but fchmodat2 does.
+	// Try fchmodat2 if flags are specified.
+	if flags != 0 {
+		err := fchmodat2(dirfd, path, mode, flags)
+		if err == ENOSYS {
+			// fchmodat2 isn't available. If the flags are known to be valid,
+			// return EOPNOTSUPP to indicate that fchmodat doesn't support them.
+			if flags&^(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 {
+				return EINVAL
+			} else if flags&(AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) != 0 {
+				return EOPNOTSUPP
+			}
+		}
+		return err
 	}
 	return fchmodat(dirfd, path, mode)
 }
@@ -1302,7 +1310,7 @@ func GetsockoptString(fd, level, opt int) (string, error) {
 			return "", err
 		}
 	}
-	return string(buf[:vallen-1]), nil
+	return ByteSliceToString(buf[:vallen]), nil
 }
 
 func GetsockoptTpacketStats(fd, level, opt int) (*TpacketStats, error) {
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
index d2882ee04..b25343c71 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
@@ -166,6 +166,20 @@ func Getresgid() (rgid, egid, sgid int) {
 
 //sys	sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS___SYSCTL
 
+//sys	fcntl(fd int, cmd int, arg int) (n int, err error)
+//sys	fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) = SYS_FCNTL
+
+// FcntlInt performs a fcntl syscall on fd with the provided command and argument.
+func FcntlInt(fd uintptr, cmd, arg int) (int, error) {
+	return fcntl(int(fd), cmd, arg)
+}
+
+// FcntlFlock performs a fcntl syscall for the F_GETLK, F_SETLK or F_SETLKW command.
+func FcntlFlock(fd uintptr, cmd int, lk *Flock_t) error {
+	_, err := fcntlPtr(int(fd), cmd, unsafe.Pointer(lk))
+	return err
+}
+
 //sys	ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error)
 
 func Ppoll(fds []PollFd, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go
index 60c8142d4..21974af06 100644
--- a/vendor/golang.org/x/sys/unix/syscall_solaris.go
+++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go
@@ -158,7 +158,7 @@ func GetsockoptString(fd, level, opt int) (string, error) {
 	if err != nil {
 		return "", err
 	}
-	return string(buf[:vallen-1]), nil
+	return ByteSliceToString(buf[:vallen]), nil
 }
 
 const ImplementsGetwd = true
diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
index d99d05f1b..b473038c6 100644
--- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
@@ -1104,7 +1104,7 @@ func GetsockoptString(fd, level, opt int) (string, error) {
 		return "", err
 	}
 
-	return string(buf[:vallen-1]), nil
+	return ByteSliceToString(buf[:vallen]), nil
 }
 
 func Recvmsg(fd int, p, oob []byte, flags int) (n, oobn int, recvflags int, from Sockaddr, err error) {
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index 9c00cbf51..c73cfe2f1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -486,7 +486,6 @@ const (
 	BPF_F_ANY_ALIGNMENT                         = 0x2
 	BPF_F_BEFORE                                = 0x8
 	BPF_F_ID                                    = 0x20
-	BPF_F_LINK                                  = 0x2000
 	BPF_F_NETFILTER_IP_DEFRAG                   = 0x1
 	BPF_F_QUERY_EFFECTIVE                       = 0x1
 	BPF_F_REPLACE                               = 0x4
@@ -1802,6 +1801,7 @@ const (
 	LOCK_SH                                     = 0x1
 	LOCK_UN                                     = 0x8
 	LOOP_CLR_FD                                 = 0x4c01
+	LOOP_CONFIGURE                              = 0x4c0a
 	LOOP_CTL_ADD                                = 0x4c80
 	LOOP_CTL_GET_FREE                           = 0x4c82
 	LOOP_CTL_REMOVE                             = 0x4c81
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index faca7a557..1488d2712 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -37,6 +37,21 @@ func fchmodat(dirfd int, path string, mode uint32) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fchmodat2(dirfd int, path string, mode uint32, flags int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	_, _, e1 := Syscall6(SYS_FCHMODAT2, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	_, _, e1 := Syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
index 88bfc2885..a1d061597 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
@@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fcntl(fd int, cmd int, arg int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_fcntl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_fcntl fcntl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
 	r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0)
 	n = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
index 4cbeff171..41b561731 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
@@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $4
 DATA	·libc_sysctl_trampoline_addr(SB)/4, $libc_sysctl_trampoline<>(SB)
 
+TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_fcntl(SB)
+GLOBL	·libc_fcntl_trampoline_addr(SB), RODATA, $4
+DATA	·libc_fcntl_trampoline_addr(SB)/4, $libc_fcntl_trampoline<>(SB)
+
 TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ppoll(SB)
 GLOBL	·libc_ppoll_trampoline_addr(SB), RODATA, $4
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
index b8a67b99a..5b2a74097 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
@@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fcntl(fd int, cmd int, arg int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_fcntl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_fcntl fcntl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
 	r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0)
 	n = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
index 1123f2757..4019a656f 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
@@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
+TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_fcntl(SB)
+GLOBL	·libc_fcntl_trampoline_addr(SB), RODATA, $8
+DATA	·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB)
+
 TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ppoll(SB)
 GLOBL	·libc_ppoll_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
index af50a65c0..f6eda1344 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
@@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fcntl(fd int, cmd int, arg int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_fcntl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_fcntl fcntl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
 	r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0)
 	n = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
index 82badae39..ac4af24f9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
@@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $4
 DATA	·libc_sysctl_trampoline_addr(SB)/4, $libc_sysctl_trampoline<>(SB)
 
+TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_fcntl(SB)
+GLOBL	·libc_fcntl_trampoline_addr(SB), RODATA, $4
+DATA	·libc_fcntl_trampoline_addr(SB)/4, $libc_fcntl_trampoline<>(SB)
+
 TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ppoll(SB)
 GLOBL	·libc_ppoll_trampoline_addr(SB), RODATA, $4
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
index 8fb4ff36a..55df20ae9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
@@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fcntl(fd int, cmd int, arg int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_fcntl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_fcntl fcntl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
 	r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0)
 	n = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
index 24d7eecb9..f77d53212 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
@@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
+TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_fcntl(SB)
+GLOBL	·libc_fcntl_trampoline_addr(SB), RODATA, $8
+DATA	·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB)
+
 TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ppoll(SB)
 GLOBL	·libc_ppoll_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
index f469a83ee..8c1155cbc 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
@@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fcntl(fd int, cmd int, arg int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_fcntl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_fcntl fcntl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
 	r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0)
 	n = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
index 9a498a067..fae140b62 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
@@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
+TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_fcntl(SB)
+GLOBL	·libc_fcntl_trampoline_addr(SB), RODATA, $8
+DATA	·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB)
+
 TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ppoll(SB)
 GLOBL	·libc_ppoll_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
index c26ca2e1a..7cc80c58d 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
@@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fcntl(fd int, cmd int, arg int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_fcntl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_fcntl fcntl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
 	r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0)
 	n = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
index 1f224aa41..9d1e0ff06 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
@@ -213,6 +213,12 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
+TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
+	CALL	libc_fcntl(SB)
+	RET
+GLOBL	·libc_fcntl_trampoline_addr(SB), RODATA, $8
+DATA	·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB)
+
 TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0
 	CALL	libc_ppoll(SB)
 	RET
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
index bcc920dd2..0688737f4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
@@ -584,6 +584,32 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fcntl(fd int, cmd int, arg int) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_fcntl_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_fcntl fcntl "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fcntlPtr(fd int, cmd int, arg unsafe.Pointer) (n int, err error) {
+	r0, _, e1 := syscall_syscall(libc_fcntl_trampoline_addr, uintptr(fd), uintptr(cmd), uintptr(arg))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ppoll(fds *PollFd, nfds int, timeout *Timespec, sigmask *Sigset_t) (n int, err error) {
 	r0, _, e1 := syscall_syscall6(libc_ppoll_trampoline_addr, uintptr(unsafe.Pointer(fds)), uintptr(nfds), uintptr(unsafe.Pointer(timeout)), uintptr(unsafe.Pointer(sigmask)), 0, 0)
 	n = int(r0)
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
index 87a79c709..da115f9a4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
@@ -178,6 +178,11 @@ TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
+TEXT libc_fcntl_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_fcntl(SB)
+GLOBL	·libc_fcntl_trampoline_addr(SB), RODATA, $8
+DATA	·libc_fcntl_trampoline_addr(SB)/8, $libc_fcntl_trampoline<>(SB)
+
 TEXT libc_ppoll_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_ppoll(SB)
 GLOBL	·libc_ppoll_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 997bcd55a..bbf8399ff 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -2671,6 +2671,7 @@ const (
 	BPF_PROG_TYPE_LSM                          = 0x1d
 	BPF_PROG_TYPE_SK_LOOKUP                    = 0x1e
 	BPF_PROG_TYPE_SYSCALL                      = 0x1f
+	BPF_PROG_TYPE_NETFILTER                    = 0x20
 	BPF_CGROUP_INET_INGRESS                    = 0x0
 	BPF_CGROUP_INET_EGRESS                     = 0x1
 	BPF_CGROUP_INET_SOCK_CREATE                = 0x2
@@ -2715,6 +2716,11 @@ const (
 	BPF_PERF_EVENT                             = 0x29
 	BPF_TRACE_KPROBE_MULTI                     = 0x2a
 	BPF_LSM_CGROUP                             = 0x2b
+	BPF_STRUCT_OPS                             = 0x2c
+	BPF_NETFILTER                              = 0x2d
+	BPF_TCX_INGRESS                            = 0x2e
+	BPF_TCX_EGRESS                             = 0x2f
+	BPF_TRACE_UPROBE_MULTI                     = 0x30
 	BPF_LINK_TYPE_UNSPEC                       = 0x0
 	BPF_LINK_TYPE_RAW_TRACEPOINT               = 0x1
 	BPF_LINK_TYPE_TRACING                      = 0x2
@@ -2725,6 +2731,18 @@ const (
 	BPF_LINK_TYPE_PERF_EVENT                   = 0x7
 	BPF_LINK_TYPE_KPROBE_MULTI                 = 0x8
 	BPF_LINK_TYPE_STRUCT_OPS                   = 0x9
+	BPF_LINK_TYPE_NETFILTER                    = 0xa
+	BPF_LINK_TYPE_TCX                          = 0xb
+	BPF_LINK_TYPE_UPROBE_MULTI                 = 0xc
+	BPF_PERF_EVENT_UNSPEC                      = 0x0
+	BPF_PERF_EVENT_UPROBE                      = 0x1
+	BPF_PERF_EVENT_URETPROBE                   = 0x2
+	BPF_PERF_EVENT_KPROBE                      = 0x3
+	BPF_PERF_EVENT_KRETPROBE                   = 0x4
+	BPF_PERF_EVENT_TRACEPOINT                  = 0x5
+	BPF_PERF_EVENT_EVENT                       = 0x6
+	BPF_F_KPROBE_MULTI_RETURN                  = 0x1
+	BPF_F_UPROBE_MULTI_RETURN                  = 0x1
 	BPF_ANY                                    = 0x0
 	BPF_NOEXIST                                = 0x1
 	BPF_EXIST                                  = 0x2
@@ -2742,6 +2760,8 @@ const (
 	BPF_F_MMAPABLE                             = 0x400
 	BPF_F_PRESERVE_ELEMS                       = 0x800
 	BPF_F_INNER_MAP                            = 0x1000
+	BPF_F_LINK                                 = 0x2000
+	BPF_F_PATH_FD                              = 0x4000
 	BPF_STATS_RUN_TIME                         = 0x0
 	BPF_STACK_BUILD_ID_EMPTY                   = 0x0
 	BPF_STACK_BUILD_ID_VALID                   = 0x1
@@ -2762,6 +2782,7 @@ const (
 	BPF_F_ZERO_CSUM_TX                         = 0x2
 	BPF_F_DONT_FRAGMENT                        = 0x4
 	BPF_F_SEQ_NUMBER                           = 0x8
+	BPF_F_NO_TUNNEL_KEY                        = 0x10
 	BPF_F_TUNINFO_FLAGS                        = 0x10
 	BPF_F_INDEX_MASK                           = 0xffffffff
 	BPF_F_CURRENT_CPU                          = 0xffffffff
@@ -2778,6 +2799,8 @@ const (
 	BPF_F_ADJ_ROOM_ENCAP_L4_UDP                = 0x10
 	BPF_F_ADJ_ROOM_NO_CSUM_RESET               = 0x20
 	BPF_F_ADJ_ROOM_ENCAP_L2_ETH                = 0x40
+	BPF_F_ADJ_ROOM_DECAP_L3_IPV4               = 0x80
+	BPF_F_ADJ_ROOM_DECAP_L3_IPV6               = 0x100
 	BPF_ADJ_ROOM_ENCAP_L2_MASK                 = 0xff
 	BPF_ADJ_ROOM_ENCAP_L2_SHIFT                = 0x38
 	BPF_F_SYSCTL_BASE_NAME                     = 0x1
@@ -2866,6 +2889,8 @@ const (
 	BPF_DEVCG_DEV_CHAR                         = 0x2
 	BPF_FIB_LOOKUP_DIRECT                      = 0x1
 	BPF_FIB_LOOKUP_OUTPUT                      = 0x2
+	BPF_FIB_LOOKUP_SKIP_NEIGH                  = 0x4
+	BPF_FIB_LOOKUP_TBID                        = 0x8
 	BPF_FIB_LKUP_RET_SUCCESS                   = 0x0
 	BPF_FIB_LKUP_RET_BLACKHOLE                 = 0x1
 	BPF_FIB_LKUP_RET_UNREACHABLE               = 0x2
@@ -2901,6 +2926,7 @@ const (
 	BPF_CORE_ENUMVAL_EXISTS                    = 0xa
 	BPF_CORE_ENUMVAL_VALUE                     = 0xb
 	BPF_CORE_TYPE_MATCHES                      = 0xc
+	BPF_F_TIMER_ABS                            = 0x1
 )
 
 const (
@@ -2979,6 +3005,12 @@ type LoopInfo64 struct {
 	Encrypt_key      [32]uint8
 	Init             [2]uint64
 }
+type LoopConfig struct {
+	Fd   uint32
+	Size uint32
+	Info LoopInfo64
+	_    [8]uint64
+}
 
 type TIPCSocketAddr struct {
 	Ref  uint32
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index fb6cfd046..47dc57967 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -155,6 +155,8 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	GetModuleFileName(module Handle, filename *uint16, size uint32) (n uint32, err error) = kernel32.GetModuleFileNameW
 //sys	GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err error) = kernel32.GetModuleHandleExW
 //sys	SetDefaultDllDirectories(directoryFlags uint32) (err error)
+//sys	AddDllDirectory(path *uint16) (cookie uintptr, err error) = kernel32.AddDllDirectory
+//sys	RemoveDllDirectory(cookie uintptr) (err error) = kernel32.RemoveDllDirectory
 //sys	SetDllDirectory(path string) (err error) = kernel32.SetDllDirectoryW
 //sys	GetVersion() (ver uint32, err error)
 //sys	FormatMessage(flags uint32, msgsrc uintptr, msgid uint32, langid uint32, buf []uint16, args *byte) (n uint32, err error) = FormatMessageW
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index db6282e00..146a1f019 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -184,6 +184,7 @@ var (
 	procGetAdaptersInfo                                      = modiphlpapi.NewProc("GetAdaptersInfo")
 	procGetBestInterfaceEx                                   = modiphlpapi.NewProc("GetBestInterfaceEx")
 	procGetIfEntry                                           = modiphlpapi.NewProc("GetIfEntry")
+	procAddDllDirectory                                      = modkernel32.NewProc("AddDllDirectory")
 	procAssignProcessToJobObject                             = modkernel32.NewProc("AssignProcessToJobObject")
 	procCancelIo                                             = modkernel32.NewProc("CancelIo")
 	procCancelIoEx                                           = modkernel32.NewProc("CancelIoEx")
@@ -330,6 +331,7 @@ var (
 	procReadProcessMemory                                    = modkernel32.NewProc("ReadProcessMemory")
 	procReleaseMutex                                         = modkernel32.NewProc("ReleaseMutex")
 	procRemoveDirectoryW                                     = modkernel32.NewProc("RemoveDirectoryW")
+	procRemoveDllDirectory                                   = modkernel32.NewProc("RemoveDllDirectory")
 	procResetEvent                                           = modkernel32.NewProc("ResetEvent")
 	procResizePseudoConsole                                  = modkernel32.NewProc("ResizePseudoConsole")
 	procResumeThread                                         = modkernel32.NewProc("ResumeThread")
@@ -1605,6 +1607,15 @@ func GetIfEntry(pIfRow *MibIfRow) (errcode error) {
 	return
 }
 
+func AddDllDirectory(path *uint16) (cookie uintptr, err error) {
+	r0, _, e1 := syscall.Syscall(procAddDllDirectory.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
+	cookie = uintptr(r0)
+	if cookie == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func AssignProcessToJobObject(job Handle, process Handle) (err error) {
 	r1, _, e1 := syscall.Syscall(procAssignProcessToJobObject.Addr(), 2, uintptr(job), uintptr(process), 0)
 	if r1 == 0 {
@@ -2879,6 +2890,14 @@ func RemoveDirectory(path *uint16) (err error) {
 	return
 }
 
+func RemoveDllDirectory(cookie uintptr) (err error) {
+	r1, _, e1 := syscall.Syscall(procRemoveDllDirectory.Addr(), 1, uintptr(cookie), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func ResetEvent(event Handle) (err error) {
 	r1, _, e1 := syscall.Syscall(procResetEvent.Addr(), 1, uintptr(event), 0, 0)
 	if r1 == 0 {
diff --git a/vendor/modules.txt b/vendor/modules.txt
index cf05fb64d..c29837efd 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -130,7 +130,7 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.15.0
+# golang.org/x/crypto v0.17.0
 ## explicit; go 1.18
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
@@ -152,7 +152,7 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 ## explicit; go 1.17
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.14.0
+# golang.org/x/sys v0.15.0
 ## explicit; go 1.18
 golang.org/x/sys/cpu
 golang.org/x/sys/unix

From 2e59ba1dc62310414cddf714cb0fdeb738ba9b81 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 1 Jan 2024 03:58:16 +0000
Subject: [PATCH 53/73] build(deps): bump github.com/prometheus/client_golang

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.17.0 to 1.18.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.17.0...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |  2 +-
 go.sum                                        |  4 +-
 .../client_golang/prometheus/histogram.go     | 56 +++++++++++++++++--
 .../client_golang/prometheus/labels.go        |  2 +
 .../prometheus/process_collector_other.go     |  4 +-
 .../prometheus/process_collector_wasip1.go    | 26 +++++++++
 vendor/modules.txt                            |  2 +-
 7 files changed, 85 insertions(+), 11 deletions(-)
 create mode 100644 vendor/github.com/prometheus/client_golang/prometheus/process_collector_wasip1.go

diff --git a/go.mod b/go.mod
index f323b0692..f302528c4 100644
--- a/go.mod
+++ b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
 	github.com/mattn/go-sqlite3 v1.14.19
-	github.com/prometheus/client_golang v1.17.0
+	github.com/prometheus/client_golang v1.18.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
 	golang.org/x/crypto v0.17.0
diff --git a/go.sum b/go.sum
index 2c0bdb111..f861e0df0 100644
--- a/go.sum
+++ b/go.sum
@@ -278,8 +278,8 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
 github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_golang v1.17.0 h1:rl2sfwZMtSthVU752MqfjQozy7blglC+1SOtjMAMh+Q=
-github.com/prometheus/client_golang v1.17.0/go.mod h1:VeL+gMmOAxkS2IqfCq0ZmHSL+LjWfWDUmp1mBz9JgUY=
+github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk=
+github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
index 1feba62c6..b5c8bcb39 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
@@ -475,6 +475,9 @@ type HistogramOpts struct {
 
 	// now is for testing purposes, by default it's time.Now.
 	now func() time.Time
+
+	// afterFunc is for testing purposes, by default it's time.AfterFunc.
+	afterFunc func(time.Duration, func()) *time.Timer
 }
 
 // HistogramVecOpts bundles the options to create a HistogramVec metric.
@@ -526,7 +529,9 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr
 	if opts.now == nil {
 		opts.now = time.Now
 	}
-
+	if opts.afterFunc == nil {
+		opts.afterFunc = time.AfterFunc
+	}
 	h := &histogram{
 		desc:                            desc,
 		upperBounds:                     opts.Buckets,
@@ -536,6 +541,7 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr
 		nativeHistogramMinResetDuration: opts.NativeHistogramMinResetDuration,
 		lastResetTime:                   opts.now(),
 		now:                             opts.now,
+		afterFunc:                       opts.afterFunc,
 	}
 	if len(h.upperBounds) == 0 && opts.NativeHistogramBucketFactor <= 1 {
 		h.upperBounds = DefBuckets
@@ -716,9 +722,16 @@ type histogram struct {
 	nativeHistogramMinResetDuration time.Duration
 	// lastResetTime is protected by mtx. It is also used as created timestamp.
 	lastResetTime time.Time
+	// resetScheduled is protected by mtx. It is true if a reset is
+	// scheduled for a later time (when nativeHistogramMinResetDuration has
+	// passed).
+	resetScheduled bool
 
 	// now is for testing purposes, by default it's time.Now.
 	now func() time.Time
+
+	// afterFunc is for testing purposes, by default it's time.AfterFunc.
+	afterFunc func(time.Duration, func()) *time.Timer
 }
 
 func (h *histogram) Desc() *Desc {
@@ -874,21 +887,31 @@ func (h *histogram) limitBuckets(counts *histogramCounts, value float64, bucket
 	if h.maybeReset(hotCounts, coldCounts, coldIdx, value, bucket) {
 		return
 	}
+	// One of the other strategies will happen. To undo what they will do as
+	// soon as enough time has passed to satisfy
+	// h.nativeHistogramMinResetDuration, schedule a reset at the right time
+	// if we haven't done so already.
+	if h.nativeHistogramMinResetDuration > 0 && !h.resetScheduled {
+		h.resetScheduled = true
+		h.afterFunc(h.nativeHistogramMinResetDuration-h.now().Sub(h.lastResetTime), h.reset)
+	}
+
 	if h.maybeWidenZeroBucket(hotCounts, coldCounts) {
 		return
 	}
 	h.doubleBucketWidth(hotCounts, coldCounts)
 }
 
-// maybeReset resets the whole histogram if at least h.nativeHistogramMinResetDuration
-// has been passed. It returns true if the histogram has been reset. The caller
-// must have locked h.mtx.
+// maybeReset resets the whole histogram if at least
+// h.nativeHistogramMinResetDuration has been passed. It returns true if the
+// histogram has been reset. The caller must have locked h.mtx.
 func (h *histogram) maybeReset(
 	hot, cold *histogramCounts, coldIdx uint64, value float64, bucket int,
 ) bool {
 	// We are using the possibly mocked h.now() rather than
 	// time.Since(h.lastResetTime) to enable testing.
-	if h.nativeHistogramMinResetDuration == 0 ||
+	if h.nativeHistogramMinResetDuration == 0 || // No reset configured.
+		h.resetScheduled || // Do not interefere if a reset is already scheduled.
 		h.now().Sub(h.lastResetTime) < h.nativeHistogramMinResetDuration {
 		return false
 	}
@@ -906,6 +929,29 @@ func (h *histogram) maybeReset(
 	return true
 }
 
+// reset resets the whole histogram. It locks h.mtx itself, i.e. it has to be
+// called without having locked h.mtx.
+func (h *histogram) reset() {
+	h.mtx.Lock()
+	defer h.mtx.Unlock()
+
+	n := atomic.LoadUint64(&h.countAndHotIdx)
+	hotIdx := n >> 63
+	coldIdx := (^n) >> 63
+	hot := h.counts[hotIdx]
+	cold := h.counts[coldIdx]
+	// Completely reset coldCounts.
+	h.resetCounts(cold)
+	// Make coldCounts the new hot counts while resetting countAndHotIdx.
+	n = atomic.SwapUint64(&h.countAndHotIdx, coldIdx<<63)
+	count := n & ((1 << 63) - 1)
+	waitForCooldown(count, hot)
+	// Finally, reset the formerly hot counts, too.
+	h.resetCounts(hot)
+	h.lastResetTime = h.now()
+	h.resetScheduled = false
+}
+
 // maybeWidenZeroBucket widens the zero bucket until it includes the existing
 // buckets closest to the zero bucket (which could be two, if an equidistant
 // negative and a positive bucket exists, but usually it's only one bucket to be
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/labels.go b/vendor/github.com/prometheus/client_golang/prometheus/labels.go
index b3c4eca2b..c21911f29 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/labels.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/labels.go
@@ -165,6 +165,8 @@ func validateValuesInLabels(labels Labels, expectedNumberOfValues int) error {
 
 func validateLabelValues(vals []string, expectedNumberOfValues int) error {
 	if len(vals) != expectedNumberOfValues {
+		// The call below makes vals escape, copy them to avoid that.
+		vals := append([]string(nil), vals...)
 		return fmt.Errorf(
 			"%w: expected %d label values but got %d in %#v",
 			errInconsistentCardinality, expectedNumberOfValues,
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go b/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go
index c0152cdb6..8c1136cee 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go
@@ -11,8 +11,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-//go:build !windows && !js
-// +build !windows,!js
+//go:build !windows && !js && !wasip1
+// +build !windows,!js,!wasip1
 
 package prometheus
 
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/process_collector_wasip1.go b/vendor/github.com/prometheus/client_golang/prometheus/process_collector_wasip1.go
new file mode 100644
index 000000000..d8d9a6d7a
--- /dev/null
+++ b/vendor/github.com/prometheus/client_golang/prometheus/process_collector_wasip1.go
@@ -0,0 +1,26 @@
+// Copyright 2023 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build wasip1
+// +build wasip1
+
+package prometheus
+
+func canCollectProcess() bool {
+	return false
+}
+
+func (*processCollector) processCollect(chan<- Metric) {
+	// noop on this platform
+	return
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index cb36f9912..9a7eaa0e2 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -77,7 +77,7 @@ github.com/matttproud/golang_protobuf_extensions/v2/pbutil
 # github.com/pelletier/go-toml v1.9.3
 ## explicit; go 1.12
 github.com/pelletier/go-toml
-# github.com/prometheus/client_golang v1.17.0
+# github.com/prometheus/client_golang v1.18.0
 ## explicit; go 1.19
 github.com/prometheus/client_golang/prometheus
 github.com/prometheus/client_golang/prometheus/internal

From 64104671450fc8893c8c1b20e7d7762adf55a807 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 15 Jan 2024 03:23:53 +0000
Subject: [PATCH 54/73] build(deps): bump golang.org/x/crypto from 0.17.0 to
 0.18.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/crypto/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |  4 +-
 go.sum                                        | 10 ++--
 .../x/crypto/internal/poly1305/bits_compat.go | 39 --------------
 .../x/crypto/internal/poly1305/bits_go1.13.go | 21 --------
 .../x/crypto/internal/poly1305/sum_generic.go | 43 ++++++++-------
 vendor/golang.org/x/sys/unix/mkerrors.sh      | 37 +++++++------
 vendor/golang.org/x/sys/unix/zerrors_linux.go | 54 +++++++++++++++++++
 .../x/sys/unix/zsyscall_openbsd_386.go        |  2 -
 .../x/sys/unix/zsyscall_openbsd_amd64.go      |  2 -
 .../x/sys/unix/zsyscall_openbsd_arm.go        |  2 -
 .../x/sys/unix/zsyscall_openbsd_arm64.go      |  2 -
 .../x/sys/unix/zsyscall_openbsd_mips64.go     |  2 -
 .../x/sys/unix/zsyscall_openbsd_ppc64.go      |  2 -
 .../x/sys/unix/zsyscall_openbsd_riscv64.go    |  2 -
 .../x/sys/windows/syscall_windows.go          |  1 +
 .../x/sys/windows/zsyscall_windows.go         |  9 ++++
 vendor/modules.txt                            |  4 +-
 17 files changed, 117 insertions(+), 119 deletions(-)
 delete mode 100644 vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go
 delete mode 100644 vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go

diff --git a/go.mod b/go.mod
index f302528c4..74dfd4290 100644
--- a/go.mod
+++ b/go.mod
@@ -16,7 +16,7 @@ require (
 	github.com/prometheus/client_golang v1.18.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.17.0
+	golang.org/x/crypto v0.18.0
 )
 
 require (
@@ -34,7 +34,7 @@ require (
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/sys v0.16.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
diff --git a/go.sum b/go.sum
index f861e0df0..5f8916e74 100644
--- a/go.sum
+++ b/go.sum
@@ -385,8 +385,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k=
-golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
+golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -528,14 +528,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
-golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
+golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
+golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go b/vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go
deleted file mode 100644
index d33c8890f..000000000
--- a/vendor/golang.org/x/crypto/internal/poly1305/bits_compat.go
+++ /dev/null
@@ -1,39 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !go1.13
-
-package poly1305
-
-// Generic fallbacks for the math/bits intrinsics, copied from
-// src/math/bits/bits.go. They were added in Go 1.12, but Add64 and Sum64 had
-// variable time fallbacks until Go 1.13.
-
-func bitsAdd64(x, y, carry uint64) (sum, carryOut uint64) {
-	sum = x + y + carry
-	carryOut = ((x & y) | ((x | y) &^ sum)) >> 63
-	return
-}
-
-func bitsSub64(x, y, borrow uint64) (diff, borrowOut uint64) {
-	diff = x - y - borrow
-	borrowOut = ((^x & y) | (^(x ^ y) & diff)) >> 63
-	return
-}
-
-func bitsMul64(x, y uint64) (hi, lo uint64) {
-	const mask32 = 1<<32 - 1
-	x0 := x & mask32
-	x1 := x >> 32
-	y0 := y & mask32
-	y1 := y >> 32
-	w0 := x0 * y0
-	t := x1*y0 + w0>>32
-	w1 := t & mask32
-	w2 := t >> 32
-	w1 += x0 * y1
-	hi = x1*y1 + w2 + w1>>32
-	lo = x * y
-	return
-}
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go b/vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go
deleted file mode 100644
index 495c1fa69..000000000
--- a/vendor/golang.org/x/crypto/internal/poly1305/bits_go1.13.go
+++ /dev/null
@@ -1,21 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build go1.13
-
-package poly1305
-
-import "math/bits"
-
-func bitsAdd64(x, y, carry uint64) (sum, carryOut uint64) {
-	return bits.Add64(x, y, carry)
-}
-
-func bitsSub64(x, y, borrow uint64) (diff, borrowOut uint64) {
-	return bits.Sub64(x, y, borrow)
-}
-
-func bitsMul64(x, y uint64) (hi, lo uint64) {
-	return bits.Mul64(x, y)
-}
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_generic.go b/vendor/golang.org/x/crypto/internal/poly1305/sum_generic.go
index e041da5ea..ec2202bd7 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_generic.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_generic.go
@@ -7,7 +7,10 @@
 
 package poly1305
 
-import "encoding/binary"
+import (
+	"encoding/binary"
+	"math/bits"
+)
 
 // Poly1305 [RFC 7539] is a relatively simple algorithm: the authentication tag
 // for a 64 bytes message is approximately
@@ -114,13 +117,13 @@ type uint128 struct {
 }
 
 func mul64(a, b uint64) uint128 {
-	hi, lo := bitsMul64(a, b)
+	hi, lo := bits.Mul64(a, b)
 	return uint128{lo, hi}
 }
 
 func add128(a, b uint128) uint128 {
-	lo, c := bitsAdd64(a.lo, b.lo, 0)
-	hi, c := bitsAdd64(a.hi, b.hi, c)
+	lo, c := bits.Add64(a.lo, b.lo, 0)
+	hi, c := bits.Add64(a.hi, b.hi, c)
 	if c != 0 {
 		panic("poly1305: unexpected overflow")
 	}
@@ -155,8 +158,8 @@ func updateGeneric(state *macState, msg []byte) {
 		// hide leading zeroes. For full chunks, that's 1 << 128, so we can just
 		// add 1 to the most significant (2¹²⁸) limb, h2.
 		if len(msg) >= TagSize {
-			h0, c = bitsAdd64(h0, binary.LittleEndian.Uint64(msg[0:8]), 0)
-			h1, c = bitsAdd64(h1, binary.LittleEndian.Uint64(msg[8:16]), c)
+			h0, c = bits.Add64(h0, binary.LittleEndian.Uint64(msg[0:8]), 0)
+			h1, c = bits.Add64(h1, binary.LittleEndian.Uint64(msg[8:16]), c)
 			h2 += c + 1
 
 			msg = msg[TagSize:]
@@ -165,8 +168,8 @@ func updateGeneric(state *macState, msg []byte) {
 			copy(buf[:], msg)
 			buf[len(msg)] = 1
 
-			h0, c = bitsAdd64(h0, binary.LittleEndian.Uint64(buf[0:8]), 0)
-			h1, c = bitsAdd64(h1, binary.LittleEndian.Uint64(buf[8:16]), c)
+			h0, c = bits.Add64(h0, binary.LittleEndian.Uint64(buf[0:8]), 0)
+			h1, c = bits.Add64(h1, binary.LittleEndian.Uint64(buf[8:16]), c)
 			h2 += c
 
 			msg = nil
@@ -219,9 +222,9 @@ func updateGeneric(state *macState, msg []byte) {
 		m3 := h2r1
 
 		t0 := m0.lo
-		t1, c := bitsAdd64(m1.lo, m0.hi, 0)
-		t2, c := bitsAdd64(m2.lo, m1.hi, c)
-		t3, _ := bitsAdd64(m3.lo, m2.hi, c)
+		t1, c := bits.Add64(m1.lo, m0.hi, 0)
+		t2, c := bits.Add64(m2.lo, m1.hi, c)
+		t3, _ := bits.Add64(m3.lo, m2.hi, c)
 
 		// Now we have the result as 4 64-bit limbs, and we need to reduce it
 		// modulo 2¹³⁰ - 5. The special shape of this Crandall prime lets us do
@@ -243,14 +246,14 @@ func updateGeneric(state *macState, msg []byte) {
 
 		// To add c * 5 to h, we first add cc = c * 4, and then add (cc >> 2) = c.
 
-		h0, c = bitsAdd64(h0, cc.lo, 0)
-		h1, c = bitsAdd64(h1, cc.hi, c)
+		h0, c = bits.Add64(h0, cc.lo, 0)
+		h1, c = bits.Add64(h1, cc.hi, c)
 		h2 += c
 
 		cc = shiftRightBy2(cc)
 
-		h0, c = bitsAdd64(h0, cc.lo, 0)
-		h1, c = bitsAdd64(h1, cc.hi, c)
+		h0, c = bits.Add64(h0, cc.lo, 0)
+		h1, c = bits.Add64(h1, cc.hi, c)
 		h2 += c
 
 		// h2 is at most 3 + 1 + 1 = 5, making the whole of h at most
@@ -287,9 +290,9 @@ func finalize(out *[TagSize]byte, h *[3]uint64, s *[2]uint64) {
 	// in constant time, we compute t = h - (2¹³⁰ - 5), and select h as the
 	// result if the subtraction underflows, and t otherwise.
 
-	hMinusP0, b := bitsSub64(h0, p0, 0)
-	hMinusP1, b := bitsSub64(h1, p1, b)
-	_, b = bitsSub64(h2, p2, b)
+	hMinusP0, b := bits.Sub64(h0, p0, 0)
+	hMinusP1, b := bits.Sub64(h1, p1, b)
+	_, b = bits.Sub64(h2, p2, b)
 
 	// h = h if h < p else h - p
 	h0 = select64(b, h0, hMinusP0)
@@ -301,8 +304,8 @@ func finalize(out *[TagSize]byte, h *[3]uint64, s *[2]uint64) {
 	//
 	// by just doing a wide addition with the 128 low bits of h and discarding
 	// the overflow.
-	h0, c := bitsAdd64(h0, s[0], 0)
-	h1, _ = bitsAdd64(h1, s[1], c)
+	h0, c := bits.Add64(h0, s[0], 0)
+	h1, _ = bits.Add64(h1, s[1], c)
 
 	binary.LittleEndian.PutUint64(out[0:8], h0)
 	binary.LittleEndian.PutUint64(out[8:16], h1)
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index 6202638ba..c6492020e 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -248,6 +248,7 @@ struct ltchars {
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -283,10 +284,6 @@ struct ltchars {
 #include 
 #endif
 
-#ifndef MSG_FASTOPEN
-#define MSG_FASTOPEN    0x20000000
-#endif
-
 #ifndef PTRACE_GETREGS
 #define PTRACE_GETREGS	0xc
 #endif
@@ -295,14 +292,6 @@ struct ltchars {
 #define PTRACE_SETREGS	0xd
 #endif
 
-#ifndef SOL_NETLINK
-#define SOL_NETLINK	270
-#endif
-
-#ifndef SOL_SMC
-#define SOL_SMC 286
-#endif
-
 #ifdef SOL_BLUETOOTH
 // SPARC includes this in /usr/include/sparc64-linux-gnu/bits/socket.h
 // but it is already in bluetooth_linux.go
@@ -319,10 +308,23 @@ struct ltchars {
 #undef TIPC_WAIT_FOREVER
 #define TIPC_WAIT_FOREVER 0xffffffff
 
-// Copied from linux/l2tp.h
-// Including linux/l2tp.h here causes conflicts between linux/in.h
-// and netinet/in.h included via net/route.h above.
-#define IPPROTO_L2TP		115
+// Copied from linux/netfilter/nf_nat.h
+// Including linux/netfilter/nf_nat.h here causes conflicts between linux/in.h
+// and netinet/in.h.
+#define NF_NAT_RANGE_MAP_IPS			(1 << 0)
+#define NF_NAT_RANGE_PROTO_SPECIFIED		(1 << 1)
+#define NF_NAT_RANGE_PROTO_RANDOM		(1 << 2)
+#define NF_NAT_RANGE_PERSISTENT			(1 << 3)
+#define NF_NAT_RANGE_PROTO_RANDOM_FULLY		(1 << 4)
+#define NF_NAT_RANGE_PROTO_OFFSET		(1 << 5)
+#define NF_NAT_RANGE_NETMAP			(1 << 6)
+#define NF_NAT_RANGE_PROTO_RANDOM_ALL		\
+	(NF_NAT_RANGE_PROTO_RANDOM | NF_NAT_RANGE_PROTO_RANDOM_FULLY)
+#define NF_NAT_RANGE_MASK					\
+	(NF_NAT_RANGE_MAP_IPS | NF_NAT_RANGE_PROTO_SPECIFIED |	\
+	 NF_NAT_RANGE_PROTO_RANDOM | NF_NAT_RANGE_PERSISTENT |	\
+	 NF_NAT_RANGE_PROTO_RANDOM_FULLY | NF_NAT_RANGE_PROTO_OFFSET | \
+	 NF_NAT_RANGE_NETMAP)
 
 // Copied from linux/hid.h.
 // Keep in sync with the size of the referenced fields.
@@ -603,6 +605,9 @@ ccflags="$@"
 		$2 ~ /^FSOPT_/ ||
 		$2 ~ /^WDIO[CFS]_/ ||
 		$2 ~ /^NFN/ ||
+		$2 !~ /^NFT_META_IIFTYPE/ &&
+		$2 ~ /^NFT_/ ||
+		$2 ~ /^NF_NAT_/ ||
 		$2 ~ /^XDP_/ ||
 		$2 ~ /^RWF_/ ||
 		$2 ~ /^(HDIO|WIN|SMART)_/ ||
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index c73cfe2f1..a5d3ff8df 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -2127,6 +2127,60 @@ const (
 	NFNL_SUBSYS_QUEUE                           = 0x3
 	NFNL_SUBSYS_ULOG                            = 0x4
 	NFS_SUPER_MAGIC                             = 0x6969
+	NFT_CHAIN_FLAGS                             = 0x7
+	NFT_CHAIN_MAXNAMELEN                        = 0x100
+	NFT_CT_MAX                                  = 0x17
+	NFT_DATA_RESERVED_MASK                      = 0xffffff00
+	NFT_DATA_VALUE_MAXLEN                       = 0x40
+	NFT_EXTHDR_OP_MAX                           = 0x4
+	NFT_FIB_RESULT_MAX                          = 0x3
+	NFT_INNER_MASK                              = 0xf
+	NFT_LOGLEVEL_MAX                            = 0x8
+	NFT_NAME_MAXLEN                             = 0x100
+	NFT_NG_MAX                                  = 0x1
+	NFT_OBJECT_CONNLIMIT                        = 0x5
+	NFT_OBJECT_COUNTER                          = 0x1
+	NFT_OBJECT_CT_EXPECT                        = 0x9
+	NFT_OBJECT_CT_HELPER                        = 0x3
+	NFT_OBJECT_CT_TIMEOUT                       = 0x7
+	NFT_OBJECT_LIMIT                            = 0x4
+	NFT_OBJECT_MAX                              = 0xa
+	NFT_OBJECT_QUOTA                            = 0x2
+	NFT_OBJECT_SECMARK                          = 0x8
+	NFT_OBJECT_SYNPROXY                         = 0xa
+	NFT_OBJECT_TUNNEL                           = 0x6
+	NFT_OBJECT_UNSPEC                           = 0x0
+	NFT_OBJ_MAXNAMELEN                          = 0x100
+	NFT_OSF_MAXGENRELEN                         = 0x10
+	NFT_QUEUE_FLAG_BYPASS                       = 0x1
+	NFT_QUEUE_FLAG_CPU_FANOUT                   = 0x2
+	NFT_QUEUE_FLAG_MASK                         = 0x3
+	NFT_REG32_COUNT                             = 0x10
+	NFT_REG32_SIZE                              = 0x4
+	NFT_REG_MAX                                 = 0x4
+	NFT_REG_SIZE                                = 0x10
+	NFT_REJECT_ICMPX_MAX                        = 0x3
+	NFT_RT_MAX                                  = 0x4
+	NFT_SECMARK_CTX_MAXLEN                      = 0x100
+	NFT_SET_MAXNAMELEN                          = 0x100
+	NFT_SOCKET_MAX                              = 0x3
+	NFT_TABLE_F_MASK                            = 0x3
+	NFT_TABLE_MAXNAMELEN                        = 0x100
+	NFT_TRACETYPE_MAX                           = 0x3
+	NFT_TUNNEL_F_MASK                           = 0x7
+	NFT_TUNNEL_MAX                              = 0x1
+	NFT_TUNNEL_MODE_MAX                         = 0x2
+	NFT_USERDATA_MAXLEN                         = 0x100
+	NFT_XFRM_KEY_MAX                            = 0x6
+	NF_NAT_RANGE_MAP_IPS                        = 0x1
+	NF_NAT_RANGE_MASK                           = 0x7f
+	NF_NAT_RANGE_NETMAP                         = 0x40
+	NF_NAT_RANGE_PERSISTENT                     = 0x8
+	NF_NAT_RANGE_PROTO_OFFSET                   = 0x20
+	NF_NAT_RANGE_PROTO_RANDOM                   = 0x4
+	NF_NAT_RANGE_PROTO_RANDOM_ALL               = 0x14
+	NF_NAT_RANGE_PROTO_RANDOM_FULLY             = 0x10
+	NF_NAT_RANGE_PROTO_SPECIFIED                = 0x2
 	NILFS_SUPER_MAGIC                           = 0x3434
 	NL0                                         = 0x0
 	NL1                                         = 0x100
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
index a1d061597..9dc42410b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
@@ -2297,5 +2297,3 @@ func unveil(path *byte, flags *byte) (err error) {
 var libc_unveil_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_unveil unveil "libc.so"
-
-
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
index 5b2a74097..0d3a0751c 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
@@ -2297,5 +2297,3 @@ func unveil(path *byte, flags *byte) (err error) {
 var libc_unveil_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_unveil unveil "libc.so"
-
-
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
index f6eda1344..c39f7776d 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
@@ -2297,5 +2297,3 @@ func unveil(path *byte, flags *byte) (err error) {
 var libc_unveil_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_unveil unveil "libc.so"
-
-
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
index 55df20ae9..57571d072 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
@@ -2297,5 +2297,3 @@ func unveil(path *byte, flags *byte) (err error) {
 var libc_unveil_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_unveil unveil "libc.so"
-
-
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
index 8c1155cbc..e62963e67 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
@@ -2297,5 +2297,3 @@ func unveil(path *byte, flags *byte) (err error) {
 var libc_unveil_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_unveil unveil "libc.so"
-
-
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
index 7cc80c58d..00831354c 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
@@ -2297,5 +2297,3 @@ func unveil(path *byte, flags *byte) (err error) {
 var libc_unveil_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_unveil unveil "libc.so"
-
-
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
index 0688737f4..79029ed58 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
@@ -2297,5 +2297,3 @@ func unveil(path *byte, flags *byte) (err error) {
 var libc_unveil_trampoline_addr uintptr
 
 //go:cgo_import_dynamic libc_unveil unveil "libc.so"
-
-
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 47dc57967..ffb8708cc 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -194,6 +194,7 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	GetComputerName(buf *uint16, n *uint32) (err error) = GetComputerNameW
 //sys	GetComputerNameEx(nametype uint32, buf *uint16, n *uint32) (err error) = GetComputerNameExW
 //sys	SetEndOfFile(handle Handle) (err error)
+//sys	SetFileValidData(handle Handle, validDataLength int64) (err error)
 //sys	GetSystemTimeAsFileTime(time *Filetime)
 //sys	GetSystemTimePreciseAsFileTime(time *Filetime)
 //sys	GetTimeZoneInformation(tzi *Timezoneinformation) (rc uint32, err error) [failretval==0xffffffff]
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index 146a1f019..e8791c82c 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -342,6 +342,7 @@ var (
 	procSetDefaultDllDirectories                             = modkernel32.NewProc("SetDefaultDllDirectories")
 	procSetDllDirectoryW                                     = modkernel32.NewProc("SetDllDirectoryW")
 	procSetEndOfFile                                         = modkernel32.NewProc("SetEndOfFile")
+	procSetFileValidData                                     = modkernel32.NewProc("SetFileValidData")
 	procSetEnvironmentVariableW                              = modkernel32.NewProc("SetEnvironmentVariableW")
 	procSetErrorMode                                         = modkernel32.NewProc("SetErrorMode")
 	procSetEvent                                             = modkernel32.NewProc("SetEvent")
@@ -2988,6 +2989,14 @@ func SetEndOfFile(handle Handle) (err error) {
 	return
 }
 
+func SetFileValidData(handle Handle, validDataLength int64) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetFileValidData.Addr(), 2, uintptr(handle), uintptr(validDataLength), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func SetEnvironmentVariable(name *uint16, value *uint16) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetEnvironmentVariableW.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(value)), 0)
 	if r1 == 0 {
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 9a7eaa0e2..d2de5ee8a 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -130,7 +130,7 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.17.0
+# golang.org/x/crypto v0.18.0
 ## explicit; go 1.18
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
@@ -152,7 +152,7 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 ## explicit; go 1.17
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.15.0
+# golang.org/x/sys v0.16.0
 ## explicit; go 1.18
 golang.org/x/sys/cpu
 golang.org/x/sys/unix

From 753132f563e75d63f5bb7efaf31677d396c19b11 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 29 Jan 2024 03:19:17 +0000
Subject: [PATCH 55/73] build(deps): bump github.com/mattn/go-sqlite3 from
 1.14.19 to 1.14.20

Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.19 to 1.14.20.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.19...v1.14.20)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |    2 +-
 go.sum                                        |    4 +-
 .../github.com/mattn/go-sqlite3/callback.go   |   16 +-
 vendor/github.com/mattn/go-sqlite3/convert.go |   10 +-
 vendor/github.com/mattn/go-sqlite3/doc.go     |  105 +-
 .../mattn/go-sqlite3/sqlite3-binding.c        | 8087 +++++++++++------
 .../mattn/go-sqlite3/sqlite3-binding.h        |  152 +-
 vendor/github.com/mattn/go-sqlite3/sqlite3.go |  160 +-
 .../mattn/go-sqlite3/sqlite3_func_crypt.go    |   24 +-
 .../mattn/go-sqlite3/sqlite3_go18.go          |    4 +-
 .../mattn/go-sqlite3/sqlite3_libsqlite3.go    |    1 +
 .../go-sqlite3/sqlite3_load_extension.go      |    1 +
 .../go-sqlite3/sqlite3_load_extension_omit.go |    1 +
 .../sqlite3_opt_allow_uri_authority.go        |    1 +
 .../mattn/go-sqlite3/sqlite3_opt_app_armor.go |    4 +-
 .../go-sqlite3/sqlite3_opt_column_metadata.go |    1 +
 .../go-sqlite3/sqlite3_opt_foreign_keys.go    |    1 +
 .../mattn/go-sqlite3/sqlite3_opt_fts5.go      |    1 +
 .../mattn/go-sqlite3/sqlite3_opt_icu.go       |    1 +
 .../go-sqlite3/sqlite3_opt_introspect.go      |    1 +
 .../go-sqlite3/sqlite3_opt_math_functions.go  |    1 +
 .../mattn/go-sqlite3/sqlite3_opt_preupdate.go |    1 +
 .../go-sqlite3/sqlite3_opt_preupdate_hook.go  |    9 +-
 .../go-sqlite3/sqlite3_opt_preupdate_omit.go  |    1 +
 .../go-sqlite3/sqlite3_opt_secure_delete.go   |    1 +
 .../sqlite3_opt_secure_delete_fast.go         |    1 +
 .../mattn/go-sqlite3/sqlite3_opt_serialize.go |    1 +
 .../go-sqlite3/sqlite3_opt_serialize_omit.go  |    1 +
 .../mattn/go-sqlite3/sqlite3_opt_stat4.go     |    1 +
 .../go-sqlite3/sqlite3_opt_unlock_notify.go   |    4 +-
 .../mattn/go-sqlite3/sqlite3_opt_userauth.go  |   36 +-
 .../go-sqlite3/sqlite3_opt_userauth_omit.go   |   36 +-
 .../go-sqlite3/sqlite3_opt_vacuum_full.go     |    1 +
 .../go-sqlite3/sqlite3_opt_vacuum_incr.go     |    1 +
 .../mattn/go-sqlite3/sqlite3_opt_vtable.go    |   13 +-
 .../mattn/go-sqlite3/sqlite3_other.go         |    1 +
 .../mattn/go-sqlite3/sqlite3_solaris.go       |    1 +
 .../mattn/go-sqlite3/sqlite3_trace.go         |    1 +
 .../mattn/go-sqlite3/sqlite3_type.go          |    2 +-
 .../go-sqlite3/sqlite3_usleep_windows.go      |    1 +
 .../mattn/go-sqlite3/sqlite3_windows.go       |    1 +
 .../mattn/go-sqlite3/static_mock.go           |    5 +-
 vendor/modules.txt                            |    4 +-
 43 files changed, 5931 insertions(+), 2770 deletions(-)

diff --git a/go.mod b/go.mod
index f302528c4..3c3572d36 100644
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
-	github.com/mattn/go-sqlite3 v1.14.19
+	github.com/mattn/go-sqlite3 v1.14.20
 	github.com/prometheus/client_golang v1.18.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
diff --git a/go.sum b/go.sum
index f861e0df0..38e87ba5b 100644
--- a/go.sum
+++ b/go.sum
@@ -236,8 +236,8 @@ github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
 github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
-github.com/mattn/go-sqlite3 v1.14.19 h1:fhGleo2h1p8tVChob4I9HpmVFIAkKGpiukdrgQbWfGI=
-github.com/mattn/go-sqlite3 v1.14.19/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
+github.com/mattn/go-sqlite3 v1.14.20 h1:BAZ50Ns0OFBNxdAqFhbZqdPcht1Xlb16pDCqkq1spr0=
+github.com/mattn/go-sqlite3 v1.14.20/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
diff --git a/vendor/github.com/mattn/go-sqlite3/callback.go b/vendor/github.com/mattn/go-sqlite3/callback.go
index d30569100..b794bcd83 100644
--- a/vendor/github.com/mattn/go-sqlite3/callback.go
+++ b/vendor/github.com/mattn/go-sqlite3/callback.go
@@ -100,13 +100,13 @@ func preUpdateHookTrampoline(handle unsafe.Pointer, dbHandle uintptr, op int, db
 // Use handles to avoid passing Go pointers to C.
 type handleVal struct {
 	db  *SQLiteConn
-	val interface{}
+	val any
 }
 
 var handleLock sync.Mutex
 var handleVals = make(map[unsafe.Pointer]handleVal)
 
-func newHandle(db *SQLiteConn, v interface{}) unsafe.Pointer {
+func newHandle(db *SQLiteConn, v any) unsafe.Pointer {
 	handleLock.Lock()
 	defer handleLock.Unlock()
 	val := handleVal{db: db, val: v}
@@ -124,7 +124,7 @@ func lookupHandleVal(handle unsafe.Pointer) handleVal {
 	return handleVals[handle]
 }
 
-func lookupHandle(handle unsafe.Pointer) interface{} {
+func lookupHandle(handle unsafe.Pointer) any {
 	return lookupHandleVal(handle).val
 }
 
@@ -238,7 +238,7 @@ func callbackArg(typ reflect.Type) (callbackArgConverter, error) {
 	switch typ.Kind() {
 	case reflect.Interface:
 		if typ.NumMethod() != 0 {
-			return nil, errors.New("the only supported interface type is interface{}")
+			return nil, errors.New("the only supported interface type is any")
 		}
 		return callbackArgGeneric, nil
 	case reflect.Slice:
@@ -360,11 +360,11 @@ func callbackRetGeneric(ctx *C.sqlite3_context, v reflect.Value) error {
 	}
 
 	cb, err := callbackRet(v.Elem().Type())
-        if err != nil {
-                return err
-        }
+	if err != nil {
+		return err
+	}
 
-        return cb(ctx, v.Elem())
+	return cb(ctx, v.Elem())
 }
 
 func callbackRet(typ reflect.Type) (callbackRetConverter, error) {
diff --git a/vendor/github.com/mattn/go-sqlite3/convert.go b/vendor/github.com/mattn/go-sqlite3/convert.go
index 03850737f..f7a9dcd72 100644
--- a/vendor/github.com/mattn/go-sqlite3/convert.go
+++ b/vendor/github.com/mattn/go-sqlite3/convert.go
@@ -23,7 +23,7 @@ var errNilPtr = errors.New("destination pointer is nil") // embedded in descript
 // convertAssign copies to dest the value in src, converting it if possible.
 // An error is returned if the copy would result in loss of information.
 // dest should be a pointer type.
-func convertAssign(dest, src interface{}) error {
+func convertAssign(dest, src any) error {
 	// Common cases, without reflect.
 	switch s := src.(type) {
 	case string:
@@ -55,7 +55,7 @@ func convertAssign(dest, src interface{}) error {
 			}
 			*d = string(s)
 			return nil
-		case *interface{}:
+		case *any:
 			if d == nil {
 				return errNilPtr
 			}
@@ -97,7 +97,7 @@ func convertAssign(dest, src interface{}) error {
 		}
 	case nil:
 		switch d := dest.(type) {
-		case *interface{}:
+		case *any:
 			if d == nil {
 				return errNilPtr
 			}
@@ -149,7 +149,7 @@ func convertAssign(dest, src interface{}) error {
 			*d = bv.(bool)
 		}
 		return err
-	case *interface{}:
+	case *any:
 		*d = src
 		return nil
 	}
@@ -256,7 +256,7 @@ func cloneBytes(b []byte) []byte {
 	return c
 }
 
-func asString(src interface{}) string {
+func asString(src any) string {
 	switch v := src.(type) {
 	case string:
 		return v
diff --git a/vendor/github.com/mattn/go-sqlite3/doc.go b/vendor/github.com/mattn/go-sqlite3/doc.go
index ac27633b3..a3bcebbcb 100644
--- a/vendor/github.com/mattn/go-sqlite3/doc.go
+++ b/vendor/github.com/mattn/go-sqlite3/doc.go
@@ -5,63 +5,63 @@ This works as a driver for database/sql.
 
 Installation
 
-    go get github.com/mattn/go-sqlite3
+	go get github.com/mattn/go-sqlite3
 
-Supported Types
+# Supported Types
 
 Currently, go-sqlite3 supports the following data types.
 
-    +------------------------------+
-    |go        | sqlite3           |
-    |----------|-------------------|
-    |nil       | null              |
-    |int       | integer           |
-    |int64     | integer           |
-    |float64   | float             |
-    |bool      | integer           |
-    |[]byte    | blob              |
-    |string    | text              |
-    |time.Time | timestamp/datetime|
-    +------------------------------+
-
-SQLite3 Extension
+	+------------------------------+
+	|go        | sqlite3           |
+	|----------|-------------------|
+	|nil       | null              |
+	|int       | integer           |
+	|int64     | integer           |
+	|float64   | float             |
+	|bool      | integer           |
+	|[]byte    | blob              |
+	|string    | text              |
+	|time.Time | timestamp/datetime|
+	+------------------------------+
+
+# SQLite3 Extension
 
 You can write your own extension module for sqlite3. For example, below is an
 extension for a Regexp matcher operation.
 
-    #include 
-    #include 
-    #include 
-    #include 
-
-    SQLITE_EXTENSION_INIT1
-    static void regexp_func(sqlite3_context *context, int argc, sqlite3_value **argv) {
-      if (argc >= 2) {
-        const char *target  = (const char *)sqlite3_value_text(argv[1]);
-        const char *pattern = (const char *)sqlite3_value_text(argv[0]);
-        const char* errstr = NULL;
-        int erroff = 0;
-        int vec[500];
-        int n, rc;
-        pcre* re = pcre_compile(pattern, 0, &errstr, &erroff, NULL);
-        rc = pcre_exec(re, NULL, target, strlen(target), 0, 0, vec, 500);
-        if (rc <= 0) {
-          sqlite3_result_error(context, errstr, 0);
-          return;
-        }
-        sqlite3_result_int(context, 1);
-      }
-    }
-
-    #ifdef _WIN32
-    __declspec(dllexport)
-    #endif
-    int sqlite3_extension_init(sqlite3 *db, char **errmsg,
-          const sqlite3_api_routines *api) {
-      SQLITE_EXTENSION_INIT2(api);
-      return sqlite3_create_function(db, "regexp", 2, SQLITE_UTF8,
-          (void*)db, regexp_func, NULL, NULL);
-    }
+	#include 
+	#include 
+	#include 
+	#include 
+
+	SQLITE_EXTENSION_INIT1
+	static void regexp_func(sqlite3_context *context, int argc, sqlite3_value **argv) {
+	  if (argc >= 2) {
+	    const char *target  = (const char *)sqlite3_value_text(argv[1]);
+	    const char *pattern = (const char *)sqlite3_value_text(argv[0]);
+	    const char* errstr = NULL;
+	    int erroff = 0;
+	    int vec[500];
+	    int n, rc;
+	    pcre* re = pcre_compile(pattern, 0, &errstr, &erroff, NULL);
+	    rc = pcre_exec(re, NULL, target, strlen(target), 0, 0, vec, 500);
+	    if (rc <= 0) {
+	      sqlite3_result_error(context, errstr, 0);
+	      return;
+	    }
+	    sqlite3_result_int(context, 1);
+	  }
+	}
+
+	#ifdef _WIN32
+	__declspec(dllexport)
+	#endif
+	int sqlite3_extension_init(sqlite3 *db, char **errmsg,
+	      const sqlite3_api_routines *api) {
+	  SQLITE_EXTENSION_INIT2(api);
+	  return sqlite3_create_function(db, "regexp", 2, SQLITE_UTF8,
+	      (void*)db, regexp_func, NULL, NULL);
+	}
 
 It needs to be built as a so/dll shared library. And you need to register
 the extension module like below.
@@ -77,7 +77,7 @@ Then, you can use this extension.
 
 	rows, err := db.Query("select text from mytable where name regexp '^golang'")
 
-Connection Hook
+# Connection Hook
 
 You can hook and inject your code when the connection is established by setting
 ConnectHook to get the SQLiteConn.
@@ -95,13 +95,13 @@ You can also use database/sql.Conn.Raw (Go >= 1.13):
 	conn, err := db.Conn(context.Background())
 	// if err != nil { ... }
 	defer conn.Close()
-	err = conn.Raw(func (driverConn interface{}) error {
+	err = conn.Raw(func (driverConn any) error {
 		sqliteConn := driverConn.(*sqlite3.SQLiteConn)
 		// ... use sqliteConn
 	})
 	// if err != nil { ... }
 
-Go SQlite3 Extensions
+# Go SQlite3 Extensions
 
 If you want to register Go functions as SQLite extension functions
 you can make a custom driver by calling RegisterFunction from
@@ -130,6 +130,5 @@ You can then use the custom driver by passing its name to sql.Open.
 	}
 
 See the documentation of RegisterFunc for more details.
-
 */
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
index 454512ad2..7bf32a69d 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
@@ -1,7 +1,7 @@
 #ifndef USE_LIBSQLITE3
 /******************************************************************************
 ** This file is an amalgamation of many separate C source files from SQLite
-** version 3.44.0.  By combining all the individual C code files into this
+** version 3.45.0.  By combining all the individual C code files into this
 ** single large file, the entire code can be compiled as a single translation
 ** unit.  This allows many compilers to do optimizations that would not be
 ** possible if the files were compiled separately.  Performance improvements
@@ -19,7 +19,7 @@
 ** separate file. This file contains only code for the core SQLite library.
 **
 ** The content in this amalgamation comes from Fossil check-in
-** 17129ba1ff7f0daf37100ee82d507aef7827.
+** 1066602b2b1976fe58b5150777cced894af1.
 */
 #define SQLITE_CORE 1
 #define SQLITE_AMALGAMATION 1
@@ -460,9 +460,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.44.0"
-#define SQLITE_VERSION_NUMBER 3044000
-#define SQLITE_SOURCE_ID      "2023-11-01 11:23:50 17129ba1ff7f0daf37100ee82d507aef7827cf38de1866e2633096ae6ad81301"
+#define SQLITE_VERSION        "3.45.0"
+#define SQLITE_VERSION_NUMBER 3045000
+#define SQLITE_SOURCE_ID      "2024-01-15 17:01:13 1066602b2b1976fe58b5150777cced894af17c803e068f5918390d6915b46e1d"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -4268,15 +4268,17 @@ SQLITE_API void sqlite3_free_filename(sqlite3_filename);
 ** 
        
 **
 ** ^The sqlite3_errmsg() and sqlite3_errmsg16() return English-language
-** text that describes the error, as either UTF-8 or UTF-16 respectively.
+** text that describes the error, as either UTF-8 or UTF-16 respectively,
+** or NULL if no error message is available.
 ** (See how SQLite handles [invalid UTF] for exceptions to this rule.)
 ** ^(Memory to hold the error message string is managed internally.
 ** The application does not need to worry about freeing the result.
 ** However, the error string might be overwritten or deallocated by
 ** subsequent calls to other SQLite interface functions.)^
 **
-** ^The sqlite3_errstr() interface returns the English-language text
-** that describes the [result code], as UTF-8.
+** ^The sqlite3_errstr(E) interface returns the English-language text
+** that describes the [result code] E, as UTF-8, or NULL if E is not an
+** result code for which a text error message is available.
 ** ^(Memory to hold the error message string is managed internally
 ** and must not be freed by the application)^.
 **
@@ -5887,13 +5889,27 @@ SQLITE_API int sqlite3_create_window_function(
 ** 
      15. 
 **
 ** [[SQLITE_SUBTYPE]] 
      SQLITE_SUBTYPE
      
-** The SQLITE_SUBTYPE flag indicates to SQLite that a function may call
+** The SQLITE_SUBTYPE flag indicates to SQLite that a function might call
 ** [sqlite3_value_subtype()] to inspect the sub-types of its arguments.
-** Specifying this flag makes no difference for scalar or aggregate user
-** functions. However, if it is not specified for a user-defined window
-** function, then any sub-types belonging to arguments passed to the window
-** function may be discarded before the window function is called (i.e.
-** sqlite3_value_subtype() will always return 0).
+** This flag instructs SQLite to omit some corner-case optimizations that
+** might disrupt the operation of the [sqlite3_value_subtype()] function,
+** causing it to return zero rather than the correct subtype().
+** SQL functions that invokes [sqlite3_value_subtype()] should have this
+** property.  If the SQLITE_SUBTYPE property is omitted, then the return
+** value from [sqlite3_value_subtype()] might sometimes be zero even though
+** a non-zero subtype was specified by the function argument expression.
+**
+** [[SQLITE_RESULT_SUBTYPE]] 
      SQLITE_RESULT_SUBTYPE
      
+** The SQLITE_RESULT_SUBTYPE flag indicates to SQLite that a function might call
+** [sqlite3_result_subtype()] to cause a sub-type to be associated with its
+** result.
+** Every function that invokes [sqlite3_result_subtype()] should have this
+** property.  If it does not, then the call to [sqlite3_result_subtype()]
+** might become a no-op if the function is used as term in an
+** [expression index].  On the other hand, SQL functions that never invoke
+** [sqlite3_result_subtype()] should avoid setting this property, as the
+** purpose of this property is to disable certain optimizations that are
+** incompatible with subtypes.
 ** 
      
 ** 
 */
@@ -5901,6 +5917,7 @@ SQLITE_API int sqlite3_create_window_function(
 #define SQLITE_DIRECTONLY       0x000080000
 #define SQLITE_SUBTYPE          0x000100000
 #define SQLITE_INNOCUOUS        0x000200000
+#define SQLITE_RESULT_SUBTYPE   0x001000000
 
 /*
 ** CAPI3REF: Deprecated Functions
@@ -6097,6 +6114,12 @@ SQLITE_API int sqlite3_value_encoding(sqlite3_value*);
 ** information can be used to pass a limited amount of context from
 ** one SQL function to another.  Use the [sqlite3_result_subtype()]
 ** routine to set the subtype for the return value of an SQL function.
+**
+** Every [application-defined SQL function] that invoke this interface
+** should include the [SQLITE_SUBTYPE] property in the text
+** encoding argument when the function is [sqlite3_create_function|registered].
+** If the [SQLITE_SUBTYPE] property is omitted, then sqlite3_value_subtype()
+** might return zero instead of the upstream subtype in some corner cases.
 */
 SQLITE_API unsigned int sqlite3_value_subtype(sqlite3_value*);
 
@@ -6227,14 +6250,22 @@ SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context*);
 ** 
    15.  ^(when sqlite3_set_auxdata() is invoked again on the same
 **       parameter)^, or
 ** 
    16.  ^(during the original sqlite3_set_auxdata() call when a memory
-**      allocation error occurs.)^ 
+**      allocation error occurs.)^
+** 
    17.  ^(during the original sqlite3_set_auxdata() call if the function
+**      is evaluated during query planning instead of during query execution,
+**      as sometimes happens with [SQLITE_ENABLE_STAT4].)^ 
 **
-** Note the last bullet in particular.  The destructor X in
+** Note the last two bullets in particular.  The destructor X in
 ** sqlite3_set_auxdata(C,N,P,X) might be called immediately, before the
 ** sqlite3_set_auxdata() interface even returns.  Hence sqlite3_set_auxdata()
 ** should be called near the end of the function implementation and the
 ** function implementation should not make any use of P after
-** sqlite3_set_auxdata() has been called.
+** sqlite3_set_auxdata() has been called.  Furthermore, a call to
+** sqlite3_get_auxdata() that occurs immediately after a corresponding call
+** to sqlite3_set_auxdata() might still return NULL if an out-of-memory
+** condition occurred during the sqlite3_set_auxdata() call or if the
+** function is being evaluated during query planning rather than during
+** query execution.
 **
 ** ^(In practice, auxiliary data is preserved between function calls for
 ** function parameters that are compile-time constants, including literal
@@ -6508,6 +6539,20 @@ SQLITE_API int sqlite3_result_zeroblob64(sqlite3_context*, sqlite3_uint64 n);
 ** higher order bits are discarded.
 ** The number of subtype bytes preserved by SQLite might increase
 ** in future releases of SQLite.
+**
+** Every [application-defined SQL function] that invokes this interface
+** should include the [SQLITE_RESULT_SUBTYPE] property in its
+** text encoding argument when the SQL function is
+** [sqlite3_create_function|registered].  If the [SQLITE_RESULT_SUBTYPE]
+** property is omitted from the function that invokes sqlite3_result_subtype(),
+** then in some cases the sqlite3_result_subtype() might fail to set
+** the result subtype.
+**
+** If SQLite is compiled with -DSQLITE_STRICT_SUBTYPE=1, then any
+** SQL function that invokes the sqlite3_result_subtype() interface
+** and that does not have the SQLITE_RESULT_SUBTYPE property will raise
+** an error.  Future versions of SQLite might enable -DSQLITE_STRICT_SUBTYPE=1
+** by default.
 */
 SQLITE_API void sqlite3_result_subtype(sqlite3_context*,unsigned int);
 
@@ -8308,9 +8353,11 @@ SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*);
 **
 ** ^(Some systems (for example, Windows 95) do not support the operation
 ** implemented by sqlite3_mutex_try().  On those systems, sqlite3_mutex_try()
-** will always return SQLITE_BUSY. The SQLite core only ever uses
-** sqlite3_mutex_try() as an optimization so this is acceptable
-** behavior.)^
+** will always return SQLITE_BUSY. In most cases the SQLite core only uses
+** sqlite3_mutex_try() as an optimization, so this is acceptable
+** behavior. The exceptions are unix builds that set the
+** SQLITE_ENABLE_SETLK_TIMEOUT build option. In that case a working
+** sqlite3_mutex_try() is required.)^
 **
 ** ^The sqlite3_mutex_leave() routine exits a mutex that was
 ** previously entered by the same thread.   The behavior
@@ -8569,6 +8616,7 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 #define SQLITE_TESTCTRL_ASSERT                  12
 #define SQLITE_TESTCTRL_ALWAYS                  13
 #define SQLITE_TESTCTRL_RESERVE                 14  /* NOT USED */
+#define SQLITE_TESTCTRL_JSON_SELFCHECK          14
 #define SQLITE_TESTCTRL_OPTIMIZATIONS           15
 #define SQLITE_TESTCTRL_ISKEYWORD               16  /* NOT USED */
 #define SQLITE_TESTCTRL_SCRATCHMALLOC           17  /* NOT USED */
@@ -13082,8 +13130,11 @@ struct Fts5PhraseIter {
 **   created with the "columnsize=0" option.
 **
 ** xColumnText:
-**   This function attempts to retrieve the text of column iCol of the
-**   current document. If successful, (*pz) is set to point to a buffer
+**   If parameter iCol is less than zero, or greater than or equal to the
+**   number of columns in the table, SQLITE_RANGE is returned.
+**
+**   Otherwise, this function attempts to retrieve the text of column iCol of
+**   the current document. If successful, (*pz) is set to point to a buffer
 **   containing the text in utf-8 encoding, (*pn) is set to the size in bytes
 **   (not characters) of the buffer and SQLITE_OK is returned. Otherwise,
 **   if an error occurs, an SQLite error code is returned and the final values
@@ -13093,8 +13144,10 @@ struct Fts5PhraseIter {
 **   Returns the number of phrases in the current query expression.
 **
 ** xPhraseSize:
-**   Returns the number of tokens in phrase iPhrase of the query. Phrases
-**   are numbered starting from zero.
+**   If parameter iCol is less than zero, or greater than or equal to the
+**   number of phrases in the current query, as returned by xPhraseCount,
+**   0 is returned. Otherwise, this function returns the number of tokens in
+**   phrase iPhrase of the query. Phrases are numbered starting from zero.
 **
 ** xInstCount:
 **   Set *pnInst to the total number of occurrences of all phrases within
@@ -13110,12 +13163,13 @@ struct Fts5PhraseIter {
 **   Query for the details of phrase match iIdx within the current row.
 **   Phrase matches are numbered starting from zero, so the iIdx argument
 **   should be greater than or equal to zero and smaller than the value
-**   output by xInstCount().
+**   output by xInstCount(). If iIdx is less than zero or greater than
+**   or equal to the value returned by xInstCount(), SQLITE_RANGE is returned.
 **
-**   Usually, output parameter *piPhrase is set to the phrase number, *piCol
+**   Otherwise, output parameter *piPhrase is set to the phrase number, *piCol
 **   to the column in which it occurs and *piOff the token offset of the
-**   first token of the phrase. Returns SQLITE_OK if successful, or an error
-**   code (i.e. SQLITE_NOMEM) if an error occurs.
+**   first token of the phrase. SQLITE_OK is returned if successful, or an
+**   error code (i.e. SQLITE_NOMEM) if an error occurs.
 **
 **   This API can be quite slow if used with an FTS5 table created with the
 **   "detail=none" or "detail=column" option.
@@ -13141,6 +13195,10 @@ struct Fts5PhraseIter {
 **   Invoking Api.xUserData() returns a copy of the pointer passed as
 **   the third argument to pUserData.
 **
+**   If parameter iPhrase is less than zero, or greater than or equal to
+**   the number of phrases in the query, as returned by xPhraseCount(),
+**   this function returns SQLITE_RANGE.
+**
 **   If the callback function returns any value other than SQLITE_OK, the
 **   query is abandoned and the xQueryPhrase function returns immediately.
 **   If the returned value is SQLITE_DONE, xQueryPhrase returns SQLITE_OK.
@@ -13255,9 +13313,42 @@ struct Fts5PhraseIter {
 **
 ** xPhraseNextColumn()
 **   See xPhraseFirstColumn above.
+**
+** xQueryToken(pFts5, iPhrase, iToken, ppToken, pnToken)
+**   This is used to access token iToken of phrase iPhrase of the current
+**   query. Before returning, output parameter *ppToken is set to point
+**   to a buffer containing the requested token, and *pnToken to the
+**   size of this buffer in bytes.
+**
+**   If iPhrase or iToken are less than zero, or if iPhrase is greater than
+**   or equal to the number of phrases in the query as reported by
+**   xPhraseCount(), or if iToken is equal to or greater than the number of
+**   tokens in the phrase, SQLITE_RANGE is returned and *ppToken and *pnToken
+     are both zeroed.
+**
+**   The output text is not a copy of the query text that specified the
+**   token. It is the output of the tokenizer module. For tokendata=1
+**   tables, this includes any embedded 0x00 and trailing data.
+**
+** xInstToken(pFts5, iIdx, iToken, ppToken, pnToken)
+**   This is used to access token iToken of phrase hit iIdx within the
+**   current row. If iIdx is less than zero or greater than or equal to the
+**   value returned by xInstCount(), SQLITE_RANGE is returned.  Otherwise,
+**   output variable (*ppToken) is set to point to a buffer containing the
+**   matching document token, and (*pnToken) to the size of that buffer in
+**   bytes. This API is not available if the specified token matches a
+**   prefix query term. In that case both output variables are always set
+**   to 0.
+**
+**   The output text is not a copy of the document text that was tokenized.
+**   It is the output of the tokenizer module. For tokendata=1 tables, this
+**   includes any embedded 0x00 and trailing data.
+**
+**   This API can be quite slow if used with an FTS5 table created with the
+**   "detail=none" or "detail=column" option.
 */
 struct Fts5ExtensionApi {
-  int iVersion;                   /* Currently always set to 2 */
+  int iVersion;                   /* Currently always set to 3 */
 
   void *(*xUserData)(Fts5Context*);
 
@@ -13292,6 +13383,13 @@ struct Fts5ExtensionApi {
 
   int (*xPhraseFirstColumn)(Fts5Context*, int iPhrase, Fts5PhraseIter*, int*);
   void (*xPhraseNextColumn)(Fts5Context*, Fts5PhraseIter*, int *piCol);
+
+  /* Below this point are iVersion>=3 only */
+  int (*xQueryToken)(Fts5Context*,
+      int iPhrase, int iToken,
+      const char **ppToken, int *pnToken
+  );
+  int (*xInstToken)(Fts5Context*, int iIdx, int iToken, const char**, int*);
 };
 
 /*
@@ -13778,7 +13876,7 @@ struct fts5_api {
 ** max_page_count macro.
 */
 #ifndef SQLITE_MAX_PAGE_COUNT
-# define SQLITE_MAX_PAGE_COUNT 1073741823
+# define SQLITE_MAX_PAGE_COUNT 0xfffffffe /* 4294967294 */
 #endif
 
 /*
@@ -13917,6 +14015,19 @@ struct fts5_api {
 # undef SQLITE_USE_SEH
 #endif
 
+/*
+** Enable SQLITE_DIRECT_OVERFLOW_READ, unless the build explicitly
+** disables it using -DSQLITE_DIRECT_OVERFLOW_READ=0
+*/
+#if defined(SQLITE_DIRECT_OVERFLOW_READ) && SQLITE_DIRECT_OVERFLOW_READ+1==1
+  /* Disable if -DSQLITE_DIRECT_OVERFLOW_READ=0 */
+# undef SQLITE_DIRECT_OVERFLOW_READ
+#else
+  /* In all other cases, enable */
+# define SQLITE_DIRECT_OVERFLOW_READ 1
+#endif
+
+
 /*
 ** The SQLITE_THREADSAFE macro must be defined as 0, 1, or 2.
 ** 0 means mutexes are permanently disable and the library is never
@@ -15799,7 +15910,7 @@ SQLITE_PRIVATE sqlite3_file *sqlite3PagerJrnlFile(Pager*);
 SQLITE_PRIVATE const char *sqlite3PagerJournalname(Pager*);
 SQLITE_PRIVATE void *sqlite3PagerTempSpace(Pager*);
 SQLITE_PRIVATE int sqlite3PagerIsMemdb(Pager*);
-SQLITE_PRIVATE void sqlite3PagerCacheStat(Pager *, int, int, int *);
+SQLITE_PRIVATE void sqlite3PagerCacheStat(Pager *, int, int, u64*);
 SQLITE_PRIVATE void sqlite3PagerClearCache(Pager*);
 SQLITE_PRIVATE int sqlite3SectorSize(sqlite3_file *);
 
@@ -16386,6 +16497,7 @@ typedef struct VdbeOpList VdbeOpList;
 #define P4_INT64      (-13) /* P4 is a 64-bit signed integer */
 #define P4_INTARRAY   (-14) /* P4 is a vector of 32-bit integers */
 #define P4_FUNCCTX    (-15) /* P4 is a pointer to an sqlite3_context object */
+#define P4_TABLEREF   (-16) /* Like P4_TABLE, but reference counted */
 
 /* Error message codes for OP_Halt */
 #define P5_ConstraintNotNull 1
@@ -16608,13 +16720,15 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_Pagecount     178
 #define OP_MaxPgcnt      179
 #define OP_ClrSubtype    180 /* synopsis: r[P1].subtype = 0                */
-#define OP_FilterAdd     181 /* synopsis: filter(P1) += key(P3@P4)         */
-#define OP_Trace         182
-#define OP_CursorHint    183
-#define OP_ReleaseReg    184 /* synopsis: release r[P1@P2] mask P3         */
-#define OP_Noop          185
-#define OP_Explain       186
-#define OP_Abortable     187
+#define OP_GetSubtype    181 /* synopsis: r[P2] = r[P1].subtype            */
+#define OP_SetSubtype    182 /* synopsis: r[P2].subtype = r[P1]            */
+#define OP_FilterAdd     183 /* synopsis: filter(P1) += key(P3@P4)         */
+#define OP_Trace         184
+#define OP_CursorHint    185
+#define OP_ReleaseReg    186 /* synopsis: release r[P1@P2] mask P3         */
+#define OP_Noop          187
+#define OP_Explain       188
+#define OP_Abortable     189
 
 /* Properties such as "out2" or "jump" that are specified in
 ** comments following the "case" for each opcode in the vdbe.c
@@ -16650,8 +16764,8 @@ typedef struct VdbeOpList VdbeOpList;
 /* 152 */ 0x00, 0x10, 0x00, 0x00, 0x06, 0x10, 0x00, 0x04,\
 /* 160 */ 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\
 /* 168 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x10, 0x50,\
-/* 176 */ 0x40, 0x00, 0x10, 0x10, 0x02, 0x00, 0x00, 0x00,\
-/* 184 */ 0x00, 0x00, 0x00, 0x00,}
+/* 176 */ 0x40, 0x00, 0x10, 0x10, 0x02, 0x12, 0x12, 0x00,\
+/* 184 */ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,}
 
 /* The resolve3P2Values() routine is able to run faster if it knows
 ** the value of the largest JUMP opcode.  The smaller the maximum
@@ -17812,14 +17926,15 @@ struct FuncDestructor {
 #define SQLITE_FUNC_SLOCHNG  0x2000 /* "Slow Change". Value constant during a
                                     ** single query - might change over time */
 #define SQLITE_FUNC_TEST     0x4000 /* Built-in testing functions */
-/*                           0x8000 -- available for reuse */
+#define SQLITE_FUNC_RUNONLY  0x8000 /* Cannot be used by valueFromFunction */
 #define SQLITE_FUNC_WINDOW   0x00010000 /* Built-in window-only function */
 #define SQLITE_FUNC_INTERNAL 0x00040000 /* For use by NestedParse() only */
 #define SQLITE_FUNC_DIRECT   0x00080000 /* Not for use in TRIGGERs or VIEWs */
-#define SQLITE_FUNC_SUBTYPE  0x00100000 /* Result likely to have sub-type */
+/* SQLITE_SUBTYPE            0x00100000 // Consumer of subtypes */
 #define SQLITE_FUNC_UNSAFE   0x00200000 /* Function has side effects */
 #define SQLITE_FUNC_INLINE   0x00400000 /* Functions implemented in-line */
 #define SQLITE_FUNC_BUILTIN  0x00800000 /* This is a built-in function */
+/*  SQLITE_RESULT_SUBTYPE    0x01000000 // Generator of subtypes */
 #define SQLITE_FUNC_ANYORDER 0x08000000 /* count/min/max aggregate */
 
 /* Identifier numbers for each in-line function */
@@ -17911,10 +18026,11 @@ struct FuncDestructor {
 #define MFUNCTION(zName, nArg, xPtr, xFunc) \
   {nArg, SQLITE_FUNC_BUILTIN|SQLITE_FUNC_CONSTANT|SQLITE_UTF8, \
    xPtr, 0, xFunc, 0, 0, 0, #zName, {0} }
-#define JFUNCTION(zName, nArg, iArg, xFunc) \
-  {nArg, SQLITE_FUNC_BUILTIN|SQLITE_DETERMINISTIC|\
-   SQLITE_FUNC_CONSTANT|SQLITE_UTF8, \
-   SQLITE_INT_TO_PTR(iArg), 0, xFunc, 0, 0, 0, #zName, {0} }
+#define JFUNCTION(zName, nArg, bUseCache, bWS, bRS, bJsonB, iArg, xFunc) \
+  {nArg, SQLITE_FUNC_BUILTIN|SQLITE_DETERMINISTIC|SQLITE_FUNC_CONSTANT|\
+   SQLITE_UTF8|((bUseCache)*SQLITE_FUNC_RUNONLY)|\
+   ((bRS)*SQLITE_SUBTYPE)|((bWS)*SQLITE_RESULT_SUBTYPE), \
+   SQLITE_INT_TO_PTR(iArg|((bJsonB)*JSON_BLOB)),0,xFunc,0, 0, 0, #zName, {0} }
 #define INLINE_FUNC(zName, nArg, iArg, mFlags) \
   {nArg, SQLITE_FUNC_BUILTIN|\
    SQLITE_UTF8|SQLITE_FUNC_INLINE|SQLITE_FUNC_CONSTANT|(mFlags), \
@@ -18549,6 +18665,7 @@ struct Index {
   unsigned isCovering:1;   /* True if this is a covering index */
   unsigned noSkipScan:1;   /* Do not try to use skip-scan if true */
   unsigned hasStat1:1;     /* aiRowLogEst values come from sqlite_stat1 */
+  unsigned bLowQual:1;     /* sqlite_stat1 says this is a low-quality index */
   unsigned bNoQuery:1;     /* Do not use this index to optimize queries */
   unsigned bAscKeyBug:1;   /* True if the bba7b69f9849b5bf bug applies */
   unsigned bHasVCol:1;     /* Index references one or more VIRTUAL columns */
@@ -18662,6 +18779,7 @@ struct AggInfo {
     int iOBTab;              /* Ephemeral table to implement ORDER BY */
     u8 bOBPayload;           /* iOBTab has payload columns separate from key */
     u8 bOBUnique;            /* Enforce uniqueness on iOBTab keys */
+    u8 bUseSubtype;          /* Transfer subtype info through sorter */
   } *aFunc;
   int nFunc;              /* Number of entries in aFunc[] */
   u32 selId;              /* Select to which this AggInfo belongs */
@@ -19195,6 +19313,7 @@ struct NameContext {
   int nRef;            /* Number of names resolved by this context */
   int nNcErr;          /* Number of errors encountered while resolving names */
   int ncFlags;         /* Zero or more NC_* flags defined below */
+  u32 nNestedSelect;   /* Number of nested selects using this NC */
   Select *pWinSelect;  /* SELECT statement for any window functions */
 };
 
@@ -19911,6 +20030,9 @@ struct sqlite3_str {
 **
 **   3.  Make a (read-only) copy of a read-only RCStr string using
 **       sqlite3RCStrRef().
+**
+** "String" is in the name, but an RCStr object can also be used to hold
+** binary data.
 */
 struct RCStr {
   u64 nRCRef;            /* Number of references */
@@ -19969,6 +20091,9 @@ struct Sqlite3Config {
   u8 bSmallMalloc;                  /* Avoid large memory allocations if true */
   u8 bExtraSchemaChecks;            /* Verify type,name,tbl_name in schema */
   u8 bUseLongDouble;                /* Make use of long double */
+#ifdef SQLITE_DEBUG
+  u8 bJsonSelfcheck;                /* Double-check JSON parsing */
+#endif
   int mxStrlen;                     /* Maximum string length */
   int neverCorrupt;                 /* Database is always well-formed */
   int szLookaside;                  /* Default lookaside buffer size */
@@ -20595,6 +20720,7 @@ SQLITE_PRIVATE void sqlite3ExprOrderByAggregateError(Parse*,Expr*);
 SQLITE_PRIVATE void sqlite3ExprFunctionUsable(Parse*,const Expr*,const FuncDef*);
 SQLITE_PRIVATE void sqlite3ExprAssignVarNumber(Parse*, Expr*, u32);
 SQLITE_PRIVATE void sqlite3ExprDelete(sqlite3*, Expr*);
+SQLITE_PRIVATE void sqlite3ExprDeleteGeneric(sqlite3*,void*);
 SQLITE_PRIVATE void sqlite3ExprDeferredDelete(Parse*, Expr*);
 SQLITE_PRIVATE void sqlite3ExprUnmapAndDelete(Parse*, Expr*);
 SQLITE_PRIVATE ExprList *sqlite3ExprListAppend(Parse*,ExprList*,Expr*);
@@ -20604,6 +20730,7 @@ SQLITE_PRIVATE void sqlite3ExprListSetSortOrder(ExprList*,int,int);
 SQLITE_PRIVATE void sqlite3ExprListSetName(Parse*,ExprList*,const Token*,int);
 SQLITE_PRIVATE void sqlite3ExprListSetSpan(Parse*,ExprList*,const char*,const char*);
 SQLITE_PRIVATE void sqlite3ExprListDelete(sqlite3*, ExprList*);
+SQLITE_PRIVATE void sqlite3ExprListDeleteGeneric(sqlite3*,void*);
 SQLITE_PRIVATE u32 sqlite3ExprListFlags(const ExprList*);
 SQLITE_PRIVATE int sqlite3IndexHasDuplicateRootPage(Index*);
 SQLITE_PRIVATE int sqlite3Init(sqlite3*, char**);
@@ -20694,6 +20821,7 @@ SQLITE_PRIVATE   int sqlite3DbMaskAllZero(yDbMask);
 SQLITE_PRIVATE void sqlite3DropTable(Parse*, SrcList*, int, int);
 SQLITE_PRIVATE void sqlite3CodeDropTable(Parse*, Table*, int, int);
 SQLITE_PRIVATE void sqlite3DeleteTable(sqlite3*, Table*);
+SQLITE_PRIVATE void sqlite3DeleteTableGeneric(sqlite3*, void*);
 SQLITE_PRIVATE void sqlite3FreeIndex(sqlite3*, Index*);
 #ifndef SQLITE_OMIT_AUTOINCREMENT
 SQLITE_PRIVATE   void sqlite3AutoincrementBegin(Parse *pParse);
@@ -20730,6 +20858,7 @@ SQLITE_PRIVATE int sqlite3Select(Parse*, Select*, SelectDest*);
 SQLITE_PRIVATE Select *sqlite3SelectNew(Parse*,ExprList*,SrcList*,Expr*,ExprList*,
                          Expr*,ExprList*,u32,Expr*);
 SQLITE_PRIVATE void sqlite3SelectDelete(sqlite3*, Select*);
+SQLITE_PRIVATE void sqlite3SelectDeleteGeneric(sqlite3*,void*);
 SQLITE_PRIVATE Table *sqlite3SrcListLookup(Parse*, SrcList*);
 SQLITE_PRIVATE int sqlite3IsReadOnly(Parse*, Table*, Trigger*);
 SQLITE_PRIVATE void sqlite3OpenTable(Parse*, int iCur, int iDb, Table*, int);
@@ -20956,6 +21085,7 @@ SQLITE_PRIVATE int sqlite3Utf16ByteLen(const void *pData, int nChar);
 #endif
 SQLITE_PRIVATE int sqlite3Utf8CharLen(const char *pData, int nByte);
 SQLITE_PRIVATE u32 sqlite3Utf8Read(const u8**);
+SQLITE_PRIVATE int sqlite3Utf8ReadLimited(const u8*, int, u32*);
 SQLITE_PRIVATE LogEst sqlite3LogEst(u64);
 SQLITE_PRIVATE LogEst sqlite3LogEstAdd(LogEst,LogEst);
 SQLITE_PRIVATE LogEst sqlite3LogEstFromDouble(double);
@@ -21302,6 +21432,7 @@ SQLITE_PRIVATE   Cte *sqlite3CteNew(Parse*,Token*,ExprList*,Select*,u8);
 SQLITE_PRIVATE   void sqlite3CteDelete(sqlite3*,Cte*);
 SQLITE_PRIVATE   With *sqlite3WithAdd(Parse*,With*,Cte*);
 SQLITE_PRIVATE   void sqlite3WithDelete(sqlite3*,With*);
+SQLITE_PRIVATE   void sqlite3WithDeleteGeneric(sqlite3*,void*);
 SQLITE_PRIVATE   With *sqlite3WithPush(Parse*, With*, u8);
 #else
 # define sqlite3CteNew(P,T,E,S)   ((void*)0)
@@ -22679,6 +22810,9 @@ SQLITE_PRIVATE SQLITE_WSD struct Sqlite3Config sqlite3Config = {
    0,                         /* bSmallMalloc */
    1,                         /* bExtraSchemaChecks */
    sizeof(LONGDOUBLE_TYPE)>8, /* bUseLongDouble */
+#ifdef SQLITE_DEBUG
+   0,                         /* bJsonSelfcheck */
+#endif
    0x7ffffffe,                /* mxStrlen */
    0,                         /* neverCorrupt */
    SQLITE_DEFAULT_LOOKASIDE,  /* szLookaside, nLookaside */
@@ -23931,7 +24065,7 @@ SQLITE_API int sqlite3_db_status(
     case SQLITE_DBSTATUS_CACHE_MISS:
     case SQLITE_DBSTATUS_CACHE_WRITE:{
       int i;
-      int nRet = 0;
+      u64 nRet = 0;
       assert( SQLITE_DBSTATUS_CACHE_MISS==SQLITE_DBSTATUS_CACHE_HIT+1 );
       assert( SQLITE_DBSTATUS_CACHE_WRITE==SQLITE_DBSTATUS_CACHE_HIT+2 );
 
@@ -23944,7 +24078,7 @@ SQLITE_API int sqlite3_db_status(
       *pHighwater = 0; /* IMP: R-42420-56072 */
                        /* IMP: R-54100-20147 */
                        /* IMP: R-29431-39229 */
-      *pCurrent = nRet;
+      *pCurrent = (int)nRet & 0x7fffffff;
       break;
     }
 
@@ -25013,6 +25147,12 @@ static int isDate(
   }
   computeJD(p);
   if( p->isError || !validJulianDay(p->iJD) ) return 1;
+  if( argc==1 && p->validYMD && p->D>28 ){
+    /* Make sure a YYYY-MM-DD is normalized.
+    ** Example: 2023-02-31 -> 2023-03-03 */
+    assert( p->validJD );
+    p->validYMD = 0;
+  }
   return 0;
 }
 
@@ -29454,7 +29594,7 @@ SQLITE_PRIVATE void sqlite3MemoryBarrier(void){
   SQLITE_MEMORY_BARRIER;
 #elif defined(__GNUC__)
   __sync_synchronize();
-#elif MSVC_VERSION>=1300
+#elif MSVC_VERSION>=1400
   _ReadWriteBarrier();
 #elif defined(MemoryBarrier)
   MemoryBarrier();
@@ -32041,7 +32181,7 @@ SQLITE_API void sqlite3_str_appendf(StrAccum *p, const char *zFormat, ...){
 
 
 /*****************************************************************************
-** Reference counted string storage
+** Reference counted string/blob storage
 *****************************************************************************/
 
 /*
@@ -32893,7 +33033,7 @@ SQLITE_PRIVATE void sqlite3TreeViewExpr(TreeView *pView, const Expr *pExpr, u8 m
       assert( pExpr->x.pList->nExpr==2 );
       pY = pExpr->x.pList->a[0].pExpr;
       pZ = pExpr->x.pList->a[1].pExpr;
-      sqlite3TreeViewLine(pView, "BETWEEN");
+      sqlite3TreeViewLine(pView, "BETWEEN%s", zFlgs);
       sqlite3TreeViewExpr(pView, pX, 1);
       sqlite3TreeViewExpr(pView, pY, 1);
       sqlite3TreeViewExpr(pView, pZ, 0);
@@ -34028,7 +34168,38 @@ SQLITE_PRIVATE u32 sqlite3Utf8Read(
   return c;
 }
 
-
+/*
+** Read a single UTF8 character out of buffer z[], but reading no
+** more than n characters from the buffer.  z[] is not zero-terminated.
+**
+** Return the number of bytes used to construct the character.
+**
+** Invalid UTF8 might generate a strange result.  No effort is made
+** to detect invalid UTF8.
+**
+** At most 4 bytes will be read out of z[].  The return value will always
+** be between 1 and 4.
+*/
+SQLITE_PRIVATE int sqlite3Utf8ReadLimited(
+  const u8 *z,
+  int n,
+  u32 *piOut
+){
+  u32 c;
+  int i = 1;
+  assert( n>0 );
+  c = z[0];
+  if( c>=0xc0 ){
+    c = sqlite3Utf8Trans1[c-0xc0];
+    if( n>4 ) n = 4;
+    while( iiBusyTimeout;
+#if SQLITE_ENABLE_SETLK_TIMEOUT==1
       pFile->iBusyTimeout = *(int*)pArg;
+#elif SQLITE_ENABLE_SETLK_TIMEOUT==2
+      pFile->iBusyTimeout = !!(*(int*)pArg);
+#else
+# error "SQLITE_ENABLE_SETLK_TIMEOUT must be set to 1 or 2"
+#endif
       *(int*)pArg = iOld;
       return SQLITE_OK;
     }
@@ -42102,6 +42281,25 @@ static int unixGetpagesize(void){
 ** Either unixShmNode.pShmMutex must be held or unixShmNode.nRef==0 and
 ** unixMutexHeld() is true when reading or writing any other field
 ** in this structure.
+**
+** aLock[SQLITE_SHM_NLOCK]:
+**   This array records the various locks held by clients on each of the
+**   SQLITE_SHM_NLOCK slots. If the aLock[] entry is set to 0, then no
+**   locks are held by the process on this slot. If it is set to -1, then
+**   some client holds an EXCLUSIVE lock on the locking slot. If the aLock[]
+**   value is set to a positive value, then it is the number of shared
+**   locks currently held on the slot.
+**
+** aMutex[SQLITE_SHM_NLOCK]:
+**   Normally, when SQLITE_ENABLE_SETLK_TIMEOUT is not defined, mutex
+**   pShmMutex is used to protect the aLock[] array and the right to
+**   call fcntl() on unixShmNode.hShm to obtain or release locks.
+**
+**   If SQLITE_ENABLE_SETLK_TIMEOUT is defined though, we use an array
+**   of mutexes - one for each locking slot. To read or write locking
+**   slot aLock[iSlot], the caller must hold the corresponding mutex
+**   aMutex[iSlot]. Similarly, to call fcntl() to obtain or release a
+**   lock corresponding to slot iSlot, mutex aMutex[iSlot] must be held.
 */
 struct unixShmNode {
   unixInodeInfo *pInode;     /* unixInodeInfo that owns this SHM node */
@@ -42115,10 +42313,11 @@ struct unixShmNode {
   char **apRegion;           /* Array of mapped shared-memory regions */
   int nRef;                  /* Number of unixShm objects pointing to this */
   unixShm *pFirst;           /* All unixShm objects pointing to this */
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+  sqlite3_mutex *aMutex[SQLITE_SHM_NLOCK];
+#endif
   int aLock[SQLITE_SHM_NLOCK];  /* # shared locks on slot, -1==excl lock */
 #ifdef SQLITE_DEBUG
-  u8 exclMask;               /* Mask of exclusive locks held */
-  u8 sharedMask;             /* Mask of shared locks held */
   u8 nextShmId;              /* Next available unixShm.id value */
 #endif
 };
@@ -42201,16 +42400,35 @@ static int unixShmSystemLock(
   struct flock f;        /* The posix advisory locking structure */
   int rc = SQLITE_OK;    /* Result code form fcntl() */
 
-  /* Access to the unixShmNode object is serialized by the caller */
   pShmNode = pFile->pInode->pShmNode;
-  assert( pShmNode->nRef==0 || sqlite3_mutex_held(pShmNode->pShmMutex) );
-  assert( pShmNode->nRef>0 || unixMutexHeld() );
+
+  /* Assert that the parameters are within expected range and that the
+  ** correct mutex or mutexes are held. */
+  assert( pShmNode->nRef>=0 );
+  assert( (ofst==UNIX_SHM_DMS && n==1)
+       || (ofst>=UNIX_SHM_BASE && ofst+n<=(UNIX_SHM_BASE+SQLITE_SHM_NLOCK))
+  );
+  if( ofst==UNIX_SHM_DMS ){
+    assert( pShmNode->nRef>0 || unixMutexHeld() );
+    assert( pShmNode->nRef==0 || sqlite3_mutex_held(pShmNode->pShmMutex) );
+  }else{
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+    int ii;
+    for(ii=ofst-UNIX_SHM_BASE; iiaMutex[ii]) );
+    }
+#else
+    assert( sqlite3_mutex_held(pShmNode->pShmMutex) );
+    assert( pShmNode->nRef>0 );
+#endif
+  }
 
   /* Shared locks never span more than one byte */
   assert( n==1 || lockType!=F_RDLCK );
 
   /* Locks are within range */
   assert( n>=1 && n<=SQLITE_SHM_NLOCK );
+  assert( ofst>=UNIX_SHM_BASE && ofst<=(UNIX_SHM_DMS+SQLITE_SHM_NLOCK) );
 
   if( pShmNode->hShm>=0 ){
     int res;
@@ -42221,7 +42439,7 @@ static int unixShmSystemLock(
     f.l_len = n;
     res = osSetPosixAdvisoryLock(pShmNode->hShm, &f, pFile);
     if( res==-1 ){
-#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+#if defined(SQLITE_ENABLE_SETLK_TIMEOUT) && SQLITE_ENABLE_SETLK_TIMEOUT==1
       rc = (pFile->iBusyTimeout ? SQLITE_BUSY_TIMEOUT : SQLITE_BUSY);
 #else
       rc = SQLITE_BUSY;
@@ -42229,39 +42447,28 @@ static int unixShmSystemLock(
     }
   }
 
-  /* Update the global lock state and do debug tracing */
+  /* Do debug tracing */
 #ifdef SQLITE_DEBUG
-  { u16 mask;
   OSTRACE(("SHM-LOCK "));
-  mask = ofst>31 ? 0xffff : (1<<(ofst+n)) - (1<exclMask &= ~mask;
-      pShmNode->sharedMask &= ~mask;
+      OSTRACE(("unlock %d..%d ok\n", ofst, ofst+n-1));
     }else if( lockType==F_RDLCK ){
-      OSTRACE(("read-lock %d ok", ofst));
-      pShmNode->exclMask &= ~mask;
-      pShmNode->sharedMask |= mask;
+      OSTRACE(("read-lock %d..%d ok\n", ofst, ofst+n-1));
     }else{
       assert( lockType==F_WRLCK );
-      OSTRACE(("write-lock %d ok", ofst));
-      pShmNode->exclMask |= mask;
-      pShmNode->sharedMask &= ~mask;
+      OSTRACE(("write-lock %d..%d ok\n", ofst, ofst+n-1));
     }
   }else{
     if( lockType==F_UNLCK ){
-      OSTRACE(("unlock %d failed", ofst));
+      OSTRACE(("unlock %d..%d failed\n", ofst, ofst+n-1));
     }else if( lockType==F_RDLCK ){
-      OSTRACE(("read-lock failed"));
+      OSTRACE(("read-lock %d..%d failed\n", ofst, ofst+n-1));
     }else{
       assert( lockType==F_WRLCK );
-      OSTRACE(("write-lock %d failed", ofst));
+      OSTRACE(("write-lock %d..%d failed\n", ofst, ofst+n-1));
     }
   }
-  OSTRACE((" - afterwards %03x,%03x\n",
-           pShmNode->sharedMask, pShmNode->exclMask));
-  }
 #endif
 
   return rc;
@@ -42298,6 +42505,11 @@ static void unixShmPurge(unixFile *pFd){
     int i;
     assert( p->pInode==pFd->pInode );
     sqlite3_mutex_free(p->pShmMutex);
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+    for(i=0; iaMutex[i]);
+    }
+#endif
     for(i=0; inRegion; i+=nShmPerMap){
       if( p->hShm>=0 ){
         osMunmap(p->apRegion[i], p->szRegion);
@@ -42357,7 +42569,20 @@ static int unixLockSharedMemory(unixFile *pDbFd, unixShmNode *pShmNode){
       pShmNode->isUnlocked = 1;
       rc = SQLITE_READONLY_CANTINIT;
     }else{
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+      /* Do not use a blocking lock here. If the lock cannot be obtained
+      ** immediately, it means some other connection is truncating the
+      ** *-shm file. And after it has done so, it will not release its
+      ** lock, but only downgrade it to a shared lock. So no point in
+      ** blocking here. The call below to obtain the shared DMS lock may
+      ** use a blocking lock. */
+      int iSaveTimeout = pDbFd->iBusyTimeout;
+      pDbFd->iBusyTimeout = 0;
+#endif
       rc = unixShmSystemLock(pDbFd, F_WRLCK, UNIX_SHM_DMS, 1);
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+      pDbFd->iBusyTimeout = iSaveTimeout;
+#endif
       /* The first connection to attach must truncate the -shm file.  We
       ** truncate to 3 bytes (an arbitrary small number, less than the
       ** -shm header size) rather than 0 as a system debugging aid, to
@@ -42478,6 +42703,18 @@ static int unixOpenSharedMemory(unixFile *pDbFd){
         rc = SQLITE_NOMEM_BKPT;
         goto shm_open_err;
       }
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+      {
+        int ii;
+        for(ii=0; iiaMutex[ii] = sqlite3_mutex_alloc(SQLITE_MUTEX_FAST);
+          if( pShmNode->aMutex[ii]==0 ){
+            rc = SQLITE_NOMEM_BKPT;
+            goto shm_open_err;
+          }
+        }
+      }
+#endif
     }
 
     if( pInode->bProcessLock==0 ){
@@ -42699,9 +42936,11 @@ static int unixShmMap(
 */
 #ifdef SQLITE_DEBUG
 static int assertLockingArrayOk(unixShmNode *pShmNode){
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+  return 1;
+#else
   unixShm *pX;
   int aLock[SQLITE_SHM_NLOCK];
-  assert( sqlite3_mutex_held(pShmNode->pShmMutex) );
 
   memset(aLock, 0, sizeof(aLock));
   for(pX=pShmNode->pFirst; pX; pX=pX->pNext){
@@ -42719,13 +42958,14 @@ static int assertLockingArrayOk(unixShmNode *pShmNode){
 
   assert( 0==memcmp(pShmNode->aLock, aLock, sizeof(aLock)) );
   return (memcmp(pShmNode->aLock, aLock, sizeof(aLock))==0);
+#endif
 }
 #endif
 
 /*
 ** Change the lock state for a shared-memory segment.
 **
-** Note that the relationship between SHAREd and EXCLUSIVE locks is a little
+** Note that the relationship between SHARED and EXCLUSIVE locks is a little
 ** different here than in posix.  In xShmLock(), one can go from unlocked
 ** to shared and back or from unlocked to exclusive and back.  But one may
 ** not go from shared to exclusive or from exclusive to shared.
@@ -42740,7 +42980,7 @@ static int unixShmLock(
   unixShm *p;                           /* The shared memory being locked */
   unixShmNode *pShmNode;                /* The underlying file iNode */
   int rc = SQLITE_OK;                   /* Result code */
-  u16 mask;                             /* Mask of locks to take or release */
+  u16 mask = (1<<(ofst+n)) - (1<pShm;
@@ -42775,88 +43015,151 @@ static int unixShmLock(
   ** It is not permitted to block on the RECOVER lock.
   */
 #ifdef SQLITE_ENABLE_SETLK_TIMEOUT
-  assert( (flags & SQLITE_SHM_UNLOCK) || pDbFd->iBusyTimeout==0 || (
-         (ofst!=2)                                   /* not RECOVER */
-      && (ofst!=1 || (p->exclMask|p->sharedMask)==0)
-      && (ofst!=0 || (p->exclMask|p->sharedMask)<3)
-      && (ofst<3  || (p->exclMask|p->sharedMask)<(1<exclMask|p->sharedMask);
+    assert( (flags & SQLITE_SHM_UNLOCK) || pDbFd->iBusyTimeout==0 || (
+          (ofst!=2)                                   /* not RECOVER */
+       && (ofst!=1 || lockMask==0 || lockMask==2)
+       && (ofst!=0 || lockMask<3)
+       && (ofst<3  || lockMask<(1<1 || mask==(1<pShmMutex);
-  assert( assertLockingArrayOk(pShmNode) );
-  if( flags & SQLITE_SHM_UNLOCK ){
-    if( (p->exclMask|p->sharedMask) & mask ){
-      int ii;
-      int bUnlock = 1;
+  /* Check if there is any work to do. There are three cases:
+  **
+  **    a) An unlock operation where there are locks to unlock,
+  **    b) An shared lock where the requested lock is not already held
+  **    c) An exclusive lock where the requested lock is not already held
+  **
+  ** The SQLite core never requests an exclusive lock that it already holds.
+  ** This is assert()ed below.
+  */
+  assert( flags!=(SQLITE_SHM_EXCLUSIVE|SQLITE_SHM_LOCK)
+       || 0==(p->exclMask & mask)
+  );
+  if( ((flags & SQLITE_SHM_UNLOCK) && ((p->exclMask|p->sharedMask) & mask))
+   || (flags==(SQLITE_SHM_SHARED|SQLITE_SHM_LOCK) && 0==(p->sharedMask & mask))
+   || (flags==(SQLITE_SHM_EXCLUSIVE|SQLITE_SHM_LOCK))
+  ){
 
-      for(ii=ofst; ii((p->sharedMask & (1<aMutex[iMutex]);
+        if( rc!=SQLITE_OK ) goto leave_shmnode_mutexes;
+      }else{
+        sqlite3_mutex_enter(pShmNode->aMutex[iMutex]);
       }
+    }
+#else
+    sqlite3_mutex_enter(pShmNode->pShmMutex);
+#endif
 
-      if( bUnlock ){
-        rc = unixShmSystemLock(pDbFd, F_UNLCK, ofst+UNIX_SHM_BASE, n);
-        if( rc==SQLITE_OK ){
-          memset(&aLock[ofst], 0, sizeof(int)*n);
+    if( ALWAYS(rc==SQLITE_OK) ){
+      if( flags & SQLITE_SHM_UNLOCK ){
+        /* Case (a) - unlock.  */
+        int bUnlock = 1;
+        assert( (p->exclMask & p->sharedMask)==0 );
+        assert( !(flags & SQLITE_SHM_EXCLUSIVE) || (p->exclMask & mask)==mask );
+        assert( !(flags & SQLITE_SHM_SHARED) || (p->sharedMask & mask)==mask );
+
+        /* If this is a SHARED lock being unlocked, it is possible that other
+        ** clients within this process are holding the same SHARED lock. In
+        ** this case, set bUnlock to 0 so that the posix lock is not removed
+        ** from the file-descriptor below.  */
+        if( flags & SQLITE_SHM_SHARED ){
+          assert( n==1 );
+          assert( aLock[ofst]>=1 );
+          if( aLock[ofst]>1 ){
+            bUnlock = 0;
+            aLock[ofst]--;
+            p->sharedMask &= ~mask;
+          }
         }
-      }else if( ALWAYS(p->sharedMask & (1<1 );
-        aLock[ofst]--;
-      }
 
-      /* Undo the local locks */
-      if( rc==SQLITE_OK ){
-        p->exclMask &= ~mask;
-        p->sharedMask &= ~mask;
-      }
-    }
-  }else if( flags & SQLITE_SHM_SHARED ){
-    assert( n==1 );
-    assert( (p->exclMask & (1<sharedMask & mask)==0 ){
-      if( aLock[ofst]<0 ){
-        rc = SQLITE_BUSY;
-      }else if( aLock[ofst]==0 ){
-        rc = unixShmSystemLock(pDbFd, F_RDLCK, ofst+UNIX_SHM_BASE, n);
-      }
+        if( bUnlock ){
+          rc = unixShmSystemLock(pDbFd, F_UNLCK, ofst+UNIX_SHM_BASE, n);
+          if( rc==SQLITE_OK ){
+            memset(&aLock[ofst], 0, sizeof(int)*n);
+            p->sharedMask &= ~mask;
+            p->exclMask &= ~mask;
+          }
+        }
+      }else if( flags & SQLITE_SHM_SHARED ){
+        /* Case (b) - a shared lock.  */
 
-      /* Get the local shared locks */
-      if( rc==SQLITE_OK ){
-        p->sharedMask |= mask;
-        aLock[ofst]++;
-      }
-    }
-  }else{
-    /* Make sure no sibling connections hold locks that will block this
-    ** lock.  If any do, return SQLITE_BUSY right away.  */
-    int ii;
-    for(ii=ofst; iisharedMask & mask)==0 );
-      if( ALWAYS((p->exclMask & (1<sharedMask |= mask;
+          aLock[ofst]++;
+        }
+      }else{
+        /* Case (c) - an exclusive lock.  */
+        int ii;
+
+        assert( flags==(SQLITE_SHM_LOCK|SQLITE_SHM_EXCLUSIVE) );
         assert( (p->sharedMask & mask)==0 );
-        p->exclMask |= mask;
+        assert( (p->exclMask & mask)==0 );
+
+        /* Make sure no sibling connections hold locks that will block this
+        ** lock.  If any do, return SQLITE_BUSY right away.  */
         for(ii=ofst; iiexclMask |= mask;
+            for(ii=ofst; ii=ofst; iMutex--){
+      sqlite3_mutex_leave(pShmNode->aMutex[iMutex]);
     }
+#else
+    sqlite3_mutex_leave(pShmNode->pShmMutex);
+#endif
   }
-  assert( assertLockingArrayOk(pShmNode) );
-  sqlite3_mutex_leave(pShmNode->pShmMutex);
+
   OSTRACE(("SHM-LOCK shmid-%d, pid-%d got %03x,%03x\n",
            p->id, osGetpid(0), p->sharedMask, p->exclMask));
   return rc;
@@ -57074,7 +57377,7 @@ struct Pager {
   char *zJournal;             /* Name of the journal file */
   int (*xBusyHandler)(void*); /* Function to call when busy */
   void *pBusyHandlerArg;      /* Context argument for xBusyHandler */
-  int aStat[4];               /* Total cache hits, misses, writes, spills */
+  u32 aStat[4];               /* Total cache hits, misses, writes, spills */
 #ifdef SQLITE_TEST
   int nRead;                  /* Database pages read */
 #endif
@@ -57204,9 +57507,8 @@ SQLITE_PRIVATE int sqlite3PagerDirectReadOk(Pager *pPager, Pgno pgno){
 #ifndef SQLITE_OMIT_WAL
   if( pPager->pWal ){
     u32 iRead = 0;
-    int rc;
-    rc = sqlite3WalFindFrame(pPager->pWal, pgno, &iRead);
-    return (rc==SQLITE_OK && iRead==0);
+    (void)sqlite3WalFindFrame(pPager->pWal, pgno, &iRead);
+    return iRead==0;
   }
 #endif
   return 1;
@@ -61448,10 +61750,13 @@ SQLITE_PRIVATE int sqlite3PagerOpen(
 */
 SQLITE_API sqlite3_file *sqlite3_database_file_object(const char *zName){
   Pager *pPager;
+  const char *p;
   while( zName[-1]!=0 || zName[-2]!=0 || zName[-3]!=0 || zName[-4]!=0 ){
     zName--;
   }
-  pPager = *(Pager**)(zName - 4 - sizeof(Pager*));
+  p = zName - 4 - sizeof(Pager*);
+  assert( EIGHT_BYTE_ALIGNMENT(p) );
+  pPager = *(Pager**)p;
   return pPager->fd;
 }
 
@@ -63215,11 +63520,11 @@ SQLITE_PRIVATE int *sqlite3PagerStats(Pager *pPager){
   a[3] = pPager->eState==PAGER_OPEN ? -1 : (int) pPager->dbSize;
   a[4] = pPager->eState;
   a[5] = pPager->errCode;
-  a[6] = pPager->aStat[PAGER_STAT_HIT];
-  a[7] = pPager->aStat[PAGER_STAT_MISS];
+  a[6] = (int)pPager->aStat[PAGER_STAT_HIT] & 0x7fffffff;
+  a[7] = (int)pPager->aStat[PAGER_STAT_MISS] & 0x7fffffff;
   a[8] = 0;  /* Used to be pPager->nOvfl */
   a[9] = pPager->nRead;
-  a[10] = pPager->aStat[PAGER_STAT_WRITE];
+  a[10] = (int)pPager->aStat[PAGER_STAT_WRITE] & 0x7fffffff;
   return a;
 }
 #endif
@@ -63235,7 +63540,7 @@ SQLITE_PRIVATE int *sqlite3PagerStats(Pager *pPager){
 ** reset parameter is non-zero, the cache hit or miss count is zeroed before
 ** returning.
 */
-SQLITE_PRIVATE void sqlite3PagerCacheStat(Pager *pPager, int eStat, int reset, int *pnVal){
+SQLITE_PRIVATE void sqlite3PagerCacheStat(Pager *pPager, int eStat, int reset, u64 *pnVal){
 
   assert( eStat==SQLITE_DBSTATUS_CACHE_HIT
        || eStat==SQLITE_DBSTATUS_CACHE_MISS
@@ -64175,7 +64480,7 @@ SQLITE_PRIVATE int sqlite3PagerWalFramesize(Pager *pPager){
 }
 #endif
 
-#ifdef SQLITE_USE_SEH
+#if defined(SQLITE_USE_SEH) && !defined(SQLITE_OMIT_WAL)
 SQLITE_PRIVATE int sqlite3PagerWalSystemErrno(Pager *pPager){
   return sqlite3WalSystemErrno(pPager->pWal);
 }
@@ -66191,6 +66496,19 @@ static int walIteratorInit(Wal *pWal, u32 nBackfill, WalIterator **pp){
 }
 
 #ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+
+
+/*
+** Attempt to enable blocking locks that block for nMs ms. Return 1 if
+** blocking locks are successfully enabled, or 0 otherwise.
+*/
+static int walEnableBlockingMs(Wal *pWal, int nMs){
+  int rc = sqlite3OsFileControl(
+      pWal->pDbFd, SQLITE_FCNTL_LOCK_TIMEOUT, (void*)&nMs
+  );
+  return (rc==SQLITE_OK);
+}
+
 /*
 ** Attempt to enable blocking locks. Blocking locks are enabled only if (a)
 ** they are supported by the VFS, and (b) the database handle is configured
@@ -66202,11 +66520,7 @@ static int walEnableBlocking(Wal *pWal){
   if( pWal->db ){
     int tmout = pWal->db->busyTimeout;
     if( tmout ){
-      int rc;
-      rc = sqlite3OsFileControl(
-          pWal->pDbFd, SQLITE_FCNTL_LOCK_TIMEOUT, (void*)&tmout
-      );
-      res = (rc==SQLITE_OK);
+      res = walEnableBlockingMs(pWal, tmout);
     }
   }
   return res;
@@ -66255,20 +66569,10 @@ SQLITE_PRIVATE void sqlite3WalDb(Wal *pWal, sqlite3 *db){
   pWal->db = db;
 }
 
-/*
-** Take an exclusive WRITE lock. Blocking if so configured.
-*/
-static int walLockWriter(Wal *pWal){
-  int rc;
-  walEnableBlocking(pWal);
-  rc = walLockExclusive(pWal, WAL_WRITE_LOCK, 1);
-  walDisableBlocking(pWal);
-  return rc;
-}
 #else
 # define walEnableBlocking(x) 0
 # define walDisableBlocking(x)
-# define walLockWriter(pWal) walLockExclusive((pWal), WAL_WRITE_LOCK, 1)
+# define walEnableBlockingMs(pWal, ms) 0
 # define sqlite3WalDb(pWal, db)
 #endif   /* ifdef SQLITE_ENABLE_SETLK_TIMEOUT */
 
@@ -66869,7 +67173,9 @@ static int walIndexReadHdr(Wal *pWal, int *pChanged){
       }
     }else{
       int bWriteLock = pWal->writeLock;
-      if( bWriteLock || SQLITE_OK==(rc = walLockWriter(pWal)) ){
+      if( bWriteLock
+       || SQLITE_OK==(rc = walLockExclusive(pWal, WAL_WRITE_LOCK, 1))
+      ){
         pWal->writeLock = 1;
         if( SQLITE_OK==(rc = walIndexPage(pWal, 0, &page0)) ){
           badHdr = walIndexTryHdr(pWal, pChanged);
@@ -66877,7 +67183,8 @@ static int walIndexReadHdr(Wal *pWal, int *pChanged){
             /* If the wal-index header is still malformed even while holding
             ** a WRITE lock, it can only mean that the header is corrupted and
             ** needs to be reconstructed.  So run recovery to do exactly that.
-            */
+            ** Disable blocking locks first.  */
+            walDisableBlocking(pWal);
             rc = walIndexRecover(pWal);
             *pChanged = 1;
           }
@@ -67087,6 +67394,37 @@ static int walBeginShmUnreliable(Wal *pWal, int *pChanged){
   return rc;
 }
 
+/*
+** The final argument passed to walTryBeginRead() is of type (int*). The
+** caller should invoke walTryBeginRead as follows:
+**
+**   int cnt = 0;
+**   do {
+**     rc = walTryBeginRead(..., &cnt);
+**   }while( rc==WAL_RETRY );
+**
+** The final value of "cnt" is of no use to the caller. It is used by
+** the implementation of walTryBeginRead() as follows:
+**
+**   + Each time walTryBeginRead() is called, it is incremented. Once
+**     it reaches WAL_RETRY_PROTOCOL_LIMIT - indicating that walTryBeginRead()
+**     has many times been invoked and failed with WAL_RETRY - walTryBeginRead()
+**     returns SQLITE_PROTOCOL.
+**
+**   + If SQLITE_ENABLE_SETLK_TIMEOUT is defined and walTryBeginRead() failed
+**     because a blocking lock timed out (SQLITE_BUSY_TIMEOUT from the OS
+**     layer), the WAL_RETRY_BLOCKED_MASK bit is set in "cnt". In this case
+**     the next invocation of walTryBeginRead() may omit an expected call to
+**     sqlite3OsSleep(). There has already been a delay when the previous call
+**     waited on a lock.
+*/
+#define WAL_RETRY_PROTOCOL_LIMIT 100
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+# define WAL_RETRY_BLOCKED_MASK    0x10000000
+#else
+# define WAL_RETRY_BLOCKED_MASK    0
+#endif
+
 /*
 ** Attempt to start a read transaction.  This might fail due to a race or
 ** other transient condition.  When that happens, it returns WAL_RETRY to
@@ -67137,13 +67475,16 @@ static int walBeginShmUnreliable(Wal *pWal, int *pChanged){
 ** so it takes care to hold an exclusive lock on the corresponding
 ** WAL_READ_LOCK() while changing values.
 */
-static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int cnt){
+static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int *pCnt){
   volatile WalCkptInfo *pInfo;    /* Checkpoint information in wal-index */
   u32 mxReadMark;                 /* Largest aReadMark[] value */
   int mxI;                        /* Index of largest aReadMark[] value */
   int i;                          /* Loop counter */
   int rc = SQLITE_OK;             /* Return code  */
   u32 mxFrame;                    /* Wal frame to lock to */
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+  int nBlockTmout = 0;
+#endif
 
   assert( pWal->readLock<0 );     /* Not currently locked */
 
@@ -67167,14 +67508,34 @@ static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int cnt){
   ** so that on the 100th (and last) RETRY we delay for 323 milliseconds.
   ** The total delay time before giving up is less than 10 seconds.
   */
-  if( cnt>5 ){
+  (*pCnt)++;
+  if( *pCnt>5 ){
     int nDelay = 1;                      /* Pause time in microseconds */
-    if( cnt>100 ){
+    int cnt = (*pCnt & ~WAL_RETRY_BLOCKED_MASK);
+    if( cnt>WAL_RETRY_PROTOCOL_LIMIT ){
       VVA_ONLY( pWal->lockError = 1; )
       return SQLITE_PROTOCOL;
     }
-    if( cnt>=10 ) nDelay = (cnt-9)*(cnt-9)*39;
+    if( *pCnt>=10 ) nDelay = (cnt-9)*(cnt-9)*39;
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+    /* In SQLITE_ENABLE_SETLK_TIMEOUT builds, configure the file-descriptor
+    ** to block for locks for approximately nDelay us. This affects three
+    ** locks: (a) the shared lock taken on the DMS slot in os_unix.c (if
+    ** using os_unix.c), (b) the WRITER lock taken in walIndexReadHdr() if the
+    ** first attempted read fails, and (c) the shared lock taken on the
+    ** read-mark.
+    **
+    ** If the previous call failed due to an SQLITE_BUSY_TIMEOUT error,
+    ** then sleep for the minimum of 1us. The previous call already provided
+    ** an extra delay while it was blocking on the lock.
+    */
+    nBlockTmout = (nDelay+998) / 1000;
+    if( !useWal && walEnableBlockingMs(pWal, nBlockTmout) ){
+      if( *pCnt & WAL_RETRY_BLOCKED_MASK ) nDelay = 1;
+    }
+#endif
     sqlite3OsSleep(pWal->pVfs, nDelay);
+    *pCnt &= ~WAL_RETRY_BLOCKED_MASK;
   }
 
   if( !useWal ){
@@ -67182,6 +67543,13 @@ static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int cnt){
     if( pWal->bShmUnreliable==0 ){
       rc = walIndexReadHdr(pWal, pChanged);
     }
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+    walDisableBlocking(pWal);
+    if( rc==SQLITE_BUSY_TIMEOUT ){
+      rc = SQLITE_BUSY;
+      *pCnt |= WAL_RETRY_BLOCKED_MASK;
+    }
+#endif
     if( rc==SQLITE_BUSY ){
       /* If there is not a recovery running in another thread or process
       ** then convert BUSY errors to WAL_RETRY.  If recovery is known to
@@ -67296,9 +67664,19 @@ static int walTryBeginRead(Wal *pWal, int *pChanged, int useWal, int cnt){
     return rc==SQLITE_BUSY ? WAL_RETRY : SQLITE_READONLY_CANTINIT;
   }
 
+  (void)walEnableBlockingMs(pWal, nBlockTmout);
   rc = walLockShared(pWal, WAL_READ_LOCK(mxI));
+  walDisableBlocking(pWal);
   if( rc ){
-    return rc==SQLITE_BUSY ? WAL_RETRY : rc;
+#ifdef SQLITE_ENABLE_SETLK_TIMEOUT
+    if( rc==SQLITE_BUSY_TIMEOUT ){
+      *pCnt |= WAL_RETRY_BLOCKED_MASK;
+    }
+#else
+    assert( rc!=SQLITE_BUSY_TIMEOUT );
+#endif
+    assert( (rc&0xFF)!=SQLITE_BUSY||rc==SQLITE_BUSY||rc==SQLITE_BUSY_TIMEOUT );
+    return (rc&0xFF)==SQLITE_BUSY ? WAL_RETRY : rc;
   }
   /* Now that the read-lock has been obtained, check that neither the
   ** value in the aReadMark[] array or the contents of the wal-index
@@ -67486,7 +67864,7 @@ static int walBeginReadTransaction(Wal *pWal, int *pChanged){
 #endif
 
   do{
-    rc = walTryBeginRead(pWal, pChanged, 0, ++cnt);
+    rc = walTryBeginRead(pWal, pChanged, 0, &cnt);
   }while( rc==WAL_RETRY );
   testcase( (rc&0xff)==SQLITE_BUSY );
   testcase( (rc&0xff)==SQLITE_IOERR );
@@ -67667,6 +68045,7 @@ static int walFindFrame(
         iRead = iFrame;
       }
       if( (nCollide--)==0 ){
+        *piRead = 0;
         return SQLITE_CORRUPT_BKPT;
       }
       iKey = walNextHash(iKey);
@@ -67970,7 +68349,7 @@ static int walRestartLog(Wal *pWal){
     cnt = 0;
     do{
       int notUsed;
-      rc = walTryBeginRead(pWal, ¬Used, 1, ++cnt);
+      rc = walTryBeginRead(pWal, ¬Used, 1, &cnt);
     }while( rc==WAL_RETRY );
     assert( (rc&0xff)!=SQLITE_BUSY ); /* BUSY not possible when useWal==1 */
     testcase( (rc&0xff)==SQLITE_IOERR );
@@ -68391,10 +68770,9 @@ SQLITE_PRIVATE int sqlite3WalCheckpoint(
   if( pWal->readOnly ) return SQLITE_READONLY;
   WALTRACE(("WAL%p: checkpoint begins\n", pWal));
 
-  /* Enable blocking locks, if possible. If blocking locks are successfully
-  ** enabled, set xBusy2=0 so that the busy-handler is never invoked. */
+  /* Enable blocking locks, if possible. */
   sqlite3WalDb(pWal, db);
-  (void)walEnableBlocking(pWal);
+  if( xBusy2 ) (void)walEnableBlocking(pWal);
 
   /* IMPLEMENTATION-OF: R-62028-47212 All calls obtain an exclusive
   ** "checkpoint" lock on the database file.
@@ -68435,9 +68813,14 @@ SQLITE_PRIVATE int sqlite3WalCheckpoint(
   /* Read the wal-index header. */
   SEH_TRY {
     if( rc==SQLITE_OK ){
+      /* For a passive checkpoint, do not re-enable blocking locks after
+      ** reading the wal-index header. A passive checkpoint should not block
+      ** or invoke the busy handler. The only lock such a checkpoint may
+      ** attempt to obtain is a lock on a read-slot, and it should give up
+      ** immediately and do a partial checkpoint if it cannot obtain it. */
       walDisableBlocking(pWal);
       rc = walIndexReadHdr(pWal, &isChanged);
-      (void)walEnableBlocking(pWal);
+      if( eMode2!=SQLITE_CHECKPOINT_PASSIVE ) (void)walEnableBlocking(pWal);
       if( isChanged && pWal->pDbFd->pMethods->iVersion>=3 ){
         sqlite3OsUnfetch(pWal->pDbFd, 0, 0);
       }
@@ -68774,7 +69157,7 @@ SQLITE_PRIVATE sqlite3_file *sqlite3WalFile(Wal *pWal){
 **     22       1     Min embedded payload fraction (must be 32)
 **     23       1     Min leaf payload fraction (must be 32)
 **     24       4     File change counter
-**     28       4     Reserved for future use
+**     28       4     The size of the database in pages
 **     32       4     First freelist page
 **     36       4     Number of freelist pages in the file
 **     40      60     15 4-byte meta values passed to higher layers
@@ -74901,7 +75284,6 @@ static int accessPayload(
           assert( aWrite>=pBufStart );                         /* due to (6) */
           memcpy(aSave, aWrite, 4);
           rc = sqlite3OsRead(fd, aWrite, a+4, (i64)pBt->pageSize*(nextPage-1));
-          if( rc && nextPage>pBt->nPage ) rc = SQLITE_CORRUPT_BKPT;
           nextPage = get4byte(aWrite);
           memcpy(aWrite, aSave, 4);
         }else
@@ -83412,7 +83794,7 @@ static int valueFromFunction(
 #endif
   assert( pFunc );
   if( (pFunc->funcFlags & (SQLITE_FUNC_CONSTANT|SQLITE_FUNC_SLOCHNG))==0
-   || (pFunc->funcFlags & SQLITE_FUNC_NEEDCOLL)
+   || (pFunc->funcFlags & (SQLITE_FUNC_NEEDCOLL|SQLITE_FUNC_RUNONLY))!=0
   ){
     return SQLITE_OK;
   }
@@ -84136,10 +84518,11 @@ static int growOpArray(Vdbe *v, int nOp){
 **   sqlite3CantopenError(lineno)
 */
 static void test_addop_breakpoint(int pc, Op *pOp){
-  static int n = 0;
+  static u64 n = 0;
   (void)pc;
   (void)pOp;
   n++;
+  if( n==LARGEST_UINT64 ) abort(); /* so that n is used, preventing a warning */
 }
 #endif
 
@@ -85324,6 +85707,10 @@ static void freeP4(sqlite3 *db, int p4type, void *p4){
       if( db->pnBytesFreed==0 ) sqlite3VtabUnlock((VTable *)p4);
       break;
     }
+    case P4_TABLEREF: {
+      if( db->pnBytesFreed==0 ) sqlite3DeleteTable(db, (Table*)p4);
+      break;
+    }
   }
 }
 
@@ -85451,7 +85838,7 @@ static void SQLITE_NOINLINE vdbeChangeP4Full(
   int n
 ){
   if( pOp->p4type ){
-    freeP4(p->db, pOp->p4type, pOp->p4.p);
+    assert( pOp->p4type > P4_FREE_IF_LE );
     pOp->p4type = 0;
     pOp->p4.p = 0;
   }
@@ -89574,7 +89961,15 @@ SQLITE_API int sqlite3_clear_bindings(sqlite3_stmt *pStmt){
   int rc = SQLITE_OK;
   Vdbe *p = (Vdbe*)pStmt;
 #if SQLITE_THREADSAFE
-  sqlite3_mutex *mutex = ((Vdbe*)pStmt)->db->mutex;
+  sqlite3_mutex *mutex;
+#endif
+#ifdef SQLITE_ENABLE_API_ARMOR
+  if( pStmt==0 ){
+    return SQLITE_MISUSE_BKPT;
+  }
+#endif
+#if SQLITE_THREADSAFE
+  mutex = p->db->mutex;
 #endif
   sqlite3_mutex_enter(mutex);
   for(i=0; inVar; i++){
@@ -89953,6 +90348,18 @@ SQLITE_API void sqlite3_result_subtype(sqlite3_context *pCtx, unsigned int eSubt
 #ifdef SQLITE_ENABLE_API_ARMOR
   if( pCtx==0 ) return;
 #endif
+#if defined(SQLITE_STRICT_SUBTYPE) && SQLITE_STRICT_SUBTYPE+0!=0
+  if( pCtx->pFunc!=0
+   && (pCtx->pFunc->funcFlags & SQLITE_RESULT_SUBTYPE)==0
+  ){
+    char zErr[200];
+    sqlite3_snprintf(sizeof(zErr), zErr,
+                     "misuse of sqlite3_result_subtype() by %s()",
+                     pCtx->pFunc->zName);
+    sqlite3_result_error(pCtx, zErr, -1);
+    return;
+  }
+#endif /* SQLITE_STRICT_SUBTYPE */
   pOut = pCtx->pOut;
   assert( sqlite3_mutex_held(pOut->db->mutex) );
   pOut->eSubtype = eSubtype & 0xff;
@@ -90352,9 +90759,8 @@ SQLITE_API int sqlite3_step(sqlite3_stmt *pStmt){
 SQLITE_API void *sqlite3_user_data(sqlite3_context *p){
 #ifdef SQLITE_ENABLE_API_ARMOR
   if( p==0 ) return 0;
-#else
-  assert( p && p->pFunc );
 #endif
+  assert( p && p->pFunc );
   return p->pFunc->pUserData;
 }
 
@@ -92271,11 +92677,12 @@ SQLITE_API int sqlite3_found_count = 0;
 **   sqlite3CantopenError(lineno)
 */
 static void test_trace_breakpoint(int pc, Op *pOp, Vdbe *v){
-  static int n = 0;
+  static u64 n = 0;
   (void)pc;
   (void)pOp;
   (void)v;
   n++;
+  if( n==LARGEST_UINT64 ) abort(); /* So that n is used, preventing a warning */
 }
 #endif
 
@@ -94172,7 +94579,7 @@ case OP_AddImm: {            /* in1 */
   pIn1 = &aMem[pOp->p1];
   memAboutToChange(p, pIn1);
   sqlite3VdbeMemIntegerify(pIn1);
-  pIn1->u.i += pOp->p2;
+  *(u64*)&pIn1->u.i += (u64)pOp->p2;
   break;
 }
 
@@ -100318,24 +100725,23 @@ case OP_VCheck: {             /* out2 */
 
   pOut = &aMem[pOp->p2];
   sqlite3VdbeMemSetNull(pOut);  /* Innocent until proven guilty */
-  assert( pOp->p4type==P4_TABLE );
+  assert( pOp->p4type==P4_TABLEREF );
   pTab = pOp->p4.pTab;
   assert( pTab!=0 );
+  assert( pTab->nTabRef>0 );
   assert( IsVirtual(pTab) );
-  assert( pTab->u.vtab.p!=0 );
+  if( pTab->u.vtab.p==0 ) break;
   pVtab = pTab->u.vtab.p->pVtab;
   assert( pVtab!=0 );
   pModule = pVtab->pModule;
   assert( pModule!=0 );
   assert( pModule->iVersion>=4 );
   assert( pModule->xIntegrity!=0 );
-  pTab->nTabRef++;
   sqlite3VtabLock(pTab->u.vtab.p);
   assert( pOp->p1>=0 && pOp->p1nDb );
   rc = pModule->xIntegrity(pVtab, db->aDb[pOp->p1].zDbSName, pTab->zName,
                            pOp->p3, &zErr);
   sqlite3VtabUnlock(pTab->u.vtab.p);
-  sqlite3DeleteTable(db, pTab);
   if( rc ){
     sqlite3_free(zErr);
     goto abort_due_to_error;
@@ -100460,6 +100866,7 @@ case OP_VColumn: {           /* ncycle */
   const sqlite3_module *pModule;
   Mem *pDest;
   sqlite3_context sContext;
+  FuncDef nullFunc;
 
   VdbeCursor *pCur = p->apCsr[pOp->p1];
   assert( pCur!=0 );
@@ -100477,6 +100884,9 @@ case OP_VColumn: {           /* ncycle */
   memset(&sContext, 0, sizeof(sContext));
   sContext.pOut = pDest;
   sContext.enc = encoding;
+  nullFunc.pUserData = 0;
+  nullFunc.funcFlags = SQLITE_RESULT_SUBTYPE;
+  sContext.pFunc = &nullFunc;
   assert( pOp->p5==OPFLAG_NOCHNG || pOp->p5==0 );
   if( pOp->p5 & OPFLAG_NOCHNG ){
     sqlite3VdbeMemSetNull(pDest);
@@ -100809,6 +101219,42 @@ case OP_ClrSubtype: {   /* in1 */
   break;
 }
 
+/* Opcode: GetSubtype P1 P2 * * *
+** Synopsis:  r[P2] = r[P1].subtype
+**
+** Extract the subtype value from register P1 and write that subtype
+** into register P2.  If P1 has no subtype, then P1 gets a NULL.
+*/
+case OP_GetSubtype: {   /* in1 out2 */
+  pIn1 = &aMem[pOp->p1];
+  pOut = &aMem[pOp->p2];
+  if( pIn1->flags & MEM_Subtype ){
+    sqlite3VdbeMemSetInt64(pOut, pIn1->eSubtype);
+  }else{
+    sqlite3VdbeMemSetNull(pOut);
+  }
+  break;
+}
+
+/* Opcode: SetSubtype P1 P2 * * *
+** Synopsis:  r[P2].subtype = r[P1]
+**
+** Set the subtype value of register P2 to the integer from register P1.
+** If P1 is NULL, clear the subtype from p2.
+*/
+case OP_SetSubtype: {   /* in1 out2 */
+  pIn1 = &aMem[pOp->p1];
+  pOut = &aMem[pOp->p2];
+  if( pIn1->flags & MEM_Null ){
+    pOut->flags &= ~MEM_Subtype;
+  }else{
+    assert( pIn1->flags & MEM_Int );
+    pOut->flags |= MEM_Subtype;
+    pOut->eSubtype = (u8)(pIn1->u.i & 0xff);
+  }
+  break;
+}
+
 /* Opcode: FilterAdd P1 * P3 P4 *
 ** Synopsis: filter(P1) += key(P3@P4)
 **
@@ -105857,6 +106303,7 @@ SQLITE_PRIVATE Bitmask sqlite3ExprColUsed(Expr *pExpr){
   assert( ExprUseYTab(pExpr) );
   pExTab = pExpr->y.pTab;
   assert( pExTab!=0 );
+  assert( n < pExTab->nCol );
   if( (pExTab->tabFlags & TF_HasGenerated)!=0
    && (pExTab->aCol[n].colFlags & COLFLAG_GENERATED)!=0
   ){
@@ -106433,6 +106880,7 @@ static int lookupName(
     sqlite3RecordErrorOffsetOfExpr(pParse->db, pExpr);
     pParse->checkSchema = 1;
     pTopNC->nNcErr++;
+    eNewExprOp = TK_NULL;
   }
   assert( pFJMatch==0 );
 
@@ -106459,7 +106907,7 @@ static int lookupName(
   ** If a generated column is referenced, set bits for every column
   ** of the table.
   */
-  if( pExpr->iColumn>=0 && pMatch!=0 ){
+  if( pExpr->iColumn>=0 && cnt==1 && pMatch!=0 ){
     pMatch->colUsed |= sqlite3ExprColUsed(pExpr);
   }
 
@@ -106924,11 +107372,12 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
           while( pNC2
               && sqlite3ReferencesSrcList(pParse, pExpr, pNC2->pSrcList)==0
           ){
-            pExpr->op2++;
+            pExpr->op2 += (1 + pNC2->nNestedSelect);
             pNC2 = pNC2->pNext;
           }
           assert( pDef!=0 || IN_RENAME_OBJECT );
           if( pNC2 && pDef ){
+            pExpr->op2 += pNC2->nNestedSelect;
             assert( SQLITE_FUNC_MINMAX==NC_MinMaxAgg );
             assert( SQLITE_FUNC_ANYORDER==NC_OrderAgg );
             testcase( (pDef->funcFlags & SQLITE_FUNC_MINMAX)!=0 );
@@ -107487,6 +107936,7 @@ static int resolveSelectStep(Walker *pWalker, Select *p){
 
     /* Recursively resolve names in all subqueries in the FROM clause
     */
+    if( pOuterNC ) pOuterNC->nNestedSelect++;
     for(i=0; ipSrc->nSrc; i++){
       SrcItem *pItem = &p->pSrc->a[i];
       if( pItem->pSelect && (pItem->pSelect->selFlags & SF_Resolved)==0 ){
@@ -107511,6 +107961,9 @@ static int resolveSelectStep(Walker *pWalker, Select *p){
         }
       }
     }
+    if( pOuterNC && ALWAYS(pOuterNC->nNestedSelect>0) ){
+      pOuterNC->nNestedSelect--;
+    }
 
     /* Set up the local name-context to pass to sqlite3ResolveExprNames() to
     ** resolve the result-set expression list.
@@ -109098,9 +109551,7 @@ SQLITE_PRIVATE void sqlite3ExprAddFunctionOrderBy(
   assert( ExprUseXList(pExpr) );
   if( pExpr->x.pList==0 || NEVER(pExpr->x.pList->nExpr==0) ){
     /* Ignore ORDER BY on zero-argument aggregates */
-    sqlite3ParserAddCleanup(pParse,
-        (void(*)(sqlite3*,void*))sqlite3ExprListDelete,
-        pOrderBy);
+    sqlite3ParserAddCleanup(pParse, sqlite3ExprListDeleteGeneric, pOrderBy);
     return;
   }
   if( IsWindowFunc(pExpr) ){
@@ -109281,6 +109732,9 @@ static SQLITE_NOINLINE void sqlite3ExprDeleteNN(sqlite3 *db, Expr *p){
 SQLITE_PRIVATE void sqlite3ExprDelete(sqlite3 *db, Expr *p){
   if( p ) sqlite3ExprDeleteNN(db, p);
 }
+SQLITE_PRIVATE void sqlite3ExprDeleteGeneric(sqlite3 *db, void *p){
+  if( ALWAYS(p) ) sqlite3ExprDeleteNN(db, (Expr*)p);
+}
 
 /*
 ** Clear both elements of an OnOrUsing object
@@ -109306,9 +109760,7 @@ SQLITE_PRIVATE void sqlite3ClearOnOrUsing(sqlite3 *db, OnOrUsing *p){
 ** pExpr to the pParse->pConstExpr list with a register number of 0.
 */
 SQLITE_PRIVATE void sqlite3ExprDeferredDelete(Parse *pParse, Expr *pExpr){
-  sqlite3ParserAddCleanup(pParse,
-    (void(*)(sqlite3*,void*))sqlite3ExprDelete,
-    pExpr);
+  sqlite3ParserAddCleanup(pParse, sqlite3ExprDeleteGeneric, pExpr);
 }
 
 /* Invoke sqlite3RenameExprUnmap() and sqlite3ExprDelete() on the
@@ -110114,6 +110566,9 @@ static SQLITE_NOINLINE void exprListDeleteNN(sqlite3 *db, ExprList *pList){
 SQLITE_PRIVATE void sqlite3ExprListDelete(sqlite3 *db, ExprList *pList){
   if( pList ) exprListDeleteNN(db, pList);
 }
+SQLITE_PRIVATE void sqlite3ExprListDeleteGeneric(sqlite3 *db, void *pList){
+  if( ALWAYS(pList) ) exprListDeleteNN(db, (ExprList*)pList);
+}
 
 /*
 ** Return the bitwise-OR of all Expr.flags fields in the given
@@ -110613,9 +111068,10 @@ SQLITE_PRIVATE int sqlite3ExprCanBeNull(const Expr *p){
     case TK_COLUMN:
       assert( ExprUseYTab(p) );
       return ExprHasProperty(p, EP_CanBeNull) ||
-             p->y.pTab==0 ||  /* Reference to column of index on expression */
+             NEVER(p->y.pTab==0) ||  /* Reference to column of index on expr */
              (p->iColumn>=0
               && p->y.pTab->aCol!=0 /* Possible due to prior error */
+              && ALWAYS(p->iColumny.pTab->nCol)
               && p->y.pTab->aCol[p->iColumn].notNull==0);
     default:
       return 1;
@@ -113197,8 +113653,10 @@ SQLITE_PRIVATE void sqlite3ExprCode(Parse *pParse, Expr *pExpr, int target){
   inReg = sqlite3ExprCodeTarget(pParse, pExpr, target);
   if( inReg!=target ){
     u8 op;
-    if( ALWAYS(pExpr)
-     && (ExprHasProperty(pExpr,EP_Subquery) || pExpr->op==TK_REGISTER)
+    Expr *pX = sqlite3ExprSkipCollateAndLikely(pExpr);
+    testcase( pX!=pExpr );
+    if( ALWAYS(pX)
+     && (ExprHasProperty(pX,EP_Subquery) || pX->op==TK_REGISTER)
     ){
       op = OP_Copy;
     }else{
@@ -113918,8 +114376,8 @@ SQLITE_PRIVATE int sqlite3ExprListCompare(const ExprList *pA, const ExprList *pB
 */
 SQLITE_PRIVATE int sqlite3ExprCompareSkip(Expr *pA,Expr *pB, int iTab){
   return sqlite3ExprCompare(0,
-             sqlite3ExprSkipCollateAndLikely(pA),
-             sqlite3ExprSkipCollateAndLikely(pB),
+             sqlite3ExprSkipCollate(pA),
+             sqlite3ExprSkipCollate(pB),
              iTab);
 }
 
@@ -114644,13 +115102,14 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
     case TK_AGG_FUNCTION: {
       if( (pNC->ncFlags & NC_InAggFunc)==0
        && pWalker->walkerDepth==pExpr->op2
+       && pExpr->pAggInfo==0
       ){
         /* Check to see if pExpr is a duplicate of another aggregate
         ** function that is already in the pAggInfo structure
         */
         struct AggInfo_func *pItem = pAggInfo->aFunc;
         for(i=0; inFunc; i++, pItem++){
-          if( pItem->pFExpr==pExpr ) break;
+          if( NEVER(pItem->pFExpr==pExpr) ) break;
           if( sqlite3ExprCompare(0, pItem->pFExpr, pExpr, -1)==0 ){
             break;
           }
@@ -114693,6 +115152,8 @@ static int analyzeAggregate(Walker *pWalker, Expr *pExpr){
               }else{
                 pItem->bOBPayload = 1;
               }
+              pItem->bUseSubtype =
+                    (pItem->pFunc->funcFlags & SQLITE_SUBTYPE)!=0;
             }else{
               pItem->iOBTab = -1;
             }
@@ -117459,9 +117920,9 @@ static void openStatTable(
 typedef struct StatAccum StatAccum;
 typedef struct StatSample StatSample;
 struct StatSample {
-  tRowcnt *anEq;                  /* sqlite_stat4.nEq */
   tRowcnt *anDLt;                 /* sqlite_stat4.nDLt */
 #ifdef SQLITE_ENABLE_STAT4
+  tRowcnt *anEq;                  /* sqlite_stat4.nEq */
   tRowcnt *anLt;                  /* sqlite_stat4.nLt */
   union {
     i64 iRowid;                     /* Rowid in main table of the key */
@@ -117619,9 +118080,9 @@ static void statInit(
 
   /* Allocate the space required for the StatAccum object */
   n = sizeof(*p)
-    + sizeof(tRowcnt)*nColUp                  /* StatAccum.anEq */
-    + sizeof(tRowcnt)*nColUp;                 /* StatAccum.anDLt */
+    + sizeof(tRowcnt)*nColUp;                    /* StatAccum.anDLt */
 #ifdef SQLITE_ENABLE_STAT4
+  n += sizeof(tRowcnt)*nColUp;                   /* StatAccum.anEq */
   if( mxSample ){
     n += sizeof(tRowcnt)*nColUp                  /* StatAccum.anLt */
       + sizeof(StatSample)*(nCol+mxSample)       /* StatAccum.aBest[], a[] */
@@ -117642,9 +118103,9 @@ static void statInit(
   p->nKeyCol = nKeyCol;
   p->nSkipAhead = 0;
   p->current.anDLt = (tRowcnt*)&p[1];
-  p->current.anEq = &p->current.anDLt[nColUp];
 
 #ifdef SQLITE_ENABLE_STAT4
+  p->current.anEq = &p->current.anDLt[nColUp];
   p->mxSample = p->nLimit==0 ? mxSample : 0;
   if( mxSample ){
     u8 *pSpace;                     /* Allocated space not yet assigned */
@@ -117911,7 +118372,9 @@ static void statPush(
 
   if( p->nRow==0 ){
     /* This is the first call to this function. Do initialization. */
+#ifdef SQLITE_ENABLE_STAT4
     for(i=0; inCol; i++) p->current.anEq[i] = 1;
+#endif
   }else{
     /* Second and subsequent calls get processed here */
 #ifdef SQLITE_ENABLE_STAT4
@@ -117920,15 +118383,17 @@ static void statPush(
 
     /* Update anDLt[], anLt[] and anEq[] to reflect the values that apply
     ** to the current row of the index. */
+#ifdef SQLITE_ENABLE_STAT4
     for(i=0; icurrent.anEq[i]++;
     }
+#endif
     for(i=iChng; inCol; i++){
       p->current.anDLt[i]++;
 #ifdef SQLITE_ENABLE_STAT4
       if( p->mxSample ) p->current.anLt[i] += p->current.anEq[i];
-#endif
       p->current.anEq[i] = 1;
+#endif
     }
   }
 
@@ -118062,7 +118527,9 @@ static void statGet(
       u64 iVal = (p->nRow + nDistinct - 1) / nDistinct;
       if( iVal==2 && p->nRow*10 <= nDistinct*11 ) iVal = 1;
       sqlite3_str_appendf(&sStat, " %llu", iVal);
+#ifdef SQLITE_ENABLE_STAT4
       assert( p->current.anEq[i] );
+#endif
     }
     sqlite3ResultStrAccum(context, &sStat);
   }
@@ -118751,6 +119218,16 @@ static void decodeIntArray(
       while( z[0]!=0 && z[0]!=' ' ) z++;
       while( z[0]==' ' ) z++;
     }
+
+    /* Set the bLowQual flag if the peak number of rows obtained
+    ** from a full equality match is so large that a full table scan
+    ** seems likely to be faster than using the index.
+    */
+    if( aLog[0] > 66              /* Index has more than 100 rows */
+     && aLog[0] <= aLog[nOut-1]   /* And only a single value seen */
+    ){
+      pIndex->bLowQual = 1;
+    }
   }
 }
 
@@ -120797,7 +121274,7 @@ SQLITE_PRIVATE void sqlite3ColumnSetExpr(
 */
 SQLITE_PRIVATE Expr *sqlite3ColumnExpr(Table *pTab, Column *pCol){
   if( pCol->iDflt==0 ) return 0;
-  if( NEVER(!IsOrdinaryTable(pTab)) ) return 0;
+  if( !IsOrdinaryTable(pTab) ) return 0;
   if( NEVER(pTab->u.tab.pDfltList==0) ) return 0;
   if( NEVER(pTab->u.tab.pDfltList->nExpriDflt) ) return 0;
   return pTab->u.tab.pDfltList->a[pCol->iDflt-1].pExpr;
@@ -120950,6 +121427,9 @@ SQLITE_PRIVATE void sqlite3DeleteTable(sqlite3 *db, Table *pTable){
   if( db->pnBytesFreed==0 && (--pTable->nTabRef)>0 ) return;
   deleteTable(db, pTable);
 }
+SQLITE_PRIVATE void sqlite3DeleteTableGeneric(sqlite3 *db, void *pTable){
+  sqlite3DeleteTable(db, (Table*)pTable);
+}
 
 
 /*
@@ -121487,7 +121967,8 @@ SQLITE_PRIVATE void sqlite3ColumnPropertiesFromName(Table *pTab, Column *pCol){
 /*
 ** Clean up the data structures associated with the RETURNING clause.
 */
-static void sqlite3DeleteReturning(sqlite3 *db, Returning *pRet){
+static void sqlite3DeleteReturning(sqlite3 *db, void *pArg){
+  Returning *pRet = (Returning*)pArg;
   Hash *pHash;
   pHash = &(db->aDb[1].pSchema->trigHash);
   sqlite3HashInsert(pHash, pRet->zName, 0);
@@ -121529,8 +122010,7 @@ SQLITE_PRIVATE void sqlite3AddReturning(Parse *pParse, ExprList *pList){
   pParse->u1.pReturning = pRet;
   pRet->pParse = pParse;
   pRet->pReturnEL = pList;
-  sqlite3ParserAddCleanup(pParse,
-     (void(*)(sqlite3*,void*))sqlite3DeleteReturning, pRet);
+  sqlite3ParserAddCleanup(pParse, sqlite3DeleteReturning, pRet);
   testcase( pParse->earlyCleanup );
   if( db->mallocFailed ) return;
   sqlite3_snprintf(sizeof(pRet->zName), pRet->zName,
@@ -121729,7 +122209,8 @@ SQLITE_PRIVATE char sqlite3AffinityType(const char *zIn, Column *pCol){
 
   assert( zIn!=0 );
   while( zIn[0] ){
-    h = (h<<8) + sqlite3UpperToLower[(*zIn)&0xff];
+    u8 x = *(u8*)zIn;
+    h = (h<<8) + sqlite3UpperToLower[x];
     zIn++;
     if( h==(('c'<<24)+('h'<<16)+('a'<<8)+'r') ){             /* CHAR */
       aff = SQLITE_AFF_TEXT;
@@ -125594,7 +126075,7 @@ SQLITE_PRIVATE void sqlite3Reindex(Parse *pParse, Token *pName1, Token *pName2){
   if( iDb<0 ) return;
   z = sqlite3NameFromToken(db, pObjName);
   if( z==0 ) return;
-  zDb = db->aDb[iDb].zDbSName;
+  zDb = pName2->n ? db->aDb[iDb].zDbSName : 0;
   pTab = sqlite3FindTable(db, z, zDb);
   if( pTab ){
     reindexTable(pParse, pTab, 0);
@@ -125604,6 +126085,7 @@ SQLITE_PRIVATE void sqlite3Reindex(Parse *pParse, Token *pName1, Token *pName2){
   pIndex = sqlite3FindIndex(db, z, zDb);
   sqlite3DbFree(db, z);
   if( pIndex ){
+    iDb = sqlite3SchemaToIndex(db, pIndex->pTable->pSchema);
     sqlite3BeginWriteOperation(pParse, 0, iDb);
     sqlite3RefillIndex(pParse, pIndex, -1);
     return;
@@ -125769,6 +126251,9 @@ SQLITE_PRIVATE void sqlite3WithDelete(sqlite3 *db, With *pWith){
     sqlite3DbFree(db, pWith);
   }
 }
+SQLITE_PRIVATE void sqlite3WithDeleteGeneric(sqlite3 *db, void *pWith){
+  sqlite3WithDelete(db, (With*)pWith);
+}
 #endif /* !defined(SQLITE_OMIT_CTE) */
 
 /************** End of build.c ***********************************************/
@@ -138994,7 +139479,8 @@ SQLITE_PRIVATE void sqlite3Pragma(
           if( pVTab->pModule->iVersion<4 ) continue;
           if( pVTab->pModule->xIntegrity==0 ) continue;
           sqlite3VdbeAddOp3(v, OP_VCheck, i, 3, isQuick);
-          sqlite3VdbeAppendP4(v, pTab, P4_TABLE);
+          pTab->nTabRef++;
+          sqlite3VdbeAppendP4(v, pTab, P4_TABLEREF);
           a1 = sqlite3VdbeAddOp1(v, OP_IsNull, 3); VdbeCoverage(v);
           integrityCheckResultRow(v);
           sqlite3VdbeJumpHere(v, a1);
@@ -141021,6 +141507,7 @@ static int sqlite3LockAndPrepare(
   assert( (rc&db->errMask)==rc );
   db->busyHandler.nBusy = 0;
   sqlite3_mutex_leave(db->mutex);
+  assert( rc==SQLITE_OK || (*ppStmt)==0 );
   return rc;
 }
 
@@ -141418,6 +141905,9 @@ SQLITE_PRIVATE Select *sqlite3SelectNew(
 SQLITE_PRIVATE void sqlite3SelectDelete(sqlite3 *db, Select *p){
   if( OK_IF_ALWAYS_TRUE(p) ) clearSelect(db, p, 1);
 }
+SQLITE_PRIVATE void sqlite3SelectDeleteGeneric(sqlite3 *db, void *p){
+  if( ALWAYS(p) ) clearSelect(db, (Select*)p, 1);
+}
 
 /*
 ** Return a pointer to the right-most SELECT statement in a compound.
@@ -143553,7 +144043,8 @@ SQLITE_PRIVATE void sqlite3SubqueryColumnTypes(
   NameContext sNC;
 
   assert( pSelect!=0 );
-  assert( (pSelect->selFlags & SF_Resolved)!=0 );
+  testcase( (pSelect->selFlags & SF_Resolved)==0 );
+  assert( (pSelect->selFlags & SF_Resolved)!=0 || IN_RENAME_OBJECT );
   assert( pTab->nCol==pSelect->pEList->nExpr || pParse->nErr>0 );
   assert( aff==SQLITE_AFF_NONE || aff==SQLITE_AFF_BLOB );
   if( db->mallocFailed || IN_RENAME_OBJECT ) return;
@@ -144437,9 +144928,7 @@ static int multiSelect(
   pDest->iSdst = dest.iSdst;
   pDest->nSdst = dest.nSdst;
   if( pDelete ){
-    sqlite3ParserAddCleanup(pParse,
-        (void(*)(sqlite3*,void*))sqlite3SelectDelete,
-        pDelete);
+    sqlite3ParserAddCleanup(pParse, sqlite3SelectDeleteGeneric, pDelete);
   }
   return rc;
 }
@@ -144990,8 +145479,7 @@ static int multiSelectOrderBy(
   /* Make arrangements to free the 2nd and subsequent arms of the compound
   ** after the parse has finished */
   if( pSplit->pPrior ){
-    sqlite3ParserAddCleanup(pParse,
-       (void(*)(sqlite3*,void*))sqlite3SelectDelete, pSplit->pPrior);
+    sqlite3ParserAddCleanup(pParse, sqlite3SelectDeleteGeneric, pSplit->pPrior);
   }
   pSplit->pPrior = pPrior;
   pPrior->pNext = pSplit;
@@ -145812,9 +146300,7 @@ static int flattenSubquery(
     Table *pTabToDel = pSubitem->pTab;
     if( pTabToDel->nTabRef==1 ){
       Parse *pToplevel = sqlite3ParseToplevel(pParse);
-      sqlite3ParserAddCleanup(pToplevel,
-         (void(*)(sqlite3*,void*))sqlite3DeleteTable,
-         pTabToDel);
+      sqlite3ParserAddCleanup(pToplevel, sqlite3DeleteTableGeneric, pTabToDel);
       testcase( pToplevel->earlyCleanup );
     }else{
       pTabToDel->nTabRef--;
@@ -146861,8 +147347,7 @@ static struct Cte *searchWith(
 SQLITE_PRIVATE With *sqlite3WithPush(Parse *pParse, With *pWith, u8 bFree){
   if( pWith ){
     if( bFree ){
-      pWith = (With*)sqlite3ParserAddCleanup(pParse,
-                      (void(*)(sqlite3*,void*))sqlite3WithDelete,
+      pWith = (With*)sqlite3ParserAddCleanup(pParse, sqlite3WithDeleteGeneric,
                       pWith);
       if( pWith==0 ) return 0;
     }
@@ -147606,10 +148091,11 @@ static void selectAddSubqueryTypeInfo(Walker *pWalker, Select *p){
   SrcList *pTabList;
   SrcItem *pFrom;
 
-  assert( p->selFlags & SF_Resolved );
   if( p->selFlags & SF_HasTypeInfo ) return;
   p->selFlags |= SF_HasTypeInfo;
   pParse = pWalker->pParse;
+  testcase( (p->selFlags & SF_Resolved)==0 );
+  assert( (p->selFlags & SF_Resolved) || IN_RENAME_OBJECT );
   pTabList = p->pSrc;
   for(i=0, pFrom=pTabList->a; inSrc; i++, pFrom++){
     Table *pTab = pFrom->pTab;
@@ -147894,6 +148380,7 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
       assert( pFunc->pFExpr->pLeft!=0 );
       assert( pFunc->pFExpr->pLeft->op==TK_ORDER );
       assert( ExprUseXList(pFunc->pFExpr->pLeft) );
+      assert( pFunc->pFunc!=0 );
       pOBList = pFunc->pFExpr->pLeft->x.pList;
       if( !pFunc->bOBUnique ){
         nExtra++;  /* One extra column for the OP_Sequence */
@@ -147903,6 +148390,9 @@ static void resetAccumulator(Parse *pParse, AggInfo *pAggInfo){
         assert( ExprUseXList(pFunc->pFExpr) );
         nExtra += pFunc->pFExpr->x.pList->nExpr;
       }
+      if( pFunc->bUseSubtype ){
+        nExtra += pFunc->pFExpr->x.pList->nExpr;
+      }
       pKeyInfo = sqlite3KeyInfoFromExprList(pParse, pOBList, 0, nExtra);
       if( !pFunc->bOBUnique && pParse->nErr==0 ){
         pKeyInfo->nKeyField++;
@@ -147929,9 +148419,9 @@ static void finalizeAggFunctions(Parse *pParse, AggInfo *pAggInfo){
     assert( ExprUseXList(pF->pFExpr) );
     pList = pF->pFExpr->x.pList;
     if( pF->iOBTab>=0 ){
-      /* For an ORDER BY aggregate, calls to OP_AggStep where deferred and
-      ** all content was stored in emphermal table pF->iOBTab.  Extract that
-      ** content now (in ORDER BY order) and make all calls to OP_AggStep
+      /* For an ORDER BY aggregate, calls to OP_AggStep were deferred.  Inputs
+      ** were stored in emphermal table pF->iOBTab.  Here, we extract those
+      ** inputs (in ORDER BY order) and make all calls to OP_AggStep
       ** before doing the OP_AggFinal call. */
       int iTop;        /* Start of loop for extracting columns */
       int nArg;        /* Number of columns to extract */
@@ -147939,6 +148429,7 @@ static void finalizeAggFunctions(Parse *pParse, AggInfo *pAggInfo){
       int regAgg;      /* Extract into this array */
       int j;           /* Loop counter */
 
+      assert( pF->pFunc!=0 );
       nArg = pList->nExpr;
       regAgg = sqlite3GetTempRange(pParse, nArg);
 
@@ -147955,6 +148446,15 @@ static void finalizeAggFunctions(Parse *pParse, AggInfo *pAggInfo){
       for(j=nArg-1; j>=0; j--){
         sqlite3VdbeAddOp3(v, OP_Column, pF->iOBTab, nKey+j, regAgg+j);
       }
+      if( pF->bUseSubtype ){
+        int regSubtype = sqlite3GetTempReg(pParse);
+        int iBaseCol = nKey + nArg + (pF->bOBPayload==0 && pF->bOBUnique==0);
+        for(j=nArg-1; j>=0; j--){
+          sqlite3VdbeAddOp3(v, OP_Column, pF->iOBTab, iBaseCol+j, regSubtype);
+          sqlite3VdbeAddOp2(v, OP_SetSubtype, regSubtype, regAgg+j);
+        }
+        sqlite3ReleaseTempReg(pParse, regSubtype);
+      }
       sqlite3VdbeAddOp3(v, OP_AggStep, 0, regAgg, AggInfoFuncReg(pAggInfo,i));
       sqlite3VdbeAppendP4(v, pF->pFunc, P4_FUNCDEF);
       sqlite3VdbeChangeP5(v, (u8)nArg);
@@ -148009,6 +148509,7 @@ static void updateAccumulator(
     ExprList *pList;
     assert( ExprUseXList(pF->pFExpr) );
     assert( !IsWindowFunc(pF->pFExpr) );
+    assert( pF->pFunc!=0 );
     pList = pF->pFExpr->x.pList;
     if( ExprHasProperty(pF->pFExpr, EP_WinFunc) ){
       Expr *pFilter = pF->pFExpr->y.pWin->pFilter;
@@ -148053,6 +148554,9 @@ static void updateAccumulator(
       if( pF->bOBPayload ){
         regAggSz += nArg;
       }
+      if( pF->bUseSubtype ){
+        regAggSz += nArg;
+      }
       regAggSz++;  /* One extra register to hold result of MakeRecord */
       regAgg = sqlite3GetTempRange(pParse, regAggSz);
       regDistinct = regAgg;
@@ -148065,6 +148569,14 @@ static void updateAccumulator(
       if( pF->bOBPayload ){
         regDistinct = regAgg+jj;
         sqlite3ExprCodeExprList(pParse, pList, regDistinct, 0, SQLITE_ECEL_DUP);
+        jj += nArg;
+      }
+      if( pF->bUseSubtype ){
+        int kk;
+        int regBase = pF->bOBPayload ? regDistinct : regAgg;
+        for(kk=0; kknExpr;
@@ -148269,7 +148781,8 @@ static SrcItem *isSelfJoinView(
 /*
 ** Deallocate a single AggInfo object
 */
-static void agginfoFree(sqlite3 *db, AggInfo *p){
+static void agginfoFree(sqlite3 *db, void *pArg){
+  AggInfo *p = (AggInfo*)pArg;
   sqlite3DbFree(db, p->aCol);
   sqlite3DbFree(db, p->aFunc);
   sqlite3DbFreeNN(db, p);
@@ -148343,7 +148856,7 @@ static int countOfViewOptimization(Parse *pParse, Select *p){
     pSub->selFlags |= SF_Aggregate;
     pSub->selFlags &= ~SF_Compound;
     pSub->nSelectRow = 0;
-    sqlite3ExprListDelete(db, pSub->pEList);
+    sqlite3ParserAddCleanup(pParse, sqlite3ExprListDeleteGeneric, pSub->pEList);
     pTerm = pPrior ? sqlite3ExprDup(db, pCount, 0) : pCount;
     pSub->pEList = sqlite3ExprListAppend(pParse, 0, pTerm);
     pTerm = sqlite3PExpr(pParse, TK_SELECT, 0, 0);
@@ -148523,9 +149036,8 @@ SQLITE_PRIVATE int sqlite3Select(
         sqlite3TreeViewExprList(0, p->pOrderBy, 0, "ORDERBY");
       }
 #endif
-      sqlite3ParserAddCleanup(pParse,
-        (void(*)(sqlite3*,void*))sqlite3ExprListDelete,
-        p->pOrderBy);
+      sqlite3ParserAddCleanup(pParse, sqlite3ExprListDeleteGeneric,
+                              p->pOrderBy);
       testcase( pParse->earlyCleanup );
       p->pOrderBy = 0;
     }
@@ -148631,6 +149143,7 @@ SQLITE_PRIVATE int sqlite3Select(
           TREETRACE(0x1000,pParse,p,
                     ("LEFT-JOIN simplifies to JOIN on term %d\n",i));
           pItem->fg.jointype &= ~(JT_LEFT|JT_OUTER);
+          unsetJoinExpr(p->pWhere, pItem->iCursor, 0);
         }
       }
       if( pItem->fg.jointype & JT_LTORJ ){
@@ -148645,17 +149158,15 @@ SQLITE_PRIVATE int sqlite3Select(
               TREETRACE(0x1000,pParse,p,
                         ("RIGHT-JOIN simplifies to JOIN on term %d\n",j));
               pI2->fg.jointype &= ~(JT_RIGHT|JT_OUTER);
+              unsetJoinExpr(p->pWhere, pI2->iCursor, 1);
             }
           }
         }
-        for(j=pTabList->nSrc-1; j>=i; j--){
+        for(j=pTabList->nSrc-1; j>=0; j--){
           pTabList->a[j].fg.jointype &= ~JT_LTORJ;
           if( pTabList->a[j].fg.jointype & JT_RIGHT ) break;
         }
       }
-      assert( pItem->iCursor>=0 );
-      unsetJoinExpr(p->pWhere, pItem->iCursor,
-                    pTabList->a[0].fg.jointype & JT_LTORJ);
     }
 
     /* No further action if this term of the FROM clause is not a subquery */
@@ -148718,9 +149229,8 @@ SQLITE_PRIVATE int sqlite3Select(
     ){
       TREETRACE(0x800,pParse,p,
                 ("omit superfluous ORDER BY on %r FROM-clause subquery\n",i+1));
-      sqlite3ParserAddCleanup(pParse,
-         (void(*)(sqlite3*,void*))sqlite3ExprListDelete,
-         pSub->pOrderBy);
+      sqlite3ParserAddCleanup(pParse, sqlite3ExprListDeleteGeneric,
+                              pSub->pOrderBy);
       pSub->pOrderBy = 0;
     }
 
@@ -149249,8 +149759,7 @@ SQLITE_PRIVATE int sqlite3Select(
     */
     pAggInfo = sqlite3DbMallocZero(db, sizeof(*pAggInfo) );
     if( pAggInfo ){
-      sqlite3ParserAddCleanup(pParse,
-          (void(*)(sqlite3*,void*))agginfoFree, pAggInfo);
+      sqlite3ParserAddCleanup(pParse, agginfoFree, pAggInfo);
       testcase( pParse->earlyCleanup );
     }
     if( db->mallocFailed ){
@@ -153899,7 +154408,6 @@ SQLITE_PRIVATE void sqlite3VtabUnlockList(sqlite3 *db){
 
   if( p ){
     db->pDisconnect = 0;
-    sqlite3ExpirePreparedStatements(db, 0);
     do {
       VTable *pNext = p->pNext;
       sqlite3VtabUnlock(p);
@@ -155465,7 +155973,7 @@ SQLITE_PRIVATE Bitmask sqlite3WhereGetMask(WhereMaskSet*,int);
 #ifdef WHERETRACE_ENABLED
 SQLITE_PRIVATE void sqlite3WhereClausePrint(WhereClause *pWC);
 SQLITE_PRIVATE void sqlite3WhereTermPrint(WhereTerm *pTerm, int iTerm);
-SQLITE_PRIVATE void sqlite3WhereLoopPrint(WhereLoop *p, WhereClause *pWC);
+SQLITE_PRIVATE void sqlite3WhereLoopPrint(const WhereLoop *p, const WhereClause *pWC);
 #endif
 SQLITE_PRIVATE WhereTerm *sqlite3WhereFindTerm(
   WhereClause *pWC,     /* The WHERE clause to be searched */
@@ -160927,12 +161435,22 @@ static void translateColumnToCopy(
   for(; iStartp1!=iTabCur ) continue;
     if( pOp->opcode==OP_Column ){
+#ifdef SQLITE_DEBUG
+      if( pParse->db->flags & SQLITE_VdbeAddopTrace ){
+        printf("TRANSLATE OP_Column to OP_Copy at %d\n", iStart);
+      }
+#endif
       pOp->opcode = OP_Copy;
       pOp->p1 = pOp->p2 + iRegister;
       pOp->p2 = pOp->p3;
       pOp->p3 = 0;
       pOp->p5 = 2;  /* Cause the MEM_Subtype flag to be cleared */
     }else if( pOp->opcode==OP_Rowid ){
+#ifdef SQLITE_DEBUG
+      if( pParse->db->flags & SQLITE_VdbeAddopTrace ){
+        printf("TRANSLATE OP_Rowid to OP_Sequence at %d\n", iStart);
+      }
+#endif
       pOp->opcode = OP_Sequence;
       pOp->p1 = iAutoidxCur;
 #ifdef SQLITE_ALLOW_ROWID_IN_VIEW
@@ -162259,7 +162777,8 @@ static int whereRangeScanEst(
           ** sample, then assume they are 4x more selective.  This brings
           ** the estimated selectivity more in line with what it would be
           ** if estimated without the use of STAT4 tables. */
-          if( iLwrIdx==iUprIdx ) nNew -= 20;  assert( 20==sqlite3LogEst(4) );
+          if( iLwrIdx==iUprIdx ){ nNew -= 20; }
+          assert( 20==sqlite3LogEst(4) );
         }else{
           nNew = 10;        assert( 10==sqlite3LogEst(2) );
         }
@@ -162483,17 +163002,34 @@ SQLITE_PRIVATE void sqlite3WhereClausePrint(WhereClause *pWC){
 #ifdef WHERETRACE_ENABLED
 /*
 ** Print a WhereLoop object for debugging purposes
-*/
-SQLITE_PRIVATE void sqlite3WhereLoopPrint(WhereLoop *p, WhereClause *pWC){
-  WhereInfo *pWInfo = pWC->pWInfo;
-  int nb = 1+(pWInfo->pTabList->nSrc+3)/4;
-  SrcItem *pItem = pWInfo->pTabList->a + p->iTab;
-  Table *pTab = pItem->pTab;
-  Bitmask mAll = (((Bitmask)1)<<(nb*4)) - 1;
-  sqlite3DebugPrintf("%c%2d.%0*llx.%0*llx", p->cId,
-                     p->iTab, nb, p->maskSelf, nb, p->prereq & mAll);
-  sqlite3DebugPrintf(" %12s",
-                     pItem->zAlias ? pItem->zAlias : pTab->zName);
+**
+** Format example:
+**
+**     .--- Position in WHERE clause           rSetup, rRun, nOut ---.
+**     |                                                             |
+**     |  .--- selfMask                       nTerm ------.          |
+**     |  |                                               |          |
+**     |  |   .-- prereq    Idx          wsFlags----.     |          |
+**     |  |   |             Name                    |     |          |
+**     |  |   |           __|__        nEq ---.  ___|__   |        __|__
+**     | / \ / \         /     \              | /      \ / \      /     \
+**     1.002.001         t2.t2xy              2 f 010241 N 2 cost 0,56,31
+*/
+SQLITE_PRIVATE void sqlite3WhereLoopPrint(const WhereLoop *p, const WhereClause *pWC){
+  if( pWC ){
+    WhereInfo *pWInfo = pWC->pWInfo;
+    int nb = 1+(pWInfo->pTabList->nSrc+3)/4;
+    SrcItem *pItem = pWInfo->pTabList->a + p->iTab;
+    Table *pTab = pItem->pTab;
+    Bitmask mAll = (((Bitmask)1)<<(nb*4)) - 1;
+    sqlite3DebugPrintf("%c%2d.%0*llx.%0*llx", p->cId,
+                       p->iTab, nb, p->maskSelf, nb, p->prereq & mAll);
+    sqlite3DebugPrintf(" %12s",
+                       pItem->zAlias ? pItem->zAlias : pTab->zName);
+  }else{
+    sqlite3DebugPrintf("%c%2d.%03llx.%03llx %c%d",
+         p->cId, p->iTab, p->maskSelf, p->prereq & 0xfff, p->cId, p->iTab);
+  }
   if( (p->wsFlags & WHERE_VIRTUALTABLE)==0 ){
     const char *zName;
     if( p->u.btree.pIndex && (zName = p->u.btree.pIndex->zName)!=0 ){
@@ -162530,6 +163066,15 @@ SQLITE_PRIVATE void sqlite3WhereLoopPrint(WhereLoop *p, WhereClause *pWC){
     }
   }
 }
+SQLITE_PRIVATE void sqlite3ShowWhereLoop(const WhereLoop *p){
+  if( p ) sqlite3WhereLoopPrint(p, 0);
+}
+SQLITE_PRIVATE void sqlite3ShowWhereLoopList(const WhereLoop *p){
+  while( p ){
+    sqlite3ShowWhereLoop(p);
+    p = p->pNextLoop;
+  }
+}
 #endif
 
 /*
@@ -162642,46 +163187,60 @@ static void whereInfoFree(sqlite3 *db, WhereInfo *pWInfo){
 }
 
 /*
-** Return TRUE if all of the following are true:
+** Return TRUE if X is a proper subset of Y but is of equal or less cost.
+** In other words, return true if all constraints of X are also part of Y
+** and Y has additional constraints that might speed the search that X lacks
+** but the cost of running X is not more than the cost of running Y.
+**
+** In other words, return true if the cost relationwship between X and Y
+** is inverted and needs to be adjusted.
+**
+** Case 1:
 **
-**   (1)  X has the same or lower cost, or returns the same or fewer rows,
-**        than Y.
-**   (2)  X uses fewer WHERE clause terms than Y
-**   (3)  Every WHERE clause term used by X is also used by Y
-**   (4)  X skips at least as many columns as Y
-**   (5)  If X is a covering index, than Y is too
+**   (1a)  X and Y use the same index.
+**   (1b)  X has fewer == terms than Y
+**   (1c)  Neither X nor Y use skip-scan
+**   (1d)  X does not have a a greater cost than Y
 **
-** Conditions (2) and (3) mean that X is a "proper subset" of Y.
-** If X is a proper subset of Y then Y is a better choice and ought
-** to have a lower cost.  This routine returns TRUE when that cost
-** relationship is inverted and needs to be adjusted.  Constraint (4)
-** was added because if X uses skip-scan less than Y it still might
-** deserve a lower cost even if it is a proper subset of Y.  Constraint (5)
-** was added because a covering index probably deserves to have a lower cost
-** than a non-covering index even if it is a proper subset.
+** Case 2:
+**
+**   (2a)  X has the same or lower cost, or returns the same or fewer rows,
+**         than Y.
+**   (2b)  X uses fewer WHERE clause terms than Y
+**   (2c)  Every WHERE clause term used by X is also used by Y
+**   (2d)  X skips at least as many columns as Y
+**   (2e)  If X is a covering index, than Y is too
 */
 static int whereLoopCheaperProperSubset(
   const WhereLoop *pX,       /* First WhereLoop to compare */
   const WhereLoop *pY        /* Compare against this WhereLoop */
 ){
   int i, j;
+  if( pX->rRun>pY->rRun && pX->nOut>pY->nOut ) return 0; /* (1d) and (2a) */
+  assert( (pX->wsFlags & WHERE_VIRTUALTABLE)==0 );
+  assert( (pY->wsFlags & WHERE_VIRTUALTABLE)==0 );
+  if( pX->u.btree.nEq < pY->u.btree.nEq                  /* (1b) */
+   && pX->u.btree.pIndex==pY->u.btree.pIndex             /* (1a) */
+   && pX->nSkip==0 && pY->nSkip==0                       /* (1c) */
+  ){
+    return 1;  /* Case 1 is true */
+  }
   if( pX->nLTerm-pX->nSkip >= pY->nLTerm-pY->nSkip ){
-    return 0; /* X is not a subset of Y */
+    return 0;                                            /* (2b) */
   }
-  if( pX->rRun>pY->rRun && pX->nOut>pY->nOut ) return 0;
-  if( pY->nSkip > pX->nSkip ) return 0;
+  if( pY->nSkip > pX->nSkip ) return 0;                  /* (2d) */
   for(i=pX->nLTerm-1; i>=0; i--){
     if( pX->aLTerm[i]==0 ) continue;
     for(j=pY->nLTerm-1; j>=0; j--){
       if( pY->aLTerm[j]==pX->aLTerm[i] ) break;
     }
-    if( j<0 ) return 0;  /* X not a subset of Y since term X[i] not used by Y */
+    if( j<0 ) return 0;                                  /* (2c) */
   }
   if( (pX->wsFlags&WHERE_IDX_ONLY)!=0
    && (pY->wsFlags&WHERE_IDX_ONLY)==0 ){
-    return 0;  /* Constraint (5) */
+    return 0;                                            /* (2e) */
   }
-  return 1;  /* All conditions meet */
+  return 1;  /* Case 2 is true */
 }
 
 /*
@@ -163171,7 +163730,10 @@ static int whereLoopAddBtreeIndex(
     assert( pNew->u.btree.nBtm==0 );
     opMask = WO_EQ|WO_IN|WO_GT|WO_GE|WO_LT|WO_LE|WO_ISNULL|WO_IS;
   }
-  if( pProbe->bUnordered ) opMask &= ~(WO_GT|WO_GE|WO_LT|WO_LE);
+  if( pProbe->bUnordered || pProbe->bLowQual ){
+    if( pProbe->bUnordered ) opMask &= ~(WO_GT|WO_GE|WO_LT|WO_LE);
+    if( pProbe->bLowQual )   opMask &= ~(WO_EQ|WO_IN|WO_IS);
+  }
 
   assert( pNew->u.btree.nEqnColumn );
   assert( pNew->u.btree.nEqnKeyCol
@@ -166059,6 +166621,20 @@ static SQLITE_NOINLINE void whereAddIndexedExpr(
       continue;
     }
     if( sqlite3ExprIsConstant(pExpr) ) continue;
+    if( pExpr->op==TK_FUNCTION ){
+      /* Functions that might set a subtype should not be replaced by the
+      ** value taken from an expression index since the index omits the
+      ** subtype.  https://sqlite.org/forum/forumpost/68d284c86b082c3e */
+      int n;
+      FuncDef *pDef;
+      sqlite3 *db = pParse->db;
+      assert( ExprUseXList(pExpr) );
+      n = pExpr->x.pList ? pExpr->x.pList->nExpr : 0;
+      pDef = sqlite3FindFunction(db, pExpr->u.zToken, n, ENC(db), 0);
+      if( pDef==0 || (pDef->funcFlags & SQLITE_RESULT_SUBTYPE)!=0 ){
+        continue;
+      }
+    }
     p = sqlite3DbMallocRaw(pParse->db,  sizeof(IndexedExpr));
     if( p==0 ) break;
     p->pIENext = pParse->pIdxEpr;
@@ -166262,7 +166838,10 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   ** field (type Bitmask) it must be aligned on an 8-byte boundary on
   ** some architectures. Hence the ROUND8() below.
   */
-  nByteWInfo = ROUND8P(sizeof(WhereInfo)+(nTabList-1)*sizeof(WhereLevel));
+  nByteWInfo = ROUND8P(sizeof(WhereInfo));
+  if( nTabList>1 ){
+    nByteWInfo = ROUND8P(nByteWInfo + (nTabList-1)*sizeof(WhereLevel));
+  }
   pWInfo = sqlite3DbMallocRawNN(db, nByteWInfo + sizeof(WhereLoop));
   if( db->mallocFailed ){
     sqlite3DbFree(db, pWInfo);
@@ -166824,6 +167403,11 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
     pParse->nQueryLoop = pWInfo->savedNQueryLoop;
     whereInfoFree(db, pWInfo);
   }
+#ifdef WHERETRACE_ENABLED
+  /* Prevent harmless compiler warnings about debugging routines
+  ** being declared but never used */
+  sqlite3ShowWhereLoopList(0);
+#endif /* WHERETRACE_ENABLED */
   return 0;
 }
 
@@ -168241,7 +168825,7 @@ SQLITE_PRIVATE int sqlite3WindowRewrite(Parse *pParse, Select *p){
       assert( ExprUseXList(pWin->pOwner) );
       assert( pWin->pWFunc!=0 );
       pArgs = pWin->pOwner->x.pList;
-      if( pWin->pWFunc->funcFlags & SQLITE_FUNC_SUBTYPE ){
+      if( pWin->pWFunc->funcFlags & SQLITE_SUBTYPE ){
         selectWindowRewriteEList(pParse, pMWin, pSrc, pArgs, pTab, &pSublist);
         pWin->iArgCol = (pSublist ? pSublist->nExpr : 0);
         pWin->bExprArgs = 1;
@@ -179415,7 +179999,7 @@ SQLITE_PRIVATE int sqlite3CreateFunc(
   assert( SQLITE_FUNC_CONSTANT==SQLITE_DETERMINISTIC );
   assert( SQLITE_FUNC_DIRECT==SQLITE_DIRECTONLY );
   extraFlags = enc &  (SQLITE_DETERMINISTIC|SQLITE_DIRECTONLY|
-                       SQLITE_SUBTYPE|SQLITE_INNOCUOUS);
+                       SQLITE_SUBTYPE|SQLITE_INNOCUOUS|SQLITE_RESULT_SUBTYPE);
   enc &= (SQLITE_FUNC_ENCMASK|SQLITE_ANY);
 
   /* The SQLITE_INNOCUOUS flag is the same bit as SQLITE_FUNC_UNSAFE.  But
@@ -182160,6 +182744,28 @@ SQLITE_API int sqlite3_test_control(int op, ...){
       break;
     }
 #endif
+
+    /* sqlite3_test_control(SQLITE_TESTCTRL_JSON_SELFCHECK, &onOff);
+    **
+    ** Activate or deactivate validation of JSONB that is generated from
+    ** text.  Off by default, as the validation is slow.  Validation is
+    ** only available if compiled using SQLITE_DEBUG.
+    **
+    ** If onOff is initially 1, then turn it on.  If onOff is initially
+    ** off, turn it off.  If onOff is initially -1, then change onOff
+    ** to be the current setting.
+    */
+    case SQLITE_TESTCTRL_JSON_SELFCHECK: {
+#if defined(SQLITE_DEBUG) && !defined(SQLITE_OMIT_WSD)
+      int *pOnOff = va_arg(ap, int*);
+      if( *pOnOff<0 ){
+        *pOnOff = sqlite3Config.bJsonSelfcheck;
+      }else{
+        sqlite3Config.bJsonSelfcheck = (u8)((*pOnOff)&0xff);
+      }
+#endif
+      break;
+    }
   }
   va_end(ap);
 #endif /* SQLITE_UNTESTABLE */
@@ -202574,24 +203180,145 @@ SQLITE_PRIVATE int sqlite3FtsUnicodeFold(int c, int eRemoveDiacritic){
 **
 ******************************************************************************
 **
-** This SQLite JSON functions.
+** SQLite JSON functions.
 **
 ** This file began as an extension in ext/misc/json1.c in 2015.  That
 ** extension proved so useful that it has now been moved into the core.
 **
-** For the time being, all JSON is stored as pure text.  (We might add
-** a JSONB type in the future which stores a binary encoding of JSON in
-** a BLOB, but there is no support for JSONB in the current implementation.
-** This implementation parses JSON text at 250 MB/s, so it is hard to see
-** how JSONB might improve on that.)
+** The original design stored all JSON as pure text, canonical RFC-8259.
+** Support for JSON-5 extensions was added with version 3.42.0 (2023-05-16).
+** All generated JSON text still conforms strictly to RFC-8259, but text
+** with JSON-5 extensions is accepted as input.
+**
+** Beginning with version 3.45.0 (circa 2024-01-01), these routines also
+** accept BLOB values that have JSON encoded using a binary representation
+** called "JSONB".  The name JSONB comes from PostgreSQL, however the on-disk
+** format SQLite JSONB is completely different and incompatible with
+** PostgreSQL JSONB.
+**
+** Decoding and interpreting JSONB is still O(N) where N is the size of
+** the input, the same as text JSON.  However, the constant of proportionality
+** for JSONB is much smaller due to faster parsing.  The size of each
+** element in JSONB is encoded in its header, so there is no need to search
+** for delimiters using persnickety syntax rules.  JSONB seems to be about
+** 3x faster than text JSON as a result.  JSONB is also tends to be slightly
+** smaller than text JSON, by 5% or 10%, but there are corner cases where
+** JSONB can be slightly larger.  So you are not far mistaken to say that
+** a JSONB blob is the same size as the equivalent RFC-8259 text.
+**
+**
+** THE JSONB ENCODING:
+**
+** Every JSON element is encoded in JSONB as a header and a payload.
+** The header is between 1 and 9 bytes in size.  The payload is zero
+** or more bytes.
+**
+** The lower 4 bits of the first byte of the header determines the
+** element type:
+**
+**    0:   NULL
+**    1:   TRUE
+**    2:   FALSE
+**    3:   INT        -- RFC-8259 integer literal
+**    4:   INT5       -- JSON5 integer literal
+**    5:   FLOAT      -- RFC-8259 floating point literal
+**    6:   FLOAT5     -- JSON5 floating point literal
+**    7:   TEXT       -- Text literal acceptable to both SQL and JSON
+**    8:   TEXTJ      -- Text containing RFC-8259 escapes
+**    9:   TEXT5      -- Text containing JSON5 and/or RFC-8259 escapes
+**   10:   TEXTRAW    -- Text containing unescaped syntax characters
+**   11:   ARRAY
+**   12:   OBJECT
+**
+** The other three possible values (13-15) are reserved for future
+** enhancements.
+**
+** The upper 4 bits of the first byte determine the size of the header
+** and sometimes also the size of the payload.  If X is the first byte
+** of the element and if X>>4 is between 0 and 11, then the payload
+** will be that many bytes in size and the header is exactly one byte
+** in size.  Other four values for X>>4 (12-15) indicate that the header
+** is more than one byte in size and that the payload size is determined
+** by the remainder of the header, interpreted as a unsigned big-endian
+** integer.
+**
+**   Value of X>>4         Size integer        Total header size
+**   -------------     --------------------    -----------------
+**        12           1 byte (0-255)                2
+**        13           2 byte (0-65535)              3
+**        14           4 byte (0-4294967295)         5
+**        15           8 byte (0-1.8e19)             9
+**
+** The payload size need not be expressed in its minimal form.  For example,
+** if the payload size is 10, the size can be expressed in any of 5 different
+** ways: (1) (X>>4)==10, (2) (X>>4)==12 following by on 0x0a byte,
+** (3) (X>>4)==13 followed by 0x00 and 0x0a, (4) (X>>4)==14 followed by
+** 0x00 0x00 0x00 0x0a, or (5) (X>>4)==15 followed by 7 bytes of 0x00 and
+** a single byte of 0x0a.  The shorter forms are preferred, of course, but
+** sometimes when generating JSONB, the payload size is not known in advance
+** and it is convenient to reserve sufficient header space to cover the
+** largest possible payload size and then come back later and patch up
+** the size when it becomes known, resulting in a non-minimal encoding.
+**
+** The value (X>>4)==15 is not actually used in the current implementation
+** (as SQLite is currently unable handle BLOBs larger than about 2GB)
+** but is included in the design to allow for future enhancements.
+**
+** The payload follows the header.  NULL, TRUE, and FALSE have no payload and
+** their payload size must always be zero.  The payload for INT, INT5,
+** FLOAT, FLOAT5, TEXT, TEXTJ, TEXT5, and TEXTROW is text.  Note that the
+** "..." or '...' delimiters are omitted from the various text encodings.
+** The payload for ARRAY and OBJECT is a list of additional elements that
+** are the content for the array or object.  The payload for an OBJECT
+** must be an even number of elements.  The first element of each pair is
+** the label and must be of type TEXT, TEXTJ, TEXT5, or TEXTRAW.
+**
+** A valid JSONB blob consists of a single element, as described above.
+** Usually this will be an ARRAY or OBJECT element which has many more
+** elements as its content.  But the overall blob is just a single element.
+**
+** Input validation for JSONB blobs simply checks that the element type
+** code is between 0 and 12 and that the total size of the element
+** (header plus payload) is the same as the size of the BLOB.  If those
+** checks are true, the BLOB is assumed to be JSONB and processing continues.
+** Errors are only raised if some other miscoding is discovered during
+** processing.
+**
+** Additional information can be found in the doc/jsonb.md file of the
+** canonical SQLite source tree.
 */
 #ifndef SQLITE_OMIT_JSON
 /* #include "sqliteInt.h" */
 
+/* JSONB element types
+*/
+#define JSONB_NULL     0   /* "null" */
+#define JSONB_TRUE     1   /* "true" */
+#define JSONB_FALSE    2   /* "false" */
+#define JSONB_INT      3   /* integer acceptable to JSON and SQL */
+#define JSONB_INT5     4   /* integer in 0x000 notation */
+#define JSONB_FLOAT    5   /* float acceptable to JSON and SQL */
+#define JSONB_FLOAT5   6   /* float with JSON5 extensions */
+#define JSONB_TEXT     7   /* Text compatible with both JSON and SQL */
+#define JSONB_TEXTJ    8   /* Text with JSON escapes */
+#define JSONB_TEXT5    9   /* Text with JSON-5 escape */
+#define JSONB_TEXTRAW 10   /* SQL text that needs escaping for JSON */
+#define JSONB_ARRAY   11   /* An array */
+#define JSONB_OBJECT  12   /* An object */
+
+/* Human-readable names for the JSONB values.  The index for each
+** string must correspond to the JSONB_* integer above.
+*/
+static const char * const jsonbType[] = {
+  "null", "true", "false", "integer", "integer",
+  "real", "real", "text",  "text",    "text",
+  "text", "array", "object", "", "", "", ""
+};
+
 /*
 ** Growing our own isspace() routine this way is twice as fast as
 ** the library isspace() function, resulting in a 7% overall performance
-** increase for the parser.  (Ubuntu14.10 gcc 4.8.4 x64 with -Os).
+** increase for the text-JSON parser.  (Ubuntu14.10 gcc 4.8.4 x64 with -Os).
 */
 static const char jsonIsSpace[] = {
   0, 0, 0, 0, 0, 0, 0, 0,  0, 1, 1, 0, 0, 1, 0, 0,
@@ -202612,11 +203339,19 @@ static const char jsonIsSpace[] = {
   0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
   0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
 };
-#define fast_isspace(x) (jsonIsSpace[(unsigned char)x])
+#define jsonIsspace(x) (jsonIsSpace[(unsigned char)x])
 
 /*
-** Characters that are special to JSON.  Control charaters,
-** '"' and '\\'.
+** The set of all space characters recognized by jsonIsspace().
+** Useful as the second argument to strspn().
+*/
+static const char jsonSpaces[] = "\011\012\015\040";
+
+/*
+** Characters that are special to JSON.  Control characters,
+** '"' and '\\' and '\''.  Actually, '\'' is not special to
+** canonical JSON, but it is special in JSON-5, so we include
+** it in the set of special characters.
 */
 static const char jsonIsOk[256] = {
   0, 0, 0, 0, 0, 0, 0, 0,  0, 0, 0, 0, 0, 0, 0, 0,
@@ -202638,22 +203373,49 @@ static const char jsonIsOk[256] = {
   1, 1, 1, 1, 1, 1, 1, 1,  1, 1, 1, 1, 1, 1, 1, 1
 };
 
-
-#if !defined(SQLITE_DEBUG) && !defined(SQLITE_COVERAGE_TEST)
-#  define VVA(X)
-#else
-#  define VVA(X) X
-#endif
-
 /* Objects */
+typedef struct JsonCache JsonCache;
 typedef struct JsonString JsonString;
-typedef struct JsonNode JsonNode;
 typedef struct JsonParse JsonParse;
-typedef struct JsonCleanup JsonCleanup;
+
+/*
+** Magic number used for the JSON parse cache in sqlite3_get_auxdata()
+*/
+#define JSON_CACHE_ID    (-429938)  /* Cache entry */
+#define JSON_CACHE_SIZE  4          /* Max number of cache entries */
+
+/*
+** jsonUnescapeOneChar() returns this invalid code point if it encounters
+** a syntax error.
+*/
+#define JSON_INVALID_CHAR 0x99999
+
+/* A cache mapping JSON text into JSONB blobs.
+**
+** Each cache entry is a JsonParse object with the following restrictions:
+**
+**    *   The bReadOnly flag must be set
+**
+**    *   The aBlob[] array must be owned by the JsonParse object.  In other
+**        words, nBlobAlloc must be non-zero.
+**
+**    *   eEdit and delta must be zero.
+**
+**    *   zJson must be an RCStr.  In other words bJsonIsRCStr must be true.
+*/
+struct JsonCache {
+  sqlite3 *db;                    /* Database connection */
+  int nUsed;                      /* Number of active entries in the cache */
+  JsonParse *a[JSON_CACHE_SIZE];  /* One line for each cache entry */
+};
 
 /* An instance of this object represents a JSON string
 ** under construction.  Really, this is a generic string accumulator
 ** that can be and is used to create strings other than JSON.
+**
+** If the generated string is longer than will fit into the zSpace[] buffer,
+** then it will be an RCStr string.  This aids with caching of large
+** JSON strings.
 */
 struct JsonString {
   sqlite3_context *pCtx;   /* Function context - put error messages here */
@@ -202661,121 +203423,75 @@ struct JsonString {
   u64 nAlloc;              /* Bytes of storage available in zBuf[] */
   u64 nUsed;               /* Bytes of zBuf[] currently used */
   u8 bStatic;              /* True if zBuf is static space */
-  u8 bErr;                 /* True if an error has been encountered */
+  u8 eErr;                 /* True if an error has been encountered */
   char zSpace[100];        /* Initial static space */
 };
 
-/* A deferred cleanup task.  A list of JsonCleanup objects might be
-** run when the JsonParse object is destroyed.
-*/
-struct JsonCleanup {
-  JsonCleanup *pJCNext;    /* Next in a list */
-  void (*xOp)(void*);      /* Routine to run */
-  void *pArg;              /* Argument to xOp() */
-};
+/* Allowed values for JsonString.eErr */
+#define JSTRING_OOM         0x01   /* Out of memory */
+#define JSTRING_MALFORMED   0x02   /* Malformed JSONB */
+#define JSTRING_ERR         0x04   /* Error already sent to sqlite3_result */
 
-/* JSON type values
+/* The "subtype" set for text JSON values passed through using
+** sqlite3_result_subtype() and sqlite3_value_subtype().
 */
-#define JSON_SUBST    0    /* Special edit node.  Uses u.iPrev */
-#define JSON_NULL     1
-#define JSON_TRUE     2
-#define JSON_FALSE    3
-#define JSON_INT      4
-#define JSON_REAL     5
-#define JSON_STRING   6
-#define JSON_ARRAY    7
-#define JSON_OBJECT   8
-
-/* The "subtype" set for JSON values */
 #define JSON_SUBTYPE  74    /* Ascii for "J" */
 
 /*
-** Names of the various JSON types:
-*/
-static const char * const jsonType[] = {
-  "subst",
-  "null", "true", "false", "integer", "real", "text", "array", "object"
-};
-
-/* Bit values for the JsonNode.jnFlag field
-*/
-#define JNODE_RAW     0x01  /* Content is raw, not JSON encoded */
-#define JNODE_ESCAPE  0x02  /* Content is text with \ escapes */
-#define JNODE_REMOVE  0x04  /* Do not output */
-#define JNODE_REPLACE 0x08  /* Target of a JSON_SUBST node */
-#define JNODE_APPEND  0x10  /* More ARRAY/OBJECT entries at u.iAppend */
-#define JNODE_LABEL   0x20  /* Is a label of an object */
-#define JNODE_JSON5   0x40  /* Node contains JSON5 enhancements */
-
-
-/* A single node of parsed JSON.  An array of these nodes describes
-** a parse of JSON + edits.
-**
-** Use the json_parse() SQL function (available when compiled with
-** -DSQLITE_DEBUG) to see a dump of complete JsonParse objects, including
-** a complete listing and decoding of the array of JsonNodes.
+** Bit values for the flags passed into various SQL function implementations
+** via the sqlite3_user_data() value.
 */
-struct JsonNode {
-  u8 eType;              /* One of the JSON_ type values */
-  u8 jnFlags;            /* JNODE flags */
-  u8 eU;                 /* Which union element to use */
-  u32 n;                 /* Bytes of content for INT, REAL or STRING
-                         ** Number of sub-nodes for ARRAY and OBJECT
-                         ** Node that SUBST applies to */
-  union {
-    const char *zJContent; /* 1: Content for INT, REAL, and STRING */
-    u32 iAppend;           /* 2: More terms for ARRAY and OBJECT */
-    u32 iKey;              /* 3: Key for ARRAY objects in json_tree() */
-    u32 iPrev;             /* 4: Previous SUBST node, or 0 */
-  } u;
-};
+#define JSON_JSON      0x01        /* Result is always JSON */
+#define JSON_SQL       0x02        /* Result is always SQL */
+#define JSON_ABPATH    0x03        /* Allow abbreviated JSON path specs */
+#define JSON_ISSET     0x04        /* json_set(), not json_insert() */
+#define JSON_BLOB      0x08        /* Use the BLOB output format */
 
 
-/* A parsed and possibly edited JSON string.  Lifecycle:
+/* A parsed JSON value.  Lifecycle:
 **
-**   1.  JSON comes in and is parsed into an array aNode[].  The original
-**       JSON text is stored in zJson.
+**   1.  JSON comes in and is parsed into a JSONB value in aBlob.  The
+**       original text is stored in zJson.  This step is skipped if the
+**       input is JSONB instead of text JSON.
 **
-**   2.  Zero or more changes are made (via json_remove() or json_replace()
-**       or similar) to the aNode[] array.
+**   2.  The aBlob[] array is searched using the JSON path notation, if needed.
 **
-**   3.  A new, edited and mimified JSON string is generated from aNode
-**       and stored in zAlt.  The JsonParse object always owns zAlt.
+**   3.  Zero or more changes are made to aBlob[] (via json_remove() or
+**       json_replace() or json_patch() or similar).
 **
-** Step 1 always happens.  Step 2 and 3 may or may not happen, depending
-** on the operation.
-**
-** aNode[].u.zJContent entries typically point into zJson.  Hence zJson
-** must remain valid for the lifespan of the parse.  For edits,
-** aNode[].u.zJContent might point to malloced space other than zJson.
-** Entries in pClup are responsible for freeing that extra malloced space.
-**
-** When walking the parse tree in aNode[], edits are ignored if useMod is
-** false.
+**   4.  New JSON text is generated from the aBlob[] for output.  This step
+**       is skipped if the function is one of the jsonb_* functions that
+**       returns JSONB instead of text JSON.
 */
 struct JsonParse {
-  u32 nNode;         /* Number of slots of aNode[] used */
-  u32 nAlloc;        /* Number of slots of aNode[] allocated */
-  JsonNode *aNode;   /* Array of nodes containing the parse */
-  char *zJson;       /* Original JSON string (before edits) */
-  char *zAlt;        /* Revised and/or mimified JSON */
-  u32 *aUp;          /* Index of parent of each node */
-  JsonCleanup *pClup;/* Cleanup operations prior to freeing this object */
+  u8 *aBlob;         /* JSONB representation of JSON value */
+  u32 nBlob;         /* Bytes of aBlob[] actually used */
+  u32 nBlobAlloc;    /* Bytes allocated to aBlob[].  0 if aBlob is external */
+  char *zJson;       /* Json text used for parsing */
+  sqlite3 *db;       /* The database connection to which this object belongs */
+  int nJson;         /* Length of the zJson string in bytes */
+  u32 nJPRef;        /* Number of references to this object */
+  u32 iErr;          /* Error location in zJson[] */
   u16 iDepth;        /* Nesting depth */
   u8 nErr;           /* Number of errors seen */
   u8 oom;            /* Set to true if out of memory */
   u8 bJsonIsRCStr;   /* True if zJson is an RCStr */
   u8 hasNonstd;      /* True if input uses non-standard features like JSON5 */
-  u8 useMod;         /* Actually use the edits contain inside aNode */
-  u8 hasMod;         /* aNode contains edits from the original zJson */
-  u32 nJPRef;        /* Number of references to this object */
-  int nJson;         /* Length of the zJson string in bytes */
-  int nAlt;          /* Length of alternative JSON string zAlt, in bytes */
-  u32 iErr;          /* Error location in zJson[] */
-  u32 iSubst;        /* Last JSON_SUBST entry in aNode[] */
-  u32 iHold;         /* Age of this entry in the cache for LRU replacement */
+  u8 bReadOnly;      /* Do not modify. */
+  /* Search and edit information.  See jsonLookupStep() */
+  u8 eEdit;          /* Edit operation to apply */
+  int delta;         /* Size change due to the edit */
+  u32 nIns;          /* Number of bytes to insert */
+  u32 iLabel;        /* Location of label if search landed on an object value */
+  u8 *aIns;          /* Content to be inserted */
 };
 
+/* Allowed values for JsonParse.eEdit */
+#define JEDIT_DEL   1   /* Delete if exists */
+#define JEDIT_REPL  2   /* Overwrite if exists */
+#define JEDIT_INS   3   /* Insert if not exists */
+#define JEDIT_SET   4   /* Insert or overwrite */
+
 /*
 ** Maximum nesting depth of JSON for this implementation.
 **
@@ -202783,15 +203499,151 @@ struct JsonParse {
 ** descent parser.  A depth of 1000 is far deeper than any sane JSON
 ** should go.  Historical note: This limit was 2000 prior to version 3.42.0
 */
-#define JSON_MAX_DEPTH  1000
+#ifndef SQLITE_JSON_MAX_DEPTH
+# define JSON_MAX_DEPTH  1000
+#else
+# define JSON_MAX_DEPTH SQLITE_JSON_MAX_DEPTH
+#endif
+
+/*
+** Allowed values for the flgs argument to jsonParseFuncArg();
+*/
+#define JSON_EDITABLE  0x01   /* Generate a writable JsonParse object */
+#define JSON_KEEPERROR 0x02   /* Return non-NULL even if there is an error */
+
+/**************************************************************************
+** Forward references
+**************************************************************************/
+static void jsonReturnStringAsBlob(JsonString*);
+static int jsonFuncArgMightBeBinary(sqlite3_value *pJson);
+static u32 jsonTranslateBlobToText(const JsonParse*,u32,JsonString*);
+static void jsonReturnParse(sqlite3_context*,JsonParse*);
+static JsonParse *jsonParseFuncArg(sqlite3_context*,sqlite3_value*,u32);
+static void jsonParseFree(JsonParse*);
+static u32 jsonbPayloadSize(const JsonParse*, u32, u32*);
+static u32 jsonUnescapeOneChar(const char*, u32, u32*);
+
+/**************************************************************************
+** Utility routines for dealing with JsonCache objects
+**************************************************************************/
+
+/*
+** Free a JsonCache object.
+*/
+static void jsonCacheDelete(JsonCache *p){
+  int i;
+  for(i=0; inUsed; i++){
+    jsonParseFree(p->a[i]);
+  }
+  sqlite3DbFree(p->db, p);
+}
+static void jsonCacheDeleteGeneric(void *p){
+  jsonCacheDelete((JsonCache*)p);
+}
+
+/*
+** Insert a new entry into the cache.  If the cache is full, expel
+** the least recently used entry.  Return SQLITE_OK on success or a
+** result code otherwise.
+**
+** Cache entries are stored in age order, oldest first.
+*/
+static int jsonCacheInsert(
+  sqlite3_context *ctx,   /* The SQL statement context holding the cache */
+  JsonParse *pParse       /* The parse object to be added to the cache */
+){
+  JsonCache *p;
+
+  assert( pParse->zJson!=0 );
+  assert( pParse->bJsonIsRCStr );
+  assert( pParse->delta==0 );
+  p = sqlite3_get_auxdata(ctx, JSON_CACHE_ID);
+  if( p==0 ){
+    sqlite3 *db = sqlite3_context_db_handle(ctx);
+    p = sqlite3DbMallocZero(db, sizeof(*p));
+    if( p==0 ) return SQLITE_NOMEM;
+    p->db = db;
+    sqlite3_set_auxdata(ctx, JSON_CACHE_ID, p, jsonCacheDeleteGeneric);
+    p = sqlite3_get_auxdata(ctx, JSON_CACHE_ID);
+    if( p==0 ) return SQLITE_NOMEM;
+  }
+  if( p->nUsed >= JSON_CACHE_SIZE ){
+    jsonParseFree(p->a[0]);
+    memmove(p->a, &p->a[1], (JSON_CACHE_SIZE-1)*sizeof(p->a[0]));
+    p->nUsed = JSON_CACHE_SIZE-1;
+  }
+  assert( pParse->nBlobAlloc>0 );
+  pParse->eEdit = 0;
+  pParse->nJPRef++;
+  pParse->bReadOnly = 1;
+  p->a[p->nUsed] = pParse;
+  p->nUsed++;
+  return SQLITE_OK;
+}
+
+/*
+** Search for a cached translation the json text supplied by pArg.  Return
+** the JsonParse object if found.  Return NULL if not found.
+**
+** When a match if found, the matching entry is moved to become the
+** most-recently used entry if it isn't so already.
+**
+** The JsonParse object returned still belongs to the Cache and might
+** be deleted at any moment.  If the caller whants the JsonParse to
+** linger, it needs to increment the nPJRef reference counter.
+*/
+static JsonParse *jsonCacheSearch(
+  sqlite3_context *ctx,    /* The SQL statement context holding the cache */
+  sqlite3_value *pArg      /* Function argument containing SQL text */
+){
+  JsonCache *p;
+  int i;
+  const char *zJson;
+  int nJson;
+
+  if( sqlite3_value_type(pArg)!=SQLITE_TEXT ){
+    return 0;
+  }
+  zJson = (const char*)sqlite3_value_text(pArg);
+  if( zJson==0 ) return 0;
+  nJson = sqlite3_value_bytes(pArg);
+
+  p = sqlite3_get_auxdata(ctx, JSON_CACHE_ID);
+  if( p==0 ){
+    return 0;
+  }
+  for(i=0; inUsed; i++){
+    if( p->a[i]->zJson==zJson ) break;
+  }
+  if( i>=p->nUsed ){
+    for(i=0; inUsed; i++){
+      if( p->a[i]->nJson!=nJson ) continue;
+      if( memcmp(p->a[i]->zJson, zJson, nJson)==0 ) break;
+    }
+  }
+  if( inUsed ){
+    if( inUsed-1 ){
+      /* Make the matching entry the most recently used entry */
+      JsonParse *tmp = p->a[i];
+      memmove(&p->a[i], &p->a[i+1], (p->nUsed-i-1)*sizeof(tmp));
+      p->a[p->nUsed-1] = tmp;
+      i = p->nUsed - 1;
+    }
+    assert( p->a[i]->delta==0 );
+    return p->a[i];
+  }else{
+    return 0;
+  }
+}
 
 /**************************************************************************
 ** Utility routines for dealing with JsonString objects
 **************************************************************************/
 
-/* Set the JsonString object to an empty string
+/* Turn uninitialized bulk memory into a valid JsonString object
+** holding a zero-length string.
 */
-static void jsonZero(JsonString *p){
+static void jsonStringZero(JsonString *p){
   p->zBuf = p->zSpace;
   p->nAlloc = sizeof(p->zSpace);
   p->nUsed = 0;
@@ -202800,39 +203652,39 @@ static void jsonZero(JsonString *p){
 
 /* Initialize the JsonString object
 */
-static void jsonInit(JsonString *p, sqlite3_context *pCtx){
+static void jsonStringInit(JsonString *p, sqlite3_context *pCtx){
   p->pCtx = pCtx;
-  p->bErr = 0;
-  jsonZero(p);
+  p->eErr = 0;
+  jsonStringZero(p);
 }
 
 /* Free all allocated memory and reset the JsonString object back to its
 ** initial state.
 */
-static void jsonReset(JsonString *p){
+static void jsonStringReset(JsonString *p){
   if( !p->bStatic ) sqlite3RCStrUnref(p->zBuf);
-  jsonZero(p);
+  jsonStringZero(p);
 }
 
 /* Report an out-of-memory (OOM) condition
 */
-static void jsonOom(JsonString *p){
-  p->bErr = 1;
-  sqlite3_result_error_nomem(p->pCtx);
-  jsonReset(p);
+static void jsonStringOom(JsonString *p){
+  p->eErr |= JSTRING_OOM;
+  if( p->pCtx ) sqlite3_result_error_nomem(p->pCtx);
+  jsonStringReset(p);
 }
 
 /* Enlarge pJson->zBuf so that it can hold at least N more bytes.
 ** Return zero on success.  Return non-zero on an OOM error
 */
-static int jsonGrow(JsonString *p, u32 N){
+static int jsonStringGrow(JsonString *p, u32 N){
   u64 nTotal = NnAlloc ? p->nAlloc*2 : p->nAlloc+N+10;
   char *zNew;
   if( p->bStatic ){
-    if( p->bErr ) return 1;
+    if( p->eErr ) return 1;
     zNew = sqlite3RCStrNew(nTotal);
     if( zNew==0 ){
-      jsonOom(p);
+      jsonStringOom(p);
       return SQLITE_NOMEM;
     }
     memcpy(zNew, p->zBuf, (size_t)p->nUsed);
@@ -202841,8 +203693,8 @@ static int jsonGrow(JsonString *p, u32 N){
   }else{
     p->zBuf = sqlite3RCStrResize(p->zBuf, nTotal);
     if( p->zBuf==0 ){
-      p->bErr = 1;
-      jsonZero(p);
+      p->eErr |= JSTRING_OOM;
+      jsonStringZero(p);
       return SQLITE_NOMEM;
     }
   }
@@ -202852,20 +203704,20 @@ static int jsonGrow(JsonString *p, u32 N){
 
 /* Append N bytes from zIn onto the end of the JsonString string.
 */
-static SQLITE_NOINLINE void jsonAppendExpand(
+static SQLITE_NOINLINE void jsonStringExpandAndAppend(
   JsonString *p,
   const char *zIn,
   u32 N
 ){
   assert( N>0 );
-  if( jsonGrow(p,N) ) return;
+  if( jsonStringGrow(p,N) ) return;
   memcpy(p->zBuf+p->nUsed, zIn, N);
   p->nUsed += N;
 }
 static void jsonAppendRaw(JsonString *p, const char *zIn, u32 N){
   if( N==0 ) return;
   if( N+p->nUsed >= p->nAlloc ){
-    jsonAppendExpand(p,zIn,N);
+    jsonStringExpandAndAppend(p,zIn,N);
   }else{
     memcpy(p->zBuf+p->nUsed, zIn, N);
     p->nUsed += N;
@@ -202874,7 +203726,7 @@ static void jsonAppendRaw(JsonString *p, const char *zIn, u32 N){
 static void jsonAppendRawNZ(JsonString *p, const char *zIn, u32 N){
   assert( N>0 );
   if( N+p->nUsed >= p->nAlloc ){
-    jsonAppendExpand(p,zIn,N);
+    jsonStringExpandAndAppend(p,zIn,N);
   }else{
     memcpy(p->zBuf+p->nUsed, zIn, N);
     p->nUsed += N;
@@ -202886,7 +203738,7 @@ static void jsonAppendRawNZ(JsonString *p, const char *zIn, u32 N){
 */
 static void jsonPrintf(int N, JsonString *p, const char *zFormat, ...){
   va_list ap;
-  if( (p->nUsed + N >= p->nAlloc) && jsonGrow(p, N) ) return;
+  if( (p->nUsed + N >= p->nAlloc) && jsonStringGrow(p, N) ) return;
   va_start(ap, zFormat);
   sqlite3_vsnprintf(N, p->zBuf+p->nUsed, zFormat, ap);
   va_end(ap);
@@ -202896,7 +203748,7 @@ static void jsonPrintf(int N, JsonString *p, const char *zFormat, ...){
 /* Append a single character
 */
 static SQLITE_NOINLINE void jsonAppendCharExpand(JsonString *p, char c){
-  if( jsonGrow(p,1) ) return;
+  if( jsonStringGrow(p,1) ) return;
   p->zBuf[p->nUsed++] = c;
 }
 static void jsonAppendChar(JsonString *p, char c){
@@ -202907,24 +203759,17 @@ static void jsonAppendChar(JsonString *p, char c){
   }
 }
 
-/* Try to force the string to be a zero-terminated RCStr string.
+/* Make sure there is a zero terminator on p->zBuf[]
 **
 ** Return true on success.  Return false if an OOM prevents this
 ** from happening.
 */
-static int jsonForceRCStr(JsonString *p){
+static int jsonStringTerminate(JsonString *p){
   jsonAppendChar(p, 0);
-  if( p->bErr ) return 0;
-  p->nUsed--;
-  if( p->bStatic==0 ) return 1;
-  p->nAlloc = 0;
-  p->nUsed++;
-  jsonGrow(p, p->nUsed);
   p->nUsed--;
-  return p->bStatic==0;
+  return p->eErr==0;
 }
 
-
 /* Append a comma separator to the output buffer, if the previous
 ** character is not '[' or '{'.
 */
@@ -202937,21 +203782,66 @@ static void jsonAppendSeparator(JsonString *p){
 }
 
 /* Append the N-byte string in zIn to the end of the JsonString string
-** under construction.  Enclose the string in "..." and escape
-** any double-quotes or backslash characters contained within the
+** under construction.  Enclose the string in double-quotes ("...") and
+** escape any double-quotes or backslash characters contained within the
 ** string.
+**
+** This routine is a high-runner.  There is a measurable performance
+** increase associated with unwinding the jsonIsOk[] loop.
 */
 static void jsonAppendString(JsonString *p, const char *zIn, u32 N){
-  u32 i;
-  if( zIn==0 || ((N+p->nUsed+2 >= p->nAlloc) && jsonGrow(p,N+2)!=0) ) return;
+  u32 k;
+  u8 c;
+  const u8 *z = (const u8*)zIn;
+  if( z==0 ) return;
+  if( (N+p->nUsed+2 >= p->nAlloc) && jsonStringGrow(p,N+2)!=0 ) return;
   p->zBuf[p->nUsed++] = '"';
-  for(i=0; izBuf[p->nUsed++] = c;
-    }else if( c=='"' || c=='\\' ){
+  while( 1 /*exit-by-break*/ ){
+    k = 0;
+    /* The following while() is the 4-way unwound equivalent of
+    **
+    **     while( k=N ){
+        while( k=N ){
+      if( k>0 ){
+        memcpy(&p->zBuf[p->nUsed], z, k);
+        p->nUsed += k;
+      }
+      break;
+    }
+    if( k>0 ){
+      memcpy(&p->zBuf[p->nUsed], z, k);
+      p->nUsed += k;
+      z += k;
+      N -= k;
+    }
+    c = z[0];
+    if( c=='"' || c=='\\' ){
       json_simple_escape:
-      if( (p->nUsed+N+3-i > p->nAlloc) && jsonGrow(p,N+3-i)!=0 ) return;
+      if( (p->nUsed+N+3 > p->nAlloc) && jsonStringGrow(p,N+3)!=0 ) return;
       p->zBuf[p->nUsed++] = '\\';
       p->zBuf[p->nUsed++] = c;
     }else if( c=='\'' ){
@@ -202972,7 +203862,7 @@ static void jsonAppendString(JsonString *p, const char *zIn, u32 N){
         c = aSpecial[c];
         goto json_simple_escape;
       }
-      if( (p->nUsed+N+7+i > p->nAlloc) && jsonGrow(p,N+7-i)!=0 ) return;
+      if( (p->nUsed+N+7 > p->nAlloc) && jsonStringGrow(p,N+7)!=0 ) return;
       p->zBuf[p->nUsed++] = '\\';
       p->zBuf[p->nUsed++] = 'u';
       p->zBuf[p->nUsed++] = '0';
@@ -202980,140 +203870,18 @@ static void jsonAppendString(JsonString *p, const char *zIn, u32 N){
       p->zBuf[p->nUsed++] = "0123456789abcdef"[c>>4];
       p->zBuf[p->nUsed++] = "0123456789abcdef"[c&0xf];
     }
+    z++;
+    N--;
   }
   p->zBuf[p->nUsed++] = '"';
   assert( p->nUsednAlloc );
 }
 
 /*
-** The zIn[0..N] string is a JSON5 string literal.  Append to p a translation
-** of the string literal that standard JSON and that omits all JSON5
-** features.
-*/
-static void jsonAppendNormalizedString(JsonString *p, const char *zIn, u32 N){
-  u32 i;
-  jsonAppendChar(p, '"');
-  zIn++;
-  N -= 2;
-  while( N>0 ){
-    for(i=0; i0 ){
-      jsonAppendRawNZ(p, zIn, i);
-      zIn += i;
-      N -= i;
-      if( N==0 ) break;
-    }
-    assert( zIn[0]=='\\' );
-    switch( (u8)zIn[1] ){
-      case '\'':
-        jsonAppendChar(p, '\'');
-        break;
-      case 'v':
-        jsonAppendRawNZ(p, "\\u0009", 6);
-        break;
-      case 'x':
-        jsonAppendRawNZ(p, "\\u00", 4);
-        jsonAppendRawNZ(p, &zIn[2], 2);
-        zIn += 2;
-        N -= 2;
-        break;
-      case '0':
-        jsonAppendRawNZ(p, "\\u0000", 6);
-        break;
-      case '\r':
-        if( zIn[2]=='\n' ){
-          zIn++;
-          N--;
-        }
-        break;
-      case '\n':
-        break;
-      case 0xe2:
-        assert( N>=4 );
-        assert( 0x80==(u8)zIn[2] );
-        assert( 0xa8==(u8)zIn[3] || 0xa9==(u8)zIn[3] );
-        zIn += 2;
-        N -= 2;
-        break;
-      default:
-        jsonAppendRawNZ(p, zIn, 2);
-        break;
-    }
-    zIn += 2;
-    N -= 2;
-  }
-  jsonAppendChar(p, '"');
-}
-
-/*
-** The zIn[0..N] string is a JSON5 integer literal.  Append to p a translation
-** of the string literal that standard JSON and that omits all JSON5
-** features.
-*/
-static void jsonAppendNormalizedInt(JsonString *p, const char *zIn, u32 N){
-  if( zIn[0]=='+' ){
-    zIn++;
-    N--;
-  }else if( zIn[0]=='-' ){
-    jsonAppendChar(p, '-');
-    zIn++;
-    N--;
-  }
-  if( zIn[0]=='0' && (zIn[1]=='x' || zIn[1]=='X') ){
-    sqlite3_int64 i = 0;
-    int rc = sqlite3DecOrHexToI64(zIn, &i);
-    if( rc<=1 ){
-      jsonPrintf(100,p,"%lld",i);
-    }else{
-      assert( rc==2 );
-      jsonAppendRawNZ(p, "9.0e999", 7);
-    }
-    return;
-  }
-  assert( N>0 );
-  jsonAppendRawNZ(p, zIn, N);
-}
-
-/*
-** The zIn[0..N] string is a JSON5 real literal.  Append to p a translation
-** of the string literal that standard JSON and that omits all JSON5
-** features.
-*/
-static void jsonAppendNormalizedReal(JsonString *p, const char *zIn, u32 N){
-  u32 i;
-  if( zIn[0]=='+' ){
-    zIn++;
-    N--;
-  }else if( zIn[0]=='-' ){
-    jsonAppendChar(p, '-');
-    zIn++;
-    N--;
-  }
-  if( zIn[0]=='.' ){
-    jsonAppendChar(p, '0');
-  }
-  for(i=0; i0 ){
-    jsonAppendRawNZ(p, zIn, N);
-  }
-}
-
-
-
-/*
-** Append a function parameter value to the JSON string under
-** construction.
+** Append an sqlite3_value (such as a function parameter) to the JSON
+** string under construction in p.
 */
-static void jsonAppendValue(
+static void jsonAppendSqlValue(
   JsonString *p,                 /* Append to this JSON string */
   sqlite3_value *pValue          /* Value to append */
 ){
@@ -203143,290 +203911,127 @@ static void jsonAppendValue(
       break;
     }
     default: {
-      if( p->bErr==0 ){
+      if( jsonFuncArgMightBeBinary(pValue) ){
+        JsonParse px;
+        memset(&px, 0, sizeof(px));
+        px.aBlob = (u8*)sqlite3_value_blob(pValue);
+        px.nBlob = sqlite3_value_bytes(pValue);
+        jsonTranslateBlobToText(&px, 0, p);
+      }else if( p->eErr==0 ){
         sqlite3_result_error(p->pCtx, "JSON cannot hold BLOB values", -1);
-        p->bErr = 2;
-        jsonReset(p);
+        p->eErr = JSTRING_ERR;
+        jsonStringReset(p);
       }
       break;
     }
   }
 }
 
-
-/* Make the JSON in p the result of the SQL function.
+/* Make the text in p (which is probably a generated JSON text string)
+** the result of the SQL function.
+**
+** The JsonString is reset.
 **
-** The JSON string is reset.
+** If pParse and ctx are both non-NULL, then the SQL string in p is
+** loaded into the zJson field of the pParse object as a RCStr and the
+** pParse is added to the cache.
 */
-static void jsonResult(JsonString *p){
-  if( p->bErr==0 ){
-    if( p->bStatic ){
+static void jsonReturnString(
+  JsonString *p,            /* String to return */
+  JsonParse *pParse,        /* JSONB source or NULL */
+  sqlite3_context *ctx      /* Where to cache */
+){
+  assert( (pParse!=0)==(ctx!=0) );
+  assert( ctx==0 || ctx==p->pCtx );
+  if( p->eErr==0 ){
+    int flags = SQLITE_PTR_TO_INT(sqlite3_user_data(p->pCtx));
+    if( flags & JSON_BLOB ){
+      jsonReturnStringAsBlob(p);
+    }else if( p->bStatic ){
       sqlite3_result_text64(p->pCtx, p->zBuf, p->nUsed,
                             SQLITE_TRANSIENT, SQLITE_UTF8);
-    }else if( jsonForceRCStr(p) ){
-      sqlite3RCStrRef(p->zBuf);
-      sqlite3_result_text64(p->pCtx, p->zBuf, p->nUsed,
+    }else if( jsonStringTerminate(p) ){
+      if( pParse && pParse->bJsonIsRCStr==0 && pParse->nBlobAlloc>0 ){
+        int rc;
+        pParse->zJson = sqlite3RCStrRef(p->zBuf);
+        pParse->nJson = p->nUsed;
+        pParse->bJsonIsRCStr = 1;
+        rc = jsonCacheInsert(ctx, pParse);
+        if( rc==SQLITE_NOMEM ){
+          sqlite3_result_error_nomem(ctx);
+          jsonStringReset(p);
+          return;
+        }
+      }
+      sqlite3_result_text64(p->pCtx, sqlite3RCStrRef(p->zBuf), p->nUsed,
                             sqlite3RCStrUnref,
                             SQLITE_UTF8);
+    }else{
+      sqlite3_result_error_nomem(p->pCtx);
     }
-  }
-  if( p->bErr==1 ){
+  }else if( p->eErr & JSTRING_OOM ){
     sqlite3_result_error_nomem(p->pCtx);
+  }else if( p->eErr & JSTRING_MALFORMED ){
+    sqlite3_result_error(p->pCtx, "malformed JSON", -1);
   }
-  jsonReset(p);
+  jsonStringReset(p);
 }
 
 /**************************************************************************
-** Utility routines for dealing with JsonNode and JsonParse objects
+** Utility routines for dealing with JsonParse objects
 **************************************************************************/
 
-/*
-** Return the number of consecutive JsonNode slots need to represent
-** the parsed JSON at pNode.  The minimum answer is 1.  For ARRAY and
-** OBJECT types, the number might be larger.
-**
-** Appended elements are not counted.  The value returned is the number
-** by which the JsonNode counter should increment in order to go to the
-** next peer value.
-*/
-static u32 jsonNodeSize(JsonNode *pNode){
-  return pNode->eType>=JSON_ARRAY ? pNode->n+1 : 1;
-}
-
 /*
 ** Reclaim all memory allocated by a JsonParse object.  But do not
 ** delete the JsonParse object itself.
 */
 static void jsonParseReset(JsonParse *pParse){
-  while( pParse->pClup ){
-    JsonCleanup *pTask = pParse->pClup;
-    pParse->pClup = pTask->pJCNext;
-    pTask->xOp(pTask->pArg);
-    sqlite3_free(pTask);
-  }
   assert( pParse->nJPRef<=1 );
-  if( pParse->aNode ){
-    sqlite3_free(pParse->aNode);
-    pParse->aNode = 0;
-  }
-  pParse->nNode = 0;
-  pParse->nAlloc = 0;
-  if( pParse->aUp ){
-    sqlite3_free(pParse->aUp);
-    pParse->aUp = 0;
-  }
   if( pParse->bJsonIsRCStr ){
     sqlite3RCStrUnref(pParse->zJson);
     pParse->zJson = 0;
+    pParse->nJson = 0;
     pParse->bJsonIsRCStr = 0;
   }
-  if( pParse->zAlt ){
-    sqlite3RCStrUnref(pParse->zAlt);
-    pParse->zAlt = 0;
+  if( pParse->nBlobAlloc ){
+    sqlite3DbFree(pParse->db, pParse->aBlob);
+    pParse->aBlob = 0;
+    pParse->nBlob = 0;
+    pParse->nBlobAlloc = 0;
   }
 }
 
 /*
-** Free a JsonParse object that was obtained from sqlite3_malloc().
-**
-** Note that destroying JsonParse might call sqlite3RCStrUnref() to
-** destroy the zJson value.  The RCStr object might recursively invoke
-** JsonParse to destroy this pParse object again.  Take care to ensure
-** that this recursive destructor sequence terminates harmlessly.
+** Decrement the reference count on the JsonParse object.  When the
+** count reaches zero, free the object.
 */
 static void jsonParseFree(JsonParse *pParse){
-  if( pParse->nJPRef>1 ){
-    pParse->nJPRef--;
-  }else{
-    jsonParseReset(pParse);
-    sqlite3_free(pParse);
-  }
-}
-
-/*
-** Add a cleanup task to the JsonParse object.
-**
-** If an OOM occurs, the cleanup operation happens immediately
-** and this function returns SQLITE_NOMEM.
-*/
-static int jsonParseAddCleanup(
-  JsonParse *pParse,          /* Add the cleanup task to this parser */
-  void(*xOp)(void*),          /* The cleanup task */
-  void *pArg                  /* Argument to the cleanup */
-){
-  JsonCleanup *pTask = sqlite3_malloc64( sizeof(*pTask) );
-  if( pTask==0 ){
-    pParse->oom = 1;
-    xOp(pArg);
-    return SQLITE_ERROR;
-  }
-  pTask->pJCNext = pParse->pClup;
-  pParse->pClup = pTask;
-  pTask->xOp = xOp;
-  pTask->pArg = pArg;
-  return SQLITE_OK;
-}
-
-/*
-** Convert the JsonNode pNode into a pure JSON string and
-** append to pOut.  Subsubstructure is also included.  Return
-** the number of JsonNode objects that are encoded.
-*/
-static void jsonRenderNode(
-  JsonParse *pParse,             /* the complete parse of the JSON */
-  JsonNode *pNode,               /* The node to render */
-  JsonString *pOut               /* Write JSON here */
-){
-  assert( pNode!=0 );
-  while( (pNode->jnFlags & JNODE_REPLACE)!=0 && pParse->useMod ){
-    u32 idx = (u32)(pNode - pParse->aNode);
-    u32 i = pParse->iSubst;
-    while( 1 /*exit-by-break*/ ){
-      assert( inNode );
-      assert( pParse->aNode[i].eType==JSON_SUBST );
-      assert( pParse->aNode[i].eU==4 );
-      assert( pParse->aNode[i].u.iPrevaNode[i].n==idx ){
-        pNode = &pParse->aNode[i+1];
-        break;
-      }
-      i = pParse->aNode[i].u.iPrev;
-    }
-  }
-  switch( pNode->eType ){
-    default: {
-      assert( pNode->eType==JSON_NULL );
-      jsonAppendRawNZ(pOut, "null", 4);
-      break;
-    }
-    case JSON_TRUE: {
-      jsonAppendRawNZ(pOut, "true", 4);
-      break;
-    }
-    case JSON_FALSE: {
-      jsonAppendRawNZ(pOut, "false", 5);
-      break;
-    }
-    case JSON_STRING: {
-      assert( pNode->eU==1 );
-      if( pNode->jnFlags & JNODE_RAW ){
-        if( pNode->jnFlags & JNODE_LABEL ){
-          jsonAppendChar(pOut, '"');
-          jsonAppendRaw(pOut, pNode->u.zJContent, pNode->n);
-          jsonAppendChar(pOut, '"');
-        }else{
-          jsonAppendString(pOut, pNode->u.zJContent, pNode->n);
-        }
-      }else if( pNode->jnFlags & JNODE_JSON5 ){
-        jsonAppendNormalizedString(pOut, pNode->u.zJContent, pNode->n);
-      }else{
-        assert( pNode->n>0 );
-        jsonAppendRawNZ(pOut, pNode->u.zJContent, pNode->n);
-      }
-      break;
-    }
-    case JSON_REAL: {
-      assert( pNode->eU==1 );
-      if( pNode->jnFlags & JNODE_JSON5 ){
-        jsonAppendNormalizedReal(pOut, pNode->u.zJContent, pNode->n);
-      }else{
-        assert( pNode->n>0 );
-        jsonAppendRawNZ(pOut, pNode->u.zJContent, pNode->n);
-      }
-      break;
-    }
-    case JSON_INT: {
-      assert( pNode->eU==1 );
-      if( pNode->jnFlags & JNODE_JSON5 ){
-        jsonAppendNormalizedInt(pOut, pNode->u.zJContent, pNode->n);
-      }else{
-        assert( pNode->n>0 );
-        jsonAppendRawNZ(pOut, pNode->u.zJContent, pNode->n);
-      }
-      break;
-    }
-    case JSON_ARRAY: {
-      u32 j = 1;
-      jsonAppendChar(pOut, '[');
-      for(;;){
-        while( j<=pNode->n ){
-          if( (pNode[j].jnFlags & JNODE_REMOVE)==0 || pParse->useMod==0 ){
-            jsonAppendSeparator(pOut);
-            jsonRenderNode(pParse, &pNode[j], pOut);
-          }
-          j += jsonNodeSize(&pNode[j]);
-        }
-        if( (pNode->jnFlags & JNODE_APPEND)==0 ) break;
-        if( pParse->useMod==0 ) break;
-        assert( pNode->eU==2 );
-        pNode = &pParse->aNode[pNode->u.iAppend];
-        j = 1;
-      }
-      jsonAppendChar(pOut, ']');
-      break;
-    }
-    case JSON_OBJECT: {
-      u32 j = 1;
-      jsonAppendChar(pOut, '{');
-      for(;;){
-        while( j<=pNode->n ){
-          if( (pNode[j+1].jnFlags & JNODE_REMOVE)==0 || pParse->useMod==0 ){
-            jsonAppendSeparator(pOut);
-            jsonRenderNode(pParse, &pNode[j], pOut);
-            jsonAppendChar(pOut, ':');
-            jsonRenderNode(pParse, &pNode[j+1], pOut);
-          }
-          j += 1 + jsonNodeSize(&pNode[j+1]);
-        }
-        if( (pNode->jnFlags & JNODE_APPEND)==0 ) break;
-        if( pParse->useMod==0 ) break;
-        assert( pNode->eU==2 );
-        pNode = &pParse->aNode[pNode->u.iAppend];
-        j = 1;
-      }
-      jsonAppendChar(pOut, '}');
-      break;
+  if( pParse ){
+    if( pParse->nJPRef>1 ){
+      pParse->nJPRef--;
+    }else{
+      jsonParseReset(pParse);
+      sqlite3DbFree(pParse->db, pParse);
     }
   }
 }
 
-/*
-** Return a JsonNode and all its descendants as a JSON string.
-*/
-static void jsonReturnJson(
-  JsonParse *pParse,          /* The complete JSON */
-  JsonNode *pNode,            /* Node to return */
-  sqlite3_context *pCtx,      /* Return value for this function */
-  int bGenerateAlt            /* Also store the rendered text in zAlt */
-){
-  JsonString s;
-  if( pParse->oom ){
-    sqlite3_result_error_nomem(pCtx);
-    return;
-  }
-  if( pParse->nErr==0 ){
-    jsonInit(&s, pCtx);
-    jsonRenderNode(pParse, pNode, &s);
-    if( bGenerateAlt && pParse->zAlt==0 && jsonForceRCStr(&s) ){
-      pParse->zAlt = sqlite3RCStrRef(s.zBuf);
-      pParse->nAlt = s.nUsed;
-    }
-    jsonResult(&s);
-    sqlite3_result_subtype(pCtx, JSON_SUBTYPE);
-  }
-}
+/**************************************************************************
+** Utility routines for the JSON text parser
+**************************************************************************/
 
 /*
 ** Translate a single byte of Hex into an integer.
-** This routine only works if h really is a valid hexadecimal
-** character:  0..9a..fA..F
+** This routine only gives a correct answer if h really is a valid hexadecimal
+** character:  0..9a..fA..F.  But unlike sqlite3HexToInt(), it does not
+** assert() if the digit is not hex.
 */
 static u8 jsonHexToInt(int h){
-  assert( (h>='0' && h<='9') ||  (h>='a' && h<='f') ||  (h>='A' && h<='F') );
+#ifdef SQLITE_ASCII
+  h += 9*(1&(h>>6));
+#endif
 #ifdef SQLITE_EBCDIC
   h += 9*(1&~(h>>4));
-#else
-  h += 9*(1&(h>>6));
 #endif
   return (u8)(h & 0xf);
 }
@@ -203436,10 +204041,6 @@ static u8 jsonHexToInt(int h){
 */
 static u32 jsonHexToInt4(const char *z){
   u32 v;
-  assert( sqlite3Isxdigit(z[0]) );
-  assert( sqlite3Isxdigit(z[1]) );
-  assert( sqlite3Isxdigit(z[2]) );
-  assert( sqlite3Isxdigit(z[3]) );
   v = (jsonHexToInt(z[0])<<12)
     + (jsonHexToInt(z[1])<<8)
     + (jsonHexToInt(z[2])<<4)
@@ -203447,281 +204048,6 @@ static u32 jsonHexToInt4(const char *z){
   return v;
 }
 
-/*
-** Make the JsonNode the return value of the function.
-*/
-static void jsonReturn(
-  JsonParse *pParse,          /* Complete JSON parse tree */
-  JsonNode *pNode,            /* Node to return */
-  sqlite3_context *pCtx       /* Return value for this function */
-){
-  switch( pNode->eType ){
-    default: {
-      assert( pNode->eType==JSON_NULL );
-      sqlite3_result_null(pCtx);
-      break;
-    }
-    case JSON_TRUE: {
-      sqlite3_result_int(pCtx, 1);
-      break;
-    }
-    case JSON_FALSE: {
-      sqlite3_result_int(pCtx, 0);
-      break;
-    }
-    case JSON_INT: {
-      sqlite3_int64 i = 0;
-      int rc;
-      int bNeg = 0;
-      const char *z;
-
-      assert( pNode->eU==1 );
-      z = pNode->u.zJContent;
-      if( z[0]=='-' ){ z++; bNeg = 1; }
-      else if( z[0]=='+' ){ z++; }
-      rc = sqlite3DecOrHexToI64(z, &i);
-      if( rc<=1 ){
-        sqlite3_result_int64(pCtx, bNeg ? -i : i);
-      }else if( rc==3 && bNeg ){
-        sqlite3_result_int64(pCtx, SMALLEST_INT64);
-      }else{
-        goto to_double;
-      }
-      break;
-    }
-    case JSON_REAL: {
-      double r;
-      const char *z;
-      assert( pNode->eU==1 );
-    to_double:
-      z = pNode->u.zJContent;
-      sqlite3AtoF(z, &r, sqlite3Strlen30(z), SQLITE_UTF8);
-      sqlite3_result_double(pCtx, r);
-      break;
-    }
-    case JSON_STRING: {
-      if( pNode->jnFlags & JNODE_RAW ){
-        assert( pNode->eU==1 );
-        sqlite3_result_text(pCtx, pNode->u.zJContent, pNode->n,
-                            SQLITE_TRANSIENT);
-      }else if( (pNode->jnFlags & JNODE_ESCAPE)==0 ){
-        /* JSON formatted without any backslash-escapes */
-        assert( pNode->eU==1 );
-        sqlite3_result_text(pCtx, pNode->u.zJContent+1, pNode->n-2,
-                            SQLITE_TRANSIENT);
-      }else{
-        /* Translate JSON formatted string into raw text */
-        u32 i;
-        u32 n = pNode->n;
-        const char *z;
-        char *zOut;
-        u32 j;
-        u32 nOut = n;
-        assert( pNode->eU==1 );
-        z = pNode->u.zJContent;
-        zOut = sqlite3_malloc( nOut+1 );
-        if( zOut==0 ){
-          sqlite3_result_error_nomem(pCtx);
-          break;
-        }
-        for(i=1, j=0; i>6));
-                zOut[j++] = 0x80 | (v&0x3f);
-              }else{
-                u32 vlo;
-                if( (v&0xfc00)==0xd800
-                  && i>18);
-                  zOut[j++] = 0x80 | ((v>>12)&0x3f);
-                  zOut[j++] = 0x80 | ((v>>6)&0x3f);
-                  zOut[j++] = 0x80 | (v&0x3f);
-                }else{
-                  zOut[j++] = 0xe0 | (v>>12);
-                  zOut[j++] = 0x80 | ((v>>6)&0x3f);
-                  zOut[j++] = 0x80 | (v&0x3f);
-                }
-              }
-              continue;
-            }else if( c=='b' ){
-              c = '\b';
-            }else if( c=='f' ){
-              c = '\f';
-            }else if( c=='n' ){
-              c = '\n';
-            }else if( c=='r' ){
-              c = '\r';
-            }else if( c=='t' ){
-              c = '\t';
-            }else if( c=='v' ){
-              c = '\v';
-            }else if( c=='\'' || c=='"' || c=='/' || c=='\\' ){
-              /* pass through unchanged */
-            }else if( c=='0' ){
-              c = 0;
-            }else if( c=='x' ){
-              c = (jsonHexToInt(z[i+1])<<4) | jsonHexToInt(z[i+2]);
-              i += 2;
-            }else if( c=='\r' && z[i+1]=='\n' ){
-              i++;
-              continue;
-            }else if( 0xe2==(u8)c ){
-              assert( 0x80==(u8)z[i+1] );
-              assert( 0xa8==(u8)z[i+2] || 0xa9==(u8)z[i+2] );
-              i += 2;
-              continue;
-            }else{
-              continue;
-            }
-          } /* end if( c=='\\' ) */
-          zOut[j++] = c;
-        } /* end for() */
-        zOut[j] = 0;
-        sqlite3_result_text(pCtx, zOut, j, sqlite3_free);
-      }
-      break;
-    }
-    case JSON_ARRAY:
-    case JSON_OBJECT: {
-      jsonReturnJson(pParse, pNode, pCtx, 0);
-      break;
-    }
-  }
-}
-
-/* Forward reference */
-static int jsonParseAddNode(JsonParse*,u32,u32,const char*);
-
-/*
-** A macro to hint to the compiler that a function should not be
-** inlined.
-*/
-#if defined(__GNUC__)
-#  define JSON_NOINLINE  __attribute__((noinline))
-#elif defined(_MSC_VER) && _MSC_VER>=1310
-#  define JSON_NOINLINE  __declspec(noinline)
-#else
-#  define JSON_NOINLINE
-#endif
-
-
-/*
-** Add a single node to pParse->aNode after first expanding the
-** size of the aNode array.  Return the index of the new node.
-**
-** If an OOM error occurs, set pParse->oom and return -1.
-*/
-static JSON_NOINLINE int jsonParseAddNodeExpand(
-  JsonParse *pParse,        /* Append the node to this object */
-  u32 eType,                /* Node type */
-  u32 n,                    /* Content size or sub-node count */
-  const char *zContent      /* Content */
-){
-  u32 nNew;
-  JsonNode *pNew;
-  assert( pParse->nNode>=pParse->nAlloc );
-  if( pParse->oom ) return -1;
-  nNew = pParse->nAlloc*2 + 10;
-  pNew = sqlite3_realloc64(pParse->aNode, sizeof(JsonNode)*nNew);
-  if( pNew==0 ){
-    pParse->oom = 1;
-    return -1;
-  }
-  pParse->nAlloc = sqlite3_msize(pNew)/sizeof(JsonNode);
-  pParse->aNode = pNew;
-  assert( pParse->nNodenAlloc );
-  return jsonParseAddNode(pParse, eType, n, zContent);
-}
-
-/*
-** Create a new JsonNode instance based on the arguments and append that
-** instance to the JsonParse.  Return the index in pParse->aNode[] of the
-** new node, or -1 if a memory allocation fails.
-*/
-static int jsonParseAddNode(
-  JsonParse *pParse,        /* Append the node to this object */
-  u32 eType,                /* Node type */
-  u32 n,                    /* Content size or sub-node count */
-  const char *zContent      /* Content */
-){
-  JsonNode *p;
-  assert( pParse->aNode!=0 || pParse->nNode>=pParse->nAlloc );
-  if( pParse->nNode>=pParse->nAlloc ){
-    return jsonParseAddNodeExpand(pParse, eType, n, zContent);
-  }
-  assert( pParse->aNode!=0 );
-  p = &pParse->aNode[pParse->nNode];
-  assert( p!=0 );
-  p->eType = (u8)(eType & 0xff);
-  p->jnFlags = (u8)(eType >> 8);
-  VVA( p->eU = zContent ? 1 : 0 );
-  p->n = n;
-  p->u.zJContent = zContent;
-  return pParse->nNode++;
-}
-
-/*
-** Add an array of new nodes to the current pParse->aNode array.
-** Return the index of the first node added.
-**
-** If an OOM error occurs, set pParse->oom.
-*/
-static void jsonParseAddNodeArray(
-  JsonParse *pParse,        /* Append the node to this object */
-  JsonNode *aNode,          /* Array of nodes to add */
-  u32 nNode                 /* Number of elements in aNew */
-){
-  assert( aNode!=0 );
-  assert( nNode>=1 );
-  if( pParse->nNode + nNode > pParse->nAlloc ){
-    u32 nNew = pParse->nNode + nNode;
-    JsonNode *aNew = sqlite3_realloc64(pParse->aNode, nNew*sizeof(JsonNode));
-    if( aNew==0 ){
-      pParse->oom = 1;
-      return;
-    }
-    pParse->nAlloc = sqlite3_msize(aNew)/sizeof(JsonNode);
-    pParse->aNode = aNew;
-  }
-  memcpy(&pParse->aNode[pParse->nNode], aNode, nNode*sizeof(JsonNode));
-  pParse->nNode += nNode;
-}
-
-/*
-** Add a new JSON_SUBST node.  The node immediately following
-** this new node will be the substitute content for iNode.
-*/
-static int jsonParseAddSubstNode(
-  JsonParse *pParse,       /* Add the JSON_SUBST here */
-  u32 iNode                /* References this node */
-){
-  int idx = jsonParseAddNode(pParse, JSON_SUBST, iNode, 0);
-  if( pParse->oom ) return -1;
-  pParse->aNode[iNode].jnFlags |= JNODE_REPLACE;
-  pParse->aNode[idx].eU = 4;
-  pParse->aNode[idx].u.iPrev = pParse->iSubst;
-  pParse->iSubst = idx;
-  pParse->hasMod = 1;
-  pParse->useMod = 1;
-  return idx;
-}
-
 /*
 ** Return true if z[] begins with 2 (or more) hexadecimal digits
 */
@@ -203875,63 +204201,500 @@ static const struct NanInfName {
   char *zMatch;
   char *zRepl;
 } aNanInfName[] = {
-  { 'i', 'I', 3, JSON_REAL, 7, "inf", "9.0e999" },
-  { 'i', 'I', 8, JSON_REAL, 7, "infinity", "9.0e999" },
-  { 'n', 'N', 3, JSON_NULL, 4, "NaN", "null" },
-  { 'q', 'Q', 4, JSON_NULL, 4, "QNaN", "null" },
-  { 's', 'S', 4, JSON_NULL, 4, "SNaN", "null" },
+  { 'i', 'I', 3, JSONB_FLOAT, 7, "inf", "9.0e999" },
+  { 'i', 'I', 8, JSONB_FLOAT, 7, "infinity", "9.0e999" },
+  { 'n', 'N', 3, JSONB_NULL, 4, "NaN", "null" },
+  { 'q', 'Q', 4, JSONB_NULL, 4, "QNaN", "null" },
+  { 's', 'S', 4, JSONB_NULL, 4, "SNaN", "null" },
 };
 
+
 /*
-** Parse a single JSON value which begins at pParse->zJson[i].  Return the
-** index of the first character past the end of the value parsed.
+** Report the wrong number of arguments for json_insert(), json_replace()
+** or json_set().
+*/
+static void jsonWrongNumArgs(
+  sqlite3_context *pCtx,
+  const char *zFuncName
+){
+  char *zMsg = sqlite3_mprintf("json_%s() needs an odd number of arguments",
+                               zFuncName);
+  sqlite3_result_error(pCtx, zMsg, -1);
+  sqlite3_free(zMsg);
+}
+
+/****************************************************************************
+** Utility routines for dealing with the binary BLOB representation of JSON
+****************************************************************************/
+
+/*
+** Expand pParse->aBlob so that it holds at least N bytes.
 **
-** Special return values:
+** Return the number of errors.
+*/
+static int jsonBlobExpand(JsonParse *pParse, u32 N){
+  u8 *aNew;
+  u32 t;
+  assert( N>pParse->nBlobAlloc );
+  if( pParse->nBlobAlloc==0 ){
+    t = 100;
+  }else{
+    t = pParse->nBlobAlloc*2;
+  }
+  if( tdb, pParse->aBlob, t);
+  if( aNew==0 ){ pParse->oom = 1; return 1; }
+  pParse->aBlob = aNew;
+  pParse->nBlobAlloc = t;
+  return 0;
+}
+
+/*
+** If pParse->aBlob is not previously editable (because it is taken
+** from sqlite3_value_blob(), as indicated by the fact that
+** pParse->nBlobAlloc==0 and pParse->nBlob>0) then make it editable
+** by making a copy into space obtained from malloc.
+**
+** Return true on success.  Return false on OOM.
+*/
+static int jsonBlobMakeEditable(JsonParse *pParse, u32 nExtra){
+  u8 *aOld;
+  u32 nSize;
+  assert( !pParse->bReadOnly );
+  if( pParse->oom ) return 0;
+  if( pParse->nBlobAlloc>0 ) return 1;
+  aOld = pParse->aBlob;
+  nSize = pParse->nBlob + nExtra;
+  pParse->aBlob = 0;
+  if( jsonBlobExpand(pParse, nSize) ){
+    return 0;
+  }
+  assert( pParse->nBlobAlloc >= pParse->nBlob + nExtra );
+  memcpy(pParse->aBlob, aOld, pParse->nBlob);
+  return 1;
+}
+
+/* Expand pParse->aBlob and append one bytes.
+*/
+static SQLITE_NOINLINE void jsonBlobExpandAndAppendOneByte(
+  JsonParse *pParse,
+  u8 c
+){
+  jsonBlobExpand(pParse, pParse->nBlob+1);
+  if( pParse->oom==0 ){
+    assert( pParse->nBlob+1<=pParse->nBlobAlloc );
+    pParse->aBlob[pParse->nBlob++] = c;
+  }
+}
+
+/* Append a single character.
+*/
+static void jsonBlobAppendOneByte(JsonParse *pParse, u8 c){
+  if( pParse->nBlob >= pParse->nBlobAlloc ){
+    jsonBlobExpandAndAppendOneByte(pParse, c);
+  }else{
+    pParse->aBlob[pParse->nBlob++] = c;
+  }
+}
+
+/* Slow version of jsonBlobAppendNode() that first resizes the
+** pParse->aBlob structure.
+*/
+static void jsonBlobAppendNode(JsonParse*,u8,u32,const void*);
+static SQLITE_NOINLINE void jsonBlobExpandAndAppendNode(
+  JsonParse *pParse,
+  u8 eType,
+  u32 szPayload,
+  const void *aPayload
+){
+  if( jsonBlobExpand(pParse, pParse->nBlob+szPayload+9) ) return;
+  jsonBlobAppendNode(pParse, eType, szPayload, aPayload);
+}
+
+
+/* Append an node type byte together with the payload size and
+** possibly also the payload.
+**
+** If aPayload is not NULL, then it is a pointer to the payload which
+** is also appended.  If aPayload is NULL, the pParse->aBlob[] array
+** is resized (if necessary) so that it is big enough to hold the
+** payload, but the payload is not appended and pParse->nBlob is left
+** pointing to where the first byte of payload will eventually be.
+*/
+static void jsonBlobAppendNode(
+  JsonParse *pParse,          /* The JsonParse object under construction */
+  u8 eType,                   /* Node type.  One of JSONB_* */
+  u32 szPayload,              /* Number of bytes of payload */
+  const void *aPayload        /* The payload.  Might be NULL */
+){
+  u8 *a;
+  if( pParse->nBlob+szPayload+9 > pParse->nBlobAlloc ){
+    jsonBlobExpandAndAppendNode(pParse,eType,szPayload,aPayload);
+    return;
+  }
+  assert( pParse->aBlob!=0 );
+  a = &pParse->aBlob[pParse->nBlob];
+  if( szPayload<=11 ){
+    a[0] = eType | (szPayload<<4);
+    pParse->nBlob += 1;
+  }else if( szPayload<=0xff ){
+    a[0] = eType | 0xc0;
+    a[1] = szPayload & 0xff;
+    pParse->nBlob += 2;
+  }else if( szPayload<=0xffff ){
+    a[0] = eType | 0xd0;
+    a[1] = (szPayload >> 8) & 0xff;
+    a[2] = szPayload & 0xff;
+    pParse->nBlob += 3;
+  }else{
+    a[0] = eType | 0xe0;
+    a[1] = (szPayload >> 24) & 0xff;
+    a[2] = (szPayload >> 16) & 0xff;
+    a[3] = (szPayload >> 8) & 0xff;
+    a[4] = szPayload & 0xff;
+    pParse->nBlob += 5;
+  }
+  if( aPayload ){
+    pParse->nBlob += szPayload;
+    memcpy(&pParse->aBlob[pParse->nBlob-szPayload], aPayload, szPayload);
+  }
+}
+
+/* Change the payload size for the node at index i to be szPayload.
+*/
+static int jsonBlobChangePayloadSize(
+  JsonParse *pParse,
+  u32 i,
+  u32 szPayload
+){
+  u8 *a;
+  u8 szType;
+  u8 nExtra;
+  u8 nNeeded;
+  int delta;
+  if( pParse->oom ) return 0;
+  a = &pParse->aBlob[i];
+  szType = a[0]>>4;
+  if( szType<=11 ){
+    nExtra = 0;
+  }else if( szType==12 ){
+    nExtra = 1;
+  }else if( szType==13 ){
+    nExtra = 2;
+  }else{
+    nExtra = 4;
+  }
+  if( szPayload<=11 ){
+    nNeeded = 0;
+  }else if( szPayload<=0xff ){
+    nNeeded = 1;
+  }else if( szPayload<=0xffff ){
+    nNeeded = 2;
+  }else{
+    nNeeded = 4;
+  }
+  delta = nNeeded - nExtra;
+  if( delta ){
+    u32 newSize = pParse->nBlob + delta;
+    if( delta>0 ){
+      if( newSize>pParse->nBlobAlloc && jsonBlobExpand(pParse, newSize) ){
+        return 0;  /* OOM error.  Error state recorded in pParse->oom. */
+      }
+      a = &pParse->aBlob[i];
+      memmove(&a[1+delta], &a[1], pParse->nBlob - (i+1));
+    }else{
+      memmove(&a[1], &a[1-delta], pParse->nBlob - (i+1-delta));
+    }
+    pParse->nBlob = newSize;
+  }
+  if( nNeeded==0 ){
+    a[0] = (a[0] & 0x0f) | (szPayload<<4);
+  }else if( nNeeded==1 ){
+    a[0] = (a[0] & 0x0f) | 0xc0;
+    a[1] = szPayload & 0xff;
+  }else if( nNeeded==2 ){
+    a[0] = (a[0] & 0x0f) | 0xd0;
+    a[1] = (szPayload >> 8) & 0xff;
+    a[2] = szPayload & 0xff;
+  }else{
+    a[0] = (a[0] & 0x0f) | 0xe0;
+    a[1] = (szPayload >> 24) & 0xff;
+    a[2] = (szPayload >> 16) & 0xff;
+    a[3] = (szPayload >> 8) & 0xff;
+    a[4] = szPayload & 0xff;
+  }
+  return delta;
+}
+
+/*
+** If z[0] is 'u' and is followed by exactly 4 hexadecimal character,
+** then set *pOp to JSONB_TEXTJ and return true.  If not, do not make
+** any changes to *pOp and return false.
+*/
+static int jsonIs4HexB(const char *z, int *pOp){
+  if( z[0]!='u' ) return 0;
+  if( !jsonIs4Hex(&z[1]) ) return 0;
+  *pOp = JSONB_TEXTJ;
+  return 1;
+}
+
+/*
+** Check a single element of the JSONB in pParse for validity.
+**
+** The element to be checked starts at offset i and must end at on the
+** last byte before iEnd.
+**
+** Return 0 if everything is correct.  Return the 1-based byte offset of the
+** error if a problem is detected.  (In other words, if the error is at offset
+** 0, return 1).
+*/
+static u32 jsonbValidityCheck(
+  const JsonParse *pParse,    /* Input JSONB.  Only aBlob and nBlob are used */
+  u32 i,                      /* Start of element as pParse->aBlob[i] */
+  u32 iEnd,                   /* One more than the last byte of the element */
+  u32 iDepth                  /* Current nesting depth */
+){
+  u32 n, sz, j, k;
+  const u8 *z;
+  u8 x;
+  if( iDepth>JSON_MAX_DEPTH ) return i+1;
+  sz = 0;
+  n = jsonbPayloadSize(pParse, i, &sz);
+  if( NEVER(n==0) ) return i+1;          /* Checked by caller */
+  if( NEVER(i+n+sz!=iEnd) ) return i+1;  /* Checked by caller */
+  z = pParse->aBlob;
+  x = z[i] & 0x0f;
+  switch( x ){
+    case JSONB_NULL:
+    case JSONB_TRUE:
+    case JSONB_FALSE: {
+      return n+sz==1 ? 0 : i+1;
+    }
+    case JSONB_INT: {
+      if( sz<1 ) return i+1;
+      j = i+n;
+      if( z[j]=='-' ){
+        j++;
+        if( sz<2 ) return i+1;
+      }
+      k = i+n+sz;
+      while( jk ) return j+1;
+        if( z[j+1]!='.' && z[j+1]!='e' && z[j+1]!='E' ) return j+1;
+        j++;
+      }
+      for(; j0 ) return j+1;
+          if( x==JSONB_FLOAT && (j==k-1 || !sqlite3Isdigit(z[j+1])) ){
+            return j+1;
+          }
+          seen = 1;
+          continue;
+        }
+        if( z[j]=='e' || z[j]=='E' ){
+          if( seen==2 ) return j+1;
+          if( j==k-1 ) return j+1;
+          if( z[j+1]=='+' || z[j+1]=='-' ){
+            j++;
+            if( j==k-1 ) return j+1;
+          }
+          seen = 2;
+          continue;
+        }
+        return j+1;
+      }
+      if( seen==0 ) return i+1;
+      return 0;
+    }
+    case JSONB_TEXT: {
+      j = i+n;
+      k = j+sz;
+      while( j=k ){
+            return j+1;
+          }else if( strchr("\"\\/bfnrt",z[j+1])!=0 ){
+            j++;
+          }else if( z[j+1]=='u' ){
+            if( j+5>=k ) return j+1;
+            if( !jsonIs4Hex((const char*)&z[j+2]) ) return j+1;
+            j++;
+          }else if( x!=JSONB_TEXT5 ){
+            return j+1;
+          }else{
+            u32 c = 0;
+            u32 szC = jsonUnescapeOneChar((const char*)&z[j], k-j, &c);
+            if( c==JSON_INVALID_CHAR ) return j+1;
+            j += szC - 1;
+          }
+        }
+        j++;
+      }
+      return 0;
+    }
+    case JSONB_TEXTRAW: {
+      return 0;
+    }
+    case JSONB_ARRAY: {
+      u32 sub;
+      j = i+n;
+      k = j+sz;
+      while( jk ) return j+1;
+        sub = jsonbValidityCheck(pParse, j, j+n+sz, iDepth+1);
+        if( sub ) return sub;
+        j += n + sz;
+      }
+      assert( j==k );
+      return 0;
+    }
+    case JSONB_OBJECT: {
+      u32 cnt = 0;
+      u32 sub;
+      j = i+n;
+      k = j+sz;
+      while( jk ) return j+1;
+        if( (cnt & 1)==0 ){
+          x = z[j] & 0x0f;
+          if( xJSONB_TEXTRAW ) return j+1;
+        }
+        sub = jsonbValidityCheck(pParse, j, j+n+sz, iDepth+1);
+        if( sub ) return sub;
+        cnt++;
+        j += n + sz;
+      }
+      assert( j==k );
+      if( (cnt & 1)!=0 ) return j+1;
+      return 0;
+    }
+    default: {
+      return i+1;
+    }
+  }
+}
+
+/*
+** Translate a single element of JSON text at pParse->zJson[i] into
+** its equivalent binary JSONB representation.  Append the translation into
+** pParse->aBlob[] beginning at pParse->nBlob.  The size of
+** pParse->aBlob[] is increased as necessary.
+**
+** Return the index of the first character past the end of the element parsed,
+** or one of the following special result codes:
 **
 **      0    End of input
-**     -1    Syntax error
-**     -2    '}' seen
-**     -3    ']' seen
-**     -4    ',' seen
-**     -5    ':' seen
+**     -1    Syntax error or OOM
+**     -2    '}' seen   \
+**     -3    ']' seen    \___  For these returns, pParse->iErr is set to
+**     -4    ',' seen    /     the index in zJson[] of the seen character
+**     -5    ':' seen   /
 */
-static int jsonParseValue(JsonParse *pParse, u32 i){
+static int jsonTranslateTextToBlob(JsonParse *pParse, u32 i){
   char c;
   u32 j;
-  int iThis;
+  u32 iThis, iStart;
   int x;
-  JsonNode *pNode;
+  u8 t;
   const char *z = pParse->zJson;
 json_parse_restart:
   switch( (u8)z[i] ){
   case '{': {
     /* Parse object */
-    iThis = jsonParseAddNode(pParse, JSON_OBJECT, 0, 0);
-    if( iThis<0 ) return -1;
+    iThis = pParse->nBlob;
+    jsonBlobAppendNode(pParse, JSONB_OBJECT, pParse->nJson-i, 0);
     if( ++pParse->iDepth > JSON_MAX_DEPTH ){
       pParse->iErr = i;
       return -1;
     }
+    iStart = pParse->nBlob;
     for(j=i+1;;j++){
-      u32 nNode = pParse->nNode;
-      x = jsonParseValue(pParse, j);
+      u32 iBlob = pParse->nBlob;
+      x = jsonTranslateTextToBlob(pParse, j);
       if( x<=0 ){
+        int op;
         if( x==(-2) ){
           j = pParse->iErr;
-          if( pParse->nNode!=(u32)iThis+1 ) pParse->hasNonstd = 1;
+          if( pParse->nBlob!=(u32)iStart ) pParse->hasNonstd = 1;
           break;
         }
         j += json5Whitespace(&z[j]);
+        op = JSONB_TEXT;
         if( sqlite3JsonId1(z[j])
-         || (z[j]=='\\' && z[j+1]=='u' && jsonIs4Hex(&z[j+2]))
+         || (z[j]=='\\' && jsonIs4HexB(&z[j+1], &op))
         ){
           int k = j+1;
           while( (sqlite3JsonId2(z[k]) && json5Whitespace(&z[k])==0)
-            || (z[k]=='\\' && z[k+1]=='u' && jsonIs4Hex(&z[k+2]))
+            || (z[k]=='\\' && jsonIs4HexB(&z[k+1], &op))
           ){
             k++;
           }
-          jsonParseAddNode(pParse, JSON_STRING | (JNODE_RAW<<8), k-j, &z[j]);
+          assert( iBlob==pParse->nBlob );
+          jsonBlobAppendNode(pParse, op, k-j, &z[j]);
           pParse->hasNonstd = 1;
           x = k;
         }else{
@@ -203940,24 +204703,24 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
         }
       }
       if( pParse->oom ) return -1;
-      pNode = &pParse->aNode[nNode];
-      if( pNode->eType!=JSON_STRING ){
+      t = pParse->aBlob[iBlob] & 0x0f;
+      if( tJSONB_TEXTRAW ){
         pParse->iErr = j;
         return -1;
       }
-      pNode->jnFlags |= JNODE_LABEL;
       j = x;
       if( z[j]==':' ){
         j++;
       }else{
-        if( fast_isspace(z[j]) ){
-          do{ j++; }while( fast_isspace(z[j]) );
+        if( jsonIsspace(z[j]) ){
+          /* strspn() is not helpful here */
+          do{ j++; }while( jsonIsspace(z[j]) );
           if( z[j]==':' ){
             j++;
             goto parse_object_value;
           }
         }
-        x = jsonParseValue(pParse, j);
+        x = jsonTranslateTextToBlob(pParse, j);
         if( x!=(-5) ){
           if( x!=(-1) ) pParse->iErr = j;
           return -1;
@@ -203965,7 +204728,7 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
         j = pParse->iErr+1;
       }
     parse_object_value:
-      x = jsonParseValue(pParse, j);
+      x = jsonTranslateTextToBlob(pParse, j);
       if( x<=0 ){
         if( x!=(-1) ) pParse->iErr = j;
         return -1;
@@ -203976,15 +204739,15 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
       }else if( z[j]=='}' ){
         break;
       }else{
-        if( fast_isspace(z[j]) ){
-          do{ j++; }while( fast_isspace(z[j]) );
+        if( jsonIsspace(z[j]) ){
+          j += 1 + (u32)strspn(&z[j+1], jsonSpaces);
           if( z[j]==',' ){
             continue;
           }else if( z[j]=='}' ){
             break;
           }
         }
-        x = jsonParseValue(pParse, j);
+        x = jsonTranslateTextToBlob(pParse, j);
         if( x==(-4) ){
           j = pParse->iErr;
           continue;
@@ -203997,25 +204760,26 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
       pParse->iErr = j;
       return -1;
     }
-    pParse->aNode[iThis].n = pParse->nNode - (u32)iThis - 1;
+    jsonBlobChangePayloadSize(pParse, iThis, pParse->nBlob - iStart);
     pParse->iDepth--;
     return j+1;
   }
   case '[': {
     /* Parse array */
-    iThis = jsonParseAddNode(pParse, JSON_ARRAY, 0, 0);
-    if( iThis<0 ) return -1;
+    iThis = pParse->nBlob;
+    jsonBlobAppendNode(pParse, JSONB_ARRAY, pParse->nJson - i, 0);
+    iStart = pParse->nBlob;
+    if( pParse->oom ) return -1;
     if( ++pParse->iDepth > JSON_MAX_DEPTH ){
       pParse->iErr = i;
       return -1;
     }
-    memset(&pParse->aNode[iThis].u, 0, sizeof(pParse->aNode[iThis].u));
     for(j=i+1;;j++){
-      x = jsonParseValue(pParse, j);
+      x = jsonTranslateTextToBlob(pParse, j);
       if( x<=0 ){
         if( x==(-3) ){
           j = pParse->iErr;
-          if( pParse->nNode!=(u32)iThis+1 ) pParse->hasNonstd = 1;
+          if( pParse->nBlob!=iStart ) pParse->hasNonstd = 1;
           break;
         }
         if( x!=(-1) ) pParse->iErr = j;
@@ -204027,15 +204791,15 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
       }else if( z[j]==']' ){
         break;
       }else{
-        if( fast_isspace(z[j]) ){
-          do{ j++; }while( fast_isspace(z[j]) );
+        if( jsonIsspace(z[j]) ){
+          j += 1 + (u32)strspn(&z[j+1], jsonSpaces);
           if( z[j]==',' ){
             continue;
           }else if( z[j]==']' ){
             break;
           }
         }
-        x = jsonParseValue(pParse, j);
+        x = jsonTranslateTextToBlob(pParse, j);
         if( x==(-4) ){
           j = pParse->iErr;
           continue;
@@ -204048,23 +204812,33 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
       pParse->iErr = j;
       return -1;
     }
-    pParse->aNode[iThis].n = pParse->nNode - (u32)iThis - 1;
+    jsonBlobChangePayloadSize(pParse, iThis, pParse->nBlob - iStart);
     pParse->iDepth--;
     return j+1;
   }
   case '\'': {
-    u8 jnFlags;
+    u8 opcode;
     char cDelim;
     pParse->hasNonstd = 1;
-    jnFlags = JNODE_JSON5;
+    opcode = JSONB_TEXT;
     goto parse_string;
   case '"':
     /* Parse string */
-    jnFlags = 0;
+    opcode = JSONB_TEXT;
   parse_string:
     cDelim = z[i];
-    for(j=i+1; 1; j++){
-      if( jsonIsOk[(unsigned char)z[j]] ) continue;
+    j = i+1;
+    while( 1 /*exit-by-break*/ ){
+      if( jsonIsOk[(u8)z[j]] ){
+        if( !jsonIsOk[(u8)z[j+1]] ){
+          j += 1;
+        }else if( !jsonIsOk[(u8)z[j+2]] ){
+          j += 2;
+        }else{
+          j += 3;
+          continue;
+        }
+      }
       c = z[j];
       if( c==cDelim ){
         break;
@@ -204073,16 +204847,16 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
         if( c=='"' || c=='\\' || c=='/' || c=='b' || c=='f'
            || c=='n' || c=='r' || c=='t'
            || (c=='u' && jsonIs4Hex(&z[j+1])) ){
-          jnFlags |= JNODE_ESCAPE;
+          if( opcode==JSONB_TEXT ) opcode = JSONB_TEXTJ;
         }else if( c=='\'' || c=='0' || c=='v' || c=='\n'
            || (0xe2==(u8)c && 0x80==(u8)z[j+1]
                 && (0xa8==(u8)z[j+2] || 0xa9==(u8)z[j+2]))
            || (c=='x' && jsonIs2Hex(&z[j+1])) ){
-          jnFlags |= (JNODE_ESCAPE|JNODE_JSON5);
+          opcode = JSONB_TEXT5;
           pParse->hasNonstd = 1;
         }else if( c=='\r' ){
           if( z[j+1]=='\n' ) j++;
-          jnFlags |= (JNODE_ESCAPE|JNODE_JSON5);
+          opcode = JSONB_TEXT5;
           pParse->hasNonstd = 1;
         }else{
           pParse->iErr = j;
@@ -204092,14 +204866,17 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
         /* Control characters are not allowed in strings */
         pParse->iErr = j;
         return -1;
+      }else if( c=='"' ){
+        opcode = JSONB_TEXT5;
       }
+      j++;
     }
-    jsonParseAddNode(pParse, JSON_STRING | (jnFlags<<8), j+1-i, &z[i]);
+    jsonBlobAppendNode(pParse, opcode, j-1-i, &z[i+1]);
     return j+1;
   }
   case 't': {
     if( strncmp(z+i,"true",4)==0 && !sqlite3Isalnum(z[i+4]) ){
-      jsonParseAddNode(pParse, JSON_TRUE, 0, 0);
+      jsonBlobAppendOneByte(pParse, JSONB_TRUE);
       return i+4;
     }
     pParse->iErr = i;
@@ -204107,23 +204884,22 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
   }
   case 'f': {
     if( strncmp(z+i,"false",5)==0 && !sqlite3Isalnum(z[i+5]) ){
-      jsonParseAddNode(pParse, JSON_FALSE, 0, 0);
+      jsonBlobAppendOneByte(pParse, JSONB_FALSE);
       return i+5;
     }
     pParse->iErr = i;
     return -1;
   }
   case '+': {
-    u8 seenDP, seenE, jnFlags;
+    u8 seenE;
     pParse->hasNonstd = 1;
-    jnFlags = JNODE_JSON5;
+    t = 0x00;            /* Bit 0x01:  JSON5.   Bit 0x02:  FLOAT */
     goto parse_number;
   case '.':
     if( sqlite3Isdigit(z[i+1]) ){
       pParse->hasNonstd = 1;
-      jnFlags = JNODE_JSON5;
+      t = 0x03;          /* Bit 0x01:  JSON5.   Bit 0x02:  FLOAT */
       seenE = 0;
-      seenDP = JSON_REAL;
       goto parse_number_2;
     }
     pParse->iErr = i;
@@ -204140,9 +204916,8 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
   case '8':
   case '9':
     /* Parse number */
-    jnFlags = 0;
+    t = 0x00;            /* Bit 0x01:  JSON5.   Bit 0x02:  FLOAT */
   parse_number:
-    seenDP = JSON_INT;
     seenE = 0;
     assert( '-' < '0' );
     assert( '+' < '0' );
@@ -204152,9 +204927,9 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
     if( c<='0' ){
       if( c=='0' ){
         if( (z[i+1]=='x' || z[i+1]=='X') && sqlite3Isxdigit(z[i+2]) ){
-          assert( seenDP==JSON_INT );
+          assert( t==0x00 );
           pParse->hasNonstd = 1;
-          jnFlags |= JNODE_JSON5;
+          t = 0x01;
           for(j=i+3; sqlite3Isxdigit(z[j]); j++){}
           goto parse_number_finish;
         }else if( sqlite3Isdigit(z[i+1]) ){
@@ -204171,15 +204946,15 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
           ){
             pParse->hasNonstd = 1;
             if( z[i]=='-' ){
-              jsonParseAddNode(pParse, JSON_REAL, 8, "-9.0e999");
+              jsonBlobAppendNode(pParse, JSONB_FLOAT, 6, "-9e999");
             }else{
-              jsonParseAddNode(pParse, JSON_REAL, 7, "9.0e999");
+              jsonBlobAppendNode(pParse, JSONB_FLOAT, 5, "9e999");
             }
             return i + (sqlite3StrNICmp(&z[i+4],"inity",5)==0 ? 9 : 4);
           }
           if( z[i+1]=='.' ){
             pParse->hasNonstd = 1;
-            jnFlags |= JNODE_JSON5;
+            t |= 0x01;
             goto parse_number_2;
           }
           pParse->iErr = i;
@@ -204191,30 +204966,31 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
             return -1;
           }else if( (z[i+2]=='x' || z[i+2]=='X') && sqlite3Isxdigit(z[i+3]) ){
             pParse->hasNonstd = 1;
-            jnFlags |= JNODE_JSON5;
+            t |= 0x01;
             for(j=i+4; sqlite3Isxdigit(z[j]); j++){}
             goto parse_number_finish;
           }
         }
       }
     }
+
   parse_number_2:
     for(j=i+1;; j++){
       c = z[j];
       if( sqlite3Isdigit(c) ) continue;
       if( c=='.' ){
-        if( seenDP==JSON_REAL ){
+        if( (t & 0x02)!=0 ){
           pParse->iErr = j;
           return -1;
         }
-        seenDP = JSON_REAL;
+        t |= 0x02;
         continue;
       }
       if( c=='e' || c=='E' ){
         if( z[j-1]<'0' ){
           if( ALWAYS(z[j-1]=='.') && ALWAYS(j-2>=i) && sqlite3Isdigit(z[j-2]) ){
             pParse->hasNonstd = 1;
-            jnFlags |= JNODE_JSON5;
+            t |= 0x01;
           }else{
             pParse->iErr = j;
             return -1;
@@ -204224,7 +205000,7 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
           pParse->iErr = j;
           return -1;
         }
-        seenDP = JSON_REAL;
+        t |= 0x02;
         seenE = 1;
         c = z[j+1];
         if( c=='+' || c=='-' ){
@@ -204242,14 +205018,18 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
     if( z[j-1]<'0' ){
       if( ALWAYS(z[j-1]=='.') && ALWAYS(j-2>=i) && sqlite3Isdigit(z[j-2]) ){
         pParse->hasNonstd = 1;
-        jnFlags |= JNODE_JSON5;
+        t |= 0x01;
       }else{
         pParse->iErr = j;
         return -1;
       }
     }
   parse_number_finish:
-    jsonParseAddNode(pParse, seenDP | (jnFlags<<8), j - i, &z[i]);
+    assert( JSONB_INT+0x01==JSONB_INT5 );
+    assert( JSONB_FLOAT+0x01==JSONB_FLOAT5 );
+    assert( JSONB_INT+0x02==JSONB_FLOAT );
+    if( z[i]=='+' ) i++;
+    jsonBlobAppendNode(pParse, JSONB_INT+t, j-i, &z[i]);
     return j;
   }
   case '}': {
@@ -204275,9 +205055,7 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
   case 0x0a:
   case 0x0d:
   case 0x20: {
-    do{
-      i++;
-    }while( fast_isspace(z[i]) );
+    i += 1 + (u32)strspn(&z[i+1], jsonSpaces);
     goto json_parse_restart;
   }
   case 0x0b:
@@ -204299,7 +205077,7 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
   }
   case 'n': {
     if( strncmp(z+i,"null",4)==0 && !sqlite3Isalnum(z[i+4]) ){
-      jsonParseAddNode(pParse, JSON_NULL, 0, 0);
+      jsonBlobAppendOneByte(pParse, JSONB_NULL);
       return i+4;
     }
     /* fall-through into the default case that checks for NaN */
@@ -204315,8 +205093,11 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
         continue;
       }
       if( sqlite3Isalnum(z[i+nn]) ) continue;
-      jsonParseAddNode(pParse, aNanInfName[k].eType,
-          aNanInfName[k].nRepl, aNanInfName[k].zRepl);
+      if( aNanInfName[k].eType==JSONB_FLOAT ){
+        jsonBlobAppendNode(pParse, JSONB_FLOAT, 5, "9e999");
+      }else{
+        jsonBlobAppendOneByte(pParse, JSONB_NULL);
+      }
       pParse->hasNonstd = 1;
       return i + nn;
     }
@@ -204326,6 +205107,7 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
   } /* End switch(z[i]) */
 }
 
+
 /*
 ** Parse a complete JSON string.  Return 0 on success or non-zero if there
 ** are any errors.  If an error occurs, free all memory held by pParse,
@@ -204334,20 +205116,26 @@ static int jsonParseValue(JsonParse *pParse, u32 i){
 ** pParse must be initialized to an empty parse object prior to calling
 ** this routine.
 */
-static int jsonParse(
+static int jsonConvertTextToBlob(
   JsonParse *pParse,           /* Initialize and fill this JsonParse object */
   sqlite3_context *pCtx        /* Report errors here */
 ){
   int i;
   const char *zJson = pParse->zJson;
-  i = jsonParseValue(pParse, 0);
+  i = jsonTranslateTextToBlob(pParse, 0);
   if( pParse->oom ) i = -1;
   if( i>0 ){
+#ifdef SQLITE_DEBUG
     assert( pParse->iDepth==0 );
-    while( fast_isspace(zJson[i]) ) i++;
+    if( sqlite3Config.bJsonSelfcheck ){
+      assert( jsonbValidityCheck(pParse, 0, pParse->nBlob, 0)==0 );
+    }
+#endif
+    while( jsonIsspace(zJson[i]) ) i++;
     if( zJson[i] ){
       i += json5Whitespace(&zJson[i]);
       if( zJson[i] ){
+        if( pCtx ) sqlite3_result_error(pCtx, "malformed JSON", -1);
         jsonParseReset(pParse);
         return 1;
       }
@@ -204368,248 +205156,710 @@ static int jsonParse(
   return 0;
 }
 
+/*
+** The input string pStr is a well-formed JSON text string.  Convert
+** this into the JSONB format and make it the return value of the
+** SQL function.
+*/
+static void jsonReturnStringAsBlob(JsonString *pStr){
+  JsonParse px;
+  memset(&px, 0, sizeof(px));
+  jsonStringTerminate(pStr);
+  px.zJson = pStr->zBuf;
+  px.nJson = pStr->nUsed;
+  px.db = sqlite3_context_db_handle(pStr->pCtx);
+  (void)jsonTranslateTextToBlob(&px, 0);
+  if( px.oom ){
+    sqlite3DbFree(px.db, px.aBlob);
+    sqlite3_result_error_nomem(pStr->pCtx);
+  }else{
+    assert( px.nBlobAlloc>0 );
+    assert( !px.bReadOnly );
+    sqlite3_result_blob(pStr->pCtx, px.aBlob, px.nBlob, SQLITE_DYNAMIC);
+  }
+}
 
-/* Mark node i of pParse as being a child of iParent.  Call recursively
-** to fill in all the descendants of node i.
+/* The byte at index i is a node type-code.  This routine
+** determines the payload size for that node and writes that
+** payload size in to *pSz.  It returns the offset from i to the
+** beginning of the payload.  Return 0 on error.
 */
-static void jsonParseFillInParentage(JsonParse *pParse, u32 i, u32 iParent){
-  JsonNode *pNode = &pParse->aNode[i];
-  u32 j;
-  pParse->aUp[i] = iParent;
-  switch( pNode->eType ){
-    case JSON_ARRAY: {
-      for(j=1; j<=pNode->n; j += jsonNodeSize(pNode+j)){
-        jsonParseFillInParentage(pParse, i+j, i);
+static u32 jsonbPayloadSize(const JsonParse *pParse, u32 i, u32 *pSz){
+  u8 x;
+  u32 sz;
+  u32 n;
+  if( NEVER(i>pParse->nBlob) ){
+    *pSz = 0;
+    return 0;
+  }
+  x = pParse->aBlob[i]>>4;
+  if( x<=11 ){
+    sz = x;
+    n = 1;
+  }else if( x==12 ){
+    if( i+1>=pParse->nBlob ){
+      *pSz = 0;
+      return 0;
+    }
+    sz = pParse->aBlob[i+1];
+    n = 2;
+  }else if( x==13 ){
+    if( i+2>=pParse->nBlob ){
+      *pSz = 0;
+      return 0;
+    }
+    sz = (pParse->aBlob[i+1]<<8) + pParse->aBlob[i+2];
+    n = 3;
+  }else if( x==14 ){
+    if( i+4>=pParse->nBlob ){
+      *pSz = 0;
+      return 0;
+    }
+    sz = ((u32)pParse->aBlob[i+1]<<24) + (pParse->aBlob[i+2]<<16) +
+         (pParse->aBlob[i+3]<<8) + pParse->aBlob[i+4];
+    n = 5;
+  }else{
+    if( i+8>=pParse->nBlob
+     || pParse->aBlob[i+1]!=0
+     || pParse->aBlob[i+2]!=0
+     || pParse->aBlob[i+3]!=0
+     || pParse->aBlob[i+4]!=0
+    ){
+      *pSz = 0;
+      return 0;
+    }
+    sz = (pParse->aBlob[i+5]<<24) + (pParse->aBlob[i+6]<<16) +
+         (pParse->aBlob[i+7]<<8) + pParse->aBlob[i+8];
+    n = 9;
+  }
+  if( i+sz+n > pParse->nBlob
+   && i+sz+n > pParse->nBlob-pParse->delta
+  ){
+    sz = 0;
+    n = 0;
+  }
+  *pSz = sz;
+  return n;
+}
+
+
+/*
+** Translate the binary JSONB representation of JSON beginning at
+** pParse->aBlob[i] into a JSON text string.  Append the JSON
+** text onto the end of pOut.  Return the index in pParse->aBlob[]
+** of the first byte past the end of the element that is translated.
+**
+** If an error is detected in the BLOB input, the pOut->eErr flag
+** might get set to JSTRING_MALFORMED.  But not all BLOB input errors
+** are detected.  So a malformed JSONB input might either result
+** in an error, or in incorrect JSON.
+**
+** The pOut->eErr JSTRING_OOM flag is set on a OOM.
+*/
+static u32 jsonTranslateBlobToText(
+  const JsonParse *pParse,       /* the complete parse of the JSON */
+  u32 i,                         /* Start rendering at this index */
+  JsonString *pOut               /* Write JSON here */
+){
+  u32 sz, n, j, iEnd;
+
+  n = jsonbPayloadSize(pParse, i, &sz);
+  if( n==0 ){
+    pOut->eErr |= JSTRING_MALFORMED;
+    return pParse->nBlob+1;
+  }
+  switch( pParse->aBlob[i] & 0x0f ){
+    case JSONB_NULL: {
+      jsonAppendRawNZ(pOut, "null", 4);
+      return i+1;
+    }
+    case JSONB_TRUE: {
+      jsonAppendRawNZ(pOut, "true", 4);
+      return i+1;
+    }
+    case JSONB_FALSE: {
+      jsonAppendRawNZ(pOut, "false", 5);
+      return i+1;
+    }
+    case JSONB_INT:
+    case JSONB_FLOAT: {
+      jsonAppendRaw(pOut, (const char*)&pParse->aBlob[i+n], sz);
+      break;
+    }
+    case JSONB_INT5: {  /* Integer literal in hexadecimal notation */
+      u32 k = 2;
+      sqlite3_uint64 u = 0;
+      const char *zIn = (const char*)&pParse->aBlob[i+n];
+      int bOverflow = 0;
+      if( zIn[0]=='-' ){
+        jsonAppendChar(pOut, '-');
+        k++;
+      }else if( zIn[0]=='+' ){
+        k++;
+      }
+      for(; keErr |= JSTRING_MALFORMED;
+          break;
+        }else if( (u>>60)!=0 ){
+          bOverflow = 1;
+        }else{
+          u = u*16 + sqlite3HexToInt(zIn[k]);
+        }
       }
+      jsonPrintf(100,pOut,bOverflow?"9.0e999":"%llu", u);
       break;
     }
-    case JSON_OBJECT: {
-      for(j=1; j<=pNode->n; j += jsonNodeSize(pNode+j+1)+1){
-        pParse->aUp[i+j] = i;
-        jsonParseFillInParentage(pParse, i+j+1, i);
+    case JSONB_FLOAT5: { /* Float literal missing digits beside "." */
+      u32 k = 0;
+      const char *zIn = (const char*)&pParse->aBlob[i+n];
+      if( zIn[0]=='-' ){
+        jsonAppendChar(pOut, '-');
+        k++;
       }
+      if( zIn[k]=='.' ){
+        jsonAppendChar(pOut, '0');
+      }
+      for(; kaBlob[i+n], sz);
+      jsonAppendChar(pOut, '"');
       break;
     }
+    case JSONB_TEXT5: {
+      const char *zIn;
+      u32 k;
+      u32 sz2 = sz;
+      zIn = (const char*)&pParse->aBlob[i+n];
+      jsonAppendChar(pOut, '"');
+      while( sz2>0 ){
+        for(k=0; k0 ){
+          jsonAppendRawNZ(pOut, zIn, k);
+          if( k>=sz2 ){
+            break;
+          }
+          zIn += k;
+          sz2 -= k;
+        }
+        if( zIn[0]=='"' ){
+          jsonAppendRawNZ(pOut, "\\\"", 2);
+          zIn++;
+          sz2--;
+          continue;
+        }
+        assert( zIn[0]=='\\' );
+        assert( sz2>=1 );
+        if( sz2<2 ){
+          pOut->eErr |= JSTRING_MALFORMED;
+          break;
+        }
+        switch( (u8)zIn[1] ){
+          case '\'':
+            jsonAppendChar(pOut, '\'');
+            break;
+          case 'v':
+            jsonAppendRawNZ(pOut, "\\u0009", 6);
+            break;
+          case 'x':
+            if( sz2<4 ){
+              pOut->eErr |= JSTRING_MALFORMED;
+              sz2 = 2;
+              break;
+            }
+            jsonAppendRawNZ(pOut, "\\u00", 4);
+            jsonAppendRawNZ(pOut, &zIn[2], 2);
+            zIn += 2;
+            sz2 -= 2;
+            break;
+          case '0':
+            jsonAppendRawNZ(pOut, "\\u0000", 6);
+            break;
+          case '\r':
+            if( sz2>2 && zIn[2]=='\n' ){
+              zIn++;
+              sz2--;
+            }
+            break;
+          case '\n':
+            break;
+          case 0xe2:
+            /* '\' followed by either U+2028 or U+2029 is ignored as
+            ** whitespace.  Not that in UTF8, U+2028 is 0xe2 0x80 0x29.
+            ** U+2029 is the same except for the last byte */
+            if( sz2<4
+             || 0x80!=(u8)zIn[2]
+             || (0xa8!=(u8)zIn[3] && 0xa9!=(u8)zIn[3])
+            ){
+              pOut->eErr |= JSTRING_MALFORMED;
+              sz2 = 2;
+              break;
+            }
+            zIn += 2;
+            sz2 -= 2;
+            break;
+          default:
+            jsonAppendRawNZ(pOut, zIn, 2);
+            break;
+        }
+        assert( sz2>=2 );
+        zIn += 2;
+        sz2 -= 2;
+      }
+      jsonAppendChar(pOut, '"');
+      break;
+    }
+    case JSONB_TEXTRAW: {
+      jsonAppendString(pOut, (const char*)&pParse->aBlob[i+n], sz);
+      break;
+    }
+    case JSONB_ARRAY: {
+      jsonAppendChar(pOut, '[');
+      j = i+n;
+      iEnd = j+sz;
+      while( j0 ) pOut->nUsed--;
+      jsonAppendChar(pOut, ']');
+      break;
+    }
+    case JSONB_OBJECT: {
+      int x = 0;
+      jsonAppendChar(pOut, '{');
+      j = i+n;
+      iEnd = j+sz;
+      while( jeErr |= JSTRING_MALFORMED;
+      if( sz>0 ) pOut->nUsed--;
+      jsonAppendChar(pOut, '}');
+      break;
+    }
+
     default: {
+      pOut->eErr |= JSTRING_MALFORMED;
       break;
     }
   }
+  return i+n+sz;
+}
+
+/* Return true if the input pJson
+**
+** For performance reasons, this routine does not do a detailed check of the
+** input BLOB to ensure that it is well-formed.  Hence, false positives are
+** possible.  False negatives should never occur, however.
+*/
+static int jsonFuncArgMightBeBinary(sqlite3_value *pJson){
+  u32 sz, n;
+  const u8 *aBlob;
+  int nBlob;
+  JsonParse s;
+  if( sqlite3_value_type(pJson)!=SQLITE_BLOB ) return 0;
+  aBlob = sqlite3_value_blob(pJson);
+  nBlob = sqlite3_value_bytes(pJson);
+  if( nBlob<1 ) return 0;
+  if( NEVER(aBlob==0) || (aBlob[0] & 0x0f)>JSONB_OBJECT ) return 0;
+  memset(&s, 0, sizeof(s));
+  s.aBlob = (u8*)aBlob;
+  s.nBlob = nBlob;
+  n = jsonbPayloadSize(&s, 0, &sz);
+  if( n==0 ) return 0;
+  if( sz+n!=(u32)nBlob ) return 0;
+  if( (aBlob[0] & 0x0f)<=JSONB_FALSE && sz>0 ) return 0;
+  return sz+n==(u32)nBlob;
 }
 
 /*
-** Compute the parentage of all nodes in a completed parse.
+** Given that a JSONB_ARRAY object starts at offset i, return
+** the number of entries in that array.
 */
-static int jsonParseFindParents(JsonParse *pParse){
-  u32 *aUp;
-  assert( pParse->aUp==0 );
-  aUp = pParse->aUp = sqlite3_malloc64( sizeof(u32)*pParse->nNode );
-  if( aUp==0 ){
-    pParse->oom = 1;
-    return SQLITE_NOMEM;
+static u32 jsonbArrayCount(JsonParse *pParse, u32 iRoot){
+  u32 n, sz, i, iEnd;
+  u32 k = 0;
+  n = jsonbPayloadSize(pParse, iRoot, &sz);
+  iEnd = iRoot+n+sz;
+  for(i=iRoot+n; n>0 && idelta.
 */
-#define JSON_CACHE_ID  (-429938)  /* First cache entry */
-#define JSON_CACHE_SZ  4          /* Max number of cache entries */
+static void jsonAfterEditSizeAdjust(JsonParse *pParse, u32 iRoot){
+  u32 sz = 0;
+  u32 nBlob;
+  assert( pParse->delta!=0 );
+  assert( pParse->nBlobAlloc >= pParse->nBlob );
+  nBlob = pParse->nBlob;
+  pParse->nBlob = pParse->nBlobAlloc;
+  (void)jsonbPayloadSize(pParse, iRoot, &sz);
+  pParse->nBlob = nBlob;
+  sz += pParse->delta;
+  pParse->delta += jsonBlobChangePayloadSize(pParse, iRoot, sz);
+}
 
 /*
-** Obtain a complete parse of the JSON found in the pJson argument
-**
-** Use the sqlite3_get_auxdata() cache to find a preexisting parse
-** if it is available.  If the cache is not available or if it
-** is no longer valid, parse the JSON again and return the new parse.
-** Also register the new parse so that it will be available for
-** future sqlite3_get_auxdata() calls.
-**
-** If an error occurs and pErrCtx!=0 then report the error on pErrCtx
-** and return NULL.
+** Modify the JSONB blob at pParse->aBlob by removing nDel bytes of
+** content beginning at iDel, and replacing them with nIns bytes of
+** content given by aIns.
 **
-** The returned pointer (if it is not NULL) is owned by the cache in
-** most cases, not the caller.  The caller does NOT need to invoke
-** jsonParseFree(), in most cases.
+** nDel may be zero, in which case no bytes are removed.  But iDel is
+** still important as new bytes will be insert beginning at iDel.
 **
-** Except, if an error occurs and pErrCtx==0 then return the JsonParse
-** object with JsonParse.nErr non-zero and the caller will own the JsonParse
-** object.  In that case, it will be the responsibility of the caller to
-** invoke jsonParseFree().  To summarize:
+** aIns may be zero, in which case space is created to hold nIns bytes
+** beginning at iDel, but that space is uninitialized.
 **
-**   pErrCtx!=0 || p->nErr==0      ==>   Return value p is owned by the
-**                                       cache.  Call does not need to
-**                                       free it.
-**
-**   pErrCtx==0 && p->nErr!=0      ==>   Return value is owned by the caller
-**                                       and so the caller must free it.
+** Set pParse->oom if an OOM occurs.
 */
-static JsonParse *jsonParseCached(
-  sqlite3_context *pCtx,         /* Context to use for cache search */
-  sqlite3_value *pJson,          /* Function param containing JSON text */
-  sqlite3_context *pErrCtx,      /* Write parse errors here if not NULL */
-  int bUnedited                  /* No prior edits allowed */
+static void jsonBlobEdit(
+  JsonParse *pParse,     /* The JSONB to be modified is in pParse->aBlob */
+  u32 iDel,              /* First byte to be removed */
+  u32 nDel,              /* Number of bytes to remove */
+  const u8 *aIns,        /* Content to insert */
+  u32 nIns               /* Bytes of content to insert */
 ){
-  char *zJson = (char*)sqlite3_value_text(pJson);
-  int nJson = sqlite3_value_bytes(pJson);
-  JsonParse *p;
-  JsonParse *pMatch = 0;
-  int iKey;
-  int iMinKey = 0;
-  u32 iMinHold = 0xffffffff;
-  u32 iMaxHold = 0;
-  int bJsonRCStr;
+  i64 d = (i64)nIns - (i64)nDel;
+  if( d!=0 ){
+    if( pParse->nBlob + d > pParse->nBlobAlloc ){
+      jsonBlobExpand(pParse, pParse->nBlob+d);
+      if( pParse->oom ) return;
+    }
+    memmove(&pParse->aBlob[iDel+nIns],
+            &pParse->aBlob[iDel+nDel],
+            pParse->nBlob - (iDel+nDel));
+    pParse->nBlob += d;
+    pParse->delta += d;
+  }
+  if( nIns && aIns ) memcpy(&pParse->aBlob[iDel], aIns, nIns);
+}
 
-  if( zJson==0 ) return 0;
-  for(iKey=0; iKeynJson==nJson
-     && (p->hasMod==0 || bUnedited==0)
-     && (p->zJson==zJson || memcmp(p->zJson,zJson,nJson)==0)
-    ){
-      p->nErr = 0;
-      p->useMod = 0;
-      pMatch = p;
-    }else
-    if( pMatch==0
-     && p->zAlt!=0
-     && bUnedited==0
-     && p->nAlt==nJson
-     && memcmp(p->zAlt, zJson, nJson)==0
-    ){
-      p->nErr = 0;
-      p->useMod = 1;
-      pMatch = p;
-    }else if( p->iHoldiHold;
-      iMinKey = iKey;
+    if( z[i+1]=='\r' ){
+      if( i+2iHold>iMaxHold ){
-      iMaxHold = p->iHold;
+    if( 0xe2==(u8)z[i+1]
+     && i+3nErr = 0;
-    pMatch->iHold = iMaxHold+1;
-    assert( pMatch->nJPRef>0 ); /* pMatch is owned by the cache */
-    return pMatch;
-  }
+  return i;
+}
 
-  /* The input JSON was not found anywhere in the cache.  We will need
-  ** to parse it ourselves and generate a new JsonParse object.
-  */
-  bJsonRCStr = sqlite3ValueIsOfClass(pJson,sqlite3RCStrUnref);
-  p = sqlite3_malloc64( sizeof(*p) + (bJsonRCStr ? 0 : nJson+1) );
-  if( p==0 ){
-    sqlite3_result_error_nomem(pCtx);
-    return 0;
+/*
+** Input z[0..n] defines JSON escape sequence including the leading '\\'.
+** Decode that escape sequence into a single character.  Write that
+** character into *piOut.  Return the number of bytes in the escape sequence.
+**
+** If there is a syntax error of some kind (for example too few characters
+** after the '\\' to complete the encoding) then *piOut is set to
+** JSON_INVALID_CHAR.
+*/
+static u32 jsonUnescapeOneChar(const char *z, u32 n, u32 *piOut){
+  assert( n>0 );
+  assert( z[0]=='\\' );
+  if( n<2 ){
+    *piOut = JSON_INVALID_CHAR;
+    return n;
   }
-  memset(p, 0, sizeof(*p));
-  if( bJsonRCStr ){
-    p->zJson = sqlite3RCStrRef(zJson);
-    p->bJsonIsRCStr = 1;
-  }else{
-    p->zJson = (char*)&p[1];
-    memcpy(p->zJson, zJson, nJson+1);
+  switch( (u8)z[1] ){
+    case 'u': {
+      u32 v, vlo;
+      if( n<6 ){
+        *piOut = JSON_INVALID_CHAR;
+        return n;
+      }
+      v = jsonHexToInt4(&z[2]);
+      if( (v & 0xfc00)==0xd800
+       && n>=12
+       && z[6]=='\\'
+       && z[7]=='u'
+       && ((vlo = jsonHexToInt4(&z[8]))&0xfc00)==0xdc00
+      ){
+        *piOut = ((v&0x3ff)<<10) + (vlo&0x3ff) + 0x10000;
+        return 12;
+      }else{
+        *piOut = v;
+        return 6;
+      }
+    }
+    case 'b': {   *piOut = '\b';  return 2; }
+    case 'f': {   *piOut = '\f';  return 2; }
+    case 'n': {   *piOut = '\n';  return 2; }
+    case 'r': {   *piOut = '\r';  return 2; }
+    case 't': {   *piOut = '\t';  return 2; }
+    case 'v': {   *piOut = '\v';  return 2; }
+    case '0': {   *piOut = 0;     return 2; }
+    case '\'':
+    case '"':
+    case '/':
+    case '\\':{   *piOut = z[1];  return 2; }
+    case 'x': {
+      if( n<4 ){
+        *piOut = JSON_INVALID_CHAR;
+        return n;
+      }
+      *piOut = (jsonHexToInt(z[2])<<4) | jsonHexToInt(z[3]);
+      return 4;
+    }
+    case 0xe2:
+    case '\r':
+    case '\n': {
+      u32 nSkip = jsonBytesToBypass(z, n);
+      if( nSkip==0 ){
+        *piOut = JSON_INVALID_CHAR;
+        return n;
+      }else if( nSkip==n ){
+        *piOut = 0;
+        return n;
+      }else if( z[nSkip]=='\\' ){
+        return nSkip + jsonUnescapeOneChar(&z[nSkip], n-nSkip, piOut);
+      }else{
+        int sz = sqlite3Utf8ReadLimited((u8*)&z[nSkip], n-nSkip, piOut);
+        return nSkip + sz;
+      }
+    }
+    default: {
+      *piOut = JSON_INVALID_CHAR;
+      return 2;
+    }
   }
-  p->nJPRef = 1;
-  if( jsonParse(p, pErrCtx) ){
-    if( pErrCtx==0 ){
-      p->nErr = 1;
-      assert( p->nJPRef==1 ); /* Caller will own the new JsonParse object p */
-      return p;
+}
+
+
+/*
+** Compare two object labels.  Return 1 if they are equal and
+** 0 if they differ.
+**
+** In this version, we know that one or the other or both of the
+** two comparands contains an escape sequence.
+*/
+static SQLITE_NOINLINE int jsonLabelCompareEscaped(
+  const char *zLeft,          /* The left label */
+  u32 nLeft,                  /* Size of the left label in bytes */
+  int rawLeft,                /* True if zLeft contains no escapes */
+  const char *zRight,         /* The right label */
+  u32 nRight,                 /* Size of the right label in bytes */
+  int rawRight                /* True if zRight is escape-free */
+){
+  u32 cLeft, cRight;
+  assert( rawLeft==0 || rawRight==0 );
+  while( 1 /*exit-by-return*/ ){
+    if( nLeft==0 ){
+      cLeft = 0;
+    }else if( rawLeft || zLeft[0]!='\\' ){
+      cLeft = ((u8*)zLeft)[0];
+      if( cLeft>=0xc0 ){
+        int sz = sqlite3Utf8ReadLimited((u8*)zLeft, nLeft, &cLeft);
+        zLeft += sz;
+        nLeft -= sz;
+      }else{
+        zLeft++;
+        nLeft--;
+      }
+    }else{
+      u32 n = jsonUnescapeOneChar(zLeft, nLeft, &cLeft);
+      zLeft += n;
+      assert( n<=nLeft );
+      nLeft -= n;
+    }
+    if( nRight==0 ){
+      cRight = 0;
+    }else if( rawRight || zRight[0]!='\\' ){
+      cRight = ((u8*)zRight)[0];
+      if( cRight>=0xc0 ){
+        int sz = sqlite3Utf8ReadLimited((u8*)zRight, nRight, &cRight);
+        zRight += sz;
+        nRight -= sz;
+      }else{
+        zRight++;
+        nRight--;
+      }
+    }else{
+      u32 n = jsonUnescapeOneChar(zRight, nRight, &cRight);
+      zRight += n;
+      assert( n<=nRight );
+      nRight -= n;
     }
-    jsonParseFree(p);
-    return 0;
+    if( cLeft!=cRight ) return 0;
+    if( cLeft==0 ) return 1;
   }
-  p->nJson = nJson;
-  p->iHold = iMaxHold+1;
-  /* Transfer ownership of the new JsonParse to the cache */
-  sqlite3_set_auxdata(pCtx, JSON_CACHE_ID+iMinKey, p,
-                      (void(*)(void*))jsonParseFree);
-  return (JsonParse*)sqlite3_get_auxdata(pCtx, JSON_CACHE_ID+iMinKey);
 }
 
 /*
-** Compare the OBJECT label at pNode against zKey,nKey.  Return true on
-** a match.
+** Compare two object labels.  Return 1 if they are equal and
+** 0 if they differ.  Return -1 if an OOM occurs.
 */
-static int jsonLabelCompare(const JsonNode *pNode, const char *zKey, u32 nKey){
-  assert( pNode->eU==1 );
-  if( pNode->jnFlags & JNODE_RAW ){
-    if( pNode->n!=nKey ) return 0;
-    return strncmp(pNode->u.zJContent, zKey, nKey)==0;
+static int jsonLabelCompare(
+  const char *zLeft,          /* The left label */
+  u32 nLeft,                  /* Size of the left label in bytes */
+  int rawLeft,                /* True if zLeft contains no escapes */
+  const char *zRight,         /* The right label */
+  u32 nRight,                 /* Size of the right label in bytes */
+  int rawRight                /* True if zRight is escape-free */
+){
+  if( rawLeft && rawRight ){
+    /* Simpliest case:  Neither label contains escapes.  A simple
+    ** memcmp() is sufficient. */
+    if( nLeft!=nRight ) return 0;
+    return memcmp(zLeft, zRight, nLeft)==0;
   }else{
-    if( pNode->n!=nKey+2 ) return 0;
-    return strncmp(pNode->u.zJContent+1, zKey, nKey)==0;
+    return jsonLabelCompareEscaped(zLeft, nLeft, rawLeft,
+                                   zRight, nRight, rawRight);
   }
 }
-static int jsonSameLabel(const JsonNode *p1, const JsonNode *p2){
-  if( p1->jnFlags & JNODE_RAW ){
-    return jsonLabelCompare(p2, p1->u.zJContent, p1->n);
-  }else if( p2->jnFlags & JNODE_RAW ){
-    return jsonLabelCompare(p1, p2->u.zJContent, p2->n);
+
+/*
+** Error returns from jsonLookupStep()
+*/
+#define JSON_LOOKUP_ERROR      0xffffffff
+#define JSON_LOOKUP_NOTFOUND   0xfffffffe
+#define JSON_LOOKUP_PATHERROR  0xfffffffd
+#define JSON_LOOKUP_ISERROR(x) ((x)>=JSON_LOOKUP_PATHERROR)
+
+/* Forward declaration */
+static u32 jsonLookupStep(JsonParse*,u32,const char*,u32);
+
+
+/* This helper routine for jsonLookupStep() populates pIns with
+** binary data that is to be inserted into pParse.
+**
+** In the common case, pIns just points to pParse->aIns and pParse->nIns.
+** But if the zPath of the original edit operation includes path elements
+** that go deeper, additional substructure must be created.
+**
+** For example:
+**
+**     json_insert('{}', '$.a.b.c', 123);
+**
+** The search stops at '$.a'  But additional substructure must be
+** created for the ".b.c" part of the patch so that the final result
+** is:  {"a":{"b":{"c"::123}}}.  This routine populates pIns with
+** the binary equivalent of {"b":{"c":123}} so that it can be inserted.
+**
+** The caller is responsible for resetting pIns when it has finished
+** using the substructure.
+*/
+static u32 jsonCreateEditSubstructure(
+  JsonParse *pParse,  /* The original JSONB that is being edited */
+  JsonParse *pIns,    /* Populate this with the blob data to insert */
+  const char *zTail   /* Tail of the path that determins substructure */
+){
+  static const u8 emptyObject[] = { JSONB_ARRAY, JSONB_OBJECT };
+  int rc;
+  memset(pIns, 0, sizeof(*pIns));
+  pIns->db = pParse->db;
+  if( zTail[0]==0 ){
+    /* No substructure.  Just insert what is given in pParse. */
+    pIns->aBlob = pParse->aIns;
+    pIns->nBlob = pParse->nIns;
+    rc = 0;
   }else{
-    return p1->n==p2->n && strncmp(p1->u.zJContent,p2->u.zJContent,p1->n)==0;
+    /* Construct the binary substructure */
+    pIns->nBlob = 1;
+    pIns->aBlob = (u8*)&emptyObject[zTail[0]=='.'];
+    pIns->eEdit = pParse->eEdit;
+    pIns->nIns = pParse->nIns;
+    pIns->aIns = pParse->aIns;
+    rc = jsonLookupStep(pIns, 0, zTail, 0);
+    pParse->oom |= pIns->oom;
   }
+  return rc;  /* Error code only */
 }
 
-/* forward declaration */
-static JsonNode *jsonLookupAppend(JsonParse*,const char*,int*,const char**);
-
 /*
-** Search along zPath to find the node specified.  Return a pointer
-** to that node, or NULL if zPath is malformed or if there is no such
-** node.
+** Search along zPath to find the Json element specified.  Return an
+** index into pParse->aBlob[] for the start of that element's value.
 **
-** If pApnd!=0, then try to append new nodes to complete zPath if it is
-** possible to do so and if no existing node corresponds to zPath.  If
-** new nodes are appended *pApnd is set to 1.
+** If the value found by this routine is the value half of label/value pair
+** within an object, then set pPath->iLabel to the start of the corresponding
+** label, before returning.
+**
+** Return one of the JSON_LOOKUP error codes if problems are seen.
+**
+** This routine will also modify the blob.  If pParse->eEdit is one of
+** JEDIT_DEL, JEDIT_REPL, JEDIT_INS, or JEDIT_SET, then changes might be
+** made to the selected value.  If an edit is performed, then the return
+** value does not necessarily point to the select element.  If an edit
+** is performed, the return value is only useful for detecting error
+** conditions.
 */
-static JsonNode *jsonLookupStep(
+static u32 jsonLookupStep(
   JsonParse *pParse,      /* The JSON to search */
-  u32 iRoot,              /* Begin the search at this node */
+  u32 iRoot,              /* Begin the search at this element of aBlob[] */
   const char *zPath,      /* The path to search */
-  int *pApnd,             /* Append nodes to complete path if not NULL */
-  const char **pzErr      /* Make *pzErr point to any syntax error in zPath */
+  u32 iLabel              /* Label if iRoot is a value of in an object */
 ){
-  u32 i, j, nKey;
+  u32 i, j, k, nKey, sz, n, iEnd, rc;
   const char *zKey;
-  JsonNode *pRoot;
-  if( pParse->oom ) return 0;
-  pRoot = &pParse->aNode[iRoot];
-  if( pRoot->jnFlags & (JNODE_REPLACE|JNODE_REMOVE) && pParse->useMod ){
-    while( (pRoot->jnFlags & JNODE_REPLACE)!=0 ){
-      u32 idx = (u32)(pRoot - pParse->aNode);
-      i = pParse->iSubst;
-      while( 1 /*exit-by-break*/ ){
-        assert( inNode );
-        assert( pParse->aNode[i].eType==JSON_SUBST );
-        assert( pParse->aNode[i].eU==4 );
-        assert( pParse->aNode[i].u.iPrevaNode[i].n==idx ){
-          pRoot = &pParse->aNode[i+1];
-          iRoot = i+1;
-          break;
-        }
-        i = pParse->aNode[i].u.iPrev;
+  u8 x;
+
+  if( zPath[0]==0 ){
+    if( pParse->eEdit && jsonBlobMakeEditable(pParse, pParse->nIns) ){
+      n = jsonbPayloadSize(pParse, iRoot, &sz);
+      sz += n;
+      if( pParse->eEdit==JEDIT_DEL ){
+        if( iLabel>0 ){
+          sz += iRoot - iLabel;
+          iRoot = iLabel;
+        }
+        jsonBlobEdit(pParse, iRoot, sz, 0, 0);
+      }else if( pParse->eEdit==JEDIT_INS ){
+        /* Already exists, so json_insert() is a no-op */
+      }else{
+        /* json_set() or json_replace() */
+        jsonBlobEdit(pParse, iRoot, sz, pParse->aIns, pParse->nIns);
       }
     }
-    if( pRoot->jnFlags & JNODE_REMOVE ){
-      return 0;
-    }
+    pParse->iLabel = iLabel;
+    return iRoot;
   }
-  if( zPath[0]==0 ) return pRoot;
   if( zPath[0]=='.' ){
-    if( pRoot->eType!=JSON_OBJECT ) return 0;
+    int rawKey = 1;
+    x = pParse->aBlob[iRoot];
     zPath++;
     if( zPath[0]=='"' ){
       zKey = zPath + 1;
@@ -204618,315 +205868,802 @@ static JsonNode *jsonLookupStep(
       if( zPath[i] ){
         i++;
       }else{
-        *pzErr = zPath;
-        return 0;
+        return JSON_LOOKUP_PATHERROR;
       }
       testcase( nKey==0 );
+      rawKey = memchr(zKey, '\\', nKey)==0;
     }else{
       zKey = zPath;
       for(i=0; zPath[i] && zPath[i]!='.' && zPath[i]!='['; i++){}
       nKey = i;
       if( nKey==0 ){
-        *pzErr = zPath;
-        return 0;
-      }
-    }
-    j = 1;
-    for(;;){
-      while( j<=pRoot->n ){
-        if( jsonLabelCompare(pRoot+j, zKey, nKey) ){
-          return jsonLookupStep(pParse, iRoot+j+1, &zPath[i], pApnd, pzErr);
-        }
-        j++;
-        j += jsonNodeSize(&pRoot[j]);
+        return JSON_LOOKUP_PATHERROR;
+      }
+    }
+    if( (x & 0x0f)!=JSONB_OBJECT ) return JSON_LOOKUP_NOTFOUND;
+    n = jsonbPayloadSize(pParse, iRoot, &sz);
+    j = iRoot + n;  /* j is the index of a label */
+    iEnd = j+sz;
+    while( jaBlob[j] & 0x0f;
+      if( xJSONB_TEXTRAW ) return JSON_LOOKUP_ERROR;
+      n = jsonbPayloadSize(pParse, j, &sz);
+      if( n==0 ) return JSON_LOOKUP_ERROR;
+      k = j+n;  /* k is the index of the label text */
+      if( k+sz>=iEnd ) return JSON_LOOKUP_ERROR;
+      zLabel = (const char*)&pParse->aBlob[k];
+      rawLabel = x==JSONB_TEXT || x==JSONB_TEXTRAW;
+      if( jsonLabelCompare(zKey, nKey, rawKey, zLabel, sz, rawLabel) ){
+        u32 v = k+sz;  /* v is the index of the value */
+        if( ((pParse->aBlob[v])&0x0f)>JSONB_OBJECT ) return JSON_LOOKUP_ERROR;
+        n = jsonbPayloadSize(pParse, v, &sz);
+        if( n==0 || v+n+sz>iEnd ) return JSON_LOOKUP_ERROR;
+        assert( j>0 );
+        rc = jsonLookupStep(pParse, v, &zPath[i], j);
+        if( pParse->delta ) jsonAfterEditSizeAdjust(pParse, iRoot);
+        return rc;
       }
-      if( (pRoot->jnFlags & JNODE_APPEND)==0 ) break;
-      if( pParse->useMod==0 ) break;
-      assert( pRoot->eU==2 );
-      iRoot = pRoot->u.iAppend;
-      pRoot = &pParse->aNode[iRoot];
-      j = 1;
-    }
-    if( pApnd ){
-      u32 iStart, iLabel;
-      JsonNode *pNode;
-      assert( pParse->useMod );
-      iStart = jsonParseAddNode(pParse, JSON_OBJECT, 2, 0);
-      iLabel = jsonParseAddNode(pParse, JSON_STRING, nKey, zKey);
-      zPath += i;
-      pNode = jsonLookupAppend(pParse, zPath, pApnd, pzErr);
-      if( pParse->oom ) return 0;
-      if( pNode ){
-        pRoot = &pParse->aNode[iRoot];
-        assert( pRoot->eU==0 );
-        pRoot->u.iAppend = iStart;
-        pRoot->jnFlags |= JNODE_APPEND;
-        VVA( pRoot->eU = 2 );
-        pParse->aNode[iLabel].jnFlags |= JNODE_RAW;
-      }
-      return pNode;
+      j = k+sz;
+      if( ((pParse->aBlob[j])&0x0f)>JSONB_OBJECT ) return JSON_LOOKUP_ERROR;
+      n = jsonbPayloadSize(pParse, j, &sz);
+      if( n==0 ) return JSON_LOOKUP_ERROR;
+      j += n+sz;
+    }
+    if( j>iEnd ) return JSON_LOOKUP_ERROR;
+    if( pParse->eEdit>=JEDIT_INS ){
+      u32 nIns;          /* Total bytes to insert (label+value) */
+      JsonParse v;       /* BLOB encoding of the value to be inserted */
+      JsonParse ix;      /* Header of the label to be inserted */
+      testcase( pParse->eEdit==JEDIT_INS );
+      testcase( pParse->eEdit==JEDIT_SET );
+      memset(&ix, 0, sizeof(ix));
+      ix.db = pParse->db;
+      jsonBlobAppendNode(&ix, rawKey?JSONB_TEXTRAW:JSONB_TEXT5, nKey, 0);
+      pParse->oom |= ix.oom;
+      rc = jsonCreateEditSubstructure(pParse, &v, &zPath[i]);
+      if( !JSON_LOOKUP_ISERROR(rc)
+       && jsonBlobMakeEditable(pParse, ix.nBlob+nKey+v.nBlob)
+      ){
+        assert( !pParse->oom );
+        nIns = ix.nBlob + nKey + v.nBlob;
+        jsonBlobEdit(pParse, j, 0, 0, nIns);
+        if( !pParse->oom ){
+          assert( pParse->aBlob!=0 ); /* Because pParse->oom!=0 */
+          assert( ix.aBlob!=0 );      /* Because pPasre->oom!=0 */
+          memcpy(&pParse->aBlob[j], ix.aBlob, ix.nBlob);
+          k = j + ix.nBlob;
+          memcpy(&pParse->aBlob[k], zKey, nKey);
+          k += nKey;
+          memcpy(&pParse->aBlob[k], v.aBlob, v.nBlob);
+          if( ALWAYS(pParse->delta) ) jsonAfterEditSizeAdjust(pParse, iRoot);
+        }
+      }
+      jsonParseReset(&v);
+      jsonParseReset(&ix);
+      return rc;
     }
   }else if( zPath[0]=='[' ){
-    i = 0;
-    j = 1;
-    while( sqlite3Isdigit(zPath[j]) ){
-      i = i*10 + zPath[j] - '0';
-      j++;
+    x = pParse->aBlob[iRoot] & 0x0f;
+    if( x!=JSONB_ARRAY )  return JSON_LOOKUP_NOTFOUND;
+    n = jsonbPayloadSize(pParse, iRoot, &sz);
+    k = 0;
+    i = 1;
+    while( sqlite3Isdigit(zPath[i]) ){
+      k = k*10 + zPath[i] - '0';
+      i++;
     }
-    if( j<2 || zPath[j]!=']' ){
+    if( i<2 || zPath[i]!=']' ){
       if( zPath[1]=='#' ){
-        JsonNode *pBase = pRoot;
-        int iBase = iRoot;
-        if( pRoot->eType!=JSON_ARRAY ) return 0;
-        for(;;){
-          while( j<=pBase->n ){
-            if( (pBase[j].jnFlags & JNODE_REMOVE)==0 || pParse->useMod==0 ) i++;
-            j += jsonNodeSize(&pBase[j]);
-          }
-          if( (pBase->jnFlags & JNODE_APPEND)==0 ) break;
-          if( pParse->useMod==0 ) break;
-          assert( pBase->eU==2 );
-          iBase = pBase->u.iAppend;
-          pBase = &pParse->aNode[iBase];
-          j = 1;
-        }
-        j = 2;
+        k = jsonbArrayCount(pParse, iRoot);
+        i = 2;
         if( zPath[2]=='-' && sqlite3Isdigit(zPath[3]) ){
-          unsigned int x = 0;
-          j = 3;
+          unsigned int nn = 0;
+          i = 3;
           do{
-            x = x*10 + zPath[j] - '0';
-            j++;
-          }while( sqlite3Isdigit(zPath[j]) );
-          if( x>i ) return 0;
-          i -= x;
+            nn = nn*10 + zPath[i] - '0';
+            i++;
+          }while( sqlite3Isdigit(zPath[i]) );
+          if( nn>k ) return JSON_LOOKUP_NOTFOUND;
+          k -= nn;
         }
-        if( zPath[j]!=']' ){
-          *pzErr = zPath;
-          return 0;
+        if( zPath[i]!=']' ){
+          return JSON_LOOKUP_PATHERROR;
         }
       }else{
-        *pzErr = zPath;
-        return 0;
+        return JSON_LOOKUP_PATHERROR;
       }
     }
-    if( pRoot->eType!=JSON_ARRAY ) return 0;
-    zPath += j + 1;
-    j = 1;
-    for(;;){
-      while( j<=pRoot->n
-         && (i>0 || ((pRoot[j].jnFlags & JNODE_REMOVE)!=0 && pParse->useMod))
+    j = iRoot+n;
+    iEnd = j+sz;
+    while( jdelta ) jsonAfterEditSizeAdjust(pParse, iRoot);
+        return rc;
+      }
+      k--;
+      n = jsonbPayloadSize(pParse, j, &sz);
+      if( n==0 ) return JSON_LOOKUP_ERROR;
+      j += n+sz;
+    }
+    if( j>iEnd ) return JSON_LOOKUP_ERROR;
+    if( k>0 ) return JSON_LOOKUP_NOTFOUND;
+    if( pParse->eEdit>=JEDIT_INS ){
+      JsonParse v;
+      testcase( pParse->eEdit==JEDIT_INS );
+      testcase( pParse->eEdit==JEDIT_SET );
+      rc = jsonCreateEditSubstructure(pParse, &v, &zPath[i+1]);
+      if( !JSON_LOOKUP_ISERROR(rc)
+       && jsonBlobMakeEditable(pParse, v.nBlob)
       ){
-        if( (pRoot[j].jnFlags & JNODE_REMOVE)==0 || pParse->useMod==0 ) i--;
-        j += jsonNodeSize(&pRoot[j]);
-      }
-      if( i==0 && j<=pRoot->n ) break;
-      if( (pRoot->jnFlags & JNODE_APPEND)==0 ) break;
-      if( pParse->useMod==0 ) break;
-      assert( pRoot->eU==2 );
-      iRoot = pRoot->u.iAppend;
-      pRoot = &pParse->aNode[iRoot];
-      j = 1;
-    }
-    if( j<=pRoot->n ){
-      return jsonLookupStep(pParse, iRoot+j, zPath, pApnd, pzErr);
-    }
-    if( i==0 && pApnd ){
-      u32 iStart;
-      JsonNode *pNode;
-      assert( pParse->useMod );
-      iStart = jsonParseAddNode(pParse, JSON_ARRAY, 1, 0);
-      pNode = jsonLookupAppend(pParse, zPath, pApnd, pzErr);
-      if( pParse->oom ) return 0;
-      if( pNode ){
-        pRoot = &pParse->aNode[iRoot];
-        assert( pRoot->eU==0 );
-        pRoot->u.iAppend = iStart;
-        pRoot->jnFlags |= JNODE_APPEND;
-        VVA( pRoot->eU = 2 );
+        assert( !pParse->oom );
+        jsonBlobEdit(pParse, j, 0, v.aBlob, v.nBlob);
       }
-      return pNode;
+      jsonParseReset(&v);
+      if( pParse->delta ) jsonAfterEditSizeAdjust(pParse, iRoot);
+      return rc;
     }
   }else{
-    *pzErr = zPath;
+    return JSON_LOOKUP_PATHERROR;
   }
-  return 0;
+  return JSON_LOOKUP_NOTFOUND;
 }
 
 /*
-** Append content to pParse that will complete zPath.  Return a pointer
-** to the inserted node, or return NULL if the append fails.
+** Convert a JSON BLOB into text and make that text the return value
+** of an SQL function.
 */
-static JsonNode *jsonLookupAppend(
-  JsonParse *pParse,     /* Append content to the JSON parse */
-  const char *zPath,     /* Description of content to append */
-  int *pApnd,            /* Set this flag to 1 */
-  const char **pzErr     /* Make this point to any syntax error */
+static void jsonReturnTextJsonFromBlob(
+  sqlite3_context *ctx,
+  const u8 *aBlob,
+  u32 nBlob
 ){
-  *pApnd = 1;
-  if( zPath[0]==0 ){
-    jsonParseAddNode(pParse, JSON_NULL, 0, 0);
-    return pParse->oom ? 0 : &pParse->aNode[pParse->nNode-1];
-  }
-  if( zPath[0]=='.' ){
-    jsonParseAddNode(pParse, JSON_OBJECT, 0, 0);
-  }else if( strncmp(zPath,"[0]",3)==0 ){
-    jsonParseAddNode(pParse, JSON_ARRAY, 0, 0);
-  }else{
-    return 0;
-  }
-  if( pParse->oom ) return 0;
-  return jsonLookupStep(pParse, pParse->nNode-1, zPath, pApnd, pzErr);
+  JsonParse x;
+  JsonString s;
+
+  if( NEVER(aBlob==0) ) return;
+  memset(&x, 0, sizeof(x));
+  x.aBlob = (u8*)aBlob;
+  x.nBlob = nBlob;
+  jsonStringInit(&s, ctx);
+  jsonTranslateBlobToText(&x, 0, &s);
+  jsonReturnString(&s, 0, 0);
 }
 
+
 /*
-** Return the text of a syntax error message on a JSON path.  Space is
-** obtained from sqlite3_malloc().
+** Return the value of the BLOB node at index i.
+**
+** If the value is a primitive, return it as an SQL value.
+** If the value is an array or object, return it as either
+** JSON text or the BLOB encoding, depending on the JSON_B flag
+** on the userdata.
 */
-static char *jsonPathSyntaxError(const char *zErr){
-  return sqlite3_mprintf("JSON path error near '%q'", zErr);
+static void jsonReturnFromBlob(
+  JsonParse *pParse,          /* Complete JSON parse tree */
+  u32 i,                      /* Index of the node */
+  sqlite3_context *pCtx,      /* Return value for this function */
+  int textOnly                /* return text JSON.  Disregard user-data */
+){
+  u32 n, sz;
+  int rc;
+  sqlite3 *db = sqlite3_context_db_handle(pCtx);
+
+  n = jsonbPayloadSize(pParse, i, &sz);
+  if( n==0 ){
+    sqlite3_result_error(pCtx, "malformed JSON", -1);
+    return;
+  }
+  switch( pParse->aBlob[i] & 0x0f ){
+    case JSONB_NULL: {
+      if( sz ) goto returnfromblob_malformed;
+      sqlite3_result_null(pCtx);
+      break;
+    }
+    case JSONB_TRUE: {
+      if( sz ) goto returnfromblob_malformed;
+      sqlite3_result_int(pCtx, 1);
+      break;
+    }
+    case JSONB_FALSE: {
+      if( sz ) goto returnfromblob_malformed;
+      sqlite3_result_int(pCtx, 0);
+      break;
+    }
+    case JSONB_INT5:
+    case JSONB_INT: {
+      sqlite3_int64 iRes = 0;
+      char *z;
+      int bNeg = 0;
+      char x;
+      if( sz==0 ) goto returnfromblob_malformed;
+      x = (char)pParse->aBlob[i+n];
+      if( x=='-' ){
+        if( sz<2 ) goto returnfromblob_malformed;
+        n++;
+        sz--;
+        bNeg = 1;
+      }
+      z = sqlite3DbStrNDup(db, (const char*)&pParse->aBlob[i+n], (int)sz);
+      if( z==0 ) goto returnfromblob_oom;
+      rc = sqlite3DecOrHexToI64(z, &iRes);
+      sqlite3DbFree(db, z);
+      if( rc==0 ){
+        sqlite3_result_int64(pCtx, bNeg ? -iRes : iRes);
+      }else if( rc==3 && bNeg ){
+        sqlite3_result_int64(pCtx, SMALLEST_INT64);
+      }else if( rc==1 ){
+        goto returnfromblob_malformed;
+      }else{
+        if( bNeg ){ n--; sz++; }
+        goto to_double;
+      }
+      break;
+    }
+    case JSONB_FLOAT5:
+    case JSONB_FLOAT: {
+      double r;
+      char *z;
+      if( sz==0 ) goto returnfromblob_malformed;
+    to_double:
+      z = sqlite3DbStrNDup(db, (const char*)&pParse->aBlob[i+n], (int)sz);
+      if( z==0 ) goto returnfromblob_oom;
+      rc = sqlite3AtoF(z, &r, sqlite3Strlen30(z), SQLITE_UTF8);
+      sqlite3DbFree(db, z);
+      if( rc<=0 ) goto returnfromblob_malformed;
+      sqlite3_result_double(pCtx, r);
+      break;
+    }
+    case JSONB_TEXTRAW:
+    case JSONB_TEXT: {
+      sqlite3_result_text(pCtx, (char*)&pParse->aBlob[i+n], sz,
+                          SQLITE_TRANSIENT);
+      break;
+    }
+    case JSONB_TEXT5:
+    case JSONB_TEXTJ: {
+      /* Translate JSON formatted string into raw text */
+      u32 iIn, iOut;
+      const char *z;
+      char *zOut;
+      u32 nOut = sz;
+      z = (const char*)&pParse->aBlob[i+n];
+      zOut = sqlite3DbMallocRaw(db, nOut+1);
+      if( zOut==0 ) goto returnfromblob_oom;
+      for(iIn=iOut=0; iIn=2 );
+            zOut[iOut++] = (char)(0xc0 | (v>>6));
+            zOut[iOut++] = 0x80 | (v&0x3f);
+          }else if( v<0x10000 ){
+            assert( szEscape>=3 );
+            zOut[iOut++] = 0xe0 | (v>>12);
+            zOut[iOut++] = 0x80 | ((v>>6)&0x3f);
+            zOut[iOut++] = 0x80 | (v&0x3f);
+          }else if( v==JSON_INVALID_CHAR ){
+            /* Silently ignore illegal unicode */
+          }else{
+            assert( szEscape>=4 );
+            zOut[iOut++] = 0xf0 | (v>>18);
+            zOut[iOut++] = 0x80 | ((v>>12)&0x3f);
+            zOut[iOut++] = 0x80 | ((v>>6)&0x3f);
+            zOut[iOut++] = 0x80 | (v&0x3f);
+          }
+          iIn += szEscape - 1;
+        }else{
+          zOut[iOut++] = c;
+        }
+      } /* end for() */
+      assert( iOut<=nOut );
+      zOut[iOut] = 0;
+      sqlite3_result_text(pCtx, zOut, iOut, SQLITE_DYNAMIC);
+      break;
+    }
+    case JSONB_ARRAY:
+    case JSONB_OBJECT: {
+      int flags = textOnly ? 0 : SQLITE_PTR_TO_INT(sqlite3_user_data(pCtx));
+      if( flags & JSON_BLOB ){
+        sqlite3_result_blob(pCtx, &pParse->aBlob[i], sz+n, SQLITE_TRANSIENT);
+      }else{
+        jsonReturnTextJsonFromBlob(pCtx, &pParse->aBlob[i], sz+n);
+      }
+      break;
+    }
+    default: {
+      goto returnfromblob_malformed;
+    }
+  }
+  return;
+
+returnfromblob_oom:
+  sqlite3_result_error_nomem(pCtx);
+  return;
+
+returnfromblob_malformed:
+  sqlite3_result_error(pCtx, "malformed JSON", -1);
+  return;
 }
 
 /*
-** Do a node lookup using zPath.  Return a pointer to the node on success.
-** Return NULL if not found or if there is an error.
+** pArg is a function argument that might be an SQL value or a JSON
+** value.  Figure out what it is and encode it as a JSONB blob.
+** Return the results in pParse.
 **
-** On an error, write an error message into pCtx and increment the
-** pParse->nErr counter.
+** pParse is uninitialized upon entry.  This routine will handle the
+** initialization of pParse.  The result will be contained in
+** pParse->aBlob and pParse->nBlob.  pParse->aBlob might be dynamically
+** allocated (if pParse->nBlobAlloc is greater than zero) in which case
+** the caller is responsible for freeing the space allocated to pParse->aBlob
+** when it has finished with it.  Or pParse->aBlob might be a static string
+** or a value obtained from sqlite3_value_blob(pArg).
 **
-** If pApnd!=NULL then try to append missing nodes and set *pApnd = 1 if
-** nodes are appended.
+** If the argument is a BLOB that is clearly not a JSONB, then this
+** function might set an error message in ctx and return non-zero.
+** It might also set an error message and return non-zero on an OOM error.
 */
-static JsonNode *jsonLookup(
-  JsonParse *pParse,      /* The JSON to search */
-  const char *zPath,      /* The path to search */
-  int *pApnd,             /* Append nodes to complete path if not NULL */
-  sqlite3_context *pCtx   /* Report errors here, if not NULL */
-){
-  const char *zErr = 0;
-  JsonNode *pNode = 0;
-  char *zMsg;
-
-  if( zPath==0 ) return 0;
-  if( zPath[0]!='$' ){
-    zErr = zPath;
-    goto lookup_err;
+static int jsonFunctionArgToBlob(
+  sqlite3_context *ctx,
+  sqlite3_value *pArg,
+  JsonParse *pParse
+){
+  int eType = sqlite3_value_type(pArg);
+  static u8 aNull[] = { 0x00 };
+  memset(pParse, 0, sizeof(pParse[0]));
+  pParse->db = sqlite3_context_db_handle(ctx);
+  switch( eType ){
+    default: {
+      pParse->aBlob = aNull;
+      pParse->nBlob = 1;
+      return 0;
+    }
+    case SQLITE_BLOB: {
+      if( jsonFuncArgMightBeBinary(pArg) ){
+        pParse->aBlob = (u8*)sqlite3_value_blob(pArg);
+        pParse->nBlob = sqlite3_value_bytes(pArg);
+      }else{
+        sqlite3_result_error(ctx, "JSON cannot hold BLOB values", -1);
+        return 1;
+      }
+      break;
+    }
+    case SQLITE_TEXT: {
+      const char *zJson = (const char*)sqlite3_value_text(pArg);
+      int nJson = sqlite3_value_bytes(pArg);
+      if( zJson==0 ) return 1;
+      if( sqlite3_value_subtype(pArg)==JSON_SUBTYPE ){
+        pParse->zJson = (char*)zJson;
+        pParse->nJson = nJson;
+        if( jsonConvertTextToBlob(pParse, ctx) ){
+          sqlite3_result_error(ctx, "malformed JSON", -1);
+          sqlite3DbFree(pParse->db, pParse->aBlob);
+          memset(pParse, 0, sizeof(pParse[0]));
+          return 1;
+        }
+      }else{
+        jsonBlobAppendNode(pParse, JSONB_TEXTRAW, nJson, zJson);
+      }
+      break;
+    }
+    case SQLITE_FLOAT: {
+      double r = sqlite3_value_double(pArg);
+      if( NEVER(sqlite3IsNaN(r)) ){
+        jsonBlobAppendNode(pParse, JSONB_NULL, 0, 0);
+      }else{
+        int n = sqlite3_value_bytes(pArg);
+        const char *z = (const char*)sqlite3_value_text(pArg);
+        if( z==0 ) return 1;
+        if( z[0]=='I' ){
+          jsonBlobAppendNode(pParse, JSONB_FLOAT, 5, "9e999");
+        }else if( z[0]=='-' && z[1]=='I' ){
+          jsonBlobAppendNode(pParse, JSONB_FLOAT, 6, "-9e999");
+        }else{
+          jsonBlobAppendNode(pParse, JSONB_FLOAT, n, z);
+        }
+      }
+      break;
+    }
+    case SQLITE_INTEGER: {
+      int n = sqlite3_value_bytes(pArg);
+      const char *z = (const char*)sqlite3_value_text(pArg);
+      if( z==0 ) return 1;
+      jsonBlobAppendNode(pParse, JSONB_INT, n, z);
+      break;
+    }
   }
-  zPath++;
-  pNode = jsonLookupStep(pParse, 0, zPath, pApnd, &zErr);
-  if( zErr==0 ) return pNode;
+  if( pParse->oom ){
+    sqlite3_result_error_nomem(ctx);
+    return 1;
+  }else{
+    return 0;
+  }
+}
 
-lookup_err:
-  pParse->nErr++;
-  assert( zErr!=0 && pCtx!=0 );
-  zMsg = jsonPathSyntaxError(zErr);
+/*
+** Generate a bad path error.
+**
+** If ctx is not NULL then push the error message into ctx and return NULL.
+** If ctx is NULL, then return the text of the error message.
+*/
+static char *jsonBadPathError(
+  sqlite3_context *ctx,     /* The function call containing the error */
+  const char *zPath         /* The path with the problem */
+){
+  char *zMsg = sqlite3_mprintf("bad JSON path: %Q", zPath);
+  if( ctx==0 ) return zMsg;
   if( zMsg ){
-    sqlite3_result_error(pCtx, zMsg, -1);
+    sqlite3_result_error(ctx, zMsg, -1);
     sqlite3_free(zMsg);
   }else{
-    sqlite3_result_error_nomem(pCtx);
+    sqlite3_result_error_nomem(ctx);
   }
   return 0;
 }
 
+/* argv[0] is a BLOB that seems likely to be a JSONB.  Subsequent
+** arguments come in parse where each pair contains a JSON path and
+** content to insert or set at that patch.  Do the updates
+** and return the result.
+**
+** The specific operation is determined by eEdit, which can be one
+** of JEDIT_INS, JEDIT_REPL, or JEDIT_SET.
+*/
+static void jsonInsertIntoBlob(
+  sqlite3_context *ctx,
+  int argc,
+  sqlite3_value **argv,
+  int eEdit                /* JEDIT_INS, JEDIT_REPL, or JEDIT_SET */
+){
+  int i;
+  u32 rc = 0;
+  const char *zPath = 0;
+  int flgs;
+  JsonParse *p;
+  JsonParse ax;
+
+  assert( (argc&1)==1 );
+  flgs = argc==1 ? 0 : JSON_EDITABLE;
+  p = jsonParseFuncArg(ctx, argv[0], flgs);
+  if( p==0 ) return;
+  for(i=1; inBlob, ax.aBlob, ax.nBlob);
+      }
+      rc = 0;
+   }else{
+      p->eEdit = eEdit;
+      p->nIns = ax.nBlob;
+      p->aIns = ax.aBlob;
+      p->delta = 0;
+      rc = jsonLookupStep(p, 0, zPath+1, 0);
+    }
+    jsonParseReset(&ax);
+    if( rc==JSON_LOOKUP_NOTFOUND ) continue;
+    if( JSON_LOOKUP_ISERROR(rc) ) goto jsonInsertIntoBlob_patherror;
+  }
+  jsonReturnParse(ctx, p);
+  jsonParseFree(p);
+  return;
+
+jsonInsertIntoBlob_patherror:
+  jsonParseFree(p);
+  if( rc==JSON_LOOKUP_ERROR ){
+    sqlite3_result_error(ctx, "malformed JSON", -1);
+  }else{
+    jsonBadPathError(ctx, zPath);
+  }
+  return;
+}
 
 /*
-** Report the wrong number of arguments for json_insert(), json_replace()
-** or json_set().
+** Generate a JsonParse object, containing valid JSONB in aBlob and nBlob,
+** from the SQL function argument pArg.  Return a pointer to the new
+** JsonParse object.
+**
+** Ownership of the new JsonParse object is passed to the caller.  The
+** caller should invoke jsonParseFree() on the return value when it
+** has finished using it.
+**
+** If any errors are detected, an appropriate error messages is set
+** using sqlite3_result_error() or the equivalent and this routine
+** returns NULL.  This routine also returns NULL if the pArg argument
+** is an SQL NULL value, but no error message is set in that case.  This
+** is so that SQL functions that are given NULL arguments will return
+** a NULL value.
 */
-static void jsonWrongNumArgs(
-  sqlite3_context *pCtx,
-  const char *zFuncName
+static JsonParse *jsonParseFuncArg(
+  sqlite3_context *ctx,
+  sqlite3_value *pArg,
+  u32 flgs
 ){
-  char *zMsg = sqlite3_mprintf("json_%s() needs an odd number of arguments",
-                               zFuncName);
-  sqlite3_result_error(pCtx, zMsg, -1);
-  sqlite3_free(zMsg);
+  int eType;                   /* Datatype of pArg */
+  JsonParse *p = 0;            /* Value to be returned */
+  JsonParse *pFromCache = 0;   /* Value taken from cache */
+  sqlite3 *db;                 /* The database connection */
+
+  assert( ctx!=0 );
+  eType = sqlite3_value_type(pArg);
+  if( eType==SQLITE_NULL ){
+    return 0;
+  }
+  pFromCache = jsonCacheSearch(ctx, pArg);
+  if( pFromCache ){
+    pFromCache->nJPRef++;
+    if( (flgs & JSON_EDITABLE)==0 ){
+      return pFromCache;
+    }
+  }
+  db = sqlite3_context_db_handle(ctx);
+rebuild_from_cache:
+  p = sqlite3DbMallocZero(db, sizeof(*p));
+  if( p==0 ) goto json_pfa_oom;
+  memset(p, 0, sizeof(*p));
+  p->db = db;
+  p->nJPRef = 1;
+  if( pFromCache!=0 ){
+    u32 nBlob = pFromCache->nBlob;
+    p->aBlob = sqlite3DbMallocRaw(db, nBlob);
+    if( p->aBlob==0 ) goto json_pfa_oom;
+    memcpy(p->aBlob, pFromCache->aBlob, nBlob);
+    p->nBlobAlloc = p->nBlob = nBlob;
+    p->hasNonstd = pFromCache->hasNonstd;
+    jsonParseFree(pFromCache);
+    return p;
+  }
+  if( eType==SQLITE_BLOB ){
+    u32 n, sz = 0;
+    p->aBlob = (u8*)sqlite3_value_blob(pArg);
+    p->nBlob = (u32)sqlite3_value_bytes(pArg);
+    if( p->nBlob==0 ){
+      goto json_pfa_malformed;
+    }
+    if( NEVER(p->aBlob==0) ){
+      goto json_pfa_oom;
+    }
+    if( (p->aBlob[0] & 0x0f)>JSONB_OBJECT ){
+      goto json_pfa_malformed;
+    }
+    n = jsonbPayloadSize(p, 0, &sz);
+    if( n==0
+     || sz+n!=p->nBlob
+     || ((p->aBlob[0] & 0x0f)<=JSONB_FALSE && sz>0)
+    ){
+      goto json_pfa_malformed;
+    }
+    if( (flgs & JSON_EDITABLE)!=0 && jsonBlobMakeEditable(p, 0)==0 ){
+      goto json_pfa_oom;
+    }
+    return p;
+  }
+  p->zJson = (char*)sqlite3_value_text(pArg);
+  p->nJson = sqlite3_value_bytes(pArg);
+  if( p->nJson==0 ) goto json_pfa_malformed;
+  if( NEVER(p->zJson==0) ) goto json_pfa_oom;
+  if( jsonConvertTextToBlob(p, (flgs & JSON_KEEPERROR) ? 0 : ctx) ){
+    if( flgs & JSON_KEEPERROR ){
+      p->nErr = 1;
+      return p;
+    }else{
+      jsonParseFree(p);
+      return 0;
+    }
+  }else{
+    int isRCStr = sqlite3ValueIsOfClass(pArg, sqlite3RCStrUnref);
+    int rc;
+    if( !isRCStr ){
+      char *zNew = sqlite3RCStrNew( p->nJson );
+      if( zNew==0 ) goto json_pfa_oom;
+      memcpy(zNew, p->zJson, p->nJson);
+      p->zJson = zNew;
+      p->zJson[p->nJson] = 0;
+    }else{
+      sqlite3RCStrRef(p->zJson);
+    }
+    p->bJsonIsRCStr = 1;
+    rc = jsonCacheInsert(ctx, p);
+    if( rc==SQLITE_NOMEM ) goto json_pfa_oom;
+    if( flgs & JSON_EDITABLE ){
+      pFromCache = p;
+      p = 0;
+      goto rebuild_from_cache;
+    }
+  }
+  return p;
+
+json_pfa_malformed:
+  if( flgs & JSON_KEEPERROR ){
+    p->nErr = 1;
+    return p;
+  }else{
+    jsonParseFree(p);
+    sqlite3_result_error(ctx, "malformed JSON", -1);
+    return 0;
+  }
+
+json_pfa_oom:
+  jsonParseFree(pFromCache);
+  jsonParseFree(p);
+  sqlite3_result_error_nomem(ctx);
+  return 0;
 }
 
 /*
-** Mark all NULL entries in the Object passed in as JNODE_REMOVE.
+** Make the return value of a JSON function either the raw JSONB blob
+** or make it JSON text, depending on whether the JSON_BLOB flag is
+** set on the function.
 */
-static void jsonRemoveAllNulls(JsonNode *pNode){
-  int i, n;
-  assert( pNode->eType==JSON_OBJECT );
-  n = pNode->n;
-  for(i=2; i<=n; i += jsonNodeSize(&pNode[i])+1){
-    switch( pNode[i].eType ){
-      case JSON_NULL:
-        pNode[i].jnFlags |= JNODE_REMOVE;
-        break;
-      case JSON_OBJECT:
-        jsonRemoveAllNulls(&pNode[i]);
-        break;
+static void jsonReturnParse(
+  sqlite3_context *ctx,
+  JsonParse *p
+){
+  int flgs;
+  if( p->oom ){
+    sqlite3_result_error_nomem(ctx);
+    return;
+  }
+  flgs = SQLITE_PTR_TO_INT(sqlite3_user_data(ctx));
+  if( flgs & JSON_BLOB ){
+    if( p->nBlobAlloc>0 && !p->bReadOnly ){
+      sqlite3_result_blob(ctx, p->aBlob, p->nBlob, SQLITE_DYNAMIC);
+      p->nBlobAlloc = 0;
+    }else{
+      sqlite3_result_blob(ctx, p->aBlob, p->nBlob, SQLITE_TRANSIENT);
     }
+  }else{
+    JsonString s;
+    jsonStringInit(&s, ctx);
+    p->delta = 0;
+    jsonTranslateBlobToText(p, 0, &s);
+    jsonReturnString(&s, p, ctx);
+    sqlite3_result_subtype(ctx, JSON_SUBTYPE);
   }
 }
 
-
 /****************************************************************************
 ** SQL functions used for testing and debugging
 ****************************************************************************/
 
 #if SQLITE_DEBUG
 /*
-** Print N node entries.
-*/
-static void jsonDebugPrintNodeEntries(
-  JsonNode *aNode,  /* First node entry to print */
-  int N             /* Number of node entries to print */
-){
-  int i;
-  for(i=0; iaBlob[iStart] & 0x0f;
+    u32 savedNBlob = pParse->nBlob;
+    sqlite3_str_appendf(pOut, "%5d:%*s", iStart, nIndent, "");
+    if( pParse->nBlobAlloc>pParse->nBlob ){
+      pParse->nBlob = pParse->nBlobAlloc;
+    }
+    nn = n = jsonbPayloadSize(pParse, iStart, &sz);
+    if( nn==0 ) nn = 1;
+    if( sz>0 && xaBlob[iStart+i]);
     }
-    printf("node %4u: %-7s n=%-5d", i, zType, aNode[i].n);
-    if( (aNode[i].jnFlags & ~JNODE_LABEL)!=0 ){
-      u8 f = aNode[i].jnFlags;
-      if( f & JNODE_RAW )     printf(" RAW");
-      if( f & JNODE_ESCAPE )  printf(" ESCAPE");
-      if( f & JNODE_REMOVE )  printf(" REMOVE");
-      if( f & JNODE_REPLACE ) printf(" REPLACE");
-      if( f & JNODE_APPEND )  printf(" APPEND");
-      if( f & JNODE_JSON5 )   printf(" JSON5");
+    if( n==0 ){
+      sqlite3_str_appendf(pOut, "   ERROR invalid node size\n");
+      iStart = n==0 ? iStart+1 : iEnd;
+      continue;
     }
-    switch( aNode[i].eU ){
-      case 1:  printf(" zJContent=[%.*s]\n",
-                      aNode[i].n, aNode[i].u.zJContent);           break;
-      case 2:  printf(" iAppend=%u\n", aNode[i].u.iAppend);        break;
-      case 3:  printf(" iKey=%u\n", aNode[i].u.iKey);              break;
-      case 4:  printf(" iPrev=%u\n", aNode[i].u.iPrev);            break;
-      default: printf("\n");
+    pParse->nBlob = savedNBlob;
+    if( iStart+n+sz>iEnd ){
+      iEnd = iStart+n+sz;
+      if( iEnd>pParse->nBlob ){
+        if( pParse->nBlobAlloc>0 && iEnd>pParse->nBlobAlloc ){
+          iEnd = pParse->nBlobAlloc;
+        }else{
+          iEnd = pParse->nBlob;
+        }
+      }
     }
+    sqlite3_str_appendall(pOut,"  <-- ");
+    switch( x ){
+      case JSONB_NULL:     sqlite3_str_appendall(pOut,"null"); break;
+      case JSONB_TRUE:     sqlite3_str_appendall(pOut,"true"); break;
+      case JSONB_FALSE:    sqlite3_str_appendall(pOut,"false"); break;
+      case JSONB_INT:      sqlite3_str_appendall(pOut,"int"); break;
+      case JSONB_INT5:     sqlite3_str_appendall(pOut,"int5"); break;
+      case JSONB_FLOAT:    sqlite3_str_appendall(pOut,"float"); break;
+      case JSONB_FLOAT5:   sqlite3_str_appendall(pOut,"float5"); break;
+      case JSONB_TEXT:     sqlite3_str_appendall(pOut,"text"); break;
+      case JSONB_TEXTJ:    sqlite3_str_appendall(pOut,"textj"); break;
+      case JSONB_TEXT5:    sqlite3_str_appendall(pOut,"text5"); break;
+      case JSONB_TEXTRAW:  sqlite3_str_appendall(pOut,"textraw"); break;
+      case JSONB_ARRAY: {
+        sqlite3_str_appendf(pOut,"array, %u bytes\n", sz);
+        jsonDebugPrintBlob(pParse, iStart+n, iStart+n+sz, nIndent+2, pOut);
+        showContent = 0;
+        break;
+      }
+      case JSONB_OBJECT: {
+        sqlite3_str_appendf(pOut, "object, %u bytes\n", sz);
+        jsonDebugPrintBlob(pParse, iStart+n, iStart+n+sz, nIndent+2, pOut);
+        showContent = 0;
+        break;
+      }
+      default: {
+        sqlite3_str_appendall(pOut, "ERROR: unknown node type\n");
+        showContent = 0;
+        break;
+      }
+    }
+    if( showContent ){
+      if( sz==0 && x<=JSONB_FALSE ){
+        sqlite3_str_append(pOut, "\n", 1);
+      }else{
+        u32 i;
+        sqlite3_str_appendall(pOut, ": \"");
+        for(i=iStart+n; iaBlob[i];
+          if( c<0x20 || c>=0x7f ) c = '.';
+          sqlite3_str_append(pOut, (char*)&c, 1);
+        }
+        sqlite3_str_append(pOut, "\"\n", 2);
+      }
+    }
+    iStart += n + sz;
   }
 }
-#endif /* SQLITE_DEBUG */
-
-
-#if 0  /* 1 for debugging.  0 normally.  Requires -DSQLITE_DEBUG too */
-static void jsonDebugPrintParse(JsonParse *p){
-  jsonDebugPrintNodeEntries(p->aNode, p->nNode);
-}
-static void jsonDebugPrintNode(JsonNode *pNode){
-  jsonDebugPrintNodeEntries(pNode, jsonNodeSize(pNode));
+static void jsonShowParse(JsonParse *pParse){
+  sqlite3_str out;
+  char zBuf[1000];
+  if( pParse==0 ){
+    printf("NULL pointer\n");
+    return;
+  }else{
+    printf("nBlobAlloc = %u\n", pParse->nBlobAlloc);
+    printf("nBlob = %u\n", pParse->nBlob);
+    printf("delta = %d\n", pParse->delta);
+    if( pParse->nBlob==0 ) return;
+    printf("content (bytes 0..%u):\n", pParse->nBlob-1);
+  }
+  sqlite3StrAccumInit(&out, 0, zBuf, sizeof(zBuf), 1000000);
+  jsonDebugPrintBlob(pParse, 0, pParse->nBlob, 0, &out);
+  printf("%s", sqlite3_str_value(&out));
+  sqlite3_str_reset(&out);
 }
-#else
-   /* The usual case */
-# define jsonDebugPrintNode(X)
-# define jsonDebugPrintParse(X)
-#endif
+#endif /* SQLITE_DEBUG */
 
 #ifdef SQLITE_DEBUG
 /*
 ** SQL function:   json_parse(JSON)
 **
-** Parse JSON using jsonParseCached().  Then print a dump of that
-** parse on standard output.  Return the mimified JSON result, just
-** like the json() function.
+** Parse JSON using jsonParseFuncArg().  Return text that is a
+** human-readable dump of the binary JSONB for the input parameter.
 */
 static void jsonParseFunc(
   sqlite3_context *ctx,
@@ -204934,38 +206671,19 @@ static void jsonParseFunc(
   sqlite3_value **argv
 ){
   JsonParse *p;        /* The parse */
+  sqlite3_str out;
 
-  assert( argc==1 );
-  p = jsonParseCached(ctx, argv[0], ctx, 0);
+  assert( argc>=1 );
+  sqlite3StrAccumInit(&out, 0, 0, 0, 1000000);
+  p = jsonParseFuncArg(ctx, argv[0], 0);
   if( p==0 ) return;
-  printf("nNode     = %u\n", p->nNode);
-  printf("nAlloc    = %u\n", p->nAlloc);
-  printf("nJson     = %d\n", p->nJson);
-  printf("nAlt      = %d\n", p->nAlt);
-  printf("nErr      = %u\n", p->nErr);
-  printf("oom       = %u\n", p->oom);
-  printf("hasNonstd = %u\n", p->hasNonstd);
-  printf("useMod    = %u\n", p->useMod);
-  printf("hasMod    = %u\n", p->hasMod);
-  printf("nJPRef    = %u\n", p->nJPRef);
-  printf("iSubst    = %u\n", p->iSubst);
-  printf("iHold     = %u\n", p->iHold);
-  jsonDebugPrintNodeEntries(p->aNode, p->nNode);
-  jsonReturnJson(p, p->aNode, ctx, 1);
-}
-
-/*
-** The json_test1(JSON) function return true (1) if the input is JSON
-** text generated by another json function.  It returns (0) if the input
-** is not known to be JSON.
-*/
-static void jsonTest1Func(
-  sqlite3_context *ctx,
-  int argc,
-  sqlite3_value **argv
-){
-  UNUSED_PARAMETER(argc);
-  sqlite3_result_int(ctx, sqlite3_value_subtype(argv[0])==JSON_SUBTYPE);
+  if( argc==1 ){
+    jsonDebugPrintBlob(p, 0, p->nBlob, 0, &out);
+    sqlite3_result_text64(ctx, out.zText, out.nChar, SQLITE_DYNAMIC, SQLITE_UTF8);
+  }else{
+    jsonShowParse(p);
+  }
+  jsonParseFree(p);
 }
 #endif /* SQLITE_DEBUG */
 
@@ -204974,7 +206692,7 @@ static void jsonTest1Func(
 ****************************************************************************/
 
 /*
-** Implementation of the json_QUOTE(VALUE) function.  Return a JSON value
+** Implementation of the json_quote(VALUE) function.  Return a JSON value
 ** corresponding to the SQL value input.  Mostly this means putting
 ** double-quotes around strings and returning the unquoted string "null"
 ** when given a NULL input.
@@ -204987,9 +206705,9 @@ static void jsonQuoteFunc(
   JsonString jx;
   UNUSED_PARAMETER(argc);
 
-  jsonInit(&jx, ctx);
-  jsonAppendValue(&jx, argv[0]);
-  jsonResult(&jx);
+  jsonStringInit(&jx, ctx);
+  jsonAppendSqlValue(&jx, argv[0]);
+  jsonReturnString(&jx, 0, 0);
   sqlite3_result_subtype(ctx, JSON_SUBTYPE);
 }
 
@@ -205006,18 +206724,17 @@ static void jsonArrayFunc(
   int i;
   JsonString jx;
 
-  jsonInit(&jx, ctx);
+  jsonStringInit(&jx, ctx);
   jsonAppendChar(&jx, '[');
   for(i=0; inNode );
   if( argc==2 ){
     const char *zPath = (const char*)sqlite3_value_text(argv[1]);
-    pNode = jsonLookup(p, zPath, 0, ctx);
-  }else{
-    pNode = p->aNode;
-  }
-  if( pNode==0 ){
-    return;
-  }
-  if( pNode->eType==JSON_ARRAY ){
-    while( 1 /*exit-by-break*/ ){
-      i = 1;
-      while( i<=pNode->n ){
-        if( (pNode[i].jnFlags & JNODE_REMOVE)==0 ) n++;
-        i += jsonNodeSize(&pNode[i]);
+    if( zPath==0 ){
+      jsonParseFree(p);
+      return;
+    }
+    i = jsonLookupStep(p, 0, zPath[0]=='$' ? zPath+1 : "@", 0);
+    if( JSON_LOOKUP_ISERROR(i) ){
+      if( i==JSON_LOOKUP_NOTFOUND ){
+        /* no-op */
+      }else if( i==JSON_LOOKUP_PATHERROR ){
+        jsonBadPathError(ctx, zPath);
+      }else{
+        sqlite3_result_error(ctx, "malformed JSON", -1);
       }
-      if( (pNode->jnFlags & JNODE_APPEND)==0 ) break;
-      if( p->useMod==0 ) break;
-      assert( pNode->eU==2 );
-      pNode = &p->aNode[pNode->u.iAppend];
+      eErr = 1;
+      i = 0;
     }
+  }else{
+    i = 0;
+  }
+  if( (p->aBlob[i] & 0x0f)==JSONB_ARRAY ){
+    cnt = jsonbArrayCount(p, i);
   }
-  sqlite3_result_int64(ctx, n);
+  if( !eErr ) sqlite3_result_int64(ctx, cnt);
+  jsonParseFree(p);
 }
 
-/*
-** Bit values for the flags passed into jsonExtractFunc() or
-** jsonSetFunc() via the user-data value.
-*/
-#define JSON_JSON      0x01        /* Result is always JSON */
-#define JSON_SQL       0x02        /* Result is always SQL */
-#define JSON_ABPATH    0x03        /* Allow abbreviated JSON path specs */
-#define JSON_ISSET     0x04        /* json_set(), not json_insert() */
+/* True if the string is all digits */
+static int jsonAllDigits(const char *z, int n){
+  int i;
+  for(i=0; i2 ){
+    jsonAppendChar(&jx, '[');
+  }
+  for(i=1; i and ->> operators accept abbreviated PATH arguments.  This
-        ** is mostly for compatibility with PostgreSQL, but also for
-        ** convenience.
-        **
-        **     NUMBER   ==>  $[NUMBER]     // PG compatible
-        **     LABEL    ==>  $.LABEL       // PG compatible
-        **     [NUMBER] ==>  $[NUMBER]     // Not PG.  Purely for convenience
-        */
-        jsonInit(&jx, ctx);
-        if( sqlite3Isdigit(zPath[0]) ){
-          jsonAppendRawNZ(&jx, "$[", 2);
-          jsonAppendRaw(&jx, zPath, (int)strlen(zPath));
-          jsonAppendRawNZ(&jx, "]", 2);
-        }else{
-          jsonAppendRawNZ(&jx, "$.", 1 + (zPath[0]!='['));
-          jsonAppendRaw(&jx, zPath, (int)strlen(zPath));
-          jsonAppendChar(&jx, 0);
-        }
-        pNode = jx.bErr ? 0 : jsonLookup(p, jx.zBuf, 0, ctx);
-        jsonReset(&jx);
+    const char *zPath = (const char*)sqlite3_value_text(argv[i]);
+    int nPath;
+    u32 j;
+    if( zPath==0 ) goto json_extract_error;
+    nPath = sqlite3Strlen30(zPath);
+    if( zPath[0]=='$' ){
+      j = jsonLookupStep(p, 0, zPath+1, 0);
+    }else if( (flags & JSON_ABPATH) ){
+      /* The -> and ->> operators accept abbreviated PATH arguments.  This
+      ** is mostly for compatibility with PostgreSQL, but also for
+      ** convenience.
+      **
+      **     NUMBER   ==>  $[NUMBER]     // PG compatible
+      **     LABEL    ==>  $.LABEL       // PG compatible
+      **     [NUMBER] ==>  $[NUMBER]     // Not PG.  Purely for convenience
+      */
+      jsonStringInit(&jx, ctx);
+      if( jsonAllDigits(zPath, nPath) ){
+        jsonAppendRawNZ(&jx, "[", 1);
+        jsonAppendRaw(&jx, zPath, nPath);
+        jsonAppendRawNZ(&jx, "]", 2);
+      }else if( jsonAllAlphanum(zPath, nPath) ){
+        jsonAppendRawNZ(&jx, ".", 1);
+        jsonAppendRaw(&jx, zPath, nPath);
+      }else if( zPath[0]=='[' && nPath>=3 && zPath[nPath-1]==']' ){
+        jsonAppendRaw(&jx, zPath, nPath);
       }else{
-        pNode = jsonLookup(p, zPath, 0, ctx);
+        jsonAppendRawNZ(&jx, ".\"", 2);
+        jsonAppendRaw(&jx, zPath, nPath);
+        jsonAppendRawNZ(&jx, "\"", 1);
       }
-      if( pNode ){
+      jsonStringTerminate(&jx);
+      j = jsonLookupStep(p, 0, jx.zBuf, 0);
+      jsonStringReset(&jx);
+    }else{
+      jsonBadPathError(ctx, zPath);
+      goto json_extract_error;
+    }
+    if( jnBlob ){
+      if( argc==2 ){
         if( flags & JSON_JSON ){
-          jsonReturnJson(p, pNode, ctx, 0);
+          jsonStringInit(&jx, ctx);
+          jsonTranslateBlobToText(p, j, &jx);
+          jsonReturnString(&jx, 0, 0);
+          jsonStringReset(&jx);
+          assert( (flags & JSON_BLOB)==0 );
+          sqlite3_result_subtype(ctx, JSON_SUBTYPE);
         }else{
-          jsonReturn(p, pNode, ctx);
-          sqlite3_result_subtype(ctx, 0);
+          jsonReturnFromBlob(p, j, ctx, 0);
+          if( (flags & (JSON_SQL|JSON_BLOB))==0
+           && (p->aBlob[j]&0x0f)>=JSONB_ARRAY
+          ){
+            sqlite3_result_subtype(ctx, JSON_SUBTYPE);
+          }
         }
+      }else{
+        jsonAppendSeparator(&jx);
+        jsonTranslateBlobToText(p, j, &jx);
       }
-    }else{
-      pNode = jsonLookup(p, zPath, 0, ctx);
-      if( p->nErr==0 && pNode ) jsonReturn(p, pNode, ctx);
-    }
-  }else{
-    /* Two or more PATH arguments results in a JSON array with each
-    ** element of the array being the value selected by one of the PATHs */
-    int i;
-    jsonInit(&jx, ctx);
-    jsonAppendChar(&jx, '[');
-    for(i=1; inErr ) break;
-      jsonAppendSeparator(&jx);
-      if( pNode ){
-        jsonRenderNode(p, pNode, &jx);
+    }else if( j==JSON_LOOKUP_NOTFOUND ){
+      if( argc==2 ){
+        goto json_extract_error;  /* Return NULL if not found */
       }else{
+        jsonAppendSeparator(&jx);
         jsonAppendRawNZ(&jx, "null", 4);
       }
+    }else if( j==JSON_LOOKUP_ERROR ){
+      sqlite3_result_error(ctx, "malformed JSON", -1);
+      goto json_extract_error;
+    }else{
+      jsonBadPathError(ctx, zPath);
+      goto json_extract_error;
     }
-    if( i==argc ){
-      jsonAppendChar(&jx, ']');
-      jsonResult(&jx);
+  }
+  if( argc>2 ){
+    jsonAppendChar(&jx, ']');
+    jsonReturnString(&jx, 0, 0);
+    if( (flags & JSON_BLOB)==0 ){
       sqlite3_result_subtype(ctx, JSON_SUBTYPE);
     }
-    jsonReset(&jx);
   }
+json_extract_error:
+  jsonStringReset(&jx);
+  jsonParseFree(p);
+  return;
 }
 
-/* This is the RFC 7396 MergePatch algorithm.
-*/
-static JsonNode *jsonMergePatch(
-  JsonParse *pParse,   /* The JSON parser that contains the TARGET */
-  u32 iTarget,         /* Node of the TARGET in pParse */
-  JsonNode *pPatch     /* The PATCH */
-){
-  u32 i, j;
-  u32 iRoot;
-  JsonNode *pTarget;
-  if( pPatch->eType!=JSON_OBJECT ){
-    return pPatch;
-  }
-  assert( iTargetnNode );
-  pTarget = &pParse->aNode[iTarget];
-  assert( (pPatch->jnFlags & JNODE_APPEND)==0 );
-  if( pTarget->eType!=JSON_OBJECT ){
-    jsonRemoveAllNulls(pPatch);
-    return pPatch;
-  }
-  iRoot = iTarget;
-  for(i=1; in; i += jsonNodeSize(&pPatch[i+1])+1){
-    u32 nKey;
-    const char *zKey;
-    assert( pPatch[i].eType==JSON_STRING );
-    assert( pPatch[i].jnFlags & JNODE_LABEL );
-    assert( pPatch[i].eU==1 );
-    nKey = pPatch[i].n;
-    zKey = pPatch[i].u.zJContent;
-    for(j=1; jn; j += jsonNodeSize(&pTarget[j+1])+1 ){
-      assert( pTarget[j].eType==JSON_STRING );
-      assert( pTarget[j].jnFlags & JNODE_LABEL );
-      if( jsonSameLabel(&pPatch[i], &pTarget[j]) ){
-        if( pTarget[j+1].jnFlags & (JNODE_REMOVE|JNODE_REPLACE) ) break;
-        if( pPatch[i+1].eType==JSON_NULL ){
-          pTarget[j+1].jnFlags |= JNODE_REMOVE;
-        }else{
-          JsonNode *pNew = jsonMergePatch(pParse, iTarget+j+1, &pPatch[i+1]);
-          if( pNew==0 ) return 0;
-          if( pNew!=&pParse->aNode[iTarget+j+1] ){
-            jsonParseAddSubstNode(pParse, iTarget+j+1);
-            jsonParseAddNodeArray(pParse, pNew, jsonNodeSize(pNew));
-          }
-          pTarget = &pParse->aNode[iTarget];
-        }
-        break;
+/*
+** Return codes for jsonMergePatch()
+*/
+#define JSON_MERGE_OK          0     /* Success */
+#define JSON_MERGE_BADTARGET   1     /* Malformed TARGET blob */
+#define JSON_MERGE_BADPATCH    2     /* Malformed PATCH blob */
+#define JSON_MERGE_OOM         3     /* Out-of-memory condition */
+
+/*
+** RFC-7396 MergePatch for two JSONB blobs.
+**
+** pTarget is the target. pPatch is the patch.  The target is updated
+** in place.  The patch is read-only.
+**
+** The original RFC-7396 algorithm is this:
+**
+**   define MergePatch(Target, Patch):
+**     if Patch is an Object:
+**       if Target is not an Object:
+**         Target = {} # Ignore the contents and set it to an empty Object
+**     for each Name/Value pair in Patch:
+**         if Value is null:
+**           if Name exists in Target:
+**             remove the Name/Value pair from Target
+**         else:
+**           Target[Name] = MergePatch(Target[Name], Value)
+**       return Target
+**     else:
+**       return Patch
+**
+** Here is an equivalent algorithm restructured to show the actual
+** implementation:
+**
+** 01   define MergePatch(Target, Patch):
+** 02      if Patch is not an Object:
+** 03         return Patch
+** 04      else: // if Patch is an Object
+** 05         if Target is not an Object:
+** 06            Target = {}
+** 07      for each Name/Value pair in Patch:
+** 08         if Name exists in Target:
+** 09            if Value is null:
+** 10               remove the Name/Value pair from Target
+** 11            else
+** 12               Target[name] = MergePatch(Target[Name], Value)
+** 13         else if Value is not NULL:
+** 14            if Value is not an Object:
+** 15               Target[name] = Value
+** 16            else:
+** 17               Target[name] = MergePatch('{}',value)
+** 18      return Target
+**  |
+**  ^---- Line numbers referenced in comments in the implementation
+*/
+static int jsonMergePatch(
+  JsonParse *pTarget,      /* The JSON parser that contains the TARGET */
+  u32 iTarget,             /* Index of TARGET in pTarget->aBlob[] */
+  const JsonParse *pPatch, /* The PATCH */
+  u32 iPatch               /* Index of PATCH in pPatch->aBlob[] */
+){
+  u8 x;             /* Type of a single node */
+  u32 n, sz=0;      /* Return values from jsonbPayloadSize() */
+  u32 iTCursor;     /* Cursor position while scanning the target object */
+  u32 iTStart;      /* First label in the target object */
+  u32 iTEndBE;      /* Original first byte past end of target, before edit */
+  u32 iTEnd;        /* Current first byte past end of target */
+  u8 eTLabel;       /* Node type of the target label */
+  u32 iTLabel = 0;  /* Index of the label */
+  u32 nTLabel = 0;  /* Header size in bytes for the target label */
+  u32 szTLabel = 0; /* Size of the target label payload */
+  u32 iTValue = 0;  /* Index of the target value */
+  u32 nTValue = 0;  /* Header size of the target value */
+  u32 szTValue = 0; /* Payload size for the target value */
+
+  u32 iPCursor;     /* Cursor position while scanning the patch */
+  u32 iPEnd;        /* First byte past the end of the patch */
+  u8 ePLabel;       /* Node type of the patch label */
+  u32 iPLabel;      /* Start of patch label */
+  u32 nPLabel;      /* Size of header on the patch label */
+  u32 szPLabel;     /* Payload size of the patch label */
+  u32 iPValue;      /* Start of patch value */
+  u32 nPValue;      /* Header size for the patch value */
+  u32 szPValue;     /* Payload size of the patch value */
+
+  assert( iTarget>=0 && iTargetnBlob );
+  assert( iPatch>=0 && iPatchnBlob );
+  x = pPatch->aBlob[iPatch] & 0x0f;
+  if( x!=JSONB_OBJECT ){  /* Algorithm line 02 */
+    u32 szPatch;        /* Total size of the patch, header+payload */
+    u32 szTarget;       /* Total size of the target, header+payload */
+    n = jsonbPayloadSize(pPatch, iPatch, &sz);
+    szPatch = n+sz;
+    sz = 0;
+    n = jsonbPayloadSize(pTarget, iTarget, &sz);
+    szTarget = n+sz;
+    jsonBlobEdit(pTarget, iTarget, szTarget, pPatch->aBlob+iPatch, szPatch);
+    return pTarget->oom ? JSON_MERGE_OOM : JSON_MERGE_OK;  /* Line 03 */
+  }
+  x = pTarget->aBlob[iTarget] & 0x0f;
+  if( x!=JSONB_OBJECT ){  /* Algorithm line 05 */
+    n = jsonbPayloadSize(pTarget, iTarget, &sz);
+    jsonBlobEdit(pTarget, iTarget+n, sz, 0, 0);
+    x = pTarget->aBlob[iTarget];
+    pTarget->aBlob[iTarget] = (x & 0xf0) | JSONB_OBJECT;
+  }
+  n = jsonbPayloadSize(pPatch, iPatch, &sz);
+  if( NEVER(n==0) ) return JSON_MERGE_BADPATCH;
+  iPCursor = iPatch+n;
+  iPEnd = iPCursor+sz;
+  n = jsonbPayloadSize(pTarget, iTarget, &sz);
+  if( NEVER(n==0) ) return JSON_MERGE_BADTARGET;
+  iTStart = iTarget+n;
+  iTEndBE = iTStart+sz;
+
+  while( iPCursoraBlob[iPCursor] & 0x0f;
+    if( ePLabelJSONB_TEXTRAW ){
+      return JSON_MERGE_BADPATCH;
+    }
+    nPLabel = jsonbPayloadSize(pPatch, iPCursor, &szPLabel);
+    if( nPLabel==0 ) return JSON_MERGE_BADPATCH;
+    iPValue = iPCursor + nPLabel + szPLabel;
+    if( iPValue>=iPEnd ) return JSON_MERGE_BADPATCH;
+    nPValue = jsonbPayloadSize(pPatch, iPValue, &szPValue);
+    if( nPValue==0 ) return JSON_MERGE_BADPATCH;
+    iPCursor = iPValue + nPValue + szPValue;
+    if( iPCursor>iPEnd ) return JSON_MERGE_BADPATCH;
+
+    iTCursor = iTStart;
+    iTEnd = iTEndBE + pTarget->delta;
+    while( iTCursoraBlob[iTCursor] & 0x0f;
+      if( eTLabelJSONB_TEXTRAW ){
+        return JSON_MERGE_BADTARGET;
+      }
+      nTLabel = jsonbPayloadSize(pTarget, iTCursor, &szTLabel);
+      if( nTLabel==0 ) return JSON_MERGE_BADTARGET;
+      iTValue = iTLabel + nTLabel + szTLabel;
+      if( iTValue>=iTEnd ) return JSON_MERGE_BADTARGET;
+      nTValue = jsonbPayloadSize(pTarget, iTValue, &szTValue);
+      if( nTValue==0 ) return JSON_MERGE_BADTARGET;
+      if( iTValue + nTValue + szTValue > iTEnd ) return JSON_MERGE_BADTARGET;
+      isEqual = jsonLabelCompare(
+                   (const char*)&pPatch->aBlob[iPLabel+nPLabel],
+                   szPLabel,
+                   (ePLabel==JSONB_TEXT || ePLabel==JSONB_TEXTRAW),
+                   (const char*)&pTarget->aBlob[iTLabel+nTLabel],
+                   szTLabel,
+                   (eTLabel==JSONB_TEXT || eTLabel==JSONB_TEXTRAW));
+      if( isEqual ) break;
+      iTCursor = iTValue + nTValue + szTValue;
+    }
+    x = pPatch->aBlob[iPValue] & 0x0f;
+    if( iTCursoroom) ) return JSON_MERGE_OOM;
+      }else{
+        /* Algorithm line 12 */
+        int rc, savedDelta = pTarget->delta;
+        pTarget->delta = 0;
+        rc = jsonMergePatch(pTarget, iTValue, pPatch, iPValue);
+        if( rc ) return rc;
+        pTarget->delta += savedDelta;
+      }
+    }else if( x>0 ){  /* Algorithm line 13 */
+      /* No match and patch value is not NULL */
+      u32 szNew = szPLabel+nPLabel;
+      if( (pPatch->aBlob[iPValue] & 0x0f)!=JSONB_OBJECT ){  /* Line 14 */
+        jsonBlobEdit(pTarget, iTEnd, 0, 0, szPValue+nPValue+szNew);
+        if( pTarget->oom ) return JSON_MERGE_OOM;
+        memcpy(&pTarget->aBlob[iTEnd], &pPatch->aBlob[iPLabel], szNew);
+        memcpy(&pTarget->aBlob[iTEnd+szNew],
+               &pPatch->aBlob[iPValue], szPValue+nPValue);
+      }else{
+        int rc, savedDelta;
+        jsonBlobEdit(pTarget, iTEnd, 0, 0, szNew+1);
+        if( pTarget->oom ) return JSON_MERGE_OOM;
+        memcpy(&pTarget->aBlob[iTEnd], &pPatch->aBlob[iPLabel], szNew);
+        pTarget->aBlob[iTEnd+szNew] = 0x00;
+        savedDelta = pTarget->delta;
+        pTarget->delta = 0;
+        rc = jsonMergePatch(pTarget, iTEnd+szNew,pPatch,iPValue);
+        if( rc ) return rc;
+        pTarget->delta += savedDelta;
       }
     }
-    if( j>=pTarget->n && pPatch[i+1].eType!=JSON_NULL ){
-      int iStart;
-      JsonNode *pApnd;
-      u32 nApnd;
-      iStart = jsonParseAddNode(pParse, JSON_OBJECT, 0, 0);
-      jsonParseAddNode(pParse, JSON_STRING, nKey, zKey);
-      pApnd = &pPatch[i+1];
-      if( pApnd->eType==JSON_OBJECT ) jsonRemoveAllNulls(pApnd);
-      nApnd = jsonNodeSize(pApnd);
-      jsonParseAddNodeArray(pParse, pApnd, jsonNodeSize(pApnd));
-      if( pParse->oom ) return 0;
-      pParse->aNode[iStart].n = 1+nApnd;
-      pParse->aNode[iRoot].jnFlags |= JNODE_APPEND;
-      pParse->aNode[iRoot].u.iAppend = iStart;
-      VVA( pParse->aNode[iRoot].eU = 2 );
-      iRoot = iStart;
-      pTarget = &pParse->aNode[iTarget];
-    }
   }
-  return pTarget;
+  if( pTarget->delta ) jsonAfterEditSizeAdjust(pTarget, iTarget);
+  return pTarget->oom ? JSON_MERGE_OOM : JSON_MERGE_OK;
 }
 
+
 /*
 ** Implementation of the json_mergepatch(JSON1,JSON2) function.  Return a JSON
 ** object that is the result of running the RFC 7396 MergePatch() algorithm
@@ -205253,28 +207132,27 @@ static void jsonPatchFunc(
   int argc,
   sqlite3_value **argv
 ){
-  JsonParse *pX;     /* The JSON that is being patched */
-  JsonParse *pY;     /* The patch */
-  JsonNode *pResult;   /* The result of the merge */
+  JsonParse *pTarget;    /* The TARGET */
+  JsonParse *pPatch;     /* The PATCH */
+  int rc;                /* Result code */
 
   UNUSED_PARAMETER(argc);
-  pX = jsonParseCached(ctx, argv[0], ctx, 1);
-  if( pX==0 ) return;
-  assert( pX->hasMod==0 );
-  pX->hasMod = 1;
-  pY = jsonParseCached(ctx, argv[1], ctx, 1);
-  if( pY==0 ) return;
-  pX->useMod = 1;
-  pY->useMod = 1;
-  pResult = jsonMergePatch(pX, 0, pY->aNode);
-  assert( pResult!=0 || pX->oom );
-  if( pResult && pX->oom==0 ){
-    jsonDebugPrintParse(pX);
-    jsonDebugPrintNode(pResult);
-    jsonReturnJson(pX, pResult, ctx, 0);
-  }else{
-    sqlite3_result_error_nomem(ctx);
+  assert( argc==2 );
+  pTarget = jsonParseFuncArg(ctx, argv[0], JSON_EDITABLE);
+  if( pTarget==0 ) return;
+  pPatch = jsonParseFuncArg(ctx, argv[1], 0);
+  if( pPatch ){
+    rc = jsonMergePatch(pTarget, 0, pPatch, 0);
+    if( rc==JSON_MERGE_OK ){
+      jsonReturnParse(ctx, pTarget);
+    }else if( rc==JSON_MERGE_OOM ){
+      sqlite3_result_error_nomem(ctx);
+    }else{
+      sqlite3_result_error(ctx, "malformed JSON", -1);
+    }
+    jsonParseFree(pPatch);
   }
+  jsonParseFree(pTarget);
 }
 
 
@@ -205298,23 +207176,23 @@ static void jsonObjectFunc(
                                   "of arguments", -1);
     return;
   }
-  jsonInit(&jx, ctx);
+  jsonStringInit(&jx, ctx);
   jsonAppendChar(&jx, '{');
   for(i=0; i1);
-  if( pParse==0 ) return;
-  for(i=1; i<(u32)argc; i++){
+  p = jsonParseFuncArg(ctx, argv[0], argc>1 ? JSON_EDITABLE : 0);
+  if( p==0 ) return;
+  for(i=1; inErr ) goto remove_done;
-    if( pNode ){
-      pNode->jnFlags |= JNODE_REMOVE;
-      pParse->hasMod = 1;
-      pParse->useMod = 1;
-    }
-  }
-  if( (pParse->aNode[0].jnFlags & JNODE_REMOVE)==0 ){
-    jsonReturnJson(pParse, pParse->aNode, ctx, 1);
-  }
-remove_done:
-  jsonDebugPrintParse(p);
-}
-
-/*
-** Substitute the value at iNode with the pValue parameter.
-*/
-static void jsonReplaceNode(
-  sqlite3_context *pCtx,
-  JsonParse *p,
-  int iNode,
-  sqlite3_value *pValue
-){
-  int idx = jsonParseAddSubstNode(p, iNode);
-  if( idx<=0 ){
-    assert( p->oom );
-    return;
-  }
-  switch( sqlite3_value_type(pValue) ){
-    case SQLITE_NULL: {
-      jsonParseAddNode(p, JSON_NULL, 0, 0);
-      break;
-    }
-    case SQLITE_FLOAT: {
-      char *z = sqlite3_mprintf("%!0.15g", sqlite3_value_double(pValue));
-      int n;
-      if( z==0 ){
-        p->oom = 1;
-        break;
-      }
-      n = sqlite3Strlen30(z);
-      jsonParseAddNode(p, JSON_REAL, n, z);
-      jsonParseAddCleanup(p, sqlite3_free, z);
-      break;
-    }
-    case SQLITE_INTEGER: {
-      char *z = sqlite3_mprintf("%lld", sqlite3_value_int64(pValue));
-      int n;
-      if( z==0 ){
-        p->oom = 1;
-        break;
-      }
-      n = sqlite3Strlen30(z);
-      jsonParseAddNode(p, JSON_INT, n, z);
-      jsonParseAddCleanup(p, sqlite3_free, z);
-
-      break;
-    }
-    case SQLITE_TEXT: {
-      const char *z = (const char*)sqlite3_value_text(pValue);
-      u32 n = (u32)sqlite3_value_bytes(pValue);
-      if( z==0 ){
-         p->oom = 1;
-         break;
-      }
-      if( sqlite3_value_subtype(pValue)!=JSON_SUBTYPE ){
-        char *zCopy = sqlite3_malloc64( n+1 );
-        int k;
-        if( zCopy ){
-          memcpy(zCopy, z, n);
-          zCopy[n] = 0;
-          jsonParseAddCleanup(p, sqlite3_free, zCopy);
-        }else{
-          p->oom = 1;
-          sqlite3_result_error_nomem(pCtx);
-        }
-        k = jsonParseAddNode(p, JSON_STRING, n, zCopy);
-        assert( k>0 || p->oom );
-        if( p->oom==0 ) p->aNode[k].jnFlags |= JNODE_RAW;
+    if( zPath==0 ){
+      goto json_remove_done;
+    }
+    if( zPath[0]!='$' ){
+      goto json_remove_patherror;
+    }
+    if( zPath[1]==0 ){
+      /* json_remove(j,'$') returns NULL */
+      goto json_remove_done;
+    }
+    p->eEdit = JEDIT_DEL;
+    p->delta = 0;
+    rc = jsonLookupStep(p, 0, zPath+1, 0);
+    if( JSON_LOOKUP_ISERROR(rc) ){
+      if( rc==JSON_LOOKUP_NOTFOUND ){
+        continue;  /* No-op */
+      }else if( rc==JSON_LOOKUP_PATHERROR ){
+        jsonBadPathError(ctx, zPath);
       }else{
-        JsonParse *pPatch = jsonParseCached(pCtx, pValue, pCtx, 1);
-        if( pPatch==0 ){
-          p->oom = 1;
-          break;
-        }
-        jsonParseAddNodeArray(p, pPatch->aNode, pPatch->nNode);
-        /* The nodes copied out of pPatch and into p likely contain
-        ** u.zJContent pointers into pPatch->zJson.  So preserve the
-        ** content of pPatch until p is destroyed. */
-        assert( pPatch->nJPRef>=1 );
-        pPatch->nJPRef++;
-        jsonParseAddCleanup(p, (void(*)(void*))jsonParseFree, pPatch);
+        sqlite3_result_error(ctx, "malformed JSON", -1);
       }
-      break;
-    }
-    default: {
-      jsonParseAddNode(p, JSON_NULL, 0, 0);
-      sqlite3_result_error(pCtx, "JSON cannot hold BLOB values", -1);
-      p->nErr++;
-      break;
+      goto json_remove_done;
     }
   }
+  jsonReturnParse(ctx, p);
+  jsonParseFree(p);
+  return;
+
+json_remove_patherror:
+  jsonBadPathError(ctx, zPath);
+
+json_remove_done:
+  jsonParseFree(p);
+  return;
 }
 
 /*
@@ -205457,32 +207265,12 @@ static void jsonReplaceFunc(
   int argc,
   sqlite3_value **argv
 ){
-  JsonParse *pParse;          /* The parse */
-  JsonNode *pNode;
-  const char *zPath;
-  u32 i;
-
   if( argc<1 ) return;
   if( (argc&1)==0 ) {
     jsonWrongNumArgs(ctx, "replace");
     return;
   }
-  pParse = jsonParseCached(ctx, argv[0], ctx, argc>1);
-  if( pParse==0 ) return;
-  pParse->nJPRef++;
-  for(i=1; i<(u32)argc; i+=2){
-    zPath = (const char*)sqlite3_value_text(argv[i]);
-    pParse->useMod = 1;
-    pNode = jsonLookup(pParse, zPath, 0, ctx);
-    if( pParse->nErr ) goto replace_err;
-    if( pNode ){
-      jsonReplaceNode(ctx, pParse, (u32)(pNode - pParse->aNode), argv[i+1]);
-    }
-  }
-  jsonReturnJson(pParse, pParse->aNode, ctx, 1);
-replace_err:
-  jsonDebugPrintParse(pParse);
-  jsonParseFree(pParse);
+  jsonInsertIntoBlob(ctx, argc, argv, JEDIT_REPL);
 }
 
 
@@ -205503,39 +207291,16 @@ static void jsonSetFunc(
   int argc,
   sqlite3_value **argv
 ){
-  JsonParse *pParse;       /* The parse */
-  JsonNode *pNode;
-  const char *zPath;
-  u32 i;
-  int bApnd;
-  int bIsSet = sqlite3_user_data(ctx)!=0;
+
+  int flags = SQLITE_PTR_TO_INT(sqlite3_user_data(ctx));
+  int bIsSet = (flags&JSON_ISSET)!=0;
 
   if( argc<1 ) return;
   if( (argc&1)==0 ) {
     jsonWrongNumArgs(ctx, bIsSet ? "set" : "insert");
     return;
   }
-  pParse = jsonParseCached(ctx, argv[0], ctx, argc>1);
-  if( pParse==0 ) return;
-  pParse->nJPRef++;
-  for(i=1; i<(u32)argc; i+=2){
-    zPath = (const char*)sqlite3_value_text(argv[i]);
-    bApnd = 0;
-    pParse->useMod = 1;
-    pNode = jsonLookup(pParse, zPath, &bApnd, ctx);
-    if( pParse->oom ){
-      sqlite3_result_error_nomem(ctx);
-      goto jsonSetDone;
-    }else if( pParse->nErr ){
-      goto jsonSetDone;
-    }else if( pNode && (bApnd || bIsSet) ){
-      jsonReplaceNode(ctx, pParse, (u32)(pNode - pParse->aNode), argv[i+1]);
-    }
-  }
-  jsonDebugPrintParse(pParse);
-  jsonReturnJson(pParse, pParse->aNode, ctx, 1);
-jsonSetDone:
-  jsonParseFree(pParse);
+  jsonInsertIntoBlob(ctx, argc, argv, bIsSet ? JEDIT_SET : JEDIT_INS);
 }
 
 /*
@@ -205551,27 +207316,93 @@ static void jsonTypeFunc(
   sqlite3_value **argv
 ){
   JsonParse *p;          /* The parse */
-  const char *zPath;
-  JsonNode *pNode;
+  const char *zPath = 0;
+  u32 i;
 
-  p = jsonParseCached(ctx, argv[0], ctx, 0);
+  p = jsonParseFuncArg(ctx, argv[0], 0);
   if( p==0 ) return;
   if( argc==2 ){
     zPath = (const char*)sqlite3_value_text(argv[1]);
-    pNode = jsonLookup(p, zPath, 0, ctx);
+    if( zPath==0 ) goto json_type_done;
+    if( zPath[0]!='$' ){
+      jsonBadPathError(ctx, zPath);
+      goto json_type_done;
+    }
+    i = jsonLookupStep(p, 0, zPath+1, 0);
+    if( JSON_LOOKUP_ISERROR(i) ){
+      if( i==JSON_LOOKUP_NOTFOUND ){
+        /* no-op */
+      }else if( i==JSON_LOOKUP_PATHERROR ){
+        jsonBadPathError(ctx, zPath);
+      }else{
+        sqlite3_result_error(ctx, "malformed JSON", -1);
+      }
+      goto json_type_done;
+    }
   }else{
-    pNode = p->aNode;
-  }
-  if( pNode ){
-    sqlite3_result_text(ctx, jsonType[pNode->eType], -1, SQLITE_STATIC);
+    i = 0;
   }
+  sqlite3_result_text(ctx, jsonbType[p->aBlob[i]&0x0f], -1, SQLITE_STATIC);
+json_type_done:
+  jsonParseFree(p);
 }
 
 /*
 ** json_valid(JSON)
-**
-** Return 1 if JSON is a well-formed canonical JSON string according
-** to RFC-7159. Return 0 otherwise.
+** json_valid(JSON, FLAGS)
+**
+** Check the JSON argument to see if it is well-formed.  The FLAGS argument
+** encodes the various constraints on what is meant by "well-formed":
+**
+**     0x01      Canonical RFC-8259 JSON text
+**     0x02      JSON text with optional JSON-5 extensions
+**     0x04      Superficially appears to be JSONB
+**     0x08      Strictly well-formed JSONB
+**
+** If the FLAGS argument is omitted, it defaults to 1.  Useful values for
+** FLAGS include:
+**
+**    1          Strict canonical JSON text
+**    2          JSON text perhaps with JSON-5 extensions
+**    4          Superficially appears to be JSONB
+**    5          Canonical JSON text or superficial JSONB
+**    6          JSON-5 text or superficial JSONB
+**    8          Strict JSONB
+**    9          Canonical JSON text or strict JSONB
+**    10         JSON-5 text or strict JSONB
+**
+** Other flag combinations are redundant.  For example, every canonical
+** JSON text is also well-formed JSON-5 text, so FLAG values 2 and 3
+** are the same.  Similarly, any input that passes a strict JSONB validation
+** will also pass the superficial validation so 12 through 15 are the same
+** as 8 through 11 respectively.
+**
+** This routine runs in linear time to validate text and when doing strict
+** JSONB validation.  Superficial JSONB validation is constant time,
+** assuming the BLOB is already in memory.  The performance advantage
+** of superficial JSONB validation is why that option is provided.
+** Application developers can choose to do fast superficial validation or
+** slower strict validation, according to their specific needs.
+**
+** Only the lower four bits of the FLAGS argument are currently used.
+** Higher bits are reserved for future expansion.   To facilitate
+** compatibility, the current implementation raises an error if any bit
+** in FLAGS is set other than the lower four bits.
+**
+** The original circa 2015 implementation of the JSON routines in
+** SQLite only supported canonical RFC-8259 JSON text and the json_valid()
+** function only accepted one argument.  That is why the default value
+** for the FLAGS argument is 1, since FLAGS=1 causes this routine to only
+** recognize canonical RFC-8259 JSON text as valid.  The extra FLAGS
+** argument was added when the JSON routines were extended to support
+** JSON5-like extensions and binary JSONB stored in BLOBs.
+**
+** Return Values:
+**
+**   *   Raise an error if FLAGS is outside the range of 1 to 15.
+**   *   Return NULL if the input is NULL
+**   *   Return 1 if the input is well-formed.
+**   *   Return 0 if the input is not well-formed.
 */
 static void jsonValidFunc(
   sqlite3_context *ctx,
@@ -205579,79 +207410,125 @@ static void jsonValidFunc(
   sqlite3_value **argv
 ){
   JsonParse *p;          /* The parse */
-  UNUSED_PARAMETER(argc);
-  if( sqlite3_value_type(argv[0])==SQLITE_NULL ){
+  u8 flags = 1;
+  u8 res = 0;
+  if( argc==2 ){
+    i64 f = sqlite3_value_int64(argv[1]);
+    if( f<1 || f>15 ){
+      sqlite3_result_error(ctx, "FLAGS parameter to json_valid() must be"
+                                " between 1 and 15", -1);
+      return;
+    }
+    flags = f & 0x0f;
+  }
+  switch( sqlite3_value_type(argv[0]) ){
+    case SQLITE_NULL: {
 #ifdef SQLITE_LEGACY_JSON_VALID
-    /* Incorrect legacy behavior was to return FALSE for a NULL input */
-    sqlite3_result_int(ctx, 0);
+      /* Incorrect legacy behavior was to return FALSE for a NULL input */
+      sqlite3_result_int(ctx, 0);
 #endif
-    return;
-  }
-  p = jsonParseCached(ctx, argv[0], 0, 0);
-  if( p==0 || p->oom ){
-    sqlite3_result_error_nomem(ctx);
-    sqlite3_free(p);
-  }else{
-    sqlite3_result_int(ctx, p->nErr==0 && (p->hasNonstd==0 || p->useMod));
-    if( p->nErr ) jsonParseFree(p);
+      return;
+    }
+    case SQLITE_BLOB: {
+      if( (flags & 0x0c)!=0 && jsonFuncArgMightBeBinary(argv[0]) ){
+        if( flags & 0x04 ){
+          /* Superficial checking only - accomplished by the
+          ** jsonFuncArgMightBeBinary() call above. */
+          res = 1;
+        }else{
+          /* Strict checking.  Check by translating BLOB->TEXT->BLOB.  If
+          ** no errors occur, call that a "strict check". */
+          JsonParse px;
+          u32 iErr;
+          memset(&px, 0, sizeof(px));
+          px.aBlob = (u8*)sqlite3_value_blob(argv[0]);
+          px.nBlob = sqlite3_value_bytes(argv[0]);
+          iErr = jsonbValidityCheck(&px, 0, px.nBlob, 1);
+          res = iErr==0;
+        }
+      }
+      break;
+    }
+    default: {
+      JsonParse px;
+      if( (flags & 0x3)==0 ) break;
+      memset(&px, 0, sizeof(px));
+
+      p = jsonParseFuncArg(ctx, argv[0], JSON_KEEPERROR);
+      if( p ){
+        if( p->oom ){
+          sqlite3_result_error_nomem(ctx);
+        }else if( p->nErr ){
+          /* no-op */
+        }else if( (flags & 0x02)!=0 || p->hasNonstd==0 ){
+          res = 1;
+        }
+        jsonParseFree(p);
+      }else{
+        sqlite3_result_error_nomem(ctx);
+      }
+      break;
+    }
   }
+  sqlite3_result_int(ctx, res);
 }
 
 /*
 ** json_error_position(JSON)
 **
-** If the argument is not an interpretable JSON string, then return the 1-based
-** character position at which the parser first recognized that the input
-** was in error.  The left-most character is 1.  If the string is valid
-** JSON, then return 0.
-**
-** Note that json_valid() is only true for strictly conforming canonical JSON.
-** But this routine returns zero if the input contains extension.  Thus:
+** If the argument is NULL, return NULL
 **
-** (1) If the input X is strictly conforming canonical JSON:
+** If the argument is BLOB, do a full validity check and return non-zero
+** if the check fails.  The return value is the approximate 1-based offset
+** to the byte of the element that contains the first error.
 **
-**         json_valid(X) returns true
-**         json_error_position(X) returns 0
-**
-** (2) If the input X is JSON but it includes extension (such as JSON5) that
-**     are not part of RFC-8259:
-**
-**         json_valid(X) returns false
-**         json_error_position(X) return 0
-**
-** (3) If the input X cannot be interpreted as JSON even taking extensions
-**     into account:
-**
-**         json_valid(X) return false
-**         json_error_position(X) returns 1 or more
+** Otherwise interpret the argument is TEXT (even if it is numeric) and
+** return the 1-based character position for where the parser first recognized
+** that the input was not valid JSON, or return 0 if the input text looks
+** ok.  JSON-5 extensions are accepted.
 */
 static void jsonErrorFunc(
   sqlite3_context *ctx,
   int argc,
   sqlite3_value **argv
 ){
-  JsonParse *p;          /* The parse */
+  i64 iErrPos = 0;       /* Error position to be returned */
+  JsonParse s;
+
+  assert( argc==1 );
   UNUSED_PARAMETER(argc);
-  if( sqlite3_value_type(argv[0])==SQLITE_NULL ) return;
-  p = jsonParseCached(ctx, argv[0], 0, 0);
-  if( p==0 || p->oom ){
+  memset(&s, 0, sizeof(s));
+  s.db = sqlite3_context_db_handle(ctx);
+  if( jsonFuncArgMightBeBinary(argv[0]) ){
+    s.aBlob = (u8*)sqlite3_value_blob(argv[0]);
+    s.nBlob = sqlite3_value_bytes(argv[0]);
+    iErrPos = (i64)jsonbValidityCheck(&s, 0, s.nBlob, 1);
+  }else{
+    s.zJson = (char*)sqlite3_value_text(argv[0]);
+    if( s.zJson==0 ) return;  /* NULL input or OOM */
+    s.nJson = sqlite3_value_bytes(argv[0]);
+    if( jsonConvertTextToBlob(&s,0) ){
+      if( s.oom ){
+        iErrPos = -1;
+      }else{
+        /* Convert byte-offset s.iErr into a character offset */
+        u32 k;
+        assert( s.zJson!=0 );  /* Because s.oom is false */
+        for(k=0; knErr==0 ){
-    sqlite3_result_int(ctx, 0);
   }else{
-    int n = 1;
-    u32 i;
-    const char *z = (const char*)sqlite3_value_text(argv[0]);
-    for(i=0; iiErr && ALWAYS(z[i]); i++){
-      if( (z[i]&0xc0)!=0x80 ) n++;
-    }
-    sqlite3_result_int(ctx, n);
-    jsonParseFree(p);
+    sqlite3_result_int64(ctx, iErrPos);
   }
 }
 
-
 /****************************************************************************
 ** Aggregate SQL function implementations
 ****************************************************************************/
@@ -205670,24 +207547,34 @@ static void jsonArrayStep(
   pStr = (JsonString*)sqlite3_aggregate_context(ctx, sizeof(*pStr));
   if( pStr ){
     if( pStr->zBuf==0 ){
-      jsonInit(pStr, ctx);
+      jsonStringInit(pStr, ctx);
       jsonAppendChar(pStr, '[');
     }else if( pStr->nUsed>1 ){
       jsonAppendChar(pStr, ',');
     }
     pStr->pCtx = ctx;
-    jsonAppendValue(pStr, argv[0]);
+    jsonAppendSqlValue(pStr, argv[0]);
   }
 }
 static void jsonArrayCompute(sqlite3_context *ctx, int isFinal){
   JsonString *pStr;
   pStr = (JsonString*)sqlite3_aggregate_context(ctx, 0);
   if( pStr ){
+    int flags;
     pStr->pCtx = ctx;
     jsonAppendChar(pStr, ']');
-    if( pStr->bErr ){
-      if( pStr->bErr==1 ) sqlite3_result_error_nomem(ctx);
-      assert( pStr->bStatic );
+    flags = SQLITE_PTR_TO_INT(sqlite3_user_data(ctx));
+    if( pStr->eErr ){
+      jsonReturnString(pStr, 0, 0);
+      return;
+    }else if( flags & JSON_BLOB ){
+      jsonReturnStringAsBlob(pStr);
+      if( isFinal ){
+        if( !pStr->bStatic ) sqlite3RCStrUnref(pStr->zBuf);
+      }else{
+        pStr->nUsed--;
+      }
+      return;
     }else if( isFinal ){
       sqlite3_result_text(ctx, pStr->zBuf, (int)pStr->nUsed,
                           pStr->bStatic ? SQLITE_TRANSIENT :
@@ -205776,27 +207663,38 @@ static void jsonObjectStep(
   pStr = (JsonString*)sqlite3_aggregate_context(ctx, sizeof(*pStr));
   if( pStr ){
     if( pStr->zBuf==0 ){
-      jsonInit(pStr, ctx);
+      jsonStringInit(pStr, ctx);
       jsonAppendChar(pStr, '{');
     }else if( pStr->nUsed>1 ){
       jsonAppendChar(pStr, ',');
     }
     pStr->pCtx = ctx;
     z = (const char*)sqlite3_value_text(argv[0]);
-    n = (u32)sqlite3_value_bytes(argv[0]);
+    n = sqlite3Strlen30(z);
     jsonAppendString(pStr, z, n);
     jsonAppendChar(pStr, ':');
-    jsonAppendValue(pStr, argv[1]);
+    jsonAppendSqlValue(pStr, argv[1]);
   }
 }
 static void jsonObjectCompute(sqlite3_context *ctx, int isFinal){
   JsonString *pStr;
   pStr = (JsonString*)sqlite3_aggregate_context(ctx, 0);
   if( pStr ){
+    int flags;
     jsonAppendChar(pStr, '}');
-    if( pStr->bErr ){
-      if( pStr->bErr==1 ) sqlite3_result_error_nomem(ctx);
-      assert( pStr->bStatic );
+    pStr->pCtx = ctx;
+    flags = SQLITE_PTR_TO_INT(sqlite3_user_data(ctx));
+    if( pStr->eErr ){
+      jsonReturnString(pStr, 0, 0);
+      return;
+    }else if( flags & JSON_BLOB ){
+      jsonReturnStringAsBlob(pStr);
+      if( isFinal ){
+        if( !pStr->bStatic ) sqlite3RCStrUnref(pStr->zBuf);
+      }else{
+        pStr->nUsed--;
+      }
+      return;
     }else if( isFinal ){
       sqlite3_result_text(ctx, pStr->zBuf, (int)pStr->nUsed,
                           pStr->bStatic ? SQLITE_TRANSIENT :
@@ -205824,19 +207722,37 @@ static void jsonObjectFinal(sqlite3_context *ctx){
 /****************************************************************************
 ** The json_each virtual table
 ****************************************************************************/
+typedef struct JsonParent JsonParent;
+struct JsonParent {
+  u32 iHead;                 /* Start of object or array */
+  u32 iValue;                /* Start of the value */
+  u32 iEnd;                  /* First byte past the end */
+  u32 nPath;                 /* Length of path */
+  i64 iKey;                  /* Key for JSONB_ARRAY */
+};
+
 typedef struct JsonEachCursor JsonEachCursor;
 struct JsonEachCursor {
   sqlite3_vtab_cursor base;  /* Base class - must be first */
   u32 iRowid;                /* The rowid */
-  u32 iBegin;                /* The first node of the scan */
-  u32 i;                     /* Index in sParse.aNode[] of current row */
+  u32 i;                     /* Index in sParse.aBlob[] of current row */
   u32 iEnd;                  /* EOF when i equals or exceeds this value */
-  u8 eType;                  /* Type of top-level element */
+  u32 nRoot;                 /* Size of the root path in bytes */
+  u8 eType;                  /* Type of the container for element i */
   u8 bRecursive;             /* True for json_tree().  False for json_each() */
-  char *zJson;               /* Input JSON */
-  char *zRoot;               /* Path by which to filter zJson */
+  u32 nParent;               /* Current nesting depth */
+  u32 nParentAlloc;          /* Space allocated for aParent[] */
+  JsonParent *aParent;       /* Parent elements of i */
+  sqlite3 *db;               /* Database connection */
+  JsonString path;           /* Current path */
   JsonParse sParse;          /* Parse of the input JSON */
 };
+typedef struct JsonEachConnection JsonEachConnection;
+struct JsonEachConnection {
+  sqlite3_vtab base;         /* Base class - must be first */
+  sqlite3 *db;               /* Database connection */
+};
+
 
 /* Constructor for the json_each virtual table */
 static int jsonEachConnect(
@@ -205846,7 +207762,7 @@ static int jsonEachConnect(
   sqlite3_vtab **ppVtab,
   char **pzErr
 ){
-  sqlite3_vtab *pNew;
+  JsonEachConnection *pNew;
   int rc;
 
 /* Column numbers */
@@ -205872,28 +207788,32 @@ static int jsonEachConnect(
      "CREATE TABLE x(key,value,type,atom,id,parent,fullkey,path,"
                     "json HIDDEN,root HIDDEN)");
   if( rc==SQLITE_OK ){
-    pNew = *ppVtab = sqlite3_malloc( sizeof(*pNew) );
+    pNew = (JsonEachConnection*)sqlite3DbMallocZero(db, sizeof(*pNew));
+    *ppVtab = (sqlite3_vtab*)pNew;
     if( pNew==0 ) return SQLITE_NOMEM;
-    memset(pNew, 0, sizeof(*pNew));
     sqlite3_vtab_config(db, SQLITE_VTAB_INNOCUOUS);
+    pNew->db = db;
   }
   return rc;
 }
 
 /* destructor for json_each virtual table */
 static int jsonEachDisconnect(sqlite3_vtab *pVtab){
-  sqlite3_free(pVtab);
+  JsonEachConnection *p = (JsonEachConnection*)pVtab;
+  sqlite3DbFree(p->db, pVtab);
   return SQLITE_OK;
 }
 
 /* constructor for a JsonEachCursor object for json_each(). */
 static int jsonEachOpenEach(sqlite3_vtab *p, sqlite3_vtab_cursor **ppCursor){
+  JsonEachConnection *pVtab = (JsonEachConnection*)p;
   JsonEachCursor *pCur;
 
   UNUSED_PARAMETER(p);
-  pCur = sqlite3_malloc( sizeof(*pCur) );
+  pCur = sqlite3DbMallocZero(pVtab->db, sizeof(*pCur));
   if( pCur==0 ) return SQLITE_NOMEM;
-  memset(pCur, 0, sizeof(*pCur));
+  pCur->db = pVtab->db;
+  jsonStringZero(&pCur->path);
   *ppCursor = &pCur->base;
   return SQLITE_OK;
 }
@@ -205911,21 +207831,24 @@ static int jsonEachOpenTree(sqlite3_vtab *p, sqlite3_vtab_cursor **ppCursor){
 /* Reset a JsonEachCursor back to its original state.  Free any memory
 ** held. */
 static void jsonEachCursorReset(JsonEachCursor *p){
-  sqlite3_free(p->zRoot);
   jsonParseReset(&p->sParse);
+  jsonStringReset(&p->path);
+  sqlite3DbFree(p->db, p->aParent);
   p->iRowid = 0;
   p->i = 0;
+  p->aParent = 0;
+  p->nParent = 0;
+  p->nParentAlloc = 0;
   p->iEnd = 0;
   p->eType = 0;
-  p->zJson = 0;
-  p->zRoot = 0;
 }
 
 /* Destructor for a jsonEachCursor object */
 static int jsonEachClose(sqlite3_vtab_cursor *cur){
   JsonEachCursor *p = (JsonEachCursor*)cur;
   jsonEachCursorReset(p);
-  sqlite3_free(cur);
+
+  sqlite3DbFree(p->db, cur);
   return SQLITE_OK;
 }
 
@@ -205936,200 +207859,230 @@ static int jsonEachEof(sqlite3_vtab_cursor *cur){
   return p->i >= p->iEnd;
 }
 
-/* Advance the cursor to the next element for json_tree() */
-static int jsonEachNext(sqlite3_vtab_cursor *cur){
-  JsonEachCursor *p = (JsonEachCursor*)cur;
-  if( p->bRecursive ){
-    if( p->sParse.aNode[p->i].jnFlags & JNODE_LABEL ) p->i++;
-    p->i++;
-    p->iRowid++;
-    if( p->iiEnd ){
-      u32 iUp = p->sParse.aUp[p->i];
-      JsonNode *pUp = &p->sParse.aNode[iUp];
-      p->eType = pUp->eType;
-      if( pUp->eType==JSON_ARRAY ){
-        assert( pUp->eU==0 || pUp->eU==3 );
-        testcase( pUp->eU==3 );
-        VVA( pUp->eU = 3 );
-        if( iUp==p->i-1 ){
-          pUp->u.iKey = 0;
-        }else{
-          pUp->u.iKey++;
+/*
+** If the cursor is currently pointing at the label of a object entry,
+** then return the index of the value.  For all other cases, return the
+** current pointer position, which is the value.
+*/
+static int jsonSkipLabel(JsonEachCursor *p){
+  if( p->eType==JSONB_OBJECT ){
+    u32 sz = 0;
+    u32 n = jsonbPayloadSize(&p->sParse, p->i, &sz);
+    return p->i + n + sz;
+  }else{
+    return p->i;
+  }
+}
+
+/*
+** Append the path name for the current element.
+*/
+static void jsonAppendPathName(JsonEachCursor *p){
+  assert( p->nParent>0 );
+  assert( p->eType==JSONB_ARRAY || p->eType==JSONB_OBJECT );
+  if( p->eType==JSONB_ARRAY ){
+    jsonPrintf(30, &p->path, "[%lld]", p->aParent[p->nParent-1].iKey);
+  }else{
+    u32 n, sz = 0, k, i;
+    const char *z;
+    int needQuote = 0;
+    n = jsonbPayloadSize(&p->sParse, p->i, &sz);
+    k = p->i + n;
+    z = (const char*)&p->sParse.aBlob[k];
+    if( sz==0 || !sqlite3Isalpha(z[0]) ){
+      needQuote = 1;
+    }else{
+      for(i=0; ieType ){
-      case JSON_ARRAY: {
-        p->i += jsonNodeSize(&p->sParse.aNode[p->i]);
-        p->iRowid++;
-        break;
-      }
-      case JSON_OBJECT: {
-        p->i += 1 + jsonNodeSize(&p->sParse.aNode[p->i+1]);
-        p->iRowid++;
-        break;
-      }
-      default: {
-        p->i = p->iEnd;
-        break;
-      }
+    if( needQuote ){
+      jsonPrintf(sz+4,&p->path,".\"%.*s\"", sz, z);
+    }else{
+      jsonPrintf(sz+2,&p->path,".%.*s", sz, z);
     }
   }
-  return SQLITE_OK;
 }
 
-/* Append an object label to the JSON Path being constructed
-** in pStr.
-*/
-static void jsonAppendObjectPathElement(
-  JsonString *pStr,
-  JsonNode *pNode
-){
-  int jj, nn;
-  const char *z;
-  assert( pNode->eType==JSON_STRING );
-  assert( pNode->jnFlags & JNODE_LABEL );
-  assert( pNode->eU==1 );
-  z = pNode->u.zJContent;
-  nn = pNode->n;
-  if( (pNode->jnFlags & JNODE_RAW)==0 ){
-    assert( nn>=2 );
-    assert( z[0]=='"' || z[0]=='\'' );
-    assert( z[nn-1]=='"' || z[0]=='\'' );
-    if( nn>2 && sqlite3Isalpha(z[1]) ){
-      for(jj=2; jjbRecursive ){
+    u8 x;
+    u8 levelChange = 0;
+    u32 n, sz = 0;
+    u32 i = jsonSkipLabel(p);
+    x = p->sParse.aBlob[i] & 0x0f;
+    n = jsonbPayloadSize(&p->sParse, i, &sz);
+    if( x==JSONB_OBJECT || x==JSONB_ARRAY ){
+      JsonParent *pParent;
+      if( p->nParent>=p->nParentAlloc ){
+        JsonParent *pNew;
+        u64 nNew;
+        nNew = p->nParentAlloc*2 + 3;
+        pNew = sqlite3DbRealloc(p->db, p->aParent, sizeof(JsonParent)*nNew);
+        if( pNew==0 ) return SQLITE_NOMEM;
+        p->nParentAlloc = (u32)nNew;
+        p->aParent = pNew;
+      }
+      levelChange = 1;
+      pParent = &p->aParent[p->nParent];
+      pParent->iHead = p->i;
+      pParent->iValue = i;
+      pParent->iEnd = i + n + sz;
+      pParent->iKey = -1;
+      pParent->nPath = (u32)p->path.nUsed;
+      if( p->eType && p->nParent ){
+        jsonAppendPathName(p);
+        if( p->path.eErr ) rc = SQLITE_NOMEM;
+      }
+      p->nParent++;
+      p->i = i + n;
+    }else{
+      p->i = i + n + sz;
+    }
+    while( p->nParent>0 && p->i >= p->aParent[p->nParent-1].iEnd ){
+      p->nParent--;
+      p->path.nUsed = p->aParent[p->nParent].nPath;
+      levelChange = 1;
+    }
+    if( levelChange ){
+      if( p->nParent>0 ){
+        JsonParent *pParent = &p->aParent[p->nParent-1];
+        u32 iVal = pParent->iValue;
+        p->eType = p->sParse.aBlob[iVal] & 0x0f;
+      }else{
+        p->eType = 0;
       }
     }
+  }else{
+    u32 n, sz = 0;
+    u32 i = jsonSkipLabel(p);
+    n = jsonbPayloadSize(&p->sParse, i, &sz);
+    p->i = i + n + sz;
+  }
+  if( p->eType==JSONB_ARRAY && p->nParent ){
+    p->aParent[p->nParent-1].iKey++;
   }
-  jsonPrintf(nn+2, pStr, ".%.*s", nn, z);
+  p->iRowid++;
+  return rc;
 }
 
-/* Append the name of the path for element i to pStr
+/* Length of the path for rowid==0 in bRecursive mode.
 */
-static void jsonEachComputePath(
-  JsonEachCursor *p,       /* The cursor */
-  JsonString *pStr,        /* Write the path here */
-  u32 i                    /* Path to this element */
-){
-  JsonNode *pNode, *pUp;
-  u32 iUp;
-  if( i==0 ){
-    jsonAppendChar(pStr, '$');
-    return;
-  }
-  iUp = p->sParse.aUp[i];
-  jsonEachComputePath(p, pStr, iUp);
-  pNode = &p->sParse.aNode[i];
-  pUp = &p->sParse.aNode[iUp];
-  if( pUp->eType==JSON_ARRAY ){
-    assert( pUp->eU==3 || (pUp->eU==0 && pUp->u.iKey==0) );
-    testcase( pUp->eU==0 );
-    jsonPrintf(30, pStr, "[%d]", pUp->u.iKey);
-  }else{
-    assert( pUp->eType==JSON_OBJECT );
-    if( (pNode->jnFlags & JNODE_LABEL)==0 ) pNode--;
-    jsonAppendObjectPathElement(pStr, pNode);
+static int jsonEachPathLength(JsonEachCursor *p){
+  u32 n = p->path.nUsed;
+  char *z = p->path.zBuf;
+  if( p->iRowid==0 && p->bRecursive && n>=2 ){
+    while( n>1 ){
+      n--;
+      if( z[n]=='[' || z[n]=='.' ){
+        u32 x, sz = 0;
+        char cSaved = z[n];
+        z[n] = 0;
+        assert( p->sParse.eEdit==0 );
+        x = jsonLookupStep(&p->sParse, 0, z+1, 0);
+        z[n] = cSaved;
+        if( JSON_LOOKUP_ISERROR(x) ) continue;
+        if( x + jsonbPayloadSize(&p->sParse, x, &sz) == p->i ) break;
+      }
+    }
   }
+  return n;
 }
 
 /* Return the value of a column */
 static int jsonEachColumn(
   sqlite3_vtab_cursor *cur,   /* The cursor */
   sqlite3_context *ctx,       /* First argument to sqlite3_result_...() */
-  int i                       /* Which column to return */
+  int iColumn                 /* Which column to return */
 ){
   JsonEachCursor *p = (JsonEachCursor*)cur;
-  JsonNode *pThis = &p->sParse.aNode[p->i];
-  switch( i ){
+  switch( iColumn ){
     case JEACH_KEY: {
-      if( p->i==0 ) break;
-      if( p->eType==JSON_OBJECT ){
-        jsonReturn(&p->sParse, pThis, ctx);
-      }else if( p->eType==JSON_ARRAY ){
-        u32 iKey;
-        if( p->bRecursive ){
-          if( p->iRowid==0 ) break;
-          assert( p->sParse.aNode[p->sParse.aUp[p->i]].eU==3 );
-          iKey = p->sParse.aNode[p->sParse.aUp[p->i]].u.iKey;
+      if( p->nParent==0 ){
+        u32 n, j;
+        if( p->nRoot==1 ) break;
+        j = jsonEachPathLength(p);
+        n = p->nRoot - j;
+        if( n==0 ){
+          break;
+        }else if( p->path.zBuf[j]=='[' ){
+          i64 x;
+          sqlite3Atoi64(&p->path.zBuf[j+1], &x, n-1, SQLITE_UTF8);
+          sqlite3_result_int64(ctx, x);
+        }else if( p->path.zBuf[j+1]=='"' ){
+          sqlite3_result_text(ctx, &p->path.zBuf[j+2], n-3, SQLITE_TRANSIENT);
         }else{
-          iKey = p->iRowid;
+          sqlite3_result_text(ctx, &p->path.zBuf[j+1], n-1, SQLITE_TRANSIENT);
         }
-        sqlite3_result_int64(ctx, (sqlite3_int64)iKey);
+        break;
+      }
+      if( p->eType==JSONB_OBJECT ){
+        jsonReturnFromBlob(&p->sParse, p->i, ctx, 1);
+      }else{
+        assert( p->eType==JSONB_ARRAY );
+        sqlite3_result_int64(ctx, p->aParent[p->nParent-1].iKey);
       }
       break;
     }
     case JEACH_VALUE: {
-      if( pThis->jnFlags & JNODE_LABEL ) pThis++;
-      jsonReturn(&p->sParse, pThis, ctx);
+      u32 i = jsonSkipLabel(p);
+      jsonReturnFromBlob(&p->sParse, i, ctx, 1);
       break;
     }
     case JEACH_TYPE: {
-      if( pThis->jnFlags & JNODE_LABEL ) pThis++;
-      sqlite3_result_text(ctx, jsonType[pThis->eType], -1, SQLITE_STATIC);
+      u32 i = jsonSkipLabel(p);
+      u8 eType = p->sParse.aBlob[i] & 0x0f;
+      sqlite3_result_text(ctx, jsonbType[eType], -1, SQLITE_STATIC);
       break;
     }
     case JEACH_ATOM: {
-      if( pThis->jnFlags & JNODE_LABEL ) pThis++;
-      if( pThis->eType>=JSON_ARRAY ) break;
-      jsonReturn(&p->sParse, pThis, ctx);
+      u32 i = jsonSkipLabel(p);
+      if( (p->sParse.aBlob[i] & 0x0f)sParse, i, ctx, 1);
+      }
       break;
     }
     case JEACH_ID: {
-      sqlite3_result_int64(ctx,
-         (sqlite3_int64)p->i + ((pThis->jnFlags & JNODE_LABEL)!=0));
+      sqlite3_result_int64(ctx, (sqlite3_int64)p->i);
       break;
     }
     case JEACH_PARENT: {
-      if( p->i>p->iBegin && p->bRecursive ){
-        sqlite3_result_int64(ctx, (sqlite3_int64)p->sParse.aUp[p->i]);
+      if( p->nParent>0 && p->bRecursive ){
+        sqlite3_result_int64(ctx, p->aParent[p->nParent-1].iHead);
       }
       break;
     }
     case JEACH_FULLKEY: {
-      JsonString x;
-      jsonInit(&x, ctx);
-      if( p->bRecursive ){
-        jsonEachComputePath(p, &x, p->i);
-      }else{
-        if( p->zRoot ){
-          jsonAppendRaw(&x, p->zRoot, (int)strlen(p->zRoot));
-        }else{
-          jsonAppendChar(&x, '$');
-        }
-        if( p->eType==JSON_ARRAY ){
-          jsonPrintf(30, &x, "[%d]", p->iRowid);
-        }else if( p->eType==JSON_OBJECT ){
-          jsonAppendObjectPathElement(&x, pThis);
-        }
-      }
-      jsonResult(&x);
+      u64 nBase = p->path.nUsed;
+      if( p->nParent ) jsonAppendPathName(p);
+      sqlite3_result_text64(ctx, p->path.zBuf, p->path.nUsed,
+                            SQLITE_TRANSIENT, SQLITE_UTF8);
+      p->path.nUsed = nBase;
       break;
     }
     case JEACH_PATH: {
-      if( p->bRecursive ){
-        JsonString x;
-        jsonInit(&x, ctx);
-        jsonEachComputePath(p, &x, p->sParse.aUp[p->i]);
-        jsonResult(&x);
-        break;
-      }
-      /* For json_each() path and root are the same so fall through
-      ** into the root case */
-      /* no break */ deliberate_fall_through
+      u32 n = jsonEachPathLength(p);
+      sqlite3_result_text64(ctx, p->path.zBuf, n,
+                            SQLITE_TRANSIENT, SQLITE_UTF8);
+      break;
     }
     default: {
-      const char *zRoot = p->zRoot;
-      if( zRoot==0 ) zRoot = "$";
-      sqlite3_result_text(ctx, zRoot, -1, SQLITE_STATIC);
+      sqlite3_result_text(ctx, p->path.zBuf, p->nRoot, SQLITE_STATIC);
       break;
     }
     case JEACH_JSON: {
-      assert( i==JEACH_JSON );
-      sqlite3_result_text(ctx, p->sParse.zJson, -1, SQLITE_STATIC);
+      if( p->sParse.zJson==0 ){
+        sqlite3_result_blob(ctx, p->sParse.aBlob, p->sParse.nBlob,
+                            SQLITE_STATIC);
+      }else{
+        sqlite3_result_text(ctx, p->sParse.zJson, -1, SQLITE_STATIC);
+      }
       break;
     }
   }
@@ -206220,86 +208173,101 @@ static int jsonEachFilter(
   int argc, sqlite3_value **argv
 ){
   JsonEachCursor *p = (JsonEachCursor*)cur;
-  const char *z;
   const char *zRoot = 0;
-  sqlite3_int64 n;
+  u32 i, n, sz;
 
   UNUSED_PARAMETER(idxStr);
   UNUSED_PARAMETER(argc);
   jsonEachCursorReset(p);
   if( idxNum==0 ) return SQLITE_OK;
-  z = (const char*)sqlite3_value_text(argv[0]);
-  if( z==0 ) return SQLITE_OK;
   memset(&p->sParse, 0, sizeof(p->sParse));
   p->sParse.nJPRef = 1;
-  if( sqlite3ValueIsOfClass(argv[0], sqlite3RCStrUnref) ){
-    p->sParse.zJson = sqlite3RCStrRef((char*)z);
-  }else{
-    n = sqlite3_value_bytes(argv[0]);
-    p->sParse.zJson = sqlite3RCStrNew( n+1 );
-    if( p->sParse.zJson==0 ) return SQLITE_NOMEM;
-    memcpy(p->sParse.zJson, z, (size_t)n+1);
-  }
-  p->sParse.bJsonIsRCStr = 1;
-  p->zJson = p->sParse.zJson;
-  if( jsonParse(&p->sParse, 0) ){
-    int rc = SQLITE_NOMEM;
-    if( p->sParse.oom==0 ){
-      sqlite3_free(cur->pVtab->zErrMsg);
-      cur->pVtab->zErrMsg = sqlite3_mprintf("malformed JSON");
-      if( cur->pVtab->zErrMsg ) rc = SQLITE_ERROR;
+  p->sParse.db = p->db;
+  if( sqlite3_value_type(argv[0])==SQLITE_BLOB ){
+    if( jsonFuncArgMightBeBinary(argv[0]) ){
+      p->sParse.nBlob = sqlite3_value_bytes(argv[0]);
+      p->sParse.aBlob = (u8*)sqlite3_value_blob(argv[0]);
+    }else{
+      goto json_each_malformed_input;
     }
-    jsonEachCursorReset(p);
-    return rc;
-  }else if( p->bRecursive && jsonParseFindParents(&p->sParse) ){
-    jsonEachCursorReset(p);
-    return SQLITE_NOMEM;
   }else{
-    JsonNode *pNode = 0;
-    if( idxNum==3 ){
-      const char *zErr = 0;
-      zRoot = (const char*)sqlite3_value_text(argv[1]);
-      if( zRoot==0 ) return SQLITE_OK;
-      n = sqlite3_value_bytes(argv[1]);
-      p->zRoot = sqlite3_malloc64( n+1 );
-      if( p->zRoot==0 ) return SQLITE_NOMEM;
-      memcpy(p->zRoot, zRoot, (size_t)n+1);
-      if( zRoot[0]!='$' ){
-        zErr = zRoot;
-      }else{
-        pNode = jsonLookupStep(&p->sParse, 0, p->zRoot+1, 0, &zErr);
+    p->sParse.zJson = (char*)sqlite3_value_text(argv[0]);
+    p->sParse.nJson = sqlite3_value_bytes(argv[0]);
+    if( p->sParse.zJson==0 ){
+      p->i = p->iEnd = 0;
+      return SQLITE_OK;
+    }
+    if( jsonConvertTextToBlob(&p->sParse, 0) ){
+      if( p->sParse.oom ){
+        return SQLITE_NOMEM;
       }
-      if( zErr ){
+      goto json_each_malformed_input;
+    }
+  }
+  if( idxNum==3 ){
+    zRoot = (const char*)sqlite3_value_text(argv[1]);
+    if( zRoot==0 ) return SQLITE_OK;
+    if( zRoot[0]!='$' ){
+      sqlite3_free(cur->pVtab->zErrMsg);
+      cur->pVtab->zErrMsg = jsonBadPathError(0, zRoot);
+      jsonEachCursorReset(p);
+      return cur->pVtab->zErrMsg ? SQLITE_ERROR : SQLITE_NOMEM;
+    }
+    p->nRoot = sqlite3Strlen30(zRoot);
+    if( zRoot[1]==0 ){
+      i = p->i = 0;
+      p->eType = 0;
+    }else{
+      i = jsonLookupStep(&p->sParse, 0, zRoot+1, 0);
+      if( JSON_LOOKUP_ISERROR(i) ){
+        if( i==JSON_LOOKUP_NOTFOUND ){
+          p->i = 0;
+          p->eType = 0;
+          p->iEnd = 0;
+          return SQLITE_OK;
+        }
         sqlite3_free(cur->pVtab->zErrMsg);
-        cur->pVtab->zErrMsg = jsonPathSyntaxError(zErr);
+        cur->pVtab->zErrMsg = jsonBadPathError(0, zRoot);
         jsonEachCursorReset(p);
         return cur->pVtab->zErrMsg ? SQLITE_ERROR : SQLITE_NOMEM;
-      }else if( pNode==0 ){
-        return SQLITE_OK;
       }
-    }else{
-      pNode = p->sParse.aNode;
-    }
-    p->iBegin = p->i = (int)(pNode - p->sParse.aNode);
-    p->eType = pNode->eType;
-    if( p->eType>=JSON_ARRAY ){
-      assert( pNode->eU==0 );
-      VVA( pNode->eU = 3 );
-      pNode->u.iKey = 0;
-      p->iEnd = p->i + pNode->n + 1;
-      if( p->bRecursive ){
-        p->eType = p->sParse.aNode[p->sParse.aUp[p->i]].eType;
-        if( p->i>0 && (p->sParse.aNode[p->i-1].jnFlags & JNODE_LABEL)!=0 ){
-          p->i--;
-        }
+      if( p->sParse.iLabel ){
+        p->i = p->sParse.iLabel;
+        p->eType = JSONB_OBJECT;
       }else{
-        p->i++;
-      }
-    }else{
-      p->iEnd = p->i+1;
-    }
+        p->i = i;
+        p->eType = JSONB_ARRAY;
+      }
+    }
+    jsonAppendRaw(&p->path, zRoot, p->nRoot);
+  }else{
+    i = p->i = 0;
+    p->eType = 0;
+    p->nRoot = 1;
+    jsonAppendRaw(&p->path, "$", 1);
+  }
+  p->nParent = 0;
+  n = jsonbPayloadSize(&p->sParse, i, &sz);
+  p->iEnd = i+n+sz;
+  if( (p->sParse.aBlob[i] & 0x0f)>=JSONB_ARRAY && !p->bRecursive ){
+    p->i = i + n;
+    p->eType = p->sParse.aBlob[i] & 0x0f;
+    p->aParent = sqlite3DbMallocZero(p->db, sizeof(JsonParent));
+    if( p->aParent==0 ) return SQLITE_NOMEM;
+    p->nParent = 1;
+    p->nParentAlloc = 1;
+    p->aParent[0].iKey = 0;
+    p->aParent[0].iEnd = p->iEnd;
+    p->aParent[0].iHead = p->i;
+    p->aParent[0].iValue = i;
   }
   return SQLITE_OK;
+
+json_each_malformed_input:
+  sqlite3_free(cur->pVtab->zErrMsg);
+  cur->pVtab->zErrMsg = sqlite3_mprintf("malformed JSON");
+  jsonEachCursorReset(p);
+  return cur->pVtab->zErrMsg ? SQLITE_ERROR : SQLITE_NOMEM;
 }
 
 /* The methods of the json_each virtual table */
@@ -206368,34 +208336,57 @@ static sqlite3_module jsonTreeModule = {
 SQLITE_PRIVATE void sqlite3RegisterJsonFunctions(void){
 #ifndef SQLITE_OMIT_JSON
   static FuncDef aJsonFunc[] = {
-    JFUNCTION(json,               1, 0,  jsonRemoveFunc),
-    JFUNCTION(json_array,        -1, 0,  jsonArrayFunc),
-    JFUNCTION(json_array_length,  1, 0,  jsonArrayLengthFunc),
-    JFUNCTION(json_array_length,  2, 0,  jsonArrayLengthFunc),
-    JFUNCTION(json_error_position,1, 0,  jsonErrorFunc),
-    JFUNCTION(json_extract,      -1, 0,  jsonExtractFunc),
-    JFUNCTION(->,                 2, JSON_JSON, jsonExtractFunc),
-    JFUNCTION(->>,                2, JSON_SQL, jsonExtractFunc),
-    JFUNCTION(json_insert,       -1, 0,  jsonSetFunc),
-    JFUNCTION(json_object,       -1, 0,  jsonObjectFunc),
-    JFUNCTION(json_patch,         2, 0,  jsonPatchFunc),
-    JFUNCTION(json_quote,         1, 0,  jsonQuoteFunc),
-    JFUNCTION(json_remove,       -1, 0,  jsonRemoveFunc),
-    JFUNCTION(json_replace,      -1, 0,  jsonReplaceFunc),
-    JFUNCTION(json_set,          -1, JSON_ISSET,  jsonSetFunc),
-    JFUNCTION(json_type,          1, 0,  jsonTypeFunc),
-    JFUNCTION(json_type,          2, 0,  jsonTypeFunc),
-    JFUNCTION(json_valid,         1, 0,  jsonValidFunc),
+    /*   sqlite3_result_subtype() ----,  ,--- sqlite3_value_subtype()       */
+    /*                                |  |                                  */
+    /*             Uses cache ------, |  | ,---- Returns JSONB              */
+    /*                              | |  | |                                */
+    /*     Number of arguments ---, | |  | | ,--- Flags                     */
+    /*                            | | |  | | |                              */
+    JFUNCTION(json,               1,1,1, 0,0,0,          jsonRemoveFunc),
+    JFUNCTION(jsonb,              1,1,0, 0,1,0,          jsonRemoveFunc),
+    JFUNCTION(json_array,        -1,0,1, 1,0,0,          jsonArrayFunc),
+    JFUNCTION(jsonb_array,       -1,0,1, 1,1,0,          jsonArrayFunc),
+    JFUNCTION(json_array_length,  1,1,0, 0,0,0,          jsonArrayLengthFunc),
+    JFUNCTION(json_array_length,  2,1,0, 0,0,0,          jsonArrayLengthFunc),
+    JFUNCTION(json_error_position,1,1,0, 0,0,0,          jsonErrorFunc),
+    JFUNCTION(json_extract,      -1,1,1, 0,0,0,          jsonExtractFunc),
+    JFUNCTION(jsonb_extract,     -1,1,0, 0,1,0,          jsonExtractFunc),
+    JFUNCTION(->,                 2,1,1, 0,0,JSON_JSON,  jsonExtractFunc),
+    JFUNCTION(->>,                2,1,0, 0,0,JSON_SQL,   jsonExtractFunc),
+    JFUNCTION(json_insert,       -1,1,1, 1,0,0,          jsonSetFunc),
+    JFUNCTION(jsonb_insert,      -1,1,0, 1,1,0,          jsonSetFunc),
+    JFUNCTION(json_object,       -1,0,1, 1,0,0,          jsonObjectFunc),
+    JFUNCTION(jsonb_object,      -1,0,1, 1,1,0,          jsonObjectFunc),
+    JFUNCTION(json_patch,         2,1,1, 0,0,0,          jsonPatchFunc),
+    JFUNCTION(jsonb_patch,        2,1,0, 0,1,0,          jsonPatchFunc),
+    JFUNCTION(json_quote,         1,0,1, 1,0,0,          jsonQuoteFunc),
+    JFUNCTION(json_remove,       -1,1,1, 0,0,0,          jsonRemoveFunc),
+    JFUNCTION(jsonb_remove,      -1,1,0, 0,1,0,          jsonRemoveFunc),
+    JFUNCTION(json_replace,      -1,1,1, 1,0,0,          jsonReplaceFunc),
+    JFUNCTION(jsonb_replace,     -1,1,0, 1,1,0,          jsonReplaceFunc),
+    JFUNCTION(json_set,          -1,1,1, 1,0,JSON_ISSET, jsonSetFunc),
+    JFUNCTION(jsonb_set,         -1,1,0, 1,1,JSON_ISSET, jsonSetFunc),
+    JFUNCTION(json_type,          1,1,0, 0,0,0,          jsonTypeFunc),
+    JFUNCTION(json_type,          2,1,0, 0,0,0,          jsonTypeFunc),
+    JFUNCTION(json_valid,         1,1,0, 0,0,0,          jsonValidFunc),
+    JFUNCTION(json_valid,         2,1,0, 0,0,0,          jsonValidFunc),
 #if SQLITE_DEBUG
-    JFUNCTION(json_parse,         1, 0,  jsonParseFunc),
-    JFUNCTION(json_test1,         1, 0,  jsonTest1Func),
+    JFUNCTION(json_parse,         1,1,0, 0,0,0,          jsonParseFunc),
 #endif
     WAGGREGATE(json_group_array,  1, 0, 0,
        jsonArrayStep, jsonArrayFinal, jsonArrayValue, jsonGroupInverse,
-       SQLITE_SUBTYPE|SQLITE_UTF8|SQLITE_DETERMINISTIC),
+       SQLITE_SUBTYPE|SQLITE_RESULT_SUBTYPE|SQLITE_UTF8|
+       SQLITE_DETERMINISTIC),
+    WAGGREGATE(jsonb_group_array, 1, JSON_BLOB, 0,
+       jsonArrayStep, jsonArrayFinal, jsonArrayValue, jsonGroupInverse,
+       SQLITE_SUBTYPE|SQLITE_RESULT_SUBTYPE|SQLITE_UTF8|SQLITE_DETERMINISTIC),
     WAGGREGATE(json_group_object, 2, 0, 0,
        jsonObjectStep, jsonObjectFinal, jsonObjectValue, jsonGroupInverse,
-       SQLITE_SUBTYPE|SQLITE_UTF8|SQLITE_DETERMINISTIC)
+       SQLITE_SUBTYPE|SQLITE_RESULT_SUBTYPE|SQLITE_UTF8|SQLITE_DETERMINISTIC),
+    WAGGREGATE(jsonb_group_object,2, JSON_BLOB, 0,
+       jsonObjectStep, jsonObjectFinal, jsonObjectValue, jsonGroupInverse,
+       SQLITE_SUBTYPE|SQLITE_RESULT_SUBTYPE|SQLITE_UTF8|
+       SQLITE_DETERMINISTIC)
   };
   sqlite3InsertBuiltinFuncs(aJsonFunc, ArraySize(aJsonFunc));
 #endif
@@ -207143,7 +209134,7 @@ static int nodeAcquire(
   ** increase its reference count and return it.
   */
   if( (pNode = nodeHashLookup(pRtree, iNode))!=0 ){
-    if( pParent && pParent!=pNode->pParent ){
+    if( pParent && ALWAYS(pParent!=pNode->pParent) ){
       RTREE_IS_CORRUPT(pRtree);
       return SQLITE_CORRUPT_VTAB;
     }
@@ -209878,7 +211869,7 @@ static int rtreeSqlInit(
     }
     sqlite3_free(zSql);
   }
-  if( pRtree->nAux ){
+  if( pRtree->nAux && rc!=SQLITE_NOMEM ){
     pRtree->zReadAuxSql = sqlite3_mprintf(
        "SELECT * FROM \"%w\".\"%w_rowid\" WHERE rowid=?1",
        zDb, zPrefix);
@@ -210567,15 +212558,13 @@ static int rtreeCheckTable(
   check.zTab = zTab;
 
   /* Find the number of auxiliary columns */
-  if( check.rc==SQLITE_OK ){
-    pStmt = rtreeCheckPrepare(&check, "SELECT * FROM %Q.'%q_rowid'", zDb, zTab);
-    if( pStmt ){
-      nAux = sqlite3_column_count(pStmt) - 2;
-      sqlite3_finalize(pStmt);
-    }else
-    if( check.rc!=SQLITE_NOMEM ){
-      check.rc = SQLITE_OK;
-    }
+  pStmt = rtreeCheckPrepare(&check, "SELECT * FROM %Q.'%q_rowid'", zDb, zTab);
+  if( pStmt ){
+    nAux = sqlite3_column_count(pStmt) - 2;
+    sqlite3_finalize(pStmt);
+  }else
+  if( check.rc!=SQLITE_NOMEM ){
+    check.rc = SQLITE_OK;
   }
 
   /* Find number of dimensions in the rtree table. */
@@ -210630,6 +212619,7 @@ static int rtreeIntegrity(
   if( rc==SQLITE_OK && *pzErr ){
     *pzErr = sqlite3_mprintf("In RTree %s.%s:\n%z",
                  pRtree->zDb, pRtree->zName, *pzErr);
+    if( (*pzErr)==0 ) rc = SQLITE_NOMEM;
   }
   return rc;
 }
@@ -223300,9 +225290,7 @@ SQLITE_API void sqlite3session_delete(sqlite3_session *pSession){
   ** associated hash-tables. */
   sessionDeleteTable(pSession, pSession->pTable);
 
-  /* Assert that all allocations have been freed and then free the
-  ** session object itself. */
-  // assert( pSession->nMalloc==0 );
+  /* Free the session object. */
   sqlite3_free(pSession);
 }
 
@@ -227515,8 +229503,11 @@ struct Fts5PhraseIter {
 **   created with the "columnsize=0" option.
 **
 ** xColumnText:
-**   This function attempts to retrieve the text of column iCol of the
-**   current document. If successful, (*pz) is set to point to a buffer
+**   If parameter iCol is less than zero, or greater than or equal to the
+**   number of columns in the table, SQLITE_RANGE is returned.
+**
+**   Otherwise, this function attempts to retrieve the text of column iCol of
+**   the current document. If successful, (*pz) is set to point to a buffer
 **   containing the text in utf-8 encoding, (*pn) is set to the size in bytes
 **   (not characters) of the buffer and SQLITE_OK is returned. Otherwise,
 **   if an error occurs, an SQLite error code is returned and the final values
@@ -227526,8 +229517,10 @@ struct Fts5PhraseIter {
 **   Returns the number of phrases in the current query expression.
 **
 ** xPhraseSize:
-**   Returns the number of tokens in phrase iPhrase of the query. Phrases
-**   are numbered starting from zero.
+**   If parameter iCol is less than zero, or greater than or equal to the
+**   number of phrases in the current query, as returned by xPhraseCount,
+**   0 is returned. Otherwise, this function returns the number of tokens in
+**   phrase iPhrase of the query. Phrases are numbered starting from zero.
 **
 ** xInstCount:
 **   Set *pnInst to the total number of occurrences of all phrases within
@@ -227543,12 +229536,13 @@ struct Fts5PhraseIter {
 **   Query for the details of phrase match iIdx within the current row.
 **   Phrase matches are numbered starting from zero, so the iIdx argument
 **   should be greater than or equal to zero and smaller than the value
-**   output by xInstCount().
+**   output by xInstCount(). If iIdx is less than zero or greater than
+**   or equal to the value returned by xInstCount(), SQLITE_RANGE is returned.
 **
-**   Usually, output parameter *piPhrase is set to the phrase number, *piCol
+**   Otherwise, output parameter *piPhrase is set to the phrase number, *piCol
 **   to the column in which it occurs and *piOff the token offset of the
-**   first token of the phrase. Returns SQLITE_OK if successful, or an error
-**   code (i.e. SQLITE_NOMEM) if an error occurs.
+**   first token of the phrase. SQLITE_OK is returned if successful, or an
+**   error code (i.e. SQLITE_NOMEM) if an error occurs.
 **
 **   This API can be quite slow if used with an FTS5 table created with the
 **   "detail=none" or "detail=column" option.
@@ -227574,6 +229568,10 @@ struct Fts5PhraseIter {
 **   Invoking Api.xUserData() returns a copy of the pointer passed as
 **   the third argument to pUserData.
 **
+**   If parameter iPhrase is less than zero, or greater than or equal to
+**   the number of phrases in the query, as returned by xPhraseCount(),
+**   this function returns SQLITE_RANGE.
+**
 **   If the callback function returns any value other than SQLITE_OK, the
 **   query is abandoned and the xQueryPhrase function returns immediately.
 **   If the returned value is SQLITE_DONE, xQueryPhrase returns SQLITE_OK.
@@ -227688,9 +229686,42 @@ struct Fts5PhraseIter {
 **
 ** xPhraseNextColumn()
 **   See xPhraseFirstColumn above.
+**
+** xQueryToken(pFts5, iPhrase, iToken, ppToken, pnToken)
+**   This is used to access token iToken of phrase iPhrase of the current
+**   query. Before returning, output parameter *ppToken is set to point
+**   to a buffer containing the requested token, and *pnToken to the
+**   size of this buffer in bytes.
+**
+**   If iPhrase or iToken are less than zero, or if iPhrase is greater than
+**   or equal to the number of phrases in the query as reported by
+**   xPhraseCount(), or if iToken is equal to or greater than the number of
+**   tokens in the phrase, SQLITE_RANGE is returned and *ppToken and *pnToken
+     are both zeroed.
+**
+**   The output text is not a copy of the query text that specified the
+**   token. It is the output of the tokenizer module. For tokendata=1
+**   tables, this includes any embedded 0x00 and trailing data.
+**
+** xInstToken(pFts5, iIdx, iToken, ppToken, pnToken)
+**   This is used to access token iToken of phrase hit iIdx within the
+**   current row. If iIdx is less than zero or greater than or equal to the
+**   value returned by xInstCount(), SQLITE_RANGE is returned.  Otherwise,
+**   output variable (*ppToken) is set to point to a buffer containing the
+**   matching document token, and (*pnToken) to the size of that buffer in
+**   bytes. This API is not available if the specified token matches a
+**   prefix query term. In that case both output variables are always set
+**   to 0.
+**
+**   The output text is not a copy of the document text that was tokenized.
+**   It is the output of the tokenizer module. For tokendata=1 tables, this
+**   includes any embedded 0x00 and trailing data.
+**
+**   This API can be quite slow if used with an FTS5 table created with the
+**   "detail=none" or "detail=column" option.
 */
 struct Fts5ExtensionApi {
-  int iVersion;                   /* Currently always set to 2 */
+  int iVersion;                   /* Currently always set to 3 */
 
   void *(*xUserData)(Fts5Context*);
 
@@ -227725,6 +229756,13 @@ struct Fts5ExtensionApi {
 
   int (*xPhraseFirstColumn)(Fts5Context*, int iPhrase, Fts5PhraseIter*, int*);
   void (*xPhraseNextColumn)(Fts5Context*, Fts5PhraseIter*, int *piCol);
+
+  /* Below this point are iVersion>=3 only */
+  int (*xQueryToken)(Fts5Context*,
+      int iPhrase, int iToken,
+      const char **ppToken, int *pnToken
+  );
+  int (*xInstToken)(Fts5Context*, int iIdx, int iToken, const char**, int*);
 };
 
 /*
@@ -228199,6 +230237,7 @@ struct Fts5Config {
   char *zContent;                 /* content table */
   char *zContentRowid;            /* "content_rowid=" option value */
   int bColumnsize;                /* "columnsize=" option value (dflt==1) */
+  int bTokendata;                 /* "tokendata=" option value (dflt==0) */
   int eDetail;                    /* FTS5_DETAIL_XXX value */
   char *zContentExprlist;
   Fts5Tokenizer *pTok;
@@ -228387,17 +230426,19 @@ struct Fts5IndexIter {
 /*
 ** Values used as part of the flags argument passed to IndexQuery().
 */
-#define FTS5INDEX_QUERY_PREFIX     0x0001   /* Prefix query */
-#define FTS5INDEX_QUERY_DESC       0x0002   /* Docs in descending rowid order */
-#define FTS5INDEX_QUERY_TEST_NOIDX 0x0004   /* Do not use prefix index */
-#define FTS5INDEX_QUERY_SCAN       0x0008   /* Scan query (fts5vocab) */
+#define FTS5INDEX_QUERY_PREFIX      0x0001  /* Prefix query */
+#define FTS5INDEX_QUERY_DESC        0x0002  /* Docs in descending rowid order */
+#define FTS5INDEX_QUERY_TEST_NOIDX  0x0004  /* Do not use prefix index */
+#define FTS5INDEX_QUERY_SCAN        0x0008  /* Scan query (fts5vocab) */
 
 /* The following are used internally by the fts5_index.c module. They are
 ** defined here only to make it easier to avoid clashes with the flags
 ** above. */
-#define FTS5INDEX_QUERY_SKIPEMPTY  0x0010
-#define FTS5INDEX_QUERY_NOOUTPUT   0x0020
-#define FTS5INDEX_QUERY_SKIPHASH   0x0040
+#define FTS5INDEX_QUERY_SKIPEMPTY   0x0010
+#define FTS5INDEX_QUERY_NOOUTPUT    0x0020
+#define FTS5INDEX_QUERY_SKIPHASH    0x0040
+#define FTS5INDEX_QUERY_NOTOKENDATA 0x0080
+#define FTS5INDEX_QUERY_SCANONETERM 0x0100
 
 /*
 ** Create/destroy an Fts5Index object.
@@ -228466,6 +230507,10 @@ static void *sqlite3Fts5StructureRef(Fts5Index*);
 static void sqlite3Fts5StructureRelease(void*);
 static int sqlite3Fts5StructureTest(Fts5Index*, void*);
 
+/*
+** Used by xInstToken():
+*/
+static int sqlite3Fts5IterToken(Fts5IndexIter*, i64, int, int, const char**, int*);
 
 /*
 ** Insert or remove data to or from the index. Each time a document is
@@ -228543,6 +230588,13 @@ static int sqlite3Fts5IndexLoadConfig(Fts5Index *p);
 static int sqlite3Fts5IndexGetOrigin(Fts5Index *p, i64 *piOrigin);
 static int sqlite3Fts5IndexContentlessDelete(Fts5Index *p, i64 iOrigin, i64 iRowid);
 
+static void sqlite3Fts5IndexIterClearTokendata(Fts5IndexIter*);
+
+/* Used to populate hash tables for xInstToken in detail=none/column mode. */
+static int sqlite3Fts5IndexIterWriteTokendata(
+    Fts5IndexIter*, const char*, int, i64 iRowid, int iCol, int iOff
+);
+
 /*
 ** End of interface to code in fts5_index.c.
 **************************************************************************/
@@ -228648,6 +230700,7 @@ static void sqlite3Fts5HashScanNext(Fts5Hash*);
 static int sqlite3Fts5HashScanEof(Fts5Hash*);
 static void sqlite3Fts5HashScanEntry(Fts5Hash *,
   const char **pzTerm,            /* OUT: term (nul-terminated) */
+  int *pnTerm,                    /* OUT: Size of term in bytes */
   const u8 **ppDoclist,           /* OUT: pointer to doclist */
   int *pnDoclist                  /* OUT: size of doclist in bytes */
 );
@@ -228774,6 +230827,10 @@ static int sqlite3Fts5ExprClonePhrase(Fts5Expr*, int, Fts5Expr**);
 
 static int sqlite3Fts5ExprPhraseCollist(Fts5Expr *, int, const u8 **, int *);
 
+static int sqlite3Fts5ExprQueryToken(Fts5Expr*, int, int, const char**, int*);
+static int sqlite3Fts5ExprInstToken(Fts5Expr*, i64, int, int, int, int, const char**, int*);
+static void sqlite3Fts5ExprClearTokens(Fts5Expr*);
+
 /*******************************************
 ** The fts5_expr.c API above this point is used by the other hand-written
 ** C code in this module. The interfaces below this point are called by
@@ -230589,6 +232646,14 @@ static int fts5HighlightCb(
   }
 
   if( iPos==p->iRangeEnd ){
+    if( p->bOpen ){
+      if( p->iter.iStart>=0 && iPos>=p->iter.iStart ){
+        fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iEndOff - p->iOff);
+        p->iOff = iEndOff;
+      }
+      fts5HighlightAppend(&rc, p, p->zClose, -1);
+      p->bOpen = 0;
+    }
     fts5HighlightAppend(&rc, p, &p->zIn[p->iOff], iEndOff - p->iOff);
     p->iOff = iEndOff;
   }
@@ -230622,8 +232687,10 @@ static void fts5HighlightFunction(
   ctx.zClose = (const char*)sqlite3_value_text(apVal[2]);
   ctx.iRangeEnd = -1;
   rc = pApi->xColumnText(pFts, iCol, &ctx.zIn, &ctx.nIn);
-
-  if( ctx.zIn ){
+  if( rc==SQLITE_RANGE ){
+    sqlite3_result_text(pCtx, "", -1, SQLITE_STATIC);
+    rc = SQLITE_OK;
+  }else if( ctx.zIn ){
     if( rc==SQLITE_OK ){
       rc = fts5CInstIterInit(pApi, pFts, iCol, &ctx.iter);
     }
@@ -231190,6 +233257,7 @@ static void sqlite3Fts5BufferAppendBlob(
 ){
   if( nData ){
     if( fts5BufferGrow(pRc, pBuf, nData) ) return;
+    assert( pBuf->p!=0 );
     memcpy(&pBuf->p[pBuf->n], pData, nData);
     pBuf->n += nData;
   }
@@ -231291,6 +233359,7 @@ static int sqlite3Fts5PoslistNext64(
   i64 *piOff                      /* IN/OUT: Current offset */
 ){
   int i = *pi;
+  assert( a!=0 || i==0 );
   if( i>=n ){
     /* EOF */
     *piOff = -1;
@@ -231298,6 +233367,7 @@ static int sqlite3Fts5PoslistNext64(
   }else{
     i64 iOff = *piOff;
     u32 iVal;
+    assert( a!=0 );
     fts5FastGetVarint32(a, i, iVal);
     if( iVal<=1 ){
       if( iVal==0 ){
@@ -231929,6 +233999,16 @@ static int fts5ConfigParseSpecial(
     return rc;
   }
 
+  if( sqlite3_strnicmp("tokendata", zCmd, nCmd)==0 ){
+    if( (zArg[0]!='0' && zArg[0]!='1') || zArg[1]!='\0' ){
+      *pzErr = sqlite3_mprintf("malformed tokendata=... directive");
+      rc = SQLITE_ERROR;
+    }else{
+      pConfig->bTokendata = (zArg[0]=='1');
+    }
+    return rc;
+  }
+
   *pzErr = sqlite3_mprintf("unrecognized option: \"%.*s\"", nCmd, zCmd);
   return SQLITE_ERROR;
 }
@@ -232662,7 +234742,9 @@ struct Fts5ExprNode {
 struct Fts5ExprTerm {
   u8 bPrefix;                     /* True for a prefix term */
   u8 bFirst;                      /* True if token must be first in column */
-  char *zTerm;                    /* nul-terminated term */
+  char *pTerm;                    /* Term data */
+  int nQueryTerm;                 /* Effective size of term in bytes */
+  int nFullTerm;                  /* Size of term in bytes incl. tokendata */
   Fts5IndexIter *pIter;           /* Iterator for this term */
   Fts5ExprTerm *pSynonym;         /* Pointer to first in list of synonyms */
 };
@@ -233529,7 +235611,7 @@ static int fts5ExprNearInitAll(
             p->pIter = 0;
           }
           rc = sqlite3Fts5IndexQuery(
-              pExpr->pIndex, p->zTerm, (int)strlen(p->zTerm),
+              pExpr->pIndex, p->pTerm, p->nQueryTerm,
               (pTerm->bPrefix ? FTS5INDEX_QUERY_PREFIX : 0) |
               (pExpr->bDesc ? FTS5INDEX_QUERY_DESC : 0),
               pNear->pColset,
@@ -234166,7 +236248,7 @@ static void fts5ExprPhraseFree(Fts5ExprPhrase *pPhrase){
       Fts5ExprTerm *pSyn;
       Fts5ExprTerm *pNext;
       Fts5ExprTerm *pTerm = &pPhrase->aTerm[i];
-      sqlite3_free(pTerm->zTerm);
+      sqlite3_free(pTerm->pTerm);
       sqlite3Fts5IterClose(pTerm->pIter);
       for(pSyn=pTerm->pSynonym; pSyn; pSyn=pNext){
         pNext = pSyn->pSynonym;
@@ -234264,6 +236346,7 @@ static Fts5ExprNearset *sqlite3Fts5ParseNearset(
 typedef struct TokenCtx TokenCtx;
 struct TokenCtx {
   Fts5ExprPhrase *pPhrase;
+  Fts5Config *pConfig;
   int rc;
 };
 
@@ -234297,8 +236380,12 @@ static int fts5ParseTokenize(
       rc = SQLITE_NOMEM;
     }else{
       memset(pSyn, 0, (size_t)nByte);
-      pSyn->zTerm = ((char*)pSyn) + sizeof(Fts5ExprTerm) + sizeof(Fts5Buffer);
-      memcpy(pSyn->zTerm, pToken, nToken);
+      pSyn->pTerm = ((char*)pSyn) + sizeof(Fts5ExprTerm) + sizeof(Fts5Buffer);
+      pSyn->nFullTerm = pSyn->nQueryTerm = nToken;
+      if( pCtx->pConfig->bTokendata ){
+        pSyn->nQueryTerm = (int)strlen(pSyn->pTerm);
+      }
+      memcpy(pSyn->pTerm, pToken, nToken);
       pSyn->pSynonym = pPhrase->aTerm[pPhrase->nTerm-1].pSynonym;
       pPhrase->aTerm[pPhrase->nTerm-1].pSynonym = pSyn;
     }
@@ -234323,7 +236410,11 @@ static int fts5ParseTokenize(
     if( rc==SQLITE_OK ){
       pTerm = &pPhrase->aTerm[pPhrase->nTerm++];
       memset(pTerm, 0, sizeof(Fts5ExprTerm));
-      pTerm->zTerm = sqlite3Fts5Strndup(&rc, pToken, nToken);
+      pTerm->pTerm = sqlite3Fts5Strndup(&rc, pToken, nToken);
+      pTerm->nFullTerm = pTerm->nQueryTerm = nToken;
+      if( pCtx->pConfig->bTokendata && rc==SQLITE_OK ){
+        pTerm->nQueryTerm = (int)strlen(pTerm->pTerm);
+      }
     }
   }
 
@@ -234390,6 +236481,7 @@ static Fts5ExprPhrase *sqlite3Fts5ParseTerm(
 
   memset(&sCtx, 0, sizeof(TokenCtx));
   sCtx.pPhrase = pAppend;
+  sCtx.pConfig = pConfig;
 
   rc = fts5ParseStringFromToken(pToken, &z);
   if( rc==SQLITE_OK ){
@@ -234437,12 +236529,15 @@ static int sqlite3Fts5ExprClonePhrase(
   Fts5Expr **ppNew
 ){
   int rc = SQLITE_OK;             /* Return code */
-  Fts5ExprPhrase *pOrig;          /* The phrase extracted from pExpr */
+  Fts5ExprPhrase *pOrig = 0;      /* The phrase extracted from pExpr */
   Fts5Expr *pNew = 0;             /* Expression to return via *ppNew */
-  TokenCtx sCtx = {0,0};          /* Context object for fts5ParseTokenize */
-
-  pOrig = pExpr->apExprPhrase[iPhrase];
-  pNew = (Fts5Expr*)sqlite3Fts5MallocZero(&rc, sizeof(Fts5Expr));
+  TokenCtx sCtx = {0,0,0};        /* Context object for fts5ParseTokenize */
+  if( iPhrase<0 || iPhrase>=pExpr->nPhrase ){
+    rc = SQLITE_RANGE;
+  }else{
+    pOrig = pExpr->apExprPhrase[iPhrase];
+    pNew = (Fts5Expr*)sqlite3Fts5MallocZero(&rc, sizeof(Fts5Expr));
+  }
   if( rc==SQLITE_OK ){
     pNew->apExprPhrase = (Fts5ExprPhrase**)sqlite3Fts5MallocZero(&rc,
         sizeof(Fts5ExprPhrase*));
@@ -234455,7 +236550,7 @@ static int sqlite3Fts5ExprClonePhrase(
     pNew->pRoot->pNear = (Fts5ExprNearset*)sqlite3Fts5MallocZero(&rc,
         sizeof(Fts5ExprNearset) + sizeof(Fts5ExprPhrase*));
   }
-  if( rc==SQLITE_OK ){
+  if( rc==SQLITE_OK && ALWAYS(pOrig!=0) ){
     Fts5Colset *pColsetOrig = pOrig->pNode->pNear->pColset;
     if( pColsetOrig ){
       sqlite3_int64 nByte;
@@ -234469,26 +236564,27 @@ static int sqlite3Fts5ExprClonePhrase(
     }
   }
 
-  if( pOrig->nTerm ){
-    int i;                          /* Used to iterate through phrase terms */
-    for(i=0; rc==SQLITE_OK && inTerm; i++){
-      int tflags = 0;
-      Fts5ExprTerm *p;
-      for(p=&pOrig->aTerm[i]; p && rc==SQLITE_OK; p=p->pSynonym){
-        const char *zTerm = p->zTerm;
-        rc = fts5ParseTokenize((void*)&sCtx, tflags, zTerm, (int)strlen(zTerm),
-            0, 0);
-        tflags = FTS5_TOKEN_COLOCATED;
-      }
-      if( rc==SQLITE_OK ){
-        sCtx.pPhrase->aTerm[i].bPrefix = pOrig->aTerm[i].bPrefix;
-        sCtx.pPhrase->aTerm[i].bFirst = pOrig->aTerm[i].bFirst;
+  if( rc==SQLITE_OK ){
+    if( pOrig->nTerm ){
+      int i;                          /* Used to iterate through phrase terms */
+      sCtx.pConfig = pExpr->pConfig;
+      for(i=0; rc==SQLITE_OK && inTerm; i++){
+        int tflags = 0;
+        Fts5ExprTerm *p;
+        for(p=&pOrig->aTerm[i]; p && rc==SQLITE_OK; p=p->pSynonym){
+          rc = fts5ParseTokenize((void*)&sCtx,tflags,p->pTerm,p->nFullTerm,0,0);
+          tflags = FTS5_TOKEN_COLOCATED;
+        }
+        if( rc==SQLITE_OK ){
+          sCtx.pPhrase->aTerm[i].bPrefix = pOrig->aTerm[i].bPrefix;
+          sCtx.pPhrase->aTerm[i].bFirst = pOrig->aTerm[i].bFirst;
+        }
       }
+    }else{
+      /* This happens when parsing a token or quoted phrase that contains
+      ** no token characters at all. (e.g ... MATCH '""'). */
+      sCtx.pPhrase = sqlite3Fts5MallocZero(&rc, sizeof(Fts5ExprPhrase));
     }
-  }else{
-    /* This happens when parsing a token or quoted phrase that contains
-    ** no token characters at all. (e.g ... MATCH '""'). */
-    sCtx.pPhrase = sqlite3Fts5MallocZero(&rc, sizeof(Fts5ExprPhrase));
   }
 
   if( rc==SQLITE_OK && ALWAYS(sCtx.pPhrase) ){
@@ -234858,11 +236954,13 @@ static Fts5ExprNode *fts5ParsePhraseToAnd(
         if( parseGrowPhraseArray(pParse) ){
           fts5ExprPhraseFree(pPhrase);
         }else{
+          Fts5ExprTerm *p = &pNear->apPhrase[0]->aTerm[ii];
+          Fts5ExprTerm *pTo = &pPhrase->aTerm[0];
           pParse->apPhrase[pParse->nPhrase++] = pPhrase;
           pPhrase->nTerm = 1;
-          pPhrase->aTerm[0].zTerm = sqlite3Fts5Strndup(
-              &pParse->rc, pNear->apPhrase[0]->aTerm[ii].zTerm, -1
-          );
+          pTo->pTerm = sqlite3Fts5Strndup(&pParse->rc, p->pTerm, p->nFullTerm);
+          pTo->nQueryTerm = p->nQueryTerm;
+          pTo->nFullTerm = p->nFullTerm;
           pRet->apChild[ii] = sqlite3Fts5ParseNode(pParse, FTS5_STRING,
               0, 0, sqlite3Fts5ParseNearset(pParse, 0, pPhrase)
           );
@@ -235047,16 +237145,17 @@ static char *fts5ExprTermPrint(Fts5ExprTerm *pTerm){
 
   /* Determine the maximum amount of space required. */
   for(p=pTerm; p; p=p->pSynonym){
-    nByte += (int)strlen(pTerm->zTerm) * 2 + 3 + 2;
+    nByte += pTerm->nQueryTerm * 2 + 3 + 2;
   }
   zQuoted = sqlite3_malloc64(nByte);
 
   if( zQuoted ){
     int i = 0;
     for(p=pTerm; p; p=p->pSynonym){
-      char *zIn = p->zTerm;
+      char *zIn = p->pTerm;
+      char *zEnd = &zIn[p->nQueryTerm];
       zQuoted[i++] = '"';
-      while( *zIn ){
+      while( zInnTerm; iTerm++){
-        char *zTerm = pPhrase->aTerm[iTerm].zTerm;
-        zRet = fts5PrintfAppend(zRet, "%s%s", iTerm==0?"":" ", zTerm);
+        Fts5ExprTerm *p = &pPhrase->aTerm[iTerm];
+        zRet = fts5PrintfAppend(zRet, "%s%.*s", iTerm==0?"":" ",
+            p->nQueryTerm, p->pTerm
+        );
         if( pPhrase->aTerm[iTerm].bPrefix ){
           zRet = fts5PrintfAppend(zRet, "*");
         }
@@ -235536,6 +237637,17 @@ static int fts5ExprColsetTest(Fts5Colset *pColset, int iCol){
   return 0;
 }
 
+/*
+** pToken is a buffer nToken bytes in size that may or may not contain
+** an embedded 0x00 byte. If it does, return the number of bytes in
+** the buffer before the 0x00. If it does not, return nToken.
+*/
+static int fts5QueryTerm(const char *pToken, int nToken){
+  int ii;
+  for(ii=0; iipExpr;
   int i;
+  int nQuery = nToken;
+  i64 iRowid = pExpr->pRoot->iRowid;
 
   UNUSED_PARAM2(iUnused1, iUnused2);
 
-  if( nToken>FTS5_MAX_TOKEN_SIZE ) nToken = FTS5_MAX_TOKEN_SIZE;
+  if( nQuery>FTS5_MAX_TOKEN_SIZE ) nQuery = FTS5_MAX_TOKEN_SIZE;
+  if( pExpr->pConfig->bTokendata ){
+    nQuery = fts5QueryTerm(pToken, nQuery);
+  }
   if( (tflags & FTS5_TOKEN_COLOCATED)==0 ) p->iOff++;
   for(i=0; inPhrase; i++){
-    Fts5ExprTerm *pTerm;
+    Fts5ExprTerm *pT;
     if( p->aPopulator[i].bOk==0 ) continue;
-    for(pTerm=&pExpr->apExprPhrase[i]->aTerm[0]; pTerm; pTerm=pTerm->pSynonym){
-      int nTerm = (int)strlen(pTerm->zTerm);
-      if( (nTerm==nToken || (nTermbPrefix))
-       && memcmp(pTerm->zTerm, pToken, nTerm)==0
+    for(pT=&pExpr->apExprPhrase[i]->aTerm[0]; pT; pT=pT->pSynonym){
+      if( (pT->nQueryTerm==nQuery || (pT->nQueryTermbPrefix))
+       && memcmp(pT->pTerm, pToken, pT->nQueryTerm)==0
       ){
         int rc = sqlite3Fts5PoslistWriterAppend(
             &pExpr->apExprPhrase[i]->poslist, &p->aPopulator[i].writer, p->iOff
         );
+        if( rc==SQLITE_OK && pExpr->pConfig->bTokendata && !pT->bPrefix ){
+          int iCol = p->iOff>>32;
+          int iTokOff = p->iOff & 0x7FFFFFFF;
+          rc = sqlite3Fts5IndexIterWriteTokendata(
+              pT->pIter, pToken, nToken, iRowid, iCol, iTokOff
+          );
+        }
         if( rc ) return rc;
         break;
       }
@@ -235698,6 +237821,83 @@ static int sqlite3Fts5ExprPhraseCollist(
   return rc;
 }
 
+/*
+** Does the work of the fts5_api.xQueryToken() API method.
+*/
+static int sqlite3Fts5ExprQueryToken(
+  Fts5Expr *pExpr,
+  int iPhrase,
+  int iToken,
+  const char **ppOut,
+  int *pnOut
+){
+  Fts5ExprPhrase *pPhrase = 0;
+
+  if( iPhrase<0 || iPhrase>=pExpr->nPhrase ){
+    return SQLITE_RANGE;
+  }
+  pPhrase = pExpr->apExprPhrase[iPhrase];
+  if( iToken<0 || iToken>=pPhrase->nTerm ){
+    return SQLITE_RANGE;
+  }
+
+  *ppOut = pPhrase->aTerm[iToken].pTerm;
+  *pnOut = pPhrase->aTerm[iToken].nFullTerm;
+  return SQLITE_OK;
+}
+
+/*
+** Does the work of the fts5_api.xInstToken() API method.
+*/
+static int sqlite3Fts5ExprInstToken(
+  Fts5Expr *pExpr,
+  i64 iRowid,
+  int iPhrase,
+  int iCol,
+  int iOff,
+  int iToken,
+  const char **ppOut,
+  int *pnOut
+){
+  Fts5ExprPhrase *pPhrase = 0;
+  Fts5ExprTerm *pTerm = 0;
+  int rc = SQLITE_OK;
+
+  if( iPhrase<0 || iPhrase>=pExpr->nPhrase ){
+    return SQLITE_RANGE;
+  }
+  pPhrase = pExpr->apExprPhrase[iPhrase];
+  if( iToken<0 || iToken>=pPhrase->nTerm ){
+    return SQLITE_RANGE;
+  }
+  pTerm = &pPhrase->aTerm[iToken];
+  if( pTerm->bPrefix==0 ){
+    if( pExpr->pConfig->bTokendata ){
+      rc = sqlite3Fts5IterToken(
+          pTerm->pIter, iRowid, iCol, iOff+iToken, ppOut, pnOut
+      );
+    }else{
+      *ppOut = pTerm->pTerm;
+      *pnOut = pTerm->nFullTerm;
+    }
+  }
+  return rc;
+}
+
+/*
+** Clear the token mappings for all Fts5IndexIter objects mannaged by
+** the expression passed as the only argument.
+*/
+static void sqlite3Fts5ExprClearTokens(Fts5Expr *pExpr){
+  int ii;
+  for(ii=0; iinPhrase; ii++){
+    Fts5ExprTerm *pT;
+    for(pT=&pExpr->apExprPhrase[ii]->aTerm[0]; pT; pT=pT->pSynonym){
+      sqlite3Fts5IndexIterClearTokendata(pT->pIter);
+    }
+  }
+}
+
 /*
 ** 2014 August 11
 **
@@ -235736,10 +237936,15 @@ struct Fts5Hash {
 
 /*
 ** Each entry in the hash table is represented by an object of the
-** following type. Each object, its key (a nul-terminated string) and
-** its current data are stored in a single memory allocation. The
-** key immediately follows the object in memory. The position list
-** data immediately follows the key data in memory.
+** following type. Each object, its key, and its current data are stored
+** in a single memory allocation. The key immediately follows the object
+** in memory. The position list data immediately follows the key data
+** in memory.
+**
+** The key is Fts5HashEntry.nKey bytes in size. It consists of a single
+** byte identifying the index (either the main term index or a prefix-index),
+** followed by the term data. For example: "0token". There is no
+** nul-terminator - in this case nKey=6.
 **
 ** The data that follows the key is in a similar, but not identical format
 ** to the doclist data stored in the database. It is:
@@ -235874,8 +238079,7 @@ static int fts5HashResize(Fts5Hash *pHash){
       unsigned int iHash;
       Fts5HashEntry *p = apOld[i];
       apOld[i] = p->pHashNext;
-      iHash = fts5HashKey(nNew, (u8*)fts5EntryKey(p),
-                          (int)strlen(fts5EntryKey(p)));
+      iHash = fts5HashKey(nNew, (u8*)fts5EntryKey(p), p->nKey);
       p->pHashNext = apNew[iHash];
       apNew[iHash] = p;
     }
@@ -235959,7 +238163,7 @@ static int sqlite3Fts5HashWrite(
   for(p=pHash->aSlot[iHash]; p; p=p->pHashNext){
     char *zKey = fts5EntryKey(p);
     if( zKey[0]==bByte
-     && p->nKey==nToken
+     && p->nKey==nToken+1
      && memcmp(&zKey[1], pToken, nToken)==0
     ){
       break;
@@ -235989,9 +238193,9 @@ static int sqlite3Fts5HashWrite(
     zKey[0] = bByte;
     memcpy(&zKey[1], pToken, nToken);
     assert( iHash==fts5HashKey(pHash->nSlot, (u8*)zKey, nToken+1) );
-    p->nKey = nToken;
+    p->nKey = nToken+1;
     zKey[nToken+1] = '\0';
-    p->nData = nToken+1 + 1 + sizeof(Fts5HashEntry);
+    p->nData = nToken+1 + sizeof(Fts5HashEntry);
     p->pHashNext = pHash->aSlot[iHash];
     pHash->aSlot[iHash] = p;
     pHash->nEntry++;
@@ -236108,12 +238312,17 @@ static Fts5HashEntry *fts5HashEntryMerge(
       *ppOut = p1;
       p1 = 0;
     }else{
-      int i = 0;
       char *zKey1 = fts5EntryKey(p1);
       char *zKey2 = fts5EntryKey(p2);
-      while( zKey1[i]==zKey2[i] ) i++;
+      int nMin = MIN(p1->nKey, p2->nKey);
 
-      if( ((u8)zKey1[i])>((u8)zKey2[i]) ){
+      int cmp = memcmp(zKey1, zKey2, nMin);
+      if( cmp==0 ){
+        cmp = p1->nKey - p2->nKey;
+      }
+      assert( cmp!=0 );
+
+      if( cmp>0 ){
         /* p2 is smaller */
         *ppOut = p2;
         ppOut = &p2->pScanNext;
@@ -236132,10 +238341,8 @@ static Fts5HashEntry *fts5HashEntryMerge(
 }
 
 /*
-** Extract all tokens from hash table iHash and link them into a list
-** in sorted order. The hash table is cleared before returning. It is
-** the responsibility of the caller to free the elements of the returned
-** list.
+** Link all tokens from hash table iHash into a list in sorted order. The
+** tokens are not removed from the hash table.
 */
 static int fts5HashEntrySort(
   Fts5Hash *pHash,
@@ -236157,7 +238364,7 @@ static int fts5HashEntrySort(
     Fts5HashEntry *pIter;
     for(pIter=pHash->aSlot[iSlot]; pIter; pIter=pIter->pHashNext){
       if( pTerm==0
-       || (pIter->nKey+1>=nTerm && 0==memcmp(fts5EntryKey(pIter), pTerm, nTerm))
+       || (pIter->nKey>=nTerm && 0==memcmp(fts5EntryKey(pIter), pTerm, nTerm))
       ){
         Fts5HashEntry *pEntry = pIter;
         pEntry->pScanNext = 0;
@@ -236196,12 +238403,11 @@ static int sqlite3Fts5HashQuery(
 
   for(p=pHash->aSlot[iHash]; p; p=p->pHashNext){
     zKey = fts5EntryKey(p);
-    assert( p->nKey+1==(int)strlen(zKey) );
-    if( nTerm==p->nKey+1 && memcmp(zKey, pTerm, nTerm)==0 ) break;
+    if( nTerm==p->nKey && memcmp(zKey, pTerm, nTerm)==0 ) break;
   }
 
   if( p ){
-    int nHashPre = sizeof(Fts5HashEntry) + nTerm + 1;
+    int nHashPre = sizeof(Fts5HashEntry) + nTerm;
     int nList = p->nData - nHashPre;
     u8 *pRet = (u8*)(*ppOut = sqlite3_malloc64(nPre + nList + 10));
     if( pRet ){
@@ -236262,19 +238468,22 @@ static int sqlite3Fts5HashScanEof(Fts5Hash *p){
 static void sqlite3Fts5HashScanEntry(
   Fts5Hash *pHash,
   const char **pzTerm,            /* OUT: term (nul-terminated) */
+  int *pnTerm,                    /* OUT: Size of term in bytes */
   const u8 **ppDoclist,           /* OUT: pointer to doclist */
   int *pnDoclist                  /* OUT: size of doclist in bytes */
 ){
   Fts5HashEntry *p;
   if( (p = pHash->pScan) ){
     char *zKey = fts5EntryKey(p);
-    int nTerm = (int)strlen(zKey);
+    int nTerm = p->nKey;
     fts5HashAddPoslistSize(pHash, p, 0);
     *pzTerm = zKey;
-    *ppDoclist = (const u8*)&zKey[nTerm+1];
-    *pnDoclist = p->nData - (sizeof(Fts5HashEntry) + nTerm + 1);
+    *pnTerm = nTerm;
+    *ppDoclist = (const u8*)&zKey[nTerm];
+    *pnDoclist = p->nData - (sizeof(Fts5HashEntry) + nTerm);
   }else{
     *pzTerm = 0;
+    *pnTerm = 0;
     *ppDoclist = 0;
     *pnDoclist = 0;
   }
@@ -236605,6 +238814,9 @@ typedef struct Fts5SegWriter Fts5SegWriter;
 typedef struct Fts5Structure Fts5Structure;
 typedef struct Fts5StructureLevel Fts5StructureLevel;
 typedef struct Fts5StructureSegment Fts5StructureSegment;
+typedef struct Fts5TokenDataIter Fts5TokenDataIter;
+typedef struct Fts5TokenDataMap Fts5TokenDataMap;
+typedef struct Fts5TombstoneArray Fts5TombstoneArray;
 
 struct Fts5Data {
   u8 *p;                          /* Pointer to buffer containing record */
@@ -236639,6 +238851,7 @@ struct Fts5Index {
 
   /* Error state. */
   int rc;                         /* Current error code */
+  int flushRc;
 
   /* State used by the fts5DataXXX() functions. */
   sqlite3_blob *pReader;          /* RO incr-blob open on %_data table */
@@ -236647,6 +238860,7 @@ struct Fts5Index {
   sqlite3_stmt *pIdxWriter;       /* "INSERT ... %_idx VALUES(?,?,?,?)" */
   sqlite3_stmt *pIdxDeleter;      /* "DELETE FROM %_idx WHERE segid=?" */
   sqlite3_stmt *pIdxSelect;
+  sqlite3_stmt *pIdxNextSelect;
   int nRead;                      /* Total number of blocks read */
 
   sqlite3_stmt *pDeleteFromIdx;
@@ -236800,8 +239014,7 @@ struct Fts5SegIter {
   Fts5Data *pLeaf;                /* Current leaf data */
   Fts5Data *pNextLeaf;            /* Leaf page (iLeafPgno+1) */
   i64 iLeafOffset;                /* Byte offset within current leaf */
-  Fts5Data **apTombstone;         /* Array of tombstone pages */
-  int nTombstone;
+  Fts5TombstoneArray *pTombArray; /* Array of tombstone pages */
 
   /* Next method */
   void (*xNext)(Fts5Index*, Fts5SegIter*, int*);
@@ -236828,6 +239041,15 @@ struct Fts5SegIter {
   u8 bDel;                        /* True if the delete flag is set */
 };
 
+/*
+** Array of tombstone pages. Reference counted.
+*/
+struct Fts5TombstoneArray {
+  int nRef;                       /* Number of pointers to this object */
+  int nTombstone;
+  Fts5Data *apTombstone[1];       /* Array of tombstone pages */
+};
+
 /*
 ** Argument is a pointer to an Fts5Data structure that contains a
 ** leaf page.
@@ -236872,9 +239094,16 @@ struct Fts5SegIter {
 ** poslist:
 **   Used by sqlite3Fts5IterPoslist() when the poslist needs to be buffered.
 **   There is no way to tell if this is populated or not.
+**
+** pColset:
+**   If not NULL, points to an object containing a set of column indices.
+**   Only matches that occur in one of these columns will be returned.
+**   The Fts5Iter does not own the Fts5Colset object, and so it is not
+**   freed when the iterator is closed - it is owned by the upper layer.
 */
 struct Fts5Iter {
   Fts5IndexIter base;             /* Base class containing output vars */
+  Fts5TokenDataIter *pTokenDataIter;
 
   Fts5Index *pIndex;              /* Index that owns this iterator */
   Fts5Buffer poslist;             /* Buffer containing current poslist */
@@ -236892,7 +239121,6 @@ struct Fts5Iter {
   Fts5SegIter aSeg[1];            /* Array of segment iterators */
 };
 
-
 /*
 ** An instance of the following type is used to iterate through the contents
 ** of a doclist-index record.
@@ -237810,9 +240038,9 @@ static int fts5DlidxLvlNext(Fts5DlidxLvl *pLvl){
     }
 
     if( iOffnn ){
-      i64 iVal;
+      u64 iVal;
       pLvl->iLeafPgno += (iOff - pLvl->iOff) + 1;
-      iOff += fts5GetVarint(&pData->p[iOff], (u64*)&iVal);
+      iOff += fts5GetVarint(&pData->p[iOff], &iVal);
       pLvl->iRowid += iVal;
       pLvl->iOff = iOff;
     }else{
@@ -238191,18 +240419,20 @@ static void fts5SegIterSetNext(Fts5Index *p, Fts5SegIter *pIter){
 }
 
 /*
-** Allocate a tombstone hash page array (pIter->apTombstone) for the
-** iterator passed as the second argument. If an OOM error occurs, leave
-** an error in the Fts5Index object.
+** Allocate a tombstone hash page array object (pIter->pTombArray) for
+** the iterator passed as the second argument. If an OOM error occurs,
+** leave an error in the Fts5Index object.
 */
 static void fts5SegIterAllocTombstone(Fts5Index *p, Fts5SegIter *pIter){
   const int nTomb = pIter->pSeg->nPgTombstone;
   if( nTomb>0 ){
-    Fts5Data **apTomb = 0;
-    apTomb = (Fts5Data**)sqlite3Fts5MallocZero(&p->rc, sizeof(Fts5Data)*nTomb);
-    if( apTomb ){
-      pIter->apTombstone = apTomb;
-      pIter->nTombstone = nTomb;
+    int nByte = nTomb * sizeof(Fts5Data*) + sizeof(Fts5TombstoneArray);
+    Fts5TombstoneArray *pNew;
+    pNew = (Fts5TombstoneArray*)sqlite3Fts5MallocZero(&p->rc, nByte);
+    if( pNew ){
+      pNew->nTombstone = nTomb;
+      pNew->nRef = 1;
+      pIter->pTombArray = pNew;
     }
   }
 }
@@ -238459,15 +240689,16 @@ static void fts5SegIterNext_None(
     }else{
       const u8 *pList = 0;
       const char *zTerm = 0;
+      int nTerm = 0;
       int nList;
       sqlite3Fts5HashScanNext(p->pHash);
-      sqlite3Fts5HashScanEntry(p->pHash, &zTerm, &pList, &nList);
+      sqlite3Fts5HashScanEntry(p->pHash, &zTerm, &nTerm, &pList, &nList);
       if( pList==0 ) goto next_none_eof;
       pIter->pLeaf->p = (u8*)pList;
       pIter->pLeaf->nn = nList;
       pIter->pLeaf->szLeaf = nList;
       pIter->iEndofDoclist = nList;
-      sqlite3Fts5BufferSet(&p->rc,&pIter->term, (int)strlen(zTerm), (u8*)zTerm);
+      sqlite3Fts5BufferSet(&p->rc,&pIter->term, nTerm, (u8*)zTerm);
       pIter->iLeafOffset = fts5GetVarint(pList, (u64*)&pIter->iRowid);
     }
 
@@ -238533,11 +240764,12 @@ static void fts5SegIterNext(
   }else if( pIter->pSeg==0 ){
     const u8 *pList = 0;
     const char *zTerm = 0;
+    int nTerm = 0;
     int nList = 0;
     assert( (pIter->flags & FTS5_SEGITER_ONETERM) || pbNewTerm );
     if( 0==(pIter->flags & FTS5_SEGITER_ONETERM) ){
       sqlite3Fts5HashScanNext(p->pHash);
-      sqlite3Fts5HashScanEntry(p->pHash, &zTerm, &pList, &nList);
+      sqlite3Fts5HashScanEntry(p->pHash, &zTerm, &nTerm, &pList, &nList);
     }
     if( pList==0 ){
       fts5DataRelease(pIter->pLeaf);
@@ -238547,8 +240779,7 @@ static void fts5SegIterNext(
       pIter->pLeaf->nn = nList;
       pIter->pLeaf->szLeaf = nList;
       pIter->iEndofDoclist = nList+1;
-      sqlite3Fts5BufferSet(&p->rc, &pIter->term, (int)strlen(zTerm),
-          (u8*)zTerm);
+      sqlite3Fts5BufferSet(&p->rc, &pIter->term, nTerm, (u8*)zTerm);
       pIter->iLeafOffset = fts5GetVarint(pList, (u64*)&pIter->iRowid);
       *pbNewTerm = 1;
     }
@@ -238934,7 +241165,7 @@ static void fts5SegIterSeekInit(
     fts5LeafSeek(p, bGe, pIter, pTerm, nTerm);
   }
 
-  if( p->rc==SQLITE_OK && bGe==0 ){
+  if( p->rc==SQLITE_OK && (bGe==0 || (flags & FTS5INDEX_QUERY_SCANONETERM)) ){
     pIter->flags |= FTS5_SEGITER_ONETERM;
     if( pIter->pLeaf ){
       if( flags & FTS5INDEX_QUERY_DESC ){
@@ -238950,7 +241181,9 @@ static void fts5SegIterSeekInit(
   }
 
   fts5SegIterSetNext(p, pIter);
-  fts5SegIterAllocTombstone(p, pIter);
+  if( 0==(flags & FTS5INDEX_QUERY_SCANONETERM) ){
+    fts5SegIterAllocTombstone(p, pIter);
+  }
 
   /* Either:
   **
@@ -238967,6 +241200,79 @@ static void fts5SegIterSeekInit(
   );
 }
 
+
+/*
+** SQL used by fts5SegIterNextInit() to find the page to open.
+*/
+static sqlite3_stmt *fts5IdxNextStmt(Fts5Index *p){
+  if( p->pIdxNextSelect==0 ){
+    Fts5Config *pConfig = p->pConfig;
+    fts5IndexPrepareStmt(p, &p->pIdxNextSelect, sqlite3_mprintf(
+          "SELECT pgno FROM '%q'.'%q_idx' WHERE "
+          "segid=? AND term>? ORDER BY term ASC LIMIT 1",
+          pConfig->zDb, pConfig->zName
+    ));
+
+  }
+  return p->pIdxNextSelect;
+}
+
+/*
+** This is similar to fts5SegIterSeekInit(), except that it initializes
+** the segment iterator to point to the first term following the page
+** with pToken/nToken on it.
+*/
+static void fts5SegIterNextInit(
+  Fts5Index *p,
+  const char *pTerm, int nTerm,
+  Fts5StructureSegment *pSeg,     /* Description of segment */
+  Fts5SegIter *pIter              /* Object to populate */
+){
+  int iPg = -1;                   /* Page of segment to open */
+  int bDlidx = 0;
+  sqlite3_stmt *pSel = 0;         /* SELECT to find iPg */
+
+  pSel = fts5IdxNextStmt(p);
+  if( pSel ){
+    assert( p->rc==SQLITE_OK );
+    sqlite3_bind_int(pSel, 1, pSeg->iSegid);
+    sqlite3_bind_blob(pSel, 2, pTerm, nTerm, SQLITE_STATIC);
+
+    if( sqlite3_step(pSel)==SQLITE_ROW ){
+      i64 val = sqlite3_column_int64(pSel, 0);
+      iPg = (int)(val>>1);
+      bDlidx = (val & 0x0001);
+    }
+    p->rc = sqlite3_reset(pSel);
+    sqlite3_bind_null(pSel, 2);
+    if( p->rc ) return;
+  }
+
+  memset(pIter, 0, sizeof(*pIter));
+  pIter->pSeg = pSeg;
+  pIter->flags |= FTS5_SEGITER_ONETERM;
+  if( iPg>=0 ){
+    pIter->iLeafPgno = iPg - 1;
+    fts5SegIterNextPage(p, pIter);
+    fts5SegIterSetNext(p, pIter);
+  }
+  if( pIter->pLeaf ){
+    const u8 *a = pIter->pLeaf->p;
+    int iTermOff = 0;
+
+    pIter->iPgidxOff = pIter->pLeaf->szLeaf;
+    pIter->iPgidxOff += fts5GetVarint32(&a[pIter->iPgidxOff], iTermOff);
+    pIter->iLeafOffset = iTermOff;
+    fts5SegIterLoadTerm(p, pIter, 0);
+    fts5SegIterLoadNPos(p, pIter);
+    if( bDlidx ) fts5SegIterLoadDlidx(p, pIter);
+
+    assert( p->rc!=SQLITE_OK ||
+        fts5BufferCompareBlob(&pIter->term, (const u8*)pTerm, nTerm)>0
+    );
+  }
+}
+
 /*
 ** Initialize the object pIter to point to term pTerm/nTerm within the
 ** in-memory hash table. If there is no such term in the hash-table, the
@@ -238993,14 +241299,21 @@ static void fts5SegIterHashInit(
     const u8 *pList = 0;
 
     p->rc = sqlite3Fts5HashScanInit(p->pHash, (const char*)pTerm, nTerm);
-    sqlite3Fts5HashScanEntry(p->pHash, (const char**)&z, &pList, &nList);
-    n = (z ? (int)strlen((const char*)z) : 0);
+    sqlite3Fts5HashScanEntry(p->pHash, (const char**)&z, &n, &pList, &nList);
     if( pList ){
       pLeaf = fts5IdxMalloc(p, sizeof(Fts5Data));
       if( pLeaf ){
         pLeaf->p = (u8*)pList;
       }
     }
+
+    /* The call to sqlite3Fts5HashScanInit() causes the hash table to
+    ** fill the size field of all existing position lists. This means they
+    ** can no longer be appended to. Since the only scenario in which they
+    ** can be appended to is if the previous operation on this table was
+    ** a DELETE, by clearing the Fts5Index.bDelete flag we can avoid this
+    ** possibility altogether.  */
+    p->bDelete = 0;
   }else{
     p->rc = sqlite3Fts5HashQuery(p->pHash, sizeof(Fts5Data),
         (const char*)pTerm, nTerm, (void**)&pLeaf, &nList
@@ -239045,6 +241358,23 @@ static void fts5IndexFreeArray(Fts5Data **ap, int n){
   }
 }
 
+/*
+** Decrement the ref-count of the object passed as the only argument. If it
+** reaches 0, free it and its contents.
+*/
+static void fts5TombstoneArrayDelete(Fts5TombstoneArray *p){
+  if( p ){
+    p->nRef--;
+    if( p->nRef<=0 ){
+      int ii;
+      for(ii=0; iinTombstone; ii++){
+        fts5DataRelease(p->apTombstone[ii]);
+      }
+      sqlite3_free(p);
+    }
+  }
+}
+
 /*
 ** Zero the iterator passed as the only argument.
 */
@@ -239052,7 +241382,7 @@ static void fts5SegIterClear(Fts5SegIter *pIter){
   fts5BufferFree(&pIter->term);
   fts5DataRelease(pIter->pLeaf);
   fts5DataRelease(pIter->pNextLeaf);
-  fts5IndexFreeArray(pIter->apTombstone, pIter->nTombstone);
+  fts5TombstoneArrayDelete(pIter->pTombArray);
   fts5DlidxIterFree(pIter->pDlidx);
   sqlite3_free(pIter->aRowidOffset);
   memset(pIter, 0, sizeof(Fts5SegIter));
@@ -239297,7 +241627,6 @@ static void fts5SegIterNextFrom(
   }while( p->rc==SQLITE_OK );
 }
 
-
 /*
 ** Free the iterator object passed as the second argument.
 */
@@ -239442,24 +241771,25 @@ static int fts5IndexTombstoneQuery(
 static int fts5MultiIterIsDeleted(Fts5Iter *pIter){
   int iFirst = pIter->aFirst[1].iFirst;
   Fts5SegIter *pSeg = &pIter->aSeg[iFirst];
+  Fts5TombstoneArray *pArray = pSeg->pTombArray;
 
-  if( pSeg->pLeaf && pSeg->nTombstone ){
+  if( pSeg->pLeaf && pArray ){
     /* Figure out which page the rowid might be present on. */
-    int iPg = ((u64)pSeg->iRowid) % pSeg->nTombstone;
+    int iPg = ((u64)pSeg->iRowid) % pArray->nTombstone;
     assert( iPg>=0 );
 
     /* If tombstone hash page iPg has not yet been loaded from the
     ** database, load it now. */
-    if( pSeg->apTombstone[iPg]==0 ){
-      pSeg->apTombstone[iPg] = fts5DataRead(pIter->pIndex,
+    if( pArray->apTombstone[iPg]==0 ){
+      pArray->apTombstone[iPg] = fts5DataRead(pIter->pIndex,
           FTS5_TOMBSTONE_ROWID(pSeg->pSeg->iSegid, iPg)
       );
-      if( pSeg->apTombstone[iPg]==0 ) return 0;
+      if( pArray->apTombstone[iPg]==0 ) return 0;
     }
 
     return fts5IndexTombstoneQuery(
-        pSeg->apTombstone[iPg],
-        pSeg->nTombstone,
+        pArray->apTombstone[iPg],
+        pArray->nTombstone,
         pSeg->iRowid
     );
   }
@@ -239998,6 +242328,32 @@ static void fts5IterSetOutputCb(int *pRc, Fts5Iter *pIter){
   }
 }
 
+/*
+** All the component segment-iterators of pIter have been set up. This
+** functions finishes setup for iterator pIter itself.
+*/
+static void fts5MultiIterFinishSetup(Fts5Index *p, Fts5Iter *pIter){
+  int iIter;
+  for(iIter=pIter->nSeg-1; iIter>0; iIter--){
+    int iEq;
+    if( (iEq = fts5MultiIterDoCompare(pIter, iIter)) ){
+      Fts5SegIter *pSeg = &pIter->aSeg[iEq];
+      if( p->rc==SQLITE_OK ) pSeg->xNext(p, pSeg, 0);
+      fts5MultiIterAdvanced(p, pIter, iEq, iIter);
+    }
+  }
+  fts5MultiIterSetEof(pIter);
+  fts5AssertMultiIterSetup(p, pIter);
+
+  if( (pIter->bSkipEmpty && fts5MultiIterIsEmpty(p, pIter))
+   || fts5MultiIterIsDeleted(pIter)
+  ){
+    fts5MultiIterNext(p, pIter, 0, 0);
+  }else if( pIter->base.bEof==0 ){
+    Fts5SegIter *pSeg = &pIter->aSeg[pIter->aFirst[1].iFirst];
+    pIter->xSetOutputs(pIter, pSeg);
+  }
+}
 
 /*
 ** Allocate a new Fts5Iter object.
@@ -240079,31 +242435,12 @@ static void fts5MultiIterNew(
     assert( iIter==nSeg );
   }
 
-  /* If the above was successful, each component iterators now points
+  /* If the above was successful, each component iterator now points
   ** to the first entry in its segment. In this case initialize the
   ** aFirst[] array. Or, if an error has occurred, free the iterator
   ** object and set the output variable to NULL.  */
   if( p->rc==SQLITE_OK ){
-    for(iIter=pNew->nSeg-1; iIter>0; iIter--){
-      int iEq;
-      if( (iEq = fts5MultiIterDoCompare(pNew, iIter)) ){
-        Fts5SegIter *pSeg = &pNew->aSeg[iEq];
-        if( p->rc==SQLITE_OK ) pSeg->xNext(p, pSeg, 0);
-        fts5MultiIterAdvanced(p, pNew, iEq, iIter);
-      }
-    }
-    fts5MultiIterSetEof(pNew);
-    fts5AssertMultiIterSetup(p, pNew);
-
-    if( (pNew->bSkipEmpty && fts5MultiIterIsEmpty(p, pNew))
-     || fts5MultiIterIsDeleted(pNew)
-    ){
-      fts5MultiIterNext(p, pNew, 0, 0);
-    }else if( pNew->base.bEof==0 ){
-      Fts5SegIter *pSeg = &pNew->aSeg[pNew->aFirst[1].iFirst];
-      pNew->xSetOutputs(pNew, pSeg);
-    }
-
+    fts5MultiIterFinishSetup(p, pNew);
   }else{
     fts5MultiIterFree(pNew);
     *ppOut = 0;
@@ -240128,7 +242465,6 @@ static void fts5MultiIterNew2(
   pNew = fts5MultiIterAlloc(p, 2);
   if( pNew ){
     Fts5SegIter *pIter = &pNew->aSeg[1];
-
     pIter->flags = FTS5_SEGITER_ONETERM;
     if( pData->szLeaf>0 ){
       pIter->pLeaf = pData;
@@ -240276,6 +242612,7 @@ static void fts5IndexDiscardData(Fts5Index *p){
     sqlite3Fts5HashClear(p->pHash);
     p->nPendingData = 0;
     p->nPendingRow = 0;
+    p->flushRc = SQLITE_OK;
   }
   p->nContentlessDelete = 0;
 }
@@ -240491,7 +242828,7 @@ static void fts5WriteDlidxAppend(
     }
 
     if( pDlidx->bPrevValid ){
-      iVal = iRowid - pDlidx->iPrev;
+      iVal = (u64)iRowid - (u64)pDlidx->iPrev;
     }else{
       i64 iPgno = (i==0 ? pWriter->writer.pgno : pDlidx[-1].pgno);
       assert( pDlidx->buf.n==0 );
@@ -240678,7 +243015,7 @@ static void fts5WriteAppendPoslistData(
   const u8 *a = aData;
   int n = nData;
 
-  assert( p->pConfig->pgsz>0 );
+  assert( p->pConfig->pgsz>0 || p->rc!=SQLITE_OK );
   while( p->rc==SQLITE_OK
      && (pPage->buf.n + pPage->pgidx.n + n)>=p->pConfig->pgsz
   ){
@@ -241411,18 +243748,24 @@ static void fts5DoSecureDelete(
 
   iOff = iStart;
 
-  /* Set variable bLastInDoclist to true if this entry happens to be
-  ** the last rowid in the doclist for its term.  */
+  /* If the position-list for the entry being removed flows over past
+  ** the end of this page, delete the portion of the position-list on the
+  ** next page and beyond.
+  **
+  ** Set variable bLastInDoclist to true if this entry happens
+  ** to be the last rowid in the doclist for its term.  */
+  if( iNextOff>=iPgIdx ){
+    int pgno = pSeg->iLeafPgno+1;
+    fts5SecureDeleteOverflow(p, pSeg->pSeg, pgno, &bLastInDoclist);
+    iNextOff = iPgIdx;
+  }
+
   if( pSeg->bDel==0 ){
-    if( iNextOff>=iPgIdx ){
-      int pgno = pSeg->iLeafPgno+1;
-      fts5SecureDeleteOverflow(p, pSeg->pSeg, pgno, &bLastInDoclist);
-      iNextOff = iPgIdx;
-    }else{
+    if( iNextOff!=iPgIdx ){
       /* Loop through the page-footer. If iNextOff (offset of the
       ** entry following the one we are removing) is equal to the
       ** offset of a key on this page, then the entry is the last
-      ** in its doclist.  */
+      ** in its doclist. */
       int iKeyOff = 0;
       for(iIdx=0; iIdxrc!=SQLITE_OK ) break;
@@ -241716,7 +244058,7 @@ static void fts5FlushOneHash(Fts5Index *p){
             if( bSecureDelete ){
               if( eDetail==FTS5_DETAIL_NONE ){
                 if( iOffrc!=SQLITE_OK || pDoclist[iOff]==0x01 ){
                   iOff++;
                   continue;
@@ -241852,6 +244194,10 @@ static void fts5FlushOneHash(Fts5Index *p){
 */
 static void fts5IndexFlush(Fts5Index *p){
   /* Unless it is empty, flush the hash table to disk */
+  if( p->flushRc ){
+    p->rc = p->flushRc;
+    return;
+  }
   if( p->nPendingData || p->nContentlessDelete ){
     assert( p->pHash );
     fts5FlushOneHash(p);
@@ -241860,6 +244206,8 @@ static void fts5IndexFlush(Fts5Index *p){
       p->nPendingData = 0;
       p->nPendingRow = 0;
       p->nContentlessDelete = 0;
+    }else if( p->nPendingData || p->nContentlessDelete ){
+      p->flushRc = p->rc;
     }
   }
 }
@@ -241938,8 +244286,9 @@ static int sqlite3Fts5IndexOptimize(Fts5Index *p){
 
   assert( p->rc==SQLITE_OK );
   fts5IndexFlush(p);
-  assert( p->nContentlessDelete==0 );
+  assert( p->rc!=SQLITE_OK || p->nContentlessDelete==0 );
   pStruct = fts5StructureRead(p);
+  assert( p->rc!=SQLITE_OK || pStruct!=0 );
   fts5StructureInvalidate(p);
 
   if( pStruct ){
@@ -242345,7 +244694,7 @@ static void fts5SetupPrefixIter(
   u8 *pToken,                     /* Buffer containing prefix to match */
   int nToken,                     /* Size of buffer pToken in bytes */
   Fts5Colset *pColset,            /* Restrict matches to these columns */
-  Fts5Iter **ppIter          /* OUT: New iterator */
+  Fts5Iter **ppIter               /* OUT: New iterator */
 ){
   Fts5Structure *pStruct;
   Fts5Buffer *aBuf;
@@ -242366,8 +244715,9 @@ static void fts5SetupPrefixIter(
 
   aBuf = (Fts5Buffer*)fts5IdxMalloc(p, sizeof(Fts5Buffer)*nBuf);
   pStruct = fts5StructureRead(p);
+  assert( p->rc!=SQLITE_OK || (aBuf && pStruct) );
 
-  if( aBuf && pStruct ){
+  if( p->rc==SQLITE_OK ){
     const int flags = FTS5INDEX_QUERY_SCAN
                     | FTS5INDEX_QUERY_SKIPEMPTY
                     | FTS5INDEX_QUERY_NOOUTPUT;
@@ -242379,6 +244729,12 @@ static void fts5SetupPrefixIter(
     int bNewTerm = 1;
 
     memset(&doclist, 0, sizeof(doclist));
+
+    /* If iIdx is non-zero, then it is the number of a prefix-index for
+    ** prefixes 1 character longer than the prefix being queried for. That
+    ** index contains all the doclists required, except for the one
+    ** corresponding to the prefix itself. That one is extracted from the
+    ** main term index here.  */
     if( iIdx!=0 ){
       int dummy = 0;
       const int f2 = FTS5INDEX_QUERY_SKIPEMPTY|FTS5INDEX_QUERY_NOOUTPUT;
@@ -242402,6 +244758,7 @@ static void fts5SetupPrefixIter(
     pToken[0] = FTS5_MAIN_PREFIX + iIdx;
     fts5MultiIterNew(p, pStruct, flags, pColset, pToken, nToken, -1, 0, &p1);
     fts5IterSetOutputCb(&p->rc, p1);
+
     for( /* no-op */ ;
         fts5MultiIterEof(p, p1)==0;
         fts5MultiIterNext2(p, p1, &bNewTerm)
@@ -242417,7 +244774,6 @@ static void fts5SetupPrefixIter(
       }
 
       if( p1->base.nData==0 ) continue;
-
       if( p1->base.iRowid<=iLastRowid && doclist.n>0 ){
         for(i=0; p->rc==SQLITE_OK && doclist.n; i++){
           int i1 = i*nMerge;
@@ -242456,7 +244812,7 @@ static void fts5SetupPrefixIter(
     }
     fts5MultiIterFree(p1);
 
-    pData = fts5IdxMalloc(p, sizeof(Fts5Data)+doclist.n+FTS5_DATA_ZERO_PADDING);
+    pData = fts5IdxMalloc(p, sizeof(*pData)+doclist.n+FTS5_DATA_ZERO_PADDING);
     if( pData ){
       pData->p = (u8*)&pData[1];
       pData->nn = pData->szLeaf = doclist.n;
@@ -242599,6 +244955,7 @@ static int sqlite3Fts5IndexClose(Fts5Index *p){
     sqlite3_finalize(p->pIdxWriter);
     sqlite3_finalize(p->pIdxDeleter);
     sqlite3_finalize(p->pIdxSelect);
+    sqlite3_finalize(p->pIdxNextSelect);
     sqlite3_finalize(p->pDataVersion);
     sqlite3_finalize(p->pDeleteFromIdx);
     sqlite3Fts5HashFree(p->pHash);
@@ -242694,6 +245051,454 @@ static int sqlite3Fts5IndexWrite(
   return rc;
 }
 
+/*
+** pToken points to a buffer of size nToken bytes containing a search
+** term, including the index number at the start, used on a tokendata=1
+** table. This function returns true if the term in buffer pBuf matches
+** token pToken/nToken.
+*/
+static int fts5IsTokendataPrefix(
+  Fts5Buffer *pBuf,
+  const u8 *pToken,
+  int nToken
+){
+  return (
+      pBuf->n>=nToken
+   && 0==memcmp(pBuf->p, pToken, nToken)
+   && (pBuf->n==nToken || pBuf->p[nToken]==0x00)
+  );
+}
+
+/*
+** Ensure the segment-iterator passed as the only argument points to EOF.
+*/
+static void fts5SegIterSetEOF(Fts5SegIter *pSeg){
+  fts5DataRelease(pSeg->pLeaf);
+  pSeg->pLeaf = 0;
+}
+
+/*
+** Usually, a tokendata=1 iterator (struct Fts5TokenDataIter) accumulates an
+** array of these for each row it visits. Or, for an iterator used by an
+** "ORDER BY rank" query, it accumulates an array of these for the entire
+** query.
+**
+** Each instance in the array indicates the iterator (and therefore term)
+** associated with position iPos of rowid iRowid. This is used by the
+** xInstToken() API.
+*/
+struct Fts5TokenDataMap {
+  i64 iRowid;                     /* Row this token is located in */
+  i64 iPos;                       /* Position of token */
+  int iIter;                      /* Iterator token was read from */
+};
+
+/*
+** An object used to supplement Fts5Iter for tokendata=1 iterators.
+*/
+struct Fts5TokenDataIter {
+  int nIter;
+  int nIterAlloc;
+
+  int nMap;
+  int nMapAlloc;
+  Fts5TokenDataMap *aMap;
+
+  Fts5PoslistReader *aPoslistReader;
+  int *aPoslistToIter;
+  Fts5Iter *apIter[1];
+};
+
+/*
+** This function appends iterator pAppend to Fts5TokenDataIter pIn and
+** returns the result.
+*/
+static Fts5TokenDataIter *fts5AppendTokendataIter(
+  Fts5Index *p,                   /* Index object (for error code) */
+  Fts5TokenDataIter *pIn,         /* Current Fts5TokenDataIter struct */
+  Fts5Iter *pAppend               /* Append this iterator */
+){
+  Fts5TokenDataIter *pRet = pIn;
+
+  if( p->rc==SQLITE_OK ){
+    if( pIn==0 || pIn->nIter==pIn->nIterAlloc ){
+      int nAlloc = pIn ? pIn->nIterAlloc*2 : 16;
+      int nByte = nAlloc * sizeof(Fts5Iter*) + sizeof(Fts5TokenDataIter);
+      Fts5TokenDataIter *pNew = (Fts5TokenDataIter*)sqlite3_realloc(pIn, nByte);
+
+      if( pNew==0 ){
+        p->rc = SQLITE_NOMEM;
+      }else{
+        if( pIn==0 ) memset(pNew, 0, nByte);
+        pRet = pNew;
+        pNew->nIterAlloc = nAlloc;
+      }
+    }
+  }
+  if( p->rc ){
+    sqlite3Fts5IterClose((Fts5IndexIter*)pAppend);
+  }else{
+    pRet->apIter[pRet->nIter++] = pAppend;
+  }
+  assert( pRet==0 || pRet->nIter<=pRet->nIterAlloc );
+
+  return pRet;
+}
+
+/*
+** Delete an Fts5TokenDataIter structure and its contents.
+*/
+static void fts5TokendataIterDelete(Fts5TokenDataIter *pSet){
+  if( pSet ){
+    int ii;
+    for(ii=0; iinIter; ii++){
+      fts5MultiIterFree(pSet->apIter[ii]);
+    }
+    sqlite3_free(pSet->aPoslistReader);
+    sqlite3_free(pSet->aMap);
+    sqlite3_free(pSet);
+  }
+}
+
+/*
+** Append a mapping to the token-map belonging to object pT.
+*/
+static void fts5TokendataIterAppendMap(
+  Fts5Index *p,
+  Fts5TokenDataIter *pT,
+  int iIter,
+  i64 iRowid,
+  i64 iPos
+){
+  if( p->rc==SQLITE_OK ){
+    if( pT->nMap==pT->nMapAlloc ){
+      int nNew = pT->nMapAlloc ? pT->nMapAlloc*2 : 64;
+      int nByte = nNew * sizeof(Fts5TokenDataMap);
+      Fts5TokenDataMap *aNew;
+
+      aNew = (Fts5TokenDataMap*)sqlite3_realloc(pT->aMap, nByte);
+      if( aNew==0 ){
+        p->rc = SQLITE_NOMEM;
+        return;
+      }
+
+      pT->aMap = aNew;
+      pT->nMapAlloc = nNew;
+    }
+
+    pT->aMap[pT->nMap].iRowid = iRowid;
+    pT->aMap[pT->nMap].iPos = iPos;
+    pT->aMap[pT->nMap].iIter = iIter;
+    pT->nMap++;
+  }
+}
+
+/*
+** The iterator passed as the only argument must be a tokendata=1 iterator
+** (pIter->pTokenDataIter!=0). This function sets the iterator output
+** variables (pIter->base.*) according to the contents of the current
+** row.
+*/
+static void fts5IterSetOutputsTokendata(Fts5Iter *pIter){
+  int ii;
+  int nHit = 0;
+  i64 iRowid = SMALLEST_INT64;
+  int iMin = 0;
+
+  Fts5TokenDataIter *pT = pIter->pTokenDataIter;
+
+  pIter->base.nData = 0;
+  pIter->base.pData = 0;
+
+  for(ii=0; iinIter; ii++){
+    Fts5Iter *p = pT->apIter[ii];
+    if( p->base.bEof==0 ){
+      if( nHit==0 || p->base.iRowidbase.iRowid;
+        nHit = 1;
+        pIter->base.pData = p->base.pData;
+        pIter->base.nData = p->base.nData;
+        iMin = ii;
+      }else if( p->base.iRowid==iRowid ){
+        nHit++;
+      }
+    }
+  }
+
+  if( nHit==0 ){
+    pIter->base.bEof = 1;
+  }else{
+    int eDetail = pIter->pIndex->pConfig->eDetail;
+    pIter->base.bEof = 0;
+    pIter->base.iRowid = iRowid;
+
+    if( nHit==1 && eDetail==FTS5_DETAIL_FULL ){
+      fts5TokendataIterAppendMap(pIter->pIndex, pT, iMin, iRowid, -1);
+    }else
+    if( nHit>1 && eDetail!=FTS5_DETAIL_NONE ){
+      int nReader = 0;
+      int nByte = 0;
+      i64 iPrev = 0;
+
+      /* Allocate array of iterators if they are not already allocated. */
+      if( pT->aPoslistReader==0 ){
+        pT->aPoslistReader = (Fts5PoslistReader*)sqlite3Fts5MallocZero(
+            &pIter->pIndex->rc,
+            pT->nIter * (sizeof(Fts5PoslistReader) + sizeof(int))
+        );
+        if( pT->aPoslistReader==0 ) return;
+        pT->aPoslistToIter = (int*)&pT->aPoslistReader[pT->nIter];
+      }
+
+      /* Populate an iterator for each poslist that will be merged */
+      for(ii=0; iinIter; ii++){
+        Fts5Iter *p = pT->apIter[ii];
+        if( iRowid==p->base.iRowid ){
+          pT->aPoslistToIter[nReader] = ii;
+          sqlite3Fts5PoslistReaderInit(
+              p->base.pData, p->base.nData, &pT->aPoslistReader[nReader++]
+          );
+          nByte += p->base.nData;
+        }
+      }
+
+      /* Ensure the output buffer is large enough */
+      if( fts5BufferGrow(&pIter->pIndex->rc, &pIter->poslist, nByte+nHit*10) ){
+        return;
+      }
+
+      /* Ensure the token-mapping is large enough */
+      if( eDetail==FTS5_DETAIL_FULL && pT->nMapAlloc<(pT->nMap + nByte) ){
+        int nNew = (pT->nMapAlloc + nByte) * 2;
+        Fts5TokenDataMap *aNew = (Fts5TokenDataMap*)sqlite3_realloc(
+            pT->aMap, nNew*sizeof(Fts5TokenDataMap)
+        );
+        if( aNew==0 ){
+          pIter->pIndex->rc = SQLITE_NOMEM;
+          return;
+        }
+        pT->aMap = aNew;
+        pT->nMapAlloc = nNew;
+      }
+
+      pIter->poslist.n = 0;
+
+      while( 1 ){
+        i64 iMinPos = LARGEST_INT64;
+
+        /* Find smallest position */
+        iMin = 0;
+        for(ii=0; iiaPoslistReader[ii];
+          if( pReader->bEof==0 ){
+            if( pReader->iPosiPos;
+              iMin = ii;
+            }
+          }
+        }
+
+        /* If all readers were at EOF, break out of the loop. */
+        if( iMinPos==LARGEST_INT64 ) break;
+
+        sqlite3Fts5PoslistSafeAppend(&pIter->poslist, &iPrev, iMinPos);
+        sqlite3Fts5PoslistReaderNext(&pT->aPoslistReader[iMin]);
+
+        if( eDetail==FTS5_DETAIL_FULL ){
+          pT->aMap[pT->nMap].iPos = iMinPos;
+          pT->aMap[pT->nMap].iIter = pT->aPoslistToIter[iMin];
+          pT->aMap[pT->nMap].iRowid = iRowid;
+          pT->nMap++;
+        }
+      }
+
+      pIter->base.pData = pIter->poslist.p;
+      pIter->base.nData = pIter->poslist.n;
+    }
+  }
+}
+
+/*
+** The iterator passed as the only argument must be a tokendata=1 iterator
+** (pIter->pTokenDataIter!=0). This function advances the iterator. If
+** argument bFrom is false, then the iterator is advanced to the next
+** entry. Or, if bFrom is true, it is advanced to the first entry with
+** a rowid of iFrom or greater.
+*/
+static void fts5TokendataIterNext(Fts5Iter *pIter, int bFrom, i64 iFrom){
+  int ii;
+  Fts5TokenDataIter *pT = pIter->pTokenDataIter;
+
+  for(ii=0; iinIter; ii++){
+    Fts5Iter *p = pT->apIter[ii];
+    if( p->base.bEof==0
+     && (p->base.iRowid==pIter->base.iRowid || (bFrom && p->base.iRowidpIndex, p, bFrom, iFrom);
+      while( bFrom && p->base.bEof==0
+          && p->base.iRowidpIndex->rc==SQLITE_OK
+      ){
+        fts5MultiIterNext(p->pIndex, p, 0, 0);
+      }
+    }
+  }
+
+  fts5IterSetOutputsTokendata(pIter);
+}
+
+/*
+** If the segment-iterator passed as the first argument is at EOF, then
+** set pIter->term to a copy of buffer pTerm.
+*/
+static void fts5TokendataSetTermIfEof(Fts5Iter *pIter, Fts5Buffer *pTerm){
+  if( pIter && pIter->aSeg[0].pLeaf==0 ){
+    fts5BufferSet(&pIter->pIndex->rc, &pIter->aSeg[0].term, pTerm->n, pTerm->p);
+  }
+}
+
+/*
+** This function sets up an iterator to use for a non-prefix query on a
+** tokendata=1 table.
+*/
+static Fts5Iter *fts5SetupTokendataIter(
+  Fts5Index *p,                   /* FTS index to query */
+  const u8 *pToken,               /* Buffer containing query term */
+  int nToken,                     /* Size of buffer pToken in bytes */
+  Fts5Colset *pColset             /* Colset to filter on */
+){
+  Fts5Iter *pRet = 0;
+  Fts5TokenDataIter *pSet = 0;
+  Fts5Structure *pStruct = 0;
+  const int flags = FTS5INDEX_QUERY_SCANONETERM | FTS5INDEX_QUERY_SCAN;
+
+  Fts5Buffer bSeek = {0, 0, 0};
+  Fts5Buffer *pSmall = 0;
+
+  fts5IndexFlush(p);
+  pStruct = fts5StructureRead(p);
+
+  while( p->rc==SQLITE_OK ){
+    Fts5Iter *pPrev = pSet ? pSet->apIter[pSet->nIter-1] : 0;
+    Fts5Iter *pNew = 0;
+    Fts5SegIter *pNewIter = 0;
+    Fts5SegIter *pPrevIter = 0;
+
+    int iLvl, iSeg, ii;
+
+    pNew = fts5MultiIterAlloc(p, pStruct->nSegment);
+    if( pSmall ){
+      fts5BufferSet(&p->rc, &bSeek, pSmall->n, pSmall->p);
+      fts5BufferAppendBlob(&p->rc, &bSeek, 1, (const u8*)"\0");
+    }else{
+      fts5BufferSet(&p->rc, &bSeek, nToken, pToken);
+    }
+    if( p->rc ){
+      sqlite3Fts5IterClose((Fts5IndexIter*)pNew);
+      break;
+    }
+
+    pNewIter = &pNew->aSeg[0];
+    pPrevIter = (pPrev ? &pPrev->aSeg[0] : 0);
+    for(iLvl=0; iLvlnLevel; iLvl++){
+      for(iSeg=pStruct->aLevel[iLvl].nSeg-1; iSeg>=0; iSeg--){
+        Fts5StructureSegment *pSeg = &pStruct->aLevel[iLvl].aSeg[iSeg];
+        int bDone = 0;
+
+        if( pPrevIter ){
+          if( fts5BufferCompare(pSmall, &pPrevIter->term) ){
+            memcpy(pNewIter, pPrevIter, sizeof(Fts5SegIter));
+            memset(pPrevIter, 0, sizeof(Fts5SegIter));
+            bDone = 1;
+          }else if( pPrevIter->iEndofDoclist>pPrevIter->pLeaf->szLeaf ){
+            fts5SegIterNextInit(p,(const char*)bSeek.p,bSeek.n-1,pSeg,pNewIter);
+            bDone = 1;
+          }
+        }
+
+        if( bDone==0 ){
+          fts5SegIterSeekInit(p, bSeek.p, bSeek.n, flags, pSeg, pNewIter);
+        }
+
+        if( pPrevIter ){
+          if( pPrevIter->pTombArray ){
+            pNewIter->pTombArray = pPrevIter->pTombArray;
+            pNewIter->pTombArray->nRef++;
+          }
+        }else{
+          fts5SegIterAllocTombstone(p, pNewIter);
+        }
+
+        pNewIter++;
+        if( pPrevIter ) pPrevIter++;
+        if( p->rc ) break;
+      }
+    }
+    fts5TokendataSetTermIfEof(pPrev, pSmall);
+
+    pNew->bSkipEmpty = 1;
+    pNew->pColset = pColset;
+    fts5IterSetOutputCb(&p->rc, pNew);
+
+    /* Loop through all segments in the new iterator. Find the smallest
+    ** term that any segment-iterator points to. Iterator pNew will be
+    ** used for this term. Also, set any iterator that points to a term that
+    ** does not match pToken/nToken to point to EOF */
+    pSmall = 0;
+    for(ii=0; iinSeg; ii++){
+      Fts5SegIter *pII = &pNew->aSeg[ii];
+      if( 0==fts5IsTokendataPrefix(&pII->term, pToken, nToken) ){
+        fts5SegIterSetEOF(pII);
+      }
+      if( pII->pLeaf && (!pSmall || fts5BufferCompare(pSmall, &pII->term)>0) ){
+        pSmall = &pII->term;
+      }
+    }
+
+    /* If pSmall is still NULL at this point, then the new iterator does
+    ** not point to any terms that match the query. So delete it and break
+    ** out of the loop - all required iterators have been collected.  */
+    if( pSmall==0 ){
+      sqlite3Fts5IterClose((Fts5IndexIter*)pNew);
+      break;
+    }
+
+    /* Append this iterator to the set and continue. */
+    pSet = fts5AppendTokendataIter(p, pSet, pNew);
+  }
+
+  if( p->rc==SQLITE_OK && pSet ){
+    int ii;
+    for(ii=0; iinIter; ii++){
+      Fts5Iter *pIter = pSet->apIter[ii];
+      int iSeg;
+      for(iSeg=0; iSegnSeg; iSeg++){
+        pIter->aSeg[iSeg].flags |= FTS5_SEGITER_ONETERM;
+      }
+      fts5MultiIterFinishSetup(p, pIter);
+    }
+  }
+
+  if( p->rc==SQLITE_OK ){
+    pRet = fts5MultiIterAlloc(p, 0);
+  }
+  if( pRet ){
+    pRet->pTokenDataIter = pSet;
+    if( pSet ){
+      fts5IterSetOutputsTokendata(pRet);
+    }else{
+      pRet->base.bEof = 1;
+    }
+  }else{
+    fts5TokendataIterDelete(pSet);
+  }
+
+  fts5StructureRelease(pStruct);
+  fts5BufferFree(&bSeek);
+  return pRet;
+}
+
+
 /*
 ** Open a new iterator to iterate though all rowid that match the
 ** specified token or token prefix.
@@ -242715,8 +245520,13 @@ static int sqlite3Fts5IndexQuery(
   if( sqlite3Fts5BufferSize(&p->rc, &buf, nToken+1)==0 ){
     int iIdx = 0;                 /* Index to search */
     int iPrefixIdx = 0;           /* +1 prefix index */
+    int bTokendata = pConfig->bTokendata;
     if( nToken>0 ) memcpy(&buf.p[1], pToken, nToken);
 
+    if( flags & (FTS5INDEX_QUERY_NOTOKENDATA|FTS5INDEX_QUERY_SCAN) ){
+      bTokendata = 0;
+    }
+
     /* Figure out which index to search and set iIdx accordingly. If this
     ** is a prefix query for which there is no prefix index, set iIdx to
     ** greater than pConfig->nPrefix to indicate that the query will be
@@ -242742,7 +245552,10 @@ static int sqlite3Fts5IndexQuery(
       }
     }
 
-    if( iIdx<=pConfig->nPrefix ){
+    if( bTokendata && iIdx==0 ){
+      buf.p[0] = '0';
+      pRet = fts5SetupTokendataIter(p, buf.p, nToken+1, pColset);
+    }else if( iIdx<=pConfig->nPrefix ){
       /* Straight index lookup */
       Fts5Structure *pStruct = fts5StructureRead(p);
       buf.p[0] = (u8)(FTS5_MAIN_PREFIX + iIdx);
@@ -242789,7 +245602,11 @@ static int sqlite3Fts5IndexQuery(
 static int sqlite3Fts5IterNext(Fts5IndexIter *pIndexIter){
   Fts5Iter *pIter = (Fts5Iter*)pIndexIter;
   assert( pIter->pIndex->rc==SQLITE_OK );
-  fts5MultiIterNext(pIter->pIndex, pIter, 0, 0);
+  if( pIter->pTokenDataIter ){
+    fts5TokendataIterNext(pIter, 0, 0);
+  }else{
+    fts5MultiIterNext(pIter->pIndex, pIter, 0, 0);
+  }
   return fts5IndexReturn(pIter->pIndex);
 }
 
@@ -242822,7 +245639,11 @@ static int sqlite3Fts5IterNextScan(Fts5IndexIter *pIndexIter){
 */
 static int sqlite3Fts5IterNextFrom(Fts5IndexIter *pIndexIter, i64 iMatch){
   Fts5Iter *pIter = (Fts5Iter*)pIndexIter;
-  fts5MultiIterNextFrom(pIter->pIndex, pIter, iMatch);
+  if( pIter->pTokenDataIter ){
+    fts5TokendataIterNext(pIter, 1, iMatch);
+  }else{
+    fts5MultiIterNextFrom(pIter->pIndex, pIter, iMatch);
+  }
   return fts5IndexReturn(pIter->pIndex);
 }
 
@@ -242837,6 +245658,99 @@ static const char *sqlite3Fts5IterTerm(Fts5IndexIter *pIndexIter, int *pn){
   return (z ? &z[1] : 0);
 }
 
+/*
+** This is used by xInstToken() to access the token at offset iOff, column
+** iCol of row iRowid. The token is returned via output variables *ppOut
+** and *pnOut. The iterator passed as the first argument must be a tokendata=1
+** iterator (pIter->pTokenDataIter!=0).
+*/
+static int sqlite3Fts5IterToken(
+  Fts5IndexIter *pIndexIter,
+  i64 iRowid,
+  int iCol,
+  int iOff,
+  const char **ppOut, int *pnOut
+){
+  Fts5Iter *pIter = (Fts5Iter*)pIndexIter;
+  Fts5TokenDataIter *pT = pIter->pTokenDataIter;
+  Fts5TokenDataMap *aMap = pT->aMap;
+  i64 iPos = (((i64)iCol)<<32) + iOff;
+
+  int i1 = 0;
+  int i2 = pT->nMap;
+  int iTest = 0;
+
+  while( i2>i1 ){
+    iTest = (i1 + i2) / 2;
+
+    if( aMap[iTest].iRowidiRowid ){
+      i2 = iTest;
+    }else{
+      if( aMap[iTest].iPosiPos ){
+        i2 = iTest;
+      }else{
+        break;
+      }
+    }
+  }
+
+  if( i2>i1 ){
+    Fts5Iter *pMap = pT->apIter[aMap[iTest].iIter];
+    *ppOut = (const char*)pMap->aSeg[0].term.p+1;
+    *pnOut = pMap->aSeg[0].term.n-1;
+  }
+
+  return SQLITE_OK;
+}
+
+/*
+** Clear any existing entries from the token-map associated with the
+** iterator passed as the only argument.
+*/
+static void sqlite3Fts5IndexIterClearTokendata(Fts5IndexIter *pIndexIter){
+  Fts5Iter *pIter = (Fts5Iter*)pIndexIter;
+  if( pIter && pIter->pTokenDataIter ){
+    pIter->pTokenDataIter->nMap = 0;
+  }
+}
+
+/*
+** Set a token-mapping for the iterator passed as the first argument. This
+** is used in detail=column or detail=none mode when a token is requested
+** using the xInstToken() API. In this case the caller tokenizers the
+** current row and configures the token-mapping via multiple calls to this
+** function.
+*/
+static int sqlite3Fts5IndexIterWriteTokendata(
+  Fts5IndexIter *pIndexIter,
+  const char *pToken, int nToken,
+  i64 iRowid, int iCol, int iOff
+){
+  Fts5Iter *pIter = (Fts5Iter*)pIndexIter;
+  Fts5TokenDataIter *pT = pIter->pTokenDataIter;
+  Fts5Index *p = pIter->pIndex;
+  int ii;
+
+  assert( p->pConfig->eDetail!=FTS5_DETAIL_FULL );
+  assert( pIter->pTokenDataIter );
+
+  for(ii=0; iinIter; ii++){
+    Fts5Buffer *pTerm = &pT->apIter[ii]->aSeg[0].term;
+    if( nToken==pTerm->n-1 && memcmp(pToken, pTerm->p+1, nToken)==0 ) break;
+  }
+  if( iinIter ){
+    fts5TokendataIterAppendMap(p, pT, ii, iRowid, (((i64)iCol)<<32) + iOff);
+  }
+  return fts5IndexReturn(p);
+}
+
 /*
 ** Close an iterator opened by an earlier call to sqlite3Fts5IndexQuery().
 */
@@ -242844,6 +245758,7 @@ static void sqlite3Fts5IterClose(Fts5IndexIter *pIndexIter){
   if( pIndexIter ){
     Fts5Iter *pIter = (Fts5Iter*)pIndexIter;
     Fts5Index *pIndex = pIter->pIndex;
+    fts5TokendataIterDelete(pIter->pTokenDataIter);
     fts5MultiIterFree(pIter);
     sqlite3Fts5IndexCloseReader(pIndex);
   }
@@ -243351,7 +246266,9 @@ static int fts5QueryCksum(
   int eDetail = p->pConfig->eDetail;
   u64 cksum = *pCksum;
   Fts5IndexIter *pIter = 0;
-  int rc = sqlite3Fts5IndexQuery(p, z, n, flags, 0, &pIter);
+  int rc = sqlite3Fts5IndexQuery(
+      p, z, n, (flags | FTS5INDEX_QUERY_NOTOKENDATA), 0, &pIter
+  );
 
   while( rc==SQLITE_OK && ALWAYS(pIter!=0) && 0==sqlite3Fts5IterEof(pIter) ){
     i64 rowid = pIter->iRowid;
@@ -243518,7 +246435,7 @@ static void fts5IndexIntegrityCheckEmpty(
 }
 
 static void fts5IntegrityCheckPgidx(Fts5Index *p, Fts5Data *pLeaf){
-  int iTermOff = 0;
+  i64 iTermOff = 0;
   int ii;
 
   Fts5Buffer buf1 = {0,0,0};
@@ -243527,7 +246444,7 @@ static void fts5IntegrityCheckPgidx(Fts5Index *p, Fts5Data *pLeaf){
   ii = pLeaf->szLeaf;
   while( iinn && p->rc==SQLITE_OK ){
     int res;
-    int iOff;
+    i64 iOff;
     int nIncr;
 
     ii += fts5GetVarint32(&pLeaf->p[ii], nIncr);
@@ -244049,6 +246966,24 @@ static void fts5DecodeRowidList(
 }
 #endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
 
+#if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
+static void fts5BufferAppendTerm(int *pRc, Fts5Buffer *pBuf, Fts5Buffer *pTerm){
+  int ii;
+  fts5BufferGrow(pRc, pBuf, pTerm->n*2 + 1);
+  if( *pRc==SQLITE_OK ){
+    for(ii=0; iin; ii++){
+      if( pTerm->p[ii]==0x00 ){
+        pBuf->p[pBuf->n++] = '\\';
+        pBuf->p[pBuf->n++] = '0';
+      }else{
+        pBuf->p[pBuf->n++] = pTerm->p[ii];
+      }
+    }
+    pBuf->p[pBuf->n] = 0x00;
+  }
+}
+#endif /* SQLITE_TEST || SQLITE_FTS5_DEBUG */
+
 #if defined(SQLITE_TEST) || defined(SQLITE_FTS5_DEBUG)
 /*
 ** The implementation of user-defined scalar function fts5_decode().
@@ -244156,9 +247091,8 @@ static void fts5DecodeFunction(
       iOff += fts5GetVarint32(&a[iOff], nAppend);
       term.n = nKeep;
       fts5BufferAppendBlob(&rc, &term, nAppend, &a[iOff]);
-      sqlite3Fts5BufferAppendPrintf(
-          &rc, &s, " term=%.*s", term.n, (const char*)term.p
-      );
+      sqlite3Fts5BufferAppendPrintf(&rc, &s, " term=");
+      fts5BufferAppendTerm(&rc, &s, &term);
       iOff += nAppend;
 
       /* Figure out where the doclist for this term ends */
@@ -244266,9 +247200,8 @@ static void fts5DecodeFunction(
       fts5BufferAppendBlob(&rc, &term, nByte, &a[iOff]);
       iOff += nByte;
 
-      sqlite3Fts5BufferAppendPrintf(
-          &rc, &s, " term=%.*s", term.n, (const char*)term.p
-      );
+      sqlite3Fts5BufferAppendPrintf(&rc, &s, " term=");
+      fts5BufferAppendTerm(&rc, &s, &term);
       iOff += fts5DecodeDoclist(&rc, &s, &a[iOff], iEnd-iOff);
     }
 
@@ -244743,7 +247676,7 @@ struct Fts5FullTable {
   Fts5Global *pGlobal;            /* Global (connection wide) data */
   Fts5Cursor *pSortCsr;           /* Sort data from this cursor */
   int iSavepoint;                 /* Successful xSavepoint()+1 */
-  int bInSavepoint;
+
 #ifdef SQLITE_DEBUG
   struct Fts5TransactionState ts;
 #endif
@@ -245281,12 +248214,15 @@ static int fts5BestIndexMethod(sqlite3_vtab *pVTab, sqlite3_index_info *pInfo){
   }
   idxStr[iIdxStr] = '\0';
 
-  /* Set idxFlags flags for the ORDER BY clause */
+  /* Set idxFlags flags for the ORDER BY clause
+  **
+  ** Note that tokendata=1 tables cannot currently handle "ORDER BY rowid DESC".
+  */
   if( pInfo->nOrderBy==1 ){
     int iSort = pInfo->aOrderBy[0].iColumn;
     if( iSort==(pConfig->nCol+1) && bSeenMatch ){
       idxFlags |= FTS5_BI_ORDER_RANK;
-    }else if( iSort==-1 ){
+    }else if( iSort==-1 && (!pInfo->aOrderBy[0].desc || !pConfig->bTokendata) ){
       idxFlags |= FTS5_BI_ORDER_ROWID;
     }
     if( BitFlagTest(idxFlags, FTS5_BI_ORDER_RANK|FTS5_BI_ORDER_ROWID) ){
@@ -245538,6 +248474,16 @@ static int fts5NextMethod(sqlite3_vtab_cursor *pCursor){
   );
   assert( !CsrFlagTest(pCsr, FTS5CSR_EOF) );
 
+  /* If this cursor uses FTS5_PLAN_MATCH and this is a tokendata=1 table,
+  ** clear any token mappings accumulated at the fts5_index.c level. In
+  ** other cases, specifically FTS5_PLAN_SOURCE and FTS5_PLAN_SORTED_MATCH,
+  ** we need to retain the mappings for the entire query.  */
+  if( pCsr->ePlan==FTS5_PLAN_MATCH
+   && ((Fts5Table*)pCursor->pVtab)->pConfig->bTokendata
+  ){
+    sqlite3Fts5ExprClearTokens(pCsr->pExpr);
+  }
+
   if( pCsr->ePlan<3 ){
     int bSkip = 0;
     if( (rc = fts5CursorReseek(pCsr, &bSkip)) || bSkip ) return rc;
@@ -246198,7 +249144,10 @@ static int fts5SpecialInsert(
   }else if( 0==sqlite3_stricmp("flush", zCmd) ){
     rc = sqlite3Fts5FlushToDisk(&pTab->p);
   }else{
-    rc = sqlite3Fts5IndexLoadConfig(pTab->p.pIndex);
+    rc = sqlite3Fts5FlushToDisk(&pTab->p);
+    if( rc==SQLITE_OK ){
+      rc = sqlite3Fts5IndexLoadConfig(pTab->p.pIndex);
+    }
     if( rc==SQLITE_OK ){
       rc = sqlite3Fts5ConfigSetValue(pTab->p.pConfig, zCmd, pVal, &bError);
     }
@@ -246523,7 +249472,10 @@ static int fts5ApiColumnText(
 ){
   int rc = SQLITE_OK;
   Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
-  if( fts5IsContentless((Fts5FullTable*)(pCsr->base.pVtab))
+  Fts5Table *pTab = (Fts5Table*)(pCsr->base.pVtab);
+  if( iCol<0 || iCol>=pTab->pConfig->nCol ){
+    rc = SQLITE_RANGE;
+  }else if( fts5IsContentless((Fts5FullTable*)(pCsr->base.pVtab))
    || pCsr->ePlan==FTS5_PLAN_SPECIAL
   ){
     *pz = 0;
@@ -246548,8 +249500,9 @@ static int fts5CsrPoslist(
   int rc = SQLITE_OK;
   int bLive = (pCsr->pSorter==0);
 
-  if( CsrFlagTest(pCsr, FTS5CSR_REQUIRE_POSLIST) ){
-
+  if( iPhrase<0 || iPhrase>=sqlite3Fts5ExprPhraseCount(pCsr->pExpr) ){
+    rc = SQLITE_RANGE;
+  }else if( CsrFlagTest(pCsr, FTS5CSR_REQUIRE_POSLIST) ){
     if( pConfig->eDetail!=FTS5_DETAIL_FULL ){
       Fts5PoslistPopulator *aPopulator;
       int i;
@@ -246573,15 +249526,21 @@ static int fts5CsrPoslist(
     CsrFlagClear(pCsr, FTS5CSR_REQUIRE_POSLIST);
   }
 
-  if( pCsr->pSorter && pConfig->eDetail==FTS5_DETAIL_FULL ){
-    Fts5Sorter *pSorter = pCsr->pSorter;
-    int i1 = (iPhrase==0 ? 0 : pSorter->aIdx[iPhrase-1]);
-    *pn = pSorter->aIdx[iPhrase] - i1;
-    *pa = &pSorter->aPoslist[i1];
+  if( rc==SQLITE_OK ){
+    if( pCsr->pSorter && pConfig->eDetail==FTS5_DETAIL_FULL ){
+      Fts5Sorter *pSorter = pCsr->pSorter;
+      int i1 = (iPhrase==0 ? 0 : pSorter->aIdx[iPhrase-1]);
+      *pn = pSorter->aIdx[iPhrase] - i1;
+      *pa = &pSorter->aPoslist[i1];
+    }else{
+      *pn = sqlite3Fts5ExprPoslist(pCsr->pExpr, iPhrase, pa);
+    }
   }else{
-    *pn = sqlite3Fts5ExprPoslist(pCsr->pExpr, iPhrase, pa);
+    *pa = 0;
+    *pn = 0;
   }
 
+
   return rc;
 }
 
@@ -246688,12 +249647,6 @@ static int fts5ApiInst(
   ){
     if( iIdx<0 || iIdx>=pCsr->nInstCount ){
       rc = SQLITE_RANGE;
-#if 0
-    }else if( fts5IsOffsetless((Fts5Table*)pCsr->base.pVtab) ){
-      *piPhrase = pCsr->aInst[iIdx*3];
-      *piCol = pCsr->aInst[iIdx*3 + 2];
-      *piOff = -1;
-#endif
     }else{
       *piPhrase = pCsr->aInst[iIdx*3];
       *piCol = pCsr->aInst[iIdx*3 + 1];
@@ -246948,13 +249901,56 @@ static int fts5ApiPhraseFirstColumn(
   return rc;
 }
 
+/*
+** xQueryToken() API implemenetation.
+*/
+static int fts5ApiQueryToken(
+  Fts5Context* pCtx,
+  int iPhrase,
+  int iToken,
+  const char **ppOut,
+  int *pnOut
+){
+  Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+  return sqlite3Fts5ExprQueryToken(pCsr->pExpr, iPhrase, iToken, ppOut, pnOut);
+}
+
+/*
+** xInstToken() API implemenetation.
+*/
+static int fts5ApiInstToken(
+  Fts5Context *pCtx,
+  int iIdx,
+  int iToken,
+  const char **ppOut, int *pnOut
+){
+  Fts5Cursor *pCsr = (Fts5Cursor*)pCtx;
+  int rc = SQLITE_OK;
+  if( CsrFlagTest(pCsr, FTS5CSR_REQUIRE_INST)==0
+   || SQLITE_OK==(rc = fts5CacheInstArray(pCsr))
+  ){
+    if( iIdx<0 || iIdx>=pCsr->nInstCount ){
+      rc = SQLITE_RANGE;
+    }else{
+      int iPhrase = pCsr->aInst[iIdx*3];
+      int iCol = pCsr->aInst[iIdx*3 + 1];
+      int iOff = pCsr->aInst[iIdx*3 + 2];
+      i64 iRowid = fts5CursorRowid(pCsr);
+      rc = sqlite3Fts5ExprInstToken(
+          pCsr->pExpr, iRowid, iPhrase, iCol, iOff, iToken, ppOut, pnOut
+      );
+    }
+  }
+  return rc;
+}
+
 
 static int fts5ApiQueryPhrase(Fts5Context*, int, void*,
     int(*)(const Fts5ExtensionApi*, Fts5Context*, void*)
 );
 
 static const Fts5ExtensionApi sFts5Api = {
-  2,                            /* iVersion */
+  3,                            /* iVersion */
   fts5ApiUserData,
   fts5ApiColumnCount,
   fts5ApiRowCount,
@@ -246974,6 +249970,8 @@ static const Fts5ExtensionApi sFts5Api = {
   fts5ApiPhraseNext,
   fts5ApiPhraseFirstColumn,
   fts5ApiPhraseNextColumn,
+  fts5ApiQueryToken,
+  fts5ApiInstToken
 };
 
 /*
@@ -247240,9 +250238,7 @@ static int fts5RenameMethod(
 ){
   int rc;
   Fts5FullTable *pTab = (Fts5FullTable*)pVtab;
-  pTab->bInSavepoint = 1;
   rc = sqlite3Fts5StorageRename(pTab->pStorage, zName);
-  pTab->bInSavepoint = 0;
   return rc;
 }
 
@@ -247259,26 +250255,12 @@ static int sqlite3Fts5FlushToDisk(Fts5Table *pTab){
 static int fts5SavepointMethod(sqlite3_vtab *pVtab, int iSavepoint){
   Fts5FullTable *pTab = (Fts5FullTable*)pVtab;
   int rc = SQLITE_OK;
-  char *zSql = 0;
-  fts5CheckTransactionState(pTab, FTS5_SAVEPOINT, iSavepoint);
 
-  if( pTab->bInSavepoint==0 ){
-    zSql = sqlite3_mprintf("INSERT INTO %Q.%Q(%Q) VALUES('flush')",
-        pTab->p.pConfig->zDb, pTab->p.pConfig->zName, pTab->p.pConfig->zName
-    );
-    if( zSql ){
-      pTab->bInSavepoint = 1;
-      rc = sqlite3_exec(pTab->p.pConfig->db, zSql, 0, 0, 0);
-      pTab->bInSavepoint = 0;
-      sqlite3_free(zSql);
-    }else{
-      rc = SQLITE_NOMEM;
-    }
-    if( rc==SQLITE_OK ){
-      pTab->iSavepoint = iSavepoint+1;
-    }
+  fts5CheckTransactionState(pTab, FTS5_SAVEPOINT, iSavepoint);
+  rc = sqlite3Fts5FlushToDisk((Fts5Table*)pVtab);
+  if( rc==SQLITE_OK ){
+    pTab->iSavepoint = iSavepoint+1;
   }
-
   return rc;
 }
 
@@ -247310,8 +250292,8 @@ static int fts5RollbackToMethod(sqlite3_vtab *pVtab, int iSavepoint){
   int rc = SQLITE_OK;
   fts5CheckTransactionState(pTab, FTS5_ROLLBACKTO, iSavepoint);
   fts5TripCursors(pTab);
-  pTab->p.pConfig->pgsz = 0;
   if( (iSavepoint+1)<=pTab->iSavepoint ){
+    pTab->p.pConfig->pgsz = 0;
     rc = sqlite3Fts5StorageRollback(pTab->pStorage);
   }
   return rc;
@@ -247516,7 +250498,7 @@ static void fts5SourceIdFunc(
 ){
   assert( nArg==0 );
   UNUSED_PARAM2(nArg, apUnused);
-  sqlite3_result_text(pCtx, "fts5: 2023-11-01 11:23:50 17129ba1ff7f0daf37100ee82d507aef7827cf38de1866e2633096ae6ad81301", -1, SQLITE_TRANSIENT);
+  sqlite3_result_text(pCtx, "fts5: 2024-01-15 17:01:13 1066602b2b1976fe58b5150777cced894af17c803e068f5918390d6915b46e1d", -1, SQLITE_TRANSIENT);
 }
 
 /*
@@ -247539,7 +250521,7 @@ static int fts5ShadowName(const char *zName){
 ** if anything is found amiss.  Return a NULL pointer if everything is
 ** OK.
 */
-static int fts5Integrity(
+static int fts5IntegrityMethod(
   sqlite3_vtab *pVtab,    /* the FTS5 virtual table to check */
   const char *zSchema,    /* Name of schema in which this table lives */
   const char *zTabname,   /* Name of the table itself */
@@ -247597,7 +250579,7 @@ static int fts5Init(sqlite3 *db){
     /* xRelease      */ fts5ReleaseMethod,
     /* xRollbackTo   */ fts5RollbackToMethod,
     /* xShadowName   */ fts5ShadowName,
-    /* xIntegrity    */ fts5Integrity
+    /* xIntegrity    */ fts5IntegrityMethod
   };
 
   int rc;
@@ -248363,7 +251345,7 @@ static int sqlite3Fts5StorageRebuild(Fts5Storage *p){
   }
 
   if( rc==SQLITE_OK ){
-    rc = fts5StorageGetStmt(p, FTS5_STMT_SCAN, &pScan, 0);
+    rc = fts5StorageGetStmt(p, FTS5_STMT_SCAN, &pScan, pConfig->pzErrmsg);
   }
 
   while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(pScan) ){
@@ -249150,6 +252132,12 @@ static const unsigned char sqlite3Utf8Trans1[] = {
 
 #endif /* ifndef SQLITE_AMALGAMATION */
 
+#define FTS5_SKIP_UTF8(zIn) {                               \
+  if( ((unsigned char)(*(zIn++)))>=0xc0 ){                              \
+    while( (((unsigned char)*zIn) & 0xc0)==0x80 ){ zIn++; }             \
+  }                                                    \
+}
+
 typedef struct Unicode61Tokenizer Unicode61Tokenizer;
 struct Unicode61Tokenizer {
   unsigned char aTokenChar[128];  /* ASCII range token characters */
@@ -250185,6 +253173,7 @@ static int fts5PorterTokenize(
 typedef struct TrigramTokenizer TrigramTokenizer;
 struct TrigramTokenizer {
   int bFold;                      /* True to fold to lower-case */
+  int iFoldParam;                 /* Parameter to pass to Fts5UnicodeFold() */
 };
 
 /*
@@ -250211,6 +253200,7 @@ static int fts5TriCreate(
   }else{
     int i;
     pNew->bFold = 1;
+    pNew->iFoldParam = 0;
     for(i=0; rc==SQLITE_OK && ibFold = (zArg[0]=='0');
         }
+      }else if( 0==sqlite3_stricmp(azArg[i], "remove_diacritics") ){
+        if( (zArg[0]!='0' && zArg[0]!='1' && zArg[0]!='2') || zArg[1] ){
+          rc = SQLITE_ERROR;
+        }else{
+          pNew->iFoldParam = (zArg[0]!='0') ? 2 : 0;
+        }
       }else{
         rc = SQLITE_ERROR;
       }
     }
+
+    if( pNew->iFoldParam!=0 && pNew->bFold==0 ){
+      rc = SQLITE_ERROR;
+    }
+
     if( rc!=SQLITE_OK ){
       fts5TriDelete((Fts5Tokenizer*)pNew);
       pNew = 0;
@@ -250245,40 +253246,62 @@ static int fts5TriTokenize(
   TrigramTokenizer *p = (TrigramTokenizer*)pTok;
   int rc = SQLITE_OK;
   char aBuf[32];
+  char *zOut = aBuf;
+  int ii;
   const unsigned char *zIn = (const unsigned char*)pText;
   const unsigned char *zEof = &zIn[nText];
   u32 iCode;
+  int aStart[3];                  /* Input offset of each character in aBuf[] */
 
   UNUSED_PARAM(unusedFlags);
-  while( 1 ){
-    char *zOut = aBuf;
-    int iStart = zIn - (const unsigned char*)pText;
-    const unsigned char *zNext;
-
-    READ_UTF8(zIn, zEof, iCode);
-    if( iCode==0 ) break;
-    zNext = zIn;
-    if( zInbFold ) iCode = sqlite3Fts5UnicodeFold(iCode, 0);
-      WRITE_UTF8(zOut, iCode);
+
+  /* Populate aBuf[] with the characters for the first trigram. */
+  for(ii=0; ii<3; ii++){
+    do {
+      aStart[ii] = zIn - (const unsigned char*)pText;
       READ_UTF8(zIn, zEof, iCode);
-      if( iCode==0 ) break;
-    }else{
-      break;
-    }
-    if( zInbFold ) iCode = sqlite3Fts5UnicodeFold(iCode, 0);
-      WRITE_UTF8(zOut, iCode);
+      if( iCode==0 ) return SQLITE_OK;
+      if( p->bFold ) iCode = sqlite3Fts5UnicodeFold(iCode, p->iFoldParam);
+    }while( iCode==0 );
+    WRITE_UTF8(zOut, iCode);
+  }
+
+  /* At the start of each iteration of this loop:
+  **
+  **  aBuf:      Contains 3 characters. The 3 characters of the next trigram.
+  **  zOut:      Points to the byte following the last character in aBuf.
+  **  aStart[3]: Contains the byte offset in the input text corresponding
+  **             to the start of each of the three characters in the buffer.
+  */
+  assert( zIn<=zEof );
+  while( 1 ){
+    int iNext;                    /* Start of character following current tri */
+    const char *z1;
+
+    /* Read characters from the input up until the first non-diacritic */
+    do {
+      iNext = zIn - (const unsigned char*)pText;
       READ_UTF8(zIn, zEof, iCode);
       if( iCode==0 ) break;
-      if( p->bFold ) iCode = sqlite3Fts5UnicodeFold(iCode, 0);
-      WRITE_UTF8(zOut, iCode);
-    }else{
-      break;
-    }
-    rc = xToken(pCtx, 0, aBuf, zOut-aBuf, iStart, iStart + zOut-aBuf);
-    if( rc!=SQLITE_OK ) break;
-    zIn = zNext;
+      if( p->bFold ) iCode = sqlite3Fts5UnicodeFold(iCode, p->iFoldParam);
+    }while( iCode==0 );
+
+    /* Pass the current trigram back to fts5 */
+    rc = xToken(pCtx, 0, aBuf, zOut-aBuf, aStart[0], iNext);
+    if( iCode==0 || rc!=SQLITE_OK ) break;
+
+    /* Remove the first character from buffer aBuf[]. Append the character
+    ** with codepoint iCode.  */
+    z1 = aBuf;
+    FTS5_SKIP_UTF8(z1);
+    memmove(aBuf, z1, zOut - z1);
+    zOut -= (z1 - aBuf);
+    WRITE_UTF8(zOut, iCode);
+
+    /* Update the aStart[] array */
+    aStart[0] = aStart[1];
+    aStart[1] = aStart[2];
+    aStart[2] = iNext;
   }
 
   return rc;
@@ -250301,7 +253324,9 @@ static int sqlite3Fts5TokenizerPattern(
 ){
   if( xCreate==fts5TriCreate ){
     TrigramTokenizer *p = (TrigramTokenizer*)pTok;
-    return p->bFold ? FTS5_PATTERN_LIKE : FTS5_PATTERN_GLOB;
+    if( p->iFoldParam==0 ){
+      return p->bFold ? FTS5_PATTERN_LIKE : FTS5_PATTERN_GLOB;
+    }
   }
   return FTS5_PATTERN_NONE;
 }
@@ -252090,7 +255115,7 @@ static int fts5VocabFilterMethod(
   if( pEq ){
     zTerm = (const char *)sqlite3_value_text(pEq);
     nTerm = sqlite3_value_bytes(pEq);
-    f = 0;
+    f = FTS5INDEX_QUERY_NOTOKENDATA;
   }else{
     if( pGe ){
       zTerm = (const char *)sqlite3_value_text(pGe);
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
index 4eff82d9d..ff58e2e73 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
@@ -147,9 +147,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.44.0"
-#define SQLITE_VERSION_NUMBER 3044000
-#define SQLITE_SOURCE_ID      "2023-11-01 11:23:50 17129ba1ff7f0daf37100ee82d507aef7827cf38de1866e2633096ae6ad81301"
+#define SQLITE_VERSION        "3.45.0"
+#define SQLITE_VERSION_NUMBER 3045000
+#define SQLITE_SOURCE_ID      "2024-01-15 17:01:13 1066602b2b1976fe58b5150777cced894af17c803e068f5918390d6915b46e1d"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -3955,15 +3955,17 @@ SQLITE_API void sqlite3_free_filename(sqlite3_filename);
 ** 
 **
 ** ^The sqlite3_errmsg() and sqlite3_errmsg16() return English-language
-** text that describes the error, as either UTF-8 or UTF-16 respectively.
+** text that describes the error, as either UTF-8 or UTF-16 respectively,
+** or NULL if no error message is available.
 ** (See how SQLite handles [invalid UTF] for exceptions to this rule.)
 ** ^(Memory to hold the error message string is managed internally.
 ** The application does not need to worry about freeing the result.
 ** However, the error string might be overwritten or deallocated by
 ** subsequent calls to other SQLite interface functions.)^
 **
-** ^The sqlite3_errstr() interface returns the English-language text
-** that describes the [result code], as UTF-8.
+** ^The sqlite3_errstr(E) interface returns the English-language text
+** that describes the [result code] E, as UTF-8, or NULL if E is not an
+** result code for which a text error message is available.
 ** ^(Memory to hold the error message string is managed internally
 ** and must not be freed by the application)^.
 **
@@ -5574,13 +5576,27 @@ SQLITE_API int sqlite3_create_window_function(
 ** 
 **
 ** [[SQLITE_SUBTYPE]] 
      SQLITE_SUBTYPE
      
-** The SQLITE_SUBTYPE flag indicates to SQLite that a function may call
+** The SQLITE_SUBTYPE flag indicates to SQLite that a function might call
 ** [sqlite3_value_subtype()] to inspect the sub-types of its arguments.
-** Specifying this flag makes no difference for scalar or aggregate user
-** functions. However, if it is not specified for a user-defined window
-** function, then any sub-types belonging to arguments passed to the window
-** function may be discarded before the window function is called (i.e.
-** sqlite3_value_subtype() will always return 0).
+** This flag instructs SQLite to omit some corner-case optimizations that
+** might disrupt the operation of the [sqlite3_value_subtype()] function,
+** causing it to return zero rather than the correct subtype().
+** SQL functions that invokes [sqlite3_value_subtype()] should have this
+** property.  If the SQLITE_SUBTYPE property is omitted, then the return
+** value from [sqlite3_value_subtype()] might sometimes be zero even though
+** a non-zero subtype was specified by the function argument expression.
+**
+** [[SQLITE_RESULT_SUBTYPE]] 
      SQLITE_RESULT_SUBTYPE
      
+** The SQLITE_RESULT_SUBTYPE flag indicates to SQLite that a function might call
+** [sqlite3_result_subtype()] to cause a sub-type to be associated with its
+** result.
+** Every function that invokes [sqlite3_result_subtype()] should have this
+** property.  If it does not, then the call to [sqlite3_result_subtype()]
+** might become a no-op if the function is used as term in an
+** [expression index].  On the other hand, SQL functions that never invoke
+** [sqlite3_result_subtype()] should avoid setting this property, as the
+** purpose of this property is to disable certain optimizations that are
+** incompatible with subtypes.
 ** 
      
 ** 
 */
@@ -5588,6 +5604,7 @@ SQLITE_API int sqlite3_create_window_function(
 #define SQLITE_DIRECTONLY       0x000080000
 #define SQLITE_SUBTYPE          0x000100000
 #define SQLITE_INNOCUOUS        0x000200000
+#define SQLITE_RESULT_SUBTYPE   0x001000000
 
 /*
 ** CAPI3REF: Deprecated Functions
@@ -5784,6 +5801,12 @@ SQLITE_API int sqlite3_value_encoding(sqlite3_value*);
 ** information can be used to pass a limited amount of context from
 ** one SQL function to another.  Use the [sqlite3_result_subtype()]
 ** routine to set the subtype for the return value of an SQL function.
+**
+** Every [application-defined SQL function] that invoke this interface
+** should include the [SQLITE_SUBTYPE] property in the text
+** encoding argument when the function is [sqlite3_create_function|registered].
+** If the [SQLITE_SUBTYPE] property is omitted, then sqlite3_value_subtype()
+** might return zero instead of the upstream subtype in some corner cases.
 */
 SQLITE_API unsigned int sqlite3_value_subtype(sqlite3_value*);
 
@@ -5914,14 +5937,22 @@ SQLITE_API sqlite3 *sqlite3_context_db_handle(sqlite3_context*);
 ** 
    18.  ^(when sqlite3_set_auxdata() is invoked again on the same
 **       parameter)^, or
 ** 
    19.  ^(during the original sqlite3_set_auxdata() call when a memory
-**      allocation error occurs.)^ 
+**      allocation error occurs.)^
+** 
    20.  ^(during the original sqlite3_set_auxdata() call if the function
+**      is evaluated during query planning instead of during query execution,
+**      as sometimes happens with [SQLITE_ENABLE_STAT4].)^ 
 **
-** Note the last bullet in particular.  The destructor X in
+** Note the last two bullets in particular.  The destructor X in
 ** sqlite3_set_auxdata(C,N,P,X) might be called immediately, before the
 ** sqlite3_set_auxdata() interface even returns.  Hence sqlite3_set_auxdata()
 ** should be called near the end of the function implementation and the
 ** function implementation should not make any use of P after
-** sqlite3_set_auxdata() has been called.
+** sqlite3_set_auxdata() has been called.  Furthermore, a call to
+** sqlite3_get_auxdata() that occurs immediately after a corresponding call
+** to sqlite3_set_auxdata() might still return NULL if an out-of-memory
+** condition occurred during the sqlite3_set_auxdata() call or if the
+** function is being evaluated during query planning rather than during
+** query execution.
 **
 ** ^(In practice, auxiliary data is preserved between function calls for
 ** function parameters that are compile-time constants, including literal
@@ -6195,6 +6226,20 @@ SQLITE_API int sqlite3_result_zeroblob64(sqlite3_context*, sqlite3_uint64 n);
 ** higher order bits are discarded.
 ** The number of subtype bytes preserved by SQLite might increase
 ** in future releases of SQLite.
+**
+** Every [application-defined SQL function] that invokes this interface
+** should include the [SQLITE_RESULT_SUBTYPE] property in its
+** text encoding argument when the SQL function is
+** [sqlite3_create_function|registered].  If the [SQLITE_RESULT_SUBTYPE]
+** property is omitted from the function that invokes sqlite3_result_subtype(),
+** then in some cases the sqlite3_result_subtype() might fail to set
+** the result subtype.
+**
+** If SQLite is compiled with -DSQLITE_STRICT_SUBTYPE=1, then any
+** SQL function that invokes the sqlite3_result_subtype() interface
+** and that does not have the SQLITE_RESULT_SUBTYPE property will raise
+** an error.  Future versions of SQLite might enable -DSQLITE_STRICT_SUBTYPE=1
+** by default.
 */
 SQLITE_API void sqlite3_result_subtype(sqlite3_context*,unsigned int);
 
@@ -7995,9 +8040,11 @@ SQLITE_API int sqlite3_vfs_unregister(sqlite3_vfs*);
 **
 ** ^(Some systems (for example, Windows 95) do not support the operation
 ** implemented by sqlite3_mutex_try().  On those systems, sqlite3_mutex_try()
-** will always return SQLITE_BUSY. The SQLite core only ever uses
-** sqlite3_mutex_try() as an optimization so this is acceptable
-** behavior.)^
+** will always return SQLITE_BUSY. In most cases the SQLite core only uses
+** sqlite3_mutex_try() as an optimization, so this is acceptable
+** behavior. The exceptions are unix builds that set the
+** SQLITE_ENABLE_SETLK_TIMEOUT build option. In that case a working
+** sqlite3_mutex_try() is required.)^
 **
 ** ^The sqlite3_mutex_leave() routine exits a mutex that was
 ** previously entered by the same thread.   The behavior
@@ -8256,6 +8303,7 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 #define SQLITE_TESTCTRL_ASSERT                  12
 #define SQLITE_TESTCTRL_ALWAYS                  13
 #define SQLITE_TESTCTRL_RESERVE                 14  /* NOT USED */
+#define SQLITE_TESTCTRL_JSON_SELFCHECK          14
 #define SQLITE_TESTCTRL_OPTIMIZATIONS           15
 #define SQLITE_TESTCTRL_ISKEYWORD               16  /* NOT USED */
 #define SQLITE_TESTCTRL_SCRATCHMALLOC           17  /* NOT USED */
@@ -12769,8 +12817,11 @@ struct Fts5PhraseIter {
 **   created with the "columnsize=0" option.
 **
 ** xColumnText:
-**   This function attempts to retrieve the text of column iCol of the
-**   current document. If successful, (*pz) is set to point to a buffer
+**   If parameter iCol is less than zero, or greater than or equal to the
+**   number of columns in the table, SQLITE_RANGE is returned.
+**
+**   Otherwise, this function attempts to retrieve the text of column iCol of
+**   the current document. If successful, (*pz) is set to point to a buffer
 **   containing the text in utf-8 encoding, (*pn) is set to the size in bytes
 **   (not characters) of the buffer and SQLITE_OK is returned. Otherwise,
 **   if an error occurs, an SQLite error code is returned and the final values
@@ -12780,8 +12831,10 @@ struct Fts5PhraseIter {
 **   Returns the number of phrases in the current query expression.
 **
 ** xPhraseSize:
-**   Returns the number of tokens in phrase iPhrase of the query. Phrases
-**   are numbered starting from zero.
+**   If parameter iCol is less than zero, or greater than or equal to the
+**   number of phrases in the current query, as returned by xPhraseCount,
+**   0 is returned. Otherwise, this function returns the number of tokens in
+**   phrase iPhrase of the query. Phrases are numbered starting from zero.
 **
 ** xInstCount:
 **   Set *pnInst to the total number of occurrences of all phrases within
@@ -12797,12 +12850,13 @@ struct Fts5PhraseIter {
 **   Query for the details of phrase match iIdx within the current row.
 **   Phrase matches are numbered starting from zero, so the iIdx argument
 **   should be greater than or equal to zero and smaller than the value
-**   output by xInstCount().
+**   output by xInstCount(). If iIdx is less than zero or greater than
+**   or equal to the value returned by xInstCount(), SQLITE_RANGE is returned.
 **
-**   Usually, output parameter *piPhrase is set to the phrase number, *piCol
+**   Otherwise, output parameter *piPhrase is set to the phrase number, *piCol
 **   to the column in which it occurs and *piOff the token offset of the
-**   first token of the phrase. Returns SQLITE_OK if successful, or an error
-**   code (i.e. SQLITE_NOMEM) if an error occurs.
+**   first token of the phrase. SQLITE_OK is returned if successful, or an
+**   error code (i.e. SQLITE_NOMEM) if an error occurs.
 **
 **   This API can be quite slow if used with an FTS5 table created with the
 **   "detail=none" or "detail=column" option.
@@ -12828,6 +12882,10 @@ struct Fts5PhraseIter {
 **   Invoking Api.xUserData() returns a copy of the pointer passed as
 **   the third argument to pUserData.
 **
+**   If parameter iPhrase is less than zero, or greater than or equal to
+**   the number of phrases in the query, as returned by xPhraseCount(),
+**   this function returns SQLITE_RANGE.
+**
 **   If the callback function returns any value other than SQLITE_OK, the
 **   query is abandoned and the xQueryPhrase function returns immediately.
 **   If the returned value is SQLITE_DONE, xQueryPhrase returns SQLITE_OK.
@@ -12942,9 +13000,42 @@ struct Fts5PhraseIter {
 **
 ** xPhraseNextColumn()
 **   See xPhraseFirstColumn above.
+**
+** xQueryToken(pFts5, iPhrase, iToken, ppToken, pnToken)
+**   This is used to access token iToken of phrase iPhrase of the current
+**   query. Before returning, output parameter *ppToken is set to point
+**   to a buffer containing the requested token, and *pnToken to the
+**   size of this buffer in bytes.
+**
+**   If iPhrase or iToken are less than zero, or if iPhrase is greater than
+**   or equal to the number of phrases in the query as reported by
+**   xPhraseCount(), or if iToken is equal to or greater than the number of
+**   tokens in the phrase, SQLITE_RANGE is returned and *ppToken and *pnToken
+     are both zeroed.
+**
+**   The output text is not a copy of the query text that specified the
+**   token. It is the output of the tokenizer module. For tokendata=1
+**   tables, this includes any embedded 0x00 and trailing data.
+**
+** xInstToken(pFts5, iIdx, iToken, ppToken, pnToken)
+**   This is used to access token iToken of phrase hit iIdx within the
+**   current row. If iIdx is less than zero or greater than or equal to the
+**   value returned by xInstCount(), SQLITE_RANGE is returned.  Otherwise,
+**   output variable (*ppToken) is set to point to a buffer containing the
+**   matching document token, and (*pnToken) to the size of that buffer in
+**   bytes. This API is not available if the specified token matches a
+**   prefix query term. In that case both output variables are always set
+**   to 0.
+**
+**   The output text is not a copy of the document text that was tokenized.
+**   It is the output of the tokenizer module. For tokendata=1 tables, this
+**   includes any embedded 0x00 and trailing data.
+**
+**   This API can be quite slow if used with an FTS5 table created with the
+**   "detail=none" or "detail=column" option.
 */
 struct Fts5ExtensionApi {
-  int iVersion;                   /* Currently always set to 2 */
+  int iVersion;                   /* Currently always set to 3 */
 
   void *(*xUserData)(Fts5Context*);
 
@@ -12979,6 +13070,13 @@ struct Fts5ExtensionApi {
 
   int (*xPhraseFirstColumn)(Fts5Context*, int iPhrase, Fts5PhraseIter*, int*);
   void (*xPhraseNextColumn)(Fts5Context*, Fts5PhraseIter*, int *piCol);
+
+  /* Below this point are iVersion>=3 only */
+  int (*xQueryToken)(Fts5Context*,
+      int iPhrase, int iToken,
+      const char **ppToken, int *pnToken
+  );
+  int (*xInstToken)(Fts5Context*, int iIdx, int iToken, const char**, int*);
 };
 
 /*
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
index 576418233..a16d8abf3 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
@@ -607,10 +607,9 @@ func (c *SQLiteConn) RegisterAuthorizer(callback func(int, string, string, strin
 // RegisterFunc makes a Go function available as a SQLite function.
 //
 // The Go function can have arguments of the following types: any
-// numeric type except complex, bool, []byte, string and
-// interface{}. interface{} arguments are given the direct translation
-// of the SQLite data type: int64 for INTEGER, float64 for FLOAT,
-// []byte for BLOB, string for TEXT.
+// numeric type except complex, bool, []byte, string and any.
+// any arguments are given the direct translation of the SQLite data type:
+// int64 for INTEGER, float64 for FLOAT, []byte for BLOB, string for TEXT.
 //
 // The function can additionally be variadic, as long as the type of
 // the variadic argument is one of the above.
@@ -620,7 +619,7 @@ func (c *SQLiteConn) RegisterAuthorizer(callback func(int, string, string, strin
 // optimizations in its queries.
 //
 // See _example/go_custom_funcs for a detailed example.
-func (c *SQLiteConn) RegisterFunc(name string, impl interface{}, pure bool) error {
+func (c *SQLiteConn) RegisterFunc(name string, impl any, pure bool) error {
 	var fi functionInfo
 	fi.f = reflect.ValueOf(impl)
 	t := fi.f.Type()
@@ -702,7 +701,7 @@ func sqlite3CreateFunction(db *C.sqlite3, zFunctionName *C.char, nArg C.int, eTe
 // return an error in addition to their other return values.
 //
 // See _example/go_custom_funcs for a detailed example.
-func (c *SQLiteConn) RegisterAggregator(name string, impl interface{}, pure bool) error {
+func (c *SQLiteConn) RegisterAggregator(name string, impl any, pure bool) error {
 	var ai aggInfo
 	ai.constructor = reflect.ValueOf(impl)
 	t := ai.constructor.Type()
@@ -976,103 +975,104 @@ func (c *SQLiteConn) begin(ctx context.Context) (driver.Tx, error) {
 // The argument is may be either in parentheses or it may be separated from
 // the pragma name by an equal sign. The two syntaxes yield identical results.
 // In many pragmas, the argument is a boolean. The boolean can be one of:
-//    1 yes true on
-//    0 no false off
+//
+//	1 yes true on
+//	0 no false off
 //
 // You can specify a DSN string using a URI as the filename.
-//   test.db
-//   file:test.db?cache=shared&mode=memory
-//   :memory:
-//   file::memory:
 //
-//   mode
-//     Access mode of the database.
-//     https://www.sqlite.org/c3ref/open.html
-//     Values:
-//      - ro
-//      - rw
-//      - rwc
-//      - memory
+//	test.db
+//	file:test.db?cache=shared&mode=memory
+//	:memory:
+//	file::memory:
 //
-//   cache
-//     SQLite Shared-Cache Mode
-//     https://www.sqlite.org/sharedcache.html
-//     Values:
-//       - shared
-//       - private
+//	mode
+//	  Access mode of the database.
+//	  https://www.sqlite.org/c3ref/open.html
+//	  Values:
+//	   - ro
+//	   - rw
+//	   - rwc
+//	   - memory
 //
-//   immutable=Boolean
-//     The immutable parameter is a boolean query parameter that indicates
-//     that the database file is stored on read-only media. When immutable is set,
-//     SQLite assumes that the database file cannot be changed,
-//     even by a process with higher privilege,
-//     and so the database is opened read-only and all locking and change detection is disabled.
-//     Caution: Setting the immutable property on a database file that
-//     does in fact change can result in incorrect query results and/or SQLITE_CORRUPT errors.
+//	cache
+//	  SQLite Shared-Cache Mode
+//	  https://www.sqlite.org/sharedcache.html
+//	  Values:
+//	    - shared
+//	    - private
 //
-// go-sqlite3 adds the following query parameters to those used by SQLite:
-//   _loc=XXX
-//     Specify location of time format. It's possible to specify "auto".
+//	immutable=Boolean
+//	  The immutable parameter is a boolean query parameter that indicates
+//	  that the database file is stored on read-only media. When immutable is set,
+//	  SQLite assumes that the database file cannot be changed,
+//	  even by a process with higher privilege,
+//	  and so the database is opened read-only and all locking and change detection is disabled.
+//	  Caution: Setting the immutable property on a database file that
+//	  does in fact change can result in incorrect query results and/or SQLITE_CORRUPT errors.
 //
-//   _mutex=XXX
-//     Specify mutex mode. XXX can be "no", "full".
+// go-sqlite3 adds the following query parameters to those used by SQLite:
 //
-//   _txlock=XXX
-//     Specify locking behavior for transactions.  XXX can be "immediate",
-//     "deferred", "exclusive".
+//	_loc=XXX
+//	  Specify location of time format. It's possible to specify "auto".
 //
-//   _auto_vacuum=X | _vacuum=X
-//     0 | none - Auto Vacuum disabled
-//     1 | full - Auto Vacuum FULL
-//     2 | incremental - Auto Vacuum Incremental
+//	_mutex=XXX
+//	  Specify mutex mode. XXX can be "no", "full".
 //
-//   _busy_timeout=XXX"| _timeout=XXX
-//     Specify value for sqlite3_busy_timeout.
+//	_txlock=XXX
+//	  Specify locking behavior for transactions.  XXX can be "immediate",
+//	  "deferred", "exclusive".
 //
-//   _case_sensitive_like=Boolean | _cslike=Boolean
-//     https://www.sqlite.org/pragma.html#pragma_case_sensitive_like
-//     Default or disabled the LIKE operation is case-insensitive.
-//     When enabling this options behaviour of LIKE will become case-sensitive.
+//	_auto_vacuum=X | _vacuum=X
+//	  0 | none - Auto Vacuum disabled
+//	  1 | full - Auto Vacuum FULL
+//	  2 | incremental - Auto Vacuum Incremental
 //
-//   _defer_foreign_keys=Boolean | _defer_fk=Boolean
-//     Defer Foreign Keys until outermost transaction is committed.
+//	_busy_timeout=XXX"| _timeout=XXX
+//	  Specify value for sqlite3_busy_timeout.
 //
-//   _foreign_keys=Boolean | _fk=Boolean
-//     Enable or disable enforcement of foreign keys.
+//	_case_sensitive_like=Boolean | _cslike=Boolean
+//	  https://www.sqlite.org/pragma.html#pragma_case_sensitive_like
+//	  Default or disabled the LIKE operation is case-insensitive.
+//	  When enabling this options behaviour of LIKE will become case-sensitive.
 //
-//   _ignore_check_constraints=Boolean
-//     This pragma enables or disables the enforcement of CHECK constraints.
-//     The default setting is off, meaning that CHECK constraints are enforced by default.
+//	_defer_foreign_keys=Boolean | _defer_fk=Boolean
+//	  Defer Foreign Keys until outermost transaction is committed.
 //
-//   _journal_mode=MODE | _journal=MODE
-//     Set journal mode for the databases associated with the current connection.
-//     https://www.sqlite.org/pragma.html#pragma_journal_mode
+//	_foreign_keys=Boolean | _fk=Boolean
+//	  Enable or disable enforcement of foreign keys.
 //
-//   _locking_mode=X | _locking=X
-//     Sets the database connection locking-mode.
-//     The locking-mode is either NORMAL or EXCLUSIVE.
-//     https://www.sqlite.org/pragma.html#pragma_locking_mode
+//	_ignore_check_constraints=Boolean
+//	  This pragma enables or disables the enforcement of CHECK constraints.
+//	  The default setting is off, meaning that CHECK constraints are enforced by default.
 //
-//   _query_only=Boolean
-//     The query_only pragma prevents all changes to database files when enabled.
+//	_journal_mode=MODE | _journal=MODE
+//	  Set journal mode for the databases associated with the current connection.
+//	  https://www.sqlite.org/pragma.html#pragma_journal_mode
 //
-//   _recursive_triggers=Boolean | _rt=Boolean
-//     Enable or disable recursive triggers.
+//	_locking_mode=X | _locking=X
+//	  Sets the database connection locking-mode.
+//	  The locking-mode is either NORMAL or EXCLUSIVE.
+//	  https://www.sqlite.org/pragma.html#pragma_locking_mode
 //
-//   _secure_delete=Boolean|FAST
-//     When secure_delete is on, SQLite overwrites deleted content with zeros.
-//     https://www.sqlite.org/pragma.html#pragma_secure_delete
+//	_query_only=Boolean
+//	  The query_only pragma prevents all changes to database files when enabled.
 //
-//   _synchronous=X | _sync=X
-//     Change the setting of the "synchronous" flag.
-//     https://www.sqlite.org/pragma.html#pragma_synchronous
+//	_recursive_triggers=Boolean | _rt=Boolean
+//	  Enable or disable recursive triggers.
 //
-//   _writable_schema=Boolean
-//     When this pragma is on, the SQLITE_MASTER tables in which database
-//     can be changed using ordinary UPDATE, INSERT, and DELETE statements.
-//     Warning: misuse of this pragma can easily result in a corrupt database file.
+//	_secure_delete=Boolean|FAST
+//	  When secure_delete is on, SQLite overwrites deleted content with zeros.
+//	  https://www.sqlite.org/pragma.html#pragma_secure_delete
 //
+//	_synchronous=X | _sync=X
+//	  Change the setting of the "synchronous" flag.
+//	  https://www.sqlite.org/pragma.html#pragma_synchronous
 //
+//	_writable_schema=Boolean
+//	  When this pragma is on, the SQLITE_MASTER tables in which database
+//	  can be changed using ordinary UPDATE, INSERT, and DELETE statements.
+//	  Warning: misuse of this pragma can easily result in a corrupt database file.
 func (d *SQLiteDriver) Open(dsn string) (driver.Conn, error) {
 	if C.sqlite3_threadsafe() == 0 {
 		return nil, errors.New("sqlite library was not compiled for thread-safe operation")
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go
index afd93333d..bd9a3bc09 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_func_crypt.go
@@ -50,15 +50,15 @@ import (
 // perhaps using a cryptographic hash function like SHA1.
 
 // CryptEncoderSHA1 encodes a password with SHA1
-func CryptEncoderSHA1(pass []byte, hash interface{}) []byte {
+func CryptEncoderSHA1(pass []byte, hash any) []byte {
 	h := sha1.Sum(pass)
 	return h[:]
 }
 
 // CryptEncoderSSHA1 encodes a password with SHA1 with the
 // configured salt.
-func CryptEncoderSSHA1(salt string) func(pass []byte, hash interface{}) []byte {
-	return func(pass []byte, hash interface{}) []byte {
+func CryptEncoderSSHA1(salt string) func(pass []byte, hash any) []byte {
+	return func(pass []byte, hash any) []byte {
 		s := []byte(salt)
 		p := append(pass, s...)
 		h := sha1.Sum(p)
@@ -67,15 +67,15 @@ func CryptEncoderSSHA1(salt string) func(pass []byte, hash interface{}) []byte {
 }
 
 // CryptEncoderSHA256 encodes a password with SHA256
-func CryptEncoderSHA256(pass []byte, hash interface{}) []byte {
+func CryptEncoderSHA256(pass []byte, hash any) []byte {
 	h := sha256.Sum256(pass)
 	return h[:]
 }
 
 // CryptEncoderSSHA256 encodes a password with SHA256
 // with the configured salt
-func CryptEncoderSSHA256(salt string) func(pass []byte, hash interface{}) []byte {
-	return func(pass []byte, hash interface{}) []byte {
+func CryptEncoderSSHA256(salt string) func(pass []byte, hash any) []byte {
+	return func(pass []byte, hash any) []byte {
 		s := []byte(salt)
 		p := append(pass, s...)
 		h := sha256.Sum256(p)
@@ -84,15 +84,15 @@ func CryptEncoderSSHA256(salt string) func(pass []byte, hash interface{}) []byte
 }
 
 // CryptEncoderSHA384 encodes a password with SHA384
-func CryptEncoderSHA384(pass []byte, hash interface{}) []byte {
+func CryptEncoderSHA384(pass []byte, hash any) []byte {
 	h := sha512.Sum384(pass)
 	return h[:]
 }
 
 // CryptEncoderSSHA384 encodes a password with SHA384
 // with the configured salt
-func CryptEncoderSSHA384(salt string) func(pass []byte, hash interface{}) []byte {
-	return func(pass []byte, hash interface{}) []byte {
+func CryptEncoderSSHA384(salt string) func(pass []byte, hash any) []byte {
+	return func(pass []byte, hash any) []byte {
 		s := []byte(salt)
 		p := append(pass, s...)
 		h := sha512.Sum384(p)
@@ -101,15 +101,15 @@ func CryptEncoderSSHA384(salt string) func(pass []byte, hash interface{}) []byte
 }
 
 // CryptEncoderSHA512 encodes a password with SHA512
-func CryptEncoderSHA512(pass []byte, hash interface{}) []byte {
+func CryptEncoderSHA512(pass []byte, hash any) []byte {
 	h := sha512.Sum512(pass)
 	return h[:]
 }
 
 // CryptEncoderSSHA512 encodes a password with SHA512
 // with the configured salt
-func CryptEncoderSSHA512(salt string) func(pass []byte, hash interface{}) []byte {
-	return func(pass []byte, hash interface{}) []byte {
+func CryptEncoderSSHA512(salt string) func(pass []byte, hash any) []byte {
+	return func(pass []byte, hash any) []byte {
 		s := []byte(salt)
 		p := append(pass, s...)
 		h := sha512.Sum512(p)
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go
index 514fd7ecb..34cad08e4 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go
@@ -3,8 +3,8 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
-// +build cgo
-// +build go1.8
+//go:build cgo && go1.8
+// +build cgo,go1.8
 
 package sqlite3
 
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
index ac609c956..95cc7c0b6 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build libsqlite3
 // +build libsqlite3
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_load_extension.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_load_extension.go
index 9433fea82..03cbc8b68 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_load_extension.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_load_extension.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build !sqlite_omit_load_extension
 // +build !sqlite_omit_load_extension
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_load_extension_omit.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_load_extension_omit.go
index 8c75f9bda..d4f8ce651 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_load_extension_omit.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_load_extension_omit.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_omit_load_extension
 // +build sqlite_omit_load_extension
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_allow_uri_authority.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_allow_uri_authority.go
index 8c4d4d20d..51240cbf6 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_allow_uri_authority.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_allow_uri_authority.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_allow_uri_authority
 // +build sqlite_allow_uri_authority
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_app_armor.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_app_armor.go
index 63c80cfea..565dbc298 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_app_armor.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_app_armor.go
@@ -4,8 +4,8 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
-// +build !windows
-// +build sqlite_app_armor
+//go:build !windows && sqlite_app_armor
+// +build !windows,sqlite_app_armor
 
 package sqlite3
 
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_column_metadata.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_column_metadata.go
index c67fa82b1..63659b46b 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_column_metadata.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_column_metadata.go
@@ -1,3 +1,4 @@
+//go:build sqlite_column_metadata
 // +build sqlite_column_metadata
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_foreign_keys.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_foreign_keys.go
index a676e097a..82c944e1b 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_foreign_keys.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_foreign_keys.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_foreign_keys
 // +build sqlite_foreign_keys
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_fts5.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_fts5.go
index 0f38df75d..2645f284b 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_fts5.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_fts5.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_fts5 || fts5
 // +build sqlite_fts5 fts5
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_icu.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_icu.go
index f82bdd0d4..2d47827be 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_icu.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_icu.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_icu || icu
 // +build sqlite_icu icu
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_introspect.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_introspect.go
index 6512b2b3b..cd2e54011 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_introspect.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_introspect.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_introspect
 // +build sqlite_introspect
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_math_functions.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_math_functions.go
index 7cd68d3f5..bd62d9a2a 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_math_functions.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_math_functions.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_math_functions
 // +build sqlite_math_functions
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate.go
index cea032e3e..ed725eeb9 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build cgo
 // +build cgo
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate_hook.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate_hook.go
index b43e4821b..8cce278fd 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate_hook.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate_hook.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_preupdate_hook
 // +build sqlite_preupdate_hook
 
 package sqlite3
@@ -54,10 +55,10 @@ func (d *SQLitePreUpdateData) Count() int {
 	return int(C.sqlite3_preupdate_count(d.Conn.db))
 }
 
-func (d *SQLitePreUpdateData) row(dest []interface{}, new bool) error {
+func (d *SQLitePreUpdateData) row(dest []any, new bool) error {
 	for i := 0; i < d.Count() && i < len(dest); i++ {
 		var val *C.sqlite3_value
-		var src interface{}
+		var src any
 
 		// Initially I tried making this just a function pointer argument, but
 		// it's absurdly complicated to pass C function pointers.
@@ -95,7 +96,7 @@ func (d *SQLitePreUpdateData) row(dest []interface{}, new bool) error {
 
 // Old populates dest with the row data to be replaced. This works similar to
 // database/sql's Rows.Scan()
-func (d *SQLitePreUpdateData) Old(dest ...interface{}) error {
+func (d *SQLitePreUpdateData) Old(dest ...any) error {
 	if d.Op == SQLITE_INSERT {
 		return errors.New("There is no old row for INSERT operations")
 	}
@@ -104,7 +105,7 @@ func (d *SQLitePreUpdateData) Old(dest ...interface{}) error {
 
 // New populates dest with the replacement row data. This works similar to
 // database/sql's Rows.Scan()
-func (d *SQLitePreUpdateData) New(dest ...interface{}) error {
+func (d *SQLitePreUpdateData) New(dest ...any) error {
 	if d.Op == SQLITE_DELETE {
 		return errors.New("There is no new row for DELETE operations")
 	}
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate_omit.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate_omit.go
index c510a15b4..f60da6c16 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate_omit.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_preupdate_omit.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build !sqlite_preupdate_hook && cgo
 // +build !sqlite_preupdate_hook,cgo
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete.go
index 934fa6b8e..6bb05b843 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_secure_delete
 // +build sqlite_secure_delete
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete_fast.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete_fast.go
index b0de130ff..982020aeb 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete_fast.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_secure_delete_fast.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_secure_delete_fast
 // +build sqlite_secure_delete_fast
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize.go
index 2560c43a7..f1710c1c3 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize.go
@@ -1,3 +1,4 @@
+//go:build !libsqlite3 || sqlite_serialize
 // +build !libsqlite3 sqlite_serialize
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize_omit.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize_omit.go
index b154dd34d..d00ead0b6 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize_omit.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_serialize_omit.go
@@ -1,3 +1,4 @@
+//go:build libsqlite3 && !sqlite_serialize
 // +build libsqlite3,!sqlite_serialize
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_stat4.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_stat4.go
index d4d30f0dd..799fbb0fc 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_stat4.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_stat4.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_stat4
 // +build sqlite_stat4
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_unlock_notify.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_unlock_notify.go
index adfa26c54..76f7bbfb6 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_unlock_notify.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_unlock_notify.go
@@ -3,8 +3,8 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
-// +build cgo
-// +build sqlite_unlock_notify
+//go:build cgo && sqlite_unlock_notify
+// +build cgo,sqlite_unlock_notify
 
 package sqlite3
 
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go
index b62b60840..de9630c27 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_userauth
 // +build sqlite_userauth
 
 package sqlite3
@@ -79,7 +80,7 @@ var (
 // If a database contains the SQLITE_USER table, then the
 // call to Authenticate must be invoked with an
 // appropriate username and password prior to enable read and write
-//access to the database.
+// access to the database.
 //
 // Return SQLITE_OK on success or SQLITE_ERROR if the username/password
 // combination is incorrect or unknown.
@@ -103,9 +104,10 @@ func (c *SQLiteConn) Authenticate(username, password string) error {
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	C.SQLITE_OK (0)
-//	C.SQLITE_ERROR (1)
-//  C.SQLITE_AUTH (23)
+//
+//		C.SQLITE_OK (0)
+//		C.SQLITE_ERROR (1)
+//	 C.SQLITE_AUTH (23)
 func (c *SQLiteConn) authenticate(username, password string) int {
 	// Allocate C Variables
 	cuser := C.CString(username)
@@ -155,9 +157,10 @@ func (c *SQLiteConn) AuthUserAdd(username, password string, admin bool) error {
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	C.SQLITE_OK (0)
-//	C.SQLITE_ERROR (1)
-//  C.SQLITE_AUTH (23)
+//
+//		C.SQLITE_OK (0)
+//		C.SQLITE_ERROR (1)
+//	 C.SQLITE_AUTH (23)
 func (c *SQLiteConn) authUserAdd(username, password string, admin int) int {
 	// Allocate C Variables
 	cuser := C.CString(username)
@@ -207,9 +210,10 @@ func (c *SQLiteConn) AuthUserChange(username, password string, admin bool) error
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	C.SQLITE_OK (0)
-//	C.SQLITE_ERROR (1)
-//  C.SQLITE_AUTH (23)
+//
+//		C.SQLITE_OK (0)
+//		C.SQLITE_ERROR (1)
+//	 C.SQLITE_AUTH (23)
 func (c *SQLiteConn) authUserChange(username, password string, admin int) int {
 	// Allocate C Variables
 	cuser := C.CString(username)
@@ -249,9 +253,10 @@ func (c *SQLiteConn) AuthUserDelete(username string) error {
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	C.SQLITE_OK (0)
-//	C.SQLITE_ERROR (1)
-//  C.SQLITE_AUTH (23)
+//
+//		C.SQLITE_OK (0)
+//		C.SQLITE_ERROR (1)
+//	 C.SQLITE_AUTH (23)
 func (c *SQLiteConn) authUserDelete(username string) int {
 	// Allocate C Variables
 	cuser := C.CString(username)
@@ -280,8 +285,9 @@ func (c *SQLiteConn) AuthEnabled() (exists bool) {
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	0 - Disabled
-//  1 - Enabled
+//
+//		0 - Disabled
+//	 1 - Enabled
 func (c *SQLiteConn) authEnabled() int {
 	return int(C._sqlite3_auth_enabled(c.db))
 }
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth_omit.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth_omit.go
index 302cd57a9..15370df70 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth_omit.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth_omit.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build !sqlite_userauth
 // +build !sqlite_userauth
 
 package sqlite3
@@ -17,7 +18,7 @@ import (
 // If a database contains the SQLITE_USER table, then the
 // call to Authenticate must be invoked with an
 // appropriate username and password prior to enable read and write
-//access to the database.
+// access to the database.
 //
 // Return SQLITE_OK on success or SQLITE_ERROR if the username/password
 // combination is incorrect or unknown.
@@ -34,9 +35,10 @@ func (c *SQLiteConn) Authenticate(username, password string) error {
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	C.SQLITE_OK (0)
-//	C.SQLITE_ERROR (1)
-//  C.SQLITE_AUTH (23)
+//
+//		C.SQLITE_OK (0)
+//		C.SQLITE_ERROR (1)
+//	 C.SQLITE_AUTH (23)
 func (c *SQLiteConn) authenticate(username, password string) int {
 	// NOOP
 	return 0
@@ -65,9 +67,10 @@ func (c *SQLiteConn) AuthUserAdd(username, password string, admin bool) error {
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	C.SQLITE_OK (0)
-//	C.SQLITE_ERROR (1)
-//  C.SQLITE_AUTH (23)
+//
+//		C.SQLITE_OK (0)
+//		C.SQLITE_ERROR (1)
+//	 C.SQLITE_AUTH (23)
 func (c *SQLiteConn) authUserAdd(username, password string, admin int) int {
 	// NOOP
 	return 0
@@ -96,9 +99,10 @@ func (c *SQLiteConn) AuthUserChange(username, password string, admin bool) error
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	C.SQLITE_OK (0)
-//	C.SQLITE_ERROR (1)
-//  C.SQLITE_AUTH (23)
+//
+//		C.SQLITE_OK (0)
+//		C.SQLITE_ERROR (1)
+//	 C.SQLITE_AUTH (23)
 func (c *SQLiteConn) authUserChange(username, password string, admin int) int {
 	// NOOP
 	return 0
@@ -122,9 +126,10 @@ func (c *SQLiteConn) AuthUserDelete(username string) error {
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	C.SQLITE_OK (0)
-//	C.SQLITE_ERROR (1)
-//  C.SQLITE_AUTH (23)
+//
+//		C.SQLITE_OK (0)
+//		C.SQLITE_ERROR (1)
+//	 C.SQLITE_AUTH (23)
 func (c *SQLiteConn) authUserDelete(username string) int {
 	// NOOP
 	return 0
@@ -142,8 +147,9 @@ func (c *SQLiteConn) AuthEnabled() (exists bool) {
 // It is however exported for usage within SQL by the user.
 //
 // Returns:
-//	0 - Disabled
-//  1 - Enabled
+//
+//		0 - Disabled
+//	 1 - Enabled
 func (c *SQLiteConn) authEnabled() int {
 	// NOOP
 	return 0
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_full.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_full.go
index 5185a96d0..df13c9d2d 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_full.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_full.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_vacuum_full
 // +build sqlite_vacuum_full
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_incr.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_incr.go
index a9d8a185c..a2e48814b 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_incr.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vacuum_incr.go
@@ -4,6 +4,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_vacuum_incr
 // +build sqlite_vacuum_incr
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vtable.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vtable.go
index 4a93c4652..9b164b3e0 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vtable.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_vtable.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_vtable || vtable
 // +build sqlite_vtable vtable
 
 package sqlite3
@@ -516,7 +517,7 @@ func goMDestroy(pClientData unsafe.Pointer) {
 func goVFilter(pCursor unsafe.Pointer, idxNum C.int, idxName *C.char, argc C.int, argv **C.sqlite3_value) *C.char {
 	vtc := lookupHandle(pCursor).(*sqliteVTabCursor)
 	args := (*[(math.MaxInt32 - 1) / unsafe.Sizeof((*C.sqlite3_value)(nil))]*C.sqlite3_value)(unsafe.Pointer(argv))[:argc:argc]
-	vals := make([]interface{}, 0, argc)
+	vals := make([]any, 0, argc)
 	for _, v := range args {
 		conv, err := callbackArgGeneric(v)
 		if err != nil {
@@ -588,7 +589,7 @@ func goVUpdate(pVTab unsafe.Pointer, argc C.int, argv **C.sqlite3_value, pRowid
 	if v, ok := vt.vTab.(VTabUpdater); ok {
 		// convert argv
 		args := (*[(math.MaxInt32 - 1) / unsafe.Sizeof((*C.sqlite3_value)(nil))]*C.sqlite3_value)(unsafe.Pointer(argv))[:argc:argc]
-		vals := make([]interface{}, 0, argc)
+		vals := make([]any, 0, argc)
 		for _, v := range args {
 			conv, err := callbackArgGeneric(v)
 			if err != nil {
@@ -662,9 +663,9 @@ type VTab interface {
 // deleted.
 // See: https://sqlite.org/vtab.html#xupdate
 type VTabUpdater interface {
-	Delete(interface{}) error
-	Insert(interface{}, []interface{}) (int64, error)
-	Update(interface{}, []interface{}) error
+	Delete(any) error
+	Insert(any, []any) (int64, error)
+	Update(any, []any) error
 }
 
 // VTabCursor describes cursors that point into the virtual table and are used
@@ -673,7 +674,7 @@ type VTabCursor interface {
 	// http://sqlite.org/vtab.html#xclose
 	Close() error
 	// http://sqlite.org/vtab.html#xfilter
-	Filter(idxNum int, idxStr string, vals []interface{}) error
+	Filter(idxNum int, idxStr string, vals []any) error
 	// http://sqlite.org/vtab.html#xnext
 	Next() error
 	// http://sqlite.org/vtab.html#xeof
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_other.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_other.go
index 077d3c644..1f9a75506 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_other.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_other.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build !windows
 // +build !windows
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_solaris.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_solaris.go
index 102f90c9a..fb4d32517 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_solaris.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_solaris.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build solaris
 // +build solaris
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_trace.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_trace.go
index 56bb91490..6c47cce19 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_trace.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_trace.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build sqlite_trace || trace
 // +build sqlite_trace trace
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_type.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_type.go
index 0fd8210bb..20537a097 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_type.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_type.go
@@ -74,7 +74,7 @@ func scanType(cdt string) reflect.Type {
 	case SQLITE_TIME:
 		return reflect.TypeOf(sql.NullTime{})
 	}
-	return reflect.TypeOf(new(interface{}))
+	return reflect.TypeOf(new(any))
 }
 
 func databaseTypeConvSqlite(t string) int {
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_usleep_windows.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_usleep_windows.go
index b6739bf62..6527f6fd9 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_usleep_windows.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_usleep_windows.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build cgo
 // +build cgo
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_windows.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_windows.go
index 81aa2abde..f863bcd36 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_windows.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_windows.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build windows
 // +build windows
 
 package sqlite3
diff --git a/vendor/github.com/mattn/go-sqlite3/static_mock.go b/vendor/github.com/mattn/go-sqlite3/static_mock.go
index f19e842ff..d2c5a2760 100644
--- a/vendor/github.com/mattn/go-sqlite3/static_mock.go
+++ b/vendor/github.com/mattn/go-sqlite3/static_mock.go
@@ -3,6 +3,7 @@
 // Use of this source code is governed by an MIT-style
 // license that can be found in the LICENSE file.
 
+//go:build !cgo
 // +build !cgo
 
 package sqlite3
@@ -28,10 +29,10 @@ type (
 )
 
 func (SQLiteDriver) Open(s string) (driver.Conn, error)                        { return nil, errorMsg }
-func (c *SQLiteConn) RegisterAggregator(string, interface{}, bool) error       { return errorMsg }
+func (c *SQLiteConn) RegisterAggregator(string, any, bool) error               { return errorMsg }
 func (c *SQLiteConn) RegisterAuthorizer(func(int, string, string, string) int) {}
 func (c *SQLiteConn) RegisterCollation(string, func(string, string) int) error { return errorMsg }
 func (c *SQLiteConn) RegisterCommitHook(func() int)                            {}
-func (c *SQLiteConn) RegisterFunc(string, interface{}, bool) error             { return errorMsg }
+func (c *SQLiteConn) RegisterFunc(string, any, bool) error                     { return errorMsg }
 func (c *SQLiteConn) RegisterRollbackHook(func())                              {}
 func (c *SQLiteConn) RegisterUpdateHook(func(int, string, string, int64))      {}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 9a7eaa0e2..e0681a2b2 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -68,8 +68,8 @@ github.com/kylelemons/go-gypsy/yaml
 github.com/lib/pq
 github.com/lib/pq/oid
 github.com/lib/pq/scram
-# github.com/mattn/go-sqlite3 v1.14.19
-## explicit; go 1.16
+# github.com/mattn/go-sqlite3 v1.14.20
+## explicit; go 1.19
 github.com/mattn/go-sqlite3
 # github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0
 ## explicit; go 1.19

From 71dd33843231afc7bff21716b8d25c973396a3f9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 5 Feb 2024 03:03:30 +0000
Subject: [PATCH 56/73] build(deps): bump codecov/codecov-action from 3 to 4

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3 to 4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/go.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index d18e8234a..d4b0eab6a 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -64,7 +64,7 @@ jobs:
       - run: ./bin/goose -path certdb/mysql up;
       - name: Test
         run: ./test.sh
-      - uses: codecov/codecov-action@v3
+      - uses: codecov/codecov-action@v4
 
   golangci:
     name: lint

From 710546a52bbfcbba9e7b78f482cc7fc2f1d72281 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 5 Feb 2024 03:41:17 +0000
Subject: [PATCH 57/73] build(deps): bump github.com/mattn/go-sqlite3 from
 1.14.20 to 1.14.22

Bumps [github.com/mattn/go-sqlite3](https://github.com/mattn/go-sqlite3) from 1.14.20 to 1.14.22.
- [Release notes](https://github.com/mattn/go-sqlite3/releases)
- [Commits](https://github.com/mattn/go-sqlite3/compare/v1.14.20...v1.14.22)

---
updated-dependencies:
- dependency-name: github.com/mattn/go-sqlite3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |   2 +-
 go.sum                                        |   4 +-
 .../mattn/go-sqlite3/sqlite3-binding.c        | 220 +++++++++++-------
 .../mattn/go-sqlite3/sqlite3-binding.h        |   6 +-
 vendor/github.com/mattn/go-sqlite3/sqlite3.go |  22 +-
 vendor/modules.txt                            |   2 +-
 6 files changed, 154 insertions(+), 102 deletions(-)

diff --git a/go.mod b/go.mod
index 20f7bd7ee..9e4c20b7b 100644
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
-	github.com/mattn/go-sqlite3 v1.14.20
+	github.com/mattn/go-sqlite3 v1.14.22
 	github.com/prometheus/client_golang v1.18.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
diff --git a/go.sum b/go.sum
index 520edb4da..8b7986f22 100644
--- a/go.sum
+++ b/go.sum
@@ -236,8 +236,8 @@ github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
 github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
-github.com/mattn/go-sqlite3 v1.14.20 h1:BAZ50Ns0OFBNxdAqFhbZqdPcht1Xlb16pDCqkq1spr0=
-github.com/mattn/go-sqlite3 v1.14.20/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
+github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
+github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
index 7bf32a69d..53d7560ec 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
@@ -1,7 +1,7 @@
 #ifndef USE_LIBSQLITE3
 /******************************************************************************
 ** This file is an amalgamation of many separate C source files from SQLite
-** version 3.45.0.  By combining all the individual C code files into this
+** version 3.45.1.  By combining all the individual C code files into this
 ** single large file, the entire code can be compiled as a single translation
 ** unit.  This allows many compilers to do optimizations that would not be
 ** possible if the files were compiled separately.  Performance improvements
@@ -19,7 +19,7 @@
 ** separate file. This file contains only code for the core SQLite library.
 **
 ** The content in this amalgamation comes from Fossil check-in
-** 1066602b2b1976fe58b5150777cced894af1.
+** e876e51a0ed5c5b3126f52e532044363a014.
 */
 #define SQLITE_CORE 1
 #define SQLITE_AMALGAMATION 1
@@ -460,9 +460,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.45.0"
-#define SQLITE_VERSION_NUMBER 3045000
-#define SQLITE_SOURCE_ID      "2024-01-15 17:01:13 1066602b2b1976fe58b5150777cced894af17c803e068f5918390d6915b46e1d"
+#define SQLITE_VERSION        "3.45.1"
+#define SQLITE_VERSION_NUMBER 3045001
+#define SQLITE_SOURCE_ID      "2024-01-30 16:01:20 e876e51a0ed5c5b3126f52e532044363a014bc594cfefa87ffb5b82257cc467a"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -43409,11 +43409,16 @@ static int unixFetch(sqlite3_file *fd, i64 iOff, int nAmt, void **pp){
 
 #if SQLITE_MAX_MMAP_SIZE>0
   if( pFd->mmapSizeMax>0 ){
+    /* Ensure that there is always at least a 256 byte buffer of addressable
+    ** memory following the returned page. If the database is corrupt,
+    ** SQLite may overread the page slightly (in practice only a few bytes,
+    ** but 256 is safe, round, number).  */
+    const int nEofBuffer = 256;
     if( pFd->pMapRegion==0 ){
       int rc = unixMapfile(pFd, -1);
       if( rc!=SQLITE_OK ) return rc;
     }
-    if( pFd->mmapSize >= iOff+nAmt ){
+    if( pFd->mmapSize >= (iOff+nAmt+nEofBuffer) ){
       *pp = &((u8 *)pFd->pMapRegion)[iOff];
       pFd->nFetchOut++;
     }
@@ -50766,6 +50771,11 @@ static int winFetch(sqlite3_file *fd, i64 iOff, int nAmt, void **pp){
 
 #if SQLITE_MAX_MMAP_SIZE>0
   if( pFd->mmapSizeMax>0 ){
+    /* Ensure that there is always at least a 256 byte buffer of addressable
+    ** memory following the returned page. If the database is corrupt,
+    ** SQLite may overread the page slightly (in practice only a few bytes,
+    ** but 256 is safe, round, number).  */
+    const int nEofBuffer = 256;
     if( pFd->pMapRegion==0 ){
       int rc = winMapfile(pFd, -1);
       if( rc!=SQLITE_OK ){
@@ -50774,7 +50784,7 @@ static int winFetch(sqlite3_file *fd, i64 iOff, int nAmt, void **pp){
         return rc;
       }
     }
-    if( pFd->mmapSize >= iOff+nAmt ){
+    if( pFd->mmapSize >= (iOff+nAmt+nEofBuffer) ){
       assert( pFd->pMapRegion!=0 );
       *pp = &((u8 *)pFd->pMapRegion)[iOff];
       pFd->nFetchOut++;
@@ -76403,7 +76413,10 @@ static SQLITE_NOINLINE int btreePrevious(BtCursor *pCur){
   }
 
   pPage = pCur->pPage;
-  assert( pPage->isInit );
+  if( sqlite3FaultSim(412) ) pPage->isInit = 0;
+  if( !pPage->isInit ){
+    return SQLITE_CORRUPT_BKPT;
+  }
   if( !pPage->leaf ){
     int idx = pCur->ix;
     rc = moveToChild(pCur, get4byte(findCell(pPage, idx)));
@@ -166813,7 +166826,10 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
 
   /* An ORDER/GROUP BY clause of more than 63 terms cannot be optimized */
   testcase( pOrderBy && pOrderBy->nExpr==BMS-1 );
-  if( pOrderBy && pOrderBy->nExpr>=BMS ) pOrderBy = 0;
+  if( pOrderBy && pOrderBy->nExpr>=BMS ){
+    pOrderBy = 0;
+    wctrlFlags &= ~WHERE_WANT_DISTINCT;
+  }
 
   /* The number of tables in the FROM clause is limited by the number of
   ** bits in a Bitmask
@@ -184750,6 +184766,8 @@ SQLITE_PRIVATE int sqlite3FtsUnicodeIsdiacritic(int);
 
 SQLITE_PRIVATE int sqlite3Fts3ExprIterate(Fts3Expr*, int (*x)(Fts3Expr*,int,void*), void*);
 
+SQLITE_PRIVATE int sqlite3Fts3IntegrityCheck(Fts3Table *p, int *pbOk);
+
 #endif /* !SQLITE_CORE || SQLITE_ENABLE_FTS3 */
 #endif /* _FTSINT_H */
 
@@ -188472,7 +188490,7 @@ static int fts3ShadowName(const char *zName){
 ** Implementation of the xIntegrity() method on the FTS3/FTS4 virtual
 ** table.
 */
-static int fts3Integrity(
+static int fts3IntegrityMethod(
   sqlite3_vtab *pVtab,      /* The virtual table to be checked */
   const char *zSchema,      /* Name of schema in which pVtab lives */
   const char *zTabname,     /* Name of the pVTab table */
@@ -188480,30 +188498,21 @@ static int fts3Integrity(
   char **pzErr              /* Write error message here */
 ){
   Fts3Table *p = (Fts3Table*)pVtab;
-  char *zSql;
   int rc;
-  char *zErr = 0;
+  int bOk = 0;
 
-  assert( pzErr!=0 );
-  assert( *pzErr==0 );
   UNUSED_PARAMETER(isQuick);
-  zSql = sqlite3_mprintf(
-            "INSERT INTO \"%w\".\"%w\"(\"%w\") VALUES('integrity-check');",
-            zSchema, zTabname, zTabname);
-  if( zSql==0 ){
-    return SQLITE_NOMEM;
-  }
-  rc = sqlite3_exec(p->db, zSql, 0, 0, &zErr);
-  sqlite3_free(zSql);
-  if( (rc&0xff)==SQLITE_CORRUPT ){
-    *pzErr = sqlite3_mprintf("malformed inverted index for FTS%d table %s.%s",
-                p->bFts4 ? 4 : 3, zSchema, zTabname);
-  }else if( rc!=SQLITE_OK ){
+  rc = sqlite3Fts3IntegrityCheck(p, &bOk);
+  assert( rc!=SQLITE_CORRUPT_VTAB || bOk==0 );
+  if( rc!=SQLITE_OK && rc!=SQLITE_CORRUPT_VTAB ){
     *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
                              " FTS%d table %s.%s: %s",
-                p->bFts4 ? 4 : 3, zSchema, zTabname, zErr);
+                p->bFts4 ? 4 : 3, zSchema, zTabname, sqlite3_errstr(rc));
+  }else if( bOk==0 ){
+    *pzErr = sqlite3_mprintf("malformed inverted index for FTS%d table %s.%s",
+                p->bFts4 ? 4 : 3, zSchema, zTabname);
   }
-  sqlite3_free(zErr);
+  sqlite3Fts3SegmentsClose(p);
   return SQLITE_OK;
 }
 
@@ -188534,7 +188543,7 @@ static const sqlite3_module fts3Module = {
   /* xRelease      */ fts3ReleaseMethod,
   /* xRollbackTo   */ fts3RollbackToMethod,
   /* xShadowName   */ fts3ShadowName,
-  /* xIntegrity    */ fts3Integrity,
+  /* xIntegrity    */ fts3IntegrityMethod,
 };
 
 /*
@@ -200088,7 +200097,7 @@ static u64 fts3ChecksumIndex(
 ** If an error occurs (e.g. an OOM or IO error), return an SQLite error
 ** code. The final value of *pbOk is undefined in this case.
 */
-static int fts3IntegrityCheck(Fts3Table *p, int *pbOk){
+SQLITE_PRIVATE int sqlite3Fts3IntegrityCheck(Fts3Table *p, int *pbOk){
   int rc = SQLITE_OK;             /* Return code */
   u64 cksum1 = 0;                 /* Checksum based on FTS index contents */
   u64 cksum2 = 0;                 /* Checksum based on %_content contents */
@@ -200166,7 +200175,7 @@ static int fts3IntegrityCheck(Fts3Table *p, int *pbOk){
     sqlite3_finalize(pStmt);
   }
 
-  *pbOk = (cksum1==cksum2);
+  *pbOk = (rc==SQLITE_OK && cksum1==cksum2);
   return rc;
 }
 
@@ -200206,7 +200215,7 @@ static int fts3DoIntegrityCheck(
 ){
   int rc;
   int bOk = 0;
-  rc = fts3IntegrityCheck(p, &bOk);
+  rc = sqlite3Fts3IntegrityCheck(p, &bOk);
   if( rc==SQLITE_OK && bOk==0 ) rc = FTS_CORRUPT_VTAB;
   return rc;
 }
@@ -203759,6 +203768,16 @@ static void jsonAppendChar(JsonString *p, char c){
   }
 }
 
+/* Remove a single character from the end of the string
+*/
+static void jsonStringTrimOneChar(JsonString *p){
+  if( p->eErr==0 ){
+    assert( p->nUsed>0 );
+    p->nUsed--;
+  }
+}
+
+
 /* Make sure there is a zero terminator on p->zBuf[]
 **
 ** Return true on success.  Return false if an OOM prevents this
@@ -203766,7 +203785,7 @@ static void jsonAppendChar(JsonString *p, char c){
 */
 static int jsonStringTerminate(JsonString *p){
   jsonAppendChar(p, 0);
-  p->nUsed--;
+  jsonStringTrimOneChar(p);
   return p->eErr==0;
 }
 
@@ -205232,8 +205251,8 @@ static u32 jsonbPayloadSize(const JsonParse *pParse, u32 i, u32 *pSz){
          (pParse->aBlob[i+7]<<8) + pParse->aBlob[i+8];
     n = 9;
   }
-  if( i+sz+n > pParse->nBlob
-   && i+sz+n > pParse->nBlob-pParse->delta
+  if( (i64)i+sz+n > pParse->nBlob
+   && (i64)i+sz+n > pParse->nBlob-pParse->delta
   ){
     sz = 0;
     n = 0;
@@ -205283,6 +205302,7 @@ static u32 jsonTranslateBlobToText(
     }
     case JSONB_INT:
     case JSONB_FLOAT: {
+      if( sz==0 ) goto malformed_jsonb;
       jsonAppendRaw(pOut, (const char*)&pParse->aBlob[i+n], sz);
       break;
     }
@@ -205291,6 +205311,7 @@ static u32 jsonTranslateBlobToText(
       sqlite3_uint64 u = 0;
       const char *zIn = (const char*)&pParse->aBlob[i+n];
       int bOverflow = 0;
+      if( sz==0 ) goto malformed_jsonb;
       if( zIn[0]=='-' ){
         jsonAppendChar(pOut, '-');
         k++;
@@ -205313,6 +205334,7 @@ static u32 jsonTranslateBlobToText(
     case JSONB_FLOAT5: { /* Float literal missing digits beside "." */
       u32 k = 0;
       const char *zIn = (const char*)&pParse->aBlob[i+n];
+      if( sz==0 ) goto malformed_jsonb;
       if( zIn[0]=='-' ){
         jsonAppendChar(pOut, '-');
         k++;
@@ -205426,11 +205448,12 @@ static u32 jsonTranslateBlobToText(
       jsonAppendChar(pOut, '[');
       j = i+n;
       iEnd = j+sz;
-      while( jeErr==0 ){
         j = jsonTranslateBlobToText(pParse, j, pOut);
         jsonAppendChar(pOut, ',');
       }
-      if( sz>0 ) pOut->nUsed--;
+      if( j>iEnd ) pOut->eErr |= JSTRING_MALFORMED;
+      if( sz>0 ) jsonStringTrimOneChar(pOut);
       jsonAppendChar(pOut, ']');
       break;
     }
@@ -205439,17 +205462,18 @@ static u32 jsonTranslateBlobToText(
       jsonAppendChar(pOut, '{');
       j = i+n;
       iEnd = j+sz;
-      while( jeErr==0 ){
         j = jsonTranslateBlobToText(pParse, j, pOut);
         jsonAppendChar(pOut, (x++ & 1) ? ',' : ':');
       }
-      if( x & 1 ) pOut->eErr |= JSTRING_MALFORMED;
-      if( sz>0 ) pOut->nUsed--;
+      if( (x & 1)!=0 || j>iEnd ) pOut->eErr |= JSTRING_MALFORMED;
+      if( sz>0 ) jsonStringTrimOneChar(pOut);
       jsonAppendChar(pOut, '}');
       break;
     }
 
     default: {
+      malformed_jsonb:
       pOut->eErr |= JSTRING_MALFORMED;
       break;
     }
@@ -206376,6 +206400,38 @@ static void jsonInsertIntoBlob(
   return;
 }
 
+/*
+** If pArg is a blob that seems like a JSONB blob, then initialize
+** p to point to that JSONB and return TRUE.  If pArg does not seem like
+** a JSONB blob, then return FALSE;
+**
+** This routine is only called if it is already known that pArg is a
+** blob.  The only open question is whether or not the blob appears
+** to be a JSONB blob.
+*/
+static int jsonArgIsJsonb(sqlite3_value *pArg, JsonParse *p){
+  u32 n, sz = 0;
+  p->aBlob = (u8*)sqlite3_value_blob(pArg);
+  p->nBlob = (u32)sqlite3_value_bytes(pArg);
+  if( p->nBlob==0 ){
+    p->aBlob = 0;
+    return 0;
+  }
+  if( NEVER(p->aBlob==0) ){
+    return 0;
+  }
+  if( (p->aBlob[0] & 0x0f)<=JSONB_OBJECT
+   && (n = jsonbPayloadSize(p, 0, &sz))>0
+   && sz+n==p->nBlob
+   && ((p->aBlob[0] & 0x0f)>JSONB_FALSE || sz==0)
+  ){
+    return 1;
+  }
+  p->aBlob = 0;
+  p->nBlob = 0;
+  return 0;
+}
+
 /*
 ** Generate a JsonParse object, containing valid JSONB in aBlob and nBlob,
 ** from the SQL function argument pArg.  Return a pointer to the new
@@ -206432,29 +206488,24 @@ static JsonParse *jsonParseFuncArg(
     return p;
   }
   if( eType==SQLITE_BLOB ){
-    u32 n, sz = 0;
-    p->aBlob = (u8*)sqlite3_value_blob(pArg);
-    p->nBlob = (u32)sqlite3_value_bytes(pArg);
-    if( p->nBlob==0 ){
-      goto json_pfa_malformed;
-    }
-    if( NEVER(p->aBlob==0) ){
-      goto json_pfa_oom;
-    }
-    if( (p->aBlob[0] & 0x0f)>JSONB_OBJECT ){
-      goto json_pfa_malformed;
-    }
-    n = jsonbPayloadSize(p, 0, &sz);
-    if( n==0
-     || sz+n!=p->nBlob
-     || ((p->aBlob[0] & 0x0f)<=JSONB_FALSE && sz>0)
-    ){
-      goto json_pfa_malformed;
-    }
-    if( (flgs & JSON_EDITABLE)!=0 && jsonBlobMakeEditable(p, 0)==0 ){
-      goto json_pfa_oom;
+    if( jsonArgIsJsonb(pArg,p) ){
+      if( (flgs & JSON_EDITABLE)!=0 && jsonBlobMakeEditable(p, 0)==0 ){
+        goto json_pfa_oom;
+      }
+      return p;
     }
-    return p;
+    /* If the blob is not valid JSONB, fall through into trying to cast
+    ** the blob into text which is then interpreted as JSON.  (tag-20240123-a)
+    **
+    ** This goes against all historical documentation about how the SQLite
+    ** JSON functions were suppose to work.  From the beginning, blob was
+    ** reserved for expansion and a blob value should have raised an error.
+    ** But it did not, due to a bug.  And many applications came to depend
+    ** upon this buggy behavior, espeically when using the CLI and reading
+    ** JSON text using readfile(), which returns a blob.  For this reason
+    ** we will continue to support the bug moving forward.
+    ** See for example https://sqlite.org/forum/forumpost/012136abd5292b8d
+    */
   }
   p->zJson = (char*)sqlite3_value_text(pArg);
   p->nJson = sqlite3_value_bytes(pArg);
@@ -207430,12 +207481,12 @@ static void jsonValidFunc(
       return;
     }
     case SQLITE_BLOB: {
-      if( (flags & 0x0c)!=0 && jsonFuncArgMightBeBinary(argv[0]) ){
+      if( jsonFuncArgMightBeBinary(argv[0]) ){
         if( flags & 0x04 ){
           /* Superficial checking only - accomplished by the
           ** jsonFuncArgMightBeBinary() call above. */
           res = 1;
-        }else{
+        }else if( flags & 0x08 ){
           /* Strict checking.  Check by translating BLOB->TEXT->BLOB.  If
           ** no errors occur, call that a "strict check". */
           JsonParse px;
@@ -207446,8 +207497,11 @@ static void jsonValidFunc(
           iErr = jsonbValidityCheck(&px, 0, px.nBlob, 1);
           res = iErr==0;
         }
+        break;
       }
-      break;
+      /* Fall through into interpreting the input as text.  See note
+      ** above at tag-20240123-a. */
+      /* no break */ deliberate_fall_through
     }
     default: {
       JsonParse px;
@@ -207572,7 +207626,7 @@ static void jsonArrayCompute(sqlite3_context *ctx, int isFinal){
       if( isFinal ){
         if( !pStr->bStatic ) sqlite3RCStrUnref(pStr->zBuf);
       }else{
-        pStr->nUsed--;
+        jsonStringTrimOneChar(pStr);
       }
       return;
     }else if( isFinal ){
@@ -207582,7 +207636,7 @@ static void jsonArrayCompute(sqlite3_context *ctx, int isFinal){
       pStr->bStatic = 1;
     }else{
       sqlite3_result_text(ctx, pStr->zBuf, (int)pStr->nUsed, SQLITE_TRANSIENT);
-      pStr->nUsed--;
+      jsonStringTrimOneChar(pStr);
     }
   }else{
     sqlite3_result_text(ctx, "[]", 2, SQLITE_STATIC);
@@ -207692,7 +207746,7 @@ static void jsonObjectCompute(sqlite3_context *ctx, int isFinal){
       if( isFinal ){
         if( !pStr->bStatic ) sqlite3RCStrUnref(pStr->zBuf);
       }else{
-        pStr->nUsed--;
+        jsonStringTrimOneChar(pStr);
       }
       return;
     }else if( isFinal ){
@@ -207702,7 +207756,7 @@ static void jsonObjectCompute(sqlite3_context *ctx, int isFinal){
       pStr->bStatic = 1;
     }else{
       sqlite3_result_text(ctx, pStr->zBuf, (int)pStr->nUsed, SQLITE_TRANSIENT);
-      pStr->nUsed--;
+      jsonStringTrimOneChar(pStr);
     }
   }else{
     sqlite3_result_text(ctx, "{}", 2, SQLITE_STATIC);
@@ -208183,13 +208237,9 @@ static int jsonEachFilter(
   memset(&p->sParse, 0, sizeof(p->sParse));
   p->sParse.nJPRef = 1;
   p->sParse.db = p->db;
-  if( sqlite3_value_type(argv[0])==SQLITE_BLOB ){
-    if( jsonFuncArgMightBeBinary(argv[0]) ){
-      p->sParse.nBlob = sqlite3_value_bytes(argv[0]);
-      p->sParse.aBlob = (u8*)sqlite3_value_blob(argv[0]);
-    }else{
-      goto json_each_malformed_input;
-    }
+  if( jsonFuncArgMightBeBinary(argv[0]) ){
+    p->sParse.nBlob = sqlite3_value_bytes(argv[0]);
+    p->sParse.aBlob = (u8*)sqlite3_value_blob(argv[0]);
   }else{
     p->sParse.zJson = (char*)sqlite3_value_text(argv[0]);
     p->sParse.nJson = sqlite3_value_bytes(argv[0]);
@@ -250498,7 +250548,7 @@ static void fts5SourceIdFunc(
 ){
   assert( nArg==0 );
   UNUSED_PARAM2(nArg, apUnused);
-  sqlite3_result_text(pCtx, "fts5: 2024-01-15 17:01:13 1066602b2b1976fe58b5150777cced894af17c803e068f5918390d6915b46e1d", -1, SQLITE_TRANSIENT);
+  sqlite3_result_text(pCtx, "fts5: 2024-01-30 16:01:20 e876e51a0ed5c5b3126f52e532044363a014bc594cfefa87ffb5b82257cc467a", -1, SQLITE_TRANSIENT);
 }
 
 /*
@@ -250529,27 +250579,21 @@ static int fts5IntegrityMethod(
   char **pzErr            /* Write error message here */
 ){
   Fts5FullTable *pTab = (Fts5FullTable*)pVtab;
-  Fts5Config *pConfig = pTab->p.pConfig;
-  char *zSql;
-  char *zErr = 0;
   int rc;
+
   assert( pzErr!=0 && *pzErr==0 );
   UNUSED_PARAM(isQuick);
-  zSql = sqlite3_mprintf(
-            "INSERT INTO \"%w\".\"%w\"(\"%w\") VALUES('integrity-check');",
-            zSchema, zTabname, pConfig->zName);
-  if( zSql==0 ) return SQLITE_NOMEM;
-  rc = sqlite3_exec(pConfig->db, zSql, 0, 0, &zErr);
-  sqlite3_free(zSql);
+  rc = sqlite3Fts5StorageIntegrity(pTab->pStorage, 0);
   if( (rc&0xff)==SQLITE_CORRUPT ){
     *pzErr = sqlite3_mprintf("malformed inverted index for FTS5 table %s.%s",
                 zSchema, zTabname);
   }else if( rc!=SQLITE_OK ){
     *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
                              " FTS5 table %s.%s: %s",
-                zSchema, zTabname, zErr);
+                zSchema, zTabname, sqlite3_errstr(rc));
   }
-  sqlite3_free(zErr);
+  sqlite3Fts5IndexCloseReader(pTab->p.pIndex);
+
   return SQLITE_OK;
 }
 
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
index ff58e2e73..a07a51952 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
@@ -147,9 +147,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.45.0"
-#define SQLITE_VERSION_NUMBER 3045000
-#define SQLITE_SOURCE_ID      "2024-01-15 17:01:13 1066602b2b1976fe58b5150777cced894af17c803e068f5918390d6915b46e1d"
+#define SQLITE_VERSION        "3.45.1"
+#define SQLITE_VERSION_NUMBER 3045001
+#define SQLITE_SOURCE_ID      "2024-01-30 16:01:20 e876e51a0ed5c5b3126f52e532044363a014bc594cfefa87ffb5b82257cc467a"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
index a16d8abf3..4b3b6cab5 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
@@ -875,14 +875,16 @@ func (c *SQLiteConn) exec(ctx context.Context, query string, args []driver.Named
 			// consume the number of arguments used in the current
 			// statement and append all named arguments not
 			// contained therein
-			stmtArgs = append(stmtArgs, args[start:start+na]...)
-			for i := range args {
-				if (i < start || i >= na) && args[i].Name != "" {
-					stmtArgs = append(stmtArgs, args[i])
+			if len(args[start:start+na]) > 0 {
+				stmtArgs = append(stmtArgs, args[start:start+na]...)
+				for i := range args {
+					if (i < start || i >= na) && args[i].Name != "" {
+						stmtArgs = append(stmtArgs, args[i])
+					}
+				}
+				for i := range stmtArgs {
+					stmtArgs[i].Ordinal = i + 1
 				}
-			}
-			for i := range stmtArgs {
-				stmtArgs[i].Ordinal = i + 1
 			}
 			res, err = s.(*SQLiteStmt).exec(ctx, stmtArgs)
 			if err != nil && err != driver.ErrSkip {
@@ -1906,6 +1908,7 @@ func (s *SQLiteStmt) Close() error {
 	if rv != C.SQLITE_OK {
 		return s.c.lastError()
 	}
+	s.c = nil
 	runtime.SetFinalizer(s, nil)
 	return nil
 }
@@ -2011,6 +2014,7 @@ func (s *SQLiteStmt) query(ctx context.Context, args []driver.NamedValue) (drive
 		closed:   false,
 		ctx:      ctx,
 	}
+	runtime.SetFinalizer(rows, (*SQLiteRows).Close)
 
 	return rows, nil
 }
@@ -2056,6 +2060,7 @@ func (s *SQLiteStmt) exec(ctx context.Context, args []driver.NamedValue) (driver
 		err error
 	}
 	resultCh := make(chan result)
+	defer close(resultCh)
 	go func() {
 		r, err := s.execSync(args)
 		resultCh <- result{r, err}
@@ -2122,6 +2127,8 @@ func (rc *SQLiteRows) Close() error {
 		return rc.s.c.lastError()
 	}
 	rc.s.mu.Unlock()
+	rc.s = nil
+	runtime.SetFinalizer(rc, nil)
 	return nil
 }
 
@@ -2168,6 +2175,7 @@ func (rc *SQLiteRows) Next(dest []driver.Value) error {
 		return rc.nextSyncLocked(dest)
 	}
 	resultCh := make(chan error)
+	defer close(resultCh)
 	go func() {
 		resultCh <- rc.nextSyncLocked(dest)
 	}()
diff --git a/vendor/modules.txt b/vendor/modules.txt
index b5f0c6816..5580b3f3a 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -68,7 +68,7 @@ github.com/kylelemons/go-gypsy/yaml
 github.com/lib/pq
 github.com/lib/pq/oid
 github.com/lib/pq/scram
-# github.com/mattn/go-sqlite3 v1.14.20
+# github.com/mattn/go-sqlite3 v1.14.22
 ## explicit; go 1.19
 github.com/mattn/go-sqlite3
 # github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0

From 5ac7cd977a1a07080b12bebdec81118a2709755e Mon Sep 17 00:00:00 2001
From: Scott Hussey 
Date: Sun, 11 Feb 2024 12:27:56 -0600
Subject: [PATCH 58/73] Add unit test for custom extension supt

  - Test that a CSR custom OID extension is correctly included
    in the resulting certificate
---
 selfsign/selfsign_test.go       | 54 +++++++++++++++++++
 selfsign/testdata/extension.csr | 95 +++++++++++++++++++++++++++++++++
 2 files changed, 149 insertions(+)
 create mode 100644 selfsign/testdata/extension.csr

diff --git a/selfsign/selfsign_test.go b/selfsign/selfsign_test.go
index af38aebb9..afac6bf57 100644
--- a/selfsign/selfsign_test.go
+++ b/selfsign/selfsign_test.go
@@ -3,6 +3,7 @@ package selfsign
 import (
 	"crypto/x509"
 	"encoding/pem"
+	"encoding/asn1"
 	"net"
 	"net/url"
 	"os"
@@ -19,6 +20,8 @@ const (
 	csrFile = "testdata/localhost.csr"
 
 	csr2File = "testdata/sans.csr"
+
+	extCsrFile = "testdata/extension.csr"
 )
 
 func TestDefaultSign(t *testing.T) {
@@ -101,3 +104,54 @@ func TestSANs(t *testing.T) {
 	}
 
 }
+
+func TestExtensions(t *testing.T){
+	csrBytes, err := os.ReadFile(extCsrFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+	keyBytes, err := os.ReadFile(keyFile)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	priv, err := helpers.ParsePrivateKeyPEM(keyBytes)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	profile := config.DefaultConfig()
+	profile.Expiry = 10 * time.Hour
+
+	certData, err := Sign(priv, csrBytes, profile)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	cert, err := helpers.ParseCertificatePEM(certData)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// Testing for 1.3.6.1.4.1.311.84.1.1=ASN1:UTF8String:example1
+	extFound := false
+	sampleCustomOid := asn1.ObjectIdentifier{1,3,6,1,4,1,311,84,1,1}
+	sampleValue := "example1"
+
+	for _, e := range cert.Extensions {
+		if(e.Id.Equal(sampleCustomOid) ){
+			var extValue string
+			_, err = asn1.Unmarshal(e.Value, &extValue)
+			if err != nil {
+				t.Fatal(err)
+			}
+			if(extValue == sampleValue){
+				extFound = true
+			}
+		}
+	}
+
+	if !extFound {
+		t.Errorf("Custom x509 extension not found in certificate.")
+	}
+}
diff --git a/selfsign/testdata/extension.csr b/selfsign/testdata/extension.csr
new file mode 100644
index 000000000..1bc4f2e37
--- /dev/null
+++ b/selfsign/testdata/extension.csr
@@ -0,0 +1,95 @@
+Certificate Request:
+    Data:
+        Version: 1 (0x0)
+        Subject: CN = example.com, C = ER, ST = Everywhere, L = Somewhere
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                RSA Public-Key: (3072 bit)
+                Modulus:
+                    00:c2:9f:3d:fb:4e:2d:06:d6:6e:b2:21:2e:66:cf:
+                    72:41:91:81:32:27:09:1f:16:b4:1c:5a:4e:7a:91:
+                    58:e3:dc:d8:7a:f8:44:95:dc:94:4d:cf:49:d7:d6:
+                    5c:56:b7:ec:40:2f:a9:fd:2f:e5:26:9d:b4:5d:ea:
+                    8d:07:1d:34:c4:73:3c:7b:a3:3c:1e:f3:62:24:71:
+                    aa:7c:ac:9a:41:33:11:78:87:50:8b:a7:01:17:e2:
+                    cc:4e:bd:68:dd:09:2e:25:04:db:81:f8:01:87:15:
+                    a2:e4:be:03:48:23:1f:e6:ef:f1:0f:69:96:7e:dc:
+                    7d:f0:d1:7e:43:b2:3a:5e:69:94:ce:94:b9:cd:75:
+                    ff:0d:b1:6c:9f:75:3a:e5:c2:17:f4:cc:23:f9:44:
+                    45:bf:ca:e8:68:c0:52:c2:45:9f:85:aa:89:1a:50:
+                    20:99:fa:e8:b1:1d:3e:7d:a2:ff:67:33:a5:42:38:
+                    28:3d:c5:65:70:9d:2f:67:5f:ab:5b:04:d0:77:65:
+                    ae:9d:78:01:0d:54:cf:38:e6:0e:b0:d9:e8:ec:26:
+                    bf:5c:2b:96:5b:51:90:01:3a:6f:ae:f8:77:cc:88:
+                    39:18:f7:6d:81:93:2d:b4:6d:6d:5b:6c:62:d9:58:
+                    d6:ba:74:cc:17:2f:45:77:d1:aa:4b:d1:6b:d2:f1:
+                    97:89:b6:7d:26:9e:68:b5:07:74:b9:7e:3c:06:4e:
+                    4b:1e:cb:4c:88:02:bc:f9:27:8f:2e:7b:ff:dc:af:
+                    83:90:71:0e:71:3c:02:79:ea:4d:e5:42:23:a0:7d:
+                    31:3b:45:78:ff:1f:6a:e5:50:82:eb:0a:48:7d:59:
+                    c9:40:3d:33:3d:fa:99:88:71:27:05:90:c7:50:4f:
+                    e6:8b:99:c9:03:33:30:8c:8d:d6:58:4b:ed:18:7e:
+                    5c:46:2a:d9:23:8e:56:0e:45:7d:5d:ee:ef:b8:7f:
+                    d3:f5:f6:c3:9e:ec:26:3c:23:18:56:2e:d2:3a:5b:
+                    8d:d3:9f:6b:3d:f4:f7:51:ec:93
+                Exponent: 65537 (0x10001)
+        Attributes:
+        Requested Extensions:
+            X509v3 Subject Key Identifier: 
+                14:1E:80:FB:13:4C:2E:A3:99:BE:0C:DE:6F:FE:76:1A:E5:55:6D:2D
+            X509v3 Key Usage: critical
+                Digital Signature, Key Encipherment
+            X509v3 Extended Key Usage: critical
+                TLS Web Server Authentication, TLS Web Client Authentication
+            1.3.6.1.4.1.311.84.1.1: 
+                ..example1
+            X509v3 Subject Alternative Name: 
+                DNS:example.com
+    Signature Algorithm: sha256WithRSAEncryption
+         a6:28:f3:bf:2a:eb:1b:85:24:57:10:f2:0e:ac:4c:af:0f:fb:
+         b0:e0:19:2c:9c:a8:b4:a9:29:f0:10:68:66:67:dd:fd:db:be:
+         3d:33:fb:50:4a:ad:74:0a:8d:9f:4e:6e:8b:22:e8:1f:9b:d4:
+         ad:d4:9e:20:aa:e0:60:01:81:c5:1c:36:6c:e2:df:53:0e:34:
+         42:d3:77:6e:fa:8b:45:1f:13:cc:56:6a:c0:65:8b:d1:33:b8:
+         01:3d:06:99:41:16:e9:5b:11:6a:a3:0b:b3:e3:df:cb:5d:34:
+         13:dd:59:c2:69:be:c9:73:f5:92:19:52:ba:33:30:bd:38:c5:
+         34:3a:ed:b3:cc:5f:2a:83:e2:6d:d9:e0:7c:b7:b3:6a:26:52:
+         4c:dd:fd:6a:50:42:35:4b:60:aa:4c:66:dc:fe:08:ca:ca:2d:
+         2e:aa:78:81:af:84:8f:da:db:fe:54:e6:f1:94:0e:59:36:de:
+         c8:4a:bf:ea:ce:e1:83:11:07:b3:ca:f5:98:eb:d8:ff:0c:f0:
+         1d:97:ec:b2:dd:f5:01:4e:29:42:45:ba:45:ee:13:77:50:92:
+         7e:17:01:d0:b5:03:29:01:f3:72:d6:28:d1:ad:86:a5:9e:c8:
+         4e:43:c9:09:de:45:eb:1b:c4:ed:10:45:2c:74:6e:66:8a:81:
+         8d:4d:54:72:7d:42:60:32:57:6f:ea:b3:76:96:58:68:3a:45:
+         bb:78:3d:60:9d:4d:8a:27:f4:31:fd:df:7b:97:08:3b:9d:84:
+         14:47:6a:31:99:94:f5:0e:66:bd:62:5c:59:80:6d:a9:5e:dc:
+         a0:a5:0f:be:ec:e3:d5:36:07:b8:39:80:2e:26:aa:18:fe:bf:
+         77:ac:85:d9:4d:08:08:e2:9f:d5:57:88:45:54:b0:a6:e8:3e:
+         90:41:19:c3:a7:b6:df:eb:5a:d6:0d:4d:92:3b:94:cf:16:45:
+         cb:67:52:f4:5d:4e:e7:18:cb:ba:9f:a4:50:21:3d:ab:38:48:
+         05:9f:bf:1c:72:b5
+-----BEGIN CERTIFICATE REQUEST-----
+MIIEKTCCApECAQAwTDEUMBIGA1UEAwwLZXhhbXBsZS5jb20xCzAJBgNVBAYTAkVS
+MRMwEQYDVQQIDApFdmVyeXdoZXJlMRIwEAYDVQQHDAlTb21ld2hlcmUwggGiMA0G
+CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDCnz37Ti0G1m6yIS5mz3JBkYEyJwkf
+FrQcWk56kVjj3Nh6+ESV3JRNz0nX1lxWt+xAL6n9L+UmnbRd6o0HHTTEczx7ozwe
+82Ikcap8rJpBMxF4h1CLpwEX4sxOvWjdCS4lBNuB+AGHFaLkvgNIIx/m7/EPaZZ+
+3H3w0X5DsjpeaZTOlLnNdf8NsWyfdTrlwhf0zCP5REW/yuhowFLCRZ+FqokaUCCZ
++uixHT59ov9nM6VCOCg9xWVwnS9nX6tbBNB3Za6deAENVM845g6w2ejsJr9cK5Zb
+UZABOm+u+HfMiDkY922Bky20bW1bbGLZWNa6dMwXL0V30apL0WvS8ZeJtn0mnmi1
+B3S5fjwGTksey0yIArz5J48ue//cr4OQcQ5xPAJ56k3lQiOgfTE7RXj/H2rlUILr
+Ckh9WclAPTM9+pmIcScFkMdQT+aLmckDMzCMjdZYS+0YflxGKtkjjlYORX1d7u+4
+f9P19sOe7CY8IxhWLtI6W43Tn2s99PdR7JMCAwEAAaCBlzCBlAYJKoZIhvcNAQkO
+MYGGMIGDMB0GA1UdDgQWBBQUHoD7E0wuo5m+DN5v/nYa5VVtLTAOBgNVHQ8BAf8E
+BAMCBaAwIAYDVR0lAQH/BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGCisGAQQB
+gjdUAQEECgwIZXhhbXBsZTEwFgYDVR0RBA8wDYILZXhhbXBsZS5jb20wDQYJKoZI
+hvcNAQELBQADggGBAKYo878q6xuFJFcQ8g6sTK8P+7DgGSycqLSpKfAQaGZn3f3b
+vj0z+1BKrXQKjZ9Obosi6B+b1K3UniCq4GABgcUcNmzi31MONELTd276i0UfE8xW
+asBli9EzuAE9BplBFulbEWqjC7Pj38tdNBPdWcJpvslz9ZIZUrozML04xTQ67bPM
+XyqD4m3Z4Hy3s2omUkzd/WpQQjVLYKpMZtz+CMrKLS6qeIGvhI/a2/5U5vGUDlk2
+3shKv+rO4YMRB7PK9Zjr2P8M8B2X7LLd9QFOKUJFukXuE3dQkn4XAdC1AykB83LW
+KNGthqWeyE5DyQneResbxO0QRSx0bmaKgY1NVHJ9QmAyV2/qs3aWWGg6Rbt4PWCd
+TYon9DH933uXCDudhBRHajGZlPUOZr1iXFmAbale3KClD77s49U2B7g5gC4mqhj+
+v3eshdlNCAjin9VXiEVUsKboPpBBGcOntt/rWtYNTZI7lM8WRctnUvRdTucYy7qf
+pFAhPas4SAWfvxxytQ==
+-----END CERTIFICATE REQUEST-----

From f19cf511ff15228d56131de28489ebca11c9c02e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 12 Feb 2024 03:05:34 +0000
Subject: [PATCH 59/73] build(deps): bump golangci/golangci-lint-action from 3
 to 4

Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3 to 4.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] 
---
 .github/workflows/go.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index d4b0eab6a..a296f5123 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -75,4 +75,4 @@ jobs:
           go-version: 1.18
       - uses: actions/checkout@v4
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v3
+        uses: golangci/golangci-lint-action@v4

From ca7fd5010640c817483ce6bb80c18ce0046cf05e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 12 Feb 2024 03:50:50 +0000
Subject: [PATCH 60/73] build(deps): bump golang.org/x/crypto from 0.18.0 to
 0.19.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.18.0 to 0.19.0.
- [Commits](https://github.com/golang/crypto/compare/v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |   4 +-
 go.sum                                        |  10 +-
 vendor/golang.org/x/sys/unix/mkerrors.sh      |   2 +-
 vendor/golang.org/x/sys/unix/zerrors_linux.go |  36 ++++-
 .../x/sys/unix/zerrors_linux_386.go           |   3 +
 .../x/sys/unix/zerrors_linux_amd64.go         |   3 +
 .../x/sys/unix/zerrors_linux_arm.go           |   3 +
 .../x/sys/unix/zerrors_linux_arm64.go         |   3 +
 .../x/sys/unix/zerrors_linux_loong64.go       |   3 +
 .../x/sys/unix/zerrors_linux_mips.go          |   3 +
 .../x/sys/unix/zerrors_linux_mips64.go        |   3 +
 .../x/sys/unix/zerrors_linux_mips64le.go      |   3 +
 .../x/sys/unix/zerrors_linux_mipsle.go        |   3 +
 .../x/sys/unix/zerrors_linux_ppc.go           |   3 +
 .../x/sys/unix/zerrors_linux_ppc64.go         |   3 +
 .../x/sys/unix/zerrors_linux_ppc64le.go       |   3 +
 .../x/sys/unix/zerrors_linux_riscv64.go       |   3 +
 .../x/sys/unix/zerrors_linux_s390x.go         |   3 +
 .../x/sys/unix/zerrors_linux_sparc64.go       |   3 +
 .../x/sys/unix/zsysnum_linux_386.go           |   4 +
 .../x/sys/unix/zsysnum_linux_amd64.go         |   3 +
 .../x/sys/unix/zsysnum_linux_arm.go           |   4 +
 .../x/sys/unix/zsysnum_linux_arm64.go         |   4 +
 .../x/sys/unix/zsysnum_linux_loong64.go       |   4 +
 .../x/sys/unix/zsysnum_linux_mips.go          |   4 +
 .../x/sys/unix/zsysnum_linux_mips64.go        |   4 +
 .../x/sys/unix/zsysnum_linux_mips64le.go      |   4 +
 .../x/sys/unix/zsysnum_linux_mipsle.go        |   4 +
 .../x/sys/unix/zsysnum_linux_ppc.go           |   4 +
 .../x/sys/unix/zsysnum_linux_ppc64.go         |   4 +
 .../x/sys/unix/zsysnum_linux_ppc64le.go       |   4 +
 .../x/sys/unix/zsysnum_linux_riscv64.go       |   4 +
 .../x/sys/unix/zsysnum_linux_s390x.go         |   4 +
 .../x/sys/unix/zsysnum_linux_sparc64.go       |   4 +
 vendor/golang.org/x/sys/unix/ztypes_linux.go  | 125 +++++++++---------
 .../golang.org/x/sys/windows/env_windows.go   |  17 ++-
 .../x/sys/windows/syscall_windows.go          |   3 +-
 vendor/modules.txt                            |   4 +-
 38 files changed, 225 insertions(+), 80 deletions(-)

diff --git a/go.mod b/go.mod
index 9e4c20b7b..5e52e09bd 100644
--- a/go.mod
+++ b/go.mod
@@ -16,7 +16,7 @@ require (
 	github.com/prometheus/client_golang v1.18.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.18.0
+	golang.org/x/crypto v0.19.0
 )
 
 require (
@@ -34,7 +34,7 @@ require (
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
 	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/sys v0.16.0 // indirect
+	golang.org/x/sys v0.17.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
diff --git a/go.sum b/go.sum
index 8b7986f22..ff28ffe45 100644
--- a/go.sum
+++ b/go.sum
@@ -385,8 +385,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
-golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
+golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo=
+golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -528,14 +528,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
-golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE=
+golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index c6492020e..fdcaa974d 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -584,7 +584,7 @@ ccflags="$@"
 		$2 ~ /^KEY_(SPEC|REQKEY_DEFL)_/ ||
 		$2 ~ /^KEYCTL_/ ||
 		$2 ~ /^PERF_/ ||
-		$2 ~ /^SECCOMP_MODE_/ ||
+		$2 ~ /^SECCOMP_/ ||
 		$2 ~ /^SEEK_/ ||
 		$2 ~ /^SCHED_/ ||
 		$2 ~ /^SPLICE_/ ||
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index a5d3ff8df..36bf8399f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -1785,6 +1785,8 @@ const (
 	LANDLOCK_ACCESS_FS_REMOVE_FILE              = 0x20
 	LANDLOCK_ACCESS_FS_TRUNCATE                 = 0x4000
 	LANDLOCK_ACCESS_FS_WRITE_FILE               = 0x2
+	LANDLOCK_ACCESS_NET_BIND_TCP                = 0x1
+	LANDLOCK_ACCESS_NET_CONNECT_TCP             = 0x2
 	LANDLOCK_CREATE_RULESET_VERSION             = 0x1
 	LINUX_REBOOT_CMD_CAD_OFF                    = 0x0
 	LINUX_REBOOT_CMD_CAD_ON                     = 0x89abcdef
@@ -2465,6 +2467,7 @@ const (
 	PR_MCE_KILL_GET                             = 0x22
 	PR_MCE_KILL_LATE                            = 0x0
 	PR_MCE_KILL_SET                             = 0x1
+	PR_MDWE_NO_INHERIT                          = 0x2
 	PR_MDWE_REFUSE_EXEC_GAIN                    = 0x1
 	PR_MPX_DISABLE_MANAGEMENT                   = 0x2c
 	PR_MPX_ENABLE_MANAGEMENT                    = 0x2b
@@ -2669,8 +2672,9 @@ const (
 	RTAX_FEATURES                               = 0xc
 	RTAX_FEATURE_ALLFRAG                        = 0x8
 	RTAX_FEATURE_ECN                            = 0x1
-	RTAX_FEATURE_MASK                           = 0xf
+	RTAX_FEATURE_MASK                           = 0x1f
 	RTAX_FEATURE_SACK                           = 0x2
+	RTAX_FEATURE_TCP_USEC_TS                    = 0x10
 	RTAX_FEATURE_TIMESTAMP                      = 0x4
 	RTAX_HOPLIMIT                               = 0xa
 	RTAX_INITCWND                               = 0xb
@@ -2913,9 +2917,38 @@ const (
 	SCM_RIGHTS                                  = 0x1
 	SCM_TIMESTAMP                               = 0x1d
 	SC_LOG_FLUSH                                = 0x100000
+	SECCOMP_ADDFD_FLAG_SEND                     = 0x2
+	SECCOMP_ADDFD_FLAG_SETFD                    = 0x1
+	SECCOMP_FILTER_FLAG_LOG                     = 0x2
+	SECCOMP_FILTER_FLAG_NEW_LISTENER            = 0x8
+	SECCOMP_FILTER_FLAG_SPEC_ALLOW              = 0x4
+	SECCOMP_FILTER_FLAG_TSYNC                   = 0x1
+	SECCOMP_FILTER_FLAG_TSYNC_ESRCH             = 0x10
+	SECCOMP_FILTER_FLAG_WAIT_KILLABLE_RECV      = 0x20
+	SECCOMP_GET_ACTION_AVAIL                    = 0x2
+	SECCOMP_GET_NOTIF_SIZES                     = 0x3
+	SECCOMP_IOCTL_NOTIF_RECV                    = 0xc0502100
+	SECCOMP_IOCTL_NOTIF_SEND                    = 0xc0182101
+	SECCOMP_IOC_MAGIC                           = '!'
 	SECCOMP_MODE_DISABLED                       = 0x0
 	SECCOMP_MODE_FILTER                         = 0x2
 	SECCOMP_MODE_STRICT                         = 0x1
+	SECCOMP_RET_ACTION                          = 0x7fff0000
+	SECCOMP_RET_ACTION_FULL                     = 0xffff0000
+	SECCOMP_RET_ALLOW                           = 0x7fff0000
+	SECCOMP_RET_DATA                            = 0xffff
+	SECCOMP_RET_ERRNO                           = 0x50000
+	SECCOMP_RET_KILL                            = 0x0
+	SECCOMP_RET_KILL_PROCESS                    = 0x80000000
+	SECCOMP_RET_KILL_THREAD                     = 0x0
+	SECCOMP_RET_LOG                             = 0x7ffc0000
+	SECCOMP_RET_TRACE                           = 0x7ff00000
+	SECCOMP_RET_TRAP                            = 0x30000
+	SECCOMP_RET_USER_NOTIF                      = 0x7fc00000
+	SECCOMP_SET_MODE_FILTER                     = 0x1
+	SECCOMP_SET_MODE_STRICT                     = 0x0
+	SECCOMP_USER_NOTIF_FD_SYNC_WAKE_UP          = 0x1
+	SECCOMP_USER_NOTIF_FLAG_CONTINUE            = 0x1
 	SECRETMEM_MAGIC                             = 0x5345434d
 	SECURITYFS_MAGIC                            = 0x73636673
 	SEEK_CUR                                    = 0x1
@@ -3075,6 +3108,7 @@ const (
 	SOL_TIPC                                    = 0x10f
 	SOL_TLS                                     = 0x11a
 	SOL_UDP                                     = 0x11
+	SOL_VSOCK                                   = 0x11f
 	SOL_X25                                     = 0x106
 	SOL_XDP                                     = 0x11b
 	SOMAXCONN                                   = 0x1000
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index 4920821cf..42ff8c3c1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -281,6 +281,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x40182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x40082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x40082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index a0c1e4112..dca436004 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -282,6 +282,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x40182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x40082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x40082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index c63985560..5cca668ac 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -288,6 +288,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x40182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x40082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x40082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index 47cc62e25..d8cae6d15 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -278,6 +278,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x40182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x40082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x40082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
index 27ac4a09e..28e39afdc 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
@@ -275,6 +275,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x40182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x40082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x40082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index 54694642a..cd66e92cb 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -281,6 +281,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x80182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x80082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x80082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x80
 	SIOCATMARK                       = 0x40047307
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index 3adb81d75..c1595eba7 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -281,6 +281,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x80182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x80082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x80082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x80
 	SIOCATMARK                       = 0x40047307
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index 2dfe98f0d..ee9456b0d 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -281,6 +281,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x80182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x80082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x80082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x80
 	SIOCATMARK                       = 0x40047307
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index f5398f84f..8cfca81e1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -281,6 +281,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x80182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x80082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x80082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x80
 	SIOCATMARK                       = 0x40047307
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index c54f152d6..60b0deb3a 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -336,6 +336,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x80182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x80082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x80082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index 76057dc72..f90aa7281 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -340,6 +340,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x80182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x80082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x80082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index e0c3725e2..ba9e01503 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -340,6 +340,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x80182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x80082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x80082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index 18f2813ed..07cdfd6e9 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -272,6 +272,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x40182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x40082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x40082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 11619d4ec..2f1dd214a 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -344,6 +344,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x23
 	SCM_TXTIME                       = 0x3d
 	SCM_WIFI_STATUS                  = 0x29
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x40182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x40082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x40082104
 	SFD_CLOEXEC                      = 0x80000
 	SFD_NONBLOCK                     = 0x800
 	SIOCATMARK                       = 0x8905
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index 396d994da..f40519d90 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -335,6 +335,9 @@ const (
 	SCM_TIMESTAMPNS                  = 0x21
 	SCM_TXTIME                       = 0x3f
 	SCM_WIFI_STATUS                  = 0x25
+	SECCOMP_IOCTL_NOTIF_ADDFD        = 0x80182103
+	SECCOMP_IOCTL_NOTIF_ID_VALID     = 0x80082102
+	SECCOMP_IOCTL_NOTIF_SET_FLAGS    = 0x80082104
 	SFD_CLOEXEC                      = 0x400000
 	SFD_NONBLOCK                     = 0x4000
 	SF_FP                            = 0x38
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
index fcf3ecbdd..0cc3ce496 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
@@ -448,4 +448,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE      = 450
 	SYS_CACHESTAT                    = 451
 	SYS_FCHMODAT2                    = 452
+	SYS_MAP_SHADOW_STACK             = 453
+	SYS_FUTEX_WAKE                   = 454
+	SYS_FUTEX_WAIT                   = 455
+	SYS_FUTEX_REQUEUE                = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
index f56dc2504..856d92d69 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
@@ -371,4 +371,7 @@ const (
 	SYS_CACHESTAT               = 451
 	SYS_FCHMODAT2               = 452
 	SYS_MAP_SHADOW_STACK        = 453
+	SYS_FUTEX_WAKE              = 454
+	SYS_FUTEX_WAIT              = 455
+	SYS_FUTEX_REQUEUE           = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
index 974bf2467..8d467094c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
@@ -412,4 +412,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE      = 450
 	SYS_CACHESTAT                    = 451
 	SYS_FCHMODAT2                    = 452
+	SYS_MAP_SHADOW_STACK             = 453
+	SYS_FUTEX_WAKE                   = 454
+	SYS_FUTEX_WAIT                   = 455
+	SYS_FUTEX_REQUEUE                = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
index 39a2739e2..edc173244 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
@@ -315,4 +315,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
 	SYS_FCHMODAT2               = 452
+	SYS_MAP_SHADOW_STACK        = 453
+	SYS_FUTEX_WAKE              = 454
+	SYS_FUTEX_WAIT              = 455
+	SYS_FUTEX_REQUEUE           = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
index cf9c9d77e..445eba206 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
@@ -309,4 +309,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
 	SYS_FCHMODAT2               = 452
+	SYS_MAP_SHADOW_STACK        = 453
+	SYS_FUTEX_WAKE              = 454
+	SYS_FUTEX_WAIT              = 455
+	SYS_FUTEX_REQUEUE           = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
index 10b7362ef..adba01bca 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
@@ -432,4 +432,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE      = 4450
 	SYS_CACHESTAT                    = 4451
 	SYS_FCHMODAT2                    = 4452
+	SYS_MAP_SHADOW_STACK             = 4453
+	SYS_FUTEX_WAKE                   = 4454
+	SYS_FUTEX_WAIT                   = 4455
+	SYS_FUTEX_REQUEUE                = 4456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
index cd4d8b4fd..014c4e9c7 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
@@ -362,4 +362,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE = 5450
 	SYS_CACHESTAT               = 5451
 	SYS_FCHMODAT2               = 5452
+	SYS_MAP_SHADOW_STACK        = 5453
+	SYS_FUTEX_WAKE              = 5454
+	SYS_FUTEX_WAIT              = 5455
+	SYS_FUTEX_REQUEUE           = 5456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
index 2c0efca81..ccc97d74d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
@@ -362,4 +362,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE = 5450
 	SYS_CACHESTAT               = 5451
 	SYS_FCHMODAT2               = 5452
+	SYS_MAP_SHADOW_STACK        = 5453
+	SYS_FUTEX_WAKE              = 5454
+	SYS_FUTEX_WAIT              = 5455
+	SYS_FUTEX_REQUEUE           = 5456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
index a72e31d39..ec2b64a95 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
@@ -432,4 +432,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE      = 4450
 	SYS_CACHESTAT                    = 4451
 	SYS_FCHMODAT2                    = 4452
+	SYS_MAP_SHADOW_STACK             = 4453
+	SYS_FUTEX_WAKE                   = 4454
+	SYS_FUTEX_WAIT                   = 4455
+	SYS_FUTEX_REQUEUE                = 4456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
index c7d1e3747..21a839e33 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
@@ -439,4 +439,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE      = 450
 	SYS_CACHESTAT                    = 451
 	SYS_FCHMODAT2                    = 452
+	SYS_MAP_SHADOW_STACK             = 453
+	SYS_FUTEX_WAKE                   = 454
+	SYS_FUTEX_WAIT                   = 455
+	SYS_FUTEX_REQUEUE                = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
index f4d4838c8..c11121ec3 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
@@ -411,4 +411,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
 	SYS_FCHMODAT2               = 452
+	SYS_MAP_SHADOW_STACK        = 453
+	SYS_FUTEX_WAKE              = 454
+	SYS_FUTEX_WAIT              = 455
+	SYS_FUTEX_REQUEUE           = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
index b64f0e591..909b631fc 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
@@ -411,4 +411,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
 	SYS_FCHMODAT2               = 452
+	SYS_MAP_SHADOW_STACK        = 453
+	SYS_FUTEX_WAKE              = 454
+	SYS_FUTEX_WAIT              = 455
+	SYS_FUTEX_REQUEUE           = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index 95711195a..e49bed16e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -316,4 +316,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
 	SYS_FCHMODAT2               = 452
+	SYS_MAP_SHADOW_STACK        = 453
+	SYS_FUTEX_WAKE              = 454
+	SYS_FUTEX_WAIT              = 455
+	SYS_FUTEX_REQUEUE           = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index f94e943bc..66017d2d3 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -377,4 +377,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
 	SYS_FCHMODAT2               = 452
+	SYS_MAP_SHADOW_STACK        = 453
+	SYS_FUTEX_WAKE              = 454
+	SYS_FUTEX_WAIT              = 455
+	SYS_FUTEX_REQUEUE           = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
index ba0c2bc51..47bab18dc 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
@@ -390,4 +390,8 @@ const (
 	SYS_SET_MEMPOLICY_HOME_NODE = 450
 	SYS_CACHESTAT               = 451
 	SYS_FCHMODAT2               = 452
+	SYS_MAP_SHADOW_STACK        = 453
+	SYS_FUTEX_WAKE              = 454
+	SYS_FUTEX_WAIT              = 455
+	SYS_FUTEX_REQUEUE           = 456
 )
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index bbf8399ff..dc0c955ee 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -174,7 +174,8 @@ type FscryptPolicyV2 struct {
 	Contents_encryption_mode  uint8
 	Filenames_encryption_mode uint8
 	Flags                     uint8
-	_                         [4]uint8
+	Log2_data_unit_size       uint8
+	_                         [3]uint8
 	Master_key_identifier     [16]uint8
 }
 
@@ -455,60 +456,63 @@ type Ucred struct {
 }
 
 type TCPInfo struct {
-	State           uint8
-	Ca_state        uint8
-	Retransmits     uint8
-	Probes          uint8
-	Backoff         uint8
-	Options         uint8
-	Rto             uint32
-	Ato             uint32
-	Snd_mss         uint32
-	Rcv_mss         uint32
-	Unacked         uint32
-	Sacked          uint32
-	Lost            uint32
-	Retrans         uint32
-	Fackets         uint32
-	Last_data_sent  uint32
-	Last_ack_sent   uint32
-	Last_data_recv  uint32
-	Last_ack_recv   uint32
-	Pmtu            uint32
-	Rcv_ssthresh    uint32
-	Rtt             uint32
-	Rttvar          uint32
-	Snd_ssthresh    uint32
-	Snd_cwnd        uint32
-	Advmss          uint32
-	Reordering      uint32
-	Rcv_rtt         uint32
-	Rcv_space       uint32
-	Total_retrans   uint32
-	Pacing_rate     uint64
-	Max_pacing_rate uint64
-	Bytes_acked     uint64
-	Bytes_received  uint64
-	Segs_out        uint32
-	Segs_in         uint32
-	Notsent_bytes   uint32
-	Min_rtt         uint32
-	Data_segs_in    uint32
-	Data_segs_out   uint32
-	Delivery_rate   uint64
-	Busy_time       uint64
-	Rwnd_limited    uint64
-	Sndbuf_limited  uint64
-	Delivered       uint32
-	Delivered_ce    uint32
-	Bytes_sent      uint64
-	Bytes_retrans   uint64
-	Dsack_dups      uint32
-	Reord_seen      uint32
-	Rcv_ooopack     uint32
-	Snd_wnd         uint32
-	Rcv_wnd         uint32
-	Rehash          uint32
+	State                uint8
+	Ca_state             uint8
+	Retransmits          uint8
+	Probes               uint8
+	Backoff              uint8
+	Options              uint8
+	Rto                  uint32
+	Ato                  uint32
+	Snd_mss              uint32
+	Rcv_mss              uint32
+	Unacked              uint32
+	Sacked               uint32
+	Lost                 uint32
+	Retrans              uint32
+	Fackets              uint32
+	Last_data_sent       uint32
+	Last_ack_sent        uint32
+	Last_data_recv       uint32
+	Last_ack_recv        uint32
+	Pmtu                 uint32
+	Rcv_ssthresh         uint32
+	Rtt                  uint32
+	Rttvar               uint32
+	Snd_ssthresh         uint32
+	Snd_cwnd             uint32
+	Advmss               uint32
+	Reordering           uint32
+	Rcv_rtt              uint32
+	Rcv_space            uint32
+	Total_retrans        uint32
+	Pacing_rate          uint64
+	Max_pacing_rate      uint64
+	Bytes_acked          uint64
+	Bytes_received       uint64
+	Segs_out             uint32
+	Segs_in              uint32
+	Notsent_bytes        uint32
+	Min_rtt              uint32
+	Data_segs_in         uint32
+	Data_segs_out        uint32
+	Delivery_rate        uint64
+	Busy_time            uint64
+	Rwnd_limited         uint64
+	Sndbuf_limited       uint64
+	Delivered            uint32
+	Delivered_ce         uint32
+	Bytes_sent           uint64
+	Bytes_retrans        uint64
+	Dsack_dups           uint32
+	Reord_seen           uint32
+	Rcv_ooopack          uint32
+	Snd_wnd              uint32
+	Rcv_wnd              uint32
+	Rehash               uint32
+	Total_rto            uint16
+	Total_rto_recoveries uint16
+	Total_rto_time       uint32
 }
 
 type CanFilter struct {
@@ -551,7 +555,7 @@ const (
 	SizeofIPv6MTUInfo       = 0x20
 	SizeofICMPv6Filter      = 0x20
 	SizeofUcred             = 0xc
-	SizeofTCPInfo           = 0xf0
+	SizeofTCPInfo           = 0xf8
 	SizeofCanFilter         = 0x8
 	SizeofTCPRepairOpt      = 0x8
 )
@@ -3399,7 +3403,7 @@ const (
 	DEVLINK_PORT_FN_ATTR_STATE                         = 0x2
 	DEVLINK_PORT_FN_ATTR_OPSTATE                       = 0x3
 	DEVLINK_PORT_FN_ATTR_CAPS                          = 0x4
-	DEVLINK_PORT_FUNCTION_ATTR_MAX                     = 0x4
+	DEVLINK_PORT_FUNCTION_ATTR_MAX                     = 0x5
 )
 
 type FsverityDigest struct {
@@ -4183,7 +4187,8 @@ const (
 )
 
 type LandlockRulesetAttr struct {
-	Access_fs uint64
+	Access_fs  uint64
+	Access_net uint64
 }
 
 type LandlockPathBeneathAttr struct {
@@ -5134,7 +5139,7 @@ const (
 	NL80211_FREQUENCY_ATTR_GO_CONCURRENT                    = 0xf
 	NL80211_FREQUENCY_ATTR_INDOOR_ONLY                      = 0xe
 	NL80211_FREQUENCY_ATTR_IR_CONCURRENT                    = 0xf
-	NL80211_FREQUENCY_ATTR_MAX                              = 0x1b
+	NL80211_FREQUENCY_ATTR_MAX                              = 0x1c
 	NL80211_FREQUENCY_ATTR_MAX_TX_POWER                     = 0x6
 	NL80211_FREQUENCY_ATTR_NO_10MHZ                         = 0x11
 	NL80211_FREQUENCY_ATTR_NO_160MHZ                        = 0xc
@@ -5547,7 +5552,7 @@ const (
 	NL80211_REGDOM_TYPE_CUSTOM_WORLD                        = 0x2
 	NL80211_REGDOM_TYPE_INTERSECTION                        = 0x3
 	NL80211_REGDOM_TYPE_WORLD                               = 0x1
-	NL80211_REG_RULE_ATTR_MAX                               = 0x7
+	NL80211_REG_RULE_ATTR_MAX                               = 0x8
 	NL80211_REKEY_DATA_AKM                                  = 0x4
 	NL80211_REKEY_DATA_KCK                                  = 0x2
 	NL80211_REKEY_DATA_KEK                                  = 0x1
diff --git a/vendor/golang.org/x/sys/windows/env_windows.go b/vendor/golang.org/x/sys/windows/env_windows.go
index b8ad19250..d4577a423 100644
--- a/vendor/golang.org/x/sys/windows/env_windows.go
+++ b/vendor/golang.org/x/sys/windows/env_windows.go
@@ -37,14 +37,17 @@ func (token Token) Environ(inheritExisting bool) (env []string, err error) {
 		return nil, err
 	}
 	defer DestroyEnvironmentBlock(block)
-	blockp := unsafe.Pointer(block)
-	for {
-		entry := UTF16PtrToString((*uint16)(blockp))
-		if len(entry) == 0 {
-			break
+	size := unsafe.Sizeof(*block)
+	for *block != 0 {
+		// find NUL terminator
+		end := unsafe.Pointer(block)
+		for *(*uint16)(end) != 0 {
+			end = unsafe.Add(end, size)
 		}
-		env = append(env, entry)
-		blockp = unsafe.Add(blockp, 2*(len(entry)+1))
+
+		entry := unsafe.Slice(block, (uintptr(end)-uintptr(unsafe.Pointer(block)))/size)
+		env = append(env, UTF16ToString(entry))
+		block = (*uint16)(unsafe.Add(end, size))
 	}
 	return env, nil
 }
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index ffb8708cc..6395a031d 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -125,8 +125,7 @@ func UTF16PtrToString(p *uint16) string {
 	for ptr := unsafe.Pointer(p); *(*uint16)(ptr) != 0; n++ {
 		ptr = unsafe.Pointer(uintptr(ptr) + unsafe.Sizeof(*p))
 	}
-
-	return string(utf16.Decode(unsafe.Slice(p, n)))
+	return UTF16ToString(unsafe.Slice(p, n))
 }
 
 func Getpagesize() int { return 4096 }
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 5580b3f3a..bb340d4aa 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -130,7 +130,7 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.18.0
+# golang.org/x/crypto v0.19.0
 ## explicit; go 1.18
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
@@ -152,7 +152,7 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
 ## explicit; go 1.17
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.16.0
+# golang.org/x/sys v0.17.0
 ## explicit; go 1.18
 golang.org/x/sys/cpu
 golang.org/x/sys/unix

From 7f58e9c9adba9caa14882357589c4977f3219c5b Mon Sep 17 00:00:00 2001
From: killianmuldoon 
Date: Thu, 22 Feb 2024 15:37:36 +0000
Subject: [PATCH 61/73] Build images on base image for target platform

Signed-off-by: killianmuldoon 
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 4b9e30a4c..18ece0bf5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.20
+FROM --platform=${TARGETPLATFORM} golang:1.20
 
 ARG TARGETPLATFORM
 ARG BUILDPLATFORM

From 0f5c14c7f3d07a4c81e7f5e3958c79bbdd7acd8c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 Mar 2024 03:02:14 +0000
Subject: [PATCH 62/73] build(deps): bump github.com/prometheus/client_golang

Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.18.0 to 1.19.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.18.0...v1.19.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |   9 +-
 go.sum                                        |  18 +-
 .../golang_protobuf_extensions/v2/LICENSE     | 201 ----------
 .../golang_protobuf_extensions/v2/NOTICE      |   1 -
 .../v2/pbutil/.gitignore                      |   1 -
 .../v2/pbutil/Makefile                        |   7 -
 .../v2/pbutil/decode.go                       |  81 ----
 .../v2/pbutil/doc.go                          |  16 -
 .../v2/pbutil/encode.go                       |  49 ---
 .../prometheus/common/expfmt/decode.go        |  27 +-
 .../prometheus/common/expfmt/encode.go        |  78 ++--
 .../prometheus/common/expfmt/expfmt.go        | 144 ++++++-
 .../common/expfmt/openmetrics_create.go       |  85 ++--
 .../prometheus/common/expfmt/text_create.go   | 118 ++++--
 .../prometheus/common/expfmt/text_parse.go    |   8 +-
 .../prometheus/common/model/alert.go          |   4 +-
 .../prometheus/common/model/labels.go         |  22 +-
 .../prometheus/common/model/metadata.go       |  28 ++
 .../prometheus/common/model/metric.go         | 368 +++++++++++++++++-
 .../prometheus/common/model/signature.go      |   6 +-
 .../prometheus/common/model/silence.go        |   2 +-
 .../prometheus/common/model/value.go          |  16 +-
 .../prometheus/common/model/value_float.go    |  14 +-
 vendor/golang.org/x/net/idna/go118.go         |   1 -
 vendor/golang.org/x/net/idna/idna10.0.0.go    |   1 -
 vendor/golang.org/x/net/idna/idna9.0.0.go     |   1 -
 vendor/golang.org/x/net/idna/pre_go118.go     |   1 -
 vendor/golang.org/x/net/idna/tables10.0.0.go  |   1 -
 vendor/golang.org/x/net/idna/tables11.0.0.go  |   1 -
 vendor/golang.org/x/net/idna/tables12.0.0.go  |   1 -
 vendor/golang.org/x/net/idna/tables13.0.0.go  |   1 -
 vendor/golang.org/x/net/idna/tables15.0.0.go  |   1 -
 vendor/golang.org/x/net/idna/tables9.0.0.go   |   1 -
 vendor/golang.org/x/net/idna/trie12.0.0.go    |   1 -
 vendor/golang.org/x/net/idna/trie13.0.0.go    |   1 -
 .../encoding/protodelim/protodelim.go         | 160 ++++++++
 .../protobuf/encoding/prototext/decode.go     |   8 +-
 .../protobuf/encoding/prototext/encode.go     |   4 +-
 .../protobuf/encoding/protowire/wire.go       |  28 +-
 .../protobuf/internal/descfmt/stringer.go     | 183 ++++++---
 .../protobuf/internal/filedesc/desc.go        |  47 ++-
 .../protobuf/internal/genid/descriptor_gen.go | 212 ++++++++--
 .../protobuf/internal/impl/codec_gen.go       | 113 +++++-
 .../protobuf/internal/impl/legacy_message.go  |  19 +-
 .../protobuf/internal/impl/message.go         |  17 +-
 .../protobuf/internal/impl/pointer_reflect.go |  36 ++
 .../protobuf/internal/impl/pointer_unsafe.go  |  40 ++
 ...ings_unsafe.go => strings_unsafe_go120.go} |   4 +-
 .../internal/strs/strings_unsafe_go121.go     |  74 ++++
 .../protobuf/internal/version/version.go      |   2 +-
 .../protobuf/proto/decode.go                  |   2 +-
 .../google.golang.org/protobuf/proto/doc.go   |  58 +--
 .../protobuf/proto/encode.go                  |   2 +-
 .../protobuf/proto/extension.go               |   2 +-
 .../google.golang.org/protobuf/proto/merge.go |   2 +-
 .../google.golang.org/protobuf/proto/proto.go |  18 +-
 .../protobuf/reflect/protoreflect/proto.go    |  83 ++--
 .../reflect/protoreflect/source_gen.go        |  62 ++-
 .../protobuf/reflect/protoreflect/type.go     |  44 +--
 .../protobuf/reflect/protoreflect/value.go    |  24 +-
 .../reflect/protoreflect/value_equal.go       |   8 +-
 .../reflect/protoreflect/value_union.go       |  44 +--
 ...{value_unsafe.go => value_unsafe_go120.go} |   4 +-
 .../protoreflect/value_unsafe_go121.go        |  87 +++++
 .../reflect/protoregistry/registry.go         |  24 +-
 vendor/modules.txt                            |  18 +-
 66 files changed, 1929 insertions(+), 815 deletions(-)
 delete mode 100644 vendor/github.com/matttproud/golang_protobuf_extensions/v2/LICENSE
 delete mode 100644 vendor/github.com/matttproud/golang_protobuf_extensions/v2/NOTICE
 delete mode 100644 vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/.gitignore
 delete mode 100644 vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/Makefile
 delete mode 100644 vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go
 delete mode 100644 vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/doc.go
 delete mode 100644 vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go
 create mode 100644 vendor/github.com/prometheus/common/model/metadata.go
 create mode 100644 vendor/google.golang.org/protobuf/encoding/protodelim/protodelim.go
 rename vendor/google.golang.org/protobuf/internal/strs/{strings_unsafe.go => strings_unsafe_go120.go} (96%)
 create mode 100644 vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go
 rename vendor/google.golang.org/protobuf/reflect/protoreflect/{value_unsafe.go => value_unsafe_go120.go} (97%)
 create mode 100644 vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go

diff --git a/go.mod b/go.mod
index 5e52e09bd..9c63a49af 100644
--- a/go.mod
+++ b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
 	github.com/mattn/go-sqlite3 v1.14.22
-	github.com/prometheus/client_golang v1.18.0
+	github.com/prometheus/client_golang v1.19.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
 	golang.org/x/crypto v0.19.0
@@ -25,17 +25,16 @@ require (
 	github.com/getsentry/sentry-go v0.11.0 // indirect
 	github.com/go-logr/logr v1.2.4 // indirect
 	github.com/kylelemons/go-gypsy v1.0.0 // indirect
-	github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
 	github.com/pelletier/go-toml v1.9.3 // indirect
 	github.com/prometheus/client_model v0.5.0 // indirect
-	github.com/prometheus/common v0.45.0 // indirect
+	github.com/prometheus/common v0.48.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/stretchr/testify v1.8.4 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
-	golang.org/x/net v0.17.0 // indirect
+	golang.org/x/net v0.20.0 // indirect
 	golang.org/x/sys v0.17.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
-	google.golang.org/protobuf v1.31.0 // indirect
+	google.golang.org/protobuf v1.32.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
 )
diff --git a/go.sum b/go.sum
index ff28ffe45..33529414c 100644
--- a/go.sum
+++ b/go.sum
@@ -240,8 +240,6 @@ github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o
 github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 h1:jWpvCLoY8Z/e3VKvlsiIGKtc+UG6U5vzxaoagmhXfyg=
-github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0/go.mod h1:QUyp042oQthUoa9bqDv0ER0wrtXnBruoNd7aNjkbP+k=
 github.com/mediocregopher/radix/v3 v3.4.2/go.mod h1:8FL3F6UQRXHXIBSPUs5h0RybMF8i4n7wVopoX3x7Bv8=
 github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/leAFZyRl6bYmGDlGc=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
@@ -278,8 +276,8 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
 github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_golang v1.18.0 h1:HzFfmkOzH5Q8L8G+kSJKUx5dtG87sewO+FoDDqP5Tbk=
-github.com/prometheus/client_golang v1.18.0/go.mod h1:T+GXkCk5wSJyOqMIzVgvvjFDlkOQntgjkJWKrN5txjA=
+github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU=
+github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
@@ -290,8 +288,8 @@ github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y8
 github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
 github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
 github.com/prometheus/common v0.31.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
-github.com/prometheus/common v0.45.0 h1:2BGz0eBc2hdMDLnO/8n0jeB3oPrt2D08CekT0lneoxM=
-github.com/prometheus/common v0.45.0/go.mod h1:YJmSTw9BoKxJplESWWxlbyttQR4uaEcGyv9MZjVOJsY=
+github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE=
+github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
@@ -459,8 +457,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
-golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
+golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
+golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -676,8 +674,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
-google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
+google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/LICENSE b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/LICENSE
deleted file mode 100644
index 8dada3eda..000000000
--- a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/LICENSE
+++ /dev/null
@@ -1,201 +0,0 @@
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "{}"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright {yyyy} {name of copyright owner}
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/NOTICE b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/NOTICE
deleted file mode 100644
index 5d8cb5b72..000000000
--- a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/NOTICE
+++ /dev/null
@@ -1 +0,0 @@
-Copyright 2012 Matt T. Proud (matt.proud@gmail.com)
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/.gitignore b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/.gitignore
deleted file mode 100644
index e16fb946b..000000000
--- a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-cover.dat
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/Makefile b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/Makefile
deleted file mode 100644
index 81be21437..000000000
--- a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/Makefile
+++ /dev/null
@@ -1,7 +0,0 @@
-all:
-
-cover:
-	go test -cover -v -coverprofile=cover.dat ./...
-	go tool cover -func cover.dat
-
-.PHONY: cover
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go
deleted file mode 100644
index 7c08e564f..000000000
--- a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/decode.go
+++ /dev/null
@@ -1,81 +0,0 @@
-// Copyright 2013 Matt T. Proud
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package pbutil
-
-import (
-	"encoding/binary"
-	"errors"
-	"io"
-
-	"google.golang.org/protobuf/proto"
-)
-
-// TODO: Give error package name prefix in next minor release.
-var errInvalidVarint = errors.New("invalid varint32 encountered")
-
-// ReadDelimited decodes a message from the provided length-delimited stream,
-// where the length is encoded as 32-bit varint prefix to the message body.
-// It returns the total number of bytes read and any applicable error.  This is
-// roughly equivalent to the companion Java API's
-// MessageLite#parseDelimitedFrom.  As per the reader contract, this function
-// calls r.Read repeatedly as required until exactly one message including its
-// prefix is read and decoded (or an error has occurred).  The function never
-// reads more bytes from the stream than required.  The function never returns
-// an error if a message has been read and decoded correctly, even if the end
-// of the stream has been reached in doing so.  In that case, any subsequent
-// calls return (0, io.EOF).
-func ReadDelimited(r io.Reader, m proto.Message) (n int, err error) {
-	// TODO: Consider allowing the caller to specify a decode buffer in the
-	// next major version.
-
-	// TODO: Consider using error wrapping to annotate error state in pass-
-	// through cases in the next minor version.
-
-	// Per AbstractParser#parsePartialDelimitedFrom with
-	// CodedInputStream#readRawVarint32.
-	var headerBuf [binary.MaxVarintLen32]byte
-	var bytesRead, varIntBytes int
-	var messageLength uint64
-	for varIntBytes == 0 { // i.e. no varint has been decoded yet.
-		if bytesRead >= len(headerBuf) {
-			return bytesRead, errInvalidVarint
-		}
-		// We have to read byte by byte here to avoid reading more bytes
-		// than required. Each read byte is appended to what we have
-		// read before.
-		newBytesRead, err := r.Read(headerBuf[bytesRead : bytesRead+1])
-		if newBytesRead == 0 {
-			if err != nil {
-				return bytesRead, err
-			}
-			// A Reader should not return (0, nil); but if it does, it should
-			// be treated as no-op according to the Reader contract.
-			continue
-		}
-		bytesRead += newBytesRead
-		// Now present everything read so far to the varint decoder and
-		// see if a varint can be decoded already.
-		messageLength, varIntBytes = binary.Uvarint(headerBuf[:bytesRead])
-	}
-
-	messageBuf := make([]byte, messageLength)
-	newBytesRead, err := io.ReadFull(r, messageBuf)
-	bytesRead += newBytesRead
-	if err != nil {
-		return bytesRead, err
-	}
-
-	return bytesRead, proto.Unmarshal(messageBuf, m)
-}
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/doc.go b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/doc.go
deleted file mode 100644
index c318385cb..000000000
--- a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/doc.go
+++ /dev/null
@@ -1,16 +0,0 @@
-// Copyright 2013 Matt T. Proud
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-// Package pbutil provides record length-delimited Protocol Buffer streaming.
-package pbutil
diff --git a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go b/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go
deleted file mode 100644
index e58dd9d29..000000000
--- a/vendor/github.com/matttproud/golang_protobuf_extensions/v2/pbutil/encode.go
+++ /dev/null
@@ -1,49 +0,0 @@
-// Copyright 2013 Matt T. Proud
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package pbutil
-
-import (
-	"encoding/binary"
-	"io"
-
-	"google.golang.org/protobuf/proto"
-)
-
-// WriteDelimited encodes and dumps a message to the provided writer prefixed
-// with a 32-bit varint indicating the length of the encoded message, producing
-// a length-delimited record stream, which can be used to chain together
-// encoded messages of the same type together in a file.  It returns the total
-// number of bytes written and any applicable error.  This is roughly
-// equivalent to the companion Java API's MessageLite#writeDelimitedTo.
-func WriteDelimited(w io.Writer, m proto.Message) (n int, err error) {
-	// TODO: Consider allowing the caller to specify an encode buffer in the
-	// next major version.
-
-	buffer, err := proto.Marshal(m)
-	if err != nil {
-		return 0, err
-	}
-
-	var buf [binary.MaxVarintLen32]byte
-	encodedLength := binary.PutUvarint(buf[:], uint64(len(buffer)))
-
-	sync, err := w.Write(buf[:encodedLength])
-	if err != nil {
-		return sync, err
-	}
-
-	n, err = w.Write(buffer)
-	return n + sync, err
-}
diff --git a/vendor/github.com/prometheus/common/expfmt/decode.go b/vendor/github.com/prometheus/common/expfmt/decode.go
index 0ca86a3dc..b2b89b017 100644
--- a/vendor/github.com/prometheus/common/expfmt/decode.go
+++ b/vendor/github.com/prometheus/common/expfmt/decode.go
@@ -14,6 +14,7 @@
 package expfmt
 
 import (
+	"bufio"
 	"fmt"
 	"io"
 	"math"
@@ -21,8 +22,8 @@ import (
 	"net/http"
 
 	dto "github.com/prometheus/client_model/go"
+	"google.golang.org/protobuf/encoding/protodelim"
 
-	"github.com/matttproud/golang_protobuf_extensions/v2/pbutil"
 	"github.com/prometheus/common/model"
 )
 
@@ -44,7 +45,7 @@ func ResponseFormat(h http.Header) Format {
 
 	mediatype, params, err := mime.ParseMediaType(ct)
 	if err != nil {
-		return FmtUnknown
+		return fmtUnknown
 	}
 
 	const textType = "text/plain"
@@ -52,28 +53,28 @@ func ResponseFormat(h http.Header) Format {
 	switch mediatype {
 	case ProtoType:
 		if p, ok := params["proto"]; ok && p != ProtoProtocol {
-			return FmtUnknown
+			return fmtUnknown
 		}
 		if e, ok := params["encoding"]; ok && e != "delimited" {
-			return FmtUnknown
+			return fmtUnknown
 		}
-		return FmtProtoDelim
+		return fmtProtoDelim
 
 	case textType:
 		if v, ok := params["version"]; ok && v != TextVersion {
-			return FmtUnknown
+			return fmtUnknown
 		}
-		return FmtText
+		return fmtText
 	}
 
-	return FmtUnknown
+	return fmtUnknown
 }
 
 // NewDecoder returns a new decoder based on the given input format.
 // If the input format does not imply otherwise, a text format decoder is returned.
 func NewDecoder(r io.Reader, format Format) Decoder {
-	switch format {
-	case FmtProtoDelim:
+	switch format.FormatType() {
+	case TypeProtoDelim:
 		return &protoDecoder{r: r}
 	}
 	return &textDecoder{r: r}
@@ -86,8 +87,10 @@ type protoDecoder struct {
 
 // Decode implements the Decoder interface.
 func (d *protoDecoder) Decode(v *dto.MetricFamily) error {
-	_, err := pbutil.ReadDelimited(d.r, v)
-	if err != nil {
+	opts := protodelim.UnmarshalOptions{
+		MaxSize: -1,
+	}
+	if err := opts.UnmarshalFrom(bufio.NewReader(d.r), v); err != nil {
 		return err
 	}
 	if !model.IsValidMetricName(model.LabelValue(v.GetName())) {
diff --git a/vendor/github.com/prometheus/common/expfmt/encode.go b/vendor/github.com/prometheus/common/expfmt/encode.go
index ca2140600..8fd806184 100644
--- a/vendor/github.com/prometheus/common/expfmt/encode.go
+++ b/vendor/github.com/prometheus/common/expfmt/encode.go
@@ -18,10 +18,12 @@ import (
 	"io"
 	"net/http"
 
-	"github.com/matttproud/golang_protobuf_extensions/v2/pbutil"
-	"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg"
+	"google.golang.org/protobuf/encoding/protodelim"
 	"google.golang.org/protobuf/encoding/prototext"
 
+	"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg"
+	"github.com/prometheus/common/model"
+
 	dto "github.com/prometheus/client_model/go"
 )
 
@@ -60,23 +62,32 @@ func (ec encoderCloser) Close() error {
 // as the support is still experimental. To include the option to negotiate
 // FmtOpenMetrics, use NegotiateOpenMetrics.
 func Negotiate(h http.Header) Format {
+	escapingScheme := Format(fmt.Sprintf("; escaping=%s", Format(model.NameEscapingScheme.String())))
 	for _, ac := range goautoneg.ParseAccept(h.Get(hdrAccept)) {
+		if escapeParam := ac.Params[model.EscapingKey]; escapeParam != "" {
+			switch Format(escapeParam) {
+			case model.AllowUTF8, model.EscapeUnderscores, model.EscapeDots, model.EscapeValues:
+				escapingScheme = Format(fmt.Sprintf("; escaping=%s", escapeParam))
+			default:
+				// If the escaping parameter is unknown, ignore it.
+			}
+		}
 		ver := ac.Params["version"]
 		if ac.Type+"/"+ac.SubType == ProtoType && ac.Params["proto"] == ProtoProtocol {
 			switch ac.Params["encoding"] {
 			case "delimited":
-				return FmtProtoDelim
+				return fmtProtoDelim + escapingScheme
 			case "text":
-				return FmtProtoText
+				return fmtProtoText + escapingScheme
 			case "compact-text":
-				return FmtProtoCompact
+				return fmtProtoCompact + escapingScheme
 			}
 		}
 		if ac.Type == "text" && ac.SubType == "plain" && (ver == TextVersion || ver == "") {
-			return FmtText
+			return fmtText + escapingScheme
 		}
 	}
-	return FmtText
+	return fmtText + escapingScheme
 }
 
 // NegotiateIncludingOpenMetrics works like Negotiate but includes
@@ -84,29 +95,40 @@ func Negotiate(h http.Header) Format {
 // temporary and will disappear once FmtOpenMetrics is fully supported and as
 // such may be negotiated by the normal Negotiate function.
 func NegotiateIncludingOpenMetrics(h http.Header) Format {
+	escapingScheme := Format(fmt.Sprintf("; escaping=%s", Format(model.NameEscapingScheme.String())))
 	for _, ac := range goautoneg.ParseAccept(h.Get(hdrAccept)) {
+		if escapeParam := ac.Params[model.EscapingKey]; escapeParam != "" {
+			switch Format(escapeParam) {
+			case model.AllowUTF8, model.EscapeUnderscores, model.EscapeDots, model.EscapeValues:
+				escapingScheme = Format(fmt.Sprintf("; escaping=%s", escapeParam))
+			default:
+				// If the escaping parameter is unknown, ignore it.
+			}
+		}
 		ver := ac.Params["version"]
 		if ac.Type+"/"+ac.SubType == ProtoType && ac.Params["proto"] == ProtoProtocol {
 			switch ac.Params["encoding"] {
 			case "delimited":
-				return FmtProtoDelim
+				return fmtProtoDelim + escapingScheme
 			case "text":
-				return FmtProtoText
+				return fmtProtoText + escapingScheme
 			case "compact-text":
-				return FmtProtoCompact
+				return fmtProtoCompact + escapingScheme
 			}
 		}
 		if ac.Type == "text" && ac.SubType == "plain" && (ver == TextVersion || ver == "") {
-			return FmtText
+			return fmtText + escapingScheme
 		}
 		if ac.Type+"/"+ac.SubType == OpenMetricsType && (ver == OpenMetricsVersion_0_0_1 || ver == OpenMetricsVersion_1_0_0 || ver == "") {
-			if ver == OpenMetricsVersion_1_0_0 {
-				return FmtOpenMetrics_1_0_0
+			switch ver {
+			case OpenMetricsVersion_1_0_0:
+				return fmtOpenMetrics_1_0_0 + escapingScheme
+			default:
+				return fmtOpenMetrics_0_0_1 + escapingScheme
 			}
-			return FmtOpenMetrics_0_0_1
 		}
 	}
-	return FmtText
+	return fmtText + escapingScheme
 }
 
 // NewEncoder returns a new encoder based on content type negotiation. All
@@ -115,44 +137,48 @@ func NegotiateIncludingOpenMetrics(h http.Header) Format {
 // for FmtOpenMetrics, but a future (breaking) release will add the Close method
 // to the Encoder interface directly. The current version of the Encoder
 // interface is kept for backwards compatibility.
+// In cases where the Format does not allow for UTF-8 names, the global
+// NameEscapingScheme will be applied.
 func NewEncoder(w io.Writer, format Format) Encoder {
-	switch format {
-	case FmtProtoDelim:
+	escapingScheme := format.ToEscapingScheme()
+
+	switch format.FormatType() {
+	case TypeProtoDelim:
 		return encoderCloser{
 			encode: func(v *dto.MetricFamily) error {
-				_, err := pbutil.WriteDelimited(w, v)
+				_, err := protodelim.MarshalTo(w, v)
 				return err
 			},
 			close: func() error { return nil },
 		}
-	case FmtProtoCompact:
+	case TypeProtoCompact:
 		return encoderCloser{
 			encode: func(v *dto.MetricFamily) error {
-				_, err := fmt.Fprintln(w, v.String())
+				_, err := fmt.Fprintln(w, model.EscapeMetricFamily(v, escapingScheme).String())
 				return err
 			},
 			close: func() error { return nil },
 		}
-	case FmtProtoText:
+	case TypeProtoText:
 		return encoderCloser{
 			encode: func(v *dto.MetricFamily) error {
-				_, err := fmt.Fprintln(w, prototext.Format(v))
+				_, err := fmt.Fprintln(w, prototext.Format(model.EscapeMetricFamily(v, escapingScheme)))
 				return err
 			},
 			close: func() error { return nil },
 		}
-	case FmtText:
+	case TypeTextPlain:
 		return encoderCloser{
 			encode: func(v *dto.MetricFamily) error {
-				_, err := MetricFamilyToText(w, v)
+				_, err := MetricFamilyToText(w, model.EscapeMetricFamily(v, escapingScheme))
 				return err
 			},
 			close: func() error { return nil },
 		}
-	case FmtOpenMetrics_0_0_1, FmtOpenMetrics_1_0_0:
+	case TypeOpenMetrics:
 		return encoderCloser{
 			encode: func(v *dto.MetricFamily) error {
-				_, err := MetricFamilyToOpenMetrics(w, v)
+				_, err := MetricFamilyToOpenMetrics(w, model.EscapeMetricFamily(v, escapingScheme))
 				return err
 			},
 			close: func() error {
diff --git a/vendor/github.com/prometheus/common/expfmt/expfmt.go b/vendor/github.com/prometheus/common/expfmt/expfmt.go
index c4cb20f0d..6fc9555e3 100644
--- a/vendor/github.com/prometheus/common/expfmt/expfmt.go
+++ b/vendor/github.com/prometheus/common/expfmt/expfmt.go
@@ -14,30 +14,154 @@
 // Package expfmt contains tools for reading and writing Prometheus metrics.
 package expfmt
 
+import (
+	"strings"
+
+	"github.com/prometheus/common/model"
+)
+
 // Format specifies the HTTP content type of the different wire protocols.
 type Format string
 
-// Constants to assemble the Content-Type values for the different wire protocols.
+// Constants to assemble the Content-Type values for the different wire
+// protocols. The Content-Type strings here are all for the legacy exposition
+// formats, where valid characters for metric names and label names are limited.
+// Support for arbitrary UTF-8 characters in those names is already partially
+// implemented in this module (see model.ValidationScheme), but to actually use
+// it on the wire, new content-type strings will have to be agreed upon and
+// added here.
 const (
 	TextVersion              = "0.0.4"
 	ProtoType                = `application/vnd.google.protobuf`
 	ProtoProtocol            = `io.prometheus.client.MetricFamily`
-	ProtoFmt                 = ProtoType + "; proto=" + ProtoProtocol + ";"
+	protoFmt                 = ProtoType + "; proto=" + ProtoProtocol + ";"
 	OpenMetricsType          = `application/openmetrics-text`
 	OpenMetricsVersion_0_0_1 = "0.0.1"
 	OpenMetricsVersion_1_0_0 = "1.0.0"
 
-	// The Content-Type values for the different wire protocols.
-	FmtUnknown           Format = ``
-	FmtText              Format = `text/plain; version=` + TextVersion + `; charset=utf-8`
-	FmtProtoDelim        Format = ProtoFmt + ` encoding=delimited`
-	FmtProtoText         Format = ProtoFmt + ` encoding=text`
-	FmtProtoCompact      Format = ProtoFmt + ` encoding=compact-text`
-	FmtOpenMetrics_1_0_0 Format = OpenMetricsType + `; version=` + OpenMetricsVersion_1_0_0 + `; charset=utf-8`
-	FmtOpenMetrics_0_0_1 Format = OpenMetricsType + `; version=` + OpenMetricsVersion_0_0_1 + `; charset=utf-8`
+	// The Content-Type values for the different wire protocols. Note that these
+	// values are now unexported. If code was relying on comparisons to these
+	// constants, instead use FormatType().
+	fmtUnknown           Format = ``
+	fmtText              Format = `text/plain; version=` + TextVersion + `; charset=utf-8`
+	fmtProtoDelim        Format = protoFmt + ` encoding=delimited`
+	fmtProtoText         Format = protoFmt + ` encoding=text`
+	fmtProtoCompact      Format = protoFmt + ` encoding=compact-text`
+	fmtOpenMetrics_1_0_0 Format = OpenMetricsType + `; version=` + OpenMetricsVersion_1_0_0 + `; charset=utf-8`
+	fmtOpenMetrics_0_0_1 Format = OpenMetricsType + `; version=` + OpenMetricsVersion_0_0_1 + `; charset=utf-8`
 )
 
 const (
 	hdrContentType = "Content-Type"
 	hdrAccept      = "Accept"
 )
+
+// FormatType is a Go enum representing the overall category for the given
+// Format. As the number of Format permutations increases, doing basic string
+// comparisons are not feasible, so this enum captures the most useful
+// high-level attribute of the Format string.
+type FormatType int
+
+const (
+	TypeUnknown = iota
+	TypeProtoCompact
+	TypeProtoDelim
+	TypeProtoText
+	TypeTextPlain
+	TypeOpenMetrics
+)
+
+// NewFormat generates a new Format from the type provided. Mostly used for
+// tests, most Formats should be generated as part of content negotiation in
+// encode.go.
+func NewFormat(t FormatType) Format {
+	switch t {
+	case TypeProtoCompact:
+		return fmtProtoCompact
+	case TypeProtoDelim:
+		return fmtProtoDelim
+	case TypeProtoText:
+		return fmtProtoText
+	case TypeTextPlain:
+		return fmtText
+	case TypeOpenMetrics:
+		return fmtOpenMetrics_1_0_0
+	default:
+		return fmtUnknown
+	}
+}
+
+// FormatType deduces an overall FormatType for the given format.
+func (f Format) FormatType() FormatType {
+	toks := strings.Split(string(f), ";")
+	if len(toks) < 2 {
+		return TypeUnknown
+	}
+
+	params := make(map[string]string)
+	for i, t := range toks {
+		if i == 0 {
+			continue
+		}
+		args := strings.Split(t, "=")
+		if len(args) != 2 {
+			continue
+		}
+		params[strings.TrimSpace(args[0])] = strings.TrimSpace(args[1])
+	}
+
+	switch strings.TrimSpace(toks[0]) {
+	case ProtoType:
+		if params["proto"] != ProtoProtocol {
+			return TypeUnknown
+		}
+		switch params["encoding"] {
+		case "delimited":
+			return TypeProtoDelim
+		case "text":
+			return TypeProtoText
+		case "compact-text":
+			return TypeProtoCompact
+		default:
+			return TypeUnknown
+		}
+	case OpenMetricsType:
+		if params["charset"] != "utf-8" {
+			return TypeUnknown
+		}
+		return TypeOpenMetrics
+	case "text/plain":
+		v, ok := params["version"]
+		if !ok {
+			return TypeTextPlain
+		}
+		if v == TextVersion {
+			return TypeTextPlain
+		}
+		return TypeUnknown
+	default:
+		return TypeUnknown
+	}
+}
+
+// ToEscapingScheme returns an EscapingScheme depending on the Format. Iff the
+// Format contains a escaping=allow-utf-8 term, it will select NoEscaping. If a valid
+// "escaping" term exists, that will be used. Otherwise, the global default will
+// be returned.
+func (format Format) ToEscapingScheme() model.EscapingScheme {
+	for _, p := range strings.Split(string(format), ";") {
+		toks := strings.Split(p, "=")
+		if len(toks) != 2 {
+			continue
+		}
+		key, value := strings.TrimSpace(toks[0]), strings.TrimSpace(toks[1])
+		if key == model.EscapingKey {
+			scheme, err := model.ToEscapingScheme(value)
+			if err != nil {
+				return model.NameEscapingScheme
+			}
+			return scheme
+		}
+	}
+	return model.NameEscapingScheme
+}
diff --git a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go
index 21cdddcf0..5622578ed 100644
--- a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go
+++ b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go
@@ -35,6 +35,18 @@ import (
 // sanity checks. If the input contains duplicate metrics or invalid metric or
 // label names, the conversion will result in invalid text format output.
 //
+// If metric names conform to the legacy validation pattern, they will be placed
+// outside the brackets in the traditional way, like `foo{}`. If the metric name
+// fails the legacy validation check, it will be placed quoted inside the
+// brackets: `{"foo"}`. As stated above, the input is assumed to be santized and
+// no error will be thrown in this case.
+//
+// Similar to metric names, if label names conform to the legacy validation
+// pattern, they will be unquoted as normal, like `foo{bar="baz"}`. If the label
+// name fails the legacy validation check, it will be quoted:
+// `foo{"bar"="baz"}`. As stated above, the input is assumed to be santized and
+// no error will be thrown in this case.
+//
 // This function fulfills the type 'expfmt.encoder'.
 //
 // Note that OpenMetrics requires a final `# EOF` line. Since this function acts
@@ -98,7 +110,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 		if err != nil {
 			return
 		}
-		n, err = w.WriteString(shortName)
+		n, err = writeName(w, shortName)
 		written += n
 		if err != nil {
 			return
@@ -124,7 +136,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 	if err != nil {
 		return
 	}
-	n, err = w.WriteString(shortName)
+	n, err = writeName(w, shortName)
 	written += n
 	if err != nil {
 		return
@@ -303,21 +315,9 @@ func writeOpenMetricsSample(
 	floatValue float64, intValue uint64, useIntValue bool,
 	exemplar *dto.Exemplar,
 ) (int, error) {
-	var written int
-	n, err := w.WriteString(name)
-	written += n
-	if err != nil {
-		return written, err
-	}
-	if suffix != "" {
-		n, err = w.WriteString(suffix)
-		written += n
-		if err != nil {
-			return written, err
-		}
-	}
-	n, err = writeOpenMetricsLabelPairs(
-		w, metric.Label, additionalLabelName, additionalLabelValue,
+	written := 0
+	n, err := writeOpenMetricsNameAndLabelPairs(
+		w, name+suffix, metric.Label, additionalLabelName, additionalLabelValue,
 	)
 	written += n
 	if err != nil {
@@ -365,27 +365,58 @@ func writeOpenMetricsSample(
 	return written, nil
 }
 
-// writeOpenMetricsLabelPairs works like writeOpenMetrics but formats the float
-// in OpenMetrics style.
-func writeOpenMetricsLabelPairs(
+// writeOpenMetricsNameAndLabelPairs works like writeOpenMetricsSample but
+// formats the float in OpenMetrics style.
+func writeOpenMetricsNameAndLabelPairs(
 	w enhancedWriter,
+	name string,
 	in []*dto.LabelPair,
 	additionalLabelName string, additionalLabelValue float64,
 ) (int, error) {
-	if len(in) == 0 && additionalLabelName == "" {
-		return 0, nil
-	}
 	var (
-		written   int
-		separator byte = '{'
+		written            int
+		separator          byte = '{'
+		metricInsideBraces      = false
 	)
+
+	if name != "" {
+		// If the name does not pass the legacy validity check, we must put the
+		// metric name inside the braces, quoted.
+		if !model.IsValidLegacyMetricName(model.LabelValue(name)) {
+			metricInsideBraces = true
+			err := w.WriteByte(separator)
+			written++
+			if err != nil {
+				return written, err
+			}
+			separator = ','
+		}
+
+		n, err := writeName(w, name)
+		written += n
+		if err != nil {
+			return written, err
+		}
+	}
+
+	if len(in) == 0 && additionalLabelName == "" {
+		if metricInsideBraces {
+			err := w.WriteByte('}')
+			written++
+			if err != nil {
+				return written, err
+			}
+		}
+		return written, nil
+	}
+
 	for _, lp := range in {
 		err := w.WriteByte(separator)
 		written++
 		if err != nil {
 			return written, err
 		}
-		n, err := w.WriteString(lp.GetName())
+		n, err := writeName(w, lp.GetName())
 		written += n
 		if err != nil {
 			return written, err
@@ -451,7 +482,7 @@ func writeExemplar(w enhancedWriter, e *dto.Exemplar) (int, error) {
 	if err != nil {
 		return written, err
 	}
-	n, err = writeOpenMetricsLabelPairs(w, e.Label, "", 0)
+	n, err = writeOpenMetricsNameAndLabelPairs(w, "", e.Label, "", 0)
 	written += n
 	if err != nil {
 		return written, err
diff --git a/vendor/github.com/prometheus/common/expfmt/text_create.go b/vendor/github.com/prometheus/common/expfmt/text_create.go
index 2946b8f1a..f9b8265a9 100644
--- a/vendor/github.com/prometheus/common/expfmt/text_create.go
+++ b/vendor/github.com/prometheus/common/expfmt/text_create.go
@@ -62,6 +62,18 @@ var (
 // contains duplicate metrics or invalid metric or label names, the conversion
 // will result in invalid text format output.
 //
+// If metric names conform to the legacy validation pattern, they will be placed
+// outside the brackets in the traditional way, like `foo{}`. If the metric name
+// fails the legacy validation check, it will be placed quoted inside the
+// brackets: `{"foo"}`. As stated above, the input is assumed to be santized and
+// no error will be thrown in this case.
+//
+// Similar to metric names, if label names conform to the legacy validation
+// pattern, they will be unquoted as normal, like `foo{bar="baz"}`. If the label
+// name fails the legacy validation check, it will be quoted:
+// `foo{"bar"="baz"}`. As stated above, the input is assumed to be santized and
+// no error will be thrown in this case.
+//
 // This method fulfills the type 'prometheus.encoder'.
 func MetricFamilyToText(out io.Writer, in *dto.MetricFamily) (written int, err error) {
 	// Fail-fast checks.
@@ -98,7 +110,7 @@ func MetricFamilyToText(out io.Writer, in *dto.MetricFamily) (written int, err e
 		if err != nil {
 			return
 		}
-		n, err = w.WriteString(name)
+		n, err = writeName(w, name)
 		written += n
 		if err != nil {
 			return
@@ -124,7 +136,7 @@ func MetricFamilyToText(out io.Writer, in *dto.MetricFamily) (written int, err e
 	if err != nil {
 		return
 	}
-	n, err = w.WriteString(name)
+	n, err = writeName(w, name)
 	written += n
 	if err != nil {
 		return
@@ -280,21 +292,9 @@ func writeSample(
 	additionalLabelName string, additionalLabelValue float64,
 	value float64,
 ) (int, error) {
-	var written int
-	n, err := w.WriteString(name)
-	written += n
-	if err != nil {
-		return written, err
-	}
-	if suffix != "" {
-		n, err = w.WriteString(suffix)
-		written += n
-		if err != nil {
-			return written, err
-		}
-	}
-	n, err = writeLabelPairs(
-		w, metric.Label, additionalLabelName, additionalLabelValue,
+	written := 0
+	n, err := writeNameAndLabelPairs(
+		w, name+suffix, metric.Label, additionalLabelName, additionalLabelValue,
 	)
 	written += n
 	if err != nil {
@@ -330,32 +330,64 @@ func writeSample(
 	return written, nil
 }
 
-// writeLabelPairs converts a slice of LabelPair proto messages plus the
-// explicitly given additional label pair into text formatted as required by the
-// text format and writes it to 'w'. An empty slice in combination with an empty
-// string 'additionalLabelName' results in nothing being written. Otherwise, the
-// label pairs are written, escaped as required by the text format, and enclosed
-// in '{...}'. The function returns the number of bytes written and any error
-// encountered.
-func writeLabelPairs(
+// writeNameAndLabelPairs converts a slice of LabelPair proto messages plus the
+// explicitly given metric name and additional label pair into text formatted as
+// required by the text format and writes it to 'w'. An empty slice in
+// combination with an empty string 'additionalLabelName' results in nothing
+// being written. Otherwise, the label pairs are written, escaped as required by
+// the text format, and enclosed in '{...}'. The function returns the number of
+// bytes written and any error encountered. If the metric name is not
+// legacy-valid, it will be put inside the brackets as well. Legacy-invalid
+// label names will also be quoted.
+func writeNameAndLabelPairs(
 	w enhancedWriter,
+	name string,
 	in []*dto.LabelPair,
 	additionalLabelName string, additionalLabelValue float64,
 ) (int, error) {
-	if len(in) == 0 && additionalLabelName == "" {
-		return 0, nil
-	}
 	var (
-		written   int
-		separator byte = '{'
+		written            int
+		separator          byte = '{'
+		metricInsideBraces      = false
 	)
+
+	if name != "" {
+		// If the name does not pass the legacy validity check, we must put the
+		// metric name inside the braces.
+		if !model.IsValidLegacyMetricName(model.LabelValue(name)) {
+			metricInsideBraces = true
+			err := w.WriteByte(separator)
+			written++
+			if err != nil {
+				return written, err
+			}
+			separator = ','
+		}
+		n, err := writeName(w, name)
+		written += n
+		if err != nil {
+			return written, err
+		}
+	}
+
+	if len(in) == 0 && additionalLabelName == "" {
+		if metricInsideBraces {
+			err := w.WriteByte('}')
+			written++
+			if err != nil {
+				return written, err
+			}
+		}
+		return written, nil
+	}
+
 	for _, lp := range in {
 		err := w.WriteByte(separator)
 		written++
 		if err != nil {
 			return written, err
 		}
-		n, err := w.WriteString(lp.GetName())
+		n, err := writeName(w, lp.GetName())
 		written += n
 		if err != nil {
 			return written, err
@@ -462,3 +494,27 @@ func writeInt(w enhancedWriter, i int64) (int, error) {
 	numBufPool.Put(bp)
 	return written, err
 }
+
+// writeName writes a string as-is if it complies with the legacy naming
+// scheme, or escapes it in double quotes if not.
+func writeName(w enhancedWriter, name string) (int, error) {
+	if model.IsValidLegacyMetricName(model.LabelValue(name)) {
+		return w.WriteString(name)
+	}
+	var written int
+	var err error
+	err = w.WriteByte('"')
+	written++
+	if err != nil {
+		return written, err
+	}
+	var n int
+	n, err = writeEscapedString(w, name, true)
+	written += n
+	if err != nil {
+		return written, err
+	}
+	err = w.WriteByte('"')
+	written++
+	return written, err
+}
diff --git a/vendor/github.com/prometheus/common/expfmt/text_parse.go b/vendor/github.com/prometheus/common/expfmt/text_parse.go
index 35db1cc9d..26490211a 100644
--- a/vendor/github.com/prometheus/common/expfmt/text_parse.go
+++ b/vendor/github.com/prometheus/common/expfmt/text_parse.go
@@ -16,6 +16,7 @@ package expfmt
 import (
 	"bufio"
 	"bytes"
+	"errors"
 	"fmt"
 	"io"
 	"math"
@@ -24,8 +25,9 @@ import (
 
 	dto "github.com/prometheus/client_model/go"
 
-	"github.com/prometheus/common/model"
 	"google.golang.org/protobuf/proto"
+
+	"github.com/prometheus/common/model"
 )
 
 // A stateFn is a function that represents a state in a state machine. By
@@ -112,7 +114,7 @@ func (p *TextParser) TextToMetricFamilies(in io.Reader) (map[string]*dto.MetricF
 	// stream. Turn this error into something nicer and more
 	// meaningful. (io.EOF is often used as a signal for the legitimate end
 	// of an input stream.)
-	if p.err == io.EOF {
+	if p.err != nil && errors.Is(p.err, io.EOF) {
 		p.parseError("unexpected end of input stream")
 	}
 	return p.metricFamiliesByName, p.err
@@ -146,7 +148,7 @@ func (p *TextParser) startOfLine() stateFn {
 		// which is not an error but the signal that we are done.
 		// Any other error that happens to align with the start of
 		// a line is still an error.
-		if p.err == io.EOF {
+		if errors.Is(p.err, io.EOF) {
 			p.err = nil
 		}
 		return nil
diff --git a/vendor/github.com/prometheus/common/model/alert.go b/vendor/github.com/prometheus/common/model/alert.go
index 35e739c7a..178fdbaf6 100644
--- a/vendor/github.com/prometheus/common/model/alert.go
+++ b/vendor/github.com/prometheus/common/model/alert.go
@@ -90,13 +90,13 @@ func (a *Alert) Validate() error {
 		return fmt.Errorf("start time must be before end time")
 	}
 	if err := a.Labels.Validate(); err != nil {
-		return fmt.Errorf("invalid label set: %s", err)
+		return fmt.Errorf("invalid label set: %w", err)
 	}
 	if len(a.Labels) == 0 {
 		return fmt.Errorf("at least one label pair required")
 	}
 	if err := a.Annotations.Validate(); err != nil {
-		return fmt.Errorf("invalid annotations: %s", err)
+		return fmt.Errorf("invalid annotations: %w", err)
 	}
 	return nil
 }
diff --git a/vendor/github.com/prometheus/common/model/labels.go b/vendor/github.com/prometheus/common/model/labels.go
index ef8956335..3317ce22f 100644
--- a/vendor/github.com/prometheus/common/model/labels.go
+++ b/vendor/github.com/prometheus/common/model/labels.go
@@ -97,17 +97,25 @@ var LabelNameRE = regexp.MustCompile("^[a-zA-Z_][a-zA-Z0-9_]*$")
 // therewith.
 type LabelName string
 
-// IsValid is true iff the label name matches the pattern of LabelNameRE. This
-// method, however, does not use LabelNameRE for the check but a much faster
-// hardcoded implementation.
+// IsValid returns true iff name matches the pattern of LabelNameRE for legacy
+// names, and iff it's valid UTF-8 if NameValidationScheme is set to
+// UTF8Validation. For the legacy matching, it does not use LabelNameRE for the
+// check but a much faster hardcoded implementation.
 func (ln LabelName) IsValid() bool {
 	if len(ln) == 0 {
 		return false
 	}
-	for i, b := range ln {
-		if !((b >= 'a' && b <= 'z') || (b >= 'A' && b <= 'Z') || b == '_' || (b >= '0' && b <= '9' && i > 0)) {
-			return false
+	switch NameValidationScheme {
+	case LegacyValidation:
+		for i, b := range ln {
+			if !((b >= 'a' && b <= 'z') || (b >= 'A' && b <= 'Z') || b == '_' || (b >= '0' && b <= '9' && i > 0)) {
+				return false
+			}
 		}
+	case UTF8Validation:
+		return utf8.ValidString(string(ln))
+	default:
+		panic(fmt.Sprintf("Invalid name validation scheme requested: %d", NameValidationScheme))
 	}
 	return true
 }
@@ -164,7 +172,7 @@ func (l LabelNames) String() string {
 // A LabelValue is an associated value for a LabelName.
 type LabelValue string
 
-// IsValid returns true iff the string is a valid UTF8.
+// IsValid returns true iff the string is a valid UTF-8.
 func (lv LabelValue) IsValid() bool {
 	return utf8.ValidString(string(lv))
 }
diff --git a/vendor/github.com/prometheus/common/model/metadata.go b/vendor/github.com/prometheus/common/model/metadata.go
new file mode 100644
index 000000000..447ab8ad6
--- /dev/null
+++ b/vendor/github.com/prometheus/common/model/metadata.go
@@ -0,0 +1,28 @@
+// Copyright 2023 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package model
+
+// MetricType represents metric type values.
+type MetricType string
+
+const (
+	MetricTypeCounter        = MetricType("counter")
+	MetricTypeGauge          = MetricType("gauge")
+	MetricTypeHistogram      = MetricType("histogram")
+	MetricTypeGaugeHistogram = MetricType("gaugehistogram")
+	MetricTypeSummary        = MetricType("summary")
+	MetricTypeInfo           = MetricType("info")
+	MetricTypeStateset       = MetricType("stateset")
+	MetricTypeUnknown        = MetricType("unknown")
+)
diff --git a/vendor/github.com/prometheus/common/model/metric.go b/vendor/github.com/prometheus/common/model/metric.go
index 00804b7fe..0bd29b3a3 100644
--- a/vendor/github.com/prometheus/common/model/metric.go
+++ b/vendor/github.com/prometheus/common/model/metric.go
@@ -18,15 +18,84 @@ import (
 	"regexp"
 	"sort"
 	"strings"
+	"unicode/utf8"
+
+	dto "github.com/prometheus/client_model/go"
+	"google.golang.org/protobuf/proto"
 )
 
 var (
-	// MetricNameRE is a regular expression matching valid metric
-	// names. Note that the IsValidMetricName function performs the same
-	// check but faster than a match with this regular expression.
-	MetricNameRE = regexp.MustCompile(`^[a-zA-Z_:][a-zA-Z0-9_:]*$`)
+	// NameValidationScheme determines the method of name validation to be used by
+	// all calls to IsValidMetricName() and LabelName IsValid(). Setting UTF-8 mode
+	// in isolation from other components that don't support UTF-8 may result in
+	// bugs or other undefined behavior. This value is intended to be set by
+	// UTF-8-aware binaries as part of their startup. To avoid need for locking,
+	// this value should be set once, ideally in an init(), before multiple
+	// goroutines are started.
+	NameValidationScheme = LegacyValidation
+
+	// NameEscapingScheme defines the default way that names will be
+	// escaped when presented to systems that do not support UTF-8 names. If the
+	// Content-Type "escaping" term is specified, that will override this value.
+	NameEscapingScheme = ValueEncodingEscaping
+)
+
+// ValidationScheme is a Go enum for determining how metric and label names will
+// be validated by this library.
+type ValidationScheme int
+
+const (
+	// LegacyValidation is a setting that requirets that metric and label names
+	// conform to the original Prometheus character requirements described by
+	// MetricNameRE and LabelNameRE.
+	LegacyValidation ValidationScheme = iota
+
+	// UTF8Validation only requires that metric and label names be valid UTF-8
+	// strings.
+	UTF8Validation
+)
+
+type EscapingScheme int
+
+const (
+	// NoEscaping indicates that a name will not be escaped. Unescaped names that
+	// do not conform to the legacy validity check will use a new exposition
+	// format syntax that will be officially standardized in future versions.
+	NoEscaping EscapingScheme = iota
+
+	// UnderscoreEscaping replaces all legacy-invalid characters with underscores.
+	UnderscoreEscaping
+
+	// DotsEscaping is similar to UnderscoreEscaping, except that dots are
+	// converted to `_dot_` and pre-existing underscores are converted to `__`.
+	DotsEscaping
+
+	// ValueEncodingEscaping prepends the name with `U__` and replaces all invalid
+	// characters with the unicode value, surrounded by underscores. Single
+	// underscores are replaced with double underscores.
+	ValueEncodingEscaping
+)
+
+const (
+	// EscapingKey is the key in an Accept or Content-Type header that defines how
+	// metric and label names that do not conform to the legacy character
+	// requirements should be escaped when being scraped by a legacy prometheus
+	// system. If a system does not explicitly pass an escaping parameter in the
+	// Accept header, the default NameEscapingScheme will be used.
+	EscapingKey = "escaping"
+
+	// Possible values for Escaping Key:
+	AllowUTF8         = "allow-utf-8" // No escaping required.
+	EscapeUnderscores = "underscores"
+	EscapeDots        = "dots"
+	EscapeValues      = "values"
 )
 
+// MetricNameRE is a regular expression matching valid metric
+// names. Note that the IsValidMetricName function performs the same
+// check but faster than a match with this regular expression.
+var MetricNameRE = regexp.MustCompile(`^[a-zA-Z_:][a-zA-Z0-9_:]*$`)
+
 // A Metric is similar to a LabelSet, but the key difference is that a Metric is
 // a singleton and refers to one and only one stream of samples.
 type Metric LabelSet
@@ -86,17 +155,302 @@ func (m Metric) FastFingerprint() Fingerprint {
 	return LabelSet(m).FastFingerprint()
 }
 
-// IsValidMetricName returns true iff name matches the pattern of MetricNameRE.
+// IsValidMetricName returns true iff name matches the pattern of MetricNameRE
+// for legacy names, and iff it's valid UTF-8 if the UTF8Validation scheme is
+// selected.
+func IsValidMetricName(n LabelValue) bool {
+	switch NameValidationScheme {
+	case LegacyValidation:
+		return IsValidLegacyMetricName(n)
+	case UTF8Validation:
+		if len(n) == 0 {
+			return false
+		}
+		return utf8.ValidString(string(n))
+	default:
+		panic(fmt.Sprintf("Invalid name validation scheme requested: %d", NameValidationScheme))
+	}
+}
+
+// IsValidLegacyMetricName is similar to IsValidMetricName but always uses the
+// legacy validation scheme regardless of the value of NameValidationScheme.
 // This function, however, does not use MetricNameRE for the check but a much
 // faster hardcoded implementation.
-func IsValidMetricName(n LabelValue) bool {
+func IsValidLegacyMetricName(n LabelValue) bool {
 	if len(n) == 0 {
 		return false
 	}
 	for i, b := range n {
-		if !((b >= 'a' && b <= 'z') || (b >= 'A' && b <= 'Z') || b == '_' || b == ':' || (b >= '0' && b <= '9' && i > 0)) {
+		if !isValidLegacyRune(b, i) {
 			return false
 		}
 	}
 	return true
 }
+
+// EscapeMetricFamily escapes the given metric names and labels with the given
+// escaping scheme. Returns a new object that uses the same pointers to fields
+// when possible and creates new escaped versions so as not to mutate the
+// input.
+func EscapeMetricFamily(v *dto.MetricFamily, scheme EscapingScheme) *dto.MetricFamily {
+	if v == nil {
+		return nil
+	}
+
+	if scheme == NoEscaping {
+		return v
+	}
+
+	out := &dto.MetricFamily{
+		Help: v.Help,
+		Type: v.Type,
+	}
+
+	// If the name is nil, copy as-is, don't try to escape.
+	if v.Name == nil || IsValidLegacyMetricName(LabelValue(v.GetName())) {
+		out.Name = v.Name
+	} else {
+		out.Name = proto.String(EscapeName(v.GetName(), scheme))
+	}
+	for _, m := range v.Metric {
+		if !metricNeedsEscaping(m) {
+			out.Metric = append(out.Metric, m)
+			continue
+		}
+
+		escaped := &dto.Metric{
+			Gauge:       m.Gauge,
+			Counter:     m.Counter,
+			Summary:     m.Summary,
+			Untyped:     m.Untyped,
+			Histogram:   m.Histogram,
+			TimestampMs: m.TimestampMs,
+		}
+
+		for _, l := range m.Label {
+			if l.GetName() == MetricNameLabel {
+				if l.Value == nil || IsValidLegacyMetricName(LabelValue(l.GetValue())) {
+					escaped.Label = append(escaped.Label, l)
+					continue
+				}
+				escaped.Label = append(escaped.Label, &dto.LabelPair{
+					Name:  proto.String(MetricNameLabel),
+					Value: proto.String(EscapeName(l.GetValue(), scheme)),
+				})
+				continue
+			}
+			if l.Name == nil || IsValidLegacyMetricName(LabelValue(l.GetName())) {
+				escaped.Label = append(escaped.Label, l)
+				continue
+			}
+			escaped.Label = append(escaped.Label, &dto.LabelPair{
+				Name:  proto.String(EscapeName(l.GetName(), scheme)),
+				Value: l.Value,
+			})
+		}
+		out.Metric = append(out.Metric, escaped)
+	}
+	return out
+}
+
+func metricNeedsEscaping(m *dto.Metric) bool {
+	for _, l := range m.Label {
+		if l.GetName() == MetricNameLabel && !IsValidLegacyMetricName(LabelValue(l.GetValue())) {
+			return true
+		}
+		if !IsValidLegacyMetricName(LabelValue(l.GetName())) {
+			return true
+		}
+	}
+	return false
+}
+
+const (
+	lowerhex = "0123456789abcdef"
+)
+
+// EscapeName escapes the incoming name according to the provided escaping
+// scheme. Depending on the rules of escaping, this may cause no change in the
+// string that is returned. (Especially NoEscaping, which by definition is a
+// noop). This function does not do any validation of the name.
+func EscapeName(name string, scheme EscapingScheme) string {
+	if len(name) == 0 {
+		return name
+	}
+	var escaped strings.Builder
+	switch scheme {
+	case NoEscaping:
+		return name
+	case UnderscoreEscaping:
+		if IsValidLegacyMetricName(LabelValue(name)) {
+			return name
+		}
+		for i, b := range name {
+			if isValidLegacyRune(b, i) {
+				escaped.WriteRune(b)
+			} else {
+				escaped.WriteRune('_')
+			}
+		}
+		return escaped.String()
+	case DotsEscaping:
+		// Do not early return for legacy valid names, we still escape underscores.
+		for i, b := range name {
+			if b == '_' {
+				escaped.WriteString("__")
+			} else if b == '.' {
+				escaped.WriteString("_dot_")
+			} else if isValidLegacyRune(b, i) {
+				escaped.WriteRune(b)
+			} else {
+				escaped.WriteRune('_')
+			}
+		}
+		return escaped.String()
+	case ValueEncodingEscaping:
+		if IsValidLegacyMetricName(LabelValue(name)) {
+			return name
+		}
+		escaped.WriteString("U__")
+		for i, b := range name {
+			if isValidLegacyRune(b, i) {
+				escaped.WriteRune(b)
+			} else if !utf8.ValidRune(b) {
+				escaped.WriteString("_FFFD_")
+			} else if b < 0x100 {
+				escaped.WriteRune('_')
+				for s := 4; s >= 0; s -= 4 {
+					escaped.WriteByte(lowerhex[b>>uint(s)&0xF])
+				}
+				escaped.WriteRune('_')
+			} else if b < 0x10000 {
+				escaped.WriteRune('_')
+				for s := 12; s >= 0; s -= 4 {
+					escaped.WriteByte(lowerhex[b>>uint(s)&0xF])
+				}
+				escaped.WriteRune('_')
+			}
+		}
+		return escaped.String()
+	default:
+		panic(fmt.Sprintf("invalid escaping scheme %d", scheme))
+	}
+}
+
+// lower function taken from strconv.atoi
+func lower(c byte) byte {
+	return c | ('x' - 'X')
+}
+
+// UnescapeName unescapes the incoming name according to the provided escaping
+// scheme if possible. Some schemes are partially or totally non-roundtripable.
+// If any error is enountered, returns the original input.
+func UnescapeName(name string, scheme EscapingScheme) string {
+	if len(name) == 0 {
+		return name
+	}
+	switch scheme {
+	case NoEscaping:
+		return name
+	case UnderscoreEscaping:
+		// It is not possible to unescape from underscore replacement.
+		return name
+	case DotsEscaping:
+		name = strings.ReplaceAll(name, "_dot_", ".")
+		name = strings.ReplaceAll(name, "__", "_")
+		return name
+	case ValueEncodingEscaping:
+		escapedName, found := strings.CutPrefix(name, "U__")
+		if !found {
+			return name
+		}
+
+		var unescaped strings.Builder
+	TOP:
+		for i := 0; i < len(escapedName); i++ {
+			// All non-underscores are treated normally.
+			if escapedName[i] != '_' {
+				unescaped.WriteByte(escapedName[i])
+				continue
+			}
+			i++
+			if i >= len(escapedName) {
+				return name
+			}
+			// A double underscore is a single underscore.
+			if escapedName[i] == '_' {
+				unescaped.WriteByte('_')
+				continue
+			}
+			// We think we are in a UTF-8 code, process it.
+			var utf8Val uint
+			for j := 0; i < len(escapedName); j++ {
+				// This is too many characters for a utf8 value.
+				if j > 4 {
+					return name
+				}
+				// Found a closing underscore, convert to a rune, check validity, and append.
+				if escapedName[i] == '_' {
+					utf8Rune := rune(utf8Val)
+					if !utf8.ValidRune(utf8Rune) {
+						return name
+					}
+					unescaped.WriteRune(utf8Rune)
+					continue TOP
+				}
+				r := lower(escapedName[i])
+				utf8Val *= 16
+				if r >= '0' && r <= '9' {
+					utf8Val += uint(r) - '0'
+				} else if r >= 'a' && r <= 'f' {
+					utf8Val += uint(r) - 'a' + 10
+				} else {
+					return name
+				}
+				i++
+			}
+			// Didn't find closing underscore, invalid.
+			return name
+		}
+		return unescaped.String()
+	default:
+		panic(fmt.Sprintf("invalid escaping scheme %d", scheme))
+	}
+}
+
+func isValidLegacyRune(b rune, i int) bool {
+	return (b >= 'a' && b <= 'z') || (b >= 'A' && b <= 'Z') || b == '_' || b == ':' || (b >= '0' && b <= '9' && i > 0)
+}
+
+func (e EscapingScheme) String() string {
+	switch e {
+	case NoEscaping:
+		return AllowUTF8
+	case UnderscoreEscaping:
+		return EscapeUnderscores
+	case DotsEscaping:
+		return EscapeDots
+	case ValueEncodingEscaping:
+		return EscapeValues
+	default:
+		panic(fmt.Sprintf("unknown format scheme %d", e))
+	}
+}
+
+func ToEscapingScheme(s string) (EscapingScheme, error) {
+	if s == "" {
+		return NoEscaping, fmt.Errorf("got empty string instead of escaping scheme")
+	}
+	switch s {
+	case AllowUTF8:
+		return NoEscaping, nil
+	case EscapeUnderscores:
+		return UnderscoreEscaping, nil
+	case EscapeDots:
+		return DotsEscaping, nil
+	case EscapeValues:
+		return ValueEncodingEscaping, nil
+	default:
+		return NoEscaping, fmt.Errorf("unknown format scheme " + s)
+	}
+}
diff --git a/vendor/github.com/prometheus/common/model/signature.go b/vendor/github.com/prometheus/common/model/signature.go
index 8762b13c6..dc8a0026c 100644
--- a/vendor/github.com/prometheus/common/model/signature.go
+++ b/vendor/github.com/prometheus/common/model/signature.go
@@ -22,10 +22,8 @@ import (
 // when calculating their combined hash value (aka signature aka fingerprint).
 const SeparatorByte byte = 255
 
-var (
-	// cache the signature of an empty label set.
-	emptyLabelSignature = hashNew()
-)
+// cache the signature of an empty label set.
+var emptyLabelSignature = hashNew()
 
 // LabelsToSignature returns a quasi-unique signature (i.e., fingerprint) for a
 // given label set. (Collisions are possible but unlikely if the number of label
diff --git a/vendor/github.com/prometheus/common/model/silence.go b/vendor/github.com/prometheus/common/model/silence.go
index bb99889d2..910b0b71f 100644
--- a/vendor/github.com/prometheus/common/model/silence.go
+++ b/vendor/github.com/prometheus/common/model/silence.go
@@ -81,7 +81,7 @@ func (s *Silence) Validate() error {
 	}
 	for _, m := range s.Matchers {
 		if err := m.Validate(); err != nil {
-			return fmt.Errorf("invalid matcher: %s", err)
+			return fmt.Errorf("invalid matcher: %w", err)
 		}
 	}
 	if s.StartsAt.IsZero() {
diff --git a/vendor/github.com/prometheus/common/model/value.go b/vendor/github.com/prometheus/common/model/value.go
index 9eb440413..8050637d8 100644
--- a/vendor/github.com/prometheus/common/model/value.go
+++ b/vendor/github.com/prometheus/common/model/value.go
@@ -21,14 +21,12 @@ import (
 	"strings"
 )
 
-var (
-	// ZeroSample is the pseudo zero-value of Sample used to signal a
-	// non-existing sample. It is a Sample with timestamp Earliest, value 0.0,
-	// and metric nil. Note that the natural zero value of Sample has a timestamp
-	// of 0, which is possible to appear in a real Sample and thus not suitable
-	// to signal a non-existing Sample.
-	ZeroSample = Sample{Timestamp: Earliest}
-)
+// ZeroSample is the pseudo zero-value of Sample used to signal a
+// non-existing sample. It is a Sample with timestamp Earliest, value 0.0,
+// and metric nil. Note that the natural zero value of Sample has a timestamp
+// of 0, which is possible to appear in a real Sample and thus not suitable
+// to signal a non-existing Sample.
+var ZeroSample = Sample{Timestamp: Earliest}
 
 // Sample is a sample pair associated with a metric. A single sample must either
 // define Value or Histogram but not both. Histogram == nil implies the Value
@@ -274,7 +272,7 @@ func (s *Scalar) UnmarshalJSON(b []byte) error {
 
 	value, err := strconv.ParseFloat(f, 64)
 	if err != nil {
-		return fmt.Errorf("error parsing sample value: %s", err)
+		return fmt.Errorf("error parsing sample value: %w", err)
 	}
 	s.Value = SampleValue(value)
 	return nil
diff --git a/vendor/github.com/prometheus/common/model/value_float.go b/vendor/github.com/prometheus/common/model/value_float.go
index 0f615a705..ae35cc2ab 100644
--- a/vendor/github.com/prometheus/common/model/value_float.go
+++ b/vendor/github.com/prometheus/common/model/value_float.go
@@ -20,14 +20,12 @@ import (
 	"strconv"
 )
 
-var (
-	// ZeroSamplePair is the pseudo zero-value of SamplePair used to signal a
-	// non-existing sample pair. It is a SamplePair with timestamp Earliest and
-	// value 0.0. Note that the natural zero value of SamplePair has a timestamp
-	// of 0, which is possible to appear in a real SamplePair and thus not
-	// suitable to signal a non-existing SamplePair.
-	ZeroSamplePair = SamplePair{Timestamp: Earliest}
-)
+// ZeroSamplePair is the pseudo zero-value of SamplePair used to signal a
+// non-existing sample pair. It is a SamplePair with timestamp Earliest and
+// value 0.0. Note that the natural zero value of SamplePair has a timestamp
+// of 0, which is possible to appear in a real SamplePair and thus not
+// suitable to signal a non-existing SamplePair.
+var ZeroSamplePair = SamplePair{Timestamp: Earliest}
 
 // A SampleValue is a representation of a value for a given sample at a given
 // time.
diff --git a/vendor/golang.org/x/net/idna/go118.go b/vendor/golang.org/x/net/idna/go118.go
index c5c4338db..712f1ad83 100644
--- a/vendor/golang.org/x/net/idna/go118.go
+++ b/vendor/golang.org/x/net/idna/go118.go
@@ -5,7 +5,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build go1.18
-// +build go1.18
 
 package idna
 
diff --git a/vendor/golang.org/x/net/idna/idna10.0.0.go b/vendor/golang.org/x/net/idna/idna10.0.0.go
index 64ccf85fe..7b3717884 100644
--- a/vendor/golang.org/x/net/idna/idna10.0.0.go
+++ b/vendor/golang.org/x/net/idna/idna10.0.0.go
@@ -5,7 +5,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build go1.10
-// +build go1.10
 
 // Package idna implements IDNA2008 using the compatibility processing
 // defined by UTS (Unicode Technical Standard) #46, which defines a standard to
diff --git a/vendor/golang.org/x/net/idna/idna9.0.0.go b/vendor/golang.org/x/net/idna/idna9.0.0.go
index ee1698cef..cc6a892a4 100644
--- a/vendor/golang.org/x/net/idna/idna9.0.0.go
+++ b/vendor/golang.org/x/net/idna/idna9.0.0.go
@@ -5,7 +5,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !go1.10
-// +build !go1.10
 
 // Package idna implements IDNA2008 using the compatibility processing
 // defined by UTS (Unicode Technical Standard) #46, which defines a standard to
diff --git a/vendor/golang.org/x/net/idna/pre_go118.go b/vendor/golang.org/x/net/idna/pre_go118.go
index 3aaccab1c..40e74bb3d 100644
--- a/vendor/golang.org/x/net/idna/pre_go118.go
+++ b/vendor/golang.org/x/net/idna/pre_go118.go
@@ -5,7 +5,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !go1.18
-// +build !go1.18
 
 package idna
 
diff --git a/vendor/golang.org/x/net/idna/tables10.0.0.go b/vendor/golang.org/x/net/idna/tables10.0.0.go
index d1d62ef45..c6c2bf10a 100644
--- a/vendor/golang.org/x/net/idna/tables10.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables10.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.10 && !go1.13
-// +build go1.10,!go1.13
 
 package idna
 
diff --git a/vendor/golang.org/x/net/idna/tables11.0.0.go b/vendor/golang.org/x/net/idna/tables11.0.0.go
index 167efba71..76789393c 100644
--- a/vendor/golang.org/x/net/idna/tables11.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables11.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.13 && !go1.14
-// +build go1.13,!go1.14
 
 package idna
 
diff --git a/vendor/golang.org/x/net/idna/tables12.0.0.go b/vendor/golang.org/x/net/idna/tables12.0.0.go
index ab40f7bcc..0600cd2ae 100644
--- a/vendor/golang.org/x/net/idna/tables12.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables12.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.14 && !go1.16
-// +build go1.14,!go1.16
 
 package idna
 
diff --git a/vendor/golang.org/x/net/idna/tables13.0.0.go b/vendor/golang.org/x/net/idna/tables13.0.0.go
index 66701eadf..2fb768ef6 100644
--- a/vendor/golang.org/x/net/idna/tables13.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables13.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.16 && !go1.21
-// +build go1.16,!go1.21
 
 package idna
 
diff --git a/vendor/golang.org/x/net/idna/tables15.0.0.go b/vendor/golang.org/x/net/idna/tables15.0.0.go
index 40033778f..5ff05fe1a 100644
--- a/vendor/golang.org/x/net/idna/tables15.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables15.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build go1.21
-// +build go1.21
 
 package idna
 
diff --git a/vendor/golang.org/x/net/idna/tables9.0.0.go b/vendor/golang.org/x/net/idna/tables9.0.0.go
index 4074b5332..0f25e84ca 100644
--- a/vendor/golang.org/x/net/idna/tables9.0.0.go
+++ b/vendor/golang.org/x/net/idna/tables9.0.0.go
@@ -1,7 +1,6 @@
 // Code generated by running "go generate" in golang.org/x/text. DO NOT EDIT.
 
 //go:build !go1.10
-// +build !go1.10
 
 package idna
 
diff --git a/vendor/golang.org/x/net/idna/trie12.0.0.go b/vendor/golang.org/x/net/idna/trie12.0.0.go
index bb63f904b..8a75b9667 100644
--- a/vendor/golang.org/x/net/idna/trie12.0.0.go
+++ b/vendor/golang.org/x/net/idna/trie12.0.0.go
@@ -5,7 +5,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build !go1.16
-// +build !go1.16
 
 package idna
 
diff --git a/vendor/golang.org/x/net/idna/trie13.0.0.go b/vendor/golang.org/x/net/idna/trie13.0.0.go
index 7d68a8dc1..fa45bb907 100644
--- a/vendor/golang.org/x/net/idna/trie13.0.0.go
+++ b/vendor/golang.org/x/net/idna/trie13.0.0.go
@@ -5,7 +5,6 @@
 // license that can be found in the LICENSE file.
 
 //go:build go1.16
-// +build go1.16
 
 package idna
 
diff --git a/vendor/google.golang.org/protobuf/encoding/protodelim/protodelim.go b/vendor/google.golang.org/protobuf/encoding/protodelim/protodelim.go
new file mode 100644
index 000000000..2ef36bbcf
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/encoding/protodelim/protodelim.go
@@ -0,0 +1,160 @@
+// Copyright 2022 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package protodelim marshals and unmarshals varint size-delimited messages.
+package protodelim
+
+import (
+	"bufio"
+	"encoding/binary"
+	"fmt"
+	"io"
+
+	"google.golang.org/protobuf/encoding/protowire"
+	"google.golang.org/protobuf/internal/errors"
+	"google.golang.org/protobuf/proto"
+)
+
+// MarshalOptions is a configurable varint size-delimited marshaler.
+type MarshalOptions struct{ proto.MarshalOptions }
+
+// MarshalTo writes a varint size-delimited wire-format message to w.
+// If w returns an error, MarshalTo returns it unchanged.
+func (o MarshalOptions) MarshalTo(w io.Writer, m proto.Message) (int, error) {
+	msgBytes, err := o.MarshalOptions.Marshal(m)
+	if err != nil {
+		return 0, err
+	}
+
+	sizeBytes := protowire.AppendVarint(nil, uint64(len(msgBytes)))
+	sizeWritten, err := w.Write(sizeBytes)
+	if err != nil {
+		return sizeWritten, err
+	}
+	msgWritten, err := w.Write(msgBytes)
+	if err != nil {
+		return sizeWritten + msgWritten, err
+	}
+	return sizeWritten + msgWritten, nil
+}
+
+// MarshalTo writes a varint size-delimited wire-format message to w
+// with the default options.
+//
+// See the documentation for [MarshalOptions.MarshalTo].
+func MarshalTo(w io.Writer, m proto.Message) (int, error) {
+	return MarshalOptions{}.MarshalTo(w, m)
+}
+
+// UnmarshalOptions is a configurable varint size-delimited unmarshaler.
+type UnmarshalOptions struct {
+	proto.UnmarshalOptions
+
+	// MaxSize is the maximum size in wire-format bytes of a single message.
+	// Unmarshaling a message larger than MaxSize will return an error.
+	// A zero MaxSize will default to 4 MiB.
+	// Setting MaxSize to -1 disables the limit.
+	MaxSize int64
+}
+
+const defaultMaxSize = 4 << 20 // 4 MiB, corresponds to the default gRPC max request/response size
+
+// SizeTooLargeError is an error that is returned when the unmarshaler encounters a message size
+// that is larger than its configured [UnmarshalOptions.MaxSize].
+type SizeTooLargeError struct {
+	// Size is the varint size of the message encountered
+	// that was larger than the provided MaxSize.
+	Size uint64
+
+	// MaxSize is the MaxSize limit configured in UnmarshalOptions, which Size exceeded.
+	MaxSize uint64
+}
+
+func (e *SizeTooLargeError) Error() string {
+	return fmt.Sprintf("message size %d exceeded unmarshaler's maximum configured size %d", e.Size, e.MaxSize)
+}
+
+// Reader is the interface expected by [UnmarshalFrom].
+// It is implemented by *[bufio.Reader].
+type Reader interface {
+	io.Reader
+	io.ByteReader
+}
+
+// UnmarshalFrom parses and consumes a varint size-delimited wire-format message
+// from r.
+// The provided message must be mutable (e.g., a non-nil pointer to a message).
+//
+// The error is [io.EOF] error only if no bytes are read.
+// If an EOF happens after reading some but not all the bytes,
+// UnmarshalFrom returns a non-io.EOF error.
+// In particular if r returns a non-io.EOF error, UnmarshalFrom returns it unchanged,
+// and if only a size is read with no subsequent message, [io.ErrUnexpectedEOF] is returned.
+func (o UnmarshalOptions) UnmarshalFrom(r Reader, m proto.Message) error {
+	var sizeArr [binary.MaxVarintLen64]byte
+	sizeBuf := sizeArr[:0]
+	for i := range sizeArr {
+		b, err := r.ReadByte()
+		if err != nil {
+			// Immediate EOF is unexpected.
+			if err == io.EOF && i != 0 {
+				break
+			}
+			return err
+		}
+		sizeBuf = append(sizeBuf, b)
+		if b < 0x80 {
+			break
+		}
+	}
+	size, n := protowire.ConsumeVarint(sizeBuf)
+	if n < 0 {
+		return protowire.ParseError(n)
+	}
+
+	maxSize := o.MaxSize
+	if maxSize == 0 {
+		maxSize = defaultMaxSize
+	}
+	if maxSize != -1 && size > uint64(maxSize) {
+		return errors.Wrap(&SizeTooLargeError{Size: size, MaxSize: uint64(maxSize)}, "")
+	}
+
+	var b []byte
+	var err error
+	if br, ok := r.(*bufio.Reader); ok {
+		// Use the []byte from the bufio.Reader instead of having to allocate one.
+		// This reduces CPU usage and allocated bytes.
+		b, err = br.Peek(int(size))
+		if err == nil {
+			defer br.Discard(int(size))
+		} else {
+			b = nil
+		}
+	}
+	if b == nil {
+		b = make([]byte, size)
+		_, err = io.ReadFull(r, b)
+	}
+
+	if err == io.EOF {
+		return io.ErrUnexpectedEOF
+	}
+	if err != nil {
+		return err
+	}
+	if err := o.Unmarshal(b, m); err != nil {
+		return err
+	}
+	return nil
+}
+
+// UnmarshalFrom parses and consumes a varint size-delimited wire-format message
+// from r with the default options.
+// The provided message must be mutable (e.g., a non-nil pointer to a message).
+//
+// See the documentation for [UnmarshalOptions.UnmarshalFrom].
+func UnmarshalFrom(r Reader, m proto.Message) error {
+	return UnmarshalOptions{}.UnmarshalFrom(r, m)
+}
diff --git a/vendor/google.golang.org/protobuf/encoding/prototext/decode.go b/vendor/google.golang.org/protobuf/encoding/prototext/decode.go
index 4921b2d4a..a45f112bc 100644
--- a/vendor/google.golang.org/protobuf/encoding/prototext/decode.go
+++ b/vendor/google.golang.org/protobuf/encoding/prototext/decode.go
@@ -21,7 +21,7 @@ import (
 	"google.golang.org/protobuf/reflect/protoregistry"
 )
 
-// Unmarshal reads the given []byte into the given proto.Message.
+// Unmarshal reads the given []byte into the given [proto.Message].
 // The provided message must be mutable (e.g., a non-nil pointer to a message).
 func Unmarshal(b []byte, m proto.Message) error {
 	return UnmarshalOptions{}.Unmarshal(b, m)
@@ -51,7 +51,7 @@ type UnmarshalOptions struct {
 	}
 }
 
-// Unmarshal reads the given []byte and populates the given proto.Message
+// Unmarshal reads the given []byte and populates the given [proto.Message]
 // using options in the UnmarshalOptions object.
 // The provided message must be mutable (e.g., a non-nil pointer to a message).
 func (o UnmarshalOptions) Unmarshal(b []byte, m proto.Message) error {
@@ -739,7 +739,9 @@ func (d decoder) skipValue() error {
 			case text.ListClose:
 				return nil
 			case text.MessageOpen:
-				return d.skipMessageValue()
+				if err := d.skipMessageValue(); err != nil {
+					return err
+				}
 			default:
 				// Skip items. This will not validate whether skipped values are
 				// of the same type or not, same behavior as C++
diff --git a/vendor/google.golang.org/protobuf/encoding/prototext/encode.go b/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
index 722a7b41d..95967e811 100644
--- a/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
+++ b/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
@@ -33,7 +33,7 @@ func Format(m proto.Message) string {
 	return MarshalOptions{Multiline: true}.Format(m)
 }
 
-// Marshal writes the given proto.Message in textproto format using default
+// Marshal writes the given [proto.Message] in textproto format using default
 // options. Do not depend on the output being stable. It may change over time
 // across different versions of the program.
 func Marshal(m proto.Message) ([]byte, error) {
@@ -97,7 +97,7 @@ func (o MarshalOptions) Format(m proto.Message) string {
 	return string(b)
 }
 
-// Marshal writes the given proto.Message in textproto format using options in
+// Marshal writes the given [proto.Message] in textproto format using options in
 // MarshalOptions object. Do not depend on the output being stable. It may
 // change over time across different versions of the program.
 func (o MarshalOptions) Marshal(m proto.Message) ([]byte, error) {
diff --git a/vendor/google.golang.org/protobuf/encoding/protowire/wire.go b/vendor/google.golang.org/protobuf/encoding/protowire/wire.go
index f4b4686cf..e942bc983 100644
--- a/vendor/google.golang.org/protobuf/encoding/protowire/wire.go
+++ b/vendor/google.golang.org/protobuf/encoding/protowire/wire.go
@@ -6,7 +6,7 @@
 // See https://protobuf.dev/programming-guides/encoding.
 //
 // For marshaling and unmarshaling entire protobuf messages,
-// use the "google.golang.org/protobuf/proto" package instead.
+// use the [google.golang.org/protobuf/proto] package instead.
 package protowire
 
 import (
@@ -87,7 +87,7 @@ func ParseError(n int) error {
 
 // ConsumeField parses an entire field record (both tag and value) and returns
 // the field number, the wire type, and the total length.
-// This returns a negative length upon an error (see ParseError).
+// This returns a negative length upon an error (see [ParseError]).
 //
 // The total length includes the tag header and the end group marker (if the
 // field is a group).
@@ -104,8 +104,8 @@ func ConsumeField(b []byte) (Number, Type, int) {
 }
 
 // ConsumeFieldValue parses a field value and returns its length.
-// This assumes that the field Number and wire Type have already been parsed.
-// This returns a negative length upon an error (see ParseError).
+// This assumes that the field [Number] and wire [Type] have already been parsed.
+// This returns a negative length upon an error (see [ParseError]).
 //
 // When parsing a group, the length includes the end group marker and
 // the end group is verified to match the starting field number.
@@ -164,7 +164,7 @@ func AppendTag(b []byte, num Number, typ Type) []byte {
 }
 
 // ConsumeTag parses b as a varint-encoded tag, reporting its length.
-// This returns a negative length upon an error (see ParseError).
+// This returns a negative length upon an error (see [ParseError]).
 func ConsumeTag(b []byte) (Number, Type, int) {
 	v, n := ConsumeVarint(b)
 	if n < 0 {
@@ -263,7 +263,7 @@ func AppendVarint(b []byte, v uint64) []byte {
 }
 
 // ConsumeVarint parses b as a varint-encoded uint64, reporting its length.
-// This returns a negative length upon an error (see ParseError).
+// This returns a negative length upon an error (see [ParseError]).
 func ConsumeVarint(b []byte) (v uint64, n int) {
 	var y uint64
 	if len(b) <= 0 {
@@ -384,7 +384,7 @@ func AppendFixed32(b []byte, v uint32) []byte {
 }
 
 // ConsumeFixed32 parses b as a little-endian uint32, reporting its length.
-// This returns a negative length upon an error (see ParseError).
+// This returns a negative length upon an error (see [ParseError]).
 func ConsumeFixed32(b []byte) (v uint32, n int) {
 	if len(b) < 4 {
 		return 0, errCodeTruncated
@@ -412,7 +412,7 @@ func AppendFixed64(b []byte, v uint64) []byte {
 }
 
 // ConsumeFixed64 parses b as a little-endian uint64, reporting its length.
-// This returns a negative length upon an error (see ParseError).
+// This returns a negative length upon an error (see [ParseError]).
 func ConsumeFixed64(b []byte) (v uint64, n int) {
 	if len(b) < 8 {
 		return 0, errCodeTruncated
@@ -432,7 +432,7 @@ func AppendBytes(b []byte, v []byte) []byte {
 }
 
 // ConsumeBytes parses b as a length-prefixed bytes value, reporting its length.
-// This returns a negative length upon an error (see ParseError).
+// This returns a negative length upon an error (see [ParseError]).
 func ConsumeBytes(b []byte) (v []byte, n int) {
 	m, n := ConsumeVarint(b)
 	if n < 0 {
@@ -456,7 +456,7 @@ func AppendString(b []byte, v string) []byte {
 }
 
 // ConsumeString parses b as a length-prefixed bytes value, reporting its length.
-// This returns a negative length upon an error (see ParseError).
+// This returns a negative length upon an error (see [ParseError]).
 func ConsumeString(b []byte) (v string, n int) {
 	bb, n := ConsumeBytes(b)
 	return string(bb), n
@@ -471,7 +471,7 @@ func AppendGroup(b []byte, num Number, v []byte) []byte {
 // ConsumeGroup parses b as a group value until the trailing end group marker,
 // and verifies that the end marker matches the provided num. The value v
 // does not contain the end marker, while the length does contain the end marker.
-// This returns a negative length upon an error (see ParseError).
+// This returns a negative length upon an error (see [ParseError]).
 func ConsumeGroup(num Number, b []byte) (v []byte, n int) {
 	n = ConsumeFieldValue(num, StartGroupType, b)
 	if n < 0 {
@@ -495,8 +495,8 @@ func SizeGroup(num Number, n int) int {
 	return n + SizeTag(num)
 }
 
-// DecodeTag decodes the field Number and wire Type from its unified form.
-// The Number is -1 if the decoded field number overflows int32.
+// DecodeTag decodes the field [Number] and wire [Type] from its unified form.
+// The [Number] is -1 if the decoded field number overflows int32.
 // Other than overflow, this does not check for field number validity.
 func DecodeTag(x uint64) (Number, Type) {
 	// NOTE: MessageSet allows for larger field numbers than normal.
@@ -506,7 +506,7 @@ func DecodeTag(x uint64) (Number, Type) {
 	return Number(x >> 3), Type(x & 7)
 }
 
-// EncodeTag encodes the field Number and wire Type into its unified form.
+// EncodeTag encodes the field [Number] and wire [Type] into its unified form.
 func EncodeTag(num Number, typ Type) uint64 {
 	return uint64(num)<<3 | uint64(typ&7)
 }
diff --git a/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go b/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go
index db5248e1b..a45625c8d 100644
--- a/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go
+++ b/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go
@@ -83,7 +83,13 @@ func formatListOpt(vs list, isRoot, allowMulti bool) string {
 	case protoreflect.FileImports:
 		for i := 0; i < vs.Len(); i++ {
 			var rs records
-			rs.Append(reflect.ValueOf(vs.Get(i)), "Path", "Package", "IsPublic", "IsWeak")
+			rv := reflect.ValueOf(vs.Get(i))
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("Path"), "Path"},
+				{rv.MethodByName("Package"), "Package"},
+				{rv.MethodByName("IsPublic"), "IsPublic"},
+				{rv.MethodByName("IsWeak"), "IsWeak"},
+			}...)
 			ss = append(ss, "{"+rs.Join()+"}")
 		}
 		return start + joinStrings(ss, allowMulti) + end
@@ -92,34 +98,26 @@ func formatListOpt(vs list, isRoot, allowMulti bool) string {
 		for i := 0; i < vs.Len(); i++ {
 			m := reflect.ValueOf(vs).MethodByName("Get")
 			v := m.Call([]reflect.Value{reflect.ValueOf(i)})[0].Interface()
-			ss = append(ss, formatDescOpt(v.(protoreflect.Descriptor), false, allowMulti && !isEnumValue))
+			ss = append(ss, formatDescOpt(v.(protoreflect.Descriptor), false, allowMulti && !isEnumValue, nil))
 		}
 		return start + joinStrings(ss, allowMulti && isEnumValue) + end
 	}
 }
 
-// descriptorAccessors is a list of accessors to print for each descriptor.
-//
-// Do not print all accessors since some contain redundant information,
-// while others are pointers that we do not want to follow since the descriptor
-// is actually a cyclic graph.
-//
-// Using a list allows us to print the accessors in a sensible order.
-var descriptorAccessors = map[reflect.Type][]string{
-	reflect.TypeOf((*protoreflect.FileDescriptor)(nil)).Elem():      {"Path", "Package", "Imports", "Messages", "Enums", "Extensions", "Services"},
-	reflect.TypeOf((*protoreflect.MessageDescriptor)(nil)).Elem():   {"IsMapEntry", "Fields", "Oneofs", "ReservedNames", "ReservedRanges", "RequiredNumbers", "ExtensionRanges", "Messages", "Enums", "Extensions"},
-	reflect.TypeOf((*protoreflect.FieldDescriptor)(nil)).Elem():     {"Number", "Cardinality", "Kind", "HasJSONName", "JSONName", "HasPresence", "IsExtension", "IsPacked", "IsWeak", "IsList", "IsMap", "MapKey", "MapValue", "HasDefault", "Default", "ContainingOneof", "ContainingMessage", "Message", "Enum"},
-	reflect.TypeOf((*protoreflect.OneofDescriptor)(nil)).Elem():     {"Fields"}, // not directly used; must keep in sync with formatDescOpt
-	reflect.TypeOf((*protoreflect.EnumDescriptor)(nil)).Elem():      {"Values", "ReservedNames", "ReservedRanges"},
-	reflect.TypeOf((*protoreflect.EnumValueDescriptor)(nil)).Elem(): {"Number"},
-	reflect.TypeOf((*protoreflect.ServiceDescriptor)(nil)).Elem():   {"Methods"},
-	reflect.TypeOf((*protoreflect.MethodDescriptor)(nil)).Elem():    {"Input", "Output", "IsStreamingClient", "IsStreamingServer"},
+type methodAndName struct {
+	method reflect.Value
+	name   string
 }
 
 func FormatDesc(s fmt.State, r rune, t protoreflect.Descriptor) {
-	io.WriteString(s, formatDescOpt(t, true, r == 'v' && (s.Flag('+') || s.Flag('#'))))
+	io.WriteString(s, formatDescOpt(t, true, r == 'v' && (s.Flag('+') || s.Flag('#')), nil))
 }
-func formatDescOpt(t protoreflect.Descriptor, isRoot, allowMulti bool) string {
+
+func InternalFormatDescOptForTesting(t protoreflect.Descriptor, isRoot, allowMulti bool, record func(string)) string {
+	return formatDescOpt(t, isRoot, allowMulti, record)
+}
+
+func formatDescOpt(t protoreflect.Descriptor, isRoot, allowMulti bool, record func(string)) string {
 	rv := reflect.ValueOf(t)
 	rt := rv.MethodByName("ProtoType").Type().In(0)
 
@@ -129,26 +127,60 @@ func formatDescOpt(t protoreflect.Descriptor, isRoot, allowMulti bool) string {
 	}
 
 	_, isFile := t.(protoreflect.FileDescriptor)
-	rs := records{allowMulti: allowMulti}
+	rs := records{
+		allowMulti: allowMulti,
+		record:     record,
+	}
 	if t.IsPlaceholder() {
 		if isFile {
-			rs.Append(rv, "Path", "Package", "IsPlaceholder")
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("Path"), "Path"},
+				{rv.MethodByName("Package"), "Package"},
+				{rv.MethodByName("IsPlaceholder"), "IsPlaceholder"},
+			}...)
 		} else {
-			rs.Append(rv, "FullName", "IsPlaceholder")
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("FullName"), "FullName"},
+				{rv.MethodByName("IsPlaceholder"), "IsPlaceholder"},
+			}...)
 		}
 	} else {
 		switch {
 		case isFile:
-			rs.Append(rv, "Syntax")
+			rs.Append(rv, methodAndName{rv.MethodByName("Syntax"), "Syntax"})
 		case isRoot:
-			rs.Append(rv, "Syntax", "FullName")
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("Syntax"), "Syntax"},
+				{rv.MethodByName("FullName"), "FullName"},
+			}...)
 		default:
-			rs.Append(rv, "Name")
+			rs.Append(rv, methodAndName{rv.MethodByName("Name"), "Name"})
 		}
 		switch t := t.(type) {
 		case protoreflect.FieldDescriptor:
-			for _, s := range descriptorAccessors[rt] {
-				switch s {
+			accessors := []methodAndName{
+				{rv.MethodByName("Number"), "Number"},
+				{rv.MethodByName("Cardinality"), "Cardinality"},
+				{rv.MethodByName("Kind"), "Kind"},
+				{rv.MethodByName("HasJSONName"), "HasJSONName"},
+				{rv.MethodByName("JSONName"), "JSONName"},
+				{rv.MethodByName("HasPresence"), "HasPresence"},
+				{rv.MethodByName("IsExtension"), "IsExtension"},
+				{rv.MethodByName("IsPacked"), "IsPacked"},
+				{rv.MethodByName("IsWeak"), "IsWeak"},
+				{rv.MethodByName("IsList"), "IsList"},
+				{rv.MethodByName("IsMap"), "IsMap"},
+				{rv.MethodByName("MapKey"), "MapKey"},
+				{rv.MethodByName("MapValue"), "MapValue"},
+				{rv.MethodByName("HasDefault"), "HasDefault"},
+				{rv.MethodByName("Default"), "Default"},
+				{rv.MethodByName("ContainingOneof"), "ContainingOneof"},
+				{rv.MethodByName("ContainingMessage"), "ContainingMessage"},
+				{rv.MethodByName("Message"), "Message"},
+				{rv.MethodByName("Enum"), "Enum"},
+			}
+			for _, s := range accessors {
+				switch s.name {
 				case "MapKey":
 					if k := t.MapKey(); k != nil {
 						rs.recs = append(rs.recs, [2]string{"MapKey", k.Kind().String()})
@@ -157,20 +189,20 @@ func formatDescOpt(t protoreflect.Descriptor, isRoot, allowMulti bool) string {
 					if v := t.MapValue(); v != nil {
 						switch v.Kind() {
 						case protoreflect.EnumKind:
-							rs.recs = append(rs.recs, [2]string{"MapValue", string(v.Enum().FullName())})
+							rs.AppendRecs("MapValue", [2]string{"MapValue", string(v.Enum().FullName())})
 						case protoreflect.MessageKind, protoreflect.GroupKind:
-							rs.recs = append(rs.recs, [2]string{"MapValue", string(v.Message().FullName())})
+							rs.AppendRecs("MapValue", [2]string{"MapValue", string(v.Message().FullName())})
 						default:
-							rs.recs = append(rs.recs, [2]string{"MapValue", v.Kind().String()})
+							rs.AppendRecs("MapValue", [2]string{"MapValue", v.Kind().String()})
 						}
 					}
 				case "ContainingOneof":
 					if od := t.ContainingOneof(); od != nil {
-						rs.recs = append(rs.recs, [2]string{"Oneof", string(od.Name())})
+						rs.AppendRecs("ContainingOneof", [2]string{"Oneof", string(od.Name())})
 					}
 				case "ContainingMessage":
 					if t.IsExtension() {
-						rs.recs = append(rs.recs, [2]string{"Extendee", string(t.ContainingMessage().FullName())})
+						rs.AppendRecs("ContainingMessage", [2]string{"Extendee", string(t.ContainingMessage().FullName())})
 					}
 				case "Message":
 					if !t.IsMap() {
@@ -187,13 +219,61 @@ func formatDescOpt(t protoreflect.Descriptor, isRoot, allowMulti bool) string {
 				ss = append(ss, string(fs.Get(i).Name()))
 			}
 			if len(ss) > 0 {
-				rs.recs = append(rs.recs, [2]string{"Fields", "[" + joinStrings(ss, false) + "]"})
+				rs.AppendRecs("Fields", [2]string{"Fields", "[" + joinStrings(ss, false) + "]"})
 			}
-		default:
-			rs.Append(rv, descriptorAccessors[rt]...)
+
+		case protoreflect.FileDescriptor:
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("Path"), "Path"},
+				{rv.MethodByName("Package"), "Package"},
+				{rv.MethodByName("Imports"), "Imports"},
+				{rv.MethodByName("Messages"), "Messages"},
+				{rv.MethodByName("Enums"), "Enums"},
+				{rv.MethodByName("Extensions"), "Extensions"},
+				{rv.MethodByName("Services"), "Services"},
+			}...)
+
+		case protoreflect.MessageDescriptor:
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("IsMapEntry"), "IsMapEntry"},
+				{rv.MethodByName("Fields"), "Fields"},
+				{rv.MethodByName("Oneofs"), "Oneofs"},
+				{rv.MethodByName("ReservedNames"), "ReservedNames"},
+				{rv.MethodByName("ReservedRanges"), "ReservedRanges"},
+				{rv.MethodByName("RequiredNumbers"), "RequiredNumbers"},
+				{rv.MethodByName("ExtensionRanges"), "ExtensionRanges"},
+				{rv.MethodByName("Messages"), "Messages"},
+				{rv.MethodByName("Enums"), "Enums"},
+				{rv.MethodByName("Extensions"), "Extensions"},
+			}...)
+
+		case protoreflect.EnumDescriptor:
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("Values"), "Values"},
+				{rv.MethodByName("ReservedNames"), "ReservedNames"},
+				{rv.MethodByName("ReservedRanges"), "ReservedRanges"},
+			}...)
+
+		case protoreflect.EnumValueDescriptor:
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("Number"), "Number"},
+			}...)
+
+		case protoreflect.ServiceDescriptor:
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("Methods"), "Methods"},
+			}...)
+
+		case protoreflect.MethodDescriptor:
+			rs.Append(rv, []methodAndName{
+				{rv.MethodByName("Input"), "Input"},
+				{rv.MethodByName("Output"), "Output"},
+				{rv.MethodByName("IsStreamingClient"), "IsStreamingClient"},
+				{rv.MethodByName("IsStreamingServer"), "IsStreamingServer"},
+			}...)
 		}
-		if rv.MethodByName("GoType").IsValid() {
-			rs.Append(rv, "GoType")
+		if m := rv.MethodByName("GoType"); m.IsValid() {
+			rs.Append(rv, methodAndName{m, "GoType"})
 		}
 	}
 	return start + rs.Join() + end
@@ -202,19 +282,34 @@ func formatDescOpt(t protoreflect.Descriptor, isRoot, allowMulti bool) string {
 type records struct {
 	recs       [][2]string
 	allowMulti bool
+
+	// record is a function that will be called for every Append() or
+	// AppendRecs() call, to be used for testing with the
+	// InternalFormatDescOptForTesting function.
+	record func(string)
 }
 
-func (rs *records) Append(v reflect.Value, accessors ...string) {
+func (rs *records) AppendRecs(fieldName string, newRecs [2]string) {
+	if rs.record != nil {
+		rs.record(fieldName)
+	}
+	rs.recs = append(rs.recs, newRecs)
+}
+
+func (rs *records) Append(v reflect.Value, accessors ...methodAndName) {
 	for _, a := range accessors {
+		if rs.record != nil {
+			rs.record(a.name)
+		}
 		var rv reflect.Value
-		if m := v.MethodByName(a); m.IsValid() {
-			rv = m.Call(nil)[0]
+		if a.method.IsValid() {
+			rv = a.method.Call(nil)[0]
 		}
 		if v.Kind() == reflect.Struct && !rv.IsValid() {
-			rv = v.FieldByName(a)
+			rv = v.FieldByName(a.name)
 		}
 		if !rv.IsValid() {
-			panic(fmt.Sprintf("unknown accessor: %v.%s", v.Type(), a))
+			panic(fmt.Sprintf("unknown accessor: %v.%s", v.Type(), a.name))
 		}
 		if _, ok := rv.Interface().(protoreflect.Value); ok {
 			rv = rv.MethodByName("Interface").Call(nil)[0]
@@ -261,7 +356,7 @@ func (rs *records) Append(v reflect.Value, accessors ...string) {
 		default:
 			s = fmt.Sprint(v)
 		}
-		rs.recs = append(rs.recs, [2]string{a, s})
+		rs.recs = append(rs.recs, [2]string{a.name, s})
 	}
 }
 
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
index 7c3689bae..193c68e8f 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
@@ -21,11 +21,26 @@ import (
 	"google.golang.org/protobuf/reflect/protoregistry"
 )
 
+// Edition is an Enum for proto2.Edition
+type Edition int32
+
+// These values align with the value of Enum in descriptor.proto which allows
+// direct conversion between the proto enum and this enum.
+const (
+	EditionUnknown     Edition = 0
+	EditionProto2      Edition = 998
+	EditionProto3      Edition = 999
+	Edition2023        Edition = 1000
+	EditionUnsupported Edition = 100000
+)
+
 // The types in this file may have a suffix:
 //	• L0: Contains fields common to all descriptors (except File) and
 //	must be initialized up front.
 //	• L1: Contains fields specific to a descriptor and
-//	must be initialized up front.
+//	must be initialized up front. If the associated proto uses Editions, the
+//  Editions features must always be resolved. If not explicitly set, the
+//  appropriate default must be resolved and set.
 //	• L2: Contains fields that are lazily initialized when constructing
 //	from the raw file descriptor. When constructing as a literal, the L2
 //	fields must be initialized up front.
@@ -44,6 +59,7 @@ type (
 	}
 	FileL1 struct {
 		Syntax  protoreflect.Syntax
+		Edition Edition // Only used if Syntax == Editions
 		Path    string
 		Package protoreflect.FullName
 
@@ -51,12 +67,35 @@ type (
 		Messages   Messages
 		Extensions Extensions
 		Services   Services
+
+		EditionFeatures FileEditionFeatures
 	}
 	FileL2 struct {
 		Options   func() protoreflect.ProtoMessage
 		Imports   FileImports
 		Locations SourceLocations
 	}
+
+	FileEditionFeatures struct {
+		// IsFieldPresence is true if field_presence is EXPLICIT
+		// https://protobuf.dev/editions/features/#field_presence
+		IsFieldPresence bool
+		// IsOpenEnum is true if enum_type is OPEN
+		// https://protobuf.dev/editions/features/#enum_type
+		IsOpenEnum bool
+		// IsPacked is true if repeated_field_encoding is PACKED
+		// https://protobuf.dev/editions/features/#repeated_field_encoding
+		IsPacked bool
+		// IsUTF8Validated is true if utf_validation is VERIFY
+		// https://protobuf.dev/editions/features/#utf8_validation
+		IsUTF8Validated bool
+		// IsDelimitedEncoded is true if message_encoding is DELIMITED
+		// https://protobuf.dev/editions/features/#message_encoding
+		IsDelimitedEncoded bool
+		// IsJSONCompliant is true if json_format is ALLOW
+		// https://protobuf.dev/editions/features/#json_format
+		IsJSONCompliant bool
+	}
 )
 
 func (fd *File) ParentFile() protoreflect.FileDescriptor { return fd }
@@ -210,6 +249,9 @@ type (
 		ContainingOneof  protoreflect.OneofDescriptor // must be consistent with Message.Oneofs.Fields
 		Enum             protoreflect.EnumDescriptor
 		Message          protoreflect.MessageDescriptor
+
+		// Edition features.
+		Presence bool
 	}
 
 	Oneof struct {
@@ -273,6 +315,9 @@ func (fd *Field) HasJSONName() bool                     { return fd.L1.StringNam
 func (fd *Field) JSONName() string                      { return fd.L1.StringName.getJSON(fd) }
 func (fd *Field) TextName() string                      { return fd.L1.StringName.getText(fd) }
 func (fd *Field) HasPresence() bool {
+	if fd.L0.ParentFile.L1.Syntax == protoreflect.Editions {
+		return fd.L1.Presence || fd.L1.Message != nil || fd.L1.ContainingOneof != nil
+	}
 	return fd.L1.Cardinality != protoreflect.Repeated && (fd.L0.ParentFile.L1.Syntax == protoreflect.Proto2 || fd.L1.Message != nil || fd.L1.ContainingOneof != nil)
 }
 func (fd *Field) HasOptionalKeyword() bool {
diff --git a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
index 136f1b215..8f94230ea 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
@@ -12,6 +12,12 @@ import (
 
 const File_google_protobuf_descriptor_proto = "google/protobuf/descriptor.proto"
 
+// Full and short names for google.protobuf.Edition.
+const (
+	Edition_enum_fullname = "google.protobuf.Edition"
+	Edition_enum_name     = "Edition"
+)
+
 // Names for google.protobuf.FileDescriptorSet.
 const (
 	FileDescriptorSet_message_name     protoreflect.Name     = "FileDescriptorSet"
@@ -81,7 +87,7 @@ const (
 	FileDescriptorProto_Options_field_number          protoreflect.FieldNumber = 8
 	FileDescriptorProto_SourceCodeInfo_field_number   protoreflect.FieldNumber = 9
 	FileDescriptorProto_Syntax_field_number           protoreflect.FieldNumber = 12
-	FileDescriptorProto_Edition_field_number          protoreflect.FieldNumber = 13
+	FileDescriptorProto_Edition_field_number          protoreflect.FieldNumber = 14
 )
 
 // Names for google.protobuf.DescriptorProto.
@@ -184,10 +190,12 @@ const (
 const (
 	ExtensionRangeOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 	ExtensionRangeOptions_Declaration_field_name         protoreflect.Name = "declaration"
+	ExtensionRangeOptions_Features_field_name            protoreflect.Name = "features"
 	ExtensionRangeOptions_Verification_field_name        protoreflect.Name = "verification"
 
 	ExtensionRangeOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.uninterpreted_option"
 	ExtensionRangeOptions_Declaration_field_fullname         protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.declaration"
+	ExtensionRangeOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.features"
 	ExtensionRangeOptions_Verification_field_fullname        protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.verification"
 )
 
@@ -195,6 +203,7 @@ const (
 const (
 	ExtensionRangeOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 	ExtensionRangeOptions_Declaration_field_number         protoreflect.FieldNumber = 2
+	ExtensionRangeOptions_Features_field_number            protoreflect.FieldNumber = 50
 	ExtensionRangeOptions_Verification_field_number        protoreflect.FieldNumber = 3
 )
 
@@ -212,29 +221,26 @@ const (
 
 // Field names for google.protobuf.ExtensionRangeOptions.Declaration.
 const (
-	ExtensionRangeOptions_Declaration_Number_field_name     protoreflect.Name = "number"
-	ExtensionRangeOptions_Declaration_FullName_field_name   protoreflect.Name = "full_name"
-	ExtensionRangeOptions_Declaration_Type_field_name       protoreflect.Name = "type"
-	ExtensionRangeOptions_Declaration_IsRepeated_field_name protoreflect.Name = "is_repeated"
-	ExtensionRangeOptions_Declaration_Reserved_field_name   protoreflect.Name = "reserved"
-	ExtensionRangeOptions_Declaration_Repeated_field_name   protoreflect.Name = "repeated"
+	ExtensionRangeOptions_Declaration_Number_field_name   protoreflect.Name = "number"
+	ExtensionRangeOptions_Declaration_FullName_field_name protoreflect.Name = "full_name"
+	ExtensionRangeOptions_Declaration_Type_field_name     protoreflect.Name = "type"
+	ExtensionRangeOptions_Declaration_Reserved_field_name protoreflect.Name = "reserved"
+	ExtensionRangeOptions_Declaration_Repeated_field_name protoreflect.Name = "repeated"
 
-	ExtensionRangeOptions_Declaration_Number_field_fullname     protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.number"
-	ExtensionRangeOptions_Declaration_FullName_field_fullname   protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.full_name"
-	ExtensionRangeOptions_Declaration_Type_field_fullname       protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.type"
-	ExtensionRangeOptions_Declaration_IsRepeated_field_fullname protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.is_repeated"
-	ExtensionRangeOptions_Declaration_Reserved_field_fullname   protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.reserved"
-	ExtensionRangeOptions_Declaration_Repeated_field_fullname   protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.repeated"
+	ExtensionRangeOptions_Declaration_Number_field_fullname   protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.number"
+	ExtensionRangeOptions_Declaration_FullName_field_fullname protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.full_name"
+	ExtensionRangeOptions_Declaration_Type_field_fullname     protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.type"
+	ExtensionRangeOptions_Declaration_Reserved_field_fullname protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.reserved"
+	ExtensionRangeOptions_Declaration_Repeated_field_fullname protoreflect.FullName = "google.protobuf.ExtensionRangeOptions.Declaration.repeated"
 )
 
 // Field numbers for google.protobuf.ExtensionRangeOptions.Declaration.
 const (
-	ExtensionRangeOptions_Declaration_Number_field_number     protoreflect.FieldNumber = 1
-	ExtensionRangeOptions_Declaration_FullName_field_number   protoreflect.FieldNumber = 2
-	ExtensionRangeOptions_Declaration_Type_field_number       protoreflect.FieldNumber = 3
-	ExtensionRangeOptions_Declaration_IsRepeated_field_number protoreflect.FieldNumber = 4
-	ExtensionRangeOptions_Declaration_Reserved_field_number   protoreflect.FieldNumber = 5
-	ExtensionRangeOptions_Declaration_Repeated_field_number   protoreflect.FieldNumber = 6
+	ExtensionRangeOptions_Declaration_Number_field_number   protoreflect.FieldNumber = 1
+	ExtensionRangeOptions_Declaration_FullName_field_number protoreflect.FieldNumber = 2
+	ExtensionRangeOptions_Declaration_Type_field_number     protoreflect.FieldNumber = 3
+	ExtensionRangeOptions_Declaration_Reserved_field_number protoreflect.FieldNumber = 5
+	ExtensionRangeOptions_Declaration_Repeated_field_number protoreflect.FieldNumber = 6
 )
 
 // Names for google.protobuf.FieldDescriptorProto.
@@ -478,6 +484,7 @@ const (
 	FileOptions_PhpNamespace_field_name              protoreflect.Name = "php_namespace"
 	FileOptions_PhpMetadataNamespace_field_name      protoreflect.Name = "php_metadata_namespace"
 	FileOptions_RubyPackage_field_name               protoreflect.Name = "ruby_package"
+	FileOptions_Features_field_name                  protoreflect.Name = "features"
 	FileOptions_UninterpretedOption_field_name       protoreflect.Name = "uninterpreted_option"
 
 	FileOptions_JavaPackage_field_fullname               protoreflect.FullName = "google.protobuf.FileOptions.java_package"
@@ -500,6 +507,7 @@ const (
 	FileOptions_PhpNamespace_field_fullname              protoreflect.FullName = "google.protobuf.FileOptions.php_namespace"
 	FileOptions_PhpMetadataNamespace_field_fullname      protoreflect.FullName = "google.protobuf.FileOptions.php_metadata_namespace"
 	FileOptions_RubyPackage_field_fullname               protoreflect.FullName = "google.protobuf.FileOptions.ruby_package"
+	FileOptions_Features_field_fullname                  protoreflect.FullName = "google.protobuf.FileOptions.features"
 	FileOptions_UninterpretedOption_field_fullname       protoreflect.FullName = "google.protobuf.FileOptions.uninterpreted_option"
 )
 
@@ -525,6 +533,7 @@ const (
 	FileOptions_PhpNamespace_field_number              protoreflect.FieldNumber = 41
 	FileOptions_PhpMetadataNamespace_field_number      protoreflect.FieldNumber = 44
 	FileOptions_RubyPackage_field_number               protoreflect.FieldNumber = 45
+	FileOptions_Features_field_number                  protoreflect.FieldNumber = 50
 	FileOptions_UninterpretedOption_field_number       protoreflect.FieldNumber = 999
 )
 
@@ -547,6 +556,7 @@ const (
 	MessageOptions_Deprecated_field_name                         protoreflect.Name = "deprecated"
 	MessageOptions_MapEntry_field_name                           protoreflect.Name = "map_entry"
 	MessageOptions_DeprecatedLegacyJsonFieldConflicts_field_name protoreflect.Name = "deprecated_legacy_json_field_conflicts"
+	MessageOptions_Features_field_name                           protoreflect.Name = "features"
 	MessageOptions_UninterpretedOption_field_name                protoreflect.Name = "uninterpreted_option"
 
 	MessageOptions_MessageSetWireFormat_field_fullname               protoreflect.FullName = "google.protobuf.MessageOptions.message_set_wire_format"
@@ -554,6 +564,7 @@ const (
 	MessageOptions_Deprecated_field_fullname                         protoreflect.FullName = "google.protobuf.MessageOptions.deprecated"
 	MessageOptions_MapEntry_field_fullname                           protoreflect.FullName = "google.protobuf.MessageOptions.map_entry"
 	MessageOptions_DeprecatedLegacyJsonFieldConflicts_field_fullname protoreflect.FullName = "google.protobuf.MessageOptions.deprecated_legacy_json_field_conflicts"
+	MessageOptions_Features_field_fullname                           protoreflect.FullName = "google.protobuf.MessageOptions.features"
 	MessageOptions_UninterpretedOption_field_fullname                protoreflect.FullName = "google.protobuf.MessageOptions.uninterpreted_option"
 )
 
@@ -564,6 +575,7 @@ const (
 	MessageOptions_Deprecated_field_number                         protoreflect.FieldNumber = 3
 	MessageOptions_MapEntry_field_number                           protoreflect.FieldNumber = 7
 	MessageOptions_DeprecatedLegacyJsonFieldConflicts_field_number protoreflect.FieldNumber = 11
+	MessageOptions_Features_field_number                           protoreflect.FieldNumber = 12
 	MessageOptions_UninterpretedOption_field_number                protoreflect.FieldNumber = 999
 )
 
@@ -584,8 +596,9 @@ const (
 	FieldOptions_Weak_field_name                protoreflect.Name = "weak"
 	FieldOptions_DebugRedact_field_name         protoreflect.Name = "debug_redact"
 	FieldOptions_Retention_field_name           protoreflect.Name = "retention"
-	FieldOptions_Target_field_name              protoreflect.Name = "target"
 	FieldOptions_Targets_field_name             protoreflect.Name = "targets"
+	FieldOptions_EditionDefaults_field_name     protoreflect.Name = "edition_defaults"
+	FieldOptions_Features_field_name            protoreflect.Name = "features"
 	FieldOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
 	FieldOptions_Ctype_field_fullname               protoreflect.FullName = "google.protobuf.FieldOptions.ctype"
@@ -597,8 +610,9 @@ const (
 	FieldOptions_Weak_field_fullname                protoreflect.FullName = "google.protobuf.FieldOptions.weak"
 	FieldOptions_DebugRedact_field_fullname         protoreflect.FullName = "google.protobuf.FieldOptions.debug_redact"
 	FieldOptions_Retention_field_fullname           protoreflect.FullName = "google.protobuf.FieldOptions.retention"
-	FieldOptions_Target_field_fullname              protoreflect.FullName = "google.protobuf.FieldOptions.target"
 	FieldOptions_Targets_field_fullname             protoreflect.FullName = "google.protobuf.FieldOptions.targets"
+	FieldOptions_EditionDefaults_field_fullname     protoreflect.FullName = "google.protobuf.FieldOptions.edition_defaults"
+	FieldOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.FieldOptions.features"
 	FieldOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.uninterpreted_option"
 )
 
@@ -613,8 +627,9 @@ const (
 	FieldOptions_Weak_field_number                protoreflect.FieldNumber = 10
 	FieldOptions_DebugRedact_field_number         protoreflect.FieldNumber = 16
 	FieldOptions_Retention_field_number           protoreflect.FieldNumber = 17
-	FieldOptions_Target_field_number              protoreflect.FieldNumber = 18
 	FieldOptions_Targets_field_number             protoreflect.FieldNumber = 19
+	FieldOptions_EditionDefaults_field_number     protoreflect.FieldNumber = 20
+	FieldOptions_Features_field_number            protoreflect.FieldNumber = 21
 	FieldOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
 
@@ -642,6 +657,27 @@ const (
 	FieldOptions_OptionTargetType_enum_name     = "OptionTargetType"
 )
 
+// Names for google.protobuf.FieldOptions.EditionDefault.
+const (
+	FieldOptions_EditionDefault_message_name     protoreflect.Name     = "EditionDefault"
+	FieldOptions_EditionDefault_message_fullname protoreflect.FullName = "google.protobuf.FieldOptions.EditionDefault"
+)
+
+// Field names for google.protobuf.FieldOptions.EditionDefault.
+const (
+	FieldOptions_EditionDefault_Edition_field_name protoreflect.Name = "edition"
+	FieldOptions_EditionDefault_Value_field_name   protoreflect.Name = "value"
+
+	FieldOptions_EditionDefault_Edition_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.EditionDefault.edition"
+	FieldOptions_EditionDefault_Value_field_fullname   protoreflect.FullName = "google.protobuf.FieldOptions.EditionDefault.value"
+)
+
+// Field numbers for google.protobuf.FieldOptions.EditionDefault.
+const (
+	FieldOptions_EditionDefault_Edition_field_number protoreflect.FieldNumber = 3
+	FieldOptions_EditionDefault_Value_field_number   protoreflect.FieldNumber = 2
+)
+
 // Names for google.protobuf.OneofOptions.
 const (
 	OneofOptions_message_name     protoreflect.Name     = "OneofOptions"
@@ -650,13 +686,16 @@ const (
 
 // Field names for google.protobuf.OneofOptions.
 const (
+	OneofOptions_Features_field_name            protoreflect.Name = "features"
 	OneofOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
+	OneofOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.OneofOptions.features"
 	OneofOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.OneofOptions.uninterpreted_option"
 )
 
 // Field numbers for google.protobuf.OneofOptions.
 const (
+	OneofOptions_Features_field_number            protoreflect.FieldNumber = 1
 	OneofOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
 
@@ -671,11 +710,13 @@ const (
 	EnumOptions_AllowAlias_field_name                         protoreflect.Name = "allow_alias"
 	EnumOptions_Deprecated_field_name                         protoreflect.Name = "deprecated"
 	EnumOptions_DeprecatedLegacyJsonFieldConflicts_field_name protoreflect.Name = "deprecated_legacy_json_field_conflicts"
+	EnumOptions_Features_field_name                           protoreflect.Name = "features"
 	EnumOptions_UninterpretedOption_field_name                protoreflect.Name = "uninterpreted_option"
 
 	EnumOptions_AllowAlias_field_fullname                         protoreflect.FullName = "google.protobuf.EnumOptions.allow_alias"
 	EnumOptions_Deprecated_field_fullname                         protoreflect.FullName = "google.protobuf.EnumOptions.deprecated"
 	EnumOptions_DeprecatedLegacyJsonFieldConflicts_field_fullname protoreflect.FullName = "google.protobuf.EnumOptions.deprecated_legacy_json_field_conflicts"
+	EnumOptions_Features_field_fullname                           protoreflect.FullName = "google.protobuf.EnumOptions.features"
 	EnumOptions_UninterpretedOption_field_fullname                protoreflect.FullName = "google.protobuf.EnumOptions.uninterpreted_option"
 )
 
@@ -684,6 +725,7 @@ const (
 	EnumOptions_AllowAlias_field_number                         protoreflect.FieldNumber = 2
 	EnumOptions_Deprecated_field_number                         protoreflect.FieldNumber = 3
 	EnumOptions_DeprecatedLegacyJsonFieldConflicts_field_number protoreflect.FieldNumber = 6
+	EnumOptions_Features_field_number                           protoreflect.FieldNumber = 7
 	EnumOptions_UninterpretedOption_field_number                protoreflect.FieldNumber = 999
 )
 
@@ -696,15 +738,21 @@ const (
 // Field names for google.protobuf.EnumValueOptions.
 const (
 	EnumValueOptions_Deprecated_field_name          protoreflect.Name = "deprecated"
+	EnumValueOptions_Features_field_name            protoreflect.Name = "features"
+	EnumValueOptions_DebugRedact_field_name         protoreflect.Name = "debug_redact"
 	EnumValueOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
 	EnumValueOptions_Deprecated_field_fullname          protoreflect.FullName = "google.protobuf.EnumValueOptions.deprecated"
+	EnumValueOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.EnumValueOptions.features"
+	EnumValueOptions_DebugRedact_field_fullname         protoreflect.FullName = "google.protobuf.EnumValueOptions.debug_redact"
 	EnumValueOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.EnumValueOptions.uninterpreted_option"
 )
 
 // Field numbers for google.protobuf.EnumValueOptions.
 const (
 	EnumValueOptions_Deprecated_field_number          protoreflect.FieldNumber = 1
+	EnumValueOptions_Features_field_number            protoreflect.FieldNumber = 2
+	EnumValueOptions_DebugRedact_field_number         protoreflect.FieldNumber = 3
 	EnumValueOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
 
@@ -716,15 +764,18 @@ const (
 
 // Field names for google.protobuf.ServiceOptions.
 const (
+	ServiceOptions_Features_field_name            protoreflect.Name = "features"
 	ServiceOptions_Deprecated_field_name          protoreflect.Name = "deprecated"
 	ServiceOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
+	ServiceOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.ServiceOptions.features"
 	ServiceOptions_Deprecated_field_fullname          protoreflect.FullName = "google.protobuf.ServiceOptions.deprecated"
 	ServiceOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.ServiceOptions.uninterpreted_option"
 )
 
 // Field numbers for google.protobuf.ServiceOptions.
 const (
+	ServiceOptions_Features_field_number            protoreflect.FieldNumber = 34
 	ServiceOptions_Deprecated_field_number          protoreflect.FieldNumber = 33
 	ServiceOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
@@ -739,10 +790,12 @@ const (
 const (
 	MethodOptions_Deprecated_field_name          protoreflect.Name = "deprecated"
 	MethodOptions_IdempotencyLevel_field_name    protoreflect.Name = "idempotency_level"
+	MethodOptions_Features_field_name            protoreflect.Name = "features"
 	MethodOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
 	MethodOptions_Deprecated_field_fullname          protoreflect.FullName = "google.protobuf.MethodOptions.deprecated"
 	MethodOptions_IdempotencyLevel_field_fullname    protoreflect.FullName = "google.protobuf.MethodOptions.idempotency_level"
+	MethodOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.MethodOptions.features"
 	MethodOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.MethodOptions.uninterpreted_option"
 )
 
@@ -750,6 +803,7 @@ const (
 const (
 	MethodOptions_Deprecated_field_number          protoreflect.FieldNumber = 33
 	MethodOptions_IdempotencyLevel_field_number    protoreflect.FieldNumber = 34
+	MethodOptions_Features_field_number            protoreflect.FieldNumber = 35
 	MethodOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
 
@@ -816,6 +870,120 @@ const (
 	UninterpretedOption_NamePart_IsExtension_field_number protoreflect.FieldNumber = 2
 )
 
+// Names for google.protobuf.FeatureSet.
+const (
+	FeatureSet_message_name     protoreflect.Name     = "FeatureSet"
+	FeatureSet_message_fullname protoreflect.FullName = "google.protobuf.FeatureSet"
+)
+
+// Field names for google.protobuf.FeatureSet.
+const (
+	FeatureSet_FieldPresence_field_name         protoreflect.Name = "field_presence"
+	FeatureSet_EnumType_field_name              protoreflect.Name = "enum_type"
+	FeatureSet_RepeatedFieldEncoding_field_name protoreflect.Name = "repeated_field_encoding"
+	FeatureSet_Utf8Validation_field_name        protoreflect.Name = "utf8_validation"
+	FeatureSet_MessageEncoding_field_name       protoreflect.Name = "message_encoding"
+	FeatureSet_JsonFormat_field_name            protoreflect.Name = "json_format"
+
+	FeatureSet_FieldPresence_field_fullname         protoreflect.FullName = "google.protobuf.FeatureSet.field_presence"
+	FeatureSet_EnumType_field_fullname              protoreflect.FullName = "google.protobuf.FeatureSet.enum_type"
+	FeatureSet_RepeatedFieldEncoding_field_fullname protoreflect.FullName = "google.protobuf.FeatureSet.repeated_field_encoding"
+	FeatureSet_Utf8Validation_field_fullname        protoreflect.FullName = "google.protobuf.FeatureSet.utf8_validation"
+	FeatureSet_MessageEncoding_field_fullname       protoreflect.FullName = "google.protobuf.FeatureSet.message_encoding"
+	FeatureSet_JsonFormat_field_fullname            protoreflect.FullName = "google.protobuf.FeatureSet.json_format"
+)
+
+// Field numbers for google.protobuf.FeatureSet.
+const (
+	FeatureSet_FieldPresence_field_number         protoreflect.FieldNumber = 1
+	FeatureSet_EnumType_field_number              protoreflect.FieldNumber = 2
+	FeatureSet_RepeatedFieldEncoding_field_number protoreflect.FieldNumber = 3
+	FeatureSet_Utf8Validation_field_number        protoreflect.FieldNumber = 4
+	FeatureSet_MessageEncoding_field_number       protoreflect.FieldNumber = 5
+	FeatureSet_JsonFormat_field_number            protoreflect.FieldNumber = 6
+)
+
+// Full and short names for google.protobuf.FeatureSet.FieldPresence.
+const (
+	FeatureSet_FieldPresence_enum_fullname = "google.protobuf.FeatureSet.FieldPresence"
+	FeatureSet_FieldPresence_enum_name     = "FieldPresence"
+)
+
+// Full and short names for google.protobuf.FeatureSet.EnumType.
+const (
+	FeatureSet_EnumType_enum_fullname = "google.protobuf.FeatureSet.EnumType"
+	FeatureSet_EnumType_enum_name     = "EnumType"
+)
+
+// Full and short names for google.protobuf.FeatureSet.RepeatedFieldEncoding.
+const (
+	FeatureSet_RepeatedFieldEncoding_enum_fullname = "google.protobuf.FeatureSet.RepeatedFieldEncoding"
+	FeatureSet_RepeatedFieldEncoding_enum_name     = "RepeatedFieldEncoding"
+)
+
+// Full and short names for google.protobuf.FeatureSet.Utf8Validation.
+const (
+	FeatureSet_Utf8Validation_enum_fullname = "google.protobuf.FeatureSet.Utf8Validation"
+	FeatureSet_Utf8Validation_enum_name     = "Utf8Validation"
+)
+
+// Full and short names for google.protobuf.FeatureSet.MessageEncoding.
+const (
+	FeatureSet_MessageEncoding_enum_fullname = "google.protobuf.FeatureSet.MessageEncoding"
+	FeatureSet_MessageEncoding_enum_name     = "MessageEncoding"
+)
+
+// Full and short names for google.protobuf.FeatureSet.JsonFormat.
+const (
+	FeatureSet_JsonFormat_enum_fullname = "google.protobuf.FeatureSet.JsonFormat"
+	FeatureSet_JsonFormat_enum_name     = "JsonFormat"
+)
+
+// Names for google.protobuf.FeatureSetDefaults.
+const (
+	FeatureSetDefaults_message_name     protoreflect.Name     = "FeatureSetDefaults"
+	FeatureSetDefaults_message_fullname protoreflect.FullName = "google.protobuf.FeatureSetDefaults"
+)
+
+// Field names for google.protobuf.FeatureSetDefaults.
+const (
+	FeatureSetDefaults_Defaults_field_name       protoreflect.Name = "defaults"
+	FeatureSetDefaults_MinimumEdition_field_name protoreflect.Name = "minimum_edition"
+	FeatureSetDefaults_MaximumEdition_field_name protoreflect.Name = "maximum_edition"
+
+	FeatureSetDefaults_Defaults_field_fullname       protoreflect.FullName = "google.protobuf.FeatureSetDefaults.defaults"
+	FeatureSetDefaults_MinimumEdition_field_fullname protoreflect.FullName = "google.protobuf.FeatureSetDefaults.minimum_edition"
+	FeatureSetDefaults_MaximumEdition_field_fullname protoreflect.FullName = "google.protobuf.FeatureSetDefaults.maximum_edition"
+)
+
+// Field numbers for google.protobuf.FeatureSetDefaults.
+const (
+	FeatureSetDefaults_Defaults_field_number       protoreflect.FieldNumber = 1
+	FeatureSetDefaults_MinimumEdition_field_number protoreflect.FieldNumber = 4
+	FeatureSetDefaults_MaximumEdition_field_number protoreflect.FieldNumber = 5
+)
+
+// Names for google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.
+const (
+	FeatureSetDefaults_FeatureSetEditionDefault_message_name     protoreflect.Name     = "FeatureSetEditionDefault"
+	FeatureSetDefaults_FeatureSetEditionDefault_message_fullname protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault"
+)
+
+// Field names for google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.
+const (
+	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_name  protoreflect.Name = "edition"
+	FeatureSetDefaults_FeatureSetEditionDefault_Features_field_name protoreflect.Name = "features"
+
+	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_fullname  protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.edition"
+	FeatureSetDefaults_FeatureSetEditionDefault_Features_field_fullname protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.features"
+)
+
+// Field numbers for google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.
+const (
+	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_number  protoreflect.FieldNumber = 3
+	FeatureSetDefaults_FeatureSetEditionDefault_Features_field_number protoreflect.FieldNumber = 2
+)
+
 // Names for google.protobuf.SourceCodeInfo.
 const (
 	SourceCodeInfo_message_name     protoreflect.Name     = "SourceCodeInfo"
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_gen.go b/vendor/google.golang.org/protobuf/internal/impl/codec_gen.go
index 1a509b63e..f55dc01e3 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_gen.go
@@ -162,11 +162,20 @@ func appendBoolSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions
 func consumeBoolSlice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.BoolSlice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := 0
+		for _, v := range b {
+			if v < 0x80 {
+				count++
+			}
+		}
+		if count > 0 {
+			p.growBoolSlice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			var v uint64
 			var n int
@@ -732,11 +741,20 @@ func appendInt32Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOption
 func consumeInt32Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Int32Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := 0
+		for _, v := range b {
+			if v < 0x80 {
+				count++
+			}
+		}
+		if count > 0 {
+			p.growInt32Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			var v uint64
 			var n int
@@ -1138,11 +1156,20 @@ func appendSint32Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptio
 func consumeSint32Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Int32Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := 0
+		for _, v := range b {
+			if v < 0x80 {
+				count++
+			}
+		}
+		if count > 0 {
+			p.growInt32Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			var v uint64
 			var n int
@@ -1544,11 +1571,20 @@ func appendUint32Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptio
 func consumeUint32Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Uint32Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := 0
+		for _, v := range b {
+			if v < 0x80 {
+				count++
+			}
+		}
+		if count > 0 {
+			p.growUint32Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			var v uint64
 			var n int
@@ -1950,11 +1986,20 @@ func appendInt64Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOption
 func consumeInt64Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Int64Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := 0
+		for _, v := range b {
+			if v < 0x80 {
+				count++
+			}
+		}
+		if count > 0 {
+			p.growInt64Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			var v uint64
 			var n int
@@ -2356,11 +2401,20 @@ func appendSint64Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptio
 func consumeSint64Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Int64Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := 0
+		for _, v := range b {
+			if v < 0x80 {
+				count++
+			}
+		}
+		if count > 0 {
+			p.growInt64Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			var v uint64
 			var n int
@@ -2762,11 +2816,20 @@ func appendUint64Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptio
 func consumeUint64Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Uint64Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := 0
+		for _, v := range b {
+			if v < 0x80 {
+				count++
+			}
+		}
+		if count > 0 {
+			p.growUint64Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			var v uint64
 			var n int
@@ -3145,11 +3208,15 @@ func appendSfixed32Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOpt
 func consumeSfixed32Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Int32Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := len(b) / protowire.SizeFixed32()
+		if count > 0 {
+			p.growInt32Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			v, n := protowire.ConsumeFixed32(b)
 			if n < 0 {
@@ -3461,11 +3528,15 @@ func appendFixed32Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOpti
 func consumeFixed32Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Uint32Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := len(b) / protowire.SizeFixed32()
+		if count > 0 {
+			p.growUint32Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			v, n := protowire.ConsumeFixed32(b)
 			if n < 0 {
@@ -3777,11 +3848,15 @@ func appendFloatSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOption
 func consumeFloatSlice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Float32Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := len(b) / protowire.SizeFixed32()
+		if count > 0 {
+			p.growFloat32Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			v, n := protowire.ConsumeFixed32(b)
 			if n < 0 {
@@ -4093,11 +4168,15 @@ func appendSfixed64Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOpt
 func consumeSfixed64Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Int64Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := len(b) / protowire.SizeFixed64()
+		if count > 0 {
+			p.growInt64Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			v, n := protowire.ConsumeFixed64(b)
 			if n < 0 {
@@ -4409,11 +4488,15 @@ func appendFixed64Slice(b []byte, p pointer, f *coderFieldInfo, opts marshalOpti
 func consumeFixed64Slice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Uint64Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := len(b) / protowire.SizeFixed64()
+		if count > 0 {
+			p.growUint64Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			v, n := protowire.ConsumeFixed64(b)
 			if n < 0 {
@@ -4725,11 +4808,15 @@ func appendDoubleSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptio
 func consumeDoubleSlice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
 	sp := p.Float64Slice()
 	if wtyp == protowire.BytesType {
-		s := *sp
 		b, n := protowire.ConsumeBytes(b)
 		if n < 0 {
 			return out, errDecode
 		}
+		count := len(b) / protowire.SizeFixed64()
+		if count > 0 {
+			p.growFloat64Slice(count)
+		}
+		s := *sp
 		for len(b) > 0 {
 			v, n := protowire.ConsumeFixed64(b)
 			if n < 0 {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go b/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go
index 61c483fac..2ab2c6297 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go
@@ -206,13 +206,18 @@ func aberrantLoadMessageDescReentrant(t reflect.Type, name protoreflect.FullName
 
 	// Obtain a list of oneof wrapper types.
 	var oneofWrappers []reflect.Type
-	for _, method := range []string{"XXX_OneofFuncs", "XXX_OneofWrappers"} {
-		if fn, ok := t.MethodByName(method); ok {
-			for _, v := range fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))}) {
-				if vs, ok := v.Interface().([]interface{}); ok {
-					for _, v := range vs {
-						oneofWrappers = append(oneofWrappers, reflect.TypeOf(v))
-					}
+	methods := make([]reflect.Method, 0, 2)
+	if m, ok := t.MethodByName("XXX_OneofFuncs"); ok {
+		methods = append(methods, m)
+	}
+	if m, ok := t.MethodByName("XXX_OneofWrappers"); ok {
+		methods = append(methods, m)
+	}
+	for _, fn := range methods {
+		for _, v := range fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))}) {
+			if vs, ok := v.Interface().([]interface{}); ok {
+				for _, v := range vs {
+					oneofWrappers = append(oneofWrappers, reflect.TypeOf(v))
 				}
 			}
 		}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message.go b/vendor/google.golang.org/protobuf/internal/impl/message.go
index 4f5fb67a0..629bacdce 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message.go
@@ -192,12 +192,17 @@ fieldLoop:
 
 	// Derive a mapping of oneof wrappers to fields.
 	oneofWrappers := mi.OneofWrappers
-	for _, method := range []string{"XXX_OneofFuncs", "XXX_OneofWrappers"} {
-		if fn, ok := reflect.PtrTo(t).MethodByName(method); ok {
-			for _, v := range fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))}) {
-				if vs, ok := v.Interface().([]interface{}); ok {
-					oneofWrappers = vs
-				}
+	methods := make([]reflect.Method, 0, 2)
+	if m, ok := reflect.PtrTo(t).MethodByName("XXX_OneofFuncs"); ok {
+		methods = append(methods, m)
+	}
+	if m, ok := reflect.PtrTo(t).MethodByName("XXX_OneofWrappers"); ok {
+		methods = append(methods, m)
+	}
+	for _, fn := range methods {
+		for _, v := range fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))}) {
+			if vs, ok := v.Interface().([]interface{}); ok {
+				oneofWrappers = vs
 			}
 		}
 	}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go b/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go
index 4c491bdf4..517e94434 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go
@@ -159,6 +159,42 @@ func (p pointer) SetPointer(v pointer) {
 	p.v.Elem().Set(v.v)
 }
 
+func growSlice(p pointer, addCap int) {
+	// TODO: Once we only support Go 1.20 and newer, use reflect.Grow.
+	in := p.v.Elem()
+	out := reflect.MakeSlice(in.Type(), in.Len(), in.Len()+addCap)
+	reflect.Copy(out, in)
+	p.v.Elem().Set(out)
+}
+
+func (p pointer) growBoolSlice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growInt32Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growUint32Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growInt64Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growUint64Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growFloat64Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growFloat32Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
 func (Export) MessageStateOf(p Pointer) *messageState     { panic("not supported") }
 func (ms *messageState) pointer() pointer                 { panic("not supported") }
 func (ms *messageState) messageInfo() *MessageInfo        { panic("not supported") }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go b/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go
index ee0e0573e..4b020e311 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go
@@ -138,6 +138,46 @@ func (p pointer) SetPointer(v pointer) {
 	*(*unsafe.Pointer)(p.p) = (unsafe.Pointer)(v.p)
 }
 
+func (p pointer) growBoolSlice(addCap int) {
+	sp := p.BoolSlice()
+	s := make([]bool, 0, addCap+len(*sp))
+	s = s[:len(*sp)]
+	copy(s, *sp)
+	*sp = s
+}
+
+func (p pointer) growInt32Slice(addCap int) {
+	sp := p.Int32Slice()
+	s := make([]int32, 0, addCap+len(*sp))
+	s = s[:len(*sp)]
+	copy(s, *sp)
+	*sp = s
+}
+
+func (p pointer) growUint32Slice(addCap int) {
+	p.growInt32Slice(addCap)
+}
+
+func (p pointer) growFloat32Slice(addCap int) {
+	p.growInt32Slice(addCap)
+}
+
+func (p pointer) growInt64Slice(addCap int) {
+	sp := p.Int64Slice()
+	s := make([]int64, 0, addCap+len(*sp))
+	s = s[:len(*sp)]
+	copy(s, *sp)
+	*sp = s
+}
+
+func (p pointer) growUint64Slice(addCap int) {
+	p.growInt64Slice(addCap)
+}
+
+func (p pointer) growFloat64Slice(addCap int) {
+	p.growInt64Slice(addCap)
+}
+
 // Static check that MessageState does not exceed the size of a pointer.
 const _ = uint(unsafe.Sizeof(unsafe.Pointer(nil)) - unsafe.Sizeof(MessageState{}))
 
diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe.go b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go
similarity index 96%
rename from vendor/google.golang.org/protobuf/internal/strs/strings_unsafe.go
rename to vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go
index 61a84d341..a008acd09 100644
--- a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe.go
+++ b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !purego && !appengine
-// +build !purego,!appengine
+//go:build !purego && !appengine && !go1.21
+// +build !purego,!appengine,!go1.21
 
 package strs
 
diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go
new file mode 100644
index 000000000..60166f2ba
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go
@@ -0,0 +1,74 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !purego && !appengine && go1.21
+// +build !purego,!appengine,go1.21
+
+package strs
+
+import (
+	"unsafe"
+
+	"google.golang.org/protobuf/reflect/protoreflect"
+)
+
+// UnsafeString returns an unsafe string reference of b.
+// The caller must treat the input slice as immutable.
+//
+// WARNING: Use carefully. The returned result must not leak to the end user
+// unless the input slice is provably immutable.
+func UnsafeString(b []byte) string {
+	return unsafe.String(unsafe.SliceData(b), len(b))
+}
+
+// UnsafeBytes returns an unsafe bytes slice reference of s.
+// The caller must treat returned slice as immutable.
+//
+// WARNING: Use carefully. The returned result must not leak to the end user.
+func UnsafeBytes(s string) []byte {
+	return unsafe.Slice(unsafe.StringData(s), len(s))
+}
+
+// Builder builds a set of strings with shared lifetime.
+// This differs from strings.Builder, which is for building a single string.
+type Builder struct {
+	buf []byte
+}
+
+// AppendFullName is equivalent to protoreflect.FullName.Append,
+// but optimized for large batches where each name has a shared lifetime.
+func (sb *Builder) AppendFullName(prefix protoreflect.FullName, name protoreflect.Name) protoreflect.FullName {
+	n := len(prefix) + len(".") + len(name)
+	if len(prefix) == 0 {
+		n -= len(".")
+	}
+	sb.grow(n)
+	sb.buf = append(sb.buf, prefix...)
+	sb.buf = append(sb.buf, '.')
+	sb.buf = append(sb.buf, name...)
+	return protoreflect.FullName(sb.last(n))
+}
+
+// MakeString is equivalent to string(b), but optimized for large batches
+// with a shared lifetime.
+func (sb *Builder) MakeString(b []byte) string {
+	sb.grow(len(b))
+	sb.buf = append(sb.buf, b...)
+	return sb.last(len(b))
+}
+
+func (sb *Builder) grow(n int) {
+	if cap(sb.buf)-len(sb.buf) >= n {
+		return
+	}
+
+	// Unlike strings.Builder, we do not need to copy over the contents
+	// of the old buffer since our builder provides no API for
+	// retrieving previously created strings.
+	sb.buf = make([]byte, 0, 2*(cap(sb.buf)+n))
+}
+
+func (sb *Builder) last(n int) string {
+	return UnsafeString(sb.buf[len(sb.buf)-n:])
+}
diff --git a/vendor/google.golang.org/protobuf/internal/version/version.go b/vendor/google.golang.org/protobuf/internal/version/version.go
index 0999f29d5..d8f48faff 100644
--- a/vendor/google.golang.org/protobuf/internal/version/version.go
+++ b/vendor/google.golang.org/protobuf/internal/version/version.go
@@ -51,7 +51,7 @@ import (
 //  10. Send out the CL for review and submit it.
 const (
 	Major      = 1
-	Minor      = 31
+	Minor      = 32
 	Patch      = 0
 	PreRelease = ""
 )
diff --git a/vendor/google.golang.org/protobuf/proto/decode.go b/vendor/google.golang.org/protobuf/proto/decode.go
index 48d47946b..e5b03b567 100644
--- a/vendor/google.golang.org/protobuf/proto/decode.go
+++ b/vendor/google.golang.org/protobuf/proto/decode.go
@@ -69,7 +69,7 @@ func (o UnmarshalOptions) Unmarshal(b []byte, m Message) error {
 // UnmarshalState parses a wire-format message and places the result in m.
 //
 // This method permits fine-grained control over the unmarshaler.
-// Most users should use Unmarshal instead.
+// Most users should use [Unmarshal] instead.
 func (o UnmarshalOptions) UnmarshalState(in protoiface.UnmarshalInput) (protoiface.UnmarshalOutput, error) {
 	if o.RecursionLimit == 0 {
 		o.RecursionLimit = protowire.DefaultRecursionLimit
diff --git a/vendor/google.golang.org/protobuf/proto/doc.go b/vendor/google.golang.org/protobuf/proto/doc.go
index ec71e717f..80ed16a0c 100644
--- a/vendor/google.golang.org/protobuf/proto/doc.go
+++ b/vendor/google.golang.org/protobuf/proto/doc.go
@@ -18,27 +18,27 @@
 // This package contains functions to convert to and from the wire format,
 // an efficient binary serialization of protocol buffers.
 //
-// • Size reports the size of a message in the wire format.
+//   - [Size] reports the size of a message in the wire format.
 //
-// • Marshal converts a message to the wire format.
-// The MarshalOptions type provides more control over wire marshaling.
+//   - [Marshal] converts a message to the wire format.
+//     The [MarshalOptions] type provides more control over wire marshaling.
 //
-// • Unmarshal converts a message from the wire format.
-// The UnmarshalOptions type provides more control over wire unmarshaling.
+//   - [Unmarshal] converts a message from the wire format.
+//     The [UnmarshalOptions] type provides more control over wire unmarshaling.
 //
 // # Basic message operations
 //
-// • Clone makes a deep copy of a message.
+//   - [Clone] makes a deep copy of a message.
 //
-// • Merge merges the content of a message into another.
+//   - [Merge] merges the content of a message into another.
 //
-// • Equal compares two messages. For more control over comparisons
-// and detailed reporting of differences, see package
-// "google.golang.org/protobuf/testing/protocmp".
+//   - [Equal] compares two messages. For more control over comparisons
+//     and detailed reporting of differences, see package
+//     [google.golang.org/protobuf/testing/protocmp].
 //
-// • Reset clears the content of a message.
+//   - [Reset] clears the content of a message.
 //
-// • CheckInitialized reports whether all required fields in a message are set.
+//   - [CheckInitialized] reports whether all required fields in a message are set.
 //
 // # Optional scalar constructors
 //
@@ -46,9 +46,9 @@
 // as pointers to a value. For example, an optional string field has the
 // Go type *string.
 //
-// • Bool, Int32, Int64, Uint32, Uint64, Float32, Float64, and String
-// take a value and return a pointer to a new instance of it,
-// to simplify construction of optional field values.
+//   - [Bool], [Int32], [Int64], [Uint32], [Uint64], [Float32], [Float64], and [String]
+//     take a value and return a pointer to a new instance of it,
+//     to simplify construction of optional field values.
 //
 // Generated enum types usually have an Enum method which performs the
 // same operation.
@@ -57,29 +57,29 @@
 //
 // # Extension accessors
 //
-// • HasExtension, GetExtension, SetExtension, and ClearExtension
-// access extension field values in a protocol buffer message.
+//   - [HasExtension], [GetExtension], [SetExtension], and [ClearExtension]
+//     access extension field values in a protocol buffer message.
 //
 // Extension fields are only supported in proto2.
 //
 // # Related packages
 //
-// • Package "google.golang.org/protobuf/encoding/protojson" converts messages to
-// and from JSON.
+//   - Package [google.golang.org/protobuf/encoding/protojson] converts messages to
+//     and from JSON.
 //
-// • Package "google.golang.org/protobuf/encoding/prototext" converts messages to
-// and from the text format.
+//   - Package [google.golang.org/protobuf/encoding/prototext] converts messages to
+//     and from the text format.
 //
-// • Package "google.golang.org/protobuf/reflect/protoreflect" provides a
-// reflection interface for protocol buffer data types.
+//   - Package [google.golang.org/protobuf/reflect/protoreflect] provides a
+//     reflection interface for protocol buffer data types.
 //
-// • Package "google.golang.org/protobuf/testing/protocmp" provides features
-// to compare protocol buffer messages with the "github.com/google/go-cmp/cmp"
-// package.
+//   - Package [google.golang.org/protobuf/testing/protocmp] provides features
+//     to compare protocol buffer messages with the [github.com/google/go-cmp/cmp]
+//     package.
 //
-// • Package "google.golang.org/protobuf/types/dynamicpb" provides a dynamic
-// message type, suitable for working with messages where the protocol buffer
-// type is only known at runtime.
+//   - Package [google.golang.org/protobuf/types/dynamicpb] provides a dynamic
+//     message type, suitable for working with messages where the protocol buffer
+//     type is only known at runtime.
 //
 // This module contains additional packages for more specialized use cases.
 // Consult the individual package documentation for details.
diff --git a/vendor/google.golang.org/protobuf/proto/encode.go b/vendor/google.golang.org/protobuf/proto/encode.go
index bf7f816d0..4fed202f9 100644
--- a/vendor/google.golang.org/protobuf/proto/encode.go
+++ b/vendor/google.golang.org/protobuf/proto/encode.go
@@ -129,7 +129,7 @@ func (o MarshalOptions) MarshalAppend(b []byte, m Message) ([]byte, error) {
 // MarshalState returns the wire-format encoding of a message.
 //
 // This method permits fine-grained control over the marshaler.
-// Most users should use Marshal instead.
+// Most users should use [Marshal] instead.
 func (o MarshalOptions) MarshalState(in protoiface.MarshalInput) (protoiface.MarshalOutput, error) {
 	return o.marshal(in.Buf, in.Message)
 }
diff --git a/vendor/google.golang.org/protobuf/proto/extension.go b/vendor/google.golang.org/protobuf/proto/extension.go
index 5f293cda8..17899a3a7 100644
--- a/vendor/google.golang.org/protobuf/proto/extension.go
+++ b/vendor/google.golang.org/protobuf/proto/extension.go
@@ -26,7 +26,7 @@ func HasExtension(m Message, xt protoreflect.ExtensionType) bool {
 }
 
 // ClearExtension clears an extension field such that subsequent
-// HasExtension calls return false.
+// [HasExtension] calls return false.
 // It panics if m is invalid or if xt does not extend m.
 func ClearExtension(m Message, xt protoreflect.ExtensionType) {
 	m.ProtoReflect().Clear(xt.TypeDescriptor())
diff --git a/vendor/google.golang.org/protobuf/proto/merge.go b/vendor/google.golang.org/protobuf/proto/merge.go
index d761ab331..3c6fe5780 100644
--- a/vendor/google.golang.org/protobuf/proto/merge.go
+++ b/vendor/google.golang.org/protobuf/proto/merge.go
@@ -21,7 +21,7 @@ import (
 // The unknown fields of src are appended to the unknown fields of dst.
 //
 // It is semantically equivalent to unmarshaling the encoded form of src
-// into dst with the UnmarshalOptions.Merge option specified.
+// into dst with the [UnmarshalOptions.Merge] option specified.
 func Merge(dst, src Message) {
 	// TODO: Should nil src be treated as semantically equivalent to a
 	// untyped, read-only, empty message? What about a nil dst?
diff --git a/vendor/google.golang.org/protobuf/proto/proto.go b/vendor/google.golang.org/protobuf/proto/proto.go
index 1f0d183b1..7543ee6b2 100644
--- a/vendor/google.golang.org/protobuf/proto/proto.go
+++ b/vendor/google.golang.org/protobuf/proto/proto.go
@@ -15,18 +15,20 @@ import (
 // protobuf module that accept a Message, except where otherwise specified.
 //
 // This is the v2 interface definition for protobuf messages.
-// The v1 interface definition is "github.com/golang/protobuf/proto".Message.
+// The v1 interface definition is [github.com/golang/protobuf/proto.Message].
 //
-// To convert a v1 message to a v2 message,
-// use "github.com/golang/protobuf/proto".MessageV2.
-// To convert a v2 message to a v1 message,
-// use "github.com/golang/protobuf/proto".MessageV1.
+//   - To convert a v1 message to a v2 message,
+//     use [google.golang.org/protobuf/protoadapt.MessageV2Of].
+//   - To convert a v2 message to a v1 message,
+//     use [google.golang.org/protobuf/protoadapt.MessageV1Of].
 type Message = protoreflect.ProtoMessage
 
-// Error matches all errors produced by packages in the protobuf module.
+// Error matches all errors produced by packages in the protobuf module
+// according to [errors.Is].
 //
-// That is, errors.Is(err, Error) reports whether an error is produced
-// by this module.
+// Example usage:
+//
+//	if errors.Is(err, proto.Error) { ... }
 var Error error
 
 func init() {
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
index 55aa14922..ec6572dfd 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
@@ -10,46 +10,46 @@
 //
 // # Protocol Buffer Descriptors
 //
-// Protobuf descriptors (e.g., EnumDescriptor or MessageDescriptor)
+// Protobuf descriptors (e.g., [EnumDescriptor] or [MessageDescriptor])
 // are immutable objects that represent protobuf type information.
 // They are wrappers around the messages declared in descriptor.proto.
 // Protobuf descriptors alone lack any information regarding Go types.
 //
-// Enums and messages generated by this module implement Enum and ProtoMessage,
+// Enums and messages generated by this module implement [Enum] and [ProtoMessage],
 // where the Descriptor and ProtoReflect.Descriptor accessors respectively
 // return the protobuf descriptor for the values.
 //
 // The protobuf descriptor interfaces are not meant to be implemented by
 // user code since they might need to be extended in the future to support
 // additions to the protobuf language.
-// The "google.golang.org/protobuf/reflect/protodesc" package converts between
+// The [google.golang.org/protobuf/reflect/protodesc] package converts between
 // google.protobuf.DescriptorProto messages and protobuf descriptors.
 //
 // # Go Type Descriptors
 //
-// A type descriptor (e.g., EnumType or MessageType) is a constructor for
+// A type descriptor (e.g., [EnumType] or [MessageType]) is a constructor for
 // a concrete Go type that represents the associated protobuf descriptor.
 // There is commonly a one-to-one relationship between protobuf descriptors and
 // Go type descriptors, but it can potentially be a one-to-many relationship.
 //
-// Enums and messages generated by this module implement Enum and ProtoMessage,
+// Enums and messages generated by this module implement [Enum] and [ProtoMessage],
 // where the Type and ProtoReflect.Type accessors respectively
 // return the protobuf descriptor for the values.
 //
-// The "google.golang.org/protobuf/types/dynamicpb" package can be used to
+// The [google.golang.org/protobuf/types/dynamicpb] package can be used to
 // create Go type descriptors from protobuf descriptors.
 //
 // # Value Interfaces
 //
-// The Enum and Message interfaces provide a reflective view over an
+// The [Enum] and [Message] interfaces provide a reflective view over an
 // enum or message instance. For enums, it provides the ability to retrieve
 // the enum value number for any concrete enum type. For messages, it provides
 // the ability to access or manipulate fields of the message.
 //
-// To convert a proto.Message to a protoreflect.Message, use the
+// To convert a [google.golang.org/protobuf/proto.Message] to a [protoreflect.Message], use the
 // former's ProtoReflect method. Since the ProtoReflect method is new to the
 // v2 message interface, it may not be present on older message implementations.
-// The "github.com/golang/protobuf/proto".MessageReflect function can be used
+// The [github.com/golang/protobuf/proto.MessageReflect] function can be used
 // to obtain a reflective view on older messages.
 //
 // # Relationships
@@ -71,12 +71,12 @@
 //	      │                                 │
 //	      └────────────────── Type() ───────┘
 //
-// • An EnumType describes a concrete Go enum type.
+// • An [EnumType] describes a concrete Go enum type.
 // It has an EnumDescriptor and can construct an Enum instance.
 //
-// • An EnumDescriptor describes an abstract protobuf enum type.
+// • An [EnumDescriptor] describes an abstract protobuf enum type.
 //
-// • An Enum is a concrete enum instance. Generated enums implement Enum.
+// • An [Enum] is a concrete enum instance. Generated enums implement Enum.
 //
 //	  ┌──────────────── New() ─────────────────┐
 //	  │                                        │
@@ -90,24 +90,26 @@
 //	       │                                    │
 //	       └─────────────────── Type() ─────────┘
 //
-// • A MessageType describes a concrete Go message type.
-// It has a MessageDescriptor and can construct a Message instance.
-// Just as how Go's reflect.Type is a reflective description of a Go type,
-// a MessageType is a reflective description of a Go type for a protobuf message.
+// • A [MessageType] describes a concrete Go message type.
+// It has a [MessageDescriptor] and can construct a [Message] instance.
+// Just as how Go's [reflect.Type] is a reflective description of a Go type,
+// a [MessageType] is a reflective description of a Go type for a protobuf message.
 //
-// • A MessageDescriptor describes an abstract protobuf message type.
-// It has no understanding of Go types. In order to construct a MessageType
-// from just a MessageDescriptor, you can consider looking up the message type
-// in the global registry using protoregistry.GlobalTypes.FindMessageByName
-// or constructing a dynamic MessageType using dynamicpb.NewMessageType.
+// • A [MessageDescriptor] describes an abstract protobuf message type.
+// It has no understanding of Go types. In order to construct a [MessageType]
+// from just a [MessageDescriptor], you can consider looking up the message type
+// in the global registry using the FindMessageByName method on
+// [google.golang.org/protobuf/reflect/protoregistry.GlobalTypes]
+// or constructing a dynamic [MessageType] using
+// [google.golang.org/protobuf/types/dynamicpb.NewMessageType].
 //
-// • A Message is a reflective view over a concrete message instance.
-// Generated messages implement ProtoMessage, which can convert to a Message.
-// Just as how Go's reflect.Value is a reflective view over a Go value,
-// a Message is a reflective view over a concrete protobuf message instance.
-// Using Go reflection as an analogy, the ProtoReflect method is similar to
-// calling reflect.ValueOf, and the Message.Interface method is similar to
-// calling reflect.Value.Interface.
+// • A [Message] is a reflective view over a concrete message instance.
+// Generated messages implement [ProtoMessage], which can convert to a [Message].
+// Just as how Go's [reflect.Value] is a reflective view over a Go value,
+// a [Message] is a reflective view over a concrete protobuf message instance.
+// Using Go reflection as an analogy, the [ProtoMessage.ProtoReflect] method is similar to
+// calling [reflect.ValueOf], and the [Message.Interface] method is similar to
+// calling [reflect.Value.Interface].
 //
 //	      ┌── TypeDescriptor() ──┐    ┌───── Descriptor() ─────┐
 //	      │                      V    │                        V
@@ -119,15 +121,15 @@
 //	                                 │                          │
 //	                                 └────── implements ────────┘
 //
-// • An ExtensionType describes a concrete Go implementation of an extension.
-// It has an ExtensionTypeDescriptor and can convert to/from
-// abstract Values and Go values.
+// • An [ExtensionType] describes a concrete Go implementation of an extension.
+// It has an [ExtensionTypeDescriptor] and can convert to/from
+// an abstract [Value] and a Go value.
 //
-// • An ExtensionTypeDescriptor is an ExtensionDescriptor
-// which also has an ExtensionType.
+// • An [ExtensionTypeDescriptor] is an [ExtensionDescriptor]
+// which also has an [ExtensionType].
 //
-// • An ExtensionDescriptor describes an abstract protobuf extension field and
-// may not always be an ExtensionTypeDescriptor.
+// • An [ExtensionDescriptor] describes an abstract protobuf extension field and
+// may not always be an [ExtensionTypeDescriptor].
 package protoreflect
 
 import (
@@ -142,7 +144,7 @@ type doNotImplement pragma.DoNotImplement
 
 // ProtoMessage is the top-level interface that all proto messages implement.
 // This is declared in the protoreflect package to avoid a cyclic dependency;
-// use the proto.Message type instead, which aliases this type.
+// use the [google.golang.org/protobuf/proto.Message] type instead, which aliases this type.
 type ProtoMessage interface{ ProtoReflect() Message }
 
 // Syntax is the language version of the proto file.
@@ -151,8 +153,9 @@ type Syntax syntax
 type syntax int8 // keep exact type opaque as the int type may change
 
 const (
-	Proto2 Syntax = 2
-	Proto3 Syntax = 3
+	Proto2   Syntax = 2
+	Proto3   Syntax = 3
+	Editions Syntax = 4
 )
 
 // IsValid reports whether the syntax is valid.
@@ -436,7 +439,7 @@ type Names interface {
 // FullName is a qualified name that uniquely identifies a proto declaration.
 // A qualified name is the concatenation of the proto package along with the
 // fully-declared name (i.e., name of parent preceding the name of the child),
-// with a '.' delimiter placed between each Name.
+// with a '.' delimiter placed between each [Name].
 //
 // This should not have any leading or trailing dots.
 type FullName string // e.g., "google.protobuf.Field.Kind"
@@ -480,7 +483,7 @@ func isLetterDigit(c byte) bool {
 }
 
 // Name returns the short name, which is the last identifier segment.
-// A single segment FullName is the Name itself.
+// A single segment FullName is the [Name] itself.
 func (n FullName) Name() Name {
 	if i := strings.LastIndexByte(string(n), '.'); i >= 0 {
 		return Name(n[i+1:])
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
index 717b106f3..0c045db6a 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
@@ -35,7 +35,7 @@ func (p *SourcePath) appendFileDescriptorProto(b []byte) []byte {
 		b = p.appendSingularField(b, "source_code_info", (*SourcePath).appendSourceCodeInfo)
 	case 12:
 		b = p.appendSingularField(b, "syntax", nil)
-	case 13:
+	case 14:
 		b = p.appendSingularField(b, "edition", nil)
 	}
 	return b
@@ -180,6 +180,8 @@ func (p *SourcePath) appendFileOptions(b []byte) []byte {
 		b = p.appendSingularField(b, "php_metadata_namespace", nil)
 	case 45:
 		b = p.appendSingularField(b, "ruby_package", nil)
+	case 50:
+		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -240,6 +242,8 @@ func (p *SourcePath) appendMessageOptions(b []byte) []byte {
 		b = p.appendSingularField(b, "map_entry", nil)
 	case 11:
 		b = p.appendSingularField(b, "deprecated_legacy_json_field_conflicts", nil)
+	case 12:
+		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -285,6 +289,8 @@ func (p *SourcePath) appendEnumOptions(b []byte) []byte {
 		b = p.appendSingularField(b, "deprecated", nil)
 	case 6:
 		b = p.appendSingularField(b, "deprecated_legacy_json_field_conflicts", nil)
+	case 7:
+		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -330,6 +336,8 @@ func (p *SourcePath) appendServiceOptions(b []byte) []byte {
 		return b
 	}
 	switch (*p)[0] {
+	case 34:
+		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 33:
 		b = p.appendSingularField(b, "deprecated", nil)
 	case 999:
@@ -361,16 +369,39 @@ func (p *SourcePath) appendFieldOptions(b []byte) []byte {
 		b = p.appendSingularField(b, "debug_redact", nil)
 	case 17:
 		b = p.appendSingularField(b, "retention", nil)
-	case 18:
-		b = p.appendSingularField(b, "target", nil)
 	case 19:
 		b = p.appendRepeatedField(b, "targets", nil)
+	case 20:
+		b = p.appendRepeatedField(b, "edition_defaults", (*SourcePath).appendFieldOptions_EditionDefault)
+	case 21:
+		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
 	return b
 }
 
+func (p *SourcePath) appendFeatureSet(b []byte) []byte {
+	if len(*p) == 0 {
+		return b
+	}
+	switch (*p)[0] {
+	case 1:
+		b = p.appendSingularField(b, "field_presence", nil)
+	case 2:
+		b = p.appendSingularField(b, "enum_type", nil)
+	case 3:
+		b = p.appendSingularField(b, "repeated_field_encoding", nil)
+	case 4:
+		b = p.appendSingularField(b, "utf8_validation", nil)
+	case 5:
+		b = p.appendSingularField(b, "message_encoding", nil)
+	case 6:
+		b = p.appendSingularField(b, "json_format", nil)
+	}
+	return b
+}
+
 func (p *SourcePath) appendUninterpretedOption(b []byte) []byte {
 	if len(*p) == 0 {
 		return b
@@ -422,6 +453,8 @@ func (p *SourcePath) appendExtensionRangeOptions(b []byte) []byte {
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	case 2:
 		b = p.appendRepeatedField(b, "declaration", (*SourcePath).appendExtensionRangeOptions_Declaration)
+	case 50:
+		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 3:
 		b = p.appendSingularField(b, "verification", nil)
 	}
@@ -433,6 +466,8 @@ func (p *SourcePath) appendOneofOptions(b []byte) []byte {
 		return b
 	}
 	switch (*p)[0] {
+	case 1:
+		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -446,6 +481,10 @@ func (p *SourcePath) appendEnumValueOptions(b []byte) []byte {
 	switch (*p)[0] {
 	case 1:
 		b = p.appendSingularField(b, "deprecated", nil)
+	case 2:
+		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
+	case 3:
+		b = p.appendSingularField(b, "debug_redact", nil)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -461,12 +500,27 @@ func (p *SourcePath) appendMethodOptions(b []byte) []byte {
 		b = p.appendSingularField(b, "deprecated", nil)
 	case 34:
 		b = p.appendSingularField(b, "idempotency_level", nil)
+	case 35:
+		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
 	return b
 }
 
+func (p *SourcePath) appendFieldOptions_EditionDefault(b []byte) []byte {
+	if len(*p) == 0 {
+		return b
+	}
+	switch (*p)[0] {
+	case 3:
+		b = p.appendSingularField(b, "edition", nil)
+	case 2:
+		b = p.appendSingularField(b, "value", nil)
+	}
+	return b
+}
+
 func (p *SourcePath) appendUninterpretedOption_NamePart(b []byte) []byte {
 	if len(*p) == 0 {
 		return b
@@ -491,8 +545,6 @@ func (p *SourcePath) appendExtensionRangeOptions_Declaration(b []byte) []byte {
 		b = p.appendSingularField(b, "full_name", nil)
 	case 3:
 		b = p.appendSingularField(b, "type", nil)
-	case 4:
-		b = p.appendSingularField(b, "is_repeated", nil)
 	case 5:
 		b = p.appendSingularField(b, "reserved", nil)
 	case 6:
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go
index 3867470d3..60ff62b4c 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go
@@ -12,7 +12,7 @@ package protoreflect
 // exactly identical. However, it is possible for the same semantically
 // identical proto type to be represented by multiple type descriptors.
 //
-// For example, suppose we have t1 and t2 which are both MessageDescriptors.
+// For example, suppose we have t1 and t2 which are both an [MessageDescriptor].
 // If t1 == t2, then the types are definitely equal and all accessors return
 // the same information. However, if t1 != t2, then it is still possible that
 // they still represent the same proto type (e.g., t1.FullName == t2.FullName).
@@ -115,7 +115,7 @@ type Descriptor interface {
 // corresponds with the google.protobuf.FileDescriptorProto message.
 //
 // Top-level declarations:
-// EnumDescriptor, MessageDescriptor, FieldDescriptor, and/or ServiceDescriptor.
+// [EnumDescriptor], [MessageDescriptor], [FieldDescriptor], and/or [ServiceDescriptor].
 type FileDescriptor interface {
 	Descriptor // Descriptor.FullName is identical to Package
 
@@ -180,8 +180,8 @@ type FileImport struct {
 // corresponds with the google.protobuf.DescriptorProto message.
 //
 // Nested declarations:
-// FieldDescriptor, OneofDescriptor, FieldDescriptor, EnumDescriptor,
-// and/or MessageDescriptor.
+// [FieldDescriptor], [OneofDescriptor], [FieldDescriptor], [EnumDescriptor],
+// and/or [MessageDescriptor].
 type MessageDescriptor interface {
 	Descriptor
 
@@ -214,7 +214,7 @@ type MessageDescriptor interface {
 	ExtensionRanges() FieldRanges
 	// ExtensionRangeOptions returns the ith extension range options.
 	//
-	// To avoid a dependency cycle, this method returns a proto.Message value,
+	// To avoid a dependency cycle, this method returns a proto.Message] value,
 	// which always contains a google.protobuf.ExtensionRangeOptions message.
 	// This method returns a typed nil-pointer if no options are present.
 	// The caller must import the descriptorpb package to use this.
@@ -231,9 +231,9 @@ type MessageDescriptor interface {
 }
 type isMessageDescriptor interface{ ProtoType(MessageDescriptor) }
 
-// MessageType encapsulates a MessageDescriptor with a concrete Go implementation.
+// MessageType encapsulates a [MessageDescriptor] with a concrete Go implementation.
 // It is recommended that implementations of this interface also implement the
-// MessageFieldTypes interface.
+// [MessageFieldTypes] interface.
 type MessageType interface {
 	// New returns a newly allocated empty message.
 	// It may return nil for synthetic messages representing a map entry.
@@ -249,19 +249,19 @@ type MessageType interface {
 	Descriptor() MessageDescriptor
 }
 
-// MessageFieldTypes extends a MessageType by providing type information
+// MessageFieldTypes extends a [MessageType] by providing type information
 // regarding enums and messages referenced by the message fields.
 type MessageFieldTypes interface {
 	MessageType
 
-	// Enum returns the EnumType for the ith field in Descriptor.Fields.
+	// Enum returns the EnumType for the ith field in MessageDescriptor.Fields.
 	// It returns nil if the ith field is not an enum kind.
 	// It panics if out of bounds.
 	//
 	// Invariant: mt.Enum(i).Descriptor() == mt.Descriptor().Fields(i).Enum()
 	Enum(i int) EnumType
 
-	// Message returns the MessageType for the ith field in Descriptor.Fields.
+	// Message returns the MessageType for the ith field in MessageDescriptor.Fields.
 	// It returns nil if the ith field is not a message or group kind.
 	// It panics if out of bounds.
 	//
@@ -286,8 +286,8 @@ type MessageDescriptors interface {
 // corresponds with the google.protobuf.FieldDescriptorProto message.
 //
 // It is used for both normal fields defined within the parent message
-// (e.g., MessageDescriptor.Fields) and fields that extend some remote message
-// (e.g., FileDescriptor.Extensions or MessageDescriptor.Extensions).
+// (e.g., [MessageDescriptor.Fields]) and fields that extend some remote message
+// (e.g., [FileDescriptor.Extensions] or [MessageDescriptor.Extensions]).
 type FieldDescriptor interface {
 	Descriptor
 
@@ -344,7 +344,7 @@ type FieldDescriptor interface {
 	// IsMap reports whether this field represents a map,
 	// where the value type for the associated field is a Map.
 	// It is equivalent to checking whether Cardinality is Repeated,
-	// that the Kind is MessageKind, and that Message.IsMapEntry reports true.
+	// that the Kind is MessageKind, and that MessageDescriptor.IsMapEntry reports true.
 	IsMap() bool
 
 	// MapKey returns the field descriptor for the key in the map entry.
@@ -419,7 +419,7 @@ type OneofDescriptor interface {
 
 	// IsSynthetic reports whether this is a synthetic oneof created to support
 	// proto3 optional semantics. If true, Fields contains exactly one field
-	// with HasOptionalKeyword specified.
+	// with FieldDescriptor.HasOptionalKeyword specified.
 	IsSynthetic() bool
 
 	// Fields is a list of fields belonging to this oneof.
@@ -442,10 +442,10 @@ type OneofDescriptors interface {
 	doNotImplement
 }
 
-// ExtensionDescriptor is an alias of FieldDescriptor for documentation.
+// ExtensionDescriptor is an alias of [FieldDescriptor] for documentation.
 type ExtensionDescriptor = FieldDescriptor
 
-// ExtensionTypeDescriptor is an ExtensionDescriptor with an associated ExtensionType.
+// ExtensionTypeDescriptor is an [ExtensionDescriptor] with an associated [ExtensionType].
 type ExtensionTypeDescriptor interface {
 	ExtensionDescriptor
 
@@ -470,12 +470,12 @@ type ExtensionDescriptors interface {
 	doNotImplement
 }
 
-// ExtensionType encapsulates an ExtensionDescriptor with a concrete
+// ExtensionType encapsulates an [ExtensionDescriptor] with a concrete
 // Go implementation. The nested field descriptor must be for a extension field.
 //
 // While a normal field is a member of the parent message that it is declared
-// within (see Descriptor.Parent), an extension field is a member of some other
-// target message (see ExtensionDescriptor.Extendee) and may have no
+// within (see [Descriptor.Parent]), an extension field is a member of some other
+// target message (see [FieldDescriptor.ContainingMessage]) and may have no
 // relationship with the parent. However, the full name of an extension field is
 // relative to the parent that it is declared within.
 //
@@ -532,7 +532,7 @@ type ExtensionType interface {
 // corresponds with the google.protobuf.EnumDescriptorProto message.
 //
 // Nested declarations:
-// EnumValueDescriptor.
+// [EnumValueDescriptor].
 type EnumDescriptor interface {
 	Descriptor
 
@@ -548,7 +548,7 @@ type EnumDescriptor interface {
 }
 type isEnumDescriptor interface{ ProtoType(EnumDescriptor) }
 
-// EnumType encapsulates an EnumDescriptor with a concrete Go implementation.
+// EnumType encapsulates an [EnumDescriptor] with a concrete Go implementation.
 type EnumType interface {
 	// New returns an instance of this enum type with its value set to n.
 	New(n EnumNumber) Enum
@@ -610,7 +610,7 @@ type EnumValueDescriptors interface {
 // ServiceDescriptor describes a service and
 // corresponds with the google.protobuf.ServiceDescriptorProto message.
 //
-// Nested declarations: MethodDescriptor.
+// Nested declarations: [MethodDescriptor].
 type ServiceDescriptor interface {
 	Descriptor
 
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go
index 37601b781..a7b0d06ff 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go
@@ -27,16 +27,16 @@ type Enum interface {
 // Message is a reflective interface for a concrete message value,
 // encapsulating both type and value information for the message.
 //
-// Accessor/mutators for individual fields are keyed by FieldDescriptor.
+// Accessor/mutators for individual fields are keyed by [FieldDescriptor].
 // For non-extension fields, the descriptor must exactly match the
 // field known by the parent message.
-// For extension fields, the descriptor must implement ExtensionTypeDescriptor,
-// extend the parent message (i.e., have the same message FullName), and
+// For extension fields, the descriptor must implement [ExtensionTypeDescriptor],
+// extend the parent message (i.e., have the same message [FullName]), and
 // be within the parent's extension range.
 //
-// Each field Value can be a scalar or a composite type (Message, List, or Map).
-// See Value for the Go types associated with a FieldDescriptor.
-// Providing a Value that is invalid or of an incorrect type panics.
+// Each field [Value] can be a scalar or a composite type ([Message], [List], or [Map]).
+// See [Value] for the Go types associated with a [FieldDescriptor].
+// Providing a [Value] that is invalid or of an incorrect type panics.
 type Message interface {
 	// Descriptor returns message descriptor, which contains only the protobuf
 	// type information for the message.
@@ -152,7 +152,7 @@ type Message interface {
 	// This method may return nil.
 	//
 	// The returned methods type is identical to
-	// "google.golang.org/protobuf/runtime/protoiface".Methods.
+	// google.golang.org/protobuf/runtime/protoiface.Methods.
 	// Consult the protoiface package documentation for details.
 	ProtoMethods() *methods
 }
@@ -175,8 +175,8 @@ func (b RawFields) IsValid() bool {
 }
 
 // List is a zero-indexed, ordered list.
-// The element Value type is determined by FieldDescriptor.Kind.
-// Providing a Value that is invalid or of an incorrect type panics.
+// The element [Value] type is determined by [FieldDescriptor.Kind].
+// Providing a [Value] that is invalid or of an incorrect type panics.
 type List interface {
 	// Len reports the number of entries in the List.
 	// Get, Set, and Truncate panic with out of bound indexes.
@@ -226,9 +226,9 @@ type List interface {
 }
 
 // Map is an unordered, associative map.
-// The entry MapKey type is determined by FieldDescriptor.MapKey.Kind.
-// The entry Value type is determined by FieldDescriptor.MapValue.Kind.
-// Providing a MapKey or Value that is invalid or of an incorrect type panics.
+// The entry [MapKey] type is determined by [FieldDescriptor.MapKey].Kind.
+// The entry [Value] type is determined by [FieldDescriptor.MapValue].Kind.
+// Providing a [MapKey] or [Value] that is invalid or of an incorrect type panics.
 type Map interface {
 	// Len reports the number of elements in the map.
 	Len() int
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_equal.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_equal.go
index 591652541..654599d44 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_equal.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_equal.go
@@ -24,19 +24,19 @@ import (
 //     Unlike the == operator, a NaN is equal to another NaN.
 //
 //   - Enums are equal if they contain the same number.
-//     Since Value does not contain an enum descriptor,
+//     Since [Value] does not contain an enum descriptor,
 //     enum values do not consider the type of the enum.
 //
 //   - Other scalar values are equal if they contain the same value.
 //
-//   - Message values are equal if they belong to the same message descriptor,
+//   - [Message] values are equal if they belong to the same message descriptor,
 //     have the same set of populated known and extension field values,
 //     and the same set of unknown fields values.
 //
-//   - Lists are equal if they are the same length and
+//   - [List] values are equal if they are the same length and
 //     each corresponding element is equal.
 //
-//   - Maps are equal if they have the same set of keys and
+//   - [Map] values are equal if they have the same set of keys and
 //     the corresponding value for each key is equal.
 func (v1 Value) Equal(v2 Value) bool {
 	return equalValue(v1, v2)
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go
index 08e5ef73f..160309731 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go
@@ -11,7 +11,7 @@ import (
 
 // Value is a union where only one Go type may be set at a time.
 // The Value is used to represent all possible values a field may take.
-// The following shows which Go type is used to represent each proto Kind:
+// The following shows which Go type is used to represent each proto [Kind]:
 //
 //	╔════════════╤═════════════════════════════════════╗
 //	║ Go type    │ Protobuf kind                       ║
@@ -31,22 +31,22 @@ import (
 //
 // Multiple protobuf Kinds may be represented by a single Go type if the type
 // can losslessly represent the information for the proto kind. For example,
-// Int64Kind, Sint64Kind, and Sfixed64Kind are all represented by int64,
+// [Int64Kind], [Sint64Kind], and [Sfixed64Kind] are all represented by int64,
 // but use different integer encoding methods.
 //
-// The List or Map types are used if the field cardinality is repeated.
-// A field is a List if FieldDescriptor.IsList reports true.
-// A field is a Map if FieldDescriptor.IsMap reports true.
+// The [List] or [Map] types are used if the field cardinality is repeated.
+// A field is a [List] if [FieldDescriptor.IsList] reports true.
+// A field is a [Map] if [FieldDescriptor.IsMap] reports true.
 //
 // Converting to/from a Value and a concrete Go value panics on type mismatch.
-// For example, ValueOf("hello").Int() panics because this attempts to
+// For example, [ValueOf]("hello").Int() panics because this attempts to
 // retrieve an int64 from a string.
 //
-// List, Map, and Message Values are called "composite" values.
+// [List], [Map], and [Message] Values are called "composite" values.
 //
 // A composite Value may alias (reference) memory at some location,
 // such that changes to the Value updates the that location.
-// A composite value acquired with a Mutable method, such as Message.Mutable,
+// A composite value acquired with a Mutable method, such as [Message.Mutable],
 // always references the source object.
 //
 // For example:
@@ -65,7 +65,7 @@ import (
 //	// appending to the List here may or may not modify the message.
 //	list.Append(protoreflect.ValueOfInt32(0))
 //
-// Some operations, such as Message.Get, may return an "empty, read-only"
+// Some operations, such as [Message.Get], may return an "empty, read-only"
 // composite Value. Modifying an empty, read-only value panics.
 type Value value
 
@@ -306,7 +306,7 @@ func (v Value) Float() float64 {
 	}
 }
 
-// String returns v as a string. Since this method implements fmt.Stringer,
+// String returns v as a string. Since this method implements [fmt.Stringer],
 // this returns the formatted string value for any non-string type.
 func (v Value) String() string {
 	switch v.typ {
@@ -327,7 +327,7 @@ func (v Value) Bytes() []byte {
 	}
 }
 
-// Enum returns v as a EnumNumber and panics if the type is not a EnumNumber.
+// Enum returns v as a [EnumNumber] and panics if the type is not a [EnumNumber].
 func (v Value) Enum() EnumNumber {
 	switch v.typ {
 	case enumType:
@@ -337,7 +337,7 @@ func (v Value) Enum() EnumNumber {
 	}
 }
 
-// Message returns v as a Message and panics if the type is not a Message.
+// Message returns v as a [Message] and panics if the type is not a [Message].
 func (v Value) Message() Message {
 	switch vi := v.getIface().(type) {
 	case Message:
@@ -347,7 +347,7 @@ func (v Value) Message() Message {
 	}
 }
 
-// List returns v as a List and panics if the type is not a List.
+// List returns v as a [List] and panics if the type is not a [List].
 func (v Value) List() List {
 	switch vi := v.getIface().(type) {
 	case List:
@@ -357,7 +357,7 @@ func (v Value) List() List {
 	}
 }
 
-// Map returns v as a Map and panics if the type is not a Map.
+// Map returns v as a [Map] and panics if the type is not a [Map].
 func (v Value) Map() Map {
 	switch vi := v.getIface().(type) {
 	case Map:
@@ -367,7 +367,7 @@ func (v Value) Map() Map {
 	}
 }
 
-// MapKey returns v as a MapKey and panics for invalid MapKey types.
+// MapKey returns v as a [MapKey] and panics for invalid [MapKey] types.
 func (v Value) MapKey() MapKey {
 	switch v.typ {
 	case boolType, int32Type, int64Type, uint32Type, uint64Type, stringType:
@@ -378,8 +378,8 @@ func (v Value) MapKey() MapKey {
 }
 
 // MapKey is used to index maps, where the Go type of the MapKey must match
-// the specified key Kind (see MessageDescriptor.IsMapEntry).
-// The following shows what Go type is used to represent each proto Kind:
+// the specified key [Kind] (see [MessageDescriptor.IsMapEntry]).
+// The following shows what Go type is used to represent each proto [Kind]:
 //
 //	╔═════════╤═════════════════════════════════════╗
 //	║ Go type │ Protobuf kind                       ║
@@ -392,13 +392,13 @@ func (v Value) MapKey() MapKey {
 //	║ string  │ StringKind                          ║
 //	╚═════════╧═════════════════════════════════════╝
 //
-// A MapKey is constructed and accessed through a Value:
+// A MapKey is constructed and accessed through a [Value]:
 //
 //	k := ValueOf("hash").MapKey() // convert string to MapKey
 //	s := k.String()               // convert MapKey to string
 //
-// The MapKey is a strict subset of valid types used in Value;
-// converting a Value to a MapKey with an invalid type panics.
+// The MapKey is a strict subset of valid types used in [Value];
+// converting a [Value] to a MapKey with an invalid type panics.
 type MapKey value
 
 // IsValid reports whether k is populated with a value.
@@ -426,13 +426,13 @@ func (k MapKey) Uint() uint64 {
 	return Value(k).Uint()
 }
 
-// String returns k as a string. Since this method implements fmt.Stringer,
+// String returns k as a string. Since this method implements [fmt.Stringer],
 // this returns the formatted string value for any non-string type.
 func (k MapKey) String() string {
 	return Value(k).String()
 }
 
-// Value returns k as a Value.
+// Value returns k as a [Value].
 func (k MapKey) Value() Value {
 	return Value(k)
 }
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go
similarity index 97%
rename from vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe.go
rename to vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go
index 702ddf22a..b1fdbe3e8 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !purego && !appengine
-// +build !purego,!appengine
+//go:build !purego && !appengine && !go1.21
+// +build !purego,!appengine,!go1.21
 
 package protoreflect
 
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go
new file mode 100644
index 000000000..435470111
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go
@@ -0,0 +1,87 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !purego && !appengine && go1.21
+// +build !purego,!appengine,go1.21
+
+package protoreflect
+
+import (
+	"unsafe"
+
+	"google.golang.org/protobuf/internal/pragma"
+)
+
+type (
+	ifaceHeader struct {
+		_    [0]interface{} // if interfaces have greater alignment than unsafe.Pointer, this will enforce it.
+		Type unsafe.Pointer
+		Data unsafe.Pointer
+	}
+)
+
+var (
+	nilType     = typeOf(nil)
+	boolType    = typeOf(*new(bool))
+	int32Type   = typeOf(*new(int32))
+	int64Type   = typeOf(*new(int64))
+	uint32Type  = typeOf(*new(uint32))
+	uint64Type  = typeOf(*new(uint64))
+	float32Type = typeOf(*new(float32))
+	float64Type = typeOf(*new(float64))
+	stringType  = typeOf(*new(string))
+	bytesType   = typeOf(*new([]byte))
+	enumType    = typeOf(*new(EnumNumber))
+)
+
+// typeOf returns a pointer to the Go type information.
+// The pointer is comparable and equal if and only if the types are identical.
+func typeOf(t interface{}) unsafe.Pointer {
+	return (*ifaceHeader)(unsafe.Pointer(&t)).Type
+}
+
+// value is a union where only one type can be represented at a time.
+// The struct is 24B large on 64-bit systems and requires the minimum storage
+// necessary to represent each possible type.
+//
+// The Go GC needs to be able to scan variables containing pointers.
+// As such, pointers and non-pointers cannot be intermixed.
+type value struct {
+	pragma.DoNotCompare // 0B
+
+	// typ stores the type of the value as a pointer to the Go type.
+	typ unsafe.Pointer // 8B
+
+	// ptr stores the data pointer for a String, Bytes, or interface value.
+	ptr unsafe.Pointer // 8B
+
+	// num stores a Bool, Int32, Int64, Uint32, Uint64, Float32, Float64, or
+	// Enum value as a raw uint64.
+	//
+	// It is also used to store the length of a String or Bytes value;
+	// the capacity is ignored.
+	num uint64 // 8B
+}
+
+func valueOfString(v string) Value {
+	return Value{typ: stringType, ptr: unsafe.Pointer(unsafe.StringData(v)), num: uint64(len(v))}
+}
+func valueOfBytes(v []byte) Value {
+	return Value{typ: bytesType, ptr: unsafe.Pointer(unsafe.SliceData(v)), num: uint64(len(v))}
+}
+func valueOfIface(v interface{}) Value {
+	p := (*ifaceHeader)(unsafe.Pointer(&v))
+	return Value{typ: p.Type, ptr: p.Data}
+}
+
+func (v Value) getString() string {
+	return unsafe.String((*byte)(v.ptr), v.num)
+}
+func (v Value) getBytes() []byte {
+	return unsafe.Slice((*byte)(v.ptr), v.num)
+}
+func (v Value) getIface() (x interface{}) {
+	*(*ifaceHeader)(unsafe.Pointer(&x)) = ifaceHeader{Type: v.typ, Data: v.ptr}
+	return x
+}
diff --git a/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go b/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go
index aeb559774..6267dc52a 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go
@@ -5,12 +5,12 @@
 // Package protoregistry provides data structures to register and lookup
 // protobuf descriptor types.
 //
-// The Files registry contains file descriptors and provides the ability
+// The [Files] registry contains file descriptors and provides the ability
 // to iterate over the files or lookup a specific descriptor within the files.
-// Files only contains protobuf descriptors and has no understanding of Go
+// [Files] only contains protobuf descriptors and has no understanding of Go
 // type information that may be associated with each descriptor.
 //
-// The Types registry contains descriptor types for which there is a known
+// The [Types] registry contains descriptor types for which there is a known
 // Go type associated with that descriptor. It provides the ability to iterate
 // over the registered types or lookup a type by name.
 package protoregistry
@@ -218,7 +218,7 @@ func (r *Files) checkGenProtoConflict(path string) {
 
 // FindDescriptorByName looks up a descriptor by the full name.
 //
-// This returns (nil, NotFound) if not found.
+// This returns (nil, [NotFound]) if not found.
 func (r *Files) FindDescriptorByName(name protoreflect.FullName) (protoreflect.Descriptor, error) {
 	if r == nil {
 		return nil, NotFound
@@ -310,7 +310,7 @@ func (s *nameSuffix) Pop() (name protoreflect.Name) {
 
 // FindFileByPath looks up a file by the path.
 //
-// This returns (nil, NotFound) if not found.
+// This returns (nil, [NotFound]) if not found.
 // This returns an error if multiple files have the same path.
 func (r *Files) FindFileByPath(path string) (protoreflect.FileDescriptor, error) {
 	if r == nil {
@@ -431,7 +431,7 @@ func rangeTopLevelDescriptors(fd protoreflect.FileDescriptor, f func(protoreflec
 // A compliant implementation must deterministically return the same type
 // if no error is encountered.
 //
-// The Types type implements this interface.
+// The [Types] type implements this interface.
 type MessageTypeResolver interface {
 	// FindMessageByName looks up a message by its full name.
 	// E.g., "google.protobuf.Any"
@@ -451,7 +451,7 @@ type MessageTypeResolver interface {
 // A compliant implementation must deterministically return the same type
 // if no error is encountered.
 //
-// The Types type implements this interface.
+// The [Types] type implements this interface.
 type ExtensionTypeResolver interface {
 	// FindExtensionByName looks up a extension field by the field's full name.
 	// Note that this is the full name of the field as determined by
@@ -590,7 +590,7 @@ func (r *Types) register(kind string, desc protoreflect.Descriptor, typ interfac
 // FindEnumByName looks up an enum by its full name.
 // E.g., "google.protobuf.Field.Kind".
 //
-// This returns (nil, NotFound) if not found.
+// This returns (nil, [NotFound]) if not found.
 func (r *Types) FindEnumByName(enum protoreflect.FullName) (protoreflect.EnumType, error) {
 	if r == nil {
 		return nil, NotFound
@@ -611,7 +611,7 @@ func (r *Types) FindEnumByName(enum protoreflect.FullName) (protoreflect.EnumTyp
 // FindMessageByName looks up a message by its full name,
 // e.g. "google.protobuf.Any".
 //
-// This returns (nil, NotFound) if not found.
+// This returns (nil, [NotFound]) if not found.
 func (r *Types) FindMessageByName(message protoreflect.FullName) (protoreflect.MessageType, error) {
 	if r == nil {
 		return nil, NotFound
@@ -632,7 +632,7 @@ func (r *Types) FindMessageByName(message protoreflect.FullName) (protoreflect.M
 // FindMessageByURL looks up a message by a URL identifier.
 // See documentation on google.protobuf.Any.type_url for the URL format.
 //
-// This returns (nil, NotFound) if not found.
+// This returns (nil, [NotFound]) if not found.
 func (r *Types) FindMessageByURL(url string) (protoreflect.MessageType, error) {
 	// This function is similar to FindMessageByName but
 	// truncates anything before and including '/' in the URL.
@@ -662,7 +662,7 @@ func (r *Types) FindMessageByURL(url string) (protoreflect.MessageType, error) {
 // where the extension is declared and is unrelated to the full name of the
 // message being extended.
 //
-// This returns (nil, NotFound) if not found.
+// This returns (nil, [NotFound]) if not found.
 func (r *Types) FindExtensionByName(field protoreflect.FullName) (protoreflect.ExtensionType, error) {
 	if r == nil {
 		return nil, NotFound
@@ -703,7 +703,7 @@ func (r *Types) FindExtensionByName(field protoreflect.FullName) (protoreflect.E
 // FindExtensionByNumber looks up a extension field by the field number
 // within some parent message, identified by full name.
 //
-// This returns (nil, NotFound) if not found.
+// This returns (nil, [NotFound]) if not found.
 func (r *Types) FindExtensionByNumber(message protoreflect.FullName, field protoreflect.FieldNumber) (protoreflect.ExtensionType, error) {
 	if r == nil {
 		return nil, NotFound
diff --git a/vendor/modules.txt b/vendor/modules.txt
index bb340d4aa..591a7fabb 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -71,14 +71,11 @@ github.com/lib/pq/scram
 # github.com/mattn/go-sqlite3 v1.14.22
 ## explicit; go 1.19
 github.com/mattn/go-sqlite3
-# github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0
-## explicit; go 1.19
-github.com/matttproud/golang_protobuf_extensions/v2/pbutil
 # github.com/pelletier/go-toml v1.9.3
 ## explicit; go 1.12
 github.com/pelletier/go-toml
-# github.com/prometheus/client_golang v1.18.0
-## explicit; go 1.19
+# github.com/prometheus/client_golang v1.19.0
+## explicit; go 1.20
 github.com/prometheus/client_golang/prometheus
 github.com/prometheus/client_golang/prometheus/internal
 github.com/prometheus/client_golang/prometheus/promauto
@@ -86,7 +83,7 @@ github.com/prometheus/client_golang/prometheus/promhttp
 # github.com/prometheus/client_model v0.5.0
 ## explicit; go 1.19
 github.com/prometheus/client_model/go
-# github.com/prometheus/common v0.45.0
+# github.com/prometheus/common v0.48.0
 ## explicit; go 1.20
 github.com/prometheus/common/expfmt
 github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg
@@ -148,8 +145,8 @@ golang.org/x/crypto/pkcs12/internal/rc2
 golang.org/x/crypto/scrypt
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
-# golang.org/x/net v0.17.0
-## explicit; go 1.17
+# golang.org/x/net v0.20.0
+## explicit; go 1.18
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
 # golang.org/x/sys v0.17.0
@@ -163,8 +160,9 @@ golang.org/x/text/secure/bidirule
 golang.org/x/text/transform
 golang.org/x/text/unicode/bidi
 golang.org/x/text/unicode/norm
-# google.golang.org/protobuf v1.31.0
-## explicit; go 1.11
+# google.golang.org/protobuf v1.32.0
+## explicit; go 1.17
+google.golang.org/protobuf/encoding/protodelim
 google.golang.org/protobuf/encoding/prototext
 google.golang.org/protobuf/encoding/protowire
 google.golang.org/protobuf/internal/descfmt

From d13ac5d73889ff76cc769995bfbbde431c0e1341 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 5 Mar 2024 16:55:36 +0000
Subject: [PATCH 63/73] build(deps): bump golang.org/x/crypto from 0.19.0 to
 0.21.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.19.0 to 0.21.0.
- [Commits](https://github.com/golang/crypto/compare/v0.19.0...v0.21.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |  6 +-
 go.sum                                        | 14 +--
 .../x/crypto/internal/poly1305/sum_ppc64le.s  | 14 ++-
 vendor/golang.org/x/crypto/ocsp/ocsp.go       | 13 +--
 vendor/golang.org/x/sys/unix/aliases.go       |  2 +-
 .../x/sys/unix/syscall_darwin_libSystem.go    |  2 +-
 .../golang.org/x/sys/unix/syscall_freebsd.go  | 12 ++-
 vendor/golang.org/x/sys/unix/syscall_linux.go | 99 +++++++++++++++++++
 .../golang.org/x/sys/unix/zsyscall_linux.go   | 10 ++
 vendor/golang.org/x/sys/unix/ztypes_linux.go  | 60 +++++++++++
 vendor/modules.txt                            |  6 +-
 11 files changed, 204 insertions(+), 34 deletions(-)

diff --git a/go.mod b/go.mod
index 9c63a49af..085cc4f8d 100644
--- a/go.mod
+++ b/go.mod
@@ -16,7 +16,7 @@ require (
 	github.com/prometheus/client_golang v1.19.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.19.0
+	golang.org/x/crypto v0.21.0
 )
 
 require (
@@ -32,8 +32,8 @@ require (
 	github.com/stretchr/testify v1.8.4 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
-	golang.org/x/net v0.20.0 // indirect
-	golang.org/x/sys v0.17.0 // indirect
+	golang.org/x/net v0.21.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/protobuf v1.32.0 // indirect
 	k8s.io/klog/v2 v2.100.1 // indirect
diff --git a/go.sum b/go.sum
index 33529414c..43c45e94f 100644
--- a/go.sum
+++ b/go.sum
@@ -383,8 +383,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.19.0 h1:ENy+Az/9Y1vSrlrvBSyna3PITt4tiZLf7sgCjZBX7Wo=
-golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -457,8 +457,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo=
-golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY=
+golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
+golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -526,14 +526,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
-golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.17.0 h1:mkTF7LCd6WGJNL3K1Ad7kwxNfYAW6a8a8QqtMblp/4U=
+golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
index d2ca5deeb..b3c1699bf 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
@@ -19,15 +19,14 @@
 
 #define POLY1305_MUL(h0, h1, h2, r0, r1, t0, t1, t2, t3, t4, t5) \
 	MULLD  r0, h0, t0;  \
-	MULLD  r0, h1, t4;  \
 	MULHDU r0, h0, t1;  \
+	MULLD  r0, h1, t4;  \
 	MULHDU r0, h1, t5;  \
 	ADDC   t4, t1, t1;  \
 	MULLD  r0, h2, t2;  \
-	ADDZE  t5;          \
 	MULHDU r1, h0, t4;  \
 	MULLD  r1, h0, h0;  \
-	ADD    t5, t2, t2;  \
+	ADDE   t5, t2, t2;  \
 	ADDC   h0, t1, t1;  \
 	MULLD  h2, r1, t3;  \
 	ADDZE  t4, h0;      \
@@ -37,13 +36,11 @@
 	ADDE   t5, t3, t3;  \
 	ADDC   h0, t2, t2;  \
 	MOVD   $-4, t4;     \
-	MOVD   t0, h0;      \
-	MOVD   t1, h1;      \
 	ADDZE  t3;          \
-	ANDCC  $3, t2, h2;  \
-	AND    t2, t4, t0;  \
+	RLDICL $0, t2, $62, h2; \
+	AND    t2, t4, h0;  \
 	ADDC   t0, h0, h0;  \
-	ADDE   t3, h1, h1;  \
+	ADDE   t3, t1, h1;  \
 	SLD    $62, t3, t4; \
 	SRD    $2, t2;      \
 	ADDZE  h2;          \
@@ -75,6 +72,7 @@ TEXT ·update(SB), $0-32
 loop:
 	POLY1305_ADD(R4, R8, R9, R10, R20, R21, R22)
 
+	PCALIGN $16
 multiply:
 	POLY1305_MUL(R8, R9, R10, R11, R12, R16, R17, R18, R14, R20, R21)
 	ADD $-16, R5
diff --git a/vendor/golang.org/x/crypto/ocsp/ocsp.go b/vendor/golang.org/x/crypto/ocsp/ocsp.go
index 4269ed113..bf2259537 100644
--- a/vendor/golang.org/x/crypto/ocsp/ocsp.go
+++ b/vendor/golang.org/x/crypto/ocsp/ocsp.go
@@ -279,21 +279,22 @@ func getOIDFromHashAlgorithm(target crypto.Hash) asn1.ObjectIdentifier {
 
 // This is the exposed reflection of the internal OCSP structures.
 
-// The status values that can be expressed in OCSP.  See RFC 6960.
+// The status values that can be expressed in OCSP. See RFC 6960.
+// These are used for the Response.Status field.
 const (
 	// Good means that the certificate is valid.
-	Good = iota
+	Good = 0
 	// Revoked means that the certificate has been deliberately revoked.
-	Revoked
+	Revoked = 1
 	// Unknown means that the OCSP responder doesn't know about the certificate.
-	Unknown
+	Unknown = 2
 	// ServerFailed is unused and was never used (see
 	// https://go-review.googlesource.com/#/c/18944). ParseResponse will
 	// return a ResponseError when an error response is parsed.
-	ServerFailed
+	ServerFailed = 3
 )
 
-// The enumerated reasons for revoking a certificate.  See RFC 5280.
+// The enumerated reasons for revoking a certificate. See RFC 5280.
 const (
 	Unspecified          = 0
 	KeyCompromise        = 1
diff --git a/vendor/golang.org/x/sys/unix/aliases.go b/vendor/golang.org/x/sys/unix/aliases.go
index e7d3df4bd..b0e419857 100644
--- a/vendor/golang.org/x/sys/unix/aliases.go
+++ b/vendor/golang.org/x/sys/unix/aliases.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build (aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos) && go1.9
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go b/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
index 16dc69937..2f0fa76e4 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin_libSystem.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build darwin && go1.12
+//go:build darwin
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_freebsd.go b/vendor/golang.org/x/sys/unix/syscall_freebsd.go
index 64d1bb4db..2b57e0f73 100644
--- a/vendor/golang.org/x/sys/unix/syscall_freebsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_freebsd.go
@@ -13,6 +13,7 @@
 package unix
 
 import (
+	"errors"
 	"sync"
 	"unsafe"
 )
@@ -169,25 +170,26 @@ func Getfsstat(buf []Statfs_t, flags int) (n int, err error) {
 func Uname(uname *Utsname) error {
 	mib := []_C_int{CTL_KERN, KERN_OSTYPE}
 	n := unsafe.Sizeof(uname.Sysname)
-	if err := sysctl(mib, &uname.Sysname[0], &n, nil, 0); err != nil {
+	// Suppress ENOMEM errors to be compatible with the C library __xuname() implementation.
+	if err := sysctl(mib, &uname.Sysname[0], &n, nil, 0); err != nil && !errors.Is(err, ENOMEM) {
 		return err
 	}
 
 	mib = []_C_int{CTL_KERN, KERN_HOSTNAME}
 	n = unsafe.Sizeof(uname.Nodename)
-	if err := sysctl(mib, &uname.Nodename[0], &n, nil, 0); err != nil {
+	if err := sysctl(mib, &uname.Nodename[0], &n, nil, 0); err != nil && !errors.Is(err, ENOMEM) {
 		return err
 	}
 
 	mib = []_C_int{CTL_KERN, KERN_OSRELEASE}
 	n = unsafe.Sizeof(uname.Release)
-	if err := sysctl(mib, &uname.Release[0], &n, nil, 0); err != nil {
+	if err := sysctl(mib, &uname.Release[0], &n, nil, 0); err != nil && !errors.Is(err, ENOMEM) {
 		return err
 	}
 
 	mib = []_C_int{CTL_KERN, KERN_VERSION}
 	n = unsafe.Sizeof(uname.Version)
-	if err := sysctl(mib, &uname.Version[0], &n, nil, 0); err != nil {
+	if err := sysctl(mib, &uname.Version[0], &n, nil, 0); err != nil && !errors.Is(err, ENOMEM) {
 		return err
 	}
 
@@ -205,7 +207,7 @@ func Uname(uname *Utsname) error {
 
 	mib = []_C_int{CTL_HW, HW_MACHINE}
 	n = unsafe.Sizeof(uname.Machine)
-	if err := sysctl(mib, &uname.Machine[0], &n, nil, 0); err != nil {
+	if err := sysctl(mib, &uname.Machine[0], &n, nil, 0); err != nil && !errors.Is(err, ENOMEM) {
 		return err
 	}
 
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index 0f85e29e6..5682e2628 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -1849,6 +1849,105 @@ func Dup2(oldfd, newfd int) error {
 //sys	Fsmount(fd int, flags int, mountAttrs int) (fsfd int, err error)
 //sys	Fsopen(fsName string, flags int) (fd int, err error)
 //sys	Fspick(dirfd int, pathName string, flags int) (fd int, err error)
+
+//sys	fsconfig(fd int, cmd uint, key *byte, value *byte, aux int) (err error)
+
+func fsconfigCommon(fd int, cmd uint, key string, value *byte, aux int) (err error) {
+	var keyp *byte
+	if keyp, err = BytePtrFromString(key); err != nil {
+		return
+	}
+	return fsconfig(fd, cmd, keyp, value, aux)
+}
+
+// FsconfigSetFlag is equivalent to fsconfig(2) called
+// with cmd == FSCONFIG_SET_FLAG.
+//
+// fd is the filesystem context to act upon.
+// key the parameter key to set.
+func FsconfigSetFlag(fd int, key string) (err error) {
+	return fsconfigCommon(fd, FSCONFIG_SET_FLAG, key, nil, 0)
+}
+
+// FsconfigSetString is equivalent to fsconfig(2) called
+// with cmd == FSCONFIG_SET_STRING.
+//
+// fd is the filesystem context to act upon.
+// key the parameter key to set.
+// value is the parameter value to set.
+func FsconfigSetString(fd int, key string, value string) (err error) {
+	var valuep *byte
+	if valuep, err = BytePtrFromString(value); err != nil {
+		return
+	}
+	return fsconfigCommon(fd, FSCONFIG_SET_STRING, key, valuep, 0)
+}
+
+// FsconfigSetBinary is equivalent to fsconfig(2) called
+// with cmd == FSCONFIG_SET_BINARY.
+//
+// fd is the filesystem context to act upon.
+// key the parameter key to set.
+// value is the parameter value to set.
+func FsconfigSetBinary(fd int, key string, value []byte) (err error) {
+	if len(value) == 0 {
+		return EINVAL
+	}
+	return fsconfigCommon(fd, FSCONFIG_SET_BINARY, key, &value[0], len(value))
+}
+
+// FsconfigSetPath is equivalent to fsconfig(2) called
+// with cmd == FSCONFIG_SET_PATH.
+//
+// fd is the filesystem context to act upon.
+// key the parameter key to set.
+// path is a non-empty path for specified key.
+// atfd is a file descriptor at which to start lookup from or AT_FDCWD.
+func FsconfigSetPath(fd int, key string, path string, atfd int) (err error) {
+	var valuep *byte
+	if valuep, err = BytePtrFromString(path); err != nil {
+		return
+	}
+	return fsconfigCommon(fd, FSCONFIG_SET_PATH, key, valuep, atfd)
+}
+
+// FsconfigSetPathEmpty is equivalent to fsconfig(2) called
+// with cmd == FSCONFIG_SET_PATH_EMPTY. The same as
+// FconfigSetPath but with AT_PATH_EMPTY implied.
+func FsconfigSetPathEmpty(fd int, key string, path string, atfd int) (err error) {
+	var valuep *byte
+	if valuep, err = BytePtrFromString(path); err != nil {
+		return
+	}
+	return fsconfigCommon(fd, FSCONFIG_SET_PATH_EMPTY, key, valuep, atfd)
+}
+
+// FsconfigSetFd is equivalent to fsconfig(2) called
+// with cmd == FSCONFIG_SET_FD.
+//
+// fd is the filesystem context to act upon.
+// key the parameter key to set.
+// value is a file descriptor to be assigned to specified key.
+func FsconfigSetFd(fd int, key string, value int) (err error) {
+	return fsconfigCommon(fd, FSCONFIG_SET_FD, key, nil, value)
+}
+
+// FsconfigCreate is equivalent to fsconfig(2) called
+// with cmd == FSCONFIG_CMD_CREATE.
+//
+// fd is the filesystem context to act upon.
+func FsconfigCreate(fd int) (err error) {
+	return fsconfig(fd, FSCONFIG_CMD_CREATE, nil, nil, 0)
+}
+
+// FsconfigReconfigure is equivalent to fsconfig(2) called
+// with cmd == FSCONFIG_CMD_RECONFIGURE.
+//
+// fd is the filesystem context to act upon.
+func FsconfigReconfigure(fd int) (err error) {
+	return fsconfig(fd, FSCONFIG_CMD_RECONFIGURE, nil, nil, 0)
+}
+
 //sys	Getdents(fd int, buf []byte) (n int, err error) = SYS_GETDENTS64
 //sysnb	Getpgid(pid int) (pgid int, err error)
 
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 1488d2712..87d8612a1 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -906,6 +906,16 @@ func Fspick(dirfd int, pathName string, flags int) (fd int, err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func fsconfig(fd int, cmd uint, key *byte, value *byte, aux int) (err error) {
+	_, _, e1 := Syscall6(SYS_FSCONFIG, uintptr(fd), uintptr(cmd), uintptr(unsafe.Pointer(key)), uintptr(unsafe.Pointer(value)), uintptr(aux), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Getdents(fd int, buf []byte) (n int, err error) {
 	var _p0 unsafe.Pointer
 	if len(buf) > 0 {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index dc0c955ee..eff6bcdef 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -836,6 +836,15 @@ const (
 	FSPICK_EMPTY_PATH       = 0x8
 
 	FSMOUNT_CLOEXEC = 0x1
+
+	FSCONFIG_SET_FLAG        = 0x0
+	FSCONFIG_SET_STRING      = 0x1
+	FSCONFIG_SET_BINARY      = 0x2
+	FSCONFIG_SET_PATH        = 0x3
+	FSCONFIG_SET_PATH_EMPTY  = 0x4
+	FSCONFIG_SET_FD          = 0x5
+	FSCONFIG_CMD_CREATE      = 0x6
+	FSCONFIG_CMD_RECONFIGURE = 0x7
 )
 
 type OpenHow struct {
@@ -1550,6 +1559,7 @@ const (
 	IFLA_DEVLINK_PORT                          = 0x3e
 	IFLA_GSO_IPV4_MAX_SIZE                     = 0x3f
 	IFLA_GRO_IPV4_MAX_SIZE                     = 0x40
+	IFLA_DPLL_PIN                              = 0x41
 	IFLA_PROTO_DOWN_REASON_UNSPEC              = 0x0
 	IFLA_PROTO_DOWN_REASON_MASK                = 0x1
 	IFLA_PROTO_DOWN_REASON_VALUE               = 0x2
@@ -1565,6 +1575,7 @@ const (
 	IFLA_INET6_ICMP6STATS                      = 0x6
 	IFLA_INET6_TOKEN                           = 0x7
 	IFLA_INET6_ADDR_GEN_MODE                   = 0x8
+	IFLA_INET6_RA_MTU                          = 0x9
 	IFLA_BR_UNSPEC                             = 0x0
 	IFLA_BR_FORWARD_DELAY                      = 0x1
 	IFLA_BR_HELLO_TIME                         = 0x2
@@ -1612,6 +1623,9 @@ const (
 	IFLA_BR_MCAST_MLD_VERSION                  = 0x2c
 	IFLA_BR_VLAN_STATS_PER_PORT                = 0x2d
 	IFLA_BR_MULTI_BOOLOPT                      = 0x2e
+	IFLA_BR_MCAST_QUERIER_STATE                = 0x2f
+	IFLA_BR_FDB_N_LEARNED                      = 0x30
+	IFLA_BR_FDB_MAX_LEARNED                    = 0x31
 	IFLA_BRPORT_UNSPEC                         = 0x0
 	IFLA_BRPORT_STATE                          = 0x1
 	IFLA_BRPORT_PRIORITY                       = 0x2
@@ -1649,6 +1663,14 @@ const (
 	IFLA_BRPORT_BACKUP_PORT                    = 0x22
 	IFLA_BRPORT_MRP_RING_OPEN                  = 0x23
 	IFLA_BRPORT_MRP_IN_OPEN                    = 0x24
+	IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT          = 0x25
+	IFLA_BRPORT_MCAST_EHT_HOSTS_CNT            = 0x26
+	IFLA_BRPORT_LOCKED                         = 0x27
+	IFLA_BRPORT_MAB                            = 0x28
+	IFLA_BRPORT_MCAST_N_GROUPS                 = 0x29
+	IFLA_BRPORT_MCAST_MAX_GROUPS               = 0x2a
+	IFLA_BRPORT_NEIGH_VLAN_SUPPRESS            = 0x2b
+	IFLA_BRPORT_BACKUP_NHID                    = 0x2c
 	IFLA_INFO_UNSPEC                           = 0x0
 	IFLA_INFO_KIND                             = 0x1
 	IFLA_INFO_DATA                             = 0x2
@@ -1670,6 +1692,9 @@ const (
 	IFLA_MACVLAN_MACADDR                       = 0x4
 	IFLA_MACVLAN_MACADDR_DATA                  = 0x5
 	IFLA_MACVLAN_MACADDR_COUNT                 = 0x6
+	IFLA_MACVLAN_BC_QUEUE_LEN                  = 0x7
+	IFLA_MACVLAN_BC_QUEUE_LEN_USED             = 0x8
+	IFLA_MACVLAN_BC_CUTOFF                     = 0x9
 	IFLA_VRF_UNSPEC                            = 0x0
 	IFLA_VRF_TABLE                             = 0x1
 	IFLA_VRF_PORT_UNSPEC                       = 0x0
@@ -1693,9 +1718,22 @@ const (
 	IFLA_XFRM_UNSPEC                           = 0x0
 	IFLA_XFRM_LINK                             = 0x1
 	IFLA_XFRM_IF_ID                            = 0x2
+	IFLA_XFRM_COLLECT_METADATA                 = 0x3
 	IFLA_IPVLAN_UNSPEC                         = 0x0
 	IFLA_IPVLAN_MODE                           = 0x1
 	IFLA_IPVLAN_FLAGS                          = 0x2
+	NETKIT_NEXT                                = -0x1
+	NETKIT_PASS                                = 0x0
+	NETKIT_DROP                                = 0x2
+	NETKIT_REDIRECT                            = 0x7
+	NETKIT_L2                                  = 0x0
+	NETKIT_L3                                  = 0x1
+	IFLA_NETKIT_UNSPEC                         = 0x0
+	IFLA_NETKIT_PEER_INFO                      = 0x1
+	IFLA_NETKIT_PRIMARY                        = 0x2
+	IFLA_NETKIT_POLICY                         = 0x3
+	IFLA_NETKIT_PEER_POLICY                    = 0x4
+	IFLA_NETKIT_MODE                           = 0x5
 	IFLA_VXLAN_UNSPEC                          = 0x0
 	IFLA_VXLAN_ID                              = 0x1
 	IFLA_VXLAN_GROUP                           = 0x2
@@ -1726,6 +1764,8 @@ const (
 	IFLA_VXLAN_GPE                             = 0x1b
 	IFLA_VXLAN_TTL_INHERIT                     = 0x1c
 	IFLA_VXLAN_DF                              = 0x1d
+	IFLA_VXLAN_VNIFILTER                       = 0x1e
+	IFLA_VXLAN_LOCALBYPASS                     = 0x1f
 	IFLA_GENEVE_UNSPEC                         = 0x0
 	IFLA_GENEVE_ID                             = 0x1
 	IFLA_GENEVE_REMOTE                         = 0x2
@@ -1740,6 +1780,7 @@ const (
 	IFLA_GENEVE_LABEL                          = 0xb
 	IFLA_GENEVE_TTL_INHERIT                    = 0xc
 	IFLA_GENEVE_DF                             = 0xd
+	IFLA_GENEVE_INNER_PROTO_INHERIT            = 0xe
 	IFLA_BAREUDP_UNSPEC                        = 0x0
 	IFLA_BAREUDP_PORT                          = 0x1
 	IFLA_BAREUDP_ETHERTYPE                     = 0x2
@@ -1752,6 +1793,8 @@ const (
 	IFLA_GTP_FD1                               = 0x2
 	IFLA_GTP_PDP_HASHSIZE                      = 0x3
 	IFLA_GTP_ROLE                              = 0x4
+	IFLA_GTP_CREATE_SOCKETS                    = 0x5
+	IFLA_GTP_RESTART_COUNT                     = 0x6
 	IFLA_BOND_UNSPEC                           = 0x0
 	IFLA_BOND_MODE                             = 0x1
 	IFLA_BOND_ACTIVE_SLAVE                     = 0x2
@@ -1781,6 +1824,9 @@ const (
 	IFLA_BOND_AD_ACTOR_SYSTEM                  = 0x1a
 	IFLA_BOND_TLB_DYNAMIC_LB                   = 0x1b
 	IFLA_BOND_PEER_NOTIF_DELAY                 = 0x1c
+	IFLA_BOND_AD_LACP_ACTIVE                   = 0x1d
+	IFLA_BOND_MISSED_MAX                       = 0x1e
+	IFLA_BOND_NS_IP6_TARGET                    = 0x1f
 	IFLA_BOND_AD_INFO_UNSPEC                   = 0x0
 	IFLA_BOND_AD_INFO_AGGREGATOR               = 0x1
 	IFLA_BOND_AD_INFO_NUM_PORTS                = 0x2
@@ -1796,6 +1842,7 @@ const (
 	IFLA_BOND_SLAVE_AD_AGGREGATOR_ID           = 0x6
 	IFLA_BOND_SLAVE_AD_ACTOR_OPER_PORT_STATE   = 0x7
 	IFLA_BOND_SLAVE_AD_PARTNER_OPER_PORT_STATE = 0x8
+	IFLA_BOND_SLAVE_PRIO                       = 0x9
 	IFLA_VF_INFO_UNSPEC                        = 0x0
 	IFLA_VF_INFO                               = 0x1
 	IFLA_VF_UNSPEC                             = 0x0
@@ -1854,8 +1901,16 @@ const (
 	IFLA_STATS_LINK_XSTATS_SLAVE               = 0x3
 	IFLA_STATS_LINK_OFFLOAD_XSTATS             = 0x4
 	IFLA_STATS_AF_SPEC                         = 0x5
+	IFLA_STATS_GETSET_UNSPEC                   = 0x0
+	IFLA_STATS_GET_FILTERS                     = 0x1
+	IFLA_STATS_SET_OFFLOAD_XSTATS_L3_STATS     = 0x2
 	IFLA_OFFLOAD_XSTATS_UNSPEC                 = 0x0
 	IFLA_OFFLOAD_XSTATS_CPU_HIT                = 0x1
+	IFLA_OFFLOAD_XSTATS_HW_S_INFO              = 0x2
+	IFLA_OFFLOAD_XSTATS_L3_STATS               = 0x3
+	IFLA_OFFLOAD_XSTATS_HW_S_INFO_UNSPEC       = 0x0
+	IFLA_OFFLOAD_XSTATS_HW_S_INFO_REQUEST      = 0x1
+	IFLA_OFFLOAD_XSTATS_HW_S_INFO_USED         = 0x2
 	IFLA_XDP_UNSPEC                            = 0x0
 	IFLA_XDP_FD                                = 0x1
 	IFLA_XDP_ATTACHED                          = 0x2
@@ -1885,6 +1940,11 @@ const (
 	IFLA_RMNET_UNSPEC                          = 0x0
 	IFLA_RMNET_MUX_ID                          = 0x1
 	IFLA_RMNET_FLAGS                           = 0x2
+	IFLA_MCTP_UNSPEC                           = 0x0
+	IFLA_MCTP_NET                              = 0x1
+	IFLA_DSA_UNSPEC                            = 0x0
+	IFLA_DSA_CONDUIT                           = 0x1
+	IFLA_DSA_MASTER                            = 0x1
 )
 
 const (
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 591a7fabb..08b8995b6 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -127,7 +127,7 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.19.0
+# golang.org/x/crypto v0.21.0
 ## explicit; go 1.18
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
@@ -145,11 +145,11 @@ golang.org/x/crypto/pkcs12/internal/rc2
 golang.org/x/crypto/scrypt
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
-# golang.org/x/net v0.20.0
+# golang.org/x/net v0.21.0
 ## explicit; go 1.18
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.17.0
+# golang.org/x/sys v0.18.0
 ## explicit; go 1.18
 golang.org/x/sys/cpu
 golang.org/x/sys/unix

From b4650b5dac4b567206399a44ac3edb4d1f86a7a2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 Mar 2024 03:46:25 +0000
Subject: [PATCH 64/73] build(deps): bump github.com/go-sql-driver/mysql from
 1.7.1 to 1.8.0

Bumps [github.com/go-sql-driver/mysql](https://github.com/go-sql-driver/mysql) from 1.7.1 to 1.8.0.
- [Release notes](https://github.com/go-sql-driver/mysql/releases)
- [Changelog](https://github.com/go-sql-driver/mysql/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-sql-driver/mysql/compare/v1.7.1...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/go-sql-driver/mysql
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |    3 +-
 go.sum                                        |    6 +-
 vendor/filippo.io/edwards25519/LICENSE        |   27 +
 vendor/filippo.io/edwards25519/README.md      |   14 +
 vendor/filippo.io/edwards25519/doc.go         |   20 +
 .../filippo.io/edwards25519/edwards25519.go   |  427 ++++++
 vendor/filippo.io/edwards25519/extra.go       |  349 +++++
 vendor/filippo.io/edwards25519/field/fe.go    |  420 ++++++
 .../filippo.io/edwards25519/field/fe_amd64.go |   16 +
 .../filippo.io/edwards25519/field/fe_amd64.s  |  379 ++++++
 .../edwards25519/field/fe_amd64_noasm.go      |   12 +
 .../filippo.io/edwards25519/field/fe_arm64.go |   16 +
 .../filippo.io/edwards25519/field/fe_arm64.s  |   42 +
 .../edwards25519/field/fe_arm64_noasm.go      |   12 +
 .../filippo.io/edwards25519/field/fe_extra.go |   50 +
 .../edwards25519/field/fe_generic.go          |  266 ++++
 vendor/filippo.io/edwards25519/scalar.go      |  343 +++++
 vendor/filippo.io/edwards25519/scalar_fiat.go | 1147 +++++++++++++++++
 vendor/filippo.io/edwards25519/scalarmult.go  |  214 +++
 vendor/filippo.io/edwards25519/tables.go      |  129 ++
 vendor/github.com/go-sql-driver/mysql/AUTHORS |   16 +
 .../go-sql-driver/mysql/CHANGELOG.md          |    6 +-
 .../github.com/go-sql-driver/mysql/README.md  |   78 +-
 vendor/github.com/go-sql-driver/mysql/auth.go |   63 +-
 .../go-sql-driver/mysql/collations.go         |    2 +-
 .../go-sql-driver/mysql/connection.go         |   86 +-
 .../go-sql-driver/mysql/connector.go          |   65 +-
 .../github.com/go-sql-driver/mysql/const.go   |   13 +
 .../github.com/go-sql-driver/mysql/driver.go  |   27 +-
 vendor/github.com/go-sql-driver/mysql/dsn.go  |  128 +-
 .../github.com/go-sql-driver/mysql/errors.go  |   14 +-
 .../github.com/go-sql-driver/mysql/fields.go  |   70 +-
 vendor/github.com/go-sql-driver/mysql/fuzz.go |   25 -
 .../github.com/go-sql-driver/mysql/infile.go  |   12 +-
 .../go-sql-driver/mysql/nulltime.go           |    2 +-
 .../github.com/go-sql-driver/mysql/packets.go |  208 +--
 .../github.com/go-sql-driver/mysql/result.go  |   36 +-
 vendor/github.com/go-sql-driver/mysql/rows.go |   13 +-
 .../go-sql-driver/mysql/statement.go          |   21 +-
 .../github.com/go-sql-driver/mysql/utils.go   |   13 +-
 vendor/modules.txt                            |    8 +-
 41 files changed, 4540 insertions(+), 258 deletions(-)
 create mode 100644 vendor/filippo.io/edwards25519/LICENSE
 create mode 100644 vendor/filippo.io/edwards25519/README.md
 create mode 100644 vendor/filippo.io/edwards25519/doc.go
 create mode 100644 vendor/filippo.io/edwards25519/edwards25519.go
 create mode 100644 vendor/filippo.io/edwards25519/extra.go
 create mode 100644 vendor/filippo.io/edwards25519/field/fe.go
 create mode 100644 vendor/filippo.io/edwards25519/field/fe_amd64.go
 create mode 100644 vendor/filippo.io/edwards25519/field/fe_amd64.s
 create mode 100644 vendor/filippo.io/edwards25519/field/fe_amd64_noasm.go
 create mode 100644 vendor/filippo.io/edwards25519/field/fe_arm64.go
 create mode 100644 vendor/filippo.io/edwards25519/field/fe_arm64.s
 create mode 100644 vendor/filippo.io/edwards25519/field/fe_arm64_noasm.go
 create mode 100644 vendor/filippo.io/edwards25519/field/fe_extra.go
 create mode 100644 vendor/filippo.io/edwards25519/field/fe_generic.go
 create mode 100644 vendor/filippo.io/edwards25519/scalar.go
 create mode 100644 vendor/filippo.io/edwards25519/scalar_fiat.go
 create mode 100644 vendor/filippo.io/edwards25519/scalarmult.go
 create mode 100644 vendor/filippo.io/edwards25519/tables.go
 delete mode 100644 vendor/github.com/go-sql-driver/mysql/fuzz.go

diff --git a/go.mod b/go.mod
index 9c63a49af..8a97a067a 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ require (
 	bitbucket.org/liamstask/goose v0.0.0-20150115234039-8488cc47d90c
 	github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a
 	github.com/cloudflare/redoctober v0.0.0-20211013234631-6a74ccc611f6
-	github.com/go-sql-driver/mysql v1.7.1
+	github.com/go-sql-driver/mysql v1.8.0
 	github.com/google/certificate-transparency-go v1.1.7
 	github.com/jmhodges/clock v1.2.0
 	github.com/jmoiron/sqlx v1.3.5
@@ -20,6 +20,7 @@ require (
 )
 
 require (
+	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/getsentry/sentry-go v0.11.0 // indirect
diff --git a/go.sum b/go.sum
index 33529414c..6c2f03125 100644
--- a/go.sum
+++ b/go.sum
@@ -33,6 +33,8 @@ cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohl
 cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
 cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
 dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
+filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
+filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
 github.com/AndreasBriese/bbloom v0.0.0-20190306092124-e2d15f34fcf9/go.mod h1:bOvUY6CB00SOBii9/FifXqc0awNKxLFCL/+pkDPuyl8=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
@@ -110,8 +112,8 @@ github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
 github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
-github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
-github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
+github.com/go-sql-driver/mysql v1.8.0 h1:UtktXaU2Nb64z/pLiGIxY4431SJ4/dR5cjMmlVHgnT4=
+github.com/go-sql-driver/mysql v1.8.0/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo=
 github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw=
diff --git a/vendor/filippo.io/edwards25519/LICENSE b/vendor/filippo.io/edwards25519/LICENSE
new file mode 100644
index 000000000..6a66aea5e
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2009 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/filippo.io/edwards25519/README.md b/vendor/filippo.io/edwards25519/README.md
new file mode 100644
index 000000000..24e2457d8
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/README.md
@@ -0,0 +1,14 @@
+# filippo.io/edwards25519
+
+```
+import "filippo.io/edwards25519"
+```
+
+This library implements the edwards25519 elliptic curve, exposing the necessary APIs to build a wide array of higher-level primitives.
+Read the docs at [pkg.go.dev/filippo.io/edwards25519](https://pkg.go.dev/filippo.io/edwards25519).
+
+The code is originally derived from Adam Langley's internal implementation in the Go standard library, and includes George Tankersley's [performance improvements](https://golang.org/cl/71950). It was then further developed by Henry de Valence for use in ristretto255, and was finally [merged back into the Go standard library](https://golang.org/cl/276272) as of Go 1.17. It now tracks the upstream codebase and extends it with additional functionality.
+
+Most users don't need this package, and should instead use `crypto/ed25519` for signatures, `golang.org/x/crypto/curve25519` for Diffie-Hellman, or `github.com/gtank/ristretto255` for prime order group logic. However, for anyone currently using a fork of `crypto/internal/edwards25519`/`crypto/ed25519/internal/edwards25519` or `github.com/agl/edwards25519`, this package should be a safer, faster, and more powerful alternative.
+
+Since this package is meant to curb proliferation of edwards25519 implementations in the Go ecosystem, it welcomes requests for new APIs or reviewable performance improvements.
diff --git a/vendor/filippo.io/edwards25519/doc.go b/vendor/filippo.io/edwards25519/doc.go
new file mode 100644
index 000000000..ab6aaebc0
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/doc.go
@@ -0,0 +1,20 @@
+// Copyright (c) 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package edwards25519 implements group logic for the twisted Edwards curve
+//
+//	-x^2 + y^2 = 1 + -(121665/121666)*x^2*y^2
+//
+// This is better known as the Edwards curve equivalent to Curve25519, and is
+// the curve used by the Ed25519 signature scheme.
+//
+// Most users don't need this package, and should instead use crypto/ed25519 for
+// signatures, golang.org/x/crypto/curve25519 for Diffie-Hellman, or
+// github.com/gtank/ristretto255 for prime order group logic.
+//
+// However, developers who do need to interact with low-level edwards25519
+// operations can use this package, which is an extended version of
+// crypto/internal/edwards25519 from the standard library repackaged as
+// an importable module.
+package edwards25519
diff --git a/vendor/filippo.io/edwards25519/edwards25519.go b/vendor/filippo.io/edwards25519/edwards25519.go
new file mode 100644
index 000000000..a744da2c6
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/edwards25519.go
@@ -0,0 +1,427 @@
+// Copyright (c) 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package edwards25519
+
+import (
+	"errors"
+
+	"filippo.io/edwards25519/field"
+)
+
+// Point types.
+
+type projP1xP1 struct {
+	X, Y, Z, T field.Element
+}
+
+type projP2 struct {
+	X, Y, Z field.Element
+}
+
+// Point represents a point on the edwards25519 curve.
+//
+// This type works similarly to math/big.Int, and all arguments and receivers
+// are allowed to alias.
+//
+// The zero value is NOT valid, and it may be used only as a receiver.
+type Point struct {
+	// Make the type not comparable (i.e. used with == or as a map key), as
+	// equivalent points can be represented by different Go values.
+	_ incomparable
+
+	// The point is internally represented in extended coordinates (X, Y, Z, T)
+	// where x = X/Z, y = Y/Z, and xy = T/Z per https://eprint.iacr.org/2008/522.
+	x, y, z, t field.Element
+}
+
+type incomparable [0]func()
+
+func checkInitialized(points ...*Point) {
+	for _, p := range points {
+		if p.x == (field.Element{}) && p.y == (field.Element{}) {
+			panic("edwards25519: use of uninitialized Point")
+		}
+	}
+}
+
+type projCached struct {
+	YplusX, YminusX, Z, T2d field.Element
+}
+
+type affineCached struct {
+	YplusX, YminusX, T2d field.Element
+}
+
+// Constructors.
+
+func (v *projP2) Zero() *projP2 {
+	v.X.Zero()
+	v.Y.One()
+	v.Z.One()
+	return v
+}
+
+// identity is the point at infinity.
+var identity, _ = new(Point).SetBytes([]byte{
+	1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0})
+
+// NewIdentityPoint returns a new Point set to the identity.
+func NewIdentityPoint() *Point {
+	return new(Point).Set(identity)
+}
+
+// generator is the canonical curve basepoint. See TestGenerator for the
+// correspondence of this encoding with the values in RFC 8032.
+var generator, _ = new(Point).SetBytes([]byte{
+	0x58, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+	0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+	0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66,
+	0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66})
+
+// NewGeneratorPoint returns a new Point set to the canonical generator.
+func NewGeneratorPoint() *Point {
+	return new(Point).Set(generator)
+}
+
+func (v *projCached) Zero() *projCached {
+	v.YplusX.One()
+	v.YminusX.One()
+	v.Z.One()
+	v.T2d.Zero()
+	return v
+}
+
+func (v *affineCached) Zero() *affineCached {
+	v.YplusX.One()
+	v.YminusX.One()
+	v.T2d.Zero()
+	return v
+}
+
+// Assignments.
+
+// Set sets v = u, and returns v.
+func (v *Point) Set(u *Point) *Point {
+	*v = *u
+	return v
+}
+
+// Encoding.
+
+// Bytes returns the canonical 32-byte encoding of v, according to RFC 8032,
+// Section 5.1.2.
+func (v *Point) Bytes() []byte {
+	// This function is outlined to make the allocations inline in the caller
+	// rather than happen on the heap.
+	var buf [32]byte
+	return v.bytes(&buf)
+}
+
+func (v *Point) bytes(buf *[32]byte) []byte {
+	checkInitialized(v)
+
+	var zInv, x, y field.Element
+	zInv.Invert(&v.z)       // zInv = 1 / Z
+	x.Multiply(&v.x, &zInv) // x = X / Z
+	y.Multiply(&v.y, &zInv) // y = Y / Z
+
+	out := copyFieldElement(buf, &y)
+	out[31] |= byte(x.IsNegative() << 7)
+	return out
+}
+
+var feOne = new(field.Element).One()
+
+// SetBytes sets v = x, where x is a 32-byte encoding of v. If x does not
+// represent a valid point on the curve, SetBytes returns nil and an error and
+// the receiver is unchanged. Otherwise, SetBytes returns v.
+//
+// Note that SetBytes accepts all non-canonical encodings of valid points.
+// That is, it follows decoding rules that match most implementations in
+// the ecosystem rather than RFC 8032.
+func (v *Point) SetBytes(x []byte) (*Point, error) {
+	// Specifically, the non-canonical encodings that are accepted are
+	//   1) the ones where the field element is not reduced (see the
+	//      (*field.Element).SetBytes docs) and
+	//   2) the ones where the x-coordinate is zero and the sign bit is set.
+	//
+	// Read more at https://hdevalence.ca/blog/2020-10-04-its-25519am,
+	// specifically the "Canonical A, R" section.
+
+	y, err := new(field.Element).SetBytes(x)
+	if err != nil {
+		return nil, errors.New("edwards25519: invalid point encoding length")
+	}
+
+	// -x² + y² = 1 + dx²y²
+	// x² + dx²y² = x²(dy² + 1) = y² - 1
+	// x² = (y² - 1) / (dy² + 1)
+
+	// u = y² - 1
+	y2 := new(field.Element).Square(y)
+	u := new(field.Element).Subtract(y2, feOne)
+
+	// v = dy² + 1
+	vv := new(field.Element).Multiply(y2, d)
+	vv = vv.Add(vv, feOne)
+
+	// x = +√(u/v)
+	xx, wasSquare := new(field.Element).SqrtRatio(u, vv)
+	if wasSquare == 0 {
+		return nil, errors.New("edwards25519: invalid point encoding")
+	}
+
+	// Select the negative square root if the sign bit is set.
+	xxNeg := new(field.Element).Negate(xx)
+	xx = xx.Select(xxNeg, xx, int(x[31]>>7))
+
+	v.x.Set(xx)
+	v.y.Set(y)
+	v.z.One()
+	v.t.Multiply(xx, y) // xy = T / Z
+
+	return v, nil
+}
+
+func copyFieldElement(buf *[32]byte, v *field.Element) []byte {
+	copy(buf[:], v.Bytes())
+	return buf[:]
+}
+
+// Conversions.
+
+func (v *projP2) FromP1xP1(p *projP1xP1) *projP2 {
+	v.X.Multiply(&p.X, &p.T)
+	v.Y.Multiply(&p.Y, &p.Z)
+	v.Z.Multiply(&p.Z, &p.T)
+	return v
+}
+
+func (v *projP2) FromP3(p *Point) *projP2 {
+	v.X.Set(&p.x)
+	v.Y.Set(&p.y)
+	v.Z.Set(&p.z)
+	return v
+}
+
+func (v *Point) fromP1xP1(p *projP1xP1) *Point {
+	v.x.Multiply(&p.X, &p.T)
+	v.y.Multiply(&p.Y, &p.Z)
+	v.z.Multiply(&p.Z, &p.T)
+	v.t.Multiply(&p.X, &p.Y)
+	return v
+}
+
+func (v *Point) fromP2(p *projP2) *Point {
+	v.x.Multiply(&p.X, &p.Z)
+	v.y.Multiply(&p.Y, &p.Z)
+	v.z.Square(&p.Z)
+	v.t.Multiply(&p.X, &p.Y)
+	return v
+}
+
+// d is a constant in the curve equation.
+var d, _ = new(field.Element).SetBytes([]byte{
+	0xa3, 0x78, 0x59, 0x13, 0xca, 0x4d, 0xeb, 0x75,
+	0xab, 0xd8, 0x41, 0x41, 0x4d, 0x0a, 0x70, 0x00,
+	0x98, 0xe8, 0x79, 0x77, 0x79, 0x40, 0xc7, 0x8c,
+	0x73, 0xfe, 0x6f, 0x2b, 0xee, 0x6c, 0x03, 0x52})
+var d2 = new(field.Element).Add(d, d)
+
+func (v *projCached) FromP3(p *Point) *projCached {
+	v.YplusX.Add(&p.y, &p.x)
+	v.YminusX.Subtract(&p.y, &p.x)
+	v.Z.Set(&p.z)
+	v.T2d.Multiply(&p.t, d2)
+	return v
+}
+
+func (v *affineCached) FromP3(p *Point) *affineCached {
+	v.YplusX.Add(&p.y, &p.x)
+	v.YminusX.Subtract(&p.y, &p.x)
+	v.T2d.Multiply(&p.t, d2)
+
+	var invZ field.Element
+	invZ.Invert(&p.z)
+	v.YplusX.Multiply(&v.YplusX, &invZ)
+	v.YminusX.Multiply(&v.YminusX, &invZ)
+	v.T2d.Multiply(&v.T2d, &invZ)
+	return v
+}
+
+// (Re)addition and subtraction.
+
+// Add sets v = p + q, and returns v.
+func (v *Point) Add(p, q *Point) *Point {
+	checkInitialized(p, q)
+	qCached := new(projCached).FromP3(q)
+	result := new(projP1xP1).Add(p, qCached)
+	return v.fromP1xP1(result)
+}
+
+// Subtract sets v = p - q, and returns v.
+func (v *Point) Subtract(p, q *Point) *Point {
+	checkInitialized(p, q)
+	qCached := new(projCached).FromP3(q)
+	result := new(projP1xP1).Sub(p, qCached)
+	return v.fromP1xP1(result)
+}
+
+func (v *projP1xP1) Add(p *Point, q *projCached) *projP1xP1 {
+	var YplusX, YminusX, PP, MM, TT2d, ZZ2 field.Element
+
+	YplusX.Add(&p.y, &p.x)
+	YminusX.Subtract(&p.y, &p.x)
+
+	PP.Multiply(&YplusX, &q.YplusX)
+	MM.Multiply(&YminusX, &q.YminusX)
+	TT2d.Multiply(&p.t, &q.T2d)
+	ZZ2.Multiply(&p.z, &q.Z)
+
+	ZZ2.Add(&ZZ2, &ZZ2)
+
+	v.X.Subtract(&PP, &MM)
+	v.Y.Add(&PP, &MM)
+	v.Z.Add(&ZZ2, &TT2d)
+	v.T.Subtract(&ZZ2, &TT2d)
+	return v
+}
+
+func (v *projP1xP1) Sub(p *Point, q *projCached) *projP1xP1 {
+	var YplusX, YminusX, PP, MM, TT2d, ZZ2 field.Element
+
+	YplusX.Add(&p.y, &p.x)
+	YminusX.Subtract(&p.y, &p.x)
+
+	PP.Multiply(&YplusX, &q.YminusX) // flipped sign
+	MM.Multiply(&YminusX, &q.YplusX) // flipped sign
+	TT2d.Multiply(&p.t, &q.T2d)
+	ZZ2.Multiply(&p.z, &q.Z)
+
+	ZZ2.Add(&ZZ2, &ZZ2)
+
+	v.X.Subtract(&PP, &MM)
+	v.Y.Add(&PP, &MM)
+	v.Z.Subtract(&ZZ2, &TT2d) // flipped sign
+	v.T.Add(&ZZ2, &TT2d)      // flipped sign
+	return v
+}
+
+func (v *projP1xP1) AddAffine(p *Point, q *affineCached) *projP1xP1 {
+	var YplusX, YminusX, PP, MM, TT2d, Z2 field.Element
+
+	YplusX.Add(&p.y, &p.x)
+	YminusX.Subtract(&p.y, &p.x)
+
+	PP.Multiply(&YplusX, &q.YplusX)
+	MM.Multiply(&YminusX, &q.YminusX)
+	TT2d.Multiply(&p.t, &q.T2d)
+
+	Z2.Add(&p.z, &p.z)
+
+	v.X.Subtract(&PP, &MM)
+	v.Y.Add(&PP, &MM)
+	v.Z.Add(&Z2, &TT2d)
+	v.T.Subtract(&Z2, &TT2d)
+	return v
+}
+
+func (v *projP1xP1) SubAffine(p *Point, q *affineCached) *projP1xP1 {
+	var YplusX, YminusX, PP, MM, TT2d, Z2 field.Element
+
+	YplusX.Add(&p.y, &p.x)
+	YminusX.Subtract(&p.y, &p.x)
+
+	PP.Multiply(&YplusX, &q.YminusX) // flipped sign
+	MM.Multiply(&YminusX, &q.YplusX) // flipped sign
+	TT2d.Multiply(&p.t, &q.T2d)
+
+	Z2.Add(&p.z, &p.z)
+
+	v.X.Subtract(&PP, &MM)
+	v.Y.Add(&PP, &MM)
+	v.Z.Subtract(&Z2, &TT2d) // flipped sign
+	v.T.Add(&Z2, &TT2d)      // flipped sign
+	return v
+}
+
+// Doubling.
+
+func (v *projP1xP1) Double(p *projP2) *projP1xP1 {
+	var XX, YY, ZZ2, XplusYsq field.Element
+
+	XX.Square(&p.X)
+	YY.Square(&p.Y)
+	ZZ2.Square(&p.Z)
+	ZZ2.Add(&ZZ2, &ZZ2)
+	XplusYsq.Add(&p.X, &p.Y)
+	XplusYsq.Square(&XplusYsq)
+
+	v.Y.Add(&YY, &XX)
+	v.Z.Subtract(&YY, &XX)
+
+	v.X.Subtract(&XplusYsq, &v.Y)
+	v.T.Subtract(&ZZ2, &v.Z)
+	return v
+}
+
+// Negation.
+
+// Negate sets v = -p, and returns v.
+func (v *Point) Negate(p *Point) *Point {
+	checkInitialized(p)
+	v.x.Negate(&p.x)
+	v.y.Set(&p.y)
+	v.z.Set(&p.z)
+	v.t.Negate(&p.t)
+	return v
+}
+
+// Equal returns 1 if v is equivalent to u, and 0 otherwise.
+func (v *Point) Equal(u *Point) int {
+	checkInitialized(v, u)
+
+	var t1, t2, t3, t4 field.Element
+	t1.Multiply(&v.x, &u.z)
+	t2.Multiply(&u.x, &v.z)
+	t3.Multiply(&v.y, &u.z)
+	t4.Multiply(&u.y, &v.z)
+
+	return t1.Equal(&t2) & t3.Equal(&t4)
+}
+
+// Constant-time operations
+
+// Select sets v to a if cond == 1 and to b if cond == 0.
+func (v *projCached) Select(a, b *projCached, cond int) *projCached {
+	v.YplusX.Select(&a.YplusX, &b.YplusX, cond)
+	v.YminusX.Select(&a.YminusX, &b.YminusX, cond)
+	v.Z.Select(&a.Z, &b.Z, cond)
+	v.T2d.Select(&a.T2d, &b.T2d, cond)
+	return v
+}
+
+// Select sets v to a if cond == 1 and to b if cond == 0.
+func (v *affineCached) Select(a, b *affineCached, cond int) *affineCached {
+	v.YplusX.Select(&a.YplusX, &b.YplusX, cond)
+	v.YminusX.Select(&a.YminusX, &b.YminusX, cond)
+	v.T2d.Select(&a.T2d, &b.T2d, cond)
+	return v
+}
+
+// CondNeg negates v if cond == 1 and leaves it unchanged if cond == 0.
+func (v *projCached) CondNeg(cond int) *projCached {
+	v.YplusX.Swap(&v.YminusX, cond)
+	v.T2d.Select(new(field.Element).Negate(&v.T2d), &v.T2d, cond)
+	return v
+}
+
+// CondNeg negates v if cond == 1 and leaves it unchanged if cond == 0.
+func (v *affineCached) CondNeg(cond int) *affineCached {
+	v.YplusX.Swap(&v.YminusX, cond)
+	v.T2d.Select(new(field.Element).Negate(&v.T2d), &v.T2d, cond)
+	return v
+}
diff --git a/vendor/filippo.io/edwards25519/extra.go b/vendor/filippo.io/edwards25519/extra.go
new file mode 100644
index 000000000..d152d68ff
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/extra.go
@@ -0,0 +1,349 @@
+// Copyright (c) 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package edwards25519
+
+// This file contains additional functionality that is not included in the
+// upstream crypto/internal/edwards25519 package.
+
+import (
+	"errors"
+
+	"filippo.io/edwards25519/field"
+)
+
+// ExtendedCoordinates returns v in extended coordinates (X:Y:Z:T) where
+// x = X/Z, y = Y/Z, and xy = T/Z as in https://eprint.iacr.org/2008/522.
+func (v *Point) ExtendedCoordinates() (X, Y, Z, T *field.Element) {
+	// This function is outlined to make the allocations inline in the caller
+	// rather than happen on the heap. Don't change the style without making
+	// sure it doesn't increase the inliner cost.
+	var e [4]field.Element
+	X, Y, Z, T = v.extendedCoordinates(&e)
+	return
+}
+
+func (v *Point) extendedCoordinates(e *[4]field.Element) (X, Y, Z, T *field.Element) {
+	checkInitialized(v)
+	X = e[0].Set(&v.x)
+	Y = e[1].Set(&v.y)
+	Z = e[2].Set(&v.z)
+	T = e[3].Set(&v.t)
+	return
+}
+
+// SetExtendedCoordinates sets v = (X:Y:Z:T) in extended coordinates where
+// x = X/Z, y = Y/Z, and xy = T/Z as in https://eprint.iacr.org/2008/522.
+//
+// If the coordinates are invalid or don't represent a valid point on the curve,
+// SetExtendedCoordinates returns nil and an error and the receiver is
+// unchanged. Otherwise, SetExtendedCoordinates returns v.
+func (v *Point) SetExtendedCoordinates(X, Y, Z, T *field.Element) (*Point, error) {
+	if !isOnCurve(X, Y, Z, T) {
+		return nil, errors.New("edwards25519: invalid point coordinates")
+	}
+	v.x.Set(X)
+	v.y.Set(Y)
+	v.z.Set(Z)
+	v.t.Set(T)
+	return v, nil
+}
+
+func isOnCurve(X, Y, Z, T *field.Element) bool {
+	var lhs, rhs field.Element
+	XX := new(field.Element).Square(X)
+	YY := new(field.Element).Square(Y)
+	ZZ := new(field.Element).Square(Z)
+	TT := new(field.Element).Square(T)
+	// -x² + y² = 1 + dx²y²
+	// -(X/Z)² + (Y/Z)² = 1 + d(T/Z)²
+	// -X² + Y² = Z² + dT²
+	lhs.Subtract(YY, XX)
+	rhs.Multiply(d, TT).Add(&rhs, ZZ)
+	if lhs.Equal(&rhs) != 1 {
+		return false
+	}
+	// xy = T/Z
+	// XY/Z² = T/Z
+	// XY = TZ
+	lhs.Multiply(X, Y)
+	rhs.Multiply(T, Z)
+	return lhs.Equal(&rhs) == 1
+}
+
+// BytesMontgomery converts v to a point on the birationally-equivalent
+// Curve25519 Montgomery curve, and returns its canonical 32 bytes encoding
+// according to RFC 7748.
+//
+// Note that BytesMontgomery only encodes the u-coordinate, so v and -v encode
+// to the same value. If v is the identity point, BytesMontgomery returns 32
+// zero bytes, analogously to the X25519 function.
+//
+// The lack of an inverse operation (such as SetMontgomeryBytes) is deliberate:
+// while every valid edwards25519 point has a unique u-coordinate Montgomery
+// encoding, X25519 accepts inputs on the quadratic twist, which don't correspond
+// to any edwards25519 point, and every other X25519 input corresponds to two
+// edwards25519 points.
+func (v *Point) BytesMontgomery() []byte {
+	// This function is outlined to make the allocations inline in the caller
+	// rather than happen on the heap.
+	var buf [32]byte
+	return v.bytesMontgomery(&buf)
+}
+
+func (v *Point) bytesMontgomery(buf *[32]byte) []byte {
+	checkInitialized(v)
+
+	// RFC 7748, Section 4.1 provides the bilinear map to calculate the
+	// Montgomery u-coordinate
+	//
+	//              u = (1 + y) / (1 - y)
+	//
+	// where y = Y / Z.
+
+	var y, recip, u field.Element
+
+	y.Multiply(&v.y, y.Invert(&v.z))        // y = Y / Z
+	recip.Invert(recip.Subtract(feOne, &y)) // r = 1/(1 - y)
+	u.Multiply(u.Add(feOne, &y), &recip)    // u = (1 + y)*r
+
+	return copyFieldElement(buf, &u)
+}
+
+// MultByCofactor sets v = 8 * p, and returns v.
+func (v *Point) MultByCofactor(p *Point) *Point {
+	checkInitialized(p)
+	result := projP1xP1{}
+	pp := (&projP2{}).FromP3(p)
+	result.Double(pp)
+	pp.FromP1xP1(&result)
+	result.Double(pp)
+	pp.FromP1xP1(&result)
+	result.Double(pp)
+	return v.fromP1xP1(&result)
+}
+
+// Given k > 0, set s = s**(2*i).
+func (s *Scalar) pow2k(k int) {
+	for i := 0; i < k; i++ {
+		s.Multiply(s, s)
+	}
+}
+
+// Invert sets s to the inverse of a nonzero scalar v, and returns s.
+//
+// If t is zero, Invert returns zero.
+func (s *Scalar) Invert(t *Scalar) *Scalar {
+	// Uses a hardcoded sliding window of width 4.
+	var table [8]Scalar
+	var tt Scalar
+	tt.Multiply(t, t)
+	table[0] = *t
+	for i := 0; i < 7; i++ {
+		table[i+1].Multiply(&table[i], &tt)
+	}
+	// Now table = [t**1, t**3, t**5, t**7, t**9, t**11, t**13, t**15]
+	// so t**k = t[k/2] for odd k
+
+	// To compute the sliding window digits, use the following Sage script:
+
+	// sage: import itertools
+	// sage: def sliding_window(w,k):
+	// ....:     digits = []
+	// ....:     while k > 0:
+	// ....:         if k % 2 == 1:
+	// ....:             kmod = k % (2**w)
+	// ....:             digits.append(kmod)
+	// ....:             k = k - kmod
+	// ....:         else:
+	// ....:             digits.append(0)
+	// ....:         k = k // 2
+	// ....:     return digits
+
+	// Now we can compute s roughly as follows:
+
+	// sage: s = 1
+	// sage: for coeff in reversed(sliding_window(4,l-2)):
+	// ....:     s = s*s
+	// ....:     if coeff > 0 :
+	// ....:         s = s*t**coeff
+
+	// This works on one bit at a time, with many runs of zeros.
+	// The digits can be collapsed into [(count, coeff)] as follows:
+
+	// sage: [(len(list(group)),d) for d,group in itertools.groupby(sliding_window(4,l-2))]
+
+	// Entries of the form (k, 0) turn into pow2k(k)
+	// Entries of the form (1, coeff) turn into a squaring and then a table lookup.
+	// We can fold the squaring into the previous pow2k(k) as pow2k(k+1).
+
+	*s = table[1/2]
+	s.pow2k(127 + 1)
+	s.Multiply(s, &table[1/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[9/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[11/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[13/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[15/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[7/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[15/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[5/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[1/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[15/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[15/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[7/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[3/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[11/2])
+	s.pow2k(5 + 1)
+	s.Multiply(s, &table[11/2])
+	s.pow2k(9 + 1)
+	s.Multiply(s, &table[9/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[3/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[3/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[3/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[9/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[7/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[3/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[13/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[7/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[9/2])
+	s.pow2k(3 + 1)
+	s.Multiply(s, &table[15/2])
+	s.pow2k(4 + 1)
+	s.Multiply(s, &table[11/2])
+
+	return s
+}
+
+// MultiScalarMult sets v = sum(scalars[i] * points[i]), and returns v.
+//
+// Execution time depends only on the lengths of the two slices, which must match.
+func (v *Point) MultiScalarMult(scalars []*Scalar, points []*Point) *Point {
+	if len(scalars) != len(points) {
+		panic("edwards25519: called MultiScalarMult with different size inputs")
+	}
+	checkInitialized(points...)
+
+	// Proceed as in the single-base case, but share doublings
+	// between each point in the multiscalar equation.
+
+	// Build lookup tables for each point
+	tables := make([]projLookupTable, len(points))
+	for i := range tables {
+		tables[i].FromP3(points[i])
+	}
+	// Compute signed radix-16 digits for each scalar
+	digits := make([][64]int8, len(scalars))
+	for i := range digits {
+		digits[i] = scalars[i].signedRadix16()
+	}
+
+	// Unwrap first loop iteration to save computing 16*identity
+	multiple := &projCached{}
+	tmp1 := &projP1xP1{}
+	tmp2 := &projP2{}
+	// Lookup-and-add the appropriate multiple of each input point
+	for j := range tables {
+		tables[j].SelectInto(multiple, digits[j][63])
+		tmp1.Add(v, multiple) // tmp1 = v + x_(j,63)*Q in P1xP1 coords
+		v.fromP1xP1(tmp1)     // update v
+	}
+	tmp2.FromP3(v) // set up tmp2 = v in P2 coords for next iteration
+	for i := 62; i >= 0; i-- {
+		tmp1.Double(tmp2)    // tmp1 =  2*(prev) in P1xP1 coords
+		tmp2.FromP1xP1(tmp1) // tmp2 =  2*(prev) in P2 coords
+		tmp1.Double(tmp2)    // tmp1 =  4*(prev) in P1xP1 coords
+		tmp2.FromP1xP1(tmp1) // tmp2 =  4*(prev) in P2 coords
+		tmp1.Double(tmp2)    // tmp1 =  8*(prev) in P1xP1 coords
+		tmp2.FromP1xP1(tmp1) // tmp2 =  8*(prev) in P2 coords
+		tmp1.Double(tmp2)    // tmp1 = 16*(prev) in P1xP1 coords
+		v.fromP1xP1(tmp1)    //    v = 16*(prev) in P3 coords
+		// Lookup-and-add the appropriate multiple of each input point
+		for j := range tables {
+			tables[j].SelectInto(multiple, digits[j][i])
+			tmp1.Add(v, multiple) // tmp1 = v + x_(j,i)*Q in P1xP1 coords
+			v.fromP1xP1(tmp1)     // update v
+		}
+		tmp2.FromP3(v) // set up tmp2 = v in P2 coords for next iteration
+	}
+	return v
+}
+
+// VarTimeMultiScalarMult sets v = sum(scalars[i] * points[i]), and returns v.
+//
+// Execution time depends on the inputs.
+func (v *Point) VarTimeMultiScalarMult(scalars []*Scalar, points []*Point) *Point {
+	if len(scalars) != len(points) {
+		panic("edwards25519: called VarTimeMultiScalarMult with different size inputs")
+	}
+	checkInitialized(points...)
+
+	// Generalize double-base NAF computation to arbitrary sizes.
+	// Here all the points are dynamic, so we only use the smaller
+	// tables.
+
+	// Build lookup tables for each point
+	tables := make([]nafLookupTable5, len(points))
+	for i := range tables {
+		tables[i].FromP3(points[i])
+	}
+	// Compute a NAF for each scalar
+	nafs := make([][256]int8, len(scalars))
+	for i := range nafs {
+		nafs[i] = scalars[i].nonAdjacentForm(5)
+	}
+
+	multiple := &projCached{}
+	tmp1 := &projP1xP1{}
+	tmp2 := &projP2{}
+	tmp2.Zero()
+
+	// Move from high to low bits, doubling the accumulator
+	// at each iteration and checking whether there is a nonzero
+	// coefficient to look up a multiple of.
+	//
+	// Skip trying to find the first nonzero coefficent, because
+	// searching might be more work than a few extra doublings.
+	for i := 255; i >= 0; i-- {
+		tmp1.Double(tmp2)
+
+		for j := range nafs {
+			if nafs[j][i] > 0 {
+				v.fromP1xP1(tmp1)
+				tables[j].SelectInto(multiple, nafs[j][i])
+				tmp1.Add(v, multiple)
+			} else if nafs[j][i] < 0 {
+				v.fromP1xP1(tmp1)
+				tables[j].SelectInto(multiple, -nafs[j][i])
+				tmp1.Sub(v, multiple)
+			}
+		}
+
+		tmp2.FromP1xP1(tmp1)
+	}
+
+	v.fromP2(tmp2)
+	return v
+}
diff --git a/vendor/filippo.io/edwards25519/field/fe.go b/vendor/filippo.io/edwards25519/field/fe.go
new file mode 100644
index 000000000..5518ef2b9
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/field/fe.go
@@ -0,0 +1,420 @@
+// Copyright (c) 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package field implements fast arithmetic modulo 2^255-19.
+package field
+
+import (
+	"crypto/subtle"
+	"encoding/binary"
+	"errors"
+	"math/bits"
+)
+
+// Element represents an element of the field GF(2^255-19). Note that this
+// is not a cryptographically secure group, and should only be used to interact
+// with edwards25519.Point coordinates.
+//
+// This type works similarly to math/big.Int, and all arguments and receivers
+// are allowed to alias.
+//
+// The zero value is a valid zero element.
+type Element struct {
+	// An element t represents the integer
+	//     t.l0 + t.l1*2^51 + t.l2*2^102 + t.l3*2^153 + t.l4*2^204
+	//
+	// Between operations, all limbs are expected to be lower than 2^52.
+	l0 uint64
+	l1 uint64
+	l2 uint64
+	l3 uint64
+	l4 uint64
+}
+
+const maskLow51Bits uint64 = (1 << 51) - 1
+
+var feZero = &Element{0, 0, 0, 0, 0}
+
+// Zero sets v = 0, and returns v.
+func (v *Element) Zero() *Element {
+	*v = *feZero
+	return v
+}
+
+var feOne = &Element{1, 0, 0, 0, 0}
+
+// One sets v = 1, and returns v.
+func (v *Element) One() *Element {
+	*v = *feOne
+	return v
+}
+
+// reduce reduces v modulo 2^255 - 19 and returns it.
+func (v *Element) reduce() *Element {
+	v.carryPropagate()
+
+	// After the light reduction we now have a field element representation
+	// v < 2^255 + 2^13 * 19, but need v < 2^255 - 19.
+
+	// If v >= 2^255 - 19, then v + 19 >= 2^255, which would overflow 2^255 - 1,
+	// generating a carry. That is, c will be 0 if v < 2^255 - 19, and 1 otherwise.
+	c := (v.l0 + 19) >> 51
+	c = (v.l1 + c) >> 51
+	c = (v.l2 + c) >> 51
+	c = (v.l3 + c) >> 51
+	c = (v.l4 + c) >> 51
+
+	// If v < 2^255 - 19 and c = 0, this will be a no-op. Otherwise, it's
+	// effectively applying the reduction identity to the carry.
+	v.l0 += 19 * c
+
+	v.l1 += v.l0 >> 51
+	v.l0 = v.l0 & maskLow51Bits
+	v.l2 += v.l1 >> 51
+	v.l1 = v.l1 & maskLow51Bits
+	v.l3 += v.l2 >> 51
+	v.l2 = v.l2 & maskLow51Bits
+	v.l4 += v.l3 >> 51
+	v.l3 = v.l3 & maskLow51Bits
+	// no additional carry
+	v.l4 = v.l4 & maskLow51Bits
+
+	return v
+}
+
+// Add sets v = a + b, and returns v.
+func (v *Element) Add(a, b *Element) *Element {
+	v.l0 = a.l0 + b.l0
+	v.l1 = a.l1 + b.l1
+	v.l2 = a.l2 + b.l2
+	v.l3 = a.l3 + b.l3
+	v.l4 = a.l4 + b.l4
+	// Using the generic implementation here is actually faster than the
+	// assembly. Probably because the body of this function is so simple that
+	// the compiler can figure out better optimizations by inlining the carry
+	// propagation.
+	return v.carryPropagateGeneric()
+}
+
+// Subtract sets v = a - b, and returns v.
+func (v *Element) Subtract(a, b *Element) *Element {
+	// We first add 2 * p, to guarantee the subtraction won't underflow, and
+	// then subtract b (which can be up to 2^255 + 2^13 * 19).
+	v.l0 = (a.l0 + 0xFFFFFFFFFFFDA) - b.l0
+	v.l1 = (a.l1 + 0xFFFFFFFFFFFFE) - b.l1
+	v.l2 = (a.l2 + 0xFFFFFFFFFFFFE) - b.l2
+	v.l3 = (a.l3 + 0xFFFFFFFFFFFFE) - b.l3
+	v.l4 = (a.l4 + 0xFFFFFFFFFFFFE) - b.l4
+	return v.carryPropagate()
+}
+
+// Negate sets v = -a, and returns v.
+func (v *Element) Negate(a *Element) *Element {
+	return v.Subtract(feZero, a)
+}
+
+// Invert sets v = 1/z mod p, and returns v.
+//
+// If z == 0, Invert returns v = 0.
+func (v *Element) Invert(z *Element) *Element {
+	// Inversion is implemented as exponentiation with exponent p − 2. It uses the
+	// same sequence of 255 squarings and 11 multiplications as [Curve25519].
+	var z2, z9, z11, z2_5_0, z2_10_0, z2_20_0, z2_50_0, z2_100_0, t Element
+
+	z2.Square(z)             // 2
+	t.Square(&z2)            // 4
+	t.Square(&t)             // 8
+	z9.Multiply(&t, z)       // 9
+	z11.Multiply(&z9, &z2)   // 11
+	t.Square(&z11)           // 22
+	z2_5_0.Multiply(&t, &z9) // 31 = 2^5 - 2^0
+
+	t.Square(&z2_5_0) // 2^6 - 2^1
+	for i := 0; i < 4; i++ {
+		t.Square(&t) // 2^10 - 2^5
+	}
+	z2_10_0.Multiply(&t, &z2_5_0) // 2^10 - 2^0
+
+	t.Square(&z2_10_0) // 2^11 - 2^1
+	for i := 0; i < 9; i++ {
+		t.Square(&t) // 2^20 - 2^10
+	}
+	z2_20_0.Multiply(&t, &z2_10_0) // 2^20 - 2^0
+
+	t.Square(&z2_20_0) // 2^21 - 2^1
+	for i := 0; i < 19; i++ {
+		t.Square(&t) // 2^40 - 2^20
+	}
+	t.Multiply(&t, &z2_20_0) // 2^40 - 2^0
+
+	t.Square(&t) // 2^41 - 2^1
+	for i := 0; i < 9; i++ {
+		t.Square(&t) // 2^50 - 2^10
+	}
+	z2_50_0.Multiply(&t, &z2_10_0) // 2^50 - 2^0
+
+	t.Square(&z2_50_0) // 2^51 - 2^1
+	for i := 0; i < 49; i++ {
+		t.Square(&t) // 2^100 - 2^50
+	}
+	z2_100_0.Multiply(&t, &z2_50_0) // 2^100 - 2^0
+
+	t.Square(&z2_100_0) // 2^101 - 2^1
+	for i := 0; i < 99; i++ {
+		t.Square(&t) // 2^200 - 2^100
+	}
+	t.Multiply(&t, &z2_100_0) // 2^200 - 2^0
+
+	t.Square(&t) // 2^201 - 2^1
+	for i := 0; i < 49; i++ {
+		t.Square(&t) // 2^250 - 2^50
+	}
+	t.Multiply(&t, &z2_50_0) // 2^250 - 2^0
+
+	t.Square(&t) // 2^251 - 2^1
+	t.Square(&t) // 2^252 - 2^2
+	t.Square(&t) // 2^253 - 2^3
+	t.Square(&t) // 2^254 - 2^4
+	t.Square(&t) // 2^255 - 2^5
+
+	return v.Multiply(&t, &z11) // 2^255 - 21
+}
+
+// Set sets v = a, and returns v.
+func (v *Element) Set(a *Element) *Element {
+	*v = *a
+	return v
+}
+
+// SetBytes sets v to x, where x is a 32-byte little-endian encoding. If x is
+// not of the right length, SetBytes returns nil and an error, and the
+// receiver is unchanged.
+//
+// Consistent with RFC 7748, the most significant bit (the high bit of the
+// last byte) is ignored, and non-canonical values (2^255-19 through 2^255-1)
+// are accepted. Note that this is laxer than specified by RFC 8032, but
+// consistent with most Ed25519 implementations.
+func (v *Element) SetBytes(x []byte) (*Element, error) {
+	if len(x) != 32 {
+		return nil, errors.New("edwards25519: invalid field element input size")
+	}
+
+	// Bits 0:51 (bytes 0:8, bits 0:64, shift 0, mask 51).
+	v.l0 = binary.LittleEndian.Uint64(x[0:8])
+	v.l0 &= maskLow51Bits
+	// Bits 51:102 (bytes 6:14, bits 48:112, shift 3, mask 51).
+	v.l1 = binary.LittleEndian.Uint64(x[6:14]) >> 3
+	v.l1 &= maskLow51Bits
+	// Bits 102:153 (bytes 12:20, bits 96:160, shift 6, mask 51).
+	v.l2 = binary.LittleEndian.Uint64(x[12:20]) >> 6
+	v.l2 &= maskLow51Bits
+	// Bits 153:204 (bytes 19:27, bits 152:216, shift 1, mask 51).
+	v.l3 = binary.LittleEndian.Uint64(x[19:27]) >> 1
+	v.l3 &= maskLow51Bits
+	// Bits 204:255 (bytes 24:32, bits 192:256, shift 12, mask 51).
+	// Note: not bytes 25:33, shift 4, to avoid overread.
+	v.l4 = binary.LittleEndian.Uint64(x[24:32]) >> 12
+	v.l4 &= maskLow51Bits
+
+	return v, nil
+}
+
+// Bytes returns the canonical 32-byte little-endian encoding of v.
+func (v *Element) Bytes() []byte {
+	// This function is outlined to make the allocations inline in the caller
+	// rather than happen on the heap.
+	var out [32]byte
+	return v.bytes(&out)
+}
+
+func (v *Element) bytes(out *[32]byte) []byte {
+	t := *v
+	t.reduce()
+
+	var buf [8]byte
+	for i, l := range [5]uint64{t.l0, t.l1, t.l2, t.l3, t.l4} {
+		bitsOffset := i * 51
+		binary.LittleEndian.PutUint64(buf[:], l<= len(out) {
+				break
+			}
+			out[off] |= bb
+		}
+	}
+
+	return out[:]
+}
+
+// Equal returns 1 if v and u are equal, and 0 otherwise.
+func (v *Element) Equal(u *Element) int {
+	sa, sv := u.Bytes(), v.Bytes()
+	return subtle.ConstantTimeCompare(sa, sv)
+}
+
+// mask64Bits returns 0xffffffff if cond is 1, and 0 otherwise.
+func mask64Bits(cond int) uint64 { return ^(uint64(cond) - 1) }
+
+// Select sets v to a if cond == 1, and to b if cond == 0.
+func (v *Element) Select(a, b *Element, cond int) *Element {
+	m := mask64Bits(cond)
+	v.l0 = (m & a.l0) | (^m & b.l0)
+	v.l1 = (m & a.l1) | (^m & b.l1)
+	v.l2 = (m & a.l2) | (^m & b.l2)
+	v.l3 = (m & a.l3) | (^m & b.l3)
+	v.l4 = (m & a.l4) | (^m & b.l4)
+	return v
+}
+
+// Swap swaps v and u if cond == 1 or leaves them unchanged if cond == 0, and returns v.
+func (v *Element) Swap(u *Element, cond int) {
+	m := mask64Bits(cond)
+	t := m & (v.l0 ^ u.l0)
+	v.l0 ^= t
+	u.l0 ^= t
+	t = m & (v.l1 ^ u.l1)
+	v.l1 ^= t
+	u.l1 ^= t
+	t = m & (v.l2 ^ u.l2)
+	v.l2 ^= t
+	u.l2 ^= t
+	t = m & (v.l3 ^ u.l3)
+	v.l3 ^= t
+	u.l3 ^= t
+	t = m & (v.l4 ^ u.l4)
+	v.l4 ^= t
+	u.l4 ^= t
+}
+
+// IsNegative returns 1 if v is negative, and 0 otherwise.
+func (v *Element) IsNegative() int {
+	return int(v.Bytes()[0] & 1)
+}
+
+// Absolute sets v to |u|, and returns v.
+func (v *Element) Absolute(u *Element) *Element {
+	return v.Select(new(Element).Negate(u), u, u.IsNegative())
+}
+
+// Multiply sets v = x * y, and returns v.
+func (v *Element) Multiply(x, y *Element) *Element {
+	feMul(v, x, y)
+	return v
+}
+
+// Square sets v = x * x, and returns v.
+func (v *Element) Square(x *Element) *Element {
+	feSquare(v, x)
+	return v
+}
+
+// Mult32 sets v = x * y, and returns v.
+func (v *Element) Mult32(x *Element, y uint32) *Element {
+	x0lo, x0hi := mul51(x.l0, y)
+	x1lo, x1hi := mul51(x.l1, y)
+	x2lo, x2hi := mul51(x.l2, y)
+	x3lo, x3hi := mul51(x.l3, y)
+	x4lo, x4hi := mul51(x.l4, y)
+	v.l0 = x0lo + 19*x4hi // carried over per the reduction identity
+	v.l1 = x1lo + x0hi
+	v.l2 = x2lo + x1hi
+	v.l3 = x3lo + x2hi
+	v.l4 = x4lo + x3hi
+	// The hi portions are going to be only 32 bits, plus any previous excess,
+	// so we can skip the carry propagation.
+	return v
+}
+
+// mul51 returns lo + hi * 2⁵¹ = a * b.
+func mul51(a uint64, b uint32) (lo uint64, hi uint64) {
+	mh, ml := bits.Mul64(a, uint64(b))
+	lo = ml & maskLow51Bits
+	hi = (mh << 13) | (ml >> 51)
+	return
+}
+
+// Pow22523 set v = x^((p-5)/8), and returns v. (p-5)/8 is 2^252-3.
+func (v *Element) Pow22523(x *Element) *Element {
+	var t0, t1, t2 Element
+
+	t0.Square(x)             // x^2
+	t1.Square(&t0)           // x^4
+	t1.Square(&t1)           // x^8
+	t1.Multiply(x, &t1)      // x^9
+	t0.Multiply(&t0, &t1)    // x^11
+	t0.Square(&t0)           // x^22
+	t0.Multiply(&t1, &t0)    // x^31
+	t1.Square(&t0)           // x^62
+	for i := 1; i < 5; i++ { // x^992
+		t1.Square(&t1)
+	}
+	t0.Multiply(&t1, &t0)     // x^1023 -> 1023 = 2^10 - 1
+	t1.Square(&t0)            // 2^11 - 2
+	for i := 1; i < 10; i++ { // 2^20 - 2^10
+		t1.Square(&t1)
+	}
+	t1.Multiply(&t1, &t0)     // 2^20 - 1
+	t2.Square(&t1)            // 2^21 - 2
+	for i := 1; i < 20; i++ { // 2^40 - 2^20
+		t2.Square(&t2)
+	}
+	t1.Multiply(&t2, &t1)     // 2^40 - 1
+	t1.Square(&t1)            // 2^41 - 2
+	for i := 1; i < 10; i++ { // 2^50 - 2^10
+		t1.Square(&t1)
+	}
+	t0.Multiply(&t1, &t0)     // 2^50 - 1
+	t1.Square(&t0)            // 2^51 - 2
+	for i := 1; i < 50; i++ { // 2^100 - 2^50
+		t1.Square(&t1)
+	}
+	t1.Multiply(&t1, &t0)      // 2^100 - 1
+	t2.Square(&t1)             // 2^101 - 2
+	for i := 1; i < 100; i++ { // 2^200 - 2^100
+		t2.Square(&t2)
+	}
+	t1.Multiply(&t2, &t1)     // 2^200 - 1
+	t1.Square(&t1)            // 2^201 - 2
+	for i := 1; i < 50; i++ { // 2^250 - 2^50
+		t1.Square(&t1)
+	}
+	t0.Multiply(&t1, &t0)     // 2^250 - 1
+	t0.Square(&t0)            // 2^251 - 2
+	t0.Square(&t0)            // 2^252 - 4
+	return v.Multiply(&t0, x) // 2^252 - 3 -> x^(2^252-3)
+}
+
+// sqrtM1 is 2^((p-1)/4), which squared is equal to -1 by Euler's Criterion.
+var sqrtM1 = &Element{1718705420411056, 234908883556509,
+	2233514472574048, 2117202627021982, 765476049583133}
+
+// SqrtRatio sets r to the non-negative square root of the ratio of u and v.
+//
+// If u/v is square, SqrtRatio returns r and 1. If u/v is not square, SqrtRatio
+// sets r according to Section 4.3 of draft-irtf-cfrg-ristretto255-decaf448-00,
+// and returns r and 0.
+func (r *Element) SqrtRatio(u, v *Element) (R *Element, wasSquare int) {
+	t0 := new(Element)
+
+	// r = (u * v3) * (u * v7)^((p-5)/8)
+	v2 := new(Element).Square(v)
+	uv3 := new(Element).Multiply(u, t0.Multiply(v2, v))
+	uv7 := new(Element).Multiply(uv3, t0.Square(v2))
+	rr := new(Element).Multiply(uv3, t0.Pow22523(uv7))
+
+	check := new(Element).Multiply(v, t0.Square(rr)) // check = v * r^2
+
+	uNeg := new(Element).Negate(u)
+	correctSignSqrt := check.Equal(u)
+	flippedSignSqrt := check.Equal(uNeg)
+	flippedSignSqrtI := check.Equal(t0.Multiply(uNeg, sqrtM1))
+
+	rPrime := new(Element).Multiply(rr, sqrtM1) // r_prime = SQRT_M1 * r
+	// r = CT_SELECT(r_prime IF flipped_sign_sqrt | flipped_sign_sqrt_i ELSE r)
+	rr.Select(rPrime, rr, flippedSignSqrt|flippedSignSqrtI)
+
+	r.Absolute(rr) // Choose the nonnegative square root.
+	return r, correctSignSqrt | flippedSignSqrt
+}
diff --git a/vendor/filippo.io/edwards25519/field/fe_amd64.go b/vendor/filippo.io/edwards25519/field/fe_amd64.go
new file mode 100644
index 000000000..edcf163c4
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/field/fe_amd64.go
@@ -0,0 +1,16 @@
+// Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
+
+//go:build amd64 && gc && !purego
+// +build amd64,gc,!purego
+
+package field
+
+// feMul sets out = a * b. It works like feMulGeneric.
+//
+//go:noescape
+func feMul(out *Element, a *Element, b *Element)
+
+// feSquare sets out = a * a. It works like feSquareGeneric.
+//
+//go:noescape
+func feSquare(out *Element, a *Element)
diff --git a/vendor/filippo.io/edwards25519/field/fe_amd64.s b/vendor/filippo.io/edwards25519/field/fe_amd64.s
new file mode 100644
index 000000000..293f013c9
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/field/fe_amd64.s
@@ -0,0 +1,379 @@
+// Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
+
+//go:build amd64 && gc && !purego
+// +build amd64,gc,!purego
+
+#include "textflag.h"
+
+// func feMul(out *Element, a *Element, b *Element)
+TEXT ·feMul(SB), NOSPLIT, $0-24
+	MOVQ a+8(FP), CX
+	MOVQ b+16(FP), BX
+
+	// r0 = a0×b0
+	MOVQ (CX), AX
+	MULQ (BX)
+	MOVQ AX, DI
+	MOVQ DX, SI
+
+	// r0 += 19×a1×b4
+	MOVQ   8(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(BX)
+	ADDQ   AX, DI
+	ADCQ   DX, SI
+
+	// r0 += 19×a2×b3
+	MOVQ   16(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   24(BX)
+	ADDQ   AX, DI
+	ADCQ   DX, SI
+
+	// r0 += 19×a3×b2
+	MOVQ   24(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   16(BX)
+	ADDQ   AX, DI
+	ADCQ   DX, SI
+
+	// r0 += 19×a4×b1
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   8(BX)
+	ADDQ   AX, DI
+	ADCQ   DX, SI
+
+	// r1 = a0×b1
+	MOVQ (CX), AX
+	MULQ 8(BX)
+	MOVQ AX, R9
+	MOVQ DX, R8
+
+	// r1 += a1×b0
+	MOVQ 8(CX), AX
+	MULQ (BX)
+	ADDQ AX, R9
+	ADCQ DX, R8
+
+	// r1 += 19×a2×b4
+	MOVQ   16(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(BX)
+	ADDQ   AX, R9
+	ADCQ   DX, R8
+
+	// r1 += 19×a3×b3
+	MOVQ   24(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   24(BX)
+	ADDQ   AX, R9
+	ADCQ   DX, R8
+
+	// r1 += 19×a4×b2
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   16(BX)
+	ADDQ   AX, R9
+	ADCQ   DX, R8
+
+	// r2 = a0×b2
+	MOVQ (CX), AX
+	MULQ 16(BX)
+	MOVQ AX, R11
+	MOVQ DX, R10
+
+	// r2 += a1×b1
+	MOVQ 8(CX), AX
+	MULQ 8(BX)
+	ADDQ AX, R11
+	ADCQ DX, R10
+
+	// r2 += a2×b0
+	MOVQ 16(CX), AX
+	MULQ (BX)
+	ADDQ AX, R11
+	ADCQ DX, R10
+
+	// r2 += 19×a3×b4
+	MOVQ   24(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(BX)
+	ADDQ   AX, R11
+	ADCQ   DX, R10
+
+	// r2 += 19×a4×b3
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   24(BX)
+	ADDQ   AX, R11
+	ADCQ   DX, R10
+
+	// r3 = a0×b3
+	MOVQ (CX), AX
+	MULQ 24(BX)
+	MOVQ AX, R13
+	MOVQ DX, R12
+
+	// r3 += a1×b2
+	MOVQ 8(CX), AX
+	MULQ 16(BX)
+	ADDQ AX, R13
+	ADCQ DX, R12
+
+	// r3 += a2×b1
+	MOVQ 16(CX), AX
+	MULQ 8(BX)
+	ADDQ AX, R13
+	ADCQ DX, R12
+
+	// r3 += a3×b0
+	MOVQ 24(CX), AX
+	MULQ (BX)
+	ADDQ AX, R13
+	ADCQ DX, R12
+
+	// r3 += 19×a4×b4
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(BX)
+	ADDQ   AX, R13
+	ADCQ   DX, R12
+
+	// r4 = a0×b4
+	MOVQ (CX), AX
+	MULQ 32(BX)
+	MOVQ AX, R15
+	MOVQ DX, R14
+
+	// r4 += a1×b3
+	MOVQ 8(CX), AX
+	MULQ 24(BX)
+	ADDQ AX, R15
+	ADCQ DX, R14
+
+	// r4 += a2×b2
+	MOVQ 16(CX), AX
+	MULQ 16(BX)
+	ADDQ AX, R15
+	ADCQ DX, R14
+
+	// r4 += a3×b1
+	MOVQ 24(CX), AX
+	MULQ 8(BX)
+	ADDQ AX, R15
+	ADCQ DX, R14
+
+	// r4 += a4×b0
+	MOVQ 32(CX), AX
+	MULQ (BX)
+	ADDQ AX, R15
+	ADCQ DX, R14
+
+	// First reduction chain
+	MOVQ   $0x0007ffffffffffff, AX
+	SHLQ   $0x0d, DI, SI
+	SHLQ   $0x0d, R9, R8
+	SHLQ   $0x0d, R11, R10
+	SHLQ   $0x0d, R13, R12
+	SHLQ   $0x0d, R15, R14
+	ANDQ   AX, DI
+	IMUL3Q $0x13, R14, R14
+	ADDQ   R14, DI
+	ANDQ   AX, R9
+	ADDQ   SI, R9
+	ANDQ   AX, R11
+	ADDQ   R8, R11
+	ANDQ   AX, R13
+	ADDQ   R10, R13
+	ANDQ   AX, R15
+	ADDQ   R12, R15
+
+	// Second reduction chain (carryPropagate)
+	MOVQ   DI, SI
+	SHRQ   $0x33, SI
+	MOVQ   R9, R8
+	SHRQ   $0x33, R8
+	MOVQ   R11, R10
+	SHRQ   $0x33, R10
+	MOVQ   R13, R12
+	SHRQ   $0x33, R12
+	MOVQ   R15, R14
+	SHRQ   $0x33, R14
+	ANDQ   AX, DI
+	IMUL3Q $0x13, R14, R14
+	ADDQ   R14, DI
+	ANDQ   AX, R9
+	ADDQ   SI, R9
+	ANDQ   AX, R11
+	ADDQ   R8, R11
+	ANDQ   AX, R13
+	ADDQ   R10, R13
+	ANDQ   AX, R15
+	ADDQ   R12, R15
+
+	// Store output
+	MOVQ out+0(FP), AX
+	MOVQ DI, (AX)
+	MOVQ R9, 8(AX)
+	MOVQ R11, 16(AX)
+	MOVQ R13, 24(AX)
+	MOVQ R15, 32(AX)
+	RET
+
+// func feSquare(out *Element, a *Element)
+TEXT ·feSquare(SB), NOSPLIT, $0-16
+	MOVQ a+8(FP), CX
+
+	// r0 = l0×l0
+	MOVQ (CX), AX
+	MULQ (CX)
+	MOVQ AX, SI
+	MOVQ DX, BX
+
+	// r0 += 38×l1×l4
+	MOVQ   8(CX), AX
+	IMUL3Q $0x26, AX, AX
+	MULQ   32(CX)
+	ADDQ   AX, SI
+	ADCQ   DX, BX
+
+	// r0 += 38×l2×l3
+	MOVQ   16(CX), AX
+	IMUL3Q $0x26, AX, AX
+	MULQ   24(CX)
+	ADDQ   AX, SI
+	ADCQ   DX, BX
+
+	// r1 = 2×l0×l1
+	MOVQ (CX), AX
+	SHLQ $0x01, AX
+	MULQ 8(CX)
+	MOVQ AX, R8
+	MOVQ DX, DI
+
+	// r1 += 38×l2×l4
+	MOVQ   16(CX), AX
+	IMUL3Q $0x26, AX, AX
+	MULQ   32(CX)
+	ADDQ   AX, R8
+	ADCQ   DX, DI
+
+	// r1 += 19×l3×l3
+	MOVQ   24(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   24(CX)
+	ADDQ   AX, R8
+	ADCQ   DX, DI
+
+	// r2 = 2×l0×l2
+	MOVQ (CX), AX
+	SHLQ $0x01, AX
+	MULQ 16(CX)
+	MOVQ AX, R10
+	MOVQ DX, R9
+
+	// r2 += l1×l1
+	MOVQ 8(CX), AX
+	MULQ 8(CX)
+	ADDQ AX, R10
+	ADCQ DX, R9
+
+	// r2 += 38×l3×l4
+	MOVQ   24(CX), AX
+	IMUL3Q $0x26, AX, AX
+	MULQ   32(CX)
+	ADDQ   AX, R10
+	ADCQ   DX, R9
+
+	// r3 = 2×l0×l3
+	MOVQ (CX), AX
+	SHLQ $0x01, AX
+	MULQ 24(CX)
+	MOVQ AX, R12
+	MOVQ DX, R11
+
+	// r3 += 2×l1×l2
+	MOVQ   8(CX), AX
+	IMUL3Q $0x02, AX, AX
+	MULQ   16(CX)
+	ADDQ   AX, R12
+	ADCQ   DX, R11
+
+	// r3 += 19×l4×l4
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(CX)
+	ADDQ   AX, R12
+	ADCQ   DX, R11
+
+	// r4 = 2×l0×l4
+	MOVQ (CX), AX
+	SHLQ $0x01, AX
+	MULQ 32(CX)
+	MOVQ AX, R14
+	MOVQ DX, R13
+
+	// r4 += 2×l1×l3
+	MOVQ   8(CX), AX
+	IMUL3Q $0x02, AX, AX
+	MULQ   24(CX)
+	ADDQ   AX, R14
+	ADCQ   DX, R13
+
+	// r4 += l2×l2
+	MOVQ 16(CX), AX
+	MULQ 16(CX)
+	ADDQ AX, R14
+	ADCQ DX, R13
+
+	// First reduction chain
+	MOVQ   $0x0007ffffffffffff, AX
+	SHLQ   $0x0d, SI, BX
+	SHLQ   $0x0d, R8, DI
+	SHLQ   $0x0d, R10, R9
+	SHLQ   $0x0d, R12, R11
+	SHLQ   $0x0d, R14, R13
+	ANDQ   AX, SI
+	IMUL3Q $0x13, R13, R13
+	ADDQ   R13, SI
+	ANDQ   AX, R8
+	ADDQ   BX, R8
+	ANDQ   AX, R10
+	ADDQ   DI, R10
+	ANDQ   AX, R12
+	ADDQ   R9, R12
+	ANDQ   AX, R14
+	ADDQ   R11, R14
+
+	// Second reduction chain (carryPropagate)
+	MOVQ   SI, BX
+	SHRQ   $0x33, BX
+	MOVQ   R8, DI
+	SHRQ   $0x33, DI
+	MOVQ   R10, R9
+	SHRQ   $0x33, R9
+	MOVQ   R12, R11
+	SHRQ   $0x33, R11
+	MOVQ   R14, R13
+	SHRQ   $0x33, R13
+	ANDQ   AX, SI
+	IMUL3Q $0x13, R13, R13
+	ADDQ   R13, SI
+	ANDQ   AX, R8
+	ADDQ   BX, R8
+	ANDQ   AX, R10
+	ADDQ   DI, R10
+	ANDQ   AX, R12
+	ADDQ   R9, R12
+	ANDQ   AX, R14
+	ADDQ   R11, R14
+
+	// Store output
+	MOVQ out+0(FP), AX
+	MOVQ SI, (AX)
+	MOVQ R8, 8(AX)
+	MOVQ R10, 16(AX)
+	MOVQ R12, 24(AX)
+	MOVQ R14, 32(AX)
+	RET
diff --git a/vendor/filippo.io/edwards25519/field/fe_amd64_noasm.go b/vendor/filippo.io/edwards25519/field/fe_amd64_noasm.go
new file mode 100644
index 000000000..ddb6c9b8f
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/field/fe_amd64_noasm.go
@@ -0,0 +1,12 @@
+// Copyright (c) 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !amd64 || !gc || purego
+// +build !amd64 !gc purego
+
+package field
+
+func feMul(v, x, y *Element) { feMulGeneric(v, x, y) }
+
+func feSquare(v, x *Element) { feSquareGeneric(v, x) }
diff --git a/vendor/filippo.io/edwards25519/field/fe_arm64.go b/vendor/filippo.io/edwards25519/field/fe_arm64.go
new file mode 100644
index 000000000..af459ef51
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/field/fe_arm64.go
@@ -0,0 +1,16 @@
+// Copyright (c) 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build arm64 && gc && !purego
+// +build arm64,gc,!purego
+
+package field
+
+//go:noescape
+func carryPropagate(v *Element)
+
+func (v *Element) carryPropagate() *Element {
+	carryPropagate(v)
+	return v
+}
diff --git a/vendor/filippo.io/edwards25519/field/fe_arm64.s b/vendor/filippo.io/edwards25519/field/fe_arm64.s
new file mode 100644
index 000000000..3126a4341
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/field/fe_arm64.s
@@ -0,0 +1,42 @@
+// Copyright (c) 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build arm64 && gc && !purego
+
+#include "textflag.h"
+
+// carryPropagate works exactly like carryPropagateGeneric and uses the
+// same AND, ADD, and LSR+MADD instructions emitted by the compiler, but
+// avoids loading R0-R4 twice and uses LDP and STP.
+//
+// See https://golang.org/issues/43145 for the main compiler issue.
+//
+// func carryPropagate(v *Element)
+TEXT ·carryPropagate(SB),NOFRAME|NOSPLIT,$0-8
+	MOVD v+0(FP), R20
+
+	LDP 0(R20), (R0, R1)
+	LDP 16(R20), (R2, R3)
+	MOVD 32(R20), R4
+
+	AND $0x7ffffffffffff, R0, R10
+	AND $0x7ffffffffffff, R1, R11
+	AND $0x7ffffffffffff, R2, R12
+	AND $0x7ffffffffffff, R3, R13
+	AND $0x7ffffffffffff, R4, R14
+
+	ADD R0>>51, R11, R11
+	ADD R1>>51, R12, R12
+	ADD R2>>51, R13, R13
+	ADD R3>>51, R14, R14
+	// R4>>51 * 19 + R10 -> R10
+	LSR $51, R4, R21
+	MOVD $19, R22
+	MADD R22, R10, R21, R10
+
+	STP (R10, R11), 0(R20)
+	STP (R12, R13), 16(R20)
+	MOVD R14, 32(R20)
+
+	RET
diff --git a/vendor/filippo.io/edwards25519/field/fe_arm64_noasm.go b/vendor/filippo.io/edwards25519/field/fe_arm64_noasm.go
new file mode 100644
index 000000000..234a5b2e5
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/field/fe_arm64_noasm.go
@@ -0,0 +1,12 @@
+// Copyright (c) 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !arm64 || !gc || purego
+// +build !arm64 !gc purego
+
+package field
+
+func (v *Element) carryPropagate() *Element {
+	return v.carryPropagateGeneric()
+}
diff --git a/vendor/filippo.io/edwards25519/field/fe_extra.go b/vendor/filippo.io/edwards25519/field/fe_extra.go
new file mode 100644
index 000000000..1ef503b9a
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/field/fe_extra.go
@@ -0,0 +1,50 @@
+// Copyright (c) 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package field
+
+import "errors"
+
+// This file contains additional functionality that is not included in the
+// upstream crypto/ed25519/edwards25519/field package.
+
+// SetWideBytes sets v to x, where x is a 64-byte little-endian encoding, which
+// is reduced modulo the field order. If x is not of the right length,
+// SetWideBytes returns nil and an error, and the receiver is unchanged.
+//
+// SetWideBytes is not necessary to select a uniformly distributed value, and is
+// only provided for compatibility: SetBytes can be used instead as the chance
+// of bias is less than 2⁻²⁵⁰.
+func (v *Element) SetWideBytes(x []byte) (*Element, error) {
+	if len(x) != 64 {
+		return nil, errors.New("edwards25519: invalid SetWideBytes input size")
+	}
+
+	// Split the 64 bytes into two elements, and extract the most significant
+	// bit of each, which is ignored by SetBytes.
+	lo, _ := new(Element).SetBytes(x[:32])
+	loMSB := uint64(x[31] >> 7)
+	hi, _ := new(Element).SetBytes(x[32:])
+	hiMSB := uint64(x[63] >> 7)
+
+	// The output we want is
+	//
+	//   v = lo + loMSB * 2²⁵⁵ + hi * 2²⁵⁶ + hiMSB * 2⁵¹¹
+	//
+	// which applying the reduction identity comes out to
+	//
+	//   v = lo + loMSB * 19 + hi * 2 * 19 + hiMSB * 2 * 19²
+	//
+	// l0 will be the sum of a 52 bits value (lo.l0), plus a 5 bits value
+	// (loMSB * 19), a 6 bits value (hi.l0 * 2 * 19), and a 10 bits value
+	// (hiMSB * 2 * 19²), so it fits in a uint64.
+
+	v.l0 = lo.l0 + loMSB*19 + hi.l0*2*19 + hiMSB*2*19*19
+	v.l1 = lo.l1 + hi.l1*2*19
+	v.l2 = lo.l2 + hi.l2*2*19
+	v.l3 = lo.l3 + hi.l3*2*19
+	v.l4 = lo.l4 + hi.l4*2*19
+
+	return v.carryPropagate(), nil
+}
diff --git a/vendor/filippo.io/edwards25519/field/fe_generic.go b/vendor/filippo.io/edwards25519/field/fe_generic.go
new file mode 100644
index 000000000..86f5fd955
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/field/fe_generic.go
@@ -0,0 +1,266 @@
+// Copyright (c) 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package field
+
+import "math/bits"
+
+// uint128 holds a 128-bit number as two 64-bit limbs, for use with the
+// bits.Mul64 and bits.Add64 intrinsics.
+type uint128 struct {
+	lo, hi uint64
+}
+
+// mul64 returns a * b.
+func mul64(a, b uint64) uint128 {
+	hi, lo := bits.Mul64(a, b)
+	return uint128{lo, hi}
+}
+
+// addMul64 returns v + a * b.
+func addMul64(v uint128, a, b uint64) uint128 {
+	hi, lo := bits.Mul64(a, b)
+	lo, c := bits.Add64(lo, v.lo, 0)
+	hi, _ = bits.Add64(hi, v.hi, c)
+	return uint128{lo, hi}
+}
+
+// shiftRightBy51 returns a >> 51. a is assumed to be at most 115 bits.
+func shiftRightBy51(a uint128) uint64 {
+	return (a.hi << (64 - 51)) | (a.lo >> 51)
+}
+
+func feMulGeneric(v, a, b *Element) {
+	a0 := a.l0
+	a1 := a.l1
+	a2 := a.l2
+	a3 := a.l3
+	a4 := a.l4
+
+	b0 := b.l0
+	b1 := b.l1
+	b2 := b.l2
+	b3 := b.l3
+	b4 := b.l4
+
+	// Limb multiplication works like pen-and-paper columnar multiplication, but
+	// with 51-bit limbs instead of digits.
+	//
+	//                          a4   a3   a2   a1   a0  x
+	//                          b4   b3   b2   b1   b0  =
+	//                         ------------------------
+	//                        a4b0 a3b0 a2b0 a1b0 a0b0  +
+	//                   a4b1 a3b1 a2b1 a1b1 a0b1       +
+	//              a4b2 a3b2 a2b2 a1b2 a0b2            +
+	//         a4b3 a3b3 a2b3 a1b3 a0b3                 +
+	//    a4b4 a3b4 a2b4 a1b4 a0b4                      =
+	//   ----------------------------------------------
+	//      r8   r7   r6   r5   r4   r3   r2   r1   r0
+	//
+	// We can then use the reduction identity (a * 2²⁵⁵ + b = a * 19 + b) to
+	// reduce the limbs that would overflow 255 bits. r5 * 2²⁵⁵ becomes 19 * r5,
+	// r6 * 2³⁰⁶ becomes 19 * r6 * 2⁵¹, etc.
+	//
+	// Reduction can be carried out simultaneously to multiplication. For
+	// example, we do not compute r5: whenever the result of a multiplication
+	// belongs to r5, like a1b4, we multiply it by 19 and add the result to r0.
+	//
+	//            a4b0    a3b0    a2b0    a1b0    a0b0  +
+	//            a3b1    a2b1    a1b1    a0b1 19×a4b1  +
+	//            a2b2    a1b2    a0b2 19×a4b2 19×a3b2  +
+	//            a1b3    a0b3 19×a4b3 19×a3b3 19×a2b3  +
+	//            a0b4 19×a4b4 19×a3b4 19×a2b4 19×a1b4  =
+	//           --------------------------------------
+	//              r4      r3      r2      r1      r0
+	//
+	// Finally we add up the columns into wide, overlapping limbs.
+
+	a1_19 := a1 * 19
+	a2_19 := a2 * 19
+	a3_19 := a3 * 19
+	a4_19 := a4 * 19
+
+	// r0 = a0×b0 + 19×(a1×b4 + a2×b3 + a3×b2 + a4×b1)
+	r0 := mul64(a0, b0)
+	r0 = addMul64(r0, a1_19, b4)
+	r0 = addMul64(r0, a2_19, b3)
+	r0 = addMul64(r0, a3_19, b2)
+	r0 = addMul64(r0, a4_19, b1)
+
+	// r1 = a0×b1 + a1×b0 + 19×(a2×b4 + a3×b3 + a4×b2)
+	r1 := mul64(a0, b1)
+	r1 = addMul64(r1, a1, b0)
+	r1 = addMul64(r1, a2_19, b4)
+	r1 = addMul64(r1, a3_19, b3)
+	r1 = addMul64(r1, a4_19, b2)
+
+	// r2 = a0×b2 + a1×b1 + a2×b0 + 19×(a3×b4 + a4×b3)
+	r2 := mul64(a0, b2)
+	r2 = addMul64(r2, a1, b1)
+	r2 = addMul64(r2, a2, b0)
+	r2 = addMul64(r2, a3_19, b4)
+	r2 = addMul64(r2, a4_19, b3)
+
+	// r3 = a0×b3 + a1×b2 + a2×b1 + a3×b0 + 19×a4×b4
+	r3 := mul64(a0, b3)
+	r3 = addMul64(r3, a1, b2)
+	r3 = addMul64(r3, a2, b1)
+	r3 = addMul64(r3, a3, b0)
+	r3 = addMul64(r3, a4_19, b4)
+
+	// r4 = a0×b4 + a1×b3 + a2×b2 + a3×b1 + a4×b0
+	r4 := mul64(a0, b4)
+	r4 = addMul64(r4, a1, b3)
+	r4 = addMul64(r4, a2, b2)
+	r4 = addMul64(r4, a3, b1)
+	r4 = addMul64(r4, a4, b0)
+
+	// After the multiplication, we need to reduce (carry) the five coefficients
+	// to obtain a result with limbs that are at most slightly larger than 2⁵¹,
+	// to respect the Element invariant.
+	//
+	// Overall, the reduction works the same as carryPropagate, except with
+	// wider inputs: we take the carry for each coefficient by shifting it right
+	// by 51, and add it to the limb above it. The top carry is multiplied by 19
+	// according to the reduction identity and added to the lowest limb.
+	//
+	// The largest coefficient (r0) will be at most 111 bits, which guarantees
+	// that all carries are at most 111 - 51 = 60 bits, which fits in a uint64.
+	//
+	//     r0 = a0×b0 + 19×(a1×b4 + a2×b3 + a3×b2 + a4×b1)
+	//     r0 < 2⁵²×2⁵² + 19×(2⁵²×2⁵² + 2⁵²×2⁵² + 2⁵²×2⁵² + 2⁵²×2⁵²)
+	//     r0 < (1 + 19 × 4) × 2⁵² × 2⁵²
+	//     r0 < 2⁷ × 2⁵² × 2⁵²
+	//     r0 < 2¹¹¹
+	//
+	// Moreover, the top coefficient (r4) is at most 107 bits, so c4 is at most
+	// 56 bits, and c4 * 19 is at most 61 bits, which again fits in a uint64 and
+	// allows us to easily apply the reduction identity.
+	//
+	//     r4 = a0×b4 + a1×b3 + a2×b2 + a3×b1 + a4×b0
+	//     r4 < 5 × 2⁵² × 2⁵²
+	//     r4 < 2¹⁰⁷
+	//
+
+	c0 := shiftRightBy51(r0)
+	c1 := shiftRightBy51(r1)
+	c2 := shiftRightBy51(r2)
+	c3 := shiftRightBy51(r3)
+	c4 := shiftRightBy51(r4)
+
+	rr0 := r0.lo&maskLow51Bits + c4*19
+	rr1 := r1.lo&maskLow51Bits + c0
+	rr2 := r2.lo&maskLow51Bits + c1
+	rr3 := r3.lo&maskLow51Bits + c2
+	rr4 := r4.lo&maskLow51Bits + c3
+
+	// Now all coefficients fit into 64-bit registers but are still too large to
+	// be passed around as an Element. We therefore do one last carry chain,
+	// where the carries will be small enough to fit in the wiggle room above 2⁵¹.
+	*v = Element{rr0, rr1, rr2, rr3, rr4}
+	v.carryPropagate()
+}
+
+func feSquareGeneric(v, a *Element) {
+	l0 := a.l0
+	l1 := a.l1
+	l2 := a.l2
+	l3 := a.l3
+	l4 := a.l4
+
+	// Squaring works precisely like multiplication above, but thanks to its
+	// symmetry we get to group a few terms together.
+	//
+	//                          l4   l3   l2   l1   l0  x
+	//                          l4   l3   l2   l1   l0  =
+	//                         ------------------------
+	//                        l4l0 l3l0 l2l0 l1l0 l0l0  +
+	//                   l4l1 l3l1 l2l1 l1l1 l0l1       +
+	//              l4l2 l3l2 l2l2 l1l2 l0l2            +
+	//         l4l3 l3l3 l2l3 l1l3 l0l3                 +
+	//    l4l4 l3l4 l2l4 l1l4 l0l4                      =
+	//   ----------------------------------------------
+	//      r8   r7   r6   r5   r4   r3   r2   r1   r0
+	//
+	//            l4l0    l3l0    l2l0    l1l0    l0l0  +
+	//            l3l1    l2l1    l1l1    l0l1 19×l4l1  +
+	//            l2l2    l1l2    l0l2 19×l4l2 19×l3l2  +
+	//            l1l3    l0l3 19×l4l3 19×l3l3 19×l2l3  +
+	//            l0l4 19×l4l4 19×l3l4 19×l2l4 19×l1l4  =
+	//           --------------------------------------
+	//              r4      r3      r2      r1      r0
+	//
+	// With precomputed 2×, 19×, and 2×19× terms, we can compute each limb with
+	// only three Mul64 and four Add64, instead of five and eight.
+
+	l0_2 := l0 * 2
+	l1_2 := l1 * 2
+
+	l1_38 := l1 * 38
+	l2_38 := l2 * 38
+	l3_38 := l3 * 38
+
+	l3_19 := l3 * 19
+	l4_19 := l4 * 19
+
+	// r0 = l0×l0 + 19×(l1×l4 + l2×l3 + l3×l2 + l4×l1) = l0×l0 + 19×2×(l1×l4 + l2×l3)
+	r0 := mul64(l0, l0)
+	r0 = addMul64(r0, l1_38, l4)
+	r0 = addMul64(r0, l2_38, l3)
+
+	// r1 = l0×l1 + l1×l0 + 19×(l2×l4 + l3×l3 + l4×l2) = 2×l0×l1 + 19×2×l2×l4 + 19×l3×l3
+	r1 := mul64(l0_2, l1)
+	r1 = addMul64(r1, l2_38, l4)
+	r1 = addMul64(r1, l3_19, l3)
+
+	// r2 = l0×l2 + l1×l1 + l2×l0 + 19×(l3×l4 + l4×l3) = 2×l0×l2 + l1×l1 + 19×2×l3×l4
+	r2 := mul64(l0_2, l2)
+	r2 = addMul64(r2, l1, l1)
+	r2 = addMul64(r2, l3_38, l4)
+
+	// r3 = l0×l3 + l1×l2 + l2×l1 + l3×l0 + 19×l4×l4 = 2×l0×l3 + 2×l1×l2 + 19×l4×l4
+	r3 := mul64(l0_2, l3)
+	r3 = addMul64(r3, l1_2, l2)
+	r3 = addMul64(r3, l4_19, l4)
+
+	// r4 = l0×l4 + l1×l3 + l2×l2 + l3×l1 + l4×l0 = 2×l0×l4 + 2×l1×l3 + l2×l2
+	r4 := mul64(l0_2, l4)
+	r4 = addMul64(r4, l1_2, l3)
+	r4 = addMul64(r4, l2, l2)
+
+	c0 := shiftRightBy51(r0)
+	c1 := shiftRightBy51(r1)
+	c2 := shiftRightBy51(r2)
+	c3 := shiftRightBy51(r3)
+	c4 := shiftRightBy51(r4)
+
+	rr0 := r0.lo&maskLow51Bits + c4*19
+	rr1 := r1.lo&maskLow51Bits + c0
+	rr2 := r2.lo&maskLow51Bits + c1
+	rr3 := r3.lo&maskLow51Bits + c2
+	rr4 := r4.lo&maskLow51Bits + c3
+
+	*v = Element{rr0, rr1, rr2, rr3, rr4}
+	v.carryPropagate()
+}
+
+// carryPropagateGeneric brings the limbs below 52 bits by applying the reduction
+// identity (a * 2²⁵⁵ + b = a * 19 + b) to the l4 carry.
+func (v *Element) carryPropagateGeneric() *Element {
+	c0 := v.l0 >> 51
+	c1 := v.l1 >> 51
+	c2 := v.l2 >> 51
+	c3 := v.l3 >> 51
+	c4 := v.l4 >> 51
+
+	// c4 is at most 64 - 51 = 13 bits, so c4*19 is at most 18 bits, and
+	// the final l0 will be at most 52 bits. Similarly for the rest.
+	v.l0 = v.l0&maskLow51Bits + c4*19
+	v.l1 = v.l1&maskLow51Bits + c0
+	v.l2 = v.l2&maskLow51Bits + c1
+	v.l3 = v.l3&maskLow51Bits + c2
+	v.l4 = v.l4&maskLow51Bits + c3
+
+	return v
+}
diff --git a/vendor/filippo.io/edwards25519/scalar.go b/vendor/filippo.io/edwards25519/scalar.go
new file mode 100644
index 000000000..3fd165387
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/scalar.go
@@ -0,0 +1,343 @@
+// Copyright (c) 2016 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package edwards25519
+
+import (
+	"encoding/binary"
+	"errors"
+)
+
+// A Scalar is an integer modulo
+//
+//	l = 2^252 + 27742317777372353535851937790883648493
+//
+// which is the prime order of the edwards25519 group.
+//
+// This type works similarly to math/big.Int, and all arguments and
+// receivers are allowed to alias.
+//
+// The zero value is a valid zero element.
+type Scalar struct {
+	// s is the scalar in the Montgomery domain, in the format of the
+	// fiat-crypto implementation.
+	s fiatScalarMontgomeryDomainFieldElement
+}
+
+// The field implementation in scalar_fiat.go is generated by the fiat-crypto
+// project (https://github.com/mit-plv/fiat-crypto) at version v0.0.9 (23d2dbc)
+// from a formally verified model.
+//
+// fiat-crypto code comes under the following license.
+//
+//     Copyright (c) 2015-2020 The fiat-crypto Authors. All rights reserved.
+//
+//     Redistribution and use in source and binary forms, with or without
+//     modification, are permitted provided that the following conditions are
+//     met:
+//
+//         1. Redistributions of source code must retain the above copyright
+//         notice, this list of conditions and the following disclaimer.
+//
+//     THIS SOFTWARE IS PROVIDED BY the fiat-crypto authors "AS IS"
+//     AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
+//     THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+//     PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL Berkeley Software Design,
+//     Inc. BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+//     EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+//     PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+//     PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+//     LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+//     NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+//     SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+//
+
+// NewScalar returns a new zero Scalar.
+func NewScalar() *Scalar {
+	return &Scalar{}
+}
+
+// MultiplyAdd sets s = x * y + z mod l, and returns s. It is equivalent to
+// using Multiply and then Add.
+func (s *Scalar) MultiplyAdd(x, y, z *Scalar) *Scalar {
+	// Make a copy of z in case it aliases s.
+	zCopy := new(Scalar).Set(z)
+	return s.Multiply(x, y).Add(s, zCopy)
+}
+
+// Add sets s = x + y mod l, and returns s.
+func (s *Scalar) Add(x, y *Scalar) *Scalar {
+	// s = 1 * x + y mod l
+	fiatScalarAdd(&s.s, &x.s, &y.s)
+	return s
+}
+
+// Subtract sets s = x - y mod l, and returns s.
+func (s *Scalar) Subtract(x, y *Scalar) *Scalar {
+	// s = -1 * y + x mod l
+	fiatScalarSub(&s.s, &x.s, &y.s)
+	return s
+}
+
+// Negate sets s = -x mod l, and returns s.
+func (s *Scalar) Negate(x *Scalar) *Scalar {
+	// s = -1 * x + 0 mod l
+	fiatScalarOpp(&s.s, &x.s)
+	return s
+}
+
+// Multiply sets s = x * y mod l, and returns s.
+func (s *Scalar) Multiply(x, y *Scalar) *Scalar {
+	// s = x * y + 0 mod l
+	fiatScalarMul(&s.s, &x.s, &y.s)
+	return s
+}
+
+// Set sets s = x, and returns s.
+func (s *Scalar) Set(x *Scalar) *Scalar {
+	*s = *x
+	return s
+}
+
+// SetUniformBytes sets s = x mod l, where x is a 64-byte little-endian integer.
+// If x is not of the right length, SetUniformBytes returns nil and an error,
+// and the receiver is unchanged.
+//
+// SetUniformBytes can be used to set s to a uniformly distributed value given
+// 64 uniformly distributed random bytes.
+func (s *Scalar) SetUniformBytes(x []byte) (*Scalar, error) {
+	if len(x) != 64 {
+		return nil, errors.New("edwards25519: invalid SetUniformBytes input length")
+	}
+
+	// We have a value x of 512 bits, but our fiatScalarFromBytes function
+	// expects an input lower than l, which is a little over 252 bits.
+	//
+	// Instead of writing a reduction function that operates on wider inputs, we
+	// can interpret x as the sum of three shorter values a, b, and c.
+	//
+	//    x = a + b * 2^168 + c * 2^336  mod l
+	//
+	// We then precompute 2^168 and 2^336 modulo l, and perform the reduction
+	// with two multiplications and two additions.
+
+	s.setShortBytes(x[:21])
+	t := new(Scalar).setShortBytes(x[21:42])
+	s.Add(s, t.Multiply(t, scalarTwo168))
+	t.setShortBytes(x[42:])
+	s.Add(s, t.Multiply(t, scalarTwo336))
+
+	return s, nil
+}
+
+// scalarTwo168 and scalarTwo336 are 2^168 and 2^336 modulo l, encoded as a
+// fiatScalarMontgomeryDomainFieldElement, which is a little-endian 4-limb value
+// in the 2^256 Montgomery domain.
+var scalarTwo168 = &Scalar{s: [4]uint64{0x5b8ab432eac74798, 0x38afddd6de59d5d7,
+	0xa2c131b399411b7c, 0x6329a7ed9ce5a30}}
+var scalarTwo336 = &Scalar{s: [4]uint64{0xbd3d108e2b35ecc5, 0x5c3a3718bdf9c90b,
+	0x63aa97a331b4f2ee, 0x3d217f5be65cb5c}}
+
+// setShortBytes sets s = x mod l, where x is a little-endian integer shorter
+// than 32 bytes.
+func (s *Scalar) setShortBytes(x []byte) *Scalar {
+	if len(x) >= 32 {
+		panic("edwards25519: internal error: setShortBytes called with a long string")
+	}
+	var buf [32]byte
+	copy(buf[:], x)
+	fiatScalarFromBytes((*[4]uint64)(&s.s), &buf)
+	fiatScalarToMontgomery(&s.s, (*fiatScalarNonMontgomeryDomainFieldElement)(&s.s))
+	return s
+}
+
+// SetCanonicalBytes sets s = x, where x is a 32-byte little-endian encoding of
+// s, and returns s. If x is not a canonical encoding of s, SetCanonicalBytes
+// returns nil and an error, and the receiver is unchanged.
+func (s *Scalar) SetCanonicalBytes(x []byte) (*Scalar, error) {
+	if len(x) != 32 {
+		return nil, errors.New("invalid scalar length")
+	}
+	if !isReduced(x) {
+		return nil, errors.New("invalid scalar encoding")
+	}
+
+	fiatScalarFromBytes((*[4]uint64)(&s.s), (*[32]byte)(x))
+	fiatScalarToMontgomery(&s.s, (*fiatScalarNonMontgomeryDomainFieldElement)(&s.s))
+
+	return s, nil
+}
+
+// scalarMinusOneBytes is l - 1 in little endian.
+var scalarMinusOneBytes = [32]byte{236, 211, 245, 92, 26, 99, 18, 88, 214, 156, 247, 162, 222, 249, 222, 20, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 16}
+
+// isReduced returns whether the given scalar in 32-byte little endian encoded
+// form is reduced modulo l.
+func isReduced(s []byte) bool {
+	if len(s) != 32 {
+		return false
+	}
+
+	for i := len(s) - 1; i >= 0; i-- {
+		switch {
+		case s[i] > scalarMinusOneBytes[i]:
+			return false
+		case s[i] < scalarMinusOneBytes[i]:
+			return true
+		}
+	}
+	return true
+}
+
+// SetBytesWithClamping applies the buffer pruning described in RFC 8032,
+// Section 5.1.5 (also known as clamping) and sets s to the result. The input
+// must be 32 bytes, and it is not modified. If x is not of the right length,
+// SetBytesWithClamping returns nil and an error, and the receiver is unchanged.
+//
+// Note that since Scalar values are always reduced modulo the prime order of
+// the curve, the resulting value will not preserve any of the cofactor-clearing
+// properties that clamping is meant to provide. It will however work as
+// expected as long as it is applied to points on the prime order subgroup, like
+// in Ed25519. In fact, it is lost to history why RFC 8032 adopted the
+// irrelevant RFC 7748 clamping, but it is now required for compatibility.
+func (s *Scalar) SetBytesWithClamping(x []byte) (*Scalar, error) {
+	// The description above omits the purpose of the high bits of the clamping
+	// for brevity, but those are also lost to reductions, and are also
+	// irrelevant to edwards25519 as they protect against a specific
+	// implementation bug that was once observed in a generic Montgomery ladder.
+	if len(x) != 32 {
+		return nil, errors.New("edwards25519: invalid SetBytesWithClamping input length")
+	}
+
+	// We need to use the wide reduction from SetUniformBytes, since clamping
+	// sets the 2^254 bit, making the value higher than the order.
+	var wideBytes [64]byte
+	copy(wideBytes[:], x[:])
+	wideBytes[0] &= 248
+	wideBytes[31] &= 63
+	wideBytes[31] |= 64
+	return s.SetUniformBytes(wideBytes[:])
+}
+
+// Bytes returns the canonical 32-byte little-endian encoding of s.
+func (s *Scalar) Bytes() []byte {
+	// This function is outlined to make the allocations inline in the caller
+	// rather than happen on the heap.
+	var encoded [32]byte
+	return s.bytes(&encoded)
+}
+
+func (s *Scalar) bytes(out *[32]byte) []byte {
+	var ss fiatScalarNonMontgomeryDomainFieldElement
+	fiatScalarFromMontgomery(&ss, &s.s)
+	fiatScalarToBytes(out, (*[4]uint64)(&ss))
+	return out[:]
+}
+
+// Equal returns 1 if s and t are equal, and 0 otherwise.
+func (s *Scalar) Equal(t *Scalar) int {
+	var diff fiatScalarMontgomeryDomainFieldElement
+	fiatScalarSub(&diff, &s.s, &t.s)
+	var nonzero uint64
+	fiatScalarNonzero(&nonzero, (*[4]uint64)(&diff))
+	nonzero |= nonzero >> 32
+	nonzero |= nonzero >> 16
+	nonzero |= nonzero >> 8
+	nonzero |= nonzero >> 4
+	nonzero |= nonzero >> 2
+	nonzero |= nonzero >> 1
+	return int(^nonzero) & 1
+}
+
+// nonAdjacentForm computes a width-w non-adjacent form for this scalar.
+//
+// w must be between 2 and 8, or nonAdjacentForm will panic.
+func (s *Scalar) nonAdjacentForm(w uint) [256]int8 {
+	// This implementation is adapted from the one
+	// in curve25519-dalek and is documented there:
+	// https://github.com/dalek-cryptography/curve25519-dalek/blob/f630041af28e9a405255f98a8a93adca18e4315b/src/scalar.rs#L800-L871
+	b := s.Bytes()
+	if b[31] > 127 {
+		panic("scalar has high bit set illegally")
+	}
+	if w < 2 {
+		panic("w must be at least 2 by the definition of NAF")
+	} else if w > 8 {
+		panic("NAF digits must fit in int8")
+	}
+
+	var naf [256]int8
+	var digits [5]uint64
+
+	for i := 0; i < 4; i++ {
+		digits[i] = binary.LittleEndian.Uint64(b[i*8:])
+	}
+
+	width := uint64(1 << w)
+	windowMask := uint64(width - 1)
+
+	pos := uint(0)
+	carry := uint64(0)
+	for pos < 256 {
+		indexU64 := pos / 64
+		indexBit := pos % 64
+		var bitBuf uint64
+		if indexBit < 64-w {
+			// This window's bits are contained in a single u64
+			bitBuf = digits[indexU64] >> indexBit
+		} else {
+			// Combine the current 64 bits with bits from the next 64
+			bitBuf = (digits[indexU64] >> indexBit) | (digits[1+indexU64] << (64 - indexBit))
+		}
+
+		// Add carry into the current window
+		window := carry + (bitBuf & windowMask)
+
+		if window&1 == 0 {
+			// If the window value is even, preserve the carry and continue.
+			// Why is the carry preserved?
+			// If carry == 0 and window & 1 == 0,
+			//    then the next carry should be 0
+			// If carry == 1 and window & 1 == 0,
+			//    then bit_buf & 1 == 1 so the next carry should be 1
+			pos += 1
+			continue
+		}
+
+		if window < width/2 {
+			carry = 0
+			naf[pos] = int8(window)
+		} else {
+			carry = 1
+			naf[pos] = int8(window) - int8(width)
+		}
+
+		pos += w
+	}
+	return naf
+}
+
+func (s *Scalar) signedRadix16() [64]int8 {
+	b := s.Bytes()
+	if b[31] > 127 {
+		panic("scalar has high bit set illegally")
+	}
+
+	var digits [64]int8
+
+	// Compute unsigned radix-16 digits:
+	for i := 0; i < 32; i++ {
+		digits[2*i] = int8(b[i] & 15)
+		digits[2*i+1] = int8((b[i] >> 4) & 15)
+	}
+
+	// Recenter coefficients:
+	for i := 0; i < 63; i++ {
+		carry := (digits[i] + 8) >> 4
+		digits[i] -= carry << 4
+		digits[i+1] += carry
+	}
+
+	return digits
+}
diff --git a/vendor/filippo.io/edwards25519/scalar_fiat.go b/vendor/filippo.io/edwards25519/scalar_fiat.go
new file mode 100644
index 000000000..2e5782b60
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/scalar_fiat.go
@@ -0,0 +1,1147 @@
+// Code generated by Fiat Cryptography. DO NOT EDIT.
+//
+// Autogenerated: word_by_word_montgomery --lang Go --cmovznz-by-mul --relax-primitive-carry-to-bitwidth 32,64 --public-function-case camelCase --public-type-case camelCase --private-function-case camelCase --private-type-case camelCase --doc-text-before-function-name '' --doc-newline-before-package-declaration --doc-prepend-header 'Code generated by Fiat Cryptography. DO NOT EDIT.' --package-name edwards25519 Scalar 64 '2^252 + 27742317777372353535851937790883648493' mul add sub opp nonzero from_montgomery to_montgomery to_bytes from_bytes
+//
+// curve description: Scalar
+//
+// machine_wordsize = 64 (from "64")
+//
+// requested operations: mul, add, sub, opp, nonzero, from_montgomery, to_montgomery, to_bytes, from_bytes
+//
+// m = 0x1000000000000000000000000000000014def9dea2f79cd65812631a5cf5d3ed (from "2^252 + 27742317777372353535851937790883648493")
+//
+//
+//
+// NOTE: In addition to the bounds specified above each function, all
+//
+//   functions synthesized for this Montgomery arithmetic require the
+//
+//   input to be strictly less than the prime modulus (m), and also
+//
+//   require the input to be in the unique saturated representation.
+//
+//   All functions also ensure that these two properties are true of
+//
+//   return values.
+//
+//
+//
+// Computed values:
+//
+//   eval z = z[0] + (z[1] << 64) + (z[2] << 128) + (z[3] << 192)
+//
+//   bytes_eval z = z[0] + (z[1] << 8) + (z[2] << 16) + (z[3] << 24) + (z[4] << 32) + (z[5] << 40) + (z[6] << 48) + (z[7] << 56) + (z[8] << 64) + (z[9] << 72) + (z[10] << 80) + (z[11] << 88) + (z[12] << 96) + (z[13] << 104) + (z[14] << 112) + (z[15] << 120) + (z[16] << 128) + (z[17] << 136) + (z[18] << 144) + (z[19] << 152) + (z[20] << 160) + (z[21] << 168) + (z[22] << 176) + (z[23] << 184) + (z[24] << 192) + (z[25] << 200) + (z[26] << 208) + (z[27] << 216) + (z[28] << 224) + (z[29] << 232) + (z[30] << 240) + (z[31] << 248)
+//
+//   twos_complement_eval z = let x1 := z[0] + (z[1] << 64) + (z[2] << 128) + (z[3] << 192) in
+//
+//                            if x1 & (2^256-1) < 2^255 then x1 & (2^256-1) else (x1 & (2^256-1)) - 2^256
+
+package edwards25519
+
+import "math/bits"
+
+type fiatScalarUint1 uint64 // We use uint64 instead of a more narrow type for performance reasons; see https://github.com/mit-plv/fiat-crypto/pull/1006#issuecomment-892625927
+type fiatScalarInt1 int64   // We use uint64 instead of a more narrow type for performance reasons; see https://github.com/mit-plv/fiat-crypto/pull/1006#issuecomment-892625927
+
+// The type fiatScalarMontgomeryDomainFieldElement is a field element in the Montgomery domain.
+//
+// Bounds: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
+type fiatScalarMontgomeryDomainFieldElement [4]uint64
+
+// The type fiatScalarNonMontgomeryDomainFieldElement is a field element NOT in the Montgomery domain.
+//
+// Bounds: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
+type fiatScalarNonMontgomeryDomainFieldElement [4]uint64
+
+// fiatScalarCmovznzU64 is a single-word conditional move.
+//
+// Postconditions:
+//
+//	out1 = (if arg1 = 0 then arg2 else arg3)
+//
+// Input Bounds:
+//
+//	arg1: [0x0 ~> 0x1]
+//	arg2: [0x0 ~> 0xffffffffffffffff]
+//	arg3: [0x0 ~> 0xffffffffffffffff]
+//
+// Output Bounds:
+//
+//	out1: [0x0 ~> 0xffffffffffffffff]
+func fiatScalarCmovznzU64(out1 *uint64, arg1 fiatScalarUint1, arg2 uint64, arg3 uint64) {
+	x1 := (uint64(arg1) * 0xffffffffffffffff)
+	x2 := ((x1 & arg3) | ((^x1) & arg2))
+	*out1 = x2
+}
+
+// fiatScalarMul multiplies two field elements in the Montgomery domain.
+//
+// Preconditions:
+//
+//	0 ≤ eval arg1 < m
+//	0 ≤ eval arg2 < m
+//
+// Postconditions:
+//
+//	eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) * eval (from_montgomery arg2)) mod m
+//	0 ≤ eval out1 < m
+func fiatScalarMul(out1 *fiatScalarMontgomeryDomainFieldElement, arg1 *fiatScalarMontgomeryDomainFieldElement, arg2 *fiatScalarMontgomeryDomainFieldElement) {
+	x1 := arg1[1]
+	x2 := arg1[2]
+	x3 := arg1[3]
+	x4 := arg1[0]
+	var x5 uint64
+	var x6 uint64
+	x6, x5 = bits.Mul64(x4, arg2[3])
+	var x7 uint64
+	var x8 uint64
+	x8, x7 = bits.Mul64(x4, arg2[2])
+	var x9 uint64
+	var x10 uint64
+	x10, x9 = bits.Mul64(x4, arg2[1])
+	var x11 uint64
+	var x12 uint64
+	x12, x11 = bits.Mul64(x4, arg2[0])
+	var x13 uint64
+	var x14 uint64
+	x13, x14 = bits.Add64(x12, x9, uint64(0x0))
+	var x15 uint64
+	var x16 uint64
+	x15, x16 = bits.Add64(x10, x7, uint64(fiatScalarUint1(x14)))
+	var x17 uint64
+	var x18 uint64
+	x17, x18 = bits.Add64(x8, x5, uint64(fiatScalarUint1(x16)))
+	x19 := (uint64(fiatScalarUint1(x18)) + x6)
+	var x20 uint64
+	_, x20 = bits.Mul64(x11, 0xd2b51da312547e1b)
+	var x22 uint64
+	var x23 uint64
+	x23, x22 = bits.Mul64(x20, 0x1000000000000000)
+	var x24 uint64
+	var x25 uint64
+	x25, x24 = bits.Mul64(x20, 0x14def9dea2f79cd6)
+	var x26 uint64
+	var x27 uint64
+	x27, x26 = bits.Mul64(x20, 0x5812631a5cf5d3ed)
+	var x28 uint64
+	var x29 uint64
+	x28, x29 = bits.Add64(x27, x24, uint64(0x0))
+	x30 := (uint64(fiatScalarUint1(x29)) + x25)
+	var x32 uint64
+	_, x32 = bits.Add64(x11, x26, uint64(0x0))
+	var x33 uint64
+	var x34 uint64
+	x33, x34 = bits.Add64(x13, x28, uint64(fiatScalarUint1(x32)))
+	var x35 uint64
+	var x36 uint64
+	x35, x36 = bits.Add64(x15, x30, uint64(fiatScalarUint1(x34)))
+	var x37 uint64
+	var x38 uint64
+	x37, x38 = bits.Add64(x17, x22, uint64(fiatScalarUint1(x36)))
+	var x39 uint64
+	var x40 uint64
+	x39, x40 = bits.Add64(x19, x23, uint64(fiatScalarUint1(x38)))
+	var x41 uint64
+	var x42 uint64
+	x42, x41 = bits.Mul64(x1, arg2[3])
+	var x43 uint64
+	var x44 uint64
+	x44, x43 = bits.Mul64(x1, arg2[2])
+	var x45 uint64
+	var x46 uint64
+	x46, x45 = bits.Mul64(x1, arg2[1])
+	var x47 uint64
+	var x48 uint64
+	x48, x47 = bits.Mul64(x1, arg2[0])
+	var x49 uint64
+	var x50 uint64
+	x49, x50 = bits.Add64(x48, x45, uint64(0x0))
+	var x51 uint64
+	var x52 uint64
+	x51, x52 = bits.Add64(x46, x43, uint64(fiatScalarUint1(x50)))
+	var x53 uint64
+	var x54 uint64
+	x53, x54 = bits.Add64(x44, x41, uint64(fiatScalarUint1(x52)))
+	x55 := (uint64(fiatScalarUint1(x54)) + x42)
+	var x56 uint64
+	var x57 uint64
+	x56, x57 = bits.Add64(x33, x47, uint64(0x0))
+	var x58 uint64
+	var x59 uint64
+	x58, x59 = bits.Add64(x35, x49, uint64(fiatScalarUint1(x57)))
+	var x60 uint64
+	var x61 uint64
+	x60, x61 = bits.Add64(x37, x51, uint64(fiatScalarUint1(x59)))
+	var x62 uint64
+	var x63 uint64
+	x62, x63 = bits.Add64(x39, x53, uint64(fiatScalarUint1(x61)))
+	var x64 uint64
+	var x65 uint64
+	x64, x65 = bits.Add64(uint64(fiatScalarUint1(x40)), x55, uint64(fiatScalarUint1(x63)))
+	var x66 uint64
+	_, x66 = bits.Mul64(x56, 0xd2b51da312547e1b)
+	var x68 uint64
+	var x69 uint64
+	x69, x68 = bits.Mul64(x66, 0x1000000000000000)
+	var x70 uint64
+	var x71 uint64
+	x71, x70 = bits.Mul64(x66, 0x14def9dea2f79cd6)
+	var x72 uint64
+	var x73 uint64
+	x73, x72 = bits.Mul64(x66, 0x5812631a5cf5d3ed)
+	var x74 uint64
+	var x75 uint64
+	x74, x75 = bits.Add64(x73, x70, uint64(0x0))
+	x76 := (uint64(fiatScalarUint1(x75)) + x71)
+	var x78 uint64
+	_, x78 = bits.Add64(x56, x72, uint64(0x0))
+	var x79 uint64
+	var x80 uint64
+	x79, x80 = bits.Add64(x58, x74, uint64(fiatScalarUint1(x78)))
+	var x81 uint64
+	var x82 uint64
+	x81, x82 = bits.Add64(x60, x76, uint64(fiatScalarUint1(x80)))
+	var x83 uint64
+	var x84 uint64
+	x83, x84 = bits.Add64(x62, x68, uint64(fiatScalarUint1(x82)))
+	var x85 uint64
+	var x86 uint64
+	x85, x86 = bits.Add64(x64, x69, uint64(fiatScalarUint1(x84)))
+	x87 := (uint64(fiatScalarUint1(x86)) + uint64(fiatScalarUint1(x65)))
+	var x88 uint64
+	var x89 uint64
+	x89, x88 = bits.Mul64(x2, arg2[3])
+	var x90 uint64
+	var x91 uint64
+	x91, x90 = bits.Mul64(x2, arg2[2])
+	var x92 uint64
+	var x93 uint64
+	x93, x92 = bits.Mul64(x2, arg2[1])
+	var x94 uint64
+	var x95 uint64
+	x95, x94 = bits.Mul64(x2, arg2[0])
+	var x96 uint64
+	var x97 uint64
+	x96, x97 = bits.Add64(x95, x92, uint64(0x0))
+	var x98 uint64
+	var x99 uint64
+	x98, x99 = bits.Add64(x93, x90, uint64(fiatScalarUint1(x97)))
+	var x100 uint64
+	var x101 uint64
+	x100, x101 = bits.Add64(x91, x88, uint64(fiatScalarUint1(x99)))
+	x102 := (uint64(fiatScalarUint1(x101)) + x89)
+	var x103 uint64
+	var x104 uint64
+	x103, x104 = bits.Add64(x79, x94, uint64(0x0))
+	var x105 uint64
+	var x106 uint64
+	x105, x106 = bits.Add64(x81, x96, uint64(fiatScalarUint1(x104)))
+	var x107 uint64
+	var x108 uint64
+	x107, x108 = bits.Add64(x83, x98, uint64(fiatScalarUint1(x106)))
+	var x109 uint64
+	var x110 uint64
+	x109, x110 = bits.Add64(x85, x100, uint64(fiatScalarUint1(x108)))
+	var x111 uint64
+	var x112 uint64
+	x111, x112 = bits.Add64(x87, x102, uint64(fiatScalarUint1(x110)))
+	var x113 uint64
+	_, x113 = bits.Mul64(x103, 0xd2b51da312547e1b)
+	var x115 uint64
+	var x116 uint64
+	x116, x115 = bits.Mul64(x113, 0x1000000000000000)
+	var x117 uint64
+	var x118 uint64
+	x118, x117 = bits.Mul64(x113, 0x14def9dea2f79cd6)
+	var x119 uint64
+	var x120 uint64
+	x120, x119 = bits.Mul64(x113, 0x5812631a5cf5d3ed)
+	var x121 uint64
+	var x122 uint64
+	x121, x122 = bits.Add64(x120, x117, uint64(0x0))
+	x123 := (uint64(fiatScalarUint1(x122)) + x118)
+	var x125 uint64
+	_, x125 = bits.Add64(x103, x119, uint64(0x0))
+	var x126 uint64
+	var x127 uint64
+	x126, x127 = bits.Add64(x105, x121, uint64(fiatScalarUint1(x125)))
+	var x128 uint64
+	var x129 uint64
+	x128, x129 = bits.Add64(x107, x123, uint64(fiatScalarUint1(x127)))
+	var x130 uint64
+	var x131 uint64
+	x130, x131 = bits.Add64(x109, x115, uint64(fiatScalarUint1(x129)))
+	var x132 uint64
+	var x133 uint64
+	x132, x133 = bits.Add64(x111, x116, uint64(fiatScalarUint1(x131)))
+	x134 := (uint64(fiatScalarUint1(x133)) + uint64(fiatScalarUint1(x112)))
+	var x135 uint64
+	var x136 uint64
+	x136, x135 = bits.Mul64(x3, arg2[3])
+	var x137 uint64
+	var x138 uint64
+	x138, x137 = bits.Mul64(x3, arg2[2])
+	var x139 uint64
+	var x140 uint64
+	x140, x139 = bits.Mul64(x3, arg2[1])
+	var x141 uint64
+	var x142 uint64
+	x142, x141 = bits.Mul64(x3, arg2[0])
+	var x143 uint64
+	var x144 uint64
+	x143, x144 = bits.Add64(x142, x139, uint64(0x0))
+	var x145 uint64
+	var x146 uint64
+	x145, x146 = bits.Add64(x140, x137, uint64(fiatScalarUint1(x144)))
+	var x147 uint64
+	var x148 uint64
+	x147, x148 = bits.Add64(x138, x135, uint64(fiatScalarUint1(x146)))
+	x149 := (uint64(fiatScalarUint1(x148)) + x136)
+	var x150 uint64
+	var x151 uint64
+	x150, x151 = bits.Add64(x126, x141, uint64(0x0))
+	var x152 uint64
+	var x153 uint64
+	x152, x153 = bits.Add64(x128, x143, uint64(fiatScalarUint1(x151)))
+	var x154 uint64
+	var x155 uint64
+	x154, x155 = bits.Add64(x130, x145, uint64(fiatScalarUint1(x153)))
+	var x156 uint64
+	var x157 uint64
+	x156, x157 = bits.Add64(x132, x147, uint64(fiatScalarUint1(x155)))
+	var x158 uint64
+	var x159 uint64
+	x158, x159 = bits.Add64(x134, x149, uint64(fiatScalarUint1(x157)))
+	var x160 uint64
+	_, x160 = bits.Mul64(x150, 0xd2b51da312547e1b)
+	var x162 uint64
+	var x163 uint64
+	x163, x162 = bits.Mul64(x160, 0x1000000000000000)
+	var x164 uint64
+	var x165 uint64
+	x165, x164 = bits.Mul64(x160, 0x14def9dea2f79cd6)
+	var x166 uint64
+	var x167 uint64
+	x167, x166 = bits.Mul64(x160, 0x5812631a5cf5d3ed)
+	var x168 uint64
+	var x169 uint64
+	x168, x169 = bits.Add64(x167, x164, uint64(0x0))
+	x170 := (uint64(fiatScalarUint1(x169)) + x165)
+	var x172 uint64
+	_, x172 = bits.Add64(x150, x166, uint64(0x0))
+	var x173 uint64
+	var x174 uint64
+	x173, x174 = bits.Add64(x152, x168, uint64(fiatScalarUint1(x172)))
+	var x175 uint64
+	var x176 uint64
+	x175, x176 = bits.Add64(x154, x170, uint64(fiatScalarUint1(x174)))
+	var x177 uint64
+	var x178 uint64
+	x177, x178 = bits.Add64(x156, x162, uint64(fiatScalarUint1(x176)))
+	var x179 uint64
+	var x180 uint64
+	x179, x180 = bits.Add64(x158, x163, uint64(fiatScalarUint1(x178)))
+	x181 := (uint64(fiatScalarUint1(x180)) + uint64(fiatScalarUint1(x159)))
+	var x182 uint64
+	var x183 uint64
+	x182, x183 = bits.Sub64(x173, 0x5812631a5cf5d3ed, uint64(0x0))
+	var x184 uint64
+	var x185 uint64
+	x184, x185 = bits.Sub64(x175, 0x14def9dea2f79cd6, uint64(fiatScalarUint1(x183)))
+	var x186 uint64
+	var x187 uint64
+	x186, x187 = bits.Sub64(x177, uint64(0x0), uint64(fiatScalarUint1(x185)))
+	var x188 uint64
+	var x189 uint64
+	x188, x189 = bits.Sub64(x179, 0x1000000000000000, uint64(fiatScalarUint1(x187)))
+	var x191 uint64
+	_, x191 = bits.Sub64(x181, uint64(0x0), uint64(fiatScalarUint1(x189)))
+	var x192 uint64
+	fiatScalarCmovznzU64(&x192, fiatScalarUint1(x191), x182, x173)
+	var x193 uint64
+	fiatScalarCmovznzU64(&x193, fiatScalarUint1(x191), x184, x175)
+	var x194 uint64
+	fiatScalarCmovznzU64(&x194, fiatScalarUint1(x191), x186, x177)
+	var x195 uint64
+	fiatScalarCmovznzU64(&x195, fiatScalarUint1(x191), x188, x179)
+	out1[0] = x192
+	out1[1] = x193
+	out1[2] = x194
+	out1[3] = x195
+}
+
+// fiatScalarAdd adds two field elements in the Montgomery domain.
+//
+// Preconditions:
+//
+//	0 ≤ eval arg1 < m
+//	0 ≤ eval arg2 < m
+//
+// Postconditions:
+//
+//	eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) + eval (from_montgomery arg2)) mod m
+//	0 ≤ eval out1 < m
+func fiatScalarAdd(out1 *fiatScalarMontgomeryDomainFieldElement, arg1 *fiatScalarMontgomeryDomainFieldElement, arg2 *fiatScalarMontgomeryDomainFieldElement) {
+	var x1 uint64
+	var x2 uint64
+	x1, x2 = bits.Add64(arg1[0], arg2[0], uint64(0x0))
+	var x3 uint64
+	var x4 uint64
+	x3, x4 = bits.Add64(arg1[1], arg2[1], uint64(fiatScalarUint1(x2)))
+	var x5 uint64
+	var x6 uint64
+	x5, x6 = bits.Add64(arg1[2], arg2[2], uint64(fiatScalarUint1(x4)))
+	var x7 uint64
+	var x8 uint64
+	x7, x8 = bits.Add64(arg1[3], arg2[3], uint64(fiatScalarUint1(x6)))
+	var x9 uint64
+	var x10 uint64
+	x9, x10 = bits.Sub64(x1, 0x5812631a5cf5d3ed, uint64(0x0))
+	var x11 uint64
+	var x12 uint64
+	x11, x12 = bits.Sub64(x3, 0x14def9dea2f79cd6, uint64(fiatScalarUint1(x10)))
+	var x13 uint64
+	var x14 uint64
+	x13, x14 = bits.Sub64(x5, uint64(0x0), uint64(fiatScalarUint1(x12)))
+	var x15 uint64
+	var x16 uint64
+	x15, x16 = bits.Sub64(x7, 0x1000000000000000, uint64(fiatScalarUint1(x14)))
+	var x18 uint64
+	_, x18 = bits.Sub64(uint64(fiatScalarUint1(x8)), uint64(0x0), uint64(fiatScalarUint1(x16)))
+	var x19 uint64
+	fiatScalarCmovznzU64(&x19, fiatScalarUint1(x18), x9, x1)
+	var x20 uint64
+	fiatScalarCmovznzU64(&x20, fiatScalarUint1(x18), x11, x3)
+	var x21 uint64
+	fiatScalarCmovznzU64(&x21, fiatScalarUint1(x18), x13, x5)
+	var x22 uint64
+	fiatScalarCmovznzU64(&x22, fiatScalarUint1(x18), x15, x7)
+	out1[0] = x19
+	out1[1] = x20
+	out1[2] = x21
+	out1[3] = x22
+}
+
+// fiatScalarSub subtracts two field elements in the Montgomery domain.
+//
+// Preconditions:
+//
+//	0 ≤ eval arg1 < m
+//	0 ≤ eval arg2 < m
+//
+// Postconditions:
+//
+//	eval (from_montgomery out1) mod m = (eval (from_montgomery arg1) - eval (from_montgomery arg2)) mod m
+//	0 ≤ eval out1 < m
+func fiatScalarSub(out1 *fiatScalarMontgomeryDomainFieldElement, arg1 *fiatScalarMontgomeryDomainFieldElement, arg2 *fiatScalarMontgomeryDomainFieldElement) {
+	var x1 uint64
+	var x2 uint64
+	x1, x2 = bits.Sub64(arg1[0], arg2[0], uint64(0x0))
+	var x3 uint64
+	var x4 uint64
+	x3, x4 = bits.Sub64(arg1[1], arg2[1], uint64(fiatScalarUint1(x2)))
+	var x5 uint64
+	var x6 uint64
+	x5, x6 = bits.Sub64(arg1[2], arg2[2], uint64(fiatScalarUint1(x4)))
+	var x7 uint64
+	var x8 uint64
+	x7, x8 = bits.Sub64(arg1[3], arg2[3], uint64(fiatScalarUint1(x6)))
+	var x9 uint64
+	fiatScalarCmovznzU64(&x9, fiatScalarUint1(x8), uint64(0x0), 0xffffffffffffffff)
+	var x10 uint64
+	var x11 uint64
+	x10, x11 = bits.Add64(x1, (x9 & 0x5812631a5cf5d3ed), uint64(0x0))
+	var x12 uint64
+	var x13 uint64
+	x12, x13 = bits.Add64(x3, (x9 & 0x14def9dea2f79cd6), uint64(fiatScalarUint1(x11)))
+	var x14 uint64
+	var x15 uint64
+	x14, x15 = bits.Add64(x5, uint64(0x0), uint64(fiatScalarUint1(x13)))
+	var x16 uint64
+	x16, _ = bits.Add64(x7, (x9 & 0x1000000000000000), uint64(fiatScalarUint1(x15)))
+	out1[0] = x10
+	out1[1] = x12
+	out1[2] = x14
+	out1[3] = x16
+}
+
+// fiatScalarOpp negates a field element in the Montgomery domain.
+//
+// Preconditions:
+//
+//	0 ≤ eval arg1 < m
+//
+// Postconditions:
+//
+//	eval (from_montgomery out1) mod m = -eval (from_montgomery arg1) mod m
+//	0 ≤ eval out1 < m
+func fiatScalarOpp(out1 *fiatScalarMontgomeryDomainFieldElement, arg1 *fiatScalarMontgomeryDomainFieldElement) {
+	var x1 uint64
+	var x2 uint64
+	x1, x2 = bits.Sub64(uint64(0x0), arg1[0], uint64(0x0))
+	var x3 uint64
+	var x4 uint64
+	x3, x4 = bits.Sub64(uint64(0x0), arg1[1], uint64(fiatScalarUint1(x2)))
+	var x5 uint64
+	var x6 uint64
+	x5, x6 = bits.Sub64(uint64(0x0), arg1[2], uint64(fiatScalarUint1(x4)))
+	var x7 uint64
+	var x8 uint64
+	x7, x8 = bits.Sub64(uint64(0x0), arg1[3], uint64(fiatScalarUint1(x6)))
+	var x9 uint64
+	fiatScalarCmovznzU64(&x9, fiatScalarUint1(x8), uint64(0x0), 0xffffffffffffffff)
+	var x10 uint64
+	var x11 uint64
+	x10, x11 = bits.Add64(x1, (x9 & 0x5812631a5cf5d3ed), uint64(0x0))
+	var x12 uint64
+	var x13 uint64
+	x12, x13 = bits.Add64(x3, (x9 & 0x14def9dea2f79cd6), uint64(fiatScalarUint1(x11)))
+	var x14 uint64
+	var x15 uint64
+	x14, x15 = bits.Add64(x5, uint64(0x0), uint64(fiatScalarUint1(x13)))
+	var x16 uint64
+	x16, _ = bits.Add64(x7, (x9 & 0x1000000000000000), uint64(fiatScalarUint1(x15)))
+	out1[0] = x10
+	out1[1] = x12
+	out1[2] = x14
+	out1[3] = x16
+}
+
+// fiatScalarNonzero outputs a single non-zero word if the input is non-zero and zero otherwise.
+//
+// Preconditions:
+//
+//	0 ≤ eval arg1 < m
+//
+// Postconditions:
+//
+//	out1 = 0 ↔ eval (from_montgomery arg1) mod m = 0
+//
+// Input Bounds:
+//
+//	arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff]]
+//
+// Output Bounds:
+//
+//	out1: [0x0 ~> 0xffffffffffffffff]
+func fiatScalarNonzero(out1 *uint64, arg1 *[4]uint64) {
+	x1 := (arg1[0] | (arg1[1] | (arg1[2] | arg1[3])))
+	*out1 = x1
+}
+
+// fiatScalarFromMontgomery translates a field element out of the Montgomery domain.
+//
+// Preconditions:
+//
+//	0 ≤ eval arg1 < m
+//
+// Postconditions:
+//
+//	eval out1 mod m = (eval arg1 * ((2^64)⁻¹ mod m)^4) mod m
+//	0 ≤ eval out1 < m
+func fiatScalarFromMontgomery(out1 *fiatScalarNonMontgomeryDomainFieldElement, arg1 *fiatScalarMontgomeryDomainFieldElement) {
+	x1 := arg1[0]
+	var x2 uint64
+	_, x2 = bits.Mul64(x1, 0xd2b51da312547e1b)
+	var x4 uint64
+	var x5 uint64
+	x5, x4 = bits.Mul64(x2, 0x1000000000000000)
+	var x6 uint64
+	var x7 uint64
+	x7, x6 = bits.Mul64(x2, 0x14def9dea2f79cd6)
+	var x8 uint64
+	var x9 uint64
+	x9, x8 = bits.Mul64(x2, 0x5812631a5cf5d3ed)
+	var x10 uint64
+	var x11 uint64
+	x10, x11 = bits.Add64(x9, x6, uint64(0x0))
+	var x13 uint64
+	_, x13 = bits.Add64(x1, x8, uint64(0x0))
+	var x14 uint64
+	var x15 uint64
+	x14, x15 = bits.Add64(uint64(0x0), x10, uint64(fiatScalarUint1(x13)))
+	var x16 uint64
+	var x17 uint64
+	x16, x17 = bits.Add64(x14, arg1[1], uint64(0x0))
+	var x18 uint64
+	_, x18 = bits.Mul64(x16, 0xd2b51da312547e1b)
+	var x20 uint64
+	var x21 uint64
+	x21, x20 = bits.Mul64(x18, 0x1000000000000000)
+	var x22 uint64
+	var x23 uint64
+	x23, x22 = bits.Mul64(x18, 0x14def9dea2f79cd6)
+	var x24 uint64
+	var x25 uint64
+	x25, x24 = bits.Mul64(x18, 0x5812631a5cf5d3ed)
+	var x26 uint64
+	var x27 uint64
+	x26, x27 = bits.Add64(x25, x22, uint64(0x0))
+	var x29 uint64
+	_, x29 = bits.Add64(x16, x24, uint64(0x0))
+	var x30 uint64
+	var x31 uint64
+	x30, x31 = bits.Add64((uint64(fiatScalarUint1(x17)) + (uint64(fiatScalarUint1(x15)) + (uint64(fiatScalarUint1(x11)) + x7))), x26, uint64(fiatScalarUint1(x29)))
+	var x32 uint64
+	var x33 uint64
+	x32, x33 = bits.Add64(x4, (uint64(fiatScalarUint1(x27)) + x23), uint64(fiatScalarUint1(x31)))
+	var x34 uint64
+	var x35 uint64
+	x34, x35 = bits.Add64(x5, x20, uint64(fiatScalarUint1(x33)))
+	var x36 uint64
+	var x37 uint64
+	x36, x37 = bits.Add64(x30, arg1[2], uint64(0x0))
+	var x38 uint64
+	var x39 uint64
+	x38, x39 = bits.Add64(x32, uint64(0x0), uint64(fiatScalarUint1(x37)))
+	var x40 uint64
+	var x41 uint64
+	x40, x41 = bits.Add64(x34, uint64(0x0), uint64(fiatScalarUint1(x39)))
+	var x42 uint64
+	_, x42 = bits.Mul64(x36, 0xd2b51da312547e1b)
+	var x44 uint64
+	var x45 uint64
+	x45, x44 = bits.Mul64(x42, 0x1000000000000000)
+	var x46 uint64
+	var x47 uint64
+	x47, x46 = bits.Mul64(x42, 0x14def9dea2f79cd6)
+	var x48 uint64
+	var x49 uint64
+	x49, x48 = bits.Mul64(x42, 0x5812631a5cf5d3ed)
+	var x50 uint64
+	var x51 uint64
+	x50, x51 = bits.Add64(x49, x46, uint64(0x0))
+	var x53 uint64
+	_, x53 = bits.Add64(x36, x48, uint64(0x0))
+	var x54 uint64
+	var x55 uint64
+	x54, x55 = bits.Add64(x38, x50, uint64(fiatScalarUint1(x53)))
+	var x56 uint64
+	var x57 uint64
+	x56, x57 = bits.Add64(x40, (uint64(fiatScalarUint1(x51)) + x47), uint64(fiatScalarUint1(x55)))
+	var x58 uint64
+	var x59 uint64
+	x58, x59 = bits.Add64((uint64(fiatScalarUint1(x41)) + (uint64(fiatScalarUint1(x35)) + x21)), x44, uint64(fiatScalarUint1(x57)))
+	var x60 uint64
+	var x61 uint64
+	x60, x61 = bits.Add64(x54, arg1[3], uint64(0x0))
+	var x62 uint64
+	var x63 uint64
+	x62, x63 = bits.Add64(x56, uint64(0x0), uint64(fiatScalarUint1(x61)))
+	var x64 uint64
+	var x65 uint64
+	x64, x65 = bits.Add64(x58, uint64(0x0), uint64(fiatScalarUint1(x63)))
+	var x66 uint64
+	_, x66 = bits.Mul64(x60, 0xd2b51da312547e1b)
+	var x68 uint64
+	var x69 uint64
+	x69, x68 = bits.Mul64(x66, 0x1000000000000000)
+	var x70 uint64
+	var x71 uint64
+	x71, x70 = bits.Mul64(x66, 0x14def9dea2f79cd6)
+	var x72 uint64
+	var x73 uint64
+	x73, x72 = bits.Mul64(x66, 0x5812631a5cf5d3ed)
+	var x74 uint64
+	var x75 uint64
+	x74, x75 = bits.Add64(x73, x70, uint64(0x0))
+	var x77 uint64
+	_, x77 = bits.Add64(x60, x72, uint64(0x0))
+	var x78 uint64
+	var x79 uint64
+	x78, x79 = bits.Add64(x62, x74, uint64(fiatScalarUint1(x77)))
+	var x80 uint64
+	var x81 uint64
+	x80, x81 = bits.Add64(x64, (uint64(fiatScalarUint1(x75)) + x71), uint64(fiatScalarUint1(x79)))
+	var x82 uint64
+	var x83 uint64
+	x82, x83 = bits.Add64((uint64(fiatScalarUint1(x65)) + (uint64(fiatScalarUint1(x59)) + x45)), x68, uint64(fiatScalarUint1(x81)))
+	x84 := (uint64(fiatScalarUint1(x83)) + x69)
+	var x85 uint64
+	var x86 uint64
+	x85, x86 = bits.Sub64(x78, 0x5812631a5cf5d3ed, uint64(0x0))
+	var x87 uint64
+	var x88 uint64
+	x87, x88 = bits.Sub64(x80, 0x14def9dea2f79cd6, uint64(fiatScalarUint1(x86)))
+	var x89 uint64
+	var x90 uint64
+	x89, x90 = bits.Sub64(x82, uint64(0x0), uint64(fiatScalarUint1(x88)))
+	var x91 uint64
+	var x92 uint64
+	x91, x92 = bits.Sub64(x84, 0x1000000000000000, uint64(fiatScalarUint1(x90)))
+	var x94 uint64
+	_, x94 = bits.Sub64(uint64(0x0), uint64(0x0), uint64(fiatScalarUint1(x92)))
+	var x95 uint64
+	fiatScalarCmovznzU64(&x95, fiatScalarUint1(x94), x85, x78)
+	var x96 uint64
+	fiatScalarCmovznzU64(&x96, fiatScalarUint1(x94), x87, x80)
+	var x97 uint64
+	fiatScalarCmovznzU64(&x97, fiatScalarUint1(x94), x89, x82)
+	var x98 uint64
+	fiatScalarCmovznzU64(&x98, fiatScalarUint1(x94), x91, x84)
+	out1[0] = x95
+	out1[1] = x96
+	out1[2] = x97
+	out1[3] = x98
+}
+
+// fiatScalarToMontgomery translates a field element into the Montgomery domain.
+//
+// Preconditions:
+//
+//	0 ≤ eval arg1 < m
+//
+// Postconditions:
+//
+//	eval (from_montgomery out1) mod m = eval arg1 mod m
+//	0 ≤ eval out1 < m
+func fiatScalarToMontgomery(out1 *fiatScalarMontgomeryDomainFieldElement, arg1 *fiatScalarNonMontgomeryDomainFieldElement) {
+	x1 := arg1[1]
+	x2 := arg1[2]
+	x3 := arg1[3]
+	x4 := arg1[0]
+	var x5 uint64
+	var x6 uint64
+	x6, x5 = bits.Mul64(x4, 0x399411b7c309a3d)
+	var x7 uint64
+	var x8 uint64
+	x8, x7 = bits.Mul64(x4, 0xceec73d217f5be65)
+	var x9 uint64
+	var x10 uint64
+	x10, x9 = bits.Mul64(x4, 0xd00e1ba768859347)
+	var x11 uint64
+	var x12 uint64
+	x12, x11 = bits.Mul64(x4, 0xa40611e3449c0f01)
+	var x13 uint64
+	var x14 uint64
+	x13, x14 = bits.Add64(x12, x9, uint64(0x0))
+	var x15 uint64
+	var x16 uint64
+	x15, x16 = bits.Add64(x10, x7, uint64(fiatScalarUint1(x14)))
+	var x17 uint64
+	var x18 uint64
+	x17, x18 = bits.Add64(x8, x5, uint64(fiatScalarUint1(x16)))
+	var x19 uint64
+	_, x19 = bits.Mul64(x11, 0xd2b51da312547e1b)
+	var x21 uint64
+	var x22 uint64
+	x22, x21 = bits.Mul64(x19, 0x1000000000000000)
+	var x23 uint64
+	var x24 uint64
+	x24, x23 = bits.Mul64(x19, 0x14def9dea2f79cd6)
+	var x25 uint64
+	var x26 uint64
+	x26, x25 = bits.Mul64(x19, 0x5812631a5cf5d3ed)
+	var x27 uint64
+	var x28 uint64
+	x27, x28 = bits.Add64(x26, x23, uint64(0x0))
+	var x30 uint64
+	_, x30 = bits.Add64(x11, x25, uint64(0x0))
+	var x31 uint64
+	var x32 uint64
+	x31, x32 = bits.Add64(x13, x27, uint64(fiatScalarUint1(x30)))
+	var x33 uint64
+	var x34 uint64
+	x33, x34 = bits.Add64(x15, (uint64(fiatScalarUint1(x28)) + x24), uint64(fiatScalarUint1(x32)))
+	var x35 uint64
+	var x36 uint64
+	x35, x36 = bits.Add64(x17, x21, uint64(fiatScalarUint1(x34)))
+	var x37 uint64
+	var x38 uint64
+	x38, x37 = bits.Mul64(x1, 0x399411b7c309a3d)
+	var x39 uint64
+	var x40 uint64
+	x40, x39 = bits.Mul64(x1, 0xceec73d217f5be65)
+	var x41 uint64
+	var x42 uint64
+	x42, x41 = bits.Mul64(x1, 0xd00e1ba768859347)
+	var x43 uint64
+	var x44 uint64
+	x44, x43 = bits.Mul64(x1, 0xa40611e3449c0f01)
+	var x45 uint64
+	var x46 uint64
+	x45, x46 = bits.Add64(x44, x41, uint64(0x0))
+	var x47 uint64
+	var x48 uint64
+	x47, x48 = bits.Add64(x42, x39, uint64(fiatScalarUint1(x46)))
+	var x49 uint64
+	var x50 uint64
+	x49, x50 = bits.Add64(x40, x37, uint64(fiatScalarUint1(x48)))
+	var x51 uint64
+	var x52 uint64
+	x51, x52 = bits.Add64(x31, x43, uint64(0x0))
+	var x53 uint64
+	var x54 uint64
+	x53, x54 = bits.Add64(x33, x45, uint64(fiatScalarUint1(x52)))
+	var x55 uint64
+	var x56 uint64
+	x55, x56 = bits.Add64(x35, x47, uint64(fiatScalarUint1(x54)))
+	var x57 uint64
+	var x58 uint64
+	x57, x58 = bits.Add64(((uint64(fiatScalarUint1(x36)) + (uint64(fiatScalarUint1(x18)) + x6)) + x22), x49, uint64(fiatScalarUint1(x56)))
+	var x59 uint64
+	_, x59 = bits.Mul64(x51, 0xd2b51da312547e1b)
+	var x61 uint64
+	var x62 uint64
+	x62, x61 = bits.Mul64(x59, 0x1000000000000000)
+	var x63 uint64
+	var x64 uint64
+	x64, x63 = bits.Mul64(x59, 0x14def9dea2f79cd6)
+	var x65 uint64
+	var x66 uint64
+	x66, x65 = bits.Mul64(x59, 0x5812631a5cf5d3ed)
+	var x67 uint64
+	var x68 uint64
+	x67, x68 = bits.Add64(x66, x63, uint64(0x0))
+	var x70 uint64
+	_, x70 = bits.Add64(x51, x65, uint64(0x0))
+	var x71 uint64
+	var x72 uint64
+	x71, x72 = bits.Add64(x53, x67, uint64(fiatScalarUint1(x70)))
+	var x73 uint64
+	var x74 uint64
+	x73, x74 = bits.Add64(x55, (uint64(fiatScalarUint1(x68)) + x64), uint64(fiatScalarUint1(x72)))
+	var x75 uint64
+	var x76 uint64
+	x75, x76 = bits.Add64(x57, x61, uint64(fiatScalarUint1(x74)))
+	var x77 uint64
+	var x78 uint64
+	x78, x77 = bits.Mul64(x2, 0x399411b7c309a3d)
+	var x79 uint64
+	var x80 uint64
+	x80, x79 = bits.Mul64(x2, 0xceec73d217f5be65)
+	var x81 uint64
+	var x82 uint64
+	x82, x81 = bits.Mul64(x2, 0xd00e1ba768859347)
+	var x83 uint64
+	var x84 uint64
+	x84, x83 = bits.Mul64(x2, 0xa40611e3449c0f01)
+	var x85 uint64
+	var x86 uint64
+	x85, x86 = bits.Add64(x84, x81, uint64(0x0))
+	var x87 uint64
+	var x88 uint64
+	x87, x88 = bits.Add64(x82, x79, uint64(fiatScalarUint1(x86)))
+	var x89 uint64
+	var x90 uint64
+	x89, x90 = bits.Add64(x80, x77, uint64(fiatScalarUint1(x88)))
+	var x91 uint64
+	var x92 uint64
+	x91, x92 = bits.Add64(x71, x83, uint64(0x0))
+	var x93 uint64
+	var x94 uint64
+	x93, x94 = bits.Add64(x73, x85, uint64(fiatScalarUint1(x92)))
+	var x95 uint64
+	var x96 uint64
+	x95, x96 = bits.Add64(x75, x87, uint64(fiatScalarUint1(x94)))
+	var x97 uint64
+	var x98 uint64
+	x97, x98 = bits.Add64(((uint64(fiatScalarUint1(x76)) + (uint64(fiatScalarUint1(x58)) + (uint64(fiatScalarUint1(x50)) + x38))) + x62), x89, uint64(fiatScalarUint1(x96)))
+	var x99 uint64
+	_, x99 = bits.Mul64(x91, 0xd2b51da312547e1b)
+	var x101 uint64
+	var x102 uint64
+	x102, x101 = bits.Mul64(x99, 0x1000000000000000)
+	var x103 uint64
+	var x104 uint64
+	x104, x103 = bits.Mul64(x99, 0x14def9dea2f79cd6)
+	var x105 uint64
+	var x106 uint64
+	x106, x105 = bits.Mul64(x99, 0x5812631a5cf5d3ed)
+	var x107 uint64
+	var x108 uint64
+	x107, x108 = bits.Add64(x106, x103, uint64(0x0))
+	var x110 uint64
+	_, x110 = bits.Add64(x91, x105, uint64(0x0))
+	var x111 uint64
+	var x112 uint64
+	x111, x112 = bits.Add64(x93, x107, uint64(fiatScalarUint1(x110)))
+	var x113 uint64
+	var x114 uint64
+	x113, x114 = bits.Add64(x95, (uint64(fiatScalarUint1(x108)) + x104), uint64(fiatScalarUint1(x112)))
+	var x115 uint64
+	var x116 uint64
+	x115, x116 = bits.Add64(x97, x101, uint64(fiatScalarUint1(x114)))
+	var x117 uint64
+	var x118 uint64
+	x118, x117 = bits.Mul64(x3, 0x399411b7c309a3d)
+	var x119 uint64
+	var x120 uint64
+	x120, x119 = bits.Mul64(x3, 0xceec73d217f5be65)
+	var x121 uint64
+	var x122 uint64
+	x122, x121 = bits.Mul64(x3, 0xd00e1ba768859347)
+	var x123 uint64
+	var x124 uint64
+	x124, x123 = bits.Mul64(x3, 0xa40611e3449c0f01)
+	var x125 uint64
+	var x126 uint64
+	x125, x126 = bits.Add64(x124, x121, uint64(0x0))
+	var x127 uint64
+	var x128 uint64
+	x127, x128 = bits.Add64(x122, x119, uint64(fiatScalarUint1(x126)))
+	var x129 uint64
+	var x130 uint64
+	x129, x130 = bits.Add64(x120, x117, uint64(fiatScalarUint1(x128)))
+	var x131 uint64
+	var x132 uint64
+	x131, x132 = bits.Add64(x111, x123, uint64(0x0))
+	var x133 uint64
+	var x134 uint64
+	x133, x134 = bits.Add64(x113, x125, uint64(fiatScalarUint1(x132)))
+	var x135 uint64
+	var x136 uint64
+	x135, x136 = bits.Add64(x115, x127, uint64(fiatScalarUint1(x134)))
+	var x137 uint64
+	var x138 uint64
+	x137, x138 = bits.Add64(((uint64(fiatScalarUint1(x116)) + (uint64(fiatScalarUint1(x98)) + (uint64(fiatScalarUint1(x90)) + x78))) + x102), x129, uint64(fiatScalarUint1(x136)))
+	var x139 uint64
+	_, x139 = bits.Mul64(x131, 0xd2b51da312547e1b)
+	var x141 uint64
+	var x142 uint64
+	x142, x141 = bits.Mul64(x139, 0x1000000000000000)
+	var x143 uint64
+	var x144 uint64
+	x144, x143 = bits.Mul64(x139, 0x14def9dea2f79cd6)
+	var x145 uint64
+	var x146 uint64
+	x146, x145 = bits.Mul64(x139, 0x5812631a5cf5d3ed)
+	var x147 uint64
+	var x148 uint64
+	x147, x148 = bits.Add64(x146, x143, uint64(0x0))
+	var x150 uint64
+	_, x150 = bits.Add64(x131, x145, uint64(0x0))
+	var x151 uint64
+	var x152 uint64
+	x151, x152 = bits.Add64(x133, x147, uint64(fiatScalarUint1(x150)))
+	var x153 uint64
+	var x154 uint64
+	x153, x154 = bits.Add64(x135, (uint64(fiatScalarUint1(x148)) + x144), uint64(fiatScalarUint1(x152)))
+	var x155 uint64
+	var x156 uint64
+	x155, x156 = bits.Add64(x137, x141, uint64(fiatScalarUint1(x154)))
+	x157 := ((uint64(fiatScalarUint1(x156)) + (uint64(fiatScalarUint1(x138)) + (uint64(fiatScalarUint1(x130)) + x118))) + x142)
+	var x158 uint64
+	var x159 uint64
+	x158, x159 = bits.Sub64(x151, 0x5812631a5cf5d3ed, uint64(0x0))
+	var x160 uint64
+	var x161 uint64
+	x160, x161 = bits.Sub64(x153, 0x14def9dea2f79cd6, uint64(fiatScalarUint1(x159)))
+	var x162 uint64
+	var x163 uint64
+	x162, x163 = bits.Sub64(x155, uint64(0x0), uint64(fiatScalarUint1(x161)))
+	var x164 uint64
+	var x165 uint64
+	x164, x165 = bits.Sub64(x157, 0x1000000000000000, uint64(fiatScalarUint1(x163)))
+	var x167 uint64
+	_, x167 = bits.Sub64(uint64(0x0), uint64(0x0), uint64(fiatScalarUint1(x165)))
+	var x168 uint64
+	fiatScalarCmovznzU64(&x168, fiatScalarUint1(x167), x158, x151)
+	var x169 uint64
+	fiatScalarCmovznzU64(&x169, fiatScalarUint1(x167), x160, x153)
+	var x170 uint64
+	fiatScalarCmovznzU64(&x170, fiatScalarUint1(x167), x162, x155)
+	var x171 uint64
+	fiatScalarCmovznzU64(&x171, fiatScalarUint1(x167), x164, x157)
+	out1[0] = x168
+	out1[1] = x169
+	out1[2] = x170
+	out1[3] = x171
+}
+
+// fiatScalarToBytes serializes a field element NOT in the Montgomery domain to bytes in little-endian order.
+//
+// Preconditions:
+//
+//	0 ≤ eval arg1 < m
+//
+// Postconditions:
+//
+//	out1 = map (λ x, ⌊((eval arg1 mod m) mod 2^(8 * (x + 1))) / 2^(8 * x)⌋) [0..31]
+//
+// Input Bounds:
+//
+//	arg1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0x1fffffffffffffff]]
+//
+// Output Bounds:
+//
+//	out1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0x1f]]
+func fiatScalarToBytes(out1 *[32]uint8, arg1 *[4]uint64) {
+	x1 := arg1[3]
+	x2 := arg1[2]
+	x3 := arg1[1]
+	x4 := arg1[0]
+	x5 := (uint8(x4) & 0xff)
+	x6 := (x4 >> 8)
+	x7 := (uint8(x6) & 0xff)
+	x8 := (x6 >> 8)
+	x9 := (uint8(x8) & 0xff)
+	x10 := (x8 >> 8)
+	x11 := (uint8(x10) & 0xff)
+	x12 := (x10 >> 8)
+	x13 := (uint8(x12) & 0xff)
+	x14 := (x12 >> 8)
+	x15 := (uint8(x14) & 0xff)
+	x16 := (x14 >> 8)
+	x17 := (uint8(x16) & 0xff)
+	x18 := uint8((x16 >> 8))
+	x19 := (uint8(x3) & 0xff)
+	x20 := (x3 >> 8)
+	x21 := (uint8(x20) & 0xff)
+	x22 := (x20 >> 8)
+	x23 := (uint8(x22) & 0xff)
+	x24 := (x22 >> 8)
+	x25 := (uint8(x24) & 0xff)
+	x26 := (x24 >> 8)
+	x27 := (uint8(x26) & 0xff)
+	x28 := (x26 >> 8)
+	x29 := (uint8(x28) & 0xff)
+	x30 := (x28 >> 8)
+	x31 := (uint8(x30) & 0xff)
+	x32 := uint8((x30 >> 8))
+	x33 := (uint8(x2) & 0xff)
+	x34 := (x2 >> 8)
+	x35 := (uint8(x34) & 0xff)
+	x36 := (x34 >> 8)
+	x37 := (uint8(x36) & 0xff)
+	x38 := (x36 >> 8)
+	x39 := (uint8(x38) & 0xff)
+	x40 := (x38 >> 8)
+	x41 := (uint8(x40) & 0xff)
+	x42 := (x40 >> 8)
+	x43 := (uint8(x42) & 0xff)
+	x44 := (x42 >> 8)
+	x45 := (uint8(x44) & 0xff)
+	x46 := uint8((x44 >> 8))
+	x47 := (uint8(x1) & 0xff)
+	x48 := (x1 >> 8)
+	x49 := (uint8(x48) & 0xff)
+	x50 := (x48 >> 8)
+	x51 := (uint8(x50) & 0xff)
+	x52 := (x50 >> 8)
+	x53 := (uint8(x52) & 0xff)
+	x54 := (x52 >> 8)
+	x55 := (uint8(x54) & 0xff)
+	x56 := (x54 >> 8)
+	x57 := (uint8(x56) & 0xff)
+	x58 := (x56 >> 8)
+	x59 := (uint8(x58) & 0xff)
+	x60 := uint8((x58 >> 8))
+	out1[0] = x5
+	out1[1] = x7
+	out1[2] = x9
+	out1[3] = x11
+	out1[4] = x13
+	out1[5] = x15
+	out1[6] = x17
+	out1[7] = x18
+	out1[8] = x19
+	out1[9] = x21
+	out1[10] = x23
+	out1[11] = x25
+	out1[12] = x27
+	out1[13] = x29
+	out1[14] = x31
+	out1[15] = x32
+	out1[16] = x33
+	out1[17] = x35
+	out1[18] = x37
+	out1[19] = x39
+	out1[20] = x41
+	out1[21] = x43
+	out1[22] = x45
+	out1[23] = x46
+	out1[24] = x47
+	out1[25] = x49
+	out1[26] = x51
+	out1[27] = x53
+	out1[28] = x55
+	out1[29] = x57
+	out1[30] = x59
+	out1[31] = x60
+}
+
+// fiatScalarFromBytes deserializes a field element NOT in the Montgomery domain from bytes in little-endian order.
+//
+// Preconditions:
+//
+//	0 ≤ bytes_eval arg1 < m
+//
+// Postconditions:
+//
+//	eval out1 mod m = bytes_eval arg1 mod m
+//	0 ≤ eval out1 < m
+//
+// Input Bounds:
+//
+//	arg1: [[0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0xff], [0x0 ~> 0x1f]]
+//
+// Output Bounds:
+//
+//	out1: [[0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0xffffffffffffffff], [0x0 ~> 0x1fffffffffffffff]]
+func fiatScalarFromBytes(out1 *[4]uint64, arg1 *[32]uint8) {
+	x1 := (uint64(arg1[31]) << 56)
+	x2 := (uint64(arg1[30]) << 48)
+	x3 := (uint64(arg1[29]) << 40)
+	x4 := (uint64(arg1[28]) << 32)
+	x5 := (uint64(arg1[27]) << 24)
+	x6 := (uint64(arg1[26]) << 16)
+	x7 := (uint64(arg1[25]) << 8)
+	x8 := arg1[24]
+	x9 := (uint64(arg1[23]) << 56)
+	x10 := (uint64(arg1[22]) << 48)
+	x11 := (uint64(arg1[21]) << 40)
+	x12 := (uint64(arg1[20]) << 32)
+	x13 := (uint64(arg1[19]) << 24)
+	x14 := (uint64(arg1[18]) << 16)
+	x15 := (uint64(arg1[17]) << 8)
+	x16 := arg1[16]
+	x17 := (uint64(arg1[15]) << 56)
+	x18 := (uint64(arg1[14]) << 48)
+	x19 := (uint64(arg1[13]) << 40)
+	x20 := (uint64(arg1[12]) << 32)
+	x21 := (uint64(arg1[11]) << 24)
+	x22 := (uint64(arg1[10]) << 16)
+	x23 := (uint64(arg1[9]) << 8)
+	x24 := arg1[8]
+	x25 := (uint64(arg1[7]) << 56)
+	x26 := (uint64(arg1[6]) << 48)
+	x27 := (uint64(arg1[5]) << 40)
+	x28 := (uint64(arg1[4]) << 32)
+	x29 := (uint64(arg1[3]) << 24)
+	x30 := (uint64(arg1[2]) << 16)
+	x31 := (uint64(arg1[1]) << 8)
+	x32 := arg1[0]
+	x33 := (x31 + uint64(x32))
+	x34 := (x30 + x33)
+	x35 := (x29 + x34)
+	x36 := (x28 + x35)
+	x37 := (x27 + x36)
+	x38 := (x26 + x37)
+	x39 := (x25 + x38)
+	x40 := (x23 + uint64(x24))
+	x41 := (x22 + x40)
+	x42 := (x21 + x41)
+	x43 := (x20 + x42)
+	x44 := (x19 + x43)
+	x45 := (x18 + x44)
+	x46 := (x17 + x45)
+	x47 := (x15 + uint64(x16))
+	x48 := (x14 + x47)
+	x49 := (x13 + x48)
+	x50 := (x12 + x49)
+	x51 := (x11 + x50)
+	x52 := (x10 + x51)
+	x53 := (x9 + x52)
+	x54 := (x7 + uint64(x8))
+	x55 := (x6 + x54)
+	x56 := (x5 + x55)
+	x57 := (x4 + x56)
+	x58 := (x3 + x57)
+	x59 := (x2 + x58)
+	x60 := (x1 + x59)
+	out1[0] = x39
+	out1[1] = x46
+	out1[2] = x53
+	out1[3] = x60
+}
diff --git a/vendor/filippo.io/edwards25519/scalarmult.go b/vendor/filippo.io/edwards25519/scalarmult.go
new file mode 100644
index 000000000..f7ca3cef9
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/scalarmult.go
@@ -0,0 +1,214 @@
+// Copyright (c) 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package edwards25519
+
+import "sync"
+
+// basepointTable is a set of 32 affineLookupTables, where table i is generated
+// from 256i * basepoint. It is precomputed the first time it's used.
+func basepointTable() *[32]affineLookupTable {
+	basepointTablePrecomp.initOnce.Do(func() {
+		p := NewGeneratorPoint()
+		for i := 0; i < 32; i++ {
+			basepointTablePrecomp.table[i].FromP3(p)
+			for j := 0; j < 8; j++ {
+				p.Add(p, p)
+			}
+		}
+	})
+	return &basepointTablePrecomp.table
+}
+
+var basepointTablePrecomp struct {
+	table    [32]affineLookupTable
+	initOnce sync.Once
+}
+
+// ScalarBaseMult sets v = x * B, where B is the canonical generator, and
+// returns v.
+//
+// The scalar multiplication is done in constant time.
+func (v *Point) ScalarBaseMult(x *Scalar) *Point {
+	basepointTable := basepointTable()
+
+	// Write x = sum(x_i * 16^i) so  x*B = sum( B*x_i*16^i )
+	// as described in the Ed25519 paper
+	//
+	// Group even and odd coefficients
+	// x*B     = x_0*16^0*B + x_2*16^2*B + ... + x_62*16^62*B
+	//         + x_1*16^1*B + x_3*16^3*B + ... + x_63*16^63*B
+	// x*B     = x_0*16^0*B + x_2*16^2*B + ... + x_62*16^62*B
+	//    + 16*( x_1*16^0*B + x_3*16^2*B + ... + x_63*16^62*B)
+	//
+	// We use a lookup table for each i to get x_i*16^(2*i)*B
+	// and do four doublings to multiply by 16.
+	digits := x.signedRadix16()
+
+	multiple := &affineCached{}
+	tmp1 := &projP1xP1{}
+	tmp2 := &projP2{}
+
+	// Accumulate the odd components first
+	v.Set(NewIdentityPoint())
+	for i := 1; i < 64; i += 2 {
+		basepointTable[i/2].SelectInto(multiple, digits[i])
+		tmp1.AddAffine(v, multiple)
+		v.fromP1xP1(tmp1)
+	}
+
+	// Multiply by 16
+	tmp2.FromP3(v)       // tmp2 =    v in P2 coords
+	tmp1.Double(tmp2)    // tmp1 =  2*v in P1xP1 coords
+	tmp2.FromP1xP1(tmp1) // tmp2 =  2*v in P2 coords
+	tmp1.Double(tmp2)    // tmp1 =  4*v in P1xP1 coords
+	tmp2.FromP1xP1(tmp1) // tmp2 =  4*v in P2 coords
+	tmp1.Double(tmp2)    // tmp1 =  8*v in P1xP1 coords
+	tmp2.FromP1xP1(tmp1) // tmp2 =  8*v in P2 coords
+	tmp1.Double(tmp2)    // tmp1 = 16*v in P1xP1 coords
+	v.fromP1xP1(tmp1)    // now v = 16*(odd components)
+
+	// Accumulate the even components
+	for i := 0; i < 64; i += 2 {
+		basepointTable[i/2].SelectInto(multiple, digits[i])
+		tmp1.AddAffine(v, multiple)
+		v.fromP1xP1(tmp1)
+	}
+
+	return v
+}
+
+// ScalarMult sets v = x * q, and returns v.
+//
+// The scalar multiplication is done in constant time.
+func (v *Point) ScalarMult(x *Scalar, q *Point) *Point {
+	checkInitialized(q)
+
+	var table projLookupTable
+	table.FromP3(q)
+
+	// Write x = sum(x_i * 16^i)
+	// so  x*Q = sum( Q*x_i*16^i )
+	//         = Q*x_0 + 16*(Q*x_1 + 16*( ... + Q*x_63) ... )
+	//           <------compute inside out---------
+	//
+	// We use the lookup table to get the x_i*Q values
+	// and do four doublings to compute 16*Q
+	digits := x.signedRadix16()
+
+	// Unwrap first loop iteration to save computing 16*identity
+	multiple := &projCached{}
+	tmp1 := &projP1xP1{}
+	tmp2 := &projP2{}
+	table.SelectInto(multiple, digits[63])
+
+	v.Set(NewIdentityPoint())
+	tmp1.Add(v, multiple) // tmp1 = x_63*Q in P1xP1 coords
+	for i := 62; i >= 0; i-- {
+		tmp2.FromP1xP1(tmp1) // tmp2 =    (prev) in P2 coords
+		tmp1.Double(tmp2)    // tmp1 =  2*(prev) in P1xP1 coords
+		tmp2.FromP1xP1(tmp1) // tmp2 =  2*(prev) in P2 coords
+		tmp1.Double(tmp2)    // tmp1 =  4*(prev) in P1xP1 coords
+		tmp2.FromP1xP1(tmp1) // tmp2 =  4*(prev) in P2 coords
+		tmp1.Double(tmp2)    // tmp1 =  8*(prev) in P1xP1 coords
+		tmp2.FromP1xP1(tmp1) // tmp2 =  8*(prev) in P2 coords
+		tmp1.Double(tmp2)    // tmp1 = 16*(prev) in P1xP1 coords
+		v.fromP1xP1(tmp1)    //    v = 16*(prev) in P3 coords
+		table.SelectInto(multiple, digits[i])
+		tmp1.Add(v, multiple) // tmp1 = x_i*Q + 16*(prev) in P1xP1 coords
+	}
+	v.fromP1xP1(tmp1)
+	return v
+}
+
+// basepointNafTable is the nafLookupTable8 for the basepoint.
+// It is precomputed the first time it's used.
+func basepointNafTable() *nafLookupTable8 {
+	basepointNafTablePrecomp.initOnce.Do(func() {
+		basepointNafTablePrecomp.table.FromP3(NewGeneratorPoint())
+	})
+	return &basepointNafTablePrecomp.table
+}
+
+var basepointNafTablePrecomp struct {
+	table    nafLookupTable8
+	initOnce sync.Once
+}
+
+// VarTimeDoubleScalarBaseMult sets v = a * A + b * B, where B is the canonical
+// generator, and returns v.
+//
+// Execution time depends on the inputs.
+func (v *Point) VarTimeDoubleScalarBaseMult(a *Scalar, A *Point, b *Scalar) *Point {
+	checkInitialized(A)
+
+	// Similarly to the single variable-base approach, we compute
+	// digits and use them with a lookup table.  However, because
+	// we are allowed to do variable-time operations, we don't
+	// need constant-time lookups or constant-time digit
+	// computations.
+	//
+	// So we use a non-adjacent form of some width w instead of
+	// radix 16.  This is like a binary representation (one digit
+	// for each binary place) but we allow the digits to grow in
+	// magnitude up to 2^{w-1} so that the nonzero digits are as
+	// sparse as possible.  Intuitively, this "condenses" the
+	// "mass" of the scalar onto sparse coefficients (meaning
+	// fewer additions).
+
+	basepointNafTable := basepointNafTable()
+	var aTable nafLookupTable5
+	aTable.FromP3(A)
+	// Because the basepoint is fixed, we can use a wider NAF
+	// corresponding to a bigger table.
+	aNaf := a.nonAdjacentForm(5)
+	bNaf := b.nonAdjacentForm(8)
+
+	// Find the first nonzero coefficient.
+	i := 255
+	for j := i; j >= 0; j-- {
+		if aNaf[j] != 0 || bNaf[j] != 0 {
+			break
+		}
+	}
+
+	multA := &projCached{}
+	multB := &affineCached{}
+	tmp1 := &projP1xP1{}
+	tmp2 := &projP2{}
+	tmp2.Zero()
+
+	// Move from high to low bits, doubling the accumulator
+	// at each iteration and checking whether there is a nonzero
+	// coefficient to look up a multiple of.
+	for ; i >= 0; i-- {
+		tmp1.Double(tmp2)
+
+		// Only update v if we have a nonzero coeff to add in.
+		if aNaf[i] > 0 {
+			v.fromP1xP1(tmp1)
+			aTable.SelectInto(multA, aNaf[i])
+			tmp1.Add(v, multA)
+		} else if aNaf[i] < 0 {
+			v.fromP1xP1(tmp1)
+			aTable.SelectInto(multA, -aNaf[i])
+			tmp1.Sub(v, multA)
+		}
+
+		if bNaf[i] > 0 {
+			v.fromP1xP1(tmp1)
+			basepointNafTable.SelectInto(multB, bNaf[i])
+			tmp1.AddAffine(v, multB)
+		} else if bNaf[i] < 0 {
+			v.fromP1xP1(tmp1)
+			basepointNafTable.SelectInto(multB, -bNaf[i])
+			tmp1.SubAffine(v, multB)
+		}
+
+		tmp2.FromP1xP1(tmp1)
+	}
+
+	v.fromP2(tmp2)
+	return v
+}
diff --git a/vendor/filippo.io/edwards25519/tables.go b/vendor/filippo.io/edwards25519/tables.go
new file mode 100644
index 000000000..83234bbc0
--- /dev/null
+++ b/vendor/filippo.io/edwards25519/tables.go
@@ -0,0 +1,129 @@
+// Copyright (c) 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package edwards25519
+
+import (
+	"crypto/subtle"
+)
+
+// A dynamic lookup table for variable-base, constant-time scalar muls.
+type projLookupTable struct {
+	points [8]projCached
+}
+
+// A precomputed lookup table for fixed-base, constant-time scalar muls.
+type affineLookupTable struct {
+	points [8]affineCached
+}
+
+// A dynamic lookup table for variable-base, variable-time scalar muls.
+type nafLookupTable5 struct {
+	points [8]projCached
+}
+
+// A precomputed lookup table for fixed-base, variable-time scalar muls.
+type nafLookupTable8 struct {
+	points [64]affineCached
+}
+
+// Constructors.
+
+// Builds a lookup table at runtime. Fast.
+func (v *projLookupTable) FromP3(q *Point) {
+	// Goal: v.points[i] = (i+1)*Q, i.e., Q, 2Q, ..., 8Q
+	// This allows lookup of -8Q, ..., -Q, 0, Q, ..., 8Q
+	v.points[0].FromP3(q)
+	tmpP3 := Point{}
+	tmpP1xP1 := projP1xP1{}
+	for i := 0; i < 7; i++ {
+		// Compute (i+1)*Q as Q + i*Q and convert to a projCached
+		// This is needlessly complicated because the API has explicit
+		// receivers instead of creating stack objects and relying on RVO
+		v.points[i+1].FromP3(tmpP3.fromP1xP1(tmpP1xP1.Add(q, &v.points[i])))
+	}
+}
+
+// This is not optimised for speed; fixed-base tables should be precomputed.
+func (v *affineLookupTable) FromP3(q *Point) {
+	// Goal: v.points[i] = (i+1)*Q, i.e., Q, 2Q, ..., 8Q
+	// This allows lookup of -8Q, ..., -Q, 0, Q, ..., 8Q
+	v.points[0].FromP3(q)
+	tmpP3 := Point{}
+	tmpP1xP1 := projP1xP1{}
+	for i := 0; i < 7; i++ {
+		// Compute (i+1)*Q as Q + i*Q and convert to affineCached
+		v.points[i+1].FromP3(tmpP3.fromP1xP1(tmpP1xP1.AddAffine(q, &v.points[i])))
+	}
+}
+
+// Builds a lookup table at runtime. Fast.
+func (v *nafLookupTable5) FromP3(q *Point) {
+	// Goal: v.points[i] = (2*i+1)*Q, i.e., Q, 3Q, 5Q, ..., 15Q
+	// This allows lookup of -15Q, ..., -3Q, -Q, 0, Q, 3Q, ..., 15Q
+	v.points[0].FromP3(q)
+	q2 := Point{}
+	q2.Add(q, q)
+	tmpP3 := Point{}
+	tmpP1xP1 := projP1xP1{}
+	for i := 0; i < 7; i++ {
+		v.points[i+1].FromP3(tmpP3.fromP1xP1(tmpP1xP1.Add(&q2, &v.points[i])))
+	}
+}
+
+// This is not optimised for speed; fixed-base tables should be precomputed.
+func (v *nafLookupTable8) FromP3(q *Point) {
+	v.points[0].FromP3(q)
+	q2 := Point{}
+	q2.Add(q, q)
+	tmpP3 := Point{}
+	tmpP1xP1 := projP1xP1{}
+	for i := 0; i < 63; i++ {
+		v.points[i+1].FromP3(tmpP3.fromP1xP1(tmpP1xP1.AddAffine(&q2, &v.points[i])))
+	}
+}
+
+// Selectors.
+
+// Set dest to x*Q, where -8 <= x <= 8, in constant time.
+func (v *projLookupTable) SelectInto(dest *projCached, x int8) {
+	// Compute xabs = |x|
+	xmask := x >> 7
+	xabs := uint8((x + xmask) ^ xmask)
+
+	dest.Zero()
+	for j := 1; j <= 8; j++ {
+		// Set dest = j*Q if |x| = j
+		cond := subtle.ConstantTimeByteEq(xabs, uint8(j))
+		dest.Select(&v.points[j-1], dest, cond)
+	}
+	// Now dest = |x|*Q, conditionally negate to get x*Q
+	dest.CondNeg(int(xmask & 1))
+}
+
+// Set dest to x*Q, where -8 <= x <= 8, in constant time.
+func (v *affineLookupTable) SelectInto(dest *affineCached, x int8) {
+	// Compute xabs = |x|
+	xmask := x >> 7
+	xabs := uint8((x + xmask) ^ xmask)
+
+	dest.Zero()
+	for j := 1; j <= 8; j++ {
+		// Set dest = j*Q if |x| = j
+		cond := subtle.ConstantTimeByteEq(xabs, uint8(j))
+		dest.Select(&v.points[j-1], dest, cond)
+	}
+	// Now dest = |x|*Q, conditionally negate to get x*Q
+	dest.CondNeg(int(xmask & 1))
+}
+
+// Given odd x with 0 < x < 2^4, return x*Q (in variable time).
+func (v *nafLookupTable5) SelectInto(dest *projCached, x int8) {
+	*dest = v.points[x/2]
+}
+
+// Given odd x with 0 < x < 2^7, return x*Q (in variable time).
+func (v *nafLookupTable8) SelectInto(dest *affineCached, x int8) {
+	*dest = v.points[x/2]
+}
diff --git a/vendor/github.com/go-sql-driver/mysql/AUTHORS b/vendor/github.com/go-sql-driver/mysql/AUTHORS
index fb1478c3b..4021b96cc 100644
--- a/vendor/github.com/go-sql-driver/mysql/AUTHORS
+++ b/vendor/github.com/go-sql-driver/mysql/AUTHORS
@@ -13,6 +13,7 @@
 
 Aaron Hopkins 
 Achille Roussel 
+Aidan 
 Alex Snast 
 Alexey Palazhchenko 
 Andrew Reid 
@@ -20,12 +21,14 @@ Animesh Ray 
 Arne Hormann 
 Ariel Mashraki 
 Asta Xie 
+Brian Hendriks 
 Bulat Gaifullin 
 Caine Jette 
 Carlos Nieto 
 Chris Kirkland 
 Chris Moos 
 Craig Wilson 
+Daemonxiao <735462752 at qq.com>
 Daniel Montoya 
 Daniel Nichter 
 Daniël van Eeden 
@@ -33,9 +36,11 @@ Dave Protasowski 
 DisposaBoy 
 Egor Smolyakov 
 Erwan Martin 
+Evan Elias 
 Evan Shaw 
 Frederick Mayle 
 Gustavo Kristic 
+Gusted 
 Hajime Nakagami 
 Hanno Braun 
 Henri Yandell 
@@ -47,8 +52,11 @@ INADA Naoki 
 Jacek Szwec 
 James Harr 
 Janek Vedock 
+Jason Ng 
+Jean-Yves Pellé 
 Jeff Hodges 
 Jeffrey Charles 
+Jennifer Purevsuren 
 Jerome Meyer 
 Jiajia Zhong 
 Jian Zhen 
@@ -74,9 +82,11 @@ Maciej Zimnoch 
 Michael Woolnough 
 Nathanial Murphy 
 Nicola Peduzzi 
+Oliver Bone 
 Olivier Mengué 
 oscarzhao 
 Paul Bonser 
+Paulius Lozys 
 Peter Schultz 
 Phil Porada 
 Rebecca Chin 
@@ -95,6 +105,7 @@ Stan Putrya 
 Stanley Gunawan 
 Steven Hartland 
 Tan Jinhua <312841925 at qq.com>
+Tetsuro Aoki 
 Thomas Wodarek 
 Tim Ruffles 
 Tom Jenkinson 
@@ -104,6 +115,7 @@ Xiangyu Hu 
 Xiaobing Jiang 
 Xiuming Chen 
 Xuehong Chan 
+Zhang Xiang 
 Zhenye Xie 
 Zhixin Wen 
 Ziheng Lyu 
@@ -113,14 +125,18 @@ Ziheng Lyu 
 Barracuda Networks, Inc.
 Counting Ltd.
 DigitalOcean Inc.
+Dolthub Inc.
 dyves labs AG
 Facebook Inc.
 GitHub Inc.
 Google Inc.
 InfoSum Ltd.
 Keybase Inc.
+Microsoft Corp.
 Multiplay Ltd.
 Percona LLC
+PingCAP Inc.
 Pivotal Inc.
+Shattered Silicon Ltd.
 Stripe Inc.
 Zendesk Inc.
diff --git a/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md b/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md
index 5166e4adb..213215c8d 100644
--- a/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md
+++ b/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md
@@ -162,7 +162,7 @@ New Features:
 
  - Enable microsecond resolution on TIME, DATETIME and TIMESTAMP (#249)
  - Support for returning table alias on Columns() (#289, #359, #382)
- - Placeholder interpolation, can be actived with the DSN parameter `interpolateParams=true` (#309, #318, #490)
+ - Placeholder interpolation, can be activated with the DSN parameter `interpolateParams=true` (#309, #318, #490)
  - Support for uint64 parameters with high bit set (#332, #345)
  - Cleartext authentication plugin support (#327)
  - Exported ParseDSN function and the Config struct (#403, #419, #429)
@@ -206,7 +206,7 @@ Changes:
  - Also exported the MySQLWarning type
  - mysqlConn.Close returns the first error encountered instead of ignoring all errors
  - writePacket() automatically writes the packet size to the header
- - readPacket() uses an iterative approach instead of the recursive approach to merge splitted packets
+ - readPacket() uses an iterative approach instead of the recursive approach to merge split packets
 
 New Features:
 
@@ -254,7 +254,7 @@ Bugfixes:
 
   - Fixed MySQL 4.1 support: MySQL 4.1 sends packets with lengths which differ from the specification
   - Convert to DB timezone when inserting `time.Time`
-  - Splitted packets (more than 16MB) are now merged correctly
+  - Split packets (more than 16MB) are now merged correctly
   - Fixed false positive `io.EOF` errors when the data was fully read
   - Avoid panics on reuse of closed connections
   - Fixed empty string producing false nil values
diff --git a/vendor/github.com/go-sql-driver/mysql/README.md b/vendor/github.com/go-sql-driver/mysql/README.md
index 3b5d229aa..9d0d806ef 100644
--- a/vendor/github.com/go-sql-driver/mysql/README.md
+++ b/vendor/github.com/go-sql-driver/mysql/README.md
@@ -40,15 +40,23 @@ A MySQL-Driver for Go's [database/sql](https://golang.org/pkg/database/sql/) pac
   * Optional placeholder interpolation
 
 ## Requirements
-  * Go 1.13 or higher. We aim to support the 3 latest versions of Go.
-  * MySQL (4.1+), MariaDB, Percona Server, Google CloudSQL or Sphinx (2.2.3+)
+
+* Go 1.19 or higher. We aim to support the 3 latest versions of Go.
+* MySQL (5.7+) and MariaDB (10.3+) are supported.
+* [TiDB](https://github.com/pingcap/tidb) is supported by PingCAP.
+  * Do not ask questions about TiDB in our issue tracker or forum.
+  * [Document](https://docs.pingcap.com/tidb/v6.1/dev-guide-sample-application-golang)
+  * [Forum](https://ask.pingcap.com/)
+* go-mysql would work with Percona Server, Google CloudSQL or Sphinx (2.2.3+).
+  * Maintainers won't support them. Do not expect issues are investigated and resolved by maintainers.
+  * Investigate issues yourself and please send a pull request to fix it.
 
 ---------------------------------------
 
 ## Installation
 Simple install the package to your [$GOPATH](https://github.com/golang/go/wiki/GOPATH "GOPATH") with the [go tool](https://golang.org/cmd/go/ "go command") from shell:
 ```bash
-$ go get -u github.com/go-sql-driver/mysql
+go get -u github.com/go-sql-driver/mysql
 ```
 Make sure [Git is installed](https://git-scm.com/downloads) on your machine and in your system's `PATH`.
 
@@ -114,6 +122,12 @@ This has the same effect as an empty DSN string:
 
 ```
 
+`dbname` is escaped by [PathEscape()](https://pkg.go.dev/net/url#PathEscape) since v1.8.0. If your database name is `dbname/withslash`, it becomes:
+
+```
+/dbname%2Fwithslash
+```
+
 Alternatively, [Config.FormatDSN](https://godoc.org/github.com/go-sql-driver/mysql#Config.FormatDSN) can be used to create a DSN string by filling a struct.
 
 #### Password
@@ -121,7 +135,7 @@ Passwords can consist of any character. Escaping is **not** necessary.
 
 #### Protocol
 See [net.Dial](https://golang.org/pkg/net/#Dial) for more information which networks are available.
-In general you should use an Unix domain socket if available and TCP otherwise for best performance.
+In general you should use a Unix domain socket if available and TCP otherwise for best performance.
 
 #### Address
 For TCP and UDP networks, addresses have the form `host[:port]`.
@@ -145,7 +159,7 @@ Default:        false
 ```
 
 `allowAllFiles=true` disables the file allowlist for `LOAD DATA LOCAL INFILE` and allows *all* files.
-[*Might be insecure!*](http://dev.mysql.com/doc/refman/5.7/en/load-data-local.html)
+[*Might be insecure!*](https://dev.mysql.com/doc/refman/8.0/en/load-data.html#load-data-local)
 
 ##### `allowCleartextPasswords`
 
@@ -194,10 +208,9 @@ Valid Values:   
 Default:        none
 ```
 
-Sets the charset used for client-server interaction (`"SET NAMES "`). If multiple charsets are set (separated by a comma), the following charset is used if setting the charset failes. This enables for example support for `utf8mb4` ([introduced in MySQL 5.5.3](http://dev.mysql.com/doc/refman/5.5/en/charset-unicode-utf8mb4.html)) with fallback to `utf8` for older servers (`charset=utf8mb4,utf8`).
+Sets the charset used for client-server interaction (`"SET NAMES "`). If multiple charsets are set (separated by a comma), the following charset is used if setting the charset fails. This enables for example support for `utf8mb4` ([introduced in MySQL 5.5.3](http://dev.mysql.com/doc/refman/5.5/en/charset-unicode-utf8mb4.html)) with fallback to `utf8` for older servers (`charset=utf8mb4,utf8`).
 
-Usage of the `charset` parameter is discouraged because it issues additional queries to the server.
-Unless you need the fallback behavior, please use `collation` instead.
+See also [Unicode Support](#unicode-support).
 
 ##### `checkConnLiveness`
 
@@ -226,6 +239,7 @@ The default collation (`utf8mb4_general_ci`) is supported from MySQL 5.5.  You s
 
 Collations for charset "ucs2", "utf16", "utf16le", and "utf32" can not be used ([ref](https://dev.mysql.com/doc/refman/5.7/en/charset-connection.html#charset-connection-impermissible-client-charset)).
 
+See also [Unicode Support](#unicode-support).
 
 ##### `clientFoundRows`
 
@@ -279,6 +293,15 @@ Note that this sets the location for time.Time values but does not change MySQL'
 
 Please keep in mind, that param values must be [url.QueryEscape](https://golang.org/pkg/net/url/#QueryEscape)'ed. Alternatively you can manually replace the `/` with `%2F`. For example `US/Pacific` would be `loc=US%2FPacific`.
 
+##### `timeTruncate`
+
+```
+Type:           duration
+Default:        0
+```
+
+[Truncate time values](https://pkg.go.dev/time#Duration.Truncate) to the specified duration. The value must be a decimal number with a unit suffix (*"ms"*, *"s"*, *"m"*, *"h"*), such as *"30s"*, *"0.5m"* or *"1m30s"*.
+
 ##### `maxAllowedPacket`
 ```
 Type:          decimal number
@@ -295,9 +318,25 @@ Valid Values:   true, false
 Default:        false
 ```
 
-Allow multiple statements in one query. While this allows batch queries, it also greatly increases the risk of SQL injections. Only the result of the first query is returned, all other results are silently discarded.
+Allow multiple statements in one query. This can be used to bach multiple queries. Use [Rows.NextResultSet()](https://pkg.go.dev/database/sql#Rows.NextResultSet) to get result of the second and subsequent queries.
+
+When `multiStatements` is used, `?` parameters must only be used in the first statement. [interpolateParams](#interpolateparams) can be used to avoid this limitation unless prepared statement is used explicitly.
+
+It's possible to access the last inserted ID and number of affected rows for multiple statements by using `sql.Conn.Raw()` and the `mysql.Result`. For example:
 
-When `multiStatements` is used, `?` parameters must only be used in the first statement.
+```go
+conn, _ := db.Conn(ctx)
+conn.Raw(func(conn interface{}) error {
+  ex := conn.(driver.Execer)
+  res, err := ex.Exec(`
+  UPDATE point SET x = 1 WHERE y = 2;
+  UPDATE point SET x = 2 WHERE y = 3;
+  `, nil)
+  // Both slices have 2 elements.
+  log.Print(res.(mysql.Result).AllRowsAffected())
+  log.Print(res.(mysql.Result).AllLastInsertIds())
+})
+```
 
 ##### `parseTime`
 
@@ -393,6 +432,15 @@ Default:        0
 
 I/O write timeout. The value must be a decimal number with a unit suffix (*"ms"*, *"s"*, *"m"*, *"h"*), such as *"30s"*, *"0.5m"* or *"1m30s"*.
 
+##### `connectionAttributes`
+
+```
+Type:           comma-delimited string of user-defined "key:value" pairs
+Valid Values:   (:,:,...)
+Default:        none
+```
+
+[Connection attributes](https://dev.mysql.com/doc/refman/8.0/en/performance-schema-connection-attribute-tables.html) are key-value pairs that application programs can pass to the server at connect time.
 
 ##### System Variables
 
@@ -465,7 +513,7 @@ user:password@/
 The connection pool is managed by Go's database/sql package. For details on how to configure the size of the pool and how long connections stay in the pool see `*DB.SetMaxOpenConns`, `*DB.SetMaxIdleConns`, and `*DB.SetConnMaxLifetime` in the [database/sql documentation](https://golang.org/pkg/database/sql/). The read, write, and dial timeouts for each individual connection are configured with the DSN parameters [`readTimeout`](#readtimeout), [`writeTimeout`](#writetimeout), and [`timeout`](#timeout), respectively.
 
 ## `ColumnType` Support
-This driver supports the [`ColumnType` interface](https://golang.org/pkg/database/sql/#ColumnType) introduced in Go 1.8, with the exception of [`ColumnType.Length()`](https://golang.org/pkg/database/sql/#ColumnType.Length), which is currently not supported. All Unsigned database type names will be returned `UNSIGNED ` with `INT`, `TINYINT`, `SMALLINT`, `BIGINT`.
+This driver supports the [`ColumnType` interface](https://golang.org/pkg/database/sql/#ColumnType) introduced in Go 1.8, with the exception of [`ColumnType.Length()`](https://golang.org/pkg/database/sql/#ColumnType.Length), which is currently not supported. All Unsigned database type names will be returned `UNSIGNED ` with `INT`, `TINYINT`, `SMALLINT`, `MEDIUMINT`, `BIGINT`.
 
 ## `context.Context` Support
 Go 1.8 added `database/sql` support for `context.Context`. This driver supports query timeouts and cancellation via contexts.
@@ -478,7 +526,7 @@ For this feature you need direct access to the package. Therefore you must chang
 import "github.com/go-sql-driver/mysql"
 ```
 
-Files must be explicitly allowed by registering them with `mysql.RegisterLocalFile(filepath)` (recommended) or the allowlist check must be deactivated by using the DSN parameter `allowAllFiles=true` ([*Might be insecure!*](http://dev.mysql.com/doc/refman/5.7/en/load-data-local.html)).
+Files must be explicitly allowed by registering them with `mysql.RegisterLocalFile(filepath)` (recommended) or the allowlist check must be deactivated by using the DSN parameter `allowAllFiles=true` ([*Might be insecure!*](https://dev.mysql.com/doc/refman/8.0/en/load-data.html#load-data-local)).
 
 To use a `io.Reader` a handler function must be registered with `mysql.RegisterReaderHandler(name, handler)` which returns a `io.Reader` or `io.ReadCloser`. The Reader is available with the filepath `Reader::` then. Choose different names for different handlers and `DeregisterReaderHandler` when you don't need it anymore.
 
@@ -496,9 +544,11 @@ However, many want to scan MySQL `DATE` and `DATETIME` values into `time.Time` v
 ### Unicode support
 Since version 1.5 Go-MySQL-Driver automatically uses the collation ` utf8mb4_general_ci` by default.
 
-Other collations / charsets can be set using the [`collation`](#collation) DSN parameter.
+Other charsets / collations can be set using the [`charset`](#charset) or [`collation`](#collation) DSN parameter.
 
-Version 1.0 of the driver recommended adding `&charset=utf8` (alias for `SET NAMES utf8`) to the DSN to enable proper UTF-8 support. This is not necessary anymore. The [`collation`](#collation) parameter should be preferred to set another collation / charset than the default.
+- When only the `charset` is specified, the `SET NAMES ` query is sent and the server's default collation is used.
+- When both the `charset` and `collation` are specified, the `SET NAMES  COLLATE ` query is sent.
+- When only the `collation` is specified, the collation is specified in the protocol handshake and the `SET NAMES` query is not sent. This can save one roundtrip, but note that the server may ignore the specified collation silently and use the server's default charset/collation instead.
 
 See http://dev.mysql.com/doc/refman/8.0/en/charset-unicode.html for more details on MySQL's Unicode support.
 
diff --git a/vendor/github.com/go-sql-driver/mysql/auth.go b/vendor/github.com/go-sql-driver/mysql/auth.go
index 1ff203e57..658259b24 100644
--- a/vendor/github.com/go-sql-driver/mysql/auth.go
+++ b/vendor/github.com/go-sql-driver/mysql/auth.go
@@ -13,10 +13,13 @@ import (
 	"crypto/rsa"
 	"crypto/sha1"
 	"crypto/sha256"
+	"crypto/sha512"
 	"crypto/x509"
 	"encoding/pem"
 	"fmt"
 	"sync"
+
+	"filippo.io/edwards25519"
 )
 
 // server pub keys registry
@@ -33,7 +36,7 @@ var (
 // Note: The provided rsa.PublicKey instance is exclusively owned by the driver
 // after registering it and may not be modified.
 //
-//	data, err := ioutil.ReadFile("mykey.pem")
+//	data, err := os.ReadFile("mykey.pem")
 //	if err != nil {
 //		log.Fatal(err)
 //	}
@@ -225,6 +228,44 @@ func encryptPassword(password string, seed []byte, pub *rsa.PublicKey) ([]byte,
 	return rsa.EncryptOAEP(sha1, rand.Reader, pub, plain, nil)
 }
 
+// authEd25519 does ed25519 authentication used by MariaDB.
+func authEd25519(scramble []byte, password string) ([]byte, error) {
+	// Derived from https://github.com/MariaDB/server/blob/d8e6bb00888b1f82c031938f4c8ac5d97f6874c3/plugin/auth_ed25519/ref10/sign.c
+	// Code style is from https://cs.opensource.google/go/go/+/refs/tags/go1.21.5:src/crypto/ed25519/ed25519.go;l=207
+	h := sha512.Sum512([]byte(password))
+
+	s, err := edwards25519.NewScalar().SetBytesWithClamping(h[:32])
+	if err != nil {
+		return nil, err
+	}
+	A := (&edwards25519.Point{}).ScalarBaseMult(s)
+
+	mh := sha512.New()
+	mh.Write(h[32:])
+	mh.Write(scramble)
+	messageDigest := mh.Sum(nil)
+	r, err := edwards25519.NewScalar().SetUniformBytes(messageDigest)
+	if err != nil {
+		return nil, err
+	}
+
+	R := (&edwards25519.Point{}).ScalarBaseMult(r)
+
+	kh := sha512.New()
+	kh.Write(R.Bytes())
+	kh.Write(A.Bytes())
+	kh.Write(scramble)
+	hramDigest := kh.Sum(nil)
+	k, err := edwards25519.NewScalar().SetUniformBytes(hramDigest)
+	if err != nil {
+		return nil, err
+	}
+
+	S := k.MultiplyAdd(k, s, r)
+
+	return append(R.Bytes(), S.Bytes()...), nil
+}
+
 func (mc *mysqlConn) sendEncryptedPassword(seed []byte, pub *rsa.PublicKey) error {
 	enc, err := encryptPassword(mc.cfg.Passwd, seed, pub)
 	if err != nil {
@@ -290,8 +331,14 @@ func (mc *mysqlConn) auth(authData []byte, plugin string) ([]byte, error) {
 		enc, err := encryptPassword(mc.cfg.Passwd, authData, pubKey)
 		return enc, err
 
+	case "client_ed25519":
+		if len(authData) != 32 {
+			return nil, ErrMalformPkt
+		}
+		return authEd25519(authData, mc.cfg.Passwd)
+
 	default:
-		errLog.Print("unknown auth plugin:", plugin)
+		mc.cfg.Logger.Print("unknown auth plugin:", plugin)
 		return nil, ErrUnknownPlugin
 	}
 }
@@ -338,7 +385,7 @@ func (mc *mysqlConn) handleAuthResult(oldAuthData []byte, plugin string) error {
 
 	switch plugin {
 
-	// https://insidemysql.com/preparing-your-community-connector-for-mysql-8-part-2-sha256/
+	// https://dev.mysql.com/blog-archive/preparing-your-community-connector-for-mysql-8-part-2-sha256/
 	case "caching_sha2_password":
 		switch len(authData) {
 		case 0:
@@ -346,7 +393,7 @@ func (mc *mysqlConn) handleAuthResult(oldAuthData []byte, plugin string) error {
 		case 1:
 			switch authData[0] {
 			case cachingSha2PasswordFastAuthSuccess:
-				if err = mc.readResultOK(); err == nil {
+				if err = mc.resultUnchanged().readResultOK(); err == nil {
 					return nil // auth successful
 				}
 
@@ -376,13 +423,13 @@ func (mc *mysqlConn) handleAuthResult(oldAuthData []byte, plugin string) error {
 						}
 
 						if data[0] != iAuthMoreData {
-							return fmt.Errorf("unexpect resp from server for caching_sha2_password perform full authentication")
+							return fmt.Errorf("unexpected resp from server for caching_sha2_password, perform full authentication")
 						}
 
 						// parse public key
 						block, rest := pem.Decode(data[1:])
 						if block == nil {
-							return fmt.Errorf("No Pem data found, data: %s", rest)
+							return fmt.Errorf("no pem data found, data: %s", rest)
 						}
 						pkix, err := x509.ParsePKIXPublicKey(block.Bytes)
 						if err != nil {
@@ -397,7 +444,7 @@ func (mc *mysqlConn) handleAuthResult(oldAuthData []byte, plugin string) error {
 						return err
 					}
 				}
-				return mc.readResultOK()
+				return mc.resultUnchanged().readResultOK()
 
 			default:
 				return ErrMalformPkt
@@ -426,7 +473,7 @@ func (mc *mysqlConn) handleAuthResult(oldAuthData []byte, plugin string) error {
 			if err != nil {
 				return err
 			}
-			return mc.readResultOK()
+			return mc.resultUnchanged().readResultOK()
 		}
 
 	default:
diff --git a/vendor/github.com/go-sql-driver/mysql/collations.go b/vendor/github.com/go-sql-driver/mysql/collations.go
index 295bfbe52..1cdf97b67 100644
--- a/vendor/github.com/go-sql-driver/mysql/collations.go
+++ b/vendor/github.com/go-sql-driver/mysql/collations.go
@@ -9,7 +9,7 @@
 package mysql
 
 const defaultCollation = "utf8mb4_general_ci"
-const binaryCollation = "binary"
+const binaryCollationID = 63
 
 // A list of available collations mapped to the internal ID.
 // To update this map use the following MySQL query:
diff --git a/vendor/github.com/go-sql-driver/mysql/connection.go b/vendor/github.com/go-sql-driver/mysql/connection.go
index 947a883e3..c170114fe 100644
--- a/vendor/github.com/go-sql-driver/mysql/connection.go
+++ b/vendor/github.com/go-sql-driver/mysql/connection.go
@@ -23,10 +23,10 @@ import (
 type mysqlConn struct {
 	buf              buffer
 	netConn          net.Conn
-	rawConn          net.Conn // underlying connection when netConn is TLS connection.
-	affectedRows     uint64
-	insertId         uint64
+	rawConn          net.Conn    // underlying connection when netConn is TLS connection.
+	result           mysqlResult // managed by clearResult() and handleOkPacket().
 	cfg              *Config
+	connector        *connector
 	maxAllowedPacket int
 	maxWriteSize     int
 	writeTimeout     time.Duration
@@ -34,7 +34,6 @@ type mysqlConn struct {
 	status           statusFlag
 	sequence         uint8
 	parseTime        bool
-	reset            bool // set when the Go SQL package calls ResetSession
 
 	// for context support (Go 1.8+)
 	watching bool
@@ -48,14 +47,19 @@ type mysqlConn struct {
 // Handles parameters set in DSN after the connection is established
 func (mc *mysqlConn) handleParams() (err error) {
 	var cmdSet strings.Builder
+
 	for param, val := range mc.cfg.Params {
 		switch param {
 		// Charset: character_set_connection, character_set_client, character_set_results
 		case "charset":
 			charsets := strings.Split(val, ",")
-			for i := range charsets {
+			for _, cs := range charsets {
 				// ignore errors here - a charset may not exist
-				err = mc.exec("SET NAMES " + charsets[i])
+				if mc.cfg.Collation != "" {
+					err = mc.exec("SET NAMES " + cs + " COLLATE " + mc.cfg.Collation)
+				} else {
+					err = mc.exec("SET NAMES " + cs)
+				}
 				if err == nil {
 					break
 				}
@@ -68,7 +72,7 @@ func (mc *mysqlConn) handleParams() (err error) {
 		default:
 			if cmdSet.Len() == 0 {
 				// Heuristic: 29 chars for each other key=value to reduce reallocations
-				cmdSet.Grow(4 + len(param) + 1 + len(val) + 30*(len(mc.cfg.Params)-1))
+				cmdSet.Grow(4 + len(param) + 3 + len(val) + 30*(len(mc.cfg.Params)-1))
 				cmdSet.WriteString("SET ")
 			} else {
 				cmdSet.WriteString(", ")
@@ -105,7 +109,7 @@ func (mc *mysqlConn) Begin() (driver.Tx, error) {
 
 func (mc *mysqlConn) begin(readOnly bool) (driver.Tx, error) {
 	if mc.closed.Load() {
-		errLog.Print(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	var q string
@@ -147,8 +151,9 @@ func (mc *mysqlConn) cleanup() {
 		return
 	}
 	if err := mc.netConn.Close(); err != nil {
-		errLog.Print(err)
+		mc.cfg.Logger.Print(err)
 	}
+	mc.clearResult()
 }
 
 func (mc *mysqlConn) error() error {
@@ -163,14 +168,14 @@ func (mc *mysqlConn) error() error {
 
 func (mc *mysqlConn) Prepare(query string) (driver.Stmt, error) {
 	if mc.closed.Load() {
-		errLog.Print(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	// Send command
 	err := mc.writeCommandPacketStr(comStmtPrepare, query)
 	if err != nil {
 		// STMT_PREPARE is safe to retry.  So we can return ErrBadConn here.
-		errLog.Print(err)
+		mc.cfg.Logger.Print(err)
 		return nil, driver.ErrBadConn
 	}
 
@@ -204,7 +209,7 @@ func (mc *mysqlConn) interpolateParams(query string, args []driver.Value) (strin
 	buf, err := mc.buf.takeCompleteBuffer()
 	if err != nil {
 		// can not take the buffer. Something must be wrong with the connection
-		errLog.Print(err)
+		mc.cfg.Logger.Print(err)
 		return "", ErrInvalidConn
 	}
 	buf = buf[:0]
@@ -246,7 +251,7 @@ func (mc *mysqlConn) interpolateParams(query string, args []driver.Value) (strin
 				buf = append(buf, "'0000-00-00'"...)
 			} else {
 				buf = append(buf, '\'')
-				buf, err = appendDateTime(buf, v.In(mc.cfg.Loc))
+				buf, err = appendDateTime(buf, v.In(mc.cfg.Loc), mc.cfg.timeTruncate)
 				if err != nil {
 					return "", err
 				}
@@ -296,7 +301,7 @@ func (mc *mysqlConn) interpolateParams(query string, args []driver.Value) (strin
 
 func (mc *mysqlConn) Exec(query string, args []driver.Value) (driver.Result, error) {
 	if mc.closed.Load() {
-		errLog.Print(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	if len(args) != 0 {
@@ -310,28 +315,25 @@ func (mc *mysqlConn) Exec(query string, args []driver.Value) (driver.Result, err
 		}
 		query = prepared
 	}
-	mc.affectedRows = 0
-	mc.insertId = 0
 
 	err := mc.exec(query)
 	if err == nil {
-		return &mysqlResult{
-			affectedRows: int64(mc.affectedRows),
-			insertId:     int64(mc.insertId),
-		}, err
+		copied := mc.result
+		return &copied, err
 	}
 	return nil, mc.markBadConn(err)
 }
 
 // Internal function to execute commands
 func (mc *mysqlConn) exec(query string) error {
+	handleOk := mc.clearResult()
 	// Send command
 	if err := mc.writeCommandPacketStr(comQuery, query); err != nil {
 		return mc.markBadConn(err)
 	}
 
 	// Read Result
-	resLen, err := mc.readResultSetHeaderPacket()
+	resLen, err := handleOk.readResultSetHeaderPacket()
 	if err != nil {
 		return err
 	}
@@ -348,7 +350,7 @@ func (mc *mysqlConn) exec(query string) error {
 		}
 	}
 
-	return mc.discardResults()
+	return handleOk.discardResults()
 }
 
 func (mc *mysqlConn) Query(query string, args []driver.Value) (driver.Rows, error) {
@@ -356,8 +358,10 @@ func (mc *mysqlConn) Query(query string, args []driver.Value) (driver.Rows, erro
 }
 
 func (mc *mysqlConn) query(query string, args []driver.Value) (*textRows, error) {
+	handleOk := mc.clearResult()
+
 	if mc.closed.Load() {
-		errLog.Print(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	if len(args) != 0 {
@@ -376,7 +380,7 @@ func (mc *mysqlConn) query(query string, args []driver.Value) (*textRows, error)
 	if err == nil {
 		// Read Result
 		var resLen int
-		resLen, err = mc.readResultSetHeaderPacket()
+		resLen, err = handleOk.readResultSetHeaderPacket()
 		if err == nil {
 			rows := new(textRows)
 			rows.mc = mc
@@ -404,12 +408,13 @@ func (mc *mysqlConn) query(query string, args []driver.Value) (*textRows, error)
 // The returned byte slice is only valid until the next read
 func (mc *mysqlConn) getSystemVar(name string) ([]byte, error) {
 	// Send command
+	handleOk := mc.clearResult()
 	if err := mc.writeCommandPacketStr(comQuery, "SELECT @@"+name); err != nil {
 		return nil, err
 	}
 
 	// Read Result
-	resLen, err := mc.readResultSetHeaderPacket()
+	resLen, err := handleOk.readResultSetHeaderPacket()
 	if err == nil {
 		rows := new(textRows)
 		rows.mc = mc
@@ -451,7 +456,7 @@ func (mc *mysqlConn) finish() {
 // Ping implements driver.Pinger interface
 func (mc *mysqlConn) Ping(ctx context.Context) (err error) {
 	if mc.closed.Load() {
-		errLog.Print(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return driver.ErrBadConn
 	}
 
@@ -460,11 +465,12 @@ func (mc *mysqlConn) Ping(ctx context.Context) (err error) {
 	}
 	defer mc.finish()
 
+	handleOk := mc.clearResult()
 	if err = mc.writeCommandPacket(comPing); err != nil {
 		return mc.markBadConn(err)
 	}
 
-	return mc.readResultOK()
+	return handleOk.readResultOK()
 }
 
 // BeginTx implements driver.ConnBeginTx interface
@@ -639,7 +645,31 @@ func (mc *mysqlConn) ResetSession(ctx context.Context) error {
 	if mc.closed.Load() {
 		return driver.ErrBadConn
 	}
-	mc.reset = true
+
+	// Perform a stale connection check. We only perform this check for
+	// the first query on a connection that has been checked out of the
+	// connection pool: a fresh connection from the pool is more likely
+	// to be stale, and it has not performed any previous writes that
+	// could cause data corruption, so it's safe to return ErrBadConn
+	// if the check fails.
+	if mc.cfg.CheckConnLiveness {
+		conn := mc.netConn
+		if mc.rawConn != nil {
+			conn = mc.rawConn
+		}
+		var err error
+		if mc.cfg.ReadTimeout != 0 {
+			err = conn.SetReadDeadline(time.Now().Add(mc.cfg.ReadTimeout))
+		}
+		if err == nil {
+			err = connCheck(conn)
+		}
+		if err != nil {
+			mc.cfg.Logger.Print("closing bad idle connection: ", err)
+			return driver.ErrBadConn
+		}
+	}
+
 	return nil
 }
 
diff --git a/vendor/github.com/go-sql-driver/mysql/connector.go b/vendor/github.com/go-sql-driver/mysql/connector.go
index d567b4e4f..a0ee62839 100644
--- a/vendor/github.com/go-sql-driver/mysql/connector.go
+++ b/vendor/github.com/go-sql-driver/mysql/connector.go
@@ -12,10 +12,53 @@ import (
 	"context"
 	"database/sql/driver"
 	"net"
+	"os"
+	"strconv"
+	"strings"
 )
 
 type connector struct {
-	cfg *Config // immutable private copy.
+	cfg               *Config // immutable private copy.
+	encodedAttributes string  // Encoded connection attributes.
+}
+
+func encodeConnectionAttributes(cfg *Config) string {
+	connAttrsBuf := make([]byte, 0)
+
+	// default connection attributes
+	connAttrsBuf = appendLengthEncodedString(connAttrsBuf, connAttrClientName)
+	connAttrsBuf = appendLengthEncodedString(connAttrsBuf, connAttrClientNameValue)
+	connAttrsBuf = appendLengthEncodedString(connAttrsBuf, connAttrOS)
+	connAttrsBuf = appendLengthEncodedString(connAttrsBuf, connAttrOSValue)
+	connAttrsBuf = appendLengthEncodedString(connAttrsBuf, connAttrPlatform)
+	connAttrsBuf = appendLengthEncodedString(connAttrsBuf, connAttrPlatformValue)
+	connAttrsBuf = appendLengthEncodedString(connAttrsBuf, connAttrPid)
+	connAttrsBuf = appendLengthEncodedString(connAttrsBuf, strconv.Itoa(os.Getpid()))
+	serverHost, _, _ := net.SplitHostPort(cfg.Addr)
+	if serverHost != "" {
+		connAttrsBuf = appendLengthEncodedString(connAttrsBuf, connAttrServerHost)
+		connAttrsBuf = appendLengthEncodedString(connAttrsBuf, serverHost)
+	}
+
+	// user-defined connection attributes
+	for _, connAttr := range strings.Split(cfg.ConnectionAttributes, ",") {
+		k, v, found := strings.Cut(connAttr, ":")
+		if !found {
+			continue
+		}
+		connAttrsBuf = appendLengthEncodedString(connAttrsBuf, k)
+		connAttrsBuf = appendLengthEncodedString(connAttrsBuf, v)
+	}
+
+	return string(connAttrsBuf)
+}
+
+func newConnector(cfg *Config) *connector {
+	encodedAttributes := encodeConnectionAttributes(cfg)
+	return &connector{
+		cfg:               cfg,
+		encodedAttributes: encodedAttributes,
+	}
 }
 
 // Connect implements driver.Connector interface.
@@ -23,12 +66,23 @@ type connector struct {
 func (c *connector) Connect(ctx context.Context) (driver.Conn, error) {
 	var err error
 
+	// Invoke beforeConnect if present, with a copy of the configuration
+	cfg := c.cfg
+	if c.cfg.beforeConnect != nil {
+		cfg = c.cfg.Clone()
+		err = c.cfg.beforeConnect(ctx, cfg)
+		if err != nil {
+			return nil, err
+		}
+	}
+
 	// New mysqlConn
 	mc := &mysqlConn{
 		maxAllowedPacket: maxPacketSize,
 		maxWriteSize:     maxPacketSize - 1,
 		closech:          make(chan struct{}),
-		cfg:              c.cfg,
+		cfg:              cfg,
+		connector:        c,
 	}
 	mc.parseTime = mc.cfg.ParseTime
 
@@ -56,10 +110,7 @@ func (c *connector) Connect(ctx context.Context) (driver.Conn, error) {
 	// Enable TCP Keepalives on TCP connections
 	if tc, ok := mc.netConn.(*net.TCPConn); ok {
 		if err := tc.SetKeepAlive(true); err != nil {
-			// Don't send COM_QUIT before handshake.
-			mc.netConn.Close()
-			mc.netConn = nil
-			return nil, err
+			c.cfg.Logger.Print(err)
 		}
 	}
 
@@ -92,7 +143,7 @@ func (c *connector) Connect(ctx context.Context) (driver.Conn, error) {
 	authResp, err := mc.auth(authData, plugin)
 	if err != nil {
 		// try the default auth plugin, if using the requested plugin failed
-		errLog.Print("could not use requested auth plugin '"+plugin+"': ", err.Error())
+		c.cfg.Logger.Print("could not use requested auth plugin '"+plugin+"': ", err.Error())
 		plugin = defaultAuthPlugin
 		authResp, err = mc.auth(authData, plugin)
 		if err != nil {
diff --git a/vendor/github.com/go-sql-driver/mysql/const.go b/vendor/github.com/go-sql-driver/mysql/const.go
index 64e2bced6..22526e031 100644
--- a/vendor/github.com/go-sql-driver/mysql/const.go
+++ b/vendor/github.com/go-sql-driver/mysql/const.go
@@ -8,12 +8,25 @@
 
 package mysql
 
+import "runtime"
+
 const (
 	defaultAuthPlugin       = "mysql_native_password"
 	defaultMaxAllowedPacket = 64 << 20 // 64 MiB. See https://github.com/go-sql-driver/mysql/issues/1355
 	minProtocolVersion      = 10
 	maxPacketSize           = 1<<24 - 1
 	timeFormat              = "2006-01-02 15:04:05.999999"
+
+	// Connection attributes
+	// See https://dev.mysql.com/doc/refman/8.0/en/performance-schema-connection-attribute-tables.html#performance-schema-connection-attributes-available
+	connAttrClientName      = "_client_name"
+	connAttrClientNameValue = "Go-MySQL-Driver"
+	connAttrOS              = "_os"
+	connAttrOSValue         = runtime.GOOS
+	connAttrPlatform        = "_platform"
+	connAttrPlatformValue   = runtime.GOARCH
+	connAttrPid             = "_pid"
+	connAttrServerHost      = "_server_host"
 )
 
 // MySQL constants documentation:
diff --git a/vendor/github.com/go-sql-driver/mysql/driver.go b/vendor/github.com/go-sql-driver/mysql/driver.go
index ad7aec215..105316b81 100644
--- a/vendor/github.com/go-sql-driver/mysql/driver.go
+++ b/vendor/github.com/go-sql-driver/mysql/driver.go
@@ -55,6 +55,15 @@ func RegisterDialContext(net string, dial DialContextFunc) {
 	dials[net] = dial
 }
 
+// DeregisterDialContext removes the custom dial function registered with the given net.
+func DeregisterDialContext(net string) {
+	dialsLock.Lock()
+	defer dialsLock.Unlock()
+	if dials != nil {
+		delete(dials, net)
+	}
+}
+
 // RegisterDial registers a custom dial function. It can then be used by the
 // network address mynet(addr), where mynet is the registered new network.
 // addr is passed as a parameter to the dial function.
@@ -74,14 +83,18 @@ func (d MySQLDriver) Open(dsn string) (driver.Conn, error) {
 	if err != nil {
 		return nil, err
 	}
-	c := &connector{
-		cfg: cfg,
-	}
+	c := newConnector(cfg)
 	return c.Connect(context.Background())
 }
 
+// This variable can be replaced with -ldflags like below:
+// go build "-ldflags=-X github.com/go-sql-driver/mysql.driverName=custom"
+var driverName = "mysql"
+
 func init() {
-	sql.Register("mysql", &MySQLDriver{})
+	if driverName != "" {
+		sql.Register(driverName, &MySQLDriver{})
+	}
 }
 
 // NewConnector returns new driver.Connector.
@@ -92,7 +105,7 @@ func NewConnector(cfg *Config) (driver.Connector, error) {
 	if err := cfg.normalize(); err != nil {
 		return nil, err
 	}
-	return &connector{cfg: cfg}, nil
+	return newConnector(cfg), nil
 }
 
 // OpenConnector implements driver.DriverContext.
@@ -101,7 +114,5 @@ func (d MySQLDriver) OpenConnector(dsn string) (driver.Connector, error) {
 	if err != nil {
 		return nil, err
 	}
-	return &connector{
-		cfg: cfg,
-	}, nil
+	return newConnector(cfg), nil
 }
diff --git a/vendor/github.com/go-sql-driver/mysql/dsn.go b/vendor/github.com/go-sql-driver/mysql/dsn.go
index 4b71aaab0..65f5a0242 100644
--- a/vendor/github.com/go-sql-driver/mysql/dsn.go
+++ b/vendor/github.com/go-sql-driver/mysql/dsn.go
@@ -10,6 +10,7 @@ package mysql
 
 import (
 	"bytes"
+	"context"
 	"crypto/rsa"
 	"crypto/tls"
 	"errors"
@@ -34,22 +35,27 @@ var (
 // If a new Config is created instead of being parsed from a DSN string,
 // the NewConfig function should be used, which sets default values.
 type Config struct {
-	User             string            // Username
-	Passwd           string            // Password (requires User)
-	Net              string            // Network type
-	Addr             string            // Network address (requires Net)
-	DBName           string            // Database name
-	Params           map[string]string // Connection parameters
-	Collation        string            // Connection collation
-	Loc              *time.Location    // Location for time.Time values
-	MaxAllowedPacket int               // Max packet size allowed
-	ServerPubKey     string            // Server public key name
-	pubKey           *rsa.PublicKey    // Server public key
-	TLSConfig        string            // TLS configuration name
-	TLS              *tls.Config       // TLS configuration, its priority is higher than TLSConfig
-	Timeout          time.Duration     // Dial timeout
-	ReadTimeout      time.Duration     // I/O read timeout
-	WriteTimeout     time.Duration     // I/O write timeout
+	// non boolean fields
+
+	User                 string            // Username
+	Passwd               string            // Password (requires User)
+	Net                  string            // Network (e.g. "tcp", "tcp6", "unix". default: "tcp")
+	Addr                 string            // Address (default: "127.0.0.1:3306" for "tcp" and "/tmp/mysql.sock" for "unix")
+	DBName               string            // Database name
+	Params               map[string]string // Connection parameters
+	ConnectionAttributes string            // Connection Attributes, comma-delimited string of user-defined "key:value" pairs
+	Collation            string            // Connection collation
+	Loc                  *time.Location    // Location for time.Time values
+	MaxAllowedPacket     int               // Max packet size allowed
+	ServerPubKey         string            // Server public key name
+	TLSConfig            string            // TLS configuration name
+	TLS                  *tls.Config       // TLS configuration, its priority is higher than TLSConfig
+	Timeout              time.Duration     // Dial timeout
+	ReadTimeout          time.Duration     // I/O read timeout
+	WriteTimeout         time.Duration     // I/O write timeout
+	Logger               Logger            // Logger
+
+	// boolean fields
 
 	AllowAllFiles            bool // Allow all files to be used with LOAD DATA LOCAL INFILE
 	AllowCleartextPasswords  bool // Allows the cleartext client side plugin
@@ -63,17 +69,57 @@ type Config struct {
 	MultiStatements          bool // Allow multiple statements in one query
 	ParseTime                bool // Parse time values to time.Time
 	RejectReadOnly           bool // Reject read-only connections
+
+	// unexported fields. new options should be come here
+
+	beforeConnect func(context.Context, *Config) error // Invoked before a connection is established
+	pubKey        *rsa.PublicKey                       // Server public key
+	timeTruncate  time.Duration                        // Truncate time.Time values to the specified duration
 }
 
+// Functional Options Pattern
+// https://dave.cheney.net/2014/10/17/functional-options-for-friendly-apis
+type Option func(*Config) error
+
 // NewConfig creates a new Config and sets default values.
 func NewConfig() *Config {
-	return &Config{
-		Collation:            defaultCollation,
+	cfg := &Config{
 		Loc:                  time.UTC,
 		MaxAllowedPacket:     defaultMaxAllowedPacket,
+		Logger:               defaultLogger,
 		AllowNativePasswords: true,
 		CheckConnLiveness:    true,
 	}
+
+	return cfg
+}
+
+// Apply applies the given options to the Config object.
+func (c *Config) Apply(opts ...Option) error {
+	for _, opt := range opts {
+		err := opt(c)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// TimeTruncate sets the time duration to truncate time.Time values in
+// query parameters.
+func TimeTruncate(d time.Duration) Option {
+	return func(cfg *Config) error {
+		cfg.timeTruncate = d
+		return nil
+	}
+}
+
+// BeforeConnect sets the function to be invoked before a connection is established.
+func BeforeConnect(fn func(context.Context, *Config) error) Option {
+	return func(cfg *Config) error {
+		cfg.beforeConnect = fn
+		return nil
+	}
 }
 
 func (cfg *Config) Clone() *Config {
@@ -97,7 +143,7 @@ func (cfg *Config) Clone() *Config {
 }
 
 func (cfg *Config) normalize() error {
-	if cfg.InterpolateParams && unsafeCollations[cfg.Collation] {
+	if cfg.InterpolateParams && cfg.Collation != "" && unsafeCollations[cfg.Collation] {
 		return errInvalidDSNUnsafeCollation
 	}
 
@@ -153,6 +199,10 @@ func (cfg *Config) normalize() error {
 		}
 	}
 
+	if cfg.Logger == nil {
+		cfg.Logger = defaultLogger
+	}
+
 	return nil
 }
 
@@ -171,6 +221,8 @@ func writeDSNParam(buf *bytes.Buffer, hasParam *bool, name, value string) {
 
 // FormatDSN formats the given Config into a DSN string which can be passed to
 // the driver.
+//
+// Note: use [NewConnector] and [database/sql.OpenDB] to open a connection from a [*Config].
 func (cfg *Config) FormatDSN() string {
 	var buf bytes.Buffer
 
@@ -196,7 +248,7 @@ func (cfg *Config) FormatDSN() string {
 
 	// /dbname
 	buf.WriteByte('/')
-	buf.WriteString(cfg.DBName)
+	buf.WriteString(url.PathEscape(cfg.DBName))
 
 	// [?param1=value1&...¶mN=valueN]
 	hasParam := false
@@ -230,7 +282,7 @@ func (cfg *Config) FormatDSN() string {
 		writeDSNParam(&buf, &hasParam, "clientFoundRows", "true")
 	}
 
-	if col := cfg.Collation; col != defaultCollation && len(col) > 0 {
+	if col := cfg.Collation; col != "" {
 		writeDSNParam(&buf, &hasParam, "collation", col)
 	}
 
@@ -254,6 +306,10 @@ func (cfg *Config) FormatDSN() string {
 		writeDSNParam(&buf, &hasParam, "parseTime", "true")
 	}
 
+	if cfg.timeTruncate > 0 {
+		writeDSNParam(&buf, &hasParam, "timeTruncate", cfg.timeTruncate.String())
+	}
+
 	if cfg.ReadTimeout > 0 {
 		writeDSNParam(&buf, &hasParam, "readTimeout", cfg.ReadTimeout.String())
 	}
@@ -358,7 +414,11 @@ func ParseDSN(dsn string) (cfg *Config, err error) {
 					break
 				}
 			}
-			cfg.DBName = dsn[i+1 : j]
+
+			dbname := dsn[i+1 : j]
+			if cfg.DBName, err = url.PathUnescape(dbname); err != nil {
+				return nil, fmt.Errorf("invalid dbname %q: %w", dbname, err)
+			}
 
 			break
 		}
@@ -378,13 +438,13 @@ func ParseDSN(dsn string) (cfg *Config, err error) {
 // Values must be url.QueryEscape'ed
 func parseDSNParams(cfg *Config, params string) (err error) {
 	for _, v := range strings.Split(params, "&") {
-		param := strings.SplitN(v, "=", 2)
-		if len(param) != 2 {
+		key, value, found := strings.Cut(v, "=")
+		if !found {
 			continue
 		}
 
 		// cfg params
-		switch value := param[1]; param[0] {
+		switch key {
 		// Disable INFILE allowlist / enable all files
 		case "allowAllFiles":
 			var isBool bool
@@ -490,6 +550,13 @@ func parseDSNParams(cfg *Config, params string) (err error) {
 				return errors.New("invalid bool value: " + value)
 			}
 
+		// time.Time truncation
+		case "timeTruncate":
+			cfg.timeTruncate, err = time.ParseDuration(value)
+			if err != nil {
+				return fmt.Errorf("invalid timeTruncate value: %v, error: %w", value, err)
+			}
+
 		// I/O read Timeout
 		case "readTimeout":
 			cfg.ReadTimeout, err = time.ParseDuration(value)
@@ -554,13 +621,22 @@ func parseDSNParams(cfg *Config, params string) (err error) {
 			if err != nil {
 				return
 			}
+
+		// Connection attributes
+		case "connectionAttributes":
+			connectionAttributes, err := url.QueryUnescape(value)
+			if err != nil {
+				return fmt.Errorf("invalid connectionAttributes value: %v", err)
+			}
+			cfg.ConnectionAttributes = connectionAttributes
+
 		default:
 			// lazy init
 			if cfg.Params == nil {
 				cfg.Params = make(map[string]string)
 			}
 
-			if cfg.Params[param[0]], err = url.QueryUnescape(value); err != nil {
+			if cfg.Params[key], err = url.QueryUnescape(value); err != nil {
 				return
 			}
 		}
diff --git a/vendor/github.com/go-sql-driver/mysql/errors.go b/vendor/github.com/go-sql-driver/mysql/errors.go
index ff9a8f088..a9a3060c9 100644
--- a/vendor/github.com/go-sql-driver/mysql/errors.go
+++ b/vendor/github.com/go-sql-driver/mysql/errors.go
@@ -21,7 +21,7 @@ var (
 	ErrMalformPkt        = errors.New("malformed packet")
 	ErrNoTLS             = errors.New("TLS requested but server does not support TLS")
 	ErrCleartextPassword = errors.New("this user requires clear text authentication. If you still want to use it, please add 'allowCleartextPasswords=1' to your DSN")
-	ErrNativePassword    = errors.New("this user requires mysql native password authentication.")
+	ErrNativePassword    = errors.New("this user requires mysql native password authentication")
 	ErrOldPassword       = errors.New("this user requires old password authentication. If you still want to use it, please add 'allowOldPasswords=1' to your DSN. See also https://github.com/go-sql-driver/mysql/wiki/old_passwords")
 	ErrUnknownPlugin     = errors.New("this authentication plugin is not supported")
 	ErrOldProtocol       = errors.New("MySQL server does not support required protocol 41+")
@@ -37,20 +37,26 @@ var (
 	errBadConnNoWrite = errors.New("bad connection")
 )
 
-var errLog = Logger(log.New(os.Stderr, "[mysql] ", log.Ldate|log.Ltime|log.Lshortfile))
+var defaultLogger = Logger(log.New(os.Stderr, "[mysql] ", log.Ldate|log.Ltime|log.Lshortfile))
 
 // Logger is used to log critical error messages.
 type Logger interface {
 	Print(v ...interface{})
 }
 
-// SetLogger is used to set the logger for critical errors.
+// NopLogger is a nop implementation of the Logger interface.
+type NopLogger struct{}
+
+// Print implements Logger interface.
+func (nl *NopLogger) Print(_ ...interface{}) {}
+
+// SetLogger is used to set the default logger for critical errors.
 // The initial logger is os.Stderr.
 func SetLogger(logger Logger) error {
 	if logger == nil {
 		return errors.New("logger is nil")
 	}
-	errLog = logger
+	defaultLogger = logger
 	return nil
 }
 
diff --git a/vendor/github.com/go-sql-driver/mysql/fields.go b/vendor/github.com/go-sql-driver/mysql/fields.go
index e0654a83d..2a397b245 100644
--- a/vendor/github.com/go-sql-driver/mysql/fields.go
+++ b/vendor/github.com/go-sql-driver/mysql/fields.go
@@ -18,7 +18,7 @@ func (mf *mysqlField) typeDatabaseName() string {
 	case fieldTypeBit:
 		return "BIT"
 	case fieldTypeBLOB:
-		if mf.charSet != collations[binaryCollation] {
+		if mf.charSet != binaryCollationID {
 			return "TEXT"
 		}
 		return "BLOB"
@@ -37,6 +37,9 @@ func (mf *mysqlField) typeDatabaseName() string {
 	case fieldTypeGeometry:
 		return "GEOMETRY"
 	case fieldTypeInt24:
+		if mf.flags&flagUnsigned != 0 {
+			return "UNSIGNED MEDIUMINT"
+		}
 		return "MEDIUMINT"
 	case fieldTypeJSON:
 		return "JSON"
@@ -46,7 +49,7 @@ func (mf *mysqlField) typeDatabaseName() string {
 		}
 		return "INT"
 	case fieldTypeLongBLOB:
-		if mf.charSet != collations[binaryCollation] {
+		if mf.charSet != binaryCollationID {
 			return "LONGTEXT"
 		}
 		return "LONGBLOB"
@@ -56,7 +59,7 @@ func (mf *mysqlField) typeDatabaseName() string {
 		}
 		return "BIGINT"
 	case fieldTypeMediumBLOB:
-		if mf.charSet != collations[binaryCollation] {
+		if mf.charSet != binaryCollationID {
 			return "MEDIUMTEXT"
 		}
 		return "MEDIUMBLOB"
@@ -74,7 +77,12 @@ func (mf *mysqlField) typeDatabaseName() string {
 		}
 		return "SMALLINT"
 	case fieldTypeString:
-		if mf.charSet == collations[binaryCollation] {
+		if mf.flags&flagEnum != 0 {
+			return "ENUM"
+		} else if mf.flags&flagSet != 0 {
+			return "SET"
+		}
+		if mf.charSet == binaryCollationID {
 			return "BINARY"
 		}
 		return "CHAR"
@@ -88,17 +96,17 @@ func (mf *mysqlField) typeDatabaseName() string {
 		}
 		return "TINYINT"
 	case fieldTypeTinyBLOB:
-		if mf.charSet != collations[binaryCollation] {
+		if mf.charSet != binaryCollationID {
 			return "TINYTEXT"
 		}
 		return "TINYBLOB"
 	case fieldTypeVarChar:
-		if mf.charSet == collations[binaryCollation] {
+		if mf.charSet == binaryCollationID {
 			return "VARBINARY"
 		}
 		return "VARCHAR"
 	case fieldTypeVarString:
-		if mf.charSet == collations[binaryCollation] {
+		if mf.charSet == binaryCollationID {
 			return "VARBINARY"
 		}
 		return "VARCHAR"
@@ -110,21 +118,23 @@ func (mf *mysqlField) typeDatabaseName() string {
 }
 
 var (
-	scanTypeFloat32   = reflect.TypeOf(float32(0))
-	scanTypeFloat64   = reflect.TypeOf(float64(0))
-	scanTypeInt8      = reflect.TypeOf(int8(0))
-	scanTypeInt16     = reflect.TypeOf(int16(0))
-	scanTypeInt32     = reflect.TypeOf(int32(0))
-	scanTypeInt64     = reflect.TypeOf(int64(0))
-	scanTypeNullFloat = reflect.TypeOf(sql.NullFloat64{})
-	scanTypeNullInt   = reflect.TypeOf(sql.NullInt64{})
-	scanTypeNullTime  = reflect.TypeOf(sql.NullTime{})
-	scanTypeUint8     = reflect.TypeOf(uint8(0))
-	scanTypeUint16    = reflect.TypeOf(uint16(0))
-	scanTypeUint32    = reflect.TypeOf(uint32(0))
-	scanTypeUint64    = reflect.TypeOf(uint64(0))
-	scanTypeRawBytes  = reflect.TypeOf(sql.RawBytes{})
-	scanTypeUnknown   = reflect.TypeOf(new(interface{}))
+	scanTypeFloat32    = reflect.TypeOf(float32(0))
+	scanTypeFloat64    = reflect.TypeOf(float64(0))
+	scanTypeInt8       = reflect.TypeOf(int8(0))
+	scanTypeInt16      = reflect.TypeOf(int16(0))
+	scanTypeInt32      = reflect.TypeOf(int32(0))
+	scanTypeInt64      = reflect.TypeOf(int64(0))
+	scanTypeNullFloat  = reflect.TypeOf(sql.NullFloat64{})
+	scanTypeNullInt    = reflect.TypeOf(sql.NullInt64{})
+	scanTypeNullTime   = reflect.TypeOf(sql.NullTime{})
+	scanTypeUint8      = reflect.TypeOf(uint8(0))
+	scanTypeUint16     = reflect.TypeOf(uint16(0))
+	scanTypeUint32     = reflect.TypeOf(uint32(0))
+	scanTypeUint64     = reflect.TypeOf(uint64(0))
+	scanTypeString     = reflect.TypeOf("")
+	scanTypeNullString = reflect.TypeOf(sql.NullString{})
+	scanTypeBytes      = reflect.TypeOf([]byte{})
+	scanTypeUnknown    = reflect.TypeOf(new(interface{}))
 )
 
 type mysqlField struct {
@@ -187,12 +197,18 @@ func (mf *mysqlField) scanType() reflect.Type {
 		}
 		return scanTypeNullFloat
 
+	case fieldTypeBit, fieldTypeTinyBLOB, fieldTypeMediumBLOB, fieldTypeLongBLOB,
+		fieldTypeBLOB, fieldTypeVarString, fieldTypeString, fieldTypeGeometry:
+		if mf.charSet == binaryCollationID {
+			return scanTypeBytes
+		}
+		fallthrough
 	case fieldTypeDecimal, fieldTypeNewDecimal, fieldTypeVarChar,
-		fieldTypeBit, fieldTypeEnum, fieldTypeSet, fieldTypeTinyBLOB,
-		fieldTypeMediumBLOB, fieldTypeLongBLOB, fieldTypeBLOB,
-		fieldTypeVarString, fieldTypeString, fieldTypeGeometry, fieldTypeJSON,
-		fieldTypeTime:
-		return scanTypeRawBytes
+		fieldTypeEnum, fieldTypeSet, fieldTypeJSON, fieldTypeTime:
+		if mf.flags&flagNotNULL != 0 {
+			return scanTypeString
+		}
+		return scanTypeNullString
 
 	case fieldTypeDate, fieldTypeNewDate,
 		fieldTypeTimestamp, fieldTypeDateTime:
diff --git a/vendor/github.com/go-sql-driver/mysql/fuzz.go b/vendor/github.com/go-sql-driver/mysql/fuzz.go
deleted file mode 100644
index 3a4ec25a9..000000000
--- a/vendor/github.com/go-sql-driver/mysql/fuzz.go
+++ /dev/null
@@ -1,25 +0,0 @@
-// Go MySQL Driver - A MySQL-Driver for Go's database/sql package.
-//
-// Copyright 2020 The Go-MySQL-Driver Authors. All rights reserved.
-//
-// This Source Code Form is subject to the terms of the Mozilla Public
-// License, v. 2.0. If a copy of the MPL was not distributed with this file,
-// You can obtain one at http://mozilla.org/MPL/2.0/.
-
-//go:build gofuzz
-// +build gofuzz
-
-package mysql
-
-import (
-	"database/sql"
-)
-
-func Fuzz(data []byte) int {
-	db, err := sql.Open("mysql", string(data))
-	if err != nil {
-		return 0
-	}
-	db.Close()
-	return 1
-}
diff --git a/vendor/github.com/go-sql-driver/mysql/infile.go b/vendor/github.com/go-sql-driver/mysql/infile.go
index 3279dcffd..0c8af9f11 100644
--- a/vendor/github.com/go-sql-driver/mysql/infile.go
+++ b/vendor/github.com/go-sql-driver/mysql/infile.go
@@ -93,7 +93,7 @@ func deferredClose(err *error, closer io.Closer) {
 
 const defaultPacketSize = 16 * 1024 // 16KB is small enough for disk readahead and large enough for TCP
 
-func (mc *mysqlConn) handleInFileRequest(name string) (err error) {
+func (mc *okHandler) handleInFileRequest(name string) (err error) {
 	var rdr io.Reader
 	var data []byte
 	packetSize := defaultPacketSize
@@ -116,10 +116,10 @@ func (mc *mysqlConn) handleInFileRequest(name string) (err error) {
 					defer deferredClose(&err, cl)
 				}
 			} else {
-				err = fmt.Errorf("Reader '%s' is ", name)
+				err = fmt.Errorf("reader '%s' is ", name)
 			}
 		} else {
-			err = fmt.Errorf("Reader '%s' is not registered", name)
+			err = fmt.Errorf("reader '%s' is not registered", name)
 		}
 	} else { // File
 		name = strings.Trim(name, `"`)
@@ -154,7 +154,7 @@ func (mc *mysqlConn) handleInFileRequest(name string) (err error) {
 		for err == nil {
 			n, err = rdr.Read(data[4:])
 			if n > 0 {
-				if ioErr := mc.writePacket(data[:4+n]); ioErr != nil {
+				if ioErr := mc.conn().writePacket(data[:4+n]); ioErr != nil {
 					return ioErr
 				}
 			}
@@ -168,7 +168,7 @@ func (mc *mysqlConn) handleInFileRequest(name string) (err error) {
 	if data == nil {
 		data = make([]byte, 4)
 	}
-	if ioErr := mc.writePacket(data[:4]); ioErr != nil {
+	if ioErr := mc.conn().writePacket(data[:4]); ioErr != nil {
 		return ioErr
 	}
 
@@ -177,6 +177,6 @@ func (mc *mysqlConn) handleInFileRequest(name string) (err error) {
 		return mc.readResultOK()
 	}
 
-	mc.readPacket()
+	mc.conn().readPacket()
 	return err
 }
diff --git a/vendor/github.com/go-sql-driver/mysql/nulltime.go b/vendor/github.com/go-sql-driver/mysql/nulltime.go
index 36c8a42c5..7d381d5c2 100644
--- a/vendor/github.com/go-sql-driver/mysql/nulltime.go
+++ b/vendor/github.com/go-sql-driver/mysql/nulltime.go
@@ -59,7 +59,7 @@ func (nt *NullTime) Scan(value interface{}) (err error) {
 	}
 
 	nt.Valid = false
-	return fmt.Errorf("Can't convert %T to time.Time", value)
+	return fmt.Errorf("can't convert %T to time.Time", value)
 }
 
 // Value implements the driver Valuer interface.
diff --git a/vendor/github.com/go-sql-driver/mysql/packets.go b/vendor/github.com/go-sql-driver/mysql/packets.go
index ee05c95a8..3d6e5308c 100644
--- a/vendor/github.com/go-sql-driver/mysql/packets.go
+++ b/vendor/github.com/go-sql-driver/mysql/packets.go
@@ -14,10 +14,10 @@ import (
 	"database/sql/driver"
 	"encoding/binary"
 	"encoding/json"
-	"errors"
 	"fmt"
 	"io"
 	"math"
+	"strconv"
 	"time"
 )
 
@@ -34,7 +34,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 			if cerr := mc.canceled.Value(); cerr != nil {
 				return nil, cerr
 			}
-			errLog.Print(err)
+			mc.cfg.Logger.Print(err)
 			mc.Close()
 			return nil, ErrInvalidConn
 		}
@@ -44,6 +44,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 
 		// check packet sync [8 bit]
 		if data[3] != mc.sequence {
+			mc.Close()
 			if data[3] > mc.sequence {
 				return nil, ErrPktSyncMul
 			}
@@ -56,7 +57,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 		if pktLen == 0 {
 			// there was no previous packet
 			if prevData == nil {
-				errLog.Print(ErrMalformPkt)
+				mc.cfg.Logger.Print(ErrMalformPkt)
 				mc.Close()
 				return nil, ErrInvalidConn
 			}
@@ -70,7 +71,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 			if cerr := mc.canceled.Value(); cerr != nil {
 				return nil, cerr
 			}
-			errLog.Print(err)
+			mc.cfg.Logger.Print(err)
 			mc.Close()
 			return nil, ErrInvalidConn
 		}
@@ -97,34 +98,6 @@ func (mc *mysqlConn) writePacket(data []byte) error {
 		return ErrPktTooLarge
 	}
 
-	// Perform a stale connection check. We only perform this check for
-	// the first query on a connection that has been checked out of the
-	// connection pool: a fresh connection from the pool is more likely
-	// to be stale, and it has not performed any previous writes that
-	// could cause data corruption, so it's safe to return ErrBadConn
-	// if the check fails.
-	if mc.reset {
-		mc.reset = false
-		conn := mc.netConn
-		if mc.rawConn != nil {
-			conn = mc.rawConn
-		}
-		var err error
-		if mc.cfg.CheckConnLiveness {
-			if mc.cfg.ReadTimeout != 0 {
-				err = conn.SetReadDeadline(time.Now().Add(mc.cfg.ReadTimeout))
-			}
-			if err == nil {
-				err = connCheck(conn)
-			}
-		}
-		if err != nil {
-			errLog.Print("closing bad idle connection: ", err)
-			mc.Close()
-			return driver.ErrBadConn
-		}
-	}
-
 	for {
 		var size int
 		if pktLen >= maxPacketSize {
@@ -161,7 +134,7 @@ func (mc *mysqlConn) writePacket(data []byte) error {
 		// Handle error
 		if err == nil { // n != len(data)
 			mc.cleanup()
-			errLog.Print(ErrMalformPkt)
+			mc.cfg.Logger.Print(ErrMalformPkt)
 		} else {
 			if cerr := mc.canceled.Value(); cerr != nil {
 				return cerr
@@ -171,7 +144,7 @@ func (mc *mysqlConn) writePacket(data []byte) error {
 				return errBadConnNoWrite
 			}
 			mc.cleanup()
-			errLog.Print(err)
+			mc.cfg.Logger.Print(err)
 		}
 		return ErrInvalidConn
 	}
@@ -239,7 +212,7 @@ func (mc *mysqlConn) readHandshakePacket() (data []byte, plugin string, err erro
 		// reserved (all [00]) [10 bytes]
 		pos += 1 + 2 + 2 + 1 + 10
 
-		// second part of the password cipher [mininum 13 bytes],
+		// second part of the password cipher [minimum 13 bytes],
 		// where len=MAX(13, length of auth-plugin-data - 8)
 		//
 		// The web documentation is ambiguous about the length. However,
@@ -285,6 +258,7 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 		clientLocalFiles |
 		clientPluginAuth |
 		clientMultiResults |
+		clientConnectAttrs |
 		mc.flags&clientLongFlag
 
 	if mc.cfg.ClientFoundRows {
@@ -318,11 +292,17 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 		pktLen += n + 1
 	}
 
+	// encode length of the connection attributes
+	var connAttrsLEIBuf [9]byte
+	connAttrsLen := len(mc.connector.encodedAttributes)
+	connAttrsLEI := appendLengthEncodedInteger(connAttrsLEIBuf[:0], uint64(connAttrsLen))
+	pktLen += len(connAttrsLEI) + len(mc.connector.encodedAttributes)
+
 	// Calculate packet length and get buffer with that size
-	data, err := mc.buf.takeSmallBuffer(pktLen + 4)
+	data, err := mc.buf.takeBuffer(pktLen + 4)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		errLog.Print(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -338,14 +318,18 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 	data[10] = 0x00
 	data[11] = 0x00
 
-	// Charset [1 byte]
+	// Collation ID [1 byte]
+	cname := mc.cfg.Collation
+	if cname == "" {
+		cname = defaultCollation
+	}
 	var found bool
-	data[12], found = collations[mc.cfg.Collation]
+	data[12], found = collations[cname]
 	if !found {
 		// Note possibility for false negatives:
 		// could be triggered  although the collation is valid if the
 		// collations map does not contain entries the server supports.
-		return errors.New("unknown collation")
+		return fmt.Errorf("unknown collation: %q", cname)
 	}
 
 	// Filler [23 bytes] (all 0x00)
@@ -394,6 +378,10 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 	data[pos] = 0x00
 	pos++
 
+	// Connection Attributes
+	pos += copy(data[pos:], connAttrsLEI)
+	pos += copy(data[pos:], []byte(mc.connector.encodedAttributes))
+
 	// Send Auth packet
 	return mc.writePacket(data[:pos])
 }
@@ -404,7 +392,7 @@ func (mc *mysqlConn) writeAuthSwitchPacket(authData []byte) error {
 	data, err := mc.buf.takeSmallBuffer(pktLen)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		errLog.Print(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -424,7 +412,7 @@ func (mc *mysqlConn) writeCommandPacket(command byte) error {
 	data, err := mc.buf.takeSmallBuffer(4 + 1)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		errLog.Print(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -443,7 +431,7 @@ func (mc *mysqlConn) writeCommandPacketStr(command byte, arg string) error {
 	data, err := mc.buf.takeBuffer(pktLen + 4)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		errLog.Print(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -464,7 +452,7 @@ func (mc *mysqlConn) writeCommandPacketUint32(command byte, arg uint32) error {
 	data, err := mc.buf.takeSmallBuffer(4 + 1 + 4)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		errLog.Print(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -495,7 +483,9 @@ func (mc *mysqlConn) readAuthResult() ([]byte, string, error) {
 	switch data[0] {
 
 	case iOK:
-		return nil, "", mc.handleOkPacket(data)
+		// resultUnchanged, since auth happens before any queries or
+		// commands have been executed.
+		return nil, "", mc.resultUnchanged().handleOkPacket(data)
 
 	case iAuthMoreData:
 		return data[1:], "", err
@@ -518,9 +508,9 @@ func (mc *mysqlConn) readAuthResult() ([]byte, string, error) {
 	}
 }
 
-// Returns error if Packet is not an 'Result OK'-Packet
-func (mc *mysqlConn) readResultOK() error {
-	data, err := mc.readPacket()
+// Returns error if Packet is not a 'Result OK'-Packet
+func (mc *okHandler) readResultOK() error {
+	data, err := mc.conn().readPacket()
 	if err != nil {
 		return err
 	}
@@ -528,13 +518,17 @@ func (mc *mysqlConn) readResultOK() error {
 	if data[0] == iOK {
 		return mc.handleOkPacket(data)
 	}
-	return mc.handleErrorPacket(data)
+	return mc.conn().handleErrorPacket(data)
 }
 
 // Result Set Header Packet
 // http://dev.mysql.com/doc/internals/en/com-query-response.html#packet-ProtocolText::Resultset
-func (mc *mysqlConn) readResultSetHeaderPacket() (int, error) {
-	data, err := mc.readPacket()
+func (mc *okHandler) readResultSetHeaderPacket() (int, error) {
+	// handleOkPacket replaces both values; other cases leave the values unchanged.
+	mc.result.affectedRows = append(mc.result.affectedRows, 0)
+	mc.result.insertIds = append(mc.result.insertIds, 0)
+
+	data, err := mc.conn().readPacket()
 	if err == nil {
 		switch data[0] {
 
@@ -542,19 +536,16 @@ func (mc *mysqlConn) readResultSetHeaderPacket() (int, error) {
 			return 0, mc.handleOkPacket(data)
 
 		case iERR:
-			return 0, mc.handleErrorPacket(data)
+			return 0, mc.conn().handleErrorPacket(data)
 
 		case iLocalInFile:
 			return 0, mc.handleInFileRequest(string(data[1:]))
 		}
 
 		// column count
-		num, _, n := readLengthEncodedInteger(data)
-		if n-len(data) == 0 {
-			return int(num), nil
-		}
-
-		return 0, ErrMalformPkt
+		num, _, _ := readLengthEncodedInteger(data)
+		// ignore remaining data in the packet. see #1478.
+		return int(num), nil
 	}
 	return 0, err
 }
@@ -607,18 +598,61 @@ func readStatus(b []byte) statusFlag {
 	return statusFlag(b[0]) | statusFlag(b[1])<<8
 }
 
+// Returns an instance of okHandler for codepaths where mysqlConn.result doesn't
+// need to be cleared first (e.g. during authentication, or while additional
+// resultsets are being fetched.)
+func (mc *mysqlConn) resultUnchanged() *okHandler {
+	return (*okHandler)(mc)
+}
+
+// okHandler represents the state of the connection when mysqlConn.result has
+// been prepared for processing of OK packets.
+//
+// To correctly populate mysqlConn.result (updated by handleOkPacket()), all
+// callpaths must either:
+//
+// 1. first clear it using clearResult(), or
+// 2. confirm that they don't need to (by calling resultUnchanged()).
+//
+// Both return an instance of type *okHandler.
+type okHandler mysqlConn
+
+// Exposes the underlying type's methods.
+func (mc *okHandler) conn() *mysqlConn {
+	return (*mysqlConn)(mc)
+}
+
+// clearResult clears the connection's stored affectedRows and insertIds
+// fields.
+//
+// It returns a handler that can process OK responses.
+func (mc *mysqlConn) clearResult() *okHandler {
+	mc.result = mysqlResult{}
+	return (*okHandler)(mc)
+}
+
 // Ok Packet
 // http://dev.mysql.com/doc/internals/en/generic-response-packets.html#packet-OK_Packet
-func (mc *mysqlConn) handleOkPacket(data []byte) error {
+func (mc *okHandler) handleOkPacket(data []byte) error {
 	var n, m int
+	var affectedRows, insertId uint64
 
 	// 0x00 [1 byte]
 
 	// Affected rows [Length Coded Binary]
-	mc.affectedRows, _, n = readLengthEncodedInteger(data[1:])
+	affectedRows, _, n = readLengthEncodedInteger(data[1:])
 
 	// Insert id [Length Coded Binary]
-	mc.insertId, _, m = readLengthEncodedInteger(data[1+n:])
+	insertId, _, m = readLengthEncodedInteger(data[1+n:])
+
+	// Update for the current statement result (only used by
+	// readResultSetHeaderPacket).
+	if len(mc.result.affectedRows) > 0 {
+		mc.result.affectedRows[len(mc.result.affectedRows)-1] = int64(affectedRows)
+	}
+	if len(mc.result.insertIds) > 0 {
+		mc.result.insertIds[len(mc.result.insertIds)-1] = int64(insertId)
+	}
 
 	// server_status [2 bytes]
 	mc.status = readStatus(data[1+n+m : 1+n+m+2])
@@ -769,7 +803,8 @@ func (rows *textRows) readRow(dest []driver.Value) error {
 
 	for i := range dest {
 		// Read bytes and convert to string
-		dest[i], isNull, n, err = readLengthEncodedString(data[pos:])
+		var buf []byte
+		buf, isNull, n, err = readLengthEncodedString(data[pos:])
 		pos += n
 
 		if err != nil {
@@ -781,19 +816,40 @@ func (rows *textRows) readRow(dest []driver.Value) error {
 			continue
 		}
 
-		if !mc.parseTime {
-			continue
-		}
-
-		// Parse time field
 		switch rows.rs.columns[i].fieldType {
 		case fieldTypeTimestamp,
 			fieldTypeDateTime,
 			fieldTypeDate,
 			fieldTypeNewDate:
-			if dest[i], err = parseDateTime(dest[i].([]byte), mc.cfg.Loc); err != nil {
-				return err
+			if mc.parseTime {
+				dest[i], err = parseDateTime(buf, mc.cfg.Loc)
+			} else {
+				dest[i] = buf
 			}
+
+		case fieldTypeTiny, fieldTypeShort, fieldTypeInt24, fieldTypeYear, fieldTypeLong:
+			dest[i], err = strconv.ParseInt(string(buf), 10, 64)
+
+		case fieldTypeLongLong:
+			if rows.rs.columns[i].flags&flagUnsigned != 0 {
+				dest[i], err = strconv.ParseUint(string(buf), 10, 64)
+			} else {
+				dest[i], err = strconv.ParseInt(string(buf), 10, 64)
+			}
+
+		case fieldTypeFloat:
+			var d float64
+			d, err = strconv.ParseFloat(string(buf), 32)
+			dest[i] = float32(d)
+
+		case fieldTypeDouble:
+			dest[i], err = strconv.ParseFloat(string(buf), 64)
+
+		default:
+			dest[i] = buf
+		}
+		if err != nil {
+			return err
 		}
 	}
 
@@ -938,7 +994,7 @@ func (stmt *mysqlStmt) writeExecutePacket(args []driver.Value) error {
 	}
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		errLog.Print(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -1116,7 +1172,7 @@ func (stmt *mysqlStmt) writeExecutePacket(args []driver.Value) error {
 				if v.IsZero() {
 					b = append(b, "0000-00-00"...)
 				} else {
-					b, err = appendDateTime(b, v.In(mc.cfg.Loc))
+					b, err = appendDateTime(b, v.In(mc.cfg.Loc), mc.cfg.timeTruncate)
 					if err != nil {
 						return err
 					}
@@ -1137,7 +1193,7 @@ func (stmt *mysqlStmt) writeExecutePacket(args []driver.Value) error {
 		if valuesCap != cap(paramValues) {
 			data = append(data[:pos], paramValues...)
 			if err = mc.buf.store(data); err != nil {
-				errLog.Print(err)
+				mc.cfg.Logger.Print(err)
 				return errBadConnNoWrite
 			}
 		}
@@ -1149,7 +1205,9 @@ func (stmt *mysqlStmt) writeExecutePacket(args []driver.Value) error {
 	return mc.writePacket(data)
 }
 
-func (mc *mysqlConn) discardResults() error {
+// For each remaining resultset in the stream, discards its rows and updates
+// mc.affectedRows and mc.insertIds.
+func (mc *okHandler) discardResults() error {
 	for mc.status&statusMoreResultsExists != 0 {
 		resLen, err := mc.readResultSetHeaderPacket()
 		if err != nil {
@@ -1157,11 +1215,11 @@ func (mc *mysqlConn) discardResults() error {
 		}
 		if resLen > 0 {
 			// columns
-			if err := mc.readUntilEOF(); err != nil {
+			if err := mc.conn().readUntilEOF(); err != nil {
 				return err
 			}
 			// rows
-			if err := mc.readUntilEOF(); err != nil {
+			if err := mc.conn().readUntilEOF(); err != nil {
 				return err
 			}
 		}
diff --git a/vendor/github.com/go-sql-driver/mysql/result.go b/vendor/github.com/go-sql-driver/mysql/result.go
index c6438d034..d51631468 100644
--- a/vendor/github.com/go-sql-driver/mysql/result.go
+++ b/vendor/github.com/go-sql-driver/mysql/result.go
@@ -8,15 +8,43 @@
 
 package mysql
 
+import "database/sql/driver"
+
+// Result exposes data not available through *connection.Result.
+//
+// This is accessible by executing statements using sql.Conn.Raw() and
+// downcasting the returned result:
+//
+//	res, err := rawConn.Exec(...)
+//	res.(mysql.Result).AllRowsAffected()
+type Result interface {
+	driver.Result
+	// AllRowsAffected returns a slice containing the affected rows for each
+	// executed statement.
+	AllRowsAffected() []int64
+	// AllLastInsertIds returns a slice containing the last inserted ID for each
+	// executed statement.
+	AllLastInsertIds() []int64
+}
+
 type mysqlResult struct {
-	affectedRows int64
-	insertId     int64
+	// One entry in both slices is created for every executed statement result.
+	affectedRows []int64
+	insertIds    []int64
 }
 
 func (res *mysqlResult) LastInsertId() (int64, error) {
-	return res.insertId, nil
+	return res.insertIds[len(res.insertIds)-1], nil
 }
 
 func (res *mysqlResult) RowsAffected() (int64, error) {
-	return res.affectedRows, nil
+	return res.affectedRows[len(res.affectedRows)-1], nil
+}
+
+func (res *mysqlResult) AllLastInsertIds() []int64 {
+	return append([]int64{}, res.insertIds...) // defensive copy
+}
+
+func (res *mysqlResult) AllRowsAffected() []int64 {
+	return append([]int64{}, res.affectedRows...) // defensive copy
 }
diff --git a/vendor/github.com/go-sql-driver/mysql/rows.go b/vendor/github.com/go-sql-driver/mysql/rows.go
index 888bdb5f0..81fa6062c 100644
--- a/vendor/github.com/go-sql-driver/mysql/rows.go
+++ b/vendor/github.com/go-sql-driver/mysql/rows.go
@@ -123,7 +123,8 @@ func (rows *mysqlRows) Close() (err error) {
 		err = mc.readUntilEOF()
 	}
 	if err == nil {
-		if err = mc.discardResults(); err != nil {
+		handleOk := mc.clearResult()
+		if err = handleOk.discardResults(); err != nil {
 			return err
 		}
 	}
@@ -160,7 +161,15 @@ func (rows *mysqlRows) nextResultSet() (int, error) {
 		return 0, io.EOF
 	}
 	rows.rs = resultSet{}
-	return rows.mc.readResultSetHeaderPacket()
+	// rows.mc.affectedRows and rows.mc.insertIds accumulate on each call to
+	// nextResultSet.
+	resLen, err := rows.mc.resultUnchanged().readResultSetHeaderPacket()
+	if err != nil {
+		// Clean up about multi-results flag
+		rows.rs.done = true
+		rows.mc.status = rows.mc.status & (^statusMoreResultsExists)
+	}
+	return resLen, err
 }
 
 func (rows *mysqlRows) nextNotEmptyResultSet() (int, error) {
diff --git a/vendor/github.com/go-sql-driver/mysql/statement.go b/vendor/github.com/go-sql-driver/mysql/statement.go
index 10ece8bd6..31e7799c4 100644
--- a/vendor/github.com/go-sql-driver/mysql/statement.go
+++ b/vendor/github.com/go-sql-driver/mysql/statement.go
@@ -51,7 +51,7 @@ func (stmt *mysqlStmt) CheckNamedValue(nv *driver.NamedValue) (err error) {
 
 func (stmt *mysqlStmt) Exec(args []driver.Value) (driver.Result, error) {
 	if stmt.mc.closed.Load() {
-		errLog.Print(ErrInvalidConn)
+		stmt.mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	// Send command
@@ -61,12 +61,10 @@ func (stmt *mysqlStmt) Exec(args []driver.Value) (driver.Result, error) {
 	}
 
 	mc := stmt.mc
-
-	mc.affectedRows = 0
-	mc.insertId = 0
+	handleOk := stmt.mc.clearResult()
 
 	// Read Result
-	resLen, err := mc.readResultSetHeaderPacket()
+	resLen, err := handleOk.readResultSetHeaderPacket()
 	if err != nil {
 		return nil, err
 	}
@@ -83,14 +81,12 @@ func (stmt *mysqlStmt) Exec(args []driver.Value) (driver.Result, error) {
 		}
 	}
 
-	if err := mc.discardResults(); err != nil {
+	if err := handleOk.discardResults(); err != nil {
 		return nil, err
 	}
 
-	return &mysqlResult{
-		affectedRows: int64(mc.affectedRows),
-		insertId:     int64(mc.insertId),
-	}, nil
+	copied := mc.result
+	return &copied, nil
 }
 
 func (stmt *mysqlStmt) Query(args []driver.Value) (driver.Rows, error) {
@@ -99,7 +95,7 @@ func (stmt *mysqlStmt) Query(args []driver.Value) (driver.Rows, error) {
 
 func (stmt *mysqlStmt) query(args []driver.Value) (*binaryRows, error) {
 	if stmt.mc.closed.Load() {
-		errLog.Print(ErrInvalidConn)
+		stmt.mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	// Send command
@@ -111,7 +107,8 @@ func (stmt *mysqlStmt) query(args []driver.Value) (*binaryRows, error) {
 	mc := stmt.mc
 
 	// Read Result
-	resLen, err := mc.readResultSetHeaderPacket()
+	handleOk := stmt.mc.clearResult()
+	resLen, err := handleOk.readResultSetHeaderPacket()
 	if err != nil {
 		return nil, err
 	}
diff --git a/vendor/github.com/go-sql-driver/mysql/utils.go b/vendor/github.com/go-sql-driver/mysql/utils.go
index 15dbd8d16..cda24fe74 100644
--- a/vendor/github.com/go-sql-driver/mysql/utils.go
+++ b/vendor/github.com/go-sql-driver/mysql/utils.go
@@ -36,7 +36,7 @@ var (
 // registering it.
 //
 //	rootCertPool := x509.NewCertPool()
-//	pem, err := ioutil.ReadFile("/path/ca-cert.pem")
+//	pem, err := os.ReadFile("/path/ca-cert.pem")
 //	if err != nil {
 //	    log.Fatal(err)
 //	}
@@ -265,7 +265,11 @@ func parseBinaryDateTime(num uint64, data []byte, loc *time.Location) (driver.Va
 	return nil, fmt.Errorf("invalid DATETIME packet length %d", num)
 }
 
-func appendDateTime(buf []byte, t time.Time) ([]byte, error) {
+func appendDateTime(buf []byte, t time.Time, timeTruncate time.Duration) ([]byte, error) {
+	if timeTruncate > 0 {
+		t = t.Truncate(timeTruncate)
+	}
+
 	year, month, day := t.Date()
 	hour, min, sec := t.Clock()
 	nsec := t.Nanosecond()
@@ -616,6 +620,11 @@ func appendLengthEncodedInteger(b []byte, n uint64) []byte {
 		byte(n>>32), byte(n>>40), byte(n>>48), byte(n>>56))
 }
 
+func appendLengthEncodedString(b []byte, s string) []byte {
+	b = appendLengthEncodedInteger(b, uint64(len(s)))
+	return append(b, s...)
+}
+
 // reserveBuffer checks cap(buf) and expand buffer to len(buf) + appendSize.
 // If cap(buf) is not enough, reallocate new buffer.
 func reserveBuffer(buf []byte, appendSize int) []byte {
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 591a7fabb..6503ae83d 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -2,6 +2,10 @@
 ## explicit
 bitbucket.org/liamstask/goose/cmd/goose
 bitbucket.org/liamstask/goose/lib/goose
+# filippo.io/edwards25519 v1.1.0
+## explicit; go 1.20
+filippo.io/edwards25519
+filippo.io/edwards25519/field
 # github.com/beorn7/perks v1.0.1
 ## explicit; go 1.11
 github.com/beorn7/perks/quantile
@@ -36,8 +40,8 @@ github.com/getsentry/sentry-go/internal/ratelimit
 # github.com/go-logr/logr v1.2.4
 ## explicit; go 1.16
 github.com/go-logr/logr
-# github.com/go-sql-driver/mysql v1.7.1
-## explicit; go 1.13
+# github.com/go-sql-driver/mysql v1.8.0
+## explicit; go 1.18
 github.com/go-sql-driver/mysql
 # github.com/google/certificate-transparency-go v1.1.7
 ## explicit; go 1.20

From a421aee8370e9323f00a284fb6be14a3abdcf8ee Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Mar 2024 03:38:58 +0000
Subject: [PATCH 65/73] build(deps): bump
 github.com/google/certificate-transparency-go

Bumps [github.com/google/certificate-transparency-go](https://github.com/google/certificate-transparency-go) from 1.1.7 to 1.1.8.
- [Release notes](https://github.com/google/certificate-transparency-go/releases)
- [Changelog](https://github.com/google/certificate-transparency-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/certificate-transparency-go/compare/v1.1.7...v1.1.8)

---
updated-dependencies:
- dependency-name: github.com/google/certificate-transparency-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] 
---
 go.mod                                        |  10 +-
 go.sum                                        |  21 +-
 vendor/github.com/go-logr/logr/README.md      | 126 +++++++++++-
 vendor/github.com/go-logr/logr/SECURITY.md    |  18 ++
 vendor/github.com/go-logr/logr/context.go     |  33 +++
 .../github.com/go-logr/logr/context_noslog.go |  49 +++++
 .../github.com/go-logr/logr/context_slog.go   |  83 ++++++++
 vendor/github.com/go-logr/logr/logr.go        |  78 +++----
 vendor/github.com/go-logr/logr/sloghandler.go | 192 ++++++++++++++++++
 vendor/github.com/go-logr/logr/slogr.go       | 100 +++++++++
 vendor/github.com/go-logr/logr/slogsink.go    | 120 +++++++++++
 .../certificate-transparency-go/CHANGELOG.md  | 165 +++++++++++++++
 .../certificate-transparency-go/README.md     |   6 +-
 .../cloudbuild.yaml                           |   2 +-
 .../cloudbuild_master.yaml                    |   2 +-
 .../cloudbuild_tag.yaml                       |   2 +-
 .../x509/root_aix.go                          |  10 +
 .../x509/root_unix.go                         |   5 +-
 .../internal/editiondefaults/defaults.go      |  12 ++
 .../editiondefaults/editions_defaults.binpb   |   4 +
 .../protobuf/internal/filedesc/desc.go        |  67 ++++--
 .../protobuf/internal/filedesc/desc_init.go   |  52 +++++
 .../protobuf/internal/filedesc/desc_lazy.go   |  28 +++
 .../protobuf/internal/filedesc/editions.go    | 142 +++++++++++++
 .../protobuf/internal/genid/descriptor_gen.go | 152 +++++++++++++-
 .../internal/genid/go_features_gen.go         |  31 +++
 .../protobuf/internal/genid/struct_gen.go     |   5 +
 .../protobuf/internal/genid/type_gen.go       |  38 ++++
 .../protobuf/internal/impl/codec_extension.go |  22 +-
 .../protobuf/internal/impl/codec_tables.go    |   2 +-
 .../internal/impl/message_reflect_field.go    |   2 +-
 .../protobuf/internal/strs/strings.go         |   2 +-
 .../protobuf/internal/version/version.go      |   2 +-
 .../protobuf/reflect/protoreflect/proto.go    |   2 +
 .../reflect/protoreflect/source_gen.go        |   2 -
 vendor/k8s.io/klog/v2/.golangci.yaml          |   6 +
 vendor/k8s.io/klog/v2/OWNERS                  |   4 +-
 vendor/k8s.io/klog/v2/contextual_slog.go      |  31 +++
 .../k8s.io/klog/v2/internal/buffer/buffer.go  |  12 +-
 vendor/k8s.io/klog/v2/internal/clock/clock.go |  21 +-
 .../klog/v2/internal/serialize/keyvalues.go   |  71 +------
 .../internal/serialize/keyvalues_no_slog.go   |  97 +++++++++
 .../v2/internal/serialize/keyvalues_slog.go   | 155 ++++++++++++++
 .../internal/sloghandler/sloghandler_slog.go  |  96 +++++++++
 vendor/k8s.io/klog/v2/k8s_references_slog.go  |  39 ++++
 vendor/k8s.io/klog/v2/klog.go                 |  89 +++++---
 vendor/k8s.io/klog/v2/klog_file.go            |   4 +-
 vendor/k8s.io/klog/v2/klogr.go                |  46 +++--
 vendor/k8s.io/klog/v2/klogr_slog.go           |  96 +++++++++
 vendor/k8s.io/klog/v2/safeptr.go              |  34 ++++
 vendor/modules.txt                            |  18 +-
 51 files changed, 2141 insertions(+), 265 deletions(-)
 create mode 100644 vendor/github.com/go-logr/logr/SECURITY.md
 create mode 100644 vendor/github.com/go-logr/logr/context.go
 create mode 100644 vendor/github.com/go-logr/logr/context_noslog.go
 create mode 100644 vendor/github.com/go-logr/logr/context_slog.go
 create mode 100644 vendor/github.com/go-logr/logr/sloghandler.go
 create mode 100644 vendor/github.com/go-logr/logr/slogr.go
 create mode 100644 vendor/github.com/go-logr/logr/slogsink.go
 create mode 100644 vendor/github.com/google/certificate-transparency-go/x509/root_aix.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/editiondefaults/defaults.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb
 create mode 100644 vendor/google.golang.org/protobuf/internal/filedesc/editions.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go
 create mode 100644 vendor/k8s.io/klog/v2/.golangci.yaml
 create mode 100644 vendor/k8s.io/klog/v2/contextual_slog.go
 create mode 100644 vendor/k8s.io/klog/v2/internal/serialize/keyvalues_no_slog.go
 create mode 100644 vendor/k8s.io/klog/v2/internal/serialize/keyvalues_slog.go
 create mode 100644 vendor/k8s.io/klog/v2/internal/sloghandler/sloghandler_slog.go
 create mode 100644 vendor/k8s.io/klog/v2/k8s_references_slog.go
 create mode 100644 vendor/k8s.io/klog/v2/klogr_slog.go
 create mode 100644 vendor/k8s.io/klog/v2/safeptr.go

diff --git a/go.mod b/go.mod
index 8119ade4d..db76ddb5f 100644
--- a/go.mod
+++ b/go.mod
@@ -7,7 +7,7 @@ require (
 	github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a
 	github.com/cloudflare/redoctober v0.0.0-20211013234631-6a74ccc611f6
 	github.com/go-sql-driver/mysql v1.8.0
-	github.com/google/certificate-transparency-go v1.1.7
+	github.com/google/certificate-transparency-go v1.1.8
 	github.com/jmhodges/clock v1.2.0
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
@@ -24,7 +24,7 @@ require (
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/getsentry/sentry-go v0.11.0 // indirect
-	github.com/go-logr/logr v1.2.4 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/kylelemons/go-gypsy v1.0.0 // indirect
 	github.com/pelletier/go-toml v1.9.3 // indirect
 	github.com/prometheus/client_model v0.5.0 // indirect
@@ -33,9 +33,9 @@ require (
 	github.com/stretchr/testify v1.8.4 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
-	golang.org/x/net v0.21.0 // indirect
+	golang.org/x/net v0.22.0 // indirect
 	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
-	google.golang.org/protobuf v1.32.0 // indirect
-	k8s.io/klog/v2 v2.100.1 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
 )
diff --git a/go.sum b/go.sum
index 1386c0378..40b8a5a3c 100644
--- a/go.sum
+++ b/go.sum
@@ -107,9 +107,8 @@ github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vb
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
 github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
-github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
-github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
-github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
+github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
+github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-sql-driver/mysql v1.8.0 h1:UtktXaU2Nb64z/pLiGIxY4431SJ4/dR5cjMmlVHgnT4=
@@ -149,8 +148,8 @@ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu
 github.com/gomodule/redigo v1.7.1-0.20190724094224-574c33c3df38/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/certificate-transparency-go v1.1.7 h1:IASD+NtgSTJLPdzkthwvAG1ZVbF2WtFg4IvoA68XGSw=
-github.com/google/certificate-transparency-go v1.1.7/go.mod h1:FSSBo8fyMVgqptbfF6j5p/XNdgQftAhSmXcIxV9iphE=
+github.com/google/certificate-transparency-go v1.1.8 h1:LGYKkgZF7satzgTak9R4yzfJXEeYVAjV6/EAEJOf1to=
+github.com/google/certificate-transparency-go v1.1.8/go.mod h1:bV/o8r0TBKRf1X//iiiSgWrvII4d7/8OiA+3vG26gI8=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@@ -459,8 +458,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.21.0 h1:AQyQV4dYCvJ7vGmJyKki9+PBdyvhkSd8EIx/qb0AYv4=
-golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
+golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -676,8 +675,8 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
-google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -706,8 +705,8 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg=
-k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0=
+k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
+k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
diff --git a/vendor/github.com/go-logr/logr/README.md b/vendor/github.com/go-logr/logr/README.md
index ab5931181..8969526a6 100644
--- a/vendor/github.com/go-logr/logr/README.md
+++ b/vendor/github.com/go-logr/logr/README.md
@@ -1,6 +1,7 @@
 # A minimal logging API for Go
 
 [![Go Reference](https://pkg.go.dev/badge/github.com/go-logr/logr.svg)](https://pkg.go.dev/github.com/go-logr/logr)
+[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/go-logr/logr/badge)](https://securityscorecards.dev/viewer/?platform=github.com&org=go-logr&repo=logr)
 
 logr offers an(other) opinion on how Go programs and libraries can do logging
 without becoming coupled to a particular logging implementation.  This is not
@@ -73,6 +74,30 @@ received:
 If the Go standard library had defined an interface for logging, this project
 probably would not be needed.  Alas, here we are.
 
+When the Go developers started developing such an interface with
+[slog](https://github.com/golang/go/issues/56345), they adopted some of the
+logr design but also left out some parts and changed others:
+
+| Feature | logr | slog |
+|---------|------|------|
+| High-level API | `Logger` (passed by value) | `Logger` (passed by [pointer](https://github.com/golang/go/issues/59126)) |
+| Low-level API | `LogSink` | `Handler` |
+| Stack unwinding | done by `LogSink` | done by `Logger` |
+| Skipping helper functions | `WithCallDepth`, `WithCallStackHelper` | [not supported by Logger](https://github.com/golang/go/issues/59145) |
+| Generating a value for logging on demand | `Marshaler` | `LogValuer` |
+| Log levels | >= 0, higher meaning "less important" | positive and negative, with 0 for "info" and higher meaning "more important" |
+| Error log entries | always logged, don't have a verbosity level | normal log entries with level >= `LevelError` |
+| Passing logger via context | `NewContext`, `FromContext` | no API |
+| Adding a name to a logger | `WithName` | no API |
+| Modify verbosity of log entries in a call chain | `V` | no API |
+| Grouping of key/value pairs | not supported | `WithGroup`, `GroupValue` |
+| Pass context for extracting additional values | no API | API variants like `InfoCtx` |
+
+The high-level slog API is explicitly meant to be one of many different APIs
+that can be layered on top of a shared `slog.Handler`. logr is one such
+alternative API, with [interoperability](#slog-interoperability) provided by
+some conversion functions.
+
 ### Inspiration
 
 Before you consider this package, please read [this blog post by the
@@ -118,6 +143,103 @@ There are implementations for the following logging libraries:
 - **github.com/go-kit/log**: [gokitlogr](https://github.com/tonglil/gokitlogr) (also compatible with github.com/go-kit/kit/log since v0.12.0)
 - **bytes.Buffer** (writing to a buffer): [bufrlogr](https://github.com/tonglil/buflogr) (useful for ensuring values were logged, like during testing)
 
+## slog interoperability
+
+Interoperability goes both ways, using the `logr.Logger` API with a `slog.Handler`
+and using the `slog.Logger` API with a `logr.LogSink`. `FromSlogHandler` and
+`ToSlogHandler` convert between a `logr.Logger` and a `slog.Handler`.
+As usual, `slog.New` can be used to wrap such a `slog.Handler` in the high-level
+slog API.
+
+### Using a `logr.LogSink` as backend for slog
+
+Ideally, a logr sink implementation should support both logr and slog by
+implementing both the normal logr interface(s) and `SlogSink`.  Because
+of a conflict in the parameters of the common `Enabled` method, it is [not
+possible to implement both slog.Handler and logr.Sink in the same
+type](https://github.com/golang/go/issues/59110).
+
+If both are supported, log calls can go from the high-level APIs to the backend
+without the need to convert parameters. `FromSlogHandler` and `ToSlogHandler` can
+convert back and forth without adding additional wrappers, with one exception:
+when `Logger.V` was used to adjust the verbosity for a `slog.Handler`, then
+`ToSlogHandler` has to use a wrapper which adjusts the verbosity for future
+log calls.
+
+Such an implementation should also support values that implement specific
+interfaces from both packages for logging (`logr.Marshaler`, `slog.LogValuer`,
+`slog.GroupValue`). logr does not convert those.
+
+Not supporting slog has several drawbacks:
+- Recording source code locations works correctly if the handler gets called
+  through `slog.Logger`, but may be wrong in other cases. That's because a
+  `logr.Sink` does its own stack unwinding instead of using the program counter
+  provided by the high-level API.
+- slog levels <= 0 can be mapped to logr levels by negating the level without a
+  loss of information. But all slog levels > 0 (e.g. `slog.LevelWarning` as
+  used by `slog.Logger.Warn`) must be mapped to 0 before calling the sink
+  because logr does not support "more important than info" levels.
+- The slog group concept is supported by prefixing each key in a key/value
+  pair with the group names, separated by a dot. For structured output like
+  JSON it would be better to group the key/value pairs inside an object.
+- Special slog values and interfaces don't work as expected.
+- The overhead is likely to be higher.
+
+These drawbacks are severe enough that applications using a mixture of slog and
+logr should switch to a different backend.
+
+### Using a `slog.Handler` as backend for logr
+
+Using a plain `slog.Handler` without support for logr works better than the
+other direction:
+- All logr verbosity levels can be mapped 1:1 to their corresponding slog level
+  by negating them.
+- Stack unwinding is done by the `SlogSink` and the resulting program
+  counter is passed to the `slog.Handler`.
+- Names added via `Logger.WithName` are gathered and recorded in an additional
+  attribute with `logger` as key and the names separated by slash as value.
+- `Logger.Error` is turned into a log record with `slog.LevelError` as level
+  and an additional attribute with `err` as key, if an error was provided.
+
+The main drawback is that `logr.Marshaler` will not be supported. Types should
+ideally support both `logr.Marshaler` and `slog.Valuer`. If compatibility
+with logr implementations without slog support is not important, then
+`slog.Valuer` is sufficient.
+
+### Context support for slog
+
+Storing a logger in a `context.Context` is not supported by
+slog. `NewContextWithSlogLogger` and `FromContextAsSlogLogger` can be
+used to fill this gap. They store and retrieve a `slog.Logger` pointer
+under the same context key that is also used by `NewContext` and
+`FromContext` for `logr.Logger` value.
+
+When `NewContextWithSlogLogger` is followed by `FromContext`, the latter will
+automatically convert the `slog.Logger` to a
+`logr.Logger`. `FromContextAsSlogLogger` does the same for the other direction.
+
+With this approach, binaries which use either slog or logr are as efficient as
+possible with no unnecessary allocations. This is also why the API stores a
+`slog.Logger` pointer: when storing a `slog.Handler`, creating a `slog.Logger`
+on retrieval would need to allocate one.
+
+The downside is that switching back and forth needs more allocations. Because
+logr is the API that is already in use by different packages, in particular
+Kubernetes, the recommendation is to use the `logr.Logger` API in code which
+uses contextual logging.
+
+An alternative to adding values to a logger and storing that logger in the
+context is to store the values in the context and to configure a logging
+backend to extract those values when emitting log entries. This only works when
+log calls are passed the context, which is not supported by the logr API.
+
+With the slog API, it is possible, but not
+required. https://github.com/veqryn/slog-context is a package for slog which
+provides additional support code for this approach. It also contains wrappers
+for the context functions in logr, so developers who prefer to not use the logr
+APIs directly can use those instead and the resulting code will still be
+interoperable with logr.
+
 ## FAQ
 
 ### Conceptual
@@ -241,7 +363,9 @@ Otherwise, you can start out with `0` as "you always want to see this",
 
 Then gradually choose levels in between as you need them, working your way
 down from 10 (for debug and trace style logs) and up from 1 (for chattier
-info-type logs.)
+info-type logs). For reference, slog pre-defines -4 for debug logs
+(corresponds to 4 in logr), which matches what is
+[recommended for Kubernetes](https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/logging.md#what-method-to-use).
 
 #### How do I choose my keys?
 
diff --git a/vendor/github.com/go-logr/logr/SECURITY.md b/vendor/github.com/go-logr/logr/SECURITY.md
new file mode 100644
index 000000000..1ca756fc7
--- /dev/null
+++ b/vendor/github.com/go-logr/logr/SECURITY.md
@@ -0,0 +1,18 @@
+# Security Policy
+
+If you have discovered a security vulnerability in this project, please report it
+privately. **Do not disclose it as a public issue.** This gives us time to work with you
+to fix the issue before public exposure, reducing the chance that the exploit will be
+used before a patch is released.
+
+You may submit the report in the following ways:
+
+- send an email to go-logr-security@googlegroups.com
+- send us a [private vulnerability report](https://github.com/go-logr/logr/security/advisories/new)
+
+Please provide the following information in your report:
+
+- A description of the vulnerability and its impact
+- How to reproduce the issue
+
+We ask that you give us 90 days to work on a fix before public exposure.
diff --git a/vendor/github.com/go-logr/logr/context.go b/vendor/github.com/go-logr/logr/context.go
new file mode 100644
index 000000000..de8bcc3ad
--- /dev/null
+++ b/vendor/github.com/go-logr/logr/context.go
@@ -0,0 +1,33 @@
+/*
+Copyright 2023 The logr Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package logr
+
+// contextKey is how we find Loggers in a context.Context. With Go < 1.21,
+// the value is always a Logger value. With Go >= 1.21, the value can be a
+// Logger value or a slog.Logger pointer.
+type contextKey struct{}
+
+// notFoundError exists to carry an IsNotFound method.
+type notFoundError struct{}
+
+func (notFoundError) Error() string {
+	return "no logr.Logger was present"
+}
+
+func (notFoundError) IsNotFound() bool {
+	return true
+}
diff --git a/vendor/github.com/go-logr/logr/context_noslog.go b/vendor/github.com/go-logr/logr/context_noslog.go
new file mode 100644
index 000000000..f012f9a18
--- /dev/null
+++ b/vendor/github.com/go-logr/logr/context_noslog.go
@@ -0,0 +1,49 @@
+//go:build !go1.21
+// +build !go1.21
+
+/*
+Copyright 2019 The logr Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package logr
+
+import (
+	"context"
+)
+
+// FromContext returns a Logger from ctx or an error if no Logger is found.
+func FromContext(ctx context.Context) (Logger, error) {
+	if v, ok := ctx.Value(contextKey{}).(Logger); ok {
+		return v, nil
+	}
+
+	return Logger{}, notFoundError{}
+}
+
+// FromContextOrDiscard returns a Logger from ctx.  If no Logger is found, this
+// returns a Logger that discards all log messages.
+func FromContextOrDiscard(ctx context.Context) Logger {
+	if v, ok := ctx.Value(contextKey{}).(Logger); ok {
+		return v
+	}
+
+	return Discard()
+}
+
+// NewContext returns a new Context, derived from ctx, which carries the
+// provided Logger.
+func NewContext(ctx context.Context, logger Logger) context.Context {
+	return context.WithValue(ctx, contextKey{}, logger)
+}
diff --git a/vendor/github.com/go-logr/logr/context_slog.go b/vendor/github.com/go-logr/logr/context_slog.go
new file mode 100644
index 000000000..065ef0b82
--- /dev/null
+++ b/vendor/github.com/go-logr/logr/context_slog.go
@@ -0,0 +1,83 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2019 The logr Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package logr
+
+import (
+	"context"
+	"fmt"
+	"log/slog"
+)
+
+// FromContext returns a Logger from ctx or an error if no Logger is found.
+func FromContext(ctx context.Context) (Logger, error) {
+	v := ctx.Value(contextKey{})
+	if v == nil {
+		return Logger{}, notFoundError{}
+	}
+
+	switch v := v.(type) {
+	case Logger:
+		return v, nil
+	case *slog.Logger:
+		return FromSlogHandler(v.Handler()), nil
+	default:
+		// Not reached.
+		panic(fmt.Sprintf("unexpected value type for logr context key: %T", v))
+	}
+}
+
+// FromContextAsSlogLogger returns a slog.Logger from ctx or nil if no such Logger is found.
+func FromContextAsSlogLogger(ctx context.Context) *slog.Logger {
+	v := ctx.Value(contextKey{})
+	if v == nil {
+		return nil
+	}
+
+	switch v := v.(type) {
+	case Logger:
+		return slog.New(ToSlogHandler(v))
+	case *slog.Logger:
+		return v
+	default:
+		// Not reached.
+		panic(fmt.Sprintf("unexpected value type for logr context key: %T", v))
+	}
+}
+
+// FromContextOrDiscard returns a Logger from ctx.  If no Logger is found, this
+// returns a Logger that discards all log messages.
+func FromContextOrDiscard(ctx context.Context) Logger {
+	if logger, err := FromContext(ctx); err == nil {
+		return logger
+	}
+	return Discard()
+}
+
+// NewContext returns a new Context, derived from ctx, which carries the
+// provided Logger.
+func NewContext(ctx context.Context, logger Logger) context.Context {
+	return context.WithValue(ctx, contextKey{}, logger)
+}
+
+// NewContextWithSlogLogger returns a new Context, derived from ctx, which carries the
+// provided slog.Logger.
+func NewContextWithSlogLogger(ctx context.Context, logger *slog.Logger) context.Context {
+	return context.WithValue(ctx, contextKey{}, logger)
+}
diff --git a/vendor/github.com/go-logr/logr/logr.go b/vendor/github.com/go-logr/logr/logr.go
index e027aea3f..b4428e105 100644
--- a/vendor/github.com/go-logr/logr/logr.go
+++ b/vendor/github.com/go-logr/logr/logr.go
@@ -127,9 +127,9 @@ limitations under the License.
 // such a value can call its methods without having to check whether the
 // instance is ready for use.
 //
-// Calling methods with the null logger (Logger{}) as instance will crash
-// because it has no LogSink. Therefore this null logger should never be passed
-// around. For cases where passing a logger is optional, a pointer to Logger
+// The zero logger (= Logger{}) is identical to Discard() and discards all log
+// entries. Code that receives a Logger by value can simply call it, the methods
+// will never crash. For cases where passing a logger is optional, a pointer to Logger
 // should be used.
 //
 // # Key Naming Conventions
@@ -207,10 +207,6 @@ limitations under the License.
 // those.
 package logr
 
-import (
-	"context"
-)
-
 // New returns a new Logger instance.  This is primarily used by libraries
 // implementing LogSink, rather than end users.  Passing a nil sink will create
 // a Logger which discards all log lines.
@@ -258,6 +254,12 @@ type Logger struct {
 // Enabled tests whether this Logger is enabled.  For example, commandline
 // flags might be used to set the logging verbosity and disable some info logs.
 func (l Logger) Enabled() bool {
+	// Some implementations of LogSink look at the caller in Enabled (e.g.
+	// different verbosity levels per package or file), but we only pass one
+	// CallDepth in (via Init).  This means that all calls from Logger to the
+	// LogSink's Enabled, Info, and Error methods must have the same number of
+	// frames.  In other words, Logger methods can't call other Logger methods
+	// which call these LogSink methods unless we do it the same in all paths.
 	return l.sink != nil && l.sink.Enabled(l.level)
 }
 
@@ -267,11 +269,11 @@ func (l Logger) Enabled() bool {
 // line.  The key/value pairs can then be used to add additional variable
 // information.  The key/value pairs must alternate string keys and arbitrary
 // values.
-func (l Logger) Info(msg string, keysAndValues ...interface{}) {
+func (l Logger) Info(msg string, keysAndValues ...any) {
 	if l.sink == nil {
 		return
 	}
-	if l.Enabled() {
+	if l.sink.Enabled(l.level) { // see comment in Enabled
 		if withHelper, ok := l.sink.(CallStackHelperLogSink); ok {
 			withHelper.GetCallStackHelper()()
 		}
@@ -289,7 +291,7 @@ func (l Logger) Info(msg string, keysAndValues ...interface{}) {
 // while the err argument should be used to attach the actual error that
 // triggered this log line, if present. The err parameter is optional
 // and nil may be passed instead of an error instance.
-func (l Logger) Error(err error, msg string, keysAndValues ...interface{}) {
+func (l Logger) Error(err error, msg string, keysAndValues ...any) {
 	if l.sink == nil {
 		return
 	}
@@ -314,9 +316,16 @@ func (l Logger) V(level int) Logger {
 	return l
 }
 
+// GetV returns the verbosity level of the logger. If the logger's LogSink is
+// nil as in the Discard logger, this will always return 0.
+func (l Logger) GetV() int {
+	// 0 if l.sink nil because of the if check in V above.
+	return l.level
+}
+
 // WithValues returns a new Logger instance with additional key/value pairs.
 // See Info for documentation on how key/value pairs work.
-func (l Logger) WithValues(keysAndValues ...interface{}) Logger {
+func (l Logger) WithValues(keysAndValues ...any) Logger {
 	if l.sink == nil {
 		return l
 	}
@@ -397,45 +406,6 @@ func (l Logger) IsZero() bool {
 	return l.sink == nil
 }
 
-// contextKey is how we find Loggers in a context.Context.
-type contextKey struct{}
-
-// FromContext returns a Logger from ctx or an error if no Logger is found.
-func FromContext(ctx context.Context) (Logger, error) {
-	if v, ok := ctx.Value(contextKey{}).(Logger); ok {
-		return v, nil
-	}
-
-	return Logger{}, notFoundError{}
-}
-
-// notFoundError exists to carry an IsNotFound method.
-type notFoundError struct{}
-
-func (notFoundError) Error() string {
-	return "no logr.Logger was present"
-}
-
-func (notFoundError) IsNotFound() bool {
-	return true
-}
-
-// FromContextOrDiscard returns a Logger from ctx.  If no Logger is found, this
-// returns a Logger that discards all log messages.
-func FromContextOrDiscard(ctx context.Context) Logger {
-	if v, ok := ctx.Value(contextKey{}).(Logger); ok {
-		return v
-	}
-
-	return Discard()
-}
-
-// NewContext returns a new Context, derived from ctx, which carries the
-// provided Logger.
-func NewContext(ctx context.Context, logger Logger) context.Context {
-	return context.WithValue(ctx, contextKey{}, logger)
-}
-
 // RuntimeInfo holds information that the logr "core" library knows which
 // LogSinks might want to know.
 type RuntimeInfo struct {
@@ -467,15 +437,15 @@ type LogSink interface {
 	// The level argument is provided for optional logging.  This method will
 	// only be called when Enabled(level) is true. See Logger.Info for more
 	// details.
-	Info(level int, msg string, keysAndValues ...interface{})
+	Info(level int, msg string, keysAndValues ...any)
 
 	// Error logs an error, with the given message and key/value pairs as
 	// context.  See Logger.Error for more details.
-	Error(err error, msg string, keysAndValues ...interface{})
+	Error(err error, msg string, keysAndValues ...any)
 
 	// WithValues returns a new LogSink with additional key/value pairs.  See
 	// Logger.WithValues for more details.
-	WithValues(keysAndValues ...interface{}) LogSink
+	WithValues(keysAndValues ...any) LogSink
 
 	// WithName returns a new LogSink with the specified name appended.  See
 	// Logger.WithName for more details.
@@ -546,5 +516,5 @@ type Marshaler interface {
 	//     with exported fields
 	//
 	// It may return any value of any type.
-	MarshalLog() interface{}
+	MarshalLog() any
 }
diff --git a/vendor/github.com/go-logr/logr/sloghandler.go b/vendor/github.com/go-logr/logr/sloghandler.go
new file mode 100644
index 000000000..82d1ba494
--- /dev/null
+++ b/vendor/github.com/go-logr/logr/sloghandler.go
@@ -0,0 +1,192 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2023 The logr Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package logr
+
+import (
+	"context"
+	"log/slog"
+)
+
+type slogHandler struct {
+	// May be nil, in which case all logs get discarded.
+	sink LogSink
+	// Non-nil if sink is non-nil and implements SlogSink.
+	slogSink SlogSink
+
+	// groupPrefix collects values from WithGroup calls. It gets added as
+	// prefix to value keys when handling a log record.
+	groupPrefix string
+
+	// levelBias can be set when constructing the handler to influence the
+	// slog.Level of log records. A positive levelBias reduces the
+	// slog.Level value. slog has no API to influence this value after the
+	// handler got created, so it can only be set indirectly through
+	// Logger.V.
+	levelBias slog.Level
+}
+
+var _ slog.Handler = &slogHandler{}
+
+// groupSeparator is used to concatenate WithGroup names and attribute keys.
+const groupSeparator = "."
+
+// GetLevel is used for black box unit testing.
+func (l *slogHandler) GetLevel() slog.Level {
+	return l.levelBias
+}
+
+func (l *slogHandler) Enabled(_ context.Context, level slog.Level) bool {
+	return l.sink != nil && (level >= slog.LevelError || l.sink.Enabled(l.levelFromSlog(level)))
+}
+
+func (l *slogHandler) Handle(ctx context.Context, record slog.Record) error {
+	if l.slogSink != nil {
+		// Only adjust verbosity level of log entries < slog.LevelError.
+		if record.Level < slog.LevelError {
+			record.Level -= l.levelBias
+		}
+		return l.slogSink.Handle(ctx, record)
+	}
+
+	// No need to check for nil sink here because Handle will only be called
+	// when Enabled returned true.
+
+	kvList := make([]any, 0, 2*record.NumAttrs())
+	record.Attrs(func(attr slog.Attr) bool {
+		kvList = attrToKVs(attr, l.groupPrefix, kvList)
+		return true
+	})
+	if record.Level >= slog.LevelError {
+		l.sinkWithCallDepth().Error(nil, record.Message, kvList...)
+	} else {
+		level := l.levelFromSlog(record.Level)
+		l.sinkWithCallDepth().Info(level, record.Message, kvList...)
+	}
+	return nil
+}
+
+// sinkWithCallDepth adjusts the stack unwinding so that when Error or Info
+// are called by Handle, code in slog gets skipped.
+//
+// This offset currently (Go 1.21.0) works for calls through
+// slog.New(ToSlogHandler(...)).  There's no guarantee that the call
+// chain won't change. Wrapping the handler will also break unwinding. It's
+// still better than not adjusting at all....
+//
+// This cannot be done when constructing the handler because FromSlogHandler needs
+// access to the original sink without this adjustment. A second copy would
+// work, but then WithAttrs would have to be called for both of them.
+func (l *slogHandler) sinkWithCallDepth() LogSink {
+	if sink, ok := l.sink.(CallDepthLogSink); ok {
+		return sink.WithCallDepth(2)
+	}
+	return l.sink
+}
+
+func (l *slogHandler) WithAttrs(attrs []slog.Attr) slog.Handler {
+	if l.sink == nil || len(attrs) == 0 {
+		return l
+	}
+
+	clone := *l
+	if l.slogSink != nil {
+		clone.slogSink = l.slogSink.WithAttrs(attrs)
+		clone.sink = clone.slogSink
+	} else {
+		kvList := make([]any, 0, 2*len(attrs))
+		for _, attr := range attrs {
+			kvList = attrToKVs(attr, l.groupPrefix, kvList)
+		}
+		clone.sink = l.sink.WithValues(kvList...)
+	}
+	return &clone
+}
+
+func (l *slogHandler) WithGroup(name string) slog.Handler {
+	if l.sink == nil {
+		return l
+	}
+	if name == "" {
+		// slog says to inline empty groups
+		return l
+	}
+	clone := *l
+	if l.slogSink != nil {
+		clone.slogSink = l.slogSink.WithGroup(name)
+		clone.sink = clone.slogSink
+	} else {
+		clone.groupPrefix = addPrefix(clone.groupPrefix, name)
+	}
+	return &clone
+}
+
+// attrToKVs appends a slog.Attr to a logr-style kvList.  It handle slog Groups
+// and other details of slog.
+func attrToKVs(attr slog.Attr, groupPrefix string, kvList []any) []any {
+	attrVal := attr.Value.Resolve()
+	if attrVal.Kind() == slog.KindGroup {
+		groupVal := attrVal.Group()
+		grpKVs := make([]any, 0, 2*len(groupVal))
+		prefix := groupPrefix
+		if attr.Key != "" {
+			prefix = addPrefix(groupPrefix, attr.Key)
+		}
+		for _, attr := range groupVal {
+			grpKVs = attrToKVs(attr, prefix, grpKVs)
+		}
+		kvList = append(kvList, grpKVs...)
+	} else if attr.Key != "" {
+		kvList = append(kvList, addPrefix(groupPrefix, attr.Key), attrVal.Any())
+	}
+
+	return kvList
+}
+
+func addPrefix(prefix, name string) string {
+	if prefix == "" {
+		return name
+	}
+	if name == "" {
+		return prefix
+	}
+	return prefix + groupSeparator + name
+}
+
+// levelFromSlog adjusts the level by the logger's verbosity and negates it.
+// It ensures that the result is >= 0. This is necessary because the result is
+// passed to a LogSink and that API did not historically document whether
+// levels could be negative or what that meant.
+//
+// Some example usage:
+//
+//	logrV0 := getMyLogger()
+//	logrV2 := logrV0.V(2)
+//	slogV2 := slog.New(logr.ToSlogHandler(logrV2))
+//	slogV2.Debug("msg") // =~ logrV2.V(4) =~ logrV0.V(6)
+//	slogV2.Info("msg")  // =~  logrV2.V(0) =~ logrV0.V(2)
+//	slogv2.Warn("msg")  // =~ logrV2.V(-4) =~ logrV0.V(0)
+func (l *slogHandler) levelFromSlog(level slog.Level) int {
+	result := -level
+	result += l.levelBias // in case the original Logger had a V level
+	if result < 0 {
+		result = 0 // because LogSink doesn't expect negative V levels
+	}
+	return int(result)
+}
diff --git a/vendor/github.com/go-logr/logr/slogr.go b/vendor/github.com/go-logr/logr/slogr.go
new file mode 100644
index 000000000..28a83d024
--- /dev/null
+++ b/vendor/github.com/go-logr/logr/slogr.go
@@ -0,0 +1,100 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2023 The logr Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package logr
+
+import (
+	"context"
+	"log/slog"
+)
+
+// FromSlogHandler returns a Logger which writes to the slog.Handler.
+//
+// The logr verbosity level is mapped to slog levels such that V(0) becomes
+// slog.LevelInfo and V(4) becomes slog.LevelDebug.
+func FromSlogHandler(handler slog.Handler) Logger {
+	if handler, ok := handler.(*slogHandler); ok {
+		if handler.sink == nil {
+			return Discard()
+		}
+		return New(handler.sink).V(int(handler.levelBias))
+	}
+	return New(&slogSink{handler: handler})
+}
+
+// ToSlogHandler returns a slog.Handler which writes to the same sink as the Logger.
+//
+// The returned logger writes all records with level >= slog.LevelError as
+// error log entries with LogSink.Error, regardless of the verbosity level of
+// the Logger:
+//
+//	logger := 
+//	slog.New(ToSlogHandler(logger.V(10))).Error(...) -> logSink.Error(...)
+//
+// The level of all other records gets reduced by the verbosity
+// level of the Logger and the result is negated. If it happens
+// to be negative, then it gets replaced by zero because a LogSink
+// is not expected to handled negative levels:
+//
+//	slog.New(ToSlogHandler(logger)).Debug(...) -> logger.GetSink().Info(level=4, ...)
+//	slog.New(ToSlogHandler(logger)).Warning(...) -> logger.GetSink().Info(level=0, ...)
+//	slog.New(ToSlogHandler(logger)).Info(...) -> logger.GetSink().Info(level=0, ...)
+//	slog.New(ToSlogHandler(logger.V(4))).Info(...) -> logger.GetSink().Info(level=4, ...)
+func ToSlogHandler(logger Logger) slog.Handler {
+	if sink, ok := logger.GetSink().(*slogSink); ok && logger.GetV() == 0 {
+		return sink.handler
+	}
+
+	handler := &slogHandler{sink: logger.GetSink(), levelBias: slog.Level(logger.GetV())}
+	if slogSink, ok := handler.sink.(SlogSink); ok {
+		handler.slogSink = slogSink
+	}
+	return handler
+}
+
+// SlogSink is an optional interface that a LogSink can implement to support
+// logging through the slog.Logger or slog.Handler APIs better. It then should
+// also support special slog values like slog.Group. When used as a
+// slog.Handler, the advantages are:
+//
+//   - stack unwinding gets avoided in favor of logging the pre-recorded PC,
+//     as intended by slog
+//   - proper grouping of key/value pairs via WithGroup
+//   - verbosity levels > slog.LevelInfo can be recorded
+//   - less overhead
+//
+// Both APIs (Logger and slog.Logger/Handler) then are supported equally
+// well. Developers can pick whatever API suits them better and/or mix
+// packages which use either API in the same binary with a common logging
+// implementation.
+//
+// This interface is necessary because the type implementing the LogSink
+// interface cannot also implement the slog.Handler interface due to the
+// different prototype of the common Enabled method.
+//
+// An implementation could support both interfaces in two different types, but then
+// additional interfaces would be needed to convert between those types in FromSlogHandler
+// and ToSlogHandler.
+type SlogSink interface {
+	LogSink
+
+	Handle(ctx context.Context, record slog.Record) error
+	WithAttrs(attrs []slog.Attr) SlogSink
+	WithGroup(name string) SlogSink
+}
diff --git a/vendor/github.com/go-logr/logr/slogsink.go b/vendor/github.com/go-logr/logr/slogsink.go
new file mode 100644
index 000000000..4060fcbc2
--- /dev/null
+++ b/vendor/github.com/go-logr/logr/slogsink.go
@@ -0,0 +1,120 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2023 The logr Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package logr
+
+import (
+	"context"
+	"log/slog"
+	"runtime"
+	"time"
+)
+
+var (
+	_ LogSink          = &slogSink{}
+	_ CallDepthLogSink = &slogSink{}
+	_ Underlier        = &slogSink{}
+)
+
+// Underlier is implemented by the LogSink returned by NewFromLogHandler.
+type Underlier interface {
+	// GetUnderlying returns the Handler used by the LogSink.
+	GetUnderlying() slog.Handler
+}
+
+const (
+	// nameKey is used to log the `WithName` values as an additional attribute.
+	nameKey = "logger"
+
+	// errKey is used to log the error parameter of Error as an additional attribute.
+	errKey = "err"
+)
+
+type slogSink struct {
+	callDepth int
+	name      string
+	handler   slog.Handler
+}
+
+func (l *slogSink) Init(info RuntimeInfo) {
+	l.callDepth = info.CallDepth
+}
+
+func (l *slogSink) GetUnderlying() slog.Handler {
+	return l.handler
+}
+
+func (l *slogSink) WithCallDepth(depth int) LogSink {
+	newLogger := *l
+	newLogger.callDepth += depth
+	return &newLogger
+}
+
+func (l *slogSink) Enabled(level int) bool {
+	return l.handler.Enabled(context.Background(), slog.Level(-level))
+}
+
+func (l *slogSink) Info(level int, msg string, kvList ...interface{}) {
+	l.log(nil, msg, slog.Level(-level), kvList...)
+}
+
+func (l *slogSink) Error(err error, msg string, kvList ...interface{}) {
+	l.log(err, msg, slog.LevelError, kvList...)
+}
+
+func (l *slogSink) log(err error, msg string, level slog.Level, kvList ...interface{}) {
+	var pcs [1]uintptr
+	// skip runtime.Callers, this function, Info/Error, and all helper functions above that.
+	runtime.Callers(3+l.callDepth, pcs[:])
+
+	record := slog.NewRecord(time.Now(), level, msg, pcs[0])
+	if l.name != "" {
+		record.AddAttrs(slog.String(nameKey, l.name))
+	}
+	if err != nil {
+		record.AddAttrs(slog.Any(errKey, err))
+	}
+	record.Add(kvList...)
+	_ = l.handler.Handle(context.Background(), record)
+}
+
+func (l slogSink) WithName(name string) LogSink {
+	if l.name != "" {
+		l.name += "/"
+	}
+	l.name += name
+	return &l
+}
+
+func (l slogSink) WithValues(kvList ...interface{}) LogSink {
+	l.handler = l.handler.WithAttrs(kvListToAttrs(kvList...))
+	return &l
+}
+
+func kvListToAttrs(kvList ...interface{}) []slog.Attr {
+	// We don't need the record itself, only its Add method.
+	record := slog.NewRecord(time.Time{}, 0, "", 0)
+	record.Add(kvList...)
+	attrs := make([]slog.Attr, 0, record.NumAttrs())
+	record.Attrs(func(attr slog.Attr) bool {
+		attrs = append(attrs, attr)
+		return true
+	})
+	return attrs
+}
diff --git a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
index 3c56553dc..e286ae20d 100644
--- a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
+++ b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
@@ -2,6 +2,171 @@
 
 ## HEAD
 
+## v1.1.8
+
+* Recommended Go version for development: 1.21
+  * Using a different version can lead to presubmits failing due to unexpected diffs.
+
+### Add support for AIX
+
+* crypto/x509: add AIX operating system by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1277
+
+### Monitoring
+
+* Distribution metric to monitor the start of get-entries requests by @phbnf in https://github.com/google/certificate-transparency-go/pull/1364
+
+### Fixes
+
+* Use the appropriate HTTP response code for backend timeouts by @robstradling in https://github.com/google/certificate-transparency-go/pull/1313
+
+### Misc
+
+* Move golangci-lint from Cloud Build to GitHub Action by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1230
+* Set golangci-lint GH action timeout to 5m by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1231
+* Added Slack channel details by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1246
+* Improve fuzzing by @AdamKorcz in https://github.com/google/certificate-transparency-go/pull/1345
+
+### Dependency update
+
+* Bump golang from `20f9ab5` to `5ee1296` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1216
+* Bump golang from `20f9ab5` to `5ee1296` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1217
+* Bump golang from `20f9ab5` to `5ee1296` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1218
+* Bump k8s.io/klog/v2 from 2.100.1 to 2.110.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1219
+* Bump golang from `20f9ab5` to `5ee1296` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1220
+* Bump golang from `5ee1296` to `5bafbbb` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1221
+* Bump golang from `5ee1296` to `5bafbbb` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1222
+* Bump golang from `5ee1296` to `5bafbbb` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1223
+* Bump golang from `5ee1296` to `5bafbbb` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1224
+* Update the minimal image to gcr.io/distroless/base-debian12 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1148
+* Bump jq from 1.6 to 1.7 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1225
+* Bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1226
+* Bump golang.org/x/time from 0.3.0 to 0.4.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1227
+* Bump github.com/mattn/go-sqlite3 from 1.14.17 to 1.14.18 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1228
+* Bump github.com/gorilla/mux from 1.8.0 to 1.8.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1229
+* Bump golang from 1.21.3-bookworm to 1.21.4-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1232
+* Bump golang from 1.21.3-bookworm to 1.21.4-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1233
+* Bump golang from 1.21.3-bookworm to 1.21.4-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1234
+* Bump golang from 1.21.3-bookworm to 1.21.4-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1235
+* Bump go-version-input from 1.20.10 to 1.20.11 in govulncheck.yml by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1238
+* Bump golang.org/x/net from 0.17.0 to 0.18.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1236
+* Bump github/codeql-action from 2.22.5 to 2.22.6 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1240
+* Bump github/codeql-action from 2.22.6 to 2.22.7 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1241
+* Bump golang from `85aacbe` to `dadce81` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1243
+* Bump golang from `85aacbe` to `dadce81` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1242
+* Bump golang from `85aacbe` to `dadce81` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1244
+* Bump golang from `85aacbe` to `dadce81` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1245
+* Bump golang from `dadce81` to `52362e2` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1247
+* Bump golang from `dadce81` to `52362e2` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1248
+* Bump golang from `dadce81` to `52362e2` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1249
+* Bump golang from `dadce81` to `52362e2` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1250
+* Bump github/codeql-action from 2.22.7 to 2.22.8 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1251
+* Bump golang.org/x/net from 0.18.0 to 0.19.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1252
+* Bump golang.org/x/time from 0.4.0 to 0.5.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1254
+* Bump alpine from `eece025` to `34871e7` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1256
+* Bump alpine from `eece025` to `34871e7` in /trillian/examples/deployment/docker/envsubst by @dependabot in https://github.com/google/certificate-transparency-go/pull/1257
+* Bump go-version-input from 1.20.11 to 1.20.12 in govulncheck.yml by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1264
+* Bump actions/setup-go from 4.1.0 to 5.0.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1261
+* Bump golang from 1.21.4-bookworm to 1.21.5-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1259
+* Bump golang from 1.21.4-bookworm to 1.21.5-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1263
+* Bump golang from 1.21.4-bookworm to 1.21.5-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1262
+* Bump golang from 1.21.4-bookworm to 1.21.5-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1260
+* Bump go.etcd.io/etcd/v3 from 3.5.10 to 3.5.11 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1266
+* Bump github/codeql-action from 2.22.8 to 2.22.9 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1269
+* Bump alpine from `34871e7` to `51b6726` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1270
+* Bump alpine from 3.18 to 3.19 in /trillian/examples/deployment/docker/envsubst by @dependabot in https://github.com/google/certificate-transparency-go/pull/1271
+* Bump golang from `a6b787c` to `2d3b13c` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1272
+* Bump golang from `a6b787c` to `2d3b13c` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1273
+* Bump golang from `a6b787c` to `2d3b13c` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1274
+* Bump golang from `a6b787c` to `2d3b13c` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1275
+* Bump github/codeql-action from 2.22.9 to 2.22.10 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1278
+* Bump google.golang.org/grpc from 1.59.0 to 1.60.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1279
+* Bump github/codeql-action from 2.22.10 to 3.22.11 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1280
+* Bump distroless/base-debian12 from `1dfdb5e` to `8a0bb63` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1281
+* Bump github.com/google/trillian from 1.5.3 to 1.5.4-0.20240110091238-00ca9abe023d by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1297
+* Bump actions/upload-artifact from 3.1.3 to 4.0.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1282
+* Bump github/codeql-action from 3.22.11 to 3.23.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1295
+* Bump github.com/mattn/go-sqlite3 from 1.14.18 to 1.14.19 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1283
+* Bump golang from 1.21.5-bookworm to 1.21.6-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1300
+* Bump distroless/base-debian12 from `8a0bb63` to `0a93daa` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1284
+* Bump golang from 1.21.5-bookworm to 1.21.6-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1299
+* Bump golang from 1.21.5-bookworm to 1.21.6-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1298
+* Bump golang from 1.21.5-bookworm to 1.21.6-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1301
+* Bump golang from `688ad7f` to `1e8ea75` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1306
+* Bump golang from `688ad7f` to `1e8ea75` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1305
+* Use trillian release instead of pinned commit by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1304
+* Bump actions/upload-artifact from 4.0.0 to 4.1.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1310
+* Bump golang from `1e8ea75` to `cbee5d2` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1312
+* Bump golang from `688ad7f` to `cbee5d2` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1308
+* Bump golang from `1e8ea75` to `cbee5d2` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1311
+* Bump golang.org/x/net from 0.19.0 to 0.20.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1302
+* Bump golang from `b651ed8` to `cbee5d2` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1309
+* Bump golang from `cbee5d2` to `c4b696f` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1314
+* Bump golang from `cbee5d2` to `c4b696f` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1315
+* Bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1317
+* Bump golang from `cbee5d2` to `c4b696f` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1316
+* Bump golang from `cbee5d2` to `c4b696f` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1318
+* Bump k8s.io/klog/v2 from 2.120.0 to 2.120.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1319
+* Bump actions/upload-artifact from 4.1.0 to 4.2.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1320
+* Bump actions/upload-artifact from 4.2.0 to 4.3.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1321
+* Bump golang from `c4b696f` to `d8c365d` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1326
+* Bump golang from `c4b696f` to `d8c365d` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1323
+* Bump google.golang.org/grpc from 1.60.1 to 1.61.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1324
+* Bump golang from `c4b696f` to `d8c365d` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1322
+* Bump golang from `c4b696f` to `d8c365d` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1325
+* Bump github.com/mattn/go-sqlite3 from 1.14.19 to 1.14.20 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1327
+* Bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1328
+* Bump alpine from `51b6726` to `c5b1261` in /trillian/examples/deployment/docker/envsubst by @dependabot in https://github.com/google/certificate-transparency-go/pull/1330
+* Bump alpine from `51b6726` to `c5b1261` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1329
+* Bump go.etcd.io/etcd/v3 from 3.5.11 to 3.5.12 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1332
+* Bump github.com/mattn/go-sqlite3 from 1.14.20 to 1.14.21 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1333
+* Bump golang from `d8c365d` to `69bfed3` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1335
+* Bump golang from `d8c365d` to `69bfed3` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1338
+* Bump golang from `d8c365d` to `69bfed3` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1337
+* Bump golang from `d8c365d` to `69bfed3` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1336
+* Bump golang from `69bfed3` to `3efef61` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1339
+* Bump github.com/mattn/go-sqlite3 from 1.14.21 to 1.14.22 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1344
+* Bump golang from `69bfed3` to `3efef61` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1341
+* Bump golang from `69bfed3` to `3efef61` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1343
+* Bump distroless/base-debian12 from `0a93daa` to `f47fa3d` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1340
+* Bump golang from `69bfed3` to `3efef61` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1342
+* Bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1346
+* Bump actions/upload-artifact from 4.3.0 to 4.3.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1347
+* Bump golang from 1.21.6-bookworm to 1.22.0-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1350
+* Bump golang from 1.21.6-bookworm to 1.22.0-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1348
+* Bump golang from 1.21.6-bookworm to 1.22.0-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1349
+* Bump golang from 1.21.6-bookworm to 1.22.0-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1351
+* Bump golang.org/x/crypto from 0.18.0 to 0.19.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1353
+* Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1354
+* Bump golang.org/x/net from 0.20.0 to 0.21.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1352
+* Bump distroless/base-debian12 from `f47fa3d` to `2102ce1` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1355
+* Bump github/codeql-action from 3.24.0 to 3.24.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1357
+* Bump golang from `874c267` to `5a3e169` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1356
+* Bump golang from `874c267` to `5a3e169` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1358
+* Bump golang from `874c267` to `5a3e169` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1359
+* Bump golang from `874c267` to `5a3e169` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1360
+* Bump github/codeql-action from 3.24.1 to 3.24.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1366
+* Bump golang from `5a3e169` to `925fe3f` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1363
+* Bump google.golang.org/grpc from 1.61.0 to 1.61.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1362
+* Bump golang from `5a3e169` to `925fe3f` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1365
+* Bump golang from `5a3e169` to `925fe3f` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1361
+* Bump golang from `5a3e169` to `925fe3f` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1367
+* Bump golang/govulncheck-action from 1.0.1 to 1.0.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1368
+* Bump github/codeql-action from 3.24.3 to 3.24.5 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1371
+* Bump google.golang.org/grpc from 1.61.1 to 1.62.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1369
+* Bump distroless/base-debian12 from `2102ce1` to `5eae9ef` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1372
+* Bump distroless/base-debian12 from `5eae9ef` to `f9b0e86` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1375
+* Bump golang.org/x/crypto from 0.19.0 to 0.20.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1374
+* Bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1373
+* Bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1377
+* Bump distroless/base-debian12 from `f9b0e86` to `5eae9ef` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1376
+* Bump golang.org/x/net from 0.21.0 to 0.22.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1378
+* Bump Go from 1.20 to 1.21 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1386
+* Bump google.golang.org/grpc from 1.62.0 to 1.62.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1380
+* Bump golang from 1.22.0-bookworm to 1.22.1-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1382
+* Bump golang from 1.22.0-bookworm to 1.22.1-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1385
+* Bump golang from 1.22.0-bookworm to 1.22.1-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1384
+* Bump golang from 1.22.0-bookworm to 1.22.1-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1383
+
 ## v1.1.7
 
 * Recommended Go version for development: 1.20
diff --git a/vendor/github.com/google/certificate-transparency-go/README.md b/vendor/github.com/google/certificate-transparency-go/README.md
index a7b9ccea5..ac71ebc11 100644
--- a/vendor/github.com/google/certificate-transparency-go/README.md
+++ b/vendor/github.com/google/certificate-transparency-go/README.md
@@ -6,7 +6,7 @@
 
 This repository holds Go code related to
 [Certificate Transparency](https://www.certificate-transparency.org/) (CT).  The
-repository requires Go version 1.20.
+repository requires Go version 1.21.
 
  - [Repository Structure](#repository-structure)
  - [Trillian CT Personality](#trillian-ct-personality)
@@ -14,6 +14,10 @@ repository requires Go version 1.20.
      - [Running Codebase Checks](#running-codebase-checks)
      - [Rebuilding Generated Code](#rebuilding-generated-code)
 
+## Support
+
+- Slack: https://transparency-dev.slack.com/ ([invitation](https://join.slack.com/t/transparency-dev/shared_invite/zt-27pkqo21d-okUFhur7YZ0rFoJVIOPznQ))
+
 ## Repository Structure
 
 The main parts of the repository are:
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
index 1c3ee20bf..6c856c11c 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
@@ -92,7 +92,7 @@ steps:
   id: 'default_test'
   env:
     - 'GOFLAGS='
-    - 'PRESUBMIT_OPTS=--no-generate'
+    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
     - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090'
     - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090'
   waitFor: ['ci-ready']
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
index 9cb105e57..0e47e326f 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
@@ -92,7 +92,7 @@ steps:
   id: 'default_test'
   env:
     - 'GOFLAGS='
-    - 'PRESUBMIT_OPTS=--no-generate'
+    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
     - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090'
     - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090'
   waitFor: ['ci-ready']
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml
index 2cd19f910..ce9efc2b2 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild_tag.yaml
@@ -92,7 +92,7 @@ steps:
   id: 'default_test'
   env:
     - 'GOFLAGS='
-    - 'PRESUBMIT_OPTS=--no-generate'
+    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
     - 'TRILLIAN_LOG_SERVERS=deployment_trillian-log-server_1:8090'
     - 'TRILLIAN_LOG_SERVER_1=deployment_trillian-log-server_1:8090'
   waitFor: ['ci-ready']
diff --git a/vendor/github.com/google/certificate-transparency-go/x509/root_aix.go b/vendor/github.com/google/certificate-transparency-go/x509/root_aix.go
new file mode 100644
index 000000000..6d427739a
--- /dev/null
+++ b/vendor/github.com/google/certificate-transparency-go/x509/root_aix.go
@@ -0,0 +1,10 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package x509
+
+// Possible certificate files; stop after finding one.
+var certFiles = []string{
+	"/var/ssl/certs/ca-bundle.crt",
+}
diff --git a/vendor/github.com/google/certificate-transparency-go/x509/root_unix.go b/vendor/github.com/google/certificate-transparency-go/x509/root_unix.go
index 8f2821b1d..ac2d01d97 100644
--- a/vendor/github.com/google/certificate-transparency-go/x509/root_unix.go
+++ b/vendor/github.com/google/certificate-transparency-go/x509/root_unix.go
@@ -2,8 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
-// +build dragonfly freebsd linux netbsd openbsd solaris zos
+//go:build aix || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+// +build aix dragonfly freebsd linux netbsd openbsd solaris zos
 
 package x509
 
@@ -19,6 +19,7 @@ var certDirectories = []string{
 	"/usr/local/share/certs",       // FreeBSD
 	"/etc/pki/tls/certs",           // Fedora/RHEL
 	"/etc/openssl/certs",           // NetBSD
+	"/var/ssl/certs",               // AIX
 }
 
 const (
diff --git a/vendor/google.golang.org/protobuf/internal/editiondefaults/defaults.go b/vendor/google.golang.org/protobuf/internal/editiondefaults/defaults.go
new file mode 100644
index 000000000..14656b65a
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/editiondefaults/defaults.go
@@ -0,0 +1,12 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package editiondefaults contains the binary representation of the editions
+// defaults.
+package editiondefaults
+
+import _ "embed"
+
+//go:embed editions_defaults.binpb
+var Defaults []byte
diff --git a/vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb b/vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb
new file mode 100644
index 000000000..18f075687
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb
@@ -0,0 +1,4 @@
+
+ (0
+ (0
+ (0 (
\ No newline at end of file
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
index 193c68e8f..8826bcf40 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
@@ -68,7 +68,7 @@ type (
 		Extensions Extensions
 		Services   Services
 
-		EditionFeatures FileEditionFeatures
+		EditionFeatures EditionFeatures
 	}
 	FileL2 struct {
 		Options   func() protoreflect.ProtoMessage
@@ -76,10 +76,13 @@ type (
 		Locations SourceLocations
 	}
 
-	FileEditionFeatures struct {
+	EditionFeatures struct {
 		// IsFieldPresence is true if field_presence is EXPLICIT
 		// https://protobuf.dev/editions/features/#field_presence
 		IsFieldPresence bool
+		// IsFieldPresence is true if field_presence is LEGACY_REQUIRED
+		// https://protobuf.dev/editions/features/#field_presence
+		IsLegacyRequired bool
 		// IsOpenEnum is true if enum_type is OPEN
 		// https://protobuf.dev/editions/features/#enum_type
 		IsOpenEnum bool
@@ -95,6 +98,9 @@ type (
 		// IsJSONCompliant is true if json_format is ALLOW
 		// https://protobuf.dev/editions/features/#json_format
 		IsJSONCompliant bool
+		// GenerateLegacyUnmarshalJSON determines if the plugin generates the
+		// UnmarshalJSON([]byte) error method for enums.
+		GenerateLegacyUnmarshalJSON bool
 	}
 )
 
@@ -156,6 +162,8 @@ type (
 	}
 	EnumL1 struct {
 		eagerValues bool // controls whether EnumL2.Values is already populated
+
+		EditionFeatures EditionFeatures
 	}
 	EnumL2 struct {
 		Options        func() protoreflect.ProtoMessage
@@ -217,6 +225,8 @@ type (
 		Extensions   Extensions
 		IsMapEntry   bool // promoted from google.protobuf.MessageOptions
 		IsMessageSet bool // promoted from google.protobuf.MessageOptions
+
+		EditionFeatures EditionFeatures
 	}
 	MessageL2 struct {
 		Options               func() protoreflect.ProtoMessage
@@ -250,8 +260,7 @@ type (
 		Enum             protoreflect.EnumDescriptor
 		Message          protoreflect.MessageDescriptor
 
-		// Edition features.
-		Presence bool
+		EditionFeatures EditionFeatures
 	}
 
 	Oneof struct {
@@ -261,6 +270,8 @@ type (
 	OneofL1 struct {
 		Options func() protoreflect.ProtoMessage
 		Fields  OneofFields // must be consistent with Message.Fields.ContainingOneof
+
+		EditionFeatures EditionFeatures
 	}
 )
 
@@ -310,26 +321,36 @@ func (fd *Field) Options() protoreflect.ProtoMessage {
 }
 func (fd *Field) Number() protoreflect.FieldNumber      { return fd.L1.Number }
 func (fd *Field) Cardinality() protoreflect.Cardinality { return fd.L1.Cardinality }
-func (fd *Field) Kind() protoreflect.Kind               { return fd.L1.Kind }
-func (fd *Field) HasJSONName() bool                     { return fd.L1.StringName.hasJSON }
-func (fd *Field) JSONName() string                      { return fd.L1.StringName.getJSON(fd) }
-func (fd *Field) TextName() string                      { return fd.L1.StringName.getText(fd) }
+func (fd *Field) Kind() protoreflect.Kind {
+	return fd.L1.Kind
+}
+func (fd *Field) HasJSONName() bool { return fd.L1.StringName.hasJSON }
+func (fd *Field) JSONName() string  { return fd.L1.StringName.getJSON(fd) }
+func (fd *Field) TextName() string  { return fd.L1.StringName.getText(fd) }
 func (fd *Field) HasPresence() bool {
-	if fd.L0.ParentFile.L1.Syntax == protoreflect.Editions {
-		return fd.L1.Presence || fd.L1.Message != nil || fd.L1.ContainingOneof != nil
+	if fd.L1.Cardinality == protoreflect.Repeated {
+		return false
 	}
-	return fd.L1.Cardinality != protoreflect.Repeated && (fd.L0.ParentFile.L1.Syntax == protoreflect.Proto2 || fd.L1.Message != nil || fd.L1.ContainingOneof != nil)
+	explicitFieldPresence := fd.Syntax() == protoreflect.Editions && fd.L1.EditionFeatures.IsFieldPresence
+	return fd.Syntax() == protoreflect.Proto2 || explicitFieldPresence || fd.L1.Message != nil || fd.L1.ContainingOneof != nil
 }
 func (fd *Field) HasOptionalKeyword() bool {
 	return (fd.L0.ParentFile.L1.Syntax == protoreflect.Proto2 && fd.L1.Cardinality == protoreflect.Optional && fd.L1.ContainingOneof == nil) || fd.L1.IsProto3Optional
 }
 func (fd *Field) IsPacked() bool {
-	if !fd.L1.HasPacked && fd.L0.ParentFile.L1.Syntax != protoreflect.Proto2 && fd.L1.Cardinality == protoreflect.Repeated {
-		switch fd.L1.Kind {
-		case protoreflect.StringKind, protoreflect.BytesKind, protoreflect.MessageKind, protoreflect.GroupKind:
-		default:
-			return true
-		}
+	if fd.L1.Cardinality != protoreflect.Repeated {
+		return false
+	}
+	switch fd.L1.Kind {
+	case protoreflect.StringKind, protoreflect.BytesKind, protoreflect.MessageKind, protoreflect.GroupKind:
+		return false
+	}
+	if fd.L0.ParentFile.L1.Syntax == protoreflect.Editions {
+		return fd.L1.EditionFeatures.IsPacked
+	}
+	if fd.L0.ParentFile.L1.Syntax == protoreflect.Proto3 {
+		// proto3 repeated fields are packed by default.
+		return !fd.L1.HasPacked || fd.L1.IsPacked
 	}
 	return fd.L1.IsPacked
 }
@@ -378,6 +399,9 @@ func (fd *Field) ProtoType(protoreflect.FieldDescriptor) {}
 // WARNING: This method is exempt from the compatibility promise and may be
 // removed in the future without warning.
 func (fd *Field) EnforceUTF8() bool {
+	if fd.L0.ParentFile.L1.Syntax == protoreflect.Editions {
+		return fd.L1.EditionFeatures.IsUTF8Validated
+	}
 	if fd.L1.HasEnforceUTF8 {
 		return fd.L1.EnforceUTF8
 	}
@@ -404,10 +428,11 @@ type (
 		L2 *ExtensionL2 // protected by fileDesc.once
 	}
 	ExtensionL1 struct {
-		Number      protoreflect.FieldNumber
-		Extendee    protoreflect.MessageDescriptor
-		Cardinality protoreflect.Cardinality
-		Kind        protoreflect.Kind
+		Number          protoreflect.FieldNumber
+		Extendee        protoreflect.MessageDescriptor
+		Cardinality     protoreflect.Cardinality
+		Kind            protoreflect.Kind
+		EditionFeatures EditionFeatures
 	}
 	ExtensionL2 struct {
 		Options          func() protoreflect.ProtoMessage
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go
index 4a1584c9d..237e64fd2 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go
@@ -5,6 +5,7 @@
 package filedesc
 
 import (
+	"fmt"
 	"sync"
 
 	"google.golang.org/protobuf/encoding/protowire"
@@ -98,6 +99,7 @@ func (fd *File) unmarshalSeed(b []byte) {
 	var prevField protoreflect.FieldNumber
 	var numEnums, numMessages, numExtensions, numServices int
 	var posEnums, posMessages, posExtensions, posServices int
+	var options []byte
 	b0 := b
 	for len(b) > 0 {
 		num, typ, n := protowire.ConsumeTag(b)
@@ -113,6 +115,8 @@ func (fd *File) unmarshalSeed(b []byte) {
 					fd.L1.Syntax = protoreflect.Proto2
 				case "proto3":
 					fd.L1.Syntax = protoreflect.Proto3
+				case "editions":
+					fd.L1.Syntax = protoreflect.Editions
 				default:
 					panic("invalid syntax")
 				}
@@ -120,6 +124,8 @@ func (fd *File) unmarshalSeed(b []byte) {
 				fd.L1.Path = sb.MakeString(v)
 			case genid.FileDescriptorProto_Package_field_number:
 				fd.L1.Package = protoreflect.FullName(sb.MakeString(v))
+			case genid.FileDescriptorProto_Options_field_number:
+				options = v
 			case genid.FileDescriptorProto_EnumType_field_number:
 				if prevField != genid.FileDescriptorProto_EnumType_field_number {
 					if numEnums > 0 {
@@ -154,6 +160,13 @@ func (fd *File) unmarshalSeed(b []byte) {
 				numServices++
 			}
 			prevField = num
+		case protowire.VarintType:
+			v, m := protowire.ConsumeVarint(b)
+			b = b[m:]
+			switch num {
+			case genid.FileDescriptorProto_Edition_field_number:
+				fd.L1.Edition = Edition(v)
+			}
 		default:
 			m := protowire.ConsumeFieldValue(num, typ, b)
 			b = b[m:]
@@ -166,6 +179,15 @@ func (fd *File) unmarshalSeed(b []byte) {
 		fd.L1.Syntax = protoreflect.Proto2
 	}
 
+	if fd.L1.Syntax == protoreflect.Editions {
+		fd.L1.EditionFeatures = getFeaturesFor(fd.L1.Edition)
+	}
+
+	// Parse editions features from options if any
+	if options != nil {
+		fd.unmarshalSeedOptions(options)
+	}
+
 	// Must allocate all declarations before parsing each descriptor type
 	// to ensure we handled all descriptors in "flattened ordering".
 	if numEnums > 0 {
@@ -219,6 +241,28 @@ func (fd *File) unmarshalSeed(b []byte) {
 	}
 }
 
+func (fd *File) unmarshalSeedOptions(b []byte) {
+	for b := b; len(b) > 0; {
+		num, typ, n := protowire.ConsumeTag(b)
+		b = b[n:]
+		switch typ {
+		case protowire.BytesType:
+			v, m := protowire.ConsumeBytes(b)
+			b = b[m:]
+			switch num {
+			case genid.FileOptions_Features_field_number:
+				if fd.Syntax() != protoreflect.Editions {
+					panic(fmt.Sprintf("invalid descriptor: using edition features in a proto with syntax %s", fd.Syntax()))
+				}
+				fd.L1.EditionFeatures = unmarshalFeatureSet(v, fd.L1.EditionFeatures)
+			}
+		default:
+			m := protowire.ConsumeFieldValue(num, typ, b)
+			b = b[m:]
+		}
+	}
+}
+
 func (ed *Enum) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd protoreflect.Descriptor, i int) {
 	ed.L0.ParentFile = pf
 	ed.L0.Parent = pd
@@ -275,6 +319,7 @@ func (md *Message) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd protor
 	md.L0.ParentFile = pf
 	md.L0.Parent = pd
 	md.L0.Index = i
+	md.L1.EditionFeatures = featuresFromParentDesc(md.Parent())
 
 	var prevField protoreflect.FieldNumber
 	var numEnums, numMessages, numExtensions int
@@ -380,6 +425,13 @@ func (md *Message) unmarshalSeedOptions(b []byte) {
 			case genid.MessageOptions_MessageSetWireFormat_field_number:
 				md.L1.IsMessageSet = protowire.DecodeBool(v)
 			}
+		case protowire.BytesType:
+			v, m := protowire.ConsumeBytes(b)
+			b = b[m:]
+			switch num {
+			case genid.MessageOptions_Features_field_number:
+				md.L1.EditionFeatures = unmarshalFeatureSet(v, md.L1.EditionFeatures)
+			}
 		default:
 			m := protowire.ConsumeFieldValue(num, typ, b)
 			b = b[m:]
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go
index 736a19a75..482a61cc1 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go
@@ -414,6 +414,7 @@ func (fd *Field) unmarshalFull(b []byte, sb *strs.Builder, pf *File, pd protoref
 	fd.L0.ParentFile = pf
 	fd.L0.Parent = pd
 	fd.L0.Index = i
+	fd.L1.EditionFeatures = featuresFromParentDesc(fd.Parent())
 
 	var rawTypeName []byte
 	var rawOptions []byte
@@ -465,6 +466,12 @@ func (fd *Field) unmarshalFull(b []byte, sb *strs.Builder, pf *File, pd protoref
 			b = b[m:]
 		}
 	}
+	if fd.Syntax() == protoreflect.Editions && fd.L1.Kind == protoreflect.MessageKind && fd.L1.EditionFeatures.IsDelimitedEncoded {
+		fd.L1.Kind = protoreflect.GroupKind
+	}
+	if fd.Syntax() == protoreflect.Editions && fd.L1.EditionFeatures.IsLegacyRequired {
+		fd.L1.Cardinality = protoreflect.Required
+	}
 	if rawTypeName != nil {
 		name := makeFullName(sb, rawTypeName)
 		switch fd.L1.Kind {
@@ -497,6 +504,13 @@ func (fd *Field) unmarshalOptions(b []byte) {
 				fd.L1.HasEnforceUTF8 = true
 				fd.L1.EnforceUTF8 = protowire.DecodeBool(v)
 			}
+		case protowire.BytesType:
+			v, m := protowire.ConsumeBytes(b)
+			b = b[m:]
+			switch num {
+			case genid.FieldOptions_Features_field_number:
+				fd.L1.EditionFeatures = unmarshalFeatureSet(v, fd.L1.EditionFeatures)
+			}
 		default:
 			m := protowire.ConsumeFieldValue(num, typ, b)
 			b = b[m:]
@@ -534,6 +548,7 @@ func (od *Oneof) unmarshalFull(b []byte, sb *strs.Builder, pf *File, pd protoref
 func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 	var rawTypeName []byte
 	var rawOptions []byte
+	xd.L1.EditionFeatures = featuresFromParentDesc(xd.L1.Extendee)
 	xd.L2 = new(ExtensionL2)
 	for len(b) > 0 {
 		num, typ, n := protowire.ConsumeTag(b)
@@ -565,6 +580,12 @@ func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 			b = b[m:]
 		}
 	}
+	if xd.Syntax() == protoreflect.Editions && xd.L1.Kind == protoreflect.MessageKind && xd.L1.EditionFeatures.IsDelimitedEncoded {
+		xd.L1.Kind = protoreflect.GroupKind
+	}
+	if xd.Syntax() == protoreflect.Editions && xd.L1.EditionFeatures.IsLegacyRequired {
+		xd.L1.Cardinality = protoreflect.Required
+	}
 	if rawTypeName != nil {
 		name := makeFullName(sb, rawTypeName)
 		switch xd.L1.Kind {
@@ -589,6 +610,13 @@ func (xd *Extension) unmarshalOptions(b []byte) {
 			case genid.FieldOptions_Packed_field_number:
 				xd.L2.IsPacked = protowire.DecodeBool(v)
 			}
+		case protowire.BytesType:
+			v, m := protowire.ConsumeBytes(b)
+			b = b[m:]
+			switch num {
+			case genid.FieldOptions_Features_field_number:
+				xd.L1.EditionFeatures = unmarshalFeatureSet(v, xd.L1.EditionFeatures)
+			}
 		default:
 			m := protowire.ConsumeFieldValue(num, typ, b)
 			b = b[m:]
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/editions.go b/vendor/google.golang.org/protobuf/internal/filedesc/editions.go
new file mode 100644
index 000000000..0375a49d4
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/editions.go
@@ -0,0 +1,142 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package filedesc
+
+import (
+	"fmt"
+
+	"google.golang.org/protobuf/encoding/protowire"
+	"google.golang.org/protobuf/internal/editiondefaults"
+	"google.golang.org/protobuf/internal/genid"
+	"google.golang.org/protobuf/reflect/protoreflect"
+)
+
+var defaultsCache = make(map[Edition]EditionFeatures)
+
+func init() {
+	unmarshalEditionDefaults(editiondefaults.Defaults)
+}
+
+func unmarshalGoFeature(b []byte, parent EditionFeatures) EditionFeatures {
+	for len(b) > 0 {
+		num, _, n := protowire.ConsumeTag(b)
+		b = b[n:]
+		switch num {
+		case genid.GoFeatures_LegacyUnmarshalJsonEnum_field_number:
+			v, m := protowire.ConsumeVarint(b)
+			b = b[m:]
+			parent.GenerateLegacyUnmarshalJSON = protowire.DecodeBool(v)
+		default:
+			panic(fmt.Sprintf("unkown field number %d while unmarshalling GoFeatures", num))
+		}
+	}
+	return parent
+}
+
+func unmarshalFeatureSet(b []byte, parent EditionFeatures) EditionFeatures {
+	for len(b) > 0 {
+		num, typ, n := protowire.ConsumeTag(b)
+		b = b[n:]
+		switch typ {
+		case protowire.VarintType:
+			v, m := protowire.ConsumeVarint(b)
+			b = b[m:]
+			switch num {
+			case genid.FeatureSet_FieldPresence_field_number:
+				parent.IsFieldPresence = v == genid.FeatureSet_EXPLICIT_enum_value || v == genid.FeatureSet_LEGACY_REQUIRED_enum_value
+				parent.IsLegacyRequired = v == genid.FeatureSet_LEGACY_REQUIRED_enum_value
+			case genid.FeatureSet_EnumType_field_number:
+				parent.IsOpenEnum = v == genid.FeatureSet_OPEN_enum_value
+			case genid.FeatureSet_RepeatedFieldEncoding_field_number:
+				parent.IsPacked = v == genid.FeatureSet_PACKED_enum_value
+			case genid.FeatureSet_Utf8Validation_field_number:
+				parent.IsUTF8Validated = v == genid.FeatureSet_VERIFY_enum_value
+			case genid.FeatureSet_MessageEncoding_field_number:
+				parent.IsDelimitedEncoded = v == genid.FeatureSet_DELIMITED_enum_value
+			case genid.FeatureSet_JsonFormat_field_number:
+				parent.IsJSONCompliant = v == genid.FeatureSet_ALLOW_enum_value
+			default:
+				panic(fmt.Sprintf("unkown field number %d while unmarshalling FeatureSet", num))
+			}
+		case protowire.BytesType:
+			v, m := protowire.ConsumeBytes(b)
+			b = b[m:]
+			switch num {
+			case genid.GoFeatures_LegacyUnmarshalJsonEnum_field_number:
+				parent = unmarshalGoFeature(v, parent)
+			}
+		}
+	}
+
+	return parent
+}
+
+func featuresFromParentDesc(parentDesc protoreflect.Descriptor) EditionFeatures {
+	var parentFS EditionFeatures
+	switch p := parentDesc.(type) {
+	case *File:
+		parentFS = p.L1.EditionFeatures
+	case *Message:
+		parentFS = p.L1.EditionFeatures
+	default:
+		panic(fmt.Sprintf("unknown parent type %T", parentDesc))
+	}
+	return parentFS
+}
+
+func unmarshalEditionDefault(b []byte) {
+	var ed Edition
+	var fs EditionFeatures
+	for len(b) > 0 {
+		num, typ, n := protowire.ConsumeTag(b)
+		b = b[n:]
+		switch typ {
+		case protowire.VarintType:
+			v, m := protowire.ConsumeVarint(b)
+			b = b[m:]
+			switch num {
+			case genid.FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_number:
+				ed = Edition(v)
+			}
+		case protowire.BytesType:
+			v, m := protowire.ConsumeBytes(b)
+			b = b[m:]
+			switch num {
+			case genid.FeatureSetDefaults_FeatureSetEditionDefault_Features_field_number:
+				fs = unmarshalFeatureSet(v, fs)
+			}
+		}
+	}
+	defaultsCache[ed] = fs
+}
+
+func unmarshalEditionDefaults(b []byte) {
+	for len(b) > 0 {
+		num, _, n := protowire.ConsumeTag(b)
+		b = b[n:]
+		switch num {
+		case genid.FeatureSetDefaults_Defaults_field_number:
+			def, m := protowire.ConsumeBytes(b)
+			b = b[m:]
+			unmarshalEditionDefault(def)
+		case genid.FeatureSetDefaults_MinimumEdition_field_number,
+			genid.FeatureSetDefaults_MaximumEdition_field_number:
+			// We don't care about the minimum and maximum editions. If the
+			// edition we are looking for later on is not in the cache we know
+			// it is outside of the range between minimum and maximum edition.
+			_, m := protowire.ConsumeVarint(b)
+			b = b[m:]
+		default:
+			panic(fmt.Sprintf("unkown field number %d while unmarshalling EditionDefault", num))
+		}
+	}
+}
+
+func getFeaturesFor(ed Edition) EditionFeatures {
+	if def, ok := defaultsCache[ed]; ok {
+		return def
+	}
+	panic(fmt.Sprintf("unsupported edition: %v", ed))
+}
diff --git a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
index 8f94230ea..40272c893 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
@@ -18,6 +18,21 @@ const (
 	Edition_enum_name     = "Edition"
 )
 
+// Enum values for google.protobuf.Edition.
+const (
+	Edition_EDITION_UNKNOWN_enum_value         = 0
+	Edition_EDITION_PROTO2_enum_value          = 998
+	Edition_EDITION_PROTO3_enum_value          = 999
+	Edition_EDITION_2023_enum_value            = 1000
+	Edition_EDITION_2024_enum_value            = 1001
+	Edition_EDITION_1_TEST_ONLY_enum_value     = 1
+	Edition_EDITION_2_TEST_ONLY_enum_value     = 2
+	Edition_EDITION_99997_TEST_ONLY_enum_value = 99997
+	Edition_EDITION_99998_TEST_ONLY_enum_value = 99998
+	Edition_EDITION_99999_TEST_ONLY_enum_value = 99999
+	Edition_EDITION_MAX_enum_value             = 2147483647
+)
+
 // Names for google.protobuf.FileDescriptorSet.
 const (
 	FileDescriptorSet_message_name     protoreflect.Name     = "FileDescriptorSet"
@@ -213,6 +228,12 @@ const (
 	ExtensionRangeOptions_VerificationState_enum_name     = "VerificationState"
 )
 
+// Enum values for google.protobuf.ExtensionRangeOptions.VerificationState.
+const (
+	ExtensionRangeOptions_DECLARATION_enum_value = 0
+	ExtensionRangeOptions_UNVERIFIED_enum_value  = 1
+)
+
 // Names for google.protobuf.ExtensionRangeOptions.Declaration.
 const (
 	ExtensionRangeOptions_Declaration_message_name     protoreflect.Name     = "Declaration"
@@ -297,12 +318,41 @@ const (
 	FieldDescriptorProto_Type_enum_name     = "Type"
 )
 
+// Enum values for google.protobuf.FieldDescriptorProto.Type.
+const (
+	FieldDescriptorProto_TYPE_DOUBLE_enum_value   = 1
+	FieldDescriptorProto_TYPE_FLOAT_enum_value    = 2
+	FieldDescriptorProto_TYPE_INT64_enum_value    = 3
+	FieldDescriptorProto_TYPE_UINT64_enum_value   = 4
+	FieldDescriptorProto_TYPE_INT32_enum_value    = 5
+	FieldDescriptorProto_TYPE_FIXED64_enum_value  = 6
+	FieldDescriptorProto_TYPE_FIXED32_enum_value  = 7
+	FieldDescriptorProto_TYPE_BOOL_enum_value     = 8
+	FieldDescriptorProto_TYPE_STRING_enum_value   = 9
+	FieldDescriptorProto_TYPE_GROUP_enum_value    = 10
+	FieldDescriptorProto_TYPE_MESSAGE_enum_value  = 11
+	FieldDescriptorProto_TYPE_BYTES_enum_value    = 12
+	FieldDescriptorProto_TYPE_UINT32_enum_value   = 13
+	FieldDescriptorProto_TYPE_ENUM_enum_value     = 14
+	FieldDescriptorProto_TYPE_SFIXED32_enum_value = 15
+	FieldDescriptorProto_TYPE_SFIXED64_enum_value = 16
+	FieldDescriptorProto_TYPE_SINT32_enum_value   = 17
+	FieldDescriptorProto_TYPE_SINT64_enum_value   = 18
+)
+
 // Full and short names for google.protobuf.FieldDescriptorProto.Label.
 const (
 	FieldDescriptorProto_Label_enum_fullname = "google.protobuf.FieldDescriptorProto.Label"
 	FieldDescriptorProto_Label_enum_name     = "Label"
 )
 
+// Enum values for google.protobuf.FieldDescriptorProto.Label.
+const (
+	FieldDescriptorProto_LABEL_OPTIONAL_enum_value = 1
+	FieldDescriptorProto_LABEL_REPEATED_enum_value = 3
+	FieldDescriptorProto_LABEL_REQUIRED_enum_value = 2
+)
+
 // Names for google.protobuf.OneofDescriptorProto.
 const (
 	OneofDescriptorProto_message_name     protoreflect.Name     = "OneofDescriptorProto"
@@ -474,7 +524,6 @@ const (
 	FileOptions_CcGenericServices_field_name         protoreflect.Name = "cc_generic_services"
 	FileOptions_JavaGenericServices_field_name       protoreflect.Name = "java_generic_services"
 	FileOptions_PyGenericServices_field_name         protoreflect.Name = "py_generic_services"
-	FileOptions_PhpGenericServices_field_name        protoreflect.Name = "php_generic_services"
 	FileOptions_Deprecated_field_name                protoreflect.Name = "deprecated"
 	FileOptions_CcEnableArenas_field_name            protoreflect.Name = "cc_enable_arenas"
 	FileOptions_ObjcClassPrefix_field_name           protoreflect.Name = "objc_class_prefix"
@@ -497,7 +546,6 @@ const (
 	FileOptions_CcGenericServices_field_fullname         protoreflect.FullName = "google.protobuf.FileOptions.cc_generic_services"
 	FileOptions_JavaGenericServices_field_fullname       protoreflect.FullName = "google.protobuf.FileOptions.java_generic_services"
 	FileOptions_PyGenericServices_field_fullname         protoreflect.FullName = "google.protobuf.FileOptions.py_generic_services"
-	FileOptions_PhpGenericServices_field_fullname        protoreflect.FullName = "google.protobuf.FileOptions.php_generic_services"
 	FileOptions_Deprecated_field_fullname                protoreflect.FullName = "google.protobuf.FileOptions.deprecated"
 	FileOptions_CcEnableArenas_field_fullname            protoreflect.FullName = "google.protobuf.FileOptions.cc_enable_arenas"
 	FileOptions_ObjcClassPrefix_field_fullname           protoreflect.FullName = "google.protobuf.FileOptions.objc_class_prefix"
@@ -523,7 +571,6 @@ const (
 	FileOptions_CcGenericServices_field_number         protoreflect.FieldNumber = 16
 	FileOptions_JavaGenericServices_field_number       protoreflect.FieldNumber = 17
 	FileOptions_PyGenericServices_field_number         protoreflect.FieldNumber = 18
-	FileOptions_PhpGenericServices_field_number        protoreflect.FieldNumber = 42
 	FileOptions_Deprecated_field_number                protoreflect.FieldNumber = 23
 	FileOptions_CcEnableArenas_field_number            protoreflect.FieldNumber = 31
 	FileOptions_ObjcClassPrefix_field_number           protoreflect.FieldNumber = 36
@@ -543,6 +590,13 @@ const (
 	FileOptions_OptimizeMode_enum_name     = "OptimizeMode"
 )
 
+// Enum values for google.protobuf.FileOptions.OptimizeMode.
+const (
+	FileOptions_SPEED_enum_value        = 1
+	FileOptions_CODE_SIZE_enum_value    = 2
+	FileOptions_LITE_RUNTIME_enum_value = 3
+)
+
 // Names for google.protobuf.MessageOptions.
 const (
 	MessageOptions_message_name     protoreflect.Name     = "MessageOptions"
@@ -639,24 +693,59 @@ const (
 	FieldOptions_CType_enum_name     = "CType"
 )
 
+// Enum values for google.protobuf.FieldOptions.CType.
+const (
+	FieldOptions_STRING_enum_value       = 0
+	FieldOptions_CORD_enum_value         = 1
+	FieldOptions_STRING_PIECE_enum_value = 2
+)
+
 // Full and short names for google.protobuf.FieldOptions.JSType.
 const (
 	FieldOptions_JSType_enum_fullname = "google.protobuf.FieldOptions.JSType"
 	FieldOptions_JSType_enum_name     = "JSType"
 )
 
+// Enum values for google.protobuf.FieldOptions.JSType.
+const (
+	FieldOptions_JS_NORMAL_enum_value = 0
+	FieldOptions_JS_STRING_enum_value = 1
+	FieldOptions_JS_NUMBER_enum_value = 2
+)
+
 // Full and short names for google.protobuf.FieldOptions.OptionRetention.
 const (
 	FieldOptions_OptionRetention_enum_fullname = "google.protobuf.FieldOptions.OptionRetention"
 	FieldOptions_OptionRetention_enum_name     = "OptionRetention"
 )
 
+// Enum values for google.protobuf.FieldOptions.OptionRetention.
+const (
+	FieldOptions_RETENTION_UNKNOWN_enum_value = 0
+	FieldOptions_RETENTION_RUNTIME_enum_value = 1
+	FieldOptions_RETENTION_SOURCE_enum_value  = 2
+)
+
 // Full and short names for google.protobuf.FieldOptions.OptionTargetType.
 const (
 	FieldOptions_OptionTargetType_enum_fullname = "google.protobuf.FieldOptions.OptionTargetType"
 	FieldOptions_OptionTargetType_enum_name     = "OptionTargetType"
 )
 
+// Enum values for google.protobuf.FieldOptions.OptionTargetType.
+const (
+	FieldOptions_TARGET_TYPE_UNKNOWN_enum_value         = 0
+	FieldOptions_TARGET_TYPE_FILE_enum_value            = 1
+	FieldOptions_TARGET_TYPE_EXTENSION_RANGE_enum_value = 2
+	FieldOptions_TARGET_TYPE_MESSAGE_enum_value         = 3
+	FieldOptions_TARGET_TYPE_FIELD_enum_value           = 4
+	FieldOptions_TARGET_TYPE_ONEOF_enum_value           = 5
+	FieldOptions_TARGET_TYPE_ENUM_enum_value            = 6
+	FieldOptions_TARGET_TYPE_ENUM_ENTRY_enum_value      = 7
+	FieldOptions_TARGET_TYPE_SERVICE_enum_value         = 8
+	FieldOptions_TARGET_TYPE_METHOD_enum_value          = 9
+)
+
 // Names for google.protobuf.FieldOptions.EditionDefault.
 const (
 	FieldOptions_EditionDefault_message_name     protoreflect.Name     = "EditionDefault"
@@ -813,6 +902,13 @@ const (
 	MethodOptions_IdempotencyLevel_enum_name     = "IdempotencyLevel"
 )
 
+// Enum values for google.protobuf.MethodOptions.IdempotencyLevel.
+const (
+	MethodOptions_IDEMPOTENCY_UNKNOWN_enum_value = 0
+	MethodOptions_NO_SIDE_EFFECTS_enum_value     = 1
+	MethodOptions_IDEMPOTENT_enum_value          = 2
+)
+
 // Names for google.protobuf.UninterpretedOption.
 const (
 	UninterpretedOption_message_name     protoreflect.Name     = "UninterpretedOption"
@@ -909,36 +1005,79 @@ const (
 	FeatureSet_FieldPresence_enum_name     = "FieldPresence"
 )
 
+// Enum values for google.protobuf.FeatureSet.FieldPresence.
+const (
+	FeatureSet_FIELD_PRESENCE_UNKNOWN_enum_value = 0
+	FeatureSet_EXPLICIT_enum_value               = 1
+	FeatureSet_IMPLICIT_enum_value               = 2
+	FeatureSet_LEGACY_REQUIRED_enum_value        = 3
+)
+
 // Full and short names for google.protobuf.FeatureSet.EnumType.
 const (
 	FeatureSet_EnumType_enum_fullname = "google.protobuf.FeatureSet.EnumType"
 	FeatureSet_EnumType_enum_name     = "EnumType"
 )
 
+// Enum values for google.protobuf.FeatureSet.EnumType.
+const (
+	FeatureSet_ENUM_TYPE_UNKNOWN_enum_value = 0
+	FeatureSet_OPEN_enum_value              = 1
+	FeatureSet_CLOSED_enum_value            = 2
+)
+
 // Full and short names for google.protobuf.FeatureSet.RepeatedFieldEncoding.
 const (
 	FeatureSet_RepeatedFieldEncoding_enum_fullname = "google.protobuf.FeatureSet.RepeatedFieldEncoding"
 	FeatureSet_RepeatedFieldEncoding_enum_name     = "RepeatedFieldEncoding"
 )
 
+// Enum values for google.protobuf.FeatureSet.RepeatedFieldEncoding.
+const (
+	FeatureSet_REPEATED_FIELD_ENCODING_UNKNOWN_enum_value = 0
+	FeatureSet_PACKED_enum_value                          = 1
+	FeatureSet_EXPANDED_enum_value                        = 2
+)
+
 // Full and short names for google.protobuf.FeatureSet.Utf8Validation.
 const (
 	FeatureSet_Utf8Validation_enum_fullname = "google.protobuf.FeatureSet.Utf8Validation"
 	FeatureSet_Utf8Validation_enum_name     = "Utf8Validation"
 )
 
+// Enum values for google.protobuf.FeatureSet.Utf8Validation.
+const (
+	FeatureSet_UTF8_VALIDATION_UNKNOWN_enum_value = 0
+	FeatureSet_VERIFY_enum_value                  = 2
+	FeatureSet_NONE_enum_value                    = 3
+)
+
 // Full and short names for google.protobuf.FeatureSet.MessageEncoding.
 const (
 	FeatureSet_MessageEncoding_enum_fullname = "google.protobuf.FeatureSet.MessageEncoding"
 	FeatureSet_MessageEncoding_enum_name     = "MessageEncoding"
 )
 
+// Enum values for google.protobuf.FeatureSet.MessageEncoding.
+const (
+	FeatureSet_MESSAGE_ENCODING_UNKNOWN_enum_value = 0
+	FeatureSet_LENGTH_PREFIXED_enum_value          = 1
+	FeatureSet_DELIMITED_enum_value                = 2
+)
+
 // Full and short names for google.protobuf.FeatureSet.JsonFormat.
 const (
 	FeatureSet_JsonFormat_enum_fullname = "google.protobuf.FeatureSet.JsonFormat"
 	FeatureSet_JsonFormat_enum_name     = "JsonFormat"
 )
 
+// Enum values for google.protobuf.FeatureSet.JsonFormat.
+const (
+	FeatureSet_JSON_FORMAT_UNKNOWN_enum_value = 0
+	FeatureSet_ALLOW_enum_value               = 1
+	FeatureSet_LEGACY_BEST_EFFORT_enum_value  = 2
+)
+
 // Names for google.protobuf.FeatureSetDefaults.
 const (
 	FeatureSetDefaults_message_name     protoreflect.Name     = "FeatureSetDefaults"
@@ -1085,3 +1224,10 @@ const (
 	GeneratedCodeInfo_Annotation_Semantic_enum_fullname = "google.protobuf.GeneratedCodeInfo.Annotation.Semantic"
 	GeneratedCodeInfo_Annotation_Semantic_enum_name     = "Semantic"
 )
+
+// Enum values for google.protobuf.GeneratedCodeInfo.Annotation.Semantic.
+const (
+	GeneratedCodeInfo_Annotation_NONE_enum_value  = 0
+	GeneratedCodeInfo_Annotation_SET_enum_value   = 1
+	GeneratedCodeInfo_Annotation_ALIAS_enum_value = 2
+)
diff --git a/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go b/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go
new file mode 100644
index 000000000..fd9015e8e
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go
@@ -0,0 +1,31 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Code generated by generate-protos. DO NOT EDIT.
+
+package genid
+
+import (
+	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+)
+
+const File_reflect_protodesc_proto_go_features_proto = "reflect/protodesc/proto/go_features.proto"
+
+// Names for google.protobuf.GoFeatures.
+const (
+	GoFeatures_message_name     protoreflect.Name     = "GoFeatures"
+	GoFeatures_message_fullname protoreflect.FullName = "google.protobuf.GoFeatures"
+)
+
+// Field names for google.protobuf.GoFeatures.
+const (
+	GoFeatures_LegacyUnmarshalJsonEnum_field_name protoreflect.Name = "legacy_unmarshal_json_enum"
+
+	GoFeatures_LegacyUnmarshalJsonEnum_field_fullname protoreflect.FullName = "google.protobuf.GoFeatures.legacy_unmarshal_json_enum"
+)
+
+// Field numbers for google.protobuf.GoFeatures.
+const (
+	GoFeatures_LegacyUnmarshalJsonEnum_field_number protoreflect.FieldNumber = 1
+)
diff --git a/vendor/google.golang.org/protobuf/internal/genid/struct_gen.go b/vendor/google.golang.org/protobuf/internal/genid/struct_gen.go
index 1a38944b2..ad6f80c46 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/struct_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/struct_gen.go
@@ -18,6 +18,11 @@ const (
 	NullValue_enum_name     = "NullValue"
 )
 
+// Enum values for google.protobuf.NullValue.
+const (
+	NullValue_NULL_VALUE_enum_value = 0
+)
+
 // Names for google.protobuf.Struct.
 const (
 	Struct_message_name     protoreflect.Name     = "Struct"
diff --git a/vendor/google.golang.org/protobuf/internal/genid/type_gen.go b/vendor/google.golang.org/protobuf/internal/genid/type_gen.go
index e0f75fea0..49bc73e25 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/type_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/type_gen.go
@@ -18,6 +18,13 @@ const (
 	Syntax_enum_name     = "Syntax"
 )
 
+// Enum values for google.protobuf.Syntax.
+const (
+	Syntax_SYNTAX_PROTO2_enum_value   = 0
+	Syntax_SYNTAX_PROTO3_enum_value   = 1
+	Syntax_SYNTAX_EDITIONS_enum_value = 2
+)
+
 // Names for google.protobuf.Type.
 const (
 	Type_message_name     protoreflect.Name     = "Type"
@@ -105,12 +112,43 @@ const (
 	Field_Kind_enum_name     = "Kind"
 )
 
+// Enum values for google.protobuf.Field.Kind.
+const (
+	Field_TYPE_UNKNOWN_enum_value  = 0
+	Field_TYPE_DOUBLE_enum_value   = 1
+	Field_TYPE_FLOAT_enum_value    = 2
+	Field_TYPE_INT64_enum_value    = 3
+	Field_TYPE_UINT64_enum_value   = 4
+	Field_TYPE_INT32_enum_value    = 5
+	Field_TYPE_FIXED64_enum_value  = 6
+	Field_TYPE_FIXED32_enum_value  = 7
+	Field_TYPE_BOOL_enum_value     = 8
+	Field_TYPE_STRING_enum_value   = 9
+	Field_TYPE_GROUP_enum_value    = 10
+	Field_TYPE_MESSAGE_enum_value  = 11
+	Field_TYPE_BYTES_enum_value    = 12
+	Field_TYPE_UINT32_enum_value   = 13
+	Field_TYPE_ENUM_enum_value     = 14
+	Field_TYPE_SFIXED32_enum_value = 15
+	Field_TYPE_SFIXED64_enum_value = 16
+	Field_TYPE_SINT32_enum_value   = 17
+	Field_TYPE_SINT64_enum_value   = 18
+)
+
 // Full and short names for google.protobuf.Field.Cardinality.
 const (
 	Field_Cardinality_enum_fullname = "google.protobuf.Field.Cardinality"
 	Field_Cardinality_enum_name     = "Cardinality"
 )
 
+// Enum values for google.protobuf.Field.Cardinality.
+const (
+	Field_CARDINALITY_UNKNOWN_enum_value  = 0
+	Field_CARDINALITY_OPTIONAL_enum_value = 1
+	Field_CARDINALITY_REQUIRED_enum_value = 2
+	Field_CARDINALITY_REPEATED_enum_value = 3
+)
+
 // Names for google.protobuf.Enum.
 const (
 	Enum_message_name     protoreflect.Name     = "Enum"
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go b/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go
index e74cefdc5..2b8f122c2 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go
@@ -21,26 +21,18 @@ type extensionFieldInfo struct {
 	validation          validationInfo
 }
 
-var legacyExtensionFieldInfoCache sync.Map // map[protoreflect.ExtensionType]*extensionFieldInfo
-
 func getExtensionFieldInfo(xt protoreflect.ExtensionType) *extensionFieldInfo {
 	if xi, ok := xt.(*ExtensionInfo); ok {
 		xi.lazyInit()
 		return xi.info
 	}
-	return legacyLoadExtensionFieldInfo(xt)
-}
-
-// legacyLoadExtensionFieldInfo dynamically loads a *ExtensionInfo for xt.
-func legacyLoadExtensionFieldInfo(xt protoreflect.ExtensionType) *extensionFieldInfo {
-	if xi, ok := legacyExtensionFieldInfoCache.Load(xt); ok {
-		return xi.(*extensionFieldInfo)
-	}
-	e := makeExtensionFieldInfo(xt.TypeDescriptor())
-	if e, ok := legacyMessageTypeCache.LoadOrStore(xt, e); ok {
-		return e.(*extensionFieldInfo)
-	}
-	return e
+	// Ideally we'd cache the resulting *extensionFieldInfo so we don't have to
+	// recompute this metadata repeatedly. But without support for something like
+	// weak references, such a cache would pin temporary values (like dynamic
+	// extension types, constructed for the duration of a user request) to the
+	// heap forever, causing memory usage of the cache to grow unbounded.
+	// See discussion in https://github.com/golang/protobuf/issues/1521.
+	return makeExtensionFieldInfo(xt.TypeDescriptor())
 }
 
 func makeExtensionFieldInfo(xd protoreflect.ExtensionDescriptor) *extensionFieldInfo {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_tables.go b/vendor/google.golang.org/protobuf/internal/impl/codec_tables.go
index 576dcf3aa..13077751e 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_tables.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_tables.go
@@ -197,7 +197,7 @@ func fieldCoder(fd protoreflect.FieldDescriptor, ft reflect.Type) (*MessageInfo,
 		return getMessageInfo(ft), makeMessageFieldCoder(fd, ft)
 	case fd.Kind() == protoreflect.GroupKind:
 		return getMessageInfo(ft), makeGroupFieldCoder(fd, ft)
-	case fd.Syntax() == protoreflect.Proto3 && fd.ContainingOneof() == nil:
+	case !fd.HasPresence() && fd.ContainingOneof() == nil:
 		// Populated oneof fields always encode even if set to the zero value,
 		// which normally are not encoded in proto3.
 		switch fd.Kind() {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go
index 5e736c60e..986322b19 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go
@@ -538,6 +538,6 @@ func isZero(v reflect.Value) bool {
 		}
 		return true
 	default:
-		panic(&reflect.ValueError{"reflect.Value.IsZero", v.Kind()})
+		panic(&reflect.ValueError{Method: "reflect.Value.IsZero", Kind: v.Kind()})
 	}
 }
diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings.go b/vendor/google.golang.org/protobuf/internal/strs/strings.go
index 0b74e7658..a6e7df244 100644
--- a/vendor/google.golang.org/protobuf/internal/strs/strings.go
+++ b/vendor/google.golang.org/protobuf/internal/strs/strings.go
@@ -17,7 +17,7 @@ import (
 
 // EnforceUTF8 reports whether to enforce strict UTF-8 validation.
 func EnforceUTF8(fd protoreflect.FieldDescriptor) bool {
-	if flags.ProtoLegacy {
+	if flags.ProtoLegacy || fd.Syntax() == protoreflect.Editions {
 		if fd, ok := fd.(interface{ EnforceUTF8() bool }); ok {
 			return fd.EnforceUTF8()
 		}
diff --git a/vendor/google.golang.org/protobuf/internal/version/version.go b/vendor/google.golang.org/protobuf/internal/version/version.go
index d8f48faff..a50fcfb49 100644
--- a/vendor/google.golang.org/protobuf/internal/version/version.go
+++ b/vendor/google.golang.org/protobuf/internal/version/version.go
@@ -51,7 +51,7 @@ import (
 //  10. Send out the CL for review and submit it.
 const (
 	Major      = 1
-	Minor      = 32
+	Minor      = 33
 	Patch      = 0
 	PreRelease = ""
 )
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
index ec6572dfd..00b01fbd8 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
@@ -175,6 +175,8 @@ func (s Syntax) String() string {
 		return "proto2"
 	case Proto3:
 		return "proto3"
+	case Editions:
+		return "editions"
 	default:
 		return fmt.Sprintf("", s)
 	}
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
index 0c045db6a..7dcc2ff09 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
@@ -160,8 +160,6 @@ func (p *SourcePath) appendFileOptions(b []byte) []byte {
 		b = p.appendSingularField(b, "java_generic_services", nil)
 	case 18:
 		b = p.appendSingularField(b, "py_generic_services", nil)
-	case 42:
-		b = p.appendSingularField(b, "php_generic_services", nil)
 	case 23:
 		b = p.appendSingularField(b, "deprecated", nil)
 	case 31:
diff --git a/vendor/k8s.io/klog/v2/.golangci.yaml b/vendor/k8s.io/klog/v2/.golangci.yaml
new file mode 100644
index 000000000..0d77d65f0
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/.golangci.yaml
@@ -0,0 +1,6 @@
+linters:
+  disable-all: true
+  enable: # sorted alphabetical
+    - gofmt
+    - misspell
+    - revive
diff --git a/vendor/k8s.io/klog/v2/OWNERS b/vendor/k8s.io/klog/v2/OWNERS
index a2fe8f351..7500475a6 100644
--- a/vendor/k8s.io/klog/v2/OWNERS
+++ b/vendor/k8s.io/klog/v2/OWNERS
@@ -1,14 +1,16 @@
 # See the OWNERS docs at https://go.k8s.io/owners
 reviewers:
   - harshanarayana
+  - mengjiao-liu
   - pohly
 approvers:
   - dims
+  - pohly
   - thockin
-  - serathius
 emeritus_approvers:
   - brancz
   - justinsb
   - lavalamp
   - piosz
+  - serathius
   - tallclair
diff --git a/vendor/k8s.io/klog/v2/contextual_slog.go b/vendor/k8s.io/klog/v2/contextual_slog.go
new file mode 100644
index 000000000..d3b562521
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/contextual_slog.go
@@ -0,0 +1,31 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package klog
+
+import (
+	"log/slog"
+
+	"github.com/go-logr/logr"
+)
+
+// SetSlogLogger reconfigures klog to log through the slog logger. The logger must not be nil.
+func SetSlogLogger(logger *slog.Logger) {
+	SetLoggerWithOptions(logr.FromSlogHandler(logger.Handler()), ContextualLogger(true))
+}
diff --git a/vendor/k8s.io/klog/v2/internal/buffer/buffer.go b/vendor/k8s.io/klog/v2/internal/buffer/buffer.go
index f325ded5e..46de00fb0 100644
--- a/vendor/k8s.io/klog/v2/internal/buffer/buffer.go
+++ b/vendor/k8s.io/klog/v2/internal/buffer/buffer.go
@@ -30,14 +30,16 @@ import (
 var (
 	// Pid is inserted into log headers. Can be overridden for tests.
 	Pid = os.Getpid()
+
+	// Time, if set, will be used instead of the actual current time.
+	Time *time.Time
 )
 
 // Buffer holds a single byte.Buffer for reuse. The zero value is ready for
 // use. It also provides some helper methods for output formatting.
 type Buffer struct {
 	bytes.Buffer
-	Tmp  [64]byte // temporary byte array for creating headers.
-	next *Buffer
+	Tmp [64]byte // temporary byte array for creating headers.
 }
 
 var buffers = sync.Pool{
@@ -122,6 +124,9 @@ func (buf *Buffer) FormatHeader(s severity.Severity, file string, line int, now
 
 	// Avoid Fprintf, for speed. The format is so simple that we can do it quickly by hand.
 	// It's worth about 3X. Fprintf is hard.
+	if Time != nil {
+		now = *Time
+	}
 	_, month, day := now.Date()
 	hour, minute, second := now.Clock()
 	// Lmmdd hh:mm:ss.uuuuuu threadid file:line]
@@ -157,6 +162,9 @@ func (buf *Buffer) SprintHeader(s severity.Severity, now time.Time) string {
 
 	// Avoid Fprintf, for speed. The format is so simple that we can do it quickly by hand.
 	// It's worth about 3X. Fprintf is hard.
+	if Time != nil {
+		now = *Time
+	}
 	_, month, day := now.Date()
 	hour, minute, second := now.Clock()
 	// Lmmdd hh:mm:ss.uuuuuu threadid file:line]
diff --git a/vendor/k8s.io/klog/v2/internal/clock/clock.go b/vendor/k8s.io/klog/v2/internal/clock/clock.go
index b8b6af5c8..cc11bb480 100644
--- a/vendor/k8s.io/klog/v2/internal/clock/clock.go
+++ b/vendor/k8s.io/klog/v2/internal/clock/clock.go
@@ -39,16 +39,6 @@ type Clock interface {
 	// Sleep sleeps for the provided duration d.
 	// Consider making the sleep interruptible by using 'select' on a context channel and a timer channel.
 	Sleep(d time.Duration)
-	// Tick returns the channel of a new Ticker.
-	// This method does not allow to free/GC the backing ticker. Use
-	// NewTicker from WithTicker instead.
-	Tick(d time.Duration) <-chan time.Time
-}
-
-// WithTicker allows for injecting fake or real clocks into code that
-// needs to do arbitrary things based on time.
-type WithTicker interface {
-	Clock
 	// NewTicker returns a new Ticker.
 	NewTicker(time.Duration) Ticker
 }
@@ -66,7 +56,7 @@ type WithDelayedExecution interface {
 // WithTickerAndDelayedExecution allows for injecting fake or real clocks
 // into code that needs Ticker and AfterFunc functionality
 type WithTickerAndDelayedExecution interface {
-	WithTicker
+	Clock
 	// AfterFunc executes f in its own goroutine after waiting
 	// for d duration and returns a Timer whose channel can be
 	// closed by calling Stop() on the Timer.
@@ -79,7 +69,7 @@ type Ticker interface {
 	Stop()
 }
 
-var _ = WithTicker(RealClock{})
+var _ Clock = RealClock{}
 
 // RealClock really calls time.Now()
 type RealClock struct{}
@@ -115,13 +105,6 @@ func (RealClock) AfterFunc(d time.Duration, f func()) Timer {
 	}
 }
 
-// Tick is the same as time.Tick(d)
-// This method does not allow to free/GC the backing ticker. Use
-// NewTicker instead.
-func (RealClock) Tick(d time.Duration) <-chan time.Time {
-	return time.Tick(d)
-}
-
 // NewTicker returns a new Ticker.
 func (RealClock) NewTicker(d time.Duration) Ticker {
 	return &realTicker{
diff --git a/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go
index bcdf5f8ee..d1a4751c9 100644
--- a/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go
+++ b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues.go
@@ -172,73 +172,6 @@ func KVListFormat(b *bytes.Buffer, keysAndValues ...interface{}) {
 	Formatter{}.KVListFormat(b, keysAndValues...)
 }
 
-// KVFormat serializes one key/value pair into the provided buffer.
-// A space gets inserted before the pair.
-func (f Formatter) KVFormat(b *bytes.Buffer, k, v interface{}) {
-	b.WriteByte(' ')
-	// Keys are assumed to be well-formed according to
-	// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/migration-to-structured-logging.md#name-arguments
-	// for the sake of performance. Keys with spaces,
-	// special characters, etc. will break parsing.
-	if sK, ok := k.(string); ok {
-		// Avoid one allocation when the key is a string, which
-		// normally it should be.
-		b.WriteString(sK)
-	} else {
-		b.WriteString(fmt.Sprintf("%s", k))
-	}
-
-	// The type checks are sorted so that more frequently used ones
-	// come first because that is then faster in the common
-	// cases. In Kubernetes, ObjectRef (a Stringer) is more common
-	// than plain strings
-	// (https://github.com/kubernetes/kubernetes/pull/106594#issuecomment-975526235).
-	switch v := v.(type) {
-	case textWriter:
-		writeTextWriterValue(b, v)
-	case fmt.Stringer:
-		writeStringValue(b, StringerToString(v))
-	case string:
-		writeStringValue(b, v)
-	case error:
-		writeStringValue(b, ErrorToString(v))
-	case logr.Marshaler:
-		value := MarshalerToValue(v)
-		// A marshaler that returns a string is useful for
-		// delayed formatting of complex values. We treat this
-		// case like a normal string. This is useful for
-		// multi-line support.
-		//
-		// We could do this by recursively formatting a value,
-		// but that comes with the risk of infinite recursion
-		// if a marshaler returns itself. Instead we call it
-		// only once and rely on it returning the intended
-		// value directly.
-		switch value := value.(type) {
-		case string:
-			writeStringValue(b, value)
-		default:
-			f.formatAny(b, value)
-		}
-	case []byte:
-		// In https://github.com/kubernetes/klog/pull/237 it was decided
-		// to format byte slices with "%+q". The advantages of that are:
-		// - readable output if the bytes happen to be printable
-		// - non-printable bytes get represented as unicode escape
-		//   sequences (\uxxxx)
-		//
-		// The downsides are that we cannot use the faster
-		// strconv.Quote here and that multi-line output is not
-		// supported. If developers know that a byte array is
-		// printable and they want multi-line output, they can
-		// convert the value to string before logging it.
-		b.WriteByte('=')
-		b.WriteString(fmt.Sprintf("%+q", v))
-	default:
-		f.formatAny(b, v)
-	}
-}
-
 func KVFormat(b *bytes.Buffer, k, v interface{}) {
 	Formatter{}.KVFormat(b, k, v)
 }
@@ -251,6 +184,10 @@ func (f Formatter) formatAny(b *bytes.Buffer, v interface{}) {
 		b.WriteString(f.AnyToStringHook(v))
 		return
 	}
+	formatAsJSON(b, v)
+}
+
+func formatAsJSON(b *bytes.Buffer, v interface{}) {
 	encoder := json.NewEncoder(b)
 	l := b.Len()
 	if err := encoder.Encode(v); err != nil {
diff --git a/vendor/k8s.io/klog/v2/internal/serialize/keyvalues_no_slog.go b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues_no_slog.go
new file mode 100644
index 000000000..d9c7d1546
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues_no_slog.go
@@ -0,0 +1,97 @@
+//go:build !go1.21
+// +build !go1.21
+
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package serialize
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/go-logr/logr"
+)
+
+// KVFormat serializes one key/value pair into the provided buffer.
+// A space gets inserted before the pair.
+func (f Formatter) KVFormat(b *bytes.Buffer, k, v interface{}) {
+	// This is the version without slog support. Must be kept in sync with
+	// the version in keyvalues_slog.go.
+
+	b.WriteByte(' ')
+	// Keys are assumed to be well-formed according to
+	// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/migration-to-structured-logging.md#name-arguments
+	// for the sake of performance. Keys with spaces,
+	// special characters, etc. will break parsing.
+	if sK, ok := k.(string); ok {
+		// Avoid one allocation when the key is a string, which
+		// normally it should be.
+		b.WriteString(sK)
+	} else {
+		b.WriteString(fmt.Sprintf("%s", k))
+	}
+
+	// The type checks are sorted so that more frequently used ones
+	// come first because that is then faster in the common
+	// cases. In Kubernetes, ObjectRef (a Stringer) is more common
+	// than plain strings
+	// (https://github.com/kubernetes/kubernetes/pull/106594#issuecomment-975526235).
+	switch v := v.(type) {
+	case textWriter:
+		writeTextWriterValue(b, v)
+	case fmt.Stringer:
+		writeStringValue(b, StringerToString(v))
+	case string:
+		writeStringValue(b, v)
+	case error:
+		writeStringValue(b, ErrorToString(v))
+	case logr.Marshaler:
+		value := MarshalerToValue(v)
+		// A marshaler that returns a string is useful for
+		// delayed formatting of complex values. We treat this
+		// case like a normal string. This is useful for
+		// multi-line support.
+		//
+		// We could do this by recursively formatting a value,
+		// but that comes with the risk of infinite recursion
+		// if a marshaler returns itself. Instead we call it
+		// only once and rely on it returning the intended
+		// value directly.
+		switch value := value.(type) {
+		case string:
+			writeStringValue(b, value)
+		default:
+			f.formatAny(b, value)
+		}
+	case []byte:
+		// In https://github.com/kubernetes/klog/pull/237 it was decided
+		// to format byte slices with "%+q". The advantages of that are:
+		// - readable output if the bytes happen to be printable
+		// - non-printable bytes get represented as unicode escape
+		//   sequences (\uxxxx)
+		//
+		// The downsides are that we cannot use the faster
+		// strconv.Quote here and that multi-line output is not
+		// supported. If developers know that a byte array is
+		// printable and they want multi-line output, they can
+		// convert the value to string before logging it.
+		b.WriteByte('=')
+		b.WriteString(fmt.Sprintf("%+q", v))
+	default:
+		f.formatAny(b, v)
+	}
+}
diff --git a/vendor/k8s.io/klog/v2/internal/serialize/keyvalues_slog.go b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues_slog.go
new file mode 100644
index 000000000..89acf9772
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/internal/serialize/keyvalues_slog.go
@@ -0,0 +1,155 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package serialize
+
+import (
+	"bytes"
+	"fmt"
+	"log/slog"
+	"strconv"
+
+	"github.com/go-logr/logr"
+)
+
+// KVFormat serializes one key/value pair into the provided buffer.
+// A space gets inserted before the pair.
+func (f Formatter) KVFormat(b *bytes.Buffer, k, v interface{}) {
+	// This is the version without slog support. Must be kept in sync with
+	// the version in keyvalues_slog.go.
+
+	b.WriteByte(' ')
+	// Keys are assumed to be well-formed according to
+	// https://github.com/kubernetes/community/blob/master/contributors/devel/sig-instrumentation/migration-to-structured-logging.md#name-arguments
+	// for the sake of performance. Keys with spaces,
+	// special characters, etc. will break parsing.
+	if sK, ok := k.(string); ok {
+		// Avoid one allocation when the key is a string, which
+		// normally it should be.
+		b.WriteString(sK)
+	} else {
+		b.WriteString(fmt.Sprintf("%s", k))
+	}
+
+	// The type checks are sorted so that more frequently used ones
+	// come first because that is then faster in the common
+	// cases. In Kubernetes, ObjectRef (a Stringer) is more common
+	// than plain strings
+	// (https://github.com/kubernetes/kubernetes/pull/106594#issuecomment-975526235).
+	//
+	// slog.LogValuer does not need to be handled here because the handler will
+	// already have resolved such special values to the final value for logging.
+	switch v := v.(type) {
+	case textWriter:
+		writeTextWriterValue(b, v)
+	case slog.Value:
+		// This must come before fmt.Stringer because slog.Value implements
+		// fmt.Stringer, but does not produce the output that we want.
+		b.WriteByte('=')
+		generateJSON(b, v)
+	case fmt.Stringer:
+		writeStringValue(b, StringerToString(v))
+	case string:
+		writeStringValue(b, v)
+	case error:
+		writeStringValue(b, ErrorToString(v))
+	case logr.Marshaler:
+		value := MarshalerToValue(v)
+		// A marshaler that returns a string is useful for
+		// delayed formatting of complex values. We treat this
+		// case like a normal string. This is useful for
+		// multi-line support.
+		//
+		// We could do this by recursively formatting a value,
+		// but that comes with the risk of infinite recursion
+		// if a marshaler returns itself. Instead we call it
+		// only once and rely on it returning the intended
+		// value directly.
+		switch value := value.(type) {
+		case string:
+			writeStringValue(b, value)
+		default:
+			f.formatAny(b, value)
+		}
+	case slog.LogValuer:
+		value := slog.AnyValue(v).Resolve()
+		if value.Kind() == slog.KindString {
+			writeStringValue(b, value.String())
+		} else {
+			b.WriteByte('=')
+			generateJSON(b, value)
+		}
+	case []byte:
+		// In https://github.com/kubernetes/klog/pull/237 it was decided
+		// to format byte slices with "%+q". The advantages of that are:
+		// - readable output if the bytes happen to be printable
+		// - non-printable bytes get represented as unicode escape
+		//   sequences (\uxxxx)
+		//
+		// The downsides are that we cannot use the faster
+		// strconv.Quote here and that multi-line output is not
+		// supported. If developers know that a byte array is
+		// printable and they want multi-line output, they can
+		// convert the value to string before logging it.
+		b.WriteByte('=')
+		b.WriteString(fmt.Sprintf("%+q", v))
+	default:
+		f.formatAny(b, v)
+	}
+}
+
+// generateJSON has the same preference for plain strings as KVFormat.
+// In contrast to KVFormat it always produces valid JSON with no line breaks.
+func generateJSON(b *bytes.Buffer, v interface{}) {
+	switch v := v.(type) {
+	case slog.Value:
+		switch v.Kind() {
+		case slog.KindGroup:
+			// Format as a JSON group. We must not involve f.AnyToStringHook (if there is any),
+			// because there is no guarantee that it produces valid JSON.
+			b.WriteByte('{')
+			for i, attr := range v.Group() {
+				if i > 0 {
+					b.WriteByte(',')
+				}
+				b.WriteString(strconv.Quote(attr.Key))
+				b.WriteByte(':')
+				generateJSON(b, attr.Value)
+			}
+			b.WriteByte('}')
+		case slog.KindLogValuer:
+			generateJSON(b, v.Resolve())
+		default:
+			// Peel off the slog.Value wrapper and format the actual value.
+			generateJSON(b, v.Any())
+		}
+	case fmt.Stringer:
+		b.WriteString(strconv.Quote(StringerToString(v)))
+	case logr.Marshaler:
+		generateJSON(b, MarshalerToValue(v))
+	case slog.LogValuer:
+		generateJSON(b, slog.AnyValue(v).Resolve().Any())
+	case string:
+		b.WriteString(strconv.Quote(v))
+	case error:
+		b.WriteString(strconv.Quote(v.Error()))
+	default:
+		formatAsJSON(b, v)
+	}
+}
diff --git a/vendor/k8s.io/klog/v2/internal/sloghandler/sloghandler_slog.go b/vendor/k8s.io/klog/v2/internal/sloghandler/sloghandler_slog.go
new file mode 100644
index 000000000..21f1697d0
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/internal/sloghandler/sloghandler_slog.go
@@ -0,0 +1,96 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package sloghandler
+
+import (
+	"context"
+	"log/slog"
+	"runtime"
+	"strings"
+	"time"
+
+	"k8s.io/klog/v2/internal/severity"
+)
+
+func Handle(_ context.Context, record slog.Record, groups string, printWithInfos func(file string, line int, now time.Time, err error, s severity.Severity, msg string, kvList []interface{})) error {
+	now := record.Time
+	if now.IsZero() {
+		// This format doesn't support printing entries without a time.
+		now = time.Now()
+	}
+
+	// slog has numeric severity levels, with 0 as default "info", negative for debugging, and
+	// positive with some pre-defined levels for more important. Those ranges get mapped to
+	// the corresponding klog levels where possible, with "info" the default that is used
+	// also for negative debug levels.
+	level := record.Level
+	s := severity.InfoLog
+	switch {
+	case level >= slog.LevelError:
+		s = severity.ErrorLog
+	case level >= slog.LevelWarn:
+		s = severity.WarningLog
+	}
+
+	var file string
+	var line int
+	if record.PC != 0 {
+		// Same as https://cs.opensource.google/go/x/exp/+/642cacee:slog/record.go;drc=642cacee5cc05231f45555a333d07f1005ffc287;l=70
+		fs := runtime.CallersFrames([]uintptr{record.PC})
+		f, _ := fs.Next()
+		if f.File != "" {
+			file = f.File
+			if slash := strings.LastIndex(file, "/"); slash >= 0 {
+				file = file[slash+1:]
+			}
+			line = f.Line
+		}
+	} else {
+		file = "???"
+		line = 1
+	}
+
+	kvList := make([]interface{}, 0, 2*record.NumAttrs())
+	record.Attrs(func(attr slog.Attr) bool {
+		kvList = appendAttr(groups, kvList, attr)
+		return true
+	})
+
+	printWithInfos(file, line, now, nil, s, record.Message, kvList)
+	return nil
+}
+
+func Attrs2KVList(groups string, attrs []slog.Attr) []interface{} {
+	kvList := make([]interface{}, 0, 2*len(attrs))
+	for _, attr := range attrs {
+		kvList = appendAttr(groups, kvList, attr)
+	}
+	return kvList
+}
+
+func appendAttr(groups string, kvList []interface{}, attr slog.Attr) []interface{} {
+	var key string
+	if groups != "" {
+		key = groups + "." + attr.Key
+	} else {
+		key = attr.Key
+	}
+	return append(kvList, key, attr.Value)
+}
diff --git a/vendor/k8s.io/klog/v2/k8s_references_slog.go b/vendor/k8s.io/klog/v2/k8s_references_slog.go
new file mode 100644
index 000000000..5522c84c7
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/k8s_references_slog.go
@@ -0,0 +1,39 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package klog
+
+import (
+	"log/slog"
+)
+
+func (ref ObjectRef) LogValue() slog.Value {
+	if ref.Namespace != "" {
+		return slog.GroupValue(slog.String("name", ref.Name), slog.String("namespace", ref.Namespace))
+	}
+	return slog.GroupValue(slog.String("name", ref.Name))
+}
+
+var _ slog.LogValuer = ObjectRef{}
+
+func (ks kobjSlice) LogValue() slog.Value {
+	return slog.AnyValue(ks.MarshalLog())
+}
+
+var _ slog.LogValuer = kobjSlice{}
diff --git a/vendor/k8s.io/klog/v2/klog.go b/vendor/k8s.io/klog/v2/klog.go
index 152f8a6bd..026be9e3b 100644
--- a/vendor/k8s.io/klog/v2/klog.go
+++ b/vendor/k8s.io/klog/v2/klog.go
@@ -14,9 +14,26 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-// Package klog implements logging analogous to the Google-internal C++ INFO/ERROR/V setup.
-// It provides functions Info, Warning, Error, Fatal, plus formatting variants such as
-// Infof. It also provides V-style logging controlled by the -v and -vmodule=file=2 flags.
+// Package klog contains the following functionality:
+//
+//   - output routing as defined via command line flags ([InitFlags])
+//   - log formatting as text, either with a single, unstructured string ([Info], [Infof], etc.)
+//     or as a structured log entry with message and key/value pairs ([InfoS], etc.)
+//   - management of a go-logr [Logger] ([SetLogger], [Background], [TODO])
+//   - helper functions for logging values ([Format]) and managing the state of klog ([CaptureState], [State.Restore])
+//   - wrappers for [logr] APIs for contextual logging where the wrappers can
+//     be turned into no-ops ([EnableContextualLogging], [NewContext], [FromContext],
+//     [LoggerWithValues], [LoggerWithName]); if the ability to turn off
+//     contextual logging is not needed, then go-logr can also be used directly
+//   - type aliases for go-logr types to simplify imports in code which uses both (e.g. [Logger])
+//   - [k8s.io/klog/v2/textlogger]: a logger which uses the same formatting as klog log with
+//     simpler output routing; beware that it comes with its own command line flags
+//     and does not use the ones from klog
+//   - [k8s.io/klog/v2/ktesting]: per-test output in Go unit tests
+//   - [k8s.io/klog/v2/klogr]: a deprecated, standalone [logr.Logger] on top of the main klog package;
+//     use [Background] instead if klog output routing is needed, [k8s.io/klog/v2/textlogger] if not
+//   - [k8s.io/klog/v2/examples]: demos of this functionality
+//   - [k8s.io/klog/v2/test]: reusable tests for [logr.Logger] implementations
 //
 // Basic examples:
 //
@@ -415,7 +432,7 @@ func init() {
 	logging.stderrThreshold = severityValue{
 		Severity: severity.ErrorLog, // Default stderrThreshold is ERROR.
 	}
-	commandLine.Var(&logging.stderrThreshold, "stderrthreshold", "logs at or above this threshold go to stderr when writing to files and stderr (no effect when -logtostderr=true or -alsologtostderr=false)")
+	commandLine.Var(&logging.stderrThreshold, "stderrthreshold", "logs at or above this threshold go to stderr when writing to files and stderr (no effect when -logtostderr=true or -alsologtostderr=true)")
 	commandLine.Var(&logging.vmodule, "vmodule", "comma-separated list of pattern=N settings for file-filtered logging")
 	commandLine.Var(&logging.traceLocation, "log_backtrace_at", "when logging hits line file:N, emit a stack trace")
 
@@ -518,9 +535,7 @@ type settings struct {
 func (s settings) deepCopy() settings {
 	// vmodule is a slice and would be shared, so we have copy it.
 	filter := make([]modulePat, len(s.vmodule.filter))
-	for i := range s.vmodule.filter {
-		filter[i] = s.vmodule.filter[i]
-	}
+	copy(filter, s.vmodule.filter)
 	s.vmodule.filter = filter
 
 	if s.logger != nil {
@@ -657,16 +672,15 @@ func (l *loggingT) header(s severity.Severity, depth int) (*buffer.Buffer, strin
 			}
 		}
 	}
-	return l.formatHeader(s, file, line), file, line
+	return l.formatHeader(s, file, line, timeNow()), file, line
 }
 
 // formatHeader formats a log header using the provided file name and line number.
-func (l *loggingT) formatHeader(s severity.Severity, file string, line int) *buffer.Buffer {
+func (l *loggingT) formatHeader(s severity.Severity, file string, line int, now time.Time) *buffer.Buffer {
 	buf := buffer.GetBuffer()
 	if l.skipHeaders {
 		return buf
 	}
-	now := timeNow()
 	buf.FormatHeader(s, file, line, now)
 	return buf
 }
@@ -676,6 +690,10 @@ func (l *loggingT) println(s severity.Severity, logger *logWriter, filter LogFil
 }
 
 func (l *loggingT) printlnDepth(s severity.Severity, logger *logWriter, filter LogFilter, depth int, args ...interface{}) {
+	if false {
+		_ = fmt.Sprintln(args...) // cause vet to treat this function like fmt.Println
+	}
+
 	buf, file, line := l.header(s, depth)
 	// If a logger is set and doesn't support writing a formatted buffer,
 	// we clear the generated header as we rely on the backing
@@ -696,7 +714,15 @@ func (l *loggingT) print(s severity.Severity, logger *logWriter, filter LogFilte
 }
 
 func (l *loggingT) printDepth(s severity.Severity, logger *logWriter, filter LogFilter, depth int, args ...interface{}) {
+	if false {
+		_ = fmt.Sprint(args...) //  // cause vet to treat this function like fmt.Print
+	}
+
 	buf, file, line := l.header(s, depth)
+	l.printWithInfos(buf, file, line, s, logger, filter, depth+1, args...)
+}
+
+func (l *loggingT) printWithInfos(buf *buffer.Buffer, file string, line int, s severity.Severity, logger *logWriter, filter LogFilter, depth int, args ...interface{}) {
 	// If a logger is set and doesn't support writing a formatted buffer,
 	// we clear the generated header as we rely on the backing
 	// logger implementation to print headers.
@@ -719,6 +745,10 @@ func (l *loggingT) printf(s severity.Severity, logger *logWriter, filter LogFilt
 }
 
 func (l *loggingT) printfDepth(s severity.Severity, logger *logWriter, filter LogFilter, depth int, format string, args ...interface{}) {
+	if false {
+		_ = fmt.Sprintf(format, args...) // cause vet to treat this function like fmt.Printf
+	}
+
 	buf, file, line := l.header(s, depth)
 	// If a logger is set and doesn't support writing a formatted buffer,
 	// we clear the generated header as we rely on the backing
@@ -741,7 +771,7 @@ func (l *loggingT) printfDepth(s severity.Severity, logger *logWriter, filter Lo
 // alsoLogToStderr is true, the log message always appears on standard error; it
 // will also appear in the log file unless --logtostderr is set.
 func (l *loggingT) printWithFileLine(s severity.Severity, logger *logWriter, filter LogFilter, file string, line int, alsoToStderr bool, args ...interface{}) {
-	buf := l.formatHeader(s, file, line)
+	buf := l.formatHeader(s, file, line, timeNow())
 	// If a logger is set and doesn't support writing a formatted buffer,
 	// we clear the generated header as we rely on the backing
 	// logger implementation to print headers.
@@ -759,7 +789,7 @@ func (l *loggingT) printWithFileLine(s severity.Severity, logger *logWriter, fil
 	l.output(s, logger, buf, 2 /* depth */, file, line, alsoToStderr)
 }
 
-// if loggr is specified, will call loggr.Error, otherwise output with logging module.
+// if logger is specified, will call logger.Error, otherwise output with logging module.
 func (l *loggingT) errorS(err error, logger *logWriter, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) {
 	if filter != nil {
 		msg, keysAndValues = filter.FilterS(msg, keysAndValues)
@@ -771,7 +801,7 @@ func (l *loggingT) errorS(err error, logger *logWriter, filter LogFilter, depth
 	l.printS(err, severity.ErrorLog, depth+1, msg, keysAndValues...)
 }
 
-// if loggr is specified, will call loggr.Info, otherwise output with logging module.
+// if logger is specified, will call logger.Info, otherwise output with logging module.
 func (l *loggingT) infoS(logger *logWriter, filter LogFilter, depth int, msg string, keysAndValues ...interface{}) {
 	if filter != nil {
 		msg, keysAndValues = filter.FilterS(msg, keysAndValues)
@@ -783,7 +813,7 @@ func (l *loggingT) infoS(logger *logWriter, filter LogFilter, depth int, msg str
 	l.printS(nil, severity.InfoLog, depth+1, msg, keysAndValues...)
 }
 
-// printS is called from infoS and errorS if loggr is not specified.
+// printS is called from infoS and errorS if logger is not specified.
 // set log severity by s
 func (l *loggingT) printS(err error, s severity.Severity, depth int, msg string, keysAndValues ...interface{}) {
 	// Only create a new buffer if we don't have one cached.
@@ -796,7 +826,7 @@ func (l *loggingT) printS(err error, s severity.Severity, depth int, msg string,
 		serialize.KVListFormat(&b.Buffer, "err", err)
 	}
 	serialize.KVListFormat(&b.Buffer, keysAndValues...)
-	l.printDepth(s, logging.logger, nil, depth+1, &b.Buffer)
+	l.printDepth(s, nil, nil, depth+1, &b.Buffer)
 	// Make the buffer available for reuse.
 	buffer.PutBuffer(b)
 }
@@ -873,6 +903,9 @@ func (l *loggingT) output(s severity.Severity, logger *logWriter, buf *buffer.Bu
 		if logger.writeKlogBuffer != nil {
 			logger.writeKlogBuffer(data)
 		} else {
+			if len(data) > 0 && data[len(data)-1] == '\n' {
+				data = data[:len(data)-1]
+			}
 			// TODO: set 'severity' and caller information as structured log info
 			// keysAndValues := []interface{}{"severity", severityName[s], "file", file, "line", line}
 			if s == severity.ErrorLog {
@@ -897,7 +930,7 @@ func (l *loggingT) output(s severity.Severity, logger *logWriter, buf *buffer.Bu
 					l.exit(err)
 				}
 			}
-			l.file[severity.InfoLog].Write(data)
+			_, _ = l.file[severity.InfoLog].Write(data)
 		} else {
 			if l.file[s] == nil {
 				if err := l.createFiles(s); err != nil {
@@ -907,20 +940,20 @@ func (l *loggingT) output(s severity.Severity, logger *logWriter, buf *buffer.Bu
 			}
 
 			if l.oneOutput {
-				l.file[s].Write(data)
+				_, _ = l.file[s].Write(data)
 			} else {
 				switch s {
 				case severity.FatalLog:
-					l.file[severity.FatalLog].Write(data)
+					_, _ = l.file[severity.FatalLog].Write(data)
 					fallthrough
 				case severity.ErrorLog:
-					l.file[severity.ErrorLog].Write(data)
+					_, _ = l.file[severity.ErrorLog].Write(data)
 					fallthrough
 				case severity.WarningLog:
-					l.file[severity.WarningLog].Write(data)
+					_, _ = l.file[severity.WarningLog].Write(data)
 					fallthrough
 				case severity.InfoLog:
-					l.file[severity.InfoLog].Write(data)
+					_, _ = l.file[severity.InfoLog].Write(data)
 				}
 			}
 		}
@@ -946,7 +979,7 @@ func (l *loggingT) output(s severity.Severity, logger *logWriter, buf *buffer.Bu
 		logExitFunc = func(error) {} // If we get a write error, we'll still exit below.
 		for log := severity.FatalLog; log >= severity.InfoLog; log-- {
 			if f := l.file[log]; f != nil { // Can be nil if -logtostderr is set.
-				f.Write(trace)
+				_, _ = f.Write(trace)
 			}
 		}
 		l.mu.Unlock()
@@ -1102,7 +1135,7 @@ const flushInterval = 5 * time.Second
 // flushDaemon periodically flushes the log file buffers.
 type flushDaemon struct {
 	mu       sync.Mutex
-	clock    clock.WithTicker
+	clock    clock.Clock
 	flush    func()
 	stopC    chan struct{}
 	stopDone chan struct{}
@@ -1110,7 +1143,7 @@ type flushDaemon struct {
 
 // newFlushDaemon returns a new flushDaemon. If the passed clock is nil, a
 // clock.RealClock is used.
-func newFlushDaemon(flush func(), tickClock clock.WithTicker) *flushDaemon {
+func newFlushDaemon(flush func(), tickClock clock.Clock) *flushDaemon {
 	if tickClock == nil {
 		tickClock = clock.RealClock{}
 	}
@@ -1201,8 +1234,8 @@ func (l *loggingT) flushAll() {
 	for s := severity.FatalLog; s >= severity.InfoLog; s-- {
 		file := l.file[s]
 		if file != nil {
-			file.Flush() // ignore error
-			file.Sync()  // ignore error
+			_ = file.Flush() // ignore error
+			_ = file.Sync()  // ignore error
 		}
 	}
 	if logging.loggerOptions.flush != nil {
@@ -1281,9 +1314,7 @@ func (l *loggingT) setV(pc uintptr) Level {
 	fn := runtime.FuncForPC(pc)
 	file, _ := fn.FileLine(pc)
 	// The file is something like /a/b/c/d.go. We want just the d.
-	if strings.HasSuffix(file, ".go") {
-		file = file[:len(file)-3]
-	}
+	file = strings.TrimSuffix(file, ".go")
 	if slash := strings.LastIndex(file, "/"); slash >= 0 {
 		file = file[slash+1:]
 	}
diff --git a/vendor/k8s.io/klog/v2/klog_file.go b/vendor/k8s.io/klog/v2/klog_file.go
index 1025d644f..8bee16204 100644
--- a/vendor/k8s.io/klog/v2/klog_file.go
+++ b/vendor/k8s.io/klog/v2/klog_file.go
@@ -109,8 +109,8 @@ func create(tag string, t time.Time, startup bool) (f *os.File, filename string,
 		f, err := openOrCreate(fname, startup)
 		if err == nil {
 			symlink := filepath.Join(dir, link)
-			os.Remove(symlink)        // ignore err
-			os.Symlink(name, symlink) // ignore err
+			_ = os.Remove(symlink)        // ignore err
+			_ = os.Symlink(name, symlink) // ignore err
 			return f, fname, nil
 		}
 		lastErr = err
diff --git a/vendor/k8s.io/klog/v2/klogr.go b/vendor/k8s.io/klog/v2/klogr.go
index 15de00e21..efec96fd4 100644
--- a/vendor/k8s.io/klog/v2/klogr.go
+++ b/vendor/k8s.io/klog/v2/klogr.go
@@ -22,6 +22,11 @@ import (
 	"k8s.io/klog/v2/internal/serialize"
 )
 
+const (
+	// nameKey is used to log the `WithName` values as an additional attribute.
+	nameKey = "logger"
+)
+
 // NewKlogr returns a logger that is functionally identical to
 // klogr.NewWithOptions(klogr.FormatKlog), i.e. it passes through to klog. The
 // difference is that it uses a simpler implementation.
@@ -32,10 +37,15 @@ func NewKlogr() Logger {
 // klogger is a subset of klogr/klogr.go. It had to be copied to break an
 // import cycle (klogr wants to use klog, and klog wants to use klogr).
 type klogger struct {
-	level     int
 	callDepth int
-	prefix    string
-	values    []interface{}
+
+	// hasPrefix is true if the first entry in values is the special
+	// nameKey key/value. Such an entry gets added and later updated in
+	// WithName.
+	hasPrefix bool
+
+	values []interface{}
+	groups string
 }
 
 func (l *klogger) Init(info logr.RuntimeInfo) {
@@ -44,34 +54,40 @@ func (l *klogger) Init(info logr.RuntimeInfo) {
 
 func (l *klogger) Info(level int, msg string, kvList ...interface{}) {
 	merged := serialize.MergeKVs(l.values, kvList)
-	if l.prefix != "" {
-		msg = l.prefix + ": " + msg
-	}
 	// Skip this function.
 	VDepth(l.callDepth+1, Level(level)).InfoSDepth(l.callDepth+1, msg, merged...)
 }
 
 func (l *klogger) Enabled(level int) bool {
-	// Skip this function and logr.Logger.Info where Enabled is called.
-	return VDepth(l.callDepth+2, Level(level)).Enabled()
+	return VDepth(l.callDepth+1, Level(level)).Enabled()
 }
 
 func (l *klogger) Error(err error, msg string, kvList ...interface{}) {
 	merged := serialize.MergeKVs(l.values, kvList)
-	if l.prefix != "" {
-		msg = l.prefix + ": " + msg
-	}
 	ErrorSDepth(l.callDepth+1, err, msg, merged...)
 }
 
 // WithName returns a new logr.Logger with the specified name appended.  klogr
-// uses '/' characters to separate name elements.  Callers should not pass '/'
+// uses '.' characters to separate name elements.  Callers should not pass '.'
 // in the provided name string, but this library does not actually enforce that.
 func (l klogger) WithName(name string) logr.LogSink {
-	if len(l.prefix) > 0 {
-		l.prefix = l.prefix + "/"
+	if l.hasPrefix {
+		// Copy slice and modify value. No length checks and type
+		// assertions are needed because hasPrefix is only true if the
+		// first two elements exist and are key/value strings.
+		v := make([]interface{}, 0, len(l.values))
+		v = append(v, l.values...)
+		prefix, _ := v[1].(string)
+		v[1] = prefix + "." + name
+		l.values = v
+	} else {
+		// Preprend new key/value pair.
+		v := make([]interface{}, 0, 2+len(l.values))
+		v = append(v, nameKey, name)
+		v = append(v, l.values...)
+		l.values = v
+		l.hasPrefix = true
 	}
-	l.prefix += name
 	return &l
 }
 
diff --git a/vendor/k8s.io/klog/v2/klogr_slog.go b/vendor/k8s.io/klog/v2/klogr_slog.go
new file mode 100644
index 000000000..c77d7baaf
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/klogr_slog.go
@@ -0,0 +1,96 @@
+//go:build go1.21
+// +build go1.21
+
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package klog
+
+import (
+	"context"
+	"log/slog"
+	"strconv"
+	"time"
+
+	"github.com/go-logr/logr"
+
+	"k8s.io/klog/v2/internal/buffer"
+	"k8s.io/klog/v2/internal/serialize"
+	"k8s.io/klog/v2/internal/severity"
+	"k8s.io/klog/v2/internal/sloghandler"
+)
+
+func (l *klogger) Handle(ctx context.Context, record slog.Record) error {
+	if logging.logger != nil {
+		if slogSink, ok := logging.logger.GetSink().(logr.SlogSink); ok {
+			// Let that logger do the work.
+			return slogSink.Handle(ctx, record)
+		}
+	}
+
+	return sloghandler.Handle(ctx, record, l.groups, slogOutput)
+}
+
+// slogOutput corresponds to several different functions in klog.go.
+// It goes through some of the same checks and formatting steps before
+// it ultimately converges by calling logging.printWithInfos.
+func slogOutput(file string, line int, now time.Time, err error, s severity.Severity, msg string, kvList []interface{}) {
+	// See infoS.
+	if logging.logger != nil {
+		// Taking this path happens when klog has a logger installed
+		// as backend which doesn't support slog. Not good, we have to
+		// guess about the call depth and drop the actual location.
+		logger := logging.logger.WithCallDepth(2)
+		if s > severity.ErrorLog {
+			logger.Error(err, msg, kvList...)
+		} else {
+			logger.Info(msg, kvList...)
+		}
+		return
+	}
+
+	// See printS.
+	b := buffer.GetBuffer()
+	b.WriteString(strconv.Quote(msg))
+	if err != nil {
+		serialize.KVListFormat(&b.Buffer, "err", err)
+	}
+	serialize.KVListFormat(&b.Buffer, kvList...)
+
+	// See print + header.
+	buf := logging.formatHeader(s, file, line, now)
+	logging.printWithInfos(buf, file, line, s, nil, nil, 0, &b.Buffer)
+
+	buffer.PutBuffer(b)
+}
+
+func (l *klogger) WithAttrs(attrs []slog.Attr) logr.SlogSink {
+	clone := *l
+	clone.values = serialize.WithValues(l.values, sloghandler.Attrs2KVList(l.groups, attrs))
+	return &clone
+}
+
+func (l *klogger) WithGroup(name string) logr.SlogSink {
+	clone := *l
+	if clone.groups != "" {
+		clone.groups += "." + name
+	} else {
+		clone.groups = name
+	}
+	return &clone
+}
+
+var _ logr.SlogSink = &klogger{}
diff --git a/vendor/k8s.io/klog/v2/safeptr.go b/vendor/k8s.io/klog/v2/safeptr.go
new file mode 100644
index 000000000..bbe24c2e8
--- /dev/null
+++ b/vendor/k8s.io/klog/v2/safeptr.go
@@ -0,0 +1,34 @@
+//go:build go1.18
+// +build go1.18
+
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package klog
+
+// SafePtr is a function that takes a pointer of any type (T) as an argument.
+// If the provided pointer is not nil, it returns the same pointer. If it is nil, it returns nil instead.
+//
+// This function is particularly useful to prevent nil pointer dereferencing when:
+//
+//   - The type implements interfaces that are called by the logger, such as `fmt.Stringer`.
+//   - And these interface implementations do not perform nil checks themselves.
+func SafePtr[T any](p *T) any {
+	if p == nil {
+		return nil
+	}
+	return p
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 6bfd47232..cb8033fad 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -37,14 +37,14 @@ github.com/getsentry/sentry-go
 github.com/getsentry/sentry-go/internal/crypto/randutil
 github.com/getsentry/sentry-go/internal/debug
 github.com/getsentry/sentry-go/internal/ratelimit
-# github.com/go-logr/logr v1.2.4
-## explicit; go 1.16
+# github.com/go-logr/logr v1.4.1
+## explicit; go 1.18
 github.com/go-logr/logr
 # github.com/go-sql-driver/mysql v1.8.0
 ## explicit; go 1.18
 github.com/go-sql-driver/mysql
-# github.com/google/certificate-transparency-go v1.1.7
-## explicit; go 1.20
+# github.com/google/certificate-transparency-go v1.1.8
+## explicit; go 1.21
 github.com/google/certificate-transparency-go
 github.com/google/certificate-transparency-go/asn1
 github.com/google/certificate-transparency-go/client
@@ -149,7 +149,7 @@ golang.org/x/crypto/pkcs12/internal/rc2
 golang.org/x/crypto/scrypt
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
-# golang.org/x/net v0.21.0
+# golang.org/x/net v0.22.0
 ## explicit; go 1.18
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
@@ -164,7 +164,7 @@ golang.org/x/text/secure/bidirule
 golang.org/x/text/transform
 golang.org/x/text/unicode/bidi
 golang.org/x/text/unicode/norm
-# google.golang.org/protobuf v1.32.0
+# google.golang.org/protobuf v1.33.0
 ## explicit; go 1.17
 google.golang.org/protobuf/encoding/protodelim
 google.golang.org/protobuf/encoding/prototext
@@ -172,6 +172,7 @@ google.golang.org/protobuf/encoding/protowire
 google.golang.org/protobuf/internal/descfmt
 google.golang.org/protobuf/internal/descopts
 google.golang.org/protobuf/internal/detrand
+google.golang.org/protobuf/internal/editiondefaults
 google.golang.org/protobuf/internal/encoding/defval
 google.golang.org/protobuf/internal/encoding/messageset
 google.golang.org/protobuf/internal/encoding/tag
@@ -193,11 +194,12 @@ google.golang.org/protobuf/reflect/protoregistry
 google.golang.org/protobuf/runtime/protoiface
 google.golang.org/protobuf/runtime/protoimpl
 google.golang.org/protobuf/types/known/timestamppb
-# k8s.io/klog/v2 v2.100.1
-## explicit; go 1.13
+# k8s.io/klog/v2 v2.120.1
+## explicit; go 1.18
 k8s.io/klog/v2
 k8s.io/klog/v2/internal/buffer
 k8s.io/klog/v2/internal/clock
 k8s.io/klog/v2/internal/dbg
 k8s.io/klog/v2/internal/serialize
 k8s.io/klog/v2/internal/severity
+k8s.io/klog/v2/internal/sloghandler

From 2adc622098396c4b83672b5dd7651a38e6bd0ee7 Mon Sep 17 00:00:00 2001
From: hrushikeshdeshpande
 <161167942+hrushikeshdeshpande@users.noreply.github.com>
Date: Sun, 22 Sep 2024 13:00:00 -0400
Subject: [PATCH 66/73] Create semgrep.yml

Creating Semgrep.yml file - Semgrep is a tool that will be used to scan Cloudflare's public repos for Supply chain, code and secrets. This work is part of Application & Product Security team's initiative to onboard Semgrep onto all of Cloudflare's public repos.

In case of any questions, please reach out to "Hrushikesh Deshpande" on cf internal chat.
---
 .github/workflows/semgrep.yml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 .github/workflows/semgrep.yml

diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
new file mode 100644
index 000000000..b40314b36
--- /dev/null
+++ b/.github/workflows/semgrep.yml
@@ -0,0 +1,24 @@
+on:
+  pull_request: {}
+  workflow_dispatch: {}
+  push: 
+    branches:
+      - main
+      - master
+  schedule:
+    - cron: '0 0 * * *'
+name: Semgrep config
+jobs:
+  semgrep:
+    name: semgrep/ci
+    runs-on: ubuntu-latest
+    env:
+      SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
+      SEMGREP_URL: https://cloudflare.semgrep.dev
+      SEMGREP_APP_URL: https://cloudflare.semgrep.dev
+      SEMGREP_VERSION_CHECK_URL: https://cloudflare.semgrep.dev/api/check-version
+    container:
+      image: returntocorp/semgrep
+    steps:
+      - uses: actions/checkout@v4
+      - run: semgrep ci

From d3645c109d4bd68ac47d497fdfce90ab8d5eb44d Mon Sep 17 00:00:00 2001
From: Hrushikesh Deshpande
 <161167942+hrushikeshdeshpande@users.noreply.github.com>
Date: Wed, 25 Sep 2024 00:02:50 -0400
Subject: [PATCH 67/73] Update semgrep.yml

---
 .github/workflows/semgrep.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index b40314b36..4090692fe 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -18,7 +18,7 @@ jobs:
       SEMGREP_APP_URL: https://cloudflare.semgrep.dev
       SEMGREP_VERSION_CHECK_URL: https://cloudflare.semgrep.dev/api/check-version
     container:
-      image: returntocorp/semgrep
+      image: semgrep/semgrep
     steps:
       - uses: actions/checkout@v4
       - run: semgrep ci

From 1a73d78a1852001b7b9c21f3eceea0e721ea6a6c Mon Sep 17 00:00:00 2001
From: Andrew Mitchell 
Date: Fri, 7 Feb 2025 15:59:31 -0500
Subject: [PATCH 68/73] Upgrade certificate-transparency-go from v1.1.8 to
 v1.3.1

---
 go.mod                                        |   35 +-
 go.sum                                        |   79 +-
 vendor/github.com/cespare/xxhash/v2/README.md |    2 +
 vendor/github.com/cespare/xxhash/v2/xxhash.go |   29 +-
 .../cespare/xxhash/v2/xxhash_asm.go           |    2 +-
 .../cespare/xxhash/v2/xxhash_other.go         |    2 +-
 .../cespare/xxhash/v2/xxhash_safe.go          |    2 +-
 .../cespare/xxhash/v2/xxhash_unsafe.go        |    2 +-
 vendor/github.com/go-logr/logr/README.md      |    1 +
 .../go-sql-driver/mysql/CHANGELOG.md          |   42 +
 .../github.com/go-sql-driver/mysql/README.md  |    2 +-
 vendor/github.com/go-sql-driver/mysql/auth.go |    2 +-
 .../go-sql-driver/mysql/connection.go         |   34 +-
 .../go-sql-driver/mysql/connector.go          |    2 +-
 .../github.com/go-sql-driver/mysql/errors.go  |    4 +-
 .../github.com/go-sql-driver/mysql/fields.go  |    2 +-
 .../go-sql-driver/mysql/nulltime.go           |    2 +-
 .../github.com/go-sql-driver/mysql/packets.go |   25 +-
 .../go-sql-driver/mysql/statement.go          |    6 +-
 .../.golangci.yaml                            |   10 +-
 .../certificate-transparency-go/AUTHORS       |    3 +-
 .../certificate-transparency-go/CHANGELOG.md  |  317 +
 .../certificate-transparency-go/CONTRIBUTORS  |    3 +-
 .../certificate-transparency-go/README.md     |    2 +-
 .../client/configpb/multilog.pb.go            |    2 +-
 .../cloudbuild.yaml                           |    7 +
 .../cloudbuild_master.yaml                    |    7 +
 .../cloudbuild_postgresql.yaml                |  161 +
 .../jsonclient/client.go                      |   12 +-
 .../certificate-transparency-go/types.go      |   15 +
 .../klauspost/compress/.gitattributes         |    2 +
 .../github.com/klauspost/compress/.gitignore  |   32 +
 .../klauspost/compress/.goreleaser.yml        |  123 +
 vendor/github.com/klauspost/compress/LICENSE  |  304 +
 .../github.com/klauspost/compress/README.md   |  721 ++
 .../github.com/klauspost/compress/SECURITY.md |   25 +
 .../klauspost/compress/compressible.go        |   85 +
 .../klauspost/compress/fse/README.md          |   79 +
 .../klauspost/compress/fse/bitreader.go       |  122 +
 .../klauspost/compress/fse/bitwriter.go       |  167 +
 .../klauspost/compress/fse/bytereader.go      |   47 +
 .../klauspost/compress/fse/compress.go        |  683 ++
 .../klauspost/compress/fse/decompress.go      |  376 +
 .../github.com/klauspost/compress/fse/fse.go  |  144 +
 vendor/github.com/klauspost/compress/gen.sh   |    4 +
 .../klauspost/compress/huff0/.gitignore       |    1 +
 .../klauspost/compress/huff0/README.md        |   89 +
 .../klauspost/compress/huff0/bitreader.go     |  229 +
 .../klauspost/compress/huff0/bitwriter.go     |  102 +
 .../klauspost/compress/huff0/compress.go      |  742 ++
 .../klauspost/compress/huff0/decompress.go    | 1167 +++
 .../compress/huff0/decompress_amd64.go        |  226 +
 .../compress/huff0/decompress_amd64.s         |  830 ++
 .../compress/huff0/decompress_generic.go      |  299 +
 .../klauspost/compress/huff0/huff0.go         |  337 +
 .../compress/internal/cpuinfo/cpuinfo.go      |   34 +
 .../internal/cpuinfo/cpuinfo_amd64.go         |   11 +
 .../compress/internal/cpuinfo/cpuinfo_amd64.s |   36 +
 .../compress/internal/snapref/LICENSE         |   27 +
 .../compress/internal/snapref/decode.go       |  264 +
 .../compress/internal/snapref/decode_other.go |  113 +
 .../compress/internal/snapref/encode.go       |  289 +
 .../compress/internal/snapref/encode_other.go |  250 +
 .../compress/internal/snapref/snappy.go       |   98 +
 vendor/github.com/klauspost/compress/s2sx.mod |    4 +
 vendor/github.com/klauspost/compress/s2sx.sum |    0
 .../klauspost/compress/zstd/README.md         |  441 +
 .../klauspost/compress/zstd/bitreader.go      |  136 +
 .../klauspost/compress/zstd/bitwriter.go      |  112 +
 .../klauspost/compress/zstd/blockdec.go       |  731 ++
 .../klauspost/compress/zstd/blockenc.go       |  909 ++
 .../compress/zstd/blocktype_string.go         |   85 +
 .../klauspost/compress/zstd/bytebuf.go        |  131 +
 .../klauspost/compress/zstd/bytereader.go     |   82 +
 .../klauspost/compress/zstd/decodeheader.go   |  261 +
 .../klauspost/compress/zstd/decoder.go        |  948 ++
 .../compress/zstd/decoder_options.go          |  169 +
 .../klauspost/compress/zstd/dict.go           |  565 +
 .../klauspost/compress/zstd/enc_base.go       |  173 +
 .../klauspost/compress/zstd/enc_best.go       |  560 +
 .../klauspost/compress/zstd/enc_better.go     | 1252 +++
 .../klauspost/compress/zstd/enc_dfast.go      | 1123 ++
 .../klauspost/compress/zstd/enc_fast.go       |  891 ++
 .../klauspost/compress/zstd/encoder.go        |  642 ++
 .../compress/zstd/encoder_options.go          |  339 +
 .../klauspost/compress/zstd/framedec.go       |  415 +
 .../klauspost/compress/zstd/frameenc.go       |  137 +
 .../klauspost/compress/zstd/fse_decoder.go    |  307 +
 .../compress/zstd/fse_decoder_amd64.go        |   65 +
 .../compress/zstd/fse_decoder_amd64.s         |  126 +
 .../compress/zstd/fse_decoder_generic.go      |   73 +
 .../klauspost/compress/zstd/fse_encoder.go    |  701 ++
 .../klauspost/compress/zstd/fse_predefined.go |  158 +
 .../klauspost/compress/zstd/hash.go           |   35 +
 .../klauspost/compress/zstd/history.go        |  116 +
 .../compress/zstd/internal/xxhash/LICENSE.txt |   22 +
 .../compress/zstd/internal/xxhash/README.md   |   71 +
 .../compress/zstd/internal/xxhash/xxhash.go   |  230 +
 .../zstd/internal/xxhash/xxhash_amd64.s       |  210 +
 .../zstd/internal/xxhash/xxhash_arm64.s       |  184 +
 .../zstd/internal/xxhash/xxhash_asm.go        |   16 +
 .../zstd/internal/xxhash/xxhash_other.go      |   76 +
 .../zstd/internal/xxhash/xxhash_safe.go       |   11 +
 .../klauspost/compress/zstd/matchlen_amd64.go |   16 +
 .../klauspost/compress/zstd/matchlen_amd64.s  |   66 +
 .../compress/zstd/matchlen_generic.go         |   33 +
 .../klauspost/compress/zstd/seqdec.go         |  503 +
 .../klauspost/compress/zstd/seqdec_amd64.go   |  394 +
 .../klauspost/compress/zstd/seqdec_amd64.s    | 4151 ++++++++
 .../klauspost/compress/zstd/seqdec_generic.go |  237 +
 .../klauspost/compress/zstd/seqenc.go         |  114 +
 .../klauspost/compress/zstd/snappy.go         |  434 +
 .../github.com/klauspost/compress/zstd/zip.go |  141 +
 .../klauspost/compress/zstd/zstd.go           |  125 +
 .../mattn/go-sqlite3/sqlite3-binding.c        | 9075 ++++++++++-------
 .../mattn/go-sqlite3/sqlite3-binding.h        |  116 +-
 vendor/github.com/mattn/go-sqlite3/sqlite3.go |    2 +-
 .../mattn/go-sqlite3/sqlite3_libsqlite3.go    |    1 +
 .../mattn/go-sqlite3/sqlite3_opt_userauth.go  |    2 +-
 vendor/github.com/munnerz/goautoneg/LICENSE   |   31 +
 vendor/github.com/munnerz/goautoneg/Makefile  |   13 +
 .../ww => munnerz}/goautoneg/README.txt       |    0
 .../ww => munnerz}/goautoneg/autoneg.go       |  127 +-
 .../prometheus/client_golang/NOTICE           |    5 -
 .../internal/github.com/golang/gddo/LICENSE   |   27 +
 .../golang/gddo/httputil/header/header.go     |  145 +
 .../golang/gddo/httputil/negotiate.go         |   36 +
 .../client_golang/prometheus/go_collector.go  |   55 +-
 .../prometheus/go_collector_latest.go         |   19 +-
 .../client_golang/prometheus/histogram.go     |  268 +-
 .../internal/go_collector_options.go          |    2 +
 .../client_golang/prometheus/metric.go        |    2 +-
 .../prometheus/process_collector.go           |   29 +-
 .../prometheus/process_collector_other.go     |   14 +
 .../prometheus/promhttp/delegator.go          |    6 +
 .../client_golang/prometheus/promhttp/http.go |  113 +-
 .../client_golang/prometheus/registry.go      |   17 +-
 .../client_golang/prometheus/summary.go       |   42 +
 .../client_golang/prometheus/vec.go           |    2 +-
 .../prometheus/client_model/go/metrics.pb.go  |  195 +-
 .../prometheus/common/expfmt/decode.go        |    6 +-
 .../prometheus/common/expfmt/encode.go        |   13 +-
 .../prometheus/common/expfmt/expfmt.go        |   22 +-
 .../common/expfmt/openmetrics_create.go       |  202 +-
 .../prometheus/common/model/alert.go          |   27 +-
 .../prometheus/common/model/labelset.go       |   11 -
 .../common/model/labelset_string.go           |   45 +
 .../common/model/labelset_string_go120.go     |   39 +
 .../prometheus/common/model/metric.go         |    1 +
 .../prometheus/procfs/.golangci.yml           |    7 +
 .../prometheus/procfs/MAINTAINERS.md          |    3 +-
 .../prometheus/procfs/Makefile.common         |   26 +-
 vendor/github.com/prometheus/procfs/arp.go    |    6 +-
 .../github.com/prometheus/procfs/buddyinfo.go |    6 +-
 .../github.com/prometheus/procfs/cpuinfo.go   |    4 +-
 vendor/github.com/prometheus/procfs/crypto.go |    6 +-
 .../github.com/prometheus/procfs/fscache.go   |    4 +-
 vendor/github.com/prometheus/procfs/ipvs.go   |    6 +-
 .../github.com/prometheus/procfs/loadavg.go   |    2 +-
 vendor/github.com/prometheus/procfs/mdstat.go |   60 +-
 .../github.com/prometheus/procfs/meminfo.go   |  220 +-
 .../github.com/prometheus/procfs/mountinfo.go |    2 +-
 .../prometheus/procfs/mountstats.go           |   11 +-
 .../prometheus/procfs/net_conntrackstat.go    |    4 +-
 .../prometheus/procfs/net_ip_socket.go        |   46 +-
 .../prometheus/procfs/net_sockstat.go         |    4 +-
 .../prometheus/procfs/net_softnet.go          |    2 +-
 .../prometheus/procfs/net_tls_stat.go         |  119 +
 .../github.com/prometheus/procfs/net_unix.go  |   14 +-
 .../prometheus/procfs/net_wireless.go         |   22 +-
 vendor/github.com/prometheus/procfs/proc.go   |    8 +-
 .../prometheus/procfs/proc_limits.go          |    2 +-
 .../github.com/prometheus/procfs/proc_ns.go   |    4 +-
 .../github.com/prometheus/procfs/proc_psi.go  |    2 +-
 .../prometheus/procfs/proc_smaps.go           |    2 +-
 .../github.com/prometheus/procfs/proc_stat.go |    7 +
 .../prometheus/procfs/proc_status.go          |   29 +-
 .../github.com/prometheus/procfs/proc_sys.go  |    2 +-
 .../github.com/prometheus/procfs/softirqs.go  |   22 +-
 vendor/github.com/prometheus/procfs/stat.go   |   22 +-
 vendor/github.com/prometheus/procfs/swaps.go  |    6 +-
 vendor/github.com/prometheus/procfs/thread.go |    2 +-
 .../github.com/prometheus/procfs/zoneinfo.go  |    4 +-
 vendor/golang.org/x/crypto/LICENSE            |    4 +-
 vendor/golang.org/x/crypto/blowfish/cipher.go |    2 +-
 .../x/crypto/chacha20/chacha_noasm.go         |    2 +-
 .../{chacha_ppc64le.go => chacha_ppc64x.go}   |    2 +-
 .../{chacha_ppc64le.s => chacha_ppc64x.s}     |  216 +-
 .../x/crypto/cryptobyte/asn1/asn1.go          |    2 +-
 .../golang.org/x/crypto/cryptobyte/string.go  |    2 +-
 .../x/crypto/curve25519/curve25519.go         |   39 +-
 .../x/crypto/curve25519/curve25519_compat.go  |  105 -
 .../x/crypto/curve25519/curve25519_go120.go   |   46 -
 .../x/crypto/curve25519/internal/field/README |    7 -
 .../x/crypto/curve25519/internal/field/fe.go  |  416 -
 .../curve25519/internal/field/fe_amd64.go     |   15 -
 .../curve25519/internal/field/fe_amd64.s      |  378 -
 .../internal/field/fe_amd64_noasm.go          |   11 -
 .../curve25519/internal/field/fe_arm64.go     |   15 -
 .../curve25519/internal/field/fe_arm64.s      |   42 -
 .../internal/field/fe_arm64_noasm.go          |   11 -
 .../curve25519/internal/field/fe_generic.go   |  264 -
 .../curve25519/internal/field/sync.checkpoint |    1 -
 .../crypto/curve25519/internal/field/sync.sh  |   19 -
 vendor/golang.org/x/crypto/ed25519/ed25519.go |    4 +-
 .../x/crypto/internal/poly1305/mac_noasm.go   |    2 +-
 .../x/crypto/internal/poly1305/sum_amd64.s    |  133 +-
 .../{sum_ppc64le.go => sum_ppc64x.go}         |    2 +-
 .../poly1305/{sum_ppc64le.s => sum_ppc64x.s}  |   30 +-
 vendor/golang.org/x/crypto/ocsp/ocsp.go       |    2 +-
 vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go   |    2 +-
 vendor/golang.org/x/crypto/pkcs12/crypto.go   |    2 +-
 vendor/golang.org/x/crypto/scrypt/scrypt.go   |    2 +-
 vendor/golang.org/x/crypto/ssh/client_auth.go |   23 +-
 vendor/golang.org/x/crypto/ssh/doc.go         |    2 +-
 vendor/golang.org/x/crypto/ssh/keys.go        |   52 +-
 vendor/golang.org/x/crypto/ssh/server.go      |  219 +-
 vendor/golang.org/x/net/LICENSE               |    4 +-
 vendor/golang.org/x/sys/LICENSE               |    4 +-
 .../golang.org/x/sys/cpu/asm_darwin_x86_gc.s  |   17 +
 vendor/golang.org/x/sys/cpu/cpu.go            |   22 +
 vendor/golang.org/x/sys/cpu/cpu_arm64.go      |   22 +
 vendor/golang.org/x/sys/cpu/cpu_arm64.s       |    8 +
 vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go |   61 +
 vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go   |    1 +
 vendor/golang.org/x/sys/cpu/cpu_gc_x86.go     |    4 +-
 .../x/sys/cpu/{cpu_x86.s => cpu_gc_x86.s}     |    2 +-
 vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go  |    6 -
 .../golang.org/x/sys/cpu/cpu_linux_arm64.go   |    9 +
 .../golang.org/x/sys/cpu/cpu_linux_noinit.go  |    2 +-
 .../golang.org/x/sys/cpu/cpu_linux_riscv64.go |  137 +
 vendor/golang.org/x/sys/cpu/cpu_other_x86.go  |   11 +
 vendor/golang.org/x/sys/cpu/cpu_riscv64.go    |   11 +-
 vendor/golang.org/x/sys/cpu/cpu_x86.go        |    6 +-
 .../x/sys/cpu/syscall_darwin_x86_gc.go        |   98 +
 vendor/golang.org/x/sys/unix/README.md        |    2 +-
 vendor/golang.org/x/sys/unix/asm_zos_s390x.s  |  665 +-
 vendor/golang.org/x/sys/unix/bpxsvc_zos.go    |  657 ++
 vendor/golang.org/x/sys/unix/bpxsvc_zos.s     |  192 +
 vendor/golang.org/x/sys/unix/epoll_zos.go     |  220 -
 vendor/golang.org/x/sys/unix/fstatfs_zos.go   |  163 -
 vendor/golang.org/x/sys/unix/ioctl_linux.go   |   96 +
 vendor/golang.org/x/sys/unix/mkerrors.sh      |   20 +-
 vendor/golang.org/x/sys/unix/mmap_nomremap.go |    2 +-
 vendor/golang.org/x/sys/unix/mremap.go        |    5 +
 vendor/golang.org/x/sys/unix/pagesize_unix.go |    2 +-
 .../x/sys/unix/readdirent_getdirentries.go    |    2 +-
 vendor/golang.org/x/sys/unix/sockcmsg_zos.go  |   58 +
 .../golang.org/x/sys/unix/symaddr_zos_s390x.s |   75 +
 vendor/golang.org/x/sys/unix/syscall_aix.go   |    2 +-
 .../golang.org/x/sys/unix/syscall_darwin.go   |   61 +
 .../x/sys/unix/syscall_dragonfly.go           |   12 +
 vendor/golang.org/x/sys/unix/syscall_hurd.go  |    1 +
 vendor/golang.org/x/sys/unix/syscall_linux.go |   65 +-
 .../x/sys/unix/syscall_linux_arm64.go         |    2 +
 .../x/sys/unix/syscall_linux_loong64.go       |    2 +
 .../x/sys/unix/syscall_linux_riscv64.go       |    2 +
 .../golang.org/x/sys/unix/syscall_openbsd.go  |    1 +
 vendor/golang.org/x/sys/unix/syscall_unix.go  |    9 +
 .../x/sys/unix/syscall_zos_s390x.go           | 1587 ++-
 vendor/golang.org/x/sys/unix/sysvshm_unix.go  |    2 +-
 .../x/sys/unix/sysvshm_unix_other.go          |    2 +-
 .../golang.org/x/sys/unix/vgetrandom_linux.go |   13 +
 .../x/sys/unix/vgetrandom_unsupported.go      |   11 +
 .../x/sys/unix/zerrors_darwin_amd64.go        |   12 +
 .../x/sys/unix/zerrors_darwin_arm64.go        |   12 +
 vendor/golang.org/x/sys/unix/zerrors_linux.go |  109 +-
 .../x/sys/unix/zerrors_linux_386.go           |   28 +
 .../x/sys/unix/zerrors_linux_amd64.go         |   28 +
 .../x/sys/unix/zerrors_linux_arm.go           |   27 +
 .../x/sys/unix/zerrors_linux_arm64.go         |   29 +
 .../x/sys/unix/zerrors_linux_loong64.go       |   27 +
 .../x/sys/unix/zerrors_linux_mips.go          |   27 +
 .../x/sys/unix/zerrors_linux_mips64.go        |   27 +
 .../x/sys/unix/zerrors_linux_mips64le.go      |   27 +
 .../x/sys/unix/zerrors_linux_mipsle.go        |   27 +
 .../x/sys/unix/zerrors_linux_ppc.go           |   27 +
 .../x/sys/unix/zerrors_linux_ppc64.go         |   27 +
 .../x/sys/unix/zerrors_linux_ppc64le.go       |   27 +
 .../x/sys/unix/zerrors_linux_riscv64.go       |   27 +
 .../x/sys/unix/zerrors_linux_s390x.go         |   27 +
 .../x/sys/unix/zerrors_linux_sparc64.go       |   27 +
 .../x/sys/unix/zerrors_zos_s390x.go           |  235 +-
 .../x/sys/unix/zsymaddr_zos_s390x.s           |  364 +
 .../x/sys/unix/zsyscall_darwin_amd64.go       |  101 +
 .../x/sys/unix/zsyscall_darwin_amd64.s        |   25 +
 .../x/sys/unix/zsyscall_darwin_arm64.go       |  101 +
 .../x/sys/unix/zsyscall_darwin_arm64.s        |   25 +
 .../golang.org/x/sys/unix/zsyscall_linux.go   |   43 +-
 .../x/sys/unix/zsyscall_openbsd_386.go        |   24 +
 .../x/sys/unix/zsyscall_openbsd_386.s         |    5 +
 .../x/sys/unix/zsyscall_openbsd_amd64.go      |   24 +
 .../x/sys/unix/zsyscall_openbsd_amd64.s       |    5 +
 .../x/sys/unix/zsyscall_openbsd_arm.go        |   24 +
 .../x/sys/unix/zsyscall_openbsd_arm.s         |    5 +
 .../x/sys/unix/zsyscall_openbsd_arm64.go      |   24 +
 .../x/sys/unix/zsyscall_openbsd_arm64.s       |    5 +
 .../x/sys/unix/zsyscall_openbsd_mips64.go     |   24 +
 .../x/sys/unix/zsyscall_openbsd_mips64.s      |    5 +
 .../x/sys/unix/zsyscall_openbsd_ppc64.go      |   24 +
 .../x/sys/unix/zsyscall_openbsd_ppc64.s       |    6 +
 .../x/sys/unix/zsyscall_openbsd_riscv64.go    |   24 +
 .../x/sys/unix/zsyscall_openbsd_riscv64.s     |    5 +
 .../x/sys/unix/zsyscall_zos_s390x.go          | 3113 +++++-
 .../x/sys/unix/zsysnum_linux_386.go           |    6 +
 .../x/sys/unix/zsysnum_linux_amd64.go         |    7 +
 .../x/sys/unix/zsysnum_linux_arm.go           |    6 +
 .../x/sys/unix/zsysnum_linux_arm64.go         |    8 +-
 .../x/sys/unix/zsysnum_linux_loong64.go       |    8 +
 .../x/sys/unix/zsysnum_linux_mips.go          |    6 +
 .../x/sys/unix/zsysnum_linux_mips64.go        |    6 +
 .../x/sys/unix/zsysnum_linux_mips64le.go      |    6 +
 .../x/sys/unix/zsysnum_linux_mipsle.go        |    6 +
 .../x/sys/unix/zsysnum_linux_ppc.go           |    6 +
 .../x/sys/unix/zsysnum_linux_ppc64.go         |    6 +
 .../x/sys/unix/zsysnum_linux_ppc64le.go       |    6 +
 .../x/sys/unix/zsysnum_linux_riscv64.go       |    8 +-
 .../x/sys/unix/zsysnum_linux_s390x.go         |    6 +
 .../x/sys/unix/zsysnum_linux_sparc64.go       |    6 +
 .../x/sys/unix/zsysnum_zos_s390x.go           | 5507 +++++-----
 .../x/sys/unix/ztypes_darwin_amd64.go         |   73 +
 .../x/sys/unix/ztypes_darwin_arm64.go         |   73 +
 .../x/sys/unix/ztypes_freebsd_386.go          |    1 +
 .../x/sys/unix/ztypes_freebsd_amd64.go        |    1 +
 .../x/sys/unix/ztypes_freebsd_arm.go          |    1 +
 .../x/sys/unix/ztypes_freebsd_arm64.go        |    1 +
 .../x/sys/unix/ztypes_freebsd_riscv64.go      |    1 +
 vendor/golang.org/x/sys/unix/ztypes_linux.go  |  283 +-
 .../golang.org/x/sys/unix/ztypes_linux_386.go |    8 -
 .../x/sys/unix/ztypes_linux_amd64.go          |    9 -
 .../golang.org/x/sys/unix/ztypes_linux_arm.go |    9 -
 .../x/sys/unix/ztypes_linux_arm64.go          |    9 -
 .../x/sys/unix/ztypes_linux_loong64.go        |    9 -
 .../x/sys/unix/ztypes_linux_mips.go           |    9 -
 .../x/sys/unix/ztypes_linux_mips64.go         |    9 -
 .../x/sys/unix/ztypes_linux_mips64le.go       |    9 -
 .../x/sys/unix/ztypes_linux_mipsle.go         |    9 -
 .../golang.org/x/sys/unix/ztypes_linux_ppc.go |    9 -
 .../x/sys/unix/ztypes_linux_ppc64.go          |    9 -
 .../x/sys/unix/ztypes_linux_ppc64le.go        |    9 -
 .../x/sys/unix/ztypes_linux_riscv64.go        |   42 +-
 .../x/sys/unix/ztypes_linux_s390x.go          |    9 -
 .../x/sys/unix/ztypes_linux_sparc64.go        |    9 -
 .../golang.org/x/sys/unix/ztypes_zos_s390x.go |  152 +-
 vendor/golang.org/x/sys/windows/aliases.go    |    2 +-
 .../golang.org/x/sys/windows/dll_windows.go   |   13 +-
 vendor/golang.org/x/sys/windows/empty.s       |    8 -
 .../x/sys/windows/security_windows.go         |   25 +-
 .../x/sys/windows/syscall_windows.go          |  134 +-
 .../golang.org/x/sys/windows/types_windows.go |  223 +-
 .../x/sys/windows/zsyscall_windows.go         |  286 +-
 vendor/golang.org/x/text/LICENSE              |    4 +-
 .../protobuf/encoding/prototext/decode.go     |    4 +-
 .../protobuf/encoding/prototext/encode.go     |   20 +-
 .../protobuf/internal/descfmt/stringer.go     |    1 +
 .../protobuf/internal/descopts/options.go     |   20 +-
 .../editiondefaults/editions_defaults.binpb   |  Bin 63 -> 138 bytes
 .../protobuf/internal/encoding/tag/tag.go     |    4 +-
 .../protobuf/internal/encoding/text/decode.go |    2 +-
 .../protobuf/internal/errors/errors.go        |   21 +-
 .../protobuf/internal/errors/is_go112.go      |   40 -
 .../protobuf/internal/errors/is_go113.go      |   13 -
 .../protobuf/internal/filedesc/desc.go        |  110 +-
 .../protobuf/internal/filedesc/desc_init.go   |   45 +-
 .../protobuf/internal/filedesc/desc_lazy.go   |   51 +-
 .../internal/filedesc/desc_list_gen.go        |   11 +
 .../protobuf/internal/filedesc/editions.go    |   32 +-
 .../protobuf/internal/filedesc/placeholder.go |    1 +
 .../protobuf/internal/filetype/build.go       |    4 +-
 .../protobuf/internal/genid/descriptor_gen.go |   49 +-
 .../protobuf/internal/genid/doc.go            |    2 +-
 .../internal/genid/go_features_gen.go         |   51 +-
 .../protobuf/internal/genid/map_entry.go      |    2 +-
 .../protobuf/internal/genid/name.go           |   12 +
 .../protobuf/internal/genid/wrappers.go       |    2 +-
 .../protobuf/internal/impl/api_export.go      |    6 +-
 .../internal/impl/api_export_opaque.go        |  128 +
 .../protobuf/internal/impl/bitmap.go          |   34 +
 .../protobuf/internal/impl/bitmap_race.go     |  126 +
 .../protobuf/internal/impl/checkinit.go       |   35 +-
 .../protobuf/internal/impl/codec_extension.go |   33 +-
 .../protobuf/internal/impl/codec_field.go     |   67 +-
 .../internal/impl/codec_field_opaque.go       |  264 +
 .../protobuf/internal/impl/codec_map.go       |   15 +-
 .../protobuf/internal/impl/codec_message.go   |   16 +
 .../internal/impl/codec_message_opaque.go     |  156 +
 .../internal/impl/codec_messageset.go         |   22 +
 .../protobuf/internal/impl/codec_reflect.go   |  210 -
 .../protobuf/internal/impl/codec_unsafe.go    |    3 -
 .../protobuf/internal/impl/convert.go         |    4 +-
 .../protobuf/internal/impl/convert_list.go    |    2 +-
 .../protobuf/internal/impl/convert_map.go     |    2 +-
 .../protobuf/internal/impl/decode.go          |   56 +-
 .../protobuf/internal/impl/encode.go          |  128 +-
 .../protobuf/internal/impl/equal.go           |  224 +
 .../protobuf/internal/impl/extension.go       |    8 +-
 .../protobuf/internal/impl/lazy.go            |  433 +
 .../protobuf/internal/impl/legacy_enum.go     |    3 +-
 .../internal/impl/legacy_extension.go         |    3 +-
 .../protobuf/internal/impl/legacy_file.go     |    4 +-
 .../protobuf/internal/impl/legacy_message.go  |   14 +-
 .../protobuf/internal/impl/merge.go           |   27 +
 .../protobuf/internal/impl/message.go         |   24 +-
 .../protobuf/internal/impl/message_opaque.go  |  632 ++
 .../internal/impl/message_opaque_gen.go       |  132 +
 .../protobuf/internal/impl/message_reflect.go |   50 +-
 .../internal/impl/message_reflect_field.go    |   32 +-
 .../impl/message_reflect_field_gen.go         |  273 +
 .../internal/impl/message_reflect_gen.go      |  146 +-
 .../protobuf/internal/impl/pointer_reflect.go |  215 -
 .../protobuf/internal/impl/pointer_unsafe.go  |   16 +-
 .../internal/impl/pointer_unsafe_opaque.go    |   42 +
 .../protobuf/internal/impl/presence.go        |  142 +
 .../protobuf/internal/impl/validate.go        |   16 +
 .../protobuf/internal/order/range.go          |    4 +-
 .../internal/protolazy/bufferreader.go        |  364 +
 .../protobuf/internal/protolazy/lazy.go       |  359 +
 .../internal/protolazy/pointer_unsafe.go      |   17 +
 .../protobuf/internal/strs/strings_pure.go    |   28 -
 .../internal/strs/strings_unsafe_go120.go     |    3 +-
 .../internal/strs/strings_unsafe_go121.go     |    3 +-
 .../protobuf/internal/version/version.go      |    4 +-
 .../protobuf/proto/decode.go                  |   18 +
 .../protobuf/proto/encode.go                  |   47 +-
 .../google.golang.org/protobuf/proto/equal.go |    9 +
 .../protobuf/proto/extension.go               |   88 +-
 .../protobuf/proto/messageset.go              |    7 +-
 .../google.golang.org/protobuf/proto/size.go  |   10 +
 .../protobuf/proto/wrapperopaque.go           |   80 +
 .../protobuf/reflect/protoreflect/methods.go  |   10 +
 .../protobuf/reflect/protoreflect/proto.go    |    2 +-
 .../reflect/protoreflect/source_gen.go        |   21 +
 .../protobuf/reflect/protoreflect/type.go     |   12 +-
 .../protobuf/reflect/protoreflect/value.go    |    2 +-
 .../reflect/protoreflect/value_pure.go        |   60 -
 .../reflect/protoreflect/value_union.go       |   14 +-
 .../protoreflect/value_unsafe_go120.go        |    9 +-
 .../protoreflect/value_unsafe_go121.go        |   11 +-
 .../reflect/protoregistry/registry.go         |   14 +-
 .../protobuf/runtime/protoiface/methods.go    |   34 +
 .../protobuf/runtime/protoimpl/impl.go        |    4 +
 .../types/known/timestamppb/timestamp.pb.go   |   35 +-
 vendor/k8s.io/klog/v2/klog.go                 |   76 +-
 vendor/modules.txt                            |   57 +-
 444 files changed, 51758 insertions(+), 11108 deletions(-)
 create mode 100644 vendor/github.com/google/certificate-transparency-go/cloudbuild_postgresql.yaml
 create mode 100644 vendor/github.com/klauspost/compress/.gitattributes
 create mode 100644 vendor/github.com/klauspost/compress/.gitignore
 create mode 100644 vendor/github.com/klauspost/compress/.goreleaser.yml
 create mode 100644 vendor/github.com/klauspost/compress/LICENSE
 create mode 100644 vendor/github.com/klauspost/compress/README.md
 create mode 100644 vendor/github.com/klauspost/compress/SECURITY.md
 create mode 100644 vendor/github.com/klauspost/compress/compressible.go
 create mode 100644 vendor/github.com/klauspost/compress/fse/README.md
 create mode 100644 vendor/github.com/klauspost/compress/fse/bitreader.go
 create mode 100644 vendor/github.com/klauspost/compress/fse/bitwriter.go
 create mode 100644 vendor/github.com/klauspost/compress/fse/bytereader.go
 create mode 100644 vendor/github.com/klauspost/compress/fse/compress.go
 create mode 100644 vendor/github.com/klauspost/compress/fse/decompress.go
 create mode 100644 vendor/github.com/klauspost/compress/fse/fse.go
 create mode 100644 vendor/github.com/klauspost/compress/gen.sh
 create mode 100644 vendor/github.com/klauspost/compress/huff0/.gitignore
 create mode 100644 vendor/github.com/klauspost/compress/huff0/README.md
 create mode 100644 vendor/github.com/klauspost/compress/huff0/bitreader.go
 create mode 100644 vendor/github.com/klauspost/compress/huff0/bitwriter.go
 create mode 100644 vendor/github.com/klauspost/compress/huff0/compress.go
 create mode 100644 vendor/github.com/klauspost/compress/huff0/decompress.go
 create mode 100644 vendor/github.com/klauspost/compress/huff0/decompress_amd64.go
 create mode 100644 vendor/github.com/klauspost/compress/huff0/decompress_amd64.s
 create mode 100644 vendor/github.com/klauspost/compress/huff0/decompress_generic.go
 create mode 100644 vendor/github.com/klauspost/compress/huff0/huff0.go
 create mode 100644 vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo.go
 create mode 100644 vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.go
 create mode 100644 vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.s
 create mode 100644 vendor/github.com/klauspost/compress/internal/snapref/LICENSE
 create mode 100644 vendor/github.com/klauspost/compress/internal/snapref/decode.go
 create mode 100644 vendor/github.com/klauspost/compress/internal/snapref/decode_other.go
 create mode 100644 vendor/github.com/klauspost/compress/internal/snapref/encode.go
 create mode 100644 vendor/github.com/klauspost/compress/internal/snapref/encode_other.go
 create mode 100644 vendor/github.com/klauspost/compress/internal/snapref/snappy.go
 create mode 100644 vendor/github.com/klauspost/compress/s2sx.mod
 create mode 100644 vendor/github.com/klauspost/compress/s2sx.sum
 create mode 100644 vendor/github.com/klauspost/compress/zstd/README.md
 create mode 100644 vendor/github.com/klauspost/compress/zstd/bitreader.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/bitwriter.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/blockdec.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/blockenc.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/blocktype_string.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/bytebuf.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/bytereader.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/decodeheader.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/decoder.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/decoder_options.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/dict.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/enc_base.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/enc_best.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/enc_better.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/enc_dfast.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/enc_fast.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/encoder.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/encoder_options.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/framedec.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/frameenc.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/fse_decoder.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.s
 create mode 100644 vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/fse_encoder.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/fse_predefined.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/hash.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/history.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/LICENSE.txt
 create mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/README.md
 create mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.s
 create mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s
 create mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_safe.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/matchlen_amd64.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/matchlen_amd64.s
 create mode 100644 vendor/github.com/klauspost/compress/zstd/matchlen_generic.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/seqdec.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/seqdec_amd64.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s
 create mode 100644 vendor/github.com/klauspost/compress/zstd/seqdec_generic.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/seqenc.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/snappy.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/zip.go
 create mode 100644 vendor/github.com/klauspost/compress/zstd/zstd.go
 create mode 100644 vendor/github.com/munnerz/goautoneg/LICENSE
 create mode 100644 vendor/github.com/munnerz/goautoneg/Makefile
 rename vendor/github.com/{prometheus/common/internal/bitbucket.org/ww => munnerz}/goautoneg/README.txt (100%)
 rename vendor/github.com/{prometheus/common/internal/bitbucket.org/ww => munnerz}/goautoneg/autoneg.go (52%)
 create mode 100644 vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/LICENSE
 create mode 100644 vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header/header.go
 create mode 100644 vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/negotiate.go
 create mode 100644 vendor/github.com/prometheus/common/model/labelset_string.go
 create mode 100644 vendor/github.com/prometheus/common/model/labelset_string_go120.go
 create mode 100644 vendor/github.com/prometheus/procfs/net_tls_stat.go
 rename vendor/golang.org/x/crypto/chacha20/{chacha_ppc64le.go => chacha_ppc64x.go} (89%)
 rename vendor/golang.org/x/crypto/chacha20/{chacha_ppc64le.s => chacha_ppc64x.s} (66%)
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/curve25519_compat.go
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/curve25519_go120.go
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/README
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe.go
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/sync.checkpoint
 delete mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/sync.sh
 rename vendor/golang.org/x/crypto/internal/poly1305/{sum_ppc64le.go => sum_ppc64x.go} (95%)
 rename vendor/golang.org/x/crypto/internal/poly1305/{sum_ppc64le.s => sum_ppc64x.s} (89%)
 create mode 100644 vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s
 create mode 100644 vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go
 rename vendor/golang.org/x/sys/cpu/{cpu_x86.s => cpu_gc_x86.s} (94%)
 create mode 100644 vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.go
 create mode 100644 vendor/golang.org/x/sys/cpu/cpu_other_x86.go
 create mode 100644 vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go
 create mode 100644 vendor/golang.org/x/sys/unix/bpxsvc_zos.go
 create mode 100644 vendor/golang.org/x/sys/unix/bpxsvc_zos.s
 delete mode 100644 vendor/golang.org/x/sys/unix/epoll_zos.go
 delete mode 100644 vendor/golang.org/x/sys/unix/fstatfs_zos.go
 create mode 100644 vendor/golang.org/x/sys/unix/sockcmsg_zos.go
 create mode 100644 vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s
 create mode 100644 vendor/golang.org/x/sys/unix/vgetrandom_linux.go
 create mode 100644 vendor/golang.org/x/sys/unix/vgetrandom_unsupported.go
 create mode 100644 vendor/golang.org/x/sys/unix/zsymaddr_zos_s390x.s
 delete mode 100644 vendor/golang.org/x/sys/windows/empty.s
 delete mode 100644 vendor/google.golang.org/protobuf/internal/errors/is_go112.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/errors/is_go113.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/genid/name.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/api_export_opaque.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/bitmap.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/bitmap_race.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/codec_field_opaque.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/codec_message_opaque.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/codec_reflect.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/equal.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/lazy.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/message_opaque.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/message_opaque_gen.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/message_reflect_field_gen.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe_opaque.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/presence.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/protolazy/bufferreader.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/protolazy/lazy.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/protolazy/pointer_unsafe.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/strs/strings_pure.go
 create mode 100644 vendor/google.golang.org/protobuf/proto/wrapperopaque.go
 delete mode 100644 vendor/google.golang.org/protobuf/reflect/protoreflect/value_pure.go

diff --git a/go.mod b/go.mod
index db76ddb5f..d057c74fc 100644
--- a/go.mod
+++ b/go.mod
@@ -1,41 +1,42 @@
 module github.com/cloudflare/cfssl
 
-go 1.18
+go 1.23
 
 require (
 	bitbucket.org/liamstask/goose v0.0.0-20150115234039-8488cc47d90c
 	github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a
 	github.com/cloudflare/redoctober v0.0.0-20211013234631-6a74ccc611f6
-	github.com/go-sql-driver/mysql v1.8.0
-	github.com/google/certificate-transparency-go v1.1.8
+	github.com/go-sql-driver/mysql v1.8.1
+	github.com/google/certificate-transparency-go v1.3.1
 	github.com/jmhodges/clock v1.2.0
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
-	github.com/mattn/go-sqlite3 v1.14.22
-	github.com/prometheus/client_golang v1.19.0
+	github.com/mattn/go-sqlite3 v1.14.24
+	github.com/prometheus/client_golang v1.20.5
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.21.0
+	golang.org/x/crypto v0.32.0
 )
 
 require (
 	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
 	github.com/getsentry/sentry-go v0.11.0 // indirect
-	github.com/go-logr/logr v1.4.1 // indirect
+	github.com/go-logr/logr v1.4.2 // indirect
+	github.com/klauspost/compress v1.17.11 // indirect
 	github.com/kylelemons/go-gypsy v1.0.0 // indirect
+	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pelletier/go-toml v1.9.3 // indirect
-	github.com/prometheus/client_model v0.5.0 // indirect
-	github.com/prometheus/common v0.48.0 // indirect
-	github.com/prometheus/procfs v0.12.0 // indirect
-	github.com/stretchr/testify v1.8.4 // indirect
+	github.com/prometheus/client_model v0.6.1 // indirect
+	github.com/prometheus/common v0.55.0 // indirect
+	github.com/prometheus/procfs v0.15.1 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
-	golang.org/x/net v0.22.0 // indirect
-	golang.org/x/sys v0.18.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
-	google.golang.org/protobuf v1.33.0 // indirect
-	k8s.io/klog/v2 v2.120.1 // indirect
+	golang.org/x/net v0.34.0 // indirect
+	golang.org/x/sys v0.29.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
+	google.golang.org/protobuf v1.36.2 // indirect
+	k8s.io/klog/v2 v2.130.1 // indirect
 )
diff --git a/go.sum b/go.sum
index 40b8a5a3c..0effeeffd 100644
--- a/go.sum
+++ b/go.sum
@@ -57,8 +57,8 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
-github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
+github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
 github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
 github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
@@ -107,12 +107,12 @@ github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vb
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
 github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
-github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
-github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
+github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
-github.com/go-sql-driver/mysql v1.8.0 h1:UtktXaU2Nb64z/pLiGIxY4431SJ4/dR5cjMmlVHgnT4=
-github.com/go-sql-driver/mysql v1.8.0/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
+github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
+github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo=
 github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw=
@@ -148,8 +148,8 @@ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu
 github.com/gomodule/redigo v1.7.1-0.20190724094224-574c33c3df38/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/certificate-transparency-go v1.1.8 h1:LGYKkgZF7satzgTak9R4yzfJXEeYVAjV6/EAEJOf1to=
-github.com/google/certificate-transparency-go v1.1.8/go.mod h1:bV/o8r0TBKRf1X//iiiSgWrvII4d7/8OiA+3vG26gI8=
+github.com/google/certificate-transparency-go v1.3.1 h1:akbcTfQg0iZlANZLn0L9xOeWtyCIdeoYhKrqi5iH3Go=
+github.com/google/certificate-transparency-go v1.3.1/go.mod h1:gg+UQlx6caKEDQ9EElFOujyxEQEfOiQzAt6782Bvi8k=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@@ -160,6 +160,7 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
 github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -215,17 +216,23 @@ github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46 h1:veS9QfglfvqAw
 github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46/go.mod h1:yyMNCyc/Ib3bDTKd379tNMpB/7/H5TjM2Y9QJ5THLbE=
 github.com/klauspost/compress v1.8.2/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
 github.com/klauspost/compress v1.9.7/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
+github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc=
+github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
 github.com/klauspost/cpuid v1.2.1/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
+github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
+github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/kylelemons/go-gypsy v1.0.0 h1:7/wQ7A3UL1bnqRMnZ6T8cwCOArfZCxFmb1iTxaOOo1s=
 github.com/kylelemons/go-gypsy v1.0.0/go.mod h1:chkXM0zjdpXOiqkCW1XcCHDfjfk14PH2KKkQWxfJUcU=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
+github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/labstack/echo/v4 v4.1.11/go.mod h1:i541M3Fj6f76NZtHSj7TXnyM8n2gaodfvfxNnFqi74g=
 github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
@@ -237,8 +244,8 @@ github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
 github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
-github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
-github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
+github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBWDRM=
+github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/mediocregopher/radix/v3 v3.4.2/go.mod h1:8FL3F6UQRXHXIBSPUs5h0RybMF8i4n7wVopoX3x7Bv8=
@@ -252,6 +259,8 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb
 github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ=
 github.com/mreiferson/go-httpclient v0.0.0-20160630210159-31f0106b4474/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8=
 github.com/mreiferson/go-httpclient v0.0.0-20201222173833-5e475fde3a4d/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
+github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg=
@@ -277,29 +286,30 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
 github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU=
-github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k=
+github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y=
+github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
-github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
+github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
+github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
 github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
 github.com/prometheus/common v0.31.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
-github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE=
-github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc=
+github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc=
+github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
 github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
 github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
-github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
-github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
+github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
+github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
+github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
 github.com/schollz/closestmatch v2.1.0+incompatible/go.mod h1:RtP1ddjLong6gTkbtmuhtR2uUrrJOpYzYRvbcPAid+g=
@@ -325,8 +335,8 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
-github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
 github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
 github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
@@ -384,8 +394,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
-golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
+golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
+golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -458,8 +468,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
-golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
+golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
+golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -527,14 +537,15 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
-golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
+golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
+golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg=
+golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -545,8 +556,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
-golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -675,13 +686,14 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
-google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.36.2 h1:R8FeyR1/eLmkutZOM5CWghmo5itiG9z0ktFlTVLuTmU=
+google.golang.org/protobuf v1.36.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
+gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE=
@@ -698,6 +710,7 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20191120175047-4206685974f2/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
@@ -705,8 +718,8 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
-k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
+k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
+k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
diff --git a/vendor/github.com/cespare/xxhash/v2/README.md b/vendor/github.com/cespare/xxhash/v2/README.md
index 8bf0e5b78..33c88305c 100644
--- a/vendor/github.com/cespare/xxhash/v2/README.md
+++ b/vendor/github.com/cespare/xxhash/v2/README.md
@@ -70,3 +70,5 @@ benchstat <(go test -benchtime 500ms -count 15 -bench 'Sum64$')
 - [VictoriaMetrics](https://github.com/VictoriaMetrics/VictoriaMetrics)
 - [FreeCache](https://github.com/coocood/freecache)
 - [FastCache](https://github.com/VictoriaMetrics/fastcache)
+- [Ristretto](https://github.com/dgraph-io/ristretto)
+- [Badger](https://github.com/dgraph-io/badger)
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash.go b/vendor/github.com/cespare/xxhash/v2/xxhash.go
index a9e0d45c9..78bddf1ce 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash.go
@@ -19,10 +19,13 @@ const (
 // Store the primes in an array as well.
 //
 // The consts are used when possible in Go code to avoid MOVs but we need a
-// contiguous array of the assembly code.
+// contiguous array for the assembly code.
 var primes = [...]uint64{prime1, prime2, prime3, prime4, prime5}
 
 // Digest implements hash.Hash64.
+//
+// Note that a zero-valued Digest is not ready to receive writes.
+// Call Reset or create a Digest using New before calling other methods.
 type Digest struct {
 	v1    uint64
 	v2    uint64
@@ -33,19 +36,31 @@ type Digest struct {
 	n     int // how much of mem is used
 }
 
-// New creates a new Digest that computes the 64-bit xxHash algorithm.
+// New creates a new Digest with a zero seed.
 func New() *Digest {
+	return NewWithSeed(0)
+}
+
+// NewWithSeed creates a new Digest with the given seed.
+func NewWithSeed(seed uint64) *Digest {
 	var d Digest
-	d.Reset()
+	d.ResetWithSeed(seed)
 	return &d
 }
 
 // Reset clears the Digest's state so that it can be reused.
+// It uses a seed value of zero.
 func (d *Digest) Reset() {
-	d.v1 = primes[0] + prime2
-	d.v2 = prime2
-	d.v3 = 0
-	d.v4 = -primes[0]
+	d.ResetWithSeed(0)
+}
+
+// ResetWithSeed clears the Digest's state so that it can be reused.
+// It uses the given seed to initialize the state.
+func (d *Digest) ResetWithSeed(seed uint64) {
+	d.v1 = seed + prime1 + prime2
+	d.v2 = seed + prime2
+	d.v3 = seed
+	d.v4 = seed - prime1
 	d.total = 0
 	d.n = 0
 }
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go b/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go
index 9216e0a40..78f95f256 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go
@@ -6,7 +6,7 @@
 
 package xxhash
 
-// Sum64 computes the 64-bit xxHash digest of b.
+// Sum64 computes the 64-bit xxHash digest of b with a zero seed.
 //
 //go:noescape
 func Sum64(b []byte) uint64
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_other.go b/vendor/github.com/cespare/xxhash/v2/xxhash_other.go
index 26df13bba..118e49e81 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash_other.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash_other.go
@@ -3,7 +3,7 @@
 
 package xxhash
 
-// Sum64 computes the 64-bit xxHash digest of b.
+// Sum64 computes the 64-bit xxHash digest of b with a zero seed.
 func Sum64(b []byte) uint64 {
 	// A simpler version would be
 	//   d := New()
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go b/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go
index e86f1b5fd..05f5e7dfe 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go
@@ -5,7 +5,7 @@
 
 package xxhash
 
-// Sum64String computes the 64-bit xxHash digest of s.
+// Sum64String computes the 64-bit xxHash digest of s with a zero seed.
 func Sum64String(s string) uint64 {
 	return Sum64([]byte(s))
 }
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go b/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go
index 1c1638fd8..cf9d42aed 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go
@@ -33,7 +33,7 @@ import (
 //
 // See https://github.com/golang/go/issues/42739 for discussion.
 
-// Sum64String computes the 64-bit xxHash digest of s.
+// Sum64String computes the 64-bit xxHash digest of s with a zero seed.
 // It may be faster than Sum64([]byte(s)) by avoiding a copy.
 func Sum64String(s string) uint64 {
 	b := *(*[]byte)(unsafe.Pointer(&sliceHeader{s, len(s)}))
diff --git a/vendor/github.com/go-logr/logr/README.md b/vendor/github.com/go-logr/logr/README.md
index 8969526a6..7c7f0c69c 100644
--- a/vendor/github.com/go-logr/logr/README.md
+++ b/vendor/github.com/go-logr/logr/README.md
@@ -1,6 +1,7 @@
 # A minimal logging API for Go
 
 [![Go Reference](https://pkg.go.dev/badge/github.com/go-logr/logr.svg)](https://pkg.go.dev/github.com/go-logr/logr)
+[![Go Report Card](https://goreportcard.com/badge/github.com/go-logr/logr)](https://goreportcard.com/report/github.com/go-logr/logr)
 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/go-logr/logr/badge)](https://securityscorecards.dev/viewer/?platform=github.com&org=go-logr&repo=logr)
 
 logr offers an(other) opinion on how Go programs and libraries can do logging
diff --git a/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md b/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md
index 213215c8d..0c9bd9b10 100644
--- a/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md
+++ b/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md
@@ -1,3 +1,45 @@
+## Version 1.8.1 (2024-03-26)
+
+Bugfixes:
+
+- fix race condition when context is canceled in [#1562](https://github.com/go-sql-driver/mysql/pull/1562) and [#1570](https://github.com/go-sql-driver/mysql/pull/1570)
+
+## Version 1.8.0 (2024-03-09)
+
+Major Changes:
+
+- Use `SET NAMES charset COLLATE collation`. by @methane in [#1437](https://github.com/go-sql-driver/mysql/pull/1437)
+  - Older go-mysql-driver used `collation_id` in the handshake packet. But it caused collation mismatch in some situation.
+  - If you don't specify charset nor collation, go-mysql-driver sends `SET NAMES utf8mb4` for new connection. This uses server's default collation for utf8mb4.
+  - If you specify charset, go-mysql-driver sends `SET NAMES `. This uses the server's default collation for ``.
+  - If you specify collation and/or charset, go-mysql-driver sends `SET NAMES charset COLLATE collation`.
+- PathEscape dbname in DSN. by @methane in [#1432](https://github.com/go-sql-driver/mysql/pull/1432)
+  - This is backward incompatible in rare case. Check your DSN.
+- Drop Go 1.13-17 support by @methane in [#1420](https://github.com/go-sql-driver/mysql/pull/1420)
+  - Use Go 1.18+
+- Parse numbers on text protocol too by @methane in [#1452](https://github.com/go-sql-driver/mysql/pull/1452)
+  - When text protocol is used, go-mysql-driver passed bare `[]byte` to database/sql for avoid unnecessary allocation and conversion.
+  - If user specified `*any` to `Scan()`, database/sql passed the `[]byte` into the target variable.
+  - This confused users because most user doesn't know when text/binary protocol used.
+  - go-mysql-driver 1.8 converts integer/float values into int64/double even in text protocol. This doesn't increase allocation compared to `[]byte` and conversion cost is negatable.
+- New options start using the Functional Option Pattern to avoid increasing technical debt in the Config object. Future version may introduce Functional Option for existing options, but not for now.
+  - Make TimeTruncate functional option by @methane in [1552](https://github.com/go-sql-driver/mysql/pull/1552)
+  - Add BeforeConnect callback to configuration object by @ItalyPaleAle in [#1469](https://github.com/go-sql-driver/mysql/pull/1469)
+
+
+Other changes:
+
+- Adding DeregisterDialContext to prevent memory leaks with dialers we don't need anymore by @jypelle in https://github.com/go-sql-driver/mysql/pull/1422
+- Make logger configurable per connection by @frozenbonito in https://github.com/go-sql-driver/mysql/pull/1408
+- Fix ColumnType.DatabaseTypeName for mediumint unsigned by @evanelias in https://github.com/go-sql-driver/mysql/pull/1428
+- Add connection attributes by @Daemonxiao in https://github.com/go-sql-driver/mysql/pull/1389
+- Stop `ColumnTypeScanType()` from returning `sql.RawBytes` by @methane in https://github.com/go-sql-driver/mysql/pull/1424
+- Exec() now provides access to status of multiple statements. by @mherr-google in https://github.com/go-sql-driver/mysql/pull/1309
+- Allow to change (or disable) the default driver name for registration by @dolmen in https://github.com/go-sql-driver/mysql/pull/1499
+- Add default connection attribute '_server_host' by @oblitorum in https://github.com/go-sql-driver/mysql/pull/1506
+- QueryUnescape DSN ConnectionAttribute value by @zhangyangyu in https://github.com/go-sql-driver/mysql/pull/1470
+- Add client_ed25519 authentication by @Gusted in https://github.com/go-sql-driver/mysql/pull/1518
+
 ## Version 1.7.1 (2023-04-25)
 
 Changes:
diff --git a/vendor/github.com/go-sql-driver/mysql/README.md b/vendor/github.com/go-sql-driver/mysql/README.md
index 9d0d806ef..4968cb060 100644
--- a/vendor/github.com/go-sql-driver/mysql/README.md
+++ b/vendor/github.com/go-sql-driver/mysql/README.md
@@ -326,7 +326,7 @@ It's possible to access the last inserted ID and number of affected rows for mul
 
 ```go
 conn, _ := db.Conn(ctx)
-conn.Raw(func(conn interface{}) error {
+conn.Raw(func(conn any) error {
   ex := conn.(driver.Execer)
   res, err := ex.Exec(`
   UPDATE point SET x = 1 WHERE y = 2;
diff --git a/vendor/github.com/go-sql-driver/mysql/auth.go b/vendor/github.com/go-sql-driver/mysql/auth.go
index 658259b24..74e1bd03e 100644
--- a/vendor/github.com/go-sql-driver/mysql/auth.go
+++ b/vendor/github.com/go-sql-driver/mysql/auth.go
@@ -338,7 +338,7 @@ func (mc *mysqlConn) auth(authData []byte, plugin string) ([]byte, error) {
 		return authEd25519(authData, mc.cfg.Passwd)
 
 	default:
-		mc.cfg.Logger.Print("unknown auth plugin:", plugin)
+		mc.log("unknown auth plugin:", plugin)
 		return nil, ErrUnknownPlugin
 	}
 }
diff --git a/vendor/github.com/go-sql-driver/mysql/connection.go b/vendor/github.com/go-sql-driver/mysql/connection.go
index c170114fe..eff978d93 100644
--- a/vendor/github.com/go-sql-driver/mysql/connection.go
+++ b/vendor/github.com/go-sql-driver/mysql/connection.go
@@ -44,6 +44,11 @@ type mysqlConn struct {
 	closed   atomicBool  // set when conn is closed, before closech is closed
 }
 
+// Helper function to call per-connection logger.
+func (mc *mysqlConn) log(v ...any) {
+	mc.cfg.Logger.Print(v...)
+}
+
 // Handles parameters set in DSN after the connection is established
 func (mc *mysqlConn) handleParams() (err error) {
 	var cmdSet strings.Builder
@@ -109,7 +114,7 @@ func (mc *mysqlConn) Begin() (driver.Tx, error) {
 
 func (mc *mysqlConn) begin(readOnly bool) (driver.Tx, error) {
 	if mc.closed.Load() {
-		mc.cfg.Logger.Print(ErrInvalidConn)
+		mc.log(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	var q string
@@ -132,7 +137,7 @@ func (mc *mysqlConn) Close() (err error) {
 	}
 
 	mc.cleanup()
-
+	mc.clearResult()
 	return
 }
 
@@ -147,13 +152,16 @@ func (mc *mysqlConn) cleanup() {
 
 	// Makes cleanup idempotent
 	close(mc.closech)
-	if mc.netConn == nil {
+	conn := mc.rawConn
+	if conn == nil {
 		return
 	}
-	if err := mc.netConn.Close(); err != nil {
-		mc.cfg.Logger.Print(err)
+	if err := conn.Close(); err != nil {
+		mc.log(err)
 	}
-	mc.clearResult()
+	// This function can be called from multiple goroutines.
+	// So we can not mc.clearResult() here.
+	// Caller should do it if they are in safe goroutine.
 }
 
 func (mc *mysqlConn) error() error {
@@ -168,14 +176,14 @@ func (mc *mysqlConn) error() error {
 
 func (mc *mysqlConn) Prepare(query string) (driver.Stmt, error) {
 	if mc.closed.Load() {
-		mc.cfg.Logger.Print(ErrInvalidConn)
+		mc.log(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	// Send command
 	err := mc.writeCommandPacketStr(comStmtPrepare, query)
 	if err != nil {
 		// STMT_PREPARE is safe to retry.  So we can return ErrBadConn here.
-		mc.cfg.Logger.Print(err)
+		mc.log(err)
 		return nil, driver.ErrBadConn
 	}
 
@@ -209,7 +217,7 @@ func (mc *mysqlConn) interpolateParams(query string, args []driver.Value) (strin
 	buf, err := mc.buf.takeCompleteBuffer()
 	if err != nil {
 		// can not take the buffer. Something must be wrong with the connection
-		mc.cfg.Logger.Print(err)
+		mc.log(err)
 		return "", ErrInvalidConn
 	}
 	buf = buf[:0]
@@ -301,7 +309,7 @@ func (mc *mysqlConn) interpolateParams(query string, args []driver.Value) (strin
 
 func (mc *mysqlConn) Exec(query string, args []driver.Value) (driver.Result, error) {
 	if mc.closed.Load() {
-		mc.cfg.Logger.Print(ErrInvalidConn)
+		mc.log(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	if len(args) != 0 {
@@ -361,7 +369,7 @@ func (mc *mysqlConn) query(query string, args []driver.Value) (*textRows, error)
 	handleOk := mc.clearResult()
 
 	if mc.closed.Load() {
-		mc.cfg.Logger.Print(ErrInvalidConn)
+		mc.log(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	if len(args) != 0 {
@@ -456,7 +464,7 @@ func (mc *mysqlConn) finish() {
 // Ping implements driver.Pinger interface
 func (mc *mysqlConn) Ping(ctx context.Context) (err error) {
 	if mc.closed.Load() {
-		mc.cfg.Logger.Print(ErrInvalidConn)
+		mc.log(ErrInvalidConn)
 		return driver.ErrBadConn
 	}
 
@@ -665,7 +673,7 @@ func (mc *mysqlConn) ResetSession(ctx context.Context) error {
 			err = connCheck(conn)
 		}
 		if err != nil {
-			mc.cfg.Logger.Print("closing bad idle connection: ", err)
+			mc.log("closing bad idle connection: ", err)
 			return driver.ErrBadConn
 		}
 	}
diff --git a/vendor/github.com/go-sql-driver/mysql/connector.go b/vendor/github.com/go-sql-driver/mysql/connector.go
index a0ee62839..b67077596 100644
--- a/vendor/github.com/go-sql-driver/mysql/connector.go
+++ b/vendor/github.com/go-sql-driver/mysql/connector.go
@@ -102,10 +102,10 @@ func (c *connector) Connect(ctx context.Context) (driver.Conn, error) {
 		nd := net.Dialer{Timeout: mc.cfg.Timeout}
 		mc.netConn, err = nd.DialContext(ctx, mc.cfg.Net, mc.cfg.Addr)
 	}
-
 	if err != nil {
 		return nil, err
 	}
+	mc.rawConn = mc.netConn
 
 	// Enable TCP Keepalives on TCP connections
 	if tc, ok := mc.netConn.(*net.TCPConn); ok {
diff --git a/vendor/github.com/go-sql-driver/mysql/errors.go b/vendor/github.com/go-sql-driver/mysql/errors.go
index a9a3060c9..a7ef88909 100644
--- a/vendor/github.com/go-sql-driver/mysql/errors.go
+++ b/vendor/github.com/go-sql-driver/mysql/errors.go
@@ -41,14 +41,14 @@ var defaultLogger = Logger(log.New(os.Stderr, "[mysql] ", log.Ldate|log.Ltime|lo
 
 // Logger is used to log critical error messages.
 type Logger interface {
-	Print(v ...interface{})
+	Print(v ...any)
 }
 
 // NopLogger is a nop implementation of the Logger interface.
 type NopLogger struct{}
 
 // Print implements Logger interface.
-func (nl *NopLogger) Print(_ ...interface{}) {}
+func (nl *NopLogger) Print(_ ...any) {}
 
 // SetLogger is used to set the default logger for critical errors.
 // The initial logger is os.Stderr.
diff --git a/vendor/github.com/go-sql-driver/mysql/fields.go b/vendor/github.com/go-sql-driver/mysql/fields.go
index 2a397b245..286084247 100644
--- a/vendor/github.com/go-sql-driver/mysql/fields.go
+++ b/vendor/github.com/go-sql-driver/mysql/fields.go
@@ -134,7 +134,7 @@ var (
 	scanTypeString     = reflect.TypeOf("")
 	scanTypeNullString = reflect.TypeOf(sql.NullString{})
 	scanTypeBytes      = reflect.TypeOf([]byte{})
-	scanTypeUnknown    = reflect.TypeOf(new(interface{}))
+	scanTypeUnknown    = reflect.TypeOf(new(any))
 )
 
 type mysqlField struct {
diff --git a/vendor/github.com/go-sql-driver/mysql/nulltime.go b/vendor/github.com/go-sql-driver/mysql/nulltime.go
index 7d381d5c2..316a48aae 100644
--- a/vendor/github.com/go-sql-driver/mysql/nulltime.go
+++ b/vendor/github.com/go-sql-driver/mysql/nulltime.go
@@ -38,7 +38,7 @@ type NullTime sql.NullTime
 // Scan implements the Scanner interface.
 // The value type must be time.Time or string / []byte (formatted time-string),
 // otherwise Scan fails.
-func (nt *NullTime) Scan(value interface{}) (err error) {
+func (nt *NullTime) Scan(value any) (err error) {
 	if value == nil {
 		nt.Time, nt.Valid = time.Time{}, false
 		return
diff --git a/vendor/github.com/go-sql-driver/mysql/packets.go b/vendor/github.com/go-sql-driver/mysql/packets.go
index 3d6e5308c..90a34728b 100644
--- a/vendor/github.com/go-sql-driver/mysql/packets.go
+++ b/vendor/github.com/go-sql-driver/mysql/packets.go
@@ -34,7 +34,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 			if cerr := mc.canceled.Value(); cerr != nil {
 				return nil, cerr
 			}
-			mc.cfg.Logger.Print(err)
+			mc.log(err)
 			mc.Close()
 			return nil, ErrInvalidConn
 		}
@@ -57,7 +57,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 		if pktLen == 0 {
 			// there was no previous packet
 			if prevData == nil {
-				mc.cfg.Logger.Print(ErrMalformPkt)
+				mc.log(ErrMalformPkt)
 				mc.Close()
 				return nil, ErrInvalidConn
 			}
@@ -71,7 +71,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 			if cerr := mc.canceled.Value(); cerr != nil {
 				return nil, cerr
 			}
-			mc.cfg.Logger.Print(err)
+			mc.log(err)
 			mc.Close()
 			return nil, ErrInvalidConn
 		}
@@ -134,7 +134,7 @@ func (mc *mysqlConn) writePacket(data []byte) error {
 		// Handle error
 		if err == nil { // n != len(data)
 			mc.cleanup()
-			mc.cfg.Logger.Print(ErrMalformPkt)
+			mc.log(ErrMalformPkt)
 		} else {
 			if cerr := mc.canceled.Value(); cerr != nil {
 				return cerr
@@ -144,7 +144,7 @@ func (mc *mysqlConn) writePacket(data []byte) error {
 				return errBadConnNoWrite
 			}
 			mc.cleanup()
-			mc.cfg.Logger.Print(err)
+			mc.log(err)
 		}
 		return ErrInvalidConn
 	}
@@ -302,7 +302,7 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 	data, err := mc.buf.takeBuffer(pktLen + 4)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.cfg.Logger.Print(err)
+		mc.log(err)
 		return errBadConnNoWrite
 	}
 
@@ -351,7 +351,6 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 		if err := tlsConn.Handshake(); err != nil {
 			return err
 		}
-		mc.rawConn = mc.netConn
 		mc.netConn = tlsConn
 		mc.buf.nc = tlsConn
 	}
@@ -392,7 +391,7 @@ func (mc *mysqlConn) writeAuthSwitchPacket(authData []byte) error {
 	data, err := mc.buf.takeSmallBuffer(pktLen)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.cfg.Logger.Print(err)
+		mc.log(err)
 		return errBadConnNoWrite
 	}
 
@@ -412,7 +411,7 @@ func (mc *mysqlConn) writeCommandPacket(command byte) error {
 	data, err := mc.buf.takeSmallBuffer(4 + 1)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.cfg.Logger.Print(err)
+		mc.log(err)
 		return errBadConnNoWrite
 	}
 
@@ -431,7 +430,7 @@ func (mc *mysqlConn) writeCommandPacketStr(command byte, arg string) error {
 	data, err := mc.buf.takeBuffer(pktLen + 4)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.cfg.Logger.Print(err)
+		mc.log(err)
 		return errBadConnNoWrite
 	}
 
@@ -452,7 +451,7 @@ func (mc *mysqlConn) writeCommandPacketUint32(command byte, arg uint32) error {
 	data, err := mc.buf.takeSmallBuffer(4 + 1 + 4)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.cfg.Logger.Print(err)
+		mc.log(err)
 		return errBadConnNoWrite
 	}
 
@@ -994,7 +993,7 @@ func (stmt *mysqlStmt) writeExecutePacket(args []driver.Value) error {
 	}
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.cfg.Logger.Print(err)
+		mc.log(err)
 		return errBadConnNoWrite
 	}
 
@@ -1193,7 +1192,7 @@ func (stmt *mysqlStmt) writeExecutePacket(args []driver.Value) error {
 		if valuesCap != cap(paramValues) {
 			data = append(data[:pos], paramValues...)
 			if err = mc.buf.store(data); err != nil {
-				mc.cfg.Logger.Print(err)
+				mc.log(err)
 				return errBadConnNoWrite
 			}
 		}
diff --git a/vendor/github.com/go-sql-driver/mysql/statement.go b/vendor/github.com/go-sql-driver/mysql/statement.go
index 31e7799c4..0436f2240 100644
--- a/vendor/github.com/go-sql-driver/mysql/statement.go
+++ b/vendor/github.com/go-sql-driver/mysql/statement.go
@@ -51,7 +51,7 @@ func (stmt *mysqlStmt) CheckNamedValue(nv *driver.NamedValue) (err error) {
 
 func (stmt *mysqlStmt) Exec(args []driver.Value) (driver.Result, error) {
 	if stmt.mc.closed.Load() {
-		stmt.mc.cfg.Logger.Print(ErrInvalidConn)
+		stmt.mc.log(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	// Send command
@@ -95,7 +95,7 @@ func (stmt *mysqlStmt) Query(args []driver.Value) (driver.Rows, error) {
 
 func (stmt *mysqlStmt) query(args []driver.Value) (*binaryRows, error) {
 	if stmt.mc.closed.Load() {
-		stmt.mc.cfg.Logger.Print(ErrInvalidConn)
+		stmt.mc.log(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	// Send command
@@ -141,7 +141,7 @@ type converter struct{}
 // implementation does not.  This function should be kept in sync with
 // database/sql/driver defaultConverter.ConvertValue() except for that
 // deliberate difference.
-func (c converter) ConvertValue(v interface{}) (driver.Value, error) {
+func (c converter) ConvertValue(v any) (driver.Value, error) {
 	if driver.IsValue(v) {
 		return v, nil
 	}
diff --git a/vendor/github.com/google/certificate-transparency-go/.golangci.yaml b/vendor/github.com/google/certificate-transparency-go/.golangci.yaml
index 6cd9695e1..405740a1f 100644
--- a/vendor/github.com/google/certificate-transparency-go/.golangci.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/.golangci.yaml
@@ -18,5 +18,11 @@ linters-settings:
 
 issues:
   exclude-use-default: false
-  exclude:
-    - "Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*printf?|os\\.(Un)?Setenv). is not checked"
+  exclude-rules:
+    # The following grpc linters are excluded because grpc.Dial, grpc.DialContext and grpc.WithBlock will be supported throughout 1.x.
+    - linters: [staticcheck]
+      text: 'SA1019: grpc.Dial is deprecated: use NewClient instead'
+    - linters: [staticcheck]
+      text: 'SA1019: grpc.DialContext is deprecated: use NewClient instead'
+    - linters: [staticcheck]
+      text: 'SA1019: grpc.WithBlock is deprecated: this DialOption is not supported by NewClient'
diff --git a/vendor/github.com/google/certificate-transparency-go/AUTHORS b/vendor/github.com/google/certificate-transparency-go/AUTHORS
index 942cec9b3..ad514665e 100644
--- a/vendor/github.com/google/certificate-transparency-go/AUTHORS
+++ b/vendor/github.com/google/certificate-transparency-go/AUTHORS
@@ -9,8 +9,8 @@
 # Please keep the list sorted.
 
 Alex Cohn 
-Comodo CA Limited
 Ed Maste 
+Elisha Silas 
 Fiaz Hossain 
 Google LLC
 Internet Security Research Group
@@ -23,6 +23,7 @@ Nicholas Galbreath 
 Oliver Weidner 
 PrimeKey Solutions AB
 Ruslan Kovalov 
+Sectigo Limited
 Venafi, Inc.
 Vladimir Rutsky 
 Ximin Luo 
diff --git a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
index e286ae20d..5cb7b7d43 100644
--- a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
+++ b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
@@ -2,6 +2,323 @@
 
 ## HEAD
 
+## v1.3.1
+
+* Add AllLogListSignatureURL by @AlexLaroche in https://github.com/google/certificate-transparency-go/pull/1634
+* Add TiledLogs to log list JSON by @mcpherrinm in https://github.com/google/certificate-transparency-go/pull/1635
+* chore: relax go directive to permit 1.22.x by @dnwe in https://github.com/google/certificate-transparency-go/pull/1640
+
+### Dependency Update
+
+* Bump github.com/fullstorydev/grpcurl from 1.9.1 to 1.9.2 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1627
+* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1628
+* Bump the docker-deps group across 5 directories with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1630
+* Bump github/codeql-action from 3.27.5 to 3.27.6 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1629
+* Bump golang.org/x/crypto from 0.30.0 to 0.31.0 in the go_modules group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1631
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1633
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1632
+* Bump the docker-deps group across 4 directories with 1 update by @dependabot in https://github.com/google/certificate-transparency-go/pull/1638
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1637
+* Bump the all-deps group across 1 directory with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1641
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1643
+* Bump google.golang.org/grpc from 1.69.2 to 1.69.4 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1642
+
+## v1.3.0
+
+### CTFE Storage Saving: Extra Data Issuance Chain Deduplication
+
+This feature now supports PostgreSQL, in addition to the support for MySQL/MariaDB that was added in [v1.2.0](#v1.2.0).
+
+Log operators can choose to enable this feature for new PostgreSQL-based CT logs by adding new CTFE configs in the [LogMultiConfig](trillian/ctfe/configpb/config.proto) and importing the [database schema](trillian/ctfe/storage/postgresql/schema.sql). The other available options are documented in the [v1.2.0](#v1.2.0) changelog entry.
+
+This change is tested in Cloud Build tests using the `postgres:17` Docker image as of the time of writing.
+
+* Add IssuanceChainStorage PostgreSQL implementation by @robstradling in https://github.com/google/certificate-transparency-go/pull/1618
+
+### Misc
+
+* [Dependabot] Update all docker images in one PR by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1614
+* Explicitly include version tag by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1617
+* Add empty cloudbuild_postgresql.yaml by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1623
+
+### Dependency update
+
+* Bump the all-deps group with 4 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1609
+* Bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1611
+* Bump github/codeql-action from 3.27.0 to 3.27.1 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1610
+* Bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1612
+* Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in the go_modules group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1613
+* Bump the docker-deps group across 3 directories with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1616
+* Bump github/codeql-action from 3.27.1 to 3.27.2 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1615
+* Bump the docker-deps group across 4 directories with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1622
+* Bump github/codeql-action from 3.27.2 to 3.27.4 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1620
+* Bump the all-deps group with 4 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1621
+* Bump github.com/google/trillian from 1.6.1 to 1.7.0 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1624
+* Bump github/codeql-action from 3.27.4 to 3.27.5 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1625
+
+## v1.2.2
+
+* Recommended Go version for development: 1.22
+  * Using a different version can lead to presubmits failing due to unexpected diffs.
+
+### Add TLS Support
+
+Add TLS support for Trillian: By using `--trillian_tls_ca_cert_file` flag, users can provide a CA certificate, that is used to establish a secure communication with Trillian log server.
+
+Add TLS support for ct_server: By using `--tls_certificate` and `--tls_key` flags, users can provide a service certificate and key, that enables the server to handle HTTPS requests.
+
+* Add TLS support for CTLog server by @fghanmi in https://github.com/google/certificate-transparency-go/pull/1523
+* Add TLS support for migrillian by @fghanmi in https://github.com/google/certificate-transparency-go/pull/1525
+* fix TLS configuration for ct_server by @fghanmi in https://github.com/google/certificate-transparency-go/pull/1542
+* Add Trillian TLS support for ct_server by @fghanmi in https://github.com/google/certificate-transparency-go/pull/1551
+
+### HTTP Idle Connection Timeout Flag
+
+A new flag `http_idle_timeout` is added to set the HTTP server's idle timeout value in the ct_server binary. This controls the maximum amount of time to wait for the next request when keep-alives are enabled.
+
+* add flag for HTTP idle connection timeout value by @bobcallaway in https://github.com/google/certificate-transparency-go/pull/1597
+
+### Misc
+
+* Refactor issuance chain service by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1512
+* Use the version in the go.mod file for vuln checks by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1528
+
+### Fixes
+
+* Fix failed tests on 32-bit OS by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1540
+
+### Dependency update
+
+* Bump go.etcd.io/etcd/v3 from 3.5.13 to 3.5.14 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1500
+* Bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1501
+* Bump golang.org/x/net from 0.25.0 to 0.26.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1503
+* Group dependabot updates as much as possible by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1506
+* Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1507
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1511
+* Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1510
+* Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1509
+* Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1508
+* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1516
+* Bump golang from `aec4784` to `9678844` in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1518
+* Bump alpine from 3.19 to 3.20 in /trillian/examples/deployment/docker/envsubst by @dependabot in https://github.com/google/certificate-transparency-go/pull/1492
+* Bump golang from `aec4784` to `9678844` in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1517
+* Bump golang from `aec4784` to `9678844` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1513
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1515
+* Bump golang from `aec4784` to `9678844` in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1514
+* Bump alpine from `77726ef` to `b89d9c9` in /trillian/examples/deployment/docker/envsubst in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1519
+* Bump k8s.io/klog/v2 from 2.130.0 to 2.130.1 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1521
+* Bump alpine from `77726ef` to `b89d9c9` in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1520
+* Bump github/codeql-action from 3.25.10 to 3.25.11 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1526
+* Bump version of go used by the vuln checker by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1527
+* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1530
+* Bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1531
+* Bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1532
+* Bump the all-deps group in /trillian/examples/deployment/docker/ctfe with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1533
+* Bump actions/upload-artifact from 4.3.3 to 4.3.4 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1534
+* Bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1535
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1536
+* Bump github/codeql-action from 3.25.12 to 3.25.13 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1538
+* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1537
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1543
+* Bump golang from `6c27802` to `af9b40f` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1544
+* Bump golang from `6c27802` to `af9b40f` in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1548
+* Bump golang from `6c27802` to `af9b40f` in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1547
+* Bump alpine from `b89d9c9` to `0a4eaa0` in /trillian/examples/deployment/docker/envsubst in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1546
+* Bump the all-deps group in /internal/witness/cmd/feeder with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1545
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1549
+* Bump golang.org/x/time from 0.5.0 to 0.6.0 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1550
+* Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1552
+* Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1553
+* Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1554
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1555
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1556
+* Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1557
+* Bump github.com/prometheus/client_golang from 1.19.1 to 1.20.0 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1559
+* Bump github/codeql-action from 3.26.0 to 3.26.3 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1561
+* Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1558
+* Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1563
+* Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1560
+* Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1562
+* Bump go version to 1.22.6 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1564
+* Bump github.com/prometheus/client_golang from 1.20.0 to 1.20.2 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1565
+* Bump github/codeql-action from 3.26.3 to 3.26.5 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1566
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1568
+* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1569
+* Bump go from 1.22.6 to 1.22.7 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1574
+* Bump alpine from `0a4eaa0` to `beefdbd` in /trillian/examples/deployment/docker/envsubst in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1571
+* Bump the all-deps group across 1 directory with 5 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1577
+* Bump golang from 1.23.0-bookworm to 1.23.1-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1575
+* Bump golang from 1.23.0-bookworm to 1.23.1-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1576
+* Bump the all-deps group in /trillian/examples/deployment/docker/ctfe with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1572
+* Bump the all-deps group in /internal/witness/cmd/feeder with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1573
+* Bump the all-deps group with 4 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1578
+* Bump github/codeql-action from 3.26.6 to 3.26.7 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1579
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1580
+* Bump github/codeql-action from 3.26.7 to 3.26.8 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1581
+* Bump distroless/base-debian12 from `c925d12` to `88e0a2a` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1582
+* Bump the all-deps group in /trillian/examples/deployment/docker/ctfe with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1585
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1583
+* Bump golang from `1a5326b` to `dba79eb` in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1584
+* Bump golang from `1a5326b` to `dba79eb` in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1587
+* Bump golang from `1a5326b` to `dba79eb` in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1586
+* Bump the all-deps group with 5 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1588
+* Bump the all-deps group with 6 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1589
+* Bump golang from 1.23.1-bookworm to 1.23.2-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1593
+* Bump golang from 1.23.1-bookworm to 1.23.2-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1592
+* Bump golang from 1.23.1-bookworm to 1.23.2-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1591
+* Bump golang from 1.23.1-bookworm to 1.23.2-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1590
+* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1595
+* Bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1598
+* Bump golang from `18d2f94` to `2341ddf` in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1602
+* Bump golang from `18d2f94` to `2341ddf` in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1599
+* Bump golang from `18d2f94` to `2341ddf` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1600
+* Bump golang from `18d2f94` to `2341ddf` in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1601
+* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1603
+* Bump distroless/base-debian12 from `6ae5fe6` to `8fe31fb` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1604
+
+## v1.2.1
+
+### Fixes
+
+* Fix Go potential bugs and maintainability by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1496
+
+### Dependency update
+
+* Bump google.golang.org/grpc from 1.63.2 to 1.64.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1482
+
+## v1.2.0
+
+### CTFE Storage Saving: Extra Data Issuance Chain Deduplication
+
+To reduce CT/Trillian database storage by deduplication of the entire issuance chain (intermediate certificate(s) and root certificate) that is currently stored in the Trillian merkle tree leaf ExtraData field. Storage cost should be reduced by at least 33% for new CT logs with this feature enabled. Currently only MySQL/MariaDB is supported to store the issuance chain in the CTFE database.
+
+Existing logs are not affected by this change. 
+
+Log operators can choose to opt-in this change for new CT logs by adding new CTFE configs in the [LogMultiConfig](trillian/ctfe/configpb/config.proto) and importing the [database schema](trillian/ctfe/storage/mysql/schema.sql). See [example](trillian/examples/deployment/docker/ctfe/ct_server.cfg).
+
+- `ctfe_storage_connection_string`
+- `extra_data_issuance_chain_storage_backend`
+
+An optional LRU cache can be enabled by providing the following flags.
+
+- `cache_type`
+- `cache_size`
+- `cache_ttl`
+
+This change is tested in Cloud Build tests using the `mysql:8.4` Docker image as of the time of writing.
+
+* Add issuance chain storage interface by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1430
+* Add issuance chain cache interface by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1431
+* Add CTFE extra data storage saving configs to config.proto by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1432
+* Add new types `PrecertChainEntryHash` and `CertificateChainHash` for TLS marshal/unmarshal in storage saving by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1435
+* Add IssuanceChainCache LRU implementation by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1454
+* Add issuance chain service by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1452
+* Add CTFE extra data storage saving configs validation by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1456
+* Add IssuanceChainStorage MySQL implementation by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1462
+* Fix errcheck lint in mysql test by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1464
+* CTFE Extra Data Issuance Chain Deduplication by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1477
+* Fix incorrect deployment doc and server config by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1494
+
+### Submission proxy: Root compatibility checking
+
+* Adds the ability for a CT client to disable root compatibile checking by @aaomidi in https://github.com/google/certificate-transparency-go/pull/1258
+
+### Fixes
+
+* Return 429 Too Many Requests for gRPC error code `ResourceExhausted` from Trillian by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1401
+* Safeguard against redirects on PUT request by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1418
+* Fix CT client upload to be safe against no-op POSTs by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1424
+
+### Misc
+
+* Prefix errors.New variables with the word "Err" by @aaomidi in https://github.com/google/certificate-transparency-go/pull/1399
+* Remove lint exceptions and fix remaining issues by @silaselisha in https://github.com/google/certificate-transparency-go/pull/1438
+* Fix invalid Go toolchain version by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1471
+* Regenerate proto files by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1489
+
+### Dependency update
+
+* Bump distroless/base-debian12 from `5eae9ef` to `28a7f1f` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1388
+* Bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1389
+* Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1390
+* Bump golang from `6699d28` to `7f9c058` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1391
+* Bump golang from `6699d28` to `7f9c058` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1392
+* Bump golang from `6699d28` to `7a392a2` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1393
+* Bump golang from `6699d28` to `7a392a2` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1394
+* Bump golang from `7a392a2` to `d996c64` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1395
+* Bump golang from `7f9c058` to `d996c64` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1396
+* Bump golang from `7a392a2` to `d996c64` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1397
+* Bump golang from `7f9c058` to `d996c64` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1398
+* Bump github/codeql-action from 3.24.7 to 3.24.8 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1400
+* Bump github/codeql-action from 3.24.8 to 3.24.9 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1402
+* Bump go.etcd.io/etcd/v3 from 3.5.12 to 3.5.13 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1405
+* Bump distroless/base-debian12 from `28a7f1f` to `611d30d` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1406
+* Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1407
+* Bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1408
+* update govulncheck go version from 1.21.8 to 1.21.9 by @phbnf in https://github.com/google/certificate-transparency-go/pull/1412
+* Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1409
+* Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1410
+* Bump golang.org/x/crypto from 0.21.0 to 0.22.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1414
+* Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1411
+* Bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1415
+* Bump golang.org/x/net from 0.23.0 to 0.24.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1416
+* Bump google.golang.org/grpc from 1.62.1 to 1.63.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1417
+* Bump github.com/fullstorydev/grpcurl from 1.8.9 to 1.9.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1419
+* Bump golang from `48b942a` to `3451eec` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1421
+* Bump golang from `48b942a` to `3451eec` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1423
+* Bump golang from `48b942a` to `3451eec` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1420
+* Bump golang from `3451eec` to `b03f3ba` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1426
+* Bump golang from `3451eec` to `b03f3ba` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1425
+* Bump golang from `48b942a` to `3451eec` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1422
+* Bump golang from `3451eec` to `b03f3ba` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1427
+* Bump golang from `3451eec` to `b03f3ba` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1428
+* Bump github/codeql-action from 3.24.10 to 3.25.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1433
+* Bump github/codeql-action from 3.25.0 to 3.25.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1434
+* Bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1436
+* Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1437
+* Bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1440
+* Bump github/codeql-action from 3.25.1 to 3.25.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1441
+* Bump golang from `b03f3ba` to `d0902ba` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1444
+* Bump golang from `b03f3ba` to `d0902ba` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1443
+* Bump github.com/rs/cors from 1.10.1 to 1.11.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1442
+* Bump golang from `b03f3ba` to `d0902ba` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1447
+* Bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1446
+* Bump github/codeql-action from 3.25.2 to 3.25.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1449
+* Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1448
+* Bump golang from `b03f3ba` to `d0902ba` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1445
+* Bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1451
+* Bump distroless/base-debian12 from `611d30d` to `d8d01e2` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1450
+* Bump google.golang.org/protobuf from 1.33.1-0.20240408130810-98873a205002 to 1.34.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1453
+* Bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1455
+* Bump golang.org/x/net from 0.24.0 to 0.25.0 and golang.org/x/crypto from v0.22.0 to v0.23.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1457
+* Bump google.golang.org/protobuf from 1.34.0 to 1.34.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1458
+* Bump distroless/base-debian12 from `d8d01e2` to `786007f` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1461
+* Bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1460
+* Bump `go-version-input` to 1.21.10 in govulncheck.yml by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1472
+* Bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1473
+* Bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1469
+* Bump github.com/go-sql-driver/mysql from 1.7.1 to 1.8.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1465
+* Bump golang from 1.22.2-bookworm to 1.22.3-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1466
+* Bump golang from 1.22.2-bookworm to 1.22.3-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1463
+* Bump golang from 1.22.2-bookworm to 1.22.3-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1470
+* Bump golang from 1.22.2-bookworm to 1.22.3-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1467
+* Bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1474
+* Bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1475
+* Bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1476
+* Bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1478
+* Bump golang from `6d71b7c` to `ef27a3c` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1480
+* Bump golang from `6d71b7c` to `ef27a3c` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1481
+* Bump golang from `6d71b7c` to `ef27a3c` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1479
+* Bump golang from `6d71b7c` to `ef27a3c` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1483
+* Bump golang from `ef27a3c` to `5c56bd4` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1484
+* Bump golang from `ef27a3c` to `5c56bd4` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1485
+* Bump golang from `ef27a3c` to `5c56bd4` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1486
+* Bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1487
+* Bump golang from `ef27a3c` to `5c56bd4` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1488
+* Bump github/codeql-action from 3.25.5 to 3.25.6 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1490
+* Bump alpine from `c5b1261` to `58d02b4` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1491
+* Bump alpine from `58d02b4` to `77726ef` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1493
+
 ## v1.1.8
 
 * Recommended Go version for development: 1.21
diff --git a/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS b/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS
index 4d04dc6a3..3a98a7e1e 100644
--- a/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS
+++ b/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS
@@ -30,6 +30,7 @@ Chris Kennelly  
 David Drysdale 
 Deyan Bektchiev  
 Ed Maste 
+Elisha Silas 
 Emilia Kasper 
 Eran Messeri  
 Fiaz Hossain 
@@ -51,7 +52,7 @@ Paul Lietar 
 Pavel Kalinnikov  
 Pierre Phaneuf 
 Rob Percival 
-Rob Stradling 
+Rob Stradling 
 Roger Ng  
 Roland Shoemaker 
 Ruslan Kovalov 
diff --git a/vendor/github.com/google/certificate-transparency-go/README.md b/vendor/github.com/google/certificate-transparency-go/README.md
index ac71ebc11..b528c5575 100644
--- a/vendor/github.com/google/certificate-transparency-go/README.md
+++ b/vendor/github.com/google/certificate-transparency-go/README.md
@@ -6,7 +6,7 @@
 
 This repository holds Go code related to
 [Certificate Transparency](https://www.certificate-transparency.org/) (CT).  The
-repository requires Go version 1.21.
+repository requires Go version 1.22.
 
  - [Repository Structure](#repository-structure)
  - [Trillian CT Personality](#trillian-ct-personality)
diff --git a/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go b/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go
index 125cb4c79..a2fed51d8 100644
--- a/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go
+++ b/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go
@@ -14,7 +14,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.28.1
+// 	protoc-gen-go v1.34.1
 // 	protoc        v3.20.1
 // source: client/configpb/multilog.proto
 
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
index 6c856c11c..50ac5ef7b 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
@@ -85,6 +85,13 @@ steps:
 
       # Wait for trillian logserver to be up
       until nc -z deployment_trillian-log-server_1 8090; do echo .; sleep 5; done
+
+      # Reset the CT test database
+      export CT_GO_PATH="$$(go list -f '{{.Dir}}' github.com/google/certificate-transparency-go)"
+      export MYSQL_HOST="mysql"
+      export MYSQL_ROOT_PASSWORD="zaphod"
+      export MYSQL_USER_HOST="%"
+      yes | bash "$${CT_GO_PATH}/scripts/resetctdb.sh" --verbose
   waitFor: ['prepare']
 
 # Run the presubmit tests
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
index 0e47e326f..566edfe0f 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
@@ -85,6 +85,13 @@ steps:
 
       # Wait for trillian logserver to be up
       until nc -z deployment_trillian-log-server_1 8090; do echo .; sleep 5; done
+
+      # Reset the CT test database
+      export CT_GO_PATH="$$(go list -f '{{.Dir}}' github.com/google/certificate-transparency-go)"
+      export MYSQL_HOST="mysql"
+      export MYSQL_ROOT_PASSWORD="zaphod"
+      export MYSQL_USER_HOST="%"
+      yes | bash "$${CT_GO_PATH}/scripts/resetctdb.sh" --verbose
   waitFor: ['prepare']
 
 # Run the presubmit tests
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_postgresql.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_postgresql.yaml
new file mode 100644
index 000000000..37faca72a
--- /dev/null
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild_postgresql.yaml
@@ -0,0 +1,161 @@
+#############################################################################
+## This file is based on cloudbuild.yaml, but targets PostgreSQL instead of
+## MySQL.
+#############################################################################
+
+timeout: 1200s
+options:
+  machineType: N1_HIGHCPU_32
+  volumes:
+  - name: go-modules
+    path: /go
+  env:
+  - GOPROXY=https://proxy.golang.org
+  - PROJECT_ROOT=github.com/google/certificate-transparency-go
+  - GOPATH=/go
+
+substitutions:
+  _CLUSTER_NAME: trillian-opensource-ci
+  _MASTER_ZONE: us-central1-a
+
+# Cloud Build logs sent to GCS bucket
+logsBucket: 'gs://trillian-cloudbuild-logs'
+
+steps:
+# First build a "ct_testbase" docker image which contains most of the tools we need for the later steps:
+- name: 'gcr.io/cloud-builders/docker'
+  entrypoint: 'bash'
+  args: ['-c', 'docker pull gcr.io/$PROJECT_ID/ct_testbase:latest || exit 0']
+- name: 'gcr.io/cloud-builders/docker'
+  args: [
+    'build',
+    '-t', 'gcr.io/$PROJECT_ID/ct_testbase:latest',
+    '--cache-from', 'gcr.io/$PROJECT_ID/ct_testbase:latest',
+    '-f', './integration/Dockerfile',
+    '.'
+  ]
+
+# prepare spins up an ephemeral trillian instance for testing use.
+- name: gcr.io/$PROJECT_ID/ct_testbase
+  entrypoint: 'bash'
+  id: 'prepare'
+  args:
+  - '-exc'
+  - |
+    # Use latest versions of Trillian docker images built by the Trillian CI cloudbuilders.
+    docker pull gcr.io/$PROJECT_ID/log_server:latest
+    docker tag gcr.io/$PROJECT_ID/log_server:latest postgresql_trillian-log-server
+    docker pull gcr.io/$PROJECT_ID/log_signer:latest
+    docker tag gcr.io/$PROJECT_ID/log_signer:latest postgresql_trillian-log-signer
+
+    # Bring up an ephemeral trillian instance using the docker-compose config in the Trillian repo:
+    export TRILLIAN_LOCATION="$$(go list -f '{{.Dir}}' github.com/google/trillian)"
+
+    # We need to fix up Trillian's docker-compose to connect to the CloudBuild network to that tests can use it:
+    echo -e "networks:\n      default:\n        external:\n          name: cloudbuild" >> $${TRILLIAN_LOCATION}/examples/deployment/postgresql/docker-compose.yml
+
+    docker-compose -f $${TRILLIAN_LOCATION}/examples/deployment/postgresql/docker-compose.yml pull postgresql trillian-log-server trillian-log-signer
+    docker-compose -f $${TRILLIAN_LOCATION}/examples/deployment/postgresql/docker-compose.yml up -d postgresql trillian-log-server trillian-log-signer
+
+# Install proto related bits and block on Trillian being ready
+- name: gcr.io/$PROJECT_ID/ct_testbase
+  id: 'ci-ready'
+  entrypoint: 'bash'
+  args:
+    - '-ec'
+    - |
+      go install \
+        github.com/golang/protobuf/proto \
+        github.com/golang/protobuf/protoc-gen-go \
+        github.com/golang/mock/mockgen \
+        go.etcd.io/etcd/v3 go.etcd.io/etcd/etcdctl/v3 \
+        github.com/fullstorydev/grpcurl/cmd/grpcurl
+
+      # Generate all protoc and mockgen files
+      go generate -run="protoc" ./...
+      go generate -run="mockgen" ./...
+
+      # Cache all the modules we'll need too
+      go mod download
+      go test ./...
+
+      # Wait for trillian logserver to be up
+      until nc -z postgresql_trillian-log-server_1 8090; do echo .; sleep 5; done
+
+      # Reset the CT test database
+      export CT_GO_PATH="$$(go list -f '{{.Dir}}' github.com/google/certificate-transparency-go)"
+      export POSTGRESQL_HOST="postgresql"
+      yes | bash "$${CT_GO_PATH}/scripts/resetpgctdb.sh" --verbose
+  waitFor: ['prepare']
+
+# Run the presubmit tests
+- name: gcr.io/$PROJECT_ID/ct_testbase
+  id: 'default_test'
+  env:
+    - 'GOFLAGS='
+    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
+    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
+    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
+    - 'CONFIG_SUBDIR=/postgresql'
+  waitFor: ['ci-ready']
+
+- name: gcr.io/$PROJECT_ID/ct_testbase
+  id: 'race_detection'
+  env:
+    - 'GOFLAGS=-race'
+    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
+    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
+    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
+    - 'CONFIG_SUBDIR=/postgresql'
+  waitFor: ['ci-ready']
+
+- name: gcr.io/$PROJECT_ID/ct_testbase
+  id: 'etcd_with_coverage'
+  env:
+    - 'GOFLAGS='
+    - 'PRESUBMIT_OPTS=--no-linters --no-generate --coverage'
+    - 'WITH_ETCD=true'
+    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
+    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
+    - 'CONFIG_SUBDIR=/postgresql'
+  waitFor: ['ci-ready']
+
+- name: gcr.io/$PROJECT_ID/ct_testbase
+  id: 'etcd_with_race'
+  env:
+    - 'GOFLAGS=-race'
+    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
+    - 'WITH_ETCD=true'
+    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
+    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
+    - 'CONFIG_SUBDIR=/postgresql'
+  waitFor: ['ci-ready']
+
+- name: gcr.io/$PROJECT_ID/ct_testbase
+  id: 'with_pkcs11_and_race'
+  env:
+    - 'GOFLAGS=-race --tags=pkcs11'
+    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
+    - 'WITH_PKCS11=true'
+    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
+    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
+    - 'CONFIG_SUBDIR=/postgresql'
+  waitFor: ['ci-ready']
+
+# Collect and submit codecoverage reports
+- name: 'gcr.io/cloud-builders/curl'
+  id: 'codecov.io'
+  entrypoint: bash
+  args: ['-c', 'bash <(curl -s https://codecov.io/bash)']
+  env:
+  - 'VCS_COMMIT_ID=$COMMIT_SHA'
+  - 'VCS_BRANCH_NAME=$BRANCH_NAME'
+  - 'VCS_PULL_REQUEST=$_PR_NUMBER'
+  - 'CI_BUILD_ID=$BUILD_ID'
+  - 'CODECOV_TOKEN=$_CODECOV_TOKEN' # _CODECOV_TOKEN is specified in the cloud build trigger
+  waitFor: ['etcd_with_coverage']
+
+- name: gcr.io/$PROJECT_ID/ct_testbase
+  id: 'ci_complete'
+  entrypoint: /bin/true
+  waitFor: ['codecov.io', 'default_test', 'race_detection', 'etcd_with_coverage', 'etcd_with_race', 'with_pkcs11_and_race']
diff --git a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
index a95f19ccd..1dee4cb60 100644
--- a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
+++ b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
@@ -194,7 +194,9 @@ func (c *JSONClient) GetAndParse(ctx context.Context, path string, params map[st
 
 	// Read everything now so http.Client can reuse the connection.
 	body, err := io.ReadAll(httpRsp.Body)
-	httpRsp.Body.Close()
+	if err := httpRsp.Body.Close(); err != nil {
+		return nil, nil, err
+	}
 	if err != nil {
 		return nil, nil, RspError{Err: fmt.Errorf("failed to read response body: %v", err), StatusCode: httpRsp.StatusCode, Body: body}
 	}
@@ -240,7 +242,9 @@ func (c *JSONClient) PostAndParse(ctx context.Context, path string, req, rsp int
 	var body []byte
 	if httpRsp != nil {
 		body, err = io.ReadAll(httpRsp.Body)
-		httpRsp.Body.Close()
+		if err := httpRsp.Body.Close(); err != nil {
+			return nil, nil, err
+		}
 	}
 	if err != nil {
 		if httpRsp != nil {
@@ -248,6 +252,10 @@ func (c *JSONClient) PostAndParse(ctx context.Context, path string, req, rsp int
 		}
 		return nil, nil, err
 	}
+	if httpRsp.Request.Method != http.MethodPost {
+		// https://developer.mozilla.org/en-US/docs/Web/HTTP/Redirections#permanent_redirections
+		return nil, nil, fmt.Errorf("POST request to %q was converted to %s request to %q", fullURI, httpRsp.Request.Method, httpRsp.Request.URL)
+	}
 
 	if httpRsp.StatusCode == http.StatusOK {
 		if err = json.Unmarshal(body, &rsp); err != nil {
diff --git a/vendor/github.com/google/certificate-transparency-go/types.go b/vendor/github.com/google/certificate-transparency-go/types.go
index b6af606bf..2a96f6a09 100644
--- a/vendor/github.com/google/certificate-transparency-go/types.go
+++ b/vendor/github.com/google/certificate-transparency-go/types.go
@@ -248,6 +248,21 @@ type CertificateChain struct {
 	Entries []ASN1Cert `tls:"minlen:0,maxlen:16777215"`
 }
 
+// PrecertChainEntryHash is an extended PrecertChainEntry type with the
+// IssuanceChainHash field added to store the hash of the
+// CertificateChain field of PrecertChainEntry.
+type PrecertChainEntryHash struct {
+	PreCertificate    ASN1Cert `tls:"minlen:1,maxlen:16777215"`
+	IssuanceChainHash []byte   `tls:"minlen:0,maxlen:256"`
+}
+
+// CertificateChainHash is an extended CertificateChain type with the
+// IssuanceChainHash field added to store the hash of the
+// Entries field of CertificateChain.
+type CertificateChainHash struct {
+	IssuanceChainHash []byte `tls:"minlen:0,maxlen:256"`
+}
+
 // JSONDataEntry holds arbitrary data.
 type JSONDataEntry struct {
 	Data []byte `tls:"minlen:0,maxlen:1677215"`
diff --git a/vendor/github.com/klauspost/compress/.gitattributes b/vendor/github.com/klauspost/compress/.gitattributes
new file mode 100644
index 000000000..402433593
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/.gitattributes
@@ -0,0 +1,2 @@
+* -text
+*.bin -text -diff
diff --git a/vendor/github.com/klauspost/compress/.gitignore b/vendor/github.com/klauspost/compress/.gitignore
new file mode 100644
index 000000000..d31b37815
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/.gitignore
@@ -0,0 +1,32 @@
+# Compiled Object files, Static and Dynamic libs (Shared Objects)
+*.o
+*.a
+*.so
+
+# Folders
+_obj
+_test
+
+# Architecture specific extensions/prefixes
+*.[568vq]
+[568vq].out
+
+*.cgo1.go
+*.cgo2.c
+_cgo_defun.c
+_cgo_gotypes.go
+_cgo_export.*
+
+_testmain.go
+
+*.exe
+*.test
+*.prof
+/s2/cmd/_s2sx/sfx-exe
+
+# Linux perf files
+perf.data
+perf.data.old
+
+# gdb history
+.gdb_history
diff --git a/vendor/github.com/klauspost/compress/.goreleaser.yml b/vendor/github.com/klauspost/compress/.goreleaser.yml
new file mode 100644
index 000000000..4528059ca
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/.goreleaser.yml
@@ -0,0 +1,123 @@
+version: 2
+
+before:
+  hooks:
+    - ./gen.sh
+
+builds:
+  -
+    id: "s2c"
+    binary: s2c
+    main: ./s2/cmd/s2c/main.go
+    flags:
+      - -trimpath
+    env:
+      - CGO_ENABLED=0
+    goos:
+      - aix
+      - linux
+      - freebsd
+      - netbsd
+      - windows
+      - darwin
+    goarch:
+      - 386
+      - amd64
+      - arm
+      - arm64
+      - ppc64
+      - ppc64le
+      - mips64
+      - mips64le
+    goarm:
+      - 7
+  -
+    id: "s2d"
+    binary: s2d
+    main: ./s2/cmd/s2d/main.go
+    flags:
+      - -trimpath
+    env:
+      - CGO_ENABLED=0
+    goos:
+      - aix
+      - linux
+      - freebsd
+      - netbsd
+      - windows
+      - darwin
+    goarch:
+      - 386
+      - amd64
+      - arm
+      - arm64
+      - ppc64
+      - ppc64le
+      - mips64
+      - mips64le
+    goarm:
+      - 7
+  -
+    id: "s2sx"
+    binary: s2sx
+    main: ./s2/cmd/_s2sx/main.go
+    flags:
+      - -modfile=s2sx.mod
+      - -trimpath
+    env:
+      - CGO_ENABLED=0
+    goos:
+      - aix
+      - linux
+      - freebsd
+      - netbsd
+      - windows
+      - darwin
+    goarch:
+      - 386
+      - amd64
+      - arm
+      - arm64
+      - ppc64
+      - ppc64le
+      - mips64
+      - mips64le
+    goarm:
+      - 7
+
+archives:
+  -
+    id: s2-binaries
+    name_template: "s2-{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
+    format_overrides:
+      - goos: windows
+        format: zip
+    files:
+      - unpack/*
+      - s2/LICENSE
+      - s2/README.md
+checksum:
+  name_template: 'checksums.txt'
+snapshot:
+  version_template: "{{ .Tag }}-next"
+changelog:
+  sort: asc
+  filters:
+    exclude:
+    - '^doc:'
+    - '^docs:'
+    - '^test:'
+    - '^tests:'
+    - '^Update\sREADME.md'
+
+nfpms:
+  -
+    file_name_template: "s2_package__{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
+    vendor: Klaus Post
+    homepage: https://github.com/klauspost/compress
+    maintainer: Klaus Post 
+    description: S2 Compression Tool
+    license: BSD 3-Clause
+    formats:
+      - deb
+      - rpm
diff --git a/vendor/github.com/klauspost/compress/LICENSE b/vendor/github.com/klauspost/compress/LICENSE
new file mode 100644
index 000000000..87d557477
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/LICENSE
@@ -0,0 +1,304 @@
+Copyright (c) 2012 The Go Authors. All rights reserved.
+Copyright (c) 2019 Klaus Post. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+------------------
+
+Files: gzhttp/*
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2016-2017 The New York Times Company
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+------------------
+
+Files: s2/cmd/internal/readahead/*
+
+The MIT License (MIT)
+
+Copyright (c) 2015 Klaus Post
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+---------------------
+Files: snappy/*
+Files: internal/snapref/*
+
+Copyright (c) 2011 The Snappy-Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+-----------------
+
+Files: s2/cmd/internal/filepathx/*
+
+Copyright 2016 The filepathx Authors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/vendor/github.com/klauspost/compress/README.md b/vendor/github.com/klauspost/compress/README.md
new file mode 100644
index 000000000..de264c85a
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/README.md
@@ -0,0 +1,721 @@
+# compress
+
+This package provides various compression algorithms.
+
+* [zstandard](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression and decompression in pure Go.
+* [S2](https://github.com/klauspost/compress/tree/master/s2#s2-compression) is a high performance replacement for Snappy.
+* Optimized [deflate](https://godoc.org/github.com/klauspost/compress/flate) packages which can be used as a dropin replacement for [gzip](https://godoc.org/github.com/klauspost/compress/gzip), [zip](https://godoc.org/github.com/klauspost/compress/zip) and [zlib](https://godoc.org/github.com/klauspost/compress/zlib).
+* [snappy](https://github.com/klauspost/compress/tree/master/snappy) is a drop-in replacement for `github.com/golang/snappy` offering better compression and concurrent streams.
+* [huff0](https://github.com/klauspost/compress/tree/master/huff0) and [FSE](https://github.com/klauspost/compress/tree/master/fse) implementations for raw entropy encoding.
+* [gzhttp](https://github.com/klauspost/compress/tree/master/gzhttp) Provides client and server wrappers for handling gzipped requests efficiently.
+* [pgzip](https://github.com/klauspost/pgzip) is a separate package that provides a very fast parallel gzip implementation.
+
+[![Go Reference](https://pkg.go.dev/badge/klauspost/compress.svg)](https://pkg.go.dev/github.com/klauspost/compress?tab=subdirectories)
+[![Go](https://github.com/klauspost/compress/actions/workflows/go.yml/badge.svg)](https://github.com/klauspost/compress/actions/workflows/go.yml)
+[![Sourcegraph Badge](https://sourcegraph.com/github.com/klauspost/compress/-/badge.svg)](https://sourcegraph.com/github.com/klauspost/compress?badge)
+
+# changelog
+
+* Sep 23rd, 2024 - [1.17.10](https://github.com/klauspost/compress/releases/tag/v1.17.10)
+	* gzhttp: Add TransportAlwaysDecompress option. https://github.com/klauspost/compress/pull/978
+	* gzhttp: Add supported decompress request body by @mirecl in https://github.com/klauspost/compress/pull/1002
+	* s2: Add EncodeBuffer buffer recycling callback https://github.com/klauspost/compress/pull/982
+	* zstd: Improve memory usage on small streaming encodes https://github.com/klauspost/compress/pull/1007
+	* flate: read data written with partial flush by @vajexal in https://github.com/klauspost/compress/pull/996
+
+* Jun 12th, 2024 - [1.17.9](https://github.com/klauspost/compress/releases/tag/v1.17.9)
+	* s2: Reduce ReadFrom temporary allocations https://github.com/klauspost/compress/pull/949
+	* flate, zstd: Shave some bytes off amd64 matchLen by @greatroar in https://github.com/klauspost/compress/pull/963
+	* Upgrade zip/zlib to 1.22.4 upstream https://github.com/klauspost/compress/pull/970 https://github.com/klauspost/compress/pull/971
+	* zstd: BuildDict fails with RLE table https://github.com/klauspost/compress/pull/951
+
+* Apr 9th, 2024 - [1.17.8](https://github.com/klauspost/compress/releases/tag/v1.17.8)
+	* zstd: Reject blocks where reserved values are not 0 https://github.com/klauspost/compress/pull/885
+	* zstd: Add RLE detection+encoding https://github.com/klauspost/compress/pull/938
+
+* Feb 21st, 2024 - [1.17.7](https://github.com/klauspost/compress/releases/tag/v1.17.7)
+	* s2: Add AsyncFlush method: Complete the block without flushing by @Jille in https://github.com/klauspost/compress/pull/927
+	* s2: Fix literal+repeat exceeds dst crash https://github.com/klauspost/compress/pull/930
+  
+* Feb 5th, 2024 - [1.17.6](https://github.com/klauspost/compress/releases/tag/v1.17.6)
+	* zstd: Fix incorrect repeat coding in best mode https://github.com/klauspost/compress/pull/923
+	* s2: Fix DecodeConcurrent deadlock on errors https://github.com/klauspost/compress/pull/925
+  
+* Jan 26th, 2024 - [v1.17.5](https://github.com/klauspost/compress/releases/tag/v1.17.5)
+	* flate: Fix reset with dictionary on custom window encodes https://github.com/klauspost/compress/pull/912
+	* zstd: Add Frame header encoding and stripping https://github.com/klauspost/compress/pull/908
+	* zstd: Limit better/best default window to 8MB https://github.com/klauspost/compress/pull/913
+	* zstd: Speed improvements by @greatroar in https://github.com/klauspost/compress/pull/896 https://github.com/klauspost/compress/pull/910
+	* s2: Fix callbacks for skippable blocks and disallow 0xfe (Padding) by @Jille in https://github.com/klauspost/compress/pull/916 https://github.com/klauspost/compress/pull/917
+https://github.com/klauspost/compress/pull/919 https://github.com/klauspost/compress/pull/918
+
+* Dec 1st, 2023 - [v1.17.4](https://github.com/klauspost/compress/releases/tag/v1.17.4)
+	* huff0: Speed up symbol counting by @greatroar in https://github.com/klauspost/compress/pull/887
+	* huff0: Remove byteReader by @greatroar in https://github.com/klauspost/compress/pull/886
+	* gzhttp: Allow overriding decompression on transport https://github.com/klauspost/compress/pull/892
+	* gzhttp: Clamp compression level https://github.com/klauspost/compress/pull/890
+	* gzip: Error out if reserved bits are set https://github.com/klauspost/compress/pull/891
+
+* Nov 15th, 2023 - [v1.17.3](https://github.com/klauspost/compress/releases/tag/v1.17.3)
+	* fse: Fix max header size https://github.com/klauspost/compress/pull/881
+	* zstd: Improve better/best compression https://github.com/klauspost/compress/pull/877
+	* gzhttp: Fix missing content type on Close https://github.com/klauspost/compress/pull/883
+
+* Oct 22nd, 2023 - [v1.17.2](https://github.com/klauspost/compress/releases/tag/v1.17.2)
+	* zstd: Fix rare *CORRUPTION* output in "best" mode. See https://github.com/klauspost/compress/pull/876
+
+* Oct 14th, 2023 - [v1.17.1](https://github.com/klauspost/compress/releases/tag/v1.17.1)
+	* s2: Fix S2 "best" dictionary wrong encoding by @klauspost in https://github.com/klauspost/compress/pull/871
+	* flate: Reduce allocations in decompressor and minor code improvements by @fakefloordiv in https://github.com/klauspost/compress/pull/869
+	* s2: Fix EstimateBlockSize on 6&7 length input by @klauspost in https://github.com/klauspost/compress/pull/867
+
+* Sept 19th, 2023 - [v1.17.0](https://github.com/klauspost/compress/releases/tag/v1.17.0)
+	* Add experimental dictionary builder  https://github.com/klauspost/compress/pull/853
+	* Add xerial snappy read/writer https://github.com/klauspost/compress/pull/838
+	* flate: Add limited window compression https://github.com/klauspost/compress/pull/843
+	* s2: Do 2 overlapping match checks https://github.com/klauspost/compress/pull/839
+	* flate: Add amd64 assembly matchlen https://github.com/klauspost/compress/pull/837
+	* gzip: Copy bufio.Reader on Reset by @thatguystone in https://github.com/klauspost/compress/pull/860
+
+
      
+	See changes to v1.16.x
+
+   
+* July 1st, 2023 - [v1.16.7](https://github.com/klauspost/compress/releases/tag/v1.16.7)
+	* zstd: Fix default level first dictionary encode https://github.com/klauspost/compress/pull/829
+	* s2: add GetBufferCapacity() method by @GiedriusS in https://github.com/klauspost/compress/pull/832
+
+* June 13, 2023 - [v1.16.6](https://github.com/klauspost/compress/releases/tag/v1.16.6)
+	* zstd: correctly ignore WithEncoderPadding(1) by @ianlancetaylor in https://github.com/klauspost/compress/pull/806
+	* zstd: Add amd64 match length assembly https://github.com/klauspost/compress/pull/824
+	* gzhttp: Handle informational headers by @rtribotte in https://github.com/klauspost/compress/pull/815
+	* s2: Improve Better compression slightly https://github.com/klauspost/compress/pull/663
+
+* Apr 16, 2023 - [v1.16.5](https://github.com/klauspost/compress/releases/tag/v1.16.5)
+	* zstd: readByte needs to use io.ReadFull by @jnoxon in https://github.com/klauspost/compress/pull/802
+	* gzip: Fix WriterTo after initial read https://github.com/klauspost/compress/pull/804
+
+* Apr 5, 2023 - [v1.16.4](https://github.com/klauspost/compress/releases/tag/v1.16.4)
+	* zstd: Improve zstd best efficiency by @greatroar and @klauspost in https://github.com/klauspost/compress/pull/784
+	* zstd: Respect WithAllLitEntropyCompression https://github.com/klauspost/compress/pull/792
+	* zstd: Fix amd64 not always detecting corrupt data https://github.com/klauspost/compress/pull/785
+	* zstd: Various minor improvements by @greatroar in https://github.com/klauspost/compress/pull/788 https://github.com/klauspost/compress/pull/794 https://github.com/klauspost/compress/pull/795
+	* s2: Fix huge block overflow https://github.com/klauspost/compress/pull/779
+	* s2: Allow CustomEncoder fallback https://github.com/klauspost/compress/pull/780
+	* gzhttp: Support ResponseWriter Unwrap() in gzhttp handler by @jgimenez in https://github.com/klauspost/compress/pull/799
+
+* Mar 13, 2023 - [v1.16.1](https://github.com/klauspost/compress/releases/tag/v1.16.1)
+	* zstd: Speed up + improve best encoder by @greatroar in https://github.com/klauspost/compress/pull/776
+	* gzhttp: Add optional [BREACH mitigation](https://github.com/klauspost/compress/tree/master/gzhttp#breach-mitigation). https://github.com/klauspost/compress/pull/762 https://github.com/klauspost/compress/pull/768 https://github.com/klauspost/compress/pull/769 https://github.com/klauspost/compress/pull/770 https://github.com/klauspost/compress/pull/767
+	* s2: Add Intel LZ4s converter https://github.com/klauspost/compress/pull/766
+	* zstd: Minor bug fixes https://github.com/klauspost/compress/pull/771 https://github.com/klauspost/compress/pull/772 https://github.com/klauspost/compress/pull/773
+	* huff0: Speed up compress1xDo by @greatroar in https://github.com/klauspost/compress/pull/774
+
+* Feb 26, 2023 - [v1.16.0](https://github.com/klauspost/compress/releases/tag/v1.16.0)
+	* s2: Add [Dictionary](https://github.com/klauspost/compress/tree/master/s2#dictionaries) support.  https://github.com/klauspost/compress/pull/685
+	* s2: Add Compression Size Estimate.  https://github.com/klauspost/compress/pull/752
+	* s2: Add support for custom stream encoder. https://github.com/klauspost/compress/pull/755
+	* s2: Add LZ4 block converter. https://github.com/klauspost/compress/pull/748
+	* s2: Support io.ReaderAt in ReadSeeker. https://github.com/klauspost/compress/pull/747
+	* s2c/s2sx: Use concurrent decoding. https://github.com/klauspost/compress/pull/746
+
      
+
+
      
+	See changes to v1.15.x
+	
+* Jan 21st, 2023 (v1.15.15)
+	* deflate: Improve level 7-9 by @klauspost in https://github.com/klauspost/compress/pull/739
+	* zstd: Add delta encoding support by @greatroar in https://github.com/klauspost/compress/pull/728
+	* zstd: Various speed improvements by @greatroar https://github.com/klauspost/compress/pull/741 https://github.com/klauspost/compress/pull/734 https://github.com/klauspost/compress/pull/736 https://github.com/klauspost/compress/pull/744 https://github.com/klauspost/compress/pull/743 https://github.com/klauspost/compress/pull/745
+	* gzhttp: Add SuffixETag() and DropETag() options to prevent ETag collisions on compressed responses by @willbicks in https://github.com/klauspost/compress/pull/740
+
+* Jan 3rd, 2023 (v1.15.14)
+
+	* flate: Improve speed in big stateless blocks https://github.com/klauspost/compress/pull/718
+	* zstd: Minor speed tweaks by @greatroar in https://github.com/klauspost/compress/pull/716 https://github.com/klauspost/compress/pull/720
+	* export NoGzipResponseWriter for custom ResponseWriter wrappers by @harshavardhana in https://github.com/klauspost/compress/pull/722
+	* s2: Add example for indexing and existing stream https://github.com/klauspost/compress/pull/723
+
+* Dec 11, 2022 (v1.15.13)
+	* zstd: Add [MaxEncodedSize](https://pkg.go.dev/github.com/klauspost/compress@v1.15.13/zstd#Encoder.MaxEncodedSize) to encoder  https://github.com/klauspost/compress/pull/691
+	* zstd: Various tweaks and improvements https://github.com/klauspost/compress/pull/693 https://github.com/klauspost/compress/pull/695 https://github.com/klauspost/compress/pull/696 https://github.com/klauspost/compress/pull/701 https://github.com/klauspost/compress/pull/702 https://github.com/klauspost/compress/pull/703 https://github.com/klauspost/compress/pull/704 https://github.com/klauspost/compress/pull/705 https://github.com/klauspost/compress/pull/706 https://github.com/klauspost/compress/pull/707 https://github.com/klauspost/compress/pull/708
+
+* Oct 26, 2022 (v1.15.12)
+
+	* zstd: Tweak decoder allocs. https://github.com/klauspost/compress/pull/680
+	* gzhttp: Always delete `HeaderNoCompression` https://github.com/klauspost/compress/pull/683
+
+* Sept 26, 2022 (v1.15.11)
+
+	* flate: Improve level 1-3 compression  https://github.com/klauspost/compress/pull/678
+	* zstd: Improve "best" compression by @nightwolfz in https://github.com/klauspost/compress/pull/677
+	* zstd: Fix+reduce decompression allocations https://github.com/klauspost/compress/pull/668
+	* zstd: Fix non-effective noescape tag https://github.com/klauspost/compress/pull/667
+
+* Sept 16, 2022 (v1.15.10)
+
+	* zstd: Add [WithDecodeAllCapLimit](https://pkg.go.dev/github.com/klauspost/compress@v1.15.10/zstd#WithDecodeAllCapLimit) https://github.com/klauspost/compress/pull/649
+	* Add Go 1.19 - deprecate Go 1.16  https://github.com/klauspost/compress/pull/651
+	* flate: Improve level 5+6 compression https://github.com/klauspost/compress/pull/656
+	* zstd: Improve "better" compression  https://github.com/klauspost/compress/pull/657
+	* s2: Improve "best" compression https://github.com/klauspost/compress/pull/658
+	* s2: Improve "better" compression. https://github.com/klauspost/compress/pull/635
+	* s2: Slightly faster non-assembly decompression https://github.com/klauspost/compress/pull/646
+	* Use arrays for constant size copies https://github.com/klauspost/compress/pull/659
+
+* July 21, 2022 (v1.15.9)
+
+	* zstd: Fix decoder crash on amd64 (no BMI) on invalid input https://github.com/klauspost/compress/pull/645
+	* zstd: Disable decoder extended memory copies (amd64) due to possible crashes https://github.com/klauspost/compress/pull/644
+	* zstd: Allow single segments up to "max decoded size" by @klauspost in https://github.com/klauspost/compress/pull/643
+
+* July 13, 2022 (v1.15.8)
+
+	* gzip: fix stack exhaustion bug in Reader.Read https://github.com/klauspost/compress/pull/641
+	* s2: Add Index header trim/restore https://github.com/klauspost/compress/pull/638
+	* zstd: Optimize seqdeq amd64 asm by @greatroar in https://github.com/klauspost/compress/pull/636
+	* zstd: Improve decoder memcopy https://github.com/klauspost/compress/pull/637
+	* huff0: Pass a single bitReader pointer to asm by @greatroar in https://github.com/klauspost/compress/pull/634
+	* zstd: Branchless getBits for amd64 w/o BMI2 by @greatroar in https://github.com/klauspost/compress/pull/640
+	* gzhttp: Remove header before writing https://github.com/klauspost/compress/pull/639
+
+* June 29, 2022 (v1.15.7)
+
+	* s2: Fix absolute forward seeks  https://github.com/klauspost/compress/pull/633
+	* zip: Merge upstream  https://github.com/klauspost/compress/pull/631
+	* zip: Re-add zip64 fix https://github.com/klauspost/compress/pull/624
+	* zstd: translate fseDecoder.buildDtable into asm by @WojciechMula in https://github.com/klauspost/compress/pull/598
+	* flate: Faster histograms  https://github.com/klauspost/compress/pull/620
+	* deflate: Use compound hcode  https://github.com/klauspost/compress/pull/622
+
+* June 3, 2022 (v1.15.6)
+	* s2: Improve coding for long, close matches https://github.com/klauspost/compress/pull/613
+	* s2c: Add Snappy/S2 stream recompression https://github.com/klauspost/compress/pull/611
+	* zstd: Always use configured block size https://github.com/klauspost/compress/pull/605
+	* zstd: Fix incorrect hash table placement for dict encoding in default https://github.com/klauspost/compress/pull/606
+	* zstd: Apply default config to ZipDecompressor without options https://github.com/klauspost/compress/pull/608
+	* gzhttp: Exclude more common archive formats https://github.com/klauspost/compress/pull/612
+	* s2: Add ReaderIgnoreCRC https://github.com/klauspost/compress/pull/609
+	* s2: Remove sanity load on index creation https://github.com/klauspost/compress/pull/607
+	* snappy: Use dedicated function for scoring https://github.com/klauspost/compress/pull/614
+	* s2c+s2d: Use official snappy framed extension https://github.com/klauspost/compress/pull/610
+
+* May 25, 2022 (v1.15.5)
+	* s2: Add concurrent stream decompression https://github.com/klauspost/compress/pull/602
+	* s2: Fix final emit oob read crash on amd64 https://github.com/klauspost/compress/pull/601
+	* huff0: asm implementation of Decompress1X by @WojciechMula https://github.com/klauspost/compress/pull/596
+	* zstd: Use 1 less goroutine for stream decoding https://github.com/klauspost/compress/pull/588
+	* zstd: Copy literal in 16 byte blocks when possible https://github.com/klauspost/compress/pull/592
+	* zstd: Speed up when WithDecoderLowmem(false) https://github.com/klauspost/compress/pull/599
+	* zstd: faster next state update in BMI2 version of decode by @WojciechMula in https://github.com/klauspost/compress/pull/593
+	* huff0: Do not check max size when reading table. https://github.com/klauspost/compress/pull/586
+	* flate: Inplace hashing for level 7-9 by @klauspost in https://github.com/klauspost/compress/pull/590
+
+
+* May 11, 2022 (v1.15.4)
+	* huff0: decompress directly into output by @WojciechMula in [#577](https://github.com/klauspost/compress/pull/577)
+	* inflate: Keep dict on stack [#581](https://github.com/klauspost/compress/pull/581)
+	* zstd: Faster decoding memcopy in asm [#583](https://github.com/klauspost/compress/pull/583)
+	* zstd: Fix ignored crc [#580](https://github.com/klauspost/compress/pull/580)
+
+* May 5, 2022 (v1.15.3)
+	* zstd: Allow to ignore checksum checking by @WojciechMula [#572](https://github.com/klauspost/compress/pull/572)
+	* s2: Fix incorrect seek for io.SeekEnd in [#575](https://github.com/klauspost/compress/pull/575)
+
+* Apr 26, 2022 (v1.15.2)
+	* zstd: Add x86-64 assembly for decompression on streams and blocks. Contributed by [@WojciechMula](https://github.com/WojciechMula). Typically 2x faster.  [#528](https://github.com/klauspost/compress/pull/528) [#531](https://github.com/klauspost/compress/pull/531) [#545](https://github.com/klauspost/compress/pull/545) [#537](https://github.com/klauspost/compress/pull/537)
+	* zstd: Add options to ZipDecompressor and fixes [#539](https://github.com/klauspost/compress/pull/539)
+	* s2: Use sorted search for index [#555](https://github.com/klauspost/compress/pull/555)
+	* Minimum version is Go 1.16, added CI test on 1.18.
+
+* Mar 11, 2022 (v1.15.1)
+	* huff0: Add x86 assembly of Decode4X by @WojciechMula in [#512](https://github.com/klauspost/compress/pull/512)
+	* zstd: Reuse zip decoders in [#514](https://github.com/klauspost/compress/pull/514)
+	* zstd: Detect extra block data and report as corrupted in [#520](https://github.com/klauspost/compress/pull/520)
+	* zstd: Handle zero sized frame content size stricter in [#521](https://github.com/klauspost/compress/pull/521)
+	* zstd: Add stricter block size checks in [#523](https://github.com/klauspost/compress/pull/523)
+
+* Mar 3, 2022 (v1.15.0)
+	* zstd: Refactor decoder by @klauspost in [#498](https://github.com/klauspost/compress/pull/498)
+	* zstd: Add stream encoding without goroutines by @klauspost in [#505](https://github.com/klauspost/compress/pull/505)
+	* huff0: Prevent single blocks exceeding 16 bits by @klauspost in[#507](https://github.com/klauspost/compress/pull/507)
+	* flate: Inline literal emission by @klauspost in [#509](https://github.com/klauspost/compress/pull/509)
+	* gzhttp: Add zstd to transport by @klauspost in [#400](https://github.com/klauspost/compress/pull/400)
+	* gzhttp: Make content-type optional by @klauspost in [#510](https://github.com/klauspost/compress/pull/510)
+
+Both compression and decompression now supports "synchronous" stream operations. This means that whenever "concurrency" is set to 1, they will operate without spawning goroutines.
+
+Stream decompression is now faster on asynchronous, since the goroutine allocation much more effectively splits the workload. On typical streams this will typically use 2 cores fully for decompression. When a stream has finished decoding no goroutines will be left over, so decoders can now safely be pooled and still be garbage collected.
+
+While the release has been extensively tested, it is recommended to testing when upgrading.
+
+
      
+
+
      
+	See changes to v1.14.x
+	
+* Feb 22, 2022 (v1.14.4)
+	* flate: Fix rare huffman only (-2) corruption. [#503](https://github.com/klauspost/compress/pull/503)
+	* zip: Update deprecated CreateHeaderRaw to correctly call CreateRaw by @saracen in [#502](https://github.com/klauspost/compress/pull/502)
+	* zip: don't read data descriptor early by @saracen in [#501](https://github.com/klauspost/compress/pull/501)  #501
+	* huff0: Use static decompression buffer up to 30% faster by @klauspost in [#499](https://github.com/klauspost/compress/pull/499) [#500](https://github.com/klauspost/compress/pull/500)
+
+* Feb 17, 2022 (v1.14.3)
+	* flate: Improve fastest levels compression speed ~10% more throughput. [#482](https://github.com/klauspost/compress/pull/482) [#489](https://github.com/klauspost/compress/pull/489) [#490](https://github.com/klauspost/compress/pull/490) [#491](https://github.com/klauspost/compress/pull/491) [#494](https://github.com/klauspost/compress/pull/494)  [#478](https://github.com/klauspost/compress/pull/478)
+	* flate: Faster decompression speed, ~5-10%. [#483](https://github.com/klauspost/compress/pull/483)
+	* s2: Faster compression with Go v1.18 and amd64 microarch level 3+. [#484](https://github.com/klauspost/compress/pull/484) [#486](https://github.com/klauspost/compress/pull/486)
+
+* Jan 25, 2022 (v1.14.2)
+	* zstd: improve header decoder by @dsnet  [#476](https://github.com/klauspost/compress/pull/476)
+	* zstd: Add bigger default blocks  [#469](https://github.com/klauspost/compress/pull/469)
+	* zstd: Remove unused decompression buffer [#470](https://github.com/klauspost/compress/pull/470)
+	* zstd: Fix logically dead code by @ningmingxiao [#472](https://github.com/klauspost/compress/pull/472)
+	* flate: Improve level 7-9 [#471](https://github.com/klauspost/compress/pull/471) [#473](https://github.com/klauspost/compress/pull/473)
+	* zstd: Add noasm tag for xxhash [#475](https://github.com/klauspost/compress/pull/475)
+
+* Jan 11, 2022 (v1.14.1)
+	* s2: Add stream index in [#462](https://github.com/klauspost/compress/pull/462)
+	* flate: Speed and efficiency improvements in [#439](https://github.com/klauspost/compress/pull/439) [#461](https://github.com/klauspost/compress/pull/461) [#455](https://github.com/klauspost/compress/pull/455) [#452](https://github.com/klauspost/compress/pull/452) [#458](https://github.com/klauspost/compress/pull/458)
+	* zstd: Performance improvement in [#420]( https://github.com/klauspost/compress/pull/420) [#456](https://github.com/klauspost/compress/pull/456) [#437](https://github.com/klauspost/compress/pull/437) [#467](https://github.com/klauspost/compress/pull/467) [#468](https://github.com/klauspost/compress/pull/468)
+	* zstd: add arm64 xxhash assembly in [#464](https://github.com/klauspost/compress/pull/464)
+	* Add garbled for binaries for s2 in [#445](https://github.com/klauspost/compress/pull/445)
+
      
+
+
      
+	See changes to v1.13.x
+	
+* Aug 30, 2021 (v1.13.5)
+	* gz/zlib/flate: Alias stdlib errors [#425](https://github.com/klauspost/compress/pull/425)
+	* s2: Add block support to commandline tools [#413](https://github.com/klauspost/compress/pull/413)
+	* zstd: pooledZipWriter should return Writers to the same pool [#426](https://github.com/klauspost/compress/pull/426)
+	* Removed golang/snappy as external dependency for tests [#421](https://github.com/klauspost/compress/pull/421)
+
+* Aug 12, 2021 (v1.13.4)
+	* Add [snappy replacement package](https://github.com/klauspost/compress/tree/master/snappy).
+	* zstd: Fix incorrect encoding in "best" mode [#415](https://github.com/klauspost/compress/pull/415)
+
+* Aug 3, 2021 (v1.13.3) 
+	* zstd: Improve Best compression [#404](https://github.com/klauspost/compress/pull/404)
+	* zstd: Fix WriteTo error forwarding [#411](https://github.com/klauspost/compress/pull/411)
+	* gzhttp: Return http.HandlerFunc instead of http.Handler. Unlikely breaking change. [#406](https://github.com/klauspost/compress/pull/406)
+	* s2sx: Fix max size error [#399](https://github.com/klauspost/compress/pull/399)
+	* zstd: Add optional stream content size on reset [#401](https://github.com/klauspost/compress/pull/401)
+	* zstd: use SpeedBestCompression for level >= 10 [#410](https://github.com/klauspost/compress/pull/410)
+
+* Jun 14, 2021 (v1.13.1)
+	* s2: Add full Snappy output support  [#396](https://github.com/klauspost/compress/pull/396)
+	* zstd: Add configurable [Decoder window](https://pkg.go.dev/github.com/klauspost/compress/zstd#WithDecoderMaxWindow) size [#394](https://github.com/klauspost/compress/pull/394)
+	* gzhttp: Add header to skip compression  [#389](https://github.com/klauspost/compress/pull/389)
+	* s2: Improve speed with bigger output margin  [#395](https://github.com/klauspost/compress/pull/395)
+
+* Jun 3, 2021 (v1.13.0)
+	* Added [gzhttp](https://github.com/klauspost/compress/tree/master/gzhttp#gzip-handler) which allows wrapping HTTP servers and clients with GZIP compressors.
+	* zstd: Detect short invalid signatures [#382](https://github.com/klauspost/compress/pull/382)
+	* zstd: Spawn decoder goroutine only if needed. [#380](https://github.com/klauspost/compress/pull/380)
+
      
+
+
+
      
+	See changes to v1.12.x
+	
+* May 25, 2021 (v1.12.3)
+	* deflate: Better/faster Huffman encoding [#374](https://github.com/klauspost/compress/pull/374)
+	* deflate: Allocate less for history. [#375](https://github.com/klauspost/compress/pull/375)
+	* zstd: Forward read errors [#373](https://github.com/klauspost/compress/pull/373) 
+
+* Apr 27, 2021 (v1.12.2)
+	* zstd: Improve better/best compression [#360](https://github.com/klauspost/compress/pull/360) [#364](https://github.com/klauspost/compress/pull/364) [#365](https://github.com/klauspost/compress/pull/365)
+	* zstd: Add helpers to compress/decompress zstd inside zip files [#363](https://github.com/klauspost/compress/pull/363)
+	* deflate: Improve level 5+6 compression [#367](https://github.com/klauspost/compress/pull/367)
+	* s2: Improve better/best compression [#358](https://github.com/klauspost/compress/pull/358) [#359](https://github.com/klauspost/compress/pull/358)
+	* s2: Load after checking src limit on amd64. [#362](https://github.com/klauspost/compress/pull/362)
+	* s2sx: Limit max executable size [#368](https://github.com/klauspost/compress/pull/368) 
+
+* Apr 14, 2021 (v1.12.1)
+	* snappy package removed. Upstream added as dependency.
+	* s2: Better compression in "best" mode [#353](https://github.com/klauspost/compress/pull/353)
+	* s2sx: Add stdin input and detect pre-compressed from signature [#352](https://github.com/klauspost/compress/pull/352)
+	* s2c/s2d: Add http as possible input [#348](https://github.com/klauspost/compress/pull/348)
+	* s2c/s2d/s2sx: Always truncate when writing files [#352](https://github.com/klauspost/compress/pull/352)
+	* zstd: Reduce memory usage further when using [WithLowerEncoderMem](https://pkg.go.dev/github.com/klauspost/compress/zstd#WithLowerEncoderMem) [#346](https://github.com/klauspost/compress/pull/346)
+	* s2: Fix potential problem with amd64 assembly and profilers [#349](https://github.com/klauspost/compress/pull/349)
+
      
+
+
      
+	See changes to v1.11.x
+	
+* Mar 26, 2021 (v1.11.13)
+	* zstd: Big speedup on small dictionary encodes [#344](https://github.com/klauspost/compress/pull/344) [#345](https://github.com/klauspost/compress/pull/345)
+	* zstd: Add [WithLowerEncoderMem](https://pkg.go.dev/github.com/klauspost/compress/zstd#WithLowerEncoderMem) encoder option [#336](https://github.com/klauspost/compress/pull/336)
+	* deflate: Improve entropy compression [#338](https://github.com/klauspost/compress/pull/338)
+	* s2: Clean up and minor performance improvement in best [#341](https://github.com/klauspost/compress/pull/341)
+
+* Mar 5, 2021 (v1.11.12)
+	* s2: Add `s2sx` binary that creates [self extracting archives](https://github.com/klauspost/compress/tree/master/s2#s2sx-self-extracting-archives).
+	* s2: Speed up decompression on non-assembly platforms [#328](https://github.com/klauspost/compress/pull/328)
+
+* Mar 1, 2021 (v1.11.9)
+	* s2: Add ARM64 decompression assembly. Around 2x output speed. [#324](https://github.com/klauspost/compress/pull/324)
+	* s2: Improve "better" speed and efficiency. [#325](https://github.com/klauspost/compress/pull/325)
+	* s2: Fix binaries.
+
+* Feb 25, 2021 (v1.11.8)
+	* s2: Fixed occasional out-of-bounds write on amd64. Upgrade recommended.
+	* s2: Add AMD64 assembly for better mode. 25-50% faster. [#315](https://github.com/klauspost/compress/pull/315)
+	* s2: Less upfront decoder allocation. [#322](https://github.com/klauspost/compress/pull/322)
+	* zstd: Faster "compression" of incompressible data. [#314](https://github.com/klauspost/compress/pull/314)
+	* zip: Fix zip64 headers. [#313](https://github.com/klauspost/compress/pull/313)
+  
+* Jan 14, 2021 (v1.11.7)
+	* Use Bytes() interface to get bytes across packages. [#309](https://github.com/klauspost/compress/pull/309)
+	* s2: Add 'best' compression option.  [#310](https://github.com/klauspost/compress/pull/310)
+	* s2: Add ReaderMaxBlockSize, changes `s2.NewReader` signature to include varargs. [#311](https://github.com/klauspost/compress/pull/311)
+	* s2: Fix crash on small better buffers. [#308](https://github.com/klauspost/compress/pull/308)
+	* s2: Clean up decoder. [#312](https://github.com/klauspost/compress/pull/312)
+
+* Jan 7, 2021 (v1.11.6)
+	* zstd: Make decoder allocations smaller [#306](https://github.com/klauspost/compress/pull/306)
+	* zstd: Free Decoder resources when Reset is called with a nil io.Reader  [#305](https://github.com/klauspost/compress/pull/305)
+
+* Dec 20, 2020 (v1.11.4)
+	* zstd: Add Best compression mode [#304](https://github.com/klauspost/compress/pull/304)
+	* Add header decoder [#299](https://github.com/klauspost/compress/pull/299)
+	* s2: Add uncompressed stream option [#297](https://github.com/klauspost/compress/pull/297)
+	* Simplify/speed up small blocks with known max size. [#300](https://github.com/klauspost/compress/pull/300)
+	* zstd: Always reset literal dict encoder [#303](https://github.com/klauspost/compress/pull/303)
+
+* Nov 15, 2020 (v1.11.3)
+	* inflate: 10-15% faster decompression  [#293](https://github.com/klauspost/compress/pull/293)
+	* zstd: Tweak DecodeAll default allocation [#295](https://github.com/klauspost/compress/pull/295)
+
+* Oct 11, 2020 (v1.11.2)
+	* s2: Fix out of bounds read in "better" block compression [#291](https://github.com/klauspost/compress/pull/291)
+
+* Oct 1, 2020 (v1.11.1)
+	* zstd: Set allLitEntropy true in default configuration [#286](https://github.com/klauspost/compress/pull/286)
+
+* Sept 8, 2020 (v1.11.0)
+	* zstd: Add experimental compression [dictionaries](https://github.com/klauspost/compress/tree/master/zstd#dictionaries) [#281](https://github.com/klauspost/compress/pull/281)
+	* zstd: Fix mixed Write and ReadFrom calls [#282](https://github.com/klauspost/compress/pull/282)
+	* inflate/gz: Limit variable shifts, ~5% faster decompression [#274](https://github.com/klauspost/compress/pull/274)
+
      
+
+
      
+	See changes to v1.10.x
+ 
+* July 8, 2020 (v1.10.11) 
+	* zstd: Fix extra block when compressing with ReadFrom. [#278](https://github.com/klauspost/compress/pull/278)
+	* huff0: Also populate compression table when reading decoding table. [#275](https://github.com/klauspost/compress/pull/275)
+	
+* June 23, 2020 (v1.10.10) 
+	* zstd: Skip entropy compression in fastest mode when no matches. [#270](https://github.com/klauspost/compress/pull/270)
+	
+* June 16, 2020 (v1.10.9): 
+	* zstd: API change for specifying dictionaries. See [#268](https://github.com/klauspost/compress/pull/268)
+	* zip: update CreateHeaderRaw to handle zip64 fields. [#266](https://github.com/klauspost/compress/pull/266)
+	* Fuzzit tests removed. The service has been purchased and is no longer available.
+	
+* June 5, 2020 (v1.10.8): 
+	* 1.15x faster zstd block decompression. [#265](https://github.com/klauspost/compress/pull/265)
+	
+* June 1, 2020 (v1.10.7): 
+	* Added zstd decompression [dictionary support](https://github.com/klauspost/compress/tree/master/zstd#dictionaries)
+	* Increase zstd decompression speed up to 1.19x.  [#259](https://github.com/klauspost/compress/pull/259)
+	* Remove internal reset call in zstd compression and reduce allocations. [#263](https://github.com/klauspost/compress/pull/263)
+	
+* May 21, 2020: (v1.10.6) 
+	* zstd: Reduce allocations while decoding. [#258](https://github.com/klauspost/compress/pull/258), [#252](https://github.com/klauspost/compress/pull/252)
+	* zstd: Stricter decompression checks.
+	
+* April 12, 2020: (v1.10.5)
+	* s2-commands: Flush output when receiving SIGINT. [#239](https://github.com/klauspost/compress/pull/239)
+	
+* Apr 8, 2020: (v1.10.4) 
+	* zstd: Minor/special case optimizations. [#251](https://github.com/klauspost/compress/pull/251),  [#250](https://github.com/klauspost/compress/pull/250),  [#249](https://github.com/klauspost/compress/pull/249),  [#247](https://github.com/klauspost/compress/pull/247)
+* Mar 11, 2020: (v1.10.3) 
+	* s2: Use S2 encoder in pure Go mode for Snappy output as well. [#245](https://github.com/klauspost/compress/pull/245)
+	* s2: Fix pure Go block encoder. [#244](https://github.com/klauspost/compress/pull/244)
+	* zstd: Added "better compression" mode. [#240](https://github.com/klauspost/compress/pull/240)
+	* zstd: Improve speed of fastest compression mode by 5-10% [#241](https://github.com/klauspost/compress/pull/241)
+	* zstd: Skip creating encoders when not needed. [#238](https://github.com/klauspost/compress/pull/238)
+	
+* Feb 27, 2020: (v1.10.2) 
+	* Close to 50% speedup in inflate (gzip/zip decompression). [#236](https://github.com/klauspost/compress/pull/236) [#234](https://github.com/klauspost/compress/pull/234) [#232](https://github.com/klauspost/compress/pull/232)
+	* Reduce deflate level 1-6 memory usage up to 59%. [#227](https://github.com/klauspost/compress/pull/227)
+	
+* Feb 18, 2020: (v1.10.1)
+	* Fix zstd crash when resetting multiple times without sending data. [#226](https://github.com/klauspost/compress/pull/226)
+	* deflate: Fix dictionary use on level 1-6. [#224](https://github.com/klauspost/compress/pull/224)
+	* Remove deflate writer reference when closing. [#224](https://github.com/klauspost/compress/pull/224)
+	
+* Feb 4, 2020: (v1.10.0) 
+	* Add optional dictionary to [stateless deflate](https://pkg.go.dev/github.com/klauspost/compress/flate?tab=doc#StatelessDeflate). Breaking change, send `nil` for previous behaviour. [#216](https://github.com/klauspost/compress/pull/216)
+	* Fix buffer overflow on repeated small block deflate.  [#218](https://github.com/klauspost/compress/pull/218)
+	* Allow copying content from an existing ZIP file without decompressing+compressing. [#214](https://github.com/klauspost/compress/pull/214)
+	* Added [S2](https://github.com/klauspost/compress/tree/master/s2#s2-compression) AMD64 assembler and various optimizations. Stream speed >10GB/s.  [#186](https://github.com/klauspost/compress/pull/186)
+
+
      
+
+
      
+	See changes prior to v1.10.0
+
+* Jan 20,2020 (v1.9.8) Optimize gzip/deflate with better size estimates and faster table generation. [#207](https://github.com/klauspost/compress/pull/207) by [luyu6056](https://github.com/luyu6056),  [#206](https://github.com/klauspost/compress/pull/206).
+* Jan 11, 2020: S2 Encode/Decode will use provided buffer if capacity is big enough. [#204](https://github.com/klauspost/compress/pull/204) 
+* Jan 5, 2020: (v1.9.7) Fix another zstd regression in v1.9.5 - v1.9.6 removed.
+* Jan 4, 2020: (v1.9.6) Regression in v1.9.5 fixed causing corrupt zstd encodes in rare cases.
+* Jan 4, 2020: Faster IO in [s2c + s2d commandline tools](https://github.com/klauspost/compress/tree/master/s2#commandline-tools) compression/decompression. [#192](https://github.com/klauspost/compress/pull/192)
+* Dec 29, 2019: Removed v1.9.5 since fuzz tests showed a compatibility problem with the reference zstandard decoder.
+* Dec 29, 2019: (v1.9.5) zstd: 10-20% faster block compression. [#199](https://github.com/klauspost/compress/pull/199)
+* Dec 29, 2019: [zip](https://godoc.org/github.com/klauspost/compress/zip) package updated with latest Go features
+* Dec 29, 2019: zstd: Single segment flag condintions tweaked. [#197](https://github.com/klauspost/compress/pull/197)
+* Dec 18, 2019: s2: Faster compression when ReadFrom is used. [#198](https://github.com/klauspost/compress/pull/198)
+* Dec 10, 2019: s2: Fix repeat length output when just above at 16MB limit.
+* Dec 10, 2019: zstd: Add function to get decoder as io.ReadCloser. [#191](https://github.com/klauspost/compress/pull/191)
+* Dec 3, 2019: (v1.9.4) S2: limit max repeat length. [#188](https://github.com/klauspost/compress/pull/188)
+* Dec 3, 2019: Add [WithNoEntropyCompression](https://godoc.org/github.com/klauspost/compress/zstd#WithNoEntropyCompression) to zstd [#187](https://github.com/klauspost/compress/pull/187)
+* Dec 3, 2019: Reduce memory use for tests. Check for leaked goroutines.
+* Nov 28, 2019 (v1.9.3) Less allocations in stateless deflate.
+* Nov 28, 2019: 5-20% Faster huff0 decode. Impacts zstd as well. [#184](https://github.com/klauspost/compress/pull/184)
+* Nov 12, 2019 (v1.9.2) Added [Stateless Compression](#stateless-compression) for gzip/deflate.
+* Nov 12, 2019: Fixed zstd decompression of large single blocks. [#180](https://github.com/klauspost/compress/pull/180)
+* Nov 11, 2019: Set default  [s2c](https://github.com/klauspost/compress/tree/master/s2#commandline-tools) block size to 4MB.
+* Nov 11, 2019: Reduce inflate memory use by 1KB.
+* Nov 10, 2019: Less allocations in deflate bit writer.
+* Nov 10, 2019: Fix inconsistent error returned by zstd decoder.
+* Oct 28, 2019 (v1.9.1) ztsd: Fix crash when compressing blocks. [#174](https://github.com/klauspost/compress/pull/174)
+* Oct 24, 2019 (v1.9.0) zstd: Fix rare data corruption [#173](https://github.com/klauspost/compress/pull/173)
+* Oct 24, 2019 zstd: Fix huff0 out of buffer write [#171](https://github.com/klauspost/compress/pull/171) and always return errors [#172](https://github.com/klauspost/compress/pull/172) 
+* Oct 10, 2019: Big deflate rewrite, 30-40% faster with better compression [#105](https://github.com/klauspost/compress/pull/105)
+
+
      
+
+
      
+	See changes prior to v1.9.0
+
+* Oct 10, 2019: (v1.8.6) zstd: Allow partial reads to get flushed data. [#169](https://github.com/klauspost/compress/pull/169)
+* Oct 3, 2019: Fix inconsistent results on broken zstd streams.
+* Sep 25, 2019: Added `-rm` (remove source files) and `-q` (no output except errors) to `s2c` and `s2d` [commands](https://github.com/klauspost/compress/tree/master/s2#commandline-tools)
+* Sep 16, 2019: (v1.8.4) Add `s2c` and `s2d` [commandline tools](https://github.com/klauspost/compress/tree/master/s2#commandline-tools).
+* Sep 10, 2019: (v1.8.3) Fix s2 decoder [Skip](https://godoc.org/github.com/klauspost/compress/s2#Reader.Skip).
+* Sep 7, 2019: zstd: Added [WithWindowSize](https://godoc.org/github.com/klauspost/compress/zstd#WithWindowSize), contributed by [ianwilkes](https://github.com/ianwilkes).
+* Sep 5, 2019: (v1.8.2) Add [WithZeroFrames](https://godoc.org/github.com/klauspost/compress/zstd#WithZeroFrames) which adds full zero payload block encoding option.
+* Sep 5, 2019: Lazy initialization of zstandard predefined en/decoder tables.
+* Aug 26, 2019: (v1.8.1) S2: 1-2% compression increase in "better" compression mode.
+* Aug 26, 2019: zstd: Check maximum size of Huffman 1X compressed literals while decoding.
+* Aug 24, 2019: (v1.8.0) Added [S2 compression](https://github.com/klauspost/compress/tree/master/s2#s2-compression), a high performance replacement for Snappy. 
+* Aug 21, 2019: (v1.7.6) Fixed minor issues found by fuzzer. One could lead to zstd not decompressing.
+* Aug 18, 2019: Add [fuzzit](https://fuzzit.dev/) continuous fuzzing.
+* Aug 14, 2019: zstd: Skip incompressible data 2x faster.  [#147](https://github.com/klauspost/compress/pull/147)
+* Aug 4, 2019 (v1.7.5): Better literal compression. [#146](https://github.com/klauspost/compress/pull/146)
+* Aug 4, 2019: Faster zstd compression. [#143](https://github.com/klauspost/compress/pull/143) [#144](https://github.com/klauspost/compress/pull/144)
+* Aug 4, 2019: Faster zstd decompression. [#145](https://github.com/klauspost/compress/pull/145) [#143](https://github.com/klauspost/compress/pull/143) [#142](https://github.com/klauspost/compress/pull/142)
+* July 15, 2019 (v1.7.4): Fix double EOF block in rare cases on zstd encoder.
+* July 15, 2019 (v1.7.3): Minor speedup/compression increase in default zstd encoder.
+* July 14, 2019: zstd decoder: Fix decompression error on multiple uses with mixed content.
+* July 7, 2019 (v1.7.2): Snappy update, zstd decoder potential race fix.
+* June 17, 2019: zstd decompression bugfix.
+* June 17, 2019: fix 32 bit builds.
+* June 17, 2019: Easier use in modules (less dependencies).
+* June 9, 2019: New stronger "default" [zstd](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression mode. Matches zstd default compression ratio.
+* June 5, 2019: 20-40% throughput in [zstandard](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression and better compression.
+* June 5, 2019: deflate/gzip compression: Reduce memory usage of lower compression levels.
+* June 2, 2019: Added [zstandard](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression!
+* May 25, 2019: deflate/gzip: 10% faster bit writer, mostly visible in lower levels.
+* Apr 22, 2019: [zstd](https://github.com/klauspost/compress/tree/master/zstd#zstd) decompression added.
+* Aug 1, 2018: Added [huff0 README](https://github.com/klauspost/compress/tree/master/huff0#huff0-entropy-compression).
+* Jul 8, 2018: Added [Performance Update 2018](#performance-update-2018) below.
+* Jun 23, 2018: Merged [Go 1.11 inflate optimizations](https://go-review.googlesource.com/c/go/+/102235). Go 1.9 is now required. Backwards compatible version tagged with [v1.3.0](https://github.com/klauspost/compress/releases/tag/v1.3.0).
+* Apr 2, 2018: Added [huff0](https://godoc.org/github.com/klauspost/compress/huff0) en/decoder. Experimental for now, API may change.
+* Mar 4, 2018: Added [FSE Entropy](https://godoc.org/github.com/klauspost/compress/fse) en/decoder. Experimental for now, API may change.
+* Nov 3, 2017: Add compression [Estimate](https://godoc.org/github.com/klauspost/compress#Estimate) function.
+* May 28, 2017: Reduce allocations when resetting decoder.
+* Apr 02, 2017: Change back to official crc32, since changes were merged in Go 1.7.
+* Jan 14, 2017: Reduce stack pressure due to array copies. See [Issue #18625](https://github.com/golang/go/issues/18625).
+* Oct 25, 2016: Level 2-4 have been rewritten and now offers significantly better performance than before.
+* Oct 20, 2016: Port zlib changes from Go 1.7 to fix zlib writer issue. Please update.
+* Oct 16, 2016: Go 1.7 changes merged. Apples to apples this package is a few percent faster, but has a significantly better balance between speed and compression per level. 
+* Mar 24, 2016: Always attempt Huffman encoding on level 4-7. This improves base 64 encoded data compression.
+* Mar 24, 2016: Small speedup for level 1-3.
+* Feb 19, 2016: Faster bit writer, level -2 is 15% faster, level 1 is 4% faster.
+* Feb 19, 2016: Handle small payloads faster in level 1-3.
+* Feb 19, 2016: Added faster level 2 + 3 compression modes.
+* Feb 19, 2016: [Rebalanced compression levels](https://blog.klauspost.com/rebalancing-deflate-compression-levels/), so there is a more even progression in terms of compression. New default level is 5.
+* Feb 14, 2016: Snappy: Merge upstream changes. 
+* Feb 14, 2016: Snappy: Fix aggressive skipping.
+* Feb 14, 2016: Snappy: Update benchmark.
+* Feb 13, 2016: Deflate: Fixed assembler problem that could lead to sub-optimal compression.
+* Feb 12, 2016: Snappy: Added AMD64 SSE 4.2 optimizations to matching, which makes easy to compress material run faster. Typical speedup is around 25%.
+* Feb 9, 2016: Added Snappy package fork. This version is 5-7% faster, much more on hard to compress content.
+* Jan 30, 2016: Optimize level 1 to 3 by not considering static dictionary or storing uncompressed. ~4-5% speedup.
+* Jan 16, 2016: Optimization on deflate level 1,2,3 compression.
+* Jan 8 2016: Merge [CL 18317](https://go-review.googlesource.com/#/c/18317): fix reading, writing of zip64 archives.
+* Dec 8 2015: Make level 1 and -2 deterministic even if write size differs.
+* Dec 8 2015: Split encoding functions, so hashing and matching can potentially be inlined. 1-3% faster on AMD64. 5% faster on other platforms.
+* Dec 8 2015: Fixed rare [one byte out-of bounds read](https://github.com/klauspost/compress/issues/20). Please update!
+* Nov 23 2015: Optimization on token writer. ~2-4% faster. Contributed by [@dsnet](https://github.com/dsnet).
+* Nov 20 2015: Small optimization to bit writer on 64 bit systems.
+* Nov 17 2015: Fixed out-of-bound errors if the underlying Writer returned an error. See [#15](https://github.com/klauspost/compress/issues/15).
+* Nov 12 2015: Added [io.WriterTo](https://golang.org/pkg/io/#WriterTo) support to gzip/inflate.
+* Nov 11 2015: Merged [CL 16669](https://go-review.googlesource.com/#/c/16669/4): archive/zip: enable overriding (de)compressors per file
+* Oct 15 2015: Added skipping on uncompressible data. Random data speed up >5x.
+
+
      
+
+# deflate usage
+
+The packages are drop-in replacements for standard libraries. Simply replace the import path to use them:
+
+| old import         | new import                              | Documentation
+|--------------------|-----------------------------------------|--------------------|
+| `compress/gzip`    | `github.com/klauspost/compress/gzip`    | [gzip](https://pkg.go.dev/github.com/klauspost/compress/gzip?tab=doc)
+| `compress/zlib`    | `github.com/klauspost/compress/zlib`    | [zlib](https://pkg.go.dev/github.com/klauspost/compress/zlib?tab=doc)
+| `archive/zip`      | `github.com/klauspost/compress/zip`     | [zip](https://pkg.go.dev/github.com/klauspost/compress/zip?tab=doc)
+| `compress/flate`   | `github.com/klauspost/compress/flate`   | [flate](https://pkg.go.dev/github.com/klauspost/compress/flate?tab=doc)
+
+* Optimized [deflate](https://godoc.org/github.com/klauspost/compress/flate) packages which can be used as a dropin replacement for [gzip](https://godoc.org/github.com/klauspost/compress/gzip), [zip](https://godoc.org/github.com/klauspost/compress/zip) and [zlib](https://godoc.org/github.com/klauspost/compress/zlib).
+
+You may also be interested in [pgzip](https://github.com/klauspost/pgzip), which is a drop in replacement for gzip, which support multithreaded compression on big files and the optimized [crc32](https://github.com/klauspost/crc32) package used by these packages.
+
+The packages contains the same as the standard library, so you can use the godoc for that: [gzip](http://golang.org/pkg/compress/gzip/), [zip](http://golang.org/pkg/archive/zip/),  [zlib](http://golang.org/pkg/compress/zlib/), [flate](http://golang.org/pkg/compress/flate/).
+
+Currently there is only minor speedup on decompression (mostly CRC32 calculation).
+
+Memory usage is typically 1MB for a Writer. stdlib is in the same range. 
+If you expect to have a lot of concurrently allocated Writers consider using 
+the stateless compress described below.
+
+For compression performance, see: [this spreadsheet](https://docs.google.com/spreadsheets/d/1nuNE2nPfuINCZJRMt6wFWhKpToF95I47XjSsc-1rbPQ/edit?usp=sharing).
+
+To disable all assembly add `-tags=noasm`. This works across all packages.
+
+# Stateless compression
+
+This package offers stateless compression as a special option for gzip/deflate. 
+It will do compression but without maintaining any state between Write calls.
+
+This means there will be no memory kept between Write calls, but compression and speed will be suboptimal.
+
+This is only relevant in cases where you expect to run many thousands of compressors concurrently, 
+but with very little activity. This is *not* intended for regular web servers serving individual requests.  
+
+Because of this, the size of actual Write calls will affect output size.
+
+In gzip, specify level `-3` / `gzip.StatelessCompression` to enable.
+
+For direct deflate use, NewStatelessWriter and StatelessDeflate are available. See [documentation](https://godoc.org/github.com/klauspost/compress/flate#NewStatelessWriter)
+
+A `bufio.Writer` can of course be used to control write sizes. For example, to use a 4KB buffer:
+
+```go
+	// replace 'ioutil.Discard' with your output.
+	gzw, err := gzip.NewWriterLevel(ioutil.Discard, gzip.StatelessCompression)
+	if err != nil {
+		return err
+	}
+	defer gzw.Close()
+
+	w := bufio.NewWriterSize(gzw, 4096)
+	defer w.Flush()
+	
+	// Write to 'w' 
+```
+
+This will only use up to 4KB in memory when the writer is idle. 
+
+Compression is almost always worse than the fastest compression level 
+and each write will allocate (a little) memory. 
+
+# Performance Update 2018
+
+It has been a while since we have been looking at the speed of this package compared to the standard library, so I thought I would re-do my tests and give some overall recommendations based on the current state. All benchmarks have been performed with Go 1.10 on my Desktop Intel(R) Core(TM) i7-2600 CPU @3.40GHz. Since I last ran the tests, I have gotten more RAM, which means tests with big files are no longer limited by my SSD.
+
+The raw results are in my [updated spreadsheet](https://docs.google.com/spreadsheets/d/1nuNE2nPfuINCZJRMt6wFWhKpToF95I47XjSsc-1rbPQ/edit?usp=sharing). Due to cgo changes and upstream updates i could not get the cgo version of gzip to compile. Instead I included the [zstd](https://github.com/datadog/zstd) cgo implementation. If I get cgo gzip to work again, I might replace the results in the sheet.
+
+The columns to take note of are: *MB/s* - the throughput. *Reduction* - the data size reduction in percent of the original. *Rel Speed* relative speed compared to the standard library at the same level. *Smaller* - how many percent smaller is the compressed output compared to stdlib. Negative means the output was bigger. *Loss* means the loss (or gain) in compression as a percentage difference of the input.
+
+The `gzstd` (standard library gzip) and `gzkp` (this package gzip) only uses one CPU core. [`pgzip`](https://github.com/klauspost/pgzip), [`bgzf`](https://github.com/biogo/hts/tree/master/bgzf) uses all 4 cores. [`zstd`](https://github.com/DataDog/zstd) uses one core, and is a beast (but not Go, yet).
+
+
+## Overall differences.
+
+There appears to be a roughly 5-10% speed advantage over the standard library when comparing at similar compression levels.
+
+The biggest difference you will see is the result of [re-balancing](https://blog.klauspost.com/rebalancing-deflate-compression-levels/) the compression levels. I wanted by library to give a smoother transition between the compression levels than the standard library.
+
+This package attempts to provide a more smooth transition, where "1" is taking a lot of shortcuts, "5" is the reasonable trade-off and "9" is the "give me the best compression", and the values in between gives something reasonable in between. The standard library has big differences in levels 1-4, but levels 5-9 having no significant gains - often spending a lot more time than can be justified by the achieved compression.
+
+There are links to all the test data in the [spreadsheet](https://docs.google.com/spreadsheets/d/1nuNE2nPfuINCZJRMt6wFWhKpToF95I47XjSsc-1rbPQ/edit?usp=sharing) in the top left field on each tab.
+
+## Web Content
+
+This test set aims to emulate typical use in a web server. The test-set is 4GB data in 53k files, and is a mixture of (mostly) HTML, JS, CSS.
+
+Since level 1 and 9 are close to being the same code, they are quite close. But looking at the levels in-between the differences are quite big.
+
+Looking at level 6, this package is 88% faster, but will output about 6% more data. For a web server, this means you can serve 88% more data, but have to pay for 6% more bandwidth. You can draw your own conclusions on what would be the most expensive for your case.
+
+## Object files
+
+This test is for typical data files stored on a server. In this case it is a collection of Go precompiled objects. They are very compressible.
+
+The picture is similar to the web content, but with small differences since this is very compressible. Levels 2-3 offer good speed, but is sacrificing quite a bit of compression. 
+
+The standard library seems suboptimal on level 3 and 4 - offering both worse compression and speed than level 6 & 7 of this package respectively.
+
+## Highly Compressible File
+
+This is a JSON file with very high redundancy. The reduction starts at 95% on level 1, so in real life terms we are dealing with something like a highly redundant stream of data, etc.
+
+It is definitely visible that we are dealing with specialized content here, so the results are very scattered. This package does not do very well at levels 1-4, but picks up significantly at level 5 and levels 7 and 8 offering great speed for the achieved compression.
+
+So if you know you content is extremely compressible you might want to go slightly higher than the defaults. The standard library has a huge gap between levels 3 and 4 in terms of speed (2.75x slowdown), so it offers little "middle ground".
+
+## Medium-High Compressible
+
+This is a pretty common test corpus: [enwik9](http://mattmahoney.net/dc/textdata.html). It contains the first 10^9 bytes of the English Wikipedia dump on Mar. 3, 2006. This is a very good test of typical text based compression and more data heavy streams.
+
+We see a similar picture here as in "Web Content". On equal levels some compression is sacrificed for more speed. Level 5 seems to be the best trade-off between speed and size, beating stdlib level 3 in both.
+
+## Medium Compressible
+
+I will combine two test sets, one [10GB file set](http://mattmahoney.net/dc/10gb.html) and a VM disk image (~8GB). Both contain different data types and represent a typical backup scenario.
+
+The most notable thing is how quickly the standard library drops to very low compression speeds around level 5-6 without any big gains in compression. Since this type of data is fairly common, this does not seem like good behavior.
+
+
+## Un-compressible Content
+
+This is mainly a test of how good the algorithms are at detecting un-compressible input. The standard library only offers this feature with very conservative settings at level 1. Obviously there is no reason for the algorithms to try to compress input that cannot be compressed.  The only downside is that it might skip some compressible data on false detections.
+
+
+## Huffman only compression
+
+This compression library adds a special compression level, named `HuffmanOnly`, which allows near linear time compression. This is done by completely disabling matching of previous data, and only reduce the number of bits to represent each character. 
+
+This means that often used characters, like 'e' and ' ' (space) in text use the fewest bits to represent, and rare characters like '¤' takes more bits to represent. For more information see [wikipedia](https://en.wikipedia.org/wiki/Huffman_coding) or this nice [video](https://youtu.be/ZdooBTdW5bM).
+
+Since this type of compression has much less variance, the compression speed is mostly unaffected by the input data, and is usually more than *180MB/s* for a single core.
+
+The downside is that the compression ratio is usually considerably worse than even the fastest conventional compression. The compression ratio can never be better than 8:1 (12.5%). 
+
+The linear time compression can be used as a "better than nothing" mode, where you cannot risk the encoder to slow down on some content. For comparison, the size of the "Twain" text is *233460 bytes* (+29% vs. level 1) and encode speed is 144MB/s (4.5x level 1). So in this case you trade a 30% size increase for a 4 times speedup.
+
+For more information see my blog post on [Fast Linear Time Compression](http://blog.klauspost.com/constant-time-gzipzip-compression/).
+
+This is implemented on Go 1.7 as "Huffman Only" mode, though not exposed for gzip.
+
+# Other packages
+
+Here are other packages of good quality and pure Go (no cgo wrappers or autoconverted code):
+
+* [github.com/pierrec/lz4](https://github.com/pierrec/lz4) - strong multithreaded LZ4 compression.
+* [github.com/cosnicolaou/pbzip2](https://github.com/cosnicolaou/pbzip2) - multithreaded bzip2 decompression.
+* [github.com/dsnet/compress](https://github.com/dsnet/compress) - brotli decompression, bzip2 writer.
+* [github.com/ronanh/intcomp](https://github.com/ronanh/intcomp) - Integer compression.
+* [github.com/spenczar/fpc](https://github.com/spenczar/fpc) - Float compression.
+* [github.com/minio/zipindex](https://github.com/minio/zipindex) - External ZIP directory index.
+* [github.com/ybirader/pzip](https://github.com/ybirader/pzip) - Fast concurrent zip archiver and extractor.
+
+# license
+
+This code is licensed under the same conditions as the original Go code. See LICENSE file.
diff --git a/vendor/github.com/klauspost/compress/SECURITY.md b/vendor/github.com/klauspost/compress/SECURITY.md
new file mode 100644
index 000000000..ca6685e2b
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/SECURITY.md
@@ -0,0 +1,25 @@
+# Security Policy
+
+## Supported Versions
+
+Security updates are applied only to the latest release.
+
+## Vulnerability Definition
+
+A security vulnerability is a bug that with certain input triggers a crash or an infinite loop. Most calls will have varying execution time and only in rare cases will slow operation be considered a security vulnerability.
+
+Corrupted output generally is not considered a security vulnerability, unless independent operations are able to affect each other. Note that not all functionality is re-entrant and safe to use concurrently.
+
+Out-of-memory crashes only applies if the en/decoder uses an abnormal amount of memory, with appropriate options applied, to limit maximum window size, concurrency, etc. However, if you are in doubt you are welcome to file a security issue.
+
+It is assumed that all callers are trusted, meaning internal data exposed through reflection or inspection of returned data structures is not considered a vulnerability.
+
+Vulnerabilities resulting from compiler/assembler errors should be reported upstream. Depending on the severity this package may or may not implement a workaround.
+
+## Reporting a Vulnerability
+
+If you have discovered a security vulnerability in this project, please report it privately. **Do not disclose it as a public issue.** This gives us time to work with you to fix the issue before public exposure, reducing the chance that the exploit will be used before a patch is released.
+
+Please disclose it at [security advisory](https://github.com/klauspost/compress/security/advisories/new). If possible please provide a minimal reproducer. If the issue only applies to a single platform, it would be helpful to provide access to that.
+
+This project is maintained by a team of volunteers on a reasonable-effort basis. As such, vulnerabilities will be disclosed in a best effort base.
diff --git a/vendor/github.com/klauspost/compress/compressible.go b/vendor/github.com/klauspost/compress/compressible.go
new file mode 100644
index 000000000..ea5a692d5
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/compressible.go
@@ -0,0 +1,85 @@
+package compress
+
+import "math"
+
+// Estimate returns a normalized compressibility estimate of block b.
+// Values close to zero are likely uncompressible.
+// Values above 0.1 are likely to be compressible.
+// Values above 0.5 are very compressible.
+// Very small lengths will return 0.
+func Estimate(b []byte) float64 {
+	if len(b) < 16 {
+		return 0
+	}
+
+	// Correctly predicted order 1
+	hits := 0
+	lastMatch := false
+	var o1 [256]byte
+	var hist [256]int
+	c1 := byte(0)
+	for _, c := range b {
+		if c == o1[c1] {
+			// We only count a hit if there was two correct predictions in a row.
+			if lastMatch {
+				hits++
+			}
+			lastMatch = true
+		} else {
+			lastMatch = false
+		}
+		o1[c1] = c
+		c1 = c
+		hist[c]++
+	}
+
+	// Use x^0.6 to give better spread
+	prediction := math.Pow(float64(hits)/float64(len(b)), 0.6)
+
+	// Calculate histogram distribution
+	variance := float64(0)
+	avg := float64(len(b)) / 256
+
+	for _, v := range hist {
+		Δ := float64(v) - avg
+		variance += Δ * Δ
+	}
+
+	stddev := math.Sqrt(float64(variance)) / float64(len(b))
+	exp := math.Sqrt(1 / float64(len(b)))
+
+	// Subtract expected stddev
+	stddev -= exp
+	if stddev < 0 {
+		stddev = 0
+	}
+	stddev *= 1 + exp
+
+	// Use x^0.4 to give better spread
+	entropy := math.Pow(stddev, 0.4)
+
+	// 50/50 weight between prediction and histogram distribution
+	return math.Pow((prediction+entropy)/2, 0.9)
+}
+
+// ShannonEntropyBits returns the number of bits minimum required to represent
+// an entropy encoding of the input bytes.
+// https://en.wiktionary.org/wiki/Shannon_entropy
+func ShannonEntropyBits(b []byte) int {
+	if len(b) == 0 {
+		return 0
+	}
+	var hist [256]int
+	for _, c := range b {
+		hist[c]++
+	}
+	shannon := float64(0)
+	invTotal := 1.0 / float64(len(b))
+	for _, v := range hist[:] {
+		if v > 0 {
+			n := float64(v)
+			shannon += math.Ceil(-math.Log2(n*invTotal) * n)
+		}
+	}
+	return int(math.Ceil(shannon))
+}
diff --git a/vendor/github.com/klauspost/compress/fse/README.md b/vendor/github.com/klauspost/compress/fse/README.md
new file mode 100644
index 000000000..ea7324da6
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/fse/README.md
@@ -0,0 +1,79 @@
+# Finite State Entropy
+
+This package provides Finite State Entropy encoding and decoding.
+            
+Finite State Entropy (also referenced as [tANS](https://en.wikipedia.org/wiki/Asymmetric_numeral_systems#tANS)) 
+encoding provides a fast near-optimal symbol encoding/decoding
+for byte blocks as implemented in [zstandard](https://github.com/facebook/zstd).
+
+This can be used for compressing input with a lot of similar input values to the smallest number of bytes.
+This does not perform any multi-byte [dictionary coding](https://en.wikipedia.org/wiki/Dictionary_coder) as LZ coders,
+but it can be used as a secondary step to compressors (like Snappy) that does not do entropy encoding. 
+
+* [Godoc documentation](https://godoc.org/github.com/klauspost/compress/fse)
+
+## News
+
+ * Feb 2018: First implementation released. Consider this beta software for now.
+
+# Usage
+
+This package provides a low level interface that allows to compress single independent blocks. 
+
+Each block is separate, and there is no built in integrity checks. 
+This means that the caller should keep track of block sizes and also do checksums if needed.  
+
+Compressing a block is done via the [`Compress`](https://godoc.org/github.com/klauspost/compress/fse#Compress) function.
+You must provide input and will receive the output and maybe an error.
+
+These error values can be returned:
+
+| Error               | Description                                                                 |
+|---------------------|-----------------------------------------------------------------------------|
+| ``             | Everything ok, output is returned                                           |
+| `ErrIncompressible` | Returned when input is judged to be too hard to compress                    |
+| `ErrUseRLE`         | Returned from the compressor when the input is a single byte value repeated |
+| `(error)`           | An internal error occurred.                                                 |
+
+As can be seen above there are errors that will be returned even under normal operation so it is important to handle these.
+
+To reduce allocations you can provide a [`Scratch`](https://godoc.org/github.com/klauspost/compress/fse#Scratch) object 
+that can be re-used for successive calls. Both compression and decompression accepts a `Scratch` object, and the same 
+object can be used for both.   
+
+Be aware, that when re-using a `Scratch` object that the *output* buffer is also re-used, so if you are still using this
+you must set the `Out` field in the scratch to nil. The same buffer is used for compression and decompression output.
+
+Decompressing is done by calling the [`Decompress`](https://godoc.org/github.com/klauspost/compress/fse#Decompress) function.
+You must provide the output from the compression stage, at exactly the size you got back. If you receive an error back
+your input was likely corrupted. 
+
+It is important to note that a successful decoding does *not* mean your output matches your original input. 
+There are no integrity checks, so relying on errors from the decompressor does not assure your data is valid.
+
+For more detailed usage, see examples in the [godoc documentation](https://godoc.org/github.com/klauspost/compress/fse#pkg-examples).
+
+# Performance
+
+A lot of factors are affecting speed. Block sizes and compressibility of the material are primary factors.  
+All compression functions are currently only running on the calling goroutine so only one core will be used per block.  
+
+The compressor is significantly faster if symbols are kept as small as possible. The highest byte value of the input
+is used to reduce some of the processing, so if all your input is above byte value 64 for instance, it may be 
+beneficial to transpose all your input values down by 64.   
+
+With moderate block sizes around 64k speed are typically 200MB/s per core for compression and 
+around 300MB/s decompression speed. 
+
+The same hardware typically does Huffman (deflate) encoding at 125MB/s and decompression at 100MB/s. 
+
+# Plans
+
+At one point, more internals will be exposed to facilitate more "expert" usage of the components. 
+
+A streaming interface is also likely to be implemented. Likely compatible with [FSE stream format](https://github.com/Cyan4973/FiniteStateEntropy/blob/dev/programs/fileio.c#L261).  
+
+# Contributing
+
+Contributions are always welcome. Be aware that adding public functions will require good justification and breaking 
+changes will likely not be accepted. If in doubt open an issue before writing the PR.  
\ No newline at end of file
diff --git a/vendor/github.com/klauspost/compress/fse/bitreader.go b/vendor/github.com/klauspost/compress/fse/bitreader.go
new file mode 100644
index 000000000..f65eb3909
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/fse/bitreader.go
@@ -0,0 +1,122 @@
+// Copyright 2018 Klaus Post. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
+
+package fse
+
+import (
+	"encoding/binary"
+	"errors"
+	"io"
+)
+
+// bitReader reads a bitstream in reverse.
+// The last set bit indicates the start of the stream and is used
+// for aligning the input.
+type bitReader struct {
+	in       []byte
+	off      uint // next byte to read is at in[off - 1]
+	value    uint64
+	bitsRead uint8
+}
+
+// init initializes and resets the bit reader.
+func (b *bitReader) init(in []byte) error {
+	if len(in) < 1 {
+		return errors.New("corrupt stream: too short")
+	}
+	b.in = in
+	b.off = uint(len(in))
+	// The highest bit of the last byte indicates where to start
+	v := in[len(in)-1]
+	if v == 0 {
+		return errors.New("corrupt stream, did not find end of stream")
+	}
+	b.bitsRead = 64
+	b.value = 0
+	if len(in) >= 8 {
+		b.fillFastStart()
+	} else {
+		b.fill()
+		b.fill()
+	}
+	b.bitsRead += 8 - uint8(highBits(uint32(v)))
+	return nil
+}
+
+// getBits will return n bits. n can be 0.
+func (b *bitReader) getBits(n uint8) uint16 {
+	if n == 0 || b.bitsRead >= 64 {
+		return 0
+	}
+	return b.getBitsFast(n)
+}
+
+// getBitsFast requires that at least one bit is requested every time.
+// There are no checks if the buffer is filled.
+func (b *bitReader) getBitsFast(n uint8) uint16 {
+	const regMask = 64 - 1
+	v := uint16((b.value << (b.bitsRead & regMask)) >> ((regMask + 1 - n) & regMask))
+	b.bitsRead += n
+	return v
+}
+
+// fillFast() will make sure at least 32 bits are available.
+// There must be at least 4 bytes available.
+func (b *bitReader) fillFast() {
+	if b.bitsRead < 32 {
+		return
+	}
+	// 2 bounds checks.
+	v := b.in[b.off-4:]
+	v = v[:4]
+	low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+	b.value = (b.value << 32) | uint64(low)
+	b.bitsRead -= 32
+	b.off -= 4
+}
+
+// fill() will make sure at least 32 bits are available.
+func (b *bitReader) fill() {
+	if b.bitsRead < 32 {
+		return
+	}
+	if b.off > 4 {
+		v := b.in[b.off-4:]
+		v = v[:4]
+		low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+		b.value = (b.value << 32) | uint64(low)
+		b.bitsRead -= 32
+		b.off -= 4
+		return
+	}
+	for b.off > 0 {
+		b.value = (b.value << 8) | uint64(b.in[b.off-1])
+		b.bitsRead -= 8
+		b.off--
+	}
+}
+
+// fillFastStart() assumes the bitreader is empty and there is at least 8 bytes to read.
+func (b *bitReader) fillFastStart() {
+	// Do single re-slice to avoid bounds checks.
+	b.value = binary.LittleEndian.Uint64(b.in[b.off-8:])
+	b.bitsRead = 0
+	b.off -= 8
+}
+
+// finished returns true if all bits have been read from the bit stream.
+func (b *bitReader) finished() bool {
+	return b.bitsRead >= 64 && b.off == 0
+}
+
+// close the bitstream and returns an error if out-of-buffer reads occurred.
+func (b *bitReader) close() error {
+	// Release reference.
+	b.in = nil
+	if b.bitsRead > 64 {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
diff --git a/vendor/github.com/klauspost/compress/fse/bitwriter.go b/vendor/github.com/klauspost/compress/fse/bitwriter.go
new file mode 100644
index 000000000..e82fa3bb7
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/fse/bitwriter.go
@@ -0,0 +1,167 @@
+// Copyright 2018 Klaus Post. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
+
+package fse
+
+import "fmt"
+
+// bitWriter will write bits.
+// First bit will be LSB of the first byte of output.
+type bitWriter struct {
+	bitContainer uint64
+	nBits        uint8
+	out          []byte
+}
+
+// bitMask16 is bitmasks. Has extra to avoid bounds check.
+var bitMask16 = [32]uint16{
+	0, 1, 3, 7, 0xF, 0x1F,
+	0x3F, 0x7F, 0xFF, 0x1FF, 0x3FF, 0x7FF,
+	0xFFF, 0x1FFF, 0x3FFF, 0x7FFF, 0xFFFF, 0xFFFF,
+	0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF,
+	0xFFFF, 0xFFFF} /* up to 16 bits */
+
+// addBits16NC will add up to 16 bits.
+// It will not check if there is space for them,
+// so the caller must ensure that it has flushed recently.
+func (b *bitWriter) addBits16NC(value uint16, bits uint8) {
+	b.bitContainer |= uint64(value&bitMask16[bits&31]) << (b.nBits & 63)
+	b.nBits += bits
+}
+
+// addBits16Clean will add up to 16 bits. value may not contain more set bits than indicated.
+// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
+func (b *bitWriter) addBits16Clean(value uint16, bits uint8) {
+	b.bitContainer |= uint64(value) << (b.nBits & 63)
+	b.nBits += bits
+}
+
+// addBits16ZeroNC will add up to 16 bits.
+// It will not check if there is space for them,
+// so the caller must ensure that it has flushed recently.
+// This is fastest if bits can be zero.
+func (b *bitWriter) addBits16ZeroNC(value uint16, bits uint8) {
+	if bits == 0 {
+		return
+	}
+	value <<= (16 - bits) & 15
+	value >>= (16 - bits) & 15
+	b.bitContainer |= uint64(value) << (b.nBits & 63)
+	b.nBits += bits
+}
+
+// flush will flush all pending full bytes.
+// There will be at least 56 bits available for writing when this has been called.
+// Using flush32 is faster, but leaves less space for writing.
+func (b *bitWriter) flush() {
+	v := b.nBits >> 3
+	switch v {
+	case 0:
+	case 1:
+		b.out = append(b.out,
+			byte(b.bitContainer),
+		)
+	case 2:
+		b.out = append(b.out,
+			byte(b.bitContainer),
+			byte(b.bitContainer>>8),
+		)
+	case 3:
+		b.out = append(b.out,
+			byte(b.bitContainer),
+			byte(b.bitContainer>>8),
+			byte(b.bitContainer>>16),
+		)
+	case 4:
+		b.out = append(b.out,
+			byte(b.bitContainer),
+			byte(b.bitContainer>>8),
+			byte(b.bitContainer>>16),
+			byte(b.bitContainer>>24),
+		)
+	case 5:
+		b.out = append(b.out,
+			byte(b.bitContainer),
+			byte(b.bitContainer>>8),
+			byte(b.bitContainer>>16),
+			byte(b.bitContainer>>24),
+			byte(b.bitContainer>>32),
+		)
+	case 6:
+		b.out = append(b.out,
+			byte(b.bitContainer),
+			byte(b.bitContainer>>8),
+			byte(b.bitContainer>>16),
+			byte(b.bitContainer>>24),
+			byte(b.bitContainer>>32),
+			byte(b.bitContainer>>40),
+		)
+	case 7:
+		b.out = append(b.out,
+			byte(b.bitContainer),
+			byte(b.bitContainer>>8),
+			byte(b.bitContainer>>16),
+			byte(b.bitContainer>>24),
+			byte(b.bitContainer>>32),
+			byte(b.bitContainer>>40),
+			byte(b.bitContainer>>48),
+		)
+	case 8:
+		b.out = append(b.out,
+			byte(b.bitContainer),
+			byte(b.bitContainer>>8),
+			byte(b.bitContainer>>16),
+			byte(b.bitContainer>>24),
+			byte(b.bitContainer>>32),
+			byte(b.bitContainer>>40),
+			byte(b.bitContainer>>48),
+			byte(b.bitContainer>>56),
+		)
+	default:
+		panic(fmt.Errorf("bits (%d) > 64", b.nBits))
+	}
+	b.bitContainer >>= v << 3
+	b.nBits &= 7
+}
+
+// flush32 will flush out, so there are at least 32 bits available for writing.
+func (b *bitWriter) flush32() {
+	if b.nBits < 32 {
+		return
+	}
+	b.out = append(b.out,
+		byte(b.bitContainer),
+		byte(b.bitContainer>>8),
+		byte(b.bitContainer>>16),
+		byte(b.bitContainer>>24))
+	b.nBits -= 32
+	b.bitContainer >>= 32
+}
+
+// flushAlign will flush remaining full bytes and align to next byte boundary.
+func (b *bitWriter) flushAlign() {
+	nbBytes := (b.nBits + 7) >> 3
+	for i := uint8(0); i < nbBytes; i++ {
+		b.out = append(b.out, byte(b.bitContainer>>(i*8)))
+	}
+	b.nBits = 0
+	b.bitContainer = 0
+}
+
+// close will write the alignment bit and write the final byte(s)
+// to the output.
+func (b *bitWriter) close() {
+	// End mark
+	b.addBits16Clean(1, 1)
+	// flush until next byte.
+	b.flushAlign()
+}
+
+// reset and continue writing by appending to out.
+func (b *bitWriter) reset(out []byte) {
+	b.bitContainer = 0
+	b.nBits = 0
+	b.out = out
+}
diff --git a/vendor/github.com/klauspost/compress/fse/bytereader.go b/vendor/github.com/klauspost/compress/fse/bytereader.go
new file mode 100644
index 000000000..abade2d60
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/fse/bytereader.go
@@ -0,0 +1,47 @@
+// Copyright 2018 Klaus Post. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
+
+package fse
+
+// byteReader provides a byte reader that reads
+// little endian values from a byte stream.
+// The input stream is manually advanced.
+// The reader performs no bounds checks.
+type byteReader struct {
+	b   []byte
+	off int
+}
+
+// init will initialize the reader and set the input.
+func (b *byteReader) init(in []byte) {
+	b.b = in
+	b.off = 0
+}
+
+// advance the stream b n bytes.
+func (b *byteReader) advance(n uint) {
+	b.off += int(n)
+}
+
+// Uint32 returns a little endian uint32 starting at current offset.
+func (b byteReader) Uint32() uint32 {
+	b2 := b.b[b.off:]
+	b2 = b2[:4]
+	v3 := uint32(b2[3])
+	v2 := uint32(b2[2])
+	v1 := uint32(b2[1])
+	v0 := uint32(b2[0])
+	return v0 | (v1 << 8) | (v2 << 16) | (v3 << 24)
+}
+
+// unread returns the unread portion of the input.
+func (b byteReader) unread() []byte {
+	return b.b[b.off:]
+}
+
+// remain will return the number of bytes remaining.
+func (b byteReader) remain() int {
+	return len(b.b) - b.off
+}
diff --git a/vendor/github.com/klauspost/compress/fse/compress.go b/vendor/github.com/klauspost/compress/fse/compress.go
new file mode 100644
index 000000000..074018d8f
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/fse/compress.go
@@ -0,0 +1,683 @@
+// Copyright 2018 Klaus Post. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
+
+package fse
+
+import (
+	"errors"
+	"fmt"
+)
+
+// Compress the input bytes. Input must be < 2GB.
+// Provide a Scratch buffer to avoid memory allocations.
+// Note that the output is also kept in the scratch buffer.
+// If input is too hard to compress, ErrIncompressible is returned.
+// If input is a single byte value repeated ErrUseRLE is returned.
+func Compress(in []byte, s *Scratch) ([]byte, error) {
+	if len(in) <= 1 {
+		return nil, ErrIncompressible
+	}
+	if len(in) > (2<<30)-1 {
+		return nil, errors.New("input too big, must be < 2GB")
+	}
+	s, err := s.prepare(in)
+	if err != nil {
+		return nil, err
+	}
+
+	// Create histogram, if none was provided.
+	maxCount := s.maxCount
+	if maxCount == 0 {
+		maxCount = s.countSimple(in)
+	}
+	// Reset for next run.
+	s.clearCount = true
+	s.maxCount = 0
+	if maxCount == len(in) {
+		// One symbol, use RLE
+		return nil, ErrUseRLE
+	}
+	if maxCount == 1 || maxCount < (len(in)>>7) {
+		// Each symbol present maximum once or too well distributed.
+		return nil, ErrIncompressible
+	}
+	s.optimalTableLog()
+	err = s.normalizeCount()
+	if err != nil {
+		return nil, err
+	}
+	err = s.writeCount()
+	if err != nil {
+		return nil, err
+	}
+
+	if false {
+		err = s.validateNorm()
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	err = s.buildCTable()
+	if err != nil {
+		return nil, err
+	}
+	err = s.compress(in)
+	if err != nil {
+		return nil, err
+	}
+	s.Out = s.bw.out
+	// Check if we compressed.
+	if len(s.Out) >= len(in) {
+		return nil, ErrIncompressible
+	}
+	return s.Out, nil
+}
+
+// cState contains the compression state of a stream.
+type cState struct {
+	bw         *bitWriter
+	stateTable []uint16
+	state      uint16
+}
+
+// init will initialize the compression state to the first symbol of the stream.
+func (c *cState) init(bw *bitWriter, ct *cTable, tableLog uint8, first symbolTransform) {
+	c.bw = bw
+	c.stateTable = ct.stateTable
+
+	nbBitsOut := (first.deltaNbBits + (1 << 15)) >> 16
+	im := int32((nbBitsOut << 16) - first.deltaNbBits)
+	lu := (im >> nbBitsOut) + first.deltaFindState
+	c.state = c.stateTable[lu]
+}
+
+// encode the output symbol provided and write it to the bitstream.
+func (c *cState) encode(symbolTT symbolTransform) {
+	nbBitsOut := (uint32(c.state) + symbolTT.deltaNbBits) >> 16
+	dstState := int32(c.state>>(nbBitsOut&15)) + symbolTT.deltaFindState
+	c.bw.addBits16NC(c.state, uint8(nbBitsOut))
+	c.state = c.stateTable[dstState]
+}
+
+// encode the output symbol provided and write it to the bitstream.
+func (c *cState) encodeZero(symbolTT symbolTransform) {
+	nbBitsOut := (uint32(c.state) + symbolTT.deltaNbBits) >> 16
+	dstState := int32(c.state>>(nbBitsOut&15)) + symbolTT.deltaFindState
+	c.bw.addBits16ZeroNC(c.state, uint8(nbBitsOut))
+	c.state = c.stateTable[dstState]
+}
+
+// flush will write the tablelog to the output and flush the remaining full bytes.
+func (c *cState) flush(tableLog uint8) {
+	c.bw.flush32()
+	c.bw.addBits16NC(c.state, tableLog)
+	c.bw.flush()
+}
+
+// compress is the main compression loop that will encode the input from the last byte to the first.
+func (s *Scratch) compress(src []byte) error {
+	if len(src) <= 2 {
+		return errors.New("compress: src too small")
+	}
+	tt := s.ct.symbolTT[:256]
+	s.bw.reset(s.Out)
+
+	// Our two states each encodes every second byte.
+	// Last byte encoded (first byte decoded) will always be encoded by c1.
+	var c1, c2 cState
+
+	// Encode so remaining size is divisible by 4.
+	ip := len(src)
+	if ip&1 == 1 {
+		c1.init(&s.bw, &s.ct, s.actualTableLog, tt[src[ip-1]])
+		c2.init(&s.bw, &s.ct, s.actualTableLog, tt[src[ip-2]])
+		c1.encodeZero(tt[src[ip-3]])
+		ip -= 3
+	} else {
+		c2.init(&s.bw, &s.ct, s.actualTableLog, tt[src[ip-1]])
+		c1.init(&s.bw, &s.ct, s.actualTableLog, tt[src[ip-2]])
+		ip -= 2
+	}
+	if ip&2 != 0 {
+		c2.encodeZero(tt[src[ip-1]])
+		c1.encodeZero(tt[src[ip-2]])
+		ip -= 2
+	}
+	src = src[:ip]
+
+	// Main compression loop.
+	switch {
+	case !s.zeroBits && s.actualTableLog <= 8:
+		// We can encode 4 symbols without requiring a flush.
+		// We do not need to check if any output is 0 bits.
+		for ; len(src) >= 4; src = src[:len(src)-4] {
+			s.bw.flush32()
+			v3, v2, v1, v0 := src[len(src)-4], src[len(src)-3], src[len(src)-2], src[len(src)-1]
+			c2.encode(tt[v0])
+			c1.encode(tt[v1])
+			c2.encode(tt[v2])
+			c1.encode(tt[v3])
+		}
+	case !s.zeroBits:
+		// We do not need to check if any output is 0 bits.
+		for ; len(src) >= 4; src = src[:len(src)-4] {
+			s.bw.flush32()
+			v3, v2, v1, v0 := src[len(src)-4], src[len(src)-3], src[len(src)-2], src[len(src)-1]
+			c2.encode(tt[v0])
+			c1.encode(tt[v1])
+			s.bw.flush32()
+			c2.encode(tt[v2])
+			c1.encode(tt[v3])
+		}
+	case s.actualTableLog <= 8:
+		// We can encode 4 symbols without requiring a flush
+		for ; len(src) >= 4; src = src[:len(src)-4] {
+			s.bw.flush32()
+			v3, v2, v1, v0 := src[len(src)-4], src[len(src)-3], src[len(src)-2], src[len(src)-1]
+			c2.encodeZero(tt[v0])
+			c1.encodeZero(tt[v1])
+			c2.encodeZero(tt[v2])
+			c1.encodeZero(tt[v3])
+		}
+	default:
+		for ; len(src) >= 4; src = src[:len(src)-4] {
+			s.bw.flush32()
+			v3, v2, v1, v0 := src[len(src)-4], src[len(src)-3], src[len(src)-2], src[len(src)-1]
+			c2.encodeZero(tt[v0])
+			c1.encodeZero(tt[v1])
+			s.bw.flush32()
+			c2.encodeZero(tt[v2])
+			c1.encodeZero(tt[v3])
+		}
+	}
+
+	// Flush final state.
+	// Used to initialize state when decoding.
+	c2.flush(s.actualTableLog)
+	c1.flush(s.actualTableLog)
+
+	s.bw.close()
+	return nil
+}
+
+// writeCount will write the normalized histogram count to header.
+// This is read back by readNCount.
+func (s *Scratch) writeCount() error {
+	var (
+		tableLog  = s.actualTableLog
+		tableSize = 1 << tableLog
+		previous0 bool
+		charnum   uint16
+
+		maxHeaderSize = ((int(s.symbolLen)*int(tableLog) + 4 + 2) >> 3) + 3
+
+		// Write Table Size
+		bitStream = uint32(tableLog - minTablelog)
+		bitCount  = uint(4)
+		remaining = int16(tableSize + 1) /* +1 for extra accuracy */
+		threshold = int16(tableSize)
+		nbBits    = uint(tableLog + 1)
+	)
+	if cap(s.Out) < maxHeaderSize {
+		s.Out = make([]byte, 0, s.br.remain()+maxHeaderSize)
+	}
+	outP := uint(0)
+	out := s.Out[:maxHeaderSize]
+
+	// stops at 1
+	for remaining > 1 {
+		if previous0 {
+			start := charnum
+			for s.norm[charnum] == 0 {
+				charnum++
+			}
+			for charnum >= start+24 {
+				start += 24
+				bitStream += uint32(0xFFFF) << bitCount
+				out[outP] = byte(bitStream)
+				out[outP+1] = byte(bitStream >> 8)
+				outP += 2
+				bitStream >>= 16
+			}
+			for charnum >= start+3 {
+				start += 3
+				bitStream += 3 << bitCount
+				bitCount += 2
+			}
+			bitStream += uint32(charnum-start) << bitCount
+			bitCount += 2
+			if bitCount > 16 {
+				out[outP] = byte(bitStream)
+				out[outP+1] = byte(bitStream >> 8)
+				outP += 2
+				bitStream >>= 16
+				bitCount -= 16
+			}
+		}
+
+		count := s.norm[charnum]
+		charnum++
+		max := (2*threshold - 1) - remaining
+		if count < 0 {
+			remaining += count
+		} else {
+			remaining -= count
+		}
+		count++ // +1 for extra accuracy
+		if count >= threshold {
+			count += max // [0..max[ [max..threshold[ (...) [threshold+max 2*threshold[
+		}
+		bitStream += uint32(count) << bitCount
+		bitCount += nbBits
+		if count < max {
+			bitCount--
+		}
+
+		previous0 = count == 1
+		if remaining < 1 {
+			return errors.New("internal error: remaining<1")
+		}
+		for remaining < threshold {
+			nbBits--
+			threshold >>= 1
+		}
+
+		if bitCount > 16 {
+			out[outP] = byte(bitStream)
+			out[outP+1] = byte(bitStream >> 8)
+			outP += 2
+			bitStream >>= 16
+			bitCount -= 16
+		}
+	}
+
+	out[outP] = byte(bitStream)
+	out[outP+1] = byte(bitStream >> 8)
+	outP += (bitCount + 7) / 8
+
+	if charnum > s.symbolLen {
+		return errors.New("internal error: charnum > s.symbolLen")
+	}
+	s.Out = out[:outP]
+	return nil
+}
+
+// symbolTransform contains the state transform for a symbol.
+type symbolTransform struct {
+	deltaFindState int32
+	deltaNbBits    uint32
+}
+
+// String prints values as a human readable string.
+func (s symbolTransform) String() string {
+	return fmt.Sprintf("dnbits: %08x, fs:%d", s.deltaNbBits, s.deltaFindState)
+}
+
+// cTable contains tables used for compression.
+type cTable struct {
+	tableSymbol []byte
+	stateTable  []uint16
+	symbolTT    []symbolTransform
+}
+
+// allocCtable will allocate tables needed for compression.
+// If existing tables a re big enough, they are simply re-used.
+func (s *Scratch) allocCtable() {
+	tableSize := 1 << s.actualTableLog
+	// get tableSymbol that is big enough.
+	if cap(s.ct.tableSymbol) < tableSize {
+		s.ct.tableSymbol = make([]byte, tableSize)
+	}
+	s.ct.tableSymbol = s.ct.tableSymbol[:tableSize]
+
+	ctSize := tableSize
+	if cap(s.ct.stateTable) < ctSize {
+		s.ct.stateTable = make([]uint16, ctSize)
+	}
+	s.ct.stateTable = s.ct.stateTable[:ctSize]
+
+	if cap(s.ct.symbolTT) < 256 {
+		s.ct.symbolTT = make([]symbolTransform, 256)
+	}
+	s.ct.symbolTT = s.ct.symbolTT[:256]
+}
+
+// buildCTable will populate the compression table so it is ready to be used.
+func (s *Scratch) buildCTable() error {
+	tableSize := uint32(1 << s.actualTableLog)
+	highThreshold := tableSize - 1
+	var cumul [maxSymbolValue + 2]int16
+
+	s.allocCtable()
+	tableSymbol := s.ct.tableSymbol[:tableSize]
+	// symbol start positions
+	{
+		cumul[0] = 0
+		for ui, v := range s.norm[:s.symbolLen-1] {
+			u := byte(ui) // one less than reference
+			if v == -1 {
+				// Low proba symbol
+				cumul[u+1] = cumul[u] + 1
+				tableSymbol[highThreshold] = u
+				highThreshold--
+			} else {
+				cumul[u+1] = cumul[u] + v
+			}
+		}
+		// Encode last symbol separately to avoid overflowing u
+		u := int(s.symbolLen - 1)
+		v := s.norm[s.symbolLen-1]
+		if v == -1 {
+			// Low proba symbol
+			cumul[u+1] = cumul[u] + 1
+			tableSymbol[highThreshold] = byte(u)
+			highThreshold--
+		} else {
+			cumul[u+1] = cumul[u] + v
+		}
+		if uint32(cumul[s.symbolLen]) != tableSize {
+			return fmt.Errorf("internal error: expected cumul[s.symbolLen] (%d) == tableSize (%d)", cumul[s.symbolLen], tableSize)
+		}
+		cumul[s.symbolLen] = int16(tableSize) + 1
+	}
+	// Spread symbols
+	s.zeroBits = false
+	{
+		step := tableStep(tableSize)
+		tableMask := tableSize - 1
+		var position uint32
+		// if any symbol > largeLimit, we may have 0 bits output.
+		largeLimit := int16(1 << (s.actualTableLog - 1))
+		for ui, v := range s.norm[:s.symbolLen] {
+			symbol := byte(ui)
+			if v > largeLimit {
+				s.zeroBits = true
+			}
+			for nbOccurrences := int16(0); nbOccurrences < v; nbOccurrences++ {
+				tableSymbol[position] = symbol
+				position = (position + step) & tableMask
+				for position > highThreshold {
+					position = (position + step) & tableMask
+				} /* Low proba area */
+			}
+		}
+
+		// Check if we have gone through all positions
+		if position != 0 {
+			return errors.New("position!=0")
+		}
+	}
+
+	// Build table
+	table := s.ct.stateTable
+	{
+		tsi := int(tableSize)
+		for u, v := range tableSymbol {
+			// TableU16 : sorted by symbol order; gives next state value
+			table[cumul[v]] = uint16(tsi + u)
+			cumul[v]++
+		}
+	}
+
+	// Build Symbol Transformation Table
+	{
+		total := int16(0)
+		symbolTT := s.ct.symbolTT[:s.symbolLen]
+		tableLog := s.actualTableLog
+		tl := (uint32(tableLog) << 16) - (1 << tableLog)
+		for i, v := range s.norm[:s.symbolLen] {
+			switch v {
+			case 0:
+			case -1, 1:
+				symbolTT[i].deltaNbBits = tl
+				symbolTT[i].deltaFindState = int32(total - 1)
+				total++
+			default:
+				maxBitsOut := uint32(tableLog) - highBits(uint32(v-1))
+				minStatePlus := uint32(v) << maxBitsOut
+				symbolTT[i].deltaNbBits = (maxBitsOut << 16) - minStatePlus
+				symbolTT[i].deltaFindState = int32(total - v)
+				total += v
+			}
+		}
+		if total != int16(tableSize) {
+			return fmt.Errorf("total mismatch %d (got) != %d (want)", total, tableSize)
+		}
+	}
+	return nil
+}
+
+// countSimple will create a simple histogram in s.count.
+// Returns the biggest count.
+// Does not update s.clearCount.
+func (s *Scratch) countSimple(in []byte) (max int) {
+	for _, v := range in {
+		s.count[v]++
+	}
+	m, symlen := uint32(0), s.symbolLen
+	for i, v := range s.count[:] {
+		if v == 0 {
+			continue
+		}
+		if v > m {
+			m = v
+		}
+		symlen = uint16(i) + 1
+	}
+	s.symbolLen = symlen
+	return int(m)
+}
+
+// minTableLog provides the minimum logSize to safely represent a distribution.
+func (s *Scratch) minTableLog() uint8 {
+	minBitsSrc := highBits(uint32(s.br.remain()-1)) + 1
+	minBitsSymbols := highBits(uint32(s.symbolLen-1)) + 2
+	if minBitsSrc < minBitsSymbols {
+		return uint8(minBitsSrc)
+	}
+	return uint8(minBitsSymbols)
+}
+
+// optimalTableLog calculates and sets the optimal tableLog in s.actualTableLog
+func (s *Scratch) optimalTableLog() {
+	tableLog := s.TableLog
+	minBits := s.minTableLog()
+	maxBitsSrc := uint8(highBits(uint32(s.br.remain()-1))) - 2
+	if maxBitsSrc < tableLog {
+		// Accuracy can be reduced
+		tableLog = maxBitsSrc
+	}
+	if minBits > tableLog {
+		tableLog = minBits
+	}
+	// Need a minimum to safely represent all symbol values
+	if tableLog < minTablelog {
+		tableLog = minTablelog
+	}
+	if tableLog > maxTableLog {
+		tableLog = maxTableLog
+	}
+	s.actualTableLog = tableLog
+}
+
+var rtbTable = [...]uint32{0, 473195, 504333, 520860, 550000, 700000, 750000, 830000}
+
+// normalizeCount will normalize the count of the symbols so
+// the total is equal to the table size.
+func (s *Scratch) normalizeCount() error {
+	var (
+		tableLog          = s.actualTableLog
+		scale             = 62 - uint64(tableLog)
+		step              = (1 << 62) / uint64(s.br.remain())
+		vStep             = uint64(1) << (scale - 20)
+		stillToDistribute = int16(1 << tableLog)
+		largest           int
+		largestP          int16
+		lowThreshold      = (uint32)(s.br.remain() >> tableLog)
+	)
+
+	for i, cnt := range s.count[:s.symbolLen] {
+		// already handled
+		// if (count[s] == s.length) return 0;   /* rle special case */
+
+		if cnt == 0 {
+			s.norm[i] = 0
+			continue
+		}
+		if cnt <= lowThreshold {
+			s.norm[i] = -1
+			stillToDistribute--
+		} else {
+			proba := (int16)((uint64(cnt) * step) >> scale)
+			if proba < 8 {
+				restToBeat := vStep * uint64(rtbTable[proba])
+				v := uint64(cnt)*step - (uint64(proba) << scale)
+				if v > restToBeat {
+					proba++
+				}
+			}
+			if proba > largestP {
+				largestP = proba
+				largest = i
+			}
+			s.norm[i] = proba
+			stillToDistribute -= proba
+		}
+	}
+
+	if -stillToDistribute >= (s.norm[largest] >> 1) {
+		// corner case, need another normalization method
+		return s.normalizeCount2()
+	}
+	s.norm[largest] += stillToDistribute
+	return nil
+}
+
+// Secondary normalization method.
+// To be used when primary method fails.
+func (s *Scratch) normalizeCount2() error {
+	const notYetAssigned = -2
+	var (
+		distributed  uint32
+		total        = uint32(s.br.remain())
+		tableLog     = s.actualTableLog
+		lowThreshold = total >> tableLog
+		lowOne       = (total * 3) >> (tableLog + 1)
+	)
+	for i, cnt := range s.count[:s.symbolLen] {
+		if cnt == 0 {
+			s.norm[i] = 0
+			continue
+		}
+		if cnt <= lowThreshold {
+			s.norm[i] = -1
+			distributed++
+			total -= cnt
+			continue
+		}
+		if cnt <= lowOne {
+			s.norm[i] = 1
+			distributed++
+			total -= cnt
+			continue
+		}
+		s.norm[i] = notYetAssigned
+	}
+	toDistribute := (1 << tableLog) - distributed
+
+	if (total / toDistribute) > lowOne {
+		// risk of rounding to zero
+		lowOne = (total * 3) / (toDistribute * 2)
+		for i, cnt := range s.count[:s.symbolLen] {
+			if (s.norm[i] == notYetAssigned) && (cnt <= lowOne) {
+				s.norm[i] = 1
+				distributed++
+				total -= cnt
+				continue
+			}
+		}
+		toDistribute = (1 << tableLog) - distributed
+	}
+	if distributed == uint32(s.symbolLen)+1 {
+		// all values are pretty poor;
+		//   probably incompressible data (should have already been detected);
+		//   find max, then give all remaining points to max
+		var maxV int
+		var maxC uint32
+		for i, cnt := range s.count[:s.symbolLen] {
+			if cnt > maxC {
+				maxV = i
+				maxC = cnt
+			}
+		}
+		s.norm[maxV] += int16(toDistribute)
+		return nil
+	}
+
+	if total == 0 {
+		// all of the symbols were low enough for the lowOne or lowThreshold
+		for i := uint32(0); toDistribute > 0; i = (i + 1) % (uint32(s.symbolLen)) {
+			if s.norm[i] > 0 {
+				toDistribute--
+				s.norm[i]++
+			}
+		}
+		return nil
+	}
+
+	var (
+		vStepLog = 62 - uint64(tableLog)
+		mid      = uint64((1 << (vStepLog - 1)) - 1)
+		rStep    = (((1 << vStepLog) * uint64(toDistribute)) + mid) / uint64(total) // scale on remaining
+		tmpTotal = mid
+	)
+	for i, cnt := range s.count[:s.symbolLen] {
+		if s.norm[i] == notYetAssigned {
+			var (
+				end    = tmpTotal + uint64(cnt)*rStep
+				sStart = uint32(tmpTotal >> vStepLog)
+				sEnd   = uint32(end >> vStepLog)
+				weight = sEnd - sStart
+			)
+			if weight < 1 {
+				return errors.New("weight < 1")
+			}
+			s.norm[i] = int16(weight)
+			tmpTotal = end
+		}
+	}
+	return nil
+}
+
+// validateNorm validates the normalized histogram table.
+func (s *Scratch) validateNorm() (err error) {
+	var total int
+	for _, v := range s.norm[:s.symbolLen] {
+		if v >= 0 {
+			total += int(v)
+		} else {
+			total -= int(v)
+		}
+	}
+	defer func() {
+		if err == nil {
+			return
+		}
+		fmt.Printf("selected TableLog: %d, Symbol length: %d\n", s.actualTableLog, s.symbolLen)
+		for i, v := range s.norm[:s.symbolLen] {
+			fmt.Printf("%3d: %5d -> %4d \n", i, s.count[i], v)
+		}
+	}()
+	if total != (1 << s.actualTableLog) {
+		return fmt.Errorf("warning: Total == %d != %d", total, 1< tablelogAbsoluteMax {
+		return errors.New("tableLog too large")
+	}
+	bitStream >>= 4
+	bitCount := uint(4)
+
+	s.actualTableLog = uint8(nbBits)
+	remaining := int32((1 << nbBits) + 1)
+	threshold := int32(1 << nbBits)
+	gotTotal := int32(0)
+	nbBits++
+
+	for remaining > 1 {
+		if previous0 {
+			n0 := charnum
+			for (bitStream & 0xFFFF) == 0xFFFF {
+				n0 += 24
+				if b.off < iend-5 {
+					b.advance(2)
+					bitStream = b.Uint32() >> bitCount
+				} else {
+					bitStream >>= 16
+					bitCount += 16
+				}
+			}
+			for (bitStream & 3) == 3 {
+				n0 += 3
+				bitStream >>= 2
+				bitCount += 2
+			}
+			n0 += uint16(bitStream & 3)
+			bitCount += 2
+			if n0 > maxSymbolValue {
+				return errors.New("maxSymbolValue too small")
+			}
+			for charnum < n0 {
+				s.norm[charnum&0xff] = 0
+				charnum++
+			}
+
+			if b.off <= iend-7 || b.off+int(bitCount>>3) <= iend-4 {
+				b.advance(bitCount >> 3)
+				bitCount &= 7
+				bitStream = b.Uint32() >> bitCount
+			} else {
+				bitStream >>= 2
+			}
+		}
+
+		max := (2*(threshold) - 1) - (remaining)
+		var count int32
+
+		if (int32(bitStream) & (threshold - 1)) < max {
+			count = int32(bitStream) & (threshold - 1)
+			bitCount += nbBits - 1
+		} else {
+			count = int32(bitStream) & (2*threshold - 1)
+			if count >= threshold {
+				count -= max
+			}
+			bitCount += nbBits
+		}
+
+		count-- // extra accuracy
+		if count < 0 {
+			// -1 means +1
+			remaining += count
+			gotTotal -= count
+		} else {
+			remaining -= count
+			gotTotal += count
+		}
+		s.norm[charnum&0xff] = int16(count)
+		charnum++
+		previous0 = count == 0
+		for remaining < threshold {
+			nbBits--
+			threshold >>= 1
+		}
+		if b.off <= iend-7 || b.off+int(bitCount>>3) <= iend-4 {
+			b.advance(bitCount >> 3)
+			bitCount &= 7
+		} else {
+			bitCount -= (uint)(8 * (len(b.b) - 4 - b.off))
+			b.off = len(b.b) - 4
+		}
+		bitStream = b.Uint32() >> (bitCount & 31)
+	}
+	s.symbolLen = charnum
+
+	if s.symbolLen <= 1 {
+		return fmt.Errorf("symbolLen (%d) too small", s.symbolLen)
+	}
+	if s.symbolLen > maxSymbolValue+1 {
+		return fmt.Errorf("symbolLen (%d) too big", s.symbolLen)
+	}
+	if remaining != 1 {
+		return fmt.Errorf("corruption detected (remaining %d != 1)", remaining)
+	}
+	if bitCount > 32 {
+		return fmt.Errorf("corruption detected (bitCount %d > 32)", bitCount)
+	}
+	if gotTotal != 1<> 3)
+	return nil
+}
+
+// decSymbol contains information about a state entry,
+// Including the state offset base, the output symbol and
+// the number of bits to read for the low part of the destination state.
+type decSymbol struct {
+	newState uint16
+	symbol   uint8
+	nbBits   uint8
+}
+
+// allocDtable will allocate decoding tables if they are not big enough.
+func (s *Scratch) allocDtable() {
+	tableSize := 1 << s.actualTableLog
+	if cap(s.decTable) < tableSize {
+		s.decTable = make([]decSymbol, tableSize)
+	}
+	s.decTable = s.decTable[:tableSize]
+
+	if cap(s.ct.tableSymbol) < 256 {
+		s.ct.tableSymbol = make([]byte, 256)
+	}
+	s.ct.tableSymbol = s.ct.tableSymbol[:256]
+
+	if cap(s.ct.stateTable) < 256 {
+		s.ct.stateTable = make([]uint16, 256)
+	}
+	s.ct.stateTable = s.ct.stateTable[:256]
+}
+
+// buildDtable will build the decoding table.
+func (s *Scratch) buildDtable() error {
+	tableSize := uint32(1 << s.actualTableLog)
+	highThreshold := tableSize - 1
+	s.allocDtable()
+	symbolNext := s.ct.stateTable[:256]
+
+	// Init, lay down lowprob symbols
+	s.zeroBits = false
+	{
+		largeLimit := int16(1 << (s.actualTableLog - 1))
+		for i, v := range s.norm[:s.symbolLen] {
+			if v == -1 {
+				s.decTable[highThreshold].symbol = uint8(i)
+				highThreshold--
+				symbolNext[i] = 1
+			} else {
+				if v >= largeLimit {
+					s.zeroBits = true
+				}
+				symbolNext[i] = uint16(v)
+			}
+		}
+	}
+	// Spread symbols
+	{
+		tableMask := tableSize - 1
+		step := tableStep(tableSize)
+		position := uint32(0)
+		for ss, v := range s.norm[:s.symbolLen] {
+			for i := 0; i < int(v); i++ {
+				s.decTable[position].symbol = uint8(ss)
+				position = (position + step) & tableMask
+				for position > highThreshold {
+					// lowprob area
+					position = (position + step) & tableMask
+				}
+			}
+		}
+		if position != 0 {
+			// position must reach all cells once, otherwise normalizedCounter is incorrect
+			return errors.New("corrupted input (position != 0)")
+		}
+	}
+
+	// Build Decoding table
+	{
+		tableSize := uint16(1 << s.actualTableLog)
+		for u, v := range s.decTable {
+			symbol := v.symbol
+			nextState := symbolNext[symbol]
+			symbolNext[symbol] = nextState + 1
+			nBits := s.actualTableLog - byte(highBits(uint32(nextState)))
+			s.decTable[u].nbBits = nBits
+			newState := (nextState << nBits) - tableSize
+			if newState >= tableSize {
+				return fmt.Errorf("newState (%d) outside table size (%d)", newState, tableSize)
+			}
+			if newState == uint16(u) && nBits == 0 {
+				// Seems weird that this is possible with nbits > 0.
+				return fmt.Errorf("newState (%d) == oldState (%d) and no bits", newState, u)
+			}
+			s.decTable[u].newState = newState
+		}
+	}
+	return nil
+}
+
+// decompress will decompress the bitstream.
+// If the buffer is over-read an error is returned.
+func (s *Scratch) decompress() error {
+	br := &s.bits
+	if err := br.init(s.br.unread()); err != nil {
+		return err
+	}
+
+	var s1, s2 decoder
+	// Initialize and decode first state and symbol.
+	s1.init(br, s.decTable, s.actualTableLog)
+	s2.init(br, s.decTable, s.actualTableLog)
+
+	// Use temp table to avoid bound checks/append penalty.
+	var tmp = s.ct.tableSymbol[:256]
+	var off uint8
+
+	// Main part
+	if !s.zeroBits {
+		for br.off >= 8 {
+			br.fillFast()
+			tmp[off+0] = s1.nextFast()
+			tmp[off+1] = s2.nextFast()
+			br.fillFast()
+			tmp[off+2] = s1.nextFast()
+			tmp[off+3] = s2.nextFast()
+			off += 4
+			// When off is 0, we have overflowed and should write.
+			if off == 0 {
+				s.Out = append(s.Out, tmp...)
+				if len(s.Out) >= s.DecompressLimit {
+					return fmt.Errorf("output size (%d) > DecompressLimit (%d)", len(s.Out), s.DecompressLimit)
+				}
+			}
+		}
+	} else {
+		for br.off >= 8 {
+			br.fillFast()
+			tmp[off+0] = s1.next()
+			tmp[off+1] = s2.next()
+			br.fillFast()
+			tmp[off+2] = s1.next()
+			tmp[off+3] = s2.next()
+			off += 4
+			if off == 0 {
+				s.Out = append(s.Out, tmp...)
+				// When off is 0, we have overflowed and should write.
+				if len(s.Out) >= s.DecompressLimit {
+					return fmt.Errorf("output size (%d) > DecompressLimit (%d)", len(s.Out), s.DecompressLimit)
+				}
+			}
+		}
+	}
+	s.Out = append(s.Out, tmp[:off]...)
+
+	// Final bits, a bit more expensive check
+	for {
+		if s1.finished() {
+			s.Out = append(s.Out, s1.final(), s2.final())
+			break
+		}
+		br.fill()
+		s.Out = append(s.Out, s1.next())
+		if s2.finished() {
+			s.Out = append(s.Out, s2.final(), s1.final())
+			break
+		}
+		s.Out = append(s.Out, s2.next())
+		if len(s.Out) >= s.DecompressLimit {
+			return fmt.Errorf("output size (%d) > DecompressLimit (%d)", len(s.Out), s.DecompressLimit)
+		}
+	}
+	return br.close()
+}
+
+// decoder keeps track of the current state and updates it from the bitstream.
+type decoder struct {
+	state uint16
+	br    *bitReader
+	dt    []decSymbol
+}
+
+// init will initialize the decoder and read the first state from the stream.
+func (d *decoder) init(in *bitReader, dt []decSymbol, tableLog uint8) {
+	d.dt = dt
+	d.br = in
+	d.state = in.getBits(tableLog)
+}
+
+// next returns the next symbol and sets the next state.
+// At least tablelog bits must be available in the bit reader.
+func (d *decoder) next() uint8 {
+	n := &d.dt[d.state]
+	lowBits := d.br.getBits(n.nbBits)
+	d.state = n.newState + lowBits
+	return n.symbol
+}
+
+// finished returns true if all bits have been read from the bitstream
+// and the next state would require reading bits from the input.
+func (d *decoder) finished() bool {
+	return d.br.finished() && d.dt[d.state].nbBits > 0
+}
+
+// final returns the current state symbol without decoding the next.
+func (d *decoder) final() uint8 {
+	return d.dt[d.state].symbol
+}
+
+// nextFast returns the next symbol and sets the next state.
+// This can only be used if no symbols are 0 bits.
+// At least tablelog bits must be available in the bit reader.
+func (d *decoder) nextFast() uint8 {
+	n := d.dt[d.state]
+	lowBits := d.br.getBitsFast(n.nbBits)
+	d.state = n.newState + lowBits
+	return n.symbol
+}
diff --git a/vendor/github.com/klauspost/compress/fse/fse.go b/vendor/github.com/klauspost/compress/fse/fse.go
new file mode 100644
index 000000000..535cbadfd
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/fse/fse.go
@@ -0,0 +1,144 @@
+// Copyright 2018 Klaus Post. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
+
+// Package fse provides Finite State Entropy encoding and decoding.
+//
+// Finite State Entropy encoding provides a fast near-optimal symbol encoding/decoding
+// for byte blocks as implemented in zstd.
+//
+// See https://github.com/klauspost/compress/tree/master/fse for more information.
+package fse
+
+import (
+	"errors"
+	"fmt"
+	"math/bits"
+)
+
+const (
+	/*!MEMORY_USAGE :
+	 *  Memory usage formula : N->2^N Bytes (examples : 10 -> 1KB; 12 -> 4KB ; 16 -> 64KB; 20 -> 1MB; etc.)
+	 *  Increasing memory usage improves compression ratio
+	 *  Reduced memory usage can improve speed, due to cache effect
+	 *  Recommended max value is 14, for 16KB, which nicely fits into Intel x86 L1 cache */
+	maxMemoryUsage     = 14
+	defaultMemoryUsage = 13
+
+	maxTableLog     = maxMemoryUsage - 2
+	maxTablesize    = 1 << maxTableLog
+	defaultTablelog = defaultMemoryUsage - 2
+	minTablelog     = 5
+	maxSymbolValue  = 255
+)
+
+var (
+	// ErrIncompressible is returned when input is judged to be too hard to compress.
+	ErrIncompressible = errors.New("input is not compressible")
+
+	// ErrUseRLE is returned from the compressor when the input is a single byte value repeated.
+	ErrUseRLE = errors.New("input is single value repeated")
+)
+
+// Scratch provides temporary storage for compression and decompression.
+type Scratch struct {
+	// Private
+	count    [maxSymbolValue + 1]uint32
+	norm     [maxSymbolValue + 1]int16
+	br       byteReader
+	bits     bitReader
+	bw       bitWriter
+	ct       cTable      // Compression tables.
+	decTable []decSymbol // Decompression table.
+	maxCount int         // count of the most probable symbol
+
+	// Per block parameters.
+	// These can be used to override compression parameters of the block.
+	// Do not touch, unless you know what you are doing.
+
+	// Out is output buffer.
+	// If the scratch is re-used before the caller is done processing the output,
+	// set this field to nil.
+	// Otherwise the output buffer will be re-used for next Compression/Decompression step
+	// and allocation will be avoided.
+	Out []byte
+
+	// DecompressLimit limits the maximum decoded size acceptable.
+	// If > 0 decompression will stop when approximately this many bytes
+	// has been decoded.
+	// If 0, maximum size will be 2GB.
+	DecompressLimit int
+
+	symbolLen      uint16 // Length of active part of the symbol table.
+	actualTableLog uint8  // Selected tablelog.
+	zeroBits       bool   // no bits has prob > 50%.
+	clearCount     bool   // clear count
+
+	// MaxSymbolValue will override the maximum symbol value of the next block.
+	MaxSymbolValue uint8
+
+	// TableLog will attempt to override the tablelog for the next block.
+	TableLog uint8
+}
+
+// Histogram allows to populate the histogram and skip that step in the compression,
+// It otherwise allows to inspect the histogram when compression is done.
+// To indicate that you have populated the histogram call HistogramFinished
+// with the value of the highest populated symbol, as well as the number of entries
+// in the most populated entry. These are accepted at face value.
+// The returned slice will always be length 256.
+func (s *Scratch) Histogram() []uint32 {
+	return s.count[:]
+}
+
+// HistogramFinished can be called to indicate that the histogram has been populated.
+// maxSymbol is the index of the highest set symbol of the next data segment.
+// maxCount is the number of entries in the most populated entry.
+// These are accepted at face value.
+func (s *Scratch) HistogramFinished(maxSymbol uint8, maxCount int) {
+	s.maxCount = maxCount
+	s.symbolLen = uint16(maxSymbol) + 1
+	s.clearCount = maxCount != 0
+}
+
+// prepare will prepare and allocate scratch tables used for both compression and decompression.
+func (s *Scratch) prepare(in []byte) (*Scratch, error) {
+	if s == nil {
+		s = &Scratch{}
+	}
+	if s.MaxSymbolValue == 0 {
+		s.MaxSymbolValue = 255
+	}
+	if s.TableLog == 0 {
+		s.TableLog = defaultTablelog
+	}
+	if s.TableLog > maxTableLog {
+		return nil, fmt.Errorf("tableLog (%d) > maxTableLog (%d)", s.TableLog, maxTableLog)
+	}
+	if cap(s.Out) == 0 {
+		s.Out = make([]byte, 0, len(in))
+	}
+	if s.clearCount && s.maxCount == 0 {
+		for i := range s.count {
+			s.count[i] = 0
+		}
+		s.clearCount = false
+	}
+	s.br.init(in)
+	if s.DecompressLimit == 0 {
+		// Max size 2GB.
+		s.DecompressLimit = (2 << 30) - 1
+	}
+
+	return s, nil
+}
+
+// tableStep returns the next table index.
+func tableStep(tableSize uint32) uint32 {
+	return (tableSize >> 1) + (tableSize >> 3) + 3
+}
+
+func highBits(val uint32) (n uint32) {
+	return uint32(bits.Len32(val) - 1)
+}
diff --git a/vendor/github.com/klauspost/compress/gen.sh b/vendor/github.com/klauspost/compress/gen.sh
new file mode 100644
index 000000000..aff942205
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/gen.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+cd s2/cmd/_s2sx/ || exit 1
+go generate .
diff --git a/vendor/github.com/klauspost/compress/huff0/.gitignore b/vendor/github.com/klauspost/compress/huff0/.gitignore
new file mode 100644
index 000000000..b3d262958
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/.gitignore
@@ -0,0 +1 @@
+/huff0-fuzz.zip
diff --git a/vendor/github.com/klauspost/compress/huff0/README.md b/vendor/github.com/klauspost/compress/huff0/README.md
new file mode 100644
index 000000000..8b6e5c663
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/README.md
@@ -0,0 +1,89 @@
+# Huff0 entropy compression
+
+This package provides Huff0 encoding and decoding as used in zstd.
+            
+[Huff0](https://github.com/Cyan4973/FiniteStateEntropy#new-generation-entropy-coders), 
+a Huffman codec designed for modern CPU, featuring OoO (Out of Order) operations on multiple ALU 
+(Arithmetic Logic Unit), achieving extremely fast compression and decompression speeds.
+
+This can be used for compressing input with a lot of similar input values to the smallest number of bytes.
+This does not perform any multi-byte [dictionary coding](https://en.wikipedia.org/wiki/Dictionary_coder) as LZ coders,
+but it can be used as a secondary step to compressors (like Snappy) that does not do entropy encoding. 
+
+* [Godoc documentation](https://godoc.org/github.com/klauspost/compress/huff0)
+
+## News
+
+This is used as part of the [zstandard](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression and decompression package.
+
+This ensures that most functionality is well tested.
+
+# Usage
+
+This package provides a low level interface that allows to compress single independent blocks. 
+
+Each block is separate, and there is no built in integrity checks. 
+This means that the caller should keep track of block sizes and also do checksums if needed.  
+
+Compressing a block is done via the [`Compress1X`](https://godoc.org/github.com/klauspost/compress/huff0#Compress1X) and 
+[`Compress4X`](https://godoc.org/github.com/klauspost/compress/huff0#Compress4X) functions.
+You must provide input and will receive the output and maybe an error.
+
+These error values can be returned:
+
+| Error               | Description                                                                 |
+|---------------------|-----------------------------------------------------------------------------|
+| ``             | Everything ok, output is returned                                           |
+| `ErrIncompressible` | Returned when input is judged to be too hard to compress                    |
+| `ErrUseRLE`         | Returned from the compressor when the input is a single byte value repeated |
+| `ErrTooBig`         | Returned if the input block exceeds the maximum allowed size (128 Kib)      |
+| `(error)`           | An internal error occurred.                                                 |
+
+
+As can be seen above some of there are errors that will be returned even under normal operation so it is important to handle these.
+
+To reduce allocations you can provide a [`Scratch`](https://godoc.org/github.com/klauspost/compress/huff0#Scratch) object 
+that can be re-used for successive calls. Both compression and decompression accepts a `Scratch` object, and the same 
+object can be used for both.   
+
+Be aware, that when re-using a `Scratch` object that the *output* buffer is also re-used, so if you are still using this
+you must set the `Out` field in the scratch to nil. The same buffer is used for compression and decompression output.
+
+The `Scratch` object will retain state that allows to re-use previous tables for encoding and decoding.  
+
+## Tables and re-use
+
+Huff0 allows for reusing tables from the previous block to save space if that is expected to give better/faster results. 
+
+The Scratch object allows you to set a [`ReusePolicy`](https://godoc.org/github.com/klauspost/compress/huff0#ReusePolicy) 
+that controls this behaviour. See the documentation for details. This can be altered between each block.
+
+Do however note that this information is *not* stored in the output block and it is up to the users of the package to
+record whether [`ReadTable`](https://godoc.org/github.com/klauspost/compress/huff0#ReadTable) should be called,
+based on the boolean reported back from the CompressXX call. 
+
+If you want to store the table separate from the data, you can access them as `OutData` and `OutTable` on the 
+[`Scratch`](https://godoc.org/github.com/klauspost/compress/huff0#Scratch) object.
+
+## Decompressing
+
+The first part of decoding is to initialize the decoding table through [`ReadTable`](https://godoc.org/github.com/klauspost/compress/huff0#ReadTable).
+This will initialize the decoding tables. 
+You can supply the complete block to `ReadTable` and it will return the data part of the block 
+which can be given to the decompressor. 
+
+Decompressing is done by calling the [`Decompress1X`](https://godoc.org/github.com/klauspost/compress/huff0#Scratch.Decompress1X) 
+or [`Decompress4X`](https://godoc.org/github.com/klauspost/compress/huff0#Scratch.Decompress4X) function.
+
+For concurrently decompressing content with a fixed table a stateless [`Decoder`](https://godoc.org/github.com/klauspost/compress/huff0#Decoder) can be requested which will remain correct as long as the scratch is unchanged. The capacity of the provided slice indicates the expected output size.
+
+You must provide the output from the compression stage, at exactly the size you got back. If you receive an error back
+your input was likely corrupted. 
+
+It is important to note that a successful decoding does *not* mean your output matches your original input. 
+There are no integrity checks, so relying on errors from the decompressor does not assure your data is valid.
+
+# Contributing
+
+Contributions are always welcome. Be aware that adding public functions will require good justification and breaking 
+changes will likely not be accepted. If in doubt open an issue before writing the PR.
diff --git a/vendor/github.com/klauspost/compress/huff0/bitreader.go b/vendor/github.com/klauspost/compress/huff0/bitreader.go
new file mode 100644
index 000000000..e36d9742f
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/bitreader.go
@@ -0,0 +1,229 @@
+// Copyright 2018 Klaus Post. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
+
+package huff0
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"io"
+)
+
+// bitReader reads a bitstream in reverse.
+// The last set bit indicates the start of the stream and is used
+// for aligning the input.
+type bitReaderBytes struct {
+	in       []byte
+	off      uint // next byte to read is at in[off - 1]
+	value    uint64
+	bitsRead uint8
+}
+
+// init initializes and resets the bit reader.
+func (b *bitReaderBytes) init(in []byte) error {
+	if len(in) < 1 {
+		return errors.New("corrupt stream: too short")
+	}
+	b.in = in
+	b.off = uint(len(in))
+	// The highest bit of the last byte indicates where to start
+	v := in[len(in)-1]
+	if v == 0 {
+		return errors.New("corrupt stream, did not find end of stream")
+	}
+	b.bitsRead = 64
+	b.value = 0
+	if len(in) >= 8 {
+		b.fillFastStart()
+	} else {
+		b.fill()
+		b.fill()
+	}
+	b.advance(8 - uint8(highBit32(uint32(v))))
+	return nil
+}
+
+// peekBitsFast requires that at least one bit is requested every time.
+// There are no checks if the buffer is filled.
+func (b *bitReaderBytes) peekByteFast() uint8 {
+	got := uint8(b.value >> 56)
+	return got
+}
+
+func (b *bitReaderBytes) advance(n uint8) {
+	b.bitsRead += n
+	b.value <<= n & 63
+}
+
+// fillFast() will make sure at least 32 bits are available.
+// There must be at least 4 bytes available.
+func (b *bitReaderBytes) fillFast() {
+	if b.bitsRead < 32 {
+		return
+	}
+
+	// 2 bounds checks.
+	v := b.in[b.off-4 : b.off]
+	low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+	b.value |= uint64(low) << (b.bitsRead - 32)
+	b.bitsRead -= 32
+	b.off -= 4
+}
+
+// fillFastStart() assumes the bitReaderBytes is empty and there is at least 8 bytes to read.
+func (b *bitReaderBytes) fillFastStart() {
+	// Do single re-slice to avoid bounds checks.
+	b.value = binary.LittleEndian.Uint64(b.in[b.off-8:])
+	b.bitsRead = 0
+	b.off -= 8
+}
+
+// fill() will make sure at least 32 bits are available.
+func (b *bitReaderBytes) fill() {
+	if b.bitsRead < 32 {
+		return
+	}
+	if b.off > 4 {
+		v := b.in[b.off-4 : b.off]
+		low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+		b.value |= uint64(low) << (b.bitsRead - 32)
+		b.bitsRead -= 32
+		b.off -= 4
+		return
+	}
+	for b.off > 0 {
+		b.value |= uint64(b.in[b.off-1]) << (b.bitsRead - 8)
+		b.bitsRead -= 8
+		b.off--
+	}
+}
+
+// finished returns true if all bits have been read from the bit stream.
+func (b *bitReaderBytes) finished() bool {
+	return b.off == 0 && b.bitsRead >= 64
+}
+
+func (b *bitReaderBytes) remaining() uint {
+	return b.off*8 + uint(64-b.bitsRead)
+}
+
+// close the bitstream and returns an error if out-of-buffer reads occurred.
+func (b *bitReaderBytes) close() error {
+	// Release reference.
+	b.in = nil
+	if b.remaining() > 0 {
+		return fmt.Errorf("corrupt input: %d bits remain on stream", b.remaining())
+	}
+	if b.bitsRead > 64 {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+
+// bitReaderShifted reads a bitstream in reverse.
+// The last set bit indicates the start of the stream and is used
+// for aligning the input.
+type bitReaderShifted struct {
+	in       []byte
+	off      uint // next byte to read is at in[off - 1]
+	value    uint64
+	bitsRead uint8
+}
+
+// init initializes and resets the bit reader.
+func (b *bitReaderShifted) init(in []byte) error {
+	if len(in) < 1 {
+		return errors.New("corrupt stream: too short")
+	}
+	b.in = in
+	b.off = uint(len(in))
+	// The highest bit of the last byte indicates where to start
+	v := in[len(in)-1]
+	if v == 0 {
+		return errors.New("corrupt stream, did not find end of stream")
+	}
+	b.bitsRead = 64
+	b.value = 0
+	if len(in) >= 8 {
+		b.fillFastStart()
+	} else {
+		b.fill()
+		b.fill()
+	}
+	b.advance(8 - uint8(highBit32(uint32(v))))
+	return nil
+}
+
+// peekBitsFast requires that at least one bit is requested every time.
+// There are no checks if the buffer is filled.
+func (b *bitReaderShifted) peekBitsFast(n uint8) uint16 {
+	return uint16(b.value >> ((64 - n) & 63))
+}
+
+func (b *bitReaderShifted) advance(n uint8) {
+	b.bitsRead += n
+	b.value <<= n & 63
+}
+
+// fillFast() will make sure at least 32 bits are available.
+// There must be at least 4 bytes available.
+func (b *bitReaderShifted) fillFast() {
+	if b.bitsRead < 32 {
+		return
+	}
+
+	// 2 bounds checks.
+	v := b.in[b.off-4 : b.off]
+	low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+	b.value |= uint64(low) << ((b.bitsRead - 32) & 63)
+	b.bitsRead -= 32
+	b.off -= 4
+}
+
+// fillFastStart() assumes the bitReaderShifted is empty and there is at least 8 bytes to read.
+func (b *bitReaderShifted) fillFastStart() {
+	// Do single re-slice to avoid bounds checks.
+	b.value = binary.LittleEndian.Uint64(b.in[b.off-8:])
+	b.bitsRead = 0
+	b.off -= 8
+}
+
+// fill() will make sure at least 32 bits are available.
+func (b *bitReaderShifted) fill() {
+	if b.bitsRead < 32 {
+		return
+	}
+	if b.off > 4 {
+		v := b.in[b.off-4 : b.off]
+		low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+		b.value |= uint64(low) << ((b.bitsRead - 32) & 63)
+		b.bitsRead -= 32
+		b.off -= 4
+		return
+	}
+	for b.off > 0 {
+		b.value |= uint64(b.in[b.off-1]) << ((b.bitsRead - 8) & 63)
+		b.bitsRead -= 8
+		b.off--
+	}
+}
+
+func (b *bitReaderShifted) remaining() uint {
+	return b.off*8 + uint(64-b.bitsRead)
+}
+
+// close the bitstream and returns an error if out-of-buffer reads occurred.
+func (b *bitReaderShifted) close() error {
+	// Release reference.
+	b.in = nil
+	if b.remaining() > 0 {
+		return fmt.Errorf("corrupt input: %d bits remain on stream", b.remaining())
+	}
+	if b.bitsRead > 64 {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
diff --git a/vendor/github.com/klauspost/compress/huff0/bitwriter.go b/vendor/github.com/klauspost/compress/huff0/bitwriter.go
new file mode 100644
index 000000000..0ebc9aaac
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/bitwriter.go
@@ -0,0 +1,102 @@
+// Copyright 2018 Klaus Post. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
+
+package huff0
+
+// bitWriter will write bits.
+// First bit will be LSB of the first byte of output.
+type bitWriter struct {
+	bitContainer uint64
+	nBits        uint8
+	out          []byte
+}
+
+// addBits16Clean will add up to 16 bits. value may not contain more set bits than indicated.
+// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
+func (b *bitWriter) addBits16Clean(value uint16, bits uint8) {
+	b.bitContainer |= uint64(value) << (b.nBits & 63)
+	b.nBits += bits
+}
+
+// encSymbol will add up to 16 bits. value may not contain more set bits than indicated.
+// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
+func (b *bitWriter) encSymbol(ct cTable, symbol byte) {
+	enc := ct[symbol]
+	b.bitContainer |= uint64(enc.val) << (b.nBits & 63)
+	if false {
+		if enc.nBits == 0 {
+			panic("nbits 0")
+		}
+	}
+	b.nBits += enc.nBits
+}
+
+// encTwoSymbols will add up to 32 bits. value may not contain more set bits than indicated.
+// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
+func (b *bitWriter) encTwoSymbols(ct cTable, av, bv byte) {
+	encA := ct[av]
+	encB := ct[bv]
+	sh := b.nBits & 63
+	combined := uint64(encA.val) | (uint64(encB.val) << (encA.nBits & 63))
+	b.bitContainer |= combined << sh
+	if false {
+		if encA.nBits == 0 {
+			panic("nbitsA 0")
+		}
+		if encB.nBits == 0 {
+			panic("nbitsB 0")
+		}
+	}
+	b.nBits += encA.nBits + encB.nBits
+}
+
+// encFourSymbols adds up to 32 bits from four symbols.
+// It will not check if there is space for them,
+// so the caller must ensure that b has been flushed recently.
+func (b *bitWriter) encFourSymbols(encA, encB, encC, encD cTableEntry) {
+	bitsA := encA.nBits
+	bitsB := bitsA + encB.nBits
+	bitsC := bitsB + encC.nBits
+	bitsD := bitsC + encD.nBits
+	combined := uint64(encA.val) |
+		(uint64(encB.val) << (bitsA & 63)) |
+		(uint64(encC.val) << (bitsB & 63)) |
+		(uint64(encD.val) << (bitsC & 63))
+	b.bitContainer |= combined << (b.nBits & 63)
+	b.nBits += bitsD
+}
+
+// flush32 will flush out, so there are at least 32 bits available for writing.
+func (b *bitWriter) flush32() {
+	if b.nBits < 32 {
+		return
+	}
+	b.out = append(b.out,
+		byte(b.bitContainer),
+		byte(b.bitContainer>>8),
+		byte(b.bitContainer>>16),
+		byte(b.bitContainer>>24))
+	b.nBits -= 32
+	b.bitContainer >>= 32
+}
+
+// flushAlign will flush remaining full bytes and align to next byte boundary.
+func (b *bitWriter) flushAlign() {
+	nbBytes := (b.nBits + 7) >> 3
+	for i := uint8(0); i < nbBytes; i++ {
+		b.out = append(b.out, byte(b.bitContainer>>(i*8)))
+	}
+	b.nBits = 0
+	b.bitContainer = 0
+}
+
+// close will write the alignment bit and write the final byte(s)
+// to the output.
+func (b *bitWriter) close() {
+	// End mark
+	b.addBits16Clean(1, 1)
+	// flush until next byte.
+	b.flushAlign()
+}
diff --git a/vendor/github.com/klauspost/compress/huff0/compress.go b/vendor/github.com/klauspost/compress/huff0/compress.go
new file mode 100644
index 000000000..84aa3d12f
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/compress.go
@@ -0,0 +1,742 @@
+package huff0
+
+import (
+	"fmt"
+	"math"
+	"runtime"
+	"sync"
+)
+
+// Compress1X will compress the input.
+// The output can be decoded using Decompress1X.
+// Supply a Scratch object. The scratch object contains state about re-use,
+// So when sharing across independent encodes, be sure to set the re-use policy.
+func Compress1X(in []byte, s *Scratch) (out []byte, reUsed bool, err error) {
+	s, err = s.prepare(in)
+	if err != nil {
+		return nil, false, err
+	}
+	return compress(in, s, s.compress1X)
+}
+
+// Compress4X will compress the input. The input is split into 4 independent blocks
+// and compressed similar to Compress1X.
+// The output can be decoded using Decompress4X.
+// Supply a Scratch object. The scratch object contains state about re-use,
+// So when sharing across independent encodes, be sure to set the re-use policy.
+func Compress4X(in []byte, s *Scratch) (out []byte, reUsed bool, err error) {
+	s, err = s.prepare(in)
+	if err != nil {
+		return nil, false, err
+	}
+	if false {
+		// TODO: compress4Xp only slightly faster.
+		const parallelThreshold = 8 << 10
+		if len(in) < parallelThreshold || runtime.GOMAXPROCS(0) == 1 {
+			return compress(in, s, s.compress4X)
+		}
+		return compress(in, s, s.compress4Xp)
+	}
+	return compress(in, s, s.compress4X)
+}
+
+func compress(in []byte, s *Scratch, compressor func(src []byte) ([]byte, error)) (out []byte, reUsed bool, err error) {
+	// Nuke previous table if we cannot reuse anyway.
+	if s.Reuse == ReusePolicyNone {
+		s.prevTable = s.prevTable[:0]
+	}
+
+	// Create histogram, if none was provided.
+	maxCount := s.maxCount
+	var canReuse = false
+	if maxCount == 0 {
+		maxCount, canReuse = s.countSimple(in)
+	} else {
+		canReuse = s.canUseTable(s.prevTable)
+	}
+
+	// We want the output size to be less than this:
+	wantSize := len(in)
+	if s.WantLogLess > 0 {
+		wantSize -= wantSize >> s.WantLogLess
+	}
+
+	// Reset for next run.
+	s.clearCount = true
+	s.maxCount = 0
+	if maxCount >= len(in) {
+		if maxCount > len(in) {
+			return nil, false, fmt.Errorf("maxCount (%d) > length (%d)", maxCount, len(in))
+		}
+		if len(in) == 1 {
+			return nil, false, ErrIncompressible
+		}
+		// One symbol, use RLE
+		return nil, false, ErrUseRLE
+	}
+	if maxCount == 1 || maxCount < (len(in)>>7) {
+		// Each symbol present maximum once or too well distributed.
+		return nil, false, ErrIncompressible
+	}
+	if s.Reuse == ReusePolicyMust && !canReuse {
+		// We must reuse, but we can't.
+		return nil, false, ErrIncompressible
+	}
+	if (s.Reuse == ReusePolicyPrefer || s.Reuse == ReusePolicyMust) && canReuse {
+		keepTable := s.cTable
+		keepTL := s.actualTableLog
+		s.cTable = s.prevTable
+		s.actualTableLog = s.prevTableLog
+		s.Out, err = compressor(in)
+		s.cTable = keepTable
+		s.actualTableLog = keepTL
+		if err == nil && len(s.Out) < wantSize {
+			s.OutData = s.Out
+			return s.Out, true, nil
+		}
+		if s.Reuse == ReusePolicyMust {
+			return nil, false, ErrIncompressible
+		}
+		// Do not attempt to re-use later.
+		s.prevTable = s.prevTable[:0]
+	}
+
+	// Calculate new table.
+	err = s.buildCTable()
+	if err != nil {
+		return nil, false, err
+	}
+
+	if false && !s.canUseTable(s.cTable) {
+		panic("invalid table generated")
+	}
+
+	if s.Reuse == ReusePolicyAllow && canReuse {
+		hSize := len(s.Out)
+		oldSize := s.prevTable.estimateSize(s.count[:s.symbolLen])
+		newSize := s.cTable.estimateSize(s.count[:s.symbolLen])
+		if oldSize <= hSize+newSize || hSize+12 >= wantSize {
+			// Retain cTable even if we re-use.
+			keepTable := s.cTable
+			keepTL := s.actualTableLog
+
+			s.cTable = s.prevTable
+			s.actualTableLog = s.prevTableLog
+			s.Out, err = compressor(in)
+
+			// Restore ctable.
+			s.cTable = keepTable
+			s.actualTableLog = keepTL
+			if err != nil {
+				return nil, false, err
+			}
+			if len(s.Out) >= wantSize {
+				return nil, false, ErrIncompressible
+			}
+			s.OutData = s.Out
+			return s.Out, true, nil
+		}
+	}
+
+	// Use new table
+	err = s.cTable.write(s)
+	if err != nil {
+		s.OutTable = nil
+		return nil, false, err
+	}
+	s.OutTable = s.Out
+
+	// Compress using new table
+	s.Out, err = compressor(in)
+	if err != nil {
+		s.OutTable = nil
+		return nil, false, err
+	}
+	if len(s.Out) >= wantSize {
+		s.OutTable = nil
+		return nil, false, ErrIncompressible
+	}
+	// Move current table into previous.
+	s.prevTable, s.prevTableLog, s.cTable = s.cTable, s.actualTableLog, s.prevTable[:0]
+	s.OutData = s.Out[len(s.OutTable):]
+	return s.Out, false, nil
+}
+
+// EstimateSizes will estimate the data sizes
+func EstimateSizes(in []byte, s *Scratch) (tableSz, dataSz, reuseSz int, err error) {
+	s, err = s.prepare(in)
+	if err != nil {
+		return 0, 0, 0, err
+	}
+
+	// Create histogram, if none was provided.
+	tableSz, dataSz, reuseSz = -1, -1, -1
+	maxCount := s.maxCount
+	var canReuse = false
+	if maxCount == 0 {
+		maxCount, canReuse = s.countSimple(in)
+	} else {
+		canReuse = s.canUseTable(s.prevTable)
+	}
+
+	// We want the output size to be less than this:
+	wantSize := len(in)
+	if s.WantLogLess > 0 {
+		wantSize -= wantSize >> s.WantLogLess
+	}
+
+	// Reset for next run.
+	s.clearCount = true
+	s.maxCount = 0
+	if maxCount >= len(in) {
+		if maxCount > len(in) {
+			return 0, 0, 0, fmt.Errorf("maxCount (%d) > length (%d)", maxCount, len(in))
+		}
+		if len(in) == 1 {
+			return 0, 0, 0, ErrIncompressible
+		}
+		// One symbol, use RLE
+		return 0, 0, 0, ErrUseRLE
+	}
+	if maxCount == 1 || maxCount < (len(in)>>7) {
+		// Each symbol present maximum once or too well distributed.
+		return 0, 0, 0, ErrIncompressible
+	}
+
+	// Calculate new table.
+	err = s.buildCTable()
+	if err != nil {
+		return 0, 0, 0, err
+	}
+
+	if false && !s.canUseTable(s.cTable) {
+		panic("invalid table generated")
+	}
+
+	tableSz, err = s.cTable.estTableSize(s)
+	if err != nil {
+		return 0, 0, 0, err
+	}
+	if canReuse {
+		reuseSz = s.prevTable.estimateSize(s.count[:s.symbolLen])
+	}
+	dataSz = s.cTable.estimateSize(s.count[:s.symbolLen])
+
+	// Restore
+	return tableSz, dataSz, reuseSz, nil
+}
+
+func (s *Scratch) compress1X(src []byte) ([]byte, error) {
+	return s.compress1xDo(s.Out, src), nil
+}
+
+func (s *Scratch) compress1xDo(dst, src []byte) []byte {
+	var bw = bitWriter{out: dst}
+
+	// N is length divisible by 4.
+	n := len(src)
+	n -= n & 3
+	cTable := s.cTable[:256]
+
+	// Encode last bytes.
+	for i := len(src) & 3; i > 0; i-- {
+		bw.encSymbol(cTable, src[n+i-1])
+	}
+	n -= 4
+	if s.actualTableLog <= 8 {
+		for ; n >= 0; n -= 4 {
+			tmp := src[n : n+4]
+			// tmp should be len 4
+			bw.flush32()
+			bw.encFourSymbols(cTable[tmp[3]], cTable[tmp[2]], cTable[tmp[1]], cTable[tmp[0]])
+		}
+	} else {
+		for ; n >= 0; n -= 4 {
+			tmp := src[n : n+4]
+			// tmp should be len 4
+			bw.flush32()
+			bw.encTwoSymbols(cTable, tmp[3], tmp[2])
+			bw.flush32()
+			bw.encTwoSymbols(cTable, tmp[1], tmp[0])
+		}
+	}
+	bw.close()
+	return bw.out
+}
+
+var sixZeros [6]byte
+
+func (s *Scratch) compress4X(src []byte) ([]byte, error) {
+	if len(src) < 12 {
+		return nil, ErrIncompressible
+	}
+	segmentSize := (len(src) + 3) / 4
+
+	// Add placeholder for output length
+	offsetIdx := len(s.Out)
+	s.Out = append(s.Out, sixZeros[:]...)
+
+	for i := 0; i < 4; i++ {
+		toDo := src
+		if len(toDo) > segmentSize {
+			toDo = toDo[:segmentSize]
+		}
+		src = src[len(toDo):]
+
+		idx := len(s.Out)
+		s.Out = s.compress1xDo(s.Out, toDo)
+		if len(s.Out)-idx > math.MaxUint16 {
+			// We cannot store the size in the jump table
+			return nil, ErrIncompressible
+		}
+		// Write compressed length as little endian before block.
+		if i < 3 {
+			// Last length is not written.
+			length := len(s.Out) - idx
+			s.Out[i*2+offsetIdx] = byte(length)
+			s.Out[i*2+offsetIdx+1] = byte(length >> 8)
+		}
+	}
+
+	return s.Out, nil
+}
+
+// compress4Xp will compress 4 streams using separate goroutines.
+func (s *Scratch) compress4Xp(src []byte) ([]byte, error) {
+	if len(src) < 12 {
+		return nil, ErrIncompressible
+	}
+	// Add placeholder for output length
+	s.Out = s.Out[:6]
+
+	segmentSize := (len(src) + 3) / 4
+	var wg sync.WaitGroup
+	wg.Add(4)
+	for i := 0; i < 4; i++ {
+		toDo := src
+		if len(toDo) > segmentSize {
+			toDo = toDo[:segmentSize]
+		}
+		src = src[len(toDo):]
+
+		// Separate goroutine for each block.
+		go func(i int) {
+			s.tmpOut[i] = s.compress1xDo(s.tmpOut[i][:0], toDo)
+			wg.Done()
+		}(i)
+	}
+	wg.Wait()
+	for i := 0; i < 4; i++ {
+		o := s.tmpOut[i]
+		if len(o) > math.MaxUint16 {
+			// We cannot store the size in the jump table
+			return nil, ErrIncompressible
+		}
+		// Write compressed length as little endian before block.
+		if i < 3 {
+			// Last length is not written.
+			s.Out[i*2] = byte(len(o))
+			s.Out[i*2+1] = byte(len(o) >> 8)
+		}
+
+		// Write output.
+		s.Out = append(s.Out, o...)
+	}
+	return s.Out, nil
+}
+
+// countSimple will create a simple histogram in s.count.
+// Returns the biggest count.
+// Does not update s.clearCount.
+func (s *Scratch) countSimple(in []byte) (max int, reuse bool) {
+	reuse = true
+	_ = s.count // Assert that s != nil to speed up the following loop.
+	for _, v := range in {
+		s.count[v]++
+	}
+	m := uint32(0)
+	if len(s.prevTable) > 0 {
+		for i, v := range s.count[:] {
+			if v == 0 {
+				continue
+			}
+			if v > m {
+				m = v
+			}
+			s.symbolLen = uint16(i) + 1
+			if i >= len(s.prevTable) {
+				reuse = false
+			} else if s.prevTable[i].nBits == 0 {
+				reuse = false
+			}
+		}
+		return int(m), reuse
+	}
+	for i, v := range s.count[:] {
+		if v == 0 {
+			continue
+		}
+		if v > m {
+			m = v
+		}
+		s.symbolLen = uint16(i) + 1
+	}
+	return int(m), false
+}
+
+func (s *Scratch) canUseTable(c cTable) bool {
+	if len(c) < int(s.symbolLen) {
+		return false
+	}
+	for i, v := range s.count[:s.symbolLen] {
+		if v != 0 && c[i].nBits == 0 {
+			return false
+		}
+	}
+	return true
+}
+
+//lint:ignore U1000 used for debugging
+func (s *Scratch) validateTable(c cTable) bool {
+	if len(c) < int(s.symbolLen) {
+		return false
+	}
+	for i, v := range s.count[:s.symbolLen] {
+		if v != 0 {
+			if c[i].nBits == 0 {
+				return false
+			}
+			if c[i].nBits > s.actualTableLog {
+				return false
+			}
+		}
+	}
+	return true
+}
+
+// minTableLog provides the minimum logSize to safely represent a distribution.
+func (s *Scratch) minTableLog() uint8 {
+	minBitsSrc := highBit32(uint32(s.srcLen)) + 1
+	minBitsSymbols := highBit32(uint32(s.symbolLen-1)) + 2
+	if minBitsSrc < minBitsSymbols {
+		return uint8(minBitsSrc)
+	}
+	return uint8(minBitsSymbols)
+}
+
+// optimalTableLog calculates and sets the optimal tableLog in s.actualTableLog
+func (s *Scratch) optimalTableLog() {
+	tableLog := s.TableLog
+	minBits := s.minTableLog()
+	maxBitsSrc := uint8(highBit32(uint32(s.srcLen-1))) - 1
+	if maxBitsSrc < tableLog {
+		// Accuracy can be reduced
+		tableLog = maxBitsSrc
+	}
+	if minBits > tableLog {
+		tableLog = minBits
+	}
+	// Need a minimum to safely represent all symbol values
+	if tableLog < minTablelog {
+		tableLog = minTablelog
+	}
+	if tableLog > tableLogMax {
+		tableLog = tableLogMax
+	}
+	s.actualTableLog = tableLog
+}
+
+type cTableEntry struct {
+	val   uint16
+	nBits uint8
+	// We have 8 bits extra
+}
+
+const huffNodesMask = huffNodesLen - 1
+
+func (s *Scratch) buildCTable() error {
+	s.optimalTableLog()
+	s.huffSort()
+	if cap(s.cTable) < maxSymbolValue+1 {
+		s.cTable = make([]cTableEntry, s.symbolLen, maxSymbolValue+1)
+	} else {
+		s.cTable = s.cTable[:s.symbolLen]
+		for i := range s.cTable {
+			s.cTable[i] = cTableEntry{}
+		}
+	}
+
+	var startNode = int16(s.symbolLen)
+	nonNullRank := s.symbolLen - 1
+
+	nodeNb := startNode
+	huffNode := s.nodes[1 : huffNodesLen+1]
+
+	// This overlays the slice above, but allows "-1" index lookups.
+	// Different from reference implementation.
+	huffNode0 := s.nodes[0 : huffNodesLen+1]
+
+	for huffNode[nonNullRank].count() == 0 {
+		nonNullRank--
+	}
+
+	lowS := int16(nonNullRank)
+	nodeRoot := nodeNb + lowS - 1
+	lowN := nodeNb
+	huffNode[nodeNb].setCount(huffNode[lowS].count() + huffNode[lowS-1].count())
+	huffNode[lowS].setParent(nodeNb)
+	huffNode[lowS-1].setParent(nodeNb)
+	nodeNb++
+	lowS -= 2
+	for n := nodeNb; n <= nodeRoot; n++ {
+		huffNode[n].setCount(1 << 30)
+	}
+	// fake entry, strong barrier
+	huffNode0[0].setCount(1 << 31)
+
+	// create parents
+	for nodeNb <= nodeRoot {
+		var n1, n2 int16
+		if huffNode0[lowS+1].count() < huffNode0[lowN+1].count() {
+			n1 = lowS
+			lowS--
+		} else {
+			n1 = lowN
+			lowN++
+		}
+		if huffNode0[lowS+1].count() < huffNode0[lowN+1].count() {
+			n2 = lowS
+			lowS--
+		} else {
+			n2 = lowN
+			lowN++
+		}
+
+		huffNode[nodeNb].setCount(huffNode0[n1+1].count() + huffNode0[n2+1].count())
+		huffNode0[n1+1].setParent(nodeNb)
+		huffNode0[n2+1].setParent(nodeNb)
+		nodeNb++
+	}
+
+	// distribute weights (unlimited tree height)
+	huffNode[nodeRoot].setNbBits(0)
+	for n := nodeRoot - 1; n >= startNode; n-- {
+		huffNode[n].setNbBits(huffNode[huffNode[n].parent()].nbBits() + 1)
+	}
+	for n := uint16(0); n <= nonNullRank; n++ {
+		huffNode[n].setNbBits(huffNode[huffNode[n].parent()].nbBits() + 1)
+	}
+	s.actualTableLog = s.setMaxHeight(int(nonNullRank))
+	maxNbBits := s.actualTableLog
+
+	// fill result into tree (val, nbBits)
+	if maxNbBits > tableLogMax {
+		return fmt.Errorf("internal error: maxNbBits (%d) > tableLogMax (%d)", maxNbBits, tableLogMax)
+	}
+	var nbPerRank [tableLogMax + 1]uint16
+	var valPerRank [16]uint16
+	for _, v := range huffNode[:nonNullRank+1] {
+		nbPerRank[v.nbBits()]++
+	}
+	// determine stating value per rank
+	{
+		min := uint16(0)
+		for n := maxNbBits; n > 0; n-- {
+			// get starting value within each rank
+			valPerRank[n] = min
+			min += nbPerRank[n]
+			min >>= 1
+		}
+	}
+
+	// push nbBits per symbol, symbol order
+	for _, v := range huffNode[:nonNullRank+1] {
+		s.cTable[v.symbol()].nBits = v.nbBits()
+	}
+
+	// assign value within rank, symbol order
+	t := s.cTable[:s.symbolLen]
+	for n, val := range t {
+		nbits := val.nBits & 15
+		v := valPerRank[nbits]
+		t[n].val = v
+		valPerRank[nbits] = v + 1
+	}
+
+	return nil
+}
+
+// huffSort will sort symbols, decreasing order.
+func (s *Scratch) huffSort() {
+	type rankPos struct {
+		base    uint32
+		current uint32
+	}
+
+	// Clear nodes
+	nodes := s.nodes[:huffNodesLen+1]
+	s.nodes = nodes
+	nodes = nodes[1 : huffNodesLen+1]
+
+	// Sort into buckets based on length of symbol count.
+	var rank [32]rankPos
+	for _, v := range s.count[:s.symbolLen] {
+		r := highBit32(v+1) & 31
+		rank[r].base++
+	}
+	// maxBitLength is log2(BlockSizeMax) + 1
+	const maxBitLength = 18 + 1
+	for n := maxBitLength; n > 0; n-- {
+		rank[n-1].base += rank[n].base
+	}
+	for n := range rank[:maxBitLength] {
+		rank[n].current = rank[n].base
+	}
+	for n, c := range s.count[:s.symbolLen] {
+		r := (highBit32(c+1) + 1) & 31
+		pos := rank[r].current
+		rank[r].current++
+		prev := nodes[(pos-1)&huffNodesMask]
+		for pos > rank[r].base && c > prev.count() {
+			nodes[pos&huffNodesMask] = prev
+			pos--
+			prev = nodes[(pos-1)&huffNodesMask]
+		}
+		nodes[pos&huffNodesMask] = makeNodeElt(c, byte(n))
+	}
+}
+
+func (s *Scratch) setMaxHeight(lastNonNull int) uint8 {
+	maxNbBits := s.actualTableLog
+	huffNode := s.nodes[1 : huffNodesLen+1]
+	//huffNode = huffNode[: huffNodesLen]
+
+	largestBits := huffNode[lastNonNull].nbBits()
+
+	// early exit : no elt > maxNbBits
+	if largestBits <= maxNbBits {
+		return largestBits
+	}
+	totalCost := int(0)
+	baseCost := int(1) << (largestBits - maxNbBits)
+	n := uint32(lastNonNull)
+
+	for huffNode[n].nbBits() > maxNbBits {
+		totalCost += baseCost - (1 << (largestBits - huffNode[n].nbBits()))
+		huffNode[n].setNbBits(maxNbBits)
+		n--
+	}
+	// n stops at huffNode[n].nbBits <= maxNbBits
+
+	for huffNode[n].nbBits() == maxNbBits {
+		n--
+	}
+	// n end at index of smallest symbol using < maxNbBits
+
+	// renorm totalCost
+	totalCost >>= largestBits - maxNbBits /* note : totalCost is necessarily a multiple of baseCost */
+
+	// repay normalized cost
+	{
+		const noSymbol = 0xF0F0F0F0
+		var rankLast [tableLogMax + 2]uint32
+
+		for i := range rankLast[:] {
+			rankLast[i] = noSymbol
+		}
+
+		// Get pos of last (smallest) symbol per rank
+		{
+			currentNbBits := maxNbBits
+			for pos := int(n); pos >= 0; pos-- {
+				if huffNode[pos].nbBits() >= currentNbBits {
+					continue
+				}
+				currentNbBits = huffNode[pos].nbBits() // < maxNbBits
+				rankLast[maxNbBits-currentNbBits] = uint32(pos)
+			}
+		}
+
+		for totalCost > 0 {
+			nBitsToDecrease := uint8(highBit32(uint32(totalCost))) + 1
+
+			for ; nBitsToDecrease > 1; nBitsToDecrease-- {
+				highPos := rankLast[nBitsToDecrease]
+				lowPos := rankLast[nBitsToDecrease-1]
+				if highPos == noSymbol {
+					continue
+				}
+				if lowPos == noSymbol {
+					break
+				}
+				highTotal := huffNode[highPos].count()
+				lowTotal := 2 * huffNode[lowPos].count()
+				if highTotal <= lowTotal {
+					break
+				}
+			}
+			// only triggered when no more rank 1 symbol left => find closest one (note : there is necessarily at least one !)
+			// HUF_MAX_TABLELOG test just to please gcc 5+; but it should not be necessary
+			// FIXME: try to remove
+			for (nBitsToDecrease <= tableLogMax) && (rankLast[nBitsToDecrease] == noSymbol) {
+				nBitsToDecrease++
+			}
+			totalCost -= 1 << (nBitsToDecrease - 1)
+			if rankLast[nBitsToDecrease-1] == noSymbol {
+				// this rank is no longer empty
+				rankLast[nBitsToDecrease-1] = rankLast[nBitsToDecrease]
+			}
+			huffNode[rankLast[nBitsToDecrease]].setNbBits(1 +
+				huffNode[rankLast[nBitsToDecrease]].nbBits())
+			if rankLast[nBitsToDecrease] == 0 {
+				/* special case, reached largest symbol */
+				rankLast[nBitsToDecrease] = noSymbol
+			} else {
+				rankLast[nBitsToDecrease]--
+				if huffNode[rankLast[nBitsToDecrease]].nbBits() != maxNbBits-nBitsToDecrease {
+					rankLast[nBitsToDecrease] = noSymbol /* this rank is now empty */
+				}
+			}
+		}
+
+		for totalCost < 0 { /* Sometimes, cost correction overshoot */
+			if rankLast[1] == noSymbol { /* special case : no rank 1 symbol (using maxNbBits-1); let's create one from largest rank 0 (using maxNbBits) */
+				for huffNode[n].nbBits() == maxNbBits {
+					n--
+				}
+				huffNode[n+1].setNbBits(huffNode[n+1].nbBits() - 1)
+				rankLast[1] = n + 1
+				totalCost++
+				continue
+			}
+			huffNode[rankLast[1]+1].setNbBits(huffNode[rankLast[1]+1].nbBits() - 1)
+			rankLast[1]++
+			totalCost++
+		}
+	}
+	return maxNbBits
+}
+
+// A nodeElt is the fields
+//
+//	count  uint32
+//	parent uint16
+//	symbol byte
+//	nbBits uint8
+//
+// in some order, all squashed into an integer so that the compiler
+// always loads and stores entire nodeElts instead of separate fields.
+type nodeElt uint64
+
+func makeNodeElt(count uint32, symbol byte) nodeElt {
+	return nodeElt(count) | nodeElt(symbol)<<48
+}
+
+func (e *nodeElt) count() uint32  { return uint32(*e) }
+func (e *nodeElt) parent() uint16 { return uint16(*e >> 32) }
+func (e *nodeElt) symbol() byte   { return byte(*e >> 48) }
+func (e *nodeElt) nbBits() uint8  { return uint8(*e >> 56) }
+
+func (e *nodeElt) setCount(c uint32) { *e = (*e)&0xffffffff00000000 | nodeElt(c) }
+func (e *nodeElt) setParent(p int16) { *e = (*e)&0xffff0000ffffffff | nodeElt(uint16(p))<<32 }
+func (e *nodeElt) setNbBits(n uint8) { *e = (*e)&0x00ffffffffffffff | nodeElt(n)<<56 }
diff --git a/vendor/github.com/klauspost/compress/huff0/decompress.go b/vendor/github.com/klauspost/compress/huff0/decompress.go
new file mode 100644
index 000000000..0f56b02d7
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/decompress.go
@@ -0,0 +1,1167 @@
+package huff0
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"sync"
+
+	"github.com/klauspost/compress/fse"
+)
+
+type dTable struct {
+	single []dEntrySingle
+}
+
+// single-symbols decoding
+type dEntrySingle struct {
+	entry uint16
+}
+
+// Uses special code for all tables that are < 8 bits.
+const use8BitTables = true
+
+// ReadTable will read a table from the input.
+// The size of the input may be larger than the table definition.
+// Any content remaining after the table definition will be returned.
+// If no Scratch is provided a new one is allocated.
+// The returned Scratch can be used for encoding or decoding input using this table.
+func ReadTable(in []byte, s *Scratch) (s2 *Scratch, remain []byte, err error) {
+	s, err = s.prepare(nil)
+	if err != nil {
+		return s, nil, err
+	}
+	if len(in) <= 1 {
+		return s, nil, errors.New("input too small for table")
+	}
+	iSize := in[0]
+	in = in[1:]
+	if iSize >= 128 {
+		// Uncompressed
+		oSize := iSize - 127
+		iSize = (oSize + 1) / 2
+		if int(iSize) > len(in) {
+			return s, nil, errors.New("input too small for table")
+		}
+		for n := uint8(0); n < oSize; n += 2 {
+			v := in[n/2]
+			s.huffWeight[n] = v >> 4
+			s.huffWeight[n+1] = v & 15
+		}
+		s.symbolLen = uint16(oSize)
+		in = in[iSize:]
+	} else {
+		if len(in) < int(iSize) {
+			return s, nil, fmt.Errorf("input too small for table, want %d bytes, have %d", iSize, len(in))
+		}
+		// FSE compressed weights
+		s.fse.DecompressLimit = 255
+		hw := s.huffWeight[:]
+		s.fse.Out = hw
+		b, err := fse.Decompress(in[:iSize], s.fse)
+		s.fse.Out = nil
+		if err != nil {
+			return s, nil, fmt.Errorf("fse decompress returned: %w", err)
+		}
+		if len(b) > 255 {
+			return s, nil, errors.New("corrupt input: output table too large")
+		}
+		s.symbolLen = uint16(len(b))
+		in = in[iSize:]
+	}
+
+	// collect weight stats
+	var rankStats [16]uint32
+	weightTotal := uint32(0)
+	for _, v := range s.huffWeight[:s.symbolLen] {
+		if v > tableLogMax {
+			return s, nil, errors.New("corrupt input: weight too large")
+		}
+		v2 := v & 15
+		rankStats[v2]++
+		// (1 << (v2-1)) is slower since the compiler cannot prove that v2 isn't 0.
+		weightTotal += (1 << v2) >> 1
+	}
+	if weightTotal == 0 {
+		return s, nil, errors.New("corrupt input: weights zero")
+	}
+
+	// get last non-null symbol weight (implied, total must be 2^n)
+	{
+		tableLog := highBit32(weightTotal) + 1
+		if tableLog > tableLogMax {
+			return s, nil, errors.New("corrupt input: tableLog too big")
+		}
+		s.actualTableLog = uint8(tableLog)
+		// determine last weight
+		{
+			total := uint32(1) << tableLog
+			rest := total - weightTotal
+			verif := uint32(1) << highBit32(rest)
+			lastWeight := highBit32(rest) + 1
+			if verif != rest {
+				// last value must be a clean power of 2
+				return s, nil, errors.New("corrupt input: last value not power of two")
+			}
+			s.huffWeight[s.symbolLen] = uint8(lastWeight)
+			s.symbolLen++
+			rankStats[lastWeight]++
+		}
+	}
+
+	if (rankStats[1] < 2) || (rankStats[1]&1 != 0) {
+		// by construction : at least 2 elts of rank 1, must be even
+		return s, nil, errors.New("corrupt input: min elt size, even check failed ")
+	}
+
+	// TODO: Choose between single/double symbol decoding
+
+	// Calculate starting value for each rank
+	{
+		var nextRankStart uint32
+		for n := uint8(1); n < s.actualTableLog+1; n++ {
+			current := nextRankStart
+			nextRankStart += rankStats[n] << (n - 1)
+			rankStats[n] = current
+		}
+	}
+
+	// fill DTable (always full size)
+	tSize := 1 << tableLogMax
+	if len(s.dt.single) != tSize {
+		s.dt.single = make([]dEntrySingle, tSize)
+	}
+	cTable := s.prevTable
+	if cap(cTable) < maxSymbolValue+1 {
+		cTable = make([]cTableEntry, 0, maxSymbolValue+1)
+	}
+	cTable = cTable[:maxSymbolValue+1]
+	s.prevTable = cTable[:s.symbolLen]
+	s.prevTableLog = s.actualTableLog
+
+	for n, w := range s.huffWeight[:s.symbolLen] {
+		if w == 0 {
+			cTable[n] = cTableEntry{
+				val:   0,
+				nBits: 0,
+			}
+			continue
+		}
+		length := (uint32(1) << w) >> 1
+		d := dEntrySingle{
+			entry: uint16(s.actualTableLog+1-w) | (uint16(n) << 8),
+		}
+
+		rank := &rankStats[w]
+		cTable[n] = cTableEntry{
+			val:   uint16(*rank >> (w - 1)),
+			nBits: uint8(d.entry),
+		}
+
+		single := s.dt.single[*rank : *rank+length]
+		for i := range single {
+			single[i] = d
+		}
+		*rank += length
+	}
+
+	return s, in, nil
+}
+
+// Decompress1X will decompress a 1X encoded stream.
+// The length of the supplied input must match the end of a block exactly.
+// Before this is called, the table must be initialized with ReadTable unless
+// the encoder re-used the table.
+// deprecated: Use the stateless Decoder() to get a concurrent version.
+func (s *Scratch) Decompress1X(in []byte) (out []byte, err error) {
+	if cap(s.Out) < s.MaxDecodedSize {
+		s.Out = make([]byte, s.MaxDecodedSize)
+	}
+	s.Out = s.Out[:0:s.MaxDecodedSize]
+	s.Out, err = s.Decoder().Decompress1X(s.Out, in)
+	return s.Out, err
+}
+
+// Decompress4X will decompress a 4X encoded stream.
+// Before this is called, the table must be initialized with ReadTable unless
+// the encoder re-used the table.
+// The length of the supplied input must match the end of a block exactly.
+// The destination size of the uncompressed data must be known and provided.
+// deprecated: Use the stateless Decoder() to get a concurrent version.
+func (s *Scratch) Decompress4X(in []byte, dstSize int) (out []byte, err error) {
+	if dstSize > s.MaxDecodedSize {
+		return nil, ErrMaxDecodedSizeExceeded
+	}
+	if cap(s.Out) < dstSize {
+		s.Out = make([]byte, s.MaxDecodedSize)
+	}
+	s.Out = s.Out[:0:dstSize]
+	s.Out, err = s.Decoder().Decompress4X(s.Out, in)
+	return s.Out, err
+}
+
+// Decoder will return a stateless decoder that can be used by multiple
+// decompressors concurrently.
+// Before this is called, the table must be initialized with ReadTable.
+// The Decoder is still linked to the scratch buffer so that cannot be reused.
+// However, it is safe to discard the scratch.
+func (s *Scratch) Decoder() *Decoder {
+	return &Decoder{
+		dt:             s.dt,
+		actualTableLog: s.actualTableLog,
+		bufs:           &s.decPool,
+	}
+}
+
+// Decoder provides stateless decoding.
+type Decoder struct {
+	dt             dTable
+	actualTableLog uint8
+	bufs           *sync.Pool
+}
+
+func (d *Decoder) buffer() *[4][256]byte {
+	buf, ok := d.bufs.Get().(*[4][256]byte)
+	if ok {
+		return buf
+	}
+	return &[4][256]byte{}
+}
+
+// decompress1X8Bit will decompress a 1X encoded stream with tablelog <= 8.
+// The cap of the output buffer will be the maximum decompressed size.
+// The length of the supplied input must match the end of a block exactly.
+func (d *Decoder) decompress1X8Bit(dst, src []byte) ([]byte, error) {
+	if d.actualTableLog == 8 {
+		return d.decompress1X8BitExactly(dst, src)
+	}
+	var br bitReaderBytes
+	err := br.init(src)
+	if err != nil {
+		return dst, err
+	}
+	maxDecodedSize := cap(dst)
+	dst = dst[:0]
+
+	// Avoid bounds check by always having full sized table.
+	dt := d.dt.single[:256]
+
+	// Use temp table to avoid bound checks/append penalty.
+	bufs := d.buffer()
+	buf := &bufs[0]
+	var off uint8
+
+	switch d.actualTableLog {
+	case 8:
+		const shift = 0
+		for br.off >= 4 {
+			br.fillFast()
+			v := dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+0] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+1] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+2] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+3] = uint8(v.entry >> 8)
+
+			off += 4
+			if off == 0 {
+				if len(dst)+256 > maxDecodedSize {
+					br.close()
+					d.bufs.Put(bufs)
+					return nil, ErrMaxDecodedSizeExceeded
+				}
+				dst = append(dst, buf[:]...)
+			}
+		}
+	case 7:
+		const shift = 8 - 7
+		for br.off >= 4 {
+			br.fillFast()
+			v := dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+0] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+1] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+2] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+3] = uint8(v.entry >> 8)
+
+			off += 4
+			if off == 0 {
+				if len(dst)+256 > maxDecodedSize {
+					br.close()
+					d.bufs.Put(bufs)
+					return nil, ErrMaxDecodedSizeExceeded
+				}
+				dst = append(dst, buf[:]...)
+			}
+		}
+	case 6:
+		const shift = 8 - 6
+		for br.off >= 4 {
+			br.fillFast()
+			v := dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+0] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+1] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+2] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+3] = uint8(v.entry >> 8)
+
+			off += 4
+			if off == 0 {
+				if len(dst)+256 > maxDecodedSize {
+					d.bufs.Put(bufs)
+					br.close()
+					return nil, ErrMaxDecodedSizeExceeded
+				}
+				dst = append(dst, buf[:]...)
+			}
+		}
+	case 5:
+		const shift = 8 - 5
+		for br.off >= 4 {
+			br.fillFast()
+			v := dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+0] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+1] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+2] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+3] = uint8(v.entry >> 8)
+
+			off += 4
+			if off == 0 {
+				if len(dst)+256 > maxDecodedSize {
+					d.bufs.Put(bufs)
+					br.close()
+					return nil, ErrMaxDecodedSizeExceeded
+				}
+				dst = append(dst, buf[:]...)
+			}
+		}
+	case 4:
+		const shift = 8 - 4
+		for br.off >= 4 {
+			br.fillFast()
+			v := dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+0] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+1] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+2] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+3] = uint8(v.entry >> 8)
+
+			off += 4
+			if off == 0 {
+				if len(dst)+256 > maxDecodedSize {
+					d.bufs.Put(bufs)
+					br.close()
+					return nil, ErrMaxDecodedSizeExceeded
+				}
+				dst = append(dst, buf[:]...)
+			}
+		}
+	case 3:
+		const shift = 8 - 3
+		for br.off >= 4 {
+			br.fillFast()
+			v := dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+0] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+1] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+2] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+3] = uint8(v.entry >> 8)
+
+			off += 4
+			if off == 0 {
+				if len(dst)+256 > maxDecodedSize {
+					d.bufs.Put(bufs)
+					br.close()
+					return nil, ErrMaxDecodedSizeExceeded
+				}
+				dst = append(dst, buf[:]...)
+			}
+		}
+	case 2:
+		const shift = 8 - 2
+		for br.off >= 4 {
+			br.fillFast()
+			v := dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+0] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+1] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+2] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+3] = uint8(v.entry >> 8)
+
+			off += 4
+			if off == 0 {
+				if len(dst)+256 > maxDecodedSize {
+					d.bufs.Put(bufs)
+					br.close()
+					return nil, ErrMaxDecodedSizeExceeded
+				}
+				dst = append(dst, buf[:]...)
+			}
+		}
+	case 1:
+		const shift = 8 - 1
+		for br.off >= 4 {
+			br.fillFast()
+			v := dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+0] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+1] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+2] = uint8(v.entry >> 8)
+
+			v = dt[uint8(br.value>>(56+shift))]
+			br.advance(uint8(v.entry))
+			buf[off+3] = uint8(v.entry >> 8)
+
+			off += 4
+			if off == 0 {
+				if len(dst)+256 > maxDecodedSize {
+					d.bufs.Put(bufs)
+					br.close()
+					return nil, ErrMaxDecodedSizeExceeded
+				}
+				dst = append(dst, buf[:]...)
+			}
+		}
+	default:
+		d.bufs.Put(bufs)
+		return nil, fmt.Errorf("invalid tablelog: %d", d.actualTableLog)
+	}
+
+	if len(dst)+int(off) > maxDecodedSize {
+		d.bufs.Put(bufs)
+		br.close()
+		return nil, ErrMaxDecodedSizeExceeded
+	}
+	dst = append(dst, buf[:off]...)
+
+	// br < 4, so uint8 is fine
+	bitsLeft := int8(uint8(br.off)*8 + (64 - br.bitsRead))
+	shift := (8 - d.actualTableLog) & 7
+
+	for bitsLeft > 0 {
+		if br.bitsRead >= 64-8 {
+			for br.off > 0 {
+				br.value |= uint64(br.in[br.off-1]) << (br.bitsRead - 8)
+				br.bitsRead -= 8
+				br.off--
+			}
+		}
+		if len(dst) >= maxDecodedSize {
+			br.close()
+			d.bufs.Put(bufs)
+			return nil, ErrMaxDecodedSizeExceeded
+		}
+		v := dt[br.peekByteFast()>>shift]
+		nBits := uint8(v.entry)
+		br.advance(nBits)
+		bitsLeft -= int8(nBits)
+		dst = append(dst, uint8(v.entry>>8))
+	}
+	d.bufs.Put(bufs)
+	return dst, br.close()
+}
+
+// decompress1X8Bit will decompress a 1X encoded stream with tablelog <= 8.
+// The cap of the output buffer will be the maximum decompressed size.
+// The length of the supplied input must match the end of a block exactly.
+func (d *Decoder) decompress1X8BitExactly(dst, src []byte) ([]byte, error) {
+	var br bitReaderBytes
+	err := br.init(src)
+	if err != nil {
+		return dst, err
+	}
+	maxDecodedSize := cap(dst)
+	dst = dst[:0]
+
+	// Avoid bounds check by always having full sized table.
+	dt := d.dt.single[:256]
+
+	// Use temp table to avoid bound checks/append penalty.
+	bufs := d.buffer()
+	buf := &bufs[0]
+	var off uint8
+
+	const shift = 56
+
+	//fmt.Printf("mask: %b, tl:%d\n", mask, d.actualTableLog)
+	for br.off >= 4 {
+		br.fillFast()
+		v := dt[uint8(br.value>>shift)]
+		br.advance(uint8(v.entry))
+		buf[off+0] = uint8(v.entry >> 8)
+
+		v = dt[uint8(br.value>>shift)]
+		br.advance(uint8(v.entry))
+		buf[off+1] = uint8(v.entry >> 8)
+
+		v = dt[uint8(br.value>>shift)]
+		br.advance(uint8(v.entry))
+		buf[off+2] = uint8(v.entry >> 8)
+
+		v = dt[uint8(br.value>>shift)]
+		br.advance(uint8(v.entry))
+		buf[off+3] = uint8(v.entry >> 8)
+
+		off += 4
+		if off == 0 {
+			if len(dst)+256 > maxDecodedSize {
+				d.bufs.Put(bufs)
+				br.close()
+				return nil, ErrMaxDecodedSizeExceeded
+			}
+			dst = append(dst, buf[:]...)
+		}
+	}
+
+	if len(dst)+int(off) > maxDecodedSize {
+		d.bufs.Put(bufs)
+		br.close()
+		return nil, ErrMaxDecodedSizeExceeded
+	}
+	dst = append(dst, buf[:off]...)
+
+	// br < 4, so uint8 is fine
+	bitsLeft := int8(uint8(br.off)*8 + (64 - br.bitsRead))
+	for bitsLeft > 0 {
+		if br.bitsRead >= 64-8 {
+			for br.off > 0 {
+				br.value |= uint64(br.in[br.off-1]) << (br.bitsRead - 8)
+				br.bitsRead -= 8
+				br.off--
+			}
+		}
+		if len(dst) >= maxDecodedSize {
+			d.bufs.Put(bufs)
+			br.close()
+			return nil, ErrMaxDecodedSizeExceeded
+		}
+		v := dt[br.peekByteFast()]
+		nBits := uint8(v.entry)
+		br.advance(nBits)
+		bitsLeft -= int8(nBits)
+		dst = append(dst, uint8(v.entry>>8))
+	}
+	d.bufs.Put(bufs)
+	return dst, br.close()
+}
+
+// Decompress4X will decompress a 4X encoded stream.
+// The length of the supplied input must match the end of a block exactly.
+// The *capacity* of the dst slice must match the destination size of
+// the uncompressed data exactly.
+func (d *Decoder) decompress4X8bit(dst, src []byte) ([]byte, error) {
+	if d.actualTableLog == 8 {
+		return d.decompress4X8bitExactly(dst, src)
+	}
+
+	var br [4]bitReaderBytes
+	start := 6
+	for i := 0; i < 3; i++ {
+		length := int(src[i*2]) | (int(src[i*2+1]) << 8)
+		if start+length >= len(src) {
+			return nil, errors.New("truncated input (or invalid offset)")
+		}
+		err := br[i].init(src[start : start+length])
+		if err != nil {
+			return nil, err
+		}
+		start += length
+	}
+	err := br[3].init(src[start:])
+	if err != nil {
+		return nil, err
+	}
+
+	// destination, offset to match first output
+	dstSize := cap(dst)
+	dst = dst[:dstSize]
+	out := dst
+	dstEvery := (dstSize + 3) / 4
+
+	shift := (56 + (8 - d.actualTableLog)) & 63
+
+	const tlSize = 1 << 8
+	single := d.dt.single[:tlSize]
+
+	// Use temp table to avoid bound checks/append penalty.
+	buf := d.buffer()
+	var off uint8
+	var decoded int
+
+	// Decode 4 values from each decoder/loop.
+	const bufoff = 256
+	for {
+		if br[0].off < 4 || br[1].off < 4 || br[2].off < 4 || br[3].off < 4 {
+			break
+		}
+
+		{
+			// Interleave 2 decodes.
+			const stream = 0
+			const stream2 = 1
+			br1 := &br[stream]
+			br2 := &br[stream2]
+			br1.fillFast()
+			br2.fillFast()
+
+			v := single[uint8(br1.value>>shift)].entry
+			v2 := single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off] = uint8(v >> 8)
+			buf[stream2][off] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+1] = uint8(v >> 8)
+			buf[stream2][off+1] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+2] = uint8(v >> 8)
+			buf[stream2][off+2] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+3] = uint8(v >> 8)
+			buf[stream2][off+3] = uint8(v2 >> 8)
+		}
+
+		{
+			const stream = 2
+			const stream2 = 3
+			br1 := &br[stream]
+			br2 := &br[stream2]
+			br1.fillFast()
+			br2.fillFast()
+
+			v := single[uint8(br1.value>>shift)].entry
+			v2 := single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off] = uint8(v >> 8)
+			buf[stream2][off] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+1] = uint8(v >> 8)
+			buf[stream2][off+1] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+2] = uint8(v >> 8)
+			buf[stream2][off+2] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+3] = uint8(v >> 8)
+			buf[stream2][off+3] = uint8(v2 >> 8)
+		}
+
+		off += 4
+
+		if off == 0 {
+			if bufoff > dstEvery {
+				d.bufs.Put(buf)
+				return nil, errors.New("corruption detected: stream overrun 1")
+			}
+			// There must at least be 3 buffers left.
+			if len(out)-bufoff < dstEvery*3 {
+				d.bufs.Put(buf)
+				return nil, errors.New("corruption detected: stream overrun 2")
+			}
+			//copy(out, buf[0][:])
+			//copy(out[dstEvery:], buf[1][:])
+			//copy(out[dstEvery*2:], buf[2][:])
+			*(*[bufoff]byte)(out) = buf[0]
+			*(*[bufoff]byte)(out[dstEvery:]) = buf[1]
+			*(*[bufoff]byte)(out[dstEvery*2:]) = buf[2]
+			*(*[bufoff]byte)(out[dstEvery*3:]) = buf[3]
+			out = out[bufoff:]
+			decoded += bufoff * 4
+		}
+	}
+	if off > 0 {
+		ioff := int(off)
+		if len(out) < dstEvery*3+ioff {
+			d.bufs.Put(buf)
+			return nil, errors.New("corruption detected: stream overrun 3")
+		}
+		copy(out, buf[0][:off])
+		copy(out[dstEvery:], buf[1][:off])
+		copy(out[dstEvery*2:], buf[2][:off])
+		copy(out[dstEvery*3:], buf[3][:off])
+		decoded += int(off) * 4
+		out = out[off:]
+	}
+
+	// Decode remaining.
+	// Decode remaining.
+	remainBytes := dstEvery - (decoded / 4)
+	for i := range br {
+		offset := dstEvery * i
+		endsAt := offset + remainBytes
+		if endsAt > len(out) {
+			endsAt = len(out)
+		}
+		br := &br[i]
+		bitsLeft := br.remaining()
+		for bitsLeft > 0 {
+			if br.finished() {
+				d.bufs.Put(buf)
+				return nil, io.ErrUnexpectedEOF
+			}
+			if br.bitsRead >= 56 {
+				if br.off >= 4 {
+					v := br.in[br.off-4:]
+					v = v[:4]
+					low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+					br.value |= uint64(low) << (br.bitsRead - 32)
+					br.bitsRead -= 32
+					br.off -= 4
+				} else {
+					for br.off > 0 {
+						br.value |= uint64(br.in[br.off-1]) << (br.bitsRead - 8)
+						br.bitsRead -= 8
+						br.off--
+					}
+				}
+			}
+			// end inline...
+			if offset >= endsAt {
+				d.bufs.Put(buf)
+				return nil, errors.New("corruption detected: stream overrun 4")
+			}
+
+			// Read value and increment offset.
+			v := single[uint8(br.value>>shift)].entry
+			nBits := uint8(v)
+			br.advance(nBits)
+			bitsLeft -= uint(nBits)
+			out[offset] = uint8(v >> 8)
+			offset++
+		}
+		if offset != endsAt {
+			d.bufs.Put(buf)
+			return nil, fmt.Errorf("corruption detected: short output block %d, end %d != %d", i, offset, endsAt)
+		}
+		decoded += offset - dstEvery*i
+		err = br.close()
+		if err != nil {
+			d.bufs.Put(buf)
+			return nil, err
+		}
+	}
+	d.bufs.Put(buf)
+	if dstSize != decoded {
+		return nil, errors.New("corruption detected: short output block")
+	}
+	return dst, nil
+}
+
+// Decompress4X will decompress a 4X encoded stream.
+// The length of the supplied input must match the end of a block exactly.
+// The *capacity* of the dst slice must match the destination size of
+// the uncompressed data exactly.
+func (d *Decoder) decompress4X8bitExactly(dst, src []byte) ([]byte, error) {
+	var br [4]bitReaderBytes
+	start := 6
+	for i := 0; i < 3; i++ {
+		length := int(src[i*2]) | (int(src[i*2+1]) << 8)
+		if start+length >= len(src) {
+			return nil, errors.New("truncated input (or invalid offset)")
+		}
+		err := br[i].init(src[start : start+length])
+		if err != nil {
+			return nil, err
+		}
+		start += length
+	}
+	err := br[3].init(src[start:])
+	if err != nil {
+		return nil, err
+	}
+
+	// destination, offset to match first output
+	dstSize := cap(dst)
+	dst = dst[:dstSize]
+	out := dst
+	dstEvery := (dstSize + 3) / 4
+
+	const shift = 56
+	const tlSize = 1 << 8
+	single := d.dt.single[:tlSize]
+
+	// Use temp table to avoid bound checks/append penalty.
+	buf := d.buffer()
+	var off uint8
+	var decoded int
+
+	// Decode 4 values from each decoder/loop.
+	const bufoff = 256
+	for {
+		if br[0].off < 4 || br[1].off < 4 || br[2].off < 4 || br[3].off < 4 {
+			break
+		}
+
+		{
+			// Interleave 2 decodes.
+			const stream = 0
+			const stream2 = 1
+			br1 := &br[stream]
+			br2 := &br[stream2]
+			br1.fillFast()
+			br2.fillFast()
+
+			v := single[uint8(br1.value>>shift)].entry
+			v2 := single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off] = uint8(v >> 8)
+			buf[stream2][off] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+1] = uint8(v >> 8)
+			buf[stream2][off+1] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+2] = uint8(v >> 8)
+			buf[stream2][off+2] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+3] = uint8(v >> 8)
+			buf[stream2][off+3] = uint8(v2 >> 8)
+		}
+
+		{
+			const stream = 2
+			const stream2 = 3
+			br1 := &br[stream]
+			br2 := &br[stream2]
+			br1.fillFast()
+			br2.fillFast()
+
+			v := single[uint8(br1.value>>shift)].entry
+			v2 := single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off] = uint8(v >> 8)
+			buf[stream2][off] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+1] = uint8(v >> 8)
+			buf[stream2][off+1] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+2] = uint8(v >> 8)
+			buf[stream2][off+2] = uint8(v2 >> 8)
+
+			v = single[uint8(br1.value>>shift)].entry
+			v2 = single[uint8(br2.value>>shift)].entry
+			br1.bitsRead += uint8(v)
+			br1.value <<= v & 63
+			br2.bitsRead += uint8(v2)
+			br2.value <<= v2 & 63
+			buf[stream][off+3] = uint8(v >> 8)
+			buf[stream2][off+3] = uint8(v2 >> 8)
+		}
+
+		off += 4
+
+		if off == 0 {
+			if bufoff > dstEvery {
+				d.bufs.Put(buf)
+				return nil, errors.New("corruption detected: stream overrun 1")
+			}
+			// There must at least be 3 buffers left.
+			if len(out)-bufoff < dstEvery*3 {
+				d.bufs.Put(buf)
+				return nil, errors.New("corruption detected: stream overrun 2")
+			}
+
+			//copy(out, buf[0][:])
+			//copy(out[dstEvery:], buf[1][:])
+			//copy(out[dstEvery*2:], buf[2][:])
+			// copy(out[dstEvery*3:], buf[3][:])
+			*(*[bufoff]byte)(out) = buf[0]
+			*(*[bufoff]byte)(out[dstEvery:]) = buf[1]
+			*(*[bufoff]byte)(out[dstEvery*2:]) = buf[2]
+			*(*[bufoff]byte)(out[dstEvery*3:]) = buf[3]
+			out = out[bufoff:]
+			decoded += bufoff * 4
+		}
+	}
+	if off > 0 {
+		ioff := int(off)
+		if len(out) < dstEvery*3+ioff {
+			return nil, errors.New("corruption detected: stream overrun 3")
+		}
+		copy(out, buf[0][:off])
+		copy(out[dstEvery:], buf[1][:off])
+		copy(out[dstEvery*2:], buf[2][:off])
+		copy(out[dstEvery*3:], buf[3][:off])
+		decoded += int(off) * 4
+		out = out[off:]
+	}
+
+	// Decode remaining.
+	remainBytes := dstEvery - (decoded / 4)
+	for i := range br {
+		offset := dstEvery * i
+		endsAt := offset + remainBytes
+		if endsAt > len(out) {
+			endsAt = len(out)
+		}
+		br := &br[i]
+		bitsLeft := br.remaining()
+		for bitsLeft > 0 {
+			if br.finished() {
+				d.bufs.Put(buf)
+				return nil, io.ErrUnexpectedEOF
+			}
+			if br.bitsRead >= 56 {
+				if br.off >= 4 {
+					v := br.in[br.off-4:]
+					v = v[:4]
+					low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+					br.value |= uint64(low) << (br.bitsRead - 32)
+					br.bitsRead -= 32
+					br.off -= 4
+				} else {
+					for br.off > 0 {
+						br.value |= uint64(br.in[br.off-1]) << (br.bitsRead - 8)
+						br.bitsRead -= 8
+						br.off--
+					}
+				}
+			}
+			// end inline...
+			if offset >= endsAt {
+				d.bufs.Put(buf)
+				return nil, errors.New("corruption detected: stream overrun 4")
+			}
+
+			// Read value and increment offset.
+			v := single[br.peekByteFast()].entry
+			nBits := uint8(v)
+			br.advance(nBits)
+			bitsLeft -= uint(nBits)
+			out[offset] = uint8(v >> 8)
+			offset++
+		}
+		if offset != endsAt {
+			d.bufs.Put(buf)
+			return nil, fmt.Errorf("corruption detected: short output block %d, end %d != %d", i, offset, endsAt)
+		}
+
+		decoded += offset - dstEvery*i
+		err = br.close()
+		if err != nil {
+			d.bufs.Put(buf)
+			return nil, err
+		}
+	}
+	d.bufs.Put(buf)
+	if dstSize != decoded {
+		return nil, errors.New("corruption detected: short output block")
+	}
+	return dst, nil
+}
+
+// matches will compare a decoding table to a coding table.
+// Errors are written to the writer.
+// Nothing will be written if table is ok.
+func (s *Scratch) matches(ct cTable, w io.Writer) {
+	if s == nil || len(s.dt.single) == 0 {
+		return
+	}
+	dt := s.dt.single[:1<>8) == byte(sym) {
+					fmt.Fprintf(w, "symbol %x has decoder, but no encoder\n", sym)
+					errs++
+					break
+				}
+			}
+			if errs == 0 {
+				broken--
+			}
+			continue
+		}
+		// Unused bits in input
+		ub := tablelog - enc.nBits
+		top := enc.val << ub
+		// decoder looks at top bits.
+		dec := dt[top]
+		if uint8(dec.entry) != enc.nBits {
+			fmt.Fprintf(w, "symbol 0x%x bit size mismatch (enc: %d, dec:%d).\n", sym, enc.nBits, uint8(dec.entry))
+			errs++
+		}
+		if uint8(dec.entry>>8) != uint8(sym) {
+			fmt.Fprintf(w, "symbol 0x%x decoder output mismatch (enc: %d, dec:%d).\n", sym, sym, uint8(dec.entry>>8))
+			errs++
+		}
+		if errs > 0 {
+			fmt.Fprintf(w, "%d errors in base, stopping\n", errs)
+			continue
+		}
+		// Ensure that all combinations are covered.
+		for i := uint16(0); i < (1 << ub); i++ {
+			vval := top | i
+			dec := dt[vval]
+			if uint8(dec.entry) != enc.nBits {
+				fmt.Fprintf(w, "symbol 0x%x bit size mismatch (enc: %d, dec:%d).\n", vval, enc.nBits, uint8(dec.entry))
+				errs++
+			}
+			if uint8(dec.entry>>8) != uint8(sym) {
+				fmt.Fprintf(w, "symbol 0x%x decoder output mismatch (enc: %d, dec:%d).\n", vval, sym, uint8(dec.entry>>8))
+				errs++
+			}
+			if errs > 20 {
+				fmt.Fprintf(w, "%d errors, stopping\n", errs)
+				break
+			}
+		}
+		if errs == 0 {
+			ok++
+			broken--
+		}
+	}
+	if broken > 0 {
+		fmt.Fprintf(w, "%d broken, %d ok\n", broken, ok)
+	}
+}
diff --git a/vendor/github.com/klauspost/compress/huff0/decompress_amd64.go b/vendor/github.com/klauspost/compress/huff0/decompress_amd64.go
new file mode 100644
index 000000000..ba7e8e6b0
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/decompress_amd64.go
@@ -0,0 +1,226 @@
+//go:build amd64 && !appengine && !noasm && gc
+// +build amd64,!appengine,!noasm,gc
+
+// This file contains the specialisation of Decoder.Decompress4X
+// and Decoder.Decompress1X that use an asm implementation of thir main loops.
+package huff0
+
+import (
+	"errors"
+	"fmt"
+
+	"github.com/klauspost/compress/internal/cpuinfo"
+)
+
+// decompress4x_main_loop_x86 is an x86 assembler implementation
+// of Decompress4X when tablelog > 8.
+//
+//go:noescape
+func decompress4x_main_loop_amd64(ctx *decompress4xContext)
+
+// decompress4x_8b_loop_x86 is an x86 assembler implementation
+// of Decompress4X when tablelog <= 8 which decodes 4 entries
+// per loop.
+//
+//go:noescape
+func decompress4x_8b_main_loop_amd64(ctx *decompress4xContext)
+
+// fallback8BitSize is the size where using Go version is faster.
+const fallback8BitSize = 800
+
+type decompress4xContext struct {
+	pbr      *[4]bitReaderShifted
+	peekBits uint8
+	out      *byte
+	dstEvery int
+	tbl      *dEntrySingle
+	decoded  int
+	limit    *byte
+}
+
+// Decompress4X will decompress a 4X encoded stream.
+// The length of the supplied input must match the end of a block exactly.
+// The *capacity* of the dst slice must match the destination size of
+// the uncompressed data exactly.
+func (d *Decoder) Decompress4X(dst, src []byte) ([]byte, error) {
+	if len(d.dt.single) == 0 {
+		return nil, errors.New("no table loaded")
+	}
+	if len(src) < 6+(4*1) {
+		return nil, errors.New("input too small")
+	}
+
+	use8BitTables := d.actualTableLog <= 8
+	if cap(dst) < fallback8BitSize && use8BitTables {
+		return d.decompress4X8bit(dst, src)
+	}
+
+	var br [4]bitReaderShifted
+	// Decode "jump table"
+	start := 6
+	for i := 0; i < 3; i++ {
+		length := int(src[i*2]) | (int(src[i*2+1]) << 8)
+		if start+length >= len(src) {
+			return nil, errors.New("truncated input (or invalid offset)")
+		}
+		err := br[i].init(src[start : start+length])
+		if err != nil {
+			return nil, err
+		}
+		start += length
+	}
+	err := br[3].init(src[start:])
+	if err != nil {
+		return nil, err
+	}
+
+	// destination, offset to match first output
+	dstSize := cap(dst)
+	dst = dst[:dstSize]
+	out := dst
+	dstEvery := (dstSize + 3) / 4
+
+	const tlSize = 1 << tableLogMax
+	const tlMask = tlSize - 1
+	single := d.dt.single[:tlSize]
+
+	var decoded int
+
+	if len(out) > 4*4 && !(br[0].off < 4 || br[1].off < 4 || br[2].off < 4 || br[3].off < 4) {
+		ctx := decompress4xContext{
+			pbr:      &br,
+			peekBits: uint8((64 - d.actualTableLog) & 63), // see: bitReaderShifted.peekBitsFast()
+			out:      &out[0],
+			dstEvery: dstEvery,
+			tbl:      &single[0],
+			limit:    &out[dstEvery-4], // Always stop decoding when first buffer gets here to avoid writing OOB on last.
+		}
+		if use8BitTables {
+			decompress4x_8b_main_loop_amd64(&ctx)
+		} else {
+			decompress4x_main_loop_amd64(&ctx)
+		}
+
+		decoded = ctx.decoded
+		out = out[decoded/4:]
+	}
+
+	// Decode remaining.
+	remainBytes := dstEvery - (decoded / 4)
+	for i := range br {
+		offset := dstEvery * i
+		endsAt := offset + remainBytes
+		if endsAt > len(out) {
+			endsAt = len(out)
+		}
+		br := &br[i]
+		bitsLeft := br.remaining()
+		for bitsLeft > 0 {
+			br.fill()
+			if offset >= endsAt {
+				return nil, errors.New("corruption detected: stream overrun 4")
+			}
+
+			// Read value and increment offset.
+			val := br.peekBitsFast(d.actualTableLog)
+			v := single[val&tlMask].entry
+			nBits := uint8(v)
+			br.advance(nBits)
+			bitsLeft -= uint(nBits)
+			out[offset] = uint8(v >> 8)
+			offset++
+		}
+		if offset != endsAt {
+			return nil, fmt.Errorf("corruption detected: short output block %d, end %d != %d", i, offset, endsAt)
+		}
+		decoded += offset - dstEvery*i
+		err = br.close()
+		if err != nil {
+			return nil, err
+		}
+	}
+	if dstSize != decoded {
+		return nil, errors.New("corruption detected: short output block")
+	}
+	return dst, nil
+}
+
+// decompress4x_main_loop_x86 is an x86 assembler implementation
+// of Decompress1X when tablelog > 8.
+//
+//go:noescape
+func decompress1x_main_loop_amd64(ctx *decompress1xContext)
+
+// decompress4x_main_loop_x86 is an x86 with BMI2 assembler implementation
+// of Decompress1X when tablelog > 8.
+//
+//go:noescape
+func decompress1x_main_loop_bmi2(ctx *decompress1xContext)
+
+type decompress1xContext struct {
+	pbr      *bitReaderShifted
+	peekBits uint8
+	out      *byte
+	outCap   int
+	tbl      *dEntrySingle
+	decoded  int
+}
+
+// Error reported by asm implementations
+const error_max_decoded_size_exeeded = -1
+
+// Decompress1X will decompress a 1X encoded stream.
+// The cap of the output buffer will be the maximum decompressed size.
+// The length of the supplied input must match the end of a block exactly.
+func (d *Decoder) Decompress1X(dst, src []byte) ([]byte, error) {
+	if len(d.dt.single) == 0 {
+		return nil, errors.New("no table loaded")
+	}
+	var br bitReaderShifted
+	err := br.init(src)
+	if err != nil {
+		return dst, err
+	}
+	maxDecodedSize := cap(dst)
+	dst = dst[:maxDecodedSize]
+
+	const tlSize = 1 << tableLogMax
+	const tlMask = tlSize - 1
+
+	if maxDecodedSize >= 4 {
+		ctx := decompress1xContext{
+			pbr:      &br,
+			out:      &dst[0],
+			outCap:   maxDecodedSize,
+			peekBits: uint8((64 - d.actualTableLog) & 63), // see: bitReaderShifted.peekBitsFast()
+			tbl:      &d.dt.single[0],
+		}
+
+		if cpuinfo.HasBMI2() {
+			decompress1x_main_loop_bmi2(&ctx)
+		} else {
+			decompress1x_main_loop_amd64(&ctx)
+		}
+		if ctx.decoded == error_max_decoded_size_exeeded {
+			return nil, ErrMaxDecodedSizeExceeded
+		}
+
+		dst = dst[:ctx.decoded]
+	}
+
+	// br < 8, so uint8 is fine
+	bitsLeft := uint8(br.off)*8 + 64 - br.bitsRead
+	for bitsLeft > 0 {
+		br.fill()
+		if len(dst) >= maxDecodedSize {
+			br.close()
+			return nil, ErrMaxDecodedSizeExceeded
+		}
+		v := d.dt.single[br.peekBitsFast(d.actualTableLog)&tlMask]
+		nBits := uint8(v.entry)
+		br.advance(nBits)
+		bitsLeft -= nBits
+		dst = append(dst, uint8(v.entry>>8))
+	}
+	return dst, br.close()
+}
diff --git a/vendor/github.com/klauspost/compress/huff0/decompress_amd64.s b/vendor/github.com/klauspost/compress/huff0/decompress_amd64.s
new file mode 100644
index 000000000..c4c7ab2d1
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/decompress_amd64.s
@@ -0,0 +1,830 @@
+// Code generated by command: go run gen.go -out ../decompress_amd64.s -pkg=huff0. DO NOT EDIT.
+
+//go:build amd64 && !appengine && !noasm && gc
+
+// func decompress4x_main_loop_amd64(ctx *decompress4xContext)
+TEXT ·decompress4x_main_loop_amd64(SB), $0-8
+	// Preload values
+	MOVQ    ctx+0(FP), AX
+	MOVBQZX 8(AX), DI
+	MOVQ    16(AX), BX
+	MOVQ    48(AX), SI
+	MOVQ    24(AX), R8
+	MOVQ    32(AX), R9
+	MOVQ    (AX), R10
+
+	// Main loop
+main_loop:
+	XORL  DX, DX
+	CMPQ  BX, SI
+	SETGE DL
+
+	// br0.fillFast32()
+	MOVQ    32(R10), R11
+	MOVBQZX 40(R10), R12
+	CMPQ    R12, $0x20
+	JBE     skip_fill0
+	MOVQ    24(R10), AX
+	SUBQ    $0x20, R12
+	SUBQ    $0x04, AX
+	MOVQ    (R10), R13
+
+	// b.value |= uint64(low) << (b.bitsRead & 63)
+	MOVL (AX)(R13*1), R13
+	MOVQ R12, CX
+	SHLQ CL, R13
+	MOVQ AX, 24(R10)
+	ORQ  R13, R11
+
+	// exhausted += (br0.off < 4)
+	CMPQ AX, $0x04
+	ADCB $+0, DL
+
+skip_fill0:
+	// val0 := br0.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v0 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br0.advance(uint8(v0.entry)
+	MOVB CH, AL
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val1 := br0.peekTopBits(peekBits)
+	MOVQ DI, CX
+	MOVQ R11, R13
+	SHRQ CL, R13
+
+	// v1 := table[val1&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br0.advance(uint8(v1.entry))
+	MOVB CH, AH
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// these two writes get coalesced
+	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
+	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
+	MOVW AX, (BX)
+
+	// update the bitreader structure
+	MOVQ R11, 32(R10)
+	MOVB R12, 40(R10)
+
+	// br1.fillFast32()
+	MOVQ    80(R10), R11
+	MOVBQZX 88(R10), R12
+	CMPQ    R12, $0x20
+	JBE     skip_fill1
+	MOVQ    72(R10), AX
+	SUBQ    $0x20, R12
+	SUBQ    $0x04, AX
+	MOVQ    48(R10), R13
+
+	// b.value |= uint64(low) << (b.bitsRead & 63)
+	MOVL (AX)(R13*1), R13
+	MOVQ R12, CX
+	SHLQ CL, R13
+	MOVQ AX, 72(R10)
+	ORQ  R13, R11
+
+	// exhausted += (br1.off < 4)
+	CMPQ AX, $0x04
+	ADCB $+0, DL
+
+skip_fill1:
+	// val0 := br1.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v0 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br1.advance(uint8(v0.entry)
+	MOVB CH, AL
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val1 := br1.peekTopBits(peekBits)
+	MOVQ DI, CX
+	MOVQ R11, R13
+	SHRQ CL, R13
+
+	// v1 := table[val1&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br1.advance(uint8(v1.entry))
+	MOVB CH, AH
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// these two writes get coalesced
+	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
+	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
+	MOVW AX, (BX)(R8*1)
+
+	// update the bitreader structure
+	MOVQ R11, 80(R10)
+	MOVB R12, 88(R10)
+
+	// br2.fillFast32()
+	MOVQ    128(R10), R11
+	MOVBQZX 136(R10), R12
+	CMPQ    R12, $0x20
+	JBE     skip_fill2
+	MOVQ    120(R10), AX
+	SUBQ    $0x20, R12
+	SUBQ    $0x04, AX
+	MOVQ    96(R10), R13
+
+	// b.value |= uint64(low) << (b.bitsRead & 63)
+	MOVL (AX)(R13*1), R13
+	MOVQ R12, CX
+	SHLQ CL, R13
+	MOVQ AX, 120(R10)
+	ORQ  R13, R11
+
+	// exhausted += (br2.off < 4)
+	CMPQ AX, $0x04
+	ADCB $+0, DL
+
+skip_fill2:
+	// val0 := br2.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v0 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br2.advance(uint8(v0.entry)
+	MOVB CH, AL
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val1 := br2.peekTopBits(peekBits)
+	MOVQ DI, CX
+	MOVQ R11, R13
+	SHRQ CL, R13
+
+	// v1 := table[val1&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br2.advance(uint8(v1.entry))
+	MOVB CH, AH
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// these two writes get coalesced
+	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
+	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
+	MOVW AX, (BX)(R8*2)
+
+	// update the bitreader structure
+	MOVQ R11, 128(R10)
+	MOVB R12, 136(R10)
+
+	// br3.fillFast32()
+	MOVQ    176(R10), R11
+	MOVBQZX 184(R10), R12
+	CMPQ    R12, $0x20
+	JBE     skip_fill3
+	MOVQ    168(R10), AX
+	SUBQ    $0x20, R12
+	SUBQ    $0x04, AX
+	MOVQ    144(R10), R13
+
+	// b.value |= uint64(low) << (b.bitsRead & 63)
+	MOVL (AX)(R13*1), R13
+	MOVQ R12, CX
+	SHLQ CL, R13
+	MOVQ AX, 168(R10)
+	ORQ  R13, R11
+
+	// exhausted += (br3.off < 4)
+	CMPQ AX, $0x04
+	ADCB $+0, DL
+
+skip_fill3:
+	// val0 := br3.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v0 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br3.advance(uint8(v0.entry)
+	MOVB CH, AL
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val1 := br3.peekTopBits(peekBits)
+	MOVQ DI, CX
+	MOVQ R11, R13
+	SHRQ CL, R13
+
+	// v1 := table[val1&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br3.advance(uint8(v1.entry))
+	MOVB CH, AH
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// these two writes get coalesced
+	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
+	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
+	LEAQ (R8)(R8*2), CX
+	MOVW AX, (BX)(CX*1)
+
+	// update the bitreader structure
+	MOVQ  R11, 176(R10)
+	MOVB  R12, 184(R10)
+	ADDQ  $0x02, BX
+	TESTB DL, DL
+	JZ    main_loop
+	MOVQ  ctx+0(FP), AX
+	SUBQ  16(AX), BX
+	SHLQ  $0x02, BX
+	MOVQ  BX, 40(AX)
+	RET
+
+// func decompress4x_8b_main_loop_amd64(ctx *decompress4xContext)
+TEXT ·decompress4x_8b_main_loop_amd64(SB), $0-8
+	// Preload values
+	MOVQ    ctx+0(FP), CX
+	MOVBQZX 8(CX), DI
+	MOVQ    16(CX), BX
+	MOVQ    48(CX), SI
+	MOVQ    24(CX), R8
+	MOVQ    32(CX), R9
+	MOVQ    (CX), R10
+
+	// Main loop
+main_loop:
+	XORL  DX, DX
+	CMPQ  BX, SI
+	SETGE DL
+
+	// br0.fillFast32()
+	MOVQ    32(R10), R11
+	MOVBQZX 40(R10), R12
+	CMPQ    R12, $0x20
+	JBE     skip_fill0
+	MOVQ    24(R10), R13
+	SUBQ    $0x20, R12
+	SUBQ    $0x04, R13
+	MOVQ    (R10), R14
+
+	// b.value |= uint64(low) << (b.bitsRead & 63)
+	MOVL (R13)(R14*1), R14
+	MOVQ R12, CX
+	SHLQ CL, R14
+	MOVQ R13, 24(R10)
+	ORQ  R14, R11
+
+	// exhausted += (br0.off < 4)
+	CMPQ R13, $0x04
+	ADCB $+0, DL
+
+skip_fill0:
+	// val0 := br0.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v0 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br0.advance(uint8(v0.entry)
+	MOVB CH, AL
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val1 := br0.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v1 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br0.advance(uint8(v1.entry)
+	MOVB   CH, AH
+	SHLQ   CL, R11
+	ADDB   CL, R12
+	BSWAPL AX
+
+	// val2 := br0.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v2 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br0.advance(uint8(v2.entry)
+	MOVB CH, AH
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val3 := br0.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v3 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br0.advance(uint8(v3.entry)
+	MOVB   CH, AL
+	SHLQ   CL, R11
+	ADDB   CL, R12
+	BSWAPL AX
+
+	// these four writes get coalesced
+	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
+	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
+	// out[id * dstEvery + 3] = uint8(v2.entry >> 8)
+	// out[id * dstEvery + 4] = uint8(v3.entry >> 8)
+	MOVL AX, (BX)
+
+	// update the bitreader structure
+	MOVQ R11, 32(R10)
+	MOVB R12, 40(R10)
+
+	// br1.fillFast32()
+	MOVQ    80(R10), R11
+	MOVBQZX 88(R10), R12
+	CMPQ    R12, $0x20
+	JBE     skip_fill1
+	MOVQ    72(R10), R13
+	SUBQ    $0x20, R12
+	SUBQ    $0x04, R13
+	MOVQ    48(R10), R14
+
+	// b.value |= uint64(low) << (b.bitsRead & 63)
+	MOVL (R13)(R14*1), R14
+	MOVQ R12, CX
+	SHLQ CL, R14
+	MOVQ R13, 72(R10)
+	ORQ  R14, R11
+
+	// exhausted += (br1.off < 4)
+	CMPQ R13, $0x04
+	ADCB $+0, DL
+
+skip_fill1:
+	// val0 := br1.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v0 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br1.advance(uint8(v0.entry)
+	MOVB CH, AL
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val1 := br1.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v1 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br1.advance(uint8(v1.entry)
+	MOVB   CH, AH
+	SHLQ   CL, R11
+	ADDB   CL, R12
+	BSWAPL AX
+
+	// val2 := br1.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v2 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br1.advance(uint8(v2.entry)
+	MOVB CH, AH
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val3 := br1.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v3 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br1.advance(uint8(v3.entry)
+	MOVB   CH, AL
+	SHLQ   CL, R11
+	ADDB   CL, R12
+	BSWAPL AX
+
+	// these four writes get coalesced
+	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
+	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
+	// out[id * dstEvery + 3] = uint8(v2.entry >> 8)
+	// out[id * dstEvery + 4] = uint8(v3.entry >> 8)
+	MOVL AX, (BX)(R8*1)
+
+	// update the bitreader structure
+	MOVQ R11, 80(R10)
+	MOVB R12, 88(R10)
+
+	// br2.fillFast32()
+	MOVQ    128(R10), R11
+	MOVBQZX 136(R10), R12
+	CMPQ    R12, $0x20
+	JBE     skip_fill2
+	MOVQ    120(R10), R13
+	SUBQ    $0x20, R12
+	SUBQ    $0x04, R13
+	MOVQ    96(R10), R14
+
+	// b.value |= uint64(low) << (b.bitsRead & 63)
+	MOVL (R13)(R14*1), R14
+	MOVQ R12, CX
+	SHLQ CL, R14
+	MOVQ R13, 120(R10)
+	ORQ  R14, R11
+
+	// exhausted += (br2.off < 4)
+	CMPQ R13, $0x04
+	ADCB $+0, DL
+
+skip_fill2:
+	// val0 := br2.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v0 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br2.advance(uint8(v0.entry)
+	MOVB CH, AL
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val1 := br2.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v1 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br2.advance(uint8(v1.entry)
+	MOVB   CH, AH
+	SHLQ   CL, R11
+	ADDB   CL, R12
+	BSWAPL AX
+
+	// val2 := br2.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v2 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br2.advance(uint8(v2.entry)
+	MOVB CH, AH
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val3 := br2.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v3 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br2.advance(uint8(v3.entry)
+	MOVB   CH, AL
+	SHLQ   CL, R11
+	ADDB   CL, R12
+	BSWAPL AX
+
+	// these four writes get coalesced
+	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
+	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
+	// out[id * dstEvery + 3] = uint8(v2.entry >> 8)
+	// out[id * dstEvery + 4] = uint8(v3.entry >> 8)
+	MOVL AX, (BX)(R8*2)
+
+	// update the bitreader structure
+	MOVQ R11, 128(R10)
+	MOVB R12, 136(R10)
+
+	// br3.fillFast32()
+	MOVQ    176(R10), R11
+	MOVBQZX 184(R10), R12
+	CMPQ    R12, $0x20
+	JBE     skip_fill3
+	MOVQ    168(R10), R13
+	SUBQ    $0x20, R12
+	SUBQ    $0x04, R13
+	MOVQ    144(R10), R14
+
+	// b.value |= uint64(low) << (b.bitsRead & 63)
+	MOVL (R13)(R14*1), R14
+	MOVQ R12, CX
+	SHLQ CL, R14
+	MOVQ R13, 168(R10)
+	ORQ  R14, R11
+
+	// exhausted += (br3.off < 4)
+	CMPQ R13, $0x04
+	ADCB $+0, DL
+
+skip_fill3:
+	// val0 := br3.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v0 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br3.advance(uint8(v0.entry)
+	MOVB CH, AL
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val1 := br3.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v1 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br3.advance(uint8(v1.entry)
+	MOVB   CH, AH
+	SHLQ   CL, R11
+	ADDB   CL, R12
+	BSWAPL AX
+
+	// val2 := br3.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v2 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br3.advance(uint8(v2.entry)
+	MOVB CH, AH
+	SHLQ CL, R11
+	ADDB CL, R12
+
+	// val3 := br3.peekTopBits(peekBits)
+	MOVQ R11, R13
+	MOVQ DI, CX
+	SHRQ CL, R13
+
+	// v3 := table[val0&mask]
+	MOVW (R9)(R13*2), CX
+
+	// br3.advance(uint8(v3.entry)
+	MOVB   CH, AL
+	SHLQ   CL, R11
+	ADDB   CL, R12
+	BSWAPL AX
+
+	// these four writes get coalesced
+	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
+	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
+	// out[id * dstEvery + 3] = uint8(v2.entry >> 8)
+	// out[id * dstEvery + 4] = uint8(v3.entry >> 8)
+	LEAQ (R8)(R8*2), CX
+	MOVL AX, (BX)(CX*1)
+
+	// update the bitreader structure
+	MOVQ  R11, 176(R10)
+	MOVB  R12, 184(R10)
+	ADDQ  $0x04, BX
+	TESTB DL, DL
+	JZ    main_loop
+	MOVQ  ctx+0(FP), AX
+	SUBQ  16(AX), BX
+	SHLQ  $0x02, BX
+	MOVQ  BX, 40(AX)
+	RET
+
+// func decompress1x_main_loop_amd64(ctx *decompress1xContext)
+TEXT ·decompress1x_main_loop_amd64(SB), $0-8
+	MOVQ    ctx+0(FP), CX
+	MOVQ    16(CX), DX
+	MOVQ    24(CX), BX
+	CMPQ    BX, $0x04
+	JB      error_max_decoded_size_exceeded
+	LEAQ    (DX)(BX*1), BX
+	MOVQ    (CX), SI
+	MOVQ    (SI), R8
+	MOVQ    24(SI), R9
+	MOVQ    32(SI), R10
+	MOVBQZX 40(SI), R11
+	MOVQ    32(CX), SI
+	MOVBQZX 8(CX), DI
+	JMP     loop_condition
+
+main_loop:
+	// Check if we have room for 4 bytes in the output buffer
+	LEAQ 4(DX), CX
+	CMPQ CX, BX
+	JGE  error_max_decoded_size_exceeded
+
+	// Decode 4 values
+	CMPQ R11, $0x20
+	JL   bitReader_fillFast_1_end
+	SUBQ $0x20, R11
+	SUBQ $0x04, R9
+	MOVL (R8)(R9*1), R12
+	MOVQ R11, CX
+	SHLQ CL, R12
+	ORQ  R12, R10
+
+bitReader_fillFast_1_end:
+	MOVQ    DI, CX
+	MOVQ    R10, R12
+	SHRQ    CL, R12
+	MOVW    (SI)(R12*2), CX
+	MOVB    CH, AL
+	MOVBQZX CL, CX
+	ADDQ    CX, R11
+	SHLQ    CL, R10
+	MOVQ    DI, CX
+	MOVQ    R10, R12
+	SHRQ    CL, R12
+	MOVW    (SI)(R12*2), CX
+	MOVB    CH, AH
+	MOVBQZX CL, CX
+	ADDQ    CX, R11
+	SHLQ    CL, R10
+	BSWAPL  AX
+	CMPQ    R11, $0x20
+	JL      bitReader_fillFast_2_end
+	SUBQ    $0x20, R11
+	SUBQ    $0x04, R9
+	MOVL    (R8)(R9*1), R12
+	MOVQ    R11, CX
+	SHLQ    CL, R12
+	ORQ     R12, R10
+
+bitReader_fillFast_2_end:
+	MOVQ    DI, CX
+	MOVQ    R10, R12
+	SHRQ    CL, R12
+	MOVW    (SI)(R12*2), CX
+	MOVB    CH, AH
+	MOVBQZX CL, CX
+	ADDQ    CX, R11
+	SHLQ    CL, R10
+	MOVQ    DI, CX
+	MOVQ    R10, R12
+	SHRQ    CL, R12
+	MOVW    (SI)(R12*2), CX
+	MOVB    CH, AL
+	MOVBQZX CL, CX
+	ADDQ    CX, R11
+	SHLQ    CL, R10
+	BSWAPL  AX
+
+	// Store the decoded values
+	MOVL AX, (DX)
+	ADDQ $0x04, DX
+
+loop_condition:
+	CMPQ R9, $0x08
+	JGE  main_loop
+
+	// Update ctx structure
+	MOVQ ctx+0(FP), AX
+	SUBQ 16(AX), DX
+	MOVQ DX, 40(AX)
+	MOVQ (AX), AX
+	MOVQ R9, 24(AX)
+	MOVQ R10, 32(AX)
+	MOVB R11, 40(AX)
+	RET
+
+	// Report error
+error_max_decoded_size_exceeded:
+	MOVQ ctx+0(FP), AX
+	MOVQ $-1, CX
+	MOVQ CX, 40(AX)
+	RET
+
+// func decompress1x_main_loop_bmi2(ctx *decompress1xContext)
+// Requires: BMI2
+TEXT ·decompress1x_main_loop_bmi2(SB), $0-8
+	MOVQ    ctx+0(FP), CX
+	MOVQ    16(CX), DX
+	MOVQ    24(CX), BX
+	CMPQ    BX, $0x04
+	JB      error_max_decoded_size_exceeded
+	LEAQ    (DX)(BX*1), BX
+	MOVQ    (CX), SI
+	MOVQ    (SI), R8
+	MOVQ    24(SI), R9
+	MOVQ    32(SI), R10
+	MOVBQZX 40(SI), R11
+	MOVQ    32(CX), SI
+	MOVBQZX 8(CX), DI
+	JMP     loop_condition
+
+main_loop:
+	// Check if we have room for 4 bytes in the output buffer
+	LEAQ 4(DX), CX
+	CMPQ CX, BX
+	JGE  error_max_decoded_size_exceeded
+
+	// Decode 4 values
+	CMPQ  R11, $0x20
+	JL    bitReader_fillFast_1_end
+	SUBQ  $0x20, R11
+	SUBQ  $0x04, R9
+	MOVL  (R8)(R9*1), CX
+	SHLXQ R11, CX, CX
+	ORQ   CX, R10
+
+bitReader_fillFast_1_end:
+	SHRXQ   DI, R10, CX
+	MOVW    (SI)(CX*2), CX
+	MOVB    CH, AL
+	MOVBQZX CL, CX
+	ADDQ    CX, R11
+	SHLXQ   CX, R10, R10
+	SHRXQ   DI, R10, CX
+	MOVW    (SI)(CX*2), CX
+	MOVB    CH, AH
+	MOVBQZX CL, CX
+	ADDQ    CX, R11
+	SHLXQ   CX, R10, R10
+	BSWAPL  AX
+	CMPQ    R11, $0x20
+	JL      bitReader_fillFast_2_end
+	SUBQ    $0x20, R11
+	SUBQ    $0x04, R9
+	MOVL    (R8)(R9*1), CX
+	SHLXQ   R11, CX, CX
+	ORQ     CX, R10
+
+bitReader_fillFast_2_end:
+	SHRXQ   DI, R10, CX
+	MOVW    (SI)(CX*2), CX
+	MOVB    CH, AH
+	MOVBQZX CL, CX
+	ADDQ    CX, R11
+	SHLXQ   CX, R10, R10
+	SHRXQ   DI, R10, CX
+	MOVW    (SI)(CX*2), CX
+	MOVB    CH, AL
+	MOVBQZX CL, CX
+	ADDQ    CX, R11
+	SHLXQ   CX, R10, R10
+	BSWAPL  AX
+
+	// Store the decoded values
+	MOVL AX, (DX)
+	ADDQ $0x04, DX
+
+loop_condition:
+	CMPQ R9, $0x08
+	JGE  main_loop
+
+	// Update ctx structure
+	MOVQ ctx+0(FP), AX
+	SUBQ 16(AX), DX
+	MOVQ DX, 40(AX)
+	MOVQ (AX), AX
+	MOVQ R9, 24(AX)
+	MOVQ R10, 32(AX)
+	MOVB R11, 40(AX)
+	RET
+
+	// Report error
+error_max_decoded_size_exceeded:
+	MOVQ ctx+0(FP), AX
+	MOVQ $-1, CX
+	MOVQ CX, 40(AX)
+	RET
diff --git a/vendor/github.com/klauspost/compress/huff0/decompress_generic.go b/vendor/github.com/klauspost/compress/huff0/decompress_generic.go
new file mode 100644
index 000000000..908c17de6
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/decompress_generic.go
@@ -0,0 +1,299 @@
+//go:build !amd64 || appengine || !gc || noasm
+// +build !amd64 appengine !gc noasm
+
+// This file contains a generic implementation of Decoder.Decompress4X.
+package huff0
+
+import (
+	"errors"
+	"fmt"
+)
+
+// Decompress4X will decompress a 4X encoded stream.
+// The length of the supplied input must match the end of a block exactly.
+// The *capacity* of the dst slice must match the destination size of
+// the uncompressed data exactly.
+func (d *Decoder) Decompress4X(dst, src []byte) ([]byte, error) {
+	if len(d.dt.single) == 0 {
+		return nil, errors.New("no table loaded")
+	}
+	if len(src) < 6+(4*1) {
+		return nil, errors.New("input too small")
+	}
+	if use8BitTables && d.actualTableLog <= 8 {
+		return d.decompress4X8bit(dst, src)
+	}
+
+	var br [4]bitReaderShifted
+	// Decode "jump table"
+	start := 6
+	for i := 0; i < 3; i++ {
+		length := int(src[i*2]) | (int(src[i*2+1]) << 8)
+		if start+length >= len(src) {
+			return nil, errors.New("truncated input (or invalid offset)")
+		}
+		err := br[i].init(src[start : start+length])
+		if err != nil {
+			return nil, err
+		}
+		start += length
+	}
+	err := br[3].init(src[start:])
+	if err != nil {
+		return nil, err
+	}
+
+	// destination, offset to match first output
+	dstSize := cap(dst)
+	dst = dst[:dstSize]
+	out := dst
+	dstEvery := (dstSize + 3) / 4
+
+	const tlSize = 1 << tableLogMax
+	const tlMask = tlSize - 1
+	single := d.dt.single[:tlSize]
+
+	// Use temp table to avoid bound checks/append penalty.
+	buf := d.buffer()
+	var off uint8
+	var decoded int
+
+	// Decode 2 values from each decoder/loop.
+	const bufoff = 256
+	for {
+		if br[0].off < 4 || br[1].off < 4 || br[2].off < 4 || br[3].off < 4 {
+			break
+		}
+
+		{
+			const stream = 0
+			const stream2 = 1
+			br[stream].fillFast()
+			br[stream2].fillFast()
+
+			val := br[stream].peekBitsFast(d.actualTableLog)
+			val2 := br[stream2].peekBitsFast(d.actualTableLog)
+			v := single[val&tlMask]
+			v2 := single[val2&tlMask]
+			br[stream].advance(uint8(v.entry))
+			br[stream2].advance(uint8(v2.entry))
+			buf[stream][off] = uint8(v.entry >> 8)
+			buf[stream2][off] = uint8(v2.entry >> 8)
+
+			val = br[stream].peekBitsFast(d.actualTableLog)
+			val2 = br[stream2].peekBitsFast(d.actualTableLog)
+			v = single[val&tlMask]
+			v2 = single[val2&tlMask]
+			br[stream].advance(uint8(v.entry))
+			br[stream2].advance(uint8(v2.entry))
+			buf[stream][off+1] = uint8(v.entry >> 8)
+			buf[stream2][off+1] = uint8(v2.entry >> 8)
+		}
+
+		{
+			const stream = 2
+			const stream2 = 3
+			br[stream].fillFast()
+			br[stream2].fillFast()
+
+			val := br[stream].peekBitsFast(d.actualTableLog)
+			val2 := br[stream2].peekBitsFast(d.actualTableLog)
+			v := single[val&tlMask]
+			v2 := single[val2&tlMask]
+			br[stream].advance(uint8(v.entry))
+			br[stream2].advance(uint8(v2.entry))
+			buf[stream][off] = uint8(v.entry >> 8)
+			buf[stream2][off] = uint8(v2.entry >> 8)
+
+			val = br[stream].peekBitsFast(d.actualTableLog)
+			val2 = br[stream2].peekBitsFast(d.actualTableLog)
+			v = single[val&tlMask]
+			v2 = single[val2&tlMask]
+			br[stream].advance(uint8(v.entry))
+			br[stream2].advance(uint8(v2.entry))
+			buf[stream][off+1] = uint8(v.entry >> 8)
+			buf[stream2][off+1] = uint8(v2.entry >> 8)
+		}
+
+		off += 2
+
+		if off == 0 {
+			if bufoff > dstEvery {
+				d.bufs.Put(buf)
+				return nil, errors.New("corruption detected: stream overrun 1")
+			}
+			// There must at least be 3 buffers left.
+			if len(out)-bufoff < dstEvery*3 {
+				d.bufs.Put(buf)
+				return nil, errors.New("corruption detected: stream overrun 2")
+			}
+			//copy(out, buf[0][:])
+			//copy(out[dstEvery:], buf[1][:])
+			//copy(out[dstEvery*2:], buf[2][:])
+			//copy(out[dstEvery*3:], buf[3][:])
+			*(*[bufoff]byte)(out) = buf[0]
+			*(*[bufoff]byte)(out[dstEvery:]) = buf[1]
+			*(*[bufoff]byte)(out[dstEvery*2:]) = buf[2]
+			*(*[bufoff]byte)(out[dstEvery*3:]) = buf[3]
+			out = out[bufoff:]
+			decoded += bufoff * 4
+		}
+	}
+	if off > 0 {
+		ioff := int(off)
+		if len(out) < dstEvery*3+ioff {
+			d.bufs.Put(buf)
+			return nil, errors.New("corruption detected: stream overrun 3")
+		}
+		copy(out, buf[0][:off])
+		copy(out[dstEvery:], buf[1][:off])
+		copy(out[dstEvery*2:], buf[2][:off])
+		copy(out[dstEvery*3:], buf[3][:off])
+		decoded += int(off) * 4
+		out = out[off:]
+	}
+
+	// Decode remaining.
+	remainBytes := dstEvery - (decoded / 4)
+	for i := range br {
+		offset := dstEvery * i
+		endsAt := offset + remainBytes
+		if endsAt > len(out) {
+			endsAt = len(out)
+		}
+		br := &br[i]
+		bitsLeft := br.remaining()
+		for bitsLeft > 0 {
+			br.fill()
+			if offset >= endsAt {
+				d.bufs.Put(buf)
+				return nil, errors.New("corruption detected: stream overrun 4")
+			}
+
+			// Read value and increment offset.
+			val := br.peekBitsFast(d.actualTableLog)
+			v := single[val&tlMask].entry
+			nBits := uint8(v)
+			br.advance(nBits)
+			bitsLeft -= uint(nBits)
+			out[offset] = uint8(v >> 8)
+			offset++
+		}
+		if offset != endsAt {
+			d.bufs.Put(buf)
+			return nil, fmt.Errorf("corruption detected: short output block %d, end %d != %d", i, offset, endsAt)
+		}
+		decoded += offset - dstEvery*i
+		err = br.close()
+		if err != nil {
+			return nil, err
+		}
+	}
+	d.bufs.Put(buf)
+	if dstSize != decoded {
+		return nil, errors.New("corruption detected: short output block")
+	}
+	return dst, nil
+}
+
+// Decompress1X will decompress a 1X encoded stream.
+// The cap of the output buffer will be the maximum decompressed size.
+// The length of the supplied input must match the end of a block exactly.
+func (d *Decoder) Decompress1X(dst, src []byte) ([]byte, error) {
+	if len(d.dt.single) == 0 {
+		return nil, errors.New("no table loaded")
+	}
+	if use8BitTables && d.actualTableLog <= 8 {
+		return d.decompress1X8Bit(dst, src)
+	}
+	var br bitReaderShifted
+	err := br.init(src)
+	if err != nil {
+		return dst, err
+	}
+	maxDecodedSize := cap(dst)
+	dst = dst[:0]
+
+	// Avoid bounds check by always having full sized table.
+	const tlSize = 1 << tableLogMax
+	const tlMask = tlSize - 1
+	dt := d.dt.single[:tlSize]
+
+	// Use temp table to avoid bound checks/append penalty.
+	bufs := d.buffer()
+	buf := &bufs[0]
+	var off uint8
+
+	for br.off >= 8 {
+		br.fillFast()
+		v := dt[br.peekBitsFast(d.actualTableLog)&tlMask]
+		br.advance(uint8(v.entry))
+		buf[off+0] = uint8(v.entry >> 8)
+
+		v = dt[br.peekBitsFast(d.actualTableLog)&tlMask]
+		br.advance(uint8(v.entry))
+		buf[off+1] = uint8(v.entry >> 8)
+
+		// Refill
+		br.fillFast()
+
+		v = dt[br.peekBitsFast(d.actualTableLog)&tlMask]
+		br.advance(uint8(v.entry))
+		buf[off+2] = uint8(v.entry >> 8)
+
+		v = dt[br.peekBitsFast(d.actualTableLog)&tlMask]
+		br.advance(uint8(v.entry))
+		buf[off+3] = uint8(v.entry >> 8)
+
+		off += 4
+		if off == 0 {
+			if len(dst)+256 > maxDecodedSize {
+				br.close()
+				d.bufs.Put(bufs)
+				return nil, ErrMaxDecodedSizeExceeded
+			}
+			dst = append(dst, buf[:]...)
+		}
+	}
+
+	if len(dst)+int(off) > maxDecodedSize {
+		d.bufs.Put(bufs)
+		br.close()
+		return nil, ErrMaxDecodedSizeExceeded
+	}
+	dst = append(dst, buf[:off]...)
+
+	// br < 8, so uint8 is fine
+	bitsLeft := uint8(br.off)*8 + 64 - br.bitsRead
+	for bitsLeft > 0 {
+		br.fill()
+		if false && br.bitsRead >= 32 {
+			if br.off >= 4 {
+				v := br.in[br.off-4:]
+				v = v[:4]
+				low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+				br.value = (br.value << 32) | uint64(low)
+				br.bitsRead -= 32
+				br.off -= 4
+			} else {
+				for br.off > 0 {
+					br.value = (br.value << 8) | uint64(br.in[br.off-1])
+					br.bitsRead -= 8
+					br.off--
+				}
+			}
+		}
+		if len(dst) >= maxDecodedSize {
+			d.bufs.Put(bufs)
+			br.close()
+			return nil, ErrMaxDecodedSizeExceeded
+		}
+		v := d.dt.single[br.peekBitsFast(d.actualTableLog)&tlMask]
+		nBits := uint8(v.entry)
+		br.advance(nBits)
+		bitsLeft -= nBits
+		dst = append(dst, uint8(v.entry>>8))
+	}
+	d.bufs.Put(bufs)
+	return dst, br.close()
+}
diff --git a/vendor/github.com/klauspost/compress/huff0/huff0.go b/vendor/github.com/klauspost/compress/huff0/huff0.go
new file mode 100644
index 000000000..77ecd68e0
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/huff0/huff0.go
@@ -0,0 +1,337 @@
+// Package huff0 provides fast huffman encoding as used in zstd.
+//
+// See README.md at https://github.com/klauspost/compress/tree/master/huff0 for details.
+package huff0
+
+import (
+	"errors"
+	"fmt"
+	"math"
+	"math/bits"
+	"sync"
+
+	"github.com/klauspost/compress/fse"
+)
+
+const (
+	maxSymbolValue = 255
+
+	// zstandard limits tablelog to 11, see:
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#huffman-tree-description
+	tableLogMax     = 11
+	tableLogDefault = 11
+	minTablelog     = 5
+	huffNodesLen    = 512
+
+	// BlockSizeMax is maximum input size for a single block uncompressed.
+	BlockSizeMax = 1<<18 - 1
+)
+
+var (
+	// ErrIncompressible is returned when input is judged to be too hard to compress.
+	ErrIncompressible = errors.New("input is not compressible")
+
+	// ErrUseRLE is returned from the compressor when the input is a single byte value repeated.
+	ErrUseRLE = errors.New("input is single value repeated")
+
+	// ErrTooBig is return if input is too large for a single block.
+	ErrTooBig = errors.New("input too big")
+
+	// ErrMaxDecodedSizeExceeded is return if input is too large for a single block.
+	ErrMaxDecodedSizeExceeded = errors.New("maximum output size exceeded")
+)
+
+type ReusePolicy uint8
+
+const (
+	// ReusePolicyAllow will allow reuse if it produces smaller output.
+	ReusePolicyAllow ReusePolicy = iota
+
+	// ReusePolicyPrefer will re-use aggressively if possible.
+	// This will not check if a new table will produce smaller output,
+	// except if the current table is impossible to use or
+	// compressed output is bigger than input.
+	ReusePolicyPrefer
+
+	// ReusePolicyNone will disable re-use of tables.
+	// This is slightly faster than ReusePolicyAllow but may produce larger output.
+	ReusePolicyNone
+
+	// ReusePolicyMust must allow reuse and produce smaller output.
+	ReusePolicyMust
+)
+
+type Scratch struct {
+	count [maxSymbolValue + 1]uint32
+
+	// Per block parameters.
+	// These can be used to override compression parameters of the block.
+	// Do not touch, unless you know what you are doing.
+
+	// Out is output buffer.
+	// If the scratch is re-used before the caller is done processing the output,
+	// set this field to nil.
+	// Otherwise the output buffer will be re-used for next Compression/Decompression step
+	// and allocation will be avoided.
+	Out []byte
+
+	// OutTable will contain the table data only, if a new table has been generated.
+	// Slice of the returned data.
+	OutTable []byte
+
+	// OutData will contain the compressed data.
+	// Slice of the returned data.
+	OutData []byte
+
+	// MaxDecodedSize will set the maximum allowed output size.
+	// This value will automatically be set to BlockSizeMax if not set.
+	// Decoders will return ErrMaxDecodedSizeExceeded is this limit is exceeded.
+	MaxDecodedSize int
+
+	srcLen int
+
+	// MaxSymbolValue will override the maximum symbol value of the next block.
+	MaxSymbolValue uint8
+
+	// TableLog will attempt to override the tablelog for the next block.
+	// Must be <= 11 and >= 5.
+	TableLog uint8
+
+	// Reuse will specify the reuse policy
+	Reuse ReusePolicy
+
+	// WantLogLess allows to specify a log 2 reduction that should at least be achieved,
+	// otherwise the block will be returned as incompressible.
+	// The reduction should then at least be (input size >> WantLogLess)
+	// If WantLogLess == 0 any improvement will do.
+	WantLogLess uint8
+
+	symbolLen      uint16 // Length of active part of the symbol table.
+	maxCount       int    // count of the most probable symbol
+	clearCount     bool   // clear count
+	actualTableLog uint8  // Selected tablelog.
+	prevTableLog   uint8  // Tablelog for previous table
+	prevTable      cTable // Table used for previous compression.
+	cTable         cTable // compression table
+	dt             dTable // decompression table
+	nodes          []nodeElt
+	tmpOut         [4][]byte
+	fse            *fse.Scratch
+	decPool        sync.Pool // *[4][256]byte buffers.
+	huffWeight     [maxSymbolValue + 1]byte
+}
+
+// TransferCTable will transfer the previously used compression table.
+func (s *Scratch) TransferCTable(src *Scratch) {
+	if cap(s.prevTable) < len(src.prevTable) {
+		s.prevTable = make(cTable, 0, maxSymbolValue+1)
+	}
+	s.prevTable = s.prevTable[:len(src.prevTable)]
+	copy(s.prevTable, src.prevTable)
+	s.prevTableLog = src.prevTableLog
+}
+
+func (s *Scratch) prepare(in []byte) (*Scratch, error) {
+	if len(in) > BlockSizeMax {
+		return nil, ErrTooBig
+	}
+	if s == nil {
+		s = &Scratch{}
+	}
+	if s.MaxSymbolValue == 0 {
+		s.MaxSymbolValue = maxSymbolValue
+	}
+	if s.TableLog == 0 {
+		s.TableLog = tableLogDefault
+	}
+	if s.TableLog > tableLogMax || s.TableLog < minTablelog {
+		return nil, fmt.Errorf(" invalid tableLog %d (%d -> %d)", s.TableLog, minTablelog, tableLogMax)
+	}
+	if s.MaxDecodedSize <= 0 || s.MaxDecodedSize > BlockSizeMax {
+		s.MaxDecodedSize = BlockSizeMax
+	}
+	if s.clearCount && s.maxCount == 0 {
+		for i := range s.count {
+			s.count[i] = 0
+		}
+		s.clearCount = false
+	}
+	if cap(s.Out) == 0 {
+		s.Out = make([]byte, 0, len(in))
+	}
+	s.Out = s.Out[:0]
+
+	s.OutTable = nil
+	s.OutData = nil
+	if cap(s.nodes) < huffNodesLen+1 {
+		s.nodes = make([]nodeElt, 0, huffNodesLen+1)
+	}
+	s.nodes = s.nodes[:0]
+	if s.fse == nil {
+		s.fse = &fse.Scratch{}
+	}
+	s.srcLen = len(in)
+
+	return s, nil
+}
+
+type cTable []cTableEntry
+
+func (c cTable) write(s *Scratch) error {
+	var (
+		// precomputed conversion table
+		bitsToWeight [tableLogMax + 1]byte
+		huffLog      = s.actualTableLog
+		// last weight is not saved.
+		maxSymbolValue = uint8(s.symbolLen - 1)
+		huffWeight     = s.huffWeight[:256]
+	)
+	const (
+		maxFSETableLog = 6
+	)
+	// convert to weight
+	bitsToWeight[0] = 0
+	for n := uint8(1); n < huffLog+1; n++ {
+		bitsToWeight[n] = huffLog + 1 - n
+	}
+
+	// Acquire histogram for FSE.
+	hist := s.fse.Histogram()
+	hist = hist[:256]
+	for i := range hist[:16] {
+		hist[i] = 0
+	}
+	for n := uint8(0); n < maxSymbolValue; n++ {
+		v := bitsToWeight[c[n].nBits] & 15
+		huffWeight[n] = v
+		hist[v]++
+	}
+
+	// FSE compress if feasible.
+	if maxSymbolValue >= 2 {
+		huffMaxCnt := uint32(0)
+		huffMax := uint8(0)
+		for i, v := range hist[:16] {
+			if v == 0 {
+				continue
+			}
+			huffMax = byte(i)
+			if v > huffMaxCnt {
+				huffMaxCnt = v
+			}
+		}
+		s.fse.HistogramFinished(huffMax, int(huffMaxCnt))
+		s.fse.TableLog = maxFSETableLog
+		b, err := fse.Compress(huffWeight[:maxSymbolValue], s.fse)
+		if err == nil && len(b) < int(s.symbolLen>>1) {
+			s.Out = append(s.Out, uint8(len(b)))
+			s.Out = append(s.Out, b...)
+			return nil
+		}
+		// Unable to compress (RLE/uncompressible)
+	}
+	// write raw values as 4-bits (max : 15)
+	if maxSymbolValue > (256 - 128) {
+		// should not happen : likely means source cannot be compressed
+		return ErrIncompressible
+	}
+	op := s.Out
+	// special case, pack weights 4 bits/weight.
+	op = append(op, 128|(maxSymbolValue-1))
+	// be sure it doesn't cause msan issue in final combination
+	huffWeight[maxSymbolValue] = 0
+	for n := uint16(0); n < uint16(maxSymbolValue); n += 2 {
+		op = append(op, (huffWeight[n]<<4)|huffWeight[n+1])
+	}
+	s.Out = op
+	return nil
+}
+
+func (c cTable) estTableSize(s *Scratch) (sz int, err error) {
+	var (
+		// precomputed conversion table
+		bitsToWeight [tableLogMax + 1]byte
+		huffLog      = s.actualTableLog
+		// last weight is not saved.
+		maxSymbolValue = uint8(s.symbolLen - 1)
+		huffWeight     = s.huffWeight[:256]
+	)
+	const (
+		maxFSETableLog = 6
+	)
+	// convert to weight
+	bitsToWeight[0] = 0
+	for n := uint8(1); n < huffLog+1; n++ {
+		bitsToWeight[n] = huffLog + 1 - n
+	}
+
+	// Acquire histogram for FSE.
+	hist := s.fse.Histogram()
+	hist = hist[:256]
+	for i := range hist[:16] {
+		hist[i] = 0
+	}
+	for n := uint8(0); n < maxSymbolValue; n++ {
+		v := bitsToWeight[c[n].nBits] & 15
+		huffWeight[n] = v
+		hist[v]++
+	}
+
+	// FSE compress if feasible.
+	if maxSymbolValue >= 2 {
+		huffMaxCnt := uint32(0)
+		huffMax := uint8(0)
+		for i, v := range hist[:16] {
+			if v == 0 {
+				continue
+			}
+			huffMax = byte(i)
+			if v > huffMaxCnt {
+				huffMaxCnt = v
+			}
+		}
+		s.fse.HistogramFinished(huffMax, int(huffMaxCnt))
+		s.fse.TableLog = maxFSETableLog
+		b, err := fse.Compress(huffWeight[:maxSymbolValue], s.fse)
+		if err == nil && len(b) < int(s.symbolLen>>1) {
+			sz += 1 + len(b)
+			return sz, nil
+		}
+		// Unable to compress (RLE/uncompressible)
+	}
+	// write raw values as 4-bits (max : 15)
+	if maxSymbolValue > (256 - 128) {
+		// should not happen : likely means source cannot be compressed
+		return 0, ErrIncompressible
+	}
+	// special case, pack weights 4 bits/weight.
+	sz += 1 + int(maxSymbolValue/2)
+	return sz, nil
+}
+
+// estimateSize returns the estimated size in bytes of the input represented in the
+// histogram supplied.
+func (c cTable) estimateSize(hist []uint32) int {
+	nbBits := uint32(7)
+	for i, v := range c[:len(hist)] {
+		nbBits += uint32(v.nBits) * hist[i]
+	}
+	return int(nbBits >> 3)
+}
+
+// minSize returns the minimum possible size considering the shannon limit.
+func (s *Scratch) minSize(total int) int {
+	nbBits := float64(7)
+	fTotal := float64(total)
+	for _, v := range s.count[:s.symbolLen] {
+		n := float64(v)
+		if n > 0 {
+			nbBits += math.Log2(fTotal/n) * n
+		}
+	}
+	return int(nbBits) >> 3
+}
+
+func highBit32(val uint32) (n uint32) {
+	return uint32(bits.Len32(val) - 1)
+}
diff --git a/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo.go b/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo.go
new file mode 100644
index 000000000..3954c5121
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo.go
@@ -0,0 +1,34 @@
+// Package cpuinfo gives runtime info about the current CPU.
+//
+// This is a very limited module meant for use internally
+// in this project. For more versatile solution check
+// https://github.com/klauspost/cpuid.
+package cpuinfo
+
+// HasBMI1 checks whether an x86 CPU supports the BMI1 extension.
+func HasBMI1() bool {
+	return hasBMI1
+}
+
+// HasBMI2 checks whether an x86 CPU supports the BMI2 extension.
+func HasBMI2() bool {
+	return hasBMI2
+}
+
+// DisableBMI2 will disable BMI2, for testing purposes.
+// Call returned function to restore previous state.
+func DisableBMI2() func() {
+	old := hasBMI2
+	hasBMI2 = false
+	return func() {
+		hasBMI2 = old
+	}
+}
+
+// HasBMI checks whether an x86 CPU supports both BMI1 and BMI2 extensions.
+func HasBMI() bool {
+	return HasBMI1() && HasBMI2()
+}
+
+var hasBMI1 bool
+var hasBMI2 bool
diff --git a/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.go b/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.go
new file mode 100644
index 000000000..e802579c4
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.go
@@ -0,0 +1,11 @@
+//go:build amd64 && !appengine && !noasm && gc
+// +build amd64,!appengine,!noasm,gc
+
+package cpuinfo
+
+// go:noescape
+func x86extensions() (bmi1, bmi2 bool)
+
+func init() {
+	hasBMI1, hasBMI2 = x86extensions()
+}
diff --git a/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.s b/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.s
new file mode 100644
index 000000000..4465fbe9e
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.s
@@ -0,0 +1,36 @@
+// +build !appengine
+// +build gc
+// +build !noasm
+
+#include "textflag.h"
+#include "funcdata.h"
+#include "go_asm.h"
+
+TEXT ·x86extensions(SB), NOSPLIT, $0
+	// 1. determine max EAX value
+	XORQ AX, AX
+	CPUID
+
+	CMPQ AX, $7
+	JB   unsupported
+
+	// 2. EAX = 7, ECX = 0 --- see Table 3-8 "Information Returned by CPUID Instruction"
+	MOVQ $7, AX
+	MOVQ $0, CX
+	CPUID
+
+	BTQ   $3, BX // bit 3 = BMI1
+	SETCS AL
+
+	BTQ   $8, BX // bit 8 = BMI2
+	SETCS AH
+
+	MOVB AL, bmi1+0(FP)
+	MOVB AH, bmi2+1(FP)
+	RET
+
+unsupported:
+	XORQ AX, AX
+	MOVB AL, bmi1+0(FP)
+	MOVB AL, bmi2+1(FP)
+	RET
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/LICENSE b/vendor/github.com/klauspost/compress/internal/snapref/LICENSE
new file mode 100644
index 000000000..6050c10f4
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/internal/snapref/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2011 The Snappy-Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/decode.go b/vendor/github.com/klauspost/compress/internal/snapref/decode.go
new file mode 100644
index 000000000..40796a49d
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/internal/snapref/decode.go
@@ -0,0 +1,264 @@
+// Copyright 2011 The Snappy-Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package snapref
+
+import (
+	"encoding/binary"
+	"errors"
+	"io"
+)
+
+var (
+	// ErrCorrupt reports that the input is invalid.
+	ErrCorrupt = errors.New("snappy: corrupt input")
+	// ErrTooLarge reports that the uncompressed length is too large.
+	ErrTooLarge = errors.New("snappy: decoded block is too large")
+	// ErrUnsupported reports that the input isn't supported.
+	ErrUnsupported = errors.New("snappy: unsupported input")
+
+	errUnsupportedLiteralLength = errors.New("snappy: unsupported literal length")
+)
+
+// DecodedLen returns the length of the decoded block.
+func DecodedLen(src []byte) (int, error) {
+	v, _, err := decodedLen(src)
+	return v, err
+}
+
+// decodedLen returns the length of the decoded block and the number of bytes
+// that the length header occupied.
+func decodedLen(src []byte) (blockLen, headerLen int, err error) {
+	v, n := binary.Uvarint(src)
+	if n <= 0 || v > 0xffffffff {
+		return 0, 0, ErrCorrupt
+	}
+
+	const wordSize = 32 << (^uint(0) >> 32 & 1)
+	if wordSize == 32 && v > 0x7fffffff {
+		return 0, 0, ErrTooLarge
+	}
+	return int(v), n, nil
+}
+
+const (
+	decodeErrCodeCorrupt                  = 1
+	decodeErrCodeUnsupportedLiteralLength = 2
+)
+
+// Decode returns the decoded form of src. The returned slice may be a sub-
+// slice of dst if dst was large enough to hold the entire decoded block.
+// Otherwise, a newly allocated slice will be returned.
+//
+// The dst and src must not overlap. It is valid to pass a nil dst.
+//
+// Decode handles the Snappy block format, not the Snappy stream format.
+func Decode(dst, src []byte) ([]byte, error) {
+	dLen, s, err := decodedLen(src)
+	if err != nil {
+		return nil, err
+	}
+	if dLen <= len(dst) {
+		dst = dst[:dLen]
+	} else {
+		dst = make([]byte, dLen)
+	}
+	switch decode(dst, src[s:]) {
+	case 0:
+		return dst, nil
+	case decodeErrCodeUnsupportedLiteralLength:
+		return nil, errUnsupportedLiteralLength
+	}
+	return nil, ErrCorrupt
+}
+
+// NewReader returns a new Reader that decompresses from r, using the framing
+// format described at
+// https://github.com/google/snappy/blob/master/framing_format.txt
+func NewReader(r io.Reader) *Reader {
+	return &Reader{
+		r:       r,
+		decoded: make([]byte, maxBlockSize),
+		buf:     make([]byte, maxEncodedLenOfMaxBlockSize+checksumSize),
+	}
+}
+
+// Reader is an io.Reader that can read Snappy-compressed bytes.
+//
+// Reader handles the Snappy stream format, not the Snappy block format.
+type Reader struct {
+	r       io.Reader
+	err     error
+	decoded []byte
+	buf     []byte
+	// decoded[i:j] contains decoded bytes that have not yet been passed on.
+	i, j       int
+	readHeader bool
+}
+
+// Reset discards any buffered data, resets all state, and switches the Snappy
+// reader to read from r. This permits reusing a Reader rather than allocating
+// a new one.
+func (r *Reader) Reset(reader io.Reader) {
+	r.r = reader
+	r.err = nil
+	r.i = 0
+	r.j = 0
+	r.readHeader = false
+}
+
+func (r *Reader) readFull(p []byte, allowEOF bool) (ok bool) {
+	if _, r.err = io.ReadFull(r.r, p); r.err != nil {
+		if r.err == io.ErrUnexpectedEOF || (r.err == io.EOF && !allowEOF) {
+			r.err = ErrCorrupt
+		}
+		return false
+	}
+	return true
+}
+
+func (r *Reader) fill() error {
+	for r.i >= r.j {
+		if !r.readFull(r.buf[:4], true) {
+			return r.err
+		}
+		chunkType := r.buf[0]
+		if !r.readHeader {
+			if chunkType != chunkTypeStreamIdentifier {
+				r.err = ErrCorrupt
+				return r.err
+			}
+			r.readHeader = true
+		}
+		chunkLen := int(r.buf[1]) | int(r.buf[2])<<8 | int(r.buf[3])<<16
+		if chunkLen > len(r.buf) {
+			r.err = ErrUnsupported
+			return r.err
+		}
+
+		// The chunk types are specified at
+		// https://github.com/google/snappy/blob/master/framing_format.txt
+		switch chunkType {
+		case chunkTypeCompressedData:
+			// Section 4.2. Compressed data (chunk type 0x00).
+			if chunkLen < checksumSize {
+				r.err = ErrCorrupt
+				return r.err
+			}
+			buf := r.buf[:chunkLen]
+			if !r.readFull(buf, false) {
+				return r.err
+			}
+			checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24
+			buf = buf[checksumSize:]
+
+			n, err := DecodedLen(buf)
+			if err != nil {
+				r.err = err
+				return r.err
+			}
+			if n > len(r.decoded) {
+				r.err = ErrCorrupt
+				return r.err
+			}
+			if _, err := Decode(r.decoded, buf); err != nil {
+				r.err = err
+				return r.err
+			}
+			if crc(r.decoded[:n]) != checksum {
+				r.err = ErrCorrupt
+				return r.err
+			}
+			r.i, r.j = 0, n
+			continue
+
+		case chunkTypeUncompressedData:
+			// Section 4.3. Uncompressed data (chunk type 0x01).
+			if chunkLen < checksumSize {
+				r.err = ErrCorrupt
+				return r.err
+			}
+			buf := r.buf[:checksumSize]
+			if !r.readFull(buf, false) {
+				return r.err
+			}
+			checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24
+			// Read directly into r.decoded instead of via r.buf.
+			n := chunkLen - checksumSize
+			if n > len(r.decoded) {
+				r.err = ErrCorrupt
+				return r.err
+			}
+			if !r.readFull(r.decoded[:n], false) {
+				return r.err
+			}
+			if crc(r.decoded[:n]) != checksum {
+				r.err = ErrCorrupt
+				return r.err
+			}
+			r.i, r.j = 0, n
+			continue
+
+		case chunkTypeStreamIdentifier:
+			// Section 4.1. Stream identifier (chunk type 0xff).
+			if chunkLen != len(magicBody) {
+				r.err = ErrCorrupt
+				return r.err
+			}
+			if !r.readFull(r.buf[:len(magicBody)], false) {
+				return r.err
+			}
+			for i := 0; i < len(magicBody); i++ {
+				if r.buf[i] != magicBody[i] {
+					r.err = ErrCorrupt
+					return r.err
+				}
+			}
+			continue
+		}
+
+		if chunkType <= 0x7f {
+			// Section 4.5. Reserved unskippable chunks (chunk types 0x02-0x7f).
+			r.err = ErrUnsupported
+			return r.err
+		}
+		// Section 4.4 Padding (chunk type 0xfe).
+		// Section 4.6. Reserved skippable chunks (chunk types 0x80-0xfd).
+		if !r.readFull(r.buf[:chunkLen], false) {
+			return r.err
+		}
+	}
+
+	return nil
+}
+
+// Read satisfies the io.Reader interface.
+func (r *Reader) Read(p []byte) (int, error) {
+	if r.err != nil {
+		return 0, r.err
+	}
+
+	if err := r.fill(); err != nil {
+		return 0, err
+	}
+
+	n := copy(p, r.decoded[r.i:r.j])
+	r.i += n
+	return n, nil
+}
+
+// ReadByte satisfies the io.ByteReader interface.
+func (r *Reader) ReadByte() (byte, error) {
+	if r.err != nil {
+		return 0, r.err
+	}
+
+	if err := r.fill(); err != nil {
+		return 0, err
+	}
+
+	c := r.decoded[r.i]
+	r.i++
+	return c, nil
+}
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/decode_other.go b/vendor/github.com/klauspost/compress/internal/snapref/decode_other.go
new file mode 100644
index 000000000..77395a6b8
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/internal/snapref/decode_other.go
@@ -0,0 +1,113 @@
+// Copyright 2016 The Snappy-Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package snapref
+
+// decode writes the decoding of src to dst. It assumes that the varint-encoded
+// length of the decompressed bytes has already been read, and that len(dst)
+// equals that length.
+//
+// It returns 0 on success or a decodeErrCodeXxx error code on failure.
+func decode(dst, src []byte) int {
+	var d, s, offset, length int
+	for s < len(src) {
+		switch src[s] & 0x03 {
+		case tagLiteral:
+			x := uint32(src[s] >> 2)
+			switch {
+			case x < 60:
+				s++
+			case x == 60:
+				s += 2
+				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+					return decodeErrCodeCorrupt
+				}
+				x = uint32(src[s-1])
+			case x == 61:
+				s += 3
+				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+					return decodeErrCodeCorrupt
+				}
+				x = uint32(src[s-2]) | uint32(src[s-1])<<8
+			case x == 62:
+				s += 4
+				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+					return decodeErrCodeCorrupt
+				}
+				x = uint32(src[s-3]) | uint32(src[s-2])<<8 | uint32(src[s-1])<<16
+			case x == 63:
+				s += 5
+				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+					return decodeErrCodeCorrupt
+				}
+				x = uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24
+			}
+			length = int(x) + 1
+			if length <= 0 {
+				return decodeErrCodeUnsupportedLiteralLength
+			}
+			if length > len(dst)-d || length > len(src)-s {
+				return decodeErrCodeCorrupt
+			}
+			copy(dst[d:], src[s:s+length])
+			d += length
+			s += length
+			continue
+
+		case tagCopy1:
+			s += 2
+			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+				return decodeErrCodeCorrupt
+			}
+			length = 4 + int(src[s-2])>>2&0x7
+			offset = int(uint32(src[s-2])&0xe0<<3 | uint32(src[s-1]))
+
+		case tagCopy2:
+			s += 3
+			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+				return decodeErrCodeCorrupt
+			}
+			length = 1 + int(src[s-3])>>2
+			offset = int(uint32(src[s-2]) | uint32(src[s-1])<<8)
+
+		case tagCopy4:
+			s += 5
+			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+				return decodeErrCodeCorrupt
+			}
+			length = 1 + int(src[s-5])>>2
+			offset = int(uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24)
+		}
+
+		if offset <= 0 || d < offset || length > len(dst)-d {
+			return decodeErrCodeCorrupt
+		}
+		// Copy from an earlier sub-slice of dst to a later sub-slice.
+		// If no overlap, use the built-in copy:
+		if offset >= length {
+			copy(dst[d:d+length], dst[d-offset:])
+			d += length
+			continue
+		}
+
+		// Unlike the built-in copy function, this byte-by-byte copy always runs
+		// forwards, even if the slices overlap. Conceptually, this is:
+		//
+		// d += forwardCopy(dst[d:d+length], dst[d-offset:])
+		//
+		// We align the slices into a and b and show the compiler they are the same size.
+		// This allows the loop to run without bounds checks.
+		a := dst[d : d+length]
+		b := dst[d-offset:]
+		b = b[:len(a)]
+		for i := range a {
+			a[i] = b[i]
+		}
+		d += length
+	}
+	if d != len(dst) {
+		return decodeErrCodeCorrupt
+	}
+	return 0
+}
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/encode.go b/vendor/github.com/klauspost/compress/internal/snapref/encode.go
new file mode 100644
index 000000000..13c6040a5
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/internal/snapref/encode.go
@@ -0,0 +1,289 @@
+// Copyright 2011 The Snappy-Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package snapref
+
+import (
+	"encoding/binary"
+	"errors"
+	"io"
+)
+
+// Encode returns the encoded form of src. The returned slice may be a sub-
+// slice of dst if dst was large enough to hold the entire encoded block.
+// Otherwise, a newly allocated slice will be returned.
+//
+// The dst and src must not overlap. It is valid to pass a nil dst.
+//
+// Encode handles the Snappy block format, not the Snappy stream format.
+func Encode(dst, src []byte) []byte {
+	if n := MaxEncodedLen(len(src)); n < 0 {
+		panic(ErrTooLarge)
+	} else if len(dst) < n {
+		dst = make([]byte, n)
+	}
+
+	// The block starts with the varint-encoded length of the decompressed bytes.
+	d := binary.PutUvarint(dst, uint64(len(src)))
+
+	for len(src) > 0 {
+		p := src
+		src = nil
+		if len(p) > maxBlockSize {
+			p, src = p[:maxBlockSize], p[maxBlockSize:]
+		}
+		if len(p) < minNonLiteralBlockSize {
+			d += emitLiteral(dst[d:], p)
+		} else {
+			d += encodeBlock(dst[d:], p)
+		}
+	}
+	return dst[:d]
+}
+
+// inputMargin is the minimum number of extra input bytes to keep, inside
+// encodeBlock's inner loop. On some architectures, this margin lets us
+// implement a fast path for emitLiteral, where the copy of short (<= 16 byte)
+// literals can be implemented as a single load to and store from a 16-byte
+// register. That literal's actual length can be as short as 1 byte, so this
+// can copy up to 15 bytes too much, but that's OK as subsequent iterations of
+// the encoding loop will fix up the copy overrun, and this inputMargin ensures
+// that we don't overrun the dst and src buffers.
+const inputMargin = 16 - 1
+
+// minNonLiteralBlockSize is the minimum size of the input to encodeBlock that
+// could be encoded with a copy tag. This is the minimum with respect to the
+// algorithm used by encodeBlock, not a minimum enforced by the file format.
+//
+// The encoded output must start with at least a 1 byte literal, as there are
+// no previous bytes to copy. A minimal (1 byte) copy after that, generated
+// from an emitCopy call in encodeBlock's main loop, would require at least
+// another inputMargin bytes, for the reason above: we want any emitLiteral
+// calls inside encodeBlock's main loop to use the fast path if possible, which
+// requires being able to overrun by inputMargin bytes. Thus,
+// minNonLiteralBlockSize equals 1 + 1 + inputMargin.
+//
+// The C++ code doesn't use this exact threshold, but it could, as discussed at
+// https://groups.google.com/d/topic/snappy-compression/oGbhsdIJSJ8/discussion
+// The difference between Go (2+inputMargin) and C++ (inputMargin) is purely an
+// optimization. It should not affect the encoded form. This is tested by
+// TestSameEncodingAsCppShortCopies.
+const minNonLiteralBlockSize = 1 + 1 + inputMargin
+
+// MaxEncodedLen returns the maximum length of a snappy block, given its
+// uncompressed length.
+//
+// It will return a negative value if srcLen is too large to encode.
+func MaxEncodedLen(srcLen int) int {
+	n := uint64(srcLen)
+	if n > 0xffffffff {
+		return -1
+	}
+	// Compressed data can be defined as:
+	//    compressed := item* literal*
+	//    item       := literal* copy
+	//
+	// The trailing literal sequence has a space blowup of at most 62/60
+	// since a literal of length 60 needs one tag byte + one extra byte
+	// for length information.
+	//
+	// Item blowup is trickier to measure. Suppose the "copy" op copies
+	// 4 bytes of data. Because of a special check in the encoding code,
+	// we produce a 4-byte copy only if the offset is < 65536. Therefore
+	// the copy op takes 3 bytes to encode, and this type of item leads
+	// to at most the 62/60 blowup for representing literals.
+	//
+	// Suppose the "copy" op copies 5 bytes of data. If the offset is big
+	// enough, it will take 5 bytes to encode the copy op. Therefore the
+	// worst case here is a one-byte literal followed by a five-byte copy.
+	// That is, 6 bytes of input turn into 7 bytes of "compressed" data.
+	//
+	// This last factor dominates the blowup, so the final estimate is:
+	n = 32 + n + n/6
+	if n > 0xffffffff {
+		return -1
+	}
+	return int(n)
+}
+
+var errClosed = errors.New("snappy: Writer is closed")
+
+// NewWriter returns a new Writer that compresses to w.
+//
+// The Writer returned does not buffer writes. There is no need to Flush or
+// Close such a Writer.
+//
+// Deprecated: the Writer returned is not suitable for many small writes, only
+// for few large writes. Use NewBufferedWriter instead, which is efficient
+// regardless of the frequency and shape of the writes, and remember to Close
+// that Writer when done.
+func NewWriter(w io.Writer) *Writer {
+	return &Writer{
+		w:    w,
+		obuf: make([]byte, obufLen),
+	}
+}
+
+// NewBufferedWriter returns a new Writer that compresses to w, using the
+// framing format described at
+// https://github.com/google/snappy/blob/master/framing_format.txt
+//
+// The Writer returned buffers writes. Users must call Close to guarantee all
+// data has been forwarded to the underlying io.Writer. They may also call
+// Flush zero or more times before calling Close.
+func NewBufferedWriter(w io.Writer) *Writer {
+	return &Writer{
+		w:    w,
+		ibuf: make([]byte, 0, maxBlockSize),
+		obuf: make([]byte, obufLen),
+	}
+}
+
+// Writer is an io.Writer that can write Snappy-compressed bytes.
+//
+// Writer handles the Snappy stream format, not the Snappy block format.
+type Writer struct {
+	w   io.Writer
+	err error
+
+	// ibuf is a buffer for the incoming (uncompressed) bytes.
+	//
+	// Its use is optional. For backwards compatibility, Writers created by the
+	// NewWriter function have ibuf == nil, do not buffer incoming bytes, and
+	// therefore do not need to be Flush'ed or Close'd.
+	ibuf []byte
+
+	// obuf is a buffer for the outgoing (compressed) bytes.
+	obuf []byte
+
+	// wroteStreamHeader is whether we have written the stream header.
+	wroteStreamHeader bool
+}
+
+// Reset discards the writer's state and switches the Snappy writer to write to
+// w. This permits reusing a Writer rather than allocating a new one.
+func (w *Writer) Reset(writer io.Writer) {
+	w.w = writer
+	w.err = nil
+	if w.ibuf != nil {
+		w.ibuf = w.ibuf[:0]
+	}
+	w.wroteStreamHeader = false
+}
+
+// Write satisfies the io.Writer interface.
+func (w *Writer) Write(p []byte) (nRet int, errRet error) {
+	if w.ibuf == nil {
+		// Do not buffer incoming bytes. This does not perform or compress well
+		// if the caller of Writer.Write writes many small slices. This
+		// behavior is therefore deprecated, but still supported for backwards
+		// compatibility with code that doesn't explicitly Flush or Close.
+		return w.write(p)
+	}
+
+	// The remainder of this method is based on bufio.Writer.Write from the
+	// standard library.
+
+	for len(p) > (cap(w.ibuf)-len(w.ibuf)) && w.err == nil {
+		var n int
+		if len(w.ibuf) == 0 {
+			// Large write, empty buffer.
+			// Write directly from p to avoid copy.
+			n, _ = w.write(p)
+		} else {
+			n = copy(w.ibuf[len(w.ibuf):cap(w.ibuf)], p)
+			w.ibuf = w.ibuf[:len(w.ibuf)+n]
+			w.Flush()
+		}
+		nRet += n
+		p = p[n:]
+	}
+	if w.err != nil {
+		return nRet, w.err
+	}
+	n := copy(w.ibuf[len(w.ibuf):cap(w.ibuf)], p)
+	w.ibuf = w.ibuf[:len(w.ibuf)+n]
+	nRet += n
+	return nRet, nil
+}
+
+func (w *Writer) write(p []byte) (nRet int, errRet error) {
+	if w.err != nil {
+		return 0, w.err
+	}
+	for len(p) > 0 {
+		obufStart := len(magicChunk)
+		if !w.wroteStreamHeader {
+			w.wroteStreamHeader = true
+			copy(w.obuf, magicChunk)
+			obufStart = 0
+		}
+
+		var uncompressed []byte
+		if len(p) > maxBlockSize {
+			uncompressed, p = p[:maxBlockSize], p[maxBlockSize:]
+		} else {
+			uncompressed, p = p, nil
+		}
+		checksum := crc(uncompressed)
+
+		// Compress the buffer, discarding the result if the improvement
+		// isn't at least 12.5%.
+		compressed := Encode(w.obuf[obufHeaderLen:], uncompressed)
+		chunkType := uint8(chunkTypeCompressedData)
+		chunkLen := 4 + len(compressed)
+		obufEnd := obufHeaderLen + len(compressed)
+		if len(compressed) >= len(uncompressed)-len(uncompressed)/8 {
+			chunkType = chunkTypeUncompressedData
+			chunkLen = 4 + len(uncompressed)
+			obufEnd = obufHeaderLen
+		}
+
+		// Fill in the per-chunk header that comes before the body.
+		w.obuf[len(magicChunk)+0] = chunkType
+		w.obuf[len(magicChunk)+1] = uint8(chunkLen >> 0)
+		w.obuf[len(magicChunk)+2] = uint8(chunkLen >> 8)
+		w.obuf[len(magicChunk)+3] = uint8(chunkLen >> 16)
+		w.obuf[len(magicChunk)+4] = uint8(checksum >> 0)
+		w.obuf[len(magicChunk)+5] = uint8(checksum >> 8)
+		w.obuf[len(magicChunk)+6] = uint8(checksum >> 16)
+		w.obuf[len(magicChunk)+7] = uint8(checksum >> 24)
+
+		if _, err := w.w.Write(w.obuf[obufStart:obufEnd]); err != nil {
+			w.err = err
+			return nRet, err
+		}
+		if chunkType == chunkTypeUncompressedData {
+			if _, err := w.w.Write(uncompressed); err != nil {
+				w.err = err
+				return nRet, err
+			}
+		}
+		nRet += len(uncompressed)
+	}
+	return nRet, nil
+}
+
+// Flush flushes the Writer to its underlying io.Writer.
+func (w *Writer) Flush() error {
+	if w.err != nil {
+		return w.err
+	}
+	if len(w.ibuf) == 0 {
+		return nil
+	}
+	w.write(w.ibuf)
+	w.ibuf = w.ibuf[:0]
+	return w.err
+}
+
+// Close calls Flush and then closes the Writer.
+func (w *Writer) Close() error {
+	w.Flush()
+	ret := w.err
+	if w.err == nil {
+		w.err = errClosed
+	}
+	return ret
+}
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/encode_other.go b/vendor/github.com/klauspost/compress/internal/snapref/encode_other.go
new file mode 100644
index 000000000..2754bac6f
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/internal/snapref/encode_other.go
@@ -0,0 +1,250 @@
+// Copyright 2016 The Snappy-Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package snapref
+
+func load32(b []byte, i int) uint32 {
+	b = b[i : i+4 : len(b)] // Help the compiler eliminate bounds checks on the next line.
+	return uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24
+}
+
+func load64(b []byte, i int) uint64 {
+	b = b[i : i+8 : len(b)] // Help the compiler eliminate bounds checks on the next line.
+	return uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 |
+		uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56
+}
+
+// emitLiteral writes a literal chunk and returns the number of bytes written.
+//
+// It assumes that:
+//
+//	dst is long enough to hold the encoded bytes
+//	1 <= len(lit) && len(lit) <= 65536
+func emitLiteral(dst, lit []byte) int {
+	i, n := 0, uint(len(lit)-1)
+	switch {
+	case n < 60:
+		dst[0] = uint8(n)<<2 | tagLiteral
+		i = 1
+	case n < 1<<8:
+		dst[0] = 60<<2 | tagLiteral
+		dst[1] = uint8(n)
+		i = 2
+	default:
+		dst[0] = 61<<2 | tagLiteral
+		dst[1] = uint8(n)
+		dst[2] = uint8(n >> 8)
+		i = 3
+	}
+	return i + copy(dst[i:], lit)
+}
+
+// emitCopy writes a copy chunk and returns the number of bytes written.
+//
+// It assumes that:
+//
+//	dst is long enough to hold the encoded bytes
+//	1 <= offset && offset <= 65535
+//	4 <= length && length <= 65535
+func emitCopy(dst []byte, offset, length int) int {
+	i := 0
+	// The maximum length for a single tagCopy1 or tagCopy2 op is 64 bytes. The
+	// threshold for this loop is a little higher (at 68 = 64 + 4), and the
+	// length emitted down below is a little lower (at 60 = 64 - 4), because
+	// it's shorter to encode a length 67 copy as a length 60 tagCopy2 followed
+	// by a length 7 tagCopy1 (which encodes as 3+2 bytes) than to encode it as
+	// a length 64 tagCopy2 followed by a length 3 tagCopy2 (which encodes as
+	// 3+3 bytes). The magic 4 in the 64±4 is because the minimum length for a
+	// tagCopy1 op is 4 bytes, which is why a length 3 copy has to be an
+	// encodes-as-3-bytes tagCopy2 instead of an encodes-as-2-bytes tagCopy1.
+	for length >= 68 {
+		// Emit a length 64 copy, encoded as 3 bytes.
+		dst[i+0] = 63<<2 | tagCopy2
+		dst[i+1] = uint8(offset)
+		dst[i+2] = uint8(offset >> 8)
+		i += 3
+		length -= 64
+	}
+	if length > 64 {
+		// Emit a length 60 copy, encoded as 3 bytes.
+		dst[i+0] = 59<<2 | tagCopy2
+		dst[i+1] = uint8(offset)
+		dst[i+2] = uint8(offset >> 8)
+		i += 3
+		length -= 60
+	}
+	if length >= 12 || offset >= 2048 {
+		// Emit the remaining copy, encoded as 3 bytes.
+		dst[i+0] = uint8(length-1)<<2 | tagCopy2
+		dst[i+1] = uint8(offset)
+		dst[i+2] = uint8(offset >> 8)
+		return i + 3
+	}
+	// Emit the remaining copy, encoded as 2 bytes.
+	dst[i+0] = uint8(offset>>8)<<5 | uint8(length-4)<<2 | tagCopy1
+	dst[i+1] = uint8(offset)
+	return i + 2
+}
+
+func hash(u, shift uint32) uint32 {
+	return (u * 0x1e35a7bd) >> shift
+}
+
+// EncodeBlockInto exposes encodeBlock but checks dst size.
+func EncodeBlockInto(dst, src []byte) (d int) {
+	if MaxEncodedLen(len(src)) > len(dst) {
+		return 0
+	}
+
+	// encodeBlock breaks on too big blocks, so split.
+	for len(src) > 0 {
+		p := src
+		src = nil
+		if len(p) > maxBlockSize {
+			p, src = p[:maxBlockSize], p[maxBlockSize:]
+		}
+		if len(p) < minNonLiteralBlockSize {
+			d += emitLiteral(dst[d:], p)
+		} else {
+			d += encodeBlock(dst[d:], p)
+		}
+	}
+	return d
+}
+
+// encodeBlock encodes a non-empty src to a guaranteed-large-enough dst. It
+// assumes that the varint-encoded length of the decompressed bytes has already
+// been written.
+//
+// It also assumes that:
+//
+//	len(dst) >= MaxEncodedLen(len(src)) &&
+//	minNonLiteralBlockSize <= len(src) && len(src) <= maxBlockSize
+func encodeBlock(dst, src []byte) (d int) {
+	// Initialize the hash table. Its size ranges from 1<<8 to 1<<14 inclusive.
+	// The table element type is uint16, as s < sLimit and sLimit < len(src)
+	// and len(src) <= maxBlockSize and maxBlockSize == 65536.
+	const (
+		maxTableSize = 1 << 14
+		// tableMask is redundant, but helps the compiler eliminate bounds
+		// checks.
+		tableMask = maxTableSize - 1
+	)
+	shift := uint32(32 - 8)
+	for tableSize := 1 << 8; tableSize < maxTableSize && tableSize < len(src); tableSize *= 2 {
+		shift--
+	}
+	// In Go, all array elements are zero-initialized, so there is no advantage
+	// to a smaller tableSize per se. However, it matches the C++ algorithm,
+	// and in the asm versions of this code, we can get away with zeroing only
+	// the first tableSize elements.
+	var table [maxTableSize]uint16
+
+	// sLimit is when to stop looking for offset/length copies. The inputMargin
+	// lets us use a fast path for emitLiteral in the main loop, while we are
+	// looking for copies.
+	sLimit := len(src) - inputMargin
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := 0
+
+	// The encoded form must start with a literal, as there are no previous
+	// bytes to copy, so we start looking for hash matches at s == 1.
+	s := 1
+	nextHash := hash(load32(src, s), shift)
+
+	for {
+		// Copied from the C++ snappy implementation:
+		//
+		// Heuristic match skipping: If 32 bytes are scanned with no matches
+		// found, start looking only at every other byte. If 32 more bytes are
+		// scanned (or skipped), look at every third byte, etc.. When a match
+		// is found, immediately go back to looking at every byte. This is a
+		// small loss (~5% performance, ~0.1% density) for compressible data
+		// due to more bookkeeping, but for non-compressible data (such as
+		// JPEG) it's a huge win since the compressor quickly "realizes" the
+		// data is incompressible and doesn't bother looking for matches
+		// everywhere.
+		//
+		// The "skip" variable keeps track of how many bytes there are since
+		// the last match; dividing it by 32 (ie. right-shifting by five) gives
+		// the number of bytes to move ahead for each iteration.
+		skip := 32
+
+		nextS := s
+		candidate := 0
+		for {
+			s = nextS
+			bytesBetweenHashLookups := skip >> 5
+			nextS = s + bytesBetweenHashLookups
+			skip += bytesBetweenHashLookups
+			if nextS > sLimit {
+				goto emitRemainder
+			}
+			candidate = int(table[nextHash&tableMask])
+			table[nextHash&tableMask] = uint16(s)
+			nextHash = hash(load32(src, nextS), shift)
+			if load32(src, s) == load32(src, candidate) {
+				break
+			}
+		}
+
+		// A 4-byte match has been found. We'll later see if more than 4 bytes
+		// match. But, prior to the match, src[nextEmit:s] are unmatched. Emit
+		// them as literal bytes.
+		d += emitLiteral(dst[d:], src[nextEmit:s])
+
+		// Call emitCopy, and then see if another emitCopy could be our next
+		// move. Repeat until we find no match for the input immediately after
+		// what was consumed by the last emitCopy call.
+		//
+		// If we exit this loop normally then we need to call emitLiteral next,
+		// though we don't yet know how big the literal will be. We handle that
+		// by proceeding to the next iteration of the main loop. We also can
+		// exit this loop via goto if we get close to exhausting the input.
+		for {
+			// Invariant: we have a 4-byte match at s, and no need to emit any
+			// literal bytes prior to s.
+			base := s
+
+			// Extend the 4-byte match as long as possible.
+			//
+			// This is an inlined version of:
+			//	s = extendMatch(src, candidate+4, s+4)
+			s += 4
+			for i := candidate + 4; s < len(src) && src[i] == src[s]; i, s = i+1, s+1 {
+			}
+
+			d += emitCopy(dst[d:], base-candidate, s-base)
+			nextEmit = s
+			if s >= sLimit {
+				goto emitRemainder
+			}
+
+			// We could immediately start working at s now, but to improve
+			// compression we first update the hash table at s-1 and at s. If
+			// another emitCopy is not our next move, also calculate nextHash
+			// at s+1. At least on GOARCH=amd64, these three hash calculations
+			// are faster as one load64 call (with some shifts) instead of
+			// three load32 calls.
+			x := load64(src, s-1)
+			prevHash := hash(uint32(x>>0), shift)
+			table[prevHash&tableMask] = uint16(s - 1)
+			currHash := hash(uint32(x>>8), shift)
+			candidate = int(table[currHash&tableMask])
+			table[currHash&tableMask] = uint16(s)
+			if uint32(x>>8) != load32(src, candidate) {
+				nextHash = hash(uint32(x>>16), shift)
+				s++
+				break
+			}
+		}
+	}
+
+emitRemainder:
+	if nextEmit < len(src) {
+		d += emitLiteral(dst[d:], src[nextEmit:])
+	}
+	return d
+}
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/snappy.go b/vendor/github.com/klauspost/compress/internal/snapref/snappy.go
new file mode 100644
index 000000000..34d01f4aa
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/internal/snapref/snappy.go
@@ -0,0 +1,98 @@
+// Copyright 2011 The Snappy-Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package snapref implements the Snappy compression format. It aims for very
+// high speeds and reasonable compression.
+//
+// There are actually two Snappy formats: block and stream. They are related,
+// but different: trying to decompress block-compressed data as a Snappy stream
+// will fail, and vice versa. The block format is the Decode and Encode
+// functions and the stream format is the Reader and Writer types.
+//
+// The block format, the more common case, is used when the complete size (the
+// number of bytes) of the original data is known upfront, at the time
+// compression starts. The stream format, also known as the framing format, is
+// for when that isn't always true.
+//
+// The canonical, C++ implementation is at https://github.com/google/snappy and
+// it only implements the block format.
+package snapref
+
+import (
+	"hash/crc32"
+)
+
+/*
+Each encoded block begins with the varint-encoded length of the decoded data,
+followed by a sequence of chunks. Chunks begin and end on byte boundaries. The
+first byte of each chunk is broken into its 2 least and 6 most significant bits
+called l and m: l ranges in [0, 4) and m ranges in [0, 64). l is the chunk tag.
+Zero means a literal tag. All other values mean a copy tag.
+
+For literal tags:
+  - If m < 60, the next 1 + m bytes are literal bytes.
+  - Otherwise, let n be the little-endian unsigned integer denoted by the next
+    m - 59 bytes. The next 1 + n bytes after that are literal bytes.
+
+For copy tags, length bytes are copied from offset bytes ago, in the style of
+Lempel-Ziv compression algorithms. In particular:
+  - For l == 1, the offset ranges in [0, 1<<11) and the length in [4, 12).
+    The length is 4 + the low 3 bits of m. The high 3 bits of m form bits 8-10
+    of the offset. The next byte is bits 0-7 of the offset.
+  - For l == 2, the offset ranges in [0, 1<<16) and the length in [1, 65).
+    The length is 1 + m. The offset is the little-endian unsigned integer
+    denoted by the next 2 bytes.
+  - For l == 3, this tag is a legacy format that is no longer issued by most
+    encoders. Nonetheless, the offset ranges in [0, 1<<32) and the length in
+    [1, 65). The length is 1 + m. The offset is the little-endian unsigned
+    integer denoted by the next 4 bytes.
+*/
+const (
+	tagLiteral = 0x00
+	tagCopy1   = 0x01
+	tagCopy2   = 0x02
+	tagCopy4   = 0x03
+)
+
+const (
+	checksumSize    = 4
+	chunkHeaderSize = 4
+	magicChunk      = "\xff\x06\x00\x00" + magicBody
+	magicBody       = "sNaPpY"
+
+	// maxBlockSize is the maximum size of the input to encodeBlock. It is not
+	// part of the wire format per se, but some parts of the encoder assume
+	// that an offset fits into a uint16.
+	//
+	// Also, for the framing format (Writer type instead of Encode function),
+	// https://github.com/google/snappy/blob/master/framing_format.txt says
+	// that "the uncompressed data in a chunk must be no longer than 65536
+	// bytes".
+	maxBlockSize = 65536
+
+	// maxEncodedLenOfMaxBlockSize equals MaxEncodedLen(maxBlockSize), but is
+	// hard coded to be a const instead of a variable, so that obufLen can also
+	// be a const. Their equivalence is confirmed by
+	// TestMaxEncodedLenOfMaxBlockSize.
+	maxEncodedLenOfMaxBlockSize = 76490
+
+	obufHeaderLen = len(magicChunk) + checksumSize + chunkHeaderSize
+	obufLen       = obufHeaderLen + maxEncodedLenOfMaxBlockSize
+)
+
+const (
+	chunkTypeCompressedData   = 0x00
+	chunkTypeUncompressedData = 0x01
+	chunkTypePadding          = 0xfe
+	chunkTypeStreamIdentifier = 0xff
+)
+
+var crcTable = crc32.MakeTable(crc32.Castagnoli)
+
+// crc implements the checksum specified in section 3 of
+// https://github.com/google/snappy/blob/master/framing_format.txt
+func crc(b []byte) uint32 {
+	c := crc32.Update(0, crcTable, b)
+	return uint32(c>>15|c<<17) + 0xa282ead8
+}
diff --git a/vendor/github.com/klauspost/compress/s2sx.mod b/vendor/github.com/klauspost/compress/s2sx.mod
new file mode 100644
index 000000000..5a4412f90
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/s2sx.mod
@@ -0,0 +1,4 @@
+module github.com/klauspost/compress
+
+go 1.19
+
diff --git a/vendor/github.com/klauspost/compress/s2sx.sum b/vendor/github.com/klauspost/compress/s2sx.sum
new file mode 100644
index 000000000..e69de29bb
diff --git a/vendor/github.com/klauspost/compress/zstd/README.md b/vendor/github.com/klauspost/compress/zstd/README.md
new file mode 100644
index 000000000..92e2347bb
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/README.md
@@ -0,0 +1,441 @@
+# zstd 
+
+[Zstandard](https://facebook.github.io/zstd/) is a real-time compression algorithm, providing high compression ratios. 
+It offers a very wide range of compression / speed trade-off, while being backed by a very fast decoder.
+A high performance compression algorithm is implemented. For now focused on speed. 
+
+This package provides [compression](#Compressor) to and [decompression](#Decompressor) of Zstandard content. 
+
+This package is pure Go and without use of "unsafe". 
+
+The `zstd` package is provided as open source software using a Go standard license.
+
+Currently the package is heavily optimized for 64 bit processors and will be significantly slower on 32 bit processors.
+
+For seekable zstd streams, see [this excellent package](https://github.com/SaveTheRbtz/zstd-seekable-format-go).
+
+## Installation
+
+Install using `go get -u github.com/klauspost/compress`. The package is located in `github.com/klauspost/compress/zstd`.
+
+[![Go Reference](https://pkg.go.dev/badge/github.com/klauspost/compress/zstd.svg)](https://pkg.go.dev/github.com/klauspost/compress/zstd)
+
+## Compressor
+
+### Status: 
+
+STABLE - there may always be subtle bugs, a wide variety of content has been tested and the library is actively 
+used by several projects. This library is being [fuzz-tested](https://github.com/klauspost/compress-fuzz) for all updates.
+
+There may still be specific combinations of data types/size/settings that could lead to edge cases, 
+so as always, testing is recommended.  
+
+For now, a high speed (fastest) and medium-fast (default) compressor has been implemented. 
+
+* The "Fastest" compression ratio is roughly equivalent to zstd level 1. 
+* The "Default" compression ratio is roughly equivalent to zstd level 3 (default).
+* The "Better" compression ratio is roughly equivalent to zstd level 7.
+* The "Best" compression ratio is roughly equivalent to zstd level 11.
+
+In terms of speed, it is typically 2x as fast as the stdlib deflate/gzip in its fastest mode. 
+The compression ratio compared to stdlib is around level 3, but usually 3x as fast.
+
+ 
+### Usage
+
+An Encoder can be used for either compressing a stream via the
+`io.WriteCloser` interface supported by the Encoder or as multiple independent
+tasks via the `EncodeAll` function.
+Smaller encodes are encouraged to use the EncodeAll function.
+Use `NewWriter` to create a new instance that can be used for both.
+
+To create a writer with default options, do like this:
+
+```Go
+// Compress input to output.
+func Compress(in io.Reader, out io.Writer) error {
+    enc, err := zstd.NewWriter(out)
+    if err != nil {
+        return err
+    }
+    _, err = io.Copy(enc, in)
+    if err != nil {
+        enc.Close()
+        return err
+    }
+    return enc.Close()
+}
+```
+
+Now you can encode by writing data to `enc`. The output will be finished writing when `Close()` is called.
+Even if your encode fails, you should still call `Close()` to release any resources that may be held up.  
+
+The above is fine for big encodes. However, whenever possible try to *reuse* the writer.
+
+To reuse the encoder, you can use the `Reset(io.Writer)` function to change to another output. 
+This will allow the encoder to reuse all resources and avoid wasteful allocations. 
+
+Currently stream encoding has 'light' concurrency, meaning up to 2 goroutines can be working on part 
+of a stream. This is independent of the `WithEncoderConcurrency(n)`, but that is likely to change 
+in the future. So if you want to limit concurrency for future updates, specify the concurrency
+you would like.
+
+If you would like stream encoding to be done without spawning async goroutines, use `WithEncoderConcurrency(1)`
+which will compress input as each block is completed, blocking on writes until each has completed.
+
+You can specify your desired compression level using `WithEncoderLevel()` option. Currently only pre-defined 
+compression settings can be specified.
+
+#### Future Compatibility Guarantees
+
+This will be an evolving project. When using this package it is important to note that both the compression efficiency and speed may change.
+
+The goal will be to keep the default efficiency at the default zstd (level 3). 
+However the encoding should never be assumed to remain the same, 
+and you should not use hashes of compressed output for similarity checks.
+
+The Encoder can be assumed to produce the same output from the exact same code version.
+However, the may be modes in the future that break this, 
+although they will not be enabled without an explicit option.   
+
+This encoder is not designed to (and will probably never) output the exact same bitstream as the reference encoder.
+
+Also note, that the cgo decompressor currently does not [report all errors on invalid input](https://github.com/DataDog/zstd/issues/59),
+[omits error checks](https://github.com/DataDog/zstd/issues/61), [ignores checksums](https://github.com/DataDog/zstd/issues/43) 
+and seems to ignore concatenated streams, even though [it is part of the spec](https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#frames).
+
+#### Blocks
+
+For compressing small blocks, the returned encoder has a function called `EncodeAll(src, dst []byte) []byte`.
+
+`EncodeAll` will encode all input in src and append it to dst.
+This function can be called concurrently. 
+Each call will only run on a same goroutine as the caller.
+
+Encoded blocks can be concatenated and the result will be the combined input stream.
+Data compressed with EncodeAll can be decoded with the Decoder, using either a stream or `DecodeAll`.
+
+Especially when encoding blocks you should take special care to reuse the encoder. 
+This will effectively make it run without allocations after a warmup period. 
+To make it run completely without allocations, supply a destination buffer with space for all content.   
+
+```Go
+import "github.com/klauspost/compress/zstd"
+
+// Create a writer that caches compressors.
+// For this operation type we supply a nil Reader.
+var encoder, _ = zstd.NewWriter(nil)
+
+// Compress a buffer. 
+// If you have a destination buffer, the allocation in the call can also be eliminated.
+func Compress(src []byte) []byte {
+    return encoder.EncodeAll(src, make([]byte, 0, len(src)))
+} 
+```
+
+You can control the maximum number of concurrent encodes using the `WithEncoderConcurrency(n)` 
+option when creating the writer.
+
+Using the Encoder for both a stream and individual blocks concurrently is safe. 
+
+### Performance
+
+I have collected some speed examples to compare speed and compression against other compressors.
+
+* `file` is the input file.
+* `out` is the compressor used. `zskp` is this package. `zstd` is the Datadog cgo library. `gzstd/gzkp` is gzip standard and this library.
+* `level` is the compression level used. For `zskp` level 1 is "fastest", level 2 is "default"; 3 is "better", 4 is "best".
+* `insize`/`outsize` is the input/output size.
+* `millis` is the number of milliseconds used for compression.
+* `mb/s` is megabytes (2^20 bytes) per second.
+
+```
+Silesia Corpus:
+http://sun.aei.polsl.pl/~sdeor/corpus/silesia.zip
+
+This package:
+file    out     level   insize      outsize     millis  mb/s
+silesia.tar zskp    1   211947520   73821326    634     318.47
+silesia.tar zskp    2   211947520   67655404    1508    133.96
+silesia.tar zskp    3   211947520   64746933    3000    67.37
+silesia.tar zskp    4   211947520   60073508    16926   11.94
+
+cgo zstd:
+silesia.tar zstd    1   211947520   73605392    543     371.56
+silesia.tar zstd    3   211947520   66793289    864     233.68
+silesia.tar zstd    6   211947520   62916450    1913    105.66
+silesia.tar zstd    9   211947520   60212393    5063    39.92
+
+gzip, stdlib/this package:
+silesia.tar gzstd   1   211947520   80007735    1498    134.87
+silesia.tar gzkp    1   211947520   80088272    1009    200.31
+
+GOB stream of binary data. Highly compressible.
+https://files.klauspost.com/compress/gob-stream.7z
+
+file        out     level   insize  outsize     millis  mb/s
+gob-stream  zskp    1   1911399616  233948096   3230    564.34
+gob-stream  zskp    2   1911399616  203997694   4997    364.73
+gob-stream  zskp    3   1911399616  173526523   13435   135.68
+gob-stream  zskp    4   1911399616  162195235   47559   38.33
+
+gob-stream  zstd    1   1911399616  249810424   2637    691.26
+gob-stream  zstd    3   1911399616  208192146   3490    522.31
+gob-stream  zstd    6   1911399616  193632038   6687    272.56
+gob-stream  zstd    9   1911399616  177620386   16175   112.70
+
+gob-stream  gzstd   1   1911399616  357382013   9046    201.49
+gob-stream  gzkp    1   1911399616  359136669   4885    373.08
+
+The test data for the Large Text Compression Benchmark is the first
+10^9 bytes of the English Wikipedia dump on Mar. 3, 2006.
+http://mattmahoney.net/dc/textdata.html
+
+file    out level   insize      outsize     millis  mb/s
+enwik9  zskp    1   1000000000  343833605   3687    258.64
+enwik9  zskp    2   1000000000  317001237   7672    124.29
+enwik9  zskp    3   1000000000  291915823   15923   59.89
+enwik9  zskp    4   1000000000  261710291   77697   12.27
+
+enwik9  zstd    1   1000000000  358072021   3110    306.65
+enwik9  zstd    3   1000000000  313734672   4784    199.35
+enwik9  zstd    6   1000000000  295138875   10290   92.68
+enwik9  zstd    9   1000000000  278348700   28549   33.40
+
+enwik9  gzstd   1   1000000000  382578136   8608    110.78
+enwik9  gzkp    1   1000000000  382781160   5628    169.45
+
+Highly compressible JSON file.
+https://files.klauspost.com/compress/github-june-2days-2019.json.zst
+
+file                        out level   insize      outsize     millis  mb/s
+github-june-2days-2019.json zskp    1   6273951764  697439532   9789    611.17
+github-june-2days-2019.json zskp    2   6273951764  610876538   18553   322.49
+github-june-2days-2019.json zskp    3   6273951764  517662858   44186   135.41
+github-june-2days-2019.json zskp    4   6273951764  464617114   165373  36.18
+
+github-june-2days-2019.json zstd    1   6273951764  766284037   8450    708.00
+github-june-2days-2019.json zstd    3   6273951764  661889476   10927   547.57
+github-june-2days-2019.json zstd    6   6273951764  642756859   22996   260.18
+github-june-2days-2019.json zstd    9   6273951764  601974523   52413   114.16
+
+github-june-2days-2019.json gzstd   1   6273951764  1164397768  26793   223.32
+github-june-2days-2019.json gzkp    1   6273951764  1120631856  17693   338.16
+
+VM Image, Linux mint with a few installed applications:
+https://files.klauspost.com/compress/rawstudio-mint14.7z
+
+file                    out level   insize      outsize     millis  mb/s
+rawstudio-mint14.tar    zskp    1   8558382592  3718400221  18206   448.29
+rawstudio-mint14.tar    zskp    2   8558382592  3326118337  37074   220.15
+rawstudio-mint14.tar    zskp    3   8558382592  3163842361  87306   93.49
+rawstudio-mint14.tar    zskp    4   8558382592  2970480650  783862  10.41
+
+rawstudio-mint14.tar    zstd    1   8558382592  3609250104  17136   476.27
+rawstudio-mint14.tar    zstd    3   8558382592  3341679997  29262   278.92
+rawstudio-mint14.tar    zstd    6   8558382592  3235846406  77904   104.77
+rawstudio-mint14.tar    zstd    9   8558382592  3160778861  140946  57.91
+
+rawstudio-mint14.tar    gzstd   1   8558382592  3926234992  51345   158.96
+rawstudio-mint14.tar    gzkp    1   8558382592  3960117298  36722   222.26
+
+CSV data:
+https://files.klauspost.com/compress/nyc-taxi-data-10M.csv.zst
+
+file                    out level   insize      outsize     millis  mb/s
+nyc-taxi-data-10M.csv   zskp    1   3325605752  641319332   9462    335.17
+nyc-taxi-data-10M.csv   zskp    2   3325605752  588976126   17570   180.50
+nyc-taxi-data-10M.csv   zskp    3   3325605752  529329260   32432   97.79
+nyc-taxi-data-10M.csv   zskp    4   3325605752  474949772   138025  22.98
+
+nyc-taxi-data-10M.csv   zstd    1   3325605752  687399637   8233    385.18
+nyc-taxi-data-10M.csv   zstd    3   3325605752  598514411   10065   315.07
+nyc-taxi-data-10M.csv   zstd    6   3325605752  570522953   20038   158.27
+nyc-taxi-data-10M.csv   zstd    9   3325605752  517554797   64565   49.12
+
+nyc-taxi-data-10M.csv   gzstd   1   3325605752  928654908   21270   149.11
+nyc-taxi-data-10M.csv   gzkp    1   3325605752  922273214   13929   227.68
+```
+
+## Decompressor
+
+Status: STABLE - there may still be subtle bugs, but a wide variety of content has been tested.
+
+This library is being continuously [fuzz-tested](https://github.com/klauspost/compress-fuzz),
+kindly supplied by [fuzzit.dev](https://fuzzit.dev/). 
+The main purpose of the fuzz testing is to ensure that it is not possible to crash the decoder, 
+or run it past its limits with ANY input provided.  
+ 
+### Usage
+
+The package has been designed for two main usages, big streams of data and smaller in-memory buffers. 
+There are two main usages of the package for these. Both of them are accessed by creating a `Decoder`.
+
+For streaming use a simple setup could look like this:
+
+```Go
+import "github.com/klauspost/compress/zstd"
+
+func Decompress(in io.Reader, out io.Writer) error {
+    d, err := zstd.NewReader(in)
+    if err != nil {
+        return err
+    }
+    defer d.Close()
+    
+    // Copy content...
+    _, err = io.Copy(out, d)
+    return err
+}
+```
+
+It is important to use the "Close" function when you no longer need the Reader to stop running goroutines, 
+when running with default settings.
+Goroutines will exit once an error has been returned, including `io.EOF` at the end of a stream.
+
+Streams are decoded concurrently in 4 asynchronous stages to give the best possible throughput.
+However, if you prefer synchronous decompression, use `WithDecoderConcurrency(1)` which will decompress data 
+as it is being requested only.
+
+For decoding buffers, it could look something like this:
+
+```Go
+import "github.com/klauspost/compress/zstd"
+
+// Create a reader that caches decompressors.
+// For this operation type we supply a nil Reader.
+var decoder, _ = zstd.NewReader(nil, zstd.WithDecoderConcurrency(0))
+
+// Decompress a buffer. We don't supply a destination buffer,
+// so it will be allocated by the decoder.
+func Decompress(src []byte) ([]byte, error) {
+    return decoder.DecodeAll(src, nil)
+} 
+```
+
+Both of these cases should provide the functionality needed. 
+The decoder can be used for *concurrent* decompression of multiple buffers.
+By default 4 decompressors will be created. 
+
+It will only allow a certain number of concurrent operations to run. 
+To tweak that yourself use the `WithDecoderConcurrency(n)` option when creating the decoder.
+It is possible to use `WithDecoderConcurrency(0)` to create GOMAXPROCS decoders.
+
+### Dictionaries
+
+Data compressed with [dictionaries](https://github.com/facebook/zstd#the-case-for-small-data-compression) can be decompressed.
+
+Dictionaries are added individually to Decoders.
+Dictionaries are generated by the `zstd --train` command and contains an initial state for the decoder.
+To add a dictionary use the `WithDecoderDicts(dicts ...[]byte)` option with the dictionary data.
+Several dictionaries can be added at once.
+
+The dictionary will be used automatically for the data that specifies them.
+A re-used Decoder will still contain the dictionaries registered.
+
+When registering multiple dictionaries with the same ID, the last one will be used.
+
+It is possible to use dictionaries when compressing data.
+
+To enable a dictionary use `WithEncoderDict(dict []byte)`. Here only one dictionary will be used 
+and it will likely be used even if it doesn't improve compression. 
+
+The used dictionary must be used to decompress the content.
+
+For any real gains, the dictionary should be built with similar data. 
+If an unsuitable dictionary is used the output may be slightly larger than using no dictionary.
+Use the [zstd commandline tool](https://github.com/facebook/zstd/releases) to build a dictionary from sample data.
+For information see [zstd dictionary information](https://github.com/facebook/zstd#the-case-for-small-data-compression). 
+
+For now there is a fixed startup performance penalty for compressing content with dictionaries. 
+This will likely be improved over time. Just be aware to test performance when implementing.  
+
+### Allocation-less operation
+
+The decoder has been designed to operate without allocations after a warmup. 
+
+This means that you should *store* the decoder for best performance. 
+To re-use a stream decoder, use the `Reset(r io.Reader) error` to switch to another stream.
+A decoder can safely be re-used even if the previous stream failed.
+
+To release the resources, you must call the `Close()` function on a decoder.
+After this it can *no longer be reused*, but all running goroutines will be stopped.
+So you *must* use this if you will no longer need the Reader.
+
+For decompressing smaller buffers a single decoder can be used.
+When decoding buffers, you can supply a destination slice with length 0 and your expected capacity.
+In this case no unneeded allocations should be made. 
+
+### Concurrency
+
+The buffer decoder does everything on the same goroutine and does nothing concurrently.
+It can however decode several buffers concurrently. Use `WithDecoderConcurrency(n)` to limit that.
+
+The stream decoder will create goroutines that:
+
+1) Reads input and splits the input into blocks.
+2) Decompression of literals.
+3) Decompression of sequences.
+4) Reconstruction of output stream.
+
+So effectively this also means the decoder will "read ahead" and prepare data to always be available for output.
+
+The concurrency level will, for streams, determine how many blocks ahead the compression will start.
+
+Since "blocks" are quite dependent on the output of the previous block stream decoding will only have limited concurrency.
+
+In practice this means that concurrency is often limited to utilizing about 3 cores effectively.
+  
+### Benchmarks
+
+The first two are streaming decodes and the last are smaller inputs. 
+
+Running on AMD Ryzen 9 3950X 16-Core Processor. AMD64 assembly used.
+
+```
+BenchmarkDecoderSilesia-32    	                   5	 206878840 ns/op	1024.50 MB/s	   49808 B/op	      43 allocs/op
+BenchmarkDecoderEnwik9-32                          1	1271809000 ns/op	 786.28 MB/s	   72048 B/op	      52 allocs/op
+
+Concurrent blocks, performance:
+
+BenchmarkDecoder_DecodeAllParallel/kppkn.gtb.zst-32         	   67356	     17857 ns/op	10321.96 MB/s	        22.48 pct	     102 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/geo.protodata.zst-32     	  266656	      4421 ns/op	26823.21 MB/s	        11.89 pct	      19 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/plrabn12.txt.zst-32      	   20992	     56842 ns/op	8477.17 MB/s	        39.90 pct	     754 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/lcet10.txt.zst-32        	   27456	     43932 ns/op	9714.01 MB/s	        33.27 pct	     524 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/asyoulik.txt.zst-32      	   78432	     15047 ns/op	8319.15 MB/s	        40.34 pct	      66 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/alice29.txt.zst-32       	   65800	     18436 ns/op	8249.63 MB/s	        37.75 pct	      88 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/html_x_4.zst-32          	  102993	     11523 ns/op	35546.09 MB/s	         3.637 pct	     143 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/paper-100k.pdf.zst-32    	 1000000	      1070 ns/op	95720.98 MB/s	        80.53 pct	       3 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/fireworks.jpeg.zst-32    	  749802	      1752 ns/op	70272.35 MB/s	       100.0 pct	       5 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/urls.10K.zst-32          	   22640	     52934 ns/op	13263.37 MB/s	        26.25 pct	    1014 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/html.zst-32              	  226412	      5232 ns/op	19572.27 MB/s	        14.49 pct	      20 B/op	       0 allocs/op
+BenchmarkDecoder_DecodeAllParallel/comp-data.bin.zst-32     	  923041	      1276 ns/op	3194.71 MB/s	        31.26 pct	       0 B/op	       0 allocs/op
+```
+
+This reflects the performance around May 2022, but this may be out of date.
+
+## Zstd inside ZIP files
+
+It is possible to use zstandard to compress individual files inside zip archives.
+While this isn't widely supported it can be useful for internal files.
+
+To support the compression and decompression of these files you must register a compressor and decompressor.
+
+It is highly recommended registering the (de)compressors on individual zip Reader/Writer and NOT
+use the global registration functions. The main reason for this is that 2 registrations from 
+different packages will result in a panic.
+
+It is a good idea to only have a single compressor and decompressor, since they can be used for multiple zip
+files concurrently, and using a single instance will allow reusing some resources.
+
+See [this example](https://pkg.go.dev/github.com/klauspost/compress/zstd#example-ZipCompressor) for 
+how to compress and decompress files inside zip archives.
+
+# Contributions
+
+Contributions are always welcome. 
+For new features/fixes, remember to add tests and for performance enhancements include benchmarks.
+
+For general feedback and experience reports, feel free to open an issue or write me on [Twitter](https://twitter.com/sh0dan).
+
+This package includes the excellent [`github.com/cespare/xxhash`](https://github.com/cespare/xxhash) package Copyright (c) 2016 Caleb Spare.
diff --git a/vendor/github.com/klauspost/compress/zstd/bitreader.go b/vendor/github.com/klauspost/compress/zstd/bitreader.go
new file mode 100644
index 000000000..25ca98394
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/bitreader.go
@@ -0,0 +1,136 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"io"
+	"math/bits"
+)
+
+// bitReader reads a bitstream in reverse.
+// The last set bit indicates the start of the stream and is used
+// for aligning the input.
+type bitReader struct {
+	in       []byte
+	value    uint64 // Maybe use [16]byte, but shifting is awkward.
+	bitsRead uint8
+}
+
+// init initializes and resets the bit reader.
+func (b *bitReader) init(in []byte) error {
+	if len(in) < 1 {
+		return errors.New("corrupt stream: too short")
+	}
+	b.in = in
+	// The highest bit of the last byte indicates where to start
+	v := in[len(in)-1]
+	if v == 0 {
+		return errors.New("corrupt stream, did not find end of stream")
+	}
+	b.bitsRead = 64
+	b.value = 0
+	if len(in) >= 8 {
+		b.fillFastStart()
+	} else {
+		b.fill()
+		b.fill()
+	}
+	b.bitsRead += 8 - uint8(highBits(uint32(v)))
+	return nil
+}
+
+// getBits will return n bits. n can be 0.
+func (b *bitReader) getBits(n uint8) int {
+	if n == 0 /*|| b.bitsRead >= 64 */ {
+		return 0
+	}
+	return int(b.get32BitsFast(n))
+}
+
+// get32BitsFast requires that at least one bit is requested every time.
+// There are no checks if the buffer is filled.
+func (b *bitReader) get32BitsFast(n uint8) uint32 {
+	const regMask = 64 - 1
+	v := uint32((b.value << (b.bitsRead & regMask)) >> ((regMask + 1 - n) & regMask))
+	b.bitsRead += n
+	return v
+}
+
+// fillFast() will make sure at least 32 bits are available.
+// There must be at least 4 bytes available.
+func (b *bitReader) fillFast() {
+	if b.bitsRead < 32 {
+		return
+	}
+	v := b.in[len(b.in)-4:]
+	b.in = b.in[:len(b.in)-4]
+	low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+	b.value = (b.value << 32) | uint64(low)
+	b.bitsRead -= 32
+}
+
+// fillFastStart() assumes the bitreader is empty and there is at least 8 bytes to read.
+func (b *bitReader) fillFastStart() {
+	v := b.in[len(b.in)-8:]
+	b.in = b.in[:len(b.in)-8]
+	b.value = binary.LittleEndian.Uint64(v)
+	b.bitsRead = 0
+}
+
+// fill() will make sure at least 32 bits are available.
+func (b *bitReader) fill() {
+	if b.bitsRead < 32 {
+		return
+	}
+	if len(b.in) >= 4 {
+		v := b.in[len(b.in)-4:]
+		b.in = b.in[:len(b.in)-4]
+		low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
+		b.value = (b.value << 32) | uint64(low)
+		b.bitsRead -= 32
+		return
+	}
+
+	b.bitsRead -= uint8(8 * len(b.in))
+	for len(b.in) > 0 {
+		b.value = (b.value << 8) | uint64(b.in[len(b.in)-1])
+		b.in = b.in[:len(b.in)-1]
+	}
+}
+
+// finished returns true if all bits have been read from the bit stream.
+func (b *bitReader) finished() bool {
+	return len(b.in) == 0 && b.bitsRead >= 64
+}
+
+// overread returns true if more bits have been requested than is on the stream.
+func (b *bitReader) overread() bool {
+	return b.bitsRead > 64
+}
+
+// remain returns the number of bits remaining.
+func (b *bitReader) remain() uint {
+	return 8*uint(len(b.in)) + 64 - uint(b.bitsRead)
+}
+
+// close the bitstream and returns an error if out-of-buffer reads occurred.
+func (b *bitReader) close() error {
+	// Release reference.
+	b.in = nil
+	if !b.finished() {
+		return fmt.Errorf("%d extra bits on block, should be 0", b.remain())
+	}
+	if b.bitsRead > 64 {
+		return io.ErrUnexpectedEOF
+	}
+	return nil
+}
+
+func highBits(val uint32) (n uint32) {
+	return uint32(bits.Len32(val) - 1)
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/bitwriter.go b/vendor/github.com/klauspost/compress/zstd/bitwriter.go
new file mode 100644
index 000000000..1952f175b
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/bitwriter.go
@@ -0,0 +1,112 @@
+// Copyright 2018 Klaus Post. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
+
+package zstd
+
+// bitWriter will write bits.
+// First bit will be LSB of the first byte of output.
+type bitWriter struct {
+	bitContainer uint64
+	nBits        uint8
+	out          []byte
+}
+
+// bitMask16 is bitmasks. Has extra to avoid bounds check.
+var bitMask16 = [32]uint16{
+	0, 1, 3, 7, 0xF, 0x1F,
+	0x3F, 0x7F, 0xFF, 0x1FF, 0x3FF, 0x7FF,
+	0xFFF, 0x1FFF, 0x3FFF, 0x7FFF, 0xFFFF, 0xFFFF,
+	0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF,
+	0xFFFF, 0xFFFF} /* up to 16 bits */
+
+var bitMask32 = [32]uint32{
+	0, 1, 3, 7, 0xF, 0x1F, 0x3F, 0x7F, 0xFF,
+	0x1FF, 0x3FF, 0x7FF, 0xFFF, 0x1FFF, 0x3FFF, 0x7FFF, 0xFFFF,
+	0x1ffff, 0x3ffff, 0x7FFFF, 0xfFFFF, 0x1fFFFF, 0x3fFFFF, 0x7fFFFF, 0xffFFFF,
+	0x1ffFFFF, 0x3ffFFFF, 0x7ffFFFF, 0xfffFFFF, 0x1fffFFFF, 0x3fffFFFF, 0x7fffFFFF,
+} // up to 32 bits
+
+// addBits16NC will add up to 16 bits.
+// It will not check if there is space for them,
+// so the caller must ensure that it has flushed recently.
+func (b *bitWriter) addBits16NC(value uint16, bits uint8) {
+	b.bitContainer |= uint64(value&bitMask16[bits&31]) << (b.nBits & 63)
+	b.nBits += bits
+}
+
+// addBits32NC will add up to 31 bits.
+// It will not check if there is space for them,
+// so the caller must ensure that it has flushed recently.
+func (b *bitWriter) addBits32NC(value uint32, bits uint8) {
+	b.bitContainer |= uint64(value&bitMask32[bits&31]) << (b.nBits & 63)
+	b.nBits += bits
+}
+
+// addBits64NC will add up to 64 bits.
+// There must be space for 32 bits.
+func (b *bitWriter) addBits64NC(value uint64, bits uint8) {
+	if bits <= 31 {
+		b.addBits32Clean(uint32(value), bits)
+		return
+	}
+	b.addBits32Clean(uint32(value), 32)
+	b.flush32()
+	b.addBits32Clean(uint32(value>>32), bits-32)
+}
+
+// addBits32Clean will add up to 32 bits.
+// It will not check if there is space for them.
+// The input must not contain more bits than specified.
+func (b *bitWriter) addBits32Clean(value uint32, bits uint8) {
+	b.bitContainer |= uint64(value) << (b.nBits & 63)
+	b.nBits += bits
+}
+
+// addBits16Clean will add up to 16 bits. value may not contain more set bits than indicated.
+// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
+func (b *bitWriter) addBits16Clean(value uint16, bits uint8) {
+	b.bitContainer |= uint64(value) << (b.nBits & 63)
+	b.nBits += bits
+}
+
+// flush32 will flush out, so there are at least 32 bits available for writing.
+func (b *bitWriter) flush32() {
+	if b.nBits < 32 {
+		return
+	}
+	b.out = append(b.out,
+		byte(b.bitContainer),
+		byte(b.bitContainer>>8),
+		byte(b.bitContainer>>16),
+		byte(b.bitContainer>>24))
+	b.nBits -= 32
+	b.bitContainer >>= 32
+}
+
+// flushAlign will flush remaining full bytes and align to next byte boundary.
+func (b *bitWriter) flushAlign() {
+	nbBytes := (b.nBits + 7) >> 3
+	for i := uint8(0); i < nbBytes; i++ {
+		b.out = append(b.out, byte(b.bitContainer>>(i*8)))
+	}
+	b.nBits = 0
+	b.bitContainer = 0
+}
+
+// close will write the alignment bit and write the final byte(s)
+// to the output.
+func (b *bitWriter) close() {
+	// End mark
+	b.addBits16Clean(1, 1)
+	// flush until next byte.
+	b.flushAlign()
+}
+
+// reset and continue writing by appending to out.
+func (b *bitWriter) reset(out []byte) {
+	b.bitContainer = 0
+	b.nBits = 0
+	b.out = out
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/blockdec.go b/vendor/github.com/klauspost/compress/zstd/blockdec.go
new file mode 100644
index 000000000..9c28840c3
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/blockdec.go
@@ -0,0 +1,731 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"bytes"
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"hash/crc32"
+	"io"
+	"os"
+	"path/filepath"
+	"sync"
+
+	"github.com/klauspost/compress/huff0"
+	"github.com/klauspost/compress/zstd/internal/xxhash"
+)
+
+type blockType uint8
+
+//go:generate stringer -type=blockType,literalsBlockType,seqCompMode,tableIndex
+
+const (
+	blockTypeRaw blockType = iota
+	blockTypeRLE
+	blockTypeCompressed
+	blockTypeReserved
+)
+
+type literalsBlockType uint8
+
+const (
+	literalsBlockRaw literalsBlockType = iota
+	literalsBlockRLE
+	literalsBlockCompressed
+	literalsBlockTreeless
+)
+
+const (
+	// maxCompressedBlockSize is the biggest allowed compressed block size (128KB)
+	maxCompressedBlockSize = 128 << 10
+
+	compressedBlockOverAlloc    = 16
+	maxCompressedBlockSizeAlloc = 128<<10 + compressedBlockOverAlloc
+
+	// Maximum possible block size (all Raw+Uncompressed).
+	maxBlockSize = (1 << 21) - 1
+
+	maxMatchLen  = 131074
+	maxSequences = 0x7f00 + 0xffff
+
+	// We support slightly less than the reference decoder to be able to
+	// use ints on 32 bit archs.
+	maxOffsetBits = 30
+)
+
+var (
+	huffDecoderPool = sync.Pool{New: func() interface{} {
+		return &huff0.Scratch{}
+	}}
+
+	fseDecoderPool = sync.Pool{New: func() interface{} {
+		return &fseDecoder{}
+	}}
+)
+
+type blockDec struct {
+	// Raw source data of the block.
+	data        []byte
+	dataStorage []byte
+
+	// Destination of the decoded data.
+	dst []byte
+
+	// Buffer for literals data.
+	literalBuf []byte
+
+	// Window size of the block.
+	WindowSize uint64
+
+	err error
+
+	// Check against this crc, if hasCRC is true.
+	checkCRC uint32
+	hasCRC   bool
+
+	// Frame to use for singlethreaded decoding.
+	// Should not be used by the decoder itself since parent may be another frame.
+	localFrame *frameDec
+
+	sequence []seqVals
+
+	async struct {
+		newHist  *history
+		literals []byte
+		seqData  []byte
+		seqSize  int // Size of uncompressed sequences
+		fcs      uint64
+	}
+
+	// Block is RLE, this is the size.
+	RLESize uint32
+
+	Type blockType
+
+	// Is this the last block of a frame?
+	Last bool
+
+	// Use less memory
+	lowMem bool
+}
+
+func (b *blockDec) String() string {
+	if b == nil {
+		return ""
+	}
+	return fmt.Sprintf("Steam Size: %d, Type: %v, Last: %t, Window: %d", len(b.data), b.Type, b.Last, b.WindowSize)
+}
+
+func newBlockDec(lowMem bool) *blockDec {
+	b := blockDec{
+		lowMem: lowMem,
+	}
+	return &b
+}
+
+// reset will reset the block.
+// Input must be a start of a block and will be at the end of the block when returned.
+func (b *blockDec) reset(br byteBuffer, windowSize uint64) error {
+	b.WindowSize = windowSize
+	tmp, err := br.readSmall(3)
+	if err != nil {
+		println("Reading block header:", err)
+		return err
+	}
+	bh := uint32(tmp[0]) | (uint32(tmp[1]) << 8) | (uint32(tmp[2]) << 16)
+	b.Last = bh&1 != 0
+	b.Type = blockType((bh >> 1) & 3)
+	// find size.
+	cSize := int(bh >> 3)
+	maxSize := maxCompressedBlockSizeAlloc
+	switch b.Type {
+	case blockTypeReserved:
+		return ErrReservedBlockType
+	case blockTypeRLE:
+		if cSize > maxCompressedBlockSize || cSize > int(b.WindowSize) {
+			if debugDecoder {
+				printf("rle block too big: csize:%d block: %+v\n", uint64(cSize), b)
+			}
+			return ErrWindowSizeExceeded
+		}
+		b.RLESize = uint32(cSize)
+		if b.lowMem {
+			maxSize = cSize
+		}
+		cSize = 1
+	case blockTypeCompressed:
+		if debugDecoder {
+			println("Data size on stream:", cSize)
+		}
+		b.RLESize = 0
+		maxSize = maxCompressedBlockSizeAlloc
+		if windowSize < maxCompressedBlockSize && b.lowMem {
+			maxSize = int(windowSize) + compressedBlockOverAlloc
+		}
+		if cSize > maxCompressedBlockSize || uint64(cSize) > b.WindowSize {
+			if debugDecoder {
+				printf("compressed block too big: csize:%d block: %+v\n", uint64(cSize), b)
+			}
+			return ErrCompressedSizeTooBig
+		}
+		// Empty compressed blocks must at least be 2 bytes
+		// for Literals_Block_Type and one for Sequences_Section_Header.
+		if cSize < 2 {
+			return ErrBlockTooSmall
+		}
+	case blockTypeRaw:
+		if cSize > maxCompressedBlockSize || cSize > int(b.WindowSize) {
+			if debugDecoder {
+				printf("rle block too big: csize:%d block: %+v\n", uint64(cSize), b)
+			}
+			return ErrWindowSizeExceeded
+		}
+
+		b.RLESize = 0
+		// We do not need a destination for raw blocks.
+		maxSize = -1
+	default:
+		panic("Invalid block type")
+	}
+
+	// Read block data.
+	if _, ok := br.(*byteBuf); !ok && cap(b.dataStorage) < cSize {
+		// byteBuf doesn't need a destination buffer.
+		if b.lowMem || cSize > maxCompressedBlockSize {
+			b.dataStorage = make([]byte, 0, cSize+compressedBlockOverAlloc)
+		} else {
+			b.dataStorage = make([]byte, 0, maxCompressedBlockSizeAlloc)
+		}
+	}
+	b.data, err = br.readBig(cSize, b.dataStorage)
+	if err != nil {
+		if debugDecoder {
+			println("Reading block:", err, "(", cSize, ")", len(b.data))
+			printf("%T", br)
+		}
+		return err
+	}
+	if cap(b.dst) <= maxSize {
+		b.dst = make([]byte, 0, maxSize+1)
+	}
+	return nil
+}
+
+// sendEOF will make the decoder send EOF on this frame.
+func (b *blockDec) sendErr(err error) {
+	b.Last = true
+	b.Type = blockTypeReserved
+	b.err = err
+}
+
+// Close will release resources.
+// Closed blockDec cannot be reset.
+func (b *blockDec) Close() {
+}
+
+// decodeBuf
+func (b *blockDec) decodeBuf(hist *history) error {
+	switch b.Type {
+	case blockTypeRLE:
+		if cap(b.dst) < int(b.RLESize) {
+			if b.lowMem {
+				b.dst = make([]byte, b.RLESize)
+			} else {
+				b.dst = make([]byte, maxCompressedBlockSize)
+			}
+		}
+		b.dst = b.dst[:b.RLESize]
+		v := b.data[0]
+		for i := range b.dst {
+			b.dst[i] = v
+		}
+		hist.appendKeep(b.dst)
+		return nil
+	case blockTypeRaw:
+		hist.appendKeep(b.data)
+		return nil
+	case blockTypeCompressed:
+		saved := b.dst
+		// Append directly to history
+		if hist.ignoreBuffer == 0 {
+			b.dst = hist.b
+			hist.b = nil
+		} else {
+			b.dst = b.dst[:0]
+		}
+		err := b.decodeCompressed(hist)
+		if debugDecoder {
+			println("Decompressed to total", len(b.dst), "bytes, hash:", xxhash.Sum64(b.dst), "error:", err)
+		}
+		if hist.ignoreBuffer == 0 {
+			hist.b = b.dst
+			b.dst = saved
+		} else {
+			hist.appendKeep(b.dst)
+		}
+		return err
+	case blockTypeReserved:
+		// Used for returning errors.
+		return b.err
+	default:
+		panic("Invalid block type")
+	}
+}
+
+func (b *blockDec) decodeLiterals(in []byte, hist *history) (remain []byte, err error) {
+	// There must be at least one byte for Literals_Block_Type and one for Sequences_Section_Header
+	if len(in) < 2 {
+		return in, ErrBlockTooSmall
+	}
+
+	litType := literalsBlockType(in[0] & 3)
+	var litRegenSize int
+	var litCompSize int
+	sizeFormat := (in[0] >> 2) & 3
+	var fourStreams bool
+	var literals []byte
+	switch litType {
+	case literalsBlockRaw, literalsBlockRLE:
+		switch sizeFormat {
+		case 0, 2:
+			// Regenerated_Size uses 5 bits (0-31). Literals_Section_Header uses 1 byte.
+			litRegenSize = int(in[0] >> 3)
+			in = in[1:]
+		case 1:
+			// Regenerated_Size uses 12 bits (0-4095). Literals_Section_Header uses 2 bytes.
+			litRegenSize = int(in[0]>>4) + (int(in[1]) << 4)
+			in = in[2:]
+		case 3:
+			//  Regenerated_Size uses 20 bits (0-1048575). Literals_Section_Header uses 3 bytes.
+			if len(in) < 3 {
+				println("too small: litType:", litType, " sizeFormat", sizeFormat, len(in))
+				return in, ErrBlockTooSmall
+			}
+			litRegenSize = int(in[0]>>4) + (int(in[1]) << 4) + (int(in[2]) << 12)
+			in = in[3:]
+		}
+	case literalsBlockCompressed, literalsBlockTreeless:
+		switch sizeFormat {
+		case 0, 1:
+			// Both Regenerated_Size and Compressed_Size use 10 bits (0-1023).
+			if len(in) < 3 {
+				println("too small: litType:", litType, " sizeFormat", sizeFormat, len(in))
+				return in, ErrBlockTooSmall
+			}
+			n := uint64(in[0]>>4) + (uint64(in[1]) << 4) + (uint64(in[2]) << 12)
+			litRegenSize = int(n & 1023)
+			litCompSize = int(n >> 10)
+			fourStreams = sizeFormat == 1
+			in = in[3:]
+		case 2:
+			fourStreams = true
+			if len(in) < 4 {
+				println("too small: litType:", litType, " sizeFormat", sizeFormat, len(in))
+				return in, ErrBlockTooSmall
+			}
+			n := uint64(in[0]>>4) + (uint64(in[1]) << 4) + (uint64(in[2]) << 12) + (uint64(in[3]) << 20)
+			litRegenSize = int(n & 16383)
+			litCompSize = int(n >> 14)
+			in = in[4:]
+		case 3:
+			fourStreams = true
+			if len(in) < 5 {
+				println("too small: litType:", litType, " sizeFormat", sizeFormat, len(in))
+				return in, ErrBlockTooSmall
+			}
+			n := uint64(in[0]>>4) + (uint64(in[1]) << 4) + (uint64(in[2]) << 12) + (uint64(in[3]) << 20) + (uint64(in[4]) << 28)
+			litRegenSize = int(n & 262143)
+			litCompSize = int(n >> 18)
+			in = in[5:]
+		}
+	}
+	if debugDecoder {
+		println("literals type:", litType, "litRegenSize:", litRegenSize, "litCompSize:", litCompSize, "sizeFormat:", sizeFormat, "4X:", fourStreams)
+	}
+	if litRegenSize > int(b.WindowSize) || litRegenSize > maxCompressedBlockSize {
+		return in, ErrWindowSizeExceeded
+	}
+
+	switch litType {
+	case literalsBlockRaw:
+		if len(in) < litRegenSize {
+			println("too small: litType:", litType, " sizeFormat", sizeFormat, "remain:", len(in), "want:", litRegenSize)
+			return in, ErrBlockTooSmall
+		}
+		literals = in[:litRegenSize]
+		in = in[litRegenSize:]
+		//printf("Found %d uncompressed literals\n", litRegenSize)
+	case literalsBlockRLE:
+		if len(in) < 1 {
+			println("too small: litType:", litType, " sizeFormat", sizeFormat, "remain:", len(in), "want:", 1)
+			return in, ErrBlockTooSmall
+		}
+		if cap(b.literalBuf) < litRegenSize {
+			if b.lowMem {
+				b.literalBuf = make([]byte, litRegenSize, litRegenSize+compressedBlockOverAlloc)
+			} else {
+				b.literalBuf = make([]byte, litRegenSize, maxCompressedBlockSize+compressedBlockOverAlloc)
+			}
+		}
+		literals = b.literalBuf[:litRegenSize]
+		v := in[0]
+		for i := range literals {
+			literals[i] = v
+		}
+		in = in[1:]
+		if debugDecoder {
+			printf("Found %d RLE compressed literals\n", litRegenSize)
+		}
+	case literalsBlockTreeless:
+		if len(in) < litCompSize {
+			println("too small: litType:", litType, " sizeFormat", sizeFormat, "remain:", len(in), "want:", litCompSize)
+			return in, ErrBlockTooSmall
+		}
+		// Store compressed literals, so we defer decoding until we get history.
+		literals = in[:litCompSize]
+		in = in[litCompSize:]
+		if debugDecoder {
+			printf("Found %d compressed literals\n", litCompSize)
+		}
+		huff := hist.huffTree
+		if huff == nil {
+			return in, errors.New("literal block was treeless, but no history was defined")
+		}
+		// Ensure we have space to store it.
+		if cap(b.literalBuf) < litRegenSize {
+			if b.lowMem {
+				b.literalBuf = make([]byte, 0, litRegenSize+compressedBlockOverAlloc)
+			} else {
+				b.literalBuf = make([]byte, 0, maxCompressedBlockSize+compressedBlockOverAlloc)
+			}
+		}
+		var err error
+		// Use our out buffer.
+		huff.MaxDecodedSize = litRegenSize
+		if fourStreams {
+			literals, err = huff.Decoder().Decompress4X(b.literalBuf[:0:litRegenSize], literals)
+		} else {
+			literals, err = huff.Decoder().Decompress1X(b.literalBuf[:0:litRegenSize], literals)
+		}
+		// Make sure we don't leak our literals buffer
+		if err != nil {
+			println("decompressing literals:", err)
+			return in, err
+		}
+		if len(literals) != litRegenSize {
+			return in, fmt.Errorf("literal output size mismatch want %d, got %d", litRegenSize, len(literals))
+		}
+
+	case literalsBlockCompressed:
+		if len(in) < litCompSize {
+			println("too small: litType:", litType, " sizeFormat", sizeFormat, "remain:", len(in), "want:", litCompSize)
+			return in, ErrBlockTooSmall
+		}
+		literals = in[:litCompSize]
+		in = in[litCompSize:]
+		// Ensure we have space to store it.
+		if cap(b.literalBuf) < litRegenSize {
+			if b.lowMem {
+				b.literalBuf = make([]byte, 0, litRegenSize+compressedBlockOverAlloc)
+			} else {
+				b.literalBuf = make([]byte, 0, maxCompressedBlockSize+compressedBlockOverAlloc)
+			}
+		}
+		huff := hist.huffTree
+		if huff == nil || (hist.dict != nil && huff == hist.dict.litEnc) {
+			huff = huffDecoderPool.Get().(*huff0.Scratch)
+			if huff == nil {
+				huff = &huff0.Scratch{}
+			}
+		}
+		var err error
+		if debugDecoder {
+			println("huff table input:", len(literals), "CRC:", crc32.ChecksumIEEE(literals))
+		}
+		huff, literals, err = huff0.ReadTable(literals, huff)
+		if err != nil {
+			println("reading huffman table:", err)
+			return in, err
+		}
+		hist.huffTree = huff
+		huff.MaxDecodedSize = litRegenSize
+		// Use our out buffer.
+		if fourStreams {
+			literals, err = huff.Decoder().Decompress4X(b.literalBuf[:0:litRegenSize], literals)
+		} else {
+			literals, err = huff.Decoder().Decompress1X(b.literalBuf[:0:litRegenSize], literals)
+		}
+		if err != nil {
+			println("decoding compressed literals:", err)
+			return in, err
+		}
+		// Make sure we don't leak our literals buffer
+		if len(literals) != litRegenSize {
+			return in, fmt.Errorf("literal output size mismatch want %d, got %d", litRegenSize, len(literals))
+		}
+		// Re-cap to get extra size.
+		literals = b.literalBuf[:len(literals)]
+		if debugDecoder {
+			printf("Decompressed %d literals into %d bytes\n", litCompSize, litRegenSize)
+		}
+	}
+	hist.decoders.literals = literals
+	return in, nil
+}
+
+// decodeCompressed will start decompressing a block.
+func (b *blockDec) decodeCompressed(hist *history) error {
+	in := b.data
+	in, err := b.decodeLiterals(in, hist)
+	if err != nil {
+		return err
+	}
+	err = b.prepareSequences(in, hist)
+	if err != nil {
+		return err
+	}
+	if hist.decoders.nSeqs == 0 {
+		b.dst = append(b.dst, hist.decoders.literals...)
+		return nil
+	}
+	before := len(hist.decoders.out)
+	err = hist.decoders.decodeSync(hist.b[hist.ignoreBuffer:])
+	if err != nil {
+		return err
+	}
+	if hist.decoders.maxSyncLen > 0 {
+		hist.decoders.maxSyncLen += uint64(before)
+		hist.decoders.maxSyncLen -= uint64(len(hist.decoders.out))
+	}
+	b.dst = hist.decoders.out
+	hist.recentOffsets = hist.decoders.prevOffset
+	return nil
+}
+
+func (b *blockDec) prepareSequences(in []byte, hist *history) (err error) {
+	if debugDecoder {
+		printf("prepareSequences: %d byte(s) input\n", len(in))
+	}
+	// Decode Sequences
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#sequences-section
+	if len(in) < 1 {
+		return ErrBlockTooSmall
+	}
+	var nSeqs int
+	seqHeader := in[0]
+	switch {
+	case seqHeader < 128:
+		nSeqs = int(seqHeader)
+		in = in[1:]
+	case seqHeader < 255:
+		if len(in) < 2 {
+			return ErrBlockTooSmall
+		}
+		nSeqs = int(seqHeader-128)<<8 | int(in[1])
+		in = in[2:]
+	case seqHeader == 255:
+		if len(in) < 3 {
+			return ErrBlockTooSmall
+		}
+		nSeqs = 0x7f00 + int(in[1]) + (int(in[2]) << 8)
+		in = in[3:]
+	}
+	if nSeqs == 0 && len(in) != 0 {
+		// When no sequences, there should not be any more data...
+		if debugDecoder {
+			printf("prepareSequences: 0 sequences, but %d byte(s) left on stream\n", len(in))
+		}
+		return ErrUnexpectedBlockSize
+	}
+
+	var seqs = &hist.decoders
+	seqs.nSeqs = nSeqs
+	if nSeqs > 0 {
+		if len(in) < 1 {
+			return ErrBlockTooSmall
+		}
+		br := byteReader{b: in, off: 0}
+		compMode := br.Uint8()
+		br.advance(1)
+		if debugDecoder {
+			printf("Compression modes: 0b%b", compMode)
+		}
+		if compMode&3 != 0 {
+			return errors.New("corrupt block: reserved bits not zero")
+		}
+		for i := uint(0); i < 3; i++ {
+			mode := seqCompMode((compMode >> (6 - i*2)) & 3)
+			if debugDecoder {
+				println("Table", tableIndex(i), "is", mode)
+			}
+			var seq *sequenceDec
+			switch tableIndex(i) {
+			case tableLiteralLengths:
+				seq = &seqs.litLengths
+			case tableOffsets:
+				seq = &seqs.offsets
+			case tableMatchLengths:
+				seq = &seqs.matchLengths
+			default:
+				panic("unknown table")
+			}
+			switch mode {
+			case compModePredefined:
+				if seq.fse != nil && !seq.fse.preDefined {
+					fseDecoderPool.Put(seq.fse)
+				}
+				seq.fse = &fsePredef[i]
+			case compModeRLE:
+				if br.remain() < 1 {
+					return ErrBlockTooSmall
+				}
+				v := br.Uint8()
+				br.advance(1)
+				if seq.fse == nil || seq.fse.preDefined {
+					seq.fse = fseDecoderPool.Get().(*fseDecoder)
+				}
+				symb, err := decSymbolValue(v, symbolTableX[i])
+				if err != nil {
+					printf("RLE Transform table (%v) error: %v", tableIndex(i), err)
+					return err
+				}
+				seq.fse.setRLE(symb)
+				if debugDecoder {
+					printf("RLE set to 0x%x, code: %v", symb, v)
+				}
+			case compModeFSE:
+				if debugDecoder {
+					println("Reading table for", tableIndex(i))
+				}
+				if seq.fse == nil || seq.fse.preDefined {
+					seq.fse = fseDecoderPool.Get().(*fseDecoder)
+				}
+				err := seq.fse.readNCount(&br, uint16(maxTableSymbol[i]))
+				if err != nil {
+					println("Read table error:", err)
+					return err
+				}
+				err = seq.fse.transform(symbolTableX[i])
+				if err != nil {
+					println("Transform table error:", err)
+					return err
+				}
+				if debugDecoder {
+					println("Read table ok", "symbolLen:", seq.fse.symbolLen)
+				}
+			case compModeRepeat:
+				seq.repeat = true
+			}
+			if br.overread() {
+				return io.ErrUnexpectedEOF
+			}
+		}
+		in = br.unread()
+	}
+	if debugDecoder {
+		println("Literals:", len(seqs.literals), "hash:", xxhash.Sum64(seqs.literals), "and", seqs.nSeqs, "sequences.")
+	}
+
+	if nSeqs == 0 {
+		if len(b.sequence) > 0 {
+			b.sequence = b.sequence[:0]
+		}
+		return nil
+	}
+	br := seqs.br
+	if br == nil {
+		br = &bitReader{}
+	}
+	if err := br.init(in); err != nil {
+		return err
+	}
+
+	if err := seqs.initialize(br, hist, b.dst); err != nil {
+		println("initializing sequences:", err)
+		return err
+	}
+	// Extract blocks...
+	if false && hist.dict == nil {
+		fatalErr := func(err error) {
+			if err != nil {
+				panic(err)
+			}
+		}
+		fn := fmt.Sprintf("n-%d-lits-%d-prev-%d-%d-%d-win-%d.blk", hist.decoders.nSeqs, len(hist.decoders.literals), hist.recentOffsets[0], hist.recentOffsets[1], hist.recentOffsets[2], hist.windowSize)
+		var buf bytes.Buffer
+		fatalErr(binary.Write(&buf, binary.LittleEndian, hist.decoders.litLengths.fse))
+		fatalErr(binary.Write(&buf, binary.LittleEndian, hist.decoders.matchLengths.fse))
+		fatalErr(binary.Write(&buf, binary.LittleEndian, hist.decoders.offsets.fse))
+		buf.Write(in)
+		os.WriteFile(filepath.Join("testdata", "seqs", fn), buf.Bytes(), os.ModePerm)
+	}
+
+	return nil
+}
+
+func (b *blockDec) decodeSequences(hist *history) error {
+	if cap(b.sequence) < hist.decoders.nSeqs {
+		if b.lowMem {
+			b.sequence = make([]seqVals, 0, hist.decoders.nSeqs)
+		} else {
+			b.sequence = make([]seqVals, 0, 0x7F00+0xffff)
+		}
+	}
+	b.sequence = b.sequence[:hist.decoders.nSeqs]
+	if hist.decoders.nSeqs == 0 {
+		hist.decoders.seqSize = len(hist.decoders.literals)
+		return nil
+	}
+	hist.decoders.windowSize = hist.windowSize
+	hist.decoders.prevOffset = hist.recentOffsets
+
+	err := hist.decoders.decode(b.sequence)
+	hist.recentOffsets = hist.decoders.prevOffset
+	return err
+}
+
+func (b *blockDec) executeSequences(hist *history) error {
+	hbytes := hist.b
+	if len(hbytes) > hist.windowSize {
+		hbytes = hbytes[len(hbytes)-hist.windowSize:]
+		// We do not need history anymore.
+		if hist.dict != nil {
+			hist.dict.content = nil
+		}
+	}
+	hist.decoders.windowSize = hist.windowSize
+	hist.decoders.out = b.dst[:0]
+	err := hist.decoders.execute(b.sequence, hbytes)
+	if err != nil {
+		return err
+	}
+	return b.updateHistory(hist)
+}
+
+func (b *blockDec) updateHistory(hist *history) error {
+	if len(b.data) > maxCompressedBlockSize {
+		return fmt.Errorf("compressed block size too large (%d)", len(b.data))
+	}
+	// Set output and release references.
+	b.dst = hist.decoders.out
+	hist.recentOffsets = hist.decoders.prevOffset
+
+	if b.Last {
+		// if last block we don't care about history.
+		println("Last block, no history returned")
+		hist.b = hist.b[:0]
+		return nil
+	} else {
+		hist.append(b.dst)
+		if debugDecoder {
+			println("Finished block with ", len(b.sequence), "sequences. Added", len(b.dst), "to history, now length", len(hist.b))
+		}
+	}
+	hist.decoders.out, hist.decoders.literals = nil, nil
+
+	return nil
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/blockenc.go b/vendor/github.com/klauspost/compress/zstd/blockenc.go
new file mode 100644
index 000000000..32a7f401d
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/blockenc.go
@@ -0,0 +1,909 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"errors"
+	"fmt"
+	"math"
+	"math/bits"
+
+	"github.com/klauspost/compress/huff0"
+)
+
+type blockEnc struct {
+	size       int
+	literals   []byte
+	sequences  []seq
+	coders     seqCoders
+	litEnc     *huff0.Scratch
+	dictLitEnc *huff0.Scratch
+	wr         bitWriter
+
+	extraLits         int
+	output            []byte
+	recentOffsets     [3]uint32
+	prevRecentOffsets [3]uint32
+
+	last   bool
+	lowMem bool
+}
+
+// init should be used once the block has been created.
+// If called more than once, the effect is the same as calling reset.
+func (b *blockEnc) init() {
+	if b.lowMem {
+		// 1K literals
+		if cap(b.literals) < 1<<10 {
+			b.literals = make([]byte, 0, 1<<10)
+		}
+		const defSeqs = 20
+		if cap(b.sequences) < defSeqs {
+			b.sequences = make([]seq, 0, defSeqs)
+		}
+		// 1K
+		if cap(b.output) < 1<<10 {
+			b.output = make([]byte, 0, 1<<10)
+		}
+	} else {
+		if cap(b.literals) < maxCompressedBlockSize {
+			b.literals = make([]byte, 0, maxCompressedBlockSize)
+		}
+		const defSeqs = 2000
+		if cap(b.sequences) < defSeqs {
+			b.sequences = make([]seq, 0, defSeqs)
+		}
+		if cap(b.output) < maxCompressedBlockSize {
+			b.output = make([]byte, 0, maxCompressedBlockSize)
+		}
+	}
+
+	if b.coders.mlEnc == nil {
+		b.coders.mlEnc = &fseEncoder{}
+		b.coders.mlPrev = &fseEncoder{}
+		b.coders.ofEnc = &fseEncoder{}
+		b.coders.ofPrev = &fseEncoder{}
+		b.coders.llEnc = &fseEncoder{}
+		b.coders.llPrev = &fseEncoder{}
+	}
+	b.litEnc = &huff0.Scratch{WantLogLess: 4}
+	b.reset(nil)
+}
+
+// initNewEncode can be used to reset offsets and encoders to the initial state.
+func (b *blockEnc) initNewEncode() {
+	b.recentOffsets = [3]uint32{1, 4, 8}
+	b.litEnc.Reuse = huff0.ReusePolicyNone
+	b.coders.setPrev(nil, nil, nil)
+}
+
+// reset will reset the block for a new encode, but in the same stream,
+// meaning that state will be carried over, but the block content is reset.
+// If a previous block is provided, the recent offsets are carried over.
+func (b *blockEnc) reset(prev *blockEnc) {
+	b.extraLits = 0
+	b.literals = b.literals[:0]
+	b.size = 0
+	b.sequences = b.sequences[:0]
+	b.output = b.output[:0]
+	b.last = false
+	if prev != nil {
+		b.recentOffsets = prev.prevRecentOffsets
+	}
+	b.dictLitEnc = nil
+}
+
+// reset will reset the block for a new encode, but in the same stream,
+// meaning that state will be carried over, but the block content is reset.
+// If a previous block is provided, the recent offsets are carried over.
+func (b *blockEnc) swapEncoders(prev *blockEnc) {
+	b.coders.swap(&prev.coders)
+	b.litEnc, prev.litEnc = prev.litEnc, b.litEnc
+}
+
+// blockHeader contains the information for a block header.
+type blockHeader uint32
+
+// setLast sets the 'last' indicator on a block.
+func (h *blockHeader) setLast(b bool) {
+	if b {
+		*h = *h | 1
+	} else {
+		const mask = (1 << 24) - 2
+		*h = *h & mask
+	}
+}
+
+// setSize will store the compressed size of a block.
+func (h *blockHeader) setSize(v uint32) {
+	const mask = 7
+	*h = (*h)&mask | blockHeader(v<<3)
+}
+
+// setType sets the block type.
+func (h *blockHeader) setType(t blockType) {
+	const mask = 1 | (((1 << 24) - 1) ^ 7)
+	*h = (*h & mask) | blockHeader(t<<1)
+}
+
+// appendTo will append the block header to a slice.
+func (h blockHeader) appendTo(b []byte) []byte {
+	return append(b, uint8(h), uint8(h>>8), uint8(h>>16))
+}
+
+// String returns a string representation of the block.
+func (h blockHeader) String() string {
+	return fmt.Sprintf("Type: %d, Size: %d, Last:%t", (h>>1)&3, h>>3, h&1 == 1)
+}
+
+// literalsHeader contains literals header information.
+type literalsHeader uint64
+
+// setType can be used to set the type of literal block.
+func (h *literalsHeader) setType(t literalsBlockType) {
+	const mask = math.MaxUint64 - 3
+	*h = (*h & mask) | literalsHeader(t)
+}
+
+// setSize can be used to set a single size, for uncompressed and RLE content.
+func (h *literalsHeader) setSize(regenLen int) {
+	inBits := bits.Len32(uint32(regenLen))
+	// Only retain 2 bits
+	const mask = 3
+	lh := uint64(*h & mask)
+	switch {
+	case inBits < 5:
+		lh |= (uint64(regenLen) << 3) | (1 << 60)
+		if debugEncoder {
+			got := int(lh>>3) & 0xff
+			if got != regenLen {
+				panic(fmt.Sprint("litRegenSize = ", regenLen, "(want) != ", got, "(got)"))
+			}
+		}
+	case inBits < 12:
+		lh |= (1 << 2) | (uint64(regenLen) << 4) | (2 << 60)
+	case inBits < 20:
+		lh |= (3 << 2) | (uint64(regenLen) << 4) | (3 << 60)
+	default:
+		panic(fmt.Errorf("internal error: block too big (%d)", regenLen))
+	}
+	*h = literalsHeader(lh)
+}
+
+// setSizes will set the size of a compressed literals section and the input length.
+func (h *literalsHeader) setSizes(compLen, inLen int, single bool) {
+	compBits, inBits := bits.Len32(uint32(compLen)), bits.Len32(uint32(inLen))
+	// Only retain 2 bits
+	const mask = 3
+	lh := uint64(*h & mask)
+	switch {
+	case compBits <= 10 && inBits <= 10:
+		if !single {
+			lh |= 1 << 2
+		}
+		lh |= (uint64(inLen) << 4) | (uint64(compLen) << (10 + 4)) | (3 << 60)
+		if debugEncoder {
+			const mmask = (1 << 24) - 1
+			n := (lh >> 4) & mmask
+			if int(n&1023) != inLen {
+				panic(fmt.Sprint("regensize:", int(n&1023), "!=", inLen, inBits))
+			}
+			if int(n>>10) != compLen {
+				panic(fmt.Sprint("compsize:", int(n>>10), "!=", compLen, compBits))
+			}
+		}
+	case compBits <= 14 && inBits <= 14:
+		lh |= (2 << 2) | (uint64(inLen) << 4) | (uint64(compLen) << (14 + 4)) | (4 << 60)
+		if single {
+			panic("single stream used with more than 10 bits length.")
+		}
+	case compBits <= 18 && inBits <= 18:
+		lh |= (3 << 2) | (uint64(inLen) << 4) | (uint64(compLen) << (18 + 4)) | (5 << 60)
+		if single {
+			panic("single stream used with more than 10 bits length.")
+		}
+	default:
+		panic("internal error: block too big")
+	}
+	*h = literalsHeader(lh)
+}
+
+// appendTo will append the literals header to a byte slice.
+func (h literalsHeader) appendTo(b []byte) []byte {
+	size := uint8(h >> 60)
+	switch size {
+	case 1:
+		b = append(b, uint8(h))
+	case 2:
+		b = append(b, uint8(h), uint8(h>>8))
+	case 3:
+		b = append(b, uint8(h), uint8(h>>8), uint8(h>>16))
+	case 4:
+		b = append(b, uint8(h), uint8(h>>8), uint8(h>>16), uint8(h>>24))
+	case 5:
+		b = append(b, uint8(h), uint8(h>>8), uint8(h>>16), uint8(h>>24), uint8(h>>32))
+	default:
+		panic(fmt.Errorf("internal error: literalsHeader has invalid size (%d)", size))
+	}
+	return b
+}
+
+// size returns the output size with currently set values.
+func (h literalsHeader) size() int {
+	return int(h >> 60)
+}
+
+func (h literalsHeader) String() string {
+	return fmt.Sprintf("Type: %d, SizeFormat: %d, Size: 0x%d, Bytes:%d", literalsBlockType(h&3), (h>>2)&3, h&((1<<60)-1)>>4, h>>60)
+}
+
+// pushOffsets will push the recent offsets to the backup store.
+func (b *blockEnc) pushOffsets() {
+	b.prevRecentOffsets = b.recentOffsets
+}
+
+// pushOffsets will push the recent offsets to the backup store.
+func (b *blockEnc) popOffsets() {
+	b.recentOffsets = b.prevRecentOffsets
+}
+
+// matchOffset will adjust recent offsets and return the adjusted one,
+// if it matches a previous offset.
+func (b *blockEnc) matchOffset(offset, lits uint32) uint32 {
+	// Check if offset is one of the recent offsets.
+	// Adjusts the output offset accordingly.
+	// Gives a tiny bit of compression, typically around 1%.
+	if true {
+		if lits > 0 {
+			switch offset {
+			case b.recentOffsets[0]:
+				offset = 1
+			case b.recentOffsets[1]:
+				b.recentOffsets[1] = b.recentOffsets[0]
+				b.recentOffsets[0] = offset
+				offset = 2
+			case b.recentOffsets[2]:
+				b.recentOffsets[2] = b.recentOffsets[1]
+				b.recentOffsets[1] = b.recentOffsets[0]
+				b.recentOffsets[0] = offset
+				offset = 3
+			default:
+				b.recentOffsets[2] = b.recentOffsets[1]
+				b.recentOffsets[1] = b.recentOffsets[0]
+				b.recentOffsets[0] = offset
+				offset += 3
+			}
+		} else {
+			switch offset {
+			case b.recentOffsets[1]:
+				b.recentOffsets[1] = b.recentOffsets[0]
+				b.recentOffsets[0] = offset
+				offset = 1
+			case b.recentOffsets[2]:
+				b.recentOffsets[2] = b.recentOffsets[1]
+				b.recentOffsets[1] = b.recentOffsets[0]
+				b.recentOffsets[0] = offset
+				offset = 2
+			case b.recentOffsets[0] - 1:
+				b.recentOffsets[2] = b.recentOffsets[1]
+				b.recentOffsets[1] = b.recentOffsets[0]
+				b.recentOffsets[0] = offset
+				offset = 3
+			default:
+				b.recentOffsets[2] = b.recentOffsets[1]
+				b.recentOffsets[1] = b.recentOffsets[0]
+				b.recentOffsets[0] = offset
+				offset += 3
+			}
+		}
+	} else {
+		offset += 3
+	}
+	return offset
+}
+
+// encodeRaw can be used to set the output to a raw representation of supplied bytes.
+func (b *blockEnc) encodeRaw(a []byte) {
+	var bh blockHeader
+	bh.setLast(b.last)
+	bh.setSize(uint32(len(a)))
+	bh.setType(blockTypeRaw)
+	b.output = bh.appendTo(b.output[:0])
+	b.output = append(b.output, a...)
+	if debugEncoder {
+		println("Adding RAW block, length", len(a), "last:", b.last)
+	}
+}
+
+// encodeRaw can be used to set the output to a raw representation of supplied bytes.
+func (b *blockEnc) encodeRawTo(dst, src []byte) []byte {
+	var bh blockHeader
+	bh.setLast(b.last)
+	bh.setSize(uint32(len(src)))
+	bh.setType(blockTypeRaw)
+	dst = bh.appendTo(dst)
+	dst = append(dst, src...)
+	if debugEncoder {
+		println("Adding RAW block, length", len(src), "last:", b.last)
+	}
+	return dst
+}
+
+// encodeLits can be used if the block is only litLen.
+func (b *blockEnc) encodeLits(lits []byte, raw bool) error {
+	var bh blockHeader
+	bh.setLast(b.last)
+	bh.setSize(uint32(len(lits)))
+
+	// Don't compress extremely small blocks
+	if len(lits) < 8 || (len(lits) < 32 && b.dictLitEnc == nil) || raw {
+		if debugEncoder {
+			println("Adding RAW block, length", len(lits), "last:", b.last)
+		}
+		bh.setType(blockTypeRaw)
+		b.output = bh.appendTo(b.output)
+		b.output = append(b.output, lits...)
+		return nil
+	}
+
+	var (
+		out            []byte
+		reUsed, single bool
+		err            error
+	)
+	if b.dictLitEnc != nil {
+		b.litEnc.TransferCTable(b.dictLitEnc)
+		b.litEnc.Reuse = huff0.ReusePolicyAllow
+		b.dictLitEnc = nil
+	}
+	if len(lits) >= 1024 {
+		// Use 4 Streams.
+		out, reUsed, err = huff0.Compress4X(lits, b.litEnc)
+	} else if len(lits) > 16 {
+		// Use 1 stream
+		single = true
+		out, reUsed, err = huff0.Compress1X(lits, b.litEnc)
+	} else {
+		err = huff0.ErrIncompressible
+	}
+	if err == nil && len(out)+5 > len(lits) {
+		// If we are close, we may still be worse or equal to raw.
+		var lh literalsHeader
+		lh.setSizes(len(out), len(lits), single)
+		if len(out)+lh.size() >= len(lits) {
+			err = huff0.ErrIncompressible
+		}
+	}
+	switch err {
+	case huff0.ErrIncompressible:
+		if debugEncoder {
+			println("Adding RAW block, length", len(lits), "last:", b.last)
+		}
+		bh.setType(blockTypeRaw)
+		b.output = bh.appendTo(b.output)
+		b.output = append(b.output, lits...)
+		return nil
+	case huff0.ErrUseRLE:
+		if debugEncoder {
+			println("Adding RLE block, length", len(lits))
+		}
+		bh.setType(blockTypeRLE)
+		b.output = bh.appendTo(b.output)
+		b.output = append(b.output, lits[0])
+		return nil
+	case nil:
+	default:
+		return err
+	}
+	// Compressed...
+	// Now, allow reuse
+	b.litEnc.Reuse = huff0.ReusePolicyAllow
+	bh.setType(blockTypeCompressed)
+	var lh literalsHeader
+	if reUsed {
+		if debugEncoder {
+			println("Reused tree, compressed to", len(out))
+		}
+		lh.setType(literalsBlockTreeless)
+	} else {
+		if debugEncoder {
+			println("New tree, compressed to", len(out), "tree size:", len(b.litEnc.OutTable))
+		}
+		lh.setType(literalsBlockCompressed)
+	}
+	// Set sizes
+	lh.setSizes(len(out), len(lits), single)
+	bh.setSize(uint32(len(out) + lh.size() + 1))
+
+	// Write block headers.
+	b.output = bh.appendTo(b.output)
+	b.output = lh.appendTo(b.output)
+	// Add compressed data.
+	b.output = append(b.output, out...)
+	// No sequences.
+	b.output = append(b.output, 0)
+	return nil
+}
+
+// encodeRLE will encode an RLE block.
+func (b *blockEnc) encodeRLE(val byte, length uint32) {
+	var bh blockHeader
+	bh.setLast(b.last)
+	bh.setSize(length)
+	bh.setType(blockTypeRLE)
+	b.output = bh.appendTo(b.output)
+	b.output = append(b.output, val)
+}
+
+// fuzzFseEncoder can be used to fuzz the FSE encoder.
+func fuzzFseEncoder(data []byte) int {
+	if len(data) > maxSequences || len(data) < 2 {
+		return 0
+	}
+	enc := fseEncoder{}
+	hist := enc.Histogram()
+	maxSym := uint8(0)
+	for i, v := range data {
+		v = v & 63
+		data[i] = v
+		hist[v]++
+		if v > maxSym {
+			maxSym = v
+		}
+	}
+	if maxSym == 0 {
+		// All 0
+		return 0
+	}
+	maxCount := func(a []uint32) int {
+		var max uint32
+		for _, v := range a {
+			if v > max {
+				max = v
+			}
+		}
+		return int(max)
+	}
+	cnt := maxCount(hist[:maxSym])
+	if cnt == len(data) {
+		// RLE
+		return 0
+	}
+	enc.HistogramFinished(maxSym, cnt)
+	err := enc.normalizeCount(len(data))
+	if err != nil {
+		return 0
+	}
+	_, err = enc.writeCount(nil)
+	if err != nil {
+		panic(err)
+	}
+	return 1
+}
+
+// encode will encode the block and append the output in b.output.
+// Previous offset codes must be pushed if more blocks are expected.
+func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
+	if len(b.sequences) == 0 {
+		return b.encodeLits(b.literals, rawAllLits)
+	}
+	if len(b.sequences) == 1 && len(org) > 0 && len(b.literals) <= 1 {
+		// Check common RLE cases.
+		seq := b.sequences[0]
+		if seq.litLen == uint32(len(b.literals)) && seq.offset-3 == 1 {
+			// Offset == 1 and 0 or 1 literals.
+			b.encodeRLE(org[0], b.sequences[0].matchLen+zstdMinMatch+seq.litLen)
+			return nil
+		}
+	}
+
+	// We want some difference to at least account for the headers.
+	saved := b.size - len(b.literals) - (b.size >> 6)
+	if saved < 16 {
+		if org == nil {
+			return errIncompressible
+		}
+		b.popOffsets()
+		return b.encodeLits(org, rawAllLits)
+	}
+
+	var bh blockHeader
+	var lh literalsHeader
+	bh.setLast(b.last)
+	bh.setType(blockTypeCompressed)
+	// Store offset of the block header. Needed when we know the size.
+	bhOffset := len(b.output)
+	b.output = bh.appendTo(b.output)
+
+	var (
+		out            []byte
+		reUsed, single bool
+		err            error
+	)
+	if b.dictLitEnc != nil {
+		b.litEnc.TransferCTable(b.dictLitEnc)
+		b.litEnc.Reuse = huff0.ReusePolicyAllow
+		b.dictLitEnc = nil
+	}
+	if len(b.literals) >= 1024 && !raw {
+		// Use 4 Streams.
+		out, reUsed, err = huff0.Compress4X(b.literals, b.litEnc)
+	} else if len(b.literals) > 16 && !raw {
+		// Use 1 stream
+		single = true
+		out, reUsed, err = huff0.Compress1X(b.literals, b.litEnc)
+	} else {
+		err = huff0.ErrIncompressible
+	}
+
+	if err == nil && len(out)+5 > len(b.literals) {
+		// If we are close, we may still be worse or equal to raw.
+		var lh literalsHeader
+		lh.setSize(len(b.literals))
+		szRaw := lh.size()
+		lh.setSizes(len(out), len(b.literals), single)
+		szComp := lh.size()
+		if len(out)+szComp >= len(b.literals)+szRaw {
+			err = huff0.ErrIncompressible
+		}
+	}
+	switch err {
+	case huff0.ErrIncompressible:
+		lh.setType(literalsBlockRaw)
+		lh.setSize(len(b.literals))
+		b.output = lh.appendTo(b.output)
+		b.output = append(b.output, b.literals...)
+		if debugEncoder {
+			println("Adding literals RAW, length", len(b.literals))
+		}
+	case huff0.ErrUseRLE:
+		lh.setType(literalsBlockRLE)
+		lh.setSize(len(b.literals))
+		b.output = lh.appendTo(b.output)
+		b.output = append(b.output, b.literals[0])
+		if debugEncoder {
+			println("Adding literals RLE")
+		}
+	case nil:
+		// Compressed litLen...
+		if reUsed {
+			if debugEncoder {
+				println("reused tree")
+			}
+			lh.setType(literalsBlockTreeless)
+		} else {
+			if debugEncoder {
+				println("new tree, size:", len(b.litEnc.OutTable))
+			}
+			lh.setType(literalsBlockCompressed)
+			if debugEncoder {
+				_, _, err := huff0.ReadTable(out, nil)
+				if err != nil {
+					panic(err)
+				}
+			}
+		}
+		lh.setSizes(len(out), len(b.literals), single)
+		if debugEncoder {
+			printf("Compressed %d literals to %d bytes", len(b.literals), len(out))
+			println("Adding literal header:", lh)
+		}
+		b.output = lh.appendTo(b.output)
+		b.output = append(b.output, out...)
+		b.litEnc.Reuse = huff0.ReusePolicyAllow
+		if debugEncoder {
+			println("Adding literals compressed")
+		}
+	default:
+		if debugEncoder {
+			println("Adding literals ERROR:", err)
+		}
+		return err
+	}
+	// Sequence compression
+
+	// Write the number of sequences
+	switch {
+	case len(b.sequences) < 128:
+		b.output = append(b.output, uint8(len(b.sequences)))
+	case len(b.sequences) < 0x7f00: // TODO: this could be wrong
+		n := len(b.sequences)
+		b.output = append(b.output, 128+uint8(n>>8), uint8(n))
+	default:
+		n := len(b.sequences) - 0x7f00
+		b.output = append(b.output, 255, uint8(n), uint8(n>>8))
+	}
+	if debugEncoder {
+		println("Encoding", len(b.sequences), "sequences")
+	}
+	b.genCodes()
+	llEnc := b.coders.llEnc
+	ofEnc := b.coders.ofEnc
+	mlEnc := b.coders.mlEnc
+	err = llEnc.normalizeCount(len(b.sequences))
+	if err != nil {
+		return err
+	}
+	err = ofEnc.normalizeCount(len(b.sequences))
+	if err != nil {
+		return err
+	}
+	err = mlEnc.normalizeCount(len(b.sequences))
+	if err != nil {
+		return err
+	}
+
+	// Choose the best compression mode for each type.
+	// Will evaluate the new vs predefined and previous.
+	chooseComp := func(cur, prev, preDef *fseEncoder) (*fseEncoder, seqCompMode) {
+		// See if predefined/previous is better
+		hist := cur.count[:cur.symbolLen]
+		nSize := cur.approxSize(hist) + cur.maxHeaderSize()
+		predefSize := preDef.approxSize(hist)
+		prevSize := prev.approxSize(hist)
+
+		// Add a small penalty for new encoders.
+		// Don't bother with extremely small (<2 byte gains).
+		nSize = nSize + (nSize+2*8*16)>>4
+		switch {
+		case predefSize <= prevSize && predefSize <= nSize || forcePreDef:
+			if debugEncoder {
+				println("Using predefined", predefSize>>3, "<=", nSize>>3)
+			}
+			return preDef, compModePredefined
+		case prevSize <= nSize:
+			if debugEncoder {
+				println("Using previous", prevSize>>3, "<=", nSize>>3)
+			}
+			return prev, compModeRepeat
+		default:
+			if debugEncoder {
+				println("Using new, predef", predefSize>>3, ". previous:", prevSize>>3, ">", nSize>>3, "header max:", cur.maxHeaderSize()>>3, "bytes")
+				println("tl:", cur.actualTableLog, "symbolLen:", cur.symbolLen, "norm:", cur.norm[:cur.symbolLen], "hist", cur.count[:cur.symbolLen])
+			}
+			return cur, compModeFSE
+		}
+	}
+
+	// Write compression mode
+	var mode uint8
+	if llEnc.useRLE {
+		mode |= uint8(compModeRLE) << 6
+		llEnc.setRLE(b.sequences[0].llCode)
+		if debugEncoder {
+			println("llEnc.useRLE")
+		}
+	} else {
+		var m seqCompMode
+		llEnc, m = chooseComp(llEnc, b.coders.llPrev, &fsePredefEnc[tableLiteralLengths])
+		mode |= uint8(m) << 6
+	}
+	if ofEnc.useRLE {
+		mode |= uint8(compModeRLE) << 4
+		ofEnc.setRLE(b.sequences[0].ofCode)
+		if debugEncoder {
+			println("ofEnc.useRLE")
+		}
+	} else {
+		var m seqCompMode
+		ofEnc, m = chooseComp(ofEnc, b.coders.ofPrev, &fsePredefEnc[tableOffsets])
+		mode |= uint8(m) << 4
+	}
+
+	if mlEnc.useRLE {
+		mode |= uint8(compModeRLE) << 2
+		mlEnc.setRLE(b.sequences[0].mlCode)
+		if debugEncoder {
+			println("mlEnc.useRLE, code: ", b.sequences[0].mlCode, "value", b.sequences[0].matchLen)
+		}
+	} else {
+		var m seqCompMode
+		mlEnc, m = chooseComp(mlEnc, b.coders.mlPrev, &fsePredefEnc[tableMatchLengths])
+		mode |= uint8(m) << 2
+	}
+	b.output = append(b.output, mode)
+	if debugEncoder {
+		printf("Compression modes: 0b%b", mode)
+	}
+	b.output, err = llEnc.writeCount(b.output)
+	if err != nil {
+		return err
+	}
+	start := len(b.output)
+	b.output, err = ofEnc.writeCount(b.output)
+	if err != nil {
+		return err
+	}
+	if false {
+		println("block:", b.output[start:], "tablelog", ofEnc.actualTableLog, "maxcount:", ofEnc.maxCount)
+		fmt.Printf("selected TableLog: %d, Symbol length: %d\n", ofEnc.actualTableLog, ofEnc.symbolLen)
+		for i, v := range ofEnc.norm[:ofEnc.symbolLen] {
+			fmt.Printf("%3d: %5d -> %4d \n", i, ofEnc.count[i], v)
+		}
+	}
+	b.output, err = mlEnc.writeCount(b.output)
+	if err != nil {
+		return err
+	}
+
+	// Maybe in block?
+	wr := &b.wr
+	wr.reset(b.output)
+
+	var ll, of, ml cState
+
+	// Current sequence
+	seq := len(b.sequences) - 1
+	s := b.sequences[seq]
+	llEnc.setBits(llBitsTable[:])
+	mlEnc.setBits(mlBitsTable[:])
+	ofEnc.setBits(nil)
+
+	llTT, ofTT, mlTT := llEnc.ct.symbolTT[:256], ofEnc.ct.symbolTT[:256], mlEnc.ct.symbolTT[:256]
+
+	// We have 3 bounds checks here (and in the loop).
+	// Since we are iterating backwards it is kinda hard to avoid.
+	llB, ofB, mlB := llTT[s.llCode], ofTT[s.ofCode], mlTT[s.mlCode]
+	ll.init(wr, &llEnc.ct, llB)
+	of.init(wr, &ofEnc.ct, ofB)
+	wr.flush32()
+	ml.init(wr, &mlEnc.ct, mlB)
+
+	// Each of these lookups also generates a bounds check.
+	wr.addBits32NC(s.litLen, llB.outBits)
+	wr.addBits32NC(s.matchLen, mlB.outBits)
+	wr.flush32()
+	wr.addBits32NC(s.offset, ofB.outBits)
+	if debugSequences {
+		println("Encoded seq", seq, s, "codes:", s.llCode, s.mlCode, s.ofCode, "states:", ll.state, ml.state, of.state, "bits:", llB, mlB, ofB)
+	}
+	seq--
+	// Store sequences in reverse...
+	for seq >= 0 {
+		s = b.sequences[seq]
+
+		ofB := ofTT[s.ofCode]
+		wr.flush32() // tablelog max is below 8 for each, so it will fill max 24 bits.
+		//of.encode(ofB)
+		nbBitsOut := (uint32(of.state) + ofB.deltaNbBits) >> 16
+		dstState := int32(of.state>>(nbBitsOut&15)) + int32(ofB.deltaFindState)
+		wr.addBits16NC(of.state, uint8(nbBitsOut))
+		of.state = of.stateTable[dstState]
+
+		// Accumulate extra bits.
+		outBits := ofB.outBits & 31
+		extraBits := uint64(s.offset & bitMask32[outBits])
+		extraBitsN := outBits
+
+		mlB := mlTT[s.mlCode]
+		//ml.encode(mlB)
+		nbBitsOut = (uint32(ml.state) + mlB.deltaNbBits) >> 16
+		dstState = int32(ml.state>>(nbBitsOut&15)) + int32(mlB.deltaFindState)
+		wr.addBits16NC(ml.state, uint8(nbBitsOut))
+		ml.state = ml.stateTable[dstState]
+
+		outBits = mlB.outBits & 31
+		extraBits = extraBits<> 16
+		dstState = int32(ll.state>>(nbBitsOut&15)) + int32(llB.deltaFindState)
+		wr.addBits16NC(ll.state, uint8(nbBitsOut))
+		ll.state = ll.stateTable[dstState]
+
+		outBits = llB.outBits & 31
+		extraBits = extraBits<= b.size {
+		// Discard and encode as raw block.
+		b.output = b.encodeRawTo(b.output[:bhOffset], org)
+		b.popOffsets()
+		b.litEnc.Reuse = huff0.ReusePolicyNone
+		return nil
+	}
+
+	// Size is output minus block header.
+	bh.setSize(uint32(len(b.output)-bhOffset) - 3)
+	if debugEncoder {
+		println("Rewriting block header", bh)
+	}
+	_ = bh.appendTo(b.output[bhOffset:bhOffset])
+	b.coders.setPrev(llEnc, mlEnc, ofEnc)
+	return nil
+}
+
+var errIncompressible = errors.New("incompressible")
+
+func (b *blockEnc) genCodes() {
+	if len(b.sequences) == 0 {
+		// nothing to do
+		return
+	}
+	if len(b.sequences) > math.MaxUint16 {
+		panic("can only encode up to 64K sequences")
+	}
+	// No bounds checks after here:
+	llH := b.coders.llEnc.Histogram()
+	ofH := b.coders.ofEnc.Histogram()
+	mlH := b.coders.mlEnc.Histogram()
+	for i := range llH {
+		llH[i] = 0
+	}
+	for i := range ofH {
+		ofH[i] = 0
+	}
+	for i := range mlH {
+		mlH[i] = 0
+	}
+
+	var llMax, ofMax, mlMax uint8
+	for i := range b.sequences {
+		seq := &b.sequences[i]
+		v := llCode(seq.litLen)
+		seq.llCode = v
+		llH[v]++
+		if v > llMax {
+			llMax = v
+		}
+
+		v = ofCode(seq.offset)
+		seq.ofCode = v
+		ofH[v]++
+		if v > ofMax {
+			ofMax = v
+		}
+
+		v = mlCode(seq.matchLen)
+		seq.mlCode = v
+		mlH[v]++
+		if v > mlMax {
+			mlMax = v
+			if debugAsserts && mlMax > maxMatchLengthSymbol {
+				panic(fmt.Errorf("mlMax > maxMatchLengthSymbol (%d), matchlen: %d", mlMax, seq.matchLen))
+			}
+		}
+	}
+	maxCount := func(a []uint32) int {
+		var max uint32
+		for _, v := range a {
+			if v > max {
+				max = v
+			}
+		}
+		return int(max)
+	}
+	if debugAsserts && mlMax > maxMatchLengthSymbol {
+		panic(fmt.Errorf("mlMax > maxMatchLengthSymbol (%d)", mlMax))
+	}
+	if debugAsserts && ofMax > maxOffsetBits {
+		panic(fmt.Errorf("ofMax > maxOffsetBits (%d)", ofMax))
+	}
+	if debugAsserts && llMax > maxLiteralLengthSymbol {
+		panic(fmt.Errorf("llMax > maxLiteralLengthSymbol (%d)", llMax))
+	}
+
+	b.coders.mlEnc.HistogramFinished(mlMax, maxCount(mlH[:mlMax+1]))
+	b.coders.ofEnc.HistogramFinished(ofMax, maxCount(ofH[:ofMax+1]))
+	b.coders.llEnc.HistogramFinished(llMax, maxCount(llH[:llMax+1]))
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/blocktype_string.go b/vendor/github.com/klauspost/compress/zstd/blocktype_string.go
new file mode 100644
index 000000000..01a01e486
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/blocktype_string.go
@@ -0,0 +1,85 @@
+// Code generated by "stringer -type=blockType,literalsBlockType,seqCompMode,tableIndex"; DO NOT EDIT.
+
+package zstd
+
+import "strconv"
+
+func _() {
+	// An "invalid array index" compiler error signifies that the constant values have changed.
+	// Re-run the stringer command to generate them again.
+	var x [1]struct{}
+	_ = x[blockTypeRaw-0]
+	_ = x[blockTypeRLE-1]
+	_ = x[blockTypeCompressed-2]
+	_ = x[blockTypeReserved-3]
+}
+
+const _blockType_name = "blockTypeRawblockTypeRLEblockTypeCompressedblockTypeReserved"
+
+var _blockType_index = [...]uint8{0, 12, 24, 43, 60}
+
+func (i blockType) String() string {
+	if i >= blockType(len(_blockType_index)-1) {
+		return "blockType(" + strconv.FormatInt(int64(i), 10) + ")"
+	}
+	return _blockType_name[_blockType_index[i]:_blockType_index[i+1]]
+}
+func _() {
+	// An "invalid array index" compiler error signifies that the constant values have changed.
+	// Re-run the stringer command to generate them again.
+	var x [1]struct{}
+	_ = x[literalsBlockRaw-0]
+	_ = x[literalsBlockRLE-1]
+	_ = x[literalsBlockCompressed-2]
+	_ = x[literalsBlockTreeless-3]
+}
+
+const _literalsBlockType_name = "literalsBlockRawliteralsBlockRLEliteralsBlockCompressedliteralsBlockTreeless"
+
+var _literalsBlockType_index = [...]uint8{0, 16, 32, 55, 76}
+
+func (i literalsBlockType) String() string {
+	if i >= literalsBlockType(len(_literalsBlockType_index)-1) {
+		return "literalsBlockType(" + strconv.FormatInt(int64(i), 10) + ")"
+	}
+	return _literalsBlockType_name[_literalsBlockType_index[i]:_literalsBlockType_index[i+1]]
+}
+func _() {
+	// An "invalid array index" compiler error signifies that the constant values have changed.
+	// Re-run the stringer command to generate them again.
+	var x [1]struct{}
+	_ = x[compModePredefined-0]
+	_ = x[compModeRLE-1]
+	_ = x[compModeFSE-2]
+	_ = x[compModeRepeat-3]
+}
+
+const _seqCompMode_name = "compModePredefinedcompModeRLEcompModeFSEcompModeRepeat"
+
+var _seqCompMode_index = [...]uint8{0, 18, 29, 40, 54}
+
+func (i seqCompMode) String() string {
+	if i >= seqCompMode(len(_seqCompMode_index)-1) {
+		return "seqCompMode(" + strconv.FormatInt(int64(i), 10) + ")"
+	}
+	return _seqCompMode_name[_seqCompMode_index[i]:_seqCompMode_index[i+1]]
+}
+func _() {
+	// An "invalid array index" compiler error signifies that the constant values have changed.
+	// Re-run the stringer command to generate them again.
+	var x [1]struct{}
+	_ = x[tableLiteralLengths-0]
+	_ = x[tableOffsets-1]
+	_ = x[tableMatchLengths-2]
+}
+
+const _tableIndex_name = "tableLiteralLengthstableOffsetstableMatchLengths"
+
+var _tableIndex_index = [...]uint8{0, 19, 31, 48}
+
+func (i tableIndex) String() string {
+	if i >= tableIndex(len(_tableIndex_index)-1) {
+		return "tableIndex(" + strconv.FormatInt(int64(i), 10) + ")"
+	}
+	return _tableIndex_name[_tableIndex_index[i]:_tableIndex_index[i+1]]
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/bytebuf.go b/vendor/github.com/klauspost/compress/zstd/bytebuf.go
new file mode 100644
index 000000000..55a388553
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/bytebuf.go
@@ -0,0 +1,131 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"fmt"
+	"io"
+)
+
+type byteBuffer interface {
+	// Read up to 8 bytes.
+	// Returns io.ErrUnexpectedEOF if this cannot be satisfied.
+	readSmall(n int) ([]byte, error)
+
+	// Read >8 bytes.
+	// MAY use the destination slice.
+	readBig(n int, dst []byte) ([]byte, error)
+
+	// Read a single byte.
+	readByte() (byte, error)
+
+	// Skip n bytes.
+	skipN(n int64) error
+}
+
+// in-memory buffer
+type byteBuf []byte
+
+func (b *byteBuf) readSmall(n int) ([]byte, error) {
+	if debugAsserts && n > 8 {
+		panic(fmt.Errorf("small read > 8 (%d). use readBig", n))
+	}
+	bb := *b
+	if len(bb) < n {
+		return nil, io.ErrUnexpectedEOF
+	}
+	r := bb[:n]
+	*b = bb[n:]
+	return r, nil
+}
+
+func (b *byteBuf) readBig(n int, dst []byte) ([]byte, error) {
+	bb := *b
+	if len(bb) < n {
+		return nil, io.ErrUnexpectedEOF
+	}
+	r := bb[:n]
+	*b = bb[n:]
+	return r, nil
+}
+
+func (b *byteBuf) readByte() (byte, error) {
+	bb := *b
+	if len(bb) < 1 {
+		return 0, io.ErrUnexpectedEOF
+	}
+	r := bb[0]
+	*b = bb[1:]
+	return r, nil
+}
+
+func (b *byteBuf) skipN(n int64) error {
+	bb := *b
+	if n < 0 {
+		return fmt.Errorf("negative skip (%d) requested", n)
+	}
+	if int64(len(bb)) < n {
+		return io.ErrUnexpectedEOF
+	}
+	*b = bb[n:]
+	return nil
+}
+
+// wrapper around a reader.
+type readerWrapper struct {
+	r   io.Reader
+	tmp [8]byte
+}
+
+func (r *readerWrapper) readSmall(n int) ([]byte, error) {
+	if debugAsserts && n > 8 {
+		panic(fmt.Errorf("small read > 8 (%d). use readBig", n))
+	}
+	n2, err := io.ReadFull(r.r, r.tmp[:n])
+	// We only really care about the actual bytes read.
+	if err != nil {
+		if err == io.EOF {
+			return nil, io.ErrUnexpectedEOF
+		}
+		if debugDecoder {
+			println("readSmall: got", n2, "want", n, "err", err)
+		}
+		return nil, err
+	}
+	return r.tmp[:n], nil
+}
+
+func (r *readerWrapper) readBig(n int, dst []byte) ([]byte, error) {
+	if cap(dst) < n {
+		dst = make([]byte, n)
+	}
+	n2, err := io.ReadFull(r.r, dst[:n])
+	if err == io.EOF && n > 0 {
+		err = io.ErrUnexpectedEOF
+	}
+	return dst[:n2], err
+}
+
+func (r *readerWrapper) readByte() (byte, error) {
+	n2, err := io.ReadFull(r.r, r.tmp[:1])
+	if err != nil {
+		if err == io.EOF {
+			err = io.ErrUnexpectedEOF
+		}
+		return 0, err
+	}
+	if n2 != 1 {
+		return 0, io.ErrUnexpectedEOF
+	}
+	return r.tmp[0], nil
+}
+
+func (r *readerWrapper) skipN(n int64) error {
+	n2, err := io.CopyN(io.Discard, r.r, n)
+	if n2 != n {
+		err = io.ErrUnexpectedEOF
+	}
+	return err
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/bytereader.go b/vendor/github.com/klauspost/compress/zstd/bytereader.go
new file mode 100644
index 000000000..0e59a242d
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/bytereader.go
@@ -0,0 +1,82 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+// byteReader provides a byte reader that reads
+// little endian values from a byte stream.
+// The input stream is manually advanced.
+// The reader performs no bounds checks.
+type byteReader struct {
+	b   []byte
+	off int
+}
+
+// advance the stream b n bytes.
+func (b *byteReader) advance(n uint) {
+	b.off += int(n)
+}
+
+// overread returns whether we have advanced too far.
+func (b *byteReader) overread() bool {
+	return b.off > len(b.b)
+}
+
+// Int32 returns a little endian int32 starting at current offset.
+func (b byteReader) Int32() int32 {
+	b2 := b.b[b.off:]
+	b2 = b2[:4]
+	v3 := int32(b2[3])
+	v2 := int32(b2[2])
+	v1 := int32(b2[1])
+	v0 := int32(b2[0])
+	return v0 | (v1 << 8) | (v2 << 16) | (v3 << 24)
+}
+
+// Uint8 returns the next byte
+func (b *byteReader) Uint8() uint8 {
+	v := b.b[b.off]
+	return v
+}
+
+// Uint32 returns a little endian uint32 starting at current offset.
+func (b byteReader) Uint32() uint32 {
+	if r := b.remain(); r < 4 {
+		// Very rare
+		v := uint32(0)
+		for i := 1; i <= r; i++ {
+			v = (v << 8) | uint32(b.b[len(b.b)-i])
+		}
+		return v
+	}
+	b2 := b.b[b.off:]
+	b2 = b2[:4]
+	v3 := uint32(b2[3])
+	v2 := uint32(b2[2])
+	v1 := uint32(b2[1])
+	v0 := uint32(b2[0])
+	return v0 | (v1 << 8) | (v2 << 16) | (v3 << 24)
+}
+
+// Uint32NC returns a little endian uint32 starting at current offset.
+// The caller must be sure if there are at least 4 bytes left.
+func (b byteReader) Uint32NC() uint32 {
+	b2 := b.b[b.off:]
+	b2 = b2[:4]
+	v3 := uint32(b2[3])
+	v2 := uint32(b2[2])
+	v1 := uint32(b2[1])
+	v0 := uint32(b2[0])
+	return v0 | (v1 << 8) | (v2 << 16) | (v3 << 24)
+}
+
+// unread returns the unread portion of the input.
+func (b byteReader) unread() []byte {
+	return b.b[b.off:]
+}
+
+// remain will return the number of bytes remaining.
+func (b byteReader) remain() int {
+	return len(b.b) - b.off
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/decodeheader.go b/vendor/github.com/klauspost/compress/zstd/decodeheader.go
new file mode 100644
index 000000000..6a5a2988b
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/decodeheader.go
@@ -0,0 +1,261 @@
+// Copyright 2020+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+
+package zstd
+
+import (
+	"encoding/binary"
+	"errors"
+	"io"
+)
+
+// HeaderMaxSize is the maximum size of a Frame and Block Header.
+// If less is sent to Header.Decode it *may* still contain enough information.
+const HeaderMaxSize = 14 + 3
+
+// Header contains information about the first frame and block within that.
+type Header struct {
+	// SingleSegment specifies whether the data is to be decompressed into a
+	// single contiguous memory segment.
+	// It implies that WindowSize is invalid and that FrameContentSize is valid.
+	SingleSegment bool
+
+	// WindowSize is the window of data to keep while decoding.
+	// Will only be set if SingleSegment is false.
+	WindowSize uint64
+
+	// Dictionary ID.
+	// If 0, no dictionary.
+	DictionaryID uint32
+
+	// HasFCS specifies whether FrameContentSize has a valid value.
+	HasFCS bool
+
+	// FrameContentSize is the expected uncompressed size of the entire frame.
+	FrameContentSize uint64
+
+	// Skippable will be true if the frame is meant to be skipped.
+	// This implies that FirstBlock.OK is false.
+	Skippable bool
+
+	// SkippableID is the user-specific ID for the skippable frame.
+	// Valid values are between 0 to 15, inclusive.
+	SkippableID int
+
+	// SkippableSize is the length of the user data to skip following
+	// the header.
+	SkippableSize uint32
+
+	// HeaderSize is the raw size of the frame header.
+	//
+	// For normal frames, it includes the size of the magic number and
+	// the size of the header (per section 3.1.1.1).
+	// It does not include the size for any data blocks (section 3.1.1.2) nor
+	// the size for the trailing content checksum.
+	//
+	// For skippable frames, this counts the size of the magic number
+	// along with the size of the size field of the payload.
+	// It does not include the size of the skippable payload itself.
+	// The total frame size is the HeaderSize plus the SkippableSize.
+	HeaderSize int
+
+	// First block information.
+	FirstBlock struct {
+		// OK will be set if first block could be decoded.
+		OK bool
+
+		// Is this the last block of a frame?
+		Last bool
+
+		// Is the data compressed?
+		// If true CompressedSize will be populated.
+		// Unfortunately DecompressedSize cannot be determined
+		// without decoding the blocks.
+		Compressed bool
+
+		// DecompressedSize is the expected decompressed size of the block.
+		// Will be 0 if it cannot be determined.
+		DecompressedSize int
+
+		// CompressedSize of the data in the block.
+		// Does not include the block header.
+		// Will be equal to DecompressedSize if not Compressed.
+		CompressedSize int
+	}
+
+	// If set there is a checksum present for the block content.
+	// The checksum field at the end is always 4 bytes long.
+	HasCheckSum bool
+}
+
+// Decode the header from the beginning of the stream.
+// This will decode the frame header and the first block header if enough bytes are provided.
+// It is recommended to provide at least HeaderMaxSize bytes.
+// If the frame header cannot be read an error will be returned.
+// If there isn't enough input, io.ErrUnexpectedEOF is returned.
+// The FirstBlock.OK will indicate if enough information was available to decode the first block header.
+func (h *Header) Decode(in []byte) error {
+	_, err := h.DecodeAndStrip(in)
+	return err
+}
+
+// DecodeAndStrip will decode the header from the beginning of the stream
+// and on success return the remaining bytes.
+// This will decode the frame header and the first block header if enough bytes are provided.
+// It is recommended to provide at least HeaderMaxSize bytes.
+// If the frame header cannot be read an error will be returned.
+// If there isn't enough input, io.ErrUnexpectedEOF is returned.
+// The FirstBlock.OK will indicate if enough information was available to decode the first block header.
+func (h *Header) DecodeAndStrip(in []byte) (remain []byte, err error) {
+	*h = Header{}
+	if len(in) < 4 {
+		return nil, io.ErrUnexpectedEOF
+	}
+	h.HeaderSize += 4
+	b, in := in[:4], in[4:]
+	if string(b) != frameMagic {
+		if string(b[1:4]) != skippableFrameMagic || b[0]&0xf0 != 0x50 {
+			return nil, ErrMagicMismatch
+		}
+		if len(in) < 4 {
+			return nil, io.ErrUnexpectedEOF
+		}
+		h.HeaderSize += 4
+		h.Skippable = true
+		h.SkippableID = int(b[0] & 0xf)
+		h.SkippableSize = binary.LittleEndian.Uint32(in)
+		return in[4:], nil
+	}
+
+	// Read Window_Descriptor
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#window_descriptor
+	if len(in) < 1 {
+		return nil, io.ErrUnexpectedEOF
+	}
+	fhd, in := in[0], in[1:]
+	h.HeaderSize++
+	h.SingleSegment = fhd&(1<<5) != 0
+	h.HasCheckSum = fhd&(1<<2) != 0
+	if fhd&(1<<3) != 0 {
+		return nil, errors.New("reserved bit set on frame header")
+	}
+
+	if !h.SingleSegment {
+		if len(in) < 1 {
+			return nil, io.ErrUnexpectedEOF
+		}
+		var wd byte
+		wd, in = in[0], in[1:]
+		h.HeaderSize++
+		windowLog := 10 + (wd >> 3)
+		windowBase := uint64(1) << windowLog
+		windowAdd := (windowBase / 8) * uint64(wd&0x7)
+		h.WindowSize = windowBase + windowAdd
+	}
+
+	// Read Dictionary_ID
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#dictionary_id
+	if size := fhd & 3; size != 0 {
+		if size == 3 {
+			size = 4
+		}
+		if len(in) < int(size) {
+			return nil, io.ErrUnexpectedEOF
+		}
+		b, in = in[:size], in[size:]
+		h.HeaderSize += int(size)
+		switch len(b) {
+		case 1:
+			h.DictionaryID = uint32(b[0])
+		case 2:
+			h.DictionaryID = uint32(b[0]) | (uint32(b[1]) << 8)
+		case 4:
+			h.DictionaryID = uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
+		}
+	}
+
+	// Read Frame_Content_Size
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#frame_content_size
+	var fcsSize int
+	v := fhd >> 6
+	switch v {
+	case 0:
+		if h.SingleSegment {
+			fcsSize = 1
+		}
+	default:
+		fcsSize = 1 << v
+	}
+
+	if fcsSize > 0 {
+		h.HasFCS = true
+		if len(in) < fcsSize {
+			return nil, io.ErrUnexpectedEOF
+		}
+		b, in = in[:fcsSize], in[fcsSize:]
+		h.HeaderSize += int(fcsSize)
+		switch len(b) {
+		case 1:
+			h.FrameContentSize = uint64(b[0])
+		case 2:
+			// When FCS_Field_Size is 2, the offset of 256 is added.
+			h.FrameContentSize = uint64(b[0]) | (uint64(b[1]) << 8) + 256
+		case 4:
+			h.FrameContentSize = uint64(b[0]) | (uint64(b[1]) << 8) | (uint64(b[2]) << 16) | (uint64(b[3]) << 24)
+		case 8:
+			d1 := uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
+			d2 := uint32(b[4]) | (uint32(b[5]) << 8) | (uint32(b[6]) << 16) | (uint32(b[7]) << 24)
+			h.FrameContentSize = uint64(d1) | (uint64(d2) << 32)
+		}
+	}
+
+	// Frame Header done, we will not fail from now on.
+	if len(in) < 3 {
+		return in, nil
+	}
+	tmp := in[:3]
+	bh := uint32(tmp[0]) | (uint32(tmp[1]) << 8) | (uint32(tmp[2]) << 16)
+	h.FirstBlock.Last = bh&1 != 0
+	blockType := blockType((bh >> 1) & 3)
+	// find size.
+	cSize := int(bh >> 3)
+	switch blockType {
+	case blockTypeReserved:
+		return in, nil
+	case blockTypeRLE:
+		h.FirstBlock.Compressed = true
+		h.FirstBlock.DecompressedSize = cSize
+		h.FirstBlock.CompressedSize = 1
+	case blockTypeCompressed:
+		h.FirstBlock.Compressed = true
+		h.FirstBlock.CompressedSize = cSize
+	case blockTypeRaw:
+		h.FirstBlock.DecompressedSize = cSize
+		h.FirstBlock.CompressedSize = cSize
+	default:
+		panic("Invalid block type")
+	}
+
+	h.FirstBlock.OK = true
+	return in, nil
+}
+
+// AppendTo will append the encoded header to the dst slice.
+// There is no error checking performed on the header values.
+func (h *Header) AppendTo(dst []byte) ([]byte, error) {
+	if h.Skippable {
+		magic := [4]byte{0x50, 0x2a, 0x4d, 0x18}
+		magic[0] |= byte(h.SkippableID & 0xf)
+		dst = append(dst, magic[:]...)
+		f := h.SkippableSize
+		return append(dst, uint8(f), uint8(f>>8), uint8(f>>16), uint8(f>>24)), nil
+	}
+	f := frameHeader{
+		ContentSize:   h.FrameContentSize,
+		WindowSize:    uint32(h.WindowSize),
+		SingleSegment: h.SingleSegment,
+		Checksum:      h.HasCheckSum,
+		DictID:        h.DictionaryID,
+	}
+	return f.appendTo(dst), nil
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/decoder.go b/vendor/github.com/klauspost/compress/zstd/decoder.go
new file mode 100644
index 000000000..bbca17234
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/decoder.go
@@ -0,0 +1,948 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"context"
+	"encoding/binary"
+	"io"
+	"sync"
+
+	"github.com/klauspost/compress/zstd/internal/xxhash"
+)
+
+// Decoder provides decoding of zstandard streams.
+// The decoder has been designed to operate without allocations after a warmup.
+// This means that you should store the decoder for best performance.
+// To re-use a stream decoder, use the Reset(r io.Reader) error to switch to another stream.
+// A decoder can safely be re-used even if the previous stream failed.
+// To release the resources, you must call the Close() function on a decoder.
+type Decoder struct {
+	o decoderOptions
+
+	// Unreferenced decoders, ready for use.
+	decoders chan *blockDec
+
+	// Current read position used for Reader functionality.
+	current decoderState
+
+	// sync stream decoding
+	syncStream struct {
+		decodedFrame uint64
+		br           readerWrapper
+		enabled      bool
+		inFrame      bool
+		dstBuf       []byte
+	}
+
+	frame *frameDec
+
+	// Custom dictionaries.
+	dicts map[uint32]*dict
+
+	// streamWg is the waitgroup for all streams
+	streamWg sync.WaitGroup
+}
+
+// decoderState is used for maintaining state when the decoder
+// is used for streaming.
+type decoderState struct {
+	// current block being written to stream.
+	decodeOutput
+
+	// output in order to be written to stream.
+	output chan decodeOutput
+
+	// cancel remaining output.
+	cancel context.CancelFunc
+
+	// crc of current frame
+	crc *xxhash.Digest
+
+	flushed bool
+}
+
+var (
+	// Check the interfaces we want to support.
+	_ = io.WriterTo(&Decoder{})
+	_ = io.Reader(&Decoder{})
+)
+
+// NewReader creates a new decoder.
+// A nil Reader can be provided in which case Reset can be used to start a decode.
+//
+// A Decoder can be used in two modes:
+//
+// 1) As a stream, or
+// 2) For stateless decoding using DecodeAll.
+//
+// Only a single stream can be decoded concurrently, but the same decoder
+// can run multiple concurrent stateless decodes. It is even possible to
+// use stateless decodes while a stream is being decoded.
+//
+// The Reset function can be used to initiate a new stream, which will considerably
+// reduce the allocations normally caused by NewReader.
+func NewReader(r io.Reader, opts ...DOption) (*Decoder, error) {
+	initPredefined()
+	var d Decoder
+	d.o.setDefault()
+	for _, o := range opts {
+		err := o(&d.o)
+		if err != nil {
+			return nil, err
+		}
+	}
+	d.current.crc = xxhash.New()
+	d.current.flushed = true
+
+	if r == nil {
+		d.current.err = ErrDecoderNilInput
+	}
+
+	// Transfer option dicts.
+	d.dicts = make(map[uint32]*dict, len(d.o.dicts))
+	for _, dc := range d.o.dicts {
+		d.dicts[dc.id] = dc
+	}
+	d.o.dicts = nil
+
+	// Create decoders
+	d.decoders = make(chan *blockDec, d.o.concurrent)
+	for i := 0; i < d.o.concurrent; i++ {
+		dec := newBlockDec(d.o.lowMem)
+		dec.localFrame = newFrameDec(d.o)
+		d.decoders <- dec
+	}
+
+	if r == nil {
+		return &d, nil
+	}
+	return &d, d.Reset(r)
+}
+
+// Read bytes from the decompressed stream into p.
+// Returns the number of bytes written and any error that occurred.
+// When the stream is done, io.EOF will be returned.
+func (d *Decoder) Read(p []byte) (int, error) {
+	var n int
+	for {
+		if len(d.current.b) > 0 {
+			filled := copy(p, d.current.b)
+			p = p[filled:]
+			d.current.b = d.current.b[filled:]
+			n += filled
+		}
+		if len(p) == 0 {
+			break
+		}
+		if len(d.current.b) == 0 {
+			// We have an error and no more data
+			if d.current.err != nil {
+				break
+			}
+			if !d.nextBlock(n == 0) {
+				return n, d.current.err
+			}
+		}
+	}
+	if len(d.current.b) > 0 {
+		if debugDecoder {
+			println("returning", n, "still bytes left:", len(d.current.b))
+		}
+		// Only return error at end of block
+		return n, nil
+	}
+	if d.current.err != nil {
+		d.drainOutput()
+	}
+	if debugDecoder {
+		println("returning", n, d.current.err, len(d.decoders))
+	}
+	return n, d.current.err
+}
+
+// Reset will reset the decoder the supplied stream after the current has finished processing.
+// Note that this functionality cannot be used after Close has been called.
+// Reset can be called with a nil reader to release references to the previous reader.
+// After being called with a nil reader, no other operations than Reset or DecodeAll or Close
+// should be used.
+func (d *Decoder) Reset(r io.Reader) error {
+	if d.current.err == ErrDecoderClosed {
+		return d.current.err
+	}
+
+	d.drainOutput()
+
+	d.syncStream.br.r = nil
+	if r == nil {
+		d.current.err = ErrDecoderNilInput
+		if len(d.current.b) > 0 {
+			d.current.b = d.current.b[:0]
+		}
+		d.current.flushed = true
+		return nil
+	}
+
+	// If bytes buffer and < 5MB, do sync decoding anyway.
+	if bb, ok := r.(byter); ok && bb.Len() < d.o.decodeBufsBelow && !d.o.limitToCap {
+		bb2 := bb
+		if debugDecoder {
+			println("*bytes.Buffer detected, doing sync decode, len:", bb.Len())
+		}
+		b := bb2.Bytes()
+		var dst []byte
+		if cap(d.syncStream.dstBuf) > 0 {
+			dst = d.syncStream.dstBuf[:0]
+		}
+
+		dst, err := d.DecodeAll(b, dst)
+		if err == nil {
+			err = io.EOF
+		}
+		// Save output buffer
+		d.syncStream.dstBuf = dst
+		d.current.b = dst
+		d.current.err = err
+		d.current.flushed = true
+		if debugDecoder {
+			println("sync decode to", len(dst), "bytes, err:", err)
+		}
+		return nil
+	}
+	// Remove current block.
+	d.stashDecoder()
+	d.current.decodeOutput = decodeOutput{}
+	d.current.err = nil
+	d.current.flushed = false
+	d.current.d = nil
+	d.syncStream.dstBuf = nil
+
+	// Ensure no-one else is still running...
+	d.streamWg.Wait()
+	if d.frame == nil {
+		d.frame = newFrameDec(d.o)
+	}
+
+	if d.o.concurrent == 1 {
+		return d.startSyncDecoder(r)
+	}
+
+	d.current.output = make(chan decodeOutput, d.o.concurrent)
+	ctx, cancel := context.WithCancel(context.Background())
+	d.current.cancel = cancel
+	d.streamWg.Add(1)
+	go d.startStreamDecoder(ctx, r, d.current.output)
+
+	return nil
+}
+
+// drainOutput will drain the output until errEndOfStream is sent.
+func (d *Decoder) drainOutput() {
+	if d.current.cancel != nil {
+		if debugDecoder {
+			println("cancelling current")
+		}
+		d.current.cancel()
+		d.current.cancel = nil
+	}
+	if d.current.d != nil {
+		if debugDecoder {
+			printf("re-adding current decoder %p, decoders: %d", d.current.d, len(d.decoders))
+		}
+		d.decoders <- d.current.d
+		d.current.d = nil
+		d.current.b = nil
+	}
+	if d.current.output == nil || d.current.flushed {
+		println("current already flushed")
+		return
+	}
+	for v := range d.current.output {
+		if v.d != nil {
+			if debugDecoder {
+				printf("re-adding decoder %p", v.d)
+			}
+			d.decoders <- v.d
+		}
+	}
+	d.current.output = nil
+	d.current.flushed = true
+}
+
+// WriteTo writes data to w until there's no more data to write or when an error occurs.
+// The return value n is the number of bytes written.
+// Any error encountered during the write is also returned.
+func (d *Decoder) WriteTo(w io.Writer) (int64, error) {
+	var n int64
+	for {
+		if len(d.current.b) > 0 {
+			n2, err2 := w.Write(d.current.b)
+			n += int64(n2)
+			if err2 != nil && (d.current.err == nil || d.current.err == io.EOF) {
+				d.current.err = err2
+			} else if n2 != len(d.current.b) {
+				d.current.err = io.ErrShortWrite
+			}
+		}
+		if d.current.err != nil {
+			break
+		}
+		d.nextBlock(true)
+	}
+	err := d.current.err
+	if err != nil {
+		d.drainOutput()
+	}
+	if err == io.EOF {
+		err = nil
+	}
+	return n, err
+}
+
+// DecodeAll allows stateless decoding of a blob of bytes.
+// Output will be appended to dst, so if the destination size is known
+// you can pre-allocate the destination slice to avoid allocations.
+// DecodeAll can be used concurrently.
+// The Decoder concurrency limits will be respected.
+func (d *Decoder) DecodeAll(input, dst []byte) ([]byte, error) {
+	if d.decoders == nil {
+		return dst, ErrDecoderClosed
+	}
+
+	// Grab a block decoder and frame decoder.
+	block := <-d.decoders
+	frame := block.localFrame
+	initialSize := len(dst)
+	defer func() {
+		if debugDecoder {
+			printf("re-adding decoder: %p", block)
+		}
+		frame.rawInput = nil
+		frame.bBuf = nil
+		if frame.history.decoders.br != nil {
+			frame.history.decoders.br.in = nil
+		}
+		d.decoders <- block
+	}()
+	frame.bBuf = input
+
+	for {
+		frame.history.reset()
+		err := frame.reset(&frame.bBuf)
+		if err != nil {
+			if err == io.EOF {
+				if debugDecoder {
+					println("frame reset return EOF")
+				}
+				return dst, nil
+			}
+			return dst, err
+		}
+		if err = d.setDict(frame); err != nil {
+			return nil, err
+		}
+		if frame.WindowSize > d.o.maxWindowSize {
+			if debugDecoder {
+				println("window size exceeded:", frame.WindowSize, ">", d.o.maxWindowSize)
+			}
+			return dst, ErrWindowSizeExceeded
+		}
+		if frame.FrameContentSize != fcsUnknown {
+			if frame.FrameContentSize > d.o.maxDecodedSize-uint64(len(dst)-initialSize) {
+				if debugDecoder {
+					println("decoder size exceeded; fcs:", frame.FrameContentSize, "> mcs:", d.o.maxDecodedSize-uint64(len(dst)-initialSize), "len:", len(dst))
+				}
+				return dst, ErrDecoderSizeExceeded
+			}
+			if d.o.limitToCap && frame.FrameContentSize > uint64(cap(dst)-len(dst)) {
+				if debugDecoder {
+					println("decoder size exceeded; fcs:", frame.FrameContentSize, "> (cap-len)", cap(dst)-len(dst))
+				}
+				return dst, ErrDecoderSizeExceeded
+			}
+			if cap(dst)-len(dst) < int(frame.FrameContentSize) {
+				dst2 := make([]byte, len(dst), len(dst)+int(frame.FrameContentSize)+compressedBlockOverAlloc)
+				copy(dst2, dst)
+				dst = dst2
+			}
+		}
+
+		if cap(dst) == 0 && !d.o.limitToCap {
+			// Allocate len(input) * 2 by default if nothing is provided
+			// and we didn't get frame content size.
+			size := len(input) * 2
+			// Cap to 1 MB.
+			if size > 1<<20 {
+				size = 1 << 20
+			}
+			if uint64(size) > d.o.maxDecodedSize {
+				size = int(d.o.maxDecodedSize)
+			}
+			dst = make([]byte, 0, size)
+		}
+
+		dst, err = frame.runDecoder(dst, block)
+		if err != nil {
+			return dst, err
+		}
+		if uint64(len(dst)-initialSize) > d.o.maxDecodedSize {
+			return dst, ErrDecoderSizeExceeded
+		}
+		if len(frame.bBuf) == 0 {
+			if debugDecoder {
+				println("frame dbuf empty")
+			}
+			break
+		}
+	}
+	return dst, nil
+}
+
+// nextBlock returns the next block.
+// If an error occurs d.err will be set.
+// Optionally the function can block for new output.
+// If non-blocking mode is used the returned boolean will be false
+// if no data was available without blocking.
+func (d *Decoder) nextBlock(blocking bool) (ok bool) {
+	if d.current.err != nil {
+		// Keep error state.
+		return false
+	}
+	d.current.b = d.current.b[:0]
+
+	// SYNC:
+	if d.syncStream.enabled {
+		if !blocking {
+			return false
+		}
+		ok = d.nextBlockSync()
+		if !ok {
+			d.stashDecoder()
+		}
+		return ok
+	}
+
+	//ASYNC:
+	d.stashDecoder()
+	if blocking {
+		d.current.decodeOutput, ok = <-d.current.output
+	} else {
+		select {
+		case d.current.decodeOutput, ok = <-d.current.output:
+		default:
+			return false
+		}
+	}
+	if !ok {
+		// This should not happen, so signal error state...
+		d.current.err = io.ErrUnexpectedEOF
+		return false
+	}
+	next := d.current.decodeOutput
+	if next.d != nil && next.d.async.newHist != nil {
+		d.current.crc.Reset()
+	}
+	if debugDecoder {
+		var tmp [4]byte
+		binary.LittleEndian.PutUint32(tmp[:], uint32(xxhash.Sum64(next.b)))
+		println("got", len(d.current.b), "bytes, error:", d.current.err, "data crc:", tmp)
+	}
+
+	if d.o.ignoreChecksum {
+		return true
+	}
+
+	if len(next.b) > 0 {
+		d.current.crc.Write(next.b)
+	}
+	if next.err == nil && next.d != nil && next.d.hasCRC {
+		got := uint32(d.current.crc.Sum64())
+		if got != next.d.checkCRC {
+			if debugDecoder {
+				printf("CRC Check Failed: %08x (got) != %08x (on stream)\n", got, next.d.checkCRC)
+			}
+			d.current.err = ErrCRCMismatch
+		} else {
+			if debugDecoder {
+				printf("CRC ok %08x\n", got)
+			}
+		}
+	}
+
+	return true
+}
+
+func (d *Decoder) nextBlockSync() (ok bool) {
+	if d.current.d == nil {
+		d.current.d = <-d.decoders
+	}
+	for len(d.current.b) == 0 {
+		if !d.syncStream.inFrame {
+			d.frame.history.reset()
+			d.current.err = d.frame.reset(&d.syncStream.br)
+			if d.current.err == nil {
+				d.current.err = d.setDict(d.frame)
+			}
+			if d.current.err != nil {
+				return false
+			}
+			if d.frame.WindowSize > d.o.maxDecodedSize || d.frame.WindowSize > d.o.maxWindowSize {
+				d.current.err = ErrDecoderSizeExceeded
+				return false
+			}
+
+			d.syncStream.decodedFrame = 0
+			d.syncStream.inFrame = true
+		}
+		d.current.err = d.frame.next(d.current.d)
+		if d.current.err != nil {
+			return false
+		}
+		d.frame.history.ensureBlock()
+		if debugDecoder {
+			println("History trimmed:", len(d.frame.history.b), "decoded already:", d.syncStream.decodedFrame)
+		}
+		histBefore := len(d.frame.history.b)
+		d.current.err = d.current.d.decodeBuf(&d.frame.history)
+
+		if d.current.err != nil {
+			println("error after:", d.current.err)
+			return false
+		}
+		d.current.b = d.frame.history.b[histBefore:]
+		if debugDecoder {
+			println("history after:", len(d.frame.history.b))
+		}
+
+		// Check frame size (before CRC)
+		d.syncStream.decodedFrame += uint64(len(d.current.b))
+		if d.syncStream.decodedFrame > d.frame.FrameContentSize {
+			if debugDecoder {
+				printf("DecodedFrame (%d) > FrameContentSize (%d)\n", d.syncStream.decodedFrame, d.frame.FrameContentSize)
+			}
+			d.current.err = ErrFrameSizeExceeded
+			return false
+		}
+
+		// Check FCS
+		if d.current.d.Last && d.frame.FrameContentSize != fcsUnknown && d.syncStream.decodedFrame != d.frame.FrameContentSize {
+			if debugDecoder {
+				printf("DecodedFrame (%d) != FrameContentSize (%d)\n", d.syncStream.decodedFrame, d.frame.FrameContentSize)
+			}
+			d.current.err = ErrFrameSizeMismatch
+			return false
+		}
+
+		// Update/Check CRC
+		if d.frame.HasCheckSum {
+			if !d.o.ignoreChecksum {
+				d.frame.crc.Write(d.current.b)
+			}
+			if d.current.d.Last {
+				if !d.o.ignoreChecksum {
+					d.current.err = d.frame.checkCRC()
+				} else {
+					d.current.err = d.frame.consumeCRC()
+				}
+				if d.current.err != nil {
+					println("CRC error:", d.current.err)
+					return false
+				}
+			}
+		}
+		d.syncStream.inFrame = !d.current.d.Last
+	}
+	return true
+}
+
+func (d *Decoder) stashDecoder() {
+	if d.current.d != nil {
+		if debugDecoder {
+			printf("re-adding current decoder %p", d.current.d)
+		}
+		d.decoders <- d.current.d
+		d.current.d = nil
+	}
+}
+
+// Close will release all resources.
+// It is NOT possible to reuse the decoder after this.
+func (d *Decoder) Close() {
+	if d.current.err == ErrDecoderClosed {
+		return
+	}
+	d.drainOutput()
+	if d.current.cancel != nil {
+		d.current.cancel()
+		d.streamWg.Wait()
+		d.current.cancel = nil
+	}
+	if d.decoders != nil {
+		close(d.decoders)
+		for dec := range d.decoders {
+			dec.Close()
+		}
+		d.decoders = nil
+	}
+	if d.current.d != nil {
+		d.current.d.Close()
+		d.current.d = nil
+	}
+	d.current.err = ErrDecoderClosed
+}
+
+// IOReadCloser returns the decoder as an io.ReadCloser for convenience.
+// Any changes to the decoder will be reflected, so the returned ReadCloser
+// can be reused along with the decoder.
+// io.WriterTo is also supported by the returned ReadCloser.
+func (d *Decoder) IOReadCloser() io.ReadCloser {
+	return closeWrapper{d: d}
+}
+
+// closeWrapper wraps a function call as a closer.
+type closeWrapper struct {
+	d *Decoder
+}
+
+// WriteTo forwards WriteTo calls to the decoder.
+func (c closeWrapper) WriteTo(w io.Writer) (n int64, err error) {
+	return c.d.WriteTo(w)
+}
+
+// Read forwards read calls to the decoder.
+func (c closeWrapper) Read(p []byte) (n int, err error) {
+	return c.d.Read(p)
+}
+
+// Close closes the decoder.
+func (c closeWrapper) Close() error {
+	c.d.Close()
+	return nil
+}
+
+type decodeOutput struct {
+	d   *blockDec
+	b   []byte
+	err error
+}
+
+func (d *Decoder) startSyncDecoder(r io.Reader) error {
+	d.frame.history.reset()
+	d.syncStream.br = readerWrapper{r: r}
+	d.syncStream.inFrame = false
+	d.syncStream.enabled = true
+	d.syncStream.decodedFrame = 0
+	return nil
+}
+
+// Create Decoder:
+// ASYNC:
+// Spawn 3 go routines.
+// 0: Read frames and decode block literals.
+// 1: Decode sequences.
+// 2: Execute sequences, send to output.
+func (d *Decoder) startStreamDecoder(ctx context.Context, r io.Reader, output chan decodeOutput) {
+	defer d.streamWg.Done()
+	br := readerWrapper{r: r}
+
+	var seqDecode = make(chan *blockDec, d.o.concurrent)
+	var seqExecute = make(chan *blockDec, d.o.concurrent)
+
+	// Async 1: Decode sequences...
+	go func() {
+		var hist history
+		var hasErr bool
+
+		for block := range seqDecode {
+			if hasErr {
+				if block != nil {
+					seqExecute <- block
+				}
+				continue
+			}
+			if block.async.newHist != nil {
+				if debugDecoder {
+					println("Async 1: new history, recent:", block.async.newHist.recentOffsets)
+				}
+				hist.reset()
+				hist.decoders = block.async.newHist.decoders
+				hist.recentOffsets = block.async.newHist.recentOffsets
+				hist.windowSize = block.async.newHist.windowSize
+				if block.async.newHist.dict != nil {
+					hist.setDict(block.async.newHist.dict)
+				}
+			}
+			if block.err != nil || block.Type != blockTypeCompressed {
+				hasErr = block.err != nil
+				seqExecute <- block
+				continue
+			}
+
+			hist.decoders.literals = block.async.literals
+			block.err = block.prepareSequences(block.async.seqData, &hist)
+			if debugDecoder && block.err != nil {
+				println("prepareSequences returned:", block.err)
+			}
+			hasErr = block.err != nil
+			if block.err == nil {
+				block.err = block.decodeSequences(&hist)
+				if debugDecoder && block.err != nil {
+					println("decodeSequences returned:", block.err)
+				}
+				hasErr = block.err != nil
+				//				block.async.sequence = hist.decoders.seq[:hist.decoders.nSeqs]
+				block.async.seqSize = hist.decoders.seqSize
+			}
+			seqExecute <- block
+		}
+		close(seqExecute)
+		hist.reset()
+	}()
+
+	var wg sync.WaitGroup
+	wg.Add(1)
+
+	// Async 3: Execute sequences...
+	frameHistCache := d.frame.history.b
+	go func() {
+		var hist history
+		var decodedFrame uint64
+		var fcs uint64
+		var hasErr bool
+		for block := range seqExecute {
+			out := decodeOutput{err: block.err, d: block}
+			if block.err != nil || hasErr {
+				hasErr = true
+				output <- out
+				continue
+			}
+			if block.async.newHist != nil {
+				if debugDecoder {
+					println("Async 2: new history")
+				}
+				hist.reset()
+				hist.windowSize = block.async.newHist.windowSize
+				hist.allocFrameBuffer = block.async.newHist.allocFrameBuffer
+				if block.async.newHist.dict != nil {
+					hist.setDict(block.async.newHist.dict)
+				}
+
+				if cap(hist.b) < hist.allocFrameBuffer {
+					if cap(frameHistCache) >= hist.allocFrameBuffer {
+						hist.b = frameHistCache
+					} else {
+						hist.b = make([]byte, 0, hist.allocFrameBuffer)
+						println("Alloc history sized", hist.allocFrameBuffer)
+					}
+				}
+				hist.b = hist.b[:0]
+				fcs = block.async.fcs
+				decodedFrame = 0
+			}
+			do := decodeOutput{err: block.err, d: block}
+			switch block.Type {
+			case blockTypeRLE:
+				if debugDecoder {
+					println("add rle block length:", block.RLESize)
+				}
+
+				if cap(block.dst) < int(block.RLESize) {
+					if block.lowMem {
+						block.dst = make([]byte, block.RLESize)
+					} else {
+						block.dst = make([]byte, maxCompressedBlockSize)
+					}
+				}
+				block.dst = block.dst[:block.RLESize]
+				v := block.data[0]
+				for i := range block.dst {
+					block.dst[i] = v
+				}
+				hist.append(block.dst)
+				do.b = block.dst
+			case blockTypeRaw:
+				if debugDecoder {
+					println("add raw block length:", len(block.data))
+				}
+				hist.append(block.data)
+				do.b = block.data
+			case blockTypeCompressed:
+				if debugDecoder {
+					println("execute with history length:", len(hist.b), "window:", hist.windowSize)
+				}
+				hist.decoders.seqSize = block.async.seqSize
+				hist.decoders.literals = block.async.literals
+				do.err = block.executeSequences(&hist)
+				hasErr = do.err != nil
+				if debugDecoder && hasErr {
+					println("executeSequences returned:", do.err)
+				}
+				do.b = block.dst
+			}
+			if !hasErr {
+				decodedFrame += uint64(len(do.b))
+				if decodedFrame > fcs {
+					println("fcs exceeded", block.Last, fcs, decodedFrame)
+					do.err = ErrFrameSizeExceeded
+					hasErr = true
+				} else if block.Last && fcs != fcsUnknown && decodedFrame != fcs {
+					do.err = ErrFrameSizeMismatch
+					hasErr = true
+				} else {
+					if debugDecoder {
+						println("fcs ok", block.Last, fcs, decodedFrame)
+					}
+				}
+			}
+			output <- do
+		}
+		close(output)
+		frameHistCache = hist.b
+		wg.Done()
+		if debugDecoder {
+			println("decoder goroutines finished")
+		}
+		hist.reset()
+	}()
+
+	var hist history
+decodeStream:
+	for {
+		var hasErr bool
+		hist.reset()
+		decodeBlock := func(block *blockDec) {
+			if hasErr {
+				if block != nil {
+					seqDecode <- block
+				}
+				return
+			}
+			if block.err != nil || block.Type != blockTypeCompressed {
+				hasErr = block.err != nil
+				seqDecode <- block
+				return
+			}
+
+			remain, err := block.decodeLiterals(block.data, &hist)
+			block.err = err
+			hasErr = block.err != nil
+			if err == nil {
+				block.async.literals = hist.decoders.literals
+				block.async.seqData = remain
+			} else if debugDecoder {
+				println("decodeLiterals error:", err)
+			}
+			seqDecode <- block
+		}
+		frame := d.frame
+		if debugDecoder {
+			println("New frame...")
+		}
+		var historySent bool
+		frame.history.reset()
+		err := frame.reset(&br)
+		if debugDecoder && err != nil {
+			println("Frame decoder returned", err)
+		}
+		if err == nil {
+			err = d.setDict(frame)
+		}
+		if err == nil && d.frame.WindowSize > d.o.maxWindowSize {
+			if debugDecoder {
+				println("decoder size exceeded, fws:", d.frame.WindowSize, "> mws:", d.o.maxWindowSize)
+			}
+
+			err = ErrDecoderSizeExceeded
+		}
+		if err != nil {
+			select {
+			case <-ctx.Done():
+			case dec := <-d.decoders:
+				dec.sendErr(err)
+				decodeBlock(dec)
+			}
+			break decodeStream
+		}
+
+		// Go through all blocks of the frame.
+		for {
+			var dec *blockDec
+			select {
+			case <-ctx.Done():
+				break decodeStream
+			case dec = <-d.decoders:
+				// Once we have a decoder, we MUST return it.
+			}
+			err := frame.next(dec)
+			if !historySent {
+				h := frame.history
+				if debugDecoder {
+					println("Alloc History:", h.allocFrameBuffer)
+				}
+				hist.reset()
+				if h.dict != nil {
+					hist.setDict(h.dict)
+				}
+				dec.async.newHist = &h
+				dec.async.fcs = frame.FrameContentSize
+				historySent = true
+			} else {
+				dec.async.newHist = nil
+			}
+			if debugDecoder && err != nil {
+				println("next block returned error:", err)
+			}
+			dec.err = err
+			dec.hasCRC = false
+			if dec.Last && frame.HasCheckSum && err == nil {
+				crc, err := frame.rawInput.readSmall(4)
+				if len(crc) < 4 {
+					if err == nil {
+						err = io.ErrUnexpectedEOF
+
+					}
+					println("CRC missing?", err)
+					dec.err = err
+				} else {
+					dec.checkCRC = binary.LittleEndian.Uint32(crc)
+					dec.hasCRC = true
+					if debugDecoder {
+						printf("found crc to check: %08x\n", dec.checkCRC)
+					}
+				}
+			}
+			err = dec.err
+			last := dec.Last
+			decodeBlock(dec)
+			if err != nil {
+				break decodeStream
+			}
+			if last {
+				break
+			}
+		}
+	}
+	close(seqDecode)
+	wg.Wait()
+	hist.reset()
+	d.frame.history.b = frameHistCache
+}
+
+func (d *Decoder) setDict(frame *frameDec) (err error) {
+	dict, ok := d.dicts[frame.DictionaryID]
+	if ok {
+		if debugDecoder {
+			println("setting dict", frame.DictionaryID)
+		}
+		frame.history.setDict(dict)
+	} else if frame.DictionaryID != 0 {
+		// A zero or missing dictionary id is ambiguous:
+		// either dictionary zero, or no dictionary. In particular,
+		// zstd --patch-from uses this id for the source file,
+		// so only return an error if the dictionary id is not zero.
+		err = ErrUnknownDictionary
+	}
+	return err
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/decoder_options.go b/vendor/github.com/klauspost/compress/zstd/decoder_options.go
new file mode 100644
index 000000000..774c5f00f
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/decoder_options.go
@@ -0,0 +1,169 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"errors"
+	"fmt"
+	"math/bits"
+	"runtime"
+)
+
+// DOption is an option for creating a decoder.
+type DOption func(*decoderOptions) error
+
+// options retains accumulated state of multiple options.
+type decoderOptions struct {
+	lowMem          bool
+	concurrent      int
+	maxDecodedSize  uint64
+	maxWindowSize   uint64
+	dicts           []*dict
+	ignoreChecksum  bool
+	limitToCap      bool
+	decodeBufsBelow int
+}
+
+func (o *decoderOptions) setDefault() {
+	*o = decoderOptions{
+		// use less ram: true for now, but may change.
+		lowMem:          true,
+		concurrent:      runtime.GOMAXPROCS(0),
+		maxWindowSize:   MaxWindowSize,
+		decodeBufsBelow: 128 << 10,
+	}
+	if o.concurrent > 4 {
+		o.concurrent = 4
+	}
+	o.maxDecodedSize = 64 << 30
+}
+
+// WithDecoderLowmem will set whether to use a lower amount of memory,
+// but possibly have to allocate more while running.
+func WithDecoderLowmem(b bool) DOption {
+	return func(o *decoderOptions) error { o.lowMem = b; return nil }
+}
+
+// WithDecoderConcurrency sets the number of created decoders.
+// When decoding block with DecodeAll, this will limit the number
+// of possible concurrently running decodes.
+// When decoding streams, this will limit the number of
+// inflight blocks.
+// When decoding streams and setting maximum to 1,
+// no async decoding will be done.
+// When a value of 0 is provided GOMAXPROCS will be used.
+// By default this will be set to 4 or GOMAXPROCS, whatever is lower.
+func WithDecoderConcurrency(n int) DOption {
+	return func(o *decoderOptions) error {
+		if n < 0 {
+			return errors.New("concurrency must be at least 1")
+		}
+		if n == 0 {
+			o.concurrent = runtime.GOMAXPROCS(0)
+		} else {
+			o.concurrent = n
+		}
+		return nil
+	}
+}
+
+// WithDecoderMaxMemory allows to set a maximum decoded size for in-memory
+// non-streaming operations or maximum window size for streaming operations.
+// This can be used to control memory usage of potentially hostile content.
+// Maximum is 1 << 63 bytes. Default is 64GiB.
+func WithDecoderMaxMemory(n uint64) DOption {
+	return func(o *decoderOptions) error {
+		if n == 0 {
+			return errors.New("WithDecoderMaxMemory must be at least 1")
+		}
+		if n > 1<<63 {
+			return errors.New("WithDecoderMaxmemory must be less than 1 << 63")
+		}
+		o.maxDecodedSize = n
+		return nil
+	}
+}
+
+// WithDecoderDicts allows to register one or more dictionaries for the decoder.
+//
+// Each slice in dict must be in the [dictionary format] produced by
+// "zstd --train" from the Zstandard reference implementation.
+//
+// If several dictionaries with the same ID are provided, the last one will be used.
+//
+// [dictionary format]: https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#dictionary-format
+func WithDecoderDicts(dicts ...[]byte) DOption {
+	return func(o *decoderOptions) error {
+		for _, b := range dicts {
+			d, err := loadDict(b)
+			if err != nil {
+				return err
+			}
+			o.dicts = append(o.dicts, d)
+		}
+		return nil
+	}
+}
+
+// WithDecoderDictRaw registers a dictionary that may be used by the decoder.
+// The slice content can be arbitrary data.
+func WithDecoderDictRaw(id uint32, content []byte) DOption {
+	return func(o *decoderOptions) error {
+		if bits.UintSize > 32 && uint(len(content)) > dictMaxLength {
+			return fmt.Errorf("dictionary of size %d > 2GiB too large", len(content))
+		}
+		o.dicts = append(o.dicts, &dict{id: id, content: content, offsets: [3]int{1, 4, 8}})
+		return nil
+	}
+}
+
+// WithDecoderMaxWindow allows to set a maximum window size for decodes.
+// This allows rejecting packets that will cause big memory usage.
+// The Decoder will likely allocate more memory based on the WithDecoderLowmem setting.
+// If WithDecoderMaxMemory is set to a lower value, that will be used.
+// Default is 512MB, Maximum is ~3.75 TB as per zstandard spec.
+func WithDecoderMaxWindow(size uint64) DOption {
+	return func(o *decoderOptions) error {
+		if size < MinWindowSize {
+			return errors.New("WithMaxWindowSize must be at least 1KB, 1024 bytes")
+		}
+		if size > (1<<41)+7*(1<<38) {
+			return errors.New("WithMaxWindowSize must be less than (1<<41) + 7*(1<<38) ~ 3.75TB")
+		}
+		o.maxWindowSize = size
+		return nil
+	}
+}
+
+// WithDecodeAllCapLimit will limit DecodeAll to decoding cap(dst)-len(dst) bytes,
+// or any size set in WithDecoderMaxMemory.
+// This can be used to limit decoding to a specific maximum output size.
+// Disabled by default.
+func WithDecodeAllCapLimit(b bool) DOption {
+	return func(o *decoderOptions) error {
+		o.limitToCap = b
+		return nil
+	}
+}
+
+// WithDecodeBuffersBelow will fully decode readers that have a
+// `Bytes() []byte` and `Len() int` interface similar to bytes.Buffer.
+// This typically uses less allocations but will have the full decompressed object in memory.
+// Note that DecodeAllCapLimit will disable this, as well as giving a size of 0 or less.
+// Default is 128KiB.
+func WithDecodeBuffersBelow(size int) DOption {
+	return func(o *decoderOptions) error {
+		o.decodeBufsBelow = size
+		return nil
+	}
+}
+
+// IgnoreChecksum allows to forcibly ignore checksum checking.
+func IgnoreChecksum(b bool) DOption {
+	return func(o *decoderOptions) error {
+		o.ignoreChecksum = b
+		return nil
+	}
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/dict.go b/vendor/github.com/klauspost/compress/zstd/dict.go
new file mode 100644
index 000000000..b7b83164b
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/dict.go
@@ -0,0 +1,565 @@
+package zstd
+
+import (
+	"bytes"
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"io"
+	"math"
+	"sort"
+
+	"github.com/klauspost/compress/huff0"
+)
+
+type dict struct {
+	id uint32
+
+	litEnc              *huff0.Scratch
+	llDec, ofDec, mlDec sequenceDec
+	offsets             [3]int
+	content             []byte
+}
+
+const dictMagic = "\x37\xa4\x30\xec"
+
+// Maximum dictionary size for the reference implementation (1.5.3) is 2 GiB.
+const dictMaxLength = 1 << 31
+
+// ID returns the dictionary id or 0 if d is nil.
+func (d *dict) ID() uint32 {
+	if d == nil {
+		return 0
+	}
+	return d.id
+}
+
+// ContentSize returns the dictionary content size or 0 if d is nil.
+func (d *dict) ContentSize() int {
+	if d == nil {
+		return 0
+	}
+	return len(d.content)
+}
+
+// Content returns the dictionary content.
+func (d *dict) Content() []byte {
+	if d == nil {
+		return nil
+	}
+	return d.content
+}
+
+// Offsets returns the initial offsets.
+func (d *dict) Offsets() [3]int {
+	if d == nil {
+		return [3]int{}
+	}
+	return d.offsets
+}
+
+// LitEncoder returns the literal encoder.
+func (d *dict) LitEncoder() *huff0.Scratch {
+	if d == nil {
+		return nil
+	}
+	return d.litEnc
+}
+
+// Load a dictionary as described in
+// https://github.com/facebook/zstd/blob/master/doc/zstd_compression_format.md#dictionary-format
+func loadDict(b []byte) (*dict, error) {
+	// Check static field size.
+	if len(b) <= 8+(3*4) {
+		return nil, io.ErrUnexpectedEOF
+	}
+	d := dict{
+		llDec: sequenceDec{fse: &fseDecoder{}},
+		ofDec: sequenceDec{fse: &fseDecoder{}},
+		mlDec: sequenceDec{fse: &fseDecoder{}},
+	}
+	if string(b[:4]) != dictMagic {
+		return nil, ErrMagicMismatch
+	}
+	d.id = binary.LittleEndian.Uint32(b[4:8])
+	if d.id == 0 {
+		return nil, errors.New("dictionaries cannot have ID 0")
+	}
+
+	// Read literal table
+	var err error
+	d.litEnc, b, err = huff0.ReadTable(b[8:], nil)
+	if err != nil {
+		return nil, fmt.Errorf("loading literal table: %w", err)
+	}
+	d.litEnc.Reuse = huff0.ReusePolicyMust
+
+	br := byteReader{
+		b:   b,
+		off: 0,
+	}
+	readDec := func(i tableIndex, dec *fseDecoder) error {
+		if err := dec.readNCount(&br, uint16(maxTableSymbol[i])); err != nil {
+			return err
+		}
+		if br.overread() {
+			return io.ErrUnexpectedEOF
+		}
+		err = dec.transform(symbolTableX[i])
+		if err != nil {
+			println("Transform table error:", err)
+			return err
+		}
+		if debugDecoder || debugEncoder {
+			println("Read table ok", "symbolLen:", dec.symbolLen)
+		}
+		// Set decoders as predefined so they aren't reused.
+		dec.preDefined = true
+		return nil
+	}
+
+	if err := readDec(tableOffsets, d.ofDec.fse); err != nil {
+		return nil, err
+	}
+	if err := readDec(tableMatchLengths, d.mlDec.fse); err != nil {
+		return nil, err
+	}
+	if err := readDec(tableLiteralLengths, d.llDec.fse); err != nil {
+		return nil, err
+	}
+	if br.remain() < 12 {
+		return nil, io.ErrUnexpectedEOF
+	}
+
+	d.offsets[0] = int(br.Uint32())
+	br.advance(4)
+	d.offsets[1] = int(br.Uint32())
+	br.advance(4)
+	d.offsets[2] = int(br.Uint32())
+	br.advance(4)
+	if d.offsets[0] <= 0 || d.offsets[1] <= 0 || d.offsets[2] <= 0 {
+		return nil, errors.New("invalid offset in dictionary")
+	}
+	d.content = make([]byte, br.remain())
+	copy(d.content, br.unread())
+	if d.offsets[0] > len(d.content) || d.offsets[1] > len(d.content) || d.offsets[2] > len(d.content) {
+		return nil, fmt.Errorf("initial offset bigger than dictionary content size %d, offsets: %v", len(d.content), d.offsets)
+	}
+
+	return &d, nil
+}
+
+// InspectDictionary loads a zstd dictionary and provides functions to inspect the content.
+func InspectDictionary(b []byte) (interface {
+	ID() uint32
+	ContentSize() int
+	Content() []byte
+	Offsets() [3]int
+	LitEncoder() *huff0.Scratch
+}, error) {
+	initPredefined()
+	d, err := loadDict(b)
+	return d, err
+}
+
+type BuildDictOptions struct {
+	// Dictionary ID.
+	ID uint32
+
+	// Content to use to create dictionary tables.
+	Contents [][]byte
+
+	// History to use for all blocks.
+	History []byte
+
+	// Offsets to use.
+	Offsets [3]int
+
+	// CompatV155 will make the dictionary compatible with Zstd v1.5.5 and earlier.
+	// See https://github.com/facebook/zstd/issues/3724
+	CompatV155 bool
+
+	// Use the specified encoder level.
+	// The dictionary will be built using the specified encoder level,
+	// which will reflect speed and make the dictionary tailored for that level.
+	// If not set SpeedBestCompression will be used.
+	Level EncoderLevel
+
+	// DebugOut will write stats and other details here if set.
+	DebugOut io.Writer
+}
+
+func BuildDict(o BuildDictOptions) ([]byte, error) {
+	initPredefined()
+	hist := o.History
+	contents := o.Contents
+	debug := o.DebugOut != nil
+	println := func(args ...interface{}) {
+		if o.DebugOut != nil {
+			fmt.Fprintln(o.DebugOut, args...)
+		}
+	}
+	printf := func(s string, args ...interface{}) {
+		if o.DebugOut != nil {
+			fmt.Fprintf(o.DebugOut, s, args...)
+		}
+	}
+	print := func(args ...interface{}) {
+		if o.DebugOut != nil {
+			fmt.Fprint(o.DebugOut, args...)
+		}
+	}
+
+	if int64(len(hist)) > dictMaxLength {
+		return nil, fmt.Errorf("dictionary of size %d > %d", len(hist), int64(dictMaxLength))
+	}
+	if len(hist) < 8 {
+		return nil, fmt.Errorf("dictionary of size %d < %d", len(hist), 8)
+	}
+	if len(contents) == 0 {
+		return nil, errors.New("no content provided")
+	}
+	d := dict{
+		id:      o.ID,
+		litEnc:  nil,
+		llDec:   sequenceDec{},
+		ofDec:   sequenceDec{},
+		mlDec:   sequenceDec{},
+		offsets: o.Offsets,
+		content: hist,
+	}
+	block := blockEnc{lowMem: false}
+	block.init()
+	enc := encoder(&bestFastEncoder{fastBase: fastBase{maxMatchOff: int32(maxMatchLen), bufferReset: math.MaxInt32 - int32(maxMatchLen*2), lowMem: false}})
+	if o.Level != 0 {
+		eOpts := encoderOptions{
+			level:      o.Level,
+			blockSize:  maxMatchLen,
+			windowSize: maxMatchLen,
+			dict:       &d,
+			lowMem:     false,
+		}
+		enc = eOpts.encoder()
+	} else {
+		o.Level = SpeedBestCompression
+	}
+	var (
+		remain [256]int
+		ll     [256]int
+		ml     [256]int
+		of     [256]int
+	)
+	addValues := func(dst *[256]int, src []byte) {
+		for _, v := range src {
+			dst[v]++
+		}
+	}
+	addHist := func(dst *[256]int, src *[256]uint32) {
+		for i, v := range src {
+			dst[i] += int(v)
+		}
+	}
+	seqs := 0
+	nUsed := 0
+	litTotal := 0
+	newOffsets := make(map[uint32]int, 1000)
+	for _, b := range contents {
+		block.reset(nil)
+		if len(b) < 8 {
+			continue
+		}
+		nUsed++
+		enc.Reset(&d, true)
+		enc.Encode(&block, b)
+		addValues(&remain, block.literals)
+		litTotal += len(block.literals)
+		if len(block.sequences) == 0 {
+			continue
+		}
+		seqs += len(block.sequences)
+		block.genCodes()
+		addHist(&ll, block.coders.llEnc.Histogram())
+		addHist(&ml, block.coders.mlEnc.Histogram())
+		addHist(&of, block.coders.ofEnc.Histogram())
+		for i, seq := range block.sequences {
+			if i > 3 {
+				break
+			}
+			offset := seq.offset
+			if offset == 0 {
+				continue
+			}
+			if int(offset) >= len(o.History) {
+				continue
+			}
+			if offset > 3 {
+				newOffsets[offset-3]++
+			} else {
+				newOffsets[uint32(o.Offsets[offset-1])]++
+			}
+		}
+	}
+	// Find most used offsets.
+	var sortedOffsets []uint32
+	for k := range newOffsets {
+		sortedOffsets = append(sortedOffsets, k)
+	}
+	sort.Slice(sortedOffsets, func(i, j int) bool {
+		a, b := sortedOffsets[i], sortedOffsets[j]
+		if a == b {
+			// Prefer the longer offset
+			return sortedOffsets[i] > sortedOffsets[j]
+		}
+		return newOffsets[sortedOffsets[i]] > newOffsets[sortedOffsets[j]]
+	})
+	if len(sortedOffsets) > 3 {
+		if debug {
+			print("Offsets:")
+			for i, v := range sortedOffsets {
+				if i > 20 {
+					break
+				}
+				printf("[%d: %d],", v, newOffsets[v])
+			}
+			println("")
+		}
+
+		sortedOffsets = sortedOffsets[:3]
+	}
+	for i, v := range sortedOffsets {
+		o.Offsets[i] = int(v)
+	}
+	if debug {
+		println("New repeat offsets", o.Offsets)
+	}
+
+	if nUsed == 0 || seqs == 0 {
+		return nil, fmt.Errorf("%d blocks, %d sequences found", nUsed, seqs)
+	}
+	if debug {
+		println("Sequences:", seqs, "Blocks:", nUsed, "Literals:", litTotal)
+	}
+	if seqs/nUsed < 512 {
+		// Use 512 as minimum.
+		nUsed = seqs / 512
+		if nUsed == 0 {
+			nUsed = 1
+		}
+	}
+	copyHist := func(dst *fseEncoder, src *[256]int) ([]byte, error) {
+		hist := dst.Histogram()
+		var maxSym uint8
+		var maxCount int
+		var fakeLength int
+		for i, v := range src {
+			if v > 0 {
+				v = v / nUsed
+				if v == 0 {
+					v = 1
+				}
+			}
+			if v > maxCount {
+				maxCount = v
+			}
+			if v != 0 {
+				maxSym = uint8(i)
+			}
+			fakeLength += v
+			hist[i] = uint32(v)
+		}
+
+		// Ensure we aren't trying to represent RLE.
+		if maxCount == fakeLength {
+			for i := range hist {
+				if uint8(i) == maxSym {
+					fakeLength++
+					maxSym++
+					hist[i+1] = 1
+					if maxSym > 1 {
+						break
+					}
+				}
+				if hist[0] == 0 {
+					fakeLength++
+					hist[i] = 1
+					if maxSym > 1 {
+						break
+					}
+				}
+			}
+		}
+
+		dst.HistogramFinished(maxSym, maxCount)
+		dst.reUsed = false
+		dst.useRLE = false
+		err := dst.normalizeCount(fakeLength)
+		if err != nil {
+			return nil, err
+		}
+		if debug {
+			println("RAW:", dst.count[:maxSym+1], "NORM:", dst.norm[:maxSym+1], "LEN:", fakeLength)
+		}
+		return dst.writeCount(nil)
+	}
+	if debug {
+		print("Literal lengths: ")
+	}
+	llTable, err := copyHist(block.coders.llEnc, &ll)
+	if err != nil {
+		return nil, err
+	}
+	if debug {
+		print("Match lengths: ")
+	}
+	mlTable, err := copyHist(block.coders.mlEnc, &ml)
+	if err != nil {
+		return nil, err
+	}
+	if debug {
+		print("Offsets: ")
+	}
+	ofTable, err := copyHist(block.coders.ofEnc, &of)
+	if err != nil {
+		return nil, err
+	}
+
+	// Literal table
+	avgSize := litTotal
+	if avgSize > huff0.BlockSizeMax/2 {
+		avgSize = huff0.BlockSizeMax / 2
+	}
+	huffBuff := make([]byte, 0, avgSize)
+	// Target size
+	div := litTotal / avgSize
+	if div < 1 {
+		div = 1
+	}
+	if debug {
+		println("Huffman weights:")
+	}
+	for i, n := range remain[:] {
+		if n > 0 {
+			n = n / div
+			// Allow all entries to be represented.
+			if n == 0 {
+				n = 1
+			}
+			huffBuff = append(huffBuff, bytes.Repeat([]byte{byte(i)}, n)...)
+			if debug {
+				printf("[%d: %d], ", i, n)
+			}
+		}
+	}
+	if o.CompatV155 && remain[255]/div == 0 {
+		huffBuff = append(huffBuff, 255)
+	}
+	scratch := &huff0.Scratch{TableLog: 11}
+	for tries := 0; tries < 255; tries++ {
+		scratch = &huff0.Scratch{TableLog: 11}
+		_, _, err = huff0.Compress1X(huffBuff, scratch)
+		if err == nil {
+			break
+		}
+		if debug {
+			printf("Try %d: Huffman error: %v\n", tries+1, err)
+		}
+		huffBuff = huffBuff[:0]
+		if tries == 250 {
+			if debug {
+				println("Huffman: Bailing out with predefined table")
+			}
+
+			// Bail out.... Just generate something
+			huffBuff = append(huffBuff, bytes.Repeat([]byte{255}, 10000)...)
+			for i := 0; i < 128; i++ {
+				huffBuff = append(huffBuff, byte(i))
+			}
+			continue
+		}
+		if errors.Is(err, huff0.ErrIncompressible) {
+			// Try truncating least common.
+			for i, n := range remain[:] {
+				if n > 0 {
+					n = n / (div * (i + 1))
+					if n > 0 {
+						huffBuff = append(huffBuff, bytes.Repeat([]byte{byte(i)}, n)...)
+					}
+				}
+			}
+			if o.CompatV155 && len(huffBuff) > 0 && huffBuff[len(huffBuff)-1] != 255 {
+				huffBuff = append(huffBuff, 255)
+			}
+			if len(huffBuff) == 0 {
+				huffBuff = append(huffBuff, 0, 255)
+			}
+		}
+		if errors.Is(err, huff0.ErrUseRLE) {
+			for i, n := range remain[:] {
+				n = n / (div * (i + 1))
+				// Allow all entries to be represented.
+				if n == 0 {
+					n = 1
+				}
+				huffBuff = append(huffBuff, bytes.Repeat([]byte{byte(i)}, n)...)
+			}
+		}
+	}
+
+	var out bytes.Buffer
+	out.Write([]byte(dictMagic))
+	out.Write(binary.LittleEndian.AppendUint32(nil, o.ID))
+	out.Write(scratch.OutTable)
+	if debug {
+		println("huff table:", len(scratch.OutTable), "bytes")
+		println("of table:", len(ofTable), "bytes")
+		println("ml table:", len(mlTable), "bytes")
+		println("ll table:", len(llTable), "bytes")
+	}
+	out.Write(ofTable)
+	out.Write(mlTable)
+	out.Write(llTable)
+	out.Write(binary.LittleEndian.AppendUint32(nil, uint32(o.Offsets[0])))
+	out.Write(binary.LittleEndian.AppendUint32(nil, uint32(o.Offsets[1])))
+	out.Write(binary.LittleEndian.AppendUint32(nil, uint32(o.Offsets[2])))
+	out.Write(hist)
+	if debug {
+		_, err := loadDict(out.Bytes())
+		if err != nil {
+			panic(err)
+		}
+		i, err := InspectDictionary(out.Bytes())
+		if err != nil {
+			panic(err)
+		}
+		println("ID:", i.ID())
+		println("Content size:", i.ContentSize())
+		println("Encoder:", i.LitEncoder() != nil)
+		println("Offsets:", i.Offsets())
+		var totalSize int
+		for _, b := range contents {
+			totalSize += len(b)
+		}
+
+		encWith := func(opts ...EOption) int {
+			enc, err := NewWriter(nil, opts...)
+			if err != nil {
+				panic(err)
+			}
+			defer enc.Close()
+			var dst []byte
+			var totalSize int
+			for _, b := range contents {
+				dst = enc.EncodeAll(b, dst[:0])
+				totalSize += len(dst)
+			}
+			return totalSize
+		}
+		plain := encWith(WithEncoderLevel(o.Level))
+		withDict := encWith(WithEncoderLevel(o.Level), WithEncoderDict(out.Bytes()))
+		println("Input size:", totalSize)
+		println("Plain Compressed:", plain)
+		println("Dict Compressed:", withDict)
+		println("Saved:", plain-withDict, (plain-withDict)/len(contents), "bytes per input (rounded down)")
+	}
+	return out.Bytes(), nil
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_base.go b/vendor/github.com/klauspost/compress/zstd/enc_base.go
new file mode 100644
index 000000000..5ca46038a
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/enc_base.go
@@ -0,0 +1,173 @@
+package zstd
+
+import (
+	"fmt"
+	"math/bits"
+
+	"github.com/klauspost/compress/zstd/internal/xxhash"
+)
+
+const (
+	dictShardBits = 6
+)
+
+type fastBase struct {
+	// cur is the offset at the start of hist
+	cur int32
+	// maximum offset. Should be at least 2x block size.
+	maxMatchOff int32
+	bufferReset int32
+	hist        []byte
+	crc         *xxhash.Digest
+	tmp         [8]byte
+	blk         *blockEnc
+	lastDictID  uint32
+	lowMem      bool
+}
+
+// CRC returns the underlying CRC writer.
+func (e *fastBase) CRC() *xxhash.Digest {
+	return e.crc
+}
+
+// AppendCRC will append the CRC to the destination slice and return it.
+func (e *fastBase) AppendCRC(dst []byte) []byte {
+	crc := e.crc.Sum(e.tmp[:0])
+	dst = append(dst, crc[7], crc[6], crc[5], crc[4])
+	return dst
+}
+
+// WindowSize returns the window size of the encoder,
+// or a window size small enough to contain the input size, if > 0.
+func (e *fastBase) WindowSize(size int64) int32 {
+	if size > 0 && size < int64(e.maxMatchOff) {
+		b := int32(1) << uint(bits.Len(uint(size)))
+		// Keep minimum window.
+		if b < 1024 {
+			b = 1024
+		}
+		return b
+	}
+	return e.maxMatchOff
+}
+
+// Block returns the current block.
+func (e *fastBase) Block() *blockEnc {
+	return e.blk
+}
+
+func (e *fastBase) addBlock(src []byte) int32 {
+	if debugAsserts && e.cur > e.bufferReset {
+		panic(fmt.Sprintf("ecur (%d) > buffer reset (%d)", e.cur, e.bufferReset))
+	}
+	// check if we have space already
+	if len(e.hist)+len(src) > cap(e.hist) {
+		if cap(e.hist) == 0 {
+			e.ensureHist(len(src))
+		} else {
+			if cap(e.hist) < int(e.maxMatchOff+maxCompressedBlockSize) {
+				panic(fmt.Errorf("unexpected buffer cap %d, want at least %d with window %d", cap(e.hist), e.maxMatchOff+maxCompressedBlockSize, e.maxMatchOff))
+			}
+			// Move down
+			offset := int32(len(e.hist)) - e.maxMatchOff
+			copy(e.hist[0:e.maxMatchOff], e.hist[offset:])
+			e.cur += offset
+			e.hist = e.hist[:e.maxMatchOff]
+		}
+	}
+	s := int32(len(e.hist))
+	e.hist = append(e.hist, src...)
+	return s
+}
+
+// ensureHist will ensure that history can keep at least this many bytes.
+func (e *fastBase) ensureHist(n int) {
+	if cap(e.hist) >= n {
+		return
+	}
+	l := e.maxMatchOff
+	if (e.lowMem && e.maxMatchOff > maxCompressedBlockSize) || e.maxMatchOff <= maxCompressedBlockSize {
+		l += maxCompressedBlockSize
+	} else {
+		l += e.maxMatchOff
+	}
+	// Make it at least 1MB.
+	if l < 1<<20 && !e.lowMem {
+		l = 1 << 20
+	}
+	// Make it at least the requested size.
+	if l < int32(n) {
+		l = int32(n)
+	}
+	e.hist = make([]byte, 0, l)
+}
+
+// useBlock will replace the block with the provided one,
+// but transfer recent offsets from the previous.
+func (e *fastBase) UseBlock(enc *blockEnc) {
+	enc.reset(e.blk)
+	e.blk = enc
+}
+
+func (e *fastBase) matchlen(s, t int32, src []byte) int32 {
+	if debugAsserts {
+		if s < 0 {
+			err := fmt.Sprintf("s (%d) < 0", s)
+			panic(err)
+		}
+		if t < 0 {
+			err := fmt.Sprintf("s (%d) < 0", s)
+			panic(err)
+		}
+		if s-t > e.maxMatchOff {
+			err := fmt.Sprintf("s (%d) - t (%d) > maxMatchOff (%d)", s, t, e.maxMatchOff)
+			panic(err)
+		}
+		if len(src)-int(s) > maxCompressedBlockSize {
+			panic(fmt.Sprintf("len(src)-s (%d) > maxCompressedBlockSize (%d)", len(src)-int(s), maxCompressedBlockSize))
+		}
+	}
+	return int32(matchLen(src[s:], src[t:]))
+}
+
+// Reset the encoding table.
+func (e *fastBase) resetBase(d *dict, singleBlock bool) {
+	if e.blk == nil {
+		e.blk = &blockEnc{lowMem: e.lowMem}
+		e.blk.init()
+	} else {
+		e.blk.reset(nil)
+	}
+	e.blk.initNewEncode()
+	if e.crc == nil {
+		e.crc = xxhash.New()
+	} else {
+		e.crc.Reset()
+	}
+	e.blk.dictLitEnc = nil
+	if d != nil {
+		low := e.lowMem
+		if singleBlock {
+			e.lowMem = true
+		}
+		e.ensureHist(d.ContentSize() + maxCompressedBlockSize)
+		e.lowMem = low
+	}
+
+	// We offset current position so everything will be out of reach.
+	// If above reset line, history will be purged.
+	if e.cur < e.bufferReset {
+		e.cur += e.maxMatchOff + int32(len(e.hist))
+	}
+	e.hist = e.hist[:0]
+	if d != nil {
+		// Set offsets (currently not used)
+		for i, off := range d.offsets {
+			e.blk.recentOffsets[i] = uint32(off)
+			e.blk.prevRecentOffsets[i] = e.blk.recentOffsets[i]
+		}
+		// Transfer litenc.
+		e.blk.dictLitEnc = d.litEnc
+		e.hist = append(e.hist, d.content...)
+	}
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_best.go b/vendor/github.com/klauspost/compress/zstd/enc_best.go
new file mode 100644
index 000000000..4613724e9
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/enc_best.go
@@ -0,0 +1,560 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"bytes"
+	"fmt"
+
+	"github.com/klauspost/compress"
+)
+
+const (
+	bestLongTableBits = 22                     // Bits used in the long match table
+	bestLongTableSize = 1 << bestLongTableBits // Size of the table
+	bestLongLen       = 8                      // Bytes used for table hash
+
+	// Note: Increasing the short table bits or making the hash shorter
+	// can actually lead to compression degradation since it will 'steal' more from the
+	// long match table and match offsets are quite big.
+	// This greatly depends on the type of input.
+	bestShortTableBits = 18                      // Bits used in the short match table
+	bestShortTableSize = 1 << bestShortTableBits // Size of the table
+	bestShortLen       = 4                       // Bytes used for table hash
+
+)
+
+type match struct {
+	offset int32
+	s      int32
+	length int32
+	rep    int32
+	est    int32
+}
+
+const highScore = maxMatchLen * 8
+
+// estBits will estimate output bits from predefined tables.
+func (m *match) estBits(bitsPerByte int32) {
+	mlc := mlCode(uint32(m.length - zstdMinMatch))
+	var ofc uint8
+	if m.rep < 0 {
+		ofc = ofCode(uint32(m.s-m.offset) + 3)
+	} else {
+		ofc = ofCode(uint32(m.rep) & 3)
+	}
+	// Cost, excluding
+	ofTT, mlTT := fsePredefEnc[tableOffsets].ct.symbolTT[ofc], fsePredefEnc[tableMatchLengths].ct.symbolTT[mlc]
+
+	// Add cost of match encoding...
+	m.est = int32(ofTT.outBits + mlTT.outBits)
+	m.est += int32(ofTT.deltaNbBits>>16 + mlTT.deltaNbBits>>16)
+	// Subtract savings compared to literal encoding...
+	m.est -= (m.length * bitsPerByte) >> 10
+	if m.est > 0 {
+		// Unlikely gain..
+		m.length = 0
+		m.est = highScore
+	}
+}
+
+// bestFastEncoder uses 2 tables, one for short matches (5 bytes) and one for long matches.
+// The long match table contains the previous entry with the same hash,
+// effectively making it a "chain" of length 2.
+// When we find a long match we choose between the two values and select the longest.
+// When we find a short match, after checking the long, we check if we can find a long at n+1
+// and that it is longer (lazy matching).
+type bestFastEncoder struct {
+	fastBase
+	table         [bestShortTableSize]prevEntry
+	longTable     [bestLongTableSize]prevEntry
+	dictTable     []prevEntry
+	dictLongTable []prevEntry
+}
+
+// Encode improves compression...
+func (e *bestFastEncoder) Encode(blk *blockEnc, src []byte) {
+	const (
+		// Input margin is the number of bytes we read (8)
+		// and the maximum we will read ahead (2)
+		inputMargin            = 8 + 4
+		minNonLiteralBlockSize = 16
+	)
+
+	// Protect against e.cur wraparound.
+	for e.cur >= e.bufferReset-int32(len(e.hist)) {
+		if len(e.hist) == 0 {
+			e.table = [bestShortTableSize]prevEntry{}
+			e.longTable = [bestLongTableSize]prevEntry{}
+			e.cur = e.maxMatchOff
+			break
+		}
+		// Shift down everything in the table that isn't already too far away.
+		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
+		for i := range e.table[:] {
+			v := e.table[i].offset
+			v2 := e.table[i].prev
+			if v < minOff {
+				v = 0
+				v2 = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+				if v2 < minOff {
+					v2 = 0
+				} else {
+					v2 = v2 - e.cur + e.maxMatchOff
+				}
+			}
+			e.table[i] = prevEntry{
+				offset: v,
+				prev:   v2,
+			}
+		}
+		for i := range e.longTable[:] {
+			v := e.longTable[i].offset
+			v2 := e.longTable[i].prev
+			if v < minOff {
+				v = 0
+				v2 = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+				if v2 < minOff {
+					v2 = 0
+				} else {
+					v2 = v2 - e.cur + e.maxMatchOff
+				}
+			}
+			e.longTable[i] = prevEntry{
+				offset: v,
+				prev:   v2,
+			}
+		}
+		e.cur = e.maxMatchOff
+		break
+	}
+
+	// Add block to history
+	s := e.addBlock(src)
+	blk.size = len(src)
+
+	// Check RLE first
+	if len(src) > zstdMinMatch {
+		ml := matchLen(src[1:], src)
+		if ml == len(src)-1 {
+			blk.literals = append(blk.literals, src[0])
+			blk.sequences = append(blk.sequences, seq{litLen: 1, matchLen: uint32(len(src)-1) - zstdMinMatch, offset: 1 + 3})
+			return
+		}
+	}
+
+	if len(src) < minNonLiteralBlockSize {
+		blk.extraLits = len(src)
+		blk.literals = blk.literals[:len(src)]
+		copy(blk.literals, src)
+		return
+	}
+
+	// Use this to estimate literal cost.
+	// Scaled by 10 bits.
+	bitsPerByte := int32((compress.ShannonEntropyBits(src) * 1024) / len(src))
+	// Huffman can never go < 1 bit/byte
+	if bitsPerByte < 1024 {
+		bitsPerByte = 1024
+	}
+
+	// Override src
+	src = e.hist
+	sLimit := int32(len(src)) - inputMargin
+	const kSearchStrength = 10
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := s
+
+	// Relative offsets
+	offset1 := int32(blk.recentOffsets[0])
+	offset2 := int32(blk.recentOffsets[1])
+	offset3 := int32(blk.recentOffsets[2])
+
+	addLiterals := func(s *seq, until int32) {
+		if until == nextEmit {
+			return
+		}
+		blk.literals = append(blk.literals, src[nextEmit:until]...)
+		s.litLen = uint32(until - nextEmit)
+	}
+
+	if debugEncoder {
+		println("recent offsets:", blk.recentOffsets)
+	}
+
+encodeLoop:
+	for {
+		// We allow the encoder to optionally turn off repeat offsets across blocks
+		canRepeat := len(blk.sequences) > 2
+
+		if debugAsserts && canRepeat && offset1 == 0 {
+			panic("offset0 was 0")
+		}
+
+		const goodEnough = 250
+
+		cv := load6432(src, s)
+
+		nextHashL := hashLen(cv, bestLongTableBits, bestLongLen)
+		nextHashS := hashLen(cv, bestShortTableBits, bestShortLen)
+		candidateL := e.longTable[nextHashL]
+		candidateS := e.table[nextHashS]
+
+		// Set m to a match at offset if it looks like that will improve compression.
+		improve := func(m *match, offset int32, s int32, first uint32, rep int32) {
+			delta := s - offset
+			if delta >= e.maxMatchOff || delta <= 0 || load3232(src, offset) != first {
+				return
+			}
+			// Try to quick reject if we already have a long match.
+			if m.length > 16 {
+				left := len(src) - int(m.s+m.length)
+				// If we are too close to the end, keep as is.
+				if left <= 0 {
+					return
+				}
+				checkLen := m.length - (s - m.s) - 8
+				if left > 2 && checkLen > 4 {
+					// Check 4 bytes, 4 bytes from the end of the current match.
+					a := load3232(src, offset+checkLen)
+					b := load3232(src, s+checkLen)
+					if a != b {
+						return
+					}
+				}
+			}
+			l := 4 + e.matchlen(s+4, offset+4, src)
+			if m.rep <= 0 {
+				// Extend candidate match backwards as far as possible.
+				// Do not extend repeats as we can assume they are optimal
+				// and offsets change if s == nextEmit.
+				tMin := s - e.maxMatchOff
+				if tMin < 0 {
+					tMin = 0
+				}
+				for offset > tMin && s > nextEmit && src[offset-1] == src[s-1] && l < maxMatchLength {
+					s--
+					offset--
+					l++
+				}
+			}
+			if debugAsserts {
+				if offset >= s {
+					panic(fmt.Sprintf("offset: %d - s:%d - rep: %d - cur :%d - max: %d", offset, s, rep, e.cur, e.maxMatchOff))
+				}
+				if !bytes.Equal(src[s:s+l], src[offset:offset+l]) {
+					panic(fmt.Sprintf("second match mismatch: %v != %v, first: %08x", src[s:s+4], src[offset:offset+4], first))
+				}
+			}
+			cand := match{offset: offset, s: s, length: l, rep: rep}
+			cand.estBits(bitsPerByte)
+			if m.est >= highScore || cand.est-m.est+(cand.s-m.s)*bitsPerByte>>10 < 0 {
+				*m = cand
+			}
+		}
+
+		best := match{s: s, est: highScore}
+		improve(&best, candidateL.offset-e.cur, s, uint32(cv), -1)
+		improve(&best, candidateL.prev-e.cur, s, uint32(cv), -1)
+		improve(&best, candidateS.offset-e.cur, s, uint32(cv), -1)
+		improve(&best, candidateS.prev-e.cur, s, uint32(cv), -1)
+
+		if canRepeat && best.length < goodEnough {
+			if s == nextEmit {
+				// Check repeats straight after a match.
+				improve(&best, s-offset2, s, uint32(cv), 1|4)
+				improve(&best, s-offset3, s, uint32(cv), 2|4)
+				if offset1 > 1 {
+					improve(&best, s-(offset1-1), s, uint32(cv), 3|4)
+				}
+			}
+
+			// If either no match or a non-repeat match, check at + 1
+			if best.rep <= 0 {
+				cv32 := uint32(cv >> 8)
+				spp := s + 1
+				improve(&best, spp-offset1, spp, cv32, 1)
+				improve(&best, spp-offset2, spp, cv32, 2)
+				improve(&best, spp-offset3, spp, cv32, 3)
+				if best.rep < 0 {
+					cv32 = uint32(cv >> 24)
+					spp += 2
+					improve(&best, spp-offset1, spp, cv32, 1)
+					improve(&best, spp-offset2, spp, cv32, 2)
+					improve(&best, spp-offset3, spp, cv32, 3)
+				}
+			}
+		}
+		// Load next and check...
+		e.longTable[nextHashL] = prevEntry{offset: s + e.cur, prev: candidateL.offset}
+		e.table[nextHashS] = prevEntry{offset: s + e.cur, prev: candidateS.offset}
+		index0 := s + 1
+
+		// Look far ahead, unless we have a really long match already...
+		if best.length < goodEnough {
+			// No match found, move forward on input, no need to check forward...
+			if best.length < 4 {
+				s += 1 + (s-nextEmit)>>(kSearchStrength-1)
+				if s >= sLimit {
+					break encodeLoop
+				}
+				continue
+			}
+
+			candidateS = e.table[hashLen(cv>>8, bestShortTableBits, bestShortLen)]
+			cv = load6432(src, s+1)
+			cv2 := load6432(src, s+2)
+			candidateL = e.longTable[hashLen(cv, bestLongTableBits, bestLongLen)]
+			candidateL2 := e.longTable[hashLen(cv2, bestLongTableBits, bestLongLen)]
+
+			// Short at s+1
+			improve(&best, candidateS.offset-e.cur, s+1, uint32(cv), -1)
+			// Long at s+1, s+2
+			improve(&best, candidateL.offset-e.cur, s+1, uint32(cv), -1)
+			improve(&best, candidateL.prev-e.cur, s+1, uint32(cv), -1)
+			improve(&best, candidateL2.offset-e.cur, s+2, uint32(cv2), -1)
+			improve(&best, candidateL2.prev-e.cur, s+2, uint32(cv2), -1)
+			if false {
+				// Short at s+3.
+				// Too often worse...
+				improve(&best, e.table[hashLen(cv2>>8, bestShortTableBits, bestShortLen)].offset-e.cur, s+3, uint32(cv2>>8), -1)
+			}
+
+			// Start check at a fixed offset to allow for a few mismatches.
+			// For this compression level 2 yields the best results.
+			// We cannot do this if we have already indexed this position.
+			const skipBeginning = 2
+			if best.s > s-skipBeginning {
+				// See if we can find a better match by checking where the current best ends.
+				// Use that offset to see if we can find a better full match.
+				if sAt := best.s + best.length; sAt < sLimit {
+					nextHashL := hashLen(load6432(src, sAt), bestLongTableBits, bestLongLen)
+					candidateEnd := e.longTable[nextHashL]
+
+					if off := candidateEnd.offset - e.cur - best.length + skipBeginning; off >= 0 {
+						improve(&best, off, best.s+skipBeginning, load3232(src, best.s+skipBeginning), -1)
+						if off := candidateEnd.prev - e.cur - best.length + skipBeginning; off >= 0 {
+							improve(&best, off, best.s+skipBeginning, load3232(src, best.s+skipBeginning), -1)
+						}
+					}
+				}
+			}
+		}
+
+		if debugAsserts {
+			if best.offset >= best.s {
+				panic(fmt.Sprintf("best.offset > s: %d >= %d", best.offset, best.s))
+			}
+			if best.s < nextEmit {
+				panic(fmt.Sprintf("s %d < nextEmit %d", best.s, nextEmit))
+			}
+			if best.offset < s-e.maxMatchOff {
+				panic(fmt.Sprintf("best.offset < s-e.maxMatchOff: %d < %d", best.offset, s-e.maxMatchOff))
+			}
+			if !bytes.Equal(src[best.s:best.s+best.length], src[best.offset:best.offset+best.length]) {
+				panic(fmt.Sprintf("match mismatch: %v != %v", src[best.s:best.s+best.length], src[best.offset:best.offset+best.length]))
+			}
+		}
+
+		// We have a match, we can store the forward value
+		s = best.s
+		if best.rep > 0 {
+			var seq seq
+			seq.matchLen = uint32(best.length - zstdMinMatch)
+			addLiterals(&seq, best.s)
+
+			// Repeat. If bit 4 is set, this is a non-lit repeat.
+			seq.offset = uint32(best.rep & 3)
+			if debugSequences {
+				println("repeat sequence", seq, "next s:", best.s, "off:", best.s-best.offset)
+			}
+			blk.sequences = append(blk.sequences, seq)
+
+			// Index old s + 1 -> s - 1
+			s = best.s + best.length
+			nextEmit = s
+
+			// Index skipped...
+			end := s
+			if s > sLimit+4 {
+				end = sLimit + 4
+			}
+			off := index0 + e.cur
+			for index0 < end {
+				cv0 := load6432(src, index0)
+				h0 := hashLen(cv0, bestLongTableBits, bestLongLen)
+				h1 := hashLen(cv0, bestShortTableBits, bestShortLen)
+				e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
+				e.table[h1] = prevEntry{offset: off, prev: e.table[h1].offset}
+				off++
+				index0++
+			}
+
+			switch best.rep {
+			case 2, 4 | 1:
+				offset1, offset2 = offset2, offset1
+			case 3, 4 | 2:
+				offset1, offset2, offset3 = offset3, offset1, offset2
+			case 4 | 3:
+				offset1, offset2, offset3 = offset1-1, offset1, offset2
+			}
+			if s >= sLimit {
+				if debugEncoder {
+					println("repeat ended", s, best.length)
+				}
+				break encodeLoop
+			}
+			continue
+		}
+
+		// A 4-byte match has been found. Update recent offsets.
+		// We'll later see if more than 4 bytes.
+		t := best.offset
+		offset1, offset2, offset3 = s-t, offset1, offset2
+
+		if debugAsserts && s <= t {
+			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+		}
+
+		if debugAsserts && int(offset1) > len(src) {
+			panic("invalid offset")
+		}
+
+		// Write our sequence
+		var seq seq
+		l := best.length
+		seq.litLen = uint32(s - nextEmit)
+		seq.matchLen = uint32(l - zstdMinMatch)
+		if seq.litLen > 0 {
+			blk.literals = append(blk.literals, src[nextEmit:s]...)
+		}
+		seq.offset = uint32(s-t) + 3
+		s += l
+		if debugSequences {
+			println("sequence", seq, "next s:", s)
+		}
+		blk.sequences = append(blk.sequences, seq)
+		nextEmit = s
+
+		// Index old s + 1 -> s - 1 or sLimit
+		end := s
+		if s > sLimit-4 {
+			end = sLimit - 4
+		}
+
+		off := index0 + e.cur
+		for index0 < end {
+			cv0 := load6432(src, index0)
+			h0 := hashLen(cv0, bestLongTableBits, bestLongLen)
+			h1 := hashLen(cv0, bestShortTableBits, bestShortLen)
+			e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
+			e.table[h1] = prevEntry{offset: off, prev: e.table[h1].offset}
+			index0++
+			off++
+		}
+		if s >= sLimit {
+			break encodeLoop
+		}
+	}
+
+	if int(nextEmit) < len(src) {
+		blk.literals = append(blk.literals, src[nextEmit:]...)
+		blk.extraLits = len(src) - int(nextEmit)
+	}
+	blk.recentOffsets[0] = uint32(offset1)
+	blk.recentOffsets[1] = uint32(offset2)
+	blk.recentOffsets[2] = uint32(offset3)
+	if debugEncoder {
+		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
+	}
+}
+
+// EncodeNoHist will encode a block with no history and no following blocks.
+// Most notable difference is that src will not be copied for history and
+// we do not need to check for max match length.
+func (e *bestFastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
+	e.ensureHist(len(src))
+	e.Encode(blk, src)
+}
+
+// Reset will reset and set a dictionary if not nil
+func (e *bestFastEncoder) Reset(d *dict, singleBlock bool) {
+	e.resetBase(d, singleBlock)
+	if d == nil {
+		return
+	}
+	// Init or copy dict table
+	if len(e.dictTable) != len(e.table) || d.id != e.lastDictID {
+		if len(e.dictTable) != len(e.table) {
+			e.dictTable = make([]prevEntry, len(e.table))
+		}
+		end := int32(len(d.content)) - 8 + e.maxMatchOff
+		for i := e.maxMatchOff; i < end; i += 4 {
+			const hashLog = bestShortTableBits
+
+			cv := load6432(d.content, i-e.maxMatchOff)
+			nextHash := hashLen(cv, hashLog, bestShortLen)      // 0 -> 4
+			nextHash1 := hashLen(cv>>8, hashLog, bestShortLen)  // 1 -> 5
+			nextHash2 := hashLen(cv>>16, hashLog, bestShortLen) // 2 -> 6
+			nextHash3 := hashLen(cv>>24, hashLog, bestShortLen) // 3 -> 7
+			e.dictTable[nextHash] = prevEntry{
+				prev:   e.dictTable[nextHash].offset,
+				offset: i,
+			}
+			e.dictTable[nextHash1] = prevEntry{
+				prev:   e.dictTable[nextHash1].offset,
+				offset: i + 1,
+			}
+			e.dictTable[nextHash2] = prevEntry{
+				prev:   e.dictTable[nextHash2].offset,
+				offset: i + 2,
+			}
+			e.dictTable[nextHash3] = prevEntry{
+				prev:   e.dictTable[nextHash3].offset,
+				offset: i + 3,
+			}
+		}
+		e.lastDictID = d.id
+	}
+
+	// Init or copy dict table
+	if len(e.dictLongTable) != len(e.longTable) || d.id != e.lastDictID {
+		if len(e.dictLongTable) != len(e.longTable) {
+			e.dictLongTable = make([]prevEntry, len(e.longTable))
+		}
+		if len(d.content) >= 8 {
+			cv := load6432(d.content, 0)
+			h := hashLen(cv, bestLongTableBits, bestLongLen)
+			e.dictLongTable[h] = prevEntry{
+				offset: e.maxMatchOff,
+				prev:   e.dictLongTable[h].offset,
+			}
+
+			end := int32(len(d.content)) - 8 + e.maxMatchOff
+			off := 8 // First to read
+			for i := e.maxMatchOff + 1; i < end; i++ {
+				cv = cv>>8 | (uint64(d.content[off]) << 56)
+				h := hashLen(cv, bestLongTableBits, bestLongLen)
+				e.dictLongTable[h] = prevEntry{
+					offset: i,
+					prev:   e.dictLongTable[h].offset,
+				}
+				off++
+			}
+		}
+		e.lastDictID = d.id
+	}
+	// Reset table to initial state
+	copy(e.longTable[:], e.dictLongTable)
+
+	e.cur = e.maxMatchOff
+	// Reset table to initial state
+	copy(e.table[:], e.dictTable)
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_better.go b/vendor/github.com/klauspost/compress/zstd/enc_better.go
new file mode 100644
index 000000000..84a79fde7
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/enc_better.go
@@ -0,0 +1,1252 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import "fmt"
+
+const (
+	betterLongTableBits = 19                       // Bits used in the long match table
+	betterLongTableSize = 1 << betterLongTableBits // Size of the table
+	betterLongLen       = 8                        // Bytes used for table hash
+
+	// Note: Increasing the short table bits or making the hash shorter
+	// can actually lead to compression degradation since it will 'steal' more from the
+	// long match table and match offsets are quite big.
+	// This greatly depends on the type of input.
+	betterShortTableBits = 13                        // Bits used in the short match table
+	betterShortTableSize = 1 << betterShortTableBits // Size of the table
+	betterShortLen       = 5                         // Bytes used for table hash
+
+	betterLongTableShardCnt  = 1 << (betterLongTableBits - dictShardBits)    // Number of shards in the table
+	betterLongTableShardSize = betterLongTableSize / betterLongTableShardCnt // Size of an individual shard
+
+	betterShortTableShardCnt  = 1 << (betterShortTableBits - dictShardBits)     // Number of shards in the table
+	betterShortTableShardSize = betterShortTableSize / betterShortTableShardCnt // Size of an individual shard
+)
+
+type prevEntry struct {
+	offset int32
+	prev   int32
+}
+
+// betterFastEncoder uses 2 tables, one for short matches (5 bytes) and one for long matches.
+// The long match table contains the previous entry with the same hash,
+// effectively making it a "chain" of length 2.
+// When we find a long match we choose between the two values and select the longest.
+// When we find a short match, after checking the long, we check if we can find a long at n+1
+// and that it is longer (lazy matching).
+type betterFastEncoder struct {
+	fastBase
+	table     [betterShortTableSize]tableEntry
+	longTable [betterLongTableSize]prevEntry
+}
+
+type betterFastEncoderDict struct {
+	betterFastEncoder
+	dictTable            []tableEntry
+	dictLongTable        []prevEntry
+	shortTableShardDirty [betterShortTableShardCnt]bool
+	longTableShardDirty  [betterLongTableShardCnt]bool
+	allDirty             bool
+}
+
+// Encode improves compression...
+func (e *betterFastEncoder) Encode(blk *blockEnc, src []byte) {
+	const (
+		// Input margin is the number of bytes we read (8)
+		// and the maximum we will read ahead (2)
+		inputMargin            = 8 + 2
+		minNonLiteralBlockSize = 16
+	)
+
+	// Protect against e.cur wraparound.
+	for e.cur >= e.bufferReset-int32(len(e.hist)) {
+		if len(e.hist) == 0 {
+			e.table = [betterShortTableSize]tableEntry{}
+			e.longTable = [betterLongTableSize]prevEntry{}
+			e.cur = e.maxMatchOff
+			break
+		}
+		// Shift down everything in the table that isn't already too far away.
+		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
+		for i := range e.table[:] {
+			v := e.table[i].offset
+			if v < minOff {
+				v = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+			}
+			e.table[i].offset = v
+		}
+		for i := range e.longTable[:] {
+			v := e.longTable[i].offset
+			v2 := e.longTable[i].prev
+			if v < minOff {
+				v = 0
+				v2 = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+				if v2 < minOff {
+					v2 = 0
+				} else {
+					v2 = v2 - e.cur + e.maxMatchOff
+				}
+			}
+			e.longTable[i] = prevEntry{
+				offset: v,
+				prev:   v2,
+			}
+		}
+		e.cur = e.maxMatchOff
+		break
+	}
+	// Add block to history
+	s := e.addBlock(src)
+	blk.size = len(src)
+
+	// Check RLE first
+	if len(src) > zstdMinMatch {
+		ml := matchLen(src[1:], src)
+		if ml == len(src)-1 {
+			blk.literals = append(blk.literals, src[0])
+			blk.sequences = append(blk.sequences, seq{litLen: 1, matchLen: uint32(len(src)-1) - zstdMinMatch, offset: 1 + 3})
+			return
+		}
+	}
+
+	if len(src) < minNonLiteralBlockSize {
+		blk.extraLits = len(src)
+		blk.literals = blk.literals[:len(src)]
+		copy(blk.literals, src)
+		return
+	}
+
+	// Override src
+	src = e.hist
+	sLimit := int32(len(src)) - inputMargin
+	// stepSize is the number of bytes to skip on every main loop iteration.
+	// It should be >= 1.
+	const stepSize = 1
+
+	const kSearchStrength = 9
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := s
+	cv := load6432(src, s)
+
+	// Relative offsets
+	offset1 := int32(blk.recentOffsets[0])
+	offset2 := int32(blk.recentOffsets[1])
+
+	addLiterals := func(s *seq, until int32) {
+		if until == nextEmit {
+			return
+		}
+		blk.literals = append(blk.literals, src[nextEmit:until]...)
+		s.litLen = uint32(until - nextEmit)
+	}
+	if debugEncoder {
+		println("recent offsets:", blk.recentOffsets)
+	}
+
+encodeLoop:
+	for {
+		var t int32
+		// We allow the encoder to optionally turn off repeat offsets across blocks
+		canRepeat := len(blk.sequences) > 2
+		var matched, index0 int32
+
+		for {
+			if debugAsserts && canRepeat && offset1 == 0 {
+				panic("offset0 was 0")
+			}
+
+			nextHashL := hashLen(cv, betterLongTableBits, betterLongLen)
+			nextHashS := hashLen(cv, betterShortTableBits, betterShortLen)
+			candidateL := e.longTable[nextHashL]
+			candidateS := e.table[nextHashS]
+
+			const repOff = 1
+			repIndex := s - offset1 + repOff
+			off := s + e.cur
+			e.longTable[nextHashL] = prevEntry{offset: off, prev: candidateL.offset}
+			e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)}
+			index0 = s + 1
+
+			if canRepeat {
+				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
+					// Consider history as well.
+					var seq seq
+					length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
+
+					seq.matchLen = uint32(length - zstdMinMatch)
+
+					// We might be able to match backwards.
+					// Extend as long as we can.
+					start := s + repOff
+					// We end the search early, so we don't risk 0 literals
+					// and have to do special offset treatment.
+					startLimit := nextEmit + 1
+
+					tMin := s - e.maxMatchOff
+					if tMin < 0 {
+						tMin = 0
+					}
+					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
+						repIndex--
+						start--
+						seq.matchLen++
+					}
+					addLiterals(&seq, start)
+
+					// rep 0
+					seq.offset = 1
+					if debugSequences {
+						println("repeat sequence", seq, "next s:", s)
+					}
+					blk.sequences = append(blk.sequences, seq)
+
+					// Index match start+1 (long) -> s - 1
+					index0 := s + repOff
+					s += length + repOff
+
+					nextEmit = s
+					if s >= sLimit {
+						if debugEncoder {
+							println("repeat ended", s, length)
+
+						}
+						break encodeLoop
+					}
+					// Index skipped...
+					for index0 < s-1 {
+						cv0 := load6432(src, index0)
+						cv1 := cv0 >> 8
+						h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
+						off := index0 + e.cur
+						e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
+						e.table[hashLen(cv1, betterShortTableBits, betterShortLen)] = tableEntry{offset: off + 1, val: uint32(cv1)}
+						index0 += 2
+					}
+					cv = load6432(src, s)
+					continue
+				}
+				const repOff2 = 1
+
+				// We deviate from the reference encoder and also check offset 2.
+				// Still slower and not much better, so disabled.
+				// repIndex = s - offset2 + repOff2
+				if false && repIndex >= 0 && load6432(src, repIndex) == load6432(src, s+repOff) {
+					// Consider history as well.
+					var seq seq
+					length := 8 + e.matchlen(s+8+repOff2, repIndex+8, src)
+
+					seq.matchLen = uint32(length - zstdMinMatch)
+
+					// We might be able to match backwards.
+					// Extend as long as we can.
+					start := s + repOff2
+					// We end the search early, so we don't risk 0 literals
+					// and have to do special offset treatment.
+					startLimit := nextEmit + 1
+
+					tMin := s - e.maxMatchOff
+					if tMin < 0 {
+						tMin = 0
+					}
+					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
+						repIndex--
+						start--
+						seq.matchLen++
+					}
+					addLiterals(&seq, start)
+
+					// rep 2
+					seq.offset = 2
+					if debugSequences {
+						println("repeat sequence 2", seq, "next s:", s)
+					}
+					blk.sequences = append(blk.sequences, seq)
+
+					s += length + repOff2
+					nextEmit = s
+					if s >= sLimit {
+						if debugEncoder {
+							println("repeat ended", s, length)
+
+						}
+						break encodeLoop
+					}
+
+					// Index skipped...
+					for index0 < s-1 {
+						cv0 := load6432(src, index0)
+						cv1 := cv0 >> 8
+						h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
+						off := index0 + e.cur
+						e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
+						e.table[hashLen(cv1, betterShortTableBits, betterShortLen)] = tableEntry{offset: off + 1, val: uint32(cv1)}
+						index0 += 2
+					}
+					cv = load6432(src, s)
+					// Swap offsets
+					offset1, offset2 = offset2, offset1
+					continue
+				}
+			}
+			// Find the offsets of our two matches.
+			coffsetL := candidateL.offset - e.cur
+			coffsetLP := candidateL.prev - e.cur
+
+			// Check if we have a long match.
+			if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
+				// Found a long match, at least 8 bytes.
+				matched = e.matchlen(s+8, coffsetL+8, src) + 8
+				t = coffsetL
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugMatches {
+					println("long match")
+				}
+
+				if s-coffsetLP < e.maxMatchOff && cv == load6432(src, coffsetLP) {
+					// Found a long match, at least 8 bytes.
+					prevMatch := e.matchlen(s+8, coffsetLP+8, src) + 8
+					if prevMatch > matched {
+						matched = prevMatch
+						t = coffsetLP
+					}
+					if debugAsserts && s <= t {
+						panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+					}
+					if debugAsserts && s-t > e.maxMatchOff {
+						panic("s - t >e.maxMatchOff")
+					}
+					if debugMatches {
+						println("long match")
+					}
+				}
+				break
+			}
+
+			// Check if we have a long match on prev.
+			if s-coffsetLP < e.maxMatchOff && cv == load6432(src, coffsetLP) {
+				// Found a long match, at least 8 bytes.
+				matched = e.matchlen(s+8, coffsetLP+8, src) + 8
+				t = coffsetLP
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugMatches {
+					println("long match")
+				}
+				break
+			}
+
+			coffsetS := candidateS.offset - e.cur
+
+			// Check if we have a short match.
+			if s-coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
+				// found a regular match
+				matched = e.matchlen(s+4, coffsetS+4, src) + 4
+
+				// See if we can find a long match at s+1
+				const checkAt = 1
+				cv := load6432(src, s+checkAt)
+				nextHashL = hashLen(cv, betterLongTableBits, betterLongLen)
+				candidateL = e.longTable[nextHashL]
+				coffsetL = candidateL.offset - e.cur
+
+				// We can store it, since we have at least a 4 byte match.
+				e.longTable[nextHashL] = prevEntry{offset: s + checkAt + e.cur, prev: candidateL.offset}
+				if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
+					// Found a long match, at least 8 bytes.
+					matchedNext := e.matchlen(s+8+checkAt, coffsetL+8, src) + 8
+					if matchedNext > matched {
+						t = coffsetL
+						s += checkAt
+						matched = matchedNext
+						if debugMatches {
+							println("long match (after short)")
+						}
+						break
+					}
+				}
+
+				// Check prev long...
+				coffsetL = candidateL.prev - e.cur
+				if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
+					// Found a long match, at least 8 bytes.
+					matchedNext := e.matchlen(s+8+checkAt, coffsetL+8, src) + 8
+					if matchedNext > matched {
+						t = coffsetL
+						s += checkAt
+						matched = matchedNext
+						if debugMatches {
+							println("prev long match (after short)")
+						}
+						break
+					}
+				}
+				t = coffsetS
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugAsserts && t < 0 {
+					panic("t<0")
+				}
+				if debugMatches {
+					println("short match")
+				}
+				break
+			}
+
+			// No match found, move forward in input.
+			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
+			if s >= sLimit {
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+
+		// Try to find a better match by searching for a long match at the end of the current best match
+		if s+matched < sLimit {
+			// Allow some bytes at the beginning to mismatch.
+			// Sweet spot is around 3 bytes, but depends on input.
+			// The skipped bytes are tested in Extend backwards,
+			// and still picked up as part of the match if they do.
+			const skipBeginning = 3
+
+			nextHashL := hashLen(load6432(src, s+matched), betterLongTableBits, betterLongLen)
+			s2 := s + skipBeginning
+			cv := load3232(src, s2)
+			candidateL := e.longTable[nextHashL]
+			coffsetL := candidateL.offset - e.cur - matched + skipBeginning
+			if coffsetL >= 0 && coffsetL < s2 && s2-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
+				// Found a long match, at least 4 bytes.
+				matchedNext := e.matchlen(s2+4, coffsetL+4, src) + 4
+				if matchedNext > matched {
+					t = coffsetL
+					s = s2
+					matched = matchedNext
+					if debugMatches {
+						println("long match at end-of-match")
+					}
+				}
+			}
+
+			// Check prev long...
+			if true {
+				coffsetL = candidateL.prev - e.cur - matched + skipBeginning
+				if coffsetL >= 0 && coffsetL < s2 && s2-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
+					// Found a long match, at least 4 bytes.
+					matchedNext := e.matchlen(s2+4, coffsetL+4, src) + 4
+					if matchedNext > matched {
+						t = coffsetL
+						s = s2
+						matched = matchedNext
+						if debugMatches {
+							println("prev long match at end-of-match")
+						}
+					}
+				}
+			}
+		}
+		// A match has been found. Update recent offsets.
+		offset2 = offset1
+		offset1 = s - t
+
+		if debugAsserts && s <= t {
+			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+		}
+
+		if debugAsserts && canRepeat && int(offset1) > len(src) {
+			panic("invalid offset")
+		}
+
+		// Extend the n-byte match as long as possible.
+		l := matched
+
+		// Extend backwards
+		tMin := s - e.maxMatchOff
+		if tMin < 0 {
+			tMin = 0
+		}
+		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
+			s--
+			t--
+			l++
+		}
+
+		// Write our sequence
+		var seq seq
+		seq.litLen = uint32(s - nextEmit)
+		seq.matchLen = uint32(l - zstdMinMatch)
+		if seq.litLen > 0 {
+			blk.literals = append(blk.literals, src[nextEmit:s]...)
+		}
+		seq.offset = uint32(s-t) + 3
+		s += l
+		if debugSequences {
+			println("sequence", seq, "next s:", s)
+		}
+		blk.sequences = append(blk.sequences, seq)
+		nextEmit = s
+		if s >= sLimit {
+			break encodeLoop
+		}
+
+		// Index match start+1 (long) -> s - 1
+		off := index0 + e.cur
+		for index0 < s-1 {
+			cv0 := load6432(src, index0)
+			cv1 := cv0 >> 8
+			h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
+			e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
+			e.table[hashLen(cv1, betterShortTableBits, betterShortLen)] = tableEntry{offset: off + 1, val: uint32(cv1)}
+			index0 += 2
+			off += 2
+		}
+
+		cv = load6432(src, s)
+		if !canRepeat {
+			continue
+		}
+
+		// Check offset 2
+		for {
+			o2 := s - offset2
+			if load3232(src, o2) != uint32(cv) {
+				// Do regular search
+				break
+			}
+
+			// Store this, since we have it.
+			nextHashL := hashLen(cv, betterLongTableBits, betterLongLen)
+			nextHashS := hashLen(cv, betterShortTableBits, betterShortLen)
+
+			// We have at least 4 byte match.
+			// No need to check backwards. We come straight from a match
+			l := 4 + e.matchlen(s+4, o2+4, src)
+
+			e.longTable[nextHashL] = prevEntry{offset: s + e.cur, prev: e.longTable[nextHashL].offset}
+			e.table[nextHashS] = tableEntry{offset: s + e.cur, val: uint32(cv)}
+			seq.matchLen = uint32(l) - zstdMinMatch
+			seq.litLen = 0
+
+			// Since litlen is always 0, this is offset 1.
+			seq.offset = 1
+			s += l
+			nextEmit = s
+			if debugSequences {
+				println("sequence", seq, "next s:", s)
+			}
+			blk.sequences = append(blk.sequences, seq)
+
+			// Swap offset 1 and 2.
+			offset1, offset2 = offset2, offset1
+			if s >= sLimit {
+				// Finished
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+	}
+
+	if int(nextEmit) < len(src) {
+		blk.literals = append(blk.literals, src[nextEmit:]...)
+		blk.extraLits = len(src) - int(nextEmit)
+	}
+	blk.recentOffsets[0] = uint32(offset1)
+	blk.recentOffsets[1] = uint32(offset2)
+	if debugEncoder {
+		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
+	}
+}
+
+// EncodeNoHist will encode a block with no history and no following blocks.
+// Most notable difference is that src will not be copied for history and
+// we do not need to check for max match length.
+func (e *betterFastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
+	e.ensureHist(len(src))
+	e.Encode(blk, src)
+}
+
+// Encode improves compression...
+func (e *betterFastEncoderDict) Encode(blk *blockEnc, src []byte) {
+	const (
+		// Input margin is the number of bytes we read (8)
+		// and the maximum we will read ahead (2)
+		inputMargin            = 8 + 2
+		minNonLiteralBlockSize = 16
+	)
+
+	// Protect against e.cur wraparound.
+	for e.cur >= e.bufferReset-int32(len(e.hist)) {
+		if len(e.hist) == 0 {
+			for i := range e.table[:] {
+				e.table[i] = tableEntry{}
+			}
+			for i := range e.longTable[:] {
+				e.longTable[i] = prevEntry{}
+			}
+			e.cur = e.maxMatchOff
+			e.allDirty = true
+			break
+		}
+		// Shift down everything in the table that isn't already too far away.
+		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
+		for i := range e.table[:] {
+			v := e.table[i].offset
+			if v < minOff {
+				v = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+			}
+			e.table[i].offset = v
+		}
+		for i := range e.longTable[:] {
+			v := e.longTable[i].offset
+			v2 := e.longTable[i].prev
+			if v < minOff {
+				v = 0
+				v2 = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+				if v2 < minOff {
+					v2 = 0
+				} else {
+					v2 = v2 - e.cur + e.maxMatchOff
+				}
+			}
+			e.longTable[i] = prevEntry{
+				offset: v,
+				prev:   v2,
+			}
+		}
+		e.allDirty = true
+		e.cur = e.maxMatchOff
+		break
+	}
+
+	s := e.addBlock(src)
+	blk.size = len(src)
+	if len(src) < minNonLiteralBlockSize {
+		blk.extraLits = len(src)
+		blk.literals = blk.literals[:len(src)]
+		copy(blk.literals, src)
+		return
+	}
+
+	// Override src
+	src = e.hist
+	sLimit := int32(len(src)) - inputMargin
+	// stepSize is the number of bytes to skip on every main loop iteration.
+	// It should be >= 1.
+	const stepSize = 1
+
+	const kSearchStrength = 9
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := s
+	cv := load6432(src, s)
+
+	// Relative offsets
+	offset1 := int32(blk.recentOffsets[0])
+	offset2 := int32(blk.recentOffsets[1])
+
+	addLiterals := func(s *seq, until int32) {
+		if until == nextEmit {
+			return
+		}
+		blk.literals = append(blk.literals, src[nextEmit:until]...)
+		s.litLen = uint32(until - nextEmit)
+	}
+	if debugEncoder {
+		println("recent offsets:", blk.recentOffsets)
+	}
+
+encodeLoop:
+	for {
+		var t int32
+		// We allow the encoder to optionally turn off repeat offsets across blocks
+		canRepeat := len(blk.sequences) > 2
+		var matched, index0 int32
+
+		for {
+			if debugAsserts && canRepeat && offset1 == 0 {
+				panic("offset0 was 0")
+			}
+
+			nextHashL := hashLen(cv, betterLongTableBits, betterLongLen)
+			nextHashS := hashLen(cv, betterShortTableBits, betterShortLen)
+			candidateL := e.longTable[nextHashL]
+			candidateS := e.table[nextHashS]
+
+			const repOff = 1
+			repIndex := s - offset1 + repOff
+			off := s + e.cur
+			e.longTable[nextHashL] = prevEntry{offset: off, prev: candidateL.offset}
+			e.markLongShardDirty(nextHashL)
+			e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)}
+			e.markShortShardDirty(nextHashS)
+			index0 = s + 1
+
+			if canRepeat {
+				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
+					// Consider history as well.
+					var seq seq
+					length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
+
+					seq.matchLen = uint32(length - zstdMinMatch)
+
+					// We might be able to match backwards.
+					// Extend as long as we can.
+					start := s + repOff
+					// We end the search early, so we don't risk 0 literals
+					// and have to do special offset treatment.
+					startLimit := nextEmit + 1
+
+					tMin := s - e.maxMatchOff
+					if tMin < 0 {
+						tMin = 0
+					}
+					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
+						repIndex--
+						start--
+						seq.matchLen++
+					}
+					addLiterals(&seq, start)
+
+					// rep 0
+					seq.offset = 1
+					if debugSequences {
+						println("repeat sequence", seq, "next s:", s)
+					}
+					blk.sequences = append(blk.sequences, seq)
+
+					// Index match start+1 (long) -> s - 1
+					s += length + repOff
+
+					nextEmit = s
+					if s >= sLimit {
+						if debugEncoder {
+							println("repeat ended", s, length)
+
+						}
+						break encodeLoop
+					}
+					// Index skipped...
+					for index0 < s-1 {
+						cv0 := load6432(src, index0)
+						cv1 := cv0 >> 8
+						h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
+						off := index0 + e.cur
+						e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
+						e.markLongShardDirty(h0)
+						h1 := hashLen(cv1, betterShortTableBits, betterShortLen)
+						e.table[h1] = tableEntry{offset: off + 1, val: uint32(cv1)}
+						e.markShortShardDirty(h1)
+						index0 += 2
+					}
+					cv = load6432(src, s)
+					continue
+				}
+				const repOff2 = 1
+
+				// We deviate from the reference encoder and also check offset 2.
+				// Still slower and not much better, so disabled.
+				// repIndex = s - offset2 + repOff2
+				if false && repIndex >= 0 && load6432(src, repIndex) == load6432(src, s+repOff) {
+					// Consider history as well.
+					var seq seq
+					length := 8 + e.matchlen(s+8+repOff2, repIndex+8, src)
+
+					seq.matchLen = uint32(length - zstdMinMatch)
+
+					// We might be able to match backwards.
+					// Extend as long as we can.
+					start := s + repOff2
+					// We end the search early, so we don't risk 0 literals
+					// and have to do special offset treatment.
+					startLimit := nextEmit + 1
+
+					tMin := s - e.maxMatchOff
+					if tMin < 0 {
+						tMin = 0
+					}
+					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
+						repIndex--
+						start--
+						seq.matchLen++
+					}
+					addLiterals(&seq, start)
+
+					// rep 2
+					seq.offset = 2
+					if debugSequences {
+						println("repeat sequence 2", seq, "next s:", s)
+					}
+					blk.sequences = append(blk.sequences, seq)
+
+					s += length + repOff2
+					nextEmit = s
+					if s >= sLimit {
+						if debugEncoder {
+							println("repeat ended", s, length)
+
+						}
+						break encodeLoop
+					}
+
+					// Index skipped...
+					for index0 < s-1 {
+						cv0 := load6432(src, index0)
+						cv1 := cv0 >> 8
+						h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
+						off := index0 + e.cur
+						e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
+						e.markLongShardDirty(h0)
+						h1 := hashLen(cv1, betterShortTableBits, betterShortLen)
+						e.table[h1] = tableEntry{offset: off + 1, val: uint32(cv1)}
+						e.markShortShardDirty(h1)
+						index0 += 2
+					}
+					cv = load6432(src, s)
+					// Swap offsets
+					offset1, offset2 = offset2, offset1
+					continue
+				}
+			}
+			// Find the offsets of our two matches.
+			coffsetL := candidateL.offset - e.cur
+			coffsetLP := candidateL.prev - e.cur
+
+			// Check if we have a long match.
+			if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
+				// Found a long match, at least 8 bytes.
+				matched = e.matchlen(s+8, coffsetL+8, src) + 8
+				t = coffsetL
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugMatches {
+					println("long match")
+				}
+
+				if s-coffsetLP < e.maxMatchOff && cv == load6432(src, coffsetLP) {
+					// Found a long match, at least 8 bytes.
+					prevMatch := e.matchlen(s+8, coffsetLP+8, src) + 8
+					if prevMatch > matched {
+						matched = prevMatch
+						t = coffsetLP
+					}
+					if debugAsserts && s <= t {
+						panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+					}
+					if debugAsserts && s-t > e.maxMatchOff {
+						panic("s - t >e.maxMatchOff")
+					}
+					if debugMatches {
+						println("long match")
+					}
+				}
+				break
+			}
+
+			// Check if we have a long match on prev.
+			if s-coffsetLP < e.maxMatchOff && cv == load6432(src, coffsetLP) {
+				// Found a long match, at least 8 bytes.
+				matched = e.matchlen(s+8, coffsetLP+8, src) + 8
+				t = coffsetLP
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugMatches {
+					println("long match")
+				}
+				break
+			}
+
+			coffsetS := candidateS.offset - e.cur
+
+			// Check if we have a short match.
+			if s-coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
+				// found a regular match
+				matched = e.matchlen(s+4, coffsetS+4, src) + 4
+
+				// See if we can find a long match at s+1
+				const checkAt = 1
+				cv := load6432(src, s+checkAt)
+				nextHashL = hashLen(cv, betterLongTableBits, betterLongLen)
+				candidateL = e.longTable[nextHashL]
+				coffsetL = candidateL.offset - e.cur
+
+				// We can store it, since we have at least a 4 byte match.
+				e.longTable[nextHashL] = prevEntry{offset: s + checkAt + e.cur, prev: candidateL.offset}
+				e.markLongShardDirty(nextHashL)
+				if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
+					// Found a long match, at least 8 bytes.
+					matchedNext := e.matchlen(s+8+checkAt, coffsetL+8, src) + 8
+					if matchedNext > matched {
+						t = coffsetL
+						s += checkAt
+						matched = matchedNext
+						if debugMatches {
+							println("long match (after short)")
+						}
+						break
+					}
+				}
+
+				// Check prev long...
+				coffsetL = candidateL.prev - e.cur
+				if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
+					// Found a long match, at least 8 bytes.
+					matchedNext := e.matchlen(s+8+checkAt, coffsetL+8, src) + 8
+					if matchedNext > matched {
+						t = coffsetL
+						s += checkAt
+						matched = matchedNext
+						if debugMatches {
+							println("prev long match (after short)")
+						}
+						break
+					}
+				}
+				t = coffsetS
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugAsserts && t < 0 {
+					panic("t<0")
+				}
+				if debugMatches {
+					println("short match")
+				}
+				break
+			}
+
+			// No match found, move forward in input.
+			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
+			if s >= sLimit {
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+		// Try to find a better match by searching for a long match at the end of the current best match
+		if s+matched < sLimit {
+			nextHashL := hashLen(load6432(src, s+matched), betterLongTableBits, betterLongLen)
+			cv := load3232(src, s)
+			candidateL := e.longTable[nextHashL]
+			coffsetL := candidateL.offset - e.cur - matched
+			if coffsetL >= 0 && coffsetL < s && s-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
+				// Found a long match, at least 4 bytes.
+				matchedNext := e.matchlen(s+4, coffsetL+4, src) + 4
+				if matchedNext > matched {
+					t = coffsetL
+					matched = matchedNext
+					if debugMatches {
+						println("long match at end-of-match")
+					}
+				}
+			}
+
+			// Check prev long...
+			if true {
+				coffsetL = candidateL.prev - e.cur - matched
+				if coffsetL >= 0 && coffsetL < s && s-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
+					// Found a long match, at least 4 bytes.
+					matchedNext := e.matchlen(s+4, coffsetL+4, src) + 4
+					if matchedNext > matched {
+						t = coffsetL
+						matched = matchedNext
+						if debugMatches {
+							println("prev long match at end-of-match")
+						}
+					}
+				}
+			}
+		}
+		// A match has been found. Update recent offsets.
+		offset2 = offset1
+		offset1 = s - t
+
+		if debugAsserts && s <= t {
+			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+		}
+
+		if debugAsserts && canRepeat && int(offset1) > len(src) {
+			panic("invalid offset")
+		}
+
+		// Extend the n-byte match as long as possible.
+		l := matched
+
+		// Extend backwards
+		tMin := s - e.maxMatchOff
+		if tMin < 0 {
+			tMin = 0
+		}
+		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
+			s--
+			t--
+			l++
+		}
+
+		// Write our sequence
+		var seq seq
+		seq.litLen = uint32(s - nextEmit)
+		seq.matchLen = uint32(l - zstdMinMatch)
+		if seq.litLen > 0 {
+			blk.literals = append(blk.literals, src[nextEmit:s]...)
+		}
+		seq.offset = uint32(s-t) + 3
+		s += l
+		if debugSequences {
+			println("sequence", seq, "next s:", s)
+		}
+		blk.sequences = append(blk.sequences, seq)
+		nextEmit = s
+		if s >= sLimit {
+			break encodeLoop
+		}
+
+		// Index match start+1 (long) -> s - 1
+		off := index0 + e.cur
+		for index0 < s-1 {
+			cv0 := load6432(src, index0)
+			cv1 := cv0 >> 8
+			h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
+			e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
+			e.markLongShardDirty(h0)
+			h1 := hashLen(cv1, betterShortTableBits, betterShortLen)
+			e.table[h1] = tableEntry{offset: off + 1, val: uint32(cv1)}
+			e.markShortShardDirty(h1)
+			index0 += 2
+			off += 2
+		}
+
+		cv = load6432(src, s)
+		if !canRepeat {
+			continue
+		}
+
+		// Check offset 2
+		for {
+			o2 := s - offset2
+			if load3232(src, o2) != uint32(cv) {
+				// Do regular search
+				break
+			}
+
+			// Store this, since we have it.
+			nextHashL := hashLen(cv, betterLongTableBits, betterLongLen)
+			nextHashS := hashLen(cv, betterShortTableBits, betterShortLen)
+
+			// We have at least 4 byte match.
+			// No need to check backwards. We come straight from a match
+			l := 4 + e.matchlen(s+4, o2+4, src)
+
+			e.longTable[nextHashL] = prevEntry{offset: s + e.cur, prev: e.longTable[nextHashL].offset}
+			e.markLongShardDirty(nextHashL)
+			e.table[nextHashS] = tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.markShortShardDirty(nextHashS)
+			seq.matchLen = uint32(l) - zstdMinMatch
+			seq.litLen = 0
+
+			// Since litlen is always 0, this is offset 1.
+			seq.offset = 1
+			s += l
+			nextEmit = s
+			if debugSequences {
+				println("sequence", seq, "next s:", s)
+			}
+			blk.sequences = append(blk.sequences, seq)
+
+			// Swap offset 1 and 2.
+			offset1, offset2 = offset2, offset1
+			if s >= sLimit {
+				// Finished
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+	}
+
+	if int(nextEmit) < len(src) {
+		blk.literals = append(blk.literals, src[nextEmit:]...)
+		blk.extraLits = len(src) - int(nextEmit)
+	}
+	blk.recentOffsets[0] = uint32(offset1)
+	blk.recentOffsets[1] = uint32(offset2)
+	if debugEncoder {
+		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
+	}
+}
+
+// ResetDict will reset and set a dictionary if not nil
+func (e *betterFastEncoder) Reset(d *dict, singleBlock bool) {
+	e.resetBase(d, singleBlock)
+	if d != nil {
+		panic("betterFastEncoder: Reset with dict")
+	}
+}
+
+// ResetDict will reset and set a dictionary if not nil
+func (e *betterFastEncoderDict) Reset(d *dict, singleBlock bool) {
+	e.resetBase(d, singleBlock)
+	if d == nil {
+		return
+	}
+	// Init or copy dict table
+	if len(e.dictTable) != len(e.table) || d.id != e.lastDictID {
+		if len(e.dictTable) != len(e.table) {
+			e.dictTable = make([]tableEntry, len(e.table))
+		}
+		end := int32(len(d.content)) - 8 + e.maxMatchOff
+		for i := e.maxMatchOff; i < end; i += 4 {
+			const hashLog = betterShortTableBits
+
+			cv := load6432(d.content, i-e.maxMatchOff)
+			nextHash := hashLen(cv, hashLog, betterShortLen)      // 0 -> 4
+			nextHash1 := hashLen(cv>>8, hashLog, betterShortLen)  // 1 -> 5
+			nextHash2 := hashLen(cv>>16, hashLog, betterShortLen) // 2 -> 6
+			nextHash3 := hashLen(cv>>24, hashLog, betterShortLen) // 3 -> 7
+			e.dictTable[nextHash] = tableEntry{
+				val:    uint32(cv),
+				offset: i,
+			}
+			e.dictTable[nextHash1] = tableEntry{
+				val:    uint32(cv >> 8),
+				offset: i + 1,
+			}
+			e.dictTable[nextHash2] = tableEntry{
+				val:    uint32(cv >> 16),
+				offset: i + 2,
+			}
+			e.dictTable[nextHash3] = tableEntry{
+				val:    uint32(cv >> 24),
+				offset: i + 3,
+			}
+		}
+		e.lastDictID = d.id
+		e.allDirty = true
+	}
+
+	// Init or copy dict table
+	if len(e.dictLongTable) != len(e.longTable) || d.id != e.lastDictID {
+		if len(e.dictLongTable) != len(e.longTable) {
+			e.dictLongTable = make([]prevEntry, len(e.longTable))
+		}
+		if len(d.content) >= 8 {
+			cv := load6432(d.content, 0)
+			h := hashLen(cv, betterLongTableBits, betterLongLen)
+			e.dictLongTable[h] = prevEntry{
+				offset: e.maxMatchOff,
+				prev:   e.dictLongTable[h].offset,
+			}
+
+			end := int32(len(d.content)) - 8 + e.maxMatchOff
+			off := 8 // First to read
+			for i := e.maxMatchOff + 1; i < end; i++ {
+				cv = cv>>8 | (uint64(d.content[off]) << 56)
+				h := hashLen(cv, betterLongTableBits, betterLongLen)
+				e.dictLongTable[h] = prevEntry{
+					offset: i,
+					prev:   e.dictLongTable[h].offset,
+				}
+				off++
+			}
+		}
+		e.lastDictID = d.id
+		e.allDirty = true
+	}
+
+	// Reset table to initial state
+	{
+		dirtyShardCnt := 0
+		if !e.allDirty {
+			for i := range e.shortTableShardDirty {
+				if e.shortTableShardDirty[i] {
+					dirtyShardCnt++
+				}
+			}
+		}
+		const shardCnt = betterShortTableShardCnt
+		const shardSize = betterShortTableShardSize
+		if e.allDirty || dirtyShardCnt > shardCnt*4/6 {
+			copy(e.table[:], e.dictTable)
+			for i := range e.shortTableShardDirty {
+				e.shortTableShardDirty[i] = false
+			}
+		} else {
+			for i := range e.shortTableShardDirty {
+				if !e.shortTableShardDirty[i] {
+					continue
+				}
+
+				copy(e.table[i*shardSize:(i+1)*shardSize], e.dictTable[i*shardSize:(i+1)*shardSize])
+				e.shortTableShardDirty[i] = false
+			}
+		}
+	}
+	{
+		dirtyShardCnt := 0
+		if !e.allDirty {
+			for i := range e.shortTableShardDirty {
+				if e.shortTableShardDirty[i] {
+					dirtyShardCnt++
+				}
+			}
+		}
+		const shardCnt = betterLongTableShardCnt
+		const shardSize = betterLongTableShardSize
+		if e.allDirty || dirtyShardCnt > shardCnt*4/6 {
+			copy(e.longTable[:], e.dictLongTable)
+			for i := range e.longTableShardDirty {
+				e.longTableShardDirty[i] = false
+			}
+		} else {
+			for i := range e.longTableShardDirty {
+				if !e.longTableShardDirty[i] {
+					continue
+				}
+
+				copy(e.longTable[i*shardSize:(i+1)*shardSize], e.dictLongTable[i*shardSize:(i+1)*shardSize])
+				e.longTableShardDirty[i] = false
+			}
+		}
+	}
+	e.cur = e.maxMatchOff
+	e.allDirty = false
+}
+
+func (e *betterFastEncoderDict) markLongShardDirty(entryNum uint32) {
+	e.longTableShardDirty[entryNum/betterLongTableShardSize] = true
+}
+
+func (e *betterFastEncoderDict) markShortShardDirty(entryNum uint32) {
+	e.shortTableShardDirty[entryNum/betterShortTableShardSize] = true
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_dfast.go b/vendor/github.com/klauspost/compress/zstd/enc_dfast.go
new file mode 100644
index 000000000..d36be7bd8
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/enc_dfast.go
@@ -0,0 +1,1123 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import "fmt"
+
+const (
+	dFastLongTableBits = 17                      // Bits used in the long match table
+	dFastLongTableSize = 1 << dFastLongTableBits // Size of the table
+	dFastLongTableMask = dFastLongTableSize - 1  // Mask for table indices. Redundant, but can eliminate bounds checks.
+	dFastLongLen       = 8                       // Bytes used for table hash
+
+	dLongTableShardCnt  = 1 << (dFastLongTableBits - dictShardBits) // Number of shards in the table
+	dLongTableShardSize = dFastLongTableSize / tableShardCnt        // Size of an individual shard
+
+	dFastShortTableBits = tableBits                // Bits used in the short match table
+	dFastShortTableSize = 1 << dFastShortTableBits // Size of the table
+	dFastShortTableMask = dFastShortTableSize - 1  // Mask for table indices. Redundant, but can eliminate bounds checks.
+	dFastShortLen       = 5                        // Bytes used for table hash
+
+)
+
+type doubleFastEncoder struct {
+	fastEncoder
+	longTable [dFastLongTableSize]tableEntry
+}
+
+type doubleFastEncoderDict struct {
+	fastEncoderDict
+	longTable           [dFastLongTableSize]tableEntry
+	dictLongTable       []tableEntry
+	longTableShardDirty [dLongTableShardCnt]bool
+}
+
+// Encode mimmics functionality in zstd_dfast.c
+func (e *doubleFastEncoder) Encode(blk *blockEnc, src []byte) {
+	const (
+		// Input margin is the number of bytes we read (8)
+		// and the maximum we will read ahead (2)
+		inputMargin            = 8 + 2
+		minNonLiteralBlockSize = 16
+	)
+
+	// Protect against e.cur wraparound.
+	for e.cur >= e.bufferReset-int32(len(e.hist)) {
+		if len(e.hist) == 0 {
+			e.table = [dFastShortTableSize]tableEntry{}
+			e.longTable = [dFastLongTableSize]tableEntry{}
+			e.cur = e.maxMatchOff
+			break
+		}
+		// Shift down everything in the table that isn't already too far away.
+		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
+		for i := range e.table[:] {
+			v := e.table[i].offset
+			if v < minOff {
+				v = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+			}
+			e.table[i].offset = v
+		}
+		for i := range e.longTable[:] {
+			v := e.longTable[i].offset
+			if v < minOff {
+				v = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+			}
+			e.longTable[i].offset = v
+		}
+		e.cur = e.maxMatchOff
+		break
+	}
+
+	s := e.addBlock(src)
+	blk.size = len(src)
+	if len(src) < minNonLiteralBlockSize {
+		blk.extraLits = len(src)
+		blk.literals = blk.literals[:len(src)]
+		copy(blk.literals, src)
+		return
+	}
+
+	// Override src
+	src = e.hist
+	sLimit := int32(len(src)) - inputMargin
+	// stepSize is the number of bytes to skip on every main loop iteration.
+	// It should be >= 1.
+	const stepSize = 1
+
+	const kSearchStrength = 8
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := s
+	cv := load6432(src, s)
+
+	// Relative offsets
+	offset1 := int32(blk.recentOffsets[0])
+	offset2 := int32(blk.recentOffsets[1])
+
+	addLiterals := func(s *seq, until int32) {
+		if until == nextEmit {
+			return
+		}
+		blk.literals = append(blk.literals, src[nextEmit:until]...)
+		s.litLen = uint32(until - nextEmit)
+	}
+	if debugEncoder {
+		println("recent offsets:", blk.recentOffsets)
+	}
+
+encodeLoop:
+	for {
+		var t int32
+		// We allow the encoder to optionally turn off repeat offsets across blocks
+		canRepeat := len(blk.sequences) > 2
+
+		for {
+			if debugAsserts && canRepeat && offset1 == 0 {
+				panic("offset0 was 0")
+			}
+
+			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
+			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
+			candidateL := e.longTable[nextHashL]
+			candidateS := e.table[nextHashS]
+
+			const repOff = 1
+			repIndex := s - offset1 + repOff
+			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.longTable[nextHashL] = entry
+			e.table[nextHashS] = entry
+
+			if canRepeat {
+				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
+					// Consider history as well.
+					var seq seq
+					length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
+
+					seq.matchLen = uint32(length - zstdMinMatch)
+
+					// We might be able to match backwards.
+					// Extend as long as we can.
+					start := s + repOff
+					// We end the search early, so we don't risk 0 literals
+					// and have to do special offset treatment.
+					startLimit := nextEmit + 1
+
+					tMin := s - e.maxMatchOff
+					if tMin < 0 {
+						tMin = 0
+					}
+					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
+						repIndex--
+						start--
+						seq.matchLen++
+					}
+					addLiterals(&seq, start)
+
+					// rep 0
+					seq.offset = 1
+					if debugSequences {
+						println("repeat sequence", seq, "next s:", s)
+					}
+					blk.sequences = append(blk.sequences, seq)
+					s += length + repOff
+					nextEmit = s
+					if s >= sLimit {
+						if debugEncoder {
+							println("repeat ended", s, length)
+
+						}
+						break encodeLoop
+					}
+					cv = load6432(src, s)
+					continue
+				}
+			}
+			// Find the offsets of our two matches.
+			coffsetL := s - (candidateL.offset - e.cur)
+			coffsetS := s - (candidateS.offset - e.cur)
+
+			// Check if we have a long match.
+			if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
+				// Found a long match, likely at least 8 bytes.
+				// Reference encoder checks all 8 bytes, we only check 4,
+				// but the likelihood of both the first 4 bytes and the hash matching should be enough.
+				t = candidateL.offset - e.cur
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugMatches {
+					println("long match")
+				}
+				break
+			}
+
+			// Check if we have a short match.
+			if coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
+				// found a regular match
+				// See if we can find a long match at s+1
+				const checkAt = 1
+				cv := load6432(src, s+checkAt)
+				nextHashL = hashLen(cv, dFastLongTableBits, dFastLongLen)
+				candidateL = e.longTable[nextHashL]
+				coffsetL = s - (candidateL.offset - e.cur) + checkAt
+
+				// We can store it, since we have at least a 4 byte match.
+				e.longTable[nextHashL] = tableEntry{offset: s + checkAt + e.cur, val: uint32(cv)}
+				if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
+					// Found a long match, likely at least 8 bytes.
+					// Reference encoder checks all 8 bytes, we only check 4,
+					// but the likelihood of both the first 4 bytes and the hash matching should be enough.
+					t = candidateL.offset - e.cur
+					s += checkAt
+					if debugMatches {
+						println("long match (after short)")
+					}
+					break
+				}
+
+				t = candidateS.offset - e.cur
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugAsserts && t < 0 {
+					panic("t<0")
+				}
+				if debugMatches {
+					println("short match")
+				}
+				break
+			}
+
+			// No match found, move forward in input.
+			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
+			if s >= sLimit {
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+
+		// A 4-byte match has been found. Update recent offsets.
+		// We'll later see if more than 4 bytes.
+		offset2 = offset1
+		offset1 = s - t
+
+		if debugAsserts && s <= t {
+			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+		}
+
+		if debugAsserts && canRepeat && int(offset1) > len(src) {
+			panic("invalid offset")
+		}
+
+		// Extend the 4-byte match as long as possible.
+		l := e.matchlen(s+4, t+4, src) + 4
+
+		// Extend backwards
+		tMin := s - e.maxMatchOff
+		if tMin < 0 {
+			tMin = 0
+		}
+		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
+			s--
+			t--
+			l++
+		}
+
+		// Write our sequence
+		var seq seq
+		seq.litLen = uint32(s - nextEmit)
+		seq.matchLen = uint32(l - zstdMinMatch)
+		if seq.litLen > 0 {
+			blk.literals = append(blk.literals, src[nextEmit:s]...)
+		}
+		seq.offset = uint32(s-t) + 3
+		s += l
+		if debugSequences {
+			println("sequence", seq, "next s:", s)
+		}
+		blk.sequences = append(blk.sequences, seq)
+		nextEmit = s
+		if s >= sLimit {
+			break encodeLoop
+		}
+
+		// Index match start+1 (long) and start+2 (short)
+		index0 := s - l + 1
+		// Index match end-2 (long) and end-1 (short)
+		index1 := s - 2
+
+		cv0 := load6432(src, index0)
+		cv1 := load6432(src, index1)
+		te0 := tableEntry{offset: index0 + e.cur, val: uint32(cv0)}
+		te1 := tableEntry{offset: index1 + e.cur, val: uint32(cv1)}
+		e.longTable[hashLen(cv0, dFastLongTableBits, dFastLongLen)] = te0
+		e.longTable[hashLen(cv1, dFastLongTableBits, dFastLongLen)] = te1
+		cv0 >>= 8
+		cv1 >>= 8
+		te0.offset++
+		te1.offset++
+		te0.val = uint32(cv0)
+		te1.val = uint32(cv1)
+		e.table[hashLen(cv0, dFastShortTableBits, dFastShortLen)] = te0
+		e.table[hashLen(cv1, dFastShortTableBits, dFastShortLen)] = te1
+
+		cv = load6432(src, s)
+
+		if !canRepeat {
+			continue
+		}
+
+		// Check offset 2
+		for {
+			o2 := s - offset2
+			if load3232(src, o2) != uint32(cv) {
+				// Do regular search
+				break
+			}
+
+			// Store this, since we have it.
+			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
+			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
+
+			// We have at least 4 byte match.
+			// No need to check backwards. We come straight from a match
+			l := 4 + e.matchlen(s+4, o2+4, src)
+
+			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.longTable[nextHashL] = entry
+			e.table[nextHashS] = entry
+			seq.matchLen = uint32(l) - zstdMinMatch
+			seq.litLen = 0
+
+			// Since litlen is always 0, this is offset 1.
+			seq.offset = 1
+			s += l
+			nextEmit = s
+			if debugSequences {
+				println("sequence", seq, "next s:", s)
+			}
+			blk.sequences = append(blk.sequences, seq)
+
+			// Swap offset 1 and 2.
+			offset1, offset2 = offset2, offset1
+			if s >= sLimit {
+				// Finished
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+	}
+
+	if int(nextEmit) < len(src) {
+		blk.literals = append(blk.literals, src[nextEmit:]...)
+		blk.extraLits = len(src) - int(nextEmit)
+	}
+	blk.recentOffsets[0] = uint32(offset1)
+	blk.recentOffsets[1] = uint32(offset2)
+	if debugEncoder {
+		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
+	}
+}
+
+// EncodeNoHist will encode a block with no history and no following blocks.
+// Most notable difference is that src will not be copied for history and
+// we do not need to check for max match length.
+func (e *doubleFastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
+	const (
+		// Input margin is the number of bytes we read (8)
+		// and the maximum we will read ahead (2)
+		inputMargin            = 8 + 2
+		minNonLiteralBlockSize = 16
+	)
+
+	// Protect against e.cur wraparound.
+	if e.cur >= e.bufferReset {
+		for i := range e.table[:] {
+			e.table[i] = tableEntry{}
+		}
+		for i := range e.longTable[:] {
+			e.longTable[i] = tableEntry{}
+		}
+		e.cur = e.maxMatchOff
+	}
+
+	s := int32(0)
+	blk.size = len(src)
+	if len(src) < minNonLiteralBlockSize {
+		blk.extraLits = len(src)
+		blk.literals = blk.literals[:len(src)]
+		copy(blk.literals, src)
+		return
+	}
+
+	// Override src
+	sLimit := int32(len(src)) - inputMargin
+	// stepSize is the number of bytes to skip on every main loop iteration.
+	// It should be >= 1.
+	const stepSize = 1
+
+	const kSearchStrength = 8
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := s
+	cv := load6432(src, s)
+
+	// Relative offsets
+	offset1 := int32(blk.recentOffsets[0])
+	offset2 := int32(blk.recentOffsets[1])
+
+	addLiterals := func(s *seq, until int32) {
+		if until == nextEmit {
+			return
+		}
+		blk.literals = append(blk.literals, src[nextEmit:until]...)
+		s.litLen = uint32(until - nextEmit)
+	}
+	if debugEncoder {
+		println("recent offsets:", blk.recentOffsets)
+	}
+
+encodeLoop:
+	for {
+		var t int32
+		for {
+
+			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
+			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
+			candidateL := e.longTable[nextHashL]
+			candidateS := e.table[nextHashS]
+
+			const repOff = 1
+			repIndex := s - offset1 + repOff
+			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.longTable[nextHashL] = entry
+			e.table[nextHashS] = entry
+
+			if len(blk.sequences) > 2 {
+				if load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
+					// Consider history as well.
+					var seq seq
+					//length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
+					length := 4 + int32(matchLen(src[s+4+repOff:], src[repIndex+4:]))
+
+					seq.matchLen = uint32(length - zstdMinMatch)
+
+					// We might be able to match backwards.
+					// Extend as long as we can.
+					start := s + repOff
+					// We end the search early, so we don't risk 0 literals
+					// and have to do special offset treatment.
+					startLimit := nextEmit + 1
+
+					tMin := s - e.maxMatchOff
+					if tMin < 0 {
+						tMin = 0
+					}
+					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] {
+						repIndex--
+						start--
+						seq.matchLen++
+					}
+					addLiterals(&seq, start)
+
+					// rep 0
+					seq.offset = 1
+					if debugSequences {
+						println("repeat sequence", seq, "next s:", s)
+					}
+					blk.sequences = append(blk.sequences, seq)
+					s += length + repOff
+					nextEmit = s
+					if s >= sLimit {
+						if debugEncoder {
+							println("repeat ended", s, length)
+
+						}
+						break encodeLoop
+					}
+					cv = load6432(src, s)
+					continue
+				}
+			}
+			// Find the offsets of our two matches.
+			coffsetL := s - (candidateL.offset - e.cur)
+			coffsetS := s - (candidateS.offset - e.cur)
+
+			// Check if we have a long match.
+			if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
+				// Found a long match, likely at least 8 bytes.
+				// Reference encoder checks all 8 bytes, we only check 4,
+				// but the likelihood of both the first 4 bytes and the hash matching should be enough.
+				t = candidateL.offset - e.cur
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d). cur: %d", s, t, e.cur))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugMatches {
+					println("long match")
+				}
+				break
+			}
+
+			// Check if we have a short match.
+			if coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
+				// found a regular match
+				// See if we can find a long match at s+1
+				const checkAt = 1
+				cv := load6432(src, s+checkAt)
+				nextHashL = hashLen(cv, dFastLongTableBits, dFastLongLen)
+				candidateL = e.longTable[nextHashL]
+				coffsetL = s - (candidateL.offset - e.cur) + checkAt
+
+				// We can store it, since we have at least a 4 byte match.
+				e.longTable[nextHashL] = tableEntry{offset: s + checkAt + e.cur, val: uint32(cv)}
+				if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
+					// Found a long match, likely at least 8 bytes.
+					// Reference encoder checks all 8 bytes, we only check 4,
+					// but the likelihood of both the first 4 bytes and the hash matching should be enough.
+					t = candidateL.offset - e.cur
+					s += checkAt
+					if debugMatches {
+						println("long match (after short)")
+					}
+					break
+				}
+
+				t = candidateS.offset - e.cur
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugAsserts && t < 0 {
+					panic("t<0")
+				}
+				if debugMatches {
+					println("short match")
+				}
+				break
+			}
+
+			// No match found, move forward in input.
+			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
+			if s >= sLimit {
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+
+		// A 4-byte match has been found. Update recent offsets.
+		// We'll later see if more than 4 bytes.
+		offset2 = offset1
+		offset1 = s - t
+
+		if debugAsserts && s <= t {
+			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+		}
+
+		// Extend the 4-byte match as long as possible.
+		//l := e.matchlen(s+4, t+4, src) + 4
+		l := int32(matchLen(src[s+4:], src[t+4:])) + 4
+
+		// Extend backwards
+		tMin := s - e.maxMatchOff
+		if tMin < 0 {
+			tMin = 0
+		}
+		for t > tMin && s > nextEmit && src[t-1] == src[s-1] {
+			s--
+			t--
+			l++
+		}
+
+		// Write our sequence
+		var seq seq
+		seq.litLen = uint32(s - nextEmit)
+		seq.matchLen = uint32(l - zstdMinMatch)
+		if seq.litLen > 0 {
+			blk.literals = append(blk.literals, src[nextEmit:s]...)
+		}
+		seq.offset = uint32(s-t) + 3
+		s += l
+		if debugSequences {
+			println("sequence", seq, "next s:", s)
+		}
+		blk.sequences = append(blk.sequences, seq)
+		nextEmit = s
+		if s >= sLimit {
+			break encodeLoop
+		}
+
+		// Index match start+1 (long) and start+2 (short)
+		index0 := s - l + 1
+		// Index match end-2 (long) and end-1 (short)
+		index1 := s - 2
+
+		cv0 := load6432(src, index0)
+		cv1 := load6432(src, index1)
+		te0 := tableEntry{offset: index0 + e.cur, val: uint32(cv0)}
+		te1 := tableEntry{offset: index1 + e.cur, val: uint32(cv1)}
+		e.longTable[hashLen(cv0, dFastLongTableBits, dFastLongLen)] = te0
+		e.longTable[hashLen(cv1, dFastLongTableBits, dFastLongLen)] = te1
+		cv0 >>= 8
+		cv1 >>= 8
+		te0.offset++
+		te1.offset++
+		te0.val = uint32(cv0)
+		te1.val = uint32(cv1)
+		e.table[hashLen(cv0, dFastShortTableBits, dFastShortLen)] = te0
+		e.table[hashLen(cv1, dFastShortTableBits, dFastShortLen)] = te1
+
+		cv = load6432(src, s)
+
+		if len(blk.sequences) <= 2 {
+			continue
+		}
+
+		// Check offset 2
+		for {
+			o2 := s - offset2
+			if load3232(src, o2) != uint32(cv) {
+				// Do regular search
+				break
+			}
+
+			// Store this, since we have it.
+			nextHashS := hashLen(cv1>>8, dFastShortTableBits, dFastShortLen)
+			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
+
+			// We have at least 4 byte match.
+			// No need to check backwards. We come straight from a match
+			//l := 4 + e.matchlen(s+4, o2+4, src)
+			l := 4 + int32(matchLen(src[s+4:], src[o2+4:]))
+
+			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.longTable[nextHashL] = entry
+			e.table[nextHashS] = entry
+			seq.matchLen = uint32(l) - zstdMinMatch
+			seq.litLen = 0
+
+			// Since litlen is always 0, this is offset 1.
+			seq.offset = 1
+			s += l
+			nextEmit = s
+			if debugSequences {
+				println("sequence", seq, "next s:", s)
+			}
+			blk.sequences = append(blk.sequences, seq)
+
+			// Swap offset 1 and 2.
+			offset1, offset2 = offset2, offset1
+			if s >= sLimit {
+				// Finished
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+	}
+
+	if int(nextEmit) < len(src) {
+		blk.literals = append(blk.literals, src[nextEmit:]...)
+		blk.extraLits = len(src) - int(nextEmit)
+	}
+	if debugEncoder {
+		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
+	}
+
+	// We do not store history, so we must offset e.cur to avoid false matches for next user.
+	if e.cur < e.bufferReset {
+		e.cur += int32(len(src))
+	}
+}
+
+// Encode will encode the content, with a dictionary if initialized for it.
+func (e *doubleFastEncoderDict) Encode(blk *blockEnc, src []byte) {
+	const (
+		// Input margin is the number of bytes we read (8)
+		// and the maximum we will read ahead (2)
+		inputMargin            = 8 + 2
+		minNonLiteralBlockSize = 16
+	)
+
+	// Protect against e.cur wraparound.
+	for e.cur >= e.bufferReset-int32(len(e.hist)) {
+		if len(e.hist) == 0 {
+			for i := range e.table[:] {
+				e.table[i] = tableEntry{}
+			}
+			for i := range e.longTable[:] {
+				e.longTable[i] = tableEntry{}
+			}
+			e.markAllShardsDirty()
+			e.cur = e.maxMatchOff
+			break
+		}
+		// Shift down everything in the table that isn't already too far away.
+		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
+		for i := range e.table[:] {
+			v := e.table[i].offset
+			if v < minOff {
+				v = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+			}
+			e.table[i].offset = v
+		}
+		for i := range e.longTable[:] {
+			v := e.longTable[i].offset
+			if v < minOff {
+				v = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+			}
+			e.longTable[i].offset = v
+		}
+		e.markAllShardsDirty()
+		e.cur = e.maxMatchOff
+		break
+	}
+
+	s := e.addBlock(src)
+	blk.size = len(src)
+	if len(src) < minNonLiteralBlockSize {
+		blk.extraLits = len(src)
+		blk.literals = blk.literals[:len(src)]
+		copy(blk.literals, src)
+		return
+	}
+
+	// Override src
+	src = e.hist
+	sLimit := int32(len(src)) - inputMargin
+	// stepSize is the number of bytes to skip on every main loop iteration.
+	// It should be >= 1.
+	const stepSize = 1
+
+	const kSearchStrength = 8
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := s
+	cv := load6432(src, s)
+
+	// Relative offsets
+	offset1 := int32(blk.recentOffsets[0])
+	offset2 := int32(blk.recentOffsets[1])
+
+	addLiterals := func(s *seq, until int32) {
+		if until == nextEmit {
+			return
+		}
+		blk.literals = append(blk.literals, src[nextEmit:until]...)
+		s.litLen = uint32(until - nextEmit)
+	}
+	if debugEncoder {
+		println("recent offsets:", blk.recentOffsets)
+	}
+
+encodeLoop:
+	for {
+		var t int32
+		// We allow the encoder to optionally turn off repeat offsets across blocks
+		canRepeat := len(blk.sequences) > 2
+
+		for {
+			if debugAsserts && canRepeat && offset1 == 0 {
+				panic("offset0 was 0")
+			}
+
+			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
+			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
+			candidateL := e.longTable[nextHashL]
+			candidateS := e.table[nextHashS]
+
+			const repOff = 1
+			repIndex := s - offset1 + repOff
+			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.longTable[nextHashL] = entry
+			e.markLongShardDirty(nextHashL)
+			e.table[nextHashS] = entry
+			e.markShardDirty(nextHashS)
+
+			if canRepeat {
+				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
+					// Consider history as well.
+					var seq seq
+					length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
+
+					seq.matchLen = uint32(length - zstdMinMatch)
+
+					// We might be able to match backwards.
+					// Extend as long as we can.
+					start := s + repOff
+					// We end the search early, so we don't risk 0 literals
+					// and have to do special offset treatment.
+					startLimit := nextEmit + 1
+
+					tMin := s - e.maxMatchOff
+					if tMin < 0 {
+						tMin = 0
+					}
+					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
+						repIndex--
+						start--
+						seq.matchLen++
+					}
+					addLiterals(&seq, start)
+
+					// rep 0
+					seq.offset = 1
+					if debugSequences {
+						println("repeat sequence", seq, "next s:", s)
+					}
+					blk.sequences = append(blk.sequences, seq)
+					s += length + repOff
+					nextEmit = s
+					if s >= sLimit {
+						if debugEncoder {
+							println("repeat ended", s, length)
+
+						}
+						break encodeLoop
+					}
+					cv = load6432(src, s)
+					continue
+				}
+			}
+			// Find the offsets of our two matches.
+			coffsetL := s - (candidateL.offset - e.cur)
+			coffsetS := s - (candidateS.offset - e.cur)
+
+			// Check if we have a long match.
+			if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
+				// Found a long match, likely at least 8 bytes.
+				// Reference encoder checks all 8 bytes, we only check 4,
+				// but the likelihood of both the first 4 bytes and the hash matching should be enough.
+				t = candidateL.offset - e.cur
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugMatches {
+					println("long match")
+				}
+				break
+			}
+
+			// Check if we have a short match.
+			if coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
+				// found a regular match
+				// See if we can find a long match at s+1
+				const checkAt = 1
+				cv := load6432(src, s+checkAt)
+				nextHashL = hashLen(cv, dFastLongTableBits, dFastLongLen)
+				candidateL = e.longTable[nextHashL]
+				coffsetL = s - (candidateL.offset - e.cur) + checkAt
+
+				// We can store it, since we have at least a 4 byte match.
+				e.longTable[nextHashL] = tableEntry{offset: s + checkAt + e.cur, val: uint32(cv)}
+				e.markLongShardDirty(nextHashL)
+				if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
+					// Found a long match, likely at least 8 bytes.
+					// Reference encoder checks all 8 bytes, we only check 4,
+					// but the likelihood of both the first 4 bytes and the hash matching should be enough.
+					t = candidateL.offset - e.cur
+					s += checkAt
+					if debugMatches {
+						println("long match (after short)")
+					}
+					break
+				}
+
+				t = candidateS.offset - e.cur
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugAsserts && t < 0 {
+					panic("t<0")
+				}
+				if debugMatches {
+					println("short match")
+				}
+				break
+			}
+
+			// No match found, move forward in input.
+			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
+			if s >= sLimit {
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+
+		// A 4-byte match has been found. Update recent offsets.
+		// We'll later see if more than 4 bytes.
+		offset2 = offset1
+		offset1 = s - t
+
+		if debugAsserts && s <= t {
+			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+		}
+
+		if debugAsserts && canRepeat && int(offset1) > len(src) {
+			panic("invalid offset")
+		}
+
+		// Extend the 4-byte match as long as possible.
+		l := e.matchlen(s+4, t+4, src) + 4
+
+		// Extend backwards
+		tMin := s - e.maxMatchOff
+		if tMin < 0 {
+			tMin = 0
+		}
+		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
+			s--
+			t--
+			l++
+		}
+
+		// Write our sequence
+		var seq seq
+		seq.litLen = uint32(s - nextEmit)
+		seq.matchLen = uint32(l - zstdMinMatch)
+		if seq.litLen > 0 {
+			blk.literals = append(blk.literals, src[nextEmit:s]...)
+		}
+		seq.offset = uint32(s-t) + 3
+		s += l
+		if debugSequences {
+			println("sequence", seq, "next s:", s)
+		}
+		blk.sequences = append(blk.sequences, seq)
+		nextEmit = s
+		if s >= sLimit {
+			break encodeLoop
+		}
+
+		// Index match start+1 (long) and start+2 (short)
+		index0 := s - l + 1
+		// Index match end-2 (long) and end-1 (short)
+		index1 := s - 2
+
+		cv0 := load6432(src, index0)
+		cv1 := load6432(src, index1)
+		te0 := tableEntry{offset: index0 + e.cur, val: uint32(cv0)}
+		te1 := tableEntry{offset: index1 + e.cur, val: uint32(cv1)}
+		longHash1 := hashLen(cv0, dFastLongTableBits, dFastLongLen)
+		longHash2 := hashLen(cv1, dFastLongTableBits, dFastLongLen)
+		e.longTable[longHash1] = te0
+		e.longTable[longHash2] = te1
+		e.markLongShardDirty(longHash1)
+		e.markLongShardDirty(longHash2)
+		cv0 >>= 8
+		cv1 >>= 8
+		te0.offset++
+		te1.offset++
+		te0.val = uint32(cv0)
+		te1.val = uint32(cv1)
+		hashVal1 := hashLen(cv0, dFastShortTableBits, dFastShortLen)
+		hashVal2 := hashLen(cv1, dFastShortTableBits, dFastShortLen)
+		e.table[hashVal1] = te0
+		e.markShardDirty(hashVal1)
+		e.table[hashVal2] = te1
+		e.markShardDirty(hashVal2)
+
+		cv = load6432(src, s)
+
+		if !canRepeat {
+			continue
+		}
+
+		// Check offset 2
+		for {
+			o2 := s - offset2
+			if load3232(src, o2) != uint32(cv) {
+				// Do regular search
+				break
+			}
+
+			// Store this, since we have it.
+			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
+			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
+
+			// We have at least 4 byte match.
+			// No need to check backwards. We come straight from a match
+			l := 4 + e.matchlen(s+4, o2+4, src)
+
+			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.longTable[nextHashL] = entry
+			e.markLongShardDirty(nextHashL)
+			e.table[nextHashS] = entry
+			e.markShardDirty(nextHashS)
+			seq.matchLen = uint32(l) - zstdMinMatch
+			seq.litLen = 0
+
+			// Since litlen is always 0, this is offset 1.
+			seq.offset = 1
+			s += l
+			nextEmit = s
+			if debugSequences {
+				println("sequence", seq, "next s:", s)
+			}
+			blk.sequences = append(blk.sequences, seq)
+
+			// Swap offset 1 and 2.
+			offset1, offset2 = offset2, offset1
+			if s >= sLimit {
+				// Finished
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+	}
+
+	if int(nextEmit) < len(src) {
+		blk.literals = append(blk.literals, src[nextEmit:]...)
+		blk.extraLits = len(src) - int(nextEmit)
+	}
+	blk.recentOffsets[0] = uint32(offset1)
+	blk.recentOffsets[1] = uint32(offset2)
+	if debugEncoder {
+		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
+	}
+	// If we encoded more than 64K mark all dirty.
+	if len(src) > 64<<10 {
+		e.markAllShardsDirty()
+	}
+}
+
+// ResetDict will reset and set a dictionary if not nil
+func (e *doubleFastEncoder) Reset(d *dict, singleBlock bool) {
+	e.fastEncoder.Reset(d, singleBlock)
+	if d != nil {
+		panic("doubleFastEncoder: Reset with dict not supported")
+	}
+}
+
+// ResetDict will reset and set a dictionary if not nil
+func (e *doubleFastEncoderDict) Reset(d *dict, singleBlock bool) {
+	allDirty := e.allDirty
+	e.fastEncoderDict.Reset(d, singleBlock)
+	if d == nil {
+		return
+	}
+
+	// Init or copy dict table
+	if len(e.dictLongTable) != len(e.longTable) || d.id != e.lastDictID {
+		if len(e.dictLongTable) != len(e.longTable) {
+			e.dictLongTable = make([]tableEntry, len(e.longTable))
+		}
+		if len(d.content) >= 8 {
+			cv := load6432(d.content, 0)
+			e.dictLongTable[hashLen(cv, dFastLongTableBits, dFastLongLen)] = tableEntry{
+				val:    uint32(cv),
+				offset: e.maxMatchOff,
+			}
+			end := int32(len(d.content)) - 8 + e.maxMatchOff
+			for i := e.maxMatchOff + 1; i < end; i++ {
+				cv = cv>>8 | (uint64(d.content[i-e.maxMatchOff+7]) << 56)
+				e.dictLongTable[hashLen(cv, dFastLongTableBits, dFastLongLen)] = tableEntry{
+					val:    uint32(cv),
+					offset: i,
+				}
+			}
+		}
+		e.lastDictID = d.id
+		allDirty = true
+	}
+	// Reset table to initial state
+	e.cur = e.maxMatchOff
+
+	dirtyShardCnt := 0
+	if !allDirty {
+		for i := range e.longTableShardDirty {
+			if e.longTableShardDirty[i] {
+				dirtyShardCnt++
+			}
+		}
+	}
+
+	if allDirty || dirtyShardCnt > dLongTableShardCnt/2 {
+		//copy(e.longTable[:], e.dictLongTable)
+		e.longTable = *(*[dFastLongTableSize]tableEntry)(e.dictLongTable)
+		for i := range e.longTableShardDirty {
+			e.longTableShardDirty[i] = false
+		}
+		return
+	}
+	for i := range e.longTableShardDirty {
+		if !e.longTableShardDirty[i] {
+			continue
+		}
+
+		// copy(e.longTable[i*dLongTableShardSize:(i+1)*dLongTableShardSize], e.dictLongTable[i*dLongTableShardSize:(i+1)*dLongTableShardSize])
+		*(*[dLongTableShardSize]tableEntry)(e.longTable[i*dLongTableShardSize:]) = *(*[dLongTableShardSize]tableEntry)(e.dictLongTable[i*dLongTableShardSize:])
+
+		e.longTableShardDirty[i] = false
+	}
+}
+
+func (e *doubleFastEncoderDict) markLongShardDirty(entryNum uint32) {
+	e.longTableShardDirty[entryNum/dLongTableShardSize] = true
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_fast.go b/vendor/github.com/klauspost/compress/zstd/enc_fast.go
new file mode 100644
index 000000000..f45a3da7d
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/enc_fast.go
@@ -0,0 +1,891 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"fmt"
+)
+
+const (
+	tableBits        = 15                               // Bits used in the table
+	tableSize        = 1 << tableBits                   // Size of the table
+	tableShardCnt    = 1 << (tableBits - dictShardBits) // Number of shards in the table
+	tableShardSize   = tableSize / tableShardCnt        // Size of an individual shard
+	tableFastHashLen = 6
+	tableMask        = tableSize - 1 // Mask for table indices. Redundant, but can eliminate bounds checks.
+	maxMatchLength   = 131074
+)
+
+type tableEntry struct {
+	val    uint32
+	offset int32
+}
+
+type fastEncoder struct {
+	fastBase
+	table [tableSize]tableEntry
+}
+
+type fastEncoderDict struct {
+	fastEncoder
+	dictTable       []tableEntry
+	tableShardDirty [tableShardCnt]bool
+	allDirty        bool
+}
+
+// Encode mimmics functionality in zstd_fast.c
+func (e *fastEncoder) Encode(blk *blockEnc, src []byte) {
+	const (
+		inputMargin            = 8
+		minNonLiteralBlockSize = 1 + 1 + inputMargin
+	)
+
+	// Protect against e.cur wraparound.
+	for e.cur >= e.bufferReset-int32(len(e.hist)) {
+		if len(e.hist) == 0 {
+			for i := range e.table[:] {
+				e.table[i] = tableEntry{}
+			}
+			e.cur = e.maxMatchOff
+			break
+		}
+		// Shift down everything in the table that isn't already too far away.
+		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
+		for i := range e.table[:] {
+			v := e.table[i].offset
+			if v < minOff {
+				v = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+			}
+			e.table[i].offset = v
+		}
+		e.cur = e.maxMatchOff
+		break
+	}
+
+	s := e.addBlock(src)
+	blk.size = len(src)
+	if len(src) < minNonLiteralBlockSize {
+		blk.extraLits = len(src)
+		blk.literals = blk.literals[:len(src)]
+		copy(blk.literals, src)
+		return
+	}
+
+	// Override src
+	src = e.hist
+	sLimit := int32(len(src)) - inputMargin
+	// stepSize is the number of bytes to skip on every main loop iteration.
+	// It should be >= 2.
+	const stepSize = 2
+
+	// TEMPLATE
+	const hashLog = tableBits
+	// seems global, but would be nice to tweak.
+	const kSearchStrength = 6
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := s
+	cv := load6432(src, s)
+
+	// Relative offsets
+	offset1 := int32(blk.recentOffsets[0])
+	offset2 := int32(blk.recentOffsets[1])
+
+	addLiterals := func(s *seq, until int32) {
+		if until == nextEmit {
+			return
+		}
+		blk.literals = append(blk.literals, src[nextEmit:until]...)
+		s.litLen = uint32(until - nextEmit)
+	}
+	if debugEncoder {
+		println("recent offsets:", blk.recentOffsets)
+	}
+
+encodeLoop:
+	for {
+		// t will contain the match offset when we find one.
+		// When existing the search loop, we have already checked 4 bytes.
+		var t int32
+
+		// We will not use repeat offsets across blocks.
+		// By not using them for the first 3 matches
+		canRepeat := len(blk.sequences) > 2
+
+		for {
+			if debugAsserts && canRepeat && offset1 == 0 {
+				panic("offset0 was 0")
+			}
+
+			nextHash := hashLen(cv, hashLog, tableFastHashLen)
+			nextHash2 := hashLen(cv>>8, hashLog, tableFastHashLen)
+			candidate := e.table[nextHash]
+			candidate2 := e.table[nextHash2]
+			repIndex := s - offset1 + 2
+
+			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.table[nextHash2] = tableEntry{offset: s + e.cur + 1, val: uint32(cv >> 8)}
+
+			if canRepeat && repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>16) {
+				// Consider history as well.
+				var seq seq
+				length := 4 + e.matchlen(s+6, repIndex+4, src)
+				seq.matchLen = uint32(length - zstdMinMatch)
+
+				// We might be able to match backwards.
+				// Extend as long as we can.
+				start := s + 2
+				// We end the search early, so we don't risk 0 literals
+				// and have to do special offset treatment.
+				startLimit := nextEmit + 1
+
+				sMin := s - e.maxMatchOff
+				if sMin < 0 {
+					sMin = 0
+				}
+				for repIndex > sMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch {
+					repIndex--
+					start--
+					seq.matchLen++
+				}
+				addLiterals(&seq, start)
+
+				// rep 0
+				seq.offset = 1
+				if debugSequences {
+					println("repeat sequence", seq, "next s:", s)
+				}
+				blk.sequences = append(blk.sequences, seq)
+				s += length + 2
+				nextEmit = s
+				if s >= sLimit {
+					if debugEncoder {
+						println("repeat ended", s, length)
+
+					}
+					break encodeLoop
+				}
+				cv = load6432(src, s)
+				continue
+			}
+			coffset0 := s - (candidate.offset - e.cur)
+			coffset1 := s - (candidate2.offset - e.cur) + 1
+			if coffset0 < e.maxMatchOff && uint32(cv) == candidate.val {
+				// found a regular match
+				t = candidate.offset - e.cur
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				break
+			}
+
+			if coffset1 < e.maxMatchOff && uint32(cv>>8) == candidate2.val {
+				// found a regular match
+				t = candidate2.offset - e.cur
+				s++
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugAsserts && t < 0 {
+					panic("t<0")
+				}
+				break
+			}
+			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
+			if s >= sLimit {
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+		// A 4-byte match has been found. We'll later see if more than 4 bytes.
+		offset2 = offset1
+		offset1 = s - t
+
+		if debugAsserts && s <= t {
+			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+		}
+
+		if debugAsserts && canRepeat && int(offset1) > len(src) {
+			panic("invalid offset")
+		}
+
+		// Extend the 4-byte match as long as possible.
+		l := e.matchlen(s+4, t+4, src) + 4
+
+		// Extend backwards
+		tMin := s - e.maxMatchOff
+		if tMin < 0 {
+			tMin = 0
+		}
+		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
+			s--
+			t--
+			l++
+		}
+
+		// Write our sequence.
+		var seq seq
+		seq.litLen = uint32(s - nextEmit)
+		seq.matchLen = uint32(l - zstdMinMatch)
+		if seq.litLen > 0 {
+			blk.literals = append(blk.literals, src[nextEmit:s]...)
+		}
+		// Don't use repeat offsets
+		seq.offset = uint32(s-t) + 3
+		s += l
+		if debugSequences {
+			println("sequence", seq, "next s:", s)
+		}
+		blk.sequences = append(blk.sequences, seq)
+		nextEmit = s
+		if s >= sLimit {
+			break encodeLoop
+		}
+		cv = load6432(src, s)
+
+		// Check offset 2
+		if o2 := s - offset2; canRepeat && load3232(src, o2) == uint32(cv) {
+			// We have at least 4 byte match.
+			// No need to check backwards. We come straight from a match
+			l := 4 + e.matchlen(s+4, o2+4, src)
+
+			// Store this, since we have it.
+			nextHash := hashLen(cv, hashLog, tableFastHashLen)
+			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
+			seq.matchLen = uint32(l) - zstdMinMatch
+			seq.litLen = 0
+			// Since litlen is always 0, this is offset 1.
+			seq.offset = 1
+			s += l
+			nextEmit = s
+			if debugSequences {
+				println("sequence", seq, "next s:", s)
+			}
+			blk.sequences = append(blk.sequences, seq)
+
+			// Swap offset 1 and 2.
+			offset1, offset2 = offset2, offset1
+			if s >= sLimit {
+				break encodeLoop
+			}
+			// Prepare next loop.
+			cv = load6432(src, s)
+		}
+	}
+
+	if int(nextEmit) < len(src) {
+		blk.literals = append(blk.literals, src[nextEmit:]...)
+		blk.extraLits = len(src) - int(nextEmit)
+	}
+	blk.recentOffsets[0] = uint32(offset1)
+	blk.recentOffsets[1] = uint32(offset2)
+	if debugEncoder {
+		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
+	}
+}
+
+// EncodeNoHist will encode a block with no history and no following blocks.
+// Most notable difference is that src will not be copied for history and
+// we do not need to check for max match length.
+func (e *fastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
+	const (
+		inputMargin            = 8
+		minNonLiteralBlockSize = 1 + 1 + inputMargin
+	)
+	if debugEncoder {
+		if len(src) > maxCompressedBlockSize {
+			panic("src too big")
+		}
+	}
+
+	// Protect against e.cur wraparound.
+	if e.cur >= e.bufferReset {
+		for i := range e.table[:] {
+			e.table[i] = tableEntry{}
+		}
+		e.cur = e.maxMatchOff
+	}
+
+	s := int32(0)
+	blk.size = len(src)
+	if len(src) < minNonLiteralBlockSize {
+		blk.extraLits = len(src)
+		blk.literals = blk.literals[:len(src)]
+		copy(blk.literals, src)
+		return
+	}
+
+	sLimit := int32(len(src)) - inputMargin
+	// stepSize is the number of bytes to skip on every main loop iteration.
+	// It should be >= 2.
+	const stepSize = 2
+
+	// TEMPLATE
+	const hashLog = tableBits
+	// seems global, but would be nice to tweak.
+	const kSearchStrength = 6
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := s
+	cv := load6432(src, s)
+
+	// Relative offsets
+	offset1 := int32(blk.recentOffsets[0])
+	offset2 := int32(blk.recentOffsets[1])
+
+	addLiterals := func(s *seq, until int32) {
+		if until == nextEmit {
+			return
+		}
+		blk.literals = append(blk.literals, src[nextEmit:until]...)
+		s.litLen = uint32(until - nextEmit)
+	}
+	if debugEncoder {
+		println("recent offsets:", blk.recentOffsets)
+	}
+
+encodeLoop:
+	for {
+		// t will contain the match offset when we find one.
+		// When existing the search loop, we have already checked 4 bytes.
+		var t int32
+
+		// We will not use repeat offsets across blocks.
+		// By not using them for the first 3 matches
+
+		for {
+			nextHash := hashLen(cv, hashLog, tableFastHashLen)
+			nextHash2 := hashLen(cv>>8, hashLog, tableFastHashLen)
+			candidate := e.table[nextHash]
+			candidate2 := e.table[nextHash2]
+			repIndex := s - offset1 + 2
+
+			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.table[nextHash2] = tableEntry{offset: s + e.cur + 1, val: uint32(cv >> 8)}
+
+			if len(blk.sequences) > 2 && load3232(src, repIndex) == uint32(cv>>16) {
+				// Consider history as well.
+				var seq seq
+				length := 4 + e.matchlen(s+6, repIndex+4, src)
+
+				seq.matchLen = uint32(length - zstdMinMatch)
+
+				// We might be able to match backwards.
+				// Extend as long as we can.
+				start := s + 2
+				// We end the search early, so we don't risk 0 literals
+				// and have to do special offset treatment.
+				startLimit := nextEmit + 1
+
+				sMin := s - e.maxMatchOff
+				if sMin < 0 {
+					sMin = 0
+				}
+				for repIndex > sMin && start > startLimit && src[repIndex-1] == src[start-1] {
+					repIndex--
+					start--
+					seq.matchLen++
+				}
+				addLiterals(&seq, start)
+
+				// rep 0
+				seq.offset = 1
+				if debugSequences {
+					println("repeat sequence", seq, "next s:", s)
+				}
+				blk.sequences = append(blk.sequences, seq)
+				s += length + 2
+				nextEmit = s
+				if s >= sLimit {
+					if debugEncoder {
+						println("repeat ended", s, length)
+
+					}
+					break encodeLoop
+				}
+				cv = load6432(src, s)
+				continue
+			}
+			coffset0 := s - (candidate.offset - e.cur)
+			coffset1 := s - (candidate2.offset - e.cur) + 1
+			if coffset0 < e.maxMatchOff && uint32(cv) == candidate.val {
+				// found a regular match
+				t = candidate.offset - e.cur
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugAsserts && t < 0 {
+					panic(fmt.Sprintf("t (%d) < 0, candidate.offset: %d, e.cur: %d, coffset0: %d, e.maxMatchOff: %d", t, candidate.offset, e.cur, coffset0, e.maxMatchOff))
+				}
+				break
+			}
+
+			if coffset1 < e.maxMatchOff && uint32(cv>>8) == candidate2.val {
+				// found a regular match
+				t = candidate2.offset - e.cur
+				s++
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugAsserts && t < 0 {
+					panic("t<0")
+				}
+				break
+			}
+			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
+			if s >= sLimit {
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+		// A 4-byte match has been found. We'll later see if more than 4 bytes.
+		offset2 = offset1
+		offset1 = s - t
+
+		if debugAsserts && s <= t {
+			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+		}
+
+		if debugAsserts && t < 0 {
+			panic(fmt.Sprintf("t (%d) < 0 ", t))
+		}
+		// Extend the 4-byte match as long as possible.
+		l := e.matchlen(s+4, t+4, src) + 4
+
+		// Extend backwards
+		tMin := s - e.maxMatchOff
+		if tMin < 0 {
+			tMin = 0
+		}
+		for t > tMin && s > nextEmit && src[t-1] == src[s-1] {
+			s--
+			t--
+			l++
+		}
+
+		// Write our sequence.
+		var seq seq
+		seq.litLen = uint32(s - nextEmit)
+		seq.matchLen = uint32(l - zstdMinMatch)
+		if seq.litLen > 0 {
+			blk.literals = append(blk.literals, src[nextEmit:s]...)
+		}
+		// Don't use repeat offsets
+		seq.offset = uint32(s-t) + 3
+		s += l
+		if debugSequences {
+			println("sequence", seq, "next s:", s)
+		}
+		blk.sequences = append(blk.sequences, seq)
+		nextEmit = s
+		if s >= sLimit {
+			break encodeLoop
+		}
+		cv = load6432(src, s)
+
+		// Check offset 2
+		if o2 := s - offset2; len(blk.sequences) > 2 && load3232(src, o2) == uint32(cv) {
+			// We have at least 4 byte match.
+			// No need to check backwards. We come straight from a match
+			l := 4 + e.matchlen(s+4, o2+4, src)
+
+			// Store this, since we have it.
+			nextHash := hashLen(cv, hashLog, tableFastHashLen)
+			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
+			seq.matchLen = uint32(l) - zstdMinMatch
+			seq.litLen = 0
+			// Since litlen is always 0, this is offset 1.
+			seq.offset = 1
+			s += l
+			nextEmit = s
+			if debugSequences {
+				println("sequence", seq, "next s:", s)
+			}
+			blk.sequences = append(blk.sequences, seq)
+
+			// Swap offset 1 and 2.
+			offset1, offset2 = offset2, offset1
+			if s >= sLimit {
+				break encodeLoop
+			}
+			// Prepare next loop.
+			cv = load6432(src, s)
+		}
+	}
+
+	if int(nextEmit) < len(src) {
+		blk.literals = append(blk.literals, src[nextEmit:]...)
+		blk.extraLits = len(src) - int(nextEmit)
+	}
+	if debugEncoder {
+		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
+	}
+	// We do not store history, so we must offset e.cur to avoid false matches for next user.
+	if e.cur < e.bufferReset {
+		e.cur += int32(len(src))
+	}
+}
+
+// Encode will encode the content, with a dictionary if initialized for it.
+func (e *fastEncoderDict) Encode(blk *blockEnc, src []byte) {
+	const (
+		inputMargin            = 8
+		minNonLiteralBlockSize = 1 + 1 + inputMargin
+	)
+	if e.allDirty || len(src) > 32<<10 {
+		e.fastEncoder.Encode(blk, src)
+		e.allDirty = true
+		return
+	}
+	// Protect against e.cur wraparound.
+	for e.cur >= e.bufferReset-int32(len(e.hist)) {
+		if len(e.hist) == 0 {
+			e.table = [tableSize]tableEntry{}
+			e.cur = e.maxMatchOff
+			break
+		}
+		// Shift down everything in the table that isn't already too far away.
+		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
+		for i := range e.table[:] {
+			v := e.table[i].offset
+			if v < minOff {
+				v = 0
+			} else {
+				v = v - e.cur + e.maxMatchOff
+			}
+			e.table[i].offset = v
+		}
+		e.cur = e.maxMatchOff
+		break
+	}
+
+	s := e.addBlock(src)
+	blk.size = len(src)
+	if len(src) < minNonLiteralBlockSize {
+		blk.extraLits = len(src)
+		blk.literals = blk.literals[:len(src)]
+		copy(blk.literals, src)
+		return
+	}
+
+	// Override src
+	src = e.hist
+	sLimit := int32(len(src)) - inputMargin
+	// stepSize is the number of bytes to skip on every main loop iteration.
+	// It should be >= 2.
+	const stepSize = 2
+
+	// TEMPLATE
+	const hashLog = tableBits
+	// seems global, but would be nice to tweak.
+	const kSearchStrength = 7
+
+	// nextEmit is where in src the next emitLiteral should start from.
+	nextEmit := s
+	cv := load6432(src, s)
+
+	// Relative offsets
+	offset1 := int32(blk.recentOffsets[0])
+	offset2 := int32(blk.recentOffsets[1])
+
+	addLiterals := func(s *seq, until int32) {
+		if until == nextEmit {
+			return
+		}
+		blk.literals = append(blk.literals, src[nextEmit:until]...)
+		s.litLen = uint32(until - nextEmit)
+	}
+	if debugEncoder {
+		println("recent offsets:", blk.recentOffsets)
+	}
+
+encodeLoop:
+	for {
+		// t will contain the match offset when we find one.
+		// When existing the search loop, we have already checked 4 bytes.
+		var t int32
+
+		// We will not use repeat offsets across blocks.
+		// By not using them for the first 3 matches
+		canRepeat := len(blk.sequences) > 2
+
+		for {
+			if debugAsserts && canRepeat && offset1 == 0 {
+				panic("offset0 was 0")
+			}
+
+			nextHash := hashLen(cv, hashLog, tableFastHashLen)
+			nextHash2 := hashLen(cv>>8, hashLog, tableFastHashLen)
+			candidate := e.table[nextHash]
+			candidate2 := e.table[nextHash2]
+			repIndex := s - offset1 + 2
+
+			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.markShardDirty(nextHash)
+			e.table[nextHash2] = tableEntry{offset: s + e.cur + 1, val: uint32(cv >> 8)}
+			e.markShardDirty(nextHash2)
+
+			if canRepeat && repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>16) {
+				// Consider history as well.
+				var seq seq
+				length := 4 + e.matchlen(s+6, repIndex+4, src)
+
+				seq.matchLen = uint32(length - zstdMinMatch)
+
+				// We might be able to match backwards.
+				// Extend as long as we can.
+				start := s + 2
+				// We end the search early, so we don't risk 0 literals
+				// and have to do special offset treatment.
+				startLimit := nextEmit + 1
+
+				sMin := s - e.maxMatchOff
+				if sMin < 0 {
+					sMin = 0
+				}
+				for repIndex > sMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch {
+					repIndex--
+					start--
+					seq.matchLen++
+				}
+				addLiterals(&seq, start)
+
+				// rep 0
+				seq.offset = 1
+				if debugSequences {
+					println("repeat sequence", seq, "next s:", s)
+				}
+				blk.sequences = append(blk.sequences, seq)
+				s += length + 2
+				nextEmit = s
+				if s >= sLimit {
+					if debugEncoder {
+						println("repeat ended", s, length)
+
+					}
+					break encodeLoop
+				}
+				cv = load6432(src, s)
+				continue
+			}
+			coffset0 := s - (candidate.offset - e.cur)
+			coffset1 := s - (candidate2.offset - e.cur) + 1
+			if coffset0 < e.maxMatchOff && uint32(cv) == candidate.val {
+				// found a regular match
+				t = candidate.offset - e.cur
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				break
+			}
+
+			if coffset1 < e.maxMatchOff && uint32(cv>>8) == candidate2.val {
+				// found a regular match
+				t = candidate2.offset - e.cur
+				s++
+				if debugAsserts && s <= t {
+					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+				}
+				if debugAsserts && s-t > e.maxMatchOff {
+					panic("s - t >e.maxMatchOff")
+				}
+				if debugAsserts && t < 0 {
+					panic("t<0")
+				}
+				break
+			}
+			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
+			if s >= sLimit {
+				break encodeLoop
+			}
+			cv = load6432(src, s)
+		}
+		// A 4-byte match has been found. We'll later see if more than 4 bytes.
+		offset2 = offset1
+		offset1 = s - t
+
+		if debugAsserts && s <= t {
+			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
+		}
+
+		if debugAsserts && canRepeat && int(offset1) > len(src) {
+			panic("invalid offset")
+		}
+
+		// Extend the 4-byte match as long as possible.
+		l := e.matchlen(s+4, t+4, src) + 4
+
+		// Extend backwards
+		tMin := s - e.maxMatchOff
+		if tMin < 0 {
+			tMin = 0
+		}
+		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
+			s--
+			t--
+			l++
+		}
+
+		// Write our sequence.
+		var seq seq
+		seq.litLen = uint32(s - nextEmit)
+		seq.matchLen = uint32(l - zstdMinMatch)
+		if seq.litLen > 0 {
+			blk.literals = append(blk.literals, src[nextEmit:s]...)
+		}
+		// Don't use repeat offsets
+		seq.offset = uint32(s-t) + 3
+		s += l
+		if debugSequences {
+			println("sequence", seq, "next s:", s)
+		}
+		blk.sequences = append(blk.sequences, seq)
+		nextEmit = s
+		if s >= sLimit {
+			break encodeLoop
+		}
+		cv = load6432(src, s)
+
+		// Check offset 2
+		if o2 := s - offset2; canRepeat && load3232(src, o2) == uint32(cv) {
+			// We have at least 4 byte match.
+			// No need to check backwards. We come straight from a match
+			l := 4 + e.matchlen(s+4, o2+4, src)
+
+			// Store this, since we have it.
+			nextHash := hashLen(cv, hashLog, tableFastHashLen)
+			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
+			e.markShardDirty(nextHash)
+			seq.matchLen = uint32(l) - zstdMinMatch
+			seq.litLen = 0
+			// Since litlen is always 0, this is offset 1.
+			seq.offset = 1
+			s += l
+			nextEmit = s
+			if debugSequences {
+				println("sequence", seq, "next s:", s)
+			}
+			blk.sequences = append(blk.sequences, seq)
+
+			// Swap offset 1 and 2.
+			offset1, offset2 = offset2, offset1
+			if s >= sLimit {
+				break encodeLoop
+			}
+			// Prepare next loop.
+			cv = load6432(src, s)
+		}
+	}
+
+	if int(nextEmit) < len(src) {
+		blk.literals = append(blk.literals, src[nextEmit:]...)
+		blk.extraLits = len(src) - int(nextEmit)
+	}
+	blk.recentOffsets[0] = uint32(offset1)
+	blk.recentOffsets[1] = uint32(offset2)
+	if debugEncoder {
+		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
+	}
+}
+
+// ResetDict will reset and set a dictionary if not nil
+func (e *fastEncoder) Reset(d *dict, singleBlock bool) {
+	e.resetBase(d, singleBlock)
+	if d != nil {
+		panic("fastEncoder: Reset with dict")
+	}
+}
+
+// ResetDict will reset and set a dictionary if not nil
+func (e *fastEncoderDict) Reset(d *dict, singleBlock bool) {
+	e.resetBase(d, singleBlock)
+	if d == nil {
+		return
+	}
+
+	// Init or copy dict table
+	if len(e.dictTable) != len(e.table) || d.id != e.lastDictID {
+		if len(e.dictTable) != len(e.table) {
+			e.dictTable = make([]tableEntry, len(e.table))
+		}
+		if true {
+			end := e.maxMatchOff + int32(len(d.content)) - 8
+			for i := e.maxMatchOff; i < end; i += 2 {
+				const hashLog = tableBits
+
+				cv := load6432(d.content, i-e.maxMatchOff)
+				nextHash := hashLen(cv, hashLog, tableFastHashLen)     // 0 -> 6
+				nextHash1 := hashLen(cv>>8, hashLog, tableFastHashLen) // 1 -> 7
+				e.dictTable[nextHash] = tableEntry{
+					val:    uint32(cv),
+					offset: i,
+				}
+				e.dictTable[nextHash1] = tableEntry{
+					val:    uint32(cv >> 8),
+					offset: i + 1,
+				}
+			}
+		}
+		e.lastDictID = d.id
+		e.allDirty = true
+	}
+
+	e.cur = e.maxMatchOff
+	dirtyShardCnt := 0
+	if !e.allDirty {
+		for i := range e.tableShardDirty {
+			if e.tableShardDirty[i] {
+				dirtyShardCnt++
+			}
+		}
+	}
+
+	const shardCnt = tableShardCnt
+	const shardSize = tableShardSize
+	if e.allDirty || dirtyShardCnt > shardCnt*4/6 {
+		//copy(e.table[:], e.dictTable)
+		e.table = *(*[tableSize]tableEntry)(e.dictTable)
+		for i := range e.tableShardDirty {
+			e.tableShardDirty[i] = false
+		}
+		e.allDirty = false
+		return
+	}
+	for i := range e.tableShardDirty {
+		if !e.tableShardDirty[i] {
+			continue
+		}
+
+		//copy(e.table[i*shardSize:(i+1)*shardSize], e.dictTable[i*shardSize:(i+1)*shardSize])
+		*(*[shardSize]tableEntry)(e.table[i*shardSize:]) = *(*[shardSize]tableEntry)(e.dictTable[i*shardSize:])
+		e.tableShardDirty[i] = false
+	}
+	e.allDirty = false
+}
+
+func (e *fastEncoderDict) markAllShardsDirty() {
+	e.allDirty = true
+}
+
+func (e *fastEncoderDict) markShardDirty(entryNum uint32) {
+	e.tableShardDirty[entryNum/tableShardSize] = true
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/encoder.go b/vendor/github.com/klauspost/compress/zstd/encoder.go
new file mode 100644
index 000000000..8f8223cd3
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/encoder.go
@@ -0,0 +1,642 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"crypto/rand"
+	"errors"
+	"fmt"
+	"io"
+	"math"
+	rdebug "runtime/debug"
+	"sync"
+
+	"github.com/klauspost/compress/zstd/internal/xxhash"
+)
+
+// Encoder provides encoding to Zstandard.
+// An Encoder can be used for either compressing a stream via the
+// io.WriteCloser interface supported by the Encoder or as multiple independent
+// tasks via the EncodeAll function.
+// Smaller encodes are encouraged to use the EncodeAll function.
+// Use NewWriter to create a new instance.
+type Encoder struct {
+	o        encoderOptions
+	encoders chan encoder
+	state    encoderState
+	init     sync.Once
+}
+
+type encoder interface {
+	Encode(blk *blockEnc, src []byte)
+	EncodeNoHist(blk *blockEnc, src []byte)
+	Block() *blockEnc
+	CRC() *xxhash.Digest
+	AppendCRC([]byte) []byte
+	WindowSize(size int64) int32
+	UseBlock(*blockEnc)
+	Reset(d *dict, singleBlock bool)
+}
+
+type encoderState struct {
+	w                io.Writer
+	filling          []byte
+	current          []byte
+	previous         []byte
+	encoder          encoder
+	writing          *blockEnc
+	err              error
+	writeErr         error
+	nWritten         int64
+	nInput           int64
+	frameContentSize int64
+	headerWritten    bool
+	eofWritten       bool
+	fullFrameWritten bool
+
+	// This waitgroup indicates an encode is running.
+	wg sync.WaitGroup
+	// This waitgroup indicates we have a block encoding/writing.
+	wWg sync.WaitGroup
+}
+
+// NewWriter will create a new Zstandard encoder.
+// If the encoder will be used for encoding blocks a nil writer can be used.
+func NewWriter(w io.Writer, opts ...EOption) (*Encoder, error) {
+	initPredefined()
+	var e Encoder
+	e.o.setDefault()
+	for _, o := range opts {
+		err := o(&e.o)
+		if err != nil {
+			return nil, err
+		}
+	}
+	if w != nil {
+		e.Reset(w)
+	}
+	return &e, nil
+}
+
+func (e *Encoder) initialize() {
+	if e.o.concurrent == 0 {
+		e.o.setDefault()
+	}
+	e.encoders = make(chan encoder, e.o.concurrent)
+	for i := 0; i < e.o.concurrent; i++ {
+		enc := e.o.encoder()
+		e.encoders <- enc
+	}
+}
+
+// Reset will re-initialize the writer and new writes will encode to the supplied writer
+// as a new, independent stream.
+func (e *Encoder) Reset(w io.Writer) {
+	s := &e.state
+	s.wg.Wait()
+	s.wWg.Wait()
+	if cap(s.filling) == 0 {
+		s.filling = make([]byte, 0, e.o.blockSize)
+	}
+	if e.o.concurrent > 1 {
+		if cap(s.current) == 0 {
+			s.current = make([]byte, 0, e.o.blockSize)
+		}
+		if cap(s.previous) == 0 {
+			s.previous = make([]byte, 0, e.o.blockSize)
+		}
+		s.current = s.current[:0]
+		s.previous = s.previous[:0]
+		if s.writing == nil {
+			s.writing = &blockEnc{lowMem: e.o.lowMem}
+			s.writing.init()
+		}
+		s.writing.initNewEncode()
+	}
+	if s.encoder == nil {
+		s.encoder = e.o.encoder()
+	}
+	s.filling = s.filling[:0]
+	s.encoder.Reset(e.o.dict, false)
+	s.headerWritten = false
+	s.eofWritten = false
+	s.fullFrameWritten = false
+	s.w = w
+	s.err = nil
+	s.nWritten = 0
+	s.nInput = 0
+	s.writeErr = nil
+	s.frameContentSize = 0
+}
+
+// ResetContentSize will reset and set a content size for the next stream.
+// If the bytes written does not match the size given an error will be returned
+// when calling Close().
+// This is removed when Reset is called.
+// Sizes <= 0 results in no content size set.
+func (e *Encoder) ResetContentSize(w io.Writer, size int64) {
+	e.Reset(w)
+	if size >= 0 {
+		e.state.frameContentSize = size
+	}
+}
+
+// Write data to the encoder.
+// Input data will be buffered and as the buffer fills up
+// content will be compressed and written to the output.
+// When done writing, use Close to flush the remaining output
+// and write CRC if requested.
+func (e *Encoder) Write(p []byte) (n int, err error) {
+	s := &e.state
+	if s.eofWritten {
+		return 0, ErrEncoderClosed
+	}
+	for len(p) > 0 {
+		if len(p)+len(s.filling) < e.o.blockSize {
+			if e.o.crc {
+				_, _ = s.encoder.CRC().Write(p)
+			}
+			s.filling = append(s.filling, p...)
+			return n + len(p), nil
+		}
+		add := p
+		if len(p)+len(s.filling) > e.o.blockSize {
+			add = add[:e.o.blockSize-len(s.filling)]
+		}
+		if e.o.crc {
+			_, _ = s.encoder.CRC().Write(add)
+		}
+		s.filling = append(s.filling, add...)
+		p = p[len(add):]
+		n += len(add)
+		if len(s.filling) < e.o.blockSize {
+			return n, nil
+		}
+		err := e.nextBlock(false)
+		if err != nil {
+			return n, err
+		}
+		if debugAsserts && len(s.filling) > 0 {
+			panic(len(s.filling))
+		}
+	}
+	return n, nil
+}
+
+// nextBlock will synchronize and start compressing input in e.state.filling.
+// If an error has occurred during encoding it will be returned.
+func (e *Encoder) nextBlock(final bool) error {
+	s := &e.state
+	// Wait for current block.
+	s.wg.Wait()
+	if s.err != nil {
+		return s.err
+	}
+	if len(s.filling) > e.o.blockSize {
+		return fmt.Errorf("block > maxStoreBlockSize")
+	}
+	if !s.headerWritten {
+		// If we have a single block encode, do a sync compression.
+		if final && len(s.filling) == 0 && !e.o.fullZero {
+			s.headerWritten = true
+			s.fullFrameWritten = true
+			s.eofWritten = true
+			return nil
+		}
+		if final && len(s.filling) > 0 {
+			s.current = e.encodeAll(s.encoder, s.filling, s.current[:0])
+			var n2 int
+			n2, s.err = s.w.Write(s.current)
+			if s.err != nil {
+				return s.err
+			}
+			s.nWritten += int64(n2)
+			s.nInput += int64(len(s.filling))
+			s.current = s.current[:0]
+			s.filling = s.filling[:0]
+			s.headerWritten = true
+			s.fullFrameWritten = true
+			s.eofWritten = true
+			return nil
+		}
+
+		var tmp [maxHeaderSize]byte
+		fh := frameHeader{
+			ContentSize:   uint64(s.frameContentSize),
+			WindowSize:    uint32(s.encoder.WindowSize(s.frameContentSize)),
+			SingleSegment: false,
+			Checksum:      e.o.crc,
+			DictID:        e.o.dict.ID(),
+		}
+
+		dst := fh.appendTo(tmp[:0])
+		s.headerWritten = true
+		s.wWg.Wait()
+		var n2 int
+		n2, s.err = s.w.Write(dst)
+		if s.err != nil {
+			return s.err
+		}
+		s.nWritten += int64(n2)
+	}
+	if s.eofWritten {
+		// Ensure we only write it once.
+		final = false
+	}
+
+	if len(s.filling) == 0 {
+		// Final block, but no data.
+		if final {
+			enc := s.encoder
+			blk := enc.Block()
+			blk.reset(nil)
+			blk.last = true
+			blk.encodeRaw(nil)
+			s.wWg.Wait()
+			_, s.err = s.w.Write(blk.output)
+			s.nWritten += int64(len(blk.output))
+			s.eofWritten = true
+		}
+		return s.err
+	}
+
+	// SYNC:
+	if e.o.concurrent == 1 {
+		src := s.filling
+		s.nInput += int64(len(s.filling))
+		if debugEncoder {
+			println("Adding sync block,", len(src), "bytes, final:", final)
+		}
+		enc := s.encoder
+		blk := enc.Block()
+		blk.reset(nil)
+		enc.Encode(blk, src)
+		blk.last = final
+		if final {
+			s.eofWritten = true
+		}
+
+		s.err = blk.encode(src, e.o.noEntropy, !e.o.allLitEntropy)
+		if s.err != nil {
+			return s.err
+		}
+		_, s.err = s.w.Write(blk.output)
+		s.nWritten += int64(len(blk.output))
+		s.filling = s.filling[:0]
+		return s.err
+	}
+
+	// Move blocks forward.
+	s.filling, s.current, s.previous = s.previous[:0], s.filling, s.current
+	s.nInput += int64(len(s.current))
+	s.wg.Add(1)
+	if final {
+		s.eofWritten = true
+	}
+	go func(src []byte) {
+		if debugEncoder {
+			println("Adding block,", len(src), "bytes, final:", final)
+		}
+		defer func() {
+			if r := recover(); r != nil {
+				s.err = fmt.Errorf("panic while encoding: %v", r)
+				rdebug.PrintStack()
+			}
+			s.wg.Done()
+		}()
+		enc := s.encoder
+		blk := enc.Block()
+		enc.Encode(blk, src)
+		blk.last = final
+		// Wait for pending writes.
+		s.wWg.Wait()
+		if s.writeErr != nil {
+			s.err = s.writeErr
+			return
+		}
+		// Transfer encoders from previous write block.
+		blk.swapEncoders(s.writing)
+		// Transfer recent offsets to next.
+		enc.UseBlock(s.writing)
+		s.writing = blk
+		s.wWg.Add(1)
+		go func() {
+			defer func() {
+				if r := recover(); r != nil {
+					s.writeErr = fmt.Errorf("panic while encoding/writing: %v", r)
+					rdebug.PrintStack()
+				}
+				s.wWg.Done()
+			}()
+			s.writeErr = blk.encode(src, e.o.noEntropy, !e.o.allLitEntropy)
+			if s.writeErr != nil {
+				return
+			}
+			_, s.writeErr = s.w.Write(blk.output)
+			s.nWritten += int64(len(blk.output))
+		}()
+	}(s.current)
+	return nil
+}
+
+// ReadFrom reads data from r until EOF or error.
+// The return value n is the number of bytes read.
+// Any error except io.EOF encountered during the read is also returned.
+//
+// The Copy function uses ReaderFrom if available.
+func (e *Encoder) ReadFrom(r io.Reader) (n int64, err error) {
+	if debugEncoder {
+		println("Using ReadFrom")
+	}
+
+	// Flush any current writes.
+	if len(e.state.filling) > 0 {
+		if err := e.nextBlock(false); err != nil {
+			return 0, err
+		}
+	}
+	e.state.filling = e.state.filling[:e.o.blockSize]
+	src := e.state.filling
+	for {
+		n2, err := r.Read(src)
+		if e.o.crc {
+			_, _ = e.state.encoder.CRC().Write(src[:n2])
+		}
+		// src is now the unfilled part...
+		src = src[n2:]
+		n += int64(n2)
+		switch err {
+		case io.EOF:
+			e.state.filling = e.state.filling[:len(e.state.filling)-len(src)]
+			if debugEncoder {
+				println("ReadFrom: got EOF final block:", len(e.state.filling))
+			}
+			return n, nil
+		case nil:
+		default:
+			if debugEncoder {
+				println("ReadFrom: got error:", err)
+			}
+			e.state.err = err
+			return n, err
+		}
+		if len(src) > 0 {
+			if debugEncoder {
+				println("ReadFrom: got space left in source:", len(src))
+			}
+			continue
+		}
+		err = e.nextBlock(false)
+		if err != nil {
+			return n, err
+		}
+		e.state.filling = e.state.filling[:e.o.blockSize]
+		src = e.state.filling
+	}
+}
+
+// Flush will send the currently written data to output
+// and block until everything has been written.
+// This should only be used on rare occasions where pushing the currently queued data is critical.
+func (e *Encoder) Flush() error {
+	s := &e.state
+	if len(s.filling) > 0 {
+		err := e.nextBlock(false)
+		if err != nil {
+			// Ignore Flush after Close.
+			if errors.Is(s.err, ErrEncoderClosed) {
+				return nil
+			}
+			return err
+		}
+	}
+	s.wg.Wait()
+	s.wWg.Wait()
+	if s.err != nil {
+		// Ignore Flush after Close.
+		if errors.Is(s.err, ErrEncoderClosed) {
+			return nil
+		}
+		return s.err
+	}
+	return s.writeErr
+}
+
+// Close will flush the final output and close the stream.
+// The function will block until everything has been written.
+// The Encoder can still be re-used after calling this.
+func (e *Encoder) Close() error {
+	s := &e.state
+	if s.encoder == nil {
+		return nil
+	}
+	err := e.nextBlock(true)
+	if err != nil {
+		if errors.Is(s.err, ErrEncoderClosed) {
+			return nil
+		}
+		return err
+	}
+	if s.frameContentSize > 0 {
+		if s.nInput != s.frameContentSize {
+			return fmt.Errorf("frame content size %d given, but %d bytes was written", s.frameContentSize, s.nInput)
+		}
+	}
+	if e.state.fullFrameWritten {
+		return s.err
+	}
+	s.wg.Wait()
+	s.wWg.Wait()
+
+	if s.err != nil {
+		return s.err
+	}
+	if s.writeErr != nil {
+		return s.writeErr
+	}
+
+	// Write CRC
+	if e.o.crc && s.err == nil {
+		// heap alloc.
+		var tmp [4]byte
+		_, s.err = s.w.Write(s.encoder.AppendCRC(tmp[:0]))
+		s.nWritten += 4
+	}
+
+	// Add padding with content from crypto/rand.Reader
+	if s.err == nil && e.o.pad > 0 {
+		add := calcSkippableFrame(s.nWritten, int64(e.o.pad))
+		frame, err := skippableFrame(s.filling[:0], add, rand.Reader)
+		if err != nil {
+			return err
+		}
+		_, s.err = s.w.Write(frame)
+	}
+	if s.err == nil {
+		s.err = ErrEncoderClosed
+		return nil
+	}
+
+	return s.err
+}
+
+// EncodeAll will encode all input in src and append it to dst.
+// This function can be called concurrently, but each call will only run on a single goroutine.
+// If empty input is given, nothing is returned, unless WithZeroFrames is specified.
+// Encoded blocks can be concatenated and the result will be the combined input stream.
+// Data compressed with EncodeAll can be decoded with the Decoder,
+// using either a stream or DecodeAll.
+func (e *Encoder) EncodeAll(src, dst []byte) []byte {
+	e.init.Do(e.initialize)
+	enc := <-e.encoders
+	defer func() {
+		e.encoders <- enc
+	}()
+	return e.encodeAll(enc, src, dst)
+}
+
+func (e *Encoder) encodeAll(enc encoder, src, dst []byte) []byte {
+	if len(src) == 0 {
+		if e.o.fullZero {
+			// Add frame header.
+			fh := frameHeader{
+				ContentSize:   0,
+				WindowSize:    MinWindowSize,
+				SingleSegment: true,
+				// Adding a checksum would be a waste of space.
+				Checksum: false,
+				DictID:   0,
+			}
+			dst = fh.appendTo(dst)
+
+			// Write raw block as last one only.
+			var blk blockHeader
+			blk.setSize(0)
+			blk.setType(blockTypeRaw)
+			blk.setLast(true)
+			dst = blk.appendTo(dst)
+		}
+		return dst
+	}
+
+	// Use single segments when above minimum window and below window size.
+	single := len(src) <= e.o.windowSize && len(src) > MinWindowSize
+	if e.o.single != nil {
+		single = *e.o.single
+	}
+	fh := frameHeader{
+		ContentSize:   uint64(len(src)),
+		WindowSize:    uint32(enc.WindowSize(int64(len(src)))),
+		SingleSegment: single,
+		Checksum:      e.o.crc,
+		DictID:        e.o.dict.ID(),
+	}
+
+	// If less than 1MB, allocate a buffer up front.
+	if len(dst) == 0 && cap(dst) == 0 && len(src) < 1<<20 && !e.o.lowMem {
+		dst = make([]byte, 0, len(src))
+	}
+	dst = fh.appendTo(dst)
+
+	// If we can do everything in one block, prefer that.
+	if len(src) <= e.o.blockSize {
+		enc.Reset(e.o.dict, true)
+		// Slightly faster with no history and everything in one block.
+		if e.o.crc {
+			_, _ = enc.CRC().Write(src)
+		}
+		blk := enc.Block()
+		blk.last = true
+		if e.o.dict == nil {
+			enc.EncodeNoHist(blk, src)
+		} else {
+			enc.Encode(blk, src)
+		}
+
+		// If we got the exact same number of literals as input,
+		// assume the literals cannot be compressed.
+		oldout := blk.output
+		// Output directly to dst
+		blk.output = dst
+
+		err := blk.encode(src, e.o.noEntropy, !e.o.allLitEntropy)
+		if err != nil {
+			panic(err)
+		}
+		dst = blk.output
+		blk.output = oldout
+	} else {
+		enc.Reset(e.o.dict, false)
+		blk := enc.Block()
+		for len(src) > 0 {
+			todo := src
+			if len(todo) > e.o.blockSize {
+				todo = todo[:e.o.blockSize]
+			}
+			src = src[len(todo):]
+			if e.o.crc {
+				_, _ = enc.CRC().Write(todo)
+			}
+			blk.pushOffsets()
+			enc.Encode(blk, todo)
+			if len(src) == 0 {
+				blk.last = true
+			}
+			err := blk.encode(todo, e.o.noEntropy, !e.o.allLitEntropy)
+			if err != nil {
+				panic(err)
+			}
+			dst = append(dst, blk.output...)
+			blk.reset(nil)
+		}
+	}
+	if e.o.crc {
+		dst = enc.AppendCRC(dst)
+	}
+	// Add padding with content from crypto/rand.Reader
+	if e.o.pad > 0 {
+		add := calcSkippableFrame(int64(len(dst)), int64(e.o.pad))
+		var err error
+		dst, err = skippableFrame(dst, add, rand.Reader)
+		if err != nil {
+			panic(err)
+		}
+	}
+	return dst
+}
+
+// MaxEncodedSize returns the expected maximum
+// size of an encoded block or stream.
+func (e *Encoder) MaxEncodedSize(size int) int {
+	frameHeader := 4 + 2 // magic + frame header & window descriptor
+	if e.o.dict != nil {
+		frameHeader += 4
+	}
+	// Frame content size:
+	if size < 256 {
+		frameHeader++
+	} else if size < 65536+256 {
+		frameHeader += 2
+	} else if size < math.MaxInt32 {
+		frameHeader += 4
+	} else {
+		frameHeader += 8
+	}
+	// Final crc
+	if e.o.crc {
+		frameHeader += 4
+	}
+
+	// Max overhead is 3 bytes/block.
+	// There cannot be 0 blocks.
+	blocks := (size + e.o.blockSize) / e.o.blockSize
+
+	// Combine, add padding.
+	maxSz := frameHeader + 3*blocks + size
+	if e.o.pad > 1 {
+		maxSz += calcSkippableFrame(int64(maxSz), int64(e.o.pad))
+	}
+	return maxSz
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/encoder_options.go b/vendor/github.com/klauspost/compress/zstd/encoder_options.go
new file mode 100644
index 000000000..20671dcb9
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/encoder_options.go
@@ -0,0 +1,339 @@
+package zstd
+
+import (
+	"errors"
+	"fmt"
+	"math"
+	"math/bits"
+	"runtime"
+	"strings"
+)
+
+// EOption is an option for creating a encoder.
+type EOption func(*encoderOptions) error
+
+// options retains accumulated state of multiple options.
+type encoderOptions struct {
+	concurrent      int
+	level           EncoderLevel
+	single          *bool
+	pad             int
+	blockSize       int
+	windowSize      int
+	crc             bool
+	fullZero        bool
+	noEntropy       bool
+	allLitEntropy   bool
+	customWindow    bool
+	customALEntropy bool
+	customBlockSize bool
+	lowMem          bool
+	dict            *dict
+}
+
+func (o *encoderOptions) setDefault() {
+	*o = encoderOptions{
+		concurrent:    runtime.GOMAXPROCS(0),
+		crc:           true,
+		single:        nil,
+		blockSize:     maxCompressedBlockSize,
+		windowSize:    8 << 20,
+		level:         SpeedDefault,
+		allLitEntropy: false,
+		lowMem:        false,
+	}
+}
+
+// encoder returns an encoder with the selected options.
+func (o encoderOptions) encoder() encoder {
+	switch o.level {
+	case SpeedFastest:
+		if o.dict != nil {
+			return &fastEncoderDict{fastEncoder: fastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}}
+		}
+		return &fastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}
+
+	case SpeedDefault:
+		if o.dict != nil {
+			return &doubleFastEncoderDict{fastEncoderDict: fastEncoderDict{fastEncoder: fastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}}}
+		}
+		return &doubleFastEncoder{fastEncoder: fastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}}
+	case SpeedBetterCompression:
+		if o.dict != nil {
+			return &betterFastEncoderDict{betterFastEncoder: betterFastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}}
+		}
+		return &betterFastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}
+	case SpeedBestCompression:
+		return &bestFastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}
+	}
+	panic("unknown compression level")
+}
+
+// WithEncoderCRC will add CRC value to output.
+// Output will be 4 bytes larger.
+func WithEncoderCRC(b bool) EOption {
+	return func(o *encoderOptions) error { o.crc = b; return nil }
+}
+
+// WithEncoderConcurrency will set the concurrency,
+// meaning the maximum number of encoders to run concurrently.
+// The value supplied must be at least 1.
+// For streams, setting a value of 1 will disable async compression.
+// By default this will be set to GOMAXPROCS.
+func WithEncoderConcurrency(n int) EOption {
+	return func(o *encoderOptions) error {
+		if n <= 0 {
+			return fmt.Errorf("concurrency must be at least 1")
+		}
+		o.concurrent = n
+		return nil
+	}
+}
+
+// WithWindowSize will set the maximum allowed back-reference distance.
+// The value must be a power of two between MinWindowSize and MaxWindowSize.
+// A larger value will enable better compression but allocate more memory and,
+// for above-default values, take considerably longer.
+// The default value is determined by the compression level and max 8MB.
+func WithWindowSize(n int) EOption {
+	return func(o *encoderOptions) error {
+		switch {
+		case n < MinWindowSize:
+			return fmt.Errorf("window size must be at least %d", MinWindowSize)
+		case n > MaxWindowSize:
+			return fmt.Errorf("window size must be at most %d", MaxWindowSize)
+		case (n & (n - 1)) != 0:
+			return errors.New("window size must be a power of 2")
+		}
+
+		o.windowSize = n
+		o.customWindow = true
+		if o.blockSize > o.windowSize {
+			o.blockSize = o.windowSize
+			o.customBlockSize = true
+		}
+		return nil
+	}
+}
+
+// WithEncoderPadding will add padding to all output so the size will be a multiple of n.
+// This can be used to obfuscate the exact output size or make blocks of a certain size.
+// The contents will be a skippable frame, so it will be invisible by the decoder.
+// n must be > 0 and <= 1GB, 1<<30 bytes.
+// The padded area will be filled with data from crypto/rand.Reader.
+// If `EncodeAll` is used with data already in the destination, the total size will be multiple of this.
+func WithEncoderPadding(n int) EOption {
+	return func(o *encoderOptions) error {
+		if n <= 0 {
+			return fmt.Errorf("padding must be at least 1")
+		}
+		// No need to waste our time.
+		if n == 1 {
+			n = 0
+		}
+		if n > 1<<30 {
+			return fmt.Errorf("padding must less than 1GB (1<<30 bytes) ")
+		}
+		o.pad = n
+		return nil
+	}
+}
+
+// EncoderLevel predefines encoder compression levels.
+// Only use the constants made available, since the actual mapping
+// of these values are very likely to change and your compression could change
+// unpredictably when upgrading the library.
+type EncoderLevel int
+
+const (
+	speedNotSet EncoderLevel = iota
+
+	// SpeedFastest will choose the fastest reasonable compression.
+	// This is roughly equivalent to the fastest Zstandard mode.
+	SpeedFastest
+
+	// SpeedDefault is the default "pretty fast" compression option.
+	// This is roughly equivalent to the default Zstandard mode (level 3).
+	SpeedDefault
+
+	// SpeedBetterCompression will yield better compression than the default.
+	// Currently it is about zstd level 7-8 with ~ 2x-3x the default CPU usage.
+	// By using this, notice that CPU usage may go up in the future.
+	SpeedBetterCompression
+
+	// SpeedBestCompression will choose the best available compression option.
+	// This will offer the best compression no matter the CPU cost.
+	SpeedBestCompression
+
+	// speedLast should be kept as the last actual compression option.
+	// The is not for external usage, but is used to keep track of the valid options.
+	speedLast
+)
+
+// EncoderLevelFromString will convert a string representation of an encoding level back
+// to a compression level. The compare is not case sensitive.
+// If the string wasn't recognized, (false, SpeedDefault) will be returned.
+func EncoderLevelFromString(s string) (bool, EncoderLevel) {
+	for l := speedNotSet + 1; l < speedLast; l++ {
+		if strings.EqualFold(s, l.String()) {
+			return true, l
+		}
+	}
+	return false, SpeedDefault
+}
+
+// EncoderLevelFromZstd will return an encoder level that closest matches the compression
+// ratio of a specific zstd compression level.
+// Many input values will provide the same compression level.
+func EncoderLevelFromZstd(level int) EncoderLevel {
+	switch {
+	case level < 3:
+		return SpeedFastest
+	case level >= 3 && level < 6:
+		return SpeedDefault
+	case level >= 6 && level < 10:
+		return SpeedBetterCompression
+	default:
+		return SpeedBestCompression
+	}
+}
+
+// String provides a string representation of the compression level.
+func (e EncoderLevel) String() string {
+	switch e {
+	case SpeedFastest:
+		return "fastest"
+	case SpeedDefault:
+		return "default"
+	case SpeedBetterCompression:
+		return "better"
+	case SpeedBestCompression:
+		return "best"
+	default:
+		return "invalid"
+	}
+}
+
+// WithEncoderLevel specifies a predefined compression level.
+func WithEncoderLevel(l EncoderLevel) EOption {
+	return func(o *encoderOptions) error {
+		switch {
+		case l <= speedNotSet || l >= speedLast:
+			return fmt.Errorf("unknown encoder level")
+		}
+		o.level = l
+		if !o.customWindow {
+			switch o.level {
+			case SpeedFastest:
+				o.windowSize = 4 << 20
+				if !o.customBlockSize {
+					o.blockSize = 1 << 16
+				}
+			case SpeedDefault:
+				o.windowSize = 8 << 20
+			case SpeedBetterCompression:
+				o.windowSize = 8 << 20
+			case SpeedBestCompression:
+				o.windowSize = 8 << 20
+			}
+		}
+		if !o.customALEntropy {
+			o.allLitEntropy = l > SpeedDefault
+		}
+
+		return nil
+	}
+}
+
+// WithZeroFrames will encode 0 length input as full frames.
+// This can be needed for compatibility with zstandard usage,
+// but is not needed for this package.
+func WithZeroFrames(b bool) EOption {
+	return func(o *encoderOptions) error {
+		o.fullZero = b
+		return nil
+	}
+}
+
+// WithAllLitEntropyCompression will apply entropy compression if no matches are found.
+// Disabling this will skip incompressible data faster, but in cases with no matches but
+// skewed character distribution compression is lost.
+// Default value depends on the compression level selected.
+func WithAllLitEntropyCompression(b bool) EOption {
+	return func(o *encoderOptions) error {
+		o.customALEntropy = true
+		o.allLitEntropy = b
+		return nil
+	}
+}
+
+// WithNoEntropyCompression will always skip entropy compression of literals.
+// This can be useful if content has matches, but unlikely to benefit from entropy
+// compression. Usually the slight speed improvement is not worth enabling this.
+func WithNoEntropyCompression(b bool) EOption {
+	return func(o *encoderOptions) error {
+		o.noEntropy = b
+		return nil
+	}
+}
+
+// WithSingleSegment will set the "single segment" flag when EncodeAll is used.
+// If this flag is set, data must be regenerated within a single continuous memory segment.
+// In this case, Window_Descriptor byte is skipped, but Frame_Content_Size is necessarily present.
+// As a consequence, the decoder must allocate a memory segment of size equal or larger than size of your content.
+// In order to preserve the decoder from unreasonable memory requirements,
+// a decoder is allowed to reject a compressed frame which requests a memory size beyond decoder's authorized range.
+// For broader compatibility, decoders are recommended to support memory sizes of at least 8 MB.
+// This is only a recommendation, each decoder is free to support higher or lower limits, depending on local limitations.
+// If this is not specified, block encodes will automatically choose this based on the input size and the window size.
+// This setting has no effect on streamed encodes.
+func WithSingleSegment(b bool) EOption {
+	return func(o *encoderOptions) error {
+		o.single = &b
+		return nil
+	}
+}
+
+// WithLowerEncoderMem will trade in some memory cases trade less memory usage for
+// slower encoding speed.
+// This will not change the window size which is the primary function for reducing
+// memory usage. See WithWindowSize.
+func WithLowerEncoderMem(b bool) EOption {
+	return func(o *encoderOptions) error {
+		o.lowMem = b
+		return nil
+	}
+}
+
+// WithEncoderDict allows to register a dictionary that will be used for the encode.
+//
+// The slice dict must be in the [dictionary format] produced by
+// "zstd --train" from the Zstandard reference implementation.
+//
+// The encoder *may* choose to use no dictionary instead for certain payloads.
+//
+// [dictionary format]: https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#dictionary-format
+func WithEncoderDict(dict []byte) EOption {
+	return func(o *encoderOptions) error {
+		d, err := loadDict(dict)
+		if err != nil {
+			return err
+		}
+		o.dict = d
+		return nil
+	}
+}
+
+// WithEncoderDictRaw registers a dictionary that may be used by the encoder.
+//
+// The slice content may contain arbitrary data. It will be used as an initial
+// history.
+func WithEncoderDictRaw(id uint32, content []byte) EOption {
+	return func(o *encoderOptions) error {
+		if bits.UintSize > 32 && uint(len(content)) > dictMaxLength {
+			return fmt.Errorf("dictionary of size %d > 2GiB too large", len(content))
+		}
+		o.dict = &dict{id: id, content: content, offsets: [3]int{1, 4, 8}}
+		return nil
+	}
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/framedec.go b/vendor/github.com/klauspost/compress/zstd/framedec.go
new file mode 100644
index 000000000..e47af66e7
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/framedec.go
@@ -0,0 +1,415 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"encoding/binary"
+	"encoding/hex"
+	"errors"
+	"io"
+
+	"github.com/klauspost/compress/zstd/internal/xxhash"
+)
+
+type frameDec struct {
+	o   decoderOptions
+	crc *xxhash.Digest
+
+	WindowSize uint64
+
+	// Frame history passed between blocks
+	history history
+
+	rawInput byteBuffer
+
+	// Byte buffer that can be reused for small input blocks.
+	bBuf byteBuf
+
+	FrameContentSize uint64
+
+	DictionaryID  uint32
+	HasCheckSum   bool
+	SingleSegment bool
+}
+
+const (
+	// MinWindowSize is the minimum Window Size, which is 1 KB.
+	MinWindowSize = 1 << 10
+
+	// MaxWindowSize is the maximum encoder window size
+	// and the default decoder maximum window size.
+	MaxWindowSize = 1 << 29
+)
+
+const (
+	frameMagic          = "\x28\xb5\x2f\xfd"
+	skippableFrameMagic = "\x2a\x4d\x18"
+)
+
+func newFrameDec(o decoderOptions) *frameDec {
+	if o.maxWindowSize > o.maxDecodedSize {
+		o.maxWindowSize = o.maxDecodedSize
+	}
+	d := frameDec{
+		o: o,
+	}
+	return &d
+}
+
+// reset will read the frame header and prepare for block decoding.
+// If nothing can be read from the input, io.EOF will be returned.
+// Any other error indicated that the stream contained data, but
+// there was a problem.
+func (d *frameDec) reset(br byteBuffer) error {
+	d.HasCheckSum = false
+	d.WindowSize = 0
+	var signature [4]byte
+	for {
+		var err error
+		// Check if we can read more...
+		b, err := br.readSmall(1)
+		switch err {
+		case io.EOF, io.ErrUnexpectedEOF:
+			return io.EOF
+		case nil:
+			signature[0] = b[0]
+		default:
+			return err
+		}
+		// Read the rest, don't allow io.ErrUnexpectedEOF
+		b, err = br.readSmall(3)
+		switch err {
+		case io.EOF:
+			return io.EOF
+		case nil:
+			copy(signature[1:], b)
+		default:
+			return err
+		}
+
+		if string(signature[1:4]) != skippableFrameMagic || signature[0]&0xf0 != 0x50 {
+			if debugDecoder {
+				println("Not skippable", hex.EncodeToString(signature[:]), hex.EncodeToString([]byte(skippableFrameMagic)))
+			}
+			// Break if not skippable frame.
+			break
+		}
+		// Read size to skip
+		b, err = br.readSmall(4)
+		if err != nil {
+			if debugDecoder {
+				println("Reading Frame Size", err)
+			}
+			return err
+		}
+		n := uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
+		println("Skipping frame with", n, "bytes.")
+		err = br.skipN(int64(n))
+		if err != nil {
+			if debugDecoder {
+				println("Reading discarded frame", err)
+			}
+			return err
+		}
+	}
+	if string(signature[:]) != frameMagic {
+		if debugDecoder {
+			println("Got magic numbers: ", signature, "want:", []byte(frameMagic))
+		}
+		return ErrMagicMismatch
+	}
+
+	// Read Frame_Header_Descriptor
+	fhd, err := br.readByte()
+	if err != nil {
+		if debugDecoder {
+			println("Reading Frame_Header_Descriptor", err)
+		}
+		return err
+	}
+	d.SingleSegment = fhd&(1<<5) != 0
+
+	if fhd&(1<<3) != 0 {
+		return errors.New("reserved bit set on frame header")
+	}
+
+	// Read Window_Descriptor
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#window_descriptor
+	d.WindowSize = 0
+	if !d.SingleSegment {
+		wd, err := br.readByte()
+		if err != nil {
+			if debugDecoder {
+				println("Reading Window_Descriptor", err)
+			}
+			return err
+		}
+		if debugDecoder {
+			printf("raw: %x, mantissa: %d, exponent: %d\n", wd, wd&7, wd>>3)
+		}
+		windowLog := 10 + (wd >> 3)
+		windowBase := uint64(1) << windowLog
+		windowAdd := (windowBase / 8) * uint64(wd&0x7)
+		d.WindowSize = windowBase + windowAdd
+	}
+
+	// Read Dictionary_ID
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#dictionary_id
+	d.DictionaryID = 0
+	if size := fhd & 3; size != 0 {
+		if size == 3 {
+			size = 4
+		}
+
+		b, err := br.readSmall(int(size))
+		if err != nil {
+			println("Reading Dictionary_ID", err)
+			return err
+		}
+		var id uint32
+		switch len(b) {
+		case 1:
+			id = uint32(b[0])
+		case 2:
+			id = uint32(b[0]) | (uint32(b[1]) << 8)
+		case 4:
+			id = uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
+		}
+		if debugDecoder {
+			println("Dict size", size, "ID:", id)
+		}
+		d.DictionaryID = id
+	}
+
+	// Read Frame_Content_Size
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#frame_content_size
+	var fcsSize int
+	v := fhd >> 6
+	switch v {
+	case 0:
+		if d.SingleSegment {
+			fcsSize = 1
+		}
+	default:
+		fcsSize = 1 << v
+	}
+	d.FrameContentSize = fcsUnknown
+	if fcsSize > 0 {
+		b, err := br.readSmall(fcsSize)
+		if err != nil {
+			println("Reading Frame content", err)
+			return err
+		}
+		switch len(b) {
+		case 1:
+			d.FrameContentSize = uint64(b[0])
+		case 2:
+			// When FCS_Field_Size is 2, the offset of 256 is added.
+			d.FrameContentSize = uint64(b[0]) | (uint64(b[1]) << 8) + 256
+		case 4:
+			d.FrameContentSize = uint64(b[0]) | (uint64(b[1]) << 8) | (uint64(b[2]) << 16) | (uint64(b[3]) << 24)
+		case 8:
+			d1 := uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
+			d2 := uint32(b[4]) | (uint32(b[5]) << 8) | (uint32(b[6]) << 16) | (uint32(b[7]) << 24)
+			d.FrameContentSize = uint64(d1) | (uint64(d2) << 32)
+		}
+		if debugDecoder {
+			println("Read FCS:", d.FrameContentSize)
+		}
+	}
+
+	// Move this to shared.
+	d.HasCheckSum = fhd&(1<<2) != 0
+	if d.HasCheckSum {
+		if d.crc == nil {
+			d.crc = xxhash.New()
+		}
+		d.crc.Reset()
+	}
+
+	if d.WindowSize > d.o.maxWindowSize {
+		if debugDecoder {
+			printf("window size %d > max %d\n", d.WindowSize, d.o.maxWindowSize)
+		}
+		return ErrWindowSizeExceeded
+	}
+
+	if d.WindowSize == 0 && d.SingleSegment {
+		// We may not need window in this case.
+		d.WindowSize = d.FrameContentSize
+		if d.WindowSize < MinWindowSize {
+			d.WindowSize = MinWindowSize
+		}
+		if d.WindowSize > d.o.maxDecodedSize {
+			if debugDecoder {
+				printf("window size %d > max %d\n", d.WindowSize, d.o.maxWindowSize)
+			}
+			return ErrDecoderSizeExceeded
+		}
+	}
+
+	// The minimum Window_Size is 1 KB.
+	if d.WindowSize < MinWindowSize {
+		if debugDecoder {
+			println("got window size: ", d.WindowSize)
+		}
+		return ErrWindowSizeTooSmall
+	}
+	d.history.windowSize = int(d.WindowSize)
+	if !d.o.lowMem || d.history.windowSize < maxBlockSize {
+		// Alloc 2x window size if not low-mem, or window size below 2MB.
+		d.history.allocFrameBuffer = d.history.windowSize * 2
+	} else {
+		if d.o.lowMem {
+			// Alloc with 1MB extra.
+			d.history.allocFrameBuffer = d.history.windowSize + maxBlockSize/2
+		} else {
+			// Alloc with 2MB extra.
+			d.history.allocFrameBuffer = d.history.windowSize + maxBlockSize
+		}
+	}
+
+	if debugDecoder {
+		println("Frame: Dict:", d.DictionaryID, "FrameContentSize:", d.FrameContentSize, "singleseg:", d.SingleSegment, "window:", d.WindowSize, "crc:", d.HasCheckSum)
+	}
+
+	// history contains input - maybe we do something
+	d.rawInput = br
+	return nil
+}
+
+// next will start decoding the next block from stream.
+func (d *frameDec) next(block *blockDec) error {
+	if debugDecoder {
+		println("decoding new block")
+	}
+	err := block.reset(d.rawInput, d.WindowSize)
+	if err != nil {
+		println("block error:", err)
+		// Signal the frame decoder we have a problem.
+		block.sendErr(err)
+		return err
+	}
+	return nil
+}
+
+// checkCRC will check the checksum, assuming the frame has one.
+// Will return ErrCRCMismatch if crc check failed, otherwise nil.
+func (d *frameDec) checkCRC() error {
+	// We can overwrite upper tmp now
+	buf, err := d.rawInput.readSmall(4)
+	if err != nil {
+		println("CRC missing?", err)
+		return err
+	}
+
+	want := binary.LittleEndian.Uint32(buf[:4])
+	got := uint32(d.crc.Sum64())
+
+	if got != want {
+		if debugDecoder {
+			printf("CRC check failed: got %08x, want %08x\n", got, want)
+		}
+		return ErrCRCMismatch
+	}
+	if debugDecoder {
+		printf("CRC ok %08x\n", got)
+	}
+	return nil
+}
+
+// consumeCRC skips over the checksum, assuming the frame has one.
+func (d *frameDec) consumeCRC() error {
+	_, err := d.rawInput.readSmall(4)
+	if err != nil {
+		println("CRC missing?", err)
+	}
+	return err
+}
+
+// runDecoder will run the decoder for the remainder of the frame.
+func (d *frameDec) runDecoder(dst []byte, dec *blockDec) ([]byte, error) {
+	saved := d.history.b
+
+	// We use the history for output to avoid copying it.
+	d.history.b = dst
+	d.history.ignoreBuffer = len(dst)
+	// Store input length, so we only check new data.
+	crcStart := len(dst)
+	d.history.decoders.maxSyncLen = 0
+	if d.o.limitToCap {
+		d.history.decoders.maxSyncLen = uint64(cap(dst) - len(dst))
+	}
+	if d.FrameContentSize != fcsUnknown {
+		if !d.o.limitToCap || d.FrameContentSize+uint64(len(dst)) < d.history.decoders.maxSyncLen {
+			d.history.decoders.maxSyncLen = d.FrameContentSize + uint64(len(dst))
+		}
+		if d.history.decoders.maxSyncLen > d.o.maxDecodedSize {
+			if debugDecoder {
+				println("maxSyncLen:", d.history.decoders.maxSyncLen, "> maxDecodedSize:", d.o.maxDecodedSize)
+			}
+			return dst, ErrDecoderSizeExceeded
+		}
+		if debugDecoder {
+			println("maxSyncLen:", d.history.decoders.maxSyncLen)
+		}
+		if !d.o.limitToCap && uint64(cap(dst)) < d.history.decoders.maxSyncLen {
+			// Alloc for output
+			dst2 := make([]byte, len(dst), d.history.decoders.maxSyncLen+compressedBlockOverAlloc)
+			copy(dst2, dst)
+			dst = dst2
+		}
+	}
+	var err error
+	for {
+		err = dec.reset(d.rawInput, d.WindowSize)
+		if err != nil {
+			break
+		}
+		if debugDecoder {
+			println("next block:", dec)
+		}
+		err = dec.decodeBuf(&d.history)
+		if err != nil {
+			break
+		}
+		if uint64(len(d.history.b)-crcStart) > d.o.maxDecodedSize {
+			println("runDecoder: maxDecodedSize exceeded", uint64(len(d.history.b)-crcStart), ">", d.o.maxDecodedSize)
+			err = ErrDecoderSizeExceeded
+			break
+		}
+		if d.o.limitToCap && len(d.history.b) > cap(dst) {
+			println("runDecoder: cap exceeded", uint64(len(d.history.b)), ">", cap(dst))
+			err = ErrDecoderSizeExceeded
+			break
+		}
+		if uint64(len(d.history.b)-crcStart) > d.FrameContentSize {
+			println("runDecoder: FrameContentSize exceeded", uint64(len(d.history.b)-crcStart), ">", d.FrameContentSize)
+			err = ErrFrameSizeExceeded
+			break
+		}
+		if dec.Last {
+			break
+		}
+		if debugDecoder {
+			println("runDecoder: FrameContentSize", uint64(len(d.history.b)-crcStart), "<=", d.FrameContentSize)
+		}
+	}
+	dst = d.history.b
+	if err == nil {
+		if d.FrameContentSize != fcsUnknown && uint64(len(d.history.b)-crcStart) != d.FrameContentSize {
+			err = ErrFrameSizeMismatch
+		} else if d.HasCheckSum {
+			if d.o.ignoreChecksum {
+				err = d.consumeCRC()
+			} else {
+				d.crc.Write(dst[crcStart:])
+				err = d.checkCRC()
+			}
+		}
+	}
+	d.history.b = saved
+	return dst, err
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/frameenc.go b/vendor/github.com/klauspost/compress/zstd/frameenc.go
new file mode 100644
index 000000000..667ca0679
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/frameenc.go
@@ -0,0 +1,137 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"encoding/binary"
+	"fmt"
+	"io"
+	"math"
+	"math/bits"
+)
+
+type frameHeader struct {
+	ContentSize   uint64
+	WindowSize    uint32
+	SingleSegment bool
+	Checksum      bool
+	DictID        uint32
+}
+
+const maxHeaderSize = 14
+
+func (f frameHeader) appendTo(dst []byte) []byte {
+	dst = append(dst, frameMagic...)
+	var fhd uint8
+	if f.Checksum {
+		fhd |= 1 << 2
+	}
+	if f.SingleSegment {
+		fhd |= 1 << 5
+	}
+
+	var dictIDContent []byte
+	if f.DictID > 0 {
+		var tmp [4]byte
+		if f.DictID < 256 {
+			fhd |= 1
+			tmp[0] = uint8(f.DictID)
+			dictIDContent = tmp[:1]
+		} else if f.DictID < 1<<16 {
+			fhd |= 2
+			binary.LittleEndian.PutUint16(tmp[:2], uint16(f.DictID))
+			dictIDContent = tmp[:2]
+		} else {
+			fhd |= 3
+			binary.LittleEndian.PutUint32(tmp[:4], f.DictID)
+			dictIDContent = tmp[:4]
+		}
+	}
+	var fcs uint8
+	if f.ContentSize >= 256 {
+		fcs++
+	}
+	if f.ContentSize >= 65536+256 {
+		fcs++
+	}
+	if f.ContentSize >= 0xffffffff {
+		fcs++
+	}
+
+	fhd |= fcs << 6
+
+	dst = append(dst, fhd)
+	if !f.SingleSegment {
+		const winLogMin = 10
+		windowLog := (bits.Len32(f.WindowSize-1) - winLogMin) << 3
+		dst = append(dst, uint8(windowLog))
+	}
+	if f.DictID > 0 {
+		dst = append(dst, dictIDContent...)
+	}
+	switch fcs {
+	case 0:
+		if f.SingleSegment {
+			dst = append(dst, uint8(f.ContentSize))
+		}
+		// Unless SingleSegment is set, framessizes < 256 are not stored.
+	case 1:
+		f.ContentSize -= 256
+		dst = append(dst, uint8(f.ContentSize), uint8(f.ContentSize>>8))
+	case 2:
+		dst = append(dst, uint8(f.ContentSize), uint8(f.ContentSize>>8), uint8(f.ContentSize>>16), uint8(f.ContentSize>>24))
+	case 3:
+		dst = append(dst, uint8(f.ContentSize), uint8(f.ContentSize>>8), uint8(f.ContentSize>>16), uint8(f.ContentSize>>24),
+			uint8(f.ContentSize>>32), uint8(f.ContentSize>>40), uint8(f.ContentSize>>48), uint8(f.ContentSize>>56))
+	default:
+		panic("invalid fcs")
+	}
+	return dst
+}
+
+const skippableFrameHeader = 4 + 4
+
+// calcSkippableFrame will return a total size to be added for written
+// to be divisible by multiple.
+// The value will always be > skippableFrameHeader.
+// The function will panic if written < 0 or wantMultiple <= 0.
+func calcSkippableFrame(written, wantMultiple int64) int {
+	if wantMultiple <= 0 {
+		panic("wantMultiple <= 0")
+	}
+	if written < 0 {
+		panic("written < 0")
+	}
+	leftOver := written % wantMultiple
+	if leftOver == 0 {
+		return 0
+	}
+	toAdd := wantMultiple - leftOver
+	for toAdd < skippableFrameHeader {
+		toAdd += wantMultiple
+	}
+	return int(toAdd)
+}
+
+// skippableFrame will add a skippable frame with a total size of bytes.
+// total should be >= skippableFrameHeader and < math.MaxUint32.
+func skippableFrame(dst []byte, total int, r io.Reader) ([]byte, error) {
+	if total == 0 {
+		return dst, nil
+	}
+	if total < skippableFrameHeader {
+		return dst, fmt.Errorf("requested skippable frame (%d) < 8", total)
+	}
+	if int64(total) > math.MaxUint32 {
+		return dst, fmt.Errorf("requested skippable frame (%d) > max uint32", total)
+	}
+	dst = append(dst, 0x50, 0x2a, 0x4d, 0x18)
+	f := uint32(total - skippableFrameHeader)
+	dst = append(dst, uint8(f), uint8(f>>8), uint8(f>>16), uint8(f>>24))
+	start := len(dst)
+	dst = append(dst, make([]byte, f)...)
+	_, err := io.ReadFull(r, dst[start:])
+	return dst, err
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_decoder.go b/vendor/github.com/klauspost/compress/zstd/fse_decoder.go
new file mode 100644
index 000000000..2f8860a72
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/fse_decoder.go
@@ -0,0 +1,307 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"encoding/binary"
+	"errors"
+	"fmt"
+	"io"
+)
+
+const (
+	tablelogAbsoluteMax = 9
+)
+
+const (
+	/*!MEMORY_USAGE :
+	 *  Memory usage formula : N->2^N Bytes (examples : 10 -> 1KB; 12 -> 4KB ; 16 -> 64KB; 20 -> 1MB; etc.)
+	 *  Increasing memory usage improves compression ratio
+	 *  Reduced memory usage can improve speed, due to cache effect
+	 *  Recommended max value is 14, for 16KB, which nicely fits into Intel x86 L1 cache */
+	maxMemoryUsage = tablelogAbsoluteMax + 2
+
+	maxTableLog    = maxMemoryUsage - 2
+	maxTablesize   = 1 << maxTableLog
+	maxTableMask   = (1 << maxTableLog) - 1
+	minTablelog    = 5
+	maxSymbolValue = 255
+)
+
+// fseDecoder provides temporary storage for compression and decompression.
+type fseDecoder struct {
+	dt             [maxTablesize]decSymbol // Decompression table.
+	symbolLen      uint16                  // Length of active part of the symbol table.
+	actualTableLog uint8                   // Selected tablelog.
+	maxBits        uint8                   // Maximum number of additional bits
+
+	// used for table creation to avoid allocations.
+	stateTable [256]uint16
+	norm       [maxSymbolValue + 1]int16
+	preDefined bool
+}
+
+// tableStep returns the next table index.
+func tableStep(tableSize uint32) uint32 {
+	return (tableSize >> 1) + (tableSize >> 3) + 3
+}
+
+// readNCount will read the symbol distribution so decoding tables can be constructed.
+func (s *fseDecoder) readNCount(b *byteReader, maxSymbol uint16) error {
+	var (
+		charnum   uint16
+		previous0 bool
+	)
+	if b.remain() < 4 {
+		return errors.New("input too small")
+	}
+	bitStream := b.Uint32NC()
+	nbBits := uint((bitStream & 0xF) + minTablelog) // extract tableLog
+	if nbBits > tablelogAbsoluteMax {
+		println("Invalid tablelog:", nbBits)
+		return errors.New("tableLog too large")
+	}
+	bitStream >>= 4
+	bitCount := uint(4)
+
+	s.actualTableLog = uint8(nbBits)
+	remaining := int32((1 << nbBits) + 1)
+	threshold := int32(1 << nbBits)
+	gotTotal := int32(0)
+	nbBits++
+
+	for remaining > 1 && charnum <= maxSymbol {
+		if previous0 {
+			//println("prev0")
+			n0 := charnum
+			for (bitStream & 0xFFFF) == 0xFFFF {
+				//println("24 x 0")
+				n0 += 24
+				if r := b.remain(); r > 5 {
+					b.advance(2)
+					// The check above should make sure we can read 32 bits
+					bitStream = b.Uint32NC() >> bitCount
+				} else {
+					// end of bit stream
+					bitStream >>= 16
+					bitCount += 16
+				}
+			}
+			//printf("bitstream: %d, 0b%b", bitStream&3, bitStream)
+			for (bitStream & 3) == 3 {
+				n0 += 3
+				bitStream >>= 2
+				bitCount += 2
+			}
+			n0 += uint16(bitStream & 3)
+			bitCount += 2
+
+			if n0 > maxSymbolValue {
+				return errors.New("maxSymbolValue too small")
+			}
+			//println("inserting ", n0-charnum, "zeroes from idx", charnum, "ending before", n0)
+			for charnum < n0 {
+				s.norm[uint8(charnum)] = 0
+				charnum++
+			}
+
+			if r := b.remain(); r >= 7 || r-int(bitCount>>3) >= 4 {
+				b.advance(bitCount >> 3)
+				bitCount &= 7
+				// The check above should make sure we can read 32 bits
+				bitStream = b.Uint32NC() >> bitCount
+			} else {
+				bitStream >>= 2
+			}
+		}
+
+		max := (2*threshold - 1) - remaining
+		var count int32
+
+		if int32(bitStream)&(threshold-1) < max {
+			count = int32(bitStream) & (threshold - 1)
+			if debugAsserts && nbBits < 1 {
+				panic("nbBits underflow")
+			}
+			bitCount += nbBits - 1
+		} else {
+			count = int32(bitStream) & (2*threshold - 1)
+			if count >= threshold {
+				count -= max
+			}
+			bitCount += nbBits
+		}
+
+		// extra accuracy
+		count--
+		if count < 0 {
+			// -1 means +1
+			remaining += count
+			gotTotal -= count
+		} else {
+			remaining -= count
+			gotTotal += count
+		}
+		s.norm[charnum&0xff] = int16(count)
+		charnum++
+		previous0 = count == 0
+		for remaining < threshold {
+			nbBits--
+			threshold >>= 1
+		}
+
+		if r := b.remain(); r >= 7 || r-int(bitCount>>3) >= 4 {
+			b.advance(bitCount >> 3)
+			bitCount &= 7
+			// The check above should make sure we can read 32 bits
+			bitStream = b.Uint32NC() >> (bitCount & 31)
+		} else {
+			bitCount -= (uint)(8 * (len(b.b) - 4 - b.off))
+			b.off = len(b.b) - 4
+			bitStream = b.Uint32() >> (bitCount & 31)
+		}
+	}
+	s.symbolLen = charnum
+	if s.symbolLen <= 1 {
+		return fmt.Errorf("symbolLen (%d) too small", s.symbolLen)
+	}
+	if s.symbolLen > maxSymbolValue+1 {
+		return fmt.Errorf("symbolLen (%d) too big", s.symbolLen)
+	}
+	if remaining != 1 {
+		return fmt.Errorf("corruption detected (remaining %d != 1)", remaining)
+	}
+	if bitCount > 32 {
+		return fmt.Errorf("corruption detected (bitCount %d > 32)", bitCount)
+	}
+	if gotTotal != 1<> 3)
+	return s.buildDtable()
+}
+
+func (s *fseDecoder) mustReadFrom(r io.Reader) {
+	fatalErr := func(err error) {
+		if err != nil {
+			panic(err)
+		}
+	}
+	// 	dt             [maxTablesize]decSymbol // Decompression table.
+	//	symbolLen      uint16                  // Length of active part of the symbol table.
+	//	actualTableLog uint8                   // Selected tablelog.
+	//	maxBits        uint8                   // Maximum number of additional bits
+	//	// used for table creation to avoid allocations.
+	//	stateTable [256]uint16
+	//	norm       [maxSymbolValue + 1]int16
+	//	preDefined bool
+	fatalErr(binary.Read(r, binary.LittleEndian, &s.dt))
+	fatalErr(binary.Read(r, binary.LittleEndian, &s.symbolLen))
+	fatalErr(binary.Read(r, binary.LittleEndian, &s.actualTableLog))
+	fatalErr(binary.Read(r, binary.LittleEndian, &s.maxBits))
+	fatalErr(binary.Read(r, binary.LittleEndian, &s.stateTable))
+	fatalErr(binary.Read(r, binary.LittleEndian, &s.norm))
+	fatalErr(binary.Read(r, binary.LittleEndian, &s.preDefined))
+}
+
+// decSymbol contains information about a state entry,
+// Including the state offset base, the output symbol and
+// the number of bits to read for the low part of the destination state.
+// Using a composite uint64 is faster than a struct with separate members.
+type decSymbol uint64
+
+func newDecSymbol(nbits, addBits uint8, newState uint16, baseline uint32) decSymbol {
+	return decSymbol(nbits) | (decSymbol(addBits) << 8) | (decSymbol(newState) << 16) | (decSymbol(baseline) << 32)
+}
+
+func (d decSymbol) nbBits() uint8 {
+	return uint8(d)
+}
+
+func (d decSymbol) addBits() uint8 {
+	return uint8(d >> 8)
+}
+
+func (d decSymbol) newState() uint16 {
+	return uint16(d >> 16)
+}
+
+func (d decSymbol) baselineInt() int {
+	return int(d >> 32)
+}
+
+func (d *decSymbol) setNBits(nBits uint8) {
+	const mask = 0xffffffffffffff00
+	*d = (*d & mask) | decSymbol(nBits)
+}
+
+func (d *decSymbol) setAddBits(addBits uint8) {
+	const mask = 0xffffffffffff00ff
+	*d = (*d & mask) | (decSymbol(addBits) << 8)
+}
+
+func (d *decSymbol) setNewState(state uint16) {
+	const mask = 0xffffffff0000ffff
+	*d = (*d & mask) | decSymbol(state)<<16
+}
+
+func (d *decSymbol) setExt(addBits uint8, baseline uint32) {
+	const mask = 0xffff00ff
+	*d = (*d & mask) | (decSymbol(addBits) << 8) | (decSymbol(baseline) << 32)
+}
+
+// decSymbolValue returns the transformed decSymbol for the given symbol.
+func decSymbolValue(symb uint8, t []baseOffset) (decSymbol, error) {
+	if int(symb) >= len(t) {
+		return 0, fmt.Errorf("rle symbol %d >= max %d", symb, len(t))
+	}
+	lu := t[symb]
+	return newDecSymbol(0, lu.addBits, 0, lu.baseLine), nil
+}
+
+// setRLE will set the decoder til RLE mode.
+func (s *fseDecoder) setRLE(symbol decSymbol) {
+	s.actualTableLog = 0
+	s.maxBits = symbol.addBits()
+	s.dt[0] = symbol
+}
+
+// transform will transform the decoder table into a table usable for
+// decoding without having to apply the transformation while decoding.
+// The state will contain the base value and the number of bits to read.
+func (s *fseDecoder) transform(t []baseOffset) error {
+	tableSize := uint16(1 << s.actualTableLog)
+	s.maxBits = 0
+	for i, v := range s.dt[:tableSize] {
+		add := v.addBits()
+		if int(add) >= len(t) {
+			return fmt.Errorf("invalid decoding table entry %d, symbol %d >= max (%d)", i, v.addBits(), len(t))
+		}
+		lu := t[add]
+		if lu.addBits > s.maxBits {
+			s.maxBits = lu.addBits
+		}
+		v.setExt(lu.addBits, lu.baseLine)
+		s.dt[i] = v
+	}
+	return nil
+}
+
+type fseState struct {
+	dt    []decSymbol
+	state decSymbol
+}
+
+// Initialize and decodeAsync first state and symbol.
+func (s *fseState) init(br *bitReader, tableLog uint8, dt []decSymbol) {
+	s.dt = dt
+	br.fill()
+	s.state = dt[br.getBits(tableLog)]
+}
+
+// final returns the current state symbol without decoding the next.
+func (s decSymbol) final() (int, uint8) {
+	return s.baselineInt(), s.addBits()
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.go b/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.go
new file mode 100644
index 000000000..d04a829b0
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.go
@@ -0,0 +1,65 @@
+//go:build amd64 && !appengine && !noasm && gc
+// +build amd64,!appengine,!noasm,gc
+
+package zstd
+
+import (
+	"fmt"
+)
+
+type buildDtableAsmContext struct {
+	// inputs
+	stateTable *uint16
+	norm       *int16
+	dt         *uint64
+
+	// outputs --- set by the procedure in the case of error;
+	// for interpretation please see the error handling part below
+	errParam1 uint64
+	errParam2 uint64
+}
+
+// buildDtable_asm is an x86 assembly implementation of fseDecoder.buildDtable.
+// Function returns non-zero exit code on error.
+//
+//go:noescape
+func buildDtable_asm(s *fseDecoder, ctx *buildDtableAsmContext) int
+
+// please keep in sync with _generate/gen_fse.go
+const (
+	errorCorruptedNormalizedCounter = 1
+	errorNewStateTooBig             = 2
+	errorNewStateNoBits             = 3
+)
+
+// buildDtable will build the decoding table.
+func (s *fseDecoder) buildDtable() error {
+	ctx := buildDtableAsmContext{
+		stateTable: &s.stateTable[0],
+		norm:       &s.norm[0],
+		dt:         (*uint64)(&s.dt[0]),
+	}
+	code := buildDtable_asm(s, &ctx)
+
+	if code != 0 {
+		switch code {
+		case errorCorruptedNormalizedCounter:
+			position := ctx.errParam1
+			return fmt.Errorf("corrupted input (position=%d, expected 0)", position)
+
+		case errorNewStateTooBig:
+			newState := decSymbol(ctx.errParam1)
+			size := ctx.errParam2
+			return fmt.Errorf("newState (%d) outside table size (%d)", newState, size)
+
+		case errorNewStateNoBits:
+			newState := decSymbol(ctx.errParam1)
+			oldState := decSymbol(ctx.errParam2)
+			return fmt.Errorf("newState (%d) == oldState (%d) and no bits", newState, oldState)
+
+		default:
+			return fmt.Errorf("buildDtable_asm returned unhandled nonzero code = %d", code)
+		}
+	}
+	return nil
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.s b/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.s
new file mode 100644
index 000000000..bcde39869
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.s
@@ -0,0 +1,126 @@
+// Code generated by command: go run gen_fse.go -out ../fse_decoder_amd64.s -pkg=zstd. DO NOT EDIT.
+
+//go:build !appengine && !noasm && gc && !noasm
+
+// func buildDtable_asm(s *fseDecoder, ctx *buildDtableAsmContext) int
+TEXT ·buildDtable_asm(SB), $0-24
+	MOVQ ctx+8(FP), CX
+	MOVQ s+0(FP), DI
+
+	// Load values
+	MOVBQZX 4098(DI), DX
+	XORQ    AX, AX
+	BTSQ    DX, AX
+	MOVQ    (CX), BX
+	MOVQ    16(CX), SI
+	LEAQ    -1(AX), R8
+	MOVQ    8(CX), CX
+	MOVWQZX 4096(DI), DI
+
+	// End load values
+	// Init, lay down lowprob symbols
+	XORQ R9, R9
+	JMP  init_main_loop_condition
+
+init_main_loop:
+	MOVWQSX (CX)(R9*2), R10
+	CMPW    R10, $-1
+	JNE     do_not_update_high_threshold
+	MOVB    R9, 1(SI)(R8*8)
+	DECQ    R8
+	MOVQ    $0x0000000000000001, R10
+
+do_not_update_high_threshold:
+	MOVW R10, (BX)(R9*2)
+	INCQ R9
+
+init_main_loop_condition:
+	CMPQ R9, DI
+	JL   init_main_loop
+
+	// Spread symbols
+	// Calculate table step
+	MOVQ AX, R9
+	SHRQ $0x01, R9
+	MOVQ AX, R10
+	SHRQ $0x03, R10
+	LEAQ 3(R9)(R10*1), R9
+
+	// Fill add bits values
+	LEAQ -1(AX), R10
+	XORQ R11, R11
+	XORQ R12, R12
+	JMP  spread_main_loop_condition
+
+spread_main_loop:
+	XORQ    R13, R13
+	MOVWQSX (CX)(R12*2), R14
+	JMP     spread_inner_loop_condition
+
+spread_inner_loop:
+	MOVB R12, 1(SI)(R11*8)
+
+adjust_position:
+	ADDQ R9, R11
+	ANDQ R10, R11
+	CMPQ R11, R8
+	JG   adjust_position
+	INCQ R13
+
+spread_inner_loop_condition:
+	CMPQ R13, R14
+	JL   spread_inner_loop
+	INCQ R12
+
+spread_main_loop_condition:
+	CMPQ  R12, DI
+	JL    spread_main_loop
+	TESTQ R11, R11
+	JZ    spread_check_ok
+	MOVQ  ctx+8(FP), AX
+	MOVQ  R11, 24(AX)
+	MOVQ  $+1, ret+16(FP)
+	RET
+
+spread_check_ok:
+	// Build Decoding table
+	XORQ DI, DI
+
+build_table_main_table:
+	MOVBQZX 1(SI)(DI*8), CX
+	MOVWQZX (BX)(CX*2), R8
+	LEAQ    1(R8), R9
+	MOVW    R9, (BX)(CX*2)
+	MOVQ    R8, R9
+	BSRQ    R9, R9
+	MOVQ    DX, CX
+	SUBQ    R9, CX
+	SHLQ    CL, R8
+	SUBQ    AX, R8
+	MOVB    CL, (SI)(DI*8)
+	MOVW    R8, 2(SI)(DI*8)
+	CMPQ    R8, AX
+	JLE     build_table_check1_ok
+	MOVQ    ctx+8(FP), CX
+	MOVQ    R8, 24(CX)
+	MOVQ    AX, 32(CX)
+	MOVQ    $+2, ret+16(FP)
+	RET
+
+build_table_check1_ok:
+	TESTB CL, CL
+	JNZ   build_table_check2_ok
+	CMPW  R8, DI
+	JNE   build_table_check2_ok
+	MOVQ  ctx+8(FP), AX
+	MOVQ  R8, 24(AX)
+	MOVQ  DI, 32(AX)
+	MOVQ  $+3, ret+16(FP)
+	RET
+
+build_table_check2_ok:
+	INCQ DI
+	CMPQ DI, AX
+	JL   build_table_main_table
+	MOVQ $+0, ret+16(FP)
+	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go b/vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go
new file mode 100644
index 000000000..8adfebb02
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go
@@ -0,0 +1,73 @@
+//go:build !amd64 || appengine || !gc || noasm
+// +build !amd64 appengine !gc noasm
+
+package zstd
+
+import (
+	"errors"
+	"fmt"
+)
+
+// buildDtable will build the decoding table.
+func (s *fseDecoder) buildDtable() error {
+	tableSize := uint32(1 << s.actualTableLog)
+	highThreshold := tableSize - 1
+	symbolNext := s.stateTable[:256]
+
+	// Init, lay down lowprob symbols
+	{
+		for i, v := range s.norm[:s.symbolLen] {
+			if v == -1 {
+				s.dt[highThreshold].setAddBits(uint8(i))
+				highThreshold--
+				v = 1
+			}
+			symbolNext[i] = uint16(v)
+		}
+	}
+
+	// Spread symbols
+	{
+		tableMask := tableSize - 1
+		step := tableStep(tableSize)
+		position := uint32(0)
+		for ss, v := range s.norm[:s.symbolLen] {
+			for i := 0; i < int(v); i++ {
+				s.dt[position].setAddBits(uint8(ss))
+				for {
+					// lowprob area
+					position = (position + step) & tableMask
+					if position <= highThreshold {
+						break
+					}
+				}
+			}
+		}
+		if position != 0 {
+			// position must reach all cells once, otherwise normalizedCounter is incorrect
+			return errors.New("corrupted input (position != 0)")
+		}
+	}
+
+	// Build Decoding table
+	{
+		tableSize := uint16(1 << s.actualTableLog)
+		for u, v := range s.dt[:tableSize] {
+			symbol := v.addBits()
+			nextState := symbolNext[symbol]
+			symbolNext[symbol] = nextState + 1
+			nBits := s.actualTableLog - byte(highBits(uint32(nextState)))
+			s.dt[u&maxTableMask].setNBits(nBits)
+			newState := (nextState << nBits) - tableSize
+			if newState > tableSize {
+				return fmt.Errorf("newState (%d) outside table size (%d)", newState, tableSize)
+			}
+			if newState == uint16(u) && nBits == 0 {
+				// Seems weird that this is possible with nbits > 0.
+				return fmt.Errorf("newState (%d) == oldState (%d) and no bits", newState, u)
+			}
+			s.dt[u&maxTableMask].setNewState(newState)
+		}
+	}
+	return nil
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_encoder.go b/vendor/github.com/klauspost/compress/zstd/fse_encoder.go
new file mode 100644
index 000000000..ab26326a8
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/fse_encoder.go
@@ -0,0 +1,701 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"errors"
+	"fmt"
+	"math"
+)
+
+const (
+	// For encoding we only support up to
+	maxEncTableLog    = 8
+	maxEncTablesize   = 1 << maxTableLog
+	maxEncTableMask   = (1 << maxTableLog) - 1
+	minEncTablelog    = 5
+	maxEncSymbolValue = maxMatchLengthSymbol
+)
+
+// Scratch provides temporary storage for compression and decompression.
+type fseEncoder struct {
+	symbolLen      uint16 // Length of active part of the symbol table.
+	actualTableLog uint8  // Selected tablelog.
+	ct             cTable // Compression tables.
+	maxCount       int    // count of the most probable symbol
+	zeroBits       bool   // no bits has prob > 50%.
+	clearCount     bool   // clear count
+	useRLE         bool   // This encoder is for RLE
+	preDefined     bool   // This encoder is predefined.
+	reUsed         bool   // Set to know when the encoder has been reused.
+	rleVal         uint8  // RLE Symbol
+	maxBits        uint8  // Maximum output bits after transform.
+
+	// TODO: Technically zstd should be fine with 64 bytes.
+	count [256]uint32
+	norm  [256]int16
+}
+
+// cTable contains tables used for compression.
+type cTable struct {
+	tableSymbol []byte
+	stateTable  []uint16
+	symbolTT    []symbolTransform
+}
+
+// symbolTransform contains the state transform for a symbol.
+type symbolTransform struct {
+	deltaNbBits    uint32
+	deltaFindState int16
+	outBits        uint8
+}
+
+// String prints values as a human readable string.
+func (s symbolTransform) String() string {
+	return fmt.Sprintf("{deltabits: %08x, findstate:%d outbits:%d}", s.deltaNbBits, s.deltaFindState, s.outBits)
+}
+
+// Histogram allows to populate the histogram and skip that step in the compression,
+// It otherwise allows to inspect the histogram when compression is done.
+// To indicate that you have populated the histogram call HistogramFinished
+// with the value of the highest populated symbol, as well as the number of entries
+// in the most populated entry. These are accepted at face value.
+func (s *fseEncoder) Histogram() *[256]uint32 {
+	return &s.count
+}
+
+// HistogramFinished can be called to indicate that the histogram has been populated.
+// maxSymbol is the index of the highest set symbol of the next data segment.
+// maxCount is the number of entries in the most populated entry.
+// These are accepted at face value.
+func (s *fseEncoder) HistogramFinished(maxSymbol uint8, maxCount int) {
+	s.maxCount = maxCount
+	s.symbolLen = uint16(maxSymbol) + 1
+	s.clearCount = maxCount != 0
+}
+
+// allocCtable will allocate tables needed for compression.
+// If existing tables a re big enough, they are simply re-used.
+func (s *fseEncoder) allocCtable() {
+	tableSize := 1 << s.actualTableLog
+	// get tableSymbol that is big enough.
+	if cap(s.ct.tableSymbol) < tableSize {
+		s.ct.tableSymbol = make([]byte, tableSize)
+	}
+	s.ct.tableSymbol = s.ct.tableSymbol[:tableSize]
+
+	ctSize := tableSize
+	if cap(s.ct.stateTable) < ctSize {
+		s.ct.stateTable = make([]uint16, ctSize)
+	}
+	s.ct.stateTable = s.ct.stateTable[:ctSize]
+
+	if cap(s.ct.symbolTT) < 256 {
+		s.ct.symbolTT = make([]symbolTransform, 256)
+	}
+	s.ct.symbolTT = s.ct.symbolTT[:256]
+}
+
+// buildCTable will populate the compression table so it is ready to be used.
+func (s *fseEncoder) buildCTable() error {
+	tableSize := uint32(1 << s.actualTableLog)
+	highThreshold := tableSize - 1
+	var cumul [256]int16
+
+	s.allocCtable()
+	tableSymbol := s.ct.tableSymbol[:tableSize]
+	// symbol start positions
+	{
+		cumul[0] = 0
+		for ui, v := range s.norm[:s.symbolLen-1] {
+			u := byte(ui) // one less than reference
+			if v == -1 {
+				// Low proba symbol
+				cumul[u+1] = cumul[u] + 1
+				tableSymbol[highThreshold] = u
+				highThreshold--
+			} else {
+				cumul[u+1] = cumul[u] + v
+			}
+		}
+		// Encode last symbol separately to avoid overflowing u
+		u := int(s.symbolLen - 1)
+		v := s.norm[s.symbolLen-1]
+		if v == -1 {
+			// Low proba symbol
+			cumul[u+1] = cumul[u] + 1
+			tableSymbol[highThreshold] = byte(u)
+			highThreshold--
+		} else {
+			cumul[u+1] = cumul[u] + v
+		}
+		if uint32(cumul[s.symbolLen]) != tableSize {
+			return fmt.Errorf("internal error: expected cumul[s.symbolLen] (%d) == tableSize (%d)", cumul[s.symbolLen], tableSize)
+		}
+		cumul[s.symbolLen] = int16(tableSize) + 1
+	}
+	// Spread symbols
+	s.zeroBits = false
+	{
+		step := tableStep(tableSize)
+		tableMask := tableSize - 1
+		var position uint32
+		// if any symbol > largeLimit, we may have 0 bits output.
+		largeLimit := int16(1 << (s.actualTableLog - 1))
+		for ui, v := range s.norm[:s.symbolLen] {
+			symbol := byte(ui)
+			if v > largeLimit {
+				s.zeroBits = true
+			}
+			for nbOccurrences := int16(0); nbOccurrences < v; nbOccurrences++ {
+				tableSymbol[position] = symbol
+				position = (position + step) & tableMask
+				for position > highThreshold {
+					position = (position + step) & tableMask
+				} /* Low proba area */
+			}
+		}
+
+		// Check if we have gone through all positions
+		if position != 0 {
+			return errors.New("position!=0")
+		}
+	}
+
+	// Build table
+	table := s.ct.stateTable
+	{
+		tsi := int(tableSize)
+		for u, v := range tableSymbol {
+			// TableU16 : sorted by symbol order; gives next state value
+			table[cumul[v]] = uint16(tsi + u)
+			cumul[v]++
+		}
+	}
+
+	// Build Symbol Transformation Table
+	{
+		total := int16(0)
+		symbolTT := s.ct.symbolTT[:s.symbolLen]
+		tableLog := s.actualTableLog
+		tl := (uint32(tableLog) << 16) - (1 << tableLog)
+		for i, v := range s.norm[:s.symbolLen] {
+			switch v {
+			case 0:
+			case -1, 1:
+				symbolTT[i].deltaNbBits = tl
+				symbolTT[i].deltaFindState = total - 1
+				total++
+			default:
+				maxBitsOut := uint32(tableLog) - highBit(uint32(v-1))
+				minStatePlus := uint32(v) << maxBitsOut
+				symbolTT[i].deltaNbBits = (maxBitsOut << 16) - minStatePlus
+				symbolTT[i].deltaFindState = total - v
+				total += v
+			}
+		}
+		if total != int16(tableSize) {
+			return fmt.Errorf("total mismatch %d (got) != %d (want)", total, tableSize)
+		}
+	}
+	return nil
+}
+
+var rtbTable = [...]uint32{0, 473195, 504333, 520860, 550000, 700000, 750000, 830000}
+
+func (s *fseEncoder) setRLE(val byte) {
+	s.allocCtable()
+	s.actualTableLog = 0
+	s.ct.stateTable = s.ct.stateTable[:1]
+	s.ct.symbolTT[val] = symbolTransform{
+		deltaFindState: 0,
+		deltaNbBits:    0,
+	}
+	if debugEncoder {
+		println("setRLE: val", val, "symbolTT", s.ct.symbolTT[val])
+	}
+	s.rleVal = val
+	s.useRLE = true
+}
+
+// setBits will set output bits for the transform.
+// if nil is provided, the number of bits is equal to the index.
+func (s *fseEncoder) setBits(transform []byte) {
+	if s.reUsed || s.preDefined {
+		return
+	}
+	if s.useRLE {
+		if transform == nil {
+			s.ct.symbolTT[s.rleVal].outBits = s.rleVal
+			s.maxBits = s.rleVal
+			return
+		}
+		s.maxBits = transform[s.rleVal]
+		s.ct.symbolTT[s.rleVal].outBits = s.maxBits
+		return
+	}
+	if transform == nil {
+		for i := range s.ct.symbolTT[:s.symbolLen] {
+			s.ct.symbolTT[i].outBits = uint8(i)
+		}
+		s.maxBits = uint8(s.symbolLen - 1)
+		return
+	}
+	s.maxBits = 0
+	for i, v := range transform[:s.symbolLen] {
+		s.ct.symbolTT[i].outBits = v
+		if v > s.maxBits {
+			// We could assume bits always going up, but we play safe.
+			s.maxBits = v
+		}
+	}
+}
+
+// normalizeCount will normalize the count of the symbols so
+// the total is equal to the table size.
+// If successful, compression tables will also be made ready.
+func (s *fseEncoder) normalizeCount(length int) error {
+	if s.reUsed {
+		return nil
+	}
+	s.optimalTableLog(length)
+	var (
+		tableLog          = s.actualTableLog
+		scale             = 62 - uint64(tableLog)
+		step              = (1 << 62) / uint64(length)
+		vStep             = uint64(1) << (scale - 20)
+		stillToDistribute = int16(1 << tableLog)
+		largest           int
+		largestP          int16
+		lowThreshold      = (uint32)(length >> tableLog)
+	)
+	if s.maxCount == length {
+		s.useRLE = true
+		return nil
+	}
+	s.useRLE = false
+	for i, cnt := range s.count[:s.symbolLen] {
+		// already handled
+		// if (count[s] == s.length) return 0;   /* rle special case */
+
+		if cnt == 0 {
+			s.norm[i] = 0
+			continue
+		}
+		if cnt <= lowThreshold {
+			s.norm[i] = -1
+			stillToDistribute--
+		} else {
+			proba := (int16)((uint64(cnt) * step) >> scale)
+			if proba < 8 {
+				restToBeat := vStep * uint64(rtbTable[proba])
+				v := uint64(cnt)*step - (uint64(proba) << scale)
+				if v > restToBeat {
+					proba++
+				}
+			}
+			if proba > largestP {
+				largestP = proba
+				largest = i
+			}
+			s.norm[i] = proba
+			stillToDistribute -= proba
+		}
+	}
+
+	if -stillToDistribute >= (s.norm[largest] >> 1) {
+		// corner case, need another normalization method
+		err := s.normalizeCount2(length)
+		if err != nil {
+			return err
+		}
+		if debugAsserts {
+			err = s.validateNorm()
+			if err != nil {
+				return err
+			}
+		}
+		return s.buildCTable()
+	}
+	s.norm[largest] += stillToDistribute
+	if debugAsserts {
+		err := s.validateNorm()
+		if err != nil {
+			return err
+		}
+	}
+	return s.buildCTable()
+}
+
+// Secondary normalization method.
+// To be used when primary method fails.
+func (s *fseEncoder) normalizeCount2(length int) error {
+	const notYetAssigned = -2
+	var (
+		distributed  uint32
+		total        = uint32(length)
+		tableLog     = s.actualTableLog
+		lowThreshold = total >> tableLog
+		lowOne       = (total * 3) >> (tableLog + 1)
+	)
+	for i, cnt := range s.count[:s.symbolLen] {
+		if cnt == 0 {
+			s.norm[i] = 0
+			continue
+		}
+		if cnt <= lowThreshold {
+			s.norm[i] = -1
+			distributed++
+			total -= cnt
+			continue
+		}
+		if cnt <= lowOne {
+			s.norm[i] = 1
+			distributed++
+			total -= cnt
+			continue
+		}
+		s.norm[i] = notYetAssigned
+	}
+	toDistribute := (1 << tableLog) - distributed
+
+	if (total / toDistribute) > lowOne {
+		// risk of rounding to zero
+		lowOne = (total * 3) / (toDistribute * 2)
+		for i, cnt := range s.count[:s.symbolLen] {
+			if (s.norm[i] == notYetAssigned) && (cnt <= lowOne) {
+				s.norm[i] = 1
+				distributed++
+				total -= cnt
+				continue
+			}
+		}
+		toDistribute = (1 << tableLog) - distributed
+	}
+	if distributed == uint32(s.symbolLen)+1 {
+		// all values are pretty poor;
+		//   probably incompressible data (should have already been detected);
+		//   find max, then give all remaining points to max
+		var maxV int
+		var maxC uint32
+		for i, cnt := range s.count[:s.symbolLen] {
+			if cnt > maxC {
+				maxV = i
+				maxC = cnt
+			}
+		}
+		s.norm[maxV] += int16(toDistribute)
+		return nil
+	}
+
+	if total == 0 {
+		// all of the symbols were low enough for the lowOne or lowThreshold
+		for i := uint32(0); toDistribute > 0; i = (i + 1) % (uint32(s.symbolLen)) {
+			if s.norm[i] > 0 {
+				toDistribute--
+				s.norm[i]++
+			}
+		}
+		return nil
+	}
+
+	var (
+		vStepLog = 62 - uint64(tableLog)
+		mid      = uint64((1 << (vStepLog - 1)) - 1)
+		rStep    = (((1 << vStepLog) * uint64(toDistribute)) + mid) / uint64(total) // scale on remaining
+		tmpTotal = mid
+	)
+	for i, cnt := range s.count[:s.symbolLen] {
+		if s.norm[i] == notYetAssigned {
+			var (
+				end    = tmpTotal + uint64(cnt)*rStep
+				sStart = uint32(tmpTotal >> vStepLog)
+				sEnd   = uint32(end >> vStepLog)
+				weight = sEnd - sStart
+			)
+			if weight < 1 {
+				return errors.New("weight < 1")
+			}
+			s.norm[i] = int16(weight)
+			tmpTotal = end
+		}
+	}
+	return nil
+}
+
+// optimalTableLog calculates and sets the optimal tableLog in s.actualTableLog
+func (s *fseEncoder) optimalTableLog(length int) {
+	tableLog := uint8(maxEncTableLog)
+	minBitsSrc := highBit(uint32(length)) + 1
+	minBitsSymbols := highBit(uint32(s.symbolLen-1)) + 2
+	minBits := uint8(minBitsSymbols)
+	if minBitsSrc < minBitsSymbols {
+		minBits = uint8(minBitsSrc)
+	}
+
+	maxBitsSrc := uint8(highBit(uint32(length-1))) - 2
+	if maxBitsSrc < tableLog {
+		// Accuracy can be reduced
+		tableLog = maxBitsSrc
+	}
+	if minBits > tableLog {
+		tableLog = minBits
+	}
+	// Need a minimum to safely represent all symbol values
+	if tableLog < minEncTablelog {
+		tableLog = minEncTablelog
+	}
+	if tableLog > maxEncTableLog {
+		tableLog = maxEncTableLog
+	}
+	s.actualTableLog = tableLog
+}
+
+// validateNorm validates the normalized histogram table.
+func (s *fseEncoder) validateNorm() (err error) {
+	var total int
+	for _, v := range s.norm[:s.symbolLen] {
+		if v >= 0 {
+			total += int(v)
+		} else {
+			total -= int(v)
+		}
+	}
+	defer func() {
+		if err == nil {
+			return
+		}
+		fmt.Printf("selected TableLog: %d, Symbol length: %d\n", s.actualTableLog, s.symbolLen)
+		for i, v := range s.norm[:s.symbolLen] {
+			fmt.Printf("%3d: %5d -> %4d \n", i, s.count[i], v)
+		}
+	}()
+	if total != (1 << s.actualTableLog) {
+		return fmt.Errorf("warning: Total == %d != %d", total, 1<> 3) + 3 + 2
+
+		// Write Table Size
+		bitStream = uint32(tableLog - minEncTablelog)
+		bitCount  = uint(4)
+		remaining = int16(tableSize + 1) /* +1 for extra accuracy */
+		threshold = int16(tableSize)
+		nbBits    = uint(tableLog + 1)
+		outP      = len(out)
+	)
+	if cap(out) < outP+maxHeaderSize {
+		out = append(out, make([]byte, maxHeaderSize*3)...)
+		out = out[:len(out)-maxHeaderSize*3]
+	}
+	out = out[:outP+maxHeaderSize]
+
+	// stops at 1
+	for remaining > 1 {
+		if previous0 {
+			start := charnum
+			for s.norm[charnum] == 0 {
+				charnum++
+			}
+			for charnum >= start+24 {
+				start += 24
+				bitStream += uint32(0xFFFF) << bitCount
+				out[outP] = byte(bitStream)
+				out[outP+1] = byte(bitStream >> 8)
+				outP += 2
+				bitStream >>= 16
+			}
+			for charnum >= start+3 {
+				start += 3
+				bitStream += 3 << bitCount
+				bitCount += 2
+			}
+			bitStream += uint32(charnum-start) << bitCount
+			bitCount += 2
+			if bitCount > 16 {
+				out[outP] = byte(bitStream)
+				out[outP+1] = byte(bitStream >> 8)
+				outP += 2
+				bitStream >>= 16
+				bitCount -= 16
+			}
+		}
+
+		count := s.norm[charnum]
+		charnum++
+		max := (2*threshold - 1) - remaining
+		if count < 0 {
+			remaining += count
+		} else {
+			remaining -= count
+		}
+		count++ // +1 for extra accuracy
+		if count >= threshold {
+			count += max // [0..max[ [max..threshold[ (...) [threshold+max 2*threshold[
+		}
+		bitStream += uint32(count) << bitCount
+		bitCount += nbBits
+		if count < max {
+			bitCount--
+		}
+
+		previous0 = count == 1
+		if remaining < 1 {
+			return nil, errors.New("internal error: remaining < 1")
+		}
+		for remaining < threshold {
+			nbBits--
+			threshold >>= 1
+		}
+
+		if bitCount > 16 {
+			out[outP] = byte(bitStream)
+			out[outP+1] = byte(bitStream >> 8)
+			outP += 2
+			bitStream >>= 16
+			bitCount -= 16
+		}
+	}
+
+	if outP+2 > len(out) {
+		return nil, fmt.Errorf("internal error: %d > %d, maxheader: %d, sl: %d, tl: %d, normcount: %v", outP+2, len(out), maxHeaderSize, s.symbolLen, int(tableLog), s.norm[:s.symbolLen])
+	}
+	out[outP] = byte(bitStream)
+	out[outP+1] = byte(bitStream >> 8)
+	outP += int((bitCount + 7) / 8)
+
+	if charnum > s.symbolLen {
+		return nil, errors.New("internal error: charnum > s.symbolLen")
+	}
+	return out[:outP], nil
+}
+
+// Approximate symbol cost, as fractional value, using fixed-point format (accuracyLog fractional bits)
+// note 1 : assume symbolValue is valid (<= maxSymbolValue)
+// note 2 : if freq[symbolValue]==0, @return a fake cost of tableLog+1 bits *
+func (s *fseEncoder) bitCost(symbolValue uint8, accuracyLog uint32) uint32 {
+	minNbBits := s.ct.symbolTT[symbolValue].deltaNbBits >> 16
+	threshold := (minNbBits + 1) << 16
+	if debugAsserts {
+		if !(s.actualTableLog < 16) {
+			panic("!s.actualTableLog < 16")
+		}
+		// ensure enough room for renormalization double shift
+		if !(uint8(accuracyLog) < 31-s.actualTableLog) {
+			panic("!uint8(accuracyLog) < 31-s.actualTableLog")
+		}
+	}
+	tableSize := uint32(1) << s.actualTableLog
+	deltaFromThreshold := threshold - (s.ct.symbolTT[symbolValue].deltaNbBits + tableSize)
+	// linear interpolation (very approximate)
+	normalizedDeltaFromThreshold := (deltaFromThreshold << accuracyLog) >> s.actualTableLog
+	bitMultiplier := uint32(1) << accuracyLog
+	if debugAsserts {
+		if s.ct.symbolTT[symbolValue].deltaNbBits+tableSize > threshold {
+			panic("s.ct.symbolTT[symbolValue].deltaNbBits+tableSize > threshold")
+		}
+		if normalizedDeltaFromThreshold > bitMultiplier {
+			panic("normalizedDeltaFromThreshold > bitMultiplier")
+		}
+	}
+	return (minNbBits+1)*bitMultiplier - normalizedDeltaFromThreshold
+}
+
+// Returns the cost in bits of encoding the distribution in count using ctable.
+// Histogram should only be up to the last non-zero symbol.
+// Returns an -1 if ctable cannot represent all the symbols in count.
+func (s *fseEncoder) approxSize(hist []uint32) uint32 {
+	if int(s.symbolLen) < len(hist) {
+		// More symbols than we have.
+		return math.MaxUint32
+	}
+	if s.useRLE {
+		// We will never reuse RLE encoders.
+		return math.MaxUint32
+	}
+	const kAccuracyLog = 8
+	badCost := (uint32(s.actualTableLog) + 1) << kAccuracyLog
+	var cost uint32
+	for i, v := range hist {
+		if v == 0 {
+			continue
+		}
+		if s.norm[i] == 0 {
+			return math.MaxUint32
+		}
+		bitCost := s.bitCost(uint8(i), kAccuracyLog)
+		if bitCost > badCost {
+			return math.MaxUint32
+		}
+		cost += v * bitCost
+	}
+	return cost >> kAccuracyLog
+}
+
+// maxHeaderSize returns the maximum header size in bits.
+// This is not exact size, but we want a penalty for new tables anyway.
+func (s *fseEncoder) maxHeaderSize() uint32 {
+	if s.preDefined {
+		return 0
+	}
+	if s.useRLE {
+		return 8
+	}
+	return (((uint32(s.symbolLen) * uint32(s.actualTableLog)) >> 3) + 3) * 8
+}
+
+// cState contains the compression state of a stream.
+type cState struct {
+	bw         *bitWriter
+	stateTable []uint16
+	state      uint16
+}
+
+// init will initialize the compression state to the first symbol of the stream.
+func (c *cState) init(bw *bitWriter, ct *cTable, first symbolTransform) {
+	c.bw = bw
+	c.stateTable = ct.stateTable
+	if len(c.stateTable) == 1 {
+		// RLE
+		c.stateTable[0] = uint16(0)
+		c.state = 0
+		return
+	}
+	nbBitsOut := (first.deltaNbBits + (1 << 15)) >> 16
+	im := int32((nbBitsOut << 16) - first.deltaNbBits)
+	lu := (im >> nbBitsOut) + int32(first.deltaFindState)
+	c.state = c.stateTable[lu]
+}
+
+// flush will write the tablelog to the output and flush the remaining full bytes.
+func (c *cState) flush(tableLog uint8) {
+	c.bw.flush32()
+	c.bw.addBits16NC(c.state, tableLog)
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_predefined.go b/vendor/github.com/klauspost/compress/zstd/fse_predefined.go
new file mode 100644
index 000000000..474cb77d2
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/fse_predefined.go
@@ -0,0 +1,158 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"fmt"
+	"math"
+	"sync"
+)
+
+var (
+	// fsePredef are the predefined fse tables as defined here:
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#default-distributions
+	// These values are already transformed.
+	fsePredef [3]fseDecoder
+
+	// fsePredefEnc are the predefined encoder based on fse tables as defined here:
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#default-distributions
+	// These values are already transformed.
+	fsePredefEnc [3]fseEncoder
+
+	// symbolTableX contain the transformations needed for each type as defined in
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#the-codes-for-literals-lengths-match-lengths-and-offsets
+	symbolTableX [3][]baseOffset
+
+	// maxTableSymbol is the biggest supported symbol for each table type
+	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#the-codes-for-literals-lengths-match-lengths-and-offsets
+	maxTableSymbol = [3]uint8{tableLiteralLengths: maxLiteralLengthSymbol, tableOffsets: maxOffsetLengthSymbol, tableMatchLengths: maxMatchLengthSymbol}
+
+	// bitTables is the bits table for each table.
+	bitTables = [3][]byte{tableLiteralLengths: llBitsTable[:], tableOffsets: nil, tableMatchLengths: mlBitsTable[:]}
+)
+
+type tableIndex uint8
+
+const (
+	// indexes for fsePredef and symbolTableX
+	tableLiteralLengths tableIndex = 0
+	tableOffsets        tableIndex = 1
+	tableMatchLengths   tableIndex = 2
+
+	maxLiteralLengthSymbol = 35
+	maxOffsetLengthSymbol  = 30
+	maxMatchLengthSymbol   = 52
+)
+
+// baseOffset is used for calculating transformations.
+type baseOffset struct {
+	baseLine uint32
+	addBits  uint8
+}
+
+// fillBase will precalculate base offsets with the given bit distributions.
+func fillBase(dst []baseOffset, base uint32, bits ...uint8) {
+	if len(bits) != len(dst) {
+		panic(fmt.Sprintf("len(dst) (%d) != len(bits) (%d)", len(dst), len(bits)))
+	}
+	for i, bit := range bits {
+		if base > math.MaxInt32 {
+			panic("invalid decoding table, base overflows int32")
+		}
+
+		dst[i] = baseOffset{
+			baseLine: base,
+			addBits:  bit,
+		}
+		base += 1 << bit
+	}
+}
+
+var predef sync.Once
+
+func initPredefined() {
+	predef.Do(func() {
+		// Literals length codes
+		tmp := make([]baseOffset, 36)
+		for i := range tmp[:16] {
+			tmp[i] = baseOffset{
+				baseLine: uint32(i),
+				addBits:  0,
+			}
+		}
+		fillBase(tmp[16:], 16, 1, 1, 1, 1, 2, 2, 3, 3, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
+		symbolTableX[tableLiteralLengths] = tmp
+
+		// Match length codes
+		tmp = make([]baseOffset, 53)
+		for i := range tmp[:32] {
+			tmp[i] = baseOffset{
+				// The transformation adds the 3 length.
+				baseLine: uint32(i) + 3,
+				addBits:  0,
+			}
+		}
+		fillBase(tmp[32:], 35, 1, 1, 1, 1, 2, 2, 3, 3, 4, 4, 5, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
+		symbolTableX[tableMatchLengths] = tmp
+
+		// Offset codes
+		tmp = make([]baseOffset, maxOffsetBits+1)
+		tmp[1] = baseOffset{
+			baseLine: 1,
+			addBits:  1,
+		}
+		fillBase(tmp[2:], 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
+		symbolTableX[tableOffsets] = tmp
+
+		// Fill predefined tables and transform them.
+		// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#default-distributions
+		for i := range fsePredef[:] {
+			f := &fsePredef[i]
+			switch tableIndex(i) {
+			case tableLiteralLengths:
+				// https://github.com/facebook/zstd/blob/ededcfca57366461021c922720878c81a5854a0a/lib/decompress/zstd_decompress_block.c#L243
+				f.actualTableLog = 6
+				copy(f.norm[:], []int16{4, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1,
+					2, 2, 2, 2, 2, 2, 2, 2, 2, 3, 2, 1, 1, 1, 1, 1,
+					-1, -1, -1, -1})
+				f.symbolLen = 36
+			case tableOffsets:
+				// https://github.com/facebook/zstd/blob/ededcfca57366461021c922720878c81a5854a0a/lib/decompress/zstd_decompress_block.c#L281
+				f.actualTableLog = 5
+				copy(f.norm[:], []int16{
+					1, 1, 1, 1, 1, 1, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1,
+					1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1})
+				f.symbolLen = 29
+			case tableMatchLengths:
+				//https://github.com/facebook/zstd/blob/ededcfca57366461021c922720878c81a5854a0a/lib/decompress/zstd_decompress_block.c#L304
+				f.actualTableLog = 6
+				copy(f.norm[:], []int16{
+					1, 4, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1,
+					1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+					1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, -1, -1,
+					-1, -1, -1, -1, -1})
+				f.symbolLen = 53
+			}
+			if err := f.buildDtable(); err != nil {
+				panic(fmt.Errorf("building table %v: %v", tableIndex(i), err))
+			}
+			if err := f.transform(symbolTableX[i]); err != nil {
+				panic(fmt.Errorf("building table %v: %v", tableIndex(i), err))
+			}
+			f.preDefined = true
+
+			// Create encoder as well
+			enc := &fsePredefEnc[i]
+			copy(enc.norm[:], f.norm[:])
+			enc.symbolLen = f.symbolLen
+			enc.actualTableLog = f.actualTableLog
+			if err := enc.buildCTable(); err != nil {
+				panic(fmt.Errorf("building encoding table %v: %v", tableIndex(i), err))
+			}
+			enc.setBits(bitTables[i])
+			enc.preDefined = true
+		}
+	})
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/hash.go b/vendor/github.com/klauspost/compress/zstd/hash.go
new file mode 100644
index 000000000..5d73c21eb
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/hash.go
@@ -0,0 +1,35 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+const (
+	prime3bytes = 506832829
+	prime4bytes = 2654435761
+	prime5bytes = 889523592379
+	prime6bytes = 227718039650203
+	prime7bytes = 58295818150454627
+	prime8bytes = 0xcf1bbcdcb7a56463
+)
+
+// hashLen returns a hash of the lowest mls bytes of with length output bits.
+// mls must be >=3 and <=8. Any other value will return hash for 4 bytes.
+// length should always be < 32.
+// Preferably length and mls should be a constant for inlining.
+func hashLen(u uint64, length, mls uint8) uint32 {
+	switch mls {
+	case 3:
+		return (uint32(u<<8) * prime3bytes) >> (32 - length)
+	case 5:
+		return uint32(((u << (64 - 40)) * prime5bytes) >> (64 - length))
+	case 6:
+		return uint32(((u << (64 - 48)) * prime6bytes) >> (64 - length))
+	case 7:
+		return uint32(((u << (64 - 56)) * prime7bytes) >> (64 - length))
+	case 8:
+		return uint32((u * prime8bytes) >> (64 - length))
+	default:
+		return (uint32(u) * prime4bytes) >> (32 - length)
+	}
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/history.go b/vendor/github.com/klauspost/compress/zstd/history.go
new file mode 100644
index 000000000..09164856d
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/history.go
@@ -0,0 +1,116 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"github.com/klauspost/compress/huff0"
+)
+
+// history contains the information transferred between blocks.
+type history struct {
+	// Literal decompression
+	huffTree *huff0.Scratch
+
+	// Sequence decompression
+	decoders      sequenceDecs
+	recentOffsets [3]int
+
+	// History buffer...
+	b []byte
+
+	// ignoreBuffer is meant to ignore a number of bytes
+	// when checking for matches in history
+	ignoreBuffer int
+
+	windowSize       int
+	allocFrameBuffer int // needed?
+	error            bool
+	dict             *dict
+}
+
+// reset will reset the history to initial state of a frame.
+// The history must already have been initialized to the desired size.
+func (h *history) reset() {
+	h.b = h.b[:0]
+	h.ignoreBuffer = 0
+	h.error = false
+	h.recentOffsets = [3]int{1, 4, 8}
+	h.decoders.freeDecoders()
+	h.decoders = sequenceDecs{br: h.decoders.br}
+	h.freeHuffDecoder()
+	h.huffTree = nil
+	h.dict = nil
+	//printf("history created: %+v (l: %d, c: %d)", *h, len(h.b), cap(h.b))
+}
+
+func (h *history) freeHuffDecoder() {
+	if h.huffTree != nil {
+		if h.dict == nil || h.dict.litEnc != h.huffTree {
+			huffDecoderPool.Put(h.huffTree)
+			h.huffTree = nil
+		}
+	}
+}
+
+func (h *history) setDict(dict *dict) {
+	if dict == nil {
+		return
+	}
+	h.dict = dict
+	h.decoders.litLengths = dict.llDec
+	h.decoders.offsets = dict.ofDec
+	h.decoders.matchLengths = dict.mlDec
+	h.decoders.dict = dict.content
+	h.recentOffsets = dict.offsets
+	h.huffTree = dict.litEnc
+}
+
+// append bytes to history.
+// This function will make sure there is space for it,
+// if the buffer has been allocated with enough extra space.
+func (h *history) append(b []byte) {
+	if len(b) >= h.windowSize {
+		// Discard all history by simply overwriting
+		h.b = h.b[:h.windowSize]
+		copy(h.b, b[len(b)-h.windowSize:])
+		return
+	}
+
+	// If there is space, append it.
+	if len(b) < cap(h.b)-len(h.b) {
+		h.b = append(h.b, b...)
+		return
+	}
+
+	// Move data down so we only have window size left.
+	// We know we have less than window size in b at this point.
+	discard := len(b) + len(h.b) - h.windowSize
+	copy(h.b, h.b[discard:])
+	h.b = h.b[:h.windowSize]
+	copy(h.b[h.windowSize-len(b):], b)
+}
+
+// ensureBlock will ensure there is space for at least one block...
+func (h *history) ensureBlock() {
+	if cap(h.b) < h.allocFrameBuffer {
+		h.b = make([]byte, 0, h.allocFrameBuffer)
+		return
+	}
+
+	avail := cap(h.b) - len(h.b)
+	if avail >= h.windowSize || avail > maxCompressedBlockSize {
+		return
+	}
+	// Move data down so we only have window size left.
+	// We know we have less than window size in b at this point.
+	discard := len(h.b) - h.windowSize
+	copy(h.b, h.b[discard:])
+	h.b = h.b[:h.windowSize]
+}
+
+// append bytes to history without ever discarding anything.
+func (h *history) appendKeep(b []byte) {
+	h.b = append(h.b, b...)
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/LICENSE.txt b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/LICENSE.txt
new file mode 100644
index 000000000..24b53065f
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/LICENSE.txt
@@ -0,0 +1,22 @@
+Copyright (c) 2016 Caleb Spare
+
+MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/README.md b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/README.md
new file mode 100644
index 000000000..777290d44
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/README.md
@@ -0,0 +1,71 @@
+# xxhash
+
+VENDORED: Go to [github.com/cespare/xxhash](https://github.com/cespare/xxhash) for original package.
+
+xxhash is a Go implementation of the 64-bit [xxHash] algorithm, XXH64. This is a
+high-quality hashing algorithm that is much faster than anything in the Go
+standard library.
+
+This package provides a straightforward API:
+
+```
+func Sum64(b []byte) uint64
+func Sum64String(s string) uint64
+type Digest struct{ ... }
+    func New() *Digest
+```
+
+The `Digest` type implements hash.Hash64. Its key methods are:
+
+```
+func (*Digest) Write([]byte) (int, error)
+func (*Digest) WriteString(string) (int, error)
+func (*Digest) Sum64() uint64
+```
+
+The package is written with optimized pure Go and also contains even faster
+assembly implementations for amd64 and arm64. If desired, the `purego` build tag
+opts into using the Go code even on those architectures.
+
+[xxHash]: http://cyan4973.github.io/xxHash/
+
+## Compatibility
+
+This package is in a module and the latest code is in version 2 of the module.
+You need a version of Go with at least "minimal module compatibility" to use
+github.com/cespare/xxhash/v2:
+
+* 1.9.7+ for Go 1.9
+* 1.10.3+ for Go 1.10
+* Go 1.11 or later
+
+I recommend using the latest release of Go.
+
+## Benchmarks
+
+Here are some quick benchmarks comparing the pure-Go and assembly
+implementations of Sum64.
+
+| input size | purego    | asm       |
+| ---------- | --------- | --------- |
+| 4 B        |  1.3 GB/s |  1.2 GB/s |
+| 16 B       |  2.9 GB/s |  3.5 GB/s |
+| 100 B      |  6.9 GB/s |  8.1 GB/s |
+| 4 KB       | 11.7 GB/s | 16.7 GB/s |
+| 10 MB      | 12.0 GB/s | 17.3 GB/s |
+
+These numbers were generated on Ubuntu 20.04 with an Intel Xeon Platinum 8252C
+CPU using the following commands under Go 1.19.2:
+
+```
+benchstat <(go test -tags purego -benchtime 500ms -count 15 -bench 'Sum64$')
+benchstat <(go test -benchtime 500ms -count 15 -bench 'Sum64$')
+```
+
+## Projects using this package
+
+- [InfluxDB](https://github.com/influxdata/influxdb)
+- [Prometheus](https://github.com/prometheus/prometheus)
+- [VictoriaMetrics](https://github.com/VictoriaMetrics/VictoriaMetrics)
+- [FreeCache](https://github.com/coocood/freecache)
+- [FastCache](https://github.com/VictoriaMetrics/fastcache)
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash.go
new file mode 100644
index 000000000..fc40c8200
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash.go
@@ -0,0 +1,230 @@
+// Package xxhash implements the 64-bit variant of xxHash (XXH64) as described
+// at http://cyan4973.github.io/xxHash/.
+// THIS IS VENDORED: Go to github.com/cespare/xxhash for original package.
+
+package xxhash
+
+import (
+	"encoding/binary"
+	"errors"
+	"math/bits"
+)
+
+const (
+	prime1 uint64 = 11400714785074694791
+	prime2 uint64 = 14029467366897019727
+	prime3 uint64 = 1609587929392839161
+	prime4 uint64 = 9650029242287828579
+	prime5 uint64 = 2870177450012600261
+)
+
+// Store the primes in an array as well.
+//
+// The consts are used when possible in Go code to avoid MOVs but we need a
+// contiguous array of the assembly code.
+var primes = [...]uint64{prime1, prime2, prime3, prime4, prime5}
+
+// Digest implements hash.Hash64.
+type Digest struct {
+	v1    uint64
+	v2    uint64
+	v3    uint64
+	v4    uint64
+	total uint64
+	mem   [32]byte
+	n     int // how much of mem is used
+}
+
+// New creates a new Digest that computes the 64-bit xxHash algorithm.
+func New() *Digest {
+	var d Digest
+	d.Reset()
+	return &d
+}
+
+// Reset clears the Digest's state so that it can be reused.
+func (d *Digest) Reset() {
+	d.v1 = primes[0] + prime2
+	d.v2 = prime2
+	d.v3 = 0
+	d.v4 = -primes[0]
+	d.total = 0
+	d.n = 0
+}
+
+// Size always returns 8 bytes.
+func (d *Digest) Size() int { return 8 }
+
+// BlockSize always returns 32 bytes.
+func (d *Digest) BlockSize() int { return 32 }
+
+// Write adds more data to d. It always returns len(b), nil.
+func (d *Digest) Write(b []byte) (n int, err error) {
+	n = len(b)
+	d.total += uint64(n)
+
+	memleft := d.mem[d.n&(len(d.mem)-1):]
+
+	if d.n+n < 32 {
+		// This new data doesn't even fill the current block.
+		copy(memleft, b)
+		d.n += n
+		return
+	}
+
+	if d.n > 0 {
+		// Finish off the partial block.
+		c := copy(memleft, b)
+		d.v1 = round(d.v1, u64(d.mem[0:8]))
+		d.v2 = round(d.v2, u64(d.mem[8:16]))
+		d.v3 = round(d.v3, u64(d.mem[16:24]))
+		d.v4 = round(d.v4, u64(d.mem[24:32]))
+		b = b[c:]
+		d.n = 0
+	}
+
+	if len(b) >= 32 {
+		// One or more full blocks left.
+		nw := writeBlocks(d, b)
+		b = b[nw:]
+	}
+
+	// Store any remaining partial block.
+	copy(d.mem[:], b)
+	d.n = len(b)
+
+	return
+}
+
+// Sum appends the current hash to b and returns the resulting slice.
+func (d *Digest) Sum(b []byte) []byte {
+	s := d.Sum64()
+	return append(
+		b,
+		byte(s>>56),
+		byte(s>>48),
+		byte(s>>40),
+		byte(s>>32),
+		byte(s>>24),
+		byte(s>>16),
+		byte(s>>8),
+		byte(s),
+	)
+}
+
+// Sum64 returns the current hash.
+func (d *Digest) Sum64() uint64 {
+	var h uint64
+
+	if d.total >= 32 {
+		v1, v2, v3, v4 := d.v1, d.v2, d.v3, d.v4
+		h = rol1(v1) + rol7(v2) + rol12(v3) + rol18(v4)
+		h = mergeRound(h, v1)
+		h = mergeRound(h, v2)
+		h = mergeRound(h, v3)
+		h = mergeRound(h, v4)
+	} else {
+		h = d.v3 + prime5
+	}
+
+	h += d.total
+
+	b := d.mem[:d.n&(len(d.mem)-1)]
+	for ; len(b) >= 8; b = b[8:] {
+		k1 := round(0, u64(b[:8]))
+		h ^= k1
+		h = rol27(h)*prime1 + prime4
+	}
+	if len(b) >= 4 {
+		h ^= uint64(u32(b[:4])) * prime1
+		h = rol23(h)*prime2 + prime3
+		b = b[4:]
+	}
+	for ; len(b) > 0; b = b[1:] {
+		h ^= uint64(b[0]) * prime5
+		h = rol11(h) * prime1
+	}
+
+	h ^= h >> 33
+	h *= prime2
+	h ^= h >> 29
+	h *= prime3
+	h ^= h >> 32
+
+	return h
+}
+
+const (
+	magic         = "xxh\x06"
+	marshaledSize = len(magic) + 8*5 + 32
+)
+
+// MarshalBinary implements the encoding.BinaryMarshaler interface.
+func (d *Digest) MarshalBinary() ([]byte, error) {
+	b := make([]byte, 0, marshaledSize)
+	b = append(b, magic...)
+	b = appendUint64(b, d.v1)
+	b = appendUint64(b, d.v2)
+	b = appendUint64(b, d.v3)
+	b = appendUint64(b, d.v4)
+	b = appendUint64(b, d.total)
+	b = append(b, d.mem[:d.n]...)
+	b = b[:len(b)+len(d.mem)-d.n]
+	return b, nil
+}
+
+// UnmarshalBinary implements the encoding.BinaryUnmarshaler interface.
+func (d *Digest) UnmarshalBinary(b []byte) error {
+	if len(b) < len(magic) || string(b[:len(magic)]) != magic {
+		return errors.New("xxhash: invalid hash state identifier")
+	}
+	if len(b) != marshaledSize {
+		return errors.New("xxhash: invalid hash state size")
+	}
+	b = b[len(magic):]
+	b, d.v1 = consumeUint64(b)
+	b, d.v2 = consumeUint64(b)
+	b, d.v3 = consumeUint64(b)
+	b, d.v4 = consumeUint64(b)
+	b, d.total = consumeUint64(b)
+	copy(d.mem[:], b)
+	d.n = int(d.total % uint64(len(d.mem)))
+	return nil
+}
+
+func appendUint64(b []byte, x uint64) []byte {
+	var a [8]byte
+	binary.LittleEndian.PutUint64(a[:], x)
+	return append(b, a[:]...)
+}
+
+func consumeUint64(b []byte) ([]byte, uint64) {
+	x := u64(b)
+	return b[8:], x
+}
+
+func u64(b []byte) uint64 { return binary.LittleEndian.Uint64(b) }
+func u32(b []byte) uint32 { return binary.LittleEndian.Uint32(b) }
+
+func round(acc, input uint64) uint64 {
+	acc += input * prime2
+	acc = rol31(acc)
+	acc *= prime1
+	return acc
+}
+
+func mergeRound(acc, val uint64) uint64 {
+	val = round(0, val)
+	acc ^= val
+	acc = acc*prime1 + prime4
+	return acc
+}
+
+func rol1(x uint64) uint64  { return bits.RotateLeft64(x, 1) }
+func rol7(x uint64) uint64  { return bits.RotateLeft64(x, 7) }
+func rol11(x uint64) uint64 { return bits.RotateLeft64(x, 11) }
+func rol12(x uint64) uint64 { return bits.RotateLeft64(x, 12) }
+func rol18(x uint64) uint64 { return bits.RotateLeft64(x, 18) }
+func rol23(x uint64) uint64 { return bits.RotateLeft64(x, 23) }
+func rol27(x uint64) uint64 { return bits.RotateLeft64(x, 27) }
+func rol31(x uint64) uint64 { return bits.RotateLeft64(x, 31) }
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.s b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.s
new file mode 100644
index 000000000..ddb63aa91
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.s
@@ -0,0 +1,210 @@
+//go:build !appengine && gc && !purego && !noasm
+// +build !appengine
+// +build gc
+// +build !purego
+// +build !noasm
+
+#include "textflag.h"
+
+// Registers:
+#define h      AX
+#define d      AX
+#define p      SI // pointer to advance through b
+#define n      DX
+#define end    BX // loop end
+#define v1     R8
+#define v2     R9
+#define v3     R10
+#define v4     R11
+#define x      R12
+#define prime1 R13
+#define prime2 R14
+#define prime4 DI
+
+#define round(acc, x) \
+	IMULQ prime2, x   \
+	ADDQ  x, acc      \
+	ROLQ  $31, acc    \
+	IMULQ prime1, acc
+
+// round0 performs the operation x = round(0, x).
+#define round0(x) \
+	IMULQ prime2, x \
+	ROLQ  $31, x    \
+	IMULQ prime1, x
+
+// mergeRound applies a merge round on the two registers acc and x.
+// It assumes that prime1, prime2, and prime4 have been loaded.
+#define mergeRound(acc, x) \
+	round0(x)         \
+	XORQ  x, acc      \
+	IMULQ prime1, acc \
+	ADDQ  prime4, acc
+
+// blockLoop processes as many 32-byte blocks as possible,
+// updating v1, v2, v3, and v4. It assumes that there is at least one block
+// to process.
+#define blockLoop() \
+loop:  \
+	MOVQ +0(p), x  \
+	round(v1, x)   \
+	MOVQ +8(p), x  \
+	round(v2, x)   \
+	MOVQ +16(p), x \
+	round(v3, x)   \
+	MOVQ +24(p), x \
+	round(v4, x)   \
+	ADDQ $32, p    \
+	CMPQ p, end    \
+	JLE  loop
+
+// func Sum64(b []byte) uint64
+TEXT ·Sum64(SB), NOSPLIT|NOFRAME, $0-32
+	// Load fixed primes.
+	MOVQ ·primes+0(SB), prime1
+	MOVQ ·primes+8(SB), prime2
+	MOVQ ·primes+24(SB), prime4
+
+	// Load slice.
+	MOVQ b_base+0(FP), p
+	MOVQ b_len+8(FP), n
+	LEAQ (p)(n*1), end
+
+	// The first loop limit will be len(b)-32.
+	SUBQ $32, end
+
+	// Check whether we have at least one block.
+	CMPQ n, $32
+	JLT  noBlocks
+
+	// Set up initial state (v1, v2, v3, v4).
+	MOVQ prime1, v1
+	ADDQ prime2, v1
+	MOVQ prime2, v2
+	XORQ v3, v3
+	XORQ v4, v4
+	SUBQ prime1, v4
+
+	blockLoop()
+
+	MOVQ v1, h
+	ROLQ $1, h
+	MOVQ v2, x
+	ROLQ $7, x
+	ADDQ x, h
+	MOVQ v3, x
+	ROLQ $12, x
+	ADDQ x, h
+	MOVQ v4, x
+	ROLQ $18, x
+	ADDQ x, h
+
+	mergeRound(h, v1)
+	mergeRound(h, v2)
+	mergeRound(h, v3)
+	mergeRound(h, v4)
+
+	JMP afterBlocks
+
+noBlocks:
+	MOVQ ·primes+32(SB), h
+
+afterBlocks:
+	ADDQ n, h
+
+	ADDQ $24, end
+	CMPQ p, end
+	JG   try4
+
+loop8:
+	MOVQ  (p), x
+	ADDQ  $8, p
+	round0(x)
+	XORQ  x, h
+	ROLQ  $27, h
+	IMULQ prime1, h
+	ADDQ  prime4, h
+
+	CMPQ p, end
+	JLE  loop8
+
+try4:
+	ADDQ $4, end
+	CMPQ p, end
+	JG   try1
+
+	MOVL  (p), x
+	ADDQ  $4, p
+	IMULQ prime1, x
+	XORQ  x, h
+
+	ROLQ  $23, h
+	IMULQ prime2, h
+	ADDQ  ·primes+16(SB), h
+
+try1:
+	ADDQ $4, end
+	CMPQ p, end
+	JGE  finalize
+
+loop1:
+	MOVBQZX (p), x
+	ADDQ    $1, p
+	IMULQ   ·primes+32(SB), x
+	XORQ    x, h
+	ROLQ    $11, h
+	IMULQ   prime1, h
+
+	CMPQ p, end
+	JL   loop1
+
+finalize:
+	MOVQ  h, x
+	SHRQ  $33, x
+	XORQ  x, h
+	IMULQ prime2, h
+	MOVQ  h, x
+	SHRQ  $29, x
+	XORQ  x, h
+	IMULQ ·primes+16(SB), h
+	MOVQ  h, x
+	SHRQ  $32, x
+	XORQ  x, h
+
+	MOVQ h, ret+24(FP)
+	RET
+
+// func writeBlocks(d *Digest, b []byte) int
+TEXT ·writeBlocks(SB), NOSPLIT|NOFRAME, $0-40
+	// Load fixed primes needed for round.
+	MOVQ ·primes+0(SB), prime1
+	MOVQ ·primes+8(SB), prime2
+
+	// Load slice.
+	MOVQ b_base+8(FP), p
+	MOVQ b_len+16(FP), n
+	LEAQ (p)(n*1), end
+	SUBQ $32, end
+
+	// Load vN from d.
+	MOVQ s+0(FP), d
+	MOVQ 0(d), v1
+	MOVQ 8(d), v2
+	MOVQ 16(d), v3
+	MOVQ 24(d), v4
+
+	// We don't need to check the loop condition here; this function is
+	// always called with at least one block of data to process.
+	blockLoop()
+
+	// Copy vN back to d.
+	MOVQ v1, 0(d)
+	MOVQ v2, 8(d)
+	MOVQ v3, 16(d)
+	MOVQ v4, 24(d)
+
+	// The number of bytes written is p minus the old base pointer.
+	SUBQ b_base+8(FP), p
+	MOVQ p, ret+32(FP)
+
+	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s
new file mode 100644
index 000000000..ae7d4d329
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s
@@ -0,0 +1,184 @@
+//go:build !appengine && gc && !purego && !noasm
+// +build !appengine
+// +build gc
+// +build !purego
+// +build !noasm
+
+#include "textflag.h"
+
+// Registers:
+#define digest	R1
+#define h	R2 // return value
+#define p	R3 // input pointer
+#define n	R4 // input length
+#define nblocks	R5 // n / 32
+#define prime1	R7
+#define prime2	R8
+#define prime3	R9
+#define prime4	R10
+#define prime5	R11
+#define v1	R12
+#define v2	R13
+#define v3	R14
+#define v4	R15
+#define x1	R20
+#define x2	R21
+#define x3	R22
+#define x4	R23
+
+#define round(acc, x) \
+	MADD prime2, acc, x, acc \
+	ROR  $64-31, acc         \
+	MUL  prime1, acc
+
+// round0 performs the operation x = round(0, x).
+#define round0(x) \
+	MUL prime2, x \
+	ROR $64-31, x \
+	MUL prime1, x
+
+#define mergeRound(acc, x) \
+	round0(x)                     \
+	EOR  x, acc                   \
+	MADD acc, prime4, prime1, acc
+
+// blockLoop processes as many 32-byte blocks as possible,
+// updating v1, v2, v3, and v4. It assumes that n >= 32.
+#define blockLoop() \
+	LSR     $5, n, nblocks  \
+	PCALIGN $16             \
+	loop:                   \
+	LDP.P   16(p), (x1, x2) \
+	LDP.P   16(p), (x3, x4) \
+	round(v1, x1)           \
+	round(v2, x2)           \
+	round(v3, x3)           \
+	round(v4, x4)           \
+	SUB     $1, nblocks     \
+	CBNZ    nblocks, loop
+
+// func Sum64(b []byte) uint64
+TEXT ·Sum64(SB), NOSPLIT|NOFRAME, $0-32
+	LDP b_base+0(FP), (p, n)
+
+	LDP  ·primes+0(SB), (prime1, prime2)
+	LDP  ·primes+16(SB), (prime3, prime4)
+	MOVD ·primes+32(SB), prime5
+
+	CMP  $32, n
+	CSEL LT, prime5, ZR, h // if n < 32 { h = prime5 } else { h = 0 }
+	BLT  afterLoop
+
+	ADD  prime1, prime2, v1
+	MOVD prime2, v2
+	MOVD $0, v3
+	NEG  prime1, v4
+
+	blockLoop()
+
+	ROR $64-1, v1, x1
+	ROR $64-7, v2, x2
+	ADD x1, x2
+	ROR $64-12, v3, x3
+	ROR $64-18, v4, x4
+	ADD x3, x4
+	ADD x2, x4, h
+
+	mergeRound(h, v1)
+	mergeRound(h, v2)
+	mergeRound(h, v3)
+	mergeRound(h, v4)
+
+afterLoop:
+	ADD n, h
+
+	TBZ   $4, n, try8
+	LDP.P 16(p), (x1, x2)
+
+	round0(x1)
+
+	// NOTE: here and below, sequencing the EOR after the ROR (using a
+	// rotated register) is worth a small but measurable speedup for small
+	// inputs.
+	ROR  $64-27, h
+	EOR  x1 @> 64-27, h, h
+	MADD h, prime4, prime1, h
+
+	round0(x2)
+	ROR  $64-27, h
+	EOR  x2 @> 64-27, h, h
+	MADD h, prime4, prime1, h
+
+try8:
+	TBZ    $3, n, try4
+	MOVD.P 8(p), x1
+
+	round0(x1)
+	ROR  $64-27, h
+	EOR  x1 @> 64-27, h, h
+	MADD h, prime4, prime1, h
+
+try4:
+	TBZ     $2, n, try2
+	MOVWU.P 4(p), x2
+
+	MUL  prime1, x2
+	ROR  $64-23, h
+	EOR  x2 @> 64-23, h, h
+	MADD h, prime3, prime2, h
+
+try2:
+	TBZ     $1, n, try1
+	MOVHU.P 2(p), x3
+	AND     $255, x3, x1
+	LSR     $8, x3, x2
+
+	MUL prime5, x1
+	ROR $64-11, h
+	EOR x1 @> 64-11, h, h
+	MUL prime1, h
+
+	MUL prime5, x2
+	ROR $64-11, h
+	EOR x2 @> 64-11, h, h
+	MUL prime1, h
+
+try1:
+	TBZ   $0, n, finalize
+	MOVBU (p), x4
+
+	MUL prime5, x4
+	ROR $64-11, h
+	EOR x4 @> 64-11, h, h
+	MUL prime1, h
+
+finalize:
+	EOR h >> 33, h
+	MUL prime2, h
+	EOR h >> 29, h
+	MUL prime3, h
+	EOR h >> 32, h
+
+	MOVD h, ret+24(FP)
+	RET
+
+// func writeBlocks(s *Digest, b []byte) int
+TEXT ·writeBlocks(SB), NOSPLIT|NOFRAME, $0-40
+	LDP ·primes+0(SB), (prime1, prime2)
+
+	// Load state. Assume v[1-4] are stored contiguously.
+	MOVD s+0(FP), digest
+	LDP  0(digest), (v1, v2)
+	LDP  16(digest), (v3, v4)
+
+	LDP b_base+8(FP), (p, n)
+
+	blockLoop()
+
+	// Store updated state.
+	STP (v1, v2), 0(digest)
+	STP (v3, v4), 16(digest)
+
+	BIC  $31, n
+	MOVD n, ret+32(FP)
+	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go
new file mode 100644
index 000000000..d4221edf4
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go
@@ -0,0 +1,16 @@
+//go:build (amd64 || arm64) && !appengine && gc && !purego && !noasm
+// +build amd64 arm64
+// +build !appengine
+// +build gc
+// +build !purego
+// +build !noasm
+
+package xxhash
+
+// Sum64 computes the 64-bit xxHash digest of b.
+//
+//go:noescape
+func Sum64(b []byte) uint64
+
+//go:noescape
+func writeBlocks(s *Digest, b []byte) int
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go
new file mode 100644
index 000000000..0be16cefc
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go
@@ -0,0 +1,76 @@
+//go:build (!amd64 && !arm64) || appengine || !gc || purego || noasm
+// +build !amd64,!arm64 appengine !gc purego noasm
+
+package xxhash
+
+// Sum64 computes the 64-bit xxHash digest of b.
+func Sum64(b []byte) uint64 {
+	// A simpler version would be
+	//   d := New()
+	//   d.Write(b)
+	//   return d.Sum64()
+	// but this is faster, particularly for small inputs.
+
+	n := len(b)
+	var h uint64
+
+	if n >= 32 {
+		v1 := primes[0] + prime2
+		v2 := prime2
+		v3 := uint64(0)
+		v4 := -primes[0]
+		for len(b) >= 32 {
+			v1 = round(v1, u64(b[0:8:len(b)]))
+			v2 = round(v2, u64(b[8:16:len(b)]))
+			v3 = round(v3, u64(b[16:24:len(b)]))
+			v4 = round(v4, u64(b[24:32:len(b)]))
+			b = b[32:len(b):len(b)]
+		}
+		h = rol1(v1) + rol7(v2) + rol12(v3) + rol18(v4)
+		h = mergeRound(h, v1)
+		h = mergeRound(h, v2)
+		h = mergeRound(h, v3)
+		h = mergeRound(h, v4)
+	} else {
+		h = prime5
+	}
+
+	h += uint64(n)
+
+	for ; len(b) >= 8; b = b[8:] {
+		k1 := round(0, u64(b[:8]))
+		h ^= k1
+		h = rol27(h)*prime1 + prime4
+	}
+	if len(b) >= 4 {
+		h ^= uint64(u32(b[:4])) * prime1
+		h = rol23(h)*prime2 + prime3
+		b = b[4:]
+	}
+	for ; len(b) > 0; b = b[1:] {
+		h ^= uint64(b[0]) * prime5
+		h = rol11(h) * prime1
+	}
+
+	h ^= h >> 33
+	h *= prime2
+	h ^= h >> 29
+	h *= prime3
+	h ^= h >> 32
+
+	return h
+}
+
+func writeBlocks(d *Digest, b []byte) int {
+	v1, v2, v3, v4 := d.v1, d.v2, d.v3, d.v4
+	n := len(b)
+	for len(b) >= 32 {
+		v1 = round(v1, u64(b[0:8:len(b)]))
+		v2 = round(v2, u64(b[8:16:len(b)]))
+		v3 = round(v3, u64(b[16:24:len(b)]))
+		v4 = round(v4, u64(b[24:32:len(b)]))
+		b = b[32:len(b):len(b)]
+	}
+	d.v1, d.v2, d.v3, d.v4 = v1, v2, v3, v4
+	return n - len(b)
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_safe.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_safe.go
new file mode 100644
index 000000000..6f3b0cb10
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_safe.go
@@ -0,0 +1,11 @@
+package xxhash
+
+// Sum64String computes the 64-bit xxHash digest of s.
+func Sum64String(s string) uint64 {
+	return Sum64([]byte(s))
+}
+
+// WriteString adds more data to d. It always returns len(s), nil.
+func (d *Digest) WriteString(s string) (n int, err error) {
+	return d.Write([]byte(s))
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.go b/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.go
new file mode 100644
index 000000000..f41932b7a
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.go
@@ -0,0 +1,16 @@
+//go:build amd64 && !appengine && !noasm && gc
+// +build amd64,!appengine,!noasm,gc
+
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+
+package zstd
+
+// matchLen returns how many bytes match in a and b
+//
+// It assumes that:
+//
+//	len(a) <= len(b) and len(a) > 0
+//
+//go:noescape
+func matchLen(a []byte, b []byte) int
diff --git a/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.s b/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.s
new file mode 100644
index 000000000..0782b86e3
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.s
@@ -0,0 +1,66 @@
+// Copied from S2 implementation.
+
+//go:build !appengine && !noasm && gc && !noasm
+
+#include "textflag.h"
+
+// func matchLen(a []byte, b []byte) int
+TEXT ·matchLen(SB), NOSPLIT, $0-56
+	MOVQ a_base+0(FP), AX
+	MOVQ b_base+24(FP), CX
+	MOVQ a_len+8(FP), DX
+
+	// matchLen
+	XORL SI, SI
+	CMPL DX, $0x08
+	JB   matchlen_match4_standalone
+
+matchlen_loopback_standalone:
+	MOVQ (AX)(SI*1), BX
+	XORQ (CX)(SI*1), BX
+	JZ   matchlen_loop_standalone
+
+#ifdef GOAMD64_v3
+	TZCNTQ BX, BX
+#else
+	BSFQ BX, BX
+#endif
+	SHRL $0x03, BX
+	LEAL (SI)(BX*1), SI
+	JMP  gen_match_len_end
+
+matchlen_loop_standalone:
+	LEAL -8(DX), DX
+	LEAL 8(SI), SI
+	CMPL DX, $0x08
+	JAE  matchlen_loopback_standalone
+
+matchlen_match4_standalone:
+	CMPL DX, $0x04
+	JB   matchlen_match2_standalone
+	MOVL (AX)(SI*1), BX
+	CMPL (CX)(SI*1), BX
+	JNE  matchlen_match2_standalone
+	LEAL -4(DX), DX
+	LEAL 4(SI), SI
+
+matchlen_match2_standalone:
+	CMPL DX, $0x02
+	JB   matchlen_match1_standalone
+	MOVW (AX)(SI*1), BX
+	CMPW (CX)(SI*1), BX
+	JNE  matchlen_match1_standalone
+	LEAL -2(DX), DX
+	LEAL 2(SI), SI
+
+matchlen_match1_standalone:
+	CMPL DX, $0x01
+	JB   gen_match_len_end
+	MOVB (AX)(SI*1), BL
+	CMPB (CX)(SI*1), BL
+	JNE  gen_match_len_end
+	INCL SI
+
+gen_match_len_end:
+	MOVQ SI, ret+48(FP)
+	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/matchlen_generic.go b/vendor/github.com/klauspost/compress/zstd/matchlen_generic.go
new file mode 100644
index 000000000..57b9c31c0
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/matchlen_generic.go
@@ -0,0 +1,33 @@
+//go:build !amd64 || appengine || !gc || noasm
+// +build !amd64 appengine !gc noasm
+
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+
+package zstd
+
+import (
+	"encoding/binary"
+	"math/bits"
+)
+
+// matchLen returns the maximum common prefix length of a and b.
+// a must be the shortest of the two.
+func matchLen(a, b []byte) (n int) {
+	for ; len(a) >= 8 && len(b) >= 8; a, b = a[8:], b[8:] {
+		diff := binary.LittleEndian.Uint64(a) ^ binary.LittleEndian.Uint64(b)
+		if diff != 0 {
+			return n + bits.TrailingZeros64(diff)>>3
+		}
+		n += 8
+	}
+
+	for i := range a {
+		if a[i] != b[i] {
+			break
+		}
+		n++
+	}
+	return n
+
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/seqdec.go b/vendor/github.com/klauspost/compress/zstd/seqdec.go
new file mode 100644
index 000000000..d7fe6d82d
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/seqdec.go
@@ -0,0 +1,503 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"errors"
+	"fmt"
+	"io"
+)
+
+type seq struct {
+	litLen   uint32
+	matchLen uint32
+	offset   uint32
+
+	// Codes are stored here for the encoder
+	// so they only have to be looked up once.
+	llCode, mlCode, ofCode uint8
+}
+
+type seqVals struct {
+	ll, ml, mo int
+}
+
+func (s seq) String() string {
+	if s.offset <= 3 {
+		if s.offset == 0 {
+			return fmt.Sprint("litLen:", s.litLen, ", matchLen:", s.matchLen+zstdMinMatch, ", offset: INVALID (0)")
+		}
+		return fmt.Sprint("litLen:", s.litLen, ", matchLen:", s.matchLen+zstdMinMatch, ", offset:", s.offset, " (repeat)")
+	}
+	return fmt.Sprint("litLen:", s.litLen, ", matchLen:", s.matchLen+zstdMinMatch, ", offset:", s.offset-3, " (new)")
+}
+
+type seqCompMode uint8
+
+const (
+	compModePredefined seqCompMode = iota
+	compModeRLE
+	compModeFSE
+	compModeRepeat
+)
+
+type sequenceDec struct {
+	// decoder keeps track of the current state and updates it from the bitstream.
+	fse    *fseDecoder
+	state  fseState
+	repeat bool
+}
+
+// init the state of the decoder with input from stream.
+func (s *sequenceDec) init(br *bitReader) error {
+	if s.fse == nil {
+		return errors.New("sequence decoder not defined")
+	}
+	s.state.init(br, s.fse.actualTableLog, s.fse.dt[:1< cap(s.out) {
+		addBytes := s.seqSize + len(s.out)
+		s.out = append(s.out, make([]byte, addBytes)...)
+		s.out = s.out[:len(s.out)-addBytes]
+	}
+
+	if debugDecoder {
+		printf("Execute %d seqs with hist %d, dict %d, literals: %d into %d bytes\n", len(seqs), len(hist), len(s.dict), len(s.literals), s.seqSize)
+	}
+
+	var t = len(s.out)
+	out := s.out[:t+s.seqSize]
+
+	for _, seq := range seqs {
+		// Add literals
+		copy(out[t:], s.literals[:seq.ll])
+		t += seq.ll
+		s.literals = s.literals[seq.ll:]
+
+		// Copy from dictionary...
+		if seq.mo > t+len(hist) || seq.mo > s.windowSize {
+			if len(s.dict) == 0 {
+				return fmt.Errorf("match offset (%d) bigger than current history (%d)", seq.mo, t+len(hist))
+			}
+
+			// we may be in dictionary.
+			dictO := len(s.dict) - (seq.mo - (t + len(hist)))
+			if dictO < 0 || dictO >= len(s.dict) {
+				return fmt.Errorf("match offset (%d) bigger than current history+dict (%d)", seq.mo, t+len(hist)+len(s.dict))
+			}
+			end := dictO + seq.ml
+			if end > len(s.dict) {
+				n := len(s.dict) - dictO
+				copy(out[t:], s.dict[dictO:])
+				t += n
+				seq.ml -= n
+			} else {
+				copy(out[t:], s.dict[dictO:end])
+				t += end - dictO
+				continue
+			}
+		}
+
+		// Copy from history.
+		if v := seq.mo - t; v > 0 {
+			// v is the start position in history from end.
+			start := len(hist) - v
+			if seq.ml > v {
+				// Some goes into current block.
+				// Copy remainder of history
+				copy(out[t:], hist[start:])
+				t += v
+				seq.ml -= v
+			} else {
+				copy(out[t:], hist[start:start+seq.ml])
+				t += seq.ml
+				continue
+			}
+		}
+		// We must be in current buffer now
+		if seq.ml > 0 {
+			start := t - seq.mo
+			if seq.ml <= t-start {
+				// No overlap
+				copy(out[t:], out[start:start+seq.ml])
+				t += seq.ml
+				continue
+			} else {
+				// Overlapping copy
+				// Extend destination slice and copy one byte at the time.
+				src := out[start : start+seq.ml]
+				dst := out[t:]
+				dst = dst[:len(src)]
+				t += len(src)
+				// Destination is the space we just added.
+				for i := range src {
+					dst[i] = src[i]
+				}
+			}
+		}
+	}
+
+	// Add final literals
+	copy(out[t:], s.literals)
+	if debugDecoder {
+		t += len(s.literals)
+		if t != len(out) {
+			panic(fmt.Errorf("length mismatch, want %d, got %d, ss: %d", len(out), t, s.seqSize))
+		}
+	}
+	s.out = out
+
+	return nil
+}
+
+// decode sequences from the stream with the provided history.
+func (s *sequenceDecs) decodeSync(hist []byte) error {
+	supported, err := s.decodeSyncSimple(hist)
+	if supported {
+		return err
+	}
+
+	br := s.br
+	seqs := s.nSeqs
+	startSize := len(s.out)
+	// Grab full sizes tables, to avoid bounds checks.
+	llTable, mlTable, ofTable := s.litLengths.fse.dt[:maxTablesize], s.matchLengths.fse.dt[:maxTablesize], s.offsets.fse.dt[:maxTablesize]
+	llState, mlState, ofState := s.litLengths.state.state, s.matchLengths.state.state, s.offsets.state.state
+	out := s.out
+	maxBlockSize := maxCompressedBlockSize
+	if s.windowSize < maxBlockSize {
+		maxBlockSize = s.windowSize
+	}
+
+	if debugDecoder {
+		println("decodeSync: decoding", seqs, "sequences", br.remain(), "bits remain on stream")
+	}
+	for i := seqs - 1; i >= 0; i-- {
+		if br.overread() {
+			printf("reading sequence %d, exceeded available data. Overread by %d\n", seqs-i, -br.remain())
+			return io.ErrUnexpectedEOF
+		}
+		var ll, mo, ml int
+		if len(br.in) > 4+((maxOffsetBits+16+16)>>3) {
+			// inlined function:
+			// ll, mo, ml = s.nextFast(br, llState, mlState, ofState)
+
+			// Final will not read from stream.
+			var llB, mlB, moB uint8
+			ll, llB = llState.final()
+			ml, mlB = mlState.final()
+			mo, moB = ofState.final()
+
+			// extra bits are stored in reverse order.
+			br.fillFast()
+			mo += br.getBits(moB)
+			if s.maxBits > 32 {
+				br.fillFast()
+			}
+			ml += br.getBits(mlB)
+			ll += br.getBits(llB)
+
+			if moB > 1 {
+				s.prevOffset[2] = s.prevOffset[1]
+				s.prevOffset[1] = s.prevOffset[0]
+				s.prevOffset[0] = mo
+			} else {
+				// mo = s.adjustOffset(mo, ll, moB)
+				// Inlined for rather big speedup
+				if ll == 0 {
+					// There is an exception though, when current sequence's literals_length = 0.
+					// In this case, repeated offsets are shifted by one, so an offset_value of 1 means Repeated_Offset2,
+					// an offset_value of 2 means Repeated_Offset3, and an offset_value of 3 means Repeated_Offset1 - 1_byte.
+					mo++
+				}
+
+				if mo == 0 {
+					mo = s.prevOffset[0]
+				} else {
+					var temp int
+					if mo == 3 {
+						temp = s.prevOffset[0] - 1
+					} else {
+						temp = s.prevOffset[mo]
+					}
+
+					if temp == 0 {
+						// 0 is not valid; input is corrupted; force offset to 1
+						println("WARNING: temp was 0")
+						temp = 1
+					}
+
+					if mo != 1 {
+						s.prevOffset[2] = s.prevOffset[1]
+					}
+					s.prevOffset[1] = s.prevOffset[0]
+					s.prevOffset[0] = temp
+					mo = temp
+				}
+			}
+			br.fillFast()
+		} else {
+			ll, mo, ml = s.next(br, llState, mlState, ofState)
+			br.fill()
+		}
+
+		if debugSequences {
+			println("Seq", seqs-i-1, "Litlen:", ll, "mo:", mo, "(abs) ml:", ml)
+		}
+
+		if ll > len(s.literals) {
+			return fmt.Errorf("unexpected literal count, want %d bytes, but only %d is available", ll, len(s.literals))
+		}
+		size := ll + ml + len(out)
+		if size-startSize > maxBlockSize {
+			return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
+		}
+		if size > cap(out) {
+			// Not enough size, which can happen under high volume block streaming conditions
+			// but could be if destination slice is too small for sync operations.
+			// over-allocating here can create a large amount of GC pressure so we try to keep
+			// it as contained as possible
+			used := len(out) - startSize
+			addBytes := 256 + ll + ml + used>>2
+			// Clamp to max block size.
+			if used+addBytes > maxBlockSize {
+				addBytes = maxBlockSize - used
+			}
+			out = append(out, make([]byte, addBytes)...)
+			out = out[:len(out)-addBytes]
+		}
+		if ml > maxMatchLen {
+			return fmt.Errorf("match len (%d) bigger than max allowed length", ml)
+		}
+
+		// Add literals
+		out = append(out, s.literals[:ll]...)
+		s.literals = s.literals[ll:]
+
+		if mo == 0 && ml > 0 {
+			return fmt.Errorf("zero matchoff and matchlen (%d) > 0", ml)
+		}
+
+		if mo > len(out)+len(hist) || mo > s.windowSize {
+			if len(s.dict) == 0 {
+				return fmt.Errorf("match offset (%d) bigger than current history (%d)", mo, len(out)+len(hist)-startSize)
+			}
+
+			// we may be in dictionary.
+			dictO := len(s.dict) - (mo - (len(out) + len(hist)))
+			if dictO < 0 || dictO >= len(s.dict) {
+				return fmt.Errorf("match offset (%d) bigger than current history (%d)", mo, len(out)+len(hist)-startSize)
+			}
+			end := dictO + ml
+			if end > len(s.dict) {
+				out = append(out, s.dict[dictO:]...)
+				ml -= len(s.dict) - dictO
+			} else {
+				out = append(out, s.dict[dictO:end]...)
+				mo = 0
+				ml = 0
+			}
+		}
+
+		// Copy from history.
+		// TODO: Blocks without history could be made to ignore this completely.
+		if v := mo - len(out); v > 0 {
+			// v is the start position in history from end.
+			start := len(hist) - v
+			if ml > v {
+				// Some goes into current block.
+				// Copy remainder of history
+				out = append(out, hist[start:]...)
+				ml -= v
+			} else {
+				out = append(out, hist[start:start+ml]...)
+				ml = 0
+			}
+		}
+		// We must be in current buffer now
+		if ml > 0 {
+			start := len(out) - mo
+			if ml <= len(out)-start {
+				// No overlap
+				out = append(out, out[start:start+ml]...)
+			} else {
+				// Overlapping copy
+				// Extend destination slice and copy one byte at the time.
+				out = out[:len(out)+ml]
+				src := out[start : start+ml]
+				// Destination is the space we just added.
+				dst := out[len(out)-ml:]
+				dst = dst[:len(src)]
+				for i := range src {
+					dst[i] = src[i]
+				}
+			}
+		}
+		if i == 0 {
+			// This is the last sequence, so we shouldn't update state.
+			break
+		}
+
+		// Manually inlined, ~ 5-20% faster
+		// Update all 3 states at once. Approx 20% faster.
+		nBits := llState.nbBits() + mlState.nbBits() + ofState.nbBits()
+		if nBits == 0 {
+			llState = llTable[llState.newState()&maxTableMask]
+			mlState = mlTable[mlState.newState()&maxTableMask]
+			ofState = ofTable[ofState.newState()&maxTableMask]
+		} else {
+			bits := br.get32BitsFast(nBits)
+
+			lowBits := uint16(bits >> ((ofState.nbBits() + mlState.nbBits()) & 31))
+			llState = llTable[(llState.newState()+lowBits)&maxTableMask]
+
+			lowBits = uint16(bits >> (ofState.nbBits() & 31))
+			lowBits &= bitMask[mlState.nbBits()&15]
+			mlState = mlTable[(mlState.newState()+lowBits)&maxTableMask]
+
+			lowBits = uint16(bits) & bitMask[ofState.nbBits()&15]
+			ofState = ofTable[(ofState.newState()+lowBits)&maxTableMask]
+		}
+	}
+
+	if size := len(s.literals) + len(out) - startSize; size > maxBlockSize {
+		return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
+	}
+
+	// Add final literals
+	s.out = append(out, s.literals...)
+	return br.close()
+}
+
+var bitMask [16]uint16
+
+func init() {
+	for i := range bitMask[:] {
+		bitMask[i] = uint16((1 << uint(i)) - 1)
+	}
+}
+
+func (s *sequenceDecs) next(br *bitReader, llState, mlState, ofState decSymbol) (ll, mo, ml int) {
+	// Final will not read from stream.
+	ll, llB := llState.final()
+	ml, mlB := mlState.final()
+	mo, moB := ofState.final()
+
+	// extra bits are stored in reverse order.
+	br.fill()
+	mo += br.getBits(moB)
+	if s.maxBits > 32 {
+		br.fill()
+	}
+	// matchlength+literal length, max 32 bits
+	ml += br.getBits(mlB)
+	ll += br.getBits(llB)
+	mo = s.adjustOffset(mo, ll, moB)
+	return
+}
+
+func (s *sequenceDecs) adjustOffset(offset, litLen int, offsetB uint8) int {
+	if offsetB > 1 {
+		s.prevOffset[2] = s.prevOffset[1]
+		s.prevOffset[1] = s.prevOffset[0]
+		s.prevOffset[0] = offset
+		return offset
+	}
+
+	if litLen == 0 {
+		// There is an exception though, when current sequence's literals_length = 0.
+		// In this case, repeated offsets are shifted by one, so an offset_value of 1 means Repeated_Offset2,
+		// an offset_value of 2 means Repeated_Offset3, and an offset_value of 3 means Repeated_Offset1 - 1_byte.
+		offset++
+	}
+
+	if offset == 0 {
+		return s.prevOffset[0]
+	}
+	var temp int
+	if offset == 3 {
+		temp = s.prevOffset[0] - 1
+	} else {
+		temp = s.prevOffset[offset]
+	}
+
+	if temp == 0 {
+		// 0 is not valid; input is corrupted; force offset to 1
+		println("temp was 0")
+		temp = 1
+	}
+
+	if offset != 1 {
+		s.prevOffset[2] = s.prevOffset[1]
+	}
+	s.prevOffset[1] = s.prevOffset[0]
+	s.prevOffset[0] = temp
+	return temp
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.go b/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.go
new file mode 100644
index 000000000..c59f17e07
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.go
@@ -0,0 +1,394 @@
+//go:build amd64 && !appengine && !noasm && gc
+// +build amd64,!appengine,!noasm,gc
+
+package zstd
+
+import (
+	"fmt"
+	"io"
+
+	"github.com/klauspost/compress/internal/cpuinfo"
+)
+
+type decodeSyncAsmContext struct {
+	llTable     []decSymbol
+	mlTable     []decSymbol
+	ofTable     []decSymbol
+	llState     uint64
+	mlState     uint64
+	ofState     uint64
+	iteration   int
+	litRemain   int
+	out         []byte
+	outPosition int
+	literals    []byte
+	litPosition int
+	history     []byte
+	windowSize  int
+	ll          int // set on error (not for all errors, please refer to _generate/gen.go)
+	ml          int // set on error (not for all errors, please refer to _generate/gen.go)
+	mo          int // set on error (not for all errors, please refer to _generate/gen.go)
+}
+
+// sequenceDecs_decodeSync_amd64 implements the main loop of sequenceDecs.decodeSync in x86 asm.
+//
+// Please refer to seqdec_generic.go for the reference implementation.
+//
+//go:noescape
+func sequenceDecs_decodeSync_amd64(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
+
+// sequenceDecs_decodeSync_bmi2 implements the main loop of sequenceDecs.decodeSync in x86 asm with BMI2 extensions.
+//
+//go:noescape
+func sequenceDecs_decodeSync_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
+
+// sequenceDecs_decodeSync_safe_amd64 does the same as above, but does not write more than output buffer.
+//
+//go:noescape
+func sequenceDecs_decodeSync_safe_amd64(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
+
+// sequenceDecs_decodeSync_safe_bmi2 does the same as above, but does not write more than output buffer.
+//
+//go:noescape
+func sequenceDecs_decodeSync_safe_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
+
+// decode sequences from the stream with the provided history but without a dictionary.
+func (s *sequenceDecs) decodeSyncSimple(hist []byte) (bool, error) {
+	if len(s.dict) > 0 {
+		return false, nil
+	}
+	if s.maxSyncLen == 0 && cap(s.out)-len(s.out) < maxCompressedBlockSize {
+		return false, nil
+	}
+
+	// FIXME: Using unsafe memory copies leads to rare, random crashes
+	// with fuzz testing. It is therefore disabled for now.
+	const useSafe = true
+	/*
+		useSafe := false
+		if s.maxSyncLen == 0 && cap(s.out)-len(s.out) < maxCompressedBlockSizeAlloc {
+			useSafe = true
+		}
+		if s.maxSyncLen > 0 && cap(s.out)-len(s.out)-compressedBlockOverAlloc < int(s.maxSyncLen) {
+			useSafe = true
+		}
+		if cap(s.literals) < len(s.literals)+compressedBlockOverAlloc {
+			useSafe = true
+		}
+	*/
+
+	br := s.br
+
+	maxBlockSize := maxCompressedBlockSize
+	if s.windowSize < maxBlockSize {
+		maxBlockSize = s.windowSize
+	}
+
+	ctx := decodeSyncAsmContext{
+		llTable:     s.litLengths.fse.dt[:maxTablesize],
+		mlTable:     s.matchLengths.fse.dt[:maxTablesize],
+		ofTable:     s.offsets.fse.dt[:maxTablesize],
+		llState:     uint64(s.litLengths.state.state),
+		mlState:     uint64(s.matchLengths.state.state),
+		ofState:     uint64(s.offsets.state.state),
+		iteration:   s.nSeqs - 1,
+		litRemain:   len(s.literals),
+		out:         s.out,
+		outPosition: len(s.out),
+		literals:    s.literals,
+		windowSize:  s.windowSize,
+		history:     hist,
+	}
+
+	s.seqSize = 0
+	startSize := len(s.out)
+
+	var errCode int
+	if cpuinfo.HasBMI2() {
+		if useSafe {
+			errCode = sequenceDecs_decodeSync_safe_bmi2(s, br, &ctx)
+		} else {
+			errCode = sequenceDecs_decodeSync_bmi2(s, br, &ctx)
+		}
+	} else {
+		if useSafe {
+			errCode = sequenceDecs_decodeSync_safe_amd64(s, br, &ctx)
+		} else {
+			errCode = sequenceDecs_decodeSync_amd64(s, br, &ctx)
+		}
+	}
+	switch errCode {
+	case noError:
+		break
+
+	case errorMatchLenOfsMismatch:
+		return true, fmt.Errorf("zero matchoff and matchlen (%d) > 0", ctx.ml)
+
+	case errorMatchLenTooBig:
+		return true, fmt.Errorf("match len (%d) bigger than max allowed length", ctx.ml)
+
+	case errorMatchOffTooBig:
+		return true, fmt.Errorf("match offset (%d) bigger than current history (%d)",
+			ctx.mo, ctx.outPosition+len(hist)-startSize)
+
+	case errorNotEnoughLiterals:
+		return true, fmt.Errorf("unexpected literal count, want %d bytes, but only %d is available",
+			ctx.ll, ctx.litRemain+ctx.ll)
+
+	case errorOverread:
+		return true, io.ErrUnexpectedEOF
+
+	case errorNotEnoughSpace:
+		size := ctx.outPosition + ctx.ll + ctx.ml
+		if debugDecoder {
+			println("msl:", s.maxSyncLen, "cap", cap(s.out), "bef:", startSize, "sz:", size-startSize, "mbs:", maxBlockSize, "outsz:", cap(s.out)-startSize)
+		}
+		return true, fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
+
+	default:
+		return true, fmt.Errorf("sequenceDecs_decode returned erroneous code %d", errCode)
+	}
+
+	s.seqSize += ctx.litRemain
+	if s.seqSize > maxBlockSize {
+		return true, fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
+	}
+	err := br.close()
+	if err != nil {
+		printf("Closing sequences: %v, %+v\n", err, *br)
+		return true, err
+	}
+
+	s.literals = s.literals[ctx.litPosition:]
+	t := ctx.outPosition
+	s.out = s.out[:t]
+
+	// Add final literals
+	s.out = append(s.out, s.literals...)
+	if debugDecoder {
+		t += len(s.literals)
+		if t != len(s.out) {
+			panic(fmt.Errorf("length mismatch, want %d, got %d", len(s.out), t))
+		}
+	}
+
+	return true, nil
+}
+
+// --------------------------------------------------------------------------------
+
+type decodeAsmContext struct {
+	llTable   []decSymbol
+	mlTable   []decSymbol
+	ofTable   []decSymbol
+	llState   uint64
+	mlState   uint64
+	ofState   uint64
+	iteration int
+	seqs      []seqVals
+	litRemain int
+}
+
+const noError = 0
+
+// error reported when mo == 0 && ml > 0
+const errorMatchLenOfsMismatch = 1
+
+// error reported when ml > maxMatchLen
+const errorMatchLenTooBig = 2
+
+// error reported when mo > available history or mo > s.windowSize
+const errorMatchOffTooBig = 3
+
+// error reported when the sum of literal lengths exeeceds the literal buffer size
+const errorNotEnoughLiterals = 4
+
+// error reported when capacity of `out` is too small
+const errorNotEnoughSpace = 5
+
+// error reported when bits are overread.
+const errorOverread = 6
+
+// sequenceDecs_decode implements the main loop of sequenceDecs in x86 asm.
+//
+// Please refer to seqdec_generic.go for the reference implementation.
+//
+//go:noescape
+func sequenceDecs_decode_amd64(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
+
+// sequenceDecs_decode implements the main loop of sequenceDecs in x86 asm.
+//
+// Please refer to seqdec_generic.go for the reference implementation.
+//
+//go:noescape
+func sequenceDecs_decode_56_amd64(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
+
+// sequenceDecs_decode implements the main loop of sequenceDecs in x86 asm with BMI2 extensions.
+//
+//go:noescape
+func sequenceDecs_decode_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
+
+// sequenceDecs_decode implements the main loop of sequenceDecs in x86 asm with BMI2 extensions.
+//
+//go:noescape
+func sequenceDecs_decode_56_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
+
+// decode sequences from the stream without the provided history.
+func (s *sequenceDecs) decode(seqs []seqVals) error {
+	br := s.br
+
+	maxBlockSize := maxCompressedBlockSize
+	if s.windowSize < maxBlockSize {
+		maxBlockSize = s.windowSize
+	}
+
+	ctx := decodeAsmContext{
+		llTable:   s.litLengths.fse.dt[:maxTablesize],
+		mlTable:   s.matchLengths.fse.dt[:maxTablesize],
+		ofTable:   s.offsets.fse.dt[:maxTablesize],
+		llState:   uint64(s.litLengths.state.state),
+		mlState:   uint64(s.matchLengths.state.state),
+		ofState:   uint64(s.offsets.state.state),
+		seqs:      seqs,
+		iteration: len(seqs) - 1,
+		litRemain: len(s.literals),
+	}
+
+	if debugDecoder {
+		println("decode: decoding", len(seqs), "sequences", br.remain(), "bits remain on stream")
+	}
+
+	s.seqSize = 0
+	lte56bits := s.maxBits+s.offsets.fse.actualTableLog+s.matchLengths.fse.actualTableLog+s.litLengths.fse.actualTableLog <= 56
+	var errCode int
+	if cpuinfo.HasBMI2() {
+		if lte56bits {
+			errCode = sequenceDecs_decode_56_bmi2(s, br, &ctx)
+		} else {
+			errCode = sequenceDecs_decode_bmi2(s, br, &ctx)
+		}
+	} else {
+		if lte56bits {
+			errCode = sequenceDecs_decode_56_amd64(s, br, &ctx)
+		} else {
+			errCode = sequenceDecs_decode_amd64(s, br, &ctx)
+		}
+	}
+	if errCode != 0 {
+		i := len(seqs) - ctx.iteration - 1
+		switch errCode {
+		case errorMatchLenOfsMismatch:
+			ml := ctx.seqs[i].ml
+			return fmt.Errorf("zero matchoff and matchlen (%d) > 0", ml)
+
+		case errorMatchLenTooBig:
+			ml := ctx.seqs[i].ml
+			return fmt.Errorf("match len (%d) bigger than max allowed length", ml)
+
+		case errorNotEnoughLiterals:
+			ll := ctx.seqs[i].ll
+			return fmt.Errorf("unexpected literal count, want %d bytes, but only %d is available", ll, ctx.litRemain+ll)
+		case errorOverread:
+			return io.ErrUnexpectedEOF
+		}
+
+		return fmt.Errorf("sequenceDecs_decode_amd64 returned erroneous code %d", errCode)
+	}
+
+	if ctx.litRemain < 0 {
+		return fmt.Errorf("literal count is too big: total available %d, total requested %d",
+			len(s.literals), len(s.literals)-ctx.litRemain)
+	}
+
+	s.seqSize += ctx.litRemain
+	if s.seqSize > maxBlockSize {
+		return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
+	}
+	if debugDecoder {
+		println("decode: ", br.remain(), "bits remain on stream. code:", errCode)
+	}
+	err := br.close()
+	if err != nil {
+		printf("Closing sequences: %v, %+v\n", err, *br)
+	}
+	return err
+}
+
+// --------------------------------------------------------------------------------
+
+type executeAsmContext struct {
+	seqs        []seqVals
+	seqIndex    int
+	out         []byte
+	history     []byte
+	literals    []byte
+	outPosition int
+	litPosition int
+	windowSize  int
+}
+
+// sequenceDecs_executeSimple_amd64 implements the main loop of sequenceDecs.executeSimple in x86 asm.
+//
+// Returns false if a match offset is too big.
+//
+// Please refer to seqdec_generic.go for the reference implementation.
+//
+//go:noescape
+func sequenceDecs_executeSimple_amd64(ctx *executeAsmContext) bool
+
+// Same as above, but with safe memcopies
+//
+//go:noescape
+func sequenceDecs_executeSimple_safe_amd64(ctx *executeAsmContext) bool
+
+// executeSimple handles cases when dictionary is not used.
+func (s *sequenceDecs) executeSimple(seqs []seqVals, hist []byte) error {
+	// Ensure we have enough output size...
+	if len(s.out)+s.seqSize+compressedBlockOverAlloc > cap(s.out) {
+		addBytes := s.seqSize + len(s.out) + compressedBlockOverAlloc
+		s.out = append(s.out, make([]byte, addBytes)...)
+		s.out = s.out[:len(s.out)-addBytes]
+	}
+
+	if debugDecoder {
+		printf("Execute %d seqs with literals: %d into %d bytes\n", len(seqs), len(s.literals), s.seqSize)
+	}
+
+	var t = len(s.out)
+	out := s.out[:t+s.seqSize]
+
+	ctx := executeAsmContext{
+		seqs:        seqs,
+		seqIndex:    0,
+		out:         out,
+		history:     hist,
+		outPosition: t,
+		litPosition: 0,
+		literals:    s.literals,
+		windowSize:  s.windowSize,
+	}
+	var ok bool
+	if cap(s.literals) < len(s.literals)+compressedBlockOverAlloc {
+		ok = sequenceDecs_executeSimple_safe_amd64(&ctx)
+	} else {
+		ok = sequenceDecs_executeSimple_amd64(&ctx)
+	}
+	if !ok {
+		return fmt.Errorf("match offset (%d) bigger than current history (%d)",
+			seqs[ctx.seqIndex].mo, ctx.outPosition+len(hist))
+	}
+	s.literals = s.literals[ctx.litPosition:]
+	t = ctx.outPosition
+
+	// Add final literals
+	copy(out[t:], s.literals)
+	if debugDecoder {
+		t += len(s.literals)
+		if t != len(out) {
+			panic(fmt.Errorf("length mismatch, want %d, got %d, ss: %d", len(out), t, s.seqSize))
+		}
+	}
+	s.out = out
+
+	return nil
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s b/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s
new file mode 100644
index 000000000..f5591fa1e
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s
@@ -0,0 +1,4151 @@
+// Code generated by command: go run gen.go -out ../seqdec_amd64.s -pkg=zstd. DO NOT EDIT.
+
+//go:build !appengine && !noasm && gc && !noasm
+
+// func sequenceDecs_decode_amd64(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
+// Requires: CMOV
+TEXT ·sequenceDecs_decode_amd64(SB), $8-32
+	MOVQ    br+8(FP), CX
+	MOVQ    24(CX), DX
+	MOVBQZX 32(CX), BX
+	MOVQ    (CX), AX
+	MOVQ    8(CX), SI
+	ADDQ    SI, AX
+	MOVQ    AX, (SP)
+	MOVQ    ctx+16(FP), AX
+	MOVQ    72(AX), DI
+	MOVQ    80(AX), R8
+	MOVQ    88(AX), R9
+	MOVQ    104(AX), R10
+	MOVQ    s+0(FP), AX
+	MOVQ    144(AX), R11
+	MOVQ    152(AX), R12
+	MOVQ    160(AX), R13
+
+sequenceDecs_decode_amd64_main_loop:
+	MOVQ (SP), R14
+
+	// Fill bitreader to have enough for the offset and match length.
+	CMPQ SI, $0x08
+	JL   sequenceDecs_decode_amd64_fill_byte_by_byte
+	MOVQ BX, AX
+	SHRQ $0x03, AX
+	SUBQ AX, R14
+	MOVQ (R14), DX
+	SUBQ AX, SI
+	ANDQ $0x07, BX
+	JMP  sequenceDecs_decode_amd64_fill_end
+
+sequenceDecs_decode_amd64_fill_byte_by_byte:
+	CMPQ    SI, $0x00
+	JLE     sequenceDecs_decode_amd64_fill_check_overread
+	CMPQ    BX, $0x07
+	JLE     sequenceDecs_decode_amd64_fill_end
+	SHLQ    $0x08, DX
+	SUBQ    $0x01, R14
+	SUBQ    $0x01, SI
+	SUBQ    $0x08, BX
+	MOVBQZX (R14), AX
+	ORQ     AX, DX
+	JMP     sequenceDecs_decode_amd64_fill_byte_by_byte
+
+sequenceDecs_decode_amd64_fill_check_overread:
+	CMPQ BX, $0x40
+	JA   error_overread
+
+sequenceDecs_decode_amd64_fill_end:
+	// Update offset
+	MOVQ  R9, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R15
+	SHLQ  CL, R15
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decode_amd64_of_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decode_amd64_of_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decode_amd64_of_update_zero
+	NEGQ  CX
+	SHRQ  CL, R15
+	ADDQ  R15, AX
+
+sequenceDecs_decode_amd64_of_update_zero:
+	MOVQ AX, 16(R10)
+
+	// Update match length
+	MOVQ  R8, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R15
+	SHLQ  CL, R15
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decode_amd64_ml_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decode_amd64_ml_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decode_amd64_ml_update_zero
+	NEGQ  CX
+	SHRQ  CL, R15
+	ADDQ  R15, AX
+
+sequenceDecs_decode_amd64_ml_update_zero:
+	MOVQ AX, 8(R10)
+
+	// Fill bitreader to have enough for the remaining
+	CMPQ SI, $0x08
+	JL   sequenceDecs_decode_amd64_fill_2_byte_by_byte
+	MOVQ BX, AX
+	SHRQ $0x03, AX
+	SUBQ AX, R14
+	MOVQ (R14), DX
+	SUBQ AX, SI
+	ANDQ $0x07, BX
+	JMP  sequenceDecs_decode_amd64_fill_2_end
+
+sequenceDecs_decode_amd64_fill_2_byte_by_byte:
+	CMPQ    SI, $0x00
+	JLE     sequenceDecs_decode_amd64_fill_2_check_overread
+	CMPQ    BX, $0x07
+	JLE     sequenceDecs_decode_amd64_fill_2_end
+	SHLQ    $0x08, DX
+	SUBQ    $0x01, R14
+	SUBQ    $0x01, SI
+	SUBQ    $0x08, BX
+	MOVBQZX (R14), AX
+	ORQ     AX, DX
+	JMP     sequenceDecs_decode_amd64_fill_2_byte_by_byte
+
+sequenceDecs_decode_amd64_fill_2_check_overread:
+	CMPQ BX, $0x40
+	JA   error_overread
+
+sequenceDecs_decode_amd64_fill_2_end:
+	// Update literal length
+	MOVQ  DI, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R15
+	SHLQ  CL, R15
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decode_amd64_ll_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decode_amd64_ll_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decode_amd64_ll_update_zero
+	NEGQ  CX
+	SHRQ  CL, R15
+	ADDQ  R15, AX
+
+sequenceDecs_decode_amd64_ll_update_zero:
+	MOVQ AX, (R10)
+
+	// Fill bitreader for state updates
+	MOVQ    R14, (SP)
+	MOVQ    R9, AX
+	SHRQ    $0x08, AX
+	MOVBQZX AL, AX
+	MOVQ    ctx+16(FP), CX
+	CMPQ    96(CX), $0x00
+	JZ      sequenceDecs_decode_amd64_skip_update
+
+	// Update Literal Length State
+	MOVBQZX DI, R14
+	SHRL    $0x10, DI
+	LEAQ    (BX)(R14*1), CX
+	MOVQ    DX, R15
+	MOVQ    CX, BX
+	ROLQ    CL, R15
+	MOVL    $0x00000001, BP
+	MOVB    R14, CL
+	SHLL    CL, BP
+	DECL    BP
+	ANDQ    BP, R15
+	ADDQ    R15, DI
+
+	// Load ctx.llTable
+	MOVQ ctx+16(FP), CX
+	MOVQ (CX), CX
+	MOVQ (CX)(DI*8), DI
+
+	// Update Match Length State
+	MOVBQZX R8, R14
+	SHRL    $0x10, R8
+	LEAQ    (BX)(R14*1), CX
+	MOVQ    DX, R15
+	MOVQ    CX, BX
+	ROLQ    CL, R15
+	MOVL    $0x00000001, BP
+	MOVB    R14, CL
+	SHLL    CL, BP
+	DECL    BP
+	ANDQ    BP, R15
+	ADDQ    R15, R8
+
+	// Load ctx.mlTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 24(CX), CX
+	MOVQ (CX)(R8*8), R8
+
+	// Update Offset State
+	MOVBQZX R9, R14
+	SHRL    $0x10, R9
+	LEAQ    (BX)(R14*1), CX
+	MOVQ    DX, R15
+	MOVQ    CX, BX
+	ROLQ    CL, R15
+	MOVL    $0x00000001, BP
+	MOVB    R14, CL
+	SHLL    CL, BP
+	DECL    BP
+	ANDQ    BP, R15
+	ADDQ    R15, R9
+
+	// Load ctx.ofTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 48(CX), CX
+	MOVQ (CX)(R9*8), R9
+
+sequenceDecs_decode_amd64_skip_update:
+	// Adjust offset
+	MOVQ 16(R10), CX
+	CMPQ AX, $0x01
+	JBE  sequenceDecs_decode_amd64_adjust_offsetB_1_or_0
+	MOVQ R12, R13
+	MOVQ R11, R12
+	MOVQ CX, R11
+	JMP  sequenceDecs_decode_amd64_after_adjust
+
+sequenceDecs_decode_amd64_adjust_offsetB_1_or_0:
+	CMPQ (R10), $0x00000000
+	JNE  sequenceDecs_decode_amd64_adjust_offset_maybezero
+	INCQ CX
+	JMP  sequenceDecs_decode_amd64_adjust_offset_nonzero
+
+sequenceDecs_decode_amd64_adjust_offset_maybezero:
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decode_amd64_adjust_offset_nonzero
+	MOVQ  R11, CX
+	JMP   sequenceDecs_decode_amd64_after_adjust
+
+sequenceDecs_decode_amd64_adjust_offset_nonzero:
+	CMPQ CX, $0x01
+	JB   sequenceDecs_decode_amd64_adjust_zero
+	JEQ  sequenceDecs_decode_amd64_adjust_one
+	CMPQ CX, $0x02
+	JA   sequenceDecs_decode_amd64_adjust_three
+	JMP  sequenceDecs_decode_amd64_adjust_two
+
+sequenceDecs_decode_amd64_adjust_zero:
+	MOVQ R11, AX
+	JMP  sequenceDecs_decode_amd64_adjust_test_temp_valid
+
+sequenceDecs_decode_amd64_adjust_one:
+	MOVQ R12, AX
+	JMP  sequenceDecs_decode_amd64_adjust_test_temp_valid
+
+sequenceDecs_decode_amd64_adjust_two:
+	MOVQ R13, AX
+	JMP  sequenceDecs_decode_amd64_adjust_test_temp_valid
+
+sequenceDecs_decode_amd64_adjust_three:
+	LEAQ -1(R11), AX
+
+sequenceDecs_decode_amd64_adjust_test_temp_valid:
+	TESTQ AX, AX
+	JNZ   sequenceDecs_decode_amd64_adjust_temp_valid
+	MOVQ  $0x00000001, AX
+
+sequenceDecs_decode_amd64_adjust_temp_valid:
+	CMPQ    CX, $0x01
+	CMOVQNE R12, R13
+	MOVQ    R11, R12
+	MOVQ    AX, R11
+	MOVQ    AX, CX
+
+sequenceDecs_decode_amd64_after_adjust:
+	MOVQ CX, 16(R10)
+
+	// Check values
+	MOVQ  8(R10), AX
+	MOVQ  (R10), R14
+	LEAQ  (AX)(R14*1), R15
+	MOVQ  s+0(FP), BP
+	ADDQ  R15, 256(BP)
+	MOVQ  ctx+16(FP), R15
+	SUBQ  R14, 128(R15)
+	JS    error_not_enough_literals
+	CMPQ  AX, $0x00020002
+	JA    sequenceDecs_decode_amd64_error_match_len_too_big
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decode_amd64_match_len_ofs_ok
+	TESTQ AX, AX
+	JNZ   sequenceDecs_decode_amd64_error_match_len_ofs_mismatch
+
+sequenceDecs_decode_amd64_match_len_ofs_ok:
+	ADDQ $0x18, R10
+	MOVQ ctx+16(FP), AX
+	DECQ 96(AX)
+	JNS  sequenceDecs_decode_amd64_main_loop
+	MOVQ s+0(FP), AX
+	MOVQ R11, 144(AX)
+	MOVQ R12, 152(AX)
+	MOVQ R13, 160(AX)
+	MOVQ br+8(FP), AX
+	MOVQ DX, 24(AX)
+	MOVB BL, 32(AX)
+	MOVQ SI, 8(AX)
+
+	// Return success
+	MOVQ $0x00000000, ret+24(FP)
+	RET
+
+	// Return with match length error
+sequenceDecs_decode_amd64_error_match_len_ofs_mismatch:
+	MOVQ $0x00000001, ret+24(FP)
+	RET
+
+	// Return with match too long error
+sequenceDecs_decode_amd64_error_match_len_too_big:
+	MOVQ $0x00000002, ret+24(FP)
+	RET
+
+	// Return with match offset too long error
+	MOVQ $0x00000003, ret+24(FP)
+	RET
+
+	// Return with not enough literals error
+error_not_enough_literals:
+	MOVQ $0x00000004, ret+24(FP)
+	RET
+
+	// Return with overread error
+error_overread:
+	MOVQ $0x00000006, ret+24(FP)
+	RET
+
+// func sequenceDecs_decode_56_amd64(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
+// Requires: CMOV
+TEXT ·sequenceDecs_decode_56_amd64(SB), $8-32
+	MOVQ    br+8(FP), CX
+	MOVQ    24(CX), DX
+	MOVBQZX 32(CX), BX
+	MOVQ    (CX), AX
+	MOVQ    8(CX), SI
+	ADDQ    SI, AX
+	MOVQ    AX, (SP)
+	MOVQ    ctx+16(FP), AX
+	MOVQ    72(AX), DI
+	MOVQ    80(AX), R8
+	MOVQ    88(AX), R9
+	MOVQ    104(AX), R10
+	MOVQ    s+0(FP), AX
+	MOVQ    144(AX), R11
+	MOVQ    152(AX), R12
+	MOVQ    160(AX), R13
+
+sequenceDecs_decode_56_amd64_main_loop:
+	MOVQ (SP), R14
+
+	// Fill bitreader to have enough for the offset and match length.
+	CMPQ SI, $0x08
+	JL   sequenceDecs_decode_56_amd64_fill_byte_by_byte
+	MOVQ BX, AX
+	SHRQ $0x03, AX
+	SUBQ AX, R14
+	MOVQ (R14), DX
+	SUBQ AX, SI
+	ANDQ $0x07, BX
+	JMP  sequenceDecs_decode_56_amd64_fill_end
+
+sequenceDecs_decode_56_amd64_fill_byte_by_byte:
+	CMPQ    SI, $0x00
+	JLE     sequenceDecs_decode_56_amd64_fill_check_overread
+	CMPQ    BX, $0x07
+	JLE     sequenceDecs_decode_56_amd64_fill_end
+	SHLQ    $0x08, DX
+	SUBQ    $0x01, R14
+	SUBQ    $0x01, SI
+	SUBQ    $0x08, BX
+	MOVBQZX (R14), AX
+	ORQ     AX, DX
+	JMP     sequenceDecs_decode_56_amd64_fill_byte_by_byte
+
+sequenceDecs_decode_56_amd64_fill_check_overread:
+	CMPQ BX, $0x40
+	JA   error_overread
+
+sequenceDecs_decode_56_amd64_fill_end:
+	// Update offset
+	MOVQ  R9, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R15
+	SHLQ  CL, R15
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decode_56_amd64_of_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decode_56_amd64_of_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decode_56_amd64_of_update_zero
+	NEGQ  CX
+	SHRQ  CL, R15
+	ADDQ  R15, AX
+
+sequenceDecs_decode_56_amd64_of_update_zero:
+	MOVQ AX, 16(R10)
+
+	// Update match length
+	MOVQ  R8, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R15
+	SHLQ  CL, R15
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decode_56_amd64_ml_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decode_56_amd64_ml_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decode_56_amd64_ml_update_zero
+	NEGQ  CX
+	SHRQ  CL, R15
+	ADDQ  R15, AX
+
+sequenceDecs_decode_56_amd64_ml_update_zero:
+	MOVQ AX, 8(R10)
+
+	// Update literal length
+	MOVQ  DI, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R15
+	SHLQ  CL, R15
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decode_56_amd64_ll_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decode_56_amd64_ll_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decode_56_amd64_ll_update_zero
+	NEGQ  CX
+	SHRQ  CL, R15
+	ADDQ  R15, AX
+
+sequenceDecs_decode_56_amd64_ll_update_zero:
+	MOVQ AX, (R10)
+
+	// Fill bitreader for state updates
+	MOVQ    R14, (SP)
+	MOVQ    R9, AX
+	SHRQ    $0x08, AX
+	MOVBQZX AL, AX
+	MOVQ    ctx+16(FP), CX
+	CMPQ    96(CX), $0x00
+	JZ      sequenceDecs_decode_56_amd64_skip_update
+
+	// Update Literal Length State
+	MOVBQZX DI, R14
+	SHRL    $0x10, DI
+	LEAQ    (BX)(R14*1), CX
+	MOVQ    DX, R15
+	MOVQ    CX, BX
+	ROLQ    CL, R15
+	MOVL    $0x00000001, BP
+	MOVB    R14, CL
+	SHLL    CL, BP
+	DECL    BP
+	ANDQ    BP, R15
+	ADDQ    R15, DI
+
+	// Load ctx.llTable
+	MOVQ ctx+16(FP), CX
+	MOVQ (CX), CX
+	MOVQ (CX)(DI*8), DI
+
+	// Update Match Length State
+	MOVBQZX R8, R14
+	SHRL    $0x10, R8
+	LEAQ    (BX)(R14*1), CX
+	MOVQ    DX, R15
+	MOVQ    CX, BX
+	ROLQ    CL, R15
+	MOVL    $0x00000001, BP
+	MOVB    R14, CL
+	SHLL    CL, BP
+	DECL    BP
+	ANDQ    BP, R15
+	ADDQ    R15, R8
+
+	// Load ctx.mlTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 24(CX), CX
+	MOVQ (CX)(R8*8), R8
+
+	// Update Offset State
+	MOVBQZX R9, R14
+	SHRL    $0x10, R9
+	LEAQ    (BX)(R14*1), CX
+	MOVQ    DX, R15
+	MOVQ    CX, BX
+	ROLQ    CL, R15
+	MOVL    $0x00000001, BP
+	MOVB    R14, CL
+	SHLL    CL, BP
+	DECL    BP
+	ANDQ    BP, R15
+	ADDQ    R15, R9
+
+	// Load ctx.ofTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 48(CX), CX
+	MOVQ (CX)(R9*8), R9
+
+sequenceDecs_decode_56_amd64_skip_update:
+	// Adjust offset
+	MOVQ 16(R10), CX
+	CMPQ AX, $0x01
+	JBE  sequenceDecs_decode_56_amd64_adjust_offsetB_1_or_0
+	MOVQ R12, R13
+	MOVQ R11, R12
+	MOVQ CX, R11
+	JMP  sequenceDecs_decode_56_amd64_after_adjust
+
+sequenceDecs_decode_56_amd64_adjust_offsetB_1_or_0:
+	CMPQ (R10), $0x00000000
+	JNE  sequenceDecs_decode_56_amd64_adjust_offset_maybezero
+	INCQ CX
+	JMP  sequenceDecs_decode_56_amd64_adjust_offset_nonzero
+
+sequenceDecs_decode_56_amd64_adjust_offset_maybezero:
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decode_56_amd64_adjust_offset_nonzero
+	MOVQ  R11, CX
+	JMP   sequenceDecs_decode_56_amd64_after_adjust
+
+sequenceDecs_decode_56_amd64_adjust_offset_nonzero:
+	CMPQ CX, $0x01
+	JB   sequenceDecs_decode_56_amd64_adjust_zero
+	JEQ  sequenceDecs_decode_56_amd64_adjust_one
+	CMPQ CX, $0x02
+	JA   sequenceDecs_decode_56_amd64_adjust_three
+	JMP  sequenceDecs_decode_56_amd64_adjust_two
+
+sequenceDecs_decode_56_amd64_adjust_zero:
+	MOVQ R11, AX
+	JMP  sequenceDecs_decode_56_amd64_adjust_test_temp_valid
+
+sequenceDecs_decode_56_amd64_adjust_one:
+	MOVQ R12, AX
+	JMP  sequenceDecs_decode_56_amd64_adjust_test_temp_valid
+
+sequenceDecs_decode_56_amd64_adjust_two:
+	MOVQ R13, AX
+	JMP  sequenceDecs_decode_56_amd64_adjust_test_temp_valid
+
+sequenceDecs_decode_56_amd64_adjust_three:
+	LEAQ -1(R11), AX
+
+sequenceDecs_decode_56_amd64_adjust_test_temp_valid:
+	TESTQ AX, AX
+	JNZ   sequenceDecs_decode_56_amd64_adjust_temp_valid
+	MOVQ  $0x00000001, AX
+
+sequenceDecs_decode_56_amd64_adjust_temp_valid:
+	CMPQ    CX, $0x01
+	CMOVQNE R12, R13
+	MOVQ    R11, R12
+	MOVQ    AX, R11
+	MOVQ    AX, CX
+
+sequenceDecs_decode_56_amd64_after_adjust:
+	MOVQ CX, 16(R10)
+
+	// Check values
+	MOVQ  8(R10), AX
+	MOVQ  (R10), R14
+	LEAQ  (AX)(R14*1), R15
+	MOVQ  s+0(FP), BP
+	ADDQ  R15, 256(BP)
+	MOVQ  ctx+16(FP), R15
+	SUBQ  R14, 128(R15)
+	JS    error_not_enough_literals
+	CMPQ  AX, $0x00020002
+	JA    sequenceDecs_decode_56_amd64_error_match_len_too_big
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decode_56_amd64_match_len_ofs_ok
+	TESTQ AX, AX
+	JNZ   sequenceDecs_decode_56_amd64_error_match_len_ofs_mismatch
+
+sequenceDecs_decode_56_amd64_match_len_ofs_ok:
+	ADDQ $0x18, R10
+	MOVQ ctx+16(FP), AX
+	DECQ 96(AX)
+	JNS  sequenceDecs_decode_56_amd64_main_loop
+	MOVQ s+0(FP), AX
+	MOVQ R11, 144(AX)
+	MOVQ R12, 152(AX)
+	MOVQ R13, 160(AX)
+	MOVQ br+8(FP), AX
+	MOVQ DX, 24(AX)
+	MOVB BL, 32(AX)
+	MOVQ SI, 8(AX)
+
+	// Return success
+	MOVQ $0x00000000, ret+24(FP)
+	RET
+
+	// Return with match length error
+sequenceDecs_decode_56_amd64_error_match_len_ofs_mismatch:
+	MOVQ $0x00000001, ret+24(FP)
+	RET
+
+	// Return with match too long error
+sequenceDecs_decode_56_amd64_error_match_len_too_big:
+	MOVQ $0x00000002, ret+24(FP)
+	RET
+
+	// Return with match offset too long error
+	MOVQ $0x00000003, ret+24(FP)
+	RET
+
+	// Return with not enough literals error
+error_not_enough_literals:
+	MOVQ $0x00000004, ret+24(FP)
+	RET
+
+	// Return with overread error
+error_overread:
+	MOVQ $0x00000006, ret+24(FP)
+	RET
+
+// func sequenceDecs_decode_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
+// Requires: BMI, BMI2, CMOV
+TEXT ·sequenceDecs_decode_bmi2(SB), $8-32
+	MOVQ    br+8(FP), BX
+	MOVQ    24(BX), AX
+	MOVBQZX 32(BX), DX
+	MOVQ    (BX), CX
+	MOVQ    8(BX), BX
+	ADDQ    BX, CX
+	MOVQ    CX, (SP)
+	MOVQ    ctx+16(FP), CX
+	MOVQ    72(CX), SI
+	MOVQ    80(CX), DI
+	MOVQ    88(CX), R8
+	MOVQ    104(CX), R9
+	MOVQ    s+0(FP), CX
+	MOVQ    144(CX), R10
+	MOVQ    152(CX), R11
+	MOVQ    160(CX), R12
+
+sequenceDecs_decode_bmi2_main_loop:
+	MOVQ (SP), R13
+
+	// Fill bitreader to have enough for the offset and match length.
+	CMPQ BX, $0x08
+	JL   sequenceDecs_decode_bmi2_fill_byte_by_byte
+	MOVQ DX, CX
+	SHRQ $0x03, CX
+	SUBQ CX, R13
+	MOVQ (R13), AX
+	SUBQ CX, BX
+	ANDQ $0x07, DX
+	JMP  sequenceDecs_decode_bmi2_fill_end
+
+sequenceDecs_decode_bmi2_fill_byte_by_byte:
+	CMPQ    BX, $0x00
+	JLE     sequenceDecs_decode_bmi2_fill_check_overread
+	CMPQ    DX, $0x07
+	JLE     sequenceDecs_decode_bmi2_fill_end
+	SHLQ    $0x08, AX
+	SUBQ    $0x01, R13
+	SUBQ    $0x01, BX
+	SUBQ    $0x08, DX
+	MOVBQZX (R13), CX
+	ORQ     CX, AX
+	JMP     sequenceDecs_decode_bmi2_fill_byte_by_byte
+
+sequenceDecs_decode_bmi2_fill_check_overread:
+	CMPQ DX, $0x40
+	JA   error_overread
+
+sequenceDecs_decode_bmi2_fill_end:
+	// Update offset
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, R8, R14
+	MOVQ   AX, R15
+	LEAQ   (DX)(R14*1), CX
+	ROLQ   CL, R15
+	BZHIQ  R14, R15, R15
+	MOVQ   CX, DX
+	MOVQ   R8, CX
+	SHRQ   $0x20, CX
+	ADDQ   R15, CX
+	MOVQ   CX, 16(R9)
+
+	// Update match length
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, DI, R14
+	MOVQ   AX, R15
+	LEAQ   (DX)(R14*1), CX
+	ROLQ   CL, R15
+	BZHIQ  R14, R15, R15
+	MOVQ   CX, DX
+	MOVQ   DI, CX
+	SHRQ   $0x20, CX
+	ADDQ   R15, CX
+	MOVQ   CX, 8(R9)
+
+	// Fill bitreader to have enough for the remaining
+	CMPQ BX, $0x08
+	JL   sequenceDecs_decode_bmi2_fill_2_byte_by_byte
+	MOVQ DX, CX
+	SHRQ $0x03, CX
+	SUBQ CX, R13
+	MOVQ (R13), AX
+	SUBQ CX, BX
+	ANDQ $0x07, DX
+	JMP  sequenceDecs_decode_bmi2_fill_2_end
+
+sequenceDecs_decode_bmi2_fill_2_byte_by_byte:
+	CMPQ    BX, $0x00
+	JLE     sequenceDecs_decode_bmi2_fill_2_check_overread
+	CMPQ    DX, $0x07
+	JLE     sequenceDecs_decode_bmi2_fill_2_end
+	SHLQ    $0x08, AX
+	SUBQ    $0x01, R13
+	SUBQ    $0x01, BX
+	SUBQ    $0x08, DX
+	MOVBQZX (R13), CX
+	ORQ     CX, AX
+	JMP     sequenceDecs_decode_bmi2_fill_2_byte_by_byte
+
+sequenceDecs_decode_bmi2_fill_2_check_overread:
+	CMPQ DX, $0x40
+	JA   error_overread
+
+sequenceDecs_decode_bmi2_fill_2_end:
+	// Update literal length
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, SI, R14
+	MOVQ   AX, R15
+	LEAQ   (DX)(R14*1), CX
+	ROLQ   CL, R15
+	BZHIQ  R14, R15, R15
+	MOVQ   CX, DX
+	MOVQ   SI, CX
+	SHRQ   $0x20, CX
+	ADDQ   R15, CX
+	MOVQ   CX, (R9)
+
+	// Fill bitreader for state updates
+	MOVQ    R13, (SP)
+	MOVQ    $0x00000808, CX
+	BEXTRQ  CX, R8, R13
+	MOVQ    ctx+16(FP), CX
+	CMPQ    96(CX), $0x00
+	JZ      sequenceDecs_decode_bmi2_skip_update
+	LEAQ    (SI)(DI*1), R14
+	ADDQ    R8, R14
+	MOVBQZX R14, R14
+	LEAQ    (DX)(R14*1), CX
+	MOVQ    AX, R15
+	MOVQ    CX, DX
+	ROLQ    CL, R15
+	BZHIQ   R14, R15, R15
+
+	// Update Offset State
+	BZHIQ R8, R15, CX
+	SHRXQ R8, R15, R15
+	SHRL  $0x10, R8
+	ADDQ  CX, R8
+
+	// Load ctx.ofTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 48(CX), CX
+	MOVQ (CX)(R8*8), R8
+
+	// Update Match Length State
+	BZHIQ DI, R15, CX
+	SHRXQ DI, R15, R15
+	SHRL  $0x10, DI
+	ADDQ  CX, DI
+
+	// Load ctx.mlTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 24(CX), CX
+	MOVQ (CX)(DI*8), DI
+
+	// Update Literal Length State
+	BZHIQ SI, R15, CX
+	SHRL  $0x10, SI
+	ADDQ  CX, SI
+
+	// Load ctx.llTable
+	MOVQ ctx+16(FP), CX
+	MOVQ (CX), CX
+	MOVQ (CX)(SI*8), SI
+
+sequenceDecs_decode_bmi2_skip_update:
+	// Adjust offset
+	MOVQ 16(R9), CX
+	CMPQ R13, $0x01
+	JBE  sequenceDecs_decode_bmi2_adjust_offsetB_1_or_0
+	MOVQ R11, R12
+	MOVQ R10, R11
+	MOVQ CX, R10
+	JMP  sequenceDecs_decode_bmi2_after_adjust
+
+sequenceDecs_decode_bmi2_adjust_offsetB_1_or_0:
+	CMPQ (R9), $0x00000000
+	JNE  sequenceDecs_decode_bmi2_adjust_offset_maybezero
+	INCQ CX
+	JMP  sequenceDecs_decode_bmi2_adjust_offset_nonzero
+
+sequenceDecs_decode_bmi2_adjust_offset_maybezero:
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decode_bmi2_adjust_offset_nonzero
+	MOVQ  R10, CX
+	JMP   sequenceDecs_decode_bmi2_after_adjust
+
+sequenceDecs_decode_bmi2_adjust_offset_nonzero:
+	CMPQ CX, $0x01
+	JB   sequenceDecs_decode_bmi2_adjust_zero
+	JEQ  sequenceDecs_decode_bmi2_adjust_one
+	CMPQ CX, $0x02
+	JA   sequenceDecs_decode_bmi2_adjust_three
+	JMP  sequenceDecs_decode_bmi2_adjust_two
+
+sequenceDecs_decode_bmi2_adjust_zero:
+	MOVQ R10, R13
+	JMP  sequenceDecs_decode_bmi2_adjust_test_temp_valid
+
+sequenceDecs_decode_bmi2_adjust_one:
+	MOVQ R11, R13
+	JMP  sequenceDecs_decode_bmi2_adjust_test_temp_valid
+
+sequenceDecs_decode_bmi2_adjust_two:
+	MOVQ R12, R13
+	JMP  sequenceDecs_decode_bmi2_adjust_test_temp_valid
+
+sequenceDecs_decode_bmi2_adjust_three:
+	LEAQ -1(R10), R13
+
+sequenceDecs_decode_bmi2_adjust_test_temp_valid:
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decode_bmi2_adjust_temp_valid
+	MOVQ  $0x00000001, R13
+
+sequenceDecs_decode_bmi2_adjust_temp_valid:
+	CMPQ    CX, $0x01
+	CMOVQNE R11, R12
+	MOVQ    R10, R11
+	MOVQ    R13, R10
+	MOVQ    R13, CX
+
+sequenceDecs_decode_bmi2_after_adjust:
+	MOVQ CX, 16(R9)
+
+	// Check values
+	MOVQ  8(R9), R13
+	MOVQ  (R9), R14
+	LEAQ  (R13)(R14*1), R15
+	MOVQ  s+0(FP), BP
+	ADDQ  R15, 256(BP)
+	MOVQ  ctx+16(FP), R15
+	SUBQ  R14, 128(R15)
+	JS    error_not_enough_literals
+	CMPQ  R13, $0x00020002
+	JA    sequenceDecs_decode_bmi2_error_match_len_too_big
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decode_bmi2_match_len_ofs_ok
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decode_bmi2_error_match_len_ofs_mismatch
+
+sequenceDecs_decode_bmi2_match_len_ofs_ok:
+	ADDQ $0x18, R9
+	MOVQ ctx+16(FP), CX
+	DECQ 96(CX)
+	JNS  sequenceDecs_decode_bmi2_main_loop
+	MOVQ s+0(FP), CX
+	MOVQ R10, 144(CX)
+	MOVQ R11, 152(CX)
+	MOVQ R12, 160(CX)
+	MOVQ br+8(FP), CX
+	MOVQ AX, 24(CX)
+	MOVB DL, 32(CX)
+	MOVQ BX, 8(CX)
+
+	// Return success
+	MOVQ $0x00000000, ret+24(FP)
+	RET
+
+	// Return with match length error
+sequenceDecs_decode_bmi2_error_match_len_ofs_mismatch:
+	MOVQ $0x00000001, ret+24(FP)
+	RET
+
+	// Return with match too long error
+sequenceDecs_decode_bmi2_error_match_len_too_big:
+	MOVQ $0x00000002, ret+24(FP)
+	RET
+
+	// Return with match offset too long error
+	MOVQ $0x00000003, ret+24(FP)
+	RET
+
+	// Return with not enough literals error
+error_not_enough_literals:
+	MOVQ $0x00000004, ret+24(FP)
+	RET
+
+	// Return with overread error
+error_overread:
+	MOVQ $0x00000006, ret+24(FP)
+	RET
+
+// func sequenceDecs_decode_56_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
+// Requires: BMI, BMI2, CMOV
+TEXT ·sequenceDecs_decode_56_bmi2(SB), $8-32
+	MOVQ    br+8(FP), BX
+	MOVQ    24(BX), AX
+	MOVBQZX 32(BX), DX
+	MOVQ    (BX), CX
+	MOVQ    8(BX), BX
+	ADDQ    BX, CX
+	MOVQ    CX, (SP)
+	MOVQ    ctx+16(FP), CX
+	MOVQ    72(CX), SI
+	MOVQ    80(CX), DI
+	MOVQ    88(CX), R8
+	MOVQ    104(CX), R9
+	MOVQ    s+0(FP), CX
+	MOVQ    144(CX), R10
+	MOVQ    152(CX), R11
+	MOVQ    160(CX), R12
+
+sequenceDecs_decode_56_bmi2_main_loop:
+	MOVQ (SP), R13
+
+	// Fill bitreader to have enough for the offset and match length.
+	CMPQ BX, $0x08
+	JL   sequenceDecs_decode_56_bmi2_fill_byte_by_byte
+	MOVQ DX, CX
+	SHRQ $0x03, CX
+	SUBQ CX, R13
+	MOVQ (R13), AX
+	SUBQ CX, BX
+	ANDQ $0x07, DX
+	JMP  sequenceDecs_decode_56_bmi2_fill_end
+
+sequenceDecs_decode_56_bmi2_fill_byte_by_byte:
+	CMPQ    BX, $0x00
+	JLE     sequenceDecs_decode_56_bmi2_fill_check_overread
+	CMPQ    DX, $0x07
+	JLE     sequenceDecs_decode_56_bmi2_fill_end
+	SHLQ    $0x08, AX
+	SUBQ    $0x01, R13
+	SUBQ    $0x01, BX
+	SUBQ    $0x08, DX
+	MOVBQZX (R13), CX
+	ORQ     CX, AX
+	JMP     sequenceDecs_decode_56_bmi2_fill_byte_by_byte
+
+sequenceDecs_decode_56_bmi2_fill_check_overread:
+	CMPQ DX, $0x40
+	JA   error_overread
+
+sequenceDecs_decode_56_bmi2_fill_end:
+	// Update offset
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, R8, R14
+	MOVQ   AX, R15
+	LEAQ   (DX)(R14*1), CX
+	ROLQ   CL, R15
+	BZHIQ  R14, R15, R15
+	MOVQ   CX, DX
+	MOVQ   R8, CX
+	SHRQ   $0x20, CX
+	ADDQ   R15, CX
+	MOVQ   CX, 16(R9)
+
+	// Update match length
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, DI, R14
+	MOVQ   AX, R15
+	LEAQ   (DX)(R14*1), CX
+	ROLQ   CL, R15
+	BZHIQ  R14, R15, R15
+	MOVQ   CX, DX
+	MOVQ   DI, CX
+	SHRQ   $0x20, CX
+	ADDQ   R15, CX
+	MOVQ   CX, 8(R9)
+
+	// Update literal length
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, SI, R14
+	MOVQ   AX, R15
+	LEAQ   (DX)(R14*1), CX
+	ROLQ   CL, R15
+	BZHIQ  R14, R15, R15
+	MOVQ   CX, DX
+	MOVQ   SI, CX
+	SHRQ   $0x20, CX
+	ADDQ   R15, CX
+	MOVQ   CX, (R9)
+
+	// Fill bitreader for state updates
+	MOVQ    R13, (SP)
+	MOVQ    $0x00000808, CX
+	BEXTRQ  CX, R8, R13
+	MOVQ    ctx+16(FP), CX
+	CMPQ    96(CX), $0x00
+	JZ      sequenceDecs_decode_56_bmi2_skip_update
+	LEAQ    (SI)(DI*1), R14
+	ADDQ    R8, R14
+	MOVBQZX R14, R14
+	LEAQ    (DX)(R14*1), CX
+	MOVQ    AX, R15
+	MOVQ    CX, DX
+	ROLQ    CL, R15
+	BZHIQ   R14, R15, R15
+
+	// Update Offset State
+	BZHIQ R8, R15, CX
+	SHRXQ R8, R15, R15
+	SHRL  $0x10, R8
+	ADDQ  CX, R8
+
+	// Load ctx.ofTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 48(CX), CX
+	MOVQ (CX)(R8*8), R8
+
+	// Update Match Length State
+	BZHIQ DI, R15, CX
+	SHRXQ DI, R15, R15
+	SHRL  $0x10, DI
+	ADDQ  CX, DI
+
+	// Load ctx.mlTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 24(CX), CX
+	MOVQ (CX)(DI*8), DI
+
+	// Update Literal Length State
+	BZHIQ SI, R15, CX
+	SHRL  $0x10, SI
+	ADDQ  CX, SI
+
+	// Load ctx.llTable
+	MOVQ ctx+16(FP), CX
+	MOVQ (CX), CX
+	MOVQ (CX)(SI*8), SI
+
+sequenceDecs_decode_56_bmi2_skip_update:
+	// Adjust offset
+	MOVQ 16(R9), CX
+	CMPQ R13, $0x01
+	JBE  sequenceDecs_decode_56_bmi2_adjust_offsetB_1_or_0
+	MOVQ R11, R12
+	MOVQ R10, R11
+	MOVQ CX, R10
+	JMP  sequenceDecs_decode_56_bmi2_after_adjust
+
+sequenceDecs_decode_56_bmi2_adjust_offsetB_1_or_0:
+	CMPQ (R9), $0x00000000
+	JNE  sequenceDecs_decode_56_bmi2_adjust_offset_maybezero
+	INCQ CX
+	JMP  sequenceDecs_decode_56_bmi2_adjust_offset_nonzero
+
+sequenceDecs_decode_56_bmi2_adjust_offset_maybezero:
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decode_56_bmi2_adjust_offset_nonzero
+	MOVQ  R10, CX
+	JMP   sequenceDecs_decode_56_bmi2_after_adjust
+
+sequenceDecs_decode_56_bmi2_adjust_offset_nonzero:
+	CMPQ CX, $0x01
+	JB   sequenceDecs_decode_56_bmi2_adjust_zero
+	JEQ  sequenceDecs_decode_56_bmi2_adjust_one
+	CMPQ CX, $0x02
+	JA   sequenceDecs_decode_56_bmi2_adjust_three
+	JMP  sequenceDecs_decode_56_bmi2_adjust_two
+
+sequenceDecs_decode_56_bmi2_adjust_zero:
+	MOVQ R10, R13
+	JMP  sequenceDecs_decode_56_bmi2_adjust_test_temp_valid
+
+sequenceDecs_decode_56_bmi2_adjust_one:
+	MOVQ R11, R13
+	JMP  sequenceDecs_decode_56_bmi2_adjust_test_temp_valid
+
+sequenceDecs_decode_56_bmi2_adjust_two:
+	MOVQ R12, R13
+	JMP  sequenceDecs_decode_56_bmi2_adjust_test_temp_valid
+
+sequenceDecs_decode_56_bmi2_adjust_three:
+	LEAQ -1(R10), R13
+
+sequenceDecs_decode_56_bmi2_adjust_test_temp_valid:
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decode_56_bmi2_adjust_temp_valid
+	MOVQ  $0x00000001, R13
+
+sequenceDecs_decode_56_bmi2_adjust_temp_valid:
+	CMPQ    CX, $0x01
+	CMOVQNE R11, R12
+	MOVQ    R10, R11
+	MOVQ    R13, R10
+	MOVQ    R13, CX
+
+sequenceDecs_decode_56_bmi2_after_adjust:
+	MOVQ CX, 16(R9)
+
+	// Check values
+	MOVQ  8(R9), R13
+	MOVQ  (R9), R14
+	LEAQ  (R13)(R14*1), R15
+	MOVQ  s+0(FP), BP
+	ADDQ  R15, 256(BP)
+	MOVQ  ctx+16(FP), R15
+	SUBQ  R14, 128(R15)
+	JS    error_not_enough_literals
+	CMPQ  R13, $0x00020002
+	JA    sequenceDecs_decode_56_bmi2_error_match_len_too_big
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decode_56_bmi2_match_len_ofs_ok
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decode_56_bmi2_error_match_len_ofs_mismatch
+
+sequenceDecs_decode_56_bmi2_match_len_ofs_ok:
+	ADDQ $0x18, R9
+	MOVQ ctx+16(FP), CX
+	DECQ 96(CX)
+	JNS  sequenceDecs_decode_56_bmi2_main_loop
+	MOVQ s+0(FP), CX
+	MOVQ R10, 144(CX)
+	MOVQ R11, 152(CX)
+	MOVQ R12, 160(CX)
+	MOVQ br+8(FP), CX
+	MOVQ AX, 24(CX)
+	MOVB DL, 32(CX)
+	MOVQ BX, 8(CX)
+
+	// Return success
+	MOVQ $0x00000000, ret+24(FP)
+	RET
+
+	// Return with match length error
+sequenceDecs_decode_56_bmi2_error_match_len_ofs_mismatch:
+	MOVQ $0x00000001, ret+24(FP)
+	RET
+
+	// Return with match too long error
+sequenceDecs_decode_56_bmi2_error_match_len_too_big:
+	MOVQ $0x00000002, ret+24(FP)
+	RET
+
+	// Return with match offset too long error
+	MOVQ $0x00000003, ret+24(FP)
+	RET
+
+	// Return with not enough literals error
+error_not_enough_literals:
+	MOVQ $0x00000004, ret+24(FP)
+	RET
+
+	// Return with overread error
+error_overread:
+	MOVQ $0x00000006, ret+24(FP)
+	RET
+
+// func sequenceDecs_executeSimple_amd64(ctx *executeAsmContext) bool
+// Requires: SSE
+TEXT ·sequenceDecs_executeSimple_amd64(SB), $8-9
+	MOVQ  ctx+0(FP), R10
+	MOVQ  8(R10), CX
+	TESTQ CX, CX
+	JZ    empty_seqs
+	MOVQ  (R10), AX
+	MOVQ  24(R10), DX
+	MOVQ  32(R10), BX
+	MOVQ  80(R10), SI
+	MOVQ  104(R10), DI
+	MOVQ  120(R10), R8
+	MOVQ  56(R10), R9
+	MOVQ  64(R10), R10
+	ADDQ  R10, R9
+
+	// seqsBase += 24 * seqIndex
+	LEAQ (DX)(DX*2), R11
+	SHLQ $0x03, R11
+	ADDQ R11, AX
+
+	// outBase += outPosition
+	ADDQ DI, BX
+
+main_loop:
+	MOVQ (AX), R11
+	MOVQ 16(AX), R12
+	MOVQ 8(AX), R13
+
+	// Copy literals
+	TESTQ R11, R11
+	JZ    check_offset
+	XORQ  R14, R14
+
+copy_1:
+	MOVUPS (SI)(R14*1), X0
+	MOVUPS X0, (BX)(R14*1)
+	ADDQ   $0x10, R14
+	CMPQ   R14, R11
+	JB     copy_1
+	ADDQ   R11, SI
+	ADDQ   R11, BX
+	ADDQ   R11, DI
+
+	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
+check_offset:
+	LEAQ (DI)(R10*1), R11
+	CMPQ R12, R11
+	JG   error_match_off_too_big
+	CMPQ R12, R8
+	JG   error_match_off_too_big
+
+	// Copy match from history
+	MOVQ R12, R11
+	SUBQ DI, R11
+	JLS  copy_match
+	MOVQ R9, R14
+	SUBQ R11, R14
+	CMPQ R13, R11
+	JG   copy_all_from_history
+	MOVQ R13, R11
+	SUBQ $0x10, R11
+	JB   copy_4_small
+
+copy_4_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (BX)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, BX
+	SUBQ   $0x10, R11
+	JAE    copy_4_loop
+	LEAQ   16(R14)(R11*1), R14
+	LEAQ   16(BX)(R11*1), BX
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(BX)
+	JMP    copy_4_end
+
+copy_4_small:
+	CMPQ R13, $0x03
+	JE   copy_4_move_3
+	CMPQ R13, $0x08
+	JB   copy_4_move_4through7
+	JMP  copy_4_move_8through16
+
+copy_4_move_3:
+	MOVW (R14), R11
+	MOVB 2(R14), R12
+	MOVW R11, (BX)
+	MOVB R12, 2(BX)
+	ADDQ R13, R14
+	ADDQ R13, BX
+	JMP  copy_4_end
+
+copy_4_move_4through7:
+	MOVL (R14), R11
+	MOVL -4(R14)(R13*1), R12
+	MOVL R11, (BX)
+	MOVL R12, -4(BX)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, BX
+	JMP  copy_4_end
+
+copy_4_move_8through16:
+	MOVQ (R14), R11
+	MOVQ -8(R14)(R13*1), R12
+	MOVQ R11, (BX)
+	MOVQ R12, -8(BX)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, BX
+
+copy_4_end:
+	ADDQ R13, DI
+	ADDQ $0x18, AX
+	INCQ DX
+	CMPQ DX, CX
+	JB   main_loop
+	JMP  loop_finished
+
+copy_all_from_history:
+	MOVQ R11, R15
+	SUBQ $0x10, R15
+	JB   copy_5_small
+
+copy_5_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (BX)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, BX
+	SUBQ   $0x10, R15
+	JAE    copy_5_loop
+	LEAQ   16(R14)(R15*1), R14
+	LEAQ   16(BX)(R15*1), BX
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(BX)
+	JMP    copy_5_end
+
+copy_5_small:
+	CMPQ R11, $0x03
+	JE   copy_5_move_3
+	JB   copy_5_move_1or2
+	CMPQ R11, $0x08
+	JB   copy_5_move_4through7
+	JMP  copy_5_move_8through16
+
+copy_5_move_1or2:
+	MOVB (R14), R15
+	MOVB -1(R14)(R11*1), BP
+	MOVB R15, (BX)
+	MOVB BP, -1(BX)(R11*1)
+	ADDQ R11, R14
+	ADDQ R11, BX
+	JMP  copy_5_end
+
+copy_5_move_3:
+	MOVW (R14), R15
+	MOVB 2(R14), BP
+	MOVW R15, (BX)
+	MOVB BP, 2(BX)
+	ADDQ R11, R14
+	ADDQ R11, BX
+	JMP  copy_5_end
+
+copy_5_move_4through7:
+	MOVL (R14), R15
+	MOVL -4(R14)(R11*1), BP
+	MOVL R15, (BX)
+	MOVL BP, -4(BX)(R11*1)
+	ADDQ R11, R14
+	ADDQ R11, BX
+	JMP  copy_5_end
+
+copy_5_move_8through16:
+	MOVQ (R14), R15
+	MOVQ -8(R14)(R11*1), BP
+	MOVQ R15, (BX)
+	MOVQ BP, -8(BX)(R11*1)
+	ADDQ R11, R14
+	ADDQ R11, BX
+
+copy_5_end:
+	ADDQ R11, DI
+	SUBQ R11, R13
+
+	// Copy match from the current buffer
+copy_match:
+	MOVQ BX, R11
+	SUBQ R12, R11
+
+	// ml <= mo
+	CMPQ R13, R12
+	JA   copy_overlapping_match
+
+	// Copy non-overlapping match
+	ADDQ R13, DI
+	MOVQ BX, R12
+	ADDQ R13, BX
+
+copy_2:
+	MOVUPS (R11), X0
+	MOVUPS X0, (R12)
+	ADDQ   $0x10, R11
+	ADDQ   $0x10, R12
+	SUBQ   $0x10, R13
+	JHI    copy_2
+	JMP    handle_loop
+
+	// Copy overlapping match
+copy_overlapping_match:
+	ADDQ R13, DI
+
+copy_slow_3:
+	MOVB (R11), R12
+	MOVB R12, (BX)
+	INCQ R11
+	INCQ BX
+	DECQ R13
+	JNZ  copy_slow_3
+
+handle_loop:
+	ADDQ $0x18, AX
+	INCQ DX
+	CMPQ DX, CX
+	JB   main_loop
+
+loop_finished:
+	// Return value
+	MOVB $0x01, ret+8(FP)
+
+	// Update the context
+	MOVQ ctx+0(FP), AX
+	MOVQ DX, 24(AX)
+	MOVQ DI, 104(AX)
+	SUBQ 80(AX), SI
+	MOVQ SI, 112(AX)
+	RET
+
+error_match_off_too_big:
+	// Return value
+	MOVB $0x00, ret+8(FP)
+
+	// Update the context
+	MOVQ ctx+0(FP), AX
+	MOVQ DX, 24(AX)
+	MOVQ DI, 104(AX)
+	SUBQ 80(AX), SI
+	MOVQ SI, 112(AX)
+	RET
+
+empty_seqs:
+	// Return value
+	MOVB $0x01, ret+8(FP)
+	RET
+
+// func sequenceDecs_executeSimple_safe_amd64(ctx *executeAsmContext) bool
+// Requires: SSE
+TEXT ·sequenceDecs_executeSimple_safe_amd64(SB), $8-9
+	MOVQ  ctx+0(FP), R10
+	MOVQ  8(R10), CX
+	TESTQ CX, CX
+	JZ    empty_seqs
+	MOVQ  (R10), AX
+	MOVQ  24(R10), DX
+	MOVQ  32(R10), BX
+	MOVQ  80(R10), SI
+	MOVQ  104(R10), DI
+	MOVQ  120(R10), R8
+	MOVQ  56(R10), R9
+	MOVQ  64(R10), R10
+	ADDQ  R10, R9
+
+	// seqsBase += 24 * seqIndex
+	LEAQ (DX)(DX*2), R11
+	SHLQ $0x03, R11
+	ADDQ R11, AX
+
+	// outBase += outPosition
+	ADDQ DI, BX
+
+main_loop:
+	MOVQ (AX), R11
+	MOVQ 16(AX), R12
+	MOVQ 8(AX), R13
+
+	// Copy literals
+	TESTQ R11, R11
+	JZ    check_offset
+	MOVQ  R11, R14
+	SUBQ  $0x10, R14
+	JB    copy_1_small
+
+copy_1_loop:
+	MOVUPS (SI), X0
+	MOVUPS X0, (BX)
+	ADDQ   $0x10, SI
+	ADDQ   $0x10, BX
+	SUBQ   $0x10, R14
+	JAE    copy_1_loop
+	LEAQ   16(SI)(R14*1), SI
+	LEAQ   16(BX)(R14*1), BX
+	MOVUPS -16(SI), X0
+	MOVUPS X0, -16(BX)
+	JMP    copy_1_end
+
+copy_1_small:
+	CMPQ R11, $0x03
+	JE   copy_1_move_3
+	JB   copy_1_move_1or2
+	CMPQ R11, $0x08
+	JB   copy_1_move_4through7
+	JMP  copy_1_move_8through16
+
+copy_1_move_1or2:
+	MOVB (SI), R14
+	MOVB -1(SI)(R11*1), R15
+	MOVB R14, (BX)
+	MOVB R15, -1(BX)(R11*1)
+	ADDQ R11, SI
+	ADDQ R11, BX
+	JMP  copy_1_end
+
+copy_1_move_3:
+	MOVW (SI), R14
+	MOVB 2(SI), R15
+	MOVW R14, (BX)
+	MOVB R15, 2(BX)
+	ADDQ R11, SI
+	ADDQ R11, BX
+	JMP  copy_1_end
+
+copy_1_move_4through7:
+	MOVL (SI), R14
+	MOVL -4(SI)(R11*1), R15
+	MOVL R14, (BX)
+	MOVL R15, -4(BX)(R11*1)
+	ADDQ R11, SI
+	ADDQ R11, BX
+	JMP  copy_1_end
+
+copy_1_move_8through16:
+	MOVQ (SI), R14
+	MOVQ -8(SI)(R11*1), R15
+	MOVQ R14, (BX)
+	MOVQ R15, -8(BX)(R11*1)
+	ADDQ R11, SI
+	ADDQ R11, BX
+
+copy_1_end:
+	ADDQ R11, DI
+
+	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
+check_offset:
+	LEAQ (DI)(R10*1), R11
+	CMPQ R12, R11
+	JG   error_match_off_too_big
+	CMPQ R12, R8
+	JG   error_match_off_too_big
+
+	// Copy match from history
+	MOVQ R12, R11
+	SUBQ DI, R11
+	JLS  copy_match
+	MOVQ R9, R14
+	SUBQ R11, R14
+	CMPQ R13, R11
+	JG   copy_all_from_history
+	MOVQ R13, R11
+	SUBQ $0x10, R11
+	JB   copy_4_small
+
+copy_4_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (BX)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, BX
+	SUBQ   $0x10, R11
+	JAE    copy_4_loop
+	LEAQ   16(R14)(R11*1), R14
+	LEAQ   16(BX)(R11*1), BX
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(BX)
+	JMP    copy_4_end
+
+copy_4_small:
+	CMPQ R13, $0x03
+	JE   copy_4_move_3
+	CMPQ R13, $0x08
+	JB   copy_4_move_4through7
+	JMP  copy_4_move_8through16
+
+copy_4_move_3:
+	MOVW (R14), R11
+	MOVB 2(R14), R12
+	MOVW R11, (BX)
+	MOVB R12, 2(BX)
+	ADDQ R13, R14
+	ADDQ R13, BX
+	JMP  copy_4_end
+
+copy_4_move_4through7:
+	MOVL (R14), R11
+	MOVL -4(R14)(R13*1), R12
+	MOVL R11, (BX)
+	MOVL R12, -4(BX)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, BX
+	JMP  copy_4_end
+
+copy_4_move_8through16:
+	MOVQ (R14), R11
+	MOVQ -8(R14)(R13*1), R12
+	MOVQ R11, (BX)
+	MOVQ R12, -8(BX)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, BX
+
+copy_4_end:
+	ADDQ R13, DI
+	ADDQ $0x18, AX
+	INCQ DX
+	CMPQ DX, CX
+	JB   main_loop
+	JMP  loop_finished
+
+copy_all_from_history:
+	MOVQ R11, R15
+	SUBQ $0x10, R15
+	JB   copy_5_small
+
+copy_5_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (BX)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, BX
+	SUBQ   $0x10, R15
+	JAE    copy_5_loop
+	LEAQ   16(R14)(R15*1), R14
+	LEAQ   16(BX)(R15*1), BX
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(BX)
+	JMP    copy_5_end
+
+copy_5_small:
+	CMPQ R11, $0x03
+	JE   copy_5_move_3
+	JB   copy_5_move_1or2
+	CMPQ R11, $0x08
+	JB   copy_5_move_4through7
+	JMP  copy_5_move_8through16
+
+copy_5_move_1or2:
+	MOVB (R14), R15
+	MOVB -1(R14)(R11*1), BP
+	MOVB R15, (BX)
+	MOVB BP, -1(BX)(R11*1)
+	ADDQ R11, R14
+	ADDQ R11, BX
+	JMP  copy_5_end
+
+copy_5_move_3:
+	MOVW (R14), R15
+	MOVB 2(R14), BP
+	MOVW R15, (BX)
+	MOVB BP, 2(BX)
+	ADDQ R11, R14
+	ADDQ R11, BX
+	JMP  copy_5_end
+
+copy_5_move_4through7:
+	MOVL (R14), R15
+	MOVL -4(R14)(R11*1), BP
+	MOVL R15, (BX)
+	MOVL BP, -4(BX)(R11*1)
+	ADDQ R11, R14
+	ADDQ R11, BX
+	JMP  copy_5_end
+
+copy_5_move_8through16:
+	MOVQ (R14), R15
+	MOVQ -8(R14)(R11*1), BP
+	MOVQ R15, (BX)
+	MOVQ BP, -8(BX)(R11*1)
+	ADDQ R11, R14
+	ADDQ R11, BX
+
+copy_5_end:
+	ADDQ R11, DI
+	SUBQ R11, R13
+
+	// Copy match from the current buffer
+copy_match:
+	MOVQ BX, R11
+	SUBQ R12, R11
+
+	// ml <= mo
+	CMPQ R13, R12
+	JA   copy_overlapping_match
+
+	// Copy non-overlapping match
+	ADDQ R13, DI
+	MOVQ R13, R12
+	SUBQ $0x10, R12
+	JB   copy_2_small
+
+copy_2_loop:
+	MOVUPS (R11), X0
+	MOVUPS X0, (BX)
+	ADDQ   $0x10, R11
+	ADDQ   $0x10, BX
+	SUBQ   $0x10, R12
+	JAE    copy_2_loop
+	LEAQ   16(R11)(R12*1), R11
+	LEAQ   16(BX)(R12*1), BX
+	MOVUPS -16(R11), X0
+	MOVUPS X0, -16(BX)
+	JMP    copy_2_end
+
+copy_2_small:
+	CMPQ R13, $0x03
+	JE   copy_2_move_3
+	JB   copy_2_move_1or2
+	CMPQ R13, $0x08
+	JB   copy_2_move_4through7
+	JMP  copy_2_move_8through16
+
+copy_2_move_1or2:
+	MOVB (R11), R12
+	MOVB -1(R11)(R13*1), R14
+	MOVB R12, (BX)
+	MOVB R14, -1(BX)(R13*1)
+	ADDQ R13, R11
+	ADDQ R13, BX
+	JMP  copy_2_end
+
+copy_2_move_3:
+	MOVW (R11), R12
+	MOVB 2(R11), R14
+	MOVW R12, (BX)
+	MOVB R14, 2(BX)
+	ADDQ R13, R11
+	ADDQ R13, BX
+	JMP  copy_2_end
+
+copy_2_move_4through7:
+	MOVL (R11), R12
+	MOVL -4(R11)(R13*1), R14
+	MOVL R12, (BX)
+	MOVL R14, -4(BX)(R13*1)
+	ADDQ R13, R11
+	ADDQ R13, BX
+	JMP  copy_2_end
+
+copy_2_move_8through16:
+	MOVQ (R11), R12
+	MOVQ -8(R11)(R13*1), R14
+	MOVQ R12, (BX)
+	MOVQ R14, -8(BX)(R13*1)
+	ADDQ R13, R11
+	ADDQ R13, BX
+
+copy_2_end:
+	JMP handle_loop
+
+	// Copy overlapping match
+copy_overlapping_match:
+	ADDQ R13, DI
+
+copy_slow_3:
+	MOVB (R11), R12
+	MOVB R12, (BX)
+	INCQ R11
+	INCQ BX
+	DECQ R13
+	JNZ  copy_slow_3
+
+handle_loop:
+	ADDQ $0x18, AX
+	INCQ DX
+	CMPQ DX, CX
+	JB   main_loop
+
+loop_finished:
+	// Return value
+	MOVB $0x01, ret+8(FP)
+
+	// Update the context
+	MOVQ ctx+0(FP), AX
+	MOVQ DX, 24(AX)
+	MOVQ DI, 104(AX)
+	SUBQ 80(AX), SI
+	MOVQ SI, 112(AX)
+	RET
+
+error_match_off_too_big:
+	// Return value
+	MOVB $0x00, ret+8(FP)
+
+	// Update the context
+	MOVQ ctx+0(FP), AX
+	MOVQ DX, 24(AX)
+	MOVQ DI, 104(AX)
+	SUBQ 80(AX), SI
+	MOVQ SI, 112(AX)
+	RET
+
+empty_seqs:
+	// Return value
+	MOVB $0x01, ret+8(FP)
+	RET
+
+// func sequenceDecs_decodeSync_amd64(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
+// Requires: CMOV, SSE
+TEXT ·sequenceDecs_decodeSync_amd64(SB), $64-32
+	MOVQ    br+8(FP), CX
+	MOVQ    24(CX), DX
+	MOVBQZX 32(CX), BX
+	MOVQ    (CX), AX
+	MOVQ    8(CX), SI
+	ADDQ    SI, AX
+	MOVQ    AX, (SP)
+	MOVQ    ctx+16(FP), AX
+	MOVQ    72(AX), DI
+	MOVQ    80(AX), R8
+	MOVQ    88(AX), R9
+	XORQ    CX, CX
+	MOVQ    CX, 8(SP)
+	MOVQ    CX, 16(SP)
+	MOVQ    CX, 24(SP)
+	MOVQ    112(AX), R10
+	MOVQ    128(AX), CX
+	MOVQ    CX, 32(SP)
+	MOVQ    144(AX), R11
+	MOVQ    136(AX), R12
+	MOVQ    200(AX), CX
+	MOVQ    CX, 56(SP)
+	MOVQ    176(AX), CX
+	MOVQ    CX, 48(SP)
+	MOVQ    184(AX), AX
+	MOVQ    AX, 40(SP)
+	MOVQ    40(SP), AX
+	ADDQ    AX, 48(SP)
+
+	// Calculate pointer to s.out[cap(s.out)] (a past-end pointer)
+	ADDQ R10, 32(SP)
+
+	// outBase += outPosition
+	ADDQ R12, R10
+
+sequenceDecs_decodeSync_amd64_main_loop:
+	MOVQ (SP), R13
+
+	// Fill bitreader to have enough for the offset and match length.
+	CMPQ SI, $0x08
+	JL   sequenceDecs_decodeSync_amd64_fill_byte_by_byte
+	MOVQ BX, AX
+	SHRQ $0x03, AX
+	SUBQ AX, R13
+	MOVQ (R13), DX
+	SUBQ AX, SI
+	ANDQ $0x07, BX
+	JMP  sequenceDecs_decodeSync_amd64_fill_end
+
+sequenceDecs_decodeSync_amd64_fill_byte_by_byte:
+	CMPQ    SI, $0x00
+	JLE     sequenceDecs_decodeSync_amd64_fill_check_overread
+	CMPQ    BX, $0x07
+	JLE     sequenceDecs_decodeSync_amd64_fill_end
+	SHLQ    $0x08, DX
+	SUBQ    $0x01, R13
+	SUBQ    $0x01, SI
+	SUBQ    $0x08, BX
+	MOVBQZX (R13), AX
+	ORQ     AX, DX
+	JMP     sequenceDecs_decodeSync_amd64_fill_byte_by_byte
+
+sequenceDecs_decodeSync_amd64_fill_check_overread:
+	CMPQ BX, $0x40
+	JA   error_overread
+
+sequenceDecs_decodeSync_amd64_fill_end:
+	// Update offset
+	MOVQ  R9, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R14
+	SHLQ  CL, R14
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decodeSync_amd64_of_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decodeSync_amd64_of_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decodeSync_amd64_of_update_zero
+	NEGQ  CX
+	SHRQ  CL, R14
+	ADDQ  R14, AX
+
+sequenceDecs_decodeSync_amd64_of_update_zero:
+	MOVQ AX, 8(SP)
+
+	// Update match length
+	MOVQ  R8, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R14
+	SHLQ  CL, R14
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decodeSync_amd64_ml_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decodeSync_amd64_ml_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decodeSync_amd64_ml_update_zero
+	NEGQ  CX
+	SHRQ  CL, R14
+	ADDQ  R14, AX
+
+sequenceDecs_decodeSync_amd64_ml_update_zero:
+	MOVQ AX, 16(SP)
+
+	// Fill bitreader to have enough for the remaining
+	CMPQ SI, $0x08
+	JL   sequenceDecs_decodeSync_amd64_fill_2_byte_by_byte
+	MOVQ BX, AX
+	SHRQ $0x03, AX
+	SUBQ AX, R13
+	MOVQ (R13), DX
+	SUBQ AX, SI
+	ANDQ $0x07, BX
+	JMP  sequenceDecs_decodeSync_amd64_fill_2_end
+
+sequenceDecs_decodeSync_amd64_fill_2_byte_by_byte:
+	CMPQ    SI, $0x00
+	JLE     sequenceDecs_decodeSync_amd64_fill_2_check_overread
+	CMPQ    BX, $0x07
+	JLE     sequenceDecs_decodeSync_amd64_fill_2_end
+	SHLQ    $0x08, DX
+	SUBQ    $0x01, R13
+	SUBQ    $0x01, SI
+	SUBQ    $0x08, BX
+	MOVBQZX (R13), AX
+	ORQ     AX, DX
+	JMP     sequenceDecs_decodeSync_amd64_fill_2_byte_by_byte
+
+sequenceDecs_decodeSync_amd64_fill_2_check_overread:
+	CMPQ BX, $0x40
+	JA   error_overread
+
+sequenceDecs_decodeSync_amd64_fill_2_end:
+	// Update literal length
+	MOVQ  DI, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R14
+	SHLQ  CL, R14
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decodeSync_amd64_ll_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decodeSync_amd64_ll_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decodeSync_amd64_ll_update_zero
+	NEGQ  CX
+	SHRQ  CL, R14
+	ADDQ  R14, AX
+
+sequenceDecs_decodeSync_amd64_ll_update_zero:
+	MOVQ AX, 24(SP)
+
+	// Fill bitreader for state updates
+	MOVQ    R13, (SP)
+	MOVQ    R9, AX
+	SHRQ    $0x08, AX
+	MOVBQZX AL, AX
+	MOVQ    ctx+16(FP), CX
+	CMPQ    96(CX), $0x00
+	JZ      sequenceDecs_decodeSync_amd64_skip_update
+
+	// Update Literal Length State
+	MOVBQZX DI, R13
+	SHRL    $0x10, DI
+	LEAQ    (BX)(R13*1), CX
+	MOVQ    DX, R14
+	MOVQ    CX, BX
+	ROLQ    CL, R14
+	MOVL    $0x00000001, R15
+	MOVB    R13, CL
+	SHLL    CL, R15
+	DECL    R15
+	ANDQ    R15, R14
+	ADDQ    R14, DI
+
+	// Load ctx.llTable
+	MOVQ ctx+16(FP), CX
+	MOVQ (CX), CX
+	MOVQ (CX)(DI*8), DI
+
+	// Update Match Length State
+	MOVBQZX R8, R13
+	SHRL    $0x10, R8
+	LEAQ    (BX)(R13*1), CX
+	MOVQ    DX, R14
+	MOVQ    CX, BX
+	ROLQ    CL, R14
+	MOVL    $0x00000001, R15
+	MOVB    R13, CL
+	SHLL    CL, R15
+	DECL    R15
+	ANDQ    R15, R14
+	ADDQ    R14, R8
+
+	// Load ctx.mlTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 24(CX), CX
+	MOVQ (CX)(R8*8), R8
+
+	// Update Offset State
+	MOVBQZX R9, R13
+	SHRL    $0x10, R9
+	LEAQ    (BX)(R13*1), CX
+	MOVQ    DX, R14
+	MOVQ    CX, BX
+	ROLQ    CL, R14
+	MOVL    $0x00000001, R15
+	MOVB    R13, CL
+	SHLL    CL, R15
+	DECL    R15
+	ANDQ    R15, R14
+	ADDQ    R14, R9
+
+	// Load ctx.ofTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 48(CX), CX
+	MOVQ (CX)(R9*8), R9
+
+sequenceDecs_decodeSync_amd64_skip_update:
+	// Adjust offset
+	MOVQ   s+0(FP), CX
+	MOVQ   8(SP), R13
+	CMPQ   AX, $0x01
+	JBE    sequenceDecs_decodeSync_amd64_adjust_offsetB_1_or_0
+	MOVUPS 144(CX), X0
+	MOVQ   R13, 144(CX)
+	MOVUPS X0, 152(CX)
+	JMP    sequenceDecs_decodeSync_amd64_after_adjust
+
+sequenceDecs_decodeSync_amd64_adjust_offsetB_1_or_0:
+	CMPQ 24(SP), $0x00000000
+	JNE  sequenceDecs_decodeSync_amd64_adjust_offset_maybezero
+	INCQ R13
+	JMP  sequenceDecs_decodeSync_amd64_adjust_offset_nonzero
+
+sequenceDecs_decodeSync_amd64_adjust_offset_maybezero:
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decodeSync_amd64_adjust_offset_nonzero
+	MOVQ  144(CX), R13
+	JMP   sequenceDecs_decodeSync_amd64_after_adjust
+
+sequenceDecs_decodeSync_amd64_adjust_offset_nonzero:
+	MOVQ    R13, AX
+	XORQ    R14, R14
+	MOVQ    $-1, R15
+	CMPQ    R13, $0x03
+	CMOVQEQ R14, AX
+	CMOVQEQ R15, R14
+	ADDQ    144(CX)(AX*8), R14
+	JNZ     sequenceDecs_decodeSync_amd64_adjust_temp_valid
+	MOVQ    $0x00000001, R14
+
+sequenceDecs_decodeSync_amd64_adjust_temp_valid:
+	CMPQ R13, $0x01
+	JZ   sequenceDecs_decodeSync_amd64_adjust_skip
+	MOVQ 152(CX), AX
+	MOVQ AX, 160(CX)
+
+sequenceDecs_decodeSync_amd64_adjust_skip:
+	MOVQ 144(CX), AX
+	MOVQ AX, 152(CX)
+	MOVQ R14, 144(CX)
+	MOVQ R14, R13
+
+sequenceDecs_decodeSync_amd64_after_adjust:
+	MOVQ R13, 8(SP)
+
+	// Check values
+	MOVQ  16(SP), AX
+	MOVQ  24(SP), CX
+	LEAQ  (AX)(CX*1), R14
+	MOVQ  s+0(FP), R15
+	ADDQ  R14, 256(R15)
+	MOVQ  ctx+16(FP), R14
+	SUBQ  CX, 104(R14)
+	JS    error_not_enough_literals
+	CMPQ  AX, $0x00020002
+	JA    sequenceDecs_decodeSync_amd64_error_match_len_too_big
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decodeSync_amd64_match_len_ofs_ok
+	TESTQ AX, AX
+	JNZ   sequenceDecs_decodeSync_amd64_error_match_len_ofs_mismatch
+
+sequenceDecs_decodeSync_amd64_match_len_ofs_ok:
+	MOVQ 24(SP), AX
+	MOVQ 8(SP), CX
+	MOVQ 16(SP), R13
+
+	// Check if we have enough space in s.out
+	LEAQ (AX)(R13*1), R14
+	ADDQ R10, R14
+	CMPQ R14, 32(SP)
+	JA   error_not_enough_space
+
+	// Copy literals
+	TESTQ AX, AX
+	JZ    check_offset
+	XORQ  R14, R14
+
+copy_1:
+	MOVUPS (R11)(R14*1), X0
+	MOVUPS X0, (R10)(R14*1)
+	ADDQ   $0x10, R14
+	CMPQ   R14, AX
+	JB     copy_1
+	ADDQ   AX, R11
+	ADDQ   AX, R10
+	ADDQ   AX, R12
+
+	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
+check_offset:
+	MOVQ R12, AX
+	ADDQ 40(SP), AX
+	CMPQ CX, AX
+	JG   error_match_off_too_big
+	CMPQ CX, 56(SP)
+	JG   error_match_off_too_big
+
+	// Copy match from history
+	MOVQ CX, AX
+	SUBQ R12, AX
+	JLS  copy_match
+	MOVQ 48(SP), R14
+	SUBQ AX, R14
+	CMPQ R13, AX
+	JG   copy_all_from_history
+	MOVQ R13, AX
+	SUBQ $0x10, AX
+	JB   copy_4_small
+
+copy_4_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (R10)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, R10
+	SUBQ   $0x10, AX
+	JAE    copy_4_loop
+	LEAQ   16(R14)(AX*1), R14
+	LEAQ   16(R10)(AX*1), R10
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(R10)
+	JMP    copy_4_end
+
+copy_4_small:
+	CMPQ R13, $0x03
+	JE   copy_4_move_3
+	CMPQ R13, $0x08
+	JB   copy_4_move_4through7
+	JMP  copy_4_move_8through16
+
+copy_4_move_3:
+	MOVW (R14), AX
+	MOVB 2(R14), CL
+	MOVW AX, (R10)
+	MOVB CL, 2(R10)
+	ADDQ R13, R14
+	ADDQ R13, R10
+	JMP  copy_4_end
+
+copy_4_move_4through7:
+	MOVL (R14), AX
+	MOVL -4(R14)(R13*1), CX
+	MOVL AX, (R10)
+	MOVL CX, -4(R10)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, R10
+	JMP  copy_4_end
+
+copy_4_move_8through16:
+	MOVQ (R14), AX
+	MOVQ -8(R14)(R13*1), CX
+	MOVQ AX, (R10)
+	MOVQ CX, -8(R10)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, R10
+
+copy_4_end:
+	ADDQ R13, R12
+	JMP  handle_loop
+	JMP loop_finished
+
+copy_all_from_history:
+	MOVQ AX, R15
+	SUBQ $0x10, R15
+	JB   copy_5_small
+
+copy_5_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (R10)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, R10
+	SUBQ   $0x10, R15
+	JAE    copy_5_loop
+	LEAQ   16(R14)(R15*1), R14
+	LEAQ   16(R10)(R15*1), R10
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(R10)
+	JMP    copy_5_end
+
+copy_5_small:
+	CMPQ AX, $0x03
+	JE   copy_5_move_3
+	JB   copy_5_move_1or2
+	CMPQ AX, $0x08
+	JB   copy_5_move_4through7
+	JMP  copy_5_move_8through16
+
+copy_5_move_1or2:
+	MOVB (R14), R15
+	MOVB -1(R14)(AX*1), BP
+	MOVB R15, (R10)
+	MOVB BP, -1(R10)(AX*1)
+	ADDQ AX, R14
+	ADDQ AX, R10
+	JMP  copy_5_end
+
+copy_5_move_3:
+	MOVW (R14), R15
+	MOVB 2(R14), BP
+	MOVW R15, (R10)
+	MOVB BP, 2(R10)
+	ADDQ AX, R14
+	ADDQ AX, R10
+	JMP  copy_5_end
+
+copy_5_move_4through7:
+	MOVL (R14), R15
+	MOVL -4(R14)(AX*1), BP
+	MOVL R15, (R10)
+	MOVL BP, -4(R10)(AX*1)
+	ADDQ AX, R14
+	ADDQ AX, R10
+	JMP  copy_5_end
+
+copy_5_move_8through16:
+	MOVQ (R14), R15
+	MOVQ -8(R14)(AX*1), BP
+	MOVQ R15, (R10)
+	MOVQ BP, -8(R10)(AX*1)
+	ADDQ AX, R14
+	ADDQ AX, R10
+
+copy_5_end:
+	ADDQ AX, R12
+	SUBQ AX, R13
+
+	// Copy match from the current buffer
+copy_match:
+	MOVQ R10, AX
+	SUBQ CX, AX
+
+	// ml <= mo
+	CMPQ R13, CX
+	JA   copy_overlapping_match
+
+	// Copy non-overlapping match
+	ADDQ R13, R12
+	MOVQ R10, CX
+	ADDQ R13, R10
+
+copy_2:
+	MOVUPS (AX), X0
+	MOVUPS X0, (CX)
+	ADDQ   $0x10, AX
+	ADDQ   $0x10, CX
+	SUBQ   $0x10, R13
+	JHI    copy_2
+	JMP    handle_loop
+
+	// Copy overlapping match
+copy_overlapping_match:
+	ADDQ R13, R12
+
+copy_slow_3:
+	MOVB (AX), CL
+	MOVB CL, (R10)
+	INCQ AX
+	INCQ R10
+	DECQ R13
+	JNZ  copy_slow_3
+
+handle_loop:
+	MOVQ ctx+16(FP), AX
+	DECQ 96(AX)
+	JNS  sequenceDecs_decodeSync_amd64_main_loop
+
+loop_finished:
+	MOVQ br+8(FP), AX
+	MOVQ DX, 24(AX)
+	MOVB BL, 32(AX)
+	MOVQ SI, 8(AX)
+
+	// Update the context
+	MOVQ ctx+16(FP), AX
+	MOVQ R12, 136(AX)
+	MOVQ 144(AX), CX
+	SUBQ CX, R11
+	MOVQ R11, 168(AX)
+
+	// Return success
+	MOVQ $0x00000000, ret+24(FP)
+	RET
+
+	// Return with match length error
+sequenceDecs_decodeSync_amd64_error_match_len_ofs_mismatch:
+	MOVQ 16(SP), AX
+	MOVQ ctx+16(FP), CX
+	MOVQ AX, 216(CX)
+	MOVQ $0x00000001, ret+24(FP)
+	RET
+
+	// Return with match too long error
+sequenceDecs_decodeSync_amd64_error_match_len_too_big:
+	MOVQ ctx+16(FP), AX
+	MOVQ 16(SP), CX
+	MOVQ CX, 216(AX)
+	MOVQ $0x00000002, ret+24(FP)
+	RET
+
+	// Return with match offset too long error
+error_match_off_too_big:
+	MOVQ ctx+16(FP), AX
+	MOVQ 8(SP), CX
+	MOVQ CX, 224(AX)
+	MOVQ R12, 136(AX)
+	MOVQ $0x00000003, ret+24(FP)
+	RET
+
+	// Return with not enough literals error
+error_not_enough_literals:
+	MOVQ ctx+16(FP), AX
+	MOVQ 24(SP), CX
+	MOVQ CX, 208(AX)
+	MOVQ $0x00000004, ret+24(FP)
+	RET
+
+	// Return with overread error
+error_overread:
+	MOVQ $0x00000006, ret+24(FP)
+	RET
+
+	// Return with not enough output space error
+error_not_enough_space:
+	MOVQ ctx+16(FP), AX
+	MOVQ 24(SP), CX
+	MOVQ CX, 208(AX)
+	MOVQ 16(SP), CX
+	MOVQ CX, 216(AX)
+	MOVQ R12, 136(AX)
+	MOVQ $0x00000005, ret+24(FP)
+	RET
+
+// func sequenceDecs_decodeSync_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
+// Requires: BMI, BMI2, CMOV, SSE
+TEXT ·sequenceDecs_decodeSync_bmi2(SB), $64-32
+	MOVQ    br+8(FP), BX
+	MOVQ    24(BX), AX
+	MOVBQZX 32(BX), DX
+	MOVQ    (BX), CX
+	MOVQ    8(BX), BX
+	ADDQ    BX, CX
+	MOVQ    CX, (SP)
+	MOVQ    ctx+16(FP), CX
+	MOVQ    72(CX), SI
+	MOVQ    80(CX), DI
+	MOVQ    88(CX), R8
+	XORQ    R9, R9
+	MOVQ    R9, 8(SP)
+	MOVQ    R9, 16(SP)
+	MOVQ    R9, 24(SP)
+	MOVQ    112(CX), R9
+	MOVQ    128(CX), R10
+	MOVQ    R10, 32(SP)
+	MOVQ    144(CX), R10
+	MOVQ    136(CX), R11
+	MOVQ    200(CX), R12
+	MOVQ    R12, 56(SP)
+	MOVQ    176(CX), R12
+	MOVQ    R12, 48(SP)
+	MOVQ    184(CX), CX
+	MOVQ    CX, 40(SP)
+	MOVQ    40(SP), CX
+	ADDQ    CX, 48(SP)
+
+	// Calculate pointer to s.out[cap(s.out)] (a past-end pointer)
+	ADDQ R9, 32(SP)
+
+	// outBase += outPosition
+	ADDQ R11, R9
+
+sequenceDecs_decodeSync_bmi2_main_loop:
+	MOVQ (SP), R12
+
+	// Fill bitreader to have enough for the offset and match length.
+	CMPQ BX, $0x08
+	JL   sequenceDecs_decodeSync_bmi2_fill_byte_by_byte
+	MOVQ DX, CX
+	SHRQ $0x03, CX
+	SUBQ CX, R12
+	MOVQ (R12), AX
+	SUBQ CX, BX
+	ANDQ $0x07, DX
+	JMP  sequenceDecs_decodeSync_bmi2_fill_end
+
+sequenceDecs_decodeSync_bmi2_fill_byte_by_byte:
+	CMPQ    BX, $0x00
+	JLE     sequenceDecs_decodeSync_bmi2_fill_check_overread
+	CMPQ    DX, $0x07
+	JLE     sequenceDecs_decodeSync_bmi2_fill_end
+	SHLQ    $0x08, AX
+	SUBQ    $0x01, R12
+	SUBQ    $0x01, BX
+	SUBQ    $0x08, DX
+	MOVBQZX (R12), CX
+	ORQ     CX, AX
+	JMP     sequenceDecs_decodeSync_bmi2_fill_byte_by_byte
+
+sequenceDecs_decodeSync_bmi2_fill_check_overread:
+	CMPQ DX, $0x40
+	JA   error_overread
+
+sequenceDecs_decodeSync_bmi2_fill_end:
+	// Update offset
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, R8, R13
+	MOVQ   AX, R14
+	LEAQ   (DX)(R13*1), CX
+	ROLQ   CL, R14
+	BZHIQ  R13, R14, R14
+	MOVQ   CX, DX
+	MOVQ   R8, CX
+	SHRQ   $0x20, CX
+	ADDQ   R14, CX
+	MOVQ   CX, 8(SP)
+
+	// Update match length
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, DI, R13
+	MOVQ   AX, R14
+	LEAQ   (DX)(R13*1), CX
+	ROLQ   CL, R14
+	BZHIQ  R13, R14, R14
+	MOVQ   CX, DX
+	MOVQ   DI, CX
+	SHRQ   $0x20, CX
+	ADDQ   R14, CX
+	MOVQ   CX, 16(SP)
+
+	// Fill bitreader to have enough for the remaining
+	CMPQ BX, $0x08
+	JL   sequenceDecs_decodeSync_bmi2_fill_2_byte_by_byte
+	MOVQ DX, CX
+	SHRQ $0x03, CX
+	SUBQ CX, R12
+	MOVQ (R12), AX
+	SUBQ CX, BX
+	ANDQ $0x07, DX
+	JMP  sequenceDecs_decodeSync_bmi2_fill_2_end
+
+sequenceDecs_decodeSync_bmi2_fill_2_byte_by_byte:
+	CMPQ    BX, $0x00
+	JLE     sequenceDecs_decodeSync_bmi2_fill_2_check_overread
+	CMPQ    DX, $0x07
+	JLE     sequenceDecs_decodeSync_bmi2_fill_2_end
+	SHLQ    $0x08, AX
+	SUBQ    $0x01, R12
+	SUBQ    $0x01, BX
+	SUBQ    $0x08, DX
+	MOVBQZX (R12), CX
+	ORQ     CX, AX
+	JMP     sequenceDecs_decodeSync_bmi2_fill_2_byte_by_byte
+
+sequenceDecs_decodeSync_bmi2_fill_2_check_overread:
+	CMPQ DX, $0x40
+	JA   error_overread
+
+sequenceDecs_decodeSync_bmi2_fill_2_end:
+	// Update literal length
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, SI, R13
+	MOVQ   AX, R14
+	LEAQ   (DX)(R13*1), CX
+	ROLQ   CL, R14
+	BZHIQ  R13, R14, R14
+	MOVQ   CX, DX
+	MOVQ   SI, CX
+	SHRQ   $0x20, CX
+	ADDQ   R14, CX
+	MOVQ   CX, 24(SP)
+
+	// Fill bitreader for state updates
+	MOVQ    R12, (SP)
+	MOVQ    $0x00000808, CX
+	BEXTRQ  CX, R8, R12
+	MOVQ    ctx+16(FP), CX
+	CMPQ    96(CX), $0x00
+	JZ      sequenceDecs_decodeSync_bmi2_skip_update
+	LEAQ    (SI)(DI*1), R13
+	ADDQ    R8, R13
+	MOVBQZX R13, R13
+	LEAQ    (DX)(R13*1), CX
+	MOVQ    AX, R14
+	MOVQ    CX, DX
+	ROLQ    CL, R14
+	BZHIQ   R13, R14, R14
+
+	// Update Offset State
+	BZHIQ R8, R14, CX
+	SHRXQ R8, R14, R14
+	SHRL  $0x10, R8
+	ADDQ  CX, R8
+
+	// Load ctx.ofTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 48(CX), CX
+	MOVQ (CX)(R8*8), R8
+
+	// Update Match Length State
+	BZHIQ DI, R14, CX
+	SHRXQ DI, R14, R14
+	SHRL  $0x10, DI
+	ADDQ  CX, DI
+
+	// Load ctx.mlTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 24(CX), CX
+	MOVQ (CX)(DI*8), DI
+
+	// Update Literal Length State
+	BZHIQ SI, R14, CX
+	SHRL  $0x10, SI
+	ADDQ  CX, SI
+
+	// Load ctx.llTable
+	MOVQ ctx+16(FP), CX
+	MOVQ (CX), CX
+	MOVQ (CX)(SI*8), SI
+
+sequenceDecs_decodeSync_bmi2_skip_update:
+	// Adjust offset
+	MOVQ   s+0(FP), CX
+	MOVQ   8(SP), R13
+	CMPQ   R12, $0x01
+	JBE    sequenceDecs_decodeSync_bmi2_adjust_offsetB_1_or_0
+	MOVUPS 144(CX), X0
+	MOVQ   R13, 144(CX)
+	MOVUPS X0, 152(CX)
+	JMP    sequenceDecs_decodeSync_bmi2_after_adjust
+
+sequenceDecs_decodeSync_bmi2_adjust_offsetB_1_or_0:
+	CMPQ 24(SP), $0x00000000
+	JNE  sequenceDecs_decodeSync_bmi2_adjust_offset_maybezero
+	INCQ R13
+	JMP  sequenceDecs_decodeSync_bmi2_adjust_offset_nonzero
+
+sequenceDecs_decodeSync_bmi2_adjust_offset_maybezero:
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decodeSync_bmi2_adjust_offset_nonzero
+	MOVQ  144(CX), R13
+	JMP   sequenceDecs_decodeSync_bmi2_after_adjust
+
+sequenceDecs_decodeSync_bmi2_adjust_offset_nonzero:
+	MOVQ    R13, R12
+	XORQ    R14, R14
+	MOVQ    $-1, R15
+	CMPQ    R13, $0x03
+	CMOVQEQ R14, R12
+	CMOVQEQ R15, R14
+	ADDQ    144(CX)(R12*8), R14
+	JNZ     sequenceDecs_decodeSync_bmi2_adjust_temp_valid
+	MOVQ    $0x00000001, R14
+
+sequenceDecs_decodeSync_bmi2_adjust_temp_valid:
+	CMPQ R13, $0x01
+	JZ   sequenceDecs_decodeSync_bmi2_adjust_skip
+	MOVQ 152(CX), R12
+	MOVQ R12, 160(CX)
+
+sequenceDecs_decodeSync_bmi2_adjust_skip:
+	MOVQ 144(CX), R12
+	MOVQ R12, 152(CX)
+	MOVQ R14, 144(CX)
+	MOVQ R14, R13
+
+sequenceDecs_decodeSync_bmi2_after_adjust:
+	MOVQ R13, 8(SP)
+
+	// Check values
+	MOVQ  16(SP), CX
+	MOVQ  24(SP), R12
+	LEAQ  (CX)(R12*1), R14
+	MOVQ  s+0(FP), R15
+	ADDQ  R14, 256(R15)
+	MOVQ  ctx+16(FP), R14
+	SUBQ  R12, 104(R14)
+	JS    error_not_enough_literals
+	CMPQ  CX, $0x00020002
+	JA    sequenceDecs_decodeSync_bmi2_error_match_len_too_big
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decodeSync_bmi2_match_len_ofs_ok
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decodeSync_bmi2_error_match_len_ofs_mismatch
+
+sequenceDecs_decodeSync_bmi2_match_len_ofs_ok:
+	MOVQ 24(SP), CX
+	MOVQ 8(SP), R12
+	MOVQ 16(SP), R13
+
+	// Check if we have enough space in s.out
+	LEAQ (CX)(R13*1), R14
+	ADDQ R9, R14
+	CMPQ R14, 32(SP)
+	JA   error_not_enough_space
+
+	// Copy literals
+	TESTQ CX, CX
+	JZ    check_offset
+	XORQ  R14, R14
+
+copy_1:
+	MOVUPS (R10)(R14*1), X0
+	MOVUPS X0, (R9)(R14*1)
+	ADDQ   $0x10, R14
+	CMPQ   R14, CX
+	JB     copy_1
+	ADDQ   CX, R10
+	ADDQ   CX, R9
+	ADDQ   CX, R11
+
+	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
+check_offset:
+	MOVQ R11, CX
+	ADDQ 40(SP), CX
+	CMPQ R12, CX
+	JG   error_match_off_too_big
+	CMPQ R12, 56(SP)
+	JG   error_match_off_too_big
+
+	// Copy match from history
+	MOVQ R12, CX
+	SUBQ R11, CX
+	JLS  copy_match
+	MOVQ 48(SP), R14
+	SUBQ CX, R14
+	CMPQ R13, CX
+	JG   copy_all_from_history
+	MOVQ R13, CX
+	SUBQ $0x10, CX
+	JB   copy_4_small
+
+copy_4_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (R9)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, R9
+	SUBQ   $0x10, CX
+	JAE    copy_4_loop
+	LEAQ   16(R14)(CX*1), R14
+	LEAQ   16(R9)(CX*1), R9
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(R9)
+	JMP    copy_4_end
+
+copy_4_small:
+	CMPQ R13, $0x03
+	JE   copy_4_move_3
+	CMPQ R13, $0x08
+	JB   copy_4_move_4through7
+	JMP  copy_4_move_8through16
+
+copy_4_move_3:
+	MOVW (R14), CX
+	MOVB 2(R14), R12
+	MOVW CX, (R9)
+	MOVB R12, 2(R9)
+	ADDQ R13, R14
+	ADDQ R13, R9
+	JMP  copy_4_end
+
+copy_4_move_4through7:
+	MOVL (R14), CX
+	MOVL -4(R14)(R13*1), R12
+	MOVL CX, (R9)
+	MOVL R12, -4(R9)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, R9
+	JMP  copy_4_end
+
+copy_4_move_8through16:
+	MOVQ (R14), CX
+	MOVQ -8(R14)(R13*1), R12
+	MOVQ CX, (R9)
+	MOVQ R12, -8(R9)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, R9
+
+copy_4_end:
+	ADDQ R13, R11
+	JMP  handle_loop
+	JMP loop_finished
+
+copy_all_from_history:
+	MOVQ CX, R15
+	SUBQ $0x10, R15
+	JB   copy_5_small
+
+copy_5_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (R9)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, R9
+	SUBQ   $0x10, R15
+	JAE    copy_5_loop
+	LEAQ   16(R14)(R15*1), R14
+	LEAQ   16(R9)(R15*1), R9
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(R9)
+	JMP    copy_5_end
+
+copy_5_small:
+	CMPQ CX, $0x03
+	JE   copy_5_move_3
+	JB   copy_5_move_1or2
+	CMPQ CX, $0x08
+	JB   copy_5_move_4through7
+	JMP  copy_5_move_8through16
+
+copy_5_move_1or2:
+	MOVB (R14), R15
+	MOVB -1(R14)(CX*1), BP
+	MOVB R15, (R9)
+	MOVB BP, -1(R9)(CX*1)
+	ADDQ CX, R14
+	ADDQ CX, R9
+	JMP  copy_5_end
+
+copy_5_move_3:
+	MOVW (R14), R15
+	MOVB 2(R14), BP
+	MOVW R15, (R9)
+	MOVB BP, 2(R9)
+	ADDQ CX, R14
+	ADDQ CX, R9
+	JMP  copy_5_end
+
+copy_5_move_4through7:
+	MOVL (R14), R15
+	MOVL -4(R14)(CX*1), BP
+	MOVL R15, (R9)
+	MOVL BP, -4(R9)(CX*1)
+	ADDQ CX, R14
+	ADDQ CX, R9
+	JMP  copy_5_end
+
+copy_5_move_8through16:
+	MOVQ (R14), R15
+	MOVQ -8(R14)(CX*1), BP
+	MOVQ R15, (R9)
+	MOVQ BP, -8(R9)(CX*1)
+	ADDQ CX, R14
+	ADDQ CX, R9
+
+copy_5_end:
+	ADDQ CX, R11
+	SUBQ CX, R13
+
+	// Copy match from the current buffer
+copy_match:
+	MOVQ R9, CX
+	SUBQ R12, CX
+
+	// ml <= mo
+	CMPQ R13, R12
+	JA   copy_overlapping_match
+
+	// Copy non-overlapping match
+	ADDQ R13, R11
+	MOVQ R9, R12
+	ADDQ R13, R9
+
+copy_2:
+	MOVUPS (CX), X0
+	MOVUPS X0, (R12)
+	ADDQ   $0x10, CX
+	ADDQ   $0x10, R12
+	SUBQ   $0x10, R13
+	JHI    copy_2
+	JMP    handle_loop
+
+	// Copy overlapping match
+copy_overlapping_match:
+	ADDQ R13, R11
+
+copy_slow_3:
+	MOVB (CX), R12
+	MOVB R12, (R9)
+	INCQ CX
+	INCQ R9
+	DECQ R13
+	JNZ  copy_slow_3
+
+handle_loop:
+	MOVQ ctx+16(FP), CX
+	DECQ 96(CX)
+	JNS  sequenceDecs_decodeSync_bmi2_main_loop
+
+loop_finished:
+	MOVQ br+8(FP), CX
+	MOVQ AX, 24(CX)
+	MOVB DL, 32(CX)
+	MOVQ BX, 8(CX)
+
+	// Update the context
+	MOVQ ctx+16(FP), AX
+	MOVQ R11, 136(AX)
+	MOVQ 144(AX), CX
+	SUBQ CX, R10
+	MOVQ R10, 168(AX)
+
+	// Return success
+	MOVQ $0x00000000, ret+24(FP)
+	RET
+
+	// Return with match length error
+sequenceDecs_decodeSync_bmi2_error_match_len_ofs_mismatch:
+	MOVQ 16(SP), AX
+	MOVQ ctx+16(FP), CX
+	MOVQ AX, 216(CX)
+	MOVQ $0x00000001, ret+24(FP)
+	RET
+
+	// Return with match too long error
+sequenceDecs_decodeSync_bmi2_error_match_len_too_big:
+	MOVQ ctx+16(FP), AX
+	MOVQ 16(SP), CX
+	MOVQ CX, 216(AX)
+	MOVQ $0x00000002, ret+24(FP)
+	RET
+
+	// Return with match offset too long error
+error_match_off_too_big:
+	MOVQ ctx+16(FP), AX
+	MOVQ 8(SP), CX
+	MOVQ CX, 224(AX)
+	MOVQ R11, 136(AX)
+	MOVQ $0x00000003, ret+24(FP)
+	RET
+
+	// Return with not enough literals error
+error_not_enough_literals:
+	MOVQ ctx+16(FP), AX
+	MOVQ 24(SP), CX
+	MOVQ CX, 208(AX)
+	MOVQ $0x00000004, ret+24(FP)
+	RET
+
+	// Return with overread error
+error_overread:
+	MOVQ $0x00000006, ret+24(FP)
+	RET
+
+	// Return with not enough output space error
+error_not_enough_space:
+	MOVQ ctx+16(FP), AX
+	MOVQ 24(SP), CX
+	MOVQ CX, 208(AX)
+	MOVQ 16(SP), CX
+	MOVQ CX, 216(AX)
+	MOVQ R11, 136(AX)
+	MOVQ $0x00000005, ret+24(FP)
+	RET
+
+// func sequenceDecs_decodeSync_safe_amd64(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
+// Requires: CMOV, SSE
+TEXT ·sequenceDecs_decodeSync_safe_amd64(SB), $64-32
+	MOVQ    br+8(FP), CX
+	MOVQ    24(CX), DX
+	MOVBQZX 32(CX), BX
+	MOVQ    (CX), AX
+	MOVQ    8(CX), SI
+	ADDQ    SI, AX
+	MOVQ    AX, (SP)
+	MOVQ    ctx+16(FP), AX
+	MOVQ    72(AX), DI
+	MOVQ    80(AX), R8
+	MOVQ    88(AX), R9
+	XORQ    CX, CX
+	MOVQ    CX, 8(SP)
+	MOVQ    CX, 16(SP)
+	MOVQ    CX, 24(SP)
+	MOVQ    112(AX), R10
+	MOVQ    128(AX), CX
+	MOVQ    CX, 32(SP)
+	MOVQ    144(AX), R11
+	MOVQ    136(AX), R12
+	MOVQ    200(AX), CX
+	MOVQ    CX, 56(SP)
+	MOVQ    176(AX), CX
+	MOVQ    CX, 48(SP)
+	MOVQ    184(AX), AX
+	MOVQ    AX, 40(SP)
+	MOVQ    40(SP), AX
+	ADDQ    AX, 48(SP)
+
+	// Calculate pointer to s.out[cap(s.out)] (a past-end pointer)
+	ADDQ R10, 32(SP)
+
+	// outBase += outPosition
+	ADDQ R12, R10
+
+sequenceDecs_decodeSync_safe_amd64_main_loop:
+	MOVQ (SP), R13
+
+	// Fill bitreader to have enough for the offset and match length.
+	CMPQ SI, $0x08
+	JL   sequenceDecs_decodeSync_safe_amd64_fill_byte_by_byte
+	MOVQ BX, AX
+	SHRQ $0x03, AX
+	SUBQ AX, R13
+	MOVQ (R13), DX
+	SUBQ AX, SI
+	ANDQ $0x07, BX
+	JMP  sequenceDecs_decodeSync_safe_amd64_fill_end
+
+sequenceDecs_decodeSync_safe_amd64_fill_byte_by_byte:
+	CMPQ    SI, $0x00
+	JLE     sequenceDecs_decodeSync_safe_amd64_fill_check_overread
+	CMPQ    BX, $0x07
+	JLE     sequenceDecs_decodeSync_safe_amd64_fill_end
+	SHLQ    $0x08, DX
+	SUBQ    $0x01, R13
+	SUBQ    $0x01, SI
+	SUBQ    $0x08, BX
+	MOVBQZX (R13), AX
+	ORQ     AX, DX
+	JMP     sequenceDecs_decodeSync_safe_amd64_fill_byte_by_byte
+
+sequenceDecs_decodeSync_safe_amd64_fill_check_overread:
+	CMPQ BX, $0x40
+	JA   error_overread
+
+sequenceDecs_decodeSync_safe_amd64_fill_end:
+	// Update offset
+	MOVQ  R9, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R14
+	SHLQ  CL, R14
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decodeSync_safe_amd64_of_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decodeSync_safe_amd64_of_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decodeSync_safe_amd64_of_update_zero
+	NEGQ  CX
+	SHRQ  CL, R14
+	ADDQ  R14, AX
+
+sequenceDecs_decodeSync_safe_amd64_of_update_zero:
+	MOVQ AX, 8(SP)
+
+	// Update match length
+	MOVQ  R8, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R14
+	SHLQ  CL, R14
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decodeSync_safe_amd64_ml_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decodeSync_safe_amd64_ml_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decodeSync_safe_amd64_ml_update_zero
+	NEGQ  CX
+	SHRQ  CL, R14
+	ADDQ  R14, AX
+
+sequenceDecs_decodeSync_safe_amd64_ml_update_zero:
+	MOVQ AX, 16(SP)
+
+	// Fill bitreader to have enough for the remaining
+	CMPQ SI, $0x08
+	JL   sequenceDecs_decodeSync_safe_amd64_fill_2_byte_by_byte
+	MOVQ BX, AX
+	SHRQ $0x03, AX
+	SUBQ AX, R13
+	MOVQ (R13), DX
+	SUBQ AX, SI
+	ANDQ $0x07, BX
+	JMP  sequenceDecs_decodeSync_safe_amd64_fill_2_end
+
+sequenceDecs_decodeSync_safe_amd64_fill_2_byte_by_byte:
+	CMPQ    SI, $0x00
+	JLE     sequenceDecs_decodeSync_safe_amd64_fill_2_check_overread
+	CMPQ    BX, $0x07
+	JLE     sequenceDecs_decodeSync_safe_amd64_fill_2_end
+	SHLQ    $0x08, DX
+	SUBQ    $0x01, R13
+	SUBQ    $0x01, SI
+	SUBQ    $0x08, BX
+	MOVBQZX (R13), AX
+	ORQ     AX, DX
+	JMP     sequenceDecs_decodeSync_safe_amd64_fill_2_byte_by_byte
+
+sequenceDecs_decodeSync_safe_amd64_fill_2_check_overread:
+	CMPQ BX, $0x40
+	JA   error_overread
+
+sequenceDecs_decodeSync_safe_amd64_fill_2_end:
+	// Update literal length
+	MOVQ  DI, AX
+	MOVQ  BX, CX
+	MOVQ  DX, R14
+	SHLQ  CL, R14
+	MOVB  AH, CL
+	SHRQ  $0x20, AX
+	TESTQ CX, CX
+	JZ    sequenceDecs_decodeSync_safe_amd64_ll_update_zero
+	ADDQ  CX, BX
+	CMPQ  BX, $0x40
+	JA    sequenceDecs_decodeSync_safe_amd64_ll_update_zero
+	CMPQ  CX, $0x40
+	JAE   sequenceDecs_decodeSync_safe_amd64_ll_update_zero
+	NEGQ  CX
+	SHRQ  CL, R14
+	ADDQ  R14, AX
+
+sequenceDecs_decodeSync_safe_amd64_ll_update_zero:
+	MOVQ AX, 24(SP)
+
+	// Fill bitreader for state updates
+	MOVQ    R13, (SP)
+	MOVQ    R9, AX
+	SHRQ    $0x08, AX
+	MOVBQZX AL, AX
+	MOVQ    ctx+16(FP), CX
+	CMPQ    96(CX), $0x00
+	JZ      sequenceDecs_decodeSync_safe_amd64_skip_update
+
+	// Update Literal Length State
+	MOVBQZX DI, R13
+	SHRL    $0x10, DI
+	LEAQ    (BX)(R13*1), CX
+	MOVQ    DX, R14
+	MOVQ    CX, BX
+	ROLQ    CL, R14
+	MOVL    $0x00000001, R15
+	MOVB    R13, CL
+	SHLL    CL, R15
+	DECL    R15
+	ANDQ    R15, R14
+	ADDQ    R14, DI
+
+	// Load ctx.llTable
+	MOVQ ctx+16(FP), CX
+	MOVQ (CX), CX
+	MOVQ (CX)(DI*8), DI
+
+	// Update Match Length State
+	MOVBQZX R8, R13
+	SHRL    $0x10, R8
+	LEAQ    (BX)(R13*1), CX
+	MOVQ    DX, R14
+	MOVQ    CX, BX
+	ROLQ    CL, R14
+	MOVL    $0x00000001, R15
+	MOVB    R13, CL
+	SHLL    CL, R15
+	DECL    R15
+	ANDQ    R15, R14
+	ADDQ    R14, R8
+
+	// Load ctx.mlTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 24(CX), CX
+	MOVQ (CX)(R8*8), R8
+
+	// Update Offset State
+	MOVBQZX R9, R13
+	SHRL    $0x10, R9
+	LEAQ    (BX)(R13*1), CX
+	MOVQ    DX, R14
+	MOVQ    CX, BX
+	ROLQ    CL, R14
+	MOVL    $0x00000001, R15
+	MOVB    R13, CL
+	SHLL    CL, R15
+	DECL    R15
+	ANDQ    R15, R14
+	ADDQ    R14, R9
+
+	// Load ctx.ofTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 48(CX), CX
+	MOVQ (CX)(R9*8), R9
+
+sequenceDecs_decodeSync_safe_amd64_skip_update:
+	// Adjust offset
+	MOVQ   s+0(FP), CX
+	MOVQ   8(SP), R13
+	CMPQ   AX, $0x01
+	JBE    sequenceDecs_decodeSync_safe_amd64_adjust_offsetB_1_or_0
+	MOVUPS 144(CX), X0
+	MOVQ   R13, 144(CX)
+	MOVUPS X0, 152(CX)
+	JMP    sequenceDecs_decodeSync_safe_amd64_after_adjust
+
+sequenceDecs_decodeSync_safe_amd64_adjust_offsetB_1_or_0:
+	CMPQ 24(SP), $0x00000000
+	JNE  sequenceDecs_decodeSync_safe_amd64_adjust_offset_maybezero
+	INCQ R13
+	JMP  sequenceDecs_decodeSync_safe_amd64_adjust_offset_nonzero
+
+sequenceDecs_decodeSync_safe_amd64_adjust_offset_maybezero:
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decodeSync_safe_amd64_adjust_offset_nonzero
+	MOVQ  144(CX), R13
+	JMP   sequenceDecs_decodeSync_safe_amd64_after_adjust
+
+sequenceDecs_decodeSync_safe_amd64_adjust_offset_nonzero:
+	MOVQ    R13, AX
+	XORQ    R14, R14
+	MOVQ    $-1, R15
+	CMPQ    R13, $0x03
+	CMOVQEQ R14, AX
+	CMOVQEQ R15, R14
+	ADDQ    144(CX)(AX*8), R14
+	JNZ     sequenceDecs_decodeSync_safe_amd64_adjust_temp_valid
+	MOVQ    $0x00000001, R14
+
+sequenceDecs_decodeSync_safe_amd64_adjust_temp_valid:
+	CMPQ R13, $0x01
+	JZ   sequenceDecs_decodeSync_safe_amd64_adjust_skip
+	MOVQ 152(CX), AX
+	MOVQ AX, 160(CX)
+
+sequenceDecs_decodeSync_safe_amd64_adjust_skip:
+	MOVQ 144(CX), AX
+	MOVQ AX, 152(CX)
+	MOVQ R14, 144(CX)
+	MOVQ R14, R13
+
+sequenceDecs_decodeSync_safe_amd64_after_adjust:
+	MOVQ R13, 8(SP)
+
+	// Check values
+	MOVQ  16(SP), AX
+	MOVQ  24(SP), CX
+	LEAQ  (AX)(CX*1), R14
+	MOVQ  s+0(FP), R15
+	ADDQ  R14, 256(R15)
+	MOVQ  ctx+16(FP), R14
+	SUBQ  CX, 104(R14)
+	JS    error_not_enough_literals
+	CMPQ  AX, $0x00020002
+	JA    sequenceDecs_decodeSync_safe_amd64_error_match_len_too_big
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decodeSync_safe_amd64_match_len_ofs_ok
+	TESTQ AX, AX
+	JNZ   sequenceDecs_decodeSync_safe_amd64_error_match_len_ofs_mismatch
+
+sequenceDecs_decodeSync_safe_amd64_match_len_ofs_ok:
+	MOVQ 24(SP), AX
+	MOVQ 8(SP), CX
+	MOVQ 16(SP), R13
+
+	// Check if we have enough space in s.out
+	LEAQ (AX)(R13*1), R14
+	ADDQ R10, R14
+	CMPQ R14, 32(SP)
+	JA   error_not_enough_space
+
+	// Copy literals
+	TESTQ AX, AX
+	JZ    check_offset
+	MOVQ  AX, R14
+	SUBQ  $0x10, R14
+	JB    copy_1_small
+
+copy_1_loop:
+	MOVUPS (R11), X0
+	MOVUPS X0, (R10)
+	ADDQ   $0x10, R11
+	ADDQ   $0x10, R10
+	SUBQ   $0x10, R14
+	JAE    copy_1_loop
+	LEAQ   16(R11)(R14*1), R11
+	LEAQ   16(R10)(R14*1), R10
+	MOVUPS -16(R11), X0
+	MOVUPS X0, -16(R10)
+	JMP    copy_1_end
+
+copy_1_small:
+	CMPQ AX, $0x03
+	JE   copy_1_move_3
+	JB   copy_1_move_1or2
+	CMPQ AX, $0x08
+	JB   copy_1_move_4through7
+	JMP  copy_1_move_8through16
+
+copy_1_move_1or2:
+	MOVB (R11), R14
+	MOVB -1(R11)(AX*1), R15
+	MOVB R14, (R10)
+	MOVB R15, -1(R10)(AX*1)
+	ADDQ AX, R11
+	ADDQ AX, R10
+	JMP  copy_1_end
+
+copy_1_move_3:
+	MOVW (R11), R14
+	MOVB 2(R11), R15
+	MOVW R14, (R10)
+	MOVB R15, 2(R10)
+	ADDQ AX, R11
+	ADDQ AX, R10
+	JMP  copy_1_end
+
+copy_1_move_4through7:
+	MOVL (R11), R14
+	MOVL -4(R11)(AX*1), R15
+	MOVL R14, (R10)
+	MOVL R15, -4(R10)(AX*1)
+	ADDQ AX, R11
+	ADDQ AX, R10
+	JMP  copy_1_end
+
+copy_1_move_8through16:
+	MOVQ (R11), R14
+	MOVQ -8(R11)(AX*1), R15
+	MOVQ R14, (R10)
+	MOVQ R15, -8(R10)(AX*1)
+	ADDQ AX, R11
+	ADDQ AX, R10
+
+copy_1_end:
+	ADDQ AX, R12
+
+	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
+check_offset:
+	MOVQ R12, AX
+	ADDQ 40(SP), AX
+	CMPQ CX, AX
+	JG   error_match_off_too_big
+	CMPQ CX, 56(SP)
+	JG   error_match_off_too_big
+
+	// Copy match from history
+	MOVQ CX, AX
+	SUBQ R12, AX
+	JLS  copy_match
+	MOVQ 48(SP), R14
+	SUBQ AX, R14
+	CMPQ R13, AX
+	JG   copy_all_from_history
+	MOVQ R13, AX
+	SUBQ $0x10, AX
+	JB   copy_4_small
+
+copy_4_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (R10)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, R10
+	SUBQ   $0x10, AX
+	JAE    copy_4_loop
+	LEAQ   16(R14)(AX*1), R14
+	LEAQ   16(R10)(AX*1), R10
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(R10)
+	JMP    copy_4_end
+
+copy_4_small:
+	CMPQ R13, $0x03
+	JE   copy_4_move_3
+	CMPQ R13, $0x08
+	JB   copy_4_move_4through7
+	JMP  copy_4_move_8through16
+
+copy_4_move_3:
+	MOVW (R14), AX
+	MOVB 2(R14), CL
+	MOVW AX, (R10)
+	MOVB CL, 2(R10)
+	ADDQ R13, R14
+	ADDQ R13, R10
+	JMP  copy_4_end
+
+copy_4_move_4through7:
+	MOVL (R14), AX
+	MOVL -4(R14)(R13*1), CX
+	MOVL AX, (R10)
+	MOVL CX, -4(R10)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, R10
+	JMP  copy_4_end
+
+copy_4_move_8through16:
+	MOVQ (R14), AX
+	MOVQ -8(R14)(R13*1), CX
+	MOVQ AX, (R10)
+	MOVQ CX, -8(R10)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, R10
+
+copy_4_end:
+	ADDQ R13, R12
+	JMP  handle_loop
+	JMP loop_finished
+
+copy_all_from_history:
+	MOVQ AX, R15
+	SUBQ $0x10, R15
+	JB   copy_5_small
+
+copy_5_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (R10)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, R10
+	SUBQ   $0x10, R15
+	JAE    copy_5_loop
+	LEAQ   16(R14)(R15*1), R14
+	LEAQ   16(R10)(R15*1), R10
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(R10)
+	JMP    copy_5_end
+
+copy_5_small:
+	CMPQ AX, $0x03
+	JE   copy_5_move_3
+	JB   copy_5_move_1or2
+	CMPQ AX, $0x08
+	JB   copy_5_move_4through7
+	JMP  copy_5_move_8through16
+
+copy_5_move_1or2:
+	MOVB (R14), R15
+	MOVB -1(R14)(AX*1), BP
+	MOVB R15, (R10)
+	MOVB BP, -1(R10)(AX*1)
+	ADDQ AX, R14
+	ADDQ AX, R10
+	JMP  copy_5_end
+
+copy_5_move_3:
+	MOVW (R14), R15
+	MOVB 2(R14), BP
+	MOVW R15, (R10)
+	MOVB BP, 2(R10)
+	ADDQ AX, R14
+	ADDQ AX, R10
+	JMP  copy_5_end
+
+copy_5_move_4through7:
+	MOVL (R14), R15
+	MOVL -4(R14)(AX*1), BP
+	MOVL R15, (R10)
+	MOVL BP, -4(R10)(AX*1)
+	ADDQ AX, R14
+	ADDQ AX, R10
+	JMP  copy_5_end
+
+copy_5_move_8through16:
+	MOVQ (R14), R15
+	MOVQ -8(R14)(AX*1), BP
+	MOVQ R15, (R10)
+	MOVQ BP, -8(R10)(AX*1)
+	ADDQ AX, R14
+	ADDQ AX, R10
+
+copy_5_end:
+	ADDQ AX, R12
+	SUBQ AX, R13
+
+	// Copy match from the current buffer
+copy_match:
+	MOVQ R10, AX
+	SUBQ CX, AX
+
+	// ml <= mo
+	CMPQ R13, CX
+	JA   copy_overlapping_match
+
+	// Copy non-overlapping match
+	ADDQ R13, R12
+	MOVQ R13, CX
+	SUBQ $0x10, CX
+	JB   copy_2_small
+
+copy_2_loop:
+	MOVUPS (AX), X0
+	MOVUPS X0, (R10)
+	ADDQ   $0x10, AX
+	ADDQ   $0x10, R10
+	SUBQ   $0x10, CX
+	JAE    copy_2_loop
+	LEAQ   16(AX)(CX*1), AX
+	LEAQ   16(R10)(CX*1), R10
+	MOVUPS -16(AX), X0
+	MOVUPS X0, -16(R10)
+	JMP    copy_2_end
+
+copy_2_small:
+	CMPQ R13, $0x03
+	JE   copy_2_move_3
+	JB   copy_2_move_1or2
+	CMPQ R13, $0x08
+	JB   copy_2_move_4through7
+	JMP  copy_2_move_8through16
+
+copy_2_move_1or2:
+	MOVB (AX), CL
+	MOVB -1(AX)(R13*1), R14
+	MOVB CL, (R10)
+	MOVB R14, -1(R10)(R13*1)
+	ADDQ R13, AX
+	ADDQ R13, R10
+	JMP  copy_2_end
+
+copy_2_move_3:
+	MOVW (AX), CX
+	MOVB 2(AX), R14
+	MOVW CX, (R10)
+	MOVB R14, 2(R10)
+	ADDQ R13, AX
+	ADDQ R13, R10
+	JMP  copy_2_end
+
+copy_2_move_4through7:
+	MOVL (AX), CX
+	MOVL -4(AX)(R13*1), R14
+	MOVL CX, (R10)
+	MOVL R14, -4(R10)(R13*1)
+	ADDQ R13, AX
+	ADDQ R13, R10
+	JMP  copy_2_end
+
+copy_2_move_8through16:
+	MOVQ (AX), CX
+	MOVQ -8(AX)(R13*1), R14
+	MOVQ CX, (R10)
+	MOVQ R14, -8(R10)(R13*1)
+	ADDQ R13, AX
+	ADDQ R13, R10
+
+copy_2_end:
+	JMP handle_loop
+
+	// Copy overlapping match
+copy_overlapping_match:
+	ADDQ R13, R12
+
+copy_slow_3:
+	MOVB (AX), CL
+	MOVB CL, (R10)
+	INCQ AX
+	INCQ R10
+	DECQ R13
+	JNZ  copy_slow_3
+
+handle_loop:
+	MOVQ ctx+16(FP), AX
+	DECQ 96(AX)
+	JNS  sequenceDecs_decodeSync_safe_amd64_main_loop
+
+loop_finished:
+	MOVQ br+8(FP), AX
+	MOVQ DX, 24(AX)
+	MOVB BL, 32(AX)
+	MOVQ SI, 8(AX)
+
+	// Update the context
+	MOVQ ctx+16(FP), AX
+	MOVQ R12, 136(AX)
+	MOVQ 144(AX), CX
+	SUBQ CX, R11
+	MOVQ R11, 168(AX)
+
+	// Return success
+	MOVQ $0x00000000, ret+24(FP)
+	RET
+
+	// Return with match length error
+sequenceDecs_decodeSync_safe_amd64_error_match_len_ofs_mismatch:
+	MOVQ 16(SP), AX
+	MOVQ ctx+16(FP), CX
+	MOVQ AX, 216(CX)
+	MOVQ $0x00000001, ret+24(FP)
+	RET
+
+	// Return with match too long error
+sequenceDecs_decodeSync_safe_amd64_error_match_len_too_big:
+	MOVQ ctx+16(FP), AX
+	MOVQ 16(SP), CX
+	MOVQ CX, 216(AX)
+	MOVQ $0x00000002, ret+24(FP)
+	RET
+
+	// Return with match offset too long error
+error_match_off_too_big:
+	MOVQ ctx+16(FP), AX
+	MOVQ 8(SP), CX
+	MOVQ CX, 224(AX)
+	MOVQ R12, 136(AX)
+	MOVQ $0x00000003, ret+24(FP)
+	RET
+
+	// Return with not enough literals error
+error_not_enough_literals:
+	MOVQ ctx+16(FP), AX
+	MOVQ 24(SP), CX
+	MOVQ CX, 208(AX)
+	MOVQ $0x00000004, ret+24(FP)
+	RET
+
+	// Return with overread error
+error_overread:
+	MOVQ $0x00000006, ret+24(FP)
+	RET
+
+	// Return with not enough output space error
+error_not_enough_space:
+	MOVQ ctx+16(FP), AX
+	MOVQ 24(SP), CX
+	MOVQ CX, 208(AX)
+	MOVQ 16(SP), CX
+	MOVQ CX, 216(AX)
+	MOVQ R12, 136(AX)
+	MOVQ $0x00000005, ret+24(FP)
+	RET
+
+// func sequenceDecs_decodeSync_safe_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
+// Requires: BMI, BMI2, CMOV, SSE
+TEXT ·sequenceDecs_decodeSync_safe_bmi2(SB), $64-32
+	MOVQ    br+8(FP), BX
+	MOVQ    24(BX), AX
+	MOVBQZX 32(BX), DX
+	MOVQ    (BX), CX
+	MOVQ    8(BX), BX
+	ADDQ    BX, CX
+	MOVQ    CX, (SP)
+	MOVQ    ctx+16(FP), CX
+	MOVQ    72(CX), SI
+	MOVQ    80(CX), DI
+	MOVQ    88(CX), R8
+	XORQ    R9, R9
+	MOVQ    R9, 8(SP)
+	MOVQ    R9, 16(SP)
+	MOVQ    R9, 24(SP)
+	MOVQ    112(CX), R9
+	MOVQ    128(CX), R10
+	MOVQ    R10, 32(SP)
+	MOVQ    144(CX), R10
+	MOVQ    136(CX), R11
+	MOVQ    200(CX), R12
+	MOVQ    R12, 56(SP)
+	MOVQ    176(CX), R12
+	MOVQ    R12, 48(SP)
+	MOVQ    184(CX), CX
+	MOVQ    CX, 40(SP)
+	MOVQ    40(SP), CX
+	ADDQ    CX, 48(SP)
+
+	// Calculate pointer to s.out[cap(s.out)] (a past-end pointer)
+	ADDQ R9, 32(SP)
+
+	// outBase += outPosition
+	ADDQ R11, R9
+
+sequenceDecs_decodeSync_safe_bmi2_main_loop:
+	MOVQ (SP), R12
+
+	// Fill bitreader to have enough for the offset and match length.
+	CMPQ BX, $0x08
+	JL   sequenceDecs_decodeSync_safe_bmi2_fill_byte_by_byte
+	MOVQ DX, CX
+	SHRQ $0x03, CX
+	SUBQ CX, R12
+	MOVQ (R12), AX
+	SUBQ CX, BX
+	ANDQ $0x07, DX
+	JMP  sequenceDecs_decodeSync_safe_bmi2_fill_end
+
+sequenceDecs_decodeSync_safe_bmi2_fill_byte_by_byte:
+	CMPQ    BX, $0x00
+	JLE     sequenceDecs_decodeSync_safe_bmi2_fill_check_overread
+	CMPQ    DX, $0x07
+	JLE     sequenceDecs_decodeSync_safe_bmi2_fill_end
+	SHLQ    $0x08, AX
+	SUBQ    $0x01, R12
+	SUBQ    $0x01, BX
+	SUBQ    $0x08, DX
+	MOVBQZX (R12), CX
+	ORQ     CX, AX
+	JMP     sequenceDecs_decodeSync_safe_bmi2_fill_byte_by_byte
+
+sequenceDecs_decodeSync_safe_bmi2_fill_check_overread:
+	CMPQ DX, $0x40
+	JA   error_overread
+
+sequenceDecs_decodeSync_safe_bmi2_fill_end:
+	// Update offset
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, R8, R13
+	MOVQ   AX, R14
+	LEAQ   (DX)(R13*1), CX
+	ROLQ   CL, R14
+	BZHIQ  R13, R14, R14
+	MOVQ   CX, DX
+	MOVQ   R8, CX
+	SHRQ   $0x20, CX
+	ADDQ   R14, CX
+	MOVQ   CX, 8(SP)
+
+	// Update match length
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, DI, R13
+	MOVQ   AX, R14
+	LEAQ   (DX)(R13*1), CX
+	ROLQ   CL, R14
+	BZHIQ  R13, R14, R14
+	MOVQ   CX, DX
+	MOVQ   DI, CX
+	SHRQ   $0x20, CX
+	ADDQ   R14, CX
+	MOVQ   CX, 16(SP)
+
+	// Fill bitreader to have enough for the remaining
+	CMPQ BX, $0x08
+	JL   sequenceDecs_decodeSync_safe_bmi2_fill_2_byte_by_byte
+	MOVQ DX, CX
+	SHRQ $0x03, CX
+	SUBQ CX, R12
+	MOVQ (R12), AX
+	SUBQ CX, BX
+	ANDQ $0x07, DX
+	JMP  sequenceDecs_decodeSync_safe_bmi2_fill_2_end
+
+sequenceDecs_decodeSync_safe_bmi2_fill_2_byte_by_byte:
+	CMPQ    BX, $0x00
+	JLE     sequenceDecs_decodeSync_safe_bmi2_fill_2_check_overread
+	CMPQ    DX, $0x07
+	JLE     sequenceDecs_decodeSync_safe_bmi2_fill_2_end
+	SHLQ    $0x08, AX
+	SUBQ    $0x01, R12
+	SUBQ    $0x01, BX
+	SUBQ    $0x08, DX
+	MOVBQZX (R12), CX
+	ORQ     CX, AX
+	JMP     sequenceDecs_decodeSync_safe_bmi2_fill_2_byte_by_byte
+
+sequenceDecs_decodeSync_safe_bmi2_fill_2_check_overread:
+	CMPQ DX, $0x40
+	JA   error_overread
+
+sequenceDecs_decodeSync_safe_bmi2_fill_2_end:
+	// Update literal length
+	MOVQ   $0x00000808, CX
+	BEXTRQ CX, SI, R13
+	MOVQ   AX, R14
+	LEAQ   (DX)(R13*1), CX
+	ROLQ   CL, R14
+	BZHIQ  R13, R14, R14
+	MOVQ   CX, DX
+	MOVQ   SI, CX
+	SHRQ   $0x20, CX
+	ADDQ   R14, CX
+	MOVQ   CX, 24(SP)
+
+	// Fill bitreader for state updates
+	MOVQ    R12, (SP)
+	MOVQ    $0x00000808, CX
+	BEXTRQ  CX, R8, R12
+	MOVQ    ctx+16(FP), CX
+	CMPQ    96(CX), $0x00
+	JZ      sequenceDecs_decodeSync_safe_bmi2_skip_update
+	LEAQ    (SI)(DI*1), R13
+	ADDQ    R8, R13
+	MOVBQZX R13, R13
+	LEAQ    (DX)(R13*1), CX
+	MOVQ    AX, R14
+	MOVQ    CX, DX
+	ROLQ    CL, R14
+	BZHIQ   R13, R14, R14
+
+	// Update Offset State
+	BZHIQ R8, R14, CX
+	SHRXQ R8, R14, R14
+	SHRL  $0x10, R8
+	ADDQ  CX, R8
+
+	// Load ctx.ofTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 48(CX), CX
+	MOVQ (CX)(R8*8), R8
+
+	// Update Match Length State
+	BZHIQ DI, R14, CX
+	SHRXQ DI, R14, R14
+	SHRL  $0x10, DI
+	ADDQ  CX, DI
+
+	// Load ctx.mlTable
+	MOVQ ctx+16(FP), CX
+	MOVQ 24(CX), CX
+	MOVQ (CX)(DI*8), DI
+
+	// Update Literal Length State
+	BZHIQ SI, R14, CX
+	SHRL  $0x10, SI
+	ADDQ  CX, SI
+
+	// Load ctx.llTable
+	MOVQ ctx+16(FP), CX
+	MOVQ (CX), CX
+	MOVQ (CX)(SI*8), SI
+
+sequenceDecs_decodeSync_safe_bmi2_skip_update:
+	// Adjust offset
+	MOVQ   s+0(FP), CX
+	MOVQ   8(SP), R13
+	CMPQ   R12, $0x01
+	JBE    sequenceDecs_decodeSync_safe_bmi2_adjust_offsetB_1_or_0
+	MOVUPS 144(CX), X0
+	MOVQ   R13, 144(CX)
+	MOVUPS X0, 152(CX)
+	JMP    sequenceDecs_decodeSync_safe_bmi2_after_adjust
+
+sequenceDecs_decodeSync_safe_bmi2_adjust_offsetB_1_or_0:
+	CMPQ 24(SP), $0x00000000
+	JNE  sequenceDecs_decodeSync_safe_bmi2_adjust_offset_maybezero
+	INCQ R13
+	JMP  sequenceDecs_decodeSync_safe_bmi2_adjust_offset_nonzero
+
+sequenceDecs_decodeSync_safe_bmi2_adjust_offset_maybezero:
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decodeSync_safe_bmi2_adjust_offset_nonzero
+	MOVQ  144(CX), R13
+	JMP   sequenceDecs_decodeSync_safe_bmi2_after_adjust
+
+sequenceDecs_decodeSync_safe_bmi2_adjust_offset_nonzero:
+	MOVQ    R13, R12
+	XORQ    R14, R14
+	MOVQ    $-1, R15
+	CMPQ    R13, $0x03
+	CMOVQEQ R14, R12
+	CMOVQEQ R15, R14
+	ADDQ    144(CX)(R12*8), R14
+	JNZ     sequenceDecs_decodeSync_safe_bmi2_adjust_temp_valid
+	MOVQ    $0x00000001, R14
+
+sequenceDecs_decodeSync_safe_bmi2_adjust_temp_valid:
+	CMPQ R13, $0x01
+	JZ   sequenceDecs_decodeSync_safe_bmi2_adjust_skip
+	MOVQ 152(CX), R12
+	MOVQ R12, 160(CX)
+
+sequenceDecs_decodeSync_safe_bmi2_adjust_skip:
+	MOVQ 144(CX), R12
+	MOVQ R12, 152(CX)
+	MOVQ R14, 144(CX)
+	MOVQ R14, R13
+
+sequenceDecs_decodeSync_safe_bmi2_after_adjust:
+	MOVQ R13, 8(SP)
+
+	// Check values
+	MOVQ  16(SP), CX
+	MOVQ  24(SP), R12
+	LEAQ  (CX)(R12*1), R14
+	MOVQ  s+0(FP), R15
+	ADDQ  R14, 256(R15)
+	MOVQ  ctx+16(FP), R14
+	SUBQ  R12, 104(R14)
+	JS    error_not_enough_literals
+	CMPQ  CX, $0x00020002
+	JA    sequenceDecs_decodeSync_safe_bmi2_error_match_len_too_big
+	TESTQ R13, R13
+	JNZ   sequenceDecs_decodeSync_safe_bmi2_match_len_ofs_ok
+	TESTQ CX, CX
+	JNZ   sequenceDecs_decodeSync_safe_bmi2_error_match_len_ofs_mismatch
+
+sequenceDecs_decodeSync_safe_bmi2_match_len_ofs_ok:
+	MOVQ 24(SP), CX
+	MOVQ 8(SP), R12
+	MOVQ 16(SP), R13
+
+	// Check if we have enough space in s.out
+	LEAQ (CX)(R13*1), R14
+	ADDQ R9, R14
+	CMPQ R14, 32(SP)
+	JA   error_not_enough_space
+
+	// Copy literals
+	TESTQ CX, CX
+	JZ    check_offset
+	MOVQ  CX, R14
+	SUBQ  $0x10, R14
+	JB    copy_1_small
+
+copy_1_loop:
+	MOVUPS (R10), X0
+	MOVUPS X0, (R9)
+	ADDQ   $0x10, R10
+	ADDQ   $0x10, R9
+	SUBQ   $0x10, R14
+	JAE    copy_1_loop
+	LEAQ   16(R10)(R14*1), R10
+	LEAQ   16(R9)(R14*1), R9
+	MOVUPS -16(R10), X0
+	MOVUPS X0, -16(R9)
+	JMP    copy_1_end
+
+copy_1_small:
+	CMPQ CX, $0x03
+	JE   copy_1_move_3
+	JB   copy_1_move_1or2
+	CMPQ CX, $0x08
+	JB   copy_1_move_4through7
+	JMP  copy_1_move_8through16
+
+copy_1_move_1or2:
+	MOVB (R10), R14
+	MOVB -1(R10)(CX*1), R15
+	MOVB R14, (R9)
+	MOVB R15, -1(R9)(CX*1)
+	ADDQ CX, R10
+	ADDQ CX, R9
+	JMP  copy_1_end
+
+copy_1_move_3:
+	MOVW (R10), R14
+	MOVB 2(R10), R15
+	MOVW R14, (R9)
+	MOVB R15, 2(R9)
+	ADDQ CX, R10
+	ADDQ CX, R9
+	JMP  copy_1_end
+
+copy_1_move_4through7:
+	MOVL (R10), R14
+	MOVL -4(R10)(CX*1), R15
+	MOVL R14, (R9)
+	MOVL R15, -4(R9)(CX*1)
+	ADDQ CX, R10
+	ADDQ CX, R9
+	JMP  copy_1_end
+
+copy_1_move_8through16:
+	MOVQ (R10), R14
+	MOVQ -8(R10)(CX*1), R15
+	MOVQ R14, (R9)
+	MOVQ R15, -8(R9)(CX*1)
+	ADDQ CX, R10
+	ADDQ CX, R9
+
+copy_1_end:
+	ADDQ CX, R11
+
+	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
+check_offset:
+	MOVQ R11, CX
+	ADDQ 40(SP), CX
+	CMPQ R12, CX
+	JG   error_match_off_too_big
+	CMPQ R12, 56(SP)
+	JG   error_match_off_too_big
+
+	// Copy match from history
+	MOVQ R12, CX
+	SUBQ R11, CX
+	JLS  copy_match
+	MOVQ 48(SP), R14
+	SUBQ CX, R14
+	CMPQ R13, CX
+	JG   copy_all_from_history
+	MOVQ R13, CX
+	SUBQ $0x10, CX
+	JB   copy_4_small
+
+copy_4_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (R9)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, R9
+	SUBQ   $0x10, CX
+	JAE    copy_4_loop
+	LEAQ   16(R14)(CX*1), R14
+	LEAQ   16(R9)(CX*1), R9
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(R9)
+	JMP    copy_4_end
+
+copy_4_small:
+	CMPQ R13, $0x03
+	JE   copy_4_move_3
+	CMPQ R13, $0x08
+	JB   copy_4_move_4through7
+	JMP  copy_4_move_8through16
+
+copy_4_move_3:
+	MOVW (R14), CX
+	MOVB 2(R14), R12
+	MOVW CX, (R9)
+	MOVB R12, 2(R9)
+	ADDQ R13, R14
+	ADDQ R13, R9
+	JMP  copy_4_end
+
+copy_4_move_4through7:
+	MOVL (R14), CX
+	MOVL -4(R14)(R13*1), R12
+	MOVL CX, (R9)
+	MOVL R12, -4(R9)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, R9
+	JMP  copy_4_end
+
+copy_4_move_8through16:
+	MOVQ (R14), CX
+	MOVQ -8(R14)(R13*1), R12
+	MOVQ CX, (R9)
+	MOVQ R12, -8(R9)(R13*1)
+	ADDQ R13, R14
+	ADDQ R13, R9
+
+copy_4_end:
+	ADDQ R13, R11
+	JMP  handle_loop
+	JMP loop_finished
+
+copy_all_from_history:
+	MOVQ CX, R15
+	SUBQ $0x10, R15
+	JB   copy_5_small
+
+copy_5_loop:
+	MOVUPS (R14), X0
+	MOVUPS X0, (R9)
+	ADDQ   $0x10, R14
+	ADDQ   $0x10, R9
+	SUBQ   $0x10, R15
+	JAE    copy_5_loop
+	LEAQ   16(R14)(R15*1), R14
+	LEAQ   16(R9)(R15*1), R9
+	MOVUPS -16(R14), X0
+	MOVUPS X0, -16(R9)
+	JMP    copy_5_end
+
+copy_5_small:
+	CMPQ CX, $0x03
+	JE   copy_5_move_3
+	JB   copy_5_move_1or2
+	CMPQ CX, $0x08
+	JB   copy_5_move_4through7
+	JMP  copy_5_move_8through16
+
+copy_5_move_1or2:
+	MOVB (R14), R15
+	MOVB -1(R14)(CX*1), BP
+	MOVB R15, (R9)
+	MOVB BP, -1(R9)(CX*1)
+	ADDQ CX, R14
+	ADDQ CX, R9
+	JMP  copy_5_end
+
+copy_5_move_3:
+	MOVW (R14), R15
+	MOVB 2(R14), BP
+	MOVW R15, (R9)
+	MOVB BP, 2(R9)
+	ADDQ CX, R14
+	ADDQ CX, R9
+	JMP  copy_5_end
+
+copy_5_move_4through7:
+	MOVL (R14), R15
+	MOVL -4(R14)(CX*1), BP
+	MOVL R15, (R9)
+	MOVL BP, -4(R9)(CX*1)
+	ADDQ CX, R14
+	ADDQ CX, R9
+	JMP  copy_5_end
+
+copy_5_move_8through16:
+	MOVQ (R14), R15
+	MOVQ -8(R14)(CX*1), BP
+	MOVQ R15, (R9)
+	MOVQ BP, -8(R9)(CX*1)
+	ADDQ CX, R14
+	ADDQ CX, R9
+
+copy_5_end:
+	ADDQ CX, R11
+	SUBQ CX, R13
+
+	// Copy match from the current buffer
+copy_match:
+	MOVQ R9, CX
+	SUBQ R12, CX
+
+	// ml <= mo
+	CMPQ R13, R12
+	JA   copy_overlapping_match
+
+	// Copy non-overlapping match
+	ADDQ R13, R11
+	MOVQ R13, R12
+	SUBQ $0x10, R12
+	JB   copy_2_small
+
+copy_2_loop:
+	MOVUPS (CX), X0
+	MOVUPS X0, (R9)
+	ADDQ   $0x10, CX
+	ADDQ   $0x10, R9
+	SUBQ   $0x10, R12
+	JAE    copy_2_loop
+	LEAQ   16(CX)(R12*1), CX
+	LEAQ   16(R9)(R12*1), R9
+	MOVUPS -16(CX), X0
+	MOVUPS X0, -16(R9)
+	JMP    copy_2_end
+
+copy_2_small:
+	CMPQ R13, $0x03
+	JE   copy_2_move_3
+	JB   copy_2_move_1or2
+	CMPQ R13, $0x08
+	JB   copy_2_move_4through7
+	JMP  copy_2_move_8through16
+
+copy_2_move_1or2:
+	MOVB (CX), R12
+	MOVB -1(CX)(R13*1), R14
+	MOVB R12, (R9)
+	MOVB R14, -1(R9)(R13*1)
+	ADDQ R13, CX
+	ADDQ R13, R9
+	JMP  copy_2_end
+
+copy_2_move_3:
+	MOVW (CX), R12
+	MOVB 2(CX), R14
+	MOVW R12, (R9)
+	MOVB R14, 2(R9)
+	ADDQ R13, CX
+	ADDQ R13, R9
+	JMP  copy_2_end
+
+copy_2_move_4through7:
+	MOVL (CX), R12
+	MOVL -4(CX)(R13*1), R14
+	MOVL R12, (R9)
+	MOVL R14, -4(R9)(R13*1)
+	ADDQ R13, CX
+	ADDQ R13, R9
+	JMP  copy_2_end
+
+copy_2_move_8through16:
+	MOVQ (CX), R12
+	MOVQ -8(CX)(R13*1), R14
+	MOVQ R12, (R9)
+	MOVQ R14, -8(R9)(R13*1)
+	ADDQ R13, CX
+	ADDQ R13, R9
+
+copy_2_end:
+	JMP handle_loop
+
+	// Copy overlapping match
+copy_overlapping_match:
+	ADDQ R13, R11
+
+copy_slow_3:
+	MOVB (CX), R12
+	MOVB R12, (R9)
+	INCQ CX
+	INCQ R9
+	DECQ R13
+	JNZ  copy_slow_3
+
+handle_loop:
+	MOVQ ctx+16(FP), CX
+	DECQ 96(CX)
+	JNS  sequenceDecs_decodeSync_safe_bmi2_main_loop
+
+loop_finished:
+	MOVQ br+8(FP), CX
+	MOVQ AX, 24(CX)
+	MOVB DL, 32(CX)
+	MOVQ BX, 8(CX)
+
+	// Update the context
+	MOVQ ctx+16(FP), AX
+	MOVQ R11, 136(AX)
+	MOVQ 144(AX), CX
+	SUBQ CX, R10
+	MOVQ R10, 168(AX)
+
+	// Return success
+	MOVQ $0x00000000, ret+24(FP)
+	RET
+
+	// Return with match length error
+sequenceDecs_decodeSync_safe_bmi2_error_match_len_ofs_mismatch:
+	MOVQ 16(SP), AX
+	MOVQ ctx+16(FP), CX
+	MOVQ AX, 216(CX)
+	MOVQ $0x00000001, ret+24(FP)
+	RET
+
+	// Return with match too long error
+sequenceDecs_decodeSync_safe_bmi2_error_match_len_too_big:
+	MOVQ ctx+16(FP), AX
+	MOVQ 16(SP), CX
+	MOVQ CX, 216(AX)
+	MOVQ $0x00000002, ret+24(FP)
+	RET
+
+	// Return with match offset too long error
+error_match_off_too_big:
+	MOVQ ctx+16(FP), AX
+	MOVQ 8(SP), CX
+	MOVQ CX, 224(AX)
+	MOVQ R11, 136(AX)
+	MOVQ $0x00000003, ret+24(FP)
+	RET
+
+	// Return with not enough literals error
+error_not_enough_literals:
+	MOVQ ctx+16(FP), AX
+	MOVQ 24(SP), CX
+	MOVQ CX, 208(AX)
+	MOVQ $0x00000004, ret+24(FP)
+	RET
+
+	// Return with overread error
+error_overread:
+	MOVQ $0x00000006, ret+24(FP)
+	RET
+
+	// Return with not enough output space error
+error_not_enough_space:
+	MOVQ ctx+16(FP), AX
+	MOVQ 24(SP), CX
+	MOVQ CX, 208(AX)
+	MOVQ 16(SP), CX
+	MOVQ CX, 216(AX)
+	MOVQ R11, 136(AX)
+	MOVQ $0x00000005, ret+24(FP)
+	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/seqdec_generic.go b/vendor/github.com/klauspost/compress/zstd/seqdec_generic.go
new file mode 100644
index 000000000..2fb35b788
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/seqdec_generic.go
@@ -0,0 +1,237 @@
+//go:build !amd64 || appengine || !gc || noasm
+// +build !amd64 appengine !gc noasm
+
+package zstd
+
+import (
+	"fmt"
+	"io"
+)
+
+// decode sequences from the stream with the provided history but without dictionary.
+func (s *sequenceDecs) decodeSyncSimple(hist []byte) (bool, error) {
+	return false, nil
+}
+
+// decode sequences from the stream without the provided history.
+func (s *sequenceDecs) decode(seqs []seqVals) error {
+	br := s.br
+
+	// Grab full sizes tables, to avoid bounds checks.
+	llTable, mlTable, ofTable := s.litLengths.fse.dt[:maxTablesize], s.matchLengths.fse.dt[:maxTablesize], s.offsets.fse.dt[:maxTablesize]
+	llState, mlState, ofState := s.litLengths.state.state, s.matchLengths.state.state, s.offsets.state.state
+	s.seqSize = 0
+	litRemain := len(s.literals)
+
+	maxBlockSize := maxCompressedBlockSize
+	if s.windowSize < maxBlockSize {
+		maxBlockSize = s.windowSize
+	}
+	for i := range seqs {
+		var ll, mo, ml int
+		if len(br.in) > 4+((maxOffsetBits+16+16)>>3) {
+			// inlined function:
+			// ll, mo, ml = s.nextFast(br, llState, mlState, ofState)
+
+			// Final will not read from stream.
+			var llB, mlB, moB uint8
+			ll, llB = llState.final()
+			ml, mlB = mlState.final()
+			mo, moB = ofState.final()
+
+			// extra bits are stored in reverse order.
+			br.fillFast()
+			mo += br.getBits(moB)
+			if s.maxBits > 32 {
+				br.fillFast()
+			}
+			ml += br.getBits(mlB)
+			ll += br.getBits(llB)
+
+			if moB > 1 {
+				s.prevOffset[2] = s.prevOffset[1]
+				s.prevOffset[1] = s.prevOffset[0]
+				s.prevOffset[0] = mo
+			} else {
+				// mo = s.adjustOffset(mo, ll, moB)
+				// Inlined for rather big speedup
+				if ll == 0 {
+					// There is an exception though, when current sequence's literals_length = 0.
+					// In this case, repeated offsets are shifted by one, so an offset_value of 1 means Repeated_Offset2,
+					// an offset_value of 2 means Repeated_Offset3, and an offset_value of 3 means Repeated_Offset1 - 1_byte.
+					mo++
+				}
+
+				if mo == 0 {
+					mo = s.prevOffset[0]
+				} else {
+					var temp int
+					if mo == 3 {
+						temp = s.prevOffset[0] - 1
+					} else {
+						temp = s.prevOffset[mo]
+					}
+
+					if temp == 0 {
+						// 0 is not valid; input is corrupted; force offset to 1
+						println("WARNING: temp was 0")
+						temp = 1
+					}
+
+					if mo != 1 {
+						s.prevOffset[2] = s.prevOffset[1]
+					}
+					s.prevOffset[1] = s.prevOffset[0]
+					s.prevOffset[0] = temp
+					mo = temp
+				}
+			}
+			br.fillFast()
+		} else {
+			if br.overread() {
+				if debugDecoder {
+					printf("reading sequence %d, exceeded available data\n", i)
+				}
+				return io.ErrUnexpectedEOF
+			}
+			ll, mo, ml = s.next(br, llState, mlState, ofState)
+			br.fill()
+		}
+
+		if debugSequences {
+			println("Seq", i, "Litlen:", ll, "mo:", mo, "(abs) ml:", ml)
+		}
+		// Evaluate.
+		// We might be doing this async, so do it early.
+		if mo == 0 && ml > 0 {
+			return fmt.Errorf("zero matchoff and matchlen (%d) > 0", ml)
+		}
+		if ml > maxMatchLen {
+			return fmt.Errorf("match len (%d) bigger than max allowed length", ml)
+		}
+		s.seqSize += ll + ml
+		if s.seqSize > maxBlockSize {
+			return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
+		}
+		litRemain -= ll
+		if litRemain < 0 {
+			return fmt.Errorf("unexpected literal count, want %d bytes, but only %d is available", ll, litRemain+ll)
+		}
+		seqs[i] = seqVals{
+			ll: ll,
+			ml: ml,
+			mo: mo,
+		}
+		if i == len(seqs)-1 {
+			// This is the last sequence, so we shouldn't update state.
+			break
+		}
+
+		// Manually inlined, ~ 5-20% faster
+		// Update all 3 states at once. Approx 20% faster.
+		nBits := llState.nbBits() + mlState.nbBits() + ofState.nbBits()
+		if nBits == 0 {
+			llState = llTable[llState.newState()&maxTableMask]
+			mlState = mlTable[mlState.newState()&maxTableMask]
+			ofState = ofTable[ofState.newState()&maxTableMask]
+		} else {
+			bits := br.get32BitsFast(nBits)
+			lowBits := uint16(bits >> ((ofState.nbBits() + mlState.nbBits()) & 31))
+			llState = llTable[(llState.newState()+lowBits)&maxTableMask]
+
+			lowBits = uint16(bits >> (ofState.nbBits() & 31))
+			lowBits &= bitMask[mlState.nbBits()&15]
+			mlState = mlTable[(mlState.newState()+lowBits)&maxTableMask]
+
+			lowBits = uint16(bits) & bitMask[ofState.nbBits()&15]
+			ofState = ofTable[(ofState.newState()+lowBits)&maxTableMask]
+		}
+	}
+	s.seqSize += litRemain
+	if s.seqSize > maxBlockSize {
+		return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
+	}
+	err := br.close()
+	if err != nil {
+		printf("Closing sequences: %v, %+v\n", err, *br)
+	}
+	return err
+}
+
+// executeSimple handles cases when a dictionary is not used.
+func (s *sequenceDecs) executeSimple(seqs []seqVals, hist []byte) error {
+	// Ensure we have enough output size...
+	if len(s.out)+s.seqSize > cap(s.out) {
+		addBytes := s.seqSize + len(s.out)
+		s.out = append(s.out, make([]byte, addBytes)...)
+		s.out = s.out[:len(s.out)-addBytes]
+	}
+
+	if debugDecoder {
+		printf("Execute %d seqs with literals: %d into %d bytes\n", len(seqs), len(s.literals), s.seqSize)
+	}
+
+	var t = len(s.out)
+	out := s.out[:t+s.seqSize]
+
+	for _, seq := range seqs {
+		// Add literals
+		copy(out[t:], s.literals[:seq.ll])
+		t += seq.ll
+		s.literals = s.literals[seq.ll:]
+
+		// Malformed input
+		if seq.mo > t+len(hist) || seq.mo > s.windowSize {
+			return fmt.Errorf("match offset (%d) bigger than current history (%d)", seq.mo, t+len(hist))
+		}
+
+		// Copy from history.
+		if v := seq.mo - t; v > 0 {
+			// v is the start position in history from end.
+			start := len(hist) - v
+			if seq.ml > v {
+				// Some goes into the current block.
+				// Copy remainder of history
+				copy(out[t:], hist[start:])
+				t += v
+				seq.ml -= v
+			} else {
+				copy(out[t:], hist[start:start+seq.ml])
+				t += seq.ml
+				continue
+			}
+		}
+
+		// We must be in the current buffer now
+		if seq.ml > 0 {
+			start := t - seq.mo
+			if seq.ml <= t-start {
+				// No overlap
+				copy(out[t:], out[start:start+seq.ml])
+				t += seq.ml
+			} else {
+				// Overlapping copy
+				// Extend destination slice and copy one byte at the time.
+				src := out[start : start+seq.ml]
+				dst := out[t:]
+				dst = dst[:len(src)]
+				t += len(src)
+				// Destination is the space we just added.
+				for i := range src {
+					dst[i] = src[i]
+				}
+			}
+		}
+	}
+	// Add final literals
+	copy(out[t:], s.literals)
+	if debugDecoder {
+		t += len(s.literals)
+		if t != len(out) {
+			panic(fmt.Errorf("length mismatch, want %d, got %d, ss: %d", len(out), t, s.seqSize))
+		}
+	}
+	s.out = out
+
+	return nil
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/seqenc.go b/vendor/github.com/klauspost/compress/zstd/seqenc.go
new file mode 100644
index 000000000..8014174a7
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/seqenc.go
@@ -0,0 +1,114 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import "math/bits"
+
+type seqCoders struct {
+	llEnc, ofEnc, mlEnc    *fseEncoder
+	llPrev, ofPrev, mlPrev *fseEncoder
+}
+
+// swap coders with another (block).
+func (s *seqCoders) swap(other *seqCoders) {
+	*s, *other = *other, *s
+}
+
+// setPrev will update the previous encoders to the actually used ones
+// and make sure a fresh one is in the main slot.
+func (s *seqCoders) setPrev(ll, ml, of *fseEncoder) {
+	compareSwap := func(used *fseEncoder, current, prev **fseEncoder) {
+		// We used the new one, more current to history and reuse the previous history
+		if *current == used {
+			*prev, *current = *current, *prev
+			c := *current
+			p := *prev
+			c.reUsed = false
+			p.reUsed = true
+			return
+		}
+		if used == *prev {
+			return
+		}
+		// Ensure we cannot reuse by accident
+		prevEnc := *prev
+		prevEnc.symbolLen = 0
+	}
+	compareSwap(ll, &s.llEnc, &s.llPrev)
+	compareSwap(ml, &s.mlEnc, &s.mlPrev)
+	compareSwap(of, &s.ofEnc, &s.ofPrev)
+}
+
+func highBit(val uint32) (n uint32) {
+	return uint32(bits.Len32(val) - 1)
+}
+
+var llCodeTable = [64]byte{0, 1, 2, 3, 4, 5, 6, 7,
+	8, 9, 10, 11, 12, 13, 14, 15,
+	16, 16, 17, 17, 18, 18, 19, 19,
+	20, 20, 20, 20, 21, 21, 21, 21,
+	22, 22, 22, 22, 22, 22, 22, 22,
+	23, 23, 23, 23, 23, 23, 23, 23,
+	24, 24, 24, 24, 24, 24, 24, 24,
+	24, 24, 24, 24, 24, 24, 24, 24}
+
+// Up to 6 bits
+const maxLLCode = 35
+
+// llBitsTable translates from ll code to number of bits.
+var llBitsTable = [maxLLCode + 1]byte{
+	0, 0, 0, 0, 0, 0, 0, 0,
+	0, 0, 0, 0, 0, 0, 0, 0,
+	1, 1, 1, 1, 2, 2, 3, 3,
+	4, 6, 7, 8, 9, 10, 11, 12,
+	13, 14, 15, 16}
+
+// llCode returns the code that represents the literal length requested.
+func llCode(litLength uint32) uint8 {
+	const llDeltaCode = 19
+	if litLength <= 63 {
+		// Compiler insists on bounds check (Go 1.12)
+		return llCodeTable[litLength&63]
+	}
+	return uint8(highBit(litLength)) + llDeltaCode
+}
+
+var mlCodeTable = [128]byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
+	16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
+	32, 32, 33, 33, 34, 34, 35, 35, 36, 36, 36, 36, 37, 37, 37, 37,
+	38, 38, 38, 38, 38, 38, 38, 38, 39, 39, 39, 39, 39, 39, 39, 39,
+	40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
+	41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41,
+	42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42,
+	42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42}
+
+// Up to 6 bits
+const maxMLCode = 52
+
+// mlBitsTable translates from ml code to number of bits.
+var mlBitsTable = [maxMLCode + 1]byte{
+	0, 0, 0, 0, 0, 0, 0, 0,
+	0, 0, 0, 0, 0, 0, 0, 0,
+	0, 0, 0, 0, 0, 0, 0, 0,
+	0, 0, 0, 0, 0, 0, 0, 0,
+	1, 1, 1, 1, 2, 2, 3, 3,
+	4, 4, 5, 7, 8, 9, 10, 11,
+	12, 13, 14, 15, 16}
+
+// note : mlBase = matchLength - MINMATCH;
+// because it's the format it's stored in seqStore->sequences
+func mlCode(mlBase uint32) uint8 {
+	const mlDeltaCode = 36
+	if mlBase <= 127 {
+		// Compiler insists on bounds check (Go 1.12)
+		return mlCodeTable[mlBase&127]
+	}
+	return uint8(highBit(mlBase)) + mlDeltaCode
+}
+
+func ofCode(offset uint32) uint8 {
+	// A valid offset will always be > 0.
+	return uint8(bits.Len32(offset) - 1)
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/snappy.go b/vendor/github.com/klauspost/compress/zstd/snappy.go
new file mode 100644
index 000000000..ec13594e8
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/snappy.go
@@ -0,0 +1,434 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+// Based on work by Yann Collet, released under BSD License.
+
+package zstd
+
+import (
+	"encoding/binary"
+	"errors"
+	"hash/crc32"
+	"io"
+
+	"github.com/klauspost/compress/huff0"
+	snappy "github.com/klauspost/compress/internal/snapref"
+)
+
+const (
+	snappyTagLiteral = 0x00
+	snappyTagCopy1   = 0x01
+	snappyTagCopy2   = 0x02
+	snappyTagCopy4   = 0x03
+)
+
+const (
+	snappyChecksumSize = 4
+	snappyMagicBody    = "sNaPpY"
+
+	// snappyMaxBlockSize is the maximum size of the input to encodeBlock. It is not
+	// part of the wire format per se, but some parts of the encoder assume
+	// that an offset fits into a uint16.
+	//
+	// Also, for the framing format (Writer type instead of Encode function),
+	// https://github.com/google/snappy/blob/master/framing_format.txt says
+	// that "the uncompressed data in a chunk must be no longer than 65536
+	// bytes".
+	snappyMaxBlockSize = 65536
+
+	// snappyMaxEncodedLenOfMaxBlockSize equals MaxEncodedLen(snappyMaxBlockSize), but is
+	// hard coded to be a const instead of a variable, so that obufLen can also
+	// be a const. Their equivalence is confirmed by
+	// TestMaxEncodedLenOfMaxBlockSize.
+	snappyMaxEncodedLenOfMaxBlockSize = 76490
+)
+
+const (
+	chunkTypeCompressedData   = 0x00
+	chunkTypeUncompressedData = 0x01
+	chunkTypePadding          = 0xfe
+	chunkTypeStreamIdentifier = 0xff
+)
+
+var (
+	// ErrSnappyCorrupt reports that the input is invalid.
+	ErrSnappyCorrupt = errors.New("snappy: corrupt input")
+	// ErrSnappyTooLarge reports that the uncompressed length is too large.
+	ErrSnappyTooLarge = errors.New("snappy: decoded block is too large")
+	// ErrSnappyUnsupported reports that the input isn't supported.
+	ErrSnappyUnsupported = errors.New("snappy: unsupported input")
+
+	errUnsupportedLiteralLength = errors.New("snappy: unsupported literal length")
+)
+
+// SnappyConverter can read SnappyConverter-compressed streams and convert them to zstd.
+// Conversion is done by converting the stream directly from Snappy without intermediate
+// full decoding.
+// Therefore the compression ratio is much less than what can be done by a full decompression
+// and compression, and a faulty Snappy stream may lead to a faulty Zstandard stream without
+// any errors being generated.
+// No CRC value is being generated and not all CRC values of the Snappy stream are checked.
+// However, it provides really fast recompression of Snappy streams.
+// The converter can be reused to avoid allocations, even after errors.
+type SnappyConverter struct {
+	r     io.Reader
+	err   error
+	buf   []byte
+	block *blockEnc
+}
+
+// Convert the Snappy stream supplied in 'in' and write the zStandard stream to 'w'.
+// If any error is detected on the Snappy stream it is returned.
+// The number of bytes written is returned.
+func (r *SnappyConverter) Convert(in io.Reader, w io.Writer) (int64, error) {
+	initPredefined()
+	r.err = nil
+	r.r = in
+	if r.block == nil {
+		r.block = &blockEnc{}
+		r.block.init()
+	}
+	r.block.initNewEncode()
+	if len(r.buf) != snappyMaxEncodedLenOfMaxBlockSize+snappyChecksumSize {
+		r.buf = make([]byte, snappyMaxEncodedLenOfMaxBlockSize+snappyChecksumSize)
+	}
+	r.block.litEnc.Reuse = huff0.ReusePolicyNone
+	var written int64
+	var readHeader bool
+	{
+		header := frameHeader{WindowSize: snappyMaxBlockSize}.appendTo(r.buf[:0])
+
+		var n int
+		n, r.err = w.Write(header)
+		if r.err != nil {
+			return written, r.err
+		}
+		written += int64(n)
+	}
+
+	for {
+		if !r.readFull(r.buf[:4], true) {
+			// Add empty last block
+			r.block.reset(nil)
+			r.block.last = true
+			err := r.block.encodeLits(r.block.literals, false)
+			if err != nil {
+				return written, err
+			}
+			n, err := w.Write(r.block.output)
+			if err != nil {
+				return written, err
+			}
+			written += int64(n)
+
+			return written, r.err
+		}
+		chunkType := r.buf[0]
+		if !readHeader {
+			if chunkType != chunkTypeStreamIdentifier {
+				println("chunkType != chunkTypeStreamIdentifier", chunkType)
+				r.err = ErrSnappyCorrupt
+				return written, r.err
+			}
+			readHeader = true
+		}
+		chunkLen := int(r.buf[1]) | int(r.buf[2])<<8 | int(r.buf[3])<<16
+		if chunkLen > len(r.buf) {
+			println("chunkLen > len(r.buf)", chunkType)
+			r.err = ErrSnappyUnsupported
+			return written, r.err
+		}
+
+		// The chunk types are specified at
+		// https://github.com/google/snappy/blob/master/framing_format.txt
+		switch chunkType {
+		case chunkTypeCompressedData:
+			// Section 4.2. Compressed data (chunk type 0x00).
+			if chunkLen < snappyChecksumSize {
+				println("chunkLen < snappyChecksumSize", chunkLen, snappyChecksumSize)
+				r.err = ErrSnappyCorrupt
+				return written, r.err
+			}
+			buf := r.buf[:chunkLen]
+			if !r.readFull(buf, false) {
+				return written, r.err
+			}
+			//checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24
+			buf = buf[snappyChecksumSize:]
+
+			n, hdr, err := snappyDecodedLen(buf)
+			if err != nil {
+				r.err = err
+				return written, r.err
+			}
+			buf = buf[hdr:]
+			if n > snappyMaxBlockSize {
+				println("n > snappyMaxBlockSize", n, snappyMaxBlockSize)
+				r.err = ErrSnappyCorrupt
+				return written, r.err
+			}
+			r.block.reset(nil)
+			r.block.pushOffsets()
+			if err := decodeSnappy(r.block, buf); err != nil {
+				r.err = err
+				return written, r.err
+			}
+			if r.block.size+r.block.extraLits != n {
+				printf("invalid size, want %d, got %d\n", n, r.block.size+r.block.extraLits)
+				r.err = ErrSnappyCorrupt
+				return written, r.err
+			}
+			err = r.block.encode(nil, false, false)
+			switch err {
+			case errIncompressible:
+				r.block.popOffsets()
+				r.block.reset(nil)
+				r.block.literals, err = snappy.Decode(r.block.literals[:n], r.buf[snappyChecksumSize:chunkLen])
+				if err != nil {
+					return written, err
+				}
+				err = r.block.encodeLits(r.block.literals, false)
+				if err != nil {
+					return written, err
+				}
+			case nil:
+			default:
+				return written, err
+			}
+
+			n, r.err = w.Write(r.block.output)
+			if r.err != nil {
+				return written, err
+			}
+			written += int64(n)
+			continue
+		case chunkTypeUncompressedData:
+			if debugEncoder {
+				println("Uncompressed, chunklen", chunkLen)
+			}
+			// Section 4.3. Uncompressed data (chunk type 0x01).
+			if chunkLen < snappyChecksumSize {
+				println("chunkLen < snappyChecksumSize", chunkLen, snappyChecksumSize)
+				r.err = ErrSnappyCorrupt
+				return written, r.err
+			}
+			r.block.reset(nil)
+			buf := r.buf[:snappyChecksumSize]
+			if !r.readFull(buf, false) {
+				return written, r.err
+			}
+			checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24
+			// Read directly into r.decoded instead of via r.buf.
+			n := chunkLen - snappyChecksumSize
+			if n > snappyMaxBlockSize {
+				println("n > snappyMaxBlockSize", n, snappyMaxBlockSize)
+				r.err = ErrSnappyCorrupt
+				return written, r.err
+			}
+			r.block.literals = r.block.literals[:n]
+			if !r.readFull(r.block.literals, false) {
+				return written, r.err
+			}
+			if snappyCRC(r.block.literals) != checksum {
+				println("literals crc mismatch")
+				r.err = ErrSnappyCorrupt
+				return written, r.err
+			}
+			err := r.block.encodeLits(r.block.literals, false)
+			if err != nil {
+				return written, err
+			}
+			n, r.err = w.Write(r.block.output)
+			if r.err != nil {
+				return written, err
+			}
+			written += int64(n)
+			continue
+
+		case chunkTypeStreamIdentifier:
+			if debugEncoder {
+				println("stream id", chunkLen, len(snappyMagicBody))
+			}
+			// Section 4.1. Stream identifier (chunk type 0xff).
+			if chunkLen != len(snappyMagicBody) {
+				println("chunkLen != len(snappyMagicBody)", chunkLen, len(snappyMagicBody))
+				r.err = ErrSnappyCorrupt
+				return written, r.err
+			}
+			if !r.readFull(r.buf[:len(snappyMagicBody)], false) {
+				return written, r.err
+			}
+			for i := 0; i < len(snappyMagicBody); i++ {
+				if r.buf[i] != snappyMagicBody[i] {
+					println("r.buf[i] != snappyMagicBody[i]", r.buf[i], snappyMagicBody[i], i)
+					r.err = ErrSnappyCorrupt
+					return written, r.err
+				}
+			}
+			continue
+		}
+
+		if chunkType <= 0x7f {
+			// Section 4.5. Reserved unskippable chunks (chunk types 0x02-0x7f).
+			println("chunkType <= 0x7f")
+			r.err = ErrSnappyUnsupported
+			return written, r.err
+		}
+		// Section 4.4 Padding (chunk type 0xfe).
+		// Section 4.6. Reserved skippable chunks (chunk types 0x80-0xfd).
+		if !r.readFull(r.buf[:chunkLen], false) {
+			return written, r.err
+		}
+	}
+}
+
+// decodeSnappy writes the decoding of src to dst. It assumes that the varint-encoded
+// length of the decompressed bytes has already been read.
+func decodeSnappy(blk *blockEnc, src []byte) error {
+	//decodeRef(make([]byte, snappyMaxBlockSize), src)
+	var s, length int
+	lits := blk.extraLits
+	var offset uint32
+	for s < len(src) {
+		switch src[s] & 0x03 {
+		case snappyTagLiteral:
+			x := uint32(src[s] >> 2)
+			switch {
+			case x < 60:
+				s++
+			case x == 60:
+				s += 2
+				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+					println("uint(s) > uint(len(src)", s, src)
+					return ErrSnappyCorrupt
+				}
+				x = uint32(src[s-1])
+			case x == 61:
+				s += 3
+				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+					println("uint(s) > uint(len(src)", s, src)
+					return ErrSnappyCorrupt
+				}
+				x = uint32(src[s-2]) | uint32(src[s-1])<<8
+			case x == 62:
+				s += 4
+				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+					println("uint(s) > uint(len(src)", s, src)
+					return ErrSnappyCorrupt
+				}
+				x = uint32(src[s-3]) | uint32(src[s-2])<<8 | uint32(src[s-1])<<16
+			case x == 63:
+				s += 5
+				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+					println("uint(s) > uint(len(src)", s, src)
+					return ErrSnappyCorrupt
+				}
+				x = uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24
+			}
+			if x > snappyMaxBlockSize {
+				println("x > snappyMaxBlockSize", x, snappyMaxBlockSize)
+				return ErrSnappyCorrupt
+			}
+			length = int(x) + 1
+			if length <= 0 {
+				println("length <= 0 ", length)
+
+				return errUnsupportedLiteralLength
+			}
+			//if length > snappyMaxBlockSize-d || uint32(length) > len(src)-s {
+			//	return ErrSnappyCorrupt
+			//}
+
+			blk.literals = append(blk.literals, src[s:s+length]...)
+			//println(length, "litLen")
+			lits += length
+			s += length
+			continue
+
+		case snappyTagCopy1:
+			s += 2
+			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+				println("uint(s) > uint(len(src)", s, len(src))
+				return ErrSnappyCorrupt
+			}
+			length = 4 + int(src[s-2])>>2&0x7
+			offset = uint32(src[s-2])&0xe0<<3 | uint32(src[s-1])
+
+		case snappyTagCopy2:
+			s += 3
+			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+				println("uint(s) > uint(len(src)", s, len(src))
+				return ErrSnappyCorrupt
+			}
+			length = 1 + int(src[s-3])>>2
+			offset = uint32(src[s-2]) | uint32(src[s-1])<<8
+
+		case snappyTagCopy4:
+			s += 5
+			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
+				println("uint(s) > uint(len(src)", s, len(src))
+				return ErrSnappyCorrupt
+			}
+			length = 1 + int(src[s-5])>>2
+			offset = uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24
+		}
+
+		if offset <= 0 || blk.size+lits < int(offset) /*|| length > len(blk)-d */ {
+			println("offset <= 0 || blk.size+lits < int(offset)", offset, blk.size+lits, int(offset), blk.size, lits)
+
+			return ErrSnappyCorrupt
+		}
+
+		// Check if offset is one of the recent offsets.
+		// Adjusts the output offset accordingly.
+		// Gives a tiny bit of compression, typically around 1%.
+		if false {
+			offset = blk.matchOffset(offset, uint32(lits))
+		} else {
+			offset += 3
+		}
+
+		blk.sequences = append(blk.sequences, seq{
+			litLen:   uint32(lits),
+			offset:   offset,
+			matchLen: uint32(length) - zstdMinMatch,
+		})
+		blk.size += length + lits
+		lits = 0
+	}
+	blk.extraLits = lits
+	return nil
+}
+
+func (r *SnappyConverter) readFull(p []byte, allowEOF bool) (ok bool) {
+	if _, r.err = io.ReadFull(r.r, p); r.err != nil {
+		if r.err == io.ErrUnexpectedEOF || (r.err == io.EOF && !allowEOF) {
+			r.err = ErrSnappyCorrupt
+		}
+		return false
+	}
+	return true
+}
+
+var crcTable = crc32.MakeTable(crc32.Castagnoli)
+
+// crc implements the checksum specified in section 3 of
+// https://github.com/google/snappy/blob/master/framing_format.txt
+func snappyCRC(b []byte) uint32 {
+	c := crc32.Update(0, crcTable, b)
+	return c>>15 | c<<17 + 0xa282ead8
+}
+
+// snappyDecodedLen returns the length of the decoded block and the number of bytes
+// that the length header occupied.
+func snappyDecodedLen(src []byte) (blockLen, headerLen int, err error) {
+	v, n := binary.Uvarint(src)
+	if n <= 0 || v > 0xffffffff {
+		return 0, 0, ErrSnappyCorrupt
+	}
+
+	const wordSize = 32 << (^uint(0) >> 32 & 1)
+	if wordSize == 32 && v > 0x7fffffff {
+		return 0, 0, ErrSnappyTooLarge
+	}
+	return int(v), n, nil
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/zip.go b/vendor/github.com/klauspost/compress/zstd/zip.go
new file mode 100644
index 000000000..29c15c8c4
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/zip.go
@@ -0,0 +1,141 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+
+package zstd
+
+import (
+	"errors"
+	"io"
+	"sync"
+)
+
+// ZipMethodWinZip is the method for Zstandard compressed data inside Zip files for WinZip.
+// See https://www.winzip.com/win/en/comp_info.html
+const ZipMethodWinZip = 93
+
+// ZipMethodPKWare is the original method number used by PKWARE to indicate Zstandard compression.
+// Deprecated: This has been deprecated by PKWARE, use ZipMethodWinZip instead for compression.
+// See https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.3.9.TXT
+const ZipMethodPKWare = 20
+
+// zipReaderPool is the default reader pool.
+var zipReaderPool = sync.Pool{New: func() interface{} {
+	z, err := NewReader(nil, WithDecoderLowmem(true), WithDecoderMaxWindow(128<<20), WithDecoderConcurrency(1))
+	if err != nil {
+		panic(err)
+	}
+	return z
+}}
+
+// newZipReader creates a pooled zip decompressor.
+func newZipReader(opts ...DOption) func(r io.Reader) io.ReadCloser {
+	pool := &zipReaderPool
+	if len(opts) > 0 {
+		opts = append([]DOption{WithDecoderLowmem(true), WithDecoderMaxWindow(128 << 20)}, opts...)
+		// Force concurrency 1
+		opts = append(opts, WithDecoderConcurrency(1))
+		// Create our own pool
+		pool = &sync.Pool{}
+	}
+	return func(r io.Reader) io.ReadCloser {
+		dec, ok := pool.Get().(*Decoder)
+		if ok {
+			dec.Reset(r)
+		} else {
+			d, err := NewReader(r, opts...)
+			if err != nil {
+				panic(err)
+			}
+			dec = d
+		}
+		return &pooledZipReader{dec: dec, pool: pool}
+	}
+}
+
+type pooledZipReader struct {
+	mu   sync.Mutex // guards Close and Read
+	pool *sync.Pool
+	dec  *Decoder
+}
+
+func (r *pooledZipReader) Read(p []byte) (n int, err error) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	if r.dec == nil {
+		return 0, errors.New("read after close or EOF")
+	}
+	dec, err := r.dec.Read(p)
+	if err == io.EOF {
+		r.dec.Reset(nil)
+		r.pool.Put(r.dec)
+		r.dec = nil
+	}
+	return dec, err
+}
+
+func (r *pooledZipReader) Close() error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	var err error
+	if r.dec != nil {
+		err = r.dec.Reset(nil)
+		r.pool.Put(r.dec)
+		r.dec = nil
+	}
+	return err
+}
+
+type pooledZipWriter struct {
+	mu   sync.Mutex // guards Close and Read
+	enc  *Encoder
+	pool *sync.Pool
+}
+
+func (w *pooledZipWriter) Write(p []byte) (n int, err error) {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	if w.enc == nil {
+		return 0, errors.New("Write after Close")
+	}
+	return w.enc.Write(p)
+}
+
+func (w *pooledZipWriter) Close() error {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	var err error
+	if w.enc != nil {
+		err = w.enc.Close()
+		w.pool.Put(w.enc)
+		w.enc = nil
+	}
+	return err
+}
+
+// ZipCompressor returns a compressor that can be registered with zip libraries.
+// The provided encoder options will be used on all encodes.
+func ZipCompressor(opts ...EOption) func(w io.Writer) (io.WriteCloser, error) {
+	var pool sync.Pool
+	return func(w io.Writer) (io.WriteCloser, error) {
+		enc, ok := pool.Get().(*Encoder)
+		if ok {
+			enc.Reset(w)
+		} else {
+			var err error
+			enc, err = NewWriter(w, opts...)
+			if err != nil {
+				return nil, err
+			}
+		}
+		return &pooledZipWriter{enc: enc, pool: &pool}, nil
+	}
+}
+
+// ZipDecompressor returns a decompressor that can be registered with zip libraries.
+// See ZipCompressor for example.
+// Options can be specified. WithDecoderConcurrency(1) is forced,
+// and by default a 128MB maximum decompression window is specified.
+// The window size can be overridden if required.
+func ZipDecompressor(opts ...DOption) func(r io.Reader) io.ReadCloser {
+	return newZipReader(opts...)
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/zstd.go b/vendor/github.com/klauspost/compress/zstd/zstd.go
new file mode 100644
index 000000000..066bef2a4
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/zstd.go
@@ -0,0 +1,125 @@
+// Package zstd provides decompression of zstandard files.
+//
+// For advanced usage and examples, go to the README: https://github.com/klauspost/compress/tree/master/zstd#zstd
+package zstd
+
+import (
+	"bytes"
+	"encoding/binary"
+	"errors"
+	"log"
+	"math"
+)
+
+// enable debug printing
+const debug = false
+
+// enable encoding debug printing
+const debugEncoder = debug
+
+// enable decoding debug printing
+const debugDecoder = debug
+
+// Enable extra assertions.
+const debugAsserts = debug || false
+
+// print sequence details
+const debugSequences = false
+
+// print detailed matching information
+const debugMatches = false
+
+// force encoder to use predefined tables.
+const forcePreDef = false
+
+// zstdMinMatch is the minimum zstd match length.
+const zstdMinMatch = 3
+
+// fcsUnknown is used for unknown frame content size.
+const fcsUnknown = math.MaxUint64
+
+var (
+	// ErrReservedBlockType is returned when a reserved block type is found.
+	// Typically this indicates wrong or corrupted input.
+	ErrReservedBlockType = errors.New("invalid input: reserved block type encountered")
+
+	// ErrCompressedSizeTooBig is returned when a block is bigger than allowed.
+	// Typically this indicates wrong or corrupted input.
+	ErrCompressedSizeTooBig = errors.New("invalid input: compressed size too big")
+
+	// ErrBlockTooSmall is returned when a block is too small to be decoded.
+	// Typically returned on invalid input.
+	ErrBlockTooSmall = errors.New("block too small")
+
+	// ErrUnexpectedBlockSize is returned when a block has unexpected size.
+	// Typically returned on invalid input.
+	ErrUnexpectedBlockSize = errors.New("unexpected block size")
+
+	// ErrMagicMismatch is returned when a "magic" number isn't what is expected.
+	// Typically this indicates wrong or corrupted input.
+	ErrMagicMismatch = errors.New("invalid input: magic number mismatch")
+
+	// ErrWindowSizeExceeded is returned when a reference exceeds the valid window size.
+	// Typically this indicates wrong or corrupted input.
+	ErrWindowSizeExceeded = errors.New("window size exceeded")
+
+	// ErrWindowSizeTooSmall is returned when no window size is specified.
+	// Typically this indicates wrong or corrupted input.
+	ErrWindowSizeTooSmall = errors.New("invalid input: window size was too small")
+
+	// ErrDecoderSizeExceeded is returned if decompressed size exceeds the configured limit.
+	ErrDecoderSizeExceeded = errors.New("decompressed size exceeds configured limit")
+
+	// ErrUnknownDictionary is returned if the dictionary ID is unknown.
+	ErrUnknownDictionary = errors.New("unknown dictionary")
+
+	// ErrFrameSizeExceeded is returned if the stated frame size is exceeded.
+	// This is only returned if SingleSegment is specified on the frame.
+	ErrFrameSizeExceeded = errors.New("frame size exceeded")
+
+	// ErrFrameSizeMismatch is returned if the stated frame size does not match the expected size.
+	// This is only returned if SingleSegment is specified on the frame.
+	ErrFrameSizeMismatch = errors.New("frame size does not match size on stream")
+
+	// ErrCRCMismatch is returned if CRC mismatches.
+	ErrCRCMismatch = errors.New("CRC check failed")
+
+	// ErrDecoderClosed will be returned if the Decoder was used after
+	// Close has been called.
+	ErrDecoderClosed = errors.New("decoder used after Close")
+
+	// ErrEncoderClosed will be returned if the Encoder was used after
+	// Close has been called.
+	ErrEncoderClosed = errors.New("encoder used after Close")
+
+	// ErrDecoderNilInput is returned when a nil Reader was provided
+	// and an operation other than Reset/DecodeAll/Close was attempted.
+	ErrDecoderNilInput = errors.New("nil input provided as reader")
+)
+
+func println(a ...interface{}) {
+	if debug || debugDecoder || debugEncoder {
+		log.Println(a...)
+	}
+}
+
+func printf(format string, a ...interface{}) {
+	if debug || debugDecoder || debugEncoder {
+		log.Printf(format, a...)
+	}
+}
+
+func load3232(b []byte, i int32) uint32 {
+	return binary.LittleEndian.Uint32(b[:len(b):len(b)][i:])
+}
+
+func load6432(b []byte, i int32) uint64 {
+	return binary.LittleEndian.Uint64(b[:len(b):len(b)][i:])
+}
+
+type byter interface {
+	Bytes() []byte
+	Len() int
+}
+
+var _ byter = &bytes.Buffer{}
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
index 53d7560ec..52ee2a3dc 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
@@ -1,7 +1,7 @@
 #ifndef USE_LIBSQLITE3
 /******************************************************************************
 ** This file is an amalgamation of many separate C source files from SQLite
-** version 3.45.1.  By combining all the individual C code files into this
+** version 3.46.1.  By combining all the individual C code files into this
 ** single large file, the entire code can be compiled as a single translation
 ** unit.  This allows many compilers to do optimizations that would not be
 ** possible if the files were compiled separately.  Performance improvements
@@ -19,7 +19,7 @@
 ** separate file. This file contains only code for the core SQLite library.
 **
 ** The content in this amalgamation comes from Fossil check-in
-** e876e51a0ed5c5b3126f52e532044363a014.
+** c9c2ab54ba1f5f46360f1b4f35d849cd3f08.
 */
 #define SQLITE_CORE 1
 #define SQLITE_AMALGAMATION 1
@@ -460,9 +460,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.45.1"
-#define SQLITE_VERSION_NUMBER 3045001
-#define SQLITE_SOURCE_ID      "2024-01-30 16:01:20 e876e51a0ed5c5b3126f52e532044363a014bc594cfefa87ffb5b82257cc467a"
+#define SQLITE_VERSION        "3.46.1"
+#define SQLITE_VERSION_NUMBER 3046001
+#define SQLITE_SOURCE_ID      "2024-08-13 09:16:08 c9c2ab54ba1f5f46360f1b4f35d849cd3f080e6fc2b6c60e91b16c63f69a1e33"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -734,6 +734,8 @@ typedef int (*sqlite3_callback)(void*,int,char**, char**);
 **      the 1st parameter to sqlite3_exec() while sqlite3_exec() is running.
 ** 
    21.  The application must not modify the SQL statement text passed into
 **      the 2nd parameter of sqlite3_exec() while sqlite3_exec() is running.
+** 
    22.  The application must not dereference the arrays or string pointers
+**       passed as the 3rd and 4th callback parameters after it returns.
 ** 
 */
 SQLITE_API int sqlite3_exec(
@@ -1076,11 +1078,11 @@ struct sqlite3_file {
 ** 
 ** xLock() upgrades the database file lock.  In other words, xLock() moves the
 ** database file lock in the direction NONE toward EXCLUSIVE. The argument to
-** xLock() is always on of SHARED, RESERVED, PENDING, or EXCLUSIVE, never
+** xLock() is always one of SHARED, RESERVED, PENDING, or EXCLUSIVE, never
 ** SQLITE_LOCK_NONE.  If the database file lock is already at or above the
 ** requested lock, then the call to xLock() is a no-op.
 ** xUnlock() downgrades the database file lock to either SHARED or NONE.
-*  If the lock is already at or below the requested lock state, then the call
+** If the lock is already at or below the requested lock state, then the call
 ** to xUnlock() is a no-op.
 ** The xCheckReservedLock() method checks whether any database connection,
 ** either in this process or in some other process, is holding a RESERVED,
@@ -2455,6 +2457,22 @@ struct sqlite3_mem_methods {
 ** configuration setting is never used, then the default maximum is determined
 ** by the [SQLITE_MEMDB_DEFAULT_MAXSIZE] compile-time option.  If that
 ** compile-time option is not set, then the default maximum is 1073741824.
+**
+** [[SQLITE_CONFIG_ROWID_IN_VIEW]]
+** 
      SQLITE_CONFIG_ROWID_IN_VIEW
+** 
      The SQLITE_CONFIG_ROWID_IN_VIEW option enables or disables the ability
+** for VIEWs to have a ROWID.  The capability can only be enabled if SQLite is
+** compiled with -DSQLITE_ALLOW_ROWID_IN_VIEW, in which case the capability
+** defaults to on.  This configuration option queries the current setting or
+** changes the setting to off or on.  The argument is a pointer to an integer.
+** If that integer initially holds a value of 1, then the ability for VIEWs to
+** have ROWIDs is activated.  If the integer initially holds zero, then the
+** ability is deactivated.  Any other initial value for the integer leaves the
+** setting unchanged.  After changes, if any, the integer is written with
+** a 1 or 0, if the ability for VIEWs to have ROWIDs is on or off.  If SQLite
+** is compiled without -DSQLITE_ALLOW_ROWID_IN_VIEW (which is the usual and
+** recommended case) then the integer is always filled with zero, regardless
+** if its initial value.
 ** 
 */
 #define SQLITE_CONFIG_SINGLETHREAD         1  /* nil */
@@ -2486,6 +2504,7 @@ struct sqlite3_mem_methods {
 #define SQLITE_CONFIG_SMALL_MALLOC        27  /* boolean */
 #define SQLITE_CONFIG_SORTERREF_SIZE      28  /* int nByte */
 #define SQLITE_CONFIG_MEMDB_MAXSIZE       29  /* sqlite3_int64 */
+#define SQLITE_CONFIG_ROWID_IN_VIEW       30  /* int* */
 
 /*
 ** CAPI3REF: Database Connection Configuration Options
@@ -3600,8 +3619,8 @@ SQLITE_API int sqlite3_set_authorizer(
 #define SQLITE_RECURSIVE            33   /* NULL            NULL            */
 
 /*
-** CAPI3REF: Tracing And Profiling Functions
-** METHOD: sqlite3
+** CAPI3REF: Deprecated Tracing And Profiling Functions
+** DEPRECATED
 **
 ** These routines are deprecated. Use the [sqlite3_trace_v2()] interface
 ** instead of the routines described here.
@@ -7182,6 +7201,12 @@ SQLITE_API int sqlite3_autovacuum_pages(
 ** The exceptions defined in this paragraph might change in a future
 ** release of SQLite.
 **
+** Whether the update hook is invoked before or after the
+** corresponding change is currently unspecified and may differ
+** depending on the type of change. Do not rely on the order of the
+** hook call with regards to the final result of the operation which
+** triggers the hook.
+**
 ** The update hook implementation must not do anything that will modify
 ** the database connection that invoked the update hook.  Any actions
 ** to modify the database connection must be deferred until after the
@@ -8652,7 +8677,7 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 ** The sqlite3_keyword_count() interface returns the number of distinct
 ** keywords understood by SQLite.
 **
-** The sqlite3_keyword_name(N,Z,L) interface finds the N-th keyword and
+** The sqlite3_keyword_name(N,Z,L) interface finds the 0-based N-th keyword and
 ** makes *Z point to that keyword expressed as UTF8 and writes the number
 ** of bytes in the keyword into *L.  The string that *Z points to is not
 ** zero-terminated.  The sqlite3_keyword_name(N,Z,L) routine returns
@@ -10231,24 +10256,45 @@ SQLITE_API const char *sqlite3_vtab_collation(sqlite3_index_info*,int);
 ** 
    23. 
 ** ^(If the sqlite3_vtab_distinct() interface returns 2, that means
 ** that the query planner does not need the rows returned in any particular
-** order, as long as rows with the same values in all "aOrderBy" columns
-** are adjacent.)^  ^(Furthermore, only a single row for each particular
-** combination of values in the columns identified by the "aOrderBy" field
-** needs to be returned.)^  ^It is always ok for two or more rows with the same
-** values in all "aOrderBy" columns to be returned, as long as all such rows
-** are adjacent.  ^The virtual table may, if it chooses, omit extra rows
-** that have the same value for all columns identified by "aOrderBy".
-** ^However omitting the extra rows is optional.
+** order, as long as rows with the same values in all columns identified
+** by "aOrderBy" are adjacent.)^  ^(Furthermore, when two or more rows
+** contain the same values for all columns identified by "colUsed", all but
+** one such row may optionally be omitted from the result.)^
+** The virtual table is not required to omit rows that are duplicates
+** over the "colUsed" columns, but if the virtual table can do that without
+** too much extra effort, it could potentially help the query to run faster.
 ** This mode is used for a DISTINCT query.
 ** 
    24. 
-** ^(If the sqlite3_vtab_distinct() interface returns 3, that means
-** that the query planner needs only distinct rows but it does need the
-** rows to be sorted.)^ ^The virtual table implementation is free to omit
-** rows that are identical in all aOrderBy columns, if it wants to, but
-** it is not required to omit any rows.  This mode is used for queries
+** ^(If the sqlite3_vtab_distinct() interface returns 3, that means the
+** virtual table must return rows in the order defined by "aOrderBy" as
+** if the sqlite3_vtab_distinct() interface had returned 0.  However if
+** two or more rows in the result have the same values for all columns
+** identified by "colUsed", then all but one such row may optionally be
+** omitted.)^  Like when the return value is 2, the virtual table
+** is not required to omit rows that are duplicates over the "colUsed"
+** columns, but if the virtual table can do that without
+** too much extra effort, it could potentially help the query to run faster.
+** This mode is used for queries
 ** that have both DISTINCT and ORDER BY clauses.
 ** 
 **
+** 
      The following table summarizes the conditions under which the
+** virtual table is allowed to set the "orderByConsumed" flag based on
+** the value returned by sqlite3_vtab_distinct().  This table is a
+** restatement of the previous four paragraphs:
+**
+** 
      25. 
+** 
+** 
      sqlite3_vtab_distinct() return value
+** Rows are returned in aOrderBy order
+** Rows with the same value in all aOrderBy columns are adjacent
+** Duplicates over all colUsed columns may be omitted
+** 
      0yesyesno
+** 
      1noyesno
+** 
      2noyesyes
+** 
      3yesyesyes
+** 
      
+**
 ** ^For the purposes of comparing virtual table output values to see if the
 ** values are same value for sorting purposes, two NULL values are considered
 ** to be the same.  In other words, the comparison operator is "IS"
@@ -12293,6 +12339,30 @@ SQLITE_API int sqlite3changegroup_schema(sqlite3_changegroup*, sqlite3*, const c
 */
 SQLITE_API int sqlite3changegroup_add(sqlite3_changegroup*, int nData, void *pData);
 
+/*
+** CAPI3REF: Add A Single Change To A Changegroup
+** METHOD: sqlite3_changegroup
+**
+** This function adds the single change currently indicated by the iterator
+** passed as the second argument to the changegroup object. The rules for
+** adding the change are just as described for [sqlite3changegroup_add()].
+**
+** If the change is successfully added to the changegroup, SQLITE_OK is
+** returned. Otherwise, an SQLite error code is returned.
+**
+** The iterator must point to a valid entry when this function is called.
+** If it does not, SQLITE_ERROR is returned and no change is added to the
+** changegroup. Additionally, the iterator must not have been opened with
+** the SQLITE_CHANGESETAPPLY_INVERT flag. In this case SQLITE_ERROR is also
+** returned.
+*/
+SQLITE_API int sqlite3changegroup_add_change(
+  sqlite3_changegroup*,
+  sqlite3_changeset_iter*
+);
+
+
+
 /*
 ** CAPI3REF: Obtain A Composite Changeset From A Changegroup
 ** METHOD: sqlite3_changegroup
@@ -13097,8 +13167,8 @@ struct Fts5PhraseIter {
 ** EXTENSION API FUNCTIONS
 **
 ** xUserData(pFts):
-**   Return a copy of the context pointer the extension function was
-**   registered with.
+**   Return a copy of the pUserData pointer passed to the xCreateFunction()
+**   API when the extension function was registered.
 **
 ** xColumnTotalSize(pFts, iCol, pnToken):
 **   If parameter iCol is less than zero, set output variable *pnToken
@@ -14296,6 +14366,8 @@ struct fts5_api {
 # define SQLITE_OMIT_ALTERTABLE
 #endif
 
+#define SQLITE_DIGIT_SEPARATOR '_'
+
 /*
 ** Return true (non-zero) if the input is an integer that is too large
 ** to fit in 32-bits.  This macro is used inside of various testcase()
@@ -14588,8 +14660,8 @@ SQLITE_PRIVATE void sqlite3HashClear(Hash*);
 #define TK_TRUEFALSE                      170
 #define TK_ISNOT                          171
 #define TK_FUNCTION                       172
-#define TK_UMINUS                         173
-#define TK_UPLUS                          174
+#define TK_UPLUS                          173
+#define TK_UMINUS                         174
 #define TK_TRUTH                          175
 #define TK_REGISTER                       176
 #define TK_VECTOR                         177
@@ -14598,8 +14670,9 @@ SQLITE_PRIVATE void sqlite3HashClear(Hash*);
 #define TK_ASTERISK                       180
 #define TK_SPAN                           181
 #define TK_ERROR                          182
-#define TK_SPACE                          183
-#define TK_ILLEGAL                        184
+#define TK_QNUMBER                        183
+#define TK_SPACE                          184
+#define TK_ILLEGAL                        185
 
 /************** End of parse.h ***********************************************/
 /************** Continuing where we left off in sqliteInt.h ******************/
@@ -14861,7 +14934,7 @@ typedef INT16_TYPE LogEst;
 #   define SQLITE_PTRSIZE __SIZEOF_POINTER__
 # elif defined(i386)     || defined(__i386__)   || defined(_M_IX86) ||    \
        defined(_M_ARM)   || defined(__arm__)    || defined(__x86)   ||    \
-      (defined(__APPLE__) && defined(__POWERPC__)) ||                     \
+      (defined(__APPLE__) && defined(__ppc__)) ||                         \
       (defined(__TOS_AIX__) && !defined(__64BIT__))
 #   define SQLITE_PTRSIZE 4
 # else
@@ -15098,6 +15171,7 @@ SQLITE_PRIVATE u32 sqlite3TreeTrace;
 **   0x00010000     Beginning of DELETE/INSERT/UPDATE processing
 **   0x00020000     Transform DISTINCT into GROUP BY
 **   0x00040000     SELECT tree dump after all code has been generated
+**   0x00080000     NOT NULL strength reduction
 */
 
 /*
@@ -15128,7 +15202,7 @@ SQLITE_PRIVATE u32 sqlite3WhereTrace;
 ** 0x00000010   Display sqlite3_index_info xBestIndex calls
 ** 0x00000020   Range an equality scan metrics
 ** 0x00000040   IN operator decisions
-** 0x00000080   WhereLoop cost adjustements
+** 0x00000080   WhereLoop cost adjustments
 ** 0x00000100
 ** 0x00000200   Covering index decisions
 ** 0x00000400   OR optimization
@@ -16277,6 +16351,7 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   sqlite3 *db,  /* Database connection that is running the check */
   Btree *p,     /* The btree to be checked */
   Pgno *aRoot,  /* An array of root pages numbers for individual trees */
+  sqlite3_value *aCnt,  /* OUT: entry counts for each btree in aRoot[] */
   int nRoot,    /* Number of entries in aRoot[] */
   int mxErr,    /* Stop reporting errors after this many */
   int *pnErr,   /* OUT: Write number of errors seen to this variable */
@@ -16547,12 +16622,12 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_Vacuum          5
 #define OP_VFilter         6 /* jump, synopsis: iplan=r[P3] zplan='P4'     */
 #define OP_VUpdate         7 /* synopsis: data=r[P3@P2]                    */
-#define OP_Init            8 /* jump, synopsis: Start at P2                */
+#define OP_Init            8 /* jump0, synopsis: Start at P2               */
 #define OP_Goto            9 /* jump                                       */
 #define OP_Gosub          10 /* jump                                       */
-#define OP_InitCoroutine  11 /* jump                                       */
-#define OP_Yield          12 /* jump                                       */
-#define OP_MustBeInt      13 /* jump                                       */
+#define OP_InitCoroutine  11 /* jump0                                      */
+#define OP_Yield          12 /* jump0                                      */
+#define OP_MustBeInt      13 /* jump0                                      */
 #define OP_Jump           14 /* jump                                       */
 #define OP_Once           15 /* jump                                       */
 #define OP_If             16 /* jump                                       */
@@ -16560,22 +16635,22 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_IsType         18 /* jump, synopsis: if typeof(P1.P3) in P5 goto P2 */
 #define OP_Not            19 /* same as TK_NOT, synopsis: r[P2]= !r[P1]    */
 #define OP_IfNullRow      20 /* jump, synopsis: if P1.nullRow then r[P3]=NULL, goto P2 */
-#define OP_SeekLT         21 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_SeekLE         22 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_SeekGE         23 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_SeekGT         24 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_SeekLT         21 /* jump0, synopsis: key=r[P3@P4]              */
+#define OP_SeekLE         22 /* jump0, synopsis: key=r[P3@P4]              */
+#define OP_SeekGE         23 /* jump0, synopsis: key=r[P3@P4]              */
+#define OP_SeekGT         24 /* jump0, synopsis: key=r[P3@P4]              */
 #define OP_IfNotOpen      25 /* jump, synopsis: if( !csr[P1] ) goto P2     */
 #define OP_IfNoHope       26 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_NoConflict     27 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_NotFound       28 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_Found          29 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_SeekRowid      30 /* jump, synopsis: intkey=r[P3]               */
+#define OP_SeekRowid      30 /* jump0, synopsis: intkey=r[P3]              */
 #define OP_NotExists      31 /* jump, synopsis: intkey=r[P3]               */
-#define OP_Last           32 /* jump                                       */
-#define OP_IfSmaller      33 /* jump                                       */
+#define OP_Last           32 /* jump0                                      */
+#define OP_IfSizeBetween  33 /* jump                                       */
 #define OP_SorterSort     34 /* jump                                       */
 #define OP_Sort           35 /* jump                                       */
-#define OP_Rewind         36 /* jump                                       */
+#define OP_Rewind         36 /* jump0                                      */
 #define OP_SorterNext     37 /* jump                                       */
 #define OP_Prev           38 /* jump                                       */
 #define OP_Next           39 /* jump                                       */
@@ -16587,7 +16662,7 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_IdxGE          45 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_RowSetRead     46 /* jump, synopsis: r[P3]=rowset(P1)           */
 #define OP_RowSetTest     47 /* jump, synopsis: if r[P3] in rowset(P1) goto P2 */
-#define OP_Program        48 /* jump                                       */
+#define OP_Program        48 /* jump0                                      */
 #define OP_FkIfZero       49 /* jump, synopsis: if fkctr[P1]==0 goto P2    */
 #define OP_IsNull         50 /* jump, same as TK_ISNULL, synopsis: if r[P1]==NULL goto P2 */
 #define OP_NotNull        51 /* jump, same as TK_NOTNULL, synopsis: if r[P1]!=NULL goto P2 */
@@ -16617,7 +16692,7 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_Null           75 /* synopsis: r[P2..P3]=NULL                   */
 #define OP_SoftNull       76 /* synopsis: r[P1]=NULL                       */
 #define OP_Blob           77 /* synopsis: r[P2]=P4 (len=P1)                */
-#define OP_Variable       78 /* synopsis: r[P2]=parameter(P1,P4)           */
+#define OP_Variable       78 /* synopsis: r[P2]=parameter(P1)              */
 #define OP_Move           79 /* synopsis: r[P2@P3]=r[P1@P3]                */
 #define OP_Copy           80 /* synopsis: r[P2@P3+1]=r[P1@P3+1]            */
 #define OP_SCopy          81 /* synopsis: r[P2]=r[P1]                      */
@@ -16741,14 +16816,15 @@ typedef struct VdbeOpList VdbeOpList;
 #define OPFLG_OUT2        0x10  /* out2:  P2 is an output */
 #define OPFLG_OUT3        0x20  /* out3:  P3 is an output */
 #define OPFLG_NCYCLE      0x40  /* ncycle:Cycles count against P1 */
+#define OPFLG_JUMP0       0x80  /* jump0:  P2 might be zero */
 #define OPFLG_INITIALIZER {\
 /*   0 */ 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x41, 0x00,\
-/*   8 */ 0x01, 0x01, 0x01, 0x01, 0x03, 0x03, 0x01, 0x01,\
-/*  16 */ 0x03, 0x03, 0x01, 0x12, 0x01, 0x49, 0x49, 0x49,\
-/*  24 */ 0x49, 0x01, 0x49, 0x49, 0x49, 0x49, 0x49, 0x49,\
-/*  32 */ 0x41, 0x01, 0x41, 0x41, 0x41, 0x01, 0x41, 0x41,\
+/*   8 */ 0x81, 0x01, 0x01, 0x81, 0x83, 0x83, 0x01, 0x01,\
+/*  16 */ 0x03, 0x03, 0x01, 0x12, 0x01, 0xc9, 0xc9, 0xc9,\
+/*  24 */ 0xc9, 0x01, 0x49, 0x49, 0x49, 0x49, 0xc9, 0x49,\
+/*  32 */ 0xc1, 0x01, 0x41, 0x41, 0xc1, 0x01, 0x41, 0x41,\
 /*  40 */ 0x41, 0x41, 0x41, 0x26, 0x26, 0x41, 0x23, 0x0b,\
-/*  48 */ 0x01, 0x01, 0x03, 0x03, 0x0b, 0x0b, 0x0b, 0x0b,\
+/*  48 */ 0x81, 0x01, 0x03, 0x03, 0x0b, 0x0b, 0x0b, 0x0b,\
 /*  56 */ 0x0b, 0x0b, 0x01, 0x03, 0x03, 0x03, 0x01, 0x41,\
 /*  64 */ 0x01, 0x00, 0x00, 0x02, 0x02, 0x08, 0x00, 0x10,\
 /*  72 */ 0x10, 0x10, 0x00, 0x10, 0x00, 0x10, 0x10, 0x00,\
@@ -16908,6 +16984,8 @@ SQLITE_PRIVATE RecordCompare sqlite3VdbeFindCompare(UnpackedRecord*);
 SQLITE_PRIVATE void sqlite3VdbeLinkSubProgram(Vdbe *, SubProgram *);
 SQLITE_PRIVATE int sqlite3VdbeHasSubProgram(Vdbe*);
 
+SQLITE_PRIVATE void sqlite3MemSetArrayInt64(sqlite3_value *aMem, int iIdx, i64 val);
+
 SQLITE_PRIVATE int sqlite3NotPureFunc(sqlite3_context*);
 #ifdef SQLITE_ENABLE_BYTECODE_VTAB
 SQLITE_PRIVATE int sqlite3VdbeBytecodeVtabInit(sqlite3*);
@@ -17495,6 +17573,10 @@ struct FuncDefHash {
 };
 #define SQLITE_FUNC_HASH(C,L) (((C)+(L))%SQLITE_FUNC_HASH_SZ)
 
+#if defined(SQLITE_USER_AUTHENTICATION)
+# warning  "The SQLITE_USER_AUTHENTICATION extension is deprecated. \
+ See ext/userauth/user-auth.txt for details."
+#endif
 #ifdef SQLITE_USER_AUTHENTICATION
 /*
 ** Information held in the "sqlite3" database connection object and used
@@ -17798,7 +17880,7 @@ struct sqlite3 {
 #define SQLITE_CursorHints    0x00000400 /* Add OP_CursorHint opcodes */
 #define SQLITE_Stat4          0x00000800 /* Use STAT4 data */
    /* TH3 expects this value  ^^^^^^^^^^ to be 0x0000800. Don't change it */
-#define SQLITE_PushDown       0x00001000 /* The push-down optimization */
+#define SQLITE_PushDown       0x00001000 /* WHERE-clause push-down opt */
 #define SQLITE_SimplifyJoin   0x00002000 /* Convert LEFT JOIN to JOIN */
 #define SQLITE_SkipScan       0x00004000 /* Skip-scans */
 #define SQLITE_PropagateConst 0x00008000 /* The constant propagation opt */
@@ -18371,8 +18453,7 @@ struct Table {
 #define TF_HasStored      0x00000040 /* Has one or more STORED columns */
 #define TF_HasGenerated   0x00000060 /* Combo: HasVirtual + HasStored */
 #define TF_WithoutRowid   0x00000080 /* No rowid.  PRIMARY KEY is the key */
-#define TF_StatsUsed      0x00000100 /* Query planner decisions affected by
-                                     ** Index.aiRowLogEst[] values */
+#define TF_MaybeReanalyze 0x00000100 /* Maybe run ANALYZE on this table */
 #define TF_NoVisibleRowid 0x00000200 /* No user-visible "rowid" column */
 #define TF_OOOHidden      0x00000400 /* Out-of-Order hidden columns */
 #define TF_HasNotNull     0x00000800 /* Contains NOT NULL constraints */
@@ -18428,6 +18509,15 @@ struct Table {
 #define HasRowid(X)     (((X)->tabFlags & TF_WithoutRowid)==0)
 #define VisibleRowid(X) (((X)->tabFlags & TF_NoVisibleRowid)==0)
 
+/* Macro is true if the SQLITE_ALLOW_ROWID_IN_VIEW (mis-)feature is
+** available.  By default, this macro is false
+*/
+#ifndef SQLITE_ALLOW_ROWID_IN_VIEW
+# define ViewCanHaveRowid     0
+#else
+# define ViewCanHaveRowid     (sqlite3Config.mNoVisibleRowid==0)
+#endif
+
 /*
 ** Each foreign key constraint is an instance of the following structure.
 **
@@ -19163,10 +19253,12 @@ struct IdList {
 **
 ** Union member validity:
 **
-**    u1.zIndexedBy          fg.isIndexedBy && !fg.isTabFunc
-**    u1.pFuncArg            fg.isTabFunc   && !fg.isIndexedBy
-**    u2.pIBIndex            fg.isIndexedBy && !fg.isCte
-**    u2.pCteUse             fg.isCte       && !fg.isIndexedBy
+**    u1.zIndexedBy      fg.isIndexedBy && !fg.isTabFunc
+**    u1.pFuncArg        fg.isTabFunc   && !fg.isIndexedBy
+**    u1.nRow            !fg.isTabFunc  && !fg.isIndexedBy
+**
+**    u2.pIBIndex        fg.isIndexedBy && !fg.isCte
+**    u2.pCteUse         fg.isCte       && !fg.isIndexedBy
 */
 struct SrcItem {
   Schema *pSchema;  /* Schema to which this item is fixed */
@@ -19194,6 +19286,7 @@ struct SrcItem {
     unsigned isOn :1;          /* u3.pOn was once valid and non-NULL */
     unsigned isSynthUsing :1;  /* u3.pUsing is synthesized from NATURAL */
     unsigned isNestedFrom :1;  /* pSelect is a SF_NestedFrom subquery */
+    unsigned rowidUsed :1;     /* The ROWID of this table is referenced */
   } fg;
   int iCursor;      /* The VDBE cursor number used to access this table */
   union {
@@ -19204,6 +19297,7 @@ struct SrcItem {
   union {
     char *zIndexedBy;    /* Identifier from "INDEXED BY " clause */
     ExprList *pFuncArg;  /* Arguments to table-valued-function */
+    u32 nRow;            /* Number of rows in a VALUES clause */
   } u1;
   union {
     Index *pIBIndex;  /* Index structure corresponding to u1.zIndexedBy */
@@ -19268,7 +19362,7 @@ struct SrcList {
 #define WHERE_AGG_DISTINCT     0x0400 /* Query is "SELECT agg(DISTINCT ...)" */
 #define WHERE_ORDERBY_LIMIT    0x0800 /* ORDERBY+LIMIT on the inner loop */
 #define WHERE_RIGHT_JOIN       0x1000 /* Processing a RIGHT JOIN */
-                        /*     0x2000    not currently used */
+#define WHERE_KEEP_ALL_JOINS   0x2000 /* Do not do the omit-noop-join opt */
 #define WHERE_USE_LIMIT        0x4000 /* Use the LIMIT in cost estimates */
                         /*     0x8000    not currently used */
 
@@ -19347,6 +19441,7 @@ struct NameContext {
 #define NC_InAggFunc 0x020000 /* True if analyzing arguments to an agg func */
 #define NC_FromDDL   0x040000 /* SQL text comes from sqlite_schema */
 #define NC_NoSelect  0x080000 /* Do not descend into sub-selects */
+#define NC_Where     0x100000 /* Processing WHERE clause of a SELECT */
 #define NC_OrderAgg 0x8000000 /* Has an aggregate other than count/min/max */
 
 /*
@@ -19370,6 +19465,7 @@ struct Upsert {
   Expr *pUpsertWhere;       /* WHERE clause for the ON CONFLICT UPDATE */
   Upsert *pNextUpsert;      /* Next ON CONFLICT clause in the list */
   u8 isDoUpdate;            /* True for DO UPDATE.  False for DO NOTHING */
+  u8 isDup;                 /* True if 2nd or later with same pUpsertIdx */
   /* Above this point is the parse tree for the ON CONFLICT clauses.
   ** The next group of fields stores intermediate data. */
   void *pToFree;            /* Free memory when deleting the Upsert object */
@@ -19459,11 +19555,12 @@ struct Select {
 #define SF_View          0x0200000 /* SELECT statement is a view */
 #define SF_NoopOrderBy   0x0400000 /* ORDER BY is ignored for this query */
 #define SF_UFSrcCheck    0x0800000 /* Check pSrc as required by UPDATE...FROM */
-#define SF_PushDown      0x1000000 /* SELECT has be modified by push-down opt */
+#define SF_PushDown      0x1000000 /* Modified by WHERE-clause push-down opt */
 #define SF_MultiPart     0x2000000 /* Has multiple incompatible PARTITIONs */
 #define SF_CopyCte       0x4000000 /* SELECT statement is a copy of a CTE */
 #define SF_OrderByReqd   0x8000000 /* The ORDER BY clause may not be omitted */
 #define SF_UpdateFrom   0x10000000 /* Query originates with UPDATE FROM */
+#define SF_Correlated   0x20000000 /* True if references the outer context */
 
 /* True if S exists and has SF_NestedFrom */
 #define IsNestedFrom(S) ((S)!=0 && ((S)->selFlags&SF_NestedFrom)!=0)
@@ -19703,6 +19800,7 @@ struct Parse {
   u8 disableLookaside; /* Number of times lookaside has been disabled */
   u8 prepFlags;        /* SQLITE_PREPARE_* flags */
   u8 withinRJSubrtn;   /* Nesting level for RIGHT JOIN body subroutines */
+  u8 bHasWith;         /* True if statement contains WITH */
 #if defined(SQLITE_DEBUG) || defined(SQLITE_COVERAGE_TEST)
   u8 earlyCleanup;     /* OOM inside sqlite3ParserAddCleanup() */
 #endif
@@ -20140,6 +20238,11 @@ struct Sqlite3Config {
 #endif
 #ifndef SQLITE_UNTESTABLE
   int (*xTestCallback)(int);        /* Invoked by sqlite3FaultSim() */
+#endif
+#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
+  u32 mNoVisibleRowid;              /* TF_NoVisibleRowid if the ROWID_IN_VIEW
+                                    ** feature is disabled.  0 if rowids can
+                                    ** occur in views. */
 #endif
   int bLocaltimeFault;              /* True to fail localtime() calls */
   int (*xAltLocaltime)(const void*,void*); /* Alternative localtime() routine */
@@ -20377,6 +20480,9 @@ struct Window {
                           ** due to the SQLITE_SUBTYPE flag */
 };
 
+SQLITE_PRIVATE Select *sqlite3MultiValues(Parse *pParse, Select *pLeft, ExprList *pRow);
+SQLITE_PRIVATE void sqlite3MultiValuesEnd(Parse *pParse, Select *pVal);
+
 #ifndef SQLITE_OMIT_WINDOWFUNC
 SQLITE_PRIVATE void sqlite3WindowDelete(sqlite3*, Window*);
 SQLITE_PRIVATE void sqlite3WindowUnlinkFromSelect(Window*);
@@ -20596,10 +20702,13 @@ SQLITE_PRIVATE void sqlite3MutexWarnOnContention(sqlite3_mutex*);
 # define EXP754 (((u64)0x7ff)<<52)
 # define MAN754 ((((u64)1)<<52)-1)
 # define IsNaN(X) (((X)&EXP754)==EXP754 && ((X)&MAN754)!=0)
+# define IsOvfl(X) (((X)&EXP754)==EXP754)
 SQLITE_PRIVATE   int sqlite3IsNaN(double);
+SQLITE_PRIVATE   int sqlite3IsOverflow(double);
 #else
-# define IsNaN(X)         0
-# define sqlite3IsNaN(X)  0
+# define IsNaN(X)             0
+# define sqlite3IsNaN(X)      0
+# define sqlite3IsOVerflow(X) 0
 #endif
 
 /*
@@ -20691,6 +20800,7 @@ SQLITE_PRIVATE int sqlite3ErrorToParser(sqlite3*,int);
 SQLITE_PRIVATE void sqlite3Dequote(char*);
 SQLITE_PRIVATE void sqlite3DequoteExpr(Expr*);
 SQLITE_PRIVATE void sqlite3DequoteToken(Token*);
+SQLITE_PRIVATE void sqlite3DequoteNumber(Parse*, Expr*);
 SQLITE_PRIVATE void sqlite3TokenInit(Token*,char*);
 SQLITE_PRIVATE int sqlite3KeywordCode(const unsigned char*, int);
 SQLITE_PRIVATE int sqlite3RunParser(Parse*, const char*);
@@ -20721,7 +20831,7 @@ SQLITE_PRIVATE void sqlite3ExprFunctionUsable(Parse*,const Expr*,const FuncDef*)
 SQLITE_PRIVATE void sqlite3ExprAssignVarNumber(Parse*, Expr*, u32);
 SQLITE_PRIVATE void sqlite3ExprDelete(sqlite3*, Expr*);
 SQLITE_PRIVATE void sqlite3ExprDeleteGeneric(sqlite3*,void*);
-SQLITE_PRIVATE void sqlite3ExprDeferredDelete(Parse*, Expr*);
+SQLITE_PRIVATE int sqlite3ExprDeferredDelete(Parse*, Expr*);
 SQLITE_PRIVATE void sqlite3ExprUnmapAndDelete(Parse*, Expr*);
 SQLITE_PRIVATE ExprList *sqlite3ExprListAppend(Parse*,ExprList*,Expr*);
 SQLITE_PRIVATE ExprList *sqlite3ExprListAppendVector(Parse*,ExprList*,IdList*,Expr*);
@@ -20944,12 +21054,10 @@ SQLITE_PRIVATE void sqlite3LeaveMutexAndCloseZombie(sqlite3*);
 SQLITE_PRIVATE u32 sqlite3IsTrueOrFalse(const char*);
 SQLITE_PRIVATE int sqlite3ExprIdToTrueFalse(Expr*);
 SQLITE_PRIVATE int sqlite3ExprTruthValue(const Expr*);
-SQLITE_PRIVATE int sqlite3ExprIsConstant(Expr*);
-SQLITE_PRIVATE int sqlite3ExprIsConstantNotJoin(Expr*);
+SQLITE_PRIVATE int sqlite3ExprIsConstant(Parse*,Expr*);
 SQLITE_PRIVATE int sqlite3ExprIsConstantOrFunction(Expr*, u8);
 SQLITE_PRIVATE int sqlite3ExprIsConstantOrGroupBy(Parse*, Expr*, ExprList*);
-SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr*,int);
-SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(Expr*,const SrcList*,int);
+SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(Expr*,const SrcList*,int,int);
 #ifdef SQLITE_ENABLE_CURSOR_HINTS
 SQLITE_PRIVATE int sqlite3ExprContainsSubquery(Expr*);
 #endif
@@ -21134,7 +21242,9 @@ SQLITE_PRIVATE void sqlite3ErrorWithMsg(sqlite3*, int, const char*,...);
 SQLITE_PRIVATE void sqlite3Error(sqlite3*,int);
 SQLITE_PRIVATE void sqlite3ErrorClear(sqlite3*);
 SQLITE_PRIVATE void sqlite3SystemError(sqlite3*,int);
+#if !defined(SQLITE_OMIT_BLOB_LITERAL)
 SQLITE_PRIVATE void *sqlite3HexToBlob(sqlite3*, const char *z, int n);
+#endif
 SQLITE_PRIVATE u8 sqlite3HexToInt(int h);
 SQLITE_PRIVATE int sqlite3TwoPartName(Parse *, Token *, Token *, Token **);
 
@@ -21445,7 +21555,7 @@ SQLITE_PRIVATE   With *sqlite3WithPush(Parse*, With*, u8);
 SQLITE_PRIVATE   Upsert *sqlite3UpsertNew(sqlite3*,ExprList*,Expr*,ExprList*,Expr*,Upsert*);
 SQLITE_PRIVATE   void sqlite3UpsertDelete(sqlite3*,Upsert*);
 SQLITE_PRIVATE   Upsert *sqlite3UpsertDup(sqlite3*,Upsert*);
-SQLITE_PRIVATE   int sqlite3UpsertAnalyzeTarget(Parse*,SrcList*,Upsert*);
+SQLITE_PRIVATE   int sqlite3UpsertAnalyzeTarget(Parse*,SrcList*,Upsert*,Upsert*);
 SQLITE_PRIVATE   void sqlite3UpsertDoUpdate(Parse*,Upsert*,Table*,Index*,int);
 SQLITE_PRIVATE   Upsert *sqlite3UpsertOfIndex(Upsert*,Index*);
 SQLITE_PRIVATE   int sqlite3UpsertNextIsIPK(Upsert*);
@@ -21835,6 +21945,9 @@ static const char * const sqlite3azCompileOpt[] = {
   "ALLOW_COVERING_INDEX_SCAN=" CTIMEOPT_VAL(SQLITE_ALLOW_COVERING_INDEX_SCAN),
 # endif
 #endif
+#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
+  "ALLOW_ROWID_IN_VIEW",
+#endif
 #ifdef SQLITE_ALLOW_URI_AUTHORITY
   "ALLOW_URI_AUTHORITY",
 #endif
@@ -22854,6 +22967,9 @@ SQLITE_PRIVATE SQLITE_WSD struct Sqlite3Config sqlite3Config = {
 #endif
 #ifndef SQLITE_UNTESTABLE
    0,                         /* xTestCallback */
+#endif
+#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
+   0,                         /* mNoVisibleRowid.  0 == allow rowid-in-view */
 #endif
    0,                         /* bLocaltimeFault */
    0,                         /* xAltLocaltime */
@@ -24175,13 +24291,14 @@ struct DateTime {
   int tz;             /* Timezone offset in minutes */
   double s;           /* Seconds */
   char validJD;       /* True (1) if iJD is valid */
-  char rawS;          /* Raw numeric value stored in s */
   char validYMD;      /* True (1) if Y,M,D are valid */
   char validHMS;      /* True (1) if h,m,s are valid */
-  char validTZ;       /* True (1) if tz is valid */
-  char tzSet;         /* Timezone was set explicitly */
-  char isError;       /* An overflow has occurred */
-  char useSubsec;     /* Display subsecond precision */
+  char nFloor;            /* Days to implement "floor" */
+  unsigned rawS      : 1; /* Raw numeric value stored in s */
+  unsigned isError   : 1; /* An overflow has occurred */
+  unsigned useSubsec : 1; /* Display subsecond precision */
+  unsigned isUtc     : 1; /* Time is known to be UTC */
+  unsigned isLocal   : 1; /* Time is known to be localtime */
 };
 
 
@@ -24279,6 +24396,8 @@ static int parseTimezone(const char *zDate, DateTime *p){
     sgn = +1;
   }else if( c=='Z' || c=='z' ){
     zDate++;
+    p->isLocal = 0;
+    p->isUtc = 1;
     goto zulu_time;
   }else{
     return c!=0;
@@ -24291,7 +24410,6 @@ static int parseTimezone(const char *zDate, DateTime *p){
   p->tz = sgn*(nMn + nHr*60);
 zulu_time:
   while( sqlite3Isspace(*zDate) ){ zDate++; }
-  p->tzSet = 1;
   return *zDate!=0;
 }
 
@@ -24335,7 +24453,6 @@ static int parseHhMmSs(const char *zDate, DateTime *p){
   p->m = m;
   p->s = s + ms;
   if( parseTimezone(zDate, p) ) return 1;
-  p->validTZ = (p->tz!=0)?1:0;
   return 0;
 }
 
@@ -24382,15 +24499,40 @@ static void computeJD(DateTime *p){
   p->validJD = 1;
   if( p->validHMS ){
     p->iJD += p->h*3600000 + p->m*60000 + (sqlite3_int64)(p->s*1000 + 0.5);
-    if( p->validTZ ){
+    if( p->tz ){
       p->iJD -= p->tz*60000;
       p->validYMD = 0;
       p->validHMS = 0;
-      p->validTZ = 0;
+      p->tz = 0;
+      p->isUtc = 1;
+      p->isLocal = 0;
     }
   }
 }
 
+/*
+** Given the YYYY-MM-DD information current in p, determine if there
+** is day-of-month overflow and set nFloor to the number of days that
+** would need to be subtracted from the date in order to bring the
+** date back to the end of the month.
+*/
+static void computeFloor(DateTime *p){
+  assert( p->validYMD || p->isError );
+  assert( p->D>=0 && p->D<=31 );
+  assert( p->M>=0 && p->M<=12 );
+  if( p->D<=28 ){
+    p->nFloor = 0;
+  }else if( (1<M) & 0x15aa ){
+    p->nFloor = 0;
+  }else if( p->M!=2 ){
+    p->nFloor = (p->D==31);
+  }else if( p->Y%4!=0 || (p->Y%100==0 && p->Y%400!=0) ){
+    p->nFloor = p->D - 28;
+  }else{
+    p->nFloor = p->D - 29;
+  }
+}
+
 /*
 ** Parse dates of the form
 **
@@ -24429,12 +24571,16 @@ static int parseYyyyMmDd(const char *zDate, DateTime *p){
   p->Y = neg ? -Y : Y;
   p->M = M;
   p->D = D;
-  if( p->validTZ ){
+  computeFloor(p);
+  if( p->tz ){
     computeJD(p);
   }
   return 0;
 }
 
+
+static void clearYMD_HMS_TZ(DateTime *p);  /* Forward declaration */
+
 /*
 ** Set the time to the current time reported by the VFS.
 **
@@ -24444,6 +24590,9 @@ static int setDateTimeToCurrent(sqlite3_context *context, DateTime *p){
   p->iJD = sqlite3StmtCurrentTime(context);
   if( p->iJD>0 ){
     p->validJD = 1;
+    p->isUtc = 1;
+    p->isLocal = 0;
+    clearYMD_HMS_TZ(p);
     return 0;
   }else{
     return 1;
@@ -24582,7 +24731,7 @@ static void computeYMD_HMS(DateTime *p){
 static void clearYMD_HMS_TZ(DateTime *p){
   p->validYMD = 0;
   p->validHMS = 0;
-  p->validTZ = 0;
+  p->tz = 0;
 }
 
 #ifndef SQLITE_OMIT_LOCALTIME
@@ -24714,7 +24863,7 @@ static int toLocaltime(
   p->validHMS = 1;
   p->validJD = 0;
   p->rawS = 0;
-  p->validTZ = 0;
+  p->tz = 0;
   p->isError = 0;
   return SQLITE_OK;
 }
@@ -24734,12 +24883,12 @@ static const struct {
   float rLimit;       /* Maximum NNN value for this transform */
   float rXform;       /* Constant used for this transform */
 } aXformType[] = {
-  { 6, "second", 4.6427e+14,       1.0  },
-  { 6, "minute", 7.7379e+12,      60.0  },
-  { 4, "hour",   1.2897e+11,    3600.0  },
-  { 3, "day",    5373485.0,    86400.0  },
-  { 5, "month",  176546.0,   2592000.0  },
-  { 4, "year",   14713.0,   31536000.0  },
+  /* 0 */ { 6, "second",   4.6427e+14,         1.0  },
+  /* 1 */ { 6, "minute",   7.7379e+12,        60.0  },
+  /* 2 */ { 4, "hour",     1.2897e+11,      3600.0  },
+  /* 3 */ { 3, "day",      5373485.0,      86400.0  },
+  /* 4 */ { 5, "month",    176546.0,  30.0*86400.0  },
+  /* 5 */ { 4, "year",     14713.0,  365.0*86400.0  },
 };
 
 /*
@@ -24771,14 +24920,20 @@ static void autoAdjustDate(DateTime *p){
 **     NNN.NNNN seconds
 **     NNN months
 **     NNN years
+**     +/-YYYY-MM-DD HH:MM:SS.SSS
+**     ceiling
+**     floor
 **     start of month
 **     start of year
 **     start of week
 **     start of day
 **     weekday N
 **     unixepoch
+**     auto
 **     localtime
 **     utc
+**     subsec
+**     subsecond
 **
 ** Return 0 on success and 1 if there is any kind of error. If the error
 ** is in a system call (i.e. localtime()), then an error message is written
@@ -24809,6 +24964,37 @@ static int parseModifier(
       }
       break;
     }
+    case 'c': {
+      /*
+      **    ceiling
+      **
+      ** Resolve day-of-month overflow by rolling forward into the next
+      ** month.  As this is the default action, this modifier is really
+      ** a no-op that is only included for symmetry.  See "floor".
+      */
+      if( sqlite3_stricmp(z, "ceiling")==0 ){
+        computeJD(p);
+        clearYMD_HMS_TZ(p);
+        rc = 0;
+        p->nFloor = 0;
+      }
+      break;
+    }
+    case 'f': {
+      /*
+      **    floor
+      **
+      ** Resolve day-of-month overflow by rolling back to the end of the
+      ** previous month.
+      */
+      if( sqlite3_stricmp(z, "floor")==0 ){
+        computeJD(p);
+        p->iJD -= p->nFloor*86400000;
+        clearYMD_HMS_TZ(p);
+        rc = 0;
+      }
+      break;
+    }
     case 'j': {
       /*
       **    julianday
@@ -24835,7 +25021,9 @@ static int parseModifier(
       ** show local time.
       */
       if( sqlite3_stricmp(z, "localtime")==0 && sqlite3NotPureFunc(pCtx) ){
-        rc = toLocaltime(p, pCtx);
+        rc = p->isLocal ? SQLITE_OK : toLocaltime(p, pCtx);
+        p->isUtc = 0;
+        p->isLocal = 1;
       }
       break;
     }
@@ -24860,7 +25048,7 @@ static int parseModifier(
       }
 #ifndef SQLITE_OMIT_LOCALTIME
       else if( sqlite3_stricmp(z, "utc")==0 && sqlite3NotPureFunc(pCtx) ){
-        if( p->tzSet==0 ){
+        if( p->isUtc==0 ){
           i64 iOrigJD;              /* Original localtime */
           i64 iGuess;               /* Guess at the corresponding utc time */
           int cnt = 0;              /* Safety to prevent infinite loop */
@@ -24883,7 +25071,8 @@ static int parseModifier(
           memset(p, 0, sizeof(*p));
           p->iJD = iGuess;
           p->validJD = 1;
-          p->tzSet = 1;
+          p->isUtc = 1;
+          p->isLocal = 0;
         }
         rc = SQLITE_OK;
       }
@@ -24903,7 +25092,7 @@ static int parseModifier(
                && r>=0.0 && r<7.0 && (n=(int)r)==r ){
         sqlite3_int64 Z;
         computeYMD_HMS(p);
-        p->validTZ = 0;
+        p->tz = 0;
         p->validJD = 0;
         computeJD(p);
         Z = ((p->iJD + 129600000)/86400000) % 7;
@@ -24943,7 +25132,7 @@ static int parseModifier(
       p->h = p->m = 0;
       p->s = 0.0;
       p->rawS = 0;
-      p->validTZ = 0;
+      p->tz = 0;
       p->validJD = 0;
       if( sqlite3_stricmp(z,"month")==0 ){
         p->D = 1;
@@ -25014,6 +25203,7 @@ static int parseModifier(
         x = p->M>0 ? (p->M-1)/12 : (p->M-12)/12;
         p->Y += x;
         p->M -= x*12;
+        computeFloor(p);
         computeJD(p);
         p->validHMS = 0;
         p->validYMD = 0;
@@ -25060,11 +25250,12 @@ static int parseModifier(
       z += n;
       while( sqlite3Isspace(*z) ) z++;
       n = sqlite3Strlen30(z);
-      if( n>10 || n<3 ) break;
+      if( n<3 || n>10 ) break;
       if( sqlite3UpperToLower[(u8)z[n-1]]=='s' ) n--;
       computeJD(p);
       assert( rc==1 );
       rRounder = r<0 ? -0.5 : +0.5;
+      p->nFloor = 0;
       for(i=0; iM += (int)r;
               x = p->M>0 ? (p->M-1)/12 : (p->M-12)/12;
               p->Y += x;
               p->M -= x*12;
+              computeFloor(p);
               p->validJD = 0;
               r -= (int)r;
               break;
             }
             case 5: { /* Special processing to add years */
               int y = (int)r;
-              assert( strcmp(aXformType[i].zName,"year")==0 );
+              assert( strcmp(aXformType[5].zName,"year")==0 );
               computeYMD_HMS(p);
+              assert( p->M>=0 && p->M<=12 );
               p->Y += y;
+              computeFloor(p);
               p->validJD = 0;
               r -= (int)r;
               break;
@@ -25340,22 +25534,83 @@ static void dateFunc(
   }
 }
 
+/*
+** Compute the number of days after the most recent January 1.
+**
+** In other words, compute the zero-based day number for the
+** current year:
+**
+**   Jan01 = 0,  Jan02 = 1, ..., Jan31 = 30, Feb01 = 31, ...
+**   Dec31 = 364 or 365.
+*/
+static int daysAfterJan01(DateTime *pDate){
+  DateTime jan01 = *pDate;
+  assert( jan01.validYMD );
+  assert( jan01.validHMS );
+  assert( pDate->validJD );
+  jan01.validJD = 0;
+  jan01.M = 1;
+  jan01.D = 1;
+  computeJD(&jan01);
+  return (int)((pDate->iJD-jan01.iJD+43200000)/86400000);
+}
+
+/*
+** Return the number of days after the most recent Monday.
+**
+** In other words, return the day of the week according
+** to this code:
+**
+**   0=Monday, 1=Tuesday, 2=Wednesday, ..., 6=Sunday.
+*/
+static int daysAfterMonday(DateTime *pDate){
+  assert( pDate->validJD );
+  return (int)((pDate->iJD+43200000)/86400000) % 7;
+}
+
+/*
+** Return the number of days after the most recent Sunday.
+**
+** In other words, return the day of the week according
+** to this code:
+**
+**   0=Sunday, 1=Monday, 2=Tues, ..., 6=Saturday
+*/
+static int daysAfterSunday(DateTime *pDate){
+  assert( pDate->validJD );
+  return (int)((pDate->iJD+129600000)/86400000) % 7;
+}
+
 /*
 **    strftime( FORMAT, TIMESTRING, MOD, MOD, ...)
 **
 ** Return a string described by FORMAT.  Conversions as follows:
 **
-**   %d  day of month
+**   %d  day of month  01-31
+**   %e  day of month  1-31
 **   %f  ** fractional seconds  SS.SSS
+**   %F  ISO date.  YYYY-MM-DD
+**   %G  ISO year corresponding to %V 0000-9999.
+**   %g  2-digit ISO year corresponding to %V 00-99
 **   %H  hour 00-24
-**   %j  day of year 000-366
+**   %k  hour  0-24  (leading zero converted to space)
+**   %I  hour 01-12
+**   %j  day of year 001-366
 **   %J  ** julian day number
+**   %l  hour  1-12  (leading zero converted to space)
 **   %m  month 01-12
 **   %M  minute 00-59
+**   %p  "am" or "pm"
+**   %P  "AM" or "PM"
+**   %R  time as HH:MM
 **   %s  seconds since 1970-01-01
 **   %S  seconds 00-59
-**   %w  day of week 0-6  Sunday==0
-**   %W  week of year 00-53
+**   %T  time as HH:MM:SS
+**   %u  day of week 1-7  Monday==1, Sunday==7
+**   %w  day of week 0-6  Sunday==0, Monday==1
+**   %U  week of year 00-53  (First Sunday is start of week 01)
+**   %V  week of year 01-53  (First week containing Thursday is week 01)
+**   %W  week of year 00-53  (First Monday is start of week 01)
 **   %Y  year 0000-9999
 **   %%  %
 */
@@ -25392,7 +25647,7 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes, cf=='d' ? "%02d" : "%2d", x.D);
         break;
       }
-      case 'f': {
+      case 'f': {  /* Fractional seconds.  (Non-standard) */
         double s = x.s;
         if( s>59.999 ) s = 59.999;
         sqlite3_str_appendf(&sRes, "%06.3f", s);
@@ -25402,6 +25657,21 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes, "%04d-%02d-%02d", x.Y, x.M, x.D);
         break;
       }
+      case 'G': /* Fall thru */
+      case 'g': {
+        DateTime y = x;
+        assert( y.validJD );
+        /* Move y so that it is the Thursday in the same week as x */
+        y.iJD += (3 - daysAfterMonday(&x))*86400000;
+        y.validYMD = 0;
+        computeYMD(&y);
+        if( cf=='g' ){
+          sqlite3_str_appendf(&sRes, "%02d", y.Y%100);
+        }else{
+          sqlite3_str_appendf(&sRes, "%04d", y.Y);
+        }
+        break;
+      }
       case 'H':
       case 'k': {
         sqlite3_str_appendf(&sRes, cf=='H' ? "%02d" : "%2d", x.h);
@@ -25415,25 +25685,11 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes, cf=='I' ? "%02d" : "%2d", h);
         break;
       }
-      case 'W': /* Fall thru */
-      case 'j': {
-        int nDay;             /* Number of days since 1st day of year */
-        DateTime y = x;
-        y.validJD = 0;
-        y.M = 1;
-        y.D = 1;
-        computeJD(&y);
-        nDay = (int)((x.iJD-y.iJD+43200000)/86400000);
-        if( cf=='W' ){
-          int wd;   /* 0=Monday, 1=Tuesday, ... 6=Sunday */
-          wd = (int)(((x.iJD+43200000)/86400000)%7);
-          sqlite3_str_appendf(&sRes,"%02d",(nDay+7-wd)/7);
-        }else{
-          sqlite3_str_appendf(&sRes,"%03d",nDay+1);
-        }
+      case 'j': {  /* Day of year.  Jan01==1, Jan02==2, and so forth */
+        sqlite3_str_appendf(&sRes,"%03d",daysAfterJan01(&x)+1);
         break;
       }
-      case 'J': {
+      case 'J': {  /* Julian day number.  (Non-standard) */
         sqlite3_str_appendf(&sRes,"%.16g",x.iJD/86400000.0);
         break;
       }
@@ -25476,13 +25732,33 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes,"%02d:%02d:%02d", x.h, x.m, (int)x.s);
         break;
       }
-      case 'u': /* Fall thru */
-      case 'w': {
-        char c = (char)(((x.iJD+129600000)/86400000) % 7) + '0';
+      case 'u':    /* Day of week.  1 to 7.  Monday==1, Sunday==7 */
+      case 'w': {  /* Day of week.  0 to 6.  Sunday==0, Monday==1 */
+        char c = (char)daysAfterSunday(&x) + '0';
         if( c=='0' && cf=='u' ) c = '7';
         sqlite3_str_appendchar(&sRes, 1, c);
         break;
       }
+      case 'U': {  /* Week num. 00-53. First Sun of the year is week 01 */
+        sqlite3_str_appendf(&sRes,"%02d",
+              (daysAfterJan01(&x)-daysAfterSunday(&x)+7)/7);
+        break;
+      }
+      case 'V': {  /* Week num. 01-53. First week with a Thur is week 01 */
+        DateTime y = x;
+        /* Adjust y so that is the Thursday in the same week as x */
+        assert( y.validJD );
+        y.iJD += (3 - daysAfterMonday(&x))*86400000;
+        y.validYMD = 0;
+        computeYMD(&y);
+        sqlite3_str_appendf(&sRes,"%02d", daysAfterJan01(&y)/7+1);
+        break;
+      }
+      case 'W': {  /* Week num. 00-53. First Mon of the year is week 01 */
+        sqlite3_str_appendf(&sRes,"%02d",
+           (daysAfterJan01(&x)-daysAfterMonday(&x)+7)/7);
+        break;
+      }
       case 'Y': {
         sqlite3_str_appendf(&sRes,"%04d",x.Y);
         break;
@@ -25629,9 +25905,7 @@ static void timediffFunc(
     d1.iJD = d2.iJD - d1.iJD;
     d1.iJD += (u64)1486995408 * (u64)100000;
   }
-  d1.validYMD = 0;
-  d1.validHMS = 0;
-  d1.validTZ = 0;
+  clearYMD_HMS_TZ(&d1);
   computeYMD_HMS(&d1);
   sqlite3StrAccumInit(&sRes, 0, 0, 0, 100);
   sqlite3_str_appendf(&sRes, "%c%04d-%02d-%02d %02d:%02d:%06.3f",
@@ -25700,6 +25974,36 @@ static void currentTimeFunc(
 }
 #endif
 
+#if !defined(SQLITE_OMIT_DATETIME_FUNCS) && defined(SQLITE_DEBUG)
+/*
+**   datedebug(...)
+**
+** This routine returns JSON that describes the internal DateTime object.
+** Used for debugging and testing only.  Subject to change.
+*/
+static void datedebugFunc(
+  sqlite3_context *context,
+  int argc,
+  sqlite3_value **argv
+){
+  DateTime x;
+  if( isDate(context, argc, argv, &x)==0 ){
+    char *zJson;
+    zJson = sqlite3_mprintf(
+      "{iJD:%lld,Y:%d,M:%d,D:%d,h:%d,m:%d,tz:%d,"
+      "s:%.3f,validJD:%d,validYMS:%d,validHMS:%d,"
+      "nFloor:%d,rawS:%d,isError:%d,useSubsec:%d,"
+      "isUtc:%d,isLocal:%d}",
+      x.iJD, x.Y, x.M, x.D, x.h, x.m, x.tz,
+      x.s, x.validJD, x.validYMD, x.validHMS,
+      x.nFloor, x.rawS, x.isError, x.useSubsec,
+      x.isUtc, x.isLocal);
+    sqlite3_result_text(context, zJson, -1, sqlite3_free);
+  }
+}
+#endif /* !SQLITE_OMIT_DATETIME_FUNCS && SQLITE_DEBUG */
+
+
 /*
 ** This function registered all of the above C functions as SQL
 ** functions.  This should be the only routine in this file with
@@ -25715,6 +26019,9 @@ SQLITE_PRIVATE void sqlite3RegisterDateTimeFunctions(void){
     PURE_DATE(datetime,         -1, 0, 0, datetimeFunc  ),
     PURE_DATE(strftime,         -1, 0, 0, strftimeFunc  ),
     PURE_DATE(timediff,          2, 0, 0, timediffFunc  ),
+#ifdef SQLITE_DEBUG
+    PURE_DATE(datedebug,        -1, 0, 0, datedebugFunc ),
+#endif
     DFUNCTION(current_time,      0, 0, 0, ctimeFunc     ),
     DFUNCTION(current_timestamp, 0, 0, 0, ctimestampFunc),
     DFUNCTION(current_date,      0, 0, 0, cdateFunc     ),
@@ -30130,6 +30437,24 @@ static void sqlite3MallocAlarm(int nByte){
   sqlite3_mutex_enter(mem0.mutex);
 }
 
+#ifdef SQLITE_DEBUG
+/*
+** This routine is called whenever an out-of-memory condition is seen,
+** It's only purpose to to serve as a breakpoint for gdb or similar
+** code debuggers when working on out-of-memory conditions, for example
+** caused by PRAGMA hard_heap_limit=N.
+*/
+static SQLITE_NOINLINE void test_oom_breakpoint(u64 n){
+  static u64 nOomFault = 0;
+  nOomFault += n;
+  /* The assert() is never reached in a human lifetime.  It  is here mostly
+  ** to prevent code optimizers from optimizing out this function. */
+  assert( (nOomFault>>32) < 0xffffffff );
+}
+#else
+# define test_oom_breakpoint(X)   /* No-op for production builds */
+#endif
+
 /*
 ** Do a memory allocation with statistics and alarms.  Assume the
 ** lock is already held.
@@ -30156,6 +30481,7 @@ static void mallocWithAlarm(int n, void **pp){
       if( mem0.hardLimit ){
         nUsed = sqlite3StatusValue(SQLITE_STATUS_MEMORY_USED);
         if( nUsed >= mem0.hardLimit - nFull ){
+          test_oom_breakpoint(1);
           *pp = 0;
           return;
         }
@@ -30444,6 +30770,7 @@ SQLITE_PRIVATE void *sqlite3Realloc(void *pOld, u64 nBytes){
       sqlite3MallocAlarm(nDiff);
       if( mem0.hardLimit>0 && nUsed >= mem0.hardLimit - nDiff ){
         sqlite3_mutex_leave(mem0.mutex);
+        test_oom_breakpoint(1);
         return 0;
       }
     }
@@ -31310,6 +31637,7 @@ SQLITE_API void sqlite3_str_vappendf(
         if( xtype==etFLOAT ){
           iRound = -precision;
         }else if( xtype==etGENERIC ){
+          if( precision==0 ) precision = 1;
           iRound = precision;
         }else{
           iRound = precision+1;
@@ -31345,13 +31673,14 @@ SQLITE_API void sqlite3_str_vappendf(
         }
 
         exp = s.iDP-1;
-        if( xtype==etGENERIC && precision>0 ) precision--;
 
         /*
         ** If the field type is etGENERIC, then convert to either etEXP
         ** or etFLOAT, as appropriate.
         */
         if( xtype==etGENERIC ){
+          assert( precision>0 );
+          precision--;
           flag_rtz = !flag_alternateform;
           if( exp<-4 || exp>precision ){
             xtype = etEXP;
@@ -31667,9 +31996,13 @@ SQLITE_API void sqlite3_str_vappendf(
           sqlite3_str_appendall(pAccum, pItem->zAlias);
         }else{
           Select *pSel = pItem->pSelect;
-          assert( pSel!=0 );
+          assert( pSel!=0 ); /* Because of tag-20240424-1 */
           if( pSel->selFlags & SF_NestedFrom ){
             sqlite3_str_appendf(pAccum, "(join-%u)", pSel->selId);
+          }else if( pSel->selFlags & SF_MultiValue ){
+            assert( !pItem->fg.isTabFunc && !pItem->fg.isIndexedBy );
+            sqlite3_str_appendf(pAccum, "%u-ROW VALUES CLAUSE",
+                                pItem->u1.nRow);
           }else{
             sqlite3_str_appendf(pAccum, "(subquery-%u)", pSel->selId);
           }
@@ -32446,8 +32779,10 @@ SQLITE_PRIVATE void sqlite3TreeViewSrcList(TreeView *pView, const SrcList *pSrc)
     x.printfFlags |= SQLITE_PRINTF_INTERNAL;
     sqlite3_str_appendf(&x, "{%d:*} %!S", pItem->iCursor, pItem);
     if( pItem->pTab ){
-      sqlite3_str_appendf(&x, " tab=%Q nCol=%d ptr=%p used=%llx",
-           pItem->pTab->zName, pItem->pTab->nCol, pItem->pTab, pItem->colUsed);
+      sqlite3_str_appendf(&x, " tab=%Q nCol=%d ptr=%p used=%llx%s",
+           pItem->pTab->zName, pItem->pTab->nCol, pItem->pTab,
+           pItem->colUsed,
+           pItem->fg.rowidUsed ? "+rowid" : "");
     }
     if( (pItem->fg.jointype & (JT_LEFT|JT_RIGHT))==(JT_LEFT|JT_RIGHT) ){
       sqlite3_str_appendf(&x, " FULL-OUTER-JOIN");
@@ -32487,12 +32822,14 @@ SQLITE_PRIVATE void sqlite3TreeViewSrcList(TreeView *pView, const SrcList *pSrc)
       sqlite3TreeViewIdList(pView, pItem->u3.pUsing, (--n)>0, "USING");
     }
     if( pItem->pSelect ){
+      sqlite3TreeViewPush(&pView, i+1nSrc);
       if( pItem->pTab ){
         Table *pTab = pItem->pTab;
         sqlite3TreeViewColumnList(pView, pTab->aCol, pTab->nCol, 1);
       }
       assert( (int)pItem->fg.isNestedFrom == IsNestedFrom(pItem->pSelect) );
       sqlite3TreeViewSelect(pView, pItem->pSelect, (--n)>0);
+      sqlite3TreeViewPop(&pView);
     }
     if( pItem->fg.isTabFunc ){
       sqlite3TreeViewExprList(pView, pItem->u1.pFuncArg, 0, "func-args:");
@@ -32596,7 +32933,7 @@ SQLITE_PRIVATE void sqlite3TreeViewSelect(TreeView *pView, const Select *p, u8 m
       sqlite3TreeViewItem(pView, "LIMIT", (n--)>0);
       sqlite3TreeViewExpr(pView, p->pLimit->pLeft, p->pLimit->pRight!=0);
       if( p->pLimit->pRight ){
-        sqlite3TreeViewItem(pView, "OFFSET", (n--)>0);
+        sqlite3TreeViewItem(pView, "OFFSET", 0);
         sqlite3TreeViewExpr(pView, p->pLimit->pRight, 0);
         sqlite3TreeViewPop(&pView);
       }
@@ -34641,6 +34978,19 @@ SQLITE_PRIVATE int sqlite3IsNaN(double x){
 }
 #endif /* SQLITE_OMIT_FLOATING_POINT */
 
+#ifndef SQLITE_OMIT_FLOATING_POINT
+/*
+** Return true if the floating point value is NaN or +Inf or -Inf.
+*/
+SQLITE_PRIVATE int sqlite3IsOverflow(double x){
+  int rc;   /* The value return */
+  u64 y;
+  memcpy(&y,&x,sizeof(y));
+  rc = IsOvfl(y);
+  return rc;
+}
+#endif /* SQLITE_OMIT_FLOATING_POINT */
+
 /*
 ** Compute a string length that is limited to what can be stored in
 ** lower 30 bits of a 32-bit signed integer.
@@ -34884,6 +35234,44 @@ SQLITE_PRIVATE void sqlite3DequoteExpr(Expr *p){
   sqlite3Dequote(p->u.zToken);
 }
 
+/*
+** Expression p is a QNUMBER (quoted number). Dequote the value in p->u.zToken
+** and set the type to INTEGER or FLOAT. "Quoted" integers or floats are those
+** that contain '_' characters that must be removed before further processing.
+*/
+SQLITE_PRIVATE void sqlite3DequoteNumber(Parse *pParse, Expr *p){
+  assert( p!=0 || pParse->db->mallocFailed );
+  if( p ){
+    const char *pIn = p->u.zToken;
+    char *pOut = p->u.zToken;
+    int bHex = (pIn[0]=='0' && (pIn[1]=='x' || pIn[1]=='X'));
+    int iValue;
+    assert( p->op==TK_QNUMBER );
+    p->op = TK_INTEGER;
+    do {
+      if( *pIn!=SQLITE_DIGIT_SEPARATOR ){
+        *pOut++ = *pIn;
+        if( *pIn=='e' || *pIn=='E' || *pIn=='.' ) p->op = TK_FLOAT;
+      }else{
+        if( (bHex==0 && (!sqlite3Isdigit(pIn[-1]) || !sqlite3Isdigit(pIn[1])))
+         || (bHex==1 && (!sqlite3Isxdigit(pIn[-1]) || !sqlite3Isxdigit(pIn[1])))
+        ){
+          sqlite3ErrorMsg(pParse, "unrecognized token: \"%s\"", p->u.zToken);
+        }
+      }
+    }while( *pIn++ );
+    if( bHex ) p->op = TK_INTEGER;
+
+    /* tag-20240227-a: If after dequoting, the number is an integer that
+    ** fits in 32 bits, then it must be converted into EP_IntValue.  Other
+    ** parts of the code expect this.  See also tag-20240227-b. */
+    if( p->op==TK_INTEGER && sqlite3GetInt32(p->u.zToken, &iValue) ){
+      p->u.iValue = iValue;
+      p->flags |= EP_IntValue;
+    }
+  }
+}
+
 /*
 ** If the input token p is quoted, try to adjust the token to remove
 ** the quotes.  This is not always possible:
@@ -35200,6 +35588,9 @@ SQLITE_PRIVATE int sqlite3AtoF(const char *z, double *pResult, int length, u8 en
     u64 s2;
     rr[0] = (double)s;
     s2 = (u64)rr[0];
+#if defined(_MSC_VER) && _MSC_VER<1700
+    if( s2==0x8000000000000000LL ){ s2 = 2*(u64)(0.5*rr[0]); }
+#endif
     rr[1] = s>=s2 ? (double)(s - s2) : -(double)(s2 - s);
     if( e>0 ){
       while( e>=100  ){
@@ -35642,7 +36033,7 @@ SQLITE_PRIVATE void sqlite3FpDecode(FpDecode *p, double r, int iRound, int mxRou
   assert( p->n>0 );
   assert( p->nzBuf) );
   p->iDP = p->n + exp;
-  if( iRound<0 ){
+  if( iRound<=0 ){
     iRound = p->iDP - iRound;
     if( iRound==0 && p->zBuf[i+1]>='5' ){
       iRound = 1;
@@ -36820,7 +37211,7 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
     /*  30 */ "SeekRowid"        OpHelp("intkey=r[P3]"),
     /*  31 */ "NotExists"        OpHelp("intkey=r[P3]"),
     /*  32 */ "Last"             OpHelp(""),
-    /*  33 */ "IfSmaller"        OpHelp(""),
+    /*  33 */ "IfSizeBetween"    OpHelp(""),
     /*  34 */ "SorterSort"       OpHelp(""),
     /*  35 */ "Sort"             OpHelp(""),
     /*  36 */ "Rewind"           OpHelp(""),
@@ -36865,7 +37256,7 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
     /*  75 */ "Null"             OpHelp("r[P2..P3]=NULL"),
     /*  76 */ "SoftNull"         OpHelp("r[P1]=NULL"),
     /*  77 */ "Blob"             OpHelp("r[P2]=P4 (len=P1)"),
-    /*  78 */ "Variable"         OpHelp("r[P2]=parameter(P1,P4)"),
+    /*  78 */ "Variable"         OpHelp("r[P2]=parameter(P1)"),
     /*  79 */ "Move"             OpHelp("r[P2@P3]=r[P1@P3]"),
     /*  80 */ "Copy"             OpHelp("r[P2@P3+1]=r[P1@P3+1]"),
     /*  81 */ "SCopy"            OpHelp("r[P2]=r[P1]"),
@@ -39263,8 +39654,12 @@ static int unixLogErrorAtLine(
   ** available, the error message will often be an empty string. Not a
   ** huge problem. Incorrectly concluding that the GNU version is available
   ** could lead to a segfault though.
+  **
+  ** Forum post 3f13857fa4062301 reports that the Android SDK may use
+  ** int-type return, depending on its version.
   */
-#if defined(STRERROR_R_CHAR_P) || defined(__USE_GNU)
+#if (defined(STRERROR_R_CHAR_P) || defined(__USE_GNU)) \
+  && !defined(ANDROID) && !defined(__ANDROID__)
   zErr =
 # endif
   strerror_r(iErrno, aErr, sizeof(aErr)-1);
@@ -44362,12 +44757,19 @@ static int unixOpen(
         rc = SQLITE_READONLY_DIRECTORY;
       }else if( errno!=EISDIR && isReadWrite ){
         /* Failed to open the file for read/write access. Try read-only. */
+        UnixUnusedFd *pReadonly = 0;
         flags &= ~(SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE);
         openFlags &= ~(O_RDWR|O_CREAT);
         flags |= SQLITE_OPEN_READONLY;
         openFlags |= O_RDONLY;
         isReadonly = 1;
-        fd = robust_open(zName, openFlags, openMode);
+        pReadonly = findReusableFd(zName, flags);
+        if( pReadonly ){
+          fd = pReadonly->fd;
+          sqlite3_free(pReadonly);
+        }else{
+          fd = robust_open(zName, openFlags, openMode);
+        }
       }
     }
     if( fd<0 ){
@@ -53263,6 +53665,14 @@ SQLITE_API unsigned char *sqlite3_serialize(
     pOut = 0;
   }else{
     sz = sqlite3_column_int64(pStmt, 0)*szPage;
+    if( sz==0 ){
+      sqlite3_reset(pStmt);
+      sqlite3_exec(db, "BEGIN IMMEDIATE; COMMIT;", 0, 0, 0);
+      rc = sqlite3_step(pStmt);
+      if( rc==SQLITE_ROW ){
+        sz = sqlite3_column_int64(pStmt, 0)*szPage;
+      }
+    }
     if( piSize ) *piSize = sz;
     if( mFlags & SQLITE_SERIALIZE_NOCOPY ){
       pOut = 0;
@@ -63786,7 +64196,7 @@ SQLITE_PRIVATE sqlite3_file *sqlite3PagerFile(Pager *pPager){
 ** This will be either the rollback journal or the WAL file.
 */
 SQLITE_PRIVATE sqlite3_file *sqlite3PagerJrnlFile(Pager *pPager){
-#if SQLITE_OMIT_WAL
+#ifdef SQLITE_OMIT_WAL
   return pPager->jfd;
 #else
   return pPager->pWal ? sqlite3WalFile(pPager->pWal) : pPager->jfd;
@@ -69810,6 +70220,7 @@ struct IntegrityCk {
   StrAccum errMsg;  /* Accumulate the error message text here */
   u32 *heap;        /* Min-heap used for analyzing cell coverage */
   sqlite3 *db;      /* Database connection running the check */
+  i64 nRow;         /* Number of rows visited in current tree */
 };
 
 /*
@@ -70284,8 +70695,47 @@ int corruptPageError(int lineno, MemPage *p){
 # define SQLITE_CORRUPT_PAGE(pMemPage) SQLITE_CORRUPT_PGNO(pMemPage->pgno)
 #endif
 
+/* Default value for SHARED_LOCK_TRACE macro if shared-cache is disabled
+** or if the lock tracking is disabled.  This is always the value for
+** release builds.
+*/
+#define SHARED_LOCK_TRACE(X,MSG,TAB,TYPE)  /*no-op*/
+
 #ifndef SQLITE_OMIT_SHARED_CACHE
 
+#if 0
+/*  ^----  Change to 1 and recompile to enable shared-lock tracing
+**         for debugging purposes.
+**
+** Print all shared-cache locks on a BtShared.  Debugging use only.
+*/
+static void sharedLockTrace(
+  BtShared *pBt,
+  const char *zMsg,
+  int iRoot,
+  int eLockType
+){
+  BtLock *pLock;
+  if( iRoot>0 ){
+    printf("%s-%p %u%s:", zMsg, pBt, iRoot, eLockType==READ_LOCK?"R":"W");
+  }else{
+    printf("%s-%p:", zMsg, pBt);
+  }
+  for(pLock=pBt->pLock; pLock; pLock=pLock->pNext){
+    printf(" %p/%u%s", pLock->pBtree, pLock->iTable,
+           pLock->eLock==READ_LOCK ? "R" : "W");
+    while( pLock->pNext && pLock->pBtree==pLock->pNext->pBtree ){
+      pLock = pLock->pNext;
+      printf(",%u%s", pLock->iTable, pLock->eLock==READ_LOCK ? "R" : "W");
+    }
+  }
+  printf("\n");
+  fflush(stdout);
+}
+#undef SHARED_LOCK_TRACE
+#define SHARED_LOCK_TRACE(X,MSG,TAB,TYPE)  sharedLockTrace(X,MSG,TAB,TYPE)
+#endif /* Shared-lock tracing */
+
 #ifdef SQLITE_DEBUG
 /*
 **** This function is only used as part of an assert() statement. ***
@@ -70362,6 +70812,8 @@ static int hasSharedCacheTableLock(
     iTab = iRoot;
   }
 
+  SHARED_LOCK_TRACE(pBtree->pBt,"hasLock",iRoot,eLockType);
+
   /* Search for the required lock. Either a write-lock on root-page iTab, a
   ** write-lock on the schema table, or (if the client is reading) a
   ** read-lock on iTab will suffice. Return 1 if any of these are found.  */
@@ -70495,6 +70947,8 @@ static int setSharedCacheTableLock(Btree *p, Pgno iTable, u8 eLock){
   BtLock *pLock = 0;
   BtLock *pIter;
 
+  SHARED_LOCK_TRACE(pBt,"setLock", iTable, eLock);
+
   assert( sqlite3BtreeHoldsMutex(p) );
   assert( eLock==READ_LOCK || eLock==WRITE_LOCK );
   assert( p->db!=0 );
@@ -70562,6 +71016,8 @@ static void clearAllSharedCacheTableLocks(Btree *p){
   assert( p->sharable || 0==*ppIter );
   assert( p->inTrans>0 );
 
+  SHARED_LOCK_TRACE(pBt, "clearAllLocks", 0, 0);
+
   while( *ppIter ){
     BtLock *pLock = *ppIter;
     assert( (pBt->btsFlags & BTS_EXCLUSIVE)==0 || pBt->pWriter==pLock->pBtree );
@@ -70600,6 +71056,9 @@ static void clearAllSharedCacheTableLocks(Btree *p){
 */
 static void downgradeAllSharedCacheTableLocks(Btree *p){
   BtShared *pBt = p->pBt;
+
+  SHARED_LOCK_TRACE(pBt, "downgradeLocks", 0, 0);
+
   if( pBt->pWriter==p ){
     BtLock *pLock;
     pBt->pWriter = 0;
@@ -75213,9 +75672,12 @@ static int accessPayload(
       if( pCur->aOverflow==0
        || nOvfl*(int)sizeof(Pgno) > sqlite3MallocSize(pCur->aOverflow)
       ){
-        Pgno *aNew = (Pgno*)sqlite3Realloc(
-            pCur->aOverflow, nOvfl*2*sizeof(Pgno)
-        );
+        Pgno *aNew;
+        if( sqlite3FaultSim(413) ){
+          aNew = 0;
+        }else{
+          aNew = (Pgno*)sqlite3Realloc(pCur->aOverflow, nOvfl*2*sizeof(Pgno));
+        }
         if( aNew==0 ){
           return SQLITE_NOMEM_BKPT;
         }else{
@@ -75225,6 +75687,12 @@ static int accessPayload(
       memset(pCur->aOverflow, 0, nOvfl*sizeof(Pgno));
       pCur->curFlags |= BTCF_ValidOvfl;
     }else{
+      /* Sanity check the validity of the overflow page cache */
+      assert( pCur->aOverflow[0]==nextPage
+           || pCur->aOverflow[0]==0
+           || CORRUPT_DB );
+      assert( pCur->aOverflow[0]!=0 || pCur->aOverflow[offset/ovflSize]==0 );
+
       /* If the overflow page-list cache has been allocated and the
       ** entry for the first required overflow page is valid, skip
       ** directly to it.
@@ -75706,6 +76174,23 @@ SQLITE_PRIVATE int sqlite3BtreeFirst(BtCursor *pCur, int *pRes){
   return rc;
 }
 
+#ifdef SQLITE_DEBUG
+/* The cursors is CURSOR_VALID and has BTCF_AtLast set.  Verify that
+** this flags are true for a consistent database.
+**
+** This routine is is called from within assert() statements only.
+** It is an internal verification routine and does not appear in production
+** builds.
+*/
+static int cursorIsAtLastEntry(BtCursor *pCur){
+  int ii;
+  for(ii=0; iiiPage; ii++){
+    if( pCur->aiIdx[ii]!=pCur->apPage[ii]->nCell ) return 0;
+  }
+  return pCur->ix==pCur->pPage->nCell-1 && pCur->pPage->leaf!=0;
+}
+#endif
+
 /* Move the cursor to the last entry in the table.  Return SQLITE_OK
 ** on success.  Set *pRes to 0 if the cursor actually points to something
 ** or set *pRes to 1 if the table is empty.
@@ -75734,18 +76219,7 @@ SQLITE_PRIVATE int sqlite3BtreeLast(BtCursor *pCur, int *pRes){
 
   /* If the cursor already points to the last entry, this is a no-op. */
   if( CURSOR_VALID==pCur->eState && (pCur->curFlags & BTCF_AtLast)!=0 ){
-#ifdef SQLITE_DEBUG
-    /* This block serves to assert() that the cursor really does point
-    ** to the last entry in the b-tree. */
-    int ii;
-    for(ii=0; iiiPage; ii++){
-      assert( pCur->aiIdx[ii]==pCur->apPage[ii]->nCell );
-    }
-    assert( pCur->ix==pCur->pPage->nCell-1 || CORRUPT_DB );
-    testcase( pCur->ix!=pCur->pPage->nCell-1 );
-    /* ^-- dbsqlfuzz b92b72e4de80b5140c30ab71372ca719b8feb618 */
-    assert( pCur->pPage->leaf );
-#endif
+    assert( cursorIsAtLastEntry(pCur) || CORRUPT_DB );
     *pRes = 0;
     return SQLITE_OK;
   }
@@ -75798,6 +76272,7 @@ SQLITE_PRIVATE int sqlite3BtreeTableMoveto(
     }
     if( pCur->info.nKeycurFlags & BTCF_AtLast)!=0 ){
+        assert( cursorIsAtLastEntry(pCur) || CORRUPT_DB );
         *pRes = -1;
         return SQLITE_OK;
       }
@@ -76264,10 +76739,10 @@ SQLITE_PRIVATE i64 sqlite3BtreeRowCountEst(BtCursor *pCur){
   assert( cursorOwnsBtShared(pCur) );
   assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
 
-  /* Currently this interface is only called by the OP_IfSmaller
-  ** opcode, and it that case the cursor will always be valid and
-  ** will always point to a leaf node. */
-  if( NEVER(pCur->eState!=CURSOR_VALID) ) return -1;
+  /* Currently this interface is only called by the OP_IfSizeBetween
+  ** opcode and the OP_Count opcode with P3=1.  In either case,
+  ** the cursor will always be valid unless the btree is empty. */
+  if( pCur->eState!=CURSOR_VALID ) return 0;
   if( NEVER(pCur->pPage->leaf==0) ) return -1;
 
   n = pCur->pPage->nCell;
@@ -77089,7 +77564,10 @@ static int fillInCell(
     n = nHeader + nPayload;
     testcase( n==3 );
     testcase( n==4 );
-    if( n<4 ) n = 4;
+    if( n<4 ){
+      n = 4;
+      pPayload[nPayload] = 0;
+    }
     *pnSize = n;
     assert( nSrc<=nPayload );
     testcase( nSrcaData[0]!=apOld[0]->aData[0] ){
-      rc = SQLITE_CORRUPT_BKPT;
+      rc = SQLITE_CORRUPT_PAGE(pOld);
       goto balance_cleanup;
     }
 
@@ -78419,7 +78897,7 @@ static int balance_nonroot(
     memset(&b.szCell[b.nCell], 0, sizeof(b.szCell[0])*(limit+pOld->nOverflow));
     if( pOld->nOverflow>0 ){
       if( NEVER(limitaiOvfl[0]) ){
-        rc = SQLITE_CORRUPT_BKPT;
+        rc = SQLITE_CORRUPT_PAGE(pOld);
         goto balance_cleanup;
       }
       limit = pOld->aiOvfl[0];
@@ -79062,7 +79540,7 @@ static int anotherValidCursor(BtCursor *pCur){
      && pOther->eState==CURSOR_VALID
      && pOther->pPage==pCur->pPage
     ){
-      return SQLITE_CORRUPT_BKPT;
+      return SQLITE_CORRUPT_PAGE(pCur->pPage);
     }
   }
   return SQLITE_OK;
@@ -79122,7 +79600,7 @@ static int balance(BtCursor *pCur){
       /* The page being written is not a root page, and there is currently
       ** more than one reference to it. This only happens if the page is one
       ** of its own ancestor pages. Corruption. */
-      rc = SQLITE_CORRUPT_BKPT;
+      rc = SQLITE_CORRUPT_PAGE(pPage);
     }else{
       MemPage * const pParent = pCur->apPage[iPage-1];
       int const iIdx = pCur->aiIdx[iPage-1];
@@ -79286,7 +79764,7 @@ static SQLITE_NOINLINE int btreeOverwriteOverflowCell(
     rc = btreeGetPage(pBt, ovflPgno, &pPage, 0);
     if( rc ) return rc;
     if( sqlite3PagerPageRefcount(pPage->pDbPage)!=1 || pPage->isInit ){
-      rc = SQLITE_CORRUPT_BKPT;
+      rc = SQLITE_CORRUPT_PAGE(pPage);
     }else{
       if( iOffset+ovflPageSize<(u32)nTotal ){
         ovflPgno = get4byte(pPage->aData);
@@ -79314,7 +79792,7 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){
   if( pCur->info.pPayload + pCur->info.nLocal > pPage->aDataEnd
    || pCur->info.pPayload < pPage->aData + pPage->cellOffset
   ){
-    return SQLITE_CORRUPT_BKPT;
+    return SQLITE_CORRUPT_PAGE(pPage);
   }
   if( pCur->info.nLocal==nTotal ){
     /* The entire cell is local */
@@ -79395,7 +79873,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
       ** Which can only happen if the SQLITE_NoSchemaError flag was set when
       ** the schema was loaded. This cannot be asserted though, as a user might
       ** set the flag, load the schema, and then unset the flag.  */
-      return SQLITE_CORRUPT_BKPT;
+      return SQLITE_CORRUPT_PGNO(pCur->pgnoRoot);
     }
   }
 
@@ -79518,7 +79996,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   if( pPage->nFree<0 ){
     if( NEVER(pCur->eState>CURSOR_INVALID) ){
      /* ^^^^^--- due to the moveToRoot() call above */
-      rc = SQLITE_CORRUPT_BKPT;
+      rc = SQLITE_CORRUPT_PAGE(pPage);
     }else{
       rc = btreeComputeFreeSpace(pPage);
     }
@@ -79535,7 +80013,10 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   if( flags & BTREE_PREFORMAT ){
     rc = SQLITE_OK;
     szNew = p->pBt->nPreformatSize;
-    if( szNew<4 ) szNew = 4;
+    if( szNew<4 ){
+      szNew = 4;
+      newCell[3] = 0;
+    }
     if( ISAUTOVACUUM(p->pBt) && szNew>pPage->maxLocal ){
       CellInfo info;
       pPage->xParseCell(pPage, newCell, &info);
@@ -79557,7 +80038,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
     CellInfo info;
     assert( idx>=0 );
     if( idx>=pPage->nCell ){
-      return SQLITE_CORRUPT_BKPT;
+      return SQLITE_CORRUPT_PAGE(pPage);
     }
     rc = sqlite3PagerWrite(pPage->pDbPage);
     if( rc ){
@@ -79584,10 +80065,10 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
       ** necessary to add the PTRMAP_OVERFLOW1 pointer-map entry.  */
       assert( rc==SQLITE_OK ); /* clearCell never fails when nLocal==nPayload */
       if( oldCell < pPage->aData+pPage->hdrOffset+10 ){
-        return SQLITE_CORRUPT_BKPT;
+        return SQLITE_CORRUPT_PAGE(pPage);
       }
       if( oldCell+szNew > pPage->aDataEnd ){
-        return SQLITE_CORRUPT_BKPT;
+        return SQLITE_CORRUPT_PAGE(pPage);
       }
       memcpy(oldCell, newCell, szNew);
       return SQLITE_OK;
@@ -79597,7 +80078,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   }else if( loc<0 && pPage->nCell>0 ){
     assert( pPage->leaf );
     idx = ++pCur->ix;
-    pCur->curFlags &= ~BTCF_ValidNKey;
+    pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl);
   }else{
     assert( pPage->leaf );
   }
@@ -79627,7 +80108,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   */
   if( pPage->nOverflow ){
     assert( rc==SQLITE_OK );
-    pCur->curFlags &= ~(BTCF_ValidNKey);
+    pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl);
     rc = balance(pCur);
 
     /* Must make sure nOverflow is reset to zero even if the balance()
@@ -79689,7 +80170,7 @@ SQLITE_PRIVATE int sqlite3BtreeTransferRow(BtCursor *pDest, BtCursor *pSrc, i64
   nIn = pSrc->info.nLocal;
   aIn = pSrc->info.pPayload;
   if( aIn+nIn>pSrc->pPage->aDataEnd ){
-    return SQLITE_CORRUPT_BKPT;
+    return SQLITE_CORRUPT_PAGE(pSrc->pPage);
   }
   nRem = pSrc->info.nPayload;
   if( nIn==nRem && nInpPage->maxLocal ){
@@ -79714,7 +80195,7 @@ SQLITE_PRIVATE int sqlite3BtreeTransferRow(BtCursor *pDest, BtCursor *pSrc, i64
 
     if( nRem>nIn ){
       if( aIn+nIn+4>pSrc->pPage->aDataEnd ){
-        return SQLITE_CORRUPT_BKPT;
+        return SQLITE_CORRUPT_PAGE(pSrc->pPage);
       }
       ovflIn = get4byte(&pSrc->info.pPayload[nIn]);
     }
@@ -79810,7 +80291,7 @@ SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
       assert( rc!=SQLITE_OK || CORRUPT_DB || pCur->eState==CURSOR_VALID );
       if( rc || pCur->eState!=CURSOR_VALID ) return rc;
     }else{
-      return SQLITE_CORRUPT_BKPT;
+      return SQLITE_CORRUPT_PGNO(pCur->pgnoRoot);
     }
   }
   assert( pCur->eState==CURSOR_VALID );
@@ -79819,14 +80300,14 @@ SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
   iCellIdx = pCur->ix;
   pPage = pCur->pPage;
   if( pPage->nCell<=iCellIdx ){
-    return SQLITE_CORRUPT_BKPT;
+    return SQLITE_CORRUPT_PAGE(pPage);
   }
   pCell = findCell(pPage, iCellIdx);
   if( pPage->nFree<0 && btreeComputeFreeSpace(pPage) ){
-    return SQLITE_CORRUPT_BKPT;
+    return SQLITE_CORRUPT_PAGE(pPage);
   }
   if( pCell<&pPage->aCellIdx[pPage->nCell] ){
-    return SQLITE_CORRUPT_BKPT;
+    return SQLITE_CORRUPT_PAGE(pPage);
   }
 
   /* If the BTREE_SAVEPOSITION bit is on, then the cursor position must
@@ -79917,7 +80398,7 @@ SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
       n = pCur->pPage->pgno;
     }
     pCell = findCell(pLeaf, pLeaf->nCell-1);
-    if( pCell<&pLeaf->aData[4] ) return SQLITE_CORRUPT_BKPT;
+    if( pCell<&pLeaf->aData[4] ) return SQLITE_CORRUPT_PAGE(pLeaf);
     nCell = pLeaf->xCellSize(pLeaf, pCell);
     assert( MX_CELL_SIZE(pBt) >= nCell );
     pTmp = pBt->pTmpSpace;
@@ -80033,7 +80514,7 @@ static int btreeCreateTable(Btree *p, Pgno *piTable, int createTabFlags){
     */
     sqlite3BtreeGetMeta(p, BTREE_LARGEST_ROOT_PAGE, &pgnoRoot);
     if( pgnoRoot>btreePagecount(pBt) ){
-      return SQLITE_CORRUPT_BKPT;
+      return SQLITE_CORRUPT_PGNO(pgnoRoot);
     }
     pgnoRoot++;
 
@@ -80081,7 +80562,7 @@ static int btreeCreateTable(Btree *p, Pgno *piTable, int createTabFlags){
       }
       rc = ptrmapGet(pBt, pgnoRoot, &eType, &iPtrPage);
       if( eType==PTRMAP_ROOTPAGE || eType==PTRMAP_FREEPAGE ){
-        rc = SQLITE_CORRUPT_BKPT;
+        rc = SQLITE_CORRUPT_PGNO(pgnoRoot);
       }
       if( rc!=SQLITE_OK ){
         releasePage(pRoot);
@@ -80171,14 +80652,14 @@ static int clearDatabasePage(
 
   assert( sqlite3_mutex_held(pBt->mutex) );
   if( pgno>btreePagecount(pBt) ){
-    return SQLITE_CORRUPT_BKPT;
+    return SQLITE_CORRUPT_PGNO(pgno);
   }
   rc = getAndInitPage(pBt, pgno, &pPage, 0);
   if( rc ) return rc;
   if( (pBt->openFlags & BTREE_SINGLE)==0
    && sqlite3PagerPageRefcount(pPage->pDbPage) != (1 + (pgno==1))
   ){
-    rc = SQLITE_CORRUPT_BKPT;
+    rc = SQLITE_CORRUPT_PAGE(pPage);
     goto cleardatabasepage_out;
   }
   hdr = pPage->hdrOffset;
@@ -80282,7 +80763,7 @@ static int btreeDropTable(Btree *p, Pgno iTable, int *piMoved){
   assert( p->inTrans==TRANS_WRITE );
   assert( iTable>=2 );
   if( iTable>btreePagecount(pBt) ){
-    return SQLITE_CORRUPT_BKPT;
+    return SQLITE_CORRUPT_PGNO(iTable);
   }
 
   rc = sqlite3BtreeClearTable(p, iTable, 0);
@@ -80876,6 +81357,9 @@ static int checkTreePage(
   ** number of cells on the page. */
   nCell = get2byte(&data[hdr+3]);
   assert( pPage->nCell==nCell );
+  if( pPage->leaf || pPage->intKey==0 ){
+    pCheck->nRow += nCell;
+  }
 
   /* EVIDENCE-OF: R-23882-45353 The cell pointer array of a b-tree page
   ** immediately follows the b-tree page header. */
@@ -80987,6 +81471,7 @@ static int checkTreePage(
         btreeHeapInsert(heap, (pc<<16)|(pc+size-1));
       }
     }
+    assert( heap!=0 );
     /* Add the freeblocks to the min-heap
     **
     ** EVIDENCE-OF: R-20690-50594 The second field of the b-tree page header
@@ -81086,6 +81571,7 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   sqlite3 *db,  /* Database connection that is running the check */
   Btree *p,     /* The btree to be checked */
   Pgno *aRoot,  /* An array of root pages numbers for individual trees */
+  Mem *aCnt,    /* Memory cells to write counts for each tree to */
   int nRoot,    /* Number of entries in aRoot[] */
   int mxErr,    /* Stop reporting errors after this many */
   int *pnErr,   /* OUT: Write number of errors seen to this variable */
@@ -81099,7 +81585,9 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   int bPartial = 0;            /* True if not checking all btrees */
   int bCkFreelist = 1;         /* True to scan the freelist */
   VVA_ONLY( int nRef );
+
   assert( nRoot>0 );
+  assert( aCnt!=0 );
 
   /* aRoot[0]==0 means this is a partial check */
   if( aRoot[0]==0 ){
@@ -81172,15 +81660,18 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   testcase( pBt->db->flags & SQLITE_CellSizeCk );
   pBt->db->flags &= ~(u64)SQLITE_CellSizeCk;
   for(i=0; (int)iautoVacuum && aRoot[i]>1 && !bPartial ){
-      checkPtrmap(&sCheck, aRoot[i], PTRMAP_ROOTPAGE, 0);
-    }
+      if( pBt->autoVacuum && aRoot[i]>1 && !bPartial ){
+        checkPtrmap(&sCheck, aRoot[i], PTRMAP_ROOTPAGE, 0);
+      }
 #endif
-    sCheck.v0 = aRoot[i];
-    checkTreePage(&sCheck, aRoot[i], ¬Used, LARGEST_INT64);
+      sCheck.v0 = aRoot[i];
+      checkTreePage(&sCheck, aRoot[i], ¬Used, LARGEST_INT64);
+    }
+    sqlite3MemSetArrayInt64(aCnt, i, sCheck.nRow);
   }
   pBt->db->flags = savedDbFlags;
 
@@ -83235,6 +83726,13 @@ SQLITE_PRIVATE void sqlite3VdbeMemSetInt64(Mem *pMem, i64 val){
   }
 }
 
+/*
+** Set the iIdx'th entry of array aMem[] to contain integer value val.
+*/
+SQLITE_PRIVATE void sqlite3MemSetArrayInt64(sqlite3_value *aMem, int iIdx, i64 val){
+  sqlite3VdbeMemSetInt64(&aMem[iIdx], val);
+}
+
 /* A no-op destructor */
 SQLITE_PRIVATE void sqlite3NoopDestructor(void *p){ UNUSED_PARAMETER(p); }
 
@@ -83923,14 +84421,20 @@ static int valueFromExpr(
   }
 
   /* Handle negative integers in a single step.  This is needed in the
-  ** case when the value is -9223372036854775808.
-  */
-  if( op==TK_UMINUS
-   && (pExpr->pLeft->op==TK_INTEGER || pExpr->pLeft->op==TK_FLOAT) ){
-    pExpr = pExpr->pLeft;
-    op = pExpr->op;
-    negInt = -1;
-    zNeg = "-";
+  ** case when the value is -9223372036854775808. Except - do not do this
+  ** for hexadecimal literals.  */
+  if( op==TK_UMINUS ){
+    Expr *pLeft = pExpr->pLeft;
+    if( (pLeft->op==TK_INTEGER || pLeft->op==TK_FLOAT) ){
+      if( ExprHasProperty(pLeft, EP_IntValue)
+       || pLeft->u.zToken[0]!='0' || (pLeft->u.zToken[1] & ~0x20)!='X'
+      ){
+        pExpr = pLeft;
+        op = pExpr->op;
+        negInt = -1;
+        zNeg = "-";
+      }
+    }
   }
 
   if( op==TK_STRING || op==TK_FLOAT || op==TK_INTEGER ){
@@ -83939,12 +84443,26 @@ static int valueFromExpr(
     if( ExprHasProperty(pExpr, EP_IntValue) ){
       sqlite3VdbeMemSetInt64(pVal, (i64)pExpr->u.iValue*negInt);
     }else{
-      zVal = sqlite3MPrintf(db, "%s%s", zNeg, pExpr->u.zToken);
-      if( zVal==0 ) goto no_mem;
-      sqlite3ValueSetStr(pVal, -1, zVal, SQLITE_UTF8, SQLITE_DYNAMIC);
+      i64 iVal;
+      if( op==TK_INTEGER && 0==sqlite3DecOrHexToI64(pExpr->u.zToken, &iVal) ){
+        sqlite3VdbeMemSetInt64(pVal, iVal*negInt);
+      }else{
+        zVal = sqlite3MPrintf(db, "%s%s", zNeg, pExpr->u.zToken);
+        if( zVal==0 ) goto no_mem;
+        sqlite3ValueSetStr(pVal, -1, zVal, SQLITE_UTF8, SQLITE_DYNAMIC);
+      }
     }
-    if( (op==TK_INTEGER || op==TK_FLOAT ) && affinity==SQLITE_AFF_BLOB ){
-      sqlite3ValueApplyAffinity(pVal, SQLITE_AFF_NUMERIC, SQLITE_UTF8);
+    if( affinity==SQLITE_AFF_BLOB ){
+      if( op==TK_FLOAT ){
+        assert( pVal && pVal->z && pVal->flags==(MEM_Str|MEM_Term) );
+        sqlite3AtoF(pVal->z, &pVal->u.r, pVal->n, SQLITE_UTF8);
+        pVal->flags = MEM_Real;
+      }else if( op==TK_INTEGER ){
+        /* This case is required by -9223372036854775808 and other strings
+        ** that look like integers but cannot be handled by the
+        ** sqlite3DecOrHexToI64() call above.  */
+        sqlite3ValueApplyAffinity(pVal, SQLITE_AFF_NUMERIC, SQLITE_UTF8);
+      }
     }else{
       sqlite3ValueApplyAffinity(pVal, affinity, SQLITE_UTF8);
     }
@@ -84214,17 +84732,17 @@ SQLITE_PRIVATE int sqlite3Stat4Column(
   sqlite3_value **ppVal           /* OUT: Extracted value */
 ){
   u32 t = 0;                      /* a column type code */
-  int nHdr;                       /* Size of the header in the record */
-  int iHdr;                       /* Next unread header byte */
-  int iField;                     /* Next unread data byte */
-  int szField = 0;                /* Size of the current data field */
+  u32 nHdr;                       /* Size of the header in the record */
+  u32 iHdr;                       /* Next unread header byte */
+  i64 iField;                     /* Next unread data byte */
+  u32 szField = 0;                /* Size of the current data field */
   int i;                          /* Column index */
   u8 *a = (u8*)pRec;              /* Typecast byte array */
   Mem *pMem = *ppVal;             /* Write result into this Mem object */
 
   assert( iCol>0 );
   iHdr = getVarint32(a, nHdr);
-  if( nHdr>nRec || iHdr>=nHdr ) return SQLITE_CORRUPT_BKPT;
+  if( nHdr>(u32)nRec || iHdr>=nHdr ) return SQLITE_CORRUPT_BKPT;
   iField = nHdr;
   for(i=0; i<=iCol; i++){
     iHdr += getVarint32(&a[iHdr], t);
@@ -85259,6 +85777,15 @@ static void resolveP2Values(Vdbe *p, int *pMaxFuncArgs){
             assert( aLabel!=0 );  /* True because of tag-20230419-1 */
             pOp->p2 = aLabel[ADDR(pOp->p2)];
           }
+
+          /* OPFLG_JUMP opcodes never have P2==0, though OPFLG_JUMP0 opcodes
+          ** might */
+          assert( pOp->p2>0
+                  || (sqlite3OpcodeProperty[pOp->opcode] & OPFLG_JUMP0)!=0 );
+
+          /* Jumps never go off the end of the bytecode array */
+          assert( pOp->p2nOp
+                  || (sqlite3OpcodeProperty[pOp->opcode] & OPFLG_JUMP)==0 );
           break;
         }
       }
@@ -87666,7 +88193,7 @@ SQLITE_PRIVATE int sqlite3VdbeHalt(Vdbe *p){
 
     /* Check for immediate foreign key violations. */
     if( p->rc==SQLITE_OK || (p->errorAction==OE_Fail && !isSpecialError) ){
-      sqlite3VdbeCheckFk(p, 0);
+      (void)sqlite3VdbeCheckFk(p, 0);
     }
 
     /* If the auto-commit flag is set and this is the only active writer
@@ -88380,6 +88907,23 @@ static void serialGet(
     pMem->flags = IsNaN(x) ? MEM_Null : MEM_Real;
   }
 }
+static int serialGet7(
+  const unsigned char *buf,     /* Buffer to deserialize from */
+  Mem *pMem                     /* Memory cell to write value into */
+){
+  u64 x = FOUR_BYTE_UINT(buf);
+  u32 y = FOUR_BYTE_UINT(buf+4);
+  x = (x<<32) + y;
+  assert( sizeof(x)==8 && sizeof(pMem->u.r)==8 );
+  swapMixedEndianFloat(x);
+  memcpy(&pMem->u.r, &x, sizeof(x));
+  if( IsNaN(x) ){
+    pMem->flags = MEM_Null;
+    return 1;
+  }
+  pMem->flags = MEM_Real;
+  return 0;
+}
 SQLITE_PRIVATE void sqlite3VdbeSerialGet(
   const unsigned char *buf,     /* Buffer to deserialize from */
   u32 serial_type,              /* Serial type to deserialize */
@@ -88819,17 +89363,15 @@ SQLITE_PRIVATE int sqlite3IntFloatCompare(i64 i, double r){
     return (xr);
   }else{
     i64 y;
-    double s;
     if( r<-9223372036854775808.0 ) return +1;
     if( r>=9223372036854775808.0 ) return -1;
     y = (i64)r;
     if( iy ) return +1;
-    s = (double)i;
-    testcase( doubleLt(s,r) );
-    testcase( doubleLt(r,s) );
-    testcase( doubleEq(r,s) );
-    return (sr);
+    testcase( doubleLt(((double)i),r) );
+    testcase( doubleLt(r,((double)i)) );
+    testcase( doubleEq(r,((double)i)) );
+    return (((double)i)r);
   }
 }
 
@@ -89059,7 +89601,7 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
       }else if( serial_type==0 ){
         rc = -1;
       }else if( serial_type==7 ){
-        sqlite3VdbeSerialGet(&aKey1[d1], serial_type, &mem1);
+        serialGet7(&aKey1[d1], &mem1);
         rc = -sqlite3IntFloatCompare(pRhs->u.i, mem1.u.r);
       }else{
         i64 lhs = vdbeRecordDecodeInt(serial_type, &aKey1[d1]);
@@ -89084,14 +89626,18 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
       }else if( serial_type==0 ){
         rc = -1;
       }else{
-        sqlite3VdbeSerialGet(&aKey1[d1], serial_type, &mem1);
         if( serial_type==7 ){
-          if( mem1.u.ru.r ){
+          if( serialGet7(&aKey1[d1], &mem1) ){
+            rc = -1;  /* mem1 is a NaN */
+          }else if( mem1.u.ru.r ){
             rc = -1;
           }else if( mem1.u.r>pRhs->u.r ){
             rc = +1;
+          }else{
+            assert( rc==0 );
           }
         }else{
+          sqlite3VdbeSerialGet(&aKey1[d1], serial_type, &mem1);
           rc = sqlite3IntFloatCompare(mem1.u.i, pRhs->u.r);
         }
       }
@@ -89161,7 +89707,14 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
     /* RHS is null */
     else{
       serial_type = aKey1[idx1];
-      rc = (serial_type!=0 && serial_type!=10);
+      if( serial_type==0
+       || serial_type==10
+       || (serial_type==7 && serialGet7(&aKey1[d1], &mem1)!=0)
+      ){
+        assert( rc==0 );
+      }else{
+        rc = 1;
+      }
     }
 
     if( rc!=0 ){
@@ -89621,7 +90174,8 @@ SQLITE_PRIVATE sqlite3_value *sqlite3VdbeGetBoundValue(Vdbe *v, int iVar, u8 aff
   assert( iVar>0 );
   if( v ){
     Mem *pMem = &v->aVar[iVar-1];
-    assert( (v->db->flags & SQLITE_EnableQPSG)==0 );
+    assert( (v->db->flags & SQLITE_EnableQPSG)==0
+         || (v->db->mDbFlags & DBFLAG_InternalFunc)!=0 );
     if( 0==(pMem->flags & MEM_Null) ){
       sqlite3_value *pRet = sqlite3ValueNew(v->db);
       if( pRet ){
@@ -89641,7 +90195,8 @@ SQLITE_PRIVATE sqlite3_value *sqlite3VdbeGetBoundValue(Vdbe *v, int iVar, u8 aff
 */
 SQLITE_PRIVATE void sqlite3VdbeSetVarmask(Vdbe *v, int iVar){
   assert( iVar>0 );
-  assert( (v->db->flags & SQLITE_EnableQPSG)==0 );
+  assert( (v->db->flags & SQLITE_EnableQPSG)==0
+       || (v->db->mDbFlags & DBFLAG_InternalFunc)!=0 );
   if( iVar>=32 ){
     v->expmask |= 0x80000000;
   }else{
@@ -92226,7 +92781,6 @@ SQLITE_API int sqlite3_stmt_scanstatus_v2(
   }
   if( flags & SQLITE_SCANSTAT_COMPLEX ){
     idx = iScan;
-    pScan = &p->aScan[idx];
   }else{
     /* If the COMPLEX flag is clear, then this function must ignore any
     ** ScanStatus structures with ScanStatus.addrLoop set to 0. */
@@ -92239,6 +92793,8 @@ SQLITE_API int sqlite3_stmt_scanstatus_v2(
     }
   }
   if( idx>=p->nScan ) return 1;
+  assert( pScan==0 || pScan==&p->aScan[idx] );
+  pScan = &p->aScan[idx];
 
   switch( iScanStatusOp ){
     case SQLITE_SCANSTAT_NLOOP: {
@@ -93687,7 +94243,7 @@ case OP_Return: {           /* in1 */
 **
 ** See also: EndCoroutine
 */
-case OP_InitCoroutine: {     /* jump */
+case OP_InitCoroutine: {     /* jump0 */
   assert( pOp->p1>0 &&  pOp->p1<=(p->nMem+1 - p->nCursor) );
   assert( pOp->p2>=0 && pOp->p2nOp );
   assert( pOp->p3>=0 && pOp->p3nOp );
@@ -93710,7 +94266,9 @@ case OP_InitCoroutine: {     /* jump */
 **
 ** The instruction at the address in register P1 is a Yield.
 ** Jump to the P2 parameter of that Yield.
-** After the jump, register P1 becomes undefined.
+** After the jump, the value register P1 is left with a value
+** such that subsequent OP_Yields go back to the this same
+** OP_EndCoroutine instruction.
 **
 ** See also: InitCoroutine
 */
@@ -93722,8 +94280,8 @@ case OP_EndCoroutine: {           /* in1 */
   pCaller = &aOp[pIn1->u.i];
   assert( pCaller->opcode==OP_Yield );
   assert( pCaller->p2>=0 && pCaller->p2nOp );
+  pIn1->u.i = (int)(pOp - p->aOp) - 1;
   pOp = &aOp[pCaller->p2 - 1];
-  pIn1->flags = MEM_Undefined;
   break;
 }
 
@@ -93740,7 +94298,7 @@ case OP_EndCoroutine: {           /* in1 */
 **
 ** See also: InitCoroutine
 */
-case OP_Yield: {            /* in1, jump */
+case OP_Yield: {            /* in1, jump0 */
   int pcDest;
   pIn1 = &aMem[pOp->p1];
   assert( VdbeMemDynamic(pIn1)==0 );
@@ -94070,19 +94628,15 @@ case OP_Blob: {                /* out2 */
   break;
 }
 
-/* Opcode: Variable P1 P2 * P4 *
-** Synopsis: r[P2]=parameter(P1,P4)
+/* Opcode: Variable P1 P2 * * *
+** Synopsis: r[P2]=parameter(P1)
 **
 ** Transfer the values of bound parameter P1 into register P2
-**
-** If the parameter is named, then its name appears in P4.
-** The P4 value is used by sqlite3_bind_parameter_name().
 */
 case OP_Variable: {            /* out2 */
   Mem *pVar;       /* Value being transferred */
 
   assert( pOp->p1>0 && pOp->p1<=p->nVar );
-  assert( pOp->p4.z==0 || pOp->p4.z==sqlite3VListNumToName(p->pVList,pOp->p1) );
   pVar = &p->aVar[pOp->p1 - 1];
   if( sqlite3VdbeMemTooBig(pVar) ){
     goto too_big;
@@ -94603,7 +95157,7 @@ case OP_AddImm: {            /* in1 */
 ** without data loss, then jump immediately to P2, or if P2==0
 ** raise an SQLITE_MISMATCH exception.
 */
-case OP_MustBeInt: {            /* jump, in1 */
+case OP_MustBeInt: {            /* jump0, in1 */
   pIn1 = &aMem[pOp->p1];
   if( (pIn1->flags & MEM_Int)==0 ){
     applyAffinity(pIn1, SQLITE_AFF_NUMERIC, encoding);
@@ -94644,7 +95198,7 @@ case OP_RealAffinity: {                  /* in1 */
 }
 #endif
 
-#ifndef SQLITE_OMIT_CAST
+#if !defined(SQLITE_OMIT_CAST) && !defined(SQLITE_OMIT_ANALYZE)
 /* Opcode: Cast P1 P2 * * *
 ** Synopsis: affinity(r[P1])
 **
@@ -94859,7 +95413,9 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
         }
       }
     }else if( affinity==SQLITE_AFF_TEXT && ((flags1 | flags3) & MEM_Str)!=0 ){
-      if( (flags1 & MEM_Str)==0 && (flags1&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
+      if( (flags1 & MEM_Str)!=0 ){
+        pIn1->flags &= ~(MEM_Int|MEM_Real|MEM_IntReal);
+      }else if( (flags1&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
         testcase( pIn1->flags & MEM_Int );
         testcase( pIn1->flags & MEM_Real );
         testcase( pIn1->flags & MEM_IntReal );
@@ -94868,7 +95424,9 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
         flags1 = (pIn1->flags & ~MEM_TypeMask) | (flags1 & MEM_TypeMask);
         if( NEVER(pIn1==pIn3) ) flags3 = flags1 | MEM_Str;
       }
-      if( (flags3 & MEM_Str)==0 && (flags3&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
+      if( (flags3 & MEM_Str)!=0 ){
+        pIn3->flags &= ~(MEM_Int|MEM_Real|MEM_IntReal);
+      }else if( (flags3&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
         testcase( pIn3->flags & MEM_Int );
         testcase( pIn3->flags & MEM_Real );
         testcase( pIn3->flags & MEM_IntReal );
@@ -96212,11 +96770,16 @@ case OP_MakeRecord: {
         switch( len ){
           default: zPayload[7] = (u8)(v&0xff); v >>= 8;
                    zPayload[6] = (u8)(v&0xff); v >>= 8;
+                   /* no break */ deliberate_fall_through
           case 6:  zPayload[5] = (u8)(v&0xff); v >>= 8;
                    zPayload[4] = (u8)(v&0xff); v >>= 8;
+                   /* no break */ deliberate_fall_through
           case 4:  zPayload[3] = (u8)(v&0xff); v >>= 8;
+                   /* no break */ deliberate_fall_through
           case 3:  zPayload[2] = (u8)(v&0xff); v >>= 8;
+                   /* no break */ deliberate_fall_through
           case 2:  zPayload[1] = (u8)(v&0xff); v >>= 8;
+                   /* no break */ deliberate_fall_through
           case 1:  zPayload[0] = (u8)(v&0xff);
         }
         zPayload += len;
@@ -97135,7 +97698,8 @@ case OP_SequenceTest: {
 ** is the only cursor opcode that works with a pseudo-table.
 **
 ** P3 is the number of fields in the records that will be stored by
-** the pseudo-table.
+** the pseudo-table.  If P2 is 0 or negative then the pseudo-cursor
+** will return NULL for every column.
 */
 case OP_OpenPseudo: {
   VdbeCursor *pCx;
@@ -97278,10 +97842,10 @@ case OP_ColumnsUsed: {
 **
 ** See also: Found, NotFound, SeekGt, SeekGe, SeekLt
 */
-case OP_SeekLT:         /* jump, in3, group, ncycle */
-case OP_SeekLE:         /* jump, in3, group, ncycle */
-case OP_SeekGE:         /* jump, in3, group, ncycle */
-case OP_SeekGT: {       /* jump, in3, group, ncycle */
+case OP_SeekLT:         /* jump0, in3, group, ncycle */
+case OP_SeekLE:         /* jump0, in3, group, ncycle */
+case OP_SeekGE:         /* jump0, in3, group, ncycle */
+case OP_SeekGT: {       /* jump0, in3, group, ncycle */
   int res;           /* Comparison result */
   int oc;            /* Opcode */
   VdbeCursor *pC;    /* The cursor to seek */
@@ -97948,7 +98512,7 @@ case OP_Found: {        /* jump, in3, ncycle */
 **
 ** See also: Found, NotFound, NoConflict, SeekRowid
 */
-case OP_SeekRowid: {        /* jump, in3, ncycle */
+case OP_SeekRowid: {        /* jump0, in3, ncycle */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
@@ -98707,7 +99271,7 @@ case OP_NullRow: {
 ** configured to use Prev, not Next.
 */
 case OP_SeekEnd:             /* ncycle */
-case OP_Last: {              /* jump, ncycle */
+case OP_Last: {              /* jump0, ncycle */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
@@ -98741,28 +99305,38 @@ case OP_Last: {              /* jump, ncycle */
   break;
 }
 
-/* Opcode: IfSmaller P1 P2 P3 * *
+/* Opcode: IfSizeBetween P1 P2 P3 P4 *
 **
-** Estimate the number of rows in the table P1.  Jump to P2 if that
-** estimate is less than approximately 2**(0.1*P3).
+** Let N be the approximate number of rows in the table or index
+** with cursor P1 and let X be 10*log2(N) if N is positive or -1
+** if N is zero.
+**
+** Jump to P2 if X is in between P3 and P4, inclusive.
 */
-case OP_IfSmaller: {        /* jump */
+case OP_IfSizeBetween: {        /* jump */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
   i64 sz;
 
   assert( pOp->p1>=0 && pOp->p1nCursor );
+  assert( pOp->p4type==P4_INT32 );
+  assert( pOp->p3>=-1 && pOp->p3<=640*2 );
+  assert( pOp->p4.i>=-1 && pOp->p4.i<=640*2 );
   pC = p->apCsr[pOp->p1];
   assert( pC!=0 );
   pCrsr = pC->uc.pCursor;
   assert( pCrsr );
   rc = sqlite3BtreeFirst(pCrsr, &res);
   if( rc ) goto abort_due_to_error;
-  if( res==0 ){
+  if( res!=0 ){
+    sz = -1;  /* -Infinity encoding */
+  }else{
     sz = sqlite3BtreeRowCountEst(pCrsr);
-    if( ALWAYS(sz>=0) && sqlite3LogEst((u64)sz)p3 ) res = 1;
+    assert( sz>0 );
+    sz = sqlite3LogEst((u64)sz);
   }
+  res = sz>=pOp->p3 && sz<=pOp->p4.i;
   VdbeBranchTaken(res!=0,2);
   if( res ) goto jump_to_p2;
   break;
@@ -98815,7 +99389,7 @@ case OP_Sort: {        /* jump ncycle */
 ** from the beginning toward the end.  In other words, the cursor is
 ** configured to use Next, not Prev.
 */
-case OP_Rewind: {        /* jump, ncycle */
+case OP_Rewind: {        /* jump0, ncycle */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
@@ -99462,11 +100036,18 @@ case OP_CreateBtree: {          /* out2 */
   break;
 }
 
-/* Opcode: SqlExec * * * P4 *
+/* Opcode: SqlExec P1 P2 * P4 *
 **
 ** Run the SQL statement or statements specified in the P4 string.
-** Disable Auth and Trace callbacks while those statements are running if
-** P1 is true.
+**
+** The P1 parameter is a bitmask of options:
+**
+**    0x0001     Disable Auth and Trace callbacks while the statements
+**               in P4 are running.
+**
+**    0x0002     Set db->nAnalysisLimit to P2 while the statements in
+**               P4 are running.
+**
 */
 case OP_SqlExec: {
   char *zErr;
@@ -99474,6 +100055,7 @@ case OP_SqlExec: {
   sqlite3_xauth xAuth;
 #endif
   u8 mTrace;
+  int savedAnalysisLimit;
 
   sqlite3VdbeIncrWriteCounter(p, 0);
   db->nSqlExec++;
@@ -99482,18 +100064,23 @@ case OP_SqlExec: {
   xAuth = db->xAuth;
 #endif
   mTrace = db->mTrace;
-  if( pOp->p1 ){
+  savedAnalysisLimit = db->nAnalysisLimit;
+  if( pOp->p1 & 0x0001 ){
 #ifndef SQLITE_OMIT_AUTHORIZATION
     db->xAuth = 0;
 #endif
     db->mTrace = 0;
   }
+  if( pOp->p1 & 0x0002 ){
+    db->nAnalysisLimit = pOp->p2;
+  }
   rc = sqlite3_exec(db, pOp->p4.z, 0, 0, &zErr);
   db->nSqlExec--;
 #ifndef SQLITE_OMIT_AUTHORIZATION
   db->xAuth = xAuth;
 #endif
   db->mTrace = mTrace;
+  db->nAnalysisLimit = savedAnalysisLimit;
   if( zErr || rc ){
     sqlite3VdbeError(p, "%s", zErr);
     sqlite3_free(zErr);
@@ -99645,11 +100232,11 @@ case OP_DropTrigger: {
 /* Opcode: IntegrityCk P1 P2 P3 P4 P5
 **
 ** Do an analysis of the currently open database.  Store in
-** register P1 the text of an error message describing any problems.
-** If no problems are found, store a NULL in register P1.
+** register (P1+1) the text of an error message describing any problems.
+** If no problems are found, store a NULL in register (P1+1).
 **
-** The register P3 contains one less than the maximum number of allowed errors.
-** At most reg(P3) errors will be reported.
+** The register (P1) contains one less than the maximum number of allowed
+** errors.  At most reg(P1) errors will be reported.
 ** In other words, the analysis stops as soon as reg(P1) errors are
 ** seen.  Reg(P1) is updated with the number of errors remaining.
 **
@@ -99669,19 +100256,21 @@ case OP_IntegrityCk: {
   Mem *pnErr;     /* Register keeping track of errors remaining */
 
   assert( p->bIsReader );
+  assert( pOp->p4type==P4_INTARRAY );
   nRoot = pOp->p2;
   aRoot = pOp->p4.ai;
   assert( nRoot>0 );
+  assert( aRoot!=0 );
   assert( aRoot[0]==(Pgno)nRoot );
-  assert( pOp->p3>0 && pOp->p3<=(p->nMem+1 - p->nCursor) );
-  pnErr = &aMem[pOp->p3];
+  assert( pOp->p1>0 && (pOp->p1+1)<=(p->nMem+1 - p->nCursor) );
+  pnErr = &aMem[pOp->p1];
   assert( (pnErr->flags & MEM_Int)!=0 );
   assert( (pnErr->flags & (MEM_Str|MEM_Blob))==0 );
-  pIn1 = &aMem[pOp->p1];
+  pIn1 = &aMem[pOp->p1+1];
   assert( pOp->p5nDb );
   assert( DbMaskTest(p->btreeMask, pOp->p5) );
-  rc = sqlite3BtreeIntegrityCheck(db, db->aDb[pOp->p5].pBt, &aRoot[1], nRoot,
-                                 (int)pnErr->u.i+1, &nErr, &z);
+  rc = sqlite3BtreeIntegrityCheck(db, db->aDb[pOp->p5].pBt, &aRoot[1],
+      &aMem[pOp->p3], nRoot, (int)pnErr->u.i+1, &nErr, &z);
   sqlite3VdbeMemSetNull(pIn1);
   if( nErr==0 ){
     assert( z==0 );
@@ -99808,7 +100397,9 @@ case OP_RowSetTest: {                     /* jump, in1, in3 */
 ** P1 contains the address of the memory cell that contains the first memory
 ** cell in an array of values used as arguments to the sub-program. P2
 ** contains the address to jump to if the sub-program throws an IGNORE
-** exception using the RAISE() function. Register P3 contains the address
+** exception using the RAISE() function. P2 might be zero, if there is
+** no possibility that an IGNORE exception will be raised.
+** Register P3 contains the address
 ** of a memory cell in this (the parent) VM that is used to allocate the
 ** memory required by the sub-vdbe at runtime.
 **
@@ -99816,7 +100407,7 @@ case OP_RowSetTest: {                     /* jump, in1, in3 */
 **
 ** If P5 is non-zero, then recursive program invocation is enabled.
 */
-case OP_Program: {        /* jump */
+case OP_Program: {        /* jump0 */
   int nMem;               /* Number of memory registers for sub-program */
   int nByte;              /* Bytes of runtime space required for sub-program */
   Mem *pRt;               /* Register to allocate runtime space */
@@ -101365,7 +101956,7 @@ case OP_Filter: {          /* jump */
 ** error is encountered.
 */
 case OP_Trace:
-case OP_Init: {          /* jump */
+case OP_Init: {          /* jump0 */
   int i;
 #ifndef SQLITE_OMIT_TRACE
   char *zTrace;
@@ -105266,10 +105857,10 @@ static int bytecodevtabColumn(
 
 #ifdef SQLITE_ENABLE_STMT_SCANSTATUS
     case 9:     /* nexec */
-      sqlite3_result_int(ctx, pOp->nExec);
+      sqlite3_result_int64(ctx, pOp->nExec);
       break;
     case 10:    /* ncycle */
-      sqlite3_result_int(ctx, pOp->nCycle);
+      sqlite3_result_int64(ctx, pOp->nCycle);
       break;
 #else
     case 9:     /* nexec */
@@ -106213,6 +106804,8 @@ static void resolveAlias(
   assert( iCol>=0 && iColnExpr );
   pOrig = pEList->a[iCol].pExpr;
   assert( pOrig!=0 );
+  assert( !ExprHasProperty(pExpr, EP_Reduced|EP_TokenOnly) );
+  if( pExpr->pAggInfo ) return;
   db = pParse->db;
   pDup = sqlite3ExprDup(db, pOrig, 0);
   if( db->mallocFailed ){
@@ -106360,7 +106953,7 @@ static void extendFJMatch(
 static SQLITE_NOINLINE int isValidSchemaTableName(
   const char *zTab,         /* Name as it appears in the SQL */
   Table *pTab,              /* The schema table we are trying to match */
-  Schema *pSchema           /* non-NULL if a database qualifier is present */
+  const char *zDb           /* non-NULL if a database qualifier is present */
 ){
   const char *zLegacy;
   assert( pTab!=0 );
@@ -106371,7 +106964,7 @@ static SQLITE_NOINLINE int isValidSchemaTableName(
     if( sqlite3StrICmp(zTab+7, &PREFERRED_TEMP_SCHEMA_TABLE[7])==0 ){
       return 1;
     }
-    if( pSchema==0 ) return 0;
+    if( zDb==0 ) return 0;
     if( sqlite3StrICmp(zTab+7, &LEGACY_SCHEMA_TABLE[7])==0 ) return 1;
     if( sqlite3StrICmp(zTab+7, &PREFERRED_SCHEMA_TABLE[7])==0 ) return 1;
   }else{
@@ -106411,7 +107004,7 @@ static int lookupName(
   Parse *pParse,       /* The parsing context */
   const char *zDb,     /* Name of the database containing table, or NULL */
   const char *zTab,    /* Name of table containing column, or NULL */
-  const char *zCol,    /* Name of the column. */
+  const Expr *pRight,  /* Name of the column. */
   NameContext *pNC,    /* The name context used to resolve the name */
   Expr *pExpr          /* Make this EXPR node point to the selected column */
 ){
@@ -106428,6 +107021,7 @@ static int lookupName(
   Table *pTab = 0;                  /* Table holding the row */
   Column *pCol;                     /* A column of pTab */
   ExprList *pFJMatch = 0;           /* Matches for FULL JOIN .. USING */
+  const char *zCol = pRight->u.zToken;
 
   assert( pNC );     /* the name context cannot be NULL. */
   assert( zCol );    /* The Z in X.Y.Z cannot be NULL */
@@ -106553,7 +107147,7 @@ static int lookupName(
             }
           }else if( sqlite3StrICmp(zTab, pTab->zName)!=0 ){
             if( pTab->tnum!=1 ) continue;
-            if( !isValidSchemaTableName(zTab, pTab, pSchema) ) continue;
+            if( !isValidSchemaTableName(zTab, pTab, zDb) ) continue;
           }
           assert( ExprUseYTab(pExpr) );
           if( IN_RENAME_OBJECT && pItem->zAlias ){
@@ -106600,8 +107194,37 @@ static int lookupName(
           }
         }
         if( 0==cnt && VisibleRowid(pTab) ){
+          /* pTab is a potential ROWID match.  Keep track of it and match
+          ** the ROWID later if that seems appropriate.  (Search for "cntTab"
+          ** to find related code.)  Only allow a ROWID match if there is
+          ** a single ROWID match candidate.
+          */
+#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
+          /* In SQLITE_ALLOW_ROWID_IN_VIEW mode, allow a ROWID match
+          ** if there is a single VIEW candidate or if there is a single
+          ** non-VIEW candidate plus multiple VIEW candidates.  In other
+          ** words non-VIEW candidate terms take precedence over VIEWs.
+          */
+          if( cntTab==0
+           || (cntTab==1
+               && ALWAYS(pMatch!=0)
+               && ALWAYS(pMatch->pTab!=0)
+               && (pMatch->pTab->tabFlags & TF_Ephemeral)!=0
+               && (pTab->tabFlags & TF_Ephemeral)==0)
+          ){
+            cntTab = 1;
+            pMatch = pItem;
+          }else{
+            cntTab++;
+          }
+#else
+          /* The (much more common) non-SQLITE_ALLOW_ROWID_IN_VIEW case is
+          ** simpler since we require exactly one candidate, which will
+          ** always be a non-VIEW
+          */
           cntTab++;
           pMatch = pItem;
+#endif
         }
       }
       if( pMatch ){
@@ -106630,7 +107253,8 @@ static int lookupName(
         if( pParse->bReturning ){
           if( (pNC->ncFlags & NC_UBaseReg)!=0
            && ALWAYS(zTab==0
-                     || sqlite3StrICmp(zTab,pParse->pTriggerTab->zName)==0)
+                     || sqlite3StrICmp(zTab,pParse->pTriggerTab->zName)==0
+                     || isValidSchemaTableName(zTab, pParse->pTriggerTab, 0))
           ){
             pExpr->iTable = op!=TK_DELETE;
             pTab = pParse->pTriggerTab;
@@ -106727,13 +107351,18 @@ static int lookupName(
     ** Perhaps the name is a reference to the ROWID
     */
     if( cnt==0
-     && cntTab==1
+     && cntTab>=1
      && pMatch
      && (pNC->ncFlags & (NC_IdxExpr|NC_GenCol))==0
      && sqlite3IsRowid(zCol)
      && ALWAYS(VisibleRowid(pMatch->pTab) || pMatch->fg.isNestedFrom)
     ){
-      cnt = 1;
+      cnt = cntTab;
+#if SQLITE_ALLOW_ROWID_IN_VIEW+0==2
+      if( pMatch->pTab!=0 && IsView(pMatch->pTab) ){
+        eNewExprOp = TK_NULL;
+      }
+#endif
       if( pMatch->fg.isNestedFrom==0 ) pExpr->iColumn = -1;
       pExpr->affExpr = SQLITE_AFF_INTEGER;
     }
@@ -106887,6 +107516,10 @@ static int lookupName(
       sqlite3ErrorMsg(pParse, "%s: %s.%s.%s", zErr, zDb, zTab, zCol);
     }else if( zTab ){
       sqlite3ErrorMsg(pParse, "%s: %s.%s", zErr, zTab, zCol);
+    }else if( cnt==0 && ExprHasProperty(pRight,EP_DblQuoted) ){
+      sqlite3ErrorMsg(pParse, "%s: \"%s\" - should this be a"
+                              " string literal in single-quotes?",
+                              zErr, zCol);
     }else{
       sqlite3ErrorMsg(pParse, "%s: %s", zErr, zCol);
     }
@@ -106920,8 +107553,12 @@ static int lookupName(
   ** If a generated column is referenced, set bits for every column
   ** of the table.
   */
-  if( pExpr->iColumn>=0 && cnt==1 && pMatch!=0 ){
-    pMatch->colUsed |= sqlite3ExprColUsed(pExpr);
+  if( pMatch ){
+    if( pExpr->iColumn>=0 ){
+      pMatch->colUsed |= sqlite3ExprColUsed(pExpr);
+    }else{
+      pMatch->fg.rowidUsed = 1;
+    }
   }
 
   pExpr->op = eNewExprOp;
@@ -107098,6 +107735,19 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
     ** resolved.  This prevents "column" from being counted as having been
     ** referenced, which might prevent a SELECT from being erroneously
     ** marked as correlated.
+    **
+    ** 2024-03-28: Beware of aggregates.  A bare column of aggregated table
+    ** can still evaluate to NULL even though it is marked as NOT NULL.
+    ** Example:
+    **
+    **       CREATE TABLE t1(a INT NOT NULL);
+    **       SELECT a, a IS NULL, a IS NOT NULL, count(*) FROM t1;
+    **
+    ** The "a IS NULL" and "a IS NOT NULL" expressions cannot be optimized
+    ** here because at the time this case is hit, we do not yet know whether
+    ** or not t1 is being aggregated.  We have to assume the worst and omit
+    ** the optimization.  The only time it is safe to apply this optimization
+    ** is within the WHERE clause.
     */
     case TK_NOTNULL:
     case TK_ISNULL: {
@@ -107108,19 +107758,36 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         anRef[i] = p->nRef;
       }
       sqlite3WalkExpr(pWalker, pExpr->pLeft);
-      if( 0==sqlite3ExprCanBeNull(pExpr->pLeft) && !IN_RENAME_OBJECT ){
-        testcase( ExprHasProperty(pExpr, EP_OuterON) );
-        assert( !ExprHasProperty(pExpr, EP_IntValue) );
-        pExpr->u.iValue = (pExpr->op==TK_NOTNULL);
-        pExpr->flags |= EP_IntValue;
-        pExpr->op = TK_INTEGER;
+      if( IN_RENAME_OBJECT ) return WRC_Prune;
+      if( sqlite3ExprCanBeNull(pExpr->pLeft) ){
+        /* The expression can be NULL.  So the optimization does not apply */
+        return WRC_Prune;
+      }
 
-        for(i=0, p=pNC; p && ipNext, i++){
-          p->nRef = anRef[i];
+      for(i=0, p=pNC; p; p=p->pNext, i++){
+        if( (p->ncFlags & NC_Where)==0 ){
+          return WRC_Prune;  /* Not in a WHERE clause.  Unsafe to optimize. */
         }
-        sqlite3ExprDelete(pParse->db, pExpr->pLeft);
-        pExpr->pLeft = 0;
       }
+      testcase( ExprHasProperty(pExpr, EP_OuterON) );
+      assert( !ExprHasProperty(pExpr, EP_IntValue) );
+#if TREETRACE_ENABLED
+      if( sqlite3TreeTrace & 0x80000 ){
+        sqlite3DebugPrintf(
+           "NOT NULL strength reduction converts the following to %d:\n",
+           pExpr->op==TK_NOTNULL
+        );
+        sqlite3ShowExpr(pExpr);
+      }
+#endif /* TREETRACE_ENABLED */
+      pExpr->u.iValue = (pExpr->op==TK_NOTNULL);
+      pExpr->flags |= EP_IntValue;
+      pExpr->op = TK_INTEGER;
+      for(i=0, p=pNC; p && ipNext, i++){
+        p->nRef = anRef[i];
+      }
+      sqlite3ExprDelete(pParse->db, pExpr->pLeft);
+      pExpr->pLeft = 0;
       return WRC_Prune;
     }
 
@@ -107134,7 +107801,6 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
     */
     case TK_ID:
     case TK_DOT: {
-      const char *zColumn;
       const char *zTable;
       const char *zDb;
       Expr *pRight;
@@ -107143,7 +107809,7 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         zDb = 0;
         zTable = 0;
         assert( !ExprHasProperty(pExpr, EP_IntValue) );
-        zColumn = pExpr->u.zToken;
+        pRight = pExpr;
       }else{
         Expr *pLeft = pExpr->pLeft;
         testcase( pNC->ncFlags & NC_IdxExpr );
@@ -107162,14 +107828,13 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         }
         assert( ExprUseUToken(pLeft) && ExprUseUToken(pRight) );
         zTable = pLeft->u.zToken;
-        zColumn = pRight->u.zToken;
         assert( ExprUseYTab(pExpr) );
         if( IN_RENAME_OBJECT ){
           sqlite3RenameTokenRemap(pParse, (void*)pExpr, (void*)pRight);
           sqlite3RenameTokenRemap(pParse, (void*)&pExpr->y.pTab, (void*)pLeft);
         }
       }
-      return lookupName(pParse, zDb, zTable, zColumn, pNC, pExpr);
+      return lookupName(pParse, zDb, zTable, pRight, pNC, pExpr);
     }
 
     /* Resolve function names
@@ -107345,11 +108010,9 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
 #endif
         }
       }
-#ifndef SQLITE_OMIT_WINDOWFUNC
-      else if( ExprHasProperty(pExpr, EP_WinFunc) ){
+      else if( ExprHasProperty(pExpr, EP_WinFunc) || pExpr->pLeft ){
         is_agg = 1;
       }
-#endif
       sqlite3WalkExprList(pWalker, pList);
       if( is_agg ){
         if( pExpr->pLeft ){
@@ -107419,6 +108082,7 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         testcase( pNC->ncFlags & NC_PartIdx );
         testcase( pNC->ncFlags & NC_IdxExpr );
         testcase( pNC->ncFlags & NC_GenCol );
+        assert( pExpr->x.pSelect );
         if( pNC->ncFlags & NC_SelfRef ){
           notValidImpl(pParse, pNC, "subqueries", pExpr, pExpr);
         }else{
@@ -107427,6 +108091,7 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         assert( pNC->nRef>=nRef );
         if( nRef!=pNC->nRef ){
           ExprSetProperty(pExpr, EP_VarSelect);
+          pExpr->x.pSelect->selFlags |= SF_Correlated;
         }
         pNC->ncFlags |= NC_Subquery;
       }
@@ -107952,6 +108617,7 @@ static int resolveSelectStep(Walker *pWalker, Select *p){
     if( pOuterNC ) pOuterNC->nNestedSelect++;
     for(i=0; ipSrc->nSrc; i++){
       SrcItem *pItem = &p->pSrc->a[i];
+      assert( pItem->zName!=0 || pItem->pSelect!=0 );/* Test of tag-20240424-1*/
       if( pItem->pSelect && (pItem->pSelect->selFlags & SF_Resolved)==0 ){
         int nRef = pOuterNC ? pOuterNC->nRef : 0;
         const char *zSavedContext = pParse->zAuthContext;
@@ -108020,7 +108686,9 @@ static int resolveSelectStep(Walker *pWalker, Select *p){
       }
       if( sqlite3ResolveExprNames(&sNC, p->pHaving) ) return WRC_Abort;
     }
+    sNC.ncFlags |= NC_Where;
     if( sqlite3ResolveExprNames(&sNC, p->pWhere) ) return WRC_Abort;
+    sNC.ncFlags &= ~NC_Where;
 
     /* Resolve names in table-valued-function arguments */
     for(i=0; ipSrc->nSrc; i++){
@@ -108211,6 +108879,9 @@ SQLITE_PRIVATE int sqlite3ResolveExprNames(
 ** Resolve all names for all expression in an expression list.  This is
 ** just like sqlite3ResolveExprNames() except that it works for an expression
 ** list rather than a single expression.
+**
+** The return value is SQLITE_OK (0) for success or SQLITE_ERROR (1) for a
+** failure.
 */
 SQLITE_PRIVATE int sqlite3ResolveExprListNames(
   NameContext *pNC,       /* Namespace to resolve expressions in. */
@@ -108219,7 +108890,7 @@ SQLITE_PRIVATE int sqlite3ResolveExprListNames(
   int i;
   int savedHasAgg = 0;
   Walker w;
-  if( pList==0 ) return WRC_Continue;
+  if( pList==0 ) return SQLITE_OK;
   w.pParse = pNC->pParse;
   w.xExprCallback = resolveExprStep;
   w.xSelectCallback = resolveSelectStep;
@@ -108233,7 +108904,7 @@ SQLITE_PRIVATE int sqlite3ResolveExprListNames(
 #if SQLITE_MAX_EXPR_DEPTH>0
     w.pParse->nHeight += pExpr->nHeight;
     if( sqlite3ExprCheckHeight(w.pParse, w.pParse->nHeight) ){
-      return WRC_Abort;
+      return SQLITE_ERROR;
     }
 #endif
     sqlite3WalkExprNN(&w, pExpr);
@@ -108250,10 +108921,10 @@ SQLITE_PRIVATE int sqlite3ResolveExprListNames(
                           (NC_HasAgg|NC_MinMaxAgg|NC_HasWin|NC_OrderAgg);
       pNC->ncFlags &= ~(NC_HasAgg|NC_MinMaxAgg|NC_HasWin|NC_OrderAgg);
     }
-    if( w.pParse->nErr>0 ) return WRC_Abort;
+    if( w.pParse->nErr>0 ) return SQLITE_ERROR;
   }
   pNC->ncFlags |= savedHasAgg;
-  return WRC_Continue;
+  return SQLITE_OK;
 }
 
 /*
@@ -108559,9 +109230,10 @@ SQLITE_PRIVATE Expr *sqlite3ExprSkipCollateAndLikely(Expr *pExpr){
       assert( pExpr->x.pList->nExpr>0 );
       assert( pExpr->op==TK_FUNCTION );
       pExpr = pExpr->x.pList->a[0].pExpr;
-    }else{
-      assert( pExpr->op==TK_COLLATE );
+    }else if( pExpr->op==TK_COLLATE ){
       pExpr = pExpr->pLeft;
+    }else{
+      break;
     }
   }
   return pExpr;
@@ -109255,11 +109927,12 @@ SQLITE_PRIVATE void sqlite3ExprSetErrorOffset(Expr *pExpr, int iOfst){
 ** appear to be quoted.  If the quotes were of the form "..." (double-quotes)
 ** then the EP_DblQuoted flag is set on the expression node.
 **
-** Special case:  If op==TK_INTEGER and pToken points to a string that
-** can be translated into a 32-bit integer, then the token is not
-** stored in u.zToken.  Instead, the integer values is written
-** into u.iValue and the EP_IntValue flag is set.  No extra storage
+** Special case (tag-20240227-a):  If op==TK_INTEGER and pToken points to
+** a string that can be translated into a 32-bit integer, then the token is
+** not stored in u.zToken.  Instead, the integer values is written
+** into u.iValue and the EP_IntValue flag is set. No extra storage
 ** is allocated to hold the integer text and the dequote flag is ignored.
+** See also tag-20240227-b.
 */
 SQLITE_PRIVATE Expr *sqlite3ExprAlloc(
   sqlite3 *db,            /* Handle for sqlite3DbMallocRawNN() */
@@ -109275,7 +109948,7 @@ SQLITE_PRIVATE Expr *sqlite3ExprAlloc(
   if( pToken ){
     if( op!=TK_INTEGER || pToken->z==0
           || sqlite3GetInt32(pToken->z, &iValue)==0 ){
-      nExtra = pToken->n+1;
+      nExtra = pToken->n+1;  /* tag-20240227-a */
       assert( iValue>=0 );
     }
   }
@@ -109707,6 +110380,7 @@ SQLITE_PRIVATE void sqlite3ExprAssignVarNumber(Parse *pParse, Expr *pExpr, u32 n
 static SQLITE_NOINLINE void sqlite3ExprDeleteNN(sqlite3 *db, Expr *p){
   assert( p!=0 );
   assert( db!=0 );
+exprDeleteRestart:
   assert( !ExprUseUValue(p) || p->u.iValue>=0 );
   assert( !ExprUseYWin(p) || !ExprUseYSub(p) );
   assert( !ExprUseYWin(p) || p->y.pWin!=0 || db->mallocFailed );
@@ -109722,7 +110396,6 @@ static SQLITE_NOINLINE void sqlite3ExprDeleteNN(sqlite3 *db, Expr *p){
   if( !ExprHasProperty(p, (EP_TokenOnly|EP_Leaf)) ){
     /* The Expr.x union is never used at the same time as Expr.pRight */
     assert( (ExprUseXList(p) && p->x.pList==0) || p->pRight==0 );
-    if( p->pLeft && p->op!=TK_SELECT_COLUMN ) sqlite3ExprDeleteNN(db, p->pLeft);
     if( p->pRight ){
       assert( !ExprHasProperty(p, EP_WinFunc) );
       sqlite3ExprDeleteNN(db, p->pRight);
@@ -109737,6 +110410,19 @@ static SQLITE_NOINLINE void sqlite3ExprDeleteNN(sqlite3 *db, Expr *p){
       }
 #endif
     }
+    if( p->pLeft && p->op!=TK_SELECT_COLUMN ){
+      Expr *pLeft = p->pLeft;
+      if( !ExprHasProperty(p, EP_Static)
+       && !ExprHasProperty(pLeft, EP_Static)
+      ){
+        /* Avoid unnecessary recursion on unary operators */
+        sqlite3DbNNFreeNN(db, p);
+        p = pLeft;
+        goto exprDeleteRestart;
+      }else{
+        sqlite3ExprDeleteNN(db, pLeft);
+      }
+    }
   }
   if( !ExprHasProperty(p, EP_Static) ){
     sqlite3DbNNFreeNN(db, p);
@@ -109769,11 +110455,11 @@ SQLITE_PRIVATE void sqlite3ClearOnOrUsing(sqlite3 *db, OnOrUsing *p){
 **
 ** The pExpr might be deleted immediately on an OOM error.
 **
-** The deferred delete is (currently) implemented by adding the
-** pExpr to the pParse->pConstExpr list with a register number of 0.
+** Return 0 if the delete was successfully deferred.  Return non-zero
+** if the delete happened immediately because of an OOM.
 */
-SQLITE_PRIVATE void sqlite3ExprDeferredDelete(Parse *pParse, Expr *pExpr){
-  sqlite3ParserAddCleanup(pParse, sqlite3ExprDeleteGeneric, pExpr);
+SQLITE_PRIVATE int sqlite3ExprDeferredDelete(Parse *pParse, Expr *pExpr){
+  return 0==sqlite3ParserAddCleanup(pParse, sqlite3ExprDeleteGeneric, pExpr);
 }
 
 /* Invoke sqlite3RenameExprUnmap() and sqlite3ExprDelete() on the
@@ -110209,17 +110895,19 @@ SQLITE_PRIVATE SrcList *sqlite3SrcListDup(sqlite3 *db, const SrcList *p, int fla
     pNewItem->iCursor = pOldItem->iCursor;
     pNewItem->addrFillSub = pOldItem->addrFillSub;
     pNewItem->regReturn = pOldItem->regReturn;
+    pNewItem->regResult = pOldItem->regResult;
     if( pNewItem->fg.isIndexedBy ){
       pNewItem->u1.zIndexedBy = sqlite3DbStrDup(db, pOldItem->u1.zIndexedBy);
+    }else if( pNewItem->fg.isTabFunc ){
+      pNewItem->u1.pFuncArg =
+          sqlite3ExprListDup(db, pOldItem->u1.pFuncArg, flags);
+    }else{
+      pNewItem->u1.nRow = pOldItem->u1.nRow;
     }
     pNewItem->u2 = pOldItem->u2;
     if( pNewItem->fg.isCte ){
       pNewItem->u2.pCteUse->nUse++;
     }
-    if( pNewItem->fg.isTabFunc ){
-      pNewItem->u1.pFuncArg =
-          sqlite3ExprListDup(db, pOldItem->u1.pFuncArg, flags);
-    }
     pTab = pNewItem->pTab = pOldItem->pTab;
     if( pTab ){
       pTab->nTabRef++;
@@ -110685,6 +111373,54 @@ SQLITE_PRIVATE Expr *sqlite3ExprSimplifiedAndOr(Expr *pExpr){
   return pExpr;
 }
 
+/*
+** pExpr is a TK_FUNCTION node.  Try to determine whether or not the
+** function is a constant function.  A function is constant if all of
+** the following are true:
+**
+**    (1)  It is a scalar function (not an aggregate or window function)
+**    (2)  It has either the SQLITE_FUNC_CONSTANT or SQLITE_FUNC_SLOCHNG
+**         property.
+**    (3)  All of its arguments are constants
+**
+** This routine sets pWalker->eCode to 0 if pExpr is not a constant.
+** It makes no changes to pWalker->eCode if pExpr is constant.  In
+** every case, it returns WRC_Abort.
+**
+** Called as a service subroutine from exprNodeIsConstant().
+*/
+static SQLITE_NOINLINE int exprNodeIsConstantFunction(
+  Walker *pWalker,
+  Expr *pExpr
+){
+  int n;             /* Number of arguments */
+  ExprList *pList;   /* List of arguments */
+  FuncDef *pDef;     /* The function */
+  sqlite3 *db;       /* The database */
+
+  assert( pExpr->op==TK_FUNCTION );
+  if( ExprHasProperty(pExpr, EP_TokenOnly)
+   || (pList = pExpr->x.pList)==0
+  ){;
+    n = 0;
+  }else{
+    n = pList->nExpr;
+    sqlite3WalkExprList(pWalker, pList);
+    if( pWalker->eCode==0 ) return WRC_Abort;
+  }
+  db = pWalker->pParse->db;
+  pDef = sqlite3FindFunction(db, pExpr->u.zToken, n, ENC(db), 0);
+  if( pDef==0
+   || pDef->xFinalize!=0
+   || (pDef->funcFlags & (SQLITE_FUNC_CONSTANT|SQLITE_FUNC_SLOCHNG))==0
+   || ExprHasProperty(pExpr, EP_WinFunc)
+  ){
+    pWalker->eCode = 0;
+    return WRC_Abort;
+  }
+  return WRC_Prune;
+}
+
 
 /*
 ** These routines are Walker callbacks used to check expressions to
@@ -110713,6 +111449,7 @@ SQLITE_PRIVATE Expr *sqlite3ExprSimplifiedAndOr(Expr *pExpr){
 ** malformed schema error.
 */
 static int exprNodeIsConstant(Walker *pWalker, Expr *pExpr){
+  assert( pWalker->eCode>0 );
 
   /* If pWalker->eCode is 2 then any term of the expression that comes from
   ** the ON or USING clauses of an outer join disqualifies the expression
@@ -110732,6 +111469,8 @@ static int exprNodeIsConstant(Walker *pWalker, Expr *pExpr){
       ){
         if( pWalker->eCode==5 ) ExprSetProperty(pExpr, EP_FromDDL);
         return WRC_Continue;
+      }else if( pWalker->pParse ){
+        return exprNodeIsConstantFunction(pWalker, pExpr);
       }else{
         pWalker->eCode = 0;
         return WRC_Abort;
@@ -110760,9 +111499,11 @@ static int exprNodeIsConstant(Walker *pWalker, Expr *pExpr){
     case TK_IF_NULL_ROW:
     case TK_REGISTER:
     case TK_DOT:
+    case TK_RAISE:
       testcase( pExpr->op==TK_REGISTER );
       testcase( pExpr->op==TK_IF_NULL_ROW );
       testcase( pExpr->op==TK_DOT );
+      testcase( pExpr->op==TK_RAISE );
       pWalker->eCode = 0;
       return WRC_Abort;
     case TK_VARIABLE:
@@ -110784,15 +111525,15 @@ static int exprNodeIsConstant(Walker *pWalker, Expr *pExpr){
       return WRC_Continue;
   }
 }
-static int exprIsConst(Expr *p, int initFlag, int iCur){
+static int exprIsConst(Parse *pParse, Expr *p, int initFlag){
   Walker w;
   w.eCode = initFlag;
+  w.pParse = pParse;
   w.xExprCallback = exprNodeIsConstant;
   w.xSelectCallback = sqlite3SelectWalkFail;
 #ifdef SQLITE_DEBUG
   w.xSelectCallback2 = sqlite3SelectWalkAssert2;
 #endif
-  w.u.iCur = iCur;
   sqlite3WalkExpr(&w, p);
   return w.eCode;
 }
@@ -110804,9 +111545,15 @@ static int exprIsConst(Expr *p, int initFlag, int iCur){
 ** For the purposes of this function, a double-quoted string (ex: "abc")
 ** is considered a variable but a single-quoted string (ex: 'abc') is
 ** a constant.
+**
+** The pParse parameter may be NULL.  But if it is NULL, there is no way
+** to determine if function calls are constant or not, and hence all
+** function calls will be considered to be non-constant.  If pParse is
+** not NULL, then a function call might be constant, depending on the
+** function and on its parameters.
 */
-SQLITE_PRIVATE int sqlite3ExprIsConstant(Expr *p){
-  return exprIsConst(p, 1, 0);
+SQLITE_PRIVATE int sqlite3ExprIsConstant(Parse *pParse, Expr *p){
+  return exprIsConst(pParse, p, 1);
 }
 
 /*
@@ -110822,8 +111569,24 @@ SQLITE_PRIVATE int sqlite3ExprIsConstant(Expr *p){
 ** can be added to the pParse->pConstExpr list and evaluated once when
 ** the prepared statement starts up.  See sqlite3ExprCodeRunJustOnce().
 */
-SQLITE_PRIVATE int sqlite3ExprIsConstantNotJoin(Expr *p){
-  return exprIsConst(p, 2, 0);
+static int sqlite3ExprIsConstantNotJoin(Parse *pParse, Expr *p){
+  return exprIsConst(pParse, p, 2);
+}
+
+/*
+** This routine examines sub-SELECT statements as an expression is being
+** walked as part of sqlite3ExprIsTableConstant().  Sub-SELECTs are considered
+** constant as long as they are uncorrelated - meaning that they do not
+** contain any terms from outer contexts.
+*/
+static int exprSelectWalkTableConstant(Walker *pWalker, Select *pSelect){
+  assert( pSelect!=0 );
+  assert( pWalker->eCode==3 || pWalker->eCode==0 );
+  if( (pSelect->selFlags & SF_Correlated)!=0 ){
+    pWalker->eCode = 0;
+    return WRC_Abort;
+  }
+  return WRC_Prune;
 }
 
 /*
@@ -110831,9 +111594,26 @@ SQLITE_PRIVATE int sqlite3ExprIsConstantNotJoin(Expr *p){
 ** for any single row of the table with cursor iCur.  In other words, the
 ** expression must not refer to any non-deterministic function nor any
 ** table other than iCur.
+**
+** Consider uncorrelated subqueries to be constants if the bAllowSubq
+** parameter is true.
 */
-SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr *p, int iCur){
-  return exprIsConst(p, 3, iCur);
+static int sqlite3ExprIsTableConstant(Expr *p, int iCur, int bAllowSubq){
+  Walker w;
+  w.eCode = 3;
+  w.pParse = 0;
+  w.xExprCallback = exprNodeIsConstant;
+  if( bAllowSubq ){
+    w.xSelectCallback = exprSelectWalkTableConstant;
+  }else{
+    w.xSelectCallback = sqlite3SelectWalkFail;
+#ifdef SQLITE_DEBUG
+    w.xSelectCallback2 = sqlite3SelectWalkAssert2;
+#endif
+  }
+  w.u.iCur = iCur;
+  sqlite3WalkExpr(&w, p);
+  return w.eCode;
 }
 
 /*
@@ -110851,7 +111631,10 @@ SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr *p, int iCur){
 **
 **   (1)  pExpr cannot refer to any table other than pSrc->iCursor.
 **
-**   (2)  pExpr cannot use subqueries or non-deterministic functions.
+**   (2a) pExpr cannot use subqueries unless the bAllowSubq parameter is
+**        true and the subquery is non-correlated
+**
+**   (2b) pExpr cannot use non-deterministic functions.
 **
 **   (3)  pSrc cannot be part of the left operand for a RIGHT JOIN.
 **        (Is there some way to relax this constraint?)
@@ -110880,7 +111663,8 @@ SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr *p, int iCur){
 SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(
   Expr *pExpr,                 /* The constraint */
   const SrcList *pSrcList,     /* Complete FROM clause */
-  int iSrc                     /* Which element of pSrcList to use */
+  int iSrc,                    /* Which element of pSrcList to use */
+  int bAllowSubq               /* Allow non-correlated subqueries */
 ){
   const SrcItem *pSrc = &pSrcList->a[iSrc];
   if( pSrc->fg.jointype & JT_LTORJ ){
@@ -110905,7 +111689,8 @@ SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(
       }
     }
   }
-  return sqlite3ExprIsTableConstant(pExpr, pSrc->iCursor); /* rules (1), (2) */
+  /* Rules (1), (2a), and (2b) handled by the following: */
+  return sqlite3ExprIsTableConstant(pExpr, pSrc->iCursor, bAllowSubq);
 }
 
 
@@ -110990,7 +111775,7 @@ SQLITE_PRIVATE int sqlite3ExprIsConstantOrGroupBy(Parse *pParse, Expr *p, ExprLi
 */
 SQLITE_PRIVATE int sqlite3ExprIsConstantOrFunction(Expr *p, u8 isInit){
   assert( isInit==0 || isInit==1 );
-  return exprIsConst(p, 4+isInit, 0);
+  return exprIsConst(0, p, 4+isInit);
 }
 
 #ifdef SQLITE_ENABLE_CURSOR_HINTS
@@ -111080,9 +111865,12 @@ SQLITE_PRIVATE int sqlite3ExprCanBeNull(const Expr *p){
       return 0;
     case TK_COLUMN:
       assert( ExprUseYTab(p) );
-      return ExprHasProperty(p, EP_CanBeNull) ||
-             NEVER(p->y.pTab==0) ||  /* Reference to column of index on expr */
-             (p->iColumn>=0
+      return ExprHasProperty(p, EP_CanBeNull)
+          || NEVER(p->y.pTab==0) /* Reference to column of index on expr */
+#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
+          || (p->iColumn==XN_ROWID && IsView(p->y.pTab))
+#endif
+          || (p->iColumn>=0
               && p->y.pTab->aCol!=0 /* Possible due to prior error */
               && ALWAYS(p->iColumny.pTab->nCol)
               && p->y.pTab->aCol[p->iColumn].notNull==0);
@@ -111235,13 +112023,13 @@ static void sqlite3SetHasNullFlag(Vdbe *v, int iCur, int regHasNull){
 ** The argument is an IN operator with a list (not a subquery) on the
 ** right-hand side.  Return TRUE if that list is constant.
 */
-static int sqlite3InRhsIsConstant(Expr *pIn){
+static int sqlite3InRhsIsConstant(Parse *pParse, Expr *pIn){
   Expr *pLHS;
   int res;
   assert( !ExprHasProperty(pIn, EP_xIsSelect) );
   pLHS = pIn->pLeft;
   pIn->pLeft = 0;
-  res = sqlite3ExprIsConstant(pIn);
+  res = sqlite3ExprIsConstant(pParse, pIn);
   pIn->pLeft = pLHS;
   return res;
 }
@@ -111510,7 +112298,7 @@ SQLITE_PRIVATE int sqlite3FindInIndex(
   if( eType==0
    && (inFlags & IN_INDEX_NOOP_OK)
    && ExprUseXList(pX)
-   && (!sqlite3InRhsIsConstant(pX) || pX->x.pList->nExpr<=2)
+   && (!sqlite3InRhsIsConstant(pParse,pX) || pX->x.pList->nExpr<=2)
   ){
     pParse->nTab--;  /* Back out the allocation of the unused cursor */
     iTab = -1;       /* Cursor is not allocated */
@@ -111793,7 +112581,7 @@ SQLITE_PRIVATE void sqlite3CodeRhsOfIN(
       ** this code only executes once.  Because for a non-constant
       ** expression we need to rerun this code each time.
       */
-      if( addrOnce && !sqlite3ExprIsConstant(pE2) ){
+      if( addrOnce && !sqlite3ExprIsConstant(pParse, pE2) ){
         sqlite3VdbeChangeToNoop(v, addrOnce-1);
         sqlite3VdbeChangeToNoop(v, addrOnce);
         ExprClearProperty(pExpr, EP_Subrtn);
@@ -112957,12 +113745,6 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       assert( pExpr->u.zToken!=0 );
       assert( pExpr->u.zToken[0]!=0 );
       sqlite3VdbeAddOp2(v, OP_Variable, pExpr->iColumn, target);
-      if( pExpr->u.zToken[1]!=0 ){
-        const char *z = sqlite3VListNumToName(pParse->pVList, pExpr->iColumn);
-        assert( pExpr->u.zToken[0]=='?' || (z && !strcmp(pExpr->u.zToken, z)) );
-        pParse->pVList[0] = 0; /* Indicate VList may no longer be enlarged */
-        sqlite3VdbeAppendP4(v, (char*)z, P4_STATIC);
-      }
       return target;
     }
     case TK_REGISTER: {
@@ -113136,7 +113918,9 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       }
 #endif
 
-      if( ConstFactorOk(pParse) && sqlite3ExprIsConstantNotJoin(pExpr) ){
+      if( ConstFactorOk(pParse)
+       && sqlite3ExprIsConstantNotJoin(pParse,pExpr)
+      ){
         /* SQL functions can be expensive. So try to avoid running them
         ** multiple times if we know they always give the same result */
         return sqlite3ExprCodeRunJustOnce(pParse, pExpr, -1);
@@ -113167,7 +113951,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       }
 
       for(i=0; ia[i].pExpr) ){
+        if( i<32 && sqlite3ExprIsConstant(pParse, pFarg->a[i].pExpr) ){
           testcase( i==31 );
           constMask |= MASKBIT32(i);
         }
@@ -113309,8 +114093,9 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       if( !ExprHasProperty(pExpr, EP_Collate) ){
         /* A TK_COLLATE Expr node without the EP_Collate tag is a so-called
         ** "SOFT-COLLATE" that is added to constraints that are pushed down
-        ** from outer queries into sub-queries by the push-down optimization.
-        ** Clear subtypes as subtypes may not cross a subquery boundary.
+        ** from outer queries into sub-queries by the WHERE-clause push-down
+        ** optimization. Clear subtypes as subtypes may not cross a subquery
+        ** boundary.
         */
         assert( pExpr->pLeft );
         sqlite3ExprCode(pParse, pExpr->pLeft, target);
@@ -113634,7 +114419,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTemp(Parse *pParse, Expr *pExpr, int *pReg){
   if( ConstFactorOk(pParse)
    && ALWAYS(pExpr!=0)
    && pExpr->op!=TK_REGISTER
-   && sqlite3ExprIsConstantNotJoin(pExpr)
+   && sqlite3ExprIsConstantNotJoin(pParse, pExpr)
   ){
     *pReg  = 0;
     r2 = sqlite3ExprCodeRunJustOnce(pParse, pExpr, -1);
@@ -113698,7 +114483,7 @@ SQLITE_PRIVATE void sqlite3ExprCodeCopy(Parse *pParse, Expr *pExpr, int target){
 ** might choose to code the expression at initialization time.
 */
 SQLITE_PRIVATE void sqlite3ExprCodeFactorable(Parse *pParse, Expr *pExpr, int target){
-  if( pParse->okConstFactor && sqlite3ExprIsConstantNotJoin(pExpr) ){
+  if( pParse->okConstFactor && sqlite3ExprIsConstantNotJoin(pParse,pExpr) ){
     sqlite3ExprCodeRunJustOnce(pParse, pExpr, target);
   }else{
     sqlite3ExprCodeCopy(pParse, pExpr, target);
@@ -113757,7 +114542,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeExprList(
         sqlite3VdbeAddOp2(v, copyOp, j+srcReg-1, target+i);
       }
     }else if( (flags & SQLITE_ECEL_FACTOR)!=0
-           && sqlite3ExprIsConstantNotJoin(pExpr)
+           && sqlite3ExprIsConstantNotJoin(pParse,pExpr)
     ){
       sqlite3ExprCodeRunJustOnce(pParse, pExpr, target+i);
     }else{
@@ -114908,9 +115693,8 @@ static int agginfoPersistExprCb(Walker *pWalker, Expr *pExpr){
        && pAggInfo->aCol[iAgg].pCExpr==pExpr
       ){
         pExpr = sqlite3ExprDup(db, pExpr, 0);
-        if( pExpr ){
+        if( pExpr && !sqlite3ExprDeferredDelete(pParse, pExpr) ){
           pAggInfo->aCol[iAgg].pCExpr = pExpr;
-          sqlite3ExprDeferredDelete(pParse, pExpr);
         }
       }
     }else{
@@ -114919,9 +115703,8 @@ static int agginfoPersistExprCb(Walker *pWalker, Expr *pExpr){
        && pAggInfo->aFunc[iAgg].pFExpr==pExpr
       ){
         pExpr = sqlite3ExprDup(db, pExpr, 0);
-        if( pExpr ){
+        if( pExpr && !sqlite3ExprDeferredDelete(pParse, pExpr) ){
           pAggInfo->aFunc[iAgg].pFExpr = pExpr;
-          sqlite3ExprDeferredDelete(pParse, pExpr);
         }
       }
     }
@@ -116680,7 +117463,7 @@ static int renameResolveTrigger(Parse *pParse){
   /* ALWAYS() because if the table of the trigger does not exist, the
   ** error would have been hit before this point */
   if( ALWAYS(pParse->pTriggerTab) ){
-    rc = sqlite3ViewGetColumnNames(pParse, pParse->pTriggerTab);
+    rc = sqlite3ViewGetColumnNames(pParse, pParse->pTriggerTab)!=0;
   }
 
   /* Resolve symbols in WHEN clause */
@@ -117622,7 +118405,12 @@ SQLITE_PRIVATE void sqlite3AlterDropColumn(Parse *pParse, SrcList *pSrc, const T
         if( i==pTab->iPKey ){
           sqlite3VdbeAddOp2(v, OP_Null, 0, regOut);
         }else{
+          char aff = pTab->aCol[i].affinity;
+          if( aff==SQLITE_AFF_REAL ){
+            pTab->aCol[i].affinity = SQLITE_AFF_NUMERIC;
+          }
           sqlite3ExprCodeGetColumnOfTable(v, pTab, iCur, i, regOut);
+          pTab->aCol[i].affinity = aff;
         }
         nField++;
       }
@@ -118541,7 +119329,7 @@ static void statGet(
       if( iVal==2 && p->nRow*10 <= nDistinct*11 ) iVal = 1;
       sqlite3_str_appendf(&sStat, " %llu", iVal);
 #ifdef SQLITE_ENABLE_STAT4
-      assert( p->current.anEq[i] );
+      assert( p->current.anEq[i] || p->nRow==0 );
 #endif
     }
     sqlite3ResultStrAccum(context, &sStat);
@@ -118726,7 +119514,7 @@ static void analyzeOneTable(
 
   for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
     int nCol;                     /* Number of columns in pIdx. "N" */
-    int addrRewind;               /* Address of "OP_Rewind iIdxCur" */
+    int addrGotoEnd;               /* Address of "OP_Rewind iIdxCur" */
     int addrNextRow;              /* Address of "next_row:" */
     const char *zIdxName;         /* Name of the index */
     int nColTest;                 /* Number of columns to test for changes */
@@ -118750,9 +119538,14 @@ static void analyzeOneTable(
     /*
     ** Pseudo-code for loop that calls stat_push():
     **
-    **   Rewind csr
-    **   if eof(csr) goto end_of_scan;
     **   regChng = 0
+    **   Rewind csr
+    **   if eof(csr){
+    **      stat_init() with count = 0;
+    **      goto end_of_scan;
+    **   }
+    **   count()
+    **   stat_init()
     **   goto chng_addr_0;
     **
     **  next_row:
@@ -118791,41 +119584,36 @@ static void analyzeOneTable(
     sqlite3VdbeSetP4KeyInfo(pParse, pIdx);
     VdbeComment((v, "%s", pIdx->zName));
 
-    /* Invoke the stat_init() function. The arguments are:
+    /* Implementation of the following:
     **
+    **   regChng = 0
+    **   Rewind csr
+    **   if eof(csr){
+    **      stat_init() with count = 0;
+    **      goto end_of_scan;
+    **   }
+    **   count()
+    **   stat_init()
+    **   goto chng_addr_0;
+    */
+    assert( regTemp2==regStat+4 );
+    sqlite3VdbeAddOp2(v, OP_Integer, db->nAnalysisLimit, regTemp2);
+
+    /* Arguments to stat_init():
     **    (1) the number of columns in the index including the rowid
     **        (or for a WITHOUT ROWID table, the number of PK columns),
     **    (2) the number of columns in the key without the rowid/pk
-    **    (3) estimated number of rows in the index,
-    */
+    **    (3) estimated number of rows in the index. */
     sqlite3VdbeAddOp2(v, OP_Integer, nCol, regStat+1);
     assert( regRowid==regStat+2 );
     sqlite3VdbeAddOp2(v, OP_Integer, pIdx->nKeyCol, regRowid);
-#ifdef SQLITE_ENABLE_STAT4
-    if( OptimizationEnabled(db, SQLITE_Stat4) ){
-      sqlite3VdbeAddOp2(v, OP_Count, iIdxCur, regTemp);
-      addrRewind = sqlite3VdbeAddOp1(v, OP_Rewind, iIdxCur);
-      VdbeCoverage(v);
-    }else
-#endif
-    {
-      addrRewind = sqlite3VdbeAddOp1(v, OP_Rewind, iIdxCur);
-      VdbeCoverage(v);
-      sqlite3VdbeAddOp3(v, OP_Count, iIdxCur, regTemp, 1);
-    }
-    assert( regTemp2==regStat+4 );
-    sqlite3VdbeAddOp2(v, OP_Integer, db->nAnalysisLimit, regTemp2);
+    sqlite3VdbeAddOp3(v, OP_Count, iIdxCur, regTemp,
+                      OptimizationDisabled(db, SQLITE_Stat4));
     sqlite3VdbeAddFunctionCall(pParse, 0, regStat+1, regStat, 4,
                                &statInitFuncdef, 0);
+    addrGotoEnd = sqlite3VdbeAddOp1(v, OP_Rewind, iIdxCur);
+    VdbeCoverage(v);
 
-    /* Implementation of the following:
-    **
-    **   Rewind csr
-    **   if eof(csr) goto end_of_scan;
-    **   regChng = 0
-    **   goto next_push_0;
-    **
-    */
     sqlite3VdbeAddOp2(v, OP_Integer, 0, regChng);
     addrNextRow = sqlite3VdbeCurrentAddr(v);
 
@@ -118932,6 +119720,12 @@ static void analyzeOneTable(
     }
 
     /* Add the entry to the stat1 table. */
+    if( pIdx->pPartIdxWhere ){
+      /* Partial indexes might get a zero-entry in sqlite_stat1.  But
+      ** an empty table is omitted from sqlite_stat1. */
+      sqlite3VdbeJumpHere(v, addrGotoEnd);
+      addrGotoEnd = 0;
+    }
     callStatGet(pParse, regStat, STAT_GET_STAT1, regStat1);
     assert( "BBB"[0]==SQLITE_AFF_TEXT );
     sqlite3VdbeAddOp4(v, OP_MakeRecord, regTabname, 3, regTemp, "BBB", 0);
@@ -118955,6 +119749,13 @@ static void analyzeOneTable(
       int addrIsNull;
       u8 seekOp = HasRowid(pTab) ? OP_NotExists : OP_NotFound;
 
+      /* No STAT4 data is generated if the number of rows is zero */
+      if( addrGotoEnd==0 ){
+        sqlite3VdbeAddOp2(v, OP_Cast, regStat1, SQLITE_AFF_INTEGER);
+        addrGotoEnd = sqlite3VdbeAddOp1(v, OP_IfNot, regStat1);
+        VdbeCoverage(v);
+      }
+
       if( doOnce ){
         int mxCol = nCol;
         Index *pX;
@@ -119007,7 +119808,7 @@ static void analyzeOneTable(
 #endif /* SQLITE_ENABLE_STAT4 */
 
     /* End of analysis */
-    sqlite3VdbeJumpHere(v, addrRewind);
+    if( addrGotoEnd ) sqlite3VdbeJumpHere(v, addrGotoEnd);
   }
 
 
@@ -120756,7 +121557,7 @@ SQLITE_PRIVATE void sqlite3FinishCoding(Parse *pParse){
     }
     sqlite3VdbeAddOp0(v, OP_Halt);
 
-#if SQLITE_USER_AUTHENTICATION
+#if SQLITE_USER_AUTHENTICATION && !defined(SQLITE_OMIT_SHARED_CACHE)
     if( pParse->nTableLock>0 && db->init.busy==0 ){
       sqlite3UserAuthInit(db);
       if( db->auth.authLevelrc = SQLITE_ERROR;
         pParse->nErr++;
         return;
       }
+      iCsr = pParse->nTab++;
       regYield = ++pParse->nMem;
       regRec = ++pParse->nMem;
       regRowid = ++pParse->nMem;
-      assert(pParse->nTab==1);
       sqlite3MayAbort(pParse);
-      sqlite3VdbeAddOp3(v, OP_OpenWrite, 1, pParse->regRoot, iDb);
+      sqlite3VdbeAddOp3(v, OP_OpenWrite, iCsr, pParse->regRoot, iDb);
       sqlite3VdbeChangeP5(v, OPFLAG_P2ISREG);
-      pParse->nTab = 2;
       addrTop = sqlite3VdbeCurrentAddr(v) + 1;
       sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, addrTop);
       if( pParse->nErr ) return;
@@ -123429,11 +124230,11 @@ SQLITE_PRIVATE void sqlite3EndTable(
       VdbeCoverage(v);
       sqlite3VdbeAddOp3(v, OP_MakeRecord, dest.iSdst, dest.nSdst, regRec);
       sqlite3TableAffinity(v, p, 0);
-      sqlite3VdbeAddOp2(v, OP_NewRowid, 1, regRowid);
-      sqlite3VdbeAddOp3(v, OP_Insert, 1, regRec, regRowid);
+      sqlite3VdbeAddOp2(v, OP_NewRowid, iCsr, regRowid);
+      sqlite3VdbeAddOp3(v, OP_Insert, iCsr, regRec, regRowid);
       sqlite3VdbeGoto(v, addrInsLoop);
       sqlite3VdbeJumpHere(v, addrInsLoop);
-      sqlite3VdbeAddOp1(v, OP_Close, 1);
+      sqlite3VdbeAddOp1(v, OP_Close, iCsr);
     }
 
     /* Compute the complete text of the CREATE statement */
@@ -123490,13 +124291,10 @@ SQLITE_PRIVATE void sqlite3EndTable(
     /* Test for cycles in generated columns and illegal expressions
     ** in CHECK constraints and in DEFAULT clauses. */
     if( p->tabFlags & TF_HasGenerated ){
-      sqlite3VdbeAddOp4(v, OP_SqlExec, 1, 0, 0,
+      sqlite3VdbeAddOp4(v, OP_SqlExec, 0x0001, 0, 0,
              sqlite3MPrintf(db, "SELECT*FROM\"%w\".\"%w\"",
                    db->aDb[iDb].zDbSName, p->zName), P4_DYNAMIC);
     }
-    sqlite3VdbeAddOp4(v, OP_SqlExec, 1, 0, 0,
-           sqlite3MPrintf(db, "PRAGMA \"%w\".integrity_check(%Q)",
-                 db->aDb[iDb].zDbSName, p->zName), P4_DYNAMIC);
   }
 
   /* Add the table to the in-memory representation of the database.
@@ -123573,9 +124371,12 @@ SQLITE_PRIVATE void sqlite3CreateView(
   ** on a view, even though views do not have rowids.  The following flag
   ** setting fixes this problem.  But the fix can be disabled by compiling
   ** with -DSQLITE_ALLOW_ROWID_IN_VIEW in case there are legacy apps that
-  ** depend upon the old buggy behavior. */
-#ifndef SQLITE_ALLOW_ROWID_IN_VIEW
-  p->tabFlags |= TF_NoVisibleRowid;
+  ** depend upon the old buggy behavior.  The ability can also be toggled
+  ** using sqlite3_config(SQLITE_CONFIG_ROWID_IN_VIEW,...) */
+#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
+  p->tabFlags |= sqlite3Config.mNoVisibleRowid; /* Optional. Allow by default */
+#else
+  p->tabFlags |= TF_NoVisibleRowid;             /* Never allow rowid in view */
 #endif
 
   sqlite3TwoPartName(pParse, pName1, pName2, &pName);
@@ -123631,8 +124432,9 @@ SQLITE_PRIVATE void sqlite3CreateView(
 #if !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_VIRTUALTABLE)
 /*
 ** The Table structure pTable is really a VIEW.  Fill in the names of
-** the columns of the view in the pTable structure.  Return the number
-** of errors.  If an error is seen leave an error message in pParse->zErrMsg.
+** the columns of the view in the pTable structure.  Return non-zero if
+** there are errors.  If an error is seen an error message is left
+** in pParse->zErrMsg.
 */
 static SQLITE_NOINLINE int viewGetColumnNames(Parse *pParse, Table *pTable){
   Table *pSelTab;   /* A fake table from which we get the result set */
@@ -123755,7 +124557,7 @@ static SQLITE_NOINLINE int viewGetColumnNames(Parse *pParse, Table *pTable){
     sqlite3DeleteColumnNames(db, pTable);
   }
 #endif /* SQLITE_OMIT_VIEW */
-  return nErr;
+  return nErr + pParse->nErr;
 }
 SQLITE_PRIVATE int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){
   assert( pTable!=0 );
@@ -128948,13 +129750,13 @@ SQLITE_PRIVATE void sqlite3QuoteValue(StrAccum *pStr, sqlite3_value *pValue){
       double r1, r2;
       const char *zVal;
       r1 = sqlite3_value_double(pValue);
-      sqlite3_str_appendf(pStr, "%!.15g", r1);
+      sqlite3_str_appendf(pStr, "%!0.15g", r1);
       zVal = sqlite3_str_value(pStr);
       if( zVal ){
         sqlite3AtoF(zVal, &r2, pStr->nChar, SQLITE_UTF8);
         if( r1!=r2 ){
           sqlite3_str_reset(pStr);
-          sqlite3_str_appendf(pStr, "%!.20e", r1);
+          sqlite3_str_appendf(pStr, "%!0.20e", r1);
         }
       }
       break;
@@ -129256,7 +130058,7 @@ static void replaceFunc(
   }
   if( zPattern[0]==0 ){
     assert( sqlite3_value_type(argv[1])!=SQLITE_NULL );
-    sqlite3_result_value(context, argv[0]);
+    sqlite3_result_text(context, (const char*)zStr, nStr, SQLITE_TRANSIENT);
     return;
   }
   nPattern = sqlite3_value_bytes(argv[1]);
@@ -129739,7 +130541,7 @@ static void sumFinalize(sqlite3_context *context){
     if( p->approx ){
       if( p->ovrfl ){
         sqlite3_result_error(context,"integer overflow",-1);
-      }else if( !sqlite3IsNaN(p->rErr) ){
+      }else if( !sqlite3IsOverflow(p->rErr) ){
         sqlite3_result_double(context, p->rSum+p->rErr);
       }else{
         sqlite3_result_double(context, p->rSum);
@@ -129756,7 +130558,7 @@ static void avgFinalize(sqlite3_context *context){
     double r;
     if( p->approx ){
       r = p->rSum;
-      if( !sqlite3IsNaN(p->rErr) ) r += p->rErr;
+      if( !sqlite3IsOverflow(p->rErr) ) r += p->rErr;
     }else{
       r = (double)(p->iSum);
     }
@@ -129770,7 +130572,7 @@ static void totalFinalize(sqlite3_context *context){
   if( p ){
     if( p->approx ){
       r = p->rSum;
-      if( !sqlite3IsNaN(p->rErr) ) r += p->rErr;
+      if( !sqlite3IsOverflow(p->rErr) ) r += p->rErr;
     }else{
       r = (double)(p->iSum);
     }
@@ -130053,6 +130855,8 @@ static void groupConcatValue(sqlite3_context *context){
       sqlite3_result_error_toobig(context);
     }else if( pAccum->accError==SQLITE_NOMEM ){
       sqlite3_result_error_nomem(context);
+    }else if( pGCC->nAccum>0 && pAccum->nChar==0 ){
+      sqlite3_result_text(context, "", 1, SQLITE_STATIC);
     }else{
       const char *zText = sqlite3_str_value(pAccum);
       sqlite3_result_text(context, zText, pAccum->nChar, SQLITE_TRANSIENT);
@@ -132667,6 +133471,196 @@ SQLITE_PRIVATE void sqlite3AutoincrementEnd(Parse *pParse){
 # define autoIncStep(A,B,C)
 #endif /* SQLITE_OMIT_AUTOINCREMENT */
 
+/*
+** If argument pVal is a Select object returned by an sqlite3MultiValues()
+** that was able to use the co-routine optimization, finish coding the
+** co-routine.
+*/
+SQLITE_PRIVATE void sqlite3MultiValuesEnd(Parse *pParse, Select *pVal){
+  if( ALWAYS(pVal) && pVal->pSrc->nSrc>0 ){
+    SrcItem *pItem = &pVal->pSrc->a[0];
+    sqlite3VdbeEndCoroutine(pParse->pVdbe, pItem->regReturn);
+    sqlite3VdbeJumpHere(pParse->pVdbe, pItem->addrFillSub - 1);
+  }
+}
+
+/*
+** Return true if all expressions in the expression-list passed as the
+** only argument are constant.
+*/
+static int exprListIsConstant(Parse *pParse, ExprList *pRow){
+  int ii;
+  for(ii=0; iinExpr; ii++){
+    if( 0==sqlite3ExprIsConstant(pParse, pRow->a[ii].pExpr) ) return 0;
+  }
+  return 1;
+}
+
+/*
+** Return true if all expressions in the expression-list passed as the
+** only argument are both constant and have no affinity.
+*/
+static int exprListIsNoAffinity(Parse *pParse, ExprList *pRow){
+  int ii;
+  if( exprListIsConstant(pParse,pRow)==0 ) return 0;
+  for(ii=0; iinExpr; ii++){
+    Expr *pExpr = pRow->a[ii].pExpr;
+    assert( pExpr->op!=TK_RAISE );
+    assert( pExpr->affExpr==0 );
+    if( 0!=sqlite3ExprAffinity(pExpr) ) return 0;
+  }
+  return 1;
+
+}
+
+/*
+** This function is called by the parser for the second and subsequent
+** rows of a multi-row VALUES clause. Argument pLeft is the part of
+** the VALUES clause already parsed, argument pRow is the vector of values
+** for the new row. The Select object returned represents the complete
+** VALUES clause, including the new row.
+**
+** There are two ways in which this may be achieved - by incremental
+** coding of a co-routine (the "co-routine" method) or by returning a
+** Select object equivalent to the following (the "UNION ALL" method):
+**
+**        "pLeft UNION ALL SELECT pRow"
+**
+** If the VALUES clause contains a lot of rows, this compound Select
+** object may consume a lot of memory.
+**
+** When the co-routine method is used, each row that will be returned
+** by the VALUES clause is coded into part of a co-routine as it is
+** passed to this function. The returned Select object is equivalent to:
+**
+**     SELECT * FROM (
+**       Select object to read co-routine
+**     )
+**
+** The co-routine method is used in most cases. Exceptions are:
+**
+**    a) If the current statement has a WITH clause. This is to avoid
+**       statements like:
+**
+**            WITH cte AS ( VALUES('x'), ('y') ... )
+**            SELECT * FROM cte AS a, cte AS b;
+**
+**       This will not work, as the co-routine uses a hard-coded register
+**       for its OP_Yield instructions, and so it is not possible for two
+**       cursors to iterate through it concurrently.
+**
+**    b) The schema is currently being parsed (i.e. the VALUES clause is part
+**       of a schema item like a VIEW or TRIGGER). In this case there is no VM
+**       being generated when parsing is taking place, and so generating
+**       a co-routine is not possible.
+**
+**    c) There are non-constant expressions in the VALUES clause (e.g.
+**       the VALUES clause is part of a correlated sub-query).
+**
+**    d) One or more of the values in the first row of the VALUES clause
+**       has an affinity (i.e. is a CAST expression). This causes problems
+**       because the complex rules SQLite uses (see function
+**       sqlite3SubqueryColumnTypes() in select.c) to determine the effective
+**       affinity of such a column for all rows require access to all values in
+**       the column simultaneously.
+*/
+SQLITE_PRIVATE Select *sqlite3MultiValues(Parse *pParse, Select *pLeft, ExprList *pRow){
+
+  if( pParse->bHasWith                   /* condition (a) above */
+   || pParse->db->init.busy              /* condition (b) above */
+   || exprListIsConstant(pParse,pRow)==0 /* condition (c) above */
+   || (pLeft->pSrc->nSrc==0 &&
+       exprListIsNoAffinity(pParse,pLeft->pEList)==0) /* condition (d) above */
+   || IN_SPECIAL_PARSE
+  ){
+    /* The co-routine method cannot be used. Fall back to UNION ALL. */
+    Select *pSelect = 0;
+    int f = SF_Values | SF_MultiValue;
+    if( pLeft->pSrc->nSrc ){
+      sqlite3MultiValuesEnd(pParse, pLeft);
+      f = SF_Values;
+    }else if( pLeft->pPrior ){
+      /* In this case set the SF_MultiValue flag only if it was set on pLeft */
+      f = (f & pLeft->selFlags);
+    }
+    pSelect = sqlite3SelectNew(pParse, pRow, 0, 0, 0, 0, 0, f, 0);
+    pLeft->selFlags &= ~SF_MultiValue;
+    if( pSelect ){
+      pSelect->op = TK_ALL;
+      pSelect->pPrior = pLeft;
+      pLeft = pSelect;
+    }
+  }else{
+    SrcItem *p = 0;               /* SrcItem that reads from co-routine */
+
+    if( pLeft->pSrc->nSrc==0 ){
+      /* Co-routine has not yet been started and the special Select object
+      ** that accesses the co-routine has not yet been created. This block
+      ** does both those things. */
+      Vdbe *v = sqlite3GetVdbe(pParse);
+      Select *pRet = sqlite3SelectNew(pParse, 0, 0, 0, 0, 0, 0, 0, 0);
+
+      /* Ensure the database schema has been read. This is to ensure we have
+      ** the correct text encoding.  */
+      if( (pParse->db->mDbFlags & DBFLAG_SchemaKnownOk)==0 ){
+        sqlite3ReadSchema(pParse);
+      }
+
+      if( pRet ){
+        SelectDest dest;
+        pRet->pSrc->nSrc = 1;
+        pRet->pPrior = pLeft->pPrior;
+        pRet->op = pLeft->op;
+        if( pRet->pPrior ) pRet->selFlags |= SF_Values;
+        pLeft->pPrior = 0;
+        pLeft->op = TK_SELECT;
+        assert( pLeft->pNext==0 );
+        assert( pRet->pNext==0 );
+        p = &pRet->pSrc->a[0];
+        p->pSelect = pLeft;
+        p->fg.viaCoroutine = 1;
+        p->addrFillSub = sqlite3VdbeCurrentAddr(v) + 1;
+        p->regReturn = ++pParse->nMem;
+        p->iCursor = -1;
+        p->u1.nRow = 2;
+        sqlite3VdbeAddOp3(v,OP_InitCoroutine,p->regReturn,0,p->addrFillSub);
+        sqlite3SelectDestInit(&dest, SRT_Coroutine, p->regReturn);
+
+        /* Allocate registers for the output of the co-routine. Do so so
+        ** that there are two unused registers immediately before those
+        ** used by the co-routine. This allows the code in sqlite3Insert()
+        ** to use these registers directly, instead of copying the output
+        ** of the co-routine to a separate array for processing.  */
+        dest.iSdst = pParse->nMem + 3;
+        dest.nSdst = pLeft->pEList->nExpr;
+        pParse->nMem += 2 + dest.nSdst;
+
+        pLeft->selFlags |= SF_MultiValue;
+        sqlite3Select(pParse, pLeft, &dest);
+        p->regResult = dest.iSdst;
+        assert( pParse->nErr || dest.iSdst>0 );
+        pLeft = pRet;
+      }
+    }else{
+      p = &pLeft->pSrc->a[0];
+      assert( !p->fg.isTabFunc && !p->fg.isIndexedBy );
+      p->u1.nRow++;
+    }
+
+    if( pParse->nErr==0 ){
+      assert( p!=0 );
+      if( p->pSelect->pEList->nExpr!=pRow->nExpr ){
+        sqlite3SelectWrongNumTermsError(pParse, p->pSelect);
+      }else{
+        sqlite3ExprCodeExprList(pParse, pRow, p->regResult, 0, 0);
+        sqlite3VdbeAddOp1(pParse->pVdbe, OP_Yield, p->regReturn);
+      }
+    }
+    sqlite3ExprListDelete(pParse->db, pRow);
+  }
+
+  return pLeft;
+}
 
 /* Forward declaration */
 static int xferOptimization(
@@ -133003,25 +133997,40 @@ SQLITE_PRIVATE void sqlite3Insert(
   if( pSelect ){
     /* Data is coming from a SELECT or from a multi-row VALUES clause.
     ** Generate a co-routine to run the SELECT. */
-    int regYield;       /* Register holding co-routine entry-point */
-    int addrTop;        /* Top of the co-routine */
     int rc;             /* Result code */
 
-    regYield = ++pParse->nMem;
-    addrTop = sqlite3VdbeCurrentAddr(v) + 1;
-    sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, addrTop);
-    sqlite3SelectDestInit(&dest, SRT_Coroutine, regYield);
-    dest.iSdst = bIdListInOrder ? regData : 0;
-    dest.nSdst = pTab->nCol;
-    rc = sqlite3Select(pParse, pSelect, &dest);
-    regFromSelect = dest.iSdst;
-    assert( db->pParse==pParse );
-    if( rc || pParse->nErr ) goto insert_cleanup;
-    assert( db->mallocFailed==0 );
-    sqlite3VdbeEndCoroutine(v, regYield);
-    sqlite3VdbeJumpHere(v, addrTop - 1);                       /* label B: */
-    assert( pSelect->pEList );
-    nColumn = pSelect->pEList->nExpr;
+    if( pSelect->pSrc->nSrc==1
+     && pSelect->pSrc->a[0].fg.viaCoroutine
+     && pSelect->pPrior==0
+    ){
+      SrcItem *pItem = &pSelect->pSrc->a[0];
+      dest.iSDParm = pItem->regReturn;
+      regFromSelect = pItem->regResult;
+      nColumn = pItem->pSelect->pEList->nExpr;
+      ExplainQueryPlan((pParse, 0, "SCAN %S", pItem));
+      if( bIdListInOrder && nColumn==pTab->nCol ){
+        regData = regFromSelect;
+        regRowid = regData - 1;
+        regIns = regRowid - (IsVirtual(pTab) ? 1 : 0);
+      }
+    }else{
+      int addrTop;        /* Top of the co-routine */
+      int regYield = ++pParse->nMem;
+      addrTop = sqlite3VdbeCurrentAddr(v) + 1;
+      sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, addrTop);
+      sqlite3SelectDestInit(&dest, SRT_Coroutine, regYield);
+      dest.iSdst = bIdListInOrder ? regData : 0;
+      dest.nSdst = pTab->nCol;
+      rc = sqlite3Select(pParse, pSelect, &dest);
+      regFromSelect = dest.iSdst;
+      assert( db->pParse==pParse );
+      if( rc || pParse->nErr ) goto insert_cleanup;
+      assert( db->mallocFailed==0 );
+      sqlite3VdbeEndCoroutine(v, regYield);
+      sqlite3VdbeJumpHere(v, addrTop - 1);                       /* label B: */
+      assert( pSelect->pEList );
+      nColumn = pSelect->pEList->nExpr;
+    }
 
     /* Set useTempTable to TRUE if the result of the SELECT statement
     ** should be written into a temporary table (template 4).  Set to
@@ -133176,7 +134185,7 @@ SQLITE_PRIVATE void sqlite3Insert(
       pNx->iDataCur = iDataCur;
       pNx->iIdxCur = iIdxCur;
       if( pNx->pUpsertTarget ){
-        if( sqlite3UpsertAnalyzeTarget(pParse, pTabList, pNx) ){
+        if( sqlite3UpsertAnalyzeTarget(pParse, pTabList, pNx, pUpsert) ){
           goto insert_cleanup;
         }
       }
@@ -135068,7 +136077,10 @@ static int xferOptimization(
     }
   }
 #ifndef SQLITE_OMIT_CHECK
-  if( pDest->pCheck && sqlite3ExprListCompare(pSrc->pCheck,pDest->pCheck,-1) ){
+  if( pDest->pCheck
+   && (db->mDbFlags & DBFLAG_Vacuum)==0
+   && sqlite3ExprListCompare(pSrc->pCheck,pDest->pCheck,-1)
+  ){
     return 0;   /* Tables have different CHECK constraints.  Ticket #2252 */
   }
 #endif
@@ -137743,6 +138755,34 @@ static const PragmaName aPragmaName[] = {
 /************** End of pragma.h **********************************************/
 /************** Continuing where we left off in pragma.c *********************/
 
+/*
+** When the 0x10 bit of PRAGMA optimize is set, any ANALYZE commands
+** will be run with an analysis_limit set to the lessor of the value of
+** the following macro or to the actual analysis_limit if it is non-zero,
+** in order to prevent PRAGMA optimize from running for too long.
+**
+** The value of 2000 is chosen emperically so that the worst-case run-time
+** for PRAGMA optimize does not exceed 100 milliseconds against a variety
+** of test databases on a RaspberryPI-4 compiled using -Os and without
+** -DSQLITE_DEBUG.  Of course, your mileage may vary.  For the purpose of
+** this paragraph, "worst-case" means that ANALYZE ends up being
+** run on every table in the database.  The worst case typically only
+** happens if PRAGMA optimize is run on a database file for which ANALYZE
+** has not been previously run and the 0x10000 flag is included so that
+** all tables are analyzed.  The usual case for PRAGMA optimize is that
+** no ANALYZE commands will be run at all, or if any ANALYZE happens it
+** will be against a single table, so that expected timing for PRAGMA
+** optimize on a PI-4 is more like 1 millisecond or less with the 0x10000
+** flag or less than 100 microseconds without the 0x10000 flag.
+**
+** An analysis limit of 2000 is almost always sufficient for the query
+** planner to fully characterize an index.  The additional accuracy from
+** a larger analysis is not usually helpful.
+*/
+#ifndef SQLITE_DEFAULT_OPTIMIZE_LIMIT
+# define SQLITE_DEFAULT_OPTIMIZE_LIMIT 2000
+#endif
+
 /*
 ** Interpret the given string as a safety level.  Return 0 for OFF,
 ** 1 for ON or NORMAL, 2 for FULL, and 3 for EXTRA.  Return 1 for an empty or
@@ -139388,7 +140428,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
     /* Set the maximum error count */
     mxErr = SQLITE_INTEGRITY_CHECK_ERROR_MAX;
     if( zRight ){
-      if( sqlite3GetInt32(zRight, &mxErr) ){
+      if( sqlite3GetInt32(pValue->z, &mxErr) ){
         if( mxErr<=0 ){
           mxErr = SQLITE_INTEGRITY_CHECK_ERROR_MAX;
         }
@@ -139405,7 +140445,6 @@ SQLITE_PRIVATE void sqlite3Pragma(
       Hash *pTbls;     /* Set of all tables in the schema */
       int *aRoot;      /* Array of root page numbers of all btrees */
       int cnt = 0;     /* Number of entries in aRoot[] */
-      int mxIdx = 0;   /* Maximum number of indexes for any table */
 
       if( OMIT_TEMPDB && i==1 ) continue;
       if( iDb>=0 && i!=iDb ) continue;
@@ -139427,7 +140466,6 @@ SQLITE_PRIVATE void sqlite3Pragma(
         if( pObjTab && pObjTab!=pTab ) continue;
         if( HasRowid(pTab) ) cnt++;
         for(nIdx=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, nIdx++){ cnt++; }
-        if( nIdx>mxIdx ) mxIdx = nIdx;
       }
       if( cnt==0 ) continue;
       if( pObjTab ) cnt++;
@@ -139447,11 +140485,11 @@ SQLITE_PRIVATE void sqlite3Pragma(
       aRoot[0] = cnt;
 
       /* Make sure sufficient number of registers have been allocated */
-      sqlite3TouchRegister(pParse, 8+mxIdx);
+      sqlite3TouchRegister(pParse, 8+cnt);
       sqlite3ClearTempRegCache(pParse);
 
       /* Do the b-tree integrity checks */
-      sqlite3VdbeAddOp4(v, OP_IntegrityCk, 2, cnt, 1, (char*)aRoot,P4_INTARRAY);
+      sqlite3VdbeAddOp4(v, OP_IntegrityCk, 1, cnt, 8, (char*)aRoot,P4_INTARRAY);
       sqlite3VdbeChangeP5(v, (u8)i);
       addr = sqlite3VdbeAddOp1(v, OP_IsNull, 2); VdbeCoverage(v);
       sqlite3VdbeAddOp4(v, OP_String8, 0, 3, 0,
@@ -139461,6 +140499,36 @@ SQLITE_PRIVATE void sqlite3Pragma(
       integrityCheckResultRow(v);
       sqlite3VdbeJumpHere(v, addr);
 
+      /* Check that the indexes all have the right number of rows */
+      cnt = pObjTab ? 1 : 0;
+      sqlite3VdbeLoadString(v, 2, "wrong # of entries in index ");
+      for(x=sqliteHashFirst(pTbls); x; x=sqliteHashNext(x)){
+        int iTab = 0;
+        Table *pTab = sqliteHashData(x);
+        Index *pIdx;
+        if( pObjTab && pObjTab!=pTab ) continue;
+        if( HasRowid(pTab) ){
+          iTab = cnt++;
+        }else{
+          iTab = cnt;
+          for(pIdx=pTab->pIndex; ALWAYS(pIdx); pIdx=pIdx->pNext){
+            if( IsPrimaryKeyIndex(pIdx) ) break;
+            iTab++;
+          }
+        }
+        for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+          if( pIdx->pPartIdxWhere==0 ){
+            addr = sqlite3VdbeAddOp3(v, OP_Eq, 8+cnt, 0, 8+iTab);
+            VdbeCoverageNeverNull(v);
+            sqlite3VdbeLoadString(v, 4, pIdx->zName);
+            sqlite3VdbeAddOp3(v, OP_Concat, 4, 2, 3);
+            integrityCheckResultRow(v);
+            sqlite3VdbeJumpHere(v, addr);
+          }
+          cnt++;
+        }
+      }
+
       /* Make sure all the indices are constructed correctly.
       */
       for(x=sqliteHashFirst(pTbls); x; x=sqliteHashNext(x)){
@@ -139475,31 +140543,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
         int mxCol;              /* Maximum non-virtual column number */
 
         if( pObjTab && pObjTab!=pTab ) continue;
-        if( !IsOrdinaryTable(pTab) ){
-#ifndef SQLITE_OMIT_VIRTUALTABLE
-          sqlite3_vtab *pVTab;
-          int a1;
-          if( !IsVirtual(pTab) ) continue;
-          if( pTab->nCol<=0 ){
-            const char *zMod = pTab->u.vtab.azArg[0];
-            if( sqlite3HashFind(&db->aModule, zMod)==0 ) continue;
-          }
-          sqlite3ViewGetColumnNames(pParse, pTab);
-          if( pTab->u.vtab.p==0 ) continue;
-          pVTab = pTab->u.vtab.p->pVtab;
-          if( NEVER(pVTab==0) ) continue;
-          if( NEVER(pVTab->pModule==0) ) continue;
-          if( pVTab->pModule->iVersion<4 ) continue;
-          if( pVTab->pModule->xIntegrity==0 ) continue;
-          sqlite3VdbeAddOp3(v, OP_VCheck, i, 3, isQuick);
-          pTab->nTabRef++;
-          sqlite3VdbeAppendP4(v, pTab, P4_TABLEREF);
-          a1 = sqlite3VdbeAddOp1(v, OP_IsNull, 3); VdbeCoverage(v);
-          integrityCheckResultRow(v);
-          sqlite3VdbeJumpHere(v, a1);
-#endif
-          continue;
-        }
+        if( !IsOrdinaryTable(pTab) ) continue;
         if( isQuick || HasRowid(pTab) ){
           pPk = 0;
           r2 = 0;
@@ -139634,6 +140678,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
               ** is REAL, we have to load the actual data using OP_Column
               ** to reliably determine if the value is a NULL. */
               sqlite3VdbeAddOp3(v, OP_Column, p1, p3, 3);
+              sqlite3ColumnDefault(v, pTab, j, 3);
               jmp3 = sqlite3VdbeAddOp2(v, OP_NotNull, 3, labelOk);
               VdbeCoverage(v);
             }
@@ -139807,23 +140852,43 @@ SQLITE_PRIVATE void sqlite3Pragma(
         }
         sqlite3VdbeAddOp2(v, OP_Next, iDataCur, loopTop); VdbeCoverage(v);
         sqlite3VdbeJumpHere(v, loopTop-1);
-        if( !isQuick ){
-          sqlite3VdbeLoadString(v, 2, "wrong # of entries in index ");
-          for(j=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, j++){
-            if( pPk==pIdx ) continue;
-            sqlite3VdbeAddOp2(v, OP_Count, iIdxCur+j, 3);
-            addr = sqlite3VdbeAddOp3(v, OP_Eq, 8+j, 0, 3); VdbeCoverage(v);
-            sqlite3VdbeChangeP5(v, SQLITE_NOTNULL);
-            sqlite3VdbeLoadString(v, 4, pIdx->zName);
-            sqlite3VdbeAddOp3(v, OP_Concat, 4, 2, 3);
-            integrityCheckResultRow(v);
-            sqlite3VdbeJumpHere(v, addr);
-          }
-          if( pPk ){
-            sqlite3ReleaseTempRange(pParse, r2, pPk->nKeyCol);
-          }
+        if( pPk ){
+          assert( !isQuick );
+          sqlite3ReleaseTempRange(pParse, r2, pPk->nKeyCol);
         }
       }
+
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+      /* Second pass to invoke the xIntegrity method on all virtual
+      ** tables.
+      */
+      for(x=sqliteHashFirst(pTbls); x; x=sqliteHashNext(x)){
+        Table *pTab = sqliteHashData(x);
+        sqlite3_vtab *pVTab;
+        int a1;
+        if( pObjTab && pObjTab!=pTab ) continue;
+        if( IsOrdinaryTable(pTab) ) continue;
+        if( !IsVirtual(pTab) ) continue;
+        if( pTab->nCol<=0 ){
+          const char *zMod = pTab->u.vtab.azArg[0];
+          if( sqlite3HashFind(&db->aModule, zMod)==0 ) continue;
+        }
+        sqlite3ViewGetColumnNames(pParse, pTab);
+        if( pTab->u.vtab.p==0 ) continue;
+        pVTab = pTab->u.vtab.p->pVtab;
+        if( NEVER(pVTab==0) ) continue;
+        if( NEVER(pVTab->pModule==0) ) continue;
+        if( pVTab->pModule->iVersion<4 ) continue;
+        if( pVTab->pModule->xIntegrity==0 ) continue;
+        sqlite3VdbeAddOp3(v, OP_VCheck, i, 3, isQuick);
+        pTab->nTabRef++;
+        sqlite3VdbeAppendP4(v, pTab, P4_TABLEREF);
+        a1 = sqlite3VdbeAddOp1(v, OP_IsNull, 3); VdbeCoverage(v);
+        integrityCheckResultRow(v);
+        sqlite3VdbeJumpHere(v, a1);
+        continue;
+      }
+#endif
     }
     {
       static const int iLn = VDBE_OFFSET_LINENO(2);
@@ -140087,44 +141152,63 @@ SQLITE_PRIVATE void sqlite3Pragma(
   **
   ** The optional argument is a bitmask of optimizations to perform:
   **
-  **    0x0001    Debugging mode.  Do not actually perform any optimizations
-  **              but instead return one line of text for each optimization
-  **              that would have been done.  Off by default.
+  **    0x00001    Debugging mode.  Do not actually perform any optimizations
+  **               but instead return one line of text for each optimization
+  **               that would have been done.  Off by default.
   **
-  **    0x0002    Run ANALYZE on tables that might benefit.  On by default.
-  **              See below for additional information.
+  **    0x00002    Run ANALYZE on tables that might benefit.  On by default.
+  **               See below for additional information.
   **
-  **    0x0004    (Not yet implemented) Record usage and performance
-  **              information from the current session in the
-  **              database file so that it will be available to "optimize"
-  **              pragmas run by future database connections.
+  **    0x00010    Run all ANALYZE operations using an analysis_limit that
+  **               is the lessor of the current analysis_limit and the
+  **               SQLITE_DEFAULT_OPTIMIZE_LIMIT compile-time option.
+  **               The default value of SQLITE_DEFAULT_OPTIMIZE_LIMIT is
+  **               currently (2024-02-19) set to 2000, which is such that
+  **               the worst case run-time for PRAGMA optimize on a 100MB
+  **               database will usually be less than 100 milliseconds on
+  **               a RaspberryPI-4 class machine.  On by default.
   **
-  **    0x0008    (Not yet implemented) Create indexes that might have
-  **              been helpful to recent queries
+  **    0x10000    Look at tables to see if they need to be reanalyzed
+  **               due to growth or shrinkage even if they have not been
+  **               queried during the current connection.  Off by default.
   **
-  ** The default MASK is and always shall be 0xfffe.  0xfffe means perform all
-  ** of the optimizations listed above except Debug Mode, including new
-  ** optimizations that have not yet been invented.  If new optimizations are
-  ** ever added that should be off by default, those off-by-default
-  ** optimizations will have bitmasks of 0x10000 or larger.
+  ** The default MASK is and always shall be 0x0fffe.  In the current
+  ** implementation, the default mask only covers the 0x00002 optimization,
+  ** though additional optimizations that are covered by 0x0fffe might be
+  ** added in the future.  Optimizations that are off by default and must
+  ** be explicitly requested have masks of 0x10000 or greater.
   **
   ** DETERMINATION OF WHEN TO RUN ANALYZE
   **
   ** In the current implementation, a table is analyzed if only if all of
   ** the following are true:
   **
-  ** (1) MASK bit 0x02 is set.
+  ** (1) MASK bit 0x00002 is set.
   **
-  ** (2) The query planner used sqlite_stat1-style statistics for one or
-  **     more indexes of the table at some point during the lifetime of
-  **     the current connection.
+  ** (2) The table is an ordinary table, not a virtual table or view.
   **
-  ** (3) One or more indexes of the table are currently unanalyzed OR
-  **     the number of rows in the table has increased by 25 times or more
-  **     since the last time ANALYZE was run.
+  ** (3) The table name does not begin with "sqlite_".
+  **
+  ** (4) One or more of the following is true:
+  **      (4a) The 0x10000 MASK bit is set.
+  **      (4b) One or more indexes on the table lacks an entry
+  **           in the sqlite_stat1 table.
+  **      (4c) The query planner used sqlite_stat1-style statistics for one
+  **           or more indexes of the table at some point during the lifetime
+  **           of the current connection.
+  **
+  ** (5) One or more of the following is true:
+  **      (5a) One or more indexes on the table lacks an entry
+  **           in the sqlite_stat1 table.  (Same as 4a)
+  **      (5b) The number of rows in the table has increased or decreased by
+  **           10-fold.  In other words, the current size of the table is
+  **           10 times larger than the size in sqlite_stat1 or else the
+  **           current size is less than 1/10th the size in sqlite_stat1.
   **
   ** The rules for when tables are analyzed are likely to change in
-  ** future releases.
+  ** future releases.  Future versions of SQLite might accept a string
+  ** literal argument to this pragma that contains a mnemonic description
+  ** of the options rather than a bitmap.
   */
   case PragTyp_OPTIMIZE: {
     int iDbLast;           /* Loop termination point for the schema loop */
@@ -140136,6 +141220,10 @@ SQLITE_PRIVATE void sqlite3Pragma(
     LogEst szThreshold;    /* Size threshold above which reanalysis needed */
     char *zSubSql;         /* SQL statement for the OP_SqlExec opcode */
     u32 opMask;            /* Mask of operations to perform */
+    int nLimit;            /* Analysis limit to use */
+    int nCheck = 0;        /* Number of tables to be optimized */
+    int nBtree = 0;        /* Number of btrees to scan */
+    int nIndex;            /* Number of indexes on the current table */
 
     if( zRight ){
       opMask = (u32)sqlite3Atoi(zRight);
@@ -140143,6 +141231,14 @@ SQLITE_PRIVATE void sqlite3Pragma(
     }else{
       opMask = 0xfffe;
     }
+    if( (opMask & 0x10)==0 ){
+      nLimit = 0;
+    }else if( db->nAnalysisLimit>0
+           && db->nAnalysisLimitnTab++;
     for(iDbLast = zDb?iDb:db->nDb-1; iDb<=iDbLast; iDb++){
       if( iDb==1 ) continue;
@@ -140151,23 +141247,61 @@ SQLITE_PRIVATE void sqlite3Pragma(
       for(k=sqliteHashFirst(&pSchema->tblHash); k; k=sqliteHashNext(k)){
         pTab = (Table*)sqliteHashData(k);
 
-        /* If table pTab has not been used in a way that would benefit from
-        ** having analysis statistics during the current session, then skip it.
-        ** This also has the effect of skipping virtual tables and views */
-        if( (pTab->tabFlags & TF_StatsUsed)==0 ) continue;
+        /* This only works for ordinary tables */
+        if( !IsOrdinaryTable(pTab) ) continue;
+
+        /* Do not scan system tables */
+        if( 0==sqlite3StrNICmp(pTab->zName, "sqlite_", 7) ) continue;
 
-        /* Reanalyze if the table is 25 times larger than the last analysis */
-        szThreshold = pTab->nRowLogEst + 46; assert( sqlite3LogEst(25)==46 );
+        /* Find the size of the table as last recorded in sqlite_stat1.
+        ** If any index is unanalyzed, then the threshold is -1 to
+        ** indicate a new, unanalyzed index
+        */
+        szThreshold = pTab->nRowLogEst;
+        nIndex = 0;
         for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
+          nIndex++;
           if( !pIdx->hasStat1 ){
-            szThreshold = 0; /* Always analyze if any index lacks statistics */
-            break;
+            szThreshold = -1; /* Always analyze if any index lacks statistics */
           }
         }
-        if( szThreshold ){
-          sqlite3OpenTable(pParse, iTabCur, iDb, pTab, OP_OpenRead);
-          sqlite3VdbeAddOp3(v, OP_IfSmaller, iTabCur,
-                         sqlite3VdbeCurrentAddr(v)+2+(opMask&1), szThreshold);
+
+        /* If table pTab has not been used in a way that would benefit from
+        ** having analysis statistics during the current session, then skip it,
+        ** unless the 0x10000 MASK bit is set. */
+        if( (pTab->tabFlags & TF_MaybeReanalyze)!=0 ){
+          /* Check for size change if stat1 has been used for a query */
+        }else if( opMask & 0x10000 ){
+          /* Check for size change if 0x10000 is set */
+        }else if( pTab->pIndex!=0 && szThreshold<0 ){
+          /* Do analysis if unanalyzed indexes exists */
+        }else{
+          /* Otherwise, we can skip this table */
+          continue;
+        }
+
+        nCheck++;
+        if( nCheck==2 ){
+          /* If ANALYZE might be invoked two or more times, hold a write
+          ** transaction for efficiency */
+          sqlite3BeginWriteOperation(pParse, 0, iDb);
+        }
+        nBtree += nIndex+1;
+
+        /* Reanalyze if the table is 10 times larger or smaller than
+        ** the last analysis.  Unconditional reanalysis if there are
+        ** unanalyzed indexes. */
+        sqlite3OpenTable(pParse, iTabCur, iDb, pTab, OP_OpenRead);
+        if( szThreshold>=0 ){
+          const LogEst iRange = 33;   /* 10x size change */
+          sqlite3VdbeAddOp4Int(v, OP_IfSizeBetween, iTabCur,
+                         sqlite3VdbeCurrentAddr(v)+2+(opMask&1),
+                         szThreshold>=iRange ? szThreshold-iRange : -1,
+                         szThreshold+iRange);
+          VdbeCoverage(v);
+        }else{
+          sqlite3VdbeAddOp2(v, OP_Rewind, iTabCur,
+                         sqlite3VdbeCurrentAddr(v)+2+(opMask&1));
           VdbeCoverage(v);
         }
         zSubSql = sqlite3MPrintf(db, "ANALYZE \"%w\".\"%w\"",
@@ -140177,11 +141311,27 @@ SQLITE_PRIVATE void sqlite3Pragma(
           sqlite3VdbeAddOp4(v, OP_String8, 0, r1, 0, zSubSql, P4_DYNAMIC);
           sqlite3VdbeAddOp2(v, OP_ResultRow, r1, 1);
         }else{
-          sqlite3VdbeAddOp4(v, OP_SqlExec, 0, 0, 0, zSubSql, P4_DYNAMIC);
+          sqlite3VdbeAddOp4(v, OP_SqlExec, nLimit ? 0x02 : 00, nLimit, 0,
+                            zSubSql, P4_DYNAMIC);
         }
       }
     }
     sqlite3VdbeAddOp0(v, OP_Expire);
+
+    /* In a schema with a large number of tables and indexes, scale back
+    ** the analysis_limit to avoid excess run-time in the worst case.
+    */
+    if( !db->mallocFailed && nLimit>0 && nBtree>100 ){
+      int iAddr, iEnd;
+      VdbeOp *aOp;
+      nLimit = 100*nLimit/nBtree;
+      if( nLimit<100 ) nLimit = 100;
+      aOp = sqlite3VdbeGetOp(v, 0);
+      iEnd = sqlite3VdbeCurrentAddr(v);
+      for(iAddr=0; iAddrnConstraint; i++, pConstraint++){
-    if( pConstraint->usable==0 ) continue;
-    if( pConstraint->op!=SQLITE_INDEX_CONSTRAINT_EQ ) continue;
     if( pConstraint->iColumn < pTab->iHidden ) continue;
+    if( pConstraint->op!=SQLITE_INDEX_CONSTRAINT_EQ ) continue;
+    if( pConstraint->usable==0 ) return SQLITE_CONSTRAINT;
     j = pConstraint->iColumn - pTab->iHidden;
     assert( j < 2 );
     seen[j] = i+1;
@@ -140460,12 +141610,13 @@ static int pragmaVtabBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
   j = seen[0]-1;
   pIdxInfo->aConstraintUsage[j].argvIndex = 1;
   pIdxInfo->aConstraintUsage[j].omit = 1;
-  if( seen[1]==0 ) return SQLITE_OK;
   pIdxInfo->estimatedCost = (double)20;
   pIdxInfo->estimatedRows = 20;
-  j = seen[1]-1;
-  pIdxInfo->aConstraintUsage[j].argvIndex = 2;
-  pIdxInfo->aConstraintUsage[j].omit = 1;
+  if( seen[1] ){
+    j = seen[1]-1;
+    pIdxInfo->aConstraintUsage[j].argvIndex = 2;
+    pIdxInfo->aConstraintUsage[j].omit = 1;
+  }
   return SQLITE_OK;
 }
 
@@ -140485,6 +141636,7 @@ static void pragmaVtabCursorClear(PragmaVtabCursor *pCsr){
   int i;
   sqlite3_finalize(pCsr->pPragma);
   pCsr->pPragma = 0;
+  pCsr->iRowid = 0;
   for(i=0; iazArg); i++){
     sqlite3_free(pCsr->azArg[i]);
     pCsr->azArg[i] = 0;
@@ -141285,7 +142437,13 @@ SQLITE_PRIVATE void *sqlite3ParserAddCleanup(
   void (*xCleanup)(sqlite3*,void*),   /* The cleanup routine */
   void *pPtr                          /* Pointer to object to be cleaned up */
 ){
-  ParseCleanup *pCleanup = sqlite3DbMallocRaw(pParse->db, sizeof(*pCleanup));
+  ParseCleanup *pCleanup;
+  if( sqlite3FaultSim(300) ){
+    pCleanup = 0;
+    sqlite3OomFault(pParse->db);
+  }else{
+    pCleanup = sqlite3DbMallocRaw(pParse->db, sizeof(*pCleanup));
+  }
   if( pCleanup ){
     pCleanup->pNext = pParse->pCleanup;
     pParse->pCleanup = pCleanup;
@@ -143407,9 +144565,16 @@ static void generateSortTail(
   int addrExplain;                /* Address of OP_Explain instruction */
 #endif
 
-  ExplainQueryPlan2(addrExplain, (pParse, 0,
-        "USE TEMP B-TREE FOR %sORDER BY", pSort->nOBSat>0?"RIGHT PART OF ":"")
-  );
+  nKey = pOrderBy->nExpr - pSort->nOBSat;
+  if( pSort->nOBSat==0 || nKey==1 ){
+    ExplainQueryPlan2(addrExplain, (pParse, 0,
+      "USE TEMP B-TREE FOR %sORDER BY", pSort->nOBSat?"LAST TERM OF ":""
+    ));
+  }else{
+    ExplainQueryPlan2(addrExplain, (pParse, 0,
+      "USE TEMP B-TREE FOR LAST %d TERMS OF ORDER BY", nKey
+    ));
+  }
   sqlite3VdbeScanStatusRange(v, addrExplain,pSort->addrPush,pSort->addrPushEnd);
   sqlite3VdbeScanStatusCounters(v, addrExplain, addrExplain, pSort->addrPush);
 
@@ -143447,7 +144612,6 @@ static void generateSortTail(
       regRow = sqlite3GetTempRange(pParse, nColumn);
     }
   }
-  nKey = pOrderBy->nExpr - pSort->nOBSat;
   if( pSort->sortFlags & SORTFLAG_UseSorter ){
     int regSortOut = ++pParse->nMem;
     iSortTab = pParse->nTab++;
@@ -143687,11 +144851,7 @@ static const char *columnTypeImpl(
         ** data for the result-set column of the sub-select.
         */
         if( iColpEList->nExpr
-#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
-         && iCol>=0
-#else
-         && ALWAYS(iCol>=0)
-#endif
+         && (!ViewCanHaveRowid || iCol>=0)
         ){
           /* If iCol is less than zero, then the expression requests the
           ** rowid of the sub-select or view. This expression is legal (see
@@ -144056,8 +145216,7 @@ SQLITE_PRIVATE void sqlite3SubqueryColumnTypes(
   NameContext sNC;
 
   assert( pSelect!=0 );
-  testcase( (pSelect->selFlags & SF_Resolved)==0 );
-  assert( (pSelect->selFlags & SF_Resolved)!=0 || IN_RENAME_OBJECT );
+  assert( (pSelect->selFlags & SF_Resolved)!=0 );
   assert( pTab->nCol==pSelect->pEList->nExpr || pParse->nErr>0 );
   assert( aff==SQLITE_AFF_NONE || aff==SQLITE_AFF_BLOB );
   if( db->mallocFailed || IN_RENAME_OBJECT ) return;
@@ -144068,17 +145227,22 @@ SQLITE_PRIVATE void sqlite3SubqueryColumnTypes(
   for(i=0, pCol=pTab->aCol; inCol; i++, pCol++){
     const char *zType;
     i64 n;
+    int m = 0;
+    Select *pS2 = pSelect;
     pTab->tabFlags |= (pCol->colFlags & COLFLAG_NOINSERT);
     p = a[i].pExpr;
     /* pCol->szEst = ... // Column size est for SELECT tables never used */
     pCol->affinity = sqlite3ExprAffinity(p);
+    while( pCol->affinity<=SQLITE_AFF_NONE && pS2->pNext!=0 ){
+      m |= sqlite3ExprDataType(pS2->pEList->a[i].pExpr);
+      pS2 = pS2->pNext;
+      pCol->affinity = sqlite3ExprAffinity(pS2->pEList->a[i].pExpr);
+    }
     if( pCol->affinity<=SQLITE_AFF_NONE ){
       pCol->affinity = aff;
     }
-    if( pCol->affinity>=SQLITE_AFF_TEXT && pSelect->pNext ){
-      int m = 0;
-      Select *pS2;
-      for(m=0, pS2=pSelect->pNext; pS2; pS2=pS2->pNext){
+    if( pCol->affinity>=SQLITE_AFF_TEXT && (pS2->pNext || pS2!=pSelect) ){
+      for(pS2=pS2->pNext; pS2; pS2=pS2->pNext){
         m |= sqlite3ExprDataType(pS2->pEList->a[i].pExpr);
       }
       if( pCol->affinity==SQLITE_AFF_TEXT && (m&0x01)!=0 ){
@@ -144108,12 +145272,12 @@ SQLITE_PRIVATE void sqlite3SubqueryColumnTypes(
       }
     }
     if( zType ){
-      i64 m = sqlite3Strlen30(zType);
+      const i64 k = sqlite3Strlen30(zType);
       n = sqlite3Strlen30(pCol->zCnName);
-      pCol->zCnName = sqlite3DbReallocOrFree(db, pCol->zCnName, n+m+2);
+      pCol->zCnName = sqlite3DbReallocOrFree(db, pCol->zCnName, n+k+2);
       pCol->colFlags &= ~(COLFLAG_HASTYPE|COLFLAG_HASCOLL);
       if( pCol->zCnName ){
-        memcpy(&pCol->zCnName[n+1], zType, m+1);
+        memcpy(&pCol->zCnName[n+1], zType, k+1);
         pCol->colFlags |= COLFLAG_HASTYPE;
       }
     }
@@ -146510,7 +147674,7 @@ static void constInsert(
 ){
   int i;
   assert( pColumn->op==TK_COLUMN );
-  assert( sqlite3ExprIsConstant(pValue) );
+  assert( sqlite3ExprIsConstant(pConst->pParse, pValue) );
 
   if( ExprHasProperty(pColumn, EP_FixedCol) ) return;
   if( sqlite3ExprAffinity(pValue)!=0 ) return;
@@ -146568,10 +147732,10 @@ static void findConstInWhere(WhereConst *pConst, Expr *pExpr){
   pLeft = pExpr->pLeft;
   assert( pRight!=0 );
   assert( pLeft!=0 );
-  if( pRight->op==TK_COLUMN && sqlite3ExprIsConstant(pLeft) ){
+  if( pRight->op==TK_COLUMN && sqlite3ExprIsConstant(pConst->pParse, pLeft) ){
     constInsert(pConst,pRight,pLeft,pExpr);
   }
-  if( pLeft->op==TK_COLUMN && sqlite3ExprIsConstant(pRight) ){
+  if( pLeft->op==TK_COLUMN && sqlite3ExprIsConstant(pConst->pParse, pRight) ){
     constInsert(pConst,pLeft,pRight,pExpr);
   }
 }
@@ -146792,6 +147956,18 @@ static int pushDownWindowCheck(Parse *pParse, Select *pSubq, Expr *pExpr){
 ** The hope is that the terms added to the inner query will make it more
 ** efficient.
 **
+** NAME AMBIGUITY
+**
+** This optimization is called the "WHERE-clause push-down optimization".
+**
+** Do not confuse this optimization with another unrelated optimization
+** with a similar name:  The "MySQL push-down optimization" causes WHERE
+** clause terms that can be evaluated using only the index and without
+** reference to the table are run first, so that if they are false,
+** unnecessary table seeks are avoided.
+**
+** RULES
+**
 ** Do not attempt this optimization if:
 **
 **   (1) (** This restriction was removed on 2017-09-29.  We used to
@@ -146857,15 +148033,19 @@ static int pushDownWindowCheck(Parse *pParse, Select *pSubq, Expr *pExpr){
 **       (9c) There is a RIGHT JOIN (or FULL JOIN) in between the ON/USING
 **            clause and the subquery.
 **
-**       Without this restriction, the push-down optimization might move
-**       the ON/USING filter expression from the left side of a RIGHT JOIN
-**       over to the right side, which leads to incorrect answers.  See
-**       also restriction (6) in sqlite3ExprIsSingleTableConstraint().
+**       Without this restriction, the WHERE-clause push-down optimization
+**       might move the ON/USING filter expression from the left side of a
+**       RIGHT JOIN over to the right side, which leads to incorrect answers.
+**       See also restriction (6) in sqlite3ExprIsSingleTableConstraint().
 **
 **  (10) The inner query is not the right-hand table of a RIGHT JOIN.
 **
 **  (11) The subquery is not a VALUES clause
 **
+**  (12) The WHERE clause is not "rowid ISNULL" or the equivalent.  This
+**       case only comes up if SQLite is compiled using
+**       SQLITE_ALLOW_ROWID_IN_VIEW.
+**
 ** Return 0 if no changes are made and non-zero if one or more WHERE clause
 ** terms are duplicated into the subquery.
 */
@@ -146976,7 +148156,19 @@ static int pushDownWhereTerms(
   }
 #endif
 
-  if( sqlite3ExprIsSingleTableConstraint(pWhere, pSrcList, iSrc) ){
+#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
+  if( ViewCanHaveRowid && (pWhere->op==TK_ISNULL || pWhere->op==TK_NOTNULL) ){
+    Expr *pLeft = pWhere->pLeft;
+    if( ALWAYS(pLeft)
+     && pLeft->op==TK_COLUMN
+     && pLeft->iColumn < 0
+    ){
+      return 0;  /* Restriction (12) */
+    }
+  }
+#endif
+
+  if( sqlite3ExprIsSingleTableConstraint(pWhere, pSrcList, iSrc, 1) ){
     nChng++;
     pSubq->selFlags |= SF_PushDown;
     while( pSubq ){
@@ -147603,12 +148795,14 @@ SQLITE_PRIVATE int sqlite3ExpandSubquery(Parse *pParse, SrcItem *pFrom){
   while( pSel->pPrior ){ pSel = pSel->pPrior; }
   sqlite3ColumnsFromExprList(pParse, pSel->pEList,&pTab->nCol,&pTab->aCol);
   pTab->iPKey = -1;
+  pTab->eTabType = TABTYP_VIEW;
   pTab->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
 #ifndef SQLITE_ALLOW_ROWID_IN_VIEW
   /* The usual case - do not allow ROWID on a subquery */
   pTab->tabFlags |= TF_Ephemeral | TF_NoVisibleRowid;
 #else
-  pTab->tabFlags |= TF_Ephemeral;  /* Legacy compatibility mode */
+  /* Legacy compatibility mode */
+  pTab->tabFlags |= TF_Ephemeral | sqlite3Config.mNoVisibleRowid;
 #endif
   return pParse->nErr ? SQLITE_ERROR : SQLITE_OK;
 }
@@ -147876,7 +149070,7 @@ static int selectExpander(Walker *pWalker, Select *p){
             pNestedFrom = pFrom->pSelect->pEList;
             assert( pNestedFrom!=0 );
             assert( pNestedFrom->nExpr==pTab->nCol );
-            assert( VisibleRowid(pTab)==0 );
+            assert( VisibleRowid(pTab)==0 || ViewCanHaveRowid );
           }else{
             if( zTName && sqlite3StrICmp(zTName, zTabName)!=0 ){
               continue;
@@ -147908,7 +149102,8 @@ static int selectExpander(Walker *pWalker, Select *p){
             pUsing = 0;
           }
 
-          nAdd = pTab->nCol + (VisibleRowid(pTab) && (selFlags&SF_NestedFrom));
+          nAdd = pTab->nCol;
+          if( VisibleRowid(pTab) && (selFlags & SF_NestedFrom)!=0 ) nAdd++;
           for(j=0; ja[pNew->nExpr-1];
             assert( pX->zEName==0 );
             if( (selFlags & SF_NestedFrom)!=0 && !IN_RENAME_OBJECT ){
-              if( pNestedFrom ){
+              if( pNestedFrom && (!ViewCanHaveRowid || jnExpr) ){
+                assert( jnExpr );
                 pX->zEName = sqlite3DbStrDup(db, pNestedFrom->a[j].zEName);
                 testcase( pX->zEName==0 );
               }else{
@@ -148107,8 +149303,7 @@ static void selectAddSubqueryTypeInfo(Walker *pWalker, Select *p){
   if( p->selFlags & SF_HasTypeInfo ) return;
   p->selFlags |= SF_HasTypeInfo;
   pParse = pWalker->pParse;
-  testcase( (p->selFlags & SF_Resolved)==0 );
-  assert( (p->selFlags & SF_Resolved) || IN_RENAME_OBJECT );
+  assert( (p->selFlags & SF_Resolved) );
   pTabList = p->pSrc;
   for(i=0, pFrom=pTabList->a; inSrc; i++, pFrom++){
     Table *pTab = pFrom->pTab;
@@ -148178,6 +149373,8 @@ SQLITE_PRIVATE void sqlite3SelectPrep(
 */
 static void printAggInfo(AggInfo *pAggInfo){
   int ii;
+  sqlite3DebugPrintf("AggInfo %d/%p:\n",
+     pAggInfo->selId, pAggInfo);
   for(ii=0; iinColumn; ii++){
     struct AggInfo_col *pCol = &pAggInfo->aCol[ii];
     sqlite3DebugPrintf(
@@ -149368,7 +150565,7 @@ SQLITE_PRIVATE int sqlite3Select(
     /* Generate code for all sub-queries in the FROM clause
     */
     pSub = pItem->pSelect;
-    if( pSub==0 ) continue;
+    if( pSub==0 || pItem->addrFillSub!=0 ) continue;
 
     /* The code for a subquery should only be generated once. */
     assert( pItem->addrFillSub==0 );
@@ -149399,7 +150596,7 @@ SQLITE_PRIVATE int sqlite3Select(
 #endif
       assert( pItem->pSelect && (pItem->pSelect->selFlags & SF_PushDown)!=0 );
     }else{
-      TREETRACE(0x4000,pParse,p,("Push-down not possible\n"));
+      TREETRACE(0x4000,pParse,p,("WHERE-lcause push-down not possible\n"));
     }
 
     /* Convert unused result columns of the subquery into simple NULL
@@ -150280,6 +151477,12 @@ SQLITE_PRIVATE int sqlite3Select(
   sqlite3ExprListDelete(db, pMinMaxOrderBy);
 #ifdef SQLITE_DEBUG
   if( pAggInfo && !db->mallocFailed ){
+#if TREETRACE_ENABLED
+    if( sqlite3TreeTrace & 0x20 ){
+      TREETRACE(0x20,pParse,p,("Finished with AggInfo\n"));
+      printAggInfo(pAggInfo);
+    }
+#endif
     for(i=0; inColumn; i++){
       Expr *pExpr = pAggInfo->aCol[i].pCExpr;
       if( pExpr==0 ) continue;
@@ -151461,6 +152664,72 @@ static ExprList *sqlite3ExpandReturning(
   return pNew;
 }
 
+/* If the Expr node is a subquery or an EXISTS operator or an IN operator that
+** uses a subquery, and if the subquery is SF_Correlated, then mark the
+** expression as EP_VarSelect.
+*/
+static int sqlite3ReturningSubqueryVarSelect(Walker *NotUsed, Expr *pExpr){
+  UNUSED_PARAMETER(NotUsed);
+  if( ExprUseXSelect(pExpr)
+   && (pExpr->x.pSelect->selFlags & SF_Correlated)!=0
+  ){
+    testcase( ExprHasProperty(pExpr, EP_VarSelect) );
+    ExprSetProperty(pExpr, EP_VarSelect);
+  }
+  return WRC_Continue;
+}
+
+
+/*
+** If the SELECT references the table pWalker->u.pTab, then do two things:
+**
+**    (1) Mark the SELECT as as SF_Correlated.
+**    (2) Set pWalker->eCode to non-zero so that the caller will know
+**        that (1) has happened.
+*/
+static int sqlite3ReturningSubqueryCorrelated(Walker *pWalker, Select *pSelect){
+  int i;
+  SrcList *pSrc;
+  assert( pSelect!=0 );
+  pSrc = pSelect->pSrc;
+  assert( pSrc!=0 );
+  for(i=0; inSrc; i++){
+    if( pSrc->a[i].pTab==pWalker->u.pTab ){
+      testcase( pSelect->selFlags & SF_Correlated );
+      pSelect->selFlags |= SF_Correlated;
+      pWalker->eCode = 1;
+      break;
+    }
+  }
+  return WRC_Continue;
+}
+
+/*
+** Scan the expression list that is the argument to RETURNING looking
+** for subqueries that depend on the table which is being modified in the
+** statement that is hosting the RETURNING clause (pTab).  Mark all such
+** subqueries as SF_Correlated.  If the subqueries are part of an
+** expression, mark the expression as EP_VarSelect.
+**
+** https://sqlite.org/forum/forumpost/2c83569ce8945d39
+*/
+static void sqlite3ProcessReturningSubqueries(
+  ExprList *pEList,
+  Table *pTab
+){
+  Walker w;
+  memset(&w, 0, sizeof(w));
+  w.xExprCallback = sqlite3ExprWalkNoop;
+  w.xSelectCallback = sqlite3ReturningSubqueryCorrelated;
+  w.u.pTab = pTab;
+  sqlite3WalkExprList(&w, pEList);
+  if( w.eCode ){
+    w.xExprCallback = sqlite3ReturningSubqueryVarSelect;
+    w.xSelectCallback = sqlite3SelectWalkNoop;
+    sqlite3WalkExprList(&w, pEList);
+  }
+}
+
 /*
 ** Generate code for the RETURNING trigger.  Unlike other triggers
 ** that invoke a subprogram in the bytecode, the code for RETURNING
@@ -151497,6 +152766,7 @@ static void codeReturningTrigger(
   sSelect.pSrc = &sFrom;
   sFrom.nSrc = 1;
   sFrom.a[0].pTab = pTab;
+  sFrom.a[0].zName = pTab->zName; /* tag-20240424-1 */
   sFrom.a[0].iCursor = -1;
   sqlite3SelectPrep(pParse, &sSelect, 0);
   if( pParse->nErr==0 ){
@@ -151523,6 +152793,7 @@ static void codeReturningTrigger(
       int i;
       int nCol = pNew->nExpr;
       int reg = pParse->nMem+1;
+      sqlite3ProcessReturningSubqueries(pNew, pTab);
       pParse->nMem += nCol+2;
       pReturning->iRetReg = reg;
       for(i=0; ipUpsertIdx = pIdx;
+      if( sqlite3UpsertOfIndex(pAll,pIdx)!=pUpsert ){
+        /* Really this should be an error.  The isDup ON CONFLICT clause will
+        ** never fire.  But this problem was not discovered until three years
+        ** after multi-CONFLICT upsert was added, and so we silently ignore
+        ** the problem to prevent breaking applications that might actually
+        ** have redundant ON CONFLICT clauses. */
+        pUpsert->isDup = 1;
+      }
       break;
     }
     if( pUpsert->pUpsertIdx==0 ){
@@ -153590,9 +154873,13 @@ SQLITE_PRIVATE int sqlite3UpsertNextIsIPK(Upsert *pUpsert){
   Upsert *pNext;
   if( NEVER(pUpsert==0) ) return 0;
   pNext = pUpsert->pNextUpsert;
-  if( pNext==0 ) return 1;
-  if( pNext->pUpsertTarget==0 ) return 1;
-  if( pNext->pUpsertIdx==0 ) return 1;
+  while( 1 /*exit-by-return*/ ){
+    if( pNext==0 ) return 1;
+    if( pNext->pUpsertTarget==0 ) return 1;
+    if( pNext->pUpsertIdx==0 ) return 1;
+    if( !pNext->isDup ) return 0;
+    pNext = pNext->pNextUpsert;
+  }
   return 0;
 }
 
@@ -154717,6 +156004,8 @@ static int vtabCallConstructor(
   db->pVtabCtx = &sCtx;
   pTab->nTabRef++;
   rc = xConstruct(db, pMod->pAux, nArg, azArg, &pVTable->pVtab, &zErr);
+  assert( pTab!=0 );
+  assert( pTab->nTabRef>1 || rc!=SQLITE_OK );
   sqlite3DeleteTable(db, pTab);
   db->pVtabCtx = sCtx.pPrior;
   if( rc==SQLITE_NOMEM ) sqlite3OomFault(db);
@@ -154739,7 +156028,7 @@ static int vtabCallConstructor(
     pVTable->nRef = 1;
     if( sCtx.bDeclared==0 ){
       const char *zFormat = "vtable constructor did not declare schema: %s";
-      *pzErr = sqlite3MPrintf(db, zFormat, pTab->zName);
+      *pzErr = sqlite3MPrintf(db, zFormat, zModuleName);
       sqlite3VtabUnlock(pVTable);
       rc = SQLITE_ERROR;
     }else{
@@ -154917,12 +156206,30 @@ SQLITE_API int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){
   Table *pTab;
   Parse sParse;
   int initBusy;
+  int i;
+  const unsigned char *z;
+  static const u8 aKeyword[] = { TK_CREATE, TK_TABLE, 0 };
 
 #ifdef SQLITE_ENABLE_API_ARMOR
   if( !sqlite3SafetyCheckOk(db) || zCreateTable==0 ){
     return SQLITE_MISUSE_BKPT;
   }
 #endif
+
+  /* Verify that the first two keywords in the CREATE TABLE statement
+  ** really are "CREATE" and "TABLE".  If this is not the case, then
+  ** sqlite3_declare_vtab() is being misused.
+  */
+  z = (const unsigned char*)zCreateTable;
+  for(i=0; aKeyword[i]; i++){
+    int tokenType = 0;
+    do{ z += sqlite3GetToken(z, &tokenType); }while( tokenType==TK_SPACE );
+    if( tokenType!=aKeyword[i] ){
+      sqlite3ErrorWithMsg(db, SQLITE_ERROR, "syntax error");
+      return SQLITE_ERROR;
+    }
+  }
+
   sqlite3_mutex_enter(db->mutex);
   pCtx = db->pVtabCtx;
   if( !pCtx || pCtx->bDeclared ){
@@ -154930,6 +156237,7 @@ SQLITE_API int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){
     sqlite3_mutex_leave(db->mutex);
     return SQLITE_MISUSE_BKPT;
   }
+
   pTab = pCtx->pTab;
   assert( IsVirtual(pTab) );
 
@@ -154943,11 +156251,10 @@ SQLITE_API int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){
   initBusy = db->init.busy;
   db->init.busy = 0;
   sParse.nQueryLoop = 1;
-  if( SQLITE_OK==sqlite3RunParser(&sParse, zCreateTable)
-   && ALWAYS(sParse.pNewTable!=0)
-   && ALWAYS(!db->mallocFailed)
-   && IsOrdinaryTable(sParse.pNewTable)
-  ){
+  if( SQLITE_OK==sqlite3RunParser(&sParse, zCreateTable) ){
+    assert( sParse.pNewTable!=0 );
+    assert( !db->mallocFailed );
+    assert( IsOrdinaryTable(sParse.pNewTable) );
     assert( sParse.zErrMsg==0 );
     if( !pTab->aCol ){
       Table *pNew = sParse.pNewTable;
@@ -157442,6 +158749,27 @@ static SQLITE_NOINLINE void filterPullDown(
   }
 }
 
+/*
+** Loop pLoop is a WHERE_INDEXED level that uses at least one IN(...)
+** operator. Return true if level pLoop is guaranteed to visit only one
+** row for each key generated for the index.
+*/
+static int whereLoopIsOneRow(WhereLoop *pLoop){
+  if( pLoop->u.btree.pIndex->onError
+   && pLoop->nSkip==0
+   && pLoop->u.btree.nEq==pLoop->u.btree.pIndex->nKeyCol
+  ){
+    int ii;
+    for(ii=0; iiu.btree.nEq; ii++){
+      if( pLoop->aLTerm[ii]->eOperator & (WO_IS|WO_ISNULL) ){
+        return 0;
+      }
+    }
+    return 1;
+  }
+  return 0;
+}
+
 /*
 ** Generate code for the start of the iLevel-th loop in the WHERE clause
 ** implementation described by pWInfo.
@@ -157520,7 +158848,7 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
   if( pLevel->iFrom>0 && (pTabItem[0].fg.jointype & JT_LEFT)!=0 ){
     pLevel->iLeftJoin = ++pParse->nMem;
     sqlite3VdbeAddOp2(v, OP_Integer, 0, pLevel->iLeftJoin);
-    VdbeComment((v, "init LEFT JOIN no-match flag"));
+    VdbeComment((v, "init LEFT JOIN match flag"));
   }
 
   /* Compute a safe address to jump to if we discover that the table for
@@ -158189,7 +159517,9 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
     }
 
     /* Record the instruction used to terminate the loop. */
-    if( pLoop->wsFlags & WHERE_ONEROW ){
+    if( (pLoop->wsFlags & WHERE_ONEROW)
+     || (pLevel->u.in.nIn && regBignull==0 && whereLoopIsOneRow(pLoop))
+    ){
       pLevel->op = OP_Noop;
     }else if( bRev ){
       pLevel->op = OP_Prev;
@@ -158579,6 +159909,12 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
   ** iLoop==3: Code all remaining expressions.
   **
   ** An effort is made to skip unnecessary iterations of the loop.
+  **
+  ** This optimization of causing simple query restrictions to occur before
+  ** more complex one is call the "push-down" optimization in MySQL.  Here
+  ** in SQLite, the name is "MySQL push-down", since there is also another
+  ** totally unrelated optimization called "WHERE-clause push-down".
+  ** Sometimes the qualifier is omitted, resulting in an ambiguity, so beware.
   */
   iLoop = (pIdx ? 1 : 2);
   do{
@@ -158829,7 +160165,16 @@ SQLITE_PRIVATE SQLITE_NOINLINE void sqlite3WhereRightJoinLoop(
                                   pRJ->regReturn);
   for(k=0; ka[k].pWLoop->iTab == pWInfo->a[k].iFrom );
+    pRight = &pWInfo->pTabList->a[pWInfo->a[k].iFrom];
     mAll |= pWInfo->a[k].pWLoop->maskSelf;
+    if( pRight->fg.viaCoroutine ){
+      sqlite3VdbeAddOp3(
+          v, OP_Null, 0, pRight->regResult,
+          pRight->regResult + pRight->pSelect->pEList->nExpr-1
+      );
+    }
     sqlite3VdbeAddOp1(v, OP_NullRow, pWInfo->a[k].iTabCur);
     iIdxCur = pWInfo->a[k].iIdxCur;
     if( iIdxCur ){
@@ -159886,7 +161231,7 @@ static SQLITE_NOINLINE int exprMightBeIndexed2(
         if( pIdx->aiColumn[i]!=XN_EXPR ) continue;
         assert( pIdx->bHasExpr );
         if( sqlite3ExprCompareSkip(pExpr,pIdx->aColExpr->a[i].pExpr,iCur)==0
-          && pExpr->op!=TK_STRING
+         && !sqlite3ExprIsConstant(0,pIdx->aColExpr->a[i].pExpr)
         ){
           aiCurCol[0] = iCur;
           aiCurCol[1] = XN_EXPR;
@@ -160535,6 +161880,7 @@ SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3WhereAddLimit(WhereClause *pWC, Selec
         continue;
       }
       if( pWC->a[ii].leftCursor!=iCsr ) return;
+      if( pWC->a[ii].prereqRight!=0 ) return;
     }
 
     /* Check condition (5). Return early if it is not met. */
@@ -160549,12 +161895,14 @@ SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3WhereAddLimit(WhereClause *pWC, Selec
 
     /* All conditions are met. Add the terms to the where-clause object. */
     assert( p->pLimit->op==TK_LIMIT );
-    whereAddLimitExpr(pWC, p->iLimit, p->pLimit->pLeft,
-                      iCsr, SQLITE_INDEX_CONSTRAINT_LIMIT);
-    if( p->iOffset>0 ){
+    if( p->iOffset!=0 && (p->selFlags & SF_Compound)==0 ){
       whereAddLimitExpr(pWC, p->iOffset, p->pLimit->pRight,
                         iCsr, SQLITE_INDEX_CONSTRAINT_OFFSET);
     }
+    if( p->iOffset==0 || (p->selFlags & SF_Compound)==0 ){
+      whereAddLimitExpr(pWC, p->iLimit, p->pLimit->pLeft,
+                        iCsr, SQLITE_INDEX_CONSTRAINT_LIMIT);
+    }
   }
 }
 
@@ -161072,6 +162420,42 @@ static Expr *whereRightSubexprIsColumn(Expr *p){
   return 0;
 }
 
+/*
+** Term pTerm is guaranteed to be a WO_IN term. It may be a component term
+** of a vector IN expression of the form "(x, y, ...) IN (SELECT ...)".
+** This function checks to see if the term is compatible with an index
+** column with affinity idxaff (one of the SQLITE_AFF_XYZ values). If so,
+** it returns a pointer to the name of the collation sequence (e.g. "BINARY"
+** or "NOCASE") used by the comparison in pTerm. If it is not compatible
+** with affinity idxaff, NULL is returned.
+*/
+static SQLITE_NOINLINE const char *indexInAffinityOk(
+  Parse *pParse,
+  WhereTerm *pTerm,
+  u8 idxaff
+){
+  Expr *pX = pTerm->pExpr;
+  Expr inexpr;
+
+  assert( pTerm->eOperator & WO_IN );
+
+  if( sqlite3ExprIsVector(pX->pLeft) ){
+    int iField = pTerm->u.x.iField - 1;
+    inexpr.flags = 0;
+    inexpr.op = TK_EQ;
+    inexpr.pLeft = pX->pLeft->x.pList->a[iField].pExpr;
+    assert( ExprUseXSelect(pX) );
+    inexpr.pRight = pX->x.pSelect->pEList->a[iField].pExpr;
+    pX = &inexpr;
+  }
+
+  if( sqlite3IndexAffinityOk(pX, idxaff) ){
+    CollSeq *pRet = sqlite3ExprCompareCollSeq(pParse, pX);
+    return pRet ? pRet->zName : sqlite3StrBINARY;
+  }
+  return 0;
+}
+
 /*
 ** Advance to the next WhereTerm that matches according to the criteria
 ** established when the pScan object was initialized by whereScanInit().
@@ -161122,16 +162506,24 @@ static WhereTerm *whereScanNext(WhereScan *pScan){
           if( (pTerm->eOperator & pScan->opMask)!=0 ){
             /* Verify the affinity and collating sequence match */
             if( pScan->zCollName && (pTerm->eOperator & WO_ISNULL)==0 ){
-              CollSeq *pColl;
+              const char *zCollName;
               Parse *pParse = pWC->pWInfo->pParse;
               pX = pTerm->pExpr;
-              if( !sqlite3IndexAffinityOk(pX, pScan->idxaff) ){
-                continue;
+
+              if( (pTerm->eOperator & WO_IN) ){
+                zCollName = indexInAffinityOk(pParse, pTerm, pScan->idxaff);
+                if( !zCollName ) continue;
+              }else{
+                CollSeq *pColl;
+                if( !sqlite3IndexAffinityOk(pX, pScan->idxaff) ){
+                  continue;
+                }
+                assert(pX->pLeft);
+                pColl = sqlite3ExprCompareCollSeq(pParse, pX);
+                zCollName = pColl ? pColl->zName : sqlite3StrBINARY;
               }
-              assert(pX->pLeft);
-              pColl = sqlite3ExprCompareCollSeq(pParse, pX);
-              if( pColl==0 ) pColl = pParse->db->pDfltColl;
-              if( sqlite3StrICmp(pColl->zName, pScan->zCollName) ){
+
+              if( sqlite3StrICmp(zCollName, pScan->zCollName) ){
                 continue;
               }
             }
@@ -161483,9 +162875,13 @@ static void translateColumnToCopy(
 ** are no-ops.
 */
 #if !defined(SQLITE_OMIT_VIRTUALTABLE) && defined(WHERETRACE_ENABLED)
-static void whereTraceIndexInfoInputs(sqlite3_index_info *p){
+static void whereTraceIndexInfoInputs(
+  sqlite3_index_info *p,   /* The IndexInfo object */
+  Table *pTab              /* The TABLE that is the virtual table */
+){
   int i;
   if( (sqlite3WhereTrace & 0x10)==0 ) return;
+  sqlite3DebugPrintf("sqlite3_index_info inputs for %s:\n", pTab->zName);
   for(i=0; inConstraint; i++){
     sqlite3DebugPrintf(
        "  constraint[%d]: col=%d termid=%d op=%d usabled=%d collseq=%s\n",
@@ -161503,9 +162899,13 @@ static void whereTraceIndexInfoInputs(sqlite3_index_info *p){
        p->aOrderBy[i].desc);
   }
 }
-static void whereTraceIndexInfoOutputs(sqlite3_index_info *p){
+static void whereTraceIndexInfoOutputs(
+  sqlite3_index_info *p,   /* The IndexInfo object */
+  Table *pTab              /* The TABLE that is the virtual table */
+){
   int i;
   if( (sqlite3WhereTrace & 0x10)==0 ) return;
+  sqlite3DebugPrintf("sqlite3_index_info outputs for %s:\n", pTab->zName);
   for(i=0; inConstraint; i++){
     sqlite3DebugPrintf("  usage[%d]: argvIdx=%d omit=%d\n",
        i,
@@ -161519,8 +162919,8 @@ static void whereTraceIndexInfoOutputs(sqlite3_index_info *p){
   sqlite3DebugPrintf("  estimatedRows=%lld\n", p->estimatedRows);
 }
 #else
-#define whereTraceIndexInfoInputs(A)
-#define whereTraceIndexInfoOutputs(A)
+#define whereTraceIndexInfoInputs(A,B)
+#define whereTraceIndexInfoOutputs(A,B)
 #endif
 
 /*
@@ -161704,7 +163104,7 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
     ** WHERE clause (or the ON clause of a LEFT join) that constrain which
     ** rows of the target table (pSrc) that can be used. */
     if( (pTerm->wtFlags & TERM_VIRTUAL)==0
-     && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, pLevel->iFrom)
+     && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, pLevel->iFrom, 0)
     ){
       pPartial = sqlite3ExprAnd(pParse, pPartial,
                                 sqlite3ExprDup(pParse->db, pExpr, 0));
@@ -161746,7 +163146,7 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
   ** if they go out of sync.
   */
   if( IsView(pTable) ){
-    extraCols = ALLBITS;
+    extraCols = ALLBITS & ~idxCols;
   }else{
     extraCols = pSrc->colUsed & (~idxCols | MASKBIT(BMS-1));
   }
@@ -161973,7 +163373,7 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
     for(pTerm=pWInfo->sWC.a; pTermpExpr;
       if( (pTerm->wtFlags & TERM_VIRTUAL)==0
-       && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, iSrc)
+       && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, iSrc, 0)
       ){
         sqlite3ExprIfFalse(pParse, pTerm->pExpr, addrCont, SQLITE_JUMPIFNULL);
       }
@@ -162099,7 +163499,7 @@ static sqlite3_index_info *allocateIndexInfo(
       Expr *pE2;
 
       /* Skip over constant terms in the ORDER BY clause */
-      if( sqlite3ExprIsConstant(pExpr) ){
+      if( sqlite3ExprIsConstant(0, pExpr) ){
         continue;
       }
 
@@ -162134,7 +163534,7 @@ static sqlite3_index_info *allocateIndexInfo(
     }
     if( i==n ){
       nOrderBy = n;
-      if( (pWInfo->wctrlFlags & WHERE_DISTINCTBY) ){
+      if( (pWInfo->wctrlFlags & WHERE_DISTINCTBY) && !pSrc->fg.rowidUsed ){
         eDistinct = 2 + ((pWInfo->wctrlFlags & WHERE_SORTBYGROUP)!=0);
       }else if( pWInfo->wctrlFlags & WHERE_GROUPBY ){
         eDistinct = 1;
@@ -162211,7 +163611,7 @@ static sqlite3_index_info *allocateIndexInfo(
   pIdxInfo->nConstraint = j;
   for(i=j=0; ia[i].pExpr;
-    if( sqlite3ExprIsConstant(pExpr) ) continue;
+    if( sqlite3ExprIsConstant(0, pExpr) ) continue;
     assert( pExpr->op==TK_COLUMN
          || (pExpr->op==TK_COLLATE && pExpr->pLeft->op==TK_COLUMN
               && pExpr->iColumn==pExpr->pLeft->iColumn) );
@@ -162263,11 +163663,11 @@ static int vtabBestIndex(Parse *pParse, Table *pTab, sqlite3_index_info *p){
   sqlite3_vtab *pVtab = sqlite3GetVTable(pParse->db, pTab)->pVtab;
   int rc;
 
-  whereTraceIndexInfoInputs(p);
+  whereTraceIndexInfoInputs(p, pTab);
   pParse->db->nSchemaLock++;
   rc = pVtab->pModule->xBestIndex(pVtab, p);
   pParse->db->nSchemaLock--;
-  whereTraceIndexInfoOutputs(p);
+  whereTraceIndexInfoOutputs(p, pTab);
 
   if( rc!=SQLITE_OK && rc!=SQLITE_CONSTRAINT ){
     if( rc==SQLITE_NOMEM ){
@@ -163745,7 +165145,9 @@ static int whereLoopAddBtreeIndex(
   }
   if( pProbe->bUnordered || pProbe->bLowQual ){
     if( pProbe->bUnordered ) opMask &= ~(WO_GT|WO_GE|WO_LT|WO_LE);
-    if( pProbe->bLowQual )   opMask &= ~(WO_EQ|WO_IN|WO_IS);
+    if( pProbe->bLowQual && pSrc->fg.isIndexedBy==0 ){
+      opMask &= ~(WO_EQ|WO_IN|WO_IS);
+    }
   }
 
   assert( pNew->u.btree.nEqnColumn );
@@ -164012,10 +165414,13 @@ static int whereLoopAddBtreeIndex(
       }
     }
 
-    /* Set rCostIdx to the cost of visiting selected rows in index. Add
-    ** it to pNew->rRun, which is currently set to the cost of the index
-    ** seek only. Then, if this is a non-covering index, add the cost of
-    ** visiting the rows in the main table.  */
+    /* Set rCostIdx to the estimated cost of visiting selected rows in the
+    ** index.  The estimate is the sum of two values:
+    **   1.  The cost of doing one search-by-key to find the first matching
+    **       entry
+    **   2.  Stepping forward in the index pNew->nOut times to find all
+    **       additional matching entries.
+    */
     assert( pSrc->pTab->szTabRow>0 );
     if( pProbe->idxType==SQLITE_IDXTYPE_IPK ){
       /* The pProbe->szIdxRow is low for an IPK table since the interior
@@ -164026,7 +165431,15 @@ static int whereLoopAddBtreeIndex(
     }else{
       rCostIdx = pNew->nOut + 1 + (15*pProbe->szIdxRow)/pSrc->pTab->szTabRow;
     }
-    pNew->rRun = sqlite3LogEstAdd(rLogSize, rCostIdx);
+    rCostIdx = sqlite3LogEstAdd(rLogSize, rCostIdx);
+
+    /* Estimate the cost of running the loop.  If all data is coming
+    ** from the index, then this is just the cost of doing the index
+    ** lookup and scan.  But if some data is coming out of the main table,
+    ** we also have to add in the cost of doing pNew->nOut searches to
+    ** locate the row in the main table that corresponds to the index entry.
+    */
+    pNew->rRun = rCostIdx;
     if( (pNew->wsFlags & (WHERE_IDX_ONLY|WHERE_IPK|WHERE_EXPRIDX))==0 ){
       pNew->rRun = sqlite3LogEstAdd(pNew->rRun, pNew->nOut + 16);
     }
@@ -164132,7 +165545,9 @@ static int indexMightHelpWithOrderBy(
   for(ii=0; iinExpr; ii++){
     Expr *pExpr = sqlite3ExprSkipCollateAndLikely(pOB->a[ii].pExpr);
     if( NEVER(pExpr==0) ) continue;
-    if( pExpr->op==TK_COLUMN && pExpr->iTable==iCursor ){
+    if( (pExpr->op==TK_COLUMN || pExpr->op==TK_AGG_COLUMN)
+     && pExpr->iTable==iCursor
+    ){
       if( pExpr->iColumn<0 ) return 1;
       for(jj=0; jjnKeyCol; jj++){
         if( pExpr->iColumn==pIndex->aiColumn[jj] ) return 1;
@@ -164389,7 +165804,7 @@ static void wherePartIdxExpr(
     u8 aff;
 
     if( pLeft->op!=TK_COLUMN ) return;
-    if( !sqlite3ExprIsConstant(pRight) ) return;
+    if( !sqlite3ExprIsConstant(0, pRight) ) return;
     if( !sqlite3IsBinary(sqlite3ExprCompareCollSeq(pParse, pPart)) ) return;
     if( pLeft->iColumn<0 ) return;
     aff = pIdx->pTable->aCol[pLeft->iColumn].affinity;
@@ -164662,7 +166077,9 @@ static int whereLoopAddBtree(
                   " according to whereIsCoveringIndex()\n", pProbe->zName));
             }
           }
-        }else if( m==0 ){
+        }else if( m==0
+           && (HasRowid(pTab) || pWInfo->pSelect!=0 || sqlite3FaultSim(700))
+        ){
           WHERETRACE(0x200,
              ("-> %s a covering index according to bitmasks\n",
              pProbe->zName, m==0 ? "is" : "is not"));
@@ -164738,7 +166155,7 @@ static int whereLoopAddBtree(
       ** unique index is used (making the index functionally non-unique)
       ** then the sqlite_stat1 data becomes important for scoring the
       ** plan */
-      pTab->tabFlags |= TF_StatsUsed;
+      pTab->tabFlags |= TF_MaybeReanalyze;
     }
 #ifdef SQLITE_ENABLE_STAT4
     sqlite3Stat4ProbeFree(pBuilder->pRec);
@@ -164760,6 +166177,21 @@ static int isLimitTerm(WhereTerm *pTerm){
       && pTerm->eMatchOp<=SQLITE_INDEX_CONSTRAINT_OFFSET;
 }
 
+/*
+** Return true if the first nCons constraints in the pUsage array are
+** marked as in-use (have argvIndex>0). False otherwise.
+*/
+static int allConstraintsUsed(
+  struct sqlite3_index_constraint_usage *aUsage,
+  int nCons
+){
+  int ii;
+  for(ii=0; iipNew->iTab. This
@@ -164900,13 +166332,20 @@ static int whereLoopAddVirtualOne(
         *pbIn = 1; assert( (mExclude & WO_IN)==0 );
       }
 
+      /* Unless pbRetryLimit is non-NULL, there should be no LIMIT/OFFSET
+      ** terms. And if there are any, they should follow all other terms. */
       assert( pbRetryLimit || !isLimitTerm(pTerm) );
-      if( isLimitTerm(pTerm) && *pbIn ){
+      assert( !isLimitTerm(pTerm) || i>=nConstraint-2 );
+      assert( !isLimitTerm(pTerm) || i==nConstraint-1 || isLimitTerm(pTerm+1) );
+
+      if( isLimitTerm(pTerm) && (*pbIn || !allConstraintsUsed(pUsage, i)) ){
         /* If there is an IN(...) term handled as an == (separate call to
         ** xFilter for each value on the RHS of the IN) and a LIMIT or
-        ** OFFSET term handled as well, the plan is unusable. Set output
-        ** variable *pbRetryLimit to true to tell the caller to retry with
-        ** LIMIT and OFFSET disabled. */
+        ** OFFSET term handled as well, the plan is unusable. Similarly,
+        ** if there is a LIMIT/OFFSET and there are other unused terms,
+        ** the plan cannot be used. In these cases set variable *pbRetryLimit
+        ** to true to tell the caller to retry with LIMIT and OFFSET
+        ** disabled. */
         if( pIdxInfo->needToFreeIdxStr ){
           sqlite3_free(pIdxInfo->idxStr);
           pIdxInfo->idxStr = 0;
@@ -165763,7 +167202,7 @@ static i8 wherePathSatisfiesOrderBy(
         if( MASKBIT(i) & obSat ) continue;
         p = pOrderBy->a[i].pExpr;
         mTerm = sqlite3WhereExprUsage(&pWInfo->sMaskSet,p);
-        if( mTerm==0 && !sqlite3ExprIsConstant(p) ) continue;
+        if( mTerm==0 && !sqlite3ExprIsConstant(0,p) ) continue;
         if( (mTerm&~orderDistinctMask)==0 ){
           obSat |= MASKBIT(i);
         }
@@ -166232,10 +167671,9 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
       if( pFrom->isOrdered==pWInfo->pOrderBy->nExpr ){
         pWInfo->eDistinct = WHERE_DISTINCT_ORDERED;
       }
-      if( pWInfo->pSelect->pOrderBy
-       && pWInfo->nOBSat > pWInfo->pSelect->pOrderBy->nExpr ){
-        pWInfo->nOBSat = pWInfo->pSelect->pOrderBy->nExpr;
-      }
+      /* vvv--- See check-in [12ad822d9b827777] on 2023-03-16 ---vvv */
+      assert( pWInfo->pSelect->pOrderBy==0
+           || pWInfo->nOBSat <= pWInfo->pSelect->pOrderBy->nExpr );
     }else{
       pWInfo->revMask = pFrom->revLoop;
       if( pWInfo->nOBSat<=0 ){
@@ -166278,7 +167716,6 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
     }
   }
 
-
   pWInfo->nRowOut = pFrom->nRow;
 
   /* Free temporary memory and return success */
@@ -166286,6 +167723,83 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
   return SQLITE_OK;
 }
 
+/*
+** This routine implements a heuristic designed to improve query planning.
+** This routine is called in between the first and second call to
+** wherePathSolver().  Hence the name "Interstage" "Heuristic".
+**
+** The first call to wherePathSolver() (hereafter just "solver()") computes
+** the best path without regard to the order of the outputs.  The second call
+** to the solver() builds upon the first call to try to find an alternative
+** path that satisfies the ORDER BY clause.
+**
+** This routine looks at the results of the first solver() run, and for
+** every FROM clause term in the resulting query plan that uses an equality
+** constraint against an index, disable other WhereLoops for that same
+** FROM clause term that would try to do a full-table scan.  This prevents
+** an index search from being converted into a full-table scan in order to
+** satisfy an ORDER BY clause, since even though we might get slightly better
+** performance using the full-scan without sorting if the output size
+** estimates are very precise, we might also get severe performance
+** degradation using the full-scan if the output size estimate is too large.
+** It is better to err on the side of caution.
+**
+** Except, if the first solver() call generated a full-table scan in an outer
+** loop then stop this analysis at the first full-scan, since the second
+** solver() run might try to swap that full-scan for another in order to
+** get the output into the correct order.  In other words, we allow a
+** rewrite like this:
+**
+**     First Solver()                      Second Solver()
+**       |-- SCAN t1                         |-- SCAN t2
+**       |-- SEARCH t2                       `-- SEARCH t1
+**       `-- SORT USING B-TREE
+**
+** The purpose of this routine is to disallow rewrites such as:
+**
+**     First Solver()                      Second Solver()
+**       |-- SEARCH t1                       |-- SCAN t2     <--- bad!
+**       |-- SEARCH t2                       `-- SEARCH t1
+**       `-- SORT USING B-TREE
+**
+** See test cases in test/whereN.test for the real-world query that
+** originally provoked this heuristic.
+*/
+static SQLITE_NOINLINE void whereInterstageHeuristic(WhereInfo *pWInfo){
+  int i;
+#ifdef WHERETRACE_ENABLED
+  int once = 0;
+#endif
+  for(i=0; inLevel; i++){
+    WhereLoop *p = pWInfo->a[i].pWLoop;
+    if( p==0 ) break;
+    if( (p->wsFlags & WHERE_VIRTUALTABLE)!=0 ) continue;
+    if( (p->wsFlags & (WHERE_COLUMN_EQ|WHERE_COLUMN_NULL|WHERE_COLUMN_IN))!=0 ){
+      u8 iTab = p->iTab;
+      WhereLoop *pLoop;
+      for(pLoop=pWInfo->pLoops; pLoop; pLoop=pLoop->pNextLoop){
+        if( pLoop->iTab!=iTab ) continue;
+        if( (pLoop->wsFlags & (WHERE_CONSTRAINT|WHERE_AUTO_INDEX))!=0 ){
+          /* Auto-index and index-constrained loops allowed to remain */
+          continue;
+        }
+#ifdef WHERETRACE_ENABLED
+        if( sqlite3WhereTrace & 0x80 ){
+          if( once==0 ){
+            sqlite3DebugPrintf("Loops disabled by interstage heuristic:\n");
+            once = 1;
+          }
+          sqlite3WhereLoopPrint(pLoop, &pWInfo->sWC);
+        }
+#endif /* WHERETRACE_ENABLED */
+        pLoop->prereq = ALLBITS;  /* Prevent 2nd solver() from using this one */
+      }
+    }else{
+      break;
+    }
+  }
+}
+
 /*
 ** Most queries use only a single table (they are not joins) and have
 ** simple == constraints against indexed fields.  This routine attempts
@@ -166454,6 +167968,10 @@ static void showAllWhereLoops(WhereInfo *pWInfo, WhereClause *pWC){
 **      the right-most table of a subquery that was flattened into the
 **      main query and that subquery was the right-hand operand of an
 **      inner join that held an ON or USING clause.
+**   6) The ORDER BY clause has 63 or fewer terms
+**   7) The omit-noop-join optimization is enabled.
+**
+** Items (1), (6), and (7) are checked by the caller.
 **
 ** For example, given:
 **
@@ -166574,7 +168092,7 @@ static SQLITE_NOINLINE void whereCheckIfBloomFilterIsUseful(
     SrcItem *pItem = &pWInfo->pTabList->a[pLoop->iTab];
     Table *pTab = pItem->pTab;
     if( (pTab->tabFlags & TF_HasStat1)==0 ) break;
-    pTab->tabFlags |= TF_StatsUsed;
+    pTab->tabFlags |= TF_MaybeReanalyze;
     if( i>=1
      && (pLoop->wsFlags & reqFlags)==reqFlags
      /* vvvvvv--- Always the case if WHERE_COLUMN_EQ is defined */
@@ -166595,6 +168113,58 @@ static SQLITE_NOINLINE void whereCheckIfBloomFilterIsUseful(
   }
 }
 
+/*
+** Expression Node callback for sqlite3ExprCanReturnSubtype().
+**
+** Only a function call is able to return a subtype.  So if the node
+** is not a function call, return WRC_Prune immediately.
+**
+** A function call is able to return a subtype if it has the
+** SQLITE_RESULT_SUBTYPE property.
+**
+** Assume that every function is able to pass-through a subtype from
+** one of its argument (using sqlite3_result_value()).  Most functions
+** are not this way, but we don't have a mechanism to distinguish those
+** that are from those that are not, so assume they all work this way.
+** That means that if one of its arguments is another function and that
+** other function is able to return a subtype, then this function is
+** able to return a subtype.
+*/
+static int exprNodeCanReturnSubtype(Walker *pWalker, Expr *pExpr){
+  int n;
+  FuncDef *pDef;
+  sqlite3 *db;
+  if( pExpr->op!=TK_FUNCTION ){
+    return WRC_Prune;
+  }
+  assert( ExprUseXList(pExpr) );
+  db = pWalker->pParse->db;
+  n = pExpr->x.pList ? pExpr->x.pList->nExpr : 0;
+  pDef = sqlite3FindFunction(db, pExpr->u.zToken, n, ENC(db), 0);
+  if( pDef==0 || (pDef->funcFlags & SQLITE_RESULT_SUBTYPE)!=0 ){
+    pWalker->eCode = 1;
+    return WRC_Prune;
+  }
+  return WRC_Continue;
+}
+
+/*
+** Return TRUE if expression pExpr is able to return a subtype.
+**
+** A TRUE return does not guarantee that a subtype will be returned.
+** It only indicates that a subtype return is possible.  False positives
+** are acceptable as they only disable an optimization.  False negatives,
+** on the other hand, can lead to incorrect answers.
+*/
+static int sqlite3ExprCanReturnSubtype(Parse *pParse, Expr *pExpr){
+  Walker w;
+  memset(&w, 0, sizeof(w));
+  w.pParse = pParse;
+  w.xExprCallback = exprNodeCanReturnSubtype;
+  sqlite3WalkExpr(&w, pExpr);
+  return w.eCode;
+}
+
 /*
 ** The index pIdx is used by a query and contains one or more expressions.
 ** In other words pIdx is an index on an expression.  iIdxCur is the cursor
@@ -166620,33 +168190,19 @@ static SQLITE_NOINLINE void whereAddIndexedExpr(
   for(i=0; inColumn; i++){
     Expr *pExpr;
     int j = pIdx->aiColumn[i];
-    int bMaybeNullRow;
     if( j==XN_EXPR ){
       pExpr = pIdx->aColExpr->a[i].pExpr;
-      testcase( pTabItem->fg.jointype & JT_LEFT );
-      testcase( pTabItem->fg.jointype & JT_RIGHT );
-      testcase( pTabItem->fg.jointype & JT_LTORJ );
-      bMaybeNullRow = (pTabItem->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0;
     }else if( j>=0 && (pTab->aCol[j].colFlags & COLFLAG_VIRTUAL)!=0 ){
       pExpr = sqlite3ColumnExpr(pTab, &pTab->aCol[j]);
-      bMaybeNullRow = 0;
     }else{
       continue;
     }
-    if( sqlite3ExprIsConstant(pExpr) ) continue;
-    if( pExpr->op==TK_FUNCTION ){
+    if( sqlite3ExprIsConstant(0,pExpr) ) continue;
+    if( pExpr->op==TK_FUNCTION && sqlite3ExprCanReturnSubtype(pParse,pExpr) ){
       /* Functions that might set a subtype should not be replaced by the
       ** value taken from an expression index since the index omits the
       ** subtype.  https://sqlite.org/forum/forumpost/68d284c86b082c3e */
-      int n;
-      FuncDef *pDef;
-      sqlite3 *db = pParse->db;
-      assert( ExprUseXList(pExpr) );
-      n = pExpr->x.pList ? pExpr->x.pList->nExpr : 0;
-      pDef = sqlite3FindFunction(db, pExpr->u.zToken, n, ENC(db), 0);
-      if( pDef==0 || (pDef->funcFlags & SQLITE_RESULT_SUBTYPE)!=0 ){
-        continue;
-      }
+      continue;
     }
     p = sqlite3DbMallocRaw(pParse->db,  sizeof(IndexedExpr));
     if( p==0 ) break;
@@ -166661,7 +168217,7 @@ static SQLITE_NOINLINE void whereAddIndexedExpr(
     p->iDataCur = pTabItem->iCursor;
     p->iIdxCur = iIdxCur;
     p->iIdxCol = i;
-    p->bMaybeNullRow = bMaybeNullRow;
+    p->bMaybeNullRow = (pTabItem->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0;
     if( sqlite3IndexAffinityStr(pParse->db, pIdx) ){
       p->aff = pIdx->zColAff[i];
     }
@@ -166829,6 +168385,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   if( pOrderBy && pOrderBy->nExpr>=BMS ){
     pOrderBy = 0;
     wctrlFlags &= ~WHERE_WANT_DISTINCT;
+    wctrlFlags |= WHERE_KEEP_ALL_JOINS; /* Disable omit-noop-join opt */
   }
 
   /* The number of tables in the FROM clause is limited by the number of
@@ -166911,7 +168468,11 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
     ){
       pWInfo->eDistinct = WHERE_DISTINCT_UNIQUE;
     }
-    ExplainQueryPlan((pParse, 0, "SCAN CONSTANT ROW"));
+    if( ALWAYS(pWInfo->pSelect)
+     && (pWInfo->pSelect->selFlags & SF_MultiValue)==0
+    ){
+      ExplainQueryPlan((pParse, 0, "SCAN CONSTANT ROW"));
+    }
   }else{
     /* Assign a bit from the bitmask to every term in the FROM clause.
     **
@@ -167064,6 +168625,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
     wherePathSolver(pWInfo, 0);
     if( db->mallocFailed ) goto whereBeginError;
     if( pWInfo->pOrderBy ){
+       whereInterstageHeuristic(pWInfo);
        wherePathSolver(pWInfo, pWInfo->nRowOut+1);
        if( db->mallocFailed ) goto whereBeginError;
     }
@@ -167124,10 +168686,10 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   ** in-line sqlite3WhereCodeOneLoopStart() for performance reasons.
   */
   notReady = ~(Bitmask)0;
-  if( pWInfo->nLevel>=2
-   && pResultSet!=0                         /* these two combine to guarantee */
-   && 0==(wctrlFlags & WHERE_AGG_DISTINCT)  /* condition (1) above */
-   && OptimizationEnabled(db, SQLITE_OmitNoopJoin)
+  if( pWInfo->nLevel>=2       /* Must be a join, or this opt8n is pointless */
+   && pResultSet!=0           /* Condition (1) */
+   && 0==(wctrlFlags & (WHERE_AGG_DISTINCT|WHERE_KEEP_ALL_JOINS)) /* (1),(6) */
+   && OptimizationEnabled(db, SQLITE_OmitNoopJoin)                /* (7) */
   ){
     notReady = whereOmitNoopJoin(pWInfo, notReady);
     nTabList = pWInfo->nLevel;
@@ -167447,26 +169009,6 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   }
 #endif
 
-#ifdef SQLITE_DEBUG
-/*
-** Return true if cursor iCur is opened by instruction k of the
-** bytecode.  Used inside of assert() only.
-*/
-static int cursorIsOpen(Vdbe *v, int iCur, int k){
-  while( k>=0 ){
-    VdbeOp *pOp = sqlite3VdbeGetOp(v,k--);
-    if( pOp->p1!=iCur ) continue;
-    if( pOp->opcode==OP_Close ) return 0;
-    if( pOp->opcode==OP_OpenRead ) return 1;
-    if( pOp->opcode==OP_OpenWrite ) return 1;
-    if( pOp->opcode==OP_OpenDup ) return 1;
-    if( pOp->opcode==OP_OpenAutoindex ) return 1;
-    if( pOp->opcode==OP_OpenEphemeral ) return 1;
-  }
-  return 0;
-}
-#endif /* SQLITE_DEBUG */
-
 /*
 ** Generate the end of the WHERE loop.  See comments on
 ** sqlite3WhereBegin() for additional information.
@@ -167613,7 +169155,15 @@ SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
       addr = sqlite3VdbeAddOp1(v, OP_IfPos, pLevel->iLeftJoin); VdbeCoverage(v);
       assert( (ws & WHERE_IDX_ONLY)==0 || (ws & WHERE_INDEXED)!=0 );
       if( (ws & WHERE_IDX_ONLY)==0 ){
-        assert( pLevel->iTabCur==pTabList->a[pLevel->iFrom].iCursor );
+        SrcItem *pSrc = &pTabList->a[pLevel->iFrom];
+        assert( pLevel->iTabCur==pSrc->iCursor );
+        if( pSrc->fg.viaCoroutine ){
+          int m, n;
+          n = pSrc->regResult;
+          assert( pSrc->pTab!=0 );
+          m = pSrc->pTab->nCol;
+          sqlite3VdbeAddOp3(v, OP_Null, 0, n, n+m-1);
+        }
         sqlite3VdbeAddOp1(v, OP_NullRow, pLevel->iTabCur);
       }
       if( (ws & WHERE_INDEXED)
@@ -167663,6 +169213,7 @@ SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
     */
     if( pTabItem->fg.viaCoroutine ){
       testcase( pParse->db->mallocFailed );
+      assert( pTabItem->regResult>=0 );
       translateColumnToCopy(pParse, pLevel->addrBody, pLevel->iTabCur,
                             pTabItem->regResult, 0);
       continue;
@@ -167757,16 +169308,10 @@ SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
             ** reference.  Verify that this is harmless - that the
             ** table being referenced really is open.
             */
-#ifdef SQLITE_ENABLE_OFFSET_SQL_FUNC
-            assert( (pLoop->wsFlags & WHERE_IDX_ONLY)==0
-                 || cursorIsOpen(v,pOp->p1,k)
-                 || pOp->opcode==OP_Offset
-            );
-#else
-            assert( (pLoop->wsFlags & WHERE_IDX_ONLY)==0
-                 || cursorIsOpen(v,pOp->p1,k)
-            );
-#endif
+            if( pLoop->wsFlags & WHERE_IDX_ONLY ){
+              sqlite3ErrorMsg(pParse, "internal query planner error");
+              pParse->rc = SQLITE_INTERNAL;
+            }
           }
         }else if( pOp->opcode==OP_Rowid ){
           pOp->p1 = pLevel->iIdxCur;
@@ -168967,7 +170512,7 @@ SQLITE_PRIVATE void sqlite3WindowListDelete(sqlite3 *db, Window *p){
 ** variable values in the expression tree.
 */
 static Expr *sqlite3WindowOffsetExpr(Parse *pParse, Expr *pExpr){
-  if( 0==sqlite3ExprIsConstant(pExpr) ){
+  if( 0==sqlite3ExprIsConstant(0,pExpr) ){
     if( IN_RENAME_OBJECT ) sqlite3RenameExprUnmap(pParse, pExpr);
     sqlite3ExprDelete(pParse->db, pExpr);
     pExpr = sqlite3ExprAlloc(pParse->db, TK_NULL, 0, 0);
@@ -171037,9 +172582,9 @@ static void updateDeleteLimitError(
           break;
         }
       }
-      if( (p->selFlags & SF_MultiValue)==0 &&
-        (mxSelect = pParse->db->aLimit[SQLITE_LIMIT_COMPOUND_SELECT])>0 &&
-        cnt>mxSelect
+      if( (p->selFlags & (SF_MultiValue|SF_Values))==0
+       && (mxSelect = pParse->db->aLimit[SQLITE_LIMIT_COMPOUND_SELECT])>0
+       && cnt>mxSelect
       ){
         sqlite3ErrorMsg(pParse, "too many terms in compound SELECT");
       }
@@ -171059,6 +172604,14 @@ static void updateDeleteLimitError(
     return pSelect;
   }
 
+  /* Memory allocator for parser stack resizing.  This is a thin wrapper around
+  ** sqlite3_realloc() that includes a call to sqlite3FaultSim() to facilitate
+  ** testing.
+  */
+  static void *parserStackRealloc(void *pOld, sqlite3_uint64 newSize){
+    return sqlite3FaultSim(700) ? 0 : sqlite3_realloc(pOld, newSize);
+  }
+
 
   /* Construct a new Expr object from a single token */
   static Expr *tokenExpr(Parse *pParse, int op, Token t){
@@ -171308,8 +172861,8 @@ static void updateDeleteLimitError(
 #define TK_TRUEFALSE                      170
 #define TK_ISNOT                          171
 #define TK_FUNCTION                       172
-#define TK_UMINUS                         173
-#define TK_UPLUS                          174
+#define TK_UPLUS                          173
+#define TK_UMINUS                         174
 #define TK_TRUTH                          175
 #define TK_REGISTER                       176
 #define TK_VECTOR                         177
@@ -171318,8 +172871,9 @@ static void updateDeleteLimitError(
 #define TK_ASTERISK                       180
 #define TK_SPAN                           181
 #define TK_ERROR                          182
-#define TK_SPACE                          183
-#define TK_ILLEGAL                        184
+#define TK_QNUMBER                        183
+#define TK_SPACE                          184
+#define TK_ILLEGAL                        185
 #endif
 /**************** End token definitions ***************************************/
 
@@ -171360,6 +172914,9 @@ static void updateDeleteLimitError(
 **    sqlite3ParserARG_STORE     Code to store %extra_argument into yypParser
 **    sqlite3ParserARG_FETCH     Code to extract %extra_argument from yypParser
 **    sqlite3ParserCTX_*         As sqlite3ParserARG_ except for %extra_context
+**    YYREALLOC          Name of the realloc() function to use
+**    YYFREE             Name of the free() function to use
+**    YYDYNSTACK         True if stack space should be extended on heap
 **    YYERRORSYMBOL      is the code number of the error symbol.  If not
 **                       defined, then do no error processing.
 **    YYNSTATE           the combined number of states.
@@ -171373,37 +172930,39 @@ static void updateDeleteLimitError(
 **    YY_NO_ACTION       The yy_action[] code for no-op
 **    YY_MIN_REDUCE      Minimum value for reduce actions
 **    YY_MAX_REDUCE      Maximum value for reduce actions
+**    YY_MIN_DSTRCTR     Minimum symbol value that has a destructor
+**    YY_MAX_DSTRCTR     Maximum symbol value that has a destructor
 */
 #ifndef INTERFACE
 # define INTERFACE 1
 #endif
 /************* Begin control #defines *****************************************/
 #define YYCODETYPE unsigned short int
-#define YYNOCODE 319
+#define YYNOCODE 322
 #define YYACTIONTYPE unsigned short int
 #define YYWILDCARD 101
 #define sqlite3ParserTOKENTYPE Token
 typedef union {
   int yyinit;
   sqlite3ParserTOKENTYPE yy0;
-  TriggerStep* yy33;
-  Window* yy41;
-  Select* yy47;
-  SrcList* yy131;
-  struct TrigEvent yy180;
-  struct {int value; int mask;} yy231;
-  IdList* yy254;
-  u32 yy285;
-  ExprList* yy322;
-  Cte* yy385;
-  int yy394;
-  Upsert* yy444;
-  u8 yy516;
-  With* yy521;
-  const char* yy522;
-  Expr* yy528;
-  OnOrUsing yy561;
-  struct FrameBound yy595;
+  ExprList* yy14;
+  With* yy59;
+  Cte* yy67;
+  Upsert* yy122;
+  IdList* yy132;
+  int yy144;
+  const char* yy168;
+  SrcList* yy203;
+  Window* yy211;
+  OnOrUsing yy269;
+  struct TrigEvent yy286;
+  struct {int value; int mask;} yy383;
+  u32 yy391;
+  TriggerStep* yy427;
+  Expr* yy454;
+  u8 yy462;
+  struct FrameBound yy509;
+  Select* yy555;
 } YYMINORTYPE;
 #ifndef YYSTACKDEPTH
 #define YYSTACKDEPTH 100
@@ -171413,24 +172972,29 @@ typedef union {
 #define sqlite3ParserARG_PARAM
 #define sqlite3ParserARG_FETCH
 #define sqlite3ParserARG_STORE
+#define YYREALLOC parserStackRealloc
+#define YYFREE sqlite3_free
+#define YYDYNSTACK 1
 #define sqlite3ParserCTX_SDECL Parse *pParse;
 #define sqlite3ParserCTX_PDECL ,Parse *pParse
 #define sqlite3ParserCTX_PARAM ,pParse
 #define sqlite3ParserCTX_FETCH Parse *pParse=yypParser->pParse;
 #define sqlite3ParserCTX_STORE yypParser->pParse=pParse;
 #define YYFALLBACK 1
-#define YYNSTATE             579
-#define YYNRULE              405
-#define YYNRULE_WITH_ACTION  340
-#define YYNTOKEN             185
-#define YY_MAX_SHIFT         578
-#define YY_MIN_SHIFTREDUCE   838
-#define YY_MAX_SHIFTREDUCE   1242
-#define YY_ERROR_ACTION      1243
-#define YY_ACCEPT_ACTION     1244
-#define YY_NO_ACTION         1245
-#define YY_MIN_REDUCE        1246
-#define YY_MAX_REDUCE        1650
+#define YYNSTATE             583
+#define YYNRULE              409
+#define YYNRULE_WITH_ACTION  344
+#define YYNTOKEN             186
+#define YY_MAX_SHIFT         582
+#define YY_MIN_SHIFTREDUCE   845
+#define YY_MAX_SHIFTREDUCE   1253
+#define YY_ERROR_ACTION      1254
+#define YY_ACCEPT_ACTION     1255
+#define YY_NO_ACTION         1256
+#define YY_MIN_REDUCE        1257
+#define YY_MAX_REDUCE        1665
+#define YY_MIN_DSTRCTR       205
+#define YY_MAX_DSTRCTR       319
 /************* End control #defines *******************************************/
 #define YY_NLOOKAHEAD ((int)(sizeof(yy_lookahead)/sizeof(yy_lookahead[0])))
 
@@ -171446,6 +173010,22 @@ typedef union {
 # define yytestcase(X)
 #endif
 
+/* Macro to determine if stack space has the ability to grow using
+** heap memory.
+*/
+#if YYSTACKDEPTH<=0 || YYDYNSTACK
+# define YYGROWABLESTACK 1
+#else
+# define YYGROWABLESTACK 0
+#endif
+
+/* Guarantee a minimum number of initial stack slots.
+*/
+#if YYSTACKDEPTH<=0
+# undef YYSTACKDEPTH
+# define YYSTACKDEPTH 2  /* Need a minimum stack size */
+#endif
+
 
 /* Next are the tables used to determine what action to take based on the
 ** current state and lookahead token.  These tables are used to implement
@@ -171497,619 +173077,630 @@ typedef union {
 **  yy_default[]       Default action for each state.
 **
 *********** Begin parsing tables **********************************************/
-#define YY_ACTTAB_COUNT (2100)
+#define YY_ACTTAB_COUNT (2142)
 static const YYACTIONTYPE yy_action[] = {
- /*     0 */   572,  210,  572,  119,  116,  231,  572,  119,  116,  231,
- /*    10 */   572, 1317,  379, 1296,  410,  566,  566,  566,  572,  411,
- /*    20 */   380, 1317, 1279,   42,   42,   42,   42,  210, 1529,   72,
- /*    30 */    72,  974,  421,   42,   42,  495,  305,  281,  305,  975,
- /*    40 */   399,   72,   72,  126,  127,   81, 1217, 1217, 1054, 1057,
- /*    50 */  1044, 1044,  124,  124,  125,  125,  125,  125,  480,  411,
- /*    60 */  1244,    1,    1,  578,    2, 1248,  554,  119,  116,  231,
- /*    70 */   319,  484,  147,  484,  528,  119,  116,  231,  533, 1330,
- /*    80 */   419,  527,  143,  126,  127,   81, 1217, 1217, 1054, 1057,
- /*    90 */  1044, 1044,  124,  124,  125,  125,  125,  125,  119,  116,
- /*   100 */   231,  329,  123,  123,  123,  123,  122,  122,  121,  121,
- /*   110 */   121,  120,  117,  448,  286,  286,  286,  286,  446,  446,
- /*   120 */   446, 1568,  378, 1570, 1193,  377, 1164,  569, 1164,  569,
- /*   130 */   411, 1568,  541,  261,  228,  448,  102,  146,  453,  318,
- /*   140 */   563,  242,  123,  123,  123,  123,  122,  122,  121,  121,
- /*   150 */   121,  120,  117,  448,  126,  127,   81, 1217, 1217, 1054,
- /*   160 */  1057, 1044, 1044,  124,  124,  125,  125,  125,  125,  143,
- /*   170 */   296, 1193,  341,  452,  121,  121,  121,  120,  117,  448,
- /*   180 */   128, 1193, 1194, 1193,  149,  445,  444,  572,  120,  117,
- /*   190 */   448,  125,  125,  125,  125,  118,  123,  123,  123,  123,
- /*   200 */   122,  122,  121,  121,  121,  120,  117,  448,  458,  114,
- /*   210 */    13,   13,  550,  123,  123,  123,  123,  122,  122,  121,
- /*   220 */   121,  121,  120,  117,  448,  424,  318,  563, 1193, 1194,
- /*   230 */  1193,  150, 1225,  411, 1225,  125,  125,  125,  125,  123,
- /*   240 */   123,  123,  123,  122,  122,  121,  121,  121,  120,  117,
- /*   250 */   448,  469,  344, 1041, 1041, 1055, 1058,  126,  127,   81,
- /*   260 */  1217, 1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,
- /*   270 */   125,  125, 1282,  526,  224, 1193,  572,  411,  226,  519,
- /*   280 */   177,   83,   84,  123,  123,  123,  123,  122,  122,  121,
- /*   290 */   121,  121,  120,  117,  448, 1010,   16,   16, 1193,  134,
- /*   300 */   134,  126,  127,   81, 1217, 1217, 1054, 1057, 1044, 1044,
- /*   310 */   124,  124,  125,  125,  125,  125,  123,  123,  123,  123,
- /*   320 */   122,  122,  121,  121,  121,  120,  117,  448, 1045,  550,
- /*   330 */  1193,  375, 1193, 1194, 1193,  254, 1438,  401,  508,  505,
- /*   340 */   504,  112,  564,  570,    4,  929,  929,  435,  503,  342,
- /*   350 */   464,  330,  362,  396, 1238, 1193, 1194, 1193,  567,  572,
- /*   360 */   123,  123,  123,  123,  122,  122,  121,  121,  121,  120,
- /*   370 */   117,  448,  286,  286,  371, 1581, 1607,  445,  444,  155,
- /*   380 */   411,  449,   72,   72, 1289,  569, 1222, 1193, 1194, 1193,
- /*   390 */    86, 1224,  273,  561,  547,  520,  520,  572,   99, 1223,
- /*   400 */     6, 1281,  476,  143,  126,  127,   81, 1217, 1217, 1054,
- /*   410 */  1057, 1044, 1044,  124,  124,  125,  125,  125,  125,  554,
- /*   420 */    13,   13, 1031,  511, 1225, 1193, 1225,  553,  110,  110,
- /*   430 */   224,  572, 1239,  177,  572,  429,  111,  199,  449,  573,
- /*   440 */   449,  432, 1555, 1019,  327,  555, 1193,  272,  289,  370,
- /*   450 */   514,  365,  513,  259,   72,   72,  547,   72,   72,  361,
- /*   460 */   318,  563, 1613,  123,  123,  123,  123,  122,  122,  121,
- /*   470 */   121,  121,  120,  117,  448, 1019, 1019, 1021, 1022,   28,
- /*   480 */   286,  286, 1193, 1194, 1193, 1159,  572, 1612,  411,  904,
- /*   490 */   192,  554,  358,  569,  554,  940,  537,  521, 1159,  437,
- /*   500 */   415, 1159,  556, 1193, 1194, 1193,  572,  548,  548,   52,
- /*   510 */    52,  216,  126,  127,   81, 1217, 1217, 1054, 1057, 1044,
- /*   520 */  1044,  124,  124,  125,  125,  125,  125, 1193,  478,  136,
- /*   530 */   136,  411,  286,  286, 1493,  509,  122,  122,  121,  121,
- /*   540 */   121,  120,  117,  448, 1010,  569,  522,  219,  545,  545,
- /*   550 */   318,  563,  143,    6,  536,  126,  127,   81, 1217, 1217,
- /*   560 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
- /*   570 */  1557,  123,  123,  123,  123,  122,  122,  121,  121,  121,
- /*   580 */   120,  117,  448,  489, 1193, 1194, 1193,  486,  283, 1270,
- /*   590 */   960,  254, 1193,  375,  508,  505,  504, 1193,  342,  574,
- /*   600 */  1193,  574,  411,  294,  503,  960,  879,  193,  484,  318,
- /*   610 */   563,  386,  292,  382,  123,  123,  123,  123,  122,  122,
- /*   620 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
- /*   630 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
- /*   640 */   125,  411,  396, 1139, 1193,  872,  101,  286,  286, 1193,
- /*   650 */  1194, 1193,  375, 1096, 1193, 1194, 1193, 1193, 1194, 1193,
- /*   660 */   569,  459,   33,  375,  235,  126,  127,   81, 1217, 1217,
- /*   670 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
- /*   680 */  1437,  962,  572,  230,  961,  123,  123,  123,  123,  122,
- /*   690 */   122,  121,  121,  121,  120,  117,  448, 1159,  230, 1193,
- /*   700 */   158, 1193, 1194, 1193, 1556,   13,   13,  303,  960, 1233,
- /*   710 */  1159,  154,  411, 1159,  375, 1584, 1177,    5,  371, 1581,
- /*   720 */   431, 1239,    3,  960,  123,  123,  123,  123,  122,  122,
- /*   730 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
- /*   740 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
- /*   750 */   125,  411,  210,  571, 1193, 1032, 1193, 1194, 1193, 1193,
- /*   760 */   390,  855,  156, 1555,  376,  404, 1101, 1101,  492,  572,
- /*   770 */   469,  344, 1322, 1322, 1555,  126,  127,   81, 1217, 1217,
- /*   780 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
- /*   790 */   130,  572,   13,   13,  532,  123,  123,  123,  123,  122,
- /*   800 */   122,  121,  121,  121,  120,  117,  448,  304,  572,  457,
- /*   810 */   229, 1193, 1194, 1193,   13,   13, 1193, 1194, 1193, 1300,
- /*   820 */   467, 1270,  411, 1320, 1320, 1555, 1015,  457,  456,  436,
- /*   830 */   301,   72,   72, 1268,  123,  123,  123,  123,  122,  122,
- /*   840 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
- /*   850 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
- /*   860 */   125,  411,  384, 1076, 1159,  286,  286,  421,  314,  280,
- /*   870 */   280,  287,  287,  461,  408,  407, 1539, 1159,  569,  572,
- /*   880 */  1159, 1196,  569,  409,  569,  126,  127,   81, 1217, 1217,
- /*   890 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
- /*   900 */   457, 1485,   13,   13, 1541,  123,  123,  123,  123,  122,
- /*   910 */   122,  121,  121,  121,  120,  117,  448,  202,  572,  462,
- /*   920 */  1587,  578,    2, 1248,  843,  844,  845, 1563,  319,  409,
- /*   930 */   147,    6,  411,  257,  256,  255,  208, 1330,    9, 1196,
- /*   940 */   264,   72,   72, 1436,  123,  123,  123,  123,  122,  122,
- /*   950 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
- /*   960 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
- /*   970 */   125,  572,  286,  286,  572, 1213,  411,  577,  315, 1248,
- /*   980 */   421,  371, 1581,  356,  319,  569,  147,  495,  529, 1644,
- /*   990 */   397,  935,  495, 1330,   71,   71,  934,   72,   72,  242,
- /*  1000 */  1328,  105,   81, 1217, 1217, 1054, 1057, 1044, 1044,  124,
- /*  1010 */   124,  125,  125,  125,  125,  123,  123,  123,  123,  122,
- /*  1020 */   122,  121,  121,  121,  120,  117,  448, 1117,  286,  286,
- /*  1030 */  1422,  452, 1528, 1213,  443,  286,  286, 1492, 1355,  313,
- /*  1040 */   478,  569, 1118,  454,  351,  495,  354, 1266,  569,  209,
- /*  1050 */   572,  418,  179,  572, 1031,  242,  385, 1119,  523,  123,
- /*  1060 */   123,  123,  123,  122,  122,  121,  121,  121,  120,  117,
- /*  1070 */   448, 1020,  108,   72,   72, 1019,   13,   13,  915,  572,
- /*  1080 */  1498,  572,  286,  286,   98,  530, 1537,  452,  916, 1334,
- /*  1090 */  1329,  203,  411,  286,  286,  569,  152,  211, 1498, 1500,
- /*  1100 */   426,  569,   56,   56,   57,   57,  569, 1019, 1019, 1021,
- /*  1110 */   447,  572,  411,  531,   12,  297,  126,  127,   81, 1217,
- /*  1120 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
- /*  1130 */   125,  572,  411,  867,   15,   15,  126,  127,   81, 1217,
- /*  1140 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
- /*  1150 */   125,  373,  529,  264,   44,   44,  126,  115,   81, 1217,
- /*  1160 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
- /*  1170 */   125, 1498,  478, 1271,  417,  123,  123,  123,  123,  122,
- /*  1180 */   122,  121,  121,  121,  120,  117,  448,  205, 1213,  495,
- /*  1190 */   430,  867,  468,  322,  495,  123,  123,  123,  123,  122,
- /*  1200 */   122,  121,  121,  121,  120,  117,  448,  572,  557, 1140,
- /*  1210 */  1642, 1422, 1642,  543,  572,  123,  123,  123,  123,  122,
- /*  1220 */   122,  121,  121,  121,  120,  117,  448,  572, 1422,  572,
- /*  1230 */    13,   13,  542,  323, 1325,  411,  334,   58,   58,  349,
- /*  1240 */  1422, 1170,  326,  286,  286,  549, 1213,  300,  895,  530,
- /*  1250 */    45,   45,   59,   59, 1140, 1643,  569, 1643,  565,  417,
- /*  1260 */   127,   81, 1217, 1217, 1054, 1057, 1044, 1044,  124,  124,
- /*  1270 */   125,  125,  125,  125, 1367,  373,  500,  290, 1193,  512,
- /*  1280 */  1366,  427,  394,  394,  393,  275,  391,  896, 1138,  852,
- /*  1290 */   478,  258, 1422, 1170,  463, 1159,   12,  331,  428,  333,
- /*  1300 */  1117,  460,  236,  258,  325,  460,  544, 1544, 1159, 1098,
- /*  1310 */   491, 1159,  324, 1098,  440, 1118,  335,  516,  123,  123,
- /*  1320 */   123,  123,  122,  122,  121,  121,  121,  120,  117,  448,
- /*  1330 */  1119,  318,  563, 1138,  572, 1193, 1194, 1193,  112,  564,
- /*  1340 */   201,    4,  238,  433,  935,  490,  285,  228, 1517,  934,
- /*  1350 */   170,  560,  572,  142, 1516,  567,  572,   60,   60,  572,
- /*  1360 */   416,  572,  441,  572,  535,  302,  875,    8,  487,  572,
- /*  1370 */   237,  572,  416,  572,  485,   61,   61,  572,  449,   62,
- /*  1380 */    62,  332,   63,   63,   46,   46,   47,   47,  361,  572,
- /*  1390 */   561,  572,   48,   48,   50,   50,   51,   51,  572,  295,
- /*  1400 */    64,   64,  482,  295,  539,  412,  471, 1031,  572,  538,
- /*  1410 */   318,  563,   65,   65,   66,   66,  409,  475,  572, 1031,
- /*  1420 */   572,   14,   14,  875, 1020,  110,  110,  409, 1019,  572,
- /*  1430 */   474,   67,   67,  111,  455,  449,  573,  449,   98,  317,
- /*  1440 */  1019,  132,  132,  133,  133,  572, 1561,  572,  974,  409,
- /*  1450 */     6, 1562,   68,   68, 1560,    6,  975,  572,    6, 1559,
- /*  1460 */  1019, 1019, 1021,    6,  346,  218,  101,  531,   53,   53,
- /*  1470 */    69,   69, 1019, 1019, 1021, 1022,   28, 1586, 1181,  451,
- /*  1480 */    70,   70,  290,   87,  215,   31, 1363,  394,  394,  393,
- /*  1490 */   275,  391,  350,  109,  852,  107,  572,  112,  564,  483,
- /*  1500 */     4, 1212,  572,  239,  153,  572,   39,  236, 1299,  325,
- /*  1510 */   112,  564, 1298,    4,  567,  572,   32,  324,  572,   54,
- /*  1520 */    54,  572, 1135,  353,  398,  165,  165,  567,  166,  166,
- /*  1530 */   572,  291,  355,  572,   17,  357,  572,  449,   77,   77,
- /*  1540 */  1313,   55,   55, 1297,   73,   73,  572,  238,  470,  561,
- /*  1550 */   449,  472,  364,  135,  135,  170,   74,   74,  142,  163,
- /*  1560 */   163,  374,  561,  539,  572,  321,  572,  886,  540,  137,
- /*  1570 */   137,  339, 1353,  422,  298,  237,  539,  572, 1031,  572,
- /*  1580 */   340,  538,  101,  369,  110,  110,  162,  131,  131,  164,
- /*  1590 */   164, 1031,  111,  368,  449,  573,  449,  110,  110, 1019,
- /*  1600 */   157,  157,  141,  141,  572,  111,  572,  449,  573,  449,
- /*  1610 */   412,  288, 1019,  572,  882,  318,  563,  572,  219,  572,
- /*  1620 */   241, 1012,  477,  263,  263,  894,  893,  140,  140,  138,
- /*  1630 */   138, 1019, 1019, 1021, 1022,   28,  139,  139,  525,  455,
- /*  1640 */    76,   76,   78,   78, 1019, 1019, 1021, 1022,   28, 1181,
- /*  1650 */   451,  572, 1083,  290,  112,  564, 1575,    4,  394,  394,
- /*  1660 */   393,  275,  391,  572, 1023,  852,  572,  479,  345,  263,
- /*  1670 */   101,  567,  882, 1376,   75,   75, 1421,  501,  236,  260,
- /*  1680 */   325,  112,  564,  359,    4,  101,   43,   43,  324,   49,
- /*  1690 */    49,  901,  902,  161,  449,  101,  977,  978,  567, 1079,
- /*  1700 */  1349,  260,  965,  932,  263,  114,  561, 1095,  517, 1095,
- /*  1710 */  1083, 1094,  865, 1094,  151,  933, 1144,  114,  238, 1361,
- /*  1720 */   558,  449, 1023,  559, 1426, 1278,  170, 1269, 1257,  142,
- /*  1730 */  1601, 1256, 1258,  561, 1594, 1031,  496,  278,  213, 1346,
- /*  1740 */   310,  110,  110,  939,  311,  312,  237,   11,  234,  111,
- /*  1750 */   221,  449,  573,  449,  293,  395, 1019, 1408,  337, 1403,
- /*  1760 */  1396,  338, 1031,  299,  343, 1413, 1412,  481,  110,  110,
- /*  1770 */   506,  402,  225, 1296,  206,  367,  111, 1358,  449,  573,
- /*  1780 */   449,  412, 1359, 1019, 1489, 1488,  318,  563, 1019, 1019,
- /*  1790 */  1021, 1022,   28,  562,  207,  220,   80,  564,  389,    4,
- /*  1800 */  1597, 1357,  552, 1356, 1233,  181,  267,  232, 1536, 1534,
- /*  1810 */   455, 1230,  420,  567,   82, 1019, 1019, 1021, 1022,   28,
- /*  1820 */    86,  217,   85, 1494,  190,  175,  183,  465,  185,  466,
- /*  1830 */    36, 1409,  186,  187,  188,  499,  449,  244,   37,   99,
- /*  1840 */   400, 1415, 1414,  488, 1417,  194,  473,  403,  561, 1483,
- /*  1850 */   248,   92, 1505,  494,  198,  279,  112,  564,  250,    4,
- /*  1860 */   348,  497,  405,  352, 1259,  251,  252,  515, 1316,  434,
- /*  1870 */  1315, 1314,   94,  567, 1307,  886, 1306, 1031,  226,  406,
- /*  1880 */  1611, 1610,  438,  110,  110, 1580, 1286,  524,  439,  308,
- /*  1890 */   266,  111, 1285,  449,  573,  449,  449,  309, 1019,  366,
- /*  1900 */  1284, 1609,  265, 1566, 1565,  442,  372, 1381,  561,  129,
- /*  1910 */   550, 1380,   10, 1470,  383,  106,  316,  551,  100,   35,
- /*  1920 */   534,  575,  212, 1339,  381,  387, 1187, 1338,  274,  276,
- /*  1930 */  1019, 1019, 1021, 1022,   28,  277,  413, 1031,  576, 1254,
- /*  1940 */   388, 1521, 1249,  110,  110,  167, 1522,  168,  148, 1520,
- /*  1950 */  1519,  111,  306,  449,  573,  449,  222,  223, 1019,  839,
- /*  1960 */   169,   79,  450,  214,  414,  233,  320,  145, 1093, 1091,
- /*  1970 */   328,  182,  171, 1212,  918,  184,  240,  336,  243, 1107,
- /*  1980 */   189,  172,  173,  423,  425,   88,  180,  191,   89,   90,
- /*  1990 */  1019, 1019, 1021, 1022,   28,   91,  174, 1110,  245, 1106,
- /*  2000 */   246,  159,   18,  247,  347, 1099,  263,  195, 1227,  493,
- /*  2010 */   249,  196,   38,  854,  498,  368,  253,  360,  897,  197,
- /*  2020 */   502,   93,   19,   20,  507,  884,  363,  510,   95,  307,
- /*  2030 */   160,   96,  518,   97, 1175, 1060, 1146,   40,   21,  227,
- /*  2040 */   176, 1145,  282,  284,  969,  200,  963,  114,  262, 1165,
- /*  2050 */    22,   23,   24, 1161, 1169,   25, 1163, 1150,   34,   26,
- /*  2060 */  1168,  546,   27,  204,  101,  103,  104, 1074,    7, 1061,
- /*  2070 */  1059, 1063, 1116, 1064, 1115,  268,  269,   29,   41,  270,
- /*  2080 */  1024,  866,  113,   30,  568,  392, 1183,  144,  178, 1182,
- /*  2090 */   271,  928, 1245, 1245, 1245, 1245, 1245, 1245, 1245, 1602,
+ /*     0 */   576,  128,  125,  232, 1622,  549,  576, 1290, 1281,  576,
+ /*    10 */   328,  576, 1300,  212,  576,  128,  125,  232,  578,  412,
+ /*    20 */   578,  391, 1542,   51,   51,  523,  405, 1293,  529,   51,
+ /*    30 */    51,  983,   51,   51,   81,   81, 1107,   61,   61,  984,
+ /*    40 */  1107, 1292,  380,  135,  136,   90, 1228, 1228, 1063, 1066,
+ /*    50 */  1053, 1053,  133,  133,  134,  134,  134,  134, 1577,  412,
+ /*    60 */   287,  287,    7,  287,  287,  422, 1050, 1050, 1064, 1067,
+ /*    70 */   289,  556,  492,  573,  524,  561,  573,  497,  561,  482,
+ /*    80 */   530,  262,  229,  135,  136,   90, 1228, 1228, 1063, 1066,
+ /*    90 */  1053, 1053,  133,  133,  134,  134,  134,  134,  128,  125,
+ /*   100 */   232, 1506,  132,  132,  132,  132,  131,  131,  130,  130,
+ /*   110 */   130,  129,  126,  450, 1204, 1255,    1,    1,  582,    2,
+ /*   120 */  1259, 1571,  420, 1582,  379,  320, 1174,  153, 1174, 1584,
+ /*   130 */   412,  378, 1582,  543, 1341,  330,  111,  570,  570,  570,
+ /*   140 */   293, 1054,  132,  132,  132,  132,  131,  131,  130,  130,
+ /*   150 */   130,  129,  126,  450,  135,  136,   90, 1228, 1228, 1063,
+ /*   160 */  1066, 1053, 1053,  133,  133,  134,  134,  134,  134,  287,
+ /*   170 */   287, 1204, 1205, 1204,  255,  287,  287,  510,  507,  506,
+ /*   180 */   137,  455,  573,  212,  561,  447,  446,  505,  573, 1616,
+ /*   190 */   561,  134,  134,  134,  134,  127,  400,  243,  132,  132,
+ /*   200 */   132,  132,  131,  131,  130,  130,  130,  129,  126,  450,
+ /*   210 */   282,  471,  345,  132,  132,  132,  132,  131,  131,  130,
+ /*   220 */   130,  130,  129,  126,  450,  574,  155,  936,  936,  454,
+ /*   230 */   227,  521, 1236,  412, 1236,  134,  134,  134,  134,  132,
+ /*   240 */   132,  132,  132,  131,  131,  130,  130,  130,  129,  126,
+ /*   250 */   450,  130,  130,  130,  129,  126,  450,  135,  136,   90,
+ /*   260 */  1228, 1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,
+ /*   270 */   134,  134,  128,  125,  232,  450,  576,  412,  397, 1249,
+ /*   280 */   180,   92,   93,  132,  132,  132,  132,  131,  131,  130,
+ /*   290 */   130,  130,  129,  126,  450,  381,  387, 1204,  383,   81,
+ /*   300 */    81,  135,  136,   90, 1228, 1228, 1063, 1066, 1053, 1053,
+ /*   310 */   133,  133,  134,  134,  134,  134,  132,  132,  132,  132,
+ /*   320 */   131,  131,  130,  130,  130,  129,  126,  450,  131,  131,
+ /*   330 */   130,  130,  130,  129,  126,  450,  556, 1204,  302,  319,
+ /*   340 */   567,  121,  568,  480,    4,  555, 1149, 1657, 1628, 1657,
+ /*   350 */    45,  128,  125,  232, 1204, 1205, 1204, 1250,  571, 1169,
+ /*   360 */   132,  132,  132,  132,  131,  131,  130,  130,  130,  129,
+ /*   370 */   126,  450, 1169,  287,  287, 1169, 1019,  576,  422, 1019,
+ /*   380 */   412,  451, 1602,  582,    2, 1259,  573,   44,  561,   95,
+ /*   390 */   320,  110,  153,  565, 1204, 1205, 1204,  522,  522, 1341,
+ /*   400 */    81,   81,    7,   44,  135,  136,   90, 1228, 1228, 1063,
+ /*   410 */  1066, 1053, 1053,  133,  133,  134,  134,  134,  134,  295,
+ /*   420 */  1149, 1658, 1040, 1658, 1204, 1147,  319,  567,  119,  119,
+ /*   430 */   343,  466,  331,  343,  287,  287,  120,  556,  451,  577,
+ /*   440 */   451, 1169, 1169, 1028,  319,  567,  438,  573,  210,  561,
+ /*   450 */  1339, 1451,  546,  531, 1169, 1169, 1598, 1169, 1169,  416,
+ /*   460 */   319,  567,  243,  132,  132,  132,  132,  131,  131,  130,
+ /*   470 */   130,  130,  129,  126,  450, 1028, 1028, 1030, 1031,   35,
+ /*   480 */    44, 1204, 1205, 1204,  472,  287,  287, 1328,  412, 1307,
+ /*   490 */   372, 1595,  359,  225,  454, 1204,  195, 1328,  573, 1147,
+ /*   500 */   561, 1333, 1333,  274,  576, 1188,  576,  340,   46,  196,
+ /*   510 */   537,  217,  135,  136,   90, 1228, 1228, 1063, 1066, 1053,
+ /*   520 */  1053,  133,  133,  134,  134,  134,  134,   19,   19,   19,
+ /*   530 */    19,  412,  581, 1204, 1259,  511, 1204,  319,  567,  320,
+ /*   540 */   944,  153,  425,  491,  430,  943, 1204,  488, 1341, 1450,
+ /*   550 */   532, 1277, 1204, 1205, 1204,  135,  136,   90, 1228, 1228,
+ /*   560 */  1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,  134,
+ /*   570 */   575,  132,  132,  132,  132,  131,  131,  130,  130,  130,
+ /*   580 */   129,  126,  450,  287,  287,  528,  287,  287,  372, 1595,
+ /*   590 */  1204, 1205, 1204, 1204, 1205, 1204,  573,  486,  561,  573,
+ /*   600 */   889,  561,  412, 1204, 1205, 1204,  886,   40,   22,   22,
+ /*   610 */   220,  243,  525, 1449,  132,  132,  132,  132,  131,  131,
+ /*   620 */   130,  130,  130,  129,  126,  450,  135,  136,   90, 1228,
+ /*   630 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
+ /*   640 */   134,  412,  180,  454, 1204,  879,  255,  287,  287,  510,
+ /*   650 */   507,  506,  372, 1595, 1568, 1331, 1331,  576,  889,  505,
+ /*   660 */   573,   44,  561,  559, 1207,  135,  136,   90, 1228, 1228,
+ /*   670 */  1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,  134,
+ /*   680 */    81,   81,  422,  576,  377,  132,  132,  132,  132,  131,
+ /*   690 */   131,  130,  130,  130,  129,  126,  450,  297,  287,  287,
+ /*   700 */   460, 1204, 1205, 1204, 1204,  534,   19,   19,  448,  448,
+ /*   710 */   448,  573,  412,  561,  230,  436, 1187,  535,  319,  567,
+ /*   720 */   363,  432, 1207, 1435,  132,  132,  132,  132,  131,  131,
+ /*   730 */   130,  130,  130,  129,  126,  450,  135,  136,   90, 1228,
+ /*   740 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
+ /*   750 */   134,  412,  211,  949, 1169, 1041, 1110, 1110,  494,  547,
+ /*   760 */   547, 1204, 1205, 1204,    7,  539, 1570, 1169,  376,  576,
+ /*   770 */  1169,    5, 1204,  486,    3,  135,  136,   90, 1228, 1228,
+ /*   780 */  1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,  134,
+ /*   790 */   576,  513,   19,   19,  427,  132,  132,  132,  132,  131,
+ /*   800 */   131,  130,  130,  130,  129,  126,  450,  305, 1204,  433,
+ /*   810 */   225, 1204,  385,   19,   19,  273,  290,  371,  516,  366,
+ /*   820 */   515,  260,  412,  538, 1568,  549, 1024,  362,  437, 1204,
+ /*   830 */  1205, 1204,  902, 1552,  132,  132,  132,  132,  131,  131,
+ /*   840 */   130,  130,  130,  129,  126,  450,  135,  136,   90, 1228,
+ /*   850 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
+ /*   860 */   134,  412, 1435,  514, 1281, 1204, 1205, 1204, 1204, 1205,
+ /*   870 */  1204,  903,   48,  342, 1568, 1568, 1279, 1627, 1568,  911,
+ /*   880 */   576,  129,  126,  450,  110,  135,  136,   90, 1228, 1228,
+ /*   890 */  1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,  134,
+ /*   900 */   265,  576,  459,   19,   19,  132,  132,  132,  132,  131,
+ /*   910 */   131,  130,  130,  130,  129,  126,  450, 1345,  204,  576,
+ /*   920 */   459,  458,   50,   47,   19,   19,   49,  434, 1105,  573,
+ /*   930 */   497,  561,  412,  428,  108, 1224, 1569, 1554,  376,  205,
+ /*   940 */   550,  550,   81,   81,  132,  132,  132,  132,  131,  131,
+ /*   950 */   130,  130,  130,  129,  126,  450,  135,  136,   90, 1228,
+ /*   960 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
+ /*   970 */   134,  480,  576, 1204,  576, 1541,  412, 1435,  969,  315,
+ /*   980 */  1659,  398,  284,  497,  969,  893, 1569, 1569,  376,  376,
+ /*   990 */  1569,  461,  376, 1224,  459,   80,   80,   81,   81,  497,
+ /*  1000 */   374,  114,   90, 1228, 1228, 1063, 1066, 1053, 1053,  133,
+ /*  1010 */   133,  134,  134,  134,  134,  132,  132,  132,  132,  131,
+ /*  1020 */   131,  130,  130,  130,  129,  126,  450, 1204, 1505,  576,
+ /*  1030 */  1204, 1205, 1204, 1366,  316,  486,  281,  281,  497,  431,
+ /*  1040 */   557,  288,  288,  402, 1340,  471,  345,  298,  429,  573,
+ /*  1050 */   576,  561,   81,   81,  573,  374,  561,  971,  386,  132,
+ /*  1060 */   132,  132,  132,  131,  131,  130,  130,  130,  129,  126,
+ /*  1070 */   450,  231,  117,   81,   81,  287,  287,  231,  287,  287,
+ /*  1080 */   576, 1511,  576, 1336, 1204, 1205, 1204,  139,  573,  556,
+ /*  1090 */   561,  573,  412,  561,  441,  456,  969,  213,  558, 1511,
+ /*  1100 */  1513, 1550,  969,  143,  143,  145,  145, 1368,  314,  478,
+ /*  1110 */   444,  970,  412,  850,  851,  852,  135,  136,   90, 1228,
+ /*  1120 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
+ /*  1130 */   134,  357,  412,  397, 1148,  304,  135,  136,   90, 1228,
+ /*  1140 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
+ /*  1150 */   134, 1575,  323,    6,  862,    7,  135,  124,   90, 1228,
+ /*  1160 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
+ /*  1170 */   134,  409,  408, 1511,  212,  132,  132,  132,  132,  131,
+ /*  1180 */   131,  130,  130,  130,  129,  126,  450,  411,  118, 1204,
+ /*  1190 */   116,   10,  352,  265,  355,  132,  132,  132,  132,  131,
+ /*  1200 */   131,  130,  130,  130,  129,  126,  450,  576,  324,  306,
+ /*  1210 */   576,  306, 1250,  469,  158,  132,  132,  132,  132,  131,
+ /*  1220 */   131,  130,  130,  130,  129,  126,  450,  207, 1224, 1126,
+ /*  1230 */    65,   65,  470,   66,   66,  412,  447,  446,  882,  531,
+ /*  1240 */   335,  258,  257,  256, 1127, 1233, 1204, 1205, 1204,  327,
+ /*  1250 */  1235,  874,  159,  576,   16,  480, 1085, 1040, 1234, 1128,
+ /*  1260 */   136,   90, 1228, 1228, 1063, 1066, 1053, 1053,  133,  133,
+ /*  1270 */   134,  134,  134,  134, 1029,  576,   81,   81, 1028, 1040,
+ /*  1280 */   922,  576,  463, 1236,  576, 1236, 1224,  502,  107, 1435,
+ /*  1290 */   923,    6,  576,  410, 1498,  882, 1029,  480,   21,   21,
+ /*  1300 */  1028,  332, 1380,  334,   53,   53,  497,   81,   81,  874,
+ /*  1310 */  1028, 1028, 1030,  445,  259,   19,   19,  533,  132,  132,
+ /*  1320 */   132,  132,  131,  131,  130,  130,  130,  129,  126,  450,
+ /*  1330 */   551,  301, 1028, 1028, 1030,  107,  532,  545,  121,  568,
+ /*  1340 */  1188,    4, 1126, 1576,  449,  576,  462,    7, 1282,  418,
+ /*  1350 */   462,  350, 1435,  576,  518,  571,  544, 1127,  121,  568,
+ /*  1360 */   442,    4, 1188,  464,  533, 1180, 1223,    9,   67,   67,
+ /*  1370 */   487,  576, 1128,  303,  410,  571,   54,   54,  451,  576,
+ /*  1380 */   123,  944,  576,  417,  576,  333,  943, 1379,  576,  236,
+ /*  1390 */   565,  576, 1574,  564,   68,   68,    7,  576,  451,  362,
+ /*  1400 */   419,  182,   69,   69,  541,   70,   70,   71,   71,  540,
+ /*  1410 */   565,   72,   72,  484,   55,   55,  473, 1180,  296, 1040,
+ /*  1420 */    56,   56,  296,  493,  541,  119,  119,  410, 1573,  542,
+ /*  1430 */   569,  418,    7,  120, 1244,  451,  577,  451,  465, 1040,
+ /*  1440 */  1028,  576, 1557,  552,  476,  119,  119,  527,  259,  121,
+ /*  1450 */   568,  240,    4,  120,  576,  451,  577,  451,  576,  477,
+ /*  1460 */  1028,  576,  156,  576,   57,   57,  571,  576,  286,  229,
+ /*  1470 */   410,  336, 1028, 1028, 1030, 1031,   35,   59,   59,  219,
+ /*  1480 */   983,   60,   60,  220,   73,   73,   74,   74,  984,  451,
+ /*  1490 */    75,   75, 1028, 1028, 1030, 1031,   35,   96,  216,  291,
+ /*  1500 */   552,  565, 1188,  318,  395,  395,  394,  276,  392,  576,
+ /*  1510 */   485,  859,  474, 1311,  410,  541,  576,  417, 1530, 1144,
+ /*  1520 */   540,  399, 1188,  292,  237, 1153,  326,   38,   23,  576,
+ /*  1530 */  1040,  576,   20,   20,  325,  299,  119,  119,  164,   76,
+ /*  1540 */    76, 1529,  121,  568,  120,    4,  451,  577,  451,  203,
+ /*  1550 */   576, 1028,  141,  141,  142,  142,  576,  322,   39,  571,
+ /*  1560 */   341, 1021,  110,  264,  239,  901,  900,  423,  242,  908,
+ /*  1570 */   909,  370,  173,   77,   77,   43,  479, 1310,  264,   62,
+ /*  1580 */    62,  369,  451, 1028, 1028, 1030, 1031,   35, 1601, 1192,
+ /*  1590 */   453, 1092,  238,  291,  565,  163, 1309,  110,  395,  395,
+ /*  1600 */   394,  276,  392,  986,  987,  859,  481,  346,  264,  110,
+ /*  1610 */  1032,  489,  576, 1188,  503, 1088,  261,  261,  237,  576,
+ /*  1620 */   326,  121,  568, 1040,    4,  347, 1376,  413,  325,  119,
+ /*  1630 */   119,  948,  319,  567,  351,   78,   78,  120,  571,  451,
+ /*  1640 */   577,  451,   79,   79, 1028,  354,  356,  576,  360, 1092,
+ /*  1650 */   110,  576,  974,  942,  264,  123,  457,  358,  239,  576,
+ /*  1660 */   519,  451,  939, 1104,  123, 1104,  173,  576, 1032,   43,
+ /*  1670 */    63,   63, 1324,  565,  168,  168, 1028, 1028, 1030, 1031,
+ /*  1680 */    35,  576,  169,  169, 1308,  872,  238,  157, 1589,  576,
+ /*  1690 */    86,   86,  365,   89,  568,  375,    4, 1103,  941, 1103,
+ /*  1700 */   123,  576, 1040, 1389,   64,   64, 1188, 1434,  119,  119,
+ /*  1710 */   571,  576,   82,   82,  563,  576,  120,  165,  451,  577,
+ /*  1720 */   451,  413, 1362, 1028,  144,  144,  319,  567,  576, 1374,
+ /*  1730 */   562,  498,  279,  451,   83,   83, 1439,  576,  166,  166,
+ /*  1740 */   576, 1289,  554,  576, 1280,  565,  576,   12,  576, 1268,
+ /*  1750 */   457,  146,  146, 1267,  576, 1028, 1028, 1030, 1031,   35,
+ /*  1760 */   140,  140, 1269,  167,  167, 1609,  160,  160, 1359,  150,
+ /*  1770 */   150,  149,  149,  311, 1040,  576,  312,  147,  147,  313,
+ /*  1780 */   119,  119,  222,  235,  576, 1188,  396,  576,  120,  576,
+ /*  1790 */   451,  577,  451, 1192,  453, 1028,  508,  291,  148,  148,
+ /*  1800 */  1421, 1612,  395,  395,  394,  276,  392,   85,   85,  859,
+ /*  1810 */    87,   87,   84,   84,  553,  576,  294,  576, 1426,  338,
+ /*  1820 */   339, 1425,  237,  300,  326, 1416, 1409, 1028, 1028, 1030,
+ /*  1830 */  1031,   35,  325,  344,  403,  483,  226, 1307,   52,   52,
+ /*  1840 */    58,   58,  368, 1371, 1502,  566, 1501,  121,  568,  221,
+ /*  1850 */     4,  208,  268,  209,  390, 1244, 1549, 1188, 1372, 1370,
+ /*  1860 */  1369, 1547,  239,  184,  571,  233,  421, 1241,   95,  218,
+ /*  1870 */   173, 1507,  193,   43,   91,   94,  178,  186,  467,  188,
+ /*  1880 */   468, 1422,   13,  189,  190,  191,  501,  451,  245,  108,
+ /*  1890 */   238,  401, 1428, 1427, 1430,  475,  404, 1496,  197,  565,
+ /*  1900 */    14,  490,  249,  101, 1518,  496,  349,  280,  251,  201,
+ /*  1910 */   353,  499,  252,  406, 1270,  253,  517, 1327, 1326,  435,
+ /*  1920 */  1325, 1318,  103,  893, 1296,  413,  227,  407, 1040, 1626,
+ /*  1930 */   319,  567, 1625, 1297,  119,  119,  439,  367, 1317, 1295,
+ /*  1940 */  1624,  526,  120,  440,  451,  577,  451, 1594,  309, 1028,
+ /*  1950 */   310,  373,  266,  267,  457, 1580, 1579,  443,  138, 1394,
+ /*  1960 */   552, 1393,   11, 1483,  384,  115,  317, 1350,  109,  536,
+ /*  1970 */    42,  579,  382,  214, 1349,  388, 1198,  389,  275,  277,
+ /*  1980 */   278, 1028, 1028, 1030, 1031,   35,  580, 1265,  414, 1260,
+ /*  1990 */   170,  415,  183, 1534, 1535, 1533,  171,  154,  307, 1532,
+ /*  2000 */   846,  223,  224,   88,  452,  215,  172,  321,  234, 1102,
+ /*  2010 */   152, 1188, 1100,  329,  185,  174, 1223,  925,  187,  241,
+ /*  2020 */   337,  244, 1116,  192,  175,  176,  424,  426,   97,  194,
+ /*  2030 */    98,   99,  100,  177, 1119, 1115,  246,  247,  161,   24,
+ /*  2040 */   248,  348, 1238,  264, 1108,  250,  495,  199,  198,   15,
+ /*  2050 */   861,  500,  369,  254,  504,  509,  512,  200,  102,   25,
+ /*  2060 */   179,  361,   26,  364,  104,  891,  308,  162,  105,  904,
+ /*  2070 */   520,  106, 1185, 1069, 1155,   17,  228,   27, 1154,  283,
+ /*  2080 */   285,  263,  978,  202,  972,  123,   28, 1175,   29,   30,
+ /*  2090 */  1179, 1171,   31, 1173, 1160,   41,   32,  206,  548,   33,
+ /*  2100 */   110, 1178, 1083,    8,  112, 1070,  113, 1068, 1072,   34,
+ /*  2110 */  1073,  560, 1125,  269, 1124,  270,   36,   18, 1194, 1033,
+ /*  2120 */   873,  151,  122,   37,  393,  271,  272,  572,  181, 1193,
+ /*  2130 */  1256, 1256, 1256,  935, 1256, 1256, 1256, 1256, 1256, 1256,
+ /*  2140 */  1256, 1617,
 };
 static const YYCODETYPE yy_lookahead[] = {
- /*     0 */   193,  193,  193,  274,  275,  276,  193,  274,  275,  276,
- /*    10 */   193,  223,  219,  225,  206,  210,  211,  212,  193,   19,
- /*    20 */   219,  233,  216,  216,  217,  216,  217,  193,  295,  216,
- /*    30 */   217,   31,  193,  216,  217,  193,  228,  213,  230,   39,
- /*    40 */   206,  216,  217,   43,   44,   45,   46,   47,   48,   49,
- /*    50 */    50,   51,   52,   53,   54,   55,   56,   57,  193,   19,
- /*    60 */   185,  186,  187,  188,  189,  190,  253,  274,  275,  276,
- /*    70 */   195,  193,  197,  193,  261,  274,  275,  276,  253,  204,
- /*    80 */   238,  204,   81,   43,   44,   45,   46,   47,   48,   49,
- /*    90 */    50,   51,   52,   53,   54,   55,   56,   57,  274,  275,
- /*   100 */   276,  262,  102,  103,  104,  105,  106,  107,  108,  109,
- /*   110 */   110,  111,  112,  113,  239,  240,  239,  240,  210,  211,
- /*   120 */   212,  314,  315,  314,   59,  316,   86,  252,   88,  252,
- /*   130 */    19,  314,  315,  256,  257,  113,   25,   72,  296,  138,
- /*   140 */   139,  266,  102,  103,  104,  105,  106,  107,  108,  109,
+ /*     0 */   194,  276,  277,  278,  216,  194,  194,  217,  194,  194,
+ /*    10 */   194,  194,  224,  194,  194,  276,  277,  278,  204,   19,
+ /*    20 */   206,  202,  297,  217,  218,  205,  207,  217,  205,  217,
+ /*    30 */   218,   31,  217,  218,  217,  218,   29,  217,  218,   39,
+ /*    40 */    33,  217,  220,   43,   44,   45,   46,   47,   48,   49,
+ /*    50 */    50,   51,   52,   53,   54,   55,   56,   57,  312,   19,
+ /*    60 */   240,  241,  316,  240,  241,  194,   46,   47,   48,   49,
+ /*    70 */    22,  254,   65,  253,  254,  255,  253,  194,  255,  194,
+ /*    80 */   263,  258,  259,   43,   44,   45,   46,   47,   48,   49,
+ /*    90 */    50,   51,   52,   53,   54,   55,   56,   57,  276,  277,
+ /*   100 */   278,  285,  102,  103,  104,  105,  106,  107,  108,  109,
+ /*   110 */   110,  111,  112,  113,   59,  186,  187,  188,  189,  190,
+ /*   120 */   191,  310,  239,  317,  318,  196,   86,  198,   88,  317,
+ /*   130 */    19,  319,  317,  318,  205,  264,   25,  211,  212,  213,
+ /*   140 */   205,  121,  102,  103,  104,  105,  106,  107,  108,  109,
  /*   150 */   110,  111,  112,  113,   43,   44,   45,   46,   47,   48,
- /*   160 */    49,   50,   51,   52,   53,   54,   55,   56,   57,   81,
- /*   170 */   292,   59,  292,  298,  108,  109,  110,  111,  112,  113,
- /*   180 */    69,  116,  117,  118,   72,  106,  107,  193,  111,  112,
- /*   190 */   113,   54,   55,   56,   57,   58,  102,  103,  104,  105,
- /*   200 */   106,  107,  108,  109,  110,  111,  112,  113,  120,   25,
- /*   210 */   216,  217,  145,  102,  103,  104,  105,  106,  107,  108,
- /*   220 */   109,  110,  111,  112,  113,  231,  138,  139,  116,  117,
- /*   230 */   118,  164,  153,   19,  155,   54,   55,   56,   57,  102,
+ /*   160 */    49,   50,   51,   52,   53,   54,   55,   56,   57,  240,
+ /*   170 */   241,  116,  117,  118,  119,  240,  241,  122,  123,  124,
+ /*   180 */    69,  298,  253,  194,  255,  106,  107,  132,  253,  141,
+ /*   190 */   255,   54,   55,   56,   57,   58,  207,  268,  102,  103,
+ /*   200 */   104,  105,  106,  107,  108,  109,  110,  111,  112,  113,
+ /*   210 */   214,  128,  129,  102,  103,  104,  105,  106,  107,  108,
+ /*   220 */   109,  110,  111,  112,  113,  134,   25,  136,  137,  300,
+ /*   230 */   165,  166,  153,   19,  155,   54,   55,   56,   57,  102,
  /*   240 */   103,  104,  105,  106,  107,  108,  109,  110,  111,  112,
- /*   250 */   113,  128,  129,   46,   47,   48,   49,   43,   44,   45,
+ /*   250 */   113,  108,  109,  110,  111,  112,  113,   43,   44,   45,
  /*   260 */    46,   47,   48,   49,   50,   51,   52,   53,   54,   55,
- /*   270 */    56,   57,  216,  193,   25,   59,  193,   19,  165,  166,
- /*   280 */   193,   67,   24,  102,  103,  104,  105,  106,  107,  108,
- /*   290 */   109,  110,  111,  112,  113,   73,  216,  217,   59,  216,
- /*   300 */   217,   43,   44,   45,   46,   47,   48,   49,   50,   51,
+ /*   270 */    56,   57,  276,  277,  278,  113,  194,   19,   22,   23,
+ /*   280 */   194,   67,   24,  102,  103,  104,  105,  106,  107,  108,
+ /*   290 */   109,  110,  111,  112,  113,  220,  250,   59,  252,  217,
+ /*   300 */   218,   43,   44,   45,   46,   47,   48,   49,   50,   51,
  /*   310 */    52,   53,   54,   55,   56,   57,  102,  103,  104,  105,
- /*   320 */   106,  107,  108,  109,  110,  111,  112,  113,  121,  145,
- /*   330 */    59,  193,  116,  117,  118,  119,  273,  204,  122,  123,
- /*   340 */   124,   19,   20,  134,   22,  136,  137,   19,  132,  127,
- /*   350 */   128,  129,   24,   22,   23,  116,  117,  118,   36,  193,
+ /*   320 */   106,  107,  108,  109,  110,  111,  112,  113,  106,  107,
+ /*   330 */   108,  109,  110,  111,  112,  113,  254,   59,  205,  138,
+ /*   340 */   139,   19,   20,  194,   22,  263,   22,   23,  231,   25,
+ /*   350 */    72,  276,  277,  278,  116,  117,  118,  101,   36,   76,
  /*   360 */   102,  103,  104,  105,  106,  107,  108,  109,  110,  111,
- /*   370 */   112,  113,  239,  240,  311,  312,  215,  106,  107,  241,
- /*   380 */    19,   59,  216,  217,  223,  252,  115,  116,  117,  118,
- /*   390 */   151,  120,   26,   71,  193,  308,  309,  193,  149,  128,
- /*   400 */   313,  216,  269,   81,   43,   44,   45,   46,   47,   48,
- /*   410 */    49,   50,   51,   52,   53,   54,   55,   56,   57,  253,
- /*   420 */   216,  217,  100,   95,  153,   59,  155,  261,  106,  107,
- /*   430 */    25,  193,  101,  193,  193,  231,  114,   25,  116,  117,
- /*   440 */   118,  113,  304,  121,  193,  204,   59,  119,  120,  121,
- /*   450 */   122,  123,  124,  125,  216,  217,  193,  216,  217,  131,
- /*   460 */   138,  139,  230,  102,  103,  104,  105,  106,  107,  108,
+ /*   370 */   112,  113,   89,  240,  241,   92,   73,  194,  194,   73,
+ /*   380 */    19,   59,  188,  189,  190,  191,  253,   81,  255,  151,
+ /*   390 */   196,   25,  198,   71,  116,  117,  118,  311,  312,  205,
+ /*   400 */   217,  218,  316,   81,   43,   44,   45,   46,   47,   48,
+ /*   410 */    49,   50,   51,   52,   53,   54,   55,   56,   57,  270,
+ /*   420 */    22,   23,  100,   25,   59,  101,  138,  139,  106,  107,
+ /*   430 */   127,  128,  129,  127,  240,  241,  114,  254,  116,  117,
+ /*   440 */   118,   76,   76,  121,  138,  139,  263,  253,  264,  255,
+ /*   450 */   205,  275,   87,   19,   89,   89,  194,   92,   92,  199,
+ /*   460 */   138,  139,  268,  102,  103,  104,  105,  106,  107,  108,
  /*   470 */   109,  110,  111,  112,  113,  153,  154,  155,  156,  157,
- /*   480 */   239,  240,  116,  117,  118,   76,  193,   23,   19,   25,
- /*   490 */    22,  253,   23,  252,  253,  108,   87,  204,   89,  261,
- /*   500 */   198,   92,  261,  116,  117,  118,  193,  306,  307,  216,
- /*   510 */   217,  150,   43,   44,   45,   46,   47,   48,   49,   50,
- /*   520 */    51,   52,   53,   54,   55,   56,   57,   59,  193,  216,
- /*   530 */   217,   19,  239,  240,  283,   23,  106,  107,  108,  109,
- /*   540 */   110,  111,  112,  113,   73,  252,  253,  142,  308,  309,
- /*   550 */   138,  139,   81,  313,  145,   43,   44,   45,   46,   47,
+ /*   480 */    81,  116,  117,  118,  129,  240,  241,  224,   19,  226,
+ /*   490 */   314,  315,   23,   25,  300,   59,   22,  234,  253,  101,
+ /*   500 */   255,  236,  237,   26,  194,  183,  194,  152,   72,   22,
+ /*   510 */   145,  150,   43,   44,   45,   46,   47,   48,   49,   50,
+ /*   520 */    51,   52,   53,   54,   55,   56,   57,  217,  218,  217,
+ /*   530 */   218,   19,  189,   59,  191,   23,   59,  138,  139,  196,
+ /*   540 */   135,  198,  232,  283,  232,  140,   59,  287,  205,  275,
+ /*   550 */   116,  205,  116,  117,  118,   43,   44,   45,   46,   47,
  /*   560 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
- /*   570 */   307,  102,  103,  104,  105,  106,  107,  108,  109,  110,
- /*   580 */   111,  112,  113,  281,  116,  117,  118,  285,   23,  193,
- /*   590 */    25,  119,   59,  193,  122,  123,  124,   59,  127,  203,
- /*   600 */    59,  205,   19,  268,  132,   25,   23,   22,  193,  138,
- /*   610 */   139,  249,  204,  251,  102,  103,  104,  105,  106,  107,
+ /*   570 */   194,  102,  103,  104,  105,  106,  107,  108,  109,  110,
+ /*   580 */   111,  112,  113,  240,  241,  194,  240,  241,  314,  315,
+ /*   590 */   116,  117,  118,  116,  117,  118,  253,  194,  255,  253,
+ /*   600 */    59,  255,   19,  116,  117,  118,   23,   22,  217,  218,
+ /*   610 */   142,  268,  205,  275,  102,  103,  104,  105,  106,  107,
  /*   620 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   630 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*   640 */    57,   19,   22,   23,   59,   23,   25,  239,  240,  116,
- /*   650 */   117,  118,  193,   11,  116,  117,  118,  116,  117,  118,
- /*   660 */   252,  269,   22,  193,   15,   43,   44,   45,   46,   47,
+ /*   640 */    57,   19,  194,  300,   59,   23,  119,  240,  241,  122,
+ /*   650 */   123,  124,  314,  315,  194,  236,  237,  194,  117,  132,
+ /*   660 */   253,   81,  255,  205,   59,   43,   44,   45,   46,   47,
  /*   670 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
- /*   680 */   273,  143,  193,  118,  143,  102,  103,  104,  105,  106,
- /*   690 */   107,  108,  109,  110,  111,  112,  113,   76,  118,   59,
- /*   700 */   241,  116,  117,  118,  304,  216,  217,  292,  143,   60,
- /*   710 */    89,  241,   19,   92,  193,  193,   23,   22,  311,  312,
- /*   720 */   231,  101,   22,  143,  102,  103,  104,  105,  106,  107,
+ /*   680 */   217,  218,  194,  194,  194,  102,  103,  104,  105,  106,
+ /*   690 */   107,  108,  109,  110,  111,  112,  113,  294,  240,  241,
+ /*   700 */   120,  116,  117,  118,   59,  194,  217,  218,  211,  212,
+ /*   710 */   213,  253,   19,  255,  194,   19,   23,  254,  138,  139,
+ /*   720 */    24,  232,  117,  194,  102,  103,  104,  105,  106,  107,
  /*   730 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   740 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*   750 */    57,   19,  193,  193,   59,   23,  116,  117,  118,   59,
- /*   760 */   201,   21,  241,  304,  193,  206,  127,  128,  129,  193,
- /*   770 */   128,  129,  235,  236,  304,   43,   44,   45,   46,   47,
+ /*   750 */    57,   19,  264,  108,   76,   23,  127,  128,  129,  311,
+ /*   760 */   312,  116,  117,  118,  316,   87,  306,   89,  308,  194,
+ /*   770 */    92,   22,   59,  194,   22,   43,   44,   45,   46,   47,
  /*   780 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
- /*   790 */    22,  193,  216,  217,  193,  102,  103,  104,  105,  106,
- /*   800 */   107,  108,  109,  110,  111,  112,  113,  231,  193,  193,
- /*   810 */   193,  116,  117,  118,  216,  217,  116,  117,  118,  226,
- /*   820 */    80,  193,   19,  235,  236,  304,   23,  211,  212,  231,
- /*   830 */   204,  216,  217,  205,  102,  103,  104,  105,  106,  107,
+ /*   790 */   194,   95,  217,  218,  265,  102,  103,  104,  105,  106,
+ /*   800 */   107,  108,  109,  110,  111,  112,  113,  232,   59,  113,
+ /*   810 */    25,   59,  194,  217,  218,  119,  120,  121,  122,  123,
+ /*   820 */   124,  125,   19,  145,  194,  194,   23,  131,  232,  116,
+ /*   830 */   117,  118,   35,  194,  102,  103,  104,  105,  106,  107,
  /*   840 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   850 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*   860 */    57,   19,  193,  123,   76,  239,  240,  193,  253,  239,
- /*   870 */   240,  239,  240,  244,  106,  107,  193,   89,  252,  193,
- /*   880 */    92,   59,  252,  254,  252,   43,   44,   45,   46,   47,
+ /*   860 */    57,   19,  194,   66,  194,  116,  117,  118,  116,  117,
+ /*   870 */   118,   74,  242,  294,  194,  194,  206,   23,  194,   25,
+ /*   880 */   194,  111,  112,  113,   25,   43,   44,   45,   46,   47,
  /*   890 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
- /*   900 */   284,  161,  216,  217,  193,  102,  103,  104,  105,  106,
- /*   910 */   107,  108,  109,  110,  111,  112,  113,  231,  193,  244,
- /*   920 */   187,  188,  189,  190,    7,    8,    9,  309,  195,  254,
- /*   930 */   197,  313,   19,  127,  128,  129,  262,  204,   22,  117,
- /*   940 */    24,  216,  217,  273,  102,  103,  104,  105,  106,  107,
+ /*   900 */    24,  194,  194,  217,  218,  102,  103,  104,  105,  106,
+ /*   910 */   107,  108,  109,  110,  111,  112,  113,  241,  232,  194,
+ /*   920 */   212,  213,  242,  242,  217,  218,  242,  130,   11,  253,
+ /*   930 */   194,  255,   19,  265,  149,   59,  306,  194,  308,  232,
+ /*   940 */   309,  310,  217,  218,  102,  103,  104,  105,  106,  107,
  /*   950 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   960 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*   970 */    57,  193,  239,  240,  193,   59,   19,  188,  253,  190,
- /*   980 */   193,  311,  312,   16,  195,  252,  197,  193,   19,  301,
- /*   990 */   302,  135,  193,  204,  216,  217,  140,  216,  217,  266,
- /*  1000 */   204,  159,   45,   46,   47,   48,   49,   50,   51,   52,
+ /*   970 */    57,  194,  194,   59,  194,  239,   19,  194,   25,  254,
+ /*   980 */   303,  304,   23,  194,   25,  126,  306,  306,  308,  308,
+ /*   990 */   306,  271,  308,  117,  286,  217,  218,  217,  218,  194,
+ /*  1000 */   194,  159,   45,   46,   47,   48,   49,   50,   51,   52,
  /*  1010 */    53,   54,   55,   56,   57,  102,  103,  104,  105,  106,
- /*  1020 */   107,  108,  109,  110,  111,  112,  113,   12,  239,  240,
- /*  1030 */   193,  298,  238,  117,  253,  239,  240,  238,  259,  260,
- /*  1040 */   193,  252,   27,  193,   77,  193,   79,  204,  252,  262,
- /*  1050 */   193,  299,  300,  193,  100,  266,  278,   42,  204,  102,
+ /*  1020 */   107,  108,  109,  110,  111,  112,  113,   59,  239,  194,
+ /*  1030 */   116,  117,  118,  260,  254,  194,  240,  241,  194,  233,
+ /*  1040 */   205,  240,  241,  205,  239,  128,  129,  270,  265,  253,
+ /*  1050 */   194,  255,  217,  218,  253,  194,  255,  143,  280,  102,
  /*  1060 */   103,  104,  105,  106,  107,  108,  109,  110,  111,  112,
- /*  1070 */   113,  117,  159,  216,  217,  121,  216,  217,   63,  193,
- /*  1080 */   193,  193,  239,  240,  115,  116,  193,  298,   73,  240,
- /*  1090 */   238,  231,   19,  239,  240,  252,   22,   24,  211,  212,
- /*  1100 */   263,  252,  216,  217,  216,  217,  252,  153,  154,  155,
- /*  1110 */   253,  193,   19,  144,  213,  268,   43,   44,   45,   46,
+ /*  1070 */   113,  118,  159,  217,  218,  240,  241,  118,  240,  241,
+ /*  1080 */   194,  194,  194,  239,  116,  117,  118,   22,  253,  254,
+ /*  1090 */   255,  253,   19,  255,  233,  194,  143,   24,  263,  212,
+ /*  1100 */   213,  194,  143,  217,  218,  217,  218,  261,  262,  271,
+ /*  1110 */   254,  143,   19,    7,    8,    9,   43,   44,   45,   46,
  /*  1120 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*  1130 */    57,  193,   19,   59,  216,  217,   43,   44,   45,   46,
+ /*  1130 */    57,   16,   19,   22,   23,  294,   43,   44,   45,   46,
  /*  1140 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*  1150 */    57,  193,   19,   24,  216,  217,   43,   44,   45,   46,
+ /*  1150 */    57,  312,  194,  214,   21,  316,   43,   44,   45,   46,
  /*  1160 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*  1170 */    57,  284,  193,  208,  209,  102,  103,  104,  105,  106,
- /*  1180 */   107,  108,  109,  110,  111,  112,  113,  286,   59,  193,
- /*  1190 */   232,  117,  291,  193,  193,  102,  103,  104,  105,  106,
- /*  1200 */   107,  108,  109,  110,  111,  112,  113,  193,  204,   22,
- /*  1210 */    23,  193,   25,   66,  193,  102,  103,  104,  105,  106,
- /*  1220 */   107,  108,  109,  110,  111,  112,  113,  193,  193,  193,
- /*  1230 */   216,  217,   85,  193,  238,   19,   16,  216,  217,  238,
- /*  1240 */   193,   94,  193,  239,  240,  231,  117,  268,   35,  116,
- /*  1250 */   216,  217,  216,  217,   22,   23,  252,   25,  208,  209,
+ /*  1170 */    57,  106,  107,  286,  194,  102,  103,  104,  105,  106,
+ /*  1180 */   107,  108,  109,  110,  111,  112,  113,  207,  158,   59,
+ /*  1190 */   160,   22,   77,   24,   79,  102,  103,  104,  105,  106,
+ /*  1200 */   107,  108,  109,  110,  111,  112,  113,  194,  194,  229,
+ /*  1210 */   194,  231,  101,   80,   22,  102,  103,  104,  105,  106,
+ /*  1220 */   107,  108,  109,  110,  111,  112,  113,  288,   59,   12,
+ /*  1230 */   217,  218,  293,  217,  218,   19,  106,  107,   59,   19,
+ /*  1240 */    16,  127,  128,  129,   27,  115,  116,  117,  118,  194,
+ /*  1250 */   120,   59,   22,  194,   24,  194,  123,  100,  128,   42,
  /*  1260 */    44,   45,   46,   47,   48,   49,   50,   51,   52,   53,
- /*  1270 */    54,   55,   56,   57,  193,  193,   19,    5,   59,   66,
- /*  1280 */   193,  263,   10,   11,   12,   13,   14,   74,  101,   17,
- /*  1290 */   193,   46,  193,  146,  193,   76,  213,   77,  263,   79,
- /*  1300 */    12,  260,   30,   46,   32,  264,   87,  193,   89,   29,
- /*  1310 */   263,   92,   40,   33,  232,   27,  193,  108,  102,  103,
+ /*  1270 */    54,   55,   56,   57,  117,  194,  217,  218,  121,  100,
+ /*  1280 */    63,  194,  245,  153,  194,  155,  117,   19,  115,  194,
+ /*  1290 */    73,  214,  194,  256,  161,  116,  117,  194,  217,  218,
+ /*  1300 */   121,   77,  194,   79,  217,  218,  194,  217,  218,  117,
+ /*  1310 */   153,  154,  155,  254,   46,  217,  218,  144,  102,  103,
  /*  1320 */   104,  105,  106,  107,  108,  109,  110,  111,  112,  113,
- /*  1330 */    42,  138,  139,  101,  193,  116,  117,  118,   19,   20,
- /*  1340 */   255,   22,   70,  130,  135,   65,  256,  257,  193,  140,
- /*  1350 */    78,   63,  193,   81,  193,   36,  193,  216,  217,  193,
- /*  1360 */   115,  193,  263,  193,  145,  268,   59,   48,  193,  193,
- /*  1370 */    98,  193,  115,  193,  291,  216,  217,  193,   59,  216,
- /*  1380 */   217,  161,  216,  217,  216,  217,  216,  217,  131,  193,
- /*  1390 */    71,  193,  216,  217,  216,  217,  216,  217,  193,  260,
- /*  1400 */   216,  217,   19,  264,   85,  133,  244,  100,  193,   90,
- /*  1410 */   138,  139,  216,  217,  216,  217,  254,  244,  193,  100,
- /*  1420 */   193,  216,  217,  116,  117,  106,  107,  254,  121,  193,
- /*  1430 */   115,  216,  217,  114,  162,  116,  117,  118,  115,  244,
- /*  1440 */   121,  216,  217,  216,  217,  193,  309,  193,   31,  254,
- /*  1450 */   313,  309,  216,  217,  309,  313,   39,  193,  313,  309,
- /*  1460 */   153,  154,  155,  313,  193,  150,   25,  144,  216,  217,
- /*  1470 */   216,  217,  153,  154,  155,  156,  157,    0,    1,    2,
- /*  1480 */   216,  217,    5,  149,  150,   22,  193,   10,   11,   12,
- /*  1490 */    13,   14,  193,  158,   17,  160,  193,   19,   20,  116,
- /*  1500 */    22,   25,  193,   24,   22,  193,   24,   30,  226,   32,
- /*  1510 */    19,   20,  226,   22,   36,  193,   53,   40,  193,  216,
- /*  1520 */   217,  193,   23,  193,   25,  216,  217,   36,  216,  217,
- /*  1530 */   193,   99,  193,  193,   22,  193,  193,   59,  216,  217,
- /*  1540 */   193,  216,  217,  193,  216,  217,  193,   70,  129,   71,
- /*  1550 */    59,  129,  193,  216,  217,   78,  216,  217,   81,  216,
- /*  1560 */   217,  193,   71,   85,  193,  133,  193,  126,   90,  216,
- /*  1570 */   217,  152,  258,   61,  152,   98,   85,  193,  100,  193,
- /*  1580 */    23,   90,   25,  121,  106,  107,   23,  216,  217,  216,
- /*  1590 */   217,  100,  114,  131,  116,  117,  118,  106,  107,  121,
- /*  1600 */   216,  217,  216,  217,  193,  114,  193,  116,  117,  118,
- /*  1610 */   133,   22,  121,  193,   59,  138,  139,  193,  142,  193,
- /*  1620 */   141,   23,   23,   25,   25,  120,  121,  216,  217,  216,
- /*  1630 */   217,  153,  154,  155,  156,  157,  216,  217,   19,  162,
- /*  1640 */   216,  217,  216,  217,  153,  154,  155,  156,  157,    1,
- /*  1650 */     2,  193,   59,    5,   19,   20,  318,   22,   10,   11,
- /*  1660 */    12,   13,   14,  193,   59,   17,  193,   23,   23,   25,
- /*  1670 */    25,   36,  117,  193,  216,  217,  193,   23,   30,   25,
- /*  1680 */    32,   19,   20,   23,   22,   25,  216,  217,   40,  216,
- /*  1690 */   217,    7,    8,   23,   59,   25,   83,   84,   36,   23,
- /*  1700 */   193,   25,   23,   23,   25,   25,   71,  153,  145,  155,
- /*  1710 */   117,  153,   23,  155,   25,   23,   97,   25,   70,  193,
- /*  1720 */   193,   59,  117,  236,  193,  193,   78,  193,  193,   81,
- /*  1730 */   141,  193,  193,   71,  193,  100,  288,  287,  242,  255,
- /*  1740 */   255,  106,  107,  108,  255,  255,   98,  243,  297,  114,
- /*  1750 */   214,  116,  117,  118,  245,  191,  121,  271,  293,  267,
- /*  1760 */   267,  246,  100,  246,  245,  271,  271,  293,  106,  107,
- /*  1770 */   220,  271,  229,  225,  249,  219,  114,  259,  116,  117,
- /*  1780 */   118,  133,  259,  121,  219,  219,  138,  139,  153,  154,
- /*  1790 */   155,  156,  157,  280,  249,  243,   19,   20,  245,   22,
- /*  1800 */   196,  259,  140,  259,   60,  297,  141,  297,  200,  200,
- /*  1810 */   162,   38,  200,   36,  294,  153,  154,  155,  156,  157,
- /*  1820 */   151,  150,  294,  283,   22,   43,  234,   18,  237,  200,
- /*  1830 */   270,  272,  237,  237,  237,   18,   59,  199,  270,  149,
- /*  1840 */   246,  272,  272,  200,  234,  234,  246,  246,   71,  246,
- /*  1850 */   199,  158,  290,   62,   22,  200,   19,   20,  199,   22,
- /*  1860 */   289,  221,  221,  200,  200,  199,  199,  115,  218,   64,
- /*  1870 */   218,  218,   22,   36,  227,  126,  227,  100,  165,  221,
- /*  1880 */   224,  224,   24,  106,  107,  312,  218,  305,  113,  282,
- /*  1890 */    91,  114,  220,  116,  117,  118,   59,  282,  121,  218,
- /*  1900 */   218,  218,  200,  317,  317,   82,  221,  265,   71,  148,
- /*  1910 */   145,  265,   22,  277,  200,  158,  279,  140,  147,   25,
- /*  1920 */   146,  202,  248,  250,  249,  247,   13,  250,  194,  194,
- /*  1930 */   153,  154,  155,  156,  157,    6,  303,  100,  192,  192,
- /*  1940 */   246,  213,  192,  106,  107,  207,  213,  207,  222,  213,
- /*  1950 */   213,  114,  222,  116,  117,  118,  214,  214,  121,    4,
- /*  1960 */   207,  213,    3,   22,  303,   15,  163,   16,   23,   23,
- /*  1970 */   139,  151,  130,   25,   20,  142,   24,   16,  144,    1,
- /*  1980 */   142,  130,  130,   61,   37,   53,  300,  151,   53,   53,
- /*  1990 */   153,  154,  155,  156,  157,   53,  130,  116,   34,    1,
- /*  2000 */   141,    5,   22,  115,  161,   68,   25,   68,   75,   41,
- /*  2010 */   141,  115,   24,   20,   19,  131,  125,   23,   28,   22,
- /*  2020 */    67,   22,   22,   22,   67,   59,   24,   96,   22,   67,
- /*  2030 */    23,  149,   22,   25,   23,   23,   23,   22,   34,  141,
- /*  2040 */    37,   97,   23,   23,  116,   22,  143,   25,   34,   75,
- /*  2050 */    34,   34,   34,   88,   75,   34,   86,   23,   22,   34,
- /*  2060 */    93,   24,   34,   25,   25,  142,  142,   23,   44,   23,
- /*  2070 */    23,   23,   23,   11,   23,   25,   22,   22,   22,  141,
- /*  2080 */    23,   23,   22,   22,   25,   15,    1,   23,   25,    1,
- /*  2090 */   141,  135,  319,  319,  319,  319,  319,  319,  319,  141,
- /*  2100 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2110 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2120 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2130 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2140 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2150 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2160 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2170 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2180 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2190 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2200 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2210 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2220 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2230 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2240 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2250 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2260 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2270 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
- /*  2280 */   319,  319,  319,  319,  319,
+ /*  1330 */   232,  270,  153,  154,  155,  115,  116,   66,   19,   20,
+ /*  1340 */   183,   22,   12,  312,  254,  194,  262,  316,  209,  210,
+ /*  1350 */   266,  239,  194,  194,  108,   36,   85,   27,   19,   20,
+ /*  1360 */   265,   22,  183,  245,  144,   94,   25,   48,  217,  218,
+ /*  1370 */   293,  194,   42,  270,  256,   36,  217,  218,   59,  194,
+ /*  1380 */    25,  135,  194,  115,  194,  161,  140,  194,  194,   15,
+ /*  1390 */    71,  194,  312,   63,  217,  218,  316,  194,   59,  131,
+ /*  1400 */   301,  302,  217,  218,   85,  217,  218,  217,  218,   90,
+ /*  1410 */    71,  217,  218,   19,  217,  218,  245,  146,  262,  100,
+ /*  1420 */   217,  218,  266,  265,   85,  106,  107,  256,  312,   90,
+ /*  1430 */   209,  210,  316,  114,   60,  116,  117,  118,  194,  100,
+ /*  1440 */   121,  194,  194,  145,  115,  106,  107,   19,   46,   19,
+ /*  1450 */    20,   24,   22,  114,  194,  116,  117,  118,  194,  245,
+ /*  1460 */   121,  194,  164,  194,  217,  218,   36,  194,  258,  259,
+ /*  1470 */   256,  194,  153,  154,  155,  156,  157,  217,  218,  150,
+ /*  1480 */    31,  217,  218,  142,  217,  218,  217,  218,   39,   59,
+ /*  1490 */   217,  218,  153,  154,  155,  156,  157,  149,  150,    5,
+ /*  1500 */   145,   71,  183,  245,   10,   11,   12,   13,   14,  194,
+ /*  1510 */   116,   17,  129,  227,  256,   85,  194,  115,  194,   23,
+ /*  1520 */    90,   25,  183,   99,   30,   97,   32,   22,   22,  194,
+ /*  1530 */   100,  194,  217,  218,   40,  152,  106,  107,   23,  217,
+ /*  1540 */   218,  194,   19,   20,  114,   22,  116,  117,  118,  257,
+ /*  1550 */   194,  121,  217,  218,  217,  218,  194,  133,   53,   36,
+ /*  1560 */    23,   23,   25,   25,   70,  120,  121,   61,  141,    7,
+ /*  1570 */     8,  121,   78,  217,  218,   81,   23,  227,   25,  217,
+ /*  1580 */   218,  131,   59,  153,  154,  155,  156,  157,    0,    1,
+ /*  1590 */     2,   59,   98,    5,   71,   23,  227,   25,   10,   11,
+ /*  1600 */    12,   13,   14,   83,   84,   17,   23,   23,   25,   25,
+ /*  1610 */    59,  194,  194,  183,   23,   23,   25,   25,   30,  194,
+ /*  1620 */    32,   19,   20,  100,   22,  194,  194,  133,   40,  106,
+ /*  1630 */   107,  108,  138,  139,  194,  217,  218,  114,   36,  116,
+ /*  1640 */   117,  118,  217,  218,  121,  194,  194,  194,   23,  117,
+ /*  1650 */    25,  194,   23,   23,   25,   25,  162,  194,   70,  194,
+ /*  1660 */   145,   59,   23,  153,   25,  155,   78,  194,  117,   81,
+ /*  1670 */   217,  218,  194,   71,  217,  218,  153,  154,  155,  156,
+ /*  1680 */   157,  194,  217,  218,  194,   23,   98,   25,  321,  194,
+ /*  1690 */   217,  218,  194,   19,   20,  194,   22,  153,   23,  155,
+ /*  1700 */    25,  194,  100,  194,  217,  218,  183,  194,  106,  107,
+ /*  1710 */    36,  194,  217,  218,  237,  194,  114,  243,  116,  117,
+ /*  1720 */   118,  133,  194,  121,  217,  218,  138,  139,  194,  194,
+ /*  1730 */   194,  290,  289,   59,  217,  218,  194,  194,  217,  218,
+ /*  1740 */   194,  194,  140,  194,  194,   71,  194,  244,  194,  194,
+ /*  1750 */   162,  217,  218,  194,  194,  153,  154,  155,  156,  157,
+ /*  1760 */   217,  218,  194,  217,  218,  194,  217,  218,  257,  217,
+ /*  1770 */   218,  217,  218,  257,  100,  194,  257,  217,  218,  257,
+ /*  1780 */   106,  107,  215,  299,  194,  183,  192,  194,  114,  194,
+ /*  1790 */   116,  117,  118,    1,    2,  121,  221,    5,  217,  218,
+ /*  1800 */   273,  197,   10,   11,   12,   13,   14,  217,  218,   17,
+ /*  1810 */   217,  218,  217,  218,  140,  194,  246,  194,  273,  295,
+ /*  1820 */   247,  273,   30,  247,   32,  269,  269,  153,  154,  155,
+ /*  1830 */   156,  157,   40,  246,  273,  295,  230,  226,  217,  218,
+ /*  1840 */   217,  218,  220,  261,  220,  282,  220,   19,   20,  244,
+ /*  1850 */    22,  250,  141,  250,  246,   60,  201,  183,  261,  261,
+ /*  1860 */   261,  201,   70,  299,   36,  299,  201,   38,  151,  150,
+ /*  1870 */    78,  285,   22,   81,  296,  296,   43,  235,   18,  238,
+ /*  1880 */   201,  274,  272,  238,  238,  238,   18,   59,  200,  149,
+ /*  1890 */    98,  247,  274,  274,  235,  247,  247,  247,  235,   71,
+ /*  1900 */   272,  201,  200,  158,  292,   62,  291,  201,  200,   22,
+ /*  1910 */   201,  222,  200,  222,  201,  200,  115,  219,  219,   64,
+ /*  1920 */   219,  228,   22,  126,  221,  133,  165,  222,  100,  225,
+ /*  1930 */   138,  139,  225,  219,  106,  107,   24,  219,  228,  219,
+ /*  1940 */   219,  307,  114,  113,  116,  117,  118,  315,  284,  121,
+ /*  1950 */   284,  222,  201,   91,  162,  320,  320,   82,  148,  267,
+ /*  1960 */   145,  267,   22,  279,  201,  158,  281,  251,  147,  146,
+ /*  1970 */    25,  203,  250,  249,  251,  248,   13,  247,  195,  195,
+ /*  1980 */     6,  153,  154,  155,  156,  157,  193,  193,  305,  193,
+ /*  1990 */   208,  305,  302,  214,  214,  214,  208,  223,  223,  214,
+ /*  2000 */     4,  215,  215,  214,    3,   22,  208,  163,   15,   23,
+ /*  2010 */    16,  183,   23,  139,  151,  130,   25,   20,  142,   24,
+ /*  2020 */    16,  144,    1,  142,  130,  130,   61,   37,   53,  151,
+ /*  2030 */    53,   53,   53,  130,  116,    1,   34,  141,    5,   22,
+ /*  2040 */   115,  161,   75,   25,   68,  141,   41,  115,   68,   24,
+ /*  2050 */    20,   19,  131,  125,   67,   67,   96,   22,   22,   22,
+ /*  2060 */    37,   23,   22,   24,   22,   59,   67,   23,  149,   28,
+ /*  2070 */    22,   25,   23,   23,   23,   22,  141,   34,   97,   23,
+ /*  2080 */    23,   34,  116,   22,  143,   25,   34,   75,   34,   34,
+ /*  2090 */    75,   88,   34,   86,   23,   22,   34,   25,   24,   34,
+ /*  2100 */    25,   93,   23,   44,  142,   23,  142,   23,   23,   22,
+ /*  2110 */    11,   25,   23,   25,   23,   22,   22,   22,    1,   23,
+ /*  2120 */    23,   23,   22,   22,   15,  141,  141,   25,   25,    1,
+ /*  2130 */   322,  322,  322,  135,  322,  322,  322,  322,  322,  322,
+ /*  2140 */   322,  141,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2150 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2160 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2170 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2180 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2190 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2200 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2210 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2220 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2230 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2240 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2250 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2260 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2270 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2280 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2290 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2300 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2310 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
+ /*  2320 */   322,  322,  322,  322,  322,  322,  322,  322,
 };
-#define YY_SHIFT_COUNT    (578)
+#define YY_SHIFT_COUNT    (582)
 #define YY_SHIFT_MIN      (0)
-#define YY_SHIFT_MAX      (2088)
+#define YY_SHIFT_MAX      (2128)
 static const unsigned short int yy_shift_ofst[] = {
- /*     0 */  1648, 1477, 1272,  322,  322,    1, 1319, 1478, 1491, 1837,
- /*    10 */  1837, 1837,  471,    0,    0,  214, 1093, 1837, 1837, 1837,
- /*    20 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
- /*    30 */  1837,  271,  271, 1219, 1219,  216,   88,    1,    1,    1,
- /*    40 */     1,    1,   40,  111,  258,  361,  469,  512,  583,  622,
- /*    50 */   693,  732,  803,  842,  913, 1073, 1093, 1093, 1093, 1093,
- /*    60 */  1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093,
- /*    70 */  1093, 1093, 1093, 1093, 1113, 1093, 1216,  957,  957, 1635,
- /*    80 */  1662, 1777, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
- /*    90 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
- /*   100 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
- /*   110 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
- /*   120 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
- /*   130 */  1837,  137,  181,  181,  181,  181,  181,  181,  181,   94,
- /*   140 */   430,   66,   65,  112,  366,  533,  533,  740, 1257,  533,
- /*   150 */   533,   79,   79,  533,  412,  412,  412,   77,  412,  123,
- /*   160 */   113,  113,  113,   22,   22, 2100, 2100,  328,  328,  328,
- /*   170 */   239,  468,  468,  468,  468, 1015, 1015,  409,  366, 1187,
- /*   180 */  1232,  533,  533,  533,  533,  533,  533,  533,  533,  533,
- /*   190 */   533,  533,  533,  533,  533,  533,  533,  533,  533,  533,
- /*   200 */   533,  969,  621,  621,  533,  642,  788,  788, 1133, 1133,
- /*   210 */   822,  822,   67, 1193, 2100, 2100, 2100, 2100, 2100, 2100,
- /*   220 */  2100, 1307,  954,  954,  585,  472,  640,  387,  695,  538,
- /*   230 */   541,  700,  533,  533,  533,  533,  533,  533,  533,  533,
- /*   240 */   533,  533,  222,  533,  533,  533,  533,  533,  533,  533,
- /*   250 */   533,  533,  533,  533,  533, 1213, 1213, 1213,  533,  533,
- /*   260 */   533,  565,  533,  533,  533,  916, 1147,  533,  533, 1288,
- /*   270 */   533,  533,  533,  533,  533,  533,  533,  533,  639, 1280,
- /*   280 */   209, 1129, 1129, 1129, 1129,  580,  209,  209, 1209,  768,
- /*   290 */   917,  649, 1315, 1334,  405, 1334, 1383,  249, 1315, 1315,
- /*   300 */   249, 1315,  405, 1383, 1441,  464, 1245, 1417, 1417, 1417,
- /*   310 */  1323, 1323, 1323, 1323,  184,  184, 1335, 1476,  856, 1482,
- /*   320 */  1744, 1744, 1665, 1665, 1773, 1773, 1665, 1669, 1671, 1802,
- /*   330 */  1782, 1809, 1809, 1809, 1809, 1665, 1817, 1690, 1671, 1671,
- /*   340 */  1690, 1802, 1782, 1690, 1782, 1690, 1665, 1817, 1693, 1791,
- /*   350 */  1665, 1817, 1832, 1665, 1817, 1665, 1817, 1832, 1752, 1752,
- /*   360 */  1752, 1805, 1850, 1850, 1832, 1752, 1749, 1752, 1805, 1752,
- /*   370 */  1752, 1713, 1858, 1775, 1775, 1832, 1665, 1799, 1799, 1823,
- /*   380 */  1823, 1761, 1765, 1890, 1665, 1757, 1761, 1771, 1774, 1690,
- /*   390 */  1894, 1913, 1913, 1929, 1929, 1929, 2100, 2100, 2100, 2100,
- /*   400 */  2100, 2100, 2100, 2100, 2100, 2100, 2100, 2100, 2100, 2100,
- /*   410 */  2100,  207, 1220,  331,  620,  967,  806, 1074, 1499, 1432,
- /*   420 */  1463, 1479, 1419, 1422, 1557, 1512, 1598, 1599, 1644, 1645,
- /*   430 */  1654, 1660, 1555, 1505, 1684, 1462, 1670, 1563, 1619, 1593,
- /*   440 */  1676, 1679, 1613, 1680, 1554, 1558, 1689, 1692, 1605, 1589,
- /*   450 */  1955, 1959, 1941, 1803, 1950, 1951, 1945, 1946, 1831, 1820,
- /*   460 */  1842, 1948, 1948, 1952, 1833, 1954, 1834, 1961, 1978, 1838,
- /*   470 */  1851, 1948, 1852, 1922, 1947, 1948, 1836, 1932, 1935, 1936,
- /*   480 */  1942, 1866, 1881, 1964, 1859, 1998, 1996, 1980, 1888, 1843,
- /*   490 */  1937, 1981, 1939, 1933, 1968, 1869, 1896, 1988, 1993, 1995,
- /*   500 */  1884, 1891, 1997, 1953, 1999, 2000, 1994, 2001, 1957, 1966,
- /*   510 */  2002, 1931, 1990, 2006, 1962, 2003, 2007, 2004, 1882, 2010,
- /*   520 */  2011, 2012, 2008, 2013, 2015, 1944, 1898, 2019, 2020, 1928,
- /*   530 */  2014, 2023, 1903, 2022, 2016, 2017, 2018, 2021, 1965, 1974,
- /*   540 */  1970, 2024, 1979, 1967, 2025, 2034, 2036, 2037, 2038, 2039,
- /*   550 */  2028, 1923, 1924, 2044, 2022, 2046, 2047, 2048, 2049, 2050,
- /*   560 */  2051, 2054, 2062, 2055, 2056, 2057, 2058, 2060, 2061, 2059,
- /*   570 */  1956, 1938, 1949, 1958, 2063, 2064, 2070, 2085, 2088,
+ /*     0 */  1792, 1588, 1494,  322,  322,  399,  306, 1319, 1339, 1430,
+ /*    10 */  1828, 1828, 1828,  580,  399,  399,  399,  399,  399,    0,
+ /*    20 */     0,  214, 1093, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
+ /*    30 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1130, 1130,
+ /*    40 */   365,  365,   55,  278,  436,  713,  713,  201,  201,  201,
+ /*    50 */   201,   40,  111,  258,  361,  469,  512,  583,  622,  693,
+ /*    60 */   732,  803,  842,  913, 1073, 1093, 1093, 1093, 1093, 1093,
+ /*    70 */  1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093,
+ /*    80 */  1093, 1093, 1093, 1113, 1093, 1216,  957,  957, 1523, 1602,
+ /*    90 */  1674, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
+ /*   100 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
+ /*   110 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
+ /*   120 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
+ /*   130 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
+ /*   140 */   137,  181,  181,  181,  181,  181,  181,  181,   96,  222,
+ /*   150 */   143,  477,  713, 1133, 1268,  713,  713,   79,   79,  713,
+ /*   160 */   770,   83,   65,   65,   65,  288,  162,  162, 2142, 2142,
+ /*   170 */   696,  696,  696,  238,  474,  474,  474,  474, 1217, 1217,
+ /*   180 */   678,  477,  324,  398,  713,  713,  713,  713,  713,  713,
+ /*   190 */   713,  713,  713,  713,  713,  713,  713,  713,  713,  713,
+ /*   200 */   713,  713,  713, 1220,  366,  366,  713,  917,  283,  283,
+ /*   210 */   434,  434,  605,  605, 1298, 2142, 2142, 2142, 2142, 2142,
+ /*   220 */  2142, 2142, 1179, 1157, 1157,  487,  527,  585,  645,  749,
+ /*   230 */   914,  968,  752,  713,  713,  713,  713,  713,  713,  713,
+ /*   240 */   713,  713,  713,  303,  713,  713,  713,  713,  713,  713,
+ /*   250 */   713,  713,  713,  713,  713,  713,  797,  797,  797,  713,
+ /*   260 */   713,  713,  959,  713,  713,  713, 1169, 1271,  713,  713,
+ /*   270 */  1330,  713,  713,  713,  713,  713,  713,  713,  713,  629,
+ /*   280 */     7,   91,  876,  876,  876,  876,  953,   91,   91, 1246,
+ /*   290 */  1065, 1106, 1374, 1329, 1348,  468, 1348, 1394,  785, 1329,
+ /*   300 */  1329,  785, 1329,  468, 1394,  859,  854, 1402, 1449, 1449,
+ /*   310 */  1449, 1173, 1173, 1173, 1173, 1355, 1355, 1030, 1341,  405,
+ /*   320 */  1230, 1795, 1795, 1711, 1711, 1829, 1829, 1711, 1717, 1719,
+ /*   330 */  1850, 1833, 1860, 1860, 1860, 1860, 1711, 1868, 1740, 1719,
+ /*   340 */  1719, 1740, 1850, 1833, 1740, 1833, 1740, 1711, 1868, 1745,
+ /*   350 */  1843, 1711, 1868, 1887, 1711, 1868, 1711, 1868, 1887, 1801,
+ /*   360 */  1801, 1801, 1855, 1900, 1900, 1887, 1801, 1797, 1801, 1855,
+ /*   370 */  1801, 1801, 1761, 1912, 1830, 1830, 1887, 1711, 1862, 1862,
+ /*   380 */  1875, 1875, 1810, 1815, 1940, 1711, 1807, 1810, 1821, 1823,
+ /*   390 */  1740, 1945, 1963, 1963, 1974, 1974, 1974, 2142, 2142, 2142,
+ /*   400 */  2142, 2142, 2142, 2142, 2142, 2142, 2142, 2142, 2142, 2142,
+ /*   410 */  2142, 2142,   20, 1224,  256, 1111, 1115, 1114, 1192, 1496,
+ /*   420 */  1424, 1505, 1427,  355, 1383, 1537, 1506, 1538, 1553, 1583,
+ /*   430 */  1584, 1591, 1625,  541, 1445, 1562, 1450, 1572, 1515, 1428,
+ /*   440 */  1532, 1592, 1629, 1520, 1630, 1639, 1510, 1544, 1662, 1675,
+ /*   450 */  1551,   48, 1996, 2001, 1983, 1844, 1993, 1994, 1986, 1989,
+ /*   460 */  1874, 1863, 1885, 1991, 1991, 1995, 1876, 1997, 1877, 2004,
+ /*   470 */  2021, 1881, 1894, 1991, 1895, 1965, 1990, 1991, 1878, 1975,
+ /*   480 */  1977, 1978, 1979, 1903, 1918, 2002, 1896, 2034, 2033, 2017,
+ /*   490 */  1925, 1880, 1976, 2018, 1980, 1967, 2005, 1904, 1932, 2025,
+ /*   500 */  2030, 2032, 1921, 1928, 2035, 1987, 2036, 2037, 2038, 2040,
+ /*   510 */  1988, 2006, 2039, 1960, 2041, 2042, 1999, 2023, 2044, 2043,
+ /*   520 */  1919, 2048, 2049, 2050, 2046, 2051, 2053, 1981, 1935, 2056,
+ /*   530 */  2057, 1966, 2047, 2061, 1941, 2060, 2052, 2054, 2055, 2058,
+ /*   540 */  2003, 2012, 2007, 2059, 2015, 2008, 2062, 2071, 2073, 2074,
+ /*   550 */  2072, 2075, 2065, 1962, 1964, 2079, 2060, 2082, 2084, 2085,
+ /*   560 */  2087, 2086, 2089, 2088, 2091, 2093, 2099, 2094, 2095, 2096,
+ /*   570 */  2097, 2100, 2101, 2102, 1998, 1984, 1985, 2000, 2103, 2098,
+ /*   580 */  2109, 2117, 2128,
 };
-#define YY_REDUCE_COUNT (410)
-#define YY_REDUCE_MIN   (-271)
-#define YY_REDUCE_MAX   (1753)
+#define YY_REDUCE_COUNT (411)
+#define YY_REDUCE_MIN   (-275)
+#define YY_REDUCE_MAX   (1798)
 static const short yy_reduce_ofst[] = {
- /*     0 */  -125,  733,  789,  241,  293, -123, -193, -191, -183, -187,
- /*    10 */   166,  238,  133, -207, -199, -267, -176,   -6,  204,  489,
- /*    20 */   576,  598, -175,  686,  860,  615,  725, 1014,  778,  781,
- /*    30 */   857,  616,  887,   87,  240, -192,  408,  626,  796,  843,
- /*    40 */   854, 1004, -271, -271, -271, -271, -271, -271, -271, -271,
- /*    50 */  -271, -271, -271, -271, -271, -271, -271, -271, -271, -271,
- /*    60 */  -271, -271, -271, -271, -271, -271, -271, -271, -271, -271,
- /*    70 */  -271, -271, -271, -271, -271, -271, -271, -271, -271,   80,
- /*    80 */    83,  313,  886,  888,  918,  938, 1021, 1034, 1036, 1141,
- /*    90 */  1159, 1163, 1166, 1168, 1170, 1176, 1178, 1180, 1184, 1196,
- /*   100 */  1198, 1205, 1215, 1225, 1227, 1236, 1252, 1254, 1264, 1303,
- /*   110 */  1309, 1312, 1322, 1325, 1328, 1337, 1340, 1343, 1353, 1371,
- /*   120 */  1373, 1384, 1386, 1411, 1413, 1420, 1424, 1426, 1458, 1470,
- /*   130 */  1473, -271, -271, -271, -271, -271, -271, -271, -271, -271,
- /*   140 */  -271, -271,  138,  459,  396, -158,  470,  302, -212,  521,
- /*   150 */   201, -195,  -92,  559,  630,  632,  630, -271,  632,  901,
- /*   160 */    63,  407,  670, -271, -271, -271, -271,  161,  161,  161,
- /*   170 */   251,  335,  847,  979, 1097,  537,  588,  618,  628,  688,
- /*   180 */   688, -166, -161,  674,  787,  794,  799,  852,  996, -122,
- /*   190 */   837, -120, 1018, 1035,  415, 1047, 1001,  958, 1082,  400,
- /*   200 */  1099,  779, 1137, 1142,  263, 1083, 1145, 1150, 1041, 1139,
- /*   210 */   965, 1050,  362,  849,  752,  629,  675, 1162, 1173, 1090,
- /*   220 */  1195, -194,   56,  185, -135,  232,  522,  560,  571,  601,
- /*   230 */   617,  669,  683,  711,  850,  893, 1000, 1040, 1049, 1081,
- /*   240 */  1087, 1101,  392, 1114, 1123, 1155, 1161, 1175, 1271, 1293,
- /*   250 */  1299, 1330, 1339, 1342, 1347,  593, 1282, 1286, 1350, 1359,
- /*   260 */  1368, 1314, 1480, 1483, 1507, 1085, 1338, 1526, 1527, 1487,
- /*   270 */  1531,  560, 1532, 1534, 1535, 1538, 1539, 1541, 1448, 1450,
- /*   280 */  1496, 1484, 1485, 1489, 1490, 1314, 1496, 1496, 1504, 1536,
- /*   290 */  1564, 1451, 1486, 1492, 1509, 1493, 1465, 1515, 1494, 1495,
- /*   300 */  1517, 1500, 1519, 1474, 1550, 1543, 1548, 1556, 1565, 1566,
- /*   310 */  1518, 1523, 1542, 1544, 1525, 1545, 1513, 1553, 1552, 1604,
- /*   320 */  1508, 1510, 1608, 1609, 1520, 1528, 1612, 1540, 1559, 1560,
- /*   330 */  1592, 1591, 1595, 1596, 1597, 1629, 1638, 1594, 1569, 1570,
- /*   340 */  1600, 1568, 1610, 1601, 1611, 1603, 1643, 1651, 1562, 1571,
- /*   350 */  1655, 1659, 1640, 1663, 1666, 1664, 1667, 1641, 1650, 1652,
- /*   360 */  1653, 1647, 1656, 1657, 1658, 1668, 1672, 1681, 1649, 1682,
- /*   370 */  1683, 1573, 1582, 1607, 1615, 1685, 1702, 1586, 1587, 1642,
- /*   380 */  1646, 1673, 1675, 1636, 1714, 1637, 1677, 1674, 1678, 1694,
- /*   390 */  1719, 1734, 1735, 1746, 1747, 1750, 1633, 1661, 1686, 1738,
- /*   400 */  1728, 1733, 1736, 1737, 1740, 1726, 1730, 1742, 1743, 1748,
- /*   410 */  1753,
+ /*     0 */   -71,  194,  343,  835, -180, -177,  838, -194, -188, -185,
+ /*    10 */  -183,   82,  183,  -65,  133,  245,  346,  407,  458, -178,
+ /*    20 */    75, -275,   -4,  310,  312,  489,  575,  596,  463,  686,
+ /*    30 */   707,  725,  780, 1098,  856,  778, 1059, 1090,  708,  887,
+ /*    40 */    86,  448,  980,  630,  680,  681,  684,  796,  801,  796,
+ /*    50 */   801, -261, -261, -261, -261, -261, -261, -261, -261, -261,
+ /*    60 */  -261, -261, -261, -261, -261, -261, -261, -261, -261, -261,
+ /*    70 */  -261, -261, -261, -261, -261, -261, -261, -261, -261, -261,
+ /*    80 */  -261, -261, -261, -261, -261, -261, -261, -261,  391,  886,
+ /*    90 */   888, 1013, 1016, 1081, 1087, 1151, 1159, 1177, 1185, 1188,
+ /*   100 */  1190, 1194, 1197, 1203, 1247, 1260, 1264, 1267, 1269, 1273,
+ /*   110 */  1315, 1322, 1335, 1337, 1356, 1362, 1418, 1425, 1453, 1457,
+ /*   120 */  1465, 1473, 1487, 1495, 1507, 1517, 1521, 1534, 1543, 1546,
+ /*   130 */  1549, 1552, 1554, 1560, 1581, 1590, 1593, 1595, 1621, 1623,
+ /*   140 */  -261, -261, -261, -261, -261, -261, -261, -261, -261, -261,
+ /*   150 */  -261, -186, -117,  260,  263,  460,  631,  -74,  497, -181,
+ /*   160 */  -261,  939,  176,  274,  338,  676, -261, -261, -261, -261,
+ /*   170 */  -212, -212, -212, -184,  149,  777, 1061, 1103,  265,  419,
+ /*   180 */  -254,  670,  677,  677,  -11, -129,  184,  488,  736,  789,
+ /*   190 */   805,  844,  403,  529,  579,  668,  783,  841, 1158, 1112,
+ /*   200 */   806,  861, 1095,  846,  839, 1031, -189, 1077, 1080, 1116,
+ /*   210 */  1084, 1156, 1139, 1221,   46, 1099, 1037, 1118, 1171, 1214,
+ /*   220 */  1210, 1258, -210, -190, -176, -115,  117,  262,  376,  490,
+ /*   230 */   511,  520,  618,  639,  743,  901,  907,  958, 1014, 1055,
+ /*   240 */  1108, 1193, 1244,  720, 1248, 1277, 1324, 1347, 1417, 1431,
+ /*   250 */  1432, 1440, 1451, 1452, 1463, 1478, 1286, 1350, 1369, 1490,
+ /*   260 */  1498, 1501,  773, 1509, 1513, 1528, 1292, 1367, 1535, 1536,
+ /*   270 */  1477, 1542,  376, 1547, 1550, 1555, 1559, 1568, 1571, 1441,
+ /*   280 */  1443, 1474, 1511, 1516, 1519, 1522,  773, 1474, 1474, 1503,
+ /*   290 */  1567, 1594, 1484, 1527, 1556, 1570, 1557, 1524, 1573, 1545,
+ /*   300 */  1548, 1576, 1561, 1587, 1540, 1575, 1606, 1611, 1622, 1624,
+ /*   310 */  1626, 1582, 1597, 1598, 1599, 1601, 1603, 1563, 1608, 1605,
+ /*   320 */  1604, 1564, 1566, 1655, 1660, 1578, 1579, 1665, 1586, 1607,
+ /*   330 */  1610, 1642, 1641, 1645, 1646, 1647, 1679, 1688, 1644, 1618,
+ /*   340 */  1619, 1648, 1628, 1659, 1649, 1663, 1650, 1700, 1702, 1612,
+ /*   350 */  1615, 1706, 1708, 1689, 1709, 1712, 1713, 1715, 1691, 1698,
+ /*   360 */  1699, 1701, 1693, 1704, 1707, 1705, 1714, 1703, 1718, 1710,
+ /*   370 */  1720, 1721, 1632, 1634, 1664, 1666, 1729, 1751, 1635, 1636,
+ /*   380 */  1692, 1694, 1716, 1722, 1684, 1763, 1685, 1723, 1724, 1727,
+ /*   390 */  1730, 1768, 1783, 1784, 1793, 1794, 1796, 1683, 1686, 1690,
+ /*   400 */  1782, 1779, 1780, 1781, 1785, 1788, 1774, 1775, 1786, 1787,
+ /*   410 */  1789, 1798,
 };
 static const YYACTIONTYPE yy_default[] = {
- /*     0 */  1648, 1648, 1648, 1478, 1243, 1354, 1243, 1243, 1243, 1478,
- /*    10 */  1478, 1478, 1243, 1384, 1384, 1531, 1276, 1243, 1243, 1243,
- /*    20 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1477, 1243,
- /*    30 */  1243, 1243, 1243, 1564, 1564, 1243, 1243, 1243, 1243, 1243,
- /*    40 */  1243, 1243, 1243, 1393, 1243, 1400, 1243, 1243, 1243, 1243,
- /*    50 */  1243, 1479, 1480, 1243, 1243, 1243, 1530, 1532, 1495, 1407,
- /*    60 */  1406, 1405, 1404, 1513, 1372, 1398, 1391, 1395, 1474, 1475,
- /*    70 */  1473, 1626, 1480, 1479, 1243, 1394, 1442, 1458, 1441, 1243,
- /*    80 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*    90 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   100 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   110 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   120 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   130 */  1243, 1450, 1457, 1456, 1455, 1464, 1454, 1451, 1444, 1443,
- /*   140 */  1445, 1446, 1243, 1243, 1267, 1243, 1243, 1264, 1318, 1243,
- /*   150 */  1243, 1243, 1243, 1243, 1550, 1549, 1243, 1447, 1243, 1276,
- /*   160 */  1435, 1434, 1433, 1461, 1448, 1460, 1459, 1538, 1600, 1599,
- /*   170 */  1496, 1243, 1243, 1243, 1243, 1243, 1243, 1564, 1243, 1243,
- /*   180 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   190 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   200 */  1243, 1374, 1564, 1564, 1243, 1276, 1564, 1564, 1375, 1375,
- /*   210 */  1272, 1272, 1378, 1243, 1545, 1345, 1345, 1345, 1345, 1354,
- /*   220 */  1345, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   230 */  1243, 1243, 1243, 1243, 1243, 1243, 1535, 1533, 1243, 1243,
- /*   240 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   250 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   260 */  1243, 1243, 1243, 1243, 1243, 1350, 1243, 1243, 1243, 1243,
- /*   270 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1593, 1243, 1508,
- /*   280 */  1332, 1350, 1350, 1350, 1350, 1352, 1333, 1331, 1344, 1277,
- /*   290 */  1250, 1640, 1410, 1399, 1351, 1399, 1637, 1397, 1410, 1410,
- /*   300 */  1397, 1410, 1351, 1637, 1293, 1615, 1288, 1384, 1384, 1384,
- /*   310 */  1374, 1374, 1374, 1374, 1378, 1378, 1476, 1351, 1344, 1243,
- /*   320 */  1640, 1640, 1360, 1360, 1639, 1639, 1360, 1496, 1623, 1419,
- /*   330 */  1321, 1327, 1327, 1327, 1327, 1360, 1261, 1397, 1623, 1623,
- /*   340 */  1397, 1419, 1321, 1397, 1321, 1397, 1360, 1261, 1512, 1634,
- /*   350 */  1360, 1261, 1486, 1360, 1261, 1360, 1261, 1486, 1319, 1319,
- /*   360 */  1319, 1308, 1243, 1243, 1486, 1319, 1293, 1319, 1308, 1319,
- /*   370 */  1319, 1582, 1243, 1490, 1490, 1486, 1360, 1574, 1574, 1387,
- /*   380 */  1387, 1392, 1378, 1481, 1360, 1243, 1392, 1390, 1388, 1397,
- /*   390 */  1311, 1596, 1596, 1592, 1592, 1592, 1645, 1645, 1545, 1608,
- /*   400 */  1276, 1276, 1276, 1276, 1608, 1295, 1295, 1277, 1277, 1276,
- /*   410 */  1608, 1243, 1243, 1243, 1243, 1243, 1243, 1603, 1243, 1540,
- /*   420 */  1497, 1364, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   430 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1551, 1243,
- /*   440 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1424,
- /*   450 */  1243, 1246, 1542, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   460 */  1243, 1401, 1402, 1365, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   470 */  1243, 1416, 1243, 1243, 1243, 1411, 1243, 1243, 1243, 1243,
- /*   480 */  1243, 1243, 1243, 1243, 1636, 1243, 1243, 1243, 1243, 1243,
- /*   490 */  1243, 1511, 1510, 1243, 1243, 1362, 1243, 1243, 1243, 1243,
- /*   500 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1291,
- /*   510 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   520 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   530 */  1243, 1243, 1243, 1389, 1243, 1243, 1243, 1243, 1243, 1243,
- /*   540 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1579, 1379,
- /*   550 */  1243, 1243, 1243, 1243, 1627, 1243, 1243, 1243, 1243, 1243,
- /*   560 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1619,
- /*   570 */  1335, 1425, 1243, 1428, 1265, 1243, 1255, 1243, 1243,
+ /*     0 */  1663, 1663, 1663, 1491, 1254, 1367, 1254, 1254, 1254, 1254,
+ /*    10 */  1491, 1491, 1491, 1254, 1254, 1254, 1254, 1254, 1254, 1397,
+ /*    20 */  1397, 1544, 1287, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*    30 */  1254, 1254, 1254, 1254, 1254, 1490, 1254, 1254, 1254, 1254,
+ /*    40 */  1578, 1578, 1254, 1254, 1254, 1254, 1254, 1563, 1562, 1254,
+ /*    50 */  1254, 1254, 1406, 1254, 1413, 1254, 1254, 1254, 1254, 1254,
+ /*    60 */  1492, 1493, 1254, 1254, 1254, 1543, 1545, 1508, 1420, 1419,
+ /*    70 */  1418, 1417, 1526, 1385, 1411, 1404, 1408, 1487, 1488, 1486,
+ /*    80 */  1641, 1493, 1492, 1254, 1407, 1455, 1471, 1454, 1254, 1254,
+ /*    90 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   100 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   110 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   120 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   130 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   140 */  1463, 1470, 1469, 1468, 1477, 1467, 1464, 1457, 1456, 1458,
+ /*   150 */  1459, 1278, 1254, 1275, 1329, 1254, 1254, 1254, 1254, 1254,
+ /*   160 */  1460, 1287, 1448, 1447, 1446, 1254, 1474, 1461, 1473, 1472,
+ /*   170 */  1551, 1615, 1614, 1509, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   180 */  1578, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   190 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   200 */  1254, 1254, 1254, 1387, 1578, 1578, 1254, 1287, 1578, 1578,
+ /*   210 */  1388, 1388, 1283, 1283, 1391, 1558, 1358, 1358, 1358, 1358,
+ /*   220 */  1367, 1358, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   230 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1548, 1546, 1254,
+ /*   240 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   250 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   260 */  1254, 1254, 1254, 1254, 1254, 1254, 1363, 1254, 1254, 1254,
+ /*   270 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1608, 1254,
+ /*   280 */  1521, 1343, 1363, 1363, 1363, 1363, 1365, 1344, 1342, 1357,
+ /*   290 */  1288, 1261, 1655, 1423, 1412, 1364, 1412, 1652, 1410, 1423,
+ /*   300 */  1423, 1410, 1423, 1364, 1652, 1304, 1630, 1299, 1397, 1397,
+ /*   310 */  1397, 1387, 1387, 1387, 1387, 1391, 1391, 1489, 1364, 1357,
+ /*   320 */  1254, 1655, 1655, 1373, 1373, 1654, 1654, 1373, 1509, 1638,
+ /*   330 */  1432, 1332, 1338, 1338, 1338, 1338, 1373, 1272, 1410, 1638,
+ /*   340 */  1638, 1410, 1432, 1332, 1410, 1332, 1410, 1373, 1272, 1525,
+ /*   350 */  1649, 1373, 1272, 1499, 1373, 1272, 1373, 1272, 1499, 1330,
+ /*   360 */  1330, 1330, 1319, 1254, 1254, 1499, 1330, 1304, 1330, 1319,
+ /*   370 */  1330, 1330, 1596, 1254, 1503, 1503, 1499, 1373, 1588, 1588,
+ /*   380 */  1400, 1400, 1405, 1391, 1494, 1373, 1254, 1405, 1403, 1401,
+ /*   390 */  1410, 1322, 1611, 1611, 1607, 1607, 1607, 1660, 1660, 1558,
+ /*   400 */  1623, 1287, 1287, 1287, 1287, 1623, 1306, 1306, 1288, 1288,
+ /*   410 */  1287, 1623, 1254, 1254, 1254, 1254, 1254, 1254, 1618, 1254,
+ /*   420 */  1553, 1510, 1377, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   430 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1564,
+ /*   440 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   450 */  1254, 1437, 1254, 1257, 1555, 1254, 1254, 1254, 1254, 1254,
+ /*   460 */  1254, 1254, 1254, 1414, 1415, 1378, 1254, 1254, 1254, 1254,
+ /*   470 */  1254, 1254, 1254, 1429, 1254, 1254, 1254, 1424, 1254, 1254,
+ /*   480 */  1254, 1254, 1254, 1254, 1254, 1254, 1651, 1254, 1254, 1254,
+ /*   490 */  1254, 1254, 1254, 1524, 1523, 1254, 1254, 1375, 1254, 1254,
+ /*   500 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   510 */  1254, 1302, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   520 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   530 */  1254, 1254, 1254, 1254, 1254, 1402, 1254, 1254, 1254, 1254,
+ /*   540 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   550 */  1593, 1392, 1254, 1254, 1254, 1254, 1642, 1254, 1254, 1254,
+ /*   560 */  1254, 1352, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
+ /*   570 */  1254, 1254, 1254, 1634, 1346, 1438, 1254, 1441, 1276, 1254,
+ /*   580 */  1266, 1254, 1254,
 };
 /********** End of lemon-generated parsing tables *****************************/
 
@@ -172302,8 +173893,8 @@ static const YYCODETYPE yyFallback[] = {
     0,  /*  TRUEFALSE => nothing */
     0,  /*      ISNOT => nothing */
     0,  /*   FUNCTION => nothing */
-    0,  /*     UMINUS => nothing */
     0,  /*      UPLUS => nothing */
+    0,  /*     UMINUS => nothing */
     0,  /*      TRUTH => nothing */
     0,  /*   REGISTER => nothing */
     0,  /*     VECTOR => nothing */
@@ -172312,6 +173903,7 @@ static const YYCODETYPE yyFallback[] = {
     0,  /*   ASTERISK => nothing */
     0,  /*       SPAN => nothing */
     0,  /*      ERROR => nothing */
+    0,  /*    QNUMBER => nothing */
     0,  /*      SPACE => nothing */
     0,  /*    ILLEGAL => nothing */
 };
@@ -172354,14 +173946,9 @@ struct yyParser {
 #endif
   sqlite3ParserARG_SDECL                /* A place to hold %extra_argument */
   sqlite3ParserCTX_SDECL                /* A place to hold %extra_context */
-#if YYSTACKDEPTH<=0
-  int yystksz;                  /* Current side of the stack */
-  yyStackEntry *yystack;        /* The parser's stack */
-  yyStackEntry yystk0;          /* First stack entry */
-#else
-  yyStackEntry yystack[YYSTACKDEPTH];  /* The parser's stack */
-  yyStackEntry *yystackEnd;            /* Last entry in the stack */
-#endif
+  yyStackEntry *yystackEnd;           /* Last entry in the stack */
+  yyStackEntry *yystack;              /* The parser stack */
+  yyStackEntry yystk0[YYSTACKDEPTH];  /* Initial stack space */
 };
 typedef struct yyParser yyParser;
 
@@ -172575,8 +174162,8 @@ static const char *const yyTokenName[] = {
   /*  170 */ "TRUEFALSE",
   /*  171 */ "ISNOT",
   /*  172 */ "FUNCTION",
-  /*  173 */ "UMINUS",
-  /*  174 */ "UPLUS",
+  /*  173 */ "UPLUS",
+  /*  174 */ "UMINUS",
   /*  175 */ "TRUTH",
   /*  176 */ "REGISTER",
   /*  177 */ "VECTOR",
@@ -172585,142 +174172,145 @@ static const char *const yyTokenName[] = {
   /*  180 */ "ASTERISK",
   /*  181 */ "SPAN",
   /*  182 */ "ERROR",
-  /*  183 */ "SPACE",
-  /*  184 */ "ILLEGAL",
-  /*  185 */ "input",
-  /*  186 */ "cmdlist",
-  /*  187 */ "ecmd",
-  /*  188 */ "cmdx",
-  /*  189 */ "explain",
-  /*  190 */ "cmd",
-  /*  191 */ "transtype",
-  /*  192 */ "trans_opt",
-  /*  193 */ "nm",
-  /*  194 */ "savepoint_opt",
-  /*  195 */ "create_table",
-  /*  196 */ "create_table_args",
-  /*  197 */ "createkw",
-  /*  198 */ "temp",
-  /*  199 */ "ifnotexists",
-  /*  200 */ "dbnm",
-  /*  201 */ "columnlist",
-  /*  202 */ "conslist_opt",
-  /*  203 */ "table_option_set",
-  /*  204 */ "select",
-  /*  205 */ "table_option",
-  /*  206 */ "columnname",
-  /*  207 */ "carglist",
-  /*  208 */ "typetoken",
-  /*  209 */ "typename",
-  /*  210 */ "signed",
-  /*  211 */ "plus_num",
-  /*  212 */ "minus_num",
-  /*  213 */ "scanpt",
-  /*  214 */ "scantok",
-  /*  215 */ "ccons",
-  /*  216 */ "term",
-  /*  217 */ "expr",
-  /*  218 */ "onconf",
-  /*  219 */ "sortorder",
-  /*  220 */ "autoinc",
-  /*  221 */ "eidlist_opt",
-  /*  222 */ "refargs",
-  /*  223 */ "defer_subclause",
-  /*  224 */ "generated",
-  /*  225 */ "refarg",
-  /*  226 */ "refact",
-  /*  227 */ "init_deferred_pred_opt",
-  /*  228 */ "conslist",
-  /*  229 */ "tconscomma",
-  /*  230 */ "tcons",
-  /*  231 */ "sortlist",
-  /*  232 */ "eidlist",
-  /*  233 */ "defer_subclause_opt",
-  /*  234 */ "orconf",
-  /*  235 */ "resolvetype",
-  /*  236 */ "raisetype",
-  /*  237 */ "ifexists",
-  /*  238 */ "fullname",
-  /*  239 */ "selectnowith",
-  /*  240 */ "oneselect",
-  /*  241 */ "wqlist",
-  /*  242 */ "multiselect_op",
-  /*  243 */ "distinct",
-  /*  244 */ "selcollist",
-  /*  245 */ "from",
-  /*  246 */ "where_opt",
-  /*  247 */ "groupby_opt",
-  /*  248 */ "having_opt",
-  /*  249 */ "orderby_opt",
-  /*  250 */ "limit_opt",
-  /*  251 */ "window_clause",
-  /*  252 */ "values",
-  /*  253 */ "nexprlist",
-  /*  254 */ "sclp",
-  /*  255 */ "as",
-  /*  256 */ "seltablist",
-  /*  257 */ "stl_prefix",
-  /*  258 */ "joinop",
-  /*  259 */ "on_using",
-  /*  260 */ "indexed_by",
-  /*  261 */ "exprlist",
-  /*  262 */ "xfullname",
-  /*  263 */ "idlist",
-  /*  264 */ "indexed_opt",
-  /*  265 */ "nulls",
-  /*  266 */ "with",
-  /*  267 */ "where_opt_ret",
-  /*  268 */ "setlist",
-  /*  269 */ "insert_cmd",
-  /*  270 */ "idlist_opt",
-  /*  271 */ "upsert",
-  /*  272 */ "returning",
-  /*  273 */ "filter_over",
-  /*  274 */ "likeop",
-  /*  275 */ "between_op",
-  /*  276 */ "in_op",
-  /*  277 */ "paren_exprlist",
-  /*  278 */ "case_operand",
-  /*  279 */ "case_exprlist",
-  /*  280 */ "case_else",
-  /*  281 */ "uniqueflag",
-  /*  282 */ "collate",
-  /*  283 */ "vinto",
-  /*  284 */ "nmnum",
-  /*  285 */ "trigger_decl",
-  /*  286 */ "trigger_cmd_list",
-  /*  287 */ "trigger_time",
-  /*  288 */ "trigger_event",
-  /*  289 */ "foreach_clause",
-  /*  290 */ "when_clause",
-  /*  291 */ "trigger_cmd",
-  /*  292 */ "trnm",
-  /*  293 */ "tridxby",
-  /*  294 */ "database_kw_opt",
-  /*  295 */ "key_opt",
-  /*  296 */ "add_column_fullname",
-  /*  297 */ "kwcolumn_opt",
-  /*  298 */ "create_vtab",
-  /*  299 */ "vtabarglist",
-  /*  300 */ "vtabarg",
-  /*  301 */ "vtabargtoken",
-  /*  302 */ "lp",
-  /*  303 */ "anylist",
-  /*  304 */ "wqitem",
-  /*  305 */ "wqas",
-  /*  306 */ "windowdefn_list",
-  /*  307 */ "windowdefn",
-  /*  308 */ "window",
-  /*  309 */ "frame_opt",
-  /*  310 */ "part_opt",
-  /*  311 */ "filter_clause",
-  /*  312 */ "over_clause",
-  /*  313 */ "range_or_rows",
-  /*  314 */ "frame_bound",
-  /*  315 */ "frame_bound_s",
-  /*  316 */ "frame_bound_e",
-  /*  317 */ "frame_exclude_opt",
-  /*  318 */ "frame_exclude",
+  /*  183 */ "QNUMBER",
+  /*  184 */ "SPACE",
+  /*  185 */ "ILLEGAL",
+  /*  186 */ "input",
+  /*  187 */ "cmdlist",
+  /*  188 */ "ecmd",
+  /*  189 */ "cmdx",
+  /*  190 */ "explain",
+  /*  191 */ "cmd",
+  /*  192 */ "transtype",
+  /*  193 */ "trans_opt",
+  /*  194 */ "nm",
+  /*  195 */ "savepoint_opt",
+  /*  196 */ "create_table",
+  /*  197 */ "create_table_args",
+  /*  198 */ "createkw",
+  /*  199 */ "temp",
+  /*  200 */ "ifnotexists",
+  /*  201 */ "dbnm",
+  /*  202 */ "columnlist",
+  /*  203 */ "conslist_opt",
+  /*  204 */ "table_option_set",
+  /*  205 */ "select",
+  /*  206 */ "table_option",
+  /*  207 */ "columnname",
+  /*  208 */ "carglist",
+  /*  209 */ "typetoken",
+  /*  210 */ "typename",
+  /*  211 */ "signed",
+  /*  212 */ "plus_num",
+  /*  213 */ "minus_num",
+  /*  214 */ "scanpt",
+  /*  215 */ "scantok",
+  /*  216 */ "ccons",
+  /*  217 */ "term",
+  /*  218 */ "expr",
+  /*  219 */ "onconf",
+  /*  220 */ "sortorder",
+  /*  221 */ "autoinc",
+  /*  222 */ "eidlist_opt",
+  /*  223 */ "refargs",
+  /*  224 */ "defer_subclause",
+  /*  225 */ "generated",
+  /*  226 */ "refarg",
+  /*  227 */ "refact",
+  /*  228 */ "init_deferred_pred_opt",
+  /*  229 */ "conslist",
+  /*  230 */ "tconscomma",
+  /*  231 */ "tcons",
+  /*  232 */ "sortlist",
+  /*  233 */ "eidlist",
+  /*  234 */ "defer_subclause_opt",
+  /*  235 */ "orconf",
+  /*  236 */ "resolvetype",
+  /*  237 */ "raisetype",
+  /*  238 */ "ifexists",
+  /*  239 */ "fullname",
+  /*  240 */ "selectnowith",
+  /*  241 */ "oneselect",
+  /*  242 */ "wqlist",
+  /*  243 */ "multiselect_op",
+  /*  244 */ "distinct",
+  /*  245 */ "selcollist",
+  /*  246 */ "from",
+  /*  247 */ "where_opt",
+  /*  248 */ "groupby_opt",
+  /*  249 */ "having_opt",
+  /*  250 */ "orderby_opt",
+  /*  251 */ "limit_opt",
+  /*  252 */ "window_clause",
+  /*  253 */ "values",
+  /*  254 */ "nexprlist",
+  /*  255 */ "mvalues",
+  /*  256 */ "sclp",
+  /*  257 */ "as",
+  /*  258 */ "seltablist",
+  /*  259 */ "stl_prefix",
+  /*  260 */ "joinop",
+  /*  261 */ "on_using",
+  /*  262 */ "indexed_by",
+  /*  263 */ "exprlist",
+  /*  264 */ "xfullname",
+  /*  265 */ "idlist",
+  /*  266 */ "indexed_opt",
+  /*  267 */ "nulls",
+  /*  268 */ "with",
+  /*  269 */ "where_opt_ret",
+  /*  270 */ "setlist",
+  /*  271 */ "insert_cmd",
+  /*  272 */ "idlist_opt",
+  /*  273 */ "upsert",
+  /*  274 */ "returning",
+  /*  275 */ "filter_over",
+  /*  276 */ "likeop",
+  /*  277 */ "between_op",
+  /*  278 */ "in_op",
+  /*  279 */ "paren_exprlist",
+  /*  280 */ "case_operand",
+  /*  281 */ "case_exprlist",
+  /*  282 */ "case_else",
+  /*  283 */ "uniqueflag",
+  /*  284 */ "collate",
+  /*  285 */ "vinto",
+  /*  286 */ "nmnum",
+  /*  287 */ "trigger_decl",
+  /*  288 */ "trigger_cmd_list",
+  /*  289 */ "trigger_time",
+  /*  290 */ "trigger_event",
+  /*  291 */ "foreach_clause",
+  /*  292 */ "when_clause",
+  /*  293 */ "trigger_cmd",
+  /*  294 */ "trnm",
+  /*  295 */ "tridxby",
+  /*  296 */ "database_kw_opt",
+  /*  297 */ "key_opt",
+  /*  298 */ "add_column_fullname",
+  /*  299 */ "kwcolumn_opt",
+  /*  300 */ "create_vtab",
+  /*  301 */ "vtabarglist",
+  /*  302 */ "vtabarg",
+  /*  303 */ "vtabargtoken",
+  /*  304 */ "lp",
+  /*  305 */ "anylist",
+  /*  306 */ "wqitem",
+  /*  307 */ "wqas",
+  /*  308 */ "withnm",
+  /*  309 */ "windowdefn_list",
+  /*  310 */ "windowdefn",
+  /*  311 */ "window",
+  /*  312 */ "frame_opt",
+  /*  313 */ "part_opt",
+  /*  314 */ "filter_clause",
+  /*  315 */ "over_clause",
+  /*  316 */ "range_or_rows",
+  /*  317 */ "frame_bound",
+  /*  318 */ "frame_bound_s",
+  /*  319 */ "frame_bound_e",
+  /*  320 */ "frame_exclude_opt",
+  /*  321 */ "frame_exclude",
 };
 #endif /* defined(YYCOVERAGE) || !defined(NDEBUG) */
 
@@ -172823,351 +174413,363 @@ static const char *const yyRuleName[] = {
  /*  92 */ "oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt",
  /*  93 */ "oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt",
  /*  94 */ "values ::= VALUES LP nexprlist RP",
- /*  95 */ "values ::= values COMMA LP nexprlist RP",
- /*  96 */ "distinct ::= DISTINCT",
- /*  97 */ "distinct ::= ALL",
- /*  98 */ "distinct ::=",
- /*  99 */ "sclp ::=",
- /* 100 */ "selcollist ::= sclp scanpt expr scanpt as",
- /* 101 */ "selcollist ::= sclp scanpt STAR",
- /* 102 */ "selcollist ::= sclp scanpt nm DOT STAR",
- /* 103 */ "as ::= AS nm",
- /* 104 */ "as ::=",
- /* 105 */ "from ::=",
- /* 106 */ "from ::= FROM seltablist",
- /* 107 */ "stl_prefix ::= seltablist joinop",
- /* 108 */ "stl_prefix ::=",
- /* 109 */ "seltablist ::= stl_prefix nm dbnm as on_using",
- /* 110 */ "seltablist ::= stl_prefix nm dbnm as indexed_by on_using",
- /* 111 */ "seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using",
- /* 112 */ "seltablist ::= stl_prefix LP select RP as on_using",
- /* 113 */ "seltablist ::= stl_prefix LP seltablist RP as on_using",
- /* 114 */ "dbnm ::=",
- /* 115 */ "dbnm ::= DOT nm",
- /* 116 */ "fullname ::= nm",
- /* 117 */ "fullname ::= nm DOT nm",
- /* 118 */ "xfullname ::= nm",
- /* 119 */ "xfullname ::= nm DOT nm",
- /* 120 */ "xfullname ::= nm DOT nm AS nm",
- /* 121 */ "xfullname ::= nm AS nm",
- /* 122 */ "joinop ::= COMMA|JOIN",
- /* 123 */ "joinop ::= JOIN_KW JOIN",
- /* 124 */ "joinop ::= JOIN_KW nm JOIN",
- /* 125 */ "joinop ::= JOIN_KW nm nm JOIN",
- /* 126 */ "on_using ::= ON expr",
- /* 127 */ "on_using ::= USING LP idlist RP",
- /* 128 */ "on_using ::=",
- /* 129 */ "indexed_opt ::=",
- /* 130 */ "indexed_by ::= INDEXED BY nm",
- /* 131 */ "indexed_by ::= NOT INDEXED",
- /* 132 */ "orderby_opt ::=",
- /* 133 */ "orderby_opt ::= ORDER BY sortlist",
- /* 134 */ "sortlist ::= sortlist COMMA expr sortorder nulls",
- /* 135 */ "sortlist ::= expr sortorder nulls",
- /* 136 */ "sortorder ::= ASC",
- /* 137 */ "sortorder ::= DESC",
- /* 138 */ "sortorder ::=",
- /* 139 */ "nulls ::= NULLS FIRST",
- /* 140 */ "nulls ::= NULLS LAST",
- /* 141 */ "nulls ::=",
- /* 142 */ "groupby_opt ::=",
- /* 143 */ "groupby_opt ::= GROUP BY nexprlist",
- /* 144 */ "having_opt ::=",
- /* 145 */ "having_opt ::= HAVING expr",
- /* 146 */ "limit_opt ::=",
- /* 147 */ "limit_opt ::= LIMIT expr",
- /* 148 */ "limit_opt ::= LIMIT expr OFFSET expr",
- /* 149 */ "limit_opt ::= LIMIT expr COMMA expr",
- /* 150 */ "cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret",
- /* 151 */ "where_opt ::=",
- /* 152 */ "where_opt ::= WHERE expr",
- /* 153 */ "where_opt_ret ::=",
- /* 154 */ "where_opt_ret ::= WHERE expr",
- /* 155 */ "where_opt_ret ::= RETURNING selcollist",
- /* 156 */ "where_opt_ret ::= WHERE expr RETURNING selcollist",
- /* 157 */ "cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret",
- /* 158 */ "setlist ::= setlist COMMA nm EQ expr",
- /* 159 */ "setlist ::= setlist COMMA LP idlist RP EQ expr",
- /* 160 */ "setlist ::= nm EQ expr",
- /* 161 */ "setlist ::= LP idlist RP EQ expr",
- /* 162 */ "cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert",
- /* 163 */ "cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning",
- /* 164 */ "upsert ::=",
- /* 165 */ "upsert ::= RETURNING selcollist",
- /* 166 */ "upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert",
- /* 167 */ "upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert",
- /* 168 */ "upsert ::= ON CONFLICT DO NOTHING returning",
- /* 169 */ "upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning",
- /* 170 */ "returning ::= RETURNING selcollist",
- /* 171 */ "insert_cmd ::= INSERT orconf",
- /* 172 */ "insert_cmd ::= REPLACE",
- /* 173 */ "idlist_opt ::=",
- /* 174 */ "idlist_opt ::= LP idlist RP",
- /* 175 */ "idlist ::= idlist COMMA nm",
- /* 176 */ "idlist ::= nm",
- /* 177 */ "expr ::= LP expr RP",
- /* 178 */ "expr ::= ID|INDEXED|JOIN_KW",
- /* 179 */ "expr ::= nm DOT nm",
- /* 180 */ "expr ::= nm DOT nm DOT nm",
- /* 181 */ "term ::= NULL|FLOAT|BLOB",
- /* 182 */ "term ::= STRING",
- /* 183 */ "term ::= INTEGER",
- /* 184 */ "expr ::= VARIABLE",
- /* 185 */ "expr ::= expr COLLATE ID|STRING",
- /* 186 */ "expr ::= CAST LP expr AS typetoken RP",
- /* 187 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP",
- /* 188 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP",
- /* 189 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP",
- /* 190 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over",
- /* 191 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over",
- /* 192 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over",
- /* 193 */ "term ::= CTIME_KW",
- /* 194 */ "expr ::= LP nexprlist COMMA expr RP",
- /* 195 */ "expr ::= expr AND expr",
- /* 196 */ "expr ::= expr OR expr",
- /* 197 */ "expr ::= expr LT|GT|GE|LE expr",
- /* 198 */ "expr ::= expr EQ|NE expr",
- /* 199 */ "expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr",
- /* 200 */ "expr ::= expr PLUS|MINUS expr",
- /* 201 */ "expr ::= expr STAR|SLASH|REM expr",
- /* 202 */ "expr ::= expr CONCAT expr",
- /* 203 */ "likeop ::= NOT LIKE_KW|MATCH",
- /* 204 */ "expr ::= expr likeop expr",
- /* 205 */ "expr ::= expr likeop expr ESCAPE expr",
- /* 206 */ "expr ::= expr ISNULL|NOTNULL",
- /* 207 */ "expr ::= expr NOT NULL",
- /* 208 */ "expr ::= expr IS expr",
- /* 209 */ "expr ::= expr IS NOT expr",
- /* 210 */ "expr ::= expr IS NOT DISTINCT FROM expr",
- /* 211 */ "expr ::= expr IS DISTINCT FROM expr",
- /* 212 */ "expr ::= NOT expr",
- /* 213 */ "expr ::= BITNOT expr",
- /* 214 */ "expr ::= PLUS|MINUS expr",
- /* 215 */ "expr ::= expr PTR expr",
- /* 216 */ "between_op ::= BETWEEN",
- /* 217 */ "between_op ::= NOT BETWEEN",
- /* 218 */ "expr ::= expr between_op expr AND expr",
- /* 219 */ "in_op ::= IN",
- /* 220 */ "in_op ::= NOT IN",
- /* 221 */ "expr ::= expr in_op LP exprlist RP",
- /* 222 */ "expr ::= LP select RP",
- /* 223 */ "expr ::= expr in_op LP select RP",
- /* 224 */ "expr ::= expr in_op nm dbnm paren_exprlist",
- /* 225 */ "expr ::= EXISTS LP select RP",
- /* 226 */ "expr ::= CASE case_operand case_exprlist case_else END",
- /* 227 */ "case_exprlist ::= case_exprlist WHEN expr THEN expr",
- /* 228 */ "case_exprlist ::= WHEN expr THEN expr",
- /* 229 */ "case_else ::= ELSE expr",
- /* 230 */ "case_else ::=",
- /* 231 */ "case_operand ::=",
- /* 232 */ "exprlist ::=",
- /* 233 */ "nexprlist ::= nexprlist COMMA expr",
- /* 234 */ "nexprlist ::= expr",
- /* 235 */ "paren_exprlist ::=",
- /* 236 */ "paren_exprlist ::= LP exprlist RP",
- /* 237 */ "cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt",
- /* 238 */ "uniqueflag ::= UNIQUE",
- /* 239 */ "uniqueflag ::=",
- /* 240 */ "eidlist_opt ::=",
- /* 241 */ "eidlist_opt ::= LP eidlist RP",
- /* 242 */ "eidlist ::= eidlist COMMA nm collate sortorder",
- /* 243 */ "eidlist ::= nm collate sortorder",
- /* 244 */ "collate ::=",
- /* 245 */ "collate ::= COLLATE ID|STRING",
- /* 246 */ "cmd ::= DROP INDEX ifexists fullname",
- /* 247 */ "cmd ::= VACUUM vinto",
- /* 248 */ "cmd ::= VACUUM nm vinto",
- /* 249 */ "vinto ::= INTO expr",
- /* 250 */ "vinto ::=",
- /* 251 */ "cmd ::= PRAGMA nm dbnm",
- /* 252 */ "cmd ::= PRAGMA nm dbnm EQ nmnum",
- /* 253 */ "cmd ::= PRAGMA nm dbnm LP nmnum RP",
- /* 254 */ "cmd ::= PRAGMA nm dbnm EQ minus_num",
- /* 255 */ "cmd ::= PRAGMA nm dbnm LP minus_num RP",
- /* 256 */ "plus_num ::= PLUS INTEGER|FLOAT",
- /* 257 */ "minus_num ::= MINUS INTEGER|FLOAT",
- /* 258 */ "cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END",
- /* 259 */ "trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause",
- /* 260 */ "trigger_time ::= BEFORE|AFTER",
- /* 261 */ "trigger_time ::= INSTEAD OF",
- /* 262 */ "trigger_time ::=",
- /* 263 */ "trigger_event ::= DELETE|INSERT",
- /* 264 */ "trigger_event ::= UPDATE",
- /* 265 */ "trigger_event ::= UPDATE OF idlist",
- /* 266 */ "when_clause ::=",
- /* 267 */ "when_clause ::= WHEN expr",
- /* 268 */ "trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI",
- /* 269 */ "trigger_cmd_list ::= trigger_cmd SEMI",
- /* 270 */ "trnm ::= nm DOT nm",
- /* 271 */ "tridxby ::= INDEXED BY nm",
- /* 272 */ "tridxby ::= NOT INDEXED",
- /* 273 */ "trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt",
- /* 274 */ "trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt",
- /* 275 */ "trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt",
- /* 276 */ "trigger_cmd ::= scanpt select scanpt",
- /* 277 */ "expr ::= RAISE LP IGNORE RP",
- /* 278 */ "expr ::= RAISE LP raisetype COMMA nm RP",
- /* 279 */ "raisetype ::= ROLLBACK",
- /* 280 */ "raisetype ::= ABORT",
- /* 281 */ "raisetype ::= FAIL",
- /* 282 */ "cmd ::= DROP TRIGGER ifexists fullname",
- /* 283 */ "cmd ::= ATTACH database_kw_opt expr AS expr key_opt",
- /* 284 */ "cmd ::= DETACH database_kw_opt expr",
- /* 285 */ "key_opt ::=",
- /* 286 */ "key_opt ::= KEY expr",
- /* 287 */ "cmd ::= REINDEX",
- /* 288 */ "cmd ::= REINDEX nm dbnm",
- /* 289 */ "cmd ::= ANALYZE",
- /* 290 */ "cmd ::= ANALYZE nm dbnm",
- /* 291 */ "cmd ::= ALTER TABLE fullname RENAME TO nm",
- /* 292 */ "cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist",
- /* 293 */ "cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm",
- /* 294 */ "add_column_fullname ::= fullname",
- /* 295 */ "cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm",
- /* 296 */ "cmd ::= create_vtab",
- /* 297 */ "cmd ::= create_vtab LP vtabarglist RP",
- /* 298 */ "create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm",
- /* 299 */ "vtabarg ::=",
- /* 300 */ "vtabargtoken ::= ANY",
- /* 301 */ "vtabargtoken ::= lp anylist RP",
- /* 302 */ "lp ::= LP",
- /* 303 */ "with ::= WITH wqlist",
- /* 304 */ "with ::= WITH RECURSIVE wqlist",
- /* 305 */ "wqas ::= AS",
- /* 306 */ "wqas ::= AS MATERIALIZED",
- /* 307 */ "wqas ::= AS NOT MATERIALIZED",
- /* 308 */ "wqitem ::= nm eidlist_opt wqas LP select RP",
- /* 309 */ "wqlist ::= wqitem",
- /* 310 */ "wqlist ::= wqlist COMMA wqitem",
- /* 311 */ "windowdefn_list ::= windowdefn_list COMMA windowdefn",
- /* 312 */ "windowdefn ::= nm AS LP window RP",
- /* 313 */ "window ::= PARTITION BY nexprlist orderby_opt frame_opt",
- /* 314 */ "window ::= nm PARTITION BY nexprlist orderby_opt frame_opt",
- /* 315 */ "window ::= ORDER BY sortlist frame_opt",
- /* 316 */ "window ::= nm ORDER BY sortlist frame_opt",
- /* 317 */ "window ::= nm frame_opt",
- /* 318 */ "frame_opt ::=",
- /* 319 */ "frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt",
- /* 320 */ "frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt",
- /* 321 */ "range_or_rows ::= RANGE|ROWS|GROUPS",
- /* 322 */ "frame_bound_s ::= frame_bound",
- /* 323 */ "frame_bound_s ::= UNBOUNDED PRECEDING",
- /* 324 */ "frame_bound_e ::= frame_bound",
- /* 325 */ "frame_bound_e ::= UNBOUNDED FOLLOWING",
- /* 326 */ "frame_bound ::= expr PRECEDING|FOLLOWING",
- /* 327 */ "frame_bound ::= CURRENT ROW",
- /* 328 */ "frame_exclude_opt ::=",
- /* 329 */ "frame_exclude_opt ::= EXCLUDE frame_exclude",
- /* 330 */ "frame_exclude ::= NO OTHERS",
- /* 331 */ "frame_exclude ::= CURRENT ROW",
- /* 332 */ "frame_exclude ::= GROUP|TIES",
- /* 333 */ "window_clause ::= WINDOW windowdefn_list",
- /* 334 */ "filter_over ::= filter_clause over_clause",
- /* 335 */ "filter_over ::= over_clause",
- /* 336 */ "filter_over ::= filter_clause",
- /* 337 */ "over_clause ::= OVER LP window RP",
- /* 338 */ "over_clause ::= OVER nm",
- /* 339 */ "filter_clause ::= FILTER LP WHERE expr RP",
- /* 340 */ "input ::= cmdlist",
- /* 341 */ "cmdlist ::= cmdlist ecmd",
- /* 342 */ "cmdlist ::= ecmd",
- /* 343 */ "ecmd ::= SEMI",
- /* 344 */ "ecmd ::= cmdx SEMI",
- /* 345 */ "ecmd ::= explain cmdx SEMI",
- /* 346 */ "trans_opt ::=",
- /* 347 */ "trans_opt ::= TRANSACTION",
- /* 348 */ "trans_opt ::= TRANSACTION nm",
- /* 349 */ "savepoint_opt ::= SAVEPOINT",
- /* 350 */ "savepoint_opt ::=",
- /* 351 */ "cmd ::= create_table create_table_args",
- /* 352 */ "table_option_set ::= table_option",
- /* 353 */ "columnlist ::= columnlist COMMA columnname carglist",
- /* 354 */ "columnlist ::= columnname carglist",
- /* 355 */ "nm ::= ID|INDEXED|JOIN_KW",
- /* 356 */ "nm ::= STRING",
- /* 357 */ "typetoken ::= typename",
- /* 358 */ "typename ::= ID|STRING",
- /* 359 */ "signed ::= plus_num",
- /* 360 */ "signed ::= minus_num",
- /* 361 */ "carglist ::= carglist ccons",
- /* 362 */ "carglist ::=",
- /* 363 */ "ccons ::= NULL onconf",
- /* 364 */ "ccons ::= GENERATED ALWAYS AS generated",
- /* 365 */ "ccons ::= AS generated",
- /* 366 */ "conslist_opt ::= COMMA conslist",
- /* 367 */ "conslist ::= conslist tconscomma tcons",
- /* 368 */ "conslist ::= tcons",
- /* 369 */ "tconscomma ::=",
- /* 370 */ "defer_subclause_opt ::= defer_subclause",
- /* 371 */ "resolvetype ::= raisetype",
- /* 372 */ "selectnowith ::= oneselect",
- /* 373 */ "oneselect ::= values",
- /* 374 */ "sclp ::= selcollist COMMA",
- /* 375 */ "as ::= ID|STRING",
- /* 376 */ "indexed_opt ::= indexed_by",
- /* 377 */ "returning ::=",
- /* 378 */ "expr ::= term",
- /* 379 */ "likeop ::= LIKE_KW|MATCH",
- /* 380 */ "case_operand ::= expr",
- /* 381 */ "exprlist ::= nexprlist",
- /* 382 */ "nmnum ::= plus_num",
- /* 383 */ "nmnum ::= nm",
- /* 384 */ "nmnum ::= ON",
- /* 385 */ "nmnum ::= DELETE",
- /* 386 */ "nmnum ::= DEFAULT",
- /* 387 */ "plus_num ::= INTEGER|FLOAT",
- /* 388 */ "foreach_clause ::=",
- /* 389 */ "foreach_clause ::= FOR EACH ROW",
- /* 390 */ "trnm ::= nm",
- /* 391 */ "tridxby ::=",
- /* 392 */ "database_kw_opt ::= DATABASE",
- /* 393 */ "database_kw_opt ::=",
- /* 394 */ "kwcolumn_opt ::=",
- /* 395 */ "kwcolumn_opt ::= COLUMNKW",
- /* 396 */ "vtabarglist ::= vtabarg",
- /* 397 */ "vtabarglist ::= vtabarglist COMMA vtabarg",
- /* 398 */ "vtabarg ::= vtabarg vtabargtoken",
- /* 399 */ "anylist ::=",
- /* 400 */ "anylist ::= anylist LP anylist RP",
- /* 401 */ "anylist ::= anylist ANY",
- /* 402 */ "with ::=",
- /* 403 */ "windowdefn_list ::= windowdefn",
- /* 404 */ "window ::= frame_opt",
+ /*  95 */ "oneselect ::= mvalues",
+ /*  96 */ "mvalues ::= values COMMA LP nexprlist RP",
+ /*  97 */ "mvalues ::= mvalues COMMA LP nexprlist RP",
+ /*  98 */ "distinct ::= DISTINCT",
+ /*  99 */ "distinct ::= ALL",
+ /* 100 */ "distinct ::=",
+ /* 101 */ "sclp ::=",
+ /* 102 */ "selcollist ::= sclp scanpt expr scanpt as",
+ /* 103 */ "selcollist ::= sclp scanpt STAR",
+ /* 104 */ "selcollist ::= sclp scanpt nm DOT STAR",
+ /* 105 */ "as ::= AS nm",
+ /* 106 */ "as ::=",
+ /* 107 */ "from ::=",
+ /* 108 */ "from ::= FROM seltablist",
+ /* 109 */ "stl_prefix ::= seltablist joinop",
+ /* 110 */ "stl_prefix ::=",
+ /* 111 */ "seltablist ::= stl_prefix nm dbnm as on_using",
+ /* 112 */ "seltablist ::= stl_prefix nm dbnm as indexed_by on_using",
+ /* 113 */ "seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using",
+ /* 114 */ "seltablist ::= stl_prefix LP select RP as on_using",
+ /* 115 */ "seltablist ::= stl_prefix LP seltablist RP as on_using",
+ /* 116 */ "dbnm ::=",
+ /* 117 */ "dbnm ::= DOT nm",
+ /* 118 */ "fullname ::= nm",
+ /* 119 */ "fullname ::= nm DOT nm",
+ /* 120 */ "xfullname ::= nm",
+ /* 121 */ "xfullname ::= nm DOT nm",
+ /* 122 */ "xfullname ::= nm DOT nm AS nm",
+ /* 123 */ "xfullname ::= nm AS nm",
+ /* 124 */ "joinop ::= COMMA|JOIN",
+ /* 125 */ "joinop ::= JOIN_KW JOIN",
+ /* 126 */ "joinop ::= JOIN_KW nm JOIN",
+ /* 127 */ "joinop ::= JOIN_KW nm nm JOIN",
+ /* 128 */ "on_using ::= ON expr",
+ /* 129 */ "on_using ::= USING LP idlist RP",
+ /* 130 */ "on_using ::=",
+ /* 131 */ "indexed_opt ::=",
+ /* 132 */ "indexed_by ::= INDEXED BY nm",
+ /* 133 */ "indexed_by ::= NOT INDEXED",
+ /* 134 */ "orderby_opt ::=",
+ /* 135 */ "orderby_opt ::= ORDER BY sortlist",
+ /* 136 */ "sortlist ::= sortlist COMMA expr sortorder nulls",
+ /* 137 */ "sortlist ::= expr sortorder nulls",
+ /* 138 */ "sortorder ::= ASC",
+ /* 139 */ "sortorder ::= DESC",
+ /* 140 */ "sortorder ::=",
+ /* 141 */ "nulls ::= NULLS FIRST",
+ /* 142 */ "nulls ::= NULLS LAST",
+ /* 143 */ "nulls ::=",
+ /* 144 */ "groupby_opt ::=",
+ /* 145 */ "groupby_opt ::= GROUP BY nexprlist",
+ /* 146 */ "having_opt ::=",
+ /* 147 */ "having_opt ::= HAVING expr",
+ /* 148 */ "limit_opt ::=",
+ /* 149 */ "limit_opt ::= LIMIT expr",
+ /* 150 */ "limit_opt ::= LIMIT expr OFFSET expr",
+ /* 151 */ "limit_opt ::= LIMIT expr COMMA expr",
+ /* 152 */ "cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret",
+ /* 153 */ "where_opt ::=",
+ /* 154 */ "where_opt ::= WHERE expr",
+ /* 155 */ "where_opt_ret ::=",
+ /* 156 */ "where_opt_ret ::= WHERE expr",
+ /* 157 */ "where_opt_ret ::= RETURNING selcollist",
+ /* 158 */ "where_opt_ret ::= WHERE expr RETURNING selcollist",
+ /* 159 */ "cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret",
+ /* 160 */ "setlist ::= setlist COMMA nm EQ expr",
+ /* 161 */ "setlist ::= setlist COMMA LP idlist RP EQ expr",
+ /* 162 */ "setlist ::= nm EQ expr",
+ /* 163 */ "setlist ::= LP idlist RP EQ expr",
+ /* 164 */ "cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert",
+ /* 165 */ "cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning",
+ /* 166 */ "upsert ::=",
+ /* 167 */ "upsert ::= RETURNING selcollist",
+ /* 168 */ "upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert",
+ /* 169 */ "upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert",
+ /* 170 */ "upsert ::= ON CONFLICT DO NOTHING returning",
+ /* 171 */ "upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning",
+ /* 172 */ "returning ::= RETURNING selcollist",
+ /* 173 */ "insert_cmd ::= INSERT orconf",
+ /* 174 */ "insert_cmd ::= REPLACE",
+ /* 175 */ "idlist_opt ::=",
+ /* 176 */ "idlist_opt ::= LP idlist RP",
+ /* 177 */ "idlist ::= idlist COMMA nm",
+ /* 178 */ "idlist ::= nm",
+ /* 179 */ "expr ::= LP expr RP",
+ /* 180 */ "expr ::= ID|INDEXED|JOIN_KW",
+ /* 181 */ "expr ::= nm DOT nm",
+ /* 182 */ "expr ::= nm DOT nm DOT nm",
+ /* 183 */ "term ::= NULL|FLOAT|BLOB",
+ /* 184 */ "term ::= STRING",
+ /* 185 */ "term ::= INTEGER",
+ /* 186 */ "expr ::= VARIABLE",
+ /* 187 */ "expr ::= expr COLLATE ID|STRING",
+ /* 188 */ "expr ::= CAST LP expr AS typetoken RP",
+ /* 189 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP",
+ /* 190 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP",
+ /* 191 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP",
+ /* 192 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over",
+ /* 193 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over",
+ /* 194 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over",
+ /* 195 */ "term ::= CTIME_KW",
+ /* 196 */ "expr ::= LP nexprlist COMMA expr RP",
+ /* 197 */ "expr ::= expr AND expr",
+ /* 198 */ "expr ::= expr OR expr",
+ /* 199 */ "expr ::= expr LT|GT|GE|LE expr",
+ /* 200 */ "expr ::= expr EQ|NE expr",
+ /* 201 */ "expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr",
+ /* 202 */ "expr ::= expr PLUS|MINUS expr",
+ /* 203 */ "expr ::= expr STAR|SLASH|REM expr",
+ /* 204 */ "expr ::= expr CONCAT expr",
+ /* 205 */ "likeop ::= NOT LIKE_KW|MATCH",
+ /* 206 */ "expr ::= expr likeop expr",
+ /* 207 */ "expr ::= expr likeop expr ESCAPE expr",
+ /* 208 */ "expr ::= expr ISNULL|NOTNULL",
+ /* 209 */ "expr ::= expr NOT NULL",
+ /* 210 */ "expr ::= expr IS expr",
+ /* 211 */ "expr ::= expr IS NOT expr",
+ /* 212 */ "expr ::= expr IS NOT DISTINCT FROM expr",
+ /* 213 */ "expr ::= expr IS DISTINCT FROM expr",
+ /* 214 */ "expr ::= NOT expr",
+ /* 215 */ "expr ::= BITNOT expr",
+ /* 216 */ "expr ::= PLUS|MINUS expr",
+ /* 217 */ "expr ::= expr PTR expr",
+ /* 218 */ "between_op ::= BETWEEN",
+ /* 219 */ "between_op ::= NOT BETWEEN",
+ /* 220 */ "expr ::= expr between_op expr AND expr",
+ /* 221 */ "in_op ::= IN",
+ /* 222 */ "in_op ::= NOT IN",
+ /* 223 */ "expr ::= expr in_op LP exprlist RP",
+ /* 224 */ "expr ::= LP select RP",
+ /* 225 */ "expr ::= expr in_op LP select RP",
+ /* 226 */ "expr ::= expr in_op nm dbnm paren_exprlist",
+ /* 227 */ "expr ::= EXISTS LP select RP",
+ /* 228 */ "expr ::= CASE case_operand case_exprlist case_else END",
+ /* 229 */ "case_exprlist ::= case_exprlist WHEN expr THEN expr",
+ /* 230 */ "case_exprlist ::= WHEN expr THEN expr",
+ /* 231 */ "case_else ::= ELSE expr",
+ /* 232 */ "case_else ::=",
+ /* 233 */ "case_operand ::=",
+ /* 234 */ "exprlist ::=",
+ /* 235 */ "nexprlist ::= nexprlist COMMA expr",
+ /* 236 */ "nexprlist ::= expr",
+ /* 237 */ "paren_exprlist ::=",
+ /* 238 */ "paren_exprlist ::= LP exprlist RP",
+ /* 239 */ "cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt",
+ /* 240 */ "uniqueflag ::= UNIQUE",
+ /* 241 */ "uniqueflag ::=",
+ /* 242 */ "eidlist_opt ::=",
+ /* 243 */ "eidlist_opt ::= LP eidlist RP",
+ /* 244 */ "eidlist ::= eidlist COMMA nm collate sortorder",
+ /* 245 */ "eidlist ::= nm collate sortorder",
+ /* 246 */ "collate ::=",
+ /* 247 */ "collate ::= COLLATE ID|STRING",
+ /* 248 */ "cmd ::= DROP INDEX ifexists fullname",
+ /* 249 */ "cmd ::= VACUUM vinto",
+ /* 250 */ "cmd ::= VACUUM nm vinto",
+ /* 251 */ "vinto ::= INTO expr",
+ /* 252 */ "vinto ::=",
+ /* 253 */ "cmd ::= PRAGMA nm dbnm",
+ /* 254 */ "cmd ::= PRAGMA nm dbnm EQ nmnum",
+ /* 255 */ "cmd ::= PRAGMA nm dbnm LP nmnum RP",
+ /* 256 */ "cmd ::= PRAGMA nm dbnm EQ minus_num",
+ /* 257 */ "cmd ::= PRAGMA nm dbnm LP minus_num RP",
+ /* 258 */ "plus_num ::= PLUS INTEGER|FLOAT",
+ /* 259 */ "minus_num ::= MINUS INTEGER|FLOAT",
+ /* 260 */ "cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END",
+ /* 261 */ "trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause",
+ /* 262 */ "trigger_time ::= BEFORE|AFTER",
+ /* 263 */ "trigger_time ::= INSTEAD OF",
+ /* 264 */ "trigger_time ::=",
+ /* 265 */ "trigger_event ::= DELETE|INSERT",
+ /* 266 */ "trigger_event ::= UPDATE",
+ /* 267 */ "trigger_event ::= UPDATE OF idlist",
+ /* 268 */ "when_clause ::=",
+ /* 269 */ "when_clause ::= WHEN expr",
+ /* 270 */ "trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI",
+ /* 271 */ "trigger_cmd_list ::= trigger_cmd SEMI",
+ /* 272 */ "trnm ::= nm DOT nm",
+ /* 273 */ "tridxby ::= INDEXED BY nm",
+ /* 274 */ "tridxby ::= NOT INDEXED",
+ /* 275 */ "trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt",
+ /* 276 */ "trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt",
+ /* 277 */ "trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt",
+ /* 278 */ "trigger_cmd ::= scanpt select scanpt",
+ /* 279 */ "expr ::= RAISE LP IGNORE RP",
+ /* 280 */ "expr ::= RAISE LP raisetype COMMA nm RP",
+ /* 281 */ "raisetype ::= ROLLBACK",
+ /* 282 */ "raisetype ::= ABORT",
+ /* 283 */ "raisetype ::= FAIL",
+ /* 284 */ "cmd ::= DROP TRIGGER ifexists fullname",
+ /* 285 */ "cmd ::= ATTACH database_kw_opt expr AS expr key_opt",
+ /* 286 */ "cmd ::= DETACH database_kw_opt expr",
+ /* 287 */ "key_opt ::=",
+ /* 288 */ "key_opt ::= KEY expr",
+ /* 289 */ "cmd ::= REINDEX",
+ /* 290 */ "cmd ::= REINDEX nm dbnm",
+ /* 291 */ "cmd ::= ANALYZE",
+ /* 292 */ "cmd ::= ANALYZE nm dbnm",
+ /* 293 */ "cmd ::= ALTER TABLE fullname RENAME TO nm",
+ /* 294 */ "cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist",
+ /* 295 */ "cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm",
+ /* 296 */ "add_column_fullname ::= fullname",
+ /* 297 */ "cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm",
+ /* 298 */ "cmd ::= create_vtab",
+ /* 299 */ "cmd ::= create_vtab LP vtabarglist RP",
+ /* 300 */ "create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm",
+ /* 301 */ "vtabarg ::=",
+ /* 302 */ "vtabargtoken ::= ANY",
+ /* 303 */ "vtabargtoken ::= lp anylist RP",
+ /* 304 */ "lp ::= LP",
+ /* 305 */ "with ::= WITH wqlist",
+ /* 306 */ "with ::= WITH RECURSIVE wqlist",
+ /* 307 */ "wqas ::= AS",
+ /* 308 */ "wqas ::= AS MATERIALIZED",
+ /* 309 */ "wqas ::= AS NOT MATERIALIZED",
+ /* 310 */ "wqitem ::= withnm eidlist_opt wqas LP select RP",
+ /* 311 */ "withnm ::= nm",
+ /* 312 */ "wqlist ::= wqitem",
+ /* 313 */ "wqlist ::= wqlist COMMA wqitem",
+ /* 314 */ "windowdefn_list ::= windowdefn_list COMMA windowdefn",
+ /* 315 */ "windowdefn ::= nm AS LP window RP",
+ /* 316 */ "window ::= PARTITION BY nexprlist orderby_opt frame_opt",
+ /* 317 */ "window ::= nm PARTITION BY nexprlist orderby_opt frame_opt",
+ /* 318 */ "window ::= ORDER BY sortlist frame_opt",
+ /* 319 */ "window ::= nm ORDER BY sortlist frame_opt",
+ /* 320 */ "window ::= nm frame_opt",
+ /* 321 */ "frame_opt ::=",
+ /* 322 */ "frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt",
+ /* 323 */ "frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt",
+ /* 324 */ "range_or_rows ::= RANGE|ROWS|GROUPS",
+ /* 325 */ "frame_bound_s ::= frame_bound",
+ /* 326 */ "frame_bound_s ::= UNBOUNDED PRECEDING",
+ /* 327 */ "frame_bound_e ::= frame_bound",
+ /* 328 */ "frame_bound_e ::= UNBOUNDED FOLLOWING",
+ /* 329 */ "frame_bound ::= expr PRECEDING|FOLLOWING",
+ /* 330 */ "frame_bound ::= CURRENT ROW",
+ /* 331 */ "frame_exclude_opt ::=",
+ /* 332 */ "frame_exclude_opt ::= EXCLUDE frame_exclude",
+ /* 333 */ "frame_exclude ::= NO OTHERS",
+ /* 334 */ "frame_exclude ::= CURRENT ROW",
+ /* 335 */ "frame_exclude ::= GROUP|TIES",
+ /* 336 */ "window_clause ::= WINDOW windowdefn_list",
+ /* 337 */ "filter_over ::= filter_clause over_clause",
+ /* 338 */ "filter_over ::= over_clause",
+ /* 339 */ "filter_over ::= filter_clause",
+ /* 340 */ "over_clause ::= OVER LP window RP",
+ /* 341 */ "over_clause ::= OVER nm",
+ /* 342 */ "filter_clause ::= FILTER LP WHERE expr RP",
+ /* 343 */ "term ::= QNUMBER",
+ /* 344 */ "input ::= cmdlist",
+ /* 345 */ "cmdlist ::= cmdlist ecmd",
+ /* 346 */ "cmdlist ::= ecmd",
+ /* 347 */ "ecmd ::= SEMI",
+ /* 348 */ "ecmd ::= cmdx SEMI",
+ /* 349 */ "ecmd ::= explain cmdx SEMI",
+ /* 350 */ "trans_opt ::=",
+ /* 351 */ "trans_opt ::= TRANSACTION",
+ /* 352 */ "trans_opt ::= TRANSACTION nm",
+ /* 353 */ "savepoint_opt ::= SAVEPOINT",
+ /* 354 */ "savepoint_opt ::=",
+ /* 355 */ "cmd ::= create_table create_table_args",
+ /* 356 */ "table_option_set ::= table_option",
+ /* 357 */ "columnlist ::= columnlist COMMA columnname carglist",
+ /* 358 */ "columnlist ::= columnname carglist",
+ /* 359 */ "nm ::= ID|INDEXED|JOIN_KW",
+ /* 360 */ "nm ::= STRING",
+ /* 361 */ "typetoken ::= typename",
+ /* 362 */ "typename ::= ID|STRING",
+ /* 363 */ "signed ::= plus_num",
+ /* 364 */ "signed ::= minus_num",
+ /* 365 */ "carglist ::= carglist ccons",
+ /* 366 */ "carglist ::=",
+ /* 367 */ "ccons ::= NULL onconf",
+ /* 368 */ "ccons ::= GENERATED ALWAYS AS generated",
+ /* 369 */ "ccons ::= AS generated",
+ /* 370 */ "conslist_opt ::= COMMA conslist",
+ /* 371 */ "conslist ::= conslist tconscomma tcons",
+ /* 372 */ "conslist ::= tcons",
+ /* 373 */ "tconscomma ::=",
+ /* 374 */ "defer_subclause_opt ::= defer_subclause",
+ /* 375 */ "resolvetype ::= raisetype",
+ /* 376 */ "selectnowith ::= oneselect",
+ /* 377 */ "oneselect ::= values",
+ /* 378 */ "sclp ::= selcollist COMMA",
+ /* 379 */ "as ::= ID|STRING",
+ /* 380 */ "indexed_opt ::= indexed_by",
+ /* 381 */ "returning ::=",
+ /* 382 */ "expr ::= term",
+ /* 383 */ "likeop ::= LIKE_KW|MATCH",
+ /* 384 */ "case_operand ::= expr",
+ /* 385 */ "exprlist ::= nexprlist",
+ /* 386 */ "nmnum ::= plus_num",
+ /* 387 */ "nmnum ::= nm",
+ /* 388 */ "nmnum ::= ON",
+ /* 389 */ "nmnum ::= DELETE",
+ /* 390 */ "nmnum ::= DEFAULT",
+ /* 391 */ "plus_num ::= INTEGER|FLOAT",
+ /* 392 */ "foreach_clause ::=",
+ /* 393 */ "foreach_clause ::= FOR EACH ROW",
+ /* 394 */ "trnm ::= nm",
+ /* 395 */ "tridxby ::=",
+ /* 396 */ "database_kw_opt ::= DATABASE",
+ /* 397 */ "database_kw_opt ::=",
+ /* 398 */ "kwcolumn_opt ::=",
+ /* 399 */ "kwcolumn_opt ::= COLUMNKW",
+ /* 400 */ "vtabarglist ::= vtabarg",
+ /* 401 */ "vtabarglist ::= vtabarglist COMMA vtabarg",
+ /* 402 */ "vtabarg ::= vtabarg vtabargtoken",
+ /* 403 */ "anylist ::=",
+ /* 404 */ "anylist ::= anylist LP anylist RP",
+ /* 405 */ "anylist ::= anylist ANY",
+ /* 406 */ "with ::=",
+ /* 407 */ "windowdefn_list ::= windowdefn",
+ /* 408 */ "window ::= frame_opt",
 };
 #endif /* NDEBUG */
 
 
-#if YYSTACKDEPTH<=0
+#if YYGROWABLESTACK
 /*
 ** Try to increase the size of the parser stack.  Return the number
 ** of errors.  Return 0 on success.
 */
 static int yyGrowStack(yyParser *p){
+  int oldSize = 1 + (int)(p->yystackEnd - p->yystack);
   int newSize;
   int idx;
   yyStackEntry *pNew;
 
-  newSize = p->yystksz*2 + 100;
-  idx = p->yytos ? (int)(p->yytos - p->yystack) : 0;
-  if( p->yystack==&p->yystk0 ){
-    pNew = malloc(newSize*sizeof(pNew[0]));
-    if( pNew ) pNew[0] = p->yystk0;
+  newSize = oldSize*2 + 100;
+  idx = (int)(p->yytos - p->yystack);
+  if( p->yystack==p->yystk0 ){
+    pNew = YYREALLOC(0, newSize*sizeof(pNew[0]));
+    if( pNew==0 ) return 1;
+    memcpy(pNew, p->yystack, oldSize*sizeof(pNew[0]));
   }else{
-    pNew = realloc(p->yystack, newSize*sizeof(pNew[0]));
+    pNew = YYREALLOC(p->yystack, newSize*sizeof(pNew[0]));
+    if( pNew==0 ) return 1;
   }
-  if( pNew ){
-    p->yystack = pNew;
-    p->yytos = &p->yystack[idx];
+  p->yystack = pNew;
+  p->yytos = &p->yystack[idx];
 #ifndef NDEBUG
-    if( yyTraceFILE ){
-      fprintf(yyTraceFILE,"%sStack grows from %d to %d entries.\n",
-              yyTracePrompt, p->yystksz, newSize);
-    }
-#endif
-    p->yystksz = newSize;
+  if( yyTraceFILE ){
+    fprintf(yyTraceFILE,"%sStack grows from %d to %d entries.\n",
+            yyTracePrompt, oldSize, newSize);
   }
-  return pNew==0;
+#endif
+  p->yystackEnd = &p->yystack[newSize-1];
+  return 0;
 }
+#endif /* YYGROWABLESTACK */
+
+#if !YYGROWABLESTACK
+/* For builds that do no have a growable stack, yyGrowStack always
+** returns an error.
+*/
+# define yyGrowStack(X) 1
 #endif
 
 /* Datatype of the argument to the memory allocated passed as the
@@ -173187,24 +174789,14 @@ SQLITE_PRIVATE void sqlite3ParserInit(void *yypRawParser sqlite3ParserCTX_PDECL)
 #ifdef YYTRACKMAXSTACKDEPTH
   yypParser->yyhwm = 0;
 #endif
-#if YYSTACKDEPTH<=0
-  yypParser->yytos = NULL;
-  yypParser->yystack = NULL;
-  yypParser->yystksz = 0;
-  if( yyGrowStack(yypParser) ){
-    yypParser->yystack = &yypParser->yystk0;
-    yypParser->yystksz = 1;
-  }
-#endif
+  yypParser->yystack = yypParser->yystk0;
+  yypParser->yystackEnd = &yypParser->yystack[YYSTACKDEPTH-1];
 #ifndef YYNOERRORRECOVERY
   yypParser->yyerrcnt = -1;
 #endif
   yypParser->yytos = yypParser->yystack;
   yypParser->yystack[0].stateno = 0;
   yypParser->yystack[0].major = 0;
-#if YYSTACKDEPTH>0
-  yypParser->yystackEnd = &yypParser->yystack[YYSTACKDEPTH-1];
-#endif
 }
 
 #ifndef sqlite3Parser_ENGINEALWAYSONSTACK
@@ -173258,97 +174850,98 @@ static void yy_destructor(
     ** inside the C code.
     */
 /********* Begin destructor definitions ***************************************/
-    case 204: /* select */
-    case 239: /* selectnowith */
-    case 240: /* oneselect */
-    case 252: /* values */
+    case 205: /* select */
+    case 240: /* selectnowith */
+    case 241: /* oneselect */
+    case 253: /* values */
+    case 255: /* mvalues */
 {
-sqlite3SelectDelete(pParse->db, (yypminor->yy47));
-}
-      break;
-    case 216: /* term */
-    case 217: /* expr */
-    case 246: /* where_opt */
-    case 248: /* having_opt */
-    case 267: /* where_opt_ret */
-    case 278: /* case_operand */
-    case 280: /* case_else */
-    case 283: /* vinto */
-    case 290: /* when_clause */
-    case 295: /* key_opt */
-    case 311: /* filter_clause */
+sqlite3SelectDelete(pParse->db, (yypminor->yy555));
+}
+      break;
+    case 217: /* term */
+    case 218: /* expr */
+    case 247: /* where_opt */
+    case 249: /* having_opt */
+    case 269: /* where_opt_ret */
+    case 280: /* case_operand */
+    case 282: /* case_else */
+    case 285: /* vinto */
+    case 292: /* when_clause */
+    case 297: /* key_opt */
+    case 314: /* filter_clause */
 {
-sqlite3ExprDelete(pParse->db, (yypminor->yy528));
-}
-      break;
-    case 221: /* eidlist_opt */
-    case 231: /* sortlist */
-    case 232: /* eidlist */
-    case 244: /* selcollist */
-    case 247: /* groupby_opt */
-    case 249: /* orderby_opt */
-    case 253: /* nexprlist */
-    case 254: /* sclp */
-    case 261: /* exprlist */
-    case 268: /* setlist */
-    case 277: /* paren_exprlist */
-    case 279: /* case_exprlist */
-    case 310: /* part_opt */
+sqlite3ExprDelete(pParse->db, (yypminor->yy454));
+}
+      break;
+    case 222: /* eidlist_opt */
+    case 232: /* sortlist */
+    case 233: /* eidlist */
+    case 245: /* selcollist */
+    case 248: /* groupby_opt */
+    case 250: /* orderby_opt */
+    case 254: /* nexprlist */
+    case 256: /* sclp */
+    case 263: /* exprlist */
+    case 270: /* setlist */
+    case 279: /* paren_exprlist */
+    case 281: /* case_exprlist */
+    case 313: /* part_opt */
 {
-sqlite3ExprListDelete(pParse->db, (yypminor->yy322));
+sqlite3ExprListDelete(pParse->db, (yypminor->yy14));
 }
       break;
-    case 238: /* fullname */
-    case 245: /* from */
-    case 256: /* seltablist */
-    case 257: /* stl_prefix */
-    case 262: /* xfullname */
+    case 239: /* fullname */
+    case 246: /* from */
+    case 258: /* seltablist */
+    case 259: /* stl_prefix */
+    case 264: /* xfullname */
 {
-sqlite3SrcListDelete(pParse->db, (yypminor->yy131));
+sqlite3SrcListDelete(pParse->db, (yypminor->yy203));
 }
       break;
-    case 241: /* wqlist */
+    case 242: /* wqlist */
 {
-sqlite3WithDelete(pParse->db, (yypminor->yy521));
+sqlite3WithDelete(pParse->db, (yypminor->yy59));
 }
       break;
-    case 251: /* window_clause */
-    case 306: /* windowdefn_list */
+    case 252: /* window_clause */
+    case 309: /* windowdefn_list */
 {
-sqlite3WindowListDelete(pParse->db, (yypminor->yy41));
+sqlite3WindowListDelete(pParse->db, (yypminor->yy211));
 }
       break;
-    case 263: /* idlist */
-    case 270: /* idlist_opt */
+    case 265: /* idlist */
+    case 272: /* idlist_opt */
 {
-sqlite3IdListDelete(pParse->db, (yypminor->yy254));
+sqlite3IdListDelete(pParse->db, (yypminor->yy132));
 }
       break;
-    case 273: /* filter_over */
-    case 307: /* windowdefn */
-    case 308: /* window */
-    case 309: /* frame_opt */
-    case 312: /* over_clause */
+    case 275: /* filter_over */
+    case 310: /* windowdefn */
+    case 311: /* window */
+    case 312: /* frame_opt */
+    case 315: /* over_clause */
 {
-sqlite3WindowDelete(pParse->db, (yypminor->yy41));
+sqlite3WindowDelete(pParse->db, (yypminor->yy211));
 }
       break;
-    case 286: /* trigger_cmd_list */
-    case 291: /* trigger_cmd */
+    case 288: /* trigger_cmd_list */
+    case 293: /* trigger_cmd */
 {
-sqlite3DeleteTriggerStep(pParse->db, (yypminor->yy33));
+sqlite3DeleteTriggerStep(pParse->db, (yypminor->yy427));
 }
       break;
-    case 288: /* trigger_event */
+    case 290: /* trigger_event */
 {
-sqlite3IdListDelete(pParse->db, (yypminor->yy180).b);
+sqlite3IdListDelete(pParse->db, (yypminor->yy286).b);
 }
       break;
-    case 314: /* frame_bound */
-    case 315: /* frame_bound_s */
-    case 316: /* frame_bound_e */
+    case 317: /* frame_bound */
+    case 318: /* frame_bound_s */
+    case 319: /* frame_bound_e */
 {
-sqlite3ExprDelete(pParse->db, (yypminor->yy595).pExpr);
+sqlite3ExprDelete(pParse->db, (yypminor->yy509).pExpr);
 }
       break;
 /********* End destructor definitions *****************************************/
@@ -173382,9 +174975,26 @@ static void yy_pop_parser_stack(yyParser *pParser){
 */
 SQLITE_PRIVATE void sqlite3ParserFinalize(void *p){
   yyParser *pParser = (yyParser*)p;
-  while( pParser->yytos>pParser->yystack ) yy_pop_parser_stack(pParser);
-#if YYSTACKDEPTH<=0
-  if( pParser->yystack!=&pParser->yystk0 ) free(pParser->yystack);
+
+  /* In-lined version of calling yy_pop_parser_stack() for each
+  ** element left in the stack */
+  yyStackEntry *yytos = pParser->yytos;
+  while( yytos>pParser->yystack ){
+#ifndef NDEBUG
+    if( yyTraceFILE ){
+      fprintf(yyTraceFILE,"%sPopping %s\n",
+        yyTracePrompt,
+        yyTokenName[yytos->major]);
+    }
+#endif
+    if( yytos->major>=YY_MIN_DSTRCTR ){
+      yy_destructor(pParser, yytos->major, &yytos->minor);
+    }
+    yytos--;
+  }
+
+#if YYGROWABLESTACK
+  if( pParser->yystack!=pParser->yystk0 ) YYFREE(pParser->yystack);
 #endif
 }
 
@@ -173567,7 +175177,7 @@ static void yyStackOverflow(yyParser *yypParser){
    ** stack every overflows */
 /******** Begin %stack_overflow code ******************************************/
 
-  sqlite3ErrorMsg(pParse, "parser stack overflow");
+  sqlite3OomFault(pParse->db);
 /******** End %stack_overflow code ********************************************/
    sqlite3ParserARG_STORE /* Suppress warning about unused %extra_argument var */
    sqlite3ParserCTX_STORE
@@ -173611,25 +175221,19 @@ static void yy_shift(
     assert( yypParser->yyhwm == (int)(yypParser->yytos - yypParser->yystack) );
   }
 #endif
-#if YYSTACKDEPTH>0
-  if( yypParser->yytos>yypParser->yystackEnd ){
-    yypParser->yytos--;
-    yyStackOverflow(yypParser);
-    return;
-  }
-#else
-  if( yypParser->yytos>=&yypParser->yystack[yypParser->yystksz] ){
+  yytos = yypParser->yytos;
+  if( yytos>yypParser->yystackEnd ){
     if( yyGrowStack(yypParser) ){
       yypParser->yytos--;
       yyStackOverflow(yypParser);
       return;
     }
+    yytos = yypParser->yytos;
+    assert( yytos <= yypParser->yystackEnd );
   }
-#endif
   if( yyNewState > YY_MAX_SHIFT ){
     yyNewState += YY_MIN_REDUCE - YY_MIN_SHIFTREDUCE;
   }
-  yytos = yypParser->yytos;
   yytos->stateno = yyNewState;
   yytos->major = yyMajor;
   yytos->minor.yy0 = yyMinor;
@@ -173639,411 +175243,415 @@ static void yy_shift(
 /* For rule J, yyRuleInfoLhs[J] contains the symbol on the left-hand side
 ** of that rule */
 static const YYCODETYPE yyRuleInfoLhs[] = {
-   189,  /* (0) explain ::= EXPLAIN */
-   189,  /* (1) explain ::= EXPLAIN QUERY PLAN */
-   188,  /* (2) cmdx ::= cmd */
-   190,  /* (3) cmd ::= BEGIN transtype trans_opt */
-   191,  /* (4) transtype ::= */
-   191,  /* (5) transtype ::= DEFERRED */
-   191,  /* (6) transtype ::= IMMEDIATE */
-   191,  /* (7) transtype ::= EXCLUSIVE */
-   190,  /* (8) cmd ::= COMMIT|END trans_opt */
-   190,  /* (9) cmd ::= ROLLBACK trans_opt */
-   190,  /* (10) cmd ::= SAVEPOINT nm */
-   190,  /* (11) cmd ::= RELEASE savepoint_opt nm */
-   190,  /* (12) cmd ::= ROLLBACK trans_opt TO savepoint_opt nm */
-   195,  /* (13) create_table ::= createkw temp TABLE ifnotexists nm dbnm */
-   197,  /* (14) createkw ::= CREATE */
-   199,  /* (15) ifnotexists ::= */
-   199,  /* (16) ifnotexists ::= IF NOT EXISTS */
-   198,  /* (17) temp ::= TEMP */
-   198,  /* (18) temp ::= */
-   196,  /* (19) create_table_args ::= LP columnlist conslist_opt RP table_option_set */
-   196,  /* (20) create_table_args ::= AS select */
-   203,  /* (21) table_option_set ::= */
-   203,  /* (22) table_option_set ::= table_option_set COMMA table_option */
-   205,  /* (23) table_option ::= WITHOUT nm */
-   205,  /* (24) table_option ::= nm */
-   206,  /* (25) columnname ::= nm typetoken */
-   208,  /* (26) typetoken ::= */
-   208,  /* (27) typetoken ::= typename LP signed RP */
-   208,  /* (28) typetoken ::= typename LP signed COMMA signed RP */
-   209,  /* (29) typename ::= typename ID|STRING */
-   213,  /* (30) scanpt ::= */
-   214,  /* (31) scantok ::= */
-   215,  /* (32) ccons ::= CONSTRAINT nm */
-   215,  /* (33) ccons ::= DEFAULT scantok term */
-   215,  /* (34) ccons ::= DEFAULT LP expr RP */
-   215,  /* (35) ccons ::= DEFAULT PLUS scantok term */
-   215,  /* (36) ccons ::= DEFAULT MINUS scantok term */
-   215,  /* (37) ccons ::= DEFAULT scantok ID|INDEXED */
-   215,  /* (38) ccons ::= NOT NULL onconf */
-   215,  /* (39) ccons ::= PRIMARY KEY sortorder onconf autoinc */
-   215,  /* (40) ccons ::= UNIQUE onconf */
-   215,  /* (41) ccons ::= CHECK LP expr RP */
-   215,  /* (42) ccons ::= REFERENCES nm eidlist_opt refargs */
-   215,  /* (43) ccons ::= defer_subclause */
-   215,  /* (44) ccons ::= COLLATE ID|STRING */
-   224,  /* (45) generated ::= LP expr RP */
-   224,  /* (46) generated ::= LP expr RP ID */
-   220,  /* (47) autoinc ::= */
-   220,  /* (48) autoinc ::= AUTOINCR */
-   222,  /* (49) refargs ::= */
-   222,  /* (50) refargs ::= refargs refarg */
-   225,  /* (51) refarg ::= MATCH nm */
-   225,  /* (52) refarg ::= ON INSERT refact */
-   225,  /* (53) refarg ::= ON DELETE refact */
-   225,  /* (54) refarg ::= ON UPDATE refact */
-   226,  /* (55) refact ::= SET NULL */
-   226,  /* (56) refact ::= SET DEFAULT */
-   226,  /* (57) refact ::= CASCADE */
-   226,  /* (58) refact ::= RESTRICT */
-   226,  /* (59) refact ::= NO ACTION */
-   223,  /* (60) defer_subclause ::= NOT DEFERRABLE init_deferred_pred_opt */
-   223,  /* (61) defer_subclause ::= DEFERRABLE init_deferred_pred_opt */
-   227,  /* (62) init_deferred_pred_opt ::= */
-   227,  /* (63) init_deferred_pred_opt ::= INITIALLY DEFERRED */
-   227,  /* (64) init_deferred_pred_opt ::= INITIALLY IMMEDIATE */
-   202,  /* (65) conslist_opt ::= */
-   229,  /* (66) tconscomma ::= COMMA */
-   230,  /* (67) tcons ::= CONSTRAINT nm */
-   230,  /* (68) tcons ::= PRIMARY KEY LP sortlist autoinc RP onconf */
-   230,  /* (69) tcons ::= UNIQUE LP sortlist RP onconf */
-   230,  /* (70) tcons ::= CHECK LP expr RP onconf */
-   230,  /* (71) tcons ::= FOREIGN KEY LP eidlist RP REFERENCES nm eidlist_opt refargs defer_subclause_opt */
-   233,  /* (72) defer_subclause_opt ::= */
-   218,  /* (73) onconf ::= */
-   218,  /* (74) onconf ::= ON CONFLICT resolvetype */
-   234,  /* (75) orconf ::= */
-   234,  /* (76) orconf ::= OR resolvetype */
-   235,  /* (77) resolvetype ::= IGNORE */
-   235,  /* (78) resolvetype ::= REPLACE */
-   190,  /* (79) cmd ::= DROP TABLE ifexists fullname */
-   237,  /* (80) ifexists ::= IF EXISTS */
-   237,  /* (81) ifexists ::= */
-   190,  /* (82) cmd ::= createkw temp VIEW ifnotexists nm dbnm eidlist_opt AS select */
-   190,  /* (83) cmd ::= DROP VIEW ifexists fullname */
-   190,  /* (84) cmd ::= select */
-   204,  /* (85) select ::= WITH wqlist selectnowith */
-   204,  /* (86) select ::= WITH RECURSIVE wqlist selectnowith */
-   204,  /* (87) select ::= selectnowith */
-   239,  /* (88) selectnowith ::= selectnowith multiselect_op oneselect */
-   242,  /* (89) multiselect_op ::= UNION */
-   242,  /* (90) multiselect_op ::= UNION ALL */
-   242,  /* (91) multiselect_op ::= EXCEPT|INTERSECT */
-   240,  /* (92) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt */
-   240,  /* (93) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt */
-   252,  /* (94) values ::= VALUES LP nexprlist RP */
-   252,  /* (95) values ::= values COMMA LP nexprlist RP */
-   243,  /* (96) distinct ::= DISTINCT */
-   243,  /* (97) distinct ::= ALL */
-   243,  /* (98) distinct ::= */
-   254,  /* (99) sclp ::= */
-   244,  /* (100) selcollist ::= sclp scanpt expr scanpt as */
-   244,  /* (101) selcollist ::= sclp scanpt STAR */
-   244,  /* (102) selcollist ::= sclp scanpt nm DOT STAR */
-   255,  /* (103) as ::= AS nm */
-   255,  /* (104) as ::= */
-   245,  /* (105) from ::= */
-   245,  /* (106) from ::= FROM seltablist */
-   257,  /* (107) stl_prefix ::= seltablist joinop */
-   257,  /* (108) stl_prefix ::= */
-   256,  /* (109) seltablist ::= stl_prefix nm dbnm as on_using */
-   256,  /* (110) seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
-   256,  /* (111) seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
-   256,  /* (112) seltablist ::= stl_prefix LP select RP as on_using */
-   256,  /* (113) seltablist ::= stl_prefix LP seltablist RP as on_using */
-   200,  /* (114) dbnm ::= */
-   200,  /* (115) dbnm ::= DOT nm */
-   238,  /* (116) fullname ::= nm */
-   238,  /* (117) fullname ::= nm DOT nm */
-   262,  /* (118) xfullname ::= nm */
-   262,  /* (119) xfullname ::= nm DOT nm */
-   262,  /* (120) xfullname ::= nm DOT nm AS nm */
-   262,  /* (121) xfullname ::= nm AS nm */
-   258,  /* (122) joinop ::= COMMA|JOIN */
-   258,  /* (123) joinop ::= JOIN_KW JOIN */
-   258,  /* (124) joinop ::= JOIN_KW nm JOIN */
-   258,  /* (125) joinop ::= JOIN_KW nm nm JOIN */
-   259,  /* (126) on_using ::= ON expr */
-   259,  /* (127) on_using ::= USING LP idlist RP */
-   259,  /* (128) on_using ::= */
-   264,  /* (129) indexed_opt ::= */
-   260,  /* (130) indexed_by ::= INDEXED BY nm */
-   260,  /* (131) indexed_by ::= NOT INDEXED */
-   249,  /* (132) orderby_opt ::= */
-   249,  /* (133) orderby_opt ::= ORDER BY sortlist */
-   231,  /* (134) sortlist ::= sortlist COMMA expr sortorder nulls */
-   231,  /* (135) sortlist ::= expr sortorder nulls */
-   219,  /* (136) sortorder ::= ASC */
-   219,  /* (137) sortorder ::= DESC */
-   219,  /* (138) sortorder ::= */
-   265,  /* (139) nulls ::= NULLS FIRST */
-   265,  /* (140) nulls ::= NULLS LAST */
-   265,  /* (141) nulls ::= */
-   247,  /* (142) groupby_opt ::= */
-   247,  /* (143) groupby_opt ::= GROUP BY nexprlist */
-   248,  /* (144) having_opt ::= */
-   248,  /* (145) having_opt ::= HAVING expr */
-   250,  /* (146) limit_opt ::= */
-   250,  /* (147) limit_opt ::= LIMIT expr */
-   250,  /* (148) limit_opt ::= LIMIT expr OFFSET expr */
-   250,  /* (149) limit_opt ::= LIMIT expr COMMA expr */
-   190,  /* (150) cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
-   246,  /* (151) where_opt ::= */
-   246,  /* (152) where_opt ::= WHERE expr */
-   267,  /* (153) where_opt_ret ::= */
-   267,  /* (154) where_opt_ret ::= WHERE expr */
-   267,  /* (155) where_opt_ret ::= RETURNING selcollist */
-   267,  /* (156) where_opt_ret ::= WHERE expr RETURNING selcollist */
-   190,  /* (157) cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
-   268,  /* (158) setlist ::= setlist COMMA nm EQ expr */
-   268,  /* (159) setlist ::= setlist COMMA LP idlist RP EQ expr */
-   268,  /* (160) setlist ::= nm EQ expr */
-   268,  /* (161) setlist ::= LP idlist RP EQ expr */
-   190,  /* (162) cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
-   190,  /* (163) cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
-   271,  /* (164) upsert ::= */
-   271,  /* (165) upsert ::= RETURNING selcollist */
-   271,  /* (166) upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
-   271,  /* (167) upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
-   271,  /* (168) upsert ::= ON CONFLICT DO NOTHING returning */
-   271,  /* (169) upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
-   272,  /* (170) returning ::= RETURNING selcollist */
-   269,  /* (171) insert_cmd ::= INSERT orconf */
-   269,  /* (172) insert_cmd ::= REPLACE */
-   270,  /* (173) idlist_opt ::= */
-   270,  /* (174) idlist_opt ::= LP idlist RP */
-   263,  /* (175) idlist ::= idlist COMMA nm */
-   263,  /* (176) idlist ::= nm */
-   217,  /* (177) expr ::= LP expr RP */
-   217,  /* (178) expr ::= ID|INDEXED|JOIN_KW */
-   217,  /* (179) expr ::= nm DOT nm */
-   217,  /* (180) expr ::= nm DOT nm DOT nm */
-   216,  /* (181) term ::= NULL|FLOAT|BLOB */
-   216,  /* (182) term ::= STRING */
-   216,  /* (183) term ::= INTEGER */
-   217,  /* (184) expr ::= VARIABLE */
-   217,  /* (185) expr ::= expr COLLATE ID|STRING */
-   217,  /* (186) expr ::= CAST LP expr AS typetoken RP */
-   217,  /* (187) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
-   217,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
-   217,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
-   217,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
-   217,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
-   217,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
-   216,  /* (193) term ::= CTIME_KW */
-   217,  /* (194) expr ::= LP nexprlist COMMA expr RP */
-   217,  /* (195) expr ::= expr AND expr */
-   217,  /* (196) expr ::= expr OR expr */
-   217,  /* (197) expr ::= expr LT|GT|GE|LE expr */
-   217,  /* (198) expr ::= expr EQ|NE expr */
-   217,  /* (199) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
-   217,  /* (200) expr ::= expr PLUS|MINUS expr */
-   217,  /* (201) expr ::= expr STAR|SLASH|REM expr */
-   217,  /* (202) expr ::= expr CONCAT expr */
-   274,  /* (203) likeop ::= NOT LIKE_KW|MATCH */
-   217,  /* (204) expr ::= expr likeop expr */
-   217,  /* (205) expr ::= expr likeop expr ESCAPE expr */
-   217,  /* (206) expr ::= expr ISNULL|NOTNULL */
-   217,  /* (207) expr ::= expr NOT NULL */
-   217,  /* (208) expr ::= expr IS expr */
-   217,  /* (209) expr ::= expr IS NOT expr */
-   217,  /* (210) expr ::= expr IS NOT DISTINCT FROM expr */
-   217,  /* (211) expr ::= expr IS DISTINCT FROM expr */
-   217,  /* (212) expr ::= NOT expr */
-   217,  /* (213) expr ::= BITNOT expr */
-   217,  /* (214) expr ::= PLUS|MINUS expr */
-   217,  /* (215) expr ::= expr PTR expr */
-   275,  /* (216) between_op ::= BETWEEN */
-   275,  /* (217) between_op ::= NOT BETWEEN */
-   217,  /* (218) expr ::= expr between_op expr AND expr */
-   276,  /* (219) in_op ::= IN */
-   276,  /* (220) in_op ::= NOT IN */
-   217,  /* (221) expr ::= expr in_op LP exprlist RP */
-   217,  /* (222) expr ::= LP select RP */
-   217,  /* (223) expr ::= expr in_op LP select RP */
-   217,  /* (224) expr ::= expr in_op nm dbnm paren_exprlist */
-   217,  /* (225) expr ::= EXISTS LP select RP */
-   217,  /* (226) expr ::= CASE case_operand case_exprlist case_else END */
-   279,  /* (227) case_exprlist ::= case_exprlist WHEN expr THEN expr */
-   279,  /* (228) case_exprlist ::= WHEN expr THEN expr */
-   280,  /* (229) case_else ::= ELSE expr */
-   280,  /* (230) case_else ::= */
-   278,  /* (231) case_operand ::= */
-   261,  /* (232) exprlist ::= */
-   253,  /* (233) nexprlist ::= nexprlist COMMA expr */
-   253,  /* (234) nexprlist ::= expr */
-   277,  /* (235) paren_exprlist ::= */
-   277,  /* (236) paren_exprlist ::= LP exprlist RP */
-   190,  /* (237) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
-   281,  /* (238) uniqueflag ::= UNIQUE */
-   281,  /* (239) uniqueflag ::= */
-   221,  /* (240) eidlist_opt ::= */
-   221,  /* (241) eidlist_opt ::= LP eidlist RP */
-   232,  /* (242) eidlist ::= eidlist COMMA nm collate sortorder */
-   232,  /* (243) eidlist ::= nm collate sortorder */
-   282,  /* (244) collate ::= */
-   282,  /* (245) collate ::= COLLATE ID|STRING */
-   190,  /* (246) cmd ::= DROP INDEX ifexists fullname */
-   190,  /* (247) cmd ::= VACUUM vinto */
-   190,  /* (248) cmd ::= VACUUM nm vinto */
-   283,  /* (249) vinto ::= INTO expr */
-   283,  /* (250) vinto ::= */
-   190,  /* (251) cmd ::= PRAGMA nm dbnm */
-   190,  /* (252) cmd ::= PRAGMA nm dbnm EQ nmnum */
-   190,  /* (253) cmd ::= PRAGMA nm dbnm LP nmnum RP */
-   190,  /* (254) cmd ::= PRAGMA nm dbnm EQ minus_num */
-   190,  /* (255) cmd ::= PRAGMA nm dbnm LP minus_num RP */
-   211,  /* (256) plus_num ::= PLUS INTEGER|FLOAT */
-   212,  /* (257) minus_num ::= MINUS INTEGER|FLOAT */
-   190,  /* (258) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
-   285,  /* (259) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
-   287,  /* (260) trigger_time ::= BEFORE|AFTER */
-   287,  /* (261) trigger_time ::= INSTEAD OF */
-   287,  /* (262) trigger_time ::= */
-   288,  /* (263) trigger_event ::= DELETE|INSERT */
-   288,  /* (264) trigger_event ::= UPDATE */
-   288,  /* (265) trigger_event ::= UPDATE OF idlist */
-   290,  /* (266) when_clause ::= */
-   290,  /* (267) when_clause ::= WHEN expr */
-   286,  /* (268) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
-   286,  /* (269) trigger_cmd_list ::= trigger_cmd SEMI */
-   292,  /* (270) trnm ::= nm DOT nm */
-   293,  /* (271) tridxby ::= INDEXED BY nm */
-   293,  /* (272) tridxby ::= NOT INDEXED */
-   291,  /* (273) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-   291,  /* (274) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
-   291,  /* (275) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-   291,  /* (276) trigger_cmd ::= scanpt select scanpt */
-   217,  /* (277) expr ::= RAISE LP IGNORE RP */
-   217,  /* (278) expr ::= RAISE LP raisetype COMMA nm RP */
-   236,  /* (279) raisetype ::= ROLLBACK */
-   236,  /* (280) raisetype ::= ABORT */
-   236,  /* (281) raisetype ::= FAIL */
-   190,  /* (282) cmd ::= DROP TRIGGER ifexists fullname */
-   190,  /* (283) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
-   190,  /* (284) cmd ::= DETACH database_kw_opt expr */
-   295,  /* (285) key_opt ::= */
-   295,  /* (286) key_opt ::= KEY expr */
-   190,  /* (287) cmd ::= REINDEX */
-   190,  /* (288) cmd ::= REINDEX nm dbnm */
-   190,  /* (289) cmd ::= ANALYZE */
-   190,  /* (290) cmd ::= ANALYZE nm dbnm */
-   190,  /* (291) cmd ::= ALTER TABLE fullname RENAME TO nm */
-   190,  /* (292) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
-   190,  /* (293) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
-   296,  /* (294) add_column_fullname ::= fullname */
-   190,  /* (295) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
-   190,  /* (296) cmd ::= create_vtab */
-   190,  /* (297) cmd ::= create_vtab LP vtabarglist RP */
-   298,  /* (298) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
-   300,  /* (299) vtabarg ::= */
-   301,  /* (300) vtabargtoken ::= ANY */
-   301,  /* (301) vtabargtoken ::= lp anylist RP */
-   302,  /* (302) lp ::= LP */
-   266,  /* (303) with ::= WITH wqlist */
-   266,  /* (304) with ::= WITH RECURSIVE wqlist */
-   305,  /* (305) wqas ::= AS */
-   305,  /* (306) wqas ::= AS MATERIALIZED */
-   305,  /* (307) wqas ::= AS NOT MATERIALIZED */
-   304,  /* (308) wqitem ::= nm eidlist_opt wqas LP select RP */
-   241,  /* (309) wqlist ::= wqitem */
-   241,  /* (310) wqlist ::= wqlist COMMA wqitem */
-   306,  /* (311) windowdefn_list ::= windowdefn_list COMMA windowdefn */
-   307,  /* (312) windowdefn ::= nm AS LP window RP */
-   308,  /* (313) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
-   308,  /* (314) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
-   308,  /* (315) window ::= ORDER BY sortlist frame_opt */
-   308,  /* (316) window ::= nm ORDER BY sortlist frame_opt */
-   308,  /* (317) window ::= nm frame_opt */
-   309,  /* (318) frame_opt ::= */
-   309,  /* (319) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
-   309,  /* (320) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
-   313,  /* (321) range_or_rows ::= RANGE|ROWS|GROUPS */
-   315,  /* (322) frame_bound_s ::= frame_bound */
-   315,  /* (323) frame_bound_s ::= UNBOUNDED PRECEDING */
-   316,  /* (324) frame_bound_e ::= frame_bound */
-   316,  /* (325) frame_bound_e ::= UNBOUNDED FOLLOWING */
-   314,  /* (326) frame_bound ::= expr PRECEDING|FOLLOWING */
-   314,  /* (327) frame_bound ::= CURRENT ROW */
-   317,  /* (328) frame_exclude_opt ::= */
-   317,  /* (329) frame_exclude_opt ::= EXCLUDE frame_exclude */
-   318,  /* (330) frame_exclude ::= NO OTHERS */
-   318,  /* (331) frame_exclude ::= CURRENT ROW */
-   318,  /* (332) frame_exclude ::= GROUP|TIES */
-   251,  /* (333) window_clause ::= WINDOW windowdefn_list */
-   273,  /* (334) filter_over ::= filter_clause over_clause */
-   273,  /* (335) filter_over ::= over_clause */
-   273,  /* (336) filter_over ::= filter_clause */
-   312,  /* (337) over_clause ::= OVER LP window RP */
-   312,  /* (338) over_clause ::= OVER nm */
-   311,  /* (339) filter_clause ::= FILTER LP WHERE expr RP */
-   185,  /* (340) input ::= cmdlist */
-   186,  /* (341) cmdlist ::= cmdlist ecmd */
-   186,  /* (342) cmdlist ::= ecmd */
-   187,  /* (343) ecmd ::= SEMI */
-   187,  /* (344) ecmd ::= cmdx SEMI */
-   187,  /* (345) ecmd ::= explain cmdx SEMI */
-   192,  /* (346) trans_opt ::= */
-   192,  /* (347) trans_opt ::= TRANSACTION */
-   192,  /* (348) trans_opt ::= TRANSACTION nm */
-   194,  /* (349) savepoint_opt ::= SAVEPOINT */
-   194,  /* (350) savepoint_opt ::= */
-   190,  /* (351) cmd ::= create_table create_table_args */
-   203,  /* (352) table_option_set ::= table_option */
-   201,  /* (353) columnlist ::= columnlist COMMA columnname carglist */
-   201,  /* (354) columnlist ::= columnname carglist */
-   193,  /* (355) nm ::= ID|INDEXED|JOIN_KW */
-   193,  /* (356) nm ::= STRING */
-   208,  /* (357) typetoken ::= typename */
-   209,  /* (358) typename ::= ID|STRING */
-   210,  /* (359) signed ::= plus_num */
-   210,  /* (360) signed ::= minus_num */
-   207,  /* (361) carglist ::= carglist ccons */
-   207,  /* (362) carglist ::= */
-   215,  /* (363) ccons ::= NULL onconf */
-   215,  /* (364) ccons ::= GENERATED ALWAYS AS generated */
-   215,  /* (365) ccons ::= AS generated */
-   202,  /* (366) conslist_opt ::= COMMA conslist */
-   228,  /* (367) conslist ::= conslist tconscomma tcons */
-   228,  /* (368) conslist ::= tcons */
-   229,  /* (369) tconscomma ::= */
-   233,  /* (370) defer_subclause_opt ::= defer_subclause */
-   235,  /* (371) resolvetype ::= raisetype */
-   239,  /* (372) selectnowith ::= oneselect */
-   240,  /* (373) oneselect ::= values */
-   254,  /* (374) sclp ::= selcollist COMMA */
-   255,  /* (375) as ::= ID|STRING */
-   264,  /* (376) indexed_opt ::= indexed_by */
-   272,  /* (377) returning ::= */
-   217,  /* (378) expr ::= term */
-   274,  /* (379) likeop ::= LIKE_KW|MATCH */
-   278,  /* (380) case_operand ::= expr */
-   261,  /* (381) exprlist ::= nexprlist */
-   284,  /* (382) nmnum ::= plus_num */
-   284,  /* (383) nmnum ::= nm */
-   284,  /* (384) nmnum ::= ON */
-   284,  /* (385) nmnum ::= DELETE */
-   284,  /* (386) nmnum ::= DEFAULT */
-   211,  /* (387) plus_num ::= INTEGER|FLOAT */
-   289,  /* (388) foreach_clause ::= */
-   289,  /* (389) foreach_clause ::= FOR EACH ROW */
-   292,  /* (390) trnm ::= nm */
-   293,  /* (391) tridxby ::= */
-   294,  /* (392) database_kw_opt ::= DATABASE */
-   294,  /* (393) database_kw_opt ::= */
-   297,  /* (394) kwcolumn_opt ::= */
-   297,  /* (395) kwcolumn_opt ::= COLUMNKW */
-   299,  /* (396) vtabarglist ::= vtabarg */
-   299,  /* (397) vtabarglist ::= vtabarglist COMMA vtabarg */
-   300,  /* (398) vtabarg ::= vtabarg vtabargtoken */
-   303,  /* (399) anylist ::= */
-   303,  /* (400) anylist ::= anylist LP anylist RP */
-   303,  /* (401) anylist ::= anylist ANY */
-   266,  /* (402) with ::= */
-   306,  /* (403) windowdefn_list ::= windowdefn */
-   308,  /* (404) window ::= frame_opt */
+   190,  /* (0) explain ::= EXPLAIN */
+   190,  /* (1) explain ::= EXPLAIN QUERY PLAN */
+   189,  /* (2) cmdx ::= cmd */
+   191,  /* (3) cmd ::= BEGIN transtype trans_opt */
+   192,  /* (4) transtype ::= */
+   192,  /* (5) transtype ::= DEFERRED */
+   192,  /* (6) transtype ::= IMMEDIATE */
+   192,  /* (7) transtype ::= EXCLUSIVE */
+   191,  /* (8) cmd ::= COMMIT|END trans_opt */
+   191,  /* (9) cmd ::= ROLLBACK trans_opt */
+   191,  /* (10) cmd ::= SAVEPOINT nm */
+   191,  /* (11) cmd ::= RELEASE savepoint_opt nm */
+   191,  /* (12) cmd ::= ROLLBACK trans_opt TO savepoint_opt nm */
+   196,  /* (13) create_table ::= createkw temp TABLE ifnotexists nm dbnm */
+   198,  /* (14) createkw ::= CREATE */
+   200,  /* (15) ifnotexists ::= */
+   200,  /* (16) ifnotexists ::= IF NOT EXISTS */
+   199,  /* (17) temp ::= TEMP */
+   199,  /* (18) temp ::= */
+   197,  /* (19) create_table_args ::= LP columnlist conslist_opt RP table_option_set */
+   197,  /* (20) create_table_args ::= AS select */
+   204,  /* (21) table_option_set ::= */
+   204,  /* (22) table_option_set ::= table_option_set COMMA table_option */
+   206,  /* (23) table_option ::= WITHOUT nm */
+   206,  /* (24) table_option ::= nm */
+   207,  /* (25) columnname ::= nm typetoken */
+   209,  /* (26) typetoken ::= */
+   209,  /* (27) typetoken ::= typename LP signed RP */
+   209,  /* (28) typetoken ::= typename LP signed COMMA signed RP */
+   210,  /* (29) typename ::= typename ID|STRING */
+   214,  /* (30) scanpt ::= */
+   215,  /* (31) scantok ::= */
+   216,  /* (32) ccons ::= CONSTRAINT nm */
+   216,  /* (33) ccons ::= DEFAULT scantok term */
+   216,  /* (34) ccons ::= DEFAULT LP expr RP */
+   216,  /* (35) ccons ::= DEFAULT PLUS scantok term */
+   216,  /* (36) ccons ::= DEFAULT MINUS scantok term */
+   216,  /* (37) ccons ::= DEFAULT scantok ID|INDEXED */
+   216,  /* (38) ccons ::= NOT NULL onconf */
+   216,  /* (39) ccons ::= PRIMARY KEY sortorder onconf autoinc */
+   216,  /* (40) ccons ::= UNIQUE onconf */
+   216,  /* (41) ccons ::= CHECK LP expr RP */
+   216,  /* (42) ccons ::= REFERENCES nm eidlist_opt refargs */
+   216,  /* (43) ccons ::= defer_subclause */
+   216,  /* (44) ccons ::= COLLATE ID|STRING */
+   225,  /* (45) generated ::= LP expr RP */
+   225,  /* (46) generated ::= LP expr RP ID */
+   221,  /* (47) autoinc ::= */
+   221,  /* (48) autoinc ::= AUTOINCR */
+   223,  /* (49) refargs ::= */
+   223,  /* (50) refargs ::= refargs refarg */
+   226,  /* (51) refarg ::= MATCH nm */
+   226,  /* (52) refarg ::= ON INSERT refact */
+   226,  /* (53) refarg ::= ON DELETE refact */
+   226,  /* (54) refarg ::= ON UPDATE refact */
+   227,  /* (55) refact ::= SET NULL */
+   227,  /* (56) refact ::= SET DEFAULT */
+   227,  /* (57) refact ::= CASCADE */
+   227,  /* (58) refact ::= RESTRICT */
+   227,  /* (59) refact ::= NO ACTION */
+   224,  /* (60) defer_subclause ::= NOT DEFERRABLE init_deferred_pred_opt */
+   224,  /* (61) defer_subclause ::= DEFERRABLE init_deferred_pred_opt */
+   228,  /* (62) init_deferred_pred_opt ::= */
+   228,  /* (63) init_deferred_pred_opt ::= INITIALLY DEFERRED */
+   228,  /* (64) init_deferred_pred_opt ::= INITIALLY IMMEDIATE */
+   203,  /* (65) conslist_opt ::= */
+   230,  /* (66) tconscomma ::= COMMA */
+   231,  /* (67) tcons ::= CONSTRAINT nm */
+   231,  /* (68) tcons ::= PRIMARY KEY LP sortlist autoinc RP onconf */
+   231,  /* (69) tcons ::= UNIQUE LP sortlist RP onconf */
+   231,  /* (70) tcons ::= CHECK LP expr RP onconf */
+   231,  /* (71) tcons ::= FOREIGN KEY LP eidlist RP REFERENCES nm eidlist_opt refargs defer_subclause_opt */
+   234,  /* (72) defer_subclause_opt ::= */
+   219,  /* (73) onconf ::= */
+   219,  /* (74) onconf ::= ON CONFLICT resolvetype */
+   235,  /* (75) orconf ::= */
+   235,  /* (76) orconf ::= OR resolvetype */
+   236,  /* (77) resolvetype ::= IGNORE */
+   236,  /* (78) resolvetype ::= REPLACE */
+   191,  /* (79) cmd ::= DROP TABLE ifexists fullname */
+   238,  /* (80) ifexists ::= IF EXISTS */
+   238,  /* (81) ifexists ::= */
+   191,  /* (82) cmd ::= createkw temp VIEW ifnotexists nm dbnm eidlist_opt AS select */
+   191,  /* (83) cmd ::= DROP VIEW ifexists fullname */
+   191,  /* (84) cmd ::= select */
+   205,  /* (85) select ::= WITH wqlist selectnowith */
+   205,  /* (86) select ::= WITH RECURSIVE wqlist selectnowith */
+   205,  /* (87) select ::= selectnowith */
+   240,  /* (88) selectnowith ::= selectnowith multiselect_op oneselect */
+   243,  /* (89) multiselect_op ::= UNION */
+   243,  /* (90) multiselect_op ::= UNION ALL */
+   243,  /* (91) multiselect_op ::= EXCEPT|INTERSECT */
+   241,  /* (92) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt */
+   241,  /* (93) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt */
+   253,  /* (94) values ::= VALUES LP nexprlist RP */
+   241,  /* (95) oneselect ::= mvalues */
+   255,  /* (96) mvalues ::= values COMMA LP nexprlist RP */
+   255,  /* (97) mvalues ::= mvalues COMMA LP nexprlist RP */
+   244,  /* (98) distinct ::= DISTINCT */
+   244,  /* (99) distinct ::= ALL */
+   244,  /* (100) distinct ::= */
+   256,  /* (101) sclp ::= */
+   245,  /* (102) selcollist ::= sclp scanpt expr scanpt as */
+   245,  /* (103) selcollist ::= sclp scanpt STAR */
+   245,  /* (104) selcollist ::= sclp scanpt nm DOT STAR */
+   257,  /* (105) as ::= AS nm */
+   257,  /* (106) as ::= */
+   246,  /* (107) from ::= */
+   246,  /* (108) from ::= FROM seltablist */
+   259,  /* (109) stl_prefix ::= seltablist joinop */
+   259,  /* (110) stl_prefix ::= */
+   258,  /* (111) seltablist ::= stl_prefix nm dbnm as on_using */
+   258,  /* (112) seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
+   258,  /* (113) seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
+   258,  /* (114) seltablist ::= stl_prefix LP select RP as on_using */
+   258,  /* (115) seltablist ::= stl_prefix LP seltablist RP as on_using */
+   201,  /* (116) dbnm ::= */
+   201,  /* (117) dbnm ::= DOT nm */
+   239,  /* (118) fullname ::= nm */
+   239,  /* (119) fullname ::= nm DOT nm */
+   264,  /* (120) xfullname ::= nm */
+   264,  /* (121) xfullname ::= nm DOT nm */
+   264,  /* (122) xfullname ::= nm DOT nm AS nm */
+   264,  /* (123) xfullname ::= nm AS nm */
+   260,  /* (124) joinop ::= COMMA|JOIN */
+   260,  /* (125) joinop ::= JOIN_KW JOIN */
+   260,  /* (126) joinop ::= JOIN_KW nm JOIN */
+   260,  /* (127) joinop ::= JOIN_KW nm nm JOIN */
+   261,  /* (128) on_using ::= ON expr */
+   261,  /* (129) on_using ::= USING LP idlist RP */
+   261,  /* (130) on_using ::= */
+   266,  /* (131) indexed_opt ::= */
+   262,  /* (132) indexed_by ::= INDEXED BY nm */
+   262,  /* (133) indexed_by ::= NOT INDEXED */
+   250,  /* (134) orderby_opt ::= */
+   250,  /* (135) orderby_opt ::= ORDER BY sortlist */
+   232,  /* (136) sortlist ::= sortlist COMMA expr sortorder nulls */
+   232,  /* (137) sortlist ::= expr sortorder nulls */
+   220,  /* (138) sortorder ::= ASC */
+   220,  /* (139) sortorder ::= DESC */
+   220,  /* (140) sortorder ::= */
+   267,  /* (141) nulls ::= NULLS FIRST */
+   267,  /* (142) nulls ::= NULLS LAST */
+   267,  /* (143) nulls ::= */
+   248,  /* (144) groupby_opt ::= */
+   248,  /* (145) groupby_opt ::= GROUP BY nexprlist */
+   249,  /* (146) having_opt ::= */
+   249,  /* (147) having_opt ::= HAVING expr */
+   251,  /* (148) limit_opt ::= */
+   251,  /* (149) limit_opt ::= LIMIT expr */
+   251,  /* (150) limit_opt ::= LIMIT expr OFFSET expr */
+   251,  /* (151) limit_opt ::= LIMIT expr COMMA expr */
+   191,  /* (152) cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
+   247,  /* (153) where_opt ::= */
+   247,  /* (154) where_opt ::= WHERE expr */
+   269,  /* (155) where_opt_ret ::= */
+   269,  /* (156) where_opt_ret ::= WHERE expr */
+   269,  /* (157) where_opt_ret ::= RETURNING selcollist */
+   269,  /* (158) where_opt_ret ::= WHERE expr RETURNING selcollist */
+   191,  /* (159) cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
+   270,  /* (160) setlist ::= setlist COMMA nm EQ expr */
+   270,  /* (161) setlist ::= setlist COMMA LP idlist RP EQ expr */
+   270,  /* (162) setlist ::= nm EQ expr */
+   270,  /* (163) setlist ::= LP idlist RP EQ expr */
+   191,  /* (164) cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
+   191,  /* (165) cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
+   273,  /* (166) upsert ::= */
+   273,  /* (167) upsert ::= RETURNING selcollist */
+   273,  /* (168) upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
+   273,  /* (169) upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
+   273,  /* (170) upsert ::= ON CONFLICT DO NOTHING returning */
+   273,  /* (171) upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
+   274,  /* (172) returning ::= RETURNING selcollist */
+   271,  /* (173) insert_cmd ::= INSERT orconf */
+   271,  /* (174) insert_cmd ::= REPLACE */
+   272,  /* (175) idlist_opt ::= */
+   272,  /* (176) idlist_opt ::= LP idlist RP */
+   265,  /* (177) idlist ::= idlist COMMA nm */
+   265,  /* (178) idlist ::= nm */
+   218,  /* (179) expr ::= LP expr RP */
+   218,  /* (180) expr ::= ID|INDEXED|JOIN_KW */
+   218,  /* (181) expr ::= nm DOT nm */
+   218,  /* (182) expr ::= nm DOT nm DOT nm */
+   217,  /* (183) term ::= NULL|FLOAT|BLOB */
+   217,  /* (184) term ::= STRING */
+   217,  /* (185) term ::= INTEGER */
+   218,  /* (186) expr ::= VARIABLE */
+   218,  /* (187) expr ::= expr COLLATE ID|STRING */
+   218,  /* (188) expr ::= CAST LP expr AS typetoken RP */
+   218,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
+   218,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
+   218,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+   218,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+   218,  /* (193) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
+   218,  /* (194) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+   217,  /* (195) term ::= CTIME_KW */
+   218,  /* (196) expr ::= LP nexprlist COMMA expr RP */
+   218,  /* (197) expr ::= expr AND expr */
+   218,  /* (198) expr ::= expr OR expr */
+   218,  /* (199) expr ::= expr LT|GT|GE|LE expr */
+   218,  /* (200) expr ::= expr EQ|NE expr */
+   218,  /* (201) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
+   218,  /* (202) expr ::= expr PLUS|MINUS expr */
+   218,  /* (203) expr ::= expr STAR|SLASH|REM expr */
+   218,  /* (204) expr ::= expr CONCAT expr */
+   276,  /* (205) likeop ::= NOT LIKE_KW|MATCH */
+   218,  /* (206) expr ::= expr likeop expr */
+   218,  /* (207) expr ::= expr likeop expr ESCAPE expr */
+   218,  /* (208) expr ::= expr ISNULL|NOTNULL */
+   218,  /* (209) expr ::= expr NOT NULL */
+   218,  /* (210) expr ::= expr IS expr */
+   218,  /* (211) expr ::= expr IS NOT expr */
+   218,  /* (212) expr ::= expr IS NOT DISTINCT FROM expr */
+   218,  /* (213) expr ::= expr IS DISTINCT FROM expr */
+   218,  /* (214) expr ::= NOT expr */
+   218,  /* (215) expr ::= BITNOT expr */
+   218,  /* (216) expr ::= PLUS|MINUS expr */
+   218,  /* (217) expr ::= expr PTR expr */
+   277,  /* (218) between_op ::= BETWEEN */
+   277,  /* (219) between_op ::= NOT BETWEEN */
+   218,  /* (220) expr ::= expr between_op expr AND expr */
+   278,  /* (221) in_op ::= IN */
+   278,  /* (222) in_op ::= NOT IN */
+   218,  /* (223) expr ::= expr in_op LP exprlist RP */
+   218,  /* (224) expr ::= LP select RP */
+   218,  /* (225) expr ::= expr in_op LP select RP */
+   218,  /* (226) expr ::= expr in_op nm dbnm paren_exprlist */
+   218,  /* (227) expr ::= EXISTS LP select RP */
+   218,  /* (228) expr ::= CASE case_operand case_exprlist case_else END */
+   281,  /* (229) case_exprlist ::= case_exprlist WHEN expr THEN expr */
+   281,  /* (230) case_exprlist ::= WHEN expr THEN expr */
+   282,  /* (231) case_else ::= ELSE expr */
+   282,  /* (232) case_else ::= */
+   280,  /* (233) case_operand ::= */
+   263,  /* (234) exprlist ::= */
+   254,  /* (235) nexprlist ::= nexprlist COMMA expr */
+   254,  /* (236) nexprlist ::= expr */
+   279,  /* (237) paren_exprlist ::= */
+   279,  /* (238) paren_exprlist ::= LP exprlist RP */
+   191,  /* (239) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+   283,  /* (240) uniqueflag ::= UNIQUE */
+   283,  /* (241) uniqueflag ::= */
+   222,  /* (242) eidlist_opt ::= */
+   222,  /* (243) eidlist_opt ::= LP eidlist RP */
+   233,  /* (244) eidlist ::= eidlist COMMA nm collate sortorder */
+   233,  /* (245) eidlist ::= nm collate sortorder */
+   284,  /* (246) collate ::= */
+   284,  /* (247) collate ::= COLLATE ID|STRING */
+   191,  /* (248) cmd ::= DROP INDEX ifexists fullname */
+   191,  /* (249) cmd ::= VACUUM vinto */
+   191,  /* (250) cmd ::= VACUUM nm vinto */
+   285,  /* (251) vinto ::= INTO expr */
+   285,  /* (252) vinto ::= */
+   191,  /* (253) cmd ::= PRAGMA nm dbnm */
+   191,  /* (254) cmd ::= PRAGMA nm dbnm EQ nmnum */
+   191,  /* (255) cmd ::= PRAGMA nm dbnm LP nmnum RP */
+   191,  /* (256) cmd ::= PRAGMA nm dbnm EQ minus_num */
+   191,  /* (257) cmd ::= PRAGMA nm dbnm LP minus_num RP */
+   212,  /* (258) plus_num ::= PLUS INTEGER|FLOAT */
+   213,  /* (259) minus_num ::= MINUS INTEGER|FLOAT */
+   191,  /* (260) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+   287,  /* (261) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+   289,  /* (262) trigger_time ::= BEFORE|AFTER */
+   289,  /* (263) trigger_time ::= INSTEAD OF */
+   289,  /* (264) trigger_time ::= */
+   290,  /* (265) trigger_event ::= DELETE|INSERT */
+   290,  /* (266) trigger_event ::= UPDATE */
+   290,  /* (267) trigger_event ::= UPDATE OF idlist */
+   292,  /* (268) when_clause ::= */
+   292,  /* (269) when_clause ::= WHEN expr */
+   288,  /* (270) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+   288,  /* (271) trigger_cmd_list ::= trigger_cmd SEMI */
+   294,  /* (272) trnm ::= nm DOT nm */
+   295,  /* (273) tridxby ::= INDEXED BY nm */
+   295,  /* (274) tridxby ::= NOT INDEXED */
+   293,  /* (275) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+   293,  /* (276) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+   293,  /* (277) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+   293,  /* (278) trigger_cmd ::= scanpt select scanpt */
+   218,  /* (279) expr ::= RAISE LP IGNORE RP */
+   218,  /* (280) expr ::= RAISE LP raisetype COMMA nm RP */
+   237,  /* (281) raisetype ::= ROLLBACK */
+   237,  /* (282) raisetype ::= ABORT */
+   237,  /* (283) raisetype ::= FAIL */
+   191,  /* (284) cmd ::= DROP TRIGGER ifexists fullname */
+   191,  /* (285) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+   191,  /* (286) cmd ::= DETACH database_kw_opt expr */
+   297,  /* (287) key_opt ::= */
+   297,  /* (288) key_opt ::= KEY expr */
+   191,  /* (289) cmd ::= REINDEX */
+   191,  /* (290) cmd ::= REINDEX nm dbnm */
+   191,  /* (291) cmd ::= ANALYZE */
+   191,  /* (292) cmd ::= ANALYZE nm dbnm */
+   191,  /* (293) cmd ::= ALTER TABLE fullname RENAME TO nm */
+   191,  /* (294) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+   191,  /* (295) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+   298,  /* (296) add_column_fullname ::= fullname */
+   191,  /* (297) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+   191,  /* (298) cmd ::= create_vtab */
+   191,  /* (299) cmd ::= create_vtab LP vtabarglist RP */
+   300,  /* (300) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+   302,  /* (301) vtabarg ::= */
+   303,  /* (302) vtabargtoken ::= ANY */
+   303,  /* (303) vtabargtoken ::= lp anylist RP */
+   304,  /* (304) lp ::= LP */
+   268,  /* (305) with ::= WITH wqlist */
+   268,  /* (306) with ::= WITH RECURSIVE wqlist */
+   307,  /* (307) wqas ::= AS */
+   307,  /* (308) wqas ::= AS MATERIALIZED */
+   307,  /* (309) wqas ::= AS NOT MATERIALIZED */
+   306,  /* (310) wqitem ::= withnm eidlist_opt wqas LP select RP */
+   308,  /* (311) withnm ::= nm */
+   242,  /* (312) wqlist ::= wqitem */
+   242,  /* (313) wqlist ::= wqlist COMMA wqitem */
+   309,  /* (314) windowdefn_list ::= windowdefn_list COMMA windowdefn */
+   310,  /* (315) windowdefn ::= nm AS LP window RP */
+   311,  /* (316) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+   311,  /* (317) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+   311,  /* (318) window ::= ORDER BY sortlist frame_opt */
+   311,  /* (319) window ::= nm ORDER BY sortlist frame_opt */
+   311,  /* (320) window ::= nm frame_opt */
+   312,  /* (321) frame_opt ::= */
+   312,  /* (322) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
+   312,  /* (323) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
+   316,  /* (324) range_or_rows ::= RANGE|ROWS|GROUPS */
+   318,  /* (325) frame_bound_s ::= frame_bound */
+   318,  /* (326) frame_bound_s ::= UNBOUNDED PRECEDING */
+   319,  /* (327) frame_bound_e ::= frame_bound */
+   319,  /* (328) frame_bound_e ::= UNBOUNDED FOLLOWING */
+   317,  /* (329) frame_bound ::= expr PRECEDING|FOLLOWING */
+   317,  /* (330) frame_bound ::= CURRENT ROW */
+   320,  /* (331) frame_exclude_opt ::= */
+   320,  /* (332) frame_exclude_opt ::= EXCLUDE frame_exclude */
+   321,  /* (333) frame_exclude ::= NO OTHERS */
+   321,  /* (334) frame_exclude ::= CURRENT ROW */
+   321,  /* (335) frame_exclude ::= GROUP|TIES */
+   252,  /* (336) window_clause ::= WINDOW windowdefn_list */
+   275,  /* (337) filter_over ::= filter_clause over_clause */
+   275,  /* (338) filter_over ::= over_clause */
+   275,  /* (339) filter_over ::= filter_clause */
+   315,  /* (340) over_clause ::= OVER LP window RP */
+   315,  /* (341) over_clause ::= OVER nm */
+   314,  /* (342) filter_clause ::= FILTER LP WHERE expr RP */
+   217,  /* (343) term ::= QNUMBER */
+   186,  /* (344) input ::= cmdlist */
+   187,  /* (345) cmdlist ::= cmdlist ecmd */
+   187,  /* (346) cmdlist ::= ecmd */
+   188,  /* (347) ecmd ::= SEMI */
+   188,  /* (348) ecmd ::= cmdx SEMI */
+   188,  /* (349) ecmd ::= explain cmdx SEMI */
+   193,  /* (350) trans_opt ::= */
+   193,  /* (351) trans_opt ::= TRANSACTION */
+   193,  /* (352) trans_opt ::= TRANSACTION nm */
+   195,  /* (353) savepoint_opt ::= SAVEPOINT */
+   195,  /* (354) savepoint_opt ::= */
+   191,  /* (355) cmd ::= create_table create_table_args */
+   204,  /* (356) table_option_set ::= table_option */
+   202,  /* (357) columnlist ::= columnlist COMMA columnname carglist */
+   202,  /* (358) columnlist ::= columnname carglist */
+   194,  /* (359) nm ::= ID|INDEXED|JOIN_KW */
+   194,  /* (360) nm ::= STRING */
+   209,  /* (361) typetoken ::= typename */
+   210,  /* (362) typename ::= ID|STRING */
+   211,  /* (363) signed ::= plus_num */
+   211,  /* (364) signed ::= minus_num */
+   208,  /* (365) carglist ::= carglist ccons */
+   208,  /* (366) carglist ::= */
+   216,  /* (367) ccons ::= NULL onconf */
+   216,  /* (368) ccons ::= GENERATED ALWAYS AS generated */
+   216,  /* (369) ccons ::= AS generated */
+   203,  /* (370) conslist_opt ::= COMMA conslist */
+   229,  /* (371) conslist ::= conslist tconscomma tcons */
+   229,  /* (372) conslist ::= tcons */
+   230,  /* (373) tconscomma ::= */
+   234,  /* (374) defer_subclause_opt ::= defer_subclause */
+   236,  /* (375) resolvetype ::= raisetype */
+   240,  /* (376) selectnowith ::= oneselect */
+   241,  /* (377) oneselect ::= values */
+   256,  /* (378) sclp ::= selcollist COMMA */
+   257,  /* (379) as ::= ID|STRING */
+   266,  /* (380) indexed_opt ::= indexed_by */
+   274,  /* (381) returning ::= */
+   218,  /* (382) expr ::= term */
+   276,  /* (383) likeop ::= LIKE_KW|MATCH */
+   280,  /* (384) case_operand ::= expr */
+   263,  /* (385) exprlist ::= nexprlist */
+   286,  /* (386) nmnum ::= plus_num */
+   286,  /* (387) nmnum ::= nm */
+   286,  /* (388) nmnum ::= ON */
+   286,  /* (389) nmnum ::= DELETE */
+   286,  /* (390) nmnum ::= DEFAULT */
+   212,  /* (391) plus_num ::= INTEGER|FLOAT */
+   291,  /* (392) foreach_clause ::= */
+   291,  /* (393) foreach_clause ::= FOR EACH ROW */
+   294,  /* (394) trnm ::= nm */
+   295,  /* (395) tridxby ::= */
+   296,  /* (396) database_kw_opt ::= DATABASE */
+   296,  /* (397) database_kw_opt ::= */
+   299,  /* (398) kwcolumn_opt ::= */
+   299,  /* (399) kwcolumn_opt ::= COLUMNKW */
+   301,  /* (400) vtabarglist ::= vtabarg */
+   301,  /* (401) vtabarglist ::= vtabarglist COMMA vtabarg */
+   302,  /* (402) vtabarg ::= vtabarg vtabargtoken */
+   305,  /* (403) anylist ::= */
+   305,  /* (404) anylist ::= anylist LP anylist RP */
+   305,  /* (405) anylist ::= anylist ANY */
+   268,  /* (406) with ::= */
+   309,  /* (407) windowdefn_list ::= windowdefn */
+   311,  /* (408) window ::= frame_opt */
 };
 
 /* For rule J, yyRuleInfoNRhs[J] contains the negative of the number
@@ -174144,316 +175752,320 @@ static const signed char yyRuleInfoNRhs[] = {
    -9,  /* (92) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt */
   -10,  /* (93) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt */
    -4,  /* (94) values ::= VALUES LP nexprlist RP */
-   -5,  /* (95) values ::= values COMMA LP nexprlist RP */
-   -1,  /* (96) distinct ::= DISTINCT */
-   -1,  /* (97) distinct ::= ALL */
-    0,  /* (98) distinct ::= */
-    0,  /* (99) sclp ::= */
-   -5,  /* (100) selcollist ::= sclp scanpt expr scanpt as */
-   -3,  /* (101) selcollist ::= sclp scanpt STAR */
-   -5,  /* (102) selcollist ::= sclp scanpt nm DOT STAR */
-   -2,  /* (103) as ::= AS nm */
-    0,  /* (104) as ::= */
-    0,  /* (105) from ::= */
-   -2,  /* (106) from ::= FROM seltablist */
-   -2,  /* (107) stl_prefix ::= seltablist joinop */
-    0,  /* (108) stl_prefix ::= */
-   -5,  /* (109) seltablist ::= stl_prefix nm dbnm as on_using */
-   -6,  /* (110) seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
-   -8,  /* (111) seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
-   -6,  /* (112) seltablist ::= stl_prefix LP select RP as on_using */
-   -6,  /* (113) seltablist ::= stl_prefix LP seltablist RP as on_using */
-    0,  /* (114) dbnm ::= */
-   -2,  /* (115) dbnm ::= DOT nm */
-   -1,  /* (116) fullname ::= nm */
-   -3,  /* (117) fullname ::= nm DOT nm */
-   -1,  /* (118) xfullname ::= nm */
-   -3,  /* (119) xfullname ::= nm DOT nm */
-   -5,  /* (120) xfullname ::= nm DOT nm AS nm */
-   -3,  /* (121) xfullname ::= nm AS nm */
-   -1,  /* (122) joinop ::= COMMA|JOIN */
-   -2,  /* (123) joinop ::= JOIN_KW JOIN */
-   -3,  /* (124) joinop ::= JOIN_KW nm JOIN */
-   -4,  /* (125) joinop ::= JOIN_KW nm nm JOIN */
-   -2,  /* (126) on_using ::= ON expr */
-   -4,  /* (127) on_using ::= USING LP idlist RP */
-    0,  /* (128) on_using ::= */
-    0,  /* (129) indexed_opt ::= */
-   -3,  /* (130) indexed_by ::= INDEXED BY nm */
-   -2,  /* (131) indexed_by ::= NOT INDEXED */
-    0,  /* (132) orderby_opt ::= */
-   -3,  /* (133) orderby_opt ::= ORDER BY sortlist */
-   -5,  /* (134) sortlist ::= sortlist COMMA expr sortorder nulls */
-   -3,  /* (135) sortlist ::= expr sortorder nulls */
-   -1,  /* (136) sortorder ::= ASC */
-   -1,  /* (137) sortorder ::= DESC */
-    0,  /* (138) sortorder ::= */
-   -2,  /* (139) nulls ::= NULLS FIRST */
-   -2,  /* (140) nulls ::= NULLS LAST */
-    0,  /* (141) nulls ::= */
-    0,  /* (142) groupby_opt ::= */
-   -3,  /* (143) groupby_opt ::= GROUP BY nexprlist */
-    0,  /* (144) having_opt ::= */
-   -2,  /* (145) having_opt ::= HAVING expr */
-    0,  /* (146) limit_opt ::= */
-   -2,  /* (147) limit_opt ::= LIMIT expr */
-   -4,  /* (148) limit_opt ::= LIMIT expr OFFSET expr */
-   -4,  /* (149) limit_opt ::= LIMIT expr COMMA expr */
-   -6,  /* (150) cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
-    0,  /* (151) where_opt ::= */
-   -2,  /* (152) where_opt ::= WHERE expr */
-    0,  /* (153) where_opt_ret ::= */
-   -2,  /* (154) where_opt_ret ::= WHERE expr */
-   -2,  /* (155) where_opt_ret ::= RETURNING selcollist */
-   -4,  /* (156) where_opt_ret ::= WHERE expr RETURNING selcollist */
-   -9,  /* (157) cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
-   -5,  /* (158) setlist ::= setlist COMMA nm EQ expr */
-   -7,  /* (159) setlist ::= setlist COMMA LP idlist RP EQ expr */
-   -3,  /* (160) setlist ::= nm EQ expr */
-   -5,  /* (161) setlist ::= LP idlist RP EQ expr */
-   -7,  /* (162) cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
-   -8,  /* (163) cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
-    0,  /* (164) upsert ::= */
-   -2,  /* (165) upsert ::= RETURNING selcollist */
-  -12,  /* (166) upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
-   -9,  /* (167) upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
-   -5,  /* (168) upsert ::= ON CONFLICT DO NOTHING returning */
-   -8,  /* (169) upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
-   -2,  /* (170) returning ::= RETURNING selcollist */
-   -2,  /* (171) insert_cmd ::= INSERT orconf */
-   -1,  /* (172) insert_cmd ::= REPLACE */
-    0,  /* (173) idlist_opt ::= */
-   -3,  /* (174) idlist_opt ::= LP idlist RP */
-   -3,  /* (175) idlist ::= idlist COMMA nm */
-   -1,  /* (176) idlist ::= nm */
-   -3,  /* (177) expr ::= LP expr RP */
-   -1,  /* (178) expr ::= ID|INDEXED|JOIN_KW */
-   -3,  /* (179) expr ::= nm DOT nm */
-   -5,  /* (180) expr ::= nm DOT nm DOT nm */
-   -1,  /* (181) term ::= NULL|FLOAT|BLOB */
-   -1,  /* (182) term ::= STRING */
-   -1,  /* (183) term ::= INTEGER */
-   -1,  /* (184) expr ::= VARIABLE */
-   -3,  /* (185) expr ::= expr COLLATE ID|STRING */
-   -6,  /* (186) expr ::= CAST LP expr AS typetoken RP */
-   -5,  /* (187) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
-   -8,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
-   -4,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
-   -6,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
-   -9,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
-   -5,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
-   -1,  /* (193) term ::= CTIME_KW */
-   -5,  /* (194) expr ::= LP nexprlist COMMA expr RP */
-   -3,  /* (195) expr ::= expr AND expr */
-   -3,  /* (196) expr ::= expr OR expr */
-   -3,  /* (197) expr ::= expr LT|GT|GE|LE expr */
-   -3,  /* (198) expr ::= expr EQ|NE expr */
-   -3,  /* (199) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
-   -3,  /* (200) expr ::= expr PLUS|MINUS expr */
-   -3,  /* (201) expr ::= expr STAR|SLASH|REM expr */
-   -3,  /* (202) expr ::= expr CONCAT expr */
-   -2,  /* (203) likeop ::= NOT LIKE_KW|MATCH */
-   -3,  /* (204) expr ::= expr likeop expr */
-   -5,  /* (205) expr ::= expr likeop expr ESCAPE expr */
-   -2,  /* (206) expr ::= expr ISNULL|NOTNULL */
-   -3,  /* (207) expr ::= expr NOT NULL */
-   -3,  /* (208) expr ::= expr IS expr */
-   -4,  /* (209) expr ::= expr IS NOT expr */
-   -6,  /* (210) expr ::= expr IS NOT DISTINCT FROM expr */
-   -5,  /* (211) expr ::= expr IS DISTINCT FROM expr */
-   -2,  /* (212) expr ::= NOT expr */
-   -2,  /* (213) expr ::= BITNOT expr */
-   -2,  /* (214) expr ::= PLUS|MINUS expr */
-   -3,  /* (215) expr ::= expr PTR expr */
-   -1,  /* (216) between_op ::= BETWEEN */
-   -2,  /* (217) between_op ::= NOT BETWEEN */
-   -5,  /* (218) expr ::= expr between_op expr AND expr */
-   -1,  /* (219) in_op ::= IN */
-   -2,  /* (220) in_op ::= NOT IN */
-   -5,  /* (221) expr ::= expr in_op LP exprlist RP */
-   -3,  /* (222) expr ::= LP select RP */
-   -5,  /* (223) expr ::= expr in_op LP select RP */
-   -5,  /* (224) expr ::= expr in_op nm dbnm paren_exprlist */
-   -4,  /* (225) expr ::= EXISTS LP select RP */
-   -5,  /* (226) expr ::= CASE case_operand case_exprlist case_else END */
-   -5,  /* (227) case_exprlist ::= case_exprlist WHEN expr THEN expr */
-   -4,  /* (228) case_exprlist ::= WHEN expr THEN expr */
-   -2,  /* (229) case_else ::= ELSE expr */
-    0,  /* (230) case_else ::= */
-    0,  /* (231) case_operand ::= */
-    0,  /* (232) exprlist ::= */
-   -3,  /* (233) nexprlist ::= nexprlist COMMA expr */
-   -1,  /* (234) nexprlist ::= expr */
-    0,  /* (235) paren_exprlist ::= */
-   -3,  /* (236) paren_exprlist ::= LP exprlist RP */
-  -12,  /* (237) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
-   -1,  /* (238) uniqueflag ::= UNIQUE */
-    0,  /* (239) uniqueflag ::= */
-    0,  /* (240) eidlist_opt ::= */
-   -3,  /* (241) eidlist_opt ::= LP eidlist RP */
-   -5,  /* (242) eidlist ::= eidlist COMMA nm collate sortorder */
-   -3,  /* (243) eidlist ::= nm collate sortorder */
-    0,  /* (244) collate ::= */
-   -2,  /* (245) collate ::= COLLATE ID|STRING */
-   -4,  /* (246) cmd ::= DROP INDEX ifexists fullname */
-   -2,  /* (247) cmd ::= VACUUM vinto */
-   -3,  /* (248) cmd ::= VACUUM nm vinto */
-   -2,  /* (249) vinto ::= INTO expr */
-    0,  /* (250) vinto ::= */
-   -3,  /* (251) cmd ::= PRAGMA nm dbnm */
-   -5,  /* (252) cmd ::= PRAGMA nm dbnm EQ nmnum */
-   -6,  /* (253) cmd ::= PRAGMA nm dbnm LP nmnum RP */
-   -5,  /* (254) cmd ::= PRAGMA nm dbnm EQ minus_num */
-   -6,  /* (255) cmd ::= PRAGMA nm dbnm LP minus_num RP */
-   -2,  /* (256) plus_num ::= PLUS INTEGER|FLOAT */
-   -2,  /* (257) minus_num ::= MINUS INTEGER|FLOAT */
-   -5,  /* (258) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
-  -11,  /* (259) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
-   -1,  /* (260) trigger_time ::= BEFORE|AFTER */
-   -2,  /* (261) trigger_time ::= INSTEAD OF */
-    0,  /* (262) trigger_time ::= */
-   -1,  /* (263) trigger_event ::= DELETE|INSERT */
-   -1,  /* (264) trigger_event ::= UPDATE */
-   -3,  /* (265) trigger_event ::= UPDATE OF idlist */
-    0,  /* (266) when_clause ::= */
-   -2,  /* (267) when_clause ::= WHEN expr */
-   -3,  /* (268) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
-   -2,  /* (269) trigger_cmd_list ::= trigger_cmd SEMI */
-   -3,  /* (270) trnm ::= nm DOT nm */
-   -3,  /* (271) tridxby ::= INDEXED BY nm */
-   -2,  /* (272) tridxby ::= NOT INDEXED */
-   -9,  /* (273) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-   -8,  /* (274) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
-   -6,  /* (275) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-   -3,  /* (276) trigger_cmd ::= scanpt select scanpt */
-   -4,  /* (277) expr ::= RAISE LP IGNORE RP */
-   -6,  /* (278) expr ::= RAISE LP raisetype COMMA nm RP */
-   -1,  /* (279) raisetype ::= ROLLBACK */
-   -1,  /* (280) raisetype ::= ABORT */
-   -1,  /* (281) raisetype ::= FAIL */
-   -4,  /* (282) cmd ::= DROP TRIGGER ifexists fullname */
-   -6,  /* (283) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
-   -3,  /* (284) cmd ::= DETACH database_kw_opt expr */
-    0,  /* (285) key_opt ::= */
-   -2,  /* (286) key_opt ::= KEY expr */
-   -1,  /* (287) cmd ::= REINDEX */
-   -3,  /* (288) cmd ::= REINDEX nm dbnm */
-   -1,  /* (289) cmd ::= ANALYZE */
-   -3,  /* (290) cmd ::= ANALYZE nm dbnm */
-   -6,  /* (291) cmd ::= ALTER TABLE fullname RENAME TO nm */
-   -7,  /* (292) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
-   -6,  /* (293) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
-   -1,  /* (294) add_column_fullname ::= fullname */
-   -8,  /* (295) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
-   -1,  /* (296) cmd ::= create_vtab */
-   -4,  /* (297) cmd ::= create_vtab LP vtabarglist RP */
-   -8,  /* (298) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
-    0,  /* (299) vtabarg ::= */
-   -1,  /* (300) vtabargtoken ::= ANY */
-   -3,  /* (301) vtabargtoken ::= lp anylist RP */
-   -1,  /* (302) lp ::= LP */
-   -2,  /* (303) with ::= WITH wqlist */
-   -3,  /* (304) with ::= WITH RECURSIVE wqlist */
-   -1,  /* (305) wqas ::= AS */
-   -2,  /* (306) wqas ::= AS MATERIALIZED */
-   -3,  /* (307) wqas ::= AS NOT MATERIALIZED */
-   -6,  /* (308) wqitem ::= nm eidlist_opt wqas LP select RP */
-   -1,  /* (309) wqlist ::= wqitem */
-   -3,  /* (310) wqlist ::= wqlist COMMA wqitem */
-   -3,  /* (311) windowdefn_list ::= windowdefn_list COMMA windowdefn */
-   -5,  /* (312) windowdefn ::= nm AS LP window RP */
-   -5,  /* (313) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
-   -6,  /* (314) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
-   -4,  /* (315) window ::= ORDER BY sortlist frame_opt */
-   -5,  /* (316) window ::= nm ORDER BY sortlist frame_opt */
-   -2,  /* (317) window ::= nm frame_opt */
-    0,  /* (318) frame_opt ::= */
-   -3,  /* (319) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
-   -6,  /* (320) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
-   -1,  /* (321) range_or_rows ::= RANGE|ROWS|GROUPS */
-   -1,  /* (322) frame_bound_s ::= frame_bound */
-   -2,  /* (323) frame_bound_s ::= UNBOUNDED PRECEDING */
-   -1,  /* (324) frame_bound_e ::= frame_bound */
-   -2,  /* (325) frame_bound_e ::= UNBOUNDED FOLLOWING */
-   -2,  /* (326) frame_bound ::= expr PRECEDING|FOLLOWING */
-   -2,  /* (327) frame_bound ::= CURRENT ROW */
-    0,  /* (328) frame_exclude_opt ::= */
-   -2,  /* (329) frame_exclude_opt ::= EXCLUDE frame_exclude */
-   -2,  /* (330) frame_exclude ::= NO OTHERS */
-   -2,  /* (331) frame_exclude ::= CURRENT ROW */
-   -1,  /* (332) frame_exclude ::= GROUP|TIES */
-   -2,  /* (333) window_clause ::= WINDOW windowdefn_list */
-   -2,  /* (334) filter_over ::= filter_clause over_clause */
-   -1,  /* (335) filter_over ::= over_clause */
-   -1,  /* (336) filter_over ::= filter_clause */
-   -4,  /* (337) over_clause ::= OVER LP window RP */
-   -2,  /* (338) over_clause ::= OVER nm */
-   -5,  /* (339) filter_clause ::= FILTER LP WHERE expr RP */
-   -1,  /* (340) input ::= cmdlist */
-   -2,  /* (341) cmdlist ::= cmdlist ecmd */
-   -1,  /* (342) cmdlist ::= ecmd */
-   -1,  /* (343) ecmd ::= SEMI */
-   -2,  /* (344) ecmd ::= cmdx SEMI */
-   -3,  /* (345) ecmd ::= explain cmdx SEMI */
-    0,  /* (346) trans_opt ::= */
-   -1,  /* (347) trans_opt ::= TRANSACTION */
-   -2,  /* (348) trans_opt ::= TRANSACTION nm */
-   -1,  /* (349) savepoint_opt ::= SAVEPOINT */
-    0,  /* (350) savepoint_opt ::= */
-   -2,  /* (351) cmd ::= create_table create_table_args */
-   -1,  /* (352) table_option_set ::= table_option */
-   -4,  /* (353) columnlist ::= columnlist COMMA columnname carglist */
-   -2,  /* (354) columnlist ::= columnname carglist */
-   -1,  /* (355) nm ::= ID|INDEXED|JOIN_KW */
-   -1,  /* (356) nm ::= STRING */
-   -1,  /* (357) typetoken ::= typename */
-   -1,  /* (358) typename ::= ID|STRING */
-   -1,  /* (359) signed ::= plus_num */
-   -1,  /* (360) signed ::= minus_num */
-   -2,  /* (361) carglist ::= carglist ccons */
-    0,  /* (362) carglist ::= */
-   -2,  /* (363) ccons ::= NULL onconf */
-   -4,  /* (364) ccons ::= GENERATED ALWAYS AS generated */
-   -2,  /* (365) ccons ::= AS generated */
-   -2,  /* (366) conslist_opt ::= COMMA conslist */
-   -3,  /* (367) conslist ::= conslist tconscomma tcons */
-   -1,  /* (368) conslist ::= tcons */
-    0,  /* (369) tconscomma ::= */
-   -1,  /* (370) defer_subclause_opt ::= defer_subclause */
-   -1,  /* (371) resolvetype ::= raisetype */
-   -1,  /* (372) selectnowith ::= oneselect */
-   -1,  /* (373) oneselect ::= values */
-   -2,  /* (374) sclp ::= selcollist COMMA */
-   -1,  /* (375) as ::= ID|STRING */
-   -1,  /* (376) indexed_opt ::= indexed_by */
-    0,  /* (377) returning ::= */
-   -1,  /* (378) expr ::= term */
-   -1,  /* (379) likeop ::= LIKE_KW|MATCH */
-   -1,  /* (380) case_operand ::= expr */
-   -1,  /* (381) exprlist ::= nexprlist */
-   -1,  /* (382) nmnum ::= plus_num */
-   -1,  /* (383) nmnum ::= nm */
-   -1,  /* (384) nmnum ::= ON */
-   -1,  /* (385) nmnum ::= DELETE */
-   -1,  /* (386) nmnum ::= DEFAULT */
-   -1,  /* (387) plus_num ::= INTEGER|FLOAT */
-    0,  /* (388) foreach_clause ::= */
-   -3,  /* (389) foreach_clause ::= FOR EACH ROW */
-   -1,  /* (390) trnm ::= nm */
-    0,  /* (391) tridxby ::= */
-   -1,  /* (392) database_kw_opt ::= DATABASE */
-    0,  /* (393) database_kw_opt ::= */
-    0,  /* (394) kwcolumn_opt ::= */
-   -1,  /* (395) kwcolumn_opt ::= COLUMNKW */
-   -1,  /* (396) vtabarglist ::= vtabarg */
-   -3,  /* (397) vtabarglist ::= vtabarglist COMMA vtabarg */
-   -2,  /* (398) vtabarg ::= vtabarg vtabargtoken */
-    0,  /* (399) anylist ::= */
-   -4,  /* (400) anylist ::= anylist LP anylist RP */
-   -2,  /* (401) anylist ::= anylist ANY */
-    0,  /* (402) with ::= */
-   -1,  /* (403) windowdefn_list ::= windowdefn */
-   -1,  /* (404) window ::= frame_opt */
+   -1,  /* (95) oneselect ::= mvalues */
+   -5,  /* (96) mvalues ::= values COMMA LP nexprlist RP */
+   -5,  /* (97) mvalues ::= mvalues COMMA LP nexprlist RP */
+   -1,  /* (98) distinct ::= DISTINCT */
+   -1,  /* (99) distinct ::= ALL */
+    0,  /* (100) distinct ::= */
+    0,  /* (101) sclp ::= */
+   -5,  /* (102) selcollist ::= sclp scanpt expr scanpt as */
+   -3,  /* (103) selcollist ::= sclp scanpt STAR */
+   -5,  /* (104) selcollist ::= sclp scanpt nm DOT STAR */
+   -2,  /* (105) as ::= AS nm */
+    0,  /* (106) as ::= */
+    0,  /* (107) from ::= */
+   -2,  /* (108) from ::= FROM seltablist */
+   -2,  /* (109) stl_prefix ::= seltablist joinop */
+    0,  /* (110) stl_prefix ::= */
+   -5,  /* (111) seltablist ::= stl_prefix nm dbnm as on_using */
+   -6,  /* (112) seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
+   -8,  /* (113) seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
+   -6,  /* (114) seltablist ::= stl_prefix LP select RP as on_using */
+   -6,  /* (115) seltablist ::= stl_prefix LP seltablist RP as on_using */
+    0,  /* (116) dbnm ::= */
+   -2,  /* (117) dbnm ::= DOT nm */
+   -1,  /* (118) fullname ::= nm */
+   -3,  /* (119) fullname ::= nm DOT nm */
+   -1,  /* (120) xfullname ::= nm */
+   -3,  /* (121) xfullname ::= nm DOT nm */
+   -5,  /* (122) xfullname ::= nm DOT nm AS nm */
+   -3,  /* (123) xfullname ::= nm AS nm */
+   -1,  /* (124) joinop ::= COMMA|JOIN */
+   -2,  /* (125) joinop ::= JOIN_KW JOIN */
+   -3,  /* (126) joinop ::= JOIN_KW nm JOIN */
+   -4,  /* (127) joinop ::= JOIN_KW nm nm JOIN */
+   -2,  /* (128) on_using ::= ON expr */
+   -4,  /* (129) on_using ::= USING LP idlist RP */
+    0,  /* (130) on_using ::= */
+    0,  /* (131) indexed_opt ::= */
+   -3,  /* (132) indexed_by ::= INDEXED BY nm */
+   -2,  /* (133) indexed_by ::= NOT INDEXED */
+    0,  /* (134) orderby_opt ::= */
+   -3,  /* (135) orderby_opt ::= ORDER BY sortlist */
+   -5,  /* (136) sortlist ::= sortlist COMMA expr sortorder nulls */
+   -3,  /* (137) sortlist ::= expr sortorder nulls */
+   -1,  /* (138) sortorder ::= ASC */
+   -1,  /* (139) sortorder ::= DESC */
+    0,  /* (140) sortorder ::= */
+   -2,  /* (141) nulls ::= NULLS FIRST */
+   -2,  /* (142) nulls ::= NULLS LAST */
+    0,  /* (143) nulls ::= */
+    0,  /* (144) groupby_opt ::= */
+   -3,  /* (145) groupby_opt ::= GROUP BY nexprlist */
+    0,  /* (146) having_opt ::= */
+   -2,  /* (147) having_opt ::= HAVING expr */
+    0,  /* (148) limit_opt ::= */
+   -2,  /* (149) limit_opt ::= LIMIT expr */
+   -4,  /* (150) limit_opt ::= LIMIT expr OFFSET expr */
+   -4,  /* (151) limit_opt ::= LIMIT expr COMMA expr */
+   -6,  /* (152) cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
+    0,  /* (153) where_opt ::= */
+   -2,  /* (154) where_opt ::= WHERE expr */
+    0,  /* (155) where_opt_ret ::= */
+   -2,  /* (156) where_opt_ret ::= WHERE expr */
+   -2,  /* (157) where_opt_ret ::= RETURNING selcollist */
+   -4,  /* (158) where_opt_ret ::= WHERE expr RETURNING selcollist */
+   -9,  /* (159) cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
+   -5,  /* (160) setlist ::= setlist COMMA nm EQ expr */
+   -7,  /* (161) setlist ::= setlist COMMA LP idlist RP EQ expr */
+   -3,  /* (162) setlist ::= nm EQ expr */
+   -5,  /* (163) setlist ::= LP idlist RP EQ expr */
+   -7,  /* (164) cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
+   -8,  /* (165) cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
+    0,  /* (166) upsert ::= */
+   -2,  /* (167) upsert ::= RETURNING selcollist */
+  -12,  /* (168) upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
+   -9,  /* (169) upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
+   -5,  /* (170) upsert ::= ON CONFLICT DO NOTHING returning */
+   -8,  /* (171) upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
+   -2,  /* (172) returning ::= RETURNING selcollist */
+   -2,  /* (173) insert_cmd ::= INSERT orconf */
+   -1,  /* (174) insert_cmd ::= REPLACE */
+    0,  /* (175) idlist_opt ::= */
+   -3,  /* (176) idlist_opt ::= LP idlist RP */
+   -3,  /* (177) idlist ::= idlist COMMA nm */
+   -1,  /* (178) idlist ::= nm */
+   -3,  /* (179) expr ::= LP expr RP */
+   -1,  /* (180) expr ::= ID|INDEXED|JOIN_KW */
+   -3,  /* (181) expr ::= nm DOT nm */
+   -5,  /* (182) expr ::= nm DOT nm DOT nm */
+   -1,  /* (183) term ::= NULL|FLOAT|BLOB */
+   -1,  /* (184) term ::= STRING */
+   -1,  /* (185) term ::= INTEGER */
+   -1,  /* (186) expr ::= VARIABLE */
+   -3,  /* (187) expr ::= expr COLLATE ID|STRING */
+   -6,  /* (188) expr ::= CAST LP expr AS typetoken RP */
+   -5,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
+   -8,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
+   -4,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+   -6,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+   -9,  /* (193) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
+   -5,  /* (194) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+   -1,  /* (195) term ::= CTIME_KW */
+   -5,  /* (196) expr ::= LP nexprlist COMMA expr RP */
+   -3,  /* (197) expr ::= expr AND expr */
+   -3,  /* (198) expr ::= expr OR expr */
+   -3,  /* (199) expr ::= expr LT|GT|GE|LE expr */
+   -3,  /* (200) expr ::= expr EQ|NE expr */
+   -3,  /* (201) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
+   -3,  /* (202) expr ::= expr PLUS|MINUS expr */
+   -3,  /* (203) expr ::= expr STAR|SLASH|REM expr */
+   -3,  /* (204) expr ::= expr CONCAT expr */
+   -2,  /* (205) likeop ::= NOT LIKE_KW|MATCH */
+   -3,  /* (206) expr ::= expr likeop expr */
+   -5,  /* (207) expr ::= expr likeop expr ESCAPE expr */
+   -2,  /* (208) expr ::= expr ISNULL|NOTNULL */
+   -3,  /* (209) expr ::= expr NOT NULL */
+   -3,  /* (210) expr ::= expr IS expr */
+   -4,  /* (211) expr ::= expr IS NOT expr */
+   -6,  /* (212) expr ::= expr IS NOT DISTINCT FROM expr */
+   -5,  /* (213) expr ::= expr IS DISTINCT FROM expr */
+   -2,  /* (214) expr ::= NOT expr */
+   -2,  /* (215) expr ::= BITNOT expr */
+   -2,  /* (216) expr ::= PLUS|MINUS expr */
+   -3,  /* (217) expr ::= expr PTR expr */
+   -1,  /* (218) between_op ::= BETWEEN */
+   -2,  /* (219) between_op ::= NOT BETWEEN */
+   -5,  /* (220) expr ::= expr between_op expr AND expr */
+   -1,  /* (221) in_op ::= IN */
+   -2,  /* (222) in_op ::= NOT IN */
+   -5,  /* (223) expr ::= expr in_op LP exprlist RP */
+   -3,  /* (224) expr ::= LP select RP */
+   -5,  /* (225) expr ::= expr in_op LP select RP */
+   -5,  /* (226) expr ::= expr in_op nm dbnm paren_exprlist */
+   -4,  /* (227) expr ::= EXISTS LP select RP */
+   -5,  /* (228) expr ::= CASE case_operand case_exprlist case_else END */
+   -5,  /* (229) case_exprlist ::= case_exprlist WHEN expr THEN expr */
+   -4,  /* (230) case_exprlist ::= WHEN expr THEN expr */
+   -2,  /* (231) case_else ::= ELSE expr */
+    0,  /* (232) case_else ::= */
+    0,  /* (233) case_operand ::= */
+    0,  /* (234) exprlist ::= */
+   -3,  /* (235) nexprlist ::= nexprlist COMMA expr */
+   -1,  /* (236) nexprlist ::= expr */
+    0,  /* (237) paren_exprlist ::= */
+   -3,  /* (238) paren_exprlist ::= LP exprlist RP */
+  -12,  /* (239) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+   -1,  /* (240) uniqueflag ::= UNIQUE */
+    0,  /* (241) uniqueflag ::= */
+    0,  /* (242) eidlist_opt ::= */
+   -3,  /* (243) eidlist_opt ::= LP eidlist RP */
+   -5,  /* (244) eidlist ::= eidlist COMMA nm collate sortorder */
+   -3,  /* (245) eidlist ::= nm collate sortorder */
+    0,  /* (246) collate ::= */
+   -2,  /* (247) collate ::= COLLATE ID|STRING */
+   -4,  /* (248) cmd ::= DROP INDEX ifexists fullname */
+   -2,  /* (249) cmd ::= VACUUM vinto */
+   -3,  /* (250) cmd ::= VACUUM nm vinto */
+   -2,  /* (251) vinto ::= INTO expr */
+    0,  /* (252) vinto ::= */
+   -3,  /* (253) cmd ::= PRAGMA nm dbnm */
+   -5,  /* (254) cmd ::= PRAGMA nm dbnm EQ nmnum */
+   -6,  /* (255) cmd ::= PRAGMA nm dbnm LP nmnum RP */
+   -5,  /* (256) cmd ::= PRAGMA nm dbnm EQ minus_num */
+   -6,  /* (257) cmd ::= PRAGMA nm dbnm LP minus_num RP */
+   -2,  /* (258) plus_num ::= PLUS INTEGER|FLOAT */
+   -2,  /* (259) minus_num ::= MINUS INTEGER|FLOAT */
+   -5,  /* (260) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+  -11,  /* (261) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+   -1,  /* (262) trigger_time ::= BEFORE|AFTER */
+   -2,  /* (263) trigger_time ::= INSTEAD OF */
+    0,  /* (264) trigger_time ::= */
+   -1,  /* (265) trigger_event ::= DELETE|INSERT */
+   -1,  /* (266) trigger_event ::= UPDATE */
+   -3,  /* (267) trigger_event ::= UPDATE OF idlist */
+    0,  /* (268) when_clause ::= */
+   -2,  /* (269) when_clause ::= WHEN expr */
+   -3,  /* (270) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+   -2,  /* (271) trigger_cmd_list ::= trigger_cmd SEMI */
+   -3,  /* (272) trnm ::= nm DOT nm */
+   -3,  /* (273) tridxby ::= INDEXED BY nm */
+   -2,  /* (274) tridxby ::= NOT INDEXED */
+   -9,  /* (275) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+   -8,  /* (276) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+   -6,  /* (277) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+   -3,  /* (278) trigger_cmd ::= scanpt select scanpt */
+   -4,  /* (279) expr ::= RAISE LP IGNORE RP */
+   -6,  /* (280) expr ::= RAISE LP raisetype COMMA nm RP */
+   -1,  /* (281) raisetype ::= ROLLBACK */
+   -1,  /* (282) raisetype ::= ABORT */
+   -1,  /* (283) raisetype ::= FAIL */
+   -4,  /* (284) cmd ::= DROP TRIGGER ifexists fullname */
+   -6,  /* (285) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+   -3,  /* (286) cmd ::= DETACH database_kw_opt expr */
+    0,  /* (287) key_opt ::= */
+   -2,  /* (288) key_opt ::= KEY expr */
+   -1,  /* (289) cmd ::= REINDEX */
+   -3,  /* (290) cmd ::= REINDEX nm dbnm */
+   -1,  /* (291) cmd ::= ANALYZE */
+   -3,  /* (292) cmd ::= ANALYZE nm dbnm */
+   -6,  /* (293) cmd ::= ALTER TABLE fullname RENAME TO nm */
+   -7,  /* (294) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+   -6,  /* (295) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+   -1,  /* (296) add_column_fullname ::= fullname */
+   -8,  /* (297) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+   -1,  /* (298) cmd ::= create_vtab */
+   -4,  /* (299) cmd ::= create_vtab LP vtabarglist RP */
+   -8,  /* (300) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+    0,  /* (301) vtabarg ::= */
+   -1,  /* (302) vtabargtoken ::= ANY */
+   -3,  /* (303) vtabargtoken ::= lp anylist RP */
+   -1,  /* (304) lp ::= LP */
+   -2,  /* (305) with ::= WITH wqlist */
+   -3,  /* (306) with ::= WITH RECURSIVE wqlist */
+   -1,  /* (307) wqas ::= AS */
+   -2,  /* (308) wqas ::= AS MATERIALIZED */
+   -3,  /* (309) wqas ::= AS NOT MATERIALIZED */
+   -6,  /* (310) wqitem ::= withnm eidlist_opt wqas LP select RP */
+   -1,  /* (311) withnm ::= nm */
+   -1,  /* (312) wqlist ::= wqitem */
+   -3,  /* (313) wqlist ::= wqlist COMMA wqitem */
+   -3,  /* (314) windowdefn_list ::= windowdefn_list COMMA windowdefn */
+   -5,  /* (315) windowdefn ::= nm AS LP window RP */
+   -5,  /* (316) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+   -6,  /* (317) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+   -4,  /* (318) window ::= ORDER BY sortlist frame_opt */
+   -5,  /* (319) window ::= nm ORDER BY sortlist frame_opt */
+   -2,  /* (320) window ::= nm frame_opt */
+    0,  /* (321) frame_opt ::= */
+   -3,  /* (322) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
+   -6,  /* (323) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
+   -1,  /* (324) range_or_rows ::= RANGE|ROWS|GROUPS */
+   -1,  /* (325) frame_bound_s ::= frame_bound */
+   -2,  /* (326) frame_bound_s ::= UNBOUNDED PRECEDING */
+   -1,  /* (327) frame_bound_e ::= frame_bound */
+   -2,  /* (328) frame_bound_e ::= UNBOUNDED FOLLOWING */
+   -2,  /* (329) frame_bound ::= expr PRECEDING|FOLLOWING */
+   -2,  /* (330) frame_bound ::= CURRENT ROW */
+    0,  /* (331) frame_exclude_opt ::= */
+   -2,  /* (332) frame_exclude_opt ::= EXCLUDE frame_exclude */
+   -2,  /* (333) frame_exclude ::= NO OTHERS */
+   -2,  /* (334) frame_exclude ::= CURRENT ROW */
+   -1,  /* (335) frame_exclude ::= GROUP|TIES */
+   -2,  /* (336) window_clause ::= WINDOW windowdefn_list */
+   -2,  /* (337) filter_over ::= filter_clause over_clause */
+   -1,  /* (338) filter_over ::= over_clause */
+   -1,  /* (339) filter_over ::= filter_clause */
+   -4,  /* (340) over_clause ::= OVER LP window RP */
+   -2,  /* (341) over_clause ::= OVER nm */
+   -5,  /* (342) filter_clause ::= FILTER LP WHERE expr RP */
+   -1,  /* (343) term ::= QNUMBER */
+   -1,  /* (344) input ::= cmdlist */
+   -2,  /* (345) cmdlist ::= cmdlist ecmd */
+   -1,  /* (346) cmdlist ::= ecmd */
+   -1,  /* (347) ecmd ::= SEMI */
+   -2,  /* (348) ecmd ::= cmdx SEMI */
+   -3,  /* (349) ecmd ::= explain cmdx SEMI */
+    0,  /* (350) trans_opt ::= */
+   -1,  /* (351) trans_opt ::= TRANSACTION */
+   -2,  /* (352) trans_opt ::= TRANSACTION nm */
+   -1,  /* (353) savepoint_opt ::= SAVEPOINT */
+    0,  /* (354) savepoint_opt ::= */
+   -2,  /* (355) cmd ::= create_table create_table_args */
+   -1,  /* (356) table_option_set ::= table_option */
+   -4,  /* (357) columnlist ::= columnlist COMMA columnname carglist */
+   -2,  /* (358) columnlist ::= columnname carglist */
+   -1,  /* (359) nm ::= ID|INDEXED|JOIN_KW */
+   -1,  /* (360) nm ::= STRING */
+   -1,  /* (361) typetoken ::= typename */
+   -1,  /* (362) typename ::= ID|STRING */
+   -1,  /* (363) signed ::= plus_num */
+   -1,  /* (364) signed ::= minus_num */
+   -2,  /* (365) carglist ::= carglist ccons */
+    0,  /* (366) carglist ::= */
+   -2,  /* (367) ccons ::= NULL onconf */
+   -4,  /* (368) ccons ::= GENERATED ALWAYS AS generated */
+   -2,  /* (369) ccons ::= AS generated */
+   -2,  /* (370) conslist_opt ::= COMMA conslist */
+   -3,  /* (371) conslist ::= conslist tconscomma tcons */
+   -1,  /* (372) conslist ::= tcons */
+    0,  /* (373) tconscomma ::= */
+   -1,  /* (374) defer_subclause_opt ::= defer_subclause */
+   -1,  /* (375) resolvetype ::= raisetype */
+   -1,  /* (376) selectnowith ::= oneselect */
+   -1,  /* (377) oneselect ::= values */
+   -2,  /* (378) sclp ::= selcollist COMMA */
+   -1,  /* (379) as ::= ID|STRING */
+   -1,  /* (380) indexed_opt ::= indexed_by */
+    0,  /* (381) returning ::= */
+   -1,  /* (382) expr ::= term */
+   -1,  /* (383) likeop ::= LIKE_KW|MATCH */
+   -1,  /* (384) case_operand ::= expr */
+   -1,  /* (385) exprlist ::= nexprlist */
+   -1,  /* (386) nmnum ::= plus_num */
+   -1,  /* (387) nmnum ::= nm */
+   -1,  /* (388) nmnum ::= ON */
+   -1,  /* (389) nmnum ::= DELETE */
+   -1,  /* (390) nmnum ::= DEFAULT */
+   -1,  /* (391) plus_num ::= INTEGER|FLOAT */
+    0,  /* (392) foreach_clause ::= */
+   -3,  /* (393) foreach_clause ::= FOR EACH ROW */
+   -1,  /* (394) trnm ::= nm */
+    0,  /* (395) tridxby ::= */
+   -1,  /* (396) database_kw_opt ::= DATABASE */
+    0,  /* (397) database_kw_opt ::= */
+    0,  /* (398) kwcolumn_opt ::= */
+   -1,  /* (399) kwcolumn_opt ::= COLUMNKW */
+   -1,  /* (400) vtabarglist ::= vtabarg */
+   -3,  /* (401) vtabarglist ::= vtabarglist COMMA vtabarg */
+   -2,  /* (402) vtabarg ::= vtabarg vtabargtoken */
+    0,  /* (403) anylist ::= */
+   -4,  /* (404) anylist ::= anylist LP anylist RP */
+   -2,  /* (405) anylist ::= anylist ANY */
+    0,  /* (406) with ::= */
+   -1,  /* (407) windowdefn_list ::= windowdefn */
+   -1,  /* (408) window ::= frame_opt */
 };
 
 static void yy_accept(yyParser*);  /* Forward Declaration */
@@ -174505,16 +176117,16 @@ static YYACTIONTYPE yy_reduce(
 { sqlite3FinishCoding(pParse); }
         break;
       case 3: /* cmd ::= BEGIN transtype trans_opt */
-{sqlite3BeginTransaction(pParse, yymsp[-1].minor.yy394);}
+{sqlite3BeginTransaction(pParse, yymsp[-1].minor.yy144);}
         break;
       case 4: /* transtype ::= */
-{yymsp[1].minor.yy394 = TK_DEFERRED;}
+{yymsp[1].minor.yy144 = TK_DEFERRED;}
         break;
       case 5: /* transtype ::= DEFERRED */
       case 6: /* transtype ::= IMMEDIATE */ yytestcase(yyruleno==6);
       case 7: /* transtype ::= EXCLUSIVE */ yytestcase(yyruleno==7);
-      case 321: /* range_or_rows ::= RANGE|ROWS|GROUPS */ yytestcase(yyruleno==321);
-{yymsp[0].minor.yy394 = yymsp[0].major; /*A-overwrites-X*/}
+      case 324: /* range_or_rows ::= RANGE|ROWS|GROUPS */ yytestcase(yyruleno==324);
+{yymsp[0].minor.yy144 = yymsp[0].major; /*A-overwrites-X*/}
         break;
       case 8: /* cmd ::= COMMIT|END trans_opt */
       case 9: /* cmd ::= ROLLBACK trans_opt */ yytestcase(yyruleno==9);
@@ -174537,7 +176149,7 @@ static YYACTIONTYPE yy_reduce(
         break;
       case 13: /* create_table ::= createkw temp TABLE ifnotexists nm dbnm */
 {
-   sqlite3StartTable(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,yymsp[-4].minor.yy394,0,0,yymsp[-2].minor.yy394);
+   sqlite3StartTable(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,yymsp[-4].minor.yy144,0,0,yymsp[-2].minor.yy144);
 }
         break;
       case 14: /* createkw ::= CREATE */
@@ -174549,40 +176161,40 @@ static YYACTIONTYPE yy_reduce(
       case 62: /* init_deferred_pred_opt ::= */ yytestcase(yyruleno==62);
       case 72: /* defer_subclause_opt ::= */ yytestcase(yyruleno==72);
       case 81: /* ifexists ::= */ yytestcase(yyruleno==81);
-      case 98: /* distinct ::= */ yytestcase(yyruleno==98);
-      case 244: /* collate ::= */ yytestcase(yyruleno==244);
-{yymsp[1].minor.yy394 = 0;}
+      case 100: /* distinct ::= */ yytestcase(yyruleno==100);
+      case 246: /* collate ::= */ yytestcase(yyruleno==246);
+{yymsp[1].minor.yy144 = 0;}
         break;
       case 16: /* ifnotexists ::= IF NOT EXISTS */
-{yymsp[-2].minor.yy394 = 1;}
+{yymsp[-2].minor.yy144 = 1;}
         break;
       case 17: /* temp ::= TEMP */
-{yymsp[0].minor.yy394 = pParse->db->init.busy==0;}
+{yymsp[0].minor.yy144 = pParse->db->init.busy==0;}
         break;
       case 19: /* create_table_args ::= LP columnlist conslist_opt RP table_option_set */
 {
-  sqlite3EndTable(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,yymsp[0].minor.yy285,0);
+  sqlite3EndTable(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,yymsp[0].minor.yy391,0);
 }
         break;
       case 20: /* create_table_args ::= AS select */
 {
-  sqlite3EndTable(pParse,0,0,0,yymsp[0].minor.yy47);
-  sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy47);
+  sqlite3EndTable(pParse,0,0,0,yymsp[0].minor.yy555);
+  sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy555);
 }
         break;
       case 21: /* table_option_set ::= */
-{yymsp[1].minor.yy285 = 0;}
+{yymsp[1].minor.yy391 = 0;}
         break;
       case 22: /* table_option_set ::= table_option_set COMMA table_option */
-{yylhsminor.yy285 = yymsp[-2].minor.yy285|yymsp[0].minor.yy285;}
-  yymsp[-2].minor.yy285 = yylhsminor.yy285;
+{yylhsminor.yy391 = yymsp[-2].minor.yy391|yymsp[0].minor.yy391;}
+  yymsp[-2].minor.yy391 = yylhsminor.yy391;
         break;
       case 23: /* table_option ::= WITHOUT nm */
 {
   if( yymsp[0].minor.yy0.n==5 && sqlite3_strnicmp(yymsp[0].minor.yy0.z,"rowid",5)==0 ){
-    yymsp[-1].minor.yy285 = TF_WithoutRowid | TF_NoVisibleRowid;
+    yymsp[-1].minor.yy391 = TF_WithoutRowid | TF_NoVisibleRowid;
   }else{
-    yymsp[-1].minor.yy285 = 0;
+    yymsp[-1].minor.yy391 = 0;
     sqlite3ErrorMsg(pParse, "unknown table option: %.*s", yymsp[0].minor.yy0.n, yymsp[0].minor.yy0.z);
   }
 }
@@ -174590,20 +176202,20 @@ static YYACTIONTYPE yy_reduce(
       case 24: /* table_option ::= nm */
 {
   if( yymsp[0].minor.yy0.n==6 && sqlite3_strnicmp(yymsp[0].minor.yy0.z,"strict",6)==0 ){
-    yylhsminor.yy285 = TF_Strict;
+    yylhsminor.yy391 = TF_Strict;
   }else{
-    yylhsminor.yy285 = 0;
+    yylhsminor.yy391 = 0;
     sqlite3ErrorMsg(pParse, "unknown table option: %.*s", yymsp[0].minor.yy0.n, yymsp[0].minor.yy0.z);
   }
 }
-  yymsp[0].minor.yy285 = yylhsminor.yy285;
+  yymsp[0].minor.yy391 = yylhsminor.yy391;
         break;
       case 25: /* columnname ::= nm typetoken */
 {sqlite3AddColumn(pParse,yymsp[-1].minor.yy0,yymsp[0].minor.yy0);}
         break;
       case 26: /* typetoken ::= */
       case 65: /* conslist_opt ::= */ yytestcase(yyruleno==65);
-      case 104: /* as ::= */ yytestcase(yyruleno==104);
+      case 106: /* as ::= */ yytestcase(yyruleno==106);
 {yymsp[1].minor.yy0.n = 0; yymsp[1].minor.yy0.z = 0;}
         break;
       case 27: /* typetoken ::= typename LP signed RP */
@@ -174622,7 +176234,7 @@ static YYACTIONTYPE yy_reduce(
       case 30: /* scanpt ::= */
 {
   assert( yyLookahead!=YYNOCODE );
-  yymsp[1].minor.yy522 = yyLookaheadToken.z;
+  yymsp[1].minor.yy168 = yyLookaheadToken.z;
 }
         break;
       case 31: /* scantok ::= */
@@ -174636,17 +176248,17 @@ static YYACTIONTYPE yy_reduce(
 {pParse->constraintName = yymsp[0].minor.yy0;}
         break;
       case 33: /* ccons ::= DEFAULT scantok term */
-{sqlite3AddDefaultValue(pParse,yymsp[0].minor.yy528,yymsp[-1].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);}
+{sqlite3AddDefaultValue(pParse,yymsp[0].minor.yy454,yymsp[-1].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);}
         break;
       case 34: /* ccons ::= DEFAULT LP expr RP */
-{sqlite3AddDefaultValue(pParse,yymsp[-1].minor.yy528,yymsp[-2].minor.yy0.z+1,yymsp[0].minor.yy0.z);}
+{sqlite3AddDefaultValue(pParse,yymsp[-1].minor.yy454,yymsp[-2].minor.yy0.z+1,yymsp[0].minor.yy0.z);}
         break;
       case 35: /* ccons ::= DEFAULT PLUS scantok term */
-{sqlite3AddDefaultValue(pParse,yymsp[0].minor.yy528,yymsp[-2].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);}
+{sqlite3AddDefaultValue(pParse,yymsp[0].minor.yy454,yymsp[-2].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);}
         break;
       case 36: /* ccons ::= DEFAULT MINUS scantok term */
 {
-  Expr *p = sqlite3PExpr(pParse, TK_UMINUS, yymsp[0].minor.yy528, 0);
+  Expr *p = sqlite3PExpr(pParse, TK_UMINUS, yymsp[0].minor.yy454, 0);
   sqlite3AddDefaultValue(pParse,p,yymsp[-2].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);
 }
         break;
@@ -174661,151 +176273,151 @@ static YYACTIONTYPE yy_reduce(
 }
         break;
       case 38: /* ccons ::= NOT NULL onconf */
-{sqlite3AddNotNull(pParse, yymsp[0].minor.yy394);}
+{sqlite3AddNotNull(pParse, yymsp[0].minor.yy144);}
         break;
       case 39: /* ccons ::= PRIMARY KEY sortorder onconf autoinc */
-{sqlite3AddPrimaryKey(pParse,0,yymsp[-1].minor.yy394,yymsp[0].minor.yy394,yymsp[-2].minor.yy394);}
+{sqlite3AddPrimaryKey(pParse,0,yymsp[-1].minor.yy144,yymsp[0].minor.yy144,yymsp[-2].minor.yy144);}
         break;
       case 40: /* ccons ::= UNIQUE onconf */
-{sqlite3CreateIndex(pParse,0,0,0,0,yymsp[0].minor.yy394,0,0,0,0,
+{sqlite3CreateIndex(pParse,0,0,0,0,yymsp[0].minor.yy144,0,0,0,0,
                                    SQLITE_IDXTYPE_UNIQUE);}
         break;
       case 41: /* ccons ::= CHECK LP expr RP */
-{sqlite3AddCheckConstraint(pParse,yymsp[-1].minor.yy528,yymsp[-2].minor.yy0.z,yymsp[0].minor.yy0.z);}
+{sqlite3AddCheckConstraint(pParse,yymsp[-1].minor.yy454,yymsp[-2].minor.yy0.z,yymsp[0].minor.yy0.z);}
         break;
       case 42: /* ccons ::= REFERENCES nm eidlist_opt refargs */
-{sqlite3CreateForeignKey(pParse,0,&yymsp[-2].minor.yy0,yymsp[-1].minor.yy322,yymsp[0].minor.yy394);}
+{sqlite3CreateForeignKey(pParse,0,&yymsp[-2].minor.yy0,yymsp[-1].minor.yy14,yymsp[0].minor.yy144);}
         break;
       case 43: /* ccons ::= defer_subclause */
-{sqlite3DeferForeignKey(pParse,yymsp[0].minor.yy394);}
+{sqlite3DeferForeignKey(pParse,yymsp[0].minor.yy144);}
         break;
       case 44: /* ccons ::= COLLATE ID|STRING */
 {sqlite3AddCollateType(pParse, &yymsp[0].minor.yy0);}
         break;
       case 45: /* generated ::= LP expr RP */
-{sqlite3AddGenerated(pParse,yymsp[-1].minor.yy528,0);}
+{sqlite3AddGenerated(pParse,yymsp[-1].minor.yy454,0);}
         break;
       case 46: /* generated ::= LP expr RP ID */
-{sqlite3AddGenerated(pParse,yymsp[-2].minor.yy528,&yymsp[0].minor.yy0);}
+{sqlite3AddGenerated(pParse,yymsp[-2].minor.yy454,&yymsp[0].minor.yy0);}
         break;
       case 48: /* autoinc ::= AUTOINCR */
-{yymsp[0].minor.yy394 = 1;}
+{yymsp[0].minor.yy144 = 1;}
         break;
       case 49: /* refargs ::= */
-{ yymsp[1].minor.yy394 = OE_None*0x0101; /* EV: R-19803-45884 */}
+{ yymsp[1].minor.yy144 = OE_None*0x0101; /* EV: R-19803-45884 */}
         break;
       case 50: /* refargs ::= refargs refarg */
-{ yymsp[-1].minor.yy394 = (yymsp[-1].minor.yy394 & ~yymsp[0].minor.yy231.mask) | yymsp[0].minor.yy231.value; }
+{ yymsp[-1].minor.yy144 = (yymsp[-1].minor.yy144 & ~yymsp[0].minor.yy383.mask) | yymsp[0].minor.yy383.value; }
         break;
       case 51: /* refarg ::= MATCH nm */
-{ yymsp[-1].minor.yy231.value = 0;     yymsp[-1].minor.yy231.mask = 0x000000; }
+{ yymsp[-1].minor.yy383.value = 0;     yymsp[-1].minor.yy383.mask = 0x000000; }
         break;
       case 52: /* refarg ::= ON INSERT refact */
-{ yymsp[-2].minor.yy231.value = 0;     yymsp[-2].minor.yy231.mask = 0x000000; }
+{ yymsp[-2].minor.yy383.value = 0;     yymsp[-2].minor.yy383.mask = 0x000000; }
         break;
       case 53: /* refarg ::= ON DELETE refact */
-{ yymsp[-2].minor.yy231.value = yymsp[0].minor.yy394;     yymsp[-2].minor.yy231.mask = 0x0000ff; }
+{ yymsp[-2].minor.yy383.value = yymsp[0].minor.yy144;     yymsp[-2].minor.yy383.mask = 0x0000ff; }
         break;
       case 54: /* refarg ::= ON UPDATE refact */
-{ yymsp[-2].minor.yy231.value = yymsp[0].minor.yy394<<8;  yymsp[-2].minor.yy231.mask = 0x00ff00; }
+{ yymsp[-2].minor.yy383.value = yymsp[0].minor.yy144<<8;  yymsp[-2].minor.yy383.mask = 0x00ff00; }
         break;
       case 55: /* refact ::= SET NULL */
-{ yymsp[-1].minor.yy394 = OE_SetNull;  /* EV: R-33326-45252 */}
+{ yymsp[-1].minor.yy144 = OE_SetNull;  /* EV: R-33326-45252 */}
         break;
       case 56: /* refact ::= SET DEFAULT */
-{ yymsp[-1].minor.yy394 = OE_SetDflt;  /* EV: R-33326-45252 */}
+{ yymsp[-1].minor.yy144 = OE_SetDflt;  /* EV: R-33326-45252 */}
         break;
       case 57: /* refact ::= CASCADE */
-{ yymsp[0].minor.yy394 = OE_Cascade;  /* EV: R-33326-45252 */}
+{ yymsp[0].minor.yy144 = OE_Cascade;  /* EV: R-33326-45252 */}
         break;
       case 58: /* refact ::= RESTRICT */
-{ yymsp[0].minor.yy394 = OE_Restrict; /* EV: R-33326-45252 */}
+{ yymsp[0].minor.yy144 = OE_Restrict; /* EV: R-33326-45252 */}
         break;
       case 59: /* refact ::= NO ACTION */
-{ yymsp[-1].minor.yy394 = OE_None;     /* EV: R-33326-45252 */}
+{ yymsp[-1].minor.yy144 = OE_None;     /* EV: R-33326-45252 */}
         break;
       case 60: /* defer_subclause ::= NOT DEFERRABLE init_deferred_pred_opt */
-{yymsp[-2].minor.yy394 = 0;}
+{yymsp[-2].minor.yy144 = 0;}
         break;
       case 61: /* defer_subclause ::= DEFERRABLE init_deferred_pred_opt */
       case 76: /* orconf ::= OR resolvetype */ yytestcase(yyruleno==76);
-      case 171: /* insert_cmd ::= INSERT orconf */ yytestcase(yyruleno==171);
-{yymsp[-1].minor.yy394 = yymsp[0].minor.yy394;}
+      case 173: /* insert_cmd ::= INSERT orconf */ yytestcase(yyruleno==173);
+{yymsp[-1].minor.yy144 = yymsp[0].minor.yy144;}
         break;
       case 63: /* init_deferred_pred_opt ::= INITIALLY DEFERRED */
       case 80: /* ifexists ::= IF EXISTS */ yytestcase(yyruleno==80);
-      case 217: /* between_op ::= NOT BETWEEN */ yytestcase(yyruleno==217);
-      case 220: /* in_op ::= NOT IN */ yytestcase(yyruleno==220);
-      case 245: /* collate ::= COLLATE ID|STRING */ yytestcase(yyruleno==245);
-{yymsp[-1].minor.yy394 = 1;}
+      case 219: /* between_op ::= NOT BETWEEN */ yytestcase(yyruleno==219);
+      case 222: /* in_op ::= NOT IN */ yytestcase(yyruleno==222);
+      case 247: /* collate ::= COLLATE ID|STRING */ yytestcase(yyruleno==247);
+{yymsp[-1].minor.yy144 = 1;}
         break;
       case 64: /* init_deferred_pred_opt ::= INITIALLY IMMEDIATE */
-{yymsp[-1].minor.yy394 = 0;}
+{yymsp[-1].minor.yy144 = 0;}
         break;
       case 66: /* tconscomma ::= COMMA */
 {pParse->constraintName.n = 0;}
         break;
       case 68: /* tcons ::= PRIMARY KEY LP sortlist autoinc RP onconf */
-{sqlite3AddPrimaryKey(pParse,yymsp[-3].minor.yy322,yymsp[0].minor.yy394,yymsp[-2].minor.yy394,0);}
+{sqlite3AddPrimaryKey(pParse,yymsp[-3].minor.yy14,yymsp[0].minor.yy144,yymsp[-2].minor.yy144,0);}
         break;
       case 69: /* tcons ::= UNIQUE LP sortlist RP onconf */
-{sqlite3CreateIndex(pParse,0,0,0,yymsp[-2].minor.yy322,yymsp[0].minor.yy394,0,0,0,0,
+{sqlite3CreateIndex(pParse,0,0,0,yymsp[-2].minor.yy14,yymsp[0].minor.yy144,0,0,0,0,
                                        SQLITE_IDXTYPE_UNIQUE);}
         break;
       case 70: /* tcons ::= CHECK LP expr RP onconf */
-{sqlite3AddCheckConstraint(pParse,yymsp[-2].minor.yy528,yymsp[-3].minor.yy0.z,yymsp[-1].minor.yy0.z);}
+{sqlite3AddCheckConstraint(pParse,yymsp[-2].minor.yy454,yymsp[-3].minor.yy0.z,yymsp[-1].minor.yy0.z);}
         break;
       case 71: /* tcons ::= FOREIGN KEY LP eidlist RP REFERENCES nm eidlist_opt refargs defer_subclause_opt */
 {
-    sqlite3CreateForeignKey(pParse, yymsp[-6].minor.yy322, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy322, yymsp[-1].minor.yy394);
-    sqlite3DeferForeignKey(pParse, yymsp[0].minor.yy394);
+    sqlite3CreateForeignKey(pParse, yymsp[-6].minor.yy14, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy14, yymsp[-1].minor.yy144);
+    sqlite3DeferForeignKey(pParse, yymsp[0].minor.yy144);
 }
         break;
       case 73: /* onconf ::= */
       case 75: /* orconf ::= */ yytestcase(yyruleno==75);
-{yymsp[1].minor.yy394 = OE_Default;}
+{yymsp[1].minor.yy144 = OE_Default;}
         break;
       case 74: /* onconf ::= ON CONFLICT resolvetype */
-{yymsp[-2].minor.yy394 = yymsp[0].minor.yy394;}
+{yymsp[-2].minor.yy144 = yymsp[0].minor.yy144;}
         break;
       case 77: /* resolvetype ::= IGNORE */
-{yymsp[0].minor.yy394 = OE_Ignore;}
+{yymsp[0].minor.yy144 = OE_Ignore;}
         break;
       case 78: /* resolvetype ::= REPLACE */
-      case 172: /* insert_cmd ::= REPLACE */ yytestcase(yyruleno==172);
-{yymsp[0].minor.yy394 = OE_Replace;}
+      case 174: /* insert_cmd ::= REPLACE */ yytestcase(yyruleno==174);
+{yymsp[0].minor.yy144 = OE_Replace;}
         break;
       case 79: /* cmd ::= DROP TABLE ifexists fullname */
 {
-  sqlite3DropTable(pParse, yymsp[0].minor.yy131, 0, yymsp[-1].minor.yy394);
+  sqlite3DropTable(pParse, yymsp[0].minor.yy203, 0, yymsp[-1].minor.yy144);
 }
         break;
       case 82: /* cmd ::= createkw temp VIEW ifnotexists nm dbnm eidlist_opt AS select */
 {
-  sqlite3CreateView(pParse, &yymsp[-8].minor.yy0, &yymsp[-4].minor.yy0, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy322, yymsp[0].minor.yy47, yymsp[-7].minor.yy394, yymsp[-5].minor.yy394);
+  sqlite3CreateView(pParse, &yymsp[-8].minor.yy0, &yymsp[-4].minor.yy0, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy14, yymsp[0].minor.yy555, yymsp[-7].minor.yy144, yymsp[-5].minor.yy144);
 }
         break;
       case 83: /* cmd ::= DROP VIEW ifexists fullname */
 {
-  sqlite3DropTable(pParse, yymsp[0].minor.yy131, 1, yymsp[-1].minor.yy394);
+  sqlite3DropTable(pParse, yymsp[0].minor.yy203, 1, yymsp[-1].minor.yy144);
 }
         break;
       case 84: /* cmd ::= select */
 {
   SelectDest dest = {SRT_Output, 0, 0, 0, 0, 0, 0};
-  sqlite3Select(pParse, yymsp[0].minor.yy47, &dest);
-  sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy47);
+  sqlite3Select(pParse, yymsp[0].minor.yy555, &dest);
+  sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy555);
 }
         break;
       case 85: /* select ::= WITH wqlist selectnowith */
-{yymsp[-2].minor.yy47 = attachWithToSelect(pParse,yymsp[0].minor.yy47,yymsp[-1].minor.yy521);}
+{yymsp[-2].minor.yy555 = attachWithToSelect(pParse,yymsp[0].minor.yy555,yymsp[-1].minor.yy59);}
         break;
       case 86: /* select ::= WITH RECURSIVE wqlist selectnowith */
-{yymsp[-3].minor.yy47 = attachWithToSelect(pParse,yymsp[0].minor.yy47,yymsp[-1].minor.yy521);}
+{yymsp[-3].minor.yy555 = attachWithToSelect(pParse,yymsp[0].minor.yy555,yymsp[-1].minor.yy59);}
         break;
       case 87: /* select ::= selectnowith */
 {
-  Select *p = yymsp[0].minor.yy47;
+  Select *p = yymsp[0].minor.yy555;
   if( p ){
     parserDoubleLinkSelect(pParse, p);
   }
@@ -174813,8 +176425,8 @@ static YYACTIONTYPE yy_reduce(
         break;
       case 88: /* selectnowith ::= selectnowith multiselect_op oneselect */
 {
-  Select *pRhs = yymsp[0].minor.yy47;
-  Select *pLhs = yymsp[-2].minor.yy47;
+  Select *pRhs = yymsp[0].minor.yy555;
+  Select *pLhs = yymsp[-2].minor.yy555;
   if( pRhs && pRhs->pPrior ){
     SrcList *pFrom;
     Token x;
@@ -174824,148 +176436,145 @@ static YYACTIONTYPE yy_reduce(
     pRhs = sqlite3SelectNew(pParse,0,pFrom,0,0,0,0,0,0);
   }
   if( pRhs ){
-    pRhs->op = (u8)yymsp[-1].minor.yy394;
+    pRhs->op = (u8)yymsp[-1].minor.yy144;
     pRhs->pPrior = pLhs;
     if( ALWAYS(pLhs) ) pLhs->selFlags &= ~SF_MultiValue;
     pRhs->selFlags &= ~SF_MultiValue;
-    if( yymsp[-1].minor.yy394!=TK_ALL ) pParse->hasCompound = 1;
+    if( yymsp[-1].minor.yy144!=TK_ALL ) pParse->hasCompound = 1;
   }else{
     sqlite3SelectDelete(pParse->db, pLhs);
   }
-  yymsp[-2].minor.yy47 = pRhs;
+  yymsp[-2].minor.yy555 = pRhs;
 }
         break;
       case 89: /* multiselect_op ::= UNION */
       case 91: /* multiselect_op ::= EXCEPT|INTERSECT */ yytestcase(yyruleno==91);
-{yymsp[0].minor.yy394 = yymsp[0].major; /*A-overwrites-OP*/}
+{yymsp[0].minor.yy144 = yymsp[0].major; /*A-overwrites-OP*/}
         break;
       case 90: /* multiselect_op ::= UNION ALL */
-{yymsp[-1].minor.yy394 = TK_ALL;}
+{yymsp[-1].minor.yy144 = TK_ALL;}
         break;
       case 92: /* oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt */
 {
-  yymsp[-8].minor.yy47 = sqlite3SelectNew(pParse,yymsp[-6].minor.yy322,yymsp[-5].minor.yy131,yymsp[-4].minor.yy528,yymsp[-3].minor.yy322,yymsp[-2].minor.yy528,yymsp[-1].minor.yy322,yymsp[-7].minor.yy394,yymsp[0].minor.yy528);
+  yymsp[-8].minor.yy555 = sqlite3SelectNew(pParse,yymsp[-6].minor.yy14,yymsp[-5].minor.yy203,yymsp[-4].minor.yy454,yymsp[-3].minor.yy14,yymsp[-2].minor.yy454,yymsp[-1].minor.yy14,yymsp[-7].minor.yy144,yymsp[0].minor.yy454);
 }
         break;
       case 93: /* oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt */
 {
-  yymsp[-9].minor.yy47 = sqlite3SelectNew(pParse,yymsp[-7].minor.yy322,yymsp[-6].minor.yy131,yymsp[-5].minor.yy528,yymsp[-4].minor.yy322,yymsp[-3].minor.yy528,yymsp[-1].minor.yy322,yymsp[-8].minor.yy394,yymsp[0].minor.yy528);
-  if( yymsp[-9].minor.yy47 ){
-    yymsp[-9].minor.yy47->pWinDefn = yymsp[-2].minor.yy41;
+  yymsp[-9].minor.yy555 = sqlite3SelectNew(pParse,yymsp[-7].minor.yy14,yymsp[-6].minor.yy203,yymsp[-5].minor.yy454,yymsp[-4].minor.yy14,yymsp[-3].minor.yy454,yymsp[-1].minor.yy14,yymsp[-8].minor.yy144,yymsp[0].minor.yy454);
+  if( yymsp[-9].minor.yy555 ){
+    yymsp[-9].minor.yy555->pWinDefn = yymsp[-2].minor.yy211;
   }else{
-    sqlite3WindowListDelete(pParse->db, yymsp[-2].minor.yy41);
+    sqlite3WindowListDelete(pParse->db, yymsp[-2].minor.yy211);
   }
 }
         break;
       case 94: /* values ::= VALUES LP nexprlist RP */
 {
-  yymsp[-3].minor.yy47 = sqlite3SelectNew(pParse,yymsp[-1].minor.yy322,0,0,0,0,0,SF_Values,0);
+  yymsp[-3].minor.yy555 = sqlite3SelectNew(pParse,yymsp[-1].minor.yy14,0,0,0,0,0,SF_Values,0);
 }
         break;
-      case 95: /* values ::= values COMMA LP nexprlist RP */
+      case 95: /* oneselect ::= mvalues */
 {
-  Select *pRight, *pLeft = yymsp[-4].minor.yy47;
-  pRight = sqlite3SelectNew(pParse,yymsp[-1].minor.yy322,0,0,0,0,0,SF_Values|SF_MultiValue,0);
-  if( ALWAYS(pLeft) ) pLeft->selFlags &= ~SF_MultiValue;
-  if( pRight ){
-    pRight->op = TK_ALL;
-    pRight->pPrior = pLeft;
-    yymsp[-4].minor.yy47 = pRight;
-  }else{
-    yymsp[-4].minor.yy47 = pLeft;
-  }
+  sqlite3MultiValuesEnd(pParse, yymsp[0].minor.yy555);
 }
         break;
-      case 96: /* distinct ::= DISTINCT */
-{yymsp[0].minor.yy394 = SF_Distinct;}
+      case 96: /* mvalues ::= values COMMA LP nexprlist RP */
+      case 97: /* mvalues ::= mvalues COMMA LP nexprlist RP */ yytestcase(yyruleno==97);
+{
+  yymsp[-4].minor.yy555 = sqlite3MultiValues(pParse, yymsp[-4].minor.yy555, yymsp[-1].minor.yy14);
+}
         break;
-      case 97: /* distinct ::= ALL */
-{yymsp[0].minor.yy394 = SF_All;}
+      case 98: /* distinct ::= DISTINCT */
+{yymsp[0].minor.yy144 = SF_Distinct;}
         break;
-      case 99: /* sclp ::= */
-      case 132: /* orderby_opt ::= */ yytestcase(yyruleno==132);
-      case 142: /* groupby_opt ::= */ yytestcase(yyruleno==142);
-      case 232: /* exprlist ::= */ yytestcase(yyruleno==232);
-      case 235: /* paren_exprlist ::= */ yytestcase(yyruleno==235);
-      case 240: /* eidlist_opt ::= */ yytestcase(yyruleno==240);
-{yymsp[1].minor.yy322 = 0;}
+      case 99: /* distinct ::= ALL */
+{yymsp[0].minor.yy144 = SF_All;}
         break;
-      case 100: /* selcollist ::= sclp scanpt expr scanpt as */
+      case 101: /* sclp ::= */
+      case 134: /* orderby_opt ::= */ yytestcase(yyruleno==134);
+      case 144: /* groupby_opt ::= */ yytestcase(yyruleno==144);
+      case 234: /* exprlist ::= */ yytestcase(yyruleno==234);
+      case 237: /* paren_exprlist ::= */ yytestcase(yyruleno==237);
+      case 242: /* eidlist_opt ::= */ yytestcase(yyruleno==242);
+{yymsp[1].minor.yy14 = 0;}
+        break;
+      case 102: /* selcollist ::= sclp scanpt expr scanpt as */
 {
-   yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-4].minor.yy322, yymsp[-2].minor.yy528);
-   if( yymsp[0].minor.yy0.n>0 ) sqlite3ExprListSetName(pParse, yymsp[-4].minor.yy322, &yymsp[0].minor.yy0, 1);
-   sqlite3ExprListSetSpan(pParse,yymsp[-4].minor.yy322,yymsp[-3].minor.yy522,yymsp[-1].minor.yy522);
+   yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse, yymsp[-4].minor.yy14, yymsp[-2].minor.yy454);
+   if( yymsp[0].minor.yy0.n>0 ) sqlite3ExprListSetName(pParse, yymsp[-4].minor.yy14, &yymsp[0].minor.yy0, 1);
+   sqlite3ExprListSetSpan(pParse,yymsp[-4].minor.yy14,yymsp[-3].minor.yy168,yymsp[-1].minor.yy168);
 }
         break;
-      case 101: /* selcollist ::= sclp scanpt STAR */
+      case 103: /* selcollist ::= sclp scanpt STAR */
 {
   Expr *p = sqlite3Expr(pParse->db, TK_ASTERISK, 0);
   sqlite3ExprSetErrorOffset(p, (int)(yymsp[0].minor.yy0.z - pParse->zTail));
-  yymsp[-2].minor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-2].minor.yy322, p);
+  yymsp[-2].minor.yy14 = sqlite3ExprListAppend(pParse, yymsp[-2].minor.yy14, p);
 }
         break;
-      case 102: /* selcollist ::= sclp scanpt nm DOT STAR */
+      case 104: /* selcollist ::= sclp scanpt nm DOT STAR */
 {
   Expr *pRight, *pLeft, *pDot;
   pRight = sqlite3PExpr(pParse, TK_ASTERISK, 0, 0);
   sqlite3ExprSetErrorOffset(pRight, (int)(yymsp[0].minor.yy0.z - pParse->zTail));
   pLeft = tokenExpr(pParse, TK_ID, yymsp[-2].minor.yy0);
   pDot = sqlite3PExpr(pParse, TK_DOT, pLeft, pRight);
-  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, pDot);
+  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy14, pDot);
 }
         break;
-      case 103: /* as ::= AS nm */
-      case 115: /* dbnm ::= DOT nm */ yytestcase(yyruleno==115);
-      case 256: /* plus_num ::= PLUS INTEGER|FLOAT */ yytestcase(yyruleno==256);
-      case 257: /* minus_num ::= MINUS INTEGER|FLOAT */ yytestcase(yyruleno==257);
+      case 105: /* as ::= AS nm */
+      case 117: /* dbnm ::= DOT nm */ yytestcase(yyruleno==117);
+      case 258: /* plus_num ::= PLUS INTEGER|FLOAT */ yytestcase(yyruleno==258);
+      case 259: /* minus_num ::= MINUS INTEGER|FLOAT */ yytestcase(yyruleno==259);
 {yymsp[-1].minor.yy0 = yymsp[0].minor.yy0;}
         break;
-      case 105: /* from ::= */
-      case 108: /* stl_prefix ::= */ yytestcase(yyruleno==108);
-{yymsp[1].minor.yy131 = 0;}
+      case 107: /* from ::= */
+      case 110: /* stl_prefix ::= */ yytestcase(yyruleno==110);
+{yymsp[1].minor.yy203 = 0;}
         break;
-      case 106: /* from ::= FROM seltablist */
+      case 108: /* from ::= FROM seltablist */
 {
-  yymsp[-1].minor.yy131 = yymsp[0].minor.yy131;
-  sqlite3SrcListShiftJoinType(pParse,yymsp[-1].minor.yy131);
+  yymsp[-1].minor.yy203 = yymsp[0].minor.yy203;
+  sqlite3SrcListShiftJoinType(pParse,yymsp[-1].minor.yy203);
 }
         break;
-      case 107: /* stl_prefix ::= seltablist joinop */
+      case 109: /* stl_prefix ::= seltablist joinop */
 {
-   if( ALWAYS(yymsp[-1].minor.yy131 && yymsp[-1].minor.yy131->nSrc>0) ) yymsp[-1].minor.yy131->a[yymsp[-1].minor.yy131->nSrc-1].fg.jointype = (u8)yymsp[0].minor.yy394;
+   if( ALWAYS(yymsp[-1].minor.yy203 && yymsp[-1].minor.yy203->nSrc>0) ) yymsp[-1].minor.yy203->a[yymsp[-1].minor.yy203->nSrc-1].fg.jointype = (u8)yymsp[0].minor.yy144;
 }
         break;
-      case 109: /* seltablist ::= stl_prefix nm dbnm as on_using */
+      case 111: /* seltablist ::= stl_prefix nm dbnm as on_using */
 {
-  yymsp[-4].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-4].minor.yy131,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy561);
+  yymsp[-4].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-4].minor.yy203,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy269);
 }
         break;
-      case 110: /* seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
+      case 112: /* seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
 {
-  yymsp[-5].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy131,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,0,&yymsp[0].minor.yy561);
-  sqlite3SrcListIndexedBy(pParse, yymsp[-5].minor.yy131, &yymsp[-1].minor.yy0);
+  yymsp[-5].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy203,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,0,&yymsp[0].minor.yy269);
+  sqlite3SrcListIndexedBy(pParse, yymsp[-5].minor.yy203, &yymsp[-1].minor.yy0);
 }
         break;
-      case 111: /* seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
+      case 113: /* seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
 {
-  yymsp[-7].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-7].minor.yy131,&yymsp[-6].minor.yy0,&yymsp[-5].minor.yy0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy561);
-  sqlite3SrcListFuncArgs(pParse, yymsp[-7].minor.yy131, yymsp[-3].minor.yy322);
+  yymsp[-7].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-7].minor.yy203,&yymsp[-6].minor.yy0,&yymsp[-5].minor.yy0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy269);
+  sqlite3SrcListFuncArgs(pParse, yymsp[-7].minor.yy203, yymsp[-3].minor.yy14);
 }
         break;
-      case 112: /* seltablist ::= stl_prefix LP select RP as on_using */
+      case 114: /* seltablist ::= stl_prefix LP select RP as on_using */
 {
-    yymsp[-5].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy131,0,0,&yymsp[-1].minor.yy0,yymsp[-3].minor.yy47,&yymsp[0].minor.yy561);
+    yymsp[-5].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy203,0,0,&yymsp[-1].minor.yy0,yymsp[-3].minor.yy555,&yymsp[0].minor.yy269);
   }
         break;
-      case 113: /* seltablist ::= stl_prefix LP seltablist RP as on_using */
+      case 115: /* seltablist ::= stl_prefix LP seltablist RP as on_using */
 {
-    if( yymsp[-5].minor.yy131==0 && yymsp[-1].minor.yy0.n==0 && yymsp[0].minor.yy561.pOn==0 && yymsp[0].minor.yy561.pUsing==0 ){
-      yymsp[-5].minor.yy131 = yymsp[-3].minor.yy131;
-    }else if( ALWAYS(yymsp[-3].minor.yy131!=0) && yymsp[-3].minor.yy131->nSrc==1 ){
-      yymsp[-5].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy131,0,0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy561);
-      if( yymsp[-5].minor.yy131 ){
-        SrcItem *pNew = &yymsp[-5].minor.yy131->a[yymsp[-5].minor.yy131->nSrc-1];
-        SrcItem *pOld = yymsp[-3].minor.yy131->a;
+    if( yymsp[-5].minor.yy203==0 && yymsp[-1].minor.yy0.n==0 && yymsp[0].minor.yy269.pOn==0 && yymsp[0].minor.yy269.pUsing==0 ){
+      yymsp[-5].minor.yy203 = yymsp[-3].minor.yy203;
+    }else if( ALWAYS(yymsp[-3].minor.yy203!=0) && yymsp[-3].minor.yy203->nSrc==1 ){
+      yymsp[-5].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy203,0,0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy269);
+      if( yymsp[-5].minor.yy203 ){
+        SrcItem *pNew = &yymsp[-5].minor.yy203->a[yymsp[-5].minor.yy203->nSrc-1];
+        SrcItem *pOld = yymsp[-3].minor.yy203->a;
         pNew->zName = pOld->zName;
         pNew->zDatabase = pOld->zDatabase;
         pNew->pSelect = pOld->pSelect;
@@ -174981,153 +176590,153 @@ static YYACTIONTYPE yy_reduce(
         pOld->zName = pOld->zDatabase = 0;
         pOld->pSelect = 0;
       }
-      sqlite3SrcListDelete(pParse->db, yymsp[-3].minor.yy131);
+      sqlite3SrcListDelete(pParse->db, yymsp[-3].minor.yy203);
     }else{
       Select *pSubquery;
-      sqlite3SrcListShiftJoinType(pParse,yymsp[-3].minor.yy131);
-      pSubquery = sqlite3SelectNew(pParse,0,yymsp[-3].minor.yy131,0,0,0,0,SF_NestedFrom,0);
-      yymsp[-5].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy131,0,0,&yymsp[-1].minor.yy0,pSubquery,&yymsp[0].minor.yy561);
+      sqlite3SrcListShiftJoinType(pParse,yymsp[-3].minor.yy203);
+      pSubquery = sqlite3SelectNew(pParse,0,yymsp[-3].minor.yy203,0,0,0,0,SF_NestedFrom,0);
+      yymsp[-5].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy203,0,0,&yymsp[-1].minor.yy0,pSubquery,&yymsp[0].minor.yy269);
     }
   }
         break;
-      case 114: /* dbnm ::= */
-      case 129: /* indexed_opt ::= */ yytestcase(yyruleno==129);
+      case 116: /* dbnm ::= */
+      case 131: /* indexed_opt ::= */ yytestcase(yyruleno==131);
 {yymsp[1].minor.yy0.z=0; yymsp[1].minor.yy0.n=0;}
         break;
-      case 116: /* fullname ::= nm */
+      case 118: /* fullname ::= nm */
 {
-  yylhsminor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[0].minor.yy0,0);
-  if( IN_RENAME_OBJECT && yylhsminor.yy131 ) sqlite3RenameTokenMap(pParse, yylhsminor.yy131->a[0].zName, &yymsp[0].minor.yy0);
+  yylhsminor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[0].minor.yy0,0);
+  if( IN_RENAME_OBJECT && yylhsminor.yy203 ) sqlite3RenameTokenMap(pParse, yylhsminor.yy203->a[0].zName, &yymsp[0].minor.yy0);
 }
-  yymsp[0].minor.yy131 = yylhsminor.yy131;
+  yymsp[0].minor.yy203 = yylhsminor.yy203;
         break;
-      case 117: /* fullname ::= nm DOT nm */
+      case 119: /* fullname ::= nm DOT nm */
 {
-  yylhsminor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0);
-  if( IN_RENAME_OBJECT && yylhsminor.yy131 ) sqlite3RenameTokenMap(pParse, yylhsminor.yy131->a[0].zName, &yymsp[0].minor.yy0);
+  yylhsminor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0);
+  if( IN_RENAME_OBJECT && yylhsminor.yy203 ) sqlite3RenameTokenMap(pParse, yylhsminor.yy203->a[0].zName, &yymsp[0].minor.yy0);
 }
-  yymsp[-2].minor.yy131 = yylhsminor.yy131;
+  yymsp[-2].minor.yy203 = yylhsminor.yy203;
         break;
-      case 118: /* xfullname ::= nm */
-{yymsp[0].minor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[0].minor.yy0,0); /*A-overwrites-X*/}
+      case 120: /* xfullname ::= nm */
+{yymsp[0].minor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[0].minor.yy0,0); /*A-overwrites-X*/}
         break;
-      case 119: /* xfullname ::= nm DOT nm */
-{yymsp[-2].minor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0); /*A-overwrites-X*/}
+      case 121: /* xfullname ::= nm DOT nm */
+{yymsp[-2].minor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0); /*A-overwrites-X*/}
         break;
-      case 120: /* xfullname ::= nm DOT nm AS nm */
+      case 122: /* xfullname ::= nm DOT nm AS nm */
 {
-   yymsp[-4].minor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,&yymsp[-2].minor.yy0); /*A-overwrites-X*/
-   if( yymsp[-4].minor.yy131 ) yymsp[-4].minor.yy131->a[0].zAlias = sqlite3NameFromToken(pParse->db, &yymsp[0].minor.yy0);
+   yymsp[-4].minor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,&yymsp[-2].minor.yy0); /*A-overwrites-X*/
+   if( yymsp[-4].minor.yy203 ) yymsp[-4].minor.yy203->a[0].zAlias = sqlite3NameFromToken(pParse->db, &yymsp[0].minor.yy0);
 }
         break;
-      case 121: /* xfullname ::= nm AS nm */
+      case 123: /* xfullname ::= nm AS nm */
 {
-   yymsp[-2].minor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,0); /*A-overwrites-X*/
-   if( yymsp[-2].minor.yy131 ) yymsp[-2].minor.yy131->a[0].zAlias = sqlite3NameFromToken(pParse->db, &yymsp[0].minor.yy0);
+   yymsp[-2].minor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,0); /*A-overwrites-X*/
+   if( yymsp[-2].minor.yy203 ) yymsp[-2].minor.yy203->a[0].zAlias = sqlite3NameFromToken(pParse->db, &yymsp[0].minor.yy0);
 }
         break;
-      case 122: /* joinop ::= COMMA|JOIN */
-{ yymsp[0].minor.yy394 = JT_INNER; }
+      case 124: /* joinop ::= COMMA|JOIN */
+{ yymsp[0].minor.yy144 = JT_INNER; }
         break;
-      case 123: /* joinop ::= JOIN_KW JOIN */
-{yymsp[-1].minor.yy394 = sqlite3JoinType(pParse,&yymsp[-1].minor.yy0,0,0);  /*X-overwrites-A*/}
+      case 125: /* joinop ::= JOIN_KW JOIN */
+{yymsp[-1].minor.yy144 = sqlite3JoinType(pParse,&yymsp[-1].minor.yy0,0,0);  /*X-overwrites-A*/}
         break;
-      case 124: /* joinop ::= JOIN_KW nm JOIN */
-{yymsp[-2].minor.yy394 = sqlite3JoinType(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,0); /*X-overwrites-A*/}
+      case 126: /* joinop ::= JOIN_KW nm JOIN */
+{yymsp[-2].minor.yy144 = sqlite3JoinType(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,0); /*X-overwrites-A*/}
         break;
-      case 125: /* joinop ::= JOIN_KW nm nm JOIN */
-{yymsp[-3].minor.yy394 = sqlite3JoinType(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0);/*X-overwrites-A*/}
+      case 127: /* joinop ::= JOIN_KW nm nm JOIN */
+{yymsp[-3].minor.yy144 = sqlite3JoinType(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0);/*X-overwrites-A*/}
         break;
-      case 126: /* on_using ::= ON expr */
-{yymsp[-1].minor.yy561.pOn = yymsp[0].minor.yy528; yymsp[-1].minor.yy561.pUsing = 0;}
+      case 128: /* on_using ::= ON expr */
+{yymsp[-1].minor.yy269.pOn = yymsp[0].minor.yy454; yymsp[-1].minor.yy269.pUsing = 0;}
         break;
-      case 127: /* on_using ::= USING LP idlist RP */
-{yymsp[-3].minor.yy561.pOn = 0; yymsp[-3].minor.yy561.pUsing = yymsp[-1].minor.yy254;}
+      case 129: /* on_using ::= USING LP idlist RP */
+{yymsp[-3].minor.yy269.pOn = 0; yymsp[-3].minor.yy269.pUsing = yymsp[-1].minor.yy132;}
         break;
-      case 128: /* on_using ::= */
-{yymsp[1].minor.yy561.pOn = 0; yymsp[1].minor.yy561.pUsing = 0;}
+      case 130: /* on_using ::= */
+{yymsp[1].minor.yy269.pOn = 0; yymsp[1].minor.yy269.pUsing = 0;}
         break;
-      case 130: /* indexed_by ::= INDEXED BY nm */
+      case 132: /* indexed_by ::= INDEXED BY nm */
 {yymsp[-2].minor.yy0 = yymsp[0].minor.yy0;}
         break;
-      case 131: /* indexed_by ::= NOT INDEXED */
+      case 133: /* indexed_by ::= NOT INDEXED */
 {yymsp[-1].minor.yy0.z=0; yymsp[-1].minor.yy0.n=1;}
         break;
-      case 133: /* orderby_opt ::= ORDER BY sortlist */
-      case 143: /* groupby_opt ::= GROUP BY nexprlist */ yytestcase(yyruleno==143);
-{yymsp[-2].minor.yy322 = yymsp[0].minor.yy322;}
+      case 135: /* orderby_opt ::= ORDER BY sortlist */
+      case 145: /* groupby_opt ::= GROUP BY nexprlist */ yytestcase(yyruleno==145);
+{yymsp[-2].minor.yy14 = yymsp[0].minor.yy14;}
         break;
-      case 134: /* sortlist ::= sortlist COMMA expr sortorder nulls */
+      case 136: /* sortlist ::= sortlist COMMA expr sortorder nulls */
 {
-  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322,yymsp[-2].minor.yy528);
-  sqlite3ExprListSetSortOrder(yymsp[-4].minor.yy322,yymsp[-1].minor.yy394,yymsp[0].minor.yy394);
+  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy14,yymsp[-2].minor.yy454);
+  sqlite3ExprListSetSortOrder(yymsp[-4].minor.yy14,yymsp[-1].minor.yy144,yymsp[0].minor.yy144);
 }
         break;
-      case 135: /* sortlist ::= expr sortorder nulls */
+      case 137: /* sortlist ::= expr sortorder nulls */
 {
-  yymsp[-2].minor.yy322 = sqlite3ExprListAppend(pParse,0,yymsp[-2].minor.yy528); /*A-overwrites-Y*/
-  sqlite3ExprListSetSortOrder(yymsp[-2].minor.yy322,yymsp[-1].minor.yy394,yymsp[0].minor.yy394);
+  yymsp[-2].minor.yy14 = sqlite3ExprListAppend(pParse,0,yymsp[-2].minor.yy454); /*A-overwrites-Y*/
+  sqlite3ExprListSetSortOrder(yymsp[-2].minor.yy14,yymsp[-1].minor.yy144,yymsp[0].minor.yy144);
 }
         break;
-      case 136: /* sortorder ::= ASC */
-{yymsp[0].minor.yy394 = SQLITE_SO_ASC;}
+      case 138: /* sortorder ::= ASC */
+{yymsp[0].minor.yy144 = SQLITE_SO_ASC;}
         break;
-      case 137: /* sortorder ::= DESC */
-{yymsp[0].minor.yy394 = SQLITE_SO_DESC;}
+      case 139: /* sortorder ::= DESC */
+{yymsp[0].minor.yy144 = SQLITE_SO_DESC;}
         break;
-      case 138: /* sortorder ::= */
-      case 141: /* nulls ::= */ yytestcase(yyruleno==141);
-{yymsp[1].minor.yy394 = SQLITE_SO_UNDEFINED;}
+      case 140: /* sortorder ::= */
+      case 143: /* nulls ::= */ yytestcase(yyruleno==143);
+{yymsp[1].minor.yy144 = SQLITE_SO_UNDEFINED;}
         break;
-      case 139: /* nulls ::= NULLS FIRST */
-{yymsp[-1].minor.yy394 = SQLITE_SO_ASC;}
+      case 141: /* nulls ::= NULLS FIRST */
+{yymsp[-1].minor.yy144 = SQLITE_SO_ASC;}
         break;
-      case 140: /* nulls ::= NULLS LAST */
-{yymsp[-1].minor.yy394 = SQLITE_SO_DESC;}
+      case 142: /* nulls ::= NULLS LAST */
+{yymsp[-1].minor.yy144 = SQLITE_SO_DESC;}
         break;
-      case 144: /* having_opt ::= */
-      case 146: /* limit_opt ::= */ yytestcase(yyruleno==146);
-      case 151: /* where_opt ::= */ yytestcase(yyruleno==151);
-      case 153: /* where_opt_ret ::= */ yytestcase(yyruleno==153);
-      case 230: /* case_else ::= */ yytestcase(yyruleno==230);
-      case 231: /* case_operand ::= */ yytestcase(yyruleno==231);
-      case 250: /* vinto ::= */ yytestcase(yyruleno==250);
-{yymsp[1].minor.yy528 = 0;}
+      case 146: /* having_opt ::= */
+      case 148: /* limit_opt ::= */ yytestcase(yyruleno==148);
+      case 153: /* where_opt ::= */ yytestcase(yyruleno==153);
+      case 155: /* where_opt_ret ::= */ yytestcase(yyruleno==155);
+      case 232: /* case_else ::= */ yytestcase(yyruleno==232);
+      case 233: /* case_operand ::= */ yytestcase(yyruleno==233);
+      case 252: /* vinto ::= */ yytestcase(yyruleno==252);
+{yymsp[1].minor.yy454 = 0;}
         break;
-      case 145: /* having_opt ::= HAVING expr */
-      case 152: /* where_opt ::= WHERE expr */ yytestcase(yyruleno==152);
-      case 154: /* where_opt_ret ::= WHERE expr */ yytestcase(yyruleno==154);
-      case 229: /* case_else ::= ELSE expr */ yytestcase(yyruleno==229);
-      case 249: /* vinto ::= INTO expr */ yytestcase(yyruleno==249);
-{yymsp[-1].minor.yy528 = yymsp[0].minor.yy528;}
+      case 147: /* having_opt ::= HAVING expr */
+      case 154: /* where_opt ::= WHERE expr */ yytestcase(yyruleno==154);
+      case 156: /* where_opt_ret ::= WHERE expr */ yytestcase(yyruleno==156);
+      case 231: /* case_else ::= ELSE expr */ yytestcase(yyruleno==231);
+      case 251: /* vinto ::= INTO expr */ yytestcase(yyruleno==251);
+{yymsp[-1].minor.yy454 = yymsp[0].minor.yy454;}
         break;
-      case 147: /* limit_opt ::= LIMIT expr */
-{yymsp[-1].minor.yy528 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[0].minor.yy528,0);}
+      case 149: /* limit_opt ::= LIMIT expr */
+{yymsp[-1].minor.yy454 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[0].minor.yy454,0);}
         break;
-      case 148: /* limit_opt ::= LIMIT expr OFFSET expr */
-{yymsp[-3].minor.yy528 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
+      case 150: /* limit_opt ::= LIMIT expr OFFSET expr */
+{yymsp[-3].minor.yy454 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[-2].minor.yy454,yymsp[0].minor.yy454);}
         break;
-      case 149: /* limit_opt ::= LIMIT expr COMMA expr */
-{yymsp[-3].minor.yy528 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[0].minor.yy528,yymsp[-2].minor.yy528);}
+      case 151: /* limit_opt ::= LIMIT expr COMMA expr */
+{yymsp[-3].minor.yy454 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[0].minor.yy454,yymsp[-2].minor.yy454);}
         break;
-      case 150: /* cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
+      case 152: /* cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
 {
-  sqlite3SrcListIndexedBy(pParse, yymsp[-2].minor.yy131, &yymsp[-1].minor.yy0);
-  sqlite3DeleteFrom(pParse,yymsp[-2].minor.yy131,yymsp[0].minor.yy528,0,0);
+  sqlite3SrcListIndexedBy(pParse, yymsp[-2].minor.yy203, &yymsp[-1].minor.yy0);
+  sqlite3DeleteFrom(pParse,yymsp[-2].minor.yy203,yymsp[0].minor.yy454,0,0);
 }
         break;
-      case 155: /* where_opt_ret ::= RETURNING selcollist */
-{sqlite3AddReturning(pParse,yymsp[0].minor.yy322); yymsp[-1].minor.yy528 = 0;}
+      case 157: /* where_opt_ret ::= RETURNING selcollist */
+{sqlite3AddReturning(pParse,yymsp[0].minor.yy14); yymsp[-1].minor.yy454 = 0;}
         break;
-      case 156: /* where_opt_ret ::= WHERE expr RETURNING selcollist */
-{sqlite3AddReturning(pParse,yymsp[0].minor.yy322); yymsp[-3].minor.yy528 = yymsp[-2].minor.yy528;}
+      case 158: /* where_opt_ret ::= WHERE expr RETURNING selcollist */
+{sqlite3AddReturning(pParse,yymsp[0].minor.yy14); yymsp[-3].minor.yy454 = yymsp[-2].minor.yy454;}
         break;
-      case 157: /* cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
+      case 159: /* cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
 {
-  sqlite3SrcListIndexedBy(pParse, yymsp[-5].minor.yy131, &yymsp[-4].minor.yy0);
-  sqlite3ExprListCheckLength(pParse,yymsp[-2].minor.yy322,"set list");
-  if( yymsp[-1].minor.yy131 ){
-    SrcList *pFromClause = yymsp[-1].minor.yy131;
+  sqlite3SrcListIndexedBy(pParse, yymsp[-5].minor.yy203, &yymsp[-4].minor.yy0);
+  sqlite3ExprListCheckLength(pParse,yymsp[-2].minor.yy14,"set list");
+  if( yymsp[-1].minor.yy203 ){
+    SrcList *pFromClause = yymsp[-1].minor.yy203;
     if( pFromClause->nSrc>1 ){
       Select *pSubquery;
       Token as;
@@ -175136,92 +176745,92 @@ static YYACTIONTYPE yy_reduce(
       as.z = 0;
       pFromClause = sqlite3SrcListAppendFromTerm(pParse,0,0,0,&as,pSubquery,0);
     }
-    yymsp[-5].minor.yy131 = sqlite3SrcListAppendList(pParse, yymsp[-5].minor.yy131, pFromClause);
+    yymsp[-5].minor.yy203 = sqlite3SrcListAppendList(pParse, yymsp[-5].minor.yy203, pFromClause);
   }
-  sqlite3Update(pParse,yymsp[-5].minor.yy131,yymsp[-2].minor.yy322,yymsp[0].minor.yy528,yymsp[-6].minor.yy394,0,0,0);
+  sqlite3Update(pParse,yymsp[-5].minor.yy203,yymsp[-2].minor.yy14,yymsp[0].minor.yy454,yymsp[-6].minor.yy144,0,0,0);
 }
         break;
-      case 158: /* setlist ::= setlist COMMA nm EQ expr */
+      case 160: /* setlist ::= setlist COMMA nm EQ expr */
 {
-  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-4].minor.yy322, yymsp[0].minor.yy528);
-  sqlite3ExprListSetName(pParse, yymsp[-4].minor.yy322, &yymsp[-2].minor.yy0, 1);
+  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse, yymsp[-4].minor.yy14, yymsp[0].minor.yy454);
+  sqlite3ExprListSetName(pParse, yymsp[-4].minor.yy14, &yymsp[-2].minor.yy0, 1);
 }
         break;
-      case 159: /* setlist ::= setlist COMMA LP idlist RP EQ expr */
+      case 161: /* setlist ::= setlist COMMA LP idlist RP EQ expr */
 {
-  yymsp[-6].minor.yy322 = sqlite3ExprListAppendVector(pParse, yymsp[-6].minor.yy322, yymsp[-3].minor.yy254, yymsp[0].minor.yy528);
+  yymsp[-6].minor.yy14 = sqlite3ExprListAppendVector(pParse, yymsp[-6].minor.yy14, yymsp[-3].minor.yy132, yymsp[0].minor.yy454);
 }
         break;
-      case 160: /* setlist ::= nm EQ expr */
+      case 162: /* setlist ::= nm EQ expr */
 {
-  yylhsminor.yy322 = sqlite3ExprListAppend(pParse, 0, yymsp[0].minor.yy528);
-  sqlite3ExprListSetName(pParse, yylhsminor.yy322, &yymsp[-2].minor.yy0, 1);
+  yylhsminor.yy14 = sqlite3ExprListAppend(pParse, 0, yymsp[0].minor.yy454);
+  sqlite3ExprListSetName(pParse, yylhsminor.yy14, &yymsp[-2].minor.yy0, 1);
 }
-  yymsp[-2].minor.yy322 = yylhsminor.yy322;
+  yymsp[-2].minor.yy14 = yylhsminor.yy14;
         break;
-      case 161: /* setlist ::= LP idlist RP EQ expr */
+      case 163: /* setlist ::= LP idlist RP EQ expr */
 {
-  yymsp[-4].minor.yy322 = sqlite3ExprListAppendVector(pParse, 0, yymsp[-3].minor.yy254, yymsp[0].minor.yy528);
+  yymsp[-4].minor.yy14 = sqlite3ExprListAppendVector(pParse, 0, yymsp[-3].minor.yy132, yymsp[0].minor.yy454);
 }
         break;
-      case 162: /* cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
+      case 164: /* cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
 {
-  sqlite3Insert(pParse, yymsp[-3].minor.yy131, yymsp[-1].minor.yy47, yymsp[-2].minor.yy254, yymsp[-5].minor.yy394, yymsp[0].minor.yy444);
+  sqlite3Insert(pParse, yymsp[-3].minor.yy203, yymsp[-1].minor.yy555, yymsp[-2].minor.yy132, yymsp[-5].minor.yy144, yymsp[0].minor.yy122);
 }
         break;
-      case 163: /* cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
+      case 165: /* cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
 {
-  sqlite3Insert(pParse, yymsp[-4].minor.yy131, 0, yymsp[-3].minor.yy254, yymsp[-6].minor.yy394, 0);
+  sqlite3Insert(pParse, yymsp[-4].minor.yy203, 0, yymsp[-3].minor.yy132, yymsp[-6].minor.yy144, 0);
 }
         break;
-      case 164: /* upsert ::= */
-{ yymsp[1].minor.yy444 = 0; }
+      case 166: /* upsert ::= */
+{ yymsp[1].minor.yy122 = 0; }
         break;
-      case 165: /* upsert ::= RETURNING selcollist */
-{ yymsp[-1].minor.yy444 = 0; sqlite3AddReturning(pParse,yymsp[0].minor.yy322); }
+      case 167: /* upsert ::= RETURNING selcollist */
+{ yymsp[-1].minor.yy122 = 0; sqlite3AddReturning(pParse,yymsp[0].minor.yy14); }
         break;
-      case 166: /* upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
-{ yymsp[-11].minor.yy444 = sqlite3UpsertNew(pParse->db,yymsp[-8].minor.yy322,yymsp[-6].minor.yy528,yymsp[-2].minor.yy322,yymsp[-1].minor.yy528,yymsp[0].minor.yy444);}
+      case 168: /* upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
+{ yymsp[-11].minor.yy122 = sqlite3UpsertNew(pParse->db,yymsp[-8].minor.yy14,yymsp[-6].minor.yy454,yymsp[-2].minor.yy14,yymsp[-1].minor.yy454,yymsp[0].minor.yy122);}
         break;
-      case 167: /* upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
-{ yymsp[-8].minor.yy444 = sqlite3UpsertNew(pParse->db,yymsp[-5].minor.yy322,yymsp[-3].minor.yy528,0,0,yymsp[0].minor.yy444); }
+      case 169: /* upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
+{ yymsp[-8].minor.yy122 = sqlite3UpsertNew(pParse->db,yymsp[-5].minor.yy14,yymsp[-3].minor.yy454,0,0,yymsp[0].minor.yy122); }
         break;
-      case 168: /* upsert ::= ON CONFLICT DO NOTHING returning */
-{ yymsp[-4].minor.yy444 = sqlite3UpsertNew(pParse->db,0,0,0,0,0); }
+      case 170: /* upsert ::= ON CONFLICT DO NOTHING returning */
+{ yymsp[-4].minor.yy122 = sqlite3UpsertNew(pParse->db,0,0,0,0,0); }
         break;
-      case 169: /* upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
-{ yymsp[-7].minor.yy444 = sqlite3UpsertNew(pParse->db,0,0,yymsp[-2].minor.yy322,yymsp[-1].minor.yy528,0);}
+      case 171: /* upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
+{ yymsp[-7].minor.yy122 = sqlite3UpsertNew(pParse->db,0,0,yymsp[-2].minor.yy14,yymsp[-1].minor.yy454,0);}
         break;
-      case 170: /* returning ::= RETURNING selcollist */
-{sqlite3AddReturning(pParse,yymsp[0].minor.yy322);}
+      case 172: /* returning ::= RETURNING selcollist */
+{sqlite3AddReturning(pParse,yymsp[0].minor.yy14);}
         break;
-      case 173: /* idlist_opt ::= */
-{yymsp[1].minor.yy254 = 0;}
+      case 175: /* idlist_opt ::= */
+{yymsp[1].minor.yy132 = 0;}
         break;
-      case 174: /* idlist_opt ::= LP idlist RP */
-{yymsp[-2].minor.yy254 = yymsp[-1].minor.yy254;}
+      case 176: /* idlist_opt ::= LP idlist RP */
+{yymsp[-2].minor.yy132 = yymsp[-1].minor.yy132;}
         break;
-      case 175: /* idlist ::= idlist COMMA nm */
-{yymsp[-2].minor.yy254 = sqlite3IdListAppend(pParse,yymsp[-2].minor.yy254,&yymsp[0].minor.yy0);}
+      case 177: /* idlist ::= idlist COMMA nm */
+{yymsp[-2].minor.yy132 = sqlite3IdListAppend(pParse,yymsp[-2].minor.yy132,&yymsp[0].minor.yy0);}
         break;
-      case 176: /* idlist ::= nm */
-{yymsp[0].minor.yy254 = sqlite3IdListAppend(pParse,0,&yymsp[0].minor.yy0); /*A-overwrites-Y*/}
+      case 178: /* idlist ::= nm */
+{yymsp[0].minor.yy132 = sqlite3IdListAppend(pParse,0,&yymsp[0].minor.yy0); /*A-overwrites-Y*/}
         break;
-      case 177: /* expr ::= LP expr RP */
-{yymsp[-2].minor.yy528 = yymsp[-1].minor.yy528;}
+      case 179: /* expr ::= LP expr RP */
+{yymsp[-2].minor.yy454 = yymsp[-1].minor.yy454;}
         break;
-      case 178: /* expr ::= ID|INDEXED|JOIN_KW */
-{yymsp[0].minor.yy528=tokenExpr(pParse,TK_ID,yymsp[0].minor.yy0); /*A-overwrites-X*/}
+      case 180: /* expr ::= ID|INDEXED|JOIN_KW */
+{yymsp[0].minor.yy454=tokenExpr(pParse,TK_ID,yymsp[0].minor.yy0); /*A-overwrites-X*/}
         break;
-      case 179: /* expr ::= nm DOT nm */
+      case 181: /* expr ::= nm DOT nm */
 {
   Expr *temp1 = tokenExpr(pParse,TK_ID,yymsp[-2].minor.yy0);
   Expr *temp2 = tokenExpr(pParse,TK_ID,yymsp[0].minor.yy0);
-  yylhsminor.yy528 = sqlite3PExpr(pParse, TK_DOT, temp1, temp2);
+  yylhsminor.yy454 = sqlite3PExpr(pParse, TK_DOT, temp1, temp2);
 }
-  yymsp[-2].minor.yy528 = yylhsminor.yy528;
+  yymsp[-2].minor.yy454 = yylhsminor.yy454;
         break;
-      case 180: /* expr ::= nm DOT nm DOT nm */
+      case 182: /* expr ::= nm DOT nm DOT nm */
 {
   Expr *temp1 = tokenExpr(pParse,TK_ID,yymsp[-4].minor.yy0);
   Expr *temp2 = tokenExpr(pParse,TK_ID,yymsp[-2].minor.yy0);
@@ -175230,27 +176839,27 @@ static YYACTIONTYPE yy_reduce(
   if( IN_RENAME_OBJECT ){
     sqlite3RenameTokenRemap(pParse, 0, temp1);
   }
-  yylhsminor.yy528 = sqlite3PExpr(pParse, TK_DOT, temp1, temp4);
+  yylhsminor.yy454 = sqlite3PExpr(pParse, TK_DOT, temp1, temp4);
 }
-  yymsp[-4].minor.yy528 = yylhsminor.yy528;
+  yymsp[-4].minor.yy454 = yylhsminor.yy454;
         break;
-      case 181: /* term ::= NULL|FLOAT|BLOB */
-      case 182: /* term ::= STRING */ yytestcase(yyruleno==182);
-{yymsp[0].minor.yy528=tokenExpr(pParse,yymsp[0].major,yymsp[0].minor.yy0); /*A-overwrites-X*/}
+      case 183: /* term ::= NULL|FLOAT|BLOB */
+      case 184: /* term ::= STRING */ yytestcase(yyruleno==184);
+{yymsp[0].minor.yy454=tokenExpr(pParse,yymsp[0].major,yymsp[0].minor.yy0); /*A-overwrites-X*/}
         break;
-      case 183: /* term ::= INTEGER */
+      case 185: /* term ::= INTEGER */
 {
-  yylhsminor.yy528 = sqlite3ExprAlloc(pParse->db, TK_INTEGER, &yymsp[0].minor.yy0, 1);
-  if( yylhsminor.yy528 ) yylhsminor.yy528->w.iOfst = (int)(yymsp[0].minor.yy0.z - pParse->zTail);
+  yylhsminor.yy454 = sqlite3ExprAlloc(pParse->db, TK_INTEGER, &yymsp[0].minor.yy0, 1);
+  if( yylhsminor.yy454 ) yylhsminor.yy454->w.iOfst = (int)(yymsp[0].minor.yy0.z - pParse->zTail);
 }
-  yymsp[0].minor.yy528 = yylhsminor.yy528;
+  yymsp[0].minor.yy454 = yylhsminor.yy454;
         break;
-      case 184: /* expr ::= VARIABLE */
+      case 186: /* expr ::= VARIABLE */
 {
   if( !(yymsp[0].minor.yy0.z[0]=='#' && sqlite3Isdigit(yymsp[0].minor.yy0.z[1])) ){
     u32 n = yymsp[0].minor.yy0.n;
-    yymsp[0].minor.yy528 = tokenExpr(pParse, TK_VARIABLE, yymsp[0].minor.yy0);
-    sqlite3ExprAssignVarNumber(pParse, yymsp[0].minor.yy528, n);
+    yymsp[0].minor.yy454 = tokenExpr(pParse, TK_VARIABLE, yymsp[0].minor.yy0);
+    sqlite3ExprAssignVarNumber(pParse, yymsp[0].minor.yy454, n);
   }else{
     /* When doing a nested parse, one can include terms in an expression
     ** that look like this:   #1 #2 ...  These terms refer to registers
@@ -175259,194 +176868,203 @@ static YYACTIONTYPE yy_reduce(
     assert( t.n>=2 );
     if( pParse->nested==0 ){
       sqlite3ErrorMsg(pParse, "near \"%T\": syntax error", &t);
-      yymsp[0].minor.yy528 = 0;
+      yymsp[0].minor.yy454 = 0;
     }else{
-      yymsp[0].minor.yy528 = sqlite3PExpr(pParse, TK_REGISTER, 0, 0);
-      if( yymsp[0].minor.yy528 ) sqlite3GetInt32(&t.z[1], &yymsp[0].minor.yy528->iTable);
+      yymsp[0].minor.yy454 = sqlite3PExpr(pParse, TK_REGISTER, 0, 0);
+      if( yymsp[0].minor.yy454 ) sqlite3GetInt32(&t.z[1], &yymsp[0].minor.yy454->iTable);
     }
   }
 }
         break;
-      case 185: /* expr ::= expr COLLATE ID|STRING */
+      case 187: /* expr ::= expr COLLATE ID|STRING */
 {
-  yymsp[-2].minor.yy528 = sqlite3ExprAddCollateToken(pParse, yymsp[-2].minor.yy528, &yymsp[0].minor.yy0, 1);
+  yymsp[-2].minor.yy454 = sqlite3ExprAddCollateToken(pParse, yymsp[-2].minor.yy454, &yymsp[0].minor.yy0, 1);
 }
         break;
-      case 186: /* expr ::= CAST LP expr AS typetoken RP */
+      case 188: /* expr ::= CAST LP expr AS typetoken RP */
 {
-  yymsp[-5].minor.yy528 = sqlite3ExprAlloc(pParse->db, TK_CAST, &yymsp[-1].minor.yy0, 1);
-  sqlite3ExprAttachSubtrees(pParse->db, yymsp[-5].minor.yy528, yymsp[-3].minor.yy528, 0);
+  yymsp[-5].minor.yy454 = sqlite3ExprAlloc(pParse->db, TK_CAST, &yymsp[-1].minor.yy0, 1);
+  sqlite3ExprAttachSubtrees(pParse->db, yymsp[-5].minor.yy454, yymsp[-3].minor.yy454, 0);
 }
         break;
-      case 187: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
+      case 189: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
 {
-  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-1].minor.yy322, &yymsp[-4].minor.yy0, yymsp[-2].minor.yy394);
+  yylhsminor.yy454 = sqlite3ExprFunction(pParse, yymsp[-1].minor.yy14, &yymsp[-4].minor.yy0, yymsp[-2].minor.yy144);
 }
-  yymsp[-4].minor.yy528 = yylhsminor.yy528;
+  yymsp[-4].minor.yy454 = yylhsminor.yy454;
         break;
-      case 188: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
+      case 190: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
 {
-  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-4].minor.yy322, &yymsp[-7].minor.yy0, yymsp[-5].minor.yy394);
-  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy528, yymsp[-1].minor.yy322);
+  yylhsminor.yy454 = sqlite3ExprFunction(pParse, yymsp[-4].minor.yy14, &yymsp[-7].minor.yy0, yymsp[-5].minor.yy144);
+  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy454, yymsp[-1].minor.yy14);
 }
-  yymsp[-7].minor.yy528 = yylhsminor.yy528;
+  yymsp[-7].minor.yy454 = yylhsminor.yy454;
         break;
-      case 189: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+      case 191: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
 {
-  yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[-3].minor.yy0, 0);
+  yylhsminor.yy454 = sqlite3ExprFunction(pParse, 0, &yymsp[-3].minor.yy0, 0);
 }
-  yymsp[-3].minor.yy528 = yylhsminor.yy528;
+  yymsp[-3].minor.yy454 = yylhsminor.yy454;
         break;
-      case 190: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+      case 192: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
 {
-  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-2].minor.yy322, &yymsp[-5].minor.yy0, yymsp[-3].minor.yy394);
-  sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
+  yylhsminor.yy454 = sqlite3ExprFunction(pParse, yymsp[-2].minor.yy14, &yymsp[-5].minor.yy0, yymsp[-3].minor.yy144);
+  sqlite3WindowAttach(pParse, yylhsminor.yy454, yymsp[0].minor.yy211);
 }
-  yymsp[-5].minor.yy528 = yylhsminor.yy528;
+  yymsp[-5].minor.yy454 = yylhsminor.yy454;
         break;
-      case 191: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
+      case 193: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
 {
-  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-5].minor.yy322, &yymsp[-8].minor.yy0, yymsp[-6].minor.yy394);
-  sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
-  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy528, yymsp[-2].minor.yy322);
+  yylhsminor.yy454 = sqlite3ExprFunction(pParse, yymsp[-5].minor.yy14, &yymsp[-8].minor.yy0, yymsp[-6].minor.yy144);
+  sqlite3WindowAttach(pParse, yylhsminor.yy454, yymsp[0].minor.yy211);
+  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy454, yymsp[-2].minor.yy14);
 }
-  yymsp[-8].minor.yy528 = yylhsminor.yy528;
+  yymsp[-8].minor.yy454 = yylhsminor.yy454;
         break;
-      case 192: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+      case 194: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
 {
-  yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[-4].minor.yy0, 0);
-  sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
+  yylhsminor.yy454 = sqlite3ExprFunction(pParse, 0, &yymsp[-4].minor.yy0, 0);
+  sqlite3WindowAttach(pParse, yylhsminor.yy454, yymsp[0].minor.yy211);
 }
-  yymsp[-4].minor.yy528 = yylhsminor.yy528;
+  yymsp[-4].minor.yy454 = yylhsminor.yy454;
         break;
-      case 193: /* term ::= CTIME_KW */
+      case 195: /* term ::= CTIME_KW */
 {
-  yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[0].minor.yy0, 0);
+  yylhsminor.yy454 = sqlite3ExprFunction(pParse, 0, &yymsp[0].minor.yy0, 0);
 }
-  yymsp[0].minor.yy528 = yylhsminor.yy528;
+  yymsp[0].minor.yy454 = yylhsminor.yy454;
         break;
-      case 194: /* expr ::= LP nexprlist COMMA expr RP */
+      case 196: /* expr ::= LP nexprlist COMMA expr RP */
 {
-  ExprList *pList = sqlite3ExprListAppend(pParse, yymsp[-3].minor.yy322, yymsp[-1].minor.yy528);
-  yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_VECTOR, 0, 0);
-  if( yymsp[-4].minor.yy528 ){
-    yymsp[-4].minor.yy528->x.pList = pList;
+  ExprList *pList = sqlite3ExprListAppend(pParse, yymsp[-3].minor.yy14, yymsp[-1].minor.yy454);
+  yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_VECTOR, 0, 0);
+  if( yymsp[-4].minor.yy454 ){
+    yymsp[-4].minor.yy454->x.pList = pList;
     if( ALWAYS(pList->nExpr) ){
-      yymsp[-4].minor.yy528->flags |= pList->a[0].pExpr->flags & EP_Propagate;
+      yymsp[-4].minor.yy454->flags |= pList->a[0].pExpr->flags & EP_Propagate;
     }
   }else{
     sqlite3ExprListDelete(pParse->db, pList);
   }
 }
         break;
-      case 195: /* expr ::= expr AND expr */
-{yymsp[-2].minor.yy528=sqlite3ExprAnd(pParse,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
+      case 197: /* expr ::= expr AND expr */
+{yymsp[-2].minor.yy454=sqlite3ExprAnd(pParse,yymsp[-2].minor.yy454,yymsp[0].minor.yy454);}
         break;
-      case 196: /* expr ::= expr OR expr */
-      case 197: /* expr ::= expr LT|GT|GE|LE expr */ yytestcase(yyruleno==197);
-      case 198: /* expr ::= expr EQ|NE expr */ yytestcase(yyruleno==198);
-      case 199: /* expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */ yytestcase(yyruleno==199);
-      case 200: /* expr ::= expr PLUS|MINUS expr */ yytestcase(yyruleno==200);
-      case 201: /* expr ::= expr STAR|SLASH|REM expr */ yytestcase(yyruleno==201);
-      case 202: /* expr ::= expr CONCAT expr */ yytestcase(yyruleno==202);
-{yymsp[-2].minor.yy528=sqlite3PExpr(pParse,yymsp[-1].major,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
+      case 198: /* expr ::= expr OR expr */
+      case 199: /* expr ::= expr LT|GT|GE|LE expr */ yytestcase(yyruleno==199);
+      case 200: /* expr ::= expr EQ|NE expr */ yytestcase(yyruleno==200);
+      case 201: /* expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */ yytestcase(yyruleno==201);
+      case 202: /* expr ::= expr PLUS|MINUS expr */ yytestcase(yyruleno==202);
+      case 203: /* expr ::= expr STAR|SLASH|REM expr */ yytestcase(yyruleno==203);
+      case 204: /* expr ::= expr CONCAT expr */ yytestcase(yyruleno==204);
+{yymsp[-2].minor.yy454=sqlite3PExpr(pParse,yymsp[-1].major,yymsp[-2].minor.yy454,yymsp[0].minor.yy454);}
         break;
-      case 203: /* likeop ::= NOT LIKE_KW|MATCH */
+      case 205: /* likeop ::= NOT LIKE_KW|MATCH */
 {yymsp[-1].minor.yy0=yymsp[0].minor.yy0; yymsp[-1].minor.yy0.n|=0x80000000; /*yymsp[-1].minor.yy0-overwrite-yymsp[0].minor.yy0*/}
         break;
-      case 204: /* expr ::= expr likeop expr */
+      case 206: /* expr ::= expr likeop expr */
 {
   ExprList *pList;
   int bNot = yymsp[-1].minor.yy0.n & 0x80000000;
   yymsp[-1].minor.yy0.n &= 0x7fffffff;
-  pList = sqlite3ExprListAppend(pParse,0, yymsp[0].minor.yy528);
-  pList = sqlite3ExprListAppend(pParse,pList, yymsp[-2].minor.yy528);
-  yymsp[-2].minor.yy528 = sqlite3ExprFunction(pParse, pList, &yymsp[-1].minor.yy0, 0);
-  if( bNot ) yymsp[-2].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-2].minor.yy528, 0);
-  if( yymsp[-2].minor.yy528 ) yymsp[-2].minor.yy528->flags |= EP_InfixFunc;
+  pList = sqlite3ExprListAppend(pParse,0, yymsp[0].minor.yy454);
+  pList = sqlite3ExprListAppend(pParse,pList, yymsp[-2].minor.yy454);
+  yymsp[-2].minor.yy454 = sqlite3ExprFunction(pParse, pList, &yymsp[-1].minor.yy0, 0);
+  if( bNot ) yymsp[-2].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-2].minor.yy454, 0);
+  if( yymsp[-2].minor.yy454 ) yymsp[-2].minor.yy454->flags |= EP_InfixFunc;
 }
         break;
-      case 205: /* expr ::= expr likeop expr ESCAPE expr */
+      case 207: /* expr ::= expr likeop expr ESCAPE expr */
 {
   ExprList *pList;
   int bNot = yymsp[-3].minor.yy0.n & 0x80000000;
   yymsp[-3].minor.yy0.n &= 0x7fffffff;
-  pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
-  pList = sqlite3ExprListAppend(pParse,pList, yymsp[-4].minor.yy528);
-  pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy528);
-  yymsp[-4].minor.yy528 = sqlite3ExprFunction(pParse, pList, &yymsp[-3].minor.yy0, 0);
-  if( bNot ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
-  if( yymsp[-4].minor.yy528 ) yymsp[-4].minor.yy528->flags |= EP_InfixFunc;
+  pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy454);
+  pList = sqlite3ExprListAppend(pParse,pList, yymsp[-4].minor.yy454);
+  pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy454);
+  yymsp[-4].minor.yy454 = sqlite3ExprFunction(pParse, pList, &yymsp[-3].minor.yy0, 0);
+  if( bNot ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
+  if( yymsp[-4].minor.yy454 ) yymsp[-4].minor.yy454->flags |= EP_InfixFunc;
 }
         break;
-      case 206: /* expr ::= expr ISNULL|NOTNULL */
-{yymsp[-1].minor.yy528 = sqlite3PExpr(pParse,yymsp[0].major,yymsp[-1].minor.yy528,0);}
+      case 208: /* expr ::= expr ISNULL|NOTNULL */
+{yymsp[-1].minor.yy454 = sqlite3PExpr(pParse,yymsp[0].major,yymsp[-1].minor.yy454,0);}
         break;
-      case 207: /* expr ::= expr NOT NULL */
-{yymsp[-2].minor.yy528 = sqlite3PExpr(pParse,TK_NOTNULL,yymsp[-2].minor.yy528,0);}
+      case 209: /* expr ::= expr NOT NULL */
+{yymsp[-2].minor.yy454 = sqlite3PExpr(pParse,TK_NOTNULL,yymsp[-2].minor.yy454,0);}
         break;
-      case 208: /* expr ::= expr IS expr */
+      case 210: /* expr ::= expr IS expr */
 {
-  yymsp[-2].minor.yy528 = sqlite3PExpr(pParse,TK_IS,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);
-  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-2].minor.yy528, TK_ISNULL);
+  yymsp[-2].minor.yy454 = sqlite3PExpr(pParse,TK_IS,yymsp[-2].minor.yy454,yymsp[0].minor.yy454);
+  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy454, yymsp[-2].minor.yy454, TK_ISNULL);
 }
         break;
-      case 209: /* expr ::= expr IS NOT expr */
+      case 211: /* expr ::= expr IS NOT expr */
 {
-  yymsp[-3].minor.yy528 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-3].minor.yy528,yymsp[0].minor.yy528);
-  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-3].minor.yy528, TK_NOTNULL);
+  yymsp[-3].minor.yy454 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-3].minor.yy454,yymsp[0].minor.yy454);
+  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy454, yymsp[-3].minor.yy454, TK_NOTNULL);
 }
         break;
-      case 210: /* expr ::= expr IS NOT DISTINCT FROM expr */
+      case 212: /* expr ::= expr IS NOT DISTINCT FROM expr */
 {
-  yymsp[-5].minor.yy528 = sqlite3PExpr(pParse,TK_IS,yymsp[-5].minor.yy528,yymsp[0].minor.yy528);
-  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-5].minor.yy528, TK_ISNULL);
+  yymsp[-5].minor.yy454 = sqlite3PExpr(pParse,TK_IS,yymsp[-5].minor.yy454,yymsp[0].minor.yy454);
+  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy454, yymsp[-5].minor.yy454, TK_ISNULL);
 }
         break;
-      case 211: /* expr ::= expr IS DISTINCT FROM expr */
+      case 213: /* expr ::= expr IS DISTINCT FROM expr */
 {
-  yymsp[-4].minor.yy528 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-4].minor.yy528,yymsp[0].minor.yy528);
-  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-4].minor.yy528, TK_NOTNULL);
+  yymsp[-4].minor.yy454 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-4].minor.yy454,yymsp[0].minor.yy454);
+  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy454, yymsp[-4].minor.yy454, TK_NOTNULL);
 }
         break;
-      case 212: /* expr ::= NOT expr */
-      case 213: /* expr ::= BITNOT expr */ yytestcase(yyruleno==213);
-{yymsp[-1].minor.yy528 = sqlite3PExpr(pParse, yymsp[-1].major, yymsp[0].minor.yy528, 0);/*A-overwrites-B*/}
+      case 214: /* expr ::= NOT expr */
+      case 215: /* expr ::= BITNOT expr */ yytestcase(yyruleno==215);
+{yymsp[-1].minor.yy454 = sqlite3PExpr(pParse, yymsp[-1].major, yymsp[0].minor.yy454, 0);/*A-overwrites-B*/}
         break;
-      case 214: /* expr ::= PLUS|MINUS expr */
+      case 216: /* expr ::= PLUS|MINUS expr */
 {
-  yymsp[-1].minor.yy528 = sqlite3PExpr(pParse, yymsp[-1].major==TK_PLUS ? TK_UPLUS : TK_UMINUS, yymsp[0].minor.yy528, 0);
-  /*A-overwrites-B*/
+  Expr *p = yymsp[0].minor.yy454;
+  u8 op = yymsp[-1].major + (TK_UPLUS-TK_PLUS);
+  assert( TK_UPLUS>TK_PLUS );
+  assert( TK_UMINUS == TK_MINUS + (TK_UPLUS - TK_PLUS) );
+  if( p && p->op==TK_UPLUS ){
+    p->op = op;
+    yymsp[-1].minor.yy454 = p;
+  }else{
+    yymsp[-1].minor.yy454 = sqlite3PExpr(pParse, op, p, 0);
+    /*A-overwrites-B*/
+  }
 }
         break;
-      case 215: /* expr ::= expr PTR expr */
+      case 217: /* expr ::= expr PTR expr */
 {
-  ExprList *pList = sqlite3ExprListAppend(pParse, 0, yymsp[-2].minor.yy528);
-  pList = sqlite3ExprListAppend(pParse, pList, yymsp[0].minor.yy528);
-  yylhsminor.yy528 = sqlite3ExprFunction(pParse, pList, &yymsp[-1].minor.yy0, 0);
+  ExprList *pList = sqlite3ExprListAppend(pParse, 0, yymsp[-2].minor.yy454);
+  pList = sqlite3ExprListAppend(pParse, pList, yymsp[0].minor.yy454);
+  yylhsminor.yy454 = sqlite3ExprFunction(pParse, pList, &yymsp[-1].minor.yy0, 0);
 }
-  yymsp[-2].minor.yy528 = yylhsminor.yy528;
+  yymsp[-2].minor.yy454 = yylhsminor.yy454;
         break;
-      case 216: /* between_op ::= BETWEEN */
-      case 219: /* in_op ::= IN */ yytestcase(yyruleno==219);
-{yymsp[0].minor.yy394 = 0;}
+      case 218: /* between_op ::= BETWEEN */
+      case 221: /* in_op ::= IN */ yytestcase(yyruleno==221);
+{yymsp[0].minor.yy144 = 0;}
         break;
-      case 218: /* expr ::= expr between_op expr AND expr */
+      case 220: /* expr ::= expr between_op expr AND expr */
 {
-  ExprList *pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
-  pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy528);
-  yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_BETWEEN, yymsp[-4].minor.yy528, 0);
-  if( yymsp[-4].minor.yy528 ){
-    yymsp[-4].minor.yy528->x.pList = pList;
+  ExprList *pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy454);
+  pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy454);
+  yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_BETWEEN, yymsp[-4].minor.yy454, 0);
+  if( yymsp[-4].minor.yy454 ){
+    yymsp[-4].minor.yy454->x.pList = pList;
   }else{
     sqlite3ExprListDelete(pParse->db, pList);
   }
-  if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
+  if( yymsp[-3].minor.yy144 ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
 }
         break;
-      case 221: /* expr ::= expr in_op LP exprlist RP */
+      case 223: /* expr ::= expr in_op LP exprlist RP */
 {
-    if( yymsp[-1].minor.yy322==0 ){
+    if( yymsp[-1].minor.yy14==0 ){
       /* Expressions of the form
       **
       **      expr1 IN ()
@@ -175455,208 +177073,208 @@ static YYACTIONTYPE yy_reduce(
       ** simplify to constants 0 (false) and 1 (true), respectively,
       ** regardless of the value of expr1.
       */
-      sqlite3ExprUnmapAndDelete(pParse, yymsp[-4].minor.yy528);
-      yymsp[-4].minor.yy528 = sqlite3Expr(pParse->db, TK_STRING, yymsp[-3].minor.yy394 ? "true" : "false");
-      if( yymsp[-4].minor.yy528 ) sqlite3ExprIdToTrueFalse(yymsp[-4].minor.yy528);
-    }else{
-      Expr *pRHS = yymsp[-1].minor.yy322->a[0].pExpr;
-      if( yymsp[-1].minor.yy322->nExpr==1 && sqlite3ExprIsConstant(pRHS) && yymsp[-4].minor.yy528->op!=TK_VECTOR ){
-        yymsp[-1].minor.yy322->a[0].pExpr = 0;
-        sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
+      sqlite3ExprUnmapAndDelete(pParse, yymsp[-4].minor.yy454);
+      yymsp[-4].minor.yy454 = sqlite3Expr(pParse->db, TK_STRING, yymsp[-3].minor.yy144 ? "true" : "false");
+      if( yymsp[-4].minor.yy454 ) sqlite3ExprIdToTrueFalse(yymsp[-4].minor.yy454);
+    }else{
+      Expr *pRHS = yymsp[-1].minor.yy14->a[0].pExpr;
+      if( yymsp[-1].minor.yy14->nExpr==1 && sqlite3ExprIsConstant(pParse,pRHS) && yymsp[-4].minor.yy454->op!=TK_VECTOR ){
+        yymsp[-1].minor.yy14->a[0].pExpr = 0;
+        sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy14);
         pRHS = sqlite3PExpr(pParse, TK_UPLUS, pRHS, 0);
-        yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_EQ, yymsp[-4].minor.yy528, pRHS);
-      }else if( yymsp[-1].minor.yy322->nExpr==1 && pRHS->op==TK_SELECT ){
-        yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
-        sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, pRHS->x.pSelect);
+        yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_EQ, yymsp[-4].minor.yy454, pRHS);
+      }else if( yymsp[-1].minor.yy14->nExpr==1 && pRHS->op==TK_SELECT ){
+        yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy454, 0);
+        sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy454, pRHS->x.pSelect);
         pRHS->x.pSelect = 0;
-        sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
-      }else{
-        yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
-        if( yymsp[-4].minor.yy528==0 ){
-          sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
-        }else if( yymsp[-4].minor.yy528->pLeft->op==TK_VECTOR ){
-          int nExpr = yymsp[-4].minor.yy528->pLeft->x.pList->nExpr;
-          Select *pSelectRHS = sqlite3ExprListToValues(pParse, nExpr, yymsp[-1].minor.yy322);
+        sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy14);
+      }else{
+        yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy454, 0);
+        if( yymsp[-4].minor.yy454==0 ){
+          sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy14);
+        }else if( yymsp[-4].minor.yy454->pLeft->op==TK_VECTOR ){
+          int nExpr = yymsp[-4].minor.yy454->pLeft->x.pList->nExpr;
+          Select *pSelectRHS = sqlite3ExprListToValues(pParse, nExpr, yymsp[-1].minor.yy14);
           if( pSelectRHS ){
             parserDoubleLinkSelect(pParse, pSelectRHS);
-            sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, pSelectRHS);
+            sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy454, pSelectRHS);
           }
         }else{
-          yymsp[-4].minor.yy528->x.pList = yymsp[-1].minor.yy322;
-          sqlite3ExprSetHeightAndFlags(pParse, yymsp[-4].minor.yy528);
+          yymsp[-4].minor.yy454->x.pList = yymsp[-1].minor.yy14;
+          sqlite3ExprSetHeightAndFlags(pParse, yymsp[-4].minor.yy454);
         }
       }
-      if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
+      if( yymsp[-3].minor.yy144 ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
     }
   }
         break;
-      case 222: /* expr ::= LP select RP */
+      case 224: /* expr ::= LP select RP */
 {
-    yymsp[-2].minor.yy528 = sqlite3PExpr(pParse, TK_SELECT, 0, 0);
-    sqlite3PExprAddSelect(pParse, yymsp[-2].minor.yy528, yymsp[-1].minor.yy47);
+    yymsp[-2].minor.yy454 = sqlite3PExpr(pParse, TK_SELECT, 0, 0);
+    sqlite3PExprAddSelect(pParse, yymsp[-2].minor.yy454, yymsp[-1].minor.yy555);
   }
         break;
-      case 223: /* expr ::= expr in_op LP select RP */
+      case 225: /* expr ::= expr in_op LP select RP */
 {
-    yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
-    sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, yymsp[-1].minor.yy47);
-    if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
+    yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy454, 0);
+    sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy454, yymsp[-1].minor.yy555);
+    if( yymsp[-3].minor.yy144 ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
   }
         break;
-      case 224: /* expr ::= expr in_op nm dbnm paren_exprlist */
+      case 226: /* expr ::= expr in_op nm dbnm paren_exprlist */
 {
     SrcList *pSrc = sqlite3SrcListAppend(pParse, 0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0);
     Select *pSelect = sqlite3SelectNew(pParse, 0,pSrc,0,0,0,0,0,0);
-    if( yymsp[0].minor.yy322 )  sqlite3SrcListFuncArgs(pParse, pSelect ? pSrc : 0, yymsp[0].minor.yy322);
-    yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
-    sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, pSelect);
-    if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
+    if( yymsp[0].minor.yy14 )  sqlite3SrcListFuncArgs(pParse, pSelect ? pSrc : 0, yymsp[0].minor.yy14);
+    yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy454, 0);
+    sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy454, pSelect);
+    if( yymsp[-3].minor.yy144 ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
   }
         break;
-      case 225: /* expr ::= EXISTS LP select RP */
+      case 227: /* expr ::= EXISTS LP select RP */
 {
     Expr *p;
-    p = yymsp[-3].minor.yy528 = sqlite3PExpr(pParse, TK_EXISTS, 0, 0);
-    sqlite3PExprAddSelect(pParse, p, yymsp[-1].minor.yy47);
+    p = yymsp[-3].minor.yy454 = sqlite3PExpr(pParse, TK_EXISTS, 0, 0);
+    sqlite3PExprAddSelect(pParse, p, yymsp[-1].minor.yy555);
   }
         break;
-      case 226: /* expr ::= CASE case_operand case_exprlist case_else END */
+      case 228: /* expr ::= CASE case_operand case_exprlist case_else END */
 {
-  yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_CASE, yymsp[-3].minor.yy528, 0);
-  if( yymsp[-4].minor.yy528 ){
-    yymsp[-4].minor.yy528->x.pList = yymsp[-1].minor.yy528 ? sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy322,yymsp[-1].minor.yy528) : yymsp[-2].minor.yy322;
-    sqlite3ExprSetHeightAndFlags(pParse, yymsp[-4].minor.yy528);
+  yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_CASE, yymsp[-3].minor.yy454, 0);
+  if( yymsp[-4].minor.yy454 ){
+    yymsp[-4].minor.yy454->x.pList = yymsp[-1].minor.yy454 ? sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy14,yymsp[-1].minor.yy454) : yymsp[-2].minor.yy14;
+    sqlite3ExprSetHeightAndFlags(pParse, yymsp[-4].minor.yy454);
   }else{
-    sqlite3ExprListDelete(pParse->db, yymsp[-2].minor.yy322);
-    sqlite3ExprDelete(pParse->db, yymsp[-1].minor.yy528);
+    sqlite3ExprListDelete(pParse->db, yymsp[-2].minor.yy14);
+    sqlite3ExprDelete(pParse->db, yymsp[-1].minor.yy454);
   }
 }
         break;
-      case 227: /* case_exprlist ::= case_exprlist WHEN expr THEN expr */
+      case 229: /* case_exprlist ::= case_exprlist WHEN expr THEN expr */
 {
-  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, yymsp[-2].minor.yy528);
-  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, yymsp[0].minor.yy528);
+  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy14, yymsp[-2].minor.yy454);
+  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy14, yymsp[0].minor.yy454);
 }
         break;
-      case 228: /* case_exprlist ::= WHEN expr THEN expr */
+      case 230: /* case_exprlist ::= WHEN expr THEN expr */
 {
-  yymsp[-3].minor.yy322 = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
-  yymsp[-3].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-3].minor.yy322, yymsp[0].minor.yy528);
+  yymsp[-3].minor.yy14 = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy454);
+  yymsp[-3].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-3].minor.yy14, yymsp[0].minor.yy454);
 }
         break;
-      case 233: /* nexprlist ::= nexprlist COMMA expr */
-{yymsp[-2].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy322,yymsp[0].minor.yy528);}
+      case 235: /* nexprlist ::= nexprlist COMMA expr */
+{yymsp[-2].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy14,yymsp[0].minor.yy454);}
         break;
-      case 234: /* nexprlist ::= expr */
-{yymsp[0].minor.yy322 = sqlite3ExprListAppend(pParse,0,yymsp[0].minor.yy528); /*A-overwrites-Y*/}
+      case 236: /* nexprlist ::= expr */
+{yymsp[0].minor.yy14 = sqlite3ExprListAppend(pParse,0,yymsp[0].minor.yy454); /*A-overwrites-Y*/}
         break;
-      case 236: /* paren_exprlist ::= LP exprlist RP */
-      case 241: /* eidlist_opt ::= LP eidlist RP */ yytestcase(yyruleno==241);
-{yymsp[-2].minor.yy322 = yymsp[-1].minor.yy322;}
+      case 238: /* paren_exprlist ::= LP exprlist RP */
+      case 243: /* eidlist_opt ::= LP eidlist RP */ yytestcase(yyruleno==243);
+{yymsp[-2].minor.yy14 = yymsp[-1].minor.yy14;}
         break;
-      case 237: /* cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+      case 239: /* cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
 {
   sqlite3CreateIndex(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0,
-                     sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,0), yymsp[-2].minor.yy322, yymsp[-10].minor.yy394,
-                      &yymsp[-11].minor.yy0, yymsp[0].minor.yy528, SQLITE_SO_ASC, yymsp[-8].minor.yy394, SQLITE_IDXTYPE_APPDEF);
+                     sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,0), yymsp[-2].minor.yy14, yymsp[-10].minor.yy144,
+                      &yymsp[-11].minor.yy0, yymsp[0].minor.yy454, SQLITE_SO_ASC, yymsp[-8].minor.yy144, SQLITE_IDXTYPE_APPDEF);
   if( IN_RENAME_OBJECT && pParse->pNewIndex ){
     sqlite3RenameTokenMap(pParse, pParse->pNewIndex->zName, &yymsp[-4].minor.yy0);
   }
 }
         break;
-      case 238: /* uniqueflag ::= UNIQUE */
-      case 280: /* raisetype ::= ABORT */ yytestcase(yyruleno==280);
-{yymsp[0].minor.yy394 = OE_Abort;}
+      case 240: /* uniqueflag ::= UNIQUE */
+      case 282: /* raisetype ::= ABORT */ yytestcase(yyruleno==282);
+{yymsp[0].minor.yy144 = OE_Abort;}
         break;
-      case 239: /* uniqueflag ::= */
-{yymsp[1].minor.yy394 = OE_None;}
+      case 241: /* uniqueflag ::= */
+{yymsp[1].minor.yy144 = OE_None;}
         break;
-      case 242: /* eidlist ::= eidlist COMMA nm collate sortorder */
+      case 244: /* eidlist ::= eidlist COMMA nm collate sortorder */
 {
-  yymsp[-4].minor.yy322 = parserAddExprIdListTerm(pParse, yymsp[-4].minor.yy322, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy394, yymsp[0].minor.yy394);
+  yymsp[-4].minor.yy14 = parserAddExprIdListTerm(pParse, yymsp[-4].minor.yy14, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy144, yymsp[0].minor.yy144);
 }
         break;
-      case 243: /* eidlist ::= nm collate sortorder */
+      case 245: /* eidlist ::= nm collate sortorder */
 {
-  yymsp[-2].minor.yy322 = parserAddExprIdListTerm(pParse, 0, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy394, yymsp[0].minor.yy394); /*A-overwrites-Y*/
+  yymsp[-2].minor.yy14 = parserAddExprIdListTerm(pParse, 0, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy144, yymsp[0].minor.yy144); /*A-overwrites-Y*/
 }
         break;
-      case 246: /* cmd ::= DROP INDEX ifexists fullname */
-{sqlite3DropIndex(pParse, yymsp[0].minor.yy131, yymsp[-1].minor.yy394);}
+      case 248: /* cmd ::= DROP INDEX ifexists fullname */
+{sqlite3DropIndex(pParse, yymsp[0].minor.yy203, yymsp[-1].minor.yy144);}
         break;
-      case 247: /* cmd ::= VACUUM vinto */
-{sqlite3Vacuum(pParse,0,yymsp[0].minor.yy528);}
+      case 249: /* cmd ::= VACUUM vinto */
+{sqlite3Vacuum(pParse,0,yymsp[0].minor.yy454);}
         break;
-      case 248: /* cmd ::= VACUUM nm vinto */
-{sqlite3Vacuum(pParse,&yymsp[-1].minor.yy0,yymsp[0].minor.yy528);}
+      case 250: /* cmd ::= VACUUM nm vinto */
+{sqlite3Vacuum(pParse,&yymsp[-1].minor.yy0,yymsp[0].minor.yy454);}
         break;
-      case 251: /* cmd ::= PRAGMA nm dbnm */
+      case 253: /* cmd ::= PRAGMA nm dbnm */
 {sqlite3Pragma(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,0,0);}
         break;
-      case 252: /* cmd ::= PRAGMA nm dbnm EQ nmnum */
+      case 254: /* cmd ::= PRAGMA nm dbnm EQ nmnum */
 {sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,0);}
         break;
-      case 253: /* cmd ::= PRAGMA nm dbnm LP nmnum RP */
+      case 255: /* cmd ::= PRAGMA nm dbnm LP nmnum RP */
 {sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,0);}
         break;
-      case 254: /* cmd ::= PRAGMA nm dbnm EQ minus_num */
+      case 256: /* cmd ::= PRAGMA nm dbnm EQ minus_num */
 {sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,1);}
         break;
-      case 255: /* cmd ::= PRAGMA nm dbnm LP minus_num RP */
+      case 257: /* cmd ::= PRAGMA nm dbnm LP minus_num RP */
 {sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,1);}
         break;
-      case 258: /* cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+      case 260: /* cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
 {
   Token all;
   all.z = yymsp[-3].minor.yy0.z;
   all.n = (int)(yymsp[0].minor.yy0.z - yymsp[-3].minor.yy0.z) + yymsp[0].minor.yy0.n;
-  sqlite3FinishTrigger(pParse, yymsp[-1].minor.yy33, &all);
+  sqlite3FinishTrigger(pParse, yymsp[-1].minor.yy427, &all);
 }
         break;
-      case 259: /* trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+      case 261: /* trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
 {
-  sqlite3BeginTrigger(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0, yymsp[-5].minor.yy394, yymsp[-4].minor.yy180.a, yymsp[-4].minor.yy180.b, yymsp[-2].minor.yy131, yymsp[0].minor.yy528, yymsp[-10].minor.yy394, yymsp[-8].minor.yy394);
+  sqlite3BeginTrigger(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0, yymsp[-5].minor.yy144, yymsp[-4].minor.yy286.a, yymsp[-4].minor.yy286.b, yymsp[-2].minor.yy203, yymsp[0].minor.yy454, yymsp[-10].minor.yy144, yymsp[-8].minor.yy144);
   yymsp[-10].minor.yy0 = (yymsp[-6].minor.yy0.n==0?yymsp[-7].minor.yy0:yymsp[-6].minor.yy0); /*A-overwrites-T*/
 }
         break;
-      case 260: /* trigger_time ::= BEFORE|AFTER */
-{ yymsp[0].minor.yy394 = yymsp[0].major; /*A-overwrites-X*/ }
+      case 262: /* trigger_time ::= BEFORE|AFTER */
+{ yymsp[0].minor.yy144 = yymsp[0].major; /*A-overwrites-X*/ }
         break;
-      case 261: /* trigger_time ::= INSTEAD OF */
-{ yymsp[-1].minor.yy394 = TK_INSTEAD;}
+      case 263: /* trigger_time ::= INSTEAD OF */
+{ yymsp[-1].minor.yy144 = TK_INSTEAD;}
         break;
-      case 262: /* trigger_time ::= */
-{ yymsp[1].minor.yy394 = TK_BEFORE; }
+      case 264: /* trigger_time ::= */
+{ yymsp[1].minor.yy144 = TK_BEFORE; }
         break;
-      case 263: /* trigger_event ::= DELETE|INSERT */
-      case 264: /* trigger_event ::= UPDATE */ yytestcase(yyruleno==264);
-{yymsp[0].minor.yy180.a = yymsp[0].major; /*A-overwrites-X*/ yymsp[0].minor.yy180.b = 0;}
+      case 265: /* trigger_event ::= DELETE|INSERT */
+      case 266: /* trigger_event ::= UPDATE */ yytestcase(yyruleno==266);
+{yymsp[0].minor.yy286.a = yymsp[0].major; /*A-overwrites-X*/ yymsp[0].minor.yy286.b = 0;}
         break;
-      case 265: /* trigger_event ::= UPDATE OF idlist */
-{yymsp[-2].minor.yy180.a = TK_UPDATE; yymsp[-2].minor.yy180.b = yymsp[0].minor.yy254;}
+      case 267: /* trigger_event ::= UPDATE OF idlist */
+{yymsp[-2].minor.yy286.a = TK_UPDATE; yymsp[-2].minor.yy286.b = yymsp[0].minor.yy132;}
         break;
-      case 266: /* when_clause ::= */
-      case 285: /* key_opt ::= */ yytestcase(yyruleno==285);
-{ yymsp[1].minor.yy528 = 0; }
+      case 268: /* when_clause ::= */
+      case 287: /* key_opt ::= */ yytestcase(yyruleno==287);
+{ yymsp[1].minor.yy454 = 0; }
         break;
-      case 267: /* when_clause ::= WHEN expr */
-      case 286: /* key_opt ::= KEY expr */ yytestcase(yyruleno==286);
-{ yymsp[-1].minor.yy528 = yymsp[0].minor.yy528; }
+      case 269: /* when_clause ::= WHEN expr */
+      case 288: /* key_opt ::= KEY expr */ yytestcase(yyruleno==288);
+{ yymsp[-1].minor.yy454 = yymsp[0].minor.yy454; }
         break;
-      case 268: /* trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+      case 270: /* trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
 {
-  assert( yymsp[-2].minor.yy33!=0 );
-  yymsp[-2].minor.yy33->pLast->pNext = yymsp[-1].minor.yy33;
-  yymsp[-2].minor.yy33->pLast = yymsp[-1].minor.yy33;
+  assert( yymsp[-2].minor.yy427!=0 );
+  yymsp[-2].minor.yy427->pLast->pNext = yymsp[-1].minor.yy427;
+  yymsp[-2].minor.yy427->pLast = yymsp[-1].minor.yy427;
 }
         break;
-      case 269: /* trigger_cmd_list ::= trigger_cmd SEMI */
+      case 271: /* trigger_cmd_list ::= trigger_cmd SEMI */
 {
-  assert( yymsp[-1].minor.yy33!=0 );
-  yymsp[-1].minor.yy33->pLast = yymsp[-1].minor.yy33;
+  assert( yymsp[-1].minor.yy427!=0 );
+  yymsp[-1].minor.yy427->pLast = yymsp[-1].minor.yy427;
 }
         break;
-      case 270: /* trnm ::= nm DOT nm */
+      case 272: /* trnm ::= nm DOT nm */
 {
   yymsp[-2].minor.yy0 = yymsp[0].minor.yy0;
   sqlite3ErrorMsg(pParse,
@@ -175664,367 +177282,377 @@ static YYACTIONTYPE yy_reduce(
         "statements within triggers");
 }
         break;
-      case 271: /* tridxby ::= INDEXED BY nm */
+      case 273: /* tridxby ::= INDEXED BY nm */
 {
   sqlite3ErrorMsg(pParse,
         "the INDEXED BY clause is not allowed on UPDATE or DELETE statements "
         "within triggers");
 }
         break;
-      case 272: /* tridxby ::= NOT INDEXED */
+      case 274: /* tridxby ::= NOT INDEXED */
 {
   sqlite3ErrorMsg(pParse,
         "the NOT INDEXED clause is not allowed on UPDATE or DELETE statements "
         "within triggers");
 }
         break;
-      case 273: /* trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-{yylhsminor.yy33 = sqlite3TriggerUpdateStep(pParse, &yymsp[-6].minor.yy0, yymsp[-2].minor.yy131, yymsp[-3].minor.yy322, yymsp[-1].minor.yy528, yymsp[-7].minor.yy394, yymsp[-8].minor.yy0.z, yymsp[0].minor.yy522);}
-  yymsp[-8].minor.yy33 = yylhsminor.yy33;
+      case 275: /* trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+{yylhsminor.yy427 = sqlite3TriggerUpdateStep(pParse, &yymsp[-6].minor.yy0, yymsp[-2].minor.yy203, yymsp[-3].minor.yy14, yymsp[-1].minor.yy454, yymsp[-7].minor.yy144, yymsp[-8].minor.yy0.z, yymsp[0].minor.yy168);}
+  yymsp[-8].minor.yy427 = yylhsminor.yy427;
         break;
-      case 274: /* trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+      case 276: /* trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
 {
-   yylhsminor.yy33 = sqlite3TriggerInsertStep(pParse,&yymsp[-4].minor.yy0,yymsp[-3].minor.yy254,yymsp[-2].minor.yy47,yymsp[-6].minor.yy394,yymsp[-1].minor.yy444,yymsp[-7].minor.yy522,yymsp[0].minor.yy522);/*yylhsminor.yy33-overwrites-yymsp[-6].minor.yy394*/
+   yylhsminor.yy427 = sqlite3TriggerInsertStep(pParse,&yymsp[-4].minor.yy0,yymsp[-3].minor.yy132,yymsp[-2].minor.yy555,yymsp[-6].minor.yy144,yymsp[-1].minor.yy122,yymsp[-7].minor.yy168,yymsp[0].minor.yy168);/*yylhsminor.yy427-overwrites-yymsp[-6].minor.yy144*/
 }
-  yymsp[-7].minor.yy33 = yylhsminor.yy33;
+  yymsp[-7].minor.yy427 = yylhsminor.yy427;
         break;
-      case 275: /* trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-{yylhsminor.yy33 = sqlite3TriggerDeleteStep(pParse, &yymsp[-3].minor.yy0, yymsp[-1].minor.yy528, yymsp[-5].minor.yy0.z, yymsp[0].minor.yy522);}
-  yymsp[-5].minor.yy33 = yylhsminor.yy33;
+      case 277: /* trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+{yylhsminor.yy427 = sqlite3TriggerDeleteStep(pParse, &yymsp[-3].minor.yy0, yymsp[-1].minor.yy454, yymsp[-5].minor.yy0.z, yymsp[0].minor.yy168);}
+  yymsp[-5].minor.yy427 = yylhsminor.yy427;
         break;
-      case 276: /* trigger_cmd ::= scanpt select scanpt */
-{yylhsminor.yy33 = sqlite3TriggerSelectStep(pParse->db, yymsp[-1].minor.yy47, yymsp[-2].minor.yy522, yymsp[0].minor.yy522); /*yylhsminor.yy33-overwrites-yymsp[-1].minor.yy47*/}
-  yymsp[-2].minor.yy33 = yylhsminor.yy33;
+      case 278: /* trigger_cmd ::= scanpt select scanpt */
+{yylhsminor.yy427 = sqlite3TriggerSelectStep(pParse->db, yymsp[-1].minor.yy555, yymsp[-2].minor.yy168, yymsp[0].minor.yy168); /*yylhsminor.yy427-overwrites-yymsp[-1].minor.yy555*/}
+  yymsp[-2].minor.yy427 = yylhsminor.yy427;
         break;
-      case 277: /* expr ::= RAISE LP IGNORE RP */
+      case 279: /* expr ::= RAISE LP IGNORE RP */
 {
-  yymsp[-3].minor.yy528 = sqlite3PExpr(pParse, TK_RAISE, 0, 0);
-  if( yymsp[-3].minor.yy528 ){
-    yymsp[-3].minor.yy528->affExpr = OE_Ignore;
+  yymsp[-3].minor.yy454 = sqlite3PExpr(pParse, TK_RAISE, 0, 0);
+  if( yymsp[-3].minor.yy454 ){
+    yymsp[-3].minor.yy454->affExpr = OE_Ignore;
   }
 }
         break;
-      case 278: /* expr ::= RAISE LP raisetype COMMA nm RP */
+      case 280: /* expr ::= RAISE LP raisetype COMMA nm RP */
 {
-  yymsp[-5].minor.yy528 = sqlite3ExprAlloc(pParse->db, TK_RAISE, &yymsp[-1].minor.yy0, 1);
-  if( yymsp[-5].minor.yy528 ) {
-    yymsp[-5].minor.yy528->affExpr = (char)yymsp[-3].minor.yy394;
+  yymsp[-5].minor.yy454 = sqlite3ExprAlloc(pParse->db, TK_RAISE, &yymsp[-1].minor.yy0, 1);
+  if( yymsp[-5].minor.yy454 ) {
+    yymsp[-5].minor.yy454->affExpr = (char)yymsp[-3].minor.yy144;
   }
 }
         break;
-      case 279: /* raisetype ::= ROLLBACK */
-{yymsp[0].minor.yy394 = OE_Rollback;}
+      case 281: /* raisetype ::= ROLLBACK */
+{yymsp[0].minor.yy144 = OE_Rollback;}
         break;
-      case 281: /* raisetype ::= FAIL */
-{yymsp[0].minor.yy394 = OE_Fail;}
+      case 283: /* raisetype ::= FAIL */
+{yymsp[0].minor.yy144 = OE_Fail;}
         break;
-      case 282: /* cmd ::= DROP TRIGGER ifexists fullname */
+      case 284: /* cmd ::= DROP TRIGGER ifexists fullname */
 {
-  sqlite3DropTrigger(pParse,yymsp[0].minor.yy131,yymsp[-1].minor.yy394);
+  sqlite3DropTrigger(pParse,yymsp[0].minor.yy203,yymsp[-1].minor.yy144);
 }
         break;
-      case 283: /* cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+      case 285: /* cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
 {
-  sqlite3Attach(pParse, yymsp[-3].minor.yy528, yymsp[-1].minor.yy528, yymsp[0].minor.yy528);
+  sqlite3Attach(pParse, yymsp[-3].minor.yy454, yymsp[-1].minor.yy454, yymsp[0].minor.yy454);
 }
         break;
-      case 284: /* cmd ::= DETACH database_kw_opt expr */
+      case 286: /* cmd ::= DETACH database_kw_opt expr */
 {
-  sqlite3Detach(pParse, yymsp[0].minor.yy528);
+  sqlite3Detach(pParse, yymsp[0].minor.yy454);
 }
         break;
-      case 287: /* cmd ::= REINDEX */
+      case 289: /* cmd ::= REINDEX */
 {sqlite3Reindex(pParse, 0, 0);}
         break;
-      case 288: /* cmd ::= REINDEX nm dbnm */
+      case 290: /* cmd ::= REINDEX nm dbnm */
 {sqlite3Reindex(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
         break;
-      case 289: /* cmd ::= ANALYZE */
+      case 291: /* cmd ::= ANALYZE */
 {sqlite3Analyze(pParse, 0, 0);}
         break;
-      case 290: /* cmd ::= ANALYZE nm dbnm */
+      case 292: /* cmd ::= ANALYZE nm dbnm */
 {sqlite3Analyze(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
         break;
-      case 291: /* cmd ::= ALTER TABLE fullname RENAME TO nm */
+      case 293: /* cmd ::= ALTER TABLE fullname RENAME TO nm */
 {
-  sqlite3AlterRenameTable(pParse,yymsp[-3].minor.yy131,&yymsp[0].minor.yy0);
+  sqlite3AlterRenameTable(pParse,yymsp[-3].minor.yy203,&yymsp[0].minor.yy0);
 }
         break;
-      case 292: /* cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+      case 294: /* cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
 {
   yymsp[-1].minor.yy0.n = (int)(pParse->sLastToken.z-yymsp[-1].minor.yy0.z) + pParse->sLastToken.n;
   sqlite3AlterFinishAddColumn(pParse, &yymsp[-1].minor.yy0);
 }
         break;
-      case 293: /* cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+      case 295: /* cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
 {
-  sqlite3AlterDropColumn(pParse, yymsp[-3].minor.yy131, &yymsp[0].minor.yy0);
+  sqlite3AlterDropColumn(pParse, yymsp[-3].minor.yy203, &yymsp[0].minor.yy0);
 }
         break;
-      case 294: /* add_column_fullname ::= fullname */
+      case 296: /* add_column_fullname ::= fullname */
 {
   disableLookaside(pParse);
-  sqlite3AlterBeginAddColumn(pParse, yymsp[0].minor.yy131);
+  sqlite3AlterBeginAddColumn(pParse, yymsp[0].minor.yy203);
 }
         break;
-      case 295: /* cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+      case 297: /* cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
 {
-  sqlite3AlterRenameColumn(pParse, yymsp[-5].minor.yy131, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0);
+  sqlite3AlterRenameColumn(pParse, yymsp[-5].minor.yy203, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0);
 }
         break;
-      case 296: /* cmd ::= create_vtab */
+      case 298: /* cmd ::= create_vtab */
 {sqlite3VtabFinishParse(pParse,0);}
         break;
-      case 297: /* cmd ::= create_vtab LP vtabarglist RP */
+      case 299: /* cmd ::= create_vtab LP vtabarglist RP */
 {sqlite3VtabFinishParse(pParse,&yymsp[0].minor.yy0);}
         break;
-      case 298: /* create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+      case 300: /* create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
 {
-    sqlite3VtabBeginParse(pParse, &yymsp[-3].minor.yy0, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0, yymsp[-4].minor.yy394);
+    sqlite3VtabBeginParse(pParse, &yymsp[-3].minor.yy0, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0, yymsp[-4].minor.yy144);
 }
         break;
-      case 299: /* vtabarg ::= */
+      case 301: /* vtabarg ::= */
 {sqlite3VtabArgInit(pParse);}
         break;
-      case 300: /* vtabargtoken ::= ANY */
-      case 301: /* vtabargtoken ::= lp anylist RP */ yytestcase(yyruleno==301);
-      case 302: /* lp ::= LP */ yytestcase(yyruleno==302);
+      case 302: /* vtabargtoken ::= ANY */
+      case 303: /* vtabargtoken ::= lp anylist RP */ yytestcase(yyruleno==303);
+      case 304: /* lp ::= LP */ yytestcase(yyruleno==304);
 {sqlite3VtabArgExtend(pParse,&yymsp[0].minor.yy0);}
         break;
-      case 303: /* with ::= WITH wqlist */
-      case 304: /* with ::= WITH RECURSIVE wqlist */ yytestcase(yyruleno==304);
-{ sqlite3WithPush(pParse, yymsp[0].minor.yy521, 1); }
+      case 305: /* with ::= WITH wqlist */
+      case 306: /* with ::= WITH RECURSIVE wqlist */ yytestcase(yyruleno==306);
+{ sqlite3WithPush(pParse, yymsp[0].minor.yy59, 1); }
         break;
-      case 305: /* wqas ::= AS */
-{yymsp[0].minor.yy516 = M10d_Any;}
+      case 307: /* wqas ::= AS */
+{yymsp[0].minor.yy462 = M10d_Any;}
         break;
-      case 306: /* wqas ::= AS MATERIALIZED */
-{yymsp[-1].minor.yy516 = M10d_Yes;}
+      case 308: /* wqas ::= AS MATERIALIZED */
+{yymsp[-1].minor.yy462 = M10d_Yes;}
         break;
-      case 307: /* wqas ::= AS NOT MATERIALIZED */
-{yymsp[-2].minor.yy516 = M10d_No;}
+      case 309: /* wqas ::= AS NOT MATERIALIZED */
+{yymsp[-2].minor.yy462 = M10d_No;}
         break;
-      case 308: /* wqitem ::= nm eidlist_opt wqas LP select RP */
+      case 310: /* wqitem ::= withnm eidlist_opt wqas LP select RP */
 {
-  yymsp[-5].minor.yy385 = sqlite3CteNew(pParse, &yymsp[-5].minor.yy0, yymsp[-4].minor.yy322, yymsp[-1].minor.yy47, yymsp[-3].minor.yy516); /*A-overwrites-X*/
+  yymsp[-5].minor.yy67 = sqlite3CteNew(pParse, &yymsp[-5].minor.yy0, yymsp[-4].minor.yy14, yymsp[-1].minor.yy555, yymsp[-3].minor.yy462); /*A-overwrites-X*/
 }
         break;
-      case 309: /* wqlist ::= wqitem */
+      case 311: /* withnm ::= nm */
+{pParse->bHasWith = 1;}
+        break;
+      case 312: /* wqlist ::= wqitem */
 {
-  yymsp[0].minor.yy521 = sqlite3WithAdd(pParse, 0, yymsp[0].minor.yy385); /*A-overwrites-X*/
+  yymsp[0].minor.yy59 = sqlite3WithAdd(pParse, 0, yymsp[0].minor.yy67); /*A-overwrites-X*/
 }
         break;
-      case 310: /* wqlist ::= wqlist COMMA wqitem */
+      case 313: /* wqlist ::= wqlist COMMA wqitem */
 {
-  yymsp[-2].minor.yy521 = sqlite3WithAdd(pParse, yymsp[-2].minor.yy521, yymsp[0].minor.yy385);
+  yymsp[-2].minor.yy59 = sqlite3WithAdd(pParse, yymsp[-2].minor.yy59, yymsp[0].minor.yy67);
 }
         break;
-      case 311: /* windowdefn_list ::= windowdefn_list COMMA windowdefn */
+      case 314: /* windowdefn_list ::= windowdefn_list COMMA windowdefn */
 {
-  assert( yymsp[0].minor.yy41!=0 );
-  sqlite3WindowChain(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy41);
-  yymsp[0].minor.yy41->pNextWin = yymsp[-2].minor.yy41;
-  yylhsminor.yy41 = yymsp[0].minor.yy41;
+  assert( yymsp[0].minor.yy211!=0 );
+  sqlite3WindowChain(pParse, yymsp[0].minor.yy211, yymsp[-2].minor.yy211);
+  yymsp[0].minor.yy211->pNextWin = yymsp[-2].minor.yy211;
+  yylhsminor.yy211 = yymsp[0].minor.yy211;
 }
-  yymsp[-2].minor.yy41 = yylhsminor.yy41;
+  yymsp[-2].minor.yy211 = yylhsminor.yy211;
         break;
-      case 312: /* windowdefn ::= nm AS LP window RP */
+      case 315: /* windowdefn ::= nm AS LP window RP */
 {
-  if( ALWAYS(yymsp[-1].minor.yy41) ){
-    yymsp[-1].minor.yy41->zName = sqlite3DbStrNDup(pParse->db, yymsp[-4].minor.yy0.z, yymsp[-4].minor.yy0.n);
+  if( ALWAYS(yymsp[-1].minor.yy211) ){
+    yymsp[-1].minor.yy211->zName = sqlite3DbStrNDup(pParse->db, yymsp[-4].minor.yy0.z, yymsp[-4].minor.yy0.n);
   }
-  yylhsminor.yy41 = yymsp[-1].minor.yy41;
+  yylhsminor.yy211 = yymsp[-1].minor.yy211;
 }
-  yymsp[-4].minor.yy41 = yylhsminor.yy41;
+  yymsp[-4].minor.yy211 = yylhsminor.yy211;
         break;
-      case 313: /* window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+      case 316: /* window ::= PARTITION BY nexprlist orderby_opt frame_opt */
 {
-  yymsp[-4].minor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy322, yymsp[-1].minor.yy322, 0);
+  yymsp[-4].minor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, yymsp[-2].minor.yy14, yymsp[-1].minor.yy14, 0);
 }
         break;
-      case 314: /* window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+      case 317: /* window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
 {
-  yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy322, yymsp[-1].minor.yy322, &yymsp[-5].minor.yy0);
+  yylhsminor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, yymsp[-2].minor.yy14, yymsp[-1].minor.yy14, &yymsp[-5].minor.yy0);
 }
-  yymsp[-5].minor.yy41 = yylhsminor.yy41;
+  yymsp[-5].minor.yy211 = yylhsminor.yy211;
         break;
-      case 315: /* window ::= ORDER BY sortlist frame_opt */
+      case 318: /* window ::= ORDER BY sortlist frame_opt */
 {
-  yymsp[-3].minor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, yymsp[-1].minor.yy322, 0);
+  yymsp[-3].minor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, 0, yymsp[-1].minor.yy14, 0);
 }
         break;
-      case 316: /* window ::= nm ORDER BY sortlist frame_opt */
+      case 319: /* window ::= nm ORDER BY sortlist frame_opt */
 {
-  yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, yymsp[-1].minor.yy322, &yymsp[-4].minor.yy0);
+  yylhsminor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, 0, yymsp[-1].minor.yy14, &yymsp[-4].minor.yy0);
 }
-  yymsp[-4].minor.yy41 = yylhsminor.yy41;
+  yymsp[-4].minor.yy211 = yylhsminor.yy211;
         break;
-      case 317: /* window ::= nm frame_opt */
+      case 320: /* window ::= nm frame_opt */
 {
-  yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, 0, &yymsp[-1].minor.yy0);
+  yylhsminor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, 0, 0, &yymsp[-1].minor.yy0);
 }
-  yymsp[-1].minor.yy41 = yylhsminor.yy41;
+  yymsp[-1].minor.yy211 = yylhsminor.yy211;
         break;
-      case 318: /* frame_opt ::= */
+      case 321: /* frame_opt ::= */
 {
-  yymsp[1].minor.yy41 = sqlite3WindowAlloc(pParse, 0, TK_UNBOUNDED, 0, TK_CURRENT, 0, 0);
+  yymsp[1].minor.yy211 = sqlite3WindowAlloc(pParse, 0, TK_UNBOUNDED, 0, TK_CURRENT, 0, 0);
 }
         break;
-      case 319: /* frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
+      case 322: /* frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
 {
-  yylhsminor.yy41 = sqlite3WindowAlloc(pParse, yymsp[-2].minor.yy394, yymsp[-1].minor.yy595.eType, yymsp[-1].minor.yy595.pExpr, TK_CURRENT, 0, yymsp[0].minor.yy516);
+  yylhsminor.yy211 = sqlite3WindowAlloc(pParse, yymsp[-2].minor.yy144, yymsp[-1].minor.yy509.eType, yymsp[-1].minor.yy509.pExpr, TK_CURRENT, 0, yymsp[0].minor.yy462);
 }
-  yymsp[-2].minor.yy41 = yylhsminor.yy41;
+  yymsp[-2].minor.yy211 = yylhsminor.yy211;
         break;
-      case 320: /* frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
+      case 323: /* frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
 {
-  yylhsminor.yy41 = sqlite3WindowAlloc(pParse, yymsp[-5].minor.yy394, yymsp[-3].minor.yy595.eType, yymsp[-3].minor.yy595.pExpr, yymsp[-1].minor.yy595.eType, yymsp[-1].minor.yy595.pExpr, yymsp[0].minor.yy516);
+  yylhsminor.yy211 = sqlite3WindowAlloc(pParse, yymsp[-5].minor.yy144, yymsp[-3].minor.yy509.eType, yymsp[-3].minor.yy509.pExpr, yymsp[-1].minor.yy509.eType, yymsp[-1].minor.yy509.pExpr, yymsp[0].minor.yy462);
 }
-  yymsp[-5].minor.yy41 = yylhsminor.yy41;
+  yymsp[-5].minor.yy211 = yylhsminor.yy211;
         break;
-      case 322: /* frame_bound_s ::= frame_bound */
-      case 324: /* frame_bound_e ::= frame_bound */ yytestcase(yyruleno==324);
-{yylhsminor.yy595 = yymsp[0].minor.yy595;}
-  yymsp[0].minor.yy595 = yylhsminor.yy595;
+      case 325: /* frame_bound_s ::= frame_bound */
+      case 327: /* frame_bound_e ::= frame_bound */ yytestcase(yyruleno==327);
+{yylhsminor.yy509 = yymsp[0].minor.yy509;}
+  yymsp[0].minor.yy509 = yylhsminor.yy509;
         break;
-      case 323: /* frame_bound_s ::= UNBOUNDED PRECEDING */
-      case 325: /* frame_bound_e ::= UNBOUNDED FOLLOWING */ yytestcase(yyruleno==325);
-      case 327: /* frame_bound ::= CURRENT ROW */ yytestcase(yyruleno==327);
-{yylhsminor.yy595.eType = yymsp[-1].major; yylhsminor.yy595.pExpr = 0;}
-  yymsp[-1].minor.yy595 = yylhsminor.yy595;
+      case 326: /* frame_bound_s ::= UNBOUNDED PRECEDING */
+      case 328: /* frame_bound_e ::= UNBOUNDED FOLLOWING */ yytestcase(yyruleno==328);
+      case 330: /* frame_bound ::= CURRENT ROW */ yytestcase(yyruleno==330);
+{yylhsminor.yy509.eType = yymsp[-1].major; yylhsminor.yy509.pExpr = 0;}
+  yymsp[-1].minor.yy509 = yylhsminor.yy509;
         break;
-      case 326: /* frame_bound ::= expr PRECEDING|FOLLOWING */
-{yylhsminor.yy595.eType = yymsp[0].major; yylhsminor.yy595.pExpr = yymsp[-1].minor.yy528;}
-  yymsp[-1].minor.yy595 = yylhsminor.yy595;
+      case 329: /* frame_bound ::= expr PRECEDING|FOLLOWING */
+{yylhsminor.yy509.eType = yymsp[0].major; yylhsminor.yy509.pExpr = yymsp[-1].minor.yy454;}
+  yymsp[-1].minor.yy509 = yylhsminor.yy509;
         break;
-      case 328: /* frame_exclude_opt ::= */
-{yymsp[1].minor.yy516 = 0;}
+      case 331: /* frame_exclude_opt ::= */
+{yymsp[1].minor.yy462 = 0;}
         break;
-      case 329: /* frame_exclude_opt ::= EXCLUDE frame_exclude */
-{yymsp[-1].minor.yy516 = yymsp[0].minor.yy516;}
+      case 332: /* frame_exclude_opt ::= EXCLUDE frame_exclude */
+{yymsp[-1].minor.yy462 = yymsp[0].minor.yy462;}
         break;
-      case 330: /* frame_exclude ::= NO OTHERS */
-      case 331: /* frame_exclude ::= CURRENT ROW */ yytestcase(yyruleno==331);
-{yymsp[-1].minor.yy516 = yymsp[-1].major; /*A-overwrites-X*/}
+      case 333: /* frame_exclude ::= NO OTHERS */
+      case 334: /* frame_exclude ::= CURRENT ROW */ yytestcase(yyruleno==334);
+{yymsp[-1].minor.yy462 = yymsp[-1].major; /*A-overwrites-X*/}
         break;
-      case 332: /* frame_exclude ::= GROUP|TIES */
-{yymsp[0].minor.yy516 = yymsp[0].major; /*A-overwrites-X*/}
+      case 335: /* frame_exclude ::= GROUP|TIES */
+{yymsp[0].minor.yy462 = yymsp[0].major; /*A-overwrites-X*/}
         break;
-      case 333: /* window_clause ::= WINDOW windowdefn_list */
-{ yymsp[-1].minor.yy41 = yymsp[0].minor.yy41; }
+      case 336: /* window_clause ::= WINDOW windowdefn_list */
+{ yymsp[-1].minor.yy211 = yymsp[0].minor.yy211; }
         break;
-      case 334: /* filter_over ::= filter_clause over_clause */
+      case 337: /* filter_over ::= filter_clause over_clause */
 {
-  if( yymsp[0].minor.yy41 ){
-    yymsp[0].minor.yy41->pFilter = yymsp[-1].minor.yy528;
+  if( yymsp[0].minor.yy211 ){
+    yymsp[0].minor.yy211->pFilter = yymsp[-1].minor.yy454;
   }else{
-    sqlite3ExprDelete(pParse->db, yymsp[-1].minor.yy528);
+    sqlite3ExprDelete(pParse->db, yymsp[-1].minor.yy454);
   }
-  yylhsminor.yy41 = yymsp[0].minor.yy41;
+  yylhsminor.yy211 = yymsp[0].minor.yy211;
 }
-  yymsp[-1].minor.yy41 = yylhsminor.yy41;
+  yymsp[-1].minor.yy211 = yylhsminor.yy211;
         break;
-      case 335: /* filter_over ::= over_clause */
+      case 338: /* filter_over ::= over_clause */
 {
-  yylhsminor.yy41 = yymsp[0].minor.yy41;
+  yylhsminor.yy211 = yymsp[0].minor.yy211;
 }
-  yymsp[0].minor.yy41 = yylhsminor.yy41;
+  yymsp[0].minor.yy211 = yylhsminor.yy211;
         break;
-      case 336: /* filter_over ::= filter_clause */
+      case 339: /* filter_over ::= filter_clause */
 {
-  yylhsminor.yy41 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
-  if( yylhsminor.yy41 ){
-    yylhsminor.yy41->eFrmType = TK_FILTER;
-    yylhsminor.yy41->pFilter = yymsp[0].minor.yy528;
+  yylhsminor.yy211 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
+  if( yylhsminor.yy211 ){
+    yylhsminor.yy211->eFrmType = TK_FILTER;
+    yylhsminor.yy211->pFilter = yymsp[0].minor.yy454;
   }else{
-    sqlite3ExprDelete(pParse->db, yymsp[0].minor.yy528);
+    sqlite3ExprDelete(pParse->db, yymsp[0].minor.yy454);
   }
 }
-  yymsp[0].minor.yy41 = yylhsminor.yy41;
+  yymsp[0].minor.yy211 = yylhsminor.yy211;
         break;
-      case 337: /* over_clause ::= OVER LP window RP */
+      case 340: /* over_clause ::= OVER LP window RP */
 {
-  yymsp[-3].minor.yy41 = yymsp[-1].minor.yy41;
-  assert( yymsp[-3].minor.yy41!=0 );
+  yymsp[-3].minor.yy211 = yymsp[-1].minor.yy211;
+  assert( yymsp[-3].minor.yy211!=0 );
 }
         break;
-      case 338: /* over_clause ::= OVER nm */
+      case 341: /* over_clause ::= OVER nm */
 {
-  yymsp[-1].minor.yy41 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
-  if( yymsp[-1].minor.yy41 ){
-    yymsp[-1].minor.yy41->zName = sqlite3DbStrNDup(pParse->db, yymsp[0].minor.yy0.z, yymsp[0].minor.yy0.n);
+  yymsp[-1].minor.yy211 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
+  if( yymsp[-1].minor.yy211 ){
+    yymsp[-1].minor.yy211->zName = sqlite3DbStrNDup(pParse->db, yymsp[0].minor.yy0.z, yymsp[0].minor.yy0.n);
   }
 }
         break;
-      case 339: /* filter_clause ::= FILTER LP WHERE expr RP */
-{ yymsp[-4].minor.yy528 = yymsp[-1].minor.yy528; }
+      case 342: /* filter_clause ::= FILTER LP WHERE expr RP */
+{ yymsp[-4].minor.yy454 = yymsp[-1].minor.yy454; }
+        break;
+      case 343: /* term ::= QNUMBER */
+{
+  yylhsminor.yy454=tokenExpr(pParse,yymsp[0].major,yymsp[0].minor.yy0);
+  sqlite3DequoteNumber(pParse, yylhsminor.yy454);
+}
+  yymsp[0].minor.yy454 = yylhsminor.yy454;
         break;
       default:
-      /* (340) input ::= cmdlist */ yytestcase(yyruleno==340);
-      /* (341) cmdlist ::= cmdlist ecmd */ yytestcase(yyruleno==341);
-      /* (342) cmdlist ::= ecmd (OPTIMIZED OUT) */ assert(yyruleno!=342);
-      /* (343) ecmd ::= SEMI */ yytestcase(yyruleno==343);
-      /* (344) ecmd ::= cmdx SEMI */ yytestcase(yyruleno==344);
-      /* (345) ecmd ::= explain cmdx SEMI (NEVER REDUCES) */ assert(yyruleno!=345);
-      /* (346) trans_opt ::= */ yytestcase(yyruleno==346);
-      /* (347) trans_opt ::= TRANSACTION */ yytestcase(yyruleno==347);
-      /* (348) trans_opt ::= TRANSACTION nm */ yytestcase(yyruleno==348);
-      /* (349) savepoint_opt ::= SAVEPOINT */ yytestcase(yyruleno==349);
-      /* (350) savepoint_opt ::= */ yytestcase(yyruleno==350);
-      /* (351) cmd ::= create_table create_table_args */ yytestcase(yyruleno==351);
-      /* (352) table_option_set ::= table_option (OPTIMIZED OUT) */ assert(yyruleno!=352);
-      /* (353) columnlist ::= columnlist COMMA columnname carglist */ yytestcase(yyruleno==353);
-      /* (354) columnlist ::= columnname carglist */ yytestcase(yyruleno==354);
-      /* (355) nm ::= ID|INDEXED|JOIN_KW */ yytestcase(yyruleno==355);
-      /* (356) nm ::= STRING */ yytestcase(yyruleno==356);
-      /* (357) typetoken ::= typename */ yytestcase(yyruleno==357);
-      /* (358) typename ::= ID|STRING */ yytestcase(yyruleno==358);
-      /* (359) signed ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=359);
-      /* (360) signed ::= minus_num (OPTIMIZED OUT) */ assert(yyruleno!=360);
-      /* (361) carglist ::= carglist ccons */ yytestcase(yyruleno==361);
-      /* (362) carglist ::= */ yytestcase(yyruleno==362);
-      /* (363) ccons ::= NULL onconf */ yytestcase(yyruleno==363);
-      /* (364) ccons ::= GENERATED ALWAYS AS generated */ yytestcase(yyruleno==364);
-      /* (365) ccons ::= AS generated */ yytestcase(yyruleno==365);
-      /* (366) conslist_opt ::= COMMA conslist */ yytestcase(yyruleno==366);
-      /* (367) conslist ::= conslist tconscomma tcons */ yytestcase(yyruleno==367);
-      /* (368) conslist ::= tcons (OPTIMIZED OUT) */ assert(yyruleno!=368);
-      /* (369) tconscomma ::= */ yytestcase(yyruleno==369);
-      /* (370) defer_subclause_opt ::= defer_subclause (OPTIMIZED OUT) */ assert(yyruleno!=370);
-      /* (371) resolvetype ::= raisetype (OPTIMIZED OUT) */ assert(yyruleno!=371);
-      /* (372) selectnowith ::= oneselect (OPTIMIZED OUT) */ assert(yyruleno!=372);
-      /* (373) oneselect ::= values */ yytestcase(yyruleno==373);
-      /* (374) sclp ::= selcollist COMMA */ yytestcase(yyruleno==374);
-      /* (375) as ::= ID|STRING */ yytestcase(yyruleno==375);
-      /* (376) indexed_opt ::= indexed_by (OPTIMIZED OUT) */ assert(yyruleno!=376);
-      /* (377) returning ::= */ yytestcase(yyruleno==377);
-      /* (378) expr ::= term (OPTIMIZED OUT) */ assert(yyruleno!=378);
-      /* (379) likeop ::= LIKE_KW|MATCH */ yytestcase(yyruleno==379);
-      /* (380) case_operand ::= expr */ yytestcase(yyruleno==380);
-      /* (381) exprlist ::= nexprlist */ yytestcase(yyruleno==381);
-      /* (382) nmnum ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=382);
-      /* (383) nmnum ::= nm (OPTIMIZED OUT) */ assert(yyruleno!=383);
-      /* (384) nmnum ::= ON */ yytestcase(yyruleno==384);
-      /* (385) nmnum ::= DELETE */ yytestcase(yyruleno==385);
-      /* (386) nmnum ::= DEFAULT */ yytestcase(yyruleno==386);
-      /* (387) plus_num ::= INTEGER|FLOAT */ yytestcase(yyruleno==387);
-      /* (388) foreach_clause ::= */ yytestcase(yyruleno==388);
-      /* (389) foreach_clause ::= FOR EACH ROW */ yytestcase(yyruleno==389);
-      /* (390) trnm ::= nm */ yytestcase(yyruleno==390);
-      /* (391) tridxby ::= */ yytestcase(yyruleno==391);
-      /* (392) database_kw_opt ::= DATABASE */ yytestcase(yyruleno==392);
-      /* (393) database_kw_opt ::= */ yytestcase(yyruleno==393);
-      /* (394) kwcolumn_opt ::= */ yytestcase(yyruleno==394);
-      /* (395) kwcolumn_opt ::= COLUMNKW */ yytestcase(yyruleno==395);
-      /* (396) vtabarglist ::= vtabarg */ yytestcase(yyruleno==396);
-      /* (397) vtabarglist ::= vtabarglist COMMA vtabarg */ yytestcase(yyruleno==397);
-      /* (398) vtabarg ::= vtabarg vtabargtoken */ yytestcase(yyruleno==398);
-      /* (399) anylist ::= */ yytestcase(yyruleno==399);
-      /* (400) anylist ::= anylist LP anylist RP */ yytestcase(yyruleno==400);
-      /* (401) anylist ::= anylist ANY */ yytestcase(yyruleno==401);
-      /* (402) with ::= */ yytestcase(yyruleno==402);
-      /* (403) windowdefn_list ::= windowdefn (OPTIMIZED OUT) */ assert(yyruleno!=403);
-      /* (404) window ::= frame_opt (OPTIMIZED OUT) */ assert(yyruleno!=404);
+      /* (344) input ::= cmdlist */ yytestcase(yyruleno==344);
+      /* (345) cmdlist ::= cmdlist ecmd */ yytestcase(yyruleno==345);
+      /* (346) cmdlist ::= ecmd (OPTIMIZED OUT) */ assert(yyruleno!=346);
+      /* (347) ecmd ::= SEMI */ yytestcase(yyruleno==347);
+      /* (348) ecmd ::= cmdx SEMI */ yytestcase(yyruleno==348);
+      /* (349) ecmd ::= explain cmdx SEMI (NEVER REDUCES) */ assert(yyruleno!=349);
+      /* (350) trans_opt ::= */ yytestcase(yyruleno==350);
+      /* (351) trans_opt ::= TRANSACTION */ yytestcase(yyruleno==351);
+      /* (352) trans_opt ::= TRANSACTION nm */ yytestcase(yyruleno==352);
+      /* (353) savepoint_opt ::= SAVEPOINT */ yytestcase(yyruleno==353);
+      /* (354) savepoint_opt ::= */ yytestcase(yyruleno==354);
+      /* (355) cmd ::= create_table create_table_args */ yytestcase(yyruleno==355);
+      /* (356) table_option_set ::= table_option (OPTIMIZED OUT) */ assert(yyruleno!=356);
+      /* (357) columnlist ::= columnlist COMMA columnname carglist */ yytestcase(yyruleno==357);
+      /* (358) columnlist ::= columnname carglist */ yytestcase(yyruleno==358);
+      /* (359) nm ::= ID|INDEXED|JOIN_KW */ yytestcase(yyruleno==359);
+      /* (360) nm ::= STRING */ yytestcase(yyruleno==360);
+      /* (361) typetoken ::= typename */ yytestcase(yyruleno==361);
+      /* (362) typename ::= ID|STRING */ yytestcase(yyruleno==362);
+      /* (363) signed ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=363);
+      /* (364) signed ::= minus_num (OPTIMIZED OUT) */ assert(yyruleno!=364);
+      /* (365) carglist ::= carglist ccons */ yytestcase(yyruleno==365);
+      /* (366) carglist ::= */ yytestcase(yyruleno==366);
+      /* (367) ccons ::= NULL onconf */ yytestcase(yyruleno==367);
+      /* (368) ccons ::= GENERATED ALWAYS AS generated */ yytestcase(yyruleno==368);
+      /* (369) ccons ::= AS generated */ yytestcase(yyruleno==369);
+      /* (370) conslist_opt ::= COMMA conslist */ yytestcase(yyruleno==370);
+      /* (371) conslist ::= conslist tconscomma tcons */ yytestcase(yyruleno==371);
+      /* (372) conslist ::= tcons (OPTIMIZED OUT) */ assert(yyruleno!=372);
+      /* (373) tconscomma ::= */ yytestcase(yyruleno==373);
+      /* (374) defer_subclause_opt ::= defer_subclause (OPTIMIZED OUT) */ assert(yyruleno!=374);
+      /* (375) resolvetype ::= raisetype (OPTIMIZED OUT) */ assert(yyruleno!=375);
+      /* (376) selectnowith ::= oneselect (OPTIMIZED OUT) */ assert(yyruleno!=376);
+      /* (377) oneselect ::= values */ yytestcase(yyruleno==377);
+      /* (378) sclp ::= selcollist COMMA */ yytestcase(yyruleno==378);
+      /* (379) as ::= ID|STRING */ yytestcase(yyruleno==379);
+      /* (380) indexed_opt ::= indexed_by (OPTIMIZED OUT) */ assert(yyruleno!=380);
+      /* (381) returning ::= */ yytestcase(yyruleno==381);
+      /* (382) expr ::= term (OPTIMIZED OUT) */ assert(yyruleno!=382);
+      /* (383) likeop ::= LIKE_KW|MATCH */ yytestcase(yyruleno==383);
+      /* (384) case_operand ::= expr */ yytestcase(yyruleno==384);
+      /* (385) exprlist ::= nexprlist */ yytestcase(yyruleno==385);
+      /* (386) nmnum ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=386);
+      /* (387) nmnum ::= nm (OPTIMIZED OUT) */ assert(yyruleno!=387);
+      /* (388) nmnum ::= ON */ yytestcase(yyruleno==388);
+      /* (389) nmnum ::= DELETE */ yytestcase(yyruleno==389);
+      /* (390) nmnum ::= DEFAULT */ yytestcase(yyruleno==390);
+      /* (391) plus_num ::= INTEGER|FLOAT */ yytestcase(yyruleno==391);
+      /* (392) foreach_clause ::= */ yytestcase(yyruleno==392);
+      /* (393) foreach_clause ::= FOR EACH ROW */ yytestcase(yyruleno==393);
+      /* (394) trnm ::= nm */ yytestcase(yyruleno==394);
+      /* (395) tridxby ::= */ yytestcase(yyruleno==395);
+      /* (396) database_kw_opt ::= DATABASE */ yytestcase(yyruleno==396);
+      /* (397) database_kw_opt ::= */ yytestcase(yyruleno==397);
+      /* (398) kwcolumn_opt ::= */ yytestcase(yyruleno==398);
+      /* (399) kwcolumn_opt ::= COLUMNKW */ yytestcase(yyruleno==399);
+      /* (400) vtabarglist ::= vtabarg */ yytestcase(yyruleno==400);
+      /* (401) vtabarglist ::= vtabarglist COMMA vtabarg */ yytestcase(yyruleno==401);
+      /* (402) vtabarg ::= vtabarg vtabargtoken */ yytestcase(yyruleno==402);
+      /* (403) anylist ::= */ yytestcase(yyruleno==403);
+      /* (404) anylist ::= anylist LP anylist RP */ yytestcase(yyruleno==404);
+      /* (405) anylist ::= anylist ANY */ yytestcase(yyruleno==405);
+      /* (406) with ::= */ yytestcase(yyruleno==406);
+      /* (407) windowdefn_list ::= windowdefn (OPTIMIZED OUT) */ assert(yyruleno!=407);
+      /* (408) window ::= frame_opt (OPTIMIZED OUT) */ assert(yyruleno!=408);
         break;
 /********** End reduce actions ************************************************/
   };
@@ -176211,19 +177839,12 @@ SQLITE_PRIVATE void sqlite3Parser(
                   (int)(yypParser->yytos - yypParser->yystack));
         }
 #endif
-#if YYSTACKDEPTH>0
         if( yypParser->yytos>=yypParser->yystackEnd ){
-          yyStackOverflow(yypParser);
-          break;
-        }
-#else
-        if( yypParser->yytos>=&yypParser->yystack[yypParser->yystksz-1] ){
           if( yyGrowStack(yypParser) ){
             yyStackOverflow(yypParser);
             break;
           }
         }
-#endif
       }
       yyact = yy_reduce(yypParser,yyruleno,yymajor,yyminor sqlite3ParserCTX_PARAM);
     }else if( yyact <= YY_MAX_SHIFTREDUCE ){
@@ -177294,27 +178915,58 @@ SQLITE_PRIVATE int sqlite3GetToken(const unsigned char *z, int *tokenType){
       *tokenType = TK_INTEGER;
 #ifndef SQLITE_OMIT_HEX_INTEGER
       if( z[0]=='0' && (z[1]=='x' || z[1]=='X') && sqlite3Isxdigit(z[2]) ){
-        for(i=3; sqlite3Isxdigit(z[i]); i++){}
-        return i;
-      }
+        for(i=3; 1; i++){
+          if( sqlite3Isxdigit(z[i])==0 ){
+            if( z[i]==SQLITE_DIGIT_SEPARATOR ){
+              *tokenType = TK_QNUMBER;
+            }else{
+              break;
+            }
+          }
+        }
+      }else
 #endif
-      for(i=0; sqlite3Isdigit(z[i]); i++){}
+        {
+        for(i=0; 1; i++){
+          if( sqlite3Isdigit(z[i])==0 ){
+            if( z[i]==SQLITE_DIGIT_SEPARATOR ){
+              *tokenType = TK_QNUMBER;
+            }else{
+              break;
+            }
+          }
+        }
 #ifndef SQLITE_OMIT_FLOATING_POINT
-      if( z[i]=='.' ){
-        i++;
-        while( sqlite3Isdigit(z[i]) ){ i++; }
-        *tokenType = TK_FLOAT;
-      }
-      if( (z[i]=='e' || z[i]=='E') &&
-           ( sqlite3Isdigit(z[i+1])
-            || ((z[i+1]=='+' || z[i+1]=='-') && sqlite3Isdigit(z[i+2]))
-           )
-      ){
-        i += 2;
-        while( sqlite3Isdigit(z[i]) ){ i++; }
-        *tokenType = TK_FLOAT;
-      }
+        if( z[i]=='.' ){
+          if( *tokenType==TK_INTEGER ) *tokenType = TK_FLOAT;
+          for(i++; 1; i++){
+            if( sqlite3Isdigit(z[i])==0 ){
+              if( z[i]==SQLITE_DIGIT_SEPARATOR ){
+                *tokenType = TK_QNUMBER;
+              }else{
+                break;
+              }
+            }
+          }
+        }
+        if( (z[i]=='e' || z[i]=='E') &&
+             ( sqlite3Isdigit(z[i+1])
+              || ((z[i+1]=='+' || z[i+1]=='-') && sqlite3Isdigit(z[i+2]))
+             )
+        ){
+          if( *tokenType==TK_INTEGER ) *tokenType = TK_FLOAT;
+          for(i+=2; 1; i++){
+            if( sqlite3Isdigit(z[i])==0 ){
+              if( z[i]==SQLITE_DIGIT_SEPARATOR ){
+                *tokenType = TK_QNUMBER;
+              }else{
+                break;
+              }
+            }
+          }
+        }
 #endif
+      }
       while( IdChar(z[i]) ){
         *tokenType = TK_ILLEGAL;
         i++;
@@ -177479,10 +179131,13 @@ SQLITE_PRIVATE int sqlite3RunParser(Parse *pParse, const char *zSql){
     if( tokenType>=TK_WINDOW ){
       assert( tokenType==TK_SPACE || tokenType==TK_OVER || tokenType==TK_FILTER
            || tokenType==TK_ILLEGAL || tokenType==TK_WINDOW
+           || tokenType==TK_QNUMBER
       );
 #else
     if( tokenType>=TK_SPACE ){
-      assert( tokenType==TK_SPACE || tokenType==TK_ILLEGAL );
+      assert( tokenType==TK_SPACE || tokenType==TK_ILLEGAL
+           || tokenType==TK_QNUMBER
+      );
 #endif /* SQLITE_OMIT_WINDOWFUNC */
       if( AtomicLoad(&db->u1.isInterrupted) ){
         pParse->rc = SQLITE_INTERRUPT;
@@ -177515,7 +179170,7 @@ SQLITE_PRIVATE int sqlite3RunParser(Parse *pParse, const char *zSql){
         assert( n==6 );
         tokenType = analyzeFilterKeyword((const u8*)&zSql[6], lastTokenParsed);
 #endif /* SQLITE_OMIT_WINDOWFUNC */
-      }else{
+      }else if( tokenType!=TK_QNUMBER ){
         Token x;
         x.z = zSql;
         x.n = n;
@@ -178866,6 +180521,18 @@ SQLITE_API int sqlite3_config(int op, ...){
     }
 #endif /* SQLITE_OMIT_DESERIALIZE */
 
+    case SQLITE_CONFIG_ROWID_IN_VIEW: {
+      int *pVal = va_arg(ap,int*);
+#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
+      if( 0==*pVal ) sqlite3GlobalConfig.mNoVisibleRowid = TF_NoVisibleRowid;
+      if( 1==*pVal ) sqlite3GlobalConfig.mNoVisibleRowid = 0;
+      *pVal = (sqlite3GlobalConfig.mNoVisibleRowid==0);
+#else
+      *pVal = 0;
+#endif
+      break;
+    }
+
     default: {
       rc = SQLITE_ERROR;
       break;
@@ -188498,22 +190165,24 @@ static int fts3IntegrityMethod(
   char **pzErr              /* Write error message here */
 ){
   Fts3Table *p = (Fts3Table*)pVtab;
-  int rc;
+  int rc = SQLITE_OK;
   int bOk = 0;
 
   UNUSED_PARAMETER(isQuick);
   rc = sqlite3Fts3IntegrityCheck(p, &bOk);
-  assert( rc!=SQLITE_CORRUPT_VTAB || bOk==0 );
-  if( rc!=SQLITE_OK && rc!=SQLITE_CORRUPT_VTAB ){
+  assert( rc!=SQLITE_CORRUPT_VTAB );
+  if( rc==SQLITE_ERROR || (rc&0xFF)==SQLITE_CORRUPT ){
     *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
                              " FTS%d table %s.%s: %s",
                 p->bFts4 ? 4 : 3, zSchema, zTabname, sqlite3_errstr(rc));
-  }else if( bOk==0 ){
+    if( *pzErr ) rc = SQLITE_OK;
+  }else if( rc==SQLITE_OK && bOk==0 ){
     *pzErr = sqlite3_mprintf("malformed inverted index for FTS%d table %s.%s",
                 p->bFts4 ? 4 : 3, zSchema, zTabname);
+    if( *pzErr==0 ) rc = SQLITE_NOMEM;
   }
   sqlite3Fts3SegmentsClose(p);
-  return SQLITE_OK;
+  return rc;
 }
 
 
@@ -200175,7 +201844,12 @@ SQLITE_PRIVATE int sqlite3Fts3IntegrityCheck(Fts3Table *p, int *pbOk){
     sqlite3_finalize(pStmt);
   }
 
-  *pbOk = (rc==SQLITE_OK && cksum1==cksum2);
+  if( rc==SQLITE_CORRUPT_VTAB ){
+    rc = SQLITE_OK;
+    *pbOk = 0;
+  }else{
+    *pbOk = (rc==SQLITE_OK && cksum1==cksum2);
+  }
   return rc;
 }
 
@@ -201081,7 +202755,7 @@ static void fts3SnippetDetails(
         }
         mCover |= mPhrase;
 
-        for(j=0; jnToken; j++){
+        for(j=0; jnToken && jnSnippet; j++){
           mHighlight |= (mPos>>j);
         }
 
@@ -203742,7 +205416,6 @@ static void jsonAppendRawNZ(JsonString *p, const char *zIn, u32 N){
   }
 }
 
-
 /* Append formatted text (not to exceed N bytes) to the JsonString.
 */
 static void jsonPrintf(int N, JsonString *p, const char *zFormat, ...){
@@ -203800,6 +205473,40 @@ static void jsonAppendSeparator(JsonString *p){
   jsonAppendChar(p, ',');
 }
 
+/* c is a control character.  Append the canonical JSON representation
+** of that control character to p.
+**
+** This routine assumes that the output buffer has already been enlarged
+** sufficiently to hold the worst-case encoding plus a nul terminator.
+*/
+static void jsonAppendControlChar(JsonString *p, u8 c){
+  static const char aSpecial[] = {
+     0, 0, 0, 0, 0, 0, 0, 0, 'b', 't', 'n', 0, 'f', 'r', 0, 0,
+     0, 0, 0, 0, 0, 0, 0, 0,   0,   0,   0, 0,   0,   0, 0, 0
+  };
+  assert( sizeof(aSpecial)==32 );
+  assert( aSpecial['\b']=='b' );
+  assert( aSpecial['\f']=='f' );
+  assert( aSpecial['\n']=='n' );
+  assert( aSpecial['\r']=='r' );
+  assert( aSpecial['\t']=='t' );
+  assert( c>=0 && cnUsed+7 <= p->nAlloc );
+  if( aSpecial[c] ){
+    p->zBuf[p->nUsed] = '\\';
+    p->zBuf[p->nUsed+1] = aSpecial[c];
+    p->nUsed += 2;
+  }else{
+    p->zBuf[p->nUsed] = '\\';
+    p->zBuf[p->nUsed+1] = 'u';
+    p->zBuf[p->nUsed+2] = '0';
+    p->zBuf[p->nUsed+3] = '0';
+    p->zBuf[p->nUsed+4] = "0123456789abcdef"[c>>4];
+    p->zBuf[p->nUsed+5] = "0123456789abcdef"[c&0xf];
+    p->nUsed += 6;
+  }
+}
+
 /* Append the N-byte string in zIn to the end of the JsonString string
 ** under construction.  Enclose the string in double-quotes ("...") and
 ** escape any double-quotes or backslash characters contained within the
@@ -203859,35 +205566,14 @@ static void jsonAppendString(JsonString *p, const char *zIn, u32 N){
     }
     c = z[0];
     if( c=='"' || c=='\\' ){
-      json_simple_escape:
       if( (p->nUsed+N+3 > p->nAlloc) && jsonStringGrow(p,N+3)!=0 ) return;
       p->zBuf[p->nUsed++] = '\\';
       p->zBuf[p->nUsed++] = c;
     }else if( c=='\'' ){
       p->zBuf[p->nUsed++] = c;
     }else{
-      static const char aSpecial[] = {
-         0, 0, 0, 0, 0, 0, 0, 0, 'b', 't', 'n', 0, 'f', 'r', 0, 0,
-         0, 0, 0, 0, 0, 0, 0, 0,   0,   0,   0, 0,   0,   0, 0, 0
-      };
-      assert( sizeof(aSpecial)==32 );
-      assert( aSpecial['\b']=='b' );
-      assert( aSpecial['\f']=='f' );
-      assert( aSpecial['\n']=='n' );
-      assert( aSpecial['\r']=='r' );
-      assert( aSpecial['\t']=='t' );
-      assert( c>=0 && cnUsed+N+7 > p->nAlloc) && jsonStringGrow(p,N+7)!=0 ) return;
-      p->zBuf[p->nUsed++] = '\\';
-      p->zBuf[p->nUsed++] = 'u';
-      p->zBuf[p->nUsed++] = '0';
-      p->zBuf[p->nUsed++] = '0';
-      p->zBuf[p->nUsed++] = "0123456789abcdef"[c>>4];
-      p->zBuf[p->nUsed++] = "0123456789abcdef"[c&0xf];
+      jsonAppendControlChar(p, c);
     }
     z++;
     N--;
@@ -204588,7 +206274,10 @@ static u32 jsonbValidityCheck(
         if( !jsonIsOk[z[j]] && z[j]!='\'' ){
           if( z[j]=='"' ){
             if( x==JSONB_TEXTJ ) return j+1;
-          }else if( z[j]!='\\' || j+1>=k ){
+          }else if( z[j]<=0x1f ){
+            /* Control characters in JSON5 string literals are ok */
+            if( x==JSONB_TEXTJ ) return j+1;
+          }else if( NEVER(z[j]!='\\') || j+1>=k ){
             return j+1;
           }else if( strchr("\"\\/bfnrt",z[j+1])!=0 ){
             j++;
@@ -204786,6 +206475,7 @@ static int jsonTranslateTextToBlob(JsonParse *pParse, u32 i){
   case '[': {
     /* Parse array */
     iThis = pParse->nBlob;
+    assert( i<=(u32)pParse->nJson );
     jsonBlobAppendNode(pParse, JSONB_ARRAY, pParse->nJson - i, 0);
     iStart = pParse->nBlob;
     if( pParse->oom ) return -1;
@@ -204882,9 +206572,14 @@ static int jsonTranslateTextToBlob(JsonParse *pParse, u32 i){
           return -1;
         }
       }else if( c<=0x1f ){
-        /* Control characters are not allowed in strings */
-        pParse->iErr = j;
-        return -1;
+        if( c==0 ){
+          pParse->iErr = j;
+          return -1;
+        }
+        /* Control characters are not allowed in canonical JSON string
+        ** literals, but are allowed in JSON5 string literals. */
+        opcode = JSONB_TEXT5;
+        pParse->hasNonstd = 1;
       }else if( c=='"' ){
         opcode = JSONB_TEXT5;
       }
@@ -205100,6 +206795,7 @@ static int jsonTranslateTextToBlob(JsonParse *pParse, u32 i){
       return i+4;
     }
     /* fall-through into the default case that checks for NaN */
+    /* no break */ deliberate_fall_through
   }
   default: {
     u32 k;
@@ -205184,6 +206880,10 @@ static void jsonReturnStringAsBlob(JsonString *pStr){
   JsonParse px;
   memset(&px, 0, sizeof(px));
   jsonStringTerminate(pStr);
+  if( pStr->eErr ){
+    sqlite3_result_error_nomem(pStr->pCtx);
+    return;
+  }
   px.zJson = pStr->zBuf;
   px.nJson = pStr->nUsed;
   px.db = sqlite3_context_db_handle(pStr->pCtx);
@@ -205364,7 +207064,7 @@ static u32 jsonTranslateBlobToText(
       zIn = (const char*)&pParse->aBlob[i+n];
       jsonAppendChar(pOut, '"');
       while( sz2>0 ){
-        for(k=0; k0 ){
           jsonAppendRawNZ(pOut, zIn, k);
           if( k>=sz2 ){
@@ -205379,6 +207079,13 @@ static u32 jsonTranslateBlobToText(
           sz2--;
           continue;
         }
+        if( zIn[0]<=0x1f ){
+          if( pOut->nUsed+7>pOut->nAlloc && jsonStringGrow(pOut,7) ) break;
+          jsonAppendControlChar(pOut, zIn[0]);
+          zIn++;
+          sz2--;
+          continue;
+        }
         assert( zIn[0]=='\\' );
         assert( sz2>=1 );
         if( sz2<2 ){
@@ -205481,6 +207188,112 @@ static u32 jsonTranslateBlobToText(
   return i+n+sz;
 }
 
+/* Context for recursion of json_pretty()
+*/
+typedef struct JsonPretty JsonPretty;
+struct JsonPretty {
+  JsonParse *pParse;        /* The BLOB being rendered */
+  JsonString *pOut;         /* Generate pretty output into this string */
+  const char *zIndent;      /* Use this text for indentation */
+  u32 szIndent;             /* Bytes in zIndent[] */
+  u32 nIndent;              /* Current level of indentation */
+};
+
+/* Append indentation to the pretty JSON under construction */
+static void jsonPrettyIndent(JsonPretty *pPretty){
+  u32 jj;
+  for(jj=0; jjnIndent; jj++){
+    jsonAppendRaw(pPretty->pOut, pPretty->zIndent, pPretty->szIndent);
+  }
+}
+
+/*
+** Translate the binary JSONB representation of JSON beginning at
+** pParse->aBlob[i] into a JSON text string.  Append the JSON
+** text onto the end of pOut.  Return the index in pParse->aBlob[]
+** of the first byte past the end of the element that is translated.
+**
+** This is a variant of jsonTranslateBlobToText() that "pretty-prints"
+** the output.  Extra whitespace is inserted to make the JSON easier
+** for humans to read.
+**
+** If an error is detected in the BLOB input, the pOut->eErr flag
+** might get set to JSTRING_MALFORMED.  But not all BLOB input errors
+** are detected.  So a malformed JSONB input might either result
+** in an error, or in incorrect JSON.
+**
+** The pOut->eErr JSTRING_OOM flag is set on a OOM.
+*/
+static u32 jsonTranslateBlobToPrettyText(
+  JsonPretty *pPretty,       /* Pretty-printing context */
+  u32 i                      /* Start rendering at this index */
+){
+  u32 sz, n, j, iEnd;
+  const JsonParse *pParse = pPretty->pParse;
+  JsonString *pOut = pPretty->pOut;
+  n = jsonbPayloadSize(pParse, i, &sz);
+  if( n==0 ){
+    pOut->eErr |= JSTRING_MALFORMED;
+    return pParse->nBlob+1;
+  }
+  switch( pParse->aBlob[i] & 0x0f ){
+    case JSONB_ARRAY: {
+      j = i+n;
+      iEnd = j+sz;
+      jsonAppendChar(pOut, '[');
+      if( jnIndent++;
+        while( pOut->eErr==0 ){
+          jsonPrettyIndent(pPretty);
+          j = jsonTranslateBlobToPrettyText(pPretty, j);
+          if( j>=iEnd ) break;
+          jsonAppendRawNZ(pOut, ",\n", 2);
+        }
+        jsonAppendChar(pOut, '\n');
+        pPretty->nIndent--;
+        jsonPrettyIndent(pPretty);
+      }
+      jsonAppendChar(pOut, ']');
+      i = iEnd;
+      break;
+    }
+    case JSONB_OBJECT: {
+      j = i+n;
+      iEnd = j+sz;
+      jsonAppendChar(pOut, '{');
+      if( jnIndent++;
+        while( pOut->eErr==0 ){
+          jsonPrettyIndent(pPretty);
+          j = jsonTranslateBlobToText(pParse, j, pOut);
+          if( j>iEnd ){
+            pOut->eErr |= JSTRING_MALFORMED;
+            break;
+          }
+          jsonAppendRawNZ(pOut, ": ", 2);
+          j = jsonTranslateBlobToPrettyText(pPretty, j);
+          if( j>=iEnd ) break;
+          jsonAppendRawNZ(pOut, ",\n", 2);
+        }
+        jsonAppendChar(pOut, '\n');
+        pPretty->nIndent--;
+        jsonPrettyIndent(pPretty);
+      }
+      jsonAppendChar(pOut, '}');
+      i = iEnd;
+      break;
+    }
+    default: {
+      i = jsonTranslateBlobToText(pParse, i, pOut);
+      break;
+    }
+  }
+  return i;
+}
+
+
 /* Return true if the input pJson
 **
 ** For performance reasons, this routine does not do a detailed check of the
@@ -206509,8 +208322,9 @@ static JsonParse *jsonParseFuncArg(
   }
   p->zJson = (char*)sqlite3_value_text(pArg);
   p->nJson = sqlite3_value_bytes(pArg);
+  if( db->mallocFailed ) goto json_pfa_oom;
   if( p->nJson==0 ) goto json_pfa_malformed;
-  if( NEVER(p->zJson==0) ) goto json_pfa_oom;
+  assert( p->zJson!=0 );
   if( jsonConvertTextToBlob(p, (flgs & JSON_KEEPERROR) ? 0 : ctx) ){
     if( flgs & JSON_KEEPERROR ){
       p->nErr = 1;
@@ -206676,10 +208490,10 @@ static void jsonDebugPrintBlob(
       if( sz==0 && x<=JSONB_FALSE ){
         sqlite3_str_append(pOut, "\n", 1);
       }else{
-        u32 i;
+        u32 j;
         sqlite3_str_appendall(pOut, ": \"");
-        for(i=iStart+n; iaBlob[i];
+        for(j=iStart+n; jaBlob[j];
           if( c<0x20 || c>=0x7f ) c = '.';
           sqlite3_str_append(pOut, (char*)&c, 1);
         }
@@ -206730,11 +208544,12 @@ static void jsonParseFunc(
   if( p==0 ) return;
   if( argc==1 ){
     jsonDebugPrintBlob(p, 0, p->nBlob, 0, &out);
-    sqlite3_result_text64(ctx, out.zText, out.nChar, SQLITE_DYNAMIC, SQLITE_UTF8);
+    sqlite3_result_text64(ctx,out.zText,out.nChar,SQLITE_TRANSIENT,SQLITE_UTF8);
   }else{
     jsonShowParse(p);
   }
   jsonParseFree(p);
+  sqlite3_str_reset(&out);
 }
 #endif /* SQLITE_DEBUG */
 
@@ -206833,13 +208648,6 @@ static void jsonArrayLengthFunc(
   jsonParseFree(p);
 }
 
-/* True if the string is all digits */
-static int jsonAllDigits(const char *z, int n){
-  int i;
-  for(i=0; i  $[NUMBER]     // Not PG.  Purely for convenience
       */
       jsonStringInit(&jx, ctx);
-      if( jsonAllDigits(zPath, nPath) ){
+      if( sqlite3_value_type(argv[i])==SQLITE_INTEGER ){
         jsonAppendRawNZ(&jx, "[", 1);
         jsonAppendRaw(&jx, zPath, nPath);
         jsonAppendRawNZ(&jx, "]", 2);
@@ -207398,6 +209206,40 @@ static void jsonTypeFunc(
   jsonParseFree(p);
 }
 
+/*
+** json_pretty(JSON)
+** json_pretty(JSON, INDENT)
+**
+** Return text that is a pretty-printed rendering of the input JSON.
+** If the argument is not valid JSON, return NULL.
+**
+** The INDENT argument is text that is used for indentation.  If omitted,
+** it defaults to four spaces (the same as PostgreSQL).
+*/
+static void jsonPrettyFunc(
+  sqlite3_context *ctx,
+  int argc,
+  sqlite3_value **argv
+){
+  JsonString s;          /* The output string */
+  JsonPretty x;          /* Pretty printing context */
+
+  memset(&x, 0, sizeof(x));
+  x.pParse = jsonParseFuncArg(ctx, argv[0], 0);
+  if( x.pParse==0 ) return;
+  x.pOut = &s;
+  jsonStringInit(&s, ctx);
+  if( argc==1 || (x.zIndent = (const char*)sqlite3_value_text(argv[1]))==0 ){
+    x.zIndent = "    ";
+    x.szIndent = 4;
+  }else{
+    x.szIndent = (u32)strlen(x.zIndent);
+  }
+  jsonTranslateBlobToPrettyText(&x, 0);
+  jsonReturnString(&s, 0, 0);
+  jsonParseFree(x.pParse);
+}
+
 /*
 ** json_valid(JSON)
 ** json_valid(JSON, FLAGS)
@@ -208087,6 +209929,9 @@ static int jsonEachColumn(
     case JEACH_VALUE: {
       u32 i = jsonSkipLabel(p);
       jsonReturnFromBlob(&p->sParse, i, ctx, 1);
+      if( (p->sParse.aBlob[i] & 0x0f)>=JSONB_ARRAY ){
+        sqlite3_result_subtype(ctx, JSON_SUBTYPE);
+      }
       break;
     }
     case JEACH_TYPE: {
@@ -208133,9 +209978,9 @@ static int jsonEachColumn(
     case JEACH_JSON: {
       if( p->sParse.zJson==0 ){
         sqlite3_result_blob(ctx, p->sParse.aBlob, p->sParse.nBlob,
-                            SQLITE_STATIC);
+                            SQLITE_TRANSIENT);
       }else{
-        sqlite3_result_text(ctx, p->sParse.zJson, -1, SQLITE_STATIC);
+        sqlite3_result_text(ctx, p->sParse.zJson, -1, SQLITE_TRANSIENT);
       }
       break;
     }
@@ -208409,6 +210254,8 @@ SQLITE_PRIVATE void sqlite3RegisterJsonFunctions(void){
     JFUNCTION(jsonb_object,      -1,0,1, 1,1,0,          jsonObjectFunc),
     JFUNCTION(json_patch,         2,1,1, 0,0,0,          jsonPatchFunc),
     JFUNCTION(jsonb_patch,        2,1,0, 0,1,0,          jsonPatchFunc),
+    JFUNCTION(json_pretty,        1,1,0, 0,0,0,          jsonPrettyFunc),
+    JFUNCTION(json_pretty,        2,1,0, 0,0,0,          jsonPrettyFunc),
     JFUNCTION(json_quote,         1,0,1, 1,0,0,          jsonQuoteFunc),
     JFUNCTION(json_remove,       -1,1,1, 0,0,0,          jsonRemoveFunc),
     JFUNCTION(jsonb_remove,      -1,1,0, 0,1,0,          jsonRemoveFunc),
@@ -209161,11 +211008,9 @@ static RtreeNode *nodeNew(Rtree *pRtree, RtreeNode *pParent){
 ** Clear the Rtree.pNodeBlob object
 */
 static void nodeBlobReset(Rtree *pRtree){
-  if( pRtree->pNodeBlob && pRtree->inWrTrans==0 && pRtree->nCursor==0 ){
-    sqlite3_blob *pBlob = pRtree->pNodeBlob;
-    pRtree->pNodeBlob = 0;
-    sqlite3_blob_close(pBlob);
-  }
+  sqlite3_blob *pBlob = pRtree->pNodeBlob;
+  pRtree->pNodeBlob = 0;
+  sqlite3_blob_close(pBlob);
 }
 
 /*
@@ -209209,7 +211054,6 @@ static int nodeAcquire(
                            &pRtree->pNodeBlob);
   }
   if( rc ){
-    nodeBlobReset(pRtree);
     *ppNode = 0;
     /* If unable to open an sqlite3_blob on the desired row, that can only
     ** be because the shadow tables hold erroneous data. */
@@ -209269,6 +211113,7 @@ static int nodeAcquire(
     }
     *ppNode = pNode;
   }else{
+    nodeBlobReset(pRtree);
     if( pNode ){
       pRtree->nNodeRef--;
       sqlite3_free(pNode);
@@ -209413,6 +211258,7 @@ static void nodeGetCoord(
   int iCoord,                  /* Which coordinate to extract */
   RtreeCoord *pCoord           /* OUT: Space to write result to */
 ){
+  assert( iCellzData[12 + pRtree->nBytesPerCell*iCell + 4*iCoord], pCoord);
 }
 
@@ -209602,7 +211448,9 @@ static int rtreeClose(sqlite3_vtab_cursor *cur){
   sqlite3_finalize(pCsr->pReadAux);
   sqlite3_free(pCsr);
   pRtree->nCursor--;
-  nodeBlobReset(pRtree);
+  if( pRtree->nCursor==0 && pRtree->inWrTrans==0 ){
+    nodeBlobReset(pRtree);
+  }
   return SQLITE_OK;
 }
 
@@ -210187,7 +212035,11 @@ static int rtreeRowid(sqlite3_vtab_cursor *pVtabCursor, sqlite_int64 *pRowid){
   int rc = SQLITE_OK;
   RtreeNode *pNode = rtreeNodeOfFirstSearchPoint(pCsr, &rc);
   if( rc==SQLITE_OK && ALWAYS(p) ){
-    *pRowid = nodeGetRowid(RTREE_OF_CURSOR(pCsr), pNode, p->iCell);
+    if( p->iCell>=NCELL(pNode) ){
+      rc = SQLITE_ABORT;
+    }else{
+      *pRowid = nodeGetRowid(RTREE_OF_CURSOR(pCsr), pNode, p->iCell);
+    }
   }
   return rc;
 }
@@ -210205,6 +212057,7 @@ static int rtreeColumn(sqlite3_vtab_cursor *cur, sqlite3_context *ctx, int i){
 
   if( rc ) return rc;
   if( NEVER(p==0) ) return SQLITE_OK;
+  if( p->iCell>=NCELL(pNode) ) return SQLITE_ABORT;
   if( i==0 ){
     sqlite3_result_int64(ctx, nodeGetRowid(pRtree, pNode, p->iCell));
   }else if( i<=pRtree->nDim2 ){
@@ -210302,6 +212155,8 @@ static int deserializeGeometry(sqlite3_value *pValue, RtreeConstraint *pCons){
   return SQLITE_OK;
 }
 
+SQLITE_PRIVATE int sqlite3IntFloatCompare(i64,double);
+
 /*
 ** Rtree virtual table module xFilter method.
 */
@@ -210331,7 +212186,8 @@ static int rtreeFilter(
     i64 iNode = 0;
     int eType = sqlite3_value_numeric_type(argv[0]);
     if( eType==SQLITE_INTEGER
-     || (eType==SQLITE_FLOAT && sqlite3_value_double(argv[0])==iRowid)
+     || (eType==SQLITE_FLOAT
+         && 0==sqlite3IntFloatCompare(iRowid,sqlite3_value_double(argv[0])))
     ){
       rc = findLeafNode(pRtree, iRowid, &pLeaf, &iNode);
     }else{
@@ -211687,7 +213543,7 @@ static int rtreeUpdate(
 static int rtreeBeginTransaction(sqlite3_vtab *pVtab){
   Rtree *pRtree = (Rtree *)pVtab;
   assert( pRtree->inWrTrans==0 );
-  pRtree->inWrTrans++;
+  pRtree->inWrTrans = 1;
   return SQLITE_OK;
 }
 
@@ -211701,6 +213557,9 @@ static int rtreeEndTransaction(sqlite3_vtab *pVtab){
   nodeBlobReset(pRtree);
   return SQLITE_OK;
 }
+static int rtreeRollback(sqlite3_vtab *pVtab){
+  return rtreeEndTransaction(pVtab);
+}
 
 /*
 ** The xRename method for rtree module virtual tables.
@@ -211819,7 +213678,7 @@ static sqlite3_module rtreeModule = {
   rtreeBeginTransaction,      /* xBegin - begin transaction */
   rtreeEndTransaction,        /* xSync - sync transaction */
   rtreeEndTransaction,        /* xCommit - commit transaction */
-  rtreeEndTransaction,        /* xRollback - rollback transaction */
+  rtreeRollback,              /* xRollback - rollback transaction */
   0,                          /* xFindFunction - function overloading */
   rtreeRename,                /* xRename - rename the table */
   rtreeSavepoint,             /* xSavepoint */
@@ -215238,7 +217097,7 @@ static void icuLoadCollation(
   UCollator *pUCollator;    /* ICU library collation object */
   int rc;                   /* Return code from sqlite3_create_collation_x() */
 
-  assert(nArg==2);
+  assert(nArg==2 || nArg==3);
   (void)nArg; /* Unused parameter */
   zLocale = (const char *)sqlite3_value_text(apArg[0]);
   zName = (const char *)sqlite3_value_text(apArg[1]);
@@ -215253,7 +217112,39 @@ static void icuLoadCollation(
     return;
   }
   assert(p);
-
+  if(nArg==3){
+    const char *zOption = (const char*)sqlite3_value_text(apArg[2]);
+    static const struct {
+       const char *zName;
+       UColAttributeValue val;
+    } aStrength[] = {
+      {  "PRIMARY",      UCOL_PRIMARY           },
+      {  "SECONDARY",    UCOL_SECONDARY         },
+      {  "TERTIARY",     UCOL_TERTIARY          },
+      {  "DEFAULT",      UCOL_DEFAULT_STRENGTH  },
+      {  "QUARTERNARY",  UCOL_QUATERNARY        },
+      {  "IDENTICAL",    UCOL_IDENTICAL         },
+    };
+    unsigned int i;
+    for(i=0; i=sizeof(aStrength)/sizeof(aStrength[0]) ){
+      sqlite3_str *pStr = sqlite3_str_new(sqlite3_context_db_handle(p));
+      sqlite3_str_appendf(pStr,
+         "unknown collation strength \"%s\" - should be one of:",
+         zOption);
+      for(i=0; ipTblIter, &p->zErrmsg);
           pIter->zTbl = 0;
+          pIter->zDataTbl = 0;
         }else{
           pIter->zTbl = (const char*)sqlite3_column_text(pIter->pTblIter, 0);
           pIter->zDataTbl = (const char*)sqlite3_column_text(pIter->pTblIter,1);
@@ -219206,7 +221100,7 @@ static i64 rbuShmChecksum(sqlite3rbu *p){
     u32 volatile *ptr;
     p->rc = pDb->pMethods->xShmMap(pDb, 0, 32*1024, 0, (void volatile**)&ptr);
     if( p->rc==SQLITE_OK ){
-      iRet = ((i64)ptr[10] << 32) + ptr[11];
+      iRet = (i64)(((u64)ptr[10] << 32) + ptr[11]);
     }
   }
   return iRet;
@@ -226677,14 +228571,14 @@ static int sessionChangesetNextOne(
   p->rc = sessionInputBuffer(&p->in, 2);
   if( p->rc!=SQLITE_OK ) return p->rc;
 
+  sessionDiscardData(&p->in);
+  p->in.iCurrent = p->in.iNext;
+
   /* If the iterator is already at the end of the changeset, return DONE. */
   if( p->in.iNext>=p->in.nData ){
     return SQLITE_DONE;
   }
 
-  sessionDiscardData(&p->in);
-  p->in.iCurrent = p->in.iNext;
-
   op = p->in.aData[p->in.iNext++];
   while( op=='T' || op=='P' ){
     if( pbNew ) *pbNew = 1;
@@ -228419,6 +230313,7 @@ struct sqlite3_changegroup {
   int rc;                         /* Error code */
   int bPatch;                     /* True to accumulate patchsets */
   SessionTable *pList;            /* List of tables in current patch */
+  SessionBuffer rec;
 
   sqlite3 *db;                    /* Configured by changegroup_schema() */
   char *zDb;                      /* Configured by changegroup_schema() */
@@ -228717,108 +230612,128 @@ static int sessionChangesetExtendRecord(
 }
 
 /*
-** Add all changes in the changeset traversed by the iterator passed as
-** the first argument to the changegroup hash tables.
+** Locate or create a SessionTable object that may be used to add the
+** change currently pointed to by iterator pIter to changegroup pGrp.
+** If successful, set output variable (*ppTab) to point to the table
+** object and return SQLITE_OK. Otherwise, if some error occurs, return
+** an SQLite error code and leave (*ppTab) set to NULL.
 */
-static int sessionChangesetToHash(
-  sqlite3_changeset_iter *pIter,   /* Iterator to read from */
-  sqlite3_changegroup *pGrp,       /* Changegroup object to add changeset to */
-  int bRebase                      /* True if hash table is for rebasing */
+static int sessionChangesetFindTable(
+  sqlite3_changegroup *pGrp,
+  const char *zTab,
+  sqlite3_changeset_iter *pIter,
+  SessionTable **ppTab
 ){
-  u8 *aRec;
-  int nRec;
   int rc = SQLITE_OK;
   SessionTable *pTab = 0;
-  SessionBuffer rec = {0, 0, 0};
-
-  while( SQLITE_ROW==sessionChangesetNext(pIter, &aRec, &nRec, 0) ){
-    const char *zNew;
-    int nCol;
-    int op;
-    int iHash;
-    int bIndirect;
-    SessionChange *pChange;
-    SessionChange *pExist = 0;
-    SessionChange **pp;
-
-    /* Ensure that only changesets, or only patchsets, but not a mixture
-    ** of both, are being combined. It is an error to try to combine a
-    ** changeset and a patchset.  */
-    if( pGrp->pList==0 ){
-      pGrp->bPatch = pIter->bPatchset;
-    }else if( pIter->bPatchset!=pGrp->bPatch ){
-      rc = SQLITE_ERROR;
-      break;
-    }
+  int nTab = (int)strlen(zTab);
+  u8 *abPK = 0;
+  int nCol = 0;
 
-    sqlite3changeset_op(pIter, &zNew, &nCol, &op, &bIndirect);
-    if( !pTab || sqlite3_stricmp(zNew, pTab->zName) ){
-      /* Search the list for a matching table */
-      int nNew = (int)strlen(zNew);
-      u8 *abPK;
+  *ppTab = 0;
+  sqlite3changeset_pk(pIter, &abPK, &nCol);
 
-      sqlite3changeset_pk(pIter, &abPK, 0);
-      for(pTab = pGrp->pList; pTab; pTab=pTab->pNext){
-        if( 0==sqlite3_strnicmp(pTab->zName, zNew, nNew+1) ) break;
-      }
-      if( !pTab ){
-        SessionTable **ppTab;
+  /* Search the list for an existing table */
+  for(pTab = pGrp->pList; pTab; pTab=pTab->pNext){
+    if( 0==sqlite3_strnicmp(pTab->zName, zTab, nTab+1) ) break;
+  }
 
-        pTab = sqlite3_malloc64(sizeof(SessionTable) + nCol + nNew+1);
-        if( !pTab ){
-          rc = SQLITE_NOMEM;
-          break;
-        }
-        memset(pTab, 0, sizeof(SessionTable));
-        pTab->nCol = nCol;
-        pTab->abPK = (u8*)&pTab[1];
-        memcpy(pTab->abPK, abPK, nCol);
-        pTab->zName = (char*)&pTab->abPK[nCol];
-        memcpy(pTab->zName, zNew, nNew+1);
-
-        if( pGrp->db ){
-          pTab->nCol = 0;
-          rc = sessionInitTable(0, pTab, pGrp->db, pGrp->zDb);
-          if( rc ){
-            assert( pTab->azCol==0 );
-            sqlite3_free(pTab);
-            break;
-          }
-        }
+  /* If one was not found above, create a new table now */
+  if( !pTab ){
+    SessionTable **ppNew;
 
-        /* The new object must be linked on to the end of the list, not
-        ** simply added to the start of it. This is to ensure that the
-        ** tables within the output of sqlite3changegroup_output() are in
-        ** the right order.  */
-        for(ppTab=&pGrp->pList; *ppTab; ppTab=&(*ppTab)->pNext);
-        *ppTab = pTab;
-      }
+    pTab = sqlite3_malloc64(sizeof(SessionTable) + nCol + nTab+1);
+    if( !pTab ){
+      return SQLITE_NOMEM;
+    }
+    memset(pTab, 0, sizeof(SessionTable));
+    pTab->nCol = nCol;
+    pTab->abPK = (u8*)&pTab[1];
+    memcpy(pTab->abPK, abPK, nCol);
+    pTab->zName = (char*)&pTab->abPK[nCol];
+    memcpy(pTab->zName, zTab, nTab+1);
 
-      if( !sessionChangesetCheckCompat(pTab, nCol, abPK) ){
-        rc = SQLITE_SCHEMA;
-        break;
+    if( pGrp->db ){
+      pTab->nCol = 0;
+      rc = sessionInitTable(0, pTab, pGrp->db, pGrp->zDb);
+      if( rc ){
+        assert( pTab->azCol==0 );
+        sqlite3_free(pTab);
+        return rc;
       }
     }
 
-    if( nColnCol ){
-      assert( pGrp->db );
-      rc = sessionChangesetExtendRecord(pGrp, pTab, nCol, op, aRec, nRec, &rec);
-      if( rc ) break;
-      aRec = rec.aBuf;
-      nRec = rec.nBuf;
-    }
+    /* The new object must be linked on to the end of the list, not
+    ** simply added to the start of it. This is to ensure that the
+    ** tables within the output of sqlite3changegroup_output() are in
+    ** the right order.  */
+    for(ppNew=&pGrp->pList; *ppNew; ppNew=&(*ppNew)->pNext);
+    *ppNew = pTab;
+  }
 
-    if( sessionGrowHash(0, pIter->bPatchset, pTab) ){
-      rc = SQLITE_NOMEM;
-      break;
-    }
+  /* Check that the table is compatible. */
+  if( !sessionChangesetCheckCompat(pTab, nCol, abPK) ){
+    rc = SQLITE_SCHEMA;
+  }
+
+  *ppTab = pTab;
+  return rc;
+}
+
+/*
+** Add the change currently indicated by iterator pIter to the hash table
+** belonging to changegroup pGrp.
+*/
+static int sessionOneChangeToHash(
+  sqlite3_changegroup *pGrp,
+  sqlite3_changeset_iter *pIter,
+  int bRebase
+){
+  int rc = SQLITE_OK;
+  int nCol = 0;
+  int op = 0;
+  int iHash = 0;
+  int bIndirect = 0;
+  SessionChange *pChange = 0;
+  SessionChange *pExist = 0;
+  SessionChange **pp = 0;
+  SessionTable *pTab = 0;
+  u8 *aRec = &pIter->in.aData[pIter->in.iCurrent + 2];
+  int nRec = (pIter->in.iNext - pIter->in.iCurrent) - 2;
+
+  /* Ensure that only changesets, or only patchsets, but not a mixture
+  ** of both, are being combined. It is an error to try to combine a
+  ** changeset and a patchset.  */
+  if( pGrp->pList==0 ){
+    pGrp->bPatch = pIter->bPatchset;
+  }else if( pIter->bPatchset!=pGrp->bPatch ){
+    rc = SQLITE_ERROR;
+  }
+
+  if( rc==SQLITE_OK ){
+    const char *zTab = 0;
+    sqlite3changeset_op(pIter, &zTab, &nCol, &op, &bIndirect);
+    rc = sessionChangesetFindTable(pGrp, zTab, pIter, &pTab);
+  }
+
+  if( rc==SQLITE_OK && nColnCol ){
+    SessionBuffer *pBuf = &pGrp->rec;
+    rc = sessionChangesetExtendRecord(pGrp, pTab, nCol, op, aRec, nRec, pBuf);
+    aRec = pBuf->aBuf;
+    nRec = pBuf->nBuf;
+    assert( pGrp->db );
+  }
+
+  if( rc==SQLITE_OK && sessionGrowHash(0, pIter->bPatchset, pTab) ){
+    rc = SQLITE_NOMEM;
+  }
+
+  if( rc==SQLITE_OK ){
+    /* Search for existing entry. If found, remove it from the hash table.
+    ** Code below may link it back in.  */
     iHash = sessionChangeHash(
         pTab, (pIter->bPatchset && op==SQLITE_DELETE), aRec, pTab->nChange
     );
-
-    /* Search for existing entry. If found, remove it from the hash table.
-    ** Code below may link it back in.
-    */
     for(pp=&pTab->apChange[iHash]; *pp; pp=&(*pp)->pNext){
       int bPkOnly1 = 0;
       int bPkOnly2 = 0;
@@ -228833,19 +230748,41 @@ static int sessionChangesetToHash(
         break;
       }
     }
+  }
 
+  if( rc==SQLITE_OK ){
     rc = sessionChangeMerge(pTab, bRebase,
         pIter->bPatchset, pExist, op, bIndirect, aRec, nRec, &pChange
     );
-    if( rc ) break;
-    if( pChange ){
-      pChange->pNext = pTab->apChange[iHash];
-      pTab->apChange[iHash] = pChange;
-      pTab->nEntry++;
-    }
+  }
+  if( rc==SQLITE_OK && pChange ){
+    pChange->pNext = pTab->apChange[iHash];
+    pTab->apChange[iHash] = pChange;
+    pTab->nEntry++;
+  }
+
+  if( rc==SQLITE_OK ) rc = pIter->rc;
+  return rc;
+}
+
+/*
+** Add all changes in the changeset traversed by the iterator passed as
+** the first argument to the changegroup hash tables.
+*/
+static int sessionChangesetToHash(
+  sqlite3_changeset_iter *pIter,   /* Iterator to read from */
+  sqlite3_changegroup *pGrp,       /* Changegroup object to add changeset to */
+  int bRebase                      /* True if hash table is for rebasing */
+){
+  u8 *aRec;
+  int nRec;
+  int rc = SQLITE_OK;
+
+  while( SQLITE_ROW==(sessionChangesetNext(pIter, &aRec, &nRec, 0)) ){
+    rc = sessionOneChangeToHash(pGrp, pIter, bRebase);
+    if( rc!=SQLITE_OK ) break;
   }
 
-  sqlite3_free(rec.aBuf);
   if( rc==SQLITE_OK ) rc = pIter->rc;
   return rc;
 }
@@ -228973,6 +230910,23 @@ SQLITE_API int sqlite3changegroup_add(sqlite3_changegroup *pGrp, int nData, void
   return rc;
 }
 
+/*
+** Add a single change to a changeset-group.
+*/
+SQLITE_API int sqlite3changegroup_add_change(
+  sqlite3_changegroup *pGrp,
+  sqlite3_changeset_iter *pIter
+){
+  if( pIter->in.iCurrent==pIter->in.iNext
+   || pIter->rc!=SQLITE_OK
+   || pIter->bInvert
+  ){
+    /* Iterator does not point to any valid entry or is an INVERT iterator. */
+    return SQLITE_ERROR;
+  }
+  return sessionOneChangeToHash(pGrp, pIter, 0);
+}
+
 /*
 ** Obtain a buffer containing a changeset representing the concatenation
 ** of all changesets added to the group so far.
@@ -229022,6 +230976,7 @@ SQLITE_API void sqlite3changegroup_delete(sqlite3_changegroup *pGrp){
   if( pGrp ){
     sqlite3_free(pGrp->zDb);
     sessionDeleteTable(0, pGrp->pList);
+    sqlite3_free(pGrp->rec.aBuf);
     sqlite3_free(pGrp);
   }
 }
@@ -229423,6 +231378,7 @@ SQLITE_API int sqlite3rebaser_rebase_strm(
 SQLITE_API void sqlite3rebaser_delete(sqlite3_rebaser *p){
   if( p ){
     sessionDeleteTable(0, p->grp.pList);
+    sqlite3_free(p->grp.rec.aBuf);
     sqlite3_free(p);
   }
 }
@@ -229520,8 +231476,8 @@ struct Fts5PhraseIter {
 ** EXTENSION API FUNCTIONS
 **
 ** xUserData(pFts):
-**   Return a copy of the context pointer the extension function was
-**   registered with.
+**   Return a copy of the pUserData pointer passed to the xCreateFunction()
+**   API when the extension function was registered.
 **
 ** xColumnTotalSize(pFts, iCol, pnToken):
 **   If parameter iCol is less than zero, set output variable *pnToken
@@ -231117,6 +233073,9 @@ static void sqlite3Fts5UnicodeAscii(u8*, u8*);
 **    sqlite3Fts5ParserARG_STORE     Code to store %extra_argument into fts5yypParser
 **    sqlite3Fts5ParserARG_FETCH     Code to extract %extra_argument from fts5yypParser
 **    sqlite3Fts5ParserCTX_*         As sqlite3Fts5ParserARG_ except for %extra_context
+**    fts5YYREALLOC          Name of the realloc() function to use
+**    fts5YYFREE             Name of the free() function to use
+**    fts5YYDYNSTACK         True if stack space should be extended on heap
 **    fts5YYERRORSYMBOL      is the code number of the error symbol.  If not
 **                       defined, then do no error processing.
 **    fts5YYNSTATE           the combined number of states.
@@ -231130,6 +233089,8 @@ static void sqlite3Fts5UnicodeAscii(u8*, u8*);
 **    fts5YY_NO_ACTION       The fts5yy_action[] code for no-op
 **    fts5YY_MIN_REDUCE      Minimum value for reduce actions
 **    fts5YY_MAX_REDUCE      Maximum value for reduce actions
+**    fts5YY_MIN_DSTRCTR     Minimum symbol value that has a destructor
+**    fts5YY_MAX_DSTRCTR     Maximum symbol value that has a destructor
 */
 #ifndef INTERFACE
 # define INTERFACE 1
@@ -231156,6 +233117,9 @@ typedef union {
 #define sqlite3Fts5ParserARG_PARAM ,pParse
 #define sqlite3Fts5ParserARG_FETCH Fts5Parse *pParse=fts5yypParser->pParse;
 #define sqlite3Fts5ParserARG_STORE fts5yypParser->pParse=pParse;
+#define fts5YYREALLOC realloc
+#define fts5YYFREE free
+#define fts5YYDYNSTACK 0
 #define sqlite3Fts5ParserCTX_SDECL
 #define sqlite3Fts5ParserCTX_PDECL
 #define sqlite3Fts5ParserCTX_PARAM
@@ -231173,6 +233137,8 @@ typedef union {
 #define fts5YY_NO_ACTION         82
 #define fts5YY_MIN_REDUCE        83
 #define fts5YY_MAX_REDUCE        110
+#define fts5YY_MIN_DSTRCTR       16
+#define fts5YY_MAX_DSTRCTR       24
 /************* End control #defines *******************************************/
 #define fts5YY_NLOOKAHEAD ((int)(sizeof(fts5yy_lookahead)/sizeof(fts5yy_lookahead[0])))
 
@@ -231188,6 +233154,22 @@ typedef union {
 # define fts5yytestcase(X)
 #endif
 
+/* Macro to determine if stack space has the ability to grow using
+** heap memory.
+*/
+#if fts5YYSTACKDEPTH<=0 || fts5YYDYNSTACK
+# define fts5YYGROWABLESTACK 1
+#else
+# define fts5YYGROWABLESTACK 0
+#endif
+
+/* Guarantee a minimum number of initial stack slots.
+*/
+#if fts5YYSTACKDEPTH<=0
+# undef fts5YYSTACKDEPTH
+# define fts5YYSTACKDEPTH 2  /* Need a minimum stack size */
+#endif
+
 
 /* Next are the tables used to determine what action to take based on the
 ** current state and lookahead token.  These tables are used to implement
@@ -231348,14 +233330,9 @@ struct fts5yyParser {
 #endif
   sqlite3Fts5ParserARG_SDECL                /* A place to hold %extra_argument */
   sqlite3Fts5ParserCTX_SDECL                /* A place to hold %extra_context */
-#if fts5YYSTACKDEPTH<=0
-  int fts5yystksz;                  /* Current side of the stack */
-  fts5yyStackEntry *fts5yystack;        /* The parser's stack */
-  fts5yyStackEntry fts5yystk0;          /* First stack entry */
-#else
-  fts5yyStackEntry fts5yystack[fts5YYSTACKDEPTH];  /* The parser's stack */
-  fts5yyStackEntry *fts5yystackEnd;            /* Last entry in the stack */
-#endif
+  fts5yyStackEntry *fts5yystackEnd;           /* Last entry in the stack */
+  fts5yyStackEntry *fts5yystack;              /* The parser stack */
+  fts5yyStackEntry fts5yystk0[fts5YYSTACKDEPTH];  /* Initial stack space */
 };
 typedef struct fts5yyParser fts5yyParser;
 
@@ -231462,37 +233439,45 @@ static const char *const fts5yyRuleName[] = {
 #endif /* NDEBUG */
 
 
-#if fts5YYSTACKDEPTH<=0
+#if fts5YYGROWABLESTACK
 /*
 ** Try to increase the size of the parser stack.  Return the number
 ** of errors.  Return 0 on success.
 */
 static int fts5yyGrowStack(fts5yyParser *p){
+  int oldSize = 1 + (int)(p->fts5yystackEnd - p->fts5yystack);
   int newSize;
   int idx;
   fts5yyStackEntry *pNew;
 
-  newSize = p->fts5yystksz*2 + 100;
-  idx = p->fts5yytos ? (int)(p->fts5yytos - p->fts5yystack) : 0;
-  if( p->fts5yystack==&p->fts5yystk0 ){
-    pNew = malloc(newSize*sizeof(pNew[0]));
-    if( pNew ) pNew[0] = p->fts5yystk0;
+  newSize = oldSize*2 + 100;
+  idx = (int)(p->fts5yytos - p->fts5yystack);
+  if( p->fts5yystack==p->fts5yystk0 ){
+    pNew = fts5YYREALLOC(0, newSize*sizeof(pNew[0]));
+    if( pNew==0 ) return 1;
+    memcpy(pNew, p->fts5yystack, oldSize*sizeof(pNew[0]));
   }else{
-    pNew = realloc(p->fts5yystack, newSize*sizeof(pNew[0]));
+    pNew = fts5YYREALLOC(p->fts5yystack, newSize*sizeof(pNew[0]));
+    if( pNew==0 ) return 1;
   }
-  if( pNew ){
-    p->fts5yystack = pNew;
-    p->fts5yytos = &p->fts5yystack[idx];
+  p->fts5yystack = pNew;
+  p->fts5yytos = &p->fts5yystack[idx];
 #ifndef NDEBUG
-    if( fts5yyTraceFILE ){
-      fprintf(fts5yyTraceFILE,"%sStack grows from %d to %d entries.\n",
-              fts5yyTracePrompt, p->fts5yystksz, newSize);
-    }
-#endif
-    p->fts5yystksz = newSize;
+  if( fts5yyTraceFILE ){
+    fprintf(fts5yyTraceFILE,"%sStack grows from %d to %d entries.\n",
+            fts5yyTracePrompt, oldSize, newSize);
   }
-  return pNew==0;
+#endif
+  p->fts5yystackEnd = &p->fts5yystack[newSize-1];
+  return 0;
 }
+#endif /* fts5YYGROWABLESTACK */
+
+#if !fts5YYGROWABLESTACK
+/* For builds that do no have a growable stack, fts5yyGrowStack always
+** returns an error.
+*/
+# define fts5yyGrowStack(X) 1
 #endif
 
 /* Datatype of the argument to the memory allocated passed as the
@@ -231512,24 +233497,14 @@ static void sqlite3Fts5ParserInit(void *fts5yypRawParser sqlite3Fts5ParserCTX_PD
 #ifdef fts5YYTRACKMAXSTACKDEPTH
   fts5yypParser->fts5yyhwm = 0;
 #endif
-#if fts5YYSTACKDEPTH<=0
-  fts5yypParser->fts5yytos = NULL;
-  fts5yypParser->fts5yystack = NULL;
-  fts5yypParser->fts5yystksz = 0;
-  if( fts5yyGrowStack(fts5yypParser) ){
-    fts5yypParser->fts5yystack = &fts5yypParser->fts5yystk0;
-    fts5yypParser->fts5yystksz = 1;
-  }
-#endif
+  fts5yypParser->fts5yystack = fts5yypParser->fts5yystk0;
+  fts5yypParser->fts5yystackEnd = &fts5yypParser->fts5yystack[fts5YYSTACKDEPTH-1];
 #ifndef fts5YYNOERRORRECOVERY
   fts5yypParser->fts5yyerrcnt = -1;
 #endif
   fts5yypParser->fts5yytos = fts5yypParser->fts5yystack;
   fts5yypParser->fts5yystack[0].stateno = 0;
   fts5yypParser->fts5yystack[0].major = 0;
-#if fts5YYSTACKDEPTH>0
-  fts5yypParser->fts5yystackEnd = &fts5yypParser->fts5yystack[fts5YYSTACKDEPTH-1];
-#endif
 }
 
 #ifndef sqlite3Fts5Parser_ENGINEALWAYSONSTACK
@@ -231643,9 +233618,26 @@ static void fts5yy_pop_parser_stack(fts5yyParser *pParser){
 */
 static void sqlite3Fts5ParserFinalize(void *p){
   fts5yyParser *pParser = (fts5yyParser*)p;
-  while( pParser->fts5yytos>pParser->fts5yystack ) fts5yy_pop_parser_stack(pParser);
-#if fts5YYSTACKDEPTH<=0
-  if( pParser->fts5yystack!=&pParser->fts5yystk0 ) free(pParser->fts5yystack);
+
+  /* In-lined version of calling fts5yy_pop_parser_stack() for each
+  ** element left in the stack */
+  fts5yyStackEntry *fts5yytos = pParser->fts5yytos;
+  while( fts5yytos>pParser->fts5yystack ){
+#ifndef NDEBUG
+    if( fts5yyTraceFILE ){
+      fprintf(fts5yyTraceFILE,"%sPopping %s\n",
+        fts5yyTracePrompt,
+        fts5yyTokenName[fts5yytos->major]);
+    }
+#endif
+    if( fts5yytos->major>=fts5YY_MIN_DSTRCTR ){
+      fts5yy_destructor(pParser, fts5yytos->major, &fts5yytos->minor);
+    }
+    fts5yytos--;
+  }
+
+#if fts5YYGROWABLESTACK
+  if( pParser->fts5yystack!=pParser->fts5yystk0 ) fts5YYFREE(pParser->fts5yystack);
 #endif
 }
 
@@ -231872,25 +233864,19 @@ static void fts5yy_shift(
     assert( fts5yypParser->fts5yyhwm == (int)(fts5yypParser->fts5yytos - fts5yypParser->fts5yystack) );
   }
 #endif
-#if fts5YYSTACKDEPTH>0
-  if( fts5yypParser->fts5yytos>fts5yypParser->fts5yystackEnd ){
-    fts5yypParser->fts5yytos--;
-    fts5yyStackOverflow(fts5yypParser);
-    return;
-  }
-#else
-  if( fts5yypParser->fts5yytos>=&fts5yypParser->fts5yystack[fts5yypParser->fts5yystksz] ){
+  fts5yytos = fts5yypParser->fts5yytos;
+  if( fts5yytos>fts5yypParser->fts5yystackEnd ){
     if( fts5yyGrowStack(fts5yypParser) ){
       fts5yypParser->fts5yytos--;
       fts5yyStackOverflow(fts5yypParser);
       return;
     }
+    fts5yytos = fts5yypParser->fts5yytos;
+    assert( fts5yytos <= fts5yypParser->fts5yystackEnd );
   }
-#endif
   if( fts5yyNewState > fts5YY_MAX_SHIFT ){
     fts5yyNewState += fts5YY_MIN_REDUCE - fts5YY_MIN_SHIFTREDUCE;
   }
-  fts5yytos = fts5yypParser->fts5yytos;
   fts5yytos->stateno = fts5yyNewState;
   fts5yytos->major = fts5yyMajor;
   fts5yytos->minor.fts5yy0 = fts5yyMinor;
@@ -232327,19 +234313,12 @@ static void sqlite3Fts5Parser(
                   (int)(fts5yypParser->fts5yytos - fts5yypParser->fts5yystack));
         }
 #endif
-#if fts5YYSTACKDEPTH>0
         if( fts5yypParser->fts5yytos>=fts5yypParser->fts5yystackEnd ){
-          fts5yyStackOverflow(fts5yypParser);
-          break;
-        }
-#else
-        if( fts5yypParser->fts5yytos>=&fts5yypParser->fts5yystack[fts5yypParser->fts5yystksz-1] ){
           if( fts5yyGrowStack(fts5yypParser) ){
             fts5yyStackOverflow(fts5yypParser);
             break;
           }
         }
-#endif
       }
       fts5yyact = fts5yy_reduce(fts5yypParser,fts5yyruleno,fts5yymajor,fts5yyminor sqlite3Fts5ParserCTX_PARAM);
     }else if( fts5yyact <= fts5YY_MAX_SHIFTREDUCE ){
@@ -235016,7 +236995,11 @@ static int sqlite3Fts5ExprNew(
   }
 
   sqlite3_free(sParse.apPhrase);
-  *pzErr = sParse.zErr;
+  if( 0==*pzErr ){
+    *pzErr = sParse.zErr;
+  }else{
+    sqlite3_free(sParse.zErr);
+  }
   return sParse.rc;
 }
 
@@ -237144,6 +239127,7 @@ static Fts5ExprNode *sqlite3Fts5ParseImplicitAnd(
     assert( pRight->eType==FTS5_STRING
         || pRight->eType==FTS5_TERM
         || pRight->eType==FTS5_EOF
+        || (pRight->eType==FTS5_AND && pParse->bPhraseToAnd)
     );
 
     if( pLeft->eType==FTS5_AND ){
@@ -245378,23 +247362,26 @@ static void fts5IterSetOutputsTokendata(Fts5Iter *pIter){
 static void fts5TokendataIterNext(Fts5Iter *pIter, int bFrom, i64 iFrom){
   int ii;
   Fts5TokenDataIter *pT = pIter->pTokenDataIter;
+  Fts5Index *pIndex = pIter->pIndex;
 
   for(ii=0; iinIter; ii++){
     Fts5Iter *p = pT->apIter[ii];
     if( p->base.bEof==0
      && (p->base.iRowid==pIter->base.iRowid || (bFrom && p->base.iRowidpIndex, p, bFrom, iFrom);
+      fts5MultiIterNext(pIndex, p, bFrom, iFrom);
       while( bFrom && p->base.bEof==0
           && p->base.iRowidpIndex->rc==SQLITE_OK
+          && pIndex->rc==SQLITE_OK
       ){
-        fts5MultiIterNext(p->pIndex, p, 0, 0);
+        fts5MultiIterNext(pIndex, p, 0, 0);
       }
     }
   }
 
-  fts5IterSetOutputsTokendata(pIter);
+  if( pIndex->rc==SQLITE_OK ){
+    fts5IterSetOutputsTokendata(pIter);
+  }
 }
 
 /*
@@ -249308,6 +251295,7 @@ static int fts5UpdateMethod(
         rc = SQLITE_ERROR;
       }else{
         rc = fts5SpecialDelete(pTab, apVal);
+        bUpdateOrDelete = 1;
       }
     }else{
       rc = fts5SpecialInsert(pTab, z, apVal[2 + pConfig->nCol + 1]);
@@ -250482,14 +252470,16 @@ static int sqlite3Fts5GetTokenizer(
   if( pMod==0 ){
     assert( nArg>0 );
     rc = SQLITE_ERROR;
-    *pzErr = sqlite3_mprintf("no such tokenizer: %s", azArg[0]);
+    if( pzErr ) *pzErr = sqlite3_mprintf("no such tokenizer: %s", azArg[0]);
   }else{
     rc = pMod->x.xCreate(
         pMod->pUserData, (azArg?&azArg[1]:0), (nArg?nArg-1:0), &pConfig->pTok
     );
     pConfig->pTokApi = &pMod->x;
     if( rc!=SQLITE_OK ){
-      if( pzErr ) *pzErr = sqlite3_mprintf("error in tokenizer constructor");
+      if( pzErr && rc!=SQLITE_NOMEM ){
+        *pzErr = sqlite3_mprintf("error in tokenizer constructor");
+      }
     }else{
       pConfig->ePattern = sqlite3Fts5TokenizerPattern(
           pMod->x.xCreate, pConfig->pTok
@@ -250548,7 +252538,7 @@ static void fts5SourceIdFunc(
 ){
   assert( nArg==0 );
   UNUSED_PARAM2(nArg, apUnused);
-  sqlite3_result_text(pCtx, "fts5: 2024-01-30 16:01:20 e876e51a0ed5c5b3126f52e532044363a014bc594cfefa87ffb5b82257cc467a", -1, SQLITE_TRANSIENT);
+  sqlite3_result_text(pCtx, "fts5: 2024-08-13 09:16:08 c9c2ab54ba1f5f46360f1b4f35d849cd3f080e6fc2b6c60e91b16c63f69a1e33", -1, SQLITE_TRANSIENT);
 }
 
 /*
@@ -250583,18 +252573,25 @@ static int fts5IntegrityMethod(
 
   assert( pzErr!=0 && *pzErr==0 );
   UNUSED_PARAM(isQuick);
+  assert( pTab->p.pConfig->pzErrmsg==0 );
+  pTab->p.pConfig->pzErrmsg = pzErr;
   rc = sqlite3Fts5StorageIntegrity(pTab->pStorage, 0);
-  if( (rc&0xff)==SQLITE_CORRUPT ){
-    *pzErr = sqlite3_mprintf("malformed inverted index for FTS5 table %s.%s",
-                zSchema, zTabname);
-  }else if( rc!=SQLITE_OK ){
-    *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
-                             " FTS5 table %s.%s: %s",
-                zSchema, zTabname, sqlite3_errstr(rc));
+  if( *pzErr==0 && rc!=SQLITE_OK ){
+    if( (rc&0xff)==SQLITE_CORRUPT ){
+      *pzErr = sqlite3_mprintf("malformed inverted index for FTS5 table %s.%s",
+          zSchema, zTabname);
+      rc = (*pzErr) ? SQLITE_OK : SQLITE_NOMEM;
+    }else{
+      *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
+          " FTS5 table %s.%s: %s",
+          zSchema, zTabname, sqlite3_errstr(rc));
+    }
   }
+
   sqlite3Fts5IndexCloseReader(pTab->p.pIndex);
+  pTab->p.pConfig->pzErrmsg = 0;
 
-  return SQLITE_OK;
+  return rc;
 }
 
 static int fts5Init(sqlite3 *db){
@@ -252026,7 +254023,7 @@ static int fts5AsciiCreate(
       int i;
       memset(p, 0, sizeof(AsciiTokenizer));
       memcpy(p->aTokenChar, aAsciiTokenChar, sizeof(aAsciiTokenChar));
-      for(i=0; rc==SQLITE_OK && ibFold = 1;
     pNew->iFoldParam = 0;
-    for(i=0; rc==SQLITE_OK && iiFoldParam!=0 && pNew->bFold==0 ){
       rc = SQLITE_ERROR;
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
index a07a51952..d67a4adb6 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
@@ -147,9 +147,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.45.1"
-#define SQLITE_VERSION_NUMBER 3045001
-#define SQLITE_SOURCE_ID      "2024-01-30 16:01:20 e876e51a0ed5c5b3126f52e532044363a014bc594cfefa87ffb5b82257cc467a"
+#define SQLITE_VERSION        "3.46.1"
+#define SQLITE_VERSION_NUMBER 3046001
+#define SQLITE_SOURCE_ID      "2024-08-13 09:16:08 c9c2ab54ba1f5f46360f1b4f35d849cd3f080e6fc2b6c60e91b16c63f69a1e33"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -421,6 +421,8 @@ typedef int (*sqlite3_callback)(void*,int,char**, char**);
 **      the 1st parameter to sqlite3_exec() while sqlite3_exec() is running.
 ** 
    25.  The application must not modify the SQL statement text passed into
 **      the 2nd parameter of sqlite3_exec() while sqlite3_exec() is running.
+** 
    26.  The application must not dereference the arrays or string pointers
+**       passed as the 3rd and 4th callback parameters after it returns.
 ** 
 */
 SQLITE_API int sqlite3_exec(
@@ -763,11 +765,11 @@ struct sqlite3_file {
 ** 
 ** xLock() upgrades the database file lock.  In other words, xLock() moves the
 ** database file lock in the direction NONE toward EXCLUSIVE. The argument to
-** xLock() is always on of SHARED, RESERVED, PENDING, or EXCLUSIVE, never
+** xLock() is always one of SHARED, RESERVED, PENDING, or EXCLUSIVE, never
 ** SQLITE_LOCK_NONE.  If the database file lock is already at or above the
 ** requested lock, then the call to xLock() is a no-op.
 ** xUnlock() downgrades the database file lock to either SHARED or NONE.
-*  If the lock is already at or below the requested lock state, then the call
+** If the lock is already at or below the requested lock state, then the call
 ** to xUnlock() is a no-op.
 ** The xCheckReservedLock() method checks whether any database connection,
 ** either in this process or in some other process, is holding a RESERVED,
@@ -2142,6 +2144,22 @@ struct sqlite3_mem_methods {
 ** configuration setting is never used, then the default maximum is determined
 ** by the [SQLITE_MEMDB_DEFAULT_MAXSIZE] compile-time option.  If that
 ** compile-time option is not set, then the default maximum is 1073741824.
+**
+** [[SQLITE_CONFIG_ROWID_IN_VIEW]]
+** 
      SQLITE_CONFIG_ROWID_IN_VIEW
+** 
      The SQLITE_CONFIG_ROWID_IN_VIEW option enables or disables the ability
+** for VIEWs to have a ROWID.  The capability can only be enabled if SQLite is
+** compiled with -DSQLITE_ALLOW_ROWID_IN_VIEW, in which case the capability
+** defaults to on.  This configuration option queries the current setting or
+** changes the setting to off or on.  The argument is a pointer to an integer.
+** If that integer initially holds a value of 1, then the ability for VIEWs to
+** have ROWIDs is activated.  If the integer initially holds zero, then the
+** ability is deactivated.  Any other initial value for the integer leaves the
+** setting unchanged.  After changes, if any, the integer is written with
+** a 1 or 0, if the ability for VIEWs to have ROWIDs is on or off.  If SQLite
+** is compiled without -DSQLITE_ALLOW_ROWID_IN_VIEW (which is the usual and
+** recommended case) then the integer is always filled with zero, regardless
+** if its initial value.
 ** 
 */
 #define SQLITE_CONFIG_SINGLETHREAD         1  /* nil */
@@ -2173,6 +2191,7 @@ struct sqlite3_mem_methods {
 #define SQLITE_CONFIG_SMALL_MALLOC        27  /* boolean */
 #define SQLITE_CONFIG_SORTERREF_SIZE      28  /* int nByte */
 #define SQLITE_CONFIG_MEMDB_MAXSIZE       29  /* sqlite3_int64 */
+#define SQLITE_CONFIG_ROWID_IN_VIEW       30  /* int* */
 
 /*
 ** CAPI3REF: Database Connection Configuration Options
@@ -3287,8 +3306,8 @@ SQLITE_API int sqlite3_set_authorizer(
 #define SQLITE_RECURSIVE            33   /* NULL            NULL            */
 
 /*
-** CAPI3REF: Tracing And Profiling Functions
-** METHOD: sqlite3
+** CAPI3REF: Deprecated Tracing And Profiling Functions
+** DEPRECATED
 **
 ** These routines are deprecated. Use the [sqlite3_trace_v2()] interface
 ** instead of the routines described here.
@@ -6869,6 +6888,12 @@ SQLITE_API int sqlite3_autovacuum_pages(
 ** The exceptions defined in this paragraph might change in a future
 ** release of SQLite.
 **
+** Whether the update hook is invoked before or after the
+** corresponding change is currently unspecified and may differ
+** depending on the type of change. Do not rely on the order of the
+** hook call with regards to the final result of the operation which
+** triggers the hook.
+**
 ** The update hook implementation must not do anything that will modify
 ** the database connection that invoked the update hook.  Any actions
 ** to modify the database connection must be deferred until after the
@@ -8339,7 +8364,7 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 ** The sqlite3_keyword_count() interface returns the number of distinct
 ** keywords understood by SQLite.
 **
-** The sqlite3_keyword_name(N,Z,L) interface finds the N-th keyword and
+** The sqlite3_keyword_name(N,Z,L) interface finds the 0-based N-th keyword and
 ** makes *Z point to that keyword expressed as UTF8 and writes the number
 ** of bytes in the keyword into *L.  The string that *Z points to is not
 ** zero-terminated.  The sqlite3_keyword_name(N,Z,L) routine returns
@@ -9918,24 +9943,45 @@ SQLITE_API const char *sqlite3_vtab_collation(sqlite3_index_info*,int);
 ** 
    27. 
 ** ^(If the sqlite3_vtab_distinct() interface returns 2, that means
 ** that the query planner does not need the rows returned in any particular
-** order, as long as rows with the same values in all "aOrderBy" columns
-** are adjacent.)^  ^(Furthermore, only a single row for each particular
-** combination of values in the columns identified by the "aOrderBy" field
-** needs to be returned.)^  ^It is always ok for two or more rows with the same
-** values in all "aOrderBy" columns to be returned, as long as all such rows
-** are adjacent.  ^The virtual table may, if it chooses, omit extra rows
-** that have the same value for all columns identified by "aOrderBy".
-** ^However omitting the extra rows is optional.
+** order, as long as rows with the same values in all columns identified
+** by "aOrderBy" are adjacent.)^  ^(Furthermore, when two or more rows
+** contain the same values for all columns identified by "colUsed", all but
+** one such row may optionally be omitted from the result.)^
+** The virtual table is not required to omit rows that are duplicates
+** over the "colUsed" columns, but if the virtual table can do that without
+** too much extra effort, it could potentially help the query to run faster.
 ** This mode is used for a DISTINCT query.
 ** 
    28. 
-** ^(If the sqlite3_vtab_distinct() interface returns 3, that means
-** that the query planner needs only distinct rows but it does need the
-** rows to be sorted.)^ ^The virtual table implementation is free to omit
-** rows that are identical in all aOrderBy columns, if it wants to, but
-** it is not required to omit any rows.  This mode is used for queries
+** ^(If the sqlite3_vtab_distinct() interface returns 3, that means the
+** virtual table must return rows in the order defined by "aOrderBy" as
+** if the sqlite3_vtab_distinct() interface had returned 0.  However if
+** two or more rows in the result have the same values for all columns
+** identified by "colUsed", then all but one such row may optionally be
+** omitted.)^  Like when the return value is 2, the virtual table
+** is not required to omit rows that are duplicates over the "colUsed"
+** columns, but if the virtual table can do that without
+** too much extra effort, it could potentially help the query to run faster.
+** This mode is used for queries
 ** that have both DISTINCT and ORDER BY clauses.
 ** 
    
 **
+** 
    The following table summarizes the conditions under which the
+** virtual table is allowed to set the "orderByConsumed" flag based on
+** the value returned by sqlite3_vtab_distinct().  This table is a
+** restatement of the previous four paragraphs:
+**
+** 
+** 
+** 
    sqlite3_vtab_distinct() return value
+** Rows are returned in aOrderBy order
+** Rows with the same value in all aOrderBy columns are adjacent
+** Duplicates over all colUsed columns may be omitted
+** 
    0yesyesno
+** 
    1noyesno
+** 
    2noyesyes
+** 
    3yesyesyes
+** 
    
+**
 ** ^For the purposes of comparing virtual table output values to see if the
 ** values are same value for sorting purposes, two NULL values are considered
 ** to be the same.  In other words, the comparison operator is "IS"
@@ -11980,6 +12026,30 @@ SQLITE_API int sqlite3changegroup_schema(sqlite3_changegroup*, sqlite3*, const c
 */
 SQLITE_API int sqlite3changegroup_add(sqlite3_changegroup*, int nData, void *pData);
 
+/*
+** CAPI3REF: Add A Single Change To A Changegroup
+** METHOD: sqlite3_changegroup
+**
+** This function adds the single change currently indicated by the iterator
+** passed as the second argument to the changegroup object. The rules for
+** adding the change are just as described for [sqlite3changegroup_add()].
+**
+** If the change is successfully added to the changegroup, SQLITE_OK is
+** returned. Otherwise, an SQLite error code is returned.
+**
+** The iterator must point to a valid entry when this function is called.
+** If it does not, SQLITE_ERROR is returned and no change is added to the
+** changegroup. Additionally, the iterator must not have been opened with
+** the SQLITE_CHANGESETAPPLY_INVERT flag. In this case SQLITE_ERROR is also
+** returned.
+*/
+SQLITE_API int sqlite3changegroup_add_change(
+  sqlite3_changegroup*,
+  sqlite3_changeset_iter*
+);
+
+
+
 /*
 ** CAPI3REF: Obtain A Composite Changeset From A Changegroup
 ** METHOD: sqlite3_changegroup
@@ -12784,8 +12854,8 @@ struct Fts5PhraseIter {
 ** EXTENSION API FUNCTIONS
 **
 ** xUserData(pFts):
-**   Return a copy of the context pointer the extension function was
-**   registered with.
+**   Return a copy of the pUserData pointer passed to the xCreateFunction()
+**   API when the extension function was registered.
 **
 ** xColumnTotalSize(pFts, iCol, pnToken):
 **   If parameter iCol is less than zero, set output variable *pnToken
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
index 4b3b6cab5..ed2a9e2a3 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
@@ -1679,7 +1679,7 @@ func (d *SQLiteDriver) Open(dsn string) (driver.Conn, error) {
 		}
 	}
 
-	// Forgein Keys
+	// Foreign Keys
 	if foreignKeys > -1 {
 		if err := exec(fmt.Sprintf("PRAGMA foreign_keys = %d;", foreignKeys)); err != nil {
 			C.sqlite3_close_v2(db)
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
index 95cc7c0b6..6ef230862 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
@@ -18,5 +18,6 @@ package sqlite3
 #cgo openbsd LDFLAGS: -lsqlite3
 #cgo solaris LDFLAGS: -lsqlite3
 #cgo windows LDFLAGS: -lsqlite3
+#cgo zos LDFLAGS: -lsqlite3
 */
 import "C"
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go
index de9630c27..76d840164 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go
@@ -86,7 +86,7 @@ var (
 // combination is incorrect or unknown.
 //
 // If the SQLITE_USER table is not present in the database file, then
-// this interface is a harmless no-op returnning SQLITE_OK.
+// this interface is a harmless no-op returning SQLITE_OK.
 func (c *SQLiteConn) Authenticate(username, password string) error {
 	rv := c.authenticate(username, password)
 	switch rv {
diff --git a/vendor/github.com/munnerz/goautoneg/LICENSE b/vendor/github.com/munnerz/goautoneg/LICENSE
new file mode 100644
index 000000000..bbc7b897c
--- /dev/null
+++ b/vendor/github.com/munnerz/goautoneg/LICENSE
@@ -0,0 +1,31 @@
+Copyright (c) 2011, Open Knowledge Foundation Ltd.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+    Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
+
+    Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in
+    the documentation and/or other materials provided with the
+    distribution.
+
+    Neither the name of the Open Knowledge Foundation Ltd. nor the
+    names of its contributors may be used to endorse or promote
+    products derived from this software without specific prior written
+    permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/munnerz/goautoneg/Makefile b/vendor/github.com/munnerz/goautoneg/Makefile
new file mode 100644
index 000000000..e33ee1730
--- /dev/null
+++ b/vendor/github.com/munnerz/goautoneg/Makefile
@@ -0,0 +1,13 @@
+include $(GOROOT)/src/Make.inc
+
+TARG=bitbucket.org/ww/goautoneg
+GOFILES=autoneg.go
+
+include $(GOROOT)/src/Make.pkg
+
+format:
+	gofmt -w *.go
+
+docs:
+	gomake clean
+	godoc ${TARG} > README.txt
diff --git a/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/README.txt b/vendor/github.com/munnerz/goautoneg/README.txt
similarity index 100%
rename from vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/README.txt
rename to vendor/github.com/munnerz/goautoneg/README.txt
diff --git a/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go b/vendor/github.com/munnerz/goautoneg/autoneg.go
similarity index 52%
rename from vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go
rename to vendor/github.com/munnerz/goautoneg/autoneg.go
index a21b9d15d..1dd1cad64 100644
--- a/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go
+++ b/vendor/github.com/munnerz/goautoneg/autoneg.go
@@ -1,28 +1,28 @@
 /*
-Copyright (c) 2011, Open Knowledge Foundation Ltd.
-All rights reserved.
-
 HTTP Content-Type Autonegotiation.
 
 The functions in this package implement the behaviour specified in
 http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
 
+Copyright (c) 2011, Open Knowledge Foundation Ltd.
+All rights reserved.
+
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:
 
-	Redistributions of source code must retain the above copyright
-	notice, this list of conditions and the following disclaimer.
+    Redistributions of source code must retain the above copyright
+    notice, this list of conditions and the following disclaimer.
 
-	Redistributions in binary form must reproduce the above copyright
-	notice, this list of conditions and the following disclaimer in
-	the documentation and/or other materials provided with the
-	distribution.
+    Redistributions in binary form must reproduce the above copyright
+    notice, this list of conditions and the following disclaimer in
+    the documentation and/or other materials provided with the
+    distribution.
 
-	Neither the name of the Open Knowledge Foundation Ltd. nor the
-	names of its contributors may be used to endorse or promote
-	products derived from this software without specific prior written
-	permission.
+    Neither the name of the Open Knowledge Foundation Ltd. nor the
+    names of its contributors may be used to endorse or promote
+    products derived from this software without specific prior written
+    permission.
 
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
@@ -36,6 +36,7 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
+
 package goautoneg
 
 import (
@@ -51,16 +52,14 @@ type Accept struct {
 	Params        map[string]string
 }
 
-// For internal use, so that we can use the sort interface
-type accept_slice []Accept
+// acceptSlice is defined to implement sort interface.
+type acceptSlice []Accept
 
-func (accept accept_slice) Len() int {
-	slice := []Accept(accept)
+func (slice acceptSlice) Len() int {
 	return len(slice)
 }
 
-func (accept accept_slice) Less(i, j int) bool {
-	slice := []Accept(accept)
+func (slice acceptSlice) Less(i, j int) bool {
 	ai, aj := slice[i], slice[j]
 	if ai.Q > aj.Q {
 		return true
@@ -74,63 +73,93 @@ func (accept accept_slice) Less(i, j int) bool {
 	return false
 }
 
-func (accept accept_slice) Swap(i, j int) {
-	slice := []Accept(accept)
+func (slice acceptSlice) Swap(i, j int) {
 	slice[i], slice[j] = slice[j], slice[i]
 }
 
+func stringTrimSpaceCutset(r rune) bool {
+	return r == ' '
+}
+
+func nextSplitElement(s, sep string) (item string, remaining string) {
+	if index := strings.Index(s, sep); index != -1 {
+		return s[:index], s[index+1:]
+	}
+	return s, ""
+}
+
 // Parse an Accept Header string returning a sorted list
 // of clauses
-func ParseAccept(header string) (accept []Accept) {
-	parts := strings.Split(header, ",")
-	accept = make([]Accept, 0, len(parts))
-	for _, part := range parts {
-		part := strings.Trim(part, " ")
+func ParseAccept(header string) acceptSlice {
+	partsCount := 0
+	remaining := header
+	for len(remaining) > 0 {
+		partsCount++
+		_, remaining = nextSplitElement(remaining, ",")
+	}
+	accept := make(acceptSlice, 0, partsCount)
 
-		a := Accept{}
-		a.Params = make(map[string]string)
-		a.Q = 1.0
+	remaining = header
+	var part string
+	for len(remaining) > 0 {
+		part, remaining = nextSplitElement(remaining, ",")
+		part = strings.TrimFunc(part, stringTrimSpaceCutset)
 
-		mrp := strings.Split(part, ";")
+		a := Accept{
+			Q: 1.0,
+		}
+
+		sp, remainingPart := nextSplitElement(part, ";")
 
-		media_range := mrp[0]
-		sp := strings.Split(media_range, "/")
-		a.Type = strings.Trim(sp[0], " ")
+		sp0, spRemaining := nextSplitElement(sp, "/")
+		a.Type = strings.TrimFunc(sp0, stringTrimSpaceCutset)
 
 		switch {
-		case len(sp) == 1 && a.Type == "*":
-			a.SubType = "*"
-		case len(sp) == 2:
-			a.SubType = strings.Trim(sp[1], " ")
+		case len(spRemaining) == 0:
+			if a.Type == "*" {
+				a.SubType = "*"
+			} else {
+				continue
+			}
 		default:
-			continue
+			var sp1 string
+			sp1, spRemaining = nextSplitElement(spRemaining, "/")
+			if len(spRemaining) > 0 {
+				continue
+			}
+			a.SubType = strings.TrimFunc(sp1, stringTrimSpaceCutset)
 		}
 
-		if len(mrp) == 1 {
+		if len(remainingPart) == 0 {
 			accept = append(accept, a)
 			continue
 		}
 
-		for _, param := range mrp[1:] {
-			sp := strings.SplitN(param, "=", 2)
-			if len(sp) != 2 {
+		a.Params = make(map[string]string)
+		for len(remainingPart) > 0 {
+			sp, remainingPart = nextSplitElement(remainingPart, ";")
+			sp0, spRemaining = nextSplitElement(sp, "=")
+			if len(spRemaining) == 0 {
+				continue
+			}
+			var sp1 string
+			sp1, spRemaining = nextSplitElement(spRemaining, "=")
+			if len(spRemaining) != 0 {
 				continue
 			}
-			token := strings.Trim(sp[0], " ")
+			token := strings.TrimFunc(sp0, stringTrimSpaceCutset)
 			if token == "q" {
-				a.Q, _ = strconv.ParseFloat(sp[1], 32)
+				a.Q, _ = strconv.ParseFloat(sp1, 32)
 			} else {
-				a.Params[token] = strings.Trim(sp[1], " ")
+				a.Params[token] = strings.TrimFunc(sp1, stringTrimSpaceCutset)
 			}
 		}
 
 		accept = append(accept, a)
 	}
 
-	slice := accept_slice(accept)
-	sort.Sort(slice)
-
-	return
+	sort.Sort(accept)
+	return accept
 }
 
 // Negotiate the most appropriate content_type given the accept header
diff --git a/vendor/github.com/prometheus/client_golang/NOTICE b/vendor/github.com/prometheus/client_golang/NOTICE
index dd878a30e..b9cc55abb 100644
--- a/vendor/github.com/prometheus/client_golang/NOTICE
+++ b/vendor/github.com/prometheus/client_golang/NOTICE
@@ -16,8 +16,3 @@ Go support for Protocol Buffers - Google's data interchange format
 http://github.com/golang/protobuf/
 Copyright 2010 The Go Authors
 See source code for license details.
-
-Support for streaming Protocol Buffer messages for the Go language (golang).
-https://github.com/matttproud/golang_protobuf_extensions
-Copyright 2013 Matt T. Proud
-Licensed under the Apache License, Version 2.0
diff --git a/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/LICENSE b/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/LICENSE
new file mode 100644
index 000000000..65d761bc9
--- /dev/null
+++ b/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2013 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header/header.go b/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header/header.go
new file mode 100644
index 000000000..8547c8dfd
--- /dev/null
+++ b/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header/header.go
@@ -0,0 +1,145 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file or at
+// https://developers.google.com/open-source/licenses/bsd.
+
+// Package header provides functions for parsing HTTP headers.
+package header
+
+import (
+	"net/http"
+	"strings"
+)
+
+// Octet types from RFC 2616.
+var octetTypes [256]octetType
+
+type octetType byte
+
+const (
+	isToken octetType = 1 << iota
+	isSpace
+)
+
+func init() {
+	// OCTET      = 
+	// CHAR       = 
+	// CTL        = 
+	// CR         = 
+	// LF         = 
+	// SP         = 
+	// HT         = 
+	// <">        = 
+	// CRLF       = CR LF
+	// LWS        = [CRLF] 1*( SP | HT )
+	// TEXT       = 
+	// separators = "(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\" | <">
+	//              | "/" | "[" | "]" | "?" | "=" | "{" | "}" | SP | HT
+	// token      = 1*
+	// qdtext     = >
+
+	for c := 0; c < 256; c++ {
+		var t octetType
+		isCtl := c <= 31 || c == 127
+		isChar := 0 <= c && c <= 127
+		isSeparator := strings.ContainsRune(" \t\"(),/:;<=>?@[]\\{}", rune(c))
+		if strings.ContainsRune(" \t\r\n", rune(c)) {
+			t |= isSpace
+		}
+		if isChar && !isCtl && !isSeparator {
+			t |= isToken
+		}
+		octetTypes[c] = t
+	}
+}
+
+// AcceptSpec describes an Accept* header.
+type AcceptSpec struct {
+	Value string
+	Q     float64
+}
+
+// ParseAccept parses Accept* headers.
+func ParseAccept(header http.Header, key string) (specs []AcceptSpec) {
+loop:
+	for _, s := range header[key] {
+		for {
+			var spec AcceptSpec
+			spec.Value, s = expectTokenSlash(s)
+			if spec.Value == "" {
+				continue loop
+			}
+			spec.Q = 1.0
+			s = skipSpace(s)
+			if strings.HasPrefix(s, ";") {
+				s = skipSpace(s[1:])
+				if !strings.HasPrefix(s, "q=") {
+					continue loop
+				}
+				spec.Q, s = expectQuality(s[2:])
+				if spec.Q < 0.0 {
+					continue loop
+				}
+			}
+			specs = append(specs, spec)
+			s = skipSpace(s)
+			if !strings.HasPrefix(s, ",") {
+				continue loop
+			}
+			s = skipSpace(s[1:])
+		}
+	}
+	return
+}
+
+func skipSpace(s string) (rest string) {
+	i := 0
+	for ; i < len(s); i++ {
+		if octetTypes[s[i]]&isSpace == 0 {
+			break
+		}
+	}
+	return s[i:]
+}
+
+func expectTokenSlash(s string) (token, rest string) {
+	i := 0
+	for ; i < len(s); i++ {
+		b := s[i]
+		if (octetTypes[b]&isToken == 0) && b != '/' {
+			break
+		}
+	}
+	return s[:i], s[i:]
+}
+
+func expectQuality(s string) (q float64, rest string) {
+	switch {
+	case len(s) == 0:
+		return -1, ""
+	case s[0] == '0':
+		q = 0
+	case s[0] == '1':
+		q = 1
+	default:
+		return -1, ""
+	}
+	s = s[1:]
+	if !strings.HasPrefix(s, ".") {
+		return q, s
+	}
+	s = s[1:]
+	i := 0
+	n := 0
+	d := 1
+	for ; i < len(s); i++ {
+		b := s[i]
+		if b < '0' || b > '9' {
+			break
+		}
+		n = n*10 + int(b) - '0'
+		d *= 10
+	}
+	return q + float64(n)/float64(d), s[i:]
+}
diff --git a/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/negotiate.go b/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/negotiate.go
new file mode 100644
index 000000000..2e45780b7
--- /dev/null
+++ b/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/negotiate.go
@@ -0,0 +1,36 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+//
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file or at
+// https://developers.google.com/open-source/licenses/bsd.
+
+package httputil
+
+import (
+	"net/http"
+
+	"github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header"
+)
+
+// NegotiateContentEncoding returns the best offered content encoding for the
+// request's Accept-Encoding header. If two offers match with equal weight and
+// then the offer earlier in the list is preferred. If no offers are
+// acceptable, then "" is returned.
+func NegotiateContentEncoding(r *http.Request, offers []string) string {
+	bestOffer := "identity"
+	bestQ := -1.0
+	specs := header.ParseAccept(r.Header, "Accept-Encoding")
+	for _, offer := range offers {
+		for _, spec := range specs {
+			if spec.Q > bestQ &&
+				(spec.Value == "*" || spec.Value == offer) {
+				bestQ = spec.Q
+				bestOffer = offer
+			}
+		}
+	}
+	if bestQ == 0 {
+		bestOffer = ""
+	}
+	return bestOffer
+}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go b/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go
index ad9a71a5e..520cbd7d4 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go
@@ -22,13 +22,13 @@ import (
 // goRuntimeMemStats provides the metrics initially provided by runtime.ReadMemStats.
 // From Go 1.17 those similar (and better) statistics are provided by runtime/metrics, so
 // while eval closure works on runtime.MemStats, the struct from Go 1.17+ is
-// populated using runtime/metrics.
+// populated using runtime/metrics. Those are the defaults we can't alter.
 func goRuntimeMemStats() memStatsMetrics {
 	return memStatsMetrics{
 		{
 			desc: NewDesc(
 				memstatNamespace("alloc_bytes"),
-				"Number of bytes allocated and still in use.",
+				"Number of bytes allocated in heap and currently in use. Equals to /memory/classes/heap/objects:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Alloc) },
@@ -36,7 +36,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("alloc_bytes_total"),
-				"Total number of bytes allocated, even if freed.",
+				"Total number of bytes allocated in heap until now, even if released already. Equals to /gc/heap/allocs:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.TotalAlloc) },
@@ -44,23 +44,16 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("sys_bytes"),
-				"Number of bytes obtained from system.",
+				"Number of bytes obtained from system. Equals to /memory/classes/total:byte.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Sys) },
 			valType: GaugeValue,
-		}, {
-			desc: NewDesc(
-				memstatNamespace("lookups_total"),
-				"Total number of pointer lookups.",
-				nil, nil,
-			),
-			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Lookups) },
-			valType: CounterValue,
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mallocs_total"),
-				"Total number of mallocs.",
+				// TODO(bwplotka): We could add go_memstats_heap_objects, probably useful for discovery. Let's gather more feedback, kind of a waste of bytes for everybody for compatibility reasons to keep both, and we can't really rename/remove useful metric.
+				"Total number of heap objects allocated, both live and gc-ed. Semantically a counter version for go_memstats_heap_objects gauge. Equals to /gc/heap/allocs:objects + /gc/heap/tiny/allocs:objects.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Mallocs) },
@@ -68,7 +61,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("frees_total"),
-				"Total number of frees.",
+				"Total number of heap objects frees. Equals to /gc/heap/frees:objects + /gc/heap/tiny/allocs:objects.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Frees) },
@@ -76,7 +69,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_alloc_bytes"),
-				"Number of heap bytes allocated and still in use.",
+				"Number of heap bytes allocated and currently in use, same as go_memstats_alloc_bytes. Equals to /memory/classes/heap/objects:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapAlloc) },
@@ -84,7 +77,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_sys_bytes"),
-				"Number of heap bytes obtained from system.",
+				"Number of heap bytes obtained from system. Equals to /memory/classes/heap/objects:bytes + /memory/classes/heap/unused:bytes + /memory/classes/heap/released:bytes + /memory/classes/heap/free:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapSys) },
@@ -92,7 +85,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_idle_bytes"),
-				"Number of heap bytes waiting to be used.",
+				"Number of heap bytes waiting to be used. Equals to /memory/classes/heap/released:bytes + /memory/classes/heap/free:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapIdle) },
@@ -100,7 +93,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_inuse_bytes"),
-				"Number of heap bytes that are in use.",
+				"Number of heap bytes that are in use. Equals to /memory/classes/heap/objects:bytes + /memory/classes/heap/unused:bytes",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapInuse) },
@@ -108,7 +101,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_released_bytes"),
-				"Number of heap bytes released to OS.",
+				"Number of heap bytes released to OS. Equals to /memory/classes/heap/released:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapReleased) },
@@ -116,7 +109,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_objects"),
-				"Number of allocated objects.",
+				"Number of currently allocated objects. Equals to /gc/heap/objects:objects.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapObjects) },
@@ -124,7 +117,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("stack_inuse_bytes"),
-				"Number of bytes in use by the stack allocator.",
+				"Number of bytes obtained from system for stack allocator in non-CGO environments. Equals to /memory/classes/heap/stacks:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.StackInuse) },
@@ -132,7 +125,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("stack_sys_bytes"),
-				"Number of bytes obtained from system for stack allocator.",
+				"Number of bytes obtained from system for stack allocator. Equals to /memory/classes/heap/stacks:bytes + /memory/classes/os-stacks:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.StackSys) },
@@ -140,7 +133,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mspan_inuse_bytes"),
-				"Number of bytes in use by mspan structures.",
+				"Number of bytes in use by mspan structures. Equals to /memory/classes/metadata/mspan/inuse:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.MSpanInuse) },
@@ -148,7 +141,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mspan_sys_bytes"),
-				"Number of bytes used for mspan structures obtained from system.",
+				"Number of bytes used for mspan structures obtained from system. Equals to /memory/classes/metadata/mspan/inuse:bytes + /memory/classes/metadata/mspan/free:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.MSpanSys) },
@@ -156,7 +149,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mcache_inuse_bytes"),
-				"Number of bytes in use by mcache structures.",
+				"Number of bytes in use by mcache structures. Equals to /memory/classes/metadata/mcache/inuse:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.MCacheInuse) },
@@ -164,7 +157,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mcache_sys_bytes"),
-				"Number of bytes used for mcache structures obtained from system.",
+				"Number of bytes used for mcache structures obtained from system. Equals to /memory/classes/metadata/mcache/inuse:bytes + /memory/classes/metadata/mcache/free:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.MCacheSys) },
@@ -172,7 +165,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("buck_hash_sys_bytes"),
-				"Number of bytes used by the profiling bucket hash table.",
+				"Number of bytes used by the profiling bucket hash table. Equals to /memory/classes/profiling/buckets:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.BuckHashSys) },
@@ -180,7 +173,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("gc_sys_bytes"),
-				"Number of bytes used for garbage collection system metadata.",
+				"Number of bytes used for garbage collection system metadata. Equals to /memory/classes/metadata/other:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.GCSys) },
@@ -188,7 +181,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("other_sys_bytes"),
-				"Number of bytes used for other system allocations.",
+				"Number of bytes used for other system allocations. Equals to /memory/classes/other:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.OtherSys) },
@@ -196,7 +189,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("next_gc_bytes"),
-				"Number of heap bytes when next garbage collection will take place.",
+				"Number of heap bytes when next garbage collection will take place. Equals to /gc/heap/goal:bytes.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.NextGC) },
@@ -225,7 +218,7 @@ func newBaseGoCollector() baseGoCollector {
 			nil, nil),
 		gcDesc: NewDesc(
 			"go_gc_duration_seconds",
-			"A summary of the pause duration of garbage collection cycles.",
+			"A summary of the wall-time pause (stop-the-world) duration in garbage collection cycles.",
 			nil, nil),
 		gcLastTimeDesc: NewDesc(
 			"go_memstats_last_gc_time_seconds",
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go b/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go
index 2d8d9f64f..511746417 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go
@@ -17,6 +17,7 @@
 package prometheus
 
 import (
+	"fmt"
 	"math"
 	"runtime"
 	"runtime/metrics"
@@ -153,7 +154,8 @@ func defaultGoCollectorOptions() internal.GoCollectorOptions {
 			"/gc/heap/frees-by-size:bytes":  goGCHeapFreesBytes,
 		},
 		RuntimeMetricRules: []internal.GoCollectorRule{
-			//{Matcher: regexp.MustCompile("")},
+			// Recommended metrics we want by default from runtime/metrics.
+			{Matcher: internal.GoCollectorDefaultRuntimeMetrics},
 		},
 	}
 }
@@ -203,6 +205,7 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 			// to fail here. This condition is tested in TestExpectedRuntimeMetrics.
 			continue
 		}
+		help := attachOriginalName(d.Description.Description, d.Name)
 
 		sampleBuf = append(sampleBuf, metrics.Sample{Name: d.Name})
 		sampleMap[d.Name] = &sampleBuf[len(sampleBuf)-1]
@@ -214,7 +217,7 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 			m = newBatchHistogram(
 				NewDesc(
 					BuildFQName(namespace, subsystem, name),
-					d.Description.Description,
+					help,
 					nil,
 					nil,
 				),
@@ -226,7 +229,7 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 				Namespace: namespace,
 				Subsystem: subsystem,
 				Name:      name,
-				Help:      d.Description.Description,
+				Help:      help,
 			},
 			)
 		} else {
@@ -234,7 +237,7 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 				Namespace: namespace,
 				Subsystem: subsystem,
 				Name:      name,
-				Help:      d.Description.Description,
+				Help:      help,
 			})
 		}
 		metricSet = append(metricSet, m)
@@ -284,6 +287,10 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 	}
 }
 
+func attachOriginalName(desc, origName string) string {
+	return fmt.Sprintf("%s Sourced from %s", desc, origName)
+}
+
 // Describe returns all descriptions of the collector.
 func (c *goCollector) Describe(ch chan<- *Desc) {
 	c.base.Describe(ch)
@@ -376,13 +383,13 @@ func unwrapScalarRMValue(v metrics.Value) float64 {
 		//
 		// This should never happen because we always populate our metric
 		// set from the runtime/metrics package.
-		panic("unexpected unsupported metric")
+		panic("unexpected bad kind metric")
 	default:
 		// Unsupported metric kind.
 		//
 		// This should never happen because we check for this during initialization
 		// and flag and filter metrics whose kinds we don't understand.
-		panic("unexpected unsupported metric kind")
+		panic(fmt.Sprintf("unexpected unsupported metric: %v", v.Kind()))
 	}
 }
 
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
index b5c8bcb39..519db348a 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
@@ -440,7 +440,7 @@ type HistogramOpts struct {
 	// constant (or any negative float value).
 	NativeHistogramZeroThreshold float64
 
-	// The remaining fields define a strategy to limit the number of
+	// The next three fields define a strategy to limit the number of
 	// populated sparse buckets. If NativeHistogramMaxBucketNumber is left
 	// at zero, the number of buckets is not limited. (Note that this might
 	// lead to unbounded memory consumption if the values observed by the
@@ -473,6 +473,22 @@ type HistogramOpts struct {
 	NativeHistogramMinResetDuration time.Duration
 	NativeHistogramMaxZeroThreshold float64
 
+	// NativeHistogramMaxExemplars limits the number of exemplars
+	// that are kept in memory for each native histogram. If you leave it at
+	// zero, a default value of 10 is used. If no exemplars should be kept specifically
+	// for native histograms, set it to a negative value. (Scrapers can
+	// still use the exemplars exposed for classic buckets, which are managed
+	// independently.)
+	NativeHistogramMaxExemplars int
+	// NativeHistogramExemplarTTL is only checked once
+	// NativeHistogramMaxExemplars is exceeded. In that case, the
+	// oldest exemplar is removed if it is older than NativeHistogramExemplarTTL.
+	// Otherwise, the older exemplar in the pair of exemplars that are closest
+	// together (on an exponential scale) is removed.
+	// If NativeHistogramExemplarTTL is left at its zero value, a default value of
+	// 5m is used. To always delete the oldest exemplar, set it to a negative value.
+	NativeHistogramExemplarTTL time.Duration
+
 	// now is for testing purposes, by default it's time.Now.
 	now func() time.Time
 
@@ -532,6 +548,7 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr
 	if opts.afterFunc == nil {
 		opts.afterFunc = time.AfterFunc
 	}
+
 	h := &histogram{
 		desc:                            desc,
 		upperBounds:                     opts.Buckets,
@@ -556,6 +573,7 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr
 			h.nativeHistogramZeroThreshold = DefNativeHistogramZeroThreshold
 		} // Leave h.nativeHistogramZeroThreshold at 0 otherwise.
 		h.nativeHistogramSchema = pickSchema(opts.NativeHistogramBucketFactor)
+		h.nativeExemplars = makeNativeExemplars(opts.NativeHistogramExemplarTTL, opts.NativeHistogramMaxExemplars)
 	}
 	for i, upperBound := range h.upperBounds {
 		if i < len(h.upperBounds)-1 {
@@ -725,7 +743,8 @@ type histogram struct {
 	// resetScheduled is protected by mtx. It is true if a reset is
 	// scheduled for a later time (when nativeHistogramMinResetDuration has
 	// passed).
-	resetScheduled bool
+	resetScheduled  bool
+	nativeExemplars nativeExemplars
 
 	// now is for testing purposes, by default it's time.Now.
 	now func() time.Time
@@ -742,6 +761,9 @@ func (h *histogram) Observe(v float64) {
 	h.observe(v, h.findBucket(v))
 }
 
+// ObserveWithExemplar should not be called in a high-frequency setting
+// for a native histogram with configured exemplars. For this case,
+// the implementation isn't lock-free and might suffer from lock contention.
 func (h *histogram) ObserveWithExemplar(v float64, e Labels) {
 	i := h.findBucket(v)
 	h.observe(v, i)
@@ -821,6 +843,13 @@ func (h *histogram) Write(out *dto.Metric) error {
 				Length: proto.Uint32(0),
 			}}
 		}
+
+		if h.nativeExemplars.isEnabled() {
+			h.nativeExemplars.Lock()
+			his.Exemplars = append(his.Exemplars, h.nativeExemplars.exemplars...)
+			h.nativeExemplars.Unlock()
+		}
+
 	}
 	addAndResetCounts(hotCounts, coldCounts)
 	return nil
@@ -1091,8 +1120,10 @@ func (h *histogram) resetCounts(counts *histogramCounts) {
 	deleteSyncMap(&counts.nativeHistogramBucketsPositive)
 }
 
-// updateExemplar replaces the exemplar for the provided bucket. With empty
-// labels, it's a no-op. It panics if any of the labels is invalid.
+// updateExemplar replaces the exemplar for the provided classic bucket.
+// With empty labels, it's a no-op. It panics if any of the labels is invalid.
+// If histogram is native, the exemplar will be cached into nativeExemplars,
+// which has a limit, and will remove one exemplar when limit is reached.
 func (h *histogram) updateExemplar(v float64, bucket int, l Labels) {
 	if l == nil {
 		return
@@ -1102,6 +1133,10 @@ func (h *histogram) updateExemplar(v float64, bucket int, l Labels) {
 		panic(err)
 	}
 	h.exemplars[bucket].Store(e)
+	doSparse := h.nativeHistogramSchema > math.MinInt32 && !math.IsNaN(v)
+	if doSparse {
+		h.nativeExemplars.addExemplar(e)
+	}
 }
 
 // HistogramVec is a Collector that bundles a set of Histograms that all share the
@@ -1336,6 +1371,48 @@ func MustNewConstHistogram(
 	return m
 }
 
+// NewConstHistogramWithCreatedTimestamp does the same thing as NewConstHistogram but sets the created timestamp.
+func NewConstHistogramWithCreatedTimestamp(
+	desc *Desc,
+	count uint64,
+	sum float64,
+	buckets map[float64]uint64,
+	ct time.Time,
+	labelValues ...string,
+) (Metric, error) {
+	if desc.err != nil {
+		return nil, desc.err
+	}
+	if err := validateLabelValues(labelValues, len(desc.variableLabels.names)); err != nil {
+		return nil, err
+	}
+	return &constHistogram{
+		desc:       desc,
+		count:      count,
+		sum:        sum,
+		buckets:    buckets,
+		labelPairs: MakeLabelPairs(desc, labelValues),
+		createdTs:  timestamppb.New(ct),
+	}, nil
+}
+
+// MustNewConstHistogramWithCreatedTimestamp is a version of NewConstHistogramWithCreatedTimestamp that panics where
+// NewConstHistogramWithCreatedTimestamp would have returned an error.
+func MustNewConstHistogramWithCreatedTimestamp(
+	desc *Desc,
+	count uint64,
+	sum float64,
+	buckets map[float64]uint64,
+	ct time.Time,
+	labelValues ...string,
+) Metric {
+	m, err := NewConstHistogramWithCreatedTimestamp(desc, count, sum, buckets, ct, labelValues...)
+	if err != nil {
+		panic(err)
+	}
+	return m
+}
+
 type buckSort []*dto.Bucket
 
 func (s buckSort) Len() int {
@@ -1575,3 +1652,186 @@ func addAndResetCounts(hot, cold *histogramCounts) {
 	atomic.AddUint64(&hot.nativeHistogramZeroBucket, atomic.LoadUint64(&cold.nativeHistogramZeroBucket))
 	atomic.StoreUint64(&cold.nativeHistogramZeroBucket, 0)
 }
+
+type nativeExemplars struct {
+	sync.Mutex
+
+	// Time-to-live for exemplars, it is set to -1 if exemplars are disabled, that is NativeHistogramMaxExemplars is below 0.
+	// The ttl is used on insertion to remove an exemplar that is older than ttl, if present.
+	ttl time.Duration
+
+	exemplars []*dto.Exemplar
+}
+
+func (n *nativeExemplars) isEnabled() bool {
+	return n.ttl != -1
+}
+
+func makeNativeExemplars(ttl time.Duration, maxCount int) nativeExemplars {
+	if ttl == 0 {
+		ttl = 5 * time.Minute
+	}
+
+	if maxCount == 0 {
+		maxCount = 10
+	}
+
+	if maxCount < 0 {
+		maxCount = 0
+		ttl = -1
+	}
+
+	return nativeExemplars{
+		ttl:       ttl,
+		exemplars: make([]*dto.Exemplar, 0, maxCount),
+	}
+}
+
+func (n *nativeExemplars) addExemplar(e *dto.Exemplar) {
+	if !n.isEnabled() {
+		return
+	}
+
+	n.Lock()
+	defer n.Unlock()
+
+	// When the number of exemplars has not yet exceeded or
+	// is equal to cap(n.exemplars), then
+	// insert the new exemplar directly.
+	if len(n.exemplars) < cap(n.exemplars) {
+		var nIdx int
+		for nIdx = 0; nIdx < len(n.exemplars); nIdx++ {
+			if *e.Value < *n.exemplars[nIdx].Value {
+				break
+			}
+		}
+		n.exemplars = append(n.exemplars[:nIdx], append([]*dto.Exemplar{e}, n.exemplars[nIdx:]...)...)
+		return
+	}
+
+	if len(n.exemplars) == 1 {
+		// When the number of exemplars is 1, then
+		// replace the existing exemplar with the new exemplar.
+		n.exemplars[0] = e
+		return
+	}
+	// From this point on, the number of exemplars is greater than 1.
+
+	// When the number of exemplars exceeds the limit, remove one exemplar.
+	var (
+		ot    = time.Time{} // Oldest timestamp seen. Initial value doesn't matter as we replace it due to otIdx == -1 in the loop.
+		otIdx = -1          // Index of the exemplar with the oldest timestamp.
+
+		md = -1.0 // Logarithm of the delta of the closest pair of exemplars.
+
+		// The insertion point of the new exemplar in the exemplars slice after insertion.
+		// This is calculated purely based on the order of the exemplars by value.
+		// nIdx == len(n.exemplars) means the new exemplar is to be inserted after the end.
+		nIdx = -1
+
+		// rIdx is ultimately the index for the exemplar that we are replacing with the new exemplar.
+		// The aim is to keep a good spread of exemplars by value and not let them bunch up too much.
+		// It is calculated in 3 steps:
+		//   1. First we set rIdx to the index of the older exemplar within the closest pair by value.
+		//      That is the following will be true (on log scale):
+		//      either the exemplar pair on index (rIdx-1, rIdx) or (rIdx, rIdx+1) will have
+		//      the closest values to each other from all pairs.
+		//      For example, suppose the values are distributed like this:
+		//        |-----------x-------------x----------------x----x-----|
+		//                                                   ^--rIdx as this is older.
+		//      Or like this:
+		//        |-----------x-------------x----------------x----x-----|
+		//                                                        ^--rIdx as this is older.
+		//   2. If there is an exemplar that expired, then we simple reset rIdx to that index.
+		//   3. We check if by inserting the new exemplar we would create a closer pair at
+		//      (nIdx-1, nIdx) or (nIdx, nIdx+1) and set rIdx to nIdx-1 or nIdx accordingly to
+		//      keep the spread of exemplars by value; otherwise we keep rIdx as it is.
+		rIdx = -1
+		cLog float64 // Logarithm of the current exemplar.
+		pLog float64 // Logarithm of the previous exemplar.
+	)
+
+	for i, exemplar := range n.exemplars {
+		// Find the exemplar with the oldest timestamp.
+		if otIdx == -1 || exemplar.Timestamp.AsTime().Before(ot) {
+			ot = exemplar.Timestamp.AsTime()
+			otIdx = i
+		}
+
+		// Find the index at which to insert new the exemplar.
+		if nIdx == -1 && *e.Value <= *exemplar.Value {
+			nIdx = i
+		}
+
+		// Find the two closest exemplars and pick the one the with older timestamp.
+		pLog = cLog
+		cLog = math.Log(exemplar.GetValue())
+		if i == 0 {
+			continue
+		}
+		diff := math.Abs(cLog - pLog)
+		if md == -1 || diff < md {
+			// The closest exemplar pair is at index: i-1, i.
+			// Choose the exemplar with the older timestamp for replacement.
+			md = diff
+			if n.exemplars[i].Timestamp.AsTime().Before(n.exemplars[i-1].Timestamp.AsTime()) {
+				rIdx = i
+			} else {
+				rIdx = i - 1
+			}
+		}
+
+	}
+
+	// If all existing exemplar are smaller than new exemplar,
+	// then the exemplar should be inserted at the end.
+	if nIdx == -1 {
+		nIdx = len(n.exemplars)
+	}
+	// Here, we have the following relationships:
+	// n.exemplars[nIdx-1].Value < e.Value (if nIdx > 0)
+	// e.Value <= n.exemplars[nIdx].Value (if nIdx < len(n.exemplars))
+
+	if otIdx != -1 && e.Timestamp.AsTime().Sub(ot) > n.ttl {
+		// If the oldest exemplar has expired, then replace it with the new exemplar.
+		rIdx = otIdx
+	} else {
+		// In the previous for loop, when calculating the closest pair of exemplars,
+		// we did not take into account the newly inserted exemplar.
+		// So we need to calculate with the newly inserted exemplar again.
+		elog := math.Log(e.GetValue())
+		if nIdx > 0 {
+			diff := math.Abs(elog - math.Log(n.exemplars[nIdx-1].GetValue()))
+			if diff < md {
+				// The value we are about to insert is closer to the previous exemplar at the insertion point than what we calculated before in rIdx.
+				//                                            v--rIdx
+				// |-----------x-n-----------x----------------x----x-----|
+				//     nIdx-1--^ ^--new exemplar value
+				// Do not make the spread worse, replace nIdx-1 and not rIdx.
+				md = diff
+				rIdx = nIdx - 1
+			}
+		}
+		if nIdx < len(n.exemplars) {
+			diff := math.Abs(math.Log(n.exemplars[nIdx].GetValue()) - elog)
+			if diff < md {
+				// The value we are about to insert is closer to the next exemplar at the insertion point than what we calculated before in rIdx.
+				//                                            v--rIdx
+				// |-----------x-----------n-x----------------x----x-----|
+				//     new exemplar value--^ ^--nIdx
+				// Do not make the spread worse, replace nIdx-1 and not rIdx.
+				rIdx = nIdx
+			}
+		}
+	}
+
+	// Adjust the slice according to rIdx and nIdx.
+	switch {
+	case rIdx == nIdx:
+		n.exemplars[nIdx] = e
+	case rIdx < nIdx:
+		n.exemplars = append(n.exemplars[:rIdx], append(n.exemplars[rIdx+1:nIdx], append([]*dto.Exemplar{e}, n.exemplars[nIdx:]...)...)...)
+	case rIdx > nIdx:
+		n.exemplars = append(n.exemplars[:nIdx], append([]*dto.Exemplar{e}, append(n.exemplars[nIdx:rIdx], n.exemplars[rIdx+1:]...)...)...)
+	}
+}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/internal/go_collector_options.go b/vendor/github.com/prometheus/client_golang/prometheus/internal/go_collector_options.go
index 723b45d64..a4fa6eabd 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/internal/go_collector_options.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/internal/go_collector_options.go
@@ -30,3 +30,5 @@ type GoCollectorOptions struct {
 	RuntimeMetricSumForHist    map[string]string
 	RuntimeMetricRules         []GoCollectorRule
 }
+
+var GoCollectorDefaultRuntimeMetrics = regexp.MustCompile(`/gc/gogc:percent|/gc/gomemlimit:bytes|/sched/gomaxprocs:threads`)
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/metric.go b/vendor/github.com/prometheus/client_golang/prometheus/metric.go
index f018e5723..9d9b81ab4 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/metric.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/metric.go
@@ -234,7 +234,7 @@ func NewMetricWithExemplars(m Metric, exemplars ...Exemplar) (Metric, error) {
 	)
 	for i, e := range exemplars {
 		ts := e.Timestamp
-		if ts == (time.Time{}) {
+		if ts.IsZero() {
 			ts = now
 		}
 		exs[i], err = newExemplar(e.Value, ts, e.Labels)
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go b/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go
index 8548dd18e..62a4e7ad9 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go
@@ -22,14 +22,15 @@ import (
 )
 
 type processCollector struct {
-	collectFn       func(chan<- Metric)
-	pidFn           func() (int, error)
-	reportErrors    bool
-	cpuTotal        *Desc
-	openFDs, maxFDs *Desc
-	vsize, maxVsize *Desc
-	rss             *Desc
-	startTime       *Desc
+	collectFn         func(chan<- Metric)
+	pidFn             func() (int, error)
+	reportErrors      bool
+	cpuTotal          *Desc
+	openFDs, maxFDs   *Desc
+	vsize, maxVsize   *Desc
+	rss               *Desc
+	startTime         *Desc
+	inBytes, outBytes *Desc
 }
 
 // ProcessCollectorOpts defines the behavior of a process metrics collector
@@ -100,6 +101,16 @@ func NewProcessCollector(opts ProcessCollectorOpts) Collector {
 			"Start time of the process since unix epoch in seconds.",
 			nil, nil,
 		),
+		inBytes: NewDesc(
+			ns+"process_network_receive_bytes_total",
+			"Number of bytes received by the process over the network.",
+			nil, nil,
+		),
+		outBytes: NewDesc(
+			ns+"process_network_transmit_bytes_total",
+			"Number of bytes sent by the process over the network.",
+			nil, nil,
+		),
 	}
 
 	if opts.PidFn == nil {
@@ -129,6 +140,8 @@ func (c *processCollector) Describe(ch chan<- *Desc) {
 	ch <- c.maxVsize
 	ch <- c.rss
 	ch <- c.startTime
+	ch <- c.inBytes
+	ch <- c.outBytes
 }
 
 // Collect returns the current state of all metrics of the collector.
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go b/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go
index 8c1136cee..14d56d2d0 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go
@@ -63,4 +63,18 @@ func (c *processCollector) processCollect(ch chan<- Metric) {
 	} else {
 		c.reportError(ch, nil, err)
 	}
+
+	if netstat, err := p.Netstat(); err == nil {
+		var inOctets, outOctets float64
+		if netstat.IpExt.InOctets != nil {
+			inOctets = *netstat.IpExt.InOctets
+		}
+		if netstat.IpExt.OutOctets != nil {
+			outOctets = *netstat.IpExt.OutOctets
+		}
+		ch <- MustNewConstMetric(c.inBytes, CounterValue, inOctets)
+		ch <- MustNewConstMetric(c.outBytes, CounterValue, outOctets)
+	} else {
+		c.reportError(ch, nil, err)
+	}
 }
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go
index 9819917b8..315eab5f1 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go
@@ -76,6 +76,12 @@ func (r *responseWriterDelegator) Write(b []byte) (int, error) {
 	return n, err
 }
 
+// Unwrap lets http.ResponseController get the underlying http.ResponseWriter,
+// by implementing the [rwUnwrapper](https://cs.opensource.google/go/go/+/refs/tags/go1.21.4:src/net/http/responsecontroller.go;l=42-44) interface.
+func (r *responseWriterDelegator) Unwrap() http.ResponseWriter {
+	return r.ResponseWriter
+}
+
 type (
 	closeNotifierDelegator struct{ *responseWriterDelegator }
 	flusherDelegator       struct{ *responseWriterDelegator }
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
index 09b8d2fbe..e598e66e6 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
@@ -38,12 +38,13 @@ import (
 	"io"
 	"net/http"
 	"strconv"
-	"strings"
 	"sync"
 	"time"
 
+	"github.com/klauspost/compress/zstd"
 	"github.com/prometheus/common/expfmt"
 
+	"github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil"
 	"github.com/prometheus/client_golang/prometheus"
 )
 
@@ -54,6 +55,18 @@ const (
 	processStartTimeHeader = "Process-Start-Time-Unix"
 )
 
+// Compression represents the content encodings handlers support for the HTTP
+// responses.
+type Compression string
+
+const (
+	Identity Compression = "identity"
+	Gzip     Compression = "gzip"
+	Zstd     Compression = "zstd"
+)
+
+var defaultCompressionFormats = []Compression{Identity, Gzip, Zstd}
+
 var gzipPool = sync.Pool{
 	New: func() interface{} {
 		return gzip.NewWriter(nil)
@@ -122,6 +135,18 @@ func HandlerForTransactional(reg prometheus.TransactionalGatherer, opts HandlerO
 		}
 	}
 
+	// Select compression formats to offer based on default or user choice.
+	var compressions []string
+	if !opts.DisableCompression {
+		offers := defaultCompressionFormats
+		if len(opts.OfferedCompressions) > 0 {
+			offers = opts.OfferedCompressions
+		}
+		for _, comp := range offers {
+			compressions = append(compressions, string(comp))
+		}
+	}
+
 	h := http.HandlerFunc(func(rsp http.ResponseWriter, req *http.Request) {
 		if !opts.ProcessStartTime.IsZero() {
 			rsp.Header().Set(processStartTimeHeader, strconv.FormatInt(opts.ProcessStartTime.Unix(), 10))
@@ -165,21 +190,23 @@ func HandlerForTransactional(reg prometheus.TransactionalGatherer, opts HandlerO
 		} else {
 			contentType = expfmt.Negotiate(req.Header)
 		}
-		header := rsp.Header()
-		header.Set(contentTypeHeader, string(contentType))
+		rsp.Header().Set(contentTypeHeader, string(contentType))
 
-		w := io.Writer(rsp)
-		if !opts.DisableCompression && gzipAccepted(req.Header) {
-			header.Set(contentEncodingHeader, "gzip")
-			gz := gzipPool.Get().(*gzip.Writer)
-			defer gzipPool.Put(gz)
+		w, encodingHeader, closeWriter, err := negotiateEncodingWriter(req, rsp, compressions)
+		if err != nil {
+			if opts.ErrorLog != nil {
+				opts.ErrorLog.Println("error getting writer", err)
+			}
+			w = io.Writer(rsp)
+			encodingHeader = string(Identity)
+		}
 
-			gz.Reset(w)
-			defer gz.Close()
+		defer closeWriter()
 
-			w = gz
+		// Set Content-Encoding only when data is compressed
+		if encodingHeader != string(Identity) {
+			rsp.Header().Set(contentEncodingHeader, encodingHeader)
 		}
-
 		enc := expfmt.NewEncoder(w, contentType)
 
 		// handleError handles the error according to opts.ErrorHandling
@@ -343,9 +370,19 @@ type HandlerOpts struct {
 	// no effect on the HTTP status code because ErrorHandling is set to
 	// ContinueOnError.
 	Registry prometheus.Registerer
-	// If DisableCompression is true, the handler will never compress the
-	// response, even if requested by the client.
+	// DisableCompression disables the response encoding (compression) and
+	// encoding negotiation. If true, the handler will
+	// never compress the response, even if requested
+	// by the client and the OfferedCompressions field is set.
 	DisableCompression bool
+	// OfferedCompressions is a set of encodings (compressions) handler will
+	// try to offer when negotiating with the client. This defaults to identity, gzip
+	// and zstd.
+	// NOTE: If handler can't agree with the client on the encodings or
+	// unsupported or empty encodings are set in OfferedCompressions,
+	// handler always fallbacks to no compression (identity), for
+	// compatibility reasons. In such cases ErrorLog will be used if set.
+	OfferedCompressions []Compression
 	// The number of concurrent HTTP requests is limited to
 	// MaxRequestsInFlight. Additional requests are responded to with 503
 	// Service Unavailable and a suitable message in the body. If
@@ -381,19 +418,6 @@ type HandlerOpts struct {
 	ProcessStartTime time.Time
 }
 
-// gzipAccepted returns whether the client will accept gzip-encoded content.
-func gzipAccepted(header http.Header) bool {
-	a := header.Get(acceptEncodingHeader)
-	parts := strings.Split(a, ",")
-	for _, part := range parts {
-		part = strings.TrimSpace(part)
-		if part == "gzip" || strings.HasPrefix(part, "gzip;") {
-			return true
-		}
-	}
-	return false
-}
-
 // httpError removes any content-encoding header and then calls http.Error with
 // the provided error and http.StatusInternalServerError. Error contents is
 // supposed to be uncompressed plain text. Same as with a plain http.Error, this
@@ -406,3 +430,38 @@ func httpError(rsp http.ResponseWriter, err error) {
 		http.StatusInternalServerError,
 	)
 }
+
+// negotiateEncodingWriter reads the Accept-Encoding header from a request and
+// selects the right compression based on an allow-list of supported
+// compressions. It returns a writer implementing the compression and an the
+// correct value that the caller can set in the response header.
+func negotiateEncodingWriter(r *http.Request, rw io.Writer, compressions []string) (_ io.Writer, encodingHeaderValue string, closeWriter func(), _ error) {
+	if len(compressions) == 0 {
+		return rw, string(Identity), func() {}, nil
+	}
+
+	// TODO(mrueg): Replace internal/github.com/gddo once https://github.com/golang/go/issues/19307 is implemented.
+	selected := httputil.NegotiateContentEncoding(r, compressions)
+
+	switch selected {
+	case "zstd":
+		// TODO(mrueg): Replace klauspost/compress with stdlib implementation once https://github.com/golang/go/issues/62513 is implemented.
+		z, err := zstd.NewWriter(rw, zstd.WithEncoderLevel(zstd.SpeedFastest))
+		if err != nil {
+			return nil, "", func() {}, err
+		}
+
+		z.Reset(rw)
+		return z, selected, func() { _ = z.Close() }, nil
+	case "gzip":
+		gz := gzipPool.Get().(*gzip.Writer)
+		gz.Reset(rw)
+		return gz, selected, func() { _ = gz.Close(); gzipPool.Put(gz) }, nil
+	case "identity":
+		// This means the content is not compressed.
+		return rw, selected, func() {}, nil
+	default:
+		// The content encoding was not implemented yet.
+		return nil, "", func() {}, fmt.Errorf("content compression format not recognized: %s. Valid formats are: %s", selected, defaultCompressionFormats)
+	}
+}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/registry.go b/vendor/github.com/prometheus/client_golang/prometheus/registry.go
index 5e2ced25a..c6fd2f58b 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/registry.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/registry.go
@@ -314,16 +314,17 @@ func (r *Registry) Register(c Collector) error {
 			if dimHash != desc.dimHash {
 				return fmt.Errorf("a previously registered descriptor with the same fully-qualified name as %s has different label names or a different help string", desc)
 			}
-		} else {
-			// ...then check the new descriptors already seen.
-			if dimHash, exists := newDimHashesByName[desc.fqName]; exists {
-				if dimHash != desc.dimHash {
-					return fmt.Errorf("descriptors reported by collector have inconsistent label names or help strings for the same fully-qualified name, offender is %s", desc)
-				}
-			} else {
-				newDimHashesByName[desc.fqName] = desc.dimHash
+			continue
+		}
+
+		// ...then check the new descriptors already seen.
+		if dimHash, exists := newDimHashesByName[desc.fqName]; exists {
+			if dimHash != desc.dimHash {
+				return fmt.Errorf("descriptors reported by collector have inconsistent label names or help strings for the same fully-qualified name, offender is %s", desc)
 			}
+			continue
 		}
+		newDimHashesByName[desc.fqName] = desc.dimHash
 	}
 	// A Collector yielding no Desc at all is considered unchecked.
 	if len(newDescIDs) == 0 {
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/summary.go b/vendor/github.com/prometheus/client_golang/prometheus/summary.go
index 146270444..1ab0e4796 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/summary.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/summary.go
@@ -783,3 +783,45 @@ func MustNewConstSummary(
 	}
 	return m
 }
+
+// NewConstSummaryWithCreatedTimestamp does the same thing as NewConstSummary but sets the created timestamp.
+func NewConstSummaryWithCreatedTimestamp(
+	desc *Desc,
+	count uint64,
+	sum float64,
+	quantiles map[float64]float64,
+	ct time.Time,
+	labelValues ...string,
+) (Metric, error) {
+	if desc.err != nil {
+		return nil, desc.err
+	}
+	if err := validateLabelValues(labelValues, len(desc.variableLabels.names)); err != nil {
+		return nil, err
+	}
+	return &constSummary{
+		desc:       desc,
+		count:      count,
+		sum:        sum,
+		quantiles:  quantiles,
+		labelPairs: MakeLabelPairs(desc, labelValues),
+		createdTs:  timestamppb.New(ct),
+	}, nil
+}
+
+// MustNewConstSummaryWithCreatedTimestamp is a version of NewConstSummaryWithCreatedTimestamp that panics where
+// NewConstSummaryWithCreatedTimestamp would have returned an error.
+func MustNewConstSummaryWithCreatedTimestamp(
+	desc *Desc,
+	count uint64,
+	sum float64,
+	quantiles map[float64]float64,
+	ct time.Time,
+	labelValues ...string,
+) Metric {
+	m, err := NewConstSummaryWithCreatedTimestamp(desc, count, sum, quantiles, ct, labelValues...)
+	if err != nil {
+		panic(err)
+	}
+	return m
+}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/vec.go b/vendor/github.com/prometheus/client_golang/prometheus/vec.go
index 955cfd59f..2c808eece 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/vec.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/vec.go
@@ -507,7 +507,7 @@ func (m *metricMap) getOrCreateMetricWithLabelValues(
 	return metric
 }
 
-// getOrCreateMetricWithLabelValues retrieves the metric by hash and label value
+// getOrCreateMetricWithLabels retrieves the metric by hash and label value
 // or creates it and returns the new one.
 //
 // This function holds the mutex.
diff --git a/vendor/github.com/prometheus/client_model/go/metrics.pb.go b/vendor/github.com/prometheus/client_model/go/metrics.pb.go
index cee360db7..2f1549075 100644
--- a/vendor/github.com/prometheus/client_model/go/metrics.pb.go
+++ b/vendor/github.com/prometheus/client_model/go/metrics.pb.go
@@ -483,6 +483,8 @@ type Histogram struct {
 	// histograms.
 	PositiveDelta []int64   `protobuf:"zigzag64,13,rep,name=positive_delta,json=positiveDelta" json:"positive_delta,omitempty"` // Count delta of each bucket compared to previous one (or to zero for 1st bucket).
 	PositiveCount []float64 `protobuf:"fixed64,14,rep,name=positive_count,json=positiveCount" json:"positive_count,omitempty"`  // Absolute count of each bucket.
+	// Only used for native histograms. These exemplars MUST have a timestamp.
+	Exemplars []*Exemplar `protobuf:"bytes,16,rep,name=exemplars" json:"exemplars,omitempty"`
 }
 
 func (x *Histogram) Reset() {
@@ -622,6 +624,13 @@ func (x *Histogram) GetPositiveCount() []float64 {
 	return nil
 }
 
+func (x *Histogram) GetExemplars() []*Exemplar {
+	if x != nil {
+		return x.Exemplars
+	}
+	return nil
+}
+
 // A Bucket of a conventional histogram, each of which is treated as
 // an individual counter-like time series by Prometheus.
 type Bucket struct {
@@ -923,6 +932,7 @@ type MetricFamily struct {
 	Help   *string     `protobuf:"bytes,2,opt,name=help" json:"help,omitempty"`
 	Type   *MetricType `protobuf:"varint,3,opt,name=type,enum=io.prometheus.client.MetricType" json:"type,omitempty"`
 	Metric []*Metric   `protobuf:"bytes,4,rep,name=metric" json:"metric,omitempty"`
+	Unit   *string     `protobuf:"bytes,5,opt,name=unit" json:"unit,omitempty"`
 }
 
 func (x *MetricFamily) Reset() {
@@ -985,6 +995,13 @@ func (x *MetricFamily) GetMetric() []*Metric {
 	return nil
 }
 
+func (x *MetricFamily) GetUnit() string {
+	if x != nil && x.Unit != nil {
+		return *x.Unit
+	}
+	return ""
+}
+
 var File_io_prometheus_client_metrics_proto protoreflect.FileDescriptor
 
 var file_io_prometheus_client_metrics_proto_rawDesc = []byte{
@@ -1028,7 +1045,7 @@ var file_io_prometheus_client_metrics_proto_rawDesc = []byte{
 	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x10, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64,
 	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x1f, 0x0a, 0x07, 0x55, 0x6e, 0x74,
 	0x79, 0x70, 0x65, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xac, 0x05, 0x0a, 0x09, 0x48,
+	0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xea, 0x05, 0x0a, 0x09, 0x48,
 	0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x61, 0x6d, 0x70,
 	0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b,
 	0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x2c, 0x0a, 0x12, 0x73,
@@ -1071,79 +1088,84 @@ var file_io_prometheus_client_metrics_proto_rawDesc = []byte{
 	0x03, 0x28, 0x12, 0x52, 0x0d, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x44, 0x65, 0x6c,
 	0x74, 0x61, 0x12, 0x25, 0x0a, 0x0e, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63,
 	0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0e, 0x20, 0x03, 0x28, 0x01, 0x52, 0x0d, 0x70, 0x6f, 0x73, 0x69,
-	0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xc6, 0x01, 0x0a, 0x06, 0x42, 0x75,
-	0x63, 0x6b, 0x65, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69,
-	0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0f,
-	0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12,
-	0x34, 0x0a, 0x16, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f,
-	0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x01, 0x52,
-	0x14, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74,
-	0x46, 0x6c, 0x6f, 0x61, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x75, 0x70, 0x70, 0x65, 0x72, 0x5f, 0x62,
-	0x6f, 0x75, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0a, 0x75, 0x70, 0x70, 0x65,
-	0x72, 0x42, 0x6f, 0x75, 0x6e, 0x64, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c,
-	0x61, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72,
-	0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e,
-	0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c,
-	0x61, 0x72, 0x22, 0x3c, 0x0a, 0x0a, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, 0x6e,
-	0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x11,
-	0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x6c, 0x65, 0x6e, 0x67,
-	0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68,
-	0x22, 0x91, 0x01, 0x0a, 0x08, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x12, 0x35, 0x0a,
+	0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x3c, 0x0a, 0x09, 0x65, 0x78, 0x65,
+	0x6d, 0x70, 0x6c, 0x61, 0x72, 0x73, 0x18, 0x10, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69,
+	0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69,
+	0x65, 0x6e, 0x74, 0x2e, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x09, 0x65, 0x78,
+	0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x73, 0x22, 0xc6, 0x01, 0x0a, 0x06, 0x42, 0x75, 0x63, 0x6b,
+	0x65, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65,
+	0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0f, 0x63, 0x75,
+	0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x34, 0x0a,
+	0x16, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e,
+	0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x01, 0x52, 0x14, 0x63,
+	0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x46, 0x6c,
+	0x6f, 0x61, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x75, 0x70, 0x70, 0x65, 0x72, 0x5f, 0x62, 0x6f, 0x75,
+	0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0a, 0x75, 0x70, 0x70, 0x65, 0x72, 0x42,
+	0x6f, 0x75, 0x6e, 0x64, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72,
+	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d,
+	0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x78,
+	0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72,
+	0x22, 0x3c, 0x0a, 0x0a, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, 0x6e, 0x12, 0x16,
+	0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x11, 0x52, 0x06,
+	0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x22, 0x91,
+	0x01, 0x0a, 0x08, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x12, 0x35, 0x0a, 0x05, 0x6c,
+	0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e,
+	0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e,
+	0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, 0x72, 0x52, 0x05, 0x6c, 0x61, 0x62,
+	0x65, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65,
+	0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
+	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
+	0x6d, 0x70, 0x22, 0xff, 0x02, 0x0a, 0x06, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x12, 0x35, 0x0a,
 	0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69,
 	0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69,
 	0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, 0x72, 0x52, 0x05, 0x6c,
-	0x61, 0x62, 0x65, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69,
-	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
-	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
-	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73,
-	0x74, 0x61, 0x6d, 0x70, 0x22, 0xff, 0x02, 0x0a, 0x06, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x12,
-	0x35, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f,
-	0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63,
-	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, 0x72, 0x52,
-	0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x31, 0x0a, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x18,
-	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
-	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x47, 0x61, 0x75,
-	0x67, 0x65, 0x52, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x12, 0x37, 0x0a, 0x07, 0x63, 0x6f, 0x75,
-	0x6e, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e,
+	0x61, 0x62, 0x65, 0x6c, 0x12, 0x31, 0x0a, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68,
+	0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x47, 0x61, 0x75, 0x67, 0x65,
+	0x52, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x12, 0x37, 0x0a, 0x07, 0x63, 0x6f, 0x75, 0x6e, 0x74,
+	0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72,
+	0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e,
+	0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x52, 0x07, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72,
+	0x12, 0x37, 0x0a, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75,
+	0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79,
+	0x52, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x37, 0x0a, 0x07, 0x75, 0x6e, 0x74,
+	0x79, 0x70, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e,
 	0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e,
-	0x74, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x52, 0x07, 0x63, 0x6f, 0x75, 0x6e, 0x74,
-	0x65, 0x72, 0x12, 0x37, 0x0a, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x18, 0x04, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68,
-	0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x53, 0x75, 0x6d, 0x6d, 0x61,
-	0x72, 0x79, 0x52, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x37, 0x0a, 0x07, 0x75,
-	0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69,
-	0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69,
-	0x65, 0x6e, 0x74, 0x2e, 0x55, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x52, 0x07, 0x75, 0x6e, 0x74,
-	0x79, 0x70, 0x65, 0x64, 0x12, 0x3d, 0x0a, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61,
-	0x6d, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f,
-	0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x48,
-	0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x52, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67,
-	0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
-	0x5f, 0x6d, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x73,
-	0x74, 0x61, 0x6d, 0x70, 0x4d, 0x73, 0x22, 0xa2, 0x01, 0x0a, 0x0c, 0x4d, 0x65, 0x74, 0x72, 0x69,
-	0x63, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
-	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x68,
-	0x65, 0x6c, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x65, 0x6c, 0x70, 0x12,
-	0x34, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e,
-	0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c,
-	0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x52,
-	0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x34, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x18,
-	0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
-	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74,
-	0x72, 0x69, 0x63, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x2a, 0x62, 0x0a, 0x0a, 0x4d,
-	0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x43, 0x4f, 0x55,
-	0x4e, 0x54, 0x45, 0x52, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x47, 0x41, 0x55, 0x47, 0x45, 0x10,
-	0x01, 0x12, 0x0b, 0x0a, 0x07, 0x53, 0x55, 0x4d, 0x4d, 0x41, 0x52, 0x59, 0x10, 0x02, 0x12, 0x0b,
-	0x0a, 0x07, 0x55, 0x4e, 0x54, 0x59, 0x50, 0x45, 0x44, 0x10, 0x03, 0x12, 0x0d, 0x0a, 0x09, 0x48,
-	0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x04, 0x12, 0x13, 0x0a, 0x0f, 0x47, 0x41,
-	0x55, 0x47, 0x45, 0x5f, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x05, 0x42,
-	0x52, 0x0a, 0x14, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73,
-	0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5a, 0x3a, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e,
-	0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2f, 0x63,
-	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x2f, 0x67, 0x6f, 0x3b, 0x69,
-	0x6f, 0x5f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x5f, 0x63, 0x6c, 0x69,
-	0x65, 0x6e, 0x74,
+	0x74, 0x2e, 0x55, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x52, 0x07, 0x75, 0x6e, 0x74, 0x79, 0x70,
+	0x65, 0x64, 0x12, 0x3d, 0x0a, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x18,
+	0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
+	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x48, 0x69, 0x73,
+	0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x52, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61,
+	0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x5f, 0x6d,
+	0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
+	0x6d, 0x70, 0x4d, 0x73, 0x22, 0xb6, 0x01, 0x0a, 0x0c, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x46,
+	0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x68, 0x65, 0x6c,
+	0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x65, 0x6c, 0x70, 0x12, 0x34, 0x0a,
+	0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e, 0x69, 0x6f,
+	0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65,
+	0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74,
+	0x79, 0x70, 0x65, 0x12, 0x34, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x18, 0x04, 0x20,
+	0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68,
+	0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x6e, 0x69,
+	0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x6e, 0x69, 0x74, 0x2a, 0x62, 0x0a,
+	0x0a, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x43,
+	0x4f, 0x55, 0x4e, 0x54, 0x45, 0x52, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x47, 0x41, 0x55, 0x47,
+	0x45, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x53, 0x55, 0x4d, 0x4d, 0x41, 0x52, 0x59, 0x10, 0x02,
+	0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x54, 0x59, 0x50, 0x45, 0x44, 0x10, 0x03, 0x12, 0x0d, 0x0a,
+	0x09, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x04, 0x12, 0x13, 0x0a, 0x0f,
+	0x47, 0x41, 0x55, 0x47, 0x45, 0x5f, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10,
+	0x05, 0x42, 0x52, 0x0a, 0x14, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65,
+	0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5a, 0x3a, 0x67, 0x69, 0x74, 0x68, 0x75,
+	0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73,
+	0x2f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x2f, 0x67, 0x6f,
+	0x3b, 0x69, 0x6f, 0x5f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x5f, 0x63,
+	0x6c, 0x69, 0x65, 0x6e, 0x74,
 }
 
 var (
@@ -1185,22 +1207,23 @@ var file_io_prometheus_client_metrics_proto_depIdxs = []int32{
 	13, // 5: io.prometheus.client.Histogram.created_timestamp:type_name -> google.protobuf.Timestamp
 	9,  // 6: io.prometheus.client.Histogram.negative_span:type_name -> io.prometheus.client.BucketSpan
 	9,  // 7: io.prometheus.client.Histogram.positive_span:type_name -> io.prometheus.client.BucketSpan
-	10, // 8: io.prometheus.client.Bucket.exemplar:type_name -> io.prometheus.client.Exemplar
-	1,  // 9: io.prometheus.client.Exemplar.label:type_name -> io.prometheus.client.LabelPair
-	13, // 10: io.prometheus.client.Exemplar.timestamp:type_name -> google.protobuf.Timestamp
-	1,  // 11: io.prometheus.client.Metric.label:type_name -> io.prometheus.client.LabelPair
-	2,  // 12: io.prometheus.client.Metric.gauge:type_name -> io.prometheus.client.Gauge
-	3,  // 13: io.prometheus.client.Metric.counter:type_name -> io.prometheus.client.Counter
-	5,  // 14: io.prometheus.client.Metric.summary:type_name -> io.prometheus.client.Summary
-	6,  // 15: io.prometheus.client.Metric.untyped:type_name -> io.prometheus.client.Untyped
-	7,  // 16: io.prometheus.client.Metric.histogram:type_name -> io.prometheus.client.Histogram
-	0,  // 17: io.prometheus.client.MetricFamily.type:type_name -> io.prometheus.client.MetricType
-	11, // 18: io.prometheus.client.MetricFamily.metric:type_name -> io.prometheus.client.Metric
-	19, // [19:19] is the sub-list for method output_type
-	19, // [19:19] is the sub-list for method input_type
-	19, // [19:19] is the sub-list for extension type_name
-	19, // [19:19] is the sub-list for extension extendee
-	0,  // [0:19] is the sub-list for field type_name
+	10, // 8: io.prometheus.client.Histogram.exemplars:type_name -> io.prometheus.client.Exemplar
+	10, // 9: io.prometheus.client.Bucket.exemplar:type_name -> io.prometheus.client.Exemplar
+	1,  // 10: io.prometheus.client.Exemplar.label:type_name -> io.prometheus.client.LabelPair
+	13, // 11: io.prometheus.client.Exemplar.timestamp:type_name -> google.protobuf.Timestamp
+	1,  // 12: io.prometheus.client.Metric.label:type_name -> io.prometheus.client.LabelPair
+	2,  // 13: io.prometheus.client.Metric.gauge:type_name -> io.prometheus.client.Gauge
+	3,  // 14: io.prometheus.client.Metric.counter:type_name -> io.prometheus.client.Counter
+	5,  // 15: io.prometheus.client.Metric.summary:type_name -> io.prometheus.client.Summary
+	6,  // 16: io.prometheus.client.Metric.untyped:type_name -> io.prometheus.client.Untyped
+	7,  // 17: io.prometheus.client.Metric.histogram:type_name -> io.prometheus.client.Histogram
+	0,  // 18: io.prometheus.client.MetricFamily.type:type_name -> io.prometheus.client.MetricType
+	11, // 19: io.prometheus.client.MetricFamily.metric:type_name -> io.prometheus.client.Metric
+	20, // [20:20] is the sub-list for method output_type
+	20, // [20:20] is the sub-list for method input_type
+	20, // [20:20] is the sub-list for extension type_name
+	20, // [20:20] is the sub-list for extension extendee
+	0,  // [0:20] is the sub-list for field type_name
 }
 
 func init() { file_io_prometheus_client_metrics_proto_init() }
diff --git a/vendor/github.com/prometheus/common/expfmt/decode.go b/vendor/github.com/prometheus/common/expfmt/decode.go
index b2b89b017..25cfaa216 100644
--- a/vendor/github.com/prometheus/common/expfmt/decode.go
+++ b/vendor/github.com/prometheus/common/expfmt/decode.go
@@ -75,14 +75,14 @@ func ResponseFormat(h http.Header) Format {
 func NewDecoder(r io.Reader, format Format) Decoder {
 	switch format.FormatType() {
 	case TypeProtoDelim:
-		return &protoDecoder{r: r}
+		return &protoDecoder{r: bufio.NewReader(r)}
 	}
 	return &textDecoder{r: r}
 }
 
 // protoDecoder implements the Decoder interface for protocol buffers.
 type protoDecoder struct {
-	r io.Reader
+	r protodelim.Reader
 }
 
 // Decode implements the Decoder interface.
@@ -90,7 +90,7 @@ func (d *protoDecoder) Decode(v *dto.MetricFamily) error {
 	opts := protodelim.UnmarshalOptions{
 		MaxSize: -1,
 	}
-	if err := opts.UnmarshalFrom(bufio.NewReader(d.r), v); err != nil {
+	if err := opts.UnmarshalFrom(d.r, v); err != nil {
 		return err
 	}
 	if !model.IsValidMetricName(model.LabelValue(v.GetName())) {
diff --git a/vendor/github.com/prometheus/common/expfmt/encode.go b/vendor/github.com/prometheus/common/expfmt/encode.go
index 8fd806184..ff5ef7a9d 100644
--- a/vendor/github.com/prometheus/common/expfmt/encode.go
+++ b/vendor/github.com/prometheus/common/expfmt/encode.go
@@ -21,9 +21,10 @@ import (
 	"google.golang.org/protobuf/encoding/protodelim"
 	"google.golang.org/protobuf/encoding/prototext"
 
-	"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg"
 	"github.com/prometheus/common/model"
 
+	"github.com/munnerz/goautoneg"
+
 	dto "github.com/prometheus/client_model/go"
 )
 
@@ -139,7 +140,13 @@ func NegotiateIncludingOpenMetrics(h http.Header) Format {
 // interface is kept for backwards compatibility.
 // In cases where the Format does not allow for UTF-8 names, the global
 // NameEscapingScheme will be applied.
-func NewEncoder(w io.Writer, format Format) Encoder {
+//
+// NewEncoder can be called with additional options to customize the OpenMetrics text output.
+// For example:
+// NewEncoder(w, FmtOpenMetrics_1_0_0, WithCreatedLines())
+//
+// Extra options are ignored for all other formats.
+func NewEncoder(w io.Writer, format Format, options ...EncoderOption) Encoder {
 	escapingScheme := format.ToEscapingScheme()
 
 	switch format.FormatType() {
@@ -178,7 +185,7 @@ func NewEncoder(w io.Writer, format Format) Encoder {
 	case TypeOpenMetrics:
 		return encoderCloser{
 			encode: func(v *dto.MetricFamily) error {
-				_, err := MetricFamilyToOpenMetrics(w, model.EscapeMetricFamily(v, escapingScheme))
+				_, err := MetricFamilyToOpenMetrics(w, model.EscapeMetricFamily(v, escapingScheme), options...)
 				return err
 			},
 			close: func() error {
diff --git a/vendor/github.com/prometheus/common/expfmt/expfmt.go b/vendor/github.com/prometheus/common/expfmt/expfmt.go
index 6fc9555e3..051b38cd1 100644
--- a/vendor/github.com/prometheus/common/expfmt/expfmt.go
+++ b/vendor/github.com/prometheus/common/expfmt/expfmt.go
@@ -15,6 +15,7 @@
 package expfmt
 
 import (
+	"fmt"
 	"strings"
 
 	"github.com/prometheus/common/model"
@@ -63,7 +64,7 @@ const (
 type FormatType int
 
 const (
-	TypeUnknown = iota
+	TypeUnknown FormatType = iota
 	TypeProtoCompact
 	TypeProtoDelim
 	TypeProtoText
@@ -73,7 +74,8 @@ const (
 
 // NewFormat generates a new Format from the type provided. Mostly used for
 // tests, most Formats should be generated as part of content negotiation in
-// encode.go.
+// encode.go. If a type has more than one version, the latest version will be
+// returned.
 func NewFormat(t FormatType) Format {
 	switch t {
 	case TypeProtoCompact:
@@ -91,13 +93,21 @@ func NewFormat(t FormatType) Format {
 	}
 }
 
+// NewOpenMetricsFormat generates a new OpenMetrics format matching the
+// specified version number.
+func NewOpenMetricsFormat(version string) (Format, error) {
+	if version == OpenMetricsVersion_0_0_1 {
+		return fmtOpenMetrics_0_0_1, nil
+	}
+	if version == OpenMetricsVersion_1_0_0 {
+		return fmtOpenMetrics_1_0_0, nil
+	}
+	return fmtUnknown, fmt.Errorf("unknown open metrics version string")
+}
+
 // FormatType deduces an overall FormatType for the given format.
 func (f Format) FormatType() FormatType {
 	toks := strings.Split(string(f), ";")
-	if len(toks) < 2 {
-		return TypeUnknown
-	}
-
 	params := make(map[string]string)
 	for i, t := range toks {
 		if i == 0 {
diff --git a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go
index 5622578ed..353c5e93f 100644
--- a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go
+++ b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go
@@ -22,11 +22,47 @@ import (
 	"strconv"
 	"strings"
 
+	"google.golang.org/protobuf/types/known/timestamppb"
+
 	"github.com/prometheus/common/model"
 
 	dto "github.com/prometheus/client_model/go"
 )
 
+type encoderOption struct {
+	withCreatedLines bool
+	withUnit         bool
+}
+
+type EncoderOption func(*encoderOption)
+
+// WithCreatedLines is an EncoderOption that configures the OpenMetrics encoder
+// to include _created lines (See
+// https://github.com/OpenObservability/OpenMetrics/blob/main/specification/OpenMetrics.md#counter-1).
+// Created timestamps can improve the accuracy of series reset detection, but
+// come with a bandwidth cost.
+//
+// At the time of writing, created timestamp ingestion is still experimental in
+// Prometheus and need to be enabled with the feature-flag
+// `--feature-flag=created-timestamp-zero-ingestion`, and breaking changes are
+// still possible. Therefore, it is recommended to use this feature with caution.
+func WithCreatedLines() EncoderOption {
+	return func(t *encoderOption) {
+		t.withCreatedLines = true
+	}
+}
+
+// WithUnit is an EncoderOption enabling a set unit to be written to the output
+// and to be added to the metric name, if it's not there already, as a suffix.
+// Without opting in this way, the unit will not be added to the metric name and,
+// on top of that, the unit will not be passed onto the output, even if it
+// were declared in the *dto.MetricFamily struct, i.e. even if in.Unit !=nil.
+func WithUnit() EncoderOption {
+	return func(t *encoderOption) {
+		t.withUnit = true
+	}
+}
+
 // MetricFamilyToOpenMetrics converts a MetricFamily proto message into the
 // OpenMetrics text format and writes the resulting lines to 'out'. It returns
 // the number of bytes written and any error encountered. The output will have
@@ -59,20 +95,34 @@ import (
 // Prometheus to OpenMetrics or vice versa:
 //
 //   - Counters are expected to have the `_total` suffix in their metric name. In
-//     the output, the suffix will be truncated from the `# TYPE` and `# HELP`
-//     line. A counter with a missing `_total` suffix is not an error. However,
+//     the output, the suffix will be truncated from the `# TYPE`, `# HELP` and `# UNIT`
+//     lines. A counter with a missing `_total` suffix is not an error. However,
 //     its type will be set to `unknown` in that case to avoid invalid OpenMetrics
 //     output.
 //
-//   - No support for the following (optional) features: `# UNIT` line, `_created`
-//     line, info type, stateset type, gaugehistogram type.
+//   - According to the OM specs, the `# UNIT` line is optional, but if populated,
+//     the unit has to be present in the metric name as its suffix:
+//     (see https://github.com/OpenObservability/OpenMetrics/blob/main/specification/OpenMetrics.md#unit).
+//     However, in order to accommodate any potential scenario where such a change in the
+//     metric name is not desirable, the users are here given the choice of either explicitly
+//     opt in, in case they wish for the unit to be included in the output AND in the metric name
+//     as a suffix (see the description of the WithUnit function above),
+//     or not to opt in, in case they don't want for any of that to happen.
+//
+//   - No support for the following (optional) features: info type,
+//     stateset type, gaugehistogram type.
 //
 //   - The size of exemplar labels is not checked (i.e. it's possible to create
 //     exemplars that are larger than allowed by the OpenMetrics specification).
 //
 //   - The value of Counters is not checked. (OpenMetrics doesn't allow counters
 //     with a `NaN` value.)
-func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int, err error) {
+func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...EncoderOption) (written int, err error) {
+	toOM := encoderOption{}
+	for _, option := range options {
+		option(&toOM)
+	}
+
 	name := in.GetName()
 	if name == "" {
 		return 0, fmt.Errorf("MetricFamily has no name: %s", in)
@@ -95,12 +145,15 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 	}
 
 	var (
-		n          int
-		metricType = in.GetType()
-		shortName  = name
+		n             int
+		metricType    = in.GetType()
+		compliantName = name
 	)
-	if metricType == dto.MetricType_COUNTER && strings.HasSuffix(shortName, "_total") {
-		shortName = name[:len(name)-6]
+	if metricType == dto.MetricType_COUNTER && strings.HasSuffix(compliantName, "_total") {
+		compliantName = name[:len(name)-6]
+	}
+	if toOM.withUnit && in.Unit != nil && !strings.HasSuffix(compliantName, fmt.Sprintf("_%s", *in.Unit)) {
+		compliantName = compliantName + fmt.Sprintf("_%s", *in.Unit)
 	}
 
 	// Comments, first HELP, then TYPE.
@@ -110,7 +163,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 		if err != nil {
 			return
 		}
-		n, err = writeName(w, shortName)
+		n, err = writeName(w, compliantName)
 		written += n
 		if err != nil {
 			return
@@ -136,7 +189,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 	if err != nil {
 		return
 	}
-	n, err = writeName(w, shortName)
+	n, err = writeName(w, compliantName)
 	written += n
 	if err != nil {
 		return
@@ -163,55 +216,89 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 	if err != nil {
 		return
 	}
+	if toOM.withUnit && in.Unit != nil {
+		n, err = w.WriteString("# UNIT ")
+		written += n
+		if err != nil {
+			return
+		}
+		n, err = writeName(w, compliantName)
+		written += n
+		if err != nil {
+			return
+		}
+
+		err = w.WriteByte(' ')
+		written++
+		if err != nil {
+			return
+		}
+		n, err = writeEscapedString(w, *in.Unit, true)
+		written += n
+		if err != nil {
+			return
+		}
+		err = w.WriteByte('\n')
+		written++
+		if err != nil {
+			return
+		}
+	}
+
+	var createdTsBytesWritten int
 
 	// Finally the samples, one line for each.
+	if metricType == dto.MetricType_COUNTER && strings.HasSuffix(name, "_total") {
+		compliantName = compliantName + "_total"
+	}
 	for _, metric := range in.Metric {
 		switch metricType {
 		case dto.MetricType_COUNTER:
 			if metric.Counter == nil {
 				return written, fmt.Errorf(
-					"expected counter in metric %s %s", name, metric,
+					"expected counter in metric %s %s", compliantName, metric,
 				)
 			}
-			// Note that we have ensured above that either the name
-			// ends on `_total` or that the rendered type is
-			// `unknown`. Therefore, no `_total` must be added here.
 			n, err = writeOpenMetricsSample(
-				w, name, "", metric, "", 0,
+				w, compliantName, "", metric, "", 0,
 				metric.Counter.GetValue(), 0, false,
 				metric.Counter.Exemplar,
 			)
+			if toOM.withCreatedLines && metric.Counter.CreatedTimestamp != nil {
+				createdTsBytesWritten, err = writeOpenMetricsCreated(w, compliantName, "_total", metric, "", 0, metric.Counter.GetCreatedTimestamp())
+				n += createdTsBytesWritten
+			}
 		case dto.MetricType_GAUGE:
 			if metric.Gauge == nil {
 				return written, fmt.Errorf(
-					"expected gauge in metric %s %s", name, metric,
+					"expected gauge in metric %s %s", compliantName, metric,
 				)
 			}
 			n, err = writeOpenMetricsSample(
-				w, name, "", metric, "", 0,
+				w, compliantName, "", metric, "", 0,
 				metric.Gauge.GetValue(), 0, false,
 				nil,
 			)
 		case dto.MetricType_UNTYPED:
 			if metric.Untyped == nil {
 				return written, fmt.Errorf(
-					"expected untyped in metric %s %s", name, metric,
+					"expected untyped in metric %s %s", compliantName, metric,
 				)
 			}
 			n, err = writeOpenMetricsSample(
-				w, name, "", metric, "", 0,
+				w, compliantName, "", metric, "", 0,
 				metric.Untyped.GetValue(), 0, false,
 				nil,
 			)
 		case dto.MetricType_SUMMARY:
 			if metric.Summary == nil {
 				return written, fmt.Errorf(
-					"expected summary in metric %s %s", name, metric,
+					"expected summary in metric %s %s", compliantName, metric,
 				)
 			}
 			for _, q := range metric.Summary.Quantile {
 				n, err = writeOpenMetricsSample(
-					w, name, "", metric,
+					w, compliantName, "", metric,
 					model.QuantileLabel, q.GetQuantile(),
 					q.GetValue(), 0, false,
 					nil,
@@ -222,7 +309,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 				}
 			}
 			n, err = writeOpenMetricsSample(
-				w, name, "_sum", metric, "", 0,
+				w, compliantName, "_sum", metric, "", 0,
 				metric.Summary.GetSampleSum(), 0, false,
 				nil,
 			)
@@ -231,20 +318,24 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 				return
 			}
 			n, err = writeOpenMetricsSample(
-				w, name, "_count", metric, "", 0,
+				w, compliantName, "_count", metric, "", 0,
 				0, metric.Summary.GetSampleCount(), true,
 				nil,
 			)
+			if toOM.withCreatedLines && metric.Summary.CreatedTimestamp != nil {
+				createdTsBytesWritten, err = writeOpenMetricsCreated(w, compliantName, "", metric, "", 0, metric.Summary.GetCreatedTimestamp())
+				n += createdTsBytesWritten
+			}
 		case dto.MetricType_HISTOGRAM:
 			if metric.Histogram == nil {
 				return written, fmt.Errorf(
-					"expected histogram in metric %s %s", name, metric,
+					"expected histogram in metric %s %s", compliantName, metric,
 				)
 			}
 			infSeen := false
 			for _, b := range metric.Histogram.Bucket {
 				n, err = writeOpenMetricsSample(
-					w, name, "_bucket", metric,
+					w, compliantName, "_bucket", metric,
 					model.BucketLabel, b.GetUpperBound(),
 					0, b.GetCumulativeCount(), true,
 					b.Exemplar,
@@ -259,7 +350,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 			}
 			if !infSeen {
 				n, err = writeOpenMetricsSample(
-					w, name, "_bucket", metric,
+					w, compliantName, "_bucket", metric,
 					model.BucketLabel, math.Inf(+1),
 					0, metric.Histogram.GetSampleCount(), true,
 					nil,
@@ -270,7 +361,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 				}
 			}
 			n, err = writeOpenMetricsSample(
-				w, name, "_sum", metric, "", 0,
+				w, compliantName, "_sum", metric, "", 0,
 				metric.Histogram.GetSampleSum(), 0, false,
 				nil,
 			)
@@ -279,13 +370,17 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int
 				return
 			}
 			n, err = writeOpenMetricsSample(
-				w, name, "_count", metric, "", 0,
+				w, compliantName, "_count", metric, "", 0,
 				0, metric.Histogram.GetSampleCount(), true,
 				nil,
 			)
+			if toOM.withCreatedLines && metric.Histogram.CreatedTimestamp != nil {
+				createdTsBytesWritten, err = writeOpenMetricsCreated(w, compliantName, "", metric, "", 0, metric.Histogram.GetCreatedTimestamp())
+				n += createdTsBytesWritten
+			}
 		default:
 			return written, fmt.Errorf(
-				"unexpected type in metric %s %s", name, metric,
+				"unexpected type in metric %s %s", compliantName, metric,
 			)
 		}
 		written += n
@@ -350,7 +445,7 @@ func writeOpenMetricsSample(
 			return written, err
 		}
 	}
-	if exemplar != nil {
+	if exemplar != nil && len(exemplar.Label) > 0 {
 		n, err = writeExemplar(w, exemplar)
 		written += n
 		if err != nil {
@@ -473,6 +568,49 @@ func writeOpenMetricsNameAndLabelPairs(
 	return written, nil
 }
 
+// writeOpenMetricsCreated writes the created timestamp for a single time series
+// following OpenMetrics text format to w, given the metric name, the metric proto
+// message itself, optionally a suffix to be removed, e.g. '_total' for counters,
+// an additional label name with a float64 value (use empty string as label name if
+// not required) and the timestamp that represents the created timestamp.
+// The function returns the number of bytes written and any error encountered.
+func writeOpenMetricsCreated(w enhancedWriter,
+	name, suffixToTrim string, metric *dto.Metric,
+	additionalLabelName string, additionalLabelValue float64,
+	createdTimestamp *timestamppb.Timestamp,
+) (int, error) {
+	written := 0
+	n, err := writeOpenMetricsNameAndLabelPairs(
+		w, strings.TrimSuffix(name, suffixToTrim)+"_created", metric.Label, additionalLabelName, additionalLabelValue,
+	)
+	written += n
+	if err != nil {
+		return written, err
+	}
+
+	err = w.WriteByte(' ')
+	written++
+	if err != nil {
+		return written, err
+	}
+
+	// TODO(beorn7): Format this directly from components of ts to
+	// avoid overflow/underflow and precision issues of the float
+	// conversion.
+	n, err = writeOpenMetricsFloat(w, float64(createdTimestamp.AsTime().UnixNano())/1e9)
+	written += n
+	if err != nil {
+		return written, err
+	}
+
+	err = w.WriteByte('\n')
+	written++
+	if err != nil {
+		return written, err
+	}
+	return written, nil
+}
+
 // writeExemplar writes the provided exemplar in OpenMetrics format to w. The
 // function returns the number of bytes written and any error encountered.
 func writeExemplar(w enhancedWriter, e *dto.Exemplar) (int, error) {
diff --git a/vendor/github.com/prometheus/common/model/alert.go b/vendor/github.com/prometheus/common/model/alert.go
index 178fdbaf6..80d1fe944 100644
--- a/vendor/github.com/prometheus/common/model/alert.go
+++ b/vendor/github.com/prometheus/common/model/alert.go
@@ -75,7 +75,12 @@ func (a *Alert) ResolvedAt(ts time.Time) bool {
 
 // Status returns the status of the alert.
 func (a *Alert) Status() AlertStatus {
-	if a.Resolved() {
+	return a.StatusAt(time.Now())
+}
+
+// StatusAt returns the status of the alert at the given timestamp.
+func (a *Alert) StatusAt(ts time.Time) AlertStatus {
+	if a.ResolvedAt(ts) {
 		return AlertResolved
 	}
 	return AlertFiring
@@ -127,6 +132,17 @@ func (as Alerts) HasFiring() bool {
 	return false
 }
 
+// HasFiringAt returns true iff one of the alerts is not resolved
+// at the time ts.
+func (as Alerts) HasFiringAt(ts time.Time) bool {
+	for _, a := range as {
+		if !a.ResolvedAt(ts) {
+			return true
+		}
+	}
+	return false
+}
+
 // Status returns StatusFiring iff at least one of the alerts is firing.
 func (as Alerts) Status() AlertStatus {
 	if as.HasFiring() {
@@ -134,3 +150,12 @@ func (as Alerts) Status() AlertStatus {
 	}
 	return AlertResolved
 }
+
+// StatusAt returns StatusFiring iff at least one of the alerts is firing
+// at the time ts.
+func (as Alerts) StatusAt(ts time.Time) AlertStatus {
+	if as.HasFiringAt(ts) {
+		return AlertFiring
+	}
+	return AlertResolved
+}
diff --git a/vendor/github.com/prometheus/common/model/labelset.go b/vendor/github.com/prometheus/common/model/labelset.go
index 6eda08a73..d0ad88da3 100644
--- a/vendor/github.com/prometheus/common/model/labelset.go
+++ b/vendor/github.com/prometheus/common/model/labelset.go
@@ -17,7 +17,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"sort"
-	"strings"
 )
 
 // A LabelSet is a collection of LabelName and LabelValue pairs.  The LabelSet
@@ -129,16 +128,6 @@ func (l LabelSet) Merge(other LabelSet) LabelSet {
 	return result
 }
 
-func (l LabelSet) String() string {
-	lstrs := make([]string, 0, len(l))
-	for l, v := range l {
-		lstrs = append(lstrs, fmt.Sprintf("%s=%q", l, v))
-	}
-
-	sort.Strings(lstrs)
-	return fmt.Sprintf("{%s}", strings.Join(lstrs, ", "))
-}
-
 // Fingerprint returns the LabelSet's fingerprint.
 func (ls LabelSet) Fingerprint() Fingerprint {
 	return labelSetToFingerprint(ls)
diff --git a/vendor/github.com/prometheus/common/model/labelset_string.go b/vendor/github.com/prometheus/common/model/labelset_string.go
new file mode 100644
index 000000000..481c47b46
--- /dev/null
+++ b/vendor/github.com/prometheus/common/model/labelset_string.go
@@ -0,0 +1,45 @@
+// Copyright 2024 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build go1.21
+
+package model
+
+import (
+	"bytes"
+	"slices"
+	"strconv"
+)
+
+// String will look like `{foo="bar", more="less"}`. Names are sorted alphabetically.
+func (l LabelSet) String() string {
+	var lna [32]string // On stack to avoid memory allocation for sorting names.
+	labelNames := lna[:0]
+	for name := range l {
+		labelNames = append(labelNames, string(name))
+	}
+	slices.Sort(labelNames)
+	var bytea [1024]byte // On stack to avoid memory allocation while building the output.
+	b := bytes.NewBuffer(bytea[:0])
+	b.WriteByte('{')
+	for i, name := range labelNames {
+		if i > 0 {
+			b.WriteString(", ")
+		}
+		b.WriteString(name)
+		b.WriteByte('=')
+		b.Write(strconv.AppendQuote(b.AvailableBuffer(), string(l[LabelName(name)])))
+	}
+	b.WriteByte('}')
+	return b.String()
+}
diff --git a/vendor/github.com/prometheus/common/model/labelset_string_go120.go b/vendor/github.com/prometheus/common/model/labelset_string_go120.go
new file mode 100644
index 000000000..c4212685e
--- /dev/null
+++ b/vendor/github.com/prometheus/common/model/labelset_string_go120.go
@@ -0,0 +1,39 @@
+// Copyright 2024 The Prometheus Authors
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//go:build !go1.21
+
+package model
+
+import (
+	"fmt"
+	"sort"
+	"strings"
+)
+
+// String was optimized using functions not available for go 1.20
+// or lower. We keep the old implementation for compatibility with client_golang.
+// Once client golang drops support for go 1.20 (scheduled for August 2024), this
+// file can be removed.
+func (l LabelSet) String() string {
+	labelNames := make([]string, 0, len(l))
+	for name := range l {
+		labelNames = append(labelNames, string(name))
+	}
+	sort.Strings(labelNames)
+	lstrs := make([]string, 0, len(l))
+	for _, name := range labelNames {
+		lstrs = append(lstrs, fmt.Sprintf("%s=%q", name, l[LabelName(name)]))
+	}
+	return fmt.Sprintf("{%s}", strings.Join(lstrs, ", "))
+}
diff --git a/vendor/github.com/prometheus/common/model/metric.go b/vendor/github.com/prometheus/common/model/metric.go
index 0bd29b3a3..eb865e5a5 100644
--- a/vendor/github.com/prometheus/common/model/metric.go
+++ b/vendor/github.com/prometheus/common/model/metric.go
@@ -204,6 +204,7 @@ func EscapeMetricFamily(v *dto.MetricFamily, scheme EscapingScheme) *dto.MetricF
 	out := &dto.MetricFamily{
 		Help: v.Help,
 		Type: v.Type,
+		Unit: v.Unit,
 	}
 
 	// If the name is nil, copy as-is, don't try to escape.
diff --git a/vendor/github.com/prometheus/procfs/.golangci.yml b/vendor/github.com/prometheus/procfs/.golangci.yml
index c24864a92..126df9e67 100644
--- a/vendor/github.com/prometheus/procfs/.golangci.yml
+++ b/vendor/github.com/prometheus/procfs/.golangci.yml
@@ -1,9 +1,16 @@
 ---
 linters:
   enable:
+  - errcheck
   - godot
+  - gosimple
+  - govet
+  - ineffassign
   - misspell
   - revive
+  - staticcheck
+  - testifylint
+  - unused
 
 linter-settings:
   godot:
diff --git a/vendor/github.com/prometheus/procfs/MAINTAINERS.md b/vendor/github.com/prometheus/procfs/MAINTAINERS.md
index 56ba67d3e..e00f3b365 100644
--- a/vendor/github.com/prometheus/procfs/MAINTAINERS.md
+++ b/vendor/github.com/prometheus/procfs/MAINTAINERS.md
@@ -1,2 +1,3 @@
 * Johannes 'fish' Ziemke  @discordianfish
-* Paul Gier  @pgier
+* Paul Gier  @pgier
+* Ben Kochie  @SuperQ
diff --git a/vendor/github.com/prometheus/procfs/Makefile.common b/vendor/github.com/prometheus/procfs/Makefile.common
index 062a28185..161729235 100644
--- a/vendor/github.com/prometheus/procfs/Makefile.common
+++ b/vendor/github.com/prometheus/procfs/Makefile.common
@@ -49,23 +49,23 @@ endif
 GOTEST := $(GO) test
 GOTEST_DIR :=
 ifneq ($(CIRCLE_JOB),)
-ifneq ($(shell command -v gotestsum > /dev/null),)
+ifneq ($(shell command -v gotestsum 2> /dev/null),)
 	GOTEST_DIR := test-results
 	GOTEST := gotestsum --junitfile $(GOTEST_DIR)/unit-tests.xml --
 endif
 endif
 
-PROMU_VERSION ?= 0.15.0
+PROMU_VERSION ?= 0.17.0
 PROMU_URL     := https://github.com/prometheus/promu/releases/download/v$(PROMU_VERSION)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM).tar.gz
 
 SKIP_GOLANGCI_LINT :=
 GOLANGCI_LINT :=
 GOLANGCI_LINT_OPTS ?=
-GOLANGCI_LINT_VERSION ?= v1.54.2
-# golangci-lint only supports linux, darwin and windows platforms on i386/amd64.
+GOLANGCI_LINT_VERSION ?= v1.59.0
+# golangci-lint only supports linux, darwin and windows platforms on i386/amd64/arm64.
 # windows isn't included here because of the path separator being different.
 ifeq ($(GOHOSTOS),$(filter $(GOHOSTOS),linux darwin))
-	ifeq ($(GOHOSTARCH),$(filter $(GOHOSTARCH),amd64 i386))
+	ifeq ($(GOHOSTARCH),$(filter $(GOHOSTARCH),amd64 i386 arm64))
 		# If we're in CI and there is an Actions file, that means the linter
 		# is being run in Actions, so we don't need to run it here.
 		ifneq (,$(SKIP_GOLANGCI_LINT))
@@ -169,16 +169,20 @@ common-vet:
 common-lint: $(GOLANGCI_LINT)
 ifdef GOLANGCI_LINT
 	@echo ">> running golangci-lint"
-# 'go list' needs to be executed before staticcheck to prepopulate the modules cache.
-# Otherwise staticcheck might fail randomly for some reason not yet explained.
-	$(GO) list -e -compiled -test=true -export=false -deps=true -find=false -tags= -- ./... > /dev/null
 	$(GOLANGCI_LINT) run $(GOLANGCI_LINT_OPTS) $(pkgs)
 endif
 
+.PHONY: common-lint-fix
+common-lint-fix: $(GOLANGCI_LINT)
+ifdef GOLANGCI_LINT
+	@echo ">> running golangci-lint fix"
+	$(GOLANGCI_LINT) run --fix $(GOLANGCI_LINT_OPTS) $(pkgs)
+endif
+
 .PHONY: common-yamllint
 common-yamllint:
 	@echo ">> running yamllint on all YAML files in the repository"
-ifeq (, $(shell command -v yamllint > /dev/null))
+ifeq (, $(shell command -v yamllint 2> /dev/null))
 	@echo "yamllint not installed so skipping"
 else
 	yamllint .
@@ -204,6 +208,10 @@ common-tarball: promu
 	@echo ">> building release tarball"
 	$(PROMU) tarball --prefix $(PREFIX) $(BIN_DIR)
 
+.PHONY: common-docker-repo-name
+common-docker-repo-name:
+	@echo "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)"
+
 .PHONY: common-docker $(BUILD_DOCKER_ARCHS)
 common-docker: $(BUILD_DOCKER_ARCHS)
 $(BUILD_DOCKER_ARCHS): common-docker-%:
diff --git a/vendor/github.com/prometheus/procfs/arp.go b/vendor/github.com/prometheus/procfs/arp.go
index 28783e2dd..cdcc8a7cc 100644
--- a/vendor/github.com/prometheus/procfs/arp.go
+++ b/vendor/github.com/prometheus/procfs/arp.go
@@ -55,7 +55,7 @@ type ARPEntry struct {
 func (fs FS) GatherARPEntries() ([]ARPEntry, error) {
 	data, err := os.ReadFile(fs.proc.Path("net/arp"))
 	if err != nil {
-		return nil, fmt.Errorf("%s: error reading arp %s: %w", ErrFileRead, fs.proc.Path("net/arp"), err)
+		return nil, fmt.Errorf("%w: error reading arp %s: %w", ErrFileRead, fs.proc.Path("net/arp"), err)
 	}
 
 	return parseARPEntries(data)
@@ -78,11 +78,11 @@ func parseARPEntries(data []byte) ([]ARPEntry, error) {
 		} else if width == expectedDataWidth {
 			entry, err := parseARPEntry(columns)
 			if err != nil {
-				return []ARPEntry{}, fmt.Errorf("%s: Failed to parse ARP entry: %v: %w", ErrFileParse, entry, err)
+				return []ARPEntry{}, fmt.Errorf("%w: Failed to parse ARP entry: %v: %w", ErrFileParse, entry, err)
 			}
 			entries = append(entries, entry)
 		} else {
-			return []ARPEntry{}, fmt.Errorf("%s: %d columns found, but expected %d: %w", ErrFileParse, width, expectedDataWidth, err)
+			return []ARPEntry{}, fmt.Errorf("%w: %d columns found, but expected %d: %w", ErrFileParse, width, expectedDataWidth, err)
 		}
 
 	}
diff --git a/vendor/github.com/prometheus/procfs/buddyinfo.go b/vendor/github.com/prometheus/procfs/buddyinfo.go
index 4a173636c..838075009 100644
--- a/vendor/github.com/prometheus/procfs/buddyinfo.go
+++ b/vendor/github.com/prometheus/procfs/buddyinfo.go
@@ -58,8 +58,8 @@ func parseBuddyInfo(r io.Reader) ([]BuddyInfo, error) {
 			return nil, fmt.Errorf("%w: Invalid number of fields, found: %v", ErrFileParse, parts)
 		}
 
-		node := strings.TrimRight(parts[1], ",")
-		zone := strings.TrimRight(parts[3], ",")
+		node := strings.TrimSuffix(parts[1], ",")
+		zone := strings.TrimSuffix(parts[3], ",")
 		arraySize := len(parts[4:])
 
 		if bucketCount == -1 {
@@ -74,7 +74,7 @@ func parseBuddyInfo(r io.Reader) ([]BuddyInfo, error) {
 		for i := 0; i < arraySize; i++ {
 			sizes[i], err = strconv.ParseFloat(parts[i+4], 64)
 			if err != nil {
-				return nil, fmt.Errorf("%s: Invalid valid in buddyinfo: %f: %w", ErrFileParse, sizes[i], err)
+				return nil, fmt.Errorf("%w: Invalid valid in buddyinfo: %f: %w", ErrFileParse, sizes[i], err)
 			}
 		}
 
diff --git a/vendor/github.com/prometheus/procfs/cpuinfo.go b/vendor/github.com/prometheus/procfs/cpuinfo.go
index f4f5501c6..f0950bb49 100644
--- a/vendor/github.com/prometheus/procfs/cpuinfo.go
+++ b/vendor/github.com/prometheus/procfs/cpuinfo.go
@@ -194,7 +194,7 @@ func parseCPUInfoARM(info []byte) ([]CPUInfo, error) {
 	firstLine := firstNonEmptyLine(scanner)
 	match, err := regexp.MatchString("^[Pp]rocessor", firstLine)
 	if !match || !strings.Contains(firstLine, ":") {
-		return nil, fmt.Errorf("%s: Cannot parse line: %q: %w", ErrFileParse, firstLine, err)
+		return nil, fmt.Errorf("%w: Cannot parse line: %q: %w", ErrFileParse, firstLine, err)
 
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
@@ -386,7 +386,7 @@ func parseCPUInfoLoong(info []byte) ([]CPUInfo, error) {
 	// find the first "processor" line
 	firstLine := firstNonEmptyLine(scanner)
 	if !strings.HasPrefix(firstLine, "system type") || !strings.Contains(firstLine, ":") {
-		return nil, errors.New("invalid cpuinfo file: " + firstLine)
+		return nil, fmt.Errorf("%w: %q", ErrFileParse, firstLine)
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
 	cpuinfo := []CPUInfo{}
diff --git a/vendor/github.com/prometheus/procfs/crypto.go b/vendor/github.com/prometheus/procfs/crypto.go
index 9a73e2639..5f2a37a78 100644
--- a/vendor/github.com/prometheus/procfs/crypto.go
+++ b/vendor/github.com/prometheus/procfs/crypto.go
@@ -55,13 +55,13 @@ func (fs FS) Crypto() ([]Crypto, error) {
 	path := fs.proc.Path("crypto")
 	b, err := util.ReadFileNoStat(path)
 	if err != nil {
-		return nil, fmt.Errorf("%s: Cannot read file %v: %w", ErrFileRead, b, err)
+		return nil, fmt.Errorf("%w: Cannot read file %v: %w", ErrFileRead, b, err)
 
 	}
 
 	crypto, err := parseCrypto(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse %v: %w", ErrFileParse, crypto, err)
+		return nil, fmt.Errorf("%w: Cannot parse %v: %w", ErrFileParse, crypto, err)
 	}
 
 	return crypto, nil
@@ -84,7 +84,7 @@ func parseCrypto(r io.Reader) ([]Crypto, error) {
 
 		kv := strings.Split(text, ":")
 		if len(kv) != 2 {
-			return nil, fmt.Errorf("%w: Cannot parae line: %q", ErrFileParse, text)
+			return nil, fmt.Errorf("%w: Cannot parse line: %q", ErrFileParse, text)
 		}
 
 		k := strings.TrimSpace(kv[0])
diff --git a/vendor/github.com/prometheus/procfs/fscache.go b/vendor/github.com/prometheus/procfs/fscache.go
index f560a8db3..cf2e3eaa0 100644
--- a/vendor/github.com/prometheus/procfs/fscache.go
+++ b/vendor/github.com/prometheus/procfs/fscache.go
@@ -236,7 +236,7 @@ func (fs FS) Fscacheinfo() (Fscacheinfo, error) {
 
 	m, err := parseFscacheinfo(bytes.NewReader(b))
 	if err != nil {
-		return Fscacheinfo{}, fmt.Errorf("%s: Cannot parse %v: %w", ErrFileParse, m, err)
+		return Fscacheinfo{}, fmt.Errorf("%w: Cannot parse %v: %w", ErrFileParse, m, err)
 	}
 
 	return *m, nil
@@ -245,7 +245,7 @@ func (fs FS) Fscacheinfo() (Fscacheinfo, error) {
 func setFSCacheFields(fields []string, setFields ...*uint64) error {
 	var err error
 	if len(fields) < len(setFields) {
-		return fmt.Errorf("%s: Expected %d, but got %d: %w", ErrFileParse, len(setFields), len(fields), err)
+		return fmt.Errorf("%w: Expected %d, but got %d: %w", ErrFileParse, len(setFields), len(fields), err)
 	}
 
 	for i := range setFields {
diff --git a/vendor/github.com/prometheus/procfs/ipvs.go b/vendor/github.com/prometheus/procfs/ipvs.go
index 5a145bbfe..bc3a20c93 100644
--- a/vendor/github.com/prometheus/procfs/ipvs.go
+++ b/vendor/github.com/prometheus/procfs/ipvs.go
@@ -221,16 +221,16 @@ func parseIPPort(s string) (net.IP, uint16, error) {
 	case 46:
 		ip = net.ParseIP(s[1:40])
 		if ip == nil {
-			return nil, 0, fmt.Errorf("%s: Invalid IPv6 addr %s: %w", ErrFileParse, s[1:40], err)
+			return nil, 0, fmt.Errorf("%w: Invalid IPv6 addr %s: %w", ErrFileParse, s[1:40], err)
 		}
 	default:
-		return nil, 0, fmt.Errorf("%s: Unexpected IP:Port %s: %w", ErrFileParse, s, err)
+		return nil, 0, fmt.Errorf("%w: Unexpected IP:Port %s: %w", ErrFileParse, s, err)
 	}
 
 	portString := s[len(s)-4:]
 	if len(portString) != 4 {
 		return nil, 0,
-			fmt.Errorf("%s: Unexpected port string format %s: %w", ErrFileParse, portString, err)
+			fmt.Errorf("%w: Unexpected port string format %s: %w", ErrFileParse, portString, err)
 	}
 	port, err := strconv.ParseUint(portString, 16, 16)
 	if err != nil {
diff --git a/vendor/github.com/prometheus/procfs/loadavg.go b/vendor/github.com/prometheus/procfs/loadavg.go
index 59465c5bb..332e76c17 100644
--- a/vendor/github.com/prometheus/procfs/loadavg.go
+++ b/vendor/github.com/prometheus/procfs/loadavg.go
@@ -51,7 +51,7 @@ func parseLoad(loadavgBytes []byte) (*LoadAvg, error) {
 	for i, load := range parts[0:3] {
 		loads[i], err = strconv.ParseFloat(load, 64)
 		if err != nil {
-			return nil, fmt.Errorf("%s: Cannot parse load: %f: %w", ErrFileParse, loads[i], err)
+			return nil, fmt.Errorf("%w: Cannot parse load: %f: %w", ErrFileParse, loads[i], err)
 		}
 	}
 	return &LoadAvg{
diff --git a/vendor/github.com/prometheus/procfs/mdstat.go b/vendor/github.com/prometheus/procfs/mdstat.go
index fdd4b9544..67a9d2b44 100644
--- a/vendor/github.com/prometheus/procfs/mdstat.go
+++ b/vendor/github.com/prometheus/procfs/mdstat.go
@@ -23,7 +23,7 @@ import (
 
 var (
 	statusLineRE         = regexp.MustCompile(`(\d+) blocks .*\[(\d+)/(\d+)\] \[([U_]+)\]`)
-	recoveryLineBlocksRE = regexp.MustCompile(`\((\d+)/\d+\)`)
+	recoveryLineBlocksRE = regexp.MustCompile(`\((\d+/\d+)\)`)
 	recoveryLinePctRE    = regexp.MustCompile(`= (.+)%`)
 	recoveryLineFinishRE = regexp.MustCompile(`finish=(.+)min`)
 	recoveryLineSpeedRE  = regexp.MustCompile(`speed=(.+)[A-Z]`)
@@ -50,6 +50,8 @@ type MDStat struct {
 	BlocksTotal int64
 	// Number of blocks on the device that are in sync.
 	BlocksSynced int64
+	// Number of blocks on the device that need to be synced.
+	BlocksToBeSynced int64
 	// progress percentage of current sync
 	BlocksSyncedPct float64
 	// estimated finishing time for current sync (in minutes)
@@ -70,7 +72,7 @@ func (fs FS) MDStat() ([]MDStat, error) {
 	}
 	mdstat, err := parseMDStat(data)
 	if err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse %v: %w", ErrFileParse, fs.proc.Path("mdstat"), err)
+		return nil, fmt.Errorf("%w: Cannot parse %v: %w", ErrFileParse, fs.proc.Path("mdstat"), err)
 	}
 	return mdstat, nil
 }
@@ -90,7 +92,7 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 
 		deviceFields := strings.Fields(line)
 		if len(deviceFields) < 3 {
-			return nil, fmt.Errorf("%s: Expected 3+ lines, got %q", ErrFileParse, line)
+			return nil, fmt.Errorf("%w: Expected 3+ lines, got %q", ErrFileParse, line)
 		}
 		mdName := deviceFields[0] // mdx
 		state := deviceFields[2]  // active or inactive
@@ -105,7 +107,7 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 		active, total, down, size, err := evalStatusLine(lines[i], lines[i+1])
 
 		if err != nil {
-			return nil, fmt.Errorf("%s: Cannot parse md device lines: %v: %w", ErrFileParse, active, err)
+			return nil, fmt.Errorf("%w: Cannot parse md device lines: %v: %w", ErrFileParse, active, err)
 		}
 
 		syncLineIdx := i + 2
@@ -115,7 +117,8 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 
 		// If device is syncing at the moment, get the number of currently
 		// synced bytes, otherwise that number equals the size of the device.
-		syncedBlocks := size
+		blocksSynced := size
+		blocksToBeSynced := size
 		speed := float64(0)
 		finish := float64(0)
 		pct := float64(0)
@@ -136,11 +139,11 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 			// Handle case when resync=PENDING or resync=DELAYED.
 			if strings.Contains(lines[syncLineIdx], "PENDING") ||
 				strings.Contains(lines[syncLineIdx], "DELAYED") {
-				syncedBlocks = 0
+				blocksSynced = 0
 			} else {
-				syncedBlocks, pct, finish, speed, err = evalRecoveryLine(lines[syncLineIdx])
+				blocksSynced, blocksToBeSynced, pct, finish, speed, err = evalRecoveryLine(lines[syncLineIdx])
 				if err != nil {
-					return nil, fmt.Errorf("%s: Cannot parse sync line in md device: %q: %w", ErrFileParse, mdName, err)
+					return nil, fmt.Errorf("%w: Cannot parse sync line in md device: %q: %w", ErrFileParse, mdName, err)
 				}
 			}
 		}
@@ -154,7 +157,8 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 			DisksSpare:             spare,
 			DisksTotal:             total,
 			BlocksTotal:            size,
-			BlocksSynced:           syncedBlocks,
+			BlocksSynced:           blocksSynced,
+			BlocksToBeSynced:       blocksToBeSynced,
 			BlocksSyncedPct:        pct,
 			BlocksSyncedFinishTime: finish,
 			BlocksSyncedSpeed:      speed,
@@ -168,13 +172,13 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 func evalStatusLine(deviceLine, statusLine string) (active, total, down, size int64, err error) {
 	statusFields := strings.Fields(statusLine)
 	if len(statusFields) < 1 {
-		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%w: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
 	}
 
 	sizeStr := statusFields[0]
 	size, err = strconv.ParseInt(sizeStr, 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%w: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
 	}
 
 	if strings.Contains(deviceLine, "raid0") || strings.Contains(deviceLine, "linear") {
@@ -189,65 +193,71 @@ func evalStatusLine(deviceLine, statusLine string) (active, total, down, size in
 
 	matches := statusLineRE.FindStringSubmatch(statusLine)
 	if len(matches) != 5 {
-		return 0, 0, 0, 0, fmt.Errorf("%s: Could not fild all substring matches %s: %w", ErrFileParse, statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%w: Could not fild all substring matches %s: %w", ErrFileParse, statusLine, err)
 	}
 
 	total, err = strconv.ParseInt(matches[2], 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%w: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
 	}
 
 	active, err = strconv.ParseInt(matches[3], 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected active %d: %w", ErrFileParse, active, err)
+		return 0, 0, 0, 0, fmt.Errorf("%w: Unexpected active %d: %w", ErrFileParse, active, err)
 	}
 	down = int64(strings.Count(matches[4], "_"))
 
 	return active, total, down, size, nil
 }
 
-func evalRecoveryLine(recoveryLine string) (syncedBlocks int64, pct float64, finish float64, speed float64, err error) {
+func evalRecoveryLine(recoveryLine string) (blocksSynced int64, blocksToBeSynced int64, pct float64, finish float64, speed float64, err error) {
 	matches := recoveryLineBlocksRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected recoveryLine %s: %w", ErrFileParse, recoveryLine, err)
+		return 0, 0, 0, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine blocks %s: %w", ErrFileParse, recoveryLine, err)
 	}
 
-	syncedBlocks, err = strconv.ParseInt(matches[1], 10, 64)
+	blocks := strings.Split(matches[1], "/")
+	blocksSynced, err = strconv.ParseInt(blocks[0], 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected parsing of recoveryLine %q: %w", ErrFileParse, recoveryLine, err)
+		return 0, 0, 0, 0, 0, fmt.Errorf("%w: Unable to parse recovery blocks synced %q: %w", ErrFileParse, matches[1], err)
+	}
+
+	blocksToBeSynced, err = strconv.ParseInt(blocks[1], 10, 64)
+	if err != nil {
+		return blocksSynced, 0, 0, 0, 0, fmt.Errorf("%w: Unable to parse recovery to be synced blocks %q: %w", ErrFileParse, matches[2], err)
 	}
 
 	// Get percentage complete
 	matches = recoveryLinePctRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return syncedBlocks, 0, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching percentage %s", ErrFileParse, recoveryLine)
+		return blocksSynced, blocksToBeSynced, 0, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching percentage %s", ErrFileParse, recoveryLine)
 	}
 	pct, err = strconv.ParseFloat(strings.TrimSpace(matches[1]), 64)
 	if err != nil {
-		return syncedBlocks, 0, 0, 0, fmt.Errorf("%w: Error parsing float from recoveryLine %q", ErrFileParse, recoveryLine)
+		return blocksSynced, blocksToBeSynced, 0, 0, 0, fmt.Errorf("%w: Error parsing float from recoveryLine %q", ErrFileParse, recoveryLine)
 	}
 
 	// Get time expected left to complete
 	matches = recoveryLineFinishRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return syncedBlocks, pct, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching est. finish time: %s", ErrFileParse, recoveryLine)
+		return blocksSynced, blocksToBeSynced, pct, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching est. finish time: %s", ErrFileParse, recoveryLine)
 	}
 	finish, err = strconv.ParseFloat(matches[1], 64)
 	if err != nil {
-		return syncedBlocks, pct, 0, 0, fmt.Errorf("%w: Unable to parse float from recoveryLine: %q", ErrFileParse, recoveryLine)
+		return blocksSynced, blocksToBeSynced, pct, 0, 0, fmt.Errorf("%w: Unable to parse float from recoveryLine: %q", ErrFileParse, recoveryLine)
 	}
 
 	// Get recovery speed
 	matches = recoveryLineSpeedRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return syncedBlocks, pct, finish, 0, fmt.Errorf("%w: Unexpected recoveryLine value: %s", ErrFileParse, recoveryLine)
+		return blocksSynced, blocksToBeSynced, pct, finish, 0, fmt.Errorf("%w: Unexpected recoveryLine value: %s", ErrFileParse, recoveryLine)
 	}
 	speed, err = strconv.ParseFloat(matches[1], 64)
 	if err != nil {
-		return syncedBlocks, pct, finish, 0, fmt.Errorf("%s: Error parsing float from recoveryLine: %q: %w", ErrFileParse, recoveryLine, err)
+		return blocksSynced, blocksToBeSynced, pct, finish, 0, fmt.Errorf("%w: Error parsing float from recoveryLine: %q: %w", ErrFileParse, recoveryLine, err)
 	}
 
-	return syncedBlocks, pct, finish, speed, nil
+	return blocksSynced, blocksToBeSynced, pct, finish, speed, nil
 }
 
 func evalComponentDevices(deviceFields []string) []string {
diff --git a/vendor/github.com/prometheus/procfs/meminfo.go b/vendor/github.com/prometheus/procfs/meminfo.go
index eaf00e224..4b2c4050a 100644
--- a/vendor/github.com/prometheus/procfs/meminfo.go
+++ b/vendor/github.com/prometheus/procfs/meminfo.go
@@ -126,6 +126,7 @@ type Meminfo struct {
 	VmallocUsed *uint64
 	// largest contiguous block of vmalloc area which is free
 	VmallocChunk      *uint64
+	Percpu            *uint64
 	HardwareCorrupted *uint64
 	AnonHugePages     *uint64
 	ShmemHugePages    *uint64
@@ -140,6 +141,55 @@ type Meminfo struct {
 	DirectMap4k       *uint64
 	DirectMap2M       *uint64
 	DirectMap1G       *uint64
+
+	// The struct fields below are the byte-normalized counterparts to the
+	// existing struct fields. Values are normalized using the optional
+	// unit field in the meminfo line.
+	MemTotalBytes          *uint64
+	MemFreeBytes           *uint64
+	MemAvailableBytes      *uint64
+	BuffersBytes           *uint64
+	CachedBytes            *uint64
+	SwapCachedBytes        *uint64
+	ActiveBytes            *uint64
+	InactiveBytes          *uint64
+	ActiveAnonBytes        *uint64
+	InactiveAnonBytes      *uint64
+	ActiveFileBytes        *uint64
+	InactiveFileBytes      *uint64
+	UnevictableBytes       *uint64
+	MlockedBytes           *uint64
+	SwapTotalBytes         *uint64
+	SwapFreeBytes          *uint64
+	DirtyBytes             *uint64
+	WritebackBytes         *uint64
+	AnonPagesBytes         *uint64
+	MappedBytes            *uint64
+	ShmemBytes             *uint64
+	SlabBytes              *uint64
+	SReclaimableBytes      *uint64
+	SUnreclaimBytes        *uint64
+	KernelStackBytes       *uint64
+	PageTablesBytes        *uint64
+	NFSUnstableBytes       *uint64
+	BounceBytes            *uint64
+	WritebackTmpBytes      *uint64
+	CommitLimitBytes       *uint64
+	CommittedASBytes       *uint64
+	VmallocTotalBytes      *uint64
+	VmallocUsedBytes       *uint64
+	VmallocChunkBytes      *uint64
+	PercpuBytes            *uint64
+	HardwareCorruptedBytes *uint64
+	AnonHugePagesBytes     *uint64
+	ShmemHugePagesBytes    *uint64
+	ShmemPmdMappedBytes    *uint64
+	CmaTotalBytes          *uint64
+	CmaFreeBytes           *uint64
+	HugepagesizeBytes      *uint64
+	DirectMap4kBytes       *uint64
+	DirectMap2MBytes       *uint64
+	DirectMap1GBytes       *uint64
 }
 
 // Meminfo returns an information about current kernel/system memory statistics.
@@ -152,7 +202,7 @@ func (fs FS) Meminfo() (Meminfo, error) {
 
 	m, err := parseMemInfo(bytes.NewReader(b))
 	if err != nil {
-		return Meminfo{}, fmt.Errorf("%s: %w", ErrFileParse, err)
+		return Meminfo{}, fmt.Errorf("%w: %w", ErrFileParse, err)
 	}
 
 	return *m, nil
@@ -162,114 +212,176 @@ func parseMemInfo(r io.Reader) (*Meminfo, error) {
 	var m Meminfo
 	s := bufio.NewScanner(r)
 	for s.Scan() {
-		// Each line has at least a name and value; we ignore the unit.
 		fields := strings.Fields(s.Text())
-		if len(fields) < 2 {
-			return nil, fmt.Errorf("%w: Malformed line %q", ErrFileParse, s.Text())
-		}
+		var val, valBytes uint64
 
-		v, err := strconv.ParseUint(fields[1], 0, 64)
+		val, err := strconv.ParseUint(fields[1], 0, 64)
 		if err != nil {
 			return nil, err
 		}
 
+		switch len(fields) {
+		case 2:
+			// No unit present, use the parsed the value as bytes directly.
+			valBytes = val
+		case 3:
+			// Unit present in optional 3rd field, convert it to
+			// bytes. The only unit supported within the Linux
+			// kernel is `kB`.
+			if fields[2] != "kB" {
+				return nil, fmt.Errorf("%w: Unsupported unit in optional 3rd field %q", ErrFileParse, fields[2])
+			}
+
+			valBytes = 1024 * val
+
+		default:
+			return nil, fmt.Errorf("%w: Malformed line %q", ErrFileParse, s.Text())
+		}
+
 		switch fields[0] {
 		case "MemTotal:":
-			m.MemTotal = &v
+			m.MemTotal = &val
+			m.MemTotalBytes = &valBytes
 		case "MemFree:":
-			m.MemFree = &v
+			m.MemFree = &val
+			m.MemFreeBytes = &valBytes
 		case "MemAvailable:":
-			m.MemAvailable = &v
+			m.MemAvailable = &val
+			m.MemAvailableBytes = &valBytes
 		case "Buffers:":
-			m.Buffers = &v
+			m.Buffers = &val
+			m.BuffersBytes = &valBytes
 		case "Cached:":
-			m.Cached = &v
+			m.Cached = &val
+			m.CachedBytes = &valBytes
 		case "SwapCached:":
-			m.SwapCached = &v
+			m.SwapCached = &val
+			m.SwapCachedBytes = &valBytes
 		case "Active:":
-			m.Active = &v
+			m.Active = &val
+			m.ActiveBytes = &valBytes
 		case "Inactive:":
-			m.Inactive = &v
+			m.Inactive = &val
+			m.InactiveBytes = &valBytes
 		case "Active(anon):":
-			m.ActiveAnon = &v
+			m.ActiveAnon = &val
+			m.ActiveAnonBytes = &valBytes
 		case "Inactive(anon):":
-			m.InactiveAnon = &v
+			m.InactiveAnon = &val
+			m.InactiveAnonBytes = &valBytes
 		case "Active(file):":
-			m.ActiveFile = &v
+			m.ActiveFile = &val
+			m.ActiveFileBytes = &valBytes
 		case "Inactive(file):":
-			m.InactiveFile = &v
+			m.InactiveFile = &val
+			m.InactiveFileBytes = &valBytes
 		case "Unevictable:":
-			m.Unevictable = &v
+			m.Unevictable = &val
+			m.UnevictableBytes = &valBytes
 		case "Mlocked:":
-			m.Mlocked = &v
+			m.Mlocked = &val
+			m.MlockedBytes = &valBytes
 		case "SwapTotal:":
-			m.SwapTotal = &v
+			m.SwapTotal = &val
+			m.SwapTotalBytes = &valBytes
 		case "SwapFree:":
-			m.SwapFree = &v
+			m.SwapFree = &val
+			m.SwapFreeBytes = &valBytes
 		case "Dirty:":
-			m.Dirty = &v
+			m.Dirty = &val
+			m.DirtyBytes = &valBytes
 		case "Writeback:":
-			m.Writeback = &v
+			m.Writeback = &val
+			m.WritebackBytes = &valBytes
 		case "AnonPages:":
-			m.AnonPages = &v
+			m.AnonPages = &val
+			m.AnonPagesBytes = &valBytes
 		case "Mapped:":
-			m.Mapped = &v
+			m.Mapped = &val
+			m.MappedBytes = &valBytes
 		case "Shmem:":
-			m.Shmem = &v
+			m.Shmem = &val
+			m.ShmemBytes = &valBytes
 		case "Slab:":
-			m.Slab = &v
+			m.Slab = &val
+			m.SlabBytes = &valBytes
 		case "SReclaimable:":
-			m.SReclaimable = &v
+			m.SReclaimable = &val
+			m.SReclaimableBytes = &valBytes
 		case "SUnreclaim:":
-			m.SUnreclaim = &v
+			m.SUnreclaim = &val
+			m.SUnreclaimBytes = &valBytes
 		case "KernelStack:":
-			m.KernelStack = &v
+			m.KernelStack = &val
+			m.KernelStackBytes = &valBytes
 		case "PageTables:":
-			m.PageTables = &v
+			m.PageTables = &val
+			m.PageTablesBytes = &valBytes
 		case "NFS_Unstable:":
-			m.NFSUnstable = &v
+			m.NFSUnstable = &val
+			m.NFSUnstableBytes = &valBytes
 		case "Bounce:":
-			m.Bounce = &v
+			m.Bounce = &val
+			m.BounceBytes = &valBytes
 		case "WritebackTmp:":
-			m.WritebackTmp = &v
+			m.WritebackTmp = &val
+			m.WritebackTmpBytes = &valBytes
 		case "CommitLimit:":
-			m.CommitLimit = &v
+			m.CommitLimit = &val
+			m.CommitLimitBytes = &valBytes
 		case "Committed_AS:":
-			m.CommittedAS = &v
+			m.CommittedAS = &val
+			m.CommittedASBytes = &valBytes
 		case "VmallocTotal:":
-			m.VmallocTotal = &v
+			m.VmallocTotal = &val
+			m.VmallocTotalBytes = &valBytes
 		case "VmallocUsed:":
-			m.VmallocUsed = &v
+			m.VmallocUsed = &val
+			m.VmallocUsedBytes = &valBytes
 		case "VmallocChunk:":
-			m.VmallocChunk = &v
+			m.VmallocChunk = &val
+			m.VmallocChunkBytes = &valBytes
+		case "Percpu:":
+			m.Percpu = &val
+			m.PercpuBytes = &valBytes
 		case "HardwareCorrupted:":
-			m.HardwareCorrupted = &v
+			m.HardwareCorrupted = &val
+			m.HardwareCorruptedBytes = &valBytes
 		case "AnonHugePages:":
-			m.AnonHugePages = &v
+			m.AnonHugePages = &val
+			m.AnonHugePagesBytes = &valBytes
 		case "ShmemHugePages:":
-			m.ShmemHugePages = &v
+			m.ShmemHugePages = &val
+			m.ShmemHugePagesBytes = &valBytes
 		case "ShmemPmdMapped:":
-			m.ShmemPmdMapped = &v
+			m.ShmemPmdMapped = &val
+			m.ShmemPmdMappedBytes = &valBytes
 		case "CmaTotal:":
-			m.CmaTotal = &v
+			m.CmaTotal = &val
+			m.CmaTotalBytes = &valBytes
 		case "CmaFree:":
-			m.CmaFree = &v
+			m.CmaFree = &val
+			m.CmaFreeBytes = &valBytes
 		case "HugePages_Total:":
-			m.HugePagesTotal = &v
+			m.HugePagesTotal = &val
 		case "HugePages_Free:":
-			m.HugePagesFree = &v
+			m.HugePagesFree = &val
 		case "HugePages_Rsvd:":
-			m.HugePagesRsvd = &v
+			m.HugePagesRsvd = &val
 		case "HugePages_Surp:":
-			m.HugePagesSurp = &v
+			m.HugePagesSurp = &val
 		case "Hugepagesize:":
-			m.Hugepagesize = &v
+			m.Hugepagesize = &val
+			m.HugepagesizeBytes = &valBytes
 		case "DirectMap4k:":
-			m.DirectMap4k = &v
+			m.DirectMap4k = &val
+			m.DirectMap4kBytes = &valBytes
 		case "DirectMap2M:":
-			m.DirectMap2M = &v
+			m.DirectMap2M = &val
+			m.DirectMap2MBytes = &valBytes
 		case "DirectMap1G:":
-			m.DirectMap1G = &v
+			m.DirectMap1G = &val
+			m.DirectMap1GBytes = &valBytes
 		}
 	}
 
diff --git a/vendor/github.com/prometheus/procfs/mountinfo.go b/vendor/github.com/prometheus/procfs/mountinfo.go
index 388ebf396..a704c5e73 100644
--- a/vendor/github.com/prometheus/procfs/mountinfo.go
+++ b/vendor/github.com/prometheus/procfs/mountinfo.go
@@ -109,7 +109,7 @@ func parseMountInfoString(mountString string) (*MountInfo, error) {
 	if mountInfo[6] != "" {
 		mount.OptionalFields, err = mountOptionsParseOptionalFields(mountInfo[6 : mountInfoLength-4])
 		if err != nil {
-			return nil, fmt.Errorf("%s: %w", ErrFileParse, err)
+			return nil, fmt.Errorf("%w: %w", ErrFileParse, err)
 		}
 	}
 	return mount, nil
diff --git a/vendor/github.com/prometheus/procfs/mountstats.go b/vendor/github.com/prometheus/procfs/mountstats.go
index 9d8af6db7..75a3b6c81 100644
--- a/vendor/github.com/prometheus/procfs/mountstats.go
+++ b/vendor/github.com/prometheus/procfs/mountstats.go
@@ -88,7 +88,7 @@ type MountStatsNFS struct {
 	// Statistics broken down by filesystem operation.
 	Operations []NFSOperationStats
 	// Statistics about the NFS RPC transport.
-	Transport NFSTransportStats
+	Transport []NFSTransportStats
 }
 
 // mountStats implements MountStats.
@@ -194,8 +194,6 @@ type NFSOperationStats struct {
 	CumulativeTotalResponseMilliseconds uint64
 	// Duration from when a request was enqueued to when it was completely handled.
 	CumulativeTotalRequestMilliseconds uint64
-	// The average time from the point the client sends RPC requests until it receives the response.
-	AverageRTTMilliseconds float64
 	// The count of operations that complete with tk_status < 0.  These statuses usually indicate error conditions.
 	Errors uint64
 }
@@ -434,7 +432,7 @@ func parseMountStatsNFS(s *bufio.Scanner, statVersion string) (*MountStatsNFS, e
 				return nil, err
 			}
 
-			stats.Transport = *tstats
+			stats.Transport = append(stats.Transport, *tstats)
 		}
 
 		// When encountering "per-operation statistics", we must break this
@@ -582,9 +580,6 @@ func parseNFSOperationStats(s *bufio.Scanner) ([]NFSOperationStats, error) {
 			CumulativeTotalResponseMilliseconds: ns[6],
 			CumulativeTotalRequestMilliseconds:  ns[7],
 		}
-		if ns[0] != 0 {
-			opStats.AverageRTTMilliseconds = float64(ns[6]) / float64(ns[0])
-		}
 
 		if len(ns) > 8 {
 			opStats.Errors = ns[8]
@@ -632,7 +627,7 @@ func parseNFSTransportStats(ss []string, statVersion string) (*NFSTransportStats
 			return nil, fmt.Errorf("%w: invalid NFS transport stats 1.1 statement: %v, protocol: %v", ErrFileParse, ss, protocol)
 		}
 	default:
-		return nil, fmt.Errorf("%s: Unrecognized NFS transport stats version: %q, protocol: %v", ErrFileParse, statVersion, protocol)
+		return nil, fmt.Errorf("%w: Unrecognized NFS transport stats version: %q, protocol: %v", ErrFileParse, statVersion, protocol)
 	}
 
 	// Allocate enough for v1.1 stats since zero value for v1.1 stats will be okay
diff --git a/vendor/github.com/prometheus/procfs/net_conntrackstat.go b/vendor/github.com/prometheus/procfs/net_conntrackstat.go
index fdfa45611..316df5fbb 100644
--- a/vendor/github.com/prometheus/procfs/net_conntrackstat.go
+++ b/vendor/github.com/prometheus/procfs/net_conntrackstat.go
@@ -58,7 +58,7 @@ func readConntrackStat(path string) ([]ConntrackStatEntry, error) {
 
 	stat, err := parseConntrackStat(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%s: Cannot read file: %v: %w", ErrFileRead, path, err)
+		return nil, fmt.Errorf("%w: Cannot read file: %v: %w", ErrFileRead, path, err)
 	}
 
 	return stat, nil
@@ -86,7 +86,7 @@ func parseConntrackStat(r io.Reader) ([]ConntrackStatEntry, error) {
 func parseConntrackStatEntry(fields []string) (*ConntrackStatEntry, error) {
 	entries, err := util.ParseHexUint64s(fields)
 	if err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse entry: %d: %w", ErrFileParse, entries, err)
+		return nil, fmt.Errorf("%w: Cannot parse entry: %d: %w", ErrFileParse, entries, err)
 	}
 	numEntries := len(entries)
 	if numEntries < 16 || numEntries > 17 {
diff --git a/vendor/github.com/prometheus/procfs/net_ip_socket.go b/vendor/github.com/prometheus/procfs/net_ip_socket.go
index 4da81ea57..b70f1fc7a 100644
--- a/vendor/github.com/prometheus/procfs/net_ip_socket.go
+++ b/vendor/github.com/prometheus/procfs/net_ip_socket.go
@@ -50,10 +50,13 @@ type (
 		// UsedSockets shows the total number of parsed lines representing the
 		// number of used sockets.
 		UsedSockets uint64
+		// Drops shows the total number of dropped packets of all UPD sockets.
+		Drops *uint64
 	}
 
 	// netIPSocketLine represents the fields parsed from a single line
 	// in /proc/net/{t,u}dp{,6}. Fields which are not used by IPSocket are skipped.
+	// Drops is non-nil for udp{,6}, but nil for tcp{,6}.
 	// For the proc file format details, see https://linux.die.net/man/5/proc.
 	netIPSocketLine struct {
 		Sl        uint64
@@ -66,6 +69,7 @@ type (
 		RxQueue   uint64
 		UID       uint64
 		Inode     uint64
+		Drops     *uint64
 	}
 )
 
@@ -77,13 +81,14 @@ func newNetIPSocket(file string) (NetIPSocket, error) {
 	defer f.Close()
 
 	var netIPSocket NetIPSocket
+	isUDP := strings.Contains(file, "udp")
 
 	lr := io.LimitReader(f, readLimit)
 	s := bufio.NewScanner(lr)
 	s.Scan() // skip first line with headers
 	for s.Scan() {
 		fields := strings.Fields(s.Text())
-		line, err := parseNetIPSocketLine(fields)
+		line, err := parseNetIPSocketLine(fields, isUDP)
 		if err != nil {
 			return nil, err
 		}
@@ -104,19 +109,25 @@ func newNetIPSocketSummary(file string) (*NetIPSocketSummary, error) {
 	defer f.Close()
 
 	var netIPSocketSummary NetIPSocketSummary
+	var udpPacketDrops uint64
+	isUDP := strings.Contains(file, "udp")
 
 	lr := io.LimitReader(f, readLimit)
 	s := bufio.NewScanner(lr)
 	s.Scan() // skip first line with headers
 	for s.Scan() {
 		fields := strings.Fields(s.Text())
-		line, err := parseNetIPSocketLine(fields)
+		line, err := parseNetIPSocketLine(fields, isUDP)
 		if err != nil {
 			return nil, err
 		}
 		netIPSocketSummary.TxQueueLength += line.TxQueue
 		netIPSocketSummary.RxQueueLength += line.RxQueue
 		netIPSocketSummary.UsedSockets++
+		if isUDP {
+			udpPacketDrops += *line.Drops
+			netIPSocketSummary.Drops = &udpPacketDrops
+		}
 	}
 	if err := s.Err(); err != nil {
 		return nil, err
@@ -130,7 +141,7 @@ func parseIP(hexIP string) (net.IP, error) {
 	var byteIP []byte
 	byteIP, err := hex.DecodeString(hexIP)
 	if err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse socket field in %q: %w", ErrFileParse, hexIP, err)
+		return nil, fmt.Errorf("%w: Cannot parse socket field in %q: %w", ErrFileParse, hexIP, err)
 	}
 	switch len(byteIP) {
 	case 4:
@@ -144,12 +155,12 @@ func parseIP(hexIP string) (net.IP, error) {
 		}
 		return i, nil
 	default:
-		return nil, fmt.Errorf("%s: Unable to parse IP %s: %w", ErrFileParse, hexIP, nil)
+		return nil, fmt.Errorf("%w: Unable to parse IP %s: %v", ErrFileParse, hexIP, nil)
 	}
 }
 
 // parseNetIPSocketLine parses a single line, represented by a list of fields.
-func parseNetIPSocketLine(fields []string) (*netIPSocketLine, error) {
+func parseNetIPSocketLine(fields []string, isUDP bool) (*netIPSocketLine, error) {
 	line := &netIPSocketLine{}
 	if len(fields) < 10 {
 		return nil, fmt.Errorf(
@@ -167,7 +178,7 @@ func parseNetIPSocketLine(fields []string) (*netIPSocketLine, error) {
 	}
 
 	if line.Sl, err = strconv.ParseUint(s[0], 0, 64); err != nil {
-		return nil, fmt.Errorf("%s: Unable to parse sl field in %q: %w", ErrFileParse, line.Sl, err)
+		return nil, fmt.Errorf("%w: Unable to parse sl field in %q: %w", ErrFileParse, line.Sl, err)
 	}
 	// local_address
 	l := strings.Split(fields[1], ":")
@@ -178,7 +189,7 @@ func parseNetIPSocketLine(fields []string) (*netIPSocketLine, error) {
 		return nil, err
 	}
 	if line.LocalPort, err = strconv.ParseUint(l[1], 16, 64); err != nil {
-		return nil, fmt.Errorf("%s: Unable to parse local_address port value line %q: %w", ErrFileParse, line.LocalPort, err)
+		return nil, fmt.Errorf("%w: Unable to parse local_address port value line %q: %w", ErrFileParse, line.LocalPort, err)
 	}
 
 	// remote_address
@@ -190,12 +201,12 @@ func parseNetIPSocketLine(fields []string) (*netIPSocketLine, error) {
 		return nil, err
 	}
 	if line.RemPort, err = strconv.ParseUint(r[1], 16, 64); err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse rem_address port value in %q: %w", ErrFileParse, line.RemPort, err)
+		return nil, fmt.Errorf("%w: Cannot parse rem_address port value in %q: %w", ErrFileParse, line.RemPort, err)
 	}
 
 	// st
 	if line.St, err = strconv.ParseUint(fields[3], 16, 64); err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse st value in %q: %w", ErrFileParse, line.St, err)
+		return nil, fmt.Errorf("%w: Cannot parse st value in %q: %w", ErrFileParse, line.St, err)
 	}
 
 	// tx_queue and rx_queue
@@ -208,20 +219,29 @@ func parseNetIPSocketLine(fields []string) (*netIPSocketLine, error) {
 		)
 	}
 	if line.TxQueue, err = strconv.ParseUint(q[0], 16, 64); err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse tx_queue value in %q: %w", ErrFileParse, line.TxQueue, err)
+		return nil, fmt.Errorf("%w: Cannot parse tx_queue value in %q: %w", ErrFileParse, line.TxQueue, err)
 	}
 	if line.RxQueue, err = strconv.ParseUint(q[1], 16, 64); err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse trx_queue value in %q: %w", ErrFileParse, line.RxQueue, err)
+		return nil, fmt.Errorf("%w: Cannot parse trx_queue value in %q: %w", ErrFileParse, line.RxQueue, err)
 	}
 
 	// uid
 	if line.UID, err = strconv.ParseUint(fields[7], 0, 64); err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse UID value in %q: %w", ErrFileParse, line.UID, err)
+		return nil, fmt.Errorf("%w: Cannot parse UID value in %q: %w", ErrFileParse, line.UID, err)
 	}
 
 	// inode
 	if line.Inode, err = strconv.ParseUint(fields[9], 0, 64); err != nil {
-		return nil, fmt.Errorf("%s: Cannot parse inode value in %q: %w", ErrFileParse, line.Inode, err)
+		return nil, fmt.Errorf("%w: Cannot parse inode value in %q: %w", ErrFileParse, line.Inode, err)
+	}
+
+	// drops
+	if isUDP {
+		drops, err := strconv.ParseUint(fields[12], 0, 64)
+		if err != nil {
+			return nil, fmt.Errorf("%w: Cannot parse drops value in %q: %w", ErrFileParse, drops, err)
+		}
+		line.Drops = &drops
 	}
 
 	return line, nil
diff --git a/vendor/github.com/prometheus/procfs/net_sockstat.go b/vendor/github.com/prometheus/procfs/net_sockstat.go
index 360e36af7..fae62b13d 100644
--- a/vendor/github.com/prometheus/procfs/net_sockstat.go
+++ b/vendor/github.com/prometheus/procfs/net_sockstat.go
@@ -69,7 +69,7 @@ func readSockstat(name string) (*NetSockstat, error) {
 
 	stat, err := parseSockstat(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%s: sockstats from %q: %w", ErrFileRead, name, err)
+		return nil, fmt.Errorf("%w: sockstats from %q: %w", ErrFileRead, name, err)
 	}
 
 	return stat, nil
@@ -89,7 +89,7 @@ func parseSockstat(r io.Reader) (*NetSockstat, error) {
 		// The remaining fields are key/value pairs.
 		kvs, err := parseSockstatKVs(fields[1:])
 		if err != nil {
-			return nil, fmt.Errorf("%s: sockstat key/value pairs from %q: %w", ErrFileParse, s.Text(), err)
+			return nil, fmt.Errorf("%w: sockstat key/value pairs from %q: %w", ErrFileParse, s.Text(), err)
 		}
 
 		// The first field is the protocol. We must trim its colon suffix.
diff --git a/vendor/github.com/prometheus/procfs/net_softnet.go b/vendor/github.com/prometheus/procfs/net_softnet.go
index c77085291..71c8059f4 100644
--- a/vendor/github.com/prometheus/procfs/net_softnet.go
+++ b/vendor/github.com/prometheus/procfs/net_softnet.go
@@ -64,7 +64,7 @@ func (fs FS) NetSoftnetStat() ([]SoftnetStat, error) {
 
 	entries, err := parseSoftnet(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%s: /proc/net/softnet_stat: %w", ErrFileParse, err)
+		return nil, fmt.Errorf("%w: /proc/net/softnet_stat: %w", ErrFileParse, err)
 	}
 
 	return entries, nil
diff --git a/vendor/github.com/prometheus/procfs/net_tls_stat.go b/vendor/github.com/prometheus/procfs/net_tls_stat.go
new file mode 100644
index 000000000..13994c178
--- /dev/null
+++ b/vendor/github.com/prometheus/procfs/net_tls_stat.go
@@ -0,0 +1,119 @@
+// Copyright 2023 Prometheus Team
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package procfs
+
+import (
+	"bufio"
+	"fmt"
+	"os"
+	"strconv"
+	"strings"
+)
+
+// TLSStat struct represents data in /proc/net/tls_stat.
+// See https://docs.kernel.org/networking/tls.html#statistics
+type TLSStat struct {
+	// number of TX sessions currently installed where host handles cryptography
+	TLSCurrTxSw int
+	// number of RX sessions currently installed where host handles cryptography
+	TLSCurrRxSw int
+	// number of TX sessions currently installed where NIC handles cryptography
+	TLSCurrTxDevice int
+	// number of RX sessions currently installed where NIC handles cryptography
+	TLSCurrRxDevice int
+	//number of TX sessions opened with host cryptography
+	TLSTxSw int
+	//number of RX sessions opened with host cryptography
+	TLSRxSw int
+	// number of TX sessions opened with NIC cryptography
+	TLSTxDevice int
+	// number of RX sessions opened with NIC cryptography
+	TLSRxDevice int
+	// record decryption failed (e.g. due to incorrect authentication tag)
+	TLSDecryptError int
+	//  number of RX resyncs sent to NICs handling cryptography
+	TLSRxDeviceResync int
+	// number of RX records which had to be re-decrypted due to TLS_RX_EXPECT_NO_PAD mis-prediction. Note that this counter will also increment for non-data records.
+	TLSDecryptRetry int
+	// number of data RX records which had to be re-decrypted due to TLS_RX_EXPECT_NO_PAD mis-prediction.
+	TLSRxNoPadViolation int
+}
+
+// NewTLSStat reads the tls_stat statistics.
+func NewTLSStat() (TLSStat, error) {
+	fs, err := NewFS(DefaultMountPoint)
+	if err != nil {
+		return TLSStat{}, err
+	}
+
+	return fs.NewTLSStat()
+}
+
+// NewTLSStat reads the tls_stat statistics.
+func (fs FS) NewTLSStat() (TLSStat, error) {
+	file, err := os.Open(fs.proc.Path("net/tls_stat"))
+	if err != nil {
+		return TLSStat{}, err
+	}
+	defer file.Close()
+
+	var (
+		tlsstat = TLSStat{}
+		s       = bufio.NewScanner(file)
+	)
+
+	for s.Scan() {
+		fields := strings.Fields(s.Text())
+
+		if len(fields) != 2 {
+			return TLSStat{}, fmt.Errorf("%w: %q line %q", ErrFileParse, file.Name(), s.Text())
+		}
+
+		name := fields[0]
+		value, err := strconv.Atoi(fields[1])
+		if err != nil {
+			return TLSStat{}, err
+		}
+
+		switch name {
+		case "TlsCurrTxSw":
+			tlsstat.TLSCurrTxSw = value
+		case "TlsCurrRxSw":
+			tlsstat.TLSCurrRxSw = value
+		case "TlsCurrTxDevice":
+			tlsstat.TLSCurrTxDevice = value
+		case "TlsCurrRxDevice":
+			tlsstat.TLSCurrRxDevice = value
+		case "TlsTxSw":
+			tlsstat.TLSTxSw = value
+		case "TlsRxSw":
+			tlsstat.TLSRxSw = value
+		case "TlsTxDevice":
+			tlsstat.TLSTxDevice = value
+		case "TlsRxDevice":
+			tlsstat.TLSRxDevice = value
+		case "TlsDecryptError":
+			tlsstat.TLSDecryptError = value
+		case "TlsRxDeviceResync":
+			tlsstat.TLSRxDeviceResync = value
+		case "TlsDecryptRetry":
+			tlsstat.TLSDecryptRetry = value
+		case "TlsRxNoPadViolation":
+			tlsstat.TLSRxNoPadViolation = value
+		}
+
+	}
+
+	return tlsstat, s.Err()
+}
diff --git a/vendor/github.com/prometheus/procfs/net_unix.go b/vendor/github.com/prometheus/procfs/net_unix.go
index acbbc57ea..d868cebda 100644
--- a/vendor/github.com/prometheus/procfs/net_unix.go
+++ b/vendor/github.com/prometheus/procfs/net_unix.go
@@ -108,14 +108,14 @@ func parseNetUNIX(r io.Reader) (*NetUNIX, error) {
 		line := s.Text()
 		item, err := nu.parseLine(line, hasInode, minFields)
 		if err != nil {
-			return nil, fmt.Errorf("%s: /proc/net/unix encountered data %q: %w", ErrFileParse, line, err)
+			return nil, fmt.Errorf("%w: /proc/net/unix encountered data %q: %w", ErrFileParse, line, err)
 		}
 
 		nu.Rows = append(nu.Rows, item)
 	}
 
 	if err := s.Err(); err != nil {
-		return nil, fmt.Errorf("%s: /proc/net/unix encountered data: %w", ErrFileParse, err)
+		return nil, fmt.Errorf("%w: /proc/net/unix encountered data: %w", ErrFileParse, err)
 	}
 
 	return &nu, nil
@@ -136,29 +136,29 @@ func (u *NetUNIX) parseLine(line string, hasInode bool, min int) (*NetUNIXLine,
 
 	users, err := u.parseUsers(fields[1])
 	if err != nil {
-		return nil, fmt.Errorf("%s: ref count %q: %w", ErrFileParse, fields[1], err)
+		return nil, fmt.Errorf("%w: ref count %q: %w", ErrFileParse, fields[1], err)
 	}
 
 	flags, err := u.parseFlags(fields[3])
 	if err != nil {
-		return nil, fmt.Errorf("%s: Unable to parse flags %q: %w", ErrFileParse, fields[3], err)
+		return nil, fmt.Errorf("%w: Unable to parse flags %q: %w", ErrFileParse, fields[3], err)
 	}
 
 	typ, err := u.parseType(fields[4])
 	if err != nil {
-		return nil, fmt.Errorf("%s: Failed to parse type %q: %w", ErrFileParse, fields[4], err)
+		return nil, fmt.Errorf("%w: Failed to parse type %q: %w", ErrFileParse, fields[4], err)
 	}
 
 	state, err := u.parseState(fields[5])
 	if err != nil {
-		return nil, fmt.Errorf("%s: Failed to parse state %q: %w", ErrFileParse, fields[5], err)
+		return nil, fmt.Errorf("%w: Failed to parse state %q: %w", ErrFileParse, fields[5], err)
 	}
 
 	var inode uint64
 	if hasInode {
 		inode, err = u.parseInode(fields[6])
 		if err != nil {
-			return nil, fmt.Errorf("%s failed to parse inode %q: %w", ErrFileParse, fields[6], err)
+			return nil, fmt.Errorf("%w failed to parse inode %q: %w", ErrFileParse, fields[6], err)
 		}
 	}
 
diff --git a/vendor/github.com/prometheus/procfs/net_wireless.go b/vendor/github.com/prometheus/procfs/net_wireless.go
index 7443edca9..7c597bc87 100644
--- a/vendor/github.com/prometheus/procfs/net_wireless.go
+++ b/vendor/github.com/prometheus/procfs/net_wireless.go
@@ -68,7 +68,7 @@ func (fs FS) Wireless() ([]*Wireless, error) {
 
 	m, err := parseWireless(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%s: wireless: %w", ErrFileParse, err)
+		return nil, fmt.Errorf("%w: wireless: %w", ErrFileParse, err)
 	}
 
 	return m, nil
@@ -114,47 +114,47 @@ func parseWireless(r io.Reader) ([]*Wireless, error) {
 
 		qlink, err := strconv.Atoi(strings.TrimSuffix(stats[1], "."))
 		if err != nil {
-			return nil, fmt.Errorf("%s: parse Quality:link as integer %q: %w", ErrFileParse, qlink, err)
+			return nil, fmt.Errorf("%w: parse Quality:link as integer %q: %w", ErrFileParse, qlink, err)
 		}
 
 		qlevel, err := strconv.Atoi(strings.TrimSuffix(stats[2], "."))
 		if err != nil {
-			return nil, fmt.Errorf("%s: Quality:level as integer %q: %w", ErrFileParse, qlevel, err)
+			return nil, fmt.Errorf("%w: Quality:level as integer %q: %w", ErrFileParse, qlevel, err)
 		}
 
 		qnoise, err := strconv.Atoi(strings.TrimSuffix(stats[3], "."))
 		if err != nil {
-			return nil, fmt.Errorf("%s: Quality:noise as integer %q: %w", ErrFileParse, qnoise, err)
+			return nil, fmt.Errorf("%w: Quality:noise as integer %q: %w", ErrFileParse, qnoise, err)
 		}
 
 		dnwid, err := strconv.Atoi(stats[4])
 		if err != nil {
-			return nil, fmt.Errorf("%s: Discarded:nwid as integer %q: %w", ErrFileParse, dnwid, err)
+			return nil, fmt.Errorf("%w: Discarded:nwid as integer %q: %w", ErrFileParse, dnwid, err)
 		}
 
 		dcrypt, err := strconv.Atoi(stats[5])
 		if err != nil {
-			return nil, fmt.Errorf("%s: Discarded:crypt as integer %q: %w", ErrFileParse, dcrypt, err)
+			return nil, fmt.Errorf("%w: Discarded:crypt as integer %q: %w", ErrFileParse, dcrypt, err)
 		}
 
 		dfrag, err := strconv.Atoi(stats[6])
 		if err != nil {
-			return nil, fmt.Errorf("%s: Discarded:frag as integer %q: %w", ErrFileParse, dfrag, err)
+			return nil, fmt.Errorf("%w: Discarded:frag as integer %q: %w", ErrFileParse, dfrag, err)
 		}
 
 		dretry, err := strconv.Atoi(stats[7])
 		if err != nil {
-			return nil, fmt.Errorf("%s: Discarded:retry as integer %q: %w", ErrFileParse, dretry, err)
+			return nil, fmt.Errorf("%w: Discarded:retry as integer %q: %w", ErrFileParse, dretry, err)
 		}
 
 		dmisc, err := strconv.Atoi(stats[8])
 		if err != nil {
-			return nil, fmt.Errorf("%s: Discarded:misc as integer %q: %w", ErrFileParse, dmisc, err)
+			return nil, fmt.Errorf("%w: Discarded:misc as integer %q: %w", ErrFileParse, dmisc, err)
 		}
 
 		mbeacon, err := strconv.Atoi(stats[9])
 		if err != nil {
-			return nil, fmt.Errorf("%s: Missed:beacon as integer %q: %w", ErrFileParse, mbeacon, err)
+			return nil, fmt.Errorf("%w: Missed:beacon as integer %q: %w", ErrFileParse, mbeacon, err)
 		}
 
 		w := &Wireless{
@@ -175,7 +175,7 @@ func parseWireless(r io.Reader) ([]*Wireless, error) {
 	}
 
 	if err := scanner.Err(); err != nil {
-		return nil, fmt.Errorf("%s: Failed to scan /proc/net/wireless: %w", ErrFileRead, err)
+		return nil, fmt.Errorf("%w: Failed to scan /proc/net/wireless: %w", ErrFileRead, err)
 	}
 
 	return interfaces, nil
diff --git a/vendor/github.com/prometheus/procfs/proc.go b/vendor/github.com/prometheus/procfs/proc.go
index d1f71caa5..142796368 100644
--- a/vendor/github.com/prometheus/procfs/proc.go
+++ b/vendor/github.com/prometheus/procfs/proc.go
@@ -111,7 +111,7 @@ func (fs FS) AllProcs() (Procs, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return Procs{}, fmt.Errorf("%s: Cannot read file: %v: %w", ErrFileRead, names, err)
+		return Procs{}, fmt.Errorf("%w: Cannot read file: %v: %w", ErrFileRead, names, err)
 	}
 
 	p := Procs{}
@@ -137,7 +137,7 @@ func (p Proc) CmdLine() ([]string, error) {
 		return []string{}, nil
 	}
 
-	return strings.Split(string(bytes.TrimRight(data, string("\x00"))), string(byte(0))), nil
+	return strings.Split(string(bytes.TrimRight(data, "\x00")), "\x00"), nil
 }
 
 // Wchan returns the wchan (wait channel) of a process.
@@ -212,7 +212,7 @@ func (p Proc) FileDescriptors() ([]uintptr, error) {
 	for i, n := range names {
 		fd, err := strconv.ParseInt(n, 10, 32)
 		if err != nil {
-			return nil, fmt.Errorf("%s: Cannot parse line: %v: %w", ErrFileParse, i, err)
+			return nil, fmt.Errorf("%w: Cannot parse line: %v: %w", ErrFileParse, i, err)
 		}
 		fds[i] = uintptr(fd)
 	}
@@ -297,7 +297,7 @@ func (p Proc) fileDescriptors() ([]string, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return nil, fmt.Errorf("%s: Cannot read file: %v: %w", ErrFileRead, names, err)
+		return nil, fmt.Errorf("%w: Cannot read file: %v: %w", ErrFileRead, names, err)
 	}
 
 	return names, nil
diff --git a/vendor/github.com/prometheus/procfs/proc_limits.go b/vendor/github.com/prometheus/procfs/proc_limits.go
index c86d815d7..9530b14bc 100644
--- a/vendor/github.com/prometheus/procfs/proc_limits.go
+++ b/vendor/github.com/prometheus/procfs/proc_limits.go
@@ -154,7 +154,7 @@ func parseUint(s string) (uint64, error) {
 	}
 	i, err := strconv.ParseUint(s, 10, 64)
 	if err != nil {
-		return 0, fmt.Errorf("%s: couldn't parse value %q: %w", ErrFileParse, s, err)
+		return 0, fmt.Errorf("%w: couldn't parse value %q: %w", ErrFileParse, s, err)
 	}
 	return i, nil
 }
diff --git a/vendor/github.com/prometheus/procfs/proc_ns.go b/vendor/github.com/prometheus/procfs/proc_ns.go
index c22666750..0f8f847f9 100644
--- a/vendor/github.com/prometheus/procfs/proc_ns.go
+++ b/vendor/github.com/prometheus/procfs/proc_ns.go
@@ -40,7 +40,7 @@ func (p Proc) Namespaces() (Namespaces, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return nil, fmt.Errorf("%s: failed to read contents of ns dir: %w", ErrFileRead, err)
+		return nil, fmt.Errorf("%w: failed to read contents of ns dir: %w", ErrFileRead, err)
 	}
 
 	ns := make(Namespaces, len(names))
@@ -58,7 +58,7 @@ func (p Proc) Namespaces() (Namespaces, error) {
 		typ := fields[0]
 		inode, err := strconv.ParseUint(strings.Trim(fields[1], "[]"), 10, 32)
 		if err != nil {
-			return nil, fmt.Errorf("%s: inode from %q: %w", ErrFileParse, fields[1], err)
+			return nil, fmt.Errorf("%w: inode from %q: %w", ErrFileParse, fields[1], err)
 		}
 
 		ns[name] = Namespace{typ, uint32(inode)}
diff --git a/vendor/github.com/prometheus/procfs/proc_psi.go b/vendor/github.com/prometheus/procfs/proc_psi.go
index fe9dbb425..ccd35f153 100644
--- a/vendor/github.com/prometheus/procfs/proc_psi.go
+++ b/vendor/github.com/prometheus/procfs/proc_psi.go
@@ -61,7 +61,7 @@ type PSIStats struct {
 func (fs FS) PSIStatsForResource(resource string) (PSIStats, error) {
 	data, err := util.ReadFileNoStat(fs.proc.Path(fmt.Sprintf("%s/%s", "pressure", resource)))
 	if err != nil {
-		return PSIStats{}, fmt.Errorf("%s: psi_stats: unavailable for %q: %w", ErrFileRead, resource, err)
+		return PSIStats{}, fmt.Errorf("%w: psi_stats: unavailable for %q: %w", ErrFileRead, resource, err)
 	}
 
 	return parsePSIStats(bytes.NewReader(data))
diff --git a/vendor/github.com/prometheus/procfs/proc_smaps.go b/vendor/github.com/prometheus/procfs/proc_smaps.go
index ad8785a40..09060e820 100644
--- a/vendor/github.com/prometheus/procfs/proc_smaps.go
+++ b/vendor/github.com/prometheus/procfs/proc_smaps.go
@@ -127,7 +127,7 @@ func (s *ProcSMapsRollup) parseLine(line string) error {
 	}
 
 	v := strings.TrimSpace(kv[1])
-	v = strings.TrimRight(v, " kB")
+	v = strings.TrimSuffix(v, " kB")
 
 	vKBytes, err := strconv.ParseUint(v, 10, 64)
 	if err != nil {
diff --git a/vendor/github.com/prometheus/procfs/proc_stat.go b/vendor/github.com/prometheus/procfs/proc_stat.go
index 923e55005..06a8d931c 100644
--- a/vendor/github.com/prometheus/procfs/proc_stat.go
+++ b/vendor/github.com/prometheus/procfs/proc_stat.go
@@ -110,6 +110,11 @@ type ProcStat struct {
 	Policy uint
 	// Aggregated block I/O delays, measured in clock ticks (centiseconds).
 	DelayAcctBlkIOTicks uint64
+	// Guest time of the process (time spent running a virtual CPU for a guest
+	// operating system), measured in clock ticks.
+	GuestTime int
+	// Guest time of the process's children, measured in clock ticks.
+	CGuestTime int
 
 	proc FS
 }
@@ -189,6 +194,8 @@ func (p Proc) Stat() (ProcStat, error) {
 		&s.RTPriority,
 		&s.Policy,
 		&s.DelayAcctBlkIOTicks,
+		&s.GuestTime,
+		&s.CGuestTime,
 	)
 	if err != nil {
 		return ProcStat{}, err
diff --git a/vendor/github.com/prometheus/procfs/proc_status.go b/vendor/github.com/prometheus/procfs/proc_status.go
index 46307f572..a055197c6 100644
--- a/vendor/github.com/prometheus/procfs/proc_status.go
+++ b/vendor/github.com/prometheus/procfs/proc_status.go
@@ -15,6 +15,7 @@ package procfs
 
 import (
 	"bytes"
+	"math/bits"
 	"sort"
 	"strconv"
 	"strings"
@@ -76,9 +77,9 @@ type ProcStatus struct {
 	NonVoluntaryCtxtSwitches uint64
 
 	// UIDs of the process (Real, effective, saved set, and filesystem UIDs)
-	UIDs [4]string
+	UIDs [4]uint64
 	// GIDs of the process (Real, effective, saved set, and filesystem GIDs)
-	GIDs [4]string
+	GIDs [4]uint64
 
 	// CpusAllowedList: List of cpu cores processes are allowed to run on.
 	CpusAllowedList []uint64
@@ -113,22 +114,37 @@ func (p Proc) NewStatus() (ProcStatus, error) {
 		// convert kB to B
 		vBytes := vKBytes * 1024
 
-		s.fillStatus(k, v, vKBytes, vBytes)
+		err = s.fillStatus(k, v, vKBytes, vBytes)
+		if err != nil {
+			return ProcStatus{}, err
+		}
 	}
 
 	return s, nil
 }
 
-func (s *ProcStatus) fillStatus(k string, vString string, vUint uint64, vUintBytes uint64) {
+func (s *ProcStatus) fillStatus(k string, vString string, vUint uint64, vUintBytes uint64) error {
 	switch k {
 	case "Tgid":
 		s.TGID = int(vUint)
 	case "Name":
 		s.Name = vString
 	case "Uid":
-		copy(s.UIDs[:], strings.Split(vString, "\t"))
+		var err error
+		for i, v := range strings.Split(vString, "\t") {
+			s.UIDs[i], err = strconv.ParseUint(v, 10, bits.UintSize)
+			if err != nil {
+				return err
+			}
+		}
 	case "Gid":
-		copy(s.GIDs[:], strings.Split(vString, "\t"))
+		var err error
+		for i, v := range strings.Split(vString, "\t") {
+			s.GIDs[i], err = strconv.ParseUint(v, 10, bits.UintSize)
+			if err != nil {
+				return err
+			}
+		}
 	case "NSpid":
 		s.NSpids = calcNSPidsList(vString)
 	case "VmPeak":
@@ -173,6 +189,7 @@ func (s *ProcStatus) fillStatus(k string, vString string, vUint uint64, vUintByt
 		s.CpusAllowedList = calcCpusAllowedList(vString)
 	}
 
+	return nil
 }
 
 // TotalCtxtSwitches returns the total context switch.
diff --git a/vendor/github.com/prometheus/procfs/proc_sys.go b/vendor/github.com/prometheus/procfs/proc_sys.go
index 12c5bf05b..5eefbe2ef 100644
--- a/vendor/github.com/prometheus/procfs/proc_sys.go
+++ b/vendor/github.com/prometheus/procfs/proc_sys.go
@@ -44,7 +44,7 @@ func (fs FS) SysctlInts(sysctl string) ([]int, error) {
 		vp := util.NewValueParser(f)
 		values[i] = vp.Int()
 		if err := vp.Err(); err != nil {
-			return nil, fmt.Errorf("%s: field %d in sysctl %s is not a valid int: %w", ErrFileParse, i, sysctl, err)
+			return nil, fmt.Errorf("%w: field %d in sysctl %s is not a valid int: %w", ErrFileParse, i, sysctl, err)
 		}
 	}
 	return values, nil
diff --git a/vendor/github.com/prometheus/procfs/softirqs.go b/vendor/github.com/prometheus/procfs/softirqs.go
index b8fad677d..28708e074 100644
--- a/vendor/github.com/prometheus/procfs/softirqs.go
+++ b/vendor/github.com/prometheus/procfs/softirqs.go
@@ -74,7 +74,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Hi = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Hi[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (HI%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (HI%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "TIMER:":
@@ -82,7 +82,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Timer = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Timer[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (TIMER%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (TIMER%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "NET_TX:":
@@ -90,7 +90,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.NetTx = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.NetTx[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (NET_TX%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (NET_TX%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "NET_RX:":
@@ -98,7 +98,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.NetRx = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.NetRx[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (NET_RX%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (NET_RX%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "BLOCK:":
@@ -106,7 +106,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Block = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Block[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (BLOCK%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (BLOCK%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "IRQ_POLL:":
@@ -114,7 +114,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.IRQPoll = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.IRQPoll[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (IRQ_POLL%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (IRQ_POLL%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "TASKLET:":
@@ -122,7 +122,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Tasklet = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Tasklet[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (TASKLET%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (TASKLET%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "SCHED:":
@@ -130,7 +130,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Sched = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Sched[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (SCHED%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (SCHED%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "HRTIMER:":
@@ -138,7 +138,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.HRTimer = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.HRTimer[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (HRTIMER%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (HRTIMER%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "RCU:":
@@ -146,14 +146,14 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.RCU = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.RCU[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (RCU%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (RCU%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		}
 	}
 
 	if err := scanner.Err(); err != nil {
-		return Softirqs{}, fmt.Errorf("%s: couldn't parse softirqs: %w", ErrFileParse, err)
+		return Softirqs{}, fmt.Errorf("%w: couldn't parse softirqs: %w", ErrFileParse, err)
 	}
 
 	return softirqs, scanner.Err()
diff --git a/vendor/github.com/prometheus/procfs/stat.go b/vendor/github.com/prometheus/procfs/stat.go
index 34fc3ee21..e36b41c18 100644
--- a/vendor/github.com/prometheus/procfs/stat.go
+++ b/vendor/github.com/prometheus/procfs/stat.go
@@ -93,7 +93,7 @@ func parseCPUStat(line string) (CPUStat, int64, error) {
 		&cpuStat.Guest, &cpuStat.GuestNice)
 
 	if err != nil && err != io.EOF {
-		return CPUStat{}, -1, fmt.Errorf("%s: couldn't parse %q (cpu): %w", ErrFileParse, line, err)
+		return CPUStat{}, -1, fmt.Errorf("%w: couldn't parse %q (cpu): %w", ErrFileParse, line, err)
 	}
 	if count == 0 {
 		return CPUStat{}, -1, fmt.Errorf("%w: couldn't parse %q (cpu): 0 elements parsed", ErrFileParse, line)
@@ -116,7 +116,7 @@ func parseCPUStat(line string) (CPUStat, int64, error) {
 
 	cpuID, err := strconv.ParseInt(cpu[3:], 10, 64)
 	if err != nil {
-		return CPUStat{}, -1, fmt.Errorf("%s: couldn't parse %q (cpu/cpuid): %w", ErrFileParse, line, err)
+		return CPUStat{}, -1, fmt.Errorf("%w: couldn't parse %q (cpu/cpuid): %w", ErrFileParse, line, err)
 	}
 
 	return cpuStat, cpuID, nil
@@ -136,7 +136,7 @@ func parseSoftIRQStat(line string) (SoftIRQStat, uint64, error) {
 		&softIRQStat.Hrtimer, &softIRQStat.Rcu)
 
 	if err != nil {
-		return SoftIRQStat{}, 0, fmt.Errorf("%s: couldn't parse %q (softirq): %w", ErrFileParse, line, err)
+		return SoftIRQStat{}, 0, fmt.Errorf("%w: couldn't parse %q (softirq): %w", ErrFileParse, line, err)
 	}
 
 	return softIRQStat, total, nil
@@ -201,34 +201,34 @@ func parseStat(r io.Reader, fileName string) (Stat, error) {
 		switch {
 		case parts[0] == "btime":
 			if stat.BootTime, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%s: couldn't parse %q (btime): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%w: couldn't parse %q (btime): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "intr":
 			if stat.IRQTotal, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%s: couldn't parse %q (intr): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%w: couldn't parse %q (intr): %w", ErrFileParse, parts[1], err)
 			}
 			numberedIRQs := parts[2:]
 			stat.IRQ = make([]uint64, len(numberedIRQs))
 			for i, count := range numberedIRQs {
 				if stat.IRQ[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Stat{}, fmt.Errorf("%s: couldn't parse %q (intr%d): %w", ErrFileParse, count, i, err)
+					return Stat{}, fmt.Errorf("%w: couldn't parse %q (intr%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "ctxt":
 			if stat.ContextSwitches, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%s: couldn't parse %q (ctxt): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%w: couldn't parse %q (ctxt): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "processes":
 			if stat.ProcessCreated, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%s: couldn't parse %q (processes): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%w: couldn't parse %q (processes): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "procs_running":
 			if stat.ProcessesRunning, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%s: couldn't parse %q (procs_running): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%w: couldn't parse %q (procs_running): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "procs_blocked":
 			if stat.ProcessesBlocked, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%s: couldn't parse %q (procs_blocked): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%w: couldn't parse %q (procs_blocked): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "softirq":
 			softIRQStats, total, err := parseSoftIRQStat(line)
@@ -251,7 +251,7 @@ func parseStat(r io.Reader, fileName string) (Stat, error) {
 	}
 
 	if err := scanner.Err(); err != nil {
-		return Stat{}, fmt.Errorf("%s: couldn't parse %q: %w", ErrFileParse, fileName, err)
+		return Stat{}, fmt.Errorf("%w: couldn't parse %q: %w", ErrFileParse, fileName, err)
 	}
 
 	return stat, nil
diff --git a/vendor/github.com/prometheus/procfs/swaps.go b/vendor/github.com/prometheus/procfs/swaps.go
index fa00f555d..65fec834b 100644
--- a/vendor/github.com/prometheus/procfs/swaps.go
+++ b/vendor/github.com/prometheus/procfs/swaps.go
@@ -74,15 +74,15 @@ func parseSwapString(swapString string) (*Swap, error) {
 
 	swap.Size, err = strconv.Atoi(swapFields[2])
 	if err != nil {
-		return nil, fmt.Errorf("%s: invalid swap size: %s: %w", ErrFileParse, swapFields[2], err)
+		return nil, fmt.Errorf("%w: invalid swap size: %s: %w", ErrFileParse, swapFields[2], err)
 	}
 	swap.Used, err = strconv.Atoi(swapFields[3])
 	if err != nil {
-		return nil, fmt.Errorf("%s: invalid swap used: %s: %w", ErrFileParse, swapFields[3], err)
+		return nil, fmt.Errorf("%w: invalid swap used: %s: %w", ErrFileParse, swapFields[3], err)
 	}
 	swap.Priority, err = strconv.Atoi(swapFields[4])
 	if err != nil {
-		return nil, fmt.Errorf("%s: invalid swap priority: %s: %w", ErrFileParse, swapFields[4], err)
+		return nil, fmt.Errorf("%w: invalid swap priority: %s: %w", ErrFileParse, swapFields[4], err)
 	}
 
 	return swap, nil
diff --git a/vendor/github.com/prometheus/procfs/thread.go b/vendor/github.com/prometheus/procfs/thread.go
index df2215ece..80e0e947b 100644
--- a/vendor/github.com/prometheus/procfs/thread.go
+++ b/vendor/github.com/prometheus/procfs/thread.go
@@ -45,7 +45,7 @@ func (fs FS) AllThreads(pid int) (Procs, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return Procs{}, fmt.Errorf("%s: could not read %q: %w", ErrFileRead, d.Name(), err)
+		return Procs{}, fmt.Errorf("%w: could not read %q: %w", ErrFileRead, d.Name(), err)
 	}
 
 	t := Procs{}
diff --git a/vendor/github.com/prometheus/procfs/zoneinfo.go b/vendor/github.com/prometheus/procfs/zoneinfo.go
index ce5fefa5b..e54d94b09 100644
--- a/vendor/github.com/prometheus/procfs/zoneinfo.go
+++ b/vendor/github.com/prometheus/procfs/zoneinfo.go
@@ -75,11 +75,11 @@ var nodeZoneRE = regexp.MustCompile(`(\d+), zone\s+(\w+)`)
 func (fs FS) Zoneinfo() ([]Zoneinfo, error) {
 	data, err := os.ReadFile(fs.proc.Path("zoneinfo"))
 	if err != nil {
-		return nil, fmt.Errorf("%s: error reading zoneinfo %q: %w", ErrFileRead, fs.proc.Path("zoneinfo"), err)
+		return nil, fmt.Errorf("%w: error reading zoneinfo %q: %w", ErrFileRead, fs.proc.Path("zoneinfo"), err)
 	}
 	zoneinfo, err := parseZoneinfo(data)
 	if err != nil {
-		return nil, fmt.Errorf("%s: error parsing zoneinfo %q: %w", ErrFileParse, fs.proc.Path("zoneinfo"), err)
+		return nil, fmt.Errorf("%w: error parsing zoneinfo %q: %w", ErrFileParse, fs.proc.Path("zoneinfo"), err)
 	}
 	return zoneinfo, nil
 }
diff --git a/vendor/golang.org/x/crypto/LICENSE b/vendor/golang.org/x/crypto/LICENSE
index 6a66aea5e..2a7cf70da 100644
--- a/vendor/golang.org/x/crypto/LICENSE
+++ b/vendor/golang.org/x/crypto/LICENSE
@@ -1,4 +1,4 @@
-Copyright (c) 2009 The Go Authors. All rights reserved.
+Copyright 2009 The Go Authors.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
-   * Neither the name of Google Inc. nor the names of its
+   * Neither the name of Google LLC nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 
diff --git a/vendor/golang.org/x/crypto/blowfish/cipher.go b/vendor/golang.org/x/crypto/blowfish/cipher.go
index 213bf204a..089895680 100644
--- a/vendor/golang.org/x/crypto/blowfish/cipher.go
+++ b/vendor/golang.org/x/crypto/blowfish/cipher.go
@@ -11,7 +11,7 @@
 // Deprecated: any new system should use AES (from crypto/aes, if necessary in
 // an AEAD mode like crypto/cipher.NewGCM) or XChaCha20-Poly1305 (from
 // golang.org/x/crypto/chacha20poly1305).
-package blowfish // import "golang.org/x/crypto/blowfish"
+package blowfish
 
 // The code is a port of Bruce Schneier's C implementation.
 // See https://www.schneier.com/blowfish.html.
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
index db42e6676..c709b7284 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build (!arm64 && !s390x && !ppc64le) || !gc || purego
+//go:build (!arm64 && !s390x && !ppc64 && !ppc64le) || !gc || purego
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.go
similarity index 89%
rename from vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
rename to vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.go
index 3a4287f99..bd183d9ba 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build gc && !purego
+//go:build gc && !purego && (ppc64 || ppc64le)
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.s
similarity index 66%
rename from vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
rename to vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.s
index 66aebae25..a660b4112 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.s
@@ -19,7 +19,7 @@
 // The differences in this and the original implementation are
 // due to the calling conventions and initialization of constants.
 
-//go:build gc && !purego
+//go:build gc && !purego && (ppc64 || ppc64le)
 
 #include "textflag.h"
 
@@ -33,27 +33,70 @@
 #define CONSTBASE  R16
 #define BLOCKS R17
 
-DATA consts<>+0x00(SB)/8, $0x3320646e61707865
-DATA consts<>+0x08(SB)/8, $0x6b20657479622d32
-DATA consts<>+0x10(SB)/8, $0x0000000000000001
-DATA consts<>+0x18(SB)/8, $0x0000000000000000
-DATA consts<>+0x20(SB)/8, $0x0000000000000004
-DATA consts<>+0x28(SB)/8, $0x0000000000000000
-DATA consts<>+0x30(SB)/8, $0x0a0b08090e0f0c0d
-DATA consts<>+0x38(SB)/8, $0x0203000106070405
-DATA consts<>+0x40(SB)/8, $0x090a0b080d0e0f0c
-DATA consts<>+0x48(SB)/8, $0x0102030005060704
-DATA consts<>+0x50(SB)/8, $0x6170786561707865
-DATA consts<>+0x58(SB)/8, $0x6170786561707865
-DATA consts<>+0x60(SB)/8, $0x3320646e3320646e
-DATA consts<>+0x68(SB)/8, $0x3320646e3320646e
-DATA consts<>+0x70(SB)/8, $0x79622d3279622d32
-DATA consts<>+0x78(SB)/8, $0x79622d3279622d32
-DATA consts<>+0x80(SB)/8, $0x6b2065746b206574
-DATA consts<>+0x88(SB)/8, $0x6b2065746b206574
-DATA consts<>+0x90(SB)/8, $0x0000000100000000
-DATA consts<>+0x98(SB)/8, $0x0000000300000002
-GLOBL consts<>(SB), RODATA, $0xa0
+// for VPERMXOR
+#define MASK  R18
+
+DATA consts<>+0x00(SB)/4, $0x61707865
+DATA consts<>+0x04(SB)/4, $0x3320646e
+DATA consts<>+0x08(SB)/4, $0x79622d32
+DATA consts<>+0x0c(SB)/4, $0x6b206574
+DATA consts<>+0x10(SB)/4, $0x00000001
+DATA consts<>+0x14(SB)/4, $0x00000000
+DATA consts<>+0x18(SB)/4, $0x00000000
+DATA consts<>+0x1c(SB)/4, $0x00000000
+DATA consts<>+0x20(SB)/4, $0x00000004
+DATA consts<>+0x24(SB)/4, $0x00000000
+DATA consts<>+0x28(SB)/4, $0x00000000
+DATA consts<>+0x2c(SB)/4, $0x00000000
+DATA consts<>+0x30(SB)/4, $0x0e0f0c0d
+DATA consts<>+0x34(SB)/4, $0x0a0b0809
+DATA consts<>+0x38(SB)/4, $0x06070405
+DATA consts<>+0x3c(SB)/4, $0x02030001
+DATA consts<>+0x40(SB)/4, $0x0d0e0f0c
+DATA consts<>+0x44(SB)/4, $0x090a0b08
+DATA consts<>+0x48(SB)/4, $0x05060704
+DATA consts<>+0x4c(SB)/4, $0x01020300
+DATA consts<>+0x50(SB)/4, $0x61707865
+DATA consts<>+0x54(SB)/4, $0x61707865
+DATA consts<>+0x58(SB)/4, $0x61707865
+DATA consts<>+0x5c(SB)/4, $0x61707865
+DATA consts<>+0x60(SB)/4, $0x3320646e
+DATA consts<>+0x64(SB)/4, $0x3320646e
+DATA consts<>+0x68(SB)/4, $0x3320646e
+DATA consts<>+0x6c(SB)/4, $0x3320646e
+DATA consts<>+0x70(SB)/4, $0x79622d32
+DATA consts<>+0x74(SB)/4, $0x79622d32
+DATA consts<>+0x78(SB)/4, $0x79622d32
+DATA consts<>+0x7c(SB)/4, $0x79622d32
+DATA consts<>+0x80(SB)/4, $0x6b206574
+DATA consts<>+0x84(SB)/4, $0x6b206574
+DATA consts<>+0x88(SB)/4, $0x6b206574
+DATA consts<>+0x8c(SB)/4, $0x6b206574
+DATA consts<>+0x90(SB)/4, $0x00000000
+DATA consts<>+0x94(SB)/4, $0x00000001
+DATA consts<>+0x98(SB)/4, $0x00000002
+DATA consts<>+0x9c(SB)/4, $0x00000003
+DATA consts<>+0xa0(SB)/4, $0x11223300
+DATA consts<>+0xa4(SB)/4, $0x55667744
+DATA consts<>+0xa8(SB)/4, $0x99aabb88
+DATA consts<>+0xac(SB)/4, $0xddeeffcc
+DATA consts<>+0xb0(SB)/4, $0x22330011
+DATA consts<>+0xb4(SB)/4, $0x66774455
+DATA consts<>+0xb8(SB)/4, $0xaabb8899
+DATA consts<>+0xbc(SB)/4, $0xeeffccdd
+GLOBL consts<>(SB), RODATA, $0xc0
+
+#ifdef GOARCH_ppc64
+#define BE_XXBRW_INIT() \
+		LVSL (R0)(R0), V24 \
+		VSPLTISB $3, V25   \
+		VXOR V24, V25, V24 \
+
+#define BE_XXBRW(vr) VPERM vr, vr, V24, vr
+#else
+#define BE_XXBRW_INIT()
+#define BE_XXBRW(vr)
+#endif
 
 //func chaCha20_ctr32_vsx(out, inp *byte, len int, key *[8]uint32, counter *uint32)
 TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
@@ -70,6 +113,9 @@ TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
 	MOVD $48, R10
 	MOVD $64, R11
 	SRD $6, LEN, BLOCKS
+	// for VPERMXOR
+	MOVD $consts<>+0xa0(SB), MASK
+	MOVD $16, R20
 	// V16
 	LXVW4X (CONSTBASE)(R0), VS48
 	ADD $80,CONSTBASE
@@ -84,9 +130,15 @@ TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
 	// Clear V27
 	VXOR V27, V27, V27
 
+	BE_XXBRW_INIT()
+
 	// V28
 	LXVW4X (CONSTBASE)(R11), VS60
 
+	// Load mask constants for VPERMXOR
+	LXVW4X (MASK)(R0), V20
+	LXVW4X (MASK)(R20), V21
+
 	// splat slot from V19 -> V26
 	VSPLTW $0, V19, V26
 
@@ -97,7 +149,7 @@ TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
 
 	MOVD $10, R14
 	MOVD R14, CTR
-
+	PCALIGN $16
 loop_outer_vsx:
 	// V0, V1, V2, V3
 	LXVW4X (R0)(CONSTBASE), VS32
@@ -128,22 +180,17 @@ loop_outer_vsx:
 	VSPLTISW $12, V28
 	VSPLTISW $8, V29
 	VSPLTISW $7, V30
-
+	PCALIGN $16
 loop_vsx:
 	VADDUWM V0, V4, V0
 	VADDUWM V1, V5, V1
 	VADDUWM V2, V6, V2
 	VADDUWM V3, V7, V3
 
-	VXOR V12, V0, V12
-	VXOR V13, V1, V13
-	VXOR V14, V2, V14
-	VXOR V15, V3, V15
-
-	VRLW V12, V27, V12
-	VRLW V13, V27, V13
-	VRLW V14, V27, V14
-	VRLW V15, V27, V15
+	VPERMXOR V12, V0, V21, V12
+	VPERMXOR V13, V1, V21, V13
+	VPERMXOR V14, V2, V21, V14
+	VPERMXOR V15, V3, V21, V15
 
 	VADDUWM V8, V12, V8
 	VADDUWM V9, V13, V9
@@ -165,15 +212,10 @@ loop_vsx:
 	VADDUWM V2, V6, V2
 	VADDUWM V3, V7, V3
 
-	VXOR V12, V0, V12
-	VXOR V13, V1, V13
-	VXOR V14, V2, V14
-	VXOR V15, V3, V15
-
-	VRLW V12, V29, V12
-	VRLW V13, V29, V13
-	VRLW V14, V29, V14
-	VRLW V15, V29, V15
+	VPERMXOR V12, V0, V20, V12
+	VPERMXOR V13, V1, V20, V13
+	VPERMXOR V14, V2, V20, V14
+	VPERMXOR V15, V3, V20, V15
 
 	VADDUWM V8, V12, V8
 	VADDUWM V9, V13, V9
@@ -195,15 +237,10 @@ loop_vsx:
 	VADDUWM V2, V7, V2
 	VADDUWM V3, V4, V3
 
-	VXOR V15, V0, V15
-	VXOR V12, V1, V12
-	VXOR V13, V2, V13
-	VXOR V14, V3, V14
-
-	VRLW V15, V27, V15
-	VRLW V12, V27, V12
-	VRLW V13, V27, V13
-	VRLW V14, V27, V14
+	VPERMXOR V15, V0, V21, V15
+	VPERMXOR V12, V1, V21, V12
+	VPERMXOR V13, V2, V21, V13
+	VPERMXOR V14, V3, V21, V14
 
 	VADDUWM V10, V15, V10
 	VADDUWM V11, V12, V11
@@ -225,15 +262,10 @@ loop_vsx:
 	VADDUWM V2, V7, V2
 	VADDUWM V3, V4, V3
 
-	VXOR V15, V0, V15
-	VXOR V12, V1, V12
-	VXOR V13, V2, V13
-	VXOR V14, V3, V14
-
-	VRLW V15, V29, V15
-	VRLW V12, V29, V12
-	VRLW V13, V29, V13
-	VRLW V14, V29, V14
+	VPERMXOR V15, V0, V20, V15
+	VPERMXOR V12, V1, V20, V12
+	VPERMXOR V13, V2, V20, V13
+	VPERMXOR V14, V3, V20, V14
 
 	VADDUWM V10, V15, V10
 	VADDUWM V11, V12, V11
@@ -249,48 +281,48 @@ loop_vsx:
 	VRLW V6, V30, V6
 	VRLW V7, V30, V7
 	VRLW V4, V30, V4
-	BC   16, LT, loop_vsx
+	BDNZ   loop_vsx
 
 	VADDUWM V12, V26, V12
 
-	WORD $0x13600F8C		// VMRGEW V0, V1, V27
-	WORD $0x13821F8C		// VMRGEW V2, V3, V28
+	VMRGEW V0, V1, V27
+	VMRGEW V2, V3, V28
 
-	WORD $0x10000E8C		// VMRGOW V0, V1, V0
-	WORD $0x10421E8C		// VMRGOW V2, V3, V2
+	VMRGOW V0, V1, V0
+	VMRGOW V2, V3, V2
 
-	WORD $0x13A42F8C		// VMRGEW V4, V5, V29
-	WORD $0x13C63F8C		// VMRGEW V6, V7, V30
+	VMRGEW V4, V5, V29
+	VMRGEW V6, V7, V30
 
 	XXPERMDI VS32, VS34, $0, VS33
 	XXPERMDI VS32, VS34, $3, VS35
 	XXPERMDI VS59, VS60, $0, VS32
 	XXPERMDI VS59, VS60, $3, VS34
 
-	WORD $0x10842E8C		// VMRGOW V4, V5, V4
-	WORD $0x10C63E8C		// VMRGOW V6, V7, V6
+	VMRGOW V4, V5, V4
+	VMRGOW V6, V7, V6
 
-	WORD $0x13684F8C		// VMRGEW V8, V9, V27
-	WORD $0x138A5F8C		// VMRGEW V10, V11, V28
+	VMRGEW V8, V9, V27
+	VMRGEW V10, V11, V28
 
 	XXPERMDI VS36, VS38, $0, VS37
 	XXPERMDI VS36, VS38, $3, VS39
 	XXPERMDI VS61, VS62, $0, VS36
 	XXPERMDI VS61, VS62, $3, VS38
 
-	WORD $0x11084E8C		// VMRGOW V8, V9, V8
-	WORD $0x114A5E8C		// VMRGOW V10, V11, V10
+	VMRGOW V8, V9, V8
+	VMRGOW V10, V11, V10
 
-	WORD $0x13AC6F8C		// VMRGEW V12, V13, V29
-	WORD $0x13CE7F8C		// VMRGEW V14, V15, V30
+	VMRGEW V12, V13, V29
+	VMRGEW V14, V15, V30
 
 	XXPERMDI VS40, VS42, $0, VS41
 	XXPERMDI VS40, VS42, $3, VS43
 	XXPERMDI VS59, VS60, $0, VS40
 	XXPERMDI VS59, VS60, $3, VS42
 
-	WORD $0x118C6E8C		// VMRGOW V12, V13, V12
-	WORD $0x11CE7E8C		// VMRGOW V14, V15, V14
+	VMRGOW V12, V13, V12
+	VMRGOW V14, V15, V14
 
 	VSPLTISW $4, V27
 	VADDUWM V26, V27, V26
@@ -305,6 +337,11 @@ loop_vsx:
 	VADDUWM V8, V18, V8
 	VADDUWM V12, V19, V12
 
+	BE_XXBRW(V0)
+	BE_XXBRW(V4)
+	BE_XXBRW(V8)
+	BE_XXBRW(V12)
+
 	CMPU LEN, $64
 	BLT tail_vsx
 
@@ -333,6 +370,11 @@ loop_vsx:
 	VADDUWM V9, V18, V8
 	VADDUWM V13, V19, V12
 
+	BE_XXBRW(V0)
+	BE_XXBRW(V4)
+	BE_XXBRW(V8)
+	BE_XXBRW(V12)
+
 	CMPU  LEN, $64
 	BLT   tail_vsx
 
@@ -340,8 +382,8 @@ loop_vsx:
 	LXVW4X (INP)(R8), VS60
 	LXVW4X (INP)(R9), VS61
 	LXVW4X (INP)(R10), VS62
-	VXOR   V27, V0, V27
 
+	VXOR V27, V0, V27
 	VXOR V28, V4, V28
 	VXOR V29, V8, V29
 	VXOR V30, V12, V30
@@ -360,6 +402,11 @@ loop_vsx:
 	VADDUWM V10, V18, V8
 	VADDUWM V14, V19, V12
 
+	BE_XXBRW(V0)
+	BE_XXBRW(V4)
+	BE_XXBRW(V8)
+	BE_XXBRW(V12)
+
 	CMPU LEN, $64
 	BLT  tail_vsx
 
@@ -387,6 +434,11 @@ loop_vsx:
 	VADDUWM V11, V18, V8
 	VADDUWM V15, V19, V12
 
+	BE_XXBRW(V0)
+	BE_XXBRW(V4)
+	BE_XXBRW(V8)
+	BE_XXBRW(V12)
+
 	CMPU  LEN, $64
 	BLT   tail_vsx
 
@@ -414,9 +466,9 @@ loop_vsx:
 
 done_vsx:
 	// Increment counter by number of 64 byte blocks
-	MOVD (CNT), R14
+	MOVWZ (CNT), R14
 	ADD  BLOCKS, R14
-	MOVD R14, (CNT)
+	MOVWZ R14, (CNT)
 	RET
 
 tail_vsx:
@@ -431,7 +483,7 @@ tail_vsx:
 	ADD $-1, R11, R12
 	ADD $-1, INP
 	ADD $-1, OUT
-
+	PCALIGN $16
 looptail_vsx:
 	// Copying the result to OUT
 	// in bytes.
@@ -439,7 +491,7 @@ looptail_vsx:
 	MOVBZU 1(INP), TMP
 	XOR    KEY, TMP, KEY
 	MOVBU  KEY, 1(OUT)
-	BC     16, LT, looptail_vsx
+	BDNZ   looptail_vsx
 
 	// Clear the stack values
 	STXVW4X VS48, (R11)(R0)
diff --git a/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go b/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
index cda8e3edf..90ef6a241 100644
--- a/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
+++ b/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
@@ -4,7 +4,7 @@
 
 // Package asn1 contains supporting types for parsing and building ASN.1
 // messages with the cryptobyte package.
-package asn1 // import "golang.org/x/crypto/cryptobyte/asn1"
+package asn1
 
 // Tag represents an ASN.1 identifier octet, consisting of a tag number
 // (indicating a type) and class (such as context-specific or constructed).
diff --git a/vendor/golang.org/x/crypto/cryptobyte/string.go b/vendor/golang.org/x/crypto/cryptobyte/string.go
index 10692a8a3..4b0f8097f 100644
--- a/vendor/golang.org/x/crypto/cryptobyte/string.go
+++ b/vendor/golang.org/x/crypto/cryptobyte/string.go
@@ -15,7 +15,7 @@
 //
 // See the documentation and examples for the Builder and String types to get
 // started.
-package cryptobyte // import "golang.org/x/crypto/cryptobyte"
+package cryptobyte
 
 // String represents a string of bytes. It provides methods for parsing
 // fixed-length and length-prefixed values from it.
diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519.go b/vendor/golang.org/x/crypto/curve25519/curve25519.go
index 00f963ea2..21ca3b2ee 100644
--- a/vendor/golang.org/x/crypto/curve25519/curve25519.go
+++ b/vendor/golang.org/x/crypto/curve25519/curve25519.go
@@ -6,9 +6,11 @@
 // performs scalar multiplication on the elliptic curve known as Curve25519.
 // See RFC 7748.
 //
-// Starting in Go 1.20, this package is a wrapper for the X25519 implementation
+// This package is a wrapper for the X25519 implementation
 // in the crypto/ecdh package.
-package curve25519 // import "golang.org/x/crypto/curve25519"
+package curve25519
+
+import "crypto/ecdh"
 
 // ScalarMult sets dst to the product scalar * point.
 //
@@ -16,7 +18,13 @@ package curve25519 // import "golang.org/x/crypto/curve25519"
 // zeroes, irrespective of the scalar. Instead, use the X25519 function, which
 // will return an error.
 func ScalarMult(dst, scalar, point *[32]byte) {
-	scalarMult(dst, scalar, point)
+	if _, err := x25519(dst, scalar[:], point[:]); err != nil {
+		// The only error condition for x25519 when the inputs are 32 bytes long
+		// is if the output would have been the all-zero value.
+		for i := range dst {
+			dst[i] = 0
+		}
+	}
 }
 
 // ScalarBaseMult sets dst to the product scalar * base where base is the
@@ -25,7 +33,12 @@ func ScalarMult(dst, scalar, point *[32]byte) {
 // It is recommended to use the X25519 function with Basepoint instead, as
 // copying into fixed size arrays can lead to unexpected bugs.
 func ScalarBaseMult(dst, scalar *[32]byte) {
-	scalarBaseMult(dst, scalar)
+	curve := ecdh.X25519()
+	priv, err := curve.NewPrivateKey(scalar[:])
+	if err != nil {
+		panic("curve25519: internal error: scalarBaseMult was not 32 bytes")
+	}
+	copy(dst[:], priv.PublicKey().Bytes())
 }
 
 const (
@@ -57,3 +70,21 @@ func X25519(scalar, point []byte) ([]byte, error) {
 	var dst [32]byte
 	return x25519(&dst, scalar, point)
 }
+
+func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
+	curve := ecdh.X25519()
+	pub, err := curve.NewPublicKey(point)
+	if err != nil {
+		return nil, err
+	}
+	priv, err := curve.NewPrivateKey(scalar)
+	if err != nil {
+		return nil, err
+	}
+	out, err := priv.ECDH(pub)
+	if err != nil {
+		return nil, err
+	}
+	copy(dst[:], out)
+	return dst[:], nil
+}
diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519_compat.go b/vendor/golang.org/x/crypto/curve25519/curve25519_compat.go
deleted file mode 100644
index ba647e8d7..000000000
--- a/vendor/golang.org/x/crypto/curve25519/curve25519_compat.go
+++ /dev/null
@@ -1,105 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !go1.20
-
-package curve25519
-
-import (
-	"crypto/subtle"
-	"errors"
-	"strconv"
-
-	"golang.org/x/crypto/curve25519/internal/field"
-)
-
-func scalarMult(dst, scalar, point *[32]byte) {
-	var e [32]byte
-
-	copy(e[:], scalar[:])
-	e[0] &= 248
-	e[31] &= 127
-	e[31] |= 64
-
-	var x1, x2, z2, x3, z3, tmp0, tmp1 field.Element
-	x1.SetBytes(point[:])
-	x2.One()
-	x3.Set(&x1)
-	z3.One()
-
-	swap := 0
-	for pos := 254; pos >= 0; pos-- {
-		b := e[pos/8] >> uint(pos&7)
-		b &= 1
-		swap ^= int(b)
-		x2.Swap(&x3, swap)
-		z2.Swap(&z3, swap)
-		swap = int(b)
-
-		tmp0.Subtract(&x3, &z3)
-		tmp1.Subtract(&x2, &z2)
-		x2.Add(&x2, &z2)
-		z2.Add(&x3, &z3)
-		z3.Multiply(&tmp0, &x2)
-		z2.Multiply(&z2, &tmp1)
-		tmp0.Square(&tmp1)
-		tmp1.Square(&x2)
-		x3.Add(&z3, &z2)
-		z2.Subtract(&z3, &z2)
-		x2.Multiply(&tmp1, &tmp0)
-		tmp1.Subtract(&tmp1, &tmp0)
-		z2.Square(&z2)
-
-		z3.Mult32(&tmp1, 121666)
-		x3.Square(&x3)
-		tmp0.Add(&tmp0, &z3)
-		z3.Multiply(&x1, &z2)
-		z2.Multiply(&tmp1, &tmp0)
-	}
-
-	x2.Swap(&x3, swap)
-	z2.Swap(&z3, swap)
-
-	z2.Invert(&z2)
-	x2.Multiply(&x2, &z2)
-	copy(dst[:], x2.Bytes())
-}
-
-func scalarBaseMult(dst, scalar *[32]byte) {
-	checkBasepoint()
-	scalarMult(dst, scalar, &basePoint)
-}
-
-func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
-	var in [32]byte
-	if l := len(scalar); l != 32 {
-		return nil, errors.New("bad scalar length: " + strconv.Itoa(l) + ", expected 32")
-	}
-	if l := len(point); l != 32 {
-		return nil, errors.New("bad point length: " + strconv.Itoa(l) + ", expected 32")
-	}
-	copy(in[:], scalar)
-	if &point[0] == &Basepoint[0] {
-		scalarBaseMult(dst, &in)
-	} else {
-		var base, zero [32]byte
-		copy(base[:], point)
-		scalarMult(dst, &in, &base)
-		if subtle.ConstantTimeCompare(dst[:], zero[:]) == 1 {
-			return nil, errors.New("bad input point: low order point")
-		}
-	}
-	return dst[:], nil
-}
-
-func checkBasepoint() {
-	if subtle.ConstantTimeCompare(Basepoint, []byte{
-		0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-	}) != 1 {
-		panic("curve25519: global Basepoint value was modified")
-	}
-}
diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519_go120.go b/vendor/golang.org/x/crypto/curve25519/curve25519_go120.go
deleted file mode 100644
index 627df4972..000000000
--- a/vendor/golang.org/x/crypto/curve25519/curve25519_go120.go
+++ /dev/null
@@ -1,46 +0,0 @@
-// Copyright 2022 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build go1.20
-
-package curve25519
-
-import "crypto/ecdh"
-
-func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
-	curve := ecdh.X25519()
-	pub, err := curve.NewPublicKey(point)
-	if err != nil {
-		return nil, err
-	}
-	priv, err := curve.NewPrivateKey(scalar)
-	if err != nil {
-		return nil, err
-	}
-	out, err := priv.ECDH(pub)
-	if err != nil {
-		return nil, err
-	}
-	copy(dst[:], out)
-	return dst[:], nil
-}
-
-func scalarMult(dst, scalar, point *[32]byte) {
-	if _, err := x25519(dst, scalar[:], point[:]); err != nil {
-		// The only error condition for x25519 when the inputs are 32 bytes long
-		// is if the output would have been the all-zero value.
-		for i := range dst {
-			dst[i] = 0
-		}
-	}
-}
-
-func scalarBaseMult(dst, scalar *[32]byte) {
-	curve := ecdh.X25519()
-	priv, err := curve.NewPrivateKey(scalar[:])
-	if err != nil {
-		panic("curve25519: internal error: scalarBaseMult was not 32 bytes")
-	}
-	copy(dst[:], priv.PublicKey().Bytes())
-}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/README b/vendor/golang.org/x/crypto/curve25519/internal/field/README
deleted file mode 100644
index e25bca7dc..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/README
+++ /dev/null
@@ -1,7 +0,0 @@
-This package is kept in sync with crypto/ed25519/internal/edwards25519/field in
-the standard library.
-
-If there are any changes in the standard library that need to be synced to this
-package, run sync.sh. It will not overwrite any local changes made since the
-previous sync, so it's ok to land changes in this package first, and then sync
-to the standard library later.
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe.go
deleted file mode 100644
index ca841ad99..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe.go
+++ /dev/null
@@ -1,416 +0,0 @@
-// Copyright (c) 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package field implements fast arithmetic modulo 2^255-19.
-package field
-
-import (
-	"crypto/subtle"
-	"encoding/binary"
-	"math/bits"
-)
-
-// Element represents an element of the field GF(2^255-19). Note that this
-// is not a cryptographically secure group, and should only be used to interact
-// with edwards25519.Point coordinates.
-//
-// This type works similarly to math/big.Int, and all arguments and receivers
-// are allowed to alias.
-//
-// The zero value is a valid zero element.
-type Element struct {
-	// An element t represents the integer
-	//     t.l0 + t.l1*2^51 + t.l2*2^102 + t.l3*2^153 + t.l4*2^204
-	//
-	// Between operations, all limbs are expected to be lower than 2^52.
-	l0 uint64
-	l1 uint64
-	l2 uint64
-	l3 uint64
-	l4 uint64
-}
-
-const maskLow51Bits uint64 = (1 << 51) - 1
-
-var feZero = &Element{0, 0, 0, 0, 0}
-
-// Zero sets v = 0, and returns v.
-func (v *Element) Zero() *Element {
-	*v = *feZero
-	return v
-}
-
-var feOne = &Element{1, 0, 0, 0, 0}
-
-// One sets v = 1, and returns v.
-func (v *Element) One() *Element {
-	*v = *feOne
-	return v
-}
-
-// reduce reduces v modulo 2^255 - 19 and returns it.
-func (v *Element) reduce() *Element {
-	v.carryPropagate()
-
-	// After the light reduction we now have a field element representation
-	// v < 2^255 + 2^13 * 19, but need v < 2^255 - 19.
-
-	// If v >= 2^255 - 19, then v + 19 >= 2^255, which would overflow 2^255 - 1,
-	// generating a carry. That is, c will be 0 if v < 2^255 - 19, and 1 otherwise.
-	c := (v.l0 + 19) >> 51
-	c = (v.l1 + c) >> 51
-	c = (v.l2 + c) >> 51
-	c = (v.l3 + c) >> 51
-	c = (v.l4 + c) >> 51
-
-	// If v < 2^255 - 19 and c = 0, this will be a no-op. Otherwise, it's
-	// effectively applying the reduction identity to the carry.
-	v.l0 += 19 * c
-
-	v.l1 += v.l0 >> 51
-	v.l0 = v.l0 & maskLow51Bits
-	v.l2 += v.l1 >> 51
-	v.l1 = v.l1 & maskLow51Bits
-	v.l3 += v.l2 >> 51
-	v.l2 = v.l2 & maskLow51Bits
-	v.l4 += v.l3 >> 51
-	v.l3 = v.l3 & maskLow51Bits
-	// no additional carry
-	v.l4 = v.l4 & maskLow51Bits
-
-	return v
-}
-
-// Add sets v = a + b, and returns v.
-func (v *Element) Add(a, b *Element) *Element {
-	v.l0 = a.l0 + b.l0
-	v.l1 = a.l1 + b.l1
-	v.l2 = a.l2 + b.l2
-	v.l3 = a.l3 + b.l3
-	v.l4 = a.l4 + b.l4
-	// Using the generic implementation here is actually faster than the
-	// assembly. Probably because the body of this function is so simple that
-	// the compiler can figure out better optimizations by inlining the carry
-	// propagation. TODO
-	return v.carryPropagateGeneric()
-}
-
-// Subtract sets v = a - b, and returns v.
-func (v *Element) Subtract(a, b *Element) *Element {
-	// We first add 2 * p, to guarantee the subtraction won't underflow, and
-	// then subtract b (which can be up to 2^255 + 2^13 * 19).
-	v.l0 = (a.l0 + 0xFFFFFFFFFFFDA) - b.l0
-	v.l1 = (a.l1 + 0xFFFFFFFFFFFFE) - b.l1
-	v.l2 = (a.l2 + 0xFFFFFFFFFFFFE) - b.l2
-	v.l3 = (a.l3 + 0xFFFFFFFFFFFFE) - b.l3
-	v.l4 = (a.l4 + 0xFFFFFFFFFFFFE) - b.l4
-	return v.carryPropagate()
-}
-
-// Negate sets v = -a, and returns v.
-func (v *Element) Negate(a *Element) *Element {
-	return v.Subtract(feZero, a)
-}
-
-// Invert sets v = 1/z mod p, and returns v.
-//
-// If z == 0, Invert returns v = 0.
-func (v *Element) Invert(z *Element) *Element {
-	// Inversion is implemented as exponentiation with exponent p − 2. It uses the
-	// same sequence of 255 squarings and 11 multiplications as [Curve25519].
-	var z2, z9, z11, z2_5_0, z2_10_0, z2_20_0, z2_50_0, z2_100_0, t Element
-
-	z2.Square(z)             // 2
-	t.Square(&z2)            // 4
-	t.Square(&t)             // 8
-	z9.Multiply(&t, z)       // 9
-	z11.Multiply(&z9, &z2)   // 11
-	t.Square(&z11)           // 22
-	z2_5_0.Multiply(&t, &z9) // 31 = 2^5 - 2^0
-
-	t.Square(&z2_5_0) // 2^6 - 2^1
-	for i := 0; i < 4; i++ {
-		t.Square(&t) // 2^10 - 2^5
-	}
-	z2_10_0.Multiply(&t, &z2_5_0) // 2^10 - 2^0
-
-	t.Square(&z2_10_0) // 2^11 - 2^1
-	for i := 0; i < 9; i++ {
-		t.Square(&t) // 2^20 - 2^10
-	}
-	z2_20_0.Multiply(&t, &z2_10_0) // 2^20 - 2^0
-
-	t.Square(&z2_20_0) // 2^21 - 2^1
-	for i := 0; i < 19; i++ {
-		t.Square(&t) // 2^40 - 2^20
-	}
-	t.Multiply(&t, &z2_20_0) // 2^40 - 2^0
-
-	t.Square(&t) // 2^41 - 2^1
-	for i := 0; i < 9; i++ {
-		t.Square(&t) // 2^50 - 2^10
-	}
-	z2_50_0.Multiply(&t, &z2_10_0) // 2^50 - 2^0
-
-	t.Square(&z2_50_0) // 2^51 - 2^1
-	for i := 0; i < 49; i++ {
-		t.Square(&t) // 2^100 - 2^50
-	}
-	z2_100_0.Multiply(&t, &z2_50_0) // 2^100 - 2^0
-
-	t.Square(&z2_100_0) // 2^101 - 2^1
-	for i := 0; i < 99; i++ {
-		t.Square(&t) // 2^200 - 2^100
-	}
-	t.Multiply(&t, &z2_100_0) // 2^200 - 2^0
-
-	t.Square(&t) // 2^201 - 2^1
-	for i := 0; i < 49; i++ {
-		t.Square(&t) // 2^250 - 2^50
-	}
-	t.Multiply(&t, &z2_50_0) // 2^250 - 2^0
-
-	t.Square(&t) // 2^251 - 2^1
-	t.Square(&t) // 2^252 - 2^2
-	t.Square(&t) // 2^253 - 2^3
-	t.Square(&t) // 2^254 - 2^4
-	t.Square(&t) // 2^255 - 2^5
-
-	return v.Multiply(&t, &z11) // 2^255 - 21
-}
-
-// Set sets v = a, and returns v.
-func (v *Element) Set(a *Element) *Element {
-	*v = *a
-	return v
-}
-
-// SetBytes sets v to x, which must be a 32-byte little-endian encoding.
-//
-// Consistent with RFC 7748, the most significant bit (the high bit of the
-// last byte) is ignored, and non-canonical values (2^255-19 through 2^255-1)
-// are accepted. Note that this is laxer than specified by RFC 8032.
-func (v *Element) SetBytes(x []byte) *Element {
-	if len(x) != 32 {
-		panic("edwards25519: invalid field element input size")
-	}
-
-	// Bits 0:51 (bytes 0:8, bits 0:64, shift 0, mask 51).
-	v.l0 = binary.LittleEndian.Uint64(x[0:8])
-	v.l0 &= maskLow51Bits
-	// Bits 51:102 (bytes 6:14, bits 48:112, shift 3, mask 51).
-	v.l1 = binary.LittleEndian.Uint64(x[6:14]) >> 3
-	v.l1 &= maskLow51Bits
-	// Bits 102:153 (bytes 12:20, bits 96:160, shift 6, mask 51).
-	v.l2 = binary.LittleEndian.Uint64(x[12:20]) >> 6
-	v.l2 &= maskLow51Bits
-	// Bits 153:204 (bytes 19:27, bits 152:216, shift 1, mask 51).
-	v.l3 = binary.LittleEndian.Uint64(x[19:27]) >> 1
-	v.l3 &= maskLow51Bits
-	// Bits 204:251 (bytes 24:32, bits 192:256, shift 12, mask 51).
-	// Note: not bytes 25:33, shift 4, to avoid overread.
-	v.l4 = binary.LittleEndian.Uint64(x[24:32]) >> 12
-	v.l4 &= maskLow51Bits
-
-	return v
-}
-
-// Bytes returns the canonical 32-byte little-endian encoding of v.
-func (v *Element) Bytes() []byte {
-	// This function is outlined to make the allocations inline in the caller
-	// rather than happen on the heap.
-	var out [32]byte
-	return v.bytes(&out)
-}
-
-func (v *Element) bytes(out *[32]byte) []byte {
-	t := *v
-	t.reduce()
-
-	var buf [8]byte
-	for i, l := range [5]uint64{t.l0, t.l1, t.l2, t.l3, t.l4} {
-		bitsOffset := i * 51
-		binary.LittleEndian.PutUint64(buf[:], l<= len(out) {
-				break
-			}
-			out[off] |= bb
-		}
-	}
-
-	return out[:]
-}
-
-// Equal returns 1 if v and u are equal, and 0 otherwise.
-func (v *Element) Equal(u *Element) int {
-	sa, sv := u.Bytes(), v.Bytes()
-	return subtle.ConstantTimeCompare(sa, sv)
-}
-
-// mask64Bits returns 0xffffffff if cond is 1, and 0 otherwise.
-func mask64Bits(cond int) uint64 { return ^(uint64(cond) - 1) }
-
-// Select sets v to a if cond == 1, and to b if cond == 0.
-func (v *Element) Select(a, b *Element, cond int) *Element {
-	m := mask64Bits(cond)
-	v.l0 = (m & a.l0) | (^m & b.l0)
-	v.l1 = (m & a.l1) | (^m & b.l1)
-	v.l2 = (m & a.l2) | (^m & b.l2)
-	v.l3 = (m & a.l3) | (^m & b.l3)
-	v.l4 = (m & a.l4) | (^m & b.l4)
-	return v
-}
-
-// Swap swaps v and u if cond == 1 or leaves them unchanged if cond == 0, and returns v.
-func (v *Element) Swap(u *Element, cond int) {
-	m := mask64Bits(cond)
-	t := m & (v.l0 ^ u.l0)
-	v.l0 ^= t
-	u.l0 ^= t
-	t = m & (v.l1 ^ u.l1)
-	v.l1 ^= t
-	u.l1 ^= t
-	t = m & (v.l2 ^ u.l2)
-	v.l2 ^= t
-	u.l2 ^= t
-	t = m & (v.l3 ^ u.l3)
-	v.l3 ^= t
-	u.l3 ^= t
-	t = m & (v.l4 ^ u.l4)
-	v.l4 ^= t
-	u.l4 ^= t
-}
-
-// IsNegative returns 1 if v is negative, and 0 otherwise.
-func (v *Element) IsNegative() int {
-	return int(v.Bytes()[0] & 1)
-}
-
-// Absolute sets v to |u|, and returns v.
-func (v *Element) Absolute(u *Element) *Element {
-	return v.Select(new(Element).Negate(u), u, u.IsNegative())
-}
-
-// Multiply sets v = x * y, and returns v.
-func (v *Element) Multiply(x, y *Element) *Element {
-	feMul(v, x, y)
-	return v
-}
-
-// Square sets v = x * x, and returns v.
-func (v *Element) Square(x *Element) *Element {
-	feSquare(v, x)
-	return v
-}
-
-// Mult32 sets v = x * y, and returns v.
-func (v *Element) Mult32(x *Element, y uint32) *Element {
-	x0lo, x0hi := mul51(x.l0, y)
-	x1lo, x1hi := mul51(x.l1, y)
-	x2lo, x2hi := mul51(x.l2, y)
-	x3lo, x3hi := mul51(x.l3, y)
-	x4lo, x4hi := mul51(x.l4, y)
-	v.l0 = x0lo + 19*x4hi // carried over per the reduction identity
-	v.l1 = x1lo + x0hi
-	v.l2 = x2lo + x1hi
-	v.l3 = x3lo + x2hi
-	v.l4 = x4lo + x3hi
-	// The hi portions are going to be only 32 bits, plus any previous excess,
-	// so we can skip the carry propagation.
-	return v
-}
-
-// mul51 returns lo + hi * 2⁵¹ = a * b.
-func mul51(a uint64, b uint32) (lo uint64, hi uint64) {
-	mh, ml := bits.Mul64(a, uint64(b))
-	lo = ml & maskLow51Bits
-	hi = (mh << 13) | (ml >> 51)
-	return
-}
-
-// Pow22523 set v = x^((p-5)/8), and returns v. (p-5)/8 is 2^252-3.
-func (v *Element) Pow22523(x *Element) *Element {
-	var t0, t1, t2 Element
-
-	t0.Square(x)             // x^2
-	t1.Square(&t0)           // x^4
-	t1.Square(&t1)           // x^8
-	t1.Multiply(x, &t1)      // x^9
-	t0.Multiply(&t0, &t1)    // x^11
-	t0.Square(&t0)           // x^22
-	t0.Multiply(&t1, &t0)    // x^31
-	t1.Square(&t0)           // x^62
-	for i := 1; i < 5; i++ { // x^992
-		t1.Square(&t1)
-	}
-	t0.Multiply(&t1, &t0)     // x^1023 -> 1023 = 2^10 - 1
-	t1.Square(&t0)            // 2^11 - 2
-	for i := 1; i < 10; i++ { // 2^20 - 2^10
-		t1.Square(&t1)
-	}
-	t1.Multiply(&t1, &t0)     // 2^20 - 1
-	t2.Square(&t1)            // 2^21 - 2
-	for i := 1; i < 20; i++ { // 2^40 - 2^20
-		t2.Square(&t2)
-	}
-	t1.Multiply(&t2, &t1)     // 2^40 - 1
-	t1.Square(&t1)            // 2^41 - 2
-	for i := 1; i < 10; i++ { // 2^50 - 2^10
-		t1.Square(&t1)
-	}
-	t0.Multiply(&t1, &t0)     // 2^50 - 1
-	t1.Square(&t0)            // 2^51 - 2
-	for i := 1; i < 50; i++ { // 2^100 - 2^50
-		t1.Square(&t1)
-	}
-	t1.Multiply(&t1, &t0)      // 2^100 - 1
-	t2.Square(&t1)             // 2^101 - 2
-	for i := 1; i < 100; i++ { // 2^200 - 2^100
-		t2.Square(&t2)
-	}
-	t1.Multiply(&t2, &t1)     // 2^200 - 1
-	t1.Square(&t1)            // 2^201 - 2
-	for i := 1; i < 50; i++ { // 2^250 - 2^50
-		t1.Square(&t1)
-	}
-	t0.Multiply(&t1, &t0)     // 2^250 - 1
-	t0.Square(&t0)            // 2^251 - 2
-	t0.Square(&t0)            // 2^252 - 4
-	return v.Multiply(&t0, x) // 2^252 - 3 -> x^(2^252-3)
-}
-
-// sqrtM1 is 2^((p-1)/4), which squared is equal to -1 by Euler's Criterion.
-var sqrtM1 = &Element{1718705420411056, 234908883556509,
-	2233514472574048, 2117202627021982, 765476049583133}
-
-// SqrtRatio sets r to the non-negative square root of the ratio of u and v.
-//
-// If u/v is square, SqrtRatio returns r and 1. If u/v is not square, SqrtRatio
-// sets r according to Section 4.3 of draft-irtf-cfrg-ristretto255-decaf448-00,
-// and returns r and 0.
-func (r *Element) SqrtRatio(u, v *Element) (rr *Element, wasSquare int) {
-	var a, b Element
-
-	// r = (u * v3) * (u * v7)^((p-5)/8)
-	v2 := a.Square(v)
-	uv3 := b.Multiply(u, b.Multiply(v2, v))
-	uv7 := a.Multiply(uv3, a.Square(v2))
-	r.Multiply(uv3, r.Pow22523(uv7))
-
-	check := a.Multiply(v, a.Square(r)) // check = v * r^2
-
-	uNeg := b.Negate(u)
-	correctSignSqrt := check.Equal(u)
-	flippedSignSqrt := check.Equal(uNeg)
-	flippedSignSqrtI := check.Equal(uNeg.Multiply(uNeg, sqrtM1))
-
-	rPrime := b.Multiply(r, sqrtM1) // r_prime = SQRT_M1 * r
-	// r = CT_SELECT(r_prime IF flipped_sign_sqrt | flipped_sign_sqrt_i ELSE r)
-	r.Select(rPrime, r, flippedSignSqrt|flippedSignSqrtI)
-
-	r.Absolute(r) // Choose the nonnegative square root.
-	return r, correctSignSqrt | flippedSignSqrt
-}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go
deleted file mode 100644
index 70c541692..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
-
-//go:build amd64 && gc && !purego
-
-package field
-
-// feMul sets out = a * b. It works like feMulGeneric.
-//
-//go:noescape
-func feMul(out *Element, a *Element, b *Element)
-
-// feSquare sets out = a * a. It works like feSquareGeneric.
-//
-//go:noescape
-func feSquare(out *Element, a *Element)
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s
deleted file mode 100644
index 60817acc4..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s
+++ /dev/null
@@ -1,378 +0,0 @@
-// Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
-
-//go:build amd64 && gc && !purego
-
-#include "textflag.h"
-
-// func feMul(out *Element, a *Element, b *Element)
-TEXT ·feMul(SB), NOSPLIT, $0-24
-	MOVQ a+8(FP), CX
-	MOVQ b+16(FP), BX
-
-	// r0 = a0×b0
-	MOVQ (CX), AX
-	MULQ (BX)
-	MOVQ AX, DI
-	MOVQ DX, SI
-
-	// r0 += 19×a1×b4
-	MOVQ   8(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   32(BX)
-	ADDQ   AX, DI
-	ADCQ   DX, SI
-
-	// r0 += 19×a2×b3
-	MOVQ   16(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   24(BX)
-	ADDQ   AX, DI
-	ADCQ   DX, SI
-
-	// r0 += 19×a3×b2
-	MOVQ   24(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   16(BX)
-	ADDQ   AX, DI
-	ADCQ   DX, SI
-
-	// r0 += 19×a4×b1
-	MOVQ   32(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   8(BX)
-	ADDQ   AX, DI
-	ADCQ   DX, SI
-
-	// r1 = a0×b1
-	MOVQ (CX), AX
-	MULQ 8(BX)
-	MOVQ AX, R9
-	MOVQ DX, R8
-
-	// r1 += a1×b0
-	MOVQ 8(CX), AX
-	MULQ (BX)
-	ADDQ AX, R9
-	ADCQ DX, R8
-
-	// r1 += 19×a2×b4
-	MOVQ   16(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   32(BX)
-	ADDQ   AX, R9
-	ADCQ   DX, R8
-
-	// r1 += 19×a3×b3
-	MOVQ   24(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   24(BX)
-	ADDQ   AX, R9
-	ADCQ   DX, R8
-
-	// r1 += 19×a4×b2
-	MOVQ   32(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   16(BX)
-	ADDQ   AX, R9
-	ADCQ   DX, R8
-
-	// r2 = a0×b2
-	MOVQ (CX), AX
-	MULQ 16(BX)
-	MOVQ AX, R11
-	MOVQ DX, R10
-
-	// r2 += a1×b1
-	MOVQ 8(CX), AX
-	MULQ 8(BX)
-	ADDQ AX, R11
-	ADCQ DX, R10
-
-	// r2 += a2×b0
-	MOVQ 16(CX), AX
-	MULQ (BX)
-	ADDQ AX, R11
-	ADCQ DX, R10
-
-	// r2 += 19×a3×b4
-	MOVQ   24(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   32(BX)
-	ADDQ   AX, R11
-	ADCQ   DX, R10
-
-	// r2 += 19×a4×b3
-	MOVQ   32(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   24(BX)
-	ADDQ   AX, R11
-	ADCQ   DX, R10
-
-	// r3 = a0×b3
-	MOVQ (CX), AX
-	MULQ 24(BX)
-	MOVQ AX, R13
-	MOVQ DX, R12
-
-	// r3 += a1×b2
-	MOVQ 8(CX), AX
-	MULQ 16(BX)
-	ADDQ AX, R13
-	ADCQ DX, R12
-
-	// r3 += a2×b1
-	MOVQ 16(CX), AX
-	MULQ 8(BX)
-	ADDQ AX, R13
-	ADCQ DX, R12
-
-	// r3 += a3×b0
-	MOVQ 24(CX), AX
-	MULQ (BX)
-	ADDQ AX, R13
-	ADCQ DX, R12
-
-	// r3 += 19×a4×b4
-	MOVQ   32(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   32(BX)
-	ADDQ   AX, R13
-	ADCQ   DX, R12
-
-	// r4 = a0×b4
-	MOVQ (CX), AX
-	MULQ 32(BX)
-	MOVQ AX, R15
-	MOVQ DX, R14
-
-	// r4 += a1×b3
-	MOVQ 8(CX), AX
-	MULQ 24(BX)
-	ADDQ AX, R15
-	ADCQ DX, R14
-
-	// r4 += a2×b2
-	MOVQ 16(CX), AX
-	MULQ 16(BX)
-	ADDQ AX, R15
-	ADCQ DX, R14
-
-	// r4 += a3×b1
-	MOVQ 24(CX), AX
-	MULQ 8(BX)
-	ADDQ AX, R15
-	ADCQ DX, R14
-
-	// r4 += a4×b0
-	MOVQ 32(CX), AX
-	MULQ (BX)
-	ADDQ AX, R15
-	ADCQ DX, R14
-
-	// First reduction chain
-	MOVQ   $0x0007ffffffffffff, AX
-	SHLQ   $0x0d, DI, SI
-	SHLQ   $0x0d, R9, R8
-	SHLQ   $0x0d, R11, R10
-	SHLQ   $0x0d, R13, R12
-	SHLQ   $0x0d, R15, R14
-	ANDQ   AX, DI
-	IMUL3Q $0x13, R14, R14
-	ADDQ   R14, DI
-	ANDQ   AX, R9
-	ADDQ   SI, R9
-	ANDQ   AX, R11
-	ADDQ   R8, R11
-	ANDQ   AX, R13
-	ADDQ   R10, R13
-	ANDQ   AX, R15
-	ADDQ   R12, R15
-
-	// Second reduction chain (carryPropagate)
-	MOVQ   DI, SI
-	SHRQ   $0x33, SI
-	MOVQ   R9, R8
-	SHRQ   $0x33, R8
-	MOVQ   R11, R10
-	SHRQ   $0x33, R10
-	MOVQ   R13, R12
-	SHRQ   $0x33, R12
-	MOVQ   R15, R14
-	SHRQ   $0x33, R14
-	ANDQ   AX, DI
-	IMUL3Q $0x13, R14, R14
-	ADDQ   R14, DI
-	ANDQ   AX, R9
-	ADDQ   SI, R9
-	ANDQ   AX, R11
-	ADDQ   R8, R11
-	ANDQ   AX, R13
-	ADDQ   R10, R13
-	ANDQ   AX, R15
-	ADDQ   R12, R15
-
-	// Store output
-	MOVQ out+0(FP), AX
-	MOVQ DI, (AX)
-	MOVQ R9, 8(AX)
-	MOVQ R11, 16(AX)
-	MOVQ R13, 24(AX)
-	MOVQ R15, 32(AX)
-	RET
-
-// func feSquare(out *Element, a *Element)
-TEXT ·feSquare(SB), NOSPLIT, $0-16
-	MOVQ a+8(FP), CX
-
-	// r0 = l0×l0
-	MOVQ (CX), AX
-	MULQ (CX)
-	MOVQ AX, SI
-	MOVQ DX, BX
-
-	// r0 += 38×l1×l4
-	MOVQ   8(CX), AX
-	IMUL3Q $0x26, AX, AX
-	MULQ   32(CX)
-	ADDQ   AX, SI
-	ADCQ   DX, BX
-
-	// r0 += 38×l2×l3
-	MOVQ   16(CX), AX
-	IMUL3Q $0x26, AX, AX
-	MULQ   24(CX)
-	ADDQ   AX, SI
-	ADCQ   DX, BX
-
-	// r1 = 2×l0×l1
-	MOVQ (CX), AX
-	SHLQ $0x01, AX
-	MULQ 8(CX)
-	MOVQ AX, R8
-	MOVQ DX, DI
-
-	// r1 += 38×l2×l4
-	MOVQ   16(CX), AX
-	IMUL3Q $0x26, AX, AX
-	MULQ   32(CX)
-	ADDQ   AX, R8
-	ADCQ   DX, DI
-
-	// r1 += 19×l3×l3
-	MOVQ   24(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   24(CX)
-	ADDQ   AX, R8
-	ADCQ   DX, DI
-
-	// r2 = 2×l0×l2
-	MOVQ (CX), AX
-	SHLQ $0x01, AX
-	MULQ 16(CX)
-	MOVQ AX, R10
-	MOVQ DX, R9
-
-	// r2 += l1×l1
-	MOVQ 8(CX), AX
-	MULQ 8(CX)
-	ADDQ AX, R10
-	ADCQ DX, R9
-
-	// r2 += 38×l3×l4
-	MOVQ   24(CX), AX
-	IMUL3Q $0x26, AX, AX
-	MULQ   32(CX)
-	ADDQ   AX, R10
-	ADCQ   DX, R9
-
-	// r3 = 2×l0×l3
-	MOVQ (CX), AX
-	SHLQ $0x01, AX
-	MULQ 24(CX)
-	MOVQ AX, R12
-	MOVQ DX, R11
-
-	// r3 += 2×l1×l2
-	MOVQ   8(CX), AX
-	IMUL3Q $0x02, AX, AX
-	MULQ   16(CX)
-	ADDQ   AX, R12
-	ADCQ   DX, R11
-
-	// r3 += 19×l4×l4
-	MOVQ   32(CX), AX
-	IMUL3Q $0x13, AX, AX
-	MULQ   32(CX)
-	ADDQ   AX, R12
-	ADCQ   DX, R11
-
-	// r4 = 2×l0×l4
-	MOVQ (CX), AX
-	SHLQ $0x01, AX
-	MULQ 32(CX)
-	MOVQ AX, R14
-	MOVQ DX, R13
-
-	// r4 += 2×l1×l3
-	MOVQ   8(CX), AX
-	IMUL3Q $0x02, AX, AX
-	MULQ   24(CX)
-	ADDQ   AX, R14
-	ADCQ   DX, R13
-
-	// r4 += l2×l2
-	MOVQ 16(CX), AX
-	MULQ 16(CX)
-	ADDQ AX, R14
-	ADCQ DX, R13
-
-	// First reduction chain
-	MOVQ   $0x0007ffffffffffff, AX
-	SHLQ   $0x0d, SI, BX
-	SHLQ   $0x0d, R8, DI
-	SHLQ   $0x0d, R10, R9
-	SHLQ   $0x0d, R12, R11
-	SHLQ   $0x0d, R14, R13
-	ANDQ   AX, SI
-	IMUL3Q $0x13, R13, R13
-	ADDQ   R13, SI
-	ANDQ   AX, R8
-	ADDQ   BX, R8
-	ANDQ   AX, R10
-	ADDQ   DI, R10
-	ANDQ   AX, R12
-	ADDQ   R9, R12
-	ANDQ   AX, R14
-	ADDQ   R11, R14
-
-	// Second reduction chain (carryPropagate)
-	MOVQ   SI, BX
-	SHRQ   $0x33, BX
-	MOVQ   R8, DI
-	SHRQ   $0x33, DI
-	MOVQ   R10, R9
-	SHRQ   $0x33, R9
-	MOVQ   R12, R11
-	SHRQ   $0x33, R11
-	MOVQ   R14, R13
-	SHRQ   $0x33, R13
-	ANDQ   AX, SI
-	IMUL3Q $0x13, R13, R13
-	ADDQ   R13, SI
-	ANDQ   AX, R8
-	ADDQ   BX, R8
-	ANDQ   AX, R10
-	ADDQ   DI, R10
-	ANDQ   AX, R12
-	ADDQ   R9, R12
-	ANDQ   AX, R14
-	ADDQ   R11, R14
-
-	// Store output
-	MOVQ out+0(FP), AX
-	MOVQ SI, (AX)
-	MOVQ R8, 8(AX)
-	MOVQ R10, 16(AX)
-	MOVQ R12, 24(AX)
-	MOVQ R14, 32(AX)
-	RET
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go
deleted file mode 100644
index 9da280d1d..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright (c) 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !amd64 || !gc || purego
-
-package field
-
-func feMul(v, x, y *Element) { feMulGeneric(v, x, y) }
-
-func feSquare(v, x *Element) { feSquareGeneric(v, x) }
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go
deleted file mode 100644
index 075fe9b92..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright (c) 2020 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build arm64 && gc && !purego
-
-package field
-
-//go:noescape
-func carryPropagate(v *Element)
-
-func (v *Element) carryPropagate() *Element {
-	carryPropagate(v)
-	return v
-}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s
deleted file mode 100644
index 3126a4341..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s
+++ /dev/null
@@ -1,42 +0,0 @@
-// Copyright (c) 2020 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build arm64 && gc && !purego
-
-#include "textflag.h"
-
-// carryPropagate works exactly like carryPropagateGeneric and uses the
-// same AND, ADD, and LSR+MADD instructions emitted by the compiler, but
-// avoids loading R0-R4 twice and uses LDP and STP.
-//
-// See https://golang.org/issues/43145 for the main compiler issue.
-//
-// func carryPropagate(v *Element)
-TEXT ·carryPropagate(SB),NOFRAME|NOSPLIT,$0-8
-	MOVD v+0(FP), R20
-
-	LDP 0(R20), (R0, R1)
-	LDP 16(R20), (R2, R3)
-	MOVD 32(R20), R4
-
-	AND $0x7ffffffffffff, R0, R10
-	AND $0x7ffffffffffff, R1, R11
-	AND $0x7ffffffffffff, R2, R12
-	AND $0x7ffffffffffff, R3, R13
-	AND $0x7ffffffffffff, R4, R14
-
-	ADD R0>>51, R11, R11
-	ADD R1>>51, R12, R12
-	ADD R2>>51, R13, R13
-	ADD R3>>51, R14, R14
-	// R4>>51 * 19 + R10 -> R10
-	LSR $51, R4, R21
-	MOVD $19, R22
-	MADD R22, R10, R21, R10
-
-	STP (R10, R11), 0(R20)
-	STP (R12, R13), 16(R20)
-	MOVD R14, 32(R20)
-
-	RET
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go
deleted file mode 100644
index fc029ac12..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright (c) 2021 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !arm64 || !gc || purego
-
-package field
-
-func (v *Element) carryPropagate() *Element {
-	return v.carryPropagateGeneric()
-}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go
deleted file mode 100644
index 2671217da..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go
+++ /dev/null
@@ -1,264 +0,0 @@
-// Copyright (c) 2017 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package field
-
-import "math/bits"
-
-// uint128 holds a 128-bit number as two 64-bit limbs, for use with the
-// bits.Mul64 and bits.Add64 intrinsics.
-type uint128 struct {
-	lo, hi uint64
-}
-
-// mul64 returns a * b.
-func mul64(a, b uint64) uint128 {
-	hi, lo := bits.Mul64(a, b)
-	return uint128{lo, hi}
-}
-
-// addMul64 returns v + a * b.
-func addMul64(v uint128, a, b uint64) uint128 {
-	hi, lo := bits.Mul64(a, b)
-	lo, c := bits.Add64(lo, v.lo, 0)
-	hi, _ = bits.Add64(hi, v.hi, c)
-	return uint128{lo, hi}
-}
-
-// shiftRightBy51 returns a >> 51. a is assumed to be at most 115 bits.
-func shiftRightBy51(a uint128) uint64 {
-	return (a.hi << (64 - 51)) | (a.lo >> 51)
-}
-
-func feMulGeneric(v, a, b *Element) {
-	a0 := a.l0
-	a1 := a.l1
-	a2 := a.l2
-	a3 := a.l3
-	a4 := a.l4
-
-	b0 := b.l0
-	b1 := b.l1
-	b2 := b.l2
-	b3 := b.l3
-	b4 := b.l4
-
-	// Limb multiplication works like pen-and-paper columnar multiplication, but
-	// with 51-bit limbs instead of digits.
-	//
-	//                          a4   a3   a2   a1   a0  x
-	//                          b4   b3   b2   b1   b0  =
-	//                         ------------------------
-	//                        a4b0 a3b0 a2b0 a1b0 a0b0  +
-	//                   a4b1 a3b1 a2b1 a1b1 a0b1       +
-	//              a4b2 a3b2 a2b2 a1b2 a0b2            +
-	//         a4b3 a3b3 a2b3 a1b3 a0b3                 +
-	//    a4b4 a3b4 a2b4 a1b4 a0b4                      =
-	//   ----------------------------------------------
-	//      r8   r7   r6   r5   r4   r3   r2   r1   r0
-	//
-	// We can then use the reduction identity (a * 2²⁵⁵ + b = a * 19 + b) to
-	// reduce the limbs that would overflow 255 bits. r5 * 2²⁵⁵ becomes 19 * r5,
-	// r6 * 2³⁰⁶ becomes 19 * r6 * 2⁵¹, etc.
-	//
-	// Reduction can be carried out simultaneously to multiplication. For
-	// example, we do not compute r5: whenever the result of a multiplication
-	// belongs to r5, like a1b4, we multiply it by 19 and add the result to r0.
-	//
-	//            a4b0    a3b0    a2b0    a1b0    a0b0  +
-	//            a3b1    a2b1    a1b1    a0b1 19×a4b1  +
-	//            a2b2    a1b2    a0b2 19×a4b2 19×a3b2  +
-	//            a1b3    a0b3 19×a4b3 19×a3b3 19×a2b3  +
-	//            a0b4 19×a4b4 19×a3b4 19×a2b4 19×a1b4  =
-	//           --------------------------------------
-	//              r4      r3      r2      r1      r0
-	//
-	// Finally we add up the columns into wide, overlapping limbs.
-
-	a1_19 := a1 * 19
-	a2_19 := a2 * 19
-	a3_19 := a3 * 19
-	a4_19 := a4 * 19
-
-	// r0 = a0×b0 + 19×(a1×b4 + a2×b3 + a3×b2 + a4×b1)
-	r0 := mul64(a0, b0)
-	r0 = addMul64(r0, a1_19, b4)
-	r0 = addMul64(r0, a2_19, b3)
-	r0 = addMul64(r0, a3_19, b2)
-	r0 = addMul64(r0, a4_19, b1)
-
-	// r1 = a0×b1 + a1×b0 + 19×(a2×b4 + a3×b3 + a4×b2)
-	r1 := mul64(a0, b1)
-	r1 = addMul64(r1, a1, b0)
-	r1 = addMul64(r1, a2_19, b4)
-	r1 = addMul64(r1, a3_19, b3)
-	r1 = addMul64(r1, a4_19, b2)
-
-	// r2 = a0×b2 + a1×b1 + a2×b0 + 19×(a3×b4 + a4×b3)
-	r2 := mul64(a0, b2)
-	r2 = addMul64(r2, a1, b1)
-	r2 = addMul64(r2, a2, b0)
-	r2 = addMul64(r2, a3_19, b4)
-	r2 = addMul64(r2, a4_19, b3)
-
-	// r3 = a0×b3 + a1×b2 + a2×b1 + a3×b0 + 19×a4×b4
-	r3 := mul64(a0, b3)
-	r3 = addMul64(r3, a1, b2)
-	r3 = addMul64(r3, a2, b1)
-	r3 = addMul64(r3, a3, b0)
-	r3 = addMul64(r3, a4_19, b4)
-
-	// r4 = a0×b4 + a1×b3 + a2×b2 + a3×b1 + a4×b0
-	r4 := mul64(a0, b4)
-	r4 = addMul64(r4, a1, b3)
-	r4 = addMul64(r4, a2, b2)
-	r4 = addMul64(r4, a3, b1)
-	r4 = addMul64(r4, a4, b0)
-
-	// After the multiplication, we need to reduce (carry) the five coefficients
-	// to obtain a result with limbs that are at most slightly larger than 2⁵¹,
-	// to respect the Element invariant.
-	//
-	// Overall, the reduction works the same as carryPropagate, except with
-	// wider inputs: we take the carry for each coefficient by shifting it right
-	// by 51, and add it to the limb above it. The top carry is multiplied by 19
-	// according to the reduction identity and added to the lowest limb.
-	//
-	// The largest coefficient (r0) will be at most 111 bits, which guarantees
-	// that all carries are at most 111 - 51 = 60 bits, which fits in a uint64.
-	//
-	//     r0 = a0×b0 + 19×(a1×b4 + a2×b3 + a3×b2 + a4×b1)
-	//     r0 < 2⁵²×2⁵² + 19×(2⁵²×2⁵² + 2⁵²×2⁵² + 2⁵²×2⁵² + 2⁵²×2⁵²)
-	//     r0 < (1 + 19 × 4) × 2⁵² × 2⁵²
-	//     r0 < 2⁷ × 2⁵² × 2⁵²
-	//     r0 < 2¹¹¹
-	//
-	// Moreover, the top coefficient (r4) is at most 107 bits, so c4 is at most
-	// 56 bits, and c4 * 19 is at most 61 bits, which again fits in a uint64 and
-	// allows us to easily apply the reduction identity.
-	//
-	//     r4 = a0×b4 + a1×b3 + a2×b2 + a3×b1 + a4×b0
-	//     r4 < 5 × 2⁵² × 2⁵²
-	//     r4 < 2¹⁰⁷
-	//
-
-	c0 := shiftRightBy51(r0)
-	c1 := shiftRightBy51(r1)
-	c2 := shiftRightBy51(r2)
-	c3 := shiftRightBy51(r3)
-	c4 := shiftRightBy51(r4)
-
-	rr0 := r0.lo&maskLow51Bits + c4*19
-	rr1 := r1.lo&maskLow51Bits + c0
-	rr2 := r2.lo&maskLow51Bits + c1
-	rr3 := r3.lo&maskLow51Bits + c2
-	rr4 := r4.lo&maskLow51Bits + c3
-
-	// Now all coefficients fit into 64-bit registers but are still too large to
-	// be passed around as a Element. We therefore do one last carry chain,
-	// where the carries will be small enough to fit in the wiggle room above 2⁵¹.
-	*v = Element{rr0, rr1, rr2, rr3, rr4}
-	v.carryPropagate()
-}
-
-func feSquareGeneric(v, a *Element) {
-	l0 := a.l0
-	l1 := a.l1
-	l2 := a.l2
-	l3 := a.l3
-	l4 := a.l4
-
-	// Squaring works precisely like multiplication above, but thanks to its
-	// symmetry we get to group a few terms together.
-	//
-	//                          l4   l3   l2   l1   l0  x
-	//                          l4   l3   l2   l1   l0  =
-	//                         ------------------------
-	//                        l4l0 l3l0 l2l0 l1l0 l0l0  +
-	//                   l4l1 l3l1 l2l1 l1l1 l0l1       +
-	//              l4l2 l3l2 l2l2 l1l2 l0l2            +
-	//         l4l3 l3l3 l2l3 l1l3 l0l3                 +
-	//    l4l4 l3l4 l2l4 l1l4 l0l4                      =
-	//   ----------------------------------------------
-	//      r8   r7   r6   r5   r4   r3   r2   r1   r0
-	//
-	//            l4l0    l3l0    l2l0    l1l0    l0l0  +
-	//            l3l1    l2l1    l1l1    l0l1 19×l4l1  +
-	//            l2l2    l1l2    l0l2 19×l4l2 19×l3l2  +
-	//            l1l3    l0l3 19×l4l3 19×l3l3 19×l2l3  +
-	//            l0l4 19×l4l4 19×l3l4 19×l2l4 19×l1l4  =
-	//           --------------------------------------
-	//              r4      r3      r2      r1      r0
-	//
-	// With precomputed 2×, 19×, and 2×19× terms, we can compute each limb with
-	// only three Mul64 and four Add64, instead of five and eight.
-
-	l0_2 := l0 * 2
-	l1_2 := l1 * 2
-
-	l1_38 := l1 * 38
-	l2_38 := l2 * 38
-	l3_38 := l3 * 38
-
-	l3_19 := l3 * 19
-	l4_19 := l4 * 19
-
-	// r0 = l0×l0 + 19×(l1×l4 + l2×l3 + l3×l2 + l4×l1) = l0×l0 + 19×2×(l1×l4 + l2×l3)
-	r0 := mul64(l0, l0)
-	r0 = addMul64(r0, l1_38, l4)
-	r0 = addMul64(r0, l2_38, l3)
-
-	// r1 = l0×l1 + l1×l0 + 19×(l2×l4 + l3×l3 + l4×l2) = 2×l0×l1 + 19×2×l2×l4 + 19×l3×l3
-	r1 := mul64(l0_2, l1)
-	r1 = addMul64(r1, l2_38, l4)
-	r1 = addMul64(r1, l3_19, l3)
-
-	// r2 = l0×l2 + l1×l1 + l2×l0 + 19×(l3×l4 + l4×l3) = 2×l0×l2 + l1×l1 + 19×2×l3×l4
-	r2 := mul64(l0_2, l2)
-	r2 = addMul64(r2, l1, l1)
-	r2 = addMul64(r2, l3_38, l4)
-
-	// r3 = l0×l3 + l1×l2 + l2×l1 + l3×l0 + 19×l4×l4 = 2×l0×l3 + 2×l1×l2 + 19×l4×l4
-	r3 := mul64(l0_2, l3)
-	r3 = addMul64(r3, l1_2, l2)
-	r3 = addMul64(r3, l4_19, l4)
-
-	// r4 = l0×l4 + l1×l3 + l2×l2 + l3×l1 + l4×l0 = 2×l0×l4 + 2×l1×l3 + l2×l2
-	r4 := mul64(l0_2, l4)
-	r4 = addMul64(r4, l1_2, l3)
-	r4 = addMul64(r4, l2, l2)
-
-	c0 := shiftRightBy51(r0)
-	c1 := shiftRightBy51(r1)
-	c2 := shiftRightBy51(r2)
-	c3 := shiftRightBy51(r3)
-	c4 := shiftRightBy51(r4)
-
-	rr0 := r0.lo&maskLow51Bits + c4*19
-	rr1 := r1.lo&maskLow51Bits + c0
-	rr2 := r2.lo&maskLow51Bits + c1
-	rr3 := r3.lo&maskLow51Bits + c2
-	rr4 := r4.lo&maskLow51Bits + c3
-
-	*v = Element{rr0, rr1, rr2, rr3, rr4}
-	v.carryPropagate()
-}
-
-// carryPropagateGeneric brings the limbs below 52 bits by applying the reduction
-// identity (a * 2²⁵⁵ + b = a * 19 + b) to the l4 carry. TODO inline
-func (v *Element) carryPropagateGeneric() *Element {
-	c0 := v.l0 >> 51
-	c1 := v.l1 >> 51
-	c2 := v.l2 >> 51
-	c3 := v.l3 >> 51
-	c4 := v.l4 >> 51
-
-	v.l0 = v.l0&maskLow51Bits + c4*19
-	v.l1 = v.l1&maskLow51Bits + c0
-	v.l2 = v.l2&maskLow51Bits + c1
-	v.l3 = v.l3&maskLow51Bits + c2
-	v.l4 = v.l4&maskLow51Bits + c3
-
-	return v
-}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/sync.checkpoint b/vendor/golang.org/x/crypto/curve25519/internal/field/sync.checkpoint
deleted file mode 100644
index e3685f95c..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/sync.checkpoint
+++ /dev/null
@@ -1 +0,0 @@
-b0c49ae9f59d233526f8934262c5bbbe14d4358d
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/sync.sh b/vendor/golang.org/x/crypto/curve25519/internal/field/sync.sh
deleted file mode 100644
index 1ba22a8b4..000000000
--- a/vendor/golang.org/x/crypto/curve25519/internal/field/sync.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-#! /bin/bash
-set -euo pipefail
-
-cd "$(git rev-parse --show-toplevel)"
-
-STD_PATH=src/crypto/ed25519/internal/edwards25519/field
-LOCAL_PATH=curve25519/internal/field
-LAST_SYNC_REF=$(cat $LOCAL_PATH/sync.checkpoint)
-
-git fetch https://go.googlesource.com/go master
-
-if git diff --quiet $LAST_SYNC_REF:$STD_PATH FETCH_HEAD:$STD_PATH; then
-    echo "No changes."
-else
-    NEW_REF=$(git rev-parse FETCH_HEAD | tee $LOCAL_PATH/sync.checkpoint)
-    echo "Applying changes from $LAST_SYNC_REF to $NEW_REF..."
-    git diff $LAST_SYNC_REF:$STD_PATH FETCH_HEAD:$STD_PATH | \
-        git apply -3 --directory=$LOCAL_PATH
-fi
diff --git a/vendor/golang.org/x/crypto/ed25519/ed25519.go b/vendor/golang.org/x/crypto/ed25519/ed25519.go
index a7828345f..59b3a95a7 100644
--- a/vendor/golang.org/x/crypto/ed25519/ed25519.go
+++ b/vendor/golang.org/x/crypto/ed25519/ed25519.go
@@ -11,9 +11,7 @@
 // operations with the same key more efficient. This package refers to the RFC
 // 8032 private key as the “seed”.
 //
-// Beginning with Go 1.13, the functionality of this package was moved to the
-// standard library as crypto/ed25519. This package only acts as a compatibility
-// wrapper.
+// This package is a wrapper around the standard library crypto/ed25519 package.
 package ed25519
 
 import (
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go b/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
index 333da285b..bd896bdc7 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build (!amd64 && !ppc64le && !s390x) || !gc || purego
+//go:build (!amd64 && !ppc64le && !ppc64 && !s390x) || !gc || purego
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s b/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s
index e0d3c6475..133757384 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s
@@ -1,108 +1,93 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// Code generated by command: go run sum_amd64_asm.go -out ../sum_amd64.s -pkg poly1305. DO NOT EDIT.
 
 //go:build gc && !purego
 
-#include "textflag.h"
-
-#define POLY1305_ADD(msg, h0, h1, h2) \
-	ADDQ 0(msg), h0;  \
-	ADCQ 8(msg), h1;  \
-	ADCQ $1, h2;      \
-	LEAQ 16(msg), msg
-
-#define POLY1305_MUL(h0, h1, h2, r0, r1, t0, t1, t2, t3) \
-	MOVQ  r0, AX;                  \
-	MULQ  h0;                      \
-	MOVQ  AX, t0;                  \
-	MOVQ  DX, t1;                  \
-	MOVQ  r0, AX;                  \
-	MULQ  h1;                      \
-	ADDQ  AX, t1;                  \
-	ADCQ  $0, DX;                  \
-	MOVQ  r0, t2;                  \
-	IMULQ h2, t2;                  \
-	ADDQ  DX, t2;                  \
-	                               \
-	MOVQ  r1, AX;                  \
-	MULQ  h0;                      \
-	ADDQ  AX, t1;                  \
-	ADCQ  $0, DX;                  \
-	MOVQ  DX, h0;                  \
-	MOVQ  r1, t3;                  \
-	IMULQ h2, t3;                  \
-	MOVQ  r1, AX;                  \
-	MULQ  h1;                      \
-	ADDQ  AX, t2;                  \
-	ADCQ  DX, t3;                  \
-	ADDQ  h0, t2;                  \
-	ADCQ  $0, t3;                  \
-	                               \
-	MOVQ  t0, h0;                  \
-	MOVQ  t1, h1;                  \
-	MOVQ  t2, h2;                  \
-	ANDQ  $3, h2;                  \
-	MOVQ  t2, t0;                  \
-	ANDQ  $0xFFFFFFFFFFFFFFFC, t0; \
-	ADDQ  t0, h0;                  \
-	ADCQ  t3, h1;                  \
-	ADCQ  $0, h2;                  \
-	SHRQ  $2, t3, t2;              \
-	SHRQ  $2, t3;                  \
-	ADDQ  t2, h0;                  \
-	ADCQ  t3, h1;                  \
-	ADCQ  $0, h2
-
-// func update(state *[7]uint64, msg []byte)
+// func update(state *macState, msg []byte)
 TEXT ·update(SB), $0-32
 	MOVQ state+0(FP), DI
 	MOVQ msg_base+8(FP), SI
 	MOVQ msg_len+16(FP), R15
-
-	MOVQ 0(DI), R8   // h0
-	MOVQ 8(DI), R9   // h1
-	MOVQ 16(DI), R10 // h2
-	MOVQ 24(DI), R11 // r0
-	MOVQ 32(DI), R12 // r1
-
-	CMPQ R15, $16
+	MOVQ (DI), R8
+	MOVQ 8(DI), R9
+	MOVQ 16(DI), R10
+	MOVQ 24(DI), R11
+	MOVQ 32(DI), R12
+	CMPQ R15, $0x10
 	JB   bytes_between_0_and_15
 
 loop:
-	POLY1305_ADD(SI, R8, R9, R10)
+	ADDQ (SI), R8
+	ADCQ 8(SI), R9
+	ADCQ $0x01, R10
+	LEAQ 16(SI), SI
 
 multiply:
-	POLY1305_MUL(R8, R9, R10, R11, R12, BX, CX, R13, R14)
-	SUBQ $16, R15
-	CMPQ R15, $16
-	JAE  loop
+	MOVQ  R11, AX
+	MULQ  R8
+	MOVQ  AX, BX
+	MOVQ  DX, CX
+	MOVQ  R11, AX
+	MULQ  R9
+	ADDQ  AX, CX
+	ADCQ  $0x00, DX
+	MOVQ  R11, R13
+	IMULQ R10, R13
+	ADDQ  DX, R13
+	MOVQ  R12, AX
+	MULQ  R8
+	ADDQ  AX, CX
+	ADCQ  $0x00, DX
+	MOVQ  DX, R8
+	MOVQ  R12, R14
+	IMULQ R10, R14
+	MOVQ  R12, AX
+	MULQ  R9
+	ADDQ  AX, R13
+	ADCQ  DX, R14
+	ADDQ  R8, R13
+	ADCQ  $0x00, R14
+	MOVQ  BX, R8
+	MOVQ  CX, R9
+	MOVQ  R13, R10
+	ANDQ  $0x03, R10
+	MOVQ  R13, BX
+	ANDQ  $-4, BX
+	ADDQ  BX, R8
+	ADCQ  R14, R9
+	ADCQ  $0x00, R10
+	SHRQ  $0x02, R14, R13
+	SHRQ  $0x02, R14
+	ADDQ  R13, R8
+	ADCQ  R14, R9
+	ADCQ  $0x00, R10
+	SUBQ  $0x10, R15
+	CMPQ  R15, $0x10
+	JAE   loop
 
 bytes_between_0_and_15:
 	TESTQ R15, R15
 	JZ    done
-	MOVQ  $1, BX
+	MOVQ  $0x00000001, BX
 	XORQ  CX, CX
 	XORQ  R13, R13
 	ADDQ  R15, SI
 
 flush_buffer:
-	SHLQ $8, BX, CX
-	SHLQ $8, BX
+	SHLQ $0x08, BX, CX
+	SHLQ $0x08, BX
 	MOVB -1(SI), R13
 	XORQ R13, BX
 	DECQ SI
 	DECQ R15
 	JNZ  flush_buffer
-
 	ADDQ BX, R8
 	ADCQ CX, R9
-	ADCQ $0, R10
-	MOVQ $16, R15
+	ADCQ $0x00, R10
+	MOVQ $0x00000010, R15
 	JMP  multiply
 
 done:
-	MOVQ R8, 0(DI)
+	MOVQ R8, (DI)
 	MOVQ R9, 8(DI)
 	MOVQ R10, 16(DI)
 	RET
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go
similarity index 95%
rename from vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
rename to vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go
index 4aec4874b..1a1679aaa 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build gc && !purego
+//go:build gc && !purego && (ppc64 || ppc64le)
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s
similarity index 89%
rename from vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
rename to vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s
index b3c1699bf..6899a1dab 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s
@@ -2,15 +2,25 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build gc && !purego
+//go:build gc && !purego && (ppc64 || ppc64le)
 
 #include "textflag.h"
 
 // This was ported from the amd64 implementation.
 
+#ifdef GOARCH_ppc64le
+#define LE_MOVD MOVD
+#define LE_MOVWZ MOVWZ
+#define LE_MOVHZ MOVHZ
+#else
+#define LE_MOVD MOVDBR
+#define LE_MOVWZ MOVWBR
+#define LE_MOVHZ MOVHBR
+#endif
+
 #define POLY1305_ADD(msg, h0, h1, h2, t0, t1, t2) \
-	MOVD (msg), t0;  \
-	MOVD 8(msg), t1; \
+	LE_MOVD (msg)( R0), t0; \
+	LE_MOVD (msg)(R24), t1; \
 	MOVD $1, t2;     \
 	ADDC t0, h0, h0; \
 	ADDE t1, h1, h1; \
@@ -50,10 +60,6 @@
 	ADDE   t3, h1, h1;  \
 	ADDZE  h2
 
-DATA ·poly1305Mask<>+0x00(SB)/8, $0x0FFFFFFC0FFFFFFF
-DATA ·poly1305Mask<>+0x08(SB)/8, $0x0FFFFFFC0FFFFFFC
-GLOBL ·poly1305Mask<>(SB), RODATA, $16
-
 // func update(state *[7]uint64, msg []byte)
 TEXT ·update(SB), $0-32
 	MOVD state+0(FP), R3
@@ -66,6 +72,8 @@ TEXT ·update(SB), $0-32
 	MOVD 24(R3), R11 // r0
 	MOVD 32(R3), R12 // r1
 
+	MOVD $8, R24
+
 	CMP R5, $16
 	BLT bytes_between_0_and_15
 
@@ -94,7 +102,7 @@ flush_buffer:
 
 	// Greater than 8 -- load the rightmost remaining bytes in msg
 	// and put into R17 (h1)
-	MOVD (R4)(R21), R17
+	LE_MOVD (R4)(R21), R17
 	MOVD $16, R22
 
 	// Find the offset to those bytes
@@ -118,7 +126,7 @@ just1:
 	BLT less8
 
 	// Exactly 8
-	MOVD (R4), R16
+	LE_MOVD (R4), R16
 
 	CMP R17, $0
 
@@ -133,7 +141,7 @@ less8:
 	MOVD  $0, R22   // shift count
 	CMP   R5, $4
 	BLT   less4
-	MOVWZ (R4), R16
+	LE_MOVWZ (R4), R16
 	ADD   $4, R4
 	ADD   $-4, R5
 	MOVD  $32, R22
@@ -141,7 +149,7 @@ less8:
 less4:
 	CMP   R5, $2
 	BLT   less2
-	MOVHZ (R4), R21
+	LE_MOVHZ (R4), R21
 	SLD   R22, R21, R21
 	OR    R16, R21, R16
 	ADD   $16, R22
diff --git a/vendor/golang.org/x/crypto/ocsp/ocsp.go b/vendor/golang.org/x/crypto/ocsp/ocsp.go
index bf2259537..e6c645e7c 100644
--- a/vendor/golang.org/x/crypto/ocsp/ocsp.go
+++ b/vendor/golang.org/x/crypto/ocsp/ocsp.go
@@ -5,7 +5,7 @@
 // Package ocsp parses OCSP responses as specified in RFC 2560. OCSP responses
 // are signed messages attesting to the validity of a certificate for a small
 // period of time. This is used to manage revocation for X.509 certificates.
-package ocsp // import "golang.org/x/crypto/ocsp"
+package ocsp
 
 import (
 	"crypto"
diff --git a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
index 904b57e01..28cd99c7f 100644
--- a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
+++ b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
@@ -16,7 +16,7 @@ Hash Functions SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 for HMAC. To
 choose, you can pass the `New` functions from the different SHA packages to
 pbkdf2.Key.
 */
-package pbkdf2 // import "golang.org/x/crypto/pbkdf2"
+package pbkdf2
 
 import (
 	"crypto/hmac"
diff --git a/vendor/golang.org/x/crypto/pkcs12/crypto.go b/vendor/golang.org/x/crypto/pkcs12/crypto.go
index 96f4a1a56..212538cb5 100644
--- a/vendor/golang.org/x/crypto/pkcs12/crypto.go
+++ b/vendor/golang.org/x/crypto/pkcs12/crypto.go
@@ -26,7 +26,7 @@ type pbeCipher interface {
 	create(key []byte) (cipher.Block, error)
 	// deriveKey returns a key derived from the given password and salt.
 	deriveKey(salt, password []byte, iterations int) []byte
-	// deriveKey returns an IV derived from the given password and salt.
+	// deriveIV returns an IV derived from the given password and salt.
 	deriveIV(salt, password []byte, iterations int) []byte
 }
 
diff --git a/vendor/golang.org/x/crypto/scrypt/scrypt.go b/vendor/golang.org/x/crypto/scrypt/scrypt.go
index c971a99fa..76fa40fb2 100644
--- a/vendor/golang.org/x/crypto/scrypt/scrypt.go
+++ b/vendor/golang.org/x/crypto/scrypt/scrypt.go
@@ -5,7 +5,7 @@
 // Package scrypt implements the scrypt key derivation function as defined in
 // Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard
 // Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf).
-package scrypt // import "golang.org/x/crypto/scrypt"
+package scrypt
 
 import (
 	"crypto/sha256"
diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go
index 34bf089d0..b86dde151 100644
--- a/vendor/golang.org/x/crypto/ssh/client_auth.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth.go
@@ -71,6 +71,10 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
 	for auth := AuthMethod(new(noneAuth)); auth != nil; {
 		ok, methods, err := auth.auth(sessionID, config.User, c.transport, config.Rand, extensions)
 		if err != nil {
+			// On disconnect, return error immediately
+			if _, ok := err.(*disconnectMsg); ok {
+				return err
+			}
 			// We return the error later if there is no other method left to
 			// try.
 			ok = authFailure
@@ -404,10 +408,10 @@ func validateKey(key PublicKey, algo string, user string, c packetConn) (bool, e
 		return false, err
 	}
 
-	return confirmKeyAck(key, algo, c)
+	return confirmKeyAck(key, c)
 }
 
-func confirmKeyAck(key PublicKey, algo string, c packetConn) (bool, error) {
+func confirmKeyAck(key PublicKey, c packetConn) (bool, error) {
 	pubKey := key.Marshal()
 
 	for {
@@ -425,7 +429,15 @@ func confirmKeyAck(key PublicKey, algo string, c packetConn) (bool, error) {
 			if err := Unmarshal(packet, &msg); err != nil {
 				return false, err
 			}
-			if msg.Algo != algo || !bytes.Equal(msg.PubKey, pubKey) {
+			// According to RFC 4252 Section 7 the algorithm in
+			// SSH_MSG_USERAUTH_PK_OK should match that of the request but some
+			// servers send the key type instead. OpenSSH allows any algorithm
+			// that matches the public key, so we do the same.
+			// https://github.com/openssh/openssh-portable/blob/86bdd385/sshconnect2.c#L709
+			if !contains(algorithmsForKeyFormat(key.Type()), msg.Algo) {
+				return false, nil
+			}
+			if !bytes.Equal(msg.PubKey, pubKey) {
 				return false, nil
 			}
 			return true, nil
@@ -543,6 +555,7 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
 	}
 
 	gotMsgExtInfo := false
+	gotUserAuthInfoRequest := false
 	for {
 		packet, err := c.readPacket()
 		if err != nil {
@@ -573,6 +586,9 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
 			if msg.PartialSuccess {
 				return authPartialSuccess, msg.Methods, nil
 			}
+			if !gotUserAuthInfoRequest {
+				return authFailure, msg.Methods, unexpectedMessageError(msgUserAuthInfoRequest, packet[0])
+			}
 			return authFailure, msg.Methods, nil
 		case msgUserAuthSuccess:
 			return authSuccess, nil, nil
@@ -584,6 +600,7 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
 		if err := Unmarshal(packet, &msg); err != nil {
 			return authFailure, nil, err
 		}
+		gotUserAuthInfoRequest = true
 
 		// Manually unpack the prompt/echo pairs.
 		rest := msg.Prompts
diff --git a/vendor/golang.org/x/crypto/ssh/doc.go b/vendor/golang.org/x/crypto/ssh/doc.go
index edbe63340..f5d352fe3 100644
--- a/vendor/golang.org/x/crypto/ssh/doc.go
+++ b/vendor/golang.org/x/crypto/ssh/doc.go
@@ -20,4 +20,4 @@ References:
 This package does not fall under the stability promise of the Go language itself,
 so its API may be changed when pressing needs arise.
 */
-package ssh // import "golang.org/x/crypto/ssh"
+package ssh
diff --git a/vendor/golang.org/x/crypto/ssh/keys.go b/vendor/golang.org/x/crypto/ssh/keys.go
index df4ebdada..98e6706d5 100644
--- a/vendor/golang.org/x/crypto/ssh/keys.go
+++ b/vendor/golang.org/x/crypto/ssh/keys.go
@@ -488,7 +488,49 @@ func (r *rsaPublicKey) Verify(data []byte, sig *Signature) error {
 	h := hash.New()
 	h.Write(data)
 	digest := h.Sum(nil)
-	return rsa.VerifyPKCS1v15((*rsa.PublicKey)(r), hash, digest, sig.Blob)
+
+	// Signatures in PKCS1v15 must match the key's modulus in
+	// length. However with SSH, some signers provide RSA
+	// signatures which are missing the MSB 0's of the bignum
+	// represented. With ssh-rsa signatures, this is encouraged by
+	// the spec (even though e.g. OpenSSH will give the full
+	// length unconditionally). With rsa-sha2-* signatures, the
+	// verifier is allowed to support these, even though they are
+	// out of spec. See RFC 4253 Section 6.6 for ssh-rsa and RFC
+	// 8332 Section 3 for rsa-sha2-* details.
+	//
+	// In practice:
+	// * OpenSSH always allows "short" signatures:
+	//   https://github.com/openssh/openssh-portable/blob/V_9_8_P1/ssh-rsa.c#L526
+	//   but always generates padded signatures:
+	//   https://github.com/openssh/openssh-portable/blob/V_9_8_P1/ssh-rsa.c#L439
+	//
+	// * PuTTY versions 0.81 and earlier will generate short
+	//   signatures for all RSA signature variants. Note that
+	//   PuTTY is embedded in other software, such as WinSCP and
+	//   FileZilla. At the time of writing, a patch has been
+	//   applied to PuTTY to generate padded signatures for
+	//   rsa-sha2-*, but not yet released:
+	//   https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=a5bcf3d384e1bf15a51a6923c3724cbbee022d8e
+	//
+	// * SSH.NET versions 2024.0.0 and earlier will generate short
+	//   signatures for all RSA signature variants, fixed in 2024.1.0:
+	//   https://github.com/sshnet/SSH.NET/releases/tag/2024.1.0
+	//
+	// As a result, we pad these up to the key size by inserting
+	// leading 0's.
+	//
+	// Note that support for short signatures with rsa-sha2-* may
+	// be removed in the future due to such signatures not being
+	// allowed by the spec.
+	blob := sig.Blob
+	keySize := (*rsa.PublicKey)(r).Size()
+	if len(blob) < keySize {
+		padded := make([]byte, keySize)
+		copy(padded[keySize-len(blob):], blob)
+		blob = padded
+	}
+	return rsa.VerifyPKCS1v15((*rsa.PublicKey)(r), hash, digest, blob)
 }
 
 func (r *rsaPublicKey) CryptoPublicKey() crypto.PublicKey {
@@ -904,6 +946,10 @@ func (k *skECDSAPublicKey) Verify(data []byte, sig *Signature) error {
 	return errors.New("ssh: signature did not verify")
 }
 
+func (k *skECDSAPublicKey) CryptoPublicKey() crypto.PublicKey {
+	return &k.PublicKey
+}
+
 type skEd25519PublicKey struct {
 	// application is a URL-like string, typically "ssh:" for SSH.
 	// see openssh/PROTOCOL.u2f for details.
@@ -1000,6 +1046,10 @@ func (k *skEd25519PublicKey) Verify(data []byte, sig *Signature) error {
 	return nil
 }
 
+func (k *skEd25519PublicKey) CryptoPublicKey() crypto.PublicKey {
+	return k.PublicKey
+}
+
 // NewSignerFromKey takes an *rsa.PrivateKey, *dsa.PrivateKey,
 // *ecdsa.PrivateKey or any other crypto.Signer and returns a
 // corresponding Signer instance. ECDSA keys must use P-256, P-384 or
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index c2dfe3268..5b5ccd96f 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -149,7 +149,7 @@ func (s *ServerConfig) AddHostKey(key Signer) {
 }
 
 // cachedPubKey contains the results of querying whether a public key is
-// acceptable for a user.
+// acceptable for a user. This is a FIFO cache.
 type cachedPubKey struct {
 	user       string
 	pubKeyData []byte
@@ -157,7 +157,13 @@ type cachedPubKey struct {
 	perms      *Permissions
 }
 
-const maxCachedPubKeys = 16
+// maxCachedPubKeys is the number of cache entries we store.
+//
+// Due to consistent misuse of the PublicKeyCallback API, we have reduced this
+// to 1, such that the only key in the cache is the most recently seen one. This
+// forces the behavior that the last call to PublicKeyCallback will always be
+// with the key that is used for authentication.
+const maxCachedPubKeys = 1
 
 // pubKeyCache caches tests for public keys.  Since SSH clients
 // will query whether a public key is acceptable before attempting to
@@ -179,9 +185,10 @@ func (c *pubKeyCache) get(user string, pubKeyData []byte) (cachedPubKey, bool) {
 
 // add adds the given tuple to the cache.
 func (c *pubKeyCache) add(candidate cachedPubKey) {
-	if len(c.keys) < maxCachedPubKeys {
-		c.keys = append(c.keys, candidate)
+	if len(c.keys) >= maxCachedPubKeys {
+		c.keys = c.keys[1:]
 	}
+	c.keys = append(c.keys, candidate)
 }
 
 // ServerConn is an authenticated SSH connection, as seen from the
@@ -426,6 +433,35 @@ func (l ServerAuthError) Error() string {
 	return "[" + strings.Join(errs, ", ") + "]"
 }
 
+// ServerAuthCallbacks defines server-side authentication callbacks.
+type ServerAuthCallbacks struct {
+	// PasswordCallback behaves like [ServerConfig.PasswordCallback].
+	PasswordCallback func(conn ConnMetadata, password []byte) (*Permissions, error)
+
+	// PublicKeyCallback behaves like [ServerConfig.PublicKeyCallback].
+	PublicKeyCallback func(conn ConnMetadata, key PublicKey) (*Permissions, error)
+
+	// KeyboardInteractiveCallback behaves like [ServerConfig.KeyboardInteractiveCallback].
+	KeyboardInteractiveCallback func(conn ConnMetadata, client KeyboardInteractiveChallenge) (*Permissions, error)
+
+	// GSSAPIWithMICConfig behaves like [ServerConfig.GSSAPIWithMICConfig].
+	GSSAPIWithMICConfig *GSSAPIWithMICConfig
+}
+
+// PartialSuccessError can be returned by any of the [ServerConfig]
+// authentication callbacks to indicate to the client that authentication has
+// partially succeeded, but further steps are required.
+type PartialSuccessError struct {
+	// Next defines the authentication callbacks to apply to further steps. The
+	// available methods communicated to the client are based on the non-nil
+	// ServerAuthCallbacks fields.
+	Next ServerAuthCallbacks
+}
+
+func (p *PartialSuccessError) Error() string {
+	return "ssh: authenticated with partial success"
+}
+
 // ErrNoAuth is the error value returned if no
 // authentication method has been passed yet. This happens as a normal
 // part of the authentication loop, since the client first tries
@@ -433,14 +469,42 @@ func (l ServerAuthError) Error() string {
 // It is returned in ServerAuthError.Errors from NewServerConn.
 var ErrNoAuth = errors.New("ssh: no auth passed yet")
 
+// BannerError is an error that can be returned by authentication handlers in
+// ServerConfig to send a banner message to the client.
+type BannerError struct {
+	Err     error
+	Message string
+}
+
+func (b *BannerError) Unwrap() error {
+	return b.Err
+}
+
+func (b *BannerError) Error() string {
+	if b.Err == nil {
+		return b.Message
+	}
+	return b.Err.Error()
+}
+
 func (s *connection) serverAuthenticate(config *ServerConfig) (*Permissions, error) {
 	sessionID := s.transport.getSessionID()
 	var cache pubKeyCache
 	var perms *Permissions
 
 	authFailures := 0
+	noneAuthCount := 0
 	var authErrs []error
 	var displayedBanner bool
+	partialSuccessReturned := false
+	// Set the initial authentication callbacks from the config. They can be
+	// changed if a PartialSuccessError is returned.
+	authConfig := ServerAuthCallbacks{
+		PasswordCallback:            config.PasswordCallback,
+		PublicKeyCallback:           config.PublicKeyCallback,
+		KeyboardInteractiveCallback: config.KeyboardInteractiveCallback,
+		GSSAPIWithMICConfig:         config.GSSAPIWithMICConfig,
+	}
 
 userAuthLoop:
 	for {
@@ -453,8 +517,8 @@ userAuthLoop:
 			if err := s.transport.writePacket(Marshal(discMsg)); err != nil {
 				return nil, err
 			}
-
-			return nil, discMsg
+			authErrs = append(authErrs, discMsg)
+			return nil, &ServerAuthError{Errors: authErrs}
 		}
 
 		var userAuthReq userAuthRequestMsg
@@ -471,6 +535,11 @@ userAuthLoop:
 			return nil, errors.New("ssh: client attempted to negotiate for unknown service: " + userAuthReq.Service)
 		}
 
+		if s.user != userAuthReq.User && partialSuccessReturned {
+			return nil, fmt.Errorf("ssh: client changed the user after a partial success authentication, previous user %q, current user %q",
+				s.user, userAuthReq.User)
+		}
+
 		s.user = userAuthReq.User
 
 		if !displayedBanner && config.BannerCallback != nil {
@@ -491,20 +560,18 @@ userAuthLoop:
 
 		switch userAuthReq.Method {
 		case "none":
-			if config.NoClientAuth {
+			noneAuthCount++
+			// We don't allow none authentication after a partial success
+			// response.
+			if config.NoClientAuth && !partialSuccessReturned {
 				if config.NoClientAuthCallback != nil {
 					perms, authErr = config.NoClientAuthCallback(s)
 				} else {
 					authErr = nil
 				}
 			}
-
-			// allow initial attempt of 'none' without penalty
-			if authFailures == 0 {
-				authFailures--
-			}
 		case "password":
-			if config.PasswordCallback == nil {
+			if authConfig.PasswordCallback == nil {
 				authErr = errors.New("ssh: password auth not configured")
 				break
 			}
@@ -518,17 +585,17 @@ userAuthLoop:
 				return nil, parseError(msgUserAuthRequest)
 			}
 
-			perms, authErr = config.PasswordCallback(s, password)
+			perms, authErr = authConfig.PasswordCallback(s, password)
 		case "keyboard-interactive":
-			if config.KeyboardInteractiveCallback == nil {
+			if authConfig.KeyboardInteractiveCallback == nil {
 				authErr = errors.New("ssh: keyboard-interactive auth not configured")
 				break
 			}
 
 			prompter := &sshClientKeyboardInteractive{s}
-			perms, authErr = config.KeyboardInteractiveCallback(s, prompter.Challenge)
+			perms, authErr = authConfig.KeyboardInteractiveCallback(s, prompter.Challenge)
 		case "publickey":
-			if config.PublicKeyCallback == nil {
+			if authConfig.PublicKeyCallback == nil {
 				authErr = errors.New("ssh: publickey auth not configured")
 				break
 			}
@@ -562,11 +629,18 @@ userAuthLoop:
 			if !ok {
 				candidate.user = s.user
 				candidate.pubKeyData = pubKeyData
-				candidate.perms, candidate.result = config.PublicKeyCallback(s, pubKey)
-				if candidate.result == nil && candidate.perms != nil && candidate.perms.CriticalOptions != nil && candidate.perms.CriticalOptions[sourceAddressCriticalOption] != "" {
-					candidate.result = checkSourceAddress(
+				candidate.perms, candidate.result = authConfig.PublicKeyCallback(s, pubKey)
+				_, isPartialSuccessError := candidate.result.(*PartialSuccessError)
+
+				if (candidate.result == nil || isPartialSuccessError) &&
+					candidate.perms != nil &&
+					candidate.perms.CriticalOptions != nil &&
+					candidate.perms.CriticalOptions[sourceAddressCriticalOption] != "" {
+					if err := checkSourceAddress(
 						s.RemoteAddr(),
-						candidate.perms.CriticalOptions[sourceAddressCriticalOption])
+						candidate.perms.CriticalOptions[sourceAddressCriticalOption]); err != nil {
+						candidate.result = err
+					}
 				}
 				cache.add(candidate)
 			}
@@ -578,8 +652,8 @@ userAuthLoop:
 				if len(payload) > 0 {
 					return nil, parseError(msgUserAuthRequest)
 				}
-
-				if candidate.result == nil {
+				_, isPartialSuccessError := candidate.result.(*PartialSuccessError)
+				if candidate.result == nil || isPartialSuccessError {
 					okMsg := userAuthPubKeyOkMsg{
 						Algo:   algo,
 						PubKey: pubKeyData,
@@ -629,11 +703,11 @@ userAuthLoop:
 				perms = candidate.perms
 			}
 		case "gssapi-with-mic":
-			if config.GSSAPIWithMICConfig == nil {
+			if authConfig.GSSAPIWithMICConfig == nil {
 				authErr = errors.New("ssh: gssapi-with-mic auth not configured")
 				break
 			}
-			gssapiConfig := config.GSSAPIWithMICConfig
+			gssapiConfig := authConfig.GSSAPIWithMICConfig
 			userAuthRequestGSSAPI, err := parseGSSAPIPayload(userAuthReq.Payload)
 			if err != nil {
 				return nil, parseError(msgUserAuthRequest)
@@ -685,53 +759,86 @@ userAuthLoop:
 			config.AuthLogCallback(s, userAuthReq.Method, authErr)
 		}
 
+		var bannerErr *BannerError
+		if errors.As(authErr, &bannerErr) {
+			if bannerErr.Message != "" {
+				bannerMsg := &userAuthBannerMsg{
+					Message: bannerErr.Message,
+				}
+				if err := s.transport.writePacket(Marshal(bannerMsg)); err != nil {
+					return nil, err
+				}
+			}
+		}
+
 		if authErr == nil {
 			break userAuthLoop
 		}
 
-		authFailures++
-		if config.MaxAuthTries > 0 && authFailures >= config.MaxAuthTries {
-			// If we have hit the max attempts, don't bother sending the
-			// final SSH_MSG_USERAUTH_FAILURE message, since there are
-			// no more authentication methods which can be attempted,
-			// and this message may cause the client to re-attempt
-			// authentication while we send the disconnect message.
-			// Continue, and trigger the disconnect at the start of
-			// the loop.
-			//
-			// The SSH specification is somewhat confusing about this,
-			// RFC 4252 Section 5.1 requires each authentication failure
-			// be responded to with a respective SSH_MSG_USERAUTH_FAILURE
-			// message, but Section 4 says the server should disconnect
-			// after some number of attempts, but it isn't explicit which
-			// message should take precedence (i.e. should there be a failure
-			// message than a disconnect message, or if we are going to
-			// disconnect, should we only send that message.)
-			//
-			// Either way, OpenSSH disconnects immediately after the last
-			// failed authnetication attempt, and given they are typically
-			// considered the golden implementation it seems reasonable
-			// to match that behavior.
-			continue
+		var failureMsg userAuthFailureMsg
+
+		if partialSuccess, ok := authErr.(*PartialSuccessError); ok {
+			// After a partial success error we don't allow changing the user
+			// name and execute the NoClientAuthCallback.
+			partialSuccessReturned = true
+
+			// In case a partial success is returned, the server may send
+			// a new set of authentication methods.
+			authConfig = partialSuccess.Next
+
+			// Reset pubkey cache, as the new PublicKeyCallback might
+			// accept a different set of public keys.
+			cache = pubKeyCache{}
+
+			// Send back a partial success message to the user.
+			failureMsg.PartialSuccess = true
+		} else {
+			// Allow initial attempt of 'none' without penalty.
+			if authFailures > 0 || userAuthReq.Method != "none" || noneAuthCount != 1 {
+				authFailures++
+			}
+			if config.MaxAuthTries > 0 && authFailures >= config.MaxAuthTries {
+				// If we have hit the max attempts, don't bother sending the
+				// final SSH_MSG_USERAUTH_FAILURE message, since there are
+				// no more authentication methods which can be attempted,
+				// and this message may cause the client to re-attempt
+				// authentication while we send the disconnect message.
+				// Continue, and trigger the disconnect at the start of
+				// the loop.
+				//
+				// The SSH specification is somewhat confusing about this,
+				// RFC 4252 Section 5.1 requires each authentication failure
+				// be responded to with a respective SSH_MSG_USERAUTH_FAILURE
+				// message, but Section 4 says the server should disconnect
+				// after some number of attempts, but it isn't explicit which
+				// message should take precedence (i.e. should there be a failure
+				// message than a disconnect message, or if we are going to
+				// disconnect, should we only send that message.)
+				//
+				// Either way, OpenSSH disconnects immediately after the last
+				// failed authentication attempt, and given they are typically
+				// considered the golden implementation it seems reasonable
+				// to match that behavior.
+				continue
+			}
 		}
 
-		var failureMsg userAuthFailureMsg
-		if config.PasswordCallback != nil {
+		if authConfig.PasswordCallback != nil {
 			failureMsg.Methods = append(failureMsg.Methods, "password")
 		}
-		if config.PublicKeyCallback != nil {
+		if authConfig.PublicKeyCallback != nil {
 			failureMsg.Methods = append(failureMsg.Methods, "publickey")
 		}
-		if config.KeyboardInteractiveCallback != nil {
+		if authConfig.KeyboardInteractiveCallback != nil {
 			failureMsg.Methods = append(failureMsg.Methods, "keyboard-interactive")
 		}
-		if config.GSSAPIWithMICConfig != nil && config.GSSAPIWithMICConfig.Server != nil &&
-			config.GSSAPIWithMICConfig.AllowLogin != nil {
+		if authConfig.GSSAPIWithMICConfig != nil && authConfig.GSSAPIWithMICConfig.Server != nil &&
+			authConfig.GSSAPIWithMICConfig.AllowLogin != nil {
 			failureMsg.Methods = append(failureMsg.Methods, "gssapi-with-mic")
 		}
 
 		if len(failureMsg.Methods) == 0 {
-			return nil, errors.New("ssh: no authentication methods configured but NoClientAuth is also false")
+			return nil, errors.New("ssh: no authentication methods available")
 		}
 
 		if err := s.transport.writePacket(Marshal(&failureMsg)); err != nil {
diff --git a/vendor/golang.org/x/net/LICENSE b/vendor/golang.org/x/net/LICENSE
index 6a66aea5e..2a7cf70da 100644
--- a/vendor/golang.org/x/net/LICENSE
+++ b/vendor/golang.org/x/net/LICENSE
@@ -1,4 +1,4 @@
-Copyright (c) 2009 The Go Authors. All rights reserved.
+Copyright 2009 The Go Authors.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
-   * Neither the name of Google Inc. nor the names of its
+   * Neither the name of Google LLC nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 
diff --git a/vendor/golang.org/x/sys/LICENSE b/vendor/golang.org/x/sys/LICENSE
index 6a66aea5e..2a7cf70da 100644
--- a/vendor/golang.org/x/sys/LICENSE
+++ b/vendor/golang.org/x/sys/LICENSE
@@ -1,4 +1,4 @@
-Copyright (c) 2009 The Go Authors. All rights reserved.
+Copyright 2009 The Go Authors.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
-   * Neither the name of Google Inc. nor the names of its
+   * Neither the name of Google LLC nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 
diff --git a/vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s b/vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s
new file mode 100644
index 000000000..ec2acfe54
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s
@@ -0,0 +1,17 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin && amd64 && gc
+
+#include "textflag.h"
+
+TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_sysctl(SB)
+GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
+DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
+
+TEXT libc_sysctlbyname_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_sysctlbyname(SB)
+GLOBL	·libc_sysctlbyname_trampoline_addr(SB), RODATA, $8
+DATA	·libc_sysctlbyname_trampoline_addr(SB)/8, $libc_sysctlbyname_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/cpu/cpu.go b/vendor/golang.org/x/sys/cpu/cpu.go
index 4756ad5f7..02609d5b2 100644
--- a/vendor/golang.org/x/sys/cpu/cpu.go
+++ b/vendor/golang.org/x/sys/cpu/cpu.go
@@ -103,7 +103,10 @@ var ARM64 struct {
 	HasASIMDDP  bool // Advanced SIMD double precision instruction set
 	HasSHA512   bool // SHA512 hardware implementation
 	HasSVE      bool // Scalable Vector Extensions
+	HasSVE2     bool // Scalable Vector Extensions 2
 	HasASIMDFHM bool // Advanced SIMD multiplication FP16 to FP32
+	HasDIT      bool // Data Independent Timing support
+	HasI8MM     bool // Advanced SIMD Int8 matrix multiplication instructions
 	_           CacheLinePad
 }
 
@@ -198,6 +201,25 @@ var S390X struct {
 	_         CacheLinePad
 }
 
+// RISCV64 contains the supported CPU features and performance characteristics for riscv64
+// platforms. The booleans in RISCV64, with the exception of HasFastMisaligned, indicate
+// the presence of RISC-V extensions.
+//
+// It is safe to assume that all the RV64G extensions are supported and so they are omitted from
+// this structure. As riscv64 Go programs require at least RV64G, the code that populates
+// this structure cannot run successfully if some of the RV64G extensions are missing.
+// The struct is padded to avoid false sharing.
+var RISCV64 struct {
+	_                 CacheLinePad
+	HasFastMisaligned bool // Fast misaligned accesses
+	HasC              bool // Compressed instruction-set extension
+	HasV              bool // Vector extension compatible with RVV 1.0
+	HasZba            bool // Address generation instructions extension
+	HasZbb            bool // Basic bit-manipulation extension
+	HasZbs            bool // Single-bit instructions extension
+	_                 CacheLinePad
+}
+
 func init() {
 	archInit()
 	initOptions()
diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_arm64.go
index f3eb993bf..af2aa99f9 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.go
@@ -28,6 +28,7 @@ func initOptions() {
 		{Name: "sm3", Feature: &ARM64.HasSM3},
 		{Name: "sm4", Feature: &ARM64.HasSM4},
 		{Name: "sve", Feature: &ARM64.HasSVE},
+		{Name: "sve2", Feature: &ARM64.HasSVE2},
 		{Name: "crc32", Feature: &ARM64.HasCRC32},
 		{Name: "atomics", Feature: &ARM64.HasATOMICS},
 		{Name: "asimdhp", Feature: &ARM64.HasASIMDHP},
@@ -37,6 +38,8 @@ func initOptions() {
 		{Name: "dcpop", Feature: &ARM64.HasDCPOP},
 		{Name: "asimddp", Feature: &ARM64.HasASIMDDP},
 		{Name: "asimdfhm", Feature: &ARM64.HasASIMDFHM},
+		{Name: "dit", Feature: &ARM64.HasDIT},
+		{Name: "i8mm", Feature: &ARM64.HasI8MM},
 	}
 }
 
@@ -144,6 +147,11 @@ func parseARM64SystemRegisters(isar0, isar1, pfr0 uint64) {
 		ARM64.HasLRCPC = true
 	}
 
+	switch extractBits(isar1, 52, 55) {
+	case 1:
+		ARM64.HasI8MM = true
+	}
+
 	// ID_AA64PFR0_EL1
 	switch extractBits(pfr0, 16, 19) {
 	case 0:
@@ -164,6 +172,20 @@ func parseARM64SystemRegisters(isar0, isar1, pfr0 uint64) {
 	switch extractBits(pfr0, 32, 35) {
 	case 1:
 		ARM64.HasSVE = true
+
+		parseARM64SVERegister(getzfr0())
+	}
+
+	switch extractBits(pfr0, 48, 51) {
+	case 1:
+		ARM64.HasDIT = true
+	}
+}
+
+func parseARM64SVERegister(zfr0 uint64) {
+	switch extractBits(zfr0, 0, 3) {
+	case 1:
+		ARM64.HasSVE2 = true
 	}
 }
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.s b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
index fcb9a3888..22cc99844 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_arm64.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
@@ -29,3 +29,11 @@ TEXT ·getpfr0(SB),NOSPLIT,$0-8
 	WORD	$0xd5380400
 	MOVD	R0, ret+0(FP)
 	RET
+
+// func getzfr0() uint64
+TEXT ·getzfr0(SB),NOSPLIT,$0-8
+	// get SVE Feature Register 0 into x0
+	// mrs	x0, ID_AA64ZFR0_EL1 = d5380480
+	WORD $0xd5380480
+	MOVD	R0, ret+0(FP)
+	RET
diff --git a/vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go b/vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go
new file mode 100644
index 000000000..b838cb9e9
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go
@@ -0,0 +1,61 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build darwin && amd64 && gc
+
+package cpu
+
+// darwinSupportsAVX512 checks Darwin kernel for AVX512 support via sysctl
+// call (see issue 43089). It also restricts AVX512 support for Darwin to
+// kernel version 21.3.0 (MacOS 12.2.0) or later (see issue 49233).
+//
+// Background:
+// Darwin implements a special mechanism to economize on thread state when
+// AVX512 specific registers are not in use. This scheme minimizes state when
+// preempting threads that haven't yet used any AVX512 instructions, but adds
+// special requirements to check for AVX512 hardware support at runtime (e.g.
+// via sysctl call or commpage inspection). See issue 43089 and link below for
+// full background:
+// https://github.com/apple-oss-distributions/xnu/blob/xnu-11215.1.10/osfmk/i386/fpu.c#L214-L240
+//
+// Additionally, all versions of the Darwin kernel from 19.6.0 through 21.2.0
+// (corresponding to MacOS 10.15.6 - 12.1) have a bug that can cause corruption
+// of the AVX512 mask registers (K0-K7) upon signal return. For this reason
+// AVX512 is considered unsafe to use on Darwin for kernel versions prior to
+// 21.3.0, where a fix has been confirmed. See issue 49233 for full background.
+func darwinSupportsAVX512() bool {
+	return darwinSysctlEnabled([]byte("hw.optional.avx512f\x00")) && darwinKernelVersionCheck(21, 3, 0)
+}
+
+// Ensure Darwin kernel version is at least major.minor.patch, avoiding dependencies
+func darwinKernelVersionCheck(major, minor, patch int) bool {
+	var release [256]byte
+	err := darwinOSRelease(&release)
+	if err != nil {
+		return false
+	}
+
+	var mmp [3]int
+	c := 0
+Loop:
+	for _, b := range release[:] {
+		switch {
+		case b >= '0' && b <= '9':
+			mmp[c] = 10*mmp[c] + int(b-'0')
+		case b == '.':
+			c++
+			if c > 2 {
+				return false
+			}
+		case b == 0:
+			break Loop
+		default:
+			return false
+		}
+	}
+	if c != 2 {
+		return false
+	}
+	return mmp[0] > major || mmp[0] == major && (mmp[1] > minor || mmp[1] == minor && mmp[2] >= patch)
+}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
index a8acd3e32..6ac6e1efb 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
@@ -9,3 +9,4 @@ package cpu
 func getisar0() uint64
 func getisar1() uint64
 func getpfr0() uint64
+func getzfr0() uint64
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
index 910728fb1..32a44514e 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
@@ -6,10 +6,10 @@
 
 package cpu
 
-// cpuid is implemented in cpu_x86.s for gc compiler
+// cpuid is implemented in cpu_gc_x86.s for gc compiler
 // and in cpu_gccgo.c for gccgo.
 func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32)
 
-// xgetbv with ecx = 0 is implemented in cpu_x86.s for gc compiler
+// xgetbv with ecx = 0 is implemented in cpu_gc_x86.s for gc compiler
 // and in cpu_gccgo.c for gccgo.
 func xgetbv() (eax, edx uint32)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.s b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.s
similarity index 94%
rename from vendor/golang.org/x/sys/cpu/cpu_x86.s
rename to vendor/golang.org/x/sys/cpu/cpu_gc_x86.s
index 7d7ba33ef..ce208ce6d 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.s
@@ -18,7 +18,7 @@ TEXT ·cpuid(SB), NOSPLIT, $0-24
 	RET
 
 // func xgetbv() (eax, edx uint32)
-TEXT ·xgetbv(SB),NOSPLIT,$0-8
+TEXT ·xgetbv(SB), NOSPLIT, $0-8
 	MOVL $0, CX
 	XGETBV
 	MOVL AX, eax+0(FP)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
index 99c60fe9f..170d21ddf 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
@@ -23,9 +23,3 @@ func xgetbv() (eax, edx uint32) {
 	gccgoXgetbv(&a, &d)
 	return a, d
 }
-
-// gccgo doesn't build on Darwin, per:
-// https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/gcc.rb#L76
-func darwinSupportsAVX512() bool {
-	return false
-}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go
index a968b80fa..f1caf0f78 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go
@@ -35,6 +35,10 @@ const (
 	hwcap_SHA512   = 1 << 21
 	hwcap_SVE      = 1 << 22
 	hwcap_ASIMDFHM = 1 << 23
+	hwcap_DIT      = 1 << 24
+
+	hwcap2_SVE2 = 1 << 1
+	hwcap2_I8MM = 1 << 13
 )
 
 // linuxKernelCanEmulateCPUID reports whether we're running
@@ -104,6 +108,11 @@ func doinit() {
 	ARM64.HasSHA512 = isSet(hwCap, hwcap_SHA512)
 	ARM64.HasSVE = isSet(hwCap, hwcap_SVE)
 	ARM64.HasASIMDFHM = isSet(hwCap, hwcap_ASIMDFHM)
+	ARM64.HasDIT = isSet(hwCap, hwcap_DIT)
+
+	// HWCAP2 feature bits
+	ARM64.HasSVE2 = isSet(hwCap2, hwcap2_SVE2)
+	ARM64.HasI8MM = isSet(hwCap2, hwcap2_I8MM)
 }
 
 func isSet(hwc uint, value uint) bool {
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go b/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
index cd63e7335..7d902b684 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build linux && !arm && !arm64 && !mips64 && !mips64le && !ppc64 && !ppc64le && !s390x
+//go:build linux && !arm && !arm64 && !mips64 && !mips64le && !ppc64 && !ppc64le && !s390x && !riscv64
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.go b/vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.go
new file mode 100644
index 000000000..cb4a0c572
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.go
@@ -0,0 +1,137 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package cpu
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+// RISC-V extension discovery code for Linux. The approach here is to first try the riscv_hwprobe
+// syscall falling back to HWCAP to check for the C extension if riscv_hwprobe is not available.
+//
+// A note on detection of the Vector extension using HWCAP.
+//
+// Support for the Vector extension version 1.0 was added to the Linux kernel in release 6.5.
+// Support for the riscv_hwprobe syscall was added in 6.4. It follows that if the riscv_hwprobe
+// syscall is not available then neither is the Vector extension (which needs kernel support).
+// The riscv_hwprobe syscall should then be all we need to detect the Vector extension.
+// However, some RISC-V board manufacturers ship boards with an older kernel on top of which
+// they have back-ported various versions of the Vector extension patches but not the riscv_hwprobe
+// patches. These kernels advertise support for the Vector extension using HWCAP. Falling
+// back to HWCAP to detect the Vector extension, if riscv_hwprobe is not available, or simply not
+// bothering with riscv_hwprobe at all and just using HWCAP may then seem like an attractive option.
+//
+// Unfortunately, simply checking the 'V' bit in AT_HWCAP will not work as this bit is used by
+// RISC-V board and cloud instance providers to mean different things. The Lichee Pi 4A board
+// and the Scaleway RV1 cloud instances use the 'V' bit to advertise their support for the unratified
+// 0.7.1 version of the Vector Specification. The Banana Pi BPI-F3 and the CanMV-K230 board use
+// it to advertise support for 1.0 of the Vector extension. Versions 0.7.1 and 1.0 of the Vector
+// extension are binary incompatible. HWCAP can then not be used in isolation to populate the
+// HasV field as this field indicates that the underlying CPU is compatible with RVV 1.0.
+//
+// There is a way at runtime to distinguish between versions 0.7.1 and 1.0 of the Vector
+// specification by issuing a RVV 1.0 vsetvli instruction and checking the vill bit of the vtype
+// register. This check would allow us to safely detect version 1.0 of the Vector extension
+// with HWCAP, if riscv_hwprobe were not available. However, the check cannot
+// be added until the assembler supports the Vector instructions.
+//
+// Note the riscv_hwprobe syscall does not suffer from these ambiguities by design as all of the
+// extensions it advertises support for are explicitly versioned. It's also worth noting that
+// the riscv_hwprobe syscall is the only way to detect multi-letter RISC-V extensions, e.g., Zba.
+// These cannot be detected using HWCAP and so riscv_hwprobe must be used to detect the majority
+// of RISC-V extensions.
+//
+// Please see https://docs.kernel.org/arch/riscv/hwprobe.html for more information.
+
+// golang.org/x/sys/cpu is not allowed to depend on golang.org/x/sys/unix so we must
+// reproduce the constants, types and functions needed to make the riscv_hwprobe syscall
+// here.
+
+const (
+	// Copied from golang.org/x/sys/unix/ztypes_linux_riscv64.go.
+	riscv_HWPROBE_KEY_IMA_EXT_0   = 0x4
+	riscv_HWPROBE_IMA_C           = 0x2
+	riscv_HWPROBE_IMA_V           = 0x4
+	riscv_HWPROBE_EXT_ZBA         = 0x8
+	riscv_HWPROBE_EXT_ZBB         = 0x10
+	riscv_HWPROBE_EXT_ZBS         = 0x20
+	riscv_HWPROBE_KEY_CPUPERF_0   = 0x5
+	riscv_HWPROBE_MISALIGNED_FAST = 0x3
+	riscv_HWPROBE_MISALIGNED_MASK = 0x7
+)
+
+const (
+	// sys_RISCV_HWPROBE is copied from golang.org/x/sys/unix/zsysnum_linux_riscv64.go.
+	sys_RISCV_HWPROBE = 258
+)
+
+// riscvHWProbePairs is copied from golang.org/x/sys/unix/ztypes_linux_riscv64.go.
+type riscvHWProbePairs struct {
+	key   int64
+	value uint64
+}
+
+const (
+	// CPU features
+	hwcap_RISCV_ISA_C = 1 << ('C' - 'A')
+)
+
+func doinit() {
+	// A slice of key/value pair structures is passed to the RISCVHWProbe syscall. The key
+	// field should be initialised with one of the key constants defined above, e.g.,
+	// RISCV_HWPROBE_KEY_IMA_EXT_0. The syscall will set the value field to the appropriate value.
+	// If the kernel does not recognise a key it will set the key field to -1 and the value field to 0.
+
+	pairs := []riscvHWProbePairs{
+		{riscv_HWPROBE_KEY_IMA_EXT_0, 0},
+		{riscv_HWPROBE_KEY_CPUPERF_0, 0},
+	}
+
+	// This call only indicates that extensions are supported if they are implemented on all cores.
+	if riscvHWProbe(pairs, 0) {
+		if pairs[0].key != -1 {
+			v := uint(pairs[0].value)
+			RISCV64.HasC = isSet(v, riscv_HWPROBE_IMA_C)
+			RISCV64.HasV = isSet(v, riscv_HWPROBE_IMA_V)
+			RISCV64.HasZba = isSet(v, riscv_HWPROBE_EXT_ZBA)
+			RISCV64.HasZbb = isSet(v, riscv_HWPROBE_EXT_ZBB)
+			RISCV64.HasZbs = isSet(v, riscv_HWPROBE_EXT_ZBS)
+		}
+		if pairs[1].key != -1 {
+			v := pairs[1].value & riscv_HWPROBE_MISALIGNED_MASK
+			RISCV64.HasFastMisaligned = v == riscv_HWPROBE_MISALIGNED_FAST
+		}
+	}
+
+	// Let's double check with HWCAP if the C extension does not appear to be supported.
+	// This may happen if we're running on a kernel older than 6.4.
+
+	if !RISCV64.HasC {
+		RISCV64.HasC = isSet(hwCap, hwcap_RISCV_ISA_C)
+	}
+}
+
+func isSet(hwc uint, value uint) bool {
+	return hwc&value != 0
+}
+
+// riscvHWProbe is a simplified version of the generated wrapper function found in
+// golang.org/x/sys/unix/zsyscall_linux_riscv64.go. We simplify it by removing the
+// cpuCount and cpus parameters which we do not need. We always want to pass 0 for
+// these parameters here so the kernel only reports the extensions that are present
+// on all cores.
+func riscvHWProbe(pairs []riscvHWProbePairs, flags uint) bool {
+	var _zero uintptr
+	var p0 unsafe.Pointer
+	if len(pairs) > 0 {
+		p0 = unsafe.Pointer(&pairs[0])
+	} else {
+		p0 = unsafe.Pointer(&_zero)
+	}
+
+	_, _, e1 := syscall.Syscall6(sys_RISCV_HWPROBE, uintptr(p0), uintptr(len(pairs)), uintptr(0), uintptr(0), uintptr(flags), 0)
+	return e1 == 0
+}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_x86.go b/vendor/golang.org/x/sys/cpu/cpu_other_x86.go
new file mode 100644
index 000000000..a0fd7e2f7
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/cpu_other_x86.go
@@ -0,0 +1,11 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build 386 || amd64p32 || (amd64 && (!darwin || !gc))
+
+package cpu
+
+func darwinSupportsAVX512() bool {
+	panic("only implemented for gc && amd64 && darwin")
+}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
index 7f0c79c00..aca3199c9 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
@@ -8,4 +8,13 @@ package cpu
 
 const cacheLineSize = 64
 
-func initOptions() {}
+func initOptions() {
+	options = []option{
+		{Name: "fastmisaligned", Feature: &RISCV64.HasFastMisaligned},
+		{Name: "c", Feature: &RISCV64.HasC},
+		{Name: "v", Feature: &RISCV64.HasV},
+		{Name: "zba", Feature: &RISCV64.HasZba},
+		{Name: "zbb", Feature: &RISCV64.HasZbb},
+		{Name: "zbs", Feature: &RISCV64.HasZbs},
+	}
+}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.go b/vendor/golang.org/x/sys/cpu/cpu_x86.go
index c29f5e4c5..600a68078 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.go
@@ -92,10 +92,8 @@ func archInit() {
 		osSupportsAVX = isSet(1, eax) && isSet(2, eax)
 
 		if runtime.GOOS == "darwin" {
-			// Darwin doesn't save/restore AVX-512 mask registers correctly across signal handlers.
-			// Since users can't rely on mask register contents, let's not advertise AVX-512 support.
-			// See issue 49233.
-			osSupportsAVX512 = false
+			// Darwin requires special AVX512 checks, see cpu_darwin_x86.go
+			osSupportsAVX512 = osSupportsAVX && darwinSupportsAVX512()
 		} else {
 			// Check if OPMASK and ZMM registers have OS support.
 			osSupportsAVX512 = osSupportsAVX && isSet(5, eax) && isSet(6, eax) && isSet(7, eax)
diff --git a/vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go b/vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go
new file mode 100644
index 000000000..4d0888b0c
--- /dev/null
+++ b/vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go
@@ -0,0 +1,98 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Minimal copy of x/sys/unix so the cpu package can make a
+// system call on Darwin without depending on x/sys/unix.
+
+//go:build darwin && amd64 && gc
+
+package cpu
+
+import (
+	"syscall"
+	"unsafe"
+)
+
+type _C_int int32
+
+// adapted from unix.Uname() at x/sys/unix/syscall_darwin.go L419
+func darwinOSRelease(release *[256]byte) error {
+	// from x/sys/unix/zerrors_openbsd_amd64.go
+	const (
+		CTL_KERN       = 0x1
+		KERN_OSRELEASE = 0x2
+	)
+
+	mib := []_C_int{CTL_KERN, KERN_OSRELEASE}
+	n := unsafe.Sizeof(*release)
+
+	return sysctl(mib, &release[0], &n, nil, 0)
+}
+
+type Errno = syscall.Errno
+
+var _zero uintptr // Single-word zero for use when we need a valid pointer to 0 bytes.
+
+// from x/sys/unix/zsyscall_darwin_amd64.go L791-807
+func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) error {
+	var _p0 unsafe.Pointer
+	if len(mib) > 0 {
+		_p0 = unsafe.Pointer(&mib[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	if _, _, err := syscall_syscall6(
+		libc_sysctl_trampoline_addr,
+		uintptr(_p0),
+		uintptr(len(mib)),
+		uintptr(unsafe.Pointer(old)),
+		uintptr(unsafe.Pointer(oldlen)),
+		uintptr(unsafe.Pointer(new)),
+		uintptr(newlen),
+	); err != 0 {
+		return err
+	}
+
+	return nil
+}
+
+var libc_sysctl_trampoline_addr uintptr
+
+// adapted from internal/cpu/cpu_arm64_darwin.go
+func darwinSysctlEnabled(name []byte) bool {
+	out := int32(0)
+	nout := unsafe.Sizeof(out)
+	if ret := sysctlbyname(&name[0], (*byte)(unsafe.Pointer(&out)), &nout, nil, 0); ret != nil {
+		return false
+	}
+	return out > 0
+}
+
+//go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib"
+
+var libc_sysctlbyname_trampoline_addr uintptr
+
+// adapted from runtime/sys_darwin.go in the pattern of sysctl() above, as defined in x/sys/unix
+func sysctlbyname(name *byte, old *byte, oldlen *uintptr, new *byte, newlen uintptr) error {
+	if _, _, err := syscall_syscall6(
+		libc_sysctlbyname_trampoline_addr,
+		uintptr(unsafe.Pointer(name)),
+		uintptr(unsafe.Pointer(old)),
+		uintptr(unsafe.Pointer(oldlen)),
+		uintptr(unsafe.Pointer(new)),
+		uintptr(newlen),
+		0,
+	); err != 0 {
+		return err
+	}
+
+	return nil
+}
+
+//go:cgo_import_dynamic libc_sysctlbyname sysctlbyname "/usr/lib/libSystem.B.dylib"
+
+// Implemented in the runtime package (runtime/sys_darwin.go)
+func syscall_syscall6(fn, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
+
+//go:linkname syscall_syscall6 syscall.syscall6
diff --git a/vendor/golang.org/x/sys/unix/README.md b/vendor/golang.org/x/sys/unix/README.md
index 7d3c060e1..6e08a76a7 100644
--- a/vendor/golang.org/x/sys/unix/README.md
+++ b/vendor/golang.org/x/sys/unix/README.md
@@ -156,7 +156,7 @@ from the generated architecture-specific files listed below, and merge these
 into a common file for each OS.
 
 The merge is performed in the following steps:
-1. Construct the set of common code that is idential in all architecture-specific files.
+1. Construct the set of common code that is identical in all architecture-specific files.
 2. Write this common code to the merged file.
 3. Remove the common code from all architecture-specific files.
 
diff --git a/vendor/golang.org/x/sys/unix/asm_zos_s390x.s b/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
index 2f67ba86d..813dfad7d 100644
--- a/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
+++ b/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
@@ -9,9 +9,11 @@
 #define PSALAA            1208(R0)
 #define GTAB64(x)           80(x)
 #define LCA64(x)            88(x)
+#define SAVSTACK_ASYNC(x)  336(x) // in the LCA
 #define CAA(x)               8(x)
-#define EDCHPXV(x)        1016(x)       // in the CAA
-#define SAVSTACK_ASYNC(x)  336(x)       // in the LCA
+#define CEECAATHDID(x)     976(x) // in the CAA
+#define EDCHPXV(x)        1016(x) // in the CAA
+#define GOCB(x)           1104(x) // in the CAA
 
 // SS_*, where x=SAVSTACK_ASYNC
 #define SS_LE(x)             0(x)
@@ -19,405 +21,362 @@
 #define SS_ERRNO(x)         16(x)
 #define SS_ERRNOJR(x)       20(x)
 
-#define LE_CALL BYTE $0x0D; BYTE $0x76; // BL R7, R6
+// Function Descriptor Offsets
+#define __errno  0x156*16
+#define __err2ad 0x16C*16
 
-TEXT ·clearErrno(SB),NOSPLIT,$0-0
-	BL	addrerrno<>(SB)
-	MOVD	$0, 0(R3)
+// Call Instructions
+#define LE_CALL    BYTE $0x0D; BYTE $0x76 // BL R7, R6
+#define SVC_LOAD   BYTE $0x0A; BYTE $0x08 // SVC 08 LOAD
+#define SVC_DELETE BYTE $0x0A; BYTE $0x09 // SVC 09 DELETE
+
+DATA zosLibVec<>(SB)/8, $0
+GLOBL zosLibVec<>(SB), NOPTR, $8
+
+TEXT ·initZosLibVec(SB), NOSPLIT|NOFRAME, $0-0
+	MOVW PSALAA, R8
+	MOVD LCA64(R8), R8
+	MOVD CAA(R8), R8
+	MOVD EDCHPXV(R8), R8
+	MOVD R8, zosLibVec<>(SB)
+	RET
+
+TEXT ·GetZosLibVec(SB), NOSPLIT|NOFRAME, $0-0
+	MOVD zosLibVec<>(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·clearErrno(SB), NOSPLIT, $0-0
+	BL   addrerrno<>(SB)
+	MOVD $0, 0(R3)
 	RET
 
 // Returns the address of errno in R3.
-TEXT addrerrno<>(SB),NOSPLIT|NOFRAME,$0-0
+TEXT addrerrno<>(SB), NOSPLIT|NOFRAME, $0-0
 	// Get library control area (LCA).
-	MOVW	PSALAA, R8
-	MOVD	LCA64(R8), R8
+	MOVW PSALAA, R8
+	MOVD LCA64(R8), R8
 
 	// Get __errno FuncDesc.
-	MOVD	CAA(R8), R9
-	MOVD	EDCHPXV(R9), R9
-	ADD	$(0x156*16), R9
-	LMG	0(R9), R5, R6
+	MOVD CAA(R8), R9
+	MOVD EDCHPXV(R9), R9
+	ADD  $(__errno), R9
+	LMG  0(R9), R5, R6
 
 	// Switch to saved LE stack.
-	MOVD	SAVSTACK_ASYNC(R8), R9
-	MOVD	0(R9), R4
-	MOVD	$0, 0(R9)
+	MOVD SAVSTACK_ASYNC(R8), R9
+	MOVD 0(R9), R4
+	MOVD $0, 0(R9)
 
 	// Call __errno function.
 	LE_CALL
 	NOPH
 
 	// Switch back to Go stack.
-	XOR	R0, R0      // Restore R0 to $0.
-	MOVD	R4, 0(R9)   // Save stack pointer.
+	XOR  R0, R0    // Restore R0 to $0.
+	MOVD R4, 0(R9) // Save stack pointer.
 	RET
 
-TEXT ·syscall_syscall(SB),NOSPLIT,$0-56
-	BL	runtime·entersyscall(SB)
-	MOVD	a1+8(FP), R1
-	MOVD	a2+16(FP), R2
-	MOVD	a3+24(FP), R3
+// func svcCall(fnptr unsafe.Pointer, argv *unsafe.Pointer, dsa *uint64)
+TEXT ·svcCall(SB), NOSPLIT, $0
+	BL   runtime·save_g(SB)     // Save g and stack pointer
+	MOVW PSALAA, R8
+	MOVD LCA64(R8), R8
+	MOVD SAVSTACK_ASYNC(R8), R9
+	MOVD R15, 0(R9)
 
-	// Get library control area (LCA).
-	MOVW	PSALAA, R8
-	MOVD	LCA64(R8), R8
+	MOVD argv+8(FP), R1   // Move function arguments into registers
+	MOVD dsa+16(FP), g
+	MOVD fnptr+0(FP), R15
 
-	// Get function.
-	MOVD	CAA(R8), R9
-	MOVD	EDCHPXV(R9), R9
-	MOVD	trap+0(FP), R5
-	SLD	$4, R5
-	ADD	R5, R9
-	LMG	0(R9), R5, R6
+	BYTE $0x0D // Branch to function
+	BYTE $0xEF
 
-	// Restore LE stack.
-	MOVD	SAVSTACK_ASYNC(R8), R9
-	MOVD	0(R9), R4
-	MOVD	$0, 0(R9)
+	BL   runtime·load_g(SB)     // Restore g and stack pointer
+	MOVW PSALAA, R8
+	MOVD LCA64(R8), R8
+	MOVD SAVSTACK_ASYNC(R8), R9
+	MOVD 0(R9), R15
 
-	// Call function.
-	LE_CALL
-	NOPH
-	XOR	R0, R0      // Restore R0 to $0.
-	MOVD	R4, 0(R9)   // Save stack pointer.
-
-	MOVD	R3, r1+32(FP)
-	MOVD	R0, r2+40(FP)
-	MOVD	R0, err+48(FP)
-	MOVW	R3, R4
-	CMP	R4, $-1
-	BNE	done
-	BL	addrerrno<>(SB)
-	MOVWZ	0(R3), R3
-	MOVD	R3, err+48(FP)
-done:
-	BL	runtime·exitsyscall(SB)
 	RET
 
-TEXT ·syscall_rawsyscall(SB),NOSPLIT,$0-56
-	MOVD	a1+8(FP), R1
-	MOVD	a2+16(FP), R2
-	MOVD	a3+24(FP), R3
-
-	// Get library control area (LCA).
-	MOVW	PSALAA, R8
-	MOVD	LCA64(R8), R8
-
-	// Get function.
-	MOVD	CAA(R8), R9
-	MOVD	EDCHPXV(R9), R9
-	MOVD	trap+0(FP), R5
-	SLD	$4, R5
-	ADD	R5, R9
-	LMG	0(R9), R5, R6
+// func svcLoad(name *byte) unsafe.Pointer
+TEXT ·svcLoad(SB), NOSPLIT, $0
+	MOVD R15, R2         // Save go stack pointer
+	MOVD name+0(FP), R0  // Move SVC args into registers
+	MOVD $0x80000000, R1
+	MOVD $0, R15
+	SVC_LOAD
+	MOVW R15, R3         // Save return code from SVC
+	MOVD R2, R15         // Restore go stack pointer
+	CMP  R3, $0          // Check SVC return code
+	BNE  error
+
+	MOVD $-2, R3       // Reset last bit of entry point to zero
+	AND  R0, R3
+	MOVD R3, ret+8(FP) // Return entry point returned by SVC
+	CMP  R0, R3        // Check if last bit of entry point was set
+	BNE  done
+
+	MOVD R15, R2 // Save go stack pointer
+	MOVD $0, R15 // Move SVC args into registers (entry point still in r0 from SVC 08)
+	SVC_DELETE
+	MOVD R2, R15 // Restore go stack pointer
 
-	// Restore LE stack.
-	MOVD	SAVSTACK_ASYNC(R8), R9
-	MOVD	0(R9), R4
-	MOVD	$0, 0(R9)
+error:
+	MOVD $0, ret+8(FP) // Return 0 on failure
 
-	// Call function.
-	LE_CALL
-	NOPH
-	XOR	R0, R0      // Restore R0 to $0.
-	MOVD	R4, 0(R9)   // Save stack pointer.
-
-	MOVD	R3, r1+32(FP)
-	MOVD	R0, r2+40(FP)
-	MOVD	R0, err+48(FP)
-	MOVW	R3, R4
-	CMP	R4, $-1
-	BNE	done
-	BL	addrerrno<>(SB)
-	MOVWZ	0(R3), R3
-	MOVD	R3, err+48(FP)
 done:
+	XOR R0, R0 // Reset r0 to 0
 	RET
 
-TEXT ·syscall_syscall6(SB),NOSPLIT,$0-80
-	BL	runtime·entersyscall(SB)
-	MOVD	a1+8(FP), R1
-	MOVD	a2+16(FP), R2
-	MOVD	a3+24(FP), R3
+// func svcUnload(name *byte, fnptr unsafe.Pointer) int64
+TEXT ·svcUnload(SB), NOSPLIT, $0
+	MOVD R15, R2          // Save go stack pointer
+	MOVD name+0(FP), R0   // Move SVC args into registers
+	MOVD fnptr+8(FP), R15
+	SVC_DELETE
+	XOR  R0, R0           // Reset r0 to 0
+	MOVD R15, R1          // Save SVC return code
+	MOVD R2, R15          // Restore go stack pointer
+	MOVD R1, ret+16(FP)   // Return SVC return code
+	RET
 
+// func gettid() uint64
+TEXT ·gettid(SB), NOSPLIT, $0
 	// Get library control area (LCA).
-	MOVW	PSALAA, R8
-	MOVD	LCA64(R8), R8
+	MOVW PSALAA, R8
+	MOVD LCA64(R8), R8
 
-	// Get function.
-	MOVD	CAA(R8), R9
-	MOVD	EDCHPXV(R9), R9
-	MOVD	trap+0(FP), R5
-	SLD	$4, R5
-	ADD	R5, R9
-	LMG	0(R9), R5, R6
+	// Get CEECAATHDID
+	MOVD CAA(R8), R9
+	MOVD CEECAATHDID(R9), R9
+	MOVD R9, ret+0(FP)
 
-	// Restore LE stack.
-	MOVD	SAVSTACK_ASYNC(R8), R9
-	MOVD	0(R9), R4
-	MOVD	$0, 0(R9)
-
-	// Fill in parameter list.
-	MOVD	a4+32(FP), R12
-	MOVD	R12, (2176+24)(R4)
-	MOVD	a5+40(FP), R12
-	MOVD	R12, (2176+32)(R4)
-	MOVD	a6+48(FP), R12
-	MOVD	R12, (2176+40)(R4)
-
-	// Call function.
-	LE_CALL
-	NOPH
-	XOR	R0, R0      // Restore R0 to $0.
-	MOVD	R4, 0(R9)   // Save stack pointer.
-
-	MOVD	R3, r1+56(FP)
-	MOVD	R0, r2+64(FP)
-	MOVD	R0, err+72(FP)
-	MOVW	R3, R4
-	CMP	R4, $-1
-	BNE	done
-	BL	addrerrno<>(SB)
-	MOVWZ	0(R3), R3
-	MOVD	R3, err+72(FP)
-done:
-	BL	runtime·exitsyscall(SB)
 	RET
 
-TEXT ·syscall_rawsyscall6(SB),NOSPLIT,$0-80
-	MOVD	a1+8(FP), R1
-	MOVD	a2+16(FP), R2
-	MOVD	a3+24(FP), R3
-
-	// Get library control area (LCA).
-	MOVW	PSALAA, R8
-	MOVD	LCA64(R8), R8
-
-	// Get function.
-	MOVD	CAA(R8), R9
-	MOVD	EDCHPXV(R9), R9
-	MOVD	trap+0(FP), R5
-	SLD	$4, R5
-	ADD	R5, R9
-	LMG	0(R9), R5, R6
+//
+// Call LE function, if the return is -1
+// errno and errno2 is retrieved
+//
+TEXT ·CallLeFuncWithErr(SB), NOSPLIT, $0
+	MOVW PSALAA, R8
+	MOVD LCA64(R8), R8
+	MOVD CAA(R8), R9
+	MOVD g, GOCB(R9)
 
 	// Restore LE stack.
-	MOVD	SAVSTACK_ASYNC(R8), R9
-	MOVD	0(R9), R4
-	MOVD	$0, 0(R9)
-
-	// Fill in parameter list.
-	MOVD	a4+32(FP), R12
-	MOVD	R12, (2176+24)(R4)
-	MOVD	a5+40(FP), R12
-	MOVD	R12, (2176+32)(R4)
-	MOVD	a6+48(FP), R12
-	MOVD	R12, (2176+40)(R4)
-
-	// Call function.
-	LE_CALL
+	MOVD SAVSTACK_ASYNC(R8), R9 // R9-> LE stack frame saving address
+	MOVD 0(R9), R4              // R4-> restore previously saved stack frame pointer
+
+	MOVD parms_base+8(FP), R7 // R7 -> argument array
+	MOVD parms_len+16(FP), R8 // R8 number of arguments
+
+	//  arg 1 ---> R1
+	CMP  R8, $0
+	BEQ  docall
+	SUB  $1, R8
+	MOVD 0(R7), R1
+
+	//  arg 2 ---> R2
+	CMP  R8, $0
+	BEQ  docall
+	SUB  $1, R8
+	ADD  $8, R7
+	MOVD 0(R7), R2
+
+	//  arg 3 --> R3
+	CMP  R8, $0
+	BEQ  docall
+	SUB  $1, R8
+	ADD  $8, R7
+	MOVD 0(R7), R3
+
+	CMP  R8, $0
+	BEQ  docall
+	MOVD $2176+16, R6 // starting LE stack address-8 to store 4th argument
+
+repeat:
+	ADD  $8, R7
+	MOVD 0(R7), R0      // advance arg pointer by 8 byte
+	ADD  $8, R6         // advance LE argument address by 8 byte
+	MOVD R0, (R4)(R6*1) // copy argument from go-slice to le-frame
+	SUB  $1, R8
+	CMP  R8, $0
+	BNE  repeat
+
+docall:
+	MOVD funcdesc+0(FP), R8 // R8-> function descriptor
+	LMG  0(R8), R5, R6
+	MOVD $0, 0(R9)          // R9 address of SAVSTACK_ASYNC
+	LE_CALL                 // balr R7, R6 (return #1)
+	NOPH
+	MOVD R3, ret+32(FP)
+	CMP  R3, $-1            // compare result to -1
+	BNE  done
+
+	// retrieve errno and errno2
+	MOVD  zosLibVec<>(SB), R8
+	ADD   $(__errno), R8
+	LMG   0(R8), R5, R6
+	LE_CALL                   // balr R7, R6 __errno (return #3)
 	NOPH
-	XOR	R0, R0      // Restore R0 to $0.
-	MOVD	R4, 0(R9)   // Save stack pointer.
-
-	MOVD	R3, r1+56(FP)
-	MOVD	R0, r2+64(FP)
-	MOVD	R0, err+72(FP)
-	MOVW	R3, R4
-	CMP	R4, $-1
-	BNE	done
-	BL	·rrno<>(SB)
-	MOVWZ	0(R3), R3
-	MOVD	R3, err+72(FP)
+	MOVWZ 0(R3), R3
+	MOVD  R3, err+48(FP)
+	MOVD  zosLibVec<>(SB), R8
+	ADD   $(__err2ad), R8
+	LMG   0(R8), R5, R6
+	LE_CALL                   // balr R7, R6 __err2ad (return #2)
+	NOPH
+	MOVW  (R3), R2            // retrieve errno2
+	MOVD  R2, errno2+40(FP)   // store in return area
+
 done:
+	MOVD R4, 0(R9)            // Save stack pointer.
 	RET
 
-TEXT ·syscall_syscall9(SB),NOSPLIT,$0
-	BL	runtime·entersyscall(SB)
-	MOVD	a1+8(FP), R1
-	MOVD	a2+16(FP), R2
-	MOVD	a3+24(FP), R3
-
-	// Get library control area (LCA).
-	MOVW	PSALAA, R8
-	MOVD	LCA64(R8), R8
-
-	// Get function.
-	MOVD	CAA(R8), R9
-	MOVD	EDCHPXV(R9), R9
-	MOVD	trap+0(FP), R5
-	SLD	$4, R5
-	ADD	R5, R9
-	LMG	0(R9), R5, R6
+//
+// Call LE function, if the return is 0
+// errno and errno2 is retrieved
+//
+TEXT ·CallLeFuncWithPtrReturn(SB), NOSPLIT, $0
+	MOVW PSALAA, R8
+	MOVD LCA64(R8), R8
+	MOVD CAA(R8), R9
+	MOVD g, GOCB(R9)
 
 	// Restore LE stack.
-	MOVD	SAVSTACK_ASYNC(R8), R9
-	MOVD	0(R9), R4
-	MOVD	$0, 0(R9)
-
-	// Fill in parameter list.
-	MOVD	a4+32(FP), R12
-	MOVD	R12, (2176+24)(R4)
-	MOVD	a5+40(FP), R12
-	MOVD	R12, (2176+32)(R4)
-	MOVD	a6+48(FP), R12
-	MOVD	R12, (2176+40)(R4)
-	MOVD	a7+56(FP), R12
-	MOVD	R12, (2176+48)(R4)
-	MOVD	a8+64(FP), R12
-	MOVD	R12, (2176+56)(R4)
-	MOVD	a9+72(FP), R12
-	MOVD	R12, (2176+64)(R4)
-
-	// Call function.
-	LE_CALL
+	MOVD SAVSTACK_ASYNC(R8), R9 // R9-> LE stack frame saving address
+	MOVD 0(R9), R4              // R4-> restore previously saved stack frame pointer
+
+	MOVD parms_base+8(FP), R7 // R7 -> argument array
+	MOVD parms_len+16(FP), R8 // R8 number of arguments
+
+	//  arg 1 ---> R1
+	CMP  R8, $0
+	BEQ  docall
+	SUB  $1, R8
+	MOVD 0(R7), R1
+
+	//  arg 2 ---> R2
+	CMP  R8, $0
+	BEQ  docall
+	SUB  $1, R8
+	ADD  $8, R7
+	MOVD 0(R7), R2
+
+	//  arg 3 --> R3
+	CMP  R8, $0
+	BEQ  docall
+	SUB  $1, R8
+	ADD  $8, R7
+	MOVD 0(R7), R3
+
+	CMP  R8, $0
+	BEQ  docall
+	MOVD $2176+16, R6 // starting LE stack address-8 to store 4th argument
+
+repeat:
+	ADD  $8, R7
+	MOVD 0(R7), R0      // advance arg pointer by 8 byte
+	ADD  $8, R6         // advance LE argument address by 8 byte
+	MOVD R0, (R4)(R6*1) // copy argument from go-slice to le-frame
+	SUB  $1, R8
+	CMP  R8, $0
+	BNE  repeat
+
+docall:
+	MOVD funcdesc+0(FP), R8 // R8-> function descriptor
+	LMG  0(R8), R5, R6
+	MOVD $0, 0(R9)          // R9 address of SAVSTACK_ASYNC
+	LE_CALL                 // balr R7, R6 (return #1)
 	NOPH
-	XOR	R0, R0      // Restore R0 to $0.
-	MOVD	R4, 0(R9)   // Save stack pointer.
-
-	MOVD	R3, r1+80(FP)
-	MOVD	R0, r2+88(FP)
-	MOVD	R0, err+96(FP)
-	MOVW	R3, R4
-	CMP	R4, $-1
-	BNE	done
-	BL	addrerrno<>(SB)
-	MOVWZ	0(R3), R3
-	MOVD	R3, err+96(FP)
-done:
-        BL	runtime·exitsyscall(SB)
-        RET
-
-TEXT ·syscall_rawsyscall9(SB),NOSPLIT,$0
-	MOVD	a1+8(FP), R1
-	MOVD	a2+16(FP), R2
-	MOVD	a3+24(FP), R3
-
-	// Get library control area (LCA).
-	MOVW	PSALAA, R8
-	MOVD	LCA64(R8), R8
-
-	// Get function.
-	MOVD	CAA(R8), R9
-	MOVD	EDCHPXV(R9), R9
-	MOVD	trap+0(FP), R5
-	SLD	$4, R5
-	ADD	R5, R9
-	LMG	0(R9), R5, R6
-
-	// Restore LE stack.
-	MOVD	SAVSTACK_ASYNC(R8), R9
-	MOVD	0(R9), R4
-	MOVD	$0, 0(R9)
-
-	// Fill in parameter list.
-	MOVD	a4+32(FP), R12
-	MOVD	R12, (2176+24)(R4)
-	MOVD	a5+40(FP), R12
-	MOVD	R12, (2176+32)(R4)
-	MOVD	a6+48(FP), R12
-	MOVD	R12, (2176+40)(R4)
-	MOVD	a7+56(FP), R12
-	MOVD	R12, (2176+48)(R4)
-	MOVD	a8+64(FP), R12
-	MOVD	R12, (2176+56)(R4)
-	MOVD	a9+72(FP), R12
-	MOVD	R12, (2176+64)(R4)
-
-	// Call function.
-	LE_CALL
+	MOVD R3, ret+32(FP)
+	CMP  R3, $0             // compare result to 0
+	BNE  done
+
+	// retrieve errno and errno2
+	MOVD  zosLibVec<>(SB), R8
+	ADD   $(__errno), R8
+	LMG   0(R8), R5, R6
+	LE_CALL                   // balr R7, R6 __errno (return #3)
 	NOPH
-	XOR	R0, R0      // Restore R0 to $0.
-	MOVD	R4, 0(R9)   // Save stack pointer.
-
-	MOVD	R3, r1+80(FP)
-	MOVD	R0, r2+88(FP)
-	MOVD	R0, err+96(FP)
-	MOVW	R3, R4
-	CMP	R4, $-1
-	BNE	done
-	BL	addrerrno<>(SB)
-	MOVWZ	0(R3), R3
-	MOVD	R3, err+96(FP)
-done:
-	RET
-
-// func svcCall(fnptr unsafe.Pointer, argv *unsafe.Pointer, dsa *uint64)
-TEXT ·svcCall(SB),NOSPLIT,$0
-	BL	runtime·save_g(SB)   // Save g and stack pointer
-	MOVW	PSALAA, R8
-	MOVD	LCA64(R8), R8
-	MOVD	SAVSTACK_ASYNC(R8), R9
-	MOVD	R15, 0(R9)
-
-	MOVD	argv+8(FP), R1       // Move function arguments into registers
-	MOVD	dsa+16(FP), g
-	MOVD	fnptr+0(FP), R15
-
-	BYTE	$0x0D                // Branch to function
-	BYTE	$0xEF
-
-	BL	runtime·load_g(SB)   // Restore g and stack pointer
-	MOVW	PSALAA, R8
-	MOVD	LCA64(R8), R8
-	MOVD	SAVSTACK_ASYNC(R8), R9
-	MOVD	0(R9), R15
-
-	RET
-
-// func svcLoad(name *byte) unsafe.Pointer
-TEXT ·svcLoad(SB),NOSPLIT,$0
-	MOVD	R15, R2          // Save go stack pointer
-	MOVD	name+0(FP), R0   // Move SVC args into registers
-	MOVD	$0x80000000, R1
-	MOVD	$0, R15
-	BYTE	$0x0A            // SVC 08 LOAD
-	BYTE	$0x08
-	MOVW	R15, R3          // Save return code from SVC
-	MOVD	R2, R15          // Restore go stack pointer
-	CMP	R3, $0           // Check SVC return code
-	BNE	error
-
-	MOVD	$-2, R3          // Reset last bit of entry point to zero
-	AND	R0, R3
-	MOVD	R3, addr+8(FP)   // Return entry point returned by SVC
-	CMP	R0, R3           // Check if last bit of entry point was set
-	BNE	done
-
-	MOVD	R15, R2          // Save go stack pointer
-	MOVD	$0, R15          // Move SVC args into registers (entry point still in r0 from SVC 08)
-	BYTE	$0x0A            // SVC 09 DELETE
-	BYTE	$0x09
-	MOVD	R2, R15          // Restore go stack pointer
+	MOVWZ 0(R3), R3
+	MOVD  R3, err+48(FP)
+	MOVD  zosLibVec<>(SB), R8
+	ADD   $(__err2ad), R8
+	LMG   0(R8), R5, R6
+	LE_CALL                   // balr R7, R6 __err2ad (return #2)
+	NOPH
+	MOVW  (R3), R2            // retrieve errno2
+	MOVD  R2, errno2+40(FP)   // store in return area
+	XOR   R2, R2
+	MOVWZ R2, (R3)            // clear errno2
 
-error:
-	MOVD	$0, addr+8(FP)   // Return 0 on failure
 done:
-	XOR	R0, R0           // Reset r0 to 0
+	MOVD R4, 0(R9)            // Save stack pointer.
 	RET
 
-// func svcUnload(name *byte, fnptr unsafe.Pointer) int64
-TEXT ·svcUnload(SB),NOSPLIT,$0
-	MOVD	R15, R2          // Save go stack pointer
-	MOVD	name+0(FP), R0   // Move SVC args into registers
-	MOVD	addr+8(FP), R15
-	BYTE	$0x0A            // SVC 09
-	BYTE	$0x09
-	XOR	R0, R0           // Reset r0 to 0
-	MOVD	R15, R1          // Save SVC return code
-	MOVD	R2, R15          // Restore go stack pointer
-	MOVD	R1, rc+0(FP)     // Return SVC return code
+//
+// function to test if a pointer can be safely dereferenced (content read)
+// return 0 for succces
+//
+TEXT ·ptrtest(SB), NOSPLIT, $0-16
+	MOVD arg+0(FP), R10 // test pointer in R10
+
+	// set up R2 to point to CEECAADMC
+	BYTE $0xE3; BYTE $0x20; BYTE $0x04; BYTE $0xB8; BYTE $0x00; BYTE $0x17 // llgt  2,1208
+	BYTE $0xB9; BYTE $0x17; BYTE $0x00; BYTE $0x22                         // llgtr 2,2
+	BYTE $0xA5; BYTE $0x26; BYTE $0x7F; BYTE $0xFF                         // nilh  2,32767
+	BYTE $0xE3; BYTE $0x22; BYTE $0x00; BYTE $0x58; BYTE $0x00; BYTE $0x04 // lg    2,88(2)
+	BYTE $0xE3; BYTE $0x22; BYTE $0x00; BYTE $0x08; BYTE $0x00; BYTE $0x04 // lg    2,8(2)
+	BYTE $0x41; BYTE $0x22; BYTE $0x03; BYTE $0x68                         // la    2,872(2)
+
+	// set up R5 to point to the "shunt" path which set 1 to R3 (failure)
+	BYTE $0xB9; BYTE $0x82; BYTE $0x00; BYTE $0x33 // xgr   3,3
+	BYTE $0xA7; BYTE $0x55; BYTE $0x00; BYTE $0x04 // bras  5,lbl1
+	BYTE $0xA7; BYTE $0x39; BYTE $0x00; BYTE $0x01 // lghi  3,1
+
+	// if r3 is not zero (failed) then branch to finish
+	BYTE $0xB9; BYTE $0x02; BYTE $0x00; BYTE $0x33 // lbl1     ltgr  3,3
+	BYTE $0xA7; BYTE $0x74; BYTE $0x00; BYTE $0x08 // brc   b'0111',lbl2
+
+	// stomic store shunt address in R5 into CEECAADMC
+	BYTE $0xE3; BYTE $0x52; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x24 // stg   5,0(2)
+
+	// now try reading from the test pointer in R10, if it fails it branches to the "lghi" instruction above
+	BYTE $0xE3; BYTE $0x9A; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x04 // lg    9,0(10)
+
+	// finish here, restore 0 into CEECAADMC
+	BYTE $0xB9; BYTE $0x82; BYTE $0x00; BYTE $0x99                         // lbl2     xgr   9,9
+	BYTE $0xE3; BYTE $0x92; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x24 // stg   9,0(2)
+	MOVD R3, ret+8(FP)                                                     // result in R3
 	RET
 
-// func gettid() uint64
-TEXT ·gettid(SB), NOSPLIT, $0
-	// Get library control area (LCA).
-	MOVW PSALAA, R8
-	MOVD LCA64(R8), R8
-
-	// Get CEECAATHDID
-	MOVD CAA(R8), R9
-	MOVD 0x3D0(R9), R9
-	MOVD R9, ret+0(FP)
-
+//
+// function to test if a untptr can be loaded from a pointer
+// return 1: the 8-byte content
+//        2: 0 for success, 1 for failure
+//
+// func safeload(ptr uintptr) ( value uintptr, error uintptr)
+TEXT ·safeload(SB), NOSPLIT, $0-24
+	MOVD ptr+0(FP), R10                                                    // test pointer in R10
+	MOVD $0x0, R6
+	BYTE $0xE3; BYTE $0x20; BYTE $0x04; BYTE $0xB8; BYTE $0x00; BYTE $0x17 // llgt  2,1208
+	BYTE $0xB9; BYTE $0x17; BYTE $0x00; BYTE $0x22                         // llgtr 2,2
+	BYTE $0xA5; BYTE $0x26; BYTE $0x7F; BYTE $0xFF                         // nilh  2,32767
+	BYTE $0xE3; BYTE $0x22; BYTE $0x00; BYTE $0x58; BYTE $0x00; BYTE $0x04 // lg    2,88(2)
+	BYTE $0xE3; BYTE $0x22; BYTE $0x00; BYTE $0x08; BYTE $0x00; BYTE $0x04 // lg    2,8(2)
+	BYTE $0x41; BYTE $0x22; BYTE $0x03; BYTE $0x68                         // la    2,872(2)
+	BYTE $0xB9; BYTE $0x82; BYTE $0x00; BYTE $0x33                         // xgr   3,3
+	BYTE $0xA7; BYTE $0x55; BYTE $0x00; BYTE $0x04                         // bras  5,lbl1
+	BYTE $0xA7; BYTE $0x39; BYTE $0x00; BYTE $0x01                         // lghi  3,1
+	BYTE $0xB9; BYTE $0x02; BYTE $0x00; BYTE $0x33                         // lbl1     ltgr  3,3
+	BYTE $0xA7; BYTE $0x74; BYTE $0x00; BYTE $0x08                         // brc   b'0111',lbl2
+	BYTE $0xE3; BYTE $0x52; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x24 // stg 5,0(2)
+	BYTE $0xE3; BYTE $0x6A; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x04 // lg    6,0(10)
+	BYTE $0xB9; BYTE $0x82; BYTE $0x00; BYTE $0x99                         // lbl2     xgr   9,9
+	BYTE $0xE3; BYTE $0x92; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x24 // stg   9,0(2)
+	MOVD R6, value+8(FP)                                                   // result in R6
+	MOVD R3, error+16(FP)                                                  // error in R3
 	RET
diff --git a/vendor/golang.org/x/sys/unix/bpxsvc_zos.go b/vendor/golang.org/x/sys/unix/bpxsvc_zos.go
new file mode 100644
index 000000000..39d647d86
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/bpxsvc_zos.go
@@ -0,0 +1,657 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos
+
+package unix
+
+import (
+	"bytes"
+	"fmt"
+	"unsafe"
+)
+
+//go:noescape
+func bpxcall(plist []unsafe.Pointer, bpx_offset int64)
+
+//go:noescape
+func A2e([]byte)
+
+//go:noescape
+func E2a([]byte)
+
+const (
+	BPX4STA = 192  // stat
+	BPX4FST = 104  // fstat
+	BPX4LST = 132  // lstat
+	BPX4OPN = 156  // open
+	BPX4CLO = 72   // close
+	BPX4CHR = 500  // chattr
+	BPX4FCR = 504  // fchattr
+	BPX4LCR = 1180 // lchattr
+	BPX4CTW = 492  // cond_timed_wait
+	BPX4GTH = 1056 // __getthent
+	BPX4PTQ = 412  // pthread_quiesc
+	BPX4PTR = 320  // ptrace
+)
+
+const (
+	//options
+	//byte1
+	BPX_OPNFHIGH = 0x80
+	//byte2
+	BPX_OPNFEXEC = 0x80
+	//byte3
+	BPX_O_NOLARGEFILE = 0x08
+	BPX_O_LARGEFILE   = 0x04
+	BPX_O_ASYNCSIG    = 0x02
+	BPX_O_SYNC        = 0x01
+	//byte4
+	BPX_O_CREXCL   = 0xc0
+	BPX_O_CREAT    = 0x80
+	BPX_O_EXCL     = 0x40
+	BPX_O_NOCTTY   = 0x20
+	BPX_O_TRUNC    = 0x10
+	BPX_O_APPEND   = 0x08
+	BPX_O_NONBLOCK = 0x04
+	BPX_FNDELAY    = 0x04
+	BPX_O_RDWR     = 0x03
+	BPX_O_RDONLY   = 0x02
+	BPX_O_WRONLY   = 0x01
+	BPX_O_ACCMODE  = 0x03
+	BPX_O_GETFL    = 0x0f
+
+	//mode
+	// byte1 (file type)
+	BPX_FT_DIR      = 1
+	BPX_FT_CHARSPEC = 2
+	BPX_FT_REGFILE  = 3
+	BPX_FT_FIFO     = 4
+	BPX_FT_SYMLINK  = 5
+	BPX_FT_SOCKET   = 6
+	//byte3
+	BPX_S_ISUID  = 0x08
+	BPX_S_ISGID  = 0x04
+	BPX_S_ISVTX  = 0x02
+	BPX_S_IRWXU1 = 0x01
+	BPX_S_IRUSR  = 0x01
+	//byte4
+	BPX_S_IRWXU2 = 0xc0
+	BPX_S_IWUSR  = 0x80
+	BPX_S_IXUSR  = 0x40
+	BPX_S_IRWXG  = 0x38
+	BPX_S_IRGRP  = 0x20
+	BPX_S_IWGRP  = 0x10
+	BPX_S_IXGRP  = 0x08
+	BPX_S_IRWXOX = 0x07
+	BPX_S_IROTH  = 0x04
+	BPX_S_IWOTH  = 0x02
+	BPX_S_IXOTH  = 0x01
+
+	CW_INTRPT  = 1
+	CW_CONDVAR = 32
+	CW_TIMEOUT = 64
+
+	PGTHA_NEXT        = 2
+	PGTHA_CURRENT     = 1
+	PGTHA_FIRST       = 0
+	PGTHA_LAST        = 3
+	PGTHA_PROCESS     = 0x80
+	PGTHA_CONTTY      = 0x40
+	PGTHA_PATH        = 0x20
+	PGTHA_COMMAND     = 0x10
+	PGTHA_FILEDATA    = 0x08
+	PGTHA_THREAD      = 0x04
+	PGTHA_PTAG        = 0x02
+	PGTHA_COMMANDLONG = 0x01
+	PGTHA_THREADFAST  = 0x80
+	PGTHA_FILEPATH    = 0x40
+	PGTHA_THDSIGMASK  = 0x20
+	// thread quiece mode
+	QUIESCE_TERM       int32 = 1
+	QUIESCE_FORCE      int32 = 2
+	QUIESCE_QUERY      int32 = 3
+	QUIESCE_FREEZE     int32 = 4
+	QUIESCE_UNFREEZE   int32 = 5
+	FREEZE_THIS_THREAD int32 = 6
+	FREEZE_EXIT        int32 = 8
+	QUIESCE_SRB        int32 = 9
+)
+
+type Pgtha struct {
+	Pid        uint32 // 0
+	Tid0       uint32 // 4
+	Tid1       uint32
+	Accesspid  byte    // C
+	Accesstid  byte    // D
+	Accessasid uint16  // E
+	Loginname  [8]byte // 10
+	Flag1      byte    // 18
+	Flag1b2    byte    // 19
+}
+
+type Bpxystat_t struct { // DSECT BPXYSTAT
+	St_id           [4]uint8  // 0
+	St_length       uint16    // 0x4
+	St_version      uint16    // 0x6
+	St_mode         uint32    // 0x8
+	St_ino          uint32    // 0xc
+	St_dev          uint32    // 0x10
+	St_nlink        uint32    // 0x14
+	St_uid          uint32    // 0x18
+	St_gid          uint32    // 0x1c
+	St_size         uint64    // 0x20
+	St_atime        uint32    // 0x28
+	St_mtime        uint32    // 0x2c
+	St_ctime        uint32    // 0x30
+	St_rdev         uint32    // 0x34
+	St_auditoraudit uint32    // 0x38
+	St_useraudit    uint32    // 0x3c
+	St_blksize      uint32    // 0x40
+	St_createtime   uint32    // 0x44
+	St_auditid      [4]uint32 // 0x48
+	St_res01        uint32    // 0x58
+	Ft_ccsid        uint16    // 0x5c
+	Ft_flags        uint16    // 0x5e
+	St_res01a       [2]uint32 // 0x60
+	St_res02        uint32    // 0x68
+	St_blocks       uint32    // 0x6c
+	St_opaque       [3]uint8  // 0x70
+	St_visible      uint8     // 0x73
+	St_reftime      uint32    // 0x74
+	St_fid          uint64    // 0x78
+	St_filefmt      uint8     // 0x80
+	St_fspflag2     uint8     // 0x81
+	St_res03        [2]uint8  // 0x82
+	St_ctimemsec    uint32    // 0x84
+	St_seclabel     [8]uint8  // 0x88
+	St_res04        [4]uint8  // 0x90
+	// end of version 1
+	_               uint32    // 0x94
+	St_atime64      uint64    // 0x98
+	St_mtime64      uint64    // 0xa0
+	St_ctime64      uint64    // 0xa8
+	St_createtime64 uint64    // 0xb0
+	St_reftime64    uint64    // 0xb8
+	_               uint64    // 0xc0
+	St_res05        [16]uint8 // 0xc8
+	// end of version 2
+}
+
+type BpxFilestatus struct {
+	Oflag1 byte
+	Oflag2 byte
+	Oflag3 byte
+	Oflag4 byte
+}
+
+type BpxMode struct {
+	Ftype byte
+	Mode1 byte
+	Mode2 byte
+	Mode3 byte
+}
+
+// Thr attribute structure for extended attributes
+type Bpxyatt_t struct { // DSECT BPXYATT
+	Att_id           [4]uint8
+	Att_version      uint16
+	Att_res01        [2]uint8
+	Att_setflags1    uint8
+	Att_setflags2    uint8
+	Att_setflags3    uint8
+	Att_setflags4    uint8
+	Att_mode         uint32
+	Att_uid          uint32
+	Att_gid          uint32
+	Att_opaquemask   [3]uint8
+	Att_visblmaskres uint8
+	Att_opaque       [3]uint8
+	Att_visibleres   uint8
+	Att_size_h       uint32
+	Att_size_l       uint32
+	Att_atime        uint32
+	Att_mtime        uint32
+	Att_auditoraudit uint32
+	Att_useraudit    uint32
+	Att_ctime        uint32
+	Att_reftime      uint32
+	// end of version 1
+	Att_filefmt uint8
+	Att_res02   [3]uint8
+	Att_filetag uint32
+	Att_res03   [8]uint8
+	// end of version 2
+	Att_atime64   uint64
+	Att_mtime64   uint64
+	Att_ctime64   uint64
+	Att_reftime64 uint64
+	Att_seclabel  [8]uint8
+	Att_ver3res02 [8]uint8
+	// end of version 3
+}
+
+func BpxOpen(name string, options *BpxFilestatus, mode *BpxMode) (rv int32, rc int32, rn int32) {
+	if len(name) < 1024 {
+		var namebuf [1024]byte
+		sz := int32(copy(namebuf[:], name))
+		A2e(namebuf[:sz])
+		var parms [7]unsafe.Pointer
+		parms[0] = unsafe.Pointer(&sz)
+		parms[1] = unsafe.Pointer(&namebuf[0])
+		parms[2] = unsafe.Pointer(options)
+		parms[3] = unsafe.Pointer(mode)
+		parms[4] = unsafe.Pointer(&rv)
+		parms[5] = unsafe.Pointer(&rc)
+		parms[6] = unsafe.Pointer(&rn)
+		bpxcall(parms[:], BPX4OPN)
+		return rv, rc, rn
+	}
+	return -1, -1, -1
+}
+
+func BpxClose(fd int32) (rv int32, rc int32, rn int32) {
+	var parms [4]unsafe.Pointer
+	parms[0] = unsafe.Pointer(&fd)
+	parms[1] = unsafe.Pointer(&rv)
+	parms[2] = unsafe.Pointer(&rc)
+	parms[3] = unsafe.Pointer(&rn)
+	bpxcall(parms[:], BPX4CLO)
+	return rv, rc, rn
+}
+
+func BpxFileFStat(fd int32, st *Bpxystat_t) (rv int32, rc int32, rn int32) {
+	st.St_id = [4]uint8{0xe2, 0xe3, 0xc1, 0xe3}
+	st.St_version = 2
+	stat_sz := uint32(unsafe.Sizeof(*st))
+	var parms [6]unsafe.Pointer
+	parms[0] = unsafe.Pointer(&fd)
+	parms[1] = unsafe.Pointer(&stat_sz)
+	parms[2] = unsafe.Pointer(st)
+	parms[3] = unsafe.Pointer(&rv)
+	parms[4] = unsafe.Pointer(&rc)
+	parms[5] = unsafe.Pointer(&rn)
+	bpxcall(parms[:], BPX4FST)
+	return rv, rc, rn
+}
+
+func BpxFileStat(name string, st *Bpxystat_t) (rv int32, rc int32, rn int32) {
+	if len(name) < 1024 {
+		var namebuf [1024]byte
+		sz := int32(copy(namebuf[:], name))
+		A2e(namebuf[:sz])
+		st.St_id = [4]uint8{0xe2, 0xe3, 0xc1, 0xe3}
+		st.St_version = 2
+		stat_sz := uint32(unsafe.Sizeof(*st))
+		var parms [7]unsafe.Pointer
+		parms[0] = unsafe.Pointer(&sz)
+		parms[1] = unsafe.Pointer(&namebuf[0])
+		parms[2] = unsafe.Pointer(&stat_sz)
+		parms[3] = unsafe.Pointer(st)
+		parms[4] = unsafe.Pointer(&rv)
+		parms[5] = unsafe.Pointer(&rc)
+		parms[6] = unsafe.Pointer(&rn)
+		bpxcall(parms[:], BPX4STA)
+		return rv, rc, rn
+	}
+	return -1, -1, -1
+}
+
+func BpxFileLStat(name string, st *Bpxystat_t) (rv int32, rc int32, rn int32) {
+	if len(name) < 1024 {
+		var namebuf [1024]byte
+		sz := int32(copy(namebuf[:], name))
+		A2e(namebuf[:sz])
+		st.St_id = [4]uint8{0xe2, 0xe3, 0xc1, 0xe3}
+		st.St_version = 2
+		stat_sz := uint32(unsafe.Sizeof(*st))
+		var parms [7]unsafe.Pointer
+		parms[0] = unsafe.Pointer(&sz)
+		parms[1] = unsafe.Pointer(&namebuf[0])
+		parms[2] = unsafe.Pointer(&stat_sz)
+		parms[3] = unsafe.Pointer(st)
+		parms[4] = unsafe.Pointer(&rv)
+		parms[5] = unsafe.Pointer(&rc)
+		parms[6] = unsafe.Pointer(&rn)
+		bpxcall(parms[:], BPX4LST)
+		return rv, rc, rn
+	}
+	return -1, -1, -1
+}
+
+func BpxChattr(path string, attr *Bpxyatt_t) (rv int32, rc int32, rn int32) {
+	if len(path) >= 1024 {
+		return -1, -1, -1
+	}
+	var namebuf [1024]byte
+	sz := int32(copy(namebuf[:], path))
+	A2e(namebuf[:sz])
+	attr_sz := uint32(unsafe.Sizeof(*attr))
+	var parms [7]unsafe.Pointer
+	parms[0] = unsafe.Pointer(&sz)
+	parms[1] = unsafe.Pointer(&namebuf[0])
+	parms[2] = unsafe.Pointer(&attr_sz)
+	parms[3] = unsafe.Pointer(attr)
+	parms[4] = unsafe.Pointer(&rv)
+	parms[5] = unsafe.Pointer(&rc)
+	parms[6] = unsafe.Pointer(&rn)
+	bpxcall(parms[:], BPX4CHR)
+	return rv, rc, rn
+}
+
+func BpxLchattr(path string, attr *Bpxyatt_t) (rv int32, rc int32, rn int32) {
+	if len(path) >= 1024 {
+		return -1, -1, -1
+	}
+	var namebuf [1024]byte
+	sz := int32(copy(namebuf[:], path))
+	A2e(namebuf[:sz])
+	attr_sz := uint32(unsafe.Sizeof(*attr))
+	var parms [7]unsafe.Pointer
+	parms[0] = unsafe.Pointer(&sz)
+	parms[1] = unsafe.Pointer(&namebuf[0])
+	parms[2] = unsafe.Pointer(&attr_sz)
+	parms[3] = unsafe.Pointer(attr)
+	parms[4] = unsafe.Pointer(&rv)
+	parms[5] = unsafe.Pointer(&rc)
+	parms[6] = unsafe.Pointer(&rn)
+	bpxcall(parms[:], BPX4LCR)
+	return rv, rc, rn
+}
+
+func BpxFchattr(fd int32, attr *Bpxyatt_t) (rv int32, rc int32, rn int32) {
+	attr_sz := uint32(unsafe.Sizeof(*attr))
+	var parms [6]unsafe.Pointer
+	parms[0] = unsafe.Pointer(&fd)
+	parms[1] = unsafe.Pointer(&attr_sz)
+	parms[2] = unsafe.Pointer(attr)
+	parms[3] = unsafe.Pointer(&rv)
+	parms[4] = unsafe.Pointer(&rc)
+	parms[5] = unsafe.Pointer(&rn)
+	bpxcall(parms[:], BPX4FCR)
+	return rv, rc, rn
+}
+
+func BpxCondTimedWait(sec uint32, nsec uint32, events uint32, secrem *uint32, nsecrem *uint32) (rv int32, rc int32, rn int32) {
+	var parms [8]unsafe.Pointer
+	parms[0] = unsafe.Pointer(&sec)
+	parms[1] = unsafe.Pointer(&nsec)
+	parms[2] = unsafe.Pointer(&events)
+	parms[3] = unsafe.Pointer(secrem)
+	parms[4] = unsafe.Pointer(nsecrem)
+	parms[5] = unsafe.Pointer(&rv)
+	parms[6] = unsafe.Pointer(&rc)
+	parms[7] = unsafe.Pointer(&rn)
+	bpxcall(parms[:], BPX4CTW)
+	return rv, rc, rn
+}
+func BpxGetthent(in *Pgtha, outlen *uint32, out unsafe.Pointer) (rv int32, rc int32, rn int32) {
+	var parms [7]unsafe.Pointer
+	inlen := uint32(26) // nothing else will work. Go says Pgtha is 28-byte because of alignment, but Pgtha is "packed" and must be 26-byte
+	parms[0] = unsafe.Pointer(&inlen)
+	parms[1] = unsafe.Pointer(&in)
+	parms[2] = unsafe.Pointer(outlen)
+	parms[3] = unsafe.Pointer(&out)
+	parms[4] = unsafe.Pointer(&rv)
+	parms[5] = unsafe.Pointer(&rc)
+	parms[6] = unsafe.Pointer(&rn)
+	bpxcall(parms[:], BPX4GTH)
+	return rv, rc, rn
+}
+func ZosJobname() (jobname string, err error) {
+	var pgtha Pgtha
+	pgtha.Pid = uint32(Getpid())
+	pgtha.Accesspid = PGTHA_CURRENT
+	pgtha.Flag1 = PGTHA_PROCESS
+	var out [256]byte
+	var outlen uint32
+	outlen = 256
+	rv, rc, rn := BpxGetthent(&pgtha, &outlen, unsafe.Pointer(&out[0]))
+	if rv == 0 {
+		gthc := []byte{0x87, 0xa3, 0x88, 0x83} // 'gthc' in ebcdic
+		ix := bytes.Index(out[:], gthc)
+		if ix == -1 {
+			err = fmt.Errorf("BPX4GTH: gthc return data not found")
+			return
+		}
+		jn := out[ix+80 : ix+88] // we didn't declare Pgthc, but jobname is 8-byte at offset 80
+		E2a(jn)
+		jobname = string(bytes.TrimRight(jn, " "))
+
+	} else {
+		err = fmt.Errorf("BPX4GTH: rc=%d errno=%d reason=code=0x%x", rv, rc, rn)
+	}
+	return
+}
+func Bpx4ptq(code int32, data string) (rv int32, rc int32, rn int32) {
+	var userdata [8]byte
+	var parms [5]unsafe.Pointer
+	copy(userdata[:], data+"        ")
+	A2e(userdata[:])
+	parms[0] = unsafe.Pointer(&code)
+	parms[1] = unsafe.Pointer(&userdata[0])
+	parms[2] = unsafe.Pointer(&rv)
+	parms[3] = unsafe.Pointer(&rc)
+	parms[4] = unsafe.Pointer(&rn)
+	bpxcall(parms[:], BPX4PTQ)
+	return rv, rc, rn
+}
+
+const (
+	PT_TRACE_ME             = 0  // Debug this process
+	PT_READ_I               = 1  // Read a full word
+	PT_READ_D               = 2  // Read a full word
+	PT_READ_U               = 3  // Read control info
+	PT_WRITE_I              = 4  //Write a full word
+	PT_WRITE_D              = 5  //Write a full word
+	PT_CONTINUE             = 7  //Continue the process
+	PT_KILL                 = 8  //Terminate the process
+	PT_READ_GPR             = 11 // Read GPR, CR, PSW
+	PT_READ_FPR             = 12 // Read FPR
+	PT_READ_VR              = 13 // Read VR
+	PT_WRITE_GPR            = 14 // Write GPR, CR, PSW
+	PT_WRITE_FPR            = 15 // Write FPR
+	PT_WRITE_VR             = 16 // Write VR
+	PT_READ_BLOCK           = 17 // Read storage
+	PT_WRITE_BLOCK          = 19 // Write storage
+	PT_READ_GPRH            = 20 // Read GPRH
+	PT_WRITE_GPRH           = 21 // Write GPRH
+	PT_REGHSET              = 22 // Read all GPRHs
+	PT_ATTACH               = 30 // Attach to a process
+	PT_DETACH               = 31 // Detach from a process
+	PT_REGSET               = 32 // Read all GPRs
+	PT_REATTACH             = 33 // Reattach to a process
+	PT_LDINFO               = 34 // Read loader info
+	PT_MULTI                = 35 // Multi process mode
+	PT_LD64INFO             = 36 // RMODE64 Info Area
+	PT_BLOCKREQ             = 40 // Block request
+	PT_THREAD_INFO          = 60 // Read thread info
+	PT_THREAD_MODIFY        = 61
+	PT_THREAD_READ_FOCUS    = 62
+	PT_THREAD_WRITE_FOCUS   = 63
+	PT_THREAD_HOLD          = 64
+	PT_THREAD_SIGNAL        = 65
+	PT_EXPLAIN              = 66
+	PT_EVENTS               = 67
+	PT_THREAD_INFO_EXTENDED = 68
+	PT_REATTACH2            = 71
+	PT_CAPTURE              = 72
+	PT_UNCAPTURE            = 73
+	PT_GET_THREAD_TCB       = 74
+	PT_GET_ALET             = 75
+	PT_SWAPIN               = 76
+	PT_EXTENDED_EVENT       = 98
+	PT_RECOVER              = 99  // Debug a program check
+	PT_GPR0                 = 0   // General purpose register 0
+	PT_GPR1                 = 1   // General purpose register 1
+	PT_GPR2                 = 2   // General purpose register 2
+	PT_GPR3                 = 3   // General purpose register 3
+	PT_GPR4                 = 4   // General purpose register 4
+	PT_GPR5                 = 5   // General purpose register 5
+	PT_GPR6                 = 6   // General purpose register 6
+	PT_GPR7                 = 7   // General purpose register 7
+	PT_GPR8                 = 8   // General purpose register 8
+	PT_GPR9                 = 9   // General purpose register 9
+	PT_GPR10                = 10  // General purpose register 10
+	PT_GPR11                = 11  // General purpose register 11
+	PT_GPR12                = 12  // General purpose register 12
+	PT_GPR13                = 13  // General purpose register 13
+	PT_GPR14                = 14  // General purpose register 14
+	PT_GPR15                = 15  // General purpose register 15
+	PT_FPR0                 = 16  // Floating point register 0
+	PT_FPR1                 = 17  // Floating point register 1
+	PT_FPR2                 = 18  // Floating point register 2
+	PT_FPR3                 = 19  // Floating point register 3
+	PT_FPR4                 = 20  // Floating point register 4
+	PT_FPR5                 = 21  // Floating point register 5
+	PT_FPR6                 = 22  // Floating point register 6
+	PT_FPR7                 = 23  // Floating point register 7
+	PT_FPR8                 = 24  // Floating point register 8
+	PT_FPR9                 = 25  // Floating point register 9
+	PT_FPR10                = 26  // Floating point register 10
+	PT_FPR11                = 27  // Floating point register 11
+	PT_FPR12                = 28  // Floating point register 12
+	PT_FPR13                = 29  // Floating point register 13
+	PT_FPR14                = 30  // Floating point register 14
+	PT_FPR15                = 31  // Floating point register 15
+	PT_FPC                  = 32  // Floating point control register
+	PT_PSW                  = 40  // PSW
+	PT_PSW0                 = 40  // Left half of the PSW
+	PT_PSW1                 = 41  // Right half of the PSW
+	PT_CR0                  = 42  // Control register 0
+	PT_CR1                  = 43  // Control register 1
+	PT_CR2                  = 44  // Control register 2
+	PT_CR3                  = 45  // Control register 3
+	PT_CR4                  = 46  // Control register 4
+	PT_CR5                  = 47  // Control register 5
+	PT_CR6                  = 48  // Control register 6
+	PT_CR7                  = 49  // Control register 7
+	PT_CR8                  = 50  // Control register 8
+	PT_CR9                  = 51  // Control register 9
+	PT_CR10                 = 52  // Control register 10
+	PT_CR11                 = 53  // Control register 11
+	PT_CR12                 = 54  // Control register 12
+	PT_CR13                 = 55  // Control register 13
+	PT_CR14                 = 56  // Control register 14
+	PT_CR15                 = 57  // Control register 15
+	PT_GPRH0                = 58  // GP High register 0
+	PT_GPRH1                = 59  // GP High register 1
+	PT_GPRH2                = 60  // GP High register 2
+	PT_GPRH3                = 61  // GP High register 3
+	PT_GPRH4                = 62  // GP High register 4
+	PT_GPRH5                = 63  // GP High register 5
+	PT_GPRH6                = 64  // GP High register 6
+	PT_GPRH7                = 65  // GP High register 7
+	PT_GPRH8                = 66  // GP High register 8
+	PT_GPRH9                = 67  // GP High register 9
+	PT_GPRH10               = 68  // GP High register 10
+	PT_GPRH11               = 69  // GP High register 11
+	PT_GPRH12               = 70  // GP High register 12
+	PT_GPRH13               = 71  // GP High register 13
+	PT_GPRH14               = 72  // GP High register 14
+	PT_GPRH15               = 73  // GP High register 15
+	PT_VR0                  = 74  // Vector register 0
+	PT_VR1                  = 75  // Vector register 1
+	PT_VR2                  = 76  // Vector register 2
+	PT_VR3                  = 77  // Vector register 3
+	PT_VR4                  = 78  // Vector register 4
+	PT_VR5                  = 79  // Vector register 5
+	PT_VR6                  = 80  // Vector register 6
+	PT_VR7                  = 81  // Vector register 7
+	PT_VR8                  = 82  // Vector register 8
+	PT_VR9                  = 83  // Vector register 9
+	PT_VR10                 = 84  // Vector register 10
+	PT_VR11                 = 85  // Vector register 11
+	PT_VR12                 = 86  // Vector register 12
+	PT_VR13                 = 87  // Vector register 13
+	PT_VR14                 = 88  // Vector register 14
+	PT_VR15                 = 89  // Vector register 15
+	PT_VR16                 = 90  // Vector register 16
+	PT_VR17                 = 91  // Vector register 17
+	PT_VR18                 = 92  // Vector register 18
+	PT_VR19                 = 93  // Vector register 19
+	PT_VR20                 = 94  // Vector register 20
+	PT_VR21                 = 95  // Vector register 21
+	PT_VR22                 = 96  // Vector register 22
+	PT_VR23                 = 97  // Vector register 23
+	PT_VR24                 = 98  // Vector register 24
+	PT_VR25                 = 99  // Vector register 25
+	PT_VR26                 = 100 // Vector register 26
+	PT_VR27                 = 101 // Vector register 27
+	PT_VR28                 = 102 // Vector register 28
+	PT_VR29                 = 103 // Vector register 29
+	PT_VR30                 = 104 // Vector register 30
+	PT_VR31                 = 105 // Vector register 31
+	PT_PSWG                 = 106 // PSWG
+	PT_PSWG0                = 106 // Bytes 0-3
+	PT_PSWG1                = 107 // Bytes 4-7
+	PT_PSWG2                = 108 // Bytes 8-11 (IA high word)
+	PT_PSWG3                = 109 // Bytes 12-15 (IA low word)
+)
+
+func Bpx4ptr(request int32, pid int32, addr unsafe.Pointer, data unsafe.Pointer, buffer unsafe.Pointer) (rv int32, rc int32, rn int32) {
+	var parms [8]unsafe.Pointer
+	parms[0] = unsafe.Pointer(&request)
+	parms[1] = unsafe.Pointer(&pid)
+	parms[2] = unsafe.Pointer(&addr)
+	parms[3] = unsafe.Pointer(&data)
+	parms[4] = unsafe.Pointer(&buffer)
+	parms[5] = unsafe.Pointer(&rv)
+	parms[6] = unsafe.Pointer(&rc)
+	parms[7] = unsafe.Pointer(&rn)
+	bpxcall(parms[:], BPX4PTR)
+	return rv, rc, rn
+}
+
+func copyU8(val uint8, dest []uint8) int {
+	if len(dest) < 1 {
+		return 0
+	}
+	dest[0] = val
+	return 1
+}
+
+func copyU8Arr(src, dest []uint8) int {
+	if len(dest) < len(src) {
+		return 0
+	}
+	for i, v := range src {
+		dest[i] = v
+	}
+	return len(src)
+}
+
+func copyU16(val uint16, dest []uint16) int {
+	if len(dest) < 1 {
+		return 0
+	}
+	dest[0] = val
+	return 1
+}
+
+func copyU32(val uint32, dest []uint32) int {
+	if len(dest) < 1 {
+		return 0
+	}
+	dest[0] = val
+	return 1
+}
+
+func copyU32Arr(src, dest []uint32) int {
+	if len(dest) < len(src) {
+		return 0
+	}
+	for i, v := range src {
+		dest[i] = v
+	}
+	return len(src)
+}
+
+func copyU64(val uint64, dest []uint64) int {
+	if len(dest) < 1 {
+		return 0
+	}
+	dest[0] = val
+	return 1
+}
diff --git a/vendor/golang.org/x/sys/unix/bpxsvc_zos.s b/vendor/golang.org/x/sys/unix/bpxsvc_zos.s
new file mode 100644
index 000000000..4bd4a1798
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/bpxsvc_zos.s
@@ -0,0 +1,192 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+#include "go_asm.h"
+#include "textflag.h"
+
+// function to call USS assembly language services
+//
+// doc: https://www.ibm.com/support/knowledgecenter/en/SSLTBW_3.1.0/com.ibm.zos.v3r1.bpxb100/bit64env.htm
+//
+//   arg1 unsafe.Pointer array that ressembles an OS PLIST
+//
+//   arg2 function offset as in
+//       doc: https://www.ibm.com/support/knowledgecenter/en/SSLTBW_3.1.0/com.ibm.zos.v3r1.bpxb100/bpx2cr_List_of_offsets.htm
+//
+// func bpxcall(plist []unsafe.Pointer, bpx_offset int64)
+
+TEXT ·bpxcall(SB), NOSPLIT|NOFRAME, $0
+	MOVD  plist_base+0(FP), R1  // r1 points to plist
+	MOVD  bpx_offset+24(FP), R2 // r2 offset to BPX vector table
+	MOVD  R14, R7               // save r14
+	MOVD  R15, R8               // save r15
+	MOVWZ 16(R0), R9
+	MOVWZ 544(R9), R9
+	MOVWZ 24(R9), R9            // call vector in r9
+	ADD   R2, R9                // add offset to vector table
+	MOVWZ (R9), R9              // r9 points to entry point
+	BYTE  $0x0D                 // BL R14,R9 --> basr r14,r9
+	BYTE  $0xE9                 // clobbers 0,1,14,15
+	MOVD  R8, R15               // restore 15
+	JMP   R7                    // return via saved return address
+
+//   func A2e(arr [] byte)
+//   code page conversion from  819 to 1047
+TEXT ·A2e(SB), NOSPLIT|NOFRAME, $0
+	MOVD arg_base+0(FP), R2                        // pointer to arry of characters
+	MOVD arg_len+8(FP), R3                         // count
+	XOR  R0, R0
+	XOR  R1, R1
+	BYTE $0xA7; BYTE $0x15; BYTE $0x00; BYTE $0x82 // BRAS 1,(2+(256/2))
+
+	// ASCII -> EBCDIC conversion table:
+	BYTE $0x00; BYTE $0x01; BYTE $0x02; BYTE $0x03
+	BYTE $0x37; BYTE $0x2d; BYTE $0x2e; BYTE $0x2f
+	BYTE $0x16; BYTE $0x05; BYTE $0x15; BYTE $0x0b
+	BYTE $0x0c; BYTE $0x0d; BYTE $0x0e; BYTE $0x0f
+	BYTE $0x10; BYTE $0x11; BYTE $0x12; BYTE $0x13
+	BYTE $0x3c; BYTE $0x3d; BYTE $0x32; BYTE $0x26
+	BYTE $0x18; BYTE $0x19; BYTE $0x3f; BYTE $0x27
+	BYTE $0x1c; BYTE $0x1d; BYTE $0x1e; BYTE $0x1f
+	BYTE $0x40; BYTE $0x5a; BYTE $0x7f; BYTE $0x7b
+	BYTE $0x5b; BYTE $0x6c; BYTE $0x50; BYTE $0x7d
+	BYTE $0x4d; BYTE $0x5d; BYTE $0x5c; BYTE $0x4e
+	BYTE $0x6b; BYTE $0x60; BYTE $0x4b; BYTE $0x61
+	BYTE $0xf0; BYTE $0xf1; BYTE $0xf2; BYTE $0xf3
+	BYTE $0xf4; BYTE $0xf5; BYTE $0xf6; BYTE $0xf7
+	BYTE $0xf8; BYTE $0xf9; BYTE $0x7a; BYTE $0x5e
+	BYTE $0x4c; BYTE $0x7e; BYTE $0x6e; BYTE $0x6f
+	BYTE $0x7c; BYTE $0xc1; BYTE $0xc2; BYTE $0xc3
+	BYTE $0xc4; BYTE $0xc5; BYTE $0xc6; BYTE $0xc7
+	BYTE $0xc8; BYTE $0xc9; BYTE $0xd1; BYTE $0xd2
+	BYTE $0xd3; BYTE $0xd4; BYTE $0xd5; BYTE $0xd6
+	BYTE $0xd7; BYTE $0xd8; BYTE $0xd9; BYTE $0xe2
+	BYTE $0xe3; BYTE $0xe4; BYTE $0xe5; BYTE $0xe6
+	BYTE $0xe7; BYTE $0xe8; BYTE $0xe9; BYTE $0xad
+	BYTE $0xe0; BYTE $0xbd; BYTE $0x5f; BYTE $0x6d
+	BYTE $0x79; BYTE $0x81; BYTE $0x82; BYTE $0x83
+	BYTE $0x84; BYTE $0x85; BYTE $0x86; BYTE $0x87
+	BYTE $0x88; BYTE $0x89; BYTE $0x91; BYTE $0x92
+	BYTE $0x93; BYTE $0x94; BYTE $0x95; BYTE $0x96
+	BYTE $0x97; BYTE $0x98; BYTE $0x99; BYTE $0xa2
+	BYTE $0xa3; BYTE $0xa4; BYTE $0xa5; BYTE $0xa6
+	BYTE $0xa7; BYTE $0xa8; BYTE $0xa9; BYTE $0xc0
+	BYTE $0x4f; BYTE $0xd0; BYTE $0xa1; BYTE $0x07
+	BYTE $0x20; BYTE $0x21; BYTE $0x22; BYTE $0x23
+	BYTE $0x24; BYTE $0x25; BYTE $0x06; BYTE $0x17
+	BYTE $0x28; BYTE $0x29; BYTE $0x2a; BYTE $0x2b
+	BYTE $0x2c; BYTE $0x09; BYTE $0x0a; BYTE $0x1b
+	BYTE $0x30; BYTE $0x31; BYTE $0x1a; BYTE $0x33
+	BYTE $0x34; BYTE $0x35; BYTE $0x36; BYTE $0x08
+	BYTE $0x38; BYTE $0x39; BYTE $0x3a; BYTE $0x3b
+	BYTE $0x04; BYTE $0x14; BYTE $0x3e; BYTE $0xff
+	BYTE $0x41; BYTE $0xaa; BYTE $0x4a; BYTE $0xb1
+	BYTE $0x9f; BYTE $0xb2; BYTE $0x6a; BYTE $0xb5
+	BYTE $0xbb; BYTE $0xb4; BYTE $0x9a; BYTE $0x8a
+	BYTE $0xb0; BYTE $0xca; BYTE $0xaf; BYTE $0xbc
+	BYTE $0x90; BYTE $0x8f; BYTE $0xea; BYTE $0xfa
+	BYTE $0xbe; BYTE $0xa0; BYTE $0xb6; BYTE $0xb3
+	BYTE $0x9d; BYTE $0xda; BYTE $0x9b; BYTE $0x8b
+	BYTE $0xb7; BYTE $0xb8; BYTE $0xb9; BYTE $0xab
+	BYTE $0x64; BYTE $0x65; BYTE $0x62; BYTE $0x66
+	BYTE $0x63; BYTE $0x67; BYTE $0x9e; BYTE $0x68
+	BYTE $0x74; BYTE $0x71; BYTE $0x72; BYTE $0x73
+	BYTE $0x78; BYTE $0x75; BYTE $0x76; BYTE $0x77
+	BYTE $0xac; BYTE $0x69; BYTE $0xed; BYTE $0xee
+	BYTE $0xeb; BYTE $0xef; BYTE $0xec; BYTE $0xbf
+	BYTE $0x80; BYTE $0xfd; BYTE $0xfe; BYTE $0xfb
+	BYTE $0xfc; BYTE $0xba; BYTE $0xae; BYTE $0x59
+	BYTE $0x44; BYTE $0x45; BYTE $0x42; BYTE $0x46
+	BYTE $0x43; BYTE $0x47; BYTE $0x9c; BYTE $0x48
+	BYTE $0x54; BYTE $0x51; BYTE $0x52; BYTE $0x53
+	BYTE $0x58; BYTE $0x55; BYTE $0x56; BYTE $0x57
+	BYTE $0x8c; BYTE $0x49; BYTE $0xcd; BYTE $0xce
+	BYTE $0xcb; BYTE $0xcf; BYTE $0xcc; BYTE $0xe1
+	BYTE $0x70; BYTE $0xdd; BYTE $0xde; BYTE $0xdb
+	BYTE $0xdc; BYTE $0x8d; BYTE $0x8e; BYTE $0xdf
+
+retry:
+	WORD $0xB9931022 // TROO 2,2,b'0001'
+	BVS  retry
+	RET
+
+//   func e2a(arr [] byte)
+//   code page conversion from  1047 to 819
+TEXT ·E2a(SB), NOSPLIT|NOFRAME, $0
+	MOVD arg_base+0(FP), R2                        // pointer to arry of characters
+	MOVD arg_len+8(FP), R3                         // count
+	XOR  R0, R0
+	XOR  R1, R1
+	BYTE $0xA7; BYTE $0x15; BYTE $0x00; BYTE $0x82 // BRAS 1,(2+(256/2))
+
+	// EBCDIC -> ASCII conversion table:
+	BYTE $0x00; BYTE $0x01; BYTE $0x02; BYTE $0x03
+	BYTE $0x9c; BYTE $0x09; BYTE $0x86; BYTE $0x7f
+	BYTE $0x97; BYTE $0x8d; BYTE $0x8e; BYTE $0x0b
+	BYTE $0x0c; BYTE $0x0d; BYTE $0x0e; BYTE $0x0f
+	BYTE $0x10; BYTE $0x11; BYTE $0x12; BYTE $0x13
+	BYTE $0x9d; BYTE $0x0a; BYTE $0x08; BYTE $0x87
+	BYTE $0x18; BYTE $0x19; BYTE $0x92; BYTE $0x8f
+	BYTE $0x1c; BYTE $0x1d; BYTE $0x1e; BYTE $0x1f
+	BYTE $0x80; BYTE $0x81; BYTE $0x82; BYTE $0x83
+	BYTE $0x84; BYTE $0x85; BYTE $0x17; BYTE $0x1b
+	BYTE $0x88; BYTE $0x89; BYTE $0x8a; BYTE $0x8b
+	BYTE $0x8c; BYTE $0x05; BYTE $0x06; BYTE $0x07
+	BYTE $0x90; BYTE $0x91; BYTE $0x16; BYTE $0x93
+	BYTE $0x94; BYTE $0x95; BYTE $0x96; BYTE $0x04
+	BYTE $0x98; BYTE $0x99; BYTE $0x9a; BYTE $0x9b
+	BYTE $0x14; BYTE $0x15; BYTE $0x9e; BYTE $0x1a
+	BYTE $0x20; BYTE $0xa0; BYTE $0xe2; BYTE $0xe4
+	BYTE $0xe0; BYTE $0xe1; BYTE $0xe3; BYTE $0xe5
+	BYTE $0xe7; BYTE $0xf1; BYTE $0xa2; BYTE $0x2e
+	BYTE $0x3c; BYTE $0x28; BYTE $0x2b; BYTE $0x7c
+	BYTE $0x26; BYTE $0xe9; BYTE $0xea; BYTE $0xeb
+	BYTE $0xe8; BYTE $0xed; BYTE $0xee; BYTE $0xef
+	BYTE $0xec; BYTE $0xdf; BYTE $0x21; BYTE $0x24
+	BYTE $0x2a; BYTE $0x29; BYTE $0x3b; BYTE $0x5e
+	BYTE $0x2d; BYTE $0x2f; BYTE $0xc2; BYTE $0xc4
+	BYTE $0xc0; BYTE $0xc1; BYTE $0xc3; BYTE $0xc5
+	BYTE $0xc7; BYTE $0xd1; BYTE $0xa6; BYTE $0x2c
+	BYTE $0x25; BYTE $0x5f; BYTE $0x3e; BYTE $0x3f
+	BYTE $0xf8; BYTE $0xc9; BYTE $0xca; BYTE $0xcb
+	BYTE $0xc8; BYTE $0xcd; BYTE $0xce; BYTE $0xcf
+	BYTE $0xcc; BYTE $0x60; BYTE $0x3a; BYTE $0x23
+	BYTE $0x40; BYTE $0x27; BYTE $0x3d; BYTE $0x22
+	BYTE $0xd8; BYTE $0x61; BYTE $0x62; BYTE $0x63
+	BYTE $0x64; BYTE $0x65; BYTE $0x66; BYTE $0x67
+	BYTE $0x68; BYTE $0x69; BYTE $0xab; BYTE $0xbb
+	BYTE $0xf0; BYTE $0xfd; BYTE $0xfe; BYTE $0xb1
+	BYTE $0xb0; BYTE $0x6a; BYTE $0x6b; BYTE $0x6c
+	BYTE $0x6d; BYTE $0x6e; BYTE $0x6f; BYTE $0x70
+	BYTE $0x71; BYTE $0x72; BYTE $0xaa; BYTE $0xba
+	BYTE $0xe6; BYTE $0xb8; BYTE $0xc6; BYTE $0xa4
+	BYTE $0xb5; BYTE $0x7e; BYTE $0x73; BYTE $0x74
+	BYTE $0x75; BYTE $0x76; BYTE $0x77; BYTE $0x78
+	BYTE $0x79; BYTE $0x7a; BYTE $0xa1; BYTE $0xbf
+	BYTE $0xd0; BYTE $0x5b; BYTE $0xde; BYTE $0xae
+	BYTE $0xac; BYTE $0xa3; BYTE $0xa5; BYTE $0xb7
+	BYTE $0xa9; BYTE $0xa7; BYTE $0xb6; BYTE $0xbc
+	BYTE $0xbd; BYTE $0xbe; BYTE $0xdd; BYTE $0xa8
+	BYTE $0xaf; BYTE $0x5d; BYTE $0xb4; BYTE $0xd7
+	BYTE $0x7b; BYTE $0x41; BYTE $0x42; BYTE $0x43
+	BYTE $0x44; BYTE $0x45; BYTE $0x46; BYTE $0x47
+	BYTE $0x48; BYTE $0x49; BYTE $0xad; BYTE $0xf4
+	BYTE $0xf6; BYTE $0xf2; BYTE $0xf3; BYTE $0xf5
+	BYTE $0x7d; BYTE $0x4a; BYTE $0x4b; BYTE $0x4c
+	BYTE $0x4d; BYTE $0x4e; BYTE $0x4f; BYTE $0x50
+	BYTE $0x51; BYTE $0x52; BYTE $0xb9; BYTE $0xfb
+	BYTE $0xfc; BYTE $0xf9; BYTE $0xfa; BYTE $0xff
+	BYTE $0x5c; BYTE $0xf7; BYTE $0x53; BYTE $0x54
+	BYTE $0x55; BYTE $0x56; BYTE $0x57; BYTE $0x58
+	BYTE $0x59; BYTE $0x5a; BYTE $0xb2; BYTE $0xd4
+	BYTE $0xd6; BYTE $0xd2; BYTE $0xd3; BYTE $0xd5
+	BYTE $0x30; BYTE $0x31; BYTE $0x32; BYTE $0x33
+	BYTE $0x34; BYTE $0x35; BYTE $0x36; BYTE $0x37
+	BYTE $0x38; BYTE $0x39; BYTE $0xb3; BYTE $0xdb
+	BYTE $0xdc; BYTE $0xd9; BYTE $0xda; BYTE $0x9f
+
+retry:
+	WORD $0xB9931022 // TROO 2,2,b'0001'
+	BVS  retry
+	RET
diff --git a/vendor/golang.org/x/sys/unix/epoll_zos.go b/vendor/golang.org/x/sys/unix/epoll_zos.go
deleted file mode 100644
index 7753fddea..000000000
--- a/vendor/golang.org/x/sys/unix/epoll_zos.go
+++ /dev/null
@@ -1,220 +0,0 @@
-// Copyright 2020 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build zos && s390x
-
-package unix
-
-import (
-	"sync"
-)
-
-// This file simulates epoll on z/OS using poll.
-
-// Analogous to epoll_event on Linux.
-// TODO(neeilan): Pad is because the Linux kernel expects a 96-bit struct. We never pass this to the kernel; remove?
-type EpollEvent struct {
-	Events uint32
-	Fd     int32
-	Pad    int32
-}
-
-const (
-	EPOLLERR      = 0x8
-	EPOLLHUP      = 0x10
-	EPOLLIN       = 0x1
-	EPOLLMSG      = 0x400
-	EPOLLOUT      = 0x4
-	EPOLLPRI      = 0x2
-	EPOLLRDBAND   = 0x80
-	EPOLLRDNORM   = 0x40
-	EPOLLWRBAND   = 0x200
-	EPOLLWRNORM   = 0x100
-	EPOLL_CTL_ADD = 0x1
-	EPOLL_CTL_DEL = 0x2
-	EPOLL_CTL_MOD = 0x3
-	// The following constants are part of the epoll API, but represent
-	// currently unsupported functionality on z/OS.
-	// EPOLL_CLOEXEC  = 0x80000
-	// EPOLLET        = 0x80000000
-	// EPOLLONESHOT   = 0x40000000
-	// EPOLLRDHUP     = 0x2000     // Typically used with edge-triggered notis
-	// EPOLLEXCLUSIVE = 0x10000000 // Exclusive wake-up mode
-	// EPOLLWAKEUP    = 0x20000000 // Relies on Linux's BLOCK_SUSPEND capability
-)
-
-// TODO(neeilan): We can eliminate these epToPoll / pToEpoll calls by using identical mask values for POLL/EPOLL
-// constants where possible The lower 16 bits of epoll events (uint32) can fit any system poll event (int16).
-
-// epToPollEvt converts epoll event field to poll equivalent.
-// In epoll, Events is a 32-bit field, while poll uses 16 bits.
-func epToPollEvt(events uint32) int16 {
-	var ep2p = map[uint32]int16{
-		EPOLLIN:  POLLIN,
-		EPOLLOUT: POLLOUT,
-		EPOLLHUP: POLLHUP,
-		EPOLLPRI: POLLPRI,
-		EPOLLERR: POLLERR,
-	}
-
-	var pollEvts int16 = 0
-	for epEvt, pEvt := range ep2p {
-		if (events & epEvt) != 0 {
-			pollEvts |= pEvt
-		}
-	}
-
-	return pollEvts
-}
-
-// pToEpollEvt converts 16 bit poll event bitfields to 32-bit epoll event fields.
-func pToEpollEvt(revents int16) uint32 {
-	var p2ep = map[int16]uint32{
-		POLLIN:  EPOLLIN,
-		POLLOUT: EPOLLOUT,
-		POLLHUP: EPOLLHUP,
-		POLLPRI: EPOLLPRI,
-		POLLERR: EPOLLERR,
-	}
-
-	var epollEvts uint32 = 0
-	for pEvt, epEvt := range p2ep {
-		if (revents & pEvt) != 0 {
-			epollEvts |= epEvt
-		}
-	}
-
-	return epollEvts
-}
-
-// Per-process epoll implementation.
-type epollImpl struct {
-	mu       sync.Mutex
-	epfd2ep  map[int]*eventPoll
-	nextEpfd int
-}
-
-// eventPoll holds a set of file descriptors being watched by the process. A process can have multiple epoll instances.
-// On Linux, this is an in-kernel data structure accessed through a fd.
-type eventPoll struct {
-	mu  sync.Mutex
-	fds map[int]*EpollEvent
-}
-
-// epoll impl for this process.
-var impl epollImpl = epollImpl{
-	epfd2ep:  make(map[int]*eventPoll),
-	nextEpfd: 0,
-}
-
-func (e *epollImpl) epollcreate(size int) (epfd int, err error) {
-	e.mu.Lock()
-	defer e.mu.Unlock()
-	epfd = e.nextEpfd
-	e.nextEpfd++
-
-	e.epfd2ep[epfd] = &eventPoll{
-		fds: make(map[int]*EpollEvent),
-	}
-	return epfd, nil
-}
-
-func (e *epollImpl) epollcreate1(flag int) (fd int, err error) {
-	return e.epollcreate(4)
-}
-
-func (e *epollImpl) epollctl(epfd int, op int, fd int, event *EpollEvent) (err error) {
-	e.mu.Lock()
-	defer e.mu.Unlock()
-
-	ep, ok := e.epfd2ep[epfd]
-	if !ok {
-
-		return EBADF
-	}
-
-	switch op {
-	case EPOLL_CTL_ADD:
-		// TODO(neeilan): When we make epfds and fds disjoint, detect epoll
-		// loops here (instances watching each other) and return ELOOP.
-		if _, ok := ep.fds[fd]; ok {
-			return EEXIST
-		}
-		ep.fds[fd] = event
-	case EPOLL_CTL_MOD:
-		if _, ok := ep.fds[fd]; !ok {
-			return ENOENT
-		}
-		ep.fds[fd] = event
-	case EPOLL_CTL_DEL:
-		if _, ok := ep.fds[fd]; !ok {
-			return ENOENT
-		}
-		delete(ep.fds, fd)
-
-	}
-	return nil
-}
-
-// Must be called while holding ep.mu
-func (ep *eventPoll) getFds() []int {
-	fds := make([]int, len(ep.fds))
-	for fd := range ep.fds {
-		fds = append(fds, fd)
-	}
-	return fds
-}
-
-func (e *epollImpl) epollwait(epfd int, events []EpollEvent, msec int) (n int, err error) {
-	e.mu.Lock() // in [rare] case of concurrent epollcreate + epollwait
-	ep, ok := e.epfd2ep[epfd]
-
-	if !ok {
-		e.mu.Unlock()
-		return 0, EBADF
-	}
-
-	pollfds := make([]PollFd, 4)
-	for fd, epollevt := range ep.fds {
-		pollfds = append(pollfds, PollFd{Fd: int32(fd), Events: epToPollEvt(epollevt.Events)})
-	}
-	e.mu.Unlock()
-
-	n, err = Poll(pollfds, msec)
-	if err != nil {
-		return n, err
-	}
-
-	i := 0
-	for _, pFd := range pollfds {
-		if pFd.Revents != 0 {
-			events[i] = EpollEvent{Fd: pFd.Fd, Events: pToEpollEvt(pFd.Revents)}
-			i++
-		}
-
-		if i == n {
-			break
-		}
-	}
-
-	return n, nil
-}
-
-func EpollCreate(size int) (fd int, err error) {
-	return impl.epollcreate(size)
-}
-
-func EpollCreate1(flag int) (fd int, err error) {
-	return impl.epollcreate1(flag)
-}
-
-func EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
-	return impl.epollctl(epfd, op, fd, event)
-}
-
-// Because EpollWait mutates events, the caller is expected to coordinate
-// concurrent access if calling with the same epfd from multiple goroutines.
-func EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
-	return impl.epollwait(epfd, events, msec)
-}
diff --git a/vendor/golang.org/x/sys/unix/fstatfs_zos.go b/vendor/golang.org/x/sys/unix/fstatfs_zos.go
deleted file mode 100644
index c8bde601e..000000000
--- a/vendor/golang.org/x/sys/unix/fstatfs_zos.go
+++ /dev/null
@@ -1,163 +0,0 @@
-// Copyright 2020 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build zos && s390x
-
-package unix
-
-import (
-	"unsafe"
-)
-
-// This file simulates fstatfs on z/OS using fstatvfs and w_getmntent.
-
-func Fstatfs(fd int, stat *Statfs_t) (err error) {
-	var stat_v Statvfs_t
-	err = Fstatvfs(fd, &stat_v)
-	if err == nil {
-		// populate stat
-		stat.Type = 0
-		stat.Bsize = stat_v.Bsize
-		stat.Blocks = stat_v.Blocks
-		stat.Bfree = stat_v.Bfree
-		stat.Bavail = stat_v.Bavail
-		stat.Files = stat_v.Files
-		stat.Ffree = stat_v.Ffree
-		stat.Fsid = stat_v.Fsid
-		stat.Namelen = stat_v.Namemax
-		stat.Frsize = stat_v.Frsize
-		stat.Flags = stat_v.Flag
-		for passn := 0; passn < 5; passn++ {
-			switch passn {
-			case 0:
-				err = tryGetmntent64(stat)
-				break
-			case 1:
-				err = tryGetmntent128(stat)
-				break
-			case 2:
-				err = tryGetmntent256(stat)
-				break
-			case 3:
-				err = tryGetmntent512(stat)
-				break
-			case 4:
-				err = tryGetmntent1024(stat)
-				break
-			default:
-				break
-			}
-			//proceed to return if: err is nil (found), err is nonnil but not ERANGE (another error occurred)
-			if err == nil || err != nil && err != ERANGE {
-				break
-			}
-		}
-	}
-	return err
-}
-
-func tryGetmntent64(stat *Statfs_t) (err error) {
-	var mnt_ent_buffer struct {
-		header       W_Mnth
-		filesys_info [64]W_Mntent
-	}
-	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
-	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
-	if err != nil {
-		return err
-	}
-	err = ERANGE //return ERANGE if no match is found in this batch
-	for i := 0; i < fs_count; i++ {
-		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
-			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
-			err = nil
-			break
-		}
-	}
-	return err
-}
-
-func tryGetmntent128(stat *Statfs_t) (err error) {
-	var mnt_ent_buffer struct {
-		header       W_Mnth
-		filesys_info [128]W_Mntent
-	}
-	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
-	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
-	if err != nil {
-		return err
-	}
-	err = ERANGE //return ERANGE if no match is found in this batch
-	for i := 0; i < fs_count; i++ {
-		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
-			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
-			err = nil
-			break
-		}
-	}
-	return err
-}
-
-func tryGetmntent256(stat *Statfs_t) (err error) {
-	var mnt_ent_buffer struct {
-		header       W_Mnth
-		filesys_info [256]W_Mntent
-	}
-	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
-	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
-	if err != nil {
-		return err
-	}
-	err = ERANGE //return ERANGE if no match is found in this batch
-	for i := 0; i < fs_count; i++ {
-		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
-			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
-			err = nil
-			break
-		}
-	}
-	return err
-}
-
-func tryGetmntent512(stat *Statfs_t) (err error) {
-	var mnt_ent_buffer struct {
-		header       W_Mnth
-		filesys_info [512]W_Mntent
-	}
-	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
-	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
-	if err != nil {
-		return err
-	}
-	err = ERANGE //return ERANGE if no match is found in this batch
-	for i := 0; i < fs_count; i++ {
-		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
-			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
-			err = nil
-			break
-		}
-	}
-	return err
-}
-
-func tryGetmntent1024(stat *Statfs_t) (err error) {
-	var mnt_ent_buffer struct {
-		header       W_Mnth
-		filesys_info [1024]W_Mntent
-	}
-	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
-	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
-	if err != nil {
-		return err
-	}
-	err = ERANGE //return ERANGE if no match is found in this batch
-	for i := 0; i < fs_count; i++ {
-		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
-			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
-			err = nil
-			break
-		}
-	}
-	return err
-}
diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go
index dbe680eab..7ca4fa12a 100644
--- a/vendor/golang.org/x/sys/unix/ioctl_linux.go
+++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go
@@ -58,6 +58,102 @@ func IoctlGetEthtoolDrvinfo(fd int, ifname string) (*EthtoolDrvinfo, error) {
 	return &value, err
 }
 
+// IoctlGetEthtoolTsInfo fetches ethtool timestamping and PHC
+// association for the network device specified by ifname.
+func IoctlGetEthtoolTsInfo(fd int, ifname string) (*EthtoolTsInfo, error) {
+	ifr, err := NewIfreq(ifname)
+	if err != nil {
+		return nil, err
+	}
+
+	value := EthtoolTsInfo{Cmd: ETHTOOL_GET_TS_INFO}
+	ifrd := ifr.withData(unsafe.Pointer(&value))
+
+	err = ioctlIfreqData(fd, SIOCETHTOOL, &ifrd)
+	return &value, err
+}
+
+// IoctlGetHwTstamp retrieves the hardware timestamping configuration
+// for the network device specified by ifname.
+func IoctlGetHwTstamp(fd int, ifname string) (*HwTstampConfig, error) {
+	ifr, err := NewIfreq(ifname)
+	if err != nil {
+		return nil, err
+	}
+
+	value := HwTstampConfig{}
+	ifrd := ifr.withData(unsafe.Pointer(&value))
+
+	err = ioctlIfreqData(fd, SIOCGHWTSTAMP, &ifrd)
+	return &value, err
+}
+
+// IoctlSetHwTstamp updates the hardware timestamping configuration for
+// the network device specified by ifname.
+func IoctlSetHwTstamp(fd int, ifname string, cfg *HwTstampConfig) error {
+	ifr, err := NewIfreq(ifname)
+	if err != nil {
+		return err
+	}
+	ifrd := ifr.withData(unsafe.Pointer(cfg))
+	return ioctlIfreqData(fd, SIOCSHWTSTAMP, &ifrd)
+}
+
+// FdToClockID derives the clock ID from the file descriptor number
+// - see clock_gettime(3), FD_TO_CLOCKID macros. The resulting ID is
+// suitable for system calls like ClockGettime.
+func FdToClockID(fd int) int32 { return int32((int(^fd) << 3) | 3) }
+
+// IoctlPtpClockGetcaps returns the description of a given PTP device.
+func IoctlPtpClockGetcaps(fd int) (*PtpClockCaps, error) {
+	var value PtpClockCaps
+	err := ioctlPtr(fd, PTP_CLOCK_GETCAPS2, unsafe.Pointer(&value))
+	return &value, err
+}
+
+// IoctlPtpSysOffsetPrecise returns a description of the clock
+// offset compared to the system clock.
+func IoctlPtpSysOffsetPrecise(fd int) (*PtpSysOffsetPrecise, error) {
+	var value PtpSysOffsetPrecise
+	err := ioctlPtr(fd, PTP_SYS_OFFSET_PRECISE2, unsafe.Pointer(&value))
+	return &value, err
+}
+
+// IoctlPtpSysOffsetExtended returns an extended description of the
+// clock offset compared to the system clock. The samples parameter
+// specifies the desired number of measurements.
+func IoctlPtpSysOffsetExtended(fd int, samples uint) (*PtpSysOffsetExtended, error) {
+	value := PtpSysOffsetExtended{Samples: uint32(samples)}
+	err := ioctlPtr(fd, PTP_SYS_OFFSET_EXTENDED2, unsafe.Pointer(&value))
+	return &value, err
+}
+
+// IoctlPtpPinGetfunc returns the configuration of the specified
+// I/O pin on given PTP device.
+func IoctlPtpPinGetfunc(fd int, index uint) (*PtpPinDesc, error) {
+	value := PtpPinDesc{Index: uint32(index)}
+	err := ioctlPtr(fd, PTP_PIN_GETFUNC2, unsafe.Pointer(&value))
+	return &value, err
+}
+
+// IoctlPtpPinSetfunc updates configuration of the specified PTP
+// I/O pin.
+func IoctlPtpPinSetfunc(fd int, pd *PtpPinDesc) error {
+	return ioctlPtr(fd, PTP_PIN_SETFUNC2, unsafe.Pointer(pd))
+}
+
+// IoctlPtpPeroutRequest configures the periodic output mode of the
+// PTP I/O pins.
+func IoctlPtpPeroutRequest(fd int, r *PtpPeroutRequest) error {
+	return ioctlPtr(fd, PTP_PEROUT_REQUEST2, unsafe.Pointer(r))
+}
+
+// IoctlPtpExttsRequest configures the external timestamping mode
+// of the PTP I/O pins.
+func IoctlPtpExttsRequest(fd int, r *PtpExttsRequest) error {
+	return ioctlPtr(fd, PTP_EXTTS_REQUEST2, unsafe.Pointer(r))
+}
+
 // IoctlGetWatchdogInfo fetches information about a watchdog device from the
 // Linux watchdog API. For more information, see:
 // https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html.
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index fdcaa974d..6ab02b6c3 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -58,6 +58,7 @@ includes_Darwin='
 #define _DARWIN_USE_64_BIT_INODE
 #define __APPLE_USE_RFC_3542
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -157,6 +158,16 @@ includes_Linux='
 #endif
 #define _GNU_SOURCE
 
+// See the description in unix/linux/types.go
+#if defined(__ARM_EABI__) || \
+	(defined(__mips__) && (_MIPS_SIM == _ABIO32)) || \
+	(defined(__powerpc__) && (!defined(__powerpc64__)))
+# ifdef   _TIME_BITS
+#  undef  _TIME_BITS
+# endif
+# define  _TIME_BITS 32
+#endif
+
 //  is broken on powerpc64, as it fails to include definitions of
 // these structures. We just include them copied from .
 #if defined(__powerpc__)
@@ -255,6 +266,7 @@ struct ltchars {
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -263,6 +275,7 @@ struct ltchars {
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -525,6 +538,7 @@ ccflags="$@"
 		$2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MREMAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ ||
 		$2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ ||
 		$2 ~ /^NFC_.*_(MAX)?SIZE$/ ||
+		$2 ~ /^PTP_/ ||
 		$2 ~ /^RAW_PAYLOAD_/ ||
 		$2 ~ /^[US]F_/ ||
 		$2 ~ /^TP_STATUS_/ ||
@@ -549,6 +563,8 @@ ccflags="$@"
 		$2 !~ "NLA_TYPE_MASK" &&
 		$2 !~ /^RTC_VL_(ACCURACY|BACKUP|DATA)/ &&
 		$2 ~ /^(NETLINK|NLM|NLMSG|NLA|IFA|IFAN|RT|RTC|RTCF|RTN|RTPROT|RTNH|ARPHRD|ETH_P|NETNSA)_/ ||
+		$2 ~ /^SOCK_|SK_DIAG_|SKNLGRP_$/ ||
+		$2 ~ /^(CONNECT|SAE)_/ ||
 		$2 ~ /^FIORDCHK$/ ||
 		$2 ~ /^SIOC/ ||
 		$2 ~ /^TIOC/ ||
@@ -652,7 +668,7 @@ errors=$(
 signals=$(
 	echo '#include ' | $CC -x c - -E -dM $ccflags |
 	awk '$1=="#define" && $2 ~ /^SIG[A-Z0-9]+$/ { print $2 }' |
-	grep -v 'SIGSTKSIZE\|SIGSTKSZ\|SIGRT\|SIGMAX64' |
+	grep -E -v '(SIGSTKSIZE|SIGSTKSZ|SIGRT|SIGMAX64)' |
 	sort
 )
 
@@ -662,7 +678,7 @@ echo '#include ' | $CC -x c - -E -dM $ccflags |
 	sort >_error.grep
 echo '#include ' | $CC -x c - -E -dM $ccflags |
 	awk '$1=="#define" && $2 ~ /^SIG[A-Z0-9]+$/ { print "^\t" $2 "[ \t]*=" }' |
-	grep -v 'SIGSTKSIZE\|SIGSTKSZ\|SIGRT\|SIGMAX64' |
+	grep -E -v '(SIGSTKSIZE|SIGSTKSZ|SIGRT|SIGMAX64)' |
 	sort >_signal.grep
 
 echo '// mkerrors.sh' "$@"
diff --git a/vendor/golang.org/x/sys/unix/mmap_nomremap.go b/vendor/golang.org/x/sys/unix/mmap_nomremap.go
index 4b68e5978..7f602ffd2 100644
--- a/vendor/golang.org/x/sys/unix/mmap_nomremap.go
+++ b/vendor/golang.org/x/sys/unix/mmap_nomremap.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build aix || darwin || dragonfly || freebsd || openbsd || solaris
+//go:build aix || darwin || dragonfly || freebsd || openbsd || solaris || zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/mremap.go b/vendor/golang.org/x/sys/unix/mremap.go
index fd45fe529..3a5e776f8 100644
--- a/vendor/golang.org/x/sys/unix/mremap.go
+++ b/vendor/golang.org/x/sys/unix/mremap.go
@@ -50,3 +50,8 @@ func (m *mremapMmapper) Mremap(oldData []byte, newLength int, flags int) (data [
 func Mremap(oldData []byte, newLength int, flags int) (data []byte, err error) {
 	return mapper.Mremap(oldData, newLength, flags)
 }
+
+func MremapPtr(oldAddr unsafe.Pointer, oldSize uintptr, newAddr unsafe.Pointer, newSize uintptr, flags int) (ret unsafe.Pointer, err error) {
+	xaddr, err := mapper.mremap(uintptr(oldAddr), oldSize, newSize, flags, uintptr(newAddr))
+	return unsafe.Pointer(xaddr), err
+}
diff --git a/vendor/golang.org/x/sys/unix/pagesize_unix.go b/vendor/golang.org/x/sys/unix/pagesize_unix.go
index 4d0a3430e..0482408d7 100644
--- a/vendor/golang.org/x/sys/unix/pagesize_unix.go
+++ b/vendor/golang.org/x/sys/unix/pagesize_unix.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
 
 // For Unix, get the pagesize from the runtime.
 
diff --git a/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go b/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
index 130398b6b..b903c0060 100644
--- a/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
+++ b/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build darwin
+//go:build darwin || zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/sockcmsg_zos.go b/vendor/golang.org/x/sys/unix/sockcmsg_zos.go
new file mode 100644
index 000000000..3e53dbc02
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/sockcmsg_zos.go
@@ -0,0 +1,58 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Socket control messages
+
+package unix
+
+import "unsafe"
+
+// UnixCredentials encodes credentials into a socket control message
+// for sending to another process. This can be used for
+// authentication.
+func UnixCredentials(ucred *Ucred) []byte {
+	b := make([]byte, CmsgSpace(SizeofUcred))
+	h := (*Cmsghdr)(unsafe.Pointer(&b[0]))
+	h.Level = SOL_SOCKET
+	h.Type = SCM_CREDENTIALS
+	h.SetLen(CmsgLen(SizeofUcred))
+	*(*Ucred)(h.data(0)) = *ucred
+	return b
+}
+
+// ParseUnixCredentials decodes a socket control message that contains
+// credentials in a Ucred structure. To receive such a message, the
+// SO_PASSCRED option must be enabled on the socket.
+func ParseUnixCredentials(m *SocketControlMessage) (*Ucred, error) {
+	if m.Header.Level != SOL_SOCKET {
+		return nil, EINVAL
+	}
+	if m.Header.Type != SCM_CREDENTIALS {
+		return nil, EINVAL
+	}
+	ucred := *(*Ucred)(unsafe.Pointer(&m.Data[0]))
+	return &ucred, nil
+}
+
+// PktInfo4 encodes Inet4Pktinfo into a socket control message of type IP_PKTINFO.
+func PktInfo4(info *Inet4Pktinfo) []byte {
+	b := make([]byte, CmsgSpace(SizeofInet4Pktinfo))
+	h := (*Cmsghdr)(unsafe.Pointer(&b[0]))
+	h.Level = SOL_IP
+	h.Type = IP_PKTINFO
+	h.SetLen(CmsgLen(SizeofInet4Pktinfo))
+	*(*Inet4Pktinfo)(h.data(0)) = *info
+	return b
+}
+
+// PktInfo6 encodes Inet6Pktinfo into a socket control message of type IPV6_PKTINFO.
+func PktInfo6(info *Inet6Pktinfo) []byte {
+	b := make([]byte, CmsgSpace(SizeofInet6Pktinfo))
+	h := (*Cmsghdr)(unsafe.Pointer(&b[0]))
+	h.Level = SOL_IPV6
+	h.Type = IPV6_PKTINFO
+	h.SetLen(CmsgLen(SizeofInet6Pktinfo))
+	*(*Inet6Pktinfo)(h.data(0)) = *info
+	return b
+}
diff --git a/vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s b/vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s
new file mode 100644
index 000000000..3c4f33cb6
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s
@@ -0,0 +1,75 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x && gc
+
+#include "textflag.h"
+
+//  provide the address of function variable to be fixed up.
+
+TEXT ·getPipe2Addr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Pipe2(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_FlockAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Flock(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_GetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Getxattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_NanosleepAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Nanosleep(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_SetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Setxattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_Wait4Addr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Wait4(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_MountAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Mount(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_UnmountAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Unmount(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_UtimesNanoAtAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·UtimesNanoAt(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_UtimesNanoAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·UtimesNano(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_MkfifoatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Mkfifoat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_ChtagAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Chtag(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+TEXT ·get_ReadlinkatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Readlinkat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+	
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix.go b/vendor/golang.org/x/sys/unix/syscall_aix.go
index 67ce6cef2..6f15ba1ea 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix.go
@@ -360,7 +360,7 @@ func Wait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int,
 	var status _C_int
 	var r Pid_t
 	err = ERESTART
-	// AIX wait4 may return with ERESTART errno, while the processus is still
+	// AIX wait4 may return with ERESTART errno, while the process is still
 	// active.
 	for err == ERESTART {
 		r, err = wait4(Pid_t(pid), &status, options, rusage)
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go
index 59542a897..099867dee 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go
@@ -402,6 +402,18 @@ func IoctlSetIfreqMTU(fd int, ifreq *IfreqMTU) error {
 	return ioctlPtr(fd, SIOCSIFMTU, unsafe.Pointer(ifreq))
 }
 
+//sys	renamexNp(from string, to string, flag uint32) (err error)
+
+func RenamexNp(from string, to string, flag uint32) (err error) {
+	return renamexNp(from, to, flag)
+}
+
+//sys	renameatxNp(fromfd int, from string, tofd int, to string, flag uint32) (err error)
+
+func RenameatxNp(fromfd int, from string, tofd int, to string, flag uint32) (err error) {
+	return renameatxNp(fromfd, from, tofd, to, flag)
+}
+
 //sys	sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS_SYSCTL
 
 func Uname(uname *Utsname) error {
@@ -542,6 +554,55 @@ func SysctlKinfoProcSlice(name string, args ...int) ([]KinfoProc, error) {
 	}
 }
 
+//sys	pthread_chdir_np(path string) (err error)
+
+func PthreadChdir(path string) (err error) {
+	return pthread_chdir_np(path)
+}
+
+//sys	pthread_fchdir_np(fd int) (err error)
+
+func PthreadFchdir(fd int) (err error) {
+	return pthread_fchdir_np(fd)
+}
+
+// Connectx calls connectx(2) to initiate a connection on a socket.
+//
+// srcIf, srcAddr, and dstAddr are filled into a [SaEndpoints] struct and passed as the endpoints argument.
+//
+//   - srcIf is the optional source interface index. 0 means unspecified.
+//   - srcAddr is the optional source address. nil means unspecified.
+//   - dstAddr is the destination address.
+//
+// On success, Connectx returns the number of bytes enqueued for transmission.
+func Connectx(fd int, srcIf uint32, srcAddr, dstAddr Sockaddr, associd SaeAssocID, flags uint32, iov []Iovec, connid *SaeConnID) (n uintptr, err error) {
+	endpoints := SaEndpoints{
+		Srcif: srcIf,
+	}
+
+	if srcAddr != nil {
+		addrp, addrlen, err := srcAddr.sockaddr()
+		if err != nil {
+			return 0, err
+		}
+		endpoints.Srcaddr = (*RawSockaddr)(addrp)
+		endpoints.Srcaddrlen = uint32(addrlen)
+	}
+
+	if dstAddr != nil {
+		addrp, addrlen, err := dstAddr.sockaddr()
+		if err != nil {
+			return 0, err
+		}
+		endpoints.Dstaddr = (*RawSockaddr)(addrp)
+		endpoints.Dstaddrlen = uint32(addrlen)
+	}
+
+	err = connectx(fd, &endpoints, associd, flags, iov, &n, connid)
+	return
+}
+
+//sys	connectx(fd int, endpoints *SaEndpoints, associd SaeAssocID, flags uint32, iov []Iovec, n *uintptr, connid *SaeConnID) (err error)
 //sys	sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error)
 
 //sys	shmat(id int, addr uintptr, flag int) (ret uintptr, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
index 97cb916f2..be8c00207 100644
--- a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
+++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
@@ -246,6 +246,18 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 	return sendfile(outfd, infd, offset, count)
 }
 
+func Dup3(oldfd, newfd, flags int) error {
+	if oldfd == newfd || flags&^O_CLOEXEC != 0 {
+		return EINVAL
+	}
+	how := F_DUP2FD
+	if flags&O_CLOEXEC != 0 {
+		how = F_DUP2FD_CLOEXEC
+	}
+	_, err := fcntl(oldfd, how, newfd)
+	return err
+}
+
 /*
  * Exposed directly
  */
diff --git a/vendor/golang.org/x/sys/unix/syscall_hurd.go b/vendor/golang.org/x/sys/unix/syscall_hurd.go
index ba46651f8..a6a2d2fc2 100644
--- a/vendor/golang.org/x/sys/unix/syscall_hurd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_hurd.go
@@ -11,6 +11,7 @@ package unix
 int ioctl(int, unsigned long int, uintptr_t);
 */
 import "C"
+import "unsafe"
 
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	r0, er := C.ioctl(C.int(fd), C.ulong(req), C.uintptr_t(arg))
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index 5682e2628..230a94549 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -1295,6 +1295,48 @@ func GetsockoptTCPInfo(fd, level, opt int) (*TCPInfo, error) {
 	return &value, err
 }
 
+// GetsockoptTCPCCVegasInfo returns algorithm specific congestion control information for a socket using the "vegas"
+// algorithm.
+//
+// The socket's congestion control algorighm can be retrieved via [GetsockoptString] with the [TCP_CONGESTION] option:
+//
+//	algo, err := unix.GetsockoptString(fd, unix.IPPROTO_TCP, unix.TCP_CONGESTION)
+func GetsockoptTCPCCVegasInfo(fd, level, opt int) (*TCPVegasInfo, error) {
+	var value [SizeofTCPCCInfo / 4]uint32 // ensure proper alignment
+	vallen := _Socklen(SizeofTCPCCInfo)
+	err := getsockopt(fd, level, opt, unsafe.Pointer(&value[0]), &vallen)
+	out := (*TCPVegasInfo)(unsafe.Pointer(&value[0]))
+	return out, err
+}
+
+// GetsockoptTCPCCDCTCPInfo returns algorithm specific congestion control information for a socket using the "dctp"
+// algorithm.
+//
+// The socket's congestion control algorighm can be retrieved via [GetsockoptString] with the [TCP_CONGESTION] option:
+//
+//	algo, err := unix.GetsockoptString(fd, unix.IPPROTO_TCP, unix.TCP_CONGESTION)
+func GetsockoptTCPCCDCTCPInfo(fd, level, opt int) (*TCPDCTCPInfo, error) {
+	var value [SizeofTCPCCInfo / 4]uint32 // ensure proper alignment
+	vallen := _Socklen(SizeofTCPCCInfo)
+	err := getsockopt(fd, level, opt, unsafe.Pointer(&value[0]), &vallen)
+	out := (*TCPDCTCPInfo)(unsafe.Pointer(&value[0]))
+	return out, err
+}
+
+// GetsockoptTCPCCBBRInfo returns algorithm specific congestion control information for a socket using the "bbr"
+// algorithm.
+//
+// The socket's congestion control algorighm can be retrieved via [GetsockoptString] with the [TCP_CONGESTION] option:
+//
+//	algo, err := unix.GetsockoptString(fd, unix.IPPROTO_TCP, unix.TCP_CONGESTION)
+func GetsockoptTCPCCBBRInfo(fd, level, opt int) (*TCPBBRInfo, error) {
+	var value [SizeofTCPCCInfo / 4]uint32 // ensure proper alignment
+	vallen := _Socklen(SizeofTCPCCInfo)
+	err := getsockopt(fd, level, opt, unsafe.Pointer(&value[0]), &vallen)
+	out := (*TCPBBRInfo)(unsafe.Pointer(&value[0]))
+	return out, err
+}
+
 // GetsockoptString returns the string value of the socket option opt for the
 // socket associated with fd at the given socket level.
 func GetsockoptString(fd, level, opt int) (string, error) {
@@ -1818,6 +1860,7 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 //sys	ClockAdjtime(clockid int32, buf *Timex) (state int, err error)
 //sys	ClockGetres(clockid int32, res *Timespec) (err error)
 //sys	ClockGettime(clockid int32, time *Timespec) (err error)
+//sys	ClockSettime(clockid int32, time *Timespec) (err error)
 //sys	ClockNanosleep(clockid int32, flags int, request *Timespec, remain *Timespec) (err error)
 //sys	Close(fd int) (err error)
 //sys	CloseRange(first uint, last uint, flags uint) (err error)
@@ -1959,7 +2002,26 @@ func Getpgrp() (pid int) {
 //sysnb	Getpid() (pid int)
 //sysnb	Getppid() (ppid int)
 //sys	Getpriority(which int, who int) (prio int, err error)
-//sys	Getrandom(buf []byte, flags int) (n int, err error)
+
+func Getrandom(buf []byte, flags int) (n int, err error) {
+	vdsoRet, supported := vgetrandom(buf, uint32(flags))
+	if supported {
+		if vdsoRet < 0 {
+			return 0, errnoErr(syscall.Errno(-vdsoRet))
+		}
+		return vdsoRet, nil
+	}
+	var p *byte
+	if len(buf) > 0 {
+		p = &buf[0]
+	}
+	r, _, e := Syscall(SYS_GETRANDOM, uintptr(unsafe.Pointer(p)), uintptr(len(buf)), uintptr(flags))
+	if e != 0 {
+		return 0, errnoErr(e)
+	}
+	return int(r), nil
+}
+
 //sysnb	Getrusage(who int, rusage *Rusage) (err error)
 //sysnb	Getsid(pid int) (sid int, err error)
 //sysnb	Gettid() (tid int)
@@ -2592,3 +2654,4 @@ func SchedGetAttr(pid int, flags uint) (*SchedAttr, error) {
 }
 
 //sys	Cachestat(fd uint, crange *CachestatRange, cstat *Cachestat_t, flags uint) (err error)
+//sys	Mseal(b []byte, flags uint) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
index cf2ee6c75..745e5c7e6 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
@@ -182,3 +182,5 @@ func KexecFileLoad(kernelFd int, initrdFd int, cmdline string, flags int) error
 	}
 	return kexecFileLoad(kernelFd, initrdFd, cmdlineLen, cmdline, flags)
 }
+
+const SYS_FSTATAT = SYS_NEWFSTATAT
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
index 3d0e98451..dd2262a40 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
@@ -214,3 +214,5 @@ func KexecFileLoad(kernelFd int, initrdFd int, cmdline string, flags int) error
 	}
 	return kexecFileLoad(kernelFd, initrdFd, cmdlineLen, cmdline, flags)
 }
+
+const SYS_FSTATAT = SYS_NEWFSTATAT
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
index 6f5a28894..8cf3670bd 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
@@ -187,3 +187,5 @@ func RISCVHWProbe(pairs []RISCVHWProbePairs, set *CPUSet, flags uint) (err error
 	}
 	return riscvHWProbe(pairs, setSize, set, flags)
 }
+
+const SYS_FSTATAT = SYS_NEWFSTATAT
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
index b25343c71..b86ded549 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
@@ -293,6 +293,7 @@ func Uname(uname *Utsname) error {
 //sys	Mkfifoat(dirfd int, path string, mode uint32) (err error)
 //sys	Mknod(path string, mode uint32, dev int) (err error)
 //sys	Mknodat(dirfd int, path string, mode uint32, dev int) (err error)
+//sys	Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error)
 //sys	Nanosleep(time *Timespec, leftover *Timespec) (err error)
 //sys	Open(path string, mode int, perm uint32) (fd int, err error)
 //sys	Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix.go b/vendor/golang.org/x/sys/unix/syscall_unix.go
index 77081de8c..4e92e5aa4 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix.go
@@ -154,6 +154,15 @@ func Munmap(b []byte) (err error) {
 	return mapper.Munmap(b)
 }
 
+func MmapPtr(fd int, offset int64, addr unsafe.Pointer, length uintptr, prot int, flags int) (ret unsafe.Pointer, err error) {
+	xaddr, err := mapper.mmap(uintptr(addr), length, prot, flags, fd, offset)
+	return unsafe.Pointer(xaddr), err
+}
+
+func MunmapPtr(addr unsafe.Pointer, length uintptr) (err error) {
+	return mapper.munmap(uintptr(addr), length)
+}
+
 func Read(fd int, p []byte) (n int, err error) {
 	n, err = read(fd, p)
 	if raceenabled {
diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
index b473038c6..7bf5c04bb 100644
--- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
@@ -4,11 +4,21 @@
 
 //go:build zos && s390x
 
+// Many of the following syscalls are not available on all versions of z/OS.
+// Some missing calls have legacy implementations/simulations but others
+// will be missing completely. To achieve consistent failing behaviour on
+// legacy systems, we first test the function pointer via a safeloading
+// mechanism to see if the function exists on a given system. Then execution
+// is branched to either continue the function call, or return an error.
+
 package unix
 
 import (
 	"bytes"
 	"fmt"
+	"os"
+	"reflect"
+	"regexp"
 	"runtime"
 	"sort"
 	"strings"
@@ -17,17 +27,205 @@ import (
 	"unsafe"
 )
 
+//go:noescape
+func initZosLibVec()
+
+//go:noescape
+func GetZosLibVec() uintptr
+
+func init() {
+	initZosLibVec()
+	r0, _, _ := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS_____GETENV_A<<4, uintptr(unsafe.Pointer(&([]byte("__ZOS_XSYSTRACE\x00"))[0])))
+	if r0 != 0 {
+		n, _, _ := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___ATOI_A<<4, r0)
+		ZosTraceLevel = int(n)
+		r0, _, _ := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS_____GETENV_A<<4, uintptr(unsafe.Pointer(&([]byte("__ZOS_XSYSTRACEFD\x00"))[0])))
+		if r0 != 0 {
+			fd, _, _ := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___ATOI_A<<4, r0)
+			f := os.NewFile(fd, "zostracefile")
+			if f != nil {
+				ZosTracefile = f
+			}
+		}
+
+	}
+}
+
+//go:noescape
+func CallLeFuncWithErr(funcdesc uintptr, parms ...uintptr) (ret, errno2 uintptr, err Errno)
+
+//go:noescape
+func CallLeFuncWithPtrReturn(funcdesc uintptr, parms ...uintptr) (ret, errno2 uintptr, err Errno)
+
+// -------------------------------
+// pointer validity test
+// good pointer returns 0
+// bad pointer returns 1
+//
+//go:nosplit
+func ptrtest(uintptr) uint64
+
+// Load memory at ptr location with error handling if the location is invalid
+//
+//go:noescape
+func safeload(ptr uintptr) (value uintptr, error uintptr)
+
 const (
-	O_CLOEXEC = 0       // Dummy value (not supported).
-	AF_LOCAL  = AF_UNIX // AF_LOCAL is an alias for AF_UNIX
+	entrypointLocationOffset = 8 // From function descriptor
+
+	xplinkEyecatcher   = 0x00c300c500c500f1 // ".C.E.E.1"
+	eyecatcherOffset   = 16                 // From function entrypoint (negative)
+	ppa1LocationOffset = 8                  // From function entrypoint (negative)
+
+	nameLenOffset = 0x14 // From PPA1 start
+	nameOffset    = 0x16 // From PPA1 start
 )
 
-func syscall_syscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
-func syscall_rawsyscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
-func syscall_syscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
-func syscall_rawsyscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
-func syscall_syscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err Errno)
-func syscall_rawsyscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err Errno)
+func getPpaOffset(funcptr uintptr) int64 {
+	entrypoint, err := safeload(funcptr + entrypointLocationOffset)
+	if err != 0 {
+		return -1
+	}
+
+	// XPLink functions have ".C.E.E.1" as the first 8 bytes (EBCDIC)
+	val, err := safeload(entrypoint - eyecatcherOffset)
+	if err != 0 {
+		return -1
+	}
+	if val != xplinkEyecatcher {
+		return -1
+	}
+
+	ppaoff, err := safeload(entrypoint - ppa1LocationOffset)
+	if err != 0 {
+		return -1
+	}
+
+	ppaoff >>= 32
+	return int64(ppaoff)
+}
+
+//-------------------------------
+// function descriptor pointer validity test
+// good pointer returns 0
+// bad pointer returns 1
+
+// TODO: currently mksyscall_zos_s390x.go generate empty string for funcName
+// have correct funcName pass to the funcptrtest function
+func funcptrtest(funcptr uintptr, funcName string) uint64 {
+	entrypoint, err := safeload(funcptr + entrypointLocationOffset)
+	if err != 0 {
+		return 1
+	}
+
+	ppaoff := getPpaOffset(funcptr)
+	if ppaoff == -1 {
+		return 1
+	}
+
+	// PPA1 offset value is from the start of the entire function block, not the entrypoint
+	ppa1 := (entrypoint - eyecatcherOffset) + uintptr(ppaoff)
+
+	nameLen, err := safeload(ppa1 + nameLenOffset)
+	if err != 0 {
+		return 1
+	}
+
+	nameLen >>= 48
+	if nameLen > 128 {
+		return 1
+	}
+
+	// no function name input to argument end here
+	if funcName == "" {
+		return 0
+	}
+
+	var funcname [128]byte
+	for i := 0; i < int(nameLen); i += 8 {
+		v, err := safeload(ppa1 + nameOffset + uintptr(i))
+		if err != 0 {
+			return 1
+		}
+		funcname[i] = byte(v >> 56)
+		funcname[i+1] = byte(v >> 48)
+		funcname[i+2] = byte(v >> 40)
+		funcname[i+3] = byte(v >> 32)
+		funcname[i+4] = byte(v >> 24)
+		funcname[i+5] = byte(v >> 16)
+		funcname[i+6] = byte(v >> 8)
+		funcname[i+7] = byte(v)
+	}
+
+	runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___E2A_L<<4, // __e2a_l
+		[]uintptr{uintptr(unsafe.Pointer(&funcname[0])), nameLen})
+
+	name := string(funcname[:nameLen])
+	if name != funcName {
+		return 1
+	}
+
+	return 0
+}
+
+// For detection of capabilities on a system.
+// Is function descriptor f a valid function?
+func isValidLeFunc(f uintptr) error {
+	ret := funcptrtest(f, "")
+	if ret != 0 {
+		return fmt.Errorf("Bad pointer, not an LE function ")
+	}
+	return nil
+}
+
+// Retrieve function name from descriptor
+func getLeFuncName(f uintptr) (string, error) {
+	// assume it has been checked, only check ppa1 validity here
+	entry := ((*[2]uintptr)(unsafe.Pointer(f)))[1]
+	preamp := ((*[4]uint32)(unsafe.Pointer(entry - eyecatcherOffset)))
+
+	offsetPpa1 := preamp[2]
+	if offsetPpa1 > 0x0ffff {
+		return "", fmt.Errorf("PPA1 offset seems too big 0x%x\n", offsetPpa1)
+	}
+
+	ppa1 := uintptr(unsafe.Pointer(preamp)) + uintptr(offsetPpa1)
+	res := ptrtest(ppa1)
+	if res != 0 {
+		return "", fmt.Errorf("PPA1 address not valid")
+	}
+
+	size := *(*uint16)(unsafe.Pointer(ppa1 + nameLenOffset))
+	if size > 128 {
+		return "", fmt.Errorf("Function name seems too long, length=%d\n", size)
+	}
+
+	var name [128]byte
+	funcname := (*[128]byte)(unsafe.Pointer(ppa1 + nameOffset))
+	copy(name[0:size], funcname[0:size])
+
+	runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___E2A_L<<4, // __e2a_l
+		[]uintptr{uintptr(unsafe.Pointer(&name[0])), uintptr(size)})
+
+	return string(name[:size]), nil
+}
+
+// Check z/OS version
+func zosLeVersion() (version, release uint32) {
+	p1 := (*(*uintptr)(unsafe.Pointer(uintptr(1208)))) >> 32
+	p1 = *(*uintptr)(unsafe.Pointer(uintptr(p1 + 88)))
+	p1 = *(*uintptr)(unsafe.Pointer(uintptr(p1 + 8)))
+	p1 = *(*uintptr)(unsafe.Pointer(uintptr(p1 + 984)))
+	vrm := *(*uint32)(unsafe.Pointer(p1 + 80))
+	version = (vrm & 0x00ff0000) >> 16
+	release = (vrm & 0x0000ff00) >> 8
+	return
+}
+
+// returns a zos C FILE * for stdio fd 0, 1, 2
+func ZosStdioFilep(fd int32) uintptr {
+	return uintptr(*(*uint64)(unsafe.Pointer(uintptr(*(*uint64)(unsafe.Pointer(uintptr(*(*uint64)(unsafe.Pointer(uintptr(uint64(*(*uint32)(unsafe.Pointer(uintptr(1208)))) + 80))) + uint64((fd+2)<<3))))))))
+}
 
 func copyStat(stat *Stat_t, statLE *Stat_LE_t) {
 	stat.Dev = uint64(statLE.Dev)
@@ -65,6 +263,21 @@ func (d *Dirent) NameString() string {
 	}
 }
 
+func DecodeData(dest []byte, sz int, val uint64) {
+	for i := 0; i < sz; i++ {
+		dest[sz-1-i] = byte((val >> (uint64(i * 8))) & 0xff)
+	}
+}
+
+func EncodeData(data []byte) uint64 {
+	var value uint64
+	sz := len(data)
+	for i := 0; i < sz; i++ {
+		value |= uint64(data[i]) << uint64(((sz - i - 1) * 8))
+	}
+	return value
+}
+
 func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	if sa.Port < 0 || sa.Port > 0xFFFF {
 		return nil, 0, EINVAL
@@ -74,7 +287,9 @@ func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
-	sa.raw.Addr = sa.Addr
+	for i := 0; i < len(sa.Addr); i++ {
+		sa.raw.Addr[i] = sa.Addr[i]
+	}
 	return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
 }
 
@@ -88,7 +303,9 @@ func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
 	sa.raw.Scope_id = sa.ZoneId
-	sa.raw.Addr = sa.Addr
+	for i := 0; i < len(sa.Addr); i++ {
+		sa.raw.Addr[i] = sa.Addr[i]
+	}
 	return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
 }
 
@@ -146,7 +363,9 @@ func anyToSockaddr(_ int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		sa := new(SockaddrInet4)
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
-		sa.Addr = pp.Addr
+		for i := 0; i < len(sa.Addr); i++ {
+			sa.Addr[i] = pp.Addr[i]
+		}
 		return sa, nil
 
 	case AF_INET6:
@@ -155,7 +374,9 @@ func anyToSockaddr(_ int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
 		sa.ZoneId = pp.Scope_id
-		sa.Addr = pp.Addr
+		for i := 0; i < len(sa.Addr); i++ {
+			sa.Addr[i] = pp.Addr[i]
+		}
 		return sa, nil
 	}
 	return nil, EAFNOSUPPORT
@@ -177,6 +398,43 @@ func Accept(fd int) (nfd int, sa Sockaddr, err error) {
 	return
 }
 
+func Accept4(fd int, flags int) (nfd int, sa Sockaddr, err error) {
+	var rsa RawSockaddrAny
+	var len _Socklen = SizeofSockaddrAny
+	nfd, err = accept4(fd, &rsa, &len, flags)
+	if err != nil {
+		return
+	}
+	if len > SizeofSockaddrAny {
+		panic("RawSockaddrAny too small")
+	}
+	// TODO(neeilan): Remove 0 in call
+	sa, err = anyToSockaddr(0, &rsa)
+	if err != nil {
+		Close(nfd)
+		nfd = 0
+	}
+	return
+}
+
+func Ctermid() (tty string, err error) {
+	var termdev [1025]byte
+	runtime.EnterSyscall()
+	r0, err2, err1 := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___CTERMID_A<<4, uintptr(unsafe.Pointer(&termdev[0])))
+	runtime.ExitSyscall()
+	if r0 == 0 {
+		return "", fmt.Errorf("%s (errno2=0x%x)\n", err1.Error(), err2)
+	}
+	s := string(termdev[:])
+	idx := strings.Index(s, string(rune(0)))
+	if idx == -1 {
+		tty = s
+	} else {
+		tty = s[:idx]
+	}
+	return
+}
+
 func (iov *Iovec) SetLen(length int) {
 	iov.Len = uint64(length)
 }
@@ -190,10 +448,16 @@ func (cmsg *Cmsghdr) SetLen(length int) {
 }
 
 //sys   fcntl(fd int, cmd int, arg int) (val int, err error)
+//sys   Flistxattr(fd int, dest []byte) (sz int, err error) = SYS___FLISTXATTR_A
+//sys   Fremovexattr(fd int, attr string) (err error) = SYS___FREMOVEXATTR_A
 //sys	read(fd int, p []byte) (n int, err error)
 //sys	write(fd int, p []byte) (n int, err error)
 
+//sys   Fgetxattr(fd int, attr string, dest []byte) (sz int, err error) = SYS___FGETXATTR_A
+//sys   Fsetxattr(fd int, attr string, data []byte, flag int) (err error) = SYS___FSETXATTR_A
+
 //sys	accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) = SYS___ACCEPT_A
+//sys	accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) = SYS___ACCEPT4_A
 //sys	bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) = SYS___BIND_A
 //sys	connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) = SYS___CONNECT_A
 //sysnb	getgroups(n int, list *_Gid_t) (nn int, err error)
@@ -204,6 +468,7 @@ func (cmsg *Cmsghdr) SetLen(length int) {
 //sysnb	socketpair(domain int, typ int, proto int, fd *[2]int32) (err error)
 //sysnb	getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) = SYS___GETPEERNAME_A
 //sysnb	getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) = SYS___GETSOCKNAME_A
+//sys   Removexattr(path string, attr string) (err error) = SYS___REMOVEXATTR_A
 //sys	recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) = SYS___RECVFROM_A
 //sys	sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error) = SYS___SENDTO_A
 //sys	recvmsg(s int, msg *Msghdr, flags int) (n int, err error) = SYS___RECVMSG_A
@@ -212,6 +477,10 @@ func (cmsg *Cmsghdr) SetLen(length int) {
 //sys   munmap(addr uintptr, length uintptr) (err error) = SYS_MUNMAP
 //sys   ioctl(fd int, req int, arg uintptr) (err error) = SYS_IOCTL
 //sys   ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) = SYS_IOCTL
+//sys	shmat(id int, addr uintptr, flag int) (ret uintptr, err error) = SYS_SHMAT
+//sys	shmctl(id int, cmd int, buf *SysvShmDesc) (result int, err error) = SYS_SHMCTL64
+//sys	shmdt(addr uintptr) (err error) = SYS_SHMDT
+//sys	shmget(key int, size int, flag int) (id int, err error) = SYS_SHMGET
 
 //sys   Access(path string, mode uint32) (err error) = SYS___ACCESS_A
 //sys   Chdir(path string) (err error) = SYS___CHDIR_A
@@ -220,14 +489,31 @@ func (cmsg *Cmsghdr) SetLen(length int) {
 //sys   Creat(path string, mode uint32) (fd int, err error) = SYS___CREAT_A
 //sys	Dup(oldfd int) (fd int, err error)
 //sys	Dup2(oldfd int, newfd int) (err error)
+//sys	Dup3(oldfd int, newfd int, flags int) (err error) = SYS_DUP3
+//sys	Dirfd(dirp uintptr) (fd int, err error) = SYS_DIRFD
+//sys	EpollCreate(size int) (fd int, err error) = SYS_EPOLL_CREATE
+//sys	EpollCreate1(flags int) (fd int, err error) = SYS_EPOLL_CREATE1
+//sys	EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) = SYS_EPOLL_CTL
+//sys	EpollPwait(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error) = SYS_EPOLL_PWAIT
+//sys	EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) = SYS_EPOLL_WAIT
 //sys	Errno2() (er2 int) = SYS___ERRNO2
-//sys	Err2ad() (eadd *int) = SYS___ERR2AD
+//sys	Eventfd(initval uint, flags int) (fd int, err error) = SYS_EVENTFD
 //sys	Exit(code int)
+//sys	Faccessat(dirfd int, path string, mode uint32, flags int) (err error) = SYS___FACCESSAT_A
+
+func Faccessat2(dirfd int, path string, mode uint32, flags int) (err error) {
+	return Faccessat(dirfd, path, mode, flags)
+}
+
 //sys	Fchdir(fd int) (err error)
 //sys	Fchmod(fd int, mode uint32) (err error)
+//sys	Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) = SYS___FCHMODAT_A
 //sys	Fchown(fd int, uid int, gid int) (err error)
+//sys	Fchownat(fd int, path string, uid int, gid int, flags int) (err error) = SYS___FCHOWNAT_A
 //sys	FcntlInt(fd uintptr, cmd int, arg int) (retval int, err error) = SYS_FCNTL
+//sys	Fdatasync(fd int) (err error) = SYS_FDATASYNC
 //sys	fstat(fd int, stat *Stat_LE_t) (err error)
+//sys	fstatat(dirfd int, path string, stat *Stat_LE_t, flags int) (err error) = SYS___FSTATAT_A
 
 func Fstat(fd int, stat *Stat_t) (err error) {
 	var statLE Stat_LE_t
@@ -236,28 +522,208 @@ func Fstat(fd int, stat *Stat_t) (err error) {
 	return
 }
 
+func Fstatat(dirfd int, path string, stat *Stat_t, flags int) (err error) {
+	var statLE Stat_LE_t
+	err = fstatat(dirfd, path, &statLE, flags)
+	copyStat(stat, &statLE)
+	return
+}
+
+func impl_Getxattr(path string, attr string, dest []byte) (sz int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(attr)
+	if err != nil {
+		return
+	}
+	var _p2 unsafe.Pointer
+	if len(dest) > 0 {
+		_p2 = unsafe.Pointer(&dest[0])
+	} else {
+		_p2 = unsafe.Pointer(&_zero)
+	}
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___GETXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(_p2), uintptr(len(dest)))
+	sz = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_GetxattrAddr() *(func(path string, attr string, dest []byte) (sz int, err error))
+
+var Getxattr = enter_Getxattr
+
+func enter_Getxattr(path string, attr string, dest []byte) (sz int, err error) {
+	funcref := get_GetxattrAddr()
+	if validGetxattr() {
+		*funcref = impl_Getxattr
+	} else {
+		*funcref = error_Getxattr
+	}
+	return (*funcref)(path, attr, dest)
+}
+
+func error_Getxattr(path string, attr string, dest []byte) (sz int, err error) {
+	return -1, ENOSYS
+}
+
+func validGetxattr() bool {
+	if funcptrtest(GetZosLibVec()+SYS___GETXATTR_A<<4, "") == 0 {
+		if name, err := getLeFuncName(GetZosLibVec() + SYS___GETXATTR_A<<4); err == nil {
+			return name == "__getxattr_a"
+		}
+	}
+	return false
+}
+
+//sys   Lgetxattr(link string, attr string, dest []byte) (sz int, err error) = SYS___LGETXATTR_A
+//sys   Lsetxattr(path string, attr string, data []byte, flags int) (err error) = SYS___LSETXATTR_A
+
+func impl_Setxattr(path string, attr string, data []byte, flags int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(attr)
+	if err != nil {
+		return
+	}
+	var _p2 unsafe.Pointer
+	if len(data) > 0 {
+		_p2 = unsafe.Pointer(&data[0])
+	} else {
+		_p2 = unsafe.Pointer(&_zero)
+	}
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SETXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(_p2), uintptr(len(data)), uintptr(flags))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_SetxattrAddr() *(func(path string, attr string, data []byte, flags int) (err error))
+
+var Setxattr = enter_Setxattr
+
+func enter_Setxattr(path string, attr string, data []byte, flags int) (err error) {
+	funcref := get_SetxattrAddr()
+	if validSetxattr() {
+		*funcref = impl_Setxattr
+	} else {
+		*funcref = error_Setxattr
+	}
+	return (*funcref)(path, attr, data, flags)
+}
+
+func error_Setxattr(path string, attr string, data []byte, flags int) (err error) {
+	return ENOSYS
+}
+
+func validSetxattr() bool {
+	if funcptrtest(GetZosLibVec()+SYS___SETXATTR_A<<4, "") == 0 {
+		if name, err := getLeFuncName(GetZosLibVec() + SYS___SETXATTR_A<<4); err == nil {
+			return name == "__setxattr_a"
+		}
+	}
+	return false
+}
+
+//sys	Fstatfs(fd int, buf *Statfs_t) (err error) = SYS_FSTATFS
 //sys	Fstatvfs(fd int, stat *Statvfs_t) (err error) = SYS_FSTATVFS
 //sys	Fsync(fd int) (err error)
+//sys	Futimes(fd int, tv []Timeval) (err error) = SYS_FUTIMES
+//sys	Futimesat(dirfd int, path string, tv []Timeval) (err error) = SYS___FUTIMESAT_A
 //sys	Ftruncate(fd int, length int64) (err error)
-//sys   Getpagesize() (pgsize int) = SYS_GETPAGESIZE
+//sys	Getrandom(buf []byte, flags int) (n int, err error) = SYS_GETRANDOM
+//sys	InotifyInit() (fd int, err error) = SYS_INOTIFY_INIT
+//sys	InotifyInit1(flags int) (fd int, err error) = SYS_INOTIFY_INIT1
+//sys	InotifyAddWatch(fd int, pathname string, mask uint32) (watchdesc int, err error) = SYS___INOTIFY_ADD_WATCH_A
+//sys	InotifyRmWatch(fd int, watchdesc uint32) (success int, err error) = SYS_INOTIFY_RM_WATCH
+//sys   Listxattr(path string, dest []byte) (sz int, err error) = SYS___LISTXATTR_A
+//sys   Llistxattr(path string, dest []byte) (sz int, err error) = SYS___LLISTXATTR_A
+//sys   Lremovexattr(path string, attr string) (err error) = SYS___LREMOVEXATTR_A
+//sys	Lutimes(path string, tv []Timeval) (err error) = SYS___LUTIMES_A
 //sys   Mprotect(b []byte, prot int) (err error) = SYS_MPROTECT
 //sys   Msync(b []byte, flags int) (err error) = SYS_MSYNC
+//sys   Console2(cmsg *ConsMsg2, modstr *byte, concmd *uint32) (err error) = SYS___CONSOLE2
+
+// Pipe2 begin
+
+//go:nosplit
+func getPipe2Addr() *(func([]int, int) error)
+
+var Pipe2 = pipe2Enter
+
+func pipe2Enter(p []int, flags int) (err error) {
+	if funcptrtest(GetZosLibVec()+SYS_PIPE2<<4, "") == 0 {
+		*getPipe2Addr() = pipe2Impl
+	} else {
+		*getPipe2Addr() = pipe2Error
+	}
+	return (*getPipe2Addr())(p, flags)
+}
+
+func pipe2Impl(p []int, flags int) (err error) {
+	var pp [2]_C_int
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PIPE2<<4, uintptr(unsafe.Pointer(&pp[0])), uintptr(flags))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	} else {
+		p[0] = int(pp[0])
+		p[1] = int(pp[1])
+	}
+	return
+}
+func pipe2Error(p []int, flags int) (err error) {
+	return fmt.Errorf("Pipe2 is not available on this system")
+}
+
+// Pipe2 end
+
 //sys   Poll(fds []PollFd, timeout int) (n int, err error) = SYS_POLL
+
+func Readdir(dir uintptr) (dirent *Dirent, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___READDIR_A<<4, uintptr(dir))
+	runtime.ExitSyscall()
+	dirent = (*Dirent)(unsafe.Pointer(r0))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//sys	Readdir_r(dirp uintptr, entry *direntLE, result **direntLE) (err error) = SYS___READDIR_R_A
+//sys	Statfs(path string, buf *Statfs_t) (err error) = SYS___STATFS_A
+//sys	Syncfs(fd int) (err error) = SYS_SYNCFS
 //sys   Times(tms *Tms) (ticks uintptr, err error) = SYS_TIMES
 //sys   W_Getmntent(buff *byte, size int) (lastsys int, err error) = SYS_W_GETMNTENT
 //sys   W_Getmntent_A(buff *byte, size int) (lastsys int, err error) = SYS___W_GETMNTENT_A
 
 //sys   mount_LE(path string, filesystem string, fstype string, mtm uint32, parmlen int32, parm string) (err error) = SYS___MOUNT_A
-//sys   unmount(filesystem string, mtm int) (err error) = SYS___UMOUNT_A
+//sys   unmount_LE(filesystem string, mtm int) (err error) = SYS___UMOUNT_A
 //sys   Chroot(path string) (err error) = SYS___CHROOT_A
 //sys   Select(nmsgsfds int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (ret int, err error) = SYS_SELECT
-//sysnb Uname(buf *Utsname) (err error) = SYS___UNAME_A
+//sysnb Uname(buf *Utsname) (err error) = SYS_____OSNAME_A
+//sys   Unshare(flags int) (err error) = SYS_UNSHARE
 
 func Ptsname(fd int) (name string, err error) {
-	r0, _, e1 := syscall_syscall(SYS___PTSNAME_A, uintptr(fd), 0, 0)
-	name = u2s(unsafe.Pointer(r0))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___PTSNAME_A<<4, uintptr(fd))
+	runtime.ExitSyscall()
+	if r0 == 0 {
+		err = errnoErr2(e1, e2)
+	} else {
+		name = u2s(unsafe.Pointer(r0))
 	}
 	return
 }
@@ -272,13 +738,19 @@ func u2s(cstr unsafe.Pointer) string {
 }
 
 func Close(fd int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_CLOSE, uintptr(fd), 0, 0)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_CLOSE<<4, uintptr(fd))
+	runtime.ExitSyscall()
 	for i := 0; e1 == EAGAIN && i < 10; i++ {
-		_, _, _ = syscall_syscall(SYS_USLEEP, uintptr(10), 0, 0)
-		_, _, e1 = syscall_syscall(SYS_CLOSE, uintptr(fd), 0, 0)
+		runtime.EnterSyscall()
+		CallLeFuncWithErr(GetZosLibVec()+SYS_USLEEP<<4, uintptr(10))
+		runtime.ExitSyscall()
+		runtime.EnterSyscall()
+		r0, e2, e1 = CallLeFuncWithErr(GetZosLibVec()+SYS_CLOSE<<4, uintptr(fd))
+		runtime.ExitSyscall()
 	}
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if r0 != 0 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -288,9 +760,24 @@ func Madvise(b []byte, advice int) (err error) {
 	return
 }
 
+func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
+	return mapper.Mmap(fd, offset, length, prot, flags)
+}
+
+func Munmap(b []byte) (err error) {
+	return mapper.Munmap(b)
+}
+
+func MmapPtr(fd int, offset int64, addr unsafe.Pointer, length uintptr, prot int, flags int) (ret unsafe.Pointer, err error) {
+	xaddr, err := mapper.mmap(uintptr(addr), length, prot, flags, fd, offset)
+	return unsafe.Pointer(xaddr), err
+}
+
+func MunmapPtr(addr unsafe.Pointer, length uintptr) (err error) {
+	return mapper.munmap(uintptr(addr), length)
+}
+
 //sys   Gethostname(buf []byte) (err error) = SYS___GETHOSTNAME_A
-//sysnb	Getegid() (egid int)
-//sysnb	Geteuid() (uid int)
 //sysnb	Getgid() (gid int)
 //sysnb	Getpid() (pid int)
 //sysnb	Getpgid(pid int) (pgid int, err error) = SYS_GETPGID
@@ -317,11 +804,14 @@ func Getrusage(who int, rusage *Rusage) (err error) {
 	return
 }
 
+//sys	Getegid() (egid int) = SYS_GETEGID
+//sys	Geteuid() (euid int) = SYS_GETEUID
 //sysnb Getsid(pid int) (sid int, err error) = SYS_GETSID
 //sysnb	Getuid() (uid int)
 //sysnb	Kill(pid int, sig Signal) (err error)
 //sys	Lchown(path string, uid int, gid int) (err error) = SYS___LCHOWN_A
 //sys	Link(path string, link string) (err error) = SYS___LINK_A
+//sys	Linkat(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error) = SYS___LINKAT_A
 //sys	Listen(s int, n int) (err error)
 //sys	lstat(path string, stat *Stat_LE_t) (err error) = SYS___LSTAT_A
 
@@ -332,15 +822,150 @@ func Lstat(path string, stat *Stat_t) (err error) {
 	return
 }
 
+// for checking symlinks begins with $VERSION/ $SYSNAME/ $SYSSYMR/ $SYSSYMA/
+func isSpecialPath(path []byte) (v bool) {
+	var special = [4][8]byte{
+		{'V', 'E', 'R', 'S', 'I', 'O', 'N', '/'},
+		{'S', 'Y', 'S', 'N', 'A', 'M', 'E', '/'},
+		{'S', 'Y', 'S', 'S', 'Y', 'M', 'R', '/'},
+		{'S', 'Y', 'S', 'S', 'Y', 'M', 'A', '/'}}
+
+	var i, j int
+	for i = 0; i < len(special); i++ {
+		for j = 0; j < len(special[i]); j++ {
+			if path[j] != special[i][j] {
+				break
+			}
+		}
+		if j == len(special[i]) {
+			return true
+		}
+	}
+	return false
+}
+
+func realpath(srcpath string, abspath []byte) (pathlen int, errno int) {
+	var source [1024]byte
+	copy(source[:], srcpath)
+	source[len(srcpath)] = 0
+	ret := runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___REALPATH_A<<4, //__realpath_a()
+		[]uintptr{uintptr(unsafe.Pointer(&source[0])),
+			uintptr(unsafe.Pointer(&abspath[0]))})
+	if ret != 0 {
+		index := bytes.IndexByte(abspath[:], byte(0))
+		if index != -1 {
+			return index, 0
+		}
+	} else {
+		errptr := (*int)(unsafe.Pointer(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO<<4, []uintptr{}))) //__errno()
+		return 0, *errptr
+	}
+	return 0, 245 // EBADDATA   245
+}
+
+func Readlink(path string, buf []byte) (n int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 unsafe.Pointer
+	if len(buf) > 0 {
+		_p1 = unsafe.Pointer(&buf[0])
+	} else {
+		_p1 = unsafe.Pointer(&_zero)
+	}
+	n = int(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___READLINK_A<<4,
+		[]uintptr{uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf))}))
+	runtime.KeepAlive(unsafe.Pointer(_p0))
+	if n == -1 {
+		value := *(*int32)(unsafe.Pointer(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO<<4, []uintptr{})))
+		err = errnoErr(Errno(value))
+	} else {
+		if buf[0] == '$' {
+			if isSpecialPath(buf[1:9]) {
+				cnt, err1 := realpath(path, buf)
+				if err1 == 0 {
+					n = cnt
+				}
+			}
+		}
+	}
+	return
+}
+
+func impl_Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 unsafe.Pointer
+	if len(buf) > 0 {
+		_p1 = unsafe.Pointer(&buf[0])
+	} else {
+		_p1 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___READLINKAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
+	runtime.ExitSyscall()
+	n = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+		return n, err
+	} else {
+		if buf[0] == '$' {
+			if isSpecialPath(buf[1:9]) {
+				cnt, err1 := realpath(path, buf)
+				if err1 == 0 {
+					n = cnt
+				}
+			}
+		}
+	}
+	return
+}
+
+//go:nosplit
+func get_ReadlinkatAddr() *(func(dirfd int, path string, buf []byte) (n int, err error))
+
+var Readlinkat = enter_Readlinkat
+
+func enter_Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
+	funcref := get_ReadlinkatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___READLINKAT_A<<4, "") == 0 {
+		*funcref = impl_Readlinkat
+	} else {
+		*funcref = error_Readlinkat
+	}
+	return (*funcref)(dirfd, path, buf)
+}
+
+func error_Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
+	n = -1
+	err = ENOSYS
+	return
+}
+
 //sys	Mkdir(path string, mode uint32) (err error) = SYS___MKDIR_A
+//sys	Mkdirat(dirfd int, path string, mode uint32) (err error) = SYS___MKDIRAT_A
 //sys   Mkfifo(path string, mode uint32) (err error) = SYS___MKFIFO_A
 //sys	Mknod(path string, mode uint32, dev int) (err error) = SYS___MKNOD_A
+//sys	Mknodat(dirfd int, path string, mode uint32, dev int) (err error) = SYS___MKNODAT_A
+//sys	PivotRoot(newroot string, oldroot string) (err error) = SYS___PIVOT_ROOT_A
 //sys	Pread(fd int, p []byte, offset int64) (n int, err error)
 //sys	Pwrite(fd int, p []byte, offset int64) (n int, err error)
-//sys	Readlink(path string, buf []byte) (n int, err error) = SYS___READLINK_A
+//sys	Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) = SYS___PRCTL_A
+//sysnb	Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) = SYS_PRLIMIT
 //sys	Rename(from string, to string) (err error) = SYS___RENAME_A
+//sys	Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) = SYS___RENAMEAT_A
+//sys	Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error) = SYS___RENAMEAT2_A
 //sys	Rmdir(path string) (err error) = SYS___RMDIR_A
 //sys   Seek(fd int, offset int64, whence int) (off int64, err error) = SYS_LSEEK
+//sys	Setegid(egid int) (err error) = SYS_SETEGID
+//sys	Seteuid(euid int) (err error) = SYS_SETEUID
+//sys	Sethostname(p []byte) (err error) = SYS___SETHOSTNAME_A
+//sys   Setns(fd int, nstype int) (err error) = SYS_SETNS
 //sys	Setpriority(which int, who int, prio int) (err error)
 //sysnb	Setpgid(pid int, pgid int) (err error) = SYS_SETPGID
 //sysnb	Setrlimit(resource int, lim *Rlimit) (err error)
@@ -360,32 +985,57 @@ func Stat(path string, sta *Stat_t) (err error) {
 }
 
 //sys	Symlink(path string, link string) (err error) = SYS___SYMLINK_A
+//sys	Symlinkat(oldPath string, dirfd int, newPath string) (err error) = SYS___SYMLINKAT_A
 //sys	Sync() = SYS_SYNC
 //sys	Truncate(path string, length int64) (err error) = SYS___TRUNCATE_A
 //sys	Tcgetattr(fildes int, termptr *Termios) (err error) = SYS_TCGETATTR
 //sys	Tcsetattr(fildes int, when int, termptr *Termios) (err error) = SYS_TCSETATTR
 //sys	Umask(mask int) (oldmask int)
 //sys	Unlink(path string) (err error) = SYS___UNLINK_A
+//sys	Unlinkat(dirfd int, path string, flags int) (err error) = SYS___UNLINKAT_A
 //sys	Utime(path string, utim *Utimbuf) (err error) = SYS___UTIME_A
 
 //sys	open(path string, mode int, perm uint32) (fd int, err error) = SYS___OPEN_A
 
 func Open(path string, mode int, perm uint32) (fd int, err error) {
+	if mode&O_ACCMODE == 0 {
+		mode |= O_RDONLY
+	}
 	return open(path, mode, perm)
 }
 
-func Mkfifoat(dirfd int, path string, mode uint32) (err error) {
-	wd, err := Getwd()
-	if err != nil {
-		return err
+//sys	openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) = SYS___OPENAT_A
+
+func Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) {
+	if flags&O_ACCMODE == 0 {
+		flags |= O_RDONLY
 	}
+	return openat(dirfd, path, flags, mode)
+}
 
-	if err := Fchdir(dirfd); err != nil {
-		return err
+//sys	openat2(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error) = SYS___OPENAT2_A
+
+func Openat2(dirfd int, path string, how *OpenHow) (fd int, err error) {
+	if how.Flags&O_ACCMODE == 0 {
+		how.Flags |= O_RDONLY
 	}
-	defer Chdir(wd)
+	return openat2(dirfd, path, how, SizeofOpenHow)
+}
 
-	return Mkfifo(path, mode)
+func ZosFdToPath(dirfd int) (path string, err error) {
+	var buffer [1024]byte
+	runtime.EnterSyscall()
+	ret, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_W_IOCTL<<4, uintptr(dirfd), 17, 1024, uintptr(unsafe.Pointer(&buffer[0])))
+	runtime.ExitSyscall()
+	if ret == 0 {
+		zb := bytes.IndexByte(buffer[:], 0)
+		if zb == -1 {
+			zb = len(buffer)
+		}
+		CallLeFuncWithErr(GetZosLibVec()+SYS___E2A_L<<4, uintptr(unsafe.Pointer(&buffer[0])), uintptr(zb))
+		return string(buffer[:zb]), nil
+	}
+	return "", errnoErr2(e1, e2)
 }
 
 //sys	remove(path string) (err error)
@@ -403,10 +1053,12 @@ func Getcwd(buf []byte) (n int, err error) {
 	} else {
 		p = unsafe.Pointer(&_zero)
 	}
-	_, _, e := syscall_syscall(SYS___GETCWD_A, uintptr(p), uintptr(len(buf)), 0)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___GETCWD_A<<4, uintptr(p), uintptr(len(buf)))
+	runtime.ExitSyscall()
 	n = clen(buf) + 1
-	if e != 0 {
-		err = errnoErr(e)
+	if r0 == 0 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -520,9 +1172,41 @@ func (w WaitStatus) StopSignal() Signal {
 
 func (w WaitStatus) TrapCause() int { return -1 }
 
+//sys	waitid(idType int, id int, info *Siginfo, options int) (err error)
+
+func Waitid(idType int, id int, info *Siginfo, options int, rusage *Rusage) (err error) {
+	return waitid(idType, id, info, options)
+}
+
 //sys	waitpid(pid int, wstatus *_C_int, options int) (wpid int, err error)
 
-func Wait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error) {
+func impl_Wait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_WAIT4<<4, uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options), uintptr(unsafe.Pointer(rusage)))
+	runtime.ExitSyscall()
+	wpid = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_Wait4Addr() *(func(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error))
+
+var Wait4 = enter_Wait4
+
+func enter_Wait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error) {
+	funcref := get_Wait4Addr()
+	if funcptrtest(GetZosLibVec()+SYS_WAIT4<<4, "") == 0 {
+		*funcref = impl_Wait4
+	} else {
+		*funcref = legacyWait4
+	}
+	return (*funcref)(pid, wstatus, options, rusage)
+}
+
+func legacyWait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error) {
 	// TODO(mundaym): z/OS doesn't have wait4. I don't think getrusage does what we want.
 	// At the moment rusage will not be touched.
 	var status _C_int
@@ -571,23 +1255,62 @@ func Pipe(p []int) (err error) {
 	}
 	var pp [2]_C_int
 	err = pipe(&pp)
-	if err == nil {
-		p[0] = int(pp[0])
-		p[1] = int(pp[1])
-	}
+	p[0] = int(pp[0])
+	p[1] = int(pp[1])
 	return
 }
 
 //sys	utimes(path string, timeval *[2]Timeval) (err error) = SYS___UTIMES_A
 
 func Utimes(path string, tv []Timeval) (err error) {
+	if tv == nil {
+		return utimes(path, nil)
+	}
 	if len(tv) != 2 {
 		return EINVAL
 	}
 	return utimes(path, (*[2]Timeval)(unsafe.Pointer(&tv[0])))
 }
 
-func UtimesNano(path string, ts []Timespec) error {
+//sys	utimensat(dirfd int, path string, ts *[2]Timespec, flags int) (err error) = SYS___UTIMENSAT_A
+
+func validUtimensat() bool {
+	if funcptrtest(GetZosLibVec()+SYS___UTIMENSAT_A<<4, "") == 0 {
+		if name, err := getLeFuncName(GetZosLibVec() + SYS___UTIMENSAT_A<<4); err == nil {
+			return name == "__utimensat_a"
+		}
+	}
+	return false
+}
+
+// Begin UtimesNano
+
+//go:nosplit
+func get_UtimesNanoAddr() *(func(path string, ts []Timespec) (err error))
+
+var UtimesNano = enter_UtimesNano
+
+func enter_UtimesNano(path string, ts []Timespec) (err error) {
+	funcref := get_UtimesNanoAddr()
+	if validUtimensat() {
+		*funcref = utimesNanoImpl
+	} else {
+		*funcref = legacyUtimesNano
+	}
+	return (*funcref)(path, ts)
+}
+
+func utimesNanoImpl(path string, ts []Timespec) (err error) {
+	if ts == nil {
+		return utimensat(AT_FDCWD, path, nil, 0)
+	}
+	if len(ts) != 2 {
+		return EINVAL
+	}
+	return utimensat(AT_FDCWD, path, (*[2]Timespec)(unsafe.Pointer(&ts[0])), 0)
+}
+
+func legacyUtimesNano(path string, ts []Timespec) (err error) {
 	if len(ts) != 2 {
 		return EINVAL
 	}
@@ -600,6 +1323,70 @@ func UtimesNano(path string, ts []Timespec) error {
 	return utimes(path, (*[2]Timeval)(unsafe.Pointer(&tv[0])))
 }
 
+// End UtimesNano
+
+// Begin UtimesNanoAt
+
+//go:nosplit
+func get_UtimesNanoAtAddr() *(func(dirfd int, path string, ts []Timespec, flags int) (err error))
+
+var UtimesNanoAt = enter_UtimesNanoAt
+
+func enter_UtimesNanoAt(dirfd int, path string, ts []Timespec, flags int) (err error) {
+	funcref := get_UtimesNanoAtAddr()
+	if validUtimensat() {
+		*funcref = utimesNanoAtImpl
+	} else {
+		*funcref = legacyUtimesNanoAt
+	}
+	return (*funcref)(dirfd, path, ts, flags)
+}
+
+func utimesNanoAtImpl(dirfd int, path string, ts []Timespec, flags int) (err error) {
+	if ts == nil {
+		return utimensat(dirfd, path, nil, flags)
+	}
+	if len(ts) != 2 {
+		return EINVAL
+	}
+	return utimensat(dirfd, path, (*[2]Timespec)(unsafe.Pointer(&ts[0])), flags)
+}
+
+func legacyUtimesNanoAt(dirfd int, path string, ts []Timespec, flags int) (err error) {
+	if path[0] != '/' {
+		dirPath, err := ZosFdToPath(dirfd)
+		if err != nil {
+			return err
+		}
+		path = dirPath + "/" + path
+	}
+	if flags == AT_SYMLINK_NOFOLLOW {
+		if len(ts) != 2 {
+			return EINVAL
+		}
+
+		if ts[0].Nsec >= 5e8 {
+			ts[0].Sec++
+		}
+		ts[0].Nsec = 0
+		if ts[1].Nsec >= 5e8 {
+			ts[1].Sec++
+		}
+		ts[1].Nsec = 0
+
+		// Not as efficient as it could be because Timespec and
+		// Timeval have different types in the different OSes
+		tv := []Timeval{
+			NsecToTimeval(TimespecToNsec(ts[0])),
+			NsecToTimeval(TimespecToNsec(ts[1])),
+		}
+		return Lutimes(path, tv)
+	}
+	return UtimesNano(path, ts)
+}
+
+// End UtimesNanoAt
+
 func Getsockname(fd int) (sa Sockaddr, err error) {
 	var rsa RawSockaddrAny
 	var len _Socklen = SizeofSockaddrAny
@@ -1191,10 +1978,13 @@ func Opendir(name string) (uintptr, error) {
 	if err != nil {
 		return 0, err
 	}
-	dir, _, e := syscall_syscall(SYS___OPENDIR_A, uintptr(unsafe.Pointer(p)), 0, 0)
+	err = nil
+	runtime.EnterSyscall()
+	dir, e2, e1 := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___OPENDIR_A<<4, uintptr(unsafe.Pointer(p)))
+	runtime.ExitSyscall()
 	runtime.KeepAlive(unsafe.Pointer(p))
-	if e != 0 {
-		err = errnoErr(e)
+	if dir == 0 {
+		err = errnoErr2(e1, e2)
 	}
 	return dir, err
 }
@@ -1202,51 +1992,27 @@ func Opendir(name string) (uintptr, error) {
 // clearsyscall.Errno resets the errno value to 0.
 func clearErrno()
 
-func Readdir(dir uintptr) (*Dirent, error) {
-	var ent Dirent
-	var res uintptr
-	// __readdir_r_a returns errno at the end of the directory stream, rather than 0.
-	// Therefore to avoid false positives we clear errno before calling it.
-
-	// TODO(neeilan): Commented this out to get sys/unix compiling on z/OS. Uncomment and fix. Error: "undefined: clearsyscall"
-	//clearsyscall.Errno() // TODO(mundaym): check pre-emption rules.
-
-	e, _, _ := syscall_syscall(SYS___READDIR_R_A, dir, uintptr(unsafe.Pointer(&ent)), uintptr(unsafe.Pointer(&res)))
-	var err error
-	if e != 0 {
-		err = errnoErr(Errno(e))
-	}
-	if res == 0 {
-		return nil, err
-	}
-	return &ent, err
-}
-
-func readdir_r(dirp uintptr, entry *direntLE, result **direntLE) (err error) {
-	r0, _, e1 := syscall_syscall(SYS___READDIR_R_A, dirp, uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
-	if int64(r0) == -1 {
-		err = errnoErr(Errno(e1))
-	}
-	return
-}
-
 func Closedir(dir uintptr) error {
-	_, _, e := syscall_syscall(SYS_CLOSEDIR, dir, 0, 0)
-	if e != 0 {
-		return errnoErr(e)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_CLOSEDIR<<4, dir)
+	runtime.ExitSyscall()
+	if r0 != 0 {
+		return errnoErr2(e1, e2)
 	}
 	return nil
 }
 
 func Seekdir(dir uintptr, pos int) {
-	_, _, _ = syscall_syscall(SYS_SEEKDIR, dir, uintptr(pos), 0)
+	runtime.EnterSyscall()
+	CallLeFuncWithErr(GetZosLibVec()+SYS_SEEKDIR<<4, dir, uintptr(pos))
+	runtime.ExitSyscall()
 }
 
 func Telldir(dir uintptr) (int, error) {
-	p, _, e := syscall_syscall(SYS_TELLDIR, dir, 0, 0)
+	p, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_TELLDIR<<4, dir)
 	pos := int(p)
-	if pos == -1 {
-		return pos, errnoErr(e)
+	if int64(p) == -1 {
+		return pos, errnoErr2(e1, e2)
 	}
 	return pos, nil
 }
@@ -1261,19 +2027,55 @@ func FcntlFlock(fd uintptr, cmd int, lk *Flock_t) error {
 	*(*int64)(unsafe.Pointer(&flock[4])) = lk.Start
 	*(*int64)(unsafe.Pointer(&flock[12])) = lk.Len
 	*(*int32)(unsafe.Pointer(&flock[20])) = lk.Pid
-	_, _, errno := syscall_syscall(SYS_FCNTL, fd, uintptr(cmd), uintptr(unsafe.Pointer(&flock)))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCNTL<<4, fd, uintptr(cmd), uintptr(unsafe.Pointer(&flock)))
+	runtime.ExitSyscall()
 	lk.Type = *(*int16)(unsafe.Pointer(&flock[0]))
 	lk.Whence = *(*int16)(unsafe.Pointer(&flock[2]))
 	lk.Start = *(*int64)(unsafe.Pointer(&flock[4]))
 	lk.Len = *(*int64)(unsafe.Pointer(&flock[12]))
 	lk.Pid = *(*int32)(unsafe.Pointer(&flock[20]))
-	if errno == 0 {
+	if r0 == 0 {
 		return nil
 	}
-	return errno
+	return errnoErr2(e1, e2)
+}
+
+func impl_Flock(fd int, how int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FLOCK<<4, uintptr(fd), uintptr(how))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
 }
 
-func Flock(fd int, how int) error {
+//go:nosplit
+func get_FlockAddr() *(func(fd int, how int) (err error))
+
+var Flock = enter_Flock
+
+func validFlock(fp uintptr) bool {
+	if funcptrtest(GetZosLibVec()+SYS_FLOCK<<4, "") == 0 {
+		if name, err := getLeFuncName(GetZosLibVec() + SYS_FLOCK<<4); err == nil {
+			return name == "flock"
+		}
+	}
+	return false
+}
+
+func enter_Flock(fd int, how int) (err error) {
+	funcref := get_FlockAddr()
+	if validFlock(GetZosLibVec() + SYS_FLOCK<<4) {
+		*funcref = impl_Flock
+	} else {
+		*funcref = legacyFlock
+	}
+	return (*funcref)(fd, how)
+}
+
+func legacyFlock(fd int, how int) error {
 
 	var flock_type int16
 	var fcntl_cmd int
@@ -1307,41 +2109,51 @@ func Flock(fd int, how int) error {
 }
 
 func Mlock(b []byte) (err error) {
-	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_NONSWAP, 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_NONSWAP)
+	runtime.ExitSyscall()
+	if r0 != 0 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 func Mlock2(b []byte, flags int) (err error) {
-	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_NONSWAP, 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_NONSWAP)
+	runtime.ExitSyscall()
+	if r0 != 0 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 func Mlockall(flags int) (err error) {
-	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_NONSWAP, 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_NONSWAP)
+	runtime.ExitSyscall()
+	if r0 != 0 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 func Munlock(b []byte) (err error) {
-	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_SWAP, 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_SWAP)
+	runtime.ExitSyscall()
+	if r0 != 0 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 func Munlockall() (err error) {
-	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_SWAP, 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_SWAP)
+	runtime.ExitSyscall()
+	if r0 != 0 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1367,20 +2179,109 @@ func ClockGettime(clockid int32, ts *Timespec) error {
 		ts.Sec = int64(tm.Utime / ticks_per_sec)
 		ts.Nsec = int64(tm.Utime) * nsec_per_sec / int64(ticks_per_sec)
 	} else {
-		return EINVAL
+		return EINVAL
+	}
+	return nil
+}
+
+// Chtag
+
+//go:nosplit
+func get_ChtagAddr() *(func(path string, ccsid uint64, textbit uint64) error)
+
+var Chtag = enter_Chtag
+
+func enter_Chtag(path string, ccsid uint64, textbit uint64) error {
+	funcref := get_ChtagAddr()
+	if validSetxattr() {
+		*funcref = impl_Chtag
+	} else {
+		*funcref = legacy_Chtag
+	}
+	return (*funcref)(path, ccsid, textbit)
+}
+
+func legacy_Chtag(path string, ccsid uint64, textbit uint64) error {
+	tag := ccsid<<16 | textbit<<15
+	var tag_buff [8]byte
+	DecodeData(tag_buff[:], 8, tag)
+	return Setxattr(path, "filetag", tag_buff[:], XATTR_REPLACE)
+}
+
+func impl_Chtag(path string, ccsid uint64, textbit uint64) error {
+	tag := ccsid<<16 | textbit<<15
+	var tag_buff [4]byte
+	DecodeData(tag_buff[:], 4, tag)
+	return Setxattr(path, "system.filetag", tag_buff[:], XATTR_REPLACE)
+}
+
+// End of Chtag
+
+// Nanosleep
+
+//go:nosplit
+func get_NanosleepAddr() *(func(time *Timespec, leftover *Timespec) error)
+
+var Nanosleep = enter_Nanosleep
+
+func enter_Nanosleep(time *Timespec, leftover *Timespec) error {
+	funcref := get_NanosleepAddr()
+	if funcptrtest(GetZosLibVec()+SYS_NANOSLEEP<<4, "") == 0 {
+		*funcref = impl_Nanosleep
+	} else {
+		*funcref = legacyNanosleep
+	}
+	return (*funcref)(time, leftover)
+}
+
+func impl_Nanosleep(time *Timespec, leftover *Timespec) error {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_NANOSLEEP<<4, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		return errnoErr2(e1, e2)
 	}
 	return nil
 }
 
-func Statfs(path string, stat *Statfs_t) (err error) {
-	fd, err := open(path, O_RDONLY, 0)
-	defer Close(fd)
-	if err != nil {
-		return err
+func legacyNanosleep(time *Timespec, leftover *Timespec) error {
+	t0 := runtime.Nanotime1()
+	var secrem uint32
+	var nsecrem uint32
+	total := time.Sec*1000000000 + time.Nsec
+	elapsed := runtime.Nanotime1() - t0
+	var rv int32
+	var rc int32
+	var err error
+	// repeatedly sleep for 1 second until less than 1 second left
+	for total-elapsed > 1000000000 {
+		rv, rc, _ = BpxCondTimedWait(uint32(1), uint32(0), uint32(CW_CONDVAR), &secrem, &nsecrem)
+		if rv != 0 && rc != 112 { // 112 is EAGAIN
+			if leftover != nil && rc == 120 { // 120 is EINTR
+				leftover.Sec = int64(secrem)
+				leftover.Nsec = int64(nsecrem)
+			}
+			err = Errno(rc)
+			return err
+		}
+		elapsed = runtime.Nanotime1() - t0
+	}
+	// sleep the remainder
+	if total > elapsed {
+		rv, rc, _ = BpxCondTimedWait(uint32(0), uint32(total-elapsed), uint32(CW_CONDVAR), &secrem, &nsecrem)
 	}
-	return Fstatfs(fd, stat)
+	if leftover != nil && rc == 120 {
+		leftover.Sec = int64(secrem)
+		leftover.Nsec = int64(nsecrem)
+	}
+	if rv != 0 && rc != 112 {
+		err = Errno(rc)
+	}
+	return err
 }
 
+// End of Nanosleep
+
 var (
 	Stdin  = 0
 	Stdout = 1
@@ -1395,6 +2296,9 @@ var (
 	errENOENT error = syscall.ENOENT
 )
 
+var ZosTraceLevel int
+var ZosTracefile *os.File
+
 var (
 	signalNameMapOnce sync.Once
 	signalNameMap     map[string]syscall.Signal
@@ -1416,6 +2320,56 @@ func errnoErr(e Errno) error {
 	return e
 }
 
+var reg *regexp.Regexp
+
+// enhanced with zos specific errno2
+func errnoErr2(e Errno, e2 uintptr) error {
+	switch e {
+	case 0:
+		return nil
+	case EAGAIN:
+		return errEAGAIN
+		/*
+			Allow the retrieval of errno2 for EINVAL and ENOENT on zos
+				case EINVAL:
+					return errEINVAL
+				case ENOENT:
+					return errENOENT
+		*/
+	}
+	if ZosTraceLevel > 0 {
+		var name string
+		if reg == nil {
+			reg = regexp.MustCompile("(^unix\\.[^/]+$|.*\\/unix\\.[^/]+$)")
+		}
+		i := 1
+		pc, file, line, ok := runtime.Caller(i)
+		if ok {
+			name = runtime.FuncForPC(pc).Name()
+		}
+		for ok && reg.MatchString(runtime.FuncForPC(pc).Name()) {
+			i += 1
+			pc, file, line, ok = runtime.Caller(i)
+		}
+		if ok {
+			if ZosTracefile == nil {
+				ZosConsolePrintf("From %s:%d\n", file, line)
+				ZosConsolePrintf("%s: %s (errno2=0x%x)\n", name, e.Error(), e2)
+			} else {
+				fmt.Fprintf(ZosTracefile, "From %s:%d\n", file, line)
+				fmt.Fprintf(ZosTracefile, "%s: %s (errno2=0x%x)\n", name, e.Error(), e2)
+			}
+		} else {
+			if ZosTracefile == nil {
+				ZosConsolePrintf("%s (errno2=0x%x)\n", e.Error(), e2)
+			} else {
+				fmt.Fprintf(ZosTracefile, "%s (errno2=0x%x)\n", e.Error(), e2)
+			}
+		}
+	}
+	return e
+}
+
 // ErrnoName returns the error name for error number e.
 func ErrnoName(e Errno) string {
 	i := sort.Search(len(errorList), func(i int) bool {
@@ -1474,6 +2428,9 @@ func (m *mmapper) Mmap(fd int, offset int64, length int, prot int, flags int) (d
 		return nil, EINVAL
 	}
 
+	// Set __MAP_64 by default
+	flags |= __MAP_64
+
 	// Map the requested memory.
 	addr, errno := m.mmap(0, uintptr(length), prot, flags, fd, offset)
 	if errno != nil {
@@ -1778,83 +2735,170 @@ func Exec(argv0 string, argv []string, envv []string) error {
 	return syscall.Exec(argv0, argv, envv)
 }
 
-func Mount(source string, target string, fstype string, flags uintptr, data string) (err error) {
+func Getag(path string) (ccsid uint16, flag uint16, err error) {
+	var val [8]byte
+	sz, err := Getxattr(path, "ccsid", val[:])
+	if err != nil {
+		return
+	}
+	ccsid = uint16(EncodeData(val[0:sz]))
+	sz, err = Getxattr(path, "flags", val[:])
+	if err != nil {
+		return
+	}
+	flag = uint16(EncodeData(val[0:sz]) >> 15)
+	return
+}
+
+// Mount begin
+func impl_Mount(source string, target string, fstype string, flags uintptr, data string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(source)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(target)
+	if err != nil {
+		return
+	}
+	var _p2 *byte
+	_p2, err = BytePtrFromString(fstype)
+	if err != nil {
+		return
+	}
+	var _p3 *byte
+	_p3, err = BytePtrFromString(data)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MOUNT1_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(_p2)), uintptr(flags), uintptr(unsafe.Pointer(_p3)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_MountAddr() *(func(source string, target string, fstype string, flags uintptr, data string) (err error))
+
+var Mount = enter_Mount
+
+func enter_Mount(source string, target string, fstype string, flags uintptr, data string) (err error) {
+	funcref := get_MountAddr()
+	if validMount() {
+		*funcref = impl_Mount
+	} else {
+		*funcref = legacyMount
+	}
+	return (*funcref)(source, target, fstype, flags, data)
+}
+
+func legacyMount(source string, target string, fstype string, flags uintptr, data string) (err error) {
 	if needspace := 8 - len(fstype); needspace <= 0 {
-		fstype = fstype[:8]
+		fstype = fstype[0:8]
 	} else {
-		fstype += "        "[:needspace]
+		fstype += "        "[0:needspace]
 	}
 	return mount_LE(target, source, fstype, uint32(flags), int32(len(data)), data)
 }
 
-func Unmount(name string, mtm int) (err error) {
+func validMount() bool {
+	if funcptrtest(GetZosLibVec()+SYS___MOUNT1_A<<4, "") == 0 {
+		if name, err := getLeFuncName(GetZosLibVec() + SYS___MOUNT1_A<<4); err == nil {
+			return name == "__mount1_a"
+		}
+	}
+	return false
+}
+
+// Mount end
+
+// Unmount begin
+func impl_Unmount(target string, flags int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(target)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UMOUNT2_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_UnmountAddr() *(func(target string, flags int) (err error))
+
+var Unmount = enter_Unmount
+
+func enter_Unmount(target string, flags int) (err error) {
+	funcref := get_UnmountAddr()
+	if funcptrtest(GetZosLibVec()+SYS___UMOUNT2_A<<4, "") == 0 {
+		*funcref = impl_Unmount
+	} else {
+		*funcref = legacyUnmount
+	}
+	return (*funcref)(target, flags)
+}
+
+func legacyUnmount(name string, mtm int) (err error) {
 	// mountpoint is always a full path and starts with a '/'
 	// check if input string is not a mountpoint but a filesystem name
 	if name[0] != '/' {
-		return unmount(name, mtm)
+		return unmount_LE(name, mtm)
 	}
 	// treat name as mountpoint
 	b2s := func(arr []byte) string {
-		nulli := bytes.IndexByte(arr, 0)
-		if nulli == -1 {
-			return string(arr)
-		} else {
-			return string(arr[:nulli])
+		var str string
+		for i := 0; i < len(arr); i++ {
+			if arr[i] == 0 {
+				str = string(arr[:i])
+				break
+			}
 		}
+		return str
 	}
 	var buffer struct {
 		header W_Mnth
 		fsinfo [64]W_Mntent
 	}
-	fsCount, err := W_Getmntent_A((*byte)(unsafe.Pointer(&buffer)), int(unsafe.Sizeof(buffer)))
-	if err != nil {
-		return err
-	}
-	if fsCount == 0 {
-		return EINVAL
-	}
-	for i := 0; i < fsCount; i++ {
-		if b2s(buffer.fsinfo[i].Mountpoint[:]) == name {
-			err = unmount(b2s(buffer.fsinfo[i].Fsname[:]), mtm)
-			break
+	fs_count, err := W_Getmntent_A((*byte)(unsafe.Pointer(&buffer)), int(unsafe.Sizeof(buffer)))
+	if err == nil {
+		err = EINVAL
+		for i := 0; i < fs_count; i++ {
+			if b2s(buffer.fsinfo[i].Mountpoint[:]) == name {
+				err = unmount_LE(b2s(buffer.fsinfo[i].Fsname[:]), mtm)
+				break
+			}
 		}
+	} else if fs_count == 0 {
+		err = EINVAL
 	}
 	return err
 }
 
-func fdToPath(dirfd int) (path string, err error) {
-	var buffer [1024]byte
-	// w_ctrl()
-	ret := runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS_W_IOCTL<<4,
-		[]uintptr{uintptr(dirfd), 17, 1024, uintptr(unsafe.Pointer(&buffer[0]))})
-	if ret == 0 {
-		zb := bytes.IndexByte(buffer[:], 0)
-		if zb == -1 {
-			zb = len(buffer)
-		}
-		// __e2a_l()
-		runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___E2A_L<<4,
-			[]uintptr{uintptr(unsafe.Pointer(&buffer[0])), uintptr(zb)})
-		return string(buffer[:zb]), nil
-	}
-	// __errno()
-	errno := int(*(*int32)(unsafe.Pointer(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO<<4,
-		[]uintptr{}))))
-	// __errno2()
-	errno2 := int(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO2<<4,
-		[]uintptr{}))
-	// strerror_r()
-	ret = runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS_STRERROR_R<<4,
-		[]uintptr{uintptr(errno), uintptr(unsafe.Pointer(&buffer[0])), 1024})
-	if ret == 0 {
-		zb := bytes.IndexByte(buffer[:], 0)
-		if zb == -1 {
-			zb = len(buffer)
-		}
-		return "", fmt.Errorf("%s (errno2=0x%x)", buffer[:zb], errno2)
-	} else {
-		return "", fmt.Errorf("fdToPath errno %d (errno2=0x%x)", errno, errno2)
+// Unmount end
+
+func direntIno(buf []byte) (uint64, bool) {
+	return readInt(buf, unsafe.Offsetof(Dirent{}.Ino), unsafe.Sizeof(Dirent{}.Ino))
+}
+
+func direntReclen(buf []byte) (uint64, bool) {
+	return readInt(buf, unsafe.Offsetof(Dirent{}.Reclen), unsafe.Sizeof(Dirent{}.Reclen))
+}
+
+func direntNamlen(buf []byte) (uint64, bool) {
+	reclen, ok := direntReclen(buf)
+	if !ok {
+		return 0, false
 	}
+	return reclen - uint64(unsafe.Offsetof(Dirent{}.Name)), true
 }
 
 func direntLeToDirentUnix(dirent *direntLE, dir uintptr, path string) (Dirent, error) {
@@ -1896,7 +2940,7 @@ func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
 	}
 
 	// Get path from fd to avoid unavailable call (fdopendir)
-	path, err := fdToPath(fd)
+	path, err := ZosFdToPath(fd)
 	if err != nil {
 		return 0, err
 	}
@@ -1910,7 +2954,7 @@ func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
 	for {
 		var entryLE direntLE
 		var entrypLE *direntLE
-		e := readdir_r(d, &entryLE, &entrypLE)
+		e := Readdir_r(d, &entryLE, &entrypLE)
 		if e != nil {
 			return n, e
 		}
@@ -1956,23 +3000,214 @@ func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
 	return n, nil
 }
 
-func ReadDirent(fd int, buf []byte) (n int, err error) {
-	var base = (*uintptr)(unsafe.Pointer(new(uint64)))
-	return Getdirentries(fd, buf, base)
+func Err2ad() (eadd *int) {
+	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS___ERR2AD<<4)
+	eadd = (*int)(unsafe.Pointer(r0))
+	return
 }
 
-func direntIno(buf []byte) (uint64, bool) {
-	return readInt(buf, unsafe.Offsetof(Dirent{}.Ino), unsafe.Sizeof(Dirent{}.Ino))
+func ZosConsolePrintf(format string, v ...interface{}) (int, error) {
+	type __cmsg struct {
+		_            uint16
+		_            [2]uint8
+		__msg_length uint32
+		__msg        uintptr
+		_            [4]uint8
+	}
+	msg := fmt.Sprintf(format, v...)
+	strptr := unsafe.Pointer((*reflect.StringHeader)(unsafe.Pointer(&msg)).Data)
+	len := (*reflect.StringHeader)(unsafe.Pointer(&msg)).Len
+	cmsg := __cmsg{__msg_length: uint32(len), __msg: uintptr(strptr)}
+	cmd := uint32(0)
+	runtime.EnterSyscall()
+	rc, err2, err1 := CallLeFuncWithErr(GetZosLibVec()+SYS_____CONSOLE_A<<4, uintptr(unsafe.Pointer(&cmsg)), 0, uintptr(unsafe.Pointer(&cmd)))
+	runtime.ExitSyscall()
+	if rc != 0 {
+		return 0, fmt.Errorf("%s (errno2=0x%x)\n", err1.Error(), err2)
+	}
+	return 0, nil
+}
+func ZosStringToEbcdicBytes(str string, nullterm bool) (ebcdicBytes []byte) {
+	if nullterm {
+		ebcdicBytes = []byte(str + "\x00")
+	} else {
+		ebcdicBytes = []byte(str)
+	}
+	A2e(ebcdicBytes)
+	return
+}
+func ZosEbcdicBytesToString(b []byte, trimRight bool) (str string) {
+	res := make([]byte, len(b))
+	copy(res, b)
+	E2a(res)
+	if trimRight {
+		str = string(bytes.TrimRight(res, " \x00"))
+	} else {
+		str = string(res)
+	}
+	return
 }
 
-func direntReclen(buf []byte) (uint64, bool) {
-	return readInt(buf, unsafe.Offsetof(Dirent{}.Reclen), unsafe.Sizeof(Dirent{}.Reclen))
+func fdToPath(dirfd int) (path string, err error) {
+	var buffer [1024]byte
+	// w_ctrl()
+	ret := runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS_W_IOCTL<<4,
+		[]uintptr{uintptr(dirfd), 17, 1024, uintptr(unsafe.Pointer(&buffer[0]))})
+	if ret == 0 {
+		zb := bytes.IndexByte(buffer[:], 0)
+		if zb == -1 {
+			zb = len(buffer)
+		}
+		// __e2a_l()
+		runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___E2A_L<<4,
+			[]uintptr{uintptr(unsafe.Pointer(&buffer[0])), uintptr(zb)})
+		return string(buffer[:zb]), nil
+	}
+	// __errno()
+	errno := int(*(*int32)(unsafe.Pointer(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO<<4,
+		[]uintptr{}))))
+	// __errno2()
+	errno2 := int(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO2<<4,
+		[]uintptr{}))
+	// strerror_r()
+	ret = runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS_STRERROR_R<<4,
+		[]uintptr{uintptr(errno), uintptr(unsafe.Pointer(&buffer[0])), 1024})
+	if ret == 0 {
+		zb := bytes.IndexByte(buffer[:], 0)
+		if zb == -1 {
+			zb = len(buffer)
+		}
+		return "", fmt.Errorf("%s (errno2=0x%x)", buffer[:zb], errno2)
+	} else {
+		return "", fmt.Errorf("fdToPath errno %d (errno2=0x%x)", errno, errno2)
+	}
 }
 
-func direntNamlen(buf []byte) (uint64, bool) {
-	reclen, ok := direntReclen(buf)
-	if !ok {
-		return 0, false
+func impl_Mkfifoat(dirfd int, path string, mode uint32) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
 	}
-	return reclen - uint64(unsafe.Offsetof(Dirent{}.Name)), true
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKFIFOAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_MkfifoatAddr() *(func(dirfd int, path string, mode uint32) (err error))
+
+var Mkfifoat = enter_Mkfifoat
+
+func enter_Mkfifoat(dirfd int, path string, mode uint32) (err error) {
+	funcref := get_MkfifoatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___MKFIFOAT_A<<4, "") == 0 {
+		*funcref = impl_Mkfifoat
+	} else {
+		*funcref = legacy_Mkfifoat
+	}
+	return (*funcref)(dirfd, path, mode)
+}
+
+func legacy_Mkfifoat(dirfd int, path string, mode uint32) (err error) {
+	dirname, err := ZosFdToPath(dirfd)
+	if err != nil {
+		return err
+	}
+	return Mkfifo(dirname+"/"+path, mode)
+}
+
+//sys	Posix_openpt(oflag int) (fd int, err error) = SYS_POSIX_OPENPT
+//sys	Grantpt(fildes int) (rc int, err error) = SYS_GRANTPT
+//sys	Unlockpt(fildes int) (rc int, err error) = SYS_UNLOCKPT
+
+func fcntlAsIs(fd uintptr, cmd int, arg uintptr) (val int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCNTL<<4, uintptr(fd), uintptr(cmd), arg)
+	runtime.ExitSyscall()
+	val = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+func Fcntl(fd uintptr, cmd int, op interface{}) (ret int, err error) {
+	switch op.(type) {
+	case *Flock_t:
+		err = FcntlFlock(fd, cmd, op.(*Flock_t))
+		if err != nil {
+			ret = -1
+		}
+		return
+	case int:
+		return FcntlInt(fd, cmd, op.(int))
+	case *F_cnvrt:
+		return fcntlAsIs(fd, cmd, uintptr(unsafe.Pointer(op.(*F_cnvrt))))
+	case unsafe.Pointer:
+		return fcntlAsIs(fd, cmd, uintptr(op.(unsafe.Pointer)))
+	default:
+		return -1, EINVAL
+	}
+	return
+}
+
+func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) {
+	if raceenabled {
+		raceReleaseMerge(unsafe.Pointer(&ioSync))
+	}
+	return sendfile(outfd, infd, offset, count)
+}
+
+func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) {
+	// TODO: use LE call instead if the call is implemented
+	originalOffset, err := Seek(infd, 0, SEEK_CUR)
+	if err != nil {
+		return -1, err
+	}
+	//start reading data from in_fd
+	if offset != nil {
+		_, err := Seek(infd, *offset, SEEK_SET)
+		if err != nil {
+			return -1, err
+		}
+	}
+
+	buf := make([]byte, count)
+	readBuf := make([]byte, 0)
+	var n int = 0
+	for i := 0; i < count; i += n {
+		n, err := Read(infd, buf)
+		if n == 0 {
+			if err != nil {
+				return -1, err
+			} else { // EOF
+				break
+			}
+		}
+		readBuf = append(readBuf, buf...)
+		buf = buf[0:0]
+	}
+
+	n2, err := Write(outfd, readBuf)
+	if err != nil {
+		return -1, err
+	}
+
+	//When sendfile() returns, this variable will be set to the
+	// offset of the byte following the last byte that was read.
+	if offset != nil {
+		*offset = *offset + int64(n)
+		// If offset is not NULL, then sendfile() does not modify the file
+		// offset of in_fd
+		_, err := Seek(infd, originalOffset, SEEK_SET)
+		if err != nil {
+			return -1, err
+		}
+	}
+	return n2, nil
 }
diff --git a/vendor/golang.org/x/sys/unix/sysvshm_unix.go b/vendor/golang.org/x/sys/unix/sysvshm_unix.go
index 79a84f18b..672d6b0a8 100644
--- a/vendor/golang.org/x/sys/unix/sysvshm_unix.go
+++ b/vendor/golang.org/x/sys/unix/sysvshm_unix.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build (darwin && !ios) || linux
+//go:build (darwin && !ios) || linux || zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go b/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go
index 9eb0db664..8b7977a28 100644
--- a/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go
+++ b/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build darwin && !ios
+//go:build (darwin && !ios) || zos
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/vgetrandom_linux.go b/vendor/golang.org/x/sys/unix/vgetrandom_linux.go
new file mode 100644
index 000000000..07ac8e09d
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/vgetrandom_linux.go
@@ -0,0 +1,13 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build linux && go1.24
+
+package unix
+
+import _ "unsafe"
+
+//go:linkname vgetrandom runtime.vgetrandom
+//go:noescape
+func vgetrandom(p []byte, flags uint32) (ret int, supported bool)
diff --git a/vendor/golang.org/x/sys/unix/vgetrandom_unsupported.go b/vendor/golang.org/x/sys/unix/vgetrandom_unsupported.go
new file mode 100644
index 000000000..297e97bce
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/vgetrandom_unsupported.go
@@ -0,0 +1,11 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !linux || !go1.24
+
+package unix
+
+func vgetrandom(p []byte, flags uint32) (ret int, supported bool) {
+	return -1, false
+}
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
index e40fa8524..d73c4652e 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
@@ -237,6 +237,9 @@ const (
 	CLOCK_UPTIME_RAW_APPROX                 = 0x9
 	CLONE_NOFOLLOW                          = 0x1
 	CLONE_NOOWNERCOPY                       = 0x2
+	CONNECT_DATA_AUTHENTICATED              = 0x4
+	CONNECT_DATA_IDEMPOTENT                 = 0x2
+	CONNECT_RESUME_ON_READ_WRITE            = 0x1
 	CR0                                     = 0x0
 	CR1                                     = 0x1000
 	CR2                                     = 0x2000
@@ -1169,6 +1172,11 @@ const (
 	PT_WRITE_D                              = 0x5
 	PT_WRITE_I                              = 0x4
 	PT_WRITE_U                              = 0x6
+	RENAME_EXCL                             = 0x4
+	RENAME_NOFOLLOW_ANY                     = 0x10
+	RENAME_RESERVED1                        = 0x8
+	RENAME_SECLUDE                          = 0x1
+	RENAME_SWAP                             = 0x2
 	RLIMIT_AS                               = 0x5
 	RLIMIT_CORE                             = 0x4
 	RLIMIT_CPU                              = 0x0
@@ -1260,6 +1268,10 @@ const (
 	RTV_SSTHRESH                            = 0x20
 	RUSAGE_CHILDREN                         = -0x1
 	RUSAGE_SELF                             = 0x0
+	SAE_ASSOCID_ALL                         = 0xffffffff
+	SAE_ASSOCID_ANY                         = 0x0
+	SAE_CONNID_ALL                          = 0xffffffff
+	SAE_CONNID_ANY                          = 0x0
 	SCM_CREDS                               = 0x3
 	SCM_RIGHTS                              = 0x1
 	SCM_TIMESTAMP                           = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
index bb02aa6c0..4a55a4005 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
@@ -237,6 +237,9 @@ const (
 	CLOCK_UPTIME_RAW_APPROX                 = 0x9
 	CLONE_NOFOLLOW                          = 0x1
 	CLONE_NOOWNERCOPY                       = 0x2
+	CONNECT_DATA_AUTHENTICATED              = 0x4
+	CONNECT_DATA_IDEMPOTENT                 = 0x2
+	CONNECT_RESUME_ON_READ_WRITE            = 0x1
 	CR0                                     = 0x0
 	CR1                                     = 0x1000
 	CR2                                     = 0x2000
@@ -1169,6 +1172,11 @@ const (
 	PT_WRITE_D                              = 0x5
 	PT_WRITE_I                              = 0x4
 	PT_WRITE_U                              = 0x6
+	RENAME_EXCL                             = 0x4
+	RENAME_NOFOLLOW_ANY                     = 0x10
+	RENAME_RESERVED1                        = 0x8
+	RENAME_SECLUDE                          = 0x1
+	RENAME_SWAP                             = 0x2
 	RLIMIT_AS                               = 0x5
 	RLIMIT_CORE                             = 0x4
 	RLIMIT_CPU                              = 0x0
@@ -1260,6 +1268,10 @@ const (
 	RTV_SSTHRESH                            = 0x20
 	RUSAGE_CHILDREN                         = -0x1
 	RUSAGE_SELF                             = 0x0
+	SAE_ASSOCID_ALL                         = 0xffffffff
+	SAE_ASSOCID_ANY                         = 0x0
+	SAE_CONNID_ALL                          = 0xffffffff
+	SAE_CONNID_ANY                          = 0x0
 	SCM_CREDS                               = 0x3
 	SCM_RIGHTS                              = 0x1
 	SCM_TIMESTAMP                           = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index 36bf8399f..6ebc48b3f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -321,6 +321,9 @@ const (
 	AUDIT_INTEGRITY_STATUS                      = 0x70a
 	AUDIT_IPC                                   = 0x517
 	AUDIT_IPC_SET_PERM                          = 0x51f
+	AUDIT_IPE_ACCESS                            = 0x58c
+	AUDIT_IPE_CONFIG_CHANGE                     = 0x58d
+	AUDIT_IPE_POLICY_LOAD                       = 0x58e
 	AUDIT_KERNEL                                = 0x7d0
 	AUDIT_KERNEL_OTHER                          = 0x524
 	AUDIT_KERN_MODULE                           = 0x532
@@ -457,6 +460,7 @@ const (
 	B600                                        = 0x8
 	B75                                         = 0x2
 	B9600                                       = 0xd
+	BCACHEFS_SUPER_MAGIC                        = 0xca451a4e
 	BDEVFS_MAGIC                                = 0x62646576
 	BINDERFS_SUPER_MAGIC                        = 0x6c6f6f70
 	BINFMTFS_MAGIC                              = 0x42494e4d
@@ -488,11 +492,14 @@ const (
 	BPF_F_ID                                    = 0x20
 	BPF_F_NETFILTER_IP_DEFRAG                   = 0x1
 	BPF_F_QUERY_EFFECTIVE                       = 0x1
+	BPF_F_REDIRECT_FLAGS                        = 0x19
 	BPF_F_REPLACE                               = 0x4
 	BPF_F_SLEEPABLE                             = 0x10
 	BPF_F_STRICT_ALIGNMENT                      = 0x1
+	BPF_F_TEST_REG_INVARIANTS                   = 0x80
 	BPF_F_TEST_RND_HI32                         = 0x4
 	BPF_F_TEST_RUN_ON_CPU                       = 0x1
+	BPF_F_TEST_SKB_CHECKSUM_COMPLETE            = 0x4
 	BPF_F_TEST_STATE_FREQ                       = 0x8
 	BPF_F_TEST_XDP_LIVE_FRAMES                  = 0x2
 	BPF_F_XDP_DEV_BOUND_ONLY                    = 0x40
@@ -501,6 +508,7 @@ const (
 	BPF_IMM                                     = 0x0
 	BPF_IND                                     = 0x40
 	BPF_JA                                      = 0x0
+	BPF_JCOND                                   = 0xe0
 	BPF_JEQ                                     = 0x10
 	BPF_JGE                                     = 0x30
 	BPF_JGT                                     = 0x20
@@ -656,6 +664,9 @@ const (
 	CAN_NPROTO                                  = 0x8
 	CAN_RAW                                     = 0x1
 	CAN_RAW_FILTER_MAX                          = 0x200
+	CAN_RAW_XL_VCID_RX_FILTER                   = 0x4
+	CAN_RAW_XL_VCID_TX_PASS                     = 0x2
+	CAN_RAW_XL_VCID_TX_SET                      = 0x1
 	CAN_RTR_FLAG                                = 0x40000000
 	CAN_SFF_ID_BITS                             = 0xb
 	CAN_SFF_MASK                                = 0x7ff
@@ -923,6 +934,7 @@ const (
 	EPOLL_CTL_ADD                               = 0x1
 	EPOLL_CTL_DEL                               = 0x2
 	EPOLL_CTL_MOD                               = 0x3
+	EPOLL_IOC_TYPE                              = 0x8a
 	EROFS_SUPER_MAGIC_V1                        = 0xe0f5e1e2
 	ESP_V4_FLOW                                 = 0xa
 	ESP_V6_FLOW                                 = 0xc
@@ -936,9 +948,6 @@ const (
 	ETHTOOL_FEC_OFF                             = 0x4
 	ETHTOOL_FEC_RS                              = 0x8
 	ETHTOOL_FLAG_ALL                            = 0x7
-	ETHTOOL_FLAG_COMPACT_BITSETS                = 0x1
-	ETHTOOL_FLAG_OMIT_REPLY                     = 0x2
-	ETHTOOL_FLAG_STATS                          = 0x4
 	ETHTOOL_FLASHDEV                            = 0x33
 	ETHTOOL_FLASH_MAX_FILENAME                  = 0x80
 	ETHTOOL_FWVERS_LEN                          = 0x20
@@ -1161,6 +1170,7 @@ const (
 	EXTA                                        = 0xe
 	EXTB                                        = 0xf
 	F2FS_SUPER_MAGIC                            = 0xf2f52010
+	FALLOC_FL_ALLOCATE_RANGE                    = 0x0
 	FALLOC_FL_COLLAPSE_RANGE                    = 0x8
 	FALLOC_FL_INSERT_RANGE                      = 0x20
 	FALLOC_FL_KEEP_SIZE                         = 0x1
@@ -1338,6 +1348,7 @@ const (
 	F_OFD_SETLK                                 = 0x25
 	F_OFD_SETLKW                                = 0x26
 	F_OK                                        = 0x0
+	F_SEAL_EXEC                                 = 0x20
 	F_SEAL_FUTURE_WRITE                         = 0x10
 	F_SEAL_GROW                                 = 0x4
 	F_SEAL_SEAL                                 = 0x1
@@ -1626,6 +1637,7 @@ const (
 	IP_FREEBIND                                 = 0xf
 	IP_HDRINCL                                  = 0x3
 	IP_IPSEC_POLICY                             = 0x10
+	IP_LOCAL_PORT_RANGE                         = 0x33
 	IP_MAXPACKET                                = 0xffff
 	IP_MAX_MEMBERSHIPS                          = 0x14
 	IP_MF                                       = 0x2000
@@ -1652,6 +1664,7 @@ const (
 	IP_PMTUDISC_OMIT                            = 0x5
 	IP_PMTUDISC_PROBE                           = 0x3
 	IP_PMTUDISC_WANT                            = 0x1
+	IP_PROTOCOL                                 = 0x34
 	IP_RECVERR                                  = 0xb
 	IP_RECVERR_RFC4884                          = 0x1a
 	IP_RECVFRAGSIZE                             = 0x19
@@ -1697,6 +1710,8 @@ const (
 	KEXEC_ARCH_S390                             = 0x160000
 	KEXEC_ARCH_SH                               = 0x2a0000
 	KEXEC_ARCH_X86_64                           = 0x3e0000
+	KEXEC_CRASH_HOTPLUG_SUPPORT                 = 0x8
+	KEXEC_FILE_DEBUG                            = 0x8
 	KEXEC_FILE_NO_INITRAMFS                     = 0x4
 	KEXEC_FILE_ON_CRASH                         = 0x2
 	KEXEC_FILE_UNLOAD                           = 0x1
@@ -1771,6 +1786,7 @@ const (
 	KEY_SPEC_USER_KEYRING                       = -0x4
 	KEY_SPEC_USER_SESSION_KEYRING               = -0x5
 	LANDLOCK_ACCESS_FS_EXECUTE                  = 0x1
+	LANDLOCK_ACCESS_FS_IOCTL_DEV                = 0x8000
 	LANDLOCK_ACCESS_FS_MAKE_BLOCK               = 0x800
 	LANDLOCK_ACCESS_FS_MAKE_CHAR                = 0x40
 	LANDLOCK_ACCESS_FS_MAKE_DIR                 = 0x80
@@ -1788,6 +1804,8 @@ const (
 	LANDLOCK_ACCESS_NET_BIND_TCP                = 0x1
 	LANDLOCK_ACCESS_NET_CONNECT_TCP             = 0x2
 	LANDLOCK_CREATE_RULESET_VERSION             = 0x1
+	LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET         = 0x1
+	LANDLOCK_SCOPE_SIGNAL                       = 0x2
 	LINUX_REBOOT_CMD_CAD_OFF                    = 0x0
 	LINUX_REBOOT_CMD_CAD_ON                     = 0x89abcdef
 	LINUX_REBOOT_CMD_HALT                       = 0xcdef0123
@@ -1852,6 +1870,19 @@ const (
 	MAP_FILE                                    = 0x0
 	MAP_FIXED                                   = 0x10
 	MAP_FIXED_NOREPLACE                         = 0x100000
+	MAP_HUGE_16GB                               = 0x88000000
+	MAP_HUGE_16KB                               = 0x38000000
+	MAP_HUGE_16MB                               = 0x60000000
+	MAP_HUGE_1GB                                = 0x78000000
+	MAP_HUGE_1MB                                = 0x50000000
+	MAP_HUGE_256MB                              = 0x70000000
+	MAP_HUGE_2GB                                = 0x7c000000
+	MAP_HUGE_2MB                                = 0x54000000
+	MAP_HUGE_32MB                               = 0x64000000
+	MAP_HUGE_512KB                              = 0x4c000000
+	MAP_HUGE_512MB                              = 0x74000000
+	MAP_HUGE_64KB                               = 0x40000000
+	MAP_HUGE_8MB                                = 0x5c000000
 	MAP_HUGE_MASK                               = 0x3f
 	MAP_HUGE_SHIFT                              = 0x1a
 	MAP_PRIVATE                                 = 0x2
@@ -1898,6 +1929,9 @@ const (
 	MNT_DETACH                                  = 0x2
 	MNT_EXPIRE                                  = 0x4
 	MNT_FORCE                                   = 0x1
+	MNT_ID_REQ_SIZE_VER0                        = 0x18
+	MNT_ID_REQ_SIZE_VER1                        = 0x20
+	MNT_NS_INFO_SIZE_VER0                       = 0x10
 	MODULE_INIT_COMPRESSED_FILE                 = 0x4
 	MODULE_INIT_IGNORE_MODVERSIONS              = 0x1
 	MODULE_INIT_IGNORE_VERMAGIC                 = 0x2
@@ -2163,10 +2197,10 @@ const (
 	NFT_REG_SIZE                                = 0x10
 	NFT_REJECT_ICMPX_MAX                        = 0x3
 	NFT_RT_MAX                                  = 0x4
-	NFT_SECMARK_CTX_MAXLEN                      = 0x100
+	NFT_SECMARK_CTX_MAXLEN                      = 0x1000
 	NFT_SET_MAXNAMELEN                          = 0x100
 	NFT_SOCKET_MAX                              = 0x3
-	NFT_TABLE_F_MASK                            = 0x3
+	NFT_TABLE_F_MASK                            = 0x7
 	NFT_TABLE_MAXNAMELEN                        = 0x100
 	NFT_TRACETYPE_MAX                           = 0x3
 	NFT_TUNNEL_F_MASK                           = 0x7
@@ -2302,6 +2336,7 @@ const (
 	PERF_AUX_FLAG_PARTIAL                       = 0x4
 	PERF_AUX_FLAG_PMU_FORMAT_TYPE_MASK          = 0xff00
 	PERF_AUX_FLAG_TRUNCATED                     = 0x1
+	PERF_BRANCH_ENTRY_INFO_BITS_MAX             = 0x21
 	PERF_BR_ARM64_DEBUG_DATA                    = 0x7
 	PERF_BR_ARM64_DEBUG_EXIT                    = 0x5
 	PERF_BR_ARM64_DEBUG_HALT                    = 0x4
@@ -2331,9 +2366,11 @@ const (
 	PERF_MEM_LVLNUM_IO                          = 0xa
 	PERF_MEM_LVLNUM_L1                          = 0x1
 	PERF_MEM_LVLNUM_L2                          = 0x2
+	PERF_MEM_LVLNUM_L2_MHB                      = 0x5
 	PERF_MEM_LVLNUM_L3                          = 0x3
 	PERF_MEM_LVLNUM_L4                          = 0x4
 	PERF_MEM_LVLNUM_LFB                         = 0xc
+	PERF_MEM_LVLNUM_MSC                         = 0x6
 	PERF_MEM_LVLNUM_NA                          = 0xf
 	PERF_MEM_LVLNUM_PMEM                        = 0xe
 	PERF_MEM_LVLNUM_RAM                         = 0xd
@@ -2399,12 +2436,14 @@ const (
 	PERF_RECORD_MISC_USER                       = 0x2
 	PERF_SAMPLE_BRANCH_PLM_ALL                  = 0x7
 	PERF_SAMPLE_WEIGHT_TYPE                     = 0x1004000
+	PID_FS_MAGIC                                = 0x50494446
 	PIPEFS_MAGIC                                = 0x50495045
 	PPPIOCGNPMODE                               = 0xc008744c
 	PPPIOCNEWUNIT                               = 0xc004743e
 	PRIO_PGRP                                   = 0x1
 	PRIO_PROCESS                                = 0x0
 	PRIO_USER                                   = 0x2
+	PROCFS_IOCTL_MAGIC                          = 'f'
 	PROC_SUPER_MAGIC                            = 0x9fa0
 	PROT_EXEC                                   = 0x4
 	PROT_GROWSDOWN                              = 0x1000000
@@ -2486,6 +2525,23 @@ const (
 	PR_PAC_GET_ENABLED_KEYS                     = 0x3d
 	PR_PAC_RESET_KEYS                           = 0x36
 	PR_PAC_SET_ENABLED_KEYS                     = 0x3c
+	PR_PPC_DEXCR_CTRL_CLEAR                     = 0x4
+	PR_PPC_DEXCR_CTRL_CLEAR_ONEXEC              = 0x10
+	PR_PPC_DEXCR_CTRL_EDITABLE                  = 0x1
+	PR_PPC_DEXCR_CTRL_MASK                      = 0x1f
+	PR_PPC_DEXCR_CTRL_SET                       = 0x2
+	PR_PPC_DEXCR_CTRL_SET_ONEXEC                = 0x8
+	PR_PPC_DEXCR_IBRTPD                         = 0x1
+	PR_PPC_DEXCR_NPHIE                          = 0x3
+	PR_PPC_DEXCR_SBHE                           = 0x0
+	PR_PPC_DEXCR_SRAPD                          = 0x2
+	PR_PPC_GET_DEXCR                            = 0x48
+	PR_PPC_SET_DEXCR                            = 0x49
+	PR_RISCV_CTX_SW_FENCEI_OFF                  = 0x1
+	PR_RISCV_CTX_SW_FENCEI_ON                   = 0x0
+	PR_RISCV_SCOPE_PER_PROCESS                  = 0x0
+	PR_RISCV_SCOPE_PER_THREAD                   = 0x1
+	PR_RISCV_SET_ICACHE_FLUSH_CTX               = 0x47
 	PR_RISCV_V_GET_CONTROL                      = 0x46
 	PR_RISCV_V_SET_CONTROL                      = 0x45
 	PR_RISCV_V_VSTATE_CTRL_CUR_MASK             = 0x3
@@ -2577,6 +2633,28 @@ const (
 	PR_UNALIGN_NOPRINT                          = 0x1
 	PR_UNALIGN_SIGBUS                           = 0x2
 	PSTOREFS_MAGIC                              = 0x6165676c
+	PTP_CLK_MAGIC                               = '='
+	PTP_ENABLE_FEATURE                          = 0x1
+	PTP_EXTTS_EDGES                             = 0x6
+	PTP_EXTTS_EVENT_VALID                       = 0x1
+	PTP_EXTTS_V1_VALID_FLAGS                    = 0x7
+	PTP_EXTTS_VALID_FLAGS                       = 0x1f
+	PTP_EXT_OFFSET                              = 0x10
+	PTP_FALLING_EDGE                            = 0x4
+	PTP_MAX_SAMPLES                             = 0x19
+	PTP_PEROUT_DUTY_CYCLE                       = 0x2
+	PTP_PEROUT_ONE_SHOT                         = 0x1
+	PTP_PEROUT_PHASE                            = 0x4
+	PTP_PEROUT_V1_VALID_FLAGS                   = 0x0
+	PTP_PEROUT_VALID_FLAGS                      = 0x7
+	PTP_PIN_GETFUNC                             = 0xc0603d06
+	PTP_PIN_GETFUNC2                            = 0xc0603d0f
+	PTP_RISING_EDGE                             = 0x2
+	PTP_STRICT_FLAGS                            = 0x8
+	PTP_SYS_OFFSET_EXTENDED                     = 0xc4c03d09
+	PTP_SYS_OFFSET_EXTENDED2                    = 0xc4c03d12
+	PTP_SYS_OFFSET_PRECISE                      = 0xc0403d08
+	PTP_SYS_OFFSET_PRECISE2                     = 0xc0403d11
 	PTRACE_ATTACH                               = 0x10
 	PTRACE_CONT                                 = 0x7
 	PTRACE_DETACH                               = 0x11
@@ -2890,14 +2968,17 @@ const (
 	RUSAGE_SELF                                 = 0x0
 	RUSAGE_THREAD                               = 0x1
 	RWF_APPEND                                  = 0x10
+	RWF_ATOMIC                                  = 0x40
 	RWF_DSYNC                                   = 0x2
 	RWF_HIPRI                                   = 0x1
+	RWF_NOAPPEND                                = 0x20
 	RWF_NOWAIT                                  = 0x8
-	RWF_SUPPORTED                               = 0x1f
+	RWF_SUPPORTED                               = 0x7f
 	RWF_SYNC                                    = 0x4
 	RWF_WRITE_LIFE_NOT_SET                      = 0x0
 	SCHED_BATCH                                 = 0x3
 	SCHED_DEADLINE                              = 0x6
+	SCHED_EXT                                   = 0x7
 	SCHED_FIFO                                  = 0x1
 	SCHED_FLAG_ALL                              = 0x7f
 	SCHED_FLAG_DL_OVERRUN                       = 0x4
@@ -2914,7 +2995,9 @@ const (
 	SCHED_RESET_ON_FORK                         = 0x40000000
 	SCHED_RR                                    = 0x2
 	SCM_CREDENTIALS                             = 0x2
+	SCM_PIDFD                                   = 0x4
 	SCM_RIGHTS                                  = 0x1
+	SCM_SECURITY                                = 0x3
 	SCM_TIMESTAMP                               = 0x1d
 	SC_LOG_FLUSH                                = 0x100000
 	SECCOMP_ADDFD_FLAG_SEND                     = 0x2
@@ -3047,6 +3130,8 @@ const (
 	SIOCSMIIREG                                 = 0x8949
 	SIOCSRARP                                   = 0x8962
 	SIOCWANDEV                                  = 0x894a
+	SK_DIAG_BPF_STORAGE_MAX                     = 0x3
+	SK_DIAG_BPF_STORAGE_REQ_MAX                 = 0x1
 	SMACK_MAGIC                                 = 0x43415d53
 	SMART_AUTOSAVE                              = 0xd2
 	SMART_AUTO_OFFLINE                          = 0xdb
@@ -3067,6 +3152,8 @@ const (
 	SOCKFS_MAGIC                                = 0x534f434b
 	SOCK_BUF_LOCK_MASK                          = 0x3
 	SOCK_DCCP                                   = 0x6
+	SOCK_DESTROY                                = 0x15
+	SOCK_DIAG_BY_FAMILY                         = 0x14
 	SOCK_IOC_TYPE                               = 0x89
 	SOCK_PACKET                                 = 0xa
 	SOCK_RAW                                    = 0x3
@@ -3160,6 +3247,7 @@ const (
 	STATX_ATTR_MOUNT_ROOT                       = 0x2000
 	STATX_ATTR_NODUMP                           = 0x40
 	STATX_ATTR_VERITY                           = 0x100000
+	STATX_ATTR_WRITE_ATOMIC                     = 0x400000
 	STATX_BASIC_STATS                           = 0x7ff
 	STATX_BLOCKS                                = 0x400
 	STATX_BTIME                                 = 0x800
@@ -3168,12 +3256,15 @@ const (
 	STATX_GID                                   = 0x10
 	STATX_INO                                   = 0x100
 	STATX_MNT_ID                                = 0x1000
+	STATX_MNT_ID_UNIQUE                         = 0x4000
 	STATX_MODE                                  = 0x2
 	STATX_MTIME                                 = 0x40
 	STATX_NLINK                                 = 0x4
 	STATX_SIZE                                  = 0x200
+	STATX_SUBVOL                                = 0x8000
 	STATX_TYPE                                  = 0x1
 	STATX_UID                                   = 0x8
+	STATX_WRITE_ATOMIC                          = 0x10000
 	STATX__RESERVED                             = 0x80000000
 	SYNC_FILE_RANGE_WAIT_AFTER                  = 0x4
 	SYNC_FILE_RANGE_WAIT_BEFORE                 = 0x1
@@ -3255,6 +3346,7 @@ const (
 	TCP_MAX_WINSHIFT                            = 0xe
 	TCP_MD5SIG                                  = 0xe
 	TCP_MD5SIG_EXT                              = 0x20
+	TCP_MD5SIG_FLAG_IFINDEX                     = 0x2
 	TCP_MD5SIG_FLAG_PREFIX                      = 0x1
 	TCP_MD5SIG_MAXKEYLEN                        = 0x50
 	TCP_MSS                                     = 0x200
@@ -3562,12 +3654,17 @@ const (
 	XDP_RX_RING                                 = 0x2
 	XDP_SHARED_UMEM                             = 0x1
 	XDP_STATISTICS                              = 0x7
+	XDP_TXMD_FLAGS_CHECKSUM                     = 0x2
+	XDP_TXMD_FLAGS_TIMESTAMP                    = 0x1
+	XDP_TX_METADATA                             = 0x2
 	XDP_TX_RING                                 = 0x3
 	XDP_UMEM_COMPLETION_RING                    = 0x6
 	XDP_UMEM_FILL_RING                          = 0x5
 	XDP_UMEM_PGOFF_COMPLETION_RING              = 0x180000000
 	XDP_UMEM_PGOFF_FILL_RING                    = 0x100000000
 	XDP_UMEM_REG                                = 0x4
+	XDP_UMEM_TX_METADATA_LEN                    = 0x4
+	XDP_UMEM_TX_SW_CSUM                         = 0x2
 	XDP_UMEM_UNALIGNED_CHUNK_FLAG               = 0x1
 	XDP_USE_NEED_WAKEUP                         = 0x8
 	XDP_USE_SG                                  = 0x10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index 42ff8c3c1..c0d45e320 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x80088a02
+	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -107,6 +109,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
+	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -118,6 +121,7 @@ const (
 	IXOFF                            = 0x1000
 	IXON                             = 0x400
 	MAP_32BIT                        = 0x40
+	MAP_ABOVE4G                      = 0x80
 	MAP_ANON                         = 0x20
 	MAP_ANONYMOUS                    = 0x20
 	MAP_DENYWRITE                    = 0x800
@@ -150,9 +154,14 @@ const (
 	NFDBITS                          = 0x20
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
+	NS_GET_PID_FROM_PIDNS            = 0x8004b706
+	NS_GET_PID_IN_PIDNS              = 0x8004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
+	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -229,6 +238,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffff
+	PTP_CLOCK_GETCAPS                = 0x80503d01
+	PTP_CLOCK_GETCAPS2               = 0x80503d0a
+	PTP_ENABLE_PPS                   = 0x40043d04
+	PTP_ENABLE_PPS2                  = 0x40043d0d
+	PTP_EXTTS_REQUEST                = 0x40103d02
+	PTP_EXTTS_REQUEST2               = 0x40103d0b
+	PTP_MASK_CLEAR_ALL               = 0x3d13
+	PTP_MASK_EN_SINGLE               = 0x40043d14
+	PTP_PEROUT_REQUEST               = 0x40383d03
+	PTP_PEROUT_REQUEST2              = 0x40383d0c
+	PTP_PIN_SETFUNC                  = 0x40603d07
+	PTP_PIN_SETFUNC2                 = 0x40603d10
+	PTP_SYS_OFFSET                   = 0x43403d05
+	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETFPXREGS                = 0x12
 	PTRACE_GET_THREAD_AREA           = 0x19
@@ -275,6 +298,8 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -313,6 +338,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index dca436004..c731d24f0 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x80088a02
+	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -107,6 +109,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
+	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -118,6 +121,7 @@ const (
 	IXOFF                            = 0x1000
 	IXON                             = 0x400
 	MAP_32BIT                        = 0x40
+	MAP_ABOVE4G                      = 0x80
 	MAP_ANON                         = 0x20
 	MAP_ANONYMOUS                    = 0x20
 	MAP_DENYWRITE                    = 0x800
@@ -150,9 +154,14 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
+	NS_GET_PID_FROM_PIDNS            = 0x8004b706
+	NS_GET_PID_IN_PIDNS              = 0x8004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
+	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -229,6 +238,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x80503d01
+	PTP_CLOCK_GETCAPS2               = 0x80503d0a
+	PTP_ENABLE_PPS                   = 0x40043d04
+	PTP_ENABLE_PPS2                  = 0x40043d0d
+	PTP_EXTTS_REQUEST                = 0x40103d02
+	PTP_EXTTS_REQUEST2               = 0x40103d0b
+	PTP_MASK_CLEAR_ALL               = 0x3d13
+	PTP_MASK_EN_SINGLE               = 0x40043d14
+	PTP_PEROUT_REQUEST               = 0x40383d03
+	PTP_PEROUT_REQUEST2              = 0x40383d0c
+	PTP_PIN_SETFUNC                  = 0x40603d07
+	PTP_PIN_SETFUNC2                 = 0x40603d10
+	PTP_SYS_OFFSET                   = 0x43403d05
+	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_ARCH_PRCTL                = 0x1e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETFPXREGS                = 0x12
@@ -276,6 +299,8 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -314,6 +339,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index 5cca668ac..680018a4a 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x80088a02
+	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
+	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -148,9 +151,14 @@ const (
 	NFDBITS                          = 0x20
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
+	NS_GET_PID_FROM_PIDNS            = 0x8004b706
+	NS_GET_PID_IN_PIDNS              = 0x8004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
+	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -227,6 +235,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffff
+	PTP_CLOCK_GETCAPS                = 0x80503d01
+	PTP_CLOCK_GETCAPS2               = 0x80503d0a
+	PTP_ENABLE_PPS                   = 0x40043d04
+	PTP_ENABLE_PPS2                  = 0x40043d0d
+	PTP_EXTTS_REQUEST                = 0x40103d02
+	PTP_EXTTS_REQUEST2               = 0x40103d0b
+	PTP_MASK_CLEAR_ALL               = 0x3d13
+	PTP_MASK_EN_SINGLE               = 0x40043d14
+	PTP_PEROUT_REQUEST               = 0x40383d03
+	PTP_PEROUT_REQUEST2              = 0x40383d0c
+	PTP_PIN_SETFUNC                  = 0x40603d07
+	PTP_PIN_SETFUNC2                 = 0x40603d10
+	PTP_SYS_OFFSET                   = 0x43403d05
+	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_GETCRUNCHREGS             = 0x19
 	PTRACE_GETFDPIC                  = 0x1f
 	PTRACE_GETFDPIC_EXEC             = 0x0
@@ -282,6 +304,8 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -320,6 +344,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index d8cae6d15..a63909f30 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x80088a02
+	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	ESR_MAGIC                        = 0x45535201
 	EXTPROC                          = 0x10000
@@ -87,6 +89,7 @@ const (
 	FICLONE                          = 0x40049409
 	FICLONERANGE                     = 0x4020940d
 	FLUSHO                           = 0x1000
+	FPMR_MAGIC                       = 0x46504d52
 	FPSIMD_MAGIC                     = 0x46508001
 	FS_IOC_ENABLE_VERITY             = 0x40806685
 	FS_IOC_GETFLAGS                  = 0x80086601
@@ -109,6 +112,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
+	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -151,9 +155,14 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
+	NS_GET_PID_FROM_PIDNS            = 0x8004b706
+	NS_GET_PID_IN_PIDNS              = 0x8004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
+	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -197,6 +206,7 @@ const (
 	PERF_EVENT_IOC_SET_BPF           = 0x40042408
 	PERF_EVENT_IOC_SET_FILTER        = 0x40082406
 	PERF_EVENT_IOC_SET_OUTPUT        = 0x2405
+	POE_MAGIC                        = 0x504f4530
 	PPPIOCATTACH                     = 0x4004743d
 	PPPIOCATTCHAN                    = 0x40047438
 	PPPIOCBRIDGECHAN                 = 0x40047435
@@ -232,6 +242,20 @@ const (
 	PROT_BTI                         = 0x10
 	PROT_MTE                         = 0x20
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x80503d01
+	PTP_CLOCK_GETCAPS2               = 0x80503d0a
+	PTP_ENABLE_PPS                   = 0x40043d04
+	PTP_ENABLE_PPS2                  = 0x40043d0d
+	PTP_EXTTS_REQUEST                = 0x40103d02
+	PTP_EXTTS_REQUEST2               = 0x40103d0b
+	PTP_MASK_CLEAR_ALL               = 0x3d13
+	PTP_MASK_EN_SINGLE               = 0x40043d14
+	PTP_PEROUT_REQUEST               = 0x40383d03
+	PTP_PEROUT_REQUEST2              = 0x40383d0c
+	PTP_PIN_SETFUNC                  = 0x40603d07
+	PTP_PIN_SETFUNC2                 = 0x40603d10
+	PTP_SYS_OFFSET                   = 0x43403d05
+	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_PEEKMTETAGS               = 0x21
 	PTRACE_POKEMTETAGS               = 0x22
 	PTRACE_SYSEMU                    = 0x1f
@@ -272,6 +296,8 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -310,6 +336,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
index 28e39afdc..9b0a2573f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x80088a02
+	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -107,6 +109,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
+	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -152,9 +155,14 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
+	NS_GET_PID_FROM_PIDNS            = 0x8004b706
+	NS_GET_PID_IN_PIDNS              = 0x8004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
+	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -231,6 +239,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x80503d01
+	PTP_CLOCK_GETCAPS2               = 0x80503d0a
+	PTP_ENABLE_PPS                   = 0x40043d04
+	PTP_ENABLE_PPS2                  = 0x40043d0d
+	PTP_EXTTS_REQUEST                = 0x40103d02
+	PTP_EXTTS_REQUEST2               = 0x40103d0b
+	PTP_MASK_CLEAR_ALL               = 0x3d13
+	PTP_MASK_EN_SINGLE               = 0x40043d14
+	PTP_PEROUT_REQUEST               = 0x40383d03
+	PTP_PEROUT_REQUEST2              = 0x40383d0c
+	PTP_PIN_SETFUNC                  = 0x40603d07
+	PTP_PIN_SETFUNC2                 = 0x40603d10
+	PTP_SYS_OFFSET                   = 0x43403d05
+	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_SYSEMU                    = 0x1f
 	PTRACE_SYSEMU_SINGLESTEP         = 0x20
 	RLIMIT_AS                        = 0x9
@@ -269,6 +291,8 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -307,6 +331,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index cd66e92cb..958e6e064 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x80
+	EPIOCGPARAMS                     = 0x40088a02
+	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
+	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x100
@@ -148,9 +151,14 @@ const (
 	NFDBITS                          = 0x20
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
+	NS_GET_PID_FROM_PIDNS            = 0x4004b706
+	NS_GET_PID_IN_PIDNS              = 0x4004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
+	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -227,6 +235,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffff
+	PTP_CLOCK_GETCAPS                = 0x40503d01
+	PTP_CLOCK_GETCAPS2               = 0x40503d0a
+	PTP_ENABLE_PPS                   = 0x80043d04
+	PTP_ENABLE_PPS2                  = 0x80043d0d
+	PTP_EXTTS_REQUEST                = 0x80103d02
+	PTP_EXTTS_REQUEST2               = 0x80103d0b
+	PTP_MASK_CLEAR_ALL               = 0x20003d13
+	PTP_MASK_EN_SINGLE               = 0x80043d14
+	PTP_PEROUT_REQUEST               = 0x80383d03
+	PTP_PEROUT_REQUEST2              = 0x80383d0c
+	PTP_PIN_SETFUNC                  = 0x80603d07
+	PTP_PIN_SETFUNC2                 = 0x80603d10
+	PTP_SYS_OFFSET                   = 0x83403d05
+	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GET_THREAD_AREA           = 0x19
 	PTRACE_GET_THREAD_AREA_3264      = 0xc4
@@ -275,6 +297,8 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -313,6 +337,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index c1595eba7..50c7f25bd 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x80
+	EPIOCGPARAMS                     = 0x40088a02
+	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
+	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x100
@@ -148,9 +151,14 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
+	NS_GET_PID_FROM_PIDNS            = 0x4004b706
+	NS_GET_PID_IN_PIDNS              = 0x4004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
+	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -227,6 +235,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x40503d01
+	PTP_CLOCK_GETCAPS2               = 0x40503d0a
+	PTP_ENABLE_PPS                   = 0x80043d04
+	PTP_ENABLE_PPS2                  = 0x80043d0d
+	PTP_EXTTS_REQUEST                = 0x80103d02
+	PTP_EXTTS_REQUEST2               = 0x80103d0b
+	PTP_MASK_CLEAR_ALL               = 0x20003d13
+	PTP_MASK_EN_SINGLE               = 0x80043d14
+	PTP_PEROUT_REQUEST               = 0x80383d03
+	PTP_PEROUT_REQUEST2              = 0x80383d0c
+	PTP_PIN_SETFUNC                  = 0x80603d07
+	PTP_PIN_SETFUNC2                 = 0x80603d10
+	PTP_SYS_OFFSET                   = 0x83403d05
+	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GET_THREAD_AREA           = 0x19
 	PTRACE_GET_THREAD_AREA_3264      = 0xc4
@@ -275,6 +297,8 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -313,6 +337,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index ee9456b0d..ced21d66d 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x80
+	EPIOCGPARAMS                     = 0x40088a02
+	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
+	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x100
@@ -148,9 +151,14 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
+	NS_GET_PID_FROM_PIDNS            = 0x4004b706
+	NS_GET_PID_IN_PIDNS              = 0x4004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
+	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -227,6 +235,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x40503d01
+	PTP_CLOCK_GETCAPS2               = 0x40503d0a
+	PTP_ENABLE_PPS                   = 0x80043d04
+	PTP_ENABLE_PPS2                  = 0x80043d0d
+	PTP_EXTTS_REQUEST                = 0x80103d02
+	PTP_EXTTS_REQUEST2               = 0x80103d0b
+	PTP_MASK_CLEAR_ALL               = 0x20003d13
+	PTP_MASK_EN_SINGLE               = 0x80043d14
+	PTP_PEROUT_REQUEST               = 0x80383d03
+	PTP_PEROUT_REQUEST2              = 0x80383d0c
+	PTP_PIN_SETFUNC                  = 0x80603d07
+	PTP_PIN_SETFUNC2                 = 0x80603d10
+	PTP_SYS_OFFSET                   = 0x83403d05
+	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GET_THREAD_AREA           = 0x19
 	PTRACE_GET_THREAD_AREA_3264      = 0xc4
@@ -275,6 +297,8 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -313,6 +337,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index 8cfca81e1..226c04419 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x80
+	EPIOCGPARAMS                     = 0x40088a02
+	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
+	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x100
@@ -148,9 +151,14 @@ const (
 	NFDBITS                          = 0x20
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
+	NS_GET_PID_FROM_PIDNS            = 0x4004b706
+	NS_GET_PID_IN_PIDNS              = 0x4004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
+	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -227,6 +235,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffff
+	PTP_CLOCK_GETCAPS                = 0x40503d01
+	PTP_CLOCK_GETCAPS2               = 0x40503d0a
+	PTP_ENABLE_PPS                   = 0x80043d04
+	PTP_ENABLE_PPS2                  = 0x80043d0d
+	PTP_EXTTS_REQUEST                = 0x80103d02
+	PTP_EXTTS_REQUEST2               = 0x80103d0b
+	PTP_MASK_CLEAR_ALL               = 0x20003d13
+	PTP_MASK_EN_SINGLE               = 0x80043d14
+	PTP_PEROUT_REQUEST               = 0x80383d03
+	PTP_PEROUT_REQUEST2              = 0x80383d0c
+	PTP_PIN_SETFUNC                  = 0x80603d07
+	PTP_PIN_SETFUNC2                 = 0x80603d10
+	PTP_SYS_OFFSET                   = 0x83403d05
+	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GET_THREAD_AREA           = 0x19
 	PTRACE_GET_THREAD_AREA_3264      = 0xc4
@@ -275,6 +297,8 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -313,6 +337,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index 60b0deb3a..3122737cd 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x20
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x40088a02
+	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000000
 	FF1                              = 0x4000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
+	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x4000
 	ICANON                           = 0x100
 	IEXTEN                           = 0x400
@@ -150,9 +153,14 @@ const (
 	NL3                              = 0x300
 	NLDLY                            = 0x300
 	NOFLSH                           = 0x80000000
+	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
+	NS_GET_PID_FROM_PIDNS            = 0x4004b706
+	NS_GET_PID_IN_PIDNS              = 0x4004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
+	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x4
 	ONLCR                            = 0x2
@@ -230,6 +238,20 @@ const (
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PROT_SAO                         = 0x10
 	PR_SET_PTRACER_ANY               = 0xffffffff
+	PTP_CLOCK_GETCAPS                = 0x40503d01
+	PTP_CLOCK_GETCAPS2               = 0x40503d0a
+	PTP_ENABLE_PPS                   = 0x80043d04
+	PTP_ENABLE_PPS2                  = 0x80043d0d
+	PTP_EXTTS_REQUEST                = 0x80103d02
+	PTP_EXTTS_REQUEST2               = 0x80103d0b
+	PTP_MASK_CLEAR_ALL               = 0x20003d13
+	PTP_MASK_EN_SINGLE               = 0x80043d14
+	PTP_PEROUT_REQUEST               = 0x80383d03
+	PTP_PEROUT_REQUEST2              = 0x80383d0c
+	PTP_PIN_SETFUNC                  = 0x80603d07
+	PTP_PIN_SETFUNC2                 = 0x80603d10
+	PTP_SYS_OFFSET                   = 0x83403d05
+	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETEVRREGS                = 0x14
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETREGS64                 = 0x16
@@ -330,6 +352,8 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -368,6 +392,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index f90aa7281..eb5d3467e 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x20
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x40088a02
+	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000000
 	FF1                              = 0x4000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
+	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x4000
 	ICANON                           = 0x100
 	IEXTEN                           = 0x400
@@ -150,9 +153,14 @@ const (
 	NL3                              = 0x300
 	NLDLY                            = 0x300
 	NOFLSH                           = 0x80000000
+	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
+	NS_GET_PID_FROM_PIDNS            = 0x4004b706
+	NS_GET_PID_IN_PIDNS              = 0x4004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
+	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x4
 	ONLCR                            = 0x2
@@ -230,6 +238,20 @@ const (
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PROT_SAO                         = 0x10
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x40503d01
+	PTP_CLOCK_GETCAPS2               = 0x40503d0a
+	PTP_ENABLE_PPS                   = 0x80043d04
+	PTP_ENABLE_PPS2                  = 0x80043d0d
+	PTP_EXTTS_REQUEST                = 0x80103d02
+	PTP_EXTTS_REQUEST2               = 0x80103d0b
+	PTP_MASK_CLEAR_ALL               = 0x20003d13
+	PTP_MASK_EN_SINGLE               = 0x80043d14
+	PTP_PEROUT_REQUEST               = 0x80383d03
+	PTP_PEROUT_REQUEST2              = 0x80383d0c
+	PTP_PIN_SETFUNC                  = 0x80603d07
+	PTP_PIN_SETFUNC2                 = 0x80603d10
+	PTP_SYS_OFFSET                   = 0x83403d05
+	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETEVRREGS                = 0x14
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETREGS64                 = 0x16
@@ -334,6 +356,8 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -372,6 +396,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index ba9e01503..e921ebc60 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x20
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x40088a02
+	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000000
 	FF1                              = 0x4000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
+	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x4000
 	ICANON                           = 0x100
 	IEXTEN                           = 0x400
@@ -150,9 +153,14 @@ const (
 	NL3                              = 0x300
 	NLDLY                            = 0x300
 	NOFLSH                           = 0x80000000
+	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
+	NS_GET_PID_FROM_PIDNS            = 0x4004b706
+	NS_GET_PID_IN_PIDNS              = 0x4004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
+	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x4
 	ONLCR                            = 0x2
@@ -230,6 +238,20 @@ const (
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PROT_SAO                         = 0x10
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x40503d01
+	PTP_CLOCK_GETCAPS2               = 0x40503d0a
+	PTP_ENABLE_PPS                   = 0x80043d04
+	PTP_ENABLE_PPS2                  = 0x80043d0d
+	PTP_EXTTS_REQUEST                = 0x80103d02
+	PTP_EXTTS_REQUEST2               = 0x80103d0b
+	PTP_MASK_CLEAR_ALL               = 0x20003d13
+	PTP_MASK_EN_SINGLE               = 0x80043d14
+	PTP_PEROUT_REQUEST               = 0x80383d03
+	PTP_PEROUT_REQUEST2              = 0x80383d0c
+	PTP_PIN_SETFUNC                  = 0x80603d07
+	PTP_PIN_SETFUNC2                 = 0x80603d10
+	PTP_SYS_OFFSET                   = 0x83403d05
+	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETEVRREGS                = 0x14
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETREGS64                 = 0x16
@@ -334,6 +356,8 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -372,6 +396,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index 07cdfd6e9..38ba81c55 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x80088a02
+	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
+	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -148,9 +151,14 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
+	NS_GET_PID_FROM_PIDNS            = 0x8004b706
+	NS_GET_PID_IN_PIDNS              = 0x8004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
+	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -227,6 +235,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x80503d01
+	PTP_CLOCK_GETCAPS2               = 0x80503d0a
+	PTP_ENABLE_PPS                   = 0x40043d04
+	PTP_ENABLE_PPS2                  = 0x40043d0d
+	PTP_EXTTS_REQUEST                = 0x40103d02
+	PTP_EXTTS_REQUEST2               = 0x40103d0b
+	PTP_MASK_CLEAR_ALL               = 0x3d13
+	PTP_MASK_EN_SINGLE               = 0x40043d14
+	PTP_PEROUT_REQUEST               = 0x40383d03
+	PTP_PEROUT_REQUEST2              = 0x40383d0c
+	PTP_PIN_SETFUNC                  = 0x40603d07
+	PTP_PIN_SETFUNC2                 = 0x40603d10
+	PTP_SYS_OFFSET                   = 0x43403d05
+	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_GETFDPIC                  = 0x21
 	PTRACE_GETFDPIC_EXEC             = 0x0
 	PTRACE_GETFDPIC_INTERP           = 0x1
@@ -266,6 +288,8 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -304,6 +328,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 2f1dd214a..71f040097 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -78,6 +78,8 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
+	EPIOCGPARAMS                     = 0x80088a02
+	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -106,6 +108,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
+	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -148,9 +151,14 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
+	NS_GET_PID_FROM_PIDNS            = 0x8004b706
+	NS_GET_PID_IN_PIDNS              = 0x8004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
+	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -227,6 +235,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x80503d01
+	PTP_CLOCK_GETCAPS2               = 0x80503d0a
+	PTP_ENABLE_PPS                   = 0x40043d04
+	PTP_ENABLE_PPS2                  = 0x40043d0d
+	PTP_EXTTS_REQUEST                = 0x40103d02
+	PTP_EXTTS_REQUEST2               = 0x40103d0b
+	PTP_MASK_CLEAR_ALL               = 0x3d13
+	PTP_MASK_EN_SINGLE               = 0x40043d14
+	PTP_PEROUT_REQUEST               = 0x40383d03
+	PTP_PEROUT_REQUEST2              = 0x40383d0c
+	PTP_PIN_SETFUNC                  = 0x40603d07
+	PTP_PIN_SETFUNC2                 = 0x40603d10
+	PTP_SYS_OFFSET                   = 0x43403d05
+	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_DISABLE_TE                = 0x5010
 	PTRACE_ENABLE_TE                 = 0x5009
 	PTRACE_GET_LAST_BREAK            = 0x5006
@@ -338,6 +360,8 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
+	SCM_DEVMEM_DMABUF                = 0x4f
+	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -376,6 +400,9 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
+	SO_DEVMEM_DMABUF                 = 0x4f
+	SO_DEVMEM_DONTNEED               = 0x50
+	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index f40519d90..c44a31332 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -82,6 +82,8 @@ const (
 	EFD_CLOEXEC                      = 0x400000
 	EFD_NONBLOCK                     = 0x4000
 	EMT_TAGOVF                       = 0x1
+	EPIOCGPARAMS                     = 0x40088a02
+	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x400000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -110,6 +112,7 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
+	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -153,9 +156,14 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
+	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
+	NS_GET_PID_FROM_PIDNS            = 0x4004b706
+	NS_GET_PID_IN_PIDNS              = 0x4004b708
+	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
+	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -232,6 +240,20 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
+	PTP_CLOCK_GETCAPS                = 0x40503d01
+	PTP_CLOCK_GETCAPS2               = 0x40503d0a
+	PTP_ENABLE_PPS                   = 0x80043d04
+	PTP_ENABLE_PPS2                  = 0x80043d0d
+	PTP_EXTTS_REQUEST                = 0x80103d02
+	PTP_EXTTS_REQUEST2               = 0x80103d0b
+	PTP_MASK_CLEAR_ALL               = 0x20003d13
+	PTP_MASK_EN_SINGLE               = 0x80043d14
+	PTP_PEROUT_REQUEST               = 0x80383d03
+	PTP_PEROUT_REQUEST2              = 0x80383d0c
+	PTP_PIN_SETFUNC                  = 0x80603d07
+	PTP_PIN_SETFUNC2                 = 0x80603d10
+	PTP_SYS_OFFSET                   = 0x83403d05
+	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPAREGS                = 0x14
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETFPREGS64               = 0x19
@@ -329,6 +351,8 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
+	SCM_DEVMEM_DMABUF                = 0x58
+	SCM_DEVMEM_LINEAR                = 0x57
 	SCM_TIMESTAMPING                 = 0x23
 	SCM_TIMESTAMPING_OPT_STATS       = 0x38
 	SCM_TIMESTAMPING_PKTINFO         = 0x3c
@@ -415,6 +439,9 @@ const (
 	SO_CNX_ADVICE                    = 0x37
 	SO_COOKIE                        = 0x3b
 	SO_DETACH_REUSEPORT_BPF          = 0x47
+	SO_DEVMEM_DMABUF                 = 0x58
+	SO_DEVMEM_DONTNEED               = 0x59
+	SO_DEVMEM_LINEAR                 = 0x57
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
index 4dfd2e051..1ec2b1407 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
@@ -10,41 +10,99 @@
 package unix
 
 const (
-	BRKINT                          = 0x0001
-	CLOCK_MONOTONIC                 = 0x1
-	CLOCK_PROCESS_CPUTIME_ID        = 0x2
-	CLOCK_REALTIME                  = 0x0
-	CLOCK_THREAD_CPUTIME_ID         = 0x3
-	CS8                             = 0x0030
-	CSIZE                           = 0x0030
-	ECHO                            = 0x00000008
-	ECHONL                          = 0x00000001
-	FD_CLOEXEC                      = 0x01
-	FD_CLOFORK                      = 0x02
-	FNDELAY                         = 0x04
-	F_CLOSFD                        = 9
-	F_CONTROL_CVT                   = 13
-	F_DUPFD                         = 0
-	F_DUPFD2                        = 8
-	F_GETFD                         = 1
-	F_GETFL                         = 259
-	F_GETLK                         = 5
-	F_GETOWN                        = 10
-	F_OK                            = 0x0
-	F_RDLCK                         = 1
-	F_SETFD                         = 2
-	F_SETFL                         = 4
-	F_SETLK                         = 6
-	F_SETLKW                        = 7
-	F_SETOWN                        = 11
-	F_SETTAG                        = 12
-	F_UNLCK                         = 3
-	F_WRLCK                         = 2
-	FSTYPE_ZFS                      = 0xe9 //"Z"
-	FSTYPE_HFS                      = 0xc8 //"H"
-	FSTYPE_NFS                      = 0xd5 //"N"
-	FSTYPE_TFS                      = 0xe3 //"T"
-	FSTYPE_AUTOMOUNT                = 0xc1 //"A"
+	BRKINT                   = 0x0001
+	CLOCAL                   = 0x1
+	CLOCK_MONOTONIC          = 0x1
+	CLOCK_PROCESS_CPUTIME_ID = 0x2
+	CLOCK_REALTIME           = 0x0
+	CLOCK_THREAD_CPUTIME_ID  = 0x3
+	CLONE_NEWIPC             = 0x08000000
+	CLONE_NEWNET             = 0x40000000
+	CLONE_NEWNS              = 0x00020000
+	CLONE_NEWPID             = 0x20000000
+	CLONE_NEWUTS             = 0x04000000
+	CLONE_PARENT             = 0x00008000
+	CS8                      = 0x0030
+	CSIZE                    = 0x0030
+	ECHO                     = 0x00000008
+	ECHONL                   = 0x00000001
+	EFD_SEMAPHORE            = 0x00002000
+	EFD_CLOEXEC              = 0x00001000
+	EFD_NONBLOCK             = 0x00000004
+	EPOLL_CLOEXEC            = 0x00001000
+	EPOLL_CTL_ADD            = 0
+	EPOLL_CTL_MOD            = 1
+	EPOLL_CTL_DEL            = 2
+	EPOLLRDNORM              = 0x0001
+	EPOLLRDBAND              = 0x0002
+	EPOLLIN                  = 0x0003
+	EPOLLOUT                 = 0x0004
+	EPOLLWRBAND              = 0x0008
+	EPOLLPRI                 = 0x0010
+	EPOLLERR                 = 0x0020
+	EPOLLHUP                 = 0x0040
+	EPOLLEXCLUSIVE           = 0x20000000
+	EPOLLONESHOT             = 0x40000000
+	FD_CLOEXEC               = 0x01
+	FD_CLOFORK               = 0x02
+	FD_SETSIZE               = 0x800
+	FNDELAY                  = 0x04
+	F_CLOSFD                 = 9
+	F_CONTROL_CVT            = 13
+	F_DUPFD                  = 0
+	F_DUPFD2                 = 8
+	F_GETFD                  = 1
+	F_GETFL                  = 259
+	F_GETLK                  = 5
+	F_GETOWN                 = 10
+	F_OK                     = 0x0
+	F_RDLCK                  = 1
+	F_SETFD                  = 2
+	F_SETFL                  = 4
+	F_SETLK                  = 6
+	F_SETLKW                 = 7
+	F_SETOWN                 = 11
+	F_SETTAG                 = 12
+	F_UNLCK                  = 3
+	F_WRLCK                  = 2
+	FSTYPE_ZFS               = 0xe9 //"Z"
+	FSTYPE_HFS               = 0xc8 //"H"
+	FSTYPE_NFS               = 0xd5 //"N"
+	FSTYPE_TFS               = 0xe3 //"T"
+	FSTYPE_AUTOMOUNT         = 0xc1 //"A"
+	GRND_NONBLOCK            = 1
+	GRND_RANDOM              = 2
+	HUPCL                    = 0x0100 // Hang up on last close
+	IN_CLOEXEC               = 0x00001000
+	IN_NONBLOCK              = 0x00000004
+	IN_ACCESS                = 0x00000001
+	IN_MODIFY                = 0x00000002
+	IN_ATTRIB                = 0x00000004
+	IN_CLOSE_WRITE           = 0x00000008
+	IN_CLOSE_NOWRITE         = 0x00000010
+	IN_OPEN                  = 0x00000020
+	IN_MOVED_FROM            = 0x00000040
+	IN_MOVED_TO              = 0x00000080
+	IN_CREATE                = 0x00000100
+	IN_DELETE                = 0x00000200
+	IN_DELETE_SELF           = 0x00000400
+	IN_MOVE_SELF             = 0x00000800
+	IN_UNMOUNT               = 0x00002000
+	IN_Q_OVERFLOW            = 0x00004000
+	IN_IGNORED               = 0x00008000
+	IN_CLOSE                 = (IN_CLOSE_WRITE | IN_CLOSE_NOWRITE)
+	IN_MOVE                  = (IN_MOVED_FROM | IN_MOVED_TO)
+	IN_ALL_EVENTS            = (IN_ACCESS | IN_MODIFY | IN_ATTRIB |
+		IN_CLOSE | IN_OPEN | IN_MOVE |
+		IN_CREATE | IN_DELETE | IN_DELETE_SELF |
+		IN_MOVE_SELF)
+	IN_ONLYDIR                      = 0x01000000
+	IN_DONT_FOLLOW                  = 0x02000000
+	IN_EXCL_UNLINK                  = 0x04000000
+	IN_MASK_CREATE                  = 0x10000000
+	IN_MASK_ADD                     = 0x20000000
+	IN_ISDIR                        = 0x40000000
+	IN_ONESHOT                      = 0x80000000
 	IP6F_MORE_FRAG                  = 0x0001
 	IP6F_OFF_MASK                   = 0xfff8
 	IP6F_RESERVED_MASK              = 0x0006
@@ -152,10 +210,18 @@ const (
 	IP_PKTINFO                      = 101
 	IP_RECVPKTINFO                  = 102
 	IP_TOS                          = 2
-	IP_TTL                          = 3
+	IP_TTL                          = 14
 	IP_UNBLOCK_SOURCE               = 11
+	ICMP6_FILTER                    = 1
+	MCAST_INCLUDE                   = 0
+	MCAST_EXCLUDE                   = 1
+	MCAST_JOIN_GROUP                = 40
+	MCAST_LEAVE_GROUP               = 41
+	MCAST_JOIN_SOURCE_GROUP         = 42
+	MCAST_LEAVE_SOURCE_GROUP        = 43
+	MCAST_BLOCK_SOURCE              = 44
+	MCAST_UNBLOCK_SOURCE            = 46
 	ICANON                          = 0x0010
-	ICMP6_FILTER                    = 0x26
 	ICRNL                           = 0x0002
 	IEXTEN                          = 0x0020
 	IGNBRK                          = 0x0004
@@ -165,10 +231,10 @@ const (
 	ISTRIP                          = 0x0080
 	IXON                            = 0x0200
 	IXOFF                           = 0x0100
-	LOCK_SH                         = 0x1 // Not exist on zOS
-	LOCK_EX                         = 0x2 // Not exist on zOS
-	LOCK_NB                         = 0x4 // Not exist on zOS
-	LOCK_UN                         = 0x8 // Not exist on zOS
+	LOCK_SH                         = 0x1
+	LOCK_EX                         = 0x2
+	LOCK_NB                         = 0x4
+	LOCK_UN                         = 0x8
 	POLLIN                          = 0x0003
 	POLLOUT                         = 0x0004
 	POLLPRI                         = 0x0010
@@ -182,15 +248,29 @@ const (
 	MAP_PRIVATE                     = 0x1 // changes are private
 	MAP_SHARED                      = 0x2 // changes are shared
 	MAP_FIXED                       = 0x4 // place exactly
-	MCAST_JOIN_GROUP                = 40
-	MCAST_LEAVE_GROUP               = 41
-	MCAST_JOIN_SOURCE_GROUP         = 42
-	MCAST_LEAVE_SOURCE_GROUP        = 43
-	MCAST_BLOCK_SOURCE              = 44
-	MCAST_UNBLOCK_SOURCE            = 45
+	__MAP_MEGA                      = 0x8
+	__MAP_64                        = 0x10
+	MAP_ANON                        = 0x20
+	MAP_ANONYMOUS                   = 0x20
 	MS_SYNC                         = 0x1 // msync - synchronous writes
 	MS_ASYNC                        = 0x2 // asynchronous writes
 	MS_INVALIDATE                   = 0x4 // invalidate mappings
+	MS_BIND                         = 0x00001000
+	MS_MOVE                         = 0x00002000
+	MS_NOSUID                       = 0x00000002
+	MS_PRIVATE                      = 0x00040000
+	MS_REC                          = 0x00004000
+	MS_REMOUNT                      = 0x00008000
+	MS_RDONLY                       = 0x00000001
+	MS_UNBINDABLE                   = 0x00020000
+	MNT_DETACH                      = 0x00000004
+	ZOSDSFS_SUPER_MAGIC             = 0x44534653 // zOS DSFS
+	NFS_SUPER_MAGIC                 = 0x6969     // NFS
+	NSFS_MAGIC                      = 0x6e736673 // PROCNS
+	PROC_SUPER_MAGIC                = 0x9fa0     // proc FS
+	ZOSTFS_SUPER_MAGIC              = 0x544653   // zOS TFS
+	ZOSUFS_SUPER_MAGIC              = 0x554653   // zOS UFS
+	ZOSZFS_SUPER_MAGIC              = 0x5A4653   // zOS ZFS
 	MTM_RDONLY                      = 0x80000000
 	MTM_RDWR                        = 0x40000000
 	MTM_UMOUNT                      = 0x10000000
@@ -205,13 +285,20 @@ const (
 	MTM_REMOUNT                     = 0x00000100
 	MTM_NOSECURITY                  = 0x00000080
 	NFDBITS                         = 0x20
+	ONLRET                          = 0x0020 // NL performs CR function
 	O_ACCMODE                       = 0x03
 	O_APPEND                        = 0x08
 	O_ASYNCSIG                      = 0x0200
 	O_CREAT                         = 0x80
+	O_DIRECT                        = 0x00002000
+	O_NOFOLLOW                      = 0x00004000
+	O_DIRECTORY                     = 0x00008000
+	O_PATH                          = 0x00080000
+	O_CLOEXEC                       = 0x00001000
 	O_EXCL                          = 0x40
 	O_GETFL                         = 0x0F
 	O_LARGEFILE                     = 0x0400
+	O_NDELAY                        = 0x4
 	O_NONBLOCK                      = 0x04
 	O_RDONLY                        = 0x02
 	O_RDWR                          = 0x03
@@ -248,6 +335,7 @@ const (
 	AF_IUCV                         = 17
 	AF_LAT                          = 14
 	AF_LINK                         = 18
+	AF_LOCAL                        = AF_UNIX // AF_LOCAL is an alias for AF_UNIX
 	AF_MAX                          = 30
 	AF_NBS                          = 7
 	AF_NDD                          = 23
@@ -285,15 +373,33 @@ const (
 	RLIMIT_AS                       = 5
 	RLIMIT_NOFILE                   = 6
 	RLIMIT_MEMLIMIT                 = 7
+	RLIMIT_MEMLOCK                  = 0x8
 	RLIM_INFINITY                   = 2147483647
+	SCHED_FIFO                      = 0x2
+	SCM_CREDENTIALS                 = 0x2
 	SCM_RIGHTS                      = 0x01
 	SF_CLOSE                        = 0x00000002
 	SF_REUSE                        = 0x00000001
+	SHM_RND                         = 0x2
+	SHM_RDONLY                      = 0x1
+	SHMLBA                          = 0x1000
+	IPC_STAT                        = 0x3
+	IPC_SET                         = 0x2
+	IPC_RMID                        = 0x1
+	IPC_PRIVATE                     = 0x0
+	IPC_CREAT                       = 0x1000000
+	__IPC_MEGA                      = 0x4000000
+	__IPC_SHAREAS                   = 0x20000000
+	__IPC_BELOWBAR                  = 0x10000000
+	IPC_EXCL                        = 0x2000000
+	__IPC_GIGA                      = 0x8000000
 	SHUT_RD                         = 0
 	SHUT_RDWR                       = 2
 	SHUT_WR                         = 1
+	SOCK_CLOEXEC                    = 0x00001000
 	SOCK_CONN_DGRAM                 = 6
 	SOCK_DGRAM                      = 2
+	SOCK_NONBLOCK                   = 0x800
 	SOCK_RAW                        = 3
 	SOCK_RDM                        = 4
 	SOCK_SEQPACKET                  = 5
@@ -378,8 +484,6 @@ const (
 	S_IFMST                         = 0x00FF0000
 	TCP_KEEPALIVE                   = 0x8
 	TCP_NODELAY                     = 0x1
-	TCP_INFO                        = 0xb
-	TCP_USER_TIMEOUT                = 0x1
 	TIOCGWINSZ                      = 0x4008a368
 	TIOCSWINSZ                      = 0x8008a367
 	TIOCSBRK                        = 0x2000a77b
@@ -427,7 +531,10 @@ const (
 	VSUSP                           = 9
 	VTIME                           = 10
 	WCONTINUED                      = 0x4
+	WEXITED                         = 0x8
 	WNOHANG                         = 0x1
+	WNOWAIT                         = 0x20
+	WSTOPPED                        = 0x10
 	WUNTRACED                       = 0x2
 	_BPX_SWAP                       = 1
 	_BPX_NONSWAP                    = 2
@@ -452,8 +559,30 @@ const (
 	MADV_FREE                       = 15 // for Linux compatibility -- no zos semantics
 	MADV_WIPEONFORK                 = 16 // for Linux compatibility -- no zos semantics
 	MADV_KEEPONFORK                 = 17 // for Linux compatibility -- no zos semantics
-	AT_SYMLINK_NOFOLLOW             = 1  // for Unix  compatibility -- no zos semantics
-	AT_FDCWD                        = 2  // for Unix  compatibility -- no zos semantics
+	AT_SYMLINK_FOLLOW               = 0x400
+	AT_SYMLINK_NOFOLLOW             = 0x100
+	XATTR_CREATE                    = 0x1
+	XATTR_REPLACE                   = 0x2
+	P_PID                           = 0
+	P_PGID                          = 1
+	P_ALL                           = 2
+	PR_SET_NAME                     = 15
+	PR_GET_NAME                     = 16
+	PR_SET_NO_NEW_PRIVS             = 38
+	PR_GET_NO_NEW_PRIVS             = 39
+	PR_SET_DUMPABLE                 = 4
+	PR_GET_DUMPABLE                 = 3
+	PR_SET_PDEATHSIG                = 1
+	PR_GET_PDEATHSIG                = 2
+	PR_SET_CHILD_SUBREAPER          = 36
+	PR_GET_CHILD_SUBREAPER          = 37
+	AT_FDCWD                        = -100
+	AT_EACCESS                      = 0x200
+	AT_EMPTY_PATH                   = 0x1000
+	AT_REMOVEDIR                    = 0x200
+	RENAME_NOREPLACE                = 1 << 0
+	ST_RDONLY                       = 1
+	ST_NOSUID                       = 2
 )
 
 const (
@@ -476,6 +605,7 @@ const (
 	EMLINK             = Errno(125)
 	ENAMETOOLONG       = Errno(126)
 	ENFILE             = Errno(127)
+	ENOATTR            = Errno(265)
 	ENODEV             = Errno(128)
 	ENOENT             = Errno(129)
 	ENOEXEC            = Errno(130)
@@ -700,7 +830,7 @@ var errorList = [...]struct {
 	{145, "EDC5145I", "The parameter list is too long, or the message to receive was too large for the buffer."},
 	{146, "EDC5146I", "Too many levels of symbolic links."},
 	{147, "EDC5147I", "Illegal byte sequence."},
-	{148, "", ""},
+	{148, "EDC5148I", "The named attribute or data not available."},
 	{149, "EDC5149I", "Value Overflow Error."},
 	{150, "EDC5150I", "UNIX System Services is not active."},
 	{151, "EDC5151I", "Dynamic allocation error."},
@@ -743,6 +873,7 @@ var errorList = [...]struct {
 	{259, "EDC5259I", "A CUN_RS_NO_CONVERSION error was issued by Unicode Services."},
 	{260, "EDC5260I", "A CUN_RS_TABLE_NOT_ALIGNED error was issued by Unicode Services."},
 	{262, "EDC5262I", "An iconv() function encountered an unexpected error while using Unicode Services."},
+	{265, "EDC5265I", "The named attribute not available."},
 	{1000, "EDC8000I", "A bad socket-call constant was found in the IUCV header."},
 	{1001, "EDC8001I", "An error was found in the IUCV header."},
 	{1002, "EDC8002I", "A socket descriptor is out of range."},
diff --git a/vendor/golang.org/x/sys/unix/zsymaddr_zos_s390x.s b/vendor/golang.org/x/sys/unix/zsymaddr_zos_s390x.s
new file mode 100644
index 000000000..b77ff5db9
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/zsymaddr_zos_s390x.s
@@ -0,0 +1,364 @@
+// go run mksyscall_zos_s390x.go -o_sysnum zsysnum_zos_s390x.go -o_syscall zsyscall_zos_s390x.go -i_syscall syscall_zos_s390x.go -o_asm zsymaddr_zos_s390x.s
+// Code generated by the command above; see README.md. DO NOT EDIT.
+
+//go:build zos && s390x
+#include "textflag.h"
+
+//  provide the address of function variable to be fixed up.
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FlistxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Flistxattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FremovexattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Fremovexattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FgetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Fgetxattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FsetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Fsetxattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_accept4Addr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·accept4(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_RemovexattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Removexattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_Dup3Addr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Dup3(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_DirfdAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Dirfd(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_EpollCreateAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·EpollCreate(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_EpollCreate1Addr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·EpollCreate1(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_EpollCtlAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·EpollCtl(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_EpollPwaitAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·EpollPwait(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_EpollWaitAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·EpollWait(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_EventfdAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Eventfd(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FaccessatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Faccessat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FchmodatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Fchmodat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FchownatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Fchownat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FdatasyncAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Fdatasync(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_fstatatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·fstatat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_LgetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Lgetxattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_LsetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Lsetxattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FstatfsAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Fstatfs(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FutimesAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Futimes(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_FutimesatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Futimesat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_GetrandomAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Getrandom(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_InotifyInitAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·InotifyInit(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_InotifyInit1Addr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·InotifyInit1(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_InotifyAddWatchAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·InotifyAddWatch(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_InotifyRmWatchAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·InotifyRmWatch(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_ListxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Listxattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_LlistxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Llistxattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_LremovexattrAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Lremovexattr(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_LutimesAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Lutimes(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_StatfsAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Statfs(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_SyncfsAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Syncfs(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_UnshareAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Unshare(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_LinkatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Linkat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_MkdiratAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Mkdirat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_MknodatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Mknodat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_PivotRootAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·PivotRoot(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_PrctlAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Prctl(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_PrlimitAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Prlimit(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_RenameatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Renameat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_Renameat2Addr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Renameat2(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_SethostnameAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Sethostname(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_SetnsAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Setns(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_SymlinkatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Symlinkat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_UnlinkatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·Unlinkat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_openatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·openat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_openat2Addr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·openat2(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+TEXT ·get_utimensatAddr(SB), NOSPLIT|NOFRAME, $0-8
+	MOVD $·utimensat(SB), R8
+	MOVD R8, ret+0(FP)
+	RET
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
index ccb02f240..24b346e1a 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
@@ -740,6 +740,54 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func renamexNp(from string, to string, flag uint32) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(from)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(to)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall(libc_renamex_np_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flag))
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_renamex_np_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_renamex_np renamex_np "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func renameatxNp(fromfd int, from string, tofd int, to string, flag uint32) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(from)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(to)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(libc_renameatx_np_trampoline_addr, uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), uintptr(flag), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_renameatx_np_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_renameatx_np renameatx_np "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
 	var _p0 unsafe.Pointer
 	if len(mib) > 0 {
@@ -760,6 +808,59 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func pthread_chdir_np(path string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall(libc_pthread_chdir_np_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pthread_chdir_np_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pthread_chdir_np pthread_chdir_np "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pthread_fchdir_np(fd int) (err error) {
+	_, _, e1 := syscall_syscall(libc_pthread_fchdir_np_trampoline_addr, uintptr(fd), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pthread_fchdir_np_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pthread_fchdir_np pthread_fchdir_np "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func connectx(fd int, endpoints *SaEndpoints, associd SaeAssocID, flags uint32, iov []Iovec, n *uintptr, connid *SaeConnID) (err error) {
+	var _p0 unsafe.Pointer
+	if len(iov) > 0 {
+		_p0 = unsafe.Pointer(&iov[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	_, _, e1 := syscall_syscall9(libc_connectx_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(endpoints)), uintptr(associd), uintptr(flags), uintptr(_p0), uintptr(len(iov)), uintptr(unsafe.Pointer(n)), uintptr(unsafe.Pointer(connid)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_connectx_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_connectx connectx "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error) {
 	_, _, e1 := syscall_syscall6(libc_sendfile_trampoline_addr, uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
index 8b8bb2840..ebd213100 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
@@ -223,11 +223,36 @@ TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ioctl_trampoline_addr(SB)/8, $libc_ioctl_trampoline<>(SB)
 
+TEXT libc_renamex_np_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_renamex_np(SB)
+GLOBL	·libc_renamex_np_trampoline_addr(SB), RODATA, $8
+DATA	·libc_renamex_np_trampoline_addr(SB)/8, $libc_renamex_np_trampoline<>(SB)
+
+TEXT libc_renameatx_np_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_renameatx_np(SB)
+GLOBL	·libc_renameatx_np_trampoline_addr(SB), RODATA, $8
+DATA	·libc_renameatx_np_trampoline_addr(SB)/8, $libc_renameatx_np_trampoline<>(SB)
+
 TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sysctl(SB)
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
+TEXT libc_pthread_chdir_np_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pthread_chdir_np(SB)
+GLOBL	·libc_pthread_chdir_np_trampoline_addr(SB), RODATA, $8
+DATA	·libc_pthread_chdir_np_trampoline_addr(SB)/8, $libc_pthread_chdir_np_trampoline<>(SB)
+
+TEXT libc_pthread_fchdir_np_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pthread_fchdir_np(SB)
+GLOBL	·libc_pthread_fchdir_np_trampoline_addr(SB), RODATA, $8
+DATA	·libc_pthread_fchdir_np_trampoline_addr(SB)/8, $libc_pthread_fchdir_np_trampoline<>(SB)
+
+TEXT libc_connectx_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_connectx(SB)
+GLOBL	·libc_connectx_trampoline_addr(SB), RODATA, $8
+DATA	·libc_connectx_trampoline_addr(SB)/8, $libc_connectx_trampoline<>(SB)
+
 TEXT libc_sendfile_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendfile(SB)
 GLOBL	·libc_sendfile_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
index 1b40b997b..824b9c2d5 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
@@ -740,6 +740,54 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func renamexNp(from string, to string, flag uint32) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(from)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(to)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall(libc_renamex_np_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flag))
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_renamex_np_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_renamex_np renamex_np "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func renameatxNp(fromfd int, from string, tofd int, to string, flag uint32) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(from)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(to)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(libc_renameatx_np_trampoline_addr, uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), uintptr(flag), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_renameatx_np_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_renameatx_np renameatx_np "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
 	var _p0 unsafe.Pointer
 	if len(mib) > 0 {
@@ -760,6 +808,59 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func pthread_chdir_np(path string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall(libc_pthread_chdir_np_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pthread_chdir_np_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pthread_chdir_np pthread_chdir_np "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pthread_fchdir_np(fd int) (err error) {
+	_, _, e1 := syscall_syscall(libc_pthread_fchdir_np_trampoline_addr, uintptr(fd), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_pthread_fchdir_np_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pthread_fchdir_np pthread_fchdir_np "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func connectx(fd int, endpoints *SaEndpoints, associd SaeAssocID, flags uint32, iov []Iovec, n *uintptr, connid *SaeConnID) (err error) {
+	var _p0 unsafe.Pointer
+	if len(iov) > 0 {
+		_p0 = unsafe.Pointer(&iov[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	_, _, e1 := syscall_syscall9(libc_connectx_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(endpoints)), uintptr(associd), uintptr(flags), uintptr(_p0), uintptr(len(iov)), uintptr(unsafe.Pointer(n)), uintptr(unsafe.Pointer(connid)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_connectx_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_connectx connectx "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error) {
 	_, _, e1 := syscall_syscall6(libc_sendfile_trampoline_addr, uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
index 08362c1ab..4f178a229 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
@@ -223,11 +223,36 @@ TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ioctl_trampoline_addr(SB)/8, $libc_ioctl_trampoline<>(SB)
 
+TEXT libc_renamex_np_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_renamex_np(SB)
+GLOBL	·libc_renamex_np_trampoline_addr(SB), RODATA, $8
+DATA	·libc_renamex_np_trampoline_addr(SB)/8, $libc_renamex_np_trampoline<>(SB)
+
+TEXT libc_renameatx_np_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_renameatx_np(SB)
+GLOBL	·libc_renameatx_np_trampoline_addr(SB), RODATA, $8
+DATA	·libc_renameatx_np_trampoline_addr(SB)/8, $libc_renameatx_np_trampoline<>(SB)
+
 TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sysctl(SB)
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
+TEXT libc_pthread_chdir_np_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pthread_chdir_np(SB)
+GLOBL	·libc_pthread_chdir_np_trampoline_addr(SB), RODATA, $8
+DATA	·libc_pthread_chdir_np_trampoline_addr(SB)/8, $libc_pthread_chdir_np_trampoline<>(SB)
+
+TEXT libc_pthread_fchdir_np_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_pthread_fchdir_np(SB)
+GLOBL	·libc_pthread_fchdir_np_trampoline_addr(SB), RODATA, $8
+DATA	·libc_pthread_fchdir_np_trampoline_addr(SB)/8, $libc_pthread_fchdir_np_trampoline<>(SB)
+
+TEXT libc_connectx_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_connectx(SB)
+GLOBL	·libc_connectx_trampoline_addr(SB), RODATA, $8
+DATA	·libc_connectx_trampoline_addr(SB)/8, $libc_connectx_trampoline<>(SB)
+
 TEXT libc_sendfile_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendfile(SB)
 GLOBL	·libc_sendfile_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 87d8612a1..5cc1e8eb2 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -592,6 +592,16 @@ func ClockGettime(clockid int32, time *Timespec) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func ClockSettime(clockid int32, time *Timespec) (err error) {
+	_, _, e1 := Syscall(SYS_CLOCK_SETTIME, uintptr(clockid), uintptr(unsafe.Pointer(time)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func ClockNanosleep(clockid int32, flags int, request *Timespec, remain *Timespec) (err error) {
 	_, _, e1 := Syscall6(SYS_CLOCK_NANOSLEEP, uintptr(clockid), uintptr(flags), uintptr(unsafe.Pointer(request)), uintptr(unsafe.Pointer(remain)), 0, 0)
 	if e1 != 0 {
@@ -971,23 +981,6 @@ func Getpriority(which int, who int) (prio int, err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Getrandom(buf []byte, flags int) (n int, err error) {
-	var _p0 unsafe.Pointer
-	if len(buf) > 0 {
-		_p0 = unsafe.Pointer(&buf[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	r0, _, e1 := Syscall(SYS_GETRANDOM, uintptr(_p0), uintptr(len(buf)), uintptr(flags))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Getrusage(who int, rusage *Rusage) (err error) {
 	_, _, e1 := RawSyscall(SYS_GETRUSAGE, uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
 	if e1 != 0 {
@@ -2229,3 +2222,19 @@ func Cachestat(fd uint, crange *CachestatRange, cstat *Cachestat_t, flags uint)
 	}
 	return
 }
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Mseal(b []byte, flags uint) (err error) {
+	var _p0 unsafe.Pointer
+	if len(b) > 0 {
+		_p0 = unsafe.Pointer(&b[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	_, _, e1 := Syscall(SYS_MSEAL, uintptr(_p0), uintptr(len(b)), uintptr(flags))
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
index 9dc42410b..1851df14e 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
@@ -1493,6 +1493,30 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(fsType)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(dir)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_mount_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_mount mount "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
index 41b561731..0b43c6936 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
@@ -463,6 +463,11 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $4
 DATA	·libc_mknodat_trampoline_addr(SB)/4, $libc_mknodat_trampoline<>(SB)
 
+TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_mount(SB)
+GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $4
+DATA	·libc_mount_trampoline_addr(SB)/4, $libc_mount_trampoline<>(SB)
+
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $4
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
index 0d3a0751c..e1ec0dbe4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
@@ -1493,6 +1493,30 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(fsType)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(dir)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_mount_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_mount mount "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
index 4019a656f..880c6d6e3 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
@@ -463,6 +463,11 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
+TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_mount(SB)
+GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
+DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
+
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
index c39f7776d..7c8452a63 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
@@ -1493,6 +1493,30 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(fsType)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(dir)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_mount_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_mount mount "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
index ac4af24f9..b8ef95b0f 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
@@ -463,6 +463,11 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $4
 DATA	·libc_mknodat_trampoline_addr(SB)/4, $libc_mknodat_trampoline<>(SB)
 
+TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_mount(SB)
+GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $4
+DATA	·libc_mount_trampoline_addr(SB)/4, $libc_mount_trampoline<>(SB)
+
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $4
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
index 57571d072..2ffdf861f 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
@@ -1493,6 +1493,30 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(fsType)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(dir)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_mount_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_mount mount "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
index f77d53212..2af3b5c76 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
@@ -463,6 +463,11 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
+TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_mount(SB)
+GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
+DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
+
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
index e62963e67..1da08d526 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
@@ -1493,6 +1493,30 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(fsType)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(dir)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_mount_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_mount mount "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
index fae140b62..b7a251353 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
@@ -463,6 +463,11 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
+TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_mount(SB)
+GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
+DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
+
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
index 00831354c..6e85b0aac 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
@@ -1493,6 +1493,30 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(fsType)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(dir)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_mount_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_mount mount "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
index 9d1e0ff06..f15dadf05 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
@@ -555,6 +555,12 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
+TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
+	CALL	libc_mount(SB)
+	RET
+GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
+DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
+
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	CALL	libc_nanosleep(SB)
 	RET
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
index 79029ed58..28b487df2 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
@@ -1493,6 +1493,30 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(fsType)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(dir)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+var libc_mount_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_mount mount "libc.so"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
index da115f9a4..1e7f321e4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
@@ -463,6 +463,11 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
+TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
+	JMP	libc_mount(SB)
+GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
+DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
+
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
index 94f011238..7ccf66b7e 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
@@ -1,4 +1,4 @@
-// go run mksyscall.go -tags zos,s390x syscall_zos_s390x.go
+// go run mksyscall_zos_s390x.go -o_sysnum zsysnum_zos_s390x.go -o_syscall zsyscall_zos_s390x.go -i_syscall syscall_zos_s390x.go -o_asm zsymaddr_zos_s390x.s
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build zos && s390x
@@ -6,17 +6,100 @@
 package unix
 
 import (
+	"runtime"
+	"syscall"
 	"unsafe"
 )
 
+var _ syscall.Errno
+
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func fcntl(fd int, cmd int, arg int) (val int, err error) {
-	r0, _, e1 := syscall_syscall(SYS_FCNTL, uintptr(fd), uintptr(cmd), uintptr(arg))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCNTL<<4, uintptr(fd), uintptr(cmd), uintptr(arg))
+	runtime.ExitSyscall()
 	val = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Flistxattr(fd int, dest []byte) (sz int, err error) {
+	var _p0 unsafe.Pointer
+	if len(dest) > 0 {
+		_p0 = unsafe.Pointer(&dest[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FLISTXATTR_A<<4, uintptr(fd), uintptr(_p0), uintptr(len(dest)))
+	runtime.ExitSyscall()
+	sz = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_FlistxattrAddr() *(func(fd int, dest []byte) (sz int, err error))
+
+var Flistxattr = enter_Flistxattr
+
+func enter_Flistxattr(fd int, dest []byte) (sz int, err error) {
+	funcref := get_FlistxattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___FLISTXATTR_A<<4, "") == 0 {
+		*funcref = impl_Flistxattr
+	} else {
+		*funcref = error_Flistxattr
+	}
+	return (*funcref)(fd, dest)
+}
+
+func error_Flistxattr(fd int, dest []byte) (sz int, err error) {
+	sz = -1
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Fremovexattr(fd int, attr string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(attr)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FREMOVEXATTR_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_FremovexattrAddr() *(func(fd int, attr string) (err error))
+
+var Fremovexattr = enter_Fremovexattr
+
+func enter_Fremovexattr(fd int, attr string) (err error) {
+	funcref := get_FremovexattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___FREMOVEXATTR_A<<4, "") == 0 {
+		*funcref = impl_Fremovexattr
+	} else {
+		*funcref = error_Fremovexattr
 	}
+	return (*funcref)(fd, attr)
+}
+
+func error_Fremovexattr(fd int, attr string) (err error) {
+	err = ENOSYS
 	return
 }
 
@@ -29,10 +112,12 @@ func read(fd int, p []byte) (n int, err error) {
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	r0, _, e1 := syscall_syscall(SYS_READ, uintptr(fd), uintptr(_p0), uintptr(len(p)))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_READ<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)))
+	runtime.ExitSyscall()
 	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -46,31 +131,159 @@ func write(fd int, p []byte) (n int, err error) {
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	r0, _, e1 := syscall_syscall(SYS_WRITE, uintptr(fd), uintptr(_p0), uintptr(len(p)))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_WRITE<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)))
+	runtime.ExitSyscall()
 	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Fgetxattr(fd int, attr string, dest []byte) (sz int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(attr)
+	if err != nil {
+		return
+	}
+	var _p1 unsafe.Pointer
+	if len(dest) > 0 {
+		_p1 = unsafe.Pointer(&dest[0])
+	} else {
+		_p1 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FGETXATTR_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(dest)))
+	runtime.ExitSyscall()
+	sz = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_FgetxattrAddr() *(func(fd int, attr string, dest []byte) (sz int, err error))
+
+var Fgetxattr = enter_Fgetxattr
+
+func enter_Fgetxattr(fd int, attr string, dest []byte) (sz int, err error) {
+	funcref := get_FgetxattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___FGETXATTR_A<<4, "") == 0 {
+		*funcref = impl_Fgetxattr
+	} else {
+		*funcref = error_Fgetxattr
+	}
+	return (*funcref)(fd, attr, dest)
+}
+
+func error_Fgetxattr(fd int, attr string, dest []byte) (sz int, err error) {
+	sz = -1
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Fsetxattr(fd int, attr string, data []byte, flag int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(attr)
+	if err != nil {
+		return
+	}
+	var _p1 unsafe.Pointer
+	if len(data) > 0 {
+		_p1 = unsafe.Pointer(&data[0])
+	} else {
+		_p1 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FSETXATTR_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(data)), uintptr(flag))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_FsetxattrAddr() *(func(fd int, attr string, data []byte, flag int) (err error))
+
+var Fsetxattr = enter_Fsetxattr
+
+func enter_Fsetxattr(fd int, attr string, data []byte, flag int) (err error) {
+	funcref := get_FsetxattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___FSETXATTR_A<<4, "") == 0 {
+		*funcref = impl_Fsetxattr
+	} else {
+		*funcref = error_Fsetxattr
 	}
+	return (*funcref)(fd, attr, data, flag)
+}
+
+func error_Fsetxattr(fd int, attr string, data []byte, flag int) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
-	r0, _, e1 := syscall_syscall(SYS___ACCEPT_A, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___ACCEPT_A<<4, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___ACCEPT4_A<<4, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags))
+	runtime.ExitSyscall()
 	fd = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_accept4Addr() *(func(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error))
+
+var accept4 = enter_accept4
+
+func enter_accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) {
+	funcref := get_accept4Addr()
+	if funcptrtest(GetZosLibVec()+SYS___ACCEPT4_A<<4, "") == 0 {
+		*funcref = impl_accept4
+	} else {
+		*funcref = error_accept4
 	}
+	return (*funcref)(s, rsa, addrlen, flags)
+}
+
+func error_accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) {
+	fd = -1
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
-	_, _, e1 := syscall_syscall(SYS___BIND_A, uintptr(s), uintptr(addr), uintptr(addrlen))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___BIND_A<<4, uintptr(s), uintptr(addr), uintptr(addrlen))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -78,9 +291,11 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
-	_, _, e1 := syscall_syscall(SYS___CONNECT_A, uintptr(s), uintptr(addr), uintptr(addrlen))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CONNECT_A<<4, uintptr(s), uintptr(addr), uintptr(addrlen))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -88,10 +303,10 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func getgroups(n int, list *_Gid_t) (nn int, err error) {
-	r0, _, e1 := syscall_rawsyscall(SYS_GETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETGROUPS<<4, uintptr(n), uintptr(unsafe.Pointer(list)))
 	nn = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -99,9 +314,9 @@ func getgroups(n int, list *_Gid_t) (nn int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func setgroups(n int, list *_Gid_t) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_SETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETGROUPS<<4, uintptr(n), uintptr(unsafe.Pointer(list)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -109,9 +324,11 @@ func setgroups(n int, list *_Gid_t) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) {
-	_, _, e1 := syscall_syscall6(SYS_GETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETSOCKOPT<<4, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -119,9 +336,11 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) {
-	_, _, e1 := syscall_syscall6(SYS_SETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETSOCKOPT<<4, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -129,10 +348,10 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr)
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func socket(domain int, typ int, proto int) (fd int, err error) {
-	r0, _, e1 := syscall_rawsyscall(SYS_SOCKET, uintptr(domain), uintptr(typ), uintptr(proto))
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SOCKET<<4, uintptr(domain), uintptr(typ), uintptr(proto))
 	fd = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -140,9 +359,9 @@ func socket(domain int, typ int, proto int) (fd int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
-	_, _, e1 := syscall_rawsyscall6(SYS_SOCKETPAIR, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SOCKETPAIR<<4, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -150,9 +369,9 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS___GETPEERNAME_A, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___GETPEERNAME_A<<4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -160,10 +379,52 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS___GETSOCKNAME_A, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___GETSOCKNAME_A<<4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Removexattr(path string, attr string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(attr)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___REMOVEXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_RemovexattrAddr() *(func(path string, attr string) (err error))
+
+var Removexattr = enter_Removexattr
+
+func enter_Removexattr(path string, attr string) (err error) {
+	funcref := get_RemovexattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___REMOVEXATTR_A<<4, "") == 0 {
+		*funcref = impl_Removexattr
+	} else {
+		*funcref = error_Removexattr
 	}
+	return (*funcref)(path, attr)
+}
+
+func error_Removexattr(path string, attr string) (err error) {
+	err = ENOSYS
 	return
 }
 
@@ -176,10 +437,12 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	r0, _, e1 := syscall_syscall6(SYS___RECVFROM_A, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RECVFROM_A<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
+	runtime.ExitSyscall()
 	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -193,9 +456,11 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	_, _, e1 := syscall_syscall6(SYS___SENDTO_A, uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SENDTO_A<<4, uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -203,10 +468,12 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(SYS___RECVMSG_A, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RECVMSG_A<<4, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+	runtime.ExitSyscall()
 	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -214,10 +481,12 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
-	r0, _, e1 := syscall_syscall(SYS___SENDMSG_A, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SENDMSG_A<<4, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
+	runtime.ExitSyscall()
 	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -225,10 +494,12 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) {
-	r0, _, e1 := syscall_syscall6(SYS_MMAP, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_MMAP<<4, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
+	runtime.ExitSyscall()
 	ret = uintptr(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -236,9 +507,11 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func munmap(addr uintptr, length uintptr) (err error) {
-	_, _, e1 := syscall_syscall(SYS_MUNMAP, uintptr(addr), uintptr(length), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_MUNMAP<<4, uintptr(addr), uintptr(length))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -246,9 +519,11 @@ func munmap(addr uintptr, length uintptr) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func ioctl(fd int, req int, arg uintptr) (err error) {
-	_, _, e1 := syscall_syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_IOCTL<<4, uintptr(fd), uintptr(req), uintptr(arg))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -256,9 +531,62 @@ func ioctl(fd int, req int, arg uintptr) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) {
-	_, _, e1 := syscall_syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_IOCTL<<4, uintptr(fd), uintptr(req), uintptr(arg))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func shmat(id int, addr uintptr, flag int) (ret uintptr, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHMAT<<4, uintptr(id), uintptr(addr), uintptr(flag))
+	runtime.ExitSyscall()
+	ret = uintptr(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func shmctl(id int, cmd int, buf *SysvShmDesc) (result int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHMCTL64<<4, uintptr(id), uintptr(cmd), uintptr(unsafe.Pointer(buf)))
+	runtime.ExitSyscall()
+	result = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func shmdt(addr uintptr) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHMDT<<4, uintptr(addr))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func shmget(key int, size int, flag int) (id int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHMGET<<4, uintptr(key), uintptr(size), uintptr(flag))
+	runtime.ExitSyscall()
+	id = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -271,9 +599,11 @@ func Access(path string, mode uint32) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___ACCESS_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___ACCESS_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -286,9 +616,11 @@ func Chdir(path string) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___CHDIR_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CHDIR_A<<4, uintptr(unsafe.Pointer(_p0)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -301,9 +633,11 @@ func Chown(path string, uid int, gid int) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___CHOWN_A, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CHOWN_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -316,9 +650,11 @@ func Chmod(path string, mode uint32) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___CHMOD_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CHMOD_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -331,10 +667,12 @@ func Creat(path string, mode uint32) (fd int, err error) {
 	if err != nil {
 		return
 	}
-	r0, _, e1 := syscall_syscall(SYS___CREAT_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CREAT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
+	runtime.ExitSyscall()
 	fd = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -342,10 +680,12 @@ func Creat(path string, mode uint32) (fd int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Dup(oldfd int) (fd int, err error) {
-	r0, _, e1 := syscall_syscall(SYS_DUP, uintptr(oldfd), 0, 0)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_DUP<<4, uintptr(oldfd))
+	runtime.ExitSyscall()
 	fd = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -353,617 +693,2216 @@ func Dup(oldfd int) (fd int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Dup2(oldfd int, newfd int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_DUP2, uintptr(oldfd), uintptr(newfd), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_DUP2<<4, uintptr(oldfd), uintptr(newfd))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Errno2() (er2 int) {
-	uer2, _, _ := syscall_syscall(SYS___ERRNO2, 0, 0, 0)
-	er2 = int(uer2)
+func impl_Dup3(oldfd int, newfd int, flags int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_DUP3<<4, uintptr(oldfd), uintptr(newfd), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_Dup3Addr() *(func(oldfd int, newfd int, flags int) (err error))
 
-func Err2ad() (eadd *int) {
-	ueadd, _, _ := syscall_syscall(SYS___ERR2AD, 0, 0, 0)
-	eadd = (*int)(unsafe.Pointer(ueadd))
-	return
-}
+var Dup3 = enter_Dup3
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func enter_Dup3(oldfd int, newfd int, flags int) (err error) {
+	funcref := get_Dup3Addr()
+	if funcptrtest(GetZosLibVec()+SYS_DUP3<<4, "") == 0 {
+		*funcref = impl_Dup3
+	} else {
+		*funcref = error_Dup3
+	}
+	return (*funcref)(oldfd, newfd, flags)
+}
 
-func Exit(code int) {
-	syscall_syscall(SYS_EXIT, uintptr(code), 0, 0)
+func error_Dup3(oldfd int, newfd int, flags int) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Fchdir(fd int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_FCHDIR, uintptr(fd), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func impl_Dirfd(dirp uintptr) (fd int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_DIRFD<<4, uintptr(dirp))
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_DirfdAddr() *(func(dirp uintptr) (fd int, err error))
 
-func Fchmod(fd int, mode uint32) (err error) {
-	_, _, e1 := syscall_syscall(SYS_FCHMOD, uintptr(fd), uintptr(mode), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var Dirfd = enter_Dirfd
+
+func enter_Dirfd(dirp uintptr) (fd int, err error) {
+	funcref := get_DirfdAddr()
+	if funcptrtest(GetZosLibVec()+SYS_DIRFD<<4, "") == 0 {
+		*funcref = impl_Dirfd
+	} else {
+		*funcref = error_Dirfd
 	}
+	return (*funcref)(dirp)
+}
+
+func error_Dirfd(dirp uintptr) (fd int, err error) {
+	fd = -1
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Fchown(fd int, uid int, gid int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_FCHOWN, uintptr(fd), uintptr(uid), uintptr(gid))
-	if e1 != 0 {
-		err = errnoErr(e1)
+func impl_EpollCreate(size int) (fd int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_CREATE<<4, uintptr(size))
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_EpollCreateAddr() *(func(size int) (fd int, err error))
 
-func FcntlInt(fd uintptr, cmd int, arg int) (retval int, err error) {
-	r0, _, e1 := syscall_syscall(SYS_FCNTL, uintptr(fd), uintptr(cmd), uintptr(arg))
-	retval = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var EpollCreate = enter_EpollCreate
+
+func enter_EpollCreate(size int) (fd int, err error) {
+	funcref := get_EpollCreateAddr()
+	if funcptrtest(GetZosLibVec()+SYS_EPOLL_CREATE<<4, "") == 0 {
+		*funcref = impl_EpollCreate
+	} else {
+		*funcref = error_EpollCreate
 	}
+	return (*funcref)(size)
+}
+
+func error_EpollCreate(size int) (fd int, err error) {
+	fd = -1
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func fstat(fd int, stat *Stat_LE_t) (err error) {
-	_, _, e1 := syscall_syscall(SYS_FSTAT, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func impl_EpollCreate1(flags int) (fd int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_CREATE1<<4, uintptr(flags))
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_EpollCreate1Addr() *(func(flags int) (fd int, err error))
 
-func Fstatvfs(fd int, stat *Statvfs_t) (err error) {
-	_, _, e1 := syscall_syscall(SYS_FSTATVFS, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var EpollCreate1 = enter_EpollCreate1
+
+func enter_EpollCreate1(flags int) (fd int, err error) {
+	funcref := get_EpollCreate1Addr()
+	if funcptrtest(GetZosLibVec()+SYS_EPOLL_CREATE1<<4, "") == 0 {
+		*funcref = impl_EpollCreate1
+	} else {
+		*funcref = error_EpollCreate1
 	}
+	return (*funcref)(flags)
+}
+
+func error_EpollCreate1(flags int) (fd int, err error) {
+	fd = -1
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Fsync(fd int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_FSYNC, uintptr(fd), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func impl_EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_CTL<<4, uintptr(epfd), uintptr(op), uintptr(fd), uintptr(unsafe.Pointer(event)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_EpollCtlAddr() *(func(epfd int, op int, fd int, event *EpollEvent) (err error))
 
-func Ftruncate(fd int, length int64) (err error) {
-	_, _, e1 := syscall_syscall(SYS_FTRUNCATE, uintptr(fd), uintptr(length), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var EpollCtl = enter_EpollCtl
+
+func enter_EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
+	funcref := get_EpollCtlAddr()
+	if funcptrtest(GetZosLibVec()+SYS_EPOLL_CTL<<4, "") == 0 {
+		*funcref = impl_EpollCtl
+	} else {
+		*funcref = error_EpollCtl
 	}
-	return
+	return (*funcref)(epfd, op, fd, event)
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpagesize() (pgsize int) {
-	r0, _, _ := syscall_syscall(SYS_GETPAGESIZE, 0, 0, 0)
-	pgsize = int(r0)
+func error_EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mprotect(b []byte, prot int) (err error) {
+func impl_EpollPwait(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error) {
 	var _p0 unsafe.Pointer
-	if len(b) > 0 {
-		_p0 = unsafe.Pointer(&b[0])
+	if len(events) > 0 {
+		_p0 = unsafe.Pointer(&events[0])
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	_, _, e1 := syscall_syscall(SYS_MPROTECT, uintptr(_p0), uintptr(len(b)), uintptr(prot))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_PWAIT<<4, uintptr(epfd), uintptr(_p0), uintptr(len(events)), uintptr(msec), uintptr(unsafe.Pointer(sigmask)))
+	runtime.ExitSyscall()
+	n = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_EpollPwaitAddr() *(func(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error))
 
-func Msync(b []byte, flags int) (err error) {
-	var _p0 unsafe.Pointer
-	if len(b) > 0 {
-		_p0 = unsafe.Pointer(&b[0])
+var EpollPwait = enter_EpollPwait
+
+func enter_EpollPwait(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error) {
+	funcref := get_EpollPwaitAddr()
+	if funcptrtest(GetZosLibVec()+SYS_EPOLL_PWAIT<<4, "") == 0 {
+		*funcref = impl_EpollPwait
 	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	_, _, e1 := syscall_syscall(SYS_MSYNC, uintptr(_p0), uintptr(len(b)), uintptr(flags))
-	if e1 != 0 {
-		err = errnoErr(e1)
+		*funcref = error_EpollPwait
 	}
+	return (*funcref)(epfd, events, msec, sigmask)
+}
+
+func error_EpollPwait(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error) {
+	n = -1
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Poll(fds []PollFd, timeout int) (n int, err error) {
+func impl_EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
 	var _p0 unsafe.Pointer
-	if len(fds) > 0 {
-		_p0 = unsafe.Pointer(&fds[0])
+	if len(events) > 0 {
+		_p0 = unsafe.Pointer(&events[0])
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	r0, _, e1 := syscall_syscall(SYS_POLL, uintptr(_p0), uintptr(len(fds)), uintptr(timeout))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_WAIT<<4, uintptr(epfd), uintptr(_p0), uintptr(len(events)), uintptr(msec))
+	runtime.ExitSyscall()
 	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_EpollWaitAddr() *(func(epfd int, events []EpollEvent, msec int) (n int, err error))
 
-func Times(tms *Tms) (ticks uintptr, err error) {
-	r0, _, e1 := syscall_syscall(SYS_TIMES, uintptr(unsafe.Pointer(tms)), 0, 0)
-	ticks = uintptr(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var EpollWait = enter_EpollWait
+
+func enter_EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
+	funcref := get_EpollWaitAddr()
+	if funcptrtest(GetZosLibVec()+SYS_EPOLL_WAIT<<4, "") == 0 {
+		*funcref = impl_EpollWait
+	} else {
+		*funcref = error_EpollWait
 	}
+	return (*funcref)(epfd, events, msec)
+}
+
+func error_EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
+	n = -1
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func W_Getmntent(buff *byte, size int) (lastsys int, err error) {
-	r0, _, e1 := syscall_syscall(SYS_W_GETMNTENT, uintptr(unsafe.Pointer(buff)), uintptr(size), 0)
-	lastsys = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
+func Errno2() (er2 int) {
+	runtime.EnterSyscall()
+	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS___ERRNO2<<4)
+	runtime.ExitSyscall()
+	er2 = int(r0)
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func W_Getmntent_A(buff *byte, size int) (lastsys int, err error) {
-	r0, _, e1 := syscall_syscall(SYS___W_GETMNTENT_A, uintptr(unsafe.Pointer(buff)), uintptr(size), 0)
-	lastsys = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func impl_Eventfd(initval uint, flags int) (fd int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EVENTFD<<4, uintptr(initval), uintptr(flags))
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
+//go:nosplit
+func get_EventfdAddr() *(func(initval uint, flags int) (fd int, err error))
+
+var Eventfd = enter_Eventfd
+
+func enter_Eventfd(initval uint, flags int) (fd int, err error) {
+	funcref := get_EventfdAddr()
+	if funcptrtest(GetZosLibVec()+SYS_EVENTFD<<4, "") == 0 {
+		*funcref = impl_Eventfd
+	} else {
+		*funcref = error_Eventfd
+	}
+	return (*funcref)(initval, flags)
+}
+
+func error_Eventfd(initval uint, flags int) (fd int, err error) {
+	fd = -1
+	err = ENOSYS
+	return
+}
+
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func mount_LE(path string, filesystem string, fstype string, mtm uint32, parmlen int32, parm string) (err error) {
+func Exit(code int) {
+	runtime.EnterSyscall()
+	CallLeFuncWithErr(GetZosLibVec()+SYS_EXIT<<4, uintptr(code))
+	runtime.ExitSyscall()
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(filesystem)
-	if err != nil {
-		return
-	}
-	var _p2 *byte
-	_p2, err = BytePtrFromString(fstype)
-	if err != nil {
-		return
-	}
-	var _p3 *byte
-	_p3, err = BytePtrFromString(parm)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(SYS___MOUNT_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(_p2)), uintptr(mtm), uintptr(parmlen), uintptr(unsafe.Pointer(_p3)))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FACCESSAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_FaccessatAddr() *(func(dirfd int, path string, mode uint32, flags int) (err error))
 
-func unmount(filesystem string, mtm int) (err error) {
+var Faccessat = enter_Faccessat
+
+func enter_Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
+	funcref := get_FaccessatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___FACCESSAT_A<<4, "") == 0 {
+		*funcref = impl_Faccessat
+	} else {
+		*funcref = error_Faccessat
+	}
+	return (*funcref)(dirfd, path, mode, flags)
+}
+
+func error_Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fchdir(fd int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCHDIR<<4, uintptr(fd))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fchmod(fd int, mode uint32) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCHMOD<<4, uintptr(fd), uintptr(mode))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
 	var _p0 *byte
-	_p0, err = BytePtrFromString(filesystem)
+	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___UMOUNT_A, uintptr(unsafe.Pointer(_p0)), uintptr(mtm), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FCHMODAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_FchmodatAddr() *(func(dirfd int, path string, mode uint32, flags int) (err error))
+
+var Fchmodat = enter_Fchmodat
+
+func enter_Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
+	funcref := get_FchmodatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___FCHMODAT_A<<4, "") == 0 {
+		*funcref = impl_Fchmodat
+	} else {
+		*funcref = error_Fchmodat
+	}
+	return (*funcref)(dirfd, path, mode, flags)
+}
+
+func error_Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fchown(fd int, uid int, gid int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCHOWN<<4, uintptr(fd), uintptr(uid), uintptr(gid))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Chroot(path string) (err error) {
+func impl_Fchownat(fd int, path string, uid int, gid int, flags int) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___CHROOT_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FCHOWNAT_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_FchownatAddr() *(func(fd int, path string, uid int, gid int, flags int) (err error))
+
+var Fchownat = enter_Fchownat
+
+func enter_Fchownat(fd int, path string, uid int, gid int, flags int) (err error) {
+	funcref := get_FchownatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___FCHOWNAT_A<<4, "") == 0 {
+		*funcref = impl_Fchownat
+	} else {
+		*funcref = error_Fchownat
 	}
+	return (*funcref)(fd, path, uid, gid, flags)
+}
+
+func error_Fchownat(fd int, path string, uid int, gid int, flags int) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Uname(buf *Utsname) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS___UNAME_A, uintptr(unsafe.Pointer(buf)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func FcntlInt(fd uintptr, cmd int, arg int) (retval int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCNTL<<4, uintptr(fd), uintptr(cmd), uintptr(arg))
+	runtime.ExitSyscall()
+	retval = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Gethostname(buf []byte) (err error) {
+func impl_Fdatasync(fd int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FDATASYNC<<4, uintptr(fd))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_FdatasyncAddr() *(func(fd int) (err error))
+
+var Fdatasync = enter_Fdatasync
+
+func enter_Fdatasync(fd int) (err error) {
+	funcref := get_FdatasyncAddr()
+	if funcptrtest(GetZosLibVec()+SYS_FDATASYNC<<4, "") == 0 {
+		*funcref = impl_Fdatasync
+	} else {
+		*funcref = error_Fdatasync
+	}
+	return (*funcref)(fd)
+}
+
+func error_Fdatasync(fd int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func fstat(fd int, stat *Stat_LE_t) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FSTAT<<4, uintptr(fd), uintptr(unsafe.Pointer(stat)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_fstatat(dirfd int, path string, stat *Stat_LE_t, flags int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FSTATAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_fstatatAddr() *(func(dirfd int, path string, stat *Stat_LE_t, flags int) (err error))
+
+var fstatat = enter_fstatat
+
+func enter_fstatat(dirfd int, path string, stat *Stat_LE_t, flags int) (err error) {
+	funcref := get_fstatatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___FSTATAT_A<<4, "") == 0 {
+		*funcref = impl_fstatat
+	} else {
+		*funcref = error_fstatat
+	}
+	return (*funcref)(dirfd, path, stat, flags)
+}
+
+func error_fstatat(dirfd int, path string, stat *Stat_LE_t, flags int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Lgetxattr(link string, attr string, dest []byte) (sz int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(link)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(attr)
+	if err != nil {
+		return
+	}
+	var _p2 unsafe.Pointer
+	if len(dest) > 0 {
+		_p2 = unsafe.Pointer(&dest[0])
+	} else {
+		_p2 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LGETXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(_p2), uintptr(len(dest)))
+	runtime.ExitSyscall()
+	sz = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_LgetxattrAddr() *(func(link string, attr string, dest []byte) (sz int, err error))
+
+var Lgetxattr = enter_Lgetxattr
+
+func enter_Lgetxattr(link string, attr string, dest []byte) (sz int, err error) {
+	funcref := get_LgetxattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___LGETXATTR_A<<4, "") == 0 {
+		*funcref = impl_Lgetxattr
+	} else {
+		*funcref = error_Lgetxattr
+	}
+	return (*funcref)(link, attr, dest)
+}
+
+func error_Lgetxattr(link string, attr string, dest []byte) (sz int, err error) {
+	sz = -1
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Lsetxattr(path string, attr string, data []byte, flags int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(attr)
+	if err != nil {
+		return
+	}
+	var _p2 unsafe.Pointer
+	if len(data) > 0 {
+		_p2 = unsafe.Pointer(&data[0])
+	} else {
+		_p2 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LSETXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(_p2), uintptr(len(data)), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_LsetxattrAddr() *(func(path string, attr string, data []byte, flags int) (err error))
+
+var Lsetxattr = enter_Lsetxattr
+
+func enter_Lsetxattr(path string, attr string, data []byte, flags int) (err error) {
+	funcref := get_LsetxattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___LSETXATTR_A<<4, "") == 0 {
+		*funcref = impl_Lsetxattr
+	} else {
+		*funcref = error_Lsetxattr
+	}
+	return (*funcref)(path, attr, data, flags)
+}
+
+func error_Lsetxattr(path string, attr string, data []byte, flags int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Fstatfs(fd int, buf *Statfs_t) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FSTATFS<<4, uintptr(fd), uintptr(unsafe.Pointer(buf)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_FstatfsAddr() *(func(fd int, buf *Statfs_t) (err error))
+
+var Fstatfs = enter_Fstatfs
+
+func enter_Fstatfs(fd int, buf *Statfs_t) (err error) {
+	funcref := get_FstatfsAddr()
+	if funcptrtest(GetZosLibVec()+SYS_FSTATFS<<4, "") == 0 {
+		*funcref = impl_Fstatfs
+	} else {
+		*funcref = error_Fstatfs
+	}
+	return (*funcref)(fd, buf)
+}
+
+func error_Fstatfs(fd int, buf *Statfs_t) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fstatvfs(fd int, stat *Statvfs_t) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FSTATVFS<<4, uintptr(fd), uintptr(unsafe.Pointer(stat)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Fsync(fd int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FSYNC<<4, uintptr(fd))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Futimes(fd int, tv []Timeval) (err error) {
 	var _p0 unsafe.Pointer
-	if len(buf) > 0 {
-		_p0 = unsafe.Pointer(&buf[0])
+	if len(tv) > 0 {
+		_p0 = unsafe.Pointer(&tv[0])
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	_, _, e1 := syscall_syscall(SYS___GETHOSTNAME_A, uintptr(_p0), uintptr(len(buf)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FUTIMES<<4, uintptr(fd), uintptr(_p0), uintptr(len(tv)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_FutimesAddr() *(func(fd int, tv []Timeval) (err error))
 
-func Getegid() (egid int) {
-	r0, _, _ := syscall_rawsyscall(SYS_GETEGID, 0, 0, 0)
-	egid = int(r0)
+var Futimes = enter_Futimes
+
+func enter_Futimes(fd int, tv []Timeval) (err error) {
+	funcref := get_FutimesAddr()
+	if funcptrtest(GetZosLibVec()+SYS_FUTIMES<<4, "") == 0 {
+		*funcref = impl_Futimes
+	} else {
+		*funcref = error_Futimes
+	}
+	return (*funcref)(fd, tv)
+}
+
+func error_Futimes(fd int, tv []Timeval) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Geteuid() (uid int) {
-	r0, _, _ := syscall_rawsyscall(SYS_GETEUID, 0, 0, 0)
-	uid = int(r0)
+func impl_Futimesat(dirfd int, path string, tv []Timeval) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 unsafe.Pointer
+	if len(tv) > 0 {
+		_p1 = unsafe.Pointer(&tv[0])
+	} else {
+		_p1 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FUTIMESAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(tv)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_FutimesatAddr() *(func(dirfd int, path string, tv []Timeval) (err error))
+
+var Futimesat = enter_Futimesat
+
+func enter_Futimesat(dirfd int, path string, tv []Timeval) (err error) {
+	funcref := get_FutimesatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___FUTIMESAT_A<<4, "") == 0 {
+		*funcref = impl_Futimesat
+	} else {
+		*funcref = error_Futimesat
+	}
+	return (*funcref)(dirfd, path, tv)
+}
+
+func error_Futimesat(dirfd int, path string, tv []Timeval) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Getgid() (gid int) {
-	r0, _, _ := syscall_rawsyscall(SYS_GETGID, 0, 0, 0)
-	gid = int(r0)
+func Ftruncate(fd int, length int64) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FTRUNCATE<<4, uintptr(fd), uintptr(length))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Getpid() (pid int) {
-	r0, _, _ := syscall_rawsyscall(SYS_GETPID, 0, 0, 0)
-	pid = int(r0)
+func impl_Getrandom(buf []byte, flags int) (n int, err error) {
+	var _p0 unsafe.Pointer
+	if len(buf) > 0 {
+		_p0 = unsafe.Pointer(&buf[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETRANDOM<<4, uintptr(_p0), uintptr(len(buf)), uintptr(flags))
+	runtime.ExitSyscall()
+	n = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_GetrandomAddr() *(func(buf []byte, flags int) (n int, err error))
+
+var Getrandom = enter_Getrandom
+
+func enter_Getrandom(buf []byte, flags int) (n int, err error) {
+	funcref := get_GetrandomAddr()
+	if funcptrtest(GetZosLibVec()+SYS_GETRANDOM<<4, "") == 0 {
+		*funcref = impl_Getrandom
+	} else {
+		*funcref = error_Getrandom
+	}
+	return (*funcref)(buf, flags)
+}
+
+func error_Getrandom(buf []byte, flags int) (n int, err error) {
+	n = -1
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Getpgid(pid int) (pgid int, err error) {
-	r0, _, e1 := syscall_rawsyscall(SYS_GETPGID, uintptr(pid), 0, 0)
-	pgid = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func impl_InotifyInit() (fd int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec() + SYS_INOTIFY_INIT<<4)
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_InotifyInitAddr() *(func() (fd int, err error))
+
+var InotifyInit = enter_InotifyInit
+
+func enter_InotifyInit() (fd int, err error) {
+	funcref := get_InotifyInitAddr()
+	if funcptrtest(GetZosLibVec()+SYS_INOTIFY_INIT<<4, "") == 0 {
+		*funcref = impl_InotifyInit
+	} else {
+		*funcref = error_InotifyInit
 	}
+	return (*funcref)()
+}
+
+func error_InotifyInit() (fd int, err error) {
+	fd = -1
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Getppid() (pid int) {
-	r0, _, _ := syscall_rawsyscall(SYS_GETPPID, 0, 0, 0)
-	pid = int(r0)
+func impl_InotifyInit1(flags int) (fd int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_INOTIFY_INIT1<<4, uintptr(flags))
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_InotifyInit1Addr() *(func(flags int) (fd int, err error))
+
+var InotifyInit1 = enter_InotifyInit1
+
+func enter_InotifyInit1(flags int) (fd int, err error) {
+	funcref := get_InotifyInit1Addr()
+	if funcptrtest(GetZosLibVec()+SYS_INOTIFY_INIT1<<4, "") == 0 {
+		*funcref = impl_InotifyInit1
+	} else {
+		*funcref = error_InotifyInit1
+	}
+	return (*funcref)(flags)
+}
+
+func error_InotifyInit1(flags int) (fd int, err error) {
+	fd = -1
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_InotifyAddWatch(fd int, pathname string, mask uint32) (watchdesc int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(pathname)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___INOTIFY_ADD_WATCH_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(mask))
+	runtime.ExitSyscall()
+	watchdesc = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_InotifyAddWatchAddr() *(func(fd int, pathname string, mask uint32) (watchdesc int, err error))
+
+var InotifyAddWatch = enter_InotifyAddWatch
+
+func enter_InotifyAddWatch(fd int, pathname string, mask uint32) (watchdesc int, err error) {
+	funcref := get_InotifyAddWatchAddr()
+	if funcptrtest(GetZosLibVec()+SYS___INOTIFY_ADD_WATCH_A<<4, "") == 0 {
+		*funcref = impl_InotifyAddWatch
+	} else {
+		*funcref = error_InotifyAddWatch
+	}
+	return (*funcref)(fd, pathname, mask)
+}
+
+func error_InotifyAddWatch(fd int, pathname string, mask uint32) (watchdesc int, err error) {
+	watchdesc = -1
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_InotifyRmWatch(fd int, watchdesc uint32) (success int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_INOTIFY_RM_WATCH<<4, uintptr(fd), uintptr(watchdesc))
+	runtime.ExitSyscall()
+	success = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_InotifyRmWatchAddr() *(func(fd int, watchdesc uint32) (success int, err error))
+
+var InotifyRmWatch = enter_InotifyRmWatch
+
+func enter_InotifyRmWatch(fd int, watchdesc uint32) (success int, err error) {
+	funcref := get_InotifyRmWatchAddr()
+	if funcptrtest(GetZosLibVec()+SYS_INOTIFY_RM_WATCH<<4, "") == 0 {
+		*funcref = impl_InotifyRmWatch
+	} else {
+		*funcref = error_InotifyRmWatch
+	}
+	return (*funcref)(fd, watchdesc)
+}
+
+func error_InotifyRmWatch(fd int, watchdesc uint32) (success int, err error) {
+	success = -1
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Listxattr(path string, dest []byte) (sz int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 unsafe.Pointer
+	if len(dest) > 0 {
+		_p1 = unsafe.Pointer(&dest[0])
+	} else {
+		_p1 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LISTXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(dest)))
+	runtime.ExitSyscall()
+	sz = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_ListxattrAddr() *(func(path string, dest []byte) (sz int, err error))
+
+var Listxattr = enter_Listxattr
+
+func enter_Listxattr(path string, dest []byte) (sz int, err error) {
+	funcref := get_ListxattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___LISTXATTR_A<<4, "") == 0 {
+		*funcref = impl_Listxattr
+	} else {
+		*funcref = error_Listxattr
+	}
+	return (*funcref)(path, dest)
+}
+
+func error_Listxattr(path string, dest []byte) (sz int, err error) {
+	sz = -1
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Llistxattr(path string, dest []byte) (sz int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 unsafe.Pointer
+	if len(dest) > 0 {
+		_p1 = unsafe.Pointer(&dest[0])
+	} else {
+		_p1 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LLISTXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(dest)))
+	runtime.ExitSyscall()
+	sz = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_LlistxattrAddr() *(func(path string, dest []byte) (sz int, err error))
+
+var Llistxattr = enter_Llistxattr
+
+func enter_Llistxattr(path string, dest []byte) (sz int, err error) {
+	funcref := get_LlistxattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___LLISTXATTR_A<<4, "") == 0 {
+		*funcref = impl_Llistxattr
+	} else {
+		*funcref = error_Llistxattr
+	}
+	return (*funcref)(path, dest)
+}
+
+func error_Llistxattr(path string, dest []byte) (sz int, err error) {
+	sz = -1
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Lremovexattr(path string, attr string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(attr)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LREMOVEXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_LremovexattrAddr() *(func(path string, attr string) (err error))
+
+var Lremovexattr = enter_Lremovexattr
+
+func enter_Lremovexattr(path string, attr string) (err error) {
+	funcref := get_LremovexattrAddr()
+	if funcptrtest(GetZosLibVec()+SYS___LREMOVEXATTR_A<<4, "") == 0 {
+		*funcref = impl_Lremovexattr
+	} else {
+		*funcref = error_Lremovexattr
+	}
+	return (*funcref)(path, attr)
+}
+
+func error_Lremovexattr(path string, attr string) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Lutimes(path string, tv []Timeval) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 unsafe.Pointer
+	if len(tv) > 0 {
+		_p1 = unsafe.Pointer(&tv[0])
+	} else {
+		_p1 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LUTIMES_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(tv)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_LutimesAddr() *(func(path string, tv []Timeval) (err error))
+
+var Lutimes = enter_Lutimes
+
+func enter_Lutimes(path string, tv []Timeval) (err error) {
+	funcref := get_LutimesAddr()
+	if funcptrtest(GetZosLibVec()+SYS___LUTIMES_A<<4, "") == 0 {
+		*funcref = impl_Lutimes
+	} else {
+		*funcref = error_Lutimes
+	}
+	return (*funcref)(path, tv)
+}
+
+func error_Lutimes(path string, tv []Timeval) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Mprotect(b []byte, prot int) (err error) {
+	var _p0 unsafe.Pointer
+	if len(b) > 0 {
+		_p0 = unsafe.Pointer(&b[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_MPROTECT<<4, uintptr(_p0), uintptr(len(b)), uintptr(prot))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Msync(b []byte, flags int) (err error) {
+	var _p0 unsafe.Pointer
+	if len(b) > 0 {
+		_p0 = unsafe.Pointer(&b[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_MSYNC<<4, uintptr(_p0), uintptr(len(b)), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Console2(cmsg *ConsMsg2, modstr *byte, concmd *uint32) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CONSOLE2<<4, uintptr(unsafe.Pointer(cmsg)), uintptr(unsafe.Pointer(modstr)), uintptr(unsafe.Pointer(concmd)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Poll(fds []PollFd, timeout int) (n int, err error) {
+	var _p0 unsafe.Pointer
+	if len(fds) > 0 {
+		_p0 = unsafe.Pointer(&fds[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_POLL<<4, uintptr(_p0), uintptr(len(fds)), uintptr(timeout))
+	runtime.ExitSyscall()
+	n = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Readdir_r(dirp uintptr, entry *direntLE, result **direntLE) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___READDIR_R_A<<4, uintptr(dirp), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Statfs(path string, buf *Statfs_t) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___STATFS_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(buf)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_StatfsAddr() *(func(path string, buf *Statfs_t) (err error))
+
+var Statfs = enter_Statfs
+
+func enter_Statfs(path string, buf *Statfs_t) (err error) {
+	funcref := get_StatfsAddr()
+	if funcptrtest(GetZosLibVec()+SYS___STATFS_A<<4, "") == 0 {
+		*funcref = impl_Statfs
+	} else {
+		*funcref = error_Statfs
+	}
+	return (*funcref)(path, buf)
+}
+
+func error_Statfs(path string, buf *Statfs_t) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Syncfs(fd int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SYNCFS<<4, uintptr(fd))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_SyncfsAddr() *(func(fd int) (err error))
+
+var Syncfs = enter_Syncfs
+
+func enter_Syncfs(fd int) (err error) {
+	funcref := get_SyncfsAddr()
+	if funcptrtest(GetZosLibVec()+SYS_SYNCFS<<4, "") == 0 {
+		*funcref = impl_Syncfs
+	} else {
+		*funcref = error_Syncfs
+	}
+	return (*funcref)(fd)
+}
+
+func error_Syncfs(fd int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Times(tms *Tms) (ticks uintptr, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_TIMES<<4, uintptr(unsafe.Pointer(tms)))
+	runtime.ExitSyscall()
+	ticks = uintptr(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func W_Getmntent(buff *byte, size int) (lastsys int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_W_GETMNTENT<<4, uintptr(unsafe.Pointer(buff)), uintptr(size))
+	runtime.ExitSyscall()
+	lastsys = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func W_Getmntent_A(buff *byte, size int) (lastsys int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___W_GETMNTENT_A<<4, uintptr(unsafe.Pointer(buff)), uintptr(size))
+	runtime.ExitSyscall()
+	lastsys = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func mount_LE(path string, filesystem string, fstype string, mtm uint32, parmlen int32, parm string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(filesystem)
+	if err != nil {
+		return
+	}
+	var _p2 *byte
+	_p2, err = BytePtrFromString(fstype)
+	if err != nil {
+		return
+	}
+	var _p3 *byte
+	_p3, err = BytePtrFromString(parm)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MOUNT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(_p2)), uintptr(mtm), uintptr(parmlen), uintptr(unsafe.Pointer(_p3)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func unmount_LE(filesystem string, mtm int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(filesystem)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UMOUNT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mtm))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Chroot(path string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CHROOT_A<<4, uintptr(unsafe.Pointer(_p0)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Select(nmsgsfds int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (ret int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SELECT<<4, uintptr(nmsgsfds), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)))
+	runtime.ExitSyscall()
+	ret = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Uname(buf *Utsname) (err error) {
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_____OSNAME_A<<4, uintptr(unsafe.Pointer(buf)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Unshare(flags int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_UNSHARE<<4, uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_UnshareAddr() *(func(flags int) (err error))
+
+var Unshare = enter_Unshare
+
+func enter_Unshare(flags int) (err error) {
+	funcref := get_UnshareAddr()
+	if funcptrtest(GetZosLibVec()+SYS_UNSHARE<<4, "") == 0 {
+		*funcref = impl_Unshare
+	} else {
+		*funcref = error_Unshare
+	}
+	return (*funcref)(flags)
+}
+
+func error_Unshare(flags int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Gethostname(buf []byte) (err error) {
+	var _p0 unsafe.Pointer
+	if len(buf) > 0 {
+		_p0 = unsafe.Pointer(&buf[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___GETHOSTNAME_A<<4, uintptr(_p0), uintptr(len(buf)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getgid() (gid int) {
+	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETGID<<4)
+	gid = int(r0)
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getpid() (pid int) {
+	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETPID<<4)
+	pid = int(r0)
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getpgid(pid int) (pgid int, err error) {
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETPGID<<4, uintptr(pid))
+	pgid = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getppid() (pid int) {
+	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETPPID<<4)
+	pid = int(r0)
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getpriority(which int, who int) (prio int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETPRIORITY<<4, uintptr(which), uintptr(who))
+	runtime.ExitSyscall()
+	prio = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getrlimit(resource int, rlim *Rlimit) (err error) {
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETRLIMIT<<4, uintptr(resource), uintptr(unsafe.Pointer(rlim)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func getrusage(who int, rusage *rusage_zos) (err error) {
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETRUSAGE<<4, uintptr(who), uintptr(unsafe.Pointer(rusage)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getegid() (egid int) {
+	runtime.EnterSyscall()
+	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETEGID<<4)
+	runtime.ExitSyscall()
+	egid = int(r0)
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Geteuid() (euid int) {
+	runtime.EnterSyscall()
+	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETEUID<<4)
+	runtime.ExitSyscall()
+	euid = int(r0)
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getsid(pid int) (sid int, err error) {
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETSID<<4, uintptr(pid))
+	sid = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getuid() (uid int) {
+	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETUID<<4)
+	uid = int(r0)
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Kill(pid int, sig Signal) (err error) {
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_KILL<<4, uintptr(pid), uintptr(sig))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Lchown(path string, uid int, gid int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LCHOWN_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Link(path string, link string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(link)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LINK_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Linkat(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(oldPath)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(newPath)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LINKAT_A<<4, uintptr(oldDirFd), uintptr(unsafe.Pointer(_p0)), uintptr(newDirFd), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_LinkatAddr() *(func(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error))
+
+var Linkat = enter_Linkat
+
+func enter_Linkat(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error) {
+	funcref := get_LinkatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___LINKAT_A<<4, "") == 0 {
+		*funcref = impl_Linkat
+	} else {
+		*funcref = error_Linkat
+	}
+	return (*funcref)(oldDirFd, oldPath, newDirFd, newPath, flags)
+}
+
+func error_Linkat(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Listen(s int, n int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_LISTEN<<4, uintptr(s), uintptr(n))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func lstat(path string, stat *Stat_LE_t) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LSTAT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Mkdir(path string, mode uint32) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKDIR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Mkdirat(dirfd int, path string, mode uint32) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKDIRAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_MkdiratAddr() *(func(dirfd int, path string, mode uint32) (err error))
+
+var Mkdirat = enter_Mkdirat
+
+func enter_Mkdirat(dirfd int, path string, mode uint32) (err error) {
+	funcref := get_MkdiratAddr()
+	if funcptrtest(GetZosLibVec()+SYS___MKDIRAT_A<<4, "") == 0 {
+		*funcref = impl_Mkdirat
+	} else {
+		*funcref = error_Mkdirat
+	}
+	return (*funcref)(dirfd, path, mode)
+}
+
+func error_Mkdirat(dirfd int, path string, mode uint32) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Mkfifo(path string, mode uint32) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKFIFO_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Mknod(path string, mode uint32, dev int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKNOD_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Mknodat(dirfd int, path string, mode uint32, dev int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKNODAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_MknodatAddr() *(func(dirfd int, path string, mode uint32, dev int) (err error))
+
+var Mknodat = enter_Mknodat
+
+func enter_Mknodat(dirfd int, path string, mode uint32, dev int) (err error) {
+	funcref := get_MknodatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___MKNODAT_A<<4, "") == 0 {
+		*funcref = impl_Mknodat
+	} else {
+		*funcref = error_Mknodat
+	}
+	return (*funcref)(dirfd, path, mode, dev)
+}
+
+func error_Mknodat(dirfd int, path string, mode uint32, dev int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_PivotRoot(newroot string, oldroot string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(newroot)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(oldroot)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___PIVOT_ROOT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_PivotRootAddr() *(func(newroot string, oldroot string) (err error))
+
+var PivotRoot = enter_PivotRoot
+
+func enter_PivotRoot(newroot string, oldroot string) (err error) {
+	funcref := get_PivotRootAddr()
+	if funcptrtest(GetZosLibVec()+SYS___PIVOT_ROOT_A<<4, "") == 0 {
+		*funcref = impl_PivotRoot
+	} else {
+		*funcref = error_PivotRoot
+	}
+	return (*funcref)(newroot, oldroot)
+}
+
+func error_PivotRoot(newroot string, oldroot string) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Pread(fd int, p []byte, offset int64) (n int, err error) {
+	var _p0 unsafe.Pointer
+	if len(p) > 0 {
+		_p0 = unsafe.Pointer(&p[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PREAD<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset))
+	runtime.ExitSyscall()
+	n = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Getpriority(which int, who int) (prio int, err error) {
-	r0, _, e1 := syscall_syscall(SYS_GETPRIORITY, uintptr(which), uintptr(who), 0)
-	prio = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
+	var _p0 unsafe.Pointer
+	if len(p) > 0 {
+		_p0 = unsafe.Pointer(&p[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PWRITE<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset))
+	runtime.ExitSyscall()
+	n = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Getrlimit(resource int, rlim *Rlimit) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_GETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func impl_Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___PRCTL_A<<4, uintptr(option), uintptr(arg2), uintptr(arg3), uintptr(arg4), uintptr(arg5))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_PrctlAddr() *(func(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error))
 
-func getrusage(who int, rusage *rusage_zos) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_GETRUSAGE, uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var Prctl = enter_Prctl
+
+func enter_Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) {
+	funcref := get_PrctlAddr()
+	if funcptrtest(GetZosLibVec()+SYS___PRCTL_A<<4, "") == 0 {
+		*funcref = impl_Prctl
+	} else {
+		*funcref = error_Prctl
 	}
-	return
+	return (*funcref)(option, arg2, arg3, arg4, arg5)
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getsid(pid int) (sid int, err error) {
-	r0, _, e1 := syscall_rawsyscall(SYS_GETSID, uintptr(pid), 0, 0)
-	sid = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
+func error_Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Getuid() (uid int) {
-	r0, _, _ := syscall_rawsyscall(SYS_GETUID, 0, 0, 0)
-	uid = int(r0)
+func impl_Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) {
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PRLIMIT<<4, uintptr(pid), uintptr(resource), uintptr(unsafe.Pointer(newlimit)), uintptr(unsafe.Pointer(old)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_PrlimitAddr() *(func(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error))
 
-func Kill(pid int, sig Signal) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_KILL, uintptr(pid), uintptr(sig), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var Prlimit = enter_Prlimit
+
+func enter_Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) {
+	funcref := get_PrlimitAddr()
+	if funcptrtest(GetZosLibVec()+SYS_PRLIMIT<<4, "") == 0 {
+		*funcref = impl_Prlimit
+	} else {
+		*funcref = error_Prlimit
 	}
+	return (*funcref)(pid, resource, newlimit, old)
+}
+
+func error_Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Lchown(path string, uid int, gid int) (err error) {
+func Rename(from string, to string) (err error) {
 	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
+	_p0, err = BytePtrFromString(from)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(to)
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___LCHOWN_A, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RENAME_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Link(path string, link string) (err error) {
+func impl_Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) {
 	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
+	_p0, err = BytePtrFromString(oldpath)
 	if err != nil {
 		return
 	}
 	var _p1 *byte
-	_p1, err = BytePtrFromString(link)
+	_p1, err = BytePtrFromString(newpath)
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___LINK_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RENAMEAT_A<<4, uintptr(olddirfd), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_RenameatAddr() *(func(olddirfd int, oldpath string, newdirfd int, newpath string) (err error))
 
-func Listen(s int, n int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_LISTEN, uintptr(s), uintptr(n), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var Renameat = enter_Renameat
+
+func enter_Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) {
+	funcref := get_RenameatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___RENAMEAT_A<<4, "") == 0 {
+		*funcref = impl_Renameat
+	} else {
+		*funcref = error_Renameat
 	}
+	return (*funcref)(olddirfd, oldpath, newdirfd, newpath)
+}
+
+func error_Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func lstat(path string, stat *Stat_LE_t) (err error) {
+func impl_Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error) {
 	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
+	_p0, err = BytePtrFromString(oldpath)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(newpath)
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___LSTAT_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RENAMEAT2_A<<4, uintptr(olddirfd), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_Renameat2Addr() *(func(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error))
 
-func Mkdir(path string, mode uint32) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall(SYS___MKDIR_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var Renameat2 = enter_Renameat2
+
+func enter_Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error) {
+	funcref := get_Renameat2Addr()
+	if funcptrtest(GetZosLibVec()+SYS___RENAMEAT2_A<<4, "") == 0 {
+		*funcref = impl_Renameat2
+	} else {
+		*funcref = error_Renameat2
 	}
+	return (*funcref)(olddirfd, oldpath, newdirfd, newpath, flags)
+}
+
+func error_Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mkfifo(path string, mode uint32) (err error) {
+func Rmdir(path string) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___MKFIFO_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RMDIR_A<<4, uintptr(unsafe.Pointer(_p0)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mknod(path string, mode uint32, dev int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall(SYS___MKNOD_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
-	if e1 != 0 {
-		err = errnoErr(e1)
+func Seek(fd int, offset int64, whence int) (off int64, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_LSEEK<<4, uintptr(fd), uintptr(offset), uintptr(whence))
+	runtime.ExitSyscall()
+	off = int64(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Pread(fd int, p []byte, offset int64) (n int, err error) {
-	var _p0 unsafe.Pointer
-	if len(p) > 0 {
-		_p0 = unsafe.Pointer(&p[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
+func Setegid(egid int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETEGID<<4, uintptr(egid))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
-	r0, _, e1 := syscall_syscall6(SYS_PREAD, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Seteuid(euid int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETEUID<<4, uintptr(euid))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
+func impl_Sethostname(p []byte) (err error) {
 	var _p0 unsafe.Pointer
 	if len(p) > 0 {
 		_p0 = unsafe.Pointer(&p[0])
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	r0, _, e1 := syscall_syscall6(SYS_PWRITE, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SETHOSTNAME_A<<4, uintptr(_p0), uintptr(len(p)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_SethostnameAddr() *(func(p []byte) (err error))
 
-func Readlink(path string, buf []byte) (n int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 unsafe.Pointer
-	if len(buf) > 0 {
-		_p1 = unsafe.Pointer(&buf[0])
+var Sethostname = enter_Sethostname
+
+func enter_Sethostname(p []byte) (err error) {
+	funcref := get_SethostnameAddr()
+	if funcptrtest(GetZosLibVec()+SYS___SETHOSTNAME_A<<4, "") == 0 {
+		*funcref = impl_Sethostname
 	} else {
-		_p1 = unsafe.Pointer(&_zero)
+		*funcref = error_Sethostname
 	}
-	r0, _, e1 := syscall_syscall(SYS___READLINK_A, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
-	n = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
+	return (*funcref)(p)
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Rename(from string, to string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(from)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(to)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall(SYS___RENAME_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
+func error_Sethostname(p []byte) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Rmdir(path string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall(SYS___RMDIR_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func impl_Setns(fd int, nstype int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETNS<<4, uintptr(fd), uintptr(nstype))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+//go:nosplit
+func get_SetnsAddr() *(func(fd int, nstype int) (err error))
 
-func Seek(fd int, offset int64, whence int) (off int64, err error) {
-	r0, _, e1 := syscall_syscall(SYS_LSEEK, uintptr(fd), uintptr(offset), uintptr(whence))
-	off = int64(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+var Setns = enter_Setns
+
+func enter_Setns(fd int, nstype int) (err error) {
+	funcref := get_SetnsAddr()
+	if funcptrtest(GetZosLibVec()+SYS_SETNS<<4, "") == 0 {
+		*funcref = impl_Setns
+	} else {
+		*funcref = error_Setns
 	}
+	return (*funcref)(fd, nstype)
+}
+
+func error_Setns(fd int, nstype int) (err error) {
+	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setpriority(which int, who int, prio int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_SETPRIORITY, uintptr(which), uintptr(who), uintptr(prio))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETPRIORITY<<4, uintptr(which), uintptr(who), uintptr(prio))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -971,9 +2910,9 @@ func Setpriority(which int, who int, prio int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setpgid(pid int, pgid int) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_SETPGID, uintptr(pid), uintptr(pgid), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETPGID<<4, uintptr(pid), uintptr(pgid))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -981,9 +2920,9 @@ func Setpgid(pid int, pgid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setrlimit(resource int, lim *Rlimit) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(lim)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETRLIMIT<<4, uintptr(resource), uintptr(unsafe.Pointer(lim)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -991,9 +2930,9 @@ func Setrlimit(resource int, lim *Rlimit) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setregid(rgid int, egid int) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_SETREGID, uintptr(rgid), uintptr(egid), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETREGID<<4, uintptr(rgid), uintptr(egid))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1001,9 +2940,9 @@ func Setregid(rgid int, egid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setreuid(ruid int, euid int) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_SETREUID, uintptr(ruid), uintptr(euid), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETREUID<<4, uintptr(ruid), uintptr(euid))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1011,10 +2950,10 @@ func Setreuid(ruid int, euid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setsid() (pid int, err error) {
-	r0, _, e1 := syscall_rawsyscall(SYS_SETSID, 0, 0, 0)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec() + SYS_SETSID<<4)
 	pid = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1022,9 +2961,11 @@ func Setsid() (pid int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setuid(uid int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_SETUID, uintptr(uid), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETUID<<4, uintptr(uid))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1032,9 +2973,11 @@ func Setuid(uid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setgid(uid int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_SETGID, uintptr(uid), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETGID<<4, uintptr(uid))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1042,9 +2985,11 @@ func Setgid(uid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Shutdown(fd int, how int) (err error) {
-	_, _, e1 := syscall_syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHUTDOWN<<4, uintptr(fd), uintptr(how))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1057,9 +3002,11 @@ func stat(path string, statLE *Stat_LE_t) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___STAT_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(statLE)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___STAT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(statLE)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1077,17 +3024,63 @@ func Symlink(path string, link string) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___SYMLINK_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SYMLINK_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Symlinkat(oldPath string, dirfd int, newPath string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(oldPath)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(newPath)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SYMLINKAT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(dirfd), uintptr(unsafe.Pointer(_p1)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
+//go:nosplit
+func get_SymlinkatAddr() *(func(oldPath string, dirfd int, newPath string) (err error))
+
+var Symlinkat = enter_Symlinkat
+
+func enter_Symlinkat(oldPath string, dirfd int, newPath string) (err error) {
+	funcref := get_SymlinkatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___SYMLINKAT_A<<4, "") == 0 {
+		*funcref = impl_Symlinkat
+	} else {
+		*funcref = error_Symlinkat
+	}
+	return (*funcref)(oldPath, dirfd, newPath)
+}
+
+func error_Symlinkat(oldPath string, dirfd int, newPath string) (err error) {
+	err = ENOSYS
+	return
+}
+
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Sync() {
-	syscall_syscall(SYS_SYNC, 0, 0, 0)
+	runtime.EnterSyscall()
+	CallLeFuncWithErr(GetZosLibVec() + SYS_SYNC<<4)
+	runtime.ExitSyscall()
 	return
 }
 
@@ -1099,9 +3092,11 @@ func Truncate(path string, length int64) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___TRUNCATE_A, uintptr(unsafe.Pointer(_p0)), uintptr(length), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___TRUNCATE_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(length))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1109,9 +3104,11 @@ func Truncate(path string, length int64) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Tcgetattr(fildes int, termptr *Termios) (err error) {
-	_, _, e1 := syscall_syscall(SYS_TCGETATTR, uintptr(fildes), uintptr(unsafe.Pointer(termptr)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_TCGETATTR<<4, uintptr(fildes), uintptr(unsafe.Pointer(termptr)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1119,9 +3116,11 @@ func Tcgetattr(fildes int, termptr *Termios) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Tcsetattr(fildes int, when int, termptr *Termios) (err error) {
-	_, _, e1 := syscall_syscall(SYS_TCSETATTR, uintptr(fildes), uintptr(when), uintptr(unsafe.Pointer(termptr)))
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_TCSETATTR<<4, uintptr(fildes), uintptr(when), uintptr(unsafe.Pointer(termptr)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1129,7 +3128,9 @@ func Tcsetattr(fildes int, when int, termptr *Termios) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Umask(mask int) (oldmask int) {
-	r0, _, _ := syscall_syscall(SYS_UMASK, uintptr(mask), 0, 0)
+	runtime.EnterSyscall()
+	r0, _, _ := CallLeFuncWithErr(GetZosLibVec()+SYS_UMASK<<4, uintptr(mask))
+	runtime.ExitSyscall()
 	oldmask = int(r0)
 	return
 }
@@ -1142,10 +3143,49 @@ func Unlink(path string) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___UNLINK_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UNLINK_A<<4, uintptr(unsafe.Pointer(_p0)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_Unlinkat(dirfd int, path string, flags int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UNLINKAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_UnlinkatAddr() *(func(dirfd int, path string, flags int) (err error))
+
+var Unlinkat = enter_Unlinkat
+
+func enter_Unlinkat(dirfd int, path string, flags int) (err error) {
+	funcref := get_UnlinkatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___UNLINKAT_A<<4, "") == 0 {
+		*funcref = impl_Unlinkat
+	} else {
+		*funcref = error_Unlinkat
 	}
+	return (*funcref)(dirfd, path, flags)
+}
+
+func error_Unlinkat(dirfd int, path string, flags int) (err error) {
+	err = ENOSYS
 	return
 }
 
@@ -1157,9 +3197,11 @@ func Utime(path string, utim *Utimbuf) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___UTIME_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(utim)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UTIME_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(utim)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1172,11 +3214,91 @@ func open(path string, mode int, perm uint32) (fd int, err error) {
 	if err != nil {
 		return
 	}
-	r0, _, e1 := syscall_syscall(SYS___OPEN_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___OPEN_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___OPENAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), uintptr(mode))
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_openatAddr() *(func(dirfd int, path string, flags int, mode uint32) (fd int, err error))
+
+var openat = enter_openat
+
+func enter_openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) {
+	funcref := get_openatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___OPENAT_A<<4, "") == 0 {
+		*funcref = impl_openat
+	} else {
+		*funcref = error_openat
+	}
+	return (*funcref)(dirfd, path, flags, mode)
+}
+
+func error_openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) {
+	fd = -1
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func impl_openat2(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___OPENAT2_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(open_how)), uintptr(size))
+	runtime.ExitSyscall()
 	fd = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_openat2Addr() *(func(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error))
+
+var openat2 = enter_openat2
+
+func enter_openat2(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error) {
+	funcref := get_openat2Addr()
+	if funcptrtest(GetZosLibVec()+SYS___OPENAT2_A<<4, "") == 0 {
+		*funcref = impl_openat2
+	} else {
+		*funcref = error_openat2
 	}
+	return (*funcref)(dirfd, path, open_how, size)
+}
+
+func error_openat2(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error) {
+	fd = -1
+	err = ENOSYS
 	return
 }
 
@@ -1188,9 +3310,23 @@ func remove(path string) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS_REMOVE, uintptr(unsafe.Pointer(_p0)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_REMOVE<<4, uintptr(unsafe.Pointer(_p0)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func waitid(idType int, id int, info *Siginfo, options int) (err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_WAITID<<4, uintptr(idType), uintptr(id), uintptr(unsafe.Pointer(info)), uintptr(options))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1198,10 +3334,12 @@ func remove(path string) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func waitpid(pid int, wstatus *_C_int, options int) (wpid int, err error) {
-	r0, _, e1 := syscall_syscall(SYS_WAITPID, uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options))
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_WAITPID<<4, uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options))
+	runtime.ExitSyscall()
 	wpid = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1209,9 +3347,9 @@ func waitpid(pid int, wstatus *_C_int, options int) (wpid int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func gettimeofday(tv *timeval_zos) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_GETTIMEOFDAY, uintptr(unsafe.Pointer(tv)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETTIMEOFDAY<<4, uintptr(unsafe.Pointer(tv)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1219,9 +3357,9 @@ func gettimeofday(tv *timeval_zos) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func pipe(p *[2]_C_int) (err error) {
-	_, _, e1 := syscall_rawsyscall(SYS_PIPE, uintptr(unsafe.Pointer(p)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PIPE<<4, uintptr(unsafe.Pointer(p)))
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
@@ -1234,20 +3372,87 @@ func utimes(path string, timeval *[2]Timeval) (err error) {
 	if err != nil {
 		return
 	}
-	_, _, e1 := syscall_syscall(SYS___UTIMES_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UTIMES_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Select(nmsgsfds int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (ret int, err error) {
-	r0, _, e1 := syscall_syscall6(SYS_SELECT, uintptr(nmsgsfds), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
-	ret = int(r0)
-	if e1 != 0 {
-		err = errnoErr(e1)
+func impl_utimensat(dirfd int, path string, ts *[2]Timespec, flags int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UTIMENSAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(ts)), uintptr(flags))
+	runtime.ExitSyscall()
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+//go:nosplit
+func get_utimensatAddr() *(func(dirfd int, path string, ts *[2]Timespec, flags int) (err error))
+
+var utimensat = enter_utimensat
+
+func enter_utimensat(dirfd int, path string, ts *[2]Timespec, flags int) (err error) {
+	funcref := get_utimensatAddr()
+	if funcptrtest(GetZosLibVec()+SYS___UTIMENSAT_A<<4, "") == 0 {
+		*funcref = impl_utimensat
+	} else {
+		*funcref = error_utimensat
+	}
+	return (*funcref)(dirfd, path, ts, flags)
+}
+
+func error_utimensat(dirfd int, path string, ts *[2]Timespec, flags int) (err error) {
+	err = ENOSYS
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Posix_openpt(oflag int) (fd int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_POSIX_OPENPT<<4, uintptr(oflag))
+	runtime.ExitSyscall()
+	fd = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Grantpt(fildes int) (rc int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GRANTPT<<4, uintptr(fildes))
+	runtime.ExitSyscall()
+	rc = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Unlockpt(fildes int) (rc int, err error) {
+	runtime.EnterSyscall()
+	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_UNLOCKPT<<4, uintptr(fildes))
+	runtime.ExitSyscall()
+	rc = int(r0)
+	if int64(r0) == -1 {
+		err = errnoErr2(e1, e2)
 	}
 	return
 }
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
index 0cc3ce496..524b0820c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
@@ -452,4 +452,10 @@ const (
 	SYS_FUTEX_WAKE                   = 454
 	SYS_FUTEX_WAIT                   = 455
 	SYS_FUTEX_REQUEUE                = 456
+	SYS_STATMOUNT                    = 457
+	SYS_LISTMOUNT                    = 458
+	SYS_LSM_GET_SELF_ATTR            = 459
+	SYS_LSM_SET_SELF_ATTR            = 460
+	SYS_LSM_LIST_MODULES             = 461
+	SYS_MSEAL                        = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
index 856d92d69..f485dbf45 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
@@ -341,6 +341,7 @@ const (
 	SYS_STATX                   = 332
 	SYS_IO_PGETEVENTS           = 333
 	SYS_RSEQ                    = 334
+	SYS_URETPROBE               = 335
 	SYS_PIDFD_SEND_SIGNAL       = 424
 	SYS_IO_URING_SETUP          = 425
 	SYS_IO_URING_ENTER          = 426
@@ -374,4 +375,10 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
+	SYS_STATMOUNT               = 457
+	SYS_LISTMOUNT               = 458
+	SYS_LSM_GET_SELF_ATTR       = 459
+	SYS_LSM_SET_SELF_ATTR       = 460
+	SYS_LSM_LIST_MODULES        = 461
+	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
index 8d467094c..70b35bf3b 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
@@ -416,4 +416,10 @@ const (
 	SYS_FUTEX_WAKE                   = 454
 	SYS_FUTEX_WAIT                   = 455
 	SYS_FUTEX_REQUEUE                = 456
+	SYS_STATMOUNT                    = 457
+	SYS_LISTMOUNT                    = 458
+	SYS_LSM_GET_SELF_ATTR            = 459
+	SYS_LSM_SET_SELF_ATTR            = 460
+	SYS_LSM_LIST_MODULES             = 461
+	SYS_MSEAL                        = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
index edc173244..1893e2fe8 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
@@ -85,7 +85,7 @@ const (
 	SYS_SPLICE                  = 76
 	SYS_TEE                     = 77
 	SYS_READLINKAT              = 78
-	SYS_FSTATAT                 = 79
+	SYS_NEWFSTATAT              = 79
 	SYS_FSTAT                   = 80
 	SYS_SYNC                    = 81
 	SYS_FSYNC                   = 82
@@ -319,4 +319,10 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
+	SYS_STATMOUNT               = 457
+	SYS_LISTMOUNT               = 458
+	SYS_LSM_GET_SELF_ATTR       = 459
+	SYS_LSM_SET_SELF_ATTR       = 460
+	SYS_LSM_LIST_MODULES        = 461
+	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
index 445eba206..16a4017da 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
@@ -84,6 +84,8 @@ const (
 	SYS_SPLICE                  = 76
 	SYS_TEE                     = 77
 	SYS_READLINKAT              = 78
+	SYS_NEWFSTATAT              = 79
+	SYS_FSTAT                   = 80
 	SYS_SYNC                    = 81
 	SYS_FSYNC                   = 82
 	SYS_FDATASYNC               = 83
@@ -313,4 +315,10 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
+	SYS_STATMOUNT               = 457
+	SYS_LISTMOUNT               = 458
+	SYS_LSM_GET_SELF_ATTR       = 459
+	SYS_LSM_SET_SELF_ATTR       = 460
+	SYS_LSM_LIST_MODULES        = 461
+	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
index adba01bca..7e567f1ef 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
@@ -436,4 +436,10 @@ const (
 	SYS_FUTEX_WAKE                   = 4454
 	SYS_FUTEX_WAIT                   = 4455
 	SYS_FUTEX_REQUEUE                = 4456
+	SYS_STATMOUNT                    = 4457
+	SYS_LISTMOUNT                    = 4458
+	SYS_LSM_GET_SELF_ATTR            = 4459
+	SYS_LSM_SET_SELF_ATTR            = 4460
+	SYS_LSM_LIST_MODULES             = 4461
+	SYS_MSEAL                        = 4462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
index 014c4e9c7..38ae55e5e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
@@ -366,4 +366,10 @@ const (
 	SYS_FUTEX_WAKE              = 5454
 	SYS_FUTEX_WAIT              = 5455
 	SYS_FUTEX_REQUEUE           = 5456
+	SYS_STATMOUNT               = 5457
+	SYS_LISTMOUNT               = 5458
+	SYS_LSM_GET_SELF_ATTR       = 5459
+	SYS_LSM_SET_SELF_ATTR       = 5460
+	SYS_LSM_LIST_MODULES        = 5461
+	SYS_MSEAL                   = 5462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
index ccc97d74d..55e92e60a 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
@@ -366,4 +366,10 @@ const (
 	SYS_FUTEX_WAKE              = 5454
 	SYS_FUTEX_WAIT              = 5455
 	SYS_FUTEX_REQUEUE           = 5456
+	SYS_STATMOUNT               = 5457
+	SYS_LISTMOUNT               = 5458
+	SYS_LSM_GET_SELF_ATTR       = 5459
+	SYS_LSM_SET_SELF_ATTR       = 5460
+	SYS_LSM_LIST_MODULES        = 5461
+	SYS_MSEAL                   = 5462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
index ec2b64a95..60658d6a0 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
@@ -436,4 +436,10 @@ const (
 	SYS_FUTEX_WAKE                   = 4454
 	SYS_FUTEX_WAIT                   = 4455
 	SYS_FUTEX_REQUEUE                = 4456
+	SYS_STATMOUNT                    = 4457
+	SYS_LISTMOUNT                    = 4458
+	SYS_LSM_GET_SELF_ATTR            = 4459
+	SYS_LSM_SET_SELF_ATTR            = 4460
+	SYS_LSM_LIST_MODULES             = 4461
+	SYS_MSEAL                        = 4462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
index 21a839e33..e203e8a7e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
@@ -443,4 +443,10 @@ const (
 	SYS_FUTEX_WAKE                   = 454
 	SYS_FUTEX_WAIT                   = 455
 	SYS_FUTEX_REQUEUE                = 456
+	SYS_STATMOUNT                    = 457
+	SYS_LISTMOUNT                    = 458
+	SYS_LSM_GET_SELF_ATTR            = 459
+	SYS_LSM_SET_SELF_ATTR            = 460
+	SYS_LSM_LIST_MODULES             = 461
+	SYS_MSEAL                        = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
index c11121ec3..5944b97d5 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
@@ -415,4 +415,10 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
+	SYS_STATMOUNT               = 457
+	SYS_LISTMOUNT               = 458
+	SYS_LSM_GET_SELF_ATTR       = 459
+	SYS_LSM_SET_SELF_ATTR       = 460
+	SYS_LSM_LIST_MODULES        = 461
+	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
index 909b631fc..c66d416da 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
@@ -415,4 +415,10 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
+	SYS_STATMOUNT               = 457
+	SYS_LISTMOUNT               = 458
+	SYS_LSM_GET_SELF_ATTR       = 459
+	SYS_LSM_SET_SELF_ATTR       = 460
+	SYS_LSM_LIST_MODULES        = 461
+	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index e49bed16e..a5459e766 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -84,7 +84,7 @@ const (
 	SYS_SPLICE                  = 76
 	SYS_TEE                     = 77
 	SYS_READLINKAT              = 78
-	SYS_FSTATAT                 = 79
+	SYS_NEWFSTATAT              = 79
 	SYS_FSTAT                   = 80
 	SYS_SYNC                    = 81
 	SYS_FSYNC                   = 82
@@ -320,4 +320,10 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
+	SYS_STATMOUNT               = 457
+	SYS_LISTMOUNT               = 458
+	SYS_LSM_GET_SELF_ATTR       = 459
+	SYS_LSM_SET_SELF_ATTR       = 460
+	SYS_LSM_LIST_MODULES        = 461
+	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index 66017d2d3..01d86825b 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -381,4 +381,10 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
+	SYS_STATMOUNT               = 457
+	SYS_LISTMOUNT               = 458
+	SYS_LSM_GET_SELF_ATTR       = 459
+	SYS_LSM_SET_SELF_ATTR       = 460
+	SYS_LSM_LIST_MODULES        = 461
+	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
index 47bab18dc..7b703e77c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
@@ -394,4 +394,10 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
+	SYS_STATMOUNT               = 457
+	SYS_LISTMOUNT               = 458
+	SYS_LSM_GET_SELF_ATTR       = 459
+	SYS_LSM_SET_SELF_ATTR       = 460
+	SYS_LSM_LIST_MODULES        = 461
+	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
index b2e308581..5e8c263ca 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
@@ -1,2669 +1,2852 @@
-// Copyright 2020 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
+// go run mksyscall_zos_s390x.go -o_sysnum zsysnum_zos_s390x.go -o_syscall zsyscall_zos_s390x.go -i_syscall syscall_zos_s390x.go -o_asm zsymaddr_zos_s390x.s
+// Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build zos && s390x
 
 package unix
 
-// TODO: auto-generate.
-
 const (
-	SYS_ACOSD128                        = 0xB80
-	SYS_ACOSD32                         = 0xB7E
-	SYS_ACOSD64                         = 0xB7F
-	SYS_ACOSHD128                       = 0xB83
-	SYS_ACOSHD32                        = 0xB81
-	SYS_ACOSHD64                        = 0xB82
-	SYS_AIO_FSYNC                       = 0xC69
-	SYS_ASCTIME                         = 0x0AE
-	SYS_ASCTIME64                       = 0xCD7
-	SYS_ASCTIME64_R                     = 0xCD8
-	SYS_ASIND128                        = 0xB86
-	SYS_ASIND32                         = 0xB84
-	SYS_ASIND64                         = 0xB85
-	SYS_ASINHD128                       = 0xB89
-	SYS_ASINHD32                        = 0xB87
-	SYS_ASINHD64                        = 0xB88
-	SYS_ATAN2D128                       = 0xB8F
-	SYS_ATAN2D32                        = 0xB8D
-	SYS_ATAN2D64                        = 0xB8E
-	SYS_ATAND128                        = 0xB8C
-	SYS_ATAND32                         = 0xB8A
-	SYS_ATAND64                         = 0xB8B
-	SYS_ATANHD128                       = 0xB92
-	SYS_ATANHD32                        = 0xB90
-	SYS_ATANHD64                        = 0xB91
-	SYS_BIND2ADDRSEL                    = 0xD59
-	SYS_C16RTOMB                        = 0xD40
-	SYS_C32RTOMB                        = 0xD41
-	SYS_CBRTD128                        = 0xB95
-	SYS_CBRTD32                         = 0xB93
-	SYS_CBRTD64                         = 0xB94
-	SYS_CEILD128                        = 0xB98
-	SYS_CEILD32                         = 0xB96
-	SYS_CEILD64                         = 0xB97
-	SYS_CLEARENV                        = 0x0C9
-	SYS_CLEARERR_UNLOCKED               = 0xCA1
-	SYS_CLOCK                           = 0x0AA
-	SYS_CLOGL                           = 0xA00
-	SYS_CLRMEMF                         = 0x0BD
-	SYS_CONJ                            = 0xA03
-	SYS_CONJF                           = 0xA06
-	SYS_CONJL                           = 0xA09
-	SYS_COPYSIGND128                    = 0xB9E
-	SYS_COPYSIGND32                     = 0xB9C
-	SYS_COPYSIGND64                     = 0xB9D
-	SYS_COSD128                         = 0xBA1
-	SYS_COSD32                          = 0xB9F
-	SYS_COSD64                          = 0xBA0
-	SYS_COSHD128                        = 0xBA4
-	SYS_COSHD32                         = 0xBA2
-	SYS_COSHD64                         = 0xBA3
-	SYS_CPOW                            = 0xA0C
-	SYS_CPOWF                           = 0xA0F
-	SYS_CPOWL                           = 0xA12
-	SYS_CPROJ                           = 0xA15
-	SYS_CPROJF                          = 0xA18
-	SYS_CPROJL                          = 0xA1B
-	SYS_CREAL                           = 0xA1E
-	SYS_CREALF                          = 0xA21
-	SYS_CREALL                          = 0xA24
-	SYS_CSIN                            = 0xA27
-	SYS_CSINF                           = 0xA2A
-	SYS_CSINH                           = 0xA30
-	SYS_CSINHF                          = 0xA33
-	SYS_CSINHL                          = 0xA36
-	SYS_CSINL                           = 0xA2D
-	SYS_CSNAP                           = 0x0C5
-	SYS_CSQRT                           = 0xA39
-	SYS_CSQRTF                          = 0xA3C
-	SYS_CSQRTL                          = 0xA3F
-	SYS_CTAN                            = 0xA42
-	SYS_CTANF                           = 0xA45
-	SYS_CTANH                           = 0xA4B
-	SYS_CTANHF                          = 0xA4E
-	SYS_CTANHL                          = 0xA51
-	SYS_CTANL                           = 0xA48
-	SYS_CTIME                           = 0x0AB
-	SYS_CTIME64                         = 0xCD9
-	SYS_CTIME64_R                       = 0xCDA
-	SYS_CTRACE                          = 0x0C6
-	SYS_DIFFTIME                        = 0x0A7
-	SYS_DIFFTIME64                      = 0xCDB
-	SYS_DLADDR                          = 0xC82
-	SYS_DYNALLOC                        = 0x0C3
-	SYS_DYNFREE                         = 0x0C2
-	SYS_ERFCD128                        = 0xBAA
-	SYS_ERFCD32                         = 0xBA8
-	SYS_ERFCD64                         = 0xBA9
-	SYS_ERFD128                         = 0xBA7
-	SYS_ERFD32                          = 0xBA5
-	SYS_ERFD64                          = 0xBA6
-	SYS_EXP2D128                        = 0xBB0
-	SYS_EXP2D32                         = 0xBAE
-	SYS_EXP2D64                         = 0xBAF
-	SYS_EXPD128                         = 0xBAD
-	SYS_EXPD32                          = 0xBAB
-	SYS_EXPD64                          = 0xBAC
-	SYS_EXPM1D128                       = 0xBB3
-	SYS_EXPM1D32                        = 0xBB1
-	SYS_EXPM1D64                        = 0xBB2
-	SYS_FABSD128                        = 0xBB6
-	SYS_FABSD32                         = 0xBB4
-	SYS_FABSD64                         = 0xBB5
-	SYS_FDELREC_UNLOCKED                = 0xCA2
-	SYS_FDIMD128                        = 0xBB9
-	SYS_FDIMD32                         = 0xBB7
-	SYS_FDIMD64                         = 0xBB8
-	SYS_FDOPEN_UNLOCKED                 = 0xCFC
-	SYS_FECLEAREXCEPT                   = 0xAEA
-	SYS_FEGETENV                        = 0xAEB
-	SYS_FEGETEXCEPTFLAG                 = 0xAEC
-	SYS_FEGETROUND                      = 0xAED
-	SYS_FEHOLDEXCEPT                    = 0xAEE
-	SYS_FEOF_UNLOCKED                   = 0xCA3
-	SYS_FERAISEEXCEPT                   = 0xAEF
-	SYS_FERROR_UNLOCKED                 = 0xCA4
-	SYS_FESETENV                        = 0xAF0
-	SYS_FESETEXCEPTFLAG                 = 0xAF1
-	SYS_FESETROUND                      = 0xAF2
-	SYS_FETCHEP                         = 0x0BF
-	SYS_FETESTEXCEPT                    = 0xAF3
-	SYS_FEUPDATEENV                     = 0xAF4
-	SYS_FE_DEC_GETROUND                 = 0xBBA
-	SYS_FE_DEC_SETROUND                 = 0xBBB
-	SYS_FFLUSH_UNLOCKED                 = 0xCA5
-	SYS_FGETC_UNLOCKED                  = 0xC80
-	SYS_FGETPOS64                       = 0xCEE
-	SYS_FGETPOS64_UNLOCKED              = 0xCF4
-	SYS_FGETPOS_UNLOCKED                = 0xCA6
-	SYS_FGETS_UNLOCKED                  = 0xC7C
-	SYS_FGETWC_UNLOCKED                 = 0xCA7
-	SYS_FGETWS_UNLOCKED                 = 0xCA8
-	SYS_FILENO_UNLOCKED                 = 0xCA9
-	SYS_FLDATA                          = 0x0C1
-	SYS_FLDATA_UNLOCKED                 = 0xCAA
-	SYS_FLOCATE_UNLOCKED                = 0xCAB
-	SYS_FLOORD128                       = 0xBBE
-	SYS_FLOORD32                        = 0xBBC
-	SYS_FLOORD64                        = 0xBBD
-	SYS_FMA                             = 0xA63
-	SYS_FMAD128                         = 0xBC1
-	SYS_FMAD32                          = 0xBBF
-	SYS_FMAD64                          = 0xBC0
-	SYS_FMAF                            = 0xA66
-	SYS_FMAL                            = 0xA69
-	SYS_FMAX                            = 0xA6C
-	SYS_FMAXD128                        = 0xBC4
-	SYS_FMAXD32                         = 0xBC2
-	SYS_FMAXD64                         = 0xBC3
-	SYS_FMAXF                           = 0xA6F
-	SYS_FMAXL                           = 0xA72
-	SYS_FMIN                            = 0xA75
-	SYS_FMIND128                        = 0xBC7
-	SYS_FMIND32                         = 0xBC5
-	SYS_FMIND64                         = 0xBC6
-	SYS_FMINF                           = 0xA78
-	SYS_FMINL                           = 0xA7B
-	SYS_FMODD128                        = 0xBCA
-	SYS_FMODD32                         = 0xBC8
-	SYS_FMODD64                         = 0xBC9
-	SYS_FOPEN64                         = 0xD49
-	SYS_FOPEN64_UNLOCKED                = 0xD4A
-	SYS_FOPEN_UNLOCKED                  = 0xCFA
-	SYS_FPRINTF_UNLOCKED                = 0xCAC
-	SYS_FPUTC_UNLOCKED                  = 0xC81
-	SYS_FPUTS_UNLOCKED                  = 0xC7E
-	SYS_FPUTWC_UNLOCKED                 = 0xCAD
-	SYS_FPUTWS_UNLOCKED                 = 0xCAE
-	SYS_FREAD_NOUPDATE                  = 0xCEC
-	SYS_FREAD_NOUPDATE_UNLOCKED         = 0xCED
-	SYS_FREAD_UNLOCKED                  = 0xC7B
-	SYS_FREEIFADDRS                     = 0xCE6
-	SYS_FREOPEN64                       = 0xD4B
-	SYS_FREOPEN64_UNLOCKED              = 0xD4C
-	SYS_FREOPEN_UNLOCKED                = 0xCFB
-	SYS_FREXPD128                       = 0xBCE
-	SYS_FREXPD32                        = 0xBCC
-	SYS_FREXPD64                        = 0xBCD
-	SYS_FSCANF_UNLOCKED                 = 0xCAF
-	SYS_FSEEK64                         = 0xCEF
-	SYS_FSEEK64_UNLOCKED                = 0xCF5
-	SYS_FSEEKO64                        = 0xCF0
-	SYS_FSEEKO64_UNLOCKED               = 0xCF6
-	SYS_FSEEKO_UNLOCKED                 = 0xCB1
-	SYS_FSEEK_UNLOCKED                  = 0xCB0
-	SYS_FSETPOS64                       = 0xCF1
-	SYS_FSETPOS64_UNLOCKED              = 0xCF7
-	SYS_FSETPOS_UNLOCKED                = 0xCB3
-	SYS_FTELL64                         = 0xCF2
-	SYS_FTELL64_UNLOCKED                = 0xCF8
-	SYS_FTELLO64                        = 0xCF3
-	SYS_FTELLO64_UNLOCKED               = 0xCF9
-	SYS_FTELLO_UNLOCKED                 = 0xCB5
-	SYS_FTELL_UNLOCKED                  = 0xCB4
-	SYS_FUPDATE                         = 0x0B5
-	SYS_FUPDATE_UNLOCKED                = 0xCB7
-	SYS_FWIDE_UNLOCKED                  = 0xCB8
-	SYS_FWPRINTF_UNLOCKED               = 0xCB9
-	SYS_FWRITE_UNLOCKED                 = 0xC7A
-	SYS_FWSCANF_UNLOCKED                = 0xCBA
-	SYS_GETDATE64                       = 0xD4F
-	SYS_GETIFADDRS                      = 0xCE7
-	SYS_GETIPV4SOURCEFILTER             = 0xC77
-	SYS_GETSOURCEFILTER                 = 0xC79
-	SYS_GETSYNTX                        = 0x0FD
-	SYS_GETS_UNLOCKED                   = 0xC7D
-	SYS_GETTIMEOFDAY64                  = 0xD50
-	SYS_GETWCHAR_UNLOCKED               = 0xCBC
-	SYS_GETWC_UNLOCKED                  = 0xCBB
-	SYS_GMTIME                          = 0x0B0
-	SYS_GMTIME64                        = 0xCDC
-	SYS_GMTIME64_R                      = 0xCDD
-	SYS_HYPOTD128                       = 0xBD1
-	SYS_HYPOTD32                        = 0xBCF
-	SYS_HYPOTD64                        = 0xBD0
-	SYS_ILOGBD128                       = 0xBD4
-	SYS_ILOGBD32                        = 0xBD2
-	SYS_ILOGBD64                        = 0xBD3
-	SYS_ILOGBF                          = 0xA7E
-	SYS_ILOGBL                          = 0xA81
-	SYS_INET6_IS_SRCADDR                = 0xD5A
-	SYS_ISBLANK                         = 0x0FE
-	SYS_ISWALNUM                        = 0x0FF
-	SYS_LDEXPD128                       = 0xBD7
-	SYS_LDEXPD32                        = 0xBD5
-	SYS_LDEXPD64                        = 0xBD6
-	SYS_LGAMMAD128                      = 0xBDA
-	SYS_LGAMMAD32                       = 0xBD8
-	SYS_LGAMMAD64                       = 0xBD9
-	SYS_LIO_LISTIO                      = 0xC6A
-	SYS_LLRINT                          = 0xA84
-	SYS_LLRINTD128                      = 0xBDD
-	SYS_LLRINTD32                       = 0xBDB
-	SYS_LLRINTD64                       = 0xBDC
-	SYS_LLRINTF                         = 0xA87
-	SYS_LLRINTL                         = 0xA8A
-	SYS_LLROUND                         = 0xA8D
-	SYS_LLROUNDD128                     = 0xBE0
-	SYS_LLROUNDD32                      = 0xBDE
-	SYS_LLROUNDD64                      = 0xBDF
-	SYS_LLROUNDF                        = 0xA90
-	SYS_LLROUNDL                        = 0xA93
-	SYS_LOCALTIM                        = 0x0B1
-	SYS_LOCALTIME                       = 0x0B1
-	SYS_LOCALTIME64                     = 0xCDE
-	SYS_LOCALTIME64_R                   = 0xCDF
-	SYS_LOG10D128                       = 0xBE6
-	SYS_LOG10D32                        = 0xBE4
-	SYS_LOG10D64                        = 0xBE5
-	SYS_LOG1PD128                       = 0xBE9
-	SYS_LOG1PD32                        = 0xBE7
-	SYS_LOG1PD64                        = 0xBE8
-	SYS_LOG2D128                        = 0xBEC
-	SYS_LOG2D32                         = 0xBEA
-	SYS_LOG2D64                         = 0xBEB
-	SYS_LOGBD128                        = 0xBEF
-	SYS_LOGBD32                         = 0xBED
-	SYS_LOGBD64                         = 0xBEE
-	SYS_LOGBF                           = 0xA96
-	SYS_LOGBL                           = 0xA99
-	SYS_LOGD128                         = 0xBE3
-	SYS_LOGD32                          = 0xBE1
-	SYS_LOGD64                          = 0xBE2
-	SYS_LRINT                           = 0xA9C
-	SYS_LRINTD128                       = 0xBF2
-	SYS_LRINTD32                        = 0xBF0
-	SYS_LRINTD64                        = 0xBF1
-	SYS_LRINTF                          = 0xA9F
-	SYS_LRINTL                          = 0xAA2
-	SYS_LROUNDD128                      = 0xBF5
-	SYS_LROUNDD32                       = 0xBF3
-	SYS_LROUNDD64                       = 0xBF4
-	SYS_LROUNDL                         = 0xAA5
-	SYS_MBLEN                           = 0x0AF
-	SYS_MBRTOC16                        = 0xD42
-	SYS_MBRTOC32                        = 0xD43
-	SYS_MEMSET                          = 0x0A3
-	SYS_MKTIME                          = 0x0AC
-	SYS_MKTIME64                        = 0xCE0
-	SYS_MODFD128                        = 0xBF8
-	SYS_MODFD32                         = 0xBF6
-	SYS_MODFD64                         = 0xBF7
-	SYS_NAN                             = 0xAA8
-	SYS_NAND128                         = 0xBFB
-	SYS_NAND32                          = 0xBF9
-	SYS_NAND64                          = 0xBFA
-	SYS_NANF                            = 0xAAA
-	SYS_NANL                            = 0xAAC
-	SYS_NEARBYINT                       = 0xAAE
-	SYS_NEARBYINTD128                   = 0xBFE
-	SYS_NEARBYINTD32                    = 0xBFC
-	SYS_NEARBYINTD64                    = 0xBFD
-	SYS_NEARBYINTF                      = 0xAB1
-	SYS_NEARBYINTL                      = 0xAB4
-	SYS_NEXTAFTERD128                   = 0xC01
-	SYS_NEXTAFTERD32                    = 0xBFF
-	SYS_NEXTAFTERD64                    = 0xC00
-	SYS_NEXTAFTERF                      = 0xAB7
-	SYS_NEXTAFTERL                      = 0xABA
-	SYS_NEXTTOWARD                      = 0xABD
-	SYS_NEXTTOWARDD128                  = 0xC04
-	SYS_NEXTTOWARDD32                   = 0xC02
-	SYS_NEXTTOWARDD64                   = 0xC03
-	SYS_NEXTTOWARDF                     = 0xAC0
-	SYS_NEXTTOWARDL                     = 0xAC3
-	SYS_NL_LANGINFO                     = 0x0FC
-	SYS_PERROR_UNLOCKED                 = 0xCBD
-	SYS_POSIX_FALLOCATE                 = 0xCE8
-	SYS_POSIX_MEMALIGN                  = 0xCE9
-	SYS_POSIX_OPENPT                    = 0xC66
-	SYS_POWD128                         = 0xC07
-	SYS_POWD32                          = 0xC05
-	SYS_POWD64                          = 0xC06
-	SYS_PRINTF_UNLOCKED                 = 0xCBE
-	SYS_PSELECT                         = 0xC67
-	SYS_PTHREAD_ATTR_GETSTACK           = 0xB3E
-	SYS_PTHREAD_ATTR_SETSTACK           = 0xB3F
-	SYS_PTHREAD_SECURITY_APPLID_NP      = 0xCE4
-	SYS_PUTS_UNLOCKED                   = 0xC7F
-	SYS_PUTWCHAR_UNLOCKED               = 0xCC0
-	SYS_PUTWC_UNLOCKED                  = 0xCBF
-	SYS_QUANTEXPD128                    = 0xD46
-	SYS_QUANTEXPD32                     = 0xD44
-	SYS_QUANTEXPD64                     = 0xD45
-	SYS_QUANTIZED128                    = 0xC0A
-	SYS_QUANTIZED32                     = 0xC08
-	SYS_QUANTIZED64                     = 0xC09
-	SYS_REMAINDERD128                   = 0xC0D
-	SYS_REMAINDERD32                    = 0xC0B
-	SYS_REMAINDERD64                    = 0xC0C
-	SYS_RESIZE_ALLOC                    = 0xCEB
-	SYS_REWIND_UNLOCKED                 = 0xCC1
-	SYS_RINTD128                        = 0xC13
-	SYS_RINTD32                         = 0xC11
-	SYS_RINTD64                         = 0xC12
-	SYS_RINTF                           = 0xACB
-	SYS_RINTL                           = 0xACD
-	SYS_ROUND                           = 0xACF
-	SYS_ROUNDD128                       = 0xC16
-	SYS_ROUNDD32                        = 0xC14
-	SYS_ROUNDD64                        = 0xC15
-	SYS_ROUNDF                          = 0xAD2
-	SYS_ROUNDL                          = 0xAD5
-	SYS_SAMEQUANTUMD128                 = 0xC19
-	SYS_SAMEQUANTUMD32                  = 0xC17
-	SYS_SAMEQUANTUMD64                  = 0xC18
-	SYS_SCALBLN                         = 0xAD8
-	SYS_SCALBLND128                     = 0xC1C
-	SYS_SCALBLND32                      = 0xC1A
-	SYS_SCALBLND64                      = 0xC1B
-	SYS_SCALBLNF                        = 0xADB
-	SYS_SCALBLNL                        = 0xADE
-	SYS_SCALBND128                      = 0xC1F
-	SYS_SCALBND32                       = 0xC1D
-	SYS_SCALBND64                       = 0xC1E
-	SYS_SCALBNF                         = 0xAE3
-	SYS_SCALBNL                         = 0xAE6
-	SYS_SCANF_UNLOCKED                  = 0xCC2
-	SYS_SCHED_YIELD                     = 0xB32
-	SYS_SETENV                          = 0x0C8
-	SYS_SETIPV4SOURCEFILTER             = 0xC76
-	SYS_SETSOURCEFILTER                 = 0xC78
-	SYS_SHM_OPEN                        = 0xC8C
-	SYS_SHM_UNLINK                      = 0xC8D
-	SYS_SIND128                         = 0xC22
-	SYS_SIND32                          = 0xC20
-	SYS_SIND64                          = 0xC21
-	SYS_SINHD128                        = 0xC25
-	SYS_SINHD32                         = 0xC23
-	SYS_SINHD64                         = 0xC24
-	SYS_SIZEOF_ALLOC                    = 0xCEA
-	SYS_SOCKATMARK                      = 0xC68
-	SYS_SQRTD128                        = 0xC28
-	SYS_SQRTD32                         = 0xC26
-	SYS_SQRTD64                         = 0xC27
-	SYS_STRCHR                          = 0x0A0
-	SYS_STRCSPN                         = 0x0A1
-	SYS_STRERROR                        = 0x0A8
-	SYS_STRERROR_R                      = 0xB33
-	SYS_STRFTIME                        = 0x0B2
-	SYS_STRLEN                          = 0x0A9
-	SYS_STRPBRK                         = 0x0A2
-	SYS_STRSPN                          = 0x0A4
-	SYS_STRSTR                          = 0x0A5
-	SYS_STRTOD128                       = 0xC2B
-	SYS_STRTOD32                        = 0xC29
-	SYS_STRTOD64                        = 0xC2A
-	SYS_STRTOK                          = 0x0A6
-	SYS_TAND128                         = 0xC2E
-	SYS_TAND32                          = 0xC2C
-	SYS_TAND64                          = 0xC2D
-	SYS_TANHD128                        = 0xC31
-	SYS_TANHD32                         = 0xC2F
-	SYS_TANHD64                         = 0xC30
-	SYS_TGAMMAD128                      = 0xC34
-	SYS_TGAMMAD32                       = 0xC32
-	SYS_TGAMMAD64                       = 0xC33
-	SYS_TIME                            = 0x0AD
-	SYS_TIME64                          = 0xCE1
-	SYS_TMPFILE64                       = 0xD4D
-	SYS_TMPFILE64_UNLOCKED              = 0xD4E
-	SYS_TMPFILE_UNLOCKED                = 0xCFD
-	SYS_TRUNCD128                       = 0xC40
-	SYS_TRUNCD32                        = 0xC3E
-	SYS_TRUNCD64                        = 0xC3F
-	SYS_UNGETC_UNLOCKED                 = 0xCC3
-	SYS_UNGETWC_UNLOCKED                = 0xCC4
-	SYS_UNSETENV                        = 0xB34
-	SYS_VFPRINTF_UNLOCKED               = 0xCC5
-	SYS_VFSCANF_UNLOCKED                = 0xCC7
-	SYS_VFWPRINTF_UNLOCKED              = 0xCC9
-	SYS_VFWSCANF_UNLOCKED               = 0xCCB
-	SYS_VPRINTF_UNLOCKED                = 0xCCD
-	SYS_VSCANF_UNLOCKED                 = 0xCCF
-	SYS_VWPRINTF_UNLOCKED               = 0xCD1
-	SYS_VWSCANF_UNLOCKED                = 0xCD3
-	SYS_WCSTOD128                       = 0xC43
-	SYS_WCSTOD32                        = 0xC41
-	SYS_WCSTOD64                        = 0xC42
-	SYS_WPRINTF_UNLOCKED                = 0xCD5
-	SYS_WSCANF_UNLOCKED                 = 0xCD6
-	SYS__FLUSHLBF                       = 0xD68
-	SYS__FLUSHLBF_UNLOCKED              = 0xD6F
-	SYS___ACOSHF_H                      = 0xA54
-	SYS___ACOSHL_H                      = 0xA55
-	SYS___ASINHF_H                      = 0xA56
-	SYS___ASINHL_H                      = 0xA57
-	SYS___ATANPID128                    = 0xC6D
-	SYS___ATANPID32                     = 0xC6B
-	SYS___ATANPID64                     = 0xC6C
-	SYS___CBRTF_H                       = 0xA58
-	SYS___CBRTL_H                       = 0xA59
-	SYS___CDUMP                         = 0x0C4
-	SYS___CLASS                         = 0xAFA
-	SYS___CLASS2                        = 0xB99
-	SYS___CLASS2D128                    = 0xC99
-	SYS___CLASS2D32                     = 0xC97
-	SYS___CLASS2D64                     = 0xC98
-	SYS___CLASS2F                       = 0xC91
-	SYS___CLASS2F_B                     = 0xC93
-	SYS___CLASS2F_H                     = 0xC94
-	SYS___CLASS2L                       = 0xC92
-	SYS___CLASS2L_B                     = 0xC95
-	SYS___CLASS2L_H                     = 0xC96
-	SYS___CLASS2_B                      = 0xB9A
-	SYS___CLASS2_H                      = 0xB9B
-	SYS___CLASS_B                       = 0xAFB
-	SYS___CLASS_H                       = 0xAFC
-	SYS___CLOGL_B                       = 0xA01
-	SYS___CLOGL_H                       = 0xA02
-	SYS___CLRENV                        = 0x0C9
-	SYS___CLRMF                         = 0x0BD
-	SYS___CODEPAGE_INFO                 = 0xC64
-	SYS___CONJF_B                       = 0xA07
-	SYS___CONJF_H                       = 0xA08
-	SYS___CONJL_B                       = 0xA0A
-	SYS___CONJL_H                       = 0xA0B
-	SYS___CONJ_B                        = 0xA04
-	SYS___CONJ_H                        = 0xA05
-	SYS___COPYSIGN_B                    = 0xA5A
-	SYS___COPYSIGN_H                    = 0xAF5
-	SYS___COSPID128                     = 0xC70
-	SYS___COSPID32                      = 0xC6E
-	SYS___COSPID64                      = 0xC6F
-	SYS___CPOWF_B                       = 0xA10
-	SYS___CPOWF_H                       = 0xA11
-	SYS___CPOWL_B                       = 0xA13
-	SYS___CPOWL_H                       = 0xA14
-	SYS___CPOW_B                        = 0xA0D
-	SYS___CPOW_H                        = 0xA0E
-	SYS___CPROJF_B                      = 0xA19
-	SYS___CPROJF_H                      = 0xA1A
-	SYS___CPROJL_B                      = 0xA1C
-	SYS___CPROJL_H                      = 0xA1D
-	SYS___CPROJ_B                       = 0xA16
-	SYS___CPROJ_H                       = 0xA17
-	SYS___CREALF_B                      = 0xA22
-	SYS___CREALF_H                      = 0xA23
-	SYS___CREALL_B                      = 0xA25
-	SYS___CREALL_H                      = 0xA26
-	SYS___CREAL_B                       = 0xA1F
-	SYS___CREAL_H                       = 0xA20
-	SYS___CSINF_B                       = 0xA2B
-	SYS___CSINF_H                       = 0xA2C
-	SYS___CSINHF_B                      = 0xA34
-	SYS___CSINHF_H                      = 0xA35
-	SYS___CSINHL_B                      = 0xA37
-	SYS___CSINHL_H                      = 0xA38
-	SYS___CSINH_B                       = 0xA31
-	SYS___CSINH_H                       = 0xA32
-	SYS___CSINL_B                       = 0xA2E
-	SYS___CSINL_H                       = 0xA2F
-	SYS___CSIN_B                        = 0xA28
-	SYS___CSIN_H                        = 0xA29
-	SYS___CSNAP                         = 0x0C5
-	SYS___CSQRTF_B                      = 0xA3D
-	SYS___CSQRTF_H                      = 0xA3E
-	SYS___CSQRTL_B                      = 0xA40
-	SYS___CSQRTL_H                      = 0xA41
-	SYS___CSQRT_B                       = 0xA3A
-	SYS___CSQRT_H                       = 0xA3B
-	SYS___CTANF_B                       = 0xA46
-	SYS___CTANF_H                       = 0xA47
-	SYS___CTANHF_B                      = 0xA4F
-	SYS___CTANHF_H                      = 0xA50
-	SYS___CTANHL_B                      = 0xA52
-	SYS___CTANHL_H                      = 0xA53
-	SYS___CTANH_B                       = 0xA4C
-	SYS___CTANH_H                       = 0xA4D
-	SYS___CTANL_B                       = 0xA49
-	SYS___CTANL_H                       = 0xA4A
-	SYS___CTAN_B                        = 0xA43
-	SYS___CTAN_H                        = 0xA44
-	SYS___CTEST                         = 0x0C7
-	SYS___CTRACE                        = 0x0C6
-	SYS___D1TOP                         = 0xC9B
-	SYS___D2TOP                         = 0xC9C
-	SYS___D4TOP                         = 0xC9D
-	SYS___DYNALL                        = 0x0C3
-	SYS___DYNFRE                        = 0x0C2
-	SYS___EXP2F_H                       = 0xA5E
-	SYS___EXP2L_H                       = 0xA5F
-	SYS___EXP2_H                        = 0xA5D
-	SYS___EXPM1F_H                      = 0xA5B
-	SYS___EXPM1L_H                      = 0xA5C
-	SYS___FBUFSIZE                      = 0xD60
-	SYS___FLBF                          = 0xD62
-	SYS___FLDATA                        = 0x0C1
-	SYS___FMAF_B                        = 0xA67
-	SYS___FMAF_H                        = 0xA68
-	SYS___FMAL_B                        = 0xA6A
-	SYS___FMAL_H                        = 0xA6B
-	SYS___FMAXF_B                       = 0xA70
-	SYS___FMAXF_H                       = 0xA71
-	SYS___FMAXL_B                       = 0xA73
-	SYS___FMAXL_H                       = 0xA74
-	SYS___FMAX_B                        = 0xA6D
-	SYS___FMAX_H                        = 0xA6E
-	SYS___FMA_B                         = 0xA64
-	SYS___FMA_H                         = 0xA65
-	SYS___FMINF_B                       = 0xA79
-	SYS___FMINF_H                       = 0xA7A
-	SYS___FMINL_B                       = 0xA7C
-	SYS___FMINL_H                       = 0xA7D
-	SYS___FMIN_B                        = 0xA76
-	SYS___FMIN_H                        = 0xA77
-	SYS___FPENDING                      = 0xD61
-	SYS___FPENDING_UNLOCKED             = 0xD6C
-	SYS___FPURGE                        = 0xD69
-	SYS___FPURGE_UNLOCKED               = 0xD70
-	SYS___FP_CAST_D                     = 0xBCB
-	SYS___FREADABLE                     = 0xD63
-	SYS___FREADAHEAD                    = 0xD6A
-	SYS___FREADAHEAD_UNLOCKED           = 0xD71
-	SYS___FREADING                      = 0xD65
-	SYS___FREADING_UNLOCKED             = 0xD6D
-	SYS___FSEEK2                        = 0xB3C
-	SYS___FSETERR                       = 0xD6B
-	SYS___FSETLOCKING                   = 0xD67
-	SYS___FTCHEP                        = 0x0BF
-	SYS___FTELL2                        = 0xB3B
-	SYS___FUPDT                         = 0x0B5
-	SYS___FWRITABLE                     = 0xD64
-	SYS___FWRITING                      = 0xD66
-	SYS___FWRITING_UNLOCKED             = 0xD6E
-	SYS___GETCB                         = 0x0B4
-	SYS___GETGRGID1                     = 0xD5B
-	SYS___GETGRNAM1                     = 0xD5C
-	SYS___GETTHENT                      = 0xCE5
-	SYS___GETTOD                        = 0xD3E
-	SYS___HYPOTF_H                      = 0xAF6
-	SYS___HYPOTL_H                      = 0xAF7
-	SYS___ILOGBF_B                      = 0xA7F
-	SYS___ILOGBF_H                      = 0xA80
-	SYS___ILOGBL_B                      = 0xA82
-	SYS___ILOGBL_H                      = 0xA83
-	SYS___ISBLANK_A                     = 0xB2E
-	SYS___ISBLNK                        = 0x0FE
-	SYS___ISWBLANK_A                    = 0xB2F
-	SYS___LE_CEEGTJS                    = 0xD72
-	SYS___LE_TRACEBACK                  = 0xB7A
-	SYS___LGAMMAL_H                     = 0xA62
-	SYS___LGAMMA_B_C99                  = 0xB39
-	SYS___LGAMMA_H_C99                  = 0xB38
-	SYS___LGAMMA_R_C99                  = 0xB3A
-	SYS___LLRINTF_B                     = 0xA88
-	SYS___LLRINTF_H                     = 0xA89
-	SYS___LLRINTL_B                     = 0xA8B
-	SYS___LLRINTL_H                     = 0xA8C
-	SYS___LLRINT_B                      = 0xA85
-	SYS___LLRINT_H                      = 0xA86
-	SYS___LLROUNDF_B                    = 0xA91
-	SYS___LLROUNDF_H                    = 0xA92
-	SYS___LLROUNDL_B                    = 0xA94
-	SYS___LLROUNDL_H                    = 0xA95
-	SYS___LLROUND_B                     = 0xA8E
-	SYS___LLROUND_H                     = 0xA8F
-	SYS___LOCALE_CTL                    = 0xD47
-	SYS___LOG1PF_H                      = 0xA60
-	SYS___LOG1PL_H                      = 0xA61
-	SYS___LOGBF_B                       = 0xA97
-	SYS___LOGBF_H                       = 0xA98
-	SYS___LOGBL_B                       = 0xA9A
-	SYS___LOGBL_H                       = 0xA9B
-	SYS___LOGIN_APPLID                  = 0xCE2
-	SYS___LRINTF_B                      = 0xAA0
-	SYS___LRINTF_H                      = 0xAA1
-	SYS___LRINTL_B                      = 0xAA3
-	SYS___LRINTL_H                      = 0xAA4
-	SYS___LRINT_B                       = 0xA9D
-	SYS___LRINT_H                       = 0xA9E
-	SYS___LROUNDF_FIXUP                 = 0xB31
-	SYS___LROUNDL_B                     = 0xAA6
-	SYS___LROUNDL_H                     = 0xAA7
-	SYS___LROUND_FIXUP                  = 0xB30
-	SYS___MOSERVICES                    = 0xD3D
-	SYS___MUST_STAY_CLEAN               = 0xB7C
-	SYS___NANF_B                        = 0xAAB
-	SYS___NANL_B                        = 0xAAD
-	SYS___NAN_B                         = 0xAA9
-	SYS___NEARBYINTF_B                  = 0xAB2
-	SYS___NEARBYINTF_H                  = 0xAB3
-	SYS___NEARBYINTL_B                  = 0xAB5
-	SYS___NEARBYINTL_H                  = 0xAB6
-	SYS___NEARBYINT_B                   = 0xAAF
-	SYS___NEARBYINT_H                   = 0xAB0
-	SYS___NEXTAFTERF_B                  = 0xAB8
-	SYS___NEXTAFTERF_H                  = 0xAB9
-	SYS___NEXTAFTERL_B                  = 0xABB
-	SYS___NEXTAFTERL_H                  = 0xABC
-	SYS___NEXTTOWARDF_B                 = 0xAC1
-	SYS___NEXTTOWARDF_H                 = 0xAC2
-	SYS___NEXTTOWARDL_B                 = 0xAC4
-	SYS___NEXTTOWARDL_H                 = 0xAC5
-	SYS___NEXTTOWARD_B                  = 0xABE
-	SYS___NEXTTOWARD_H                  = 0xABF
-	SYS___O_ENV                         = 0xB7D
-	SYS___PASSWD_APPLID                 = 0xCE3
-	SYS___PTOD1                         = 0xC9E
-	SYS___PTOD2                         = 0xC9F
-	SYS___PTOD4                         = 0xCA0
-	SYS___REGCOMP_STD                   = 0x0EA
-	SYS___REMAINDERF_H                  = 0xAC6
-	SYS___REMAINDERL_H                  = 0xAC7
-	SYS___REMQUOD128                    = 0xC10
-	SYS___REMQUOD32                     = 0xC0E
-	SYS___REMQUOD64                     = 0xC0F
-	SYS___REMQUOF_H                     = 0xAC9
-	SYS___REMQUOL_H                     = 0xACA
-	SYS___REMQUO_H                      = 0xAC8
-	SYS___RINTF_B                       = 0xACC
-	SYS___RINTL_B                       = 0xACE
-	SYS___ROUNDF_B                      = 0xAD3
-	SYS___ROUNDF_H                      = 0xAD4
-	SYS___ROUNDL_B                      = 0xAD6
-	SYS___ROUNDL_H                      = 0xAD7
-	SYS___ROUND_B                       = 0xAD0
-	SYS___ROUND_H                       = 0xAD1
-	SYS___SCALBLNF_B                    = 0xADC
-	SYS___SCALBLNF_H                    = 0xADD
-	SYS___SCALBLNL_B                    = 0xADF
-	SYS___SCALBLNL_H                    = 0xAE0
-	SYS___SCALBLN_B                     = 0xAD9
-	SYS___SCALBLN_H                     = 0xADA
-	SYS___SCALBNF_B                     = 0xAE4
-	SYS___SCALBNF_H                     = 0xAE5
-	SYS___SCALBNL_B                     = 0xAE7
-	SYS___SCALBNL_H                     = 0xAE8
-	SYS___SCALBN_B                      = 0xAE1
-	SYS___SCALBN_H                      = 0xAE2
-	SYS___SETENV                        = 0x0C8
-	SYS___SINPID128                     = 0xC73
-	SYS___SINPID32                      = 0xC71
-	SYS___SINPID64                      = 0xC72
-	SYS___SMF_RECORD2                   = 0xD48
-	SYS___STATIC_REINIT                 = 0xB3D
-	SYS___TGAMMAF_H_C99                 = 0xB79
-	SYS___TGAMMAL_H                     = 0xAE9
-	SYS___TGAMMA_H_C99                  = 0xB78
-	SYS___TOCSNAME2                     = 0xC9A
-	SYS_CEIL                            = 0x01F
-	SYS_CHAUDIT                         = 0x1E0
-	SYS_EXP                             = 0x01A
-	SYS_FCHAUDIT                        = 0x1E1
-	SYS_FREXP                           = 0x01D
-	SYS_GETGROUPSBYNAME                 = 0x1E2
-	SYS_GETPWUID                        = 0x1A0
-	SYS_GETUID                          = 0x1A1
-	SYS_ISATTY                          = 0x1A3
-	SYS_KILL                            = 0x1A4
-	SYS_LDEXP                           = 0x01E
-	SYS_LINK                            = 0x1A5
-	SYS_LOG10                           = 0x01C
-	SYS_LSEEK                           = 0x1A6
-	SYS_LSTAT                           = 0x1A7
-	SYS_MKDIR                           = 0x1A8
-	SYS_MKFIFO                          = 0x1A9
-	SYS_MKNOD                           = 0x1AA
-	SYS_MODF                            = 0x01B
-	SYS_MOUNT                           = 0x1AB
-	SYS_OPEN                            = 0x1AC
-	SYS_OPENDIR                         = 0x1AD
-	SYS_PATHCONF                        = 0x1AE
-	SYS_PAUSE                           = 0x1AF
-	SYS_PIPE                            = 0x1B0
-	SYS_PTHREAD_ATTR_DESTROY            = 0x1E7
-	SYS_PTHREAD_ATTR_GETDETACHSTATE     = 0x1EB
-	SYS_PTHREAD_ATTR_GETSTACKSIZE       = 0x1E9
-	SYS_PTHREAD_ATTR_GETWEIGHT_NP       = 0x1ED
-	SYS_PTHREAD_ATTR_INIT               = 0x1E6
-	SYS_PTHREAD_ATTR_SETDETACHSTATE     = 0x1EA
-	SYS_PTHREAD_ATTR_SETSTACKSIZE       = 0x1E8
-	SYS_PTHREAD_ATTR_SETWEIGHT_NP       = 0x1EC
-	SYS_PTHREAD_CANCEL                  = 0x1EE
-	SYS_PTHREAD_CLEANUP_POP             = 0x1F0
-	SYS_PTHREAD_CLEANUP_PUSH            = 0x1EF
-	SYS_PTHREAD_CONDATTR_DESTROY        = 0x1F2
-	SYS_PTHREAD_CONDATTR_INIT           = 0x1F1
-	SYS_PTHREAD_COND_BROADCAST          = 0x1F6
-	SYS_PTHREAD_COND_DESTROY            = 0x1F4
-	SYS_PTHREAD_COND_INIT               = 0x1F3
-	SYS_PTHREAD_COND_SIGNAL             = 0x1F5
-	SYS_PTHREAD_COND_TIMEDWAIT          = 0x1F8
-	SYS_PTHREAD_COND_WAIT               = 0x1F7
-	SYS_PTHREAD_CREATE                  = 0x1F9
-	SYS_PTHREAD_DETACH                  = 0x1FA
-	SYS_PTHREAD_EQUAL                   = 0x1FB
-	SYS_PTHREAD_EXIT                    = 0x1E4
-	SYS_PTHREAD_GETSPECIFIC             = 0x1FC
-	SYS_PTHREAD_JOIN                    = 0x1FD
-	SYS_PTHREAD_KEY_CREATE              = 0x1FE
-	SYS_PTHREAD_KILL                    = 0x1E5
-	SYS_PTHREAD_MUTEXATTR_INIT          = 0x1FF
-	SYS_READ                            = 0x1B2
-	SYS_READDIR                         = 0x1B3
-	SYS_READLINK                        = 0x1B4
-	SYS_REWINDDIR                       = 0x1B5
-	SYS_RMDIR                           = 0x1B6
-	SYS_SETEGID                         = 0x1B7
-	SYS_SETEUID                         = 0x1B8
-	SYS_SETGID                          = 0x1B9
-	SYS_SETPGID                         = 0x1BA
-	SYS_SETSID                          = 0x1BB
-	SYS_SETUID                          = 0x1BC
-	SYS_SIGACTION                       = 0x1BD
-	SYS_SIGADDSET                       = 0x1BE
-	SYS_SIGDELSET                       = 0x1BF
-	SYS_SIGEMPTYSET                     = 0x1C0
-	SYS_SIGFILLSET                      = 0x1C1
-	SYS_SIGISMEMBER                     = 0x1C2
-	SYS_SIGLONGJMP                      = 0x1C3
-	SYS_SIGPENDING                      = 0x1C4
-	SYS_SIGPROCMASK                     = 0x1C5
-	SYS_SIGSETJMP                       = 0x1C6
-	SYS_SIGSUSPEND                      = 0x1C7
-	SYS_SIGWAIT                         = 0x1E3
-	SYS_SLEEP                           = 0x1C8
-	SYS_STAT                            = 0x1C9
-	SYS_SYMLINK                         = 0x1CB
-	SYS_SYSCONF                         = 0x1CC
-	SYS_TCDRAIN                         = 0x1CD
-	SYS_TCFLOW                          = 0x1CE
-	SYS_TCFLUSH                         = 0x1CF
-	SYS_TCGETATTR                       = 0x1D0
-	SYS_TCGETPGRP                       = 0x1D1
-	SYS_TCSENDBREAK                     = 0x1D2
-	SYS_TCSETATTR                       = 0x1D3
-	SYS_TCSETPGRP                       = 0x1D4
-	SYS_TIMES                           = 0x1D5
-	SYS_TTYNAME                         = 0x1D6
-	SYS_TZSET                           = 0x1D7
-	SYS_UMASK                           = 0x1D8
-	SYS_UMOUNT                          = 0x1D9
-	SYS_UNAME                           = 0x1DA
-	SYS_UNLINK                          = 0x1DB
-	SYS_UTIME                           = 0x1DC
-	SYS_WAIT                            = 0x1DD
-	SYS_WAITPID                         = 0x1DE
-	SYS_WRITE                           = 0x1DF
-	SYS_W_GETPSENT                      = 0x1B1
-	SYS_W_IOCTL                         = 0x1A2
-	SYS_W_STATFS                        = 0x1CA
-	SYS_A64L                            = 0x2EF
-	SYS_BCMP                            = 0x2B9
-	SYS_BCOPY                           = 0x2BA
-	SYS_BZERO                           = 0x2BB
-	SYS_CATCLOSE                        = 0x2B6
-	SYS_CATGETS                         = 0x2B7
-	SYS_CATOPEN                         = 0x2B8
-	SYS_CRYPT                           = 0x2AC
-	SYS_DBM_CLEARERR                    = 0x2F7
-	SYS_DBM_CLOSE                       = 0x2F8
-	SYS_DBM_DELETE                      = 0x2F9
-	SYS_DBM_ERROR                       = 0x2FA
-	SYS_DBM_FETCH                       = 0x2FB
-	SYS_DBM_FIRSTKEY                    = 0x2FC
-	SYS_DBM_NEXTKEY                     = 0x2FD
-	SYS_DBM_OPEN                        = 0x2FE
-	SYS_DBM_STORE                       = 0x2FF
-	SYS_DRAND48                         = 0x2B2
-	SYS_ENCRYPT                         = 0x2AD
-	SYS_ENDUTXENT                       = 0x2E1
-	SYS_ERAND48                         = 0x2B3
-	SYS_ERF                             = 0x02C
-	SYS_ERFC                            = 0x02D
-	SYS_FCHDIR                          = 0x2D9
-	SYS_FFS                             = 0x2BC
-	SYS_FMTMSG                          = 0x2E5
-	SYS_FSTATVFS                        = 0x2B4
-	SYS_FTIME                           = 0x2F5
-	SYS_GAMMA                           = 0x02E
-	SYS_GETDATE                         = 0x2A6
-	SYS_GETPAGESIZE                     = 0x2D8
-	SYS_GETTIMEOFDAY                    = 0x2F6
-	SYS_GETUTXENT                       = 0x2E0
-	SYS_GETUTXID                        = 0x2E2
-	SYS_GETUTXLINE                      = 0x2E3
-	SYS_HCREATE                         = 0x2C6
-	SYS_HDESTROY                        = 0x2C7
-	SYS_HSEARCH                         = 0x2C8
-	SYS_HYPOT                           = 0x02B
-	SYS_INDEX                           = 0x2BD
-	SYS_INITSTATE                       = 0x2C2
-	SYS_INSQUE                          = 0x2CF
-	SYS_ISASCII                         = 0x2ED
-	SYS_JRAND48                         = 0x2E6
-	SYS_L64A                            = 0x2F0
-	SYS_LCONG48                         = 0x2EA
-	SYS_LFIND                           = 0x2C9
-	SYS_LRAND48                         = 0x2E7
-	SYS_LSEARCH                         = 0x2CA
-	SYS_MEMCCPY                         = 0x2D4
-	SYS_MRAND48                         = 0x2E8
-	SYS_NRAND48                         = 0x2E9
-	SYS_PCLOSE                          = 0x2D2
-	SYS_POPEN                           = 0x2D1
-	SYS_PUTUTXLINE                      = 0x2E4
-	SYS_RANDOM                          = 0x2C4
-	SYS_REMQUE                          = 0x2D0
-	SYS_RINDEX                          = 0x2BE
-	SYS_SEED48                          = 0x2EC
-	SYS_SETKEY                          = 0x2AE
-	SYS_SETSTATE                        = 0x2C3
-	SYS_SETUTXENT                       = 0x2DF
-	SYS_SRAND48                         = 0x2EB
-	SYS_SRANDOM                         = 0x2C5
-	SYS_STATVFS                         = 0x2B5
-	SYS_STRCASECMP                      = 0x2BF
-	SYS_STRDUP                          = 0x2C0
-	SYS_STRNCASECMP                     = 0x2C1
-	SYS_SWAB                            = 0x2D3
-	SYS_TDELETE                         = 0x2CB
-	SYS_TFIND                           = 0x2CC
-	SYS_TOASCII                         = 0x2EE
-	SYS_TSEARCH                         = 0x2CD
-	SYS_TWALK                           = 0x2CE
-	SYS_UALARM                          = 0x2F1
-	SYS_USLEEP                          = 0x2F2
-	SYS_WAIT3                           = 0x2A7
-	SYS_WAITID                          = 0x2A8
-	SYS_Y1                              = 0x02A
-	SYS___ATOE                          = 0x2DB
-	SYS___ATOE_L                        = 0x2DC
-	SYS___CATTRM                        = 0x2A9
-	SYS___CNVBLK                        = 0x2AF
-	SYS___CRYTRM                        = 0x2B0
-	SYS___DLGHT                         = 0x2A1
-	SYS___ECRTRM                        = 0x2B1
-	SYS___ETOA                          = 0x2DD
-	SYS___ETOA_L                        = 0x2DE
-	SYS___GDTRM                         = 0x2AA
-	SYS___OCLCK                         = 0x2DA
-	SYS___OPARGF                        = 0x2A2
-	SYS___OPERRF                        = 0x2A5
-	SYS___OPINDF                        = 0x2A4
-	SYS___OPOPTF                        = 0x2A3
-	SYS___RNDTRM                        = 0x2AB
-	SYS___SRCTRM                        = 0x2F4
-	SYS___TZONE                         = 0x2A0
-	SYS___UTXTRM                        = 0x2F3
-	SYS_ASIN                            = 0x03E
-	SYS_ISXDIGIT                        = 0x03B
-	SYS_SETLOCAL                        = 0x03A
-	SYS_SETLOCALE                       = 0x03A
-	SYS_SIN                             = 0x03F
-	SYS_TOLOWER                         = 0x03C
-	SYS_TOUPPER                         = 0x03D
-	SYS_ACCEPT_AND_RECV                 = 0x4F7
-	SYS_ATOL                            = 0x04E
-	SYS_CHECKSCH                        = 0x4BC
-	SYS_CHECKSCHENV                     = 0x4BC
-	SYS_CLEARERR                        = 0x04C
-	SYS_CONNECTS                        = 0x4B5
-	SYS_CONNECTSERVER                   = 0x4B5
-	SYS_CONNECTW                        = 0x4B4
-	SYS_CONNECTWORKMGR                  = 0x4B4
-	SYS_CONTINUE                        = 0x4B3
-	SYS_CONTINUEWORKUNIT                = 0x4B3
-	SYS_COPYSIGN                        = 0x4C2
-	SYS_CREATEWO                        = 0x4B2
-	SYS_CREATEWORKUNIT                  = 0x4B2
-	SYS_DELETEWO                        = 0x4B9
-	SYS_DELETEWORKUNIT                  = 0x4B9
-	SYS_DISCONNE                        = 0x4B6
-	SYS_DISCONNECTSERVER                = 0x4B6
-	SYS_FEOF                            = 0x04D
-	SYS_FERROR                          = 0x04A
-	SYS_FINITE                          = 0x4C8
-	SYS_GAMMA_R                         = 0x4E2
-	SYS_JOINWORK                        = 0x4B7
-	SYS_JOINWORKUNIT                    = 0x4B7
-	SYS_LEAVEWOR                        = 0x4B8
-	SYS_LEAVEWORKUNIT                   = 0x4B8
-	SYS_LGAMMA_R                        = 0x4EB
-	SYS_MATHERR                         = 0x4D0
-	SYS_PERROR                          = 0x04F
-	SYS_QUERYMET                        = 0x4BA
-	SYS_QUERYMETRICS                    = 0x4BA
-	SYS_QUERYSCH                        = 0x4BB
-	SYS_QUERYSCHENV                     = 0x4BB
-	SYS_REWIND                          = 0x04B
-	SYS_SCALBN                          = 0x4D4
-	SYS_SIGNIFIC                        = 0x4D5
-	SYS_SIGNIFICAND                     = 0x4D5
-	SYS___ACOSH_B                       = 0x4DA
-	SYS___ACOS_B                        = 0x4D9
-	SYS___ASINH_B                       = 0x4BE
-	SYS___ASIN_B                        = 0x4DB
-	SYS___ATAN2_B                       = 0x4DC
-	SYS___ATANH_B                       = 0x4DD
-	SYS___ATAN_B                        = 0x4BF
-	SYS___CBRT_B                        = 0x4C0
-	SYS___CEIL_B                        = 0x4C1
-	SYS___COSH_B                        = 0x4DE
-	SYS___COS_B                         = 0x4C3
-	SYS___DGHT                          = 0x4A8
-	SYS___ENVN                          = 0x4B0
-	SYS___ERFC_B                        = 0x4C5
-	SYS___ERF_B                         = 0x4C4
-	SYS___EXPM1_B                       = 0x4C6
-	SYS___EXP_B                         = 0x4DF
-	SYS___FABS_B                        = 0x4C7
-	SYS___FLOOR_B                       = 0x4C9
-	SYS___FMOD_B                        = 0x4E0
-	SYS___FP_SETMODE                    = 0x4F8
-	SYS___FREXP_B                       = 0x4CA
-	SYS___GAMMA_B                       = 0x4E1
-	SYS___GDRR                          = 0x4A1
-	SYS___HRRNO                         = 0x4A2
-	SYS___HYPOT_B                       = 0x4E3
-	SYS___ILOGB_B                       = 0x4CB
-	SYS___ISNAN_B                       = 0x4CC
-	SYS___J0_B                          = 0x4E4
-	SYS___J1_B                          = 0x4E6
-	SYS___JN_B                          = 0x4E8
-	SYS___LDEXP_B                       = 0x4CD
-	SYS___LGAMMA_B                      = 0x4EA
-	SYS___LOG10_B                       = 0x4ED
-	SYS___LOG1P_B                       = 0x4CE
-	SYS___LOGB_B                        = 0x4CF
-	SYS___LOGIN                         = 0x4F5
-	SYS___LOG_B                         = 0x4EC
-	SYS___MLOCKALL                      = 0x4B1
-	SYS___MODF_B                        = 0x4D1
-	SYS___NEXTAFTER_B                   = 0x4D2
-	SYS___OPENDIR2                      = 0x4F3
-	SYS___OPEN_STAT                     = 0x4F6
-	SYS___OPND                          = 0x4A5
-	SYS___OPPT                          = 0x4A6
-	SYS___OPRG                          = 0x4A3
-	SYS___OPRR                          = 0x4A4
-	SYS___PID_AFFINITY                  = 0x4BD
-	SYS___POW_B                         = 0x4EE
-	SYS___READDIR2                      = 0x4F4
-	SYS___REMAINDER_B                   = 0x4EF
-	SYS___RINT_B                        = 0x4D3
-	SYS___SCALB_B                       = 0x4F0
-	SYS___SIGACTIONSET                  = 0x4FB
-	SYS___SIGGM                         = 0x4A7
-	SYS___SINH_B                        = 0x4F1
-	SYS___SIN_B                         = 0x4D6
-	SYS___SQRT_B                        = 0x4F2
-	SYS___TANH_B                        = 0x4D8
-	SYS___TAN_B                         = 0x4D7
-	SYS___TRRNO                         = 0x4AF
-	SYS___TZNE                          = 0x4A9
-	SYS___TZZN                          = 0x4AA
-	SYS___UCREATE                       = 0x4FC
-	SYS___UFREE                         = 0x4FE
-	SYS___UHEAPREPORT                   = 0x4FF
-	SYS___UMALLOC                       = 0x4FD
-	SYS___Y0_B                          = 0x4E5
-	SYS___Y1_B                          = 0x4E7
-	SYS___YN_B                          = 0x4E9
-	SYS_ABORT                           = 0x05C
-	SYS_ASCTIME_R                       = 0x5E0
-	SYS_ATEXIT                          = 0x05D
-	SYS_CONNECTE                        = 0x5AE
-	SYS_CONNECTEXPORTIMPORT             = 0x5AE
-	SYS_CTIME_R                         = 0x5E1
-	SYS_DN_COMP                         = 0x5DF
-	SYS_DN_EXPAND                       = 0x5DD
-	SYS_DN_SKIPNAME                     = 0x5DE
-	SYS_EXIT                            = 0x05A
-	SYS_EXPORTWO                        = 0x5A1
-	SYS_EXPORTWORKUNIT                  = 0x5A1
-	SYS_EXTRACTW                        = 0x5A5
-	SYS_EXTRACTWORKUNIT                 = 0x5A5
-	SYS_FSEEKO                          = 0x5C9
-	SYS_FTELLO                          = 0x5C8
-	SYS_GETGRGID_R                      = 0x5E7
-	SYS_GETGRNAM_R                      = 0x5E8
-	SYS_GETLOGIN_R                      = 0x5E9
-	SYS_GETPWNAM_R                      = 0x5EA
-	SYS_GETPWUID_R                      = 0x5EB
-	SYS_GMTIME_R                        = 0x5E2
-	SYS_IMPORTWO                        = 0x5A3
-	SYS_IMPORTWORKUNIT                  = 0x5A3
-	SYS_INET_NTOP                       = 0x5D3
-	SYS_INET_PTON                       = 0x5D4
-	SYS_LLABS                           = 0x5CE
-	SYS_LLDIV                           = 0x5CB
-	SYS_LOCALTIME_R                     = 0x5E3
-	SYS_PTHREAD_ATFORK                  = 0x5ED
-	SYS_PTHREAD_ATTR_GETDETACHSTATE_U98 = 0x5FB
-	SYS_PTHREAD_ATTR_GETGUARDSIZE       = 0x5EE
-	SYS_PTHREAD_ATTR_GETSCHEDPARAM      = 0x5F9
-	SYS_PTHREAD_ATTR_GETSTACKADDR       = 0x5EF
-	SYS_PTHREAD_ATTR_SETDETACHSTATE_U98 = 0x5FC
-	SYS_PTHREAD_ATTR_SETGUARDSIZE       = 0x5F0
-	SYS_PTHREAD_ATTR_SETSCHEDPARAM      = 0x5FA
-	SYS_PTHREAD_ATTR_SETSTACKADDR       = 0x5F1
-	SYS_PTHREAD_CONDATTR_GETPSHARED     = 0x5F2
-	SYS_PTHREAD_CONDATTR_SETPSHARED     = 0x5F3
-	SYS_PTHREAD_DETACH_U98              = 0x5FD
-	SYS_PTHREAD_GETCONCURRENCY          = 0x5F4
-	SYS_PTHREAD_GETSPECIFIC_U98         = 0x5FE
-	SYS_PTHREAD_KEY_DELETE              = 0x5F5
-	SYS_PTHREAD_SETCANCELSTATE          = 0x5FF
-	SYS_PTHREAD_SETCONCURRENCY          = 0x5F6
-	SYS_PTHREAD_SIGMASK                 = 0x5F7
-	SYS_QUERYENC                        = 0x5AD
-	SYS_QUERYWORKUNITCLASSIFICATION     = 0x5AD
-	SYS_RAISE                           = 0x05E
-	SYS_RAND_R                          = 0x5E4
-	SYS_READDIR_R                       = 0x5E6
-	SYS_REALLOC                         = 0x05B
-	SYS_RES_INIT                        = 0x5D8
-	SYS_RES_MKQUERY                     = 0x5D7
-	SYS_RES_QUERY                       = 0x5D9
-	SYS_RES_QUERYDOMAIN                 = 0x5DC
-	SYS_RES_SEARCH                      = 0x5DA
-	SYS_RES_SEND                        = 0x5DB
-	SYS_SETJMP                          = 0x05F
-	SYS_SIGQUEUE                        = 0x5A9
-	SYS_STRTOK_R                        = 0x5E5
-	SYS_STRTOLL                         = 0x5B0
-	SYS_STRTOULL                        = 0x5B1
-	SYS_TTYNAME_R                       = 0x5EC
-	SYS_UNDOEXPO                        = 0x5A2
-	SYS_UNDOEXPORTWORKUNIT              = 0x5A2
-	SYS_UNDOIMPO                        = 0x5A4
-	SYS_UNDOIMPORTWORKUNIT              = 0x5A4
-	SYS_WCSTOLL                         = 0x5CC
-	SYS_WCSTOULL                        = 0x5CD
-	SYS___ABORT                         = 0x05C
-	SYS___CONSOLE2                      = 0x5D2
-	SYS___CPL                           = 0x5A6
-	SYS___DISCARDDATA                   = 0x5F8
-	SYS___DSA_PREV                      = 0x5B2
-	SYS___EP_FIND                       = 0x5B3
-	SYS___FP_SWAPMODE                   = 0x5AF
-	SYS___GETUSERID                     = 0x5AB
-	SYS___GET_CPUID                     = 0x5B9
-	SYS___GET_SYSTEM_SETTINGS           = 0x5BA
-	SYS___IPDOMAINNAME                  = 0x5AC
-	SYS___MAP_INIT                      = 0x5A7
-	SYS___MAP_SERVICE                   = 0x5A8
-	SYS___MOUNT                         = 0x5AA
-	SYS___MSGRCV_TIMED                  = 0x5B7
-	SYS___RES                           = 0x5D6
-	SYS___SEMOP_TIMED                   = 0x5B8
-	SYS___SERVER_THREADS_QUERY          = 0x5B4
-	SYS_FPRINTF                         = 0x06D
-	SYS_FSCANF                          = 0x06A
-	SYS_PRINTF                          = 0x06F
-	SYS_SETBUF                          = 0x06B
-	SYS_SETVBUF                         = 0x06C
-	SYS_SSCANF                          = 0x06E
-	SYS___CATGETS_A                     = 0x6C0
-	SYS___CHAUDIT_A                     = 0x6F4
-	SYS___CHMOD_A                       = 0x6E8
-	SYS___COLLATE_INIT_A                = 0x6AC
-	SYS___CREAT_A                       = 0x6F6
-	SYS___CTYPE_INIT_A                  = 0x6AF
-	SYS___DLLLOAD_A                     = 0x6DF
-	SYS___DLLQUERYFN_A                  = 0x6E0
-	SYS___DLLQUERYVAR_A                 = 0x6E1
-	SYS___E2A_L                         = 0x6E3
-	SYS___EXECLE_A                      = 0x6A0
-	SYS___EXECLP_A                      = 0x6A4
-	SYS___EXECVE_A                      = 0x6C1
-	SYS___EXECVP_A                      = 0x6C2
-	SYS___EXECV_A                       = 0x6B1
-	SYS___FPRINTF_A                     = 0x6FA
-	SYS___GETADDRINFO_A                 = 0x6BF
-	SYS___GETNAMEINFO_A                 = 0x6C4
-	SYS___GET_WCTYPE_STD_A              = 0x6AE
-	SYS___ICONV_OPEN_A                  = 0x6DE
-	SYS___IF_INDEXTONAME_A              = 0x6DC
-	SYS___IF_NAMETOINDEX_A              = 0x6DB
-	SYS___ISWCTYPE_A                    = 0x6B0
-	SYS___IS_WCTYPE_STD_A               = 0x6B2
-	SYS___LOCALECONV_A                  = 0x6B8
-	SYS___LOCALECONV_STD_A              = 0x6B9
-	SYS___LOCALE_INIT_A                 = 0x6B7
-	SYS___LSTAT_A                       = 0x6EE
-	SYS___LSTAT_O_A                     = 0x6EF
-	SYS___MKDIR_A                       = 0x6E9
-	SYS___MKFIFO_A                      = 0x6EC
-	SYS___MKNOD_A                       = 0x6F0
-	SYS___MONETARY_INIT_A               = 0x6BC
-	SYS___MOUNT_A                       = 0x6F1
-	SYS___NL_CSINFO_A                   = 0x6D6
-	SYS___NL_LANGINFO_A                 = 0x6BA
-	SYS___NL_LNAGINFO_STD_A             = 0x6BB
-	SYS___NL_MONINFO_A                  = 0x6D7
-	SYS___NL_NUMINFO_A                  = 0x6D8
-	SYS___NL_RESPINFO_A                 = 0x6D9
-	SYS___NL_TIMINFO_A                  = 0x6DA
-	SYS___NUMERIC_INIT_A                = 0x6C6
-	SYS___OPEN_A                        = 0x6F7
-	SYS___PRINTF_A                      = 0x6DD
-	SYS___RESP_INIT_A                   = 0x6C7
-	SYS___RPMATCH_A                     = 0x6C8
-	SYS___RPMATCH_C_A                   = 0x6C9
-	SYS___RPMATCH_STD_A                 = 0x6CA
-	SYS___SETLOCALE_A                   = 0x6F9
-	SYS___SPAWNP_A                      = 0x6C5
-	SYS___SPAWN_A                       = 0x6C3
-	SYS___SPRINTF_A                     = 0x6FB
-	SYS___STAT_A                        = 0x6EA
-	SYS___STAT_O_A                      = 0x6EB
-	SYS___STRCOLL_STD_A                 = 0x6A1
-	SYS___STRFMON_A                     = 0x6BD
-	SYS___STRFMON_STD_A                 = 0x6BE
-	SYS___STRFTIME_A                    = 0x6CC
-	SYS___STRFTIME_STD_A                = 0x6CD
-	SYS___STRPTIME_A                    = 0x6CE
-	SYS___STRPTIME_STD_A                = 0x6CF
-	SYS___STRXFRM_A                     = 0x6A2
-	SYS___STRXFRM_C_A                   = 0x6A3
-	SYS___STRXFRM_STD_A                 = 0x6A5
-	SYS___SYNTAX_INIT_A                 = 0x6D4
-	SYS___TIME_INIT_A                   = 0x6CB
-	SYS___TOD_INIT_A                    = 0x6D5
-	SYS___TOWLOWER_A                    = 0x6B3
-	SYS___TOWLOWER_STD_A                = 0x6B4
-	SYS___TOWUPPER_A                    = 0x6B5
-	SYS___TOWUPPER_STD_A                = 0x6B6
-	SYS___UMOUNT_A                      = 0x6F2
-	SYS___VFPRINTF_A                    = 0x6FC
-	SYS___VPRINTF_A                     = 0x6FD
-	SYS___VSPRINTF_A                    = 0x6FE
-	SYS___VSWPRINTF_A                   = 0x6FF
-	SYS___WCSCOLL_A                     = 0x6A6
-	SYS___WCSCOLL_C_A                   = 0x6A7
-	SYS___WCSCOLL_STD_A                 = 0x6A8
-	SYS___WCSFTIME_A                    = 0x6D0
-	SYS___WCSFTIME_STD_A                = 0x6D1
-	SYS___WCSXFRM_A                     = 0x6A9
-	SYS___WCSXFRM_C_A                   = 0x6AA
-	SYS___WCSXFRM_STD_A                 = 0x6AB
-	SYS___WCTYPE_A                      = 0x6AD
-	SYS___W_GETMNTENT_A                 = 0x6F5
-	SYS_____CCSIDTYPE_A                 = 0x6E6
-	SYS_____CHATTR_A                    = 0x6E2
-	SYS_____CSNAMETYPE_A                = 0x6E7
-	SYS_____OPEN_STAT_A                 = 0x6ED
-	SYS_____SPAWN2_A                    = 0x6D2
-	SYS_____SPAWNP2_A                   = 0x6D3
-	SYS_____TOCCSID_A                   = 0x6E4
-	SYS_____TOCSNAME_A                  = 0x6E5
-	SYS_ACL_FREE                        = 0x7FF
-	SYS_ACL_INIT                        = 0x7FE
-	SYS_FWIDE                           = 0x7DF
-	SYS_FWPRINTF                        = 0x7D1
-	SYS_FWRITE                          = 0x07E
-	SYS_FWSCANF                         = 0x7D5
-	SYS_GETCHAR                         = 0x07B
-	SYS_GETS                            = 0x07C
-	SYS_M_CREATE_LAYOUT                 = 0x7C9
-	SYS_M_DESTROY_LAYOUT                = 0x7CA
-	SYS_M_GETVALUES_LAYOUT              = 0x7CB
-	SYS_M_SETVALUES_LAYOUT              = 0x7CC
-	SYS_M_TRANSFORM_LAYOUT              = 0x7CD
-	SYS_M_WTRANSFORM_LAYOUT             = 0x7CE
-	SYS_PREAD                           = 0x7C7
-	SYS_PUTC                            = 0x07D
-	SYS_PUTCHAR                         = 0x07A
-	SYS_PUTS                            = 0x07F
-	SYS_PWRITE                          = 0x7C8
-	SYS_TOWCTRAN                        = 0x7D8
-	SYS_TOWCTRANS                       = 0x7D8
-	SYS_UNATEXIT                        = 0x7B5
-	SYS_VFWPRINT                        = 0x7D3
-	SYS_VFWPRINTF                       = 0x7D3
-	SYS_VWPRINTF                        = 0x7D4
-	SYS_WCTRANS                         = 0x7D7
-	SYS_WPRINTF                         = 0x7D2
-	SYS_WSCANF                          = 0x7D6
-	SYS___ASCTIME_R_A                   = 0x7A1
-	SYS___BASENAME_A                    = 0x7DC
-	SYS___BTOWC_A                       = 0x7E4
-	SYS___CDUMP_A                       = 0x7B7
-	SYS___CEE3DMP_A                     = 0x7B6
-	SYS___CEILF_H                       = 0x7F4
-	SYS___CEILL_H                       = 0x7F5
-	SYS___CEIL_H                        = 0x7EA
-	SYS___CRYPT_A                       = 0x7BE
-	SYS___CSNAP_A                       = 0x7B8
-	SYS___CTEST_A                       = 0x7B9
-	SYS___CTIME_R_A                     = 0x7A2
-	SYS___CTRACE_A                      = 0x7BA
-	SYS___DBM_OPEN_A                    = 0x7E6
-	SYS___DIRNAME_A                     = 0x7DD
-	SYS___FABSF_H                       = 0x7FA
-	SYS___FABSL_H                       = 0x7FB
-	SYS___FABS_H                        = 0x7ED
-	SYS___FGETWC_A                      = 0x7AA
-	SYS___FGETWS_A                      = 0x7AD
-	SYS___FLOORF_H                      = 0x7F6
-	SYS___FLOORL_H                      = 0x7F7
-	SYS___FLOOR_H                       = 0x7EB
-	SYS___FPUTWC_A                      = 0x7A5
-	SYS___FPUTWS_A                      = 0x7A8
-	SYS___GETTIMEOFDAY_A                = 0x7AE
-	SYS___GETWCHAR_A                    = 0x7AC
-	SYS___GETWC_A                       = 0x7AB
-	SYS___GLOB_A                        = 0x7DE
-	SYS___GMTIME_A                      = 0x7AF
-	SYS___GMTIME_R_A                    = 0x7B0
-	SYS___INET_PTON_A                   = 0x7BC
-	SYS___J0_H                          = 0x7EE
-	SYS___J1_H                          = 0x7EF
-	SYS___JN_H                          = 0x7F0
-	SYS___LOCALTIME_A                   = 0x7B1
-	SYS___LOCALTIME_R_A                 = 0x7B2
-	SYS___MALLOC24                      = 0x7FC
-	SYS___MALLOC31                      = 0x7FD
-	SYS___MKTIME_A                      = 0x7B3
-	SYS___MODFF_H                       = 0x7F8
-	SYS___MODFL_H                       = 0x7F9
-	SYS___MODF_H                        = 0x7EC
-	SYS___OPENDIR_A                     = 0x7C2
-	SYS___OSNAME                        = 0x7E0
-	SYS___PUTWCHAR_A                    = 0x7A7
-	SYS___PUTWC_A                       = 0x7A6
-	SYS___READDIR_A                     = 0x7C3
-	SYS___STRTOLL_A                     = 0x7A3
-	SYS___STRTOULL_A                    = 0x7A4
-	SYS___SYSLOG_A                      = 0x7BD
-	SYS___TZZNA                         = 0x7B4
-	SYS___UNGETWC_A                     = 0x7A9
-	SYS___UTIME_A                       = 0x7A0
-	SYS___VFPRINTF2_A                   = 0x7E7
-	SYS___VPRINTF2_A                    = 0x7E8
-	SYS___VSPRINTF2_A                   = 0x7E9
-	SYS___VSWPRNTF2_A                   = 0x7BB
-	SYS___WCSTOD_A                      = 0x7D9
-	SYS___WCSTOL_A                      = 0x7DA
-	SYS___WCSTOUL_A                     = 0x7DB
-	SYS___WCTOB_A                       = 0x7E5
-	SYS___Y0_H                          = 0x7F1
-	SYS___Y1_H                          = 0x7F2
-	SYS___YN_H                          = 0x7F3
-	SYS_____OPENDIR2_A                  = 0x7BF
-	SYS_____OSNAME_A                    = 0x7E1
-	SYS_____READDIR2_A                  = 0x7C0
-	SYS_DLCLOSE                         = 0x8DF
-	SYS_DLERROR                         = 0x8E0
-	SYS_DLOPEN                          = 0x8DD
-	SYS_DLSYM                           = 0x8DE
-	SYS_FLOCKFILE                       = 0x8D3
-	SYS_FTRYLOCKFILE                    = 0x8D4
-	SYS_FUNLOCKFILE                     = 0x8D5
-	SYS_GETCHAR_UNLOCKED                = 0x8D7
-	SYS_GETC_UNLOCKED                   = 0x8D6
-	SYS_PUTCHAR_UNLOCKED                = 0x8D9
-	SYS_PUTC_UNLOCKED                   = 0x8D8
-	SYS_SNPRINTF                        = 0x8DA
-	SYS_VSNPRINTF                       = 0x8DB
-	SYS_WCSCSPN                         = 0x08B
-	SYS_WCSLEN                          = 0x08C
-	SYS_WCSNCAT                         = 0x08D
-	SYS_WCSNCMP                         = 0x08A
-	SYS_WCSNCPY                         = 0x08F
-	SYS_WCSSPN                          = 0x08E
-	SYS___ABSF_H                        = 0x8E7
-	SYS___ABSL_H                        = 0x8E8
-	SYS___ABS_H                         = 0x8E6
-	SYS___ACOSF_H                       = 0x8EA
-	SYS___ACOSH_H                       = 0x8EC
-	SYS___ACOSL_H                       = 0x8EB
-	SYS___ACOS_H                        = 0x8E9
-	SYS___ASINF_H                       = 0x8EE
-	SYS___ASINH_H                       = 0x8F0
-	SYS___ASINL_H                       = 0x8EF
-	SYS___ASIN_H                        = 0x8ED
-	SYS___ATAN2F_H                      = 0x8F8
-	SYS___ATAN2L_H                      = 0x8F9
-	SYS___ATAN2_H                       = 0x8F7
-	SYS___ATANF_H                       = 0x8F2
-	SYS___ATANHF_H                      = 0x8F5
-	SYS___ATANHL_H                      = 0x8F6
-	SYS___ATANH_H                       = 0x8F4
-	SYS___ATANL_H                       = 0x8F3
-	SYS___ATAN_H                        = 0x8F1
-	SYS___CBRT_H                        = 0x8FA
-	SYS___COPYSIGNF_H                   = 0x8FB
-	SYS___COPYSIGNL_H                   = 0x8FC
-	SYS___COSF_H                        = 0x8FE
-	SYS___COSL_H                        = 0x8FF
-	SYS___COS_H                         = 0x8FD
-	SYS___DLERROR_A                     = 0x8D2
-	SYS___DLOPEN_A                      = 0x8D0
-	SYS___DLSYM_A                       = 0x8D1
-	SYS___GETUTXENT_A                   = 0x8C6
-	SYS___GETUTXID_A                    = 0x8C7
-	SYS___GETUTXLINE_A                  = 0x8C8
-	SYS___ITOA                          = 0x8AA
-	SYS___ITOA_A                        = 0x8B0
-	SYS___LE_CONDITION_TOKEN_BUILD      = 0x8A5
-	SYS___LE_MSG_ADD_INSERT             = 0x8A6
-	SYS___LE_MSG_GET                    = 0x8A7
-	SYS___LE_MSG_GET_AND_WRITE          = 0x8A8
-	SYS___LE_MSG_WRITE                  = 0x8A9
-	SYS___LLTOA                         = 0x8AE
-	SYS___LLTOA_A                       = 0x8B4
-	SYS___LTOA                          = 0x8AC
-	SYS___LTOA_A                        = 0x8B2
-	SYS___PUTCHAR_UNLOCKED_A            = 0x8CC
-	SYS___PUTC_UNLOCKED_A               = 0x8CB
-	SYS___PUTUTXLINE_A                  = 0x8C9
-	SYS___RESET_EXCEPTION_HANDLER       = 0x8E3
-	SYS___REXEC_A                       = 0x8C4
-	SYS___REXEC_AF_A                    = 0x8C5
-	SYS___SET_EXCEPTION_HANDLER         = 0x8E2
-	SYS___SNPRINTF_A                    = 0x8CD
-	SYS___SUPERKILL                     = 0x8A4
-	SYS___TCGETATTR_A                   = 0x8A1
-	SYS___TCSETATTR_A                   = 0x8A2
-	SYS___ULLTOA                        = 0x8AF
-	SYS___ULLTOA_A                      = 0x8B5
-	SYS___ULTOA                         = 0x8AD
-	SYS___ULTOA_A                       = 0x8B3
-	SYS___UTOA                          = 0x8AB
-	SYS___UTOA_A                        = 0x8B1
-	SYS___VHM_EVENT                     = 0x8E4
-	SYS___VSNPRINTF_A                   = 0x8CE
-	SYS_____GETENV_A                    = 0x8C3
-	SYS_____UTMPXNAME_A                 = 0x8CA
-	SYS_CACOSH                          = 0x9A0
-	SYS_CACOSHF                         = 0x9A3
-	SYS_CACOSHL                         = 0x9A6
-	SYS_CARG                            = 0x9A9
-	SYS_CARGF                           = 0x9AC
-	SYS_CARGL                           = 0x9AF
-	SYS_CASIN                           = 0x9B2
-	SYS_CASINF                          = 0x9B5
-	SYS_CASINH                          = 0x9BB
-	SYS_CASINHF                         = 0x9BE
-	SYS_CASINHL                         = 0x9C1
-	SYS_CASINL                          = 0x9B8
-	SYS_CATAN                           = 0x9C4
-	SYS_CATANF                          = 0x9C7
-	SYS_CATANH                          = 0x9CD
-	SYS_CATANHF                         = 0x9D0
-	SYS_CATANHL                         = 0x9D3
-	SYS_CATANL                          = 0x9CA
-	SYS_CCOS                            = 0x9D6
-	SYS_CCOSF                           = 0x9D9
-	SYS_CCOSH                           = 0x9DF
-	SYS_CCOSHF                          = 0x9E2
-	SYS_CCOSHL                          = 0x9E5
-	SYS_CCOSL                           = 0x9DC
-	SYS_CEXP                            = 0x9E8
-	SYS_CEXPF                           = 0x9EB
-	SYS_CEXPL                           = 0x9EE
-	SYS_CIMAG                           = 0x9F1
-	SYS_CIMAGF                          = 0x9F4
-	SYS_CIMAGL                          = 0x9F7
-	SYS_CLOGF                           = 0x9FD
-	SYS_MEMCHR                          = 0x09B
-	SYS_MEMCMP                          = 0x09A
-	SYS_STRCOLL                         = 0x09C
-	SYS_STRNCMP                         = 0x09D
-	SYS_STRRCHR                         = 0x09F
-	SYS_STRXFRM                         = 0x09E
-	SYS___CACOSHF_B                     = 0x9A4
-	SYS___CACOSHF_H                     = 0x9A5
-	SYS___CACOSHL_B                     = 0x9A7
-	SYS___CACOSHL_H                     = 0x9A8
-	SYS___CACOSH_B                      = 0x9A1
-	SYS___CACOSH_H                      = 0x9A2
-	SYS___CARGF_B                       = 0x9AD
-	SYS___CARGF_H                       = 0x9AE
-	SYS___CARGL_B                       = 0x9B0
-	SYS___CARGL_H                       = 0x9B1
-	SYS___CARG_B                        = 0x9AA
-	SYS___CARG_H                        = 0x9AB
-	SYS___CASINF_B                      = 0x9B6
-	SYS___CASINF_H                      = 0x9B7
-	SYS___CASINHF_B                     = 0x9BF
-	SYS___CASINHF_H                     = 0x9C0
-	SYS___CASINHL_B                     = 0x9C2
-	SYS___CASINHL_H                     = 0x9C3
-	SYS___CASINH_B                      = 0x9BC
-	SYS___CASINH_H                      = 0x9BD
-	SYS___CASINL_B                      = 0x9B9
-	SYS___CASINL_H                      = 0x9BA
-	SYS___CASIN_B                       = 0x9B3
-	SYS___CASIN_H                       = 0x9B4
-	SYS___CATANF_B                      = 0x9C8
-	SYS___CATANF_H                      = 0x9C9
-	SYS___CATANHF_B                     = 0x9D1
-	SYS___CATANHF_H                     = 0x9D2
-	SYS___CATANHL_B                     = 0x9D4
-	SYS___CATANHL_H                     = 0x9D5
-	SYS___CATANH_B                      = 0x9CE
-	SYS___CATANH_H                      = 0x9CF
-	SYS___CATANL_B                      = 0x9CB
-	SYS___CATANL_H                      = 0x9CC
-	SYS___CATAN_B                       = 0x9C5
-	SYS___CATAN_H                       = 0x9C6
-	SYS___CCOSF_B                       = 0x9DA
-	SYS___CCOSF_H                       = 0x9DB
-	SYS___CCOSHF_B                      = 0x9E3
-	SYS___CCOSHF_H                      = 0x9E4
-	SYS___CCOSHL_B                      = 0x9E6
-	SYS___CCOSHL_H                      = 0x9E7
-	SYS___CCOSH_B                       = 0x9E0
-	SYS___CCOSH_H                       = 0x9E1
-	SYS___CCOSL_B                       = 0x9DD
-	SYS___CCOSL_H                       = 0x9DE
-	SYS___CCOS_B                        = 0x9D7
-	SYS___CCOS_H                        = 0x9D8
-	SYS___CEXPF_B                       = 0x9EC
-	SYS___CEXPF_H                       = 0x9ED
-	SYS___CEXPL_B                       = 0x9EF
-	SYS___CEXPL_H                       = 0x9F0
-	SYS___CEXP_B                        = 0x9E9
-	SYS___CEXP_H                        = 0x9EA
-	SYS___CIMAGF_B                      = 0x9F5
-	SYS___CIMAGF_H                      = 0x9F6
-	SYS___CIMAGL_B                      = 0x9F8
-	SYS___CIMAGL_H                      = 0x9F9
-	SYS___CIMAG_B                       = 0x9F2
-	SYS___CIMAG_H                       = 0x9F3
-	SYS___CLOG                          = 0x9FA
-	SYS___CLOGF_B                       = 0x9FE
-	SYS___CLOGF_H                       = 0x9FF
-	SYS___CLOG_B                        = 0x9FB
-	SYS___CLOG_H                        = 0x9FC
-	SYS_ISWCTYPE                        = 0x10C
-	SYS_ISWXDIGI                        = 0x10A
-	SYS_ISWXDIGIT                       = 0x10A
-	SYS_MBSINIT                         = 0x10F
-	SYS_TOWLOWER                        = 0x10D
-	SYS_TOWUPPER                        = 0x10E
-	SYS_WCTYPE                          = 0x10B
-	SYS_WCSSTR                          = 0x11B
-	SYS___RPMTCH                        = 0x11A
-	SYS_WCSTOD                          = 0x12E
-	SYS_WCSTOK                          = 0x12C
-	SYS_WCSTOL                          = 0x12D
-	SYS_WCSTOUL                         = 0x12F
-	SYS_FGETWC                          = 0x13C
-	SYS_FGETWS                          = 0x13D
-	SYS_FPUTWC                          = 0x13E
-	SYS_FPUTWS                          = 0x13F
-	SYS_REGERROR                        = 0x13B
-	SYS_REGFREE                         = 0x13A
-	SYS_COLLEQUIV                       = 0x14F
-	SYS_COLLTOSTR                       = 0x14E
-	SYS_ISMCCOLLEL                      = 0x14C
-	SYS_STRTOCOLL                       = 0x14D
-	SYS_DLLFREE                         = 0x16F
-	SYS_DLLQUERYFN                      = 0x16D
-	SYS_DLLQUERYVAR                     = 0x16E
-	SYS_GETMCCOLL                       = 0x16A
-	SYS_GETWMCCOLL                      = 0x16B
-	SYS___ERR2AD                        = 0x16C
-	SYS_CFSETOSPEED                     = 0x17A
-	SYS_CHDIR                           = 0x17B
-	SYS_CHMOD                           = 0x17C
-	SYS_CHOWN                           = 0x17D
-	SYS_CLOSE                           = 0x17E
-	SYS_CLOSEDIR                        = 0x17F
-	SYS_LOG                             = 0x017
-	SYS_COSH                            = 0x018
-	SYS_FCHMOD                          = 0x18A
-	SYS_FCHOWN                          = 0x18B
-	SYS_FCNTL                           = 0x18C
-	SYS_FILENO                          = 0x18D
-	SYS_FORK                            = 0x18E
-	SYS_FPATHCONF                       = 0x18F
-	SYS_GETLOGIN                        = 0x19A
-	SYS_GETPGRP                         = 0x19C
-	SYS_GETPID                          = 0x19D
-	SYS_GETPPID                         = 0x19E
-	SYS_GETPWNAM                        = 0x19F
-	SYS_TANH                            = 0x019
-	SYS_W_GETMNTENT                     = 0x19B
-	SYS_POW                             = 0x020
-	SYS_PTHREAD_SELF                    = 0x20A
-	SYS_PTHREAD_SETINTR                 = 0x20B
-	SYS_PTHREAD_SETINTRTYPE             = 0x20C
-	SYS_PTHREAD_SETSPECIFIC             = 0x20D
-	SYS_PTHREAD_TESTINTR                = 0x20E
-	SYS_PTHREAD_YIELD                   = 0x20F
-	SYS_SQRT                            = 0x021
-	SYS_FLOOR                           = 0x022
-	SYS_J1                              = 0x023
-	SYS_WCSPBRK                         = 0x23F
-	SYS_BSEARCH                         = 0x24C
-	SYS_FABS                            = 0x024
-	SYS_GETENV                          = 0x24A
-	SYS_LDIV                            = 0x24D
-	SYS_SYSTEM                          = 0x24B
-	SYS_FMOD                            = 0x025
-	SYS___RETHROW                       = 0x25F
-	SYS___THROW                         = 0x25E
-	SYS_J0                              = 0x026
-	SYS_PUTENV                          = 0x26A
-	SYS___GETENV                        = 0x26F
-	SYS_SEMCTL                          = 0x27A
-	SYS_SEMGET                          = 0x27B
-	SYS_SEMOP                           = 0x27C
-	SYS_SHMAT                           = 0x27D
-	SYS_SHMCTL                          = 0x27E
-	SYS_SHMDT                           = 0x27F
-	SYS_YN                              = 0x027
-	SYS_JN                              = 0x028
-	SYS_SIGALTSTACK                     = 0x28A
-	SYS_SIGHOLD                         = 0x28B
-	SYS_SIGIGNORE                       = 0x28C
-	SYS_SIGINTERRUPT                    = 0x28D
-	SYS_SIGPAUSE                        = 0x28E
-	SYS_SIGRELSE                        = 0x28F
-	SYS_GETOPT                          = 0x29A
-	SYS_GETSUBOPT                       = 0x29D
-	SYS_LCHOWN                          = 0x29B
-	SYS_SETPGRP                         = 0x29E
-	SYS_TRUNCATE                        = 0x29C
-	SYS_Y0                              = 0x029
-	SYS___GDERR                         = 0x29F
-	SYS_ISALPHA                         = 0x030
-	SYS_VFORK                           = 0x30F
-	SYS__LONGJMP                        = 0x30D
-	SYS__SETJMP                         = 0x30E
-	SYS_GLOB                            = 0x31A
-	SYS_GLOBFREE                        = 0x31B
-	SYS_ISALNUM                         = 0x031
-	SYS_PUTW                            = 0x31C
-	SYS_SEEKDIR                         = 0x31D
-	SYS_TELLDIR                         = 0x31E
-	SYS_TEMPNAM                         = 0x31F
-	SYS_GETTIMEOFDAY_R                  = 0x32E
-	SYS_ISLOWER                         = 0x032
-	SYS_LGAMMA                          = 0x32C
-	SYS_REMAINDER                       = 0x32A
-	SYS_SCALB                           = 0x32B
-	SYS_SYNC                            = 0x32F
-	SYS_TTYSLOT                         = 0x32D
-	SYS_ENDPROTOENT                     = 0x33A
-	SYS_ENDSERVENT                      = 0x33B
-	SYS_GETHOSTBYADDR                   = 0x33D
-	SYS_GETHOSTBYADDR_R                 = 0x33C
-	SYS_GETHOSTBYNAME                   = 0x33F
-	SYS_GETHOSTBYNAME_R                 = 0x33E
-	SYS_ISCNTRL                         = 0x033
-	SYS_GETSERVBYNAME                   = 0x34A
-	SYS_GETSERVBYPORT                   = 0x34B
-	SYS_GETSERVENT                      = 0x34C
-	SYS_GETSOCKNAME                     = 0x34D
-	SYS_GETSOCKOPT                      = 0x34E
-	SYS_INET_ADDR                       = 0x34F
-	SYS_ISDIGIT                         = 0x034
-	SYS_ISGRAPH                         = 0x035
-	SYS_SELECT                          = 0x35B
-	SYS_SELECTEX                        = 0x35C
-	SYS_SEND                            = 0x35D
-	SYS_SENDTO                          = 0x35F
-	SYS_CHROOT                          = 0x36A
-	SYS_ISNAN                           = 0x36D
-	SYS_ISUPPER                         = 0x036
-	SYS_ULIMIT                          = 0x36C
-	SYS_UTIMES                          = 0x36E
-	SYS_W_STATVFS                       = 0x36B
-	SYS___H_ERRNO                       = 0x36F
-	SYS_GRANTPT                         = 0x37A
-	SYS_ISPRINT                         = 0x037
-	SYS_TCGETSID                        = 0x37C
-	SYS_UNLOCKPT                        = 0x37B
-	SYS___TCGETCP                       = 0x37D
-	SYS___TCSETCP                       = 0x37E
-	SYS___TCSETTABLES                   = 0x37F
-	SYS_ISPUNCT                         = 0x038
-	SYS_NLIST                           = 0x38C
-	SYS___IPDBCS                        = 0x38D
-	SYS___IPDSPX                        = 0x38E
-	SYS___IPMSGC                        = 0x38F
-	SYS___STHOSTENT                     = 0x38B
-	SYS___STSERVENT                     = 0x38A
-	SYS_ISSPACE                         = 0x039
-	SYS_COS                             = 0x040
-	SYS_T_ALLOC                         = 0x40A
-	SYS_T_BIND                          = 0x40B
-	SYS_T_CLOSE                         = 0x40C
-	SYS_T_CONNECT                       = 0x40D
-	SYS_T_ERROR                         = 0x40E
-	SYS_T_FREE                          = 0x40F
-	SYS_TAN                             = 0x041
-	SYS_T_RCVREL                        = 0x41A
-	SYS_T_RCVUDATA                      = 0x41B
-	SYS_T_RCVUDERR                      = 0x41C
-	SYS_T_SND                           = 0x41D
-	SYS_T_SNDDIS                        = 0x41E
-	SYS_T_SNDREL                        = 0x41F
-	SYS_GETPMSG                         = 0x42A
-	SYS_ISASTREAM                       = 0x42B
-	SYS_PUTMSG                          = 0x42C
-	SYS_PUTPMSG                         = 0x42D
-	SYS_SINH                            = 0x042
-	SYS___ISPOSIXON                     = 0x42E
-	SYS___OPENMVSREL                    = 0x42F
-	SYS_ACOS                            = 0x043
-	SYS_ATAN                            = 0x044
-	SYS_ATAN2                           = 0x045
-	SYS_FTELL                           = 0x046
-	SYS_FGETPOS                         = 0x047
-	SYS_SOCK_DEBUG                      = 0x47A
-	SYS_SOCK_DO_TESTSTOR                = 0x47D
-	SYS_TAKESOCKET                      = 0x47E
-	SYS___SERVER_INIT                   = 0x47F
-	SYS_FSEEK                           = 0x048
-	SYS___IPHOST                        = 0x48B
-	SYS___IPNODE                        = 0x48C
-	SYS___SERVER_CLASSIFY_CREATE        = 0x48D
-	SYS___SERVER_CLASSIFY_DESTROY       = 0x48E
-	SYS___SERVER_CLASSIFY_RESET         = 0x48F
-	SYS___SMF_RECORD                    = 0x48A
-	SYS_FSETPOS                         = 0x049
-	SYS___FNWSA                         = 0x49B
-	SYS___SPAWN2                        = 0x49D
-	SYS___SPAWNP2                       = 0x49E
-	SYS_ATOF                            = 0x050
-	SYS_PTHREAD_MUTEXATTR_GETPSHARED    = 0x50A
-	SYS_PTHREAD_MUTEXATTR_SETPSHARED    = 0x50B
-	SYS_PTHREAD_RWLOCK_DESTROY          = 0x50C
-	SYS_PTHREAD_RWLOCK_INIT             = 0x50D
-	SYS_PTHREAD_RWLOCK_RDLOCK           = 0x50E
-	SYS_PTHREAD_RWLOCK_TRYRDLOCK        = 0x50F
-	SYS_ATOI                            = 0x051
-	SYS___FP_CLASS                      = 0x51D
-	SYS___FP_CLR_FLAG                   = 0x51A
-	SYS___FP_FINITE                     = 0x51E
-	SYS___FP_ISNAN                      = 0x51F
-	SYS___FP_RAISE_XCP                  = 0x51C
-	SYS___FP_READ_FLAG                  = 0x51B
-	SYS_RAND                            = 0x052
-	SYS_SIGTIMEDWAIT                    = 0x52D
-	SYS_SIGWAITINFO                     = 0x52E
-	SYS___CHKBFP                        = 0x52F
-	SYS___FPC_RS                        = 0x52C
-	SYS___FPC_RW                        = 0x52A
-	SYS___FPC_SM                        = 0x52B
-	SYS_STRTOD                          = 0x053
-	SYS_STRTOL                          = 0x054
-	SYS_STRTOUL                         = 0x055
-	SYS_MALLOC                          = 0x056
-	SYS_SRAND                           = 0x057
-	SYS_CALLOC                          = 0x058
-	SYS_FREE                            = 0x059
-	SYS___OSENV                         = 0x59F
-	SYS___W_PIOCTL                      = 0x59E
-	SYS_LONGJMP                         = 0x060
-	SYS___FLOORF_B                      = 0x60A
-	SYS___FLOORL_B                      = 0x60B
-	SYS___FREXPF_B                      = 0x60C
-	SYS___FREXPL_B                      = 0x60D
-	SYS___LDEXPF_B                      = 0x60E
-	SYS___LDEXPL_B                      = 0x60F
-	SYS_SIGNAL                          = 0x061
-	SYS___ATAN2F_B                      = 0x61A
-	SYS___ATAN2L_B                      = 0x61B
-	SYS___COSHF_B                       = 0x61C
-	SYS___COSHL_B                       = 0x61D
-	SYS___EXPF_B                        = 0x61E
-	SYS___EXPL_B                        = 0x61F
-	SYS_TMPNAM                          = 0x062
-	SYS___ABSF_B                        = 0x62A
-	SYS___ABSL_B                        = 0x62C
-	SYS___ABS_B                         = 0x62B
-	SYS___FMODF_B                       = 0x62D
-	SYS___FMODL_B                       = 0x62E
-	SYS___MODFF_B                       = 0x62F
-	SYS_ATANL                           = 0x63A
-	SYS_CEILF                           = 0x63B
-	SYS_CEILL                           = 0x63C
-	SYS_COSF                            = 0x63D
-	SYS_COSHF                           = 0x63F
-	SYS_COSL                            = 0x63E
-	SYS_REMOVE                          = 0x063
-	SYS_POWL                            = 0x64A
-	SYS_RENAME                          = 0x064
-	SYS_SINF                            = 0x64B
-	SYS_SINHF                           = 0x64F
-	SYS_SINL                            = 0x64C
-	SYS_SQRTF                           = 0x64D
-	SYS_SQRTL                           = 0x64E
-	SYS_BTOWC                           = 0x65F
-	SYS_FREXPL                          = 0x65A
-	SYS_LDEXPF                          = 0x65B
-	SYS_LDEXPL                          = 0x65C
-	SYS_MODFF                           = 0x65D
-	SYS_MODFL                           = 0x65E
-	SYS_TMPFILE                         = 0x065
-	SYS_FREOPEN                         = 0x066
-	SYS___CHARMAP_INIT_A                = 0x66E
-	SYS___GETHOSTBYADDR_R_A             = 0x66C
-	SYS___GETHOSTBYNAME_A               = 0x66A
-	SYS___GETHOSTBYNAME_R_A             = 0x66D
-	SYS___MBLEN_A                       = 0x66F
-	SYS___RES_INIT_A                    = 0x66B
-	SYS_FCLOSE                          = 0x067
-	SYS___GETGRGID_R_A                  = 0x67D
-	SYS___WCSTOMBS_A                    = 0x67A
-	SYS___WCSTOMBS_STD_A                = 0x67B
-	SYS___WCSWIDTH_A                    = 0x67C
-	SYS___WCSWIDTH_ASIA                 = 0x67F
-	SYS___WCSWIDTH_STD_A                = 0x67E
-	SYS_FFLUSH                          = 0x068
-	SYS___GETLOGIN_R_A                  = 0x68E
-	SYS___GETPWNAM_R_A                  = 0x68C
-	SYS___GETPWUID_R_A                  = 0x68D
-	SYS___TTYNAME_R_A                   = 0x68F
-	SYS___WCWIDTH_ASIA                  = 0x68B
-	SYS___WCWIDTH_STD_A                 = 0x68A
-	SYS_FOPEN                           = 0x069
-	SYS___REGEXEC_A                     = 0x69A
-	SYS___REGEXEC_STD_A                 = 0x69B
-	SYS___REGFREE_A                     = 0x69C
-	SYS___REGFREE_STD_A                 = 0x69D
-	SYS___STRCOLL_A                     = 0x69E
-	SYS___STRCOLL_C_A                   = 0x69F
-	SYS_SCANF                           = 0x070
-	SYS___A64L_A                        = 0x70C
-	SYS___ECVT_A                        = 0x70D
-	SYS___FCVT_A                        = 0x70E
-	SYS___GCVT_A                        = 0x70F
-	SYS___STRTOUL_A                     = 0x70A
-	SYS_____AE_CORRESTBL_QUERY_A        = 0x70B
-	SYS_SPRINTF                         = 0x071
-	SYS___ACCESS_A                      = 0x71F
-	SYS___CATOPEN_A                     = 0x71E
-	SYS___GETOPT_A                      = 0x71D
-	SYS___REALPATH_A                    = 0x71A
-	SYS___SETENV_A                      = 0x71B
-	SYS___SYSTEM_A                      = 0x71C
-	SYS_FGETC                           = 0x072
-	SYS___GAI_STRERROR_A                = 0x72F
-	SYS___RMDIR_A                       = 0x72A
-	SYS___STATVFS_A                     = 0x72B
-	SYS___SYMLINK_A                     = 0x72C
-	SYS___TRUNCATE_A                    = 0x72D
-	SYS___UNLINK_A                      = 0x72E
-	SYS_VFPRINTF                        = 0x073
-	SYS___ISSPACE_A                     = 0x73A
-	SYS___ISUPPER_A                     = 0x73B
-	SYS___ISWALNUM_A                    = 0x73F
-	SYS___ISXDIGIT_A                    = 0x73C
-	SYS___TOLOWER_A                     = 0x73D
-	SYS___TOUPPER_A                     = 0x73E
-	SYS_VPRINTF                         = 0x074
-	SYS___CONFSTR_A                     = 0x74B
-	SYS___FDOPEN_A                      = 0x74E
-	SYS___FLDATA_A                      = 0x74F
-	SYS___FTOK_A                        = 0x74C
-	SYS___ISWXDIGIT_A                   = 0x74A
-	SYS___MKTEMP_A                      = 0x74D
-	SYS_VSPRINTF                        = 0x075
-	SYS___GETGRGID_A                    = 0x75A
-	SYS___GETGRNAM_A                    = 0x75B
-	SYS___GETGROUPSBYNAME_A             = 0x75C
-	SYS___GETHOSTENT_A                  = 0x75D
-	SYS___GETHOSTNAME_A                 = 0x75E
-	SYS___GETLOGIN_A                    = 0x75F
-	SYS_GETC                            = 0x076
-	SYS___CREATEWORKUNIT_A              = 0x76A
-	SYS___CTERMID_A                     = 0x76B
-	SYS___FMTMSG_A                      = 0x76C
-	SYS___INITGROUPS_A                  = 0x76D
-	SYS___MSGRCV_A                      = 0x76F
-	SYS_____LOGIN_A                     = 0x76E
-	SYS_FGETS                           = 0x077
-	SYS___STRCASECMP_A                  = 0x77B
-	SYS___STRNCASECMP_A                 = 0x77C
-	SYS___TTYNAME_A                     = 0x77D
-	SYS___UNAME_A                       = 0x77E
-	SYS___UTIMES_A                      = 0x77F
-	SYS_____SERVER_PWU_A                = 0x77A
-	SYS_FPUTC                           = 0x078
-	SYS___CREAT_O_A                     = 0x78E
-	SYS___ENVNA                         = 0x78F
-	SYS___FREAD_A                       = 0x78A
-	SYS___FWRITE_A                      = 0x78B
-	SYS___ISASCII                       = 0x78D
-	SYS___OPEN_O_A                      = 0x78C
-	SYS_FPUTS                           = 0x079
-	SYS___ASCTIME_A                     = 0x79C
-	SYS___CTIME_A                       = 0x79D
-	SYS___GETDATE_A                     = 0x79E
-	SYS___GETSERVBYPORT_A               = 0x79A
-	SYS___GETSERVENT_A                  = 0x79B
-	SYS___TZSET_A                       = 0x79F
-	SYS_ACL_FROM_TEXT                   = 0x80C
-	SYS_ACL_SET_FD                      = 0x80A
-	SYS_ACL_SET_FILE                    = 0x80B
-	SYS_ACL_SORT                        = 0x80E
-	SYS_ACL_TO_TEXT                     = 0x80D
-	SYS_UNGETC                          = 0x080
-	SYS___SHUTDOWN_REGISTRATION         = 0x80F
-	SYS_FREAD                           = 0x081
-	SYS_FREEADDRINFO                    = 0x81A
-	SYS_GAI_STRERROR                    = 0x81B
-	SYS_REXEC_AF                        = 0x81C
-	SYS___DYNALLOC_A                    = 0x81F
-	SYS___POE                           = 0x81D
-	SYS_WCSTOMBS                        = 0x082
-	SYS___INET_ADDR_A                   = 0x82F
-	SYS___NLIST_A                       = 0x82A
-	SYS_____TCGETCP_A                   = 0x82B
-	SYS_____TCSETCP_A                   = 0x82C
-	SYS_____W_PIOCTL_A                  = 0x82E
-	SYS_MBTOWC                          = 0x083
-	SYS___CABEND                        = 0x83D
-	SYS___LE_CIB_GET                    = 0x83E
-	SYS___RECVMSG_A                     = 0x83B
-	SYS___SENDMSG_A                     = 0x83A
-	SYS___SET_LAA_FOR_JIT               = 0x83F
-	SYS_____LCHATTR_A                   = 0x83C
-	SYS_WCTOMB                          = 0x084
-	SYS___CBRTL_B                       = 0x84A
-	SYS___COPYSIGNF_B                   = 0x84B
-	SYS___COPYSIGNL_B                   = 0x84C
-	SYS___COTANF_B                      = 0x84D
-	SYS___COTANL_B                      = 0x84F
-	SYS___COTAN_B                       = 0x84E
-	SYS_MBSTOWCS                        = 0x085
-	SYS___LOG1PL_B                      = 0x85A
-	SYS___LOG2F_B                       = 0x85B
-	SYS___LOG2L_B                       = 0x85D
-	SYS___LOG2_B                        = 0x85C
-	SYS___REMAINDERF_B                  = 0x85E
-	SYS___REMAINDERL_B                  = 0x85F
-	SYS_ACOSHF                          = 0x86E
-	SYS_ACOSHL                          = 0x86F
-	SYS_WCSCPY                          = 0x086
-	SYS___ERFCF_B                       = 0x86D
-	SYS___ERFF_B                        = 0x86C
-	SYS___LROUNDF_B                     = 0x86A
-	SYS___LROUND_B                      = 0x86B
-	SYS_COTANL                          = 0x87A
-	SYS_EXP2F                           = 0x87B
-	SYS_EXP2L                           = 0x87C
-	SYS_EXPM1F                          = 0x87D
-	SYS_EXPM1L                          = 0x87E
-	SYS_FDIMF                           = 0x87F
-	SYS_WCSCAT                          = 0x087
-	SYS___COTANL                        = 0x87A
-	SYS_REMAINDERF                      = 0x88A
-	SYS_REMAINDERL                      = 0x88B
-	SYS_REMAINDF                        = 0x88A
-	SYS_REMAINDL                        = 0x88B
-	SYS_REMQUO                          = 0x88D
-	SYS_REMQUOF                         = 0x88C
-	SYS_REMQUOL                         = 0x88E
-	SYS_TGAMMAF                         = 0x88F
-	SYS_WCSCHR                          = 0x088
-	SYS_ERFCF                           = 0x89B
-	SYS_ERFCL                           = 0x89C
-	SYS_ERFL                            = 0x89A
-	SYS_EXP2                            = 0x89E
-	SYS_WCSCMP                          = 0x089
-	SYS___EXP2_B                        = 0x89D
-	SYS___FAR_JUMP                      = 0x89F
-	SYS_ABS                             = 0x090
-	SYS___ERFCL_H                       = 0x90A
-	SYS___EXPF_H                        = 0x90C
-	SYS___EXPL_H                        = 0x90D
-	SYS___EXPM1_H                       = 0x90E
-	SYS___EXP_H                         = 0x90B
-	SYS___FDIM_H                        = 0x90F
-	SYS_DIV                             = 0x091
-	SYS___LOG2F_H                       = 0x91F
-	SYS___LOG2_H                        = 0x91E
-	SYS___LOGB_H                        = 0x91D
-	SYS___LOGF_H                        = 0x91B
-	SYS___LOGL_H                        = 0x91C
-	SYS___LOG_H                         = 0x91A
-	SYS_LABS                            = 0x092
-	SYS___POWL_H                        = 0x92A
-	SYS___REMAINDER_H                   = 0x92B
-	SYS___RINT_H                        = 0x92C
-	SYS___SCALB_H                       = 0x92D
-	SYS___SINF_H                        = 0x92F
-	SYS___SIN_H                         = 0x92E
-	SYS_STRNCPY                         = 0x093
-	SYS___TANHF_H                       = 0x93B
-	SYS___TANHL_H                       = 0x93C
-	SYS___TANH_H                        = 0x93A
-	SYS___TGAMMAF_H                     = 0x93E
-	SYS___TGAMMA_H                      = 0x93D
-	SYS___TRUNC_H                       = 0x93F
-	SYS_MEMCPY                          = 0x094
-	SYS_VFWSCANF                        = 0x94A
-	SYS_VSWSCANF                        = 0x94E
-	SYS_VWSCANF                         = 0x94C
-	SYS_INET6_RTH_ADD                   = 0x95D
-	SYS_INET6_RTH_INIT                  = 0x95C
-	SYS_INET6_RTH_REVERSE               = 0x95E
-	SYS_INET6_RTH_SEGMENTS              = 0x95F
-	SYS_INET6_RTH_SPACE                 = 0x95B
-	SYS_MEMMOVE                         = 0x095
-	SYS_WCSTOLD                         = 0x95A
-	SYS_STRCPY                          = 0x096
-	SYS_STRCMP                          = 0x097
-	SYS_CABS                            = 0x98E
-	SYS_STRCAT                          = 0x098
-	SYS___CABS_B                        = 0x98F
-	SYS___POW_II                        = 0x98A
-	SYS___POW_II_B                      = 0x98B
-	SYS___POW_II_H                      = 0x98C
-	SYS_CACOSF                          = 0x99A
-	SYS_CACOSL                          = 0x99D
-	SYS_STRNCAT                         = 0x099
-	SYS___CACOSF_B                      = 0x99B
-	SYS___CACOSF_H                      = 0x99C
-	SYS___CACOSL_B                      = 0x99E
-	SYS___CACOSL_H                      = 0x99F
-	SYS_ISWALPHA                        = 0x100
-	SYS_ISWBLANK                        = 0x101
-	SYS___ISWBLK                        = 0x101
-	SYS_ISWCNTRL                        = 0x102
-	SYS_ISWDIGIT                        = 0x103
-	SYS_ISWGRAPH                        = 0x104
-	SYS_ISWLOWER                        = 0x105
-	SYS_ISWPRINT                        = 0x106
-	SYS_ISWPUNCT                        = 0x107
-	SYS_ISWSPACE                        = 0x108
-	SYS_ISWUPPER                        = 0x109
-	SYS_WCTOB                           = 0x110
-	SYS_MBRLEN                          = 0x111
-	SYS_MBRTOWC                         = 0x112
-	SYS_MBSRTOWC                        = 0x113
-	SYS_MBSRTOWCS                       = 0x113
-	SYS_WCRTOMB                         = 0x114
-	SYS_WCSRTOMB                        = 0x115
-	SYS_WCSRTOMBS                       = 0x115
-	SYS___CSID                          = 0x116
-	SYS___WCSID                         = 0x117
-	SYS_STRPTIME                        = 0x118
-	SYS___STRPTM                        = 0x118
-	SYS_STRFMON                         = 0x119
-	SYS_WCSCOLL                         = 0x130
-	SYS_WCSXFRM                         = 0x131
-	SYS_WCSWIDTH                        = 0x132
-	SYS_WCWIDTH                         = 0x133
-	SYS_WCSFTIME                        = 0x134
-	SYS_SWPRINTF                        = 0x135
-	SYS_VSWPRINT                        = 0x136
-	SYS_VSWPRINTF                       = 0x136
-	SYS_SWSCANF                         = 0x137
-	SYS_REGCOMP                         = 0x138
-	SYS_REGEXEC                         = 0x139
-	SYS_GETWC                           = 0x140
-	SYS_GETWCHAR                        = 0x141
-	SYS_PUTWC                           = 0x142
-	SYS_PUTWCHAR                        = 0x143
-	SYS_UNGETWC                         = 0x144
-	SYS_ICONV_OPEN                      = 0x145
-	SYS_ICONV                           = 0x146
-	SYS_ICONV_CLOSE                     = 0x147
-	SYS_COLLRANGE                       = 0x150
-	SYS_CCLASS                          = 0x151
-	SYS_COLLORDER                       = 0x152
-	SYS___DEMANGLE                      = 0x154
-	SYS_FDOPEN                          = 0x155
-	SYS___ERRNO                         = 0x156
-	SYS___ERRNO2                        = 0x157
-	SYS___TERROR                        = 0x158
-	SYS_MAXCOLL                         = 0x169
-	SYS_DLLLOAD                         = 0x170
-	SYS__EXIT                           = 0x174
-	SYS_ACCESS                          = 0x175
-	SYS_ALARM                           = 0x176
-	SYS_CFGETISPEED                     = 0x177
-	SYS_CFGETOSPEED                     = 0x178
-	SYS_CFSETISPEED                     = 0x179
-	SYS_CREAT                           = 0x180
-	SYS_CTERMID                         = 0x181
-	SYS_DUP                             = 0x182
-	SYS_DUP2                            = 0x183
-	SYS_EXECL                           = 0x184
-	SYS_EXECLE                          = 0x185
-	SYS_EXECLP                          = 0x186
-	SYS_EXECV                           = 0x187
-	SYS_EXECVE                          = 0x188
-	SYS_EXECVP                          = 0x189
-	SYS_FSTAT                           = 0x190
-	SYS_FSYNC                           = 0x191
-	SYS_FTRUNCATE                       = 0x192
-	SYS_GETCWD                          = 0x193
-	SYS_GETEGID                         = 0x194
-	SYS_GETEUID                         = 0x195
-	SYS_GETGID                          = 0x196
-	SYS_GETGRGID                        = 0x197
-	SYS_GETGRNAM                        = 0x198
-	SYS_GETGROUPS                       = 0x199
-	SYS_PTHREAD_MUTEXATTR_DESTROY       = 0x200
-	SYS_PTHREAD_MUTEXATTR_SETKIND_NP    = 0x201
-	SYS_PTHREAD_MUTEXATTR_GETKIND_NP    = 0x202
-	SYS_PTHREAD_MUTEX_INIT              = 0x203
-	SYS_PTHREAD_MUTEX_DESTROY           = 0x204
-	SYS_PTHREAD_MUTEX_LOCK              = 0x205
-	SYS_PTHREAD_MUTEX_TRYLOCK           = 0x206
-	SYS_PTHREAD_MUTEX_UNLOCK            = 0x207
-	SYS_PTHREAD_ONCE                    = 0x209
-	SYS_TW_OPEN                         = 0x210
-	SYS_TW_FCNTL                        = 0x211
-	SYS_PTHREAD_JOIN_D4_NP              = 0x212
-	SYS_PTHREAD_CONDATTR_SETKIND_NP     = 0x213
-	SYS_PTHREAD_CONDATTR_GETKIND_NP     = 0x214
-	SYS_EXTLINK_NP                      = 0x215
-	SYS___PASSWD                        = 0x216
-	SYS_SETGROUPS                       = 0x217
-	SYS_INITGROUPS                      = 0x218
-	SYS_WCSRCHR                         = 0x240
-	SYS_SVC99                           = 0x241
-	SYS___SVC99                         = 0x241
-	SYS_WCSWCS                          = 0x242
-	SYS_LOCALECO                        = 0x243
-	SYS_LOCALECONV                      = 0x243
-	SYS___LIBREL                        = 0x244
-	SYS_RELEASE                         = 0x245
-	SYS___RLSE                          = 0x245
-	SYS_FLOCATE                         = 0x246
-	SYS___FLOCT                         = 0x246
-	SYS_FDELREC                         = 0x247
-	SYS___FDLREC                        = 0x247
-	SYS_FETCH                           = 0x248
-	SYS___FETCH                         = 0x248
-	SYS_QSORT                           = 0x249
-	SYS___CLEANUPCATCH                  = 0x260
-	SYS___CATCHMATCH                    = 0x261
-	SYS___CLEAN2UPCATCH                 = 0x262
-	SYS_GETPRIORITY                     = 0x270
-	SYS_NICE                            = 0x271
-	SYS_SETPRIORITY                     = 0x272
-	SYS_GETITIMER                       = 0x273
-	SYS_SETITIMER                       = 0x274
-	SYS_MSGCTL                          = 0x275
-	SYS_MSGGET                          = 0x276
-	SYS_MSGRCV                          = 0x277
-	SYS_MSGSND                          = 0x278
-	SYS_MSGXRCV                         = 0x279
-	SYS___MSGXR                         = 0x279
-	SYS_SHMGET                          = 0x280
-	SYS___GETIPC                        = 0x281
-	SYS_SETGRENT                        = 0x282
-	SYS_GETGRENT                        = 0x283
-	SYS_ENDGRENT                        = 0x284
-	SYS_SETPWENT                        = 0x285
-	SYS_GETPWENT                        = 0x286
-	SYS_ENDPWENT                        = 0x287
-	SYS_BSD_SIGNAL                      = 0x288
-	SYS_KILLPG                          = 0x289
-	SYS_SIGSET                          = 0x290
-	SYS_SIGSTACK                        = 0x291
-	SYS_GETRLIMIT                       = 0x292
-	SYS_SETRLIMIT                       = 0x293
-	SYS_GETRUSAGE                       = 0x294
-	SYS_MMAP                            = 0x295
-	SYS_MPROTECT                        = 0x296
-	SYS_MSYNC                           = 0x297
-	SYS_MUNMAP                          = 0x298
-	SYS_CONFSTR                         = 0x299
-	SYS___NDMTRM                        = 0x300
-	SYS_FTOK                            = 0x301
-	SYS_BASENAME                        = 0x302
-	SYS_DIRNAME                         = 0x303
-	SYS_GETDTABLESIZE                   = 0x304
-	SYS_MKSTEMP                         = 0x305
-	SYS_MKTEMP                          = 0x306
-	SYS_NFTW                            = 0x307
-	SYS_GETWD                           = 0x308
-	SYS_LOCKF                           = 0x309
-	SYS_WORDEXP                         = 0x310
-	SYS_WORDFREE                        = 0x311
-	SYS_GETPGID                         = 0x312
-	SYS_GETSID                          = 0x313
-	SYS___UTMPXNAME                     = 0x314
-	SYS_CUSERID                         = 0x315
-	SYS_GETPASS                         = 0x316
-	SYS_FNMATCH                         = 0x317
-	SYS_FTW                             = 0x318
-	SYS_GETW                            = 0x319
-	SYS_ACOSH                           = 0x320
-	SYS_ASINH                           = 0x321
-	SYS_ATANH                           = 0x322
-	SYS_CBRT                            = 0x323
-	SYS_EXPM1                           = 0x324
-	SYS_ILOGB                           = 0x325
-	SYS_LOGB                            = 0x326
-	SYS_LOG1P                           = 0x327
-	SYS_NEXTAFTER                       = 0x328
-	SYS_RINT                            = 0x329
-	SYS_SPAWN                           = 0x330
-	SYS_SPAWNP                          = 0x331
-	SYS_GETLOGIN_UU                     = 0x332
-	SYS_ECVT                            = 0x333
-	SYS_FCVT                            = 0x334
-	SYS_GCVT                            = 0x335
-	SYS_ACCEPT                          = 0x336
-	SYS_BIND                            = 0x337
-	SYS_CONNECT                         = 0x338
-	SYS_ENDHOSTENT                      = 0x339
-	SYS_GETHOSTENT                      = 0x340
-	SYS_GETHOSTID                       = 0x341
-	SYS_GETHOSTNAME                     = 0x342
-	SYS_GETNETBYADDR                    = 0x343
-	SYS_GETNETBYNAME                    = 0x344
-	SYS_GETNETENT                       = 0x345
-	SYS_GETPEERNAME                     = 0x346
-	SYS_GETPROTOBYNAME                  = 0x347
-	SYS_GETPROTOBYNUMBER                = 0x348
-	SYS_GETPROTOENT                     = 0x349
-	SYS_INET_LNAOF                      = 0x350
-	SYS_INET_MAKEADDR                   = 0x351
-	SYS_INET_NETOF                      = 0x352
-	SYS_INET_NETWORK                    = 0x353
-	SYS_INET_NTOA                       = 0x354
-	SYS_IOCTL                           = 0x355
-	SYS_LISTEN                          = 0x356
-	SYS_READV                           = 0x357
-	SYS_RECV                            = 0x358
-	SYS_RECVFROM                        = 0x359
-	SYS_SETHOSTENT                      = 0x360
-	SYS_SETNETENT                       = 0x361
-	SYS_SETPEER                         = 0x362
-	SYS_SETPROTOENT                     = 0x363
-	SYS_SETSERVENT                      = 0x364
-	SYS_SETSOCKOPT                      = 0x365
-	SYS_SHUTDOWN                        = 0x366
-	SYS_SOCKET                          = 0x367
-	SYS_SOCKETPAIR                      = 0x368
-	SYS_WRITEV                          = 0x369
-	SYS_ENDNETENT                       = 0x370
-	SYS_CLOSELOG                        = 0x371
-	SYS_OPENLOG                         = 0x372
-	SYS_SETLOGMASK                      = 0x373
-	SYS_SYSLOG                          = 0x374
-	SYS_PTSNAME                         = 0x375
-	SYS_SETREUID                        = 0x376
-	SYS_SETREGID                        = 0x377
-	SYS_REALPATH                        = 0x378
-	SYS___SIGNGAM                       = 0x379
-	SYS_POLL                            = 0x380
-	SYS_REXEC                           = 0x381
-	SYS___ISASCII2                      = 0x382
-	SYS___TOASCII2                      = 0x383
-	SYS_CHPRIORITY                      = 0x384
-	SYS_PTHREAD_ATTR_SETSYNCTYPE_NP     = 0x385
-	SYS_PTHREAD_ATTR_GETSYNCTYPE_NP     = 0x386
-	SYS_PTHREAD_SET_LIMIT_NP            = 0x387
-	SYS___STNETENT                      = 0x388
-	SYS___STPROTOENT                    = 0x389
-	SYS___SELECT1                       = 0x390
-	SYS_PTHREAD_SECURITY_NP             = 0x391
-	SYS___CHECK_RESOURCE_AUTH_NP        = 0x392
-	SYS___CONVERT_ID_NP                 = 0x393
-	SYS___OPENVMREL                     = 0x394
-	SYS_WMEMCHR                         = 0x395
-	SYS_WMEMCMP                         = 0x396
-	SYS_WMEMCPY                         = 0x397
-	SYS_WMEMMOVE                        = 0x398
-	SYS_WMEMSET                         = 0x399
-	SYS___FPUTWC                        = 0x400
-	SYS___PUTWC                         = 0x401
-	SYS___PWCHAR                        = 0x402
-	SYS___WCSFTM                        = 0x403
-	SYS___WCSTOK                        = 0x404
-	SYS___WCWDTH                        = 0x405
-	SYS_T_ACCEPT                        = 0x409
-	SYS_T_GETINFO                       = 0x410
-	SYS_T_GETPROTADDR                   = 0x411
-	SYS_T_GETSTATE                      = 0x412
-	SYS_T_LISTEN                        = 0x413
-	SYS_T_LOOK                          = 0x414
-	SYS_T_OPEN                          = 0x415
-	SYS_T_OPTMGMT                       = 0x416
-	SYS_T_RCV                           = 0x417
-	SYS_T_RCVCONNECT                    = 0x418
-	SYS_T_RCVDIS                        = 0x419
-	SYS_T_SNDUDATA                      = 0x420
-	SYS_T_STRERROR                      = 0x421
-	SYS_T_SYNC                          = 0x422
-	SYS_T_UNBIND                        = 0x423
-	SYS___T_ERRNO                       = 0x424
-	SYS___RECVMSG2                      = 0x425
-	SYS___SENDMSG2                      = 0x426
-	SYS_FATTACH                         = 0x427
-	SYS_FDETACH                         = 0x428
-	SYS_GETMSG                          = 0x429
-	SYS_GETCONTEXT                      = 0x430
-	SYS_SETCONTEXT                      = 0x431
-	SYS_MAKECONTEXT                     = 0x432
-	SYS_SWAPCONTEXT                     = 0x433
-	SYS_PTHREAD_GETSPECIFIC_D8_NP       = 0x434
-	SYS_GETCLIENTID                     = 0x470
-	SYS___GETCLIENTID                   = 0x471
-	SYS_GETSTABLESIZE                   = 0x472
-	SYS_GETIBMOPT                       = 0x473
-	SYS_GETIBMSOCKOPT                   = 0x474
-	SYS_GIVESOCKET                      = 0x475
-	SYS_IBMSFLUSH                       = 0x476
-	SYS_MAXDESC                         = 0x477
-	SYS_SETIBMOPT                       = 0x478
-	SYS_SETIBMSOCKOPT                   = 0x479
-	SYS___SERVER_PWU                    = 0x480
-	SYS_PTHREAD_TAG_NP                  = 0x481
-	SYS___CONSOLE                       = 0x482
-	SYS___WSINIT                        = 0x483
-	SYS___IPTCPN                        = 0x489
-	SYS___SERVER_CLASSIFY               = 0x490
-	SYS___HEAPRPT                       = 0x496
-	SYS___ISBFP                         = 0x500
-	SYS___FP_CAST                       = 0x501
-	SYS___CERTIFICATE                   = 0x502
-	SYS_SEND_FILE                       = 0x503
-	SYS_AIO_CANCEL                      = 0x504
-	SYS_AIO_ERROR                       = 0x505
-	SYS_AIO_READ                        = 0x506
-	SYS_AIO_RETURN                      = 0x507
-	SYS_AIO_SUSPEND                     = 0x508
-	SYS_AIO_WRITE                       = 0x509
-	SYS_PTHREAD_RWLOCK_TRYWRLOCK        = 0x510
-	SYS_PTHREAD_RWLOCK_UNLOCK           = 0x511
-	SYS_PTHREAD_RWLOCK_WRLOCK           = 0x512
-	SYS_PTHREAD_RWLOCKATTR_GETPSHARED   = 0x513
-	SYS_PTHREAD_RWLOCKATTR_SETPSHARED   = 0x514
-	SYS_PTHREAD_RWLOCKATTR_INIT         = 0x515
-	SYS_PTHREAD_RWLOCKATTR_DESTROY      = 0x516
-	SYS___CTTBL                         = 0x517
-	SYS_PTHREAD_MUTEXATTR_SETTYPE       = 0x518
-	SYS_PTHREAD_MUTEXATTR_GETTYPE       = 0x519
-	SYS___FP_UNORDERED                  = 0x520
-	SYS___FP_READ_RND                   = 0x521
-	SYS___FP_READ_RND_B                 = 0x522
-	SYS___FP_SWAP_RND                   = 0x523
-	SYS___FP_SWAP_RND_B                 = 0x524
-	SYS___FP_LEVEL                      = 0x525
-	SYS___FP_BTOH                       = 0x526
-	SYS___FP_HTOB                       = 0x527
-	SYS___FPC_RD                        = 0x528
-	SYS___FPC_WR                        = 0x529
-	SYS_PTHREAD_SETCANCELTYPE           = 0x600
-	SYS_PTHREAD_TESTCANCEL              = 0x601
-	SYS___ATANF_B                       = 0x602
-	SYS___ATANL_B                       = 0x603
-	SYS___CEILF_B                       = 0x604
-	SYS___CEILL_B                       = 0x605
-	SYS___COSF_B                        = 0x606
-	SYS___COSL_B                        = 0x607
-	SYS___FABSF_B                       = 0x608
-	SYS___FABSL_B                       = 0x609
-	SYS___SINF_B                        = 0x610
-	SYS___SINL_B                        = 0x611
-	SYS___TANF_B                        = 0x612
-	SYS___TANL_B                        = 0x613
-	SYS___TANHF_B                       = 0x614
-	SYS___TANHL_B                       = 0x615
-	SYS___ACOSF_B                       = 0x616
-	SYS___ACOSL_B                       = 0x617
-	SYS___ASINF_B                       = 0x618
-	SYS___ASINL_B                       = 0x619
-	SYS___LOGF_B                        = 0x620
-	SYS___LOGL_B                        = 0x621
-	SYS___LOG10F_B                      = 0x622
-	SYS___LOG10L_B                      = 0x623
-	SYS___POWF_B                        = 0x624
-	SYS___POWL_B                        = 0x625
-	SYS___SINHF_B                       = 0x626
-	SYS___SINHL_B                       = 0x627
-	SYS___SQRTF_B                       = 0x628
-	SYS___SQRTL_B                       = 0x629
-	SYS___MODFL_B                       = 0x630
-	SYS_ABSF                            = 0x631
-	SYS_ABSL                            = 0x632
-	SYS_ACOSF                           = 0x633
-	SYS_ACOSL                           = 0x634
-	SYS_ASINF                           = 0x635
-	SYS_ASINL                           = 0x636
-	SYS_ATAN2F                          = 0x637
-	SYS_ATAN2L                          = 0x638
-	SYS_ATANF                           = 0x639
-	SYS_COSHL                           = 0x640
-	SYS_EXPF                            = 0x641
-	SYS_EXPL                            = 0x642
-	SYS_TANHF                           = 0x643
-	SYS_TANHL                           = 0x644
-	SYS_LOG10F                          = 0x645
-	SYS_LOG10L                          = 0x646
-	SYS_LOGF                            = 0x647
-	SYS_LOGL                            = 0x648
-	SYS_POWF                            = 0x649
-	SYS_SINHL                           = 0x650
-	SYS_TANF                            = 0x651
-	SYS_TANL                            = 0x652
-	SYS_FABSF                           = 0x653
-	SYS_FABSL                           = 0x654
-	SYS_FLOORF                          = 0x655
-	SYS_FLOORL                          = 0x656
-	SYS_FMODF                           = 0x657
-	SYS_FMODL                           = 0x658
-	SYS_FREXPF                          = 0x659
-	SYS___CHATTR                        = 0x660
-	SYS___FCHATTR                       = 0x661
-	SYS___TOCCSID                       = 0x662
-	SYS___CSNAMETYPE                    = 0x663
-	SYS___TOCSNAME                      = 0x664
-	SYS___CCSIDTYPE                     = 0x665
-	SYS___AE_CORRESTBL_QUERY            = 0x666
-	SYS___AE_AUTOCONVERT_STATE          = 0x667
-	SYS_DN_FIND                         = 0x668
-	SYS___GETHOSTBYADDR_A               = 0x669
-	SYS___MBLEN_SB_A                    = 0x670
-	SYS___MBLEN_STD_A                   = 0x671
-	SYS___MBLEN_UTF                     = 0x672
-	SYS___MBSTOWCS_A                    = 0x673
-	SYS___MBSTOWCS_STD_A                = 0x674
-	SYS___MBTOWC_A                      = 0x675
-	SYS___MBTOWC_ISO1                   = 0x676
-	SYS___MBTOWC_SBCS                   = 0x677
-	SYS___MBTOWC_MBCS                   = 0x678
-	SYS___MBTOWC_UTF                    = 0x679
-	SYS___CSID_A                        = 0x680
-	SYS___CSID_STD_A                    = 0x681
-	SYS___WCSID_A                       = 0x682
-	SYS___WCSID_STD_A                   = 0x683
-	SYS___WCTOMB_A                      = 0x684
-	SYS___WCTOMB_ISO1                   = 0x685
-	SYS___WCTOMB_STD_A                  = 0x686
-	SYS___WCTOMB_UTF                    = 0x687
-	SYS___WCWIDTH_A                     = 0x688
-	SYS___GETGRNAM_R_A                  = 0x689
-	SYS___READDIR_R_A                   = 0x690
-	SYS___E2A_S                         = 0x691
-	SYS___FNMATCH_A                     = 0x692
-	SYS___FNMATCH_C_A                   = 0x693
-	SYS___EXECL_A                       = 0x694
-	SYS___FNMATCH_STD_A                 = 0x695
-	SYS___REGCOMP_A                     = 0x696
-	SYS___REGCOMP_STD_A                 = 0x697
-	SYS___REGERROR_A                    = 0x698
-	SYS___REGERROR_STD_A                = 0x699
-	SYS___SWPRINTF_A                    = 0x700
-	SYS___FSCANF_A                      = 0x701
-	SYS___SCANF_A                       = 0x702
-	SYS___SSCANF_A                      = 0x703
-	SYS___SWSCANF_A                     = 0x704
-	SYS___ATOF_A                        = 0x705
-	SYS___ATOI_A                        = 0x706
-	SYS___ATOL_A                        = 0x707
-	SYS___STRTOD_A                      = 0x708
-	SYS___STRTOL_A                      = 0x709
-	SYS___L64A_A                        = 0x710
-	SYS___STRERROR_A                    = 0x711
-	SYS___PERROR_A                      = 0x712
-	SYS___FETCH_A                       = 0x713
-	SYS___GETENV_A                      = 0x714
-	SYS___MKSTEMP_A                     = 0x717
-	SYS___PTSNAME_A                     = 0x718
-	SYS___PUTENV_A                      = 0x719
-	SYS___CHDIR_A                       = 0x720
-	SYS___CHOWN_A                       = 0x721
-	SYS___CHROOT_A                      = 0x722
-	SYS___GETCWD_A                      = 0x723
-	SYS___GETWD_A                       = 0x724
-	SYS___LCHOWN_A                      = 0x725
-	SYS___LINK_A                        = 0x726
-	SYS___PATHCONF_A                    = 0x727
-	SYS___IF_NAMEINDEX_A                = 0x728
-	SYS___READLINK_A                    = 0x729
-	SYS___EXTLINK_NP_A                  = 0x730
-	SYS___ISALNUM_A                     = 0x731
-	SYS___ISALPHA_A                     = 0x732
-	SYS___A2E_S                         = 0x733
-	SYS___ISCNTRL_A                     = 0x734
-	SYS___ISDIGIT_A                     = 0x735
-	SYS___ISGRAPH_A                     = 0x736
-	SYS___ISLOWER_A                     = 0x737
-	SYS___ISPRINT_A                     = 0x738
-	SYS___ISPUNCT_A                     = 0x739
-	SYS___ISWALPHA_A                    = 0x740
-	SYS___A2E_L                         = 0x741
-	SYS___ISWCNTRL_A                    = 0x742
-	SYS___ISWDIGIT_A                    = 0x743
-	SYS___ISWGRAPH_A                    = 0x744
-	SYS___ISWLOWER_A                    = 0x745
-	SYS___ISWPRINT_A                    = 0x746
-	SYS___ISWPUNCT_A                    = 0x747
-	SYS___ISWSPACE_A                    = 0x748
-	SYS___ISWUPPER_A                    = 0x749
-	SYS___REMOVE_A                      = 0x750
-	SYS___RENAME_A                      = 0x751
-	SYS___TMPNAM_A                      = 0x752
-	SYS___FOPEN_A                       = 0x753
-	SYS___FREOPEN_A                     = 0x754
-	SYS___CUSERID_A                     = 0x755
-	SYS___POPEN_A                       = 0x756
-	SYS___TEMPNAM_A                     = 0x757
-	SYS___FTW_A                         = 0x758
-	SYS___GETGRENT_A                    = 0x759
-	SYS___INET_NTOP_A                   = 0x760
-	SYS___GETPASS_A                     = 0x761
-	SYS___GETPWENT_A                    = 0x762
-	SYS___GETPWNAM_A                    = 0x763
-	SYS___GETPWUID_A                    = 0x764
-	SYS_____CHECK_RESOURCE_AUTH_NP_A    = 0x765
-	SYS___CHECKSCHENV_A                 = 0x766
-	SYS___CONNECTSERVER_A               = 0x767
-	SYS___CONNECTWORKMGR_A              = 0x768
-	SYS_____CONSOLE_A                   = 0x769
-	SYS___MSGSND_A                      = 0x770
-	SYS___MSGXRCV_A                     = 0x771
-	SYS___NFTW_A                        = 0x772
-	SYS_____PASSWD_A                    = 0x773
-	SYS___PTHREAD_SECURITY_NP_A         = 0x774
-	SYS___QUERYMETRICS_A                = 0x775
-	SYS___QUERYSCHENV                   = 0x776
-	SYS___READV_A                       = 0x777
-	SYS_____SERVER_CLASSIFY_A           = 0x778
-	SYS_____SERVER_INIT_A               = 0x779
-	SYS___W_GETPSENT_A                  = 0x780
-	SYS___WRITEV_A                      = 0x781
-	SYS___W_STATFS_A                    = 0x782
-	SYS___W_STATVFS_A                   = 0x783
-	SYS___FPUTC_A                       = 0x784
-	SYS___PUTCHAR_A                     = 0x785
-	SYS___PUTS_A                        = 0x786
-	SYS___FGETS_A                       = 0x787
-	SYS___GETS_A                        = 0x788
-	SYS___FPUTS_A                       = 0x789
-	SYS___PUTC_A                        = 0x790
-	SYS___AE_THREAD_SETMODE             = 0x791
-	SYS___AE_THREAD_SWAPMODE            = 0x792
-	SYS___GETNETBYADDR_A                = 0x793
-	SYS___GETNETBYNAME_A                = 0x794
-	SYS___GETNETENT_A                   = 0x795
-	SYS___GETPROTOBYNAME_A              = 0x796
-	SYS___GETPROTOBYNUMBER_A            = 0x797
-	SYS___GETPROTOENT_A                 = 0x798
-	SYS___GETSERVBYNAME_A               = 0x799
-	SYS_ACL_FIRST_ENTRY                 = 0x800
-	SYS_ACL_GET_ENTRY                   = 0x801
-	SYS_ACL_VALID                       = 0x802
-	SYS_ACL_CREATE_ENTRY                = 0x803
-	SYS_ACL_DELETE_ENTRY                = 0x804
-	SYS_ACL_UPDATE_ENTRY                = 0x805
-	SYS_ACL_DELETE_FD                   = 0x806
-	SYS_ACL_DELETE_FILE                 = 0x807
-	SYS_ACL_GET_FD                      = 0x808
-	SYS_ACL_GET_FILE                    = 0x809
-	SYS___ERFL_B                        = 0x810
-	SYS___ERFCL_B                       = 0x811
-	SYS___LGAMMAL_B                     = 0x812
-	SYS___SETHOOKEVENTS                 = 0x813
-	SYS_IF_NAMETOINDEX                  = 0x814
-	SYS_IF_INDEXTONAME                  = 0x815
-	SYS_IF_NAMEINDEX                    = 0x816
-	SYS_IF_FREENAMEINDEX                = 0x817
-	SYS_GETADDRINFO                     = 0x818
-	SYS_GETNAMEINFO                     = 0x819
-	SYS___DYNFREE_A                     = 0x820
-	SYS___RES_QUERY_A                   = 0x821
-	SYS___RES_SEARCH_A                  = 0x822
-	SYS___RES_QUERYDOMAIN_A             = 0x823
-	SYS___RES_MKQUERY_A                 = 0x824
-	SYS___RES_SEND_A                    = 0x825
-	SYS___DN_EXPAND_A                   = 0x826
-	SYS___DN_SKIPNAME_A                 = 0x827
-	SYS___DN_COMP_A                     = 0x828
-	SYS___DN_FIND_A                     = 0x829
-	SYS___INET_NTOA_A                   = 0x830
-	SYS___INET_NETWORK_A                = 0x831
-	SYS___ACCEPT_A                      = 0x832
-	SYS___ACCEPT_AND_RECV_A             = 0x833
-	SYS___BIND_A                        = 0x834
-	SYS___CONNECT_A                     = 0x835
-	SYS___GETPEERNAME_A                 = 0x836
-	SYS___GETSOCKNAME_A                 = 0x837
-	SYS___RECVFROM_A                    = 0x838
-	SYS___SENDTO_A                      = 0x839
-	SYS___LCHATTR                       = 0x840
-	SYS___WRITEDOWN                     = 0x841
-	SYS_PTHREAD_MUTEX_INIT2             = 0x842
-	SYS___ACOSHF_B                      = 0x843
-	SYS___ACOSHL_B                      = 0x844
-	SYS___ASINHF_B                      = 0x845
-	SYS___ASINHL_B                      = 0x846
-	SYS___ATANHF_B                      = 0x847
-	SYS___ATANHL_B                      = 0x848
-	SYS___CBRTF_B                       = 0x849
-	SYS___EXP2F_B                       = 0x850
-	SYS___EXP2L_B                       = 0x851
-	SYS___EXPM1F_B                      = 0x852
-	SYS___EXPM1L_B                      = 0x853
-	SYS___FDIMF_B                       = 0x854
-	SYS___FDIM_B                        = 0x855
-	SYS___FDIML_B                       = 0x856
-	SYS___HYPOTF_B                      = 0x857
-	SYS___HYPOTL_B                      = 0x858
-	SYS___LOG1PF_B                      = 0x859
-	SYS___REMQUOF_B                     = 0x860
-	SYS___REMQUO_B                      = 0x861
-	SYS___REMQUOL_B                     = 0x862
-	SYS___TGAMMAF_B                     = 0x863
-	SYS___TGAMMA_B                      = 0x864
-	SYS___TGAMMAL_B                     = 0x865
-	SYS___TRUNCF_B                      = 0x866
-	SYS___TRUNC_B                       = 0x867
-	SYS___TRUNCL_B                      = 0x868
-	SYS___LGAMMAF_B                     = 0x869
-	SYS_ASINHF                          = 0x870
-	SYS_ASINHL                          = 0x871
-	SYS_ATANHF                          = 0x872
-	SYS_ATANHL                          = 0x873
-	SYS_CBRTF                           = 0x874
-	SYS_CBRTL                           = 0x875
-	SYS_COPYSIGNF                       = 0x876
-	SYS_CPYSIGNF                        = 0x876
-	SYS_COPYSIGNL                       = 0x877
-	SYS_CPYSIGNL                        = 0x877
-	SYS_COTANF                          = 0x878
-	SYS___COTANF                        = 0x878
-	SYS_COTAN                           = 0x879
-	SYS___COTAN                         = 0x879
-	SYS_FDIM                            = 0x881
-	SYS_FDIML                           = 0x882
-	SYS_HYPOTF                          = 0x883
-	SYS_HYPOTL                          = 0x884
-	SYS_LOG1PF                          = 0x885
-	SYS_LOG1PL                          = 0x886
-	SYS_LOG2F                           = 0x887
-	SYS_LOG2                            = 0x888
-	SYS_LOG2L                           = 0x889
-	SYS_TGAMMA                          = 0x890
-	SYS_TGAMMAL                         = 0x891
-	SYS_TRUNCF                          = 0x892
-	SYS_TRUNC                           = 0x893
-	SYS_TRUNCL                          = 0x894
-	SYS_LGAMMAF                         = 0x895
-	SYS_LGAMMAL                         = 0x896
-	SYS_LROUNDF                         = 0x897
-	SYS_LROUND                          = 0x898
-	SYS_ERFF                            = 0x899
-	SYS___COSHF_H                       = 0x900
-	SYS___COSHL_H                       = 0x901
-	SYS___COTAN_H                       = 0x902
-	SYS___COTANF_H                      = 0x903
-	SYS___COTANL_H                      = 0x904
-	SYS___ERF_H                         = 0x905
-	SYS___ERFF_H                        = 0x906
-	SYS___ERFL_H                        = 0x907
-	SYS___ERFC_H                        = 0x908
-	SYS___ERFCF_H                       = 0x909
-	SYS___FDIMF_H                       = 0x910
-	SYS___FDIML_H                       = 0x911
-	SYS___FMOD_H                        = 0x912
-	SYS___FMODF_H                       = 0x913
-	SYS___FMODL_H                       = 0x914
-	SYS___GAMMA_H                       = 0x915
-	SYS___HYPOT_H                       = 0x916
-	SYS___ILOGB_H                       = 0x917
-	SYS___LGAMMA_H                      = 0x918
-	SYS___LGAMMAF_H                     = 0x919
-	SYS___LOG2L_H                       = 0x920
-	SYS___LOG1P_H                       = 0x921
-	SYS___LOG10_H                       = 0x922
-	SYS___LOG10F_H                      = 0x923
-	SYS___LOG10L_H                      = 0x924
-	SYS___LROUND_H                      = 0x925
-	SYS___LROUNDF_H                     = 0x926
-	SYS___NEXTAFTER_H                   = 0x927
-	SYS___POW_H                         = 0x928
-	SYS___POWF_H                        = 0x929
-	SYS___SINL_H                        = 0x930
-	SYS___SINH_H                        = 0x931
-	SYS___SINHF_H                       = 0x932
-	SYS___SINHL_H                       = 0x933
-	SYS___SQRT_H                        = 0x934
-	SYS___SQRTF_H                       = 0x935
-	SYS___SQRTL_H                       = 0x936
-	SYS___TAN_H                         = 0x937
-	SYS___TANF_H                        = 0x938
-	SYS___TANL_H                        = 0x939
-	SYS___TRUNCF_H                      = 0x940
-	SYS___TRUNCL_H                      = 0x941
-	SYS___COSH_H                        = 0x942
-	SYS___LE_DEBUG_SET_RESUME_MCH       = 0x943
-	SYS_VFSCANF                         = 0x944
-	SYS_VSCANF                          = 0x946
-	SYS_VSSCANF                         = 0x948
-	SYS_IMAXABS                         = 0x950
-	SYS_IMAXDIV                         = 0x951
-	SYS_STRTOIMAX                       = 0x952
-	SYS_STRTOUMAX                       = 0x953
-	SYS_WCSTOIMAX                       = 0x954
-	SYS_WCSTOUMAX                       = 0x955
-	SYS_ATOLL                           = 0x956
-	SYS_STRTOF                          = 0x957
-	SYS_STRTOLD                         = 0x958
-	SYS_WCSTOF                          = 0x959
-	SYS_INET6_RTH_GETADDR               = 0x960
-	SYS_INET6_OPT_INIT                  = 0x961
-	SYS_INET6_OPT_APPEND                = 0x962
-	SYS_INET6_OPT_FINISH                = 0x963
-	SYS_INET6_OPT_SET_VAL               = 0x964
-	SYS_INET6_OPT_NEXT                  = 0x965
-	SYS_INET6_OPT_FIND                  = 0x966
-	SYS_INET6_OPT_GET_VAL               = 0x967
-	SYS___POW_I                         = 0x987
-	SYS___POW_I_B                       = 0x988
-	SYS___POW_I_H                       = 0x989
-	SYS___CABS_H                        = 0x990
-	SYS_CABSF                           = 0x991
-	SYS___CABSF_B                       = 0x992
-	SYS___CABSF_H                       = 0x993
-	SYS_CABSL                           = 0x994
-	SYS___CABSL_B                       = 0x995
-	SYS___CABSL_H                       = 0x996
-	SYS_CACOS                           = 0x997
-	SYS___CACOS_B                       = 0x998
-	SYS___CACOS_H                       = 0x999
+	SYS_LOG                             = 0x17  // 23
+	SYS_COSH                            = 0x18  // 24
+	SYS_TANH                            = 0x19  // 25
+	SYS_EXP                             = 0x1A  // 26
+	SYS_MODF                            = 0x1B  // 27
+	SYS_LOG10                           = 0x1C  // 28
+	SYS_FREXP                           = 0x1D  // 29
+	SYS_LDEXP                           = 0x1E  // 30
+	SYS_CEIL                            = 0x1F  // 31
+	SYS_POW                             = 0x20  // 32
+	SYS_SQRT                            = 0x21  // 33
+	SYS_FLOOR                           = 0x22  // 34
+	SYS_J1                              = 0x23  // 35
+	SYS_FABS                            = 0x24  // 36
+	SYS_FMOD                            = 0x25  // 37
+	SYS_J0                              = 0x26  // 38
+	SYS_YN                              = 0x27  // 39
+	SYS_JN                              = 0x28  // 40
+	SYS_Y0                              = 0x29  // 41
+	SYS_Y1                              = 0x2A  // 42
+	SYS_HYPOT                           = 0x2B  // 43
+	SYS_ERF                             = 0x2C  // 44
+	SYS_ERFC                            = 0x2D  // 45
+	SYS_GAMMA                           = 0x2E  // 46
+	SYS_ISALPHA                         = 0x30  // 48
+	SYS_ISALNUM                         = 0x31  // 49
+	SYS_ISLOWER                         = 0x32  // 50
+	SYS_ISCNTRL                         = 0x33  // 51
+	SYS_ISDIGIT                         = 0x34  // 52
+	SYS_ISGRAPH                         = 0x35  // 53
+	SYS_ISUPPER                         = 0x36  // 54
+	SYS_ISPRINT                         = 0x37  // 55
+	SYS_ISPUNCT                         = 0x38  // 56
+	SYS_ISSPACE                         = 0x39  // 57
+	SYS_SETLOCAL                        = 0x3A  // 58
+	SYS_SETLOCALE                       = 0x3A  // 58
+	SYS_ISXDIGIT                        = 0x3B  // 59
+	SYS_TOLOWER                         = 0x3C  // 60
+	SYS_TOUPPER                         = 0x3D  // 61
+	SYS_ASIN                            = 0x3E  // 62
+	SYS_SIN                             = 0x3F  // 63
+	SYS_COS                             = 0x40  // 64
+	SYS_TAN                             = 0x41  // 65
+	SYS_SINH                            = 0x42  // 66
+	SYS_ACOS                            = 0x43  // 67
+	SYS_ATAN                            = 0x44  // 68
+	SYS_ATAN2                           = 0x45  // 69
+	SYS_FTELL                           = 0x46  // 70
+	SYS_FGETPOS                         = 0x47  // 71
+	SYS_FSEEK                           = 0x48  // 72
+	SYS_FSETPOS                         = 0x49  // 73
+	SYS_FERROR                          = 0x4A  // 74
+	SYS_REWIND                          = 0x4B  // 75
+	SYS_CLEARERR                        = 0x4C  // 76
+	SYS_FEOF                            = 0x4D  // 77
+	SYS_ATOL                            = 0x4E  // 78
+	SYS_PERROR                          = 0x4F  // 79
+	SYS_ATOF                            = 0x50  // 80
+	SYS_ATOI                            = 0x51  // 81
+	SYS_RAND                            = 0x52  // 82
+	SYS_STRTOD                          = 0x53  // 83
+	SYS_STRTOL                          = 0x54  // 84
+	SYS_STRTOUL                         = 0x55  // 85
+	SYS_MALLOC                          = 0x56  // 86
+	SYS_SRAND                           = 0x57  // 87
+	SYS_CALLOC                          = 0x58  // 88
+	SYS_FREE                            = 0x59  // 89
+	SYS_EXIT                            = 0x5A  // 90
+	SYS_REALLOC                         = 0x5B  // 91
+	SYS_ABORT                           = 0x5C  // 92
+	SYS___ABORT                         = 0x5C  // 92
+	SYS_ATEXIT                          = 0x5D  // 93
+	SYS_RAISE                           = 0x5E  // 94
+	SYS_SETJMP                          = 0x5F  // 95
+	SYS_LONGJMP                         = 0x60  // 96
+	SYS_SIGNAL                          = 0x61  // 97
+	SYS_TMPNAM                          = 0x62  // 98
+	SYS_REMOVE                          = 0x63  // 99
+	SYS_RENAME                          = 0x64  // 100
+	SYS_TMPFILE                         = 0x65  // 101
+	SYS_FREOPEN                         = 0x66  // 102
+	SYS_FCLOSE                          = 0x67  // 103
+	SYS_FFLUSH                          = 0x68  // 104
+	SYS_FOPEN                           = 0x69  // 105
+	SYS_FSCANF                          = 0x6A  // 106
+	SYS_SETBUF                          = 0x6B  // 107
+	SYS_SETVBUF                         = 0x6C  // 108
+	SYS_FPRINTF                         = 0x6D  // 109
+	SYS_SSCANF                          = 0x6E  // 110
+	SYS_PRINTF                          = 0x6F  // 111
+	SYS_SCANF                           = 0x70  // 112
+	SYS_SPRINTF                         = 0x71  // 113
+	SYS_FGETC                           = 0x72  // 114
+	SYS_VFPRINTF                        = 0x73  // 115
+	SYS_VPRINTF                         = 0x74  // 116
+	SYS_VSPRINTF                        = 0x75  // 117
+	SYS_GETC                            = 0x76  // 118
+	SYS_FGETS                           = 0x77  // 119
+	SYS_FPUTC                           = 0x78  // 120
+	SYS_FPUTS                           = 0x79  // 121
+	SYS_PUTCHAR                         = 0x7A  // 122
+	SYS_GETCHAR                         = 0x7B  // 123
+	SYS_GETS                            = 0x7C  // 124
+	SYS_PUTC                            = 0x7D  // 125
+	SYS_FWRITE                          = 0x7E  // 126
+	SYS_PUTS                            = 0x7F  // 127
+	SYS_UNGETC                          = 0x80  // 128
+	SYS_FREAD                           = 0x81  // 129
+	SYS_WCSTOMBS                        = 0x82  // 130
+	SYS_MBTOWC                          = 0x83  // 131
+	SYS_WCTOMB                          = 0x84  // 132
+	SYS_MBSTOWCS                        = 0x85  // 133
+	SYS_WCSCPY                          = 0x86  // 134
+	SYS_WCSCAT                          = 0x87  // 135
+	SYS_WCSCHR                          = 0x88  // 136
+	SYS_WCSCMP                          = 0x89  // 137
+	SYS_WCSNCMP                         = 0x8A  // 138
+	SYS_WCSCSPN                         = 0x8B  // 139
+	SYS_WCSLEN                          = 0x8C  // 140
+	SYS_WCSNCAT                         = 0x8D  // 141
+	SYS_WCSSPN                          = 0x8E  // 142
+	SYS_WCSNCPY                         = 0x8F  // 143
+	SYS_ABS                             = 0x90  // 144
+	SYS_DIV                             = 0x91  // 145
+	SYS_LABS                            = 0x92  // 146
+	SYS_STRNCPY                         = 0x93  // 147
+	SYS_MEMCPY                          = 0x94  // 148
+	SYS_MEMMOVE                         = 0x95  // 149
+	SYS_STRCPY                          = 0x96  // 150
+	SYS_STRCMP                          = 0x97  // 151
+	SYS_STRCAT                          = 0x98  // 152
+	SYS_STRNCAT                         = 0x99  // 153
+	SYS_MEMCMP                          = 0x9A  // 154
+	SYS_MEMCHR                          = 0x9B  // 155
+	SYS_STRCOLL                         = 0x9C  // 156
+	SYS_STRNCMP                         = 0x9D  // 157
+	SYS_STRXFRM                         = 0x9E  // 158
+	SYS_STRRCHR                         = 0x9F  // 159
+	SYS_STRCHR                          = 0xA0  // 160
+	SYS_STRCSPN                         = 0xA1  // 161
+	SYS_STRPBRK                         = 0xA2  // 162
+	SYS_MEMSET                          = 0xA3  // 163
+	SYS_STRSPN                          = 0xA4  // 164
+	SYS_STRSTR                          = 0xA5  // 165
+	SYS_STRTOK                          = 0xA6  // 166
+	SYS_DIFFTIME                        = 0xA7  // 167
+	SYS_STRERROR                        = 0xA8  // 168
+	SYS_STRLEN                          = 0xA9  // 169
+	SYS_CLOCK                           = 0xAA  // 170
+	SYS_CTIME                           = 0xAB  // 171
+	SYS_MKTIME                          = 0xAC  // 172
+	SYS_TIME                            = 0xAD  // 173
+	SYS_ASCTIME                         = 0xAE  // 174
+	SYS_MBLEN                           = 0xAF  // 175
+	SYS_GMTIME                          = 0xB0  // 176
+	SYS_LOCALTIM                        = 0xB1  // 177
+	SYS_LOCALTIME                       = 0xB1  // 177
+	SYS_STRFTIME                        = 0xB2  // 178
+	SYS___GETCB                         = 0xB4  // 180
+	SYS_FUPDATE                         = 0xB5  // 181
+	SYS___FUPDT                         = 0xB5  // 181
+	SYS_CLRMEMF                         = 0xBD  // 189
+	SYS___CLRMF                         = 0xBD  // 189
+	SYS_FETCHEP                         = 0xBF  // 191
+	SYS___FTCHEP                        = 0xBF  // 191
+	SYS_FLDATA                          = 0xC1  // 193
+	SYS___FLDATA                        = 0xC1  // 193
+	SYS_DYNFREE                         = 0xC2  // 194
+	SYS___DYNFRE                        = 0xC2  // 194
+	SYS_DYNALLOC                        = 0xC3  // 195
+	SYS___DYNALL                        = 0xC3  // 195
+	SYS___CDUMP                         = 0xC4  // 196
+	SYS_CSNAP                           = 0xC5  // 197
+	SYS___CSNAP                         = 0xC5  // 197
+	SYS_CTRACE                          = 0xC6  // 198
+	SYS___CTRACE                        = 0xC6  // 198
+	SYS___CTEST                         = 0xC7  // 199
+	SYS_SETENV                          = 0xC8  // 200
+	SYS___SETENV                        = 0xC8  // 200
+	SYS_CLEARENV                        = 0xC9  // 201
+	SYS___CLRENV                        = 0xC9  // 201
+	SYS___REGCOMP_STD                   = 0xEA  // 234
+	SYS_NL_LANGINFO                     = 0xFC  // 252
+	SYS_GETSYNTX                        = 0xFD  // 253
+	SYS_ISBLANK                         = 0xFE  // 254
+	SYS___ISBLNK                        = 0xFE  // 254
+	SYS_ISWALNUM                        = 0xFF  // 255
+	SYS_ISWALPHA                        = 0x100 // 256
+	SYS_ISWBLANK                        = 0x101 // 257
+	SYS___ISWBLK                        = 0x101 // 257
+	SYS_ISWCNTRL                        = 0x102 // 258
+	SYS_ISWDIGIT                        = 0x103 // 259
+	SYS_ISWGRAPH                        = 0x104 // 260
+	SYS_ISWLOWER                        = 0x105 // 261
+	SYS_ISWPRINT                        = 0x106 // 262
+	SYS_ISWPUNCT                        = 0x107 // 263
+	SYS_ISWSPACE                        = 0x108 // 264
+	SYS_ISWUPPER                        = 0x109 // 265
+	SYS_ISWXDIGI                        = 0x10A // 266
+	SYS_ISWXDIGIT                       = 0x10A // 266
+	SYS_WCTYPE                          = 0x10B // 267
+	SYS_ISWCTYPE                        = 0x10C // 268
+	SYS_TOWLOWER                        = 0x10D // 269
+	SYS_TOWUPPER                        = 0x10E // 270
+	SYS_MBSINIT                         = 0x10F // 271
+	SYS_WCTOB                           = 0x110 // 272
+	SYS_MBRLEN                          = 0x111 // 273
+	SYS_MBRTOWC                         = 0x112 // 274
+	SYS_MBSRTOWC                        = 0x113 // 275
+	SYS_MBSRTOWCS                       = 0x113 // 275
+	SYS_WCRTOMB                         = 0x114 // 276
+	SYS_WCSRTOMB                        = 0x115 // 277
+	SYS_WCSRTOMBS                       = 0x115 // 277
+	SYS___CSID                          = 0x116 // 278
+	SYS___WCSID                         = 0x117 // 279
+	SYS_STRPTIME                        = 0x118 // 280
+	SYS___STRPTM                        = 0x118 // 280
+	SYS_STRFMON                         = 0x119 // 281
+	SYS___RPMTCH                        = 0x11A // 282
+	SYS_WCSSTR                          = 0x11B // 283
+	SYS_WCSTOK                          = 0x12C // 300
+	SYS_WCSTOL                          = 0x12D // 301
+	SYS_WCSTOD                          = 0x12E // 302
+	SYS_WCSTOUL                         = 0x12F // 303
+	SYS_WCSCOLL                         = 0x130 // 304
+	SYS_WCSXFRM                         = 0x131 // 305
+	SYS_WCSWIDTH                        = 0x132 // 306
+	SYS_WCWIDTH                         = 0x133 // 307
+	SYS_WCSFTIME                        = 0x134 // 308
+	SYS_SWPRINTF                        = 0x135 // 309
+	SYS_VSWPRINT                        = 0x136 // 310
+	SYS_VSWPRINTF                       = 0x136 // 310
+	SYS_SWSCANF                         = 0x137 // 311
+	SYS_REGCOMP                         = 0x138 // 312
+	SYS_REGEXEC                         = 0x139 // 313
+	SYS_REGFREE                         = 0x13A // 314
+	SYS_REGERROR                        = 0x13B // 315
+	SYS_FGETWC                          = 0x13C // 316
+	SYS_FGETWS                          = 0x13D // 317
+	SYS_FPUTWC                          = 0x13E // 318
+	SYS_FPUTWS                          = 0x13F // 319
+	SYS_GETWC                           = 0x140 // 320
+	SYS_GETWCHAR                        = 0x141 // 321
+	SYS_PUTWC                           = 0x142 // 322
+	SYS_PUTWCHAR                        = 0x143 // 323
+	SYS_UNGETWC                         = 0x144 // 324
+	SYS_ICONV_OPEN                      = 0x145 // 325
+	SYS_ICONV                           = 0x146 // 326
+	SYS_ICONV_CLOSE                     = 0x147 // 327
+	SYS_ISMCCOLLEL                      = 0x14C // 332
+	SYS_STRTOCOLL                       = 0x14D // 333
+	SYS_COLLTOSTR                       = 0x14E // 334
+	SYS_COLLEQUIV                       = 0x14F // 335
+	SYS_COLLRANGE                       = 0x150 // 336
+	SYS_CCLASS                          = 0x151 // 337
+	SYS_COLLORDER                       = 0x152 // 338
+	SYS___DEMANGLE                      = 0x154 // 340
+	SYS_FDOPEN                          = 0x155 // 341
+	SYS___ERRNO                         = 0x156 // 342
+	SYS___ERRNO2                        = 0x157 // 343
+	SYS___TERROR                        = 0x158 // 344
+	SYS_MAXCOLL                         = 0x169 // 361
+	SYS_GETMCCOLL                       = 0x16A // 362
+	SYS_GETWMCCOLL                      = 0x16B // 363
+	SYS___ERR2AD                        = 0x16C // 364
+	SYS_DLLQUERYFN                      = 0x16D // 365
+	SYS_DLLQUERYVAR                     = 0x16E // 366
+	SYS_DLLFREE                         = 0x16F // 367
+	SYS_DLLLOAD                         = 0x170 // 368
+	SYS__EXIT                           = 0x174 // 372
+	SYS_ACCESS                          = 0x175 // 373
+	SYS_ALARM                           = 0x176 // 374
+	SYS_CFGETISPEED                     = 0x177 // 375
+	SYS_CFGETOSPEED                     = 0x178 // 376
+	SYS_CFSETISPEED                     = 0x179 // 377
+	SYS_CFSETOSPEED                     = 0x17A // 378
+	SYS_CHDIR                           = 0x17B // 379
+	SYS_CHMOD                           = 0x17C // 380
+	SYS_CHOWN                           = 0x17D // 381
+	SYS_CLOSE                           = 0x17E // 382
+	SYS_CLOSEDIR                        = 0x17F // 383
+	SYS_CREAT                           = 0x180 // 384
+	SYS_CTERMID                         = 0x181 // 385
+	SYS_DUP                             = 0x182 // 386
+	SYS_DUP2                            = 0x183 // 387
+	SYS_EXECL                           = 0x184 // 388
+	SYS_EXECLE                          = 0x185 // 389
+	SYS_EXECLP                          = 0x186 // 390
+	SYS_EXECV                           = 0x187 // 391
+	SYS_EXECVE                          = 0x188 // 392
+	SYS_EXECVP                          = 0x189 // 393
+	SYS_FCHMOD                          = 0x18A // 394
+	SYS_FCHOWN                          = 0x18B // 395
+	SYS_FCNTL                           = 0x18C // 396
+	SYS_FILENO                          = 0x18D // 397
+	SYS_FORK                            = 0x18E // 398
+	SYS_FPATHCONF                       = 0x18F // 399
+	SYS_FSTAT                           = 0x190 // 400
+	SYS_FSYNC                           = 0x191 // 401
+	SYS_FTRUNCATE                       = 0x192 // 402
+	SYS_GETCWD                          = 0x193 // 403
+	SYS_GETEGID                         = 0x194 // 404
+	SYS_GETEUID                         = 0x195 // 405
+	SYS_GETGID                          = 0x196 // 406
+	SYS_GETGRGID                        = 0x197 // 407
+	SYS_GETGRNAM                        = 0x198 // 408
+	SYS_GETGROUPS                       = 0x199 // 409
+	SYS_GETLOGIN                        = 0x19A // 410
+	SYS_W_GETMNTENT                     = 0x19B // 411
+	SYS_GETPGRP                         = 0x19C // 412
+	SYS_GETPID                          = 0x19D // 413
+	SYS_GETPPID                         = 0x19E // 414
+	SYS_GETPWNAM                        = 0x19F // 415
+	SYS_GETPWUID                        = 0x1A0 // 416
+	SYS_GETUID                          = 0x1A1 // 417
+	SYS_W_IOCTL                         = 0x1A2 // 418
+	SYS_ISATTY                          = 0x1A3 // 419
+	SYS_KILL                            = 0x1A4 // 420
+	SYS_LINK                            = 0x1A5 // 421
+	SYS_LSEEK                           = 0x1A6 // 422
+	SYS_LSTAT                           = 0x1A7 // 423
+	SYS_MKDIR                           = 0x1A8 // 424
+	SYS_MKFIFO                          = 0x1A9 // 425
+	SYS_MKNOD                           = 0x1AA // 426
+	SYS_MOUNT                           = 0x1AB // 427
+	SYS_OPEN                            = 0x1AC // 428
+	SYS_OPENDIR                         = 0x1AD // 429
+	SYS_PATHCONF                        = 0x1AE // 430
+	SYS_PAUSE                           = 0x1AF // 431
+	SYS_PIPE                            = 0x1B0 // 432
+	SYS_W_GETPSENT                      = 0x1B1 // 433
+	SYS_READ                            = 0x1B2 // 434
+	SYS_READDIR                         = 0x1B3 // 435
+	SYS_READLINK                        = 0x1B4 // 436
+	SYS_REWINDDIR                       = 0x1B5 // 437
+	SYS_RMDIR                           = 0x1B6 // 438
+	SYS_SETEGID                         = 0x1B7 // 439
+	SYS_SETEUID                         = 0x1B8 // 440
+	SYS_SETGID                          = 0x1B9 // 441
+	SYS_SETPGID                         = 0x1BA // 442
+	SYS_SETSID                          = 0x1BB // 443
+	SYS_SETUID                          = 0x1BC // 444
+	SYS_SIGACTION                       = 0x1BD // 445
+	SYS_SIGADDSET                       = 0x1BE // 446
+	SYS_SIGDELSET                       = 0x1BF // 447
+	SYS_SIGEMPTYSET                     = 0x1C0 // 448
+	SYS_SIGFILLSET                      = 0x1C1 // 449
+	SYS_SIGISMEMBER                     = 0x1C2 // 450
+	SYS_SIGLONGJMP                      = 0x1C3 // 451
+	SYS_SIGPENDING                      = 0x1C4 // 452
+	SYS_SIGPROCMASK                     = 0x1C5 // 453
+	SYS_SIGSETJMP                       = 0x1C6 // 454
+	SYS_SIGSUSPEND                      = 0x1C7 // 455
+	SYS_SLEEP                           = 0x1C8 // 456
+	SYS_STAT                            = 0x1C9 // 457
+	SYS_W_STATFS                        = 0x1CA // 458
+	SYS_SYMLINK                         = 0x1CB // 459
+	SYS_SYSCONF                         = 0x1CC // 460
+	SYS_TCDRAIN                         = 0x1CD // 461
+	SYS_TCFLOW                          = 0x1CE // 462
+	SYS_TCFLUSH                         = 0x1CF // 463
+	SYS_TCGETATTR                       = 0x1D0 // 464
+	SYS_TCGETPGRP                       = 0x1D1 // 465
+	SYS_TCSENDBREAK                     = 0x1D2 // 466
+	SYS_TCSETATTR                       = 0x1D3 // 467
+	SYS_TCSETPGRP                       = 0x1D4 // 468
+	SYS_TIMES                           = 0x1D5 // 469
+	SYS_TTYNAME                         = 0x1D6 // 470
+	SYS_TZSET                           = 0x1D7 // 471
+	SYS_UMASK                           = 0x1D8 // 472
+	SYS_UMOUNT                          = 0x1D9 // 473
+	SYS_UNAME                           = 0x1DA // 474
+	SYS_UNLINK                          = 0x1DB // 475
+	SYS_UTIME                           = 0x1DC // 476
+	SYS_WAIT                            = 0x1DD // 477
+	SYS_WAITPID                         = 0x1DE // 478
+	SYS_WRITE                           = 0x1DF // 479
+	SYS_CHAUDIT                         = 0x1E0 // 480
+	SYS_FCHAUDIT                        = 0x1E1 // 481
+	SYS_GETGROUPSBYNAME                 = 0x1E2 // 482
+	SYS_SIGWAIT                         = 0x1E3 // 483
+	SYS_PTHREAD_EXIT                    = 0x1E4 // 484
+	SYS_PTHREAD_KILL                    = 0x1E5 // 485
+	SYS_PTHREAD_ATTR_INIT               = 0x1E6 // 486
+	SYS_PTHREAD_ATTR_DESTROY            = 0x1E7 // 487
+	SYS_PTHREAD_ATTR_SETSTACKSIZE       = 0x1E8 // 488
+	SYS_PTHREAD_ATTR_GETSTACKSIZE       = 0x1E9 // 489
+	SYS_PTHREAD_ATTR_SETDETACHSTATE     = 0x1EA // 490
+	SYS_PTHREAD_ATTR_GETDETACHSTATE     = 0x1EB // 491
+	SYS_PTHREAD_ATTR_SETWEIGHT_NP       = 0x1EC // 492
+	SYS_PTHREAD_ATTR_GETWEIGHT_NP       = 0x1ED // 493
+	SYS_PTHREAD_CANCEL                  = 0x1EE // 494
+	SYS_PTHREAD_CLEANUP_PUSH            = 0x1EF // 495
+	SYS_PTHREAD_CLEANUP_POP             = 0x1F0 // 496
+	SYS_PTHREAD_CONDATTR_INIT           = 0x1F1 // 497
+	SYS_PTHREAD_CONDATTR_DESTROY        = 0x1F2 // 498
+	SYS_PTHREAD_COND_INIT               = 0x1F3 // 499
+	SYS_PTHREAD_COND_DESTROY            = 0x1F4 // 500
+	SYS_PTHREAD_COND_SIGNAL             = 0x1F5 // 501
+	SYS_PTHREAD_COND_BROADCAST          = 0x1F6 // 502
+	SYS_PTHREAD_COND_WAIT               = 0x1F7 // 503
+	SYS_PTHREAD_COND_TIMEDWAIT          = 0x1F8 // 504
+	SYS_PTHREAD_CREATE                  = 0x1F9 // 505
+	SYS_PTHREAD_DETACH                  = 0x1FA // 506
+	SYS_PTHREAD_EQUAL                   = 0x1FB // 507
+	SYS_PTHREAD_GETSPECIFIC             = 0x1FC // 508
+	SYS_PTHREAD_JOIN                    = 0x1FD // 509
+	SYS_PTHREAD_KEY_CREATE              = 0x1FE // 510
+	SYS_PTHREAD_MUTEXATTR_INIT          = 0x1FF // 511
+	SYS_PTHREAD_MUTEXATTR_DESTROY       = 0x200 // 512
+	SYS_PTHREAD_MUTEXATTR_SETKIND_NP    = 0x201 // 513
+	SYS_PTHREAD_MUTEXATTR_GETKIND_NP    = 0x202 // 514
+	SYS_PTHREAD_MUTEX_INIT              = 0x203 // 515
+	SYS_PTHREAD_MUTEX_DESTROY           = 0x204 // 516
+	SYS_PTHREAD_MUTEX_LOCK              = 0x205 // 517
+	SYS_PTHREAD_MUTEX_TRYLOCK           = 0x206 // 518
+	SYS_PTHREAD_MUTEX_UNLOCK            = 0x207 // 519
+	SYS_PTHREAD_ONCE                    = 0x209 // 521
+	SYS_PTHREAD_SELF                    = 0x20A // 522
+	SYS_PTHREAD_SETINTR                 = 0x20B // 523
+	SYS_PTHREAD_SETINTRTYPE             = 0x20C // 524
+	SYS_PTHREAD_SETSPECIFIC             = 0x20D // 525
+	SYS_PTHREAD_TESTINTR                = 0x20E // 526
+	SYS_PTHREAD_YIELD                   = 0x20F // 527
+	SYS_TW_OPEN                         = 0x210 // 528
+	SYS_TW_FCNTL                        = 0x211 // 529
+	SYS_PTHREAD_JOIN_D4_NP              = 0x212 // 530
+	SYS_PTHREAD_CONDATTR_SETKIND_NP     = 0x213 // 531
+	SYS_PTHREAD_CONDATTR_GETKIND_NP     = 0x214 // 532
+	SYS_EXTLINK_NP                      = 0x215 // 533
+	SYS___PASSWD                        = 0x216 // 534
+	SYS_SETGROUPS                       = 0x217 // 535
+	SYS_INITGROUPS                      = 0x218 // 536
+	SYS_WCSPBRK                         = 0x23F // 575
+	SYS_WCSRCHR                         = 0x240 // 576
+	SYS_SVC99                           = 0x241 // 577
+	SYS___SVC99                         = 0x241 // 577
+	SYS_WCSWCS                          = 0x242 // 578
+	SYS_LOCALECO                        = 0x243 // 579
+	SYS_LOCALECONV                      = 0x243 // 579
+	SYS___LIBREL                        = 0x244 // 580
+	SYS_RELEASE                         = 0x245 // 581
+	SYS___RLSE                          = 0x245 // 581
+	SYS_FLOCATE                         = 0x246 // 582
+	SYS___FLOCT                         = 0x246 // 582
+	SYS_FDELREC                         = 0x247 // 583
+	SYS___FDLREC                        = 0x247 // 583
+	SYS_FETCH                           = 0x248 // 584
+	SYS___FETCH                         = 0x248 // 584
+	SYS_QSORT                           = 0x249 // 585
+	SYS_GETENV                          = 0x24A // 586
+	SYS_SYSTEM                          = 0x24B // 587
+	SYS_BSEARCH                         = 0x24C // 588
+	SYS_LDIV                            = 0x24D // 589
+	SYS___THROW                         = 0x25E // 606
+	SYS___RETHROW                       = 0x25F // 607
+	SYS___CLEANUPCATCH                  = 0x260 // 608
+	SYS___CATCHMATCH                    = 0x261 // 609
+	SYS___CLEAN2UPCATCH                 = 0x262 // 610
+	SYS_PUTENV                          = 0x26A // 618
+	SYS___GETENV                        = 0x26F // 623
+	SYS_GETPRIORITY                     = 0x270 // 624
+	SYS_NICE                            = 0x271 // 625
+	SYS_SETPRIORITY                     = 0x272 // 626
+	SYS_GETITIMER                       = 0x273 // 627
+	SYS_SETITIMER                       = 0x274 // 628
+	SYS_MSGCTL                          = 0x275 // 629
+	SYS_MSGGET                          = 0x276 // 630
+	SYS_MSGRCV                          = 0x277 // 631
+	SYS_MSGSND                          = 0x278 // 632
+	SYS_MSGXRCV                         = 0x279 // 633
+	SYS___MSGXR                         = 0x279 // 633
+	SYS_SEMCTL                          = 0x27A // 634
+	SYS_SEMGET                          = 0x27B // 635
+	SYS_SEMOP                           = 0x27C // 636
+	SYS_SHMAT                           = 0x27D // 637
+	SYS_SHMCTL                          = 0x27E // 638
+	SYS_SHMDT                           = 0x27F // 639
+	SYS_SHMGET                          = 0x280 // 640
+	SYS___GETIPC                        = 0x281 // 641
+	SYS_SETGRENT                        = 0x282 // 642
+	SYS_GETGRENT                        = 0x283 // 643
+	SYS_ENDGRENT                        = 0x284 // 644
+	SYS_SETPWENT                        = 0x285 // 645
+	SYS_GETPWENT                        = 0x286 // 646
+	SYS_ENDPWENT                        = 0x287 // 647
+	SYS_BSD_SIGNAL                      = 0x288 // 648
+	SYS_KILLPG                          = 0x289 // 649
+	SYS_SIGALTSTACK                     = 0x28A // 650
+	SYS_SIGHOLD                         = 0x28B // 651
+	SYS_SIGIGNORE                       = 0x28C // 652
+	SYS_SIGINTERRUPT                    = 0x28D // 653
+	SYS_SIGPAUSE                        = 0x28E // 654
+	SYS_SIGRELSE                        = 0x28F // 655
+	SYS_SIGSET                          = 0x290 // 656
+	SYS_SIGSTACK                        = 0x291 // 657
+	SYS_GETRLIMIT                       = 0x292 // 658
+	SYS_SETRLIMIT                       = 0x293 // 659
+	SYS_GETRUSAGE                       = 0x294 // 660
+	SYS_MMAP                            = 0x295 // 661
+	SYS_MPROTECT                        = 0x296 // 662
+	SYS_MSYNC                           = 0x297 // 663
+	SYS_MUNMAP                          = 0x298 // 664
+	SYS_CONFSTR                         = 0x299 // 665
+	SYS_GETOPT                          = 0x29A // 666
+	SYS_LCHOWN                          = 0x29B // 667
+	SYS_TRUNCATE                        = 0x29C // 668
+	SYS_GETSUBOPT                       = 0x29D // 669
+	SYS_SETPGRP                         = 0x29E // 670
+	SYS___GDERR                         = 0x29F // 671
+	SYS___TZONE                         = 0x2A0 // 672
+	SYS___DLGHT                         = 0x2A1 // 673
+	SYS___OPARGF                        = 0x2A2 // 674
+	SYS___OPOPTF                        = 0x2A3 // 675
+	SYS___OPINDF                        = 0x2A4 // 676
+	SYS___OPERRF                        = 0x2A5 // 677
+	SYS_GETDATE                         = 0x2A6 // 678
+	SYS_WAIT3                           = 0x2A7 // 679
+	SYS_WAITID                          = 0x2A8 // 680
+	SYS___CATTRM                        = 0x2A9 // 681
+	SYS___GDTRM                         = 0x2AA // 682
+	SYS___RNDTRM                        = 0x2AB // 683
+	SYS_CRYPT                           = 0x2AC // 684
+	SYS_ENCRYPT                         = 0x2AD // 685
+	SYS_SETKEY                          = 0x2AE // 686
+	SYS___CNVBLK                        = 0x2AF // 687
+	SYS___CRYTRM                        = 0x2B0 // 688
+	SYS___ECRTRM                        = 0x2B1 // 689
+	SYS_DRAND48                         = 0x2B2 // 690
+	SYS_ERAND48                         = 0x2B3 // 691
+	SYS_FSTATVFS                        = 0x2B4 // 692
+	SYS_STATVFS                         = 0x2B5 // 693
+	SYS_CATCLOSE                        = 0x2B6 // 694
+	SYS_CATGETS                         = 0x2B7 // 695
+	SYS_CATOPEN                         = 0x2B8 // 696
+	SYS_BCMP                            = 0x2B9 // 697
+	SYS_BCOPY                           = 0x2BA // 698
+	SYS_BZERO                           = 0x2BB // 699
+	SYS_FFS                             = 0x2BC // 700
+	SYS_INDEX                           = 0x2BD // 701
+	SYS_RINDEX                          = 0x2BE // 702
+	SYS_STRCASECMP                      = 0x2BF // 703
+	SYS_STRDUP                          = 0x2C0 // 704
+	SYS_STRNCASECMP                     = 0x2C1 // 705
+	SYS_INITSTATE                       = 0x2C2 // 706
+	SYS_SETSTATE                        = 0x2C3 // 707
+	SYS_RANDOM                          = 0x2C4 // 708
+	SYS_SRANDOM                         = 0x2C5 // 709
+	SYS_HCREATE                         = 0x2C6 // 710
+	SYS_HDESTROY                        = 0x2C7 // 711
+	SYS_HSEARCH                         = 0x2C8 // 712
+	SYS_LFIND                           = 0x2C9 // 713
+	SYS_LSEARCH                         = 0x2CA // 714
+	SYS_TDELETE                         = 0x2CB // 715
+	SYS_TFIND                           = 0x2CC // 716
+	SYS_TSEARCH                         = 0x2CD // 717
+	SYS_TWALK                           = 0x2CE // 718
+	SYS_INSQUE                          = 0x2CF // 719
+	SYS_REMQUE                          = 0x2D0 // 720
+	SYS_POPEN                           = 0x2D1 // 721
+	SYS_PCLOSE                          = 0x2D2 // 722
+	SYS_SWAB                            = 0x2D3 // 723
+	SYS_MEMCCPY                         = 0x2D4 // 724
+	SYS_GETPAGESIZE                     = 0x2D8 // 728
+	SYS_FCHDIR                          = 0x2D9 // 729
+	SYS___OCLCK                         = 0x2DA // 730
+	SYS___ATOE                          = 0x2DB // 731
+	SYS___ATOE_L                        = 0x2DC // 732
+	SYS___ETOA                          = 0x2DD // 733
+	SYS___ETOA_L                        = 0x2DE // 734
+	SYS_SETUTXENT                       = 0x2DF // 735
+	SYS_GETUTXENT                       = 0x2E0 // 736
+	SYS_ENDUTXENT                       = 0x2E1 // 737
+	SYS_GETUTXID                        = 0x2E2 // 738
+	SYS_GETUTXLINE                      = 0x2E3 // 739
+	SYS_PUTUTXLINE                      = 0x2E4 // 740
+	SYS_FMTMSG                          = 0x2E5 // 741
+	SYS_JRAND48                         = 0x2E6 // 742
+	SYS_LRAND48                         = 0x2E7 // 743
+	SYS_MRAND48                         = 0x2E8 // 744
+	SYS_NRAND48                         = 0x2E9 // 745
+	SYS_LCONG48                         = 0x2EA // 746
+	SYS_SRAND48                         = 0x2EB // 747
+	SYS_SEED48                          = 0x2EC // 748
+	SYS_ISASCII                         = 0x2ED // 749
+	SYS_TOASCII                         = 0x2EE // 750
+	SYS_A64L                            = 0x2EF // 751
+	SYS_L64A                            = 0x2F0 // 752
+	SYS_UALARM                          = 0x2F1 // 753
+	SYS_USLEEP                          = 0x2F2 // 754
+	SYS___UTXTRM                        = 0x2F3 // 755
+	SYS___SRCTRM                        = 0x2F4 // 756
+	SYS_FTIME                           = 0x2F5 // 757
+	SYS_GETTIMEOFDAY                    = 0x2F6 // 758
+	SYS_DBM_CLEARERR                    = 0x2F7 // 759
+	SYS_DBM_CLOSE                       = 0x2F8 // 760
+	SYS_DBM_DELETE                      = 0x2F9 // 761
+	SYS_DBM_ERROR                       = 0x2FA // 762
+	SYS_DBM_FETCH                       = 0x2FB // 763
+	SYS_DBM_FIRSTKEY                    = 0x2FC // 764
+	SYS_DBM_NEXTKEY                     = 0x2FD // 765
+	SYS_DBM_OPEN                        = 0x2FE // 766
+	SYS_DBM_STORE                       = 0x2FF // 767
+	SYS___NDMTRM                        = 0x300 // 768
+	SYS_FTOK                            = 0x301 // 769
+	SYS_BASENAME                        = 0x302 // 770
+	SYS_DIRNAME                         = 0x303 // 771
+	SYS_GETDTABLESIZE                   = 0x304 // 772
+	SYS_MKSTEMP                         = 0x305 // 773
+	SYS_MKTEMP                          = 0x306 // 774
+	SYS_NFTW                            = 0x307 // 775
+	SYS_GETWD                           = 0x308 // 776
+	SYS_LOCKF                           = 0x309 // 777
+	SYS__LONGJMP                        = 0x30D // 781
+	SYS__SETJMP                         = 0x30E // 782
+	SYS_VFORK                           = 0x30F // 783
+	SYS_WORDEXP                         = 0x310 // 784
+	SYS_WORDFREE                        = 0x311 // 785
+	SYS_GETPGID                         = 0x312 // 786
+	SYS_GETSID                          = 0x313 // 787
+	SYS___UTMPXNAME                     = 0x314 // 788
+	SYS_CUSERID                         = 0x315 // 789
+	SYS_GETPASS                         = 0x316 // 790
+	SYS_FNMATCH                         = 0x317 // 791
+	SYS_FTW                             = 0x318 // 792
+	SYS_GETW                            = 0x319 // 793
+	SYS_GLOB                            = 0x31A // 794
+	SYS_GLOBFREE                        = 0x31B // 795
+	SYS_PUTW                            = 0x31C // 796
+	SYS_SEEKDIR                         = 0x31D // 797
+	SYS_TELLDIR                         = 0x31E // 798
+	SYS_TEMPNAM                         = 0x31F // 799
+	SYS_ACOSH                           = 0x320 // 800
+	SYS_ASINH                           = 0x321 // 801
+	SYS_ATANH                           = 0x322 // 802
+	SYS_CBRT                            = 0x323 // 803
+	SYS_EXPM1                           = 0x324 // 804
+	SYS_ILOGB                           = 0x325 // 805
+	SYS_LOGB                            = 0x326 // 806
+	SYS_LOG1P                           = 0x327 // 807
+	SYS_NEXTAFTER                       = 0x328 // 808
+	SYS_RINT                            = 0x329 // 809
+	SYS_REMAINDER                       = 0x32A // 810
+	SYS_SCALB                           = 0x32B // 811
+	SYS_LGAMMA                          = 0x32C // 812
+	SYS_TTYSLOT                         = 0x32D // 813
+	SYS_GETTIMEOFDAY_R                  = 0x32E // 814
+	SYS_SYNC                            = 0x32F // 815
+	SYS_SPAWN                           = 0x330 // 816
+	SYS_SPAWNP                          = 0x331 // 817
+	SYS_GETLOGIN_UU                     = 0x332 // 818
+	SYS_ECVT                            = 0x333 // 819
+	SYS_FCVT                            = 0x334 // 820
+	SYS_GCVT                            = 0x335 // 821
+	SYS_ACCEPT                          = 0x336 // 822
+	SYS_BIND                            = 0x337 // 823
+	SYS_CONNECT                         = 0x338 // 824
+	SYS_ENDHOSTENT                      = 0x339 // 825
+	SYS_ENDPROTOENT                     = 0x33A // 826
+	SYS_ENDSERVENT                      = 0x33B // 827
+	SYS_GETHOSTBYADDR_R                 = 0x33C // 828
+	SYS_GETHOSTBYADDR                   = 0x33D // 829
+	SYS_GETHOSTBYNAME_R                 = 0x33E // 830
+	SYS_GETHOSTBYNAME                   = 0x33F // 831
+	SYS_GETHOSTENT                      = 0x340 // 832
+	SYS_GETHOSTID                       = 0x341 // 833
+	SYS_GETHOSTNAME                     = 0x342 // 834
+	SYS_GETNETBYADDR                    = 0x343 // 835
+	SYS_GETNETBYNAME                    = 0x344 // 836
+	SYS_GETNETENT                       = 0x345 // 837
+	SYS_GETPEERNAME                     = 0x346 // 838
+	SYS_GETPROTOBYNAME                  = 0x347 // 839
+	SYS_GETPROTOBYNUMBER                = 0x348 // 840
+	SYS_GETPROTOENT                     = 0x349 // 841
+	SYS_GETSERVBYNAME                   = 0x34A // 842
+	SYS_GETSERVBYPORT                   = 0x34B // 843
+	SYS_GETSERVENT                      = 0x34C // 844
+	SYS_GETSOCKNAME                     = 0x34D // 845
+	SYS_GETSOCKOPT                      = 0x34E // 846
+	SYS_INET_ADDR                       = 0x34F // 847
+	SYS_INET_LNAOF                      = 0x350 // 848
+	SYS_INET_MAKEADDR                   = 0x351 // 849
+	SYS_INET_NETOF                      = 0x352 // 850
+	SYS_INET_NETWORK                    = 0x353 // 851
+	SYS_INET_NTOA                       = 0x354 // 852
+	SYS_IOCTL                           = 0x355 // 853
+	SYS_LISTEN                          = 0x356 // 854
+	SYS_READV                           = 0x357 // 855
+	SYS_RECV                            = 0x358 // 856
+	SYS_RECVFROM                        = 0x359 // 857
+	SYS_SELECT                          = 0x35B // 859
+	SYS_SELECTEX                        = 0x35C // 860
+	SYS_SEND                            = 0x35D // 861
+	SYS_SENDTO                          = 0x35F // 863
+	SYS_SETHOSTENT                      = 0x360 // 864
+	SYS_SETNETENT                       = 0x361 // 865
+	SYS_SETPEER                         = 0x362 // 866
+	SYS_SETPROTOENT                     = 0x363 // 867
+	SYS_SETSERVENT                      = 0x364 // 868
+	SYS_SETSOCKOPT                      = 0x365 // 869
+	SYS_SHUTDOWN                        = 0x366 // 870
+	SYS_SOCKET                          = 0x367 // 871
+	SYS_SOCKETPAIR                      = 0x368 // 872
+	SYS_WRITEV                          = 0x369 // 873
+	SYS_CHROOT                          = 0x36A // 874
+	SYS_W_STATVFS                       = 0x36B // 875
+	SYS_ULIMIT                          = 0x36C // 876
+	SYS_ISNAN                           = 0x36D // 877
+	SYS_UTIMES                          = 0x36E // 878
+	SYS___H_ERRNO                       = 0x36F // 879
+	SYS_ENDNETENT                       = 0x370 // 880
+	SYS_CLOSELOG                        = 0x371 // 881
+	SYS_OPENLOG                         = 0x372 // 882
+	SYS_SETLOGMASK                      = 0x373 // 883
+	SYS_SYSLOG                          = 0x374 // 884
+	SYS_PTSNAME                         = 0x375 // 885
+	SYS_SETREUID                        = 0x376 // 886
+	SYS_SETREGID                        = 0x377 // 887
+	SYS_REALPATH                        = 0x378 // 888
+	SYS___SIGNGAM                       = 0x379 // 889
+	SYS_GRANTPT                         = 0x37A // 890
+	SYS_UNLOCKPT                        = 0x37B // 891
+	SYS_TCGETSID                        = 0x37C // 892
+	SYS___TCGETCP                       = 0x37D // 893
+	SYS___TCSETCP                       = 0x37E // 894
+	SYS___TCSETTABLES                   = 0x37F // 895
+	SYS_POLL                            = 0x380 // 896
+	SYS_REXEC                           = 0x381 // 897
+	SYS___ISASCII2                      = 0x382 // 898
+	SYS___TOASCII2                      = 0x383 // 899
+	SYS_CHPRIORITY                      = 0x384 // 900
+	SYS_PTHREAD_ATTR_SETSYNCTYPE_NP     = 0x385 // 901
+	SYS_PTHREAD_ATTR_GETSYNCTYPE_NP     = 0x386 // 902
+	SYS_PTHREAD_SET_LIMIT_NP            = 0x387 // 903
+	SYS___STNETENT                      = 0x388 // 904
+	SYS___STPROTOENT                    = 0x389 // 905
+	SYS___STSERVENT                     = 0x38A // 906
+	SYS___STHOSTENT                     = 0x38B // 907
+	SYS_NLIST                           = 0x38C // 908
+	SYS___IPDBCS                        = 0x38D // 909
+	SYS___IPDSPX                        = 0x38E // 910
+	SYS___IPMSGC                        = 0x38F // 911
+	SYS___SELECT1                       = 0x390 // 912
+	SYS_PTHREAD_SECURITY_NP             = 0x391 // 913
+	SYS___CHECK_RESOURCE_AUTH_NP        = 0x392 // 914
+	SYS___CONVERT_ID_NP                 = 0x393 // 915
+	SYS___OPENVMREL                     = 0x394 // 916
+	SYS_WMEMCHR                         = 0x395 // 917
+	SYS_WMEMCMP                         = 0x396 // 918
+	SYS_WMEMCPY                         = 0x397 // 919
+	SYS_WMEMMOVE                        = 0x398 // 920
+	SYS_WMEMSET                         = 0x399 // 921
+	SYS___FPUTWC                        = 0x400 // 1024
+	SYS___PUTWC                         = 0x401 // 1025
+	SYS___PWCHAR                        = 0x402 // 1026
+	SYS___WCSFTM                        = 0x403 // 1027
+	SYS___WCSTOK                        = 0x404 // 1028
+	SYS___WCWDTH                        = 0x405 // 1029
+	SYS_T_ACCEPT                        = 0x409 // 1033
+	SYS_T_ALLOC                         = 0x40A // 1034
+	SYS_T_BIND                          = 0x40B // 1035
+	SYS_T_CLOSE                         = 0x40C // 1036
+	SYS_T_CONNECT                       = 0x40D // 1037
+	SYS_T_ERROR                         = 0x40E // 1038
+	SYS_T_FREE                          = 0x40F // 1039
+	SYS_T_GETINFO                       = 0x410 // 1040
+	SYS_T_GETPROTADDR                   = 0x411 // 1041
+	SYS_T_GETSTATE                      = 0x412 // 1042
+	SYS_T_LISTEN                        = 0x413 // 1043
+	SYS_T_LOOK                          = 0x414 // 1044
+	SYS_T_OPEN                          = 0x415 // 1045
+	SYS_T_OPTMGMT                       = 0x416 // 1046
+	SYS_T_RCV                           = 0x417 // 1047
+	SYS_T_RCVCONNECT                    = 0x418 // 1048
+	SYS_T_RCVDIS                        = 0x419 // 1049
+	SYS_T_RCVREL                        = 0x41A // 1050
+	SYS_T_RCVUDATA                      = 0x41B // 1051
+	SYS_T_RCVUDERR                      = 0x41C // 1052
+	SYS_T_SND                           = 0x41D // 1053
+	SYS_T_SNDDIS                        = 0x41E // 1054
+	SYS_T_SNDREL                        = 0x41F // 1055
+	SYS_T_SNDUDATA                      = 0x420 // 1056
+	SYS_T_STRERROR                      = 0x421 // 1057
+	SYS_T_SYNC                          = 0x422 // 1058
+	SYS_T_UNBIND                        = 0x423 // 1059
+	SYS___T_ERRNO                       = 0x424 // 1060
+	SYS___RECVMSG2                      = 0x425 // 1061
+	SYS___SENDMSG2                      = 0x426 // 1062
+	SYS_FATTACH                         = 0x427 // 1063
+	SYS_FDETACH                         = 0x428 // 1064
+	SYS_GETMSG                          = 0x429 // 1065
+	SYS_GETPMSG                         = 0x42A // 1066
+	SYS_ISASTREAM                       = 0x42B // 1067
+	SYS_PUTMSG                          = 0x42C // 1068
+	SYS_PUTPMSG                         = 0x42D // 1069
+	SYS___ISPOSIXON                     = 0x42E // 1070
+	SYS___OPENMVSREL                    = 0x42F // 1071
+	SYS_GETCONTEXT                      = 0x430 // 1072
+	SYS_SETCONTEXT                      = 0x431 // 1073
+	SYS_MAKECONTEXT                     = 0x432 // 1074
+	SYS_SWAPCONTEXT                     = 0x433 // 1075
+	SYS_PTHREAD_GETSPECIFIC_D8_NP       = 0x434 // 1076
+	SYS_GETCLIENTID                     = 0x470 // 1136
+	SYS___GETCLIENTID                   = 0x471 // 1137
+	SYS_GETSTABLESIZE                   = 0x472 // 1138
+	SYS_GETIBMOPT                       = 0x473 // 1139
+	SYS_GETIBMSOCKOPT                   = 0x474 // 1140
+	SYS_GIVESOCKET                      = 0x475 // 1141
+	SYS_IBMSFLUSH                       = 0x476 // 1142
+	SYS_MAXDESC                         = 0x477 // 1143
+	SYS_SETIBMOPT                       = 0x478 // 1144
+	SYS_SETIBMSOCKOPT                   = 0x479 // 1145
+	SYS_SOCK_DEBUG                      = 0x47A // 1146
+	SYS_SOCK_DO_TESTSTOR                = 0x47D // 1149
+	SYS_TAKESOCKET                      = 0x47E // 1150
+	SYS___SERVER_INIT                   = 0x47F // 1151
+	SYS___SERVER_PWU                    = 0x480 // 1152
+	SYS_PTHREAD_TAG_NP                  = 0x481 // 1153
+	SYS___CONSOLE                       = 0x482 // 1154
+	SYS___WSINIT                        = 0x483 // 1155
+	SYS___IPTCPN                        = 0x489 // 1161
+	SYS___SMF_RECORD                    = 0x48A // 1162
+	SYS___IPHOST                        = 0x48B // 1163
+	SYS___IPNODE                        = 0x48C // 1164
+	SYS___SERVER_CLASSIFY_CREATE        = 0x48D // 1165
+	SYS___SERVER_CLASSIFY_DESTROY       = 0x48E // 1166
+	SYS___SERVER_CLASSIFY_RESET         = 0x48F // 1167
+	SYS___SERVER_CLASSIFY               = 0x490 // 1168
+	SYS___HEAPRPT                       = 0x496 // 1174
+	SYS___FNWSA                         = 0x49B // 1179
+	SYS___SPAWN2                        = 0x49D // 1181
+	SYS___SPAWNP2                       = 0x49E // 1182
+	SYS___GDRR                          = 0x4A1 // 1185
+	SYS___HRRNO                         = 0x4A2 // 1186
+	SYS___OPRG                          = 0x4A3 // 1187
+	SYS___OPRR                          = 0x4A4 // 1188
+	SYS___OPND                          = 0x4A5 // 1189
+	SYS___OPPT                          = 0x4A6 // 1190
+	SYS___SIGGM                         = 0x4A7 // 1191
+	SYS___DGHT                          = 0x4A8 // 1192
+	SYS___TZNE                          = 0x4A9 // 1193
+	SYS___TZZN                          = 0x4AA // 1194
+	SYS___TRRNO                         = 0x4AF // 1199
+	SYS___ENVN                          = 0x4B0 // 1200
+	SYS___MLOCKALL                      = 0x4B1 // 1201
+	SYS_CREATEWO                        = 0x4B2 // 1202
+	SYS_CREATEWORKUNIT                  = 0x4B2 // 1202
+	SYS_CONTINUE                        = 0x4B3 // 1203
+	SYS_CONTINUEWORKUNIT                = 0x4B3 // 1203
+	SYS_CONNECTW                        = 0x4B4 // 1204
+	SYS_CONNECTWORKMGR                  = 0x4B4 // 1204
+	SYS_CONNECTS                        = 0x4B5 // 1205
+	SYS_CONNECTSERVER                   = 0x4B5 // 1205
+	SYS_DISCONNE                        = 0x4B6 // 1206
+	SYS_DISCONNECTSERVER                = 0x4B6 // 1206
+	SYS_JOINWORK                        = 0x4B7 // 1207
+	SYS_JOINWORKUNIT                    = 0x4B7 // 1207
+	SYS_LEAVEWOR                        = 0x4B8 // 1208
+	SYS_LEAVEWORKUNIT                   = 0x4B8 // 1208
+	SYS_DELETEWO                        = 0x4B9 // 1209
+	SYS_DELETEWORKUNIT                  = 0x4B9 // 1209
+	SYS_QUERYMET                        = 0x4BA // 1210
+	SYS_QUERYMETRICS                    = 0x4BA // 1210
+	SYS_QUERYSCH                        = 0x4BB // 1211
+	SYS_QUERYSCHENV                     = 0x4BB // 1211
+	SYS_CHECKSCH                        = 0x4BC // 1212
+	SYS_CHECKSCHENV                     = 0x4BC // 1212
+	SYS___PID_AFFINITY                  = 0x4BD // 1213
+	SYS___ASINH_B                       = 0x4BE // 1214
+	SYS___ATAN_B                        = 0x4BF // 1215
+	SYS___CBRT_B                        = 0x4C0 // 1216
+	SYS___CEIL_B                        = 0x4C1 // 1217
+	SYS_COPYSIGN                        = 0x4C2 // 1218
+	SYS___COS_B                         = 0x4C3 // 1219
+	SYS___ERF_B                         = 0x4C4 // 1220
+	SYS___ERFC_B                        = 0x4C5 // 1221
+	SYS___EXPM1_B                       = 0x4C6 // 1222
+	SYS___FABS_B                        = 0x4C7 // 1223
+	SYS_FINITE                          = 0x4C8 // 1224
+	SYS___FLOOR_B                       = 0x4C9 // 1225
+	SYS___FREXP_B                       = 0x4CA // 1226
+	SYS___ILOGB_B                       = 0x4CB // 1227
+	SYS___ISNAN_B                       = 0x4CC // 1228
+	SYS___LDEXP_B                       = 0x4CD // 1229
+	SYS___LOG1P_B                       = 0x4CE // 1230
+	SYS___LOGB_B                        = 0x4CF // 1231
+	SYS_MATHERR                         = 0x4D0 // 1232
+	SYS___MODF_B                        = 0x4D1 // 1233
+	SYS___NEXTAFTER_B                   = 0x4D2 // 1234
+	SYS___RINT_B                        = 0x4D3 // 1235
+	SYS_SCALBN                          = 0x4D4 // 1236
+	SYS_SIGNIFIC                        = 0x4D5 // 1237
+	SYS_SIGNIFICAND                     = 0x4D5 // 1237
+	SYS___SIN_B                         = 0x4D6 // 1238
+	SYS___TAN_B                         = 0x4D7 // 1239
+	SYS___TANH_B                        = 0x4D8 // 1240
+	SYS___ACOS_B                        = 0x4D9 // 1241
+	SYS___ACOSH_B                       = 0x4DA // 1242
+	SYS___ASIN_B                        = 0x4DB // 1243
+	SYS___ATAN2_B                       = 0x4DC // 1244
+	SYS___ATANH_B                       = 0x4DD // 1245
+	SYS___COSH_B                        = 0x4DE // 1246
+	SYS___EXP_B                         = 0x4DF // 1247
+	SYS___FMOD_B                        = 0x4E0 // 1248
+	SYS___GAMMA_B                       = 0x4E1 // 1249
+	SYS_GAMMA_R                         = 0x4E2 // 1250
+	SYS___HYPOT_B                       = 0x4E3 // 1251
+	SYS___J0_B                          = 0x4E4 // 1252
+	SYS___Y0_B                          = 0x4E5 // 1253
+	SYS___J1_B                          = 0x4E6 // 1254
+	SYS___Y1_B                          = 0x4E7 // 1255
+	SYS___JN_B                          = 0x4E8 // 1256
+	SYS___YN_B                          = 0x4E9 // 1257
+	SYS___LGAMMA_B                      = 0x4EA // 1258
+	SYS_LGAMMA_R                        = 0x4EB // 1259
+	SYS___LOG_B                         = 0x4EC // 1260
+	SYS___LOG10_B                       = 0x4ED // 1261
+	SYS___POW_B                         = 0x4EE // 1262
+	SYS___REMAINDER_B                   = 0x4EF // 1263
+	SYS___SCALB_B                       = 0x4F0 // 1264
+	SYS___SINH_B                        = 0x4F1 // 1265
+	SYS___SQRT_B                        = 0x4F2 // 1266
+	SYS___OPENDIR2                      = 0x4F3 // 1267
+	SYS___READDIR2                      = 0x4F4 // 1268
+	SYS___LOGIN                         = 0x4F5 // 1269
+	SYS___OPEN_STAT                     = 0x4F6 // 1270
+	SYS_ACCEPT_AND_RECV                 = 0x4F7 // 1271
+	SYS___FP_SETMODE                    = 0x4F8 // 1272
+	SYS___SIGACTIONSET                  = 0x4FB // 1275
+	SYS___UCREATE                       = 0x4FC // 1276
+	SYS___UMALLOC                       = 0x4FD // 1277
+	SYS___UFREE                         = 0x4FE // 1278
+	SYS___UHEAPREPORT                   = 0x4FF // 1279
+	SYS___ISBFP                         = 0x500 // 1280
+	SYS___FP_CAST                       = 0x501 // 1281
+	SYS___CERTIFICATE                   = 0x502 // 1282
+	SYS_SEND_FILE                       = 0x503 // 1283
+	SYS_AIO_CANCEL                      = 0x504 // 1284
+	SYS_AIO_ERROR                       = 0x505 // 1285
+	SYS_AIO_READ                        = 0x506 // 1286
+	SYS_AIO_RETURN                      = 0x507 // 1287
+	SYS_AIO_SUSPEND                     = 0x508 // 1288
+	SYS_AIO_WRITE                       = 0x509 // 1289
+	SYS_PTHREAD_MUTEXATTR_GETPSHARED    = 0x50A // 1290
+	SYS_PTHREAD_MUTEXATTR_SETPSHARED    = 0x50B // 1291
+	SYS_PTHREAD_RWLOCK_DESTROY          = 0x50C // 1292
+	SYS_PTHREAD_RWLOCK_INIT             = 0x50D // 1293
+	SYS_PTHREAD_RWLOCK_RDLOCK           = 0x50E // 1294
+	SYS_PTHREAD_RWLOCK_TRYRDLOCK        = 0x50F // 1295
+	SYS_PTHREAD_RWLOCK_TRYWRLOCK        = 0x510 // 1296
+	SYS_PTHREAD_RWLOCK_UNLOCK           = 0x511 // 1297
+	SYS_PTHREAD_RWLOCK_WRLOCK           = 0x512 // 1298
+	SYS_PTHREAD_RWLOCKATTR_GETPSHARED   = 0x513 // 1299
+	SYS_PTHREAD_RWLOCKATTR_SETPSHARED   = 0x514 // 1300
+	SYS_PTHREAD_RWLOCKATTR_INIT         = 0x515 // 1301
+	SYS_PTHREAD_RWLOCKATTR_DESTROY      = 0x516 // 1302
+	SYS___CTTBL                         = 0x517 // 1303
+	SYS_PTHREAD_MUTEXATTR_SETTYPE       = 0x518 // 1304
+	SYS_PTHREAD_MUTEXATTR_GETTYPE       = 0x519 // 1305
+	SYS___FP_CLR_FLAG                   = 0x51A // 1306
+	SYS___FP_READ_FLAG                  = 0x51B // 1307
+	SYS___FP_RAISE_XCP                  = 0x51C // 1308
+	SYS___FP_CLASS                      = 0x51D // 1309
+	SYS___FP_FINITE                     = 0x51E // 1310
+	SYS___FP_ISNAN                      = 0x51F // 1311
+	SYS___FP_UNORDERED                  = 0x520 // 1312
+	SYS___FP_READ_RND                   = 0x521 // 1313
+	SYS___FP_READ_RND_B                 = 0x522 // 1314
+	SYS___FP_SWAP_RND                   = 0x523 // 1315
+	SYS___FP_SWAP_RND_B                 = 0x524 // 1316
+	SYS___FP_LEVEL                      = 0x525 // 1317
+	SYS___FP_BTOH                       = 0x526 // 1318
+	SYS___FP_HTOB                       = 0x527 // 1319
+	SYS___FPC_RD                        = 0x528 // 1320
+	SYS___FPC_WR                        = 0x529 // 1321
+	SYS___FPC_RW                        = 0x52A // 1322
+	SYS___FPC_SM                        = 0x52B // 1323
+	SYS___FPC_RS                        = 0x52C // 1324
+	SYS_SIGTIMEDWAIT                    = 0x52D // 1325
+	SYS_SIGWAITINFO                     = 0x52E // 1326
+	SYS___CHKBFP                        = 0x52F // 1327
+	SYS___W_PIOCTL                      = 0x59E // 1438
+	SYS___OSENV                         = 0x59F // 1439
+	SYS_EXPORTWO                        = 0x5A1 // 1441
+	SYS_EXPORTWORKUNIT                  = 0x5A1 // 1441
+	SYS_UNDOEXPO                        = 0x5A2 // 1442
+	SYS_UNDOEXPORTWORKUNIT              = 0x5A2 // 1442
+	SYS_IMPORTWO                        = 0x5A3 // 1443
+	SYS_IMPORTWORKUNIT                  = 0x5A3 // 1443
+	SYS_UNDOIMPO                        = 0x5A4 // 1444
+	SYS_UNDOIMPORTWORKUNIT              = 0x5A4 // 1444
+	SYS_EXTRACTW                        = 0x5A5 // 1445
+	SYS_EXTRACTWORKUNIT                 = 0x5A5 // 1445
+	SYS___CPL                           = 0x5A6 // 1446
+	SYS___MAP_INIT                      = 0x5A7 // 1447
+	SYS___MAP_SERVICE                   = 0x5A8 // 1448
+	SYS_SIGQUEUE                        = 0x5A9 // 1449
+	SYS___MOUNT                         = 0x5AA // 1450
+	SYS___GETUSERID                     = 0x5AB // 1451
+	SYS___IPDOMAINNAME                  = 0x5AC // 1452
+	SYS_QUERYENC                        = 0x5AD // 1453
+	SYS_QUERYWORKUNITCLASSIFICATION     = 0x5AD // 1453
+	SYS_CONNECTE                        = 0x5AE // 1454
+	SYS_CONNECTEXPORTIMPORT             = 0x5AE // 1454
+	SYS___FP_SWAPMODE                   = 0x5AF // 1455
+	SYS_STRTOLL                         = 0x5B0 // 1456
+	SYS_STRTOULL                        = 0x5B1 // 1457
+	SYS___DSA_PREV                      = 0x5B2 // 1458
+	SYS___EP_FIND                       = 0x5B3 // 1459
+	SYS___SERVER_THREADS_QUERY          = 0x5B4 // 1460
+	SYS___MSGRCV_TIMED                  = 0x5B7 // 1463
+	SYS___SEMOP_TIMED                   = 0x5B8 // 1464
+	SYS___GET_CPUID                     = 0x5B9 // 1465
+	SYS___GET_SYSTEM_SETTINGS           = 0x5BA // 1466
+	SYS_FTELLO                          = 0x5C8 // 1480
+	SYS_FSEEKO                          = 0x5C9 // 1481
+	SYS_LLDIV                           = 0x5CB // 1483
+	SYS_WCSTOLL                         = 0x5CC // 1484
+	SYS_WCSTOULL                        = 0x5CD // 1485
+	SYS_LLABS                           = 0x5CE // 1486
+	SYS___CONSOLE2                      = 0x5D2 // 1490
+	SYS_INET_NTOP                       = 0x5D3 // 1491
+	SYS_INET_PTON                       = 0x5D4 // 1492
+	SYS___RES                           = 0x5D6 // 1494
+	SYS_RES_MKQUERY                     = 0x5D7 // 1495
+	SYS_RES_INIT                        = 0x5D8 // 1496
+	SYS_RES_QUERY                       = 0x5D9 // 1497
+	SYS_RES_SEARCH                      = 0x5DA // 1498
+	SYS_RES_SEND                        = 0x5DB // 1499
+	SYS_RES_QUERYDOMAIN                 = 0x5DC // 1500
+	SYS_DN_EXPAND                       = 0x5DD // 1501
+	SYS_DN_SKIPNAME                     = 0x5DE // 1502
+	SYS_DN_COMP                         = 0x5DF // 1503
+	SYS_ASCTIME_R                       = 0x5E0 // 1504
+	SYS_CTIME_R                         = 0x5E1 // 1505
+	SYS_GMTIME_R                        = 0x5E2 // 1506
+	SYS_LOCALTIME_R                     = 0x5E3 // 1507
+	SYS_RAND_R                          = 0x5E4 // 1508
+	SYS_STRTOK_R                        = 0x5E5 // 1509
+	SYS_READDIR_R                       = 0x5E6 // 1510
+	SYS_GETGRGID_R                      = 0x5E7 // 1511
+	SYS_GETGRNAM_R                      = 0x5E8 // 1512
+	SYS_GETLOGIN_R                      = 0x5E9 // 1513
+	SYS_GETPWNAM_R                      = 0x5EA // 1514
+	SYS_GETPWUID_R                      = 0x5EB // 1515
+	SYS_TTYNAME_R                       = 0x5EC // 1516
+	SYS_PTHREAD_ATFORK                  = 0x5ED // 1517
+	SYS_PTHREAD_ATTR_GETGUARDSIZE       = 0x5EE // 1518
+	SYS_PTHREAD_ATTR_GETSTACKADDR       = 0x5EF // 1519
+	SYS_PTHREAD_ATTR_SETGUARDSIZE       = 0x5F0 // 1520
+	SYS_PTHREAD_ATTR_SETSTACKADDR       = 0x5F1 // 1521
+	SYS_PTHREAD_CONDATTR_GETPSHARED     = 0x5F2 // 1522
+	SYS_PTHREAD_CONDATTR_SETPSHARED     = 0x5F3 // 1523
+	SYS_PTHREAD_GETCONCURRENCY          = 0x5F4 // 1524
+	SYS_PTHREAD_KEY_DELETE              = 0x5F5 // 1525
+	SYS_PTHREAD_SETCONCURRENCY          = 0x5F6 // 1526
+	SYS_PTHREAD_SIGMASK                 = 0x5F7 // 1527
+	SYS___DISCARDDATA                   = 0x5F8 // 1528
+	SYS_PTHREAD_ATTR_GETSCHEDPARAM      = 0x5F9 // 1529
+	SYS_PTHREAD_ATTR_SETSCHEDPARAM      = 0x5FA // 1530
+	SYS_PTHREAD_ATTR_GETDETACHSTATE_U98 = 0x5FB // 1531
+	SYS_PTHREAD_ATTR_SETDETACHSTATE_U98 = 0x5FC // 1532
+	SYS_PTHREAD_DETACH_U98              = 0x5FD // 1533
+	SYS_PTHREAD_GETSPECIFIC_U98         = 0x5FE // 1534
+	SYS_PTHREAD_SETCANCELSTATE          = 0x5FF // 1535
+	SYS_PTHREAD_SETCANCELTYPE           = 0x600 // 1536
+	SYS_PTHREAD_TESTCANCEL              = 0x601 // 1537
+	SYS___ATANF_B                       = 0x602 // 1538
+	SYS___ATANL_B                       = 0x603 // 1539
+	SYS___CEILF_B                       = 0x604 // 1540
+	SYS___CEILL_B                       = 0x605 // 1541
+	SYS___COSF_B                        = 0x606 // 1542
+	SYS___COSL_B                        = 0x607 // 1543
+	SYS___FABSF_B                       = 0x608 // 1544
+	SYS___FABSL_B                       = 0x609 // 1545
+	SYS___FLOORF_B                      = 0x60A // 1546
+	SYS___FLOORL_B                      = 0x60B // 1547
+	SYS___FREXPF_B                      = 0x60C // 1548
+	SYS___FREXPL_B                      = 0x60D // 1549
+	SYS___LDEXPF_B                      = 0x60E // 1550
+	SYS___LDEXPL_B                      = 0x60F // 1551
+	SYS___SINF_B                        = 0x610 // 1552
+	SYS___SINL_B                        = 0x611 // 1553
+	SYS___TANF_B                        = 0x612 // 1554
+	SYS___TANL_B                        = 0x613 // 1555
+	SYS___TANHF_B                       = 0x614 // 1556
+	SYS___TANHL_B                       = 0x615 // 1557
+	SYS___ACOSF_B                       = 0x616 // 1558
+	SYS___ACOSL_B                       = 0x617 // 1559
+	SYS___ASINF_B                       = 0x618 // 1560
+	SYS___ASINL_B                       = 0x619 // 1561
+	SYS___ATAN2F_B                      = 0x61A // 1562
+	SYS___ATAN2L_B                      = 0x61B // 1563
+	SYS___COSHF_B                       = 0x61C // 1564
+	SYS___COSHL_B                       = 0x61D // 1565
+	SYS___EXPF_B                        = 0x61E // 1566
+	SYS___EXPL_B                        = 0x61F // 1567
+	SYS___LOGF_B                        = 0x620 // 1568
+	SYS___LOGL_B                        = 0x621 // 1569
+	SYS___LOG10F_B                      = 0x622 // 1570
+	SYS___LOG10L_B                      = 0x623 // 1571
+	SYS___POWF_B                        = 0x624 // 1572
+	SYS___POWL_B                        = 0x625 // 1573
+	SYS___SINHF_B                       = 0x626 // 1574
+	SYS___SINHL_B                       = 0x627 // 1575
+	SYS___SQRTF_B                       = 0x628 // 1576
+	SYS___SQRTL_B                       = 0x629 // 1577
+	SYS___ABSF_B                        = 0x62A // 1578
+	SYS___ABS_B                         = 0x62B // 1579
+	SYS___ABSL_B                        = 0x62C // 1580
+	SYS___FMODF_B                       = 0x62D // 1581
+	SYS___FMODL_B                       = 0x62E // 1582
+	SYS___MODFF_B                       = 0x62F // 1583
+	SYS___MODFL_B                       = 0x630 // 1584
+	SYS_ABSF                            = 0x631 // 1585
+	SYS_ABSL                            = 0x632 // 1586
+	SYS_ACOSF                           = 0x633 // 1587
+	SYS_ACOSL                           = 0x634 // 1588
+	SYS_ASINF                           = 0x635 // 1589
+	SYS_ASINL                           = 0x636 // 1590
+	SYS_ATAN2F                          = 0x637 // 1591
+	SYS_ATAN2L                          = 0x638 // 1592
+	SYS_ATANF                           = 0x639 // 1593
+	SYS_ATANL                           = 0x63A // 1594
+	SYS_CEILF                           = 0x63B // 1595
+	SYS_CEILL                           = 0x63C // 1596
+	SYS_COSF                            = 0x63D // 1597
+	SYS_COSL                            = 0x63E // 1598
+	SYS_COSHF                           = 0x63F // 1599
+	SYS_COSHL                           = 0x640 // 1600
+	SYS_EXPF                            = 0x641 // 1601
+	SYS_EXPL                            = 0x642 // 1602
+	SYS_TANHF                           = 0x643 // 1603
+	SYS_TANHL                           = 0x644 // 1604
+	SYS_LOG10F                          = 0x645 // 1605
+	SYS_LOG10L                          = 0x646 // 1606
+	SYS_LOGF                            = 0x647 // 1607
+	SYS_LOGL                            = 0x648 // 1608
+	SYS_POWF                            = 0x649 // 1609
+	SYS_POWL                            = 0x64A // 1610
+	SYS_SINF                            = 0x64B // 1611
+	SYS_SINL                            = 0x64C // 1612
+	SYS_SQRTF                           = 0x64D // 1613
+	SYS_SQRTL                           = 0x64E // 1614
+	SYS_SINHF                           = 0x64F // 1615
+	SYS_SINHL                           = 0x650 // 1616
+	SYS_TANF                            = 0x651 // 1617
+	SYS_TANL                            = 0x652 // 1618
+	SYS_FABSF                           = 0x653 // 1619
+	SYS_FABSL                           = 0x654 // 1620
+	SYS_FLOORF                          = 0x655 // 1621
+	SYS_FLOORL                          = 0x656 // 1622
+	SYS_FMODF                           = 0x657 // 1623
+	SYS_FMODL                           = 0x658 // 1624
+	SYS_FREXPF                          = 0x659 // 1625
+	SYS_FREXPL                          = 0x65A // 1626
+	SYS_LDEXPF                          = 0x65B // 1627
+	SYS_LDEXPL                          = 0x65C // 1628
+	SYS_MODFF                           = 0x65D // 1629
+	SYS_MODFL                           = 0x65E // 1630
+	SYS_BTOWC                           = 0x65F // 1631
+	SYS___CHATTR                        = 0x660 // 1632
+	SYS___FCHATTR                       = 0x661 // 1633
+	SYS___TOCCSID                       = 0x662 // 1634
+	SYS___CSNAMETYPE                    = 0x663 // 1635
+	SYS___TOCSNAME                      = 0x664 // 1636
+	SYS___CCSIDTYPE                     = 0x665 // 1637
+	SYS___AE_CORRESTBL_QUERY            = 0x666 // 1638
+	SYS___AE_AUTOCONVERT_STATE          = 0x667 // 1639
+	SYS_DN_FIND                         = 0x668 // 1640
+	SYS___GETHOSTBYADDR_A               = 0x669 // 1641
+	SYS___GETHOSTBYNAME_A               = 0x66A // 1642
+	SYS___RES_INIT_A                    = 0x66B // 1643
+	SYS___GETHOSTBYADDR_R_A             = 0x66C // 1644
+	SYS___GETHOSTBYNAME_R_A             = 0x66D // 1645
+	SYS___CHARMAP_INIT_A                = 0x66E // 1646
+	SYS___MBLEN_A                       = 0x66F // 1647
+	SYS___MBLEN_SB_A                    = 0x670 // 1648
+	SYS___MBLEN_STD_A                   = 0x671 // 1649
+	SYS___MBLEN_UTF                     = 0x672 // 1650
+	SYS___MBSTOWCS_A                    = 0x673 // 1651
+	SYS___MBSTOWCS_STD_A                = 0x674 // 1652
+	SYS___MBTOWC_A                      = 0x675 // 1653
+	SYS___MBTOWC_ISO1                   = 0x676 // 1654
+	SYS___MBTOWC_SBCS                   = 0x677 // 1655
+	SYS___MBTOWC_MBCS                   = 0x678 // 1656
+	SYS___MBTOWC_UTF                    = 0x679 // 1657
+	SYS___WCSTOMBS_A                    = 0x67A // 1658
+	SYS___WCSTOMBS_STD_A                = 0x67B // 1659
+	SYS___WCSWIDTH_A                    = 0x67C // 1660
+	SYS___GETGRGID_R_A                  = 0x67D // 1661
+	SYS___WCSWIDTH_STD_A                = 0x67E // 1662
+	SYS___WCSWIDTH_ASIA                 = 0x67F // 1663
+	SYS___CSID_A                        = 0x680 // 1664
+	SYS___CSID_STD_A                    = 0x681 // 1665
+	SYS___WCSID_A                       = 0x682 // 1666
+	SYS___WCSID_STD_A                   = 0x683 // 1667
+	SYS___WCTOMB_A                      = 0x684 // 1668
+	SYS___WCTOMB_ISO1                   = 0x685 // 1669
+	SYS___WCTOMB_STD_A                  = 0x686 // 1670
+	SYS___WCTOMB_UTF                    = 0x687 // 1671
+	SYS___WCWIDTH_A                     = 0x688 // 1672
+	SYS___GETGRNAM_R_A                  = 0x689 // 1673
+	SYS___WCWIDTH_STD_A                 = 0x68A // 1674
+	SYS___WCWIDTH_ASIA                  = 0x68B // 1675
+	SYS___GETPWNAM_R_A                  = 0x68C // 1676
+	SYS___GETPWUID_R_A                  = 0x68D // 1677
+	SYS___GETLOGIN_R_A                  = 0x68E // 1678
+	SYS___TTYNAME_R_A                   = 0x68F // 1679
+	SYS___READDIR_R_A                   = 0x690 // 1680
+	SYS___E2A_S                         = 0x691 // 1681
+	SYS___FNMATCH_A                     = 0x692 // 1682
+	SYS___FNMATCH_C_A                   = 0x693 // 1683
+	SYS___EXECL_A                       = 0x694 // 1684
+	SYS___FNMATCH_STD_A                 = 0x695 // 1685
+	SYS___REGCOMP_A                     = 0x696 // 1686
+	SYS___REGCOMP_STD_A                 = 0x697 // 1687
+	SYS___REGERROR_A                    = 0x698 // 1688
+	SYS___REGERROR_STD_A                = 0x699 // 1689
+	SYS___REGEXEC_A                     = 0x69A // 1690
+	SYS___REGEXEC_STD_A                 = 0x69B // 1691
+	SYS___REGFREE_A                     = 0x69C // 1692
+	SYS___REGFREE_STD_A                 = 0x69D // 1693
+	SYS___STRCOLL_A                     = 0x69E // 1694
+	SYS___STRCOLL_C_A                   = 0x69F // 1695
+	SYS___EXECLE_A                      = 0x6A0 // 1696
+	SYS___STRCOLL_STD_A                 = 0x6A1 // 1697
+	SYS___STRXFRM_A                     = 0x6A2 // 1698
+	SYS___STRXFRM_C_A                   = 0x6A3 // 1699
+	SYS___EXECLP_A                      = 0x6A4 // 1700
+	SYS___STRXFRM_STD_A                 = 0x6A5 // 1701
+	SYS___WCSCOLL_A                     = 0x6A6 // 1702
+	SYS___WCSCOLL_C_A                   = 0x6A7 // 1703
+	SYS___WCSCOLL_STD_A                 = 0x6A8 // 1704
+	SYS___WCSXFRM_A                     = 0x6A9 // 1705
+	SYS___WCSXFRM_C_A                   = 0x6AA // 1706
+	SYS___WCSXFRM_STD_A                 = 0x6AB // 1707
+	SYS___COLLATE_INIT_A                = 0x6AC // 1708
+	SYS___WCTYPE_A                      = 0x6AD // 1709
+	SYS___GET_WCTYPE_STD_A              = 0x6AE // 1710
+	SYS___CTYPE_INIT_A                  = 0x6AF // 1711
+	SYS___ISWCTYPE_A                    = 0x6B0 // 1712
+	SYS___EXECV_A                       = 0x6B1 // 1713
+	SYS___IS_WCTYPE_STD_A               = 0x6B2 // 1714
+	SYS___TOWLOWER_A                    = 0x6B3 // 1715
+	SYS___TOWLOWER_STD_A                = 0x6B4 // 1716
+	SYS___TOWUPPER_A                    = 0x6B5 // 1717
+	SYS___TOWUPPER_STD_A                = 0x6B6 // 1718
+	SYS___LOCALE_INIT_A                 = 0x6B7 // 1719
+	SYS___LOCALECONV_A                  = 0x6B8 // 1720
+	SYS___LOCALECONV_STD_A              = 0x6B9 // 1721
+	SYS___NL_LANGINFO_A                 = 0x6BA // 1722
+	SYS___NL_LNAGINFO_STD_A             = 0x6BB // 1723
+	SYS___MONETARY_INIT_A               = 0x6BC // 1724
+	SYS___STRFMON_A                     = 0x6BD // 1725
+	SYS___STRFMON_STD_A                 = 0x6BE // 1726
+	SYS___GETADDRINFO_A                 = 0x6BF // 1727
+	SYS___CATGETS_A                     = 0x6C0 // 1728
+	SYS___EXECVE_A                      = 0x6C1 // 1729
+	SYS___EXECVP_A                      = 0x6C2 // 1730
+	SYS___SPAWN_A                       = 0x6C3 // 1731
+	SYS___GETNAMEINFO_A                 = 0x6C4 // 1732
+	SYS___SPAWNP_A                      = 0x6C5 // 1733
+	SYS___NUMERIC_INIT_A                = 0x6C6 // 1734
+	SYS___RESP_INIT_A                   = 0x6C7 // 1735
+	SYS___RPMATCH_A                     = 0x6C8 // 1736
+	SYS___RPMATCH_C_A                   = 0x6C9 // 1737
+	SYS___RPMATCH_STD_A                 = 0x6CA // 1738
+	SYS___TIME_INIT_A                   = 0x6CB // 1739
+	SYS___STRFTIME_A                    = 0x6CC // 1740
+	SYS___STRFTIME_STD_A                = 0x6CD // 1741
+	SYS___STRPTIME_A                    = 0x6CE // 1742
+	SYS___STRPTIME_STD_A                = 0x6CF // 1743
+	SYS___WCSFTIME_A                    = 0x6D0 // 1744
+	SYS___WCSFTIME_STD_A                = 0x6D1 // 1745
+	SYS_____SPAWN2_A                    = 0x6D2 // 1746
+	SYS_____SPAWNP2_A                   = 0x6D3 // 1747
+	SYS___SYNTAX_INIT_A                 = 0x6D4 // 1748
+	SYS___TOD_INIT_A                    = 0x6D5 // 1749
+	SYS___NL_CSINFO_A                   = 0x6D6 // 1750
+	SYS___NL_MONINFO_A                  = 0x6D7 // 1751
+	SYS___NL_NUMINFO_A                  = 0x6D8 // 1752
+	SYS___NL_RESPINFO_A                 = 0x6D9 // 1753
+	SYS___NL_TIMINFO_A                  = 0x6DA // 1754
+	SYS___IF_NAMETOINDEX_A              = 0x6DB // 1755
+	SYS___IF_INDEXTONAME_A              = 0x6DC // 1756
+	SYS___PRINTF_A                      = 0x6DD // 1757
+	SYS___ICONV_OPEN_A                  = 0x6DE // 1758
+	SYS___DLLLOAD_A                     = 0x6DF // 1759
+	SYS___DLLQUERYFN_A                  = 0x6E0 // 1760
+	SYS___DLLQUERYVAR_A                 = 0x6E1 // 1761
+	SYS_____CHATTR_A                    = 0x6E2 // 1762
+	SYS___E2A_L                         = 0x6E3 // 1763
+	SYS_____TOCCSID_A                   = 0x6E4 // 1764
+	SYS_____TOCSNAME_A                  = 0x6E5 // 1765
+	SYS_____CCSIDTYPE_A                 = 0x6E6 // 1766
+	SYS_____CSNAMETYPE_A                = 0x6E7 // 1767
+	SYS___CHMOD_A                       = 0x6E8 // 1768
+	SYS___MKDIR_A                       = 0x6E9 // 1769
+	SYS___STAT_A                        = 0x6EA // 1770
+	SYS___STAT_O_A                      = 0x6EB // 1771
+	SYS___MKFIFO_A                      = 0x6EC // 1772
+	SYS_____OPEN_STAT_A                 = 0x6ED // 1773
+	SYS___LSTAT_A                       = 0x6EE // 1774
+	SYS___LSTAT_O_A                     = 0x6EF // 1775
+	SYS___MKNOD_A                       = 0x6F0 // 1776
+	SYS___MOUNT_A                       = 0x6F1 // 1777
+	SYS___UMOUNT_A                      = 0x6F2 // 1778
+	SYS___CHAUDIT_A                     = 0x6F4 // 1780
+	SYS___W_GETMNTENT_A                 = 0x6F5 // 1781
+	SYS___CREAT_A                       = 0x6F6 // 1782
+	SYS___OPEN_A                        = 0x6F7 // 1783
+	SYS___SETLOCALE_A                   = 0x6F9 // 1785
+	SYS___FPRINTF_A                     = 0x6FA // 1786
+	SYS___SPRINTF_A                     = 0x6FB // 1787
+	SYS___VFPRINTF_A                    = 0x6FC // 1788
+	SYS___VPRINTF_A                     = 0x6FD // 1789
+	SYS___VSPRINTF_A                    = 0x6FE // 1790
+	SYS___VSWPRINTF_A                   = 0x6FF // 1791
+	SYS___SWPRINTF_A                    = 0x700 // 1792
+	SYS___FSCANF_A                      = 0x701 // 1793
+	SYS___SCANF_A                       = 0x702 // 1794
+	SYS___SSCANF_A                      = 0x703 // 1795
+	SYS___SWSCANF_A                     = 0x704 // 1796
+	SYS___ATOF_A                        = 0x705 // 1797
+	SYS___ATOI_A                        = 0x706 // 1798
+	SYS___ATOL_A                        = 0x707 // 1799
+	SYS___STRTOD_A                      = 0x708 // 1800
+	SYS___STRTOL_A                      = 0x709 // 1801
+	SYS___STRTOUL_A                     = 0x70A // 1802
+	SYS_____AE_CORRESTBL_QUERY_A        = 0x70B // 1803
+	SYS___A64L_A                        = 0x70C // 1804
+	SYS___ECVT_A                        = 0x70D // 1805
+	SYS___FCVT_A                        = 0x70E // 1806
+	SYS___GCVT_A                        = 0x70F // 1807
+	SYS___L64A_A                        = 0x710 // 1808
+	SYS___STRERROR_A                    = 0x711 // 1809
+	SYS___PERROR_A                      = 0x712 // 1810
+	SYS___FETCH_A                       = 0x713 // 1811
+	SYS___GETENV_A                      = 0x714 // 1812
+	SYS___MKSTEMP_A                     = 0x717 // 1815
+	SYS___PTSNAME_A                     = 0x718 // 1816
+	SYS___PUTENV_A                      = 0x719 // 1817
+	SYS___REALPATH_A                    = 0x71A // 1818
+	SYS___SETENV_A                      = 0x71B // 1819
+	SYS___SYSTEM_A                      = 0x71C // 1820
+	SYS___GETOPT_A                      = 0x71D // 1821
+	SYS___CATOPEN_A                     = 0x71E // 1822
+	SYS___ACCESS_A                      = 0x71F // 1823
+	SYS___CHDIR_A                       = 0x720 // 1824
+	SYS___CHOWN_A                       = 0x721 // 1825
+	SYS___CHROOT_A                      = 0x722 // 1826
+	SYS___GETCWD_A                      = 0x723 // 1827
+	SYS___GETWD_A                       = 0x724 // 1828
+	SYS___LCHOWN_A                      = 0x725 // 1829
+	SYS___LINK_A                        = 0x726 // 1830
+	SYS___PATHCONF_A                    = 0x727 // 1831
+	SYS___IF_NAMEINDEX_A                = 0x728 // 1832
+	SYS___READLINK_A                    = 0x729 // 1833
+	SYS___RMDIR_A                       = 0x72A // 1834
+	SYS___STATVFS_A                     = 0x72B // 1835
+	SYS___SYMLINK_A                     = 0x72C // 1836
+	SYS___TRUNCATE_A                    = 0x72D // 1837
+	SYS___UNLINK_A                      = 0x72E // 1838
+	SYS___GAI_STRERROR_A                = 0x72F // 1839
+	SYS___EXTLINK_NP_A                  = 0x730 // 1840
+	SYS___ISALNUM_A                     = 0x731 // 1841
+	SYS___ISALPHA_A                     = 0x732 // 1842
+	SYS___A2E_S                         = 0x733 // 1843
+	SYS___ISCNTRL_A                     = 0x734 // 1844
+	SYS___ISDIGIT_A                     = 0x735 // 1845
+	SYS___ISGRAPH_A                     = 0x736 // 1846
+	SYS___ISLOWER_A                     = 0x737 // 1847
+	SYS___ISPRINT_A                     = 0x738 // 1848
+	SYS___ISPUNCT_A                     = 0x739 // 1849
+	SYS___ISSPACE_A                     = 0x73A // 1850
+	SYS___ISUPPER_A                     = 0x73B // 1851
+	SYS___ISXDIGIT_A                    = 0x73C // 1852
+	SYS___TOLOWER_A                     = 0x73D // 1853
+	SYS___TOUPPER_A                     = 0x73E // 1854
+	SYS___ISWALNUM_A                    = 0x73F // 1855
+	SYS___ISWALPHA_A                    = 0x740 // 1856
+	SYS___A2E_L                         = 0x741 // 1857
+	SYS___ISWCNTRL_A                    = 0x742 // 1858
+	SYS___ISWDIGIT_A                    = 0x743 // 1859
+	SYS___ISWGRAPH_A                    = 0x744 // 1860
+	SYS___ISWLOWER_A                    = 0x745 // 1861
+	SYS___ISWPRINT_A                    = 0x746 // 1862
+	SYS___ISWPUNCT_A                    = 0x747 // 1863
+	SYS___ISWSPACE_A                    = 0x748 // 1864
+	SYS___ISWUPPER_A                    = 0x749 // 1865
+	SYS___ISWXDIGIT_A                   = 0x74A // 1866
+	SYS___CONFSTR_A                     = 0x74B // 1867
+	SYS___FTOK_A                        = 0x74C // 1868
+	SYS___MKTEMP_A                      = 0x74D // 1869
+	SYS___FDOPEN_A                      = 0x74E // 1870
+	SYS___FLDATA_A                      = 0x74F // 1871
+	SYS___REMOVE_A                      = 0x750 // 1872
+	SYS___RENAME_A                      = 0x751 // 1873
+	SYS___TMPNAM_A                      = 0x752 // 1874
+	SYS___FOPEN_A                       = 0x753 // 1875
+	SYS___FREOPEN_A                     = 0x754 // 1876
+	SYS___CUSERID_A                     = 0x755 // 1877
+	SYS___POPEN_A                       = 0x756 // 1878
+	SYS___TEMPNAM_A                     = 0x757 // 1879
+	SYS___FTW_A                         = 0x758 // 1880
+	SYS___GETGRENT_A                    = 0x759 // 1881
+	SYS___GETGRGID_A                    = 0x75A // 1882
+	SYS___GETGRNAM_A                    = 0x75B // 1883
+	SYS___GETGROUPSBYNAME_A             = 0x75C // 1884
+	SYS___GETHOSTENT_A                  = 0x75D // 1885
+	SYS___GETHOSTNAME_A                 = 0x75E // 1886
+	SYS___GETLOGIN_A                    = 0x75F // 1887
+	SYS___INET_NTOP_A                   = 0x760 // 1888
+	SYS___GETPASS_A                     = 0x761 // 1889
+	SYS___GETPWENT_A                    = 0x762 // 1890
+	SYS___GETPWNAM_A                    = 0x763 // 1891
+	SYS___GETPWUID_A                    = 0x764 // 1892
+	SYS_____CHECK_RESOURCE_AUTH_NP_A    = 0x765 // 1893
+	SYS___CHECKSCHENV_A                 = 0x766 // 1894
+	SYS___CONNECTSERVER_A               = 0x767 // 1895
+	SYS___CONNECTWORKMGR_A              = 0x768 // 1896
+	SYS_____CONSOLE_A                   = 0x769 // 1897
+	SYS___CREATEWORKUNIT_A              = 0x76A // 1898
+	SYS___CTERMID_A                     = 0x76B // 1899
+	SYS___FMTMSG_A                      = 0x76C // 1900
+	SYS___INITGROUPS_A                  = 0x76D // 1901
+	SYS_____LOGIN_A                     = 0x76E // 1902
+	SYS___MSGRCV_A                      = 0x76F // 1903
+	SYS___MSGSND_A                      = 0x770 // 1904
+	SYS___MSGXRCV_A                     = 0x771 // 1905
+	SYS___NFTW_A                        = 0x772 // 1906
+	SYS_____PASSWD_A                    = 0x773 // 1907
+	SYS___PTHREAD_SECURITY_NP_A         = 0x774 // 1908
+	SYS___QUERYMETRICS_A                = 0x775 // 1909
+	SYS___QUERYSCHENV                   = 0x776 // 1910
+	SYS___READV_A                       = 0x777 // 1911
+	SYS_____SERVER_CLASSIFY_A           = 0x778 // 1912
+	SYS_____SERVER_INIT_A               = 0x779 // 1913
+	SYS_____SERVER_PWU_A                = 0x77A // 1914
+	SYS___STRCASECMP_A                  = 0x77B // 1915
+	SYS___STRNCASECMP_A                 = 0x77C // 1916
+	SYS___TTYNAME_A                     = 0x77D // 1917
+	SYS___UNAME_A                       = 0x77E // 1918
+	SYS___UTIMES_A                      = 0x77F // 1919
+	SYS___W_GETPSENT_A                  = 0x780 // 1920
+	SYS___WRITEV_A                      = 0x781 // 1921
+	SYS___W_STATFS_A                    = 0x782 // 1922
+	SYS___W_STATVFS_A                   = 0x783 // 1923
+	SYS___FPUTC_A                       = 0x784 // 1924
+	SYS___PUTCHAR_A                     = 0x785 // 1925
+	SYS___PUTS_A                        = 0x786 // 1926
+	SYS___FGETS_A                       = 0x787 // 1927
+	SYS___GETS_A                        = 0x788 // 1928
+	SYS___FPUTS_A                       = 0x789 // 1929
+	SYS___FREAD_A                       = 0x78A // 1930
+	SYS___FWRITE_A                      = 0x78B // 1931
+	SYS___OPEN_O_A                      = 0x78C // 1932
+	SYS___ISASCII                       = 0x78D // 1933
+	SYS___CREAT_O_A                     = 0x78E // 1934
+	SYS___ENVNA                         = 0x78F // 1935
+	SYS___PUTC_A                        = 0x790 // 1936
+	SYS___AE_THREAD_SETMODE             = 0x791 // 1937
+	SYS___AE_THREAD_SWAPMODE            = 0x792 // 1938
+	SYS___GETNETBYADDR_A                = 0x793 // 1939
+	SYS___GETNETBYNAME_A                = 0x794 // 1940
+	SYS___GETNETENT_A                   = 0x795 // 1941
+	SYS___GETPROTOBYNAME_A              = 0x796 // 1942
+	SYS___GETPROTOBYNUMBER_A            = 0x797 // 1943
+	SYS___GETPROTOENT_A                 = 0x798 // 1944
+	SYS___GETSERVBYNAME_A               = 0x799 // 1945
+	SYS___GETSERVBYPORT_A               = 0x79A // 1946
+	SYS___GETSERVENT_A                  = 0x79B // 1947
+	SYS___ASCTIME_A                     = 0x79C // 1948
+	SYS___CTIME_A                       = 0x79D // 1949
+	SYS___GETDATE_A                     = 0x79E // 1950
+	SYS___TZSET_A                       = 0x79F // 1951
+	SYS___UTIME_A                       = 0x7A0 // 1952
+	SYS___ASCTIME_R_A                   = 0x7A1 // 1953
+	SYS___CTIME_R_A                     = 0x7A2 // 1954
+	SYS___STRTOLL_A                     = 0x7A3 // 1955
+	SYS___STRTOULL_A                    = 0x7A4 // 1956
+	SYS___FPUTWC_A                      = 0x7A5 // 1957
+	SYS___PUTWC_A                       = 0x7A6 // 1958
+	SYS___PUTWCHAR_A                    = 0x7A7 // 1959
+	SYS___FPUTWS_A                      = 0x7A8 // 1960
+	SYS___UNGETWC_A                     = 0x7A9 // 1961
+	SYS___FGETWC_A                      = 0x7AA // 1962
+	SYS___GETWC_A                       = 0x7AB // 1963
+	SYS___GETWCHAR_A                    = 0x7AC // 1964
+	SYS___FGETWS_A                      = 0x7AD // 1965
+	SYS___GETTIMEOFDAY_A                = 0x7AE // 1966
+	SYS___GMTIME_A                      = 0x7AF // 1967
+	SYS___GMTIME_R_A                    = 0x7B0 // 1968
+	SYS___LOCALTIME_A                   = 0x7B1 // 1969
+	SYS___LOCALTIME_R_A                 = 0x7B2 // 1970
+	SYS___MKTIME_A                      = 0x7B3 // 1971
+	SYS___TZZNA                         = 0x7B4 // 1972
+	SYS_UNATEXIT                        = 0x7B5 // 1973
+	SYS___CEE3DMP_A                     = 0x7B6 // 1974
+	SYS___CDUMP_A                       = 0x7B7 // 1975
+	SYS___CSNAP_A                       = 0x7B8 // 1976
+	SYS___CTEST_A                       = 0x7B9 // 1977
+	SYS___CTRACE_A                      = 0x7BA // 1978
+	SYS___VSWPRNTF2_A                   = 0x7BB // 1979
+	SYS___INET_PTON_A                   = 0x7BC // 1980
+	SYS___SYSLOG_A                      = 0x7BD // 1981
+	SYS___CRYPT_A                       = 0x7BE // 1982
+	SYS_____OPENDIR2_A                  = 0x7BF // 1983
+	SYS_____READDIR2_A                  = 0x7C0 // 1984
+	SYS___OPENDIR_A                     = 0x7C2 // 1986
+	SYS___READDIR_A                     = 0x7C3 // 1987
+	SYS_PREAD                           = 0x7C7 // 1991
+	SYS_PWRITE                          = 0x7C8 // 1992
+	SYS_M_CREATE_LAYOUT                 = 0x7C9 // 1993
+	SYS_M_DESTROY_LAYOUT                = 0x7CA // 1994
+	SYS_M_GETVALUES_LAYOUT              = 0x7CB // 1995
+	SYS_M_SETVALUES_LAYOUT              = 0x7CC // 1996
+	SYS_M_TRANSFORM_LAYOUT              = 0x7CD // 1997
+	SYS_M_WTRANSFORM_LAYOUT             = 0x7CE // 1998
+	SYS_FWPRINTF                        = 0x7D1 // 2001
+	SYS_WPRINTF                         = 0x7D2 // 2002
+	SYS_VFWPRINT                        = 0x7D3 // 2003
+	SYS_VFWPRINTF                       = 0x7D3 // 2003
+	SYS_VWPRINTF                        = 0x7D4 // 2004
+	SYS_FWSCANF                         = 0x7D5 // 2005
+	SYS_WSCANF                          = 0x7D6 // 2006
+	SYS_WCTRANS                         = 0x7D7 // 2007
+	SYS_TOWCTRAN                        = 0x7D8 // 2008
+	SYS_TOWCTRANS                       = 0x7D8 // 2008
+	SYS___WCSTOD_A                      = 0x7D9 // 2009
+	SYS___WCSTOL_A                      = 0x7DA // 2010
+	SYS___WCSTOUL_A                     = 0x7DB // 2011
+	SYS___BASENAME_A                    = 0x7DC // 2012
+	SYS___DIRNAME_A                     = 0x7DD // 2013
+	SYS___GLOB_A                        = 0x7DE // 2014
+	SYS_FWIDE                           = 0x7DF // 2015
+	SYS___OSNAME                        = 0x7E0 // 2016
+	SYS_____OSNAME_A                    = 0x7E1 // 2017
+	SYS___BTOWC_A                       = 0x7E4 // 2020
+	SYS___WCTOB_A                       = 0x7E5 // 2021
+	SYS___DBM_OPEN_A                    = 0x7E6 // 2022
+	SYS___VFPRINTF2_A                   = 0x7E7 // 2023
+	SYS___VPRINTF2_A                    = 0x7E8 // 2024
+	SYS___VSPRINTF2_A                   = 0x7E9 // 2025
+	SYS___CEIL_H                        = 0x7EA // 2026
+	SYS___FLOOR_H                       = 0x7EB // 2027
+	SYS___MODF_H                        = 0x7EC // 2028
+	SYS___FABS_H                        = 0x7ED // 2029
+	SYS___J0_H                          = 0x7EE // 2030
+	SYS___J1_H                          = 0x7EF // 2031
+	SYS___JN_H                          = 0x7F0 // 2032
+	SYS___Y0_H                          = 0x7F1 // 2033
+	SYS___Y1_H                          = 0x7F2 // 2034
+	SYS___YN_H                          = 0x7F3 // 2035
+	SYS___CEILF_H                       = 0x7F4 // 2036
+	SYS___CEILL_H                       = 0x7F5 // 2037
+	SYS___FLOORF_H                      = 0x7F6 // 2038
+	SYS___FLOORL_H                      = 0x7F7 // 2039
+	SYS___MODFF_H                       = 0x7F8 // 2040
+	SYS___MODFL_H                       = 0x7F9 // 2041
+	SYS___FABSF_H                       = 0x7FA // 2042
+	SYS___FABSL_H                       = 0x7FB // 2043
+	SYS___MALLOC24                      = 0x7FC // 2044
+	SYS___MALLOC31                      = 0x7FD // 2045
+	SYS_ACL_INIT                        = 0x7FE // 2046
+	SYS_ACL_FREE                        = 0x7FF // 2047
+	SYS_ACL_FIRST_ENTRY                 = 0x800 // 2048
+	SYS_ACL_GET_ENTRY                   = 0x801 // 2049
+	SYS_ACL_VALID                       = 0x802 // 2050
+	SYS_ACL_CREATE_ENTRY                = 0x803 // 2051
+	SYS_ACL_DELETE_ENTRY                = 0x804 // 2052
+	SYS_ACL_UPDATE_ENTRY                = 0x805 // 2053
+	SYS_ACL_DELETE_FD                   = 0x806 // 2054
+	SYS_ACL_DELETE_FILE                 = 0x807 // 2055
+	SYS_ACL_GET_FD                      = 0x808 // 2056
+	SYS_ACL_GET_FILE                    = 0x809 // 2057
+	SYS_ACL_SET_FD                      = 0x80A // 2058
+	SYS_ACL_SET_FILE                    = 0x80B // 2059
+	SYS_ACL_FROM_TEXT                   = 0x80C // 2060
+	SYS_ACL_TO_TEXT                     = 0x80D // 2061
+	SYS_ACL_SORT                        = 0x80E // 2062
+	SYS___SHUTDOWN_REGISTRATION         = 0x80F // 2063
+	SYS___ERFL_B                        = 0x810 // 2064
+	SYS___ERFCL_B                       = 0x811 // 2065
+	SYS___LGAMMAL_B                     = 0x812 // 2066
+	SYS___SETHOOKEVENTS                 = 0x813 // 2067
+	SYS_IF_NAMETOINDEX                  = 0x814 // 2068
+	SYS_IF_INDEXTONAME                  = 0x815 // 2069
+	SYS_IF_NAMEINDEX                    = 0x816 // 2070
+	SYS_IF_FREENAMEINDEX                = 0x817 // 2071
+	SYS_GETADDRINFO                     = 0x818 // 2072
+	SYS_GETNAMEINFO                     = 0x819 // 2073
+	SYS_FREEADDRINFO                    = 0x81A // 2074
+	SYS_GAI_STRERROR                    = 0x81B // 2075
+	SYS_REXEC_AF                        = 0x81C // 2076
+	SYS___POE                           = 0x81D // 2077
+	SYS___DYNALLOC_A                    = 0x81F // 2079
+	SYS___DYNFREE_A                     = 0x820 // 2080
+	SYS___RES_QUERY_A                   = 0x821 // 2081
+	SYS___RES_SEARCH_A                  = 0x822 // 2082
+	SYS___RES_QUERYDOMAIN_A             = 0x823 // 2083
+	SYS___RES_MKQUERY_A                 = 0x824 // 2084
+	SYS___RES_SEND_A                    = 0x825 // 2085
+	SYS___DN_EXPAND_A                   = 0x826 // 2086
+	SYS___DN_SKIPNAME_A                 = 0x827 // 2087
+	SYS___DN_COMP_A                     = 0x828 // 2088
+	SYS___DN_FIND_A                     = 0x829 // 2089
+	SYS___NLIST_A                       = 0x82A // 2090
+	SYS_____TCGETCP_A                   = 0x82B // 2091
+	SYS_____TCSETCP_A                   = 0x82C // 2092
+	SYS_____W_PIOCTL_A                  = 0x82E // 2094
+	SYS___INET_ADDR_A                   = 0x82F // 2095
+	SYS___INET_NTOA_A                   = 0x830 // 2096
+	SYS___INET_NETWORK_A                = 0x831 // 2097
+	SYS___ACCEPT_A                      = 0x832 // 2098
+	SYS___ACCEPT_AND_RECV_A             = 0x833 // 2099
+	SYS___BIND_A                        = 0x834 // 2100
+	SYS___CONNECT_A                     = 0x835 // 2101
+	SYS___GETPEERNAME_A                 = 0x836 // 2102
+	SYS___GETSOCKNAME_A                 = 0x837 // 2103
+	SYS___RECVFROM_A                    = 0x838 // 2104
+	SYS___SENDTO_A                      = 0x839 // 2105
+	SYS___SENDMSG_A                     = 0x83A // 2106
+	SYS___RECVMSG_A                     = 0x83B // 2107
+	SYS_____LCHATTR_A                   = 0x83C // 2108
+	SYS___CABEND                        = 0x83D // 2109
+	SYS___LE_CIB_GET                    = 0x83E // 2110
+	SYS___SET_LAA_FOR_JIT               = 0x83F // 2111
+	SYS___LCHATTR                       = 0x840 // 2112
+	SYS___WRITEDOWN                     = 0x841 // 2113
+	SYS_PTHREAD_MUTEX_INIT2             = 0x842 // 2114
+	SYS___ACOSHF_B                      = 0x843 // 2115
+	SYS___ACOSHL_B                      = 0x844 // 2116
+	SYS___ASINHF_B                      = 0x845 // 2117
+	SYS___ASINHL_B                      = 0x846 // 2118
+	SYS___ATANHF_B                      = 0x847 // 2119
+	SYS___ATANHL_B                      = 0x848 // 2120
+	SYS___CBRTF_B                       = 0x849 // 2121
+	SYS___CBRTL_B                       = 0x84A // 2122
+	SYS___COPYSIGNF_B                   = 0x84B // 2123
+	SYS___COPYSIGNL_B                   = 0x84C // 2124
+	SYS___COTANF_B                      = 0x84D // 2125
+	SYS___COTAN_B                       = 0x84E // 2126
+	SYS___COTANL_B                      = 0x84F // 2127
+	SYS___EXP2F_B                       = 0x850 // 2128
+	SYS___EXP2L_B                       = 0x851 // 2129
+	SYS___EXPM1F_B                      = 0x852 // 2130
+	SYS___EXPM1L_B                      = 0x853 // 2131
+	SYS___FDIMF_B                       = 0x854 // 2132
+	SYS___FDIM_B                        = 0x855 // 2133
+	SYS___FDIML_B                       = 0x856 // 2134
+	SYS___HYPOTF_B                      = 0x857 // 2135
+	SYS___HYPOTL_B                      = 0x858 // 2136
+	SYS___LOG1PF_B                      = 0x859 // 2137
+	SYS___LOG1PL_B                      = 0x85A // 2138
+	SYS___LOG2F_B                       = 0x85B // 2139
+	SYS___LOG2_B                        = 0x85C // 2140
+	SYS___LOG2L_B                       = 0x85D // 2141
+	SYS___REMAINDERF_B                  = 0x85E // 2142
+	SYS___REMAINDERL_B                  = 0x85F // 2143
+	SYS___REMQUOF_B                     = 0x860 // 2144
+	SYS___REMQUO_B                      = 0x861 // 2145
+	SYS___REMQUOL_B                     = 0x862 // 2146
+	SYS___TGAMMAF_B                     = 0x863 // 2147
+	SYS___TGAMMA_B                      = 0x864 // 2148
+	SYS___TGAMMAL_B                     = 0x865 // 2149
+	SYS___TRUNCF_B                      = 0x866 // 2150
+	SYS___TRUNC_B                       = 0x867 // 2151
+	SYS___TRUNCL_B                      = 0x868 // 2152
+	SYS___LGAMMAF_B                     = 0x869 // 2153
+	SYS___LROUNDF_B                     = 0x86A // 2154
+	SYS___LROUND_B                      = 0x86B // 2155
+	SYS___ERFF_B                        = 0x86C // 2156
+	SYS___ERFCF_B                       = 0x86D // 2157
+	SYS_ACOSHF                          = 0x86E // 2158
+	SYS_ACOSHL                          = 0x86F // 2159
+	SYS_ASINHF                          = 0x870 // 2160
+	SYS_ASINHL                          = 0x871 // 2161
+	SYS_ATANHF                          = 0x872 // 2162
+	SYS_ATANHL                          = 0x873 // 2163
+	SYS_CBRTF                           = 0x874 // 2164
+	SYS_CBRTL                           = 0x875 // 2165
+	SYS_COPYSIGNF                       = 0x876 // 2166
+	SYS_CPYSIGNF                        = 0x876 // 2166
+	SYS_COPYSIGNL                       = 0x877 // 2167
+	SYS_CPYSIGNL                        = 0x877 // 2167
+	SYS_COTANF                          = 0x878 // 2168
+	SYS___COTANF                        = 0x878 // 2168
+	SYS_COTAN                           = 0x879 // 2169
+	SYS___COTAN                         = 0x879 // 2169
+	SYS_COTANL                          = 0x87A // 2170
+	SYS___COTANL                        = 0x87A // 2170
+	SYS_EXP2F                           = 0x87B // 2171
+	SYS_EXP2L                           = 0x87C // 2172
+	SYS_EXPM1F                          = 0x87D // 2173
+	SYS_EXPM1L                          = 0x87E // 2174
+	SYS_FDIMF                           = 0x87F // 2175
+	SYS_FDIM                            = 0x881 // 2177
+	SYS_FDIML                           = 0x882 // 2178
+	SYS_HYPOTF                          = 0x883 // 2179
+	SYS_HYPOTL                          = 0x884 // 2180
+	SYS_LOG1PF                          = 0x885 // 2181
+	SYS_LOG1PL                          = 0x886 // 2182
+	SYS_LOG2F                           = 0x887 // 2183
+	SYS_LOG2                            = 0x888 // 2184
+	SYS_LOG2L                           = 0x889 // 2185
+	SYS_REMAINDERF                      = 0x88A // 2186
+	SYS_REMAINDF                        = 0x88A // 2186
+	SYS_REMAINDERL                      = 0x88B // 2187
+	SYS_REMAINDL                        = 0x88B // 2187
+	SYS_REMQUOF                         = 0x88C // 2188
+	SYS_REMQUO                          = 0x88D // 2189
+	SYS_REMQUOL                         = 0x88E // 2190
+	SYS_TGAMMAF                         = 0x88F // 2191
+	SYS_TGAMMA                          = 0x890 // 2192
+	SYS_TGAMMAL                         = 0x891 // 2193
+	SYS_TRUNCF                          = 0x892 // 2194
+	SYS_TRUNC                           = 0x893 // 2195
+	SYS_TRUNCL                          = 0x894 // 2196
+	SYS_LGAMMAF                         = 0x895 // 2197
+	SYS_LGAMMAL                         = 0x896 // 2198
+	SYS_LROUNDF                         = 0x897 // 2199
+	SYS_LROUND                          = 0x898 // 2200
+	SYS_ERFF                            = 0x899 // 2201
+	SYS_ERFL                            = 0x89A // 2202
+	SYS_ERFCF                           = 0x89B // 2203
+	SYS_ERFCL                           = 0x89C // 2204
+	SYS___EXP2_B                        = 0x89D // 2205
+	SYS_EXP2                            = 0x89E // 2206
+	SYS___FAR_JUMP                      = 0x89F // 2207
+	SYS___TCGETATTR_A                   = 0x8A1 // 2209
+	SYS___TCSETATTR_A                   = 0x8A2 // 2210
+	SYS___SUPERKILL                     = 0x8A4 // 2212
+	SYS___LE_CONDITION_TOKEN_BUILD      = 0x8A5 // 2213
+	SYS___LE_MSG_ADD_INSERT             = 0x8A6 // 2214
+	SYS___LE_MSG_GET                    = 0x8A7 // 2215
+	SYS___LE_MSG_GET_AND_WRITE          = 0x8A8 // 2216
+	SYS___LE_MSG_WRITE                  = 0x8A9 // 2217
+	SYS___ITOA                          = 0x8AA // 2218
+	SYS___UTOA                          = 0x8AB // 2219
+	SYS___LTOA                          = 0x8AC // 2220
+	SYS___ULTOA                         = 0x8AD // 2221
+	SYS___LLTOA                         = 0x8AE // 2222
+	SYS___ULLTOA                        = 0x8AF // 2223
+	SYS___ITOA_A                        = 0x8B0 // 2224
+	SYS___UTOA_A                        = 0x8B1 // 2225
+	SYS___LTOA_A                        = 0x8B2 // 2226
+	SYS___ULTOA_A                       = 0x8B3 // 2227
+	SYS___LLTOA_A                       = 0x8B4 // 2228
+	SYS___ULLTOA_A                      = 0x8B5 // 2229
+	SYS_____GETENV_A                    = 0x8C3 // 2243
+	SYS___REXEC_A                       = 0x8C4 // 2244
+	SYS___REXEC_AF_A                    = 0x8C5 // 2245
+	SYS___GETUTXENT_A                   = 0x8C6 // 2246
+	SYS___GETUTXID_A                    = 0x8C7 // 2247
+	SYS___GETUTXLINE_A                  = 0x8C8 // 2248
+	SYS___PUTUTXLINE_A                  = 0x8C9 // 2249
+	SYS_____UTMPXNAME_A                 = 0x8CA // 2250
+	SYS___PUTC_UNLOCKED_A               = 0x8CB // 2251
+	SYS___PUTCHAR_UNLOCKED_A            = 0x8CC // 2252
+	SYS___SNPRINTF_A                    = 0x8CD // 2253
+	SYS___VSNPRINTF_A                   = 0x8CE // 2254
+	SYS___DLOPEN_A                      = 0x8D0 // 2256
+	SYS___DLSYM_A                       = 0x8D1 // 2257
+	SYS___DLERROR_A                     = 0x8D2 // 2258
+	SYS_FLOCKFILE                       = 0x8D3 // 2259
+	SYS_FTRYLOCKFILE                    = 0x8D4 // 2260
+	SYS_FUNLOCKFILE                     = 0x8D5 // 2261
+	SYS_GETC_UNLOCKED                   = 0x8D6 // 2262
+	SYS_GETCHAR_UNLOCKED                = 0x8D7 // 2263
+	SYS_PUTC_UNLOCKED                   = 0x8D8 // 2264
+	SYS_PUTCHAR_UNLOCKED                = 0x8D9 // 2265
+	SYS_SNPRINTF                        = 0x8DA // 2266
+	SYS_VSNPRINTF                       = 0x8DB // 2267
+	SYS_DLOPEN                          = 0x8DD // 2269
+	SYS_DLSYM                           = 0x8DE // 2270
+	SYS_DLCLOSE                         = 0x8DF // 2271
+	SYS_DLERROR                         = 0x8E0 // 2272
+	SYS___SET_EXCEPTION_HANDLER         = 0x8E2 // 2274
+	SYS___RESET_EXCEPTION_HANDLER       = 0x8E3 // 2275
+	SYS___VHM_EVENT                     = 0x8E4 // 2276
+	SYS___ABS_H                         = 0x8E6 // 2278
+	SYS___ABSF_H                        = 0x8E7 // 2279
+	SYS___ABSL_H                        = 0x8E8 // 2280
+	SYS___ACOS_H                        = 0x8E9 // 2281
+	SYS___ACOSF_H                       = 0x8EA // 2282
+	SYS___ACOSL_H                       = 0x8EB // 2283
+	SYS___ACOSH_H                       = 0x8EC // 2284
+	SYS___ASIN_H                        = 0x8ED // 2285
+	SYS___ASINF_H                       = 0x8EE // 2286
+	SYS___ASINL_H                       = 0x8EF // 2287
+	SYS___ASINH_H                       = 0x8F0 // 2288
+	SYS___ATAN_H                        = 0x8F1 // 2289
+	SYS___ATANF_H                       = 0x8F2 // 2290
+	SYS___ATANL_H                       = 0x8F3 // 2291
+	SYS___ATANH_H                       = 0x8F4 // 2292
+	SYS___ATANHF_H                      = 0x8F5 // 2293
+	SYS___ATANHL_H                      = 0x8F6 // 2294
+	SYS___ATAN2_H                       = 0x8F7 // 2295
+	SYS___ATAN2F_H                      = 0x8F8 // 2296
+	SYS___ATAN2L_H                      = 0x8F9 // 2297
+	SYS___CBRT_H                        = 0x8FA // 2298
+	SYS___COPYSIGNF_H                   = 0x8FB // 2299
+	SYS___COPYSIGNL_H                   = 0x8FC // 2300
+	SYS___COS_H                         = 0x8FD // 2301
+	SYS___COSF_H                        = 0x8FE // 2302
+	SYS___COSL_H                        = 0x8FF // 2303
+	SYS___COSHF_H                       = 0x900 // 2304
+	SYS___COSHL_H                       = 0x901 // 2305
+	SYS___COTAN_H                       = 0x902 // 2306
+	SYS___COTANF_H                      = 0x903 // 2307
+	SYS___COTANL_H                      = 0x904 // 2308
+	SYS___ERF_H                         = 0x905 // 2309
+	SYS___ERFF_H                        = 0x906 // 2310
+	SYS___ERFL_H                        = 0x907 // 2311
+	SYS___ERFC_H                        = 0x908 // 2312
+	SYS___ERFCF_H                       = 0x909 // 2313
+	SYS___ERFCL_H                       = 0x90A // 2314
+	SYS___EXP_H                         = 0x90B // 2315
+	SYS___EXPF_H                        = 0x90C // 2316
+	SYS___EXPL_H                        = 0x90D // 2317
+	SYS___EXPM1_H                       = 0x90E // 2318
+	SYS___FDIM_H                        = 0x90F // 2319
+	SYS___FDIMF_H                       = 0x910 // 2320
+	SYS___FDIML_H                       = 0x911 // 2321
+	SYS___FMOD_H                        = 0x912 // 2322
+	SYS___FMODF_H                       = 0x913 // 2323
+	SYS___FMODL_H                       = 0x914 // 2324
+	SYS___GAMMA_H                       = 0x915 // 2325
+	SYS___HYPOT_H                       = 0x916 // 2326
+	SYS___ILOGB_H                       = 0x917 // 2327
+	SYS___LGAMMA_H                      = 0x918 // 2328
+	SYS___LGAMMAF_H                     = 0x919 // 2329
+	SYS___LOG_H                         = 0x91A // 2330
+	SYS___LOGF_H                        = 0x91B // 2331
+	SYS___LOGL_H                        = 0x91C // 2332
+	SYS___LOGB_H                        = 0x91D // 2333
+	SYS___LOG2_H                        = 0x91E // 2334
+	SYS___LOG2F_H                       = 0x91F // 2335
+	SYS___LOG2L_H                       = 0x920 // 2336
+	SYS___LOG1P_H                       = 0x921 // 2337
+	SYS___LOG10_H                       = 0x922 // 2338
+	SYS___LOG10F_H                      = 0x923 // 2339
+	SYS___LOG10L_H                      = 0x924 // 2340
+	SYS___LROUND_H                      = 0x925 // 2341
+	SYS___LROUNDF_H                     = 0x926 // 2342
+	SYS___NEXTAFTER_H                   = 0x927 // 2343
+	SYS___POW_H                         = 0x928 // 2344
+	SYS___POWF_H                        = 0x929 // 2345
+	SYS___POWL_H                        = 0x92A // 2346
+	SYS___REMAINDER_H                   = 0x92B // 2347
+	SYS___RINT_H                        = 0x92C // 2348
+	SYS___SCALB_H                       = 0x92D // 2349
+	SYS___SIN_H                         = 0x92E // 2350
+	SYS___SINF_H                        = 0x92F // 2351
+	SYS___SINL_H                        = 0x930 // 2352
+	SYS___SINH_H                        = 0x931 // 2353
+	SYS___SINHF_H                       = 0x932 // 2354
+	SYS___SINHL_H                       = 0x933 // 2355
+	SYS___SQRT_H                        = 0x934 // 2356
+	SYS___SQRTF_H                       = 0x935 // 2357
+	SYS___SQRTL_H                       = 0x936 // 2358
+	SYS___TAN_H                         = 0x937 // 2359
+	SYS___TANF_H                        = 0x938 // 2360
+	SYS___TANL_H                        = 0x939 // 2361
+	SYS___TANH_H                        = 0x93A // 2362
+	SYS___TANHF_H                       = 0x93B // 2363
+	SYS___TANHL_H                       = 0x93C // 2364
+	SYS___TGAMMA_H                      = 0x93D // 2365
+	SYS___TGAMMAF_H                     = 0x93E // 2366
+	SYS___TRUNC_H                       = 0x93F // 2367
+	SYS___TRUNCF_H                      = 0x940 // 2368
+	SYS___TRUNCL_H                      = 0x941 // 2369
+	SYS___COSH_H                        = 0x942 // 2370
+	SYS___LE_DEBUG_SET_RESUME_MCH       = 0x943 // 2371
+	SYS_VFSCANF                         = 0x944 // 2372
+	SYS_VSCANF                          = 0x946 // 2374
+	SYS_VSSCANF                         = 0x948 // 2376
+	SYS_VFWSCANF                        = 0x94A // 2378
+	SYS_VWSCANF                         = 0x94C // 2380
+	SYS_VSWSCANF                        = 0x94E // 2382
+	SYS_IMAXABS                         = 0x950 // 2384
+	SYS_IMAXDIV                         = 0x951 // 2385
+	SYS_STRTOIMAX                       = 0x952 // 2386
+	SYS_STRTOUMAX                       = 0x953 // 2387
+	SYS_WCSTOIMAX                       = 0x954 // 2388
+	SYS_WCSTOUMAX                       = 0x955 // 2389
+	SYS_ATOLL                           = 0x956 // 2390
+	SYS_STRTOF                          = 0x957 // 2391
+	SYS_STRTOLD                         = 0x958 // 2392
+	SYS_WCSTOF                          = 0x959 // 2393
+	SYS_WCSTOLD                         = 0x95A // 2394
+	SYS_INET6_RTH_SPACE                 = 0x95B // 2395
+	SYS_INET6_RTH_INIT                  = 0x95C // 2396
+	SYS_INET6_RTH_ADD                   = 0x95D // 2397
+	SYS_INET6_RTH_REVERSE               = 0x95E // 2398
+	SYS_INET6_RTH_SEGMENTS              = 0x95F // 2399
+	SYS_INET6_RTH_GETADDR               = 0x960 // 2400
+	SYS_INET6_OPT_INIT                  = 0x961 // 2401
+	SYS_INET6_OPT_APPEND                = 0x962 // 2402
+	SYS_INET6_OPT_FINISH                = 0x963 // 2403
+	SYS_INET6_OPT_SET_VAL               = 0x964 // 2404
+	SYS_INET6_OPT_NEXT                  = 0x965 // 2405
+	SYS_INET6_OPT_FIND                  = 0x966 // 2406
+	SYS_INET6_OPT_GET_VAL               = 0x967 // 2407
+	SYS___POW_I                         = 0x987 // 2439
+	SYS___POW_I_B                       = 0x988 // 2440
+	SYS___POW_I_H                       = 0x989 // 2441
+	SYS___POW_II                        = 0x98A // 2442
+	SYS___POW_II_B                      = 0x98B // 2443
+	SYS___POW_II_H                      = 0x98C // 2444
+	SYS_CABS                            = 0x98E // 2446
+	SYS___CABS_B                        = 0x98F // 2447
+	SYS___CABS_H                        = 0x990 // 2448
+	SYS_CABSF                           = 0x991 // 2449
+	SYS___CABSF_B                       = 0x992 // 2450
+	SYS___CABSF_H                       = 0x993 // 2451
+	SYS_CABSL                           = 0x994 // 2452
+	SYS___CABSL_B                       = 0x995 // 2453
+	SYS___CABSL_H                       = 0x996 // 2454
+	SYS_CACOS                           = 0x997 // 2455
+	SYS___CACOS_B                       = 0x998 // 2456
+	SYS___CACOS_H                       = 0x999 // 2457
+	SYS_CACOSF                          = 0x99A // 2458
+	SYS___CACOSF_B                      = 0x99B // 2459
+	SYS___CACOSF_H                      = 0x99C // 2460
+	SYS_CACOSL                          = 0x99D // 2461
+	SYS___CACOSL_B                      = 0x99E // 2462
+	SYS___CACOSL_H                      = 0x99F // 2463
+	SYS_CACOSH                          = 0x9A0 // 2464
+	SYS___CACOSH_B                      = 0x9A1 // 2465
+	SYS___CACOSH_H                      = 0x9A2 // 2466
+	SYS_CACOSHF                         = 0x9A3 // 2467
+	SYS___CACOSHF_B                     = 0x9A4 // 2468
+	SYS___CACOSHF_H                     = 0x9A5 // 2469
+	SYS_CACOSHL                         = 0x9A6 // 2470
+	SYS___CACOSHL_B                     = 0x9A7 // 2471
+	SYS___CACOSHL_H                     = 0x9A8 // 2472
+	SYS_CARG                            = 0x9A9 // 2473
+	SYS___CARG_B                        = 0x9AA // 2474
+	SYS___CARG_H                        = 0x9AB // 2475
+	SYS_CARGF                           = 0x9AC // 2476
+	SYS___CARGF_B                       = 0x9AD // 2477
+	SYS___CARGF_H                       = 0x9AE // 2478
+	SYS_CARGL                           = 0x9AF // 2479
+	SYS___CARGL_B                       = 0x9B0 // 2480
+	SYS___CARGL_H                       = 0x9B1 // 2481
+	SYS_CASIN                           = 0x9B2 // 2482
+	SYS___CASIN_B                       = 0x9B3 // 2483
+	SYS___CASIN_H                       = 0x9B4 // 2484
+	SYS_CASINF                          = 0x9B5 // 2485
+	SYS___CASINF_B                      = 0x9B6 // 2486
+	SYS___CASINF_H                      = 0x9B7 // 2487
+	SYS_CASINL                          = 0x9B8 // 2488
+	SYS___CASINL_B                      = 0x9B9 // 2489
+	SYS___CASINL_H                      = 0x9BA // 2490
+	SYS_CASINH                          = 0x9BB // 2491
+	SYS___CASINH_B                      = 0x9BC // 2492
+	SYS___CASINH_H                      = 0x9BD // 2493
+	SYS_CASINHF                         = 0x9BE // 2494
+	SYS___CASINHF_B                     = 0x9BF // 2495
+	SYS___CASINHF_H                     = 0x9C0 // 2496
+	SYS_CASINHL                         = 0x9C1 // 2497
+	SYS___CASINHL_B                     = 0x9C2 // 2498
+	SYS___CASINHL_H                     = 0x9C3 // 2499
+	SYS_CATAN                           = 0x9C4 // 2500
+	SYS___CATAN_B                       = 0x9C5 // 2501
+	SYS___CATAN_H                       = 0x9C6 // 2502
+	SYS_CATANF                          = 0x9C7 // 2503
+	SYS___CATANF_B                      = 0x9C8 // 2504
+	SYS___CATANF_H                      = 0x9C9 // 2505
+	SYS_CATANL                          = 0x9CA // 2506
+	SYS___CATANL_B                      = 0x9CB // 2507
+	SYS___CATANL_H                      = 0x9CC // 2508
+	SYS_CATANH                          = 0x9CD // 2509
+	SYS___CATANH_B                      = 0x9CE // 2510
+	SYS___CATANH_H                      = 0x9CF // 2511
+	SYS_CATANHF                         = 0x9D0 // 2512
+	SYS___CATANHF_B                     = 0x9D1 // 2513
+	SYS___CATANHF_H                     = 0x9D2 // 2514
+	SYS_CATANHL                         = 0x9D3 // 2515
+	SYS___CATANHL_B                     = 0x9D4 // 2516
+	SYS___CATANHL_H                     = 0x9D5 // 2517
+	SYS_CCOS                            = 0x9D6 // 2518
+	SYS___CCOS_B                        = 0x9D7 // 2519
+	SYS___CCOS_H                        = 0x9D8 // 2520
+	SYS_CCOSF                           = 0x9D9 // 2521
+	SYS___CCOSF_B                       = 0x9DA // 2522
+	SYS___CCOSF_H                       = 0x9DB // 2523
+	SYS_CCOSL                           = 0x9DC // 2524
+	SYS___CCOSL_B                       = 0x9DD // 2525
+	SYS___CCOSL_H                       = 0x9DE // 2526
+	SYS_CCOSH                           = 0x9DF // 2527
+	SYS___CCOSH_B                       = 0x9E0 // 2528
+	SYS___CCOSH_H                       = 0x9E1 // 2529
+	SYS_CCOSHF                          = 0x9E2 // 2530
+	SYS___CCOSHF_B                      = 0x9E3 // 2531
+	SYS___CCOSHF_H                      = 0x9E4 // 2532
+	SYS_CCOSHL                          = 0x9E5 // 2533
+	SYS___CCOSHL_B                      = 0x9E6 // 2534
+	SYS___CCOSHL_H                      = 0x9E7 // 2535
+	SYS_CEXP                            = 0x9E8 // 2536
+	SYS___CEXP_B                        = 0x9E9 // 2537
+	SYS___CEXP_H                        = 0x9EA // 2538
+	SYS_CEXPF                           = 0x9EB // 2539
+	SYS___CEXPF_B                       = 0x9EC // 2540
+	SYS___CEXPF_H                       = 0x9ED // 2541
+	SYS_CEXPL                           = 0x9EE // 2542
+	SYS___CEXPL_B                       = 0x9EF // 2543
+	SYS___CEXPL_H                       = 0x9F0 // 2544
+	SYS_CIMAG                           = 0x9F1 // 2545
+	SYS___CIMAG_B                       = 0x9F2 // 2546
+	SYS___CIMAG_H                       = 0x9F3 // 2547
+	SYS_CIMAGF                          = 0x9F4 // 2548
+	SYS___CIMAGF_B                      = 0x9F5 // 2549
+	SYS___CIMAGF_H                      = 0x9F6 // 2550
+	SYS_CIMAGL                          = 0x9F7 // 2551
+	SYS___CIMAGL_B                      = 0x9F8 // 2552
+	SYS___CIMAGL_H                      = 0x9F9 // 2553
+	SYS___CLOG                          = 0x9FA // 2554
+	SYS___CLOG_B                        = 0x9FB // 2555
+	SYS___CLOG_H                        = 0x9FC // 2556
+	SYS_CLOGF                           = 0x9FD // 2557
+	SYS___CLOGF_B                       = 0x9FE // 2558
+	SYS___CLOGF_H                       = 0x9FF // 2559
+	SYS_CLOGL                           = 0xA00 // 2560
+	SYS___CLOGL_B                       = 0xA01 // 2561
+	SYS___CLOGL_H                       = 0xA02 // 2562
+	SYS_CONJ                            = 0xA03 // 2563
+	SYS___CONJ_B                        = 0xA04 // 2564
+	SYS___CONJ_H                        = 0xA05 // 2565
+	SYS_CONJF                           = 0xA06 // 2566
+	SYS___CONJF_B                       = 0xA07 // 2567
+	SYS___CONJF_H                       = 0xA08 // 2568
+	SYS_CONJL                           = 0xA09 // 2569
+	SYS___CONJL_B                       = 0xA0A // 2570
+	SYS___CONJL_H                       = 0xA0B // 2571
+	SYS_CPOW                            = 0xA0C // 2572
+	SYS___CPOW_B                        = 0xA0D // 2573
+	SYS___CPOW_H                        = 0xA0E // 2574
+	SYS_CPOWF                           = 0xA0F // 2575
+	SYS___CPOWF_B                       = 0xA10 // 2576
+	SYS___CPOWF_H                       = 0xA11 // 2577
+	SYS_CPOWL                           = 0xA12 // 2578
+	SYS___CPOWL_B                       = 0xA13 // 2579
+	SYS___CPOWL_H                       = 0xA14 // 2580
+	SYS_CPROJ                           = 0xA15 // 2581
+	SYS___CPROJ_B                       = 0xA16 // 2582
+	SYS___CPROJ_H                       = 0xA17 // 2583
+	SYS_CPROJF                          = 0xA18 // 2584
+	SYS___CPROJF_B                      = 0xA19 // 2585
+	SYS___CPROJF_H                      = 0xA1A // 2586
+	SYS_CPROJL                          = 0xA1B // 2587
+	SYS___CPROJL_B                      = 0xA1C // 2588
+	SYS___CPROJL_H                      = 0xA1D // 2589
+	SYS_CREAL                           = 0xA1E // 2590
+	SYS___CREAL_B                       = 0xA1F // 2591
+	SYS___CREAL_H                       = 0xA20 // 2592
+	SYS_CREALF                          = 0xA21 // 2593
+	SYS___CREALF_B                      = 0xA22 // 2594
+	SYS___CREALF_H                      = 0xA23 // 2595
+	SYS_CREALL                          = 0xA24 // 2596
+	SYS___CREALL_B                      = 0xA25 // 2597
+	SYS___CREALL_H                      = 0xA26 // 2598
+	SYS_CSIN                            = 0xA27 // 2599
+	SYS___CSIN_B                        = 0xA28 // 2600
+	SYS___CSIN_H                        = 0xA29 // 2601
+	SYS_CSINF                           = 0xA2A // 2602
+	SYS___CSINF_B                       = 0xA2B // 2603
+	SYS___CSINF_H                       = 0xA2C // 2604
+	SYS_CSINL                           = 0xA2D // 2605
+	SYS___CSINL_B                       = 0xA2E // 2606
+	SYS___CSINL_H                       = 0xA2F // 2607
+	SYS_CSINH                           = 0xA30 // 2608
+	SYS___CSINH_B                       = 0xA31 // 2609
+	SYS___CSINH_H                       = 0xA32 // 2610
+	SYS_CSINHF                          = 0xA33 // 2611
+	SYS___CSINHF_B                      = 0xA34 // 2612
+	SYS___CSINHF_H                      = 0xA35 // 2613
+	SYS_CSINHL                          = 0xA36 // 2614
+	SYS___CSINHL_B                      = 0xA37 // 2615
+	SYS___CSINHL_H                      = 0xA38 // 2616
+	SYS_CSQRT                           = 0xA39 // 2617
+	SYS___CSQRT_B                       = 0xA3A // 2618
+	SYS___CSQRT_H                       = 0xA3B // 2619
+	SYS_CSQRTF                          = 0xA3C // 2620
+	SYS___CSQRTF_B                      = 0xA3D // 2621
+	SYS___CSQRTF_H                      = 0xA3E // 2622
+	SYS_CSQRTL                          = 0xA3F // 2623
+	SYS___CSQRTL_B                      = 0xA40 // 2624
+	SYS___CSQRTL_H                      = 0xA41 // 2625
+	SYS_CTAN                            = 0xA42 // 2626
+	SYS___CTAN_B                        = 0xA43 // 2627
+	SYS___CTAN_H                        = 0xA44 // 2628
+	SYS_CTANF                           = 0xA45 // 2629
+	SYS___CTANF_B                       = 0xA46 // 2630
+	SYS___CTANF_H                       = 0xA47 // 2631
+	SYS_CTANL                           = 0xA48 // 2632
+	SYS___CTANL_B                       = 0xA49 // 2633
+	SYS___CTANL_H                       = 0xA4A // 2634
+	SYS_CTANH                           = 0xA4B // 2635
+	SYS___CTANH_B                       = 0xA4C // 2636
+	SYS___CTANH_H                       = 0xA4D // 2637
+	SYS_CTANHF                          = 0xA4E // 2638
+	SYS___CTANHF_B                      = 0xA4F // 2639
+	SYS___CTANHF_H                      = 0xA50 // 2640
+	SYS_CTANHL                          = 0xA51 // 2641
+	SYS___CTANHL_B                      = 0xA52 // 2642
+	SYS___CTANHL_H                      = 0xA53 // 2643
+	SYS___ACOSHF_H                      = 0xA54 // 2644
+	SYS___ACOSHL_H                      = 0xA55 // 2645
+	SYS___ASINHF_H                      = 0xA56 // 2646
+	SYS___ASINHL_H                      = 0xA57 // 2647
+	SYS___CBRTF_H                       = 0xA58 // 2648
+	SYS___CBRTL_H                       = 0xA59 // 2649
+	SYS___COPYSIGN_B                    = 0xA5A // 2650
+	SYS___EXPM1F_H                      = 0xA5B // 2651
+	SYS___EXPM1L_H                      = 0xA5C // 2652
+	SYS___EXP2_H                        = 0xA5D // 2653
+	SYS___EXP2F_H                       = 0xA5E // 2654
+	SYS___EXP2L_H                       = 0xA5F // 2655
+	SYS___LOG1PF_H                      = 0xA60 // 2656
+	SYS___LOG1PL_H                      = 0xA61 // 2657
+	SYS___LGAMMAL_H                     = 0xA62 // 2658
+	SYS_FMA                             = 0xA63 // 2659
+	SYS___FMA_B                         = 0xA64 // 2660
+	SYS___FMA_H                         = 0xA65 // 2661
+	SYS_FMAF                            = 0xA66 // 2662
+	SYS___FMAF_B                        = 0xA67 // 2663
+	SYS___FMAF_H                        = 0xA68 // 2664
+	SYS_FMAL                            = 0xA69 // 2665
+	SYS___FMAL_B                        = 0xA6A // 2666
+	SYS___FMAL_H                        = 0xA6B // 2667
+	SYS_FMAX                            = 0xA6C // 2668
+	SYS___FMAX_B                        = 0xA6D // 2669
+	SYS___FMAX_H                        = 0xA6E // 2670
+	SYS_FMAXF                           = 0xA6F // 2671
+	SYS___FMAXF_B                       = 0xA70 // 2672
+	SYS___FMAXF_H                       = 0xA71 // 2673
+	SYS_FMAXL                           = 0xA72 // 2674
+	SYS___FMAXL_B                       = 0xA73 // 2675
+	SYS___FMAXL_H                       = 0xA74 // 2676
+	SYS_FMIN                            = 0xA75 // 2677
+	SYS___FMIN_B                        = 0xA76 // 2678
+	SYS___FMIN_H                        = 0xA77 // 2679
+	SYS_FMINF                           = 0xA78 // 2680
+	SYS___FMINF_B                       = 0xA79 // 2681
+	SYS___FMINF_H                       = 0xA7A // 2682
+	SYS_FMINL                           = 0xA7B // 2683
+	SYS___FMINL_B                       = 0xA7C // 2684
+	SYS___FMINL_H                       = 0xA7D // 2685
+	SYS_ILOGBF                          = 0xA7E // 2686
+	SYS___ILOGBF_B                      = 0xA7F // 2687
+	SYS___ILOGBF_H                      = 0xA80 // 2688
+	SYS_ILOGBL                          = 0xA81 // 2689
+	SYS___ILOGBL_B                      = 0xA82 // 2690
+	SYS___ILOGBL_H                      = 0xA83 // 2691
+	SYS_LLRINT                          = 0xA84 // 2692
+	SYS___LLRINT_B                      = 0xA85 // 2693
+	SYS___LLRINT_H                      = 0xA86 // 2694
+	SYS_LLRINTF                         = 0xA87 // 2695
+	SYS___LLRINTF_B                     = 0xA88 // 2696
+	SYS___LLRINTF_H                     = 0xA89 // 2697
+	SYS_LLRINTL                         = 0xA8A // 2698
+	SYS___LLRINTL_B                     = 0xA8B // 2699
+	SYS___LLRINTL_H                     = 0xA8C // 2700
+	SYS_LLROUND                         = 0xA8D // 2701
+	SYS___LLROUND_B                     = 0xA8E // 2702
+	SYS___LLROUND_H                     = 0xA8F // 2703
+	SYS_LLROUNDF                        = 0xA90 // 2704
+	SYS___LLROUNDF_B                    = 0xA91 // 2705
+	SYS___LLROUNDF_H                    = 0xA92 // 2706
+	SYS_LLROUNDL                        = 0xA93 // 2707
+	SYS___LLROUNDL_B                    = 0xA94 // 2708
+	SYS___LLROUNDL_H                    = 0xA95 // 2709
+	SYS_LOGBF                           = 0xA96 // 2710
+	SYS___LOGBF_B                       = 0xA97 // 2711
+	SYS___LOGBF_H                       = 0xA98 // 2712
+	SYS_LOGBL                           = 0xA99 // 2713
+	SYS___LOGBL_B                       = 0xA9A // 2714
+	SYS___LOGBL_H                       = 0xA9B // 2715
+	SYS_LRINT                           = 0xA9C // 2716
+	SYS___LRINT_B                       = 0xA9D // 2717
+	SYS___LRINT_H                       = 0xA9E // 2718
+	SYS_LRINTF                          = 0xA9F // 2719
+	SYS___LRINTF_B                      = 0xAA0 // 2720
+	SYS___LRINTF_H                      = 0xAA1 // 2721
+	SYS_LRINTL                          = 0xAA2 // 2722
+	SYS___LRINTL_B                      = 0xAA3 // 2723
+	SYS___LRINTL_H                      = 0xAA4 // 2724
+	SYS_LROUNDL                         = 0xAA5 // 2725
+	SYS___LROUNDL_B                     = 0xAA6 // 2726
+	SYS___LROUNDL_H                     = 0xAA7 // 2727
+	SYS_NAN                             = 0xAA8 // 2728
+	SYS___NAN_B                         = 0xAA9 // 2729
+	SYS_NANF                            = 0xAAA // 2730
+	SYS___NANF_B                        = 0xAAB // 2731
+	SYS_NANL                            = 0xAAC // 2732
+	SYS___NANL_B                        = 0xAAD // 2733
+	SYS_NEARBYINT                       = 0xAAE // 2734
+	SYS___NEARBYINT_B                   = 0xAAF // 2735
+	SYS___NEARBYINT_H                   = 0xAB0 // 2736
+	SYS_NEARBYINTF                      = 0xAB1 // 2737
+	SYS___NEARBYINTF_B                  = 0xAB2 // 2738
+	SYS___NEARBYINTF_H                  = 0xAB3 // 2739
+	SYS_NEARBYINTL                      = 0xAB4 // 2740
+	SYS___NEARBYINTL_B                  = 0xAB5 // 2741
+	SYS___NEARBYINTL_H                  = 0xAB6 // 2742
+	SYS_NEXTAFTERF                      = 0xAB7 // 2743
+	SYS___NEXTAFTERF_B                  = 0xAB8 // 2744
+	SYS___NEXTAFTERF_H                  = 0xAB9 // 2745
+	SYS_NEXTAFTERL                      = 0xABA // 2746
+	SYS___NEXTAFTERL_B                  = 0xABB // 2747
+	SYS___NEXTAFTERL_H                  = 0xABC // 2748
+	SYS_NEXTTOWARD                      = 0xABD // 2749
+	SYS___NEXTTOWARD_B                  = 0xABE // 2750
+	SYS___NEXTTOWARD_H                  = 0xABF // 2751
+	SYS_NEXTTOWARDF                     = 0xAC0 // 2752
+	SYS___NEXTTOWARDF_B                 = 0xAC1 // 2753
+	SYS___NEXTTOWARDF_H                 = 0xAC2 // 2754
+	SYS_NEXTTOWARDL                     = 0xAC3 // 2755
+	SYS___NEXTTOWARDL_B                 = 0xAC4 // 2756
+	SYS___NEXTTOWARDL_H                 = 0xAC5 // 2757
+	SYS___REMAINDERF_H                  = 0xAC6 // 2758
+	SYS___REMAINDERL_H                  = 0xAC7 // 2759
+	SYS___REMQUO_H                      = 0xAC8 // 2760
+	SYS___REMQUOF_H                     = 0xAC9 // 2761
+	SYS___REMQUOL_H                     = 0xACA // 2762
+	SYS_RINTF                           = 0xACB // 2763
+	SYS___RINTF_B                       = 0xACC // 2764
+	SYS_RINTL                           = 0xACD // 2765
+	SYS___RINTL_B                       = 0xACE // 2766
+	SYS_ROUND                           = 0xACF // 2767
+	SYS___ROUND_B                       = 0xAD0 // 2768
+	SYS___ROUND_H                       = 0xAD1 // 2769
+	SYS_ROUNDF                          = 0xAD2 // 2770
+	SYS___ROUNDF_B                      = 0xAD3 // 2771
+	SYS___ROUNDF_H                      = 0xAD4 // 2772
+	SYS_ROUNDL                          = 0xAD5 // 2773
+	SYS___ROUNDL_B                      = 0xAD6 // 2774
+	SYS___ROUNDL_H                      = 0xAD7 // 2775
+	SYS_SCALBLN                         = 0xAD8 // 2776
+	SYS___SCALBLN_B                     = 0xAD9 // 2777
+	SYS___SCALBLN_H                     = 0xADA // 2778
+	SYS_SCALBLNF                        = 0xADB // 2779
+	SYS___SCALBLNF_B                    = 0xADC // 2780
+	SYS___SCALBLNF_H                    = 0xADD // 2781
+	SYS_SCALBLNL                        = 0xADE // 2782
+	SYS___SCALBLNL_B                    = 0xADF // 2783
+	SYS___SCALBLNL_H                    = 0xAE0 // 2784
+	SYS___SCALBN_B                      = 0xAE1 // 2785
+	SYS___SCALBN_H                      = 0xAE2 // 2786
+	SYS_SCALBNF                         = 0xAE3 // 2787
+	SYS___SCALBNF_B                     = 0xAE4 // 2788
+	SYS___SCALBNF_H                     = 0xAE5 // 2789
+	SYS_SCALBNL                         = 0xAE6 // 2790
+	SYS___SCALBNL_B                     = 0xAE7 // 2791
+	SYS___SCALBNL_H                     = 0xAE8 // 2792
+	SYS___TGAMMAL_H                     = 0xAE9 // 2793
+	SYS_FECLEAREXCEPT                   = 0xAEA // 2794
+	SYS_FEGETENV                        = 0xAEB // 2795
+	SYS_FEGETEXCEPTFLAG                 = 0xAEC // 2796
+	SYS_FEGETROUND                      = 0xAED // 2797
+	SYS_FEHOLDEXCEPT                    = 0xAEE // 2798
+	SYS_FERAISEEXCEPT                   = 0xAEF // 2799
+	SYS_FESETENV                        = 0xAF0 // 2800
+	SYS_FESETEXCEPTFLAG                 = 0xAF1 // 2801
+	SYS_FESETROUND                      = 0xAF2 // 2802
+	SYS_FETESTEXCEPT                    = 0xAF3 // 2803
+	SYS_FEUPDATEENV                     = 0xAF4 // 2804
+	SYS___COPYSIGN_H                    = 0xAF5 // 2805
+	SYS___HYPOTF_H                      = 0xAF6 // 2806
+	SYS___HYPOTL_H                      = 0xAF7 // 2807
+	SYS___CLASS                         = 0xAFA // 2810
+	SYS___CLASS_B                       = 0xAFB // 2811
+	SYS___CLASS_H                       = 0xAFC // 2812
+	SYS___ISBLANK_A                     = 0xB2E // 2862
+	SYS___ISWBLANK_A                    = 0xB2F // 2863
+	SYS___LROUND_FIXUP                  = 0xB30 // 2864
+	SYS___LROUNDF_FIXUP                 = 0xB31 // 2865
+	SYS_SCHED_YIELD                     = 0xB32 // 2866
+	SYS_STRERROR_R                      = 0xB33 // 2867
+	SYS_UNSETENV                        = 0xB34 // 2868
+	SYS___LGAMMA_H_C99                  = 0xB38 // 2872
+	SYS___LGAMMA_B_C99                  = 0xB39 // 2873
+	SYS___LGAMMA_R_C99                  = 0xB3A // 2874
+	SYS___FTELL2                        = 0xB3B // 2875
+	SYS___FSEEK2                        = 0xB3C // 2876
+	SYS___STATIC_REINIT                 = 0xB3D // 2877
+	SYS_PTHREAD_ATTR_GETSTACK           = 0xB3E // 2878
+	SYS_PTHREAD_ATTR_SETSTACK           = 0xB3F // 2879
+	SYS___TGAMMA_H_C99                  = 0xB78 // 2936
+	SYS___TGAMMAF_H_C99                 = 0xB79 // 2937
+	SYS___LE_TRACEBACK                  = 0xB7A // 2938
+	SYS___MUST_STAY_CLEAN               = 0xB7C // 2940
+	SYS___O_ENV                         = 0xB7D // 2941
+	SYS_ACOSD32                         = 0xB7E // 2942
+	SYS_ACOSD64                         = 0xB7F // 2943
+	SYS_ACOSD128                        = 0xB80 // 2944
+	SYS_ACOSHD32                        = 0xB81 // 2945
+	SYS_ACOSHD64                        = 0xB82 // 2946
+	SYS_ACOSHD128                       = 0xB83 // 2947
+	SYS_ASIND32                         = 0xB84 // 2948
+	SYS_ASIND64                         = 0xB85 // 2949
+	SYS_ASIND128                        = 0xB86 // 2950
+	SYS_ASINHD32                        = 0xB87 // 2951
+	SYS_ASINHD64                        = 0xB88 // 2952
+	SYS_ASINHD128                       = 0xB89 // 2953
+	SYS_ATAND32                         = 0xB8A // 2954
+	SYS_ATAND64                         = 0xB8B // 2955
+	SYS_ATAND128                        = 0xB8C // 2956
+	SYS_ATAN2D32                        = 0xB8D // 2957
+	SYS_ATAN2D64                        = 0xB8E // 2958
+	SYS_ATAN2D128                       = 0xB8F // 2959
+	SYS_ATANHD32                        = 0xB90 // 2960
+	SYS_ATANHD64                        = 0xB91 // 2961
+	SYS_ATANHD128                       = 0xB92 // 2962
+	SYS_CBRTD32                         = 0xB93 // 2963
+	SYS_CBRTD64                         = 0xB94 // 2964
+	SYS_CBRTD128                        = 0xB95 // 2965
+	SYS_CEILD32                         = 0xB96 // 2966
+	SYS_CEILD64                         = 0xB97 // 2967
+	SYS_CEILD128                        = 0xB98 // 2968
+	SYS___CLASS2                        = 0xB99 // 2969
+	SYS___CLASS2_B                      = 0xB9A // 2970
+	SYS___CLASS2_H                      = 0xB9B // 2971
+	SYS_COPYSIGND32                     = 0xB9C // 2972
+	SYS_COPYSIGND64                     = 0xB9D // 2973
+	SYS_COPYSIGND128                    = 0xB9E // 2974
+	SYS_COSD32                          = 0xB9F // 2975
+	SYS_COSD64                          = 0xBA0 // 2976
+	SYS_COSD128                         = 0xBA1 // 2977
+	SYS_COSHD32                         = 0xBA2 // 2978
+	SYS_COSHD64                         = 0xBA3 // 2979
+	SYS_COSHD128                        = 0xBA4 // 2980
+	SYS_ERFD32                          = 0xBA5 // 2981
+	SYS_ERFD64                          = 0xBA6 // 2982
+	SYS_ERFD128                         = 0xBA7 // 2983
+	SYS_ERFCD32                         = 0xBA8 // 2984
+	SYS_ERFCD64                         = 0xBA9 // 2985
+	SYS_ERFCD128                        = 0xBAA // 2986
+	SYS_EXPD32                          = 0xBAB // 2987
+	SYS_EXPD64                          = 0xBAC // 2988
+	SYS_EXPD128                         = 0xBAD // 2989
+	SYS_EXP2D32                         = 0xBAE // 2990
+	SYS_EXP2D64                         = 0xBAF // 2991
+	SYS_EXP2D128                        = 0xBB0 // 2992
+	SYS_EXPM1D32                        = 0xBB1 // 2993
+	SYS_EXPM1D64                        = 0xBB2 // 2994
+	SYS_EXPM1D128                       = 0xBB3 // 2995
+	SYS_FABSD32                         = 0xBB4 // 2996
+	SYS_FABSD64                         = 0xBB5 // 2997
+	SYS_FABSD128                        = 0xBB6 // 2998
+	SYS_FDIMD32                         = 0xBB7 // 2999
+	SYS_FDIMD64                         = 0xBB8 // 3000
+	SYS_FDIMD128                        = 0xBB9 // 3001
+	SYS_FE_DEC_GETROUND                 = 0xBBA // 3002
+	SYS_FE_DEC_SETROUND                 = 0xBBB // 3003
+	SYS_FLOORD32                        = 0xBBC // 3004
+	SYS_FLOORD64                        = 0xBBD // 3005
+	SYS_FLOORD128                       = 0xBBE // 3006
+	SYS_FMAD32                          = 0xBBF // 3007
+	SYS_FMAD64                          = 0xBC0 // 3008
+	SYS_FMAD128                         = 0xBC1 // 3009
+	SYS_FMAXD32                         = 0xBC2 // 3010
+	SYS_FMAXD64                         = 0xBC3 // 3011
+	SYS_FMAXD128                        = 0xBC4 // 3012
+	SYS_FMIND32                         = 0xBC5 // 3013
+	SYS_FMIND64                         = 0xBC6 // 3014
+	SYS_FMIND128                        = 0xBC7 // 3015
+	SYS_FMODD32                         = 0xBC8 // 3016
+	SYS_FMODD64                         = 0xBC9 // 3017
+	SYS_FMODD128                        = 0xBCA // 3018
+	SYS___FP_CAST_D                     = 0xBCB // 3019
+	SYS_FREXPD32                        = 0xBCC // 3020
+	SYS_FREXPD64                        = 0xBCD // 3021
+	SYS_FREXPD128                       = 0xBCE // 3022
+	SYS_HYPOTD32                        = 0xBCF // 3023
+	SYS_HYPOTD64                        = 0xBD0 // 3024
+	SYS_HYPOTD128                       = 0xBD1 // 3025
+	SYS_ILOGBD32                        = 0xBD2 // 3026
+	SYS_ILOGBD64                        = 0xBD3 // 3027
+	SYS_ILOGBD128                       = 0xBD4 // 3028
+	SYS_LDEXPD32                        = 0xBD5 // 3029
+	SYS_LDEXPD64                        = 0xBD6 // 3030
+	SYS_LDEXPD128                       = 0xBD7 // 3031
+	SYS_LGAMMAD32                       = 0xBD8 // 3032
+	SYS_LGAMMAD64                       = 0xBD9 // 3033
+	SYS_LGAMMAD128                      = 0xBDA // 3034
+	SYS_LLRINTD32                       = 0xBDB // 3035
+	SYS_LLRINTD64                       = 0xBDC // 3036
+	SYS_LLRINTD128                      = 0xBDD // 3037
+	SYS_LLROUNDD32                      = 0xBDE // 3038
+	SYS_LLROUNDD64                      = 0xBDF // 3039
+	SYS_LLROUNDD128                     = 0xBE0 // 3040
+	SYS_LOGD32                          = 0xBE1 // 3041
+	SYS_LOGD64                          = 0xBE2 // 3042
+	SYS_LOGD128                         = 0xBE3 // 3043
+	SYS_LOG10D32                        = 0xBE4 // 3044
+	SYS_LOG10D64                        = 0xBE5 // 3045
+	SYS_LOG10D128                       = 0xBE6 // 3046
+	SYS_LOG1PD32                        = 0xBE7 // 3047
+	SYS_LOG1PD64                        = 0xBE8 // 3048
+	SYS_LOG1PD128                       = 0xBE9 // 3049
+	SYS_LOG2D32                         = 0xBEA // 3050
+	SYS_LOG2D64                         = 0xBEB // 3051
+	SYS_LOG2D128                        = 0xBEC // 3052
+	SYS_LOGBD32                         = 0xBED // 3053
+	SYS_LOGBD64                         = 0xBEE // 3054
+	SYS_LOGBD128                        = 0xBEF // 3055
+	SYS_LRINTD32                        = 0xBF0 // 3056
+	SYS_LRINTD64                        = 0xBF1 // 3057
+	SYS_LRINTD128                       = 0xBF2 // 3058
+	SYS_LROUNDD32                       = 0xBF3 // 3059
+	SYS_LROUNDD64                       = 0xBF4 // 3060
+	SYS_LROUNDD128                      = 0xBF5 // 3061
+	SYS_MODFD32                         = 0xBF6 // 3062
+	SYS_MODFD64                         = 0xBF7 // 3063
+	SYS_MODFD128                        = 0xBF8 // 3064
+	SYS_NAND32                          = 0xBF9 // 3065
+	SYS_NAND64                          = 0xBFA // 3066
+	SYS_NAND128                         = 0xBFB // 3067
+	SYS_NEARBYINTD32                    = 0xBFC // 3068
+	SYS_NEARBYINTD64                    = 0xBFD // 3069
+	SYS_NEARBYINTD128                   = 0xBFE // 3070
+	SYS_NEXTAFTERD32                    = 0xBFF // 3071
+	SYS_NEXTAFTERD64                    = 0xC00 // 3072
+	SYS_NEXTAFTERD128                   = 0xC01 // 3073
+	SYS_NEXTTOWARDD32                   = 0xC02 // 3074
+	SYS_NEXTTOWARDD64                   = 0xC03 // 3075
+	SYS_NEXTTOWARDD128                  = 0xC04 // 3076
+	SYS_POWD32                          = 0xC05 // 3077
+	SYS_POWD64                          = 0xC06 // 3078
+	SYS_POWD128                         = 0xC07 // 3079
+	SYS_QUANTIZED32                     = 0xC08 // 3080
+	SYS_QUANTIZED64                     = 0xC09 // 3081
+	SYS_QUANTIZED128                    = 0xC0A // 3082
+	SYS_REMAINDERD32                    = 0xC0B // 3083
+	SYS_REMAINDERD64                    = 0xC0C // 3084
+	SYS_REMAINDERD128                   = 0xC0D // 3085
+	SYS___REMQUOD32                     = 0xC0E // 3086
+	SYS___REMQUOD64                     = 0xC0F // 3087
+	SYS___REMQUOD128                    = 0xC10 // 3088
+	SYS_RINTD32                         = 0xC11 // 3089
+	SYS_RINTD64                         = 0xC12 // 3090
+	SYS_RINTD128                        = 0xC13 // 3091
+	SYS_ROUNDD32                        = 0xC14 // 3092
+	SYS_ROUNDD64                        = 0xC15 // 3093
+	SYS_ROUNDD128                       = 0xC16 // 3094
+	SYS_SAMEQUANTUMD32                  = 0xC17 // 3095
+	SYS_SAMEQUANTUMD64                  = 0xC18 // 3096
+	SYS_SAMEQUANTUMD128                 = 0xC19 // 3097
+	SYS_SCALBLND32                      = 0xC1A // 3098
+	SYS_SCALBLND64                      = 0xC1B // 3099
+	SYS_SCALBLND128                     = 0xC1C // 3100
+	SYS_SCALBND32                       = 0xC1D // 3101
+	SYS_SCALBND64                       = 0xC1E // 3102
+	SYS_SCALBND128                      = 0xC1F // 3103
+	SYS_SIND32                          = 0xC20 // 3104
+	SYS_SIND64                          = 0xC21 // 3105
+	SYS_SIND128                         = 0xC22 // 3106
+	SYS_SINHD32                         = 0xC23 // 3107
+	SYS_SINHD64                         = 0xC24 // 3108
+	SYS_SINHD128                        = 0xC25 // 3109
+	SYS_SQRTD32                         = 0xC26 // 3110
+	SYS_SQRTD64                         = 0xC27 // 3111
+	SYS_SQRTD128                        = 0xC28 // 3112
+	SYS_STRTOD32                        = 0xC29 // 3113
+	SYS_STRTOD64                        = 0xC2A // 3114
+	SYS_STRTOD128                       = 0xC2B // 3115
+	SYS_TAND32                          = 0xC2C // 3116
+	SYS_TAND64                          = 0xC2D // 3117
+	SYS_TAND128                         = 0xC2E // 3118
+	SYS_TANHD32                         = 0xC2F // 3119
+	SYS_TANHD64                         = 0xC30 // 3120
+	SYS_TANHD128                        = 0xC31 // 3121
+	SYS_TGAMMAD32                       = 0xC32 // 3122
+	SYS_TGAMMAD64                       = 0xC33 // 3123
+	SYS_TGAMMAD128                      = 0xC34 // 3124
+	SYS_TRUNCD32                        = 0xC3E // 3134
+	SYS_TRUNCD64                        = 0xC3F // 3135
+	SYS_TRUNCD128                       = 0xC40 // 3136
+	SYS_WCSTOD32                        = 0xC41 // 3137
+	SYS_WCSTOD64                        = 0xC42 // 3138
+	SYS_WCSTOD128                       = 0xC43 // 3139
+	SYS___CODEPAGE_INFO                 = 0xC64 // 3172
+	SYS_POSIX_OPENPT                    = 0xC66 // 3174
+	SYS_PSELECT                         = 0xC67 // 3175
+	SYS_SOCKATMARK                      = 0xC68 // 3176
+	SYS_AIO_FSYNC                       = 0xC69 // 3177
+	SYS_LIO_LISTIO                      = 0xC6A // 3178
+	SYS___ATANPID32                     = 0xC6B // 3179
+	SYS___ATANPID64                     = 0xC6C // 3180
+	SYS___ATANPID128                    = 0xC6D // 3181
+	SYS___COSPID32                      = 0xC6E // 3182
+	SYS___COSPID64                      = 0xC6F // 3183
+	SYS___COSPID128                     = 0xC70 // 3184
+	SYS___SINPID32                      = 0xC71 // 3185
+	SYS___SINPID64                      = 0xC72 // 3186
+	SYS___SINPID128                     = 0xC73 // 3187
+	SYS_SETIPV4SOURCEFILTER             = 0xC76 // 3190
+	SYS_GETIPV4SOURCEFILTER             = 0xC77 // 3191
+	SYS_SETSOURCEFILTER                 = 0xC78 // 3192
+	SYS_GETSOURCEFILTER                 = 0xC79 // 3193
+	SYS_FWRITE_UNLOCKED                 = 0xC7A // 3194
+	SYS_FREAD_UNLOCKED                  = 0xC7B // 3195
+	SYS_FGETS_UNLOCKED                  = 0xC7C // 3196
+	SYS_GETS_UNLOCKED                   = 0xC7D // 3197
+	SYS_FPUTS_UNLOCKED                  = 0xC7E // 3198
+	SYS_PUTS_UNLOCKED                   = 0xC7F // 3199
+	SYS_FGETC_UNLOCKED                  = 0xC80 // 3200
+	SYS_FPUTC_UNLOCKED                  = 0xC81 // 3201
+	SYS_DLADDR                          = 0xC82 // 3202
+	SYS_SHM_OPEN                        = 0xC8C // 3212
+	SYS_SHM_UNLINK                      = 0xC8D // 3213
+	SYS___CLASS2F                       = 0xC91 // 3217
+	SYS___CLASS2L                       = 0xC92 // 3218
+	SYS___CLASS2F_B                     = 0xC93 // 3219
+	SYS___CLASS2F_H                     = 0xC94 // 3220
+	SYS___CLASS2L_B                     = 0xC95 // 3221
+	SYS___CLASS2L_H                     = 0xC96 // 3222
+	SYS___CLASS2D32                     = 0xC97 // 3223
+	SYS___CLASS2D64                     = 0xC98 // 3224
+	SYS___CLASS2D128                    = 0xC99 // 3225
+	SYS___TOCSNAME2                     = 0xC9A // 3226
+	SYS___D1TOP                         = 0xC9B // 3227
+	SYS___D2TOP                         = 0xC9C // 3228
+	SYS___D4TOP                         = 0xC9D // 3229
+	SYS___PTOD1                         = 0xC9E // 3230
+	SYS___PTOD2                         = 0xC9F // 3231
+	SYS___PTOD4                         = 0xCA0 // 3232
+	SYS_CLEARERR_UNLOCKED               = 0xCA1 // 3233
+	SYS_FDELREC_UNLOCKED                = 0xCA2 // 3234
+	SYS_FEOF_UNLOCKED                   = 0xCA3 // 3235
+	SYS_FERROR_UNLOCKED                 = 0xCA4 // 3236
+	SYS_FFLUSH_UNLOCKED                 = 0xCA5 // 3237
+	SYS_FGETPOS_UNLOCKED                = 0xCA6 // 3238
+	SYS_FGETWC_UNLOCKED                 = 0xCA7 // 3239
+	SYS_FGETWS_UNLOCKED                 = 0xCA8 // 3240
+	SYS_FILENO_UNLOCKED                 = 0xCA9 // 3241
+	SYS_FLDATA_UNLOCKED                 = 0xCAA // 3242
+	SYS_FLOCATE_UNLOCKED                = 0xCAB // 3243
+	SYS_FPRINTF_UNLOCKED                = 0xCAC // 3244
+	SYS_FPUTWC_UNLOCKED                 = 0xCAD // 3245
+	SYS_FPUTWS_UNLOCKED                 = 0xCAE // 3246
+	SYS_FSCANF_UNLOCKED                 = 0xCAF // 3247
+	SYS_FSEEK_UNLOCKED                  = 0xCB0 // 3248
+	SYS_FSEEKO_UNLOCKED                 = 0xCB1 // 3249
+	SYS_FSETPOS_UNLOCKED                = 0xCB3 // 3251
+	SYS_FTELL_UNLOCKED                  = 0xCB4 // 3252
+	SYS_FTELLO_UNLOCKED                 = 0xCB5 // 3253
+	SYS_FUPDATE_UNLOCKED                = 0xCB7 // 3255
+	SYS_FWIDE_UNLOCKED                  = 0xCB8 // 3256
+	SYS_FWPRINTF_UNLOCKED               = 0xCB9 // 3257
+	SYS_FWSCANF_UNLOCKED                = 0xCBA // 3258
+	SYS_GETWC_UNLOCKED                  = 0xCBB // 3259
+	SYS_GETWCHAR_UNLOCKED               = 0xCBC // 3260
+	SYS_PERROR_UNLOCKED                 = 0xCBD // 3261
+	SYS_PRINTF_UNLOCKED                 = 0xCBE // 3262
+	SYS_PUTWC_UNLOCKED                  = 0xCBF // 3263
+	SYS_PUTWCHAR_UNLOCKED               = 0xCC0 // 3264
+	SYS_REWIND_UNLOCKED                 = 0xCC1 // 3265
+	SYS_SCANF_UNLOCKED                  = 0xCC2 // 3266
+	SYS_UNGETC_UNLOCKED                 = 0xCC3 // 3267
+	SYS_UNGETWC_UNLOCKED                = 0xCC4 // 3268
+	SYS_VFPRINTF_UNLOCKED               = 0xCC5 // 3269
+	SYS_VFSCANF_UNLOCKED                = 0xCC7 // 3271
+	SYS_VFWPRINTF_UNLOCKED              = 0xCC9 // 3273
+	SYS_VFWSCANF_UNLOCKED               = 0xCCB // 3275
+	SYS_VPRINTF_UNLOCKED                = 0xCCD // 3277
+	SYS_VSCANF_UNLOCKED                 = 0xCCF // 3279
+	SYS_VWPRINTF_UNLOCKED               = 0xCD1 // 3281
+	SYS_VWSCANF_UNLOCKED                = 0xCD3 // 3283
+	SYS_WPRINTF_UNLOCKED                = 0xCD5 // 3285
+	SYS_WSCANF_UNLOCKED                 = 0xCD6 // 3286
+	SYS_ASCTIME64                       = 0xCD7 // 3287
+	SYS_ASCTIME64_R                     = 0xCD8 // 3288
+	SYS_CTIME64                         = 0xCD9 // 3289
+	SYS_CTIME64_R                       = 0xCDA // 3290
+	SYS_DIFFTIME64                      = 0xCDB // 3291
+	SYS_GMTIME64                        = 0xCDC // 3292
+	SYS_GMTIME64_R                      = 0xCDD // 3293
+	SYS_LOCALTIME64                     = 0xCDE // 3294
+	SYS_LOCALTIME64_R                   = 0xCDF // 3295
+	SYS_MKTIME64                        = 0xCE0 // 3296
+	SYS_TIME64                          = 0xCE1 // 3297
+	SYS___LOGIN_APPLID                  = 0xCE2 // 3298
+	SYS___PASSWD_APPLID                 = 0xCE3 // 3299
+	SYS_PTHREAD_SECURITY_APPLID_NP      = 0xCE4 // 3300
+	SYS___GETTHENT                      = 0xCE5 // 3301
+	SYS_FREEIFADDRS                     = 0xCE6 // 3302
+	SYS_GETIFADDRS                      = 0xCE7 // 3303
+	SYS_POSIX_FALLOCATE                 = 0xCE8 // 3304
+	SYS_POSIX_MEMALIGN                  = 0xCE9 // 3305
+	SYS_SIZEOF_ALLOC                    = 0xCEA // 3306
+	SYS_RESIZE_ALLOC                    = 0xCEB // 3307
+	SYS_FREAD_NOUPDATE                  = 0xCEC // 3308
+	SYS_FREAD_NOUPDATE_UNLOCKED         = 0xCED // 3309
+	SYS_FGETPOS64                       = 0xCEE // 3310
+	SYS_FSEEK64                         = 0xCEF // 3311
+	SYS_FSEEKO64                        = 0xCF0 // 3312
+	SYS_FSETPOS64                       = 0xCF1 // 3313
+	SYS_FTELL64                         = 0xCF2 // 3314
+	SYS_FTELLO64                        = 0xCF3 // 3315
+	SYS_FGETPOS64_UNLOCKED              = 0xCF4 // 3316
+	SYS_FSEEK64_UNLOCKED                = 0xCF5 // 3317
+	SYS_FSEEKO64_UNLOCKED               = 0xCF6 // 3318
+	SYS_FSETPOS64_UNLOCKED              = 0xCF7 // 3319
+	SYS_FTELL64_UNLOCKED                = 0xCF8 // 3320
+	SYS_FTELLO64_UNLOCKED               = 0xCF9 // 3321
+	SYS_FOPEN_UNLOCKED                  = 0xCFA // 3322
+	SYS_FREOPEN_UNLOCKED                = 0xCFB // 3323
+	SYS_FDOPEN_UNLOCKED                 = 0xCFC // 3324
+	SYS_TMPFILE_UNLOCKED                = 0xCFD // 3325
+	SYS___MOSERVICES                    = 0xD3D // 3389
+	SYS___GETTOD                        = 0xD3E // 3390
+	SYS_C16RTOMB                        = 0xD40 // 3392
+	SYS_C32RTOMB                        = 0xD41 // 3393
+	SYS_MBRTOC16                        = 0xD42 // 3394
+	SYS_MBRTOC32                        = 0xD43 // 3395
+	SYS_QUANTEXPD32                     = 0xD44 // 3396
+	SYS_QUANTEXPD64                     = 0xD45 // 3397
+	SYS_QUANTEXPD128                    = 0xD46 // 3398
+	SYS___LOCALE_CTL                    = 0xD47 // 3399
+	SYS___SMF_RECORD2                   = 0xD48 // 3400
+	SYS_FOPEN64                         = 0xD49 // 3401
+	SYS_FOPEN64_UNLOCKED                = 0xD4A // 3402
+	SYS_FREOPEN64                       = 0xD4B // 3403
+	SYS_FREOPEN64_UNLOCKED              = 0xD4C // 3404
+	SYS_TMPFILE64                       = 0xD4D // 3405
+	SYS_TMPFILE64_UNLOCKED              = 0xD4E // 3406
+	SYS_GETDATE64                       = 0xD4F // 3407
+	SYS_GETTIMEOFDAY64                  = 0xD50 // 3408
+	SYS_BIND2ADDRSEL                    = 0xD59 // 3417
+	SYS_INET6_IS_SRCADDR                = 0xD5A // 3418
+	SYS___GETGRGID1                     = 0xD5B // 3419
+	SYS___GETGRNAM1                     = 0xD5C // 3420
+	SYS___FBUFSIZE                      = 0xD60 // 3424
+	SYS___FPENDING                      = 0xD61 // 3425
+	SYS___FLBF                          = 0xD62 // 3426
+	SYS___FREADABLE                     = 0xD63 // 3427
+	SYS___FWRITABLE                     = 0xD64 // 3428
+	SYS___FREADING                      = 0xD65 // 3429
+	SYS___FWRITING                      = 0xD66 // 3430
+	SYS___FSETLOCKING                   = 0xD67 // 3431
+	SYS__FLUSHLBF                       = 0xD68 // 3432
+	SYS___FPURGE                        = 0xD69 // 3433
+	SYS___FREADAHEAD                    = 0xD6A // 3434
+	SYS___FSETERR                       = 0xD6B // 3435
+	SYS___FPENDING_UNLOCKED             = 0xD6C // 3436
+	SYS___FREADING_UNLOCKED             = 0xD6D // 3437
+	SYS___FWRITING_UNLOCKED             = 0xD6E // 3438
+	SYS__FLUSHLBF_UNLOCKED              = 0xD6F // 3439
+	SYS___FPURGE_UNLOCKED               = 0xD70 // 3440
+	SYS___FREADAHEAD_UNLOCKED           = 0xD71 // 3441
+	SYS___LE_CEEGTJS                    = 0xD72 // 3442
+	SYS___LE_RECORD_DUMP                = 0xD73 // 3443
+	SYS_FSTAT64                         = 0xD74 // 3444
+	SYS_LSTAT64                         = 0xD75 // 3445
+	SYS_STAT64                          = 0xD76 // 3446
+	SYS___READDIR2_64                   = 0xD77 // 3447
+	SYS___OPEN_STAT64                   = 0xD78 // 3448
+	SYS_FTW64                           = 0xD79 // 3449
+	SYS_NFTW64                          = 0xD7A // 3450
+	SYS_UTIME64                         = 0xD7B // 3451
+	SYS_UTIMES64                        = 0xD7C // 3452
+	SYS___GETIPC64                      = 0xD7D // 3453
+	SYS_MSGCTL64                        = 0xD7E // 3454
+	SYS_SEMCTL64                        = 0xD7F // 3455
+	SYS_SHMCTL64                        = 0xD80 // 3456
+	SYS_MSGXRCV64                       = 0xD81 // 3457
+	SYS___MGXR64                        = 0xD81 // 3457
+	SYS_W_GETPSENT64                    = 0xD82 // 3458
+	SYS_PTHREAD_COND_TIMEDWAIT64        = 0xD83 // 3459
+	SYS_FTIME64                         = 0xD85 // 3461
+	SYS_GETUTXENT64                     = 0xD86 // 3462
+	SYS_GETUTXID64                      = 0xD87 // 3463
+	SYS_GETUTXLINE64                    = 0xD88 // 3464
+	SYS_PUTUTXLINE64                    = 0xD89 // 3465
+	SYS_NEWLOCALE                       = 0xD8A // 3466
+	SYS_FREELOCALE                      = 0xD8B // 3467
+	SYS_USELOCALE                       = 0xD8C // 3468
+	SYS_DUPLOCALE                       = 0xD8D // 3469
+	SYS___CHATTR64                      = 0xD9C // 3484
+	SYS___LCHATTR64                     = 0xD9D // 3485
+	SYS___FCHATTR64                     = 0xD9E // 3486
+	SYS_____CHATTR64_A                  = 0xD9F // 3487
+	SYS_____LCHATTR64_A                 = 0xDA0 // 3488
+	SYS___LE_CEEUSGD                    = 0xDA1 // 3489
+	SYS___LE_IFAM_CON                   = 0xDA2 // 3490
+	SYS___LE_IFAM_DSC                   = 0xDA3 // 3491
+	SYS___LE_IFAM_GET                   = 0xDA4 // 3492
+	SYS___LE_IFAM_QRY                   = 0xDA5 // 3493
+	SYS_ALIGNED_ALLOC                   = 0xDA6 // 3494
+	SYS_ACCEPT4                         = 0xDA7 // 3495
+	SYS___ACCEPT4_A                     = 0xDA8 // 3496
+	SYS_COPYFILERANGE                   = 0xDA9 // 3497
+	SYS_GETLINE                         = 0xDAA // 3498
+	SYS___GETLINE_A                     = 0xDAB // 3499
+	SYS_DIRFD                           = 0xDAC // 3500
+	SYS_CLOCK_GETTIME                   = 0xDAD // 3501
+	SYS_DUP3                            = 0xDAE // 3502
+	SYS_EPOLL_CREATE                    = 0xDAF // 3503
+	SYS_EPOLL_CREATE1                   = 0xDB0 // 3504
+	SYS_EPOLL_CTL                       = 0xDB1 // 3505
+	SYS_EPOLL_WAIT                      = 0xDB2 // 3506
+	SYS_EPOLL_PWAIT                     = 0xDB3 // 3507
+	SYS_EVENTFD                         = 0xDB4 // 3508
+	SYS_STATFS                          = 0xDB5 // 3509
+	SYS___STATFS_A                      = 0xDB6 // 3510
+	SYS_FSTATFS                         = 0xDB7 // 3511
+	SYS_INOTIFY_INIT                    = 0xDB8 // 3512
+	SYS_INOTIFY_INIT1                   = 0xDB9 // 3513
+	SYS_INOTIFY_ADD_WATCH               = 0xDBA // 3514
+	SYS___INOTIFY_ADD_WATCH_A           = 0xDBB // 3515
+	SYS_INOTIFY_RM_WATCH                = 0xDBC // 3516
+	SYS_PIPE2                           = 0xDBD // 3517
+	SYS_PIVOT_ROOT                      = 0xDBE // 3518
+	SYS___PIVOT_ROOT_A                  = 0xDBF // 3519
+	SYS_PRCTL                           = 0xDC0 // 3520
+	SYS_PRLIMIT                         = 0xDC1 // 3521
+	SYS_SETHOSTNAME                     = 0xDC2 // 3522
+	SYS___SETHOSTNAME_A                 = 0xDC3 // 3523
+	SYS_SETRESUID                       = 0xDC4 // 3524
+	SYS_SETRESGID                       = 0xDC5 // 3525
+	SYS_PTHREAD_CONDATTR_GETCLOCK       = 0xDC6 // 3526
+	SYS_FLOCK                           = 0xDC7 // 3527
+	SYS_FGETXATTR                       = 0xDC8 // 3528
+	SYS___FGETXATTR_A                   = 0xDC9 // 3529
+	SYS_FLISTXATTR                      = 0xDCA // 3530
+	SYS___FLISTXATTR_A                  = 0xDCB // 3531
+	SYS_FREMOVEXATTR                    = 0xDCC // 3532
+	SYS___FREMOVEXATTR_A                = 0xDCD // 3533
+	SYS_FSETXATTR                       = 0xDCE // 3534
+	SYS___FSETXATTR_A                   = 0xDCF // 3535
+	SYS_GETXATTR                        = 0xDD0 // 3536
+	SYS___GETXATTR_A                    = 0xDD1 // 3537
+	SYS_LGETXATTR                       = 0xDD2 // 3538
+	SYS___LGETXATTR_A                   = 0xDD3 // 3539
+	SYS_LISTXATTR                       = 0xDD4 // 3540
+	SYS___LISTXATTR_A                   = 0xDD5 // 3541
+	SYS_LLISTXATTR                      = 0xDD6 // 3542
+	SYS___LLISTXATTR_A                  = 0xDD7 // 3543
+	SYS_LREMOVEXATTR                    = 0xDD8 // 3544
+	SYS___LREMOVEXATTR_A                = 0xDD9 // 3545
+	SYS_LSETXATTR                       = 0xDDA // 3546
+	SYS___LSETXATTR_A                   = 0xDDB // 3547
+	SYS_REMOVEXATTR                     = 0xDDC // 3548
+	SYS___REMOVEXATTR_A                 = 0xDDD // 3549
+	SYS_SETXATTR                        = 0xDDE // 3550
+	SYS___SETXATTR_A                    = 0xDDF // 3551
+	SYS_FDATASYNC                       = 0xDE0 // 3552
+	SYS_SYNCFS                          = 0xDE1 // 3553
+	SYS_FUTIMES                         = 0xDE2 // 3554
+	SYS_FUTIMESAT                       = 0xDE3 // 3555
+	SYS___FUTIMESAT_A                   = 0xDE4 // 3556
+	SYS_LUTIMES                         = 0xDE5 // 3557
+	SYS___LUTIMES_A                     = 0xDE6 // 3558
+	SYS_INET_ATON                       = 0xDE7 // 3559
+	SYS_GETRANDOM                       = 0xDE8 // 3560
+	SYS_GETTID                          = 0xDE9 // 3561
+	SYS_MEMFD_CREATE                    = 0xDEA // 3562
+	SYS___MEMFD_CREATE_A                = 0xDEB // 3563
+	SYS_FACCESSAT                       = 0xDEC // 3564
+	SYS___FACCESSAT_A                   = 0xDED // 3565
+	SYS_FCHMODAT                        = 0xDEE // 3566
+	SYS___FCHMODAT_A                    = 0xDEF // 3567
+	SYS_FCHOWNAT                        = 0xDF0 // 3568
+	SYS___FCHOWNAT_A                    = 0xDF1 // 3569
+	SYS_FSTATAT                         = 0xDF2 // 3570
+	SYS___FSTATAT_A                     = 0xDF3 // 3571
+	SYS_LINKAT                          = 0xDF4 // 3572
+	SYS___LINKAT_A                      = 0xDF5 // 3573
+	SYS_MKDIRAT                         = 0xDF6 // 3574
+	SYS___MKDIRAT_A                     = 0xDF7 // 3575
+	SYS_MKFIFOAT                        = 0xDF8 // 3576
+	SYS___MKFIFOAT_A                    = 0xDF9 // 3577
+	SYS_MKNODAT                         = 0xDFA // 3578
+	SYS___MKNODAT_A                     = 0xDFB // 3579
+	SYS_OPENAT                          = 0xDFC // 3580
+	SYS___OPENAT_A                      = 0xDFD // 3581
+	SYS_READLINKAT                      = 0xDFE // 3582
+	SYS___READLINKAT_A                  = 0xDFF // 3583
+	SYS_RENAMEAT                        = 0xE00 // 3584
+	SYS___RENAMEAT_A                    = 0xE01 // 3585
+	SYS_RENAMEAT2                       = 0xE02 // 3586
+	SYS___RENAMEAT2_A                   = 0xE03 // 3587
+	SYS_SYMLINKAT                       = 0xE04 // 3588
+	SYS___SYMLINKAT_A                   = 0xE05 // 3589
+	SYS_UNLINKAT                        = 0xE06 // 3590
+	SYS___UNLINKAT_A                    = 0xE07 // 3591
+	SYS_SYSINFO                         = 0xE08 // 3592
+	SYS_WAIT4                           = 0xE0A // 3594
+	SYS_CLONE                           = 0xE0B // 3595
+	SYS_UNSHARE                         = 0xE0C // 3596
+	SYS_SETNS                           = 0xE0D // 3597
+	SYS_CAPGET                          = 0xE0E // 3598
+	SYS_CAPSET                          = 0xE0F // 3599
+	SYS_STRCHRNUL                       = 0xE10 // 3600
+	SYS_PTHREAD_CONDATTR_SETCLOCK       = 0xE12 // 3602
+	SYS_OPEN_BY_HANDLE_AT               = 0xE13 // 3603
+	SYS___OPEN_BY_HANDLE_AT_A           = 0xE14 // 3604
+	SYS___INET_ATON_A                   = 0xE15 // 3605
+	SYS_MOUNT1                          = 0xE16 // 3606
+	SYS___MOUNT1_A                      = 0xE17 // 3607
+	SYS_UMOUNT1                         = 0xE18 // 3608
+	SYS___UMOUNT1_A                     = 0xE19 // 3609
+	SYS_UMOUNT2                         = 0xE1A // 3610
+	SYS___UMOUNT2_A                     = 0xE1B // 3611
+	SYS___PRCTL_A                       = 0xE1C // 3612
+	SYS_LOCALTIME_R2                    = 0xE1D // 3613
+	SYS___LOCALTIME_R2_A                = 0xE1E // 3614
+	SYS_OPENAT2                         = 0xE1F // 3615
+	SYS___OPENAT2_A                     = 0xE20 // 3616
+	SYS___LE_CEEMICT                    = 0xE21 // 3617
+	SYS_GETENTROPY                      = 0xE22 // 3618
+	SYS_NANOSLEEP                       = 0xE23 // 3619
+	SYS_UTIMENSAT                       = 0xE24 // 3620
+	SYS___UTIMENSAT_A                   = 0xE25 // 3621
+	SYS_ASPRINTF                        = 0xE26 // 3622
+	SYS___ASPRINTF_A                    = 0xE27 // 3623
+	SYS_VASPRINTF                       = 0xE28 // 3624
+	SYS___VASPRINTF_A                   = 0xE29 // 3625
+	SYS_DPRINTF                         = 0xE2A // 3626
+	SYS___DPRINTF_A                     = 0xE2B // 3627
+	SYS_GETOPT_LONG                     = 0xE2C // 3628
+	SYS___GETOPT_LONG_A                 = 0xE2D // 3629
+	SYS_PSIGNAL                         = 0xE2E // 3630
+	SYS___PSIGNAL_A                     = 0xE2F // 3631
+	SYS_PSIGNAL_UNLOCKED                = 0xE30 // 3632
+	SYS___PSIGNAL_UNLOCKED_A            = 0xE31 // 3633
+	SYS_FSTATAT_O                       = 0xE32 // 3634
+	SYS___FSTATAT_O_A                   = 0xE33 // 3635
+	SYS_FSTATAT64                       = 0xE34 // 3636
+	SYS___FSTATAT64_A                   = 0xE35 // 3637
+	SYS___CHATTRAT                      = 0xE36 // 3638
+	SYS_____CHATTRAT_A                  = 0xE37 // 3639
+	SYS___CHATTRAT64                    = 0xE38 // 3640
+	SYS_____CHATTRAT64_A                = 0xE39 // 3641
+	SYS_MADVISE                         = 0xE3A // 3642
+	SYS___AUTHENTICATE                  = 0xE3B // 3643
+
 )
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
index 091d107f3..17c53bd9b 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
@@ -306,6 +306,19 @@ type XVSockPgen struct {
 
 type _Socklen uint32
 
+type SaeAssocID uint32
+
+type SaeConnID uint32
+
+type SaEndpoints struct {
+	Srcif      uint32
+	Srcaddr    *RawSockaddr
+	Srcaddrlen uint32
+	Dstaddr    *RawSockaddr
+	Dstaddrlen uint32
+	_          [4]byte
+}
+
 type Xucred struct {
 	Version uint32
 	Uid     uint32
@@ -449,11 +462,14 @@ type FdSet struct {
 
 const (
 	SizeofIfMsghdr    = 0x70
+	SizeofIfMsghdr2   = 0xa0
 	SizeofIfData      = 0x60
+	SizeofIfData64    = 0x80
 	SizeofIfaMsghdr   = 0x14
 	SizeofIfmaMsghdr  = 0x10
 	SizeofIfmaMsghdr2 = 0x14
 	SizeofRtMsghdr    = 0x5c
+	SizeofRtMsghdr2   = 0x5c
 	SizeofRtMetrics   = 0x38
 )
 
@@ -467,6 +483,20 @@ type IfMsghdr struct {
 	Data    IfData
 }
 
+type IfMsghdr2 struct {
+	Msglen     uint16
+	Version    uint8
+	Type       uint8
+	Addrs      int32
+	Flags      int32
+	Index      uint16
+	Snd_len    int32
+	Snd_maxlen int32
+	Snd_drops  int32
+	Timer      int32
+	Data       IfData64
+}
+
 type IfData struct {
 	Type       uint8
 	Typelen    uint8
@@ -499,6 +529,34 @@ type IfData struct {
 	Reserved2  uint32
 }
 
+type IfData64 struct {
+	Type       uint8
+	Typelen    uint8
+	Physical   uint8
+	Addrlen    uint8
+	Hdrlen     uint8
+	Recvquota  uint8
+	Xmitquota  uint8
+	Unused1    uint8
+	Mtu        uint32
+	Metric     uint32
+	Baudrate   uint64
+	Ipackets   uint64
+	Ierrors    uint64
+	Opackets   uint64
+	Oerrors    uint64
+	Collisions uint64
+	Ibytes     uint64
+	Obytes     uint64
+	Imcasts    uint64
+	Omcasts    uint64
+	Iqdrops    uint64
+	Noproto    uint64
+	Recvtiming uint32
+	Xmittiming uint32
+	Lastchange Timeval32
+}
+
 type IfaMsghdr struct {
 	Msglen  uint16
 	Version uint8
@@ -544,6 +602,21 @@ type RtMsghdr struct {
 	Rmx     RtMetrics
 }
 
+type RtMsghdr2 struct {
+	Msglen      uint16
+	Version     uint8
+	Type        uint8
+	Index       uint16
+	Flags       int32
+	Addrs       int32
+	Refcnt      int32
+	Parentflags int32
+	Reserved    int32
+	Use         int32
+	Inits       uint32
+	Rmx         RtMetrics
+}
+
 type RtMetrics struct {
 	Locks    uint32
 	Mtu      uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
index 28ff4ef74..2392226a7 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
@@ -306,6 +306,19 @@ type XVSockPgen struct {
 
 type _Socklen uint32
 
+type SaeAssocID uint32
+
+type SaeConnID uint32
+
+type SaEndpoints struct {
+	Srcif      uint32
+	Srcaddr    *RawSockaddr
+	Srcaddrlen uint32
+	Dstaddr    *RawSockaddr
+	Dstaddrlen uint32
+	_          [4]byte
+}
+
 type Xucred struct {
 	Version uint32
 	Uid     uint32
@@ -449,11 +462,14 @@ type FdSet struct {
 
 const (
 	SizeofIfMsghdr    = 0x70
+	SizeofIfMsghdr2   = 0xa0
 	SizeofIfData      = 0x60
+	SizeofIfData64    = 0x80
 	SizeofIfaMsghdr   = 0x14
 	SizeofIfmaMsghdr  = 0x10
 	SizeofIfmaMsghdr2 = 0x14
 	SizeofRtMsghdr    = 0x5c
+	SizeofRtMsghdr2   = 0x5c
 	SizeofRtMetrics   = 0x38
 )
 
@@ -467,6 +483,20 @@ type IfMsghdr struct {
 	Data    IfData
 }
 
+type IfMsghdr2 struct {
+	Msglen     uint16
+	Version    uint8
+	Type       uint8
+	Addrs      int32
+	Flags      int32
+	Index      uint16
+	Snd_len    int32
+	Snd_maxlen int32
+	Snd_drops  int32
+	Timer      int32
+	Data       IfData64
+}
+
 type IfData struct {
 	Type       uint8
 	Typelen    uint8
@@ -499,6 +529,34 @@ type IfData struct {
 	Reserved2  uint32
 }
 
+type IfData64 struct {
+	Type       uint8
+	Typelen    uint8
+	Physical   uint8
+	Addrlen    uint8
+	Hdrlen     uint8
+	Recvquota  uint8
+	Xmitquota  uint8
+	Unused1    uint8
+	Mtu        uint32
+	Metric     uint32
+	Baudrate   uint64
+	Ipackets   uint64
+	Ierrors    uint64
+	Opackets   uint64
+	Oerrors    uint64
+	Collisions uint64
+	Ibytes     uint64
+	Obytes     uint64
+	Imcasts    uint64
+	Omcasts    uint64
+	Iqdrops    uint64
+	Noproto    uint64
+	Recvtiming uint32
+	Xmittiming uint32
+	Lastchange Timeval32
+}
+
 type IfaMsghdr struct {
 	Msglen  uint16
 	Version uint8
@@ -544,6 +602,21 @@ type RtMsghdr struct {
 	Rmx     RtMetrics
 }
 
+type RtMsghdr2 struct {
+	Msglen      uint16
+	Version     uint8
+	Type        uint8
+	Index       uint16
+	Flags       int32
+	Addrs       int32
+	Refcnt      int32
+	Parentflags int32
+	Reserved    int32
+	Use         int32
+	Inits       uint32
+	Rmx         RtMetrics
+}
+
 type RtMetrics struct {
 	Locks    uint32
 	Mtu      uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
index 6cbd094a3..51e13eb05 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
@@ -625,6 +625,7 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
+	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
index 7c03b6ee7..d002d8ef3 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
@@ -630,6 +630,7 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
+	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
index 422107ee8..3f863d898 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
@@ -616,6 +616,7 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
+	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
index 505a12acf..61c729310 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
@@ -610,6 +610,7 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
+	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go
index cc986c790..b5d17414f 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go
@@ -612,6 +612,7 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
+	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index eff6bcdef..5537148dc 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -87,30 +87,35 @@ type StatxTimestamp struct {
 }
 
 type Statx_t struct {
-	Mask             uint32
-	Blksize          uint32
-	Attributes       uint64
-	Nlink            uint32
-	Uid              uint32
-	Gid              uint32
-	Mode             uint16
-	_                [1]uint16
-	Ino              uint64
-	Size             uint64
-	Blocks           uint64
-	Attributes_mask  uint64
-	Atime            StatxTimestamp
-	Btime            StatxTimestamp
-	Ctime            StatxTimestamp
-	Mtime            StatxTimestamp
-	Rdev_major       uint32
-	Rdev_minor       uint32
-	Dev_major        uint32
-	Dev_minor        uint32
-	Mnt_id           uint64
-	Dio_mem_align    uint32
-	Dio_offset_align uint32
-	_                [12]uint64
+	Mask                      uint32
+	Blksize                   uint32
+	Attributes                uint64
+	Nlink                     uint32
+	Uid                       uint32
+	Gid                       uint32
+	Mode                      uint16
+	_                         [1]uint16
+	Ino                       uint64
+	Size                      uint64
+	Blocks                    uint64
+	Attributes_mask           uint64
+	Atime                     StatxTimestamp
+	Btime                     StatxTimestamp
+	Ctime                     StatxTimestamp
+	Mtime                     StatxTimestamp
+	Rdev_major                uint32
+	Rdev_minor                uint32
+	Dev_major                 uint32
+	Dev_minor                 uint32
+	Mnt_id                    uint64
+	Dio_mem_align             uint32
+	Dio_offset_align          uint32
+	Subvol                    uint64
+	Atomic_write_unit_min     uint32
+	Atomic_write_unit_max     uint32
+	Atomic_write_segments_max uint32
+	_                         [1]uint32
+	_                         [9]uint64
 }
 
 type Fsid struct {
@@ -515,6 +520,29 @@ type TCPInfo struct {
 	Total_rto_time       uint32
 }
 
+type TCPVegasInfo struct {
+	Enabled uint32
+	Rttcnt  uint32
+	Rtt     uint32
+	Minrtt  uint32
+}
+
+type TCPDCTCPInfo struct {
+	Enabled  uint16
+	Ce_state uint16
+	Alpha    uint32
+	Ab_ecn   uint32
+	Ab_tot   uint32
+}
+
+type TCPBBRInfo struct {
+	Bw_lo       uint32
+	Bw_hi       uint32
+	Min_rtt     uint32
+	Pacing_gain uint32
+	Cwnd_gain   uint32
+}
+
 type CanFilter struct {
 	Id   uint32
 	Mask uint32
@@ -556,6 +584,7 @@ const (
 	SizeofICMPv6Filter      = 0x20
 	SizeofUcred             = 0xc
 	SizeofTCPInfo           = 0xf8
+	SizeofTCPCCInfo         = 0x14
 	SizeofCanFilter         = 0x8
 	SizeofTCPRepairOpt      = 0x8
 )
@@ -1178,7 +1207,8 @@ const (
 	PERF_SAMPLE_BRANCH_TYPE_SAVE_SHIFT    = 0x10
 	PERF_SAMPLE_BRANCH_HW_INDEX_SHIFT     = 0x11
 	PERF_SAMPLE_BRANCH_PRIV_SAVE_SHIFT    = 0x12
-	PERF_SAMPLE_BRANCH_MAX_SHIFT          = 0x13
+	PERF_SAMPLE_BRANCH_COUNTERS           = 0x80000
+	PERF_SAMPLE_BRANCH_MAX_SHIFT          = 0x14
 	PERF_SAMPLE_BRANCH_USER               = 0x1
 	PERF_SAMPLE_BRANCH_KERNEL             = 0x2
 	PERF_SAMPLE_BRANCH_HV                 = 0x4
@@ -1198,7 +1228,7 @@ const (
 	PERF_SAMPLE_BRANCH_TYPE_SAVE          = 0x10000
 	PERF_SAMPLE_BRANCH_HW_INDEX           = 0x20000
 	PERF_SAMPLE_BRANCH_PRIV_SAVE          = 0x40000
-	PERF_SAMPLE_BRANCH_MAX                = 0x80000
+	PERF_SAMPLE_BRANCH_MAX                = 0x100000
 	PERF_BR_UNKNOWN                       = 0x0
 	PERF_BR_COND                          = 0x1
 	PERF_BR_UNCOND                        = 0x2
@@ -1722,12 +1752,6 @@ const (
 	IFLA_IPVLAN_UNSPEC                         = 0x0
 	IFLA_IPVLAN_MODE                           = 0x1
 	IFLA_IPVLAN_FLAGS                          = 0x2
-	NETKIT_NEXT                                = -0x1
-	NETKIT_PASS                                = 0x0
-	NETKIT_DROP                                = 0x2
-	NETKIT_REDIRECT                            = 0x7
-	NETKIT_L2                                  = 0x0
-	NETKIT_L3                                  = 0x1
 	IFLA_NETKIT_UNSPEC                         = 0x0
 	IFLA_NETKIT_PEER_INFO                      = 0x1
 	IFLA_NETKIT_PRIMARY                        = 0x2
@@ -1766,6 +1790,7 @@ const (
 	IFLA_VXLAN_DF                              = 0x1d
 	IFLA_VXLAN_VNIFILTER                       = 0x1e
 	IFLA_VXLAN_LOCALBYPASS                     = 0x1f
+	IFLA_VXLAN_LABEL_POLICY                    = 0x20
 	IFLA_GENEVE_UNSPEC                         = 0x0
 	IFLA_GENEVE_ID                             = 0x1
 	IFLA_GENEVE_REMOTE                         = 0x2
@@ -1795,6 +1820,8 @@ const (
 	IFLA_GTP_ROLE                              = 0x4
 	IFLA_GTP_CREATE_SOCKETS                    = 0x5
 	IFLA_GTP_RESTART_COUNT                     = 0x6
+	IFLA_GTP_LOCAL                             = 0x7
+	IFLA_GTP_LOCAL6                            = 0x8
 	IFLA_BOND_UNSPEC                           = 0x0
 	IFLA_BOND_MODE                             = 0x1
 	IFLA_BOND_ACTIVE_SLAVE                     = 0x2
@@ -1827,6 +1854,7 @@ const (
 	IFLA_BOND_AD_LACP_ACTIVE                   = 0x1d
 	IFLA_BOND_MISSED_MAX                       = 0x1e
 	IFLA_BOND_NS_IP6_TARGET                    = 0x1f
+	IFLA_BOND_COUPLED_CONTROL                  = 0x20
 	IFLA_BOND_AD_INFO_UNSPEC                   = 0x0
 	IFLA_BOND_AD_INFO_AGGREGATOR               = 0x1
 	IFLA_BOND_AD_INFO_NUM_PORTS                = 0x2
@@ -1895,6 +1923,7 @@ const (
 	IFLA_HSR_SEQ_NR                            = 0x5
 	IFLA_HSR_VERSION                           = 0x6
 	IFLA_HSR_PROTOCOL                          = 0x7
+	IFLA_HSR_INTERLINK                         = 0x8
 	IFLA_STATS_UNSPEC                          = 0x0
 	IFLA_STATS_LINK_64                         = 0x1
 	IFLA_STATS_LINK_XSTATS                     = 0x2
@@ -1947,6 +1976,15 @@ const (
 	IFLA_DSA_MASTER                            = 0x1
 )
 
+const (
+	NETKIT_NEXT     = -0x1
+	NETKIT_PASS     = 0x0
+	NETKIT_DROP     = 0x2
+	NETKIT_REDIRECT = 0x7
+	NETKIT_L2       = 0x0
+	NETKIT_L3       = 0x1
+)
+
 const (
 	NF_INET_PRE_ROUTING  = 0x0
 	NF_INET_LOCAL_IN     = 0x1
@@ -2481,6 +2519,15 @@ type XDPMmapOffsets struct {
 	Cr XDPRingOffset
 }
 
+type XDPUmemReg struct {
+	Addr            uint64
+	Len             uint64
+	Size            uint32
+	Headroom        uint32
+	Flags           uint32
+	Tx_metadata_len uint32
+}
+
 type XDPStatistics struct {
 	Rx_dropped               uint64
 	Rx_invalid_descs         uint64
@@ -2547,8 +2594,8 @@ const (
 	SOF_TIMESTAMPING_BIND_PHC     = 0x8000
 	SOF_TIMESTAMPING_OPT_ID_TCP   = 0x10000
 
-	SOF_TIMESTAMPING_LAST = 0x10000
-	SOF_TIMESTAMPING_MASK = 0x1ffff
+	SOF_TIMESTAMPING_LAST = 0x20000
+	SOF_TIMESTAMPING_MASK = 0x3ffff
 
 	SCM_TSTAMP_SND   = 0x0
 	SCM_TSTAMP_SCHED = 0x1
@@ -2935,7 +2982,7 @@ const (
 	BPF_TCP_LISTEN                             = 0xa
 	BPF_TCP_CLOSING                            = 0xb
 	BPF_TCP_NEW_SYN_RECV                       = 0xc
-	BPF_TCP_MAX_STATES                         = 0xd
+	BPF_TCP_MAX_STATES                         = 0xe
 	TCP_BPF_IW                                 = 0x3e9
 	TCP_BPF_SNDCWND_CLAMP                      = 0x3ea
 	TCP_BPF_DELACK_MAX                         = 0x3eb
@@ -3211,7 +3258,7 @@ const (
 	DEVLINK_CMD_LINECARD_NEW                           = 0x50
 	DEVLINK_CMD_LINECARD_DEL                           = 0x51
 	DEVLINK_CMD_SELFTESTS_GET                          = 0x52
-	DEVLINK_CMD_MAX                                    = 0x53
+	DEVLINK_CMD_MAX                                    = 0x54
 	DEVLINK_PORT_TYPE_NOTSET                           = 0x0
 	DEVLINK_PORT_TYPE_AUTO                             = 0x1
 	DEVLINK_PORT_TYPE_ETH                              = 0x2
@@ -3463,7 +3510,7 @@ const (
 	DEVLINK_PORT_FN_ATTR_STATE                         = 0x2
 	DEVLINK_PORT_FN_ATTR_OPSTATE                       = 0x3
 	DEVLINK_PORT_FN_ATTR_CAPS                          = 0x4
-	DEVLINK_PORT_FUNCTION_ATTR_MAX                     = 0x5
+	DEVLINK_PORT_FUNCTION_ATTR_MAX                     = 0x6
 )
 
 type FsverityDigest struct {
@@ -3494,7 +3541,7 @@ type Nhmsg struct {
 type NexthopGrp struct {
 	Id     uint32
 	Weight uint8
-	Resvd1 uint8
+	High   uint8
 	Resvd2 uint16
 }
 
@@ -3755,7 +3802,7 @@ const (
 	ETHTOOL_MSG_PSE_GET                       = 0x24
 	ETHTOOL_MSG_PSE_SET                       = 0x25
 	ETHTOOL_MSG_RSS_GET                       = 0x26
-	ETHTOOL_MSG_USER_MAX                      = 0x2b
+	ETHTOOL_MSG_USER_MAX                      = 0x2d
 	ETHTOOL_MSG_KERNEL_NONE                   = 0x0
 	ETHTOOL_MSG_STRSET_GET_REPLY              = 0x1
 	ETHTOOL_MSG_LINKINFO_GET_REPLY            = 0x2
@@ -3795,12 +3842,15 @@ const (
 	ETHTOOL_MSG_MODULE_NTF                    = 0x24
 	ETHTOOL_MSG_PSE_GET_REPLY                 = 0x25
 	ETHTOOL_MSG_RSS_GET_REPLY                 = 0x26
-	ETHTOOL_MSG_KERNEL_MAX                    = 0x2b
+	ETHTOOL_MSG_KERNEL_MAX                    = 0x2e
+	ETHTOOL_FLAG_COMPACT_BITSETS              = 0x1
+	ETHTOOL_FLAG_OMIT_REPLY                   = 0x2
+	ETHTOOL_FLAG_STATS                        = 0x4
 	ETHTOOL_A_HEADER_UNSPEC                   = 0x0
 	ETHTOOL_A_HEADER_DEV_INDEX                = 0x1
 	ETHTOOL_A_HEADER_DEV_NAME                 = 0x2
 	ETHTOOL_A_HEADER_FLAGS                    = 0x3
-	ETHTOOL_A_HEADER_MAX                      = 0x3
+	ETHTOOL_A_HEADER_MAX                      = 0x4
 	ETHTOOL_A_BITSET_BIT_UNSPEC               = 0x0
 	ETHTOOL_A_BITSET_BIT_INDEX                = 0x1
 	ETHTOOL_A_BITSET_BIT_NAME                 = 0x2
@@ -3937,7 +3987,7 @@ const (
 	ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL   = 0x17
 	ETHTOOL_A_COALESCE_USE_CQE_MODE_TX        = 0x18
 	ETHTOOL_A_COALESCE_USE_CQE_MODE_RX        = 0x19
-	ETHTOOL_A_COALESCE_MAX                    = 0x1c
+	ETHTOOL_A_COALESCE_MAX                    = 0x1e
 	ETHTOOL_A_PAUSE_UNSPEC                    = 0x0
 	ETHTOOL_A_PAUSE_HEADER                    = 0x1
 	ETHTOOL_A_PAUSE_AUTONEG                   = 0x2
@@ -3965,7 +4015,7 @@ const (
 	ETHTOOL_A_TSINFO_TX_TYPES                 = 0x3
 	ETHTOOL_A_TSINFO_RX_FILTERS               = 0x4
 	ETHTOOL_A_TSINFO_PHC_INDEX                = 0x5
-	ETHTOOL_A_TSINFO_MAX                      = 0x5
+	ETHTOOL_A_TSINFO_MAX                      = 0x6
 	ETHTOOL_A_CABLE_TEST_UNSPEC               = 0x0
 	ETHTOOL_A_CABLE_TEST_HEADER               = 0x1
 	ETHTOOL_A_CABLE_TEST_MAX                  = 0x1
@@ -3981,11 +4031,11 @@ const (
 	ETHTOOL_A_CABLE_RESULT_UNSPEC             = 0x0
 	ETHTOOL_A_CABLE_RESULT_PAIR               = 0x1
 	ETHTOOL_A_CABLE_RESULT_CODE               = 0x2
-	ETHTOOL_A_CABLE_RESULT_MAX                = 0x2
+	ETHTOOL_A_CABLE_RESULT_MAX                = 0x3
 	ETHTOOL_A_CABLE_FAULT_LENGTH_UNSPEC       = 0x0
 	ETHTOOL_A_CABLE_FAULT_LENGTH_PAIR         = 0x1
 	ETHTOOL_A_CABLE_FAULT_LENGTH_CM           = 0x2
-	ETHTOOL_A_CABLE_FAULT_LENGTH_MAX          = 0x2
+	ETHTOOL_A_CABLE_FAULT_LENGTH_MAX          = 0x3
 	ETHTOOL_A_CABLE_TEST_NTF_STATUS_UNSPEC    = 0x0
 	ETHTOOL_A_CABLE_TEST_NTF_STATUS_STARTED   = 0x1
 	ETHTOOL_A_CABLE_TEST_NTF_STATUS_COMPLETED = 0x2
@@ -4068,6 +4118,107 @@ type EthtoolDrvinfo struct {
 	Regdump_len  uint32
 }
 
+type EthtoolTsInfo struct {
+	Cmd             uint32
+	So_timestamping uint32
+	Phc_index       int32
+	Tx_types        uint32
+	Tx_reserved     [3]uint32
+	Rx_filters      uint32
+	Rx_reserved     [3]uint32
+}
+
+type HwTstampConfig struct {
+	Flags     int32
+	Tx_type   int32
+	Rx_filter int32
+}
+
+const (
+	HWTSTAMP_FILTER_NONE            = 0x0
+	HWTSTAMP_FILTER_ALL             = 0x1
+	HWTSTAMP_FILTER_SOME            = 0x2
+	HWTSTAMP_FILTER_PTP_V1_L4_EVENT = 0x3
+	HWTSTAMP_FILTER_PTP_V2_L4_EVENT = 0x6
+	HWTSTAMP_FILTER_PTP_V2_L2_EVENT = 0x9
+	HWTSTAMP_FILTER_PTP_V2_EVENT    = 0xc
+)
+
+const (
+	HWTSTAMP_TX_OFF          = 0x0
+	HWTSTAMP_TX_ON           = 0x1
+	HWTSTAMP_TX_ONESTEP_SYNC = 0x2
+)
+
+type (
+	PtpClockCaps struct {
+		Max_adj            int32
+		N_alarm            int32
+		N_ext_ts           int32
+		N_per_out          int32
+		Pps                int32
+		N_pins             int32
+		Cross_timestamping int32
+		Adjust_phase       int32
+		Max_phase_adj      int32
+		Rsv                [11]int32
+	}
+	PtpClockTime struct {
+		Sec      int64
+		Nsec     uint32
+		Reserved uint32
+	}
+	PtpExttsEvent struct {
+		T     PtpClockTime
+		Index uint32
+		Flags uint32
+		Rsv   [2]uint32
+	}
+	PtpExttsRequest struct {
+		Index uint32
+		Flags uint32
+		Rsv   [2]uint32
+	}
+	PtpPeroutRequest struct {
+		StartOrPhase PtpClockTime
+		Period       PtpClockTime
+		Index        uint32
+		Flags        uint32
+		On           PtpClockTime
+	}
+	PtpPinDesc struct {
+		Name  [64]byte
+		Index uint32
+		Func  uint32
+		Chan  uint32
+		Rsv   [5]uint32
+	}
+	PtpSysOffset struct {
+		Samples uint32
+		Rsv     [3]uint32
+		Ts      [51]PtpClockTime
+	}
+	PtpSysOffsetExtended struct {
+		Samples uint32
+		Clockid int32
+		Rsv     [2]uint32
+		Ts      [25][3]PtpClockTime
+	}
+	PtpSysOffsetPrecise struct {
+		Device   PtpClockTime
+		Realtime PtpClockTime
+		Monoraw  PtpClockTime
+		Rsv      [4]uint32
+	}
+)
+
+const (
+	PTP_PF_NONE    = 0x0
+	PTP_PF_EXTTS   = 0x1
+	PTP_PF_PEROUT  = 0x2
+	PTP_PF_PHYSYNC = 0x3
+)
+
 type (
 	HIDRawReportDescriptor struct {
 		Size  uint32
@@ -4249,6 +4400,7 @@ const (
 type LandlockRulesetAttr struct {
 	Access_fs  uint64
 	Access_net uint64
+	Scoped     uint64
 }
 
 type LandlockPathBeneathAttr struct {
@@ -4595,7 +4747,7 @@ const (
 	NL80211_ATTR_MAC_HINT                                   = 0xc8
 	NL80211_ATTR_MAC_MASK                                   = 0xd7
 	NL80211_ATTR_MAX_AP_ASSOC_STA                           = 0xca
-	NL80211_ATTR_MAX                                        = 0x146
+	NL80211_ATTR_MAX                                        = 0x14c
 	NL80211_ATTR_MAX_CRIT_PROT_DURATION                     = 0xb4
 	NL80211_ATTR_MAX_CSA_COUNTERS                           = 0xce
 	NL80211_ATTR_MAX_MATCH_SETS                             = 0x85
@@ -4861,7 +5013,7 @@ const (
 	NL80211_BSS_FREQUENCY_OFFSET                            = 0x14
 	NL80211_BSS_INFORMATION_ELEMENTS                        = 0x6
 	NL80211_BSS_LAST_SEEN_BOOTTIME                          = 0xf
-	NL80211_BSS_MAX                                         = 0x16
+	NL80211_BSS_MAX                                         = 0x18
 	NL80211_BSS_MLD_ADDR                                    = 0x16
 	NL80211_BSS_MLO_LINK_ID                                 = 0x15
 	NL80211_BSS_PAD                                         = 0x10
@@ -4965,7 +5117,7 @@ const (
 	NL80211_CMD_LEAVE_IBSS                                  = 0x2c
 	NL80211_CMD_LEAVE_MESH                                  = 0x45
 	NL80211_CMD_LEAVE_OCB                                   = 0x6d
-	NL80211_CMD_MAX                                         = 0x9a
+	NL80211_CMD_MAX                                         = 0x9b
 	NL80211_CMD_MICHAEL_MIC_FAILURE                         = 0x29
 	NL80211_CMD_MODIFY_LINK_STA                             = 0x97
 	NL80211_CMD_NAN_MATCH                                   = 0x78
@@ -5199,7 +5351,7 @@ const (
 	NL80211_FREQUENCY_ATTR_GO_CONCURRENT                    = 0xf
 	NL80211_FREQUENCY_ATTR_INDOOR_ONLY                      = 0xe
 	NL80211_FREQUENCY_ATTR_IR_CONCURRENT                    = 0xf
-	NL80211_FREQUENCY_ATTR_MAX                              = 0x1c
+	NL80211_FREQUENCY_ATTR_MAX                              = 0x21
 	NL80211_FREQUENCY_ATTR_MAX_TX_POWER                     = 0x6
 	NL80211_FREQUENCY_ATTR_NO_10MHZ                         = 0x11
 	NL80211_FREQUENCY_ATTR_NO_160MHZ                        = 0xc
@@ -5693,7 +5845,7 @@ const (
 	NL80211_STA_FLAG_ASSOCIATED                             = 0x7
 	NL80211_STA_FLAG_AUTHENTICATED                          = 0x5
 	NL80211_STA_FLAG_AUTHORIZED                             = 0x1
-	NL80211_STA_FLAG_MAX                                    = 0x7
+	NL80211_STA_FLAG_MAX                                    = 0x8
 	NL80211_STA_FLAG_MAX_OLD_API                            = 0x6
 	NL80211_STA_FLAG_MFP                                    = 0x4
 	NL80211_STA_FLAG_SHORT_PREAMBLE                         = 0x2
@@ -5991,3 +6143,34 @@ type CachestatRange struct {
 	Off uint64
 	Len uint64
 }
+
+const (
+	SK_MEMINFO_RMEM_ALLOC          = 0x0
+	SK_MEMINFO_RCVBUF              = 0x1
+	SK_MEMINFO_WMEM_ALLOC          = 0x2
+	SK_MEMINFO_SNDBUF              = 0x3
+	SK_MEMINFO_FWD_ALLOC           = 0x4
+	SK_MEMINFO_WMEM_QUEUED         = 0x5
+	SK_MEMINFO_OPTMEM              = 0x6
+	SK_MEMINFO_BACKLOG             = 0x7
+	SK_MEMINFO_DROPS               = 0x8
+	SK_MEMINFO_VARS                = 0x9
+	SKNLGRP_NONE                   = 0x0
+	SKNLGRP_INET_TCP_DESTROY       = 0x1
+	SKNLGRP_INET_UDP_DESTROY       = 0x2
+	SKNLGRP_INET6_TCP_DESTROY      = 0x3
+	SKNLGRP_INET6_UDP_DESTROY      = 0x4
+	SK_DIAG_BPF_STORAGE_REQ_NONE   = 0x0
+	SK_DIAG_BPF_STORAGE_REQ_MAP_FD = 0x1
+	SK_DIAG_BPF_STORAGE_REP_NONE   = 0x0
+	SK_DIAG_BPF_STORAGE            = 0x1
+	SK_DIAG_BPF_STORAGE_NONE       = 0x0
+	SK_DIAG_BPF_STORAGE_PAD        = 0x1
+	SK_DIAG_BPF_STORAGE_MAP_ID     = 0x2
+	SK_DIAG_BPF_STORAGE_MAP_VALUE  = 0x3
+)
+
+type SockDiagReq struct {
+	Family   uint8
+	Protocol uint8
+}
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
index 438a30aff..fd402da43 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
@@ -477,14 +477,6 @@ const (
 	BLKPG = 0x1269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
index adceca355..eb7a5e186 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
@@ -492,15 +492,6 @@ const (
 	BLKPG = 0x1269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
index eeaa00a37..d78ac108b 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
@@ -470,15 +470,6 @@ const (
 	BLKPG = 0x1269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
index 6739aa91d..cd06d47f1 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
@@ -471,15 +471,6 @@ const (
 	BLKPG = 0x1269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
index 9920ef631..2f28fe26c 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
@@ -472,15 +472,6 @@ const (
 	BLKPG = 0x1269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
index 2923b799a..71d6cac2f 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
@@ -476,15 +476,6 @@ const (
 	BLKPG = 0x20001269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
index ce2750ee4..8596d4535 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
@@ -474,15 +474,6 @@ const (
 	BLKPG = 0x20001269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
index 3038811d7..cd60ea186 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
@@ -474,15 +474,6 @@ const (
 	BLKPG = 0x20001269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
index efc6fed18..b0ae420c4 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
@@ -476,15 +476,6 @@ const (
 	BLKPG = 0x20001269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
index 9a654b75a..835972875 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
@@ -482,15 +482,6 @@ const (
 	BLKPG = 0x20001269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
index 40d358e33..69eb6a5c6 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
@@ -481,15 +481,6 @@ const (
 	BLKPG = 0x20001269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
index 148c6ceb8..5f583cb62 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
@@ -481,15 +481,6 @@ const (
 	BLKPG = 0x20001269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
index 72ba81543..ad05b51a6 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
@@ -499,15 +499,6 @@ const (
 	BLKPG = 0x1269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
@@ -736,6 +727,37 @@ const (
 	RISCV_HWPROBE_EXT_ZBA                = 0x8
 	RISCV_HWPROBE_EXT_ZBB                = 0x10
 	RISCV_HWPROBE_EXT_ZBS                = 0x20
+	RISCV_HWPROBE_EXT_ZICBOZ             = 0x40
+	RISCV_HWPROBE_EXT_ZBC                = 0x80
+	RISCV_HWPROBE_EXT_ZBKB               = 0x100
+	RISCV_HWPROBE_EXT_ZBKC               = 0x200
+	RISCV_HWPROBE_EXT_ZBKX               = 0x400
+	RISCV_HWPROBE_EXT_ZKND               = 0x800
+	RISCV_HWPROBE_EXT_ZKNE               = 0x1000
+	RISCV_HWPROBE_EXT_ZKNH               = 0x2000
+	RISCV_HWPROBE_EXT_ZKSED              = 0x4000
+	RISCV_HWPROBE_EXT_ZKSH               = 0x8000
+	RISCV_HWPROBE_EXT_ZKT                = 0x10000
+	RISCV_HWPROBE_EXT_ZVBB               = 0x20000
+	RISCV_HWPROBE_EXT_ZVBC               = 0x40000
+	RISCV_HWPROBE_EXT_ZVKB               = 0x80000
+	RISCV_HWPROBE_EXT_ZVKG               = 0x100000
+	RISCV_HWPROBE_EXT_ZVKNED             = 0x200000
+	RISCV_HWPROBE_EXT_ZVKNHA             = 0x400000
+	RISCV_HWPROBE_EXT_ZVKNHB             = 0x800000
+	RISCV_HWPROBE_EXT_ZVKSED             = 0x1000000
+	RISCV_HWPROBE_EXT_ZVKSH              = 0x2000000
+	RISCV_HWPROBE_EXT_ZVKT               = 0x4000000
+	RISCV_HWPROBE_EXT_ZFH                = 0x8000000
+	RISCV_HWPROBE_EXT_ZFHMIN             = 0x10000000
+	RISCV_HWPROBE_EXT_ZIHINTNTL          = 0x20000000
+	RISCV_HWPROBE_EXT_ZVFH               = 0x40000000
+	RISCV_HWPROBE_EXT_ZVFHMIN            = 0x80000000
+	RISCV_HWPROBE_EXT_ZFA                = 0x100000000
+	RISCV_HWPROBE_EXT_ZTSO               = 0x200000000
+	RISCV_HWPROBE_EXT_ZACAS              = 0x400000000
+	RISCV_HWPROBE_EXT_ZICOND             = 0x800000000
+	RISCV_HWPROBE_EXT_ZIHINTPAUSE        = 0x1000000000
 	RISCV_HWPROBE_KEY_CPUPERF_0          = 0x5
 	RISCV_HWPROBE_MISALIGNED_UNKNOWN     = 0x0
 	RISCV_HWPROBE_MISALIGNED_EMULATED    = 0x1
@@ -743,4 +765,6 @@ const (
 	RISCV_HWPROBE_MISALIGNED_FAST        = 0x3
 	RISCV_HWPROBE_MISALIGNED_UNSUPPORTED = 0x4
 	RISCV_HWPROBE_MISALIGNED_MASK        = 0x7
+	RISCV_HWPROBE_KEY_ZICBOZ_BLOCK_SIZE  = 0x6
+	RISCV_HWPROBE_WHICH_CPUS             = 0x1
 )
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
index 71e765508..cf3ce9003 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
@@ -495,15 +495,6 @@ const (
 	BLKPG = 0x1269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
index 4abbdb9de..590b56739 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
@@ -476,15 +476,6 @@ const (
 	BLKPG = 0x20001269
 )
 
-type XDPUmemReg struct {
-	Addr     uint64
-	Len      uint64
-	Size     uint32
-	Headroom uint32
-	Flags    uint32
-	_        [4]byte
-}
-
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
index 54f31be63..2e5d5a443 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
@@ -25,10 +25,13 @@ const (
 	SizeofIPv6Mreq      = 20
 	SizeofICMPv6Filter  = 32
 	SizeofIPv6MTUInfo   = 32
+	SizeofInet4Pktinfo  = 8
+	SizeofInet6Pktinfo  = 20
 	SizeofLinger        = 8
 	SizeofSockaddrInet4 = 16
 	SizeofSockaddrInet6 = 28
 	SizeofTCPInfo       = 0x68
+	SizeofUcred         = 12
 )
 
 type (
@@ -69,12 +72,17 @@ type Utimbuf struct {
 }
 
 type Utsname struct {
-	Sysname    [65]byte
-	Nodename   [65]byte
-	Release    [65]byte
-	Version    [65]byte
-	Machine    [65]byte
-	Domainname [65]byte
+	Sysname  [16]byte
+	Nodename [32]byte
+	Release  [8]byte
+	Version  [8]byte
+	Machine  [16]byte
+}
+
+type Ucred struct {
+	Pid int32
+	Uid uint32
+	Gid uint32
 }
 
 type RawSockaddrInet4 struct {
@@ -325,7 +333,7 @@ type Statvfs_t struct {
 }
 
 type Statfs_t struct {
-	Type    uint32
+	Type    uint64
 	Bsize   uint64
 	Blocks  uint64
 	Bfree   uint64
@@ -336,6 +344,7 @@ type Statfs_t struct {
 	Namelen uint64
 	Frsize  uint64
 	Flags   uint64
+	_       [4]uint64
 }
 
 type direntLE struct {
@@ -368,6 +377,12 @@ type Flock_t struct {
 	Pid    int32
 }
 
+type F_cnvrt struct {
+	Cvtcmd int32
+	Pccsid int16
+	Fccsid int16
+}
+
 type Termios struct {
 	Cflag uint32
 	Iflag uint32
@@ -412,3 +427,126 @@ type W_Mntent struct {
 	Quiesceowner [8]byte
 	_            [38]byte
 }
+
+type EpollEvent struct {
+	Events uint32
+	_      int32
+	Fd     int32
+	Pad    int32
+}
+
+type InotifyEvent struct {
+	Wd     int32
+	Mask   uint32
+	Cookie uint32
+	Len    uint32
+	Name   string
+}
+
+const (
+	SizeofInotifyEvent = 0x10
+)
+
+type ConsMsg2 struct {
+	Cm2Format       uint16
+	Cm2R1           uint16
+	Cm2Msglength    uint32
+	Cm2Msg          *byte
+	Cm2R2           [4]byte
+	Cm2R3           [4]byte
+	Cm2Routcde      *uint32
+	Cm2Descr        *uint32
+	Cm2Msgflag      uint32
+	Cm2Token        uint32
+	Cm2Msgid        *uint32
+	Cm2R4           [4]byte
+	Cm2DomToken     uint32
+	Cm2DomMsgid     *uint32
+	Cm2ModCartptr   *byte
+	Cm2ModConsidptr *byte
+	Cm2MsgCart      [8]byte
+	Cm2MsgConsid    [4]byte
+	Cm2R5           [12]byte
+}
+
+const (
+	CC_modify        = 1
+	CC_stop          = 2
+	CONSOLE_FORMAT_2 = 2
+	CONSOLE_FORMAT_3 = 3
+	CONSOLE_HRDCPY   = 0x80000000
+)
+
+type OpenHow struct {
+	Flags   uint64
+	Mode    uint64
+	Resolve uint64
+}
+
+const SizeofOpenHow = 0x18
+
+const (
+	RESOLVE_CACHED        = 0x20
+	RESOLVE_BENEATH       = 0x8
+	RESOLVE_IN_ROOT       = 0x10
+	RESOLVE_NO_MAGICLINKS = 0x2
+	RESOLVE_NO_SYMLINKS   = 0x4
+	RESOLVE_NO_XDEV       = 0x1
+)
+
+type Siginfo struct {
+	Signo int32
+	Errno int32
+	Code  int32
+	Pid   int32
+	Uid   uint32
+	_     [44]byte
+}
+
+type SysvIpcPerm struct {
+	Uid  uint32
+	Gid  uint32
+	Cuid uint32
+	Cgid uint32
+	Mode int32
+}
+
+type SysvShmDesc struct {
+	Perm   SysvIpcPerm
+	_      [4]byte
+	Lpid   int32
+	Cpid   int32
+	Nattch uint32
+	_      [4]byte
+	_      [4]byte
+	_      [4]byte
+	_      int32
+	_      uint8
+	_      uint8
+	_      uint16
+	_      *byte
+	Segsz  uint64
+	Atime  Time_t
+	Dtime  Time_t
+	Ctime  Time_t
+}
+
+type SysvShmDesc64 struct {
+	Perm   SysvIpcPerm
+	_      [4]byte
+	Lpid   int32
+	Cpid   int32
+	Nattch uint32
+	_      [4]byte
+	_      [4]byte
+	_      [4]byte
+	_      int32
+	_      byte
+	_      uint8
+	_      uint16
+	_      *byte
+	Segsz  uint64
+	Atime  int64
+	Dtime  int64
+	Ctime  int64
+}
diff --git a/vendor/golang.org/x/sys/windows/aliases.go b/vendor/golang.org/x/sys/windows/aliases.go
index ce2d713d6..16f90560a 100644
--- a/vendor/golang.org/x/sys/windows/aliases.go
+++ b/vendor/golang.org/x/sys/windows/aliases.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build windows && go1.9
+//go:build windows
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/dll_windows.go b/vendor/golang.org/x/sys/windows/dll_windows.go
index 115341fba..3ca814f54 100644
--- a/vendor/golang.org/x/sys/windows/dll_windows.go
+++ b/vendor/golang.org/x/sys/windows/dll_windows.go
@@ -43,8 +43,8 @@ type DLL struct {
 // LoadDLL loads DLL file into memory.
 //
 // Warning: using LoadDLL without an absolute path name is subject to
-// DLL preloading attacks. To safely load a system DLL, use LazyDLL
-// with System set to true, or use LoadLibraryEx directly.
+// DLL preloading attacks. To safely load a system DLL, use [NewLazySystemDLL],
+// or use [LoadLibraryEx] directly.
 func LoadDLL(name string) (dll *DLL, err error) {
 	namep, err := UTF16PtrFromString(name)
 	if err != nil {
@@ -65,7 +65,7 @@ func LoadDLL(name string) (dll *DLL, err error) {
 	return d, nil
 }
 
-// MustLoadDLL is like LoadDLL but panics if load operation failes.
+// MustLoadDLL is like LoadDLL but panics if load operation fails.
 func MustLoadDLL(name string) *DLL {
 	d, e := LoadDLL(name)
 	if e != nil {
@@ -271,6 +271,9 @@ func (d *LazyDLL) NewProc(name string) *LazyProc {
 }
 
 // NewLazyDLL creates new LazyDLL associated with DLL file.
+//
+// Warning: using NewLazyDLL without an absolute path name is subject to
+// DLL preloading attacks. To safely load a system DLL, use [NewLazySystemDLL].
 func NewLazyDLL(name string) *LazyDLL {
 	return &LazyDLL{Name: name}
 }
@@ -410,7 +413,3 @@ func loadLibraryEx(name string, system bool) (*DLL, error) {
 	}
 	return &DLL{Name: name, Handle: h}, nil
 }
-
-type errString string
-
-func (s errString) Error() string { return string(s) }
diff --git a/vendor/golang.org/x/sys/windows/empty.s b/vendor/golang.org/x/sys/windows/empty.s
deleted file mode 100644
index ba64caca5..000000000
--- a/vendor/golang.org/x/sys/windows/empty.s
+++ /dev/null
@@ -1,8 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !go1.12
-
-// This file is here to allow bodyless functions with go:linkname for Go 1.11
-// and earlier (see https://golang.org/issue/23311).
diff --git a/vendor/golang.org/x/sys/windows/security_windows.go b/vendor/golang.org/x/sys/windows/security_windows.go
index 26be94a8a..b6e1ab76f 100644
--- a/vendor/golang.org/x/sys/windows/security_windows.go
+++ b/vendor/golang.org/x/sys/windows/security_windows.go
@@ -68,6 +68,7 @@ type UserInfo10 struct {
 //sys	NetUserGetInfo(serverName *uint16, userName *uint16, level uint32, buf **byte) (neterr error) = netapi32.NetUserGetInfo
 //sys	NetGetJoinInformation(server *uint16, name **uint16, bufType *uint32) (neterr error) = netapi32.NetGetJoinInformation
 //sys	NetApiBufferFree(buf *byte) (neterr error) = netapi32.NetApiBufferFree
+//sys   NetUserEnum(serverName *uint16, level uint32, filter uint32, buf **byte, prefMaxLen uint32, entriesRead *uint32, totalEntries *uint32, resumeHandle *uint32) (neterr error) = netapi32.NetUserEnum
 
 const (
 	// do not reorder
@@ -893,7 +894,7 @@ type ACL struct {
 	aclRevision byte
 	sbz1        byte
 	aclSize     uint16
-	aceCount    uint16
+	AceCount    uint16
 	sbz2        uint16
 }
 
@@ -1086,6 +1087,27 @@ type EXPLICIT_ACCESS struct {
 	Trustee           TRUSTEE
 }
 
+// https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-ace_header
+type ACE_HEADER struct {
+	AceType  uint8
+	AceFlags uint8
+	AceSize  uint16
+}
+
+// https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-access_allowed_ace
+type ACCESS_ALLOWED_ACE struct {
+	Header   ACE_HEADER
+	Mask     ACCESS_MASK
+	SidStart uint32
+}
+
+const (
+	// Constants for AceType
+	// https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-ace_header
+	ACCESS_ALLOWED_ACE_TYPE = 0
+	ACCESS_DENIED_ACE_TYPE  = 1
+)
+
 // This type is the union inside of TRUSTEE and must be created using one of the TrusteeValueFrom* functions.
 type TrusteeValue uintptr
 
@@ -1157,6 +1179,7 @@ type OBJECTS_AND_NAME struct {
 //sys	makeSelfRelativeSD(absoluteSD *SECURITY_DESCRIPTOR, selfRelativeSD *SECURITY_DESCRIPTOR, selfRelativeSDSize *uint32) (err error) = advapi32.MakeSelfRelativeSD
 
 //sys	setEntriesInAcl(countExplicitEntries uint32, explicitEntries *EXPLICIT_ACCESS, oldACL *ACL, newACL **ACL) (ret error) = advapi32.SetEntriesInAclW
+//sys	GetAce(acl *ACL, aceIndex uint32, pAce **ACCESS_ALLOWED_ACE) (err error) = advapi32.GetAce
 
 // Control returns the security descriptor control bits.
 func (sd *SECURITY_DESCRIPTOR) Control() (control SECURITY_DESCRIPTOR_CONTROL, revision uint32, err error) {
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 6395a031d..4a3254386 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -17,8 +17,10 @@ import (
 	"unsafe"
 )
 
-type Handle uintptr
-type HWND uintptr
+type (
+	Handle uintptr
+	HWND   uintptr
+)
 
 const (
 	InvalidHandle = ^Handle(0)
@@ -165,6 +167,9 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	CreateFile(name *uint16, access uint32, mode uint32, sa *SecurityAttributes, createmode uint32, attrs uint32, templatefile Handle) (handle Handle, err error) [failretval==InvalidHandle] = CreateFileW
 //sys	CreateNamedPipe(name *uint16, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *SecurityAttributes) (handle Handle, err error)  [failretval==InvalidHandle] = CreateNamedPipeW
 //sys	ConnectNamedPipe(pipe Handle, overlapped *Overlapped) (err error)
+//sys	DisconnectNamedPipe(pipe Handle) (err error)
+//sys   GetNamedPipeClientProcessId(pipe Handle, clientProcessID *uint32) (err error)
+//sys   GetNamedPipeServerProcessId(pipe Handle, serverProcessID *uint32) (err error)
 //sys	GetNamedPipeInfo(pipe Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error)
 //sys	GetNamedPipeHandleState(pipe Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) = GetNamedPipeHandleStateW
 //sys	SetNamedPipeHandleState(pipe Handle, state *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32) (err error) = SetNamedPipeHandleState
@@ -210,6 +215,10 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	OpenProcess(desiredAccess uint32, inheritHandle bool, processId uint32) (handle Handle, err error)
 //sys	ShellExecute(hwnd Handle, verb *uint16, file *uint16, args *uint16, cwd *uint16, showCmd int32) (err error) [failretval<=32] = shell32.ShellExecuteW
 //sys	GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32, err error) = user32.GetWindowThreadProcessId
+//sys	LoadKeyboardLayout(name *uint16, flags uint32) (hkl Handle, err error) [failretval==0] = user32.LoadKeyboardLayoutW
+//sys	UnloadKeyboardLayout(hkl Handle) (err error) = user32.UnloadKeyboardLayout
+//sys	GetKeyboardLayout(tid uint32) (hkl Handle) = user32.GetKeyboardLayout
+//sys	ToUnicodeEx(vkey uint32, scancode uint32, keystate *byte, pwszBuff *uint16, cchBuff int32, flags uint32, hkl Handle) (ret int32) = user32.ToUnicodeEx
 //sys	GetShellWindow() (shellWindow HWND) = user32.GetShellWindow
 //sys	MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) [failretval==0] = user32.MessageBoxW
 //sys	ExitWindowsEx(flags uint32, reason uint32) (err error) = user32.ExitWindowsEx
@@ -306,6 +315,10 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	SetConsoleMode(console Handle, mode uint32) (err error) = kernel32.SetConsoleMode
 //sys	GetConsoleScreenBufferInfo(console Handle, info *ConsoleScreenBufferInfo) (err error) = kernel32.GetConsoleScreenBufferInfo
 //sys	setConsoleCursorPosition(console Handle, position uint32) (err error) = kernel32.SetConsoleCursorPosition
+//sys	GetConsoleCP() (cp uint32, err error) = kernel32.GetConsoleCP
+//sys	GetConsoleOutputCP() (cp uint32, err error) = kernel32.GetConsoleOutputCP
+//sys	SetConsoleCP(cp uint32) (err error) = kernel32.SetConsoleCP
+//sys	SetConsoleOutputCP(cp uint32) (err error) = kernel32.SetConsoleOutputCP
 //sys	WriteConsole(console Handle, buf *uint16, towrite uint32, written *uint32, reserved *byte) (err error) = kernel32.WriteConsoleW
 //sys	ReadConsole(console Handle, buf *uint16, toread uint32, read *uint32, inputControl *byte) (err error) = kernel32.ReadConsoleW
 //sys	resizePseudoConsole(pconsole Handle, size uint32) (hr error) = kernel32.ResizePseudoConsole
@@ -348,8 +361,19 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	SetProcessPriorityBoost(process Handle, disable bool) (err error) = kernel32.SetProcessPriorityBoost
 //sys	GetProcessWorkingSetSizeEx(hProcess Handle, lpMinimumWorkingSetSize *uintptr, lpMaximumWorkingSetSize *uintptr, flags *uint32)
 //sys	SetProcessWorkingSetSizeEx(hProcess Handle, dwMinimumWorkingSetSize uintptr, dwMaximumWorkingSetSize uintptr, flags uint32) (err error)
+//sys	ClearCommBreak(handle Handle) (err error)
+//sys	ClearCommError(handle Handle, lpErrors *uint32, lpStat *ComStat) (err error)
+//sys	EscapeCommFunction(handle Handle, dwFunc uint32) (err error)
+//sys	GetCommState(handle Handle, lpDCB *DCB) (err error)
+//sys	GetCommModemStatus(handle Handle, lpModemStat *uint32) (err error)
 //sys	GetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error)
+//sys	PurgeComm(handle Handle, dwFlags uint32) (err error)
+//sys	SetCommBreak(handle Handle) (err error)
+//sys	SetCommMask(handle Handle, dwEvtMask uint32) (err error)
+//sys	SetCommState(handle Handle, lpDCB *DCB) (err error)
 //sys	SetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error)
+//sys	SetupComm(handle Handle, dwInQueue uint32, dwOutQueue uint32) (err error)
+//sys	WaitCommEvent(handle Handle, lpEvtMask *uint32, lpOverlapped *Overlapped) (err error)
 //sys	GetActiveProcessorCount(groupNumber uint16) (ret uint32)
 //sys	GetMaximumProcessorCount(groupNumber uint16) (ret uint32)
 //sys	EnumWindows(enumFunc uintptr, param unsafe.Pointer) (err error) = user32.EnumWindows
@@ -703,20 +727,12 @@ func DurationSinceBoot() time.Duration {
 }
 
 func Ftruncate(fd Handle, length int64) (err error) {
-	curoffset, e := Seek(fd, 0, 1)
-	if e != nil {
-		return e
-	}
-	defer Seek(fd, curoffset, 0)
-	_, e = Seek(fd, length, 0)
-	if e != nil {
-		return e
+	type _FILE_END_OF_FILE_INFO struct {
+		EndOfFile int64
 	}
-	e = SetEndOfFile(fd)
-	if e != nil {
-		return e
-	}
-	return nil
+	var info _FILE_END_OF_FILE_INFO
+	info.EndOfFile = length
+	return SetFileInformationByHandle(fd, FileEndOfFileInfo, (*byte)(unsafe.Pointer(&info)), uint32(unsafe.Sizeof(info)))
 }
 
 func Gettimeofday(tv *Timeval) (err error) {
@@ -872,6 +888,11 @@ const socket_error = uintptr(^uint32(0))
 //sys	GetACP() (acp uint32) = kernel32.GetACP
 //sys	MultiByteToWideChar(codePage uint32, dwFlags uint32, str *byte, nstr int32, wchar *uint16, nwchar int32) (nwrite int32, err error) = kernel32.MultiByteToWideChar
 //sys	getBestInterfaceEx(sockaddr unsafe.Pointer, pdwBestIfIndex *uint32) (errcode error) = iphlpapi.GetBestInterfaceEx
+//sys   GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) = iphlpapi.GetIfEntry2Ex
+//sys   GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) = iphlpapi.GetUnicastIpAddressEntry
+//sys   NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyIpInterfaceChange
+//sys   NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyUnicastIpAddressChange
+//sys   CancelMibChangeNotify2(notificationHandle Handle) (errcode error) = iphlpapi.CancelMibChangeNotify2
 
 // For testing: clients can set this flag to force
 // creation of IPv6 sockets to return EAFNOSUPPORT.
@@ -1356,9 +1377,11 @@ func SetsockoptLinger(fd Handle, level, opt int, l *Linger) (err error) {
 func SetsockoptInet4Addr(fd Handle, level, opt int, value [4]byte) (err error) {
 	return Setsockopt(fd, int32(level), int32(opt), (*byte)(unsafe.Pointer(&value[0])), 4)
 }
+
 func SetsockoptIPMreq(fd Handle, level, opt int, mreq *IPMreq) (err error) {
 	return Setsockopt(fd, int32(level), int32(opt), (*byte)(unsafe.Pointer(mreq)), int32(unsafe.Sizeof(*mreq)))
 }
+
 func SetsockoptIPv6Mreq(fd Handle, level, opt int, mreq *IPv6Mreq) (err error) {
 	return syscall.EWINDOWS
 }
@@ -1661,13 +1684,16 @@ func (s NTStatus) Error() string {
 // do not use NTUnicodeString, and instead UTF16PtrFromString should be used for
 // the more common *uint16 string type.
 func NewNTUnicodeString(s string) (*NTUnicodeString, error) {
-	var u NTUnicodeString
-	s16, err := UTF16PtrFromString(s)
+	s16, err := UTF16FromString(s)
 	if err != nil {
 		return nil, err
 	}
-	RtlInitUnicodeString(&u, s16)
-	return &u, nil
+	n := uint16(len(s16) * 2)
+	return &NTUnicodeString{
+		Length:        n - 2, // subtract 2 bytes for the NULL terminator
+		MaximumLength: n,
+		Buffer:        &s16[0],
+	}, nil
 }
 
 // Slice returns a uint16 slice that aliases the data in the NTUnicodeString.
@@ -1834,3 +1860,73 @@ func ResizePseudoConsole(pconsole Handle, size Coord) error {
 	// accept arguments that can be casted to uintptr, and Coord can't.
 	return resizePseudoConsole(pconsole, *((*uint32)(unsafe.Pointer(&size))))
 }
+
+// DCB constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/ns-winbase-dcb.
+const (
+	CBR_110    = 110
+	CBR_300    = 300
+	CBR_600    = 600
+	CBR_1200   = 1200
+	CBR_2400   = 2400
+	CBR_4800   = 4800
+	CBR_9600   = 9600
+	CBR_14400  = 14400
+	CBR_19200  = 19200
+	CBR_38400  = 38400
+	CBR_57600  = 57600
+	CBR_115200 = 115200
+	CBR_128000 = 128000
+	CBR_256000 = 256000
+
+	DTR_CONTROL_DISABLE   = 0x00000000
+	DTR_CONTROL_ENABLE    = 0x00000010
+	DTR_CONTROL_HANDSHAKE = 0x00000020
+
+	RTS_CONTROL_DISABLE   = 0x00000000
+	RTS_CONTROL_ENABLE    = 0x00001000
+	RTS_CONTROL_HANDSHAKE = 0x00002000
+	RTS_CONTROL_TOGGLE    = 0x00003000
+
+	NOPARITY    = 0
+	ODDPARITY   = 1
+	EVENPARITY  = 2
+	MARKPARITY  = 3
+	SPACEPARITY = 4
+
+	ONESTOPBIT   = 0
+	ONE5STOPBITS = 1
+	TWOSTOPBITS  = 2
+)
+
+// EscapeCommFunction constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-escapecommfunction.
+const (
+	SETXOFF  = 1
+	SETXON   = 2
+	SETRTS   = 3
+	CLRRTS   = 4
+	SETDTR   = 5
+	CLRDTR   = 6
+	SETBREAK = 8
+	CLRBREAK = 9
+)
+
+// PurgeComm constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-purgecomm.
+const (
+	PURGE_TXABORT = 0x0001
+	PURGE_RXABORT = 0x0002
+	PURGE_TXCLEAR = 0x0004
+	PURGE_RXCLEAR = 0x0008
+)
+
+// SetCommMask constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-setcommmask.
+const (
+	EV_RXCHAR  = 0x0001
+	EV_RXFLAG  = 0x0002
+	EV_TXEMPTY = 0x0004
+	EV_CTS     = 0x0008
+	EV_DSR     = 0x0010
+	EV_RLSD    = 0x0020
+	EV_BREAK   = 0x0040
+	EV_ERR     = 0x0080
+	EV_RING    = 0x0100
+)
diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go
index 359780f6a..9d138de5f 100644
--- a/vendor/golang.org/x/sys/windows/types_windows.go
+++ b/vendor/golang.org/x/sys/windows/types_windows.go
@@ -176,6 +176,7 @@ const (
 	WAIT_FAILED    = 0xFFFFFFFF
 
 	// Access rights for process.
+	PROCESS_ALL_ACCESS                = 0xFFFF
 	PROCESS_CREATE_PROCESS            = 0x0080
 	PROCESS_CREATE_THREAD             = 0x0002
 	PROCESS_DUP_HANDLE                = 0x0040
@@ -1060,6 +1061,7 @@ const (
 	SIO_GET_EXTENSION_FUNCTION_POINTER = IOC_INOUT | IOC_WS2 | 6
 	SIO_KEEPALIVE_VALS                 = IOC_IN | IOC_VENDOR | 4
 	SIO_UDP_CONNRESET                  = IOC_IN | IOC_VENDOR | 12
+	SIO_UDP_NETRESET                   = IOC_IN | IOC_VENDOR | 15
 
 	// cf. http://support.microsoft.com/default.aspx?scid=kb;en-us;257460
 
@@ -2003,7 +2005,21 @@ const (
 	MOVEFILE_FAIL_IF_NOT_TRACKABLE = 0x20
 )
 
-const GAA_FLAG_INCLUDE_PREFIX = 0x00000010
+// Flags for GetAdaptersAddresses, see
+// https://learn.microsoft.com/en-us/windows/win32/api/iphlpapi/nf-iphlpapi-getadaptersaddresses.
+const (
+	GAA_FLAG_SKIP_UNICAST                = 0x1
+	GAA_FLAG_SKIP_ANYCAST                = 0x2
+	GAA_FLAG_SKIP_MULTICAST              = 0x4
+	GAA_FLAG_SKIP_DNS_SERVER             = 0x8
+	GAA_FLAG_INCLUDE_PREFIX              = 0x10
+	GAA_FLAG_SKIP_FRIENDLY_NAME          = 0x20
+	GAA_FLAG_INCLUDE_WINS_INFO           = 0x40
+	GAA_FLAG_INCLUDE_GATEWAYS            = 0x80
+	GAA_FLAG_INCLUDE_ALL_INTERFACES      = 0x100
+	GAA_FLAG_INCLUDE_ALL_COMPARTMENTS    = 0x200
+	GAA_FLAG_INCLUDE_TUNNEL_BINDINGORDER = 0x400
+)
 
 const (
 	IF_TYPE_OTHER              = 1
@@ -2017,6 +2033,50 @@ const (
 	IF_TYPE_IEEE1394           = 144
 )
 
+// Enum NL_PREFIX_ORIGIN for [IpAdapterUnicastAddress], see
+// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_prefix_origin
+const (
+	IpPrefixOriginOther               = 0
+	IpPrefixOriginManual              = 1
+	IpPrefixOriginWellKnown           = 2
+	IpPrefixOriginDhcp                = 3
+	IpPrefixOriginRouterAdvertisement = 4
+	IpPrefixOriginUnchanged           = 1 << 4
+)
+
+// Enum NL_SUFFIX_ORIGIN for [IpAdapterUnicastAddress], see
+// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_suffix_origin
+const (
+	NlsoOther                      = 0
+	NlsoManual                     = 1
+	NlsoWellKnown                  = 2
+	NlsoDhcp                       = 3
+	NlsoLinkLayerAddress           = 4
+	NlsoRandom                     = 5
+	IpSuffixOriginOther            = 0
+	IpSuffixOriginManual           = 1
+	IpSuffixOriginWellKnown        = 2
+	IpSuffixOriginDhcp             = 3
+	IpSuffixOriginLinkLayerAddress = 4
+	IpSuffixOriginRandom           = 5
+	IpSuffixOriginUnchanged        = 1 << 4
+)
+
+// Enum NL_DAD_STATE for [IpAdapterUnicastAddress], see
+// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_dad_state
+const (
+	NldsInvalid          = 0
+	NldsTentative        = 1
+	NldsDuplicate        = 2
+	NldsDeprecated       = 3
+	NldsPreferred        = 4
+	IpDadStateInvalid    = 0
+	IpDadStateTentative  = 1
+	IpDadStateDuplicate  = 2
+	IpDadStateDeprecated = 3
+	IpDadStatePreferred  = 4
+)
+
 type SocketAddress struct {
 	Sockaddr       *syscall.RawSockaddrAny
 	SockaddrLength int32
@@ -2144,6 +2204,132 @@ const (
 	IfOperStatusLowerLayerDown = 7
 )
 
+const (
+	IF_MAX_PHYS_ADDRESS_LENGTH = 32
+	IF_MAX_STRING_SIZE         = 256
+)
+
+// MIB_IF_ENTRY_LEVEL enumeration from netioapi.h or
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/nf-netioapi-getifentry2ex.
+const (
+	MibIfEntryNormal                  = 0
+	MibIfEntryNormalWithoutStatistics = 2
+)
+
+// MIB_NOTIFICATION_TYPE enumeration from netioapi.h or
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ne-netioapi-mib_notification_type.
+const (
+	MibParameterNotification = 0
+	MibAddInstance           = 1
+	MibDeleteInstance        = 2
+	MibInitialNotification   = 3
+)
+
+// MibIfRow2 stores information about a particular interface. See
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_if_row2.
+type MibIfRow2 struct {
+	InterfaceLuid               uint64
+	InterfaceIndex              uint32
+	InterfaceGuid               GUID
+	Alias                       [IF_MAX_STRING_SIZE + 1]uint16
+	Description                 [IF_MAX_STRING_SIZE + 1]uint16
+	PhysicalAddressLength       uint32
+	PhysicalAddress             [IF_MAX_PHYS_ADDRESS_LENGTH]uint8
+	PermanentPhysicalAddress    [IF_MAX_PHYS_ADDRESS_LENGTH]uint8
+	Mtu                         uint32
+	Type                        uint32
+	TunnelType                  uint32
+	MediaType                   uint32
+	PhysicalMediumType          uint32
+	AccessType                  uint32
+	DirectionType               uint32
+	InterfaceAndOperStatusFlags uint8
+	OperStatus                  uint32
+	AdminStatus                 uint32
+	MediaConnectState           uint32
+	NetworkGuid                 GUID
+	ConnectionType              uint32
+	TransmitLinkSpeed           uint64
+	ReceiveLinkSpeed            uint64
+	InOctets                    uint64
+	InUcastPkts                 uint64
+	InNUcastPkts                uint64
+	InDiscards                  uint64
+	InErrors                    uint64
+	InUnknownProtos             uint64
+	InUcastOctets               uint64
+	InMulticastOctets           uint64
+	InBroadcastOctets           uint64
+	OutOctets                   uint64
+	OutUcastPkts                uint64
+	OutNUcastPkts               uint64
+	OutDiscards                 uint64
+	OutErrors                   uint64
+	OutUcastOctets              uint64
+	OutMulticastOctets          uint64
+	OutBroadcastOctets          uint64
+	OutQLen                     uint64
+}
+
+// MIB_UNICASTIPADDRESS_ROW stores information about a unicast IP address. See
+// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_unicastipaddress_row.
+type MibUnicastIpAddressRow struct {
+	Address            RawSockaddrInet6 // SOCKADDR_INET union
+	InterfaceLuid      uint64
+	InterfaceIndex     uint32
+	PrefixOrigin       uint32
+	SuffixOrigin       uint32
+	ValidLifetime      uint32
+	PreferredLifetime  uint32
+	OnLinkPrefixLength uint8
+	SkipAsSource       uint8
+	DadState           uint32
+	ScopeId            uint32
+	CreationTimeStamp  Filetime
+}
+
+const ScopeLevelCount = 16
+
+// MIB_IPINTERFACE_ROW stores interface management information for a particular IP address family on a network interface.
+// See https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_ipinterface_row.
+type MibIpInterfaceRow struct {
+	Family                               uint16
+	InterfaceLuid                        uint64
+	InterfaceIndex                       uint32
+	MaxReassemblySize                    uint32
+	InterfaceIdentifier                  uint64
+	MinRouterAdvertisementInterval       uint32
+	MaxRouterAdvertisementInterval       uint32
+	AdvertisingEnabled                   uint8
+	ForwardingEnabled                    uint8
+	WeakHostSend                         uint8
+	WeakHostReceive                      uint8
+	UseAutomaticMetric                   uint8
+	UseNeighborUnreachabilityDetection   uint8
+	ManagedAddressConfigurationSupported uint8
+	OtherStatefulConfigurationSupported  uint8
+	AdvertiseDefaultRoute                uint8
+	RouterDiscoveryBehavior              uint32
+	DadTransmits                         uint32
+	BaseReachableTime                    uint32
+	RetransmitTime                       uint32
+	PathMtuDiscoveryTimeout              uint32
+	LinkLocalAddressBehavior             uint32
+	LinkLocalAddressTimeout              uint32
+	ZoneIndices                          [ScopeLevelCount]uint32
+	SitePrefixLength                     uint32
+	Metric                               uint32
+	NlMtu                                uint32
+	Connected                            uint8
+	SupportsWakeUpPatterns               uint8
+	SupportsNeighborDiscovery            uint8
+	SupportsRouterDiscovery              uint8
+	ReachableTime                        uint32
+	TransmitOffload                      uint32
+	ReceiveOffload                       uint32
+	DisableDefaultRoutes                 uint8
+}
+
 // Console related constants used for the mode parameter to SetConsoleMode. See
 // https://docs.microsoft.com/en-us/windows/console/setconsolemode for details.
 
@@ -3380,3 +3566,38 @@ type BLOB struct {
 	Size     uint32
 	BlobData *byte
 }
+
+type ComStat struct {
+	Flags    uint32
+	CBInQue  uint32
+	CBOutQue uint32
+}
+
+type DCB struct {
+	DCBlength  uint32
+	BaudRate   uint32
+	Flags      uint32
+	wReserved  uint16
+	XonLim     uint16
+	XoffLim    uint16
+	ByteSize   uint8
+	Parity     uint8
+	StopBits   uint8
+	XonChar    byte
+	XoffChar   byte
+	ErrorChar  byte
+	EofChar    byte
+	EvtChar    byte
+	wReserved1 uint16
+}
+
+// Keyboard Layout Flags.
+// See https://learn.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-loadkeyboardlayoutw
+const (
+	KLF_ACTIVATE      = 0x00000001
+	KLF_SUBSTITUTE_OK = 0x00000002
+	KLF_REORDER       = 0x00000008
+	KLF_REPLACELANG   = 0x00000010
+	KLF_NOTELLSHELL   = 0x00000080
+	KLF_SETFORPROCESS = 0x00000100
+)
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index e8791c82c..01c0716c2 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -91,6 +91,7 @@ var (
 	procEnumServicesStatusExW                                = modadvapi32.NewProc("EnumServicesStatusExW")
 	procEqualSid                                             = modadvapi32.NewProc("EqualSid")
 	procFreeSid                                              = modadvapi32.NewProc("FreeSid")
+	procGetAce                                               = modadvapi32.NewProc("GetAce")
 	procGetLengthSid                                         = modadvapi32.NewProc("GetLengthSid")
 	procGetNamedSecurityInfoW                                = modadvapi32.NewProc("GetNamedSecurityInfoW")
 	procGetSecurityDescriptorControl                         = modadvapi32.NewProc("GetSecurityDescriptorControl")
@@ -180,14 +181,21 @@ var (
 	procDnsRecordListFree                                    = moddnsapi.NewProc("DnsRecordListFree")
 	procDwmGetWindowAttribute                                = moddwmapi.NewProc("DwmGetWindowAttribute")
 	procDwmSetWindowAttribute                                = moddwmapi.NewProc("DwmSetWindowAttribute")
+	procCancelMibChangeNotify2                               = modiphlpapi.NewProc("CancelMibChangeNotify2")
 	procGetAdaptersAddresses                                 = modiphlpapi.NewProc("GetAdaptersAddresses")
 	procGetAdaptersInfo                                      = modiphlpapi.NewProc("GetAdaptersInfo")
 	procGetBestInterfaceEx                                   = modiphlpapi.NewProc("GetBestInterfaceEx")
 	procGetIfEntry                                           = modiphlpapi.NewProc("GetIfEntry")
+	procGetIfEntry2Ex                                        = modiphlpapi.NewProc("GetIfEntry2Ex")
+	procGetUnicastIpAddressEntry                             = modiphlpapi.NewProc("GetUnicastIpAddressEntry")
+	procNotifyIpInterfaceChange                              = modiphlpapi.NewProc("NotifyIpInterfaceChange")
+	procNotifyUnicastIpAddressChange                         = modiphlpapi.NewProc("NotifyUnicastIpAddressChange")
 	procAddDllDirectory                                      = modkernel32.NewProc("AddDllDirectory")
 	procAssignProcessToJobObject                             = modkernel32.NewProc("AssignProcessToJobObject")
 	procCancelIo                                             = modkernel32.NewProc("CancelIo")
 	procCancelIoEx                                           = modkernel32.NewProc("CancelIoEx")
+	procClearCommBreak                                       = modkernel32.NewProc("ClearCommBreak")
+	procClearCommError                                       = modkernel32.NewProc("ClearCommError")
 	procCloseHandle                                          = modkernel32.NewProc("CloseHandle")
 	procClosePseudoConsole                                   = modkernel32.NewProc("ClosePseudoConsole")
 	procConnectNamedPipe                                     = modkernel32.NewProc("ConnectNamedPipe")
@@ -212,7 +220,9 @@ var (
 	procDeleteProcThreadAttributeList                        = modkernel32.NewProc("DeleteProcThreadAttributeList")
 	procDeleteVolumeMountPointW                              = modkernel32.NewProc("DeleteVolumeMountPointW")
 	procDeviceIoControl                                      = modkernel32.NewProc("DeviceIoControl")
+	procDisconnectNamedPipe                                  = modkernel32.NewProc("DisconnectNamedPipe")
 	procDuplicateHandle                                      = modkernel32.NewProc("DuplicateHandle")
+	procEscapeCommFunction                                   = modkernel32.NewProc("EscapeCommFunction")
 	procExitProcess                                          = modkernel32.NewProc("ExitProcess")
 	procExpandEnvironmentStringsW                            = modkernel32.NewProc("ExpandEnvironmentStringsW")
 	procFindClose                                            = modkernel32.NewProc("FindClose")
@@ -236,11 +246,15 @@ var (
 	procGenerateConsoleCtrlEvent                             = modkernel32.NewProc("GenerateConsoleCtrlEvent")
 	procGetACP                                               = modkernel32.NewProc("GetACP")
 	procGetActiveProcessorCount                              = modkernel32.NewProc("GetActiveProcessorCount")
+	procGetCommModemStatus                                   = modkernel32.NewProc("GetCommModemStatus")
+	procGetCommState                                         = modkernel32.NewProc("GetCommState")
 	procGetCommTimeouts                                      = modkernel32.NewProc("GetCommTimeouts")
 	procGetCommandLineW                                      = modkernel32.NewProc("GetCommandLineW")
 	procGetComputerNameExW                                   = modkernel32.NewProc("GetComputerNameExW")
 	procGetComputerNameW                                     = modkernel32.NewProc("GetComputerNameW")
+	procGetConsoleCP                                         = modkernel32.NewProc("GetConsoleCP")
 	procGetConsoleMode                                       = modkernel32.NewProc("GetConsoleMode")
+	procGetConsoleOutputCP                                   = modkernel32.NewProc("GetConsoleOutputCP")
 	procGetConsoleScreenBufferInfo                           = modkernel32.NewProc("GetConsoleScreenBufferInfo")
 	procGetCurrentDirectoryW                                 = modkernel32.NewProc("GetCurrentDirectoryW")
 	procGetCurrentProcessId                                  = modkernel32.NewProc("GetCurrentProcessId")
@@ -266,8 +280,10 @@ var (
 	procGetMaximumProcessorCount                             = modkernel32.NewProc("GetMaximumProcessorCount")
 	procGetModuleFileNameW                                   = modkernel32.NewProc("GetModuleFileNameW")
 	procGetModuleHandleExW                                   = modkernel32.NewProc("GetModuleHandleExW")
+	procGetNamedPipeClientProcessId                          = modkernel32.NewProc("GetNamedPipeClientProcessId")
 	procGetNamedPipeHandleStateW                             = modkernel32.NewProc("GetNamedPipeHandleStateW")
 	procGetNamedPipeInfo                                     = modkernel32.NewProc("GetNamedPipeInfo")
+	procGetNamedPipeServerProcessId                          = modkernel32.NewProc("GetNamedPipeServerProcessId")
 	procGetOverlappedResult                                  = modkernel32.NewProc("GetOverlappedResult")
 	procGetPriorityClass                                     = modkernel32.NewProc("GetPriorityClass")
 	procGetProcAddress                                       = modkernel32.NewProc("GetProcAddress")
@@ -322,6 +338,7 @@ var (
 	procProcess32NextW                                       = modkernel32.NewProc("Process32NextW")
 	procProcessIdToSessionId                                 = modkernel32.NewProc("ProcessIdToSessionId")
 	procPulseEvent                                           = modkernel32.NewProc("PulseEvent")
+	procPurgeComm                                            = modkernel32.NewProc("PurgeComm")
 	procQueryDosDeviceW                                      = modkernel32.NewProc("QueryDosDeviceW")
 	procQueryFullProcessImageNameW                           = modkernel32.NewProc("QueryFullProcessImageNameW")
 	procQueryInformationJobObject                            = modkernel32.NewProc("QueryInformationJobObject")
@@ -335,14 +352,18 @@ var (
 	procResetEvent                                           = modkernel32.NewProc("ResetEvent")
 	procResizePseudoConsole                                  = modkernel32.NewProc("ResizePseudoConsole")
 	procResumeThread                                         = modkernel32.NewProc("ResumeThread")
+	procSetCommBreak                                         = modkernel32.NewProc("SetCommBreak")
+	procSetCommMask                                          = modkernel32.NewProc("SetCommMask")
+	procSetCommState                                         = modkernel32.NewProc("SetCommState")
 	procSetCommTimeouts                                      = modkernel32.NewProc("SetCommTimeouts")
+	procSetConsoleCP                                         = modkernel32.NewProc("SetConsoleCP")
 	procSetConsoleCursorPosition                             = modkernel32.NewProc("SetConsoleCursorPosition")
 	procSetConsoleMode                                       = modkernel32.NewProc("SetConsoleMode")
+	procSetConsoleOutputCP                                   = modkernel32.NewProc("SetConsoleOutputCP")
 	procSetCurrentDirectoryW                                 = modkernel32.NewProc("SetCurrentDirectoryW")
 	procSetDefaultDllDirectories                             = modkernel32.NewProc("SetDefaultDllDirectories")
 	procSetDllDirectoryW                                     = modkernel32.NewProc("SetDllDirectoryW")
 	procSetEndOfFile                                         = modkernel32.NewProc("SetEndOfFile")
-	procSetFileValidData                                     = modkernel32.NewProc("SetFileValidData")
 	procSetEnvironmentVariableW                              = modkernel32.NewProc("SetEnvironmentVariableW")
 	procSetErrorMode                                         = modkernel32.NewProc("SetErrorMode")
 	procSetEvent                                             = modkernel32.NewProc("SetEvent")
@@ -351,6 +372,7 @@ var (
 	procSetFileInformationByHandle                           = modkernel32.NewProc("SetFileInformationByHandle")
 	procSetFilePointer                                       = modkernel32.NewProc("SetFilePointer")
 	procSetFileTime                                          = modkernel32.NewProc("SetFileTime")
+	procSetFileValidData                                     = modkernel32.NewProc("SetFileValidData")
 	procSetHandleInformation                                 = modkernel32.NewProc("SetHandleInformation")
 	procSetInformationJobObject                              = modkernel32.NewProc("SetInformationJobObject")
 	procSetNamedPipeHandleState                              = modkernel32.NewProc("SetNamedPipeHandleState")
@@ -361,6 +383,7 @@ var (
 	procSetStdHandle                                         = modkernel32.NewProc("SetStdHandle")
 	procSetVolumeLabelW                                      = modkernel32.NewProc("SetVolumeLabelW")
 	procSetVolumeMountPointW                                 = modkernel32.NewProc("SetVolumeMountPointW")
+	procSetupComm                                            = modkernel32.NewProc("SetupComm")
 	procSizeofResource                                       = modkernel32.NewProc("SizeofResource")
 	procSleepEx                                              = modkernel32.NewProc("SleepEx")
 	procTerminateJobObject                                   = modkernel32.NewProc("TerminateJobObject")
@@ -379,6 +402,7 @@ var (
 	procVirtualQueryEx                                       = modkernel32.NewProc("VirtualQueryEx")
 	procVirtualUnlock                                        = modkernel32.NewProc("VirtualUnlock")
 	procWTSGetActiveConsoleSessionId                         = modkernel32.NewProc("WTSGetActiveConsoleSessionId")
+	procWaitCommEvent                                        = modkernel32.NewProc("WaitCommEvent")
 	procWaitForMultipleObjects                               = modkernel32.NewProc("WaitForMultipleObjects")
 	procWaitForSingleObject                                  = modkernel32.NewProc("WaitForSingleObject")
 	procWriteConsoleW                                        = modkernel32.NewProc("WriteConsoleW")
@@ -389,6 +413,7 @@ var (
 	procTransmitFile                                         = modmswsock.NewProc("TransmitFile")
 	procNetApiBufferFree                                     = modnetapi32.NewProc("NetApiBufferFree")
 	procNetGetJoinInformation                                = modnetapi32.NewProc("NetGetJoinInformation")
+	procNetUserEnum                                          = modnetapi32.NewProc("NetUserEnum")
 	procNetUserGetInfo                                       = modnetapi32.NewProc("NetUserGetInfo")
 	procNtCreateFile                                         = modntdll.NewProc("NtCreateFile")
 	procNtCreateNamedPipeFile                                = modntdll.NewProc("NtCreateNamedPipeFile")
@@ -464,12 +489,16 @@ var (
 	procGetDesktopWindow                                     = moduser32.NewProc("GetDesktopWindow")
 	procGetForegroundWindow                                  = moduser32.NewProc("GetForegroundWindow")
 	procGetGUIThreadInfo                                     = moduser32.NewProc("GetGUIThreadInfo")
+	procGetKeyboardLayout                                    = moduser32.NewProc("GetKeyboardLayout")
 	procGetShellWindow                                       = moduser32.NewProc("GetShellWindow")
 	procGetWindowThreadProcessId                             = moduser32.NewProc("GetWindowThreadProcessId")
 	procIsWindow                                             = moduser32.NewProc("IsWindow")
 	procIsWindowUnicode                                      = moduser32.NewProc("IsWindowUnicode")
 	procIsWindowVisible                                      = moduser32.NewProc("IsWindowVisible")
+	procLoadKeyboardLayoutW                                  = moduser32.NewProc("LoadKeyboardLayoutW")
 	procMessageBoxW                                          = moduser32.NewProc("MessageBoxW")
+	procToUnicodeEx                                          = moduser32.NewProc("ToUnicodeEx")
+	procUnloadKeyboardLayout                                 = moduser32.NewProc("UnloadKeyboardLayout")
 	procCreateEnvironmentBlock                               = moduserenv.NewProc("CreateEnvironmentBlock")
 	procDestroyEnvironmentBlock                              = moduserenv.NewProc("DestroyEnvironmentBlock")
 	procGetUserProfileDirectoryW                             = moduserenv.NewProc("GetUserProfileDirectoryW")
@@ -775,6 +804,14 @@ func FreeSid(sid *SID) (err error) {
 	return
 }
 
+func GetAce(acl *ACL, aceIndex uint32, pAce **ACCESS_ALLOWED_ACE) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetAce.Addr(), 3, uintptr(unsafe.Pointer(acl)), uintptr(aceIndex), uintptr(unsafe.Pointer(pAce)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func GetLengthSid(sid *SID) (len uint32) {
 	r0, _, _ := syscall.Syscall(procGetLengthSid.Addr(), 1, uintptr(unsafe.Pointer(sid)), 0, 0)
 	len = uint32(r0)
@@ -1576,6 +1613,14 @@ func DwmSetWindowAttribute(hwnd HWND, attribute uint32, value unsafe.Pointer, si
 	return
 }
 
+func CancelMibChangeNotify2(notificationHandle Handle) (errcode error) {
+	r0, _, _ := syscall.Syscall(procCancelMibChangeNotify2.Addr(), 1, uintptr(notificationHandle), 0, 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
 func GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizePointer *uint32) (errcode error) {
 	r0, _, _ := syscall.Syscall6(procGetAdaptersAddresses.Addr(), 5, uintptr(family), uintptr(flags), uintptr(reserved), uintptr(unsafe.Pointer(adapterAddresses)), uintptr(unsafe.Pointer(sizePointer)), 0)
 	if r0 != 0 {
@@ -1608,6 +1653,46 @@ func GetIfEntry(pIfRow *MibIfRow) (errcode error) {
 	return
 }
 
+func GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) {
+	r0, _, _ := syscall.Syscall(procGetIfEntry2Ex.Addr(), 2, uintptr(level), uintptr(unsafe.Pointer(row)), 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) {
+	r0, _, _ := syscall.Syscall(procGetUnicastIpAddressEntry.Addr(), 1, uintptr(unsafe.Pointer(row)), 0, 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
+	var _p0 uint32
+	if initialNotification {
+		_p0 = 1
+	}
+	r0, _, _ := syscall.Syscall6(procNotifyIpInterfaceChange.Addr(), 5, uintptr(family), uintptr(callback), uintptr(callerContext), uintptr(_p0), uintptr(unsafe.Pointer(notificationHandle)), 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
+func NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
+	var _p0 uint32
+	if initialNotification {
+		_p0 = 1
+	}
+	r0, _, _ := syscall.Syscall6(procNotifyUnicastIpAddressChange.Addr(), 5, uintptr(family), uintptr(callback), uintptr(callerContext), uintptr(_p0), uintptr(unsafe.Pointer(notificationHandle)), 0)
+	if r0 != 0 {
+		errcode = syscall.Errno(r0)
+	}
+	return
+}
+
 func AddDllDirectory(path *uint16) (cookie uintptr, err error) {
 	r0, _, e1 := syscall.Syscall(procAddDllDirectory.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
 	cookie = uintptr(r0)
@@ -1641,6 +1726,22 @@ func CancelIoEx(s Handle, o *Overlapped) (err error) {
 	return
 }
 
+func ClearCommBreak(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procClearCommBreak.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func ClearCommError(handle Handle, lpErrors *uint32, lpStat *ComStat) (err error) {
+	r1, _, e1 := syscall.Syscall(procClearCommError.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(lpErrors)), uintptr(unsafe.Pointer(lpStat)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func CloseHandle(handle Handle) (err error) {
 	r1, _, e1 := syscall.Syscall(procCloseHandle.Addr(), 1, uintptr(handle), 0, 0)
 	if r1 == 0 {
@@ -1845,6 +1946,14 @@ func DeviceIoControl(handle Handle, ioControlCode uint32, inBuffer *byte, inBuff
 	return
 }
 
+func DisconnectNamedPipe(pipe Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procDisconnectNamedPipe.Addr(), 1, uintptr(pipe), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func DuplicateHandle(hSourceProcessHandle Handle, hSourceHandle Handle, hTargetProcessHandle Handle, lpTargetHandle *Handle, dwDesiredAccess uint32, bInheritHandle bool, dwOptions uint32) (err error) {
 	var _p0 uint32
 	if bInheritHandle {
@@ -1857,6 +1966,14 @@ func DuplicateHandle(hSourceProcessHandle Handle, hSourceHandle Handle, hTargetP
 	return
 }
 
+func EscapeCommFunction(handle Handle, dwFunc uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procEscapeCommFunction.Addr(), 2, uintptr(handle), uintptr(dwFunc), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func ExitProcess(exitcode uint32) {
 	syscall.Syscall(procExitProcess.Addr(), 1, uintptr(exitcode), 0, 0)
 	return
@@ -2058,6 +2175,22 @@ func GetActiveProcessorCount(groupNumber uint16) (ret uint32) {
 	return
 }
 
+func GetCommModemStatus(handle Handle, lpModemStat *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetCommModemStatus.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(lpModemStat)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func GetCommState(handle Handle, lpDCB *DCB) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetCommState.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(lpDCB)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func GetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error) {
 	r1, _, e1 := syscall.Syscall(procGetCommTimeouts.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(timeouts)), 0)
 	if r1 == 0 {
@@ -2088,6 +2221,15 @@ func GetComputerName(buf *uint16, n *uint32) (err error) {
 	return
 }
 
+func GetConsoleCP() (cp uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetConsoleCP.Addr(), 0, 0, 0, 0)
+	cp = uint32(r0)
+	if cp == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func GetConsoleMode(console Handle, mode *uint32) (err error) {
 	r1, _, e1 := syscall.Syscall(procGetConsoleMode.Addr(), 2, uintptr(console), uintptr(unsafe.Pointer(mode)), 0)
 	if r1 == 0 {
@@ -2096,6 +2238,15 @@ func GetConsoleMode(console Handle, mode *uint32) (err error) {
 	return
 }
 
+func GetConsoleOutputCP() (cp uint32, err error) {
+	r0, _, e1 := syscall.Syscall(procGetConsoleOutputCP.Addr(), 0, 0, 0, 0)
+	cp = uint32(r0)
+	if cp == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func GetConsoleScreenBufferInfo(console Handle, info *ConsoleScreenBufferInfo) (err error) {
 	r1, _, e1 := syscall.Syscall(procGetConsoleScreenBufferInfo.Addr(), 2, uintptr(console), uintptr(unsafe.Pointer(info)), 0)
 	if r1 == 0 {
@@ -2297,6 +2448,14 @@ func GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err er
 	return
 }
 
+func GetNamedPipeClientProcessId(pipe Handle, clientProcessID *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetNamedPipeClientProcessId.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(clientProcessID)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func GetNamedPipeHandleState(pipe Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) {
 	r1, _, e1 := syscall.Syscall9(procGetNamedPipeHandleStateW.Addr(), 7, uintptr(pipe), uintptr(unsafe.Pointer(state)), uintptr(unsafe.Pointer(curInstances)), uintptr(unsafe.Pointer(maxCollectionCount)), uintptr(unsafe.Pointer(collectDataTimeout)), uintptr(unsafe.Pointer(userName)), uintptr(maxUserNameSize), 0, 0)
 	if r1 == 0 {
@@ -2313,6 +2472,14 @@ func GetNamedPipeInfo(pipe Handle, flags *uint32, outSize *uint32, inSize *uint3
 	return
 }
 
+func GetNamedPipeServerProcessId(pipe Handle, serverProcessID *uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procGetNamedPipeServerProcessId.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(serverProcessID)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func GetOverlappedResult(handle Handle, overlapped *Overlapped, done *uint32, wait bool) (err error) {
 	var _p0 uint32
 	if wait {
@@ -2810,6 +2977,14 @@ func PulseEvent(event Handle) (err error) {
 	return
 }
 
+func PurgeComm(handle Handle, dwFlags uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procPurgeComm.Addr(), 2, uintptr(handle), uintptr(dwFlags), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func QueryDosDevice(deviceName *uint16, targetPath *uint16, max uint32) (n uint32, err error) {
 	r0, _, e1 := syscall.Syscall(procQueryDosDeviceW.Addr(), 3, uintptr(unsafe.Pointer(deviceName)), uintptr(unsafe.Pointer(targetPath)), uintptr(max))
 	n = uint32(r0)
@@ -2924,6 +3099,30 @@ func ResumeThread(thread Handle) (ret uint32, err error) {
 	return
 }
 
+func SetCommBreak(handle Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetCommBreak.Addr(), 1, uintptr(handle), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetCommMask(handle Handle, dwEvtMask uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetCommMask.Addr(), 2, uintptr(handle), uintptr(dwEvtMask), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+func SetCommState(handle Handle, lpDCB *DCB) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetCommState.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(lpDCB)), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func SetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetCommTimeouts.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(timeouts)), 0)
 	if r1 == 0 {
@@ -2932,6 +3131,14 @@ func SetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error) {
 	return
 }
 
+func SetConsoleCP(cp uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetConsoleCP.Addr(), 1, uintptr(cp), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func setConsoleCursorPosition(console Handle, position uint32) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetConsoleCursorPosition.Addr(), 2, uintptr(console), uintptr(position), 0)
 	if r1 == 0 {
@@ -2948,6 +3155,14 @@ func SetConsoleMode(console Handle, mode uint32) (err error) {
 	return
 }
 
+func SetConsoleOutputCP(cp uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetConsoleOutputCP.Addr(), 1, uintptr(cp), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func SetCurrentDirectory(path *uint16) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetCurrentDirectoryW.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
 	if r1 == 0 {
@@ -2989,14 +3204,6 @@ func SetEndOfFile(handle Handle) (err error) {
 	return
 }
 
-func SetFileValidData(handle Handle, validDataLength int64) (err error) {
-	r1, _, e1 := syscall.Syscall(procSetFileValidData.Addr(), 2, uintptr(handle), uintptr(validDataLength), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func SetEnvironmentVariable(name *uint16, value *uint16) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetEnvironmentVariableW.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(value)), 0)
 	if r1 == 0 {
@@ -3060,6 +3267,14 @@ func SetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetim
 	return
 }
 
+func SetFileValidData(handle Handle, validDataLength int64) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetFileValidData.Addr(), 2, uintptr(handle), uintptr(validDataLength), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func SetHandleInformation(handle Handle, mask uint32, flags uint32) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetHandleInformation.Addr(), 3, uintptr(handle), uintptr(mask), uintptr(flags))
 	if r1 == 0 {
@@ -3145,6 +3360,14 @@ func SetVolumeMountPoint(volumeMountPoint *uint16, volumeName *uint16) (err erro
 	return
 }
 
+func SetupComm(handle Handle, dwInQueue uint32, dwOutQueue uint32) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetupComm.Addr(), 3, uintptr(handle), uintptr(dwInQueue), uintptr(dwOutQueue))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func SizeofResource(module Handle, resInfo Handle) (size uint32, err error) {
 	r0, _, e1 := syscall.Syscall(procSizeofResource.Addr(), 2, uintptr(module), uintptr(resInfo), 0)
 	size = uint32(r0)
@@ -3291,6 +3514,14 @@ func WTSGetActiveConsoleSessionId() (sessionID uint32) {
 	return
 }
 
+func WaitCommEvent(handle Handle, lpEvtMask *uint32, lpOverlapped *Overlapped) (err error) {
+	r1, _, e1 := syscall.Syscall(procWaitCommEvent.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(lpEvtMask)), uintptr(unsafe.Pointer(lpOverlapped)))
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func waitForMultipleObjects(count uint32, handles uintptr, waitAll bool, waitMilliseconds uint32) (event uint32, err error) {
 	var _p0 uint32
 	if waitAll {
@@ -3378,6 +3609,14 @@ func NetGetJoinInformation(server *uint16, name **uint16, bufType *uint32) (nete
 	return
 }
 
+func NetUserEnum(serverName *uint16, level uint32, filter uint32, buf **byte, prefMaxLen uint32, entriesRead *uint32, totalEntries *uint32, resumeHandle *uint32) (neterr error) {
+	r0, _, _ := syscall.Syscall9(procNetUserEnum.Addr(), 8, uintptr(unsafe.Pointer(serverName)), uintptr(level), uintptr(filter), uintptr(unsafe.Pointer(buf)), uintptr(prefMaxLen), uintptr(unsafe.Pointer(entriesRead)), uintptr(unsafe.Pointer(totalEntries)), uintptr(unsafe.Pointer(resumeHandle)), 0)
+	if r0 != 0 {
+		neterr = syscall.Errno(r0)
+	}
+	return
+}
+
 func NetUserGetInfo(serverName *uint16, userName *uint16, level uint32, buf **byte) (neterr error) {
 	r0, _, _ := syscall.Syscall6(procNetUserGetInfo.Addr(), 4, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(userName)), uintptr(level), uintptr(unsafe.Pointer(buf)), 0, 0)
 	if r0 != 0 {
@@ -3956,6 +4195,12 @@ func GetGUIThreadInfo(thread uint32, info *GUIThreadInfo) (err error) {
 	return
 }
 
+func GetKeyboardLayout(tid uint32) (hkl Handle) {
+	r0, _, _ := syscall.Syscall(procGetKeyboardLayout.Addr(), 1, uintptr(tid), 0, 0)
+	hkl = Handle(r0)
+	return
+}
+
 func GetShellWindow() (shellWindow HWND) {
 	r0, _, _ := syscall.Syscall(procGetShellWindow.Addr(), 0, 0, 0, 0)
 	shellWindow = HWND(r0)
@@ -3989,6 +4234,15 @@ func IsWindowVisible(hwnd HWND) (isVisible bool) {
 	return
 }
 
+func LoadKeyboardLayout(name *uint16, flags uint32) (hkl Handle, err error) {
+	r0, _, e1 := syscall.Syscall(procLoadKeyboardLayoutW.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(flags), 0)
+	hkl = Handle(r0)
+	if hkl == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) {
 	r0, _, e1 := syscall.Syscall6(procMessageBoxW.Addr(), 4, uintptr(hwnd), uintptr(unsafe.Pointer(text)), uintptr(unsafe.Pointer(caption)), uintptr(boxtype), 0, 0)
 	ret = int32(r0)
@@ -3998,6 +4252,20 @@ func MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret i
 	return
 }
 
+func ToUnicodeEx(vkey uint32, scancode uint32, keystate *byte, pwszBuff *uint16, cchBuff int32, flags uint32, hkl Handle) (ret int32) {
+	r0, _, _ := syscall.Syscall9(procToUnicodeEx.Addr(), 7, uintptr(vkey), uintptr(scancode), uintptr(unsafe.Pointer(keystate)), uintptr(unsafe.Pointer(pwszBuff)), uintptr(cchBuff), uintptr(flags), uintptr(hkl), 0, 0)
+	ret = int32(r0)
+	return
+}
+
+func UnloadKeyboardLayout(hkl Handle) (err error) {
+	r1, _, e1 := syscall.Syscall(procUnloadKeyboardLayout.Addr(), 1, uintptr(hkl), 0, 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func CreateEnvironmentBlock(block **uint16, token Token, inheritExisting bool) (err error) {
 	var _p0 uint32
 	if inheritExisting {
diff --git a/vendor/golang.org/x/text/LICENSE b/vendor/golang.org/x/text/LICENSE
index 6a66aea5e..2a7cf70da 100644
--- a/vendor/golang.org/x/text/LICENSE
+++ b/vendor/golang.org/x/text/LICENSE
@@ -1,4 +1,4 @@
-Copyright (c) 2009 The Go Authors. All rights reserved.
+Copyright 2009 The Go Authors.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
-   * Neither the name of Google Inc. nor the names of its
+   * Neither the name of Google LLC nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 
diff --git a/vendor/google.golang.org/protobuf/encoding/prototext/decode.go b/vendor/google.golang.org/protobuf/encoding/prototext/decode.go
index a45f112bc..24bc98ac4 100644
--- a/vendor/google.golang.org/protobuf/encoding/prototext/decode.go
+++ b/vendor/google.golang.org/protobuf/encoding/prototext/decode.go
@@ -84,7 +84,7 @@ type decoder struct {
 }
 
 // newError returns an error object with position info.
-func (d decoder) newError(pos int, f string, x ...interface{}) error {
+func (d decoder) newError(pos int, f string, x ...any) error {
 	line, column := d.Position(pos)
 	head := fmt.Sprintf("(line %d:%d): ", line, column)
 	return errors.New(head+f, x...)
@@ -96,7 +96,7 @@ func (d decoder) unexpectedTokenError(tok text.Token) error {
 }
 
 // syntaxError returns a syntax error for given position.
-func (d decoder) syntaxError(pos int, f string, x ...interface{}) error {
+func (d decoder) syntaxError(pos int, f string, x ...any) error {
 	line, column := d.Position(pos)
 	head := fmt.Sprintf("syntax error (line %d:%d): ", line, column)
 	return errors.New(head+f, x...)
diff --git a/vendor/google.golang.org/protobuf/encoding/prototext/encode.go b/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
index 95967e811..1f57e6610 100644
--- a/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
+++ b/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
@@ -27,15 +27,17 @@ const defaultIndent = "  "
 
 // Format formats the message as a multiline string.
 // This function is only intended for human consumption and ignores errors.
-// Do not depend on the output being stable. It may change over time across
-// different versions of the program.
+// Do not depend on the output being stable. Its output will change across
+// different builds of your program, even when using the same version of the
+// protobuf module.
 func Format(m proto.Message) string {
 	return MarshalOptions{Multiline: true}.Format(m)
 }
 
 // Marshal writes the given [proto.Message] in textproto format using default
-// options. Do not depend on the output being stable. It may change over time
-// across different versions of the program.
+// options. Do not depend on the output being stable. Its output will change
+// across different builds of your program, even when using the same version of
+// the protobuf module.
 func Marshal(m proto.Message) ([]byte, error) {
 	return MarshalOptions{}.Marshal(m)
 }
@@ -84,8 +86,9 @@ type MarshalOptions struct {
 
 // Format formats the message as a string.
 // This method is only intended for human consumption and ignores errors.
-// Do not depend on the output being stable. It may change over time across
-// different versions of the program.
+// Do not depend on the output being stable. Its output will change across
+// different builds of your program, even when using the same version of the
+// protobuf module.
 func (o MarshalOptions) Format(m proto.Message) string {
 	if m == nil || !m.ProtoReflect().IsValid() {
 		return "" // invalid syntax, but okay since this is for debugging
@@ -98,8 +101,9 @@ func (o MarshalOptions) Format(m proto.Message) string {
 }
 
 // Marshal writes the given [proto.Message] in textproto format using options in
-// MarshalOptions object. Do not depend on the output being stable. It may
-// change over time across different versions of the program.
+// MarshalOptions object. Do not depend on the output being stable. Its output
+// will change across different builds of your program, even when using the
+// same version of the protobuf module.
 func (o MarshalOptions) Marshal(m proto.Message) ([]byte, error) {
 	return o.marshal(nil, m)
 }
diff --git a/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go b/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go
index a45625c8d..87e46bd4d 100644
--- a/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go
+++ b/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go
@@ -252,6 +252,7 @@ func formatDescOpt(t protoreflect.Descriptor, isRoot, allowMulti bool, record fu
 				{rv.MethodByName("Values"), "Values"},
 				{rv.MethodByName("ReservedNames"), "ReservedNames"},
 				{rv.MethodByName("ReservedRanges"), "ReservedRanges"},
+				{rv.MethodByName("IsClosed"), "IsClosed"},
 			}...)
 
 		case protoreflect.EnumValueDescriptor:
diff --git a/vendor/google.golang.org/protobuf/internal/descopts/options.go b/vendor/google.golang.org/protobuf/internal/descopts/options.go
index 8401be8c8..024ffebd3 100644
--- a/vendor/google.golang.org/protobuf/internal/descopts/options.go
+++ b/vendor/google.golang.org/protobuf/internal/descopts/options.go
@@ -9,7 +9,7 @@
 // dependency on the descriptor proto package).
 package descopts
 
-import pref "google.golang.org/protobuf/reflect/protoreflect"
+import "google.golang.org/protobuf/reflect/protoreflect"
 
 // These variables are set by the init function in descriptor.pb.go via logic
 // in internal/filetype. In other words, so long as the descriptor proto package
@@ -17,13 +17,13 @@ import pref "google.golang.org/protobuf/reflect/protoreflect"
 //
 // Each variable is populated with a nil pointer to the options struct.
 var (
-	File           pref.ProtoMessage
-	Enum           pref.ProtoMessage
-	EnumValue      pref.ProtoMessage
-	Message        pref.ProtoMessage
-	Field          pref.ProtoMessage
-	Oneof          pref.ProtoMessage
-	ExtensionRange pref.ProtoMessage
-	Service        pref.ProtoMessage
-	Method         pref.ProtoMessage
+	File           protoreflect.ProtoMessage
+	Enum           protoreflect.ProtoMessage
+	EnumValue      protoreflect.ProtoMessage
+	Message        protoreflect.ProtoMessage
+	Field          protoreflect.ProtoMessage
+	Oneof          protoreflect.ProtoMessage
+	ExtensionRange protoreflect.ProtoMessage
+	Service        protoreflect.ProtoMessage
+	Method         protoreflect.ProtoMessage
 )
diff --git a/vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb b/vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb
index 18f0756874367adcdb790ffde125b6a7388b4eaa..5a57ef6f3c80a4a930b7bdb33b039ea94d1eb5f2 100644
GIT binary patch
literal 138
zcmd;*muO*EV!mX@pe4$|D8MAaq`<7fXux#Ijt$6VkYMDJmv|0Wz$CyZ!KlClRKN&Q
wzyMY7f?Y`%s2WL*1th1%ddZFnY{E-+C6MVz3P75fB^b3pHY+@1*LcYe04AXnGXMYp

literal 63
zcmd-Q6yo7v6kw8IQef6#G+>f=#?A#2ViI7KU{qiN3NcDNhX^qu3B6!fc*d^rf*k<7
Cln3+x

diff --git a/vendor/google.golang.org/protobuf/internal/encoding/tag/tag.go b/vendor/google.golang.org/protobuf/internal/encoding/tag/tag.go
index 373d20837..7e87c7604 100644
--- a/vendor/google.golang.org/protobuf/internal/encoding/tag/tag.go
+++ b/vendor/google.golang.org/protobuf/internal/encoding/tag/tag.go
@@ -32,6 +32,7 @@ var byteType = reflect.TypeOf(byte(0))
 func Unmarshal(tag string, goType reflect.Type, evs protoreflect.EnumValueDescriptors) protoreflect.FieldDescriptor {
 	f := new(filedesc.Field)
 	f.L0.ParentFile = filedesc.SurrogateProto2
+	f.L1.EditionFeatures = f.L0.ParentFile.L1.EditionFeatures
 	for len(tag) > 0 {
 		i := strings.IndexByte(tag, ',')
 		if i < 0 {
@@ -107,8 +108,7 @@ func Unmarshal(tag string, goType reflect.Type, evs protoreflect.EnumValueDescri
 				f.L1.StringName.InitJSON(jsonName)
 			}
 		case s == "packed":
-			f.L1.HasPacked = true
-			f.L1.IsPacked = true
+			f.L1.EditionFeatures.IsPacked = true
 		case strings.HasPrefix(s, "weak="):
 			f.L1.IsWeak = true
 			f.L1.Message = filedesc.PlaceholderMessage(protoreflect.FullName(s[len("weak="):]))
diff --git a/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go b/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go
index 87853e786..099b2bf45 100644
--- a/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go
+++ b/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go
@@ -601,7 +601,7 @@ func (d *Decoder) consumeToken(kind Kind, size int, attrs uint8) Token {
 
 // newSyntaxError returns a syntax error with line and column information for
 // current position.
-func (d *Decoder) newSyntaxError(f string, x ...interface{}) error {
+func (d *Decoder) newSyntaxError(f string, x ...any) error {
 	e := errors.New(f, x...)
 	line, column := d.Position(len(d.orig) - len(d.in))
 	return errors.New("syntax error (line %d:%d): %v", line, column, e)
diff --git a/vendor/google.golang.org/protobuf/internal/errors/errors.go b/vendor/google.golang.org/protobuf/internal/errors/errors.go
index 20c17b35e..c2d6bd526 100644
--- a/vendor/google.golang.org/protobuf/internal/errors/errors.go
+++ b/vendor/google.golang.org/protobuf/internal/errors/errors.go
@@ -17,7 +17,7 @@ var Error = errors.New("protobuf error")
 
 // New formats a string according to the format specifier and arguments and
 // returns an error that has a "proto" prefix.
-func New(f string, x ...interface{}) error {
+func New(f string, x ...any) error {
 	return &prefixError{s: format(f, x...)}
 }
 
@@ -43,7 +43,7 @@ func (e *prefixError) Unwrap() error {
 
 // Wrap returns an error that has a "proto" prefix, the formatted string described
 // by the format specifier and arguments, and a suffix of err. The error wraps err.
-func Wrap(err error, f string, x ...interface{}) error {
+func Wrap(err error, f string, x ...any) error {
 	return &wrapError{
 		s:   format(f, x...),
 		err: err,
@@ -67,7 +67,7 @@ func (e *wrapError) Is(target error) bool {
 	return target == Error
 }
 
-func format(f string, x ...interface{}) string {
+func format(f string, x ...any) string {
 	// avoid "proto: " prefix when chaining
 	for i := 0; i < len(x); i++ {
 		switch e := x[i].(type) {
@@ -87,3 +87,18 @@ func InvalidUTF8(name string) error {
 func RequiredNotSet(name string) error {
 	return New("required field %v not set", name)
 }
+
+type SizeMismatchError struct {
+	Calculated, Measured int
+}
+
+func (e *SizeMismatchError) Error() string {
+	return fmt.Sprintf("size mismatch (see https://github.com/golang/protobuf/issues/1609): calculated=%d, measured=%d", e.Calculated, e.Measured)
+}
+
+func MismatchedSizeCalculation(calculated, measured int) error {
+	return &SizeMismatchError{
+		Calculated: calculated,
+		Measured:   measured,
+	}
+}
diff --git a/vendor/google.golang.org/protobuf/internal/errors/is_go112.go b/vendor/google.golang.org/protobuf/internal/errors/is_go112.go
deleted file mode 100644
index fbcd34920..000000000
--- a/vendor/google.golang.org/protobuf/internal/errors/is_go112.go
+++ /dev/null
@@ -1,40 +0,0 @@
-// Copyright 2020 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !go1.13
-// +build !go1.13
-
-package errors
-
-import "reflect"
-
-// Is is a copy of Go 1.13's errors.Is for use with older Go versions.
-func Is(err, target error) bool {
-	if target == nil {
-		return err == target
-	}
-
-	isComparable := reflect.TypeOf(target).Comparable()
-	for {
-		if isComparable && err == target {
-			return true
-		}
-		if x, ok := err.(interface{ Is(error) bool }); ok && x.Is(target) {
-			return true
-		}
-		if err = unwrap(err); err == nil {
-			return false
-		}
-	}
-}
-
-func unwrap(err error) error {
-	u, ok := err.(interface {
-		Unwrap() error
-	})
-	if !ok {
-		return nil
-	}
-	return u.Unwrap()
-}
diff --git a/vendor/google.golang.org/protobuf/internal/errors/is_go113.go b/vendor/google.golang.org/protobuf/internal/errors/is_go113.go
deleted file mode 100644
index 5e72f1cde..000000000
--- a/vendor/google.golang.org/protobuf/internal/errors/is_go113.go
+++ /dev/null
@@ -1,13 +0,0 @@
-// Copyright 2020 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build go1.13
-// +build go1.13
-
-package errors
-
-import "errors"
-
-// Is is errors.Is.
-func Is(err, target error) bool { return errors.Is(err, target) }
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
index 8826bcf40..378b826fa 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
@@ -7,6 +7,7 @@ package filedesc
 import (
 	"bytes"
 	"fmt"
+	"strings"
 	"sync"
 	"sync/atomic"
 
@@ -31,6 +32,7 @@ const (
 	EditionProto2      Edition = 998
 	EditionProto3      Edition = 999
 	Edition2023        Edition = 1000
+	Edition2024        Edition = 1001
 	EditionUnsupported Edition = 100000
 )
 
@@ -76,31 +78,48 @@ type (
 		Locations SourceLocations
 	}
 
+	// EditionFeatures is a frequently-instantiated struct, so please take care
+	// to minimize padding when adding new fields to this struct (add them in
+	// the right place/order).
 	EditionFeatures struct {
+		// StripEnumPrefix determines if the plugin generates enum value
+		// constants as-is, with their prefix stripped, or both variants.
+		StripEnumPrefix int
+
 		// IsFieldPresence is true if field_presence is EXPLICIT
 		// https://protobuf.dev/editions/features/#field_presence
 		IsFieldPresence bool
+
 		// IsFieldPresence is true if field_presence is LEGACY_REQUIRED
 		// https://protobuf.dev/editions/features/#field_presence
 		IsLegacyRequired bool
+
 		// IsOpenEnum is true if enum_type is OPEN
 		// https://protobuf.dev/editions/features/#enum_type
 		IsOpenEnum bool
+
 		// IsPacked is true if repeated_field_encoding is PACKED
 		// https://protobuf.dev/editions/features/#repeated_field_encoding
 		IsPacked bool
+
 		// IsUTF8Validated is true if utf_validation is VERIFY
 		// https://protobuf.dev/editions/features/#utf8_validation
 		IsUTF8Validated bool
+
 		// IsDelimitedEncoded is true if message_encoding is DELIMITED
 		// https://protobuf.dev/editions/features/#message_encoding
 		IsDelimitedEncoded bool
+
 		// IsJSONCompliant is true if json_format is ALLOW
 		// https://protobuf.dev/editions/features/#json_format
 		IsJSONCompliant bool
+
 		// GenerateLegacyUnmarshalJSON determines if the plugin generates the
 		// UnmarshalJSON([]byte) error method for enums.
 		GenerateLegacyUnmarshalJSON bool
+		// APILevel controls which API (Open, Hybrid or Opaque) should be used
+		// for generated code (.pb.go files).
+		APILevel int
 	}
 )
 
@@ -108,9 +127,12 @@ func (fd *File) ParentFile() protoreflect.FileDescriptor { return fd }
 func (fd *File) Parent() protoreflect.Descriptor         { return nil }
 func (fd *File) Index() int                              { return 0 }
 func (fd *File) Syntax() protoreflect.Syntax             { return fd.L1.Syntax }
-func (fd *File) Name() protoreflect.Name                 { return fd.L1.Package.Name() }
-func (fd *File) FullName() protoreflect.FullName         { return fd.L1.Package }
-func (fd *File) IsPlaceholder() bool                     { return false }
+
+// Not exported and just used to reconstruct the original FileDescriptor proto
+func (fd *File) Edition() int32                  { return int32(fd.L1.Edition) }
+func (fd *File) Name() protoreflect.Name         { return fd.L1.Package.Name() }
+func (fd *File) FullName() protoreflect.FullName { return fd.L1.Package }
+func (fd *File) IsPlaceholder() bool             { return false }
 func (fd *File) Options() protoreflect.ProtoMessage {
 	if f := fd.lazyInit().Options; f != nil {
 		return f()
@@ -202,6 +224,9 @@ func (ed *Enum) lazyInit() *EnumL2 {
 	ed.L0.ParentFile.lazyInit() // implicitly initializes L2
 	return ed.L2
 }
+func (ed *Enum) IsClosed() bool {
+	return !ed.L1.EditionFeatures.IsOpenEnum
+}
 
 func (ed *EnumValue) Options() protoreflect.ProtoMessage {
 	if f := ed.L1.Options; f != nil {
@@ -251,10 +276,7 @@ type (
 		StringName       stringName
 		IsProto3Optional bool // promoted from google.protobuf.FieldDescriptorProto
 		IsWeak           bool // promoted from google.protobuf.FieldOptions
-		HasPacked        bool // promoted from google.protobuf.FieldOptions
-		IsPacked         bool // promoted from google.protobuf.FieldOptions
-		HasEnforceUTF8   bool // promoted from google.protobuf.FieldOptions
-		EnforceUTF8      bool // promoted from google.protobuf.FieldOptions
+		IsLazy           bool // promoted from google.protobuf.FieldOptions
 		Default          defaultValue
 		ContainingOneof  protoreflect.OneofDescriptor // must be consistent with Message.Oneofs.Fields
 		Enum             protoreflect.EnumDescriptor
@@ -331,8 +353,7 @@ func (fd *Field) HasPresence() bool {
 	if fd.L1.Cardinality == protoreflect.Repeated {
 		return false
 	}
-	explicitFieldPresence := fd.Syntax() == protoreflect.Editions && fd.L1.EditionFeatures.IsFieldPresence
-	return fd.Syntax() == protoreflect.Proto2 || explicitFieldPresence || fd.L1.Message != nil || fd.L1.ContainingOneof != nil
+	return fd.IsExtension() || fd.L1.EditionFeatures.IsFieldPresence || fd.L1.Message != nil || fd.L1.ContainingOneof != nil
 }
 func (fd *Field) HasOptionalKeyword() bool {
 	return (fd.L0.ParentFile.L1.Syntax == protoreflect.Proto2 && fd.L1.Cardinality == protoreflect.Optional && fd.L1.ContainingOneof == nil) || fd.L1.IsProto3Optional
@@ -345,17 +366,11 @@ func (fd *Field) IsPacked() bool {
 	case protoreflect.StringKind, protoreflect.BytesKind, protoreflect.MessageKind, protoreflect.GroupKind:
 		return false
 	}
-	if fd.L0.ParentFile.L1.Syntax == protoreflect.Editions {
-		return fd.L1.EditionFeatures.IsPacked
-	}
-	if fd.L0.ParentFile.L1.Syntax == protoreflect.Proto3 {
-		// proto3 repeated fields are packed by default.
-		return !fd.L1.HasPacked || fd.L1.IsPacked
-	}
-	return fd.L1.IsPacked
+	return fd.L1.EditionFeatures.IsPacked
 }
 func (fd *Field) IsExtension() bool { return false }
 func (fd *Field) IsWeak() bool      { return fd.L1.IsWeak }
+func (fd *Field) IsLazy() bool      { return fd.L1.IsLazy }
 func (fd *Field) IsList() bool      { return fd.Cardinality() == protoreflect.Repeated && !fd.IsMap() }
 func (fd *Field) IsMap() bool       { return fd.Message() != nil && fd.Message().IsMapEntry() }
 func (fd *Field) MapKey() protoreflect.FieldDescriptor {
@@ -388,6 +403,10 @@ func (fd *Field) Message() protoreflect.MessageDescriptor {
 	}
 	return fd.L1.Message
 }
+func (fd *Field) IsMapEntry() bool {
+	parent, ok := fd.L0.Parent.(protoreflect.MessageDescriptor)
+	return ok && parent.IsMapEntry()
+}
 func (fd *Field) Format(s fmt.State, r rune)             { descfmt.FormatDesc(s, r, fd) }
 func (fd *Field) ProtoType(protoreflect.FieldDescriptor) {}
 
@@ -399,13 +418,7 @@ func (fd *Field) ProtoType(protoreflect.FieldDescriptor) {}
 // WARNING: This method is exempt from the compatibility promise and may be
 // removed in the future without warning.
 func (fd *Field) EnforceUTF8() bool {
-	if fd.L0.ParentFile.L1.Syntax == protoreflect.Editions {
-		return fd.L1.EditionFeatures.IsUTF8Validated
-	}
-	if fd.L1.HasEnforceUTF8 {
-		return fd.L1.EnforceUTF8
-	}
-	return fd.L0.ParentFile.L1.Syntax == protoreflect.Proto3
+	return fd.L1.EditionFeatures.IsUTF8Validated
 }
 
 func (od *Oneof) IsSynthetic() bool {
@@ -432,13 +445,13 @@ type (
 		Extendee        protoreflect.MessageDescriptor
 		Cardinality     protoreflect.Cardinality
 		Kind            protoreflect.Kind
+		IsLazy          bool
 		EditionFeatures EditionFeatures
 	}
 	ExtensionL2 struct {
 		Options          func() protoreflect.ProtoMessage
 		StringName       stringName
 		IsProto3Optional bool // promoted from google.protobuf.FieldDescriptorProto
-		IsPacked         bool // promoted from google.protobuf.FieldOptions
 		Default          defaultValue
 		Enum             protoreflect.EnumDescriptor
 		Message          protoreflect.MessageDescriptor
@@ -461,9 +474,19 @@ func (xd *Extension) HasPresence() bool                     { return xd.L1.Cardi
 func (xd *Extension) HasOptionalKeyword() bool {
 	return (xd.L0.ParentFile.L1.Syntax == protoreflect.Proto2 && xd.L1.Cardinality == protoreflect.Optional) || xd.lazyInit().IsProto3Optional
 }
-func (xd *Extension) IsPacked() bool                         { return xd.lazyInit().IsPacked }
+func (xd *Extension) IsPacked() bool {
+	if xd.L1.Cardinality != protoreflect.Repeated {
+		return false
+	}
+	switch xd.L1.Kind {
+	case protoreflect.StringKind, protoreflect.BytesKind, protoreflect.MessageKind, protoreflect.GroupKind:
+		return false
+	}
+	return xd.L1.EditionFeatures.IsPacked
+}
 func (xd *Extension) IsExtension() bool                      { return true }
 func (xd *Extension) IsWeak() bool                           { return false }
+func (xd *Extension) IsLazy() bool                           { return xd.L1.IsLazy }
 func (xd *Extension) IsList() bool                           { return xd.Cardinality() == protoreflect.Repeated }
 func (xd *Extension) IsMap() bool                            { return false }
 func (xd *Extension) MapKey() protoreflect.FieldDescriptor   { return nil }
@@ -542,8 +565,9 @@ func (md *Method) ProtoInternal(pragma.DoNotImplement)     {}
 // Surrogate files are can be used to create standalone descriptors
 // where the syntax is only information derived from the parent file.
 var (
-	SurrogateProto2 = &File{L1: FileL1{Syntax: protoreflect.Proto2}, L2: &FileL2{}}
-	SurrogateProto3 = &File{L1: FileL1{Syntax: protoreflect.Proto3}, L2: &FileL2{}}
+	SurrogateProto2      = &File{L1: FileL1{Syntax: protoreflect.Proto2}, L2: &FileL2{}}
+	SurrogateProto3      = &File{L1: FileL1{Syntax: protoreflect.Proto3}, L2: &FileL2{}}
+	SurrogateEdition2023 = &File{L1: FileL1{Syntax: protoreflect.Editions, Edition: Edition2023}, L2: &FileL2{}}
 )
 
 type (
@@ -585,6 +609,34 @@ func (s *stringName) InitJSON(name string) {
 	s.nameJSON = name
 }
 
+// Returns true if this field is structured like the synthetic field of a proto2
+// group. This allows us to expand our treatment of delimited fields without
+// breaking proto2 files that have been upgraded to editions.
+func isGroupLike(fd protoreflect.FieldDescriptor) bool {
+	// Groups are always group types.
+	if fd.Kind() != protoreflect.GroupKind {
+		return false
+	}
+
+	// Group fields are always the lowercase type name.
+	if strings.ToLower(string(fd.Message().Name())) != string(fd.Name()) {
+		return false
+	}
+
+	// Groups could only be defined in the same file they're used.
+	if fd.Message().ParentFile() != fd.ParentFile() {
+		return false
+	}
+
+	// Group messages are always defined in the same scope as the field.  File
+	// level extensions will compare NULL == NULL here, which is why the file
+	// comparison above is necessary to ensure both come from the same file.
+	if fd.IsExtension() {
+		return fd.Parent() == fd.Message().Parent()
+	}
+	return fd.ContainingMessage() == fd.Message().Parent()
+}
+
 func (s *stringName) lazyInit(fd protoreflect.FieldDescriptor) *stringName {
 	s.once.Do(func() {
 		if fd.IsExtension() {
@@ -605,7 +657,7 @@ func (s *stringName) lazyInit(fd protoreflect.FieldDescriptor) *stringName {
 
 			// Format the text name.
 			s.nameText = string(fd.Name())
-			if fd.Kind() == protoreflect.GroupKind {
+			if isGroupLike(fd) {
 				s.nameText = string(fd.Message().Name())
 			}
 		}
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go
index 237e64fd2..d2f549497 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go
@@ -113,8 +113,10 @@ func (fd *File) unmarshalSeed(b []byte) {
 				switch string(v) {
 				case "proto2":
 					fd.L1.Syntax = protoreflect.Proto2
+					fd.L1.Edition = EditionProto2
 				case "proto3":
 					fd.L1.Syntax = protoreflect.Proto3
+					fd.L1.Edition = EditionProto3
 				case "editions":
 					fd.L1.Syntax = protoreflect.Editions
 				default:
@@ -177,11 +179,10 @@ func (fd *File) unmarshalSeed(b []byte) {
 	// If syntax is missing, it is assumed to be proto2.
 	if fd.L1.Syntax == 0 {
 		fd.L1.Syntax = protoreflect.Proto2
+		fd.L1.Edition = EditionProto2
 	}
 
-	if fd.L1.Syntax == protoreflect.Editions {
-		fd.L1.EditionFeatures = getFeaturesFor(fd.L1.Edition)
-	}
+	fd.L1.EditionFeatures = getFeaturesFor(fd.L1.Edition)
 
 	// Parse editions features from options if any
 	if options != nil {
@@ -267,6 +268,7 @@ func (ed *Enum) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd protorefl
 	ed.L0.ParentFile = pf
 	ed.L0.Parent = pd
 	ed.L0.Index = i
+	ed.L1.EditionFeatures = featuresFromParentDesc(ed.Parent())
 
 	var numValues int
 	for b := b; len(b) > 0; {
@@ -443,6 +445,7 @@ func (xd *Extension) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd prot
 	xd.L0.ParentFile = pf
 	xd.L0.Parent = pd
 	xd.L0.Index = i
+	xd.L1.EditionFeatures = featuresFromParentDesc(pd)
 
 	for len(b) > 0 {
 		num, typ, n := protowire.ConsumeTag(b)
@@ -467,6 +470,40 @@ func (xd *Extension) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd prot
 				xd.L0.FullName = appendFullName(sb, pd.FullName(), v)
 			case genid.FieldDescriptorProto_Extendee_field_number:
 				xd.L1.Extendee = PlaceholderMessage(makeFullName(sb, v))
+			case genid.FieldDescriptorProto_Options_field_number:
+				xd.unmarshalOptions(v)
+			}
+		default:
+			m := protowire.ConsumeFieldValue(num, typ, b)
+			b = b[m:]
+		}
+	}
+
+	if xd.L1.Kind == protoreflect.MessageKind && xd.L1.EditionFeatures.IsDelimitedEncoded {
+		xd.L1.Kind = protoreflect.GroupKind
+	}
+}
+
+func (xd *Extension) unmarshalOptions(b []byte) {
+	for len(b) > 0 {
+		num, typ, n := protowire.ConsumeTag(b)
+		b = b[n:]
+		switch typ {
+		case protowire.VarintType:
+			v, m := protowire.ConsumeVarint(b)
+			b = b[m:]
+			switch num {
+			case genid.FieldOptions_Packed_field_number:
+				xd.L1.EditionFeatures.IsPacked = protowire.DecodeBool(v)
+			case genid.FieldOptions_Lazy_field_number:
+				xd.L1.IsLazy = protowire.DecodeBool(v)
+			}
+		case protowire.BytesType:
+			v, m := protowire.ConsumeBytes(b)
+			b = b[m:]
+			switch num {
+			case genid.FieldOptions_Features_field_number:
+				xd.L1.EditionFeatures = unmarshalFeatureSet(v, xd.L1.EditionFeatures)
 			}
 		default:
 			m := protowire.ConsumeFieldValue(num, typ, b)
@@ -499,7 +536,7 @@ func (sd *Service) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd protor
 }
 
 var nameBuilderPool = sync.Pool{
-	New: func() interface{} { return new(strs.Builder) },
+	New: func() any { return new(strs.Builder) },
 }
 
 func getBuilder() *strs.Builder {
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go
index 482a61cc1..67a51b327 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go
@@ -45,6 +45,11 @@ func (file *File) resolveMessages() {
 			case protoreflect.MessageKind, protoreflect.GroupKind:
 				fd.L1.Message = file.resolveMessageDependency(fd.L1.Message, listFieldDeps, depIdx)
 				depIdx++
+				if fd.L1.Kind == protoreflect.GroupKind && (fd.IsMap() || fd.IsMapEntry()) {
+					// A map field might inherit delimited encoding from a file-wide default feature.
+					// But maps never actually use delimited encoding. (At least for now...)
+					fd.L1.Kind = protoreflect.MessageKind
+				}
 			}
 
 			// Default is resolved here since it depends on Enum being resolved.
@@ -466,10 +471,10 @@ func (fd *Field) unmarshalFull(b []byte, sb *strs.Builder, pf *File, pd protoref
 			b = b[m:]
 		}
 	}
-	if fd.Syntax() == protoreflect.Editions && fd.L1.Kind == protoreflect.MessageKind && fd.L1.EditionFeatures.IsDelimitedEncoded {
+	if fd.L1.Kind == protoreflect.MessageKind && fd.L1.EditionFeatures.IsDelimitedEncoded {
 		fd.L1.Kind = protoreflect.GroupKind
 	}
-	if fd.Syntax() == protoreflect.Editions && fd.L1.EditionFeatures.IsLegacyRequired {
+	if fd.L1.EditionFeatures.IsLegacyRequired {
 		fd.L1.Cardinality = protoreflect.Required
 	}
 	if rawTypeName != nil {
@@ -496,13 +501,13 @@ func (fd *Field) unmarshalOptions(b []byte) {
 			b = b[m:]
 			switch num {
 			case genid.FieldOptions_Packed_field_number:
-				fd.L1.HasPacked = true
-				fd.L1.IsPacked = protowire.DecodeBool(v)
+				fd.L1.EditionFeatures.IsPacked = protowire.DecodeBool(v)
 			case genid.FieldOptions_Weak_field_number:
 				fd.L1.IsWeak = protowire.DecodeBool(v)
+			case genid.FieldOptions_Lazy_field_number:
+				fd.L1.IsLazy = protowire.DecodeBool(v)
 			case FieldOptions_EnforceUTF8:
-				fd.L1.HasEnforceUTF8 = true
-				fd.L1.EnforceUTF8 = protowire.DecodeBool(v)
+				fd.L1.EditionFeatures.IsUTF8Validated = protowire.DecodeBool(v)
 			}
 		case protowire.BytesType:
 			v, m := protowire.ConsumeBytes(b)
@@ -548,7 +553,6 @@ func (od *Oneof) unmarshalFull(b []byte, sb *strs.Builder, pf *File, pd protoref
 func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 	var rawTypeName []byte
 	var rawOptions []byte
-	xd.L1.EditionFeatures = featuresFromParentDesc(xd.L1.Extendee)
 	xd.L2 = new(ExtensionL2)
 	for len(b) > 0 {
 		num, typ, n := protowire.ConsumeTag(b)
@@ -572,7 +576,6 @@ func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 			case genid.FieldDescriptorProto_TypeName_field_number:
 				rawTypeName = v
 			case genid.FieldDescriptorProto_Options_field_number:
-				xd.unmarshalOptions(v)
 				rawOptions = appendOptions(rawOptions, v)
 			}
 		default:
@@ -580,12 +583,6 @@ func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 			b = b[m:]
 		}
 	}
-	if xd.Syntax() == protoreflect.Editions && xd.L1.Kind == protoreflect.MessageKind && xd.L1.EditionFeatures.IsDelimitedEncoded {
-		xd.L1.Kind = protoreflect.GroupKind
-	}
-	if xd.Syntax() == protoreflect.Editions && xd.L1.EditionFeatures.IsLegacyRequired {
-		xd.L1.Cardinality = protoreflect.Required
-	}
 	if rawTypeName != nil {
 		name := makeFullName(sb, rawTypeName)
 		switch xd.L1.Kind {
@@ -598,32 +595,6 @@ func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 	xd.L2.Options = xd.L0.ParentFile.builder.optionsUnmarshaler(&descopts.Field, rawOptions)
 }
 
-func (xd *Extension) unmarshalOptions(b []byte) {
-	for len(b) > 0 {
-		num, typ, n := protowire.ConsumeTag(b)
-		b = b[n:]
-		switch typ {
-		case protowire.VarintType:
-			v, m := protowire.ConsumeVarint(b)
-			b = b[m:]
-			switch num {
-			case genid.FieldOptions_Packed_field_number:
-				xd.L2.IsPacked = protowire.DecodeBool(v)
-			}
-		case protowire.BytesType:
-			v, m := protowire.ConsumeBytes(b)
-			b = b[m:]
-			switch num {
-			case genid.FieldOptions_Features_field_number:
-				xd.L1.EditionFeatures = unmarshalFeatureSet(v, xd.L1.EditionFeatures)
-			}
-		default:
-			m := protowire.ConsumeFieldValue(num, typ, b)
-			b = b[m:]
-		}
-	}
-}
-
 func (sd *Service) unmarshalFull(b []byte, sb *strs.Builder) {
 	var rawMethods [][]byte
 	var rawOptions []byte
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc_list_gen.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc_list_gen.go
index 30db19fdc..f4107c05f 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc_list_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc_list_gen.go
@@ -8,6 +8,7 @@ package filedesc
 
 import (
 	"fmt"
+	"strings"
 	"sync"
 
 	"google.golang.org/protobuf/internal/descfmt"
@@ -198,6 +199,16 @@ func (p *Fields) lazyInit() *Fields {
 				if _, ok := p.byText[d.TextName()]; !ok {
 					p.byText[d.TextName()] = d
 				}
+				if isGroupLike(d) {
+					lowerJSONName := strings.ToLower(d.JSONName())
+					if _, ok := p.byJSON[lowerJSONName]; !ok {
+						p.byJSON[lowerJSONName] = d
+					}
+					lowerTextName := strings.ToLower(d.TextName())
+					if _, ok := p.byText[lowerTextName]; !ok {
+						p.byText[lowerTextName] = d
+					}
+				}
 				if _, ok := p.byNum[d.Number()]; !ok {
 					p.byNum[d.Number()] = d
 				}
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/editions.go b/vendor/google.golang.org/protobuf/internal/filedesc/editions.go
index 0375a49d4..10132c9b3 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/editions.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/editions.go
@@ -14,9 +14,13 @@ import (
 )
 
 var defaultsCache = make(map[Edition]EditionFeatures)
+var defaultsKeys = []Edition{}
 
 func init() {
 	unmarshalEditionDefaults(editiondefaults.Defaults)
+	SurrogateProto2.L1.EditionFeatures = getFeaturesFor(EditionProto2)
+	SurrogateProto3.L1.EditionFeatures = getFeaturesFor(EditionProto3)
+	SurrogateEdition2023.L1.EditionFeatures = getFeaturesFor(Edition2023)
 }
 
 func unmarshalGoFeature(b []byte, parent EditionFeatures) EditionFeatures {
@@ -28,6 +32,14 @@ func unmarshalGoFeature(b []byte, parent EditionFeatures) EditionFeatures {
 			v, m := protowire.ConsumeVarint(b)
 			b = b[m:]
 			parent.GenerateLegacyUnmarshalJSON = protowire.DecodeBool(v)
+		case genid.GoFeatures_ApiLevel_field_number:
+			v, m := protowire.ConsumeVarint(b)
+			b = b[m:]
+			parent.APILevel = int(v)
+		case genid.GoFeatures_StripEnumPrefix_field_number:
+			v, m := protowire.ConsumeVarint(b)
+			b = b[m:]
+			parent.StripEnumPrefix = int(v)
 		default:
 			panic(fmt.Sprintf("unkown field number %d while unmarshalling GoFeatures", num))
 		}
@@ -64,7 +76,7 @@ func unmarshalFeatureSet(b []byte, parent EditionFeatures) EditionFeatures {
 			v, m := protowire.ConsumeBytes(b)
 			b = b[m:]
 			switch num {
-			case genid.GoFeatures_LegacyUnmarshalJsonEnum_field_number:
+			case genid.FeatureSet_Go_ext_number:
 				parent = unmarshalGoFeature(v, parent)
 			}
 		}
@@ -104,12 +116,15 @@ func unmarshalEditionDefault(b []byte) {
 			v, m := protowire.ConsumeBytes(b)
 			b = b[m:]
 			switch num {
-			case genid.FeatureSetDefaults_FeatureSetEditionDefault_Features_field_number:
+			case genid.FeatureSetDefaults_FeatureSetEditionDefault_FixedFeatures_field_number:
+				fs = unmarshalFeatureSet(v, fs)
+			case genid.FeatureSetDefaults_FeatureSetEditionDefault_OverridableFeatures_field_number:
 				fs = unmarshalFeatureSet(v, fs)
 			}
 		}
 	}
 	defaultsCache[ed] = fs
+	defaultsKeys = append(defaultsKeys, ed)
 }
 
 func unmarshalEditionDefaults(b []byte) {
@@ -135,8 +150,15 @@ func unmarshalEditionDefaults(b []byte) {
 }
 
 func getFeaturesFor(ed Edition) EditionFeatures {
-	if def, ok := defaultsCache[ed]; ok {
-		return def
+	match := EditionUnknown
+	for _, key := range defaultsKeys {
+		if key > ed {
+			break
+		}
+		match = key
+	}
+	if match == EditionUnknown {
+		panic(fmt.Sprintf("unsupported edition: %v", ed))
 	}
-	panic(fmt.Sprintf("unsupported edition: %v", ed))
+	return defaultsCache[match]
 }
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/placeholder.go b/vendor/google.golang.org/protobuf/internal/filedesc/placeholder.go
index 28240ebc5..bfb3b8417 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/placeholder.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/placeholder.go
@@ -63,6 +63,7 @@ func (e PlaceholderEnum) Options() protoreflect.ProtoMessage        { return des
 func (e PlaceholderEnum) Values() protoreflect.EnumValueDescriptors { return emptyEnumValues }
 func (e PlaceholderEnum) ReservedNames() protoreflect.Names         { return emptyNames }
 func (e PlaceholderEnum) ReservedRanges() protoreflect.EnumRanges   { return emptyEnumRanges }
+func (e PlaceholderEnum) IsClosed() bool                            { return false }
 func (e PlaceholderEnum) ProtoType(protoreflect.EnumDescriptor)     { return }
 func (e PlaceholderEnum) ProtoInternal(pragma.DoNotImplement)       { return }
 
diff --git a/vendor/google.golang.org/protobuf/internal/filetype/build.go b/vendor/google.golang.org/protobuf/internal/filetype/build.go
index f0e38c4ef..ba83fea44 100644
--- a/vendor/google.golang.org/protobuf/internal/filetype/build.go
+++ b/vendor/google.golang.org/protobuf/internal/filetype/build.go
@@ -68,7 +68,7 @@ type Builder struct {
 	// and for input and output messages referenced by service methods.
 	// Dependencies must come after declarations, but the ordering of
 	// dependencies themselves is unspecified.
-	GoTypes []interface{}
+	GoTypes []any
 
 	// DependencyIndexes is an ordered list of indexes into GoTypes for the
 	// dependencies of messages, extensions, or services.
@@ -268,7 +268,7 @@ func (x depIdxs) Get(i, j int32) int32 {
 
 type (
 	resolverByIndex struct {
-		goTypes []interface{}
+		goTypes []any
 		depIdxs depIdxs
 		fileRegistry
 	}
diff --git a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
index 40272c893..f30ab6b58 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
@@ -21,6 +21,7 @@ const (
 // Enum values for google.protobuf.Edition.
 const (
 	Edition_EDITION_UNKNOWN_enum_value         = 0
+	Edition_EDITION_LEGACY_enum_value          = 900
 	Edition_EDITION_PROTO2_enum_value          = 998
 	Edition_EDITION_PROTO3_enum_value          = 999
 	Edition_EDITION_2023_enum_value            = 1000
@@ -653,6 +654,7 @@ const (
 	FieldOptions_Targets_field_name             protoreflect.Name = "targets"
 	FieldOptions_EditionDefaults_field_name     protoreflect.Name = "edition_defaults"
 	FieldOptions_Features_field_name            protoreflect.Name = "features"
+	FieldOptions_FeatureSupport_field_name      protoreflect.Name = "feature_support"
 	FieldOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
 	FieldOptions_Ctype_field_fullname               protoreflect.FullName = "google.protobuf.FieldOptions.ctype"
@@ -667,6 +669,7 @@ const (
 	FieldOptions_Targets_field_fullname             protoreflect.FullName = "google.protobuf.FieldOptions.targets"
 	FieldOptions_EditionDefaults_field_fullname     protoreflect.FullName = "google.protobuf.FieldOptions.edition_defaults"
 	FieldOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.FieldOptions.features"
+	FieldOptions_FeatureSupport_field_fullname      protoreflect.FullName = "google.protobuf.FieldOptions.feature_support"
 	FieldOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.uninterpreted_option"
 )
 
@@ -684,6 +687,7 @@ const (
 	FieldOptions_Targets_field_number             protoreflect.FieldNumber = 19
 	FieldOptions_EditionDefaults_field_number     protoreflect.FieldNumber = 20
 	FieldOptions_Features_field_number            protoreflect.FieldNumber = 21
+	FieldOptions_FeatureSupport_field_number      protoreflect.FieldNumber = 22
 	FieldOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
 
@@ -767,6 +771,33 @@ const (
 	FieldOptions_EditionDefault_Value_field_number   protoreflect.FieldNumber = 2
 )
 
+// Names for google.protobuf.FieldOptions.FeatureSupport.
+const (
+	FieldOptions_FeatureSupport_message_name     protoreflect.Name     = "FeatureSupport"
+	FieldOptions_FeatureSupport_message_fullname protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport"
+)
+
+// Field names for google.protobuf.FieldOptions.FeatureSupport.
+const (
+	FieldOptions_FeatureSupport_EditionIntroduced_field_name  protoreflect.Name = "edition_introduced"
+	FieldOptions_FeatureSupport_EditionDeprecated_field_name  protoreflect.Name = "edition_deprecated"
+	FieldOptions_FeatureSupport_DeprecationWarning_field_name protoreflect.Name = "deprecation_warning"
+	FieldOptions_FeatureSupport_EditionRemoved_field_name     protoreflect.Name = "edition_removed"
+
+	FieldOptions_FeatureSupport_EditionIntroduced_field_fullname  protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport.edition_introduced"
+	FieldOptions_FeatureSupport_EditionDeprecated_field_fullname  protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport.edition_deprecated"
+	FieldOptions_FeatureSupport_DeprecationWarning_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport.deprecation_warning"
+	FieldOptions_FeatureSupport_EditionRemoved_field_fullname     protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport.edition_removed"
+)
+
+// Field numbers for google.protobuf.FieldOptions.FeatureSupport.
+const (
+	FieldOptions_FeatureSupport_EditionIntroduced_field_number  protoreflect.FieldNumber = 1
+	FieldOptions_FeatureSupport_EditionDeprecated_field_number  protoreflect.FieldNumber = 2
+	FieldOptions_FeatureSupport_DeprecationWarning_field_number protoreflect.FieldNumber = 3
+	FieldOptions_FeatureSupport_EditionRemoved_field_number     protoreflect.FieldNumber = 4
+)
+
 // Names for google.protobuf.OneofOptions.
 const (
 	OneofOptions_message_name     protoreflect.Name     = "OneofOptions"
@@ -829,11 +860,13 @@ const (
 	EnumValueOptions_Deprecated_field_name          protoreflect.Name = "deprecated"
 	EnumValueOptions_Features_field_name            protoreflect.Name = "features"
 	EnumValueOptions_DebugRedact_field_name         protoreflect.Name = "debug_redact"
+	EnumValueOptions_FeatureSupport_field_name      protoreflect.Name = "feature_support"
 	EnumValueOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
 	EnumValueOptions_Deprecated_field_fullname          protoreflect.FullName = "google.protobuf.EnumValueOptions.deprecated"
 	EnumValueOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.EnumValueOptions.features"
 	EnumValueOptions_DebugRedact_field_fullname         protoreflect.FullName = "google.protobuf.EnumValueOptions.debug_redact"
+	EnumValueOptions_FeatureSupport_field_fullname      protoreflect.FullName = "google.protobuf.EnumValueOptions.feature_support"
 	EnumValueOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.EnumValueOptions.uninterpreted_option"
 )
 
@@ -842,6 +875,7 @@ const (
 	EnumValueOptions_Deprecated_field_number          protoreflect.FieldNumber = 1
 	EnumValueOptions_Features_field_number            protoreflect.FieldNumber = 2
 	EnumValueOptions_DebugRedact_field_number         protoreflect.FieldNumber = 3
+	EnumValueOptions_FeatureSupport_field_number      protoreflect.FieldNumber = 4
 	EnumValueOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
 
@@ -1110,17 +1144,20 @@ const (
 
 // Field names for google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.
 const (
-	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_name  protoreflect.Name = "edition"
-	FeatureSetDefaults_FeatureSetEditionDefault_Features_field_name protoreflect.Name = "features"
+	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_name             protoreflect.Name = "edition"
+	FeatureSetDefaults_FeatureSetEditionDefault_OverridableFeatures_field_name protoreflect.Name = "overridable_features"
+	FeatureSetDefaults_FeatureSetEditionDefault_FixedFeatures_field_name       protoreflect.Name = "fixed_features"
 
-	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_fullname  protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.edition"
-	FeatureSetDefaults_FeatureSetEditionDefault_Features_field_fullname protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.features"
+	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_fullname             protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.edition"
+	FeatureSetDefaults_FeatureSetEditionDefault_OverridableFeatures_field_fullname protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.overridable_features"
+	FeatureSetDefaults_FeatureSetEditionDefault_FixedFeatures_field_fullname       protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.fixed_features"
 )
 
 // Field numbers for google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.
 const (
-	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_number  protoreflect.FieldNumber = 3
-	FeatureSetDefaults_FeatureSetEditionDefault_Features_field_number protoreflect.FieldNumber = 2
+	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_number             protoreflect.FieldNumber = 3
+	FeatureSetDefaults_FeatureSetEditionDefault_OverridableFeatures_field_number protoreflect.FieldNumber = 4
+	FeatureSetDefaults_FeatureSetEditionDefault_FixedFeatures_field_number       protoreflect.FieldNumber = 5
 )
 
 // Names for google.protobuf.SourceCodeInfo.
diff --git a/vendor/google.golang.org/protobuf/internal/genid/doc.go b/vendor/google.golang.org/protobuf/internal/genid/doc.go
index 45ccd0121..d9b9d916a 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/doc.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/doc.go
@@ -6,6 +6,6 @@
 // and the well-known types.
 package genid
 
-import protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+import "google.golang.org/protobuf/reflect/protoreflect"
 
 const GoogleProtobuf_package protoreflect.FullName = "google.protobuf"
diff --git a/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go b/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go
index fd9015e8e..f5ee7f5c2 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go
@@ -10,22 +10,61 @@ import (
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 )
 
-const File_reflect_protodesc_proto_go_features_proto = "reflect/protodesc/proto/go_features.proto"
+const File_google_protobuf_go_features_proto = "google/protobuf/go_features.proto"
 
-// Names for google.protobuf.GoFeatures.
+// Names for pb.GoFeatures.
 const (
 	GoFeatures_message_name     protoreflect.Name     = "GoFeatures"
-	GoFeatures_message_fullname protoreflect.FullName = "google.protobuf.GoFeatures"
+	GoFeatures_message_fullname protoreflect.FullName = "pb.GoFeatures"
 )
 
-// Field names for google.protobuf.GoFeatures.
+// Field names for pb.GoFeatures.
 const (
 	GoFeatures_LegacyUnmarshalJsonEnum_field_name protoreflect.Name = "legacy_unmarshal_json_enum"
+	GoFeatures_ApiLevel_field_name                protoreflect.Name = "api_level"
+	GoFeatures_StripEnumPrefix_field_name         protoreflect.Name = "strip_enum_prefix"
 
-	GoFeatures_LegacyUnmarshalJsonEnum_field_fullname protoreflect.FullName = "google.protobuf.GoFeatures.legacy_unmarshal_json_enum"
+	GoFeatures_LegacyUnmarshalJsonEnum_field_fullname protoreflect.FullName = "pb.GoFeatures.legacy_unmarshal_json_enum"
+	GoFeatures_ApiLevel_field_fullname                protoreflect.FullName = "pb.GoFeatures.api_level"
+	GoFeatures_StripEnumPrefix_field_fullname         protoreflect.FullName = "pb.GoFeatures.strip_enum_prefix"
 )
 
-// Field numbers for google.protobuf.GoFeatures.
+// Field numbers for pb.GoFeatures.
 const (
 	GoFeatures_LegacyUnmarshalJsonEnum_field_number protoreflect.FieldNumber = 1
+	GoFeatures_ApiLevel_field_number                protoreflect.FieldNumber = 2
+	GoFeatures_StripEnumPrefix_field_number         protoreflect.FieldNumber = 3
+)
+
+// Full and short names for pb.GoFeatures.APILevel.
+const (
+	GoFeatures_APILevel_enum_fullname = "pb.GoFeatures.APILevel"
+	GoFeatures_APILevel_enum_name     = "APILevel"
+)
+
+// Enum values for pb.GoFeatures.APILevel.
+const (
+	GoFeatures_API_LEVEL_UNSPECIFIED_enum_value = 0
+	GoFeatures_API_OPEN_enum_value              = 1
+	GoFeatures_API_HYBRID_enum_value            = 2
+	GoFeatures_API_OPAQUE_enum_value            = 3
+)
+
+// Full and short names for pb.GoFeatures.StripEnumPrefix.
+const (
+	GoFeatures_StripEnumPrefix_enum_fullname = "pb.GoFeatures.StripEnumPrefix"
+	GoFeatures_StripEnumPrefix_enum_name     = "StripEnumPrefix"
+)
+
+// Enum values for pb.GoFeatures.StripEnumPrefix.
+const (
+	GoFeatures_STRIP_ENUM_PREFIX_UNSPECIFIED_enum_value   = 0
+	GoFeatures_STRIP_ENUM_PREFIX_KEEP_enum_value          = 1
+	GoFeatures_STRIP_ENUM_PREFIX_GENERATE_BOTH_enum_value = 2
+	GoFeatures_STRIP_ENUM_PREFIX_STRIP_enum_value         = 3
+)
+
+// Extension numbers
+const (
+	FeatureSet_Go_ext_number protoreflect.FieldNumber = 1002
 )
diff --git a/vendor/google.golang.org/protobuf/internal/genid/map_entry.go b/vendor/google.golang.org/protobuf/internal/genid/map_entry.go
index 8f9ea02ff..bef5a25fb 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/map_entry.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/map_entry.go
@@ -4,7 +4,7 @@
 
 package genid
 
-import protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+import "google.golang.org/protobuf/reflect/protoreflect"
 
 // Generic field names and numbers for synthetic map entry messages.
 const (
diff --git a/vendor/google.golang.org/protobuf/internal/genid/name.go b/vendor/google.golang.org/protobuf/internal/genid/name.go
new file mode 100644
index 000000000..224f33930
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/genid/name.go
@@ -0,0 +1,12 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package genid
+
+const (
+	NoUnkeyedLiteral_goname  = "noUnkeyedLiteral"
+	NoUnkeyedLiteralA_goname = "XXX_NoUnkeyedLiteral"
+
+	BuilderSuffix_goname = "_builder"
+)
diff --git a/vendor/google.golang.org/protobuf/internal/genid/wrappers.go b/vendor/google.golang.org/protobuf/internal/genid/wrappers.go
index 429384b85..9404270de 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/wrappers.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/wrappers.go
@@ -4,7 +4,7 @@
 
 package genid
 
-import protoreflect "google.golang.org/protobuf/reflect/protoreflect"
+import "google.golang.org/protobuf/reflect/protoreflect"
 
 // Generic field name and number for messages in wrappers.proto.
 const (
diff --git a/vendor/google.golang.org/protobuf/internal/impl/api_export.go b/vendor/google.golang.org/protobuf/internal/impl/api_export.go
index a371f98de..5d5771c2e 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/api_export.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/api_export.go
@@ -22,13 +22,13 @@ type Export struct{}
 
 // NewError formats a string according to the format specifier and arguments and
 // returns an error that has a "proto" prefix.
-func (Export) NewError(f string, x ...interface{}) error {
+func (Export) NewError(f string, x ...any) error {
 	return errors.New(f, x...)
 }
 
 // enum is any enum type generated by protoc-gen-go
 // and must be a named int32 type.
-type enum = interface{}
+type enum = any
 
 // EnumOf returns the protoreflect.Enum interface over e.
 // It returns nil if e is nil.
@@ -81,7 +81,7 @@ func (Export) EnumStringOf(ed protoreflect.EnumDescriptor, n protoreflect.EnumNu
 
 // message is any message type generated by protoc-gen-go
 // and must be a pointer to a named struct type.
-type message = interface{}
+type message = any
 
 // legacyMessageWrapper wraps a v2 message as a v1 message.
 type legacyMessageWrapper struct{ m protoreflect.ProtoMessage }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/api_export_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/api_export_opaque.go
new file mode 100644
index 000000000..6075d6f69
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/api_export_opaque.go
@@ -0,0 +1,128 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package impl
+
+import (
+	"strconv"
+	"sync/atomic"
+	"unsafe"
+
+	"google.golang.org/protobuf/reflect/protoreflect"
+)
+
+func (Export) UnmarshalField(msg any, fieldNum int32) {
+	UnmarshalField(msg.(protoreflect.ProtoMessage).ProtoReflect(), protoreflect.FieldNumber(fieldNum))
+}
+
+// Present checks the presence set for a certain field number (zero
+// based, ordered by appearance in original proto file). part is
+// a pointer to the correct element in the bitmask array, num is the
+// field number unaltered.  Example (field number 70 -> part =
+// &m.XXX_presence[1], num = 70)
+func (Export) Present(part *uint32, num uint32) bool {
+	// This hook will read an unprotected shadow presence set if
+	// we're unning under the race detector
+	raceDetectHookPresent(part, num)
+	return atomic.LoadUint32(part)&(1<<(num%32)) > 0
+}
+
+// SetPresent adds a field to the presence set. part is a pointer to
+// the relevant element in the array and num is the field number
+// unaltered.  size is the number of fields in the protocol
+// buffer.
+func (Export) SetPresent(part *uint32, num uint32, size uint32) {
+	// This hook will mutate an unprotected shadow presence set if
+	// we're running under the race detector
+	raceDetectHookSetPresent(part, num, presenceSize(size))
+	for {
+		old := atomic.LoadUint32(part)
+		if atomic.CompareAndSwapUint32(part, old, old|(1<<(num%32))) {
+			return
+		}
+	}
+}
+
+// SetPresentNonAtomic is like SetPresent, but operates non-atomically.
+// It is meant for use by builder methods, where the message is known not
+// to be accessible yet by other goroutines.
+func (Export) SetPresentNonAtomic(part *uint32, num uint32, size uint32) {
+	// This hook will mutate an unprotected shadow presence set if
+	// we're running under the race detector
+	raceDetectHookSetPresent(part, num, presenceSize(size))
+	*part |= 1 << (num % 32)
+}
+
+// ClearPresence removes a field from the presence set. part is a
+// pointer to the relevant element in the presence array and num is
+// the field number unaltered.
+func (Export) ClearPresent(part *uint32, num uint32) {
+	// This hook will mutate an unprotected shadow presence set if
+	// we're running under the race detector
+	raceDetectHookClearPresent(part, num)
+	for {
+		old := atomic.LoadUint32(part)
+		if atomic.CompareAndSwapUint32(part, old, old&^(1<<(num%32))) {
+			return
+		}
+	}
+}
+
+// interfaceToPointer takes a pointer to an empty interface whose value is a
+// pointer type, and converts it into a "pointer" that points to the same
+// target
+func interfaceToPointer(i *any) pointer {
+	return pointer{p: (*[2]unsafe.Pointer)(unsafe.Pointer(i))[1]}
+}
+
+func (p pointer) atomicGetPointer() pointer {
+	return pointer{p: atomic.LoadPointer((*unsafe.Pointer)(p.p))}
+}
+
+func (p pointer) atomicSetPointer(q pointer) {
+	atomic.StorePointer((*unsafe.Pointer)(p.p), q.p)
+}
+
+// AtomicCheckPointerIsNil takes an interface (which is a pointer to a
+// pointer) and returns true if the pointed-to pointer is nil (using an
+// atomic load).  This function is inlineable and, on x86, just becomes a
+// simple load and compare.
+func (Export) AtomicCheckPointerIsNil(ptr any) bool {
+	return interfaceToPointer(&ptr).atomicGetPointer().IsNil()
+}
+
+// AtomicSetPointer takes two interfaces (first is a pointer to a pointer,
+// second is a pointer) and atomically sets the second pointer into location
+// referenced by first pointer.  Unfortunately, atomicSetPointer() does not inline
+// (even on x86), so this does not become a simple store on x86.
+func (Export) AtomicSetPointer(dstPtr, valPtr any) {
+	interfaceToPointer(&dstPtr).atomicSetPointer(interfaceToPointer(&valPtr))
+}
+
+// AtomicLoadPointer loads the pointer at the location pointed at by src,
+// and stores that pointer value into the location pointed at by dst.
+func (Export) AtomicLoadPointer(ptr Pointer, dst Pointer) {
+	*(*unsafe.Pointer)(unsafe.Pointer(dst)) = atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(ptr)))
+}
+
+// AtomicInitializePointer makes ptr and dst point to the same value.
+//
+// If *ptr is a nil pointer, it sets *ptr = *dst.
+//
+// If *ptr is a non-nil pointer, it sets *dst = *ptr.
+func (Export) AtomicInitializePointer(ptr Pointer, dst Pointer) {
+	if !atomic.CompareAndSwapPointer((*unsafe.Pointer)(ptr), unsafe.Pointer(nil), *(*unsafe.Pointer)(dst)) {
+		*(*unsafe.Pointer)(unsafe.Pointer(dst)) = atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(ptr)))
+	}
+}
+
+// MessageFieldStringOf returns the field formatted as a string,
+// either as the field name if resolvable otherwise as a decimal string.
+func (Export) MessageFieldStringOf(md protoreflect.MessageDescriptor, n protoreflect.FieldNumber) string {
+	fd := md.Fields().ByNumber(n)
+	if fd != nil {
+		return string(fd.Name())
+	}
+	return strconv.Itoa(int(n))
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/bitmap.go b/vendor/google.golang.org/protobuf/internal/impl/bitmap.go
new file mode 100644
index 000000000..ea276547c
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/bitmap.go
@@ -0,0 +1,34 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !race
+
+package impl
+
+// There is no additional data as we're not running under race detector.
+type RaceDetectHookData struct{}
+
+// Empty stubs for when not using the race detector. Calls to these from index.go should be optimized away.
+func (presence) raceDetectHookPresent(num uint32)                       {}
+func (presence) raceDetectHookSetPresent(num uint32, size presenceSize) {}
+func (presence) raceDetectHookClearPresent(num uint32)                  {}
+func (presence) raceDetectHookAllocAndCopy(src presence)                {}
+
+// raceDetectHookPresent is called by the generated file interface
+// (*proto.internalFuncs) Present to optionally read an unprotected
+// shadow bitmap when race detection is enabled. In regular code it is
+// a noop.
+func raceDetectHookPresent(field *uint32, num uint32) {}
+
+// raceDetectHookSetPresent is called by the generated file interface
+// (*proto.internalFuncs) SetPresent to optionally write an unprotected
+// shadow bitmap when race detection is enabled. In regular code it is
+// a noop.
+func raceDetectHookSetPresent(field *uint32, num uint32, size presenceSize) {}
+
+// raceDetectHookClearPresent is called by the generated file interface
+// (*proto.internalFuncs) ClearPresent to optionally write an unprotected
+// shadow bitmap when race detection is enabled. In regular code it is
+// a noop.
+func raceDetectHookClearPresent(field *uint32, num uint32) {}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/bitmap_race.go b/vendor/google.golang.org/protobuf/internal/impl/bitmap_race.go
new file mode 100644
index 000000000..e9a27583a
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/bitmap_race.go
@@ -0,0 +1,126 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build race
+
+package impl
+
+// When running under race detector, we add a presence map of bytes, that we can access
+// in the hook functions so that we trigger the race detection whenever we have concurrent
+// Read-Writes or Write-Writes. The race detector does not otherwise detect invalid concurrent
+// access to lazy fields as all updates of bitmaps and pointers are done using atomic operations.
+type RaceDetectHookData struct {
+	shadowPresence *[]byte
+}
+
+// Hooks for presence bitmap operations that allocate, read and write the shadowPresence
+// using non-atomic operations.
+func (data *RaceDetectHookData) raceDetectHookAlloc(size presenceSize) {
+	sp := make([]byte, size)
+	atomicStoreShadowPresence(&data.shadowPresence, &sp)
+}
+
+func (p presence) raceDetectHookPresent(num uint32) {
+	data := p.toRaceDetectData()
+	if data == nil {
+		return
+	}
+	sp := atomicLoadShadowPresence(&data.shadowPresence)
+	if sp != nil {
+		_ = (*sp)[num]
+	}
+}
+
+func (p presence) raceDetectHookSetPresent(num uint32, size presenceSize) {
+	data := p.toRaceDetectData()
+	if data == nil {
+		return
+	}
+	sp := atomicLoadShadowPresence(&data.shadowPresence)
+	if sp == nil {
+		data.raceDetectHookAlloc(size)
+		sp = atomicLoadShadowPresence(&data.shadowPresence)
+	}
+	(*sp)[num] = 1
+}
+
+func (p presence) raceDetectHookClearPresent(num uint32) {
+	data := p.toRaceDetectData()
+	if data == nil {
+		return
+	}
+	sp := atomicLoadShadowPresence(&data.shadowPresence)
+	if sp != nil {
+		(*sp)[num] = 0
+
+	}
+}
+
+// raceDetectHookAllocAndCopy allocates a new shadowPresence slice at lazy and copies
+// shadowPresence bytes from src to lazy.
+func (p presence) raceDetectHookAllocAndCopy(q presence) {
+	sData := q.toRaceDetectData()
+	dData := p.toRaceDetectData()
+	if sData == nil {
+		return
+	}
+	srcSp := atomicLoadShadowPresence(&sData.shadowPresence)
+	if srcSp == nil {
+		atomicStoreShadowPresence(&dData.shadowPresence, nil)
+		return
+	}
+	n := len(*srcSp)
+	dSlice := make([]byte, n)
+	atomicStoreShadowPresence(&dData.shadowPresence, &dSlice)
+	for i := 0; i < n; i++ {
+		dSlice[i] = (*srcSp)[i]
+	}
+}
+
+// raceDetectHookPresent is called by the generated file interface
+// (*proto.internalFuncs) Present to optionally read an unprotected
+// shadow bitmap when race detection is enabled. In regular code it is
+// a noop.
+func raceDetectHookPresent(field *uint32, num uint32) {
+	data := findPointerToRaceDetectData(field, num)
+	if data == nil {
+		return
+	}
+	sp := atomicLoadShadowPresence(&data.shadowPresence)
+	if sp != nil {
+		_ = (*sp)[num]
+	}
+}
+
+// raceDetectHookSetPresent is called by the generated file interface
+// (*proto.internalFuncs) SetPresent to optionally write an unprotected
+// shadow bitmap when race detection is enabled. In regular code it is
+// a noop.
+func raceDetectHookSetPresent(field *uint32, num uint32, size presenceSize) {
+	data := findPointerToRaceDetectData(field, num)
+	if data == nil {
+		return
+	}
+	sp := atomicLoadShadowPresence(&data.shadowPresence)
+	if sp == nil {
+		data.raceDetectHookAlloc(size)
+		sp = atomicLoadShadowPresence(&data.shadowPresence)
+	}
+	(*sp)[num] = 1
+}
+
+// raceDetectHookClearPresent is called by the generated file interface
+// (*proto.internalFuncs) ClearPresent to optionally write an unprotected
+// shadow bitmap when race detection is enabled. In regular code it is
+// a noop.
+func raceDetectHookClearPresent(field *uint32, num uint32) {
+	data := findPointerToRaceDetectData(field, num)
+	if data == nil {
+		return
+	}
+	sp := atomicLoadShadowPresence(&data.shadowPresence)
+	if sp != nil {
+		(*sp)[num] = 0
+	}
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/checkinit.go b/vendor/google.golang.org/protobuf/internal/impl/checkinit.go
index bff041edc..fe2c719ce 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/checkinit.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/checkinit.go
@@ -35,6 +35,12 @@ func (mi *MessageInfo) checkInitializedPointer(p pointer) error {
 		}
 		return nil
 	}
+
+	var presence presence
+	if mi.presenceOffset.IsValid() {
+		presence = p.Apply(mi.presenceOffset).PresenceInfo()
+	}
+
 	if mi.extensionOffset.IsValid() {
 		e := p.Apply(mi.extensionOffset).Extensions()
 		if err := mi.isInitExtensions(e); err != nil {
@@ -45,6 +51,33 @@ func (mi *MessageInfo) checkInitializedPointer(p pointer) error {
 		if !f.isRequired && f.funcs.isInit == nil {
 			continue
 		}
+
+		if f.presenceIndex != noPresence {
+			if !presence.Present(f.presenceIndex) {
+				if f.isRequired {
+					return errors.RequiredNotSet(string(mi.Desc.Fields().ByNumber(f.num).FullName()))
+				}
+				continue
+			}
+			if f.funcs.isInit != nil {
+				f.mi.init()
+				if f.mi.needsInitCheck {
+					if f.isLazy && p.Apply(f.offset).AtomicGetPointer().IsNil() {
+						lazy := *p.Apply(mi.lazyOffset).LazyInfoPtr()
+						if !lazy.AllowedPartial() {
+							// Nothing to see here, it was checked on unmarshal
+							continue
+						}
+						mi.lazyUnmarshal(p, f.num)
+					}
+					if err := f.funcs.isInit(p.Apply(f.offset), f); err != nil {
+						return err
+					}
+				}
+			}
+			continue
+		}
+
 		fptr := p.Apply(f.offset)
 		if f.isPointer && fptr.Elem().IsNil() {
 			if f.isRequired {
@@ -68,7 +101,7 @@ func (mi *MessageInfo) isInitExtensions(ext *map[int32]ExtensionField) error {
 	}
 	for _, x := range *ext {
 		ei := getExtensionFieldInfo(x.Type())
-		if ei.funcs.isInit == nil {
+		if ei.funcs.isInit == nil || x.isUnexpandedLazy() {
 			continue
 		}
 		v := x.Value()
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go b/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go
index 2b8f122c2..0d5b546e0 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go
@@ -67,7 +67,6 @@ type lazyExtensionValue struct {
 	xi         *extensionFieldInfo
 	value      protoreflect.Value
 	b          []byte
-	fn         func() protoreflect.Value
 }
 
 type ExtensionField struct {
@@ -99,6 +98,28 @@ func (f *ExtensionField) canLazy(xt protoreflect.ExtensionType) bool {
 	return false
 }
 
+// isUnexpandedLazy returns true if the ExensionField is lazy and not
+// yet expanded, which means it's present and already checked for
+// initialized required fields.
+func (f *ExtensionField) isUnexpandedLazy() bool {
+	return f.lazy != nil && atomic.LoadUint32(&f.lazy.atomicOnce) == 0
+}
+
+// lazyBuffer retrieves the buffer for a lazy extension if it's not yet expanded.
+//
+// The returned buffer has to be kept over whatever operation we're planning,
+// as re-retrieving it will fail after the message is lazily decoded.
+func (f *ExtensionField) lazyBuffer() []byte {
+	// This function might be in the critical path, so check the atomic without
+	// taking a look first, then only take the lock if needed.
+	if !f.isUnexpandedLazy() {
+		return nil
+	}
+	f.lazy.mu.Lock()
+	defer f.lazy.mu.Unlock()
+	return f.lazy.b
+}
+
 func (f *ExtensionField) lazyInit() {
 	f.lazy.mu.Lock()
 	defer f.lazy.mu.Unlock()
@@ -136,10 +157,9 @@ func (f *ExtensionField) lazyInit() {
 		}
 		f.lazy.value = val
 	} else {
-		f.lazy.value = f.lazy.fn()
+		panic("No support for lazy fns for ExtensionField")
 	}
 	f.lazy.xi = nil
-	f.lazy.fn = nil
 	f.lazy.b = nil
 	atomic.StoreUint32(&f.lazy.atomicOnce, 1)
 }
@@ -152,13 +172,6 @@ func (f *ExtensionField) Set(t protoreflect.ExtensionType, v protoreflect.Value)
 	f.lazy = nil
 }
 
-// SetLazy sets the type and a value that is to be lazily evaluated upon first use.
-// This must not be called concurrently.
-func (f *ExtensionField) SetLazy(t protoreflect.ExtensionType, fn func() protoreflect.Value) {
-	f.typ = t
-	f.lazy = &lazyExtensionValue{fn: fn}
-}
-
 // Value returns the value of the extension field.
 // This may be called concurrently.
 func (f *ExtensionField) Value() protoreflect.Value {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_field.go b/vendor/google.golang.org/protobuf/internal/impl/codec_field.go
index 3fadd241e..7c1f66c8c 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_field.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_field.go
@@ -65,6 +65,9 @@ func (mi *MessageInfo) initOneofFieldCoders(od protoreflect.OneofDescriptor, si
 			if err != nil {
 				return out, err
 			}
+			if cf.funcs.isInit == nil {
+				out.initialized = true
+			}
 			vi.Set(vw)
 			return out, nil
 		}
@@ -233,9 +236,15 @@ func sizeMessageInfo(p pointer, f *coderFieldInfo, opts marshalOptions) int {
 }
 
 func appendMessageInfo(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	calculatedSize := f.mi.sizePointer(p.Elem(), opts)
 	b = protowire.AppendVarint(b, f.wiretag)
-	b = protowire.AppendVarint(b, uint64(f.mi.sizePointer(p.Elem(), opts)))
-	return f.mi.marshalAppendPointer(b, p.Elem(), opts)
+	b = protowire.AppendVarint(b, uint64(calculatedSize))
+	before := len(b)
+	b, err := f.mi.marshalAppendPointer(b, p.Elem(), opts)
+	if measuredSize := len(b) - before; calculatedSize != measuredSize && err == nil {
+		return nil, errors.MismatchedSizeCalculation(calculatedSize, measuredSize)
+	}
+	return b, err
 }
 
 func consumeMessageInfo(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
@@ -262,14 +271,21 @@ func isInitMessageInfo(p pointer, f *coderFieldInfo) error {
 	return f.mi.checkInitializedPointer(p.Elem())
 }
 
-func sizeMessage(m proto.Message, tagsize int, _ marshalOptions) int {
-	return protowire.SizeBytes(proto.Size(m)) + tagsize
+func sizeMessage(m proto.Message, tagsize int, opts marshalOptions) int {
+	return protowire.SizeBytes(opts.Options().Size(m)) + tagsize
 }
 
 func appendMessage(b []byte, m proto.Message, wiretag uint64, opts marshalOptions) ([]byte, error) {
+	mopts := opts.Options()
+	calculatedSize := mopts.Size(m)
 	b = protowire.AppendVarint(b, wiretag)
-	b = protowire.AppendVarint(b, uint64(proto.Size(m)))
-	return opts.Options().MarshalAppend(b, m)
+	b = protowire.AppendVarint(b, uint64(calculatedSize))
+	before := len(b)
+	b, err := mopts.MarshalAppend(b, m)
+	if measuredSize := len(b) - before; calculatedSize != measuredSize && err == nil {
+		return nil, errors.MismatchedSizeCalculation(calculatedSize, measuredSize)
+	}
+	return b, err
 }
 
 func consumeMessage(b []byte, m proto.Message, wtyp protowire.Type, opts unmarshalOptions) (out unmarshalOutput, err error) {
@@ -405,8 +421,8 @@ func consumeGroupType(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInf
 	return f.mi.unmarshalPointer(b, p.Elem(), f.num, opts)
 }
 
-func sizeGroup(m proto.Message, tagsize int, _ marshalOptions) int {
-	return 2*tagsize + proto.Size(m)
+func sizeGroup(m proto.Message, tagsize int, opts marshalOptions) int {
+	return 2*tagsize + opts.Options().Size(m)
 }
 
 func appendGroup(b []byte, m proto.Message, wiretag uint64, opts marshalOptions) ([]byte, error) {
@@ -482,10 +498,14 @@ func appendMessageSliceInfo(b []byte, p pointer, f *coderFieldInfo, opts marshal
 		b = protowire.AppendVarint(b, f.wiretag)
 		siz := f.mi.sizePointer(v, opts)
 		b = protowire.AppendVarint(b, uint64(siz))
+		before := len(b)
 		b, err = f.mi.marshalAppendPointer(b, v, opts)
 		if err != nil {
 			return b, err
 		}
+		if measuredSize := len(b) - before; siz != measuredSize {
+			return nil, errors.MismatchedSizeCalculation(siz, measuredSize)
+		}
 	}
 	return b, nil
 }
@@ -520,28 +540,34 @@ func isInitMessageSliceInfo(p pointer, f *coderFieldInfo) error {
 	return nil
 }
 
-func sizeMessageSlice(p pointer, goType reflect.Type, tagsize int, _ marshalOptions) int {
+func sizeMessageSlice(p pointer, goType reflect.Type, tagsize int, opts marshalOptions) int {
+	mopts := opts.Options()
 	s := p.PointerSlice()
 	n := 0
 	for _, v := range s {
 		m := asMessage(v.AsValueOf(goType.Elem()))
-		n += protowire.SizeBytes(proto.Size(m)) + tagsize
+		n += protowire.SizeBytes(mopts.Size(m)) + tagsize
 	}
 	return n
 }
 
 func appendMessageSlice(b []byte, p pointer, wiretag uint64, goType reflect.Type, opts marshalOptions) ([]byte, error) {
+	mopts := opts.Options()
 	s := p.PointerSlice()
 	var err error
 	for _, v := range s {
 		m := asMessage(v.AsValueOf(goType.Elem()))
 		b = protowire.AppendVarint(b, wiretag)
-		siz := proto.Size(m)
+		siz := mopts.Size(m)
 		b = protowire.AppendVarint(b, uint64(siz))
-		b, err = opts.Options().MarshalAppend(b, m)
+		before := len(b)
+		b, err = mopts.MarshalAppend(b, m)
 		if err != nil {
 			return b, err
 		}
+		if measuredSize := len(b) - before; siz != measuredSize {
+			return nil, errors.MismatchedSizeCalculation(siz, measuredSize)
+		}
 	}
 	return b, nil
 }
@@ -582,11 +608,12 @@ func isInitMessageSlice(p pointer, goType reflect.Type) error {
 // Slices of messages
 
 func sizeMessageSliceValue(listv protoreflect.Value, tagsize int, opts marshalOptions) int {
+	mopts := opts.Options()
 	list := listv.List()
 	n := 0
 	for i, llen := 0, list.Len(); i < llen; i++ {
 		m := list.Get(i).Message().Interface()
-		n += protowire.SizeBytes(proto.Size(m)) + tagsize
+		n += protowire.SizeBytes(mopts.Size(m)) + tagsize
 	}
 	return n
 }
@@ -597,13 +624,17 @@ func appendMessageSliceValue(b []byte, listv protoreflect.Value, wiretag uint64,
 	for i, llen := 0, list.Len(); i < llen; i++ {
 		m := list.Get(i).Message().Interface()
 		b = protowire.AppendVarint(b, wiretag)
-		siz := proto.Size(m)
+		siz := mopts.Size(m)
 		b = protowire.AppendVarint(b, uint64(siz))
+		before := len(b)
 		var err error
 		b, err = mopts.MarshalAppend(b, m)
 		if err != nil {
 			return b, err
 		}
+		if measuredSize := len(b) - before; siz != measuredSize {
+			return nil, errors.MismatchedSizeCalculation(siz, measuredSize)
+		}
 	}
 	return b, nil
 }
@@ -651,11 +682,12 @@ var coderMessageSliceValue = valueCoderFuncs{
 }
 
 func sizeGroupSliceValue(listv protoreflect.Value, tagsize int, opts marshalOptions) int {
+	mopts := opts.Options()
 	list := listv.List()
 	n := 0
 	for i, llen := 0, list.Len(); i < llen; i++ {
 		m := list.Get(i).Message().Interface()
-		n += 2*tagsize + proto.Size(m)
+		n += 2*tagsize + mopts.Size(m)
 	}
 	return n
 }
@@ -738,12 +770,13 @@ func makeGroupSliceFieldCoder(fd protoreflect.FieldDescriptor, ft reflect.Type)
 	}
 }
 
-func sizeGroupSlice(p pointer, messageType reflect.Type, tagsize int, _ marshalOptions) int {
+func sizeGroupSlice(p pointer, messageType reflect.Type, tagsize int, opts marshalOptions) int {
+	mopts := opts.Options()
 	s := p.PointerSlice()
 	n := 0
 	for _, v := range s {
 		m := asMessage(v.AsValueOf(messageType.Elem()))
-		n += 2*tagsize + proto.Size(m)
+		n += 2*tagsize + mopts.Size(m)
 	}
 	return n
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_field_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/codec_field_opaque.go
new file mode 100644
index 000000000..76818ea25
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_field_opaque.go
@@ -0,0 +1,264 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package impl
+
+import (
+	"fmt"
+	"reflect"
+
+	"google.golang.org/protobuf/encoding/protowire"
+	"google.golang.org/protobuf/internal/errors"
+	"google.golang.org/protobuf/reflect/protoreflect"
+)
+
+func makeOpaqueMessageFieldCoder(fd protoreflect.FieldDescriptor, ft reflect.Type) (*MessageInfo, pointerCoderFuncs) {
+	mi := getMessageInfo(ft)
+	if mi == nil {
+		panic(fmt.Sprintf("invalid field: %v: unsupported message type %v", fd.FullName(), ft))
+	}
+	switch fd.Kind() {
+	case protoreflect.MessageKind:
+		return mi, pointerCoderFuncs{
+			size:      sizeOpaqueMessage,
+			marshal:   appendOpaqueMessage,
+			unmarshal: consumeOpaqueMessage,
+			isInit:    isInitOpaqueMessage,
+			merge:     mergeOpaqueMessage,
+		}
+	case protoreflect.GroupKind:
+		return mi, pointerCoderFuncs{
+			size:      sizeOpaqueGroup,
+			marshal:   appendOpaqueGroup,
+			unmarshal: consumeOpaqueGroup,
+			isInit:    isInitOpaqueMessage,
+			merge:     mergeOpaqueMessage,
+		}
+	}
+	panic("unexpected field kind")
+}
+
+func sizeOpaqueMessage(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
+	return protowire.SizeBytes(f.mi.sizePointer(p.AtomicGetPointer(), opts)) + f.tagsize
+}
+
+func appendOpaqueMessage(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	mp := p.AtomicGetPointer()
+	calculatedSize := f.mi.sizePointer(mp, opts)
+	b = protowire.AppendVarint(b, f.wiretag)
+	b = protowire.AppendVarint(b, uint64(calculatedSize))
+	before := len(b)
+	b, err := f.mi.marshalAppendPointer(b, mp, opts)
+	if measuredSize := len(b) - before; calculatedSize != measuredSize && err == nil {
+		return nil, errors.MismatchedSizeCalculation(calculatedSize, measuredSize)
+	}
+	return b, err
+}
+
+func consumeOpaqueMessage(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
+	if wtyp != protowire.BytesType {
+		return out, errUnknown
+	}
+	v, n := protowire.ConsumeBytes(b)
+	if n < 0 {
+		return out, errDecode
+	}
+	mp := p.AtomicGetPointer()
+	if mp.IsNil() {
+		mp = p.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.mi.GoReflectType.Elem())))
+	}
+	o, err := f.mi.unmarshalPointer(v, mp, 0, opts)
+	if err != nil {
+		return out, err
+	}
+	out.n = n
+	out.initialized = o.initialized
+	return out, nil
+}
+
+func isInitOpaqueMessage(p pointer, f *coderFieldInfo) error {
+	mp := p.AtomicGetPointer()
+	if mp.IsNil() {
+		return nil
+	}
+	return f.mi.checkInitializedPointer(mp)
+}
+
+func mergeOpaqueMessage(dst, src pointer, f *coderFieldInfo, opts mergeOptions) {
+	dstmp := dst.AtomicGetPointer()
+	if dstmp.IsNil() {
+		dstmp = dst.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.mi.GoReflectType.Elem())))
+	}
+	f.mi.mergePointer(dstmp, src.AtomicGetPointer(), opts)
+}
+
+func sizeOpaqueGroup(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
+	return 2*f.tagsize + f.mi.sizePointer(p.AtomicGetPointer(), opts)
+}
+
+func appendOpaqueGroup(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	b = protowire.AppendVarint(b, f.wiretag) // start group
+	b, err := f.mi.marshalAppendPointer(b, p.AtomicGetPointer(), opts)
+	b = protowire.AppendVarint(b, f.wiretag+1) // end group
+	return b, err
+}
+
+func consumeOpaqueGroup(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
+	if wtyp != protowire.StartGroupType {
+		return out, errUnknown
+	}
+	mp := p.AtomicGetPointer()
+	if mp.IsNil() {
+		mp = p.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.mi.GoReflectType.Elem())))
+	}
+	o, e := f.mi.unmarshalPointer(b, mp, f.num, opts)
+	return o, e
+}
+
+func makeOpaqueRepeatedMessageFieldCoder(fd protoreflect.FieldDescriptor, ft reflect.Type) (*MessageInfo, pointerCoderFuncs) {
+	if ft.Kind() != reflect.Ptr || ft.Elem().Kind() != reflect.Slice {
+		panic(fmt.Sprintf("invalid field: %v: unsupported type for opaque repeated message: %v", fd.FullName(), ft))
+	}
+	mt := ft.Elem().Elem() // *[]*T -> *T
+	mi := getMessageInfo(mt)
+	if mi == nil {
+		panic(fmt.Sprintf("invalid field: %v: unsupported message type %v", fd.FullName(), mt))
+	}
+	switch fd.Kind() {
+	case protoreflect.MessageKind:
+		return mi, pointerCoderFuncs{
+			size:      sizeOpaqueMessageSlice,
+			marshal:   appendOpaqueMessageSlice,
+			unmarshal: consumeOpaqueMessageSlice,
+			isInit:    isInitOpaqueMessageSlice,
+			merge:     mergeOpaqueMessageSlice,
+		}
+	case protoreflect.GroupKind:
+		return mi, pointerCoderFuncs{
+			size:      sizeOpaqueGroupSlice,
+			marshal:   appendOpaqueGroupSlice,
+			unmarshal: consumeOpaqueGroupSlice,
+			isInit:    isInitOpaqueMessageSlice,
+			merge:     mergeOpaqueMessageSlice,
+		}
+	}
+	panic("unexpected field kind")
+}
+
+func sizeOpaqueMessageSlice(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
+	s := p.AtomicGetPointer().PointerSlice()
+	n := 0
+	for _, v := range s {
+		n += protowire.SizeBytes(f.mi.sizePointer(v, opts)) + f.tagsize
+	}
+	return n
+}
+
+func appendOpaqueMessageSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	s := p.AtomicGetPointer().PointerSlice()
+	var err error
+	for _, v := range s {
+		b = protowire.AppendVarint(b, f.wiretag)
+		siz := f.mi.sizePointer(v, opts)
+		b = protowire.AppendVarint(b, uint64(siz))
+		before := len(b)
+		b, err = f.mi.marshalAppendPointer(b, v, opts)
+		if err != nil {
+			return b, err
+		}
+		if measuredSize := len(b) - before; siz != measuredSize {
+			return nil, errors.MismatchedSizeCalculation(siz, measuredSize)
+		}
+	}
+	return b, nil
+}
+
+func consumeOpaqueMessageSlice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
+	if wtyp != protowire.BytesType {
+		return out, errUnknown
+	}
+	v, n := protowire.ConsumeBytes(b)
+	if n < 0 {
+		return out, errDecode
+	}
+	mp := pointerOfValue(reflect.New(f.mi.GoReflectType.Elem()))
+	o, err := f.mi.unmarshalPointer(v, mp, 0, opts)
+	if err != nil {
+		return out, err
+	}
+	sp := p.AtomicGetPointer()
+	if sp.IsNil() {
+		sp = p.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.ft.Elem())))
+	}
+	sp.AppendPointerSlice(mp)
+	out.n = n
+	out.initialized = o.initialized
+	return out, nil
+}
+
+func isInitOpaqueMessageSlice(p pointer, f *coderFieldInfo) error {
+	sp := p.AtomicGetPointer()
+	if sp.IsNil() {
+		return nil
+	}
+	s := sp.PointerSlice()
+	for _, v := range s {
+		if err := f.mi.checkInitializedPointer(v); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func mergeOpaqueMessageSlice(dst, src pointer, f *coderFieldInfo, opts mergeOptions) {
+	ds := dst.AtomicGetPointer()
+	if ds.IsNil() {
+		ds = dst.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.ft.Elem())))
+	}
+	for _, sp := range src.AtomicGetPointer().PointerSlice() {
+		dm := pointerOfValue(reflect.New(f.mi.GoReflectType.Elem()))
+		f.mi.mergePointer(dm, sp, opts)
+		ds.AppendPointerSlice(dm)
+	}
+}
+
+func sizeOpaqueGroupSlice(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
+	s := p.AtomicGetPointer().PointerSlice()
+	n := 0
+	for _, v := range s {
+		n += 2*f.tagsize + f.mi.sizePointer(v, opts)
+	}
+	return n
+}
+
+func appendOpaqueGroupSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	s := p.AtomicGetPointer().PointerSlice()
+	var err error
+	for _, v := range s {
+		b = protowire.AppendVarint(b, f.wiretag) // start group
+		b, err = f.mi.marshalAppendPointer(b, v, opts)
+		if err != nil {
+			return b, err
+		}
+		b = protowire.AppendVarint(b, f.wiretag+1) // end group
+	}
+	return b, nil
+}
+
+func consumeOpaqueGroupSlice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
+	if wtyp != protowire.StartGroupType {
+		return out, errUnknown
+	}
+	mp := pointerOfValue(reflect.New(f.mi.GoReflectType.Elem()))
+	out, err = f.mi.unmarshalPointer(b, mp, f.num, opts)
+	if err != nil {
+		return out, err
+	}
+	sp := p.AtomicGetPointer()
+	if sp.IsNil() {
+		sp = p.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.ft.Elem())))
+	}
+	sp.AppendPointerSlice(mp)
+	return out, err
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_map.go b/vendor/google.golang.org/protobuf/internal/impl/codec_map.go
index 111b9d16f..fb35f0bae 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_map.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_map.go
@@ -9,6 +9,7 @@ import (
 	"sort"
 
 	"google.golang.org/protobuf/encoding/protowire"
+	"google.golang.org/protobuf/internal/errors"
 	"google.golang.org/protobuf/internal/genid"
 	"google.golang.org/protobuf/reflect/protoreflect"
 )
@@ -240,11 +241,16 @@ func appendMapItem(b []byte, keyrv, valrv reflect.Value, mapi *mapInfo, f *coder
 		size += mapi.keyFuncs.size(key.Value(), mapKeyTagSize, opts)
 		size += mapi.valFuncs.size(val, mapValTagSize, opts)
 		b = protowire.AppendVarint(b, uint64(size))
+		before := len(b)
 		b, err := mapi.keyFuncs.marshal(b, key.Value(), mapi.keyWiretag, opts)
 		if err != nil {
 			return nil, err
 		}
-		return mapi.valFuncs.marshal(b, val, mapi.valWiretag, opts)
+		b, err = mapi.valFuncs.marshal(b, val, mapi.valWiretag, opts)
+		if measuredSize := len(b) - before; size != measuredSize && err == nil {
+			return nil, errors.MismatchedSizeCalculation(size, measuredSize)
+		}
+		return b, err
 	} else {
 		key := mapi.conv.keyConv.PBValueOf(keyrv).MapKey()
 		val := pointerOfValue(valrv)
@@ -259,7 +265,12 @@ func appendMapItem(b []byte, keyrv, valrv reflect.Value, mapi *mapInfo, f *coder
 		}
 		b = protowire.AppendVarint(b, mapi.valWiretag)
 		b = protowire.AppendVarint(b, uint64(valSize))
-		return f.mi.marshalAppendPointer(b, val, opts)
+		before := len(b)
+		b, err = f.mi.marshalAppendPointer(b, val, opts)
+		if measuredSize := len(b) - before; valSize != measuredSize && err == nil {
+			return nil, errors.MismatchedSizeCalculation(valSize, measuredSize)
+		}
+		return b, err
 	}
 }
 
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_message.go b/vendor/google.golang.org/protobuf/internal/impl/codec_message.go
index 6b2fdbb73..2f7b363ec 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_message.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_message.go
@@ -32,6 +32,10 @@ type coderMessageInfo struct {
 	needsInitCheck     bool
 	isMessageSet       bool
 	numRequiredFields  uint8
+
+	lazyOffset     offset
+	presenceOffset offset
+	presenceSize   presenceSize
 }
 
 type coderFieldInfo struct {
@@ -45,12 +49,19 @@ type coderFieldInfo struct {
 	tagsize    int                      // size of the varint-encoded tag
 	isPointer  bool                     // true if IsNil may be called on the struct field
 	isRequired bool                     // true if field is required
+
+	isLazy        bool
+	presenceIndex uint32
 }
 
+const noPresence = 0xffffffff
+
 func (mi *MessageInfo) makeCoderMethods(t reflect.Type, si structInfo) {
 	mi.sizecacheOffset = invalidOffset
 	mi.unknownOffset = invalidOffset
 	mi.extensionOffset = invalidOffset
+	mi.lazyOffset = invalidOffset
+	mi.presenceOffset = si.presenceOffset
 
 	if si.sizecacheOffset.IsValid() && si.sizecacheType == sizecacheType {
 		mi.sizecacheOffset = si.sizecacheOffset
@@ -127,6 +138,8 @@ func (mi *MessageInfo) makeCoderMethods(t reflect.Type, si structInfo) {
 			validation: newFieldValidationInfo(mi, si, fd, ft),
 			isPointer:  fd.Cardinality() == protoreflect.Repeated || fd.HasPresence(),
 			isRequired: fd.Cardinality() == protoreflect.Required,
+
+			presenceIndex: noPresence,
 		}
 		mi.orderedCoderFields = append(mi.orderedCoderFields, cf)
 		mi.coderFields[cf.num] = cf
@@ -189,6 +202,9 @@ func (mi *MessageInfo) makeCoderMethods(t reflect.Type, si structInfo) {
 	if mi.methods.Merge == nil {
 		mi.methods.Merge = mi.merge
 	}
+	if mi.methods.Equal == nil {
+		mi.methods.Equal = equal
+	}
 }
 
 // getUnknownBytes returns a *[]byte for the unknown fields.
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_message_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/codec_message_opaque.go
new file mode 100644
index 000000000..88c16ae5b
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_message_opaque.go
@@ -0,0 +1,156 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package impl
+
+import (
+	"fmt"
+	"reflect"
+	"sort"
+
+	"google.golang.org/protobuf/encoding/protowire"
+	"google.golang.org/protobuf/internal/encoding/messageset"
+	"google.golang.org/protobuf/internal/order"
+	"google.golang.org/protobuf/reflect/protoreflect"
+	piface "google.golang.org/protobuf/runtime/protoiface"
+)
+
+func (mi *MessageInfo) makeOpaqueCoderMethods(t reflect.Type, si opaqueStructInfo) {
+	mi.sizecacheOffset = si.sizecacheOffset
+	mi.unknownOffset = si.unknownOffset
+	mi.unknownPtrKind = si.unknownType.Kind() == reflect.Ptr
+	mi.extensionOffset = si.extensionOffset
+	mi.lazyOffset = si.lazyOffset
+	mi.presenceOffset = si.presenceOffset
+
+	mi.coderFields = make(map[protowire.Number]*coderFieldInfo)
+	fields := mi.Desc.Fields()
+	for i := 0; i < fields.Len(); i++ {
+		fd := fields.Get(i)
+
+		fs := si.fieldsByNumber[fd.Number()]
+		if fd.ContainingOneof() != nil && !fd.ContainingOneof().IsSynthetic() {
+			fs = si.oneofsByName[fd.ContainingOneof().Name()]
+		}
+		ft := fs.Type
+		var wiretag uint64
+		if !fd.IsPacked() {
+			wiretag = protowire.EncodeTag(fd.Number(), wireTypes[fd.Kind()])
+		} else {
+			wiretag = protowire.EncodeTag(fd.Number(), protowire.BytesType)
+		}
+		var fieldOffset offset
+		var funcs pointerCoderFuncs
+		var childMessage *MessageInfo
+		switch {
+		case fd.ContainingOneof() != nil && !fd.ContainingOneof().IsSynthetic():
+			fieldOffset = offsetOf(fs, mi.Exporter)
+		case fd.IsWeak():
+			fieldOffset = si.weakOffset
+			funcs = makeWeakMessageFieldCoder(fd)
+		case fd.Message() != nil && !fd.IsMap():
+			fieldOffset = offsetOf(fs, mi.Exporter)
+			if fd.IsList() {
+				childMessage, funcs = makeOpaqueRepeatedMessageFieldCoder(fd, ft)
+			} else {
+				childMessage, funcs = makeOpaqueMessageFieldCoder(fd, ft)
+			}
+		default:
+			fieldOffset = offsetOf(fs, mi.Exporter)
+			childMessage, funcs = fieldCoder(fd, ft)
+		}
+		cf := &coderFieldInfo{
+			num:        fd.Number(),
+			offset:     fieldOffset,
+			wiretag:    wiretag,
+			ft:         ft,
+			tagsize:    protowire.SizeVarint(wiretag),
+			funcs:      funcs,
+			mi:         childMessage,
+			validation: newFieldValidationInfo(mi, si.structInfo, fd, ft),
+			isPointer: (fd.Cardinality() == protoreflect.Repeated ||
+				fd.Kind() == protoreflect.MessageKind ||
+				fd.Kind() == protoreflect.GroupKind),
+			isRequired:    fd.Cardinality() == protoreflect.Required,
+			presenceIndex: noPresence,
+		}
+
+		// TODO: Use presence for all fields.
+		//
+		// In some cases, such as maps, presence means only "might be set" rather
+		// than "is definitely set", but every field should have a presence bit to
+		// permit us to skip over definitely-unset fields at marshal time.
+
+		var hasPresence bool
+		hasPresence, cf.isLazy = usePresenceForField(si, fd)
+
+		if hasPresence {
+			cf.presenceIndex, mi.presenceSize = presenceIndex(mi.Desc, fd)
+		}
+
+		mi.orderedCoderFields = append(mi.orderedCoderFields, cf)
+		mi.coderFields[cf.num] = cf
+	}
+	for i, oneofs := 0, mi.Desc.Oneofs(); i < oneofs.Len(); i++ {
+		if od := oneofs.Get(i); !od.IsSynthetic() {
+			mi.initOneofFieldCoders(od, si.structInfo)
+		}
+	}
+	if messageset.IsMessageSet(mi.Desc) {
+		if !mi.extensionOffset.IsValid() {
+			panic(fmt.Sprintf("%v: MessageSet with no extensions field", mi.Desc.FullName()))
+		}
+		if !mi.unknownOffset.IsValid() {
+			panic(fmt.Sprintf("%v: MessageSet with no unknown field", mi.Desc.FullName()))
+		}
+		mi.isMessageSet = true
+	}
+	sort.Slice(mi.orderedCoderFields, func(i, j int) bool {
+		return mi.orderedCoderFields[i].num < mi.orderedCoderFields[j].num
+	})
+
+	var maxDense protoreflect.FieldNumber
+	for _, cf := range mi.orderedCoderFields {
+		if cf.num >= 16 && cf.num >= 2*maxDense {
+			break
+		}
+		maxDense = cf.num
+	}
+	mi.denseCoderFields = make([]*coderFieldInfo, maxDense+1)
+	for _, cf := range mi.orderedCoderFields {
+		if int(cf.num) > len(mi.denseCoderFields) {
+			break
+		}
+		mi.denseCoderFields[cf.num] = cf
+	}
+
+	// To preserve compatibility with historic wire output, marshal oneofs last.
+	if mi.Desc.Oneofs().Len() > 0 {
+		sort.Slice(mi.orderedCoderFields, func(i, j int) bool {
+			fi := fields.ByNumber(mi.orderedCoderFields[i].num)
+			fj := fields.ByNumber(mi.orderedCoderFields[j].num)
+			return order.LegacyFieldOrder(fi, fj)
+		})
+	}
+
+	mi.needsInitCheck = needsInitCheck(mi.Desc)
+	if mi.methods.Marshal == nil && mi.methods.Size == nil {
+		mi.methods.Flags |= piface.SupportMarshalDeterministic
+		mi.methods.Marshal = mi.marshal
+		mi.methods.Size = mi.size
+	}
+	if mi.methods.Unmarshal == nil {
+		mi.methods.Flags |= piface.SupportUnmarshalDiscardUnknown
+		mi.methods.Unmarshal = mi.unmarshal
+	}
+	if mi.methods.CheckInitialized == nil {
+		mi.methods.CheckInitialized = mi.checkInitialized
+	}
+	if mi.methods.Merge == nil {
+		mi.methods.Merge = mi.merge
+	}
+	if mi.methods.Equal == nil {
+		mi.methods.Equal = equal
+	}
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_messageset.go b/vendor/google.golang.org/protobuf/internal/impl/codec_messageset.go
index b7a23faf1..7a16ec13d 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_messageset.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_messageset.go
@@ -26,6 +26,15 @@ func sizeMessageSet(mi *MessageInfo, p pointer, opts marshalOptions) (size int)
 		}
 		num, _ := protowire.DecodeTag(xi.wiretag)
 		size += messageset.SizeField(num)
+		if fullyLazyExtensions(opts) {
+			// Don't expand the extension, instead use the buffer to calculate size
+			if lb := x.lazyBuffer(); lb != nil {
+				// We got hold of the buffer, so it's still lazy.
+				// Don't count the tag size in the extension buffer, it's already added.
+				size += protowire.SizeTag(messageset.FieldMessage) + len(lb) - xi.tagsize
+				continue
+			}
+		}
 		size += xi.funcs.size(x.Value(), protowire.SizeTag(messageset.FieldMessage), opts)
 	}
 
@@ -85,6 +94,19 @@ func marshalMessageSetField(mi *MessageInfo, b []byte, x ExtensionField, opts ma
 	xi := getExtensionFieldInfo(x.Type())
 	num, _ := protowire.DecodeTag(xi.wiretag)
 	b = messageset.AppendFieldStart(b, num)
+
+	if fullyLazyExtensions(opts) {
+		// Don't expand the extension if it's still in wire format, instead use the buffer content.
+		if lb := x.lazyBuffer(); lb != nil {
+			// The tag inside the lazy buffer is a different tag (the extension
+			// number), but what we need here is the tag for FieldMessage:
+			b = protowire.AppendVarint(b, protowire.EncodeTag(messageset.FieldMessage, protowire.BytesType))
+			b = append(b, lb[xi.tagsize:]...)
+			b = messageset.AppendFieldEnd(b)
+			return b, nil
+		}
+	}
+
 	b, err := xi.funcs.marshal(b, x.Value(), protowire.EncodeTag(messageset.FieldMessage, protowire.BytesType), opts)
 	if err != nil {
 		return b, err
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_reflect.go b/vendor/google.golang.org/protobuf/internal/impl/codec_reflect.go
deleted file mode 100644
index 145c577bd..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_reflect.go
+++ /dev/null
@@ -1,210 +0,0 @@
-// Copyright 2019 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build purego || appengine
-// +build purego appengine
-
-package impl
-
-import (
-	"reflect"
-
-	"google.golang.org/protobuf/encoding/protowire"
-)
-
-func sizeEnum(p pointer, f *coderFieldInfo, _ marshalOptions) (size int) {
-	v := p.v.Elem().Int()
-	return f.tagsize + protowire.SizeVarint(uint64(v))
-}
-
-func appendEnum(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	v := p.v.Elem().Int()
-	b = protowire.AppendVarint(b, f.wiretag)
-	b = protowire.AppendVarint(b, uint64(v))
-	return b, nil
-}
-
-func consumeEnum(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, _ unmarshalOptions) (out unmarshalOutput, err error) {
-	if wtyp != protowire.VarintType {
-		return out, errUnknown
-	}
-	v, n := protowire.ConsumeVarint(b)
-	if n < 0 {
-		return out, errDecode
-	}
-	p.v.Elem().SetInt(int64(v))
-	out.n = n
-	return out, nil
-}
-
-func mergeEnum(dst, src pointer, _ *coderFieldInfo, _ mergeOptions) {
-	dst.v.Elem().Set(src.v.Elem())
-}
-
-var coderEnum = pointerCoderFuncs{
-	size:      sizeEnum,
-	marshal:   appendEnum,
-	unmarshal: consumeEnum,
-	merge:     mergeEnum,
-}
-
-func sizeEnumNoZero(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
-	if p.v.Elem().Int() == 0 {
-		return 0
-	}
-	return sizeEnum(p, f, opts)
-}
-
-func appendEnumNoZero(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	if p.v.Elem().Int() == 0 {
-		return b, nil
-	}
-	return appendEnum(b, p, f, opts)
-}
-
-func mergeEnumNoZero(dst, src pointer, _ *coderFieldInfo, _ mergeOptions) {
-	if src.v.Elem().Int() != 0 {
-		dst.v.Elem().Set(src.v.Elem())
-	}
-}
-
-var coderEnumNoZero = pointerCoderFuncs{
-	size:      sizeEnumNoZero,
-	marshal:   appendEnumNoZero,
-	unmarshal: consumeEnum,
-	merge:     mergeEnumNoZero,
-}
-
-func sizeEnumPtr(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
-	return sizeEnum(pointer{p.v.Elem()}, f, opts)
-}
-
-func appendEnumPtr(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	return appendEnum(b, pointer{p.v.Elem()}, f, opts)
-}
-
-func consumeEnumPtr(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
-	if wtyp != protowire.VarintType {
-		return out, errUnknown
-	}
-	if p.v.Elem().IsNil() {
-		p.v.Elem().Set(reflect.New(p.v.Elem().Type().Elem()))
-	}
-	return consumeEnum(b, pointer{p.v.Elem()}, wtyp, f, opts)
-}
-
-func mergeEnumPtr(dst, src pointer, _ *coderFieldInfo, _ mergeOptions) {
-	if !src.v.Elem().IsNil() {
-		v := reflect.New(dst.v.Type().Elem().Elem())
-		v.Elem().Set(src.v.Elem().Elem())
-		dst.v.Elem().Set(v)
-	}
-}
-
-var coderEnumPtr = pointerCoderFuncs{
-	size:      sizeEnumPtr,
-	marshal:   appendEnumPtr,
-	unmarshal: consumeEnumPtr,
-	merge:     mergeEnumPtr,
-}
-
-func sizeEnumSlice(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
-	s := p.v.Elem()
-	for i, llen := 0, s.Len(); i < llen; i++ {
-		size += protowire.SizeVarint(uint64(s.Index(i).Int())) + f.tagsize
-	}
-	return size
-}
-
-func appendEnumSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	s := p.v.Elem()
-	for i, llen := 0, s.Len(); i < llen; i++ {
-		b = protowire.AppendVarint(b, f.wiretag)
-		b = protowire.AppendVarint(b, uint64(s.Index(i).Int()))
-	}
-	return b, nil
-}
-
-func consumeEnumSlice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
-	s := p.v.Elem()
-	if wtyp == protowire.BytesType {
-		b, n := protowire.ConsumeBytes(b)
-		if n < 0 {
-			return out, errDecode
-		}
-		for len(b) > 0 {
-			v, n := protowire.ConsumeVarint(b)
-			if n < 0 {
-				return out, errDecode
-			}
-			rv := reflect.New(s.Type().Elem()).Elem()
-			rv.SetInt(int64(v))
-			s.Set(reflect.Append(s, rv))
-			b = b[n:]
-		}
-		out.n = n
-		return out, nil
-	}
-	if wtyp != protowire.VarintType {
-		return out, errUnknown
-	}
-	v, n := protowire.ConsumeVarint(b)
-	if n < 0 {
-		return out, errDecode
-	}
-	rv := reflect.New(s.Type().Elem()).Elem()
-	rv.SetInt(int64(v))
-	s.Set(reflect.Append(s, rv))
-	out.n = n
-	return out, nil
-}
-
-func mergeEnumSlice(dst, src pointer, _ *coderFieldInfo, _ mergeOptions) {
-	dst.v.Elem().Set(reflect.AppendSlice(dst.v.Elem(), src.v.Elem()))
-}
-
-var coderEnumSlice = pointerCoderFuncs{
-	size:      sizeEnumSlice,
-	marshal:   appendEnumSlice,
-	unmarshal: consumeEnumSlice,
-	merge:     mergeEnumSlice,
-}
-
-func sizeEnumPackedSlice(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
-	s := p.v.Elem()
-	llen := s.Len()
-	if llen == 0 {
-		return 0
-	}
-	n := 0
-	for i := 0; i < llen; i++ {
-		n += protowire.SizeVarint(uint64(s.Index(i).Int()))
-	}
-	return f.tagsize + protowire.SizeBytes(n)
-}
-
-func appendEnumPackedSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	s := p.v.Elem()
-	llen := s.Len()
-	if llen == 0 {
-		return b, nil
-	}
-	b = protowire.AppendVarint(b, f.wiretag)
-	n := 0
-	for i := 0; i < llen; i++ {
-		n += protowire.SizeVarint(uint64(s.Index(i).Int()))
-	}
-	b = protowire.AppendVarint(b, uint64(n))
-	for i := 0; i < llen; i++ {
-		b = protowire.AppendVarint(b, uint64(s.Index(i).Int()))
-	}
-	return b, nil
-}
-
-var coderEnumPackedSlice = pointerCoderFuncs{
-	size:      sizeEnumPackedSlice,
-	marshal:   appendEnumPackedSlice,
-	unmarshal: consumeEnumSlice,
-	merge:     mergeEnumSlice,
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_unsafe.go b/vendor/google.golang.org/protobuf/internal/impl/codec_unsafe.go
index 757642e23..077712c2c 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_unsafe.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_unsafe.go
@@ -2,9 +2,6 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !purego && !appengine
-// +build !purego,!appengine
-
 package impl
 
 // When using unsafe pointers, we can just treat enum values as int32s.
diff --git a/vendor/google.golang.org/protobuf/internal/impl/convert.go b/vendor/google.golang.org/protobuf/internal/impl/convert.go
index 185ef2efa..f72ddd882 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/convert.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/convert.go
@@ -14,7 +14,7 @@ import (
 // unwrapper unwraps the value to the underlying value.
 // This is implemented by List and Map.
 type unwrapper interface {
-	protoUnwrap() interface{}
+	protoUnwrap() any
 }
 
 // A Converter coverts to/from Go reflect.Value types and protobuf protoreflect.Value types.
@@ -322,7 +322,7 @@ func (c *stringConverter) PBValueOf(v reflect.Value) protoreflect.Value {
 	return protoreflect.ValueOfString(v.Convert(stringType).String())
 }
 func (c *stringConverter) GoValueOf(v protoreflect.Value) reflect.Value {
-	// pref.Value.String never panics, so we go through an interface
+	// protoreflect.Value.String never panics, so we go through an interface
 	// conversion here to check the type.
 	s := v.Interface().(string)
 	if c.goType.Kind() == reflect.Slice && s == "" {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/convert_list.go b/vendor/google.golang.org/protobuf/internal/impl/convert_list.go
index f89136516..18cb96fd7 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/convert_list.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/convert_list.go
@@ -136,6 +136,6 @@ func (ls *listReflect) NewElement() protoreflect.Value {
 func (ls *listReflect) IsValid() bool {
 	return !ls.v.IsNil()
 }
-func (ls *listReflect) protoUnwrap() interface{} {
+func (ls *listReflect) protoUnwrap() any {
 	return ls.v.Interface()
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/convert_map.go b/vendor/google.golang.org/protobuf/internal/impl/convert_map.go
index f30b0a057..304244a65 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/convert_map.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/convert_map.go
@@ -116,6 +116,6 @@ func (ms *mapReflect) NewValue() protoreflect.Value {
 func (ms *mapReflect) IsValid() bool {
 	return !ms.v.IsNil()
 }
-func (ms *mapReflect) protoUnwrap() interface{} {
+func (ms *mapReflect) protoUnwrap() any {
 	return ms.v.Interface()
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/decode.go b/vendor/google.golang.org/protobuf/internal/impl/decode.go
index cda0520c2..e0dd21fa5 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/decode.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/decode.go
@@ -34,6 +34,8 @@ func (o unmarshalOptions) Options() proto.UnmarshalOptions {
 		AllowPartial:   true,
 		DiscardUnknown: o.DiscardUnknown(),
 		Resolver:       o.resolver,
+
+		NoLazyDecoding: o.NoLazyDecoding(),
 	}
 }
 
@@ -41,13 +43,26 @@ func (o unmarshalOptions) DiscardUnknown() bool {
 	return o.flags&protoiface.UnmarshalDiscardUnknown != 0
 }
 
-func (o unmarshalOptions) IsDefault() bool {
-	return o.flags == 0 && o.resolver == protoregistry.GlobalTypes
+func (o unmarshalOptions) AliasBuffer() bool { return o.flags&protoiface.UnmarshalAliasBuffer != 0 }
+func (o unmarshalOptions) Validated() bool   { return o.flags&protoiface.UnmarshalValidated != 0 }
+func (o unmarshalOptions) NoLazyDecoding() bool {
+	return o.flags&protoiface.UnmarshalNoLazyDecoding != 0
+}
+
+func (o unmarshalOptions) CanBeLazy() bool {
+	if o.resolver != protoregistry.GlobalTypes {
+		return false
+	}
+	// We ignore the UnmarshalInvalidateSizeCache even though it's not in the default set
+	return (o.flags & ^(protoiface.UnmarshalAliasBuffer | protoiface.UnmarshalValidated | protoiface.UnmarshalCheckRequired)) == 0
 }
 
 var lazyUnmarshalOptions = unmarshalOptions{
 	resolver: protoregistry.GlobalTypes,
-	depth:    protowire.DefaultRecursionLimit,
+
+	flags: protoiface.UnmarshalAliasBuffer | protoiface.UnmarshalValidated,
+
+	depth: protowire.DefaultRecursionLimit,
 }
 
 type unmarshalOutput struct {
@@ -94,9 +109,30 @@ func (mi *MessageInfo) unmarshalPointer(b []byte, p pointer, groupTag protowire.
 	if flags.ProtoLegacy && mi.isMessageSet {
 		return unmarshalMessageSet(mi, b, p, opts)
 	}
+
+	lazyDecoding := LazyEnabled() // default
+	if opts.NoLazyDecoding() {
+		lazyDecoding = false // explicitly disabled
+	}
+	if mi.lazyOffset.IsValid() && lazyDecoding {
+		return mi.unmarshalPointerLazy(b, p, groupTag, opts)
+	}
+	return mi.unmarshalPointerEager(b, p, groupTag, opts)
+}
+
+// unmarshalPointerEager is the message unmarshalling function for all messages that are not lazy.
+// The corresponding function for Lazy is in google_lazy.go.
+func (mi *MessageInfo) unmarshalPointerEager(b []byte, p pointer, groupTag protowire.Number, opts unmarshalOptions) (out unmarshalOutput, err error) {
+
 	initialized := true
 	var requiredMask uint64
 	var exts *map[int32]ExtensionField
+
+	var presence presence
+	if mi.presenceOffset.IsValid() {
+		presence = p.Apply(mi.presenceOffset).PresenceInfo()
+	}
+
 	start := len(b)
 	for len(b) > 0 {
 		// Parse the tag (field number and wire type).
@@ -154,6 +190,11 @@ func (mi *MessageInfo) unmarshalPointer(b []byte, p pointer, groupTag protowire.
 			if f.funcs.isInit != nil && !o.initialized {
 				initialized = false
 			}
+
+			if f.presenceIndex != noPresence {
+				presence.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
+			}
+
 		default:
 			// Possible extension.
 			if exts == nil && mi.extensionOffset.IsValid() {
@@ -222,7 +263,7 @@ func (mi *MessageInfo) unmarshalExtension(b []byte, num protowire.Number, wtyp p
 		return out, errUnknown
 	}
 	if flags.LazyUnmarshalExtensions {
-		if opts.IsDefault() && x.canLazy(xt) {
+		if opts.CanBeLazy() && x.canLazy(xt) {
 			out, valid := skipExtension(b, xi, num, wtyp, opts)
 			switch valid {
 			case ValidationValid:
@@ -270,6 +311,13 @@ func skipExtension(b []byte, xi *extensionFieldInfo, num protowire.Number, wtyp
 		if n < 0 {
 			return out, ValidationUnknown
 		}
+
+		if opts.Validated() {
+			out.initialized = true
+			out.n = n
+			return out, ValidationValid
+		}
+
 		out, st := xi.validation.mi.validate(v, 0, opts)
 		out.n = n
 		return out, st
diff --git a/vendor/google.golang.org/protobuf/internal/impl/encode.go b/vendor/google.golang.org/protobuf/internal/impl/encode.go
index 845c67d6e..b2e212291 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/encode.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/encode.go
@@ -10,7 +10,8 @@ import (
 	"sync/atomic"
 
 	"google.golang.org/protobuf/internal/flags"
-	proto "google.golang.org/protobuf/proto"
+	"google.golang.org/protobuf/internal/protolazy"
+	"google.golang.org/protobuf/proto"
 	piface "google.golang.org/protobuf/runtime/protoiface"
 )
 
@@ -49,8 +50,11 @@ func (mi *MessageInfo) sizePointer(p pointer, opts marshalOptions) (size int) {
 		return 0
 	}
 	if opts.UseCachedSize() && mi.sizecacheOffset.IsValid() {
-		if size := atomic.LoadInt32(p.Apply(mi.sizecacheOffset).Int32()); size >= 0 {
-			return int(size)
+		// The size cache contains the size + 1, to allow the
+		// zero value to be invalid, while also allowing for a
+		// 0 size to be cached.
+		if size := atomic.LoadInt32(p.Apply(mi.sizecacheOffset).Int32()); size > 0 {
+			return int(size - 1)
 		}
 	}
 	return mi.sizePointerSlow(p, opts)
@@ -60,7 +64,7 @@ func (mi *MessageInfo) sizePointerSlow(p pointer, opts marshalOptions) (size int
 	if flags.ProtoLegacy && mi.isMessageSet {
 		size = sizeMessageSet(mi, p, opts)
 		if mi.sizecacheOffset.IsValid() {
-			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), int32(size))
+			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), int32(size+1))
 		}
 		return size
 	}
@@ -68,11 +72,39 @@ func (mi *MessageInfo) sizePointerSlow(p pointer, opts marshalOptions) (size int
 		e := p.Apply(mi.extensionOffset).Extensions()
 		size += mi.sizeExtensions(e, opts)
 	}
+
+	var lazy **protolazy.XXX_lazyUnmarshalInfo
+	var presence presence
+	if mi.presenceOffset.IsValid() {
+		presence = p.Apply(mi.presenceOffset).PresenceInfo()
+		if mi.lazyOffset.IsValid() {
+			lazy = p.Apply(mi.lazyOffset).LazyInfoPtr()
+		}
+	}
+
 	for _, f := range mi.orderedCoderFields {
 		if f.funcs.size == nil {
 			continue
 		}
 		fptr := p.Apply(f.offset)
+
+		if f.presenceIndex != noPresence {
+			if !presence.Present(f.presenceIndex) {
+				continue
+			}
+
+			if f.isLazy && fptr.AtomicGetPointer().IsNil() {
+				if lazyFields(opts) {
+					size += (*lazy).SizeField(uint32(f.num))
+					continue
+				} else {
+					mi.lazyUnmarshal(p, f.num)
+				}
+			}
+			size += f.funcs.size(fptr, f, opts)
+			continue
+		}
+
 		if f.isPointer && fptr.Elem().IsNil() {
 			continue
 		}
@@ -84,13 +116,16 @@ func (mi *MessageInfo) sizePointerSlow(p pointer, opts marshalOptions) (size int
 		}
 	}
 	if mi.sizecacheOffset.IsValid() {
-		if size > math.MaxInt32 {
+		if size > (math.MaxInt32 - 1) {
 			// The size is too large for the int32 sizecache field.
 			// We will need to recompute the size when encoding;
 			// unfortunately expensive, but better than invalid output.
-			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), -1)
+			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), 0)
 		} else {
-			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), int32(size))
+			// The size cache contains the size + 1, to allow the
+			// zero value to be invalid, while also allowing for a
+			// 0 size to be cached.
+			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), int32(size+1))
 		}
 	}
 	return size
@@ -128,11 +163,52 @@ func (mi *MessageInfo) marshalAppendPointer(b []byte, p pointer, opts marshalOpt
 			return b, err
 		}
 	}
+
+	var lazy **protolazy.XXX_lazyUnmarshalInfo
+	var presence presence
+	if mi.presenceOffset.IsValid() {
+		presence = p.Apply(mi.presenceOffset).PresenceInfo()
+		if mi.lazyOffset.IsValid() {
+			lazy = p.Apply(mi.lazyOffset).LazyInfoPtr()
+		}
+	}
+
 	for _, f := range mi.orderedCoderFields {
 		if f.funcs.marshal == nil {
 			continue
 		}
 		fptr := p.Apply(f.offset)
+
+		if f.presenceIndex != noPresence {
+			if !presence.Present(f.presenceIndex) {
+				continue
+			}
+			if f.isLazy {
+				// Be careful, this field needs to be read atomically, like for a get
+				if f.isPointer && fptr.AtomicGetPointer().IsNil() {
+					if lazyFields(opts) {
+						b, _ = (*lazy).AppendField(b, uint32(f.num))
+						continue
+					} else {
+						mi.lazyUnmarshal(p, f.num)
+					}
+				}
+
+				b, err = f.funcs.marshal(b, fptr, f, opts)
+				if err != nil {
+					return b, err
+				}
+				continue
+			} else if f.isPointer && fptr.Elem().IsNil() {
+				continue
+			}
+			b, err = f.funcs.marshal(b, fptr, f, opts)
+			if err != nil {
+				return b, err
+			}
+			continue
+		}
+
 		if f.isPointer && fptr.Elem().IsNil() {
 			continue
 		}
@@ -149,6 +225,22 @@ func (mi *MessageInfo) marshalAppendPointer(b []byte, p pointer, opts marshalOpt
 	return b, nil
 }
 
+// fullyLazyExtensions returns true if we should attempt to keep extensions lazy over size and marshal.
+func fullyLazyExtensions(opts marshalOptions) bool {
+	// When deterministic marshaling is requested, force an unmarshal for lazy
+	// extensions to produce a deterministic result, instead of passing through
+	// bytes lazily that may or may not match what Go Protobuf would produce.
+	return opts.flags&piface.MarshalDeterministic == 0
+}
+
+// lazyFields returns true if we should attempt to keep fields lazy over size and marshal.
+func lazyFields(opts marshalOptions) bool {
+	// When deterministic marshaling is requested, force an unmarshal for lazy
+	// fields to produce a deterministic result, instead of passing through
+	// bytes lazily that may or may not match what Go Protobuf would produce.
+	return opts.flags&piface.MarshalDeterministic == 0
+}
+
 func (mi *MessageInfo) sizeExtensions(ext *map[int32]ExtensionField, opts marshalOptions) (n int) {
 	if ext == nil {
 		return 0
@@ -158,6 +250,14 @@ func (mi *MessageInfo) sizeExtensions(ext *map[int32]ExtensionField, opts marsha
 		if xi.funcs.size == nil {
 			continue
 		}
+		if fullyLazyExtensions(opts) {
+			// Don't expand the extension, instead use the buffer to calculate size
+			if lb := x.lazyBuffer(); lb != nil {
+				// We got hold of the buffer, so it's still lazy.
+				n += len(lb)
+				continue
+			}
+		}
 		n += xi.funcs.size(x.Value(), xi.tagsize, opts)
 	}
 	return n
@@ -176,6 +276,13 @@ func (mi *MessageInfo) appendExtensions(b []byte, ext *map[int32]ExtensionField,
 		var err error
 		for _, x := range *ext {
 			xi := getExtensionFieldInfo(x.Type())
+			if fullyLazyExtensions(opts) {
+				// Don't expand the extension if it's still in wire format, instead use the buffer content.
+				if lb := x.lazyBuffer(); lb != nil {
+					b = append(b, lb...)
+					continue
+				}
+			}
 			b, err = xi.funcs.marshal(b, x.Value(), xi.wiretag, opts)
 		}
 		return b, err
@@ -191,6 +298,13 @@ func (mi *MessageInfo) appendExtensions(b []byte, ext *map[int32]ExtensionField,
 		for _, k := range keys {
 			x := (*ext)[int32(k)]
 			xi := getExtensionFieldInfo(x.Type())
+			if fullyLazyExtensions(opts) {
+				// Don't expand the extension if it's still in wire format, instead use the buffer content.
+				if lb := x.lazyBuffer(); lb != nil {
+					b = append(b, lb...)
+					continue
+				}
+			}
 			b, err = xi.funcs.marshal(b, x.Value(), xi.wiretag, opts)
 			if err != nil {
 				return b, err
diff --git a/vendor/google.golang.org/protobuf/internal/impl/equal.go b/vendor/google.golang.org/protobuf/internal/impl/equal.go
new file mode 100644
index 000000000..9f6c32a7d
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/equal.go
@@ -0,0 +1,224 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package impl
+
+import (
+	"bytes"
+
+	"google.golang.org/protobuf/encoding/protowire"
+	"google.golang.org/protobuf/reflect/protoreflect"
+	"google.golang.org/protobuf/runtime/protoiface"
+)
+
+func equal(in protoiface.EqualInput) protoiface.EqualOutput {
+	return protoiface.EqualOutput{Equal: equalMessage(in.MessageA, in.MessageB)}
+}
+
+// equalMessage is a fast-path variant of protoreflect.equalMessage.
+// It takes advantage of the internal messageState type to avoid
+// unnecessary allocations, type assertions.
+func equalMessage(mx, my protoreflect.Message) bool {
+	if mx == nil || my == nil {
+		return mx == my
+	}
+	if mx.Descriptor() != my.Descriptor() {
+		return false
+	}
+
+	msx, ok := mx.(*messageState)
+	if !ok {
+		return protoreflect.ValueOfMessage(mx).Equal(protoreflect.ValueOfMessage(my))
+	}
+	msy, ok := my.(*messageState)
+	if !ok {
+		return protoreflect.ValueOfMessage(mx).Equal(protoreflect.ValueOfMessage(my))
+	}
+
+	mi := msx.messageInfo()
+	miy := msy.messageInfo()
+	if mi != miy {
+		return protoreflect.ValueOfMessage(mx).Equal(protoreflect.ValueOfMessage(my))
+	}
+	mi.init()
+	// Compares regular fields
+	// Modified Message.Range code that compares two messages of the same type
+	// while going over the fields.
+	for _, ri := range mi.rangeInfos {
+		var fd protoreflect.FieldDescriptor
+		var vx, vy protoreflect.Value
+
+		switch ri := ri.(type) {
+		case *fieldInfo:
+			hx := ri.has(msx.pointer())
+			hy := ri.has(msy.pointer())
+			if hx != hy {
+				return false
+			}
+			if !hx {
+				continue
+			}
+			fd = ri.fieldDesc
+			vx = ri.get(msx.pointer())
+			vy = ri.get(msy.pointer())
+		case *oneofInfo:
+			fnx := ri.which(msx.pointer())
+			fny := ri.which(msy.pointer())
+			if fnx != fny {
+				return false
+			}
+			if fnx <= 0 {
+				continue
+			}
+			fi := mi.fields[fnx]
+			fd = fi.fieldDesc
+			vx = fi.get(msx.pointer())
+			vy = fi.get(msy.pointer())
+		}
+
+		if !equalValue(fd, vx, vy) {
+			return false
+		}
+	}
+
+	// Compare extensions.
+	// This is more complicated because mx or my could have empty/nil extension maps,
+	// however some populated extension map values are equal to nil extension maps.
+	emx := mi.extensionMap(msx.pointer())
+	emy := mi.extensionMap(msy.pointer())
+	if emx != nil {
+		for k, x := range *emx {
+			xd := x.Type().TypeDescriptor()
+			xv := x.Value()
+			var y ExtensionField
+			ok := false
+			if emy != nil {
+				y, ok = (*emy)[k]
+			}
+			// We need to treat empty lists as equal to nil values
+			if emy == nil || !ok {
+				if xd.IsList() && xv.List().Len() == 0 {
+					continue
+				}
+				return false
+			}
+
+			if !equalValue(xd, xv, y.Value()) {
+				return false
+			}
+		}
+	}
+	if emy != nil {
+		// emy may have extensions emx does not have, need to check them as well
+		for k, y := range *emy {
+			if emx != nil {
+				// emx has the field, so we already checked it
+				if _, ok := (*emx)[k]; ok {
+					continue
+				}
+			}
+			// Empty lists are equal to nil
+			if y.Type().TypeDescriptor().IsList() && y.Value().List().Len() == 0 {
+				continue
+			}
+
+			// Cant be equal if the extension is populated
+			return false
+		}
+	}
+
+	return equalUnknown(mx.GetUnknown(), my.GetUnknown())
+}
+
+func equalValue(fd protoreflect.FieldDescriptor, vx, vy protoreflect.Value) bool {
+	// slow path
+	if fd.Kind() != protoreflect.MessageKind {
+		return vx.Equal(vy)
+	}
+
+	// fast path special cases
+	if fd.IsMap() {
+		if fd.MapValue().Kind() == protoreflect.MessageKind {
+			return equalMessageMap(vx.Map(), vy.Map())
+		}
+		return vx.Equal(vy)
+	}
+
+	if fd.IsList() {
+		return equalMessageList(vx.List(), vy.List())
+	}
+
+	return equalMessage(vx.Message(), vy.Message())
+}
+
+// Mostly copied from protoreflect.equalMap.
+// This variant only works for messages as map types.
+// All other map types should be handled via Value.Equal.
+func equalMessageMap(mx, my protoreflect.Map) bool {
+	if mx.Len() != my.Len() {
+		return false
+	}
+	equal := true
+	mx.Range(func(k protoreflect.MapKey, vx protoreflect.Value) bool {
+		if !my.Has(k) {
+			equal = false
+			return false
+		}
+		vy := my.Get(k)
+		equal = equalMessage(vx.Message(), vy.Message())
+		return equal
+	})
+	return equal
+}
+
+// Mostly copied from protoreflect.equalList.
+// The only change is the usage of equalImpl instead of protoreflect.equalValue.
+func equalMessageList(lx, ly protoreflect.List) bool {
+	if lx.Len() != ly.Len() {
+		return false
+	}
+	for i := 0; i < lx.Len(); i++ {
+		// We only operate on messages here since equalImpl will not call us in any other case.
+		if !equalMessage(lx.Get(i).Message(), ly.Get(i).Message()) {
+			return false
+		}
+	}
+	return true
+}
+
+// equalUnknown compares unknown fields by direct comparison on the raw bytes
+// of each individual field number.
+// Copied from protoreflect.equalUnknown.
+func equalUnknown(x, y protoreflect.RawFields) bool {
+	if len(x) != len(y) {
+		return false
+	}
+	if bytes.Equal([]byte(x), []byte(y)) {
+		return true
+	}
+
+	mx := make(map[protoreflect.FieldNumber]protoreflect.RawFields)
+	my := make(map[protoreflect.FieldNumber]protoreflect.RawFields)
+	for len(x) > 0 {
+		fnum, _, n := protowire.ConsumeField(x)
+		mx[fnum] = append(mx[fnum], x[:n]...)
+		x = x[n:]
+	}
+	for len(y) > 0 {
+		fnum, _, n := protowire.ConsumeField(y)
+		my[fnum] = append(my[fnum], y[:n]...)
+		y = y[n:]
+	}
+	if len(mx) != len(my) {
+		return false
+	}
+
+	for k, v1 := range mx {
+		if v2, ok := my[k]; !ok || !bytes.Equal([]byte(v1), []byte(v2)) {
+			return false
+		}
+	}
+
+	return true
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/extension.go b/vendor/google.golang.org/protobuf/internal/impl/extension.go
index cb25b0bae..e31249f64 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/extension.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/extension.go
@@ -53,7 +53,7 @@ type ExtensionInfo struct {
 	// type returned by InterfaceOf may not be identical.
 	//
 	// Deprecated: Use InterfaceOf(xt.Zero()) instead.
-	ExtensionType interface{}
+	ExtensionType any
 
 	// Field is the field number of the extension.
 	//
@@ -95,16 +95,16 @@ func (xi *ExtensionInfo) New() protoreflect.Value {
 func (xi *ExtensionInfo) Zero() protoreflect.Value {
 	return xi.lazyInit().Zero()
 }
-func (xi *ExtensionInfo) ValueOf(v interface{}) protoreflect.Value {
+func (xi *ExtensionInfo) ValueOf(v any) protoreflect.Value {
 	return xi.lazyInit().PBValueOf(reflect.ValueOf(v))
 }
-func (xi *ExtensionInfo) InterfaceOf(v protoreflect.Value) interface{} {
+func (xi *ExtensionInfo) InterfaceOf(v protoreflect.Value) any {
 	return xi.lazyInit().GoValueOf(v).Interface()
 }
 func (xi *ExtensionInfo) IsValidValue(v protoreflect.Value) bool {
 	return xi.lazyInit().IsValidPB(v)
 }
-func (xi *ExtensionInfo) IsValidInterface(v interface{}) bool {
+func (xi *ExtensionInfo) IsValidInterface(v any) bool {
 	return xi.lazyInit().IsValidGo(reflect.ValueOf(v))
 }
 func (xi *ExtensionInfo) TypeDescriptor() protoreflect.ExtensionTypeDescriptor {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/lazy.go b/vendor/google.golang.org/protobuf/internal/impl/lazy.go
new file mode 100644
index 000000000..e8fb6c35b
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/lazy.go
@@ -0,0 +1,433 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package impl
+
+import (
+	"fmt"
+	"math/bits"
+	"os"
+	"reflect"
+	"sort"
+	"sync/atomic"
+
+	"google.golang.org/protobuf/encoding/protowire"
+	"google.golang.org/protobuf/internal/errors"
+	"google.golang.org/protobuf/internal/protolazy"
+	"google.golang.org/protobuf/reflect/protoreflect"
+	preg "google.golang.org/protobuf/reflect/protoregistry"
+	piface "google.golang.org/protobuf/runtime/protoiface"
+)
+
+var enableLazy int32 = func() int32 {
+	if os.Getenv("GOPROTODEBUG") == "nolazy" {
+		return 0
+	}
+	return 1
+}()
+
+// EnableLazyUnmarshal enables lazy unmarshaling.
+func EnableLazyUnmarshal(enable bool) {
+	if enable {
+		atomic.StoreInt32(&enableLazy, 1)
+		return
+	}
+	atomic.StoreInt32(&enableLazy, 0)
+}
+
+// LazyEnabled reports whether lazy unmarshalling is currently enabled.
+func LazyEnabled() bool {
+	return atomic.LoadInt32(&enableLazy) != 0
+}
+
+// UnmarshalField unmarshals a field in a message.
+func UnmarshalField(m interface{}, num protowire.Number) {
+	switch m := m.(type) {
+	case *messageState:
+		m.messageInfo().lazyUnmarshal(m.pointer(), num)
+	case *messageReflectWrapper:
+		m.messageInfo().lazyUnmarshal(m.pointer(), num)
+	default:
+		panic(fmt.Sprintf("unsupported wrapper type %T", m))
+	}
+}
+
+func (mi *MessageInfo) lazyUnmarshal(p pointer, num protoreflect.FieldNumber) {
+	var f *coderFieldInfo
+	if int(num) < len(mi.denseCoderFields) {
+		f = mi.denseCoderFields[num]
+	} else {
+		f = mi.coderFields[num]
+	}
+	if f == nil {
+		panic(fmt.Sprintf("lazyUnmarshal: field info for %v.%v", mi.Desc.FullName(), num))
+	}
+	lazy := *p.Apply(mi.lazyOffset).LazyInfoPtr()
+	start, end, found, _, multipleEntries := lazy.FindFieldInProto(uint32(num))
+	if !found && multipleEntries == nil {
+		panic(fmt.Sprintf("lazyUnmarshal: can't find field data for %v.%v", mi.Desc.FullName(), num))
+	}
+	// The actual pointer in the message can not be set until the whole struct is filled in, otherwise we will have races.
+	// Create another pointer and set it atomically, if we won the race and the pointer in the original message is still nil.
+	fp := pointerOfValue(reflect.New(f.ft))
+	if multipleEntries != nil {
+		for _, entry := range multipleEntries {
+			mi.unmarshalField(lazy.Buffer()[entry.Start:entry.End], fp, f, lazy, lazy.UnmarshalFlags())
+		}
+	} else {
+		mi.unmarshalField(lazy.Buffer()[start:end], fp, f, lazy, lazy.UnmarshalFlags())
+	}
+	p.Apply(f.offset).AtomicSetPointerIfNil(fp.Elem())
+}
+
+func (mi *MessageInfo) unmarshalField(b []byte, p pointer, f *coderFieldInfo, lazyInfo *protolazy.XXX_lazyUnmarshalInfo, flags piface.UnmarshalInputFlags) error {
+	opts := lazyUnmarshalOptions
+	opts.flags |= flags
+	for len(b) > 0 {
+		// Parse the tag (field number and wire type).
+		var tag uint64
+		if b[0] < 0x80 {
+			tag = uint64(b[0])
+			b = b[1:]
+		} else if len(b) >= 2 && b[1] < 128 {
+			tag = uint64(b[0]&0x7f) + uint64(b[1])<<7
+			b = b[2:]
+		} else {
+			var n int
+			tag, n = protowire.ConsumeVarint(b)
+			if n < 0 {
+				return errors.New("invalid wire data")
+			}
+			b = b[n:]
+		}
+		var num protowire.Number
+		if n := tag >> 3; n < uint64(protowire.MinValidNumber) || n > uint64(protowire.MaxValidNumber) {
+			return errors.New("invalid wire data")
+		} else {
+			num = protowire.Number(n)
+		}
+		wtyp := protowire.Type(tag & 7)
+		if num == f.num {
+			o, err := f.funcs.unmarshal(b, p, wtyp, f, opts)
+			if err == nil {
+				b = b[o.n:]
+				continue
+			}
+			if err != errUnknown {
+				return err
+			}
+		}
+		n := protowire.ConsumeFieldValue(num, wtyp, b)
+		if n < 0 {
+			return errors.New("invalid wire data")
+		}
+		b = b[n:]
+	}
+	return nil
+}
+
+func (mi *MessageInfo) skipField(b []byte, f *coderFieldInfo, wtyp protowire.Type, opts unmarshalOptions) (out unmarshalOutput, _ ValidationStatus) {
+	fmi := f.validation.mi
+	if fmi == nil {
+		fd := mi.Desc.Fields().ByNumber(f.num)
+		if fd == nil || !fd.IsWeak() {
+			return out, ValidationUnknown
+		}
+		messageName := fd.Message().FullName()
+		messageType, err := preg.GlobalTypes.FindMessageByName(messageName)
+		if err != nil {
+			return out, ValidationUnknown
+		}
+		var ok bool
+		fmi, ok = messageType.(*MessageInfo)
+		if !ok {
+			return out, ValidationUnknown
+		}
+	}
+	fmi.init()
+	switch f.validation.typ {
+	case validationTypeMessage:
+		if wtyp != protowire.BytesType {
+			return out, ValidationWrongWireType
+		}
+		v, n := protowire.ConsumeBytes(b)
+		if n < 0 {
+			return out, ValidationInvalid
+		}
+		out, st := fmi.validate(v, 0, opts)
+		out.n = n
+		return out, st
+	case validationTypeGroup:
+		if wtyp != protowire.StartGroupType {
+			return out, ValidationWrongWireType
+		}
+		out, st := fmi.validate(b, f.num, opts)
+		return out, st
+	default:
+		return out, ValidationUnknown
+	}
+}
+
+// unmarshalPointerLazy is similar to unmarshalPointerEager, but it
+// specifically handles lazy unmarshalling.  it expects lazyOffset and
+// presenceOffset to both be valid.
+func (mi *MessageInfo) unmarshalPointerLazy(b []byte, p pointer, groupTag protowire.Number, opts unmarshalOptions) (out unmarshalOutput, err error) {
+	initialized := true
+	var requiredMask uint64
+	var lazy **protolazy.XXX_lazyUnmarshalInfo
+	var presence presence
+	var lazyIndex []protolazy.IndexEntry
+	var lastNum protowire.Number
+	outOfOrder := false
+	lazyDecode := false
+	presence = p.Apply(mi.presenceOffset).PresenceInfo()
+	lazy = p.Apply(mi.lazyOffset).LazyInfoPtr()
+	if !presence.AnyPresent(mi.presenceSize) {
+		if opts.CanBeLazy() {
+			// If the message contains existing data, we need to merge into it.
+			// Lazy unmarshaling doesn't merge, so only enable it when the
+			// message is empty (has no presence bitmap).
+			lazyDecode = true
+			if *lazy == nil {
+				*lazy = &protolazy.XXX_lazyUnmarshalInfo{}
+			}
+			(*lazy).SetUnmarshalFlags(opts.flags)
+			if !opts.AliasBuffer() {
+				// Make a copy of the buffer for lazy unmarshaling.
+				// Set the AliasBuffer flag so recursive unmarshal
+				// operations reuse the copy.
+				b = append([]byte{}, b...)
+				opts.flags |= piface.UnmarshalAliasBuffer
+			}
+			(*lazy).SetBuffer(b)
+		}
+	}
+	// Track special handling of lazy fields.
+	//
+	// In the common case, all fields are lazyValidateOnly (and lazyFields remains nil).
+	// In the event that validation for a field fails, this map tracks handling of the field.
+	type lazyAction uint8
+	const (
+		lazyValidateOnly   lazyAction = iota // validate the field only
+		lazyUnmarshalNow                     // eagerly unmarshal the field
+		lazyUnmarshalLater                   // unmarshal the field after the message is fully processed
+	)
+	var lazyFields map[*coderFieldInfo]lazyAction
+	var exts *map[int32]ExtensionField
+	start := len(b)
+	pos := 0
+	for len(b) > 0 {
+		// Parse the tag (field number and wire type).
+		var tag uint64
+		if b[0] < 0x80 {
+			tag = uint64(b[0])
+			b = b[1:]
+		} else if len(b) >= 2 && b[1] < 128 {
+			tag = uint64(b[0]&0x7f) + uint64(b[1])<<7
+			b = b[2:]
+		} else {
+			var n int
+			tag, n = protowire.ConsumeVarint(b)
+			if n < 0 {
+				return out, errDecode
+			}
+			b = b[n:]
+		}
+		var num protowire.Number
+		if n := tag >> 3; n < uint64(protowire.MinValidNumber) || n > uint64(protowire.MaxValidNumber) {
+			return out, errors.New("invalid field number")
+		} else {
+			num = protowire.Number(n)
+		}
+		wtyp := protowire.Type(tag & 7)
+
+		if wtyp == protowire.EndGroupType {
+			if num != groupTag {
+				return out, errors.New("mismatching end group marker")
+			}
+			groupTag = 0
+			break
+		}
+
+		var f *coderFieldInfo
+		if int(num) < len(mi.denseCoderFields) {
+			f = mi.denseCoderFields[num]
+		} else {
+			f = mi.coderFields[num]
+		}
+		var n int
+		err := errUnknown
+		discardUnknown := false
+	Field:
+		switch {
+		case f != nil:
+			if f.funcs.unmarshal == nil {
+				break
+			}
+			if f.isLazy && lazyDecode {
+				switch {
+				case lazyFields == nil || lazyFields[f] == lazyValidateOnly:
+					// Attempt to validate this field and leave it for later lazy unmarshaling.
+					o, valid := mi.skipField(b, f, wtyp, opts)
+					switch valid {
+					case ValidationValid:
+						// Skip over the valid field and continue.
+						err = nil
+						presence.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
+						requiredMask |= f.validation.requiredBit
+						if !o.initialized {
+							initialized = false
+						}
+						n = o.n
+						break Field
+					case ValidationInvalid:
+						return out, errors.New("invalid proto wire format")
+					case ValidationWrongWireType:
+						break Field
+					case ValidationUnknown:
+						if lazyFields == nil {
+							lazyFields = make(map[*coderFieldInfo]lazyAction)
+						}
+						if presence.Present(f.presenceIndex) {
+							// We were unable to determine if the field is valid or not,
+							// and we've already skipped over at least one instance of this
+							// field. Clear the presence bit (so if we stop decoding early,
+							// we don't leave a partially-initialized field around) and flag
+							// the field for unmarshaling before we return.
+							presence.ClearPresent(f.presenceIndex)
+							lazyFields[f] = lazyUnmarshalLater
+							discardUnknown = true
+							break Field
+						} else {
+							// We were unable to determine if the field is valid or not,
+							// but this is the first time we've seen it. Flag it as needing
+							// eager unmarshaling and fall through to the eager unmarshal case below.
+							lazyFields[f] = lazyUnmarshalNow
+						}
+					}
+				case lazyFields[f] == lazyUnmarshalLater:
+					// This field will be unmarshaled in a separate pass below.
+					// Skip over it here.
+					discardUnknown = true
+					break Field
+				default:
+					// Eagerly unmarshal the field.
+				}
+			}
+			if f.isLazy && !lazyDecode && presence.Present(f.presenceIndex) {
+				if p.Apply(f.offset).AtomicGetPointer().IsNil() {
+					mi.lazyUnmarshal(p, f.num)
+				}
+			}
+			var o unmarshalOutput
+			o, err = f.funcs.unmarshal(b, p.Apply(f.offset), wtyp, f, opts)
+			n = o.n
+			if err != nil {
+				break
+			}
+			requiredMask |= f.validation.requiredBit
+			if f.funcs.isInit != nil && !o.initialized {
+				initialized = false
+			}
+			if f.presenceIndex != noPresence {
+				presence.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
+			}
+		default:
+			// Possible extension.
+			if exts == nil && mi.extensionOffset.IsValid() {
+				exts = p.Apply(mi.extensionOffset).Extensions()
+				if *exts == nil {
+					*exts = make(map[int32]ExtensionField)
+				}
+			}
+			if exts == nil {
+				break
+			}
+			var o unmarshalOutput
+			o, err = mi.unmarshalExtension(b, num, wtyp, *exts, opts)
+			if err != nil {
+				break
+			}
+			n = o.n
+			if !o.initialized {
+				initialized = false
+			}
+		}
+		if err != nil {
+			if err != errUnknown {
+				return out, err
+			}
+			n = protowire.ConsumeFieldValue(num, wtyp, b)
+			if n < 0 {
+				return out, errDecode
+			}
+			if !discardUnknown && !opts.DiscardUnknown() && mi.unknownOffset.IsValid() {
+				u := mi.mutableUnknownBytes(p)
+				*u = protowire.AppendTag(*u, num, wtyp)
+				*u = append(*u, b[:n]...)
+			}
+		}
+		b = b[n:]
+		end := start - len(b)
+		if lazyDecode && f != nil && f.isLazy {
+			if num != lastNum {
+				lazyIndex = append(lazyIndex, protolazy.IndexEntry{
+					FieldNum: uint32(num),
+					Start:    uint32(pos),
+					End:      uint32(end),
+				})
+			} else {
+				i := len(lazyIndex) - 1
+				lazyIndex[i].End = uint32(end)
+				lazyIndex[i].MultipleContiguous = true
+			}
+		}
+		if num < lastNum {
+			outOfOrder = true
+		}
+		pos = end
+		lastNum = num
+	}
+	if groupTag != 0 {
+		return out, errors.New("missing end group marker")
+	}
+	if lazyFields != nil {
+		// Some fields failed validation, and now need to be unmarshaled.
+		for f, action := range lazyFields {
+			if action != lazyUnmarshalLater {
+				continue
+			}
+			initialized = false
+			if *lazy == nil {
+				*lazy = &protolazy.XXX_lazyUnmarshalInfo{}
+			}
+			if err := mi.unmarshalField((*lazy).Buffer(), p.Apply(f.offset), f, *lazy, opts.flags); err != nil {
+				return out, err
+			}
+			presence.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
+		}
+	}
+	if lazyDecode {
+		if outOfOrder {
+			sort.Slice(lazyIndex, func(i, j int) bool {
+				return lazyIndex[i].FieldNum < lazyIndex[j].FieldNum ||
+					(lazyIndex[i].FieldNum == lazyIndex[j].FieldNum &&
+						lazyIndex[i].Start < lazyIndex[j].Start)
+			})
+		}
+		if *lazy == nil {
+			*lazy = &protolazy.XXX_lazyUnmarshalInfo{}
+		}
+
+		(*lazy).SetIndex(lazyIndex)
+	}
+	if mi.numRequiredFields > 0 && bits.OnesCount64(requiredMask) != int(mi.numRequiredFields) {
+		initialized = false
+	}
+	if initialized {
+		out.initialized = true
+	}
+	out.n = start - len(b)
+	return out, nil
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/legacy_enum.go b/vendor/google.golang.org/protobuf/internal/impl/legacy_enum.go
index c2a803bb2..81b2b1a76 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/legacy_enum.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/legacy_enum.go
@@ -97,7 +97,7 @@ func (e *legacyEnumWrapper) Number() protoreflect.EnumNumber {
 func (e *legacyEnumWrapper) ProtoReflect() protoreflect.Enum {
 	return e
 }
-func (e *legacyEnumWrapper) protoUnwrap() interface{} {
+func (e *legacyEnumWrapper) protoUnwrap() any {
 	v := reflect.New(e.goTyp).Elem()
 	v.SetInt(int64(e.num))
 	return v.Interface()
@@ -167,6 +167,7 @@ func aberrantLoadEnumDesc(t reflect.Type) protoreflect.EnumDescriptor {
 	ed := &filedesc.Enum{L2: new(filedesc.EnumL2)}
 	ed.L0.FullName = AberrantDeriveFullName(t) // e.g., github_com.user.repo.MyEnum
 	ed.L0.ParentFile = filedesc.SurrogateProto3
+	ed.L1.EditionFeatures = ed.L0.ParentFile.L1.EditionFeatures
 	ed.L2.Values.List = append(ed.L2.Values.List, filedesc.EnumValue{})
 
 	// TODO: Use the presence of a UnmarshalJSON method to determine proto2?
diff --git a/vendor/google.golang.org/protobuf/internal/impl/legacy_extension.go b/vendor/google.golang.org/protobuf/internal/impl/legacy_extension.go
index 87b30d050..b6849d669 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/legacy_extension.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/legacy_extension.go
@@ -118,7 +118,7 @@ func (xi *ExtensionInfo) initFromLegacy() {
 	xd.L1.Number = protoreflect.FieldNumber(xi.Field)
 	xd.L1.Cardinality = fd.L1.Cardinality
 	xd.L1.Kind = fd.L1.Kind
-	xd.L2.IsPacked = fd.L1.IsPacked
+	xd.L1.EditionFeatures = fd.L1.EditionFeatures
 	xd.L2.Default = fd.L1.Default
 	xd.L1.Extendee = Export{}.MessageDescriptorOf(xi.ExtendedType)
 	xd.L2.Enum = ed
@@ -160,6 +160,7 @@ func (x placeholderExtension) HasPresence() bool
 func (x placeholderExtension) HasOptionalKeyword() bool                           { return false }
 func (x placeholderExtension) IsExtension() bool                                  { return true }
 func (x placeholderExtension) IsWeak() bool                                       { return false }
+func (x placeholderExtension) IsLazy() bool                                       { return false }
 func (x placeholderExtension) IsPacked() bool                                     { return false }
 func (x placeholderExtension) IsList() bool                                       { return false }
 func (x placeholderExtension) IsMap() bool                                        { return false }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/legacy_file.go b/vendor/google.golang.org/protobuf/internal/impl/legacy_file.go
index 9ab091086..b649f1124 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/legacy_file.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/legacy_file.go
@@ -7,7 +7,7 @@ package impl
 import (
 	"bytes"
 	"compress/gzip"
-	"io/ioutil"
+	"io"
 	"sync"
 
 	"google.golang.org/protobuf/internal/filedesc"
@@ -51,7 +51,7 @@ func legacyLoadFileDesc(b []byte) protoreflect.FileDescriptor {
 	if err != nil {
 		panic(err)
 	}
-	b2, err := ioutil.ReadAll(zr)
+	b2, err := io.ReadAll(zr)
 	if err != nil {
 		panic(err)
 	}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go b/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go
index 2ab2c6297..bf0b6049b 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go
@@ -204,6 +204,7 @@ func aberrantLoadMessageDescReentrant(t reflect.Type, name protoreflect.FullName
 		}
 	}
 
+	md.L1.EditionFeatures = md.L0.ParentFile.L1.EditionFeatures
 	// Obtain a list of oneof wrapper types.
 	var oneofWrappers []reflect.Type
 	methods := make([]reflect.Method, 0, 2)
@@ -215,7 +216,7 @@ func aberrantLoadMessageDescReentrant(t reflect.Type, name protoreflect.FullName
 	}
 	for _, fn := range methods {
 		for _, v := range fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))}) {
-			if vs, ok := v.Interface().([]interface{}); ok {
+			if vs, ok := v.Interface().([]any); ok {
 				for _, v := range vs {
 					oneofWrappers = append(oneofWrappers, reflect.TypeOf(v))
 				}
@@ -250,6 +251,7 @@ func aberrantLoadMessageDescReentrant(t reflect.Type, name protoreflect.FullName
 			od := &md.L2.Oneofs.List[n]
 			od.L0.FullName = md.FullName().Append(protoreflect.Name(tag))
 			od.L0.ParentFile = md.L0.ParentFile
+			od.L1.EditionFeatures = md.L1.EditionFeatures
 			od.L0.Parent = md
 			od.L0.Index = n
 
@@ -260,6 +262,7 @@ func aberrantLoadMessageDescReentrant(t reflect.Type, name protoreflect.FullName
 						aberrantAppendField(md, f.Type, tag, "", "")
 						fd := &md.L2.Fields.List[len(md.L2.Fields.List)-1]
 						fd.L1.ContainingOneof = od
+						fd.L1.EditionFeatures = od.L1.EditionFeatures
 						od.L1.Fields.List = append(od.L1.Fields.List, fd)
 					}
 				}
@@ -307,14 +310,14 @@ func aberrantAppendField(md *filedesc.Message, goType reflect.Type, tag, tagKey,
 	fd.L0.Parent = md
 	fd.L0.Index = n
 
-	if fd.L1.IsWeak || fd.L1.HasPacked {
+	if fd.L1.IsWeak || fd.L1.EditionFeatures.IsPacked {
 		fd.L1.Options = func() protoreflect.ProtoMessage {
 			opts := descopts.Field.ProtoReflect().New()
 			if fd.L1.IsWeak {
 				opts.Set(opts.Descriptor().Fields().ByName("weak"), protoreflect.ValueOfBool(true))
 			}
-			if fd.L1.HasPacked {
-				opts.Set(opts.Descriptor().Fields().ByName("packed"), protoreflect.ValueOfBool(fd.L1.IsPacked))
+			if fd.L1.EditionFeatures.IsPacked {
+				opts.Set(opts.Descriptor().Fields().ByName("packed"), protoreflect.ValueOfBool(fd.L1.EditionFeatures.IsPacked))
 			}
 			return opts.Interface()
 		}
@@ -344,6 +347,7 @@ func aberrantAppendField(md *filedesc.Message, goType reflect.Type, tag, tagKey,
 				md2.L0.ParentFile = md.L0.ParentFile
 				md2.L0.Parent = md
 				md2.L0.Index = n
+				md2.L1.EditionFeatures = md.L1.EditionFeatures
 
 				md2.L1.IsMapEntry = true
 				md2.L2.Options = func() protoreflect.ProtoMessage {
@@ -563,6 +567,6 @@ func (m aberrantMessage) IsValid() bool {
 func (m aberrantMessage) ProtoMethods() *protoiface.Methods {
 	return aberrantProtoMethods
 }
-func (m aberrantMessage) protoUnwrap() interface{} {
+func (m aberrantMessage) protoUnwrap() any {
 	return m.v.Interface()
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/merge.go b/vendor/google.golang.org/protobuf/internal/impl/merge.go
index 7e65f64f2..8ffdce67d 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/merge.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/merge.go
@@ -41,11 +41,38 @@ func (mi *MessageInfo) mergePointer(dst, src pointer, opts mergeOptions) {
 	if src.IsNil() {
 		return
 	}
+
+	var presenceSrc presence
+	var presenceDst presence
+	if mi.presenceOffset.IsValid() {
+		presenceSrc = src.Apply(mi.presenceOffset).PresenceInfo()
+		presenceDst = dst.Apply(mi.presenceOffset).PresenceInfo()
+	}
+
 	for _, f := range mi.orderedCoderFields {
 		if f.funcs.merge == nil {
 			continue
 		}
 		sfptr := src.Apply(f.offset)
+
+		if f.presenceIndex != noPresence {
+			if !presenceSrc.Present(f.presenceIndex) {
+				continue
+			}
+			dfptr := dst.Apply(f.offset)
+			if f.isLazy {
+				if sfptr.AtomicGetPointer().IsNil() {
+					mi.lazyUnmarshal(src, f.num)
+				}
+				if presenceDst.Present(f.presenceIndex) && dfptr.AtomicGetPointer().IsNil() {
+					mi.lazyUnmarshal(dst, f.num)
+				}
+			}
+			f.funcs.merge(dst.Apply(f.offset), sfptr, f, opts)
+			presenceDst.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
+			continue
+		}
+
 		if f.isPointer && sfptr.Elem().IsNil() {
 			continue
 		}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message.go b/vendor/google.golang.org/protobuf/internal/impl/message.go
index 629bacdce..fa10a0f5c 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message.go
@@ -30,12 +30,12 @@ type MessageInfo struct {
 	// Desc is the underlying message descriptor type and must be populated.
 	Desc protoreflect.MessageDescriptor
 
-	// Exporter must be provided in a purego environment in order to provide
-	// access to unexported fields.
+	// Deprecated: Exporter will be removed the next time we bump
+	// protoimpl.GenVersion. See https://github.com/golang/protobuf/issues/1640
 	Exporter exporter
 
 	// OneofWrappers is list of pointers to oneof wrapper struct types.
-	OneofWrappers []interface{}
+	OneofWrappers []any
 
 	initMu   sync.Mutex // protects all unexported fields
 	initDone uint32
@@ -47,7 +47,7 @@ type MessageInfo struct {
 // exporter is a function that returns a reference to the ith field of v,
 // where v is a pointer to a struct. It returns nil if it does not support
 // exporting the requested field (e.g., already exported).
-type exporter func(v interface{}, i int) interface{}
+type exporter func(v any, i int) any
 
 // getMessageInfo returns the MessageInfo for any message type that
 // is generated by our implementation of protoc-gen-go (for v2 and on).
@@ -79,6 +79,9 @@ func (mi *MessageInfo) initOnce() {
 	if mi.initDone == 1 {
 		return
 	}
+	if opaqueInitHook(mi) {
+		return
+	}
 
 	t := mi.GoReflectType
 	if t.Kind() != reflect.Ptr && t.Elem().Kind() != reflect.Struct {
@@ -133,6 +136,9 @@ type structInfo struct {
 	extensionOffset offset
 	extensionType   reflect.Type
 
+	lazyOffset     offset
+	presenceOffset offset
+
 	fieldsByNumber        map[protoreflect.FieldNumber]reflect.StructField
 	oneofsByName          map[protoreflect.Name]reflect.StructField
 	oneofWrappersByType   map[reflect.Type]protoreflect.FieldNumber
@@ -145,6 +151,8 @@ func (mi *MessageInfo) makeStructInfo(t reflect.Type) structInfo {
 		weakOffset:      invalidOffset,
 		unknownOffset:   invalidOffset,
 		extensionOffset: invalidOffset,
+		lazyOffset:      invalidOffset,
+		presenceOffset:  invalidOffset,
 
 		fieldsByNumber:        map[protoreflect.FieldNumber]reflect.StructField{},
 		oneofsByName:          map[protoreflect.Name]reflect.StructField{},
@@ -175,6 +183,10 @@ fieldLoop:
 				si.extensionOffset = offsetOf(f, mi.Exporter)
 				si.extensionType = f.Type
 			}
+		case "lazyFields", "XXX_lazyUnmarshalInfo":
+			si.lazyOffset = offsetOf(f, mi.Exporter)
+		case "XXX_presence":
+			si.presenceOffset = offsetOf(f, mi.Exporter)
 		default:
 			for _, s := range strings.Split(f.Tag.Get("protobuf"), ",") {
 				if len(s) > 0 && strings.Trim(s, "0123456789") == "" {
@@ -201,7 +213,7 @@ fieldLoop:
 	}
 	for _, fn := range methods {
 		for _, v := range fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))}) {
-			if vs, ok := v.Interface().([]interface{}); ok {
+			if vs, ok := v.Interface().([]any); ok {
 				oneofWrappers = vs
 			}
 		}
@@ -256,7 +268,7 @@ func (mi *MessageInfo) Message(i int) protoreflect.MessageType {
 
 type mapEntryType struct {
 	desc    protoreflect.MessageDescriptor
-	valType interface{} // zero value of enum or message type
+	valType any // zero value of enum or message type
 }
 
 func (mt mapEntryType) New() protoreflect.Message {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/message_opaque.go
new file mode 100644
index 000000000..d7ec53f07
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_opaque.go
@@ -0,0 +1,632 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package impl
+
+import (
+	"fmt"
+	"math"
+	"reflect"
+	"strings"
+	"sync/atomic"
+
+	"google.golang.org/protobuf/reflect/protoreflect"
+)
+
+type opaqueStructInfo struct {
+	structInfo
+}
+
+// isOpaque determines whether a protobuf message type is on the Opaque API.  It
+// checks whether the type is a Go struct that protoc-gen-go would generate.
+//
+// This function only detects newly generated messages from the v2
+// implementation of protoc-gen-go. It is unable to classify generated messages
+// that are too old or those that are generated by a different generator
+// such as protoc-gen-gogo.
+func isOpaque(t reflect.Type) bool {
+	// The current detection mechanism is to simply check the first field
+	// for a struct tag with the "protogen" key.
+	if t.Kind() == reflect.Struct && t.NumField() > 0 {
+		pgt := t.Field(0).Tag.Get("protogen")
+		return strings.HasPrefix(pgt, "opaque.")
+	}
+	return false
+}
+
+func opaqueInitHook(mi *MessageInfo) bool {
+	mt := mi.GoReflectType.Elem()
+	si := opaqueStructInfo{
+		structInfo: mi.makeStructInfo(mt),
+	}
+
+	if !isOpaque(mt) {
+		return false
+	}
+
+	defer atomic.StoreUint32(&mi.initDone, 1)
+
+	mi.fields = map[protoreflect.FieldNumber]*fieldInfo{}
+	fds := mi.Desc.Fields()
+	for i := 0; i < fds.Len(); i++ {
+		fd := fds.Get(i)
+		fs := si.fieldsByNumber[fd.Number()]
+		var fi fieldInfo
+		usePresence, _ := usePresenceForField(si, fd)
+
+		switch {
+		case fd.IsWeak():
+			// Weak fields are no different for opaque.
+			fi = fieldInfoForWeakMessage(fd, si.weakOffset)
+		case fd.ContainingOneof() != nil && !fd.ContainingOneof().IsSynthetic():
+			// Oneofs are no different for opaque.
+			fi = fieldInfoForOneof(fd, si.oneofsByName[fd.ContainingOneof().Name()], mi.Exporter, si.oneofWrappersByNumber[fd.Number()])
+		case fd.IsMap():
+			fi = mi.fieldInfoForMapOpaque(si, fd, fs)
+		case fd.IsList() && fd.Message() == nil && usePresence:
+			fi = mi.fieldInfoForScalarListOpaque(si, fd, fs)
+		case fd.IsList() && fd.Message() == nil:
+			// Proto3 lists without presence can use same access methods as open
+			fi = fieldInfoForList(fd, fs, mi.Exporter)
+		case fd.IsList() && usePresence:
+			fi = mi.fieldInfoForMessageListOpaque(si, fd, fs)
+		case fd.IsList():
+			// Proto3 opaque messages that does not need presence bitmap.
+			// Different representation than open struct, but same logic
+			fi = mi.fieldInfoForMessageListOpaqueNoPresence(si, fd, fs)
+		case fd.Message() != nil && usePresence:
+			fi = mi.fieldInfoForMessageOpaque(si, fd, fs)
+		case fd.Message() != nil:
+			// Proto3 messages without presence can use same access methods as open
+			fi = fieldInfoForMessage(fd, fs, mi.Exporter)
+		default:
+			fi = mi.fieldInfoForScalarOpaque(si, fd, fs)
+		}
+		mi.fields[fd.Number()] = &fi
+	}
+	mi.oneofs = map[protoreflect.Name]*oneofInfo{}
+	for i := 0; i < mi.Desc.Oneofs().Len(); i++ {
+		od := mi.Desc.Oneofs().Get(i)
+		mi.oneofs[od.Name()] = makeOneofInfoOpaque(mi, od, si.structInfo, mi.Exporter)
+	}
+
+	mi.denseFields = make([]*fieldInfo, fds.Len()*2)
+	for i := 0; i < fds.Len(); i++ {
+		if fd := fds.Get(i); int(fd.Number()) < len(mi.denseFields) {
+			mi.denseFields[fd.Number()] = mi.fields[fd.Number()]
+		}
+	}
+
+	for i := 0; i < fds.Len(); {
+		fd := fds.Get(i)
+		if od := fd.ContainingOneof(); od != nil && !fd.ContainingOneof().IsSynthetic() {
+			mi.rangeInfos = append(mi.rangeInfos, mi.oneofs[od.Name()])
+			i += od.Fields().Len()
+		} else {
+			mi.rangeInfos = append(mi.rangeInfos, mi.fields[fd.Number()])
+			i++
+		}
+	}
+
+	mi.makeExtensionFieldsFunc(mt, si.structInfo)
+	mi.makeUnknownFieldsFunc(mt, si.structInfo)
+	mi.makeOpaqueCoderMethods(mt, si)
+	mi.makeFieldTypes(si.structInfo)
+
+	return true
+}
+
+func makeOneofInfoOpaque(mi *MessageInfo, od protoreflect.OneofDescriptor, si structInfo, x exporter) *oneofInfo {
+	oi := &oneofInfo{oneofDesc: od}
+	if od.IsSynthetic() {
+		fd := od.Fields().Get(0)
+		index, _ := presenceIndex(mi.Desc, fd)
+		oi.which = func(p pointer) protoreflect.FieldNumber {
+			if p.IsNil() {
+				return 0
+			}
+			if !mi.present(p, index) {
+				return 0
+			}
+			return od.Fields().Get(0).Number()
+		}
+		return oi
+	}
+	// Dispatch to non-opaque oneof implementation for non-synthetic oneofs.
+	return makeOneofInfo(od, si, x)
+}
+
+func (mi *MessageInfo) fieldInfoForMapOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
+	ft := fs.Type
+	if ft.Kind() != reflect.Map {
+		panic(fmt.Sprintf("invalid type: got %v, want map kind", ft))
+	}
+	fieldOffset := offsetOf(fs, mi.Exporter)
+	conv := NewConverter(ft, fd)
+	return fieldInfo{
+		fieldDesc: fd,
+		has: func(p pointer) bool {
+			if p.IsNil() {
+				return false
+			}
+			// Don't bother checking presence bits, since we need to
+			// look at the map length even if the presence bit is set.
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			return rv.Len() > 0
+		},
+		clear: func(p pointer) {
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			rv.Set(reflect.Zero(rv.Type()))
+		},
+		get: func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			if rv.Len() == 0 {
+				return conv.Zero()
+			}
+			return conv.PBValueOf(rv)
+		},
+		set: func(p pointer, v protoreflect.Value) {
+			pv := conv.GoValueOf(v)
+			if pv.IsNil() {
+				panic(fmt.Sprintf("invalid value: setting map field to read-only value"))
+			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			rv.Set(pv)
+		},
+		mutable: func(p pointer) protoreflect.Value {
+			v := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			if v.IsNil() {
+				v.Set(reflect.MakeMap(fs.Type))
+			}
+			return conv.PBValueOf(v)
+		},
+		newField: func() protoreflect.Value {
+			return conv.New()
+		},
+	}
+}
+
+func (mi *MessageInfo) fieldInfoForScalarListOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
+	ft := fs.Type
+	if ft.Kind() != reflect.Slice {
+		panic(fmt.Sprintf("invalid type: got %v, want slice kind", ft))
+	}
+	conv := NewConverter(reflect.PtrTo(ft), fd)
+	fieldOffset := offsetOf(fs, mi.Exporter)
+	index, _ := presenceIndex(mi.Desc, fd)
+	return fieldInfo{
+		fieldDesc: fd,
+		has: func(p pointer) bool {
+			if p.IsNil() {
+				return false
+			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			return rv.Len() > 0
+		},
+		clear: func(p pointer) {
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			rv.Set(reflect.Zero(rv.Type()))
+		},
+		get: func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type)
+			if rv.Elem().Len() == 0 {
+				return conv.Zero()
+			}
+			return conv.PBValueOf(rv)
+		},
+		set: func(p pointer, v protoreflect.Value) {
+			pv := conv.GoValueOf(v)
+			if pv.IsNil() {
+				panic(fmt.Sprintf("invalid value: setting repeated field to read-only value"))
+			}
+			mi.setPresent(p, index)
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			rv.Set(pv.Elem())
+		},
+		mutable: func(p pointer) protoreflect.Value {
+			mi.setPresent(p, index)
+			return conv.PBValueOf(p.Apply(fieldOffset).AsValueOf(fs.Type))
+		},
+		newField: func() protoreflect.Value {
+			return conv.New()
+		},
+	}
+}
+
+func (mi *MessageInfo) fieldInfoForMessageListOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
+	ft := fs.Type
+	if ft.Kind() != reflect.Ptr || ft.Elem().Kind() != reflect.Slice {
+		panic(fmt.Sprintf("invalid type: got %v, want slice kind", ft))
+	}
+	conv := NewConverter(ft, fd)
+	fieldOffset := offsetOf(fs, mi.Exporter)
+	index, _ := presenceIndex(mi.Desc, fd)
+	fieldNumber := fd.Number()
+	return fieldInfo{
+		fieldDesc: fd,
+		has: func(p pointer) bool {
+			if p.IsNil() {
+				return false
+			}
+			if !mi.present(p, index) {
+				return false
+			}
+			sp := p.Apply(fieldOffset).AtomicGetPointer()
+			if sp.IsNil() {
+				// Lazily unmarshal this field.
+				mi.lazyUnmarshal(p, fieldNumber)
+				sp = p.Apply(fieldOffset).AtomicGetPointer()
+			}
+			rv := sp.AsValueOf(fs.Type.Elem())
+			return rv.Elem().Len() > 0
+		},
+		clear: func(p pointer) {
+			fp := p.Apply(fieldOffset)
+			sp := fp.AtomicGetPointer()
+			if sp.IsNil() {
+				sp = fp.AtomicSetPointerIfNil(pointerOfValue(reflect.New(fs.Type.Elem())))
+				mi.setPresent(p, index)
+			}
+			rv := sp.AsValueOf(fs.Type.Elem())
+			rv.Elem().Set(reflect.Zero(rv.Type().Elem()))
+		},
+		get: func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			if !mi.present(p, index) {
+				return conv.Zero()
+			}
+			sp := p.Apply(fieldOffset).AtomicGetPointer()
+			if sp.IsNil() {
+				// Lazily unmarshal this field.
+				mi.lazyUnmarshal(p, fieldNumber)
+				sp = p.Apply(fieldOffset).AtomicGetPointer()
+			}
+			rv := sp.AsValueOf(fs.Type.Elem())
+			if rv.Elem().Len() == 0 {
+				return conv.Zero()
+			}
+			return conv.PBValueOf(rv)
+		},
+		set: func(p pointer, v protoreflect.Value) {
+			fp := p.Apply(fieldOffset)
+			sp := fp.AtomicGetPointer()
+			if sp.IsNil() {
+				sp = fp.AtomicSetPointerIfNil(pointerOfValue(reflect.New(fs.Type.Elem())))
+				mi.setPresent(p, index)
+			}
+			rv := sp.AsValueOf(fs.Type.Elem())
+			val := conv.GoValueOf(v)
+			if val.IsNil() {
+				panic(fmt.Sprintf("invalid value: setting repeated field to read-only value"))
+			} else {
+				rv.Elem().Set(val.Elem())
+			}
+		},
+		mutable: func(p pointer) protoreflect.Value {
+			fp := p.Apply(fieldOffset)
+			sp := fp.AtomicGetPointer()
+			if sp.IsNil() {
+				if mi.present(p, index) {
+					// Lazily unmarshal this field.
+					mi.lazyUnmarshal(p, fieldNumber)
+					sp = p.Apply(fieldOffset).AtomicGetPointer()
+				} else {
+					sp = fp.AtomicSetPointerIfNil(pointerOfValue(reflect.New(fs.Type.Elem())))
+					mi.setPresent(p, index)
+				}
+			}
+			rv := sp.AsValueOf(fs.Type.Elem())
+			return conv.PBValueOf(rv)
+		},
+		newField: func() protoreflect.Value {
+			return conv.New()
+		},
+	}
+}
+
+func (mi *MessageInfo) fieldInfoForMessageListOpaqueNoPresence(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
+	ft := fs.Type
+	if ft.Kind() != reflect.Ptr || ft.Elem().Kind() != reflect.Slice {
+		panic(fmt.Sprintf("invalid type: got %v, want slice kind", ft))
+	}
+	conv := NewConverter(ft, fd)
+	fieldOffset := offsetOf(fs, mi.Exporter)
+	return fieldInfo{
+		fieldDesc: fd,
+		has: func(p pointer) bool {
+			if p.IsNil() {
+				return false
+			}
+			sp := p.Apply(fieldOffset).AtomicGetPointer()
+			if sp.IsNil() {
+				return false
+			}
+			rv := sp.AsValueOf(fs.Type.Elem())
+			return rv.Elem().Len() > 0
+		},
+		clear: func(p pointer) {
+			sp := p.Apply(fieldOffset).AtomicGetPointer()
+			if !sp.IsNil() {
+				rv := sp.AsValueOf(fs.Type.Elem())
+				rv.Elem().Set(reflect.Zero(rv.Type().Elem()))
+			}
+		},
+		get: func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			sp := p.Apply(fieldOffset).AtomicGetPointer()
+			if sp.IsNil() {
+				return conv.Zero()
+			}
+			rv := sp.AsValueOf(fs.Type.Elem())
+			if rv.Elem().Len() == 0 {
+				return conv.Zero()
+			}
+			return conv.PBValueOf(rv)
+		},
+		set: func(p pointer, v protoreflect.Value) {
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			if rv.IsNil() {
+				rv.Set(reflect.New(fs.Type.Elem()))
+			}
+			val := conv.GoValueOf(v)
+			if val.IsNil() {
+				panic(fmt.Sprintf("invalid value: setting repeated field to read-only value"))
+			} else {
+				rv.Elem().Set(val.Elem())
+			}
+		},
+		mutable: func(p pointer) protoreflect.Value {
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			if rv.IsNil() {
+				rv.Set(reflect.New(fs.Type.Elem()))
+			}
+			return conv.PBValueOf(rv)
+		},
+		newField: func() protoreflect.Value {
+			return conv.New()
+		},
+	}
+}
+
+func (mi *MessageInfo) fieldInfoForScalarOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
+	ft := fs.Type
+	nullable := fd.HasPresence()
+	if oneof := fd.ContainingOneof(); oneof != nil && oneof.IsSynthetic() {
+		nullable = true
+	}
+	deref := false
+	if nullable && ft.Kind() == reflect.Ptr {
+		ft = ft.Elem()
+		deref = true
+	}
+	conv := NewConverter(ft, fd)
+	fieldOffset := offsetOf(fs, mi.Exporter)
+	index, _ := presenceIndex(mi.Desc, fd)
+	var getter func(p pointer) protoreflect.Value
+	if !nullable {
+		getter = getterForDirectScalar(fd, fs, conv, fieldOffset)
+	} else {
+		getter = getterForOpaqueNullableScalar(mi, index, fd, fs, conv, fieldOffset)
+	}
+	return fieldInfo{
+		fieldDesc: fd,
+		has: func(p pointer) bool {
+			if p.IsNil() {
+				return false
+			}
+			if nullable {
+				return mi.present(p, index)
+			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			switch rv.Kind() {
+			case reflect.Bool:
+				return rv.Bool()
+			case reflect.Int32, reflect.Int64:
+				return rv.Int() != 0
+			case reflect.Uint32, reflect.Uint64:
+				return rv.Uint() != 0
+			case reflect.Float32, reflect.Float64:
+				return rv.Float() != 0 || math.Signbit(rv.Float())
+			case reflect.String, reflect.Slice:
+				return rv.Len() > 0
+			default:
+				panic(fmt.Sprintf("invalid type: %v", rv.Type())) // should never happen
+			}
+		},
+		clear: func(p pointer) {
+			if nullable {
+				mi.clearPresent(p, index)
+			}
+			// This is only valuable for bytes and strings, but we do it unconditionally.
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			rv.Set(reflect.Zero(rv.Type()))
+		},
+		get: getter,
+		// TODO: Implement unsafe fast path for set?
+		set: func(p pointer, v protoreflect.Value) {
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			if deref {
+				if rv.IsNil() {
+					rv.Set(reflect.New(ft))
+				}
+				rv = rv.Elem()
+			}
+
+			rv.Set(conv.GoValueOf(v))
+			if nullable && rv.Kind() == reflect.Slice && rv.IsNil() {
+				rv.Set(emptyBytes)
+			}
+			if nullable {
+				mi.setPresent(p, index)
+			}
+		},
+		newField: func() protoreflect.Value {
+			return conv.New()
+		},
+	}
+}
+
+func (mi *MessageInfo) fieldInfoForMessageOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
+	ft := fs.Type
+	conv := NewConverter(ft, fd)
+	fieldOffset := offsetOf(fs, mi.Exporter)
+	index, _ := presenceIndex(mi.Desc, fd)
+	fieldNumber := fd.Number()
+	elemType := fs.Type.Elem()
+	return fieldInfo{
+		fieldDesc: fd,
+		has: func(p pointer) bool {
+			if p.IsNil() {
+				return false
+			}
+			return mi.present(p, index)
+		},
+		clear: func(p pointer) {
+			mi.clearPresent(p, index)
+			p.Apply(fieldOffset).AtomicSetNilPointer()
+		},
+		get: func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			fp := p.Apply(fieldOffset)
+			mp := fp.AtomicGetPointer()
+			if mp.IsNil() {
+				// Lazily unmarshal this field.
+				mi.lazyUnmarshal(p, fieldNumber)
+				mp = fp.AtomicGetPointer()
+			}
+			rv := mp.AsValueOf(elemType)
+			return conv.PBValueOf(rv)
+		},
+		set: func(p pointer, v protoreflect.Value) {
+			val := pointerOfValue(conv.GoValueOf(v))
+			if val.IsNil() {
+				panic("invalid nil pointer")
+			}
+			p.Apply(fieldOffset).AtomicSetPointer(val)
+			mi.setPresent(p, index)
+		},
+		mutable: func(p pointer) protoreflect.Value {
+			fp := p.Apply(fieldOffset)
+			mp := fp.AtomicGetPointer()
+			if mp.IsNil() {
+				if mi.present(p, index) {
+					// Lazily unmarshal this field.
+					mi.lazyUnmarshal(p, fieldNumber)
+					mp = fp.AtomicGetPointer()
+				} else {
+					mp = pointerOfValue(conv.GoValueOf(conv.New()))
+					fp.AtomicSetPointer(mp)
+					mi.setPresent(p, index)
+				}
+			}
+			return conv.PBValueOf(mp.AsValueOf(fs.Type.Elem()))
+		},
+		newMessage: func() protoreflect.Message {
+			return conv.New().Message()
+		},
+		newField: func() protoreflect.Value {
+			return conv.New()
+		},
+	}
+}
+
+// A presenceList wraps a List, updating presence bits as necessary when the
+// list contents change.
+type presenceList struct {
+	pvalueList
+	setPresence func(bool)
+}
+type pvalueList interface {
+	protoreflect.List
+	//Unwrapper
+}
+
+func (list presenceList) Append(v protoreflect.Value) {
+	list.pvalueList.Append(v)
+	list.setPresence(true)
+}
+func (list presenceList) Truncate(i int) {
+	list.pvalueList.Truncate(i)
+	list.setPresence(i > 0)
+}
+
+// presenceIndex returns the index to pass to presence functions.
+//
+// TODO: field.Desc.Index() would be simpler, and would give space to record the presence of oneof fields.
+func presenceIndex(md protoreflect.MessageDescriptor, fd protoreflect.FieldDescriptor) (uint32, presenceSize) {
+	found := false
+	var index, numIndices uint32
+	for i := 0; i < md.Fields().Len(); i++ {
+		f := md.Fields().Get(i)
+		if f == fd {
+			found = true
+			index = numIndices
+		}
+		if f.ContainingOneof() == nil || isLastOneofField(f) {
+			numIndices++
+		}
+	}
+	if !found {
+		panic(fmt.Sprintf("BUG: %v not in %v", fd.Name(), md.FullName()))
+	}
+	return index, presenceSize(numIndices)
+}
+
+func isLastOneofField(fd protoreflect.FieldDescriptor) bool {
+	fields := fd.ContainingOneof().Fields()
+	return fields.Get(fields.Len()-1) == fd
+}
+
+func (mi *MessageInfo) setPresent(p pointer, index uint32) {
+	p.Apply(mi.presenceOffset).PresenceInfo().SetPresent(index, mi.presenceSize)
+}
+
+func (mi *MessageInfo) clearPresent(p pointer, index uint32) {
+	p.Apply(mi.presenceOffset).PresenceInfo().ClearPresent(index)
+}
+
+func (mi *MessageInfo) present(p pointer, index uint32) bool {
+	return p.Apply(mi.presenceOffset).PresenceInfo().Present(index)
+}
+
+// usePresenceForField implements the somewhat intricate logic of when
+// the presence bitmap is used for a field.  The main logic is that a
+// field that is optional or that can be lazy will use the presence
+// bit, but for proto2, also maps have a presence bit. It also records
+// if the field can ever be lazy, which is true if we have a
+// lazyOffset and the field is a message or a slice of messages. A
+// field that is lazy will always need a presence bit.  Oneofs are not
+// lazy and do not use presence, unless they are a synthetic oneof,
+// which is a proto3 optional field. For proto3 optionals, we use the
+// presence and they can also be lazy when applicable (a message).
+func usePresenceForField(si opaqueStructInfo, fd protoreflect.FieldDescriptor) (usePresence, canBeLazy bool) {
+	hasLazyField := fd.(interface{ IsLazy() bool }).IsLazy()
+
+	// Non-oneof scalar fields with explicit field presence use the presence array.
+	usesPresenceArray := fd.HasPresence() && fd.Message() == nil && (fd.ContainingOneof() == nil || fd.ContainingOneof().IsSynthetic())
+	switch {
+	case fd.ContainingOneof() != nil && !fd.ContainingOneof().IsSynthetic():
+		return false, false
+	case fd.IsWeak():
+		return false, false
+	case fd.IsMap():
+		return false, false
+	case fd.Kind() == protoreflect.MessageKind || fd.Kind() == protoreflect.GroupKind:
+		return hasLazyField, hasLazyField
+	default:
+		return usesPresenceArray || (hasLazyField && fd.HasPresence()), false
+	}
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_opaque_gen.go b/vendor/google.golang.org/protobuf/internal/impl/message_opaque_gen.go
new file mode 100644
index 000000000..a69825699
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_opaque_gen.go
@@ -0,0 +1,132 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Code generated by generate-types. DO NOT EDIT.
+
+package impl
+
+import (
+	"reflect"
+
+	"google.golang.org/protobuf/reflect/protoreflect"
+)
+
+func getterForOpaqueNullableScalar(mi *MessageInfo, index uint32, fd protoreflect.FieldDescriptor, fs reflect.StructField, conv Converter, fieldOffset offset) func(p pointer) protoreflect.Value {
+	ft := fs.Type
+	if ft.Kind() == reflect.Ptr {
+		ft = ft.Elem()
+	}
+	if fd.Kind() == protoreflect.EnumKind {
+		// Enums for nullable opaque types.
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			return conv.PBValueOf(rv)
+		}
+	}
+	switch ft.Kind() {
+	case reflect.Bool:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Bool()
+			return protoreflect.ValueOfBool(*x)
+		}
+	case reflect.Int32:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Int32()
+			return protoreflect.ValueOfInt32(*x)
+		}
+	case reflect.Uint32:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Uint32()
+			return protoreflect.ValueOfUint32(*x)
+		}
+	case reflect.Int64:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Int64()
+			return protoreflect.ValueOfInt64(*x)
+		}
+	case reflect.Uint64:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Uint64()
+			return protoreflect.ValueOfUint64(*x)
+		}
+	case reflect.Float32:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Float32()
+			return protoreflect.ValueOfFloat32(*x)
+		}
+	case reflect.Float64:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Float64()
+			return protoreflect.ValueOfFloat64(*x)
+		}
+	case reflect.String:
+		if fd.Kind() == protoreflect.BytesKind {
+			return func(p pointer) protoreflect.Value {
+				if p.IsNil() || !mi.present(p, index) {
+					return conv.Zero()
+				}
+				x := p.Apply(fieldOffset).StringPtr()
+				if *x == nil {
+					return conv.Zero()
+				}
+				if len(**x) == 0 {
+					return protoreflect.ValueOfBytes(nil)
+				}
+				return protoreflect.ValueOfBytes([]byte(**x))
+			}
+		}
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).StringPtr()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfString(**x)
+		}
+	case reflect.Slice:
+		if fd.Kind() == protoreflect.StringKind {
+			return func(p pointer) protoreflect.Value {
+				if p.IsNil() || !mi.present(p, index) {
+					return conv.Zero()
+				}
+				x := p.Apply(fieldOffset).Bytes()
+				return protoreflect.ValueOfString(string(*x))
+			}
+		}
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() || !mi.present(p, index) {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Bytes()
+			return protoreflect.ValueOfBytes(*x)
+		}
+	}
+	panic("unexpected protobuf kind: " + ft.Kind().String())
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_reflect.go b/vendor/google.golang.org/protobuf/internal/impl/message_reflect.go
index d9ea010be..31c19b54f 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message_reflect.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_reflect.go
@@ -20,7 +20,7 @@ type reflectMessageInfo struct {
 	// fieldTypes contains the zero value of an enum or message field.
 	// For lists, it contains the element type.
 	// For maps, it contains the entry value type.
-	fieldTypes map[protoreflect.FieldNumber]interface{}
+	fieldTypes map[protoreflect.FieldNumber]any
 
 	// denseFields is a subset of fields where:
 	//	0 < fieldDesc.Number() < len(denseFields)
@@ -28,7 +28,7 @@ type reflectMessageInfo struct {
 	denseFields []*fieldInfo
 
 	// rangeInfos is a list of all fields (not belonging to a oneof) and oneofs.
-	rangeInfos []interface{} // either *fieldInfo or *oneofInfo
+	rangeInfos []any // either *fieldInfo or *oneofInfo
 
 	getUnknown   func(pointer) protoreflect.RawFields
 	setUnknown   func(pointer, protoreflect.RawFields)
@@ -205,6 +205,11 @@ func (mi *MessageInfo) makeFieldTypes(si structInfo) {
 		case fd.IsList():
 			if fd.Enum() != nil || fd.Message() != nil {
 				ft = fs.Type.Elem()
+
+				if ft.Kind() == reflect.Slice {
+					ft = ft.Elem()
+				}
+
 			}
 			isMessage = fd.Message() != nil
 		case fd.Enum() != nil:
@@ -224,7 +229,7 @@ func (mi *MessageInfo) makeFieldTypes(si structInfo) {
 		}
 		if ft != nil {
 			if mi.fieldTypes == nil {
-				mi.fieldTypes = make(map[protoreflect.FieldNumber]interface{})
+				mi.fieldTypes = make(map[protoreflect.FieldNumber]any)
 			}
 			mi.fieldTypes[fd.Number()] = reflect.Zero(ft).Interface()
 		}
@@ -247,39 +252,39 @@ func (m *extensionMap) Range(f func(protoreflect.FieldDescriptor, protoreflect.V
 		}
 	}
 }
-func (m *extensionMap) Has(xt protoreflect.ExtensionType) (ok bool) {
+func (m *extensionMap) Has(xd protoreflect.ExtensionTypeDescriptor) (ok bool) {
 	if m == nil {
 		return false
 	}
-	xd := xt.TypeDescriptor()
 	x, ok := (*m)[int32(xd.Number())]
 	if !ok {
 		return false
 	}
+	if x.isUnexpandedLazy() {
+		// Avoid calling x.Value(), which triggers a lazy unmarshal.
+		return true
+	}
 	switch {
 	case xd.IsList():
 		return x.Value().List().Len() > 0
 	case xd.IsMap():
 		return x.Value().Map().Len() > 0
-	case xd.Message() != nil:
-		return x.Value().Message().IsValid()
 	}
 	return true
 }
-func (m *extensionMap) Clear(xt protoreflect.ExtensionType) {
-	delete(*m, int32(xt.TypeDescriptor().Number()))
+func (m *extensionMap) Clear(xd protoreflect.ExtensionTypeDescriptor) {
+	delete(*m, int32(xd.Number()))
 }
-func (m *extensionMap) Get(xt protoreflect.ExtensionType) protoreflect.Value {
-	xd := xt.TypeDescriptor()
+func (m *extensionMap) Get(xd protoreflect.ExtensionTypeDescriptor) protoreflect.Value {
 	if m != nil {
 		if x, ok := (*m)[int32(xd.Number())]; ok {
 			return x.Value()
 		}
 	}
-	return xt.Zero()
+	return xd.Type().Zero()
 }
-func (m *extensionMap) Set(xt protoreflect.ExtensionType, v protoreflect.Value) {
-	xd := xt.TypeDescriptor()
+func (m *extensionMap) Set(xd protoreflect.ExtensionTypeDescriptor, v protoreflect.Value) {
+	xt := xd.Type()
 	isValid := true
 	switch {
 	case !xt.IsValidValue(v):
@@ -292,7 +297,7 @@ func (m *extensionMap) Set(xt protoreflect.ExtensionType, v protoreflect.Value)
 		isValid = v.Message().IsValid()
 	}
 	if !isValid {
-		panic(fmt.Sprintf("%v: assigning invalid value", xt.TypeDescriptor().FullName()))
+		panic(fmt.Sprintf("%v: assigning invalid value", xd.FullName()))
 	}
 
 	if *m == nil {
@@ -302,16 +307,15 @@ func (m *extensionMap) Set(xt protoreflect.ExtensionType, v protoreflect.Value)
 	x.Set(xt, v)
 	(*m)[int32(xd.Number())] = x
 }
-func (m *extensionMap) Mutable(xt protoreflect.ExtensionType) protoreflect.Value {
-	xd := xt.TypeDescriptor()
+func (m *extensionMap) Mutable(xd protoreflect.ExtensionTypeDescriptor) protoreflect.Value {
 	if xd.Kind() != protoreflect.MessageKind && xd.Kind() != protoreflect.GroupKind && !xd.IsList() && !xd.IsMap() {
 		panic("invalid Mutable on field with non-composite type")
 	}
 	if x, ok := (*m)[int32(xd.Number())]; ok {
 		return x.Value()
 	}
-	v := xt.New()
-	m.Set(xt, v)
+	v := xd.Type().New()
+	m.Set(xd, v)
 	return v
 }
 
@@ -394,7 +398,7 @@ var (
 // MessageOf returns a reflective view over a message. The input must be a
 // pointer to a named Go struct. If the provided type has a ProtoReflect method,
 // it must be implemented by calling this method.
-func (mi *MessageInfo) MessageOf(m interface{}) protoreflect.Message {
+func (mi *MessageInfo) MessageOf(m any) protoreflect.Message {
 	if reflect.TypeOf(m) != mi.GoReflectType {
 		panic(fmt.Sprintf("type mismatch: got %T, want %v", m, mi.GoReflectType))
 	}
@@ -422,13 +426,13 @@ func (m *messageIfaceWrapper) Reset() {
 func (m *messageIfaceWrapper) ProtoReflect() protoreflect.Message {
 	return (*messageReflectWrapper)(m)
 }
-func (m *messageIfaceWrapper) protoUnwrap() interface{} {
+func (m *messageIfaceWrapper) protoUnwrap() any {
 	return m.p.AsIfaceOf(m.mi.GoReflectType.Elem())
 }
 
 // checkField verifies that the provided field descriptor is valid.
 // Exactly one of the returned values is populated.
-func (mi *MessageInfo) checkField(fd protoreflect.FieldDescriptor) (*fieldInfo, protoreflect.ExtensionType) {
+func (mi *MessageInfo) checkField(fd protoreflect.FieldDescriptor) (*fieldInfo, protoreflect.ExtensionTypeDescriptor) {
 	var fi *fieldInfo
 	if n := fd.Number(); 0 < n && int(n) < len(mi.denseFields) {
 		fi = mi.denseFields[n]
@@ -457,7 +461,7 @@ func (mi *MessageInfo) checkField(fd protoreflect.FieldDescriptor) (*fieldInfo,
 		if !ok {
 			panic(fmt.Sprintf("extension %v does not implement protoreflect.ExtensionTypeDescriptor", fd.FullName()))
 		}
-		return nil, xtd.Type()
+		return nil, xtd
 	}
 	panic(fmt.Sprintf("field %v is invalid", fd.FullName()))
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go
index 986322b19..a74064620 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go
@@ -256,6 +256,7 @@ func fieldInfoForScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField,
 	ft := fs.Type
 	nullable := fd.HasPresence()
 	isBytes := ft.Kind() == reflect.Slice && ft.Elem().Kind() == reflect.Uint8
+	var getter func(p pointer) protoreflect.Value
 	if nullable {
 		if ft.Kind() != reflect.Ptr && ft.Kind() != reflect.Slice {
 			// This never occurs for generated message types.
@@ -268,19 +269,25 @@ func fieldInfoForScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField,
 		}
 	}
 	conv := NewConverter(ft, fd)
-
-	// TODO: Implement unsafe fast path?
 	fieldOffset := offsetOf(fs, x)
+
+	// Generate specialized getter functions to avoid going through reflect.Value
+	if nullable {
+		getter = getterForNullableScalar(fd, fs, conv, fieldOffset)
+	} else {
+		getter = getterForDirectScalar(fd, fs, conv, fieldOffset)
+	}
+
 	return fieldInfo{
 		fieldDesc: fd,
 		has: func(p pointer) bool {
 			if p.IsNil() {
 				return false
 			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
 			if nullable {
-				return !rv.IsNil()
+				return !p.Apply(fieldOffset).Elem().IsNil()
 			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
 			switch rv.Kind() {
 			case reflect.Bool:
 				return rv.Bool()
@@ -300,21 +307,8 @@ func fieldInfoForScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField,
 			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
 			rv.Set(reflect.Zero(rv.Type()))
 		},
-		get: func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			if nullable {
-				if rv.IsNil() {
-					return conv.Zero()
-				}
-				if rv.Kind() == reflect.Ptr {
-					rv = rv.Elem()
-				}
-			}
-			return conv.PBValueOf(rv)
-		},
+		get: getter,
+		// TODO: Implement unsafe fast path for set?
 		set: func(p pointer, v protoreflect.Value) {
 			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
 			if nullable && rv.Kind() == reflect.Ptr {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field_gen.go b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field_gen.go
new file mode 100644
index 000000000..af5e063a1
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field_gen.go
@@ -0,0 +1,273 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Code generated by generate-types. DO NOT EDIT.
+
+package impl
+
+import (
+	"reflect"
+
+	"google.golang.org/protobuf/reflect/protoreflect"
+)
+
+func getterForNullableScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField, conv Converter, fieldOffset offset) func(p pointer) protoreflect.Value {
+	ft := fs.Type
+	if ft.Kind() == reflect.Ptr {
+		ft = ft.Elem()
+	}
+	if fd.Kind() == protoreflect.EnumKind {
+		elemType := fs.Type.Elem()
+		// Enums for nullable types.
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			rv := p.Apply(fieldOffset).Elem().AsValueOf(elemType)
+			if rv.IsNil() {
+				return conv.Zero()
+			}
+			return conv.PBValueOf(rv.Elem())
+		}
+	}
+	switch ft.Kind() {
+	case reflect.Bool:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).BoolPtr()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfBool(**x)
+		}
+	case reflect.Int32:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Int32Ptr()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfInt32(**x)
+		}
+	case reflect.Uint32:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Uint32Ptr()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfUint32(**x)
+		}
+	case reflect.Int64:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Int64Ptr()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfInt64(**x)
+		}
+	case reflect.Uint64:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Uint64Ptr()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfUint64(**x)
+		}
+	case reflect.Float32:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Float32Ptr()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfFloat32(**x)
+		}
+	case reflect.Float64:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Float64Ptr()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfFloat64(**x)
+		}
+	case reflect.String:
+		if fd.Kind() == protoreflect.BytesKind {
+			return func(p pointer) protoreflect.Value {
+				if p.IsNil() {
+					return conv.Zero()
+				}
+				x := p.Apply(fieldOffset).StringPtr()
+				if *x == nil {
+					return conv.Zero()
+				}
+				if len(**x) == 0 {
+					return protoreflect.ValueOfBytes(nil)
+				}
+				return protoreflect.ValueOfBytes([]byte(**x))
+			}
+		}
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).StringPtr()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfString(**x)
+		}
+	case reflect.Slice:
+		if fd.Kind() == protoreflect.StringKind {
+			return func(p pointer) protoreflect.Value {
+				if p.IsNil() {
+					return conv.Zero()
+				}
+				x := p.Apply(fieldOffset).Bytes()
+				if len(*x) == 0 {
+					return conv.Zero()
+				}
+				return protoreflect.ValueOfString(string(*x))
+			}
+		}
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Bytes()
+			if *x == nil {
+				return conv.Zero()
+			}
+			return protoreflect.ValueOfBytes(*x)
+		}
+	}
+	panic("unexpected protobuf kind: " + ft.Kind().String())
+}
+
+func getterForDirectScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField, conv Converter, fieldOffset offset) func(p pointer) protoreflect.Value {
+	ft := fs.Type
+	if fd.Kind() == protoreflect.EnumKind {
+		// Enums for non nullable types.
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			return conv.PBValueOf(rv)
+		}
+	}
+	switch ft.Kind() {
+	case reflect.Bool:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Bool()
+			return protoreflect.ValueOfBool(*x)
+		}
+	case reflect.Int32:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Int32()
+			return protoreflect.ValueOfInt32(*x)
+		}
+	case reflect.Uint32:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Uint32()
+			return protoreflect.ValueOfUint32(*x)
+		}
+	case reflect.Int64:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Int64()
+			return protoreflect.ValueOfInt64(*x)
+		}
+	case reflect.Uint64:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Uint64()
+			return protoreflect.ValueOfUint64(*x)
+		}
+	case reflect.Float32:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Float32()
+			return protoreflect.ValueOfFloat32(*x)
+		}
+	case reflect.Float64:
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Float64()
+			return protoreflect.ValueOfFloat64(*x)
+		}
+	case reflect.String:
+		if fd.Kind() == protoreflect.BytesKind {
+			return func(p pointer) protoreflect.Value {
+				if p.IsNil() {
+					return conv.Zero()
+				}
+				x := p.Apply(fieldOffset).String()
+				if len(*x) == 0 {
+					return protoreflect.ValueOfBytes(nil)
+				}
+				return protoreflect.ValueOfBytes([]byte(*x))
+			}
+		}
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).String()
+			return protoreflect.ValueOfString(*x)
+		}
+	case reflect.Slice:
+		if fd.Kind() == protoreflect.StringKind {
+			return func(p pointer) protoreflect.Value {
+				if p.IsNil() {
+					return conv.Zero()
+				}
+				x := p.Apply(fieldOffset).Bytes()
+				return protoreflect.ValueOfString(string(*x))
+			}
+		}
+		return func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			x := p.Apply(fieldOffset).Bytes()
+			return protoreflect.ValueOfBytes(*x)
+		}
+	}
+	panic("unexpected protobuf kind: " + ft.Kind().String())
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_gen.go b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_gen.go
index 741d6e5b6..99dc23c6f 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_gen.go
@@ -23,12 +23,13 @@ func (m *messageState) New() protoreflect.Message {
 func (m *messageState) Interface() protoreflect.ProtoMessage {
 	return m.protoUnwrap().(protoreflect.ProtoMessage)
 }
-func (m *messageState) protoUnwrap() interface{} {
+func (m *messageState) protoUnwrap() any {
 	return m.pointer().AsIfaceOf(m.messageInfo().GoReflectType.Elem())
 }
 func (m *messageState) ProtoMethods() *protoiface.Methods {
-	m.messageInfo().init()
-	return &m.messageInfo().methods
+	mi := m.messageInfo()
+	mi.init()
+	return &mi.methods
 }
 
 // ProtoMessageInfo is a pseudo-internal API for allowing the v1 code
@@ -41,8 +42,9 @@ func (m *messageState) ProtoMessageInfo() *MessageInfo {
 }
 
 func (m *messageState) Range(f func(protoreflect.FieldDescriptor, protoreflect.Value) bool) {
-	m.messageInfo().init()
-	for _, ri := range m.messageInfo().rangeInfos {
+	mi := m.messageInfo()
+	mi.init()
+	for _, ri := range mi.rangeInfos {
 		switch ri := ri.(type) {
 		case *fieldInfo:
 			if ri.has(m.pointer()) {
@@ -52,77 +54,86 @@ func (m *messageState) Range(f func(protoreflect.FieldDescriptor, protoreflect.V
 			}
 		case *oneofInfo:
 			if n := ri.which(m.pointer()); n > 0 {
-				fi := m.messageInfo().fields[n]
+				fi := mi.fields[n]
 				if !f(fi.fieldDesc, fi.get(m.pointer())) {
 					return
 				}
 			}
 		}
 	}
-	m.messageInfo().extensionMap(m.pointer()).Range(f)
+	mi.extensionMap(m.pointer()).Range(f)
 }
 func (m *messageState) Has(fd protoreflect.FieldDescriptor) bool {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		return fi.has(m.pointer())
 	} else {
-		return m.messageInfo().extensionMap(m.pointer()).Has(xt)
+		return mi.extensionMap(m.pointer()).Has(xd)
 	}
 }
 func (m *messageState) Clear(fd protoreflect.FieldDescriptor) {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		fi.clear(m.pointer())
 	} else {
-		m.messageInfo().extensionMap(m.pointer()).Clear(xt)
+		mi.extensionMap(m.pointer()).Clear(xd)
 	}
 }
 func (m *messageState) Get(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		return fi.get(m.pointer())
 	} else {
-		return m.messageInfo().extensionMap(m.pointer()).Get(xt)
+		return mi.extensionMap(m.pointer()).Get(xd)
 	}
 }
 func (m *messageState) Set(fd protoreflect.FieldDescriptor, v protoreflect.Value) {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		fi.set(m.pointer(), v)
 	} else {
-		m.messageInfo().extensionMap(m.pointer()).Set(xt, v)
+		mi.extensionMap(m.pointer()).Set(xd, v)
 	}
 }
 func (m *messageState) Mutable(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		return fi.mutable(m.pointer())
 	} else {
-		return m.messageInfo().extensionMap(m.pointer()).Mutable(xt)
+		return mi.extensionMap(m.pointer()).Mutable(xd)
 	}
 }
 func (m *messageState) NewField(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		return fi.newField()
 	} else {
-		return xt.New()
+		return xd.Type().New()
 	}
 }
 func (m *messageState) WhichOneof(od protoreflect.OneofDescriptor) protoreflect.FieldDescriptor {
-	m.messageInfo().init()
-	if oi := m.messageInfo().oneofs[od.Name()]; oi != nil && oi.oneofDesc == od {
+	mi := m.messageInfo()
+	mi.init()
+	if oi := mi.oneofs[od.Name()]; oi != nil && oi.oneofDesc == od {
 		return od.Fields().ByNumber(oi.which(m.pointer()))
 	}
 	panic("invalid oneof descriptor " + string(od.FullName()) + " for message " + string(m.Descriptor().FullName()))
 }
 func (m *messageState) GetUnknown() protoreflect.RawFields {
-	m.messageInfo().init()
-	return m.messageInfo().getUnknown(m.pointer())
+	mi := m.messageInfo()
+	mi.init()
+	return mi.getUnknown(m.pointer())
 }
 func (m *messageState) SetUnknown(b protoreflect.RawFields) {
-	m.messageInfo().init()
-	m.messageInfo().setUnknown(m.pointer(), b)
+	mi := m.messageInfo()
+	mi.init()
+	mi.setUnknown(m.pointer(), b)
 }
 func (m *messageState) IsValid() bool {
 	return !m.pointer().IsNil()
@@ -143,12 +154,13 @@ func (m *messageReflectWrapper) Interface() protoreflect.ProtoMessage {
 	}
 	return (*messageIfaceWrapper)(m)
 }
-func (m *messageReflectWrapper) protoUnwrap() interface{} {
+func (m *messageReflectWrapper) protoUnwrap() any {
 	return m.pointer().AsIfaceOf(m.messageInfo().GoReflectType.Elem())
 }
 func (m *messageReflectWrapper) ProtoMethods() *protoiface.Methods {
-	m.messageInfo().init()
-	return &m.messageInfo().methods
+	mi := m.messageInfo()
+	mi.init()
+	return &mi.methods
 }
 
 // ProtoMessageInfo is a pseudo-internal API for allowing the v1 code
@@ -161,8 +173,9 @@ func (m *messageReflectWrapper) ProtoMessageInfo() *MessageInfo {
 }
 
 func (m *messageReflectWrapper) Range(f func(protoreflect.FieldDescriptor, protoreflect.Value) bool) {
-	m.messageInfo().init()
-	for _, ri := range m.messageInfo().rangeInfos {
+	mi := m.messageInfo()
+	mi.init()
+	for _, ri := range mi.rangeInfos {
 		switch ri := ri.(type) {
 		case *fieldInfo:
 			if ri.has(m.pointer()) {
@@ -172,77 +185,86 @@ func (m *messageReflectWrapper) Range(f func(protoreflect.FieldDescriptor, proto
 			}
 		case *oneofInfo:
 			if n := ri.which(m.pointer()); n > 0 {
-				fi := m.messageInfo().fields[n]
+				fi := mi.fields[n]
 				if !f(fi.fieldDesc, fi.get(m.pointer())) {
 					return
 				}
 			}
 		}
 	}
-	m.messageInfo().extensionMap(m.pointer()).Range(f)
+	mi.extensionMap(m.pointer()).Range(f)
 }
 func (m *messageReflectWrapper) Has(fd protoreflect.FieldDescriptor) bool {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		return fi.has(m.pointer())
 	} else {
-		return m.messageInfo().extensionMap(m.pointer()).Has(xt)
+		return mi.extensionMap(m.pointer()).Has(xd)
 	}
 }
 func (m *messageReflectWrapper) Clear(fd protoreflect.FieldDescriptor) {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		fi.clear(m.pointer())
 	} else {
-		m.messageInfo().extensionMap(m.pointer()).Clear(xt)
+		mi.extensionMap(m.pointer()).Clear(xd)
 	}
 }
 func (m *messageReflectWrapper) Get(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		return fi.get(m.pointer())
 	} else {
-		return m.messageInfo().extensionMap(m.pointer()).Get(xt)
+		return mi.extensionMap(m.pointer()).Get(xd)
 	}
 }
 func (m *messageReflectWrapper) Set(fd protoreflect.FieldDescriptor, v protoreflect.Value) {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		fi.set(m.pointer(), v)
 	} else {
-		m.messageInfo().extensionMap(m.pointer()).Set(xt, v)
+		mi.extensionMap(m.pointer()).Set(xd, v)
 	}
 }
 func (m *messageReflectWrapper) Mutable(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		return fi.mutable(m.pointer())
 	} else {
-		return m.messageInfo().extensionMap(m.pointer()).Mutable(xt)
+		return mi.extensionMap(m.pointer()).Mutable(xd)
 	}
 }
 func (m *messageReflectWrapper) NewField(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	m.messageInfo().init()
-	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
+	mi := m.messageInfo()
+	mi.init()
+	if fi, xd := mi.checkField(fd); fi != nil {
 		return fi.newField()
 	} else {
-		return xt.New()
+		return xd.Type().New()
 	}
 }
 func (m *messageReflectWrapper) WhichOneof(od protoreflect.OneofDescriptor) protoreflect.FieldDescriptor {
-	m.messageInfo().init()
-	if oi := m.messageInfo().oneofs[od.Name()]; oi != nil && oi.oneofDesc == od {
+	mi := m.messageInfo()
+	mi.init()
+	if oi := mi.oneofs[od.Name()]; oi != nil && oi.oneofDesc == od {
 		return od.Fields().ByNumber(oi.which(m.pointer()))
 	}
 	panic("invalid oneof descriptor " + string(od.FullName()) + " for message " + string(m.Descriptor().FullName()))
 }
 func (m *messageReflectWrapper) GetUnknown() protoreflect.RawFields {
-	m.messageInfo().init()
-	return m.messageInfo().getUnknown(m.pointer())
+	mi := m.messageInfo()
+	mi.init()
+	return mi.getUnknown(m.pointer())
 }
 func (m *messageReflectWrapper) SetUnknown(b protoreflect.RawFields) {
-	m.messageInfo().init()
-	m.messageInfo().setUnknown(m.pointer(), b)
+	mi := m.messageInfo()
+	mi.init()
+	mi.setUnknown(m.pointer(), b)
 }
 func (m *messageReflectWrapper) IsValid() bool {
 	return !m.pointer().IsNil()
diff --git a/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go b/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go
deleted file mode 100644
index 517e94434..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go
+++ /dev/null
@@ -1,215 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build purego || appengine
-// +build purego appengine
-
-package impl
-
-import (
-	"fmt"
-	"reflect"
-	"sync"
-)
-
-const UnsafeEnabled = false
-
-// Pointer is an opaque pointer type.
-type Pointer interface{}
-
-// offset represents the offset to a struct field, accessible from a pointer.
-// The offset is the field index into a struct.
-type offset struct {
-	index  int
-	export exporter
-}
-
-// offsetOf returns a field offset for the struct field.
-func offsetOf(f reflect.StructField, x exporter) offset {
-	if len(f.Index) != 1 {
-		panic("embedded structs are not supported")
-	}
-	if f.PkgPath == "" {
-		return offset{index: f.Index[0]} // field is already exported
-	}
-	if x == nil {
-		panic("exporter must be provided for unexported field")
-	}
-	return offset{index: f.Index[0], export: x}
-}
-
-// IsValid reports whether the offset is valid.
-func (f offset) IsValid() bool { return f.index >= 0 }
-
-// invalidOffset is an invalid field offset.
-var invalidOffset = offset{index: -1}
-
-// zeroOffset is a noop when calling pointer.Apply.
-var zeroOffset = offset{index: 0}
-
-// pointer is an abstract representation of a pointer to a struct or field.
-type pointer struct{ v reflect.Value }
-
-// pointerOf returns p as a pointer.
-func pointerOf(p Pointer) pointer {
-	return pointerOfIface(p)
-}
-
-// pointerOfValue returns v as a pointer.
-func pointerOfValue(v reflect.Value) pointer {
-	return pointer{v: v}
-}
-
-// pointerOfIface returns the pointer portion of an interface.
-func pointerOfIface(v interface{}) pointer {
-	return pointer{v: reflect.ValueOf(v)}
-}
-
-// IsNil reports whether the pointer is nil.
-func (p pointer) IsNil() bool {
-	return p.v.IsNil()
-}
-
-// Apply adds an offset to the pointer to derive a new pointer
-// to a specified field. The current pointer must be pointing at a struct.
-func (p pointer) Apply(f offset) pointer {
-	if f.export != nil {
-		if v := reflect.ValueOf(f.export(p.v.Interface(), f.index)); v.IsValid() {
-			return pointer{v: v}
-		}
-	}
-	return pointer{v: p.v.Elem().Field(f.index).Addr()}
-}
-
-// AsValueOf treats p as a pointer to an object of type t and returns the value.
-// It is equivalent to reflect.ValueOf(p.AsIfaceOf(t))
-func (p pointer) AsValueOf(t reflect.Type) reflect.Value {
-	if got := p.v.Type().Elem(); got != t {
-		panic(fmt.Sprintf("invalid type: got %v, want %v", got, t))
-	}
-	return p.v
-}
-
-// AsIfaceOf treats p as a pointer to an object of type t and returns the value.
-// It is equivalent to p.AsValueOf(t).Interface()
-func (p pointer) AsIfaceOf(t reflect.Type) interface{} {
-	return p.AsValueOf(t).Interface()
-}
-
-func (p pointer) Bool() *bool              { return p.v.Interface().(*bool) }
-func (p pointer) BoolPtr() **bool          { return p.v.Interface().(**bool) }
-func (p pointer) BoolSlice() *[]bool       { return p.v.Interface().(*[]bool) }
-func (p pointer) Int32() *int32            { return p.v.Interface().(*int32) }
-func (p pointer) Int32Ptr() **int32        { return p.v.Interface().(**int32) }
-func (p pointer) Int32Slice() *[]int32     { return p.v.Interface().(*[]int32) }
-func (p pointer) Int64() *int64            { return p.v.Interface().(*int64) }
-func (p pointer) Int64Ptr() **int64        { return p.v.Interface().(**int64) }
-func (p pointer) Int64Slice() *[]int64     { return p.v.Interface().(*[]int64) }
-func (p pointer) Uint32() *uint32          { return p.v.Interface().(*uint32) }
-func (p pointer) Uint32Ptr() **uint32      { return p.v.Interface().(**uint32) }
-func (p pointer) Uint32Slice() *[]uint32   { return p.v.Interface().(*[]uint32) }
-func (p pointer) Uint64() *uint64          { return p.v.Interface().(*uint64) }
-func (p pointer) Uint64Ptr() **uint64      { return p.v.Interface().(**uint64) }
-func (p pointer) Uint64Slice() *[]uint64   { return p.v.Interface().(*[]uint64) }
-func (p pointer) Float32() *float32        { return p.v.Interface().(*float32) }
-func (p pointer) Float32Ptr() **float32    { return p.v.Interface().(**float32) }
-func (p pointer) Float32Slice() *[]float32 { return p.v.Interface().(*[]float32) }
-func (p pointer) Float64() *float64        { return p.v.Interface().(*float64) }
-func (p pointer) Float64Ptr() **float64    { return p.v.Interface().(**float64) }
-func (p pointer) Float64Slice() *[]float64 { return p.v.Interface().(*[]float64) }
-func (p pointer) String() *string          { return p.v.Interface().(*string) }
-func (p pointer) StringPtr() **string      { return p.v.Interface().(**string) }
-func (p pointer) StringSlice() *[]string   { return p.v.Interface().(*[]string) }
-func (p pointer) Bytes() *[]byte           { return p.v.Interface().(*[]byte) }
-func (p pointer) BytesPtr() **[]byte       { return p.v.Interface().(**[]byte) }
-func (p pointer) BytesSlice() *[][]byte    { return p.v.Interface().(*[][]byte) }
-func (p pointer) WeakFields() *weakFields  { return (*weakFields)(p.v.Interface().(*WeakFields)) }
-func (p pointer) Extensions() *map[int32]ExtensionField {
-	return p.v.Interface().(*map[int32]ExtensionField)
-}
-
-func (p pointer) Elem() pointer {
-	return pointer{v: p.v.Elem()}
-}
-
-// PointerSlice copies []*T from p as a new []pointer.
-// This behavior differs from the implementation in pointer_unsafe.go.
-func (p pointer) PointerSlice() []pointer {
-	// TODO: reconsider this
-	if p.v.IsNil() {
-		return nil
-	}
-	n := p.v.Elem().Len()
-	s := make([]pointer, n)
-	for i := 0; i < n; i++ {
-		s[i] = pointer{v: p.v.Elem().Index(i)}
-	}
-	return s
-}
-
-// AppendPointerSlice appends v to p, which must be a []*T.
-func (p pointer) AppendPointerSlice(v pointer) {
-	sp := p.v.Elem()
-	sp.Set(reflect.Append(sp, v.v))
-}
-
-// SetPointer sets *p to v.
-func (p pointer) SetPointer(v pointer) {
-	p.v.Elem().Set(v.v)
-}
-
-func growSlice(p pointer, addCap int) {
-	// TODO: Once we only support Go 1.20 and newer, use reflect.Grow.
-	in := p.v.Elem()
-	out := reflect.MakeSlice(in.Type(), in.Len(), in.Len()+addCap)
-	reflect.Copy(out, in)
-	p.v.Elem().Set(out)
-}
-
-func (p pointer) growBoolSlice(addCap int) {
-	growSlice(p, addCap)
-}
-
-func (p pointer) growInt32Slice(addCap int) {
-	growSlice(p, addCap)
-}
-
-func (p pointer) growUint32Slice(addCap int) {
-	growSlice(p, addCap)
-}
-
-func (p pointer) growInt64Slice(addCap int) {
-	growSlice(p, addCap)
-}
-
-func (p pointer) growUint64Slice(addCap int) {
-	growSlice(p, addCap)
-}
-
-func (p pointer) growFloat64Slice(addCap int) {
-	growSlice(p, addCap)
-}
-
-func (p pointer) growFloat32Slice(addCap int) {
-	growSlice(p, addCap)
-}
-
-func (Export) MessageStateOf(p Pointer) *messageState     { panic("not supported") }
-func (ms *messageState) pointer() pointer                 { panic("not supported") }
-func (ms *messageState) messageInfo() *MessageInfo        { panic("not supported") }
-func (ms *messageState) LoadMessageInfo() *MessageInfo    { panic("not supported") }
-func (ms *messageState) StoreMessageInfo(mi *MessageInfo) { panic("not supported") }
-
-type atomicNilMessage struct {
-	once sync.Once
-	m    messageReflectWrapper
-}
-
-func (m *atomicNilMessage) Init(mi *MessageInfo) *messageReflectWrapper {
-	m.once.Do(func() {
-		m.m.p = pointerOfIface(reflect.Zero(mi.GoReflectType).Interface())
-		m.m.mi = mi
-	})
-	return &m.m
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go b/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go
index 4b020e311..041ebde2d 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go
@@ -2,15 +2,14 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !purego && !appengine
-// +build !purego,!appengine
-
 package impl
 
 import (
 	"reflect"
 	"sync/atomic"
 	"unsafe"
+
+	"google.golang.org/protobuf/internal/protolazy"
 )
 
 const UnsafeEnabled = true
@@ -50,7 +49,7 @@ func pointerOfValue(v reflect.Value) pointer {
 }
 
 // pointerOfIface returns the pointer portion of an interface.
-func pointerOfIface(v interface{}) pointer {
+func pointerOfIface(v any) pointer {
 	type ifaceHeader struct {
 		Type unsafe.Pointer
 		Data unsafe.Pointer
@@ -80,7 +79,7 @@ func (p pointer) AsValueOf(t reflect.Type) reflect.Value {
 
 // AsIfaceOf treats p as a pointer to an object of type t and returns the value.
 // It is equivalent to p.AsValueOf(t).Interface()
-func (p pointer) AsIfaceOf(t reflect.Type) interface{} {
+func (p pointer) AsIfaceOf(t reflect.Type) any {
 	// TODO: Use tricky unsafe magic to directly create ifaceHeader.
 	return p.AsValueOf(t).Interface()
 }
@@ -114,6 +113,13 @@ func (p pointer) BytesPtr() **[]byte                    { return (**[]byte)(p.p)
 func (p pointer) BytesSlice() *[][]byte                 { return (*[][]byte)(p.p) }
 func (p pointer) WeakFields() *weakFields               { return (*weakFields)(p.p) }
 func (p pointer) Extensions() *map[int32]ExtensionField { return (*map[int32]ExtensionField)(p.p) }
+func (p pointer) LazyInfoPtr() **protolazy.XXX_lazyUnmarshalInfo {
+	return (**protolazy.XXX_lazyUnmarshalInfo)(p.p)
+}
+
+func (p pointer) PresenceInfo() presence {
+	return presence{P: p.p}
+}
 
 func (p pointer) Elem() pointer {
 	return pointer{p: *(*unsafe.Pointer)(p.p)}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe_opaque.go
new file mode 100644
index 000000000..38aa7b7dc
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe_opaque.go
@@ -0,0 +1,42 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package impl
+
+import (
+	"sync/atomic"
+	"unsafe"
+)
+
+func (p pointer) AtomicGetPointer() pointer {
+	return pointer{p: atomic.LoadPointer((*unsafe.Pointer)(p.p))}
+}
+
+func (p pointer) AtomicSetPointer(v pointer) {
+	atomic.StorePointer((*unsafe.Pointer)(p.p), v.p)
+}
+
+func (p pointer) AtomicSetNilPointer() {
+	atomic.StorePointer((*unsafe.Pointer)(p.p), unsafe.Pointer(nil))
+}
+
+func (p pointer) AtomicSetPointerIfNil(v pointer) pointer {
+	if atomic.CompareAndSwapPointer((*unsafe.Pointer)(p.p), unsafe.Pointer(nil), v.p) {
+		return v
+	}
+	return pointer{p: atomic.LoadPointer((*unsafe.Pointer)(p.p))}
+}
+
+type atomicV1MessageInfo struct{ p Pointer }
+
+func (mi *atomicV1MessageInfo) Get() Pointer {
+	return Pointer(atomic.LoadPointer((*unsafe.Pointer)(&mi.p)))
+}
+
+func (mi *atomicV1MessageInfo) SetIfNil(p Pointer) Pointer {
+	if atomic.CompareAndSwapPointer((*unsafe.Pointer)(&mi.p), nil, unsafe.Pointer(p)) {
+		return p
+	}
+	return mi.Get()
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/presence.go b/vendor/google.golang.org/protobuf/internal/impl/presence.go
new file mode 100644
index 000000000..914cb1ded
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/presence.go
@@ -0,0 +1,142 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package impl
+
+import (
+	"sync/atomic"
+	"unsafe"
+)
+
+// presenceSize represents the size of a presence set, which should be the largest index of the set+1
+type presenceSize uint32
+
+// presence is the internal representation of the bitmap array in a generated protobuf
+type presence struct {
+	// This is a pointer to the beginning of an array of uint32
+	P unsafe.Pointer
+}
+
+func (p presence) toElem(num uint32) (ret *uint32) {
+	const (
+		bitsPerByte = 8
+		siz         = unsafe.Sizeof(*ret)
+	)
+	// p.P points to an array of uint32, num is the bit in this array that the
+	// caller wants to check/manipulate. Calculate the index in the array that
+	// contains this specific bit. E.g.: 76 / 32 = 2 (integer division).
+	offset := uintptr(num) / (siz * bitsPerByte) * siz
+	return (*uint32)(unsafe.Pointer(uintptr(p.P) + offset))
+}
+
+// Present checks for the presence of a specific field number in a presence set.
+func (p presence) Present(num uint32) bool {
+	if p.P == nil {
+		return false
+	}
+	return Export{}.Present(p.toElem(num), num)
+}
+
+// SetPresent adds presence for a specific field number in a presence set.
+func (p presence) SetPresent(num uint32, size presenceSize) {
+	Export{}.SetPresent(p.toElem(num), num, uint32(size))
+}
+
+// SetPresentUnatomic adds presence for a specific field number in a presence set without using
+// atomic operations. Only to be called during unmarshaling.
+func (p presence) SetPresentUnatomic(num uint32, size presenceSize) {
+	Export{}.SetPresentNonAtomic(p.toElem(num), num, uint32(size))
+}
+
+// ClearPresent removes presence for a specific field number in a presence set.
+func (p presence) ClearPresent(num uint32) {
+	Export{}.ClearPresent(p.toElem(num), num)
+}
+
+// LoadPresenceCache (together with PresentInCache) allows for a
+// cached version of checking for presence without re-reading the word
+// for every field. It is optimized for efficiency and assumes no
+// simltaneous mutation of the presence set (or at least does not have
+// a problem with simultaneous mutation giving inconsistent results).
+func (p presence) LoadPresenceCache() (current uint32) {
+	if p.P == nil {
+		return 0
+	}
+	return atomic.LoadUint32((*uint32)(p.P))
+}
+
+// PresentInCache reads presence from a cached word in the presence
+// bitmap. It caches up a new word if the bit is outside the
+// word. This is for really fast iteration through bitmaps in cases
+// where we either know that the bitmap will not be altered, or we
+// don't care about inconsistencies caused by simultaneous writes.
+func (p presence) PresentInCache(num uint32, cachedElement *uint32, current *uint32) bool {
+	if num/32 != *cachedElement {
+		o := uintptr(num/32) * unsafe.Sizeof(uint32(0))
+		q := (*uint32)(unsafe.Pointer(uintptr(p.P) + o))
+		*current = atomic.LoadUint32(q)
+		*cachedElement = num / 32
+	}
+	return (*current & (1 << (num % 32))) > 0
+}
+
+// AnyPresent checks if any field is marked as present in the bitmap.
+func (p presence) AnyPresent(size presenceSize) bool {
+	n := uintptr((size + 31) / 32)
+	for j := uintptr(0); j < n; j++ {
+		o := j * unsafe.Sizeof(uint32(0))
+		q := (*uint32)(unsafe.Pointer(uintptr(p.P) + o))
+		b := atomic.LoadUint32(q)
+		if b > 0 {
+			return true
+		}
+	}
+	return false
+}
+
+// toRaceDetectData finds the preceding RaceDetectHookData in a
+// message by using pointer arithmetic. As the type of the presence
+// set (bitmap) varies with the number of fields in the protobuf, we
+// can not have a struct type containing the array and the
+// RaceDetectHookData.  instead the RaceDetectHookData is placed
+// immediately before the bitmap array, and we find it by walking
+// backwards in the struct.
+//
+// This method is only called from the race-detect version of the code,
+// so RaceDetectHookData is never an empty struct.
+func (p presence) toRaceDetectData() *RaceDetectHookData {
+	var template struct {
+		d RaceDetectHookData
+		a [1]uint32
+	}
+	o := (uintptr(unsafe.Pointer(&template.a)) - uintptr(unsafe.Pointer(&template.d)))
+	return (*RaceDetectHookData)(unsafe.Pointer(uintptr(p.P) - o))
+}
+
+func atomicLoadShadowPresence(p **[]byte) *[]byte {
+	return (*[]byte)(atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(p))))
+}
+func atomicStoreShadowPresence(p **[]byte, v *[]byte) {
+	atomic.CompareAndSwapPointer((*unsafe.Pointer)(unsafe.Pointer(p)), nil, unsafe.Pointer(v))
+}
+
+// findPointerToRaceDetectData finds the preceding RaceDetectHookData
+// in a message by using pointer arithmetic. For the methods called
+// directy from generated code, we don't have a pointer to the
+// beginning of the presence set, but a pointer inside the array. As
+// we know the index of the bit we're manipulating (num), we can
+// calculate which element of the array ptr is pointing to. With that
+// information we find the preceding RaceDetectHookData and can
+// manipulate the shadow bitmap.
+//
+// This method is only called from the race-detect version of the
+// code, so RaceDetectHookData is never an empty struct.
+func findPointerToRaceDetectData(ptr *uint32, num uint32) *RaceDetectHookData {
+	var template struct {
+		d RaceDetectHookData
+		a [1]uint32
+	}
+	o := (uintptr(unsafe.Pointer(&template.a)) - uintptr(unsafe.Pointer(&template.d))) + uintptr(num/32)*unsafe.Sizeof(uint32(0))
+	return (*RaceDetectHookData)(unsafe.Pointer(uintptr(unsafe.Pointer(ptr)) - o))
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/validate.go b/vendor/google.golang.org/protobuf/internal/impl/validate.go
index a24e6bbd7..b534a3d6d 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/validate.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/validate.go
@@ -37,6 +37,10 @@ const (
 
 	// ValidationValid indicates that unmarshaling the message will succeed.
 	ValidationValid
+
+	// ValidationWrongWireType indicates that a validated field does not have
+	// the expected wire type.
+	ValidationWrongWireType
 )
 
 func (v ValidationStatus) String() string {
@@ -149,11 +153,23 @@ func newValidationInfo(fd protoreflect.FieldDescriptor, ft reflect.Type) validat
 		switch fd.Kind() {
 		case protoreflect.MessageKind:
 			vi.typ = validationTypeMessage
+
+			if ft.Kind() == reflect.Ptr {
+				// Repeated opaque message fields are *[]*T.
+				ft = ft.Elem()
+			}
+
 			if ft.Kind() == reflect.Slice {
 				vi.mi = getMessageInfo(ft.Elem())
 			}
 		case protoreflect.GroupKind:
 			vi.typ = validationTypeGroup
+
+			if ft.Kind() == reflect.Ptr {
+				// Repeated opaque message fields are *[]*T.
+				ft = ft.Elem()
+			}
+
 			if ft.Kind() == reflect.Slice {
 				vi.mi = getMessageInfo(ft.Elem())
 			}
diff --git a/vendor/google.golang.org/protobuf/internal/order/range.go b/vendor/google.golang.org/protobuf/internal/order/range.go
index 1665a68e5..a1f09162d 100644
--- a/vendor/google.golang.org/protobuf/internal/order/range.go
+++ b/vendor/google.golang.org/protobuf/internal/order/range.go
@@ -18,7 +18,7 @@ type messageField struct {
 }
 
 var messageFieldPool = sync.Pool{
-	New: func() interface{} { return new([]messageField) },
+	New: func() any { return new([]messageField) },
 }
 
 type (
@@ -69,7 +69,7 @@ type mapEntry struct {
 }
 
 var mapEntryPool = sync.Pool{
-	New: func() interface{} { return new([]mapEntry) },
+	New: func() any { return new([]mapEntry) },
 }
 
 type (
diff --git a/vendor/google.golang.org/protobuf/internal/protolazy/bufferreader.go b/vendor/google.golang.org/protobuf/internal/protolazy/bufferreader.go
new file mode 100644
index 000000000..82e5cab4a
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/protolazy/bufferreader.go
@@ -0,0 +1,364 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Helper code for parsing a protocol buffer
+
+package protolazy
+
+import (
+	"errors"
+	"fmt"
+	"io"
+
+	"google.golang.org/protobuf/encoding/protowire"
+)
+
+// BufferReader is a structure encapsulating a protobuf and a current position
+type BufferReader struct {
+	Buf []byte
+	Pos int
+}
+
+// NewBufferReader creates a new BufferRead from a protobuf
+func NewBufferReader(buf []byte) BufferReader {
+	return BufferReader{Buf: buf, Pos: 0}
+}
+
+var errOutOfBounds = errors.New("protobuf decoding: out of bounds")
+var errOverflow = errors.New("proto: integer overflow")
+
+func (b *BufferReader) DecodeVarintSlow() (x uint64, err error) {
+	i := b.Pos
+	l := len(b.Buf)
+
+	for shift := uint(0); shift < 64; shift += 7 {
+		if i >= l {
+			err = io.ErrUnexpectedEOF
+			return
+		}
+		v := b.Buf[i]
+		i++
+		x |= (uint64(v) & 0x7F) << shift
+		if v < 0x80 {
+			b.Pos = i
+			return
+		}
+	}
+
+	// The number is too large to represent in a 64-bit value.
+	err = errOverflow
+	return
+}
+
+// decodeVarint decodes a varint at the current position
+func (b *BufferReader) DecodeVarint() (x uint64, err error) {
+	i := b.Pos
+	buf := b.Buf
+
+	if i >= len(buf) {
+		return 0, io.ErrUnexpectedEOF
+	} else if buf[i] < 0x80 {
+		b.Pos++
+		return uint64(buf[i]), nil
+	} else if len(buf)-i < 10 {
+		return b.DecodeVarintSlow()
+	}
+
+	var v uint64
+	// we already checked the first byte
+	x = uint64(buf[i]) & 127
+	i++
+
+	v = uint64(buf[i])
+	i++
+	x |= (v & 127) << 7
+	if v < 128 {
+		goto done
+	}
+
+	v = uint64(buf[i])
+	i++
+	x |= (v & 127) << 14
+	if v < 128 {
+		goto done
+	}
+
+	v = uint64(buf[i])
+	i++
+	x |= (v & 127) << 21
+	if v < 128 {
+		goto done
+	}
+
+	v = uint64(buf[i])
+	i++
+	x |= (v & 127) << 28
+	if v < 128 {
+		goto done
+	}
+
+	v = uint64(buf[i])
+	i++
+	x |= (v & 127) << 35
+	if v < 128 {
+		goto done
+	}
+
+	v = uint64(buf[i])
+	i++
+	x |= (v & 127) << 42
+	if v < 128 {
+		goto done
+	}
+
+	v = uint64(buf[i])
+	i++
+	x |= (v & 127) << 49
+	if v < 128 {
+		goto done
+	}
+
+	v = uint64(buf[i])
+	i++
+	x |= (v & 127) << 56
+	if v < 128 {
+		goto done
+	}
+
+	v = uint64(buf[i])
+	i++
+	x |= (v & 127) << 63
+	if v < 128 {
+		goto done
+	}
+
+	return 0, errOverflow
+
+done:
+	b.Pos = i
+	return
+}
+
+// decodeVarint32 decodes a varint32 at the current position
+func (b *BufferReader) DecodeVarint32() (x uint32, err error) {
+	i := b.Pos
+	buf := b.Buf
+
+	if i >= len(buf) {
+		return 0, io.ErrUnexpectedEOF
+	} else if buf[i] < 0x80 {
+		b.Pos++
+		return uint32(buf[i]), nil
+	} else if len(buf)-i < 5 {
+		v, err := b.DecodeVarintSlow()
+		return uint32(v), err
+	}
+
+	var v uint32
+	// we already checked the first byte
+	x = uint32(buf[i]) & 127
+	i++
+
+	v = uint32(buf[i])
+	i++
+	x |= (v & 127) << 7
+	if v < 128 {
+		goto done
+	}
+
+	v = uint32(buf[i])
+	i++
+	x |= (v & 127) << 14
+	if v < 128 {
+		goto done
+	}
+
+	v = uint32(buf[i])
+	i++
+	x |= (v & 127) << 21
+	if v < 128 {
+		goto done
+	}
+
+	v = uint32(buf[i])
+	i++
+	x |= (v & 127) << 28
+	if v < 128 {
+		goto done
+	}
+
+	return 0, errOverflow
+
+done:
+	b.Pos = i
+	return
+}
+
+// skipValue skips a value in the protobuf, based on the specified tag
+func (b *BufferReader) SkipValue(tag uint32) (err error) {
+	wireType := tag & 0x7
+	switch protowire.Type(wireType) {
+	case protowire.VarintType:
+		err = b.SkipVarint()
+	case protowire.Fixed64Type:
+		err = b.SkipFixed64()
+	case protowire.BytesType:
+		var n uint32
+		n, err = b.DecodeVarint32()
+		if err == nil {
+			err = b.Skip(int(n))
+		}
+	case protowire.StartGroupType:
+		err = b.SkipGroup(tag)
+	case protowire.Fixed32Type:
+		err = b.SkipFixed32()
+	default:
+		err = fmt.Errorf("Unexpected wire type (%d)", wireType)
+	}
+	return
+}
+
+// skipGroup skips a group with the specified tag.  It executes efficiently using a tag stack
+func (b *BufferReader) SkipGroup(tag uint32) (err error) {
+	tagStack := make([]uint32, 0, 16)
+	tagStack = append(tagStack, tag)
+	var n uint32
+	for len(tagStack) > 0 {
+		tag, err = b.DecodeVarint32()
+		if err != nil {
+			return err
+		}
+		switch protowire.Type(tag & 0x7) {
+		case protowire.VarintType:
+			err = b.SkipVarint()
+		case protowire.Fixed64Type:
+			err = b.Skip(8)
+		case protowire.BytesType:
+			n, err = b.DecodeVarint32()
+			if err == nil {
+				err = b.Skip(int(n))
+			}
+		case protowire.StartGroupType:
+			tagStack = append(tagStack, tag)
+		case protowire.Fixed32Type:
+			err = b.SkipFixed32()
+		case protowire.EndGroupType:
+			if protoFieldNumber(tagStack[len(tagStack)-1]) == protoFieldNumber(tag) {
+				tagStack = tagStack[:len(tagStack)-1]
+			} else {
+				err = fmt.Errorf("end group tag %d does not match begin group tag %d at pos %d",
+					protoFieldNumber(tag), protoFieldNumber(tagStack[len(tagStack)-1]), b.Pos)
+			}
+		}
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// skipVarint effiently skips a varint
+func (b *BufferReader) SkipVarint() (err error) {
+	i := b.Pos
+
+	if len(b.Buf)-i < 10 {
+		// Use DecodeVarintSlow() to check for buffer overflow, but ignore result
+		if _, err := b.DecodeVarintSlow(); err != nil {
+			return err
+		}
+		return nil
+	}
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	i++
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	i++
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	i++
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	i++
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	i++
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	i++
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	i++
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	i++
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	i++
+
+	if b.Buf[i] < 0x80 {
+		goto out
+	}
+	return errOverflow
+
+out:
+	b.Pos = i + 1
+	return nil
+}
+
+// skip skips the specified number of bytes
+func (b *BufferReader) Skip(n int) (err error) {
+	if len(b.Buf) < b.Pos+n {
+		return io.ErrUnexpectedEOF
+	}
+	b.Pos += n
+	return
+}
+
+// skipFixed64 skips a fixed64
+func (b *BufferReader) SkipFixed64() (err error) {
+	return b.Skip(8)
+}
+
+// skipFixed32 skips a fixed32
+func (b *BufferReader) SkipFixed32() (err error) {
+	return b.Skip(4)
+}
+
+// skipBytes skips a set of bytes
+func (b *BufferReader) SkipBytes() (err error) {
+	n, err := b.DecodeVarint32()
+	if err != nil {
+		return err
+	}
+	return b.Skip(int(n))
+}
+
+// Done returns whether we are at the end of the protobuf
+func (b *BufferReader) Done() bool {
+	return b.Pos == len(b.Buf)
+}
+
+// Remaining returns how many bytes remain
+func (b *BufferReader) Remaining() int {
+	return len(b.Buf) - b.Pos
+}
diff --git a/vendor/google.golang.org/protobuf/internal/protolazy/lazy.go b/vendor/google.golang.org/protobuf/internal/protolazy/lazy.go
new file mode 100644
index 000000000..ff4d4834b
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/protolazy/lazy.go
@@ -0,0 +1,359 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package protolazy contains internal data structures for lazy message decoding.
+package protolazy
+
+import (
+	"fmt"
+	"sort"
+
+	"google.golang.org/protobuf/encoding/protowire"
+	piface "google.golang.org/protobuf/runtime/protoiface"
+)
+
+// IndexEntry is the structure for an index of the fields in a message of a
+// proto (not descending to sub-messages)
+type IndexEntry struct {
+	FieldNum uint32
+	// first byte of this tag/field
+	Start uint32
+	// first byte after a contiguous sequence of bytes for this tag/field, which could
+	// include a single encoding of the field, or multiple encodings for the field
+	End uint32
+	// True if this protobuf segment includes multiple encodings of the field
+	MultipleContiguous bool
+}
+
+// XXX_lazyUnmarshalInfo has information about a particular lazily decoded message
+//
+// Deprecated: Do not use. This will be deleted in the near future.
+type XXX_lazyUnmarshalInfo struct {
+	// Index of fields and their positions in the protobuf for this
+	// message.  Make index be a pointer to a slice so it can be updated
+	// atomically.  The index pointer is only set once (lazily when/if
+	// the index is first needed), and must always be SET and LOADED
+	// ATOMICALLY.
+	index *[]IndexEntry
+	// The protobuf associated with this lazily decoded message.  It is
+	// only set during proto.Unmarshal().  It doesn't need to be set and
+	// loaded atomically, since any simultaneous set (Unmarshal) and read
+	// (during a get) would already be a race in the app code.
+	Protobuf []byte
+	// The flags present when Unmarshal was originally called for this particular message
+	unmarshalFlags piface.UnmarshalInputFlags
+}
+
+// The Buffer and SetBuffer methods let v2/internal/impl interact with
+// XXX_lazyUnmarshalInfo via an interface, to avoid an import cycle.
+
+// Buffer returns the lazy unmarshal buffer.
+//
+// Deprecated: Do not use. This will be deleted in the near future.
+func (lazy *XXX_lazyUnmarshalInfo) Buffer() []byte {
+	return lazy.Protobuf
+}
+
+// SetBuffer sets the lazy unmarshal buffer.
+//
+// Deprecated: Do not use. This will be deleted in the near future.
+func (lazy *XXX_lazyUnmarshalInfo) SetBuffer(b []byte) {
+	lazy.Protobuf = b
+}
+
+// SetUnmarshalFlags is called to set a copy of the original unmarshalInputFlags.
+// The flags should reflect how Unmarshal was called.
+func (lazy *XXX_lazyUnmarshalInfo) SetUnmarshalFlags(f piface.UnmarshalInputFlags) {
+	lazy.unmarshalFlags = f
+}
+
+// UnmarshalFlags returns the original unmarshalInputFlags.
+func (lazy *XXX_lazyUnmarshalInfo) UnmarshalFlags() piface.UnmarshalInputFlags {
+	return lazy.unmarshalFlags
+}
+
+// AllowedPartial returns true if the user originally unmarshalled this message with
+// AllowPartial set to true
+func (lazy *XXX_lazyUnmarshalInfo) AllowedPartial() bool {
+	return (lazy.unmarshalFlags & piface.UnmarshalCheckRequired) == 0
+}
+
+func protoFieldNumber(tag uint32) uint32 {
+	return tag >> 3
+}
+
+// buildIndex builds an index of the specified protobuf, return the index
+// array and an error.
+func buildIndex(buf []byte) ([]IndexEntry, error) {
+	index := make([]IndexEntry, 0, 16)
+	var lastProtoFieldNum uint32
+	var outOfOrder bool
+
+	var r BufferReader = NewBufferReader(buf)
+
+	for !r.Done() {
+		var tag uint32
+		var err error
+		var curPos = r.Pos
+		// INLINED: tag, err = r.DecodeVarint32()
+		{
+			i := r.Pos
+			buf := r.Buf
+
+			if i >= len(buf) {
+				return nil, errOutOfBounds
+			} else if buf[i] < 0x80 {
+				r.Pos++
+				tag = uint32(buf[i])
+			} else if r.Remaining() < 5 {
+				var v uint64
+				v, err = r.DecodeVarintSlow()
+				tag = uint32(v)
+			} else {
+				var v uint32
+				// we already checked the first byte
+				tag = uint32(buf[i]) & 127
+				i++
+
+				v = uint32(buf[i])
+				i++
+				tag |= (v & 127) << 7
+				if v < 128 {
+					goto done
+				}
+
+				v = uint32(buf[i])
+				i++
+				tag |= (v & 127) << 14
+				if v < 128 {
+					goto done
+				}
+
+				v = uint32(buf[i])
+				i++
+				tag |= (v & 127) << 21
+				if v < 128 {
+					goto done
+				}
+
+				v = uint32(buf[i])
+				i++
+				tag |= (v & 127) << 28
+				if v < 128 {
+					goto done
+				}
+
+				return nil, errOutOfBounds
+
+			done:
+				r.Pos = i
+			}
+		}
+		// DONE: tag, err = r.DecodeVarint32()
+
+		fieldNum := protoFieldNumber(tag)
+		if fieldNum < lastProtoFieldNum {
+			outOfOrder = true
+		}
+
+		// Skip the current value -- will skip over an entire group as well.
+		// INLINED: err = r.SkipValue(tag)
+		wireType := tag & 0x7
+		switch protowire.Type(wireType) {
+		case protowire.VarintType:
+			// INLINED: err = r.SkipVarint()
+			i := r.Pos
+
+			if len(r.Buf)-i < 10 {
+				// Use DecodeVarintSlow() to skip while
+				// checking for buffer overflow, but ignore result
+				_, err = r.DecodeVarintSlow()
+				goto out2
+			}
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			i++
+
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			i++
+
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			i++
+
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			i++
+
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			i++
+
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			i++
+
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			i++
+
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			i++
+
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			i++
+
+			if r.Buf[i] < 0x80 {
+				goto out
+			}
+			return nil, errOverflow
+		out:
+			r.Pos = i + 1
+			// DONE: err = r.SkipVarint()
+		case protowire.Fixed64Type:
+			err = r.SkipFixed64()
+		case protowire.BytesType:
+			var n uint32
+			n, err = r.DecodeVarint32()
+			if err == nil {
+				err = r.Skip(int(n))
+			}
+		case protowire.StartGroupType:
+			err = r.SkipGroup(tag)
+		case protowire.Fixed32Type:
+			err = r.SkipFixed32()
+		default:
+			err = fmt.Errorf("Unexpected wire type (%d)", wireType)
+		}
+		// DONE: err = r.SkipValue(tag)
+
+	out2:
+		if err != nil {
+			return nil, err
+		}
+		if fieldNum != lastProtoFieldNum {
+			index = append(index, IndexEntry{FieldNum: fieldNum,
+				Start: uint32(curPos),
+				End:   uint32(r.Pos)},
+			)
+		} else {
+			index[len(index)-1].End = uint32(r.Pos)
+			index[len(index)-1].MultipleContiguous = true
+		}
+		lastProtoFieldNum = fieldNum
+	}
+	if outOfOrder {
+		sort.Slice(index, func(i, j int) bool {
+			return index[i].FieldNum < index[j].FieldNum ||
+				(index[i].FieldNum == index[j].FieldNum &&
+					index[i].Start < index[j].Start)
+		})
+	}
+	return index, nil
+}
+
+func (lazy *XXX_lazyUnmarshalInfo) SizeField(num uint32) (size int) {
+	start, end, found, _, multipleEntries := lazy.FindFieldInProto(num)
+	if multipleEntries != nil {
+		for _, entry := range multipleEntries {
+			size += int(entry.End - entry.Start)
+		}
+		return size
+	}
+	if !found {
+		return 0
+	}
+	return int(end - start)
+}
+
+func (lazy *XXX_lazyUnmarshalInfo) AppendField(b []byte, num uint32) ([]byte, bool) {
+	start, end, found, _, multipleEntries := lazy.FindFieldInProto(num)
+	if multipleEntries != nil {
+		for _, entry := range multipleEntries {
+			b = append(b, lazy.Protobuf[entry.Start:entry.End]...)
+		}
+		return b, true
+	}
+	if !found {
+		return nil, false
+	}
+	b = append(b, lazy.Protobuf[start:end]...)
+	return b, true
+}
+
+func (lazy *XXX_lazyUnmarshalInfo) SetIndex(index []IndexEntry) {
+	atomicStoreIndex(&lazy.index, &index)
+}
+
+// FindFieldInProto looks for field fieldNum in lazyUnmarshalInfo information
+// (including protobuf), returns startOffset/endOffset/found.
+func (lazy *XXX_lazyUnmarshalInfo) FindFieldInProto(fieldNum uint32) (start, end uint32, found, multipleContiguous bool, multipleEntries []IndexEntry) {
+	if lazy.Protobuf == nil {
+		// There is no backing protobuf for this message -- it was made from a builder
+		return 0, 0, false, false, nil
+	}
+	index := atomicLoadIndex(&lazy.index)
+	if index == nil {
+		r, err := buildIndex(lazy.Protobuf)
+		if err != nil {
+			panic(fmt.Sprintf("findFieldInfo: error building index when looking for field %d: %v", fieldNum, err))
+		}
+		// lazy.index is a pointer to the slice returned by BuildIndex
+		index = &r
+		atomicStoreIndex(&lazy.index, index)
+	}
+	return lookupField(index, fieldNum)
+}
+
+// lookupField returns the offset at which the indicated field starts using
+// the index, offset immediately after field ends (including all instances of
+// a repeated field), and bools indicating if field was found and if there
+// are multiple encodings of the field in the byte range.
+//
+// To hande the uncommon case where there are repeated encodings for the same
+// field which are not consecutive in the protobuf (so we need to returns
+// multiple start/end offsets), we also return a slice multipleEntries.  If
+// multipleEntries is non-nil, then multiple entries were found, and the
+// values in the slice should be used, rather than start/end/found.
+func lookupField(indexp *[]IndexEntry, fieldNum uint32) (start, end uint32, found bool, multipleContiguous bool, multipleEntries []IndexEntry) {
+	// The pointer indexp to the index was already loaded atomically.
+	// The slice is uniquely associated with the pointer, so it doesn't
+	// need to be loaded atomically.
+	index := *indexp
+	for i, entry := range index {
+		if fieldNum == entry.FieldNum {
+			if i < len(index)-1 && entry.FieldNum == index[i+1].FieldNum {
+				// Handle the uncommon case where there are
+				// repeated entries for the same field which
+				// are not contiguous in the protobuf.
+				multiple := make([]IndexEntry, 1, 2)
+				multiple[0] = IndexEntry{fieldNum, entry.Start, entry.End, entry.MultipleContiguous}
+				i++
+				for i < len(index) && index[i].FieldNum == fieldNum {
+					multiple = append(multiple, IndexEntry{fieldNum, index[i].Start, index[i].End, index[i].MultipleContiguous})
+					i++
+				}
+				return 0, 0, false, false, multiple
+
+			}
+			return entry.Start, entry.End, true, entry.MultipleContiguous, nil
+		}
+		if fieldNum < entry.FieldNum {
+			return 0, 0, false, false, nil
+		}
+	}
+	return 0, 0, false, false, nil
+}
diff --git a/vendor/google.golang.org/protobuf/internal/protolazy/pointer_unsafe.go b/vendor/google.golang.org/protobuf/internal/protolazy/pointer_unsafe.go
new file mode 100644
index 000000000..dc2a64ca6
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/protolazy/pointer_unsafe.go
@@ -0,0 +1,17 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package protolazy
+
+import (
+	"sync/atomic"
+	"unsafe"
+)
+
+func atomicLoadIndex(p **[]IndexEntry) *[]IndexEntry {
+	return (*[]IndexEntry)(atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(p))))
+}
+func atomicStoreIndex(p **[]IndexEntry, v *[]IndexEntry) {
+	atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(p)), unsafe.Pointer(v))
+}
diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings_pure.go b/vendor/google.golang.org/protobuf/internal/strs/strings_pure.go
deleted file mode 100644
index a1f6f3338..000000000
--- a/vendor/google.golang.org/protobuf/internal/strs/strings_pure.go
+++ /dev/null
@@ -1,28 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build purego || appengine
-// +build purego appengine
-
-package strs
-
-import pref "google.golang.org/protobuf/reflect/protoreflect"
-
-func UnsafeString(b []byte) string {
-	return string(b)
-}
-
-func UnsafeBytes(s string) []byte {
-	return []byte(s)
-}
-
-type Builder struct{}
-
-func (*Builder) AppendFullName(prefix pref.FullName, name pref.Name) pref.FullName {
-	return prefix.Append(name)
-}
-
-func (*Builder) MakeString(b []byte) string {
-	return string(b)
-}
diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go
index a008acd09..832a7988f 100644
--- a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go
+++ b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go
@@ -2,8 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !purego && !appengine && !go1.21
-// +build !purego,!appengine,!go1.21
+//go:build !go1.21
 
 package strs
 
diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go
index 60166f2ba..1ffddf687 100644
--- a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go
+++ b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go
@@ -2,8 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !purego && !appengine && go1.21
-// +build !purego,!appengine,go1.21
+//go:build go1.21
 
 package strs
 
diff --git a/vendor/google.golang.org/protobuf/internal/version/version.go b/vendor/google.golang.org/protobuf/internal/version/version.go
index a50fcfb49..386c823aa 100644
--- a/vendor/google.golang.org/protobuf/internal/version/version.go
+++ b/vendor/google.golang.org/protobuf/internal/version/version.go
@@ -51,8 +51,8 @@ import (
 //  10. Send out the CL for review and submit it.
 const (
 	Major      = 1
-	Minor      = 33
-	Patch      = 0
+	Minor      = 36
+	Patch      = 2
 	PreRelease = ""
 )
 
diff --git a/vendor/google.golang.org/protobuf/proto/decode.go b/vendor/google.golang.org/protobuf/proto/decode.go
index e5b03b567..a3b5e142d 100644
--- a/vendor/google.golang.org/protobuf/proto/decode.go
+++ b/vendor/google.golang.org/protobuf/proto/decode.go
@@ -47,10 +47,18 @@ type UnmarshalOptions struct {
 	// RecursionLimit limits how deeply messages may be nested.
 	// If zero, a default limit is applied.
 	RecursionLimit int
+
+	//
+	// NoLazyDecoding turns off lazy decoding, which otherwise is enabled by
+	// default. Lazy decoding only affects submessages (annotated with [lazy =
+	// true] in the .proto file) within messages that use the Opaque API.
+	NoLazyDecoding bool
 }
 
 // Unmarshal parses the wire-format message in b and places the result in m.
 // The provided message must be mutable (e.g., a non-nil pointer to a message).
+//
+// See the [UnmarshalOptions] type if you need more control.
 func Unmarshal(b []byte, m Message) error {
 	_, err := UnmarshalOptions{RecursionLimit: protowire.DefaultRecursionLimit}.unmarshal(b, m.ProtoReflect())
 	return err
@@ -102,6 +110,16 @@ func (o UnmarshalOptions) unmarshal(b []byte, m protoreflect.Message) (out proto
 		if o.DiscardUnknown {
 			in.Flags |= protoiface.UnmarshalDiscardUnknown
 		}
+
+		if !allowPartial {
+			// This does not affect how current unmarshal functions work, it just allows them
+			// to record this for lazy the decoding case.
+			in.Flags |= protoiface.UnmarshalCheckRequired
+		}
+		if o.NoLazyDecoding {
+			in.Flags |= protoiface.UnmarshalNoLazyDecoding
+		}
+
 		out, err = methods.Unmarshal(in)
 	} else {
 		o.RecursionLimit--
diff --git a/vendor/google.golang.org/protobuf/proto/encode.go b/vendor/google.golang.org/protobuf/proto/encode.go
index 4fed202f9..f0473c586 100644
--- a/vendor/google.golang.org/protobuf/proto/encode.go
+++ b/vendor/google.golang.org/protobuf/proto/encode.go
@@ -5,12 +5,17 @@
 package proto
 
 import (
+	"errors"
+	"fmt"
+
 	"google.golang.org/protobuf/encoding/protowire"
 	"google.golang.org/protobuf/internal/encoding/messageset"
 	"google.golang.org/protobuf/internal/order"
 	"google.golang.org/protobuf/internal/pragma"
 	"google.golang.org/protobuf/reflect/protoreflect"
 	"google.golang.org/protobuf/runtime/protoiface"
+
+	protoerrors "google.golang.org/protobuf/internal/errors"
 )
 
 // MarshalOptions configures the marshaler.
@@ -58,7 +63,8 @@ type MarshalOptions struct {
 	// options (except for UseCachedSize itself).
 	//
 	// 2. The message and all its submessages have not changed in any
-	// way since the Size call.
+	// way since the Size call. For lazily decoded messages, accessing
+	// a message results in decoding the message, which is a change.
 	//
 	// If either of these invariants is violated,
 	// the results are undefined and may include panics or corrupted output.
@@ -70,7 +76,32 @@ type MarshalOptions struct {
 	UseCachedSize bool
 }
 
+// flags turns the specified MarshalOptions (user-facing) into
+// protoiface.MarshalInputFlags (used internally by the marshaler).
+//
+// See impl.marshalOptions.Options for the inverse operation.
+func (o MarshalOptions) flags() protoiface.MarshalInputFlags {
+	var flags protoiface.MarshalInputFlags
+
+	// Note: o.AllowPartial is always forced to true by MarshalOptions.marshal,
+	// which is why it is not a part of MarshalInputFlags.
+
+	if o.Deterministic {
+		flags |= protoiface.MarshalDeterministic
+	}
+
+	if o.UseCachedSize {
+		flags |= protoiface.MarshalUseCachedSize
+	}
+
+	return flags
+}
+
 // Marshal returns the wire-format encoding of m.
+//
+// This is the most common entry point for encoding a Protobuf message.
+//
+// See the [MarshalOptions] type if you need more control.
 func Marshal(m Message) ([]byte, error) {
 	// Treat nil message interface as an empty message; nothing to output.
 	if m == nil {
@@ -116,6 +147,9 @@ func emptyBytesForMessage(m Message) []byte {
 
 // MarshalAppend appends the wire-format encoding of m to b,
 // returning the result.
+//
+// This is a less common entry point than [Marshal], which is only needed if you
+// need to supply your own buffers for performance reasons.
 func (o MarshalOptions) MarshalAppend(b []byte, m Message) ([]byte, error) {
 	// Treat nil message interface as an empty message; nothing to append.
 	if m == nil {
@@ -145,12 +179,7 @@ func (o MarshalOptions) marshal(b []byte, m protoreflect.Message) (out protoifac
 		in := protoiface.MarshalInput{
 			Message: m,
 			Buf:     b,
-		}
-		if o.Deterministic {
-			in.Flags |= protoiface.MarshalDeterministic
-		}
-		if o.UseCachedSize {
-			in.Flags |= protoiface.MarshalUseCachedSize
+			Flags:   o.flags(),
 		}
 		if methods.Size != nil {
 			sout := methods.Size(protoiface.SizeInput{
@@ -168,6 +197,10 @@ func (o MarshalOptions) marshal(b []byte, m protoreflect.Message) (out protoifac
 		out.Buf, err = o.marshalMessageSlow(b, m)
 	}
 	if err != nil {
+		var mismatch *protoerrors.SizeMismatchError
+		if errors.As(err, &mismatch) {
+			return out, fmt.Errorf("marshaling %s: %v", string(m.Descriptor().FullName()), err)
+		}
 		return out, err
 	}
 	if allowPartial {
diff --git a/vendor/google.golang.org/protobuf/proto/equal.go b/vendor/google.golang.org/protobuf/proto/equal.go
index 1a0be1b03..c36d4a9cd 100644
--- a/vendor/google.golang.org/protobuf/proto/equal.go
+++ b/vendor/google.golang.org/protobuf/proto/equal.go
@@ -8,6 +8,7 @@ import (
 	"reflect"
 
 	"google.golang.org/protobuf/reflect/protoreflect"
+	"google.golang.org/protobuf/runtime/protoiface"
 )
 
 // Equal reports whether two messages are equal,
@@ -51,6 +52,14 @@ func Equal(x, y Message) bool {
 	if mx.IsValid() != my.IsValid() {
 		return false
 	}
+
+	// Only one of the messages needs to implement the fast-path for it to work.
+	pmx := protoMethods(mx)
+	pmy := protoMethods(my)
+	if pmx != nil && pmy != nil && pmx.Equal != nil && pmy.Equal != nil {
+		return pmx.Equal(protoiface.EqualInput{MessageA: mx, MessageB: my}).Equal
+	}
+
 	vx := protoreflect.ValueOfMessage(mx)
 	vy := protoreflect.ValueOfMessage(my)
 	return vx.Equal(vy)
diff --git a/vendor/google.golang.org/protobuf/proto/extension.go b/vendor/google.golang.org/protobuf/proto/extension.go
index 17899a3a7..78445d116 100644
--- a/vendor/google.golang.org/protobuf/proto/extension.go
+++ b/vendor/google.golang.org/protobuf/proto/extension.go
@@ -11,18 +11,21 @@ import (
 // HasExtension reports whether an extension field is populated.
 // It returns false if m is invalid or if xt does not extend m.
 func HasExtension(m Message, xt protoreflect.ExtensionType) bool {
-	// Treat nil message interface as an empty message; no populated fields.
-	if m == nil {
+	// Treat nil message interface or descriptor as an empty message; no populated
+	// fields.
+	if m == nil || xt == nil {
 		return false
 	}
 
 	// As a special-case, we reports invalid or mismatching descriptors
 	// as always not being populated (since they aren't).
-	if xt == nil || m.ProtoReflect().Descriptor() != xt.TypeDescriptor().ContainingMessage() {
+	mr := m.ProtoReflect()
+	xd := xt.TypeDescriptor()
+	if mr.Descriptor() != xd.ContainingMessage() {
 		return false
 	}
 
-	return m.ProtoReflect().Has(xt.TypeDescriptor())
+	return mr.Has(xd)
 }
 
 // ClearExtension clears an extension field such that subsequent
@@ -36,7 +39,49 @@ func ClearExtension(m Message, xt protoreflect.ExtensionType) {
 // If the field is unpopulated, it returns the default value for
 // scalars and an immutable, empty value for lists or messages.
 // It panics if xt does not extend m.
-func GetExtension(m Message, xt protoreflect.ExtensionType) interface{} {
+//
+// The type of the value is dependent on the field type of the extension.
+// For extensions generated by protoc-gen-go, the Go type is as follows:
+//
+//	╔═══════════════════╤═════════════════════════╗
+//	║ Go type           │ Protobuf kind           ║
+//	╠═══════════════════╪═════════════════════════╣
+//	║ bool              │ bool                    ║
+//	║ int32             │ int32, sint32, sfixed32 ║
+//	║ int64             │ int64, sint64, sfixed64 ║
+//	║ uint32            │ uint32, fixed32         ║
+//	║ uint64            │ uint64, fixed64         ║
+//	║ float32           │ float                   ║
+//	║ float64           │ double                  ║
+//	║ string            │ string                  ║
+//	║ []byte            │ bytes                   ║
+//	║ protoreflect.Enum │ enum                    ║
+//	║ proto.Message     │ message, group          ║
+//	╚═══════════════════╧═════════════════════════╝
+//
+// The protoreflect.Enum and proto.Message types are the concrete Go type
+// associated with the named enum or message. Repeated fields are represented
+// using a Go slice of the base element type.
+//
+// If a generated extension descriptor variable is directly passed to
+// GetExtension, then the call should be followed immediately by a
+// type assertion to the expected output value. For example:
+//
+//	mm := proto.GetExtension(m, foopb.E_MyExtension).(*foopb.MyMessage)
+//
+// This pattern enables static analysis tools to verify that the asserted type
+// matches the Go type associated with the extension field and
+// also enables a possible future migration to a type-safe extension API.
+//
+// Since singular messages are the most common extension type, the pattern of
+// calling HasExtension followed by GetExtension may be simplified to:
+//
+//	if mm := proto.GetExtension(m, foopb.E_MyExtension).(*foopb.MyMessage); mm != nil {
+//	    ... // make use of mm
+//	}
+//
+// The mm variable is non-nil if and only if HasExtension reports true.
+func GetExtension(m Message, xt protoreflect.ExtensionType) any {
 	// Treat nil message interface as an empty message; return the default.
 	if m == nil {
 		return xt.InterfaceOf(xt.Zero())
@@ -48,7 +93,36 @@ func GetExtension(m Message, xt protoreflect.ExtensionType) interface{} {
 // SetExtension stores the value of an extension field.
 // It panics if m is invalid, xt does not extend m, or if type of v
 // is invalid for the specified extension field.
-func SetExtension(m Message, xt protoreflect.ExtensionType, v interface{}) {
+//
+// The type of the value is dependent on the field type of the extension.
+// For extensions generated by protoc-gen-go, the Go type is as follows:
+//
+//	╔═══════════════════╤═════════════════════════╗
+//	║ Go type           │ Protobuf kind           ║
+//	╠═══════════════════╪═════════════════════════╣
+//	║ bool              │ bool                    ║
+//	║ int32             │ int32, sint32, sfixed32 ║
+//	║ int64             │ int64, sint64, sfixed64 ║
+//	║ uint32            │ uint32, fixed32         ║
+//	║ uint64            │ uint64, fixed64         ║
+//	║ float32           │ float                   ║
+//	║ float64           │ double                  ║
+//	║ string            │ string                  ║
+//	║ []byte            │ bytes                   ║
+//	║ protoreflect.Enum │ enum                    ║
+//	║ proto.Message     │ message, group          ║
+//	╚═══════════════════╧═════════════════════════╝
+//
+// The protoreflect.Enum and proto.Message types are the concrete Go type
+// associated with the named enum or message. Repeated fields are represented
+// using a Go slice of the base element type.
+//
+// If a generated extension descriptor variable is directly passed to
+// SetExtension (e.g., foopb.E_MyExtension), then the value should be a
+// concrete type that matches the expected Go type for the extension descriptor
+// so that static analysis tools can verify type correctness.
+// This also enables a possible future migration to a type-safe extension API.
+func SetExtension(m Message, xt protoreflect.ExtensionType, v any) {
 	xd := xt.TypeDescriptor()
 	pv := xt.ValueOf(v)
 
@@ -75,7 +149,7 @@ func SetExtension(m Message, xt protoreflect.ExtensionType, v interface{}) {
 // It returns immediately if f returns false.
 // While iterating, mutating operations may only be performed
 // on the current extension field.
-func RangeExtensions(m Message, f func(protoreflect.ExtensionType, interface{}) bool) {
+func RangeExtensions(m Message, f func(protoreflect.ExtensionType, any) bool) {
 	// Treat nil message interface as an empty message; nothing to range over.
 	if m == nil {
 		return
diff --git a/vendor/google.golang.org/protobuf/proto/messageset.go b/vendor/google.golang.org/protobuf/proto/messageset.go
index 312d5d45c..575d14831 100644
--- a/vendor/google.golang.org/protobuf/proto/messageset.go
+++ b/vendor/google.golang.org/protobuf/proto/messageset.go
@@ -47,11 +47,16 @@ func (o MarshalOptions) marshalMessageSet(b []byte, m protoreflect.Message) ([]b
 func (o MarshalOptions) marshalMessageSetField(b []byte, fd protoreflect.FieldDescriptor, value protoreflect.Value) ([]byte, error) {
 	b = messageset.AppendFieldStart(b, fd.Number())
 	b = protowire.AppendTag(b, messageset.FieldMessage, protowire.BytesType)
-	b = protowire.AppendVarint(b, uint64(o.Size(value.Message().Interface())))
+	calculatedSize := o.Size(value.Message().Interface())
+	b = protowire.AppendVarint(b, uint64(calculatedSize))
+	before := len(b)
 	b, err := o.marshalMessage(b, value.Message())
 	if err != nil {
 		return b, err
 	}
+	if measuredSize := len(b) - before; calculatedSize != measuredSize {
+		return nil, errors.MismatchedSizeCalculation(calculatedSize, measuredSize)
+	}
 	b = messageset.AppendFieldEnd(b)
 	return b, nil
 }
diff --git a/vendor/google.golang.org/protobuf/proto/size.go b/vendor/google.golang.org/protobuf/proto/size.go
index f1692b49b..c8675806c 100644
--- a/vendor/google.golang.org/protobuf/proto/size.go
+++ b/vendor/google.golang.org/protobuf/proto/size.go
@@ -12,11 +12,19 @@ import (
 )
 
 // Size returns the size in bytes of the wire-format encoding of m.
+//
+// Note that Size might return more bytes than Marshal will write in the case of
+// lazily decoded messages that arrive in non-minimal wire format: see
+// https://protobuf.dev/reference/go/size/ for more details.
 func Size(m Message) int {
 	return MarshalOptions{}.Size(m)
 }
 
 // Size returns the size in bytes of the wire-format encoding of m.
+//
+// Note that Size might return more bytes than Marshal will write in the case of
+// lazily decoded messages that arrive in non-minimal wire format: see
+// https://protobuf.dev/reference/go/size/ for more details.
 func (o MarshalOptions) Size(m Message) int {
 	// Treat a nil message interface as an empty message; nothing to output.
 	if m == nil {
@@ -34,6 +42,7 @@ func (o MarshalOptions) size(m protoreflect.Message) (size int) {
 	if methods != nil && methods.Size != nil {
 		out := methods.Size(protoiface.SizeInput{
 			Message: m,
+			Flags:   o.flags(),
 		})
 		return out.Size
 	}
@@ -42,6 +51,7 @@ func (o MarshalOptions) size(m protoreflect.Message) (size int) {
 		// This case is mainly used for legacy types with a Marshal method.
 		out, _ := methods.Marshal(protoiface.MarshalInput{
 			Message: m,
+			Flags:   o.flags(),
 		})
 		return len(out.Buf)
 	}
diff --git a/vendor/google.golang.org/protobuf/proto/wrapperopaque.go b/vendor/google.golang.org/protobuf/proto/wrapperopaque.go
new file mode 100644
index 000000000..267fd0f1f
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/proto/wrapperopaque.go
@@ -0,0 +1,80 @@
+// Copyright 2024 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package proto
+
+// ValueOrNil returns nil if has is false, or a pointer to a new variable
+// containing the value returned by the specified getter.
+//
+// This function is similar to the wrappers (proto.Int32(), proto.String(),
+// etc.), but is generic (works for any field type) and works with the hasser
+// and getter of a field, as opposed to a value.
+//
+// This is convenient when populating builder fields.
+//
+// Example:
+//
+//	hop := attr.GetDirectHop()
+//	injectedRoute := ripb.InjectedRoute_builder{
+//	  Prefixes: route.GetPrefixes(),
+//	  NextHop:  proto.ValueOrNil(hop.HasAddress(), hop.GetAddress),
+//	}
+func ValueOrNil[T any](has bool, getter func() T) *T {
+	if !has {
+		return nil
+	}
+	v := getter()
+	return &v
+}
+
+// ValueOrDefault returns the protobuf message val if val is not nil, otherwise
+// it returns a pointer to an empty val message.
+//
+// This function allows for translating code from the old Open Struct API to the
+// new Opaque API.
+//
+// The old Open Struct API represented oneof fields with a wrapper struct:
+//
+//	var signedImg *accountpb.SignedImage
+//	profile := &accountpb.Profile{
+//		// The Avatar oneof will be set, with an empty SignedImage.
+//		Avatar: &accountpb.Profile_SignedImage{signedImg},
+//	}
+//
+// The new Opaque API treats oneof fields like regular fields, there are no more
+// wrapper structs:
+//
+//	var signedImg *accountpb.SignedImage
+//	profile := &accountpb.Profile{}
+//	profile.SetSignedImage(signedImg)
+//
+// For convenience, the Opaque API also offers Builders, which allow for a
+// direct translation of struct initialization. However, because Builders use
+// nilness to represent field presence (but there is no non-nil wrapper struct
+// anymore), Builders cannot distinguish between an unset oneof and a set oneof
+// with nil message. The above code would need to be translated with help of the
+// ValueOrDefault function to retain the same behavior:
+//
+//	var signedImg *accountpb.SignedImage
+//	return &accountpb.Profile_builder{
+//		SignedImage: proto.ValueOrDefault(signedImg),
+//	}.Build()
+func ValueOrDefault[T interface {
+	*P
+	Message
+}, P any](val T) T {
+	if val == nil {
+		return T(new(P))
+	}
+	return val
+}
+
+// ValueOrDefaultBytes is like ValueOrDefault but for working with fields of
+// type []byte.
+func ValueOrDefaultBytes(val []byte) []byte {
+	if val == nil {
+		return []byte{}
+	}
+	return val
+}
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/methods.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/methods.go
index d5d5af6eb..742cb518c 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/methods.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/methods.go
@@ -23,6 +23,7 @@ type (
 		Unmarshal        func(unmarshalInput) (unmarshalOutput, error)
 		Merge            func(mergeInput) mergeOutput
 		CheckInitialized func(checkInitializedInput) (checkInitializedOutput, error)
+		Equal            func(equalInput) equalOutput
 	}
 	supportFlags = uint64
 	sizeInput    = struct {
@@ -75,4 +76,13 @@ type (
 	checkInitializedOutput = struct {
 		pragma.NoUnkeyedLiterals
 	}
+	equalInput = struct {
+		pragma.NoUnkeyedLiterals
+		MessageA Message
+		MessageB Message
+	}
+	equalOutput = struct {
+		pragma.NoUnkeyedLiterals
+		Equal bool
+	}
 )
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
index 00b01fbd8..c85bfaa5b 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
@@ -161,7 +161,7 @@ const (
 // IsValid reports whether the syntax is valid.
 func (s Syntax) IsValid() bool {
 	switch s {
-	case Proto2, Proto3:
+	case Proto2, Proto3, Editions:
 		return true
 	default:
 		return false
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
index 7dcc2ff09..ea154eec4 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
@@ -373,6 +373,8 @@ func (p *SourcePath) appendFieldOptions(b []byte) []byte {
 		b = p.appendRepeatedField(b, "edition_defaults", (*SourcePath).appendFieldOptions_EditionDefault)
 	case 21:
 		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
+	case 22:
+		b = p.appendSingularField(b, "feature_support", (*SourcePath).appendFieldOptions_FeatureSupport)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -483,6 +485,8 @@ func (p *SourcePath) appendEnumValueOptions(b []byte) []byte {
 		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 3:
 		b = p.appendSingularField(b, "debug_redact", nil)
+	case 4:
+		b = p.appendSingularField(b, "feature_support", (*SourcePath).appendFieldOptions_FeatureSupport)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -519,6 +523,23 @@ func (p *SourcePath) appendFieldOptions_EditionDefault(b []byte) []byte {
 	return b
 }
 
+func (p *SourcePath) appendFieldOptions_FeatureSupport(b []byte) []byte {
+	if len(*p) == 0 {
+		return b
+	}
+	switch (*p)[0] {
+	case 1:
+		b = p.appendSingularField(b, "edition_introduced", nil)
+	case 2:
+		b = p.appendSingularField(b, "edition_deprecated", nil)
+	case 3:
+		b = p.appendSingularField(b, "deprecation_warning", nil)
+	case 4:
+		b = p.appendSingularField(b, "edition_removed", nil)
+	}
+	return b
+}
+
 func (p *SourcePath) appendUninterpretedOption_NamePart(b []byte) []byte {
 	if len(*p) == 0 {
 		return b
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go
index 60ff62b4c..cd8fadbaf 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go
@@ -510,7 +510,7 @@ type ExtensionType interface {
 	//
 	// ValueOf is more extensive than protoreflect.ValueOf for a given field's
 	// value as it has more type information available.
-	ValueOf(interface{}) Value
+	ValueOf(any) Value
 
 	// InterfaceOf completely unwraps the Value to the underlying Go type.
 	// InterfaceOf panics if the input is nil or does not represent the
@@ -519,13 +519,13 @@ type ExtensionType interface {
 	//
 	// InterfaceOf is able to unwrap the Value further than Value.Interface
 	// as it has more type information available.
-	InterfaceOf(Value) interface{}
+	InterfaceOf(Value) any
 
 	// IsValidValue reports whether the Value is valid to assign to the field.
 	IsValidValue(Value) bool
 
 	// IsValidInterface reports whether the input is valid to assign to the field.
-	IsValidInterface(interface{}) bool
+	IsValidInterface(any) bool
 }
 
 // EnumDescriptor describes an enum and
@@ -544,6 +544,12 @@ type EnumDescriptor interface {
 	// ReservedRanges is a list of reserved ranges of enum numbers.
 	ReservedRanges() EnumRanges
 
+	// IsClosed reports whether this enum uses closed semantics.
+	// See https://protobuf.dev/programming-guides/enum/#definitions.
+	// Note: the Go protobuf implementation is not spec compliant and treats
+	// all enums as open enums.
+	IsClosed() bool
+
 	isEnumDescriptor
 }
 type isEnumDescriptor interface{ ProtoType(EnumDescriptor) }
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go
index a7b0d06ff..a4b78acef 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go
@@ -152,7 +152,7 @@ type Message interface {
 	// This method may return nil.
 	//
 	// The returned methods type is identical to
-	// google.golang.org/protobuf/runtime/protoiface.Methods.
+	// [google.golang.org/protobuf/runtime/protoiface.Methods].
 	// Consult the protoiface package documentation for details.
 	ProtoMethods() *methods
 }
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_pure.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_pure.go
deleted file mode 100644
index 7ced876f4..000000000
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_pure.go
+++ /dev/null
@@ -1,60 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build purego || appengine
-// +build purego appengine
-
-package protoreflect
-
-import "google.golang.org/protobuf/internal/pragma"
-
-type valueType int
-
-const (
-	nilType valueType = iota
-	boolType
-	int32Type
-	int64Type
-	uint32Type
-	uint64Type
-	float32Type
-	float64Type
-	stringType
-	bytesType
-	enumType
-	ifaceType
-)
-
-// value is a union where only one type can be represented at a time.
-// This uses a distinct field for each type. This is type safe in Go, but
-// occupies more memory than necessary (72B).
-type value struct {
-	pragma.DoNotCompare // 0B
-
-	typ   valueType   // 8B
-	num   uint64      // 8B
-	str   string      // 16B
-	bin   []byte      // 24B
-	iface interface{} // 16B
-}
-
-func valueOfString(v string) Value {
-	return Value{typ: stringType, str: v}
-}
-func valueOfBytes(v []byte) Value {
-	return Value{typ: bytesType, bin: v}
-}
-func valueOfIface(v interface{}) Value {
-	return Value{typ: ifaceType, iface: v}
-}
-
-func (v Value) getString() string {
-	return v.str
-}
-func (v Value) getBytes() []byte {
-	return v.bin
-}
-func (v Value) getIface() interface{} {
-	return v.iface
-}
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go
index 160309731..9fe83cef5 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go
@@ -69,8 +69,8 @@ import (
 // composite Value. Modifying an empty, read-only value panics.
 type Value value
 
-// The protoreflect API uses a custom Value union type instead of interface{}
-// to keep the future open for performance optimizations. Using an interface{}
+// The protoreflect API uses a custom Value union type instead of any
+// to keep the future open for performance optimizations. Using an any
 // always incurs an allocation for primitives (e.g., int64) since it needs to
 // be boxed on the heap (as interfaces can only contain pointers natively).
 // Instead, we represent the Value union as a flat struct that internally keeps
@@ -85,7 +85,7 @@ type Value value
 // ValueOf returns a Value initialized with the concrete value stored in v.
 // This panics if the type does not match one of the allowed types in the
 // Value union.
-func ValueOf(v interface{}) Value {
+func ValueOf(v any) Value {
 	switch v := v.(type) {
 	case nil:
 		return Value{}
@@ -192,10 +192,10 @@ func (v Value) IsValid() bool {
 	return v.typ != nilType
 }
 
-// Interface returns v as an interface{}.
+// Interface returns v as an any.
 //
 // Invariant: v == ValueOf(v).Interface()
-func (v Value) Interface() interface{} {
+func (v Value) Interface() any {
 	switch v.typ {
 	case nilType:
 		return nil
@@ -406,8 +406,8 @@ func (k MapKey) IsValid() bool {
 	return Value(k).IsValid()
 }
 
-// Interface returns k as an interface{}.
-func (k MapKey) Interface() interface{} {
+// Interface returns k as an any.
+func (k MapKey) Interface() any {
 	return Value(k).Interface()
 }
 
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go
index b1fdbe3e8..0015fcb35 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go
@@ -2,8 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !purego && !appengine && !go1.21
-// +build !purego,!appengine,!go1.21
+//go:build !go1.21
 
 package protoreflect
 
@@ -45,7 +44,7 @@ var (
 
 // typeOf returns a pointer to the Go type information.
 // The pointer is comparable and equal if and only if the types are identical.
-func typeOf(t interface{}) unsafe.Pointer {
+func typeOf(t any) unsafe.Pointer {
 	return (*ifaceHeader)(unsafe.Pointer(&t)).Type
 }
 
@@ -80,7 +79,7 @@ func valueOfBytes(v []byte) Value {
 	p := (*sliceHeader)(unsafe.Pointer(&v))
 	return Value{typ: bytesType, ptr: p.Data, num: uint64(len(v))}
 }
-func valueOfIface(v interface{}) Value {
+func valueOfIface(v any) Value {
 	p := (*ifaceHeader)(unsafe.Pointer(&v))
 	return Value{typ: p.Type, ptr: p.Data}
 }
@@ -93,7 +92,7 @@ func (v Value) getBytes() (x []byte) {
 	*(*sliceHeader)(unsafe.Pointer(&x)) = sliceHeader{Data: v.ptr, Len: int(v.num), Cap: int(v.num)}
 	return x
 }
-func (v Value) getIface() (x interface{}) {
+func (v Value) getIface() (x any) {
 	*(*ifaceHeader)(unsafe.Pointer(&x)) = ifaceHeader{Type: v.typ, Data: v.ptr}
 	return x
 }
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go
index 435470111..479527b58 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go
@@ -2,8 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !purego && !appengine && go1.21
-// +build !purego,!appengine,go1.21
+//go:build go1.21
 
 package protoreflect
 
@@ -15,7 +14,7 @@ import (
 
 type (
 	ifaceHeader struct {
-		_    [0]interface{} // if interfaces have greater alignment than unsafe.Pointer, this will enforce it.
+		_    [0]any // if interfaces have greater alignment than unsafe.Pointer, this will enforce it.
 		Type unsafe.Pointer
 		Data unsafe.Pointer
 	}
@@ -37,7 +36,7 @@ var (
 
 // typeOf returns a pointer to the Go type information.
 // The pointer is comparable and equal if and only if the types are identical.
-func typeOf(t interface{}) unsafe.Pointer {
+func typeOf(t any) unsafe.Pointer {
 	return (*ifaceHeader)(unsafe.Pointer(&t)).Type
 }
 
@@ -70,7 +69,7 @@ func valueOfString(v string) Value {
 func valueOfBytes(v []byte) Value {
 	return Value{typ: bytesType, ptr: unsafe.Pointer(unsafe.SliceData(v)), num: uint64(len(v))}
 }
-func valueOfIface(v interface{}) Value {
+func valueOfIface(v any) Value {
 	p := (*ifaceHeader)(unsafe.Pointer(&v))
 	return Value{typ: p.Type, ptr: p.Data}
 }
@@ -81,7 +80,7 @@ func (v Value) getString() string {
 func (v Value) getBytes() []byte {
 	return unsafe.Slice((*byte)(v.ptr), v.num)
 }
-func (v Value) getIface() (x interface{}) {
+func (v Value) getIface() (x any) {
 	*(*ifaceHeader)(unsafe.Pointer(&x)) = ifaceHeader{Type: v.typ, Data: v.ptr}
 	return x
 }
diff --git a/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go b/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go
index 6267dc52a..de1777339 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go
@@ -95,7 +95,7 @@ type Files struct {
 	// multiple files. Only top-level declarations are registered.
 	// Note that enum values are in the top-level since that are in the same
 	// scope as the parent enum.
-	descsByName map[protoreflect.FullName]interface{}
+	descsByName map[protoreflect.FullName]any
 	filesByPath map[string][]protoreflect.FileDescriptor
 	numFiles    int
 }
@@ -117,7 +117,7 @@ func (r *Files) RegisterFile(file protoreflect.FileDescriptor) error {
 		defer globalMutex.Unlock()
 	}
 	if r.descsByName == nil {
-		r.descsByName = map[protoreflect.FullName]interface{}{
+		r.descsByName = map[protoreflect.FullName]any{
 			"": &packageDescriptor{},
 		}
 		r.filesByPath = make(map[string][]protoreflect.FileDescriptor)
@@ -485,7 +485,7 @@ type Types struct {
 }
 
 type (
-	typesByName         map[protoreflect.FullName]interface{}
+	typesByName         map[protoreflect.FullName]any
 	extensionsByMessage map[protoreflect.FullName]extensionsByNumber
 	extensionsByNumber  map[protoreflect.FieldNumber]protoreflect.ExtensionType
 )
@@ -570,7 +570,7 @@ func (r *Types) RegisterExtension(xt protoreflect.ExtensionType) error {
 	return nil
 }
 
-func (r *Types) register(kind string, desc protoreflect.Descriptor, typ interface{}) error {
+func (r *Types) register(kind string, desc protoreflect.Descriptor, typ any) error {
 	name := desc.FullName()
 	prev := r.typesByName[name]
 	if prev != nil {
@@ -841,7 +841,7 @@ func (r *Types) RangeExtensionsByMessage(message protoreflect.FullName, f func(p
 	}
 }
 
-func typeName(t interface{}) string {
+func typeName(t any) string {
 	switch t.(type) {
 	case protoreflect.EnumType:
 		return "enum"
@@ -854,7 +854,7 @@ func typeName(t interface{}) string {
 	}
 }
 
-func amendErrorWithCaller(err error, prev, curr interface{}) error {
+func amendErrorWithCaller(err error, prev, curr any) error {
 	prevPkg := goPackage(prev)
 	currPkg := goPackage(curr)
 	if prevPkg == "" || currPkg == "" || prevPkg == currPkg {
@@ -863,7 +863,7 @@ func amendErrorWithCaller(err error, prev, curr interface{}) error {
 	return errors.New("%s\n\tpreviously from: %q\n\tcurrently from:  %q", err, prevPkg, currPkg)
 }
 
-func goPackage(v interface{}) string {
+func goPackage(v any) string {
 	switch d := v.(type) {
 	case protoreflect.EnumType:
 		v = d.Descriptor()
diff --git a/vendor/google.golang.org/protobuf/runtime/protoiface/methods.go b/vendor/google.golang.org/protobuf/runtime/protoiface/methods.go
index 44cf467d8..28e9e9f03 100644
--- a/vendor/google.golang.org/protobuf/runtime/protoiface/methods.go
+++ b/vendor/google.golang.org/protobuf/runtime/protoiface/methods.go
@@ -39,6 +39,9 @@ type Methods = struct {
 
 	// CheckInitialized returns an error if any required fields in the message are not set.
 	CheckInitialized func(CheckInitializedInput) (CheckInitializedOutput, error)
+
+	// Equal compares two messages and returns EqualOutput.Equal == true if they are equal.
+	Equal func(EqualInput) EqualOutput
 }
 
 // SupportFlags indicate support for optional features.
@@ -119,6 +122,22 @@ type UnmarshalInputFlags = uint8
 
 const (
 	UnmarshalDiscardUnknown UnmarshalInputFlags = 1 << iota
+
+	// UnmarshalAliasBuffer permits unmarshal operations to alias the input buffer.
+	// The unmarshaller must not modify the contents of the buffer.
+	UnmarshalAliasBuffer
+
+	// UnmarshalValidated indicates that validation has already been
+	// performed on the input buffer.
+	UnmarshalValidated
+
+	// UnmarshalCheckRequired is set if this unmarshal operation ultimately will care if required fields are
+	// initialized.
+	UnmarshalCheckRequired
+
+	// UnmarshalNoLazyDecoding is set if this unmarshal operation should not use
+	// lazy decoding, even when otherwise available.
+	UnmarshalNoLazyDecoding
 )
 
 // UnmarshalOutputFlags are output from the Unmarshal method.
@@ -166,3 +185,18 @@ type CheckInitializedInput = struct {
 type CheckInitializedOutput = struct {
 	pragma.NoUnkeyedLiterals
 }
+
+// EqualInput is input to the Equal method.
+type EqualInput = struct {
+	pragma.NoUnkeyedLiterals
+
+	MessageA protoreflect.Message
+	MessageB protoreflect.Message
+}
+
+// EqualOutput is output from the Equal method.
+type EqualOutput = struct {
+	pragma.NoUnkeyedLiterals
+
+	Equal bool
+}
diff --git a/vendor/google.golang.org/protobuf/runtime/protoimpl/impl.go b/vendor/google.golang.org/protobuf/runtime/protoimpl/impl.go
index 4a1ab7fb3..93df1b569 100644
--- a/vendor/google.golang.org/protobuf/runtime/protoimpl/impl.go
+++ b/vendor/google.golang.org/protobuf/runtime/protoimpl/impl.go
@@ -15,6 +15,7 @@ import (
 	"google.golang.org/protobuf/internal/filedesc"
 	"google.golang.org/protobuf/internal/filetype"
 	"google.golang.org/protobuf/internal/impl"
+	"google.golang.org/protobuf/internal/protolazy"
 )
 
 // UnsafeEnabled specifies whether package unsafe can be used.
@@ -39,6 +40,9 @@ type (
 	ExtensionFieldV1 = impl.ExtensionField
 
 	Pointer = impl.Pointer
+
+	LazyUnmarshalInfo  = *protolazy.XXX_lazyUnmarshalInfo
+	RaceDetectHookData = impl.RaceDetectHookData
 )
 
 var X impl.Export
diff --git a/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go b/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
index 81511a336..9550109aa 100644
--- a/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
+++ b/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
@@ -170,10 +170,7 @@ import (
 // http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime()
 // ) to obtain a formatter capable of generating timestamps in this format.
 type Timestamp struct {
-	state         protoimpl.MessageState
-	sizeCache     protoimpl.SizeCache
-	unknownFields protoimpl.UnknownFields
-
+	state protoimpl.MessageState `protogen:"open.v1"`
 	// Represents seconds of UTC time since Unix epoch
 	// 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
 	// 9999-12-31T23:59:59Z inclusive.
@@ -182,7 +179,9 @@ type Timestamp struct {
 	// second values with fractions must still have non-negative nanos values
 	// that count forward in time. Must be from 0 to 999,999,999
 	// inclusive.
-	Nanos int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"`
+	Nanos         int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"`
+	unknownFields protoimpl.UnknownFields
+	sizeCache     protoimpl.SizeCache
 }
 
 // Now constructs a new Timestamp from the current time.
@@ -254,11 +253,9 @@ func (x *Timestamp) check() uint {
 
 func (x *Timestamp) Reset() {
 	*x = Timestamp{}
-	if protoimpl.UnsafeEnabled {
-		mi := &file_google_protobuf_timestamp_proto_msgTypes[0]
-		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-		ms.StoreMessageInfo(mi)
-	}
+	mi := &file_google_protobuf_timestamp_proto_msgTypes[0]
+	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+	ms.StoreMessageInfo(mi)
 }
 
 func (x *Timestamp) String() string {
@@ -269,7 +266,7 @@ func (*Timestamp) ProtoMessage() {}
 
 func (x *Timestamp) ProtoReflect() protoreflect.Message {
 	mi := &file_google_protobuf_timestamp_proto_msgTypes[0]
-	if protoimpl.UnsafeEnabled && x != nil {
+	if x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
@@ -332,7 +329,7 @@ func file_google_protobuf_timestamp_proto_rawDescGZIP() []byte {
 }
 
 var file_google_protobuf_timestamp_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
-var file_google_protobuf_timestamp_proto_goTypes = []interface{}{
+var file_google_protobuf_timestamp_proto_goTypes = []any{
 	(*Timestamp)(nil), // 0: google.protobuf.Timestamp
 }
 var file_google_protobuf_timestamp_proto_depIdxs = []int32{
@@ -348,20 +345,6 @@ func file_google_protobuf_timestamp_proto_init() {
 	if File_google_protobuf_timestamp_proto != nil {
 		return
 	}
-	if !protoimpl.UnsafeEnabled {
-		file_google_protobuf_timestamp_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
-			switch v := v.(*Timestamp); i {
-			case 0:
-				return &v.state
-			case 1:
-				return &v.sizeCache
-			case 2:
-				return &v.unknownFields
-			default:
-				return nil
-			}
-		}
-	}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
diff --git a/vendor/k8s.io/klog/v2/klog.go b/vendor/k8s.io/klog/v2/klog.go
index 026be9e3b..47ec9466a 100644
--- a/vendor/k8s.io/klog/v2/klog.go
+++ b/vendor/k8s.io/klog/v2/klog.go
@@ -404,13 +404,6 @@ func (t *traceLocation) Set(value string) error {
 	return nil
 }
 
-// flushSyncWriter is the interface satisfied by logging destinations.
-type flushSyncWriter interface {
-	Flush() error
-	Sync() error
-	io.Writer
-}
-
 var logging loggingT
 var commandLine flag.FlagSet
 
@@ -486,7 +479,7 @@ type settings struct {
 	// Access to all of the following fields must be protected via a mutex.
 
 	// file holds writer for each of the log types.
-	file [severity.NumSeverity]flushSyncWriter
+	file [severity.NumSeverity]io.Writer
 	// flushInterval is the interval for periodic flushing. If zero,
 	// the global default will be used.
 	flushInterval time.Duration
@@ -831,32 +824,12 @@ func (l *loggingT) printS(err error, s severity.Severity, depth int, msg string,
 	buffer.PutBuffer(b)
 }
 
-// redirectBuffer is used to set an alternate destination for the logs
-type redirectBuffer struct {
-	w io.Writer
-}
-
-func (rb *redirectBuffer) Sync() error {
-	return nil
-}
-
-func (rb *redirectBuffer) Flush() error {
-	return nil
-}
-
-func (rb *redirectBuffer) Write(bytes []byte) (n int, err error) {
-	return rb.w.Write(bytes)
-}
-
 // SetOutput sets the output destination for all severities
 func SetOutput(w io.Writer) {
 	logging.mu.Lock()
 	defer logging.mu.Unlock()
 	for s := severity.FatalLog; s >= severity.InfoLog; s-- {
-		rb := &redirectBuffer{
-			w: w,
-		}
-		logging.file[s] = rb
+		logging.file[s] = w
 	}
 }
 
@@ -868,10 +841,7 @@ func SetOutputBySeverity(name string, w io.Writer) {
 	if !ok {
 		panic(fmt.Sprintf("SetOutputBySeverity(%q): unrecognized severity name", name))
 	}
-	rb := &redirectBuffer{
-		w: w,
-	}
-	logging.file[sev] = rb
+	logging.file[sev] = w
 }
 
 // LogToStderr sets whether to log exclusively to stderr, bypassing outputs
@@ -1011,7 +981,8 @@ func (l *loggingT) exit(err error) {
 		logExitFunc(err)
 		return
 	}
-	l.flushAll()
+	needToSync := l.flushAll()
+	l.syncAll(needToSync)
 	OsExit(2)
 }
 
@@ -1028,10 +999,6 @@ type syncBuffer struct {
 	maxbytes uint64 // The max number of bytes this syncBuffer.file can hold before cleaning up.
 }
 
-func (sb *syncBuffer) Sync() error {
-	return sb.file.Sync()
-}
-
 // CalculateMaxSize returns the real max size in bytes after considering the default max size and the flag options.
 func CalculateMaxSize() uint64 {
 	if logging.logFile != "" {
@@ -1223,24 +1190,45 @@ func StartFlushDaemon(interval time.Duration) {
 // lockAndFlushAll is like flushAll but locks l.mu first.
 func (l *loggingT) lockAndFlushAll() {
 	l.mu.Lock()
-	l.flushAll()
+	needToSync := l.flushAll()
 	l.mu.Unlock()
+	// Some environments are slow when syncing and holding the lock might cause contention.
+	l.syncAll(needToSync)
 }
 
-// flushAll flushes all the logs and attempts to "sync" their data to disk.
+// flushAll flushes all the logs
 // l.mu is held.
-func (l *loggingT) flushAll() {
+//
+// The result is the number of files which need to be synced and the pointers to them.
+func (l *loggingT) flushAll() fileArray {
+	var needToSync fileArray
+
 	// Flush from fatal down, in case there's trouble flushing.
 	for s := severity.FatalLog; s >= severity.InfoLog; s-- {
 		file := l.file[s]
-		if file != nil {
-			_ = file.Flush() // ignore error
-			_ = file.Sync()  // ignore error
+		if sb, ok := file.(*syncBuffer); ok && sb.file != nil {
+			_ = sb.Flush() // ignore error
+			needToSync.files[needToSync.num] = sb.file
+			needToSync.num++
 		}
 	}
 	if logging.loggerOptions.flush != nil {
 		logging.loggerOptions.flush()
 	}
+	return needToSync
+}
+
+type fileArray struct {
+	num   int
+	files [severity.NumSeverity]*os.File
+}
+
+// syncAll attempts to "sync" their data to disk.
+func (l *loggingT) syncAll(needToSync fileArray) {
+	// Flush from fatal down, in case there's trouble flushing.
+	for i := 0; i < needToSync.num; i++ {
+		_ = needToSync.files[i].Sync() // ignore error
+	}
 }
 
 // CopyStandardLogTo arranges for messages written to the Go "log" package's
diff --git a/vendor/modules.txt b/vendor/modules.txt
index cb8033fad..48db5268c 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -9,7 +9,7 @@ filippo.io/edwards25519/field
 # github.com/beorn7/perks v1.0.1
 ## explicit; go 1.11
 github.com/beorn7/perks/quantile
-# github.com/cespare/xxhash/v2 v2.2.0
+# github.com/cespare/xxhash/v2 v2.3.0
 ## explicit; go 1.11
 github.com/cespare/xxhash/v2
 # github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a
@@ -37,14 +37,14 @@ github.com/getsentry/sentry-go
 github.com/getsentry/sentry-go/internal/crypto/randutil
 github.com/getsentry/sentry-go/internal/debug
 github.com/getsentry/sentry-go/internal/ratelimit
-# github.com/go-logr/logr v1.4.1
+# github.com/go-logr/logr v1.4.2
 ## explicit; go 1.18
 github.com/go-logr/logr
-# github.com/go-sql-driver/mysql v1.8.0
+# github.com/go-sql-driver/mysql v1.8.1
 ## explicit; go 1.18
 github.com/go-sql-driver/mysql
-# github.com/google/certificate-transparency-go v1.1.8
-## explicit; go 1.21
+# github.com/google/certificate-transparency-go v1.3.1
+## explicit; go 1.22.0
 github.com/google/certificate-transparency-go
 github.com/google/certificate-transparency-go/asn1
 github.com/google/certificate-transparency-go/client
@@ -64,6 +64,15 @@ github.com/jmoiron/sqlx/types
 # github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 ## explicit
 github.com/kisielk/sqlstruct
+# github.com/klauspost/compress v1.17.11
+## explicit; go 1.21
+github.com/klauspost/compress
+github.com/klauspost/compress/fse
+github.com/klauspost/compress/huff0
+github.com/klauspost/compress/internal/cpuinfo
+github.com/klauspost/compress/internal/snapref
+github.com/klauspost/compress/zstd
+github.com/klauspost/compress/zstd/internal/xxhash
 # github.com/kylelemons/go-gypsy v1.0.0
 ## explicit; go 1.5
 github.com/kylelemons/go-gypsy/yaml
@@ -72,33 +81,35 @@ github.com/kylelemons/go-gypsy/yaml
 github.com/lib/pq
 github.com/lib/pq/oid
 github.com/lib/pq/scram
-# github.com/mattn/go-sqlite3 v1.14.22
+# github.com/mattn/go-sqlite3 v1.14.24
 ## explicit; go 1.19
 github.com/mattn/go-sqlite3
+# github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
+## explicit
+github.com/munnerz/goautoneg
 # github.com/pelletier/go-toml v1.9.3
 ## explicit; go 1.12
 github.com/pelletier/go-toml
-# github.com/prometheus/client_golang v1.19.0
+# github.com/prometheus/client_golang v1.20.5
 ## explicit; go 1.20
+github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil
+github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header
 github.com/prometheus/client_golang/prometheus
 github.com/prometheus/client_golang/prometheus/internal
 github.com/prometheus/client_golang/prometheus/promauto
 github.com/prometheus/client_golang/prometheus/promhttp
-# github.com/prometheus/client_model v0.5.0
+# github.com/prometheus/client_model v0.6.1
 ## explicit; go 1.19
 github.com/prometheus/client_model/go
-# github.com/prometheus/common v0.48.0
+# github.com/prometheus/common v0.55.0
 ## explicit; go 1.20
 github.com/prometheus/common/expfmt
-github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg
 github.com/prometheus/common/model
-# github.com/prometheus/procfs v0.12.0
-## explicit; go 1.19
+# github.com/prometheus/procfs v0.15.1
+## explicit; go 1.20
 github.com/prometheus/procfs
 github.com/prometheus/procfs/internal/fs
 github.com/prometheus/procfs/internal/util
-# github.com/stretchr/testify v1.8.4
-## explicit; go 1.20
 # github.com/weppos/publicsuffix-go v0.30.0
 ## explicit; go 1.16
 github.com/weppos/publicsuffix-go/publicsuffix
@@ -131,14 +142,13 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.21.0
-## explicit; go 1.18
+# golang.org/x/crypto v0.32.0
+## explicit; go 1.20
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
 golang.org/x/crypto/cryptobyte
 golang.org/x/crypto/cryptobyte/asn1
 golang.org/x/crypto/curve25519
-golang.org/x/crypto/curve25519/internal/field
 golang.org/x/crypto/ed25519
 golang.org/x/crypto/internal/alias
 golang.org/x/crypto/internal/poly1305
@@ -149,23 +159,23 @@ golang.org/x/crypto/pkcs12/internal/rc2
 golang.org/x/crypto/scrypt
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
-# golang.org/x/net v0.22.0
+# golang.org/x/net v0.34.0
 ## explicit; go 1.18
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.18.0
+# golang.org/x/sys v0.29.0
 ## explicit; go 1.18
 golang.org/x/sys/cpu
 golang.org/x/sys/unix
 golang.org/x/sys/windows
-# golang.org/x/text v0.14.0
+# golang.org/x/text v0.21.0
 ## explicit; go 1.18
 golang.org/x/text/secure/bidirule
 golang.org/x/text/transform
 golang.org/x/text/unicode/bidi
 golang.org/x/text/unicode/norm
-# google.golang.org/protobuf v1.33.0
-## explicit; go 1.17
+# google.golang.org/protobuf v1.36.2
+## explicit; go 1.21
 google.golang.org/protobuf/encoding/protodelim
 google.golang.org/protobuf/encoding/prototext
 google.golang.org/protobuf/encoding/protowire
@@ -185,6 +195,7 @@ google.golang.org/protobuf/internal/genid
 google.golang.org/protobuf/internal/impl
 google.golang.org/protobuf/internal/order
 google.golang.org/protobuf/internal/pragma
+google.golang.org/protobuf/internal/protolazy
 google.golang.org/protobuf/internal/set
 google.golang.org/protobuf/internal/strs
 google.golang.org/protobuf/internal/version
@@ -194,7 +205,7 @@ google.golang.org/protobuf/reflect/protoregistry
 google.golang.org/protobuf/runtime/protoiface
 google.golang.org/protobuf/runtime/protoimpl
 google.golang.org/protobuf/types/known/timestamppb
-# k8s.io/klog/v2 v2.120.1
+# k8s.io/klog/v2 v2.130.1
 ## explicit; go 1.18
 k8s.io/klog/v2
 k8s.io/klog/v2/internal/buffer

From 14f61be73922e6aebb8643da11749396c1b36ba4 Mon Sep 17 00:00:00 2001
From: Andrew Mitchell 
Date: Sat, 8 Feb 2025 14:37:45 -0500
Subject: [PATCH 69/73] Revert "Upgrade certificate-transparency-go from v1.1.8
 to v1.3.1"

This reverts commit 1a73d78a1852001b7b9c21f3eceea0e721ea6a6c.
---
 go.mod                                        |   35 +-
 go.sum                                        |   79 +-
 vendor/github.com/cespare/xxhash/v2/README.md |    2 -
 vendor/github.com/cespare/xxhash/v2/xxhash.go |   29 +-
 .../cespare/xxhash/v2/xxhash_asm.go           |    2 +-
 .../cespare/xxhash/v2/xxhash_other.go         |    2 +-
 .../cespare/xxhash/v2/xxhash_safe.go          |    2 +-
 .../cespare/xxhash/v2/xxhash_unsafe.go        |    2 +-
 vendor/github.com/go-logr/logr/README.md      |    1 -
 .../go-sql-driver/mysql/CHANGELOG.md          |   42 -
 .../github.com/go-sql-driver/mysql/README.md  |    2 +-
 vendor/github.com/go-sql-driver/mysql/auth.go |    2 +-
 .../go-sql-driver/mysql/connection.go         |   34 +-
 .../go-sql-driver/mysql/connector.go          |    2 +-
 .../github.com/go-sql-driver/mysql/errors.go  |    4 +-
 .../github.com/go-sql-driver/mysql/fields.go  |    2 +-
 .../go-sql-driver/mysql/nulltime.go           |    2 +-
 .../github.com/go-sql-driver/mysql/packets.go |   25 +-
 .../go-sql-driver/mysql/statement.go          |    6 +-
 .../.golangci.yaml                            |   10 +-
 .../certificate-transparency-go/AUTHORS       |    3 +-
 .../certificate-transparency-go/CHANGELOG.md  |  317 -
 .../certificate-transparency-go/CONTRIBUTORS  |    3 +-
 .../certificate-transparency-go/README.md     |    2 +-
 .../client/configpb/multilog.pb.go            |    2 +-
 .../cloudbuild.yaml                           |    7 -
 .../cloudbuild_master.yaml                    |    7 -
 .../cloudbuild_postgresql.yaml                |  161 -
 .../jsonclient/client.go                      |   12 +-
 .../certificate-transparency-go/types.go      |   15 -
 .../klauspost/compress/.gitattributes         |    2 -
 .../github.com/klauspost/compress/.gitignore  |   32 -
 .../klauspost/compress/.goreleaser.yml        |  123 -
 vendor/github.com/klauspost/compress/LICENSE  |  304 -
 .../github.com/klauspost/compress/README.md   |  721 --
 .../github.com/klauspost/compress/SECURITY.md |   25 -
 .../klauspost/compress/compressible.go        |   85 -
 .../klauspost/compress/fse/README.md          |   79 -
 .../klauspost/compress/fse/bitreader.go       |  122 -
 .../klauspost/compress/fse/bitwriter.go       |  167 -
 .../klauspost/compress/fse/bytereader.go      |   47 -
 .../klauspost/compress/fse/compress.go        |  683 --
 .../klauspost/compress/fse/decompress.go      |  376 -
 .../github.com/klauspost/compress/fse/fse.go  |  144 -
 vendor/github.com/klauspost/compress/gen.sh   |    4 -
 .../klauspost/compress/huff0/.gitignore       |    1 -
 .../klauspost/compress/huff0/README.md        |   89 -
 .../klauspost/compress/huff0/bitreader.go     |  229 -
 .../klauspost/compress/huff0/bitwriter.go     |  102 -
 .../klauspost/compress/huff0/compress.go      |  742 --
 .../klauspost/compress/huff0/decompress.go    | 1167 ---
 .../compress/huff0/decompress_amd64.go        |  226 -
 .../compress/huff0/decompress_amd64.s         |  830 --
 .../compress/huff0/decompress_generic.go      |  299 -
 .../klauspost/compress/huff0/huff0.go         |  337 -
 .../compress/internal/cpuinfo/cpuinfo.go      |   34 -
 .../internal/cpuinfo/cpuinfo_amd64.go         |   11 -
 .../compress/internal/cpuinfo/cpuinfo_amd64.s |   36 -
 .../compress/internal/snapref/LICENSE         |   27 -
 .../compress/internal/snapref/decode.go       |  264 -
 .../compress/internal/snapref/decode_other.go |  113 -
 .../compress/internal/snapref/encode.go       |  289 -
 .../compress/internal/snapref/encode_other.go |  250 -
 .../compress/internal/snapref/snappy.go       |   98 -
 vendor/github.com/klauspost/compress/s2sx.mod |    4 -
 vendor/github.com/klauspost/compress/s2sx.sum |    0
 .../klauspost/compress/zstd/README.md         |  441 -
 .../klauspost/compress/zstd/bitreader.go      |  136 -
 .../klauspost/compress/zstd/bitwriter.go      |  112 -
 .../klauspost/compress/zstd/blockdec.go       |  731 --
 .../klauspost/compress/zstd/blockenc.go       |  909 --
 .../compress/zstd/blocktype_string.go         |   85 -
 .../klauspost/compress/zstd/bytebuf.go        |  131 -
 .../klauspost/compress/zstd/bytereader.go     |   82 -
 .../klauspost/compress/zstd/decodeheader.go   |  261 -
 .../klauspost/compress/zstd/decoder.go        |  948 --
 .../compress/zstd/decoder_options.go          |  169 -
 .../klauspost/compress/zstd/dict.go           |  565 -
 .../klauspost/compress/zstd/enc_base.go       |  173 -
 .../klauspost/compress/zstd/enc_best.go       |  560 -
 .../klauspost/compress/zstd/enc_better.go     | 1252 ---
 .../klauspost/compress/zstd/enc_dfast.go      | 1123 --
 .../klauspost/compress/zstd/enc_fast.go       |  891 --
 .../klauspost/compress/zstd/encoder.go        |  642 --
 .../compress/zstd/encoder_options.go          |  339 -
 .../klauspost/compress/zstd/framedec.go       |  415 -
 .../klauspost/compress/zstd/frameenc.go       |  137 -
 .../klauspost/compress/zstd/fse_decoder.go    |  307 -
 .../compress/zstd/fse_decoder_amd64.go        |   65 -
 .../compress/zstd/fse_decoder_amd64.s         |  126 -
 .../compress/zstd/fse_decoder_generic.go      |   73 -
 .../klauspost/compress/zstd/fse_encoder.go    |  701 --
 .../klauspost/compress/zstd/fse_predefined.go |  158 -
 .../klauspost/compress/zstd/hash.go           |   35 -
 .../klauspost/compress/zstd/history.go        |  116 -
 .../compress/zstd/internal/xxhash/LICENSE.txt |   22 -
 .../compress/zstd/internal/xxhash/README.md   |   71 -
 .../compress/zstd/internal/xxhash/xxhash.go   |  230 -
 .../zstd/internal/xxhash/xxhash_amd64.s       |  210 -
 .../zstd/internal/xxhash/xxhash_arm64.s       |  184 -
 .../zstd/internal/xxhash/xxhash_asm.go        |   16 -
 .../zstd/internal/xxhash/xxhash_other.go      |   76 -
 .../zstd/internal/xxhash/xxhash_safe.go       |   11 -
 .../klauspost/compress/zstd/matchlen_amd64.go |   16 -
 .../klauspost/compress/zstd/matchlen_amd64.s  |   66 -
 .../compress/zstd/matchlen_generic.go         |   33 -
 .../klauspost/compress/zstd/seqdec.go         |  503 -
 .../klauspost/compress/zstd/seqdec_amd64.go   |  394 -
 .../klauspost/compress/zstd/seqdec_amd64.s    | 4151 --------
 .../klauspost/compress/zstd/seqdec_generic.go |  237 -
 .../klauspost/compress/zstd/seqenc.go         |  114 -
 .../klauspost/compress/zstd/snappy.go         |  434 -
 .../github.com/klauspost/compress/zstd/zip.go |  141 -
 .../klauspost/compress/zstd/zstd.go           |  125 -
 .../mattn/go-sqlite3/sqlite3-binding.c        | 9075 +++++++----------
 .../mattn/go-sqlite3/sqlite3-binding.h        |  116 +-
 vendor/github.com/mattn/go-sqlite3/sqlite3.go |    2 +-
 .../mattn/go-sqlite3/sqlite3_libsqlite3.go    |    1 -
 .../mattn/go-sqlite3/sqlite3_opt_userauth.go  |    2 +-
 vendor/github.com/munnerz/goautoneg/LICENSE   |   31 -
 vendor/github.com/munnerz/goautoneg/Makefile  |   13 -
 .../prometheus/client_golang/NOTICE           |    5 +
 .../internal/github.com/golang/gddo/LICENSE   |   27 -
 .../golang/gddo/httputil/header/header.go     |  145 -
 .../golang/gddo/httputil/negotiate.go         |   36 -
 .../client_golang/prometheus/go_collector.go  |   55 +-
 .../prometheus/go_collector_latest.go         |   19 +-
 .../client_golang/prometheus/histogram.go     |  268 +-
 .../internal/go_collector_options.go          |    2 -
 .../client_golang/prometheus/metric.go        |    2 +-
 .../prometheus/process_collector.go           |   29 +-
 .../prometheus/process_collector_other.go     |   14 -
 .../prometheus/promhttp/delegator.go          |    6 -
 .../client_golang/prometheus/promhttp/http.go |  113 +-
 .../client_golang/prometheus/registry.go      |   17 +-
 .../client_golang/prometheus/summary.go       |   42 -
 .../client_golang/prometheus/vec.go           |    2 +-
 .../prometheus/client_model/go/metrics.pb.go  |  195 +-
 .../prometheus/common/expfmt/decode.go        |    6 +-
 .../prometheus/common/expfmt/encode.go        |   13 +-
 .../prometheus/common/expfmt/expfmt.go        |   22 +-
 .../common/expfmt/openmetrics_create.go       |  202 +-
 .../bitbucket.org/ww}/goautoneg/README.txt    |    0
 .../bitbucket.org/ww}/goautoneg/autoneg.go    |  127 +-
 .../prometheus/common/model/alert.go          |   27 +-
 .../prometheus/common/model/labelset.go       |   11 +
 .../common/model/labelset_string.go           |   45 -
 .../common/model/labelset_string_go120.go     |   39 -
 .../prometheus/common/model/metric.go         |    1 -
 .../prometheus/procfs/.golangci.yml           |    7 -
 .../prometheus/procfs/MAINTAINERS.md          |    3 +-
 .../prometheus/procfs/Makefile.common         |   26 +-
 vendor/github.com/prometheus/procfs/arp.go    |    6 +-
 .../github.com/prometheus/procfs/buddyinfo.go |    6 +-
 .../github.com/prometheus/procfs/cpuinfo.go   |    4 +-
 vendor/github.com/prometheus/procfs/crypto.go |    6 +-
 .../github.com/prometheus/procfs/fscache.go   |    4 +-
 vendor/github.com/prometheus/procfs/ipvs.go   |    6 +-
 .../github.com/prometheus/procfs/loadavg.go   |    2 +-
 vendor/github.com/prometheus/procfs/mdstat.go |   60 +-
 .../github.com/prometheus/procfs/meminfo.go   |  220 +-
 .../github.com/prometheus/procfs/mountinfo.go |    2 +-
 .../prometheus/procfs/mountstats.go           |   11 +-
 .../prometheus/procfs/net_conntrackstat.go    |    4 +-
 .../prometheus/procfs/net_ip_socket.go        |   46 +-
 .../prometheus/procfs/net_sockstat.go         |    4 +-
 .../prometheus/procfs/net_softnet.go          |    2 +-
 .../prometheus/procfs/net_tls_stat.go         |  119 -
 .../github.com/prometheus/procfs/net_unix.go  |   14 +-
 .../prometheus/procfs/net_wireless.go         |   22 +-
 vendor/github.com/prometheus/procfs/proc.go   |    8 +-
 .../prometheus/procfs/proc_limits.go          |    2 +-
 .../github.com/prometheus/procfs/proc_ns.go   |    4 +-
 .../github.com/prometheus/procfs/proc_psi.go  |    2 +-
 .../prometheus/procfs/proc_smaps.go           |    2 +-
 .../github.com/prometheus/procfs/proc_stat.go |    7 -
 .../prometheus/procfs/proc_status.go          |   29 +-
 .../github.com/prometheus/procfs/proc_sys.go  |    2 +-
 .../github.com/prometheus/procfs/softirqs.go  |   22 +-
 vendor/github.com/prometheus/procfs/stat.go   |   22 +-
 vendor/github.com/prometheus/procfs/swaps.go  |    6 +-
 vendor/github.com/prometheus/procfs/thread.go |    2 +-
 .../github.com/prometheus/procfs/zoneinfo.go  |    4 +-
 vendor/golang.org/x/crypto/LICENSE            |    4 +-
 vendor/golang.org/x/crypto/blowfish/cipher.go |    2 +-
 .../x/crypto/chacha20/chacha_noasm.go         |    2 +-
 .../{chacha_ppc64x.go => chacha_ppc64le.go}   |    2 +-
 .../{chacha_ppc64x.s => chacha_ppc64le.s}     |  216 +-
 .../x/crypto/cryptobyte/asn1/asn1.go          |    2 +-
 .../golang.org/x/crypto/cryptobyte/string.go  |    2 +-
 .../x/crypto/curve25519/curve25519.go         |   39 +-
 .../x/crypto/curve25519/curve25519_compat.go  |  105 +
 .../x/crypto/curve25519/curve25519_go120.go   |   46 +
 .../x/crypto/curve25519/internal/field/README |    7 +
 .../x/crypto/curve25519/internal/field/fe.go  |  416 +
 .../curve25519/internal/field/fe_amd64.go     |   15 +
 .../curve25519/internal/field/fe_amd64.s      |  378 +
 .../internal/field/fe_amd64_noasm.go          |   11 +
 .../curve25519/internal/field/fe_arm64.go     |   15 +
 .../curve25519/internal/field/fe_arm64.s      |   42 +
 .../internal/field/fe_arm64_noasm.go          |   11 +
 .../curve25519/internal/field/fe_generic.go   |  264 +
 .../curve25519/internal/field/sync.checkpoint |    1 +
 .../crypto/curve25519/internal/field/sync.sh  |   19 +
 vendor/golang.org/x/crypto/ed25519/ed25519.go |    4 +-
 .../x/crypto/internal/poly1305/mac_noasm.go   |    2 +-
 .../x/crypto/internal/poly1305/sum_amd64.s    |  133 +-
 .../{sum_ppc64x.go => sum_ppc64le.go}         |    2 +-
 .../poly1305/{sum_ppc64x.s => sum_ppc64le.s}  |   30 +-
 vendor/golang.org/x/crypto/ocsp/ocsp.go       |    2 +-
 vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go   |    2 +-
 vendor/golang.org/x/crypto/pkcs12/crypto.go   |    2 +-
 vendor/golang.org/x/crypto/scrypt/scrypt.go   |    2 +-
 vendor/golang.org/x/crypto/ssh/client_auth.go |   23 +-
 vendor/golang.org/x/crypto/ssh/doc.go         |    2 +-
 vendor/golang.org/x/crypto/ssh/keys.go        |   52 +-
 vendor/golang.org/x/crypto/ssh/server.go      |  219 +-
 vendor/golang.org/x/net/LICENSE               |    4 +-
 vendor/golang.org/x/sys/LICENSE               |    4 +-
 .../golang.org/x/sys/cpu/asm_darwin_x86_gc.s  |   17 -
 vendor/golang.org/x/sys/cpu/cpu.go            |   22 -
 vendor/golang.org/x/sys/cpu/cpu_arm64.go      |   22 -
 vendor/golang.org/x/sys/cpu/cpu_arm64.s       |    8 -
 vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go |   61 -
 vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go   |    1 -
 vendor/golang.org/x/sys/cpu/cpu_gc_x86.go     |    4 +-
 vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go  |    6 +
 .../golang.org/x/sys/cpu/cpu_linux_arm64.go   |    9 -
 .../golang.org/x/sys/cpu/cpu_linux_noinit.go  |    2 +-
 .../golang.org/x/sys/cpu/cpu_linux_riscv64.go |  137 -
 vendor/golang.org/x/sys/cpu/cpu_other_x86.go  |   11 -
 vendor/golang.org/x/sys/cpu/cpu_riscv64.go    |   11 +-
 vendor/golang.org/x/sys/cpu/cpu_x86.go        |    6 +-
 .../x/sys/cpu/{cpu_gc_x86.s => cpu_x86.s}     |    2 +-
 .../x/sys/cpu/syscall_darwin_x86_gc.go        |   98 -
 vendor/golang.org/x/sys/unix/README.md        |    2 +-
 vendor/golang.org/x/sys/unix/asm_zos_s390x.s  |  665 +-
 vendor/golang.org/x/sys/unix/bpxsvc_zos.go    |  657 --
 vendor/golang.org/x/sys/unix/bpxsvc_zos.s     |  192 -
 vendor/golang.org/x/sys/unix/epoll_zos.go     |  220 +
 vendor/golang.org/x/sys/unix/fstatfs_zos.go   |  163 +
 vendor/golang.org/x/sys/unix/ioctl_linux.go   |   96 -
 vendor/golang.org/x/sys/unix/mkerrors.sh      |   20 +-
 vendor/golang.org/x/sys/unix/mmap_nomremap.go |    2 +-
 vendor/golang.org/x/sys/unix/mremap.go        |    5 -
 vendor/golang.org/x/sys/unix/pagesize_unix.go |    2 +-
 .../x/sys/unix/readdirent_getdirentries.go    |    2 +-
 vendor/golang.org/x/sys/unix/sockcmsg_zos.go  |   58 -
 .../golang.org/x/sys/unix/symaddr_zos_s390x.s |   75 -
 vendor/golang.org/x/sys/unix/syscall_aix.go   |    2 +-
 .../golang.org/x/sys/unix/syscall_darwin.go   |   61 -
 .../x/sys/unix/syscall_dragonfly.go           |   12 -
 vendor/golang.org/x/sys/unix/syscall_hurd.go  |    1 -
 vendor/golang.org/x/sys/unix/syscall_linux.go |   65 +-
 .../x/sys/unix/syscall_linux_arm64.go         |    2 -
 .../x/sys/unix/syscall_linux_loong64.go       |    2 -
 .../x/sys/unix/syscall_linux_riscv64.go       |    2 -
 .../golang.org/x/sys/unix/syscall_openbsd.go  |    1 -
 vendor/golang.org/x/sys/unix/syscall_unix.go  |    9 -
 .../x/sys/unix/syscall_zos_s390x.go           | 1605 +--
 vendor/golang.org/x/sys/unix/sysvshm_unix.go  |    2 +-
 .../x/sys/unix/sysvshm_unix_other.go          |    2 +-
 .../golang.org/x/sys/unix/vgetrandom_linux.go |   13 -
 .../x/sys/unix/vgetrandom_unsupported.go      |   11 -
 .../x/sys/unix/zerrors_darwin_amd64.go        |   12 -
 .../x/sys/unix/zerrors_darwin_arm64.go        |   12 -
 vendor/golang.org/x/sys/unix/zerrors_linux.go |  109 +-
 .../x/sys/unix/zerrors_linux_386.go           |   28 -
 .../x/sys/unix/zerrors_linux_amd64.go         |   28 -
 .../x/sys/unix/zerrors_linux_arm.go           |   27 -
 .../x/sys/unix/zerrors_linux_arm64.go         |   29 -
 .../x/sys/unix/zerrors_linux_loong64.go       |   27 -
 .../x/sys/unix/zerrors_linux_mips.go          |   27 -
 .../x/sys/unix/zerrors_linux_mips64.go        |   27 -
 .../x/sys/unix/zerrors_linux_mips64le.go      |   27 -
 .../x/sys/unix/zerrors_linux_mipsle.go        |   27 -
 .../x/sys/unix/zerrors_linux_ppc.go           |   27 -
 .../x/sys/unix/zerrors_linux_ppc64.go         |   27 -
 .../x/sys/unix/zerrors_linux_ppc64le.go       |   27 -
 .../x/sys/unix/zerrors_linux_riscv64.go       |   27 -
 .../x/sys/unix/zerrors_linux_s390x.go         |   27 -
 .../x/sys/unix/zerrors_linux_sparc64.go       |   27 -
 .../x/sys/unix/zerrors_zos_s390x.go           |  235 +-
 .../x/sys/unix/zsymaddr_zos_s390x.s           |  364 -
 .../x/sys/unix/zsyscall_darwin_amd64.go       |  101 -
 .../x/sys/unix/zsyscall_darwin_amd64.s        |   25 -
 .../x/sys/unix/zsyscall_darwin_arm64.go       |  101 -
 .../x/sys/unix/zsyscall_darwin_arm64.s        |   25 -
 .../golang.org/x/sys/unix/zsyscall_linux.go   |   43 +-
 .../x/sys/unix/zsyscall_openbsd_386.go        |   24 -
 .../x/sys/unix/zsyscall_openbsd_386.s         |    5 -
 .../x/sys/unix/zsyscall_openbsd_amd64.go      |   24 -
 .../x/sys/unix/zsyscall_openbsd_amd64.s       |    5 -
 .../x/sys/unix/zsyscall_openbsd_arm.go        |   24 -
 .../x/sys/unix/zsyscall_openbsd_arm.s         |    5 -
 .../x/sys/unix/zsyscall_openbsd_arm64.go      |   24 -
 .../x/sys/unix/zsyscall_openbsd_arm64.s       |    5 -
 .../x/sys/unix/zsyscall_openbsd_mips64.go     |   24 -
 .../x/sys/unix/zsyscall_openbsd_mips64.s      |    5 -
 .../x/sys/unix/zsyscall_openbsd_ppc64.go      |   24 -
 .../x/sys/unix/zsyscall_openbsd_ppc64.s       |    6 -
 .../x/sys/unix/zsyscall_openbsd_riscv64.go    |   24 -
 .../x/sys/unix/zsyscall_openbsd_riscv64.s     |    5 -
 .../x/sys/unix/zsyscall_zos_s390x.go          | 3111 +-----
 .../x/sys/unix/zsysnum_linux_386.go           |    6 -
 .../x/sys/unix/zsysnum_linux_amd64.go         |    7 -
 .../x/sys/unix/zsysnum_linux_arm.go           |    6 -
 .../x/sys/unix/zsysnum_linux_arm64.go         |    8 +-
 .../x/sys/unix/zsysnum_linux_loong64.go       |    8 -
 .../x/sys/unix/zsysnum_linux_mips.go          |    6 -
 .../x/sys/unix/zsysnum_linux_mips64.go        |    6 -
 .../x/sys/unix/zsysnum_linux_mips64le.go      |    6 -
 .../x/sys/unix/zsysnum_linux_mipsle.go        |    6 -
 .../x/sys/unix/zsysnum_linux_ppc.go           |    6 -
 .../x/sys/unix/zsysnum_linux_ppc64.go         |    6 -
 .../x/sys/unix/zsysnum_linux_ppc64le.go       |    6 -
 .../x/sys/unix/zsysnum_linux_riscv64.go       |    8 +-
 .../x/sys/unix/zsysnum_linux_s390x.go         |    6 -
 .../x/sys/unix/zsysnum_linux_sparc64.go       |    6 -
 .../x/sys/unix/zsysnum_zos_s390x.go           | 5507 +++++-----
 .../x/sys/unix/ztypes_darwin_amd64.go         |   73 -
 .../x/sys/unix/ztypes_darwin_arm64.go         |   73 -
 .../x/sys/unix/ztypes_freebsd_386.go          |    1 -
 .../x/sys/unix/ztypes_freebsd_amd64.go        |    1 -
 .../x/sys/unix/ztypes_freebsd_arm.go          |    1 -
 .../x/sys/unix/ztypes_freebsd_arm64.go        |    1 -
 .../x/sys/unix/ztypes_freebsd_riscv64.go      |    1 -
 vendor/golang.org/x/sys/unix/ztypes_linux.go  |  283 +-
 .../golang.org/x/sys/unix/ztypes_linux_386.go |    8 +
 .../x/sys/unix/ztypes_linux_amd64.go          |    9 +
 .../golang.org/x/sys/unix/ztypes_linux_arm.go |    9 +
 .../x/sys/unix/ztypes_linux_arm64.go          |    9 +
 .../x/sys/unix/ztypes_linux_loong64.go        |    9 +
 .../x/sys/unix/ztypes_linux_mips.go           |    9 +
 .../x/sys/unix/ztypes_linux_mips64.go         |    9 +
 .../x/sys/unix/ztypes_linux_mips64le.go       |    9 +
 .../x/sys/unix/ztypes_linux_mipsle.go         |    9 +
 .../golang.org/x/sys/unix/ztypes_linux_ppc.go |    9 +
 .../x/sys/unix/ztypes_linux_ppc64.go          |    9 +
 .../x/sys/unix/ztypes_linux_ppc64le.go        |    9 +
 .../x/sys/unix/ztypes_linux_riscv64.go        |   42 +-
 .../x/sys/unix/ztypes_linux_s390x.go          |    9 +
 .../x/sys/unix/ztypes_linux_sparc64.go        |    9 +
 .../golang.org/x/sys/unix/ztypes_zos_s390x.go |  152 +-
 vendor/golang.org/x/sys/windows/aliases.go    |    2 +-
 .../golang.org/x/sys/windows/dll_windows.go   |   13 +-
 vendor/golang.org/x/sys/windows/empty.s       |    8 +
 .../x/sys/windows/security_windows.go         |   25 +-
 .../x/sys/windows/syscall_windows.go          |  134 +-
 .../golang.org/x/sys/windows/types_windows.go |  223 +-
 .../x/sys/windows/zsyscall_windows.go         |  286 +-
 vendor/golang.org/x/text/LICENSE              |    4 +-
 .../protobuf/encoding/prototext/decode.go     |    4 +-
 .../protobuf/encoding/prototext/encode.go     |   20 +-
 .../protobuf/internal/descfmt/stringer.go     |    1 -
 .../protobuf/internal/descopts/options.go     |   20 +-
 .../editiondefaults/editions_defaults.binpb   |  Bin 138 -> 63 bytes
 .../protobuf/internal/encoding/tag/tag.go     |    4 +-
 .../protobuf/internal/encoding/text/decode.go |    2 +-
 .../protobuf/internal/errors/errors.go        |   21 +-
 .../protobuf/internal/errors/is_go112.go      |   40 +
 .../protobuf/internal/errors/is_go113.go      |   13 +
 .../protobuf/internal/filedesc/desc.go        |  110 +-
 .../protobuf/internal/filedesc/desc_init.go   |   45 +-
 .../protobuf/internal/filedesc/desc_lazy.go   |   51 +-
 .../internal/filedesc/desc_list_gen.go        |   11 -
 .../protobuf/internal/filedesc/editions.go    |   32 +-
 .../protobuf/internal/filedesc/placeholder.go |    1 -
 .../protobuf/internal/filetype/build.go       |    4 +-
 .../protobuf/internal/genid/descriptor_gen.go |   49 +-
 .../protobuf/internal/genid/doc.go            |    2 +-
 .../internal/genid/go_features_gen.go         |   51 +-
 .../protobuf/internal/genid/map_entry.go      |    2 +-
 .../protobuf/internal/genid/name.go           |   12 -
 .../protobuf/internal/genid/wrappers.go       |    2 +-
 .../protobuf/internal/impl/api_export.go      |    6 +-
 .../internal/impl/api_export_opaque.go        |  128 -
 .../protobuf/internal/impl/bitmap.go          |   34 -
 .../protobuf/internal/impl/bitmap_race.go     |  126 -
 .../protobuf/internal/impl/checkinit.go       |   35 +-
 .../protobuf/internal/impl/codec_extension.go |   33 +-
 .../protobuf/internal/impl/codec_field.go     |   67 +-
 .../internal/impl/codec_field_opaque.go       |  264 -
 .../protobuf/internal/impl/codec_map.go       |   15 +-
 .../protobuf/internal/impl/codec_message.go   |   16 -
 .../internal/impl/codec_message_opaque.go     |  156 -
 .../internal/impl/codec_messageset.go         |   22 -
 .../protobuf/internal/impl/codec_reflect.go   |  210 +
 .../protobuf/internal/impl/codec_unsafe.go    |    3 +
 .../protobuf/internal/impl/convert.go         |    4 +-
 .../protobuf/internal/impl/convert_list.go    |    2 +-
 .../protobuf/internal/impl/convert_map.go     |    2 +-
 .../protobuf/internal/impl/decode.go          |   56 +-
 .../protobuf/internal/impl/encode.go          |  128 +-
 .../protobuf/internal/impl/equal.go           |  224 -
 .../protobuf/internal/impl/extension.go       |    8 +-
 .../protobuf/internal/impl/lazy.go            |  433 -
 .../protobuf/internal/impl/legacy_enum.go     |    3 +-
 .../internal/impl/legacy_extension.go         |    3 +-
 .../protobuf/internal/impl/legacy_file.go     |    4 +-
 .../protobuf/internal/impl/legacy_message.go  |   14 +-
 .../protobuf/internal/impl/merge.go           |   27 -
 .../protobuf/internal/impl/message.go         |   24 +-
 .../protobuf/internal/impl/message_opaque.go  |  632 --
 .../internal/impl/message_opaque_gen.go       |  132 -
 .../protobuf/internal/impl/message_reflect.go |   50 +-
 .../internal/impl/message_reflect_field.go    |   32 +-
 .../impl/message_reflect_field_gen.go         |  273 -
 .../internal/impl/message_reflect_gen.go      |  146 +-
 .../protobuf/internal/impl/pointer_reflect.go |  215 +
 .../protobuf/internal/impl/pointer_unsafe.go  |   16 +-
 .../internal/impl/pointer_unsafe_opaque.go    |   42 -
 .../protobuf/internal/impl/presence.go        |  142 -
 .../protobuf/internal/impl/validate.go        |   16 -
 .../protobuf/internal/order/range.go          |    4 +-
 .../internal/protolazy/bufferreader.go        |  364 -
 .../protobuf/internal/protolazy/lazy.go       |  359 -
 .../internal/protolazy/pointer_unsafe.go      |   17 -
 .../protobuf/internal/strs/strings_pure.go    |   28 +
 .../internal/strs/strings_unsafe_go120.go     |    3 +-
 .../internal/strs/strings_unsafe_go121.go     |    3 +-
 .../protobuf/internal/version/version.go      |    4 +-
 .../protobuf/proto/decode.go                  |   18 -
 .../protobuf/proto/encode.go                  |   47 +-
 .../google.golang.org/protobuf/proto/equal.go |    9 -
 .../protobuf/proto/extension.go               |   88 +-
 .../protobuf/proto/messageset.go              |    7 +-
 .../google.golang.org/protobuf/proto/size.go  |   10 -
 .../protobuf/proto/wrapperopaque.go           |   80 -
 .../protobuf/reflect/protoreflect/methods.go  |   10 -
 .../protobuf/reflect/protoreflect/proto.go    |    2 +-
 .../reflect/protoreflect/source_gen.go        |   21 -
 .../protobuf/reflect/protoreflect/type.go     |   12 +-
 .../protobuf/reflect/protoreflect/value.go    |    2 +-
 .../reflect/protoreflect/value_pure.go        |   60 +
 .../reflect/protoreflect/value_union.go       |   14 +-
 .../protoreflect/value_unsafe_go120.go        |    9 +-
 .../protoreflect/value_unsafe_go121.go        |   11 +-
 .../reflect/protoregistry/registry.go         |   14 +-
 .../protobuf/runtime/protoiface/methods.go    |   34 -
 .../protobuf/runtime/protoimpl/impl.go        |    4 -
 .../types/known/timestamppb/timestamp.pb.go   |   35 +-
 vendor/k8s.io/klog/v2/klog.go                 |   76 +-
 vendor/modules.txt                            |   57 +-
 444 files changed, 11116 insertions(+), 51766 deletions(-)
 delete mode 100644 vendor/github.com/google/certificate-transparency-go/cloudbuild_postgresql.yaml
 delete mode 100644 vendor/github.com/klauspost/compress/.gitattributes
 delete mode 100644 vendor/github.com/klauspost/compress/.gitignore
 delete mode 100644 vendor/github.com/klauspost/compress/.goreleaser.yml
 delete mode 100644 vendor/github.com/klauspost/compress/LICENSE
 delete mode 100644 vendor/github.com/klauspost/compress/README.md
 delete mode 100644 vendor/github.com/klauspost/compress/SECURITY.md
 delete mode 100644 vendor/github.com/klauspost/compress/compressible.go
 delete mode 100644 vendor/github.com/klauspost/compress/fse/README.md
 delete mode 100644 vendor/github.com/klauspost/compress/fse/bitreader.go
 delete mode 100644 vendor/github.com/klauspost/compress/fse/bitwriter.go
 delete mode 100644 vendor/github.com/klauspost/compress/fse/bytereader.go
 delete mode 100644 vendor/github.com/klauspost/compress/fse/compress.go
 delete mode 100644 vendor/github.com/klauspost/compress/fse/decompress.go
 delete mode 100644 vendor/github.com/klauspost/compress/fse/fse.go
 delete mode 100644 vendor/github.com/klauspost/compress/gen.sh
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/.gitignore
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/README.md
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/bitreader.go
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/bitwriter.go
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/compress.go
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/decompress.go
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/decompress_amd64.go
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/decompress_amd64.s
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/decompress_generic.go
 delete mode 100644 vendor/github.com/klauspost/compress/huff0/huff0.go
 delete mode 100644 vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo.go
 delete mode 100644 vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.go
 delete mode 100644 vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.s
 delete mode 100644 vendor/github.com/klauspost/compress/internal/snapref/LICENSE
 delete mode 100644 vendor/github.com/klauspost/compress/internal/snapref/decode.go
 delete mode 100644 vendor/github.com/klauspost/compress/internal/snapref/decode_other.go
 delete mode 100644 vendor/github.com/klauspost/compress/internal/snapref/encode.go
 delete mode 100644 vendor/github.com/klauspost/compress/internal/snapref/encode_other.go
 delete mode 100644 vendor/github.com/klauspost/compress/internal/snapref/snappy.go
 delete mode 100644 vendor/github.com/klauspost/compress/s2sx.mod
 delete mode 100644 vendor/github.com/klauspost/compress/s2sx.sum
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/README.md
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/bitreader.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/bitwriter.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/blockdec.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/blockenc.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/blocktype_string.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/bytebuf.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/bytereader.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/decodeheader.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/decoder.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/decoder_options.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/dict.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/enc_base.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/enc_best.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/enc_better.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/enc_dfast.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/enc_fast.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/encoder.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/encoder_options.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/framedec.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/frameenc.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/fse_decoder.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.s
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/fse_encoder.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/fse_predefined.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/hash.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/history.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/LICENSE.txt
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/README.md
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.s
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_safe.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/matchlen_amd64.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/matchlen_amd64.s
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/matchlen_generic.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/seqdec.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/seqdec_amd64.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/seqdec_generic.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/seqenc.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/snappy.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/zip.go
 delete mode 100644 vendor/github.com/klauspost/compress/zstd/zstd.go
 delete mode 100644 vendor/github.com/munnerz/goautoneg/LICENSE
 delete mode 100644 vendor/github.com/munnerz/goautoneg/Makefile
 delete mode 100644 vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/LICENSE
 delete mode 100644 vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header/header.go
 delete mode 100644 vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/negotiate.go
 rename vendor/github.com/{munnerz => prometheus/common/internal/bitbucket.org/ww}/goautoneg/README.txt (100%)
 rename vendor/github.com/{munnerz => prometheus/common/internal/bitbucket.org/ww}/goautoneg/autoneg.go (52%)
 delete mode 100644 vendor/github.com/prometheus/common/model/labelset_string.go
 delete mode 100644 vendor/github.com/prometheus/common/model/labelset_string_go120.go
 delete mode 100644 vendor/github.com/prometheus/procfs/net_tls_stat.go
 rename vendor/golang.org/x/crypto/chacha20/{chacha_ppc64x.go => chacha_ppc64le.go} (89%)
 rename vendor/golang.org/x/crypto/chacha20/{chacha_ppc64x.s => chacha_ppc64le.s} (66%)
 create mode 100644 vendor/golang.org/x/crypto/curve25519/curve25519_compat.go
 create mode 100644 vendor/golang.org/x/crypto/curve25519/curve25519_go120.go
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/README
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe.go
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/sync.checkpoint
 create mode 100644 vendor/golang.org/x/crypto/curve25519/internal/field/sync.sh
 rename vendor/golang.org/x/crypto/internal/poly1305/{sum_ppc64x.go => sum_ppc64le.go} (95%)
 rename vendor/golang.org/x/crypto/internal/poly1305/{sum_ppc64x.s => sum_ppc64le.s} (89%)
 delete mode 100644 vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s
 delete mode 100644 vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go
 delete mode 100644 vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.go
 delete mode 100644 vendor/golang.org/x/sys/cpu/cpu_other_x86.go
 rename vendor/golang.org/x/sys/cpu/{cpu_gc_x86.s => cpu_x86.s} (94%)
 delete mode 100644 vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go
 delete mode 100644 vendor/golang.org/x/sys/unix/bpxsvc_zos.go
 delete mode 100644 vendor/golang.org/x/sys/unix/bpxsvc_zos.s
 create mode 100644 vendor/golang.org/x/sys/unix/epoll_zos.go
 create mode 100644 vendor/golang.org/x/sys/unix/fstatfs_zos.go
 delete mode 100644 vendor/golang.org/x/sys/unix/sockcmsg_zos.go
 delete mode 100644 vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s
 delete mode 100644 vendor/golang.org/x/sys/unix/vgetrandom_linux.go
 delete mode 100644 vendor/golang.org/x/sys/unix/vgetrandom_unsupported.go
 delete mode 100644 vendor/golang.org/x/sys/unix/zsymaddr_zos_s390x.s
 create mode 100644 vendor/golang.org/x/sys/windows/empty.s
 create mode 100644 vendor/google.golang.org/protobuf/internal/errors/is_go112.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/errors/is_go113.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/genid/name.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/api_export_opaque.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/bitmap.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/bitmap_race.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/codec_field_opaque.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/codec_message_opaque.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/codec_reflect.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/equal.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/lazy.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/message_opaque.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/message_opaque_gen.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/message_reflect_field_gen.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe_opaque.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/impl/presence.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/protolazy/bufferreader.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/protolazy/lazy.go
 delete mode 100644 vendor/google.golang.org/protobuf/internal/protolazy/pointer_unsafe.go
 create mode 100644 vendor/google.golang.org/protobuf/internal/strs/strings_pure.go
 delete mode 100644 vendor/google.golang.org/protobuf/proto/wrapperopaque.go
 create mode 100644 vendor/google.golang.org/protobuf/reflect/protoreflect/value_pure.go

diff --git a/go.mod b/go.mod
index d057c74fc..db76ddb5f 100644
--- a/go.mod
+++ b/go.mod
@@ -1,42 +1,41 @@
 module github.com/cloudflare/cfssl
 
-go 1.23
+go 1.18
 
 require (
 	bitbucket.org/liamstask/goose v0.0.0-20150115234039-8488cc47d90c
 	github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a
 	github.com/cloudflare/redoctober v0.0.0-20211013234631-6a74ccc611f6
-	github.com/go-sql-driver/mysql v1.8.1
-	github.com/google/certificate-transparency-go v1.3.1
+	github.com/go-sql-driver/mysql v1.8.0
+	github.com/google/certificate-transparency-go v1.1.8
 	github.com/jmhodges/clock v1.2.0
 	github.com/jmoiron/sqlx v1.3.5
 	github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 	github.com/lib/pq v1.10.9
-	github.com/mattn/go-sqlite3 v1.14.24
-	github.com/prometheus/client_golang v1.20.5
+	github.com/mattn/go-sqlite3 v1.14.22
+	github.com/prometheus/client_golang v1.19.0
 	github.com/zmap/zcrypto v0.0.0-20230310154051-c8b263fd8300
 	github.com/zmap/zlint/v3 v3.5.0
-	golang.org/x/crypto v0.32.0
+	golang.org/x/crypto v0.21.0
 )
 
 require (
 	filippo.io/edwards25519 v1.1.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/getsentry/sentry-go v0.11.0 // indirect
-	github.com/go-logr/logr v1.4.2 // indirect
-	github.com/klauspost/compress v1.17.11 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
 	github.com/kylelemons/go-gypsy v1.0.0 // indirect
-	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pelletier/go-toml v1.9.3 // indirect
-	github.com/prometheus/client_model v0.6.1 // indirect
-	github.com/prometheus/common v0.55.0 // indirect
-	github.com/prometheus/procfs v0.15.1 // indirect
+	github.com/prometheus/client_model v0.5.0 // indirect
+	github.com/prometheus/common v0.48.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
+	github.com/stretchr/testify v1.8.4 // indirect
 	github.com/weppos/publicsuffix-go v0.30.0 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
-	golang.org/x/net v0.34.0 // indirect
-	golang.org/x/sys v0.29.0 // indirect
-	golang.org/x/text v0.21.0 // indirect
-	google.golang.org/protobuf v1.36.2 // indirect
-	k8s.io/klog/v2 v2.130.1 // indirect
+	golang.org/x/net v0.22.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	google.golang.org/protobuf v1.33.0 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
 )
diff --git a/go.sum b/go.sum
index 0effeeffd..40b8a5a3c 100644
--- a/go.sum
+++ b/go.sum
@@ -57,8 +57,8 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/cespare/xxhash/v2 v2.1.2/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
-github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
+github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
+github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
 github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
 github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
@@ -107,12 +107,12 @@ github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vb
 github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
 github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
 github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
-github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
-github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
+github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
-github.com/go-sql-driver/mysql v1.8.1 h1:LedoTUt/eveggdHS9qUFC1EFSa8bU2+1pZjSRpvNJ1Y=
-github.com/go-sql-driver/mysql v1.8.1/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
+github.com/go-sql-driver/mysql v1.8.0 h1:UtktXaU2Nb64z/pLiGIxY4431SJ4/dR5cjMmlVHgnT4=
+github.com/go-sql-driver/mysql v1.8.0/go.mod h1:wEBSXgmK//2ZFJyE+qWnIsVGmvmEKlqwuVSjsCm7DZg=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo=
 github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw=
@@ -148,8 +148,8 @@ github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu
 github.com/gomodule/redigo v1.7.1-0.20190724094224-574c33c3df38/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
 github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
 github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/certificate-transparency-go v1.3.1 h1:akbcTfQg0iZlANZLn0L9xOeWtyCIdeoYhKrqi5iH3Go=
-github.com/google/certificate-transparency-go v1.3.1/go.mod h1:gg+UQlx6caKEDQ9EElFOujyxEQEfOiQzAt6782Bvi8k=
+github.com/google/certificate-transparency-go v1.1.8 h1:LGYKkgZF7satzgTak9R4yzfJXEeYVAjV6/EAEJOf1to=
+github.com/google/certificate-transparency-go v1.1.8/go.mod h1:bV/o8r0TBKRf1X//iiiSgWrvII4d7/8OiA+3vG26gI8=
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
 github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
@@ -160,7 +160,6 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ=
 github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -216,23 +215,17 @@ github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46 h1:veS9QfglfvqAw
 github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46/go.mod h1:yyMNCyc/Ib3bDTKd379tNMpB/7/H5TjM2Y9QJ5THLbE=
 github.com/klauspost/compress v1.8.2/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
 github.com/klauspost/compress v1.9.7/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
-github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc=
-github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0=
 github.com/klauspost/cpuid v1.2.1/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
-github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
-github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/kylelemons/go-gypsy v1.0.0 h1:7/wQ7A3UL1bnqRMnZ6T8cwCOArfZCxFmb1iTxaOOo1s=
 github.com/kylelemons/go-gypsy v1.0.0/go.mod h1:chkXM0zjdpXOiqkCW1XcCHDfjfk14PH2KKkQWxfJUcU=
-github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
-github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/labstack/echo/v4 v4.1.11/go.mod h1:i541M3Fj6f76NZtHSj7TXnyM8n2gaodfvfxNnFqi74g=
 github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
@@ -244,8 +237,8 @@ github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hd
 github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
 github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
 github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
-github.com/mattn/go-sqlite3 v1.14.24 h1:tpSp2G2KyMnnQu99ngJ47EIkWVmliIizyZBfPrBWDRM=
-github.com/mattn/go-sqlite3 v1.14.24/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
+github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
+github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw=
 github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
 github.com/mediocregopher/radix/v3 v3.4.2/go.mod h1:8FL3F6UQRXHXIBSPUs5h0RybMF8i4n7wVopoX3x7Bv8=
@@ -259,8 +252,6 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb
 github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ=
 github.com/mreiferson/go-httpclient v0.0.0-20160630210159-31f0106b4474/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8=
 github.com/mreiferson/go-httpclient v0.0.0-20201222173833-5e475fde3a4d/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8=
-github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
-github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg=
@@ -286,30 +277,29 @@ github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXP
 github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
 github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M=
 github.com/prometheus/client_golang v1.11.0/go.mod h1:Z6t4BnS23TR94PD6BsDNk8yVqroYurpAkEiz0P2BEV0=
-github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y=
-github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE=
+github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU=
+github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k=
 github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
 github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
 github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
-github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
+github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
+github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
 github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
 github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo=
 github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc=
 github.com/prometheus/common v0.31.1/go.mod h1:vu+V0TpY+O6vW9J44gczi3Ap/oXXR10b+M/gUGO4Hls=
-github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc=
-github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8=
+github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE=
+github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc=
 github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
 github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
 github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU=
 github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
 github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
-github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
-github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
+github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
+github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
 github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
-github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
 github.com/schollz/closestmatch v2.1.0+incompatible/go.mod h1:RtP1ddjLong6gTkbtmuhtR2uUrrJOpYzYRvbcPAid+g=
@@ -335,8 +325,8 @@ github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXf
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc=
 github.com/ugorji/go v1.1.7/go.mod h1:kZn38zHttfInRq0xu/PH0az30d+z6vm202qpg1oXVMw=
 github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
@@ -394,8 +384,8 @@ golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWP
 golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc=
-golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -468,8 +458,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug
 golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
-golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
-golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
+golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
+golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -537,15 +527,14 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
-golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
-golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg=
-golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
+golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -556,8 +545,8 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
-golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -686,14 +675,13 @@ google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlba
 google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.27.1/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
-google.golang.org/protobuf v1.36.2 h1:R8FeyR1/eLmkutZOM5CWghmo5itiG9z0ktFlTVLuTmU=
-google.golang.org/protobuf v1.36.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
-gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
 gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
 gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE=
@@ -710,7 +698,6 @@ gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20191120175047-4206685974f2/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
-gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
@@ -718,8 +705,8 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
-k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
+k8s.io/klog/v2 v2.120.1 h1:QXU6cPEOIslTGvZaXvFWiP9VKyeet3sawzTOvdXb4Vw=
+k8s.io/klog/v2 v2.120.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
diff --git a/vendor/github.com/cespare/xxhash/v2/README.md b/vendor/github.com/cespare/xxhash/v2/README.md
index 33c88305c..8bf0e5b78 100644
--- a/vendor/github.com/cespare/xxhash/v2/README.md
+++ b/vendor/github.com/cespare/xxhash/v2/README.md
@@ -70,5 +70,3 @@ benchstat <(go test -benchtime 500ms -count 15 -bench 'Sum64$')
 - [VictoriaMetrics](https://github.com/VictoriaMetrics/VictoriaMetrics)
 - [FreeCache](https://github.com/coocood/freecache)
 - [FastCache](https://github.com/VictoriaMetrics/fastcache)
-- [Ristretto](https://github.com/dgraph-io/ristretto)
-- [Badger](https://github.com/dgraph-io/badger)
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash.go b/vendor/github.com/cespare/xxhash/v2/xxhash.go
index 78bddf1ce..a9e0d45c9 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash.go
@@ -19,13 +19,10 @@ const (
 // Store the primes in an array as well.
 //
 // The consts are used when possible in Go code to avoid MOVs but we need a
-// contiguous array for the assembly code.
+// contiguous array of the assembly code.
 var primes = [...]uint64{prime1, prime2, prime3, prime4, prime5}
 
 // Digest implements hash.Hash64.
-//
-// Note that a zero-valued Digest is not ready to receive writes.
-// Call Reset or create a Digest using New before calling other methods.
 type Digest struct {
 	v1    uint64
 	v2    uint64
@@ -36,31 +33,19 @@ type Digest struct {
 	n     int // how much of mem is used
 }
 
-// New creates a new Digest with a zero seed.
+// New creates a new Digest that computes the 64-bit xxHash algorithm.
 func New() *Digest {
-	return NewWithSeed(0)
-}
-
-// NewWithSeed creates a new Digest with the given seed.
-func NewWithSeed(seed uint64) *Digest {
 	var d Digest
-	d.ResetWithSeed(seed)
+	d.Reset()
 	return &d
 }
 
 // Reset clears the Digest's state so that it can be reused.
-// It uses a seed value of zero.
 func (d *Digest) Reset() {
-	d.ResetWithSeed(0)
-}
-
-// ResetWithSeed clears the Digest's state so that it can be reused.
-// It uses the given seed to initialize the state.
-func (d *Digest) ResetWithSeed(seed uint64) {
-	d.v1 = seed + prime1 + prime2
-	d.v2 = seed + prime2
-	d.v3 = seed
-	d.v4 = seed - prime1
+	d.v1 = primes[0] + prime2
+	d.v2 = prime2
+	d.v3 = 0
+	d.v4 = -primes[0]
 	d.total = 0
 	d.n = 0
 }
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go b/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go
index 78f95f256..9216e0a40 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash_asm.go
@@ -6,7 +6,7 @@
 
 package xxhash
 
-// Sum64 computes the 64-bit xxHash digest of b with a zero seed.
+// Sum64 computes the 64-bit xxHash digest of b.
 //
 //go:noescape
 func Sum64(b []byte) uint64
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_other.go b/vendor/github.com/cespare/xxhash/v2/xxhash_other.go
index 118e49e81..26df13bba 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash_other.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash_other.go
@@ -3,7 +3,7 @@
 
 package xxhash
 
-// Sum64 computes the 64-bit xxHash digest of b with a zero seed.
+// Sum64 computes the 64-bit xxHash digest of b.
 func Sum64(b []byte) uint64 {
 	// A simpler version would be
 	//   d := New()
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go b/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go
index 05f5e7dfe..e86f1b5fd 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash_safe.go
@@ -5,7 +5,7 @@
 
 package xxhash
 
-// Sum64String computes the 64-bit xxHash digest of s with a zero seed.
+// Sum64String computes the 64-bit xxHash digest of s.
 func Sum64String(s string) uint64 {
 	return Sum64([]byte(s))
 }
diff --git a/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go b/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go
index cf9d42aed..1c1638fd8 100644
--- a/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go
+++ b/vendor/github.com/cespare/xxhash/v2/xxhash_unsafe.go
@@ -33,7 +33,7 @@ import (
 //
 // See https://github.com/golang/go/issues/42739 for discussion.
 
-// Sum64String computes the 64-bit xxHash digest of s with a zero seed.
+// Sum64String computes the 64-bit xxHash digest of s.
 // It may be faster than Sum64([]byte(s)) by avoiding a copy.
 func Sum64String(s string) uint64 {
 	b := *(*[]byte)(unsafe.Pointer(&sliceHeader{s, len(s)}))
diff --git a/vendor/github.com/go-logr/logr/README.md b/vendor/github.com/go-logr/logr/README.md
index 7c7f0c69c..8969526a6 100644
--- a/vendor/github.com/go-logr/logr/README.md
+++ b/vendor/github.com/go-logr/logr/README.md
@@ -1,7 +1,6 @@
 # A minimal logging API for Go
 
 [![Go Reference](https://pkg.go.dev/badge/github.com/go-logr/logr.svg)](https://pkg.go.dev/github.com/go-logr/logr)
-[![Go Report Card](https://goreportcard.com/badge/github.com/go-logr/logr)](https://goreportcard.com/report/github.com/go-logr/logr)
 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/go-logr/logr/badge)](https://securityscorecards.dev/viewer/?platform=github.com&org=go-logr&repo=logr)
 
 logr offers an(other) opinion on how Go programs and libraries can do logging
diff --git a/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md b/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md
index 0c9bd9b10..213215c8d 100644
--- a/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md
+++ b/vendor/github.com/go-sql-driver/mysql/CHANGELOG.md
@@ -1,45 +1,3 @@
-## Version 1.8.1 (2024-03-26)
-
-Bugfixes:
-
-- fix race condition when context is canceled in [#1562](https://github.com/go-sql-driver/mysql/pull/1562) and [#1570](https://github.com/go-sql-driver/mysql/pull/1570)
-
-## Version 1.8.0 (2024-03-09)
-
-Major Changes:
-
-- Use `SET NAMES charset COLLATE collation`. by @methane in [#1437](https://github.com/go-sql-driver/mysql/pull/1437)
-  - Older go-mysql-driver used `collation_id` in the handshake packet. But it caused collation mismatch in some situation.
-  - If you don't specify charset nor collation, go-mysql-driver sends `SET NAMES utf8mb4` for new connection. This uses server's default collation for utf8mb4.
-  - If you specify charset, go-mysql-driver sends `SET NAMES `. This uses the server's default collation for ``.
-  - If you specify collation and/or charset, go-mysql-driver sends `SET NAMES charset COLLATE collation`.
-- PathEscape dbname in DSN. by @methane in [#1432](https://github.com/go-sql-driver/mysql/pull/1432)
-  - This is backward incompatible in rare case. Check your DSN.
-- Drop Go 1.13-17 support by @methane in [#1420](https://github.com/go-sql-driver/mysql/pull/1420)
-  - Use Go 1.18+
-- Parse numbers on text protocol too by @methane in [#1452](https://github.com/go-sql-driver/mysql/pull/1452)
-  - When text protocol is used, go-mysql-driver passed bare `[]byte` to database/sql for avoid unnecessary allocation and conversion.
-  - If user specified `*any` to `Scan()`, database/sql passed the `[]byte` into the target variable.
-  - This confused users because most user doesn't know when text/binary protocol used.
-  - go-mysql-driver 1.8 converts integer/float values into int64/double even in text protocol. This doesn't increase allocation compared to `[]byte` and conversion cost is negatable.
-- New options start using the Functional Option Pattern to avoid increasing technical debt in the Config object. Future version may introduce Functional Option for existing options, but not for now.
-  - Make TimeTruncate functional option by @methane in [1552](https://github.com/go-sql-driver/mysql/pull/1552)
-  - Add BeforeConnect callback to configuration object by @ItalyPaleAle in [#1469](https://github.com/go-sql-driver/mysql/pull/1469)
-
-
-Other changes:
-
-- Adding DeregisterDialContext to prevent memory leaks with dialers we don't need anymore by @jypelle in https://github.com/go-sql-driver/mysql/pull/1422
-- Make logger configurable per connection by @frozenbonito in https://github.com/go-sql-driver/mysql/pull/1408
-- Fix ColumnType.DatabaseTypeName for mediumint unsigned by @evanelias in https://github.com/go-sql-driver/mysql/pull/1428
-- Add connection attributes by @Daemonxiao in https://github.com/go-sql-driver/mysql/pull/1389
-- Stop `ColumnTypeScanType()` from returning `sql.RawBytes` by @methane in https://github.com/go-sql-driver/mysql/pull/1424
-- Exec() now provides access to status of multiple statements. by @mherr-google in https://github.com/go-sql-driver/mysql/pull/1309
-- Allow to change (or disable) the default driver name for registration by @dolmen in https://github.com/go-sql-driver/mysql/pull/1499
-- Add default connection attribute '_server_host' by @oblitorum in https://github.com/go-sql-driver/mysql/pull/1506
-- QueryUnescape DSN ConnectionAttribute value by @zhangyangyu in https://github.com/go-sql-driver/mysql/pull/1470
-- Add client_ed25519 authentication by @Gusted in https://github.com/go-sql-driver/mysql/pull/1518
-
 ## Version 1.7.1 (2023-04-25)
 
 Changes:
diff --git a/vendor/github.com/go-sql-driver/mysql/README.md b/vendor/github.com/go-sql-driver/mysql/README.md
index 4968cb060..9d0d806ef 100644
--- a/vendor/github.com/go-sql-driver/mysql/README.md
+++ b/vendor/github.com/go-sql-driver/mysql/README.md
@@ -326,7 +326,7 @@ It's possible to access the last inserted ID and number of affected rows for mul
 
 ```go
 conn, _ := db.Conn(ctx)
-conn.Raw(func(conn any) error {
+conn.Raw(func(conn interface{}) error {
   ex := conn.(driver.Execer)
   res, err := ex.Exec(`
   UPDATE point SET x = 1 WHERE y = 2;
diff --git a/vendor/github.com/go-sql-driver/mysql/auth.go b/vendor/github.com/go-sql-driver/mysql/auth.go
index 74e1bd03e..658259b24 100644
--- a/vendor/github.com/go-sql-driver/mysql/auth.go
+++ b/vendor/github.com/go-sql-driver/mysql/auth.go
@@ -338,7 +338,7 @@ func (mc *mysqlConn) auth(authData []byte, plugin string) ([]byte, error) {
 		return authEd25519(authData, mc.cfg.Passwd)
 
 	default:
-		mc.log("unknown auth plugin:", plugin)
+		mc.cfg.Logger.Print("unknown auth plugin:", plugin)
 		return nil, ErrUnknownPlugin
 	}
 }
diff --git a/vendor/github.com/go-sql-driver/mysql/connection.go b/vendor/github.com/go-sql-driver/mysql/connection.go
index eff978d93..c170114fe 100644
--- a/vendor/github.com/go-sql-driver/mysql/connection.go
+++ b/vendor/github.com/go-sql-driver/mysql/connection.go
@@ -44,11 +44,6 @@ type mysqlConn struct {
 	closed   atomicBool  // set when conn is closed, before closech is closed
 }
 
-// Helper function to call per-connection logger.
-func (mc *mysqlConn) log(v ...any) {
-	mc.cfg.Logger.Print(v...)
-}
-
 // Handles parameters set in DSN after the connection is established
 func (mc *mysqlConn) handleParams() (err error) {
 	var cmdSet strings.Builder
@@ -114,7 +109,7 @@ func (mc *mysqlConn) Begin() (driver.Tx, error) {
 
 func (mc *mysqlConn) begin(readOnly bool) (driver.Tx, error) {
 	if mc.closed.Load() {
-		mc.log(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	var q string
@@ -137,7 +132,7 @@ func (mc *mysqlConn) Close() (err error) {
 	}
 
 	mc.cleanup()
-	mc.clearResult()
+
 	return
 }
 
@@ -152,16 +147,13 @@ func (mc *mysqlConn) cleanup() {
 
 	// Makes cleanup idempotent
 	close(mc.closech)
-	conn := mc.rawConn
-	if conn == nil {
+	if mc.netConn == nil {
 		return
 	}
-	if err := conn.Close(); err != nil {
-		mc.log(err)
+	if err := mc.netConn.Close(); err != nil {
+		mc.cfg.Logger.Print(err)
 	}
-	// This function can be called from multiple goroutines.
-	// So we can not mc.clearResult() here.
-	// Caller should do it if they are in safe goroutine.
+	mc.clearResult()
 }
 
 func (mc *mysqlConn) error() error {
@@ -176,14 +168,14 @@ func (mc *mysqlConn) error() error {
 
 func (mc *mysqlConn) Prepare(query string) (driver.Stmt, error) {
 	if mc.closed.Load() {
-		mc.log(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	// Send command
 	err := mc.writeCommandPacketStr(comStmtPrepare, query)
 	if err != nil {
 		// STMT_PREPARE is safe to retry.  So we can return ErrBadConn here.
-		mc.log(err)
+		mc.cfg.Logger.Print(err)
 		return nil, driver.ErrBadConn
 	}
 
@@ -217,7 +209,7 @@ func (mc *mysqlConn) interpolateParams(query string, args []driver.Value) (strin
 	buf, err := mc.buf.takeCompleteBuffer()
 	if err != nil {
 		// can not take the buffer. Something must be wrong with the connection
-		mc.log(err)
+		mc.cfg.Logger.Print(err)
 		return "", ErrInvalidConn
 	}
 	buf = buf[:0]
@@ -309,7 +301,7 @@ func (mc *mysqlConn) interpolateParams(query string, args []driver.Value) (strin
 
 func (mc *mysqlConn) Exec(query string, args []driver.Value) (driver.Result, error) {
 	if mc.closed.Load() {
-		mc.log(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	if len(args) != 0 {
@@ -369,7 +361,7 @@ func (mc *mysqlConn) query(query string, args []driver.Value) (*textRows, error)
 	handleOk := mc.clearResult()
 
 	if mc.closed.Load() {
-		mc.log(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	if len(args) != 0 {
@@ -464,7 +456,7 @@ func (mc *mysqlConn) finish() {
 // Ping implements driver.Pinger interface
 func (mc *mysqlConn) Ping(ctx context.Context) (err error) {
 	if mc.closed.Load() {
-		mc.log(ErrInvalidConn)
+		mc.cfg.Logger.Print(ErrInvalidConn)
 		return driver.ErrBadConn
 	}
 
@@ -673,7 +665,7 @@ func (mc *mysqlConn) ResetSession(ctx context.Context) error {
 			err = connCheck(conn)
 		}
 		if err != nil {
-			mc.log("closing bad idle connection: ", err)
+			mc.cfg.Logger.Print("closing bad idle connection: ", err)
 			return driver.ErrBadConn
 		}
 	}
diff --git a/vendor/github.com/go-sql-driver/mysql/connector.go b/vendor/github.com/go-sql-driver/mysql/connector.go
index b67077596..a0ee62839 100644
--- a/vendor/github.com/go-sql-driver/mysql/connector.go
+++ b/vendor/github.com/go-sql-driver/mysql/connector.go
@@ -102,10 +102,10 @@ func (c *connector) Connect(ctx context.Context) (driver.Conn, error) {
 		nd := net.Dialer{Timeout: mc.cfg.Timeout}
 		mc.netConn, err = nd.DialContext(ctx, mc.cfg.Net, mc.cfg.Addr)
 	}
+
 	if err != nil {
 		return nil, err
 	}
-	mc.rawConn = mc.netConn
 
 	// Enable TCP Keepalives on TCP connections
 	if tc, ok := mc.netConn.(*net.TCPConn); ok {
diff --git a/vendor/github.com/go-sql-driver/mysql/errors.go b/vendor/github.com/go-sql-driver/mysql/errors.go
index a7ef88909..a9a3060c9 100644
--- a/vendor/github.com/go-sql-driver/mysql/errors.go
+++ b/vendor/github.com/go-sql-driver/mysql/errors.go
@@ -41,14 +41,14 @@ var defaultLogger = Logger(log.New(os.Stderr, "[mysql] ", log.Ldate|log.Ltime|lo
 
 // Logger is used to log critical error messages.
 type Logger interface {
-	Print(v ...any)
+	Print(v ...interface{})
 }
 
 // NopLogger is a nop implementation of the Logger interface.
 type NopLogger struct{}
 
 // Print implements Logger interface.
-func (nl *NopLogger) Print(_ ...any) {}
+func (nl *NopLogger) Print(_ ...interface{}) {}
 
 // SetLogger is used to set the default logger for critical errors.
 // The initial logger is os.Stderr.
diff --git a/vendor/github.com/go-sql-driver/mysql/fields.go b/vendor/github.com/go-sql-driver/mysql/fields.go
index 286084247..2a397b245 100644
--- a/vendor/github.com/go-sql-driver/mysql/fields.go
+++ b/vendor/github.com/go-sql-driver/mysql/fields.go
@@ -134,7 +134,7 @@ var (
 	scanTypeString     = reflect.TypeOf("")
 	scanTypeNullString = reflect.TypeOf(sql.NullString{})
 	scanTypeBytes      = reflect.TypeOf([]byte{})
-	scanTypeUnknown    = reflect.TypeOf(new(any))
+	scanTypeUnknown    = reflect.TypeOf(new(interface{}))
 )
 
 type mysqlField struct {
diff --git a/vendor/github.com/go-sql-driver/mysql/nulltime.go b/vendor/github.com/go-sql-driver/mysql/nulltime.go
index 316a48aae..7d381d5c2 100644
--- a/vendor/github.com/go-sql-driver/mysql/nulltime.go
+++ b/vendor/github.com/go-sql-driver/mysql/nulltime.go
@@ -38,7 +38,7 @@ type NullTime sql.NullTime
 // Scan implements the Scanner interface.
 // The value type must be time.Time or string / []byte (formatted time-string),
 // otherwise Scan fails.
-func (nt *NullTime) Scan(value any) (err error) {
+func (nt *NullTime) Scan(value interface{}) (err error) {
 	if value == nil {
 		nt.Time, nt.Valid = time.Time{}, false
 		return
diff --git a/vendor/github.com/go-sql-driver/mysql/packets.go b/vendor/github.com/go-sql-driver/mysql/packets.go
index 90a34728b..3d6e5308c 100644
--- a/vendor/github.com/go-sql-driver/mysql/packets.go
+++ b/vendor/github.com/go-sql-driver/mysql/packets.go
@@ -34,7 +34,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 			if cerr := mc.canceled.Value(); cerr != nil {
 				return nil, cerr
 			}
-			mc.log(err)
+			mc.cfg.Logger.Print(err)
 			mc.Close()
 			return nil, ErrInvalidConn
 		}
@@ -57,7 +57,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 		if pktLen == 0 {
 			// there was no previous packet
 			if prevData == nil {
-				mc.log(ErrMalformPkt)
+				mc.cfg.Logger.Print(ErrMalformPkt)
 				mc.Close()
 				return nil, ErrInvalidConn
 			}
@@ -71,7 +71,7 @@ func (mc *mysqlConn) readPacket() ([]byte, error) {
 			if cerr := mc.canceled.Value(); cerr != nil {
 				return nil, cerr
 			}
-			mc.log(err)
+			mc.cfg.Logger.Print(err)
 			mc.Close()
 			return nil, ErrInvalidConn
 		}
@@ -134,7 +134,7 @@ func (mc *mysqlConn) writePacket(data []byte) error {
 		// Handle error
 		if err == nil { // n != len(data)
 			mc.cleanup()
-			mc.log(ErrMalformPkt)
+			mc.cfg.Logger.Print(ErrMalformPkt)
 		} else {
 			if cerr := mc.canceled.Value(); cerr != nil {
 				return cerr
@@ -144,7 +144,7 @@ func (mc *mysqlConn) writePacket(data []byte) error {
 				return errBadConnNoWrite
 			}
 			mc.cleanup()
-			mc.log(err)
+			mc.cfg.Logger.Print(err)
 		}
 		return ErrInvalidConn
 	}
@@ -302,7 +302,7 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 	data, err := mc.buf.takeBuffer(pktLen + 4)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.log(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -351,6 +351,7 @@ func (mc *mysqlConn) writeHandshakeResponsePacket(authResp []byte, plugin string
 		if err := tlsConn.Handshake(); err != nil {
 			return err
 		}
+		mc.rawConn = mc.netConn
 		mc.netConn = tlsConn
 		mc.buf.nc = tlsConn
 	}
@@ -391,7 +392,7 @@ func (mc *mysqlConn) writeAuthSwitchPacket(authData []byte) error {
 	data, err := mc.buf.takeSmallBuffer(pktLen)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.log(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -411,7 +412,7 @@ func (mc *mysqlConn) writeCommandPacket(command byte) error {
 	data, err := mc.buf.takeSmallBuffer(4 + 1)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.log(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -430,7 +431,7 @@ func (mc *mysqlConn) writeCommandPacketStr(command byte, arg string) error {
 	data, err := mc.buf.takeBuffer(pktLen + 4)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.log(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -451,7 +452,7 @@ func (mc *mysqlConn) writeCommandPacketUint32(command byte, arg uint32) error {
 	data, err := mc.buf.takeSmallBuffer(4 + 1 + 4)
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.log(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -993,7 +994,7 @@ func (stmt *mysqlStmt) writeExecutePacket(args []driver.Value) error {
 	}
 	if err != nil {
 		// cannot take the buffer. Something must be wrong with the connection
-		mc.log(err)
+		mc.cfg.Logger.Print(err)
 		return errBadConnNoWrite
 	}
 
@@ -1192,7 +1193,7 @@ func (stmt *mysqlStmt) writeExecutePacket(args []driver.Value) error {
 		if valuesCap != cap(paramValues) {
 			data = append(data[:pos], paramValues...)
 			if err = mc.buf.store(data); err != nil {
-				mc.log(err)
+				mc.cfg.Logger.Print(err)
 				return errBadConnNoWrite
 			}
 		}
diff --git a/vendor/github.com/go-sql-driver/mysql/statement.go b/vendor/github.com/go-sql-driver/mysql/statement.go
index 0436f2240..31e7799c4 100644
--- a/vendor/github.com/go-sql-driver/mysql/statement.go
+++ b/vendor/github.com/go-sql-driver/mysql/statement.go
@@ -51,7 +51,7 @@ func (stmt *mysqlStmt) CheckNamedValue(nv *driver.NamedValue) (err error) {
 
 func (stmt *mysqlStmt) Exec(args []driver.Value) (driver.Result, error) {
 	if stmt.mc.closed.Load() {
-		stmt.mc.log(ErrInvalidConn)
+		stmt.mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	// Send command
@@ -95,7 +95,7 @@ func (stmt *mysqlStmt) Query(args []driver.Value) (driver.Rows, error) {
 
 func (stmt *mysqlStmt) query(args []driver.Value) (*binaryRows, error) {
 	if stmt.mc.closed.Load() {
-		stmt.mc.log(ErrInvalidConn)
+		stmt.mc.cfg.Logger.Print(ErrInvalidConn)
 		return nil, driver.ErrBadConn
 	}
 	// Send command
@@ -141,7 +141,7 @@ type converter struct{}
 // implementation does not.  This function should be kept in sync with
 // database/sql/driver defaultConverter.ConvertValue() except for that
 // deliberate difference.
-func (c converter) ConvertValue(v any) (driver.Value, error) {
+func (c converter) ConvertValue(v interface{}) (driver.Value, error) {
 	if driver.IsValue(v) {
 		return v, nil
 	}
diff --git a/vendor/github.com/google/certificate-transparency-go/.golangci.yaml b/vendor/github.com/google/certificate-transparency-go/.golangci.yaml
index 405740a1f..6cd9695e1 100644
--- a/vendor/github.com/google/certificate-transparency-go/.golangci.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/.golangci.yaml
@@ -18,11 +18,5 @@ linters-settings:
 
 issues:
   exclude-use-default: false
-  exclude-rules:
-    # The following grpc linters are excluded because grpc.Dial, grpc.DialContext and grpc.WithBlock will be supported throughout 1.x.
-    - linters: [staticcheck]
-      text: 'SA1019: grpc.Dial is deprecated: use NewClient instead'
-    - linters: [staticcheck]
-      text: 'SA1019: grpc.DialContext is deprecated: use NewClient instead'
-    - linters: [staticcheck]
-      text: 'SA1019: grpc.WithBlock is deprecated: this DialOption is not supported by NewClient'
+  exclude:
+    - "Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*printf?|os\\.(Un)?Setenv). is not checked"
diff --git a/vendor/github.com/google/certificate-transparency-go/AUTHORS b/vendor/github.com/google/certificate-transparency-go/AUTHORS
index ad514665e..942cec9b3 100644
--- a/vendor/github.com/google/certificate-transparency-go/AUTHORS
+++ b/vendor/github.com/google/certificate-transparency-go/AUTHORS
@@ -9,8 +9,8 @@
 # Please keep the list sorted.
 
 Alex Cohn 
+Comodo CA Limited
 Ed Maste 
-Elisha Silas 
 Fiaz Hossain 
 Google LLC
 Internet Security Research Group
@@ -23,7 +23,6 @@ Nicholas Galbreath 
 Oliver Weidner 
 PrimeKey Solutions AB
 Ruslan Kovalov 
-Sectigo Limited
 Venafi, Inc.
 Vladimir Rutsky 
 Ximin Luo 
diff --git a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
index 5cb7b7d43..e286ae20d 100644
--- a/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
+++ b/vendor/github.com/google/certificate-transparency-go/CHANGELOG.md
@@ -2,323 +2,6 @@
 
 ## HEAD
 
-## v1.3.1
-
-* Add AllLogListSignatureURL by @AlexLaroche in https://github.com/google/certificate-transparency-go/pull/1634
-* Add TiledLogs to log list JSON by @mcpherrinm in https://github.com/google/certificate-transparency-go/pull/1635
-* chore: relax go directive to permit 1.22.x by @dnwe in https://github.com/google/certificate-transparency-go/pull/1640
-
-### Dependency Update
-
-* Bump github.com/fullstorydev/grpcurl from 1.9.1 to 1.9.2 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1627
-* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1628
-* Bump the docker-deps group across 5 directories with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1630
-* Bump github/codeql-action from 3.27.5 to 3.27.6 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1629
-* Bump golang.org/x/crypto from 0.30.0 to 0.31.0 in the go_modules group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1631
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1633
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1632
-* Bump the docker-deps group across 4 directories with 1 update by @dependabot in https://github.com/google/certificate-transparency-go/pull/1638
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1637
-* Bump the all-deps group across 1 directory with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1641
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1643
-* Bump google.golang.org/grpc from 1.69.2 to 1.69.4 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1642
-
-## v1.3.0
-
-### CTFE Storage Saving: Extra Data Issuance Chain Deduplication
-
-This feature now supports PostgreSQL, in addition to the support for MySQL/MariaDB that was added in [v1.2.0](#v1.2.0).
-
-Log operators can choose to enable this feature for new PostgreSQL-based CT logs by adding new CTFE configs in the [LogMultiConfig](trillian/ctfe/configpb/config.proto) and importing the [database schema](trillian/ctfe/storage/postgresql/schema.sql). The other available options are documented in the [v1.2.0](#v1.2.0) changelog entry.
-
-This change is tested in Cloud Build tests using the `postgres:17` Docker image as of the time of writing.
-
-* Add IssuanceChainStorage PostgreSQL implementation by @robstradling in https://github.com/google/certificate-transparency-go/pull/1618
-
-### Misc
-
-* [Dependabot] Update all docker images in one PR by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1614
-* Explicitly include version tag by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1617
-* Add empty cloudbuild_postgresql.yaml by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1623
-
-### Dependency update
-
-* Bump the all-deps group with 4 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1609
-* Bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1611
-* Bump github/codeql-action from 3.27.0 to 3.27.1 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1610
-* Bump golang from 1.23.2-bookworm to 1.23.3-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1612
-* Bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 in the go_modules group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1613
-* Bump the docker-deps group across 3 directories with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1616
-* Bump github/codeql-action from 3.27.1 to 3.27.2 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1615
-* Bump the docker-deps group across 4 directories with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1622
-* Bump github/codeql-action from 3.27.2 to 3.27.4 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1620
-* Bump the all-deps group with 4 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1621
-* Bump github.com/google/trillian from 1.6.1 to 1.7.0 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1624
-* Bump github/codeql-action from 3.27.4 to 3.27.5 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1625
-
-## v1.2.2
-
-* Recommended Go version for development: 1.22
-  * Using a different version can lead to presubmits failing due to unexpected diffs.
-
-### Add TLS Support
-
-Add TLS support for Trillian: By using `--trillian_tls_ca_cert_file` flag, users can provide a CA certificate, that is used to establish a secure communication with Trillian log server.
-
-Add TLS support for ct_server: By using `--tls_certificate` and `--tls_key` flags, users can provide a service certificate and key, that enables the server to handle HTTPS requests.
-
-* Add TLS support for CTLog server by @fghanmi in https://github.com/google/certificate-transparency-go/pull/1523
-* Add TLS support for migrillian by @fghanmi in https://github.com/google/certificate-transparency-go/pull/1525
-* fix TLS configuration for ct_server by @fghanmi in https://github.com/google/certificate-transparency-go/pull/1542
-* Add Trillian TLS support for ct_server by @fghanmi in https://github.com/google/certificate-transparency-go/pull/1551
-
-### HTTP Idle Connection Timeout Flag
-
-A new flag `http_idle_timeout` is added to set the HTTP server's idle timeout value in the ct_server binary. This controls the maximum amount of time to wait for the next request when keep-alives are enabled.
-
-* add flag for HTTP idle connection timeout value by @bobcallaway in https://github.com/google/certificate-transparency-go/pull/1597
-
-### Misc
-
-* Refactor issuance chain service by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1512
-* Use the version in the go.mod file for vuln checks by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1528
-
-### Fixes
-
-* Fix failed tests on 32-bit OS by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1540
-
-### Dependency update
-
-* Bump go.etcd.io/etcd/v3 from 3.5.13 to 3.5.14 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1500
-* Bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1501
-* Bump golang.org/x/net from 0.25.0 to 0.26.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1503
-* Group dependabot updates as much as possible by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1506
-* Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1507
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1511
-* Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1510
-* Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1509
-* Bump golang from 1.22.3-bookworm to 1.22.4-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1508
-* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1516
-* Bump golang from `aec4784` to `9678844` in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1518
-* Bump alpine from 3.19 to 3.20 in /trillian/examples/deployment/docker/envsubst by @dependabot in https://github.com/google/certificate-transparency-go/pull/1492
-* Bump golang from `aec4784` to `9678844` in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1517
-* Bump golang from `aec4784` to `9678844` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1513
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1515
-* Bump golang from `aec4784` to `9678844` in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1514
-* Bump alpine from `77726ef` to `b89d9c9` in /trillian/examples/deployment/docker/envsubst in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1519
-* Bump k8s.io/klog/v2 from 2.130.0 to 2.130.1 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1521
-* Bump alpine from `77726ef` to `b89d9c9` in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1520
-* Bump github/codeql-action from 3.25.10 to 3.25.11 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1526
-* Bump version of go used by the vuln checker by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1527
-* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1530
-* Bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1531
-* Bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1532
-* Bump the all-deps group in /trillian/examples/deployment/docker/ctfe with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1533
-* Bump actions/upload-artifact from 4.3.3 to 4.3.4 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1534
-* Bump golang from 1.22.4-bookworm to 1.22.5-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1535
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1536
-* Bump github/codeql-action from 3.25.12 to 3.25.13 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1538
-* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1537
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1543
-* Bump golang from `6c27802` to `af9b40f` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1544
-* Bump golang from `6c27802` to `af9b40f` in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1548
-* Bump golang from `6c27802` to `af9b40f` in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1547
-* Bump alpine from `b89d9c9` to `0a4eaa0` in /trillian/examples/deployment/docker/envsubst in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1546
-* Bump the all-deps group in /internal/witness/cmd/feeder with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1545
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1549
-* Bump golang.org/x/time from 0.5.0 to 0.6.0 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1550
-* Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1552
-* Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1553
-* Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1554
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1555
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1556
-* Bump golang from 1.22.5-bookworm to 1.22.6-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1557
-* Bump github.com/prometheus/client_golang from 1.19.1 to 1.20.0 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1559
-* Bump github/codeql-action from 3.26.0 to 3.26.3 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1561
-* Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1558
-* Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1563
-* Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1560
-* Bump golang from 1.22.6-bookworm to 1.23.0-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1562
-* Bump go version to 1.22.6 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1564
-* Bump github.com/prometheus/client_golang from 1.20.0 to 1.20.2 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1565
-* Bump github/codeql-action from 3.26.3 to 3.26.5 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1566
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1568
-* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1569
-* Bump go from 1.22.6 to 1.22.7 by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1574
-* Bump alpine from `0a4eaa0` to `beefdbd` in /trillian/examples/deployment/docker/envsubst in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1571
-* Bump the all-deps group across 1 directory with 5 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1577
-* Bump golang from 1.23.0-bookworm to 1.23.1-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1575
-* Bump golang from 1.23.0-bookworm to 1.23.1-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1576
-* Bump the all-deps group in /trillian/examples/deployment/docker/ctfe with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1572
-* Bump the all-deps group in /internal/witness/cmd/feeder with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1573
-* Bump the all-deps group with 4 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1578
-* Bump github/codeql-action from 3.26.6 to 3.26.7 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1579
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1580
-* Bump github/codeql-action from 3.26.7 to 3.26.8 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1581
-* Bump distroless/base-debian12 from `c925d12` to `88e0a2a` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1582
-* Bump the all-deps group in /trillian/examples/deployment/docker/ctfe with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1585
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1583
-* Bump golang from `1a5326b` to `dba79eb` in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1584
-* Bump golang from `1a5326b` to `dba79eb` in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1587
-* Bump golang from `1a5326b` to `dba79eb` in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1586
-* Bump the all-deps group with 5 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1588
-* Bump the all-deps group with 6 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1589
-* Bump golang from 1.23.1-bookworm to 1.23.2-bookworm in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1593
-* Bump golang from 1.23.1-bookworm to 1.23.2-bookworm in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1592
-* Bump golang from 1.23.1-bookworm to 1.23.2-bookworm in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1591
-* Bump golang from 1.23.1-bookworm to 1.23.2-bookworm in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1590
-* Bump the all-deps group with 2 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1595
-* Bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5 in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1598
-* Bump golang from `18d2f94` to `2341ddf` in /integration in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1602
-* Bump golang from `18d2f94` to `2341ddf` in /internal/witness/cmd/witness in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1599
-* Bump golang from `18d2f94` to `2341ddf` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1600
-* Bump golang from `18d2f94` to `2341ddf` in /internal/witness/cmd/feeder in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1601
-* Bump the all-deps group with 3 updates by @dependabot in https://github.com/google/certificate-transparency-go/pull/1603
-* Bump distroless/base-debian12 from `6ae5fe6` to `8fe31fb` in /trillian/examples/deployment/docker/ctfe in the all-deps group by @dependabot in https://github.com/google/certificate-transparency-go/pull/1604
-
-## v1.2.1
-
-### Fixes
-
-* Fix Go potential bugs and maintainability by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1496
-
-### Dependency update
-
-* Bump google.golang.org/grpc from 1.63.2 to 1.64.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1482
-
-## v1.2.0
-
-### CTFE Storage Saving: Extra Data Issuance Chain Deduplication
-
-To reduce CT/Trillian database storage by deduplication of the entire issuance chain (intermediate certificate(s) and root certificate) that is currently stored in the Trillian merkle tree leaf ExtraData field. Storage cost should be reduced by at least 33% for new CT logs with this feature enabled. Currently only MySQL/MariaDB is supported to store the issuance chain in the CTFE database.
-
-Existing logs are not affected by this change. 
-
-Log operators can choose to opt-in this change for new CT logs by adding new CTFE configs in the [LogMultiConfig](trillian/ctfe/configpb/config.proto) and importing the [database schema](trillian/ctfe/storage/mysql/schema.sql). See [example](trillian/examples/deployment/docker/ctfe/ct_server.cfg).
-
-- `ctfe_storage_connection_string`
-- `extra_data_issuance_chain_storage_backend`
-
-An optional LRU cache can be enabled by providing the following flags.
-
-- `cache_type`
-- `cache_size`
-- `cache_ttl`
-
-This change is tested in Cloud Build tests using the `mysql:8.4` Docker image as of the time of writing.
-
-* Add issuance chain storage interface by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1430
-* Add issuance chain cache interface by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1431
-* Add CTFE extra data storage saving configs to config.proto by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1432
-* Add new types `PrecertChainEntryHash` and `CertificateChainHash` for TLS marshal/unmarshal in storage saving by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1435
-* Add IssuanceChainCache LRU implementation by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1454
-* Add issuance chain service by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1452
-* Add CTFE extra data storage saving configs validation by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1456
-* Add IssuanceChainStorage MySQL implementation by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1462
-* Fix errcheck lint in mysql test by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1464
-* CTFE Extra Data Issuance Chain Deduplication by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1477
-* Fix incorrect deployment doc and server config by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1494
-
-### Submission proxy: Root compatibility checking
-
-* Adds the ability for a CT client to disable root compatibile checking by @aaomidi in https://github.com/google/certificate-transparency-go/pull/1258
-
-### Fixes
-
-* Return 429 Too Many Requests for gRPC error code `ResourceExhausted` from Trillian by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1401
-* Safeguard against redirects on PUT request by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1418
-* Fix CT client upload to be safe against no-op POSTs by @mhutchinson in https://github.com/google/certificate-transparency-go/pull/1424
-
-### Misc
-
-* Prefix errors.New variables with the word "Err" by @aaomidi in https://github.com/google/certificate-transparency-go/pull/1399
-* Remove lint exceptions and fix remaining issues by @silaselisha in https://github.com/google/certificate-transparency-go/pull/1438
-* Fix invalid Go toolchain version by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1471
-* Regenerate proto files by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1489
-
-### Dependency update
-
-* Bump distroless/base-debian12 from `5eae9ef` to `28a7f1f` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1388
-* Bump github/codeql-action from 3.24.6 to 3.24.7 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1389
-* Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1390
-* Bump golang from `6699d28` to `7f9c058` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1391
-* Bump golang from `6699d28` to `7f9c058` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1392
-* Bump golang from `6699d28` to `7a392a2` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1393
-* Bump golang from `6699d28` to `7a392a2` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1394
-* Bump golang from `7a392a2` to `d996c64` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1395
-* Bump golang from `7f9c058` to `d996c64` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1396
-* Bump golang from `7a392a2` to `d996c64` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1397
-* Bump golang from `7f9c058` to `d996c64` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1398
-* Bump github/codeql-action from 3.24.7 to 3.24.8 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1400
-* Bump github/codeql-action from 3.24.8 to 3.24.9 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1402
-* Bump go.etcd.io/etcd/v3 from 3.5.12 to 3.5.13 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1405
-* Bump distroless/base-debian12 from `28a7f1f` to `611d30d` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1406
-* Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1407
-* Bump golang.org/x/net from 0.22.0 to 0.23.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1408
-* update govulncheck go version from 1.21.8 to 1.21.9 by @phbnf in https://github.com/google/certificate-transparency-go/pull/1412
-* Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1409
-* Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1410
-* Bump golang.org/x/crypto from 0.21.0 to 0.22.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1414
-* Bump golang from 1.22.1-bookworm to 1.22.2-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1411
-* Bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1415
-* Bump golang.org/x/net from 0.23.0 to 0.24.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1416
-* Bump google.golang.org/grpc from 1.62.1 to 1.63.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1417
-* Bump github.com/fullstorydev/grpcurl from 1.8.9 to 1.9.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1419
-* Bump golang from `48b942a` to `3451eec` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1421
-* Bump golang from `48b942a` to `3451eec` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1423
-* Bump golang from `48b942a` to `3451eec` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1420
-* Bump golang from `3451eec` to `b03f3ba` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1426
-* Bump golang from `3451eec` to `b03f3ba` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1425
-* Bump golang from `48b942a` to `3451eec` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1422
-* Bump golang from `3451eec` to `b03f3ba` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1427
-* Bump golang from `3451eec` to `b03f3ba` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1428
-* Bump github/codeql-action from 3.24.10 to 3.25.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1433
-* Bump github/codeql-action from 3.25.0 to 3.25.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1434
-* Bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1436
-* Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1437
-* Bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1440
-* Bump github/codeql-action from 3.25.1 to 3.25.2 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1441
-* Bump golang from `b03f3ba` to `d0902ba` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1444
-* Bump golang from `b03f3ba` to `d0902ba` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1443
-* Bump github.com/rs/cors from 1.10.1 to 1.11.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1442
-* Bump golang from `b03f3ba` to `d0902ba` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1447
-* Bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1446
-* Bump github/codeql-action from 3.25.2 to 3.25.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1449
-* Bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1448
-* Bump golang from `b03f3ba` to `d0902ba` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1445
-* Bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1451
-* Bump distroless/base-debian12 from `611d30d` to `d8d01e2` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1450
-* Bump google.golang.org/protobuf from 1.33.1-0.20240408130810-98873a205002 to 1.34.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1453
-* Bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1455
-* Bump golang.org/x/net from 0.24.0 to 0.25.0 and golang.org/x/crypto from v0.22.0 to v0.23.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1457
-* Bump google.golang.org/protobuf from 1.34.0 to 1.34.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1458
-* Bump distroless/base-debian12 from `d8d01e2` to `786007f` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1461
-* Bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1460
-* Bump `go-version-input` to 1.21.10 in govulncheck.yml by @roger2hk in https://github.com/google/certificate-transparency-go/pull/1472
-* Bump golangci/golangci-lint-action from 5.3.0 to 6.0.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1473
-* Bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1469
-* Bump github.com/go-sql-driver/mysql from 1.7.1 to 1.8.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1465
-* Bump golang from 1.22.2-bookworm to 1.22.3-bookworm in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1466
-* Bump golang from 1.22.2-bookworm to 1.22.3-bookworm in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1463
-* Bump golang from 1.22.2-bookworm to 1.22.3-bookworm in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1470
-* Bump golang from 1.22.2-bookworm to 1.22.3-bookworm in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1467
-* Bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1474
-* Bump github.com/prometheus/client_golang from 1.19.0 to 1.19.1 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1475
-* Bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1476
-* Bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1478
-* Bump golang from `6d71b7c` to `ef27a3c` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1480
-* Bump golang from `6d71b7c` to `ef27a3c` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1481
-* Bump golang from `6d71b7c` to `ef27a3c` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1479
-* Bump golang from `6d71b7c` to `ef27a3c` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1483
-* Bump golang from `ef27a3c` to `5c56bd4` in /integration by @dependabot in https://github.com/google/certificate-transparency-go/pull/1484
-* Bump golang from `ef27a3c` to `5c56bd4` in /internal/witness/cmd/witness by @dependabot in https://github.com/google/certificate-transparency-go/pull/1485
-* Bump golang from `ef27a3c` to `5c56bd4` in /trillian/examples/deployment/docker/ctfe by @dependabot in https://github.com/google/certificate-transparency-go/pull/1486
-* Bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1487
-* Bump golang from `ef27a3c` to `5c56bd4` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1488
-* Bump github/codeql-action from 3.25.5 to 3.25.6 by @dependabot in https://github.com/google/certificate-transparency-go/pull/1490
-* Bump alpine from `c5b1261` to `58d02b4` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1491
-* Bump alpine from `58d02b4` to `77726ef` in /internal/witness/cmd/feeder by @dependabot in https://github.com/google/certificate-transparency-go/pull/1493
-
 ## v1.1.8
 
 * Recommended Go version for development: 1.21
diff --git a/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS b/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS
index 3a98a7e1e..4d04dc6a3 100644
--- a/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS
+++ b/vendor/github.com/google/certificate-transparency-go/CONTRIBUTORS
@@ -30,7 +30,6 @@ Chris Kennelly  
 David Drysdale 
 Deyan Bektchiev  
 Ed Maste 
-Elisha Silas 
 Emilia Kasper 
 Eran Messeri  
 Fiaz Hossain 
@@ -52,7 +51,7 @@ Paul Lietar 
 Pavel Kalinnikov  
 Pierre Phaneuf 
 Rob Percival 
-Rob Stradling 
+Rob Stradling 
 Roger Ng  
 Roland Shoemaker 
 Ruslan Kovalov 
diff --git a/vendor/github.com/google/certificate-transparency-go/README.md b/vendor/github.com/google/certificate-transparency-go/README.md
index b528c5575..ac71ebc11 100644
--- a/vendor/github.com/google/certificate-transparency-go/README.md
+++ b/vendor/github.com/google/certificate-transparency-go/README.md
@@ -6,7 +6,7 @@
 
 This repository holds Go code related to
 [Certificate Transparency](https://www.certificate-transparency.org/) (CT).  The
-repository requires Go version 1.22.
+repository requires Go version 1.21.
 
  - [Repository Structure](#repository-structure)
  - [Trillian CT Personality](#trillian-ct-personality)
diff --git a/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go b/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go
index a2fed51d8..125cb4c79 100644
--- a/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go
+++ b/vendor/github.com/google/certificate-transparency-go/client/configpb/multilog.pb.go
@@ -14,7 +14,7 @@
 
 // Code generated by protoc-gen-go. DO NOT EDIT.
 // versions:
-// 	protoc-gen-go v1.34.1
+// 	protoc-gen-go v1.28.1
 // 	protoc        v3.20.1
 // source: client/configpb/multilog.proto
 
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
index 50ac5ef7b..6c856c11c 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild.yaml
@@ -85,13 +85,6 @@ steps:
 
       # Wait for trillian logserver to be up
       until nc -z deployment_trillian-log-server_1 8090; do echo .; sleep 5; done
-
-      # Reset the CT test database
-      export CT_GO_PATH="$$(go list -f '{{.Dir}}' github.com/google/certificate-transparency-go)"
-      export MYSQL_HOST="mysql"
-      export MYSQL_ROOT_PASSWORD="zaphod"
-      export MYSQL_USER_HOST="%"
-      yes | bash "$${CT_GO_PATH}/scripts/resetctdb.sh" --verbose
   waitFor: ['prepare']
 
 # Run the presubmit tests
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
index 566edfe0f..0e47e326f 100644
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
+++ b/vendor/github.com/google/certificate-transparency-go/cloudbuild_master.yaml
@@ -85,13 +85,6 @@ steps:
 
       # Wait for trillian logserver to be up
       until nc -z deployment_trillian-log-server_1 8090; do echo .; sleep 5; done
-
-      # Reset the CT test database
-      export CT_GO_PATH="$$(go list -f '{{.Dir}}' github.com/google/certificate-transparency-go)"
-      export MYSQL_HOST="mysql"
-      export MYSQL_ROOT_PASSWORD="zaphod"
-      export MYSQL_USER_HOST="%"
-      yes | bash "$${CT_GO_PATH}/scripts/resetctdb.sh" --verbose
   waitFor: ['prepare']
 
 # Run the presubmit tests
diff --git a/vendor/github.com/google/certificate-transparency-go/cloudbuild_postgresql.yaml b/vendor/github.com/google/certificate-transparency-go/cloudbuild_postgresql.yaml
deleted file mode 100644
index 37faca72a..000000000
--- a/vendor/github.com/google/certificate-transparency-go/cloudbuild_postgresql.yaml
+++ /dev/null
@@ -1,161 +0,0 @@
-#############################################################################
-## This file is based on cloudbuild.yaml, but targets PostgreSQL instead of
-## MySQL.
-#############################################################################
-
-timeout: 1200s
-options:
-  machineType: N1_HIGHCPU_32
-  volumes:
-  - name: go-modules
-    path: /go
-  env:
-  - GOPROXY=https://proxy.golang.org
-  - PROJECT_ROOT=github.com/google/certificate-transparency-go
-  - GOPATH=/go
-
-substitutions:
-  _CLUSTER_NAME: trillian-opensource-ci
-  _MASTER_ZONE: us-central1-a
-
-# Cloud Build logs sent to GCS bucket
-logsBucket: 'gs://trillian-cloudbuild-logs'
-
-steps:
-# First build a "ct_testbase" docker image which contains most of the tools we need for the later steps:
-- name: 'gcr.io/cloud-builders/docker'
-  entrypoint: 'bash'
-  args: ['-c', 'docker pull gcr.io/$PROJECT_ID/ct_testbase:latest || exit 0']
-- name: 'gcr.io/cloud-builders/docker'
-  args: [
-    'build',
-    '-t', 'gcr.io/$PROJECT_ID/ct_testbase:latest',
-    '--cache-from', 'gcr.io/$PROJECT_ID/ct_testbase:latest',
-    '-f', './integration/Dockerfile',
-    '.'
-  ]
-
-# prepare spins up an ephemeral trillian instance for testing use.
-- name: gcr.io/$PROJECT_ID/ct_testbase
-  entrypoint: 'bash'
-  id: 'prepare'
-  args:
-  - '-exc'
-  - |
-    # Use latest versions of Trillian docker images built by the Trillian CI cloudbuilders.
-    docker pull gcr.io/$PROJECT_ID/log_server:latest
-    docker tag gcr.io/$PROJECT_ID/log_server:latest postgresql_trillian-log-server
-    docker pull gcr.io/$PROJECT_ID/log_signer:latest
-    docker tag gcr.io/$PROJECT_ID/log_signer:latest postgresql_trillian-log-signer
-
-    # Bring up an ephemeral trillian instance using the docker-compose config in the Trillian repo:
-    export TRILLIAN_LOCATION="$$(go list -f '{{.Dir}}' github.com/google/trillian)"
-
-    # We need to fix up Trillian's docker-compose to connect to the CloudBuild network to that tests can use it:
-    echo -e "networks:\n      default:\n        external:\n          name: cloudbuild" >> $${TRILLIAN_LOCATION}/examples/deployment/postgresql/docker-compose.yml
-
-    docker-compose -f $${TRILLIAN_LOCATION}/examples/deployment/postgresql/docker-compose.yml pull postgresql trillian-log-server trillian-log-signer
-    docker-compose -f $${TRILLIAN_LOCATION}/examples/deployment/postgresql/docker-compose.yml up -d postgresql trillian-log-server trillian-log-signer
-
-# Install proto related bits and block on Trillian being ready
-- name: gcr.io/$PROJECT_ID/ct_testbase
-  id: 'ci-ready'
-  entrypoint: 'bash'
-  args:
-    - '-ec'
-    - |
-      go install \
-        github.com/golang/protobuf/proto \
-        github.com/golang/protobuf/protoc-gen-go \
-        github.com/golang/mock/mockgen \
-        go.etcd.io/etcd/v3 go.etcd.io/etcd/etcdctl/v3 \
-        github.com/fullstorydev/grpcurl/cmd/grpcurl
-
-      # Generate all protoc and mockgen files
-      go generate -run="protoc" ./...
-      go generate -run="mockgen" ./...
-
-      # Cache all the modules we'll need too
-      go mod download
-      go test ./...
-
-      # Wait for trillian logserver to be up
-      until nc -z postgresql_trillian-log-server_1 8090; do echo .; sleep 5; done
-
-      # Reset the CT test database
-      export CT_GO_PATH="$$(go list -f '{{.Dir}}' github.com/google/certificate-transparency-go)"
-      export POSTGRESQL_HOST="postgresql"
-      yes | bash "$${CT_GO_PATH}/scripts/resetpgctdb.sh" --verbose
-  waitFor: ['prepare']
-
-# Run the presubmit tests
-- name: gcr.io/$PROJECT_ID/ct_testbase
-  id: 'default_test'
-  env:
-    - 'GOFLAGS='
-    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
-    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
-    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
-    - 'CONFIG_SUBDIR=/postgresql'
-  waitFor: ['ci-ready']
-
-- name: gcr.io/$PROJECT_ID/ct_testbase
-  id: 'race_detection'
-  env:
-    - 'GOFLAGS=-race'
-    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
-    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
-    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
-    - 'CONFIG_SUBDIR=/postgresql'
-  waitFor: ['ci-ready']
-
-- name: gcr.io/$PROJECT_ID/ct_testbase
-  id: 'etcd_with_coverage'
-  env:
-    - 'GOFLAGS='
-    - 'PRESUBMIT_OPTS=--no-linters --no-generate --coverage'
-    - 'WITH_ETCD=true'
-    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
-    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
-    - 'CONFIG_SUBDIR=/postgresql'
-  waitFor: ['ci-ready']
-
-- name: gcr.io/$PROJECT_ID/ct_testbase
-  id: 'etcd_with_race'
-  env:
-    - 'GOFLAGS=-race'
-    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
-    - 'WITH_ETCD=true'
-    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
-    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
-    - 'CONFIG_SUBDIR=/postgresql'
-  waitFor: ['ci-ready']
-
-- name: gcr.io/$PROJECT_ID/ct_testbase
-  id: 'with_pkcs11_and_race'
-  env:
-    - 'GOFLAGS=-race --tags=pkcs11'
-    - 'PRESUBMIT_OPTS=--no-linters --no-generate'
-    - 'WITH_PKCS11=true'
-    - 'TRILLIAN_LOG_SERVERS=postgresql_trillian-log-server_1:8090'
-    - 'TRILLIAN_LOG_SERVER_1=postgresql_trillian-log-server_1:8090'
-    - 'CONFIG_SUBDIR=/postgresql'
-  waitFor: ['ci-ready']
-
-# Collect and submit codecoverage reports
-- name: 'gcr.io/cloud-builders/curl'
-  id: 'codecov.io'
-  entrypoint: bash
-  args: ['-c', 'bash <(curl -s https://codecov.io/bash)']
-  env:
-  - 'VCS_COMMIT_ID=$COMMIT_SHA'
-  - 'VCS_BRANCH_NAME=$BRANCH_NAME'
-  - 'VCS_PULL_REQUEST=$_PR_NUMBER'
-  - 'CI_BUILD_ID=$BUILD_ID'
-  - 'CODECOV_TOKEN=$_CODECOV_TOKEN' # _CODECOV_TOKEN is specified in the cloud build trigger
-  waitFor: ['etcd_with_coverage']
-
-- name: gcr.io/$PROJECT_ID/ct_testbase
-  id: 'ci_complete'
-  entrypoint: /bin/true
-  waitFor: ['codecov.io', 'default_test', 'race_detection', 'etcd_with_coverage', 'etcd_with_race', 'with_pkcs11_and_race']
diff --git a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
index 1dee4cb60..a95f19ccd 100644
--- a/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
+++ b/vendor/github.com/google/certificate-transparency-go/jsonclient/client.go
@@ -194,9 +194,7 @@ func (c *JSONClient) GetAndParse(ctx context.Context, path string, params map[st
 
 	// Read everything now so http.Client can reuse the connection.
 	body, err := io.ReadAll(httpRsp.Body)
-	if err := httpRsp.Body.Close(); err != nil {
-		return nil, nil, err
-	}
+	httpRsp.Body.Close()
 	if err != nil {
 		return nil, nil, RspError{Err: fmt.Errorf("failed to read response body: %v", err), StatusCode: httpRsp.StatusCode, Body: body}
 	}
@@ -242,9 +240,7 @@ func (c *JSONClient) PostAndParse(ctx context.Context, path string, req, rsp int
 	var body []byte
 	if httpRsp != nil {
 		body, err = io.ReadAll(httpRsp.Body)
-		if err := httpRsp.Body.Close(); err != nil {
-			return nil, nil, err
-		}
+		httpRsp.Body.Close()
 	}
 	if err != nil {
 		if httpRsp != nil {
@@ -252,10 +248,6 @@ func (c *JSONClient) PostAndParse(ctx context.Context, path string, req, rsp int
 		}
 		return nil, nil, err
 	}
-	if httpRsp.Request.Method != http.MethodPost {
-		// https://developer.mozilla.org/en-US/docs/Web/HTTP/Redirections#permanent_redirections
-		return nil, nil, fmt.Errorf("POST request to %q was converted to %s request to %q", fullURI, httpRsp.Request.Method, httpRsp.Request.URL)
-	}
 
 	if httpRsp.StatusCode == http.StatusOK {
 		if err = json.Unmarshal(body, &rsp); err != nil {
diff --git a/vendor/github.com/google/certificate-transparency-go/types.go b/vendor/github.com/google/certificate-transparency-go/types.go
index 2a96f6a09..b6af606bf 100644
--- a/vendor/github.com/google/certificate-transparency-go/types.go
+++ b/vendor/github.com/google/certificate-transparency-go/types.go
@@ -248,21 +248,6 @@ type CertificateChain struct {
 	Entries []ASN1Cert `tls:"minlen:0,maxlen:16777215"`
 }
 
-// PrecertChainEntryHash is an extended PrecertChainEntry type with the
-// IssuanceChainHash field added to store the hash of the
-// CertificateChain field of PrecertChainEntry.
-type PrecertChainEntryHash struct {
-	PreCertificate    ASN1Cert `tls:"minlen:1,maxlen:16777215"`
-	IssuanceChainHash []byte   `tls:"minlen:0,maxlen:256"`
-}
-
-// CertificateChainHash is an extended CertificateChain type with the
-// IssuanceChainHash field added to store the hash of the
-// Entries field of CertificateChain.
-type CertificateChainHash struct {
-	IssuanceChainHash []byte `tls:"minlen:0,maxlen:256"`
-}
-
 // JSONDataEntry holds arbitrary data.
 type JSONDataEntry struct {
 	Data []byte `tls:"minlen:0,maxlen:1677215"`
diff --git a/vendor/github.com/klauspost/compress/.gitattributes b/vendor/github.com/klauspost/compress/.gitattributes
deleted file mode 100644
index 402433593..000000000
--- a/vendor/github.com/klauspost/compress/.gitattributes
+++ /dev/null
@@ -1,2 +0,0 @@
-* -text
-*.bin -text -diff
diff --git a/vendor/github.com/klauspost/compress/.gitignore b/vendor/github.com/klauspost/compress/.gitignore
deleted file mode 100644
index d31b37815..000000000
--- a/vendor/github.com/klauspost/compress/.gitignore
+++ /dev/null
@@ -1,32 +0,0 @@
-# Compiled Object files, Static and Dynamic libs (Shared Objects)
-*.o
-*.a
-*.so
-
-# Folders
-_obj
-_test
-
-# Architecture specific extensions/prefixes
-*.[568vq]
-[568vq].out
-
-*.cgo1.go
-*.cgo2.c
-_cgo_defun.c
-_cgo_gotypes.go
-_cgo_export.*
-
-_testmain.go
-
-*.exe
-*.test
-*.prof
-/s2/cmd/_s2sx/sfx-exe
-
-# Linux perf files
-perf.data
-perf.data.old
-
-# gdb history
-.gdb_history
diff --git a/vendor/github.com/klauspost/compress/.goreleaser.yml b/vendor/github.com/klauspost/compress/.goreleaser.yml
deleted file mode 100644
index 4528059ca..000000000
--- a/vendor/github.com/klauspost/compress/.goreleaser.yml
+++ /dev/null
@@ -1,123 +0,0 @@
-version: 2
-
-before:
-  hooks:
-    - ./gen.sh
-
-builds:
-  -
-    id: "s2c"
-    binary: s2c
-    main: ./s2/cmd/s2c/main.go
-    flags:
-      - -trimpath
-    env:
-      - CGO_ENABLED=0
-    goos:
-      - aix
-      - linux
-      - freebsd
-      - netbsd
-      - windows
-      - darwin
-    goarch:
-      - 386
-      - amd64
-      - arm
-      - arm64
-      - ppc64
-      - ppc64le
-      - mips64
-      - mips64le
-    goarm:
-      - 7
-  -
-    id: "s2d"
-    binary: s2d
-    main: ./s2/cmd/s2d/main.go
-    flags:
-      - -trimpath
-    env:
-      - CGO_ENABLED=0
-    goos:
-      - aix
-      - linux
-      - freebsd
-      - netbsd
-      - windows
-      - darwin
-    goarch:
-      - 386
-      - amd64
-      - arm
-      - arm64
-      - ppc64
-      - ppc64le
-      - mips64
-      - mips64le
-    goarm:
-      - 7
-  -
-    id: "s2sx"
-    binary: s2sx
-    main: ./s2/cmd/_s2sx/main.go
-    flags:
-      - -modfile=s2sx.mod
-      - -trimpath
-    env:
-      - CGO_ENABLED=0
-    goos:
-      - aix
-      - linux
-      - freebsd
-      - netbsd
-      - windows
-      - darwin
-    goarch:
-      - 386
-      - amd64
-      - arm
-      - arm64
-      - ppc64
-      - ppc64le
-      - mips64
-      - mips64le
-    goarm:
-      - 7
-
-archives:
-  -
-    id: s2-binaries
-    name_template: "s2-{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
-    format_overrides:
-      - goos: windows
-        format: zip
-    files:
-      - unpack/*
-      - s2/LICENSE
-      - s2/README.md
-checksum:
-  name_template: 'checksums.txt'
-snapshot:
-  version_template: "{{ .Tag }}-next"
-changelog:
-  sort: asc
-  filters:
-    exclude:
-    - '^doc:'
-    - '^docs:'
-    - '^test:'
-    - '^tests:'
-    - '^Update\sREADME.md'
-
-nfpms:
-  -
-    file_name_template: "s2_package__{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
-    vendor: Klaus Post
-    homepage: https://github.com/klauspost/compress
-    maintainer: Klaus Post 
-    description: S2 Compression Tool
-    license: BSD 3-Clause
-    formats:
-      - deb
-      - rpm
diff --git a/vendor/github.com/klauspost/compress/LICENSE b/vendor/github.com/klauspost/compress/LICENSE
deleted file mode 100644
index 87d557477..000000000
--- a/vendor/github.com/klauspost/compress/LICENSE
+++ /dev/null
@@ -1,304 +0,0 @@
-Copyright (c) 2012 The Go Authors. All rights reserved.
-Copyright (c) 2019 Klaus Post. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-   * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-   * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-   * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-------------------
-
-Files: gzhttp/*
-
-                                 Apache License
-                           Version 2.0, January 2004
-                        http://www.apache.org/licenses/
-
-   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
-
-   1. Definitions.
-
-      "License" shall mean the terms and conditions for use, reproduction,
-      and distribution as defined by Sections 1 through 9 of this document.
-
-      "Licensor" shall mean the copyright owner or entity authorized by
-      the copyright owner that is granting the License.
-
-      "Legal Entity" shall mean the union of the acting entity and all
-      other entities that control, are controlled by, or are under common
-      control with that entity. For the purposes of this definition,
-      "control" means (i) the power, direct or indirect, to cause the
-      direction or management of such entity, whether by contract or
-      otherwise, or (ii) ownership of fifty percent (50%) or more of the
-      outstanding shares, or (iii) beneficial ownership of such entity.
-
-      "You" (or "Your") shall mean an individual or Legal Entity
-      exercising permissions granted by this License.
-
-      "Source" form shall mean the preferred form for making modifications,
-      including but not limited to software source code, documentation
-      source, and configuration files.
-
-      "Object" form shall mean any form resulting from mechanical
-      transformation or translation of a Source form, including but
-      not limited to compiled object code, generated documentation,
-      and conversions to other media types.
-
-      "Work" shall mean the work of authorship, whether in Source or
-      Object form, made available under the License, as indicated by a
-      copyright notice that is included in or attached to the work
-      (an example is provided in the Appendix below).
-
-      "Derivative Works" shall mean any work, whether in Source or Object
-      form, that is based on (or derived from) the Work and for which the
-      editorial revisions, annotations, elaborations, or other modifications
-      represent, as a whole, an original work of authorship. For the purposes
-      of this License, Derivative Works shall not include works that remain
-      separable from, or merely link (or bind by name) to the interfaces of,
-      the Work and Derivative Works thereof.
-
-      "Contribution" shall mean any work of authorship, including
-      the original version of the Work and any modifications or additions
-      to that Work or Derivative Works thereof, that is intentionally
-      submitted to Licensor for inclusion in the Work by the copyright owner
-      or by an individual or Legal Entity authorized to submit on behalf of
-      the copyright owner. For the purposes of this definition, "submitted"
-      means any form of electronic, verbal, or written communication sent
-      to the Licensor or its representatives, including but not limited to
-      communication on electronic mailing lists, source code control systems,
-      and issue tracking systems that are managed by, or on behalf of, the
-      Licensor for the purpose of discussing and improving the Work, but
-      excluding communication that is conspicuously marked or otherwise
-      designated in writing by the copyright owner as "Not a Contribution."
-
-      "Contributor" shall mean Licensor and any individual or Legal Entity
-      on behalf of whom a Contribution has been received by Licensor and
-      subsequently incorporated within the Work.
-
-   2. Grant of Copyright License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      copyright license to reproduce, prepare Derivative Works of,
-      publicly display, publicly perform, sublicense, and distribute the
-      Work and such Derivative Works in Source or Object form.
-
-   3. Grant of Patent License. Subject to the terms and conditions of
-      this License, each Contributor hereby grants to You a perpetual,
-      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
-      (except as stated in this section) patent license to make, have made,
-      use, offer to sell, sell, import, and otherwise transfer the Work,
-      where such license applies only to those patent claims licensable
-      by such Contributor that are necessarily infringed by their
-      Contribution(s) alone or by combination of their Contribution(s)
-      with the Work to which such Contribution(s) was submitted. If You
-      institute patent litigation against any entity (including a
-      cross-claim or counterclaim in a lawsuit) alleging that the Work
-      or a Contribution incorporated within the Work constitutes direct
-      or contributory patent infringement, then any patent licenses
-      granted to You under this License for that Work shall terminate
-      as of the date such litigation is filed.
-
-   4. Redistribution. You may reproduce and distribute copies of the
-      Work or Derivative Works thereof in any medium, with or without
-      modifications, and in Source or Object form, provided that You
-      meet the following conditions:
-
-      (a) You must give any other recipients of the Work or
-          Derivative Works a copy of this License; and
-
-      (b) You must cause any modified files to carry prominent notices
-          stating that You changed the files; and
-
-      (c) You must retain, in the Source form of any Derivative Works
-          that You distribute, all copyright, patent, trademark, and
-          attribution notices from the Source form of the Work,
-          excluding those notices that do not pertain to any part of
-          the Derivative Works; and
-
-      (d) If the Work includes a "NOTICE" text file as part of its
-          distribution, then any Derivative Works that You distribute must
-          include a readable copy of the attribution notices contained
-          within such NOTICE file, excluding those notices that do not
-          pertain to any part of the Derivative Works, in at least one
-          of the following places: within a NOTICE text file distributed
-          as part of the Derivative Works; within the Source form or
-          documentation, if provided along with the Derivative Works; or,
-          within a display generated by the Derivative Works, if and
-          wherever such third-party notices normally appear. The contents
-          of the NOTICE file are for informational purposes only and
-          do not modify the License. You may add Your own attribution
-          notices within Derivative Works that You distribute, alongside
-          or as an addendum to the NOTICE text from the Work, provided
-          that such additional attribution notices cannot be construed
-          as modifying the License.
-
-      You may add Your own copyright statement to Your modifications and
-      may provide additional or different license terms and conditions
-      for use, reproduction, or distribution of Your modifications, or
-      for any such Derivative Works as a whole, provided Your use,
-      reproduction, and distribution of the Work otherwise complies with
-      the conditions stated in this License.
-
-   5. Submission of Contributions. Unless You explicitly state otherwise,
-      any Contribution intentionally submitted for inclusion in the Work
-      by You to the Licensor shall be under the terms and conditions of
-      this License, without any additional terms or conditions.
-      Notwithstanding the above, nothing herein shall supersede or modify
-      the terms of any separate license agreement you may have executed
-      with Licensor regarding such Contributions.
-
-   6. Trademarks. This License does not grant permission to use the trade
-      names, trademarks, service marks, or product names of the Licensor,
-      except as required for reasonable and customary use in describing the
-      origin of the Work and reproducing the content of the NOTICE file.
-
-   7. Disclaimer of Warranty. Unless required by applicable law or
-      agreed to in writing, Licensor provides the Work (and each
-      Contributor provides its Contributions) on an "AS IS" BASIS,
-      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-      implied, including, without limitation, any warranties or conditions
-      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
-      PARTICULAR PURPOSE. You are solely responsible for determining the
-      appropriateness of using or redistributing the Work and assume any
-      risks associated with Your exercise of permissions under this License.
-
-   8. Limitation of Liability. In no event and under no legal theory,
-      whether in tort (including negligence), contract, or otherwise,
-      unless required by applicable law (such as deliberate and grossly
-      negligent acts) or agreed to in writing, shall any Contributor be
-      liable to You for damages, including any direct, indirect, special,
-      incidental, or consequential damages of any character arising as a
-      result of this License or out of the use or inability to use the
-      Work (including but not limited to damages for loss of goodwill,
-      work stoppage, computer failure or malfunction, or any and all
-      other commercial damages or losses), even if such Contributor
-      has been advised of the possibility of such damages.
-
-   9. Accepting Warranty or Additional Liability. While redistributing
-      the Work or Derivative Works thereof, You may choose to offer,
-      and charge a fee for, acceptance of support, warranty, indemnity,
-      or other liability obligations and/or rights consistent with this
-      License. However, in accepting such obligations, You may act only
-      on Your own behalf and on Your sole responsibility, not on behalf
-      of any other Contributor, and only if You agree to indemnify,
-      defend, and hold each Contributor harmless for any liability
-      incurred by, or claims asserted against, such Contributor by reason
-      of your accepting any such warranty or additional liability.
-
-   END OF TERMS AND CONDITIONS
-
-   APPENDIX: How to apply the Apache License to your work.
-
-      To apply the Apache License to your work, attach the following
-      boilerplate notice, with the fields enclosed by brackets "[]"
-      replaced with your own identifying information. (Don't include
-      the brackets!)  The text should be enclosed in the appropriate
-      comment syntax for the file format. We also recommend that a
-      file or class name and description of purpose be included on the
-      same "printed page" as the copyright notice for easier
-      identification within third-party archives.
-
-   Copyright 2016-2017 The New York Times Company
-
-   Licensed under the Apache License, Version 2.0 (the "License");
-   you may not use this file except in compliance with the License.
-   You may obtain a copy of the License at
-
-       http://www.apache.org/licenses/LICENSE-2.0
-
-   Unless required by applicable law or agreed to in writing, software
-   distributed under the License is distributed on an "AS IS" BASIS,
-   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-   See the License for the specific language governing permissions and
-   limitations under the License.
-
-------------------
-
-Files: s2/cmd/internal/readahead/*
-
-The MIT License (MIT)
-
-Copyright (c) 2015 Klaus Post
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
----------------------
-Files: snappy/*
-Files: internal/snapref/*
-
-Copyright (c) 2011 The Snappy-Go Authors. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-   * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-   * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-   * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
------------------
-
-Files: s2/cmd/internal/filepathx/*
-
-Copyright 2016 The filepathx Authors
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/vendor/github.com/klauspost/compress/README.md b/vendor/github.com/klauspost/compress/README.md
deleted file mode 100644
index de264c85a..000000000
--- a/vendor/github.com/klauspost/compress/README.md
+++ /dev/null
@@ -1,721 +0,0 @@
-# compress
-
-This package provides various compression algorithms.
-
-* [zstandard](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression and decompression in pure Go.
-* [S2](https://github.com/klauspost/compress/tree/master/s2#s2-compression) is a high performance replacement for Snappy.
-* Optimized [deflate](https://godoc.org/github.com/klauspost/compress/flate) packages which can be used as a dropin replacement for [gzip](https://godoc.org/github.com/klauspost/compress/gzip), [zip](https://godoc.org/github.com/klauspost/compress/zip) and [zlib](https://godoc.org/github.com/klauspost/compress/zlib).
-* [snappy](https://github.com/klauspost/compress/tree/master/snappy) is a drop-in replacement for `github.com/golang/snappy` offering better compression and concurrent streams.
-* [huff0](https://github.com/klauspost/compress/tree/master/huff0) and [FSE](https://github.com/klauspost/compress/tree/master/fse) implementations for raw entropy encoding.
-* [gzhttp](https://github.com/klauspost/compress/tree/master/gzhttp) Provides client and server wrappers for handling gzipped requests efficiently.
-* [pgzip](https://github.com/klauspost/pgzip) is a separate package that provides a very fast parallel gzip implementation.
-
-[![Go Reference](https://pkg.go.dev/badge/klauspost/compress.svg)](https://pkg.go.dev/github.com/klauspost/compress?tab=subdirectories)
-[![Go](https://github.com/klauspost/compress/actions/workflows/go.yml/badge.svg)](https://github.com/klauspost/compress/actions/workflows/go.yml)
-[![Sourcegraph Badge](https://sourcegraph.com/github.com/klauspost/compress/-/badge.svg)](https://sourcegraph.com/github.com/klauspost/compress?badge)
-
-# changelog
-
-* Sep 23rd, 2024 - [1.17.10](https://github.com/klauspost/compress/releases/tag/v1.17.10)
-	* gzhttp: Add TransportAlwaysDecompress option. https://github.com/klauspost/compress/pull/978
-	* gzhttp: Add supported decompress request body by @mirecl in https://github.com/klauspost/compress/pull/1002
-	* s2: Add EncodeBuffer buffer recycling callback https://github.com/klauspost/compress/pull/982
-	* zstd: Improve memory usage on small streaming encodes https://github.com/klauspost/compress/pull/1007
-	* flate: read data written with partial flush by @vajexal in https://github.com/klauspost/compress/pull/996
-
-* Jun 12th, 2024 - [1.17.9](https://github.com/klauspost/compress/releases/tag/v1.17.9)
-	* s2: Reduce ReadFrom temporary allocations https://github.com/klauspost/compress/pull/949
-	* flate, zstd: Shave some bytes off amd64 matchLen by @greatroar in https://github.com/klauspost/compress/pull/963
-	* Upgrade zip/zlib to 1.22.4 upstream https://github.com/klauspost/compress/pull/970 https://github.com/klauspost/compress/pull/971
-	* zstd: BuildDict fails with RLE table https://github.com/klauspost/compress/pull/951
-
-* Apr 9th, 2024 - [1.17.8](https://github.com/klauspost/compress/releases/tag/v1.17.8)
-	* zstd: Reject blocks where reserved values are not 0 https://github.com/klauspost/compress/pull/885
-	* zstd: Add RLE detection+encoding https://github.com/klauspost/compress/pull/938
-
-* Feb 21st, 2024 - [1.17.7](https://github.com/klauspost/compress/releases/tag/v1.17.7)
-	* s2: Add AsyncFlush method: Complete the block without flushing by @Jille in https://github.com/klauspost/compress/pull/927
-	* s2: Fix literal+repeat exceeds dst crash https://github.com/klauspost/compress/pull/930
-  
-* Feb 5th, 2024 - [1.17.6](https://github.com/klauspost/compress/releases/tag/v1.17.6)
-	* zstd: Fix incorrect repeat coding in best mode https://github.com/klauspost/compress/pull/923
-	* s2: Fix DecodeConcurrent deadlock on errors https://github.com/klauspost/compress/pull/925
-  
-* Jan 26th, 2024 - [v1.17.5](https://github.com/klauspost/compress/releases/tag/v1.17.5)
-	* flate: Fix reset with dictionary on custom window encodes https://github.com/klauspost/compress/pull/912
-	* zstd: Add Frame header encoding and stripping https://github.com/klauspost/compress/pull/908
-	* zstd: Limit better/best default window to 8MB https://github.com/klauspost/compress/pull/913
-	* zstd: Speed improvements by @greatroar in https://github.com/klauspost/compress/pull/896 https://github.com/klauspost/compress/pull/910
-	* s2: Fix callbacks for skippable blocks and disallow 0xfe (Padding) by @Jille in https://github.com/klauspost/compress/pull/916 https://github.com/klauspost/compress/pull/917
-https://github.com/klauspost/compress/pull/919 https://github.com/klauspost/compress/pull/918
-
-* Dec 1st, 2023 - [v1.17.4](https://github.com/klauspost/compress/releases/tag/v1.17.4)
-	* huff0: Speed up symbol counting by @greatroar in https://github.com/klauspost/compress/pull/887
-	* huff0: Remove byteReader by @greatroar in https://github.com/klauspost/compress/pull/886
-	* gzhttp: Allow overriding decompression on transport https://github.com/klauspost/compress/pull/892
-	* gzhttp: Clamp compression level https://github.com/klauspost/compress/pull/890
-	* gzip: Error out if reserved bits are set https://github.com/klauspost/compress/pull/891
-
-* Nov 15th, 2023 - [v1.17.3](https://github.com/klauspost/compress/releases/tag/v1.17.3)
-	* fse: Fix max header size https://github.com/klauspost/compress/pull/881
-	* zstd: Improve better/best compression https://github.com/klauspost/compress/pull/877
-	* gzhttp: Fix missing content type on Close https://github.com/klauspost/compress/pull/883
-
-* Oct 22nd, 2023 - [v1.17.2](https://github.com/klauspost/compress/releases/tag/v1.17.2)
-	* zstd: Fix rare *CORRUPTION* output in "best" mode. See https://github.com/klauspost/compress/pull/876
-
-* Oct 14th, 2023 - [v1.17.1](https://github.com/klauspost/compress/releases/tag/v1.17.1)
-	* s2: Fix S2 "best" dictionary wrong encoding by @klauspost in https://github.com/klauspost/compress/pull/871
-	* flate: Reduce allocations in decompressor and minor code improvements by @fakefloordiv in https://github.com/klauspost/compress/pull/869
-	* s2: Fix EstimateBlockSize on 6&7 length input by @klauspost in https://github.com/klauspost/compress/pull/867
-
-* Sept 19th, 2023 - [v1.17.0](https://github.com/klauspost/compress/releases/tag/v1.17.0)
-	* Add experimental dictionary builder  https://github.com/klauspost/compress/pull/853
-	* Add xerial snappy read/writer https://github.com/klauspost/compress/pull/838
-	* flate: Add limited window compression https://github.com/klauspost/compress/pull/843
-	* s2: Do 2 overlapping match checks https://github.com/klauspost/compress/pull/839
-	* flate: Add amd64 assembly matchlen https://github.com/klauspost/compress/pull/837
-	* gzip: Copy bufio.Reader on Reset by @thatguystone in https://github.com/klauspost/compress/pull/860
-
-
    
-	See changes to v1.16.x
-
-   
-* July 1st, 2023 - [v1.16.7](https://github.com/klauspost/compress/releases/tag/v1.16.7)
-	* zstd: Fix default level first dictionary encode https://github.com/klauspost/compress/pull/829
-	* s2: add GetBufferCapacity() method by @GiedriusS in https://github.com/klauspost/compress/pull/832
-
-* June 13, 2023 - [v1.16.6](https://github.com/klauspost/compress/releases/tag/v1.16.6)
-	* zstd: correctly ignore WithEncoderPadding(1) by @ianlancetaylor in https://github.com/klauspost/compress/pull/806
-	* zstd: Add amd64 match length assembly https://github.com/klauspost/compress/pull/824
-	* gzhttp: Handle informational headers by @rtribotte in https://github.com/klauspost/compress/pull/815
-	* s2: Improve Better compression slightly https://github.com/klauspost/compress/pull/663
-
-* Apr 16, 2023 - [v1.16.5](https://github.com/klauspost/compress/releases/tag/v1.16.5)
-	* zstd: readByte needs to use io.ReadFull by @jnoxon in https://github.com/klauspost/compress/pull/802
-	* gzip: Fix WriterTo after initial read https://github.com/klauspost/compress/pull/804
-
-* Apr 5, 2023 - [v1.16.4](https://github.com/klauspost/compress/releases/tag/v1.16.4)
-	* zstd: Improve zstd best efficiency by @greatroar and @klauspost in https://github.com/klauspost/compress/pull/784
-	* zstd: Respect WithAllLitEntropyCompression https://github.com/klauspost/compress/pull/792
-	* zstd: Fix amd64 not always detecting corrupt data https://github.com/klauspost/compress/pull/785
-	* zstd: Various minor improvements by @greatroar in https://github.com/klauspost/compress/pull/788 https://github.com/klauspost/compress/pull/794 https://github.com/klauspost/compress/pull/795
-	* s2: Fix huge block overflow https://github.com/klauspost/compress/pull/779
-	* s2: Allow CustomEncoder fallback https://github.com/klauspost/compress/pull/780
-	* gzhttp: Support ResponseWriter Unwrap() in gzhttp handler by @jgimenez in https://github.com/klauspost/compress/pull/799
-
-* Mar 13, 2023 - [v1.16.1](https://github.com/klauspost/compress/releases/tag/v1.16.1)
-	* zstd: Speed up + improve best encoder by @greatroar in https://github.com/klauspost/compress/pull/776
-	* gzhttp: Add optional [BREACH mitigation](https://github.com/klauspost/compress/tree/master/gzhttp#breach-mitigation). https://github.com/klauspost/compress/pull/762 https://github.com/klauspost/compress/pull/768 https://github.com/klauspost/compress/pull/769 https://github.com/klauspost/compress/pull/770 https://github.com/klauspost/compress/pull/767
-	* s2: Add Intel LZ4s converter https://github.com/klauspost/compress/pull/766
-	* zstd: Minor bug fixes https://github.com/klauspost/compress/pull/771 https://github.com/klauspost/compress/pull/772 https://github.com/klauspost/compress/pull/773
-	* huff0: Speed up compress1xDo by @greatroar in https://github.com/klauspost/compress/pull/774
-
-* Feb 26, 2023 - [v1.16.0](https://github.com/klauspost/compress/releases/tag/v1.16.0)
-	* s2: Add [Dictionary](https://github.com/klauspost/compress/tree/master/s2#dictionaries) support.  https://github.com/klauspost/compress/pull/685
-	* s2: Add Compression Size Estimate.  https://github.com/klauspost/compress/pull/752
-	* s2: Add support for custom stream encoder. https://github.com/klauspost/compress/pull/755
-	* s2: Add LZ4 block converter. https://github.com/klauspost/compress/pull/748
-	* s2: Support io.ReaderAt in ReadSeeker. https://github.com/klauspost/compress/pull/747
-	* s2c/s2sx: Use concurrent decoding. https://github.com/klauspost/compress/pull/746
-
    
-
-
    
-	See changes to v1.15.x
-	
-* Jan 21st, 2023 (v1.15.15)
-	* deflate: Improve level 7-9 by @klauspost in https://github.com/klauspost/compress/pull/739
-	* zstd: Add delta encoding support by @greatroar in https://github.com/klauspost/compress/pull/728
-	* zstd: Various speed improvements by @greatroar https://github.com/klauspost/compress/pull/741 https://github.com/klauspost/compress/pull/734 https://github.com/klauspost/compress/pull/736 https://github.com/klauspost/compress/pull/744 https://github.com/klauspost/compress/pull/743 https://github.com/klauspost/compress/pull/745
-	* gzhttp: Add SuffixETag() and DropETag() options to prevent ETag collisions on compressed responses by @willbicks in https://github.com/klauspost/compress/pull/740
-
-* Jan 3rd, 2023 (v1.15.14)
-
-	* flate: Improve speed in big stateless blocks https://github.com/klauspost/compress/pull/718
-	* zstd: Minor speed tweaks by @greatroar in https://github.com/klauspost/compress/pull/716 https://github.com/klauspost/compress/pull/720
-	* export NoGzipResponseWriter for custom ResponseWriter wrappers by @harshavardhana in https://github.com/klauspost/compress/pull/722
-	* s2: Add example for indexing and existing stream https://github.com/klauspost/compress/pull/723
-
-* Dec 11, 2022 (v1.15.13)
-	* zstd: Add [MaxEncodedSize](https://pkg.go.dev/github.com/klauspost/compress@v1.15.13/zstd#Encoder.MaxEncodedSize) to encoder  https://github.com/klauspost/compress/pull/691
-	* zstd: Various tweaks and improvements https://github.com/klauspost/compress/pull/693 https://github.com/klauspost/compress/pull/695 https://github.com/klauspost/compress/pull/696 https://github.com/klauspost/compress/pull/701 https://github.com/klauspost/compress/pull/702 https://github.com/klauspost/compress/pull/703 https://github.com/klauspost/compress/pull/704 https://github.com/klauspost/compress/pull/705 https://github.com/klauspost/compress/pull/706 https://github.com/klauspost/compress/pull/707 https://github.com/klauspost/compress/pull/708
-
-* Oct 26, 2022 (v1.15.12)
-
-	* zstd: Tweak decoder allocs. https://github.com/klauspost/compress/pull/680
-	* gzhttp: Always delete `HeaderNoCompression` https://github.com/klauspost/compress/pull/683
-
-* Sept 26, 2022 (v1.15.11)
-
-	* flate: Improve level 1-3 compression  https://github.com/klauspost/compress/pull/678
-	* zstd: Improve "best" compression by @nightwolfz in https://github.com/klauspost/compress/pull/677
-	* zstd: Fix+reduce decompression allocations https://github.com/klauspost/compress/pull/668
-	* zstd: Fix non-effective noescape tag https://github.com/klauspost/compress/pull/667
-
-* Sept 16, 2022 (v1.15.10)
-
-	* zstd: Add [WithDecodeAllCapLimit](https://pkg.go.dev/github.com/klauspost/compress@v1.15.10/zstd#WithDecodeAllCapLimit) https://github.com/klauspost/compress/pull/649
-	* Add Go 1.19 - deprecate Go 1.16  https://github.com/klauspost/compress/pull/651
-	* flate: Improve level 5+6 compression https://github.com/klauspost/compress/pull/656
-	* zstd: Improve "better" compression  https://github.com/klauspost/compress/pull/657
-	* s2: Improve "best" compression https://github.com/klauspost/compress/pull/658
-	* s2: Improve "better" compression. https://github.com/klauspost/compress/pull/635
-	* s2: Slightly faster non-assembly decompression https://github.com/klauspost/compress/pull/646
-	* Use arrays for constant size copies https://github.com/klauspost/compress/pull/659
-
-* July 21, 2022 (v1.15.9)
-
-	* zstd: Fix decoder crash on amd64 (no BMI) on invalid input https://github.com/klauspost/compress/pull/645
-	* zstd: Disable decoder extended memory copies (amd64) due to possible crashes https://github.com/klauspost/compress/pull/644
-	* zstd: Allow single segments up to "max decoded size" by @klauspost in https://github.com/klauspost/compress/pull/643
-
-* July 13, 2022 (v1.15.8)
-
-	* gzip: fix stack exhaustion bug in Reader.Read https://github.com/klauspost/compress/pull/641
-	* s2: Add Index header trim/restore https://github.com/klauspost/compress/pull/638
-	* zstd: Optimize seqdeq amd64 asm by @greatroar in https://github.com/klauspost/compress/pull/636
-	* zstd: Improve decoder memcopy https://github.com/klauspost/compress/pull/637
-	* huff0: Pass a single bitReader pointer to asm by @greatroar in https://github.com/klauspost/compress/pull/634
-	* zstd: Branchless getBits for amd64 w/o BMI2 by @greatroar in https://github.com/klauspost/compress/pull/640
-	* gzhttp: Remove header before writing https://github.com/klauspost/compress/pull/639
-
-* June 29, 2022 (v1.15.7)
-
-	* s2: Fix absolute forward seeks  https://github.com/klauspost/compress/pull/633
-	* zip: Merge upstream  https://github.com/klauspost/compress/pull/631
-	* zip: Re-add zip64 fix https://github.com/klauspost/compress/pull/624
-	* zstd: translate fseDecoder.buildDtable into asm by @WojciechMula in https://github.com/klauspost/compress/pull/598
-	* flate: Faster histograms  https://github.com/klauspost/compress/pull/620
-	* deflate: Use compound hcode  https://github.com/klauspost/compress/pull/622
-
-* June 3, 2022 (v1.15.6)
-	* s2: Improve coding for long, close matches https://github.com/klauspost/compress/pull/613
-	* s2c: Add Snappy/S2 stream recompression https://github.com/klauspost/compress/pull/611
-	* zstd: Always use configured block size https://github.com/klauspost/compress/pull/605
-	* zstd: Fix incorrect hash table placement for dict encoding in default https://github.com/klauspost/compress/pull/606
-	* zstd: Apply default config to ZipDecompressor without options https://github.com/klauspost/compress/pull/608
-	* gzhttp: Exclude more common archive formats https://github.com/klauspost/compress/pull/612
-	* s2: Add ReaderIgnoreCRC https://github.com/klauspost/compress/pull/609
-	* s2: Remove sanity load on index creation https://github.com/klauspost/compress/pull/607
-	* snappy: Use dedicated function for scoring https://github.com/klauspost/compress/pull/614
-	* s2c+s2d: Use official snappy framed extension https://github.com/klauspost/compress/pull/610
-
-* May 25, 2022 (v1.15.5)
-	* s2: Add concurrent stream decompression https://github.com/klauspost/compress/pull/602
-	* s2: Fix final emit oob read crash on amd64 https://github.com/klauspost/compress/pull/601
-	* huff0: asm implementation of Decompress1X by @WojciechMula https://github.com/klauspost/compress/pull/596
-	* zstd: Use 1 less goroutine for stream decoding https://github.com/klauspost/compress/pull/588
-	* zstd: Copy literal in 16 byte blocks when possible https://github.com/klauspost/compress/pull/592
-	* zstd: Speed up when WithDecoderLowmem(false) https://github.com/klauspost/compress/pull/599
-	* zstd: faster next state update in BMI2 version of decode by @WojciechMula in https://github.com/klauspost/compress/pull/593
-	* huff0: Do not check max size when reading table. https://github.com/klauspost/compress/pull/586
-	* flate: Inplace hashing for level 7-9 by @klauspost in https://github.com/klauspost/compress/pull/590
-
-
-* May 11, 2022 (v1.15.4)
-	* huff0: decompress directly into output by @WojciechMula in [#577](https://github.com/klauspost/compress/pull/577)
-	* inflate: Keep dict on stack [#581](https://github.com/klauspost/compress/pull/581)
-	* zstd: Faster decoding memcopy in asm [#583](https://github.com/klauspost/compress/pull/583)
-	* zstd: Fix ignored crc [#580](https://github.com/klauspost/compress/pull/580)
-
-* May 5, 2022 (v1.15.3)
-	* zstd: Allow to ignore checksum checking by @WojciechMula [#572](https://github.com/klauspost/compress/pull/572)
-	* s2: Fix incorrect seek for io.SeekEnd in [#575](https://github.com/klauspost/compress/pull/575)
-
-* Apr 26, 2022 (v1.15.2)
-	* zstd: Add x86-64 assembly for decompression on streams and blocks. Contributed by [@WojciechMula](https://github.com/WojciechMula). Typically 2x faster.  [#528](https://github.com/klauspost/compress/pull/528) [#531](https://github.com/klauspost/compress/pull/531) [#545](https://github.com/klauspost/compress/pull/545) [#537](https://github.com/klauspost/compress/pull/537)
-	* zstd: Add options to ZipDecompressor and fixes [#539](https://github.com/klauspost/compress/pull/539)
-	* s2: Use sorted search for index [#555](https://github.com/klauspost/compress/pull/555)
-	* Minimum version is Go 1.16, added CI test on 1.18.
-
-* Mar 11, 2022 (v1.15.1)
-	* huff0: Add x86 assembly of Decode4X by @WojciechMula in [#512](https://github.com/klauspost/compress/pull/512)
-	* zstd: Reuse zip decoders in [#514](https://github.com/klauspost/compress/pull/514)
-	* zstd: Detect extra block data and report as corrupted in [#520](https://github.com/klauspost/compress/pull/520)
-	* zstd: Handle zero sized frame content size stricter in [#521](https://github.com/klauspost/compress/pull/521)
-	* zstd: Add stricter block size checks in [#523](https://github.com/klauspost/compress/pull/523)
-
-* Mar 3, 2022 (v1.15.0)
-	* zstd: Refactor decoder by @klauspost in [#498](https://github.com/klauspost/compress/pull/498)
-	* zstd: Add stream encoding without goroutines by @klauspost in [#505](https://github.com/klauspost/compress/pull/505)
-	* huff0: Prevent single blocks exceeding 16 bits by @klauspost in[#507](https://github.com/klauspost/compress/pull/507)
-	* flate: Inline literal emission by @klauspost in [#509](https://github.com/klauspost/compress/pull/509)
-	* gzhttp: Add zstd to transport by @klauspost in [#400](https://github.com/klauspost/compress/pull/400)
-	* gzhttp: Make content-type optional by @klauspost in [#510](https://github.com/klauspost/compress/pull/510)
-
-Both compression and decompression now supports "synchronous" stream operations. This means that whenever "concurrency" is set to 1, they will operate without spawning goroutines.
-
-Stream decompression is now faster on asynchronous, since the goroutine allocation much more effectively splits the workload. On typical streams this will typically use 2 cores fully for decompression. When a stream has finished decoding no goroutines will be left over, so decoders can now safely be pooled and still be garbage collected.
-
-While the release has been extensively tested, it is recommended to testing when upgrading.
-
-
    
-
-
    
-	See changes to v1.14.x
-	
-* Feb 22, 2022 (v1.14.4)
-	* flate: Fix rare huffman only (-2) corruption. [#503](https://github.com/klauspost/compress/pull/503)
-	* zip: Update deprecated CreateHeaderRaw to correctly call CreateRaw by @saracen in [#502](https://github.com/klauspost/compress/pull/502)
-	* zip: don't read data descriptor early by @saracen in [#501](https://github.com/klauspost/compress/pull/501)  #501
-	* huff0: Use static decompression buffer up to 30% faster by @klauspost in [#499](https://github.com/klauspost/compress/pull/499) [#500](https://github.com/klauspost/compress/pull/500)
-
-* Feb 17, 2022 (v1.14.3)
-	* flate: Improve fastest levels compression speed ~10% more throughput. [#482](https://github.com/klauspost/compress/pull/482) [#489](https://github.com/klauspost/compress/pull/489) [#490](https://github.com/klauspost/compress/pull/490) [#491](https://github.com/klauspost/compress/pull/491) [#494](https://github.com/klauspost/compress/pull/494)  [#478](https://github.com/klauspost/compress/pull/478)
-	* flate: Faster decompression speed, ~5-10%. [#483](https://github.com/klauspost/compress/pull/483)
-	* s2: Faster compression with Go v1.18 and amd64 microarch level 3+. [#484](https://github.com/klauspost/compress/pull/484) [#486](https://github.com/klauspost/compress/pull/486)
-
-* Jan 25, 2022 (v1.14.2)
-	* zstd: improve header decoder by @dsnet  [#476](https://github.com/klauspost/compress/pull/476)
-	* zstd: Add bigger default blocks  [#469](https://github.com/klauspost/compress/pull/469)
-	* zstd: Remove unused decompression buffer [#470](https://github.com/klauspost/compress/pull/470)
-	* zstd: Fix logically dead code by @ningmingxiao [#472](https://github.com/klauspost/compress/pull/472)
-	* flate: Improve level 7-9 [#471](https://github.com/klauspost/compress/pull/471) [#473](https://github.com/klauspost/compress/pull/473)
-	* zstd: Add noasm tag for xxhash [#475](https://github.com/klauspost/compress/pull/475)
-
-* Jan 11, 2022 (v1.14.1)
-	* s2: Add stream index in [#462](https://github.com/klauspost/compress/pull/462)
-	* flate: Speed and efficiency improvements in [#439](https://github.com/klauspost/compress/pull/439) [#461](https://github.com/klauspost/compress/pull/461) [#455](https://github.com/klauspost/compress/pull/455) [#452](https://github.com/klauspost/compress/pull/452) [#458](https://github.com/klauspost/compress/pull/458)
-	* zstd: Performance improvement in [#420]( https://github.com/klauspost/compress/pull/420) [#456](https://github.com/klauspost/compress/pull/456) [#437](https://github.com/klauspost/compress/pull/437) [#467](https://github.com/klauspost/compress/pull/467) [#468](https://github.com/klauspost/compress/pull/468)
-	* zstd: add arm64 xxhash assembly in [#464](https://github.com/klauspost/compress/pull/464)
-	* Add garbled for binaries for s2 in [#445](https://github.com/klauspost/compress/pull/445)
-
    
-
-
    
-	See changes to v1.13.x
-	
-* Aug 30, 2021 (v1.13.5)
-	* gz/zlib/flate: Alias stdlib errors [#425](https://github.com/klauspost/compress/pull/425)
-	* s2: Add block support to commandline tools [#413](https://github.com/klauspost/compress/pull/413)
-	* zstd: pooledZipWriter should return Writers to the same pool [#426](https://github.com/klauspost/compress/pull/426)
-	* Removed golang/snappy as external dependency for tests [#421](https://github.com/klauspost/compress/pull/421)
-
-* Aug 12, 2021 (v1.13.4)
-	* Add [snappy replacement package](https://github.com/klauspost/compress/tree/master/snappy).
-	* zstd: Fix incorrect encoding in "best" mode [#415](https://github.com/klauspost/compress/pull/415)
-
-* Aug 3, 2021 (v1.13.3) 
-	* zstd: Improve Best compression [#404](https://github.com/klauspost/compress/pull/404)
-	* zstd: Fix WriteTo error forwarding [#411](https://github.com/klauspost/compress/pull/411)
-	* gzhttp: Return http.HandlerFunc instead of http.Handler. Unlikely breaking change. [#406](https://github.com/klauspost/compress/pull/406)
-	* s2sx: Fix max size error [#399](https://github.com/klauspost/compress/pull/399)
-	* zstd: Add optional stream content size on reset [#401](https://github.com/klauspost/compress/pull/401)
-	* zstd: use SpeedBestCompression for level >= 10 [#410](https://github.com/klauspost/compress/pull/410)
-
-* Jun 14, 2021 (v1.13.1)
-	* s2: Add full Snappy output support  [#396](https://github.com/klauspost/compress/pull/396)
-	* zstd: Add configurable [Decoder window](https://pkg.go.dev/github.com/klauspost/compress/zstd#WithDecoderMaxWindow) size [#394](https://github.com/klauspost/compress/pull/394)
-	* gzhttp: Add header to skip compression  [#389](https://github.com/klauspost/compress/pull/389)
-	* s2: Improve speed with bigger output margin  [#395](https://github.com/klauspost/compress/pull/395)
-
-* Jun 3, 2021 (v1.13.0)
-	* Added [gzhttp](https://github.com/klauspost/compress/tree/master/gzhttp#gzip-handler) which allows wrapping HTTP servers and clients with GZIP compressors.
-	* zstd: Detect short invalid signatures [#382](https://github.com/klauspost/compress/pull/382)
-	* zstd: Spawn decoder goroutine only if needed. [#380](https://github.com/klauspost/compress/pull/380)
-
    
-
-
-
    
-	See changes to v1.12.x
-	
-* May 25, 2021 (v1.12.3)
-	* deflate: Better/faster Huffman encoding [#374](https://github.com/klauspost/compress/pull/374)
-	* deflate: Allocate less for history. [#375](https://github.com/klauspost/compress/pull/375)
-	* zstd: Forward read errors [#373](https://github.com/klauspost/compress/pull/373) 
-
-* Apr 27, 2021 (v1.12.2)
-	* zstd: Improve better/best compression [#360](https://github.com/klauspost/compress/pull/360) [#364](https://github.com/klauspost/compress/pull/364) [#365](https://github.com/klauspost/compress/pull/365)
-	* zstd: Add helpers to compress/decompress zstd inside zip files [#363](https://github.com/klauspost/compress/pull/363)
-	* deflate: Improve level 5+6 compression [#367](https://github.com/klauspost/compress/pull/367)
-	* s2: Improve better/best compression [#358](https://github.com/klauspost/compress/pull/358) [#359](https://github.com/klauspost/compress/pull/358)
-	* s2: Load after checking src limit on amd64. [#362](https://github.com/klauspost/compress/pull/362)
-	* s2sx: Limit max executable size [#368](https://github.com/klauspost/compress/pull/368) 
-
-* Apr 14, 2021 (v1.12.1)
-	* snappy package removed. Upstream added as dependency.
-	* s2: Better compression in "best" mode [#353](https://github.com/klauspost/compress/pull/353)
-	* s2sx: Add stdin input and detect pre-compressed from signature [#352](https://github.com/klauspost/compress/pull/352)
-	* s2c/s2d: Add http as possible input [#348](https://github.com/klauspost/compress/pull/348)
-	* s2c/s2d/s2sx: Always truncate when writing files [#352](https://github.com/klauspost/compress/pull/352)
-	* zstd: Reduce memory usage further when using [WithLowerEncoderMem](https://pkg.go.dev/github.com/klauspost/compress/zstd#WithLowerEncoderMem) [#346](https://github.com/klauspost/compress/pull/346)
-	* s2: Fix potential problem with amd64 assembly and profilers [#349](https://github.com/klauspost/compress/pull/349)
-
    
-
-
    
-	See changes to v1.11.x
-	
-* Mar 26, 2021 (v1.11.13)
-	* zstd: Big speedup on small dictionary encodes [#344](https://github.com/klauspost/compress/pull/344) [#345](https://github.com/klauspost/compress/pull/345)
-	* zstd: Add [WithLowerEncoderMem](https://pkg.go.dev/github.com/klauspost/compress/zstd#WithLowerEncoderMem) encoder option [#336](https://github.com/klauspost/compress/pull/336)
-	* deflate: Improve entropy compression [#338](https://github.com/klauspost/compress/pull/338)
-	* s2: Clean up and minor performance improvement in best [#341](https://github.com/klauspost/compress/pull/341)
-
-* Mar 5, 2021 (v1.11.12)
-	* s2: Add `s2sx` binary that creates [self extracting archives](https://github.com/klauspost/compress/tree/master/s2#s2sx-self-extracting-archives).
-	* s2: Speed up decompression on non-assembly platforms [#328](https://github.com/klauspost/compress/pull/328)
-
-* Mar 1, 2021 (v1.11.9)
-	* s2: Add ARM64 decompression assembly. Around 2x output speed. [#324](https://github.com/klauspost/compress/pull/324)
-	* s2: Improve "better" speed and efficiency. [#325](https://github.com/klauspost/compress/pull/325)
-	* s2: Fix binaries.
-
-* Feb 25, 2021 (v1.11.8)
-	* s2: Fixed occasional out-of-bounds write on amd64. Upgrade recommended.
-	* s2: Add AMD64 assembly for better mode. 25-50% faster. [#315](https://github.com/klauspost/compress/pull/315)
-	* s2: Less upfront decoder allocation. [#322](https://github.com/klauspost/compress/pull/322)
-	* zstd: Faster "compression" of incompressible data. [#314](https://github.com/klauspost/compress/pull/314)
-	* zip: Fix zip64 headers. [#313](https://github.com/klauspost/compress/pull/313)
-  
-* Jan 14, 2021 (v1.11.7)
-	* Use Bytes() interface to get bytes across packages. [#309](https://github.com/klauspost/compress/pull/309)
-	* s2: Add 'best' compression option.  [#310](https://github.com/klauspost/compress/pull/310)
-	* s2: Add ReaderMaxBlockSize, changes `s2.NewReader` signature to include varargs. [#311](https://github.com/klauspost/compress/pull/311)
-	* s2: Fix crash on small better buffers. [#308](https://github.com/klauspost/compress/pull/308)
-	* s2: Clean up decoder. [#312](https://github.com/klauspost/compress/pull/312)
-
-* Jan 7, 2021 (v1.11.6)
-	* zstd: Make decoder allocations smaller [#306](https://github.com/klauspost/compress/pull/306)
-	* zstd: Free Decoder resources when Reset is called with a nil io.Reader  [#305](https://github.com/klauspost/compress/pull/305)
-
-* Dec 20, 2020 (v1.11.4)
-	* zstd: Add Best compression mode [#304](https://github.com/klauspost/compress/pull/304)
-	* Add header decoder [#299](https://github.com/klauspost/compress/pull/299)
-	* s2: Add uncompressed stream option [#297](https://github.com/klauspost/compress/pull/297)
-	* Simplify/speed up small blocks with known max size. [#300](https://github.com/klauspost/compress/pull/300)
-	* zstd: Always reset literal dict encoder [#303](https://github.com/klauspost/compress/pull/303)
-
-* Nov 15, 2020 (v1.11.3)
-	* inflate: 10-15% faster decompression  [#293](https://github.com/klauspost/compress/pull/293)
-	* zstd: Tweak DecodeAll default allocation [#295](https://github.com/klauspost/compress/pull/295)
-
-* Oct 11, 2020 (v1.11.2)
-	* s2: Fix out of bounds read in "better" block compression [#291](https://github.com/klauspost/compress/pull/291)
-
-* Oct 1, 2020 (v1.11.1)
-	* zstd: Set allLitEntropy true in default configuration [#286](https://github.com/klauspost/compress/pull/286)
-
-* Sept 8, 2020 (v1.11.0)
-	* zstd: Add experimental compression [dictionaries](https://github.com/klauspost/compress/tree/master/zstd#dictionaries) [#281](https://github.com/klauspost/compress/pull/281)
-	* zstd: Fix mixed Write and ReadFrom calls [#282](https://github.com/klauspost/compress/pull/282)
-	* inflate/gz: Limit variable shifts, ~5% faster decompression [#274](https://github.com/klauspost/compress/pull/274)
-
    
-
-
    
-	See changes to v1.10.x
- 
-* July 8, 2020 (v1.10.11) 
-	* zstd: Fix extra block when compressing with ReadFrom. [#278](https://github.com/klauspost/compress/pull/278)
-	* huff0: Also populate compression table when reading decoding table. [#275](https://github.com/klauspost/compress/pull/275)
-	
-* June 23, 2020 (v1.10.10) 
-	* zstd: Skip entropy compression in fastest mode when no matches. [#270](https://github.com/klauspost/compress/pull/270)
-	
-* June 16, 2020 (v1.10.9): 
-	* zstd: API change for specifying dictionaries. See [#268](https://github.com/klauspost/compress/pull/268)
-	* zip: update CreateHeaderRaw to handle zip64 fields. [#266](https://github.com/klauspost/compress/pull/266)
-	* Fuzzit tests removed. The service has been purchased and is no longer available.
-	
-* June 5, 2020 (v1.10.8): 
-	* 1.15x faster zstd block decompression. [#265](https://github.com/klauspost/compress/pull/265)
-	
-* June 1, 2020 (v1.10.7): 
-	* Added zstd decompression [dictionary support](https://github.com/klauspost/compress/tree/master/zstd#dictionaries)
-	* Increase zstd decompression speed up to 1.19x.  [#259](https://github.com/klauspost/compress/pull/259)
-	* Remove internal reset call in zstd compression and reduce allocations. [#263](https://github.com/klauspost/compress/pull/263)
-	
-* May 21, 2020: (v1.10.6) 
-	* zstd: Reduce allocations while decoding. [#258](https://github.com/klauspost/compress/pull/258), [#252](https://github.com/klauspost/compress/pull/252)
-	* zstd: Stricter decompression checks.
-	
-* April 12, 2020: (v1.10.5)
-	* s2-commands: Flush output when receiving SIGINT. [#239](https://github.com/klauspost/compress/pull/239)
-	
-* Apr 8, 2020: (v1.10.4) 
-	* zstd: Minor/special case optimizations. [#251](https://github.com/klauspost/compress/pull/251),  [#250](https://github.com/klauspost/compress/pull/250),  [#249](https://github.com/klauspost/compress/pull/249),  [#247](https://github.com/klauspost/compress/pull/247)
-* Mar 11, 2020: (v1.10.3) 
-	* s2: Use S2 encoder in pure Go mode for Snappy output as well. [#245](https://github.com/klauspost/compress/pull/245)
-	* s2: Fix pure Go block encoder. [#244](https://github.com/klauspost/compress/pull/244)
-	* zstd: Added "better compression" mode. [#240](https://github.com/klauspost/compress/pull/240)
-	* zstd: Improve speed of fastest compression mode by 5-10% [#241](https://github.com/klauspost/compress/pull/241)
-	* zstd: Skip creating encoders when not needed. [#238](https://github.com/klauspost/compress/pull/238)
-	
-* Feb 27, 2020: (v1.10.2) 
-	* Close to 50% speedup in inflate (gzip/zip decompression). [#236](https://github.com/klauspost/compress/pull/236) [#234](https://github.com/klauspost/compress/pull/234) [#232](https://github.com/klauspost/compress/pull/232)
-	* Reduce deflate level 1-6 memory usage up to 59%. [#227](https://github.com/klauspost/compress/pull/227)
-	
-* Feb 18, 2020: (v1.10.1)
-	* Fix zstd crash when resetting multiple times without sending data. [#226](https://github.com/klauspost/compress/pull/226)
-	* deflate: Fix dictionary use on level 1-6. [#224](https://github.com/klauspost/compress/pull/224)
-	* Remove deflate writer reference when closing. [#224](https://github.com/klauspost/compress/pull/224)
-	
-* Feb 4, 2020: (v1.10.0) 
-	* Add optional dictionary to [stateless deflate](https://pkg.go.dev/github.com/klauspost/compress/flate?tab=doc#StatelessDeflate). Breaking change, send `nil` for previous behaviour. [#216](https://github.com/klauspost/compress/pull/216)
-	* Fix buffer overflow on repeated small block deflate.  [#218](https://github.com/klauspost/compress/pull/218)
-	* Allow copying content from an existing ZIP file without decompressing+compressing. [#214](https://github.com/klauspost/compress/pull/214)
-	* Added [S2](https://github.com/klauspost/compress/tree/master/s2#s2-compression) AMD64 assembler and various optimizations. Stream speed >10GB/s.  [#186](https://github.com/klauspost/compress/pull/186)
-
-
    
-
-
    
-	See changes prior to v1.10.0
-
-* Jan 20,2020 (v1.9.8) Optimize gzip/deflate with better size estimates and faster table generation. [#207](https://github.com/klauspost/compress/pull/207) by [luyu6056](https://github.com/luyu6056),  [#206](https://github.com/klauspost/compress/pull/206).
-* Jan 11, 2020: S2 Encode/Decode will use provided buffer if capacity is big enough. [#204](https://github.com/klauspost/compress/pull/204) 
-* Jan 5, 2020: (v1.9.7) Fix another zstd regression in v1.9.5 - v1.9.6 removed.
-* Jan 4, 2020: (v1.9.6) Regression in v1.9.5 fixed causing corrupt zstd encodes in rare cases.
-* Jan 4, 2020: Faster IO in [s2c + s2d commandline tools](https://github.com/klauspost/compress/tree/master/s2#commandline-tools) compression/decompression. [#192](https://github.com/klauspost/compress/pull/192)
-* Dec 29, 2019: Removed v1.9.5 since fuzz tests showed a compatibility problem with the reference zstandard decoder.
-* Dec 29, 2019: (v1.9.5) zstd: 10-20% faster block compression. [#199](https://github.com/klauspost/compress/pull/199)
-* Dec 29, 2019: [zip](https://godoc.org/github.com/klauspost/compress/zip) package updated with latest Go features
-* Dec 29, 2019: zstd: Single segment flag condintions tweaked. [#197](https://github.com/klauspost/compress/pull/197)
-* Dec 18, 2019: s2: Faster compression when ReadFrom is used. [#198](https://github.com/klauspost/compress/pull/198)
-* Dec 10, 2019: s2: Fix repeat length output when just above at 16MB limit.
-* Dec 10, 2019: zstd: Add function to get decoder as io.ReadCloser. [#191](https://github.com/klauspost/compress/pull/191)
-* Dec 3, 2019: (v1.9.4) S2: limit max repeat length. [#188](https://github.com/klauspost/compress/pull/188)
-* Dec 3, 2019: Add [WithNoEntropyCompression](https://godoc.org/github.com/klauspost/compress/zstd#WithNoEntropyCompression) to zstd [#187](https://github.com/klauspost/compress/pull/187)
-* Dec 3, 2019: Reduce memory use for tests. Check for leaked goroutines.
-* Nov 28, 2019 (v1.9.3) Less allocations in stateless deflate.
-* Nov 28, 2019: 5-20% Faster huff0 decode. Impacts zstd as well. [#184](https://github.com/klauspost/compress/pull/184)
-* Nov 12, 2019 (v1.9.2) Added [Stateless Compression](#stateless-compression) for gzip/deflate.
-* Nov 12, 2019: Fixed zstd decompression of large single blocks. [#180](https://github.com/klauspost/compress/pull/180)
-* Nov 11, 2019: Set default  [s2c](https://github.com/klauspost/compress/tree/master/s2#commandline-tools) block size to 4MB.
-* Nov 11, 2019: Reduce inflate memory use by 1KB.
-* Nov 10, 2019: Less allocations in deflate bit writer.
-* Nov 10, 2019: Fix inconsistent error returned by zstd decoder.
-* Oct 28, 2019 (v1.9.1) ztsd: Fix crash when compressing blocks. [#174](https://github.com/klauspost/compress/pull/174)
-* Oct 24, 2019 (v1.9.0) zstd: Fix rare data corruption [#173](https://github.com/klauspost/compress/pull/173)
-* Oct 24, 2019 zstd: Fix huff0 out of buffer write [#171](https://github.com/klauspost/compress/pull/171) and always return errors [#172](https://github.com/klauspost/compress/pull/172) 
-* Oct 10, 2019: Big deflate rewrite, 30-40% faster with better compression [#105](https://github.com/klauspost/compress/pull/105)
-
-
    
-
-
    
-	See changes prior to v1.9.0
-
-* Oct 10, 2019: (v1.8.6) zstd: Allow partial reads to get flushed data. [#169](https://github.com/klauspost/compress/pull/169)
-* Oct 3, 2019: Fix inconsistent results on broken zstd streams.
-* Sep 25, 2019: Added `-rm` (remove source files) and `-q` (no output except errors) to `s2c` and `s2d` [commands](https://github.com/klauspost/compress/tree/master/s2#commandline-tools)
-* Sep 16, 2019: (v1.8.4) Add `s2c` and `s2d` [commandline tools](https://github.com/klauspost/compress/tree/master/s2#commandline-tools).
-* Sep 10, 2019: (v1.8.3) Fix s2 decoder [Skip](https://godoc.org/github.com/klauspost/compress/s2#Reader.Skip).
-* Sep 7, 2019: zstd: Added [WithWindowSize](https://godoc.org/github.com/klauspost/compress/zstd#WithWindowSize), contributed by [ianwilkes](https://github.com/ianwilkes).
-* Sep 5, 2019: (v1.8.2) Add [WithZeroFrames](https://godoc.org/github.com/klauspost/compress/zstd#WithZeroFrames) which adds full zero payload block encoding option.
-* Sep 5, 2019: Lazy initialization of zstandard predefined en/decoder tables.
-* Aug 26, 2019: (v1.8.1) S2: 1-2% compression increase in "better" compression mode.
-* Aug 26, 2019: zstd: Check maximum size of Huffman 1X compressed literals while decoding.
-* Aug 24, 2019: (v1.8.0) Added [S2 compression](https://github.com/klauspost/compress/tree/master/s2#s2-compression), a high performance replacement for Snappy. 
-* Aug 21, 2019: (v1.7.6) Fixed minor issues found by fuzzer. One could lead to zstd not decompressing.
-* Aug 18, 2019: Add [fuzzit](https://fuzzit.dev/) continuous fuzzing.
-* Aug 14, 2019: zstd: Skip incompressible data 2x faster.  [#147](https://github.com/klauspost/compress/pull/147)
-* Aug 4, 2019 (v1.7.5): Better literal compression. [#146](https://github.com/klauspost/compress/pull/146)
-* Aug 4, 2019: Faster zstd compression. [#143](https://github.com/klauspost/compress/pull/143) [#144](https://github.com/klauspost/compress/pull/144)
-* Aug 4, 2019: Faster zstd decompression. [#145](https://github.com/klauspost/compress/pull/145) [#143](https://github.com/klauspost/compress/pull/143) [#142](https://github.com/klauspost/compress/pull/142)
-* July 15, 2019 (v1.7.4): Fix double EOF block in rare cases on zstd encoder.
-* July 15, 2019 (v1.7.3): Minor speedup/compression increase in default zstd encoder.
-* July 14, 2019: zstd decoder: Fix decompression error on multiple uses with mixed content.
-* July 7, 2019 (v1.7.2): Snappy update, zstd decoder potential race fix.
-* June 17, 2019: zstd decompression bugfix.
-* June 17, 2019: fix 32 bit builds.
-* June 17, 2019: Easier use in modules (less dependencies).
-* June 9, 2019: New stronger "default" [zstd](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression mode. Matches zstd default compression ratio.
-* June 5, 2019: 20-40% throughput in [zstandard](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression and better compression.
-* June 5, 2019: deflate/gzip compression: Reduce memory usage of lower compression levels.
-* June 2, 2019: Added [zstandard](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression!
-* May 25, 2019: deflate/gzip: 10% faster bit writer, mostly visible in lower levels.
-* Apr 22, 2019: [zstd](https://github.com/klauspost/compress/tree/master/zstd#zstd) decompression added.
-* Aug 1, 2018: Added [huff0 README](https://github.com/klauspost/compress/tree/master/huff0#huff0-entropy-compression).
-* Jul 8, 2018: Added [Performance Update 2018](#performance-update-2018) below.
-* Jun 23, 2018: Merged [Go 1.11 inflate optimizations](https://go-review.googlesource.com/c/go/+/102235). Go 1.9 is now required. Backwards compatible version tagged with [v1.3.0](https://github.com/klauspost/compress/releases/tag/v1.3.0).
-* Apr 2, 2018: Added [huff0](https://godoc.org/github.com/klauspost/compress/huff0) en/decoder. Experimental for now, API may change.
-* Mar 4, 2018: Added [FSE Entropy](https://godoc.org/github.com/klauspost/compress/fse) en/decoder. Experimental for now, API may change.
-* Nov 3, 2017: Add compression [Estimate](https://godoc.org/github.com/klauspost/compress#Estimate) function.
-* May 28, 2017: Reduce allocations when resetting decoder.
-* Apr 02, 2017: Change back to official crc32, since changes were merged in Go 1.7.
-* Jan 14, 2017: Reduce stack pressure due to array copies. See [Issue #18625](https://github.com/golang/go/issues/18625).
-* Oct 25, 2016: Level 2-4 have been rewritten and now offers significantly better performance than before.
-* Oct 20, 2016: Port zlib changes from Go 1.7 to fix zlib writer issue. Please update.
-* Oct 16, 2016: Go 1.7 changes merged. Apples to apples this package is a few percent faster, but has a significantly better balance between speed and compression per level. 
-* Mar 24, 2016: Always attempt Huffman encoding on level 4-7. This improves base 64 encoded data compression.
-* Mar 24, 2016: Small speedup for level 1-3.
-* Feb 19, 2016: Faster bit writer, level -2 is 15% faster, level 1 is 4% faster.
-* Feb 19, 2016: Handle small payloads faster in level 1-3.
-* Feb 19, 2016: Added faster level 2 + 3 compression modes.
-* Feb 19, 2016: [Rebalanced compression levels](https://blog.klauspost.com/rebalancing-deflate-compression-levels/), so there is a more even progression in terms of compression. New default level is 5.
-* Feb 14, 2016: Snappy: Merge upstream changes. 
-* Feb 14, 2016: Snappy: Fix aggressive skipping.
-* Feb 14, 2016: Snappy: Update benchmark.
-* Feb 13, 2016: Deflate: Fixed assembler problem that could lead to sub-optimal compression.
-* Feb 12, 2016: Snappy: Added AMD64 SSE 4.2 optimizations to matching, which makes easy to compress material run faster. Typical speedup is around 25%.
-* Feb 9, 2016: Added Snappy package fork. This version is 5-7% faster, much more on hard to compress content.
-* Jan 30, 2016: Optimize level 1 to 3 by not considering static dictionary or storing uncompressed. ~4-5% speedup.
-* Jan 16, 2016: Optimization on deflate level 1,2,3 compression.
-* Jan 8 2016: Merge [CL 18317](https://go-review.googlesource.com/#/c/18317): fix reading, writing of zip64 archives.
-* Dec 8 2015: Make level 1 and -2 deterministic even if write size differs.
-* Dec 8 2015: Split encoding functions, so hashing and matching can potentially be inlined. 1-3% faster on AMD64. 5% faster on other platforms.
-* Dec 8 2015: Fixed rare [one byte out-of bounds read](https://github.com/klauspost/compress/issues/20). Please update!
-* Nov 23 2015: Optimization on token writer. ~2-4% faster. Contributed by [@dsnet](https://github.com/dsnet).
-* Nov 20 2015: Small optimization to bit writer on 64 bit systems.
-* Nov 17 2015: Fixed out-of-bound errors if the underlying Writer returned an error. See [#15](https://github.com/klauspost/compress/issues/15).
-* Nov 12 2015: Added [io.WriterTo](https://golang.org/pkg/io/#WriterTo) support to gzip/inflate.
-* Nov 11 2015: Merged [CL 16669](https://go-review.googlesource.com/#/c/16669/4): archive/zip: enable overriding (de)compressors per file
-* Oct 15 2015: Added skipping on uncompressible data. Random data speed up >5x.
-
-
    
-
-# deflate usage
-
-The packages are drop-in replacements for standard libraries. Simply replace the import path to use them:
-
-| old import         | new import                              | Documentation
-|--------------------|-----------------------------------------|--------------------|
-| `compress/gzip`    | `github.com/klauspost/compress/gzip`    | [gzip](https://pkg.go.dev/github.com/klauspost/compress/gzip?tab=doc)
-| `compress/zlib`    | `github.com/klauspost/compress/zlib`    | [zlib](https://pkg.go.dev/github.com/klauspost/compress/zlib?tab=doc)
-| `archive/zip`      | `github.com/klauspost/compress/zip`     | [zip](https://pkg.go.dev/github.com/klauspost/compress/zip?tab=doc)
-| `compress/flate`   | `github.com/klauspost/compress/flate`   | [flate](https://pkg.go.dev/github.com/klauspost/compress/flate?tab=doc)
-
-* Optimized [deflate](https://godoc.org/github.com/klauspost/compress/flate) packages which can be used as a dropin replacement for [gzip](https://godoc.org/github.com/klauspost/compress/gzip), [zip](https://godoc.org/github.com/klauspost/compress/zip) and [zlib](https://godoc.org/github.com/klauspost/compress/zlib).
-
-You may also be interested in [pgzip](https://github.com/klauspost/pgzip), which is a drop in replacement for gzip, which support multithreaded compression on big files and the optimized [crc32](https://github.com/klauspost/crc32) package used by these packages.
-
-The packages contains the same as the standard library, so you can use the godoc for that: [gzip](http://golang.org/pkg/compress/gzip/), [zip](http://golang.org/pkg/archive/zip/),  [zlib](http://golang.org/pkg/compress/zlib/), [flate](http://golang.org/pkg/compress/flate/).
-
-Currently there is only minor speedup on decompression (mostly CRC32 calculation).
-
-Memory usage is typically 1MB for a Writer. stdlib is in the same range. 
-If you expect to have a lot of concurrently allocated Writers consider using 
-the stateless compress described below.
-
-For compression performance, see: [this spreadsheet](https://docs.google.com/spreadsheets/d/1nuNE2nPfuINCZJRMt6wFWhKpToF95I47XjSsc-1rbPQ/edit?usp=sharing).
-
-To disable all assembly add `-tags=noasm`. This works across all packages.
-
-# Stateless compression
-
-This package offers stateless compression as a special option for gzip/deflate. 
-It will do compression but without maintaining any state between Write calls.
-
-This means there will be no memory kept between Write calls, but compression and speed will be suboptimal.
-
-This is only relevant in cases where you expect to run many thousands of compressors concurrently, 
-but with very little activity. This is *not* intended for regular web servers serving individual requests.  
-
-Because of this, the size of actual Write calls will affect output size.
-
-In gzip, specify level `-3` / `gzip.StatelessCompression` to enable.
-
-For direct deflate use, NewStatelessWriter and StatelessDeflate are available. See [documentation](https://godoc.org/github.com/klauspost/compress/flate#NewStatelessWriter)
-
-A `bufio.Writer` can of course be used to control write sizes. For example, to use a 4KB buffer:
-
-```go
-	// replace 'ioutil.Discard' with your output.
-	gzw, err := gzip.NewWriterLevel(ioutil.Discard, gzip.StatelessCompression)
-	if err != nil {
-		return err
-	}
-	defer gzw.Close()
-
-	w := bufio.NewWriterSize(gzw, 4096)
-	defer w.Flush()
-	
-	// Write to 'w' 
-```
-
-This will only use up to 4KB in memory when the writer is idle. 
-
-Compression is almost always worse than the fastest compression level 
-and each write will allocate (a little) memory. 
-
-# Performance Update 2018
-
-It has been a while since we have been looking at the speed of this package compared to the standard library, so I thought I would re-do my tests and give some overall recommendations based on the current state. All benchmarks have been performed with Go 1.10 on my Desktop Intel(R) Core(TM) i7-2600 CPU @3.40GHz. Since I last ran the tests, I have gotten more RAM, which means tests with big files are no longer limited by my SSD.
-
-The raw results are in my [updated spreadsheet](https://docs.google.com/spreadsheets/d/1nuNE2nPfuINCZJRMt6wFWhKpToF95I47XjSsc-1rbPQ/edit?usp=sharing). Due to cgo changes and upstream updates i could not get the cgo version of gzip to compile. Instead I included the [zstd](https://github.com/datadog/zstd) cgo implementation. If I get cgo gzip to work again, I might replace the results in the sheet.
-
-The columns to take note of are: *MB/s* - the throughput. *Reduction* - the data size reduction in percent of the original. *Rel Speed* relative speed compared to the standard library at the same level. *Smaller* - how many percent smaller is the compressed output compared to stdlib. Negative means the output was bigger. *Loss* means the loss (or gain) in compression as a percentage difference of the input.
-
-The `gzstd` (standard library gzip) and `gzkp` (this package gzip) only uses one CPU core. [`pgzip`](https://github.com/klauspost/pgzip), [`bgzf`](https://github.com/biogo/hts/tree/master/bgzf) uses all 4 cores. [`zstd`](https://github.com/DataDog/zstd) uses one core, and is a beast (but not Go, yet).
-
-
-## Overall differences.
-
-There appears to be a roughly 5-10% speed advantage over the standard library when comparing at similar compression levels.
-
-The biggest difference you will see is the result of [re-balancing](https://blog.klauspost.com/rebalancing-deflate-compression-levels/) the compression levels. I wanted by library to give a smoother transition between the compression levels than the standard library.
-
-This package attempts to provide a more smooth transition, where "1" is taking a lot of shortcuts, "5" is the reasonable trade-off and "9" is the "give me the best compression", and the values in between gives something reasonable in between. The standard library has big differences in levels 1-4, but levels 5-9 having no significant gains - often spending a lot more time than can be justified by the achieved compression.
-
-There are links to all the test data in the [spreadsheet](https://docs.google.com/spreadsheets/d/1nuNE2nPfuINCZJRMt6wFWhKpToF95I47XjSsc-1rbPQ/edit?usp=sharing) in the top left field on each tab.
-
-## Web Content
-
-This test set aims to emulate typical use in a web server. The test-set is 4GB data in 53k files, and is a mixture of (mostly) HTML, JS, CSS.
-
-Since level 1 and 9 are close to being the same code, they are quite close. But looking at the levels in-between the differences are quite big.
-
-Looking at level 6, this package is 88% faster, but will output about 6% more data. For a web server, this means you can serve 88% more data, but have to pay for 6% more bandwidth. You can draw your own conclusions on what would be the most expensive for your case.
-
-## Object files
-
-This test is for typical data files stored on a server. In this case it is a collection of Go precompiled objects. They are very compressible.
-
-The picture is similar to the web content, but with small differences since this is very compressible. Levels 2-3 offer good speed, but is sacrificing quite a bit of compression. 
-
-The standard library seems suboptimal on level 3 and 4 - offering both worse compression and speed than level 6 & 7 of this package respectively.
-
-## Highly Compressible File
-
-This is a JSON file with very high redundancy. The reduction starts at 95% on level 1, so in real life terms we are dealing with something like a highly redundant stream of data, etc.
-
-It is definitely visible that we are dealing with specialized content here, so the results are very scattered. This package does not do very well at levels 1-4, but picks up significantly at level 5 and levels 7 and 8 offering great speed for the achieved compression.
-
-So if you know you content is extremely compressible you might want to go slightly higher than the defaults. The standard library has a huge gap between levels 3 and 4 in terms of speed (2.75x slowdown), so it offers little "middle ground".
-
-## Medium-High Compressible
-
-This is a pretty common test corpus: [enwik9](http://mattmahoney.net/dc/textdata.html). It contains the first 10^9 bytes of the English Wikipedia dump on Mar. 3, 2006. This is a very good test of typical text based compression and more data heavy streams.
-
-We see a similar picture here as in "Web Content". On equal levels some compression is sacrificed for more speed. Level 5 seems to be the best trade-off between speed and size, beating stdlib level 3 in both.
-
-## Medium Compressible
-
-I will combine two test sets, one [10GB file set](http://mattmahoney.net/dc/10gb.html) and a VM disk image (~8GB). Both contain different data types and represent a typical backup scenario.
-
-The most notable thing is how quickly the standard library drops to very low compression speeds around level 5-6 without any big gains in compression. Since this type of data is fairly common, this does not seem like good behavior.
-
-
-## Un-compressible Content
-
-This is mainly a test of how good the algorithms are at detecting un-compressible input. The standard library only offers this feature with very conservative settings at level 1. Obviously there is no reason for the algorithms to try to compress input that cannot be compressed.  The only downside is that it might skip some compressible data on false detections.
-
-
-## Huffman only compression
-
-This compression library adds a special compression level, named `HuffmanOnly`, which allows near linear time compression. This is done by completely disabling matching of previous data, and only reduce the number of bits to represent each character. 
-
-This means that often used characters, like 'e' and ' ' (space) in text use the fewest bits to represent, and rare characters like '¤' takes more bits to represent. For more information see [wikipedia](https://en.wikipedia.org/wiki/Huffman_coding) or this nice [video](https://youtu.be/ZdooBTdW5bM).
-
-Since this type of compression has much less variance, the compression speed is mostly unaffected by the input data, and is usually more than *180MB/s* for a single core.
-
-The downside is that the compression ratio is usually considerably worse than even the fastest conventional compression. The compression ratio can never be better than 8:1 (12.5%). 
-
-The linear time compression can be used as a "better than nothing" mode, where you cannot risk the encoder to slow down on some content. For comparison, the size of the "Twain" text is *233460 bytes* (+29% vs. level 1) and encode speed is 144MB/s (4.5x level 1). So in this case you trade a 30% size increase for a 4 times speedup.
-
-For more information see my blog post on [Fast Linear Time Compression](http://blog.klauspost.com/constant-time-gzipzip-compression/).
-
-This is implemented on Go 1.7 as "Huffman Only" mode, though not exposed for gzip.
-
-# Other packages
-
-Here are other packages of good quality and pure Go (no cgo wrappers or autoconverted code):
-
-* [github.com/pierrec/lz4](https://github.com/pierrec/lz4) - strong multithreaded LZ4 compression.
-* [github.com/cosnicolaou/pbzip2](https://github.com/cosnicolaou/pbzip2) - multithreaded bzip2 decompression.
-* [github.com/dsnet/compress](https://github.com/dsnet/compress) - brotli decompression, bzip2 writer.
-* [github.com/ronanh/intcomp](https://github.com/ronanh/intcomp) - Integer compression.
-* [github.com/spenczar/fpc](https://github.com/spenczar/fpc) - Float compression.
-* [github.com/minio/zipindex](https://github.com/minio/zipindex) - External ZIP directory index.
-* [github.com/ybirader/pzip](https://github.com/ybirader/pzip) - Fast concurrent zip archiver and extractor.
-
-# license
-
-This code is licensed under the same conditions as the original Go code. See LICENSE file.
diff --git a/vendor/github.com/klauspost/compress/SECURITY.md b/vendor/github.com/klauspost/compress/SECURITY.md
deleted file mode 100644
index ca6685e2b..000000000
--- a/vendor/github.com/klauspost/compress/SECURITY.md
+++ /dev/null
@@ -1,25 +0,0 @@
-# Security Policy
-
-## Supported Versions
-
-Security updates are applied only to the latest release.
-
-## Vulnerability Definition
-
-A security vulnerability is a bug that with certain input triggers a crash or an infinite loop. Most calls will have varying execution time and only in rare cases will slow operation be considered a security vulnerability.
-
-Corrupted output generally is not considered a security vulnerability, unless independent operations are able to affect each other. Note that not all functionality is re-entrant and safe to use concurrently.
-
-Out-of-memory crashes only applies if the en/decoder uses an abnormal amount of memory, with appropriate options applied, to limit maximum window size, concurrency, etc. However, if you are in doubt you are welcome to file a security issue.
-
-It is assumed that all callers are trusted, meaning internal data exposed through reflection or inspection of returned data structures is not considered a vulnerability.
-
-Vulnerabilities resulting from compiler/assembler errors should be reported upstream. Depending on the severity this package may or may not implement a workaround.
-
-## Reporting a Vulnerability
-
-If you have discovered a security vulnerability in this project, please report it privately. **Do not disclose it as a public issue.** This gives us time to work with you to fix the issue before public exposure, reducing the chance that the exploit will be used before a patch is released.
-
-Please disclose it at [security advisory](https://github.com/klauspost/compress/security/advisories/new). If possible please provide a minimal reproducer. If the issue only applies to a single platform, it would be helpful to provide access to that.
-
-This project is maintained by a team of volunteers on a reasonable-effort basis. As such, vulnerabilities will be disclosed in a best effort base.
diff --git a/vendor/github.com/klauspost/compress/compressible.go b/vendor/github.com/klauspost/compress/compressible.go
deleted file mode 100644
index ea5a692d5..000000000
--- a/vendor/github.com/klauspost/compress/compressible.go
+++ /dev/null
@@ -1,85 +0,0 @@
-package compress
-
-import "math"
-
-// Estimate returns a normalized compressibility estimate of block b.
-// Values close to zero are likely uncompressible.
-// Values above 0.1 are likely to be compressible.
-// Values above 0.5 are very compressible.
-// Very small lengths will return 0.
-func Estimate(b []byte) float64 {
-	if len(b) < 16 {
-		return 0
-	}
-
-	// Correctly predicted order 1
-	hits := 0
-	lastMatch := false
-	var o1 [256]byte
-	var hist [256]int
-	c1 := byte(0)
-	for _, c := range b {
-		if c == o1[c1] {
-			// We only count a hit if there was two correct predictions in a row.
-			if lastMatch {
-				hits++
-			}
-			lastMatch = true
-		} else {
-			lastMatch = false
-		}
-		o1[c1] = c
-		c1 = c
-		hist[c]++
-	}
-
-	// Use x^0.6 to give better spread
-	prediction := math.Pow(float64(hits)/float64(len(b)), 0.6)
-
-	// Calculate histogram distribution
-	variance := float64(0)
-	avg := float64(len(b)) / 256
-
-	for _, v := range hist {
-		Δ := float64(v) - avg
-		variance += Δ * Δ
-	}
-
-	stddev := math.Sqrt(float64(variance)) / float64(len(b))
-	exp := math.Sqrt(1 / float64(len(b)))
-
-	// Subtract expected stddev
-	stddev -= exp
-	if stddev < 0 {
-		stddev = 0
-	}
-	stddev *= 1 + exp
-
-	// Use x^0.4 to give better spread
-	entropy := math.Pow(stddev, 0.4)
-
-	// 50/50 weight between prediction and histogram distribution
-	return math.Pow((prediction+entropy)/2, 0.9)
-}
-
-// ShannonEntropyBits returns the number of bits minimum required to represent
-// an entropy encoding of the input bytes.
-// https://en.wiktionary.org/wiki/Shannon_entropy
-func ShannonEntropyBits(b []byte) int {
-	if len(b) == 0 {
-		return 0
-	}
-	var hist [256]int
-	for _, c := range b {
-		hist[c]++
-	}
-	shannon := float64(0)
-	invTotal := 1.0 / float64(len(b))
-	for _, v := range hist[:] {
-		if v > 0 {
-			n := float64(v)
-			shannon += math.Ceil(-math.Log2(n*invTotal) * n)
-		}
-	}
-	return int(math.Ceil(shannon))
-}
diff --git a/vendor/github.com/klauspost/compress/fse/README.md b/vendor/github.com/klauspost/compress/fse/README.md
deleted file mode 100644
index ea7324da6..000000000
--- a/vendor/github.com/klauspost/compress/fse/README.md
+++ /dev/null
@@ -1,79 +0,0 @@
-# Finite State Entropy
-
-This package provides Finite State Entropy encoding and decoding.
-            
-Finite State Entropy (also referenced as [tANS](https://en.wikipedia.org/wiki/Asymmetric_numeral_systems#tANS)) 
-encoding provides a fast near-optimal symbol encoding/decoding
-for byte blocks as implemented in [zstandard](https://github.com/facebook/zstd).
-
-This can be used for compressing input with a lot of similar input values to the smallest number of bytes.
-This does not perform any multi-byte [dictionary coding](https://en.wikipedia.org/wiki/Dictionary_coder) as LZ coders,
-but it can be used as a secondary step to compressors (like Snappy) that does not do entropy encoding. 
-
-* [Godoc documentation](https://godoc.org/github.com/klauspost/compress/fse)
-
-## News
-
- * Feb 2018: First implementation released. Consider this beta software for now.
-
-# Usage
-
-This package provides a low level interface that allows to compress single independent blocks. 
-
-Each block is separate, and there is no built in integrity checks. 
-This means that the caller should keep track of block sizes and also do checksums if needed.  
-
-Compressing a block is done via the [`Compress`](https://godoc.org/github.com/klauspost/compress/fse#Compress) function.
-You must provide input and will receive the output and maybe an error.
-
-These error values can be returned:
-
-| Error               | Description                                                                 |
-|---------------------|-----------------------------------------------------------------------------|
-| ``             | Everything ok, output is returned                                           |
-| `ErrIncompressible` | Returned when input is judged to be too hard to compress                    |
-| `ErrUseRLE`         | Returned from the compressor when the input is a single byte value repeated |
-| `(error)`           | An internal error occurred.                                                 |
-
-As can be seen above there are errors that will be returned even under normal operation so it is important to handle these.
-
-To reduce allocations you can provide a [`Scratch`](https://godoc.org/github.com/klauspost/compress/fse#Scratch) object 
-that can be re-used for successive calls. Both compression and decompression accepts a `Scratch` object, and the same 
-object can be used for both.   
-
-Be aware, that when re-using a `Scratch` object that the *output* buffer is also re-used, so if you are still using this
-you must set the `Out` field in the scratch to nil. The same buffer is used for compression and decompression output.
-
-Decompressing is done by calling the [`Decompress`](https://godoc.org/github.com/klauspost/compress/fse#Decompress) function.
-You must provide the output from the compression stage, at exactly the size you got back. If you receive an error back
-your input was likely corrupted. 
-
-It is important to note that a successful decoding does *not* mean your output matches your original input. 
-There are no integrity checks, so relying on errors from the decompressor does not assure your data is valid.
-
-For more detailed usage, see examples in the [godoc documentation](https://godoc.org/github.com/klauspost/compress/fse#pkg-examples).
-
-# Performance
-
-A lot of factors are affecting speed. Block sizes and compressibility of the material are primary factors.  
-All compression functions are currently only running on the calling goroutine so only one core will be used per block.  
-
-The compressor is significantly faster if symbols are kept as small as possible. The highest byte value of the input
-is used to reduce some of the processing, so if all your input is above byte value 64 for instance, it may be 
-beneficial to transpose all your input values down by 64.   
-
-With moderate block sizes around 64k speed are typically 200MB/s per core for compression and 
-around 300MB/s decompression speed. 
-
-The same hardware typically does Huffman (deflate) encoding at 125MB/s and decompression at 100MB/s. 
-
-# Plans
-
-At one point, more internals will be exposed to facilitate more "expert" usage of the components. 
-
-A streaming interface is also likely to be implemented. Likely compatible with [FSE stream format](https://github.com/Cyan4973/FiniteStateEntropy/blob/dev/programs/fileio.c#L261).  
-
-# Contributing
-
-Contributions are always welcome. Be aware that adding public functions will require good justification and breaking 
-changes will likely not be accepted. If in doubt open an issue before writing the PR.  
\ No newline at end of file
diff --git a/vendor/github.com/klauspost/compress/fse/bitreader.go b/vendor/github.com/klauspost/compress/fse/bitreader.go
deleted file mode 100644
index f65eb3909..000000000
--- a/vendor/github.com/klauspost/compress/fse/bitreader.go
+++ /dev/null
@@ -1,122 +0,0 @@
-// Copyright 2018 Klaus Post. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
-
-package fse
-
-import (
-	"encoding/binary"
-	"errors"
-	"io"
-)
-
-// bitReader reads a bitstream in reverse.
-// The last set bit indicates the start of the stream and is used
-// for aligning the input.
-type bitReader struct {
-	in       []byte
-	off      uint // next byte to read is at in[off - 1]
-	value    uint64
-	bitsRead uint8
-}
-
-// init initializes and resets the bit reader.
-func (b *bitReader) init(in []byte) error {
-	if len(in) < 1 {
-		return errors.New("corrupt stream: too short")
-	}
-	b.in = in
-	b.off = uint(len(in))
-	// The highest bit of the last byte indicates where to start
-	v := in[len(in)-1]
-	if v == 0 {
-		return errors.New("corrupt stream, did not find end of stream")
-	}
-	b.bitsRead = 64
-	b.value = 0
-	if len(in) >= 8 {
-		b.fillFastStart()
-	} else {
-		b.fill()
-		b.fill()
-	}
-	b.bitsRead += 8 - uint8(highBits(uint32(v)))
-	return nil
-}
-
-// getBits will return n bits. n can be 0.
-func (b *bitReader) getBits(n uint8) uint16 {
-	if n == 0 || b.bitsRead >= 64 {
-		return 0
-	}
-	return b.getBitsFast(n)
-}
-
-// getBitsFast requires that at least one bit is requested every time.
-// There are no checks if the buffer is filled.
-func (b *bitReader) getBitsFast(n uint8) uint16 {
-	const regMask = 64 - 1
-	v := uint16((b.value << (b.bitsRead & regMask)) >> ((regMask + 1 - n) & regMask))
-	b.bitsRead += n
-	return v
-}
-
-// fillFast() will make sure at least 32 bits are available.
-// There must be at least 4 bytes available.
-func (b *bitReader) fillFast() {
-	if b.bitsRead < 32 {
-		return
-	}
-	// 2 bounds checks.
-	v := b.in[b.off-4:]
-	v = v[:4]
-	low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-	b.value = (b.value << 32) | uint64(low)
-	b.bitsRead -= 32
-	b.off -= 4
-}
-
-// fill() will make sure at least 32 bits are available.
-func (b *bitReader) fill() {
-	if b.bitsRead < 32 {
-		return
-	}
-	if b.off > 4 {
-		v := b.in[b.off-4:]
-		v = v[:4]
-		low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-		b.value = (b.value << 32) | uint64(low)
-		b.bitsRead -= 32
-		b.off -= 4
-		return
-	}
-	for b.off > 0 {
-		b.value = (b.value << 8) | uint64(b.in[b.off-1])
-		b.bitsRead -= 8
-		b.off--
-	}
-}
-
-// fillFastStart() assumes the bitreader is empty and there is at least 8 bytes to read.
-func (b *bitReader) fillFastStart() {
-	// Do single re-slice to avoid bounds checks.
-	b.value = binary.LittleEndian.Uint64(b.in[b.off-8:])
-	b.bitsRead = 0
-	b.off -= 8
-}
-
-// finished returns true if all bits have been read from the bit stream.
-func (b *bitReader) finished() bool {
-	return b.bitsRead >= 64 && b.off == 0
-}
-
-// close the bitstream and returns an error if out-of-buffer reads occurred.
-func (b *bitReader) close() error {
-	// Release reference.
-	b.in = nil
-	if b.bitsRead > 64 {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
diff --git a/vendor/github.com/klauspost/compress/fse/bitwriter.go b/vendor/github.com/klauspost/compress/fse/bitwriter.go
deleted file mode 100644
index e82fa3bb7..000000000
--- a/vendor/github.com/klauspost/compress/fse/bitwriter.go
+++ /dev/null
@@ -1,167 +0,0 @@
-// Copyright 2018 Klaus Post. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
-
-package fse
-
-import "fmt"
-
-// bitWriter will write bits.
-// First bit will be LSB of the first byte of output.
-type bitWriter struct {
-	bitContainer uint64
-	nBits        uint8
-	out          []byte
-}
-
-// bitMask16 is bitmasks. Has extra to avoid bounds check.
-var bitMask16 = [32]uint16{
-	0, 1, 3, 7, 0xF, 0x1F,
-	0x3F, 0x7F, 0xFF, 0x1FF, 0x3FF, 0x7FF,
-	0xFFF, 0x1FFF, 0x3FFF, 0x7FFF, 0xFFFF, 0xFFFF,
-	0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF,
-	0xFFFF, 0xFFFF} /* up to 16 bits */
-
-// addBits16NC will add up to 16 bits.
-// It will not check if there is space for them,
-// so the caller must ensure that it has flushed recently.
-func (b *bitWriter) addBits16NC(value uint16, bits uint8) {
-	b.bitContainer |= uint64(value&bitMask16[bits&31]) << (b.nBits & 63)
-	b.nBits += bits
-}
-
-// addBits16Clean will add up to 16 bits. value may not contain more set bits than indicated.
-// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
-func (b *bitWriter) addBits16Clean(value uint16, bits uint8) {
-	b.bitContainer |= uint64(value) << (b.nBits & 63)
-	b.nBits += bits
-}
-
-// addBits16ZeroNC will add up to 16 bits.
-// It will not check if there is space for them,
-// so the caller must ensure that it has flushed recently.
-// This is fastest if bits can be zero.
-func (b *bitWriter) addBits16ZeroNC(value uint16, bits uint8) {
-	if bits == 0 {
-		return
-	}
-	value <<= (16 - bits) & 15
-	value >>= (16 - bits) & 15
-	b.bitContainer |= uint64(value) << (b.nBits & 63)
-	b.nBits += bits
-}
-
-// flush will flush all pending full bytes.
-// There will be at least 56 bits available for writing when this has been called.
-// Using flush32 is faster, but leaves less space for writing.
-func (b *bitWriter) flush() {
-	v := b.nBits >> 3
-	switch v {
-	case 0:
-	case 1:
-		b.out = append(b.out,
-			byte(b.bitContainer),
-		)
-	case 2:
-		b.out = append(b.out,
-			byte(b.bitContainer),
-			byte(b.bitContainer>>8),
-		)
-	case 3:
-		b.out = append(b.out,
-			byte(b.bitContainer),
-			byte(b.bitContainer>>8),
-			byte(b.bitContainer>>16),
-		)
-	case 4:
-		b.out = append(b.out,
-			byte(b.bitContainer),
-			byte(b.bitContainer>>8),
-			byte(b.bitContainer>>16),
-			byte(b.bitContainer>>24),
-		)
-	case 5:
-		b.out = append(b.out,
-			byte(b.bitContainer),
-			byte(b.bitContainer>>8),
-			byte(b.bitContainer>>16),
-			byte(b.bitContainer>>24),
-			byte(b.bitContainer>>32),
-		)
-	case 6:
-		b.out = append(b.out,
-			byte(b.bitContainer),
-			byte(b.bitContainer>>8),
-			byte(b.bitContainer>>16),
-			byte(b.bitContainer>>24),
-			byte(b.bitContainer>>32),
-			byte(b.bitContainer>>40),
-		)
-	case 7:
-		b.out = append(b.out,
-			byte(b.bitContainer),
-			byte(b.bitContainer>>8),
-			byte(b.bitContainer>>16),
-			byte(b.bitContainer>>24),
-			byte(b.bitContainer>>32),
-			byte(b.bitContainer>>40),
-			byte(b.bitContainer>>48),
-		)
-	case 8:
-		b.out = append(b.out,
-			byte(b.bitContainer),
-			byte(b.bitContainer>>8),
-			byte(b.bitContainer>>16),
-			byte(b.bitContainer>>24),
-			byte(b.bitContainer>>32),
-			byte(b.bitContainer>>40),
-			byte(b.bitContainer>>48),
-			byte(b.bitContainer>>56),
-		)
-	default:
-		panic(fmt.Errorf("bits (%d) > 64", b.nBits))
-	}
-	b.bitContainer >>= v << 3
-	b.nBits &= 7
-}
-
-// flush32 will flush out, so there are at least 32 bits available for writing.
-func (b *bitWriter) flush32() {
-	if b.nBits < 32 {
-		return
-	}
-	b.out = append(b.out,
-		byte(b.bitContainer),
-		byte(b.bitContainer>>8),
-		byte(b.bitContainer>>16),
-		byte(b.bitContainer>>24))
-	b.nBits -= 32
-	b.bitContainer >>= 32
-}
-
-// flushAlign will flush remaining full bytes and align to next byte boundary.
-func (b *bitWriter) flushAlign() {
-	nbBytes := (b.nBits + 7) >> 3
-	for i := uint8(0); i < nbBytes; i++ {
-		b.out = append(b.out, byte(b.bitContainer>>(i*8)))
-	}
-	b.nBits = 0
-	b.bitContainer = 0
-}
-
-// close will write the alignment bit and write the final byte(s)
-// to the output.
-func (b *bitWriter) close() {
-	// End mark
-	b.addBits16Clean(1, 1)
-	// flush until next byte.
-	b.flushAlign()
-}
-
-// reset and continue writing by appending to out.
-func (b *bitWriter) reset(out []byte) {
-	b.bitContainer = 0
-	b.nBits = 0
-	b.out = out
-}
diff --git a/vendor/github.com/klauspost/compress/fse/bytereader.go b/vendor/github.com/klauspost/compress/fse/bytereader.go
deleted file mode 100644
index abade2d60..000000000
--- a/vendor/github.com/klauspost/compress/fse/bytereader.go
+++ /dev/null
@@ -1,47 +0,0 @@
-// Copyright 2018 Klaus Post. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
-
-package fse
-
-// byteReader provides a byte reader that reads
-// little endian values from a byte stream.
-// The input stream is manually advanced.
-// The reader performs no bounds checks.
-type byteReader struct {
-	b   []byte
-	off int
-}
-
-// init will initialize the reader and set the input.
-func (b *byteReader) init(in []byte) {
-	b.b = in
-	b.off = 0
-}
-
-// advance the stream b n bytes.
-func (b *byteReader) advance(n uint) {
-	b.off += int(n)
-}
-
-// Uint32 returns a little endian uint32 starting at current offset.
-func (b byteReader) Uint32() uint32 {
-	b2 := b.b[b.off:]
-	b2 = b2[:4]
-	v3 := uint32(b2[3])
-	v2 := uint32(b2[2])
-	v1 := uint32(b2[1])
-	v0 := uint32(b2[0])
-	return v0 | (v1 << 8) | (v2 << 16) | (v3 << 24)
-}
-
-// unread returns the unread portion of the input.
-func (b byteReader) unread() []byte {
-	return b.b[b.off:]
-}
-
-// remain will return the number of bytes remaining.
-func (b byteReader) remain() int {
-	return len(b.b) - b.off
-}
diff --git a/vendor/github.com/klauspost/compress/fse/compress.go b/vendor/github.com/klauspost/compress/fse/compress.go
deleted file mode 100644
index 074018d8f..000000000
--- a/vendor/github.com/klauspost/compress/fse/compress.go
+++ /dev/null
@@ -1,683 +0,0 @@
-// Copyright 2018 Klaus Post. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
-
-package fse
-
-import (
-	"errors"
-	"fmt"
-)
-
-// Compress the input bytes. Input must be < 2GB.
-// Provide a Scratch buffer to avoid memory allocations.
-// Note that the output is also kept in the scratch buffer.
-// If input is too hard to compress, ErrIncompressible is returned.
-// If input is a single byte value repeated ErrUseRLE is returned.
-func Compress(in []byte, s *Scratch) ([]byte, error) {
-	if len(in) <= 1 {
-		return nil, ErrIncompressible
-	}
-	if len(in) > (2<<30)-1 {
-		return nil, errors.New("input too big, must be < 2GB")
-	}
-	s, err := s.prepare(in)
-	if err != nil {
-		return nil, err
-	}
-
-	// Create histogram, if none was provided.
-	maxCount := s.maxCount
-	if maxCount == 0 {
-		maxCount = s.countSimple(in)
-	}
-	// Reset for next run.
-	s.clearCount = true
-	s.maxCount = 0
-	if maxCount == len(in) {
-		// One symbol, use RLE
-		return nil, ErrUseRLE
-	}
-	if maxCount == 1 || maxCount < (len(in)>>7) {
-		// Each symbol present maximum once or too well distributed.
-		return nil, ErrIncompressible
-	}
-	s.optimalTableLog()
-	err = s.normalizeCount()
-	if err != nil {
-		return nil, err
-	}
-	err = s.writeCount()
-	if err != nil {
-		return nil, err
-	}
-
-	if false {
-		err = s.validateNorm()
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	err = s.buildCTable()
-	if err != nil {
-		return nil, err
-	}
-	err = s.compress(in)
-	if err != nil {
-		return nil, err
-	}
-	s.Out = s.bw.out
-	// Check if we compressed.
-	if len(s.Out) >= len(in) {
-		return nil, ErrIncompressible
-	}
-	return s.Out, nil
-}
-
-// cState contains the compression state of a stream.
-type cState struct {
-	bw         *bitWriter
-	stateTable []uint16
-	state      uint16
-}
-
-// init will initialize the compression state to the first symbol of the stream.
-func (c *cState) init(bw *bitWriter, ct *cTable, tableLog uint8, first symbolTransform) {
-	c.bw = bw
-	c.stateTable = ct.stateTable
-
-	nbBitsOut := (first.deltaNbBits + (1 << 15)) >> 16
-	im := int32((nbBitsOut << 16) - first.deltaNbBits)
-	lu := (im >> nbBitsOut) + first.deltaFindState
-	c.state = c.stateTable[lu]
-}
-
-// encode the output symbol provided and write it to the bitstream.
-func (c *cState) encode(symbolTT symbolTransform) {
-	nbBitsOut := (uint32(c.state) + symbolTT.deltaNbBits) >> 16
-	dstState := int32(c.state>>(nbBitsOut&15)) + symbolTT.deltaFindState
-	c.bw.addBits16NC(c.state, uint8(nbBitsOut))
-	c.state = c.stateTable[dstState]
-}
-
-// encode the output symbol provided and write it to the bitstream.
-func (c *cState) encodeZero(symbolTT symbolTransform) {
-	nbBitsOut := (uint32(c.state) + symbolTT.deltaNbBits) >> 16
-	dstState := int32(c.state>>(nbBitsOut&15)) + symbolTT.deltaFindState
-	c.bw.addBits16ZeroNC(c.state, uint8(nbBitsOut))
-	c.state = c.stateTable[dstState]
-}
-
-// flush will write the tablelog to the output and flush the remaining full bytes.
-func (c *cState) flush(tableLog uint8) {
-	c.bw.flush32()
-	c.bw.addBits16NC(c.state, tableLog)
-	c.bw.flush()
-}
-
-// compress is the main compression loop that will encode the input from the last byte to the first.
-func (s *Scratch) compress(src []byte) error {
-	if len(src) <= 2 {
-		return errors.New("compress: src too small")
-	}
-	tt := s.ct.symbolTT[:256]
-	s.bw.reset(s.Out)
-
-	// Our two states each encodes every second byte.
-	// Last byte encoded (first byte decoded) will always be encoded by c1.
-	var c1, c2 cState
-
-	// Encode so remaining size is divisible by 4.
-	ip := len(src)
-	if ip&1 == 1 {
-		c1.init(&s.bw, &s.ct, s.actualTableLog, tt[src[ip-1]])
-		c2.init(&s.bw, &s.ct, s.actualTableLog, tt[src[ip-2]])
-		c1.encodeZero(tt[src[ip-3]])
-		ip -= 3
-	} else {
-		c2.init(&s.bw, &s.ct, s.actualTableLog, tt[src[ip-1]])
-		c1.init(&s.bw, &s.ct, s.actualTableLog, tt[src[ip-2]])
-		ip -= 2
-	}
-	if ip&2 != 0 {
-		c2.encodeZero(tt[src[ip-1]])
-		c1.encodeZero(tt[src[ip-2]])
-		ip -= 2
-	}
-	src = src[:ip]
-
-	// Main compression loop.
-	switch {
-	case !s.zeroBits && s.actualTableLog <= 8:
-		// We can encode 4 symbols without requiring a flush.
-		// We do not need to check if any output is 0 bits.
-		for ; len(src) >= 4; src = src[:len(src)-4] {
-			s.bw.flush32()
-			v3, v2, v1, v0 := src[len(src)-4], src[len(src)-3], src[len(src)-2], src[len(src)-1]
-			c2.encode(tt[v0])
-			c1.encode(tt[v1])
-			c2.encode(tt[v2])
-			c1.encode(tt[v3])
-		}
-	case !s.zeroBits:
-		// We do not need to check if any output is 0 bits.
-		for ; len(src) >= 4; src = src[:len(src)-4] {
-			s.bw.flush32()
-			v3, v2, v1, v0 := src[len(src)-4], src[len(src)-3], src[len(src)-2], src[len(src)-1]
-			c2.encode(tt[v0])
-			c1.encode(tt[v1])
-			s.bw.flush32()
-			c2.encode(tt[v2])
-			c1.encode(tt[v3])
-		}
-	case s.actualTableLog <= 8:
-		// We can encode 4 symbols without requiring a flush
-		for ; len(src) >= 4; src = src[:len(src)-4] {
-			s.bw.flush32()
-			v3, v2, v1, v0 := src[len(src)-4], src[len(src)-3], src[len(src)-2], src[len(src)-1]
-			c2.encodeZero(tt[v0])
-			c1.encodeZero(tt[v1])
-			c2.encodeZero(tt[v2])
-			c1.encodeZero(tt[v3])
-		}
-	default:
-		for ; len(src) >= 4; src = src[:len(src)-4] {
-			s.bw.flush32()
-			v3, v2, v1, v0 := src[len(src)-4], src[len(src)-3], src[len(src)-2], src[len(src)-1]
-			c2.encodeZero(tt[v0])
-			c1.encodeZero(tt[v1])
-			s.bw.flush32()
-			c2.encodeZero(tt[v2])
-			c1.encodeZero(tt[v3])
-		}
-	}
-
-	// Flush final state.
-	// Used to initialize state when decoding.
-	c2.flush(s.actualTableLog)
-	c1.flush(s.actualTableLog)
-
-	s.bw.close()
-	return nil
-}
-
-// writeCount will write the normalized histogram count to header.
-// This is read back by readNCount.
-func (s *Scratch) writeCount() error {
-	var (
-		tableLog  = s.actualTableLog
-		tableSize = 1 << tableLog
-		previous0 bool
-		charnum   uint16
-
-		maxHeaderSize = ((int(s.symbolLen)*int(tableLog) + 4 + 2) >> 3) + 3
-
-		// Write Table Size
-		bitStream = uint32(tableLog - minTablelog)
-		bitCount  = uint(4)
-		remaining = int16(tableSize + 1) /* +1 for extra accuracy */
-		threshold = int16(tableSize)
-		nbBits    = uint(tableLog + 1)
-	)
-	if cap(s.Out) < maxHeaderSize {
-		s.Out = make([]byte, 0, s.br.remain()+maxHeaderSize)
-	}
-	outP := uint(0)
-	out := s.Out[:maxHeaderSize]
-
-	// stops at 1
-	for remaining > 1 {
-		if previous0 {
-			start := charnum
-			for s.norm[charnum] == 0 {
-				charnum++
-			}
-			for charnum >= start+24 {
-				start += 24
-				bitStream += uint32(0xFFFF) << bitCount
-				out[outP] = byte(bitStream)
-				out[outP+1] = byte(bitStream >> 8)
-				outP += 2
-				bitStream >>= 16
-			}
-			for charnum >= start+3 {
-				start += 3
-				bitStream += 3 << bitCount
-				bitCount += 2
-			}
-			bitStream += uint32(charnum-start) << bitCount
-			bitCount += 2
-			if bitCount > 16 {
-				out[outP] = byte(bitStream)
-				out[outP+1] = byte(bitStream >> 8)
-				outP += 2
-				bitStream >>= 16
-				bitCount -= 16
-			}
-		}
-
-		count := s.norm[charnum]
-		charnum++
-		max := (2*threshold - 1) - remaining
-		if count < 0 {
-			remaining += count
-		} else {
-			remaining -= count
-		}
-		count++ // +1 for extra accuracy
-		if count >= threshold {
-			count += max // [0..max[ [max..threshold[ (...) [threshold+max 2*threshold[
-		}
-		bitStream += uint32(count) << bitCount
-		bitCount += nbBits
-		if count < max {
-			bitCount--
-		}
-
-		previous0 = count == 1
-		if remaining < 1 {
-			return errors.New("internal error: remaining<1")
-		}
-		for remaining < threshold {
-			nbBits--
-			threshold >>= 1
-		}
-
-		if bitCount > 16 {
-			out[outP] = byte(bitStream)
-			out[outP+1] = byte(bitStream >> 8)
-			outP += 2
-			bitStream >>= 16
-			bitCount -= 16
-		}
-	}
-
-	out[outP] = byte(bitStream)
-	out[outP+1] = byte(bitStream >> 8)
-	outP += (bitCount + 7) / 8
-
-	if charnum > s.symbolLen {
-		return errors.New("internal error: charnum > s.symbolLen")
-	}
-	s.Out = out[:outP]
-	return nil
-}
-
-// symbolTransform contains the state transform for a symbol.
-type symbolTransform struct {
-	deltaFindState int32
-	deltaNbBits    uint32
-}
-
-// String prints values as a human readable string.
-func (s symbolTransform) String() string {
-	return fmt.Sprintf("dnbits: %08x, fs:%d", s.deltaNbBits, s.deltaFindState)
-}
-
-// cTable contains tables used for compression.
-type cTable struct {
-	tableSymbol []byte
-	stateTable  []uint16
-	symbolTT    []symbolTransform
-}
-
-// allocCtable will allocate tables needed for compression.
-// If existing tables a re big enough, they are simply re-used.
-func (s *Scratch) allocCtable() {
-	tableSize := 1 << s.actualTableLog
-	// get tableSymbol that is big enough.
-	if cap(s.ct.tableSymbol) < tableSize {
-		s.ct.tableSymbol = make([]byte, tableSize)
-	}
-	s.ct.tableSymbol = s.ct.tableSymbol[:tableSize]
-
-	ctSize := tableSize
-	if cap(s.ct.stateTable) < ctSize {
-		s.ct.stateTable = make([]uint16, ctSize)
-	}
-	s.ct.stateTable = s.ct.stateTable[:ctSize]
-
-	if cap(s.ct.symbolTT) < 256 {
-		s.ct.symbolTT = make([]symbolTransform, 256)
-	}
-	s.ct.symbolTT = s.ct.symbolTT[:256]
-}
-
-// buildCTable will populate the compression table so it is ready to be used.
-func (s *Scratch) buildCTable() error {
-	tableSize := uint32(1 << s.actualTableLog)
-	highThreshold := tableSize - 1
-	var cumul [maxSymbolValue + 2]int16
-
-	s.allocCtable()
-	tableSymbol := s.ct.tableSymbol[:tableSize]
-	// symbol start positions
-	{
-		cumul[0] = 0
-		for ui, v := range s.norm[:s.symbolLen-1] {
-			u := byte(ui) // one less than reference
-			if v == -1 {
-				// Low proba symbol
-				cumul[u+1] = cumul[u] + 1
-				tableSymbol[highThreshold] = u
-				highThreshold--
-			} else {
-				cumul[u+1] = cumul[u] + v
-			}
-		}
-		// Encode last symbol separately to avoid overflowing u
-		u := int(s.symbolLen - 1)
-		v := s.norm[s.symbolLen-1]
-		if v == -1 {
-			// Low proba symbol
-			cumul[u+1] = cumul[u] + 1
-			tableSymbol[highThreshold] = byte(u)
-			highThreshold--
-		} else {
-			cumul[u+1] = cumul[u] + v
-		}
-		if uint32(cumul[s.symbolLen]) != tableSize {
-			return fmt.Errorf("internal error: expected cumul[s.symbolLen] (%d) == tableSize (%d)", cumul[s.symbolLen], tableSize)
-		}
-		cumul[s.symbolLen] = int16(tableSize) + 1
-	}
-	// Spread symbols
-	s.zeroBits = false
-	{
-		step := tableStep(tableSize)
-		tableMask := tableSize - 1
-		var position uint32
-		// if any symbol > largeLimit, we may have 0 bits output.
-		largeLimit := int16(1 << (s.actualTableLog - 1))
-		for ui, v := range s.norm[:s.symbolLen] {
-			symbol := byte(ui)
-			if v > largeLimit {
-				s.zeroBits = true
-			}
-			for nbOccurrences := int16(0); nbOccurrences < v; nbOccurrences++ {
-				tableSymbol[position] = symbol
-				position = (position + step) & tableMask
-				for position > highThreshold {
-					position = (position + step) & tableMask
-				} /* Low proba area */
-			}
-		}
-
-		// Check if we have gone through all positions
-		if position != 0 {
-			return errors.New("position!=0")
-		}
-	}
-
-	// Build table
-	table := s.ct.stateTable
-	{
-		tsi := int(tableSize)
-		for u, v := range tableSymbol {
-			// TableU16 : sorted by symbol order; gives next state value
-			table[cumul[v]] = uint16(tsi + u)
-			cumul[v]++
-		}
-	}
-
-	// Build Symbol Transformation Table
-	{
-		total := int16(0)
-		symbolTT := s.ct.symbolTT[:s.symbolLen]
-		tableLog := s.actualTableLog
-		tl := (uint32(tableLog) << 16) - (1 << tableLog)
-		for i, v := range s.norm[:s.symbolLen] {
-			switch v {
-			case 0:
-			case -1, 1:
-				symbolTT[i].deltaNbBits = tl
-				symbolTT[i].deltaFindState = int32(total - 1)
-				total++
-			default:
-				maxBitsOut := uint32(tableLog) - highBits(uint32(v-1))
-				minStatePlus := uint32(v) << maxBitsOut
-				symbolTT[i].deltaNbBits = (maxBitsOut << 16) - minStatePlus
-				symbolTT[i].deltaFindState = int32(total - v)
-				total += v
-			}
-		}
-		if total != int16(tableSize) {
-			return fmt.Errorf("total mismatch %d (got) != %d (want)", total, tableSize)
-		}
-	}
-	return nil
-}
-
-// countSimple will create a simple histogram in s.count.
-// Returns the biggest count.
-// Does not update s.clearCount.
-func (s *Scratch) countSimple(in []byte) (max int) {
-	for _, v := range in {
-		s.count[v]++
-	}
-	m, symlen := uint32(0), s.symbolLen
-	for i, v := range s.count[:] {
-		if v == 0 {
-			continue
-		}
-		if v > m {
-			m = v
-		}
-		symlen = uint16(i) + 1
-	}
-	s.symbolLen = symlen
-	return int(m)
-}
-
-// minTableLog provides the minimum logSize to safely represent a distribution.
-func (s *Scratch) minTableLog() uint8 {
-	minBitsSrc := highBits(uint32(s.br.remain()-1)) + 1
-	minBitsSymbols := highBits(uint32(s.symbolLen-1)) + 2
-	if minBitsSrc < minBitsSymbols {
-		return uint8(minBitsSrc)
-	}
-	return uint8(minBitsSymbols)
-}
-
-// optimalTableLog calculates and sets the optimal tableLog in s.actualTableLog
-func (s *Scratch) optimalTableLog() {
-	tableLog := s.TableLog
-	minBits := s.minTableLog()
-	maxBitsSrc := uint8(highBits(uint32(s.br.remain()-1))) - 2
-	if maxBitsSrc < tableLog {
-		// Accuracy can be reduced
-		tableLog = maxBitsSrc
-	}
-	if minBits > tableLog {
-		tableLog = minBits
-	}
-	// Need a minimum to safely represent all symbol values
-	if tableLog < minTablelog {
-		tableLog = minTablelog
-	}
-	if tableLog > maxTableLog {
-		tableLog = maxTableLog
-	}
-	s.actualTableLog = tableLog
-}
-
-var rtbTable = [...]uint32{0, 473195, 504333, 520860, 550000, 700000, 750000, 830000}
-
-// normalizeCount will normalize the count of the symbols so
-// the total is equal to the table size.
-func (s *Scratch) normalizeCount() error {
-	var (
-		tableLog          = s.actualTableLog
-		scale             = 62 - uint64(tableLog)
-		step              = (1 << 62) / uint64(s.br.remain())
-		vStep             = uint64(1) << (scale - 20)
-		stillToDistribute = int16(1 << tableLog)
-		largest           int
-		largestP          int16
-		lowThreshold      = (uint32)(s.br.remain() >> tableLog)
-	)
-
-	for i, cnt := range s.count[:s.symbolLen] {
-		// already handled
-		// if (count[s] == s.length) return 0;   /* rle special case */
-
-		if cnt == 0 {
-			s.norm[i] = 0
-			continue
-		}
-		if cnt <= lowThreshold {
-			s.norm[i] = -1
-			stillToDistribute--
-		} else {
-			proba := (int16)((uint64(cnt) * step) >> scale)
-			if proba < 8 {
-				restToBeat := vStep * uint64(rtbTable[proba])
-				v := uint64(cnt)*step - (uint64(proba) << scale)
-				if v > restToBeat {
-					proba++
-				}
-			}
-			if proba > largestP {
-				largestP = proba
-				largest = i
-			}
-			s.norm[i] = proba
-			stillToDistribute -= proba
-		}
-	}
-
-	if -stillToDistribute >= (s.norm[largest] >> 1) {
-		// corner case, need another normalization method
-		return s.normalizeCount2()
-	}
-	s.norm[largest] += stillToDistribute
-	return nil
-}
-
-// Secondary normalization method.
-// To be used when primary method fails.
-func (s *Scratch) normalizeCount2() error {
-	const notYetAssigned = -2
-	var (
-		distributed  uint32
-		total        = uint32(s.br.remain())
-		tableLog     = s.actualTableLog
-		lowThreshold = total >> tableLog
-		lowOne       = (total * 3) >> (tableLog + 1)
-	)
-	for i, cnt := range s.count[:s.symbolLen] {
-		if cnt == 0 {
-			s.norm[i] = 0
-			continue
-		}
-		if cnt <= lowThreshold {
-			s.norm[i] = -1
-			distributed++
-			total -= cnt
-			continue
-		}
-		if cnt <= lowOne {
-			s.norm[i] = 1
-			distributed++
-			total -= cnt
-			continue
-		}
-		s.norm[i] = notYetAssigned
-	}
-	toDistribute := (1 << tableLog) - distributed
-
-	if (total / toDistribute) > lowOne {
-		// risk of rounding to zero
-		lowOne = (total * 3) / (toDistribute * 2)
-		for i, cnt := range s.count[:s.symbolLen] {
-			if (s.norm[i] == notYetAssigned) && (cnt <= lowOne) {
-				s.norm[i] = 1
-				distributed++
-				total -= cnt
-				continue
-			}
-		}
-		toDistribute = (1 << tableLog) - distributed
-	}
-	if distributed == uint32(s.symbolLen)+1 {
-		// all values are pretty poor;
-		//   probably incompressible data (should have already been detected);
-		//   find max, then give all remaining points to max
-		var maxV int
-		var maxC uint32
-		for i, cnt := range s.count[:s.symbolLen] {
-			if cnt > maxC {
-				maxV = i
-				maxC = cnt
-			}
-		}
-		s.norm[maxV] += int16(toDistribute)
-		return nil
-	}
-
-	if total == 0 {
-		// all of the symbols were low enough for the lowOne or lowThreshold
-		for i := uint32(0); toDistribute > 0; i = (i + 1) % (uint32(s.symbolLen)) {
-			if s.norm[i] > 0 {
-				toDistribute--
-				s.norm[i]++
-			}
-		}
-		return nil
-	}
-
-	var (
-		vStepLog = 62 - uint64(tableLog)
-		mid      = uint64((1 << (vStepLog - 1)) - 1)
-		rStep    = (((1 << vStepLog) * uint64(toDistribute)) + mid) / uint64(total) // scale on remaining
-		tmpTotal = mid
-	)
-	for i, cnt := range s.count[:s.symbolLen] {
-		if s.norm[i] == notYetAssigned {
-			var (
-				end    = tmpTotal + uint64(cnt)*rStep
-				sStart = uint32(tmpTotal >> vStepLog)
-				sEnd   = uint32(end >> vStepLog)
-				weight = sEnd - sStart
-			)
-			if weight < 1 {
-				return errors.New("weight < 1")
-			}
-			s.norm[i] = int16(weight)
-			tmpTotal = end
-		}
-	}
-	return nil
-}
-
-// validateNorm validates the normalized histogram table.
-func (s *Scratch) validateNorm() (err error) {
-	var total int
-	for _, v := range s.norm[:s.symbolLen] {
-		if v >= 0 {
-			total += int(v)
-		} else {
-			total -= int(v)
-		}
-	}
-	defer func() {
-		if err == nil {
-			return
-		}
-		fmt.Printf("selected TableLog: %d, Symbol length: %d\n", s.actualTableLog, s.symbolLen)
-		for i, v := range s.norm[:s.symbolLen] {
-			fmt.Printf("%3d: %5d -> %4d \n", i, s.count[i], v)
-		}
-	}()
-	if total != (1 << s.actualTableLog) {
-		return fmt.Errorf("warning: Total == %d != %d", total, 1< tablelogAbsoluteMax {
-		return errors.New("tableLog too large")
-	}
-	bitStream >>= 4
-	bitCount := uint(4)
-
-	s.actualTableLog = uint8(nbBits)
-	remaining := int32((1 << nbBits) + 1)
-	threshold := int32(1 << nbBits)
-	gotTotal := int32(0)
-	nbBits++
-
-	for remaining > 1 {
-		if previous0 {
-			n0 := charnum
-			for (bitStream & 0xFFFF) == 0xFFFF {
-				n0 += 24
-				if b.off < iend-5 {
-					b.advance(2)
-					bitStream = b.Uint32() >> bitCount
-				} else {
-					bitStream >>= 16
-					bitCount += 16
-				}
-			}
-			for (bitStream & 3) == 3 {
-				n0 += 3
-				bitStream >>= 2
-				bitCount += 2
-			}
-			n0 += uint16(bitStream & 3)
-			bitCount += 2
-			if n0 > maxSymbolValue {
-				return errors.New("maxSymbolValue too small")
-			}
-			for charnum < n0 {
-				s.norm[charnum&0xff] = 0
-				charnum++
-			}
-
-			if b.off <= iend-7 || b.off+int(bitCount>>3) <= iend-4 {
-				b.advance(bitCount >> 3)
-				bitCount &= 7
-				bitStream = b.Uint32() >> bitCount
-			} else {
-				bitStream >>= 2
-			}
-		}
-
-		max := (2*(threshold) - 1) - (remaining)
-		var count int32
-
-		if (int32(bitStream) & (threshold - 1)) < max {
-			count = int32(bitStream) & (threshold - 1)
-			bitCount += nbBits - 1
-		} else {
-			count = int32(bitStream) & (2*threshold - 1)
-			if count >= threshold {
-				count -= max
-			}
-			bitCount += nbBits
-		}
-
-		count-- // extra accuracy
-		if count < 0 {
-			// -1 means +1
-			remaining += count
-			gotTotal -= count
-		} else {
-			remaining -= count
-			gotTotal += count
-		}
-		s.norm[charnum&0xff] = int16(count)
-		charnum++
-		previous0 = count == 0
-		for remaining < threshold {
-			nbBits--
-			threshold >>= 1
-		}
-		if b.off <= iend-7 || b.off+int(bitCount>>3) <= iend-4 {
-			b.advance(bitCount >> 3)
-			bitCount &= 7
-		} else {
-			bitCount -= (uint)(8 * (len(b.b) - 4 - b.off))
-			b.off = len(b.b) - 4
-		}
-		bitStream = b.Uint32() >> (bitCount & 31)
-	}
-	s.symbolLen = charnum
-
-	if s.symbolLen <= 1 {
-		return fmt.Errorf("symbolLen (%d) too small", s.symbolLen)
-	}
-	if s.symbolLen > maxSymbolValue+1 {
-		return fmt.Errorf("symbolLen (%d) too big", s.symbolLen)
-	}
-	if remaining != 1 {
-		return fmt.Errorf("corruption detected (remaining %d != 1)", remaining)
-	}
-	if bitCount > 32 {
-		return fmt.Errorf("corruption detected (bitCount %d > 32)", bitCount)
-	}
-	if gotTotal != 1<> 3)
-	return nil
-}
-
-// decSymbol contains information about a state entry,
-// Including the state offset base, the output symbol and
-// the number of bits to read for the low part of the destination state.
-type decSymbol struct {
-	newState uint16
-	symbol   uint8
-	nbBits   uint8
-}
-
-// allocDtable will allocate decoding tables if they are not big enough.
-func (s *Scratch) allocDtable() {
-	tableSize := 1 << s.actualTableLog
-	if cap(s.decTable) < tableSize {
-		s.decTable = make([]decSymbol, tableSize)
-	}
-	s.decTable = s.decTable[:tableSize]
-
-	if cap(s.ct.tableSymbol) < 256 {
-		s.ct.tableSymbol = make([]byte, 256)
-	}
-	s.ct.tableSymbol = s.ct.tableSymbol[:256]
-
-	if cap(s.ct.stateTable) < 256 {
-		s.ct.stateTable = make([]uint16, 256)
-	}
-	s.ct.stateTable = s.ct.stateTable[:256]
-}
-
-// buildDtable will build the decoding table.
-func (s *Scratch) buildDtable() error {
-	tableSize := uint32(1 << s.actualTableLog)
-	highThreshold := tableSize - 1
-	s.allocDtable()
-	symbolNext := s.ct.stateTable[:256]
-
-	// Init, lay down lowprob symbols
-	s.zeroBits = false
-	{
-		largeLimit := int16(1 << (s.actualTableLog - 1))
-		for i, v := range s.norm[:s.symbolLen] {
-			if v == -1 {
-				s.decTable[highThreshold].symbol = uint8(i)
-				highThreshold--
-				symbolNext[i] = 1
-			} else {
-				if v >= largeLimit {
-					s.zeroBits = true
-				}
-				symbolNext[i] = uint16(v)
-			}
-		}
-	}
-	// Spread symbols
-	{
-		tableMask := tableSize - 1
-		step := tableStep(tableSize)
-		position := uint32(0)
-		for ss, v := range s.norm[:s.symbolLen] {
-			for i := 0; i < int(v); i++ {
-				s.decTable[position].symbol = uint8(ss)
-				position = (position + step) & tableMask
-				for position > highThreshold {
-					// lowprob area
-					position = (position + step) & tableMask
-				}
-			}
-		}
-		if position != 0 {
-			// position must reach all cells once, otherwise normalizedCounter is incorrect
-			return errors.New("corrupted input (position != 0)")
-		}
-	}
-
-	// Build Decoding table
-	{
-		tableSize := uint16(1 << s.actualTableLog)
-		for u, v := range s.decTable {
-			symbol := v.symbol
-			nextState := symbolNext[symbol]
-			symbolNext[symbol] = nextState + 1
-			nBits := s.actualTableLog - byte(highBits(uint32(nextState)))
-			s.decTable[u].nbBits = nBits
-			newState := (nextState << nBits) - tableSize
-			if newState >= tableSize {
-				return fmt.Errorf("newState (%d) outside table size (%d)", newState, tableSize)
-			}
-			if newState == uint16(u) && nBits == 0 {
-				// Seems weird that this is possible with nbits > 0.
-				return fmt.Errorf("newState (%d) == oldState (%d) and no bits", newState, u)
-			}
-			s.decTable[u].newState = newState
-		}
-	}
-	return nil
-}
-
-// decompress will decompress the bitstream.
-// If the buffer is over-read an error is returned.
-func (s *Scratch) decompress() error {
-	br := &s.bits
-	if err := br.init(s.br.unread()); err != nil {
-		return err
-	}
-
-	var s1, s2 decoder
-	// Initialize and decode first state and symbol.
-	s1.init(br, s.decTable, s.actualTableLog)
-	s2.init(br, s.decTable, s.actualTableLog)
-
-	// Use temp table to avoid bound checks/append penalty.
-	var tmp = s.ct.tableSymbol[:256]
-	var off uint8
-
-	// Main part
-	if !s.zeroBits {
-		for br.off >= 8 {
-			br.fillFast()
-			tmp[off+0] = s1.nextFast()
-			tmp[off+1] = s2.nextFast()
-			br.fillFast()
-			tmp[off+2] = s1.nextFast()
-			tmp[off+3] = s2.nextFast()
-			off += 4
-			// When off is 0, we have overflowed and should write.
-			if off == 0 {
-				s.Out = append(s.Out, tmp...)
-				if len(s.Out) >= s.DecompressLimit {
-					return fmt.Errorf("output size (%d) > DecompressLimit (%d)", len(s.Out), s.DecompressLimit)
-				}
-			}
-		}
-	} else {
-		for br.off >= 8 {
-			br.fillFast()
-			tmp[off+0] = s1.next()
-			tmp[off+1] = s2.next()
-			br.fillFast()
-			tmp[off+2] = s1.next()
-			tmp[off+3] = s2.next()
-			off += 4
-			if off == 0 {
-				s.Out = append(s.Out, tmp...)
-				// When off is 0, we have overflowed and should write.
-				if len(s.Out) >= s.DecompressLimit {
-					return fmt.Errorf("output size (%d) > DecompressLimit (%d)", len(s.Out), s.DecompressLimit)
-				}
-			}
-		}
-	}
-	s.Out = append(s.Out, tmp[:off]...)
-
-	// Final bits, a bit more expensive check
-	for {
-		if s1.finished() {
-			s.Out = append(s.Out, s1.final(), s2.final())
-			break
-		}
-		br.fill()
-		s.Out = append(s.Out, s1.next())
-		if s2.finished() {
-			s.Out = append(s.Out, s2.final(), s1.final())
-			break
-		}
-		s.Out = append(s.Out, s2.next())
-		if len(s.Out) >= s.DecompressLimit {
-			return fmt.Errorf("output size (%d) > DecompressLimit (%d)", len(s.Out), s.DecompressLimit)
-		}
-	}
-	return br.close()
-}
-
-// decoder keeps track of the current state and updates it from the bitstream.
-type decoder struct {
-	state uint16
-	br    *bitReader
-	dt    []decSymbol
-}
-
-// init will initialize the decoder and read the first state from the stream.
-func (d *decoder) init(in *bitReader, dt []decSymbol, tableLog uint8) {
-	d.dt = dt
-	d.br = in
-	d.state = in.getBits(tableLog)
-}
-
-// next returns the next symbol and sets the next state.
-// At least tablelog bits must be available in the bit reader.
-func (d *decoder) next() uint8 {
-	n := &d.dt[d.state]
-	lowBits := d.br.getBits(n.nbBits)
-	d.state = n.newState + lowBits
-	return n.symbol
-}
-
-// finished returns true if all bits have been read from the bitstream
-// and the next state would require reading bits from the input.
-func (d *decoder) finished() bool {
-	return d.br.finished() && d.dt[d.state].nbBits > 0
-}
-
-// final returns the current state symbol without decoding the next.
-func (d *decoder) final() uint8 {
-	return d.dt[d.state].symbol
-}
-
-// nextFast returns the next symbol and sets the next state.
-// This can only be used if no symbols are 0 bits.
-// At least tablelog bits must be available in the bit reader.
-func (d *decoder) nextFast() uint8 {
-	n := d.dt[d.state]
-	lowBits := d.br.getBitsFast(n.nbBits)
-	d.state = n.newState + lowBits
-	return n.symbol
-}
diff --git a/vendor/github.com/klauspost/compress/fse/fse.go b/vendor/github.com/klauspost/compress/fse/fse.go
deleted file mode 100644
index 535cbadfd..000000000
--- a/vendor/github.com/klauspost/compress/fse/fse.go
+++ /dev/null
@@ -1,144 +0,0 @@
-// Copyright 2018 Klaus Post. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
-
-// Package fse provides Finite State Entropy encoding and decoding.
-//
-// Finite State Entropy encoding provides a fast near-optimal symbol encoding/decoding
-// for byte blocks as implemented in zstd.
-//
-// See https://github.com/klauspost/compress/tree/master/fse for more information.
-package fse
-
-import (
-	"errors"
-	"fmt"
-	"math/bits"
-)
-
-const (
-	/*!MEMORY_USAGE :
-	 *  Memory usage formula : N->2^N Bytes (examples : 10 -> 1KB; 12 -> 4KB ; 16 -> 64KB; 20 -> 1MB; etc.)
-	 *  Increasing memory usage improves compression ratio
-	 *  Reduced memory usage can improve speed, due to cache effect
-	 *  Recommended max value is 14, for 16KB, which nicely fits into Intel x86 L1 cache */
-	maxMemoryUsage     = 14
-	defaultMemoryUsage = 13
-
-	maxTableLog     = maxMemoryUsage - 2
-	maxTablesize    = 1 << maxTableLog
-	defaultTablelog = defaultMemoryUsage - 2
-	minTablelog     = 5
-	maxSymbolValue  = 255
-)
-
-var (
-	// ErrIncompressible is returned when input is judged to be too hard to compress.
-	ErrIncompressible = errors.New("input is not compressible")
-
-	// ErrUseRLE is returned from the compressor when the input is a single byte value repeated.
-	ErrUseRLE = errors.New("input is single value repeated")
-)
-
-// Scratch provides temporary storage for compression and decompression.
-type Scratch struct {
-	// Private
-	count    [maxSymbolValue + 1]uint32
-	norm     [maxSymbolValue + 1]int16
-	br       byteReader
-	bits     bitReader
-	bw       bitWriter
-	ct       cTable      // Compression tables.
-	decTable []decSymbol // Decompression table.
-	maxCount int         // count of the most probable symbol
-
-	// Per block parameters.
-	// These can be used to override compression parameters of the block.
-	// Do not touch, unless you know what you are doing.
-
-	// Out is output buffer.
-	// If the scratch is re-used before the caller is done processing the output,
-	// set this field to nil.
-	// Otherwise the output buffer will be re-used for next Compression/Decompression step
-	// and allocation will be avoided.
-	Out []byte
-
-	// DecompressLimit limits the maximum decoded size acceptable.
-	// If > 0 decompression will stop when approximately this many bytes
-	// has been decoded.
-	// If 0, maximum size will be 2GB.
-	DecompressLimit int
-
-	symbolLen      uint16 // Length of active part of the symbol table.
-	actualTableLog uint8  // Selected tablelog.
-	zeroBits       bool   // no bits has prob > 50%.
-	clearCount     bool   // clear count
-
-	// MaxSymbolValue will override the maximum symbol value of the next block.
-	MaxSymbolValue uint8
-
-	// TableLog will attempt to override the tablelog for the next block.
-	TableLog uint8
-}
-
-// Histogram allows to populate the histogram and skip that step in the compression,
-// It otherwise allows to inspect the histogram when compression is done.
-// To indicate that you have populated the histogram call HistogramFinished
-// with the value of the highest populated symbol, as well as the number of entries
-// in the most populated entry. These are accepted at face value.
-// The returned slice will always be length 256.
-func (s *Scratch) Histogram() []uint32 {
-	return s.count[:]
-}
-
-// HistogramFinished can be called to indicate that the histogram has been populated.
-// maxSymbol is the index of the highest set symbol of the next data segment.
-// maxCount is the number of entries in the most populated entry.
-// These are accepted at face value.
-func (s *Scratch) HistogramFinished(maxSymbol uint8, maxCount int) {
-	s.maxCount = maxCount
-	s.symbolLen = uint16(maxSymbol) + 1
-	s.clearCount = maxCount != 0
-}
-
-// prepare will prepare and allocate scratch tables used for both compression and decompression.
-func (s *Scratch) prepare(in []byte) (*Scratch, error) {
-	if s == nil {
-		s = &Scratch{}
-	}
-	if s.MaxSymbolValue == 0 {
-		s.MaxSymbolValue = 255
-	}
-	if s.TableLog == 0 {
-		s.TableLog = defaultTablelog
-	}
-	if s.TableLog > maxTableLog {
-		return nil, fmt.Errorf("tableLog (%d) > maxTableLog (%d)", s.TableLog, maxTableLog)
-	}
-	if cap(s.Out) == 0 {
-		s.Out = make([]byte, 0, len(in))
-	}
-	if s.clearCount && s.maxCount == 0 {
-		for i := range s.count {
-			s.count[i] = 0
-		}
-		s.clearCount = false
-	}
-	s.br.init(in)
-	if s.DecompressLimit == 0 {
-		// Max size 2GB.
-		s.DecompressLimit = (2 << 30) - 1
-	}
-
-	return s, nil
-}
-
-// tableStep returns the next table index.
-func tableStep(tableSize uint32) uint32 {
-	return (tableSize >> 1) + (tableSize >> 3) + 3
-}
-
-func highBits(val uint32) (n uint32) {
-	return uint32(bits.Len32(val) - 1)
-}
diff --git a/vendor/github.com/klauspost/compress/gen.sh b/vendor/github.com/klauspost/compress/gen.sh
deleted file mode 100644
index aff942205..000000000
--- a/vendor/github.com/klauspost/compress/gen.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-
-cd s2/cmd/_s2sx/ || exit 1
-go generate .
diff --git a/vendor/github.com/klauspost/compress/huff0/.gitignore b/vendor/github.com/klauspost/compress/huff0/.gitignore
deleted file mode 100644
index b3d262958..000000000
--- a/vendor/github.com/klauspost/compress/huff0/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-/huff0-fuzz.zip
diff --git a/vendor/github.com/klauspost/compress/huff0/README.md b/vendor/github.com/klauspost/compress/huff0/README.md
deleted file mode 100644
index 8b6e5c663..000000000
--- a/vendor/github.com/klauspost/compress/huff0/README.md
+++ /dev/null
@@ -1,89 +0,0 @@
-# Huff0 entropy compression
-
-This package provides Huff0 encoding and decoding as used in zstd.
-            
-[Huff0](https://github.com/Cyan4973/FiniteStateEntropy#new-generation-entropy-coders), 
-a Huffman codec designed for modern CPU, featuring OoO (Out of Order) operations on multiple ALU 
-(Arithmetic Logic Unit), achieving extremely fast compression and decompression speeds.
-
-This can be used for compressing input with a lot of similar input values to the smallest number of bytes.
-This does not perform any multi-byte [dictionary coding](https://en.wikipedia.org/wiki/Dictionary_coder) as LZ coders,
-but it can be used as a secondary step to compressors (like Snappy) that does not do entropy encoding. 
-
-* [Godoc documentation](https://godoc.org/github.com/klauspost/compress/huff0)
-
-## News
-
-This is used as part of the [zstandard](https://github.com/klauspost/compress/tree/master/zstd#zstd) compression and decompression package.
-
-This ensures that most functionality is well tested.
-
-# Usage
-
-This package provides a low level interface that allows to compress single independent blocks. 
-
-Each block is separate, and there is no built in integrity checks. 
-This means that the caller should keep track of block sizes and also do checksums if needed.  
-
-Compressing a block is done via the [`Compress1X`](https://godoc.org/github.com/klauspost/compress/huff0#Compress1X) and 
-[`Compress4X`](https://godoc.org/github.com/klauspost/compress/huff0#Compress4X) functions.
-You must provide input and will receive the output and maybe an error.
-
-These error values can be returned:
-
-| Error               | Description                                                                 |
-|---------------------|-----------------------------------------------------------------------------|
-| ``             | Everything ok, output is returned                                           |
-| `ErrIncompressible` | Returned when input is judged to be too hard to compress                    |
-| `ErrUseRLE`         | Returned from the compressor when the input is a single byte value repeated |
-| `ErrTooBig`         | Returned if the input block exceeds the maximum allowed size (128 Kib)      |
-| `(error)`           | An internal error occurred.                                                 |
-
-
-As can be seen above some of there are errors that will be returned even under normal operation so it is important to handle these.
-
-To reduce allocations you can provide a [`Scratch`](https://godoc.org/github.com/klauspost/compress/huff0#Scratch) object 
-that can be re-used for successive calls. Both compression and decompression accepts a `Scratch` object, and the same 
-object can be used for both.   
-
-Be aware, that when re-using a `Scratch` object that the *output* buffer is also re-used, so if you are still using this
-you must set the `Out` field in the scratch to nil. The same buffer is used for compression and decompression output.
-
-The `Scratch` object will retain state that allows to re-use previous tables for encoding and decoding.  
-
-## Tables and re-use
-
-Huff0 allows for reusing tables from the previous block to save space if that is expected to give better/faster results. 
-
-The Scratch object allows you to set a [`ReusePolicy`](https://godoc.org/github.com/klauspost/compress/huff0#ReusePolicy) 
-that controls this behaviour. See the documentation for details. This can be altered between each block.
-
-Do however note that this information is *not* stored in the output block and it is up to the users of the package to
-record whether [`ReadTable`](https://godoc.org/github.com/klauspost/compress/huff0#ReadTable) should be called,
-based on the boolean reported back from the CompressXX call. 
-
-If you want to store the table separate from the data, you can access them as `OutData` and `OutTable` on the 
-[`Scratch`](https://godoc.org/github.com/klauspost/compress/huff0#Scratch) object.
-
-## Decompressing
-
-The first part of decoding is to initialize the decoding table through [`ReadTable`](https://godoc.org/github.com/klauspost/compress/huff0#ReadTable).
-This will initialize the decoding tables. 
-You can supply the complete block to `ReadTable` and it will return the data part of the block 
-which can be given to the decompressor. 
-
-Decompressing is done by calling the [`Decompress1X`](https://godoc.org/github.com/klauspost/compress/huff0#Scratch.Decompress1X) 
-or [`Decompress4X`](https://godoc.org/github.com/klauspost/compress/huff0#Scratch.Decompress4X) function.
-
-For concurrently decompressing content with a fixed table a stateless [`Decoder`](https://godoc.org/github.com/klauspost/compress/huff0#Decoder) can be requested which will remain correct as long as the scratch is unchanged. The capacity of the provided slice indicates the expected output size.
-
-You must provide the output from the compression stage, at exactly the size you got back. If you receive an error back
-your input was likely corrupted. 
-
-It is important to note that a successful decoding does *not* mean your output matches your original input. 
-There are no integrity checks, so relying on errors from the decompressor does not assure your data is valid.
-
-# Contributing
-
-Contributions are always welcome. Be aware that adding public functions will require good justification and breaking 
-changes will likely not be accepted. If in doubt open an issue before writing the PR.
diff --git a/vendor/github.com/klauspost/compress/huff0/bitreader.go b/vendor/github.com/klauspost/compress/huff0/bitreader.go
deleted file mode 100644
index e36d9742f..000000000
--- a/vendor/github.com/klauspost/compress/huff0/bitreader.go
+++ /dev/null
@@ -1,229 +0,0 @@
-// Copyright 2018 Klaus Post. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
-
-package huff0
-
-import (
-	"encoding/binary"
-	"errors"
-	"fmt"
-	"io"
-)
-
-// bitReader reads a bitstream in reverse.
-// The last set bit indicates the start of the stream and is used
-// for aligning the input.
-type bitReaderBytes struct {
-	in       []byte
-	off      uint // next byte to read is at in[off - 1]
-	value    uint64
-	bitsRead uint8
-}
-
-// init initializes and resets the bit reader.
-func (b *bitReaderBytes) init(in []byte) error {
-	if len(in) < 1 {
-		return errors.New("corrupt stream: too short")
-	}
-	b.in = in
-	b.off = uint(len(in))
-	// The highest bit of the last byte indicates where to start
-	v := in[len(in)-1]
-	if v == 0 {
-		return errors.New("corrupt stream, did not find end of stream")
-	}
-	b.bitsRead = 64
-	b.value = 0
-	if len(in) >= 8 {
-		b.fillFastStart()
-	} else {
-		b.fill()
-		b.fill()
-	}
-	b.advance(8 - uint8(highBit32(uint32(v))))
-	return nil
-}
-
-// peekBitsFast requires that at least one bit is requested every time.
-// There are no checks if the buffer is filled.
-func (b *bitReaderBytes) peekByteFast() uint8 {
-	got := uint8(b.value >> 56)
-	return got
-}
-
-func (b *bitReaderBytes) advance(n uint8) {
-	b.bitsRead += n
-	b.value <<= n & 63
-}
-
-// fillFast() will make sure at least 32 bits are available.
-// There must be at least 4 bytes available.
-func (b *bitReaderBytes) fillFast() {
-	if b.bitsRead < 32 {
-		return
-	}
-
-	// 2 bounds checks.
-	v := b.in[b.off-4 : b.off]
-	low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-	b.value |= uint64(low) << (b.bitsRead - 32)
-	b.bitsRead -= 32
-	b.off -= 4
-}
-
-// fillFastStart() assumes the bitReaderBytes is empty and there is at least 8 bytes to read.
-func (b *bitReaderBytes) fillFastStart() {
-	// Do single re-slice to avoid bounds checks.
-	b.value = binary.LittleEndian.Uint64(b.in[b.off-8:])
-	b.bitsRead = 0
-	b.off -= 8
-}
-
-// fill() will make sure at least 32 bits are available.
-func (b *bitReaderBytes) fill() {
-	if b.bitsRead < 32 {
-		return
-	}
-	if b.off > 4 {
-		v := b.in[b.off-4 : b.off]
-		low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-		b.value |= uint64(low) << (b.bitsRead - 32)
-		b.bitsRead -= 32
-		b.off -= 4
-		return
-	}
-	for b.off > 0 {
-		b.value |= uint64(b.in[b.off-1]) << (b.bitsRead - 8)
-		b.bitsRead -= 8
-		b.off--
-	}
-}
-
-// finished returns true if all bits have been read from the bit stream.
-func (b *bitReaderBytes) finished() bool {
-	return b.off == 0 && b.bitsRead >= 64
-}
-
-func (b *bitReaderBytes) remaining() uint {
-	return b.off*8 + uint(64-b.bitsRead)
-}
-
-// close the bitstream and returns an error if out-of-buffer reads occurred.
-func (b *bitReaderBytes) close() error {
-	// Release reference.
-	b.in = nil
-	if b.remaining() > 0 {
-		return fmt.Errorf("corrupt input: %d bits remain on stream", b.remaining())
-	}
-	if b.bitsRead > 64 {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-
-// bitReaderShifted reads a bitstream in reverse.
-// The last set bit indicates the start of the stream and is used
-// for aligning the input.
-type bitReaderShifted struct {
-	in       []byte
-	off      uint // next byte to read is at in[off - 1]
-	value    uint64
-	bitsRead uint8
-}
-
-// init initializes and resets the bit reader.
-func (b *bitReaderShifted) init(in []byte) error {
-	if len(in) < 1 {
-		return errors.New("corrupt stream: too short")
-	}
-	b.in = in
-	b.off = uint(len(in))
-	// The highest bit of the last byte indicates where to start
-	v := in[len(in)-1]
-	if v == 0 {
-		return errors.New("corrupt stream, did not find end of stream")
-	}
-	b.bitsRead = 64
-	b.value = 0
-	if len(in) >= 8 {
-		b.fillFastStart()
-	} else {
-		b.fill()
-		b.fill()
-	}
-	b.advance(8 - uint8(highBit32(uint32(v))))
-	return nil
-}
-
-// peekBitsFast requires that at least one bit is requested every time.
-// There are no checks if the buffer is filled.
-func (b *bitReaderShifted) peekBitsFast(n uint8) uint16 {
-	return uint16(b.value >> ((64 - n) & 63))
-}
-
-func (b *bitReaderShifted) advance(n uint8) {
-	b.bitsRead += n
-	b.value <<= n & 63
-}
-
-// fillFast() will make sure at least 32 bits are available.
-// There must be at least 4 bytes available.
-func (b *bitReaderShifted) fillFast() {
-	if b.bitsRead < 32 {
-		return
-	}
-
-	// 2 bounds checks.
-	v := b.in[b.off-4 : b.off]
-	low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-	b.value |= uint64(low) << ((b.bitsRead - 32) & 63)
-	b.bitsRead -= 32
-	b.off -= 4
-}
-
-// fillFastStart() assumes the bitReaderShifted is empty and there is at least 8 bytes to read.
-func (b *bitReaderShifted) fillFastStart() {
-	// Do single re-slice to avoid bounds checks.
-	b.value = binary.LittleEndian.Uint64(b.in[b.off-8:])
-	b.bitsRead = 0
-	b.off -= 8
-}
-
-// fill() will make sure at least 32 bits are available.
-func (b *bitReaderShifted) fill() {
-	if b.bitsRead < 32 {
-		return
-	}
-	if b.off > 4 {
-		v := b.in[b.off-4 : b.off]
-		low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-		b.value |= uint64(low) << ((b.bitsRead - 32) & 63)
-		b.bitsRead -= 32
-		b.off -= 4
-		return
-	}
-	for b.off > 0 {
-		b.value |= uint64(b.in[b.off-1]) << ((b.bitsRead - 8) & 63)
-		b.bitsRead -= 8
-		b.off--
-	}
-}
-
-func (b *bitReaderShifted) remaining() uint {
-	return b.off*8 + uint(64-b.bitsRead)
-}
-
-// close the bitstream and returns an error if out-of-buffer reads occurred.
-func (b *bitReaderShifted) close() error {
-	// Release reference.
-	b.in = nil
-	if b.remaining() > 0 {
-		return fmt.Errorf("corrupt input: %d bits remain on stream", b.remaining())
-	}
-	if b.bitsRead > 64 {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
diff --git a/vendor/github.com/klauspost/compress/huff0/bitwriter.go b/vendor/github.com/klauspost/compress/huff0/bitwriter.go
deleted file mode 100644
index 0ebc9aaac..000000000
--- a/vendor/github.com/klauspost/compress/huff0/bitwriter.go
+++ /dev/null
@@ -1,102 +0,0 @@
-// Copyright 2018 Klaus Post. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
-
-package huff0
-
-// bitWriter will write bits.
-// First bit will be LSB of the first byte of output.
-type bitWriter struct {
-	bitContainer uint64
-	nBits        uint8
-	out          []byte
-}
-
-// addBits16Clean will add up to 16 bits. value may not contain more set bits than indicated.
-// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
-func (b *bitWriter) addBits16Clean(value uint16, bits uint8) {
-	b.bitContainer |= uint64(value) << (b.nBits & 63)
-	b.nBits += bits
-}
-
-// encSymbol will add up to 16 bits. value may not contain more set bits than indicated.
-// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
-func (b *bitWriter) encSymbol(ct cTable, symbol byte) {
-	enc := ct[symbol]
-	b.bitContainer |= uint64(enc.val) << (b.nBits & 63)
-	if false {
-		if enc.nBits == 0 {
-			panic("nbits 0")
-		}
-	}
-	b.nBits += enc.nBits
-}
-
-// encTwoSymbols will add up to 32 bits. value may not contain more set bits than indicated.
-// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
-func (b *bitWriter) encTwoSymbols(ct cTable, av, bv byte) {
-	encA := ct[av]
-	encB := ct[bv]
-	sh := b.nBits & 63
-	combined := uint64(encA.val) | (uint64(encB.val) << (encA.nBits & 63))
-	b.bitContainer |= combined << sh
-	if false {
-		if encA.nBits == 0 {
-			panic("nbitsA 0")
-		}
-		if encB.nBits == 0 {
-			panic("nbitsB 0")
-		}
-	}
-	b.nBits += encA.nBits + encB.nBits
-}
-
-// encFourSymbols adds up to 32 bits from four symbols.
-// It will not check if there is space for them,
-// so the caller must ensure that b has been flushed recently.
-func (b *bitWriter) encFourSymbols(encA, encB, encC, encD cTableEntry) {
-	bitsA := encA.nBits
-	bitsB := bitsA + encB.nBits
-	bitsC := bitsB + encC.nBits
-	bitsD := bitsC + encD.nBits
-	combined := uint64(encA.val) |
-		(uint64(encB.val) << (bitsA & 63)) |
-		(uint64(encC.val) << (bitsB & 63)) |
-		(uint64(encD.val) << (bitsC & 63))
-	b.bitContainer |= combined << (b.nBits & 63)
-	b.nBits += bitsD
-}
-
-// flush32 will flush out, so there are at least 32 bits available for writing.
-func (b *bitWriter) flush32() {
-	if b.nBits < 32 {
-		return
-	}
-	b.out = append(b.out,
-		byte(b.bitContainer),
-		byte(b.bitContainer>>8),
-		byte(b.bitContainer>>16),
-		byte(b.bitContainer>>24))
-	b.nBits -= 32
-	b.bitContainer >>= 32
-}
-
-// flushAlign will flush remaining full bytes and align to next byte boundary.
-func (b *bitWriter) flushAlign() {
-	nbBytes := (b.nBits + 7) >> 3
-	for i := uint8(0); i < nbBytes; i++ {
-		b.out = append(b.out, byte(b.bitContainer>>(i*8)))
-	}
-	b.nBits = 0
-	b.bitContainer = 0
-}
-
-// close will write the alignment bit and write the final byte(s)
-// to the output.
-func (b *bitWriter) close() {
-	// End mark
-	b.addBits16Clean(1, 1)
-	// flush until next byte.
-	b.flushAlign()
-}
diff --git a/vendor/github.com/klauspost/compress/huff0/compress.go b/vendor/github.com/klauspost/compress/huff0/compress.go
deleted file mode 100644
index 84aa3d12f..000000000
--- a/vendor/github.com/klauspost/compress/huff0/compress.go
+++ /dev/null
@@ -1,742 +0,0 @@
-package huff0
-
-import (
-	"fmt"
-	"math"
-	"runtime"
-	"sync"
-)
-
-// Compress1X will compress the input.
-// The output can be decoded using Decompress1X.
-// Supply a Scratch object. The scratch object contains state about re-use,
-// So when sharing across independent encodes, be sure to set the re-use policy.
-func Compress1X(in []byte, s *Scratch) (out []byte, reUsed bool, err error) {
-	s, err = s.prepare(in)
-	if err != nil {
-		return nil, false, err
-	}
-	return compress(in, s, s.compress1X)
-}
-
-// Compress4X will compress the input. The input is split into 4 independent blocks
-// and compressed similar to Compress1X.
-// The output can be decoded using Decompress4X.
-// Supply a Scratch object. The scratch object contains state about re-use,
-// So when sharing across independent encodes, be sure to set the re-use policy.
-func Compress4X(in []byte, s *Scratch) (out []byte, reUsed bool, err error) {
-	s, err = s.prepare(in)
-	if err != nil {
-		return nil, false, err
-	}
-	if false {
-		// TODO: compress4Xp only slightly faster.
-		const parallelThreshold = 8 << 10
-		if len(in) < parallelThreshold || runtime.GOMAXPROCS(0) == 1 {
-			return compress(in, s, s.compress4X)
-		}
-		return compress(in, s, s.compress4Xp)
-	}
-	return compress(in, s, s.compress4X)
-}
-
-func compress(in []byte, s *Scratch, compressor func(src []byte) ([]byte, error)) (out []byte, reUsed bool, err error) {
-	// Nuke previous table if we cannot reuse anyway.
-	if s.Reuse == ReusePolicyNone {
-		s.prevTable = s.prevTable[:0]
-	}
-
-	// Create histogram, if none was provided.
-	maxCount := s.maxCount
-	var canReuse = false
-	if maxCount == 0 {
-		maxCount, canReuse = s.countSimple(in)
-	} else {
-		canReuse = s.canUseTable(s.prevTable)
-	}
-
-	// We want the output size to be less than this:
-	wantSize := len(in)
-	if s.WantLogLess > 0 {
-		wantSize -= wantSize >> s.WantLogLess
-	}
-
-	// Reset for next run.
-	s.clearCount = true
-	s.maxCount = 0
-	if maxCount >= len(in) {
-		if maxCount > len(in) {
-			return nil, false, fmt.Errorf("maxCount (%d) > length (%d)", maxCount, len(in))
-		}
-		if len(in) == 1 {
-			return nil, false, ErrIncompressible
-		}
-		// One symbol, use RLE
-		return nil, false, ErrUseRLE
-	}
-	if maxCount == 1 || maxCount < (len(in)>>7) {
-		// Each symbol present maximum once or too well distributed.
-		return nil, false, ErrIncompressible
-	}
-	if s.Reuse == ReusePolicyMust && !canReuse {
-		// We must reuse, but we can't.
-		return nil, false, ErrIncompressible
-	}
-	if (s.Reuse == ReusePolicyPrefer || s.Reuse == ReusePolicyMust) && canReuse {
-		keepTable := s.cTable
-		keepTL := s.actualTableLog
-		s.cTable = s.prevTable
-		s.actualTableLog = s.prevTableLog
-		s.Out, err = compressor(in)
-		s.cTable = keepTable
-		s.actualTableLog = keepTL
-		if err == nil && len(s.Out) < wantSize {
-			s.OutData = s.Out
-			return s.Out, true, nil
-		}
-		if s.Reuse == ReusePolicyMust {
-			return nil, false, ErrIncompressible
-		}
-		// Do not attempt to re-use later.
-		s.prevTable = s.prevTable[:0]
-	}
-
-	// Calculate new table.
-	err = s.buildCTable()
-	if err != nil {
-		return nil, false, err
-	}
-
-	if false && !s.canUseTable(s.cTable) {
-		panic("invalid table generated")
-	}
-
-	if s.Reuse == ReusePolicyAllow && canReuse {
-		hSize := len(s.Out)
-		oldSize := s.prevTable.estimateSize(s.count[:s.symbolLen])
-		newSize := s.cTable.estimateSize(s.count[:s.symbolLen])
-		if oldSize <= hSize+newSize || hSize+12 >= wantSize {
-			// Retain cTable even if we re-use.
-			keepTable := s.cTable
-			keepTL := s.actualTableLog
-
-			s.cTable = s.prevTable
-			s.actualTableLog = s.prevTableLog
-			s.Out, err = compressor(in)
-
-			// Restore ctable.
-			s.cTable = keepTable
-			s.actualTableLog = keepTL
-			if err != nil {
-				return nil, false, err
-			}
-			if len(s.Out) >= wantSize {
-				return nil, false, ErrIncompressible
-			}
-			s.OutData = s.Out
-			return s.Out, true, nil
-		}
-	}
-
-	// Use new table
-	err = s.cTable.write(s)
-	if err != nil {
-		s.OutTable = nil
-		return nil, false, err
-	}
-	s.OutTable = s.Out
-
-	// Compress using new table
-	s.Out, err = compressor(in)
-	if err != nil {
-		s.OutTable = nil
-		return nil, false, err
-	}
-	if len(s.Out) >= wantSize {
-		s.OutTable = nil
-		return nil, false, ErrIncompressible
-	}
-	// Move current table into previous.
-	s.prevTable, s.prevTableLog, s.cTable = s.cTable, s.actualTableLog, s.prevTable[:0]
-	s.OutData = s.Out[len(s.OutTable):]
-	return s.Out, false, nil
-}
-
-// EstimateSizes will estimate the data sizes
-func EstimateSizes(in []byte, s *Scratch) (tableSz, dataSz, reuseSz int, err error) {
-	s, err = s.prepare(in)
-	if err != nil {
-		return 0, 0, 0, err
-	}
-
-	// Create histogram, if none was provided.
-	tableSz, dataSz, reuseSz = -1, -1, -1
-	maxCount := s.maxCount
-	var canReuse = false
-	if maxCount == 0 {
-		maxCount, canReuse = s.countSimple(in)
-	} else {
-		canReuse = s.canUseTable(s.prevTable)
-	}
-
-	// We want the output size to be less than this:
-	wantSize := len(in)
-	if s.WantLogLess > 0 {
-		wantSize -= wantSize >> s.WantLogLess
-	}
-
-	// Reset for next run.
-	s.clearCount = true
-	s.maxCount = 0
-	if maxCount >= len(in) {
-		if maxCount > len(in) {
-			return 0, 0, 0, fmt.Errorf("maxCount (%d) > length (%d)", maxCount, len(in))
-		}
-		if len(in) == 1 {
-			return 0, 0, 0, ErrIncompressible
-		}
-		// One symbol, use RLE
-		return 0, 0, 0, ErrUseRLE
-	}
-	if maxCount == 1 || maxCount < (len(in)>>7) {
-		// Each symbol present maximum once or too well distributed.
-		return 0, 0, 0, ErrIncompressible
-	}
-
-	// Calculate new table.
-	err = s.buildCTable()
-	if err != nil {
-		return 0, 0, 0, err
-	}
-
-	if false && !s.canUseTable(s.cTable) {
-		panic("invalid table generated")
-	}
-
-	tableSz, err = s.cTable.estTableSize(s)
-	if err != nil {
-		return 0, 0, 0, err
-	}
-	if canReuse {
-		reuseSz = s.prevTable.estimateSize(s.count[:s.symbolLen])
-	}
-	dataSz = s.cTable.estimateSize(s.count[:s.symbolLen])
-
-	// Restore
-	return tableSz, dataSz, reuseSz, nil
-}
-
-func (s *Scratch) compress1X(src []byte) ([]byte, error) {
-	return s.compress1xDo(s.Out, src), nil
-}
-
-func (s *Scratch) compress1xDo(dst, src []byte) []byte {
-	var bw = bitWriter{out: dst}
-
-	// N is length divisible by 4.
-	n := len(src)
-	n -= n & 3
-	cTable := s.cTable[:256]
-
-	// Encode last bytes.
-	for i := len(src) & 3; i > 0; i-- {
-		bw.encSymbol(cTable, src[n+i-1])
-	}
-	n -= 4
-	if s.actualTableLog <= 8 {
-		for ; n >= 0; n -= 4 {
-			tmp := src[n : n+4]
-			// tmp should be len 4
-			bw.flush32()
-			bw.encFourSymbols(cTable[tmp[3]], cTable[tmp[2]], cTable[tmp[1]], cTable[tmp[0]])
-		}
-	} else {
-		for ; n >= 0; n -= 4 {
-			tmp := src[n : n+4]
-			// tmp should be len 4
-			bw.flush32()
-			bw.encTwoSymbols(cTable, tmp[3], tmp[2])
-			bw.flush32()
-			bw.encTwoSymbols(cTable, tmp[1], tmp[0])
-		}
-	}
-	bw.close()
-	return bw.out
-}
-
-var sixZeros [6]byte
-
-func (s *Scratch) compress4X(src []byte) ([]byte, error) {
-	if len(src) < 12 {
-		return nil, ErrIncompressible
-	}
-	segmentSize := (len(src) + 3) / 4
-
-	// Add placeholder for output length
-	offsetIdx := len(s.Out)
-	s.Out = append(s.Out, sixZeros[:]...)
-
-	for i := 0; i < 4; i++ {
-		toDo := src
-		if len(toDo) > segmentSize {
-			toDo = toDo[:segmentSize]
-		}
-		src = src[len(toDo):]
-
-		idx := len(s.Out)
-		s.Out = s.compress1xDo(s.Out, toDo)
-		if len(s.Out)-idx > math.MaxUint16 {
-			// We cannot store the size in the jump table
-			return nil, ErrIncompressible
-		}
-		// Write compressed length as little endian before block.
-		if i < 3 {
-			// Last length is not written.
-			length := len(s.Out) - idx
-			s.Out[i*2+offsetIdx] = byte(length)
-			s.Out[i*2+offsetIdx+1] = byte(length >> 8)
-		}
-	}
-
-	return s.Out, nil
-}
-
-// compress4Xp will compress 4 streams using separate goroutines.
-func (s *Scratch) compress4Xp(src []byte) ([]byte, error) {
-	if len(src) < 12 {
-		return nil, ErrIncompressible
-	}
-	// Add placeholder for output length
-	s.Out = s.Out[:6]
-
-	segmentSize := (len(src) + 3) / 4
-	var wg sync.WaitGroup
-	wg.Add(4)
-	for i := 0; i < 4; i++ {
-		toDo := src
-		if len(toDo) > segmentSize {
-			toDo = toDo[:segmentSize]
-		}
-		src = src[len(toDo):]
-
-		// Separate goroutine for each block.
-		go func(i int) {
-			s.tmpOut[i] = s.compress1xDo(s.tmpOut[i][:0], toDo)
-			wg.Done()
-		}(i)
-	}
-	wg.Wait()
-	for i := 0; i < 4; i++ {
-		o := s.tmpOut[i]
-		if len(o) > math.MaxUint16 {
-			// We cannot store the size in the jump table
-			return nil, ErrIncompressible
-		}
-		// Write compressed length as little endian before block.
-		if i < 3 {
-			// Last length is not written.
-			s.Out[i*2] = byte(len(o))
-			s.Out[i*2+1] = byte(len(o) >> 8)
-		}
-
-		// Write output.
-		s.Out = append(s.Out, o...)
-	}
-	return s.Out, nil
-}
-
-// countSimple will create a simple histogram in s.count.
-// Returns the biggest count.
-// Does not update s.clearCount.
-func (s *Scratch) countSimple(in []byte) (max int, reuse bool) {
-	reuse = true
-	_ = s.count // Assert that s != nil to speed up the following loop.
-	for _, v := range in {
-		s.count[v]++
-	}
-	m := uint32(0)
-	if len(s.prevTable) > 0 {
-		for i, v := range s.count[:] {
-			if v == 0 {
-				continue
-			}
-			if v > m {
-				m = v
-			}
-			s.symbolLen = uint16(i) + 1
-			if i >= len(s.prevTable) {
-				reuse = false
-			} else if s.prevTable[i].nBits == 0 {
-				reuse = false
-			}
-		}
-		return int(m), reuse
-	}
-	for i, v := range s.count[:] {
-		if v == 0 {
-			continue
-		}
-		if v > m {
-			m = v
-		}
-		s.symbolLen = uint16(i) + 1
-	}
-	return int(m), false
-}
-
-func (s *Scratch) canUseTable(c cTable) bool {
-	if len(c) < int(s.symbolLen) {
-		return false
-	}
-	for i, v := range s.count[:s.symbolLen] {
-		if v != 0 && c[i].nBits == 0 {
-			return false
-		}
-	}
-	return true
-}
-
-//lint:ignore U1000 used for debugging
-func (s *Scratch) validateTable(c cTable) bool {
-	if len(c) < int(s.symbolLen) {
-		return false
-	}
-	for i, v := range s.count[:s.symbolLen] {
-		if v != 0 {
-			if c[i].nBits == 0 {
-				return false
-			}
-			if c[i].nBits > s.actualTableLog {
-				return false
-			}
-		}
-	}
-	return true
-}
-
-// minTableLog provides the minimum logSize to safely represent a distribution.
-func (s *Scratch) minTableLog() uint8 {
-	minBitsSrc := highBit32(uint32(s.srcLen)) + 1
-	minBitsSymbols := highBit32(uint32(s.symbolLen-1)) + 2
-	if minBitsSrc < minBitsSymbols {
-		return uint8(minBitsSrc)
-	}
-	return uint8(minBitsSymbols)
-}
-
-// optimalTableLog calculates and sets the optimal tableLog in s.actualTableLog
-func (s *Scratch) optimalTableLog() {
-	tableLog := s.TableLog
-	minBits := s.minTableLog()
-	maxBitsSrc := uint8(highBit32(uint32(s.srcLen-1))) - 1
-	if maxBitsSrc < tableLog {
-		// Accuracy can be reduced
-		tableLog = maxBitsSrc
-	}
-	if minBits > tableLog {
-		tableLog = minBits
-	}
-	// Need a minimum to safely represent all symbol values
-	if tableLog < minTablelog {
-		tableLog = minTablelog
-	}
-	if tableLog > tableLogMax {
-		tableLog = tableLogMax
-	}
-	s.actualTableLog = tableLog
-}
-
-type cTableEntry struct {
-	val   uint16
-	nBits uint8
-	// We have 8 bits extra
-}
-
-const huffNodesMask = huffNodesLen - 1
-
-func (s *Scratch) buildCTable() error {
-	s.optimalTableLog()
-	s.huffSort()
-	if cap(s.cTable) < maxSymbolValue+1 {
-		s.cTable = make([]cTableEntry, s.symbolLen, maxSymbolValue+1)
-	} else {
-		s.cTable = s.cTable[:s.symbolLen]
-		for i := range s.cTable {
-			s.cTable[i] = cTableEntry{}
-		}
-	}
-
-	var startNode = int16(s.symbolLen)
-	nonNullRank := s.symbolLen - 1
-
-	nodeNb := startNode
-	huffNode := s.nodes[1 : huffNodesLen+1]
-
-	// This overlays the slice above, but allows "-1" index lookups.
-	// Different from reference implementation.
-	huffNode0 := s.nodes[0 : huffNodesLen+1]
-
-	for huffNode[nonNullRank].count() == 0 {
-		nonNullRank--
-	}
-
-	lowS := int16(nonNullRank)
-	nodeRoot := nodeNb + lowS - 1
-	lowN := nodeNb
-	huffNode[nodeNb].setCount(huffNode[lowS].count() + huffNode[lowS-1].count())
-	huffNode[lowS].setParent(nodeNb)
-	huffNode[lowS-1].setParent(nodeNb)
-	nodeNb++
-	lowS -= 2
-	for n := nodeNb; n <= nodeRoot; n++ {
-		huffNode[n].setCount(1 << 30)
-	}
-	// fake entry, strong barrier
-	huffNode0[0].setCount(1 << 31)
-
-	// create parents
-	for nodeNb <= nodeRoot {
-		var n1, n2 int16
-		if huffNode0[lowS+1].count() < huffNode0[lowN+1].count() {
-			n1 = lowS
-			lowS--
-		} else {
-			n1 = lowN
-			lowN++
-		}
-		if huffNode0[lowS+1].count() < huffNode0[lowN+1].count() {
-			n2 = lowS
-			lowS--
-		} else {
-			n2 = lowN
-			lowN++
-		}
-
-		huffNode[nodeNb].setCount(huffNode0[n1+1].count() + huffNode0[n2+1].count())
-		huffNode0[n1+1].setParent(nodeNb)
-		huffNode0[n2+1].setParent(nodeNb)
-		nodeNb++
-	}
-
-	// distribute weights (unlimited tree height)
-	huffNode[nodeRoot].setNbBits(0)
-	for n := nodeRoot - 1; n >= startNode; n-- {
-		huffNode[n].setNbBits(huffNode[huffNode[n].parent()].nbBits() + 1)
-	}
-	for n := uint16(0); n <= nonNullRank; n++ {
-		huffNode[n].setNbBits(huffNode[huffNode[n].parent()].nbBits() + 1)
-	}
-	s.actualTableLog = s.setMaxHeight(int(nonNullRank))
-	maxNbBits := s.actualTableLog
-
-	// fill result into tree (val, nbBits)
-	if maxNbBits > tableLogMax {
-		return fmt.Errorf("internal error: maxNbBits (%d) > tableLogMax (%d)", maxNbBits, tableLogMax)
-	}
-	var nbPerRank [tableLogMax + 1]uint16
-	var valPerRank [16]uint16
-	for _, v := range huffNode[:nonNullRank+1] {
-		nbPerRank[v.nbBits()]++
-	}
-	// determine stating value per rank
-	{
-		min := uint16(0)
-		for n := maxNbBits; n > 0; n-- {
-			// get starting value within each rank
-			valPerRank[n] = min
-			min += nbPerRank[n]
-			min >>= 1
-		}
-	}
-
-	// push nbBits per symbol, symbol order
-	for _, v := range huffNode[:nonNullRank+1] {
-		s.cTable[v.symbol()].nBits = v.nbBits()
-	}
-
-	// assign value within rank, symbol order
-	t := s.cTable[:s.symbolLen]
-	for n, val := range t {
-		nbits := val.nBits & 15
-		v := valPerRank[nbits]
-		t[n].val = v
-		valPerRank[nbits] = v + 1
-	}
-
-	return nil
-}
-
-// huffSort will sort symbols, decreasing order.
-func (s *Scratch) huffSort() {
-	type rankPos struct {
-		base    uint32
-		current uint32
-	}
-
-	// Clear nodes
-	nodes := s.nodes[:huffNodesLen+1]
-	s.nodes = nodes
-	nodes = nodes[1 : huffNodesLen+1]
-
-	// Sort into buckets based on length of symbol count.
-	var rank [32]rankPos
-	for _, v := range s.count[:s.symbolLen] {
-		r := highBit32(v+1) & 31
-		rank[r].base++
-	}
-	// maxBitLength is log2(BlockSizeMax) + 1
-	const maxBitLength = 18 + 1
-	for n := maxBitLength; n > 0; n-- {
-		rank[n-1].base += rank[n].base
-	}
-	for n := range rank[:maxBitLength] {
-		rank[n].current = rank[n].base
-	}
-	for n, c := range s.count[:s.symbolLen] {
-		r := (highBit32(c+1) + 1) & 31
-		pos := rank[r].current
-		rank[r].current++
-		prev := nodes[(pos-1)&huffNodesMask]
-		for pos > rank[r].base && c > prev.count() {
-			nodes[pos&huffNodesMask] = prev
-			pos--
-			prev = nodes[(pos-1)&huffNodesMask]
-		}
-		nodes[pos&huffNodesMask] = makeNodeElt(c, byte(n))
-	}
-}
-
-func (s *Scratch) setMaxHeight(lastNonNull int) uint8 {
-	maxNbBits := s.actualTableLog
-	huffNode := s.nodes[1 : huffNodesLen+1]
-	//huffNode = huffNode[: huffNodesLen]
-
-	largestBits := huffNode[lastNonNull].nbBits()
-
-	// early exit : no elt > maxNbBits
-	if largestBits <= maxNbBits {
-		return largestBits
-	}
-	totalCost := int(0)
-	baseCost := int(1) << (largestBits - maxNbBits)
-	n := uint32(lastNonNull)
-
-	for huffNode[n].nbBits() > maxNbBits {
-		totalCost += baseCost - (1 << (largestBits - huffNode[n].nbBits()))
-		huffNode[n].setNbBits(maxNbBits)
-		n--
-	}
-	// n stops at huffNode[n].nbBits <= maxNbBits
-
-	for huffNode[n].nbBits() == maxNbBits {
-		n--
-	}
-	// n end at index of smallest symbol using < maxNbBits
-
-	// renorm totalCost
-	totalCost >>= largestBits - maxNbBits /* note : totalCost is necessarily a multiple of baseCost */
-
-	// repay normalized cost
-	{
-		const noSymbol = 0xF0F0F0F0
-		var rankLast [tableLogMax + 2]uint32
-
-		for i := range rankLast[:] {
-			rankLast[i] = noSymbol
-		}
-
-		// Get pos of last (smallest) symbol per rank
-		{
-			currentNbBits := maxNbBits
-			for pos := int(n); pos >= 0; pos-- {
-				if huffNode[pos].nbBits() >= currentNbBits {
-					continue
-				}
-				currentNbBits = huffNode[pos].nbBits() // < maxNbBits
-				rankLast[maxNbBits-currentNbBits] = uint32(pos)
-			}
-		}
-
-		for totalCost > 0 {
-			nBitsToDecrease := uint8(highBit32(uint32(totalCost))) + 1
-
-			for ; nBitsToDecrease > 1; nBitsToDecrease-- {
-				highPos := rankLast[nBitsToDecrease]
-				lowPos := rankLast[nBitsToDecrease-1]
-				if highPos == noSymbol {
-					continue
-				}
-				if lowPos == noSymbol {
-					break
-				}
-				highTotal := huffNode[highPos].count()
-				lowTotal := 2 * huffNode[lowPos].count()
-				if highTotal <= lowTotal {
-					break
-				}
-			}
-			// only triggered when no more rank 1 symbol left => find closest one (note : there is necessarily at least one !)
-			// HUF_MAX_TABLELOG test just to please gcc 5+; but it should not be necessary
-			// FIXME: try to remove
-			for (nBitsToDecrease <= tableLogMax) && (rankLast[nBitsToDecrease] == noSymbol) {
-				nBitsToDecrease++
-			}
-			totalCost -= 1 << (nBitsToDecrease - 1)
-			if rankLast[nBitsToDecrease-1] == noSymbol {
-				// this rank is no longer empty
-				rankLast[nBitsToDecrease-1] = rankLast[nBitsToDecrease]
-			}
-			huffNode[rankLast[nBitsToDecrease]].setNbBits(1 +
-				huffNode[rankLast[nBitsToDecrease]].nbBits())
-			if rankLast[nBitsToDecrease] == 0 {
-				/* special case, reached largest symbol */
-				rankLast[nBitsToDecrease] = noSymbol
-			} else {
-				rankLast[nBitsToDecrease]--
-				if huffNode[rankLast[nBitsToDecrease]].nbBits() != maxNbBits-nBitsToDecrease {
-					rankLast[nBitsToDecrease] = noSymbol /* this rank is now empty */
-				}
-			}
-		}
-
-		for totalCost < 0 { /* Sometimes, cost correction overshoot */
-			if rankLast[1] == noSymbol { /* special case : no rank 1 symbol (using maxNbBits-1); let's create one from largest rank 0 (using maxNbBits) */
-				for huffNode[n].nbBits() == maxNbBits {
-					n--
-				}
-				huffNode[n+1].setNbBits(huffNode[n+1].nbBits() - 1)
-				rankLast[1] = n + 1
-				totalCost++
-				continue
-			}
-			huffNode[rankLast[1]+1].setNbBits(huffNode[rankLast[1]+1].nbBits() - 1)
-			rankLast[1]++
-			totalCost++
-		}
-	}
-	return maxNbBits
-}
-
-// A nodeElt is the fields
-//
-//	count  uint32
-//	parent uint16
-//	symbol byte
-//	nbBits uint8
-//
-// in some order, all squashed into an integer so that the compiler
-// always loads and stores entire nodeElts instead of separate fields.
-type nodeElt uint64
-
-func makeNodeElt(count uint32, symbol byte) nodeElt {
-	return nodeElt(count) | nodeElt(symbol)<<48
-}
-
-func (e *nodeElt) count() uint32  { return uint32(*e) }
-func (e *nodeElt) parent() uint16 { return uint16(*e >> 32) }
-func (e *nodeElt) symbol() byte   { return byte(*e >> 48) }
-func (e *nodeElt) nbBits() uint8  { return uint8(*e >> 56) }
-
-func (e *nodeElt) setCount(c uint32) { *e = (*e)&0xffffffff00000000 | nodeElt(c) }
-func (e *nodeElt) setParent(p int16) { *e = (*e)&0xffff0000ffffffff | nodeElt(uint16(p))<<32 }
-func (e *nodeElt) setNbBits(n uint8) { *e = (*e)&0x00ffffffffffffff | nodeElt(n)<<56 }
diff --git a/vendor/github.com/klauspost/compress/huff0/decompress.go b/vendor/github.com/klauspost/compress/huff0/decompress.go
deleted file mode 100644
index 0f56b02d7..000000000
--- a/vendor/github.com/klauspost/compress/huff0/decompress.go
+++ /dev/null
@@ -1,1167 +0,0 @@
-package huff0
-
-import (
-	"errors"
-	"fmt"
-	"io"
-	"sync"
-
-	"github.com/klauspost/compress/fse"
-)
-
-type dTable struct {
-	single []dEntrySingle
-}
-
-// single-symbols decoding
-type dEntrySingle struct {
-	entry uint16
-}
-
-// Uses special code for all tables that are < 8 bits.
-const use8BitTables = true
-
-// ReadTable will read a table from the input.
-// The size of the input may be larger than the table definition.
-// Any content remaining after the table definition will be returned.
-// If no Scratch is provided a new one is allocated.
-// The returned Scratch can be used for encoding or decoding input using this table.
-func ReadTable(in []byte, s *Scratch) (s2 *Scratch, remain []byte, err error) {
-	s, err = s.prepare(nil)
-	if err != nil {
-		return s, nil, err
-	}
-	if len(in) <= 1 {
-		return s, nil, errors.New("input too small for table")
-	}
-	iSize := in[0]
-	in = in[1:]
-	if iSize >= 128 {
-		// Uncompressed
-		oSize := iSize - 127
-		iSize = (oSize + 1) / 2
-		if int(iSize) > len(in) {
-			return s, nil, errors.New("input too small for table")
-		}
-		for n := uint8(0); n < oSize; n += 2 {
-			v := in[n/2]
-			s.huffWeight[n] = v >> 4
-			s.huffWeight[n+1] = v & 15
-		}
-		s.symbolLen = uint16(oSize)
-		in = in[iSize:]
-	} else {
-		if len(in) < int(iSize) {
-			return s, nil, fmt.Errorf("input too small for table, want %d bytes, have %d", iSize, len(in))
-		}
-		// FSE compressed weights
-		s.fse.DecompressLimit = 255
-		hw := s.huffWeight[:]
-		s.fse.Out = hw
-		b, err := fse.Decompress(in[:iSize], s.fse)
-		s.fse.Out = nil
-		if err != nil {
-			return s, nil, fmt.Errorf("fse decompress returned: %w", err)
-		}
-		if len(b) > 255 {
-			return s, nil, errors.New("corrupt input: output table too large")
-		}
-		s.symbolLen = uint16(len(b))
-		in = in[iSize:]
-	}
-
-	// collect weight stats
-	var rankStats [16]uint32
-	weightTotal := uint32(0)
-	for _, v := range s.huffWeight[:s.symbolLen] {
-		if v > tableLogMax {
-			return s, nil, errors.New("corrupt input: weight too large")
-		}
-		v2 := v & 15
-		rankStats[v2]++
-		// (1 << (v2-1)) is slower since the compiler cannot prove that v2 isn't 0.
-		weightTotal += (1 << v2) >> 1
-	}
-	if weightTotal == 0 {
-		return s, nil, errors.New("corrupt input: weights zero")
-	}
-
-	// get last non-null symbol weight (implied, total must be 2^n)
-	{
-		tableLog := highBit32(weightTotal) + 1
-		if tableLog > tableLogMax {
-			return s, nil, errors.New("corrupt input: tableLog too big")
-		}
-		s.actualTableLog = uint8(tableLog)
-		// determine last weight
-		{
-			total := uint32(1) << tableLog
-			rest := total - weightTotal
-			verif := uint32(1) << highBit32(rest)
-			lastWeight := highBit32(rest) + 1
-			if verif != rest {
-				// last value must be a clean power of 2
-				return s, nil, errors.New("corrupt input: last value not power of two")
-			}
-			s.huffWeight[s.symbolLen] = uint8(lastWeight)
-			s.symbolLen++
-			rankStats[lastWeight]++
-		}
-	}
-
-	if (rankStats[1] < 2) || (rankStats[1]&1 != 0) {
-		// by construction : at least 2 elts of rank 1, must be even
-		return s, nil, errors.New("corrupt input: min elt size, even check failed ")
-	}
-
-	// TODO: Choose between single/double symbol decoding
-
-	// Calculate starting value for each rank
-	{
-		var nextRankStart uint32
-		for n := uint8(1); n < s.actualTableLog+1; n++ {
-			current := nextRankStart
-			nextRankStart += rankStats[n] << (n - 1)
-			rankStats[n] = current
-		}
-	}
-
-	// fill DTable (always full size)
-	tSize := 1 << tableLogMax
-	if len(s.dt.single) != tSize {
-		s.dt.single = make([]dEntrySingle, tSize)
-	}
-	cTable := s.prevTable
-	if cap(cTable) < maxSymbolValue+1 {
-		cTable = make([]cTableEntry, 0, maxSymbolValue+1)
-	}
-	cTable = cTable[:maxSymbolValue+1]
-	s.prevTable = cTable[:s.symbolLen]
-	s.prevTableLog = s.actualTableLog
-
-	for n, w := range s.huffWeight[:s.symbolLen] {
-		if w == 0 {
-			cTable[n] = cTableEntry{
-				val:   0,
-				nBits: 0,
-			}
-			continue
-		}
-		length := (uint32(1) << w) >> 1
-		d := dEntrySingle{
-			entry: uint16(s.actualTableLog+1-w) | (uint16(n) << 8),
-		}
-
-		rank := &rankStats[w]
-		cTable[n] = cTableEntry{
-			val:   uint16(*rank >> (w - 1)),
-			nBits: uint8(d.entry),
-		}
-
-		single := s.dt.single[*rank : *rank+length]
-		for i := range single {
-			single[i] = d
-		}
-		*rank += length
-	}
-
-	return s, in, nil
-}
-
-// Decompress1X will decompress a 1X encoded stream.
-// The length of the supplied input must match the end of a block exactly.
-// Before this is called, the table must be initialized with ReadTable unless
-// the encoder re-used the table.
-// deprecated: Use the stateless Decoder() to get a concurrent version.
-func (s *Scratch) Decompress1X(in []byte) (out []byte, err error) {
-	if cap(s.Out) < s.MaxDecodedSize {
-		s.Out = make([]byte, s.MaxDecodedSize)
-	}
-	s.Out = s.Out[:0:s.MaxDecodedSize]
-	s.Out, err = s.Decoder().Decompress1X(s.Out, in)
-	return s.Out, err
-}
-
-// Decompress4X will decompress a 4X encoded stream.
-// Before this is called, the table must be initialized with ReadTable unless
-// the encoder re-used the table.
-// The length of the supplied input must match the end of a block exactly.
-// The destination size of the uncompressed data must be known and provided.
-// deprecated: Use the stateless Decoder() to get a concurrent version.
-func (s *Scratch) Decompress4X(in []byte, dstSize int) (out []byte, err error) {
-	if dstSize > s.MaxDecodedSize {
-		return nil, ErrMaxDecodedSizeExceeded
-	}
-	if cap(s.Out) < dstSize {
-		s.Out = make([]byte, s.MaxDecodedSize)
-	}
-	s.Out = s.Out[:0:dstSize]
-	s.Out, err = s.Decoder().Decompress4X(s.Out, in)
-	return s.Out, err
-}
-
-// Decoder will return a stateless decoder that can be used by multiple
-// decompressors concurrently.
-// Before this is called, the table must be initialized with ReadTable.
-// The Decoder is still linked to the scratch buffer so that cannot be reused.
-// However, it is safe to discard the scratch.
-func (s *Scratch) Decoder() *Decoder {
-	return &Decoder{
-		dt:             s.dt,
-		actualTableLog: s.actualTableLog,
-		bufs:           &s.decPool,
-	}
-}
-
-// Decoder provides stateless decoding.
-type Decoder struct {
-	dt             dTable
-	actualTableLog uint8
-	bufs           *sync.Pool
-}
-
-func (d *Decoder) buffer() *[4][256]byte {
-	buf, ok := d.bufs.Get().(*[4][256]byte)
-	if ok {
-		return buf
-	}
-	return &[4][256]byte{}
-}
-
-// decompress1X8Bit will decompress a 1X encoded stream with tablelog <= 8.
-// The cap of the output buffer will be the maximum decompressed size.
-// The length of the supplied input must match the end of a block exactly.
-func (d *Decoder) decompress1X8Bit(dst, src []byte) ([]byte, error) {
-	if d.actualTableLog == 8 {
-		return d.decompress1X8BitExactly(dst, src)
-	}
-	var br bitReaderBytes
-	err := br.init(src)
-	if err != nil {
-		return dst, err
-	}
-	maxDecodedSize := cap(dst)
-	dst = dst[:0]
-
-	// Avoid bounds check by always having full sized table.
-	dt := d.dt.single[:256]
-
-	// Use temp table to avoid bound checks/append penalty.
-	bufs := d.buffer()
-	buf := &bufs[0]
-	var off uint8
-
-	switch d.actualTableLog {
-	case 8:
-		const shift = 0
-		for br.off >= 4 {
-			br.fillFast()
-			v := dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+0] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+1] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+2] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+3] = uint8(v.entry >> 8)
-
-			off += 4
-			if off == 0 {
-				if len(dst)+256 > maxDecodedSize {
-					br.close()
-					d.bufs.Put(bufs)
-					return nil, ErrMaxDecodedSizeExceeded
-				}
-				dst = append(dst, buf[:]...)
-			}
-		}
-	case 7:
-		const shift = 8 - 7
-		for br.off >= 4 {
-			br.fillFast()
-			v := dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+0] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+1] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+2] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+3] = uint8(v.entry >> 8)
-
-			off += 4
-			if off == 0 {
-				if len(dst)+256 > maxDecodedSize {
-					br.close()
-					d.bufs.Put(bufs)
-					return nil, ErrMaxDecodedSizeExceeded
-				}
-				dst = append(dst, buf[:]...)
-			}
-		}
-	case 6:
-		const shift = 8 - 6
-		for br.off >= 4 {
-			br.fillFast()
-			v := dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+0] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+1] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+2] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+3] = uint8(v.entry >> 8)
-
-			off += 4
-			if off == 0 {
-				if len(dst)+256 > maxDecodedSize {
-					d.bufs.Put(bufs)
-					br.close()
-					return nil, ErrMaxDecodedSizeExceeded
-				}
-				dst = append(dst, buf[:]...)
-			}
-		}
-	case 5:
-		const shift = 8 - 5
-		for br.off >= 4 {
-			br.fillFast()
-			v := dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+0] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+1] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+2] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+3] = uint8(v.entry >> 8)
-
-			off += 4
-			if off == 0 {
-				if len(dst)+256 > maxDecodedSize {
-					d.bufs.Put(bufs)
-					br.close()
-					return nil, ErrMaxDecodedSizeExceeded
-				}
-				dst = append(dst, buf[:]...)
-			}
-		}
-	case 4:
-		const shift = 8 - 4
-		for br.off >= 4 {
-			br.fillFast()
-			v := dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+0] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+1] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+2] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+3] = uint8(v.entry >> 8)
-
-			off += 4
-			if off == 0 {
-				if len(dst)+256 > maxDecodedSize {
-					d.bufs.Put(bufs)
-					br.close()
-					return nil, ErrMaxDecodedSizeExceeded
-				}
-				dst = append(dst, buf[:]...)
-			}
-		}
-	case 3:
-		const shift = 8 - 3
-		for br.off >= 4 {
-			br.fillFast()
-			v := dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+0] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+1] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+2] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+3] = uint8(v.entry >> 8)
-
-			off += 4
-			if off == 0 {
-				if len(dst)+256 > maxDecodedSize {
-					d.bufs.Put(bufs)
-					br.close()
-					return nil, ErrMaxDecodedSizeExceeded
-				}
-				dst = append(dst, buf[:]...)
-			}
-		}
-	case 2:
-		const shift = 8 - 2
-		for br.off >= 4 {
-			br.fillFast()
-			v := dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+0] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+1] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+2] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+3] = uint8(v.entry >> 8)
-
-			off += 4
-			if off == 0 {
-				if len(dst)+256 > maxDecodedSize {
-					d.bufs.Put(bufs)
-					br.close()
-					return nil, ErrMaxDecodedSizeExceeded
-				}
-				dst = append(dst, buf[:]...)
-			}
-		}
-	case 1:
-		const shift = 8 - 1
-		for br.off >= 4 {
-			br.fillFast()
-			v := dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+0] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+1] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+2] = uint8(v.entry >> 8)
-
-			v = dt[uint8(br.value>>(56+shift))]
-			br.advance(uint8(v.entry))
-			buf[off+3] = uint8(v.entry >> 8)
-
-			off += 4
-			if off == 0 {
-				if len(dst)+256 > maxDecodedSize {
-					d.bufs.Put(bufs)
-					br.close()
-					return nil, ErrMaxDecodedSizeExceeded
-				}
-				dst = append(dst, buf[:]...)
-			}
-		}
-	default:
-		d.bufs.Put(bufs)
-		return nil, fmt.Errorf("invalid tablelog: %d", d.actualTableLog)
-	}
-
-	if len(dst)+int(off) > maxDecodedSize {
-		d.bufs.Put(bufs)
-		br.close()
-		return nil, ErrMaxDecodedSizeExceeded
-	}
-	dst = append(dst, buf[:off]...)
-
-	// br < 4, so uint8 is fine
-	bitsLeft := int8(uint8(br.off)*8 + (64 - br.bitsRead))
-	shift := (8 - d.actualTableLog) & 7
-
-	for bitsLeft > 0 {
-		if br.bitsRead >= 64-8 {
-			for br.off > 0 {
-				br.value |= uint64(br.in[br.off-1]) << (br.bitsRead - 8)
-				br.bitsRead -= 8
-				br.off--
-			}
-		}
-		if len(dst) >= maxDecodedSize {
-			br.close()
-			d.bufs.Put(bufs)
-			return nil, ErrMaxDecodedSizeExceeded
-		}
-		v := dt[br.peekByteFast()>>shift]
-		nBits := uint8(v.entry)
-		br.advance(nBits)
-		bitsLeft -= int8(nBits)
-		dst = append(dst, uint8(v.entry>>8))
-	}
-	d.bufs.Put(bufs)
-	return dst, br.close()
-}
-
-// decompress1X8Bit will decompress a 1X encoded stream with tablelog <= 8.
-// The cap of the output buffer will be the maximum decompressed size.
-// The length of the supplied input must match the end of a block exactly.
-func (d *Decoder) decompress1X8BitExactly(dst, src []byte) ([]byte, error) {
-	var br bitReaderBytes
-	err := br.init(src)
-	if err != nil {
-		return dst, err
-	}
-	maxDecodedSize := cap(dst)
-	dst = dst[:0]
-
-	// Avoid bounds check by always having full sized table.
-	dt := d.dt.single[:256]
-
-	// Use temp table to avoid bound checks/append penalty.
-	bufs := d.buffer()
-	buf := &bufs[0]
-	var off uint8
-
-	const shift = 56
-
-	//fmt.Printf("mask: %b, tl:%d\n", mask, d.actualTableLog)
-	for br.off >= 4 {
-		br.fillFast()
-		v := dt[uint8(br.value>>shift)]
-		br.advance(uint8(v.entry))
-		buf[off+0] = uint8(v.entry >> 8)
-
-		v = dt[uint8(br.value>>shift)]
-		br.advance(uint8(v.entry))
-		buf[off+1] = uint8(v.entry >> 8)
-
-		v = dt[uint8(br.value>>shift)]
-		br.advance(uint8(v.entry))
-		buf[off+2] = uint8(v.entry >> 8)
-
-		v = dt[uint8(br.value>>shift)]
-		br.advance(uint8(v.entry))
-		buf[off+3] = uint8(v.entry >> 8)
-
-		off += 4
-		if off == 0 {
-			if len(dst)+256 > maxDecodedSize {
-				d.bufs.Put(bufs)
-				br.close()
-				return nil, ErrMaxDecodedSizeExceeded
-			}
-			dst = append(dst, buf[:]...)
-		}
-	}
-
-	if len(dst)+int(off) > maxDecodedSize {
-		d.bufs.Put(bufs)
-		br.close()
-		return nil, ErrMaxDecodedSizeExceeded
-	}
-	dst = append(dst, buf[:off]...)
-
-	// br < 4, so uint8 is fine
-	bitsLeft := int8(uint8(br.off)*8 + (64 - br.bitsRead))
-	for bitsLeft > 0 {
-		if br.bitsRead >= 64-8 {
-			for br.off > 0 {
-				br.value |= uint64(br.in[br.off-1]) << (br.bitsRead - 8)
-				br.bitsRead -= 8
-				br.off--
-			}
-		}
-		if len(dst) >= maxDecodedSize {
-			d.bufs.Put(bufs)
-			br.close()
-			return nil, ErrMaxDecodedSizeExceeded
-		}
-		v := dt[br.peekByteFast()]
-		nBits := uint8(v.entry)
-		br.advance(nBits)
-		bitsLeft -= int8(nBits)
-		dst = append(dst, uint8(v.entry>>8))
-	}
-	d.bufs.Put(bufs)
-	return dst, br.close()
-}
-
-// Decompress4X will decompress a 4X encoded stream.
-// The length of the supplied input must match the end of a block exactly.
-// The *capacity* of the dst slice must match the destination size of
-// the uncompressed data exactly.
-func (d *Decoder) decompress4X8bit(dst, src []byte) ([]byte, error) {
-	if d.actualTableLog == 8 {
-		return d.decompress4X8bitExactly(dst, src)
-	}
-
-	var br [4]bitReaderBytes
-	start := 6
-	for i := 0; i < 3; i++ {
-		length := int(src[i*2]) | (int(src[i*2+1]) << 8)
-		if start+length >= len(src) {
-			return nil, errors.New("truncated input (or invalid offset)")
-		}
-		err := br[i].init(src[start : start+length])
-		if err != nil {
-			return nil, err
-		}
-		start += length
-	}
-	err := br[3].init(src[start:])
-	if err != nil {
-		return nil, err
-	}
-
-	// destination, offset to match first output
-	dstSize := cap(dst)
-	dst = dst[:dstSize]
-	out := dst
-	dstEvery := (dstSize + 3) / 4
-
-	shift := (56 + (8 - d.actualTableLog)) & 63
-
-	const tlSize = 1 << 8
-	single := d.dt.single[:tlSize]
-
-	// Use temp table to avoid bound checks/append penalty.
-	buf := d.buffer()
-	var off uint8
-	var decoded int
-
-	// Decode 4 values from each decoder/loop.
-	const bufoff = 256
-	for {
-		if br[0].off < 4 || br[1].off < 4 || br[2].off < 4 || br[3].off < 4 {
-			break
-		}
-
-		{
-			// Interleave 2 decodes.
-			const stream = 0
-			const stream2 = 1
-			br1 := &br[stream]
-			br2 := &br[stream2]
-			br1.fillFast()
-			br2.fillFast()
-
-			v := single[uint8(br1.value>>shift)].entry
-			v2 := single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off] = uint8(v >> 8)
-			buf[stream2][off] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+1] = uint8(v >> 8)
-			buf[stream2][off+1] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+2] = uint8(v >> 8)
-			buf[stream2][off+2] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+3] = uint8(v >> 8)
-			buf[stream2][off+3] = uint8(v2 >> 8)
-		}
-
-		{
-			const stream = 2
-			const stream2 = 3
-			br1 := &br[stream]
-			br2 := &br[stream2]
-			br1.fillFast()
-			br2.fillFast()
-
-			v := single[uint8(br1.value>>shift)].entry
-			v2 := single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off] = uint8(v >> 8)
-			buf[stream2][off] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+1] = uint8(v >> 8)
-			buf[stream2][off+1] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+2] = uint8(v >> 8)
-			buf[stream2][off+2] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+3] = uint8(v >> 8)
-			buf[stream2][off+3] = uint8(v2 >> 8)
-		}
-
-		off += 4
-
-		if off == 0 {
-			if bufoff > dstEvery {
-				d.bufs.Put(buf)
-				return nil, errors.New("corruption detected: stream overrun 1")
-			}
-			// There must at least be 3 buffers left.
-			if len(out)-bufoff < dstEvery*3 {
-				d.bufs.Put(buf)
-				return nil, errors.New("corruption detected: stream overrun 2")
-			}
-			//copy(out, buf[0][:])
-			//copy(out[dstEvery:], buf[1][:])
-			//copy(out[dstEvery*2:], buf[2][:])
-			*(*[bufoff]byte)(out) = buf[0]
-			*(*[bufoff]byte)(out[dstEvery:]) = buf[1]
-			*(*[bufoff]byte)(out[dstEvery*2:]) = buf[2]
-			*(*[bufoff]byte)(out[dstEvery*3:]) = buf[3]
-			out = out[bufoff:]
-			decoded += bufoff * 4
-		}
-	}
-	if off > 0 {
-		ioff := int(off)
-		if len(out) < dstEvery*3+ioff {
-			d.bufs.Put(buf)
-			return nil, errors.New("corruption detected: stream overrun 3")
-		}
-		copy(out, buf[0][:off])
-		copy(out[dstEvery:], buf[1][:off])
-		copy(out[dstEvery*2:], buf[2][:off])
-		copy(out[dstEvery*3:], buf[3][:off])
-		decoded += int(off) * 4
-		out = out[off:]
-	}
-
-	// Decode remaining.
-	// Decode remaining.
-	remainBytes := dstEvery - (decoded / 4)
-	for i := range br {
-		offset := dstEvery * i
-		endsAt := offset + remainBytes
-		if endsAt > len(out) {
-			endsAt = len(out)
-		}
-		br := &br[i]
-		bitsLeft := br.remaining()
-		for bitsLeft > 0 {
-			if br.finished() {
-				d.bufs.Put(buf)
-				return nil, io.ErrUnexpectedEOF
-			}
-			if br.bitsRead >= 56 {
-				if br.off >= 4 {
-					v := br.in[br.off-4:]
-					v = v[:4]
-					low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-					br.value |= uint64(low) << (br.bitsRead - 32)
-					br.bitsRead -= 32
-					br.off -= 4
-				} else {
-					for br.off > 0 {
-						br.value |= uint64(br.in[br.off-1]) << (br.bitsRead - 8)
-						br.bitsRead -= 8
-						br.off--
-					}
-				}
-			}
-			// end inline...
-			if offset >= endsAt {
-				d.bufs.Put(buf)
-				return nil, errors.New("corruption detected: stream overrun 4")
-			}
-
-			// Read value and increment offset.
-			v := single[uint8(br.value>>shift)].entry
-			nBits := uint8(v)
-			br.advance(nBits)
-			bitsLeft -= uint(nBits)
-			out[offset] = uint8(v >> 8)
-			offset++
-		}
-		if offset != endsAt {
-			d.bufs.Put(buf)
-			return nil, fmt.Errorf("corruption detected: short output block %d, end %d != %d", i, offset, endsAt)
-		}
-		decoded += offset - dstEvery*i
-		err = br.close()
-		if err != nil {
-			d.bufs.Put(buf)
-			return nil, err
-		}
-	}
-	d.bufs.Put(buf)
-	if dstSize != decoded {
-		return nil, errors.New("corruption detected: short output block")
-	}
-	return dst, nil
-}
-
-// Decompress4X will decompress a 4X encoded stream.
-// The length of the supplied input must match the end of a block exactly.
-// The *capacity* of the dst slice must match the destination size of
-// the uncompressed data exactly.
-func (d *Decoder) decompress4X8bitExactly(dst, src []byte) ([]byte, error) {
-	var br [4]bitReaderBytes
-	start := 6
-	for i := 0; i < 3; i++ {
-		length := int(src[i*2]) | (int(src[i*2+1]) << 8)
-		if start+length >= len(src) {
-			return nil, errors.New("truncated input (or invalid offset)")
-		}
-		err := br[i].init(src[start : start+length])
-		if err != nil {
-			return nil, err
-		}
-		start += length
-	}
-	err := br[3].init(src[start:])
-	if err != nil {
-		return nil, err
-	}
-
-	// destination, offset to match first output
-	dstSize := cap(dst)
-	dst = dst[:dstSize]
-	out := dst
-	dstEvery := (dstSize + 3) / 4
-
-	const shift = 56
-	const tlSize = 1 << 8
-	single := d.dt.single[:tlSize]
-
-	// Use temp table to avoid bound checks/append penalty.
-	buf := d.buffer()
-	var off uint8
-	var decoded int
-
-	// Decode 4 values from each decoder/loop.
-	const bufoff = 256
-	for {
-		if br[0].off < 4 || br[1].off < 4 || br[2].off < 4 || br[3].off < 4 {
-			break
-		}
-
-		{
-			// Interleave 2 decodes.
-			const stream = 0
-			const stream2 = 1
-			br1 := &br[stream]
-			br2 := &br[stream2]
-			br1.fillFast()
-			br2.fillFast()
-
-			v := single[uint8(br1.value>>shift)].entry
-			v2 := single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off] = uint8(v >> 8)
-			buf[stream2][off] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+1] = uint8(v >> 8)
-			buf[stream2][off+1] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+2] = uint8(v >> 8)
-			buf[stream2][off+2] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+3] = uint8(v >> 8)
-			buf[stream2][off+3] = uint8(v2 >> 8)
-		}
-
-		{
-			const stream = 2
-			const stream2 = 3
-			br1 := &br[stream]
-			br2 := &br[stream2]
-			br1.fillFast()
-			br2.fillFast()
-
-			v := single[uint8(br1.value>>shift)].entry
-			v2 := single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off] = uint8(v >> 8)
-			buf[stream2][off] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+1] = uint8(v >> 8)
-			buf[stream2][off+1] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+2] = uint8(v >> 8)
-			buf[stream2][off+2] = uint8(v2 >> 8)
-
-			v = single[uint8(br1.value>>shift)].entry
-			v2 = single[uint8(br2.value>>shift)].entry
-			br1.bitsRead += uint8(v)
-			br1.value <<= v & 63
-			br2.bitsRead += uint8(v2)
-			br2.value <<= v2 & 63
-			buf[stream][off+3] = uint8(v >> 8)
-			buf[stream2][off+3] = uint8(v2 >> 8)
-		}
-
-		off += 4
-
-		if off == 0 {
-			if bufoff > dstEvery {
-				d.bufs.Put(buf)
-				return nil, errors.New("corruption detected: stream overrun 1")
-			}
-			// There must at least be 3 buffers left.
-			if len(out)-bufoff < dstEvery*3 {
-				d.bufs.Put(buf)
-				return nil, errors.New("corruption detected: stream overrun 2")
-			}
-
-			//copy(out, buf[0][:])
-			//copy(out[dstEvery:], buf[1][:])
-			//copy(out[dstEvery*2:], buf[2][:])
-			// copy(out[dstEvery*3:], buf[3][:])
-			*(*[bufoff]byte)(out) = buf[0]
-			*(*[bufoff]byte)(out[dstEvery:]) = buf[1]
-			*(*[bufoff]byte)(out[dstEvery*2:]) = buf[2]
-			*(*[bufoff]byte)(out[dstEvery*3:]) = buf[3]
-			out = out[bufoff:]
-			decoded += bufoff * 4
-		}
-	}
-	if off > 0 {
-		ioff := int(off)
-		if len(out) < dstEvery*3+ioff {
-			return nil, errors.New("corruption detected: stream overrun 3")
-		}
-		copy(out, buf[0][:off])
-		copy(out[dstEvery:], buf[1][:off])
-		copy(out[dstEvery*2:], buf[2][:off])
-		copy(out[dstEvery*3:], buf[3][:off])
-		decoded += int(off) * 4
-		out = out[off:]
-	}
-
-	// Decode remaining.
-	remainBytes := dstEvery - (decoded / 4)
-	for i := range br {
-		offset := dstEvery * i
-		endsAt := offset + remainBytes
-		if endsAt > len(out) {
-			endsAt = len(out)
-		}
-		br := &br[i]
-		bitsLeft := br.remaining()
-		for bitsLeft > 0 {
-			if br.finished() {
-				d.bufs.Put(buf)
-				return nil, io.ErrUnexpectedEOF
-			}
-			if br.bitsRead >= 56 {
-				if br.off >= 4 {
-					v := br.in[br.off-4:]
-					v = v[:4]
-					low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-					br.value |= uint64(low) << (br.bitsRead - 32)
-					br.bitsRead -= 32
-					br.off -= 4
-				} else {
-					for br.off > 0 {
-						br.value |= uint64(br.in[br.off-1]) << (br.bitsRead - 8)
-						br.bitsRead -= 8
-						br.off--
-					}
-				}
-			}
-			// end inline...
-			if offset >= endsAt {
-				d.bufs.Put(buf)
-				return nil, errors.New("corruption detected: stream overrun 4")
-			}
-
-			// Read value and increment offset.
-			v := single[br.peekByteFast()].entry
-			nBits := uint8(v)
-			br.advance(nBits)
-			bitsLeft -= uint(nBits)
-			out[offset] = uint8(v >> 8)
-			offset++
-		}
-		if offset != endsAt {
-			d.bufs.Put(buf)
-			return nil, fmt.Errorf("corruption detected: short output block %d, end %d != %d", i, offset, endsAt)
-		}
-
-		decoded += offset - dstEvery*i
-		err = br.close()
-		if err != nil {
-			d.bufs.Put(buf)
-			return nil, err
-		}
-	}
-	d.bufs.Put(buf)
-	if dstSize != decoded {
-		return nil, errors.New("corruption detected: short output block")
-	}
-	return dst, nil
-}
-
-// matches will compare a decoding table to a coding table.
-// Errors are written to the writer.
-// Nothing will be written if table is ok.
-func (s *Scratch) matches(ct cTable, w io.Writer) {
-	if s == nil || len(s.dt.single) == 0 {
-		return
-	}
-	dt := s.dt.single[:1<>8) == byte(sym) {
-					fmt.Fprintf(w, "symbol %x has decoder, but no encoder\n", sym)
-					errs++
-					break
-				}
-			}
-			if errs == 0 {
-				broken--
-			}
-			continue
-		}
-		// Unused bits in input
-		ub := tablelog - enc.nBits
-		top := enc.val << ub
-		// decoder looks at top bits.
-		dec := dt[top]
-		if uint8(dec.entry) != enc.nBits {
-			fmt.Fprintf(w, "symbol 0x%x bit size mismatch (enc: %d, dec:%d).\n", sym, enc.nBits, uint8(dec.entry))
-			errs++
-		}
-		if uint8(dec.entry>>8) != uint8(sym) {
-			fmt.Fprintf(w, "symbol 0x%x decoder output mismatch (enc: %d, dec:%d).\n", sym, sym, uint8(dec.entry>>8))
-			errs++
-		}
-		if errs > 0 {
-			fmt.Fprintf(w, "%d errors in base, stopping\n", errs)
-			continue
-		}
-		// Ensure that all combinations are covered.
-		for i := uint16(0); i < (1 << ub); i++ {
-			vval := top | i
-			dec := dt[vval]
-			if uint8(dec.entry) != enc.nBits {
-				fmt.Fprintf(w, "symbol 0x%x bit size mismatch (enc: %d, dec:%d).\n", vval, enc.nBits, uint8(dec.entry))
-				errs++
-			}
-			if uint8(dec.entry>>8) != uint8(sym) {
-				fmt.Fprintf(w, "symbol 0x%x decoder output mismatch (enc: %d, dec:%d).\n", vval, sym, uint8(dec.entry>>8))
-				errs++
-			}
-			if errs > 20 {
-				fmt.Fprintf(w, "%d errors, stopping\n", errs)
-				break
-			}
-		}
-		if errs == 0 {
-			ok++
-			broken--
-		}
-	}
-	if broken > 0 {
-		fmt.Fprintf(w, "%d broken, %d ok\n", broken, ok)
-	}
-}
diff --git a/vendor/github.com/klauspost/compress/huff0/decompress_amd64.go b/vendor/github.com/klauspost/compress/huff0/decompress_amd64.go
deleted file mode 100644
index ba7e8e6b0..000000000
--- a/vendor/github.com/klauspost/compress/huff0/decompress_amd64.go
+++ /dev/null
@@ -1,226 +0,0 @@
-//go:build amd64 && !appengine && !noasm && gc
-// +build amd64,!appengine,!noasm,gc
-
-// This file contains the specialisation of Decoder.Decompress4X
-// and Decoder.Decompress1X that use an asm implementation of thir main loops.
-package huff0
-
-import (
-	"errors"
-	"fmt"
-
-	"github.com/klauspost/compress/internal/cpuinfo"
-)
-
-// decompress4x_main_loop_x86 is an x86 assembler implementation
-// of Decompress4X when tablelog > 8.
-//
-//go:noescape
-func decompress4x_main_loop_amd64(ctx *decompress4xContext)
-
-// decompress4x_8b_loop_x86 is an x86 assembler implementation
-// of Decompress4X when tablelog <= 8 which decodes 4 entries
-// per loop.
-//
-//go:noescape
-func decompress4x_8b_main_loop_amd64(ctx *decompress4xContext)
-
-// fallback8BitSize is the size where using Go version is faster.
-const fallback8BitSize = 800
-
-type decompress4xContext struct {
-	pbr      *[4]bitReaderShifted
-	peekBits uint8
-	out      *byte
-	dstEvery int
-	tbl      *dEntrySingle
-	decoded  int
-	limit    *byte
-}
-
-// Decompress4X will decompress a 4X encoded stream.
-// The length of the supplied input must match the end of a block exactly.
-// The *capacity* of the dst slice must match the destination size of
-// the uncompressed data exactly.
-func (d *Decoder) Decompress4X(dst, src []byte) ([]byte, error) {
-	if len(d.dt.single) == 0 {
-		return nil, errors.New("no table loaded")
-	}
-	if len(src) < 6+(4*1) {
-		return nil, errors.New("input too small")
-	}
-
-	use8BitTables := d.actualTableLog <= 8
-	if cap(dst) < fallback8BitSize && use8BitTables {
-		return d.decompress4X8bit(dst, src)
-	}
-
-	var br [4]bitReaderShifted
-	// Decode "jump table"
-	start := 6
-	for i := 0; i < 3; i++ {
-		length := int(src[i*2]) | (int(src[i*2+1]) << 8)
-		if start+length >= len(src) {
-			return nil, errors.New("truncated input (or invalid offset)")
-		}
-		err := br[i].init(src[start : start+length])
-		if err != nil {
-			return nil, err
-		}
-		start += length
-	}
-	err := br[3].init(src[start:])
-	if err != nil {
-		return nil, err
-	}
-
-	// destination, offset to match first output
-	dstSize := cap(dst)
-	dst = dst[:dstSize]
-	out := dst
-	dstEvery := (dstSize + 3) / 4
-
-	const tlSize = 1 << tableLogMax
-	const tlMask = tlSize - 1
-	single := d.dt.single[:tlSize]
-
-	var decoded int
-
-	if len(out) > 4*4 && !(br[0].off < 4 || br[1].off < 4 || br[2].off < 4 || br[3].off < 4) {
-		ctx := decompress4xContext{
-			pbr:      &br,
-			peekBits: uint8((64 - d.actualTableLog) & 63), // see: bitReaderShifted.peekBitsFast()
-			out:      &out[0],
-			dstEvery: dstEvery,
-			tbl:      &single[0],
-			limit:    &out[dstEvery-4], // Always stop decoding when first buffer gets here to avoid writing OOB on last.
-		}
-		if use8BitTables {
-			decompress4x_8b_main_loop_amd64(&ctx)
-		} else {
-			decompress4x_main_loop_amd64(&ctx)
-		}
-
-		decoded = ctx.decoded
-		out = out[decoded/4:]
-	}
-
-	// Decode remaining.
-	remainBytes := dstEvery - (decoded / 4)
-	for i := range br {
-		offset := dstEvery * i
-		endsAt := offset + remainBytes
-		if endsAt > len(out) {
-			endsAt = len(out)
-		}
-		br := &br[i]
-		bitsLeft := br.remaining()
-		for bitsLeft > 0 {
-			br.fill()
-			if offset >= endsAt {
-				return nil, errors.New("corruption detected: stream overrun 4")
-			}
-
-			// Read value and increment offset.
-			val := br.peekBitsFast(d.actualTableLog)
-			v := single[val&tlMask].entry
-			nBits := uint8(v)
-			br.advance(nBits)
-			bitsLeft -= uint(nBits)
-			out[offset] = uint8(v >> 8)
-			offset++
-		}
-		if offset != endsAt {
-			return nil, fmt.Errorf("corruption detected: short output block %d, end %d != %d", i, offset, endsAt)
-		}
-		decoded += offset - dstEvery*i
-		err = br.close()
-		if err != nil {
-			return nil, err
-		}
-	}
-	if dstSize != decoded {
-		return nil, errors.New("corruption detected: short output block")
-	}
-	return dst, nil
-}
-
-// decompress4x_main_loop_x86 is an x86 assembler implementation
-// of Decompress1X when tablelog > 8.
-//
-//go:noescape
-func decompress1x_main_loop_amd64(ctx *decompress1xContext)
-
-// decompress4x_main_loop_x86 is an x86 with BMI2 assembler implementation
-// of Decompress1X when tablelog > 8.
-//
-//go:noescape
-func decompress1x_main_loop_bmi2(ctx *decompress1xContext)
-
-type decompress1xContext struct {
-	pbr      *bitReaderShifted
-	peekBits uint8
-	out      *byte
-	outCap   int
-	tbl      *dEntrySingle
-	decoded  int
-}
-
-// Error reported by asm implementations
-const error_max_decoded_size_exeeded = -1
-
-// Decompress1X will decompress a 1X encoded stream.
-// The cap of the output buffer will be the maximum decompressed size.
-// The length of the supplied input must match the end of a block exactly.
-func (d *Decoder) Decompress1X(dst, src []byte) ([]byte, error) {
-	if len(d.dt.single) == 0 {
-		return nil, errors.New("no table loaded")
-	}
-	var br bitReaderShifted
-	err := br.init(src)
-	if err != nil {
-		return dst, err
-	}
-	maxDecodedSize := cap(dst)
-	dst = dst[:maxDecodedSize]
-
-	const tlSize = 1 << tableLogMax
-	const tlMask = tlSize - 1
-
-	if maxDecodedSize >= 4 {
-		ctx := decompress1xContext{
-			pbr:      &br,
-			out:      &dst[0],
-			outCap:   maxDecodedSize,
-			peekBits: uint8((64 - d.actualTableLog) & 63), // see: bitReaderShifted.peekBitsFast()
-			tbl:      &d.dt.single[0],
-		}
-
-		if cpuinfo.HasBMI2() {
-			decompress1x_main_loop_bmi2(&ctx)
-		} else {
-			decompress1x_main_loop_amd64(&ctx)
-		}
-		if ctx.decoded == error_max_decoded_size_exeeded {
-			return nil, ErrMaxDecodedSizeExceeded
-		}
-
-		dst = dst[:ctx.decoded]
-	}
-
-	// br < 8, so uint8 is fine
-	bitsLeft := uint8(br.off)*8 + 64 - br.bitsRead
-	for bitsLeft > 0 {
-		br.fill()
-		if len(dst) >= maxDecodedSize {
-			br.close()
-			return nil, ErrMaxDecodedSizeExceeded
-		}
-		v := d.dt.single[br.peekBitsFast(d.actualTableLog)&tlMask]
-		nBits := uint8(v.entry)
-		br.advance(nBits)
-		bitsLeft -= nBits
-		dst = append(dst, uint8(v.entry>>8))
-	}
-	return dst, br.close()
-}
diff --git a/vendor/github.com/klauspost/compress/huff0/decompress_amd64.s b/vendor/github.com/klauspost/compress/huff0/decompress_amd64.s
deleted file mode 100644
index c4c7ab2d1..000000000
--- a/vendor/github.com/klauspost/compress/huff0/decompress_amd64.s
+++ /dev/null
@@ -1,830 +0,0 @@
-// Code generated by command: go run gen.go -out ../decompress_amd64.s -pkg=huff0. DO NOT EDIT.
-
-//go:build amd64 && !appengine && !noasm && gc
-
-// func decompress4x_main_loop_amd64(ctx *decompress4xContext)
-TEXT ·decompress4x_main_loop_amd64(SB), $0-8
-	// Preload values
-	MOVQ    ctx+0(FP), AX
-	MOVBQZX 8(AX), DI
-	MOVQ    16(AX), BX
-	MOVQ    48(AX), SI
-	MOVQ    24(AX), R8
-	MOVQ    32(AX), R9
-	MOVQ    (AX), R10
-
-	// Main loop
-main_loop:
-	XORL  DX, DX
-	CMPQ  BX, SI
-	SETGE DL
-
-	// br0.fillFast32()
-	MOVQ    32(R10), R11
-	MOVBQZX 40(R10), R12
-	CMPQ    R12, $0x20
-	JBE     skip_fill0
-	MOVQ    24(R10), AX
-	SUBQ    $0x20, R12
-	SUBQ    $0x04, AX
-	MOVQ    (R10), R13
-
-	// b.value |= uint64(low) << (b.bitsRead & 63)
-	MOVL (AX)(R13*1), R13
-	MOVQ R12, CX
-	SHLQ CL, R13
-	MOVQ AX, 24(R10)
-	ORQ  R13, R11
-
-	// exhausted += (br0.off < 4)
-	CMPQ AX, $0x04
-	ADCB $+0, DL
-
-skip_fill0:
-	// val0 := br0.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v0 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br0.advance(uint8(v0.entry)
-	MOVB CH, AL
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val1 := br0.peekTopBits(peekBits)
-	MOVQ DI, CX
-	MOVQ R11, R13
-	SHRQ CL, R13
-
-	// v1 := table[val1&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br0.advance(uint8(v1.entry))
-	MOVB CH, AH
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// these two writes get coalesced
-	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
-	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
-	MOVW AX, (BX)
-
-	// update the bitreader structure
-	MOVQ R11, 32(R10)
-	MOVB R12, 40(R10)
-
-	// br1.fillFast32()
-	MOVQ    80(R10), R11
-	MOVBQZX 88(R10), R12
-	CMPQ    R12, $0x20
-	JBE     skip_fill1
-	MOVQ    72(R10), AX
-	SUBQ    $0x20, R12
-	SUBQ    $0x04, AX
-	MOVQ    48(R10), R13
-
-	// b.value |= uint64(low) << (b.bitsRead & 63)
-	MOVL (AX)(R13*1), R13
-	MOVQ R12, CX
-	SHLQ CL, R13
-	MOVQ AX, 72(R10)
-	ORQ  R13, R11
-
-	// exhausted += (br1.off < 4)
-	CMPQ AX, $0x04
-	ADCB $+0, DL
-
-skip_fill1:
-	// val0 := br1.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v0 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br1.advance(uint8(v0.entry)
-	MOVB CH, AL
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val1 := br1.peekTopBits(peekBits)
-	MOVQ DI, CX
-	MOVQ R11, R13
-	SHRQ CL, R13
-
-	// v1 := table[val1&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br1.advance(uint8(v1.entry))
-	MOVB CH, AH
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// these two writes get coalesced
-	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
-	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
-	MOVW AX, (BX)(R8*1)
-
-	// update the bitreader structure
-	MOVQ R11, 80(R10)
-	MOVB R12, 88(R10)
-
-	// br2.fillFast32()
-	MOVQ    128(R10), R11
-	MOVBQZX 136(R10), R12
-	CMPQ    R12, $0x20
-	JBE     skip_fill2
-	MOVQ    120(R10), AX
-	SUBQ    $0x20, R12
-	SUBQ    $0x04, AX
-	MOVQ    96(R10), R13
-
-	// b.value |= uint64(low) << (b.bitsRead & 63)
-	MOVL (AX)(R13*1), R13
-	MOVQ R12, CX
-	SHLQ CL, R13
-	MOVQ AX, 120(R10)
-	ORQ  R13, R11
-
-	// exhausted += (br2.off < 4)
-	CMPQ AX, $0x04
-	ADCB $+0, DL
-
-skip_fill2:
-	// val0 := br2.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v0 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br2.advance(uint8(v0.entry)
-	MOVB CH, AL
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val1 := br2.peekTopBits(peekBits)
-	MOVQ DI, CX
-	MOVQ R11, R13
-	SHRQ CL, R13
-
-	// v1 := table[val1&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br2.advance(uint8(v1.entry))
-	MOVB CH, AH
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// these two writes get coalesced
-	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
-	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
-	MOVW AX, (BX)(R8*2)
-
-	// update the bitreader structure
-	MOVQ R11, 128(R10)
-	MOVB R12, 136(R10)
-
-	// br3.fillFast32()
-	MOVQ    176(R10), R11
-	MOVBQZX 184(R10), R12
-	CMPQ    R12, $0x20
-	JBE     skip_fill3
-	MOVQ    168(R10), AX
-	SUBQ    $0x20, R12
-	SUBQ    $0x04, AX
-	MOVQ    144(R10), R13
-
-	// b.value |= uint64(low) << (b.bitsRead & 63)
-	MOVL (AX)(R13*1), R13
-	MOVQ R12, CX
-	SHLQ CL, R13
-	MOVQ AX, 168(R10)
-	ORQ  R13, R11
-
-	// exhausted += (br3.off < 4)
-	CMPQ AX, $0x04
-	ADCB $+0, DL
-
-skip_fill3:
-	// val0 := br3.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v0 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br3.advance(uint8(v0.entry)
-	MOVB CH, AL
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val1 := br3.peekTopBits(peekBits)
-	MOVQ DI, CX
-	MOVQ R11, R13
-	SHRQ CL, R13
-
-	// v1 := table[val1&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br3.advance(uint8(v1.entry))
-	MOVB CH, AH
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// these two writes get coalesced
-	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
-	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
-	LEAQ (R8)(R8*2), CX
-	MOVW AX, (BX)(CX*1)
-
-	// update the bitreader structure
-	MOVQ  R11, 176(R10)
-	MOVB  R12, 184(R10)
-	ADDQ  $0x02, BX
-	TESTB DL, DL
-	JZ    main_loop
-	MOVQ  ctx+0(FP), AX
-	SUBQ  16(AX), BX
-	SHLQ  $0x02, BX
-	MOVQ  BX, 40(AX)
-	RET
-
-// func decompress4x_8b_main_loop_amd64(ctx *decompress4xContext)
-TEXT ·decompress4x_8b_main_loop_amd64(SB), $0-8
-	// Preload values
-	MOVQ    ctx+0(FP), CX
-	MOVBQZX 8(CX), DI
-	MOVQ    16(CX), BX
-	MOVQ    48(CX), SI
-	MOVQ    24(CX), R8
-	MOVQ    32(CX), R9
-	MOVQ    (CX), R10
-
-	// Main loop
-main_loop:
-	XORL  DX, DX
-	CMPQ  BX, SI
-	SETGE DL
-
-	// br0.fillFast32()
-	MOVQ    32(R10), R11
-	MOVBQZX 40(R10), R12
-	CMPQ    R12, $0x20
-	JBE     skip_fill0
-	MOVQ    24(R10), R13
-	SUBQ    $0x20, R12
-	SUBQ    $0x04, R13
-	MOVQ    (R10), R14
-
-	// b.value |= uint64(low) << (b.bitsRead & 63)
-	MOVL (R13)(R14*1), R14
-	MOVQ R12, CX
-	SHLQ CL, R14
-	MOVQ R13, 24(R10)
-	ORQ  R14, R11
-
-	// exhausted += (br0.off < 4)
-	CMPQ R13, $0x04
-	ADCB $+0, DL
-
-skip_fill0:
-	// val0 := br0.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v0 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br0.advance(uint8(v0.entry)
-	MOVB CH, AL
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val1 := br0.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v1 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br0.advance(uint8(v1.entry)
-	MOVB   CH, AH
-	SHLQ   CL, R11
-	ADDB   CL, R12
-	BSWAPL AX
-
-	// val2 := br0.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v2 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br0.advance(uint8(v2.entry)
-	MOVB CH, AH
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val3 := br0.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v3 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br0.advance(uint8(v3.entry)
-	MOVB   CH, AL
-	SHLQ   CL, R11
-	ADDB   CL, R12
-	BSWAPL AX
-
-	// these four writes get coalesced
-	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
-	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
-	// out[id * dstEvery + 3] = uint8(v2.entry >> 8)
-	// out[id * dstEvery + 4] = uint8(v3.entry >> 8)
-	MOVL AX, (BX)
-
-	// update the bitreader structure
-	MOVQ R11, 32(R10)
-	MOVB R12, 40(R10)
-
-	// br1.fillFast32()
-	MOVQ    80(R10), R11
-	MOVBQZX 88(R10), R12
-	CMPQ    R12, $0x20
-	JBE     skip_fill1
-	MOVQ    72(R10), R13
-	SUBQ    $0x20, R12
-	SUBQ    $0x04, R13
-	MOVQ    48(R10), R14
-
-	// b.value |= uint64(low) << (b.bitsRead & 63)
-	MOVL (R13)(R14*1), R14
-	MOVQ R12, CX
-	SHLQ CL, R14
-	MOVQ R13, 72(R10)
-	ORQ  R14, R11
-
-	// exhausted += (br1.off < 4)
-	CMPQ R13, $0x04
-	ADCB $+0, DL
-
-skip_fill1:
-	// val0 := br1.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v0 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br1.advance(uint8(v0.entry)
-	MOVB CH, AL
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val1 := br1.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v1 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br1.advance(uint8(v1.entry)
-	MOVB   CH, AH
-	SHLQ   CL, R11
-	ADDB   CL, R12
-	BSWAPL AX
-
-	// val2 := br1.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v2 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br1.advance(uint8(v2.entry)
-	MOVB CH, AH
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val3 := br1.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v3 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br1.advance(uint8(v3.entry)
-	MOVB   CH, AL
-	SHLQ   CL, R11
-	ADDB   CL, R12
-	BSWAPL AX
-
-	// these four writes get coalesced
-	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
-	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
-	// out[id * dstEvery + 3] = uint8(v2.entry >> 8)
-	// out[id * dstEvery + 4] = uint8(v3.entry >> 8)
-	MOVL AX, (BX)(R8*1)
-
-	// update the bitreader structure
-	MOVQ R11, 80(R10)
-	MOVB R12, 88(R10)
-
-	// br2.fillFast32()
-	MOVQ    128(R10), R11
-	MOVBQZX 136(R10), R12
-	CMPQ    R12, $0x20
-	JBE     skip_fill2
-	MOVQ    120(R10), R13
-	SUBQ    $0x20, R12
-	SUBQ    $0x04, R13
-	MOVQ    96(R10), R14
-
-	// b.value |= uint64(low) << (b.bitsRead & 63)
-	MOVL (R13)(R14*1), R14
-	MOVQ R12, CX
-	SHLQ CL, R14
-	MOVQ R13, 120(R10)
-	ORQ  R14, R11
-
-	// exhausted += (br2.off < 4)
-	CMPQ R13, $0x04
-	ADCB $+0, DL
-
-skip_fill2:
-	// val0 := br2.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v0 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br2.advance(uint8(v0.entry)
-	MOVB CH, AL
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val1 := br2.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v1 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br2.advance(uint8(v1.entry)
-	MOVB   CH, AH
-	SHLQ   CL, R11
-	ADDB   CL, R12
-	BSWAPL AX
-
-	// val2 := br2.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v2 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br2.advance(uint8(v2.entry)
-	MOVB CH, AH
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val3 := br2.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v3 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br2.advance(uint8(v3.entry)
-	MOVB   CH, AL
-	SHLQ   CL, R11
-	ADDB   CL, R12
-	BSWAPL AX
-
-	// these four writes get coalesced
-	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
-	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
-	// out[id * dstEvery + 3] = uint8(v2.entry >> 8)
-	// out[id * dstEvery + 4] = uint8(v3.entry >> 8)
-	MOVL AX, (BX)(R8*2)
-
-	// update the bitreader structure
-	MOVQ R11, 128(R10)
-	MOVB R12, 136(R10)
-
-	// br3.fillFast32()
-	MOVQ    176(R10), R11
-	MOVBQZX 184(R10), R12
-	CMPQ    R12, $0x20
-	JBE     skip_fill3
-	MOVQ    168(R10), R13
-	SUBQ    $0x20, R12
-	SUBQ    $0x04, R13
-	MOVQ    144(R10), R14
-
-	// b.value |= uint64(low) << (b.bitsRead & 63)
-	MOVL (R13)(R14*1), R14
-	MOVQ R12, CX
-	SHLQ CL, R14
-	MOVQ R13, 168(R10)
-	ORQ  R14, R11
-
-	// exhausted += (br3.off < 4)
-	CMPQ R13, $0x04
-	ADCB $+0, DL
-
-skip_fill3:
-	// val0 := br3.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v0 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br3.advance(uint8(v0.entry)
-	MOVB CH, AL
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val1 := br3.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v1 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br3.advance(uint8(v1.entry)
-	MOVB   CH, AH
-	SHLQ   CL, R11
-	ADDB   CL, R12
-	BSWAPL AX
-
-	// val2 := br3.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v2 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br3.advance(uint8(v2.entry)
-	MOVB CH, AH
-	SHLQ CL, R11
-	ADDB CL, R12
-
-	// val3 := br3.peekTopBits(peekBits)
-	MOVQ R11, R13
-	MOVQ DI, CX
-	SHRQ CL, R13
-
-	// v3 := table[val0&mask]
-	MOVW (R9)(R13*2), CX
-
-	// br3.advance(uint8(v3.entry)
-	MOVB   CH, AL
-	SHLQ   CL, R11
-	ADDB   CL, R12
-	BSWAPL AX
-
-	// these four writes get coalesced
-	// out[id * dstEvery + 0] = uint8(v0.entry >> 8)
-	// out[id * dstEvery + 1] = uint8(v1.entry >> 8)
-	// out[id * dstEvery + 3] = uint8(v2.entry >> 8)
-	// out[id * dstEvery + 4] = uint8(v3.entry >> 8)
-	LEAQ (R8)(R8*2), CX
-	MOVL AX, (BX)(CX*1)
-
-	// update the bitreader structure
-	MOVQ  R11, 176(R10)
-	MOVB  R12, 184(R10)
-	ADDQ  $0x04, BX
-	TESTB DL, DL
-	JZ    main_loop
-	MOVQ  ctx+0(FP), AX
-	SUBQ  16(AX), BX
-	SHLQ  $0x02, BX
-	MOVQ  BX, 40(AX)
-	RET
-
-// func decompress1x_main_loop_amd64(ctx *decompress1xContext)
-TEXT ·decompress1x_main_loop_amd64(SB), $0-8
-	MOVQ    ctx+0(FP), CX
-	MOVQ    16(CX), DX
-	MOVQ    24(CX), BX
-	CMPQ    BX, $0x04
-	JB      error_max_decoded_size_exceeded
-	LEAQ    (DX)(BX*1), BX
-	MOVQ    (CX), SI
-	MOVQ    (SI), R8
-	MOVQ    24(SI), R9
-	MOVQ    32(SI), R10
-	MOVBQZX 40(SI), R11
-	MOVQ    32(CX), SI
-	MOVBQZX 8(CX), DI
-	JMP     loop_condition
-
-main_loop:
-	// Check if we have room for 4 bytes in the output buffer
-	LEAQ 4(DX), CX
-	CMPQ CX, BX
-	JGE  error_max_decoded_size_exceeded
-
-	// Decode 4 values
-	CMPQ R11, $0x20
-	JL   bitReader_fillFast_1_end
-	SUBQ $0x20, R11
-	SUBQ $0x04, R9
-	MOVL (R8)(R9*1), R12
-	MOVQ R11, CX
-	SHLQ CL, R12
-	ORQ  R12, R10
-
-bitReader_fillFast_1_end:
-	MOVQ    DI, CX
-	MOVQ    R10, R12
-	SHRQ    CL, R12
-	MOVW    (SI)(R12*2), CX
-	MOVB    CH, AL
-	MOVBQZX CL, CX
-	ADDQ    CX, R11
-	SHLQ    CL, R10
-	MOVQ    DI, CX
-	MOVQ    R10, R12
-	SHRQ    CL, R12
-	MOVW    (SI)(R12*2), CX
-	MOVB    CH, AH
-	MOVBQZX CL, CX
-	ADDQ    CX, R11
-	SHLQ    CL, R10
-	BSWAPL  AX
-	CMPQ    R11, $0x20
-	JL      bitReader_fillFast_2_end
-	SUBQ    $0x20, R11
-	SUBQ    $0x04, R9
-	MOVL    (R8)(R9*1), R12
-	MOVQ    R11, CX
-	SHLQ    CL, R12
-	ORQ     R12, R10
-
-bitReader_fillFast_2_end:
-	MOVQ    DI, CX
-	MOVQ    R10, R12
-	SHRQ    CL, R12
-	MOVW    (SI)(R12*2), CX
-	MOVB    CH, AH
-	MOVBQZX CL, CX
-	ADDQ    CX, R11
-	SHLQ    CL, R10
-	MOVQ    DI, CX
-	MOVQ    R10, R12
-	SHRQ    CL, R12
-	MOVW    (SI)(R12*2), CX
-	MOVB    CH, AL
-	MOVBQZX CL, CX
-	ADDQ    CX, R11
-	SHLQ    CL, R10
-	BSWAPL  AX
-
-	// Store the decoded values
-	MOVL AX, (DX)
-	ADDQ $0x04, DX
-
-loop_condition:
-	CMPQ R9, $0x08
-	JGE  main_loop
-
-	// Update ctx structure
-	MOVQ ctx+0(FP), AX
-	SUBQ 16(AX), DX
-	MOVQ DX, 40(AX)
-	MOVQ (AX), AX
-	MOVQ R9, 24(AX)
-	MOVQ R10, 32(AX)
-	MOVB R11, 40(AX)
-	RET
-
-	// Report error
-error_max_decoded_size_exceeded:
-	MOVQ ctx+0(FP), AX
-	MOVQ $-1, CX
-	MOVQ CX, 40(AX)
-	RET
-
-// func decompress1x_main_loop_bmi2(ctx *decompress1xContext)
-// Requires: BMI2
-TEXT ·decompress1x_main_loop_bmi2(SB), $0-8
-	MOVQ    ctx+0(FP), CX
-	MOVQ    16(CX), DX
-	MOVQ    24(CX), BX
-	CMPQ    BX, $0x04
-	JB      error_max_decoded_size_exceeded
-	LEAQ    (DX)(BX*1), BX
-	MOVQ    (CX), SI
-	MOVQ    (SI), R8
-	MOVQ    24(SI), R9
-	MOVQ    32(SI), R10
-	MOVBQZX 40(SI), R11
-	MOVQ    32(CX), SI
-	MOVBQZX 8(CX), DI
-	JMP     loop_condition
-
-main_loop:
-	// Check if we have room for 4 bytes in the output buffer
-	LEAQ 4(DX), CX
-	CMPQ CX, BX
-	JGE  error_max_decoded_size_exceeded
-
-	// Decode 4 values
-	CMPQ  R11, $0x20
-	JL    bitReader_fillFast_1_end
-	SUBQ  $0x20, R11
-	SUBQ  $0x04, R9
-	MOVL  (R8)(R9*1), CX
-	SHLXQ R11, CX, CX
-	ORQ   CX, R10
-
-bitReader_fillFast_1_end:
-	SHRXQ   DI, R10, CX
-	MOVW    (SI)(CX*2), CX
-	MOVB    CH, AL
-	MOVBQZX CL, CX
-	ADDQ    CX, R11
-	SHLXQ   CX, R10, R10
-	SHRXQ   DI, R10, CX
-	MOVW    (SI)(CX*2), CX
-	MOVB    CH, AH
-	MOVBQZX CL, CX
-	ADDQ    CX, R11
-	SHLXQ   CX, R10, R10
-	BSWAPL  AX
-	CMPQ    R11, $0x20
-	JL      bitReader_fillFast_2_end
-	SUBQ    $0x20, R11
-	SUBQ    $0x04, R9
-	MOVL    (R8)(R9*1), CX
-	SHLXQ   R11, CX, CX
-	ORQ     CX, R10
-
-bitReader_fillFast_2_end:
-	SHRXQ   DI, R10, CX
-	MOVW    (SI)(CX*2), CX
-	MOVB    CH, AH
-	MOVBQZX CL, CX
-	ADDQ    CX, R11
-	SHLXQ   CX, R10, R10
-	SHRXQ   DI, R10, CX
-	MOVW    (SI)(CX*2), CX
-	MOVB    CH, AL
-	MOVBQZX CL, CX
-	ADDQ    CX, R11
-	SHLXQ   CX, R10, R10
-	BSWAPL  AX
-
-	// Store the decoded values
-	MOVL AX, (DX)
-	ADDQ $0x04, DX
-
-loop_condition:
-	CMPQ R9, $0x08
-	JGE  main_loop
-
-	// Update ctx structure
-	MOVQ ctx+0(FP), AX
-	SUBQ 16(AX), DX
-	MOVQ DX, 40(AX)
-	MOVQ (AX), AX
-	MOVQ R9, 24(AX)
-	MOVQ R10, 32(AX)
-	MOVB R11, 40(AX)
-	RET
-
-	// Report error
-error_max_decoded_size_exceeded:
-	MOVQ ctx+0(FP), AX
-	MOVQ $-1, CX
-	MOVQ CX, 40(AX)
-	RET
diff --git a/vendor/github.com/klauspost/compress/huff0/decompress_generic.go b/vendor/github.com/klauspost/compress/huff0/decompress_generic.go
deleted file mode 100644
index 908c17de6..000000000
--- a/vendor/github.com/klauspost/compress/huff0/decompress_generic.go
+++ /dev/null
@@ -1,299 +0,0 @@
-//go:build !amd64 || appengine || !gc || noasm
-// +build !amd64 appengine !gc noasm
-
-// This file contains a generic implementation of Decoder.Decompress4X.
-package huff0
-
-import (
-	"errors"
-	"fmt"
-)
-
-// Decompress4X will decompress a 4X encoded stream.
-// The length of the supplied input must match the end of a block exactly.
-// The *capacity* of the dst slice must match the destination size of
-// the uncompressed data exactly.
-func (d *Decoder) Decompress4X(dst, src []byte) ([]byte, error) {
-	if len(d.dt.single) == 0 {
-		return nil, errors.New("no table loaded")
-	}
-	if len(src) < 6+(4*1) {
-		return nil, errors.New("input too small")
-	}
-	if use8BitTables && d.actualTableLog <= 8 {
-		return d.decompress4X8bit(dst, src)
-	}
-
-	var br [4]bitReaderShifted
-	// Decode "jump table"
-	start := 6
-	for i := 0; i < 3; i++ {
-		length := int(src[i*2]) | (int(src[i*2+1]) << 8)
-		if start+length >= len(src) {
-			return nil, errors.New("truncated input (or invalid offset)")
-		}
-		err := br[i].init(src[start : start+length])
-		if err != nil {
-			return nil, err
-		}
-		start += length
-	}
-	err := br[3].init(src[start:])
-	if err != nil {
-		return nil, err
-	}
-
-	// destination, offset to match first output
-	dstSize := cap(dst)
-	dst = dst[:dstSize]
-	out := dst
-	dstEvery := (dstSize + 3) / 4
-
-	const tlSize = 1 << tableLogMax
-	const tlMask = tlSize - 1
-	single := d.dt.single[:tlSize]
-
-	// Use temp table to avoid bound checks/append penalty.
-	buf := d.buffer()
-	var off uint8
-	var decoded int
-
-	// Decode 2 values from each decoder/loop.
-	const bufoff = 256
-	for {
-		if br[0].off < 4 || br[1].off < 4 || br[2].off < 4 || br[3].off < 4 {
-			break
-		}
-
-		{
-			const stream = 0
-			const stream2 = 1
-			br[stream].fillFast()
-			br[stream2].fillFast()
-
-			val := br[stream].peekBitsFast(d.actualTableLog)
-			val2 := br[stream2].peekBitsFast(d.actualTableLog)
-			v := single[val&tlMask]
-			v2 := single[val2&tlMask]
-			br[stream].advance(uint8(v.entry))
-			br[stream2].advance(uint8(v2.entry))
-			buf[stream][off] = uint8(v.entry >> 8)
-			buf[stream2][off] = uint8(v2.entry >> 8)
-
-			val = br[stream].peekBitsFast(d.actualTableLog)
-			val2 = br[stream2].peekBitsFast(d.actualTableLog)
-			v = single[val&tlMask]
-			v2 = single[val2&tlMask]
-			br[stream].advance(uint8(v.entry))
-			br[stream2].advance(uint8(v2.entry))
-			buf[stream][off+1] = uint8(v.entry >> 8)
-			buf[stream2][off+1] = uint8(v2.entry >> 8)
-		}
-
-		{
-			const stream = 2
-			const stream2 = 3
-			br[stream].fillFast()
-			br[stream2].fillFast()
-
-			val := br[stream].peekBitsFast(d.actualTableLog)
-			val2 := br[stream2].peekBitsFast(d.actualTableLog)
-			v := single[val&tlMask]
-			v2 := single[val2&tlMask]
-			br[stream].advance(uint8(v.entry))
-			br[stream2].advance(uint8(v2.entry))
-			buf[stream][off] = uint8(v.entry >> 8)
-			buf[stream2][off] = uint8(v2.entry >> 8)
-
-			val = br[stream].peekBitsFast(d.actualTableLog)
-			val2 = br[stream2].peekBitsFast(d.actualTableLog)
-			v = single[val&tlMask]
-			v2 = single[val2&tlMask]
-			br[stream].advance(uint8(v.entry))
-			br[stream2].advance(uint8(v2.entry))
-			buf[stream][off+1] = uint8(v.entry >> 8)
-			buf[stream2][off+1] = uint8(v2.entry >> 8)
-		}
-
-		off += 2
-
-		if off == 0 {
-			if bufoff > dstEvery {
-				d.bufs.Put(buf)
-				return nil, errors.New("corruption detected: stream overrun 1")
-			}
-			// There must at least be 3 buffers left.
-			if len(out)-bufoff < dstEvery*3 {
-				d.bufs.Put(buf)
-				return nil, errors.New("corruption detected: stream overrun 2")
-			}
-			//copy(out, buf[0][:])
-			//copy(out[dstEvery:], buf[1][:])
-			//copy(out[dstEvery*2:], buf[2][:])
-			//copy(out[dstEvery*3:], buf[3][:])
-			*(*[bufoff]byte)(out) = buf[0]
-			*(*[bufoff]byte)(out[dstEvery:]) = buf[1]
-			*(*[bufoff]byte)(out[dstEvery*2:]) = buf[2]
-			*(*[bufoff]byte)(out[dstEvery*3:]) = buf[3]
-			out = out[bufoff:]
-			decoded += bufoff * 4
-		}
-	}
-	if off > 0 {
-		ioff := int(off)
-		if len(out) < dstEvery*3+ioff {
-			d.bufs.Put(buf)
-			return nil, errors.New("corruption detected: stream overrun 3")
-		}
-		copy(out, buf[0][:off])
-		copy(out[dstEvery:], buf[1][:off])
-		copy(out[dstEvery*2:], buf[2][:off])
-		copy(out[dstEvery*3:], buf[3][:off])
-		decoded += int(off) * 4
-		out = out[off:]
-	}
-
-	// Decode remaining.
-	remainBytes := dstEvery - (decoded / 4)
-	for i := range br {
-		offset := dstEvery * i
-		endsAt := offset + remainBytes
-		if endsAt > len(out) {
-			endsAt = len(out)
-		}
-		br := &br[i]
-		bitsLeft := br.remaining()
-		for bitsLeft > 0 {
-			br.fill()
-			if offset >= endsAt {
-				d.bufs.Put(buf)
-				return nil, errors.New("corruption detected: stream overrun 4")
-			}
-
-			// Read value and increment offset.
-			val := br.peekBitsFast(d.actualTableLog)
-			v := single[val&tlMask].entry
-			nBits := uint8(v)
-			br.advance(nBits)
-			bitsLeft -= uint(nBits)
-			out[offset] = uint8(v >> 8)
-			offset++
-		}
-		if offset != endsAt {
-			d.bufs.Put(buf)
-			return nil, fmt.Errorf("corruption detected: short output block %d, end %d != %d", i, offset, endsAt)
-		}
-		decoded += offset - dstEvery*i
-		err = br.close()
-		if err != nil {
-			return nil, err
-		}
-	}
-	d.bufs.Put(buf)
-	if dstSize != decoded {
-		return nil, errors.New("corruption detected: short output block")
-	}
-	return dst, nil
-}
-
-// Decompress1X will decompress a 1X encoded stream.
-// The cap of the output buffer will be the maximum decompressed size.
-// The length of the supplied input must match the end of a block exactly.
-func (d *Decoder) Decompress1X(dst, src []byte) ([]byte, error) {
-	if len(d.dt.single) == 0 {
-		return nil, errors.New("no table loaded")
-	}
-	if use8BitTables && d.actualTableLog <= 8 {
-		return d.decompress1X8Bit(dst, src)
-	}
-	var br bitReaderShifted
-	err := br.init(src)
-	if err != nil {
-		return dst, err
-	}
-	maxDecodedSize := cap(dst)
-	dst = dst[:0]
-
-	// Avoid bounds check by always having full sized table.
-	const tlSize = 1 << tableLogMax
-	const tlMask = tlSize - 1
-	dt := d.dt.single[:tlSize]
-
-	// Use temp table to avoid bound checks/append penalty.
-	bufs := d.buffer()
-	buf := &bufs[0]
-	var off uint8
-
-	for br.off >= 8 {
-		br.fillFast()
-		v := dt[br.peekBitsFast(d.actualTableLog)&tlMask]
-		br.advance(uint8(v.entry))
-		buf[off+0] = uint8(v.entry >> 8)
-
-		v = dt[br.peekBitsFast(d.actualTableLog)&tlMask]
-		br.advance(uint8(v.entry))
-		buf[off+1] = uint8(v.entry >> 8)
-
-		// Refill
-		br.fillFast()
-
-		v = dt[br.peekBitsFast(d.actualTableLog)&tlMask]
-		br.advance(uint8(v.entry))
-		buf[off+2] = uint8(v.entry >> 8)
-
-		v = dt[br.peekBitsFast(d.actualTableLog)&tlMask]
-		br.advance(uint8(v.entry))
-		buf[off+3] = uint8(v.entry >> 8)
-
-		off += 4
-		if off == 0 {
-			if len(dst)+256 > maxDecodedSize {
-				br.close()
-				d.bufs.Put(bufs)
-				return nil, ErrMaxDecodedSizeExceeded
-			}
-			dst = append(dst, buf[:]...)
-		}
-	}
-
-	if len(dst)+int(off) > maxDecodedSize {
-		d.bufs.Put(bufs)
-		br.close()
-		return nil, ErrMaxDecodedSizeExceeded
-	}
-	dst = append(dst, buf[:off]...)
-
-	// br < 8, so uint8 is fine
-	bitsLeft := uint8(br.off)*8 + 64 - br.bitsRead
-	for bitsLeft > 0 {
-		br.fill()
-		if false && br.bitsRead >= 32 {
-			if br.off >= 4 {
-				v := br.in[br.off-4:]
-				v = v[:4]
-				low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-				br.value = (br.value << 32) | uint64(low)
-				br.bitsRead -= 32
-				br.off -= 4
-			} else {
-				for br.off > 0 {
-					br.value = (br.value << 8) | uint64(br.in[br.off-1])
-					br.bitsRead -= 8
-					br.off--
-				}
-			}
-		}
-		if len(dst) >= maxDecodedSize {
-			d.bufs.Put(bufs)
-			br.close()
-			return nil, ErrMaxDecodedSizeExceeded
-		}
-		v := d.dt.single[br.peekBitsFast(d.actualTableLog)&tlMask]
-		nBits := uint8(v.entry)
-		br.advance(nBits)
-		bitsLeft -= nBits
-		dst = append(dst, uint8(v.entry>>8))
-	}
-	d.bufs.Put(bufs)
-	return dst, br.close()
-}
diff --git a/vendor/github.com/klauspost/compress/huff0/huff0.go b/vendor/github.com/klauspost/compress/huff0/huff0.go
deleted file mode 100644
index 77ecd68e0..000000000
--- a/vendor/github.com/klauspost/compress/huff0/huff0.go
+++ /dev/null
@@ -1,337 +0,0 @@
-// Package huff0 provides fast huffman encoding as used in zstd.
-//
-// See README.md at https://github.com/klauspost/compress/tree/master/huff0 for details.
-package huff0
-
-import (
-	"errors"
-	"fmt"
-	"math"
-	"math/bits"
-	"sync"
-
-	"github.com/klauspost/compress/fse"
-)
-
-const (
-	maxSymbolValue = 255
-
-	// zstandard limits tablelog to 11, see:
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#huffman-tree-description
-	tableLogMax     = 11
-	tableLogDefault = 11
-	minTablelog     = 5
-	huffNodesLen    = 512
-
-	// BlockSizeMax is maximum input size for a single block uncompressed.
-	BlockSizeMax = 1<<18 - 1
-)
-
-var (
-	// ErrIncompressible is returned when input is judged to be too hard to compress.
-	ErrIncompressible = errors.New("input is not compressible")
-
-	// ErrUseRLE is returned from the compressor when the input is a single byte value repeated.
-	ErrUseRLE = errors.New("input is single value repeated")
-
-	// ErrTooBig is return if input is too large for a single block.
-	ErrTooBig = errors.New("input too big")
-
-	// ErrMaxDecodedSizeExceeded is return if input is too large for a single block.
-	ErrMaxDecodedSizeExceeded = errors.New("maximum output size exceeded")
-)
-
-type ReusePolicy uint8
-
-const (
-	// ReusePolicyAllow will allow reuse if it produces smaller output.
-	ReusePolicyAllow ReusePolicy = iota
-
-	// ReusePolicyPrefer will re-use aggressively if possible.
-	// This will not check if a new table will produce smaller output,
-	// except if the current table is impossible to use or
-	// compressed output is bigger than input.
-	ReusePolicyPrefer
-
-	// ReusePolicyNone will disable re-use of tables.
-	// This is slightly faster than ReusePolicyAllow but may produce larger output.
-	ReusePolicyNone
-
-	// ReusePolicyMust must allow reuse and produce smaller output.
-	ReusePolicyMust
-)
-
-type Scratch struct {
-	count [maxSymbolValue + 1]uint32
-
-	// Per block parameters.
-	// These can be used to override compression parameters of the block.
-	// Do not touch, unless you know what you are doing.
-
-	// Out is output buffer.
-	// If the scratch is re-used before the caller is done processing the output,
-	// set this field to nil.
-	// Otherwise the output buffer will be re-used for next Compression/Decompression step
-	// and allocation will be avoided.
-	Out []byte
-
-	// OutTable will contain the table data only, if a new table has been generated.
-	// Slice of the returned data.
-	OutTable []byte
-
-	// OutData will contain the compressed data.
-	// Slice of the returned data.
-	OutData []byte
-
-	// MaxDecodedSize will set the maximum allowed output size.
-	// This value will automatically be set to BlockSizeMax if not set.
-	// Decoders will return ErrMaxDecodedSizeExceeded is this limit is exceeded.
-	MaxDecodedSize int
-
-	srcLen int
-
-	// MaxSymbolValue will override the maximum symbol value of the next block.
-	MaxSymbolValue uint8
-
-	// TableLog will attempt to override the tablelog for the next block.
-	// Must be <= 11 and >= 5.
-	TableLog uint8
-
-	// Reuse will specify the reuse policy
-	Reuse ReusePolicy
-
-	// WantLogLess allows to specify a log 2 reduction that should at least be achieved,
-	// otherwise the block will be returned as incompressible.
-	// The reduction should then at least be (input size >> WantLogLess)
-	// If WantLogLess == 0 any improvement will do.
-	WantLogLess uint8
-
-	symbolLen      uint16 // Length of active part of the symbol table.
-	maxCount       int    // count of the most probable symbol
-	clearCount     bool   // clear count
-	actualTableLog uint8  // Selected tablelog.
-	prevTableLog   uint8  // Tablelog for previous table
-	prevTable      cTable // Table used for previous compression.
-	cTable         cTable // compression table
-	dt             dTable // decompression table
-	nodes          []nodeElt
-	tmpOut         [4][]byte
-	fse            *fse.Scratch
-	decPool        sync.Pool // *[4][256]byte buffers.
-	huffWeight     [maxSymbolValue + 1]byte
-}
-
-// TransferCTable will transfer the previously used compression table.
-func (s *Scratch) TransferCTable(src *Scratch) {
-	if cap(s.prevTable) < len(src.prevTable) {
-		s.prevTable = make(cTable, 0, maxSymbolValue+1)
-	}
-	s.prevTable = s.prevTable[:len(src.prevTable)]
-	copy(s.prevTable, src.prevTable)
-	s.prevTableLog = src.prevTableLog
-}
-
-func (s *Scratch) prepare(in []byte) (*Scratch, error) {
-	if len(in) > BlockSizeMax {
-		return nil, ErrTooBig
-	}
-	if s == nil {
-		s = &Scratch{}
-	}
-	if s.MaxSymbolValue == 0 {
-		s.MaxSymbolValue = maxSymbolValue
-	}
-	if s.TableLog == 0 {
-		s.TableLog = tableLogDefault
-	}
-	if s.TableLog > tableLogMax || s.TableLog < minTablelog {
-		return nil, fmt.Errorf(" invalid tableLog %d (%d -> %d)", s.TableLog, minTablelog, tableLogMax)
-	}
-	if s.MaxDecodedSize <= 0 || s.MaxDecodedSize > BlockSizeMax {
-		s.MaxDecodedSize = BlockSizeMax
-	}
-	if s.clearCount && s.maxCount == 0 {
-		for i := range s.count {
-			s.count[i] = 0
-		}
-		s.clearCount = false
-	}
-	if cap(s.Out) == 0 {
-		s.Out = make([]byte, 0, len(in))
-	}
-	s.Out = s.Out[:0]
-
-	s.OutTable = nil
-	s.OutData = nil
-	if cap(s.nodes) < huffNodesLen+1 {
-		s.nodes = make([]nodeElt, 0, huffNodesLen+1)
-	}
-	s.nodes = s.nodes[:0]
-	if s.fse == nil {
-		s.fse = &fse.Scratch{}
-	}
-	s.srcLen = len(in)
-
-	return s, nil
-}
-
-type cTable []cTableEntry
-
-func (c cTable) write(s *Scratch) error {
-	var (
-		// precomputed conversion table
-		bitsToWeight [tableLogMax + 1]byte
-		huffLog      = s.actualTableLog
-		// last weight is not saved.
-		maxSymbolValue = uint8(s.symbolLen - 1)
-		huffWeight     = s.huffWeight[:256]
-	)
-	const (
-		maxFSETableLog = 6
-	)
-	// convert to weight
-	bitsToWeight[0] = 0
-	for n := uint8(1); n < huffLog+1; n++ {
-		bitsToWeight[n] = huffLog + 1 - n
-	}
-
-	// Acquire histogram for FSE.
-	hist := s.fse.Histogram()
-	hist = hist[:256]
-	for i := range hist[:16] {
-		hist[i] = 0
-	}
-	for n := uint8(0); n < maxSymbolValue; n++ {
-		v := bitsToWeight[c[n].nBits] & 15
-		huffWeight[n] = v
-		hist[v]++
-	}
-
-	// FSE compress if feasible.
-	if maxSymbolValue >= 2 {
-		huffMaxCnt := uint32(0)
-		huffMax := uint8(0)
-		for i, v := range hist[:16] {
-			if v == 0 {
-				continue
-			}
-			huffMax = byte(i)
-			if v > huffMaxCnt {
-				huffMaxCnt = v
-			}
-		}
-		s.fse.HistogramFinished(huffMax, int(huffMaxCnt))
-		s.fse.TableLog = maxFSETableLog
-		b, err := fse.Compress(huffWeight[:maxSymbolValue], s.fse)
-		if err == nil && len(b) < int(s.symbolLen>>1) {
-			s.Out = append(s.Out, uint8(len(b)))
-			s.Out = append(s.Out, b...)
-			return nil
-		}
-		// Unable to compress (RLE/uncompressible)
-	}
-	// write raw values as 4-bits (max : 15)
-	if maxSymbolValue > (256 - 128) {
-		// should not happen : likely means source cannot be compressed
-		return ErrIncompressible
-	}
-	op := s.Out
-	// special case, pack weights 4 bits/weight.
-	op = append(op, 128|(maxSymbolValue-1))
-	// be sure it doesn't cause msan issue in final combination
-	huffWeight[maxSymbolValue] = 0
-	for n := uint16(0); n < uint16(maxSymbolValue); n += 2 {
-		op = append(op, (huffWeight[n]<<4)|huffWeight[n+1])
-	}
-	s.Out = op
-	return nil
-}
-
-func (c cTable) estTableSize(s *Scratch) (sz int, err error) {
-	var (
-		// precomputed conversion table
-		bitsToWeight [tableLogMax + 1]byte
-		huffLog      = s.actualTableLog
-		// last weight is not saved.
-		maxSymbolValue = uint8(s.symbolLen - 1)
-		huffWeight     = s.huffWeight[:256]
-	)
-	const (
-		maxFSETableLog = 6
-	)
-	// convert to weight
-	bitsToWeight[0] = 0
-	for n := uint8(1); n < huffLog+1; n++ {
-		bitsToWeight[n] = huffLog + 1 - n
-	}
-
-	// Acquire histogram for FSE.
-	hist := s.fse.Histogram()
-	hist = hist[:256]
-	for i := range hist[:16] {
-		hist[i] = 0
-	}
-	for n := uint8(0); n < maxSymbolValue; n++ {
-		v := bitsToWeight[c[n].nBits] & 15
-		huffWeight[n] = v
-		hist[v]++
-	}
-
-	// FSE compress if feasible.
-	if maxSymbolValue >= 2 {
-		huffMaxCnt := uint32(0)
-		huffMax := uint8(0)
-		for i, v := range hist[:16] {
-			if v == 0 {
-				continue
-			}
-			huffMax = byte(i)
-			if v > huffMaxCnt {
-				huffMaxCnt = v
-			}
-		}
-		s.fse.HistogramFinished(huffMax, int(huffMaxCnt))
-		s.fse.TableLog = maxFSETableLog
-		b, err := fse.Compress(huffWeight[:maxSymbolValue], s.fse)
-		if err == nil && len(b) < int(s.symbolLen>>1) {
-			sz += 1 + len(b)
-			return sz, nil
-		}
-		// Unable to compress (RLE/uncompressible)
-	}
-	// write raw values as 4-bits (max : 15)
-	if maxSymbolValue > (256 - 128) {
-		// should not happen : likely means source cannot be compressed
-		return 0, ErrIncompressible
-	}
-	// special case, pack weights 4 bits/weight.
-	sz += 1 + int(maxSymbolValue/2)
-	return sz, nil
-}
-
-// estimateSize returns the estimated size in bytes of the input represented in the
-// histogram supplied.
-func (c cTable) estimateSize(hist []uint32) int {
-	nbBits := uint32(7)
-	for i, v := range c[:len(hist)] {
-		nbBits += uint32(v.nBits) * hist[i]
-	}
-	return int(nbBits >> 3)
-}
-
-// minSize returns the minimum possible size considering the shannon limit.
-func (s *Scratch) minSize(total int) int {
-	nbBits := float64(7)
-	fTotal := float64(total)
-	for _, v := range s.count[:s.symbolLen] {
-		n := float64(v)
-		if n > 0 {
-			nbBits += math.Log2(fTotal/n) * n
-		}
-	}
-	return int(nbBits) >> 3
-}
-
-func highBit32(val uint32) (n uint32) {
-	return uint32(bits.Len32(val) - 1)
-}
diff --git a/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo.go b/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo.go
deleted file mode 100644
index 3954c5121..000000000
--- a/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo.go
+++ /dev/null
@@ -1,34 +0,0 @@
-// Package cpuinfo gives runtime info about the current CPU.
-//
-// This is a very limited module meant for use internally
-// in this project. For more versatile solution check
-// https://github.com/klauspost/cpuid.
-package cpuinfo
-
-// HasBMI1 checks whether an x86 CPU supports the BMI1 extension.
-func HasBMI1() bool {
-	return hasBMI1
-}
-
-// HasBMI2 checks whether an x86 CPU supports the BMI2 extension.
-func HasBMI2() bool {
-	return hasBMI2
-}
-
-// DisableBMI2 will disable BMI2, for testing purposes.
-// Call returned function to restore previous state.
-func DisableBMI2() func() {
-	old := hasBMI2
-	hasBMI2 = false
-	return func() {
-		hasBMI2 = old
-	}
-}
-
-// HasBMI checks whether an x86 CPU supports both BMI1 and BMI2 extensions.
-func HasBMI() bool {
-	return HasBMI1() && HasBMI2()
-}
-
-var hasBMI1 bool
-var hasBMI2 bool
diff --git a/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.go b/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.go
deleted file mode 100644
index e802579c4..000000000
--- a/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.go
+++ /dev/null
@@ -1,11 +0,0 @@
-//go:build amd64 && !appengine && !noasm && gc
-// +build amd64,!appengine,!noasm,gc
-
-package cpuinfo
-
-// go:noescape
-func x86extensions() (bmi1, bmi2 bool)
-
-func init() {
-	hasBMI1, hasBMI2 = x86extensions()
-}
diff --git a/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.s b/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.s
deleted file mode 100644
index 4465fbe9e..000000000
--- a/vendor/github.com/klauspost/compress/internal/cpuinfo/cpuinfo_amd64.s
+++ /dev/null
@@ -1,36 +0,0 @@
-// +build !appengine
-// +build gc
-// +build !noasm
-
-#include "textflag.h"
-#include "funcdata.h"
-#include "go_asm.h"
-
-TEXT ·x86extensions(SB), NOSPLIT, $0
-	// 1. determine max EAX value
-	XORQ AX, AX
-	CPUID
-
-	CMPQ AX, $7
-	JB   unsupported
-
-	// 2. EAX = 7, ECX = 0 --- see Table 3-8 "Information Returned by CPUID Instruction"
-	MOVQ $7, AX
-	MOVQ $0, CX
-	CPUID
-
-	BTQ   $3, BX // bit 3 = BMI1
-	SETCS AL
-
-	BTQ   $8, BX // bit 8 = BMI2
-	SETCS AH
-
-	MOVB AL, bmi1+0(FP)
-	MOVB AH, bmi2+1(FP)
-	RET
-
-unsupported:
-	XORQ AX, AX
-	MOVB AL, bmi1+0(FP)
-	MOVB AL, bmi2+1(FP)
-	RET
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/LICENSE b/vendor/github.com/klauspost/compress/internal/snapref/LICENSE
deleted file mode 100644
index 6050c10f4..000000000
--- a/vendor/github.com/klauspost/compress/internal/snapref/LICENSE
+++ /dev/null
@@ -1,27 +0,0 @@
-Copyright (c) 2011 The Snappy-Go Authors. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-   * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-   * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-   * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/decode.go b/vendor/github.com/klauspost/compress/internal/snapref/decode.go
deleted file mode 100644
index 40796a49d..000000000
--- a/vendor/github.com/klauspost/compress/internal/snapref/decode.go
+++ /dev/null
@@ -1,264 +0,0 @@
-// Copyright 2011 The Snappy-Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package snapref
-
-import (
-	"encoding/binary"
-	"errors"
-	"io"
-)
-
-var (
-	// ErrCorrupt reports that the input is invalid.
-	ErrCorrupt = errors.New("snappy: corrupt input")
-	// ErrTooLarge reports that the uncompressed length is too large.
-	ErrTooLarge = errors.New("snappy: decoded block is too large")
-	// ErrUnsupported reports that the input isn't supported.
-	ErrUnsupported = errors.New("snappy: unsupported input")
-
-	errUnsupportedLiteralLength = errors.New("snappy: unsupported literal length")
-)
-
-// DecodedLen returns the length of the decoded block.
-func DecodedLen(src []byte) (int, error) {
-	v, _, err := decodedLen(src)
-	return v, err
-}
-
-// decodedLen returns the length of the decoded block and the number of bytes
-// that the length header occupied.
-func decodedLen(src []byte) (blockLen, headerLen int, err error) {
-	v, n := binary.Uvarint(src)
-	if n <= 0 || v > 0xffffffff {
-		return 0, 0, ErrCorrupt
-	}
-
-	const wordSize = 32 << (^uint(0) >> 32 & 1)
-	if wordSize == 32 && v > 0x7fffffff {
-		return 0, 0, ErrTooLarge
-	}
-	return int(v), n, nil
-}
-
-const (
-	decodeErrCodeCorrupt                  = 1
-	decodeErrCodeUnsupportedLiteralLength = 2
-)
-
-// Decode returns the decoded form of src. The returned slice may be a sub-
-// slice of dst if dst was large enough to hold the entire decoded block.
-// Otherwise, a newly allocated slice will be returned.
-//
-// The dst and src must not overlap. It is valid to pass a nil dst.
-//
-// Decode handles the Snappy block format, not the Snappy stream format.
-func Decode(dst, src []byte) ([]byte, error) {
-	dLen, s, err := decodedLen(src)
-	if err != nil {
-		return nil, err
-	}
-	if dLen <= len(dst) {
-		dst = dst[:dLen]
-	} else {
-		dst = make([]byte, dLen)
-	}
-	switch decode(dst, src[s:]) {
-	case 0:
-		return dst, nil
-	case decodeErrCodeUnsupportedLiteralLength:
-		return nil, errUnsupportedLiteralLength
-	}
-	return nil, ErrCorrupt
-}
-
-// NewReader returns a new Reader that decompresses from r, using the framing
-// format described at
-// https://github.com/google/snappy/blob/master/framing_format.txt
-func NewReader(r io.Reader) *Reader {
-	return &Reader{
-		r:       r,
-		decoded: make([]byte, maxBlockSize),
-		buf:     make([]byte, maxEncodedLenOfMaxBlockSize+checksumSize),
-	}
-}
-
-// Reader is an io.Reader that can read Snappy-compressed bytes.
-//
-// Reader handles the Snappy stream format, not the Snappy block format.
-type Reader struct {
-	r       io.Reader
-	err     error
-	decoded []byte
-	buf     []byte
-	// decoded[i:j] contains decoded bytes that have not yet been passed on.
-	i, j       int
-	readHeader bool
-}
-
-// Reset discards any buffered data, resets all state, and switches the Snappy
-// reader to read from r. This permits reusing a Reader rather than allocating
-// a new one.
-func (r *Reader) Reset(reader io.Reader) {
-	r.r = reader
-	r.err = nil
-	r.i = 0
-	r.j = 0
-	r.readHeader = false
-}
-
-func (r *Reader) readFull(p []byte, allowEOF bool) (ok bool) {
-	if _, r.err = io.ReadFull(r.r, p); r.err != nil {
-		if r.err == io.ErrUnexpectedEOF || (r.err == io.EOF && !allowEOF) {
-			r.err = ErrCorrupt
-		}
-		return false
-	}
-	return true
-}
-
-func (r *Reader) fill() error {
-	for r.i >= r.j {
-		if !r.readFull(r.buf[:4], true) {
-			return r.err
-		}
-		chunkType := r.buf[0]
-		if !r.readHeader {
-			if chunkType != chunkTypeStreamIdentifier {
-				r.err = ErrCorrupt
-				return r.err
-			}
-			r.readHeader = true
-		}
-		chunkLen := int(r.buf[1]) | int(r.buf[2])<<8 | int(r.buf[3])<<16
-		if chunkLen > len(r.buf) {
-			r.err = ErrUnsupported
-			return r.err
-		}
-
-		// The chunk types are specified at
-		// https://github.com/google/snappy/blob/master/framing_format.txt
-		switch chunkType {
-		case chunkTypeCompressedData:
-			// Section 4.2. Compressed data (chunk type 0x00).
-			if chunkLen < checksumSize {
-				r.err = ErrCorrupt
-				return r.err
-			}
-			buf := r.buf[:chunkLen]
-			if !r.readFull(buf, false) {
-				return r.err
-			}
-			checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24
-			buf = buf[checksumSize:]
-
-			n, err := DecodedLen(buf)
-			if err != nil {
-				r.err = err
-				return r.err
-			}
-			if n > len(r.decoded) {
-				r.err = ErrCorrupt
-				return r.err
-			}
-			if _, err := Decode(r.decoded, buf); err != nil {
-				r.err = err
-				return r.err
-			}
-			if crc(r.decoded[:n]) != checksum {
-				r.err = ErrCorrupt
-				return r.err
-			}
-			r.i, r.j = 0, n
-			continue
-
-		case chunkTypeUncompressedData:
-			// Section 4.3. Uncompressed data (chunk type 0x01).
-			if chunkLen < checksumSize {
-				r.err = ErrCorrupt
-				return r.err
-			}
-			buf := r.buf[:checksumSize]
-			if !r.readFull(buf, false) {
-				return r.err
-			}
-			checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24
-			// Read directly into r.decoded instead of via r.buf.
-			n := chunkLen - checksumSize
-			if n > len(r.decoded) {
-				r.err = ErrCorrupt
-				return r.err
-			}
-			if !r.readFull(r.decoded[:n], false) {
-				return r.err
-			}
-			if crc(r.decoded[:n]) != checksum {
-				r.err = ErrCorrupt
-				return r.err
-			}
-			r.i, r.j = 0, n
-			continue
-
-		case chunkTypeStreamIdentifier:
-			// Section 4.1. Stream identifier (chunk type 0xff).
-			if chunkLen != len(magicBody) {
-				r.err = ErrCorrupt
-				return r.err
-			}
-			if !r.readFull(r.buf[:len(magicBody)], false) {
-				return r.err
-			}
-			for i := 0; i < len(magicBody); i++ {
-				if r.buf[i] != magicBody[i] {
-					r.err = ErrCorrupt
-					return r.err
-				}
-			}
-			continue
-		}
-
-		if chunkType <= 0x7f {
-			// Section 4.5. Reserved unskippable chunks (chunk types 0x02-0x7f).
-			r.err = ErrUnsupported
-			return r.err
-		}
-		// Section 4.4 Padding (chunk type 0xfe).
-		// Section 4.6. Reserved skippable chunks (chunk types 0x80-0xfd).
-		if !r.readFull(r.buf[:chunkLen], false) {
-			return r.err
-		}
-	}
-
-	return nil
-}
-
-// Read satisfies the io.Reader interface.
-func (r *Reader) Read(p []byte) (int, error) {
-	if r.err != nil {
-		return 0, r.err
-	}
-
-	if err := r.fill(); err != nil {
-		return 0, err
-	}
-
-	n := copy(p, r.decoded[r.i:r.j])
-	r.i += n
-	return n, nil
-}
-
-// ReadByte satisfies the io.ByteReader interface.
-func (r *Reader) ReadByte() (byte, error) {
-	if r.err != nil {
-		return 0, r.err
-	}
-
-	if err := r.fill(); err != nil {
-		return 0, err
-	}
-
-	c := r.decoded[r.i]
-	r.i++
-	return c, nil
-}
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/decode_other.go b/vendor/github.com/klauspost/compress/internal/snapref/decode_other.go
deleted file mode 100644
index 77395a6b8..000000000
--- a/vendor/github.com/klauspost/compress/internal/snapref/decode_other.go
+++ /dev/null
@@ -1,113 +0,0 @@
-// Copyright 2016 The Snappy-Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package snapref
-
-// decode writes the decoding of src to dst. It assumes that the varint-encoded
-// length of the decompressed bytes has already been read, and that len(dst)
-// equals that length.
-//
-// It returns 0 on success or a decodeErrCodeXxx error code on failure.
-func decode(dst, src []byte) int {
-	var d, s, offset, length int
-	for s < len(src) {
-		switch src[s] & 0x03 {
-		case tagLiteral:
-			x := uint32(src[s] >> 2)
-			switch {
-			case x < 60:
-				s++
-			case x == 60:
-				s += 2
-				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-					return decodeErrCodeCorrupt
-				}
-				x = uint32(src[s-1])
-			case x == 61:
-				s += 3
-				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-					return decodeErrCodeCorrupt
-				}
-				x = uint32(src[s-2]) | uint32(src[s-1])<<8
-			case x == 62:
-				s += 4
-				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-					return decodeErrCodeCorrupt
-				}
-				x = uint32(src[s-3]) | uint32(src[s-2])<<8 | uint32(src[s-1])<<16
-			case x == 63:
-				s += 5
-				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-					return decodeErrCodeCorrupt
-				}
-				x = uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24
-			}
-			length = int(x) + 1
-			if length <= 0 {
-				return decodeErrCodeUnsupportedLiteralLength
-			}
-			if length > len(dst)-d || length > len(src)-s {
-				return decodeErrCodeCorrupt
-			}
-			copy(dst[d:], src[s:s+length])
-			d += length
-			s += length
-			continue
-
-		case tagCopy1:
-			s += 2
-			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-				return decodeErrCodeCorrupt
-			}
-			length = 4 + int(src[s-2])>>2&0x7
-			offset = int(uint32(src[s-2])&0xe0<<3 | uint32(src[s-1]))
-
-		case tagCopy2:
-			s += 3
-			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-				return decodeErrCodeCorrupt
-			}
-			length = 1 + int(src[s-3])>>2
-			offset = int(uint32(src[s-2]) | uint32(src[s-1])<<8)
-
-		case tagCopy4:
-			s += 5
-			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-				return decodeErrCodeCorrupt
-			}
-			length = 1 + int(src[s-5])>>2
-			offset = int(uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24)
-		}
-
-		if offset <= 0 || d < offset || length > len(dst)-d {
-			return decodeErrCodeCorrupt
-		}
-		// Copy from an earlier sub-slice of dst to a later sub-slice.
-		// If no overlap, use the built-in copy:
-		if offset >= length {
-			copy(dst[d:d+length], dst[d-offset:])
-			d += length
-			continue
-		}
-
-		// Unlike the built-in copy function, this byte-by-byte copy always runs
-		// forwards, even if the slices overlap. Conceptually, this is:
-		//
-		// d += forwardCopy(dst[d:d+length], dst[d-offset:])
-		//
-		// We align the slices into a and b and show the compiler they are the same size.
-		// This allows the loop to run without bounds checks.
-		a := dst[d : d+length]
-		b := dst[d-offset:]
-		b = b[:len(a)]
-		for i := range a {
-			a[i] = b[i]
-		}
-		d += length
-	}
-	if d != len(dst) {
-		return decodeErrCodeCorrupt
-	}
-	return 0
-}
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/encode.go b/vendor/github.com/klauspost/compress/internal/snapref/encode.go
deleted file mode 100644
index 13c6040a5..000000000
--- a/vendor/github.com/klauspost/compress/internal/snapref/encode.go
+++ /dev/null
@@ -1,289 +0,0 @@
-// Copyright 2011 The Snappy-Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package snapref
-
-import (
-	"encoding/binary"
-	"errors"
-	"io"
-)
-
-// Encode returns the encoded form of src. The returned slice may be a sub-
-// slice of dst if dst was large enough to hold the entire encoded block.
-// Otherwise, a newly allocated slice will be returned.
-//
-// The dst and src must not overlap. It is valid to pass a nil dst.
-//
-// Encode handles the Snappy block format, not the Snappy stream format.
-func Encode(dst, src []byte) []byte {
-	if n := MaxEncodedLen(len(src)); n < 0 {
-		panic(ErrTooLarge)
-	} else if len(dst) < n {
-		dst = make([]byte, n)
-	}
-
-	// The block starts with the varint-encoded length of the decompressed bytes.
-	d := binary.PutUvarint(dst, uint64(len(src)))
-
-	for len(src) > 0 {
-		p := src
-		src = nil
-		if len(p) > maxBlockSize {
-			p, src = p[:maxBlockSize], p[maxBlockSize:]
-		}
-		if len(p) < minNonLiteralBlockSize {
-			d += emitLiteral(dst[d:], p)
-		} else {
-			d += encodeBlock(dst[d:], p)
-		}
-	}
-	return dst[:d]
-}
-
-// inputMargin is the minimum number of extra input bytes to keep, inside
-// encodeBlock's inner loop. On some architectures, this margin lets us
-// implement a fast path for emitLiteral, where the copy of short (<= 16 byte)
-// literals can be implemented as a single load to and store from a 16-byte
-// register. That literal's actual length can be as short as 1 byte, so this
-// can copy up to 15 bytes too much, but that's OK as subsequent iterations of
-// the encoding loop will fix up the copy overrun, and this inputMargin ensures
-// that we don't overrun the dst and src buffers.
-const inputMargin = 16 - 1
-
-// minNonLiteralBlockSize is the minimum size of the input to encodeBlock that
-// could be encoded with a copy tag. This is the minimum with respect to the
-// algorithm used by encodeBlock, not a minimum enforced by the file format.
-//
-// The encoded output must start with at least a 1 byte literal, as there are
-// no previous bytes to copy. A minimal (1 byte) copy after that, generated
-// from an emitCopy call in encodeBlock's main loop, would require at least
-// another inputMargin bytes, for the reason above: we want any emitLiteral
-// calls inside encodeBlock's main loop to use the fast path if possible, which
-// requires being able to overrun by inputMargin bytes. Thus,
-// minNonLiteralBlockSize equals 1 + 1 + inputMargin.
-//
-// The C++ code doesn't use this exact threshold, but it could, as discussed at
-// https://groups.google.com/d/topic/snappy-compression/oGbhsdIJSJ8/discussion
-// The difference between Go (2+inputMargin) and C++ (inputMargin) is purely an
-// optimization. It should not affect the encoded form. This is tested by
-// TestSameEncodingAsCppShortCopies.
-const minNonLiteralBlockSize = 1 + 1 + inputMargin
-
-// MaxEncodedLen returns the maximum length of a snappy block, given its
-// uncompressed length.
-//
-// It will return a negative value if srcLen is too large to encode.
-func MaxEncodedLen(srcLen int) int {
-	n := uint64(srcLen)
-	if n > 0xffffffff {
-		return -1
-	}
-	// Compressed data can be defined as:
-	//    compressed := item* literal*
-	//    item       := literal* copy
-	//
-	// The trailing literal sequence has a space blowup of at most 62/60
-	// since a literal of length 60 needs one tag byte + one extra byte
-	// for length information.
-	//
-	// Item blowup is trickier to measure. Suppose the "copy" op copies
-	// 4 bytes of data. Because of a special check in the encoding code,
-	// we produce a 4-byte copy only if the offset is < 65536. Therefore
-	// the copy op takes 3 bytes to encode, and this type of item leads
-	// to at most the 62/60 blowup for representing literals.
-	//
-	// Suppose the "copy" op copies 5 bytes of data. If the offset is big
-	// enough, it will take 5 bytes to encode the copy op. Therefore the
-	// worst case here is a one-byte literal followed by a five-byte copy.
-	// That is, 6 bytes of input turn into 7 bytes of "compressed" data.
-	//
-	// This last factor dominates the blowup, so the final estimate is:
-	n = 32 + n + n/6
-	if n > 0xffffffff {
-		return -1
-	}
-	return int(n)
-}
-
-var errClosed = errors.New("snappy: Writer is closed")
-
-// NewWriter returns a new Writer that compresses to w.
-//
-// The Writer returned does not buffer writes. There is no need to Flush or
-// Close such a Writer.
-//
-// Deprecated: the Writer returned is not suitable for many small writes, only
-// for few large writes. Use NewBufferedWriter instead, which is efficient
-// regardless of the frequency and shape of the writes, and remember to Close
-// that Writer when done.
-func NewWriter(w io.Writer) *Writer {
-	return &Writer{
-		w:    w,
-		obuf: make([]byte, obufLen),
-	}
-}
-
-// NewBufferedWriter returns a new Writer that compresses to w, using the
-// framing format described at
-// https://github.com/google/snappy/blob/master/framing_format.txt
-//
-// The Writer returned buffers writes. Users must call Close to guarantee all
-// data has been forwarded to the underlying io.Writer. They may also call
-// Flush zero or more times before calling Close.
-func NewBufferedWriter(w io.Writer) *Writer {
-	return &Writer{
-		w:    w,
-		ibuf: make([]byte, 0, maxBlockSize),
-		obuf: make([]byte, obufLen),
-	}
-}
-
-// Writer is an io.Writer that can write Snappy-compressed bytes.
-//
-// Writer handles the Snappy stream format, not the Snappy block format.
-type Writer struct {
-	w   io.Writer
-	err error
-
-	// ibuf is a buffer for the incoming (uncompressed) bytes.
-	//
-	// Its use is optional. For backwards compatibility, Writers created by the
-	// NewWriter function have ibuf == nil, do not buffer incoming bytes, and
-	// therefore do not need to be Flush'ed or Close'd.
-	ibuf []byte
-
-	// obuf is a buffer for the outgoing (compressed) bytes.
-	obuf []byte
-
-	// wroteStreamHeader is whether we have written the stream header.
-	wroteStreamHeader bool
-}
-
-// Reset discards the writer's state and switches the Snappy writer to write to
-// w. This permits reusing a Writer rather than allocating a new one.
-func (w *Writer) Reset(writer io.Writer) {
-	w.w = writer
-	w.err = nil
-	if w.ibuf != nil {
-		w.ibuf = w.ibuf[:0]
-	}
-	w.wroteStreamHeader = false
-}
-
-// Write satisfies the io.Writer interface.
-func (w *Writer) Write(p []byte) (nRet int, errRet error) {
-	if w.ibuf == nil {
-		// Do not buffer incoming bytes. This does not perform or compress well
-		// if the caller of Writer.Write writes many small slices. This
-		// behavior is therefore deprecated, but still supported for backwards
-		// compatibility with code that doesn't explicitly Flush or Close.
-		return w.write(p)
-	}
-
-	// The remainder of this method is based on bufio.Writer.Write from the
-	// standard library.
-
-	for len(p) > (cap(w.ibuf)-len(w.ibuf)) && w.err == nil {
-		var n int
-		if len(w.ibuf) == 0 {
-			// Large write, empty buffer.
-			// Write directly from p to avoid copy.
-			n, _ = w.write(p)
-		} else {
-			n = copy(w.ibuf[len(w.ibuf):cap(w.ibuf)], p)
-			w.ibuf = w.ibuf[:len(w.ibuf)+n]
-			w.Flush()
-		}
-		nRet += n
-		p = p[n:]
-	}
-	if w.err != nil {
-		return nRet, w.err
-	}
-	n := copy(w.ibuf[len(w.ibuf):cap(w.ibuf)], p)
-	w.ibuf = w.ibuf[:len(w.ibuf)+n]
-	nRet += n
-	return nRet, nil
-}
-
-func (w *Writer) write(p []byte) (nRet int, errRet error) {
-	if w.err != nil {
-		return 0, w.err
-	}
-	for len(p) > 0 {
-		obufStart := len(magicChunk)
-		if !w.wroteStreamHeader {
-			w.wroteStreamHeader = true
-			copy(w.obuf, magicChunk)
-			obufStart = 0
-		}
-
-		var uncompressed []byte
-		if len(p) > maxBlockSize {
-			uncompressed, p = p[:maxBlockSize], p[maxBlockSize:]
-		} else {
-			uncompressed, p = p, nil
-		}
-		checksum := crc(uncompressed)
-
-		// Compress the buffer, discarding the result if the improvement
-		// isn't at least 12.5%.
-		compressed := Encode(w.obuf[obufHeaderLen:], uncompressed)
-		chunkType := uint8(chunkTypeCompressedData)
-		chunkLen := 4 + len(compressed)
-		obufEnd := obufHeaderLen + len(compressed)
-		if len(compressed) >= len(uncompressed)-len(uncompressed)/8 {
-			chunkType = chunkTypeUncompressedData
-			chunkLen = 4 + len(uncompressed)
-			obufEnd = obufHeaderLen
-		}
-
-		// Fill in the per-chunk header that comes before the body.
-		w.obuf[len(magicChunk)+0] = chunkType
-		w.obuf[len(magicChunk)+1] = uint8(chunkLen >> 0)
-		w.obuf[len(magicChunk)+2] = uint8(chunkLen >> 8)
-		w.obuf[len(magicChunk)+3] = uint8(chunkLen >> 16)
-		w.obuf[len(magicChunk)+4] = uint8(checksum >> 0)
-		w.obuf[len(magicChunk)+5] = uint8(checksum >> 8)
-		w.obuf[len(magicChunk)+6] = uint8(checksum >> 16)
-		w.obuf[len(magicChunk)+7] = uint8(checksum >> 24)
-
-		if _, err := w.w.Write(w.obuf[obufStart:obufEnd]); err != nil {
-			w.err = err
-			return nRet, err
-		}
-		if chunkType == chunkTypeUncompressedData {
-			if _, err := w.w.Write(uncompressed); err != nil {
-				w.err = err
-				return nRet, err
-			}
-		}
-		nRet += len(uncompressed)
-	}
-	return nRet, nil
-}
-
-// Flush flushes the Writer to its underlying io.Writer.
-func (w *Writer) Flush() error {
-	if w.err != nil {
-		return w.err
-	}
-	if len(w.ibuf) == 0 {
-		return nil
-	}
-	w.write(w.ibuf)
-	w.ibuf = w.ibuf[:0]
-	return w.err
-}
-
-// Close calls Flush and then closes the Writer.
-func (w *Writer) Close() error {
-	w.Flush()
-	ret := w.err
-	if w.err == nil {
-		w.err = errClosed
-	}
-	return ret
-}
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/encode_other.go b/vendor/github.com/klauspost/compress/internal/snapref/encode_other.go
deleted file mode 100644
index 2754bac6f..000000000
--- a/vendor/github.com/klauspost/compress/internal/snapref/encode_other.go
+++ /dev/null
@@ -1,250 +0,0 @@
-// Copyright 2016 The Snappy-Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package snapref
-
-func load32(b []byte, i int) uint32 {
-	b = b[i : i+4 : len(b)] // Help the compiler eliminate bounds checks on the next line.
-	return uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24
-}
-
-func load64(b []byte, i int) uint64 {
-	b = b[i : i+8 : len(b)] // Help the compiler eliminate bounds checks on the next line.
-	return uint64(b[0]) | uint64(b[1])<<8 | uint64(b[2])<<16 | uint64(b[3])<<24 |
-		uint64(b[4])<<32 | uint64(b[5])<<40 | uint64(b[6])<<48 | uint64(b[7])<<56
-}
-
-// emitLiteral writes a literal chunk and returns the number of bytes written.
-//
-// It assumes that:
-//
-//	dst is long enough to hold the encoded bytes
-//	1 <= len(lit) && len(lit) <= 65536
-func emitLiteral(dst, lit []byte) int {
-	i, n := 0, uint(len(lit)-1)
-	switch {
-	case n < 60:
-		dst[0] = uint8(n)<<2 | tagLiteral
-		i = 1
-	case n < 1<<8:
-		dst[0] = 60<<2 | tagLiteral
-		dst[1] = uint8(n)
-		i = 2
-	default:
-		dst[0] = 61<<2 | tagLiteral
-		dst[1] = uint8(n)
-		dst[2] = uint8(n >> 8)
-		i = 3
-	}
-	return i + copy(dst[i:], lit)
-}
-
-// emitCopy writes a copy chunk and returns the number of bytes written.
-//
-// It assumes that:
-//
-//	dst is long enough to hold the encoded bytes
-//	1 <= offset && offset <= 65535
-//	4 <= length && length <= 65535
-func emitCopy(dst []byte, offset, length int) int {
-	i := 0
-	// The maximum length for a single tagCopy1 or tagCopy2 op is 64 bytes. The
-	// threshold for this loop is a little higher (at 68 = 64 + 4), and the
-	// length emitted down below is a little lower (at 60 = 64 - 4), because
-	// it's shorter to encode a length 67 copy as a length 60 tagCopy2 followed
-	// by a length 7 tagCopy1 (which encodes as 3+2 bytes) than to encode it as
-	// a length 64 tagCopy2 followed by a length 3 tagCopy2 (which encodes as
-	// 3+3 bytes). The magic 4 in the 64±4 is because the minimum length for a
-	// tagCopy1 op is 4 bytes, which is why a length 3 copy has to be an
-	// encodes-as-3-bytes tagCopy2 instead of an encodes-as-2-bytes tagCopy1.
-	for length >= 68 {
-		// Emit a length 64 copy, encoded as 3 bytes.
-		dst[i+0] = 63<<2 | tagCopy2
-		dst[i+1] = uint8(offset)
-		dst[i+2] = uint8(offset >> 8)
-		i += 3
-		length -= 64
-	}
-	if length > 64 {
-		// Emit a length 60 copy, encoded as 3 bytes.
-		dst[i+0] = 59<<2 | tagCopy2
-		dst[i+1] = uint8(offset)
-		dst[i+2] = uint8(offset >> 8)
-		i += 3
-		length -= 60
-	}
-	if length >= 12 || offset >= 2048 {
-		// Emit the remaining copy, encoded as 3 bytes.
-		dst[i+0] = uint8(length-1)<<2 | tagCopy2
-		dst[i+1] = uint8(offset)
-		dst[i+2] = uint8(offset >> 8)
-		return i + 3
-	}
-	// Emit the remaining copy, encoded as 2 bytes.
-	dst[i+0] = uint8(offset>>8)<<5 | uint8(length-4)<<2 | tagCopy1
-	dst[i+1] = uint8(offset)
-	return i + 2
-}
-
-func hash(u, shift uint32) uint32 {
-	return (u * 0x1e35a7bd) >> shift
-}
-
-// EncodeBlockInto exposes encodeBlock but checks dst size.
-func EncodeBlockInto(dst, src []byte) (d int) {
-	if MaxEncodedLen(len(src)) > len(dst) {
-		return 0
-	}
-
-	// encodeBlock breaks on too big blocks, so split.
-	for len(src) > 0 {
-		p := src
-		src = nil
-		if len(p) > maxBlockSize {
-			p, src = p[:maxBlockSize], p[maxBlockSize:]
-		}
-		if len(p) < minNonLiteralBlockSize {
-			d += emitLiteral(dst[d:], p)
-		} else {
-			d += encodeBlock(dst[d:], p)
-		}
-	}
-	return d
-}
-
-// encodeBlock encodes a non-empty src to a guaranteed-large-enough dst. It
-// assumes that the varint-encoded length of the decompressed bytes has already
-// been written.
-//
-// It also assumes that:
-//
-//	len(dst) >= MaxEncodedLen(len(src)) &&
-//	minNonLiteralBlockSize <= len(src) && len(src) <= maxBlockSize
-func encodeBlock(dst, src []byte) (d int) {
-	// Initialize the hash table. Its size ranges from 1<<8 to 1<<14 inclusive.
-	// The table element type is uint16, as s < sLimit and sLimit < len(src)
-	// and len(src) <= maxBlockSize and maxBlockSize == 65536.
-	const (
-		maxTableSize = 1 << 14
-		// tableMask is redundant, but helps the compiler eliminate bounds
-		// checks.
-		tableMask = maxTableSize - 1
-	)
-	shift := uint32(32 - 8)
-	for tableSize := 1 << 8; tableSize < maxTableSize && tableSize < len(src); tableSize *= 2 {
-		shift--
-	}
-	// In Go, all array elements are zero-initialized, so there is no advantage
-	// to a smaller tableSize per se. However, it matches the C++ algorithm,
-	// and in the asm versions of this code, we can get away with zeroing only
-	// the first tableSize elements.
-	var table [maxTableSize]uint16
-
-	// sLimit is when to stop looking for offset/length copies. The inputMargin
-	// lets us use a fast path for emitLiteral in the main loop, while we are
-	// looking for copies.
-	sLimit := len(src) - inputMargin
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := 0
-
-	// The encoded form must start with a literal, as there are no previous
-	// bytes to copy, so we start looking for hash matches at s == 1.
-	s := 1
-	nextHash := hash(load32(src, s), shift)
-
-	for {
-		// Copied from the C++ snappy implementation:
-		//
-		// Heuristic match skipping: If 32 bytes are scanned with no matches
-		// found, start looking only at every other byte. If 32 more bytes are
-		// scanned (or skipped), look at every third byte, etc.. When a match
-		// is found, immediately go back to looking at every byte. This is a
-		// small loss (~5% performance, ~0.1% density) for compressible data
-		// due to more bookkeeping, but for non-compressible data (such as
-		// JPEG) it's a huge win since the compressor quickly "realizes" the
-		// data is incompressible and doesn't bother looking for matches
-		// everywhere.
-		//
-		// The "skip" variable keeps track of how many bytes there are since
-		// the last match; dividing it by 32 (ie. right-shifting by five) gives
-		// the number of bytes to move ahead for each iteration.
-		skip := 32
-
-		nextS := s
-		candidate := 0
-		for {
-			s = nextS
-			bytesBetweenHashLookups := skip >> 5
-			nextS = s + bytesBetweenHashLookups
-			skip += bytesBetweenHashLookups
-			if nextS > sLimit {
-				goto emitRemainder
-			}
-			candidate = int(table[nextHash&tableMask])
-			table[nextHash&tableMask] = uint16(s)
-			nextHash = hash(load32(src, nextS), shift)
-			if load32(src, s) == load32(src, candidate) {
-				break
-			}
-		}
-
-		// A 4-byte match has been found. We'll later see if more than 4 bytes
-		// match. But, prior to the match, src[nextEmit:s] are unmatched. Emit
-		// them as literal bytes.
-		d += emitLiteral(dst[d:], src[nextEmit:s])
-
-		// Call emitCopy, and then see if another emitCopy could be our next
-		// move. Repeat until we find no match for the input immediately after
-		// what was consumed by the last emitCopy call.
-		//
-		// If we exit this loop normally then we need to call emitLiteral next,
-		// though we don't yet know how big the literal will be. We handle that
-		// by proceeding to the next iteration of the main loop. We also can
-		// exit this loop via goto if we get close to exhausting the input.
-		for {
-			// Invariant: we have a 4-byte match at s, and no need to emit any
-			// literal bytes prior to s.
-			base := s
-
-			// Extend the 4-byte match as long as possible.
-			//
-			// This is an inlined version of:
-			//	s = extendMatch(src, candidate+4, s+4)
-			s += 4
-			for i := candidate + 4; s < len(src) && src[i] == src[s]; i, s = i+1, s+1 {
-			}
-
-			d += emitCopy(dst[d:], base-candidate, s-base)
-			nextEmit = s
-			if s >= sLimit {
-				goto emitRemainder
-			}
-
-			// We could immediately start working at s now, but to improve
-			// compression we first update the hash table at s-1 and at s. If
-			// another emitCopy is not our next move, also calculate nextHash
-			// at s+1. At least on GOARCH=amd64, these three hash calculations
-			// are faster as one load64 call (with some shifts) instead of
-			// three load32 calls.
-			x := load64(src, s-1)
-			prevHash := hash(uint32(x>>0), shift)
-			table[prevHash&tableMask] = uint16(s - 1)
-			currHash := hash(uint32(x>>8), shift)
-			candidate = int(table[currHash&tableMask])
-			table[currHash&tableMask] = uint16(s)
-			if uint32(x>>8) != load32(src, candidate) {
-				nextHash = hash(uint32(x>>16), shift)
-				s++
-				break
-			}
-		}
-	}
-
-emitRemainder:
-	if nextEmit < len(src) {
-		d += emitLiteral(dst[d:], src[nextEmit:])
-	}
-	return d
-}
diff --git a/vendor/github.com/klauspost/compress/internal/snapref/snappy.go b/vendor/github.com/klauspost/compress/internal/snapref/snappy.go
deleted file mode 100644
index 34d01f4aa..000000000
--- a/vendor/github.com/klauspost/compress/internal/snapref/snappy.go
+++ /dev/null
@@ -1,98 +0,0 @@
-// Copyright 2011 The Snappy-Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package snapref implements the Snappy compression format. It aims for very
-// high speeds and reasonable compression.
-//
-// There are actually two Snappy formats: block and stream. They are related,
-// but different: trying to decompress block-compressed data as a Snappy stream
-// will fail, and vice versa. The block format is the Decode and Encode
-// functions and the stream format is the Reader and Writer types.
-//
-// The block format, the more common case, is used when the complete size (the
-// number of bytes) of the original data is known upfront, at the time
-// compression starts. The stream format, also known as the framing format, is
-// for when that isn't always true.
-//
-// The canonical, C++ implementation is at https://github.com/google/snappy and
-// it only implements the block format.
-package snapref
-
-import (
-	"hash/crc32"
-)
-
-/*
-Each encoded block begins with the varint-encoded length of the decoded data,
-followed by a sequence of chunks. Chunks begin and end on byte boundaries. The
-first byte of each chunk is broken into its 2 least and 6 most significant bits
-called l and m: l ranges in [0, 4) and m ranges in [0, 64). l is the chunk tag.
-Zero means a literal tag. All other values mean a copy tag.
-
-For literal tags:
-  - If m < 60, the next 1 + m bytes are literal bytes.
-  - Otherwise, let n be the little-endian unsigned integer denoted by the next
-    m - 59 bytes. The next 1 + n bytes after that are literal bytes.
-
-For copy tags, length bytes are copied from offset bytes ago, in the style of
-Lempel-Ziv compression algorithms. In particular:
-  - For l == 1, the offset ranges in [0, 1<<11) and the length in [4, 12).
-    The length is 4 + the low 3 bits of m. The high 3 bits of m form bits 8-10
-    of the offset. The next byte is bits 0-7 of the offset.
-  - For l == 2, the offset ranges in [0, 1<<16) and the length in [1, 65).
-    The length is 1 + m. The offset is the little-endian unsigned integer
-    denoted by the next 2 bytes.
-  - For l == 3, this tag is a legacy format that is no longer issued by most
-    encoders. Nonetheless, the offset ranges in [0, 1<<32) and the length in
-    [1, 65). The length is 1 + m. The offset is the little-endian unsigned
-    integer denoted by the next 4 bytes.
-*/
-const (
-	tagLiteral = 0x00
-	tagCopy1   = 0x01
-	tagCopy2   = 0x02
-	tagCopy4   = 0x03
-)
-
-const (
-	checksumSize    = 4
-	chunkHeaderSize = 4
-	magicChunk      = "\xff\x06\x00\x00" + magicBody
-	magicBody       = "sNaPpY"
-
-	// maxBlockSize is the maximum size of the input to encodeBlock. It is not
-	// part of the wire format per se, but some parts of the encoder assume
-	// that an offset fits into a uint16.
-	//
-	// Also, for the framing format (Writer type instead of Encode function),
-	// https://github.com/google/snappy/blob/master/framing_format.txt says
-	// that "the uncompressed data in a chunk must be no longer than 65536
-	// bytes".
-	maxBlockSize = 65536
-
-	// maxEncodedLenOfMaxBlockSize equals MaxEncodedLen(maxBlockSize), but is
-	// hard coded to be a const instead of a variable, so that obufLen can also
-	// be a const. Their equivalence is confirmed by
-	// TestMaxEncodedLenOfMaxBlockSize.
-	maxEncodedLenOfMaxBlockSize = 76490
-
-	obufHeaderLen = len(magicChunk) + checksumSize + chunkHeaderSize
-	obufLen       = obufHeaderLen + maxEncodedLenOfMaxBlockSize
-)
-
-const (
-	chunkTypeCompressedData   = 0x00
-	chunkTypeUncompressedData = 0x01
-	chunkTypePadding          = 0xfe
-	chunkTypeStreamIdentifier = 0xff
-)
-
-var crcTable = crc32.MakeTable(crc32.Castagnoli)
-
-// crc implements the checksum specified in section 3 of
-// https://github.com/google/snappy/blob/master/framing_format.txt
-func crc(b []byte) uint32 {
-	c := crc32.Update(0, crcTable, b)
-	return uint32(c>>15|c<<17) + 0xa282ead8
-}
diff --git a/vendor/github.com/klauspost/compress/s2sx.mod b/vendor/github.com/klauspost/compress/s2sx.mod
deleted file mode 100644
index 5a4412f90..000000000
--- a/vendor/github.com/klauspost/compress/s2sx.mod
+++ /dev/null
@@ -1,4 +0,0 @@
-module github.com/klauspost/compress
-
-go 1.19
-
diff --git a/vendor/github.com/klauspost/compress/s2sx.sum b/vendor/github.com/klauspost/compress/s2sx.sum
deleted file mode 100644
index e69de29bb..000000000
diff --git a/vendor/github.com/klauspost/compress/zstd/README.md b/vendor/github.com/klauspost/compress/zstd/README.md
deleted file mode 100644
index 92e2347bb..000000000
--- a/vendor/github.com/klauspost/compress/zstd/README.md
+++ /dev/null
@@ -1,441 +0,0 @@
-# zstd 
-
-[Zstandard](https://facebook.github.io/zstd/) is a real-time compression algorithm, providing high compression ratios. 
-It offers a very wide range of compression / speed trade-off, while being backed by a very fast decoder.
-A high performance compression algorithm is implemented. For now focused on speed. 
-
-This package provides [compression](#Compressor) to and [decompression](#Decompressor) of Zstandard content. 
-
-This package is pure Go and without use of "unsafe". 
-
-The `zstd` package is provided as open source software using a Go standard license.
-
-Currently the package is heavily optimized for 64 bit processors and will be significantly slower on 32 bit processors.
-
-For seekable zstd streams, see [this excellent package](https://github.com/SaveTheRbtz/zstd-seekable-format-go).
-
-## Installation
-
-Install using `go get -u github.com/klauspost/compress`. The package is located in `github.com/klauspost/compress/zstd`.
-
-[![Go Reference](https://pkg.go.dev/badge/github.com/klauspost/compress/zstd.svg)](https://pkg.go.dev/github.com/klauspost/compress/zstd)
-
-## Compressor
-
-### Status: 
-
-STABLE - there may always be subtle bugs, a wide variety of content has been tested and the library is actively 
-used by several projects. This library is being [fuzz-tested](https://github.com/klauspost/compress-fuzz) for all updates.
-
-There may still be specific combinations of data types/size/settings that could lead to edge cases, 
-so as always, testing is recommended.  
-
-For now, a high speed (fastest) and medium-fast (default) compressor has been implemented. 
-
-* The "Fastest" compression ratio is roughly equivalent to zstd level 1. 
-* The "Default" compression ratio is roughly equivalent to zstd level 3 (default).
-* The "Better" compression ratio is roughly equivalent to zstd level 7.
-* The "Best" compression ratio is roughly equivalent to zstd level 11.
-
-In terms of speed, it is typically 2x as fast as the stdlib deflate/gzip in its fastest mode. 
-The compression ratio compared to stdlib is around level 3, but usually 3x as fast.
-
- 
-### Usage
-
-An Encoder can be used for either compressing a stream via the
-`io.WriteCloser` interface supported by the Encoder or as multiple independent
-tasks via the `EncodeAll` function.
-Smaller encodes are encouraged to use the EncodeAll function.
-Use `NewWriter` to create a new instance that can be used for both.
-
-To create a writer with default options, do like this:
-
-```Go
-// Compress input to output.
-func Compress(in io.Reader, out io.Writer) error {
-    enc, err := zstd.NewWriter(out)
-    if err != nil {
-        return err
-    }
-    _, err = io.Copy(enc, in)
-    if err != nil {
-        enc.Close()
-        return err
-    }
-    return enc.Close()
-}
-```
-
-Now you can encode by writing data to `enc`. The output will be finished writing when `Close()` is called.
-Even if your encode fails, you should still call `Close()` to release any resources that may be held up.  
-
-The above is fine for big encodes. However, whenever possible try to *reuse* the writer.
-
-To reuse the encoder, you can use the `Reset(io.Writer)` function to change to another output. 
-This will allow the encoder to reuse all resources and avoid wasteful allocations. 
-
-Currently stream encoding has 'light' concurrency, meaning up to 2 goroutines can be working on part 
-of a stream. This is independent of the `WithEncoderConcurrency(n)`, but that is likely to change 
-in the future. So if you want to limit concurrency for future updates, specify the concurrency
-you would like.
-
-If you would like stream encoding to be done without spawning async goroutines, use `WithEncoderConcurrency(1)`
-which will compress input as each block is completed, blocking on writes until each has completed.
-
-You can specify your desired compression level using `WithEncoderLevel()` option. Currently only pre-defined 
-compression settings can be specified.
-
-#### Future Compatibility Guarantees
-
-This will be an evolving project. When using this package it is important to note that both the compression efficiency and speed may change.
-
-The goal will be to keep the default efficiency at the default zstd (level 3). 
-However the encoding should never be assumed to remain the same, 
-and you should not use hashes of compressed output for similarity checks.
-
-The Encoder can be assumed to produce the same output from the exact same code version.
-However, the may be modes in the future that break this, 
-although they will not be enabled without an explicit option.   
-
-This encoder is not designed to (and will probably never) output the exact same bitstream as the reference encoder.
-
-Also note, that the cgo decompressor currently does not [report all errors on invalid input](https://github.com/DataDog/zstd/issues/59),
-[omits error checks](https://github.com/DataDog/zstd/issues/61), [ignores checksums](https://github.com/DataDog/zstd/issues/43) 
-and seems to ignore concatenated streams, even though [it is part of the spec](https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#frames).
-
-#### Blocks
-
-For compressing small blocks, the returned encoder has a function called `EncodeAll(src, dst []byte) []byte`.
-
-`EncodeAll` will encode all input in src and append it to dst.
-This function can be called concurrently. 
-Each call will only run on a same goroutine as the caller.
-
-Encoded blocks can be concatenated and the result will be the combined input stream.
-Data compressed with EncodeAll can be decoded with the Decoder, using either a stream or `DecodeAll`.
-
-Especially when encoding blocks you should take special care to reuse the encoder. 
-This will effectively make it run without allocations after a warmup period. 
-To make it run completely without allocations, supply a destination buffer with space for all content.   
-
-```Go
-import "github.com/klauspost/compress/zstd"
-
-// Create a writer that caches compressors.
-// For this operation type we supply a nil Reader.
-var encoder, _ = zstd.NewWriter(nil)
-
-// Compress a buffer. 
-// If you have a destination buffer, the allocation in the call can also be eliminated.
-func Compress(src []byte) []byte {
-    return encoder.EncodeAll(src, make([]byte, 0, len(src)))
-} 
-```
-
-You can control the maximum number of concurrent encodes using the `WithEncoderConcurrency(n)` 
-option when creating the writer.
-
-Using the Encoder for both a stream and individual blocks concurrently is safe. 
-
-### Performance
-
-I have collected some speed examples to compare speed and compression against other compressors.
-
-* `file` is the input file.
-* `out` is the compressor used. `zskp` is this package. `zstd` is the Datadog cgo library. `gzstd/gzkp` is gzip standard and this library.
-* `level` is the compression level used. For `zskp` level 1 is "fastest", level 2 is "default"; 3 is "better", 4 is "best".
-* `insize`/`outsize` is the input/output size.
-* `millis` is the number of milliseconds used for compression.
-* `mb/s` is megabytes (2^20 bytes) per second.
-
-```
-Silesia Corpus:
-http://sun.aei.polsl.pl/~sdeor/corpus/silesia.zip
-
-This package:
-file    out     level   insize      outsize     millis  mb/s
-silesia.tar zskp    1   211947520   73821326    634     318.47
-silesia.tar zskp    2   211947520   67655404    1508    133.96
-silesia.tar zskp    3   211947520   64746933    3000    67.37
-silesia.tar zskp    4   211947520   60073508    16926   11.94
-
-cgo zstd:
-silesia.tar zstd    1   211947520   73605392    543     371.56
-silesia.tar zstd    3   211947520   66793289    864     233.68
-silesia.tar zstd    6   211947520   62916450    1913    105.66
-silesia.tar zstd    9   211947520   60212393    5063    39.92
-
-gzip, stdlib/this package:
-silesia.tar gzstd   1   211947520   80007735    1498    134.87
-silesia.tar gzkp    1   211947520   80088272    1009    200.31
-
-GOB stream of binary data. Highly compressible.
-https://files.klauspost.com/compress/gob-stream.7z
-
-file        out     level   insize  outsize     millis  mb/s
-gob-stream  zskp    1   1911399616  233948096   3230    564.34
-gob-stream  zskp    2   1911399616  203997694   4997    364.73
-gob-stream  zskp    3   1911399616  173526523   13435   135.68
-gob-stream  zskp    4   1911399616  162195235   47559   38.33
-
-gob-stream  zstd    1   1911399616  249810424   2637    691.26
-gob-stream  zstd    3   1911399616  208192146   3490    522.31
-gob-stream  zstd    6   1911399616  193632038   6687    272.56
-gob-stream  zstd    9   1911399616  177620386   16175   112.70
-
-gob-stream  gzstd   1   1911399616  357382013   9046    201.49
-gob-stream  gzkp    1   1911399616  359136669   4885    373.08
-
-The test data for the Large Text Compression Benchmark is the first
-10^9 bytes of the English Wikipedia dump on Mar. 3, 2006.
-http://mattmahoney.net/dc/textdata.html
-
-file    out level   insize      outsize     millis  mb/s
-enwik9  zskp    1   1000000000  343833605   3687    258.64
-enwik9  zskp    2   1000000000  317001237   7672    124.29
-enwik9  zskp    3   1000000000  291915823   15923   59.89
-enwik9  zskp    4   1000000000  261710291   77697   12.27
-
-enwik9  zstd    1   1000000000  358072021   3110    306.65
-enwik9  zstd    3   1000000000  313734672   4784    199.35
-enwik9  zstd    6   1000000000  295138875   10290   92.68
-enwik9  zstd    9   1000000000  278348700   28549   33.40
-
-enwik9  gzstd   1   1000000000  382578136   8608    110.78
-enwik9  gzkp    1   1000000000  382781160   5628    169.45
-
-Highly compressible JSON file.
-https://files.klauspost.com/compress/github-june-2days-2019.json.zst
-
-file                        out level   insize      outsize     millis  mb/s
-github-june-2days-2019.json zskp    1   6273951764  697439532   9789    611.17
-github-june-2days-2019.json zskp    2   6273951764  610876538   18553   322.49
-github-june-2days-2019.json zskp    3   6273951764  517662858   44186   135.41
-github-june-2days-2019.json zskp    4   6273951764  464617114   165373  36.18
-
-github-june-2days-2019.json zstd    1   6273951764  766284037   8450    708.00
-github-june-2days-2019.json zstd    3   6273951764  661889476   10927   547.57
-github-june-2days-2019.json zstd    6   6273951764  642756859   22996   260.18
-github-june-2days-2019.json zstd    9   6273951764  601974523   52413   114.16
-
-github-june-2days-2019.json gzstd   1   6273951764  1164397768  26793   223.32
-github-june-2days-2019.json gzkp    1   6273951764  1120631856  17693   338.16
-
-VM Image, Linux mint with a few installed applications:
-https://files.klauspost.com/compress/rawstudio-mint14.7z
-
-file                    out level   insize      outsize     millis  mb/s
-rawstudio-mint14.tar    zskp    1   8558382592  3718400221  18206   448.29
-rawstudio-mint14.tar    zskp    2   8558382592  3326118337  37074   220.15
-rawstudio-mint14.tar    zskp    3   8558382592  3163842361  87306   93.49
-rawstudio-mint14.tar    zskp    4   8558382592  2970480650  783862  10.41
-
-rawstudio-mint14.tar    zstd    1   8558382592  3609250104  17136   476.27
-rawstudio-mint14.tar    zstd    3   8558382592  3341679997  29262   278.92
-rawstudio-mint14.tar    zstd    6   8558382592  3235846406  77904   104.77
-rawstudio-mint14.tar    zstd    9   8558382592  3160778861  140946  57.91
-
-rawstudio-mint14.tar    gzstd   1   8558382592  3926234992  51345   158.96
-rawstudio-mint14.tar    gzkp    1   8558382592  3960117298  36722   222.26
-
-CSV data:
-https://files.klauspost.com/compress/nyc-taxi-data-10M.csv.zst
-
-file                    out level   insize      outsize     millis  mb/s
-nyc-taxi-data-10M.csv   zskp    1   3325605752  641319332   9462    335.17
-nyc-taxi-data-10M.csv   zskp    2   3325605752  588976126   17570   180.50
-nyc-taxi-data-10M.csv   zskp    3   3325605752  529329260   32432   97.79
-nyc-taxi-data-10M.csv   zskp    4   3325605752  474949772   138025  22.98
-
-nyc-taxi-data-10M.csv   zstd    1   3325605752  687399637   8233    385.18
-nyc-taxi-data-10M.csv   zstd    3   3325605752  598514411   10065   315.07
-nyc-taxi-data-10M.csv   zstd    6   3325605752  570522953   20038   158.27
-nyc-taxi-data-10M.csv   zstd    9   3325605752  517554797   64565   49.12
-
-nyc-taxi-data-10M.csv   gzstd   1   3325605752  928654908   21270   149.11
-nyc-taxi-data-10M.csv   gzkp    1   3325605752  922273214   13929   227.68
-```
-
-## Decompressor
-
-Status: STABLE - there may still be subtle bugs, but a wide variety of content has been tested.
-
-This library is being continuously [fuzz-tested](https://github.com/klauspost/compress-fuzz),
-kindly supplied by [fuzzit.dev](https://fuzzit.dev/). 
-The main purpose of the fuzz testing is to ensure that it is not possible to crash the decoder, 
-or run it past its limits with ANY input provided.  
- 
-### Usage
-
-The package has been designed for two main usages, big streams of data and smaller in-memory buffers. 
-There are two main usages of the package for these. Both of them are accessed by creating a `Decoder`.
-
-For streaming use a simple setup could look like this:
-
-```Go
-import "github.com/klauspost/compress/zstd"
-
-func Decompress(in io.Reader, out io.Writer) error {
-    d, err := zstd.NewReader(in)
-    if err != nil {
-        return err
-    }
-    defer d.Close()
-    
-    // Copy content...
-    _, err = io.Copy(out, d)
-    return err
-}
-```
-
-It is important to use the "Close" function when you no longer need the Reader to stop running goroutines, 
-when running with default settings.
-Goroutines will exit once an error has been returned, including `io.EOF` at the end of a stream.
-
-Streams are decoded concurrently in 4 asynchronous stages to give the best possible throughput.
-However, if you prefer synchronous decompression, use `WithDecoderConcurrency(1)` which will decompress data 
-as it is being requested only.
-
-For decoding buffers, it could look something like this:
-
-```Go
-import "github.com/klauspost/compress/zstd"
-
-// Create a reader that caches decompressors.
-// For this operation type we supply a nil Reader.
-var decoder, _ = zstd.NewReader(nil, zstd.WithDecoderConcurrency(0))
-
-// Decompress a buffer. We don't supply a destination buffer,
-// so it will be allocated by the decoder.
-func Decompress(src []byte) ([]byte, error) {
-    return decoder.DecodeAll(src, nil)
-} 
-```
-
-Both of these cases should provide the functionality needed. 
-The decoder can be used for *concurrent* decompression of multiple buffers.
-By default 4 decompressors will be created. 
-
-It will only allow a certain number of concurrent operations to run. 
-To tweak that yourself use the `WithDecoderConcurrency(n)` option when creating the decoder.
-It is possible to use `WithDecoderConcurrency(0)` to create GOMAXPROCS decoders.
-
-### Dictionaries
-
-Data compressed with [dictionaries](https://github.com/facebook/zstd#the-case-for-small-data-compression) can be decompressed.
-
-Dictionaries are added individually to Decoders.
-Dictionaries are generated by the `zstd --train` command and contains an initial state for the decoder.
-To add a dictionary use the `WithDecoderDicts(dicts ...[]byte)` option with the dictionary data.
-Several dictionaries can be added at once.
-
-The dictionary will be used automatically for the data that specifies them.
-A re-used Decoder will still contain the dictionaries registered.
-
-When registering multiple dictionaries with the same ID, the last one will be used.
-
-It is possible to use dictionaries when compressing data.
-
-To enable a dictionary use `WithEncoderDict(dict []byte)`. Here only one dictionary will be used 
-and it will likely be used even if it doesn't improve compression. 
-
-The used dictionary must be used to decompress the content.
-
-For any real gains, the dictionary should be built with similar data. 
-If an unsuitable dictionary is used the output may be slightly larger than using no dictionary.
-Use the [zstd commandline tool](https://github.com/facebook/zstd/releases) to build a dictionary from sample data.
-For information see [zstd dictionary information](https://github.com/facebook/zstd#the-case-for-small-data-compression). 
-
-For now there is a fixed startup performance penalty for compressing content with dictionaries. 
-This will likely be improved over time. Just be aware to test performance when implementing.  
-
-### Allocation-less operation
-
-The decoder has been designed to operate without allocations after a warmup. 
-
-This means that you should *store* the decoder for best performance. 
-To re-use a stream decoder, use the `Reset(r io.Reader) error` to switch to another stream.
-A decoder can safely be re-used even if the previous stream failed.
-
-To release the resources, you must call the `Close()` function on a decoder.
-After this it can *no longer be reused*, but all running goroutines will be stopped.
-So you *must* use this if you will no longer need the Reader.
-
-For decompressing smaller buffers a single decoder can be used.
-When decoding buffers, you can supply a destination slice with length 0 and your expected capacity.
-In this case no unneeded allocations should be made. 
-
-### Concurrency
-
-The buffer decoder does everything on the same goroutine and does nothing concurrently.
-It can however decode several buffers concurrently. Use `WithDecoderConcurrency(n)` to limit that.
-
-The stream decoder will create goroutines that:
-
-1) Reads input and splits the input into blocks.
-2) Decompression of literals.
-3) Decompression of sequences.
-4) Reconstruction of output stream.
-
-So effectively this also means the decoder will "read ahead" and prepare data to always be available for output.
-
-The concurrency level will, for streams, determine how many blocks ahead the compression will start.
-
-Since "blocks" are quite dependent on the output of the previous block stream decoding will only have limited concurrency.
-
-In practice this means that concurrency is often limited to utilizing about 3 cores effectively.
-  
-### Benchmarks
-
-The first two are streaming decodes and the last are smaller inputs. 
-
-Running on AMD Ryzen 9 3950X 16-Core Processor. AMD64 assembly used.
-
-```
-BenchmarkDecoderSilesia-32    	                   5	 206878840 ns/op	1024.50 MB/s	   49808 B/op	      43 allocs/op
-BenchmarkDecoderEnwik9-32                          1	1271809000 ns/op	 786.28 MB/s	   72048 B/op	      52 allocs/op
-
-Concurrent blocks, performance:
-
-BenchmarkDecoder_DecodeAllParallel/kppkn.gtb.zst-32         	   67356	     17857 ns/op	10321.96 MB/s	        22.48 pct	     102 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/geo.protodata.zst-32     	  266656	      4421 ns/op	26823.21 MB/s	        11.89 pct	      19 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/plrabn12.txt.zst-32      	   20992	     56842 ns/op	8477.17 MB/s	        39.90 pct	     754 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/lcet10.txt.zst-32        	   27456	     43932 ns/op	9714.01 MB/s	        33.27 pct	     524 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/asyoulik.txt.zst-32      	   78432	     15047 ns/op	8319.15 MB/s	        40.34 pct	      66 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/alice29.txt.zst-32       	   65800	     18436 ns/op	8249.63 MB/s	        37.75 pct	      88 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/html_x_4.zst-32          	  102993	     11523 ns/op	35546.09 MB/s	         3.637 pct	     143 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/paper-100k.pdf.zst-32    	 1000000	      1070 ns/op	95720.98 MB/s	        80.53 pct	       3 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/fireworks.jpeg.zst-32    	  749802	      1752 ns/op	70272.35 MB/s	       100.0 pct	       5 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/urls.10K.zst-32          	   22640	     52934 ns/op	13263.37 MB/s	        26.25 pct	    1014 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/html.zst-32              	  226412	      5232 ns/op	19572.27 MB/s	        14.49 pct	      20 B/op	       0 allocs/op
-BenchmarkDecoder_DecodeAllParallel/comp-data.bin.zst-32     	  923041	      1276 ns/op	3194.71 MB/s	        31.26 pct	       0 B/op	       0 allocs/op
-```
-
-This reflects the performance around May 2022, but this may be out of date.
-
-## Zstd inside ZIP files
-
-It is possible to use zstandard to compress individual files inside zip archives.
-While this isn't widely supported it can be useful for internal files.
-
-To support the compression and decompression of these files you must register a compressor and decompressor.
-
-It is highly recommended registering the (de)compressors on individual zip Reader/Writer and NOT
-use the global registration functions. The main reason for this is that 2 registrations from 
-different packages will result in a panic.
-
-It is a good idea to only have a single compressor and decompressor, since they can be used for multiple zip
-files concurrently, and using a single instance will allow reusing some resources.
-
-See [this example](https://pkg.go.dev/github.com/klauspost/compress/zstd#example-ZipCompressor) for 
-how to compress and decompress files inside zip archives.
-
-# Contributions
-
-Contributions are always welcome. 
-For new features/fixes, remember to add tests and for performance enhancements include benchmarks.
-
-For general feedback and experience reports, feel free to open an issue or write me on [Twitter](https://twitter.com/sh0dan).
-
-This package includes the excellent [`github.com/cespare/xxhash`](https://github.com/cespare/xxhash) package Copyright (c) 2016 Caleb Spare.
diff --git a/vendor/github.com/klauspost/compress/zstd/bitreader.go b/vendor/github.com/klauspost/compress/zstd/bitreader.go
deleted file mode 100644
index 25ca98394..000000000
--- a/vendor/github.com/klauspost/compress/zstd/bitreader.go
+++ /dev/null
@@ -1,136 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"encoding/binary"
-	"errors"
-	"fmt"
-	"io"
-	"math/bits"
-)
-
-// bitReader reads a bitstream in reverse.
-// The last set bit indicates the start of the stream and is used
-// for aligning the input.
-type bitReader struct {
-	in       []byte
-	value    uint64 // Maybe use [16]byte, but shifting is awkward.
-	bitsRead uint8
-}
-
-// init initializes and resets the bit reader.
-func (b *bitReader) init(in []byte) error {
-	if len(in) < 1 {
-		return errors.New("corrupt stream: too short")
-	}
-	b.in = in
-	// The highest bit of the last byte indicates where to start
-	v := in[len(in)-1]
-	if v == 0 {
-		return errors.New("corrupt stream, did not find end of stream")
-	}
-	b.bitsRead = 64
-	b.value = 0
-	if len(in) >= 8 {
-		b.fillFastStart()
-	} else {
-		b.fill()
-		b.fill()
-	}
-	b.bitsRead += 8 - uint8(highBits(uint32(v)))
-	return nil
-}
-
-// getBits will return n bits. n can be 0.
-func (b *bitReader) getBits(n uint8) int {
-	if n == 0 /*|| b.bitsRead >= 64 */ {
-		return 0
-	}
-	return int(b.get32BitsFast(n))
-}
-
-// get32BitsFast requires that at least one bit is requested every time.
-// There are no checks if the buffer is filled.
-func (b *bitReader) get32BitsFast(n uint8) uint32 {
-	const regMask = 64 - 1
-	v := uint32((b.value << (b.bitsRead & regMask)) >> ((regMask + 1 - n) & regMask))
-	b.bitsRead += n
-	return v
-}
-
-// fillFast() will make sure at least 32 bits are available.
-// There must be at least 4 bytes available.
-func (b *bitReader) fillFast() {
-	if b.bitsRead < 32 {
-		return
-	}
-	v := b.in[len(b.in)-4:]
-	b.in = b.in[:len(b.in)-4]
-	low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-	b.value = (b.value << 32) | uint64(low)
-	b.bitsRead -= 32
-}
-
-// fillFastStart() assumes the bitreader is empty and there is at least 8 bytes to read.
-func (b *bitReader) fillFastStart() {
-	v := b.in[len(b.in)-8:]
-	b.in = b.in[:len(b.in)-8]
-	b.value = binary.LittleEndian.Uint64(v)
-	b.bitsRead = 0
-}
-
-// fill() will make sure at least 32 bits are available.
-func (b *bitReader) fill() {
-	if b.bitsRead < 32 {
-		return
-	}
-	if len(b.in) >= 4 {
-		v := b.in[len(b.in)-4:]
-		b.in = b.in[:len(b.in)-4]
-		low := (uint32(v[0])) | (uint32(v[1]) << 8) | (uint32(v[2]) << 16) | (uint32(v[3]) << 24)
-		b.value = (b.value << 32) | uint64(low)
-		b.bitsRead -= 32
-		return
-	}
-
-	b.bitsRead -= uint8(8 * len(b.in))
-	for len(b.in) > 0 {
-		b.value = (b.value << 8) | uint64(b.in[len(b.in)-1])
-		b.in = b.in[:len(b.in)-1]
-	}
-}
-
-// finished returns true if all bits have been read from the bit stream.
-func (b *bitReader) finished() bool {
-	return len(b.in) == 0 && b.bitsRead >= 64
-}
-
-// overread returns true if more bits have been requested than is on the stream.
-func (b *bitReader) overread() bool {
-	return b.bitsRead > 64
-}
-
-// remain returns the number of bits remaining.
-func (b *bitReader) remain() uint {
-	return 8*uint(len(b.in)) + 64 - uint(b.bitsRead)
-}
-
-// close the bitstream and returns an error if out-of-buffer reads occurred.
-func (b *bitReader) close() error {
-	// Release reference.
-	b.in = nil
-	if !b.finished() {
-		return fmt.Errorf("%d extra bits on block, should be 0", b.remain())
-	}
-	if b.bitsRead > 64 {
-		return io.ErrUnexpectedEOF
-	}
-	return nil
-}
-
-func highBits(val uint32) (n uint32) {
-	return uint32(bits.Len32(val) - 1)
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/bitwriter.go b/vendor/github.com/klauspost/compress/zstd/bitwriter.go
deleted file mode 100644
index 1952f175b..000000000
--- a/vendor/github.com/klauspost/compress/zstd/bitwriter.go
+++ /dev/null
@@ -1,112 +0,0 @@
-// Copyright 2018 Klaus Post. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-// Based on work Copyright (c) 2013, Yann Collet, released under BSD License.
-
-package zstd
-
-// bitWriter will write bits.
-// First bit will be LSB of the first byte of output.
-type bitWriter struct {
-	bitContainer uint64
-	nBits        uint8
-	out          []byte
-}
-
-// bitMask16 is bitmasks. Has extra to avoid bounds check.
-var bitMask16 = [32]uint16{
-	0, 1, 3, 7, 0xF, 0x1F,
-	0x3F, 0x7F, 0xFF, 0x1FF, 0x3FF, 0x7FF,
-	0xFFF, 0x1FFF, 0x3FFF, 0x7FFF, 0xFFFF, 0xFFFF,
-	0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF, 0xFFFF,
-	0xFFFF, 0xFFFF} /* up to 16 bits */
-
-var bitMask32 = [32]uint32{
-	0, 1, 3, 7, 0xF, 0x1F, 0x3F, 0x7F, 0xFF,
-	0x1FF, 0x3FF, 0x7FF, 0xFFF, 0x1FFF, 0x3FFF, 0x7FFF, 0xFFFF,
-	0x1ffff, 0x3ffff, 0x7FFFF, 0xfFFFF, 0x1fFFFF, 0x3fFFFF, 0x7fFFFF, 0xffFFFF,
-	0x1ffFFFF, 0x3ffFFFF, 0x7ffFFFF, 0xfffFFFF, 0x1fffFFFF, 0x3fffFFFF, 0x7fffFFFF,
-} // up to 32 bits
-
-// addBits16NC will add up to 16 bits.
-// It will not check if there is space for them,
-// so the caller must ensure that it has flushed recently.
-func (b *bitWriter) addBits16NC(value uint16, bits uint8) {
-	b.bitContainer |= uint64(value&bitMask16[bits&31]) << (b.nBits & 63)
-	b.nBits += bits
-}
-
-// addBits32NC will add up to 31 bits.
-// It will not check if there is space for them,
-// so the caller must ensure that it has flushed recently.
-func (b *bitWriter) addBits32NC(value uint32, bits uint8) {
-	b.bitContainer |= uint64(value&bitMask32[bits&31]) << (b.nBits & 63)
-	b.nBits += bits
-}
-
-// addBits64NC will add up to 64 bits.
-// There must be space for 32 bits.
-func (b *bitWriter) addBits64NC(value uint64, bits uint8) {
-	if bits <= 31 {
-		b.addBits32Clean(uint32(value), bits)
-		return
-	}
-	b.addBits32Clean(uint32(value), 32)
-	b.flush32()
-	b.addBits32Clean(uint32(value>>32), bits-32)
-}
-
-// addBits32Clean will add up to 32 bits.
-// It will not check if there is space for them.
-// The input must not contain more bits than specified.
-func (b *bitWriter) addBits32Clean(value uint32, bits uint8) {
-	b.bitContainer |= uint64(value) << (b.nBits & 63)
-	b.nBits += bits
-}
-
-// addBits16Clean will add up to 16 bits. value may not contain more set bits than indicated.
-// It will not check if there is space for them, so the caller must ensure that it has flushed recently.
-func (b *bitWriter) addBits16Clean(value uint16, bits uint8) {
-	b.bitContainer |= uint64(value) << (b.nBits & 63)
-	b.nBits += bits
-}
-
-// flush32 will flush out, so there are at least 32 bits available for writing.
-func (b *bitWriter) flush32() {
-	if b.nBits < 32 {
-		return
-	}
-	b.out = append(b.out,
-		byte(b.bitContainer),
-		byte(b.bitContainer>>8),
-		byte(b.bitContainer>>16),
-		byte(b.bitContainer>>24))
-	b.nBits -= 32
-	b.bitContainer >>= 32
-}
-
-// flushAlign will flush remaining full bytes and align to next byte boundary.
-func (b *bitWriter) flushAlign() {
-	nbBytes := (b.nBits + 7) >> 3
-	for i := uint8(0); i < nbBytes; i++ {
-		b.out = append(b.out, byte(b.bitContainer>>(i*8)))
-	}
-	b.nBits = 0
-	b.bitContainer = 0
-}
-
-// close will write the alignment bit and write the final byte(s)
-// to the output.
-func (b *bitWriter) close() {
-	// End mark
-	b.addBits16Clean(1, 1)
-	// flush until next byte.
-	b.flushAlign()
-}
-
-// reset and continue writing by appending to out.
-func (b *bitWriter) reset(out []byte) {
-	b.bitContainer = 0
-	b.nBits = 0
-	b.out = out
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/blockdec.go b/vendor/github.com/klauspost/compress/zstd/blockdec.go
deleted file mode 100644
index 9c28840c3..000000000
--- a/vendor/github.com/klauspost/compress/zstd/blockdec.go
+++ /dev/null
@@ -1,731 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"bytes"
-	"encoding/binary"
-	"errors"
-	"fmt"
-	"hash/crc32"
-	"io"
-	"os"
-	"path/filepath"
-	"sync"
-
-	"github.com/klauspost/compress/huff0"
-	"github.com/klauspost/compress/zstd/internal/xxhash"
-)
-
-type blockType uint8
-
-//go:generate stringer -type=blockType,literalsBlockType,seqCompMode,tableIndex
-
-const (
-	blockTypeRaw blockType = iota
-	blockTypeRLE
-	blockTypeCompressed
-	blockTypeReserved
-)
-
-type literalsBlockType uint8
-
-const (
-	literalsBlockRaw literalsBlockType = iota
-	literalsBlockRLE
-	literalsBlockCompressed
-	literalsBlockTreeless
-)
-
-const (
-	// maxCompressedBlockSize is the biggest allowed compressed block size (128KB)
-	maxCompressedBlockSize = 128 << 10
-
-	compressedBlockOverAlloc    = 16
-	maxCompressedBlockSizeAlloc = 128<<10 + compressedBlockOverAlloc
-
-	// Maximum possible block size (all Raw+Uncompressed).
-	maxBlockSize = (1 << 21) - 1
-
-	maxMatchLen  = 131074
-	maxSequences = 0x7f00 + 0xffff
-
-	// We support slightly less than the reference decoder to be able to
-	// use ints on 32 bit archs.
-	maxOffsetBits = 30
-)
-
-var (
-	huffDecoderPool = sync.Pool{New: func() interface{} {
-		return &huff0.Scratch{}
-	}}
-
-	fseDecoderPool = sync.Pool{New: func() interface{} {
-		return &fseDecoder{}
-	}}
-)
-
-type blockDec struct {
-	// Raw source data of the block.
-	data        []byte
-	dataStorage []byte
-
-	// Destination of the decoded data.
-	dst []byte
-
-	// Buffer for literals data.
-	literalBuf []byte
-
-	// Window size of the block.
-	WindowSize uint64
-
-	err error
-
-	// Check against this crc, if hasCRC is true.
-	checkCRC uint32
-	hasCRC   bool
-
-	// Frame to use for singlethreaded decoding.
-	// Should not be used by the decoder itself since parent may be another frame.
-	localFrame *frameDec
-
-	sequence []seqVals
-
-	async struct {
-		newHist  *history
-		literals []byte
-		seqData  []byte
-		seqSize  int // Size of uncompressed sequences
-		fcs      uint64
-	}
-
-	// Block is RLE, this is the size.
-	RLESize uint32
-
-	Type blockType
-
-	// Is this the last block of a frame?
-	Last bool
-
-	// Use less memory
-	lowMem bool
-}
-
-func (b *blockDec) String() string {
-	if b == nil {
-		return ""
-	}
-	return fmt.Sprintf("Steam Size: %d, Type: %v, Last: %t, Window: %d", len(b.data), b.Type, b.Last, b.WindowSize)
-}
-
-func newBlockDec(lowMem bool) *blockDec {
-	b := blockDec{
-		lowMem: lowMem,
-	}
-	return &b
-}
-
-// reset will reset the block.
-// Input must be a start of a block and will be at the end of the block when returned.
-func (b *blockDec) reset(br byteBuffer, windowSize uint64) error {
-	b.WindowSize = windowSize
-	tmp, err := br.readSmall(3)
-	if err != nil {
-		println("Reading block header:", err)
-		return err
-	}
-	bh := uint32(tmp[0]) | (uint32(tmp[1]) << 8) | (uint32(tmp[2]) << 16)
-	b.Last = bh&1 != 0
-	b.Type = blockType((bh >> 1) & 3)
-	// find size.
-	cSize := int(bh >> 3)
-	maxSize := maxCompressedBlockSizeAlloc
-	switch b.Type {
-	case blockTypeReserved:
-		return ErrReservedBlockType
-	case blockTypeRLE:
-		if cSize > maxCompressedBlockSize || cSize > int(b.WindowSize) {
-			if debugDecoder {
-				printf("rle block too big: csize:%d block: %+v\n", uint64(cSize), b)
-			}
-			return ErrWindowSizeExceeded
-		}
-		b.RLESize = uint32(cSize)
-		if b.lowMem {
-			maxSize = cSize
-		}
-		cSize = 1
-	case blockTypeCompressed:
-		if debugDecoder {
-			println("Data size on stream:", cSize)
-		}
-		b.RLESize = 0
-		maxSize = maxCompressedBlockSizeAlloc
-		if windowSize < maxCompressedBlockSize && b.lowMem {
-			maxSize = int(windowSize) + compressedBlockOverAlloc
-		}
-		if cSize > maxCompressedBlockSize || uint64(cSize) > b.WindowSize {
-			if debugDecoder {
-				printf("compressed block too big: csize:%d block: %+v\n", uint64(cSize), b)
-			}
-			return ErrCompressedSizeTooBig
-		}
-		// Empty compressed blocks must at least be 2 bytes
-		// for Literals_Block_Type and one for Sequences_Section_Header.
-		if cSize < 2 {
-			return ErrBlockTooSmall
-		}
-	case blockTypeRaw:
-		if cSize > maxCompressedBlockSize || cSize > int(b.WindowSize) {
-			if debugDecoder {
-				printf("rle block too big: csize:%d block: %+v\n", uint64(cSize), b)
-			}
-			return ErrWindowSizeExceeded
-		}
-
-		b.RLESize = 0
-		// We do not need a destination for raw blocks.
-		maxSize = -1
-	default:
-		panic("Invalid block type")
-	}
-
-	// Read block data.
-	if _, ok := br.(*byteBuf); !ok && cap(b.dataStorage) < cSize {
-		// byteBuf doesn't need a destination buffer.
-		if b.lowMem || cSize > maxCompressedBlockSize {
-			b.dataStorage = make([]byte, 0, cSize+compressedBlockOverAlloc)
-		} else {
-			b.dataStorage = make([]byte, 0, maxCompressedBlockSizeAlloc)
-		}
-	}
-	b.data, err = br.readBig(cSize, b.dataStorage)
-	if err != nil {
-		if debugDecoder {
-			println("Reading block:", err, "(", cSize, ")", len(b.data))
-			printf("%T", br)
-		}
-		return err
-	}
-	if cap(b.dst) <= maxSize {
-		b.dst = make([]byte, 0, maxSize+1)
-	}
-	return nil
-}
-
-// sendEOF will make the decoder send EOF on this frame.
-func (b *blockDec) sendErr(err error) {
-	b.Last = true
-	b.Type = blockTypeReserved
-	b.err = err
-}
-
-// Close will release resources.
-// Closed blockDec cannot be reset.
-func (b *blockDec) Close() {
-}
-
-// decodeBuf
-func (b *blockDec) decodeBuf(hist *history) error {
-	switch b.Type {
-	case blockTypeRLE:
-		if cap(b.dst) < int(b.RLESize) {
-			if b.lowMem {
-				b.dst = make([]byte, b.RLESize)
-			} else {
-				b.dst = make([]byte, maxCompressedBlockSize)
-			}
-		}
-		b.dst = b.dst[:b.RLESize]
-		v := b.data[0]
-		for i := range b.dst {
-			b.dst[i] = v
-		}
-		hist.appendKeep(b.dst)
-		return nil
-	case blockTypeRaw:
-		hist.appendKeep(b.data)
-		return nil
-	case blockTypeCompressed:
-		saved := b.dst
-		// Append directly to history
-		if hist.ignoreBuffer == 0 {
-			b.dst = hist.b
-			hist.b = nil
-		} else {
-			b.dst = b.dst[:0]
-		}
-		err := b.decodeCompressed(hist)
-		if debugDecoder {
-			println("Decompressed to total", len(b.dst), "bytes, hash:", xxhash.Sum64(b.dst), "error:", err)
-		}
-		if hist.ignoreBuffer == 0 {
-			hist.b = b.dst
-			b.dst = saved
-		} else {
-			hist.appendKeep(b.dst)
-		}
-		return err
-	case blockTypeReserved:
-		// Used for returning errors.
-		return b.err
-	default:
-		panic("Invalid block type")
-	}
-}
-
-func (b *blockDec) decodeLiterals(in []byte, hist *history) (remain []byte, err error) {
-	// There must be at least one byte for Literals_Block_Type and one for Sequences_Section_Header
-	if len(in) < 2 {
-		return in, ErrBlockTooSmall
-	}
-
-	litType := literalsBlockType(in[0] & 3)
-	var litRegenSize int
-	var litCompSize int
-	sizeFormat := (in[0] >> 2) & 3
-	var fourStreams bool
-	var literals []byte
-	switch litType {
-	case literalsBlockRaw, literalsBlockRLE:
-		switch sizeFormat {
-		case 0, 2:
-			// Regenerated_Size uses 5 bits (0-31). Literals_Section_Header uses 1 byte.
-			litRegenSize = int(in[0] >> 3)
-			in = in[1:]
-		case 1:
-			// Regenerated_Size uses 12 bits (0-4095). Literals_Section_Header uses 2 bytes.
-			litRegenSize = int(in[0]>>4) + (int(in[1]) << 4)
-			in = in[2:]
-		case 3:
-			//  Regenerated_Size uses 20 bits (0-1048575). Literals_Section_Header uses 3 bytes.
-			if len(in) < 3 {
-				println("too small: litType:", litType, " sizeFormat", sizeFormat, len(in))
-				return in, ErrBlockTooSmall
-			}
-			litRegenSize = int(in[0]>>4) + (int(in[1]) << 4) + (int(in[2]) << 12)
-			in = in[3:]
-		}
-	case literalsBlockCompressed, literalsBlockTreeless:
-		switch sizeFormat {
-		case 0, 1:
-			// Both Regenerated_Size and Compressed_Size use 10 bits (0-1023).
-			if len(in) < 3 {
-				println("too small: litType:", litType, " sizeFormat", sizeFormat, len(in))
-				return in, ErrBlockTooSmall
-			}
-			n := uint64(in[0]>>4) + (uint64(in[1]) << 4) + (uint64(in[2]) << 12)
-			litRegenSize = int(n & 1023)
-			litCompSize = int(n >> 10)
-			fourStreams = sizeFormat == 1
-			in = in[3:]
-		case 2:
-			fourStreams = true
-			if len(in) < 4 {
-				println("too small: litType:", litType, " sizeFormat", sizeFormat, len(in))
-				return in, ErrBlockTooSmall
-			}
-			n := uint64(in[0]>>4) + (uint64(in[1]) << 4) + (uint64(in[2]) << 12) + (uint64(in[3]) << 20)
-			litRegenSize = int(n & 16383)
-			litCompSize = int(n >> 14)
-			in = in[4:]
-		case 3:
-			fourStreams = true
-			if len(in) < 5 {
-				println("too small: litType:", litType, " sizeFormat", sizeFormat, len(in))
-				return in, ErrBlockTooSmall
-			}
-			n := uint64(in[0]>>4) + (uint64(in[1]) << 4) + (uint64(in[2]) << 12) + (uint64(in[3]) << 20) + (uint64(in[4]) << 28)
-			litRegenSize = int(n & 262143)
-			litCompSize = int(n >> 18)
-			in = in[5:]
-		}
-	}
-	if debugDecoder {
-		println("literals type:", litType, "litRegenSize:", litRegenSize, "litCompSize:", litCompSize, "sizeFormat:", sizeFormat, "4X:", fourStreams)
-	}
-	if litRegenSize > int(b.WindowSize) || litRegenSize > maxCompressedBlockSize {
-		return in, ErrWindowSizeExceeded
-	}
-
-	switch litType {
-	case literalsBlockRaw:
-		if len(in) < litRegenSize {
-			println("too small: litType:", litType, " sizeFormat", sizeFormat, "remain:", len(in), "want:", litRegenSize)
-			return in, ErrBlockTooSmall
-		}
-		literals = in[:litRegenSize]
-		in = in[litRegenSize:]
-		//printf("Found %d uncompressed literals\n", litRegenSize)
-	case literalsBlockRLE:
-		if len(in) < 1 {
-			println("too small: litType:", litType, " sizeFormat", sizeFormat, "remain:", len(in), "want:", 1)
-			return in, ErrBlockTooSmall
-		}
-		if cap(b.literalBuf) < litRegenSize {
-			if b.lowMem {
-				b.literalBuf = make([]byte, litRegenSize, litRegenSize+compressedBlockOverAlloc)
-			} else {
-				b.literalBuf = make([]byte, litRegenSize, maxCompressedBlockSize+compressedBlockOverAlloc)
-			}
-		}
-		literals = b.literalBuf[:litRegenSize]
-		v := in[0]
-		for i := range literals {
-			literals[i] = v
-		}
-		in = in[1:]
-		if debugDecoder {
-			printf("Found %d RLE compressed literals\n", litRegenSize)
-		}
-	case literalsBlockTreeless:
-		if len(in) < litCompSize {
-			println("too small: litType:", litType, " sizeFormat", sizeFormat, "remain:", len(in), "want:", litCompSize)
-			return in, ErrBlockTooSmall
-		}
-		// Store compressed literals, so we defer decoding until we get history.
-		literals = in[:litCompSize]
-		in = in[litCompSize:]
-		if debugDecoder {
-			printf("Found %d compressed literals\n", litCompSize)
-		}
-		huff := hist.huffTree
-		if huff == nil {
-			return in, errors.New("literal block was treeless, but no history was defined")
-		}
-		// Ensure we have space to store it.
-		if cap(b.literalBuf) < litRegenSize {
-			if b.lowMem {
-				b.literalBuf = make([]byte, 0, litRegenSize+compressedBlockOverAlloc)
-			} else {
-				b.literalBuf = make([]byte, 0, maxCompressedBlockSize+compressedBlockOverAlloc)
-			}
-		}
-		var err error
-		// Use our out buffer.
-		huff.MaxDecodedSize = litRegenSize
-		if fourStreams {
-			literals, err = huff.Decoder().Decompress4X(b.literalBuf[:0:litRegenSize], literals)
-		} else {
-			literals, err = huff.Decoder().Decompress1X(b.literalBuf[:0:litRegenSize], literals)
-		}
-		// Make sure we don't leak our literals buffer
-		if err != nil {
-			println("decompressing literals:", err)
-			return in, err
-		}
-		if len(literals) != litRegenSize {
-			return in, fmt.Errorf("literal output size mismatch want %d, got %d", litRegenSize, len(literals))
-		}
-
-	case literalsBlockCompressed:
-		if len(in) < litCompSize {
-			println("too small: litType:", litType, " sizeFormat", sizeFormat, "remain:", len(in), "want:", litCompSize)
-			return in, ErrBlockTooSmall
-		}
-		literals = in[:litCompSize]
-		in = in[litCompSize:]
-		// Ensure we have space to store it.
-		if cap(b.literalBuf) < litRegenSize {
-			if b.lowMem {
-				b.literalBuf = make([]byte, 0, litRegenSize+compressedBlockOverAlloc)
-			} else {
-				b.literalBuf = make([]byte, 0, maxCompressedBlockSize+compressedBlockOverAlloc)
-			}
-		}
-		huff := hist.huffTree
-		if huff == nil || (hist.dict != nil && huff == hist.dict.litEnc) {
-			huff = huffDecoderPool.Get().(*huff0.Scratch)
-			if huff == nil {
-				huff = &huff0.Scratch{}
-			}
-		}
-		var err error
-		if debugDecoder {
-			println("huff table input:", len(literals), "CRC:", crc32.ChecksumIEEE(literals))
-		}
-		huff, literals, err = huff0.ReadTable(literals, huff)
-		if err != nil {
-			println("reading huffman table:", err)
-			return in, err
-		}
-		hist.huffTree = huff
-		huff.MaxDecodedSize = litRegenSize
-		// Use our out buffer.
-		if fourStreams {
-			literals, err = huff.Decoder().Decompress4X(b.literalBuf[:0:litRegenSize], literals)
-		} else {
-			literals, err = huff.Decoder().Decompress1X(b.literalBuf[:0:litRegenSize], literals)
-		}
-		if err != nil {
-			println("decoding compressed literals:", err)
-			return in, err
-		}
-		// Make sure we don't leak our literals buffer
-		if len(literals) != litRegenSize {
-			return in, fmt.Errorf("literal output size mismatch want %d, got %d", litRegenSize, len(literals))
-		}
-		// Re-cap to get extra size.
-		literals = b.literalBuf[:len(literals)]
-		if debugDecoder {
-			printf("Decompressed %d literals into %d bytes\n", litCompSize, litRegenSize)
-		}
-	}
-	hist.decoders.literals = literals
-	return in, nil
-}
-
-// decodeCompressed will start decompressing a block.
-func (b *blockDec) decodeCompressed(hist *history) error {
-	in := b.data
-	in, err := b.decodeLiterals(in, hist)
-	if err != nil {
-		return err
-	}
-	err = b.prepareSequences(in, hist)
-	if err != nil {
-		return err
-	}
-	if hist.decoders.nSeqs == 0 {
-		b.dst = append(b.dst, hist.decoders.literals...)
-		return nil
-	}
-	before := len(hist.decoders.out)
-	err = hist.decoders.decodeSync(hist.b[hist.ignoreBuffer:])
-	if err != nil {
-		return err
-	}
-	if hist.decoders.maxSyncLen > 0 {
-		hist.decoders.maxSyncLen += uint64(before)
-		hist.decoders.maxSyncLen -= uint64(len(hist.decoders.out))
-	}
-	b.dst = hist.decoders.out
-	hist.recentOffsets = hist.decoders.prevOffset
-	return nil
-}
-
-func (b *blockDec) prepareSequences(in []byte, hist *history) (err error) {
-	if debugDecoder {
-		printf("prepareSequences: %d byte(s) input\n", len(in))
-	}
-	// Decode Sequences
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#sequences-section
-	if len(in) < 1 {
-		return ErrBlockTooSmall
-	}
-	var nSeqs int
-	seqHeader := in[0]
-	switch {
-	case seqHeader < 128:
-		nSeqs = int(seqHeader)
-		in = in[1:]
-	case seqHeader < 255:
-		if len(in) < 2 {
-			return ErrBlockTooSmall
-		}
-		nSeqs = int(seqHeader-128)<<8 | int(in[1])
-		in = in[2:]
-	case seqHeader == 255:
-		if len(in) < 3 {
-			return ErrBlockTooSmall
-		}
-		nSeqs = 0x7f00 + int(in[1]) + (int(in[2]) << 8)
-		in = in[3:]
-	}
-	if nSeqs == 0 && len(in) != 0 {
-		// When no sequences, there should not be any more data...
-		if debugDecoder {
-			printf("prepareSequences: 0 sequences, but %d byte(s) left on stream\n", len(in))
-		}
-		return ErrUnexpectedBlockSize
-	}
-
-	var seqs = &hist.decoders
-	seqs.nSeqs = nSeqs
-	if nSeqs > 0 {
-		if len(in) < 1 {
-			return ErrBlockTooSmall
-		}
-		br := byteReader{b: in, off: 0}
-		compMode := br.Uint8()
-		br.advance(1)
-		if debugDecoder {
-			printf("Compression modes: 0b%b", compMode)
-		}
-		if compMode&3 != 0 {
-			return errors.New("corrupt block: reserved bits not zero")
-		}
-		for i := uint(0); i < 3; i++ {
-			mode := seqCompMode((compMode >> (6 - i*2)) & 3)
-			if debugDecoder {
-				println("Table", tableIndex(i), "is", mode)
-			}
-			var seq *sequenceDec
-			switch tableIndex(i) {
-			case tableLiteralLengths:
-				seq = &seqs.litLengths
-			case tableOffsets:
-				seq = &seqs.offsets
-			case tableMatchLengths:
-				seq = &seqs.matchLengths
-			default:
-				panic("unknown table")
-			}
-			switch mode {
-			case compModePredefined:
-				if seq.fse != nil && !seq.fse.preDefined {
-					fseDecoderPool.Put(seq.fse)
-				}
-				seq.fse = &fsePredef[i]
-			case compModeRLE:
-				if br.remain() < 1 {
-					return ErrBlockTooSmall
-				}
-				v := br.Uint8()
-				br.advance(1)
-				if seq.fse == nil || seq.fse.preDefined {
-					seq.fse = fseDecoderPool.Get().(*fseDecoder)
-				}
-				symb, err := decSymbolValue(v, symbolTableX[i])
-				if err != nil {
-					printf("RLE Transform table (%v) error: %v", tableIndex(i), err)
-					return err
-				}
-				seq.fse.setRLE(symb)
-				if debugDecoder {
-					printf("RLE set to 0x%x, code: %v", symb, v)
-				}
-			case compModeFSE:
-				if debugDecoder {
-					println("Reading table for", tableIndex(i))
-				}
-				if seq.fse == nil || seq.fse.preDefined {
-					seq.fse = fseDecoderPool.Get().(*fseDecoder)
-				}
-				err := seq.fse.readNCount(&br, uint16(maxTableSymbol[i]))
-				if err != nil {
-					println("Read table error:", err)
-					return err
-				}
-				err = seq.fse.transform(symbolTableX[i])
-				if err != nil {
-					println("Transform table error:", err)
-					return err
-				}
-				if debugDecoder {
-					println("Read table ok", "symbolLen:", seq.fse.symbolLen)
-				}
-			case compModeRepeat:
-				seq.repeat = true
-			}
-			if br.overread() {
-				return io.ErrUnexpectedEOF
-			}
-		}
-		in = br.unread()
-	}
-	if debugDecoder {
-		println("Literals:", len(seqs.literals), "hash:", xxhash.Sum64(seqs.literals), "and", seqs.nSeqs, "sequences.")
-	}
-
-	if nSeqs == 0 {
-		if len(b.sequence) > 0 {
-			b.sequence = b.sequence[:0]
-		}
-		return nil
-	}
-	br := seqs.br
-	if br == nil {
-		br = &bitReader{}
-	}
-	if err := br.init(in); err != nil {
-		return err
-	}
-
-	if err := seqs.initialize(br, hist, b.dst); err != nil {
-		println("initializing sequences:", err)
-		return err
-	}
-	// Extract blocks...
-	if false && hist.dict == nil {
-		fatalErr := func(err error) {
-			if err != nil {
-				panic(err)
-			}
-		}
-		fn := fmt.Sprintf("n-%d-lits-%d-prev-%d-%d-%d-win-%d.blk", hist.decoders.nSeqs, len(hist.decoders.literals), hist.recentOffsets[0], hist.recentOffsets[1], hist.recentOffsets[2], hist.windowSize)
-		var buf bytes.Buffer
-		fatalErr(binary.Write(&buf, binary.LittleEndian, hist.decoders.litLengths.fse))
-		fatalErr(binary.Write(&buf, binary.LittleEndian, hist.decoders.matchLengths.fse))
-		fatalErr(binary.Write(&buf, binary.LittleEndian, hist.decoders.offsets.fse))
-		buf.Write(in)
-		os.WriteFile(filepath.Join("testdata", "seqs", fn), buf.Bytes(), os.ModePerm)
-	}
-
-	return nil
-}
-
-func (b *blockDec) decodeSequences(hist *history) error {
-	if cap(b.sequence) < hist.decoders.nSeqs {
-		if b.lowMem {
-			b.sequence = make([]seqVals, 0, hist.decoders.nSeqs)
-		} else {
-			b.sequence = make([]seqVals, 0, 0x7F00+0xffff)
-		}
-	}
-	b.sequence = b.sequence[:hist.decoders.nSeqs]
-	if hist.decoders.nSeqs == 0 {
-		hist.decoders.seqSize = len(hist.decoders.literals)
-		return nil
-	}
-	hist.decoders.windowSize = hist.windowSize
-	hist.decoders.prevOffset = hist.recentOffsets
-
-	err := hist.decoders.decode(b.sequence)
-	hist.recentOffsets = hist.decoders.prevOffset
-	return err
-}
-
-func (b *blockDec) executeSequences(hist *history) error {
-	hbytes := hist.b
-	if len(hbytes) > hist.windowSize {
-		hbytes = hbytes[len(hbytes)-hist.windowSize:]
-		// We do not need history anymore.
-		if hist.dict != nil {
-			hist.dict.content = nil
-		}
-	}
-	hist.decoders.windowSize = hist.windowSize
-	hist.decoders.out = b.dst[:0]
-	err := hist.decoders.execute(b.sequence, hbytes)
-	if err != nil {
-		return err
-	}
-	return b.updateHistory(hist)
-}
-
-func (b *blockDec) updateHistory(hist *history) error {
-	if len(b.data) > maxCompressedBlockSize {
-		return fmt.Errorf("compressed block size too large (%d)", len(b.data))
-	}
-	// Set output and release references.
-	b.dst = hist.decoders.out
-	hist.recentOffsets = hist.decoders.prevOffset
-
-	if b.Last {
-		// if last block we don't care about history.
-		println("Last block, no history returned")
-		hist.b = hist.b[:0]
-		return nil
-	} else {
-		hist.append(b.dst)
-		if debugDecoder {
-			println("Finished block with ", len(b.sequence), "sequences. Added", len(b.dst), "to history, now length", len(hist.b))
-		}
-	}
-	hist.decoders.out, hist.decoders.literals = nil, nil
-
-	return nil
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/blockenc.go b/vendor/github.com/klauspost/compress/zstd/blockenc.go
deleted file mode 100644
index 32a7f401d..000000000
--- a/vendor/github.com/klauspost/compress/zstd/blockenc.go
+++ /dev/null
@@ -1,909 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"errors"
-	"fmt"
-	"math"
-	"math/bits"
-
-	"github.com/klauspost/compress/huff0"
-)
-
-type blockEnc struct {
-	size       int
-	literals   []byte
-	sequences  []seq
-	coders     seqCoders
-	litEnc     *huff0.Scratch
-	dictLitEnc *huff0.Scratch
-	wr         bitWriter
-
-	extraLits         int
-	output            []byte
-	recentOffsets     [3]uint32
-	prevRecentOffsets [3]uint32
-
-	last   bool
-	lowMem bool
-}
-
-// init should be used once the block has been created.
-// If called more than once, the effect is the same as calling reset.
-func (b *blockEnc) init() {
-	if b.lowMem {
-		// 1K literals
-		if cap(b.literals) < 1<<10 {
-			b.literals = make([]byte, 0, 1<<10)
-		}
-		const defSeqs = 20
-		if cap(b.sequences) < defSeqs {
-			b.sequences = make([]seq, 0, defSeqs)
-		}
-		// 1K
-		if cap(b.output) < 1<<10 {
-			b.output = make([]byte, 0, 1<<10)
-		}
-	} else {
-		if cap(b.literals) < maxCompressedBlockSize {
-			b.literals = make([]byte, 0, maxCompressedBlockSize)
-		}
-		const defSeqs = 2000
-		if cap(b.sequences) < defSeqs {
-			b.sequences = make([]seq, 0, defSeqs)
-		}
-		if cap(b.output) < maxCompressedBlockSize {
-			b.output = make([]byte, 0, maxCompressedBlockSize)
-		}
-	}
-
-	if b.coders.mlEnc == nil {
-		b.coders.mlEnc = &fseEncoder{}
-		b.coders.mlPrev = &fseEncoder{}
-		b.coders.ofEnc = &fseEncoder{}
-		b.coders.ofPrev = &fseEncoder{}
-		b.coders.llEnc = &fseEncoder{}
-		b.coders.llPrev = &fseEncoder{}
-	}
-	b.litEnc = &huff0.Scratch{WantLogLess: 4}
-	b.reset(nil)
-}
-
-// initNewEncode can be used to reset offsets and encoders to the initial state.
-func (b *blockEnc) initNewEncode() {
-	b.recentOffsets = [3]uint32{1, 4, 8}
-	b.litEnc.Reuse = huff0.ReusePolicyNone
-	b.coders.setPrev(nil, nil, nil)
-}
-
-// reset will reset the block for a new encode, but in the same stream,
-// meaning that state will be carried over, but the block content is reset.
-// If a previous block is provided, the recent offsets are carried over.
-func (b *blockEnc) reset(prev *blockEnc) {
-	b.extraLits = 0
-	b.literals = b.literals[:0]
-	b.size = 0
-	b.sequences = b.sequences[:0]
-	b.output = b.output[:0]
-	b.last = false
-	if prev != nil {
-		b.recentOffsets = prev.prevRecentOffsets
-	}
-	b.dictLitEnc = nil
-}
-
-// reset will reset the block for a new encode, but in the same stream,
-// meaning that state will be carried over, but the block content is reset.
-// If a previous block is provided, the recent offsets are carried over.
-func (b *blockEnc) swapEncoders(prev *blockEnc) {
-	b.coders.swap(&prev.coders)
-	b.litEnc, prev.litEnc = prev.litEnc, b.litEnc
-}
-
-// blockHeader contains the information for a block header.
-type blockHeader uint32
-
-// setLast sets the 'last' indicator on a block.
-func (h *blockHeader) setLast(b bool) {
-	if b {
-		*h = *h | 1
-	} else {
-		const mask = (1 << 24) - 2
-		*h = *h & mask
-	}
-}
-
-// setSize will store the compressed size of a block.
-func (h *blockHeader) setSize(v uint32) {
-	const mask = 7
-	*h = (*h)&mask | blockHeader(v<<3)
-}
-
-// setType sets the block type.
-func (h *blockHeader) setType(t blockType) {
-	const mask = 1 | (((1 << 24) - 1) ^ 7)
-	*h = (*h & mask) | blockHeader(t<<1)
-}
-
-// appendTo will append the block header to a slice.
-func (h blockHeader) appendTo(b []byte) []byte {
-	return append(b, uint8(h), uint8(h>>8), uint8(h>>16))
-}
-
-// String returns a string representation of the block.
-func (h blockHeader) String() string {
-	return fmt.Sprintf("Type: %d, Size: %d, Last:%t", (h>>1)&3, h>>3, h&1 == 1)
-}
-
-// literalsHeader contains literals header information.
-type literalsHeader uint64
-
-// setType can be used to set the type of literal block.
-func (h *literalsHeader) setType(t literalsBlockType) {
-	const mask = math.MaxUint64 - 3
-	*h = (*h & mask) | literalsHeader(t)
-}
-
-// setSize can be used to set a single size, for uncompressed and RLE content.
-func (h *literalsHeader) setSize(regenLen int) {
-	inBits := bits.Len32(uint32(regenLen))
-	// Only retain 2 bits
-	const mask = 3
-	lh := uint64(*h & mask)
-	switch {
-	case inBits < 5:
-		lh |= (uint64(regenLen) << 3) | (1 << 60)
-		if debugEncoder {
-			got := int(lh>>3) & 0xff
-			if got != regenLen {
-				panic(fmt.Sprint("litRegenSize = ", regenLen, "(want) != ", got, "(got)"))
-			}
-		}
-	case inBits < 12:
-		lh |= (1 << 2) | (uint64(regenLen) << 4) | (2 << 60)
-	case inBits < 20:
-		lh |= (3 << 2) | (uint64(regenLen) << 4) | (3 << 60)
-	default:
-		panic(fmt.Errorf("internal error: block too big (%d)", regenLen))
-	}
-	*h = literalsHeader(lh)
-}
-
-// setSizes will set the size of a compressed literals section and the input length.
-func (h *literalsHeader) setSizes(compLen, inLen int, single bool) {
-	compBits, inBits := bits.Len32(uint32(compLen)), bits.Len32(uint32(inLen))
-	// Only retain 2 bits
-	const mask = 3
-	lh := uint64(*h & mask)
-	switch {
-	case compBits <= 10 && inBits <= 10:
-		if !single {
-			lh |= 1 << 2
-		}
-		lh |= (uint64(inLen) << 4) | (uint64(compLen) << (10 + 4)) | (3 << 60)
-		if debugEncoder {
-			const mmask = (1 << 24) - 1
-			n := (lh >> 4) & mmask
-			if int(n&1023) != inLen {
-				panic(fmt.Sprint("regensize:", int(n&1023), "!=", inLen, inBits))
-			}
-			if int(n>>10) != compLen {
-				panic(fmt.Sprint("compsize:", int(n>>10), "!=", compLen, compBits))
-			}
-		}
-	case compBits <= 14 && inBits <= 14:
-		lh |= (2 << 2) | (uint64(inLen) << 4) | (uint64(compLen) << (14 + 4)) | (4 << 60)
-		if single {
-			panic("single stream used with more than 10 bits length.")
-		}
-	case compBits <= 18 && inBits <= 18:
-		lh |= (3 << 2) | (uint64(inLen) << 4) | (uint64(compLen) << (18 + 4)) | (5 << 60)
-		if single {
-			panic("single stream used with more than 10 bits length.")
-		}
-	default:
-		panic("internal error: block too big")
-	}
-	*h = literalsHeader(lh)
-}
-
-// appendTo will append the literals header to a byte slice.
-func (h literalsHeader) appendTo(b []byte) []byte {
-	size := uint8(h >> 60)
-	switch size {
-	case 1:
-		b = append(b, uint8(h))
-	case 2:
-		b = append(b, uint8(h), uint8(h>>8))
-	case 3:
-		b = append(b, uint8(h), uint8(h>>8), uint8(h>>16))
-	case 4:
-		b = append(b, uint8(h), uint8(h>>8), uint8(h>>16), uint8(h>>24))
-	case 5:
-		b = append(b, uint8(h), uint8(h>>8), uint8(h>>16), uint8(h>>24), uint8(h>>32))
-	default:
-		panic(fmt.Errorf("internal error: literalsHeader has invalid size (%d)", size))
-	}
-	return b
-}
-
-// size returns the output size with currently set values.
-func (h literalsHeader) size() int {
-	return int(h >> 60)
-}
-
-func (h literalsHeader) String() string {
-	return fmt.Sprintf("Type: %d, SizeFormat: %d, Size: 0x%d, Bytes:%d", literalsBlockType(h&3), (h>>2)&3, h&((1<<60)-1)>>4, h>>60)
-}
-
-// pushOffsets will push the recent offsets to the backup store.
-func (b *blockEnc) pushOffsets() {
-	b.prevRecentOffsets = b.recentOffsets
-}
-
-// pushOffsets will push the recent offsets to the backup store.
-func (b *blockEnc) popOffsets() {
-	b.recentOffsets = b.prevRecentOffsets
-}
-
-// matchOffset will adjust recent offsets and return the adjusted one,
-// if it matches a previous offset.
-func (b *blockEnc) matchOffset(offset, lits uint32) uint32 {
-	// Check if offset is one of the recent offsets.
-	// Adjusts the output offset accordingly.
-	// Gives a tiny bit of compression, typically around 1%.
-	if true {
-		if lits > 0 {
-			switch offset {
-			case b.recentOffsets[0]:
-				offset = 1
-			case b.recentOffsets[1]:
-				b.recentOffsets[1] = b.recentOffsets[0]
-				b.recentOffsets[0] = offset
-				offset = 2
-			case b.recentOffsets[2]:
-				b.recentOffsets[2] = b.recentOffsets[1]
-				b.recentOffsets[1] = b.recentOffsets[0]
-				b.recentOffsets[0] = offset
-				offset = 3
-			default:
-				b.recentOffsets[2] = b.recentOffsets[1]
-				b.recentOffsets[1] = b.recentOffsets[0]
-				b.recentOffsets[0] = offset
-				offset += 3
-			}
-		} else {
-			switch offset {
-			case b.recentOffsets[1]:
-				b.recentOffsets[1] = b.recentOffsets[0]
-				b.recentOffsets[0] = offset
-				offset = 1
-			case b.recentOffsets[2]:
-				b.recentOffsets[2] = b.recentOffsets[1]
-				b.recentOffsets[1] = b.recentOffsets[0]
-				b.recentOffsets[0] = offset
-				offset = 2
-			case b.recentOffsets[0] - 1:
-				b.recentOffsets[2] = b.recentOffsets[1]
-				b.recentOffsets[1] = b.recentOffsets[0]
-				b.recentOffsets[0] = offset
-				offset = 3
-			default:
-				b.recentOffsets[2] = b.recentOffsets[1]
-				b.recentOffsets[1] = b.recentOffsets[0]
-				b.recentOffsets[0] = offset
-				offset += 3
-			}
-		}
-	} else {
-		offset += 3
-	}
-	return offset
-}
-
-// encodeRaw can be used to set the output to a raw representation of supplied bytes.
-func (b *blockEnc) encodeRaw(a []byte) {
-	var bh blockHeader
-	bh.setLast(b.last)
-	bh.setSize(uint32(len(a)))
-	bh.setType(blockTypeRaw)
-	b.output = bh.appendTo(b.output[:0])
-	b.output = append(b.output, a...)
-	if debugEncoder {
-		println("Adding RAW block, length", len(a), "last:", b.last)
-	}
-}
-
-// encodeRaw can be used to set the output to a raw representation of supplied bytes.
-func (b *blockEnc) encodeRawTo(dst, src []byte) []byte {
-	var bh blockHeader
-	bh.setLast(b.last)
-	bh.setSize(uint32(len(src)))
-	bh.setType(blockTypeRaw)
-	dst = bh.appendTo(dst)
-	dst = append(dst, src...)
-	if debugEncoder {
-		println("Adding RAW block, length", len(src), "last:", b.last)
-	}
-	return dst
-}
-
-// encodeLits can be used if the block is only litLen.
-func (b *blockEnc) encodeLits(lits []byte, raw bool) error {
-	var bh blockHeader
-	bh.setLast(b.last)
-	bh.setSize(uint32(len(lits)))
-
-	// Don't compress extremely small blocks
-	if len(lits) < 8 || (len(lits) < 32 && b.dictLitEnc == nil) || raw {
-		if debugEncoder {
-			println("Adding RAW block, length", len(lits), "last:", b.last)
-		}
-		bh.setType(blockTypeRaw)
-		b.output = bh.appendTo(b.output)
-		b.output = append(b.output, lits...)
-		return nil
-	}
-
-	var (
-		out            []byte
-		reUsed, single bool
-		err            error
-	)
-	if b.dictLitEnc != nil {
-		b.litEnc.TransferCTable(b.dictLitEnc)
-		b.litEnc.Reuse = huff0.ReusePolicyAllow
-		b.dictLitEnc = nil
-	}
-	if len(lits) >= 1024 {
-		// Use 4 Streams.
-		out, reUsed, err = huff0.Compress4X(lits, b.litEnc)
-	} else if len(lits) > 16 {
-		// Use 1 stream
-		single = true
-		out, reUsed, err = huff0.Compress1X(lits, b.litEnc)
-	} else {
-		err = huff0.ErrIncompressible
-	}
-	if err == nil && len(out)+5 > len(lits) {
-		// If we are close, we may still be worse or equal to raw.
-		var lh literalsHeader
-		lh.setSizes(len(out), len(lits), single)
-		if len(out)+lh.size() >= len(lits) {
-			err = huff0.ErrIncompressible
-		}
-	}
-	switch err {
-	case huff0.ErrIncompressible:
-		if debugEncoder {
-			println("Adding RAW block, length", len(lits), "last:", b.last)
-		}
-		bh.setType(blockTypeRaw)
-		b.output = bh.appendTo(b.output)
-		b.output = append(b.output, lits...)
-		return nil
-	case huff0.ErrUseRLE:
-		if debugEncoder {
-			println("Adding RLE block, length", len(lits))
-		}
-		bh.setType(blockTypeRLE)
-		b.output = bh.appendTo(b.output)
-		b.output = append(b.output, lits[0])
-		return nil
-	case nil:
-	default:
-		return err
-	}
-	// Compressed...
-	// Now, allow reuse
-	b.litEnc.Reuse = huff0.ReusePolicyAllow
-	bh.setType(blockTypeCompressed)
-	var lh literalsHeader
-	if reUsed {
-		if debugEncoder {
-			println("Reused tree, compressed to", len(out))
-		}
-		lh.setType(literalsBlockTreeless)
-	} else {
-		if debugEncoder {
-			println("New tree, compressed to", len(out), "tree size:", len(b.litEnc.OutTable))
-		}
-		lh.setType(literalsBlockCompressed)
-	}
-	// Set sizes
-	lh.setSizes(len(out), len(lits), single)
-	bh.setSize(uint32(len(out) + lh.size() + 1))
-
-	// Write block headers.
-	b.output = bh.appendTo(b.output)
-	b.output = lh.appendTo(b.output)
-	// Add compressed data.
-	b.output = append(b.output, out...)
-	// No sequences.
-	b.output = append(b.output, 0)
-	return nil
-}
-
-// encodeRLE will encode an RLE block.
-func (b *blockEnc) encodeRLE(val byte, length uint32) {
-	var bh blockHeader
-	bh.setLast(b.last)
-	bh.setSize(length)
-	bh.setType(blockTypeRLE)
-	b.output = bh.appendTo(b.output)
-	b.output = append(b.output, val)
-}
-
-// fuzzFseEncoder can be used to fuzz the FSE encoder.
-func fuzzFseEncoder(data []byte) int {
-	if len(data) > maxSequences || len(data) < 2 {
-		return 0
-	}
-	enc := fseEncoder{}
-	hist := enc.Histogram()
-	maxSym := uint8(0)
-	for i, v := range data {
-		v = v & 63
-		data[i] = v
-		hist[v]++
-		if v > maxSym {
-			maxSym = v
-		}
-	}
-	if maxSym == 0 {
-		// All 0
-		return 0
-	}
-	maxCount := func(a []uint32) int {
-		var max uint32
-		for _, v := range a {
-			if v > max {
-				max = v
-			}
-		}
-		return int(max)
-	}
-	cnt := maxCount(hist[:maxSym])
-	if cnt == len(data) {
-		// RLE
-		return 0
-	}
-	enc.HistogramFinished(maxSym, cnt)
-	err := enc.normalizeCount(len(data))
-	if err != nil {
-		return 0
-	}
-	_, err = enc.writeCount(nil)
-	if err != nil {
-		panic(err)
-	}
-	return 1
-}
-
-// encode will encode the block and append the output in b.output.
-// Previous offset codes must be pushed if more blocks are expected.
-func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
-	if len(b.sequences) == 0 {
-		return b.encodeLits(b.literals, rawAllLits)
-	}
-	if len(b.sequences) == 1 && len(org) > 0 && len(b.literals) <= 1 {
-		// Check common RLE cases.
-		seq := b.sequences[0]
-		if seq.litLen == uint32(len(b.literals)) && seq.offset-3 == 1 {
-			// Offset == 1 and 0 or 1 literals.
-			b.encodeRLE(org[0], b.sequences[0].matchLen+zstdMinMatch+seq.litLen)
-			return nil
-		}
-	}
-
-	// We want some difference to at least account for the headers.
-	saved := b.size - len(b.literals) - (b.size >> 6)
-	if saved < 16 {
-		if org == nil {
-			return errIncompressible
-		}
-		b.popOffsets()
-		return b.encodeLits(org, rawAllLits)
-	}
-
-	var bh blockHeader
-	var lh literalsHeader
-	bh.setLast(b.last)
-	bh.setType(blockTypeCompressed)
-	// Store offset of the block header. Needed when we know the size.
-	bhOffset := len(b.output)
-	b.output = bh.appendTo(b.output)
-
-	var (
-		out            []byte
-		reUsed, single bool
-		err            error
-	)
-	if b.dictLitEnc != nil {
-		b.litEnc.TransferCTable(b.dictLitEnc)
-		b.litEnc.Reuse = huff0.ReusePolicyAllow
-		b.dictLitEnc = nil
-	}
-	if len(b.literals) >= 1024 && !raw {
-		// Use 4 Streams.
-		out, reUsed, err = huff0.Compress4X(b.literals, b.litEnc)
-	} else if len(b.literals) > 16 && !raw {
-		// Use 1 stream
-		single = true
-		out, reUsed, err = huff0.Compress1X(b.literals, b.litEnc)
-	} else {
-		err = huff0.ErrIncompressible
-	}
-
-	if err == nil && len(out)+5 > len(b.literals) {
-		// If we are close, we may still be worse or equal to raw.
-		var lh literalsHeader
-		lh.setSize(len(b.literals))
-		szRaw := lh.size()
-		lh.setSizes(len(out), len(b.literals), single)
-		szComp := lh.size()
-		if len(out)+szComp >= len(b.literals)+szRaw {
-			err = huff0.ErrIncompressible
-		}
-	}
-	switch err {
-	case huff0.ErrIncompressible:
-		lh.setType(literalsBlockRaw)
-		lh.setSize(len(b.literals))
-		b.output = lh.appendTo(b.output)
-		b.output = append(b.output, b.literals...)
-		if debugEncoder {
-			println("Adding literals RAW, length", len(b.literals))
-		}
-	case huff0.ErrUseRLE:
-		lh.setType(literalsBlockRLE)
-		lh.setSize(len(b.literals))
-		b.output = lh.appendTo(b.output)
-		b.output = append(b.output, b.literals[0])
-		if debugEncoder {
-			println("Adding literals RLE")
-		}
-	case nil:
-		// Compressed litLen...
-		if reUsed {
-			if debugEncoder {
-				println("reused tree")
-			}
-			lh.setType(literalsBlockTreeless)
-		} else {
-			if debugEncoder {
-				println("new tree, size:", len(b.litEnc.OutTable))
-			}
-			lh.setType(literalsBlockCompressed)
-			if debugEncoder {
-				_, _, err := huff0.ReadTable(out, nil)
-				if err != nil {
-					panic(err)
-				}
-			}
-		}
-		lh.setSizes(len(out), len(b.literals), single)
-		if debugEncoder {
-			printf("Compressed %d literals to %d bytes", len(b.literals), len(out))
-			println("Adding literal header:", lh)
-		}
-		b.output = lh.appendTo(b.output)
-		b.output = append(b.output, out...)
-		b.litEnc.Reuse = huff0.ReusePolicyAllow
-		if debugEncoder {
-			println("Adding literals compressed")
-		}
-	default:
-		if debugEncoder {
-			println("Adding literals ERROR:", err)
-		}
-		return err
-	}
-	// Sequence compression
-
-	// Write the number of sequences
-	switch {
-	case len(b.sequences) < 128:
-		b.output = append(b.output, uint8(len(b.sequences)))
-	case len(b.sequences) < 0x7f00: // TODO: this could be wrong
-		n := len(b.sequences)
-		b.output = append(b.output, 128+uint8(n>>8), uint8(n))
-	default:
-		n := len(b.sequences) - 0x7f00
-		b.output = append(b.output, 255, uint8(n), uint8(n>>8))
-	}
-	if debugEncoder {
-		println("Encoding", len(b.sequences), "sequences")
-	}
-	b.genCodes()
-	llEnc := b.coders.llEnc
-	ofEnc := b.coders.ofEnc
-	mlEnc := b.coders.mlEnc
-	err = llEnc.normalizeCount(len(b.sequences))
-	if err != nil {
-		return err
-	}
-	err = ofEnc.normalizeCount(len(b.sequences))
-	if err != nil {
-		return err
-	}
-	err = mlEnc.normalizeCount(len(b.sequences))
-	if err != nil {
-		return err
-	}
-
-	// Choose the best compression mode for each type.
-	// Will evaluate the new vs predefined and previous.
-	chooseComp := func(cur, prev, preDef *fseEncoder) (*fseEncoder, seqCompMode) {
-		// See if predefined/previous is better
-		hist := cur.count[:cur.symbolLen]
-		nSize := cur.approxSize(hist) + cur.maxHeaderSize()
-		predefSize := preDef.approxSize(hist)
-		prevSize := prev.approxSize(hist)
-
-		// Add a small penalty for new encoders.
-		// Don't bother with extremely small (<2 byte gains).
-		nSize = nSize + (nSize+2*8*16)>>4
-		switch {
-		case predefSize <= prevSize && predefSize <= nSize || forcePreDef:
-			if debugEncoder {
-				println("Using predefined", predefSize>>3, "<=", nSize>>3)
-			}
-			return preDef, compModePredefined
-		case prevSize <= nSize:
-			if debugEncoder {
-				println("Using previous", prevSize>>3, "<=", nSize>>3)
-			}
-			return prev, compModeRepeat
-		default:
-			if debugEncoder {
-				println("Using new, predef", predefSize>>3, ". previous:", prevSize>>3, ">", nSize>>3, "header max:", cur.maxHeaderSize()>>3, "bytes")
-				println("tl:", cur.actualTableLog, "symbolLen:", cur.symbolLen, "norm:", cur.norm[:cur.symbolLen], "hist", cur.count[:cur.symbolLen])
-			}
-			return cur, compModeFSE
-		}
-	}
-
-	// Write compression mode
-	var mode uint8
-	if llEnc.useRLE {
-		mode |= uint8(compModeRLE) << 6
-		llEnc.setRLE(b.sequences[0].llCode)
-		if debugEncoder {
-			println("llEnc.useRLE")
-		}
-	} else {
-		var m seqCompMode
-		llEnc, m = chooseComp(llEnc, b.coders.llPrev, &fsePredefEnc[tableLiteralLengths])
-		mode |= uint8(m) << 6
-	}
-	if ofEnc.useRLE {
-		mode |= uint8(compModeRLE) << 4
-		ofEnc.setRLE(b.sequences[0].ofCode)
-		if debugEncoder {
-			println("ofEnc.useRLE")
-		}
-	} else {
-		var m seqCompMode
-		ofEnc, m = chooseComp(ofEnc, b.coders.ofPrev, &fsePredefEnc[tableOffsets])
-		mode |= uint8(m) << 4
-	}
-
-	if mlEnc.useRLE {
-		mode |= uint8(compModeRLE) << 2
-		mlEnc.setRLE(b.sequences[0].mlCode)
-		if debugEncoder {
-			println("mlEnc.useRLE, code: ", b.sequences[0].mlCode, "value", b.sequences[0].matchLen)
-		}
-	} else {
-		var m seqCompMode
-		mlEnc, m = chooseComp(mlEnc, b.coders.mlPrev, &fsePredefEnc[tableMatchLengths])
-		mode |= uint8(m) << 2
-	}
-	b.output = append(b.output, mode)
-	if debugEncoder {
-		printf("Compression modes: 0b%b", mode)
-	}
-	b.output, err = llEnc.writeCount(b.output)
-	if err != nil {
-		return err
-	}
-	start := len(b.output)
-	b.output, err = ofEnc.writeCount(b.output)
-	if err != nil {
-		return err
-	}
-	if false {
-		println("block:", b.output[start:], "tablelog", ofEnc.actualTableLog, "maxcount:", ofEnc.maxCount)
-		fmt.Printf("selected TableLog: %d, Symbol length: %d\n", ofEnc.actualTableLog, ofEnc.symbolLen)
-		for i, v := range ofEnc.norm[:ofEnc.symbolLen] {
-			fmt.Printf("%3d: %5d -> %4d \n", i, ofEnc.count[i], v)
-		}
-	}
-	b.output, err = mlEnc.writeCount(b.output)
-	if err != nil {
-		return err
-	}
-
-	// Maybe in block?
-	wr := &b.wr
-	wr.reset(b.output)
-
-	var ll, of, ml cState
-
-	// Current sequence
-	seq := len(b.sequences) - 1
-	s := b.sequences[seq]
-	llEnc.setBits(llBitsTable[:])
-	mlEnc.setBits(mlBitsTable[:])
-	ofEnc.setBits(nil)
-
-	llTT, ofTT, mlTT := llEnc.ct.symbolTT[:256], ofEnc.ct.symbolTT[:256], mlEnc.ct.symbolTT[:256]
-
-	// We have 3 bounds checks here (and in the loop).
-	// Since we are iterating backwards it is kinda hard to avoid.
-	llB, ofB, mlB := llTT[s.llCode], ofTT[s.ofCode], mlTT[s.mlCode]
-	ll.init(wr, &llEnc.ct, llB)
-	of.init(wr, &ofEnc.ct, ofB)
-	wr.flush32()
-	ml.init(wr, &mlEnc.ct, mlB)
-
-	// Each of these lookups also generates a bounds check.
-	wr.addBits32NC(s.litLen, llB.outBits)
-	wr.addBits32NC(s.matchLen, mlB.outBits)
-	wr.flush32()
-	wr.addBits32NC(s.offset, ofB.outBits)
-	if debugSequences {
-		println("Encoded seq", seq, s, "codes:", s.llCode, s.mlCode, s.ofCode, "states:", ll.state, ml.state, of.state, "bits:", llB, mlB, ofB)
-	}
-	seq--
-	// Store sequences in reverse...
-	for seq >= 0 {
-		s = b.sequences[seq]
-
-		ofB := ofTT[s.ofCode]
-		wr.flush32() // tablelog max is below 8 for each, so it will fill max 24 bits.
-		//of.encode(ofB)
-		nbBitsOut := (uint32(of.state) + ofB.deltaNbBits) >> 16
-		dstState := int32(of.state>>(nbBitsOut&15)) + int32(ofB.deltaFindState)
-		wr.addBits16NC(of.state, uint8(nbBitsOut))
-		of.state = of.stateTable[dstState]
-
-		// Accumulate extra bits.
-		outBits := ofB.outBits & 31
-		extraBits := uint64(s.offset & bitMask32[outBits])
-		extraBitsN := outBits
-
-		mlB := mlTT[s.mlCode]
-		//ml.encode(mlB)
-		nbBitsOut = (uint32(ml.state) + mlB.deltaNbBits) >> 16
-		dstState = int32(ml.state>>(nbBitsOut&15)) + int32(mlB.deltaFindState)
-		wr.addBits16NC(ml.state, uint8(nbBitsOut))
-		ml.state = ml.stateTable[dstState]
-
-		outBits = mlB.outBits & 31
-		extraBits = extraBits<> 16
-		dstState = int32(ll.state>>(nbBitsOut&15)) + int32(llB.deltaFindState)
-		wr.addBits16NC(ll.state, uint8(nbBitsOut))
-		ll.state = ll.stateTable[dstState]
-
-		outBits = llB.outBits & 31
-		extraBits = extraBits<= b.size {
-		// Discard and encode as raw block.
-		b.output = b.encodeRawTo(b.output[:bhOffset], org)
-		b.popOffsets()
-		b.litEnc.Reuse = huff0.ReusePolicyNone
-		return nil
-	}
-
-	// Size is output minus block header.
-	bh.setSize(uint32(len(b.output)-bhOffset) - 3)
-	if debugEncoder {
-		println("Rewriting block header", bh)
-	}
-	_ = bh.appendTo(b.output[bhOffset:bhOffset])
-	b.coders.setPrev(llEnc, mlEnc, ofEnc)
-	return nil
-}
-
-var errIncompressible = errors.New("incompressible")
-
-func (b *blockEnc) genCodes() {
-	if len(b.sequences) == 0 {
-		// nothing to do
-		return
-	}
-	if len(b.sequences) > math.MaxUint16 {
-		panic("can only encode up to 64K sequences")
-	}
-	// No bounds checks after here:
-	llH := b.coders.llEnc.Histogram()
-	ofH := b.coders.ofEnc.Histogram()
-	mlH := b.coders.mlEnc.Histogram()
-	for i := range llH {
-		llH[i] = 0
-	}
-	for i := range ofH {
-		ofH[i] = 0
-	}
-	for i := range mlH {
-		mlH[i] = 0
-	}
-
-	var llMax, ofMax, mlMax uint8
-	for i := range b.sequences {
-		seq := &b.sequences[i]
-		v := llCode(seq.litLen)
-		seq.llCode = v
-		llH[v]++
-		if v > llMax {
-			llMax = v
-		}
-
-		v = ofCode(seq.offset)
-		seq.ofCode = v
-		ofH[v]++
-		if v > ofMax {
-			ofMax = v
-		}
-
-		v = mlCode(seq.matchLen)
-		seq.mlCode = v
-		mlH[v]++
-		if v > mlMax {
-			mlMax = v
-			if debugAsserts && mlMax > maxMatchLengthSymbol {
-				panic(fmt.Errorf("mlMax > maxMatchLengthSymbol (%d), matchlen: %d", mlMax, seq.matchLen))
-			}
-		}
-	}
-	maxCount := func(a []uint32) int {
-		var max uint32
-		for _, v := range a {
-			if v > max {
-				max = v
-			}
-		}
-		return int(max)
-	}
-	if debugAsserts && mlMax > maxMatchLengthSymbol {
-		panic(fmt.Errorf("mlMax > maxMatchLengthSymbol (%d)", mlMax))
-	}
-	if debugAsserts && ofMax > maxOffsetBits {
-		panic(fmt.Errorf("ofMax > maxOffsetBits (%d)", ofMax))
-	}
-	if debugAsserts && llMax > maxLiteralLengthSymbol {
-		panic(fmt.Errorf("llMax > maxLiteralLengthSymbol (%d)", llMax))
-	}
-
-	b.coders.mlEnc.HistogramFinished(mlMax, maxCount(mlH[:mlMax+1]))
-	b.coders.ofEnc.HistogramFinished(ofMax, maxCount(ofH[:ofMax+1]))
-	b.coders.llEnc.HistogramFinished(llMax, maxCount(llH[:llMax+1]))
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/blocktype_string.go b/vendor/github.com/klauspost/compress/zstd/blocktype_string.go
deleted file mode 100644
index 01a01e486..000000000
--- a/vendor/github.com/klauspost/compress/zstd/blocktype_string.go
+++ /dev/null
@@ -1,85 +0,0 @@
-// Code generated by "stringer -type=blockType,literalsBlockType,seqCompMode,tableIndex"; DO NOT EDIT.
-
-package zstd
-
-import "strconv"
-
-func _() {
-	// An "invalid array index" compiler error signifies that the constant values have changed.
-	// Re-run the stringer command to generate them again.
-	var x [1]struct{}
-	_ = x[blockTypeRaw-0]
-	_ = x[blockTypeRLE-1]
-	_ = x[blockTypeCompressed-2]
-	_ = x[blockTypeReserved-3]
-}
-
-const _blockType_name = "blockTypeRawblockTypeRLEblockTypeCompressedblockTypeReserved"
-
-var _blockType_index = [...]uint8{0, 12, 24, 43, 60}
-
-func (i blockType) String() string {
-	if i >= blockType(len(_blockType_index)-1) {
-		return "blockType(" + strconv.FormatInt(int64(i), 10) + ")"
-	}
-	return _blockType_name[_blockType_index[i]:_blockType_index[i+1]]
-}
-func _() {
-	// An "invalid array index" compiler error signifies that the constant values have changed.
-	// Re-run the stringer command to generate them again.
-	var x [1]struct{}
-	_ = x[literalsBlockRaw-0]
-	_ = x[literalsBlockRLE-1]
-	_ = x[literalsBlockCompressed-2]
-	_ = x[literalsBlockTreeless-3]
-}
-
-const _literalsBlockType_name = "literalsBlockRawliteralsBlockRLEliteralsBlockCompressedliteralsBlockTreeless"
-
-var _literalsBlockType_index = [...]uint8{0, 16, 32, 55, 76}
-
-func (i literalsBlockType) String() string {
-	if i >= literalsBlockType(len(_literalsBlockType_index)-1) {
-		return "literalsBlockType(" + strconv.FormatInt(int64(i), 10) + ")"
-	}
-	return _literalsBlockType_name[_literalsBlockType_index[i]:_literalsBlockType_index[i+1]]
-}
-func _() {
-	// An "invalid array index" compiler error signifies that the constant values have changed.
-	// Re-run the stringer command to generate them again.
-	var x [1]struct{}
-	_ = x[compModePredefined-0]
-	_ = x[compModeRLE-1]
-	_ = x[compModeFSE-2]
-	_ = x[compModeRepeat-3]
-}
-
-const _seqCompMode_name = "compModePredefinedcompModeRLEcompModeFSEcompModeRepeat"
-
-var _seqCompMode_index = [...]uint8{0, 18, 29, 40, 54}
-
-func (i seqCompMode) String() string {
-	if i >= seqCompMode(len(_seqCompMode_index)-1) {
-		return "seqCompMode(" + strconv.FormatInt(int64(i), 10) + ")"
-	}
-	return _seqCompMode_name[_seqCompMode_index[i]:_seqCompMode_index[i+1]]
-}
-func _() {
-	// An "invalid array index" compiler error signifies that the constant values have changed.
-	// Re-run the stringer command to generate them again.
-	var x [1]struct{}
-	_ = x[tableLiteralLengths-0]
-	_ = x[tableOffsets-1]
-	_ = x[tableMatchLengths-2]
-}
-
-const _tableIndex_name = "tableLiteralLengthstableOffsetstableMatchLengths"
-
-var _tableIndex_index = [...]uint8{0, 19, 31, 48}
-
-func (i tableIndex) String() string {
-	if i >= tableIndex(len(_tableIndex_index)-1) {
-		return "tableIndex(" + strconv.FormatInt(int64(i), 10) + ")"
-	}
-	return _tableIndex_name[_tableIndex_index[i]:_tableIndex_index[i+1]]
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/bytebuf.go b/vendor/github.com/klauspost/compress/zstd/bytebuf.go
deleted file mode 100644
index 55a388553..000000000
--- a/vendor/github.com/klauspost/compress/zstd/bytebuf.go
+++ /dev/null
@@ -1,131 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"fmt"
-	"io"
-)
-
-type byteBuffer interface {
-	// Read up to 8 bytes.
-	// Returns io.ErrUnexpectedEOF if this cannot be satisfied.
-	readSmall(n int) ([]byte, error)
-
-	// Read >8 bytes.
-	// MAY use the destination slice.
-	readBig(n int, dst []byte) ([]byte, error)
-
-	// Read a single byte.
-	readByte() (byte, error)
-
-	// Skip n bytes.
-	skipN(n int64) error
-}
-
-// in-memory buffer
-type byteBuf []byte
-
-func (b *byteBuf) readSmall(n int) ([]byte, error) {
-	if debugAsserts && n > 8 {
-		panic(fmt.Errorf("small read > 8 (%d). use readBig", n))
-	}
-	bb := *b
-	if len(bb) < n {
-		return nil, io.ErrUnexpectedEOF
-	}
-	r := bb[:n]
-	*b = bb[n:]
-	return r, nil
-}
-
-func (b *byteBuf) readBig(n int, dst []byte) ([]byte, error) {
-	bb := *b
-	if len(bb) < n {
-		return nil, io.ErrUnexpectedEOF
-	}
-	r := bb[:n]
-	*b = bb[n:]
-	return r, nil
-}
-
-func (b *byteBuf) readByte() (byte, error) {
-	bb := *b
-	if len(bb) < 1 {
-		return 0, io.ErrUnexpectedEOF
-	}
-	r := bb[0]
-	*b = bb[1:]
-	return r, nil
-}
-
-func (b *byteBuf) skipN(n int64) error {
-	bb := *b
-	if n < 0 {
-		return fmt.Errorf("negative skip (%d) requested", n)
-	}
-	if int64(len(bb)) < n {
-		return io.ErrUnexpectedEOF
-	}
-	*b = bb[n:]
-	return nil
-}
-
-// wrapper around a reader.
-type readerWrapper struct {
-	r   io.Reader
-	tmp [8]byte
-}
-
-func (r *readerWrapper) readSmall(n int) ([]byte, error) {
-	if debugAsserts && n > 8 {
-		panic(fmt.Errorf("small read > 8 (%d). use readBig", n))
-	}
-	n2, err := io.ReadFull(r.r, r.tmp[:n])
-	// We only really care about the actual bytes read.
-	if err != nil {
-		if err == io.EOF {
-			return nil, io.ErrUnexpectedEOF
-		}
-		if debugDecoder {
-			println("readSmall: got", n2, "want", n, "err", err)
-		}
-		return nil, err
-	}
-	return r.tmp[:n], nil
-}
-
-func (r *readerWrapper) readBig(n int, dst []byte) ([]byte, error) {
-	if cap(dst) < n {
-		dst = make([]byte, n)
-	}
-	n2, err := io.ReadFull(r.r, dst[:n])
-	if err == io.EOF && n > 0 {
-		err = io.ErrUnexpectedEOF
-	}
-	return dst[:n2], err
-}
-
-func (r *readerWrapper) readByte() (byte, error) {
-	n2, err := io.ReadFull(r.r, r.tmp[:1])
-	if err != nil {
-		if err == io.EOF {
-			err = io.ErrUnexpectedEOF
-		}
-		return 0, err
-	}
-	if n2 != 1 {
-		return 0, io.ErrUnexpectedEOF
-	}
-	return r.tmp[0], nil
-}
-
-func (r *readerWrapper) skipN(n int64) error {
-	n2, err := io.CopyN(io.Discard, r.r, n)
-	if n2 != n {
-		err = io.ErrUnexpectedEOF
-	}
-	return err
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/bytereader.go b/vendor/github.com/klauspost/compress/zstd/bytereader.go
deleted file mode 100644
index 0e59a242d..000000000
--- a/vendor/github.com/klauspost/compress/zstd/bytereader.go
+++ /dev/null
@@ -1,82 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-// byteReader provides a byte reader that reads
-// little endian values from a byte stream.
-// The input stream is manually advanced.
-// The reader performs no bounds checks.
-type byteReader struct {
-	b   []byte
-	off int
-}
-
-// advance the stream b n bytes.
-func (b *byteReader) advance(n uint) {
-	b.off += int(n)
-}
-
-// overread returns whether we have advanced too far.
-func (b *byteReader) overread() bool {
-	return b.off > len(b.b)
-}
-
-// Int32 returns a little endian int32 starting at current offset.
-func (b byteReader) Int32() int32 {
-	b2 := b.b[b.off:]
-	b2 = b2[:4]
-	v3 := int32(b2[3])
-	v2 := int32(b2[2])
-	v1 := int32(b2[1])
-	v0 := int32(b2[0])
-	return v0 | (v1 << 8) | (v2 << 16) | (v3 << 24)
-}
-
-// Uint8 returns the next byte
-func (b *byteReader) Uint8() uint8 {
-	v := b.b[b.off]
-	return v
-}
-
-// Uint32 returns a little endian uint32 starting at current offset.
-func (b byteReader) Uint32() uint32 {
-	if r := b.remain(); r < 4 {
-		// Very rare
-		v := uint32(0)
-		for i := 1; i <= r; i++ {
-			v = (v << 8) | uint32(b.b[len(b.b)-i])
-		}
-		return v
-	}
-	b2 := b.b[b.off:]
-	b2 = b2[:4]
-	v3 := uint32(b2[3])
-	v2 := uint32(b2[2])
-	v1 := uint32(b2[1])
-	v0 := uint32(b2[0])
-	return v0 | (v1 << 8) | (v2 << 16) | (v3 << 24)
-}
-
-// Uint32NC returns a little endian uint32 starting at current offset.
-// The caller must be sure if there are at least 4 bytes left.
-func (b byteReader) Uint32NC() uint32 {
-	b2 := b.b[b.off:]
-	b2 = b2[:4]
-	v3 := uint32(b2[3])
-	v2 := uint32(b2[2])
-	v1 := uint32(b2[1])
-	v0 := uint32(b2[0])
-	return v0 | (v1 << 8) | (v2 << 16) | (v3 << 24)
-}
-
-// unread returns the unread portion of the input.
-func (b byteReader) unread() []byte {
-	return b.b[b.off:]
-}
-
-// remain will return the number of bytes remaining.
-func (b byteReader) remain() int {
-	return len(b.b) - b.off
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/decodeheader.go b/vendor/github.com/klauspost/compress/zstd/decodeheader.go
deleted file mode 100644
index 6a5a2988b..000000000
--- a/vendor/github.com/klauspost/compress/zstd/decodeheader.go
+++ /dev/null
@@ -1,261 +0,0 @@
-// Copyright 2020+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-
-package zstd
-
-import (
-	"encoding/binary"
-	"errors"
-	"io"
-)
-
-// HeaderMaxSize is the maximum size of a Frame and Block Header.
-// If less is sent to Header.Decode it *may* still contain enough information.
-const HeaderMaxSize = 14 + 3
-
-// Header contains information about the first frame and block within that.
-type Header struct {
-	// SingleSegment specifies whether the data is to be decompressed into a
-	// single contiguous memory segment.
-	// It implies that WindowSize is invalid and that FrameContentSize is valid.
-	SingleSegment bool
-
-	// WindowSize is the window of data to keep while decoding.
-	// Will only be set if SingleSegment is false.
-	WindowSize uint64
-
-	// Dictionary ID.
-	// If 0, no dictionary.
-	DictionaryID uint32
-
-	// HasFCS specifies whether FrameContentSize has a valid value.
-	HasFCS bool
-
-	// FrameContentSize is the expected uncompressed size of the entire frame.
-	FrameContentSize uint64
-
-	// Skippable will be true if the frame is meant to be skipped.
-	// This implies that FirstBlock.OK is false.
-	Skippable bool
-
-	// SkippableID is the user-specific ID for the skippable frame.
-	// Valid values are between 0 to 15, inclusive.
-	SkippableID int
-
-	// SkippableSize is the length of the user data to skip following
-	// the header.
-	SkippableSize uint32
-
-	// HeaderSize is the raw size of the frame header.
-	//
-	// For normal frames, it includes the size of the magic number and
-	// the size of the header (per section 3.1.1.1).
-	// It does not include the size for any data blocks (section 3.1.1.2) nor
-	// the size for the trailing content checksum.
-	//
-	// For skippable frames, this counts the size of the magic number
-	// along with the size of the size field of the payload.
-	// It does not include the size of the skippable payload itself.
-	// The total frame size is the HeaderSize plus the SkippableSize.
-	HeaderSize int
-
-	// First block information.
-	FirstBlock struct {
-		// OK will be set if first block could be decoded.
-		OK bool
-
-		// Is this the last block of a frame?
-		Last bool
-
-		// Is the data compressed?
-		// If true CompressedSize will be populated.
-		// Unfortunately DecompressedSize cannot be determined
-		// without decoding the blocks.
-		Compressed bool
-
-		// DecompressedSize is the expected decompressed size of the block.
-		// Will be 0 if it cannot be determined.
-		DecompressedSize int
-
-		// CompressedSize of the data in the block.
-		// Does not include the block header.
-		// Will be equal to DecompressedSize if not Compressed.
-		CompressedSize int
-	}
-
-	// If set there is a checksum present for the block content.
-	// The checksum field at the end is always 4 bytes long.
-	HasCheckSum bool
-}
-
-// Decode the header from the beginning of the stream.
-// This will decode the frame header and the first block header if enough bytes are provided.
-// It is recommended to provide at least HeaderMaxSize bytes.
-// If the frame header cannot be read an error will be returned.
-// If there isn't enough input, io.ErrUnexpectedEOF is returned.
-// The FirstBlock.OK will indicate if enough information was available to decode the first block header.
-func (h *Header) Decode(in []byte) error {
-	_, err := h.DecodeAndStrip(in)
-	return err
-}
-
-// DecodeAndStrip will decode the header from the beginning of the stream
-// and on success return the remaining bytes.
-// This will decode the frame header and the first block header if enough bytes are provided.
-// It is recommended to provide at least HeaderMaxSize bytes.
-// If the frame header cannot be read an error will be returned.
-// If there isn't enough input, io.ErrUnexpectedEOF is returned.
-// The FirstBlock.OK will indicate if enough information was available to decode the first block header.
-func (h *Header) DecodeAndStrip(in []byte) (remain []byte, err error) {
-	*h = Header{}
-	if len(in) < 4 {
-		return nil, io.ErrUnexpectedEOF
-	}
-	h.HeaderSize += 4
-	b, in := in[:4], in[4:]
-	if string(b) != frameMagic {
-		if string(b[1:4]) != skippableFrameMagic || b[0]&0xf0 != 0x50 {
-			return nil, ErrMagicMismatch
-		}
-		if len(in) < 4 {
-			return nil, io.ErrUnexpectedEOF
-		}
-		h.HeaderSize += 4
-		h.Skippable = true
-		h.SkippableID = int(b[0] & 0xf)
-		h.SkippableSize = binary.LittleEndian.Uint32(in)
-		return in[4:], nil
-	}
-
-	// Read Window_Descriptor
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#window_descriptor
-	if len(in) < 1 {
-		return nil, io.ErrUnexpectedEOF
-	}
-	fhd, in := in[0], in[1:]
-	h.HeaderSize++
-	h.SingleSegment = fhd&(1<<5) != 0
-	h.HasCheckSum = fhd&(1<<2) != 0
-	if fhd&(1<<3) != 0 {
-		return nil, errors.New("reserved bit set on frame header")
-	}
-
-	if !h.SingleSegment {
-		if len(in) < 1 {
-			return nil, io.ErrUnexpectedEOF
-		}
-		var wd byte
-		wd, in = in[0], in[1:]
-		h.HeaderSize++
-		windowLog := 10 + (wd >> 3)
-		windowBase := uint64(1) << windowLog
-		windowAdd := (windowBase / 8) * uint64(wd&0x7)
-		h.WindowSize = windowBase + windowAdd
-	}
-
-	// Read Dictionary_ID
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#dictionary_id
-	if size := fhd & 3; size != 0 {
-		if size == 3 {
-			size = 4
-		}
-		if len(in) < int(size) {
-			return nil, io.ErrUnexpectedEOF
-		}
-		b, in = in[:size], in[size:]
-		h.HeaderSize += int(size)
-		switch len(b) {
-		case 1:
-			h.DictionaryID = uint32(b[0])
-		case 2:
-			h.DictionaryID = uint32(b[0]) | (uint32(b[1]) << 8)
-		case 4:
-			h.DictionaryID = uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
-		}
-	}
-
-	// Read Frame_Content_Size
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#frame_content_size
-	var fcsSize int
-	v := fhd >> 6
-	switch v {
-	case 0:
-		if h.SingleSegment {
-			fcsSize = 1
-		}
-	default:
-		fcsSize = 1 << v
-	}
-
-	if fcsSize > 0 {
-		h.HasFCS = true
-		if len(in) < fcsSize {
-			return nil, io.ErrUnexpectedEOF
-		}
-		b, in = in[:fcsSize], in[fcsSize:]
-		h.HeaderSize += int(fcsSize)
-		switch len(b) {
-		case 1:
-			h.FrameContentSize = uint64(b[0])
-		case 2:
-			// When FCS_Field_Size is 2, the offset of 256 is added.
-			h.FrameContentSize = uint64(b[0]) | (uint64(b[1]) << 8) + 256
-		case 4:
-			h.FrameContentSize = uint64(b[0]) | (uint64(b[1]) << 8) | (uint64(b[2]) << 16) | (uint64(b[3]) << 24)
-		case 8:
-			d1 := uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
-			d2 := uint32(b[4]) | (uint32(b[5]) << 8) | (uint32(b[6]) << 16) | (uint32(b[7]) << 24)
-			h.FrameContentSize = uint64(d1) | (uint64(d2) << 32)
-		}
-	}
-
-	// Frame Header done, we will not fail from now on.
-	if len(in) < 3 {
-		return in, nil
-	}
-	tmp := in[:3]
-	bh := uint32(tmp[0]) | (uint32(tmp[1]) << 8) | (uint32(tmp[2]) << 16)
-	h.FirstBlock.Last = bh&1 != 0
-	blockType := blockType((bh >> 1) & 3)
-	// find size.
-	cSize := int(bh >> 3)
-	switch blockType {
-	case blockTypeReserved:
-		return in, nil
-	case blockTypeRLE:
-		h.FirstBlock.Compressed = true
-		h.FirstBlock.DecompressedSize = cSize
-		h.FirstBlock.CompressedSize = 1
-	case blockTypeCompressed:
-		h.FirstBlock.Compressed = true
-		h.FirstBlock.CompressedSize = cSize
-	case blockTypeRaw:
-		h.FirstBlock.DecompressedSize = cSize
-		h.FirstBlock.CompressedSize = cSize
-	default:
-		panic("Invalid block type")
-	}
-
-	h.FirstBlock.OK = true
-	return in, nil
-}
-
-// AppendTo will append the encoded header to the dst slice.
-// There is no error checking performed on the header values.
-func (h *Header) AppendTo(dst []byte) ([]byte, error) {
-	if h.Skippable {
-		magic := [4]byte{0x50, 0x2a, 0x4d, 0x18}
-		magic[0] |= byte(h.SkippableID & 0xf)
-		dst = append(dst, magic[:]...)
-		f := h.SkippableSize
-		return append(dst, uint8(f), uint8(f>>8), uint8(f>>16), uint8(f>>24)), nil
-	}
-	f := frameHeader{
-		ContentSize:   h.FrameContentSize,
-		WindowSize:    uint32(h.WindowSize),
-		SingleSegment: h.SingleSegment,
-		Checksum:      h.HasCheckSum,
-		DictID:        h.DictionaryID,
-	}
-	return f.appendTo(dst), nil
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/decoder.go b/vendor/github.com/klauspost/compress/zstd/decoder.go
deleted file mode 100644
index bbca17234..000000000
--- a/vendor/github.com/klauspost/compress/zstd/decoder.go
+++ /dev/null
@@ -1,948 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"context"
-	"encoding/binary"
-	"io"
-	"sync"
-
-	"github.com/klauspost/compress/zstd/internal/xxhash"
-)
-
-// Decoder provides decoding of zstandard streams.
-// The decoder has been designed to operate without allocations after a warmup.
-// This means that you should store the decoder for best performance.
-// To re-use a stream decoder, use the Reset(r io.Reader) error to switch to another stream.
-// A decoder can safely be re-used even if the previous stream failed.
-// To release the resources, you must call the Close() function on a decoder.
-type Decoder struct {
-	o decoderOptions
-
-	// Unreferenced decoders, ready for use.
-	decoders chan *blockDec
-
-	// Current read position used for Reader functionality.
-	current decoderState
-
-	// sync stream decoding
-	syncStream struct {
-		decodedFrame uint64
-		br           readerWrapper
-		enabled      bool
-		inFrame      bool
-		dstBuf       []byte
-	}
-
-	frame *frameDec
-
-	// Custom dictionaries.
-	dicts map[uint32]*dict
-
-	// streamWg is the waitgroup for all streams
-	streamWg sync.WaitGroup
-}
-
-// decoderState is used for maintaining state when the decoder
-// is used for streaming.
-type decoderState struct {
-	// current block being written to stream.
-	decodeOutput
-
-	// output in order to be written to stream.
-	output chan decodeOutput
-
-	// cancel remaining output.
-	cancel context.CancelFunc
-
-	// crc of current frame
-	crc *xxhash.Digest
-
-	flushed bool
-}
-
-var (
-	// Check the interfaces we want to support.
-	_ = io.WriterTo(&Decoder{})
-	_ = io.Reader(&Decoder{})
-)
-
-// NewReader creates a new decoder.
-// A nil Reader can be provided in which case Reset can be used to start a decode.
-//
-// A Decoder can be used in two modes:
-//
-// 1) As a stream, or
-// 2) For stateless decoding using DecodeAll.
-//
-// Only a single stream can be decoded concurrently, but the same decoder
-// can run multiple concurrent stateless decodes. It is even possible to
-// use stateless decodes while a stream is being decoded.
-//
-// The Reset function can be used to initiate a new stream, which will considerably
-// reduce the allocations normally caused by NewReader.
-func NewReader(r io.Reader, opts ...DOption) (*Decoder, error) {
-	initPredefined()
-	var d Decoder
-	d.o.setDefault()
-	for _, o := range opts {
-		err := o(&d.o)
-		if err != nil {
-			return nil, err
-		}
-	}
-	d.current.crc = xxhash.New()
-	d.current.flushed = true
-
-	if r == nil {
-		d.current.err = ErrDecoderNilInput
-	}
-
-	// Transfer option dicts.
-	d.dicts = make(map[uint32]*dict, len(d.o.dicts))
-	for _, dc := range d.o.dicts {
-		d.dicts[dc.id] = dc
-	}
-	d.o.dicts = nil
-
-	// Create decoders
-	d.decoders = make(chan *blockDec, d.o.concurrent)
-	for i := 0; i < d.o.concurrent; i++ {
-		dec := newBlockDec(d.o.lowMem)
-		dec.localFrame = newFrameDec(d.o)
-		d.decoders <- dec
-	}
-
-	if r == nil {
-		return &d, nil
-	}
-	return &d, d.Reset(r)
-}
-
-// Read bytes from the decompressed stream into p.
-// Returns the number of bytes written and any error that occurred.
-// When the stream is done, io.EOF will be returned.
-func (d *Decoder) Read(p []byte) (int, error) {
-	var n int
-	for {
-		if len(d.current.b) > 0 {
-			filled := copy(p, d.current.b)
-			p = p[filled:]
-			d.current.b = d.current.b[filled:]
-			n += filled
-		}
-		if len(p) == 0 {
-			break
-		}
-		if len(d.current.b) == 0 {
-			// We have an error and no more data
-			if d.current.err != nil {
-				break
-			}
-			if !d.nextBlock(n == 0) {
-				return n, d.current.err
-			}
-		}
-	}
-	if len(d.current.b) > 0 {
-		if debugDecoder {
-			println("returning", n, "still bytes left:", len(d.current.b))
-		}
-		// Only return error at end of block
-		return n, nil
-	}
-	if d.current.err != nil {
-		d.drainOutput()
-	}
-	if debugDecoder {
-		println("returning", n, d.current.err, len(d.decoders))
-	}
-	return n, d.current.err
-}
-
-// Reset will reset the decoder the supplied stream after the current has finished processing.
-// Note that this functionality cannot be used after Close has been called.
-// Reset can be called with a nil reader to release references to the previous reader.
-// After being called with a nil reader, no other operations than Reset or DecodeAll or Close
-// should be used.
-func (d *Decoder) Reset(r io.Reader) error {
-	if d.current.err == ErrDecoderClosed {
-		return d.current.err
-	}
-
-	d.drainOutput()
-
-	d.syncStream.br.r = nil
-	if r == nil {
-		d.current.err = ErrDecoderNilInput
-		if len(d.current.b) > 0 {
-			d.current.b = d.current.b[:0]
-		}
-		d.current.flushed = true
-		return nil
-	}
-
-	// If bytes buffer and < 5MB, do sync decoding anyway.
-	if bb, ok := r.(byter); ok && bb.Len() < d.o.decodeBufsBelow && !d.o.limitToCap {
-		bb2 := bb
-		if debugDecoder {
-			println("*bytes.Buffer detected, doing sync decode, len:", bb.Len())
-		}
-		b := bb2.Bytes()
-		var dst []byte
-		if cap(d.syncStream.dstBuf) > 0 {
-			dst = d.syncStream.dstBuf[:0]
-		}
-
-		dst, err := d.DecodeAll(b, dst)
-		if err == nil {
-			err = io.EOF
-		}
-		// Save output buffer
-		d.syncStream.dstBuf = dst
-		d.current.b = dst
-		d.current.err = err
-		d.current.flushed = true
-		if debugDecoder {
-			println("sync decode to", len(dst), "bytes, err:", err)
-		}
-		return nil
-	}
-	// Remove current block.
-	d.stashDecoder()
-	d.current.decodeOutput = decodeOutput{}
-	d.current.err = nil
-	d.current.flushed = false
-	d.current.d = nil
-	d.syncStream.dstBuf = nil
-
-	// Ensure no-one else is still running...
-	d.streamWg.Wait()
-	if d.frame == nil {
-		d.frame = newFrameDec(d.o)
-	}
-
-	if d.o.concurrent == 1 {
-		return d.startSyncDecoder(r)
-	}
-
-	d.current.output = make(chan decodeOutput, d.o.concurrent)
-	ctx, cancel := context.WithCancel(context.Background())
-	d.current.cancel = cancel
-	d.streamWg.Add(1)
-	go d.startStreamDecoder(ctx, r, d.current.output)
-
-	return nil
-}
-
-// drainOutput will drain the output until errEndOfStream is sent.
-func (d *Decoder) drainOutput() {
-	if d.current.cancel != nil {
-		if debugDecoder {
-			println("cancelling current")
-		}
-		d.current.cancel()
-		d.current.cancel = nil
-	}
-	if d.current.d != nil {
-		if debugDecoder {
-			printf("re-adding current decoder %p, decoders: %d", d.current.d, len(d.decoders))
-		}
-		d.decoders <- d.current.d
-		d.current.d = nil
-		d.current.b = nil
-	}
-	if d.current.output == nil || d.current.flushed {
-		println("current already flushed")
-		return
-	}
-	for v := range d.current.output {
-		if v.d != nil {
-			if debugDecoder {
-				printf("re-adding decoder %p", v.d)
-			}
-			d.decoders <- v.d
-		}
-	}
-	d.current.output = nil
-	d.current.flushed = true
-}
-
-// WriteTo writes data to w until there's no more data to write or when an error occurs.
-// The return value n is the number of bytes written.
-// Any error encountered during the write is also returned.
-func (d *Decoder) WriteTo(w io.Writer) (int64, error) {
-	var n int64
-	for {
-		if len(d.current.b) > 0 {
-			n2, err2 := w.Write(d.current.b)
-			n += int64(n2)
-			if err2 != nil && (d.current.err == nil || d.current.err == io.EOF) {
-				d.current.err = err2
-			} else if n2 != len(d.current.b) {
-				d.current.err = io.ErrShortWrite
-			}
-		}
-		if d.current.err != nil {
-			break
-		}
-		d.nextBlock(true)
-	}
-	err := d.current.err
-	if err != nil {
-		d.drainOutput()
-	}
-	if err == io.EOF {
-		err = nil
-	}
-	return n, err
-}
-
-// DecodeAll allows stateless decoding of a blob of bytes.
-// Output will be appended to dst, so if the destination size is known
-// you can pre-allocate the destination slice to avoid allocations.
-// DecodeAll can be used concurrently.
-// The Decoder concurrency limits will be respected.
-func (d *Decoder) DecodeAll(input, dst []byte) ([]byte, error) {
-	if d.decoders == nil {
-		return dst, ErrDecoderClosed
-	}
-
-	// Grab a block decoder and frame decoder.
-	block := <-d.decoders
-	frame := block.localFrame
-	initialSize := len(dst)
-	defer func() {
-		if debugDecoder {
-			printf("re-adding decoder: %p", block)
-		}
-		frame.rawInput = nil
-		frame.bBuf = nil
-		if frame.history.decoders.br != nil {
-			frame.history.decoders.br.in = nil
-		}
-		d.decoders <- block
-	}()
-	frame.bBuf = input
-
-	for {
-		frame.history.reset()
-		err := frame.reset(&frame.bBuf)
-		if err != nil {
-			if err == io.EOF {
-				if debugDecoder {
-					println("frame reset return EOF")
-				}
-				return dst, nil
-			}
-			return dst, err
-		}
-		if err = d.setDict(frame); err != nil {
-			return nil, err
-		}
-		if frame.WindowSize > d.o.maxWindowSize {
-			if debugDecoder {
-				println("window size exceeded:", frame.WindowSize, ">", d.o.maxWindowSize)
-			}
-			return dst, ErrWindowSizeExceeded
-		}
-		if frame.FrameContentSize != fcsUnknown {
-			if frame.FrameContentSize > d.o.maxDecodedSize-uint64(len(dst)-initialSize) {
-				if debugDecoder {
-					println("decoder size exceeded; fcs:", frame.FrameContentSize, "> mcs:", d.o.maxDecodedSize-uint64(len(dst)-initialSize), "len:", len(dst))
-				}
-				return dst, ErrDecoderSizeExceeded
-			}
-			if d.o.limitToCap && frame.FrameContentSize > uint64(cap(dst)-len(dst)) {
-				if debugDecoder {
-					println("decoder size exceeded; fcs:", frame.FrameContentSize, "> (cap-len)", cap(dst)-len(dst))
-				}
-				return dst, ErrDecoderSizeExceeded
-			}
-			if cap(dst)-len(dst) < int(frame.FrameContentSize) {
-				dst2 := make([]byte, len(dst), len(dst)+int(frame.FrameContentSize)+compressedBlockOverAlloc)
-				copy(dst2, dst)
-				dst = dst2
-			}
-		}
-
-		if cap(dst) == 0 && !d.o.limitToCap {
-			// Allocate len(input) * 2 by default if nothing is provided
-			// and we didn't get frame content size.
-			size := len(input) * 2
-			// Cap to 1 MB.
-			if size > 1<<20 {
-				size = 1 << 20
-			}
-			if uint64(size) > d.o.maxDecodedSize {
-				size = int(d.o.maxDecodedSize)
-			}
-			dst = make([]byte, 0, size)
-		}
-
-		dst, err = frame.runDecoder(dst, block)
-		if err != nil {
-			return dst, err
-		}
-		if uint64(len(dst)-initialSize) > d.o.maxDecodedSize {
-			return dst, ErrDecoderSizeExceeded
-		}
-		if len(frame.bBuf) == 0 {
-			if debugDecoder {
-				println("frame dbuf empty")
-			}
-			break
-		}
-	}
-	return dst, nil
-}
-
-// nextBlock returns the next block.
-// If an error occurs d.err will be set.
-// Optionally the function can block for new output.
-// If non-blocking mode is used the returned boolean will be false
-// if no data was available without blocking.
-func (d *Decoder) nextBlock(blocking bool) (ok bool) {
-	if d.current.err != nil {
-		// Keep error state.
-		return false
-	}
-	d.current.b = d.current.b[:0]
-
-	// SYNC:
-	if d.syncStream.enabled {
-		if !blocking {
-			return false
-		}
-		ok = d.nextBlockSync()
-		if !ok {
-			d.stashDecoder()
-		}
-		return ok
-	}
-
-	//ASYNC:
-	d.stashDecoder()
-	if blocking {
-		d.current.decodeOutput, ok = <-d.current.output
-	} else {
-		select {
-		case d.current.decodeOutput, ok = <-d.current.output:
-		default:
-			return false
-		}
-	}
-	if !ok {
-		// This should not happen, so signal error state...
-		d.current.err = io.ErrUnexpectedEOF
-		return false
-	}
-	next := d.current.decodeOutput
-	if next.d != nil && next.d.async.newHist != nil {
-		d.current.crc.Reset()
-	}
-	if debugDecoder {
-		var tmp [4]byte
-		binary.LittleEndian.PutUint32(tmp[:], uint32(xxhash.Sum64(next.b)))
-		println("got", len(d.current.b), "bytes, error:", d.current.err, "data crc:", tmp)
-	}
-
-	if d.o.ignoreChecksum {
-		return true
-	}
-
-	if len(next.b) > 0 {
-		d.current.crc.Write(next.b)
-	}
-	if next.err == nil && next.d != nil && next.d.hasCRC {
-		got := uint32(d.current.crc.Sum64())
-		if got != next.d.checkCRC {
-			if debugDecoder {
-				printf("CRC Check Failed: %08x (got) != %08x (on stream)\n", got, next.d.checkCRC)
-			}
-			d.current.err = ErrCRCMismatch
-		} else {
-			if debugDecoder {
-				printf("CRC ok %08x\n", got)
-			}
-		}
-	}
-
-	return true
-}
-
-func (d *Decoder) nextBlockSync() (ok bool) {
-	if d.current.d == nil {
-		d.current.d = <-d.decoders
-	}
-	for len(d.current.b) == 0 {
-		if !d.syncStream.inFrame {
-			d.frame.history.reset()
-			d.current.err = d.frame.reset(&d.syncStream.br)
-			if d.current.err == nil {
-				d.current.err = d.setDict(d.frame)
-			}
-			if d.current.err != nil {
-				return false
-			}
-			if d.frame.WindowSize > d.o.maxDecodedSize || d.frame.WindowSize > d.o.maxWindowSize {
-				d.current.err = ErrDecoderSizeExceeded
-				return false
-			}
-
-			d.syncStream.decodedFrame = 0
-			d.syncStream.inFrame = true
-		}
-		d.current.err = d.frame.next(d.current.d)
-		if d.current.err != nil {
-			return false
-		}
-		d.frame.history.ensureBlock()
-		if debugDecoder {
-			println("History trimmed:", len(d.frame.history.b), "decoded already:", d.syncStream.decodedFrame)
-		}
-		histBefore := len(d.frame.history.b)
-		d.current.err = d.current.d.decodeBuf(&d.frame.history)
-
-		if d.current.err != nil {
-			println("error after:", d.current.err)
-			return false
-		}
-		d.current.b = d.frame.history.b[histBefore:]
-		if debugDecoder {
-			println("history after:", len(d.frame.history.b))
-		}
-
-		// Check frame size (before CRC)
-		d.syncStream.decodedFrame += uint64(len(d.current.b))
-		if d.syncStream.decodedFrame > d.frame.FrameContentSize {
-			if debugDecoder {
-				printf("DecodedFrame (%d) > FrameContentSize (%d)\n", d.syncStream.decodedFrame, d.frame.FrameContentSize)
-			}
-			d.current.err = ErrFrameSizeExceeded
-			return false
-		}
-
-		// Check FCS
-		if d.current.d.Last && d.frame.FrameContentSize != fcsUnknown && d.syncStream.decodedFrame != d.frame.FrameContentSize {
-			if debugDecoder {
-				printf("DecodedFrame (%d) != FrameContentSize (%d)\n", d.syncStream.decodedFrame, d.frame.FrameContentSize)
-			}
-			d.current.err = ErrFrameSizeMismatch
-			return false
-		}
-
-		// Update/Check CRC
-		if d.frame.HasCheckSum {
-			if !d.o.ignoreChecksum {
-				d.frame.crc.Write(d.current.b)
-			}
-			if d.current.d.Last {
-				if !d.o.ignoreChecksum {
-					d.current.err = d.frame.checkCRC()
-				} else {
-					d.current.err = d.frame.consumeCRC()
-				}
-				if d.current.err != nil {
-					println("CRC error:", d.current.err)
-					return false
-				}
-			}
-		}
-		d.syncStream.inFrame = !d.current.d.Last
-	}
-	return true
-}
-
-func (d *Decoder) stashDecoder() {
-	if d.current.d != nil {
-		if debugDecoder {
-			printf("re-adding current decoder %p", d.current.d)
-		}
-		d.decoders <- d.current.d
-		d.current.d = nil
-	}
-}
-
-// Close will release all resources.
-// It is NOT possible to reuse the decoder after this.
-func (d *Decoder) Close() {
-	if d.current.err == ErrDecoderClosed {
-		return
-	}
-	d.drainOutput()
-	if d.current.cancel != nil {
-		d.current.cancel()
-		d.streamWg.Wait()
-		d.current.cancel = nil
-	}
-	if d.decoders != nil {
-		close(d.decoders)
-		for dec := range d.decoders {
-			dec.Close()
-		}
-		d.decoders = nil
-	}
-	if d.current.d != nil {
-		d.current.d.Close()
-		d.current.d = nil
-	}
-	d.current.err = ErrDecoderClosed
-}
-
-// IOReadCloser returns the decoder as an io.ReadCloser for convenience.
-// Any changes to the decoder will be reflected, so the returned ReadCloser
-// can be reused along with the decoder.
-// io.WriterTo is also supported by the returned ReadCloser.
-func (d *Decoder) IOReadCloser() io.ReadCloser {
-	return closeWrapper{d: d}
-}
-
-// closeWrapper wraps a function call as a closer.
-type closeWrapper struct {
-	d *Decoder
-}
-
-// WriteTo forwards WriteTo calls to the decoder.
-func (c closeWrapper) WriteTo(w io.Writer) (n int64, err error) {
-	return c.d.WriteTo(w)
-}
-
-// Read forwards read calls to the decoder.
-func (c closeWrapper) Read(p []byte) (n int, err error) {
-	return c.d.Read(p)
-}
-
-// Close closes the decoder.
-func (c closeWrapper) Close() error {
-	c.d.Close()
-	return nil
-}
-
-type decodeOutput struct {
-	d   *blockDec
-	b   []byte
-	err error
-}
-
-func (d *Decoder) startSyncDecoder(r io.Reader) error {
-	d.frame.history.reset()
-	d.syncStream.br = readerWrapper{r: r}
-	d.syncStream.inFrame = false
-	d.syncStream.enabled = true
-	d.syncStream.decodedFrame = 0
-	return nil
-}
-
-// Create Decoder:
-// ASYNC:
-// Spawn 3 go routines.
-// 0: Read frames and decode block literals.
-// 1: Decode sequences.
-// 2: Execute sequences, send to output.
-func (d *Decoder) startStreamDecoder(ctx context.Context, r io.Reader, output chan decodeOutput) {
-	defer d.streamWg.Done()
-	br := readerWrapper{r: r}
-
-	var seqDecode = make(chan *blockDec, d.o.concurrent)
-	var seqExecute = make(chan *blockDec, d.o.concurrent)
-
-	// Async 1: Decode sequences...
-	go func() {
-		var hist history
-		var hasErr bool
-
-		for block := range seqDecode {
-			if hasErr {
-				if block != nil {
-					seqExecute <- block
-				}
-				continue
-			}
-			if block.async.newHist != nil {
-				if debugDecoder {
-					println("Async 1: new history, recent:", block.async.newHist.recentOffsets)
-				}
-				hist.reset()
-				hist.decoders = block.async.newHist.decoders
-				hist.recentOffsets = block.async.newHist.recentOffsets
-				hist.windowSize = block.async.newHist.windowSize
-				if block.async.newHist.dict != nil {
-					hist.setDict(block.async.newHist.dict)
-				}
-			}
-			if block.err != nil || block.Type != blockTypeCompressed {
-				hasErr = block.err != nil
-				seqExecute <- block
-				continue
-			}
-
-			hist.decoders.literals = block.async.literals
-			block.err = block.prepareSequences(block.async.seqData, &hist)
-			if debugDecoder && block.err != nil {
-				println("prepareSequences returned:", block.err)
-			}
-			hasErr = block.err != nil
-			if block.err == nil {
-				block.err = block.decodeSequences(&hist)
-				if debugDecoder && block.err != nil {
-					println("decodeSequences returned:", block.err)
-				}
-				hasErr = block.err != nil
-				//				block.async.sequence = hist.decoders.seq[:hist.decoders.nSeqs]
-				block.async.seqSize = hist.decoders.seqSize
-			}
-			seqExecute <- block
-		}
-		close(seqExecute)
-		hist.reset()
-	}()
-
-	var wg sync.WaitGroup
-	wg.Add(1)
-
-	// Async 3: Execute sequences...
-	frameHistCache := d.frame.history.b
-	go func() {
-		var hist history
-		var decodedFrame uint64
-		var fcs uint64
-		var hasErr bool
-		for block := range seqExecute {
-			out := decodeOutput{err: block.err, d: block}
-			if block.err != nil || hasErr {
-				hasErr = true
-				output <- out
-				continue
-			}
-			if block.async.newHist != nil {
-				if debugDecoder {
-					println("Async 2: new history")
-				}
-				hist.reset()
-				hist.windowSize = block.async.newHist.windowSize
-				hist.allocFrameBuffer = block.async.newHist.allocFrameBuffer
-				if block.async.newHist.dict != nil {
-					hist.setDict(block.async.newHist.dict)
-				}
-
-				if cap(hist.b) < hist.allocFrameBuffer {
-					if cap(frameHistCache) >= hist.allocFrameBuffer {
-						hist.b = frameHistCache
-					} else {
-						hist.b = make([]byte, 0, hist.allocFrameBuffer)
-						println("Alloc history sized", hist.allocFrameBuffer)
-					}
-				}
-				hist.b = hist.b[:0]
-				fcs = block.async.fcs
-				decodedFrame = 0
-			}
-			do := decodeOutput{err: block.err, d: block}
-			switch block.Type {
-			case blockTypeRLE:
-				if debugDecoder {
-					println("add rle block length:", block.RLESize)
-				}
-
-				if cap(block.dst) < int(block.RLESize) {
-					if block.lowMem {
-						block.dst = make([]byte, block.RLESize)
-					} else {
-						block.dst = make([]byte, maxCompressedBlockSize)
-					}
-				}
-				block.dst = block.dst[:block.RLESize]
-				v := block.data[0]
-				for i := range block.dst {
-					block.dst[i] = v
-				}
-				hist.append(block.dst)
-				do.b = block.dst
-			case blockTypeRaw:
-				if debugDecoder {
-					println("add raw block length:", len(block.data))
-				}
-				hist.append(block.data)
-				do.b = block.data
-			case blockTypeCompressed:
-				if debugDecoder {
-					println("execute with history length:", len(hist.b), "window:", hist.windowSize)
-				}
-				hist.decoders.seqSize = block.async.seqSize
-				hist.decoders.literals = block.async.literals
-				do.err = block.executeSequences(&hist)
-				hasErr = do.err != nil
-				if debugDecoder && hasErr {
-					println("executeSequences returned:", do.err)
-				}
-				do.b = block.dst
-			}
-			if !hasErr {
-				decodedFrame += uint64(len(do.b))
-				if decodedFrame > fcs {
-					println("fcs exceeded", block.Last, fcs, decodedFrame)
-					do.err = ErrFrameSizeExceeded
-					hasErr = true
-				} else if block.Last && fcs != fcsUnknown && decodedFrame != fcs {
-					do.err = ErrFrameSizeMismatch
-					hasErr = true
-				} else {
-					if debugDecoder {
-						println("fcs ok", block.Last, fcs, decodedFrame)
-					}
-				}
-			}
-			output <- do
-		}
-		close(output)
-		frameHistCache = hist.b
-		wg.Done()
-		if debugDecoder {
-			println("decoder goroutines finished")
-		}
-		hist.reset()
-	}()
-
-	var hist history
-decodeStream:
-	for {
-		var hasErr bool
-		hist.reset()
-		decodeBlock := func(block *blockDec) {
-			if hasErr {
-				if block != nil {
-					seqDecode <- block
-				}
-				return
-			}
-			if block.err != nil || block.Type != blockTypeCompressed {
-				hasErr = block.err != nil
-				seqDecode <- block
-				return
-			}
-
-			remain, err := block.decodeLiterals(block.data, &hist)
-			block.err = err
-			hasErr = block.err != nil
-			if err == nil {
-				block.async.literals = hist.decoders.literals
-				block.async.seqData = remain
-			} else if debugDecoder {
-				println("decodeLiterals error:", err)
-			}
-			seqDecode <- block
-		}
-		frame := d.frame
-		if debugDecoder {
-			println("New frame...")
-		}
-		var historySent bool
-		frame.history.reset()
-		err := frame.reset(&br)
-		if debugDecoder && err != nil {
-			println("Frame decoder returned", err)
-		}
-		if err == nil {
-			err = d.setDict(frame)
-		}
-		if err == nil && d.frame.WindowSize > d.o.maxWindowSize {
-			if debugDecoder {
-				println("decoder size exceeded, fws:", d.frame.WindowSize, "> mws:", d.o.maxWindowSize)
-			}
-
-			err = ErrDecoderSizeExceeded
-		}
-		if err != nil {
-			select {
-			case <-ctx.Done():
-			case dec := <-d.decoders:
-				dec.sendErr(err)
-				decodeBlock(dec)
-			}
-			break decodeStream
-		}
-
-		// Go through all blocks of the frame.
-		for {
-			var dec *blockDec
-			select {
-			case <-ctx.Done():
-				break decodeStream
-			case dec = <-d.decoders:
-				// Once we have a decoder, we MUST return it.
-			}
-			err := frame.next(dec)
-			if !historySent {
-				h := frame.history
-				if debugDecoder {
-					println("Alloc History:", h.allocFrameBuffer)
-				}
-				hist.reset()
-				if h.dict != nil {
-					hist.setDict(h.dict)
-				}
-				dec.async.newHist = &h
-				dec.async.fcs = frame.FrameContentSize
-				historySent = true
-			} else {
-				dec.async.newHist = nil
-			}
-			if debugDecoder && err != nil {
-				println("next block returned error:", err)
-			}
-			dec.err = err
-			dec.hasCRC = false
-			if dec.Last && frame.HasCheckSum && err == nil {
-				crc, err := frame.rawInput.readSmall(4)
-				if len(crc) < 4 {
-					if err == nil {
-						err = io.ErrUnexpectedEOF
-
-					}
-					println("CRC missing?", err)
-					dec.err = err
-				} else {
-					dec.checkCRC = binary.LittleEndian.Uint32(crc)
-					dec.hasCRC = true
-					if debugDecoder {
-						printf("found crc to check: %08x\n", dec.checkCRC)
-					}
-				}
-			}
-			err = dec.err
-			last := dec.Last
-			decodeBlock(dec)
-			if err != nil {
-				break decodeStream
-			}
-			if last {
-				break
-			}
-		}
-	}
-	close(seqDecode)
-	wg.Wait()
-	hist.reset()
-	d.frame.history.b = frameHistCache
-}
-
-func (d *Decoder) setDict(frame *frameDec) (err error) {
-	dict, ok := d.dicts[frame.DictionaryID]
-	if ok {
-		if debugDecoder {
-			println("setting dict", frame.DictionaryID)
-		}
-		frame.history.setDict(dict)
-	} else if frame.DictionaryID != 0 {
-		// A zero or missing dictionary id is ambiguous:
-		// either dictionary zero, or no dictionary. In particular,
-		// zstd --patch-from uses this id for the source file,
-		// so only return an error if the dictionary id is not zero.
-		err = ErrUnknownDictionary
-	}
-	return err
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/decoder_options.go b/vendor/github.com/klauspost/compress/zstd/decoder_options.go
deleted file mode 100644
index 774c5f00f..000000000
--- a/vendor/github.com/klauspost/compress/zstd/decoder_options.go
+++ /dev/null
@@ -1,169 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"errors"
-	"fmt"
-	"math/bits"
-	"runtime"
-)
-
-// DOption is an option for creating a decoder.
-type DOption func(*decoderOptions) error
-
-// options retains accumulated state of multiple options.
-type decoderOptions struct {
-	lowMem          bool
-	concurrent      int
-	maxDecodedSize  uint64
-	maxWindowSize   uint64
-	dicts           []*dict
-	ignoreChecksum  bool
-	limitToCap      bool
-	decodeBufsBelow int
-}
-
-func (o *decoderOptions) setDefault() {
-	*o = decoderOptions{
-		// use less ram: true for now, but may change.
-		lowMem:          true,
-		concurrent:      runtime.GOMAXPROCS(0),
-		maxWindowSize:   MaxWindowSize,
-		decodeBufsBelow: 128 << 10,
-	}
-	if o.concurrent > 4 {
-		o.concurrent = 4
-	}
-	o.maxDecodedSize = 64 << 30
-}
-
-// WithDecoderLowmem will set whether to use a lower amount of memory,
-// but possibly have to allocate more while running.
-func WithDecoderLowmem(b bool) DOption {
-	return func(o *decoderOptions) error { o.lowMem = b; return nil }
-}
-
-// WithDecoderConcurrency sets the number of created decoders.
-// When decoding block with DecodeAll, this will limit the number
-// of possible concurrently running decodes.
-// When decoding streams, this will limit the number of
-// inflight blocks.
-// When decoding streams and setting maximum to 1,
-// no async decoding will be done.
-// When a value of 0 is provided GOMAXPROCS will be used.
-// By default this will be set to 4 or GOMAXPROCS, whatever is lower.
-func WithDecoderConcurrency(n int) DOption {
-	return func(o *decoderOptions) error {
-		if n < 0 {
-			return errors.New("concurrency must be at least 1")
-		}
-		if n == 0 {
-			o.concurrent = runtime.GOMAXPROCS(0)
-		} else {
-			o.concurrent = n
-		}
-		return nil
-	}
-}
-
-// WithDecoderMaxMemory allows to set a maximum decoded size for in-memory
-// non-streaming operations or maximum window size for streaming operations.
-// This can be used to control memory usage of potentially hostile content.
-// Maximum is 1 << 63 bytes. Default is 64GiB.
-func WithDecoderMaxMemory(n uint64) DOption {
-	return func(o *decoderOptions) error {
-		if n == 0 {
-			return errors.New("WithDecoderMaxMemory must be at least 1")
-		}
-		if n > 1<<63 {
-			return errors.New("WithDecoderMaxmemory must be less than 1 << 63")
-		}
-		o.maxDecodedSize = n
-		return nil
-	}
-}
-
-// WithDecoderDicts allows to register one or more dictionaries for the decoder.
-//
-// Each slice in dict must be in the [dictionary format] produced by
-// "zstd --train" from the Zstandard reference implementation.
-//
-// If several dictionaries with the same ID are provided, the last one will be used.
-//
-// [dictionary format]: https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#dictionary-format
-func WithDecoderDicts(dicts ...[]byte) DOption {
-	return func(o *decoderOptions) error {
-		for _, b := range dicts {
-			d, err := loadDict(b)
-			if err != nil {
-				return err
-			}
-			o.dicts = append(o.dicts, d)
-		}
-		return nil
-	}
-}
-
-// WithDecoderDictRaw registers a dictionary that may be used by the decoder.
-// The slice content can be arbitrary data.
-func WithDecoderDictRaw(id uint32, content []byte) DOption {
-	return func(o *decoderOptions) error {
-		if bits.UintSize > 32 && uint(len(content)) > dictMaxLength {
-			return fmt.Errorf("dictionary of size %d > 2GiB too large", len(content))
-		}
-		o.dicts = append(o.dicts, &dict{id: id, content: content, offsets: [3]int{1, 4, 8}})
-		return nil
-	}
-}
-
-// WithDecoderMaxWindow allows to set a maximum window size for decodes.
-// This allows rejecting packets that will cause big memory usage.
-// The Decoder will likely allocate more memory based on the WithDecoderLowmem setting.
-// If WithDecoderMaxMemory is set to a lower value, that will be used.
-// Default is 512MB, Maximum is ~3.75 TB as per zstandard spec.
-func WithDecoderMaxWindow(size uint64) DOption {
-	return func(o *decoderOptions) error {
-		if size < MinWindowSize {
-			return errors.New("WithMaxWindowSize must be at least 1KB, 1024 bytes")
-		}
-		if size > (1<<41)+7*(1<<38) {
-			return errors.New("WithMaxWindowSize must be less than (1<<41) + 7*(1<<38) ~ 3.75TB")
-		}
-		o.maxWindowSize = size
-		return nil
-	}
-}
-
-// WithDecodeAllCapLimit will limit DecodeAll to decoding cap(dst)-len(dst) bytes,
-// or any size set in WithDecoderMaxMemory.
-// This can be used to limit decoding to a specific maximum output size.
-// Disabled by default.
-func WithDecodeAllCapLimit(b bool) DOption {
-	return func(o *decoderOptions) error {
-		o.limitToCap = b
-		return nil
-	}
-}
-
-// WithDecodeBuffersBelow will fully decode readers that have a
-// `Bytes() []byte` and `Len() int` interface similar to bytes.Buffer.
-// This typically uses less allocations but will have the full decompressed object in memory.
-// Note that DecodeAllCapLimit will disable this, as well as giving a size of 0 or less.
-// Default is 128KiB.
-func WithDecodeBuffersBelow(size int) DOption {
-	return func(o *decoderOptions) error {
-		o.decodeBufsBelow = size
-		return nil
-	}
-}
-
-// IgnoreChecksum allows to forcibly ignore checksum checking.
-func IgnoreChecksum(b bool) DOption {
-	return func(o *decoderOptions) error {
-		o.ignoreChecksum = b
-		return nil
-	}
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/dict.go b/vendor/github.com/klauspost/compress/zstd/dict.go
deleted file mode 100644
index b7b83164b..000000000
--- a/vendor/github.com/klauspost/compress/zstd/dict.go
+++ /dev/null
@@ -1,565 +0,0 @@
-package zstd
-
-import (
-	"bytes"
-	"encoding/binary"
-	"errors"
-	"fmt"
-	"io"
-	"math"
-	"sort"
-
-	"github.com/klauspost/compress/huff0"
-)
-
-type dict struct {
-	id uint32
-
-	litEnc              *huff0.Scratch
-	llDec, ofDec, mlDec sequenceDec
-	offsets             [3]int
-	content             []byte
-}
-
-const dictMagic = "\x37\xa4\x30\xec"
-
-// Maximum dictionary size for the reference implementation (1.5.3) is 2 GiB.
-const dictMaxLength = 1 << 31
-
-// ID returns the dictionary id or 0 if d is nil.
-func (d *dict) ID() uint32 {
-	if d == nil {
-		return 0
-	}
-	return d.id
-}
-
-// ContentSize returns the dictionary content size or 0 if d is nil.
-func (d *dict) ContentSize() int {
-	if d == nil {
-		return 0
-	}
-	return len(d.content)
-}
-
-// Content returns the dictionary content.
-func (d *dict) Content() []byte {
-	if d == nil {
-		return nil
-	}
-	return d.content
-}
-
-// Offsets returns the initial offsets.
-func (d *dict) Offsets() [3]int {
-	if d == nil {
-		return [3]int{}
-	}
-	return d.offsets
-}
-
-// LitEncoder returns the literal encoder.
-func (d *dict) LitEncoder() *huff0.Scratch {
-	if d == nil {
-		return nil
-	}
-	return d.litEnc
-}
-
-// Load a dictionary as described in
-// https://github.com/facebook/zstd/blob/master/doc/zstd_compression_format.md#dictionary-format
-func loadDict(b []byte) (*dict, error) {
-	// Check static field size.
-	if len(b) <= 8+(3*4) {
-		return nil, io.ErrUnexpectedEOF
-	}
-	d := dict{
-		llDec: sequenceDec{fse: &fseDecoder{}},
-		ofDec: sequenceDec{fse: &fseDecoder{}},
-		mlDec: sequenceDec{fse: &fseDecoder{}},
-	}
-	if string(b[:4]) != dictMagic {
-		return nil, ErrMagicMismatch
-	}
-	d.id = binary.LittleEndian.Uint32(b[4:8])
-	if d.id == 0 {
-		return nil, errors.New("dictionaries cannot have ID 0")
-	}
-
-	// Read literal table
-	var err error
-	d.litEnc, b, err = huff0.ReadTable(b[8:], nil)
-	if err != nil {
-		return nil, fmt.Errorf("loading literal table: %w", err)
-	}
-	d.litEnc.Reuse = huff0.ReusePolicyMust
-
-	br := byteReader{
-		b:   b,
-		off: 0,
-	}
-	readDec := func(i tableIndex, dec *fseDecoder) error {
-		if err := dec.readNCount(&br, uint16(maxTableSymbol[i])); err != nil {
-			return err
-		}
-		if br.overread() {
-			return io.ErrUnexpectedEOF
-		}
-		err = dec.transform(symbolTableX[i])
-		if err != nil {
-			println("Transform table error:", err)
-			return err
-		}
-		if debugDecoder || debugEncoder {
-			println("Read table ok", "symbolLen:", dec.symbolLen)
-		}
-		// Set decoders as predefined so they aren't reused.
-		dec.preDefined = true
-		return nil
-	}
-
-	if err := readDec(tableOffsets, d.ofDec.fse); err != nil {
-		return nil, err
-	}
-	if err := readDec(tableMatchLengths, d.mlDec.fse); err != nil {
-		return nil, err
-	}
-	if err := readDec(tableLiteralLengths, d.llDec.fse); err != nil {
-		return nil, err
-	}
-	if br.remain() < 12 {
-		return nil, io.ErrUnexpectedEOF
-	}
-
-	d.offsets[0] = int(br.Uint32())
-	br.advance(4)
-	d.offsets[1] = int(br.Uint32())
-	br.advance(4)
-	d.offsets[2] = int(br.Uint32())
-	br.advance(4)
-	if d.offsets[0] <= 0 || d.offsets[1] <= 0 || d.offsets[2] <= 0 {
-		return nil, errors.New("invalid offset in dictionary")
-	}
-	d.content = make([]byte, br.remain())
-	copy(d.content, br.unread())
-	if d.offsets[0] > len(d.content) || d.offsets[1] > len(d.content) || d.offsets[2] > len(d.content) {
-		return nil, fmt.Errorf("initial offset bigger than dictionary content size %d, offsets: %v", len(d.content), d.offsets)
-	}
-
-	return &d, nil
-}
-
-// InspectDictionary loads a zstd dictionary and provides functions to inspect the content.
-func InspectDictionary(b []byte) (interface {
-	ID() uint32
-	ContentSize() int
-	Content() []byte
-	Offsets() [3]int
-	LitEncoder() *huff0.Scratch
-}, error) {
-	initPredefined()
-	d, err := loadDict(b)
-	return d, err
-}
-
-type BuildDictOptions struct {
-	// Dictionary ID.
-	ID uint32
-
-	// Content to use to create dictionary tables.
-	Contents [][]byte
-
-	// History to use for all blocks.
-	History []byte
-
-	// Offsets to use.
-	Offsets [3]int
-
-	// CompatV155 will make the dictionary compatible with Zstd v1.5.5 and earlier.
-	// See https://github.com/facebook/zstd/issues/3724
-	CompatV155 bool
-
-	// Use the specified encoder level.
-	// The dictionary will be built using the specified encoder level,
-	// which will reflect speed and make the dictionary tailored for that level.
-	// If not set SpeedBestCompression will be used.
-	Level EncoderLevel
-
-	// DebugOut will write stats and other details here if set.
-	DebugOut io.Writer
-}
-
-func BuildDict(o BuildDictOptions) ([]byte, error) {
-	initPredefined()
-	hist := o.History
-	contents := o.Contents
-	debug := o.DebugOut != nil
-	println := func(args ...interface{}) {
-		if o.DebugOut != nil {
-			fmt.Fprintln(o.DebugOut, args...)
-		}
-	}
-	printf := func(s string, args ...interface{}) {
-		if o.DebugOut != nil {
-			fmt.Fprintf(o.DebugOut, s, args...)
-		}
-	}
-	print := func(args ...interface{}) {
-		if o.DebugOut != nil {
-			fmt.Fprint(o.DebugOut, args...)
-		}
-	}
-
-	if int64(len(hist)) > dictMaxLength {
-		return nil, fmt.Errorf("dictionary of size %d > %d", len(hist), int64(dictMaxLength))
-	}
-	if len(hist) < 8 {
-		return nil, fmt.Errorf("dictionary of size %d < %d", len(hist), 8)
-	}
-	if len(contents) == 0 {
-		return nil, errors.New("no content provided")
-	}
-	d := dict{
-		id:      o.ID,
-		litEnc:  nil,
-		llDec:   sequenceDec{},
-		ofDec:   sequenceDec{},
-		mlDec:   sequenceDec{},
-		offsets: o.Offsets,
-		content: hist,
-	}
-	block := blockEnc{lowMem: false}
-	block.init()
-	enc := encoder(&bestFastEncoder{fastBase: fastBase{maxMatchOff: int32(maxMatchLen), bufferReset: math.MaxInt32 - int32(maxMatchLen*2), lowMem: false}})
-	if o.Level != 0 {
-		eOpts := encoderOptions{
-			level:      o.Level,
-			blockSize:  maxMatchLen,
-			windowSize: maxMatchLen,
-			dict:       &d,
-			lowMem:     false,
-		}
-		enc = eOpts.encoder()
-	} else {
-		o.Level = SpeedBestCompression
-	}
-	var (
-		remain [256]int
-		ll     [256]int
-		ml     [256]int
-		of     [256]int
-	)
-	addValues := func(dst *[256]int, src []byte) {
-		for _, v := range src {
-			dst[v]++
-		}
-	}
-	addHist := func(dst *[256]int, src *[256]uint32) {
-		for i, v := range src {
-			dst[i] += int(v)
-		}
-	}
-	seqs := 0
-	nUsed := 0
-	litTotal := 0
-	newOffsets := make(map[uint32]int, 1000)
-	for _, b := range contents {
-		block.reset(nil)
-		if len(b) < 8 {
-			continue
-		}
-		nUsed++
-		enc.Reset(&d, true)
-		enc.Encode(&block, b)
-		addValues(&remain, block.literals)
-		litTotal += len(block.literals)
-		if len(block.sequences) == 0 {
-			continue
-		}
-		seqs += len(block.sequences)
-		block.genCodes()
-		addHist(&ll, block.coders.llEnc.Histogram())
-		addHist(&ml, block.coders.mlEnc.Histogram())
-		addHist(&of, block.coders.ofEnc.Histogram())
-		for i, seq := range block.sequences {
-			if i > 3 {
-				break
-			}
-			offset := seq.offset
-			if offset == 0 {
-				continue
-			}
-			if int(offset) >= len(o.History) {
-				continue
-			}
-			if offset > 3 {
-				newOffsets[offset-3]++
-			} else {
-				newOffsets[uint32(o.Offsets[offset-1])]++
-			}
-		}
-	}
-	// Find most used offsets.
-	var sortedOffsets []uint32
-	for k := range newOffsets {
-		sortedOffsets = append(sortedOffsets, k)
-	}
-	sort.Slice(sortedOffsets, func(i, j int) bool {
-		a, b := sortedOffsets[i], sortedOffsets[j]
-		if a == b {
-			// Prefer the longer offset
-			return sortedOffsets[i] > sortedOffsets[j]
-		}
-		return newOffsets[sortedOffsets[i]] > newOffsets[sortedOffsets[j]]
-	})
-	if len(sortedOffsets) > 3 {
-		if debug {
-			print("Offsets:")
-			for i, v := range sortedOffsets {
-				if i > 20 {
-					break
-				}
-				printf("[%d: %d],", v, newOffsets[v])
-			}
-			println("")
-		}
-
-		sortedOffsets = sortedOffsets[:3]
-	}
-	for i, v := range sortedOffsets {
-		o.Offsets[i] = int(v)
-	}
-	if debug {
-		println("New repeat offsets", o.Offsets)
-	}
-
-	if nUsed == 0 || seqs == 0 {
-		return nil, fmt.Errorf("%d blocks, %d sequences found", nUsed, seqs)
-	}
-	if debug {
-		println("Sequences:", seqs, "Blocks:", nUsed, "Literals:", litTotal)
-	}
-	if seqs/nUsed < 512 {
-		// Use 512 as minimum.
-		nUsed = seqs / 512
-		if nUsed == 0 {
-			nUsed = 1
-		}
-	}
-	copyHist := func(dst *fseEncoder, src *[256]int) ([]byte, error) {
-		hist := dst.Histogram()
-		var maxSym uint8
-		var maxCount int
-		var fakeLength int
-		for i, v := range src {
-			if v > 0 {
-				v = v / nUsed
-				if v == 0 {
-					v = 1
-				}
-			}
-			if v > maxCount {
-				maxCount = v
-			}
-			if v != 0 {
-				maxSym = uint8(i)
-			}
-			fakeLength += v
-			hist[i] = uint32(v)
-		}
-
-		// Ensure we aren't trying to represent RLE.
-		if maxCount == fakeLength {
-			for i := range hist {
-				if uint8(i) == maxSym {
-					fakeLength++
-					maxSym++
-					hist[i+1] = 1
-					if maxSym > 1 {
-						break
-					}
-				}
-				if hist[0] == 0 {
-					fakeLength++
-					hist[i] = 1
-					if maxSym > 1 {
-						break
-					}
-				}
-			}
-		}
-
-		dst.HistogramFinished(maxSym, maxCount)
-		dst.reUsed = false
-		dst.useRLE = false
-		err := dst.normalizeCount(fakeLength)
-		if err != nil {
-			return nil, err
-		}
-		if debug {
-			println("RAW:", dst.count[:maxSym+1], "NORM:", dst.norm[:maxSym+1], "LEN:", fakeLength)
-		}
-		return dst.writeCount(nil)
-	}
-	if debug {
-		print("Literal lengths: ")
-	}
-	llTable, err := copyHist(block.coders.llEnc, &ll)
-	if err != nil {
-		return nil, err
-	}
-	if debug {
-		print("Match lengths: ")
-	}
-	mlTable, err := copyHist(block.coders.mlEnc, &ml)
-	if err != nil {
-		return nil, err
-	}
-	if debug {
-		print("Offsets: ")
-	}
-	ofTable, err := copyHist(block.coders.ofEnc, &of)
-	if err != nil {
-		return nil, err
-	}
-
-	// Literal table
-	avgSize := litTotal
-	if avgSize > huff0.BlockSizeMax/2 {
-		avgSize = huff0.BlockSizeMax / 2
-	}
-	huffBuff := make([]byte, 0, avgSize)
-	// Target size
-	div := litTotal / avgSize
-	if div < 1 {
-		div = 1
-	}
-	if debug {
-		println("Huffman weights:")
-	}
-	for i, n := range remain[:] {
-		if n > 0 {
-			n = n / div
-			// Allow all entries to be represented.
-			if n == 0 {
-				n = 1
-			}
-			huffBuff = append(huffBuff, bytes.Repeat([]byte{byte(i)}, n)...)
-			if debug {
-				printf("[%d: %d], ", i, n)
-			}
-		}
-	}
-	if o.CompatV155 && remain[255]/div == 0 {
-		huffBuff = append(huffBuff, 255)
-	}
-	scratch := &huff0.Scratch{TableLog: 11}
-	for tries := 0; tries < 255; tries++ {
-		scratch = &huff0.Scratch{TableLog: 11}
-		_, _, err = huff0.Compress1X(huffBuff, scratch)
-		if err == nil {
-			break
-		}
-		if debug {
-			printf("Try %d: Huffman error: %v\n", tries+1, err)
-		}
-		huffBuff = huffBuff[:0]
-		if tries == 250 {
-			if debug {
-				println("Huffman: Bailing out with predefined table")
-			}
-
-			// Bail out.... Just generate something
-			huffBuff = append(huffBuff, bytes.Repeat([]byte{255}, 10000)...)
-			for i := 0; i < 128; i++ {
-				huffBuff = append(huffBuff, byte(i))
-			}
-			continue
-		}
-		if errors.Is(err, huff0.ErrIncompressible) {
-			// Try truncating least common.
-			for i, n := range remain[:] {
-				if n > 0 {
-					n = n / (div * (i + 1))
-					if n > 0 {
-						huffBuff = append(huffBuff, bytes.Repeat([]byte{byte(i)}, n)...)
-					}
-				}
-			}
-			if o.CompatV155 && len(huffBuff) > 0 && huffBuff[len(huffBuff)-1] != 255 {
-				huffBuff = append(huffBuff, 255)
-			}
-			if len(huffBuff) == 0 {
-				huffBuff = append(huffBuff, 0, 255)
-			}
-		}
-		if errors.Is(err, huff0.ErrUseRLE) {
-			for i, n := range remain[:] {
-				n = n / (div * (i + 1))
-				// Allow all entries to be represented.
-				if n == 0 {
-					n = 1
-				}
-				huffBuff = append(huffBuff, bytes.Repeat([]byte{byte(i)}, n)...)
-			}
-		}
-	}
-
-	var out bytes.Buffer
-	out.Write([]byte(dictMagic))
-	out.Write(binary.LittleEndian.AppendUint32(nil, o.ID))
-	out.Write(scratch.OutTable)
-	if debug {
-		println("huff table:", len(scratch.OutTable), "bytes")
-		println("of table:", len(ofTable), "bytes")
-		println("ml table:", len(mlTable), "bytes")
-		println("ll table:", len(llTable), "bytes")
-	}
-	out.Write(ofTable)
-	out.Write(mlTable)
-	out.Write(llTable)
-	out.Write(binary.LittleEndian.AppendUint32(nil, uint32(o.Offsets[0])))
-	out.Write(binary.LittleEndian.AppendUint32(nil, uint32(o.Offsets[1])))
-	out.Write(binary.LittleEndian.AppendUint32(nil, uint32(o.Offsets[2])))
-	out.Write(hist)
-	if debug {
-		_, err := loadDict(out.Bytes())
-		if err != nil {
-			panic(err)
-		}
-		i, err := InspectDictionary(out.Bytes())
-		if err != nil {
-			panic(err)
-		}
-		println("ID:", i.ID())
-		println("Content size:", i.ContentSize())
-		println("Encoder:", i.LitEncoder() != nil)
-		println("Offsets:", i.Offsets())
-		var totalSize int
-		for _, b := range contents {
-			totalSize += len(b)
-		}
-
-		encWith := func(opts ...EOption) int {
-			enc, err := NewWriter(nil, opts...)
-			if err != nil {
-				panic(err)
-			}
-			defer enc.Close()
-			var dst []byte
-			var totalSize int
-			for _, b := range contents {
-				dst = enc.EncodeAll(b, dst[:0])
-				totalSize += len(dst)
-			}
-			return totalSize
-		}
-		plain := encWith(WithEncoderLevel(o.Level))
-		withDict := encWith(WithEncoderLevel(o.Level), WithEncoderDict(out.Bytes()))
-		println("Input size:", totalSize)
-		println("Plain Compressed:", plain)
-		println("Dict Compressed:", withDict)
-		println("Saved:", plain-withDict, (plain-withDict)/len(contents), "bytes per input (rounded down)")
-	}
-	return out.Bytes(), nil
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_base.go b/vendor/github.com/klauspost/compress/zstd/enc_base.go
deleted file mode 100644
index 5ca46038a..000000000
--- a/vendor/github.com/klauspost/compress/zstd/enc_base.go
+++ /dev/null
@@ -1,173 +0,0 @@
-package zstd
-
-import (
-	"fmt"
-	"math/bits"
-
-	"github.com/klauspost/compress/zstd/internal/xxhash"
-)
-
-const (
-	dictShardBits = 6
-)
-
-type fastBase struct {
-	// cur is the offset at the start of hist
-	cur int32
-	// maximum offset. Should be at least 2x block size.
-	maxMatchOff int32
-	bufferReset int32
-	hist        []byte
-	crc         *xxhash.Digest
-	tmp         [8]byte
-	blk         *blockEnc
-	lastDictID  uint32
-	lowMem      bool
-}
-
-// CRC returns the underlying CRC writer.
-func (e *fastBase) CRC() *xxhash.Digest {
-	return e.crc
-}
-
-// AppendCRC will append the CRC to the destination slice and return it.
-func (e *fastBase) AppendCRC(dst []byte) []byte {
-	crc := e.crc.Sum(e.tmp[:0])
-	dst = append(dst, crc[7], crc[6], crc[5], crc[4])
-	return dst
-}
-
-// WindowSize returns the window size of the encoder,
-// or a window size small enough to contain the input size, if > 0.
-func (e *fastBase) WindowSize(size int64) int32 {
-	if size > 0 && size < int64(e.maxMatchOff) {
-		b := int32(1) << uint(bits.Len(uint(size)))
-		// Keep minimum window.
-		if b < 1024 {
-			b = 1024
-		}
-		return b
-	}
-	return e.maxMatchOff
-}
-
-// Block returns the current block.
-func (e *fastBase) Block() *blockEnc {
-	return e.blk
-}
-
-func (e *fastBase) addBlock(src []byte) int32 {
-	if debugAsserts && e.cur > e.bufferReset {
-		panic(fmt.Sprintf("ecur (%d) > buffer reset (%d)", e.cur, e.bufferReset))
-	}
-	// check if we have space already
-	if len(e.hist)+len(src) > cap(e.hist) {
-		if cap(e.hist) == 0 {
-			e.ensureHist(len(src))
-		} else {
-			if cap(e.hist) < int(e.maxMatchOff+maxCompressedBlockSize) {
-				panic(fmt.Errorf("unexpected buffer cap %d, want at least %d with window %d", cap(e.hist), e.maxMatchOff+maxCompressedBlockSize, e.maxMatchOff))
-			}
-			// Move down
-			offset := int32(len(e.hist)) - e.maxMatchOff
-			copy(e.hist[0:e.maxMatchOff], e.hist[offset:])
-			e.cur += offset
-			e.hist = e.hist[:e.maxMatchOff]
-		}
-	}
-	s := int32(len(e.hist))
-	e.hist = append(e.hist, src...)
-	return s
-}
-
-// ensureHist will ensure that history can keep at least this many bytes.
-func (e *fastBase) ensureHist(n int) {
-	if cap(e.hist) >= n {
-		return
-	}
-	l := e.maxMatchOff
-	if (e.lowMem && e.maxMatchOff > maxCompressedBlockSize) || e.maxMatchOff <= maxCompressedBlockSize {
-		l += maxCompressedBlockSize
-	} else {
-		l += e.maxMatchOff
-	}
-	// Make it at least 1MB.
-	if l < 1<<20 && !e.lowMem {
-		l = 1 << 20
-	}
-	// Make it at least the requested size.
-	if l < int32(n) {
-		l = int32(n)
-	}
-	e.hist = make([]byte, 0, l)
-}
-
-// useBlock will replace the block with the provided one,
-// but transfer recent offsets from the previous.
-func (e *fastBase) UseBlock(enc *blockEnc) {
-	enc.reset(e.blk)
-	e.blk = enc
-}
-
-func (e *fastBase) matchlen(s, t int32, src []byte) int32 {
-	if debugAsserts {
-		if s < 0 {
-			err := fmt.Sprintf("s (%d) < 0", s)
-			panic(err)
-		}
-		if t < 0 {
-			err := fmt.Sprintf("s (%d) < 0", s)
-			panic(err)
-		}
-		if s-t > e.maxMatchOff {
-			err := fmt.Sprintf("s (%d) - t (%d) > maxMatchOff (%d)", s, t, e.maxMatchOff)
-			panic(err)
-		}
-		if len(src)-int(s) > maxCompressedBlockSize {
-			panic(fmt.Sprintf("len(src)-s (%d) > maxCompressedBlockSize (%d)", len(src)-int(s), maxCompressedBlockSize))
-		}
-	}
-	return int32(matchLen(src[s:], src[t:]))
-}
-
-// Reset the encoding table.
-func (e *fastBase) resetBase(d *dict, singleBlock bool) {
-	if e.blk == nil {
-		e.blk = &blockEnc{lowMem: e.lowMem}
-		e.blk.init()
-	} else {
-		e.blk.reset(nil)
-	}
-	e.blk.initNewEncode()
-	if e.crc == nil {
-		e.crc = xxhash.New()
-	} else {
-		e.crc.Reset()
-	}
-	e.blk.dictLitEnc = nil
-	if d != nil {
-		low := e.lowMem
-		if singleBlock {
-			e.lowMem = true
-		}
-		e.ensureHist(d.ContentSize() + maxCompressedBlockSize)
-		e.lowMem = low
-	}
-
-	// We offset current position so everything will be out of reach.
-	// If above reset line, history will be purged.
-	if e.cur < e.bufferReset {
-		e.cur += e.maxMatchOff + int32(len(e.hist))
-	}
-	e.hist = e.hist[:0]
-	if d != nil {
-		// Set offsets (currently not used)
-		for i, off := range d.offsets {
-			e.blk.recentOffsets[i] = uint32(off)
-			e.blk.prevRecentOffsets[i] = e.blk.recentOffsets[i]
-		}
-		// Transfer litenc.
-		e.blk.dictLitEnc = d.litEnc
-		e.hist = append(e.hist, d.content...)
-	}
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_best.go b/vendor/github.com/klauspost/compress/zstd/enc_best.go
deleted file mode 100644
index 4613724e9..000000000
--- a/vendor/github.com/klauspost/compress/zstd/enc_best.go
+++ /dev/null
@@ -1,560 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"bytes"
-	"fmt"
-
-	"github.com/klauspost/compress"
-)
-
-const (
-	bestLongTableBits = 22                     // Bits used in the long match table
-	bestLongTableSize = 1 << bestLongTableBits // Size of the table
-	bestLongLen       = 8                      // Bytes used for table hash
-
-	// Note: Increasing the short table bits or making the hash shorter
-	// can actually lead to compression degradation since it will 'steal' more from the
-	// long match table and match offsets are quite big.
-	// This greatly depends on the type of input.
-	bestShortTableBits = 18                      // Bits used in the short match table
-	bestShortTableSize = 1 << bestShortTableBits // Size of the table
-	bestShortLen       = 4                       // Bytes used for table hash
-
-)
-
-type match struct {
-	offset int32
-	s      int32
-	length int32
-	rep    int32
-	est    int32
-}
-
-const highScore = maxMatchLen * 8
-
-// estBits will estimate output bits from predefined tables.
-func (m *match) estBits(bitsPerByte int32) {
-	mlc := mlCode(uint32(m.length - zstdMinMatch))
-	var ofc uint8
-	if m.rep < 0 {
-		ofc = ofCode(uint32(m.s-m.offset) + 3)
-	} else {
-		ofc = ofCode(uint32(m.rep) & 3)
-	}
-	// Cost, excluding
-	ofTT, mlTT := fsePredefEnc[tableOffsets].ct.symbolTT[ofc], fsePredefEnc[tableMatchLengths].ct.symbolTT[mlc]
-
-	// Add cost of match encoding...
-	m.est = int32(ofTT.outBits + mlTT.outBits)
-	m.est += int32(ofTT.deltaNbBits>>16 + mlTT.deltaNbBits>>16)
-	// Subtract savings compared to literal encoding...
-	m.est -= (m.length * bitsPerByte) >> 10
-	if m.est > 0 {
-		// Unlikely gain..
-		m.length = 0
-		m.est = highScore
-	}
-}
-
-// bestFastEncoder uses 2 tables, one for short matches (5 bytes) and one for long matches.
-// The long match table contains the previous entry with the same hash,
-// effectively making it a "chain" of length 2.
-// When we find a long match we choose between the two values and select the longest.
-// When we find a short match, after checking the long, we check if we can find a long at n+1
-// and that it is longer (lazy matching).
-type bestFastEncoder struct {
-	fastBase
-	table         [bestShortTableSize]prevEntry
-	longTable     [bestLongTableSize]prevEntry
-	dictTable     []prevEntry
-	dictLongTable []prevEntry
-}
-
-// Encode improves compression...
-func (e *bestFastEncoder) Encode(blk *blockEnc, src []byte) {
-	const (
-		// Input margin is the number of bytes we read (8)
-		// and the maximum we will read ahead (2)
-		inputMargin            = 8 + 4
-		minNonLiteralBlockSize = 16
-	)
-
-	// Protect against e.cur wraparound.
-	for e.cur >= e.bufferReset-int32(len(e.hist)) {
-		if len(e.hist) == 0 {
-			e.table = [bestShortTableSize]prevEntry{}
-			e.longTable = [bestLongTableSize]prevEntry{}
-			e.cur = e.maxMatchOff
-			break
-		}
-		// Shift down everything in the table that isn't already too far away.
-		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
-		for i := range e.table[:] {
-			v := e.table[i].offset
-			v2 := e.table[i].prev
-			if v < minOff {
-				v = 0
-				v2 = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-				if v2 < minOff {
-					v2 = 0
-				} else {
-					v2 = v2 - e.cur + e.maxMatchOff
-				}
-			}
-			e.table[i] = prevEntry{
-				offset: v,
-				prev:   v2,
-			}
-		}
-		for i := range e.longTable[:] {
-			v := e.longTable[i].offset
-			v2 := e.longTable[i].prev
-			if v < minOff {
-				v = 0
-				v2 = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-				if v2 < minOff {
-					v2 = 0
-				} else {
-					v2 = v2 - e.cur + e.maxMatchOff
-				}
-			}
-			e.longTable[i] = prevEntry{
-				offset: v,
-				prev:   v2,
-			}
-		}
-		e.cur = e.maxMatchOff
-		break
-	}
-
-	// Add block to history
-	s := e.addBlock(src)
-	blk.size = len(src)
-
-	// Check RLE first
-	if len(src) > zstdMinMatch {
-		ml := matchLen(src[1:], src)
-		if ml == len(src)-1 {
-			blk.literals = append(blk.literals, src[0])
-			blk.sequences = append(blk.sequences, seq{litLen: 1, matchLen: uint32(len(src)-1) - zstdMinMatch, offset: 1 + 3})
-			return
-		}
-	}
-
-	if len(src) < minNonLiteralBlockSize {
-		blk.extraLits = len(src)
-		blk.literals = blk.literals[:len(src)]
-		copy(blk.literals, src)
-		return
-	}
-
-	// Use this to estimate literal cost.
-	// Scaled by 10 bits.
-	bitsPerByte := int32((compress.ShannonEntropyBits(src) * 1024) / len(src))
-	// Huffman can never go < 1 bit/byte
-	if bitsPerByte < 1024 {
-		bitsPerByte = 1024
-	}
-
-	// Override src
-	src = e.hist
-	sLimit := int32(len(src)) - inputMargin
-	const kSearchStrength = 10
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := s
-
-	// Relative offsets
-	offset1 := int32(blk.recentOffsets[0])
-	offset2 := int32(blk.recentOffsets[1])
-	offset3 := int32(blk.recentOffsets[2])
-
-	addLiterals := func(s *seq, until int32) {
-		if until == nextEmit {
-			return
-		}
-		blk.literals = append(blk.literals, src[nextEmit:until]...)
-		s.litLen = uint32(until - nextEmit)
-	}
-
-	if debugEncoder {
-		println("recent offsets:", blk.recentOffsets)
-	}
-
-encodeLoop:
-	for {
-		// We allow the encoder to optionally turn off repeat offsets across blocks
-		canRepeat := len(blk.sequences) > 2
-
-		if debugAsserts && canRepeat && offset1 == 0 {
-			panic("offset0 was 0")
-		}
-
-		const goodEnough = 250
-
-		cv := load6432(src, s)
-
-		nextHashL := hashLen(cv, bestLongTableBits, bestLongLen)
-		nextHashS := hashLen(cv, bestShortTableBits, bestShortLen)
-		candidateL := e.longTable[nextHashL]
-		candidateS := e.table[nextHashS]
-
-		// Set m to a match at offset if it looks like that will improve compression.
-		improve := func(m *match, offset int32, s int32, first uint32, rep int32) {
-			delta := s - offset
-			if delta >= e.maxMatchOff || delta <= 0 || load3232(src, offset) != first {
-				return
-			}
-			// Try to quick reject if we already have a long match.
-			if m.length > 16 {
-				left := len(src) - int(m.s+m.length)
-				// If we are too close to the end, keep as is.
-				if left <= 0 {
-					return
-				}
-				checkLen := m.length - (s - m.s) - 8
-				if left > 2 && checkLen > 4 {
-					// Check 4 bytes, 4 bytes from the end of the current match.
-					a := load3232(src, offset+checkLen)
-					b := load3232(src, s+checkLen)
-					if a != b {
-						return
-					}
-				}
-			}
-			l := 4 + e.matchlen(s+4, offset+4, src)
-			if m.rep <= 0 {
-				// Extend candidate match backwards as far as possible.
-				// Do not extend repeats as we can assume they are optimal
-				// and offsets change if s == nextEmit.
-				tMin := s - e.maxMatchOff
-				if tMin < 0 {
-					tMin = 0
-				}
-				for offset > tMin && s > nextEmit && src[offset-1] == src[s-1] && l < maxMatchLength {
-					s--
-					offset--
-					l++
-				}
-			}
-			if debugAsserts {
-				if offset >= s {
-					panic(fmt.Sprintf("offset: %d - s:%d - rep: %d - cur :%d - max: %d", offset, s, rep, e.cur, e.maxMatchOff))
-				}
-				if !bytes.Equal(src[s:s+l], src[offset:offset+l]) {
-					panic(fmt.Sprintf("second match mismatch: %v != %v, first: %08x", src[s:s+4], src[offset:offset+4], first))
-				}
-			}
-			cand := match{offset: offset, s: s, length: l, rep: rep}
-			cand.estBits(bitsPerByte)
-			if m.est >= highScore || cand.est-m.est+(cand.s-m.s)*bitsPerByte>>10 < 0 {
-				*m = cand
-			}
-		}
-
-		best := match{s: s, est: highScore}
-		improve(&best, candidateL.offset-e.cur, s, uint32(cv), -1)
-		improve(&best, candidateL.prev-e.cur, s, uint32(cv), -1)
-		improve(&best, candidateS.offset-e.cur, s, uint32(cv), -1)
-		improve(&best, candidateS.prev-e.cur, s, uint32(cv), -1)
-
-		if canRepeat && best.length < goodEnough {
-			if s == nextEmit {
-				// Check repeats straight after a match.
-				improve(&best, s-offset2, s, uint32(cv), 1|4)
-				improve(&best, s-offset3, s, uint32(cv), 2|4)
-				if offset1 > 1 {
-					improve(&best, s-(offset1-1), s, uint32(cv), 3|4)
-				}
-			}
-
-			// If either no match or a non-repeat match, check at + 1
-			if best.rep <= 0 {
-				cv32 := uint32(cv >> 8)
-				spp := s + 1
-				improve(&best, spp-offset1, spp, cv32, 1)
-				improve(&best, spp-offset2, spp, cv32, 2)
-				improve(&best, spp-offset3, spp, cv32, 3)
-				if best.rep < 0 {
-					cv32 = uint32(cv >> 24)
-					spp += 2
-					improve(&best, spp-offset1, spp, cv32, 1)
-					improve(&best, spp-offset2, spp, cv32, 2)
-					improve(&best, spp-offset3, spp, cv32, 3)
-				}
-			}
-		}
-		// Load next and check...
-		e.longTable[nextHashL] = prevEntry{offset: s + e.cur, prev: candidateL.offset}
-		e.table[nextHashS] = prevEntry{offset: s + e.cur, prev: candidateS.offset}
-		index0 := s + 1
-
-		// Look far ahead, unless we have a really long match already...
-		if best.length < goodEnough {
-			// No match found, move forward on input, no need to check forward...
-			if best.length < 4 {
-				s += 1 + (s-nextEmit)>>(kSearchStrength-1)
-				if s >= sLimit {
-					break encodeLoop
-				}
-				continue
-			}
-
-			candidateS = e.table[hashLen(cv>>8, bestShortTableBits, bestShortLen)]
-			cv = load6432(src, s+1)
-			cv2 := load6432(src, s+2)
-			candidateL = e.longTable[hashLen(cv, bestLongTableBits, bestLongLen)]
-			candidateL2 := e.longTable[hashLen(cv2, bestLongTableBits, bestLongLen)]
-
-			// Short at s+1
-			improve(&best, candidateS.offset-e.cur, s+1, uint32(cv), -1)
-			// Long at s+1, s+2
-			improve(&best, candidateL.offset-e.cur, s+1, uint32(cv), -1)
-			improve(&best, candidateL.prev-e.cur, s+1, uint32(cv), -1)
-			improve(&best, candidateL2.offset-e.cur, s+2, uint32(cv2), -1)
-			improve(&best, candidateL2.prev-e.cur, s+2, uint32(cv2), -1)
-			if false {
-				// Short at s+3.
-				// Too often worse...
-				improve(&best, e.table[hashLen(cv2>>8, bestShortTableBits, bestShortLen)].offset-e.cur, s+3, uint32(cv2>>8), -1)
-			}
-
-			// Start check at a fixed offset to allow for a few mismatches.
-			// For this compression level 2 yields the best results.
-			// We cannot do this if we have already indexed this position.
-			const skipBeginning = 2
-			if best.s > s-skipBeginning {
-				// See if we can find a better match by checking where the current best ends.
-				// Use that offset to see if we can find a better full match.
-				if sAt := best.s + best.length; sAt < sLimit {
-					nextHashL := hashLen(load6432(src, sAt), bestLongTableBits, bestLongLen)
-					candidateEnd := e.longTable[nextHashL]
-
-					if off := candidateEnd.offset - e.cur - best.length + skipBeginning; off >= 0 {
-						improve(&best, off, best.s+skipBeginning, load3232(src, best.s+skipBeginning), -1)
-						if off := candidateEnd.prev - e.cur - best.length + skipBeginning; off >= 0 {
-							improve(&best, off, best.s+skipBeginning, load3232(src, best.s+skipBeginning), -1)
-						}
-					}
-				}
-			}
-		}
-
-		if debugAsserts {
-			if best.offset >= best.s {
-				panic(fmt.Sprintf("best.offset > s: %d >= %d", best.offset, best.s))
-			}
-			if best.s < nextEmit {
-				panic(fmt.Sprintf("s %d < nextEmit %d", best.s, nextEmit))
-			}
-			if best.offset < s-e.maxMatchOff {
-				panic(fmt.Sprintf("best.offset < s-e.maxMatchOff: %d < %d", best.offset, s-e.maxMatchOff))
-			}
-			if !bytes.Equal(src[best.s:best.s+best.length], src[best.offset:best.offset+best.length]) {
-				panic(fmt.Sprintf("match mismatch: %v != %v", src[best.s:best.s+best.length], src[best.offset:best.offset+best.length]))
-			}
-		}
-
-		// We have a match, we can store the forward value
-		s = best.s
-		if best.rep > 0 {
-			var seq seq
-			seq.matchLen = uint32(best.length - zstdMinMatch)
-			addLiterals(&seq, best.s)
-
-			// Repeat. If bit 4 is set, this is a non-lit repeat.
-			seq.offset = uint32(best.rep & 3)
-			if debugSequences {
-				println("repeat sequence", seq, "next s:", best.s, "off:", best.s-best.offset)
-			}
-			blk.sequences = append(blk.sequences, seq)
-
-			// Index old s + 1 -> s - 1
-			s = best.s + best.length
-			nextEmit = s
-
-			// Index skipped...
-			end := s
-			if s > sLimit+4 {
-				end = sLimit + 4
-			}
-			off := index0 + e.cur
-			for index0 < end {
-				cv0 := load6432(src, index0)
-				h0 := hashLen(cv0, bestLongTableBits, bestLongLen)
-				h1 := hashLen(cv0, bestShortTableBits, bestShortLen)
-				e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
-				e.table[h1] = prevEntry{offset: off, prev: e.table[h1].offset}
-				off++
-				index0++
-			}
-
-			switch best.rep {
-			case 2, 4 | 1:
-				offset1, offset2 = offset2, offset1
-			case 3, 4 | 2:
-				offset1, offset2, offset3 = offset3, offset1, offset2
-			case 4 | 3:
-				offset1, offset2, offset3 = offset1-1, offset1, offset2
-			}
-			if s >= sLimit {
-				if debugEncoder {
-					println("repeat ended", s, best.length)
-				}
-				break encodeLoop
-			}
-			continue
-		}
-
-		// A 4-byte match has been found. Update recent offsets.
-		// We'll later see if more than 4 bytes.
-		t := best.offset
-		offset1, offset2, offset3 = s-t, offset1, offset2
-
-		if debugAsserts && s <= t {
-			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-		}
-
-		if debugAsserts && int(offset1) > len(src) {
-			panic("invalid offset")
-		}
-
-		// Write our sequence
-		var seq seq
-		l := best.length
-		seq.litLen = uint32(s - nextEmit)
-		seq.matchLen = uint32(l - zstdMinMatch)
-		if seq.litLen > 0 {
-			blk.literals = append(blk.literals, src[nextEmit:s]...)
-		}
-		seq.offset = uint32(s-t) + 3
-		s += l
-		if debugSequences {
-			println("sequence", seq, "next s:", s)
-		}
-		blk.sequences = append(blk.sequences, seq)
-		nextEmit = s
-
-		// Index old s + 1 -> s - 1 or sLimit
-		end := s
-		if s > sLimit-4 {
-			end = sLimit - 4
-		}
-
-		off := index0 + e.cur
-		for index0 < end {
-			cv0 := load6432(src, index0)
-			h0 := hashLen(cv0, bestLongTableBits, bestLongLen)
-			h1 := hashLen(cv0, bestShortTableBits, bestShortLen)
-			e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
-			e.table[h1] = prevEntry{offset: off, prev: e.table[h1].offset}
-			index0++
-			off++
-		}
-		if s >= sLimit {
-			break encodeLoop
-		}
-	}
-
-	if int(nextEmit) < len(src) {
-		blk.literals = append(blk.literals, src[nextEmit:]...)
-		blk.extraLits = len(src) - int(nextEmit)
-	}
-	blk.recentOffsets[0] = uint32(offset1)
-	blk.recentOffsets[1] = uint32(offset2)
-	blk.recentOffsets[2] = uint32(offset3)
-	if debugEncoder {
-		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
-	}
-}
-
-// EncodeNoHist will encode a block with no history and no following blocks.
-// Most notable difference is that src will not be copied for history and
-// we do not need to check for max match length.
-func (e *bestFastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
-	e.ensureHist(len(src))
-	e.Encode(blk, src)
-}
-
-// Reset will reset and set a dictionary if not nil
-func (e *bestFastEncoder) Reset(d *dict, singleBlock bool) {
-	e.resetBase(d, singleBlock)
-	if d == nil {
-		return
-	}
-	// Init or copy dict table
-	if len(e.dictTable) != len(e.table) || d.id != e.lastDictID {
-		if len(e.dictTable) != len(e.table) {
-			e.dictTable = make([]prevEntry, len(e.table))
-		}
-		end := int32(len(d.content)) - 8 + e.maxMatchOff
-		for i := e.maxMatchOff; i < end; i += 4 {
-			const hashLog = bestShortTableBits
-
-			cv := load6432(d.content, i-e.maxMatchOff)
-			nextHash := hashLen(cv, hashLog, bestShortLen)      // 0 -> 4
-			nextHash1 := hashLen(cv>>8, hashLog, bestShortLen)  // 1 -> 5
-			nextHash2 := hashLen(cv>>16, hashLog, bestShortLen) // 2 -> 6
-			nextHash3 := hashLen(cv>>24, hashLog, bestShortLen) // 3 -> 7
-			e.dictTable[nextHash] = prevEntry{
-				prev:   e.dictTable[nextHash].offset,
-				offset: i,
-			}
-			e.dictTable[nextHash1] = prevEntry{
-				prev:   e.dictTable[nextHash1].offset,
-				offset: i + 1,
-			}
-			e.dictTable[nextHash2] = prevEntry{
-				prev:   e.dictTable[nextHash2].offset,
-				offset: i + 2,
-			}
-			e.dictTable[nextHash3] = prevEntry{
-				prev:   e.dictTable[nextHash3].offset,
-				offset: i + 3,
-			}
-		}
-		e.lastDictID = d.id
-	}
-
-	// Init or copy dict table
-	if len(e.dictLongTable) != len(e.longTable) || d.id != e.lastDictID {
-		if len(e.dictLongTable) != len(e.longTable) {
-			e.dictLongTable = make([]prevEntry, len(e.longTable))
-		}
-		if len(d.content) >= 8 {
-			cv := load6432(d.content, 0)
-			h := hashLen(cv, bestLongTableBits, bestLongLen)
-			e.dictLongTable[h] = prevEntry{
-				offset: e.maxMatchOff,
-				prev:   e.dictLongTable[h].offset,
-			}
-
-			end := int32(len(d.content)) - 8 + e.maxMatchOff
-			off := 8 // First to read
-			for i := e.maxMatchOff + 1; i < end; i++ {
-				cv = cv>>8 | (uint64(d.content[off]) << 56)
-				h := hashLen(cv, bestLongTableBits, bestLongLen)
-				e.dictLongTable[h] = prevEntry{
-					offset: i,
-					prev:   e.dictLongTable[h].offset,
-				}
-				off++
-			}
-		}
-		e.lastDictID = d.id
-	}
-	// Reset table to initial state
-	copy(e.longTable[:], e.dictLongTable)
-
-	e.cur = e.maxMatchOff
-	// Reset table to initial state
-	copy(e.table[:], e.dictTable)
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_better.go b/vendor/github.com/klauspost/compress/zstd/enc_better.go
deleted file mode 100644
index 84a79fde7..000000000
--- a/vendor/github.com/klauspost/compress/zstd/enc_better.go
+++ /dev/null
@@ -1,1252 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import "fmt"
-
-const (
-	betterLongTableBits = 19                       // Bits used in the long match table
-	betterLongTableSize = 1 << betterLongTableBits // Size of the table
-	betterLongLen       = 8                        // Bytes used for table hash
-
-	// Note: Increasing the short table bits or making the hash shorter
-	// can actually lead to compression degradation since it will 'steal' more from the
-	// long match table and match offsets are quite big.
-	// This greatly depends on the type of input.
-	betterShortTableBits = 13                        // Bits used in the short match table
-	betterShortTableSize = 1 << betterShortTableBits // Size of the table
-	betterShortLen       = 5                         // Bytes used for table hash
-
-	betterLongTableShardCnt  = 1 << (betterLongTableBits - dictShardBits)    // Number of shards in the table
-	betterLongTableShardSize = betterLongTableSize / betterLongTableShardCnt // Size of an individual shard
-
-	betterShortTableShardCnt  = 1 << (betterShortTableBits - dictShardBits)     // Number of shards in the table
-	betterShortTableShardSize = betterShortTableSize / betterShortTableShardCnt // Size of an individual shard
-)
-
-type prevEntry struct {
-	offset int32
-	prev   int32
-}
-
-// betterFastEncoder uses 2 tables, one for short matches (5 bytes) and one for long matches.
-// The long match table contains the previous entry with the same hash,
-// effectively making it a "chain" of length 2.
-// When we find a long match we choose between the two values and select the longest.
-// When we find a short match, after checking the long, we check if we can find a long at n+1
-// and that it is longer (lazy matching).
-type betterFastEncoder struct {
-	fastBase
-	table     [betterShortTableSize]tableEntry
-	longTable [betterLongTableSize]prevEntry
-}
-
-type betterFastEncoderDict struct {
-	betterFastEncoder
-	dictTable            []tableEntry
-	dictLongTable        []prevEntry
-	shortTableShardDirty [betterShortTableShardCnt]bool
-	longTableShardDirty  [betterLongTableShardCnt]bool
-	allDirty             bool
-}
-
-// Encode improves compression...
-func (e *betterFastEncoder) Encode(blk *blockEnc, src []byte) {
-	const (
-		// Input margin is the number of bytes we read (8)
-		// and the maximum we will read ahead (2)
-		inputMargin            = 8 + 2
-		minNonLiteralBlockSize = 16
-	)
-
-	// Protect against e.cur wraparound.
-	for e.cur >= e.bufferReset-int32(len(e.hist)) {
-		if len(e.hist) == 0 {
-			e.table = [betterShortTableSize]tableEntry{}
-			e.longTable = [betterLongTableSize]prevEntry{}
-			e.cur = e.maxMatchOff
-			break
-		}
-		// Shift down everything in the table that isn't already too far away.
-		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
-		for i := range e.table[:] {
-			v := e.table[i].offset
-			if v < minOff {
-				v = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-			}
-			e.table[i].offset = v
-		}
-		for i := range e.longTable[:] {
-			v := e.longTable[i].offset
-			v2 := e.longTable[i].prev
-			if v < minOff {
-				v = 0
-				v2 = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-				if v2 < minOff {
-					v2 = 0
-				} else {
-					v2 = v2 - e.cur + e.maxMatchOff
-				}
-			}
-			e.longTable[i] = prevEntry{
-				offset: v,
-				prev:   v2,
-			}
-		}
-		e.cur = e.maxMatchOff
-		break
-	}
-	// Add block to history
-	s := e.addBlock(src)
-	blk.size = len(src)
-
-	// Check RLE first
-	if len(src) > zstdMinMatch {
-		ml := matchLen(src[1:], src)
-		if ml == len(src)-1 {
-			blk.literals = append(blk.literals, src[0])
-			blk.sequences = append(blk.sequences, seq{litLen: 1, matchLen: uint32(len(src)-1) - zstdMinMatch, offset: 1 + 3})
-			return
-		}
-	}
-
-	if len(src) < minNonLiteralBlockSize {
-		blk.extraLits = len(src)
-		blk.literals = blk.literals[:len(src)]
-		copy(blk.literals, src)
-		return
-	}
-
-	// Override src
-	src = e.hist
-	sLimit := int32(len(src)) - inputMargin
-	// stepSize is the number of bytes to skip on every main loop iteration.
-	// It should be >= 1.
-	const stepSize = 1
-
-	const kSearchStrength = 9
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := s
-	cv := load6432(src, s)
-
-	// Relative offsets
-	offset1 := int32(blk.recentOffsets[0])
-	offset2 := int32(blk.recentOffsets[1])
-
-	addLiterals := func(s *seq, until int32) {
-		if until == nextEmit {
-			return
-		}
-		blk.literals = append(blk.literals, src[nextEmit:until]...)
-		s.litLen = uint32(until - nextEmit)
-	}
-	if debugEncoder {
-		println("recent offsets:", blk.recentOffsets)
-	}
-
-encodeLoop:
-	for {
-		var t int32
-		// We allow the encoder to optionally turn off repeat offsets across blocks
-		canRepeat := len(blk.sequences) > 2
-		var matched, index0 int32
-
-		for {
-			if debugAsserts && canRepeat && offset1 == 0 {
-				panic("offset0 was 0")
-			}
-
-			nextHashL := hashLen(cv, betterLongTableBits, betterLongLen)
-			nextHashS := hashLen(cv, betterShortTableBits, betterShortLen)
-			candidateL := e.longTable[nextHashL]
-			candidateS := e.table[nextHashS]
-
-			const repOff = 1
-			repIndex := s - offset1 + repOff
-			off := s + e.cur
-			e.longTable[nextHashL] = prevEntry{offset: off, prev: candidateL.offset}
-			e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)}
-			index0 = s + 1
-
-			if canRepeat {
-				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
-					// Consider history as well.
-					var seq seq
-					length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
-
-					seq.matchLen = uint32(length - zstdMinMatch)
-
-					// We might be able to match backwards.
-					// Extend as long as we can.
-					start := s + repOff
-					// We end the search early, so we don't risk 0 literals
-					// and have to do special offset treatment.
-					startLimit := nextEmit + 1
-
-					tMin := s - e.maxMatchOff
-					if tMin < 0 {
-						tMin = 0
-					}
-					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
-						repIndex--
-						start--
-						seq.matchLen++
-					}
-					addLiterals(&seq, start)
-
-					// rep 0
-					seq.offset = 1
-					if debugSequences {
-						println("repeat sequence", seq, "next s:", s)
-					}
-					blk.sequences = append(blk.sequences, seq)
-
-					// Index match start+1 (long) -> s - 1
-					index0 := s + repOff
-					s += length + repOff
-
-					nextEmit = s
-					if s >= sLimit {
-						if debugEncoder {
-							println("repeat ended", s, length)
-
-						}
-						break encodeLoop
-					}
-					// Index skipped...
-					for index0 < s-1 {
-						cv0 := load6432(src, index0)
-						cv1 := cv0 >> 8
-						h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
-						off := index0 + e.cur
-						e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
-						e.table[hashLen(cv1, betterShortTableBits, betterShortLen)] = tableEntry{offset: off + 1, val: uint32(cv1)}
-						index0 += 2
-					}
-					cv = load6432(src, s)
-					continue
-				}
-				const repOff2 = 1
-
-				// We deviate from the reference encoder and also check offset 2.
-				// Still slower and not much better, so disabled.
-				// repIndex = s - offset2 + repOff2
-				if false && repIndex >= 0 && load6432(src, repIndex) == load6432(src, s+repOff) {
-					// Consider history as well.
-					var seq seq
-					length := 8 + e.matchlen(s+8+repOff2, repIndex+8, src)
-
-					seq.matchLen = uint32(length - zstdMinMatch)
-
-					// We might be able to match backwards.
-					// Extend as long as we can.
-					start := s + repOff2
-					// We end the search early, so we don't risk 0 literals
-					// and have to do special offset treatment.
-					startLimit := nextEmit + 1
-
-					tMin := s - e.maxMatchOff
-					if tMin < 0 {
-						tMin = 0
-					}
-					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
-						repIndex--
-						start--
-						seq.matchLen++
-					}
-					addLiterals(&seq, start)
-
-					// rep 2
-					seq.offset = 2
-					if debugSequences {
-						println("repeat sequence 2", seq, "next s:", s)
-					}
-					blk.sequences = append(blk.sequences, seq)
-
-					s += length + repOff2
-					nextEmit = s
-					if s >= sLimit {
-						if debugEncoder {
-							println("repeat ended", s, length)
-
-						}
-						break encodeLoop
-					}
-
-					// Index skipped...
-					for index0 < s-1 {
-						cv0 := load6432(src, index0)
-						cv1 := cv0 >> 8
-						h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
-						off := index0 + e.cur
-						e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
-						e.table[hashLen(cv1, betterShortTableBits, betterShortLen)] = tableEntry{offset: off + 1, val: uint32(cv1)}
-						index0 += 2
-					}
-					cv = load6432(src, s)
-					// Swap offsets
-					offset1, offset2 = offset2, offset1
-					continue
-				}
-			}
-			// Find the offsets of our two matches.
-			coffsetL := candidateL.offset - e.cur
-			coffsetLP := candidateL.prev - e.cur
-
-			// Check if we have a long match.
-			if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
-				// Found a long match, at least 8 bytes.
-				matched = e.matchlen(s+8, coffsetL+8, src) + 8
-				t = coffsetL
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugMatches {
-					println("long match")
-				}
-
-				if s-coffsetLP < e.maxMatchOff && cv == load6432(src, coffsetLP) {
-					// Found a long match, at least 8 bytes.
-					prevMatch := e.matchlen(s+8, coffsetLP+8, src) + 8
-					if prevMatch > matched {
-						matched = prevMatch
-						t = coffsetLP
-					}
-					if debugAsserts && s <= t {
-						panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-					}
-					if debugAsserts && s-t > e.maxMatchOff {
-						panic("s - t >e.maxMatchOff")
-					}
-					if debugMatches {
-						println("long match")
-					}
-				}
-				break
-			}
-
-			// Check if we have a long match on prev.
-			if s-coffsetLP < e.maxMatchOff && cv == load6432(src, coffsetLP) {
-				// Found a long match, at least 8 bytes.
-				matched = e.matchlen(s+8, coffsetLP+8, src) + 8
-				t = coffsetLP
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugMatches {
-					println("long match")
-				}
-				break
-			}
-
-			coffsetS := candidateS.offset - e.cur
-
-			// Check if we have a short match.
-			if s-coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
-				// found a regular match
-				matched = e.matchlen(s+4, coffsetS+4, src) + 4
-
-				// See if we can find a long match at s+1
-				const checkAt = 1
-				cv := load6432(src, s+checkAt)
-				nextHashL = hashLen(cv, betterLongTableBits, betterLongLen)
-				candidateL = e.longTable[nextHashL]
-				coffsetL = candidateL.offset - e.cur
-
-				// We can store it, since we have at least a 4 byte match.
-				e.longTable[nextHashL] = prevEntry{offset: s + checkAt + e.cur, prev: candidateL.offset}
-				if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
-					// Found a long match, at least 8 bytes.
-					matchedNext := e.matchlen(s+8+checkAt, coffsetL+8, src) + 8
-					if matchedNext > matched {
-						t = coffsetL
-						s += checkAt
-						matched = matchedNext
-						if debugMatches {
-							println("long match (after short)")
-						}
-						break
-					}
-				}
-
-				// Check prev long...
-				coffsetL = candidateL.prev - e.cur
-				if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
-					// Found a long match, at least 8 bytes.
-					matchedNext := e.matchlen(s+8+checkAt, coffsetL+8, src) + 8
-					if matchedNext > matched {
-						t = coffsetL
-						s += checkAt
-						matched = matchedNext
-						if debugMatches {
-							println("prev long match (after short)")
-						}
-						break
-					}
-				}
-				t = coffsetS
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugAsserts && t < 0 {
-					panic("t<0")
-				}
-				if debugMatches {
-					println("short match")
-				}
-				break
-			}
-
-			// No match found, move forward in input.
-			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
-			if s >= sLimit {
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-
-		// Try to find a better match by searching for a long match at the end of the current best match
-		if s+matched < sLimit {
-			// Allow some bytes at the beginning to mismatch.
-			// Sweet spot is around 3 bytes, but depends on input.
-			// The skipped bytes are tested in Extend backwards,
-			// and still picked up as part of the match if they do.
-			const skipBeginning = 3
-
-			nextHashL := hashLen(load6432(src, s+matched), betterLongTableBits, betterLongLen)
-			s2 := s + skipBeginning
-			cv := load3232(src, s2)
-			candidateL := e.longTable[nextHashL]
-			coffsetL := candidateL.offset - e.cur - matched + skipBeginning
-			if coffsetL >= 0 && coffsetL < s2 && s2-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
-				// Found a long match, at least 4 bytes.
-				matchedNext := e.matchlen(s2+4, coffsetL+4, src) + 4
-				if matchedNext > matched {
-					t = coffsetL
-					s = s2
-					matched = matchedNext
-					if debugMatches {
-						println("long match at end-of-match")
-					}
-				}
-			}
-
-			// Check prev long...
-			if true {
-				coffsetL = candidateL.prev - e.cur - matched + skipBeginning
-				if coffsetL >= 0 && coffsetL < s2 && s2-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
-					// Found a long match, at least 4 bytes.
-					matchedNext := e.matchlen(s2+4, coffsetL+4, src) + 4
-					if matchedNext > matched {
-						t = coffsetL
-						s = s2
-						matched = matchedNext
-						if debugMatches {
-							println("prev long match at end-of-match")
-						}
-					}
-				}
-			}
-		}
-		// A match has been found. Update recent offsets.
-		offset2 = offset1
-		offset1 = s - t
-
-		if debugAsserts && s <= t {
-			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-		}
-
-		if debugAsserts && canRepeat && int(offset1) > len(src) {
-			panic("invalid offset")
-		}
-
-		// Extend the n-byte match as long as possible.
-		l := matched
-
-		// Extend backwards
-		tMin := s - e.maxMatchOff
-		if tMin < 0 {
-			tMin = 0
-		}
-		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
-			s--
-			t--
-			l++
-		}
-
-		// Write our sequence
-		var seq seq
-		seq.litLen = uint32(s - nextEmit)
-		seq.matchLen = uint32(l - zstdMinMatch)
-		if seq.litLen > 0 {
-			blk.literals = append(blk.literals, src[nextEmit:s]...)
-		}
-		seq.offset = uint32(s-t) + 3
-		s += l
-		if debugSequences {
-			println("sequence", seq, "next s:", s)
-		}
-		blk.sequences = append(blk.sequences, seq)
-		nextEmit = s
-		if s >= sLimit {
-			break encodeLoop
-		}
-
-		// Index match start+1 (long) -> s - 1
-		off := index0 + e.cur
-		for index0 < s-1 {
-			cv0 := load6432(src, index0)
-			cv1 := cv0 >> 8
-			h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
-			e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
-			e.table[hashLen(cv1, betterShortTableBits, betterShortLen)] = tableEntry{offset: off + 1, val: uint32(cv1)}
-			index0 += 2
-			off += 2
-		}
-
-		cv = load6432(src, s)
-		if !canRepeat {
-			continue
-		}
-
-		// Check offset 2
-		for {
-			o2 := s - offset2
-			if load3232(src, o2) != uint32(cv) {
-				// Do regular search
-				break
-			}
-
-			// Store this, since we have it.
-			nextHashL := hashLen(cv, betterLongTableBits, betterLongLen)
-			nextHashS := hashLen(cv, betterShortTableBits, betterShortLen)
-
-			// We have at least 4 byte match.
-			// No need to check backwards. We come straight from a match
-			l := 4 + e.matchlen(s+4, o2+4, src)
-
-			e.longTable[nextHashL] = prevEntry{offset: s + e.cur, prev: e.longTable[nextHashL].offset}
-			e.table[nextHashS] = tableEntry{offset: s + e.cur, val: uint32(cv)}
-			seq.matchLen = uint32(l) - zstdMinMatch
-			seq.litLen = 0
-
-			// Since litlen is always 0, this is offset 1.
-			seq.offset = 1
-			s += l
-			nextEmit = s
-			if debugSequences {
-				println("sequence", seq, "next s:", s)
-			}
-			blk.sequences = append(blk.sequences, seq)
-
-			// Swap offset 1 and 2.
-			offset1, offset2 = offset2, offset1
-			if s >= sLimit {
-				// Finished
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-	}
-
-	if int(nextEmit) < len(src) {
-		blk.literals = append(blk.literals, src[nextEmit:]...)
-		blk.extraLits = len(src) - int(nextEmit)
-	}
-	blk.recentOffsets[0] = uint32(offset1)
-	blk.recentOffsets[1] = uint32(offset2)
-	if debugEncoder {
-		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
-	}
-}
-
-// EncodeNoHist will encode a block with no history and no following blocks.
-// Most notable difference is that src will not be copied for history and
-// we do not need to check for max match length.
-func (e *betterFastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
-	e.ensureHist(len(src))
-	e.Encode(blk, src)
-}
-
-// Encode improves compression...
-func (e *betterFastEncoderDict) Encode(blk *blockEnc, src []byte) {
-	const (
-		// Input margin is the number of bytes we read (8)
-		// and the maximum we will read ahead (2)
-		inputMargin            = 8 + 2
-		minNonLiteralBlockSize = 16
-	)
-
-	// Protect against e.cur wraparound.
-	for e.cur >= e.bufferReset-int32(len(e.hist)) {
-		if len(e.hist) == 0 {
-			for i := range e.table[:] {
-				e.table[i] = tableEntry{}
-			}
-			for i := range e.longTable[:] {
-				e.longTable[i] = prevEntry{}
-			}
-			e.cur = e.maxMatchOff
-			e.allDirty = true
-			break
-		}
-		// Shift down everything in the table that isn't already too far away.
-		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
-		for i := range e.table[:] {
-			v := e.table[i].offset
-			if v < minOff {
-				v = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-			}
-			e.table[i].offset = v
-		}
-		for i := range e.longTable[:] {
-			v := e.longTable[i].offset
-			v2 := e.longTable[i].prev
-			if v < minOff {
-				v = 0
-				v2 = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-				if v2 < minOff {
-					v2 = 0
-				} else {
-					v2 = v2 - e.cur + e.maxMatchOff
-				}
-			}
-			e.longTable[i] = prevEntry{
-				offset: v,
-				prev:   v2,
-			}
-		}
-		e.allDirty = true
-		e.cur = e.maxMatchOff
-		break
-	}
-
-	s := e.addBlock(src)
-	blk.size = len(src)
-	if len(src) < minNonLiteralBlockSize {
-		blk.extraLits = len(src)
-		blk.literals = blk.literals[:len(src)]
-		copy(blk.literals, src)
-		return
-	}
-
-	// Override src
-	src = e.hist
-	sLimit := int32(len(src)) - inputMargin
-	// stepSize is the number of bytes to skip on every main loop iteration.
-	// It should be >= 1.
-	const stepSize = 1
-
-	const kSearchStrength = 9
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := s
-	cv := load6432(src, s)
-
-	// Relative offsets
-	offset1 := int32(blk.recentOffsets[0])
-	offset2 := int32(blk.recentOffsets[1])
-
-	addLiterals := func(s *seq, until int32) {
-		if until == nextEmit {
-			return
-		}
-		blk.literals = append(blk.literals, src[nextEmit:until]...)
-		s.litLen = uint32(until - nextEmit)
-	}
-	if debugEncoder {
-		println("recent offsets:", blk.recentOffsets)
-	}
-
-encodeLoop:
-	for {
-		var t int32
-		// We allow the encoder to optionally turn off repeat offsets across blocks
-		canRepeat := len(blk.sequences) > 2
-		var matched, index0 int32
-
-		for {
-			if debugAsserts && canRepeat && offset1 == 0 {
-				panic("offset0 was 0")
-			}
-
-			nextHashL := hashLen(cv, betterLongTableBits, betterLongLen)
-			nextHashS := hashLen(cv, betterShortTableBits, betterShortLen)
-			candidateL := e.longTable[nextHashL]
-			candidateS := e.table[nextHashS]
-
-			const repOff = 1
-			repIndex := s - offset1 + repOff
-			off := s + e.cur
-			e.longTable[nextHashL] = prevEntry{offset: off, prev: candidateL.offset}
-			e.markLongShardDirty(nextHashL)
-			e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)}
-			e.markShortShardDirty(nextHashS)
-			index0 = s + 1
-
-			if canRepeat {
-				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
-					// Consider history as well.
-					var seq seq
-					length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
-
-					seq.matchLen = uint32(length - zstdMinMatch)
-
-					// We might be able to match backwards.
-					// Extend as long as we can.
-					start := s + repOff
-					// We end the search early, so we don't risk 0 literals
-					// and have to do special offset treatment.
-					startLimit := nextEmit + 1
-
-					tMin := s - e.maxMatchOff
-					if tMin < 0 {
-						tMin = 0
-					}
-					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
-						repIndex--
-						start--
-						seq.matchLen++
-					}
-					addLiterals(&seq, start)
-
-					// rep 0
-					seq.offset = 1
-					if debugSequences {
-						println("repeat sequence", seq, "next s:", s)
-					}
-					blk.sequences = append(blk.sequences, seq)
-
-					// Index match start+1 (long) -> s - 1
-					s += length + repOff
-
-					nextEmit = s
-					if s >= sLimit {
-						if debugEncoder {
-							println("repeat ended", s, length)
-
-						}
-						break encodeLoop
-					}
-					// Index skipped...
-					for index0 < s-1 {
-						cv0 := load6432(src, index0)
-						cv1 := cv0 >> 8
-						h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
-						off := index0 + e.cur
-						e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
-						e.markLongShardDirty(h0)
-						h1 := hashLen(cv1, betterShortTableBits, betterShortLen)
-						e.table[h1] = tableEntry{offset: off + 1, val: uint32(cv1)}
-						e.markShortShardDirty(h1)
-						index0 += 2
-					}
-					cv = load6432(src, s)
-					continue
-				}
-				const repOff2 = 1
-
-				// We deviate from the reference encoder and also check offset 2.
-				// Still slower and not much better, so disabled.
-				// repIndex = s - offset2 + repOff2
-				if false && repIndex >= 0 && load6432(src, repIndex) == load6432(src, s+repOff) {
-					// Consider history as well.
-					var seq seq
-					length := 8 + e.matchlen(s+8+repOff2, repIndex+8, src)
-
-					seq.matchLen = uint32(length - zstdMinMatch)
-
-					// We might be able to match backwards.
-					// Extend as long as we can.
-					start := s + repOff2
-					// We end the search early, so we don't risk 0 literals
-					// and have to do special offset treatment.
-					startLimit := nextEmit + 1
-
-					tMin := s - e.maxMatchOff
-					if tMin < 0 {
-						tMin = 0
-					}
-					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
-						repIndex--
-						start--
-						seq.matchLen++
-					}
-					addLiterals(&seq, start)
-
-					// rep 2
-					seq.offset = 2
-					if debugSequences {
-						println("repeat sequence 2", seq, "next s:", s)
-					}
-					blk.sequences = append(blk.sequences, seq)
-
-					s += length + repOff2
-					nextEmit = s
-					if s >= sLimit {
-						if debugEncoder {
-							println("repeat ended", s, length)
-
-						}
-						break encodeLoop
-					}
-
-					// Index skipped...
-					for index0 < s-1 {
-						cv0 := load6432(src, index0)
-						cv1 := cv0 >> 8
-						h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
-						off := index0 + e.cur
-						e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
-						e.markLongShardDirty(h0)
-						h1 := hashLen(cv1, betterShortTableBits, betterShortLen)
-						e.table[h1] = tableEntry{offset: off + 1, val: uint32(cv1)}
-						e.markShortShardDirty(h1)
-						index0 += 2
-					}
-					cv = load6432(src, s)
-					// Swap offsets
-					offset1, offset2 = offset2, offset1
-					continue
-				}
-			}
-			// Find the offsets of our two matches.
-			coffsetL := candidateL.offset - e.cur
-			coffsetLP := candidateL.prev - e.cur
-
-			// Check if we have a long match.
-			if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
-				// Found a long match, at least 8 bytes.
-				matched = e.matchlen(s+8, coffsetL+8, src) + 8
-				t = coffsetL
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugMatches {
-					println("long match")
-				}
-
-				if s-coffsetLP < e.maxMatchOff && cv == load6432(src, coffsetLP) {
-					// Found a long match, at least 8 bytes.
-					prevMatch := e.matchlen(s+8, coffsetLP+8, src) + 8
-					if prevMatch > matched {
-						matched = prevMatch
-						t = coffsetLP
-					}
-					if debugAsserts && s <= t {
-						panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-					}
-					if debugAsserts && s-t > e.maxMatchOff {
-						panic("s - t >e.maxMatchOff")
-					}
-					if debugMatches {
-						println("long match")
-					}
-				}
-				break
-			}
-
-			// Check if we have a long match on prev.
-			if s-coffsetLP < e.maxMatchOff && cv == load6432(src, coffsetLP) {
-				// Found a long match, at least 8 bytes.
-				matched = e.matchlen(s+8, coffsetLP+8, src) + 8
-				t = coffsetLP
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugMatches {
-					println("long match")
-				}
-				break
-			}
-
-			coffsetS := candidateS.offset - e.cur
-
-			// Check if we have a short match.
-			if s-coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
-				// found a regular match
-				matched = e.matchlen(s+4, coffsetS+4, src) + 4
-
-				// See if we can find a long match at s+1
-				const checkAt = 1
-				cv := load6432(src, s+checkAt)
-				nextHashL = hashLen(cv, betterLongTableBits, betterLongLen)
-				candidateL = e.longTable[nextHashL]
-				coffsetL = candidateL.offset - e.cur
-
-				// We can store it, since we have at least a 4 byte match.
-				e.longTable[nextHashL] = prevEntry{offset: s + checkAt + e.cur, prev: candidateL.offset}
-				e.markLongShardDirty(nextHashL)
-				if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
-					// Found a long match, at least 8 bytes.
-					matchedNext := e.matchlen(s+8+checkAt, coffsetL+8, src) + 8
-					if matchedNext > matched {
-						t = coffsetL
-						s += checkAt
-						matched = matchedNext
-						if debugMatches {
-							println("long match (after short)")
-						}
-						break
-					}
-				}
-
-				// Check prev long...
-				coffsetL = candidateL.prev - e.cur
-				if s-coffsetL < e.maxMatchOff && cv == load6432(src, coffsetL) {
-					// Found a long match, at least 8 bytes.
-					matchedNext := e.matchlen(s+8+checkAt, coffsetL+8, src) + 8
-					if matchedNext > matched {
-						t = coffsetL
-						s += checkAt
-						matched = matchedNext
-						if debugMatches {
-							println("prev long match (after short)")
-						}
-						break
-					}
-				}
-				t = coffsetS
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugAsserts && t < 0 {
-					panic("t<0")
-				}
-				if debugMatches {
-					println("short match")
-				}
-				break
-			}
-
-			// No match found, move forward in input.
-			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
-			if s >= sLimit {
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-		// Try to find a better match by searching for a long match at the end of the current best match
-		if s+matched < sLimit {
-			nextHashL := hashLen(load6432(src, s+matched), betterLongTableBits, betterLongLen)
-			cv := load3232(src, s)
-			candidateL := e.longTable[nextHashL]
-			coffsetL := candidateL.offset - e.cur - matched
-			if coffsetL >= 0 && coffsetL < s && s-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
-				// Found a long match, at least 4 bytes.
-				matchedNext := e.matchlen(s+4, coffsetL+4, src) + 4
-				if matchedNext > matched {
-					t = coffsetL
-					matched = matchedNext
-					if debugMatches {
-						println("long match at end-of-match")
-					}
-				}
-			}
-
-			// Check prev long...
-			if true {
-				coffsetL = candidateL.prev - e.cur - matched
-				if coffsetL >= 0 && coffsetL < s && s-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
-					// Found a long match, at least 4 bytes.
-					matchedNext := e.matchlen(s+4, coffsetL+4, src) + 4
-					if matchedNext > matched {
-						t = coffsetL
-						matched = matchedNext
-						if debugMatches {
-							println("prev long match at end-of-match")
-						}
-					}
-				}
-			}
-		}
-		// A match has been found. Update recent offsets.
-		offset2 = offset1
-		offset1 = s - t
-
-		if debugAsserts && s <= t {
-			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-		}
-
-		if debugAsserts && canRepeat && int(offset1) > len(src) {
-			panic("invalid offset")
-		}
-
-		// Extend the n-byte match as long as possible.
-		l := matched
-
-		// Extend backwards
-		tMin := s - e.maxMatchOff
-		if tMin < 0 {
-			tMin = 0
-		}
-		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
-			s--
-			t--
-			l++
-		}
-
-		// Write our sequence
-		var seq seq
-		seq.litLen = uint32(s - nextEmit)
-		seq.matchLen = uint32(l - zstdMinMatch)
-		if seq.litLen > 0 {
-			blk.literals = append(blk.literals, src[nextEmit:s]...)
-		}
-		seq.offset = uint32(s-t) + 3
-		s += l
-		if debugSequences {
-			println("sequence", seq, "next s:", s)
-		}
-		blk.sequences = append(blk.sequences, seq)
-		nextEmit = s
-		if s >= sLimit {
-			break encodeLoop
-		}
-
-		// Index match start+1 (long) -> s - 1
-		off := index0 + e.cur
-		for index0 < s-1 {
-			cv0 := load6432(src, index0)
-			cv1 := cv0 >> 8
-			h0 := hashLen(cv0, betterLongTableBits, betterLongLen)
-			e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset}
-			e.markLongShardDirty(h0)
-			h1 := hashLen(cv1, betterShortTableBits, betterShortLen)
-			e.table[h1] = tableEntry{offset: off + 1, val: uint32(cv1)}
-			e.markShortShardDirty(h1)
-			index0 += 2
-			off += 2
-		}
-
-		cv = load6432(src, s)
-		if !canRepeat {
-			continue
-		}
-
-		// Check offset 2
-		for {
-			o2 := s - offset2
-			if load3232(src, o2) != uint32(cv) {
-				// Do regular search
-				break
-			}
-
-			// Store this, since we have it.
-			nextHashL := hashLen(cv, betterLongTableBits, betterLongLen)
-			nextHashS := hashLen(cv, betterShortTableBits, betterShortLen)
-
-			// We have at least 4 byte match.
-			// No need to check backwards. We come straight from a match
-			l := 4 + e.matchlen(s+4, o2+4, src)
-
-			e.longTable[nextHashL] = prevEntry{offset: s + e.cur, prev: e.longTable[nextHashL].offset}
-			e.markLongShardDirty(nextHashL)
-			e.table[nextHashS] = tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.markShortShardDirty(nextHashS)
-			seq.matchLen = uint32(l) - zstdMinMatch
-			seq.litLen = 0
-
-			// Since litlen is always 0, this is offset 1.
-			seq.offset = 1
-			s += l
-			nextEmit = s
-			if debugSequences {
-				println("sequence", seq, "next s:", s)
-			}
-			blk.sequences = append(blk.sequences, seq)
-
-			// Swap offset 1 and 2.
-			offset1, offset2 = offset2, offset1
-			if s >= sLimit {
-				// Finished
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-	}
-
-	if int(nextEmit) < len(src) {
-		blk.literals = append(blk.literals, src[nextEmit:]...)
-		blk.extraLits = len(src) - int(nextEmit)
-	}
-	blk.recentOffsets[0] = uint32(offset1)
-	blk.recentOffsets[1] = uint32(offset2)
-	if debugEncoder {
-		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
-	}
-}
-
-// ResetDict will reset and set a dictionary if not nil
-func (e *betterFastEncoder) Reset(d *dict, singleBlock bool) {
-	e.resetBase(d, singleBlock)
-	if d != nil {
-		panic("betterFastEncoder: Reset with dict")
-	}
-}
-
-// ResetDict will reset and set a dictionary if not nil
-func (e *betterFastEncoderDict) Reset(d *dict, singleBlock bool) {
-	e.resetBase(d, singleBlock)
-	if d == nil {
-		return
-	}
-	// Init or copy dict table
-	if len(e.dictTable) != len(e.table) || d.id != e.lastDictID {
-		if len(e.dictTable) != len(e.table) {
-			e.dictTable = make([]tableEntry, len(e.table))
-		}
-		end := int32(len(d.content)) - 8 + e.maxMatchOff
-		for i := e.maxMatchOff; i < end; i += 4 {
-			const hashLog = betterShortTableBits
-
-			cv := load6432(d.content, i-e.maxMatchOff)
-			nextHash := hashLen(cv, hashLog, betterShortLen)      // 0 -> 4
-			nextHash1 := hashLen(cv>>8, hashLog, betterShortLen)  // 1 -> 5
-			nextHash2 := hashLen(cv>>16, hashLog, betterShortLen) // 2 -> 6
-			nextHash3 := hashLen(cv>>24, hashLog, betterShortLen) // 3 -> 7
-			e.dictTable[nextHash] = tableEntry{
-				val:    uint32(cv),
-				offset: i,
-			}
-			e.dictTable[nextHash1] = tableEntry{
-				val:    uint32(cv >> 8),
-				offset: i + 1,
-			}
-			e.dictTable[nextHash2] = tableEntry{
-				val:    uint32(cv >> 16),
-				offset: i + 2,
-			}
-			e.dictTable[nextHash3] = tableEntry{
-				val:    uint32(cv >> 24),
-				offset: i + 3,
-			}
-		}
-		e.lastDictID = d.id
-		e.allDirty = true
-	}
-
-	// Init or copy dict table
-	if len(e.dictLongTable) != len(e.longTable) || d.id != e.lastDictID {
-		if len(e.dictLongTable) != len(e.longTable) {
-			e.dictLongTable = make([]prevEntry, len(e.longTable))
-		}
-		if len(d.content) >= 8 {
-			cv := load6432(d.content, 0)
-			h := hashLen(cv, betterLongTableBits, betterLongLen)
-			e.dictLongTable[h] = prevEntry{
-				offset: e.maxMatchOff,
-				prev:   e.dictLongTable[h].offset,
-			}
-
-			end := int32(len(d.content)) - 8 + e.maxMatchOff
-			off := 8 // First to read
-			for i := e.maxMatchOff + 1; i < end; i++ {
-				cv = cv>>8 | (uint64(d.content[off]) << 56)
-				h := hashLen(cv, betterLongTableBits, betterLongLen)
-				e.dictLongTable[h] = prevEntry{
-					offset: i,
-					prev:   e.dictLongTable[h].offset,
-				}
-				off++
-			}
-		}
-		e.lastDictID = d.id
-		e.allDirty = true
-	}
-
-	// Reset table to initial state
-	{
-		dirtyShardCnt := 0
-		if !e.allDirty {
-			for i := range e.shortTableShardDirty {
-				if e.shortTableShardDirty[i] {
-					dirtyShardCnt++
-				}
-			}
-		}
-		const shardCnt = betterShortTableShardCnt
-		const shardSize = betterShortTableShardSize
-		if e.allDirty || dirtyShardCnt > shardCnt*4/6 {
-			copy(e.table[:], e.dictTable)
-			for i := range e.shortTableShardDirty {
-				e.shortTableShardDirty[i] = false
-			}
-		} else {
-			for i := range e.shortTableShardDirty {
-				if !e.shortTableShardDirty[i] {
-					continue
-				}
-
-				copy(e.table[i*shardSize:(i+1)*shardSize], e.dictTable[i*shardSize:(i+1)*shardSize])
-				e.shortTableShardDirty[i] = false
-			}
-		}
-	}
-	{
-		dirtyShardCnt := 0
-		if !e.allDirty {
-			for i := range e.shortTableShardDirty {
-				if e.shortTableShardDirty[i] {
-					dirtyShardCnt++
-				}
-			}
-		}
-		const shardCnt = betterLongTableShardCnt
-		const shardSize = betterLongTableShardSize
-		if e.allDirty || dirtyShardCnt > shardCnt*4/6 {
-			copy(e.longTable[:], e.dictLongTable)
-			for i := range e.longTableShardDirty {
-				e.longTableShardDirty[i] = false
-			}
-		} else {
-			for i := range e.longTableShardDirty {
-				if !e.longTableShardDirty[i] {
-					continue
-				}
-
-				copy(e.longTable[i*shardSize:(i+1)*shardSize], e.dictLongTable[i*shardSize:(i+1)*shardSize])
-				e.longTableShardDirty[i] = false
-			}
-		}
-	}
-	e.cur = e.maxMatchOff
-	e.allDirty = false
-}
-
-func (e *betterFastEncoderDict) markLongShardDirty(entryNum uint32) {
-	e.longTableShardDirty[entryNum/betterLongTableShardSize] = true
-}
-
-func (e *betterFastEncoderDict) markShortShardDirty(entryNum uint32) {
-	e.shortTableShardDirty[entryNum/betterShortTableShardSize] = true
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_dfast.go b/vendor/github.com/klauspost/compress/zstd/enc_dfast.go
deleted file mode 100644
index d36be7bd8..000000000
--- a/vendor/github.com/klauspost/compress/zstd/enc_dfast.go
+++ /dev/null
@@ -1,1123 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import "fmt"
-
-const (
-	dFastLongTableBits = 17                      // Bits used in the long match table
-	dFastLongTableSize = 1 << dFastLongTableBits // Size of the table
-	dFastLongTableMask = dFastLongTableSize - 1  // Mask for table indices. Redundant, but can eliminate bounds checks.
-	dFastLongLen       = 8                       // Bytes used for table hash
-
-	dLongTableShardCnt  = 1 << (dFastLongTableBits - dictShardBits) // Number of shards in the table
-	dLongTableShardSize = dFastLongTableSize / tableShardCnt        // Size of an individual shard
-
-	dFastShortTableBits = tableBits                // Bits used in the short match table
-	dFastShortTableSize = 1 << dFastShortTableBits // Size of the table
-	dFastShortTableMask = dFastShortTableSize - 1  // Mask for table indices. Redundant, but can eliminate bounds checks.
-	dFastShortLen       = 5                        // Bytes used for table hash
-
-)
-
-type doubleFastEncoder struct {
-	fastEncoder
-	longTable [dFastLongTableSize]tableEntry
-}
-
-type doubleFastEncoderDict struct {
-	fastEncoderDict
-	longTable           [dFastLongTableSize]tableEntry
-	dictLongTable       []tableEntry
-	longTableShardDirty [dLongTableShardCnt]bool
-}
-
-// Encode mimmics functionality in zstd_dfast.c
-func (e *doubleFastEncoder) Encode(blk *blockEnc, src []byte) {
-	const (
-		// Input margin is the number of bytes we read (8)
-		// and the maximum we will read ahead (2)
-		inputMargin            = 8 + 2
-		minNonLiteralBlockSize = 16
-	)
-
-	// Protect against e.cur wraparound.
-	for e.cur >= e.bufferReset-int32(len(e.hist)) {
-		if len(e.hist) == 0 {
-			e.table = [dFastShortTableSize]tableEntry{}
-			e.longTable = [dFastLongTableSize]tableEntry{}
-			e.cur = e.maxMatchOff
-			break
-		}
-		// Shift down everything in the table that isn't already too far away.
-		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
-		for i := range e.table[:] {
-			v := e.table[i].offset
-			if v < minOff {
-				v = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-			}
-			e.table[i].offset = v
-		}
-		for i := range e.longTable[:] {
-			v := e.longTable[i].offset
-			if v < minOff {
-				v = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-			}
-			e.longTable[i].offset = v
-		}
-		e.cur = e.maxMatchOff
-		break
-	}
-
-	s := e.addBlock(src)
-	blk.size = len(src)
-	if len(src) < minNonLiteralBlockSize {
-		blk.extraLits = len(src)
-		blk.literals = blk.literals[:len(src)]
-		copy(blk.literals, src)
-		return
-	}
-
-	// Override src
-	src = e.hist
-	sLimit := int32(len(src)) - inputMargin
-	// stepSize is the number of bytes to skip on every main loop iteration.
-	// It should be >= 1.
-	const stepSize = 1
-
-	const kSearchStrength = 8
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := s
-	cv := load6432(src, s)
-
-	// Relative offsets
-	offset1 := int32(blk.recentOffsets[0])
-	offset2 := int32(blk.recentOffsets[1])
-
-	addLiterals := func(s *seq, until int32) {
-		if until == nextEmit {
-			return
-		}
-		blk.literals = append(blk.literals, src[nextEmit:until]...)
-		s.litLen = uint32(until - nextEmit)
-	}
-	if debugEncoder {
-		println("recent offsets:", blk.recentOffsets)
-	}
-
-encodeLoop:
-	for {
-		var t int32
-		// We allow the encoder to optionally turn off repeat offsets across blocks
-		canRepeat := len(blk.sequences) > 2
-
-		for {
-			if debugAsserts && canRepeat && offset1 == 0 {
-				panic("offset0 was 0")
-			}
-
-			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
-			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
-			candidateL := e.longTable[nextHashL]
-			candidateS := e.table[nextHashS]
-
-			const repOff = 1
-			repIndex := s - offset1 + repOff
-			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.longTable[nextHashL] = entry
-			e.table[nextHashS] = entry
-
-			if canRepeat {
-				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
-					// Consider history as well.
-					var seq seq
-					length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
-
-					seq.matchLen = uint32(length - zstdMinMatch)
-
-					// We might be able to match backwards.
-					// Extend as long as we can.
-					start := s + repOff
-					// We end the search early, so we don't risk 0 literals
-					// and have to do special offset treatment.
-					startLimit := nextEmit + 1
-
-					tMin := s - e.maxMatchOff
-					if tMin < 0 {
-						tMin = 0
-					}
-					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
-						repIndex--
-						start--
-						seq.matchLen++
-					}
-					addLiterals(&seq, start)
-
-					// rep 0
-					seq.offset = 1
-					if debugSequences {
-						println("repeat sequence", seq, "next s:", s)
-					}
-					blk.sequences = append(blk.sequences, seq)
-					s += length + repOff
-					nextEmit = s
-					if s >= sLimit {
-						if debugEncoder {
-							println("repeat ended", s, length)
-
-						}
-						break encodeLoop
-					}
-					cv = load6432(src, s)
-					continue
-				}
-			}
-			// Find the offsets of our two matches.
-			coffsetL := s - (candidateL.offset - e.cur)
-			coffsetS := s - (candidateS.offset - e.cur)
-
-			// Check if we have a long match.
-			if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
-				// Found a long match, likely at least 8 bytes.
-				// Reference encoder checks all 8 bytes, we only check 4,
-				// but the likelihood of both the first 4 bytes and the hash matching should be enough.
-				t = candidateL.offset - e.cur
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugMatches {
-					println("long match")
-				}
-				break
-			}
-
-			// Check if we have a short match.
-			if coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
-				// found a regular match
-				// See if we can find a long match at s+1
-				const checkAt = 1
-				cv := load6432(src, s+checkAt)
-				nextHashL = hashLen(cv, dFastLongTableBits, dFastLongLen)
-				candidateL = e.longTable[nextHashL]
-				coffsetL = s - (candidateL.offset - e.cur) + checkAt
-
-				// We can store it, since we have at least a 4 byte match.
-				e.longTable[nextHashL] = tableEntry{offset: s + checkAt + e.cur, val: uint32(cv)}
-				if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
-					// Found a long match, likely at least 8 bytes.
-					// Reference encoder checks all 8 bytes, we only check 4,
-					// but the likelihood of both the first 4 bytes and the hash matching should be enough.
-					t = candidateL.offset - e.cur
-					s += checkAt
-					if debugMatches {
-						println("long match (after short)")
-					}
-					break
-				}
-
-				t = candidateS.offset - e.cur
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugAsserts && t < 0 {
-					panic("t<0")
-				}
-				if debugMatches {
-					println("short match")
-				}
-				break
-			}
-
-			// No match found, move forward in input.
-			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
-			if s >= sLimit {
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-
-		// A 4-byte match has been found. Update recent offsets.
-		// We'll later see if more than 4 bytes.
-		offset2 = offset1
-		offset1 = s - t
-
-		if debugAsserts && s <= t {
-			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-		}
-
-		if debugAsserts && canRepeat && int(offset1) > len(src) {
-			panic("invalid offset")
-		}
-
-		// Extend the 4-byte match as long as possible.
-		l := e.matchlen(s+4, t+4, src) + 4
-
-		// Extend backwards
-		tMin := s - e.maxMatchOff
-		if tMin < 0 {
-			tMin = 0
-		}
-		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
-			s--
-			t--
-			l++
-		}
-
-		// Write our sequence
-		var seq seq
-		seq.litLen = uint32(s - nextEmit)
-		seq.matchLen = uint32(l - zstdMinMatch)
-		if seq.litLen > 0 {
-			blk.literals = append(blk.literals, src[nextEmit:s]...)
-		}
-		seq.offset = uint32(s-t) + 3
-		s += l
-		if debugSequences {
-			println("sequence", seq, "next s:", s)
-		}
-		blk.sequences = append(blk.sequences, seq)
-		nextEmit = s
-		if s >= sLimit {
-			break encodeLoop
-		}
-
-		// Index match start+1 (long) and start+2 (short)
-		index0 := s - l + 1
-		// Index match end-2 (long) and end-1 (short)
-		index1 := s - 2
-
-		cv0 := load6432(src, index0)
-		cv1 := load6432(src, index1)
-		te0 := tableEntry{offset: index0 + e.cur, val: uint32(cv0)}
-		te1 := tableEntry{offset: index1 + e.cur, val: uint32(cv1)}
-		e.longTable[hashLen(cv0, dFastLongTableBits, dFastLongLen)] = te0
-		e.longTable[hashLen(cv1, dFastLongTableBits, dFastLongLen)] = te1
-		cv0 >>= 8
-		cv1 >>= 8
-		te0.offset++
-		te1.offset++
-		te0.val = uint32(cv0)
-		te1.val = uint32(cv1)
-		e.table[hashLen(cv0, dFastShortTableBits, dFastShortLen)] = te0
-		e.table[hashLen(cv1, dFastShortTableBits, dFastShortLen)] = te1
-
-		cv = load6432(src, s)
-
-		if !canRepeat {
-			continue
-		}
-
-		// Check offset 2
-		for {
-			o2 := s - offset2
-			if load3232(src, o2) != uint32(cv) {
-				// Do regular search
-				break
-			}
-
-			// Store this, since we have it.
-			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
-			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
-
-			// We have at least 4 byte match.
-			// No need to check backwards. We come straight from a match
-			l := 4 + e.matchlen(s+4, o2+4, src)
-
-			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.longTable[nextHashL] = entry
-			e.table[nextHashS] = entry
-			seq.matchLen = uint32(l) - zstdMinMatch
-			seq.litLen = 0
-
-			// Since litlen is always 0, this is offset 1.
-			seq.offset = 1
-			s += l
-			nextEmit = s
-			if debugSequences {
-				println("sequence", seq, "next s:", s)
-			}
-			blk.sequences = append(blk.sequences, seq)
-
-			// Swap offset 1 and 2.
-			offset1, offset2 = offset2, offset1
-			if s >= sLimit {
-				// Finished
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-	}
-
-	if int(nextEmit) < len(src) {
-		blk.literals = append(blk.literals, src[nextEmit:]...)
-		blk.extraLits = len(src) - int(nextEmit)
-	}
-	blk.recentOffsets[0] = uint32(offset1)
-	blk.recentOffsets[1] = uint32(offset2)
-	if debugEncoder {
-		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
-	}
-}
-
-// EncodeNoHist will encode a block with no history and no following blocks.
-// Most notable difference is that src will not be copied for history and
-// we do not need to check for max match length.
-func (e *doubleFastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
-	const (
-		// Input margin is the number of bytes we read (8)
-		// and the maximum we will read ahead (2)
-		inputMargin            = 8 + 2
-		minNonLiteralBlockSize = 16
-	)
-
-	// Protect against e.cur wraparound.
-	if e.cur >= e.bufferReset {
-		for i := range e.table[:] {
-			e.table[i] = tableEntry{}
-		}
-		for i := range e.longTable[:] {
-			e.longTable[i] = tableEntry{}
-		}
-		e.cur = e.maxMatchOff
-	}
-
-	s := int32(0)
-	blk.size = len(src)
-	if len(src) < minNonLiteralBlockSize {
-		blk.extraLits = len(src)
-		blk.literals = blk.literals[:len(src)]
-		copy(blk.literals, src)
-		return
-	}
-
-	// Override src
-	sLimit := int32(len(src)) - inputMargin
-	// stepSize is the number of bytes to skip on every main loop iteration.
-	// It should be >= 1.
-	const stepSize = 1
-
-	const kSearchStrength = 8
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := s
-	cv := load6432(src, s)
-
-	// Relative offsets
-	offset1 := int32(blk.recentOffsets[0])
-	offset2 := int32(blk.recentOffsets[1])
-
-	addLiterals := func(s *seq, until int32) {
-		if until == nextEmit {
-			return
-		}
-		blk.literals = append(blk.literals, src[nextEmit:until]...)
-		s.litLen = uint32(until - nextEmit)
-	}
-	if debugEncoder {
-		println("recent offsets:", blk.recentOffsets)
-	}
-
-encodeLoop:
-	for {
-		var t int32
-		for {
-
-			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
-			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
-			candidateL := e.longTable[nextHashL]
-			candidateS := e.table[nextHashS]
-
-			const repOff = 1
-			repIndex := s - offset1 + repOff
-			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.longTable[nextHashL] = entry
-			e.table[nextHashS] = entry
-
-			if len(blk.sequences) > 2 {
-				if load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
-					// Consider history as well.
-					var seq seq
-					//length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
-					length := 4 + int32(matchLen(src[s+4+repOff:], src[repIndex+4:]))
-
-					seq.matchLen = uint32(length - zstdMinMatch)
-
-					// We might be able to match backwards.
-					// Extend as long as we can.
-					start := s + repOff
-					// We end the search early, so we don't risk 0 literals
-					// and have to do special offset treatment.
-					startLimit := nextEmit + 1
-
-					tMin := s - e.maxMatchOff
-					if tMin < 0 {
-						tMin = 0
-					}
-					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] {
-						repIndex--
-						start--
-						seq.matchLen++
-					}
-					addLiterals(&seq, start)
-
-					// rep 0
-					seq.offset = 1
-					if debugSequences {
-						println("repeat sequence", seq, "next s:", s)
-					}
-					blk.sequences = append(blk.sequences, seq)
-					s += length + repOff
-					nextEmit = s
-					if s >= sLimit {
-						if debugEncoder {
-							println("repeat ended", s, length)
-
-						}
-						break encodeLoop
-					}
-					cv = load6432(src, s)
-					continue
-				}
-			}
-			// Find the offsets of our two matches.
-			coffsetL := s - (candidateL.offset - e.cur)
-			coffsetS := s - (candidateS.offset - e.cur)
-
-			// Check if we have a long match.
-			if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
-				// Found a long match, likely at least 8 bytes.
-				// Reference encoder checks all 8 bytes, we only check 4,
-				// but the likelihood of both the first 4 bytes and the hash matching should be enough.
-				t = candidateL.offset - e.cur
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d). cur: %d", s, t, e.cur))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugMatches {
-					println("long match")
-				}
-				break
-			}
-
-			// Check if we have a short match.
-			if coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
-				// found a regular match
-				// See if we can find a long match at s+1
-				const checkAt = 1
-				cv := load6432(src, s+checkAt)
-				nextHashL = hashLen(cv, dFastLongTableBits, dFastLongLen)
-				candidateL = e.longTable[nextHashL]
-				coffsetL = s - (candidateL.offset - e.cur) + checkAt
-
-				// We can store it, since we have at least a 4 byte match.
-				e.longTable[nextHashL] = tableEntry{offset: s + checkAt + e.cur, val: uint32(cv)}
-				if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
-					// Found a long match, likely at least 8 bytes.
-					// Reference encoder checks all 8 bytes, we only check 4,
-					// but the likelihood of both the first 4 bytes and the hash matching should be enough.
-					t = candidateL.offset - e.cur
-					s += checkAt
-					if debugMatches {
-						println("long match (after short)")
-					}
-					break
-				}
-
-				t = candidateS.offset - e.cur
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugAsserts && t < 0 {
-					panic("t<0")
-				}
-				if debugMatches {
-					println("short match")
-				}
-				break
-			}
-
-			// No match found, move forward in input.
-			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
-			if s >= sLimit {
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-
-		// A 4-byte match has been found. Update recent offsets.
-		// We'll later see if more than 4 bytes.
-		offset2 = offset1
-		offset1 = s - t
-
-		if debugAsserts && s <= t {
-			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-		}
-
-		// Extend the 4-byte match as long as possible.
-		//l := e.matchlen(s+4, t+4, src) + 4
-		l := int32(matchLen(src[s+4:], src[t+4:])) + 4
-
-		// Extend backwards
-		tMin := s - e.maxMatchOff
-		if tMin < 0 {
-			tMin = 0
-		}
-		for t > tMin && s > nextEmit && src[t-1] == src[s-1] {
-			s--
-			t--
-			l++
-		}
-
-		// Write our sequence
-		var seq seq
-		seq.litLen = uint32(s - nextEmit)
-		seq.matchLen = uint32(l - zstdMinMatch)
-		if seq.litLen > 0 {
-			blk.literals = append(blk.literals, src[nextEmit:s]...)
-		}
-		seq.offset = uint32(s-t) + 3
-		s += l
-		if debugSequences {
-			println("sequence", seq, "next s:", s)
-		}
-		blk.sequences = append(blk.sequences, seq)
-		nextEmit = s
-		if s >= sLimit {
-			break encodeLoop
-		}
-
-		// Index match start+1 (long) and start+2 (short)
-		index0 := s - l + 1
-		// Index match end-2 (long) and end-1 (short)
-		index1 := s - 2
-
-		cv0 := load6432(src, index0)
-		cv1 := load6432(src, index1)
-		te0 := tableEntry{offset: index0 + e.cur, val: uint32(cv0)}
-		te1 := tableEntry{offset: index1 + e.cur, val: uint32(cv1)}
-		e.longTable[hashLen(cv0, dFastLongTableBits, dFastLongLen)] = te0
-		e.longTable[hashLen(cv1, dFastLongTableBits, dFastLongLen)] = te1
-		cv0 >>= 8
-		cv1 >>= 8
-		te0.offset++
-		te1.offset++
-		te0.val = uint32(cv0)
-		te1.val = uint32(cv1)
-		e.table[hashLen(cv0, dFastShortTableBits, dFastShortLen)] = te0
-		e.table[hashLen(cv1, dFastShortTableBits, dFastShortLen)] = te1
-
-		cv = load6432(src, s)
-
-		if len(blk.sequences) <= 2 {
-			continue
-		}
-
-		// Check offset 2
-		for {
-			o2 := s - offset2
-			if load3232(src, o2) != uint32(cv) {
-				// Do regular search
-				break
-			}
-
-			// Store this, since we have it.
-			nextHashS := hashLen(cv1>>8, dFastShortTableBits, dFastShortLen)
-			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
-
-			// We have at least 4 byte match.
-			// No need to check backwards. We come straight from a match
-			//l := 4 + e.matchlen(s+4, o2+4, src)
-			l := 4 + int32(matchLen(src[s+4:], src[o2+4:]))
-
-			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.longTable[nextHashL] = entry
-			e.table[nextHashS] = entry
-			seq.matchLen = uint32(l) - zstdMinMatch
-			seq.litLen = 0
-
-			// Since litlen is always 0, this is offset 1.
-			seq.offset = 1
-			s += l
-			nextEmit = s
-			if debugSequences {
-				println("sequence", seq, "next s:", s)
-			}
-			blk.sequences = append(blk.sequences, seq)
-
-			// Swap offset 1 and 2.
-			offset1, offset2 = offset2, offset1
-			if s >= sLimit {
-				// Finished
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-	}
-
-	if int(nextEmit) < len(src) {
-		blk.literals = append(blk.literals, src[nextEmit:]...)
-		blk.extraLits = len(src) - int(nextEmit)
-	}
-	if debugEncoder {
-		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
-	}
-
-	// We do not store history, so we must offset e.cur to avoid false matches for next user.
-	if e.cur < e.bufferReset {
-		e.cur += int32(len(src))
-	}
-}
-
-// Encode will encode the content, with a dictionary if initialized for it.
-func (e *doubleFastEncoderDict) Encode(blk *blockEnc, src []byte) {
-	const (
-		// Input margin is the number of bytes we read (8)
-		// and the maximum we will read ahead (2)
-		inputMargin            = 8 + 2
-		minNonLiteralBlockSize = 16
-	)
-
-	// Protect against e.cur wraparound.
-	for e.cur >= e.bufferReset-int32(len(e.hist)) {
-		if len(e.hist) == 0 {
-			for i := range e.table[:] {
-				e.table[i] = tableEntry{}
-			}
-			for i := range e.longTable[:] {
-				e.longTable[i] = tableEntry{}
-			}
-			e.markAllShardsDirty()
-			e.cur = e.maxMatchOff
-			break
-		}
-		// Shift down everything in the table that isn't already too far away.
-		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
-		for i := range e.table[:] {
-			v := e.table[i].offset
-			if v < minOff {
-				v = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-			}
-			e.table[i].offset = v
-		}
-		for i := range e.longTable[:] {
-			v := e.longTable[i].offset
-			if v < minOff {
-				v = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-			}
-			e.longTable[i].offset = v
-		}
-		e.markAllShardsDirty()
-		e.cur = e.maxMatchOff
-		break
-	}
-
-	s := e.addBlock(src)
-	blk.size = len(src)
-	if len(src) < minNonLiteralBlockSize {
-		blk.extraLits = len(src)
-		blk.literals = blk.literals[:len(src)]
-		copy(blk.literals, src)
-		return
-	}
-
-	// Override src
-	src = e.hist
-	sLimit := int32(len(src)) - inputMargin
-	// stepSize is the number of bytes to skip on every main loop iteration.
-	// It should be >= 1.
-	const stepSize = 1
-
-	const kSearchStrength = 8
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := s
-	cv := load6432(src, s)
-
-	// Relative offsets
-	offset1 := int32(blk.recentOffsets[0])
-	offset2 := int32(blk.recentOffsets[1])
-
-	addLiterals := func(s *seq, until int32) {
-		if until == nextEmit {
-			return
-		}
-		blk.literals = append(blk.literals, src[nextEmit:until]...)
-		s.litLen = uint32(until - nextEmit)
-	}
-	if debugEncoder {
-		println("recent offsets:", blk.recentOffsets)
-	}
-
-encodeLoop:
-	for {
-		var t int32
-		// We allow the encoder to optionally turn off repeat offsets across blocks
-		canRepeat := len(blk.sequences) > 2
-
-		for {
-			if debugAsserts && canRepeat && offset1 == 0 {
-				panic("offset0 was 0")
-			}
-
-			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
-			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
-			candidateL := e.longTable[nextHashL]
-			candidateS := e.table[nextHashS]
-
-			const repOff = 1
-			repIndex := s - offset1 + repOff
-			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.longTable[nextHashL] = entry
-			e.markLongShardDirty(nextHashL)
-			e.table[nextHashS] = entry
-			e.markShardDirty(nextHashS)
-
-			if canRepeat {
-				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) {
-					// Consider history as well.
-					var seq seq
-					length := 4 + e.matchlen(s+4+repOff, repIndex+4, src)
-
-					seq.matchLen = uint32(length - zstdMinMatch)
-
-					// We might be able to match backwards.
-					// Extend as long as we can.
-					start := s + repOff
-					// We end the search early, so we don't risk 0 literals
-					// and have to do special offset treatment.
-					startLimit := nextEmit + 1
-
-					tMin := s - e.maxMatchOff
-					if tMin < 0 {
-						tMin = 0
-					}
-					for repIndex > tMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch-1 {
-						repIndex--
-						start--
-						seq.matchLen++
-					}
-					addLiterals(&seq, start)
-
-					// rep 0
-					seq.offset = 1
-					if debugSequences {
-						println("repeat sequence", seq, "next s:", s)
-					}
-					blk.sequences = append(blk.sequences, seq)
-					s += length + repOff
-					nextEmit = s
-					if s >= sLimit {
-						if debugEncoder {
-							println("repeat ended", s, length)
-
-						}
-						break encodeLoop
-					}
-					cv = load6432(src, s)
-					continue
-				}
-			}
-			// Find the offsets of our two matches.
-			coffsetL := s - (candidateL.offset - e.cur)
-			coffsetS := s - (candidateS.offset - e.cur)
-
-			// Check if we have a long match.
-			if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
-				// Found a long match, likely at least 8 bytes.
-				// Reference encoder checks all 8 bytes, we only check 4,
-				// but the likelihood of both the first 4 bytes and the hash matching should be enough.
-				t = candidateL.offset - e.cur
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugMatches {
-					println("long match")
-				}
-				break
-			}
-
-			// Check if we have a short match.
-			if coffsetS < e.maxMatchOff && uint32(cv) == candidateS.val {
-				// found a regular match
-				// See if we can find a long match at s+1
-				const checkAt = 1
-				cv := load6432(src, s+checkAt)
-				nextHashL = hashLen(cv, dFastLongTableBits, dFastLongLen)
-				candidateL = e.longTable[nextHashL]
-				coffsetL = s - (candidateL.offset - e.cur) + checkAt
-
-				// We can store it, since we have at least a 4 byte match.
-				e.longTable[nextHashL] = tableEntry{offset: s + checkAt + e.cur, val: uint32(cv)}
-				e.markLongShardDirty(nextHashL)
-				if coffsetL < e.maxMatchOff && uint32(cv) == candidateL.val {
-					// Found a long match, likely at least 8 bytes.
-					// Reference encoder checks all 8 bytes, we only check 4,
-					// but the likelihood of both the first 4 bytes and the hash matching should be enough.
-					t = candidateL.offset - e.cur
-					s += checkAt
-					if debugMatches {
-						println("long match (after short)")
-					}
-					break
-				}
-
-				t = candidateS.offset - e.cur
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugAsserts && t < 0 {
-					panic("t<0")
-				}
-				if debugMatches {
-					println("short match")
-				}
-				break
-			}
-
-			// No match found, move forward in input.
-			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
-			if s >= sLimit {
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-
-		// A 4-byte match has been found. Update recent offsets.
-		// We'll later see if more than 4 bytes.
-		offset2 = offset1
-		offset1 = s - t
-
-		if debugAsserts && s <= t {
-			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-		}
-
-		if debugAsserts && canRepeat && int(offset1) > len(src) {
-			panic("invalid offset")
-		}
-
-		// Extend the 4-byte match as long as possible.
-		l := e.matchlen(s+4, t+4, src) + 4
-
-		// Extend backwards
-		tMin := s - e.maxMatchOff
-		if tMin < 0 {
-			tMin = 0
-		}
-		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
-			s--
-			t--
-			l++
-		}
-
-		// Write our sequence
-		var seq seq
-		seq.litLen = uint32(s - nextEmit)
-		seq.matchLen = uint32(l - zstdMinMatch)
-		if seq.litLen > 0 {
-			blk.literals = append(blk.literals, src[nextEmit:s]...)
-		}
-		seq.offset = uint32(s-t) + 3
-		s += l
-		if debugSequences {
-			println("sequence", seq, "next s:", s)
-		}
-		blk.sequences = append(blk.sequences, seq)
-		nextEmit = s
-		if s >= sLimit {
-			break encodeLoop
-		}
-
-		// Index match start+1 (long) and start+2 (short)
-		index0 := s - l + 1
-		// Index match end-2 (long) and end-1 (short)
-		index1 := s - 2
-
-		cv0 := load6432(src, index0)
-		cv1 := load6432(src, index1)
-		te0 := tableEntry{offset: index0 + e.cur, val: uint32(cv0)}
-		te1 := tableEntry{offset: index1 + e.cur, val: uint32(cv1)}
-		longHash1 := hashLen(cv0, dFastLongTableBits, dFastLongLen)
-		longHash2 := hashLen(cv1, dFastLongTableBits, dFastLongLen)
-		e.longTable[longHash1] = te0
-		e.longTable[longHash2] = te1
-		e.markLongShardDirty(longHash1)
-		e.markLongShardDirty(longHash2)
-		cv0 >>= 8
-		cv1 >>= 8
-		te0.offset++
-		te1.offset++
-		te0.val = uint32(cv0)
-		te1.val = uint32(cv1)
-		hashVal1 := hashLen(cv0, dFastShortTableBits, dFastShortLen)
-		hashVal2 := hashLen(cv1, dFastShortTableBits, dFastShortLen)
-		e.table[hashVal1] = te0
-		e.markShardDirty(hashVal1)
-		e.table[hashVal2] = te1
-		e.markShardDirty(hashVal2)
-
-		cv = load6432(src, s)
-
-		if !canRepeat {
-			continue
-		}
-
-		// Check offset 2
-		for {
-			o2 := s - offset2
-			if load3232(src, o2) != uint32(cv) {
-				// Do regular search
-				break
-			}
-
-			// Store this, since we have it.
-			nextHashL := hashLen(cv, dFastLongTableBits, dFastLongLen)
-			nextHashS := hashLen(cv, dFastShortTableBits, dFastShortLen)
-
-			// We have at least 4 byte match.
-			// No need to check backwards. We come straight from a match
-			l := 4 + e.matchlen(s+4, o2+4, src)
-
-			entry := tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.longTable[nextHashL] = entry
-			e.markLongShardDirty(nextHashL)
-			e.table[nextHashS] = entry
-			e.markShardDirty(nextHashS)
-			seq.matchLen = uint32(l) - zstdMinMatch
-			seq.litLen = 0
-
-			// Since litlen is always 0, this is offset 1.
-			seq.offset = 1
-			s += l
-			nextEmit = s
-			if debugSequences {
-				println("sequence", seq, "next s:", s)
-			}
-			blk.sequences = append(blk.sequences, seq)
-
-			// Swap offset 1 and 2.
-			offset1, offset2 = offset2, offset1
-			if s >= sLimit {
-				// Finished
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-	}
-
-	if int(nextEmit) < len(src) {
-		blk.literals = append(blk.literals, src[nextEmit:]...)
-		blk.extraLits = len(src) - int(nextEmit)
-	}
-	blk.recentOffsets[0] = uint32(offset1)
-	blk.recentOffsets[1] = uint32(offset2)
-	if debugEncoder {
-		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
-	}
-	// If we encoded more than 64K mark all dirty.
-	if len(src) > 64<<10 {
-		e.markAllShardsDirty()
-	}
-}
-
-// ResetDict will reset and set a dictionary if not nil
-func (e *doubleFastEncoder) Reset(d *dict, singleBlock bool) {
-	e.fastEncoder.Reset(d, singleBlock)
-	if d != nil {
-		panic("doubleFastEncoder: Reset with dict not supported")
-	}
-}
-
-// ResetDict will reset and set a dictionary if not nil
-func (e *doubleFastEncoderDict) Reset(d *dict, singleBlock bool) {
-	allDirty := e.allDirty
-	e.fastEncoderDict.Reset(d, singleBlock)
-	if d == nil {
-		return
-	}
-
-	// Init or copy dict table
-	if len(e.dictLongTable) != len(e.longTable) || d.id != e.lastDictID {
-		if len(e.dictLongTable) != len(e.longTable) {
-			e.dictLongTable = make([]tableEntry, len(e.longTable))
-		}
-		if len(d.content) >= 8 {
-			cv := load6432(d.content, 0)
-			e.dictLongTable[hashLen(cv, dFastLongTableBits, dFastLongLen)] = tableEntry{
-				val:    uint32(cv),
-				offset: e.maxMatchOff,
-			}
-			end := int32(len(d.content)) - 8 + e.maxMatchOff
-			for i := e.maxMatchOff + 1; i < end; i++ {
-				cv = cv>>8 | (uint64(d.content[i-e.maxMatchOff+7]) << 56)
-				e.dictLongTable[hashLen(cv, dFastLongTableBits, dFastLongLen)] = tableEntry{
-					val:    uint32(cv),
-					offset: i,
-				}
-			}
-		}
-		e.lastDictID = d.id
-		allDirty = true
-	}
-	// Reset table to initial state
-	e.cur = e.maxMatchOff
-
-	dirtyShardCnt := 0
-	if !allDirty {
-		for i := range e.longTableShardDirty {
-			if e.longTableShardDirty[i] {
-				dirtyShardCnt++
-			}
-		}
-	}
-
-	if allDirty || dirtyShardCnt > dLongTableShardCnt/2 {
-		//copy(e.longTable[:], e.dictLongTable)
-		e.longTable = *(*[dFastLongTableSize]tableEntry)(e.dictLongTable)
-		for i := range e.longTableShardDirty {
-			e.longTableShardDirty[i] = false
-		}
-		return
-	}
-	for i := range e.longTableShardDirty {
-		if !e.longTableShardDirty[i] {
-			continue
-		}
-
-		// copy(e.longTable[i*dLongTableShardSize:(i+1)*dLongTableShardSize], e.dictLongTable[i*dLongTableShardSize:(i+1)*dLongTableShardSize])
-		*(*[dLongTableShardSize]tableEntry)(e.longTable[i*dLongTableShardSize:]) = *(*[dLongTableShardSize]tableEntry)(e.dictLongTable[i*dLongTableShardSize:])
-
-		e.longTableShardDirty[i] = false
-	}
-}
-
-func (e *doubleFastEncoderDict) markLongShardDirty(entryNum uint32) {
-	e.longTableShardDirty[entryNum/dLongTableShardSize] = true
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_fast.go b/vendor/github.com/klauspost/compress/zstd/enc_fast.go
deleted file mode 100644
index f45a3da7d..000000000
--- a/vendor/github.com/klauspost/compress/zstd/enc_fast.go
+++ /dev/null
@@ -1,891 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"fmt"
-)
-
-const (
-	tableBits        = 15                               // Bits used in the table
-	tableSize        = 1 << tableBits                   // Size of the table
-	tableShardCnt    = 1 << (tableBits - dictShardBits) // Number of shards in the table
-	tableShardSize   = tableSize / tableShardCnt        // Size of an individual shard
-	tableFastHashLen = 6
-	tableMask        = tableSize - 1 // Mask for table indices. Redundant, but can eliminate bounds checks.
-	maxMatchLength   = 131074
-)
-
-type tableEntry struct {
-	val    uint32
-	offset int32
-}
-
-type fastEncoder struct {
-	fastBase
-	table [tableSize]tableEntry
-}
-
-type fastEncoderDict struct {
-	fastEncoder
-	dictTable       []tableEntry
-	tableShardDirty [tableShardCnt]bool
-	allDirty        bool
-}
-
-// Encode mimmics functionality in zstd_fast.c
-func (e *fastEncoder) Encode(blk *blockEnc, src []byte) {
-	const (
-		inputMargin            = 8
-		minNonLiteralBlockSize = 1 + 1 + inputMargin
-	)
-
-	// Protect against e.cur wraparound.
-	for e.cur >= e.bufferReset-int32(len(e.hist)) {
-		if len(e.hist) == 0 {
-			for i := range e.table[:] {
-				e.table[i] = tableEntry{}
-			}
-			e.cur = e.maxMatchOff
-			break
-		}
-		// Shift down everything in the table that isn't already too far away.
-		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
-		for i := range e.table[:] {
-			v := e.table[i].offset
-			if v < minOff {
-				v = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-			}
-			e.table[i].offset = v
-		}
-		e.cur = e.maxMatchOff
-		break
-	}
-
-	s := e.addBlock(src)
-	blk.size = len(src)
-	if len(src) < minNonLiteralBlockSize {
-		blk.extraLits = len(src)
-		blk.literals = blk.literals[:len(src)]
-		copy(blk.literals, src)
-		return
-	}
-
-	// Override src
-	src = e.hist
-	sLimit := int32(len(src)) - inputMargin
-	// stepSize is the number of bytes to skip on every main loop iteration.
-	// It should be >= 2.
-	const stepSize = 2
-
-	// TEMPLATE
-	const hashLog = tableBits
-	// seems global, but would be nice to tweak.
-	const kSearchStrength = 6
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := s
-	cv := load6432(src, s)
-
-	// Relative offsets
-	offset1 := int32(blk.recentOffsets[0])
-	offset2 := int32(blk.recentOffsets[1])
-
-	addLiterals := func(s *seq, until int32) {
-		if until == nextEmit {
-			return
-		}
-		blk.literals = append(blk.literals, src[nextEmit:until]...)
-		s.litLen = uint32(until - nextEmit)
-	}
-	if debugEncoder {
-		println("recent offsets:", blk.recentOffsets)
-	}
-
-encodeLoop:
-	for {
-		// t will contain the match offset when we find one.
-		// When existing the search loop, we have already checked 4 bytes.
-		var t int32
-
-		// We will not use repeat offsets across blocks.
-		// By not using them for the first 3 matches
-		canRepeat := len(blk.sequences) > 2
-
-		for {
-			if debugAsserts && canRepeat && offset1 == 0 {
-				panic("offset0 was 0")
-			}
-
-			nextHash := hashLen(cv, hashLog, tableFastHashLen)
-			nextHash2 := hashLen(cv>>8, hashLog, tableFastHashLen)
-			candidate := e.table[nextHash]
-			candidate2 := e.table[nextHash2]
-			repIndex := s - offset1 + 2
-
-			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.table[nextHash2] = tableEntry{offset: s + e.cur + 1, val: uint32(cv >> 8)}
-
-			if canRepeat && repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>16) {
-				// Consider history as well.
-				var seq seq
-				length := 4 + e.matchlen(s+6, repIndex+4, src)
-				seq.matchLen = uint32(length - zstdMinMatch)
-
-				// We might be able to match backwards.
-				// Extend as long as we can.
-				start := s + 2
-				// We end the search early, so we don't risk 0 literals
-				// and have to do special offset treatment.
-				startLimit := nextEmit + 1
-
-				sMin := s - e.maxMatchOff
-				if sMin < 0 {
-					sMin = 0
-				}
-				for repIndex > sMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch {
-					repIndex--
-					start--
-					seq.matchLen++
-				}
-				addLiterals(&seq, start)
-
-				// rep 0
-				seq.offset = 1
-				if debugSequences {
-					println("repeat sequence", seq, "next s:", s)
-				}
-				blk.sequences = append(blk.sequences, seq)
-				s += length + 2
-				nextEmit = s
-				if s >= sLimit {
-					if debugEncoder {
-						println("repeat ended", s, length)
-
-					}
-					break encodeLoop
-				}
-				cv = load6432(src, s)
-				continue
-			}
-			coffset0 := s - (candidate.offset - e.cur)
-			coffset1 := s - (candidate2.offset - e.cur) + 1
-			if coffset0 < e.maxMatchOff && uint32(cv) == candidate.val {
-				// found a regular match
-				t = candidate.offset - e.cur
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				break
-			}
-
-			if coffset1 < e.maxMatchOff && uint32(cv>>8) == candidate2.val {
-				// found a regular match
-				t = candidate2.offset - e.cur
-				s++
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugAsserts && t < 0 {
-					panic("t<0")
-				}
-				break
-			}
-			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
-			if s >= sLimit {
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-		// A 4-byte match has been found. We'll later see if more than 4 bytes.
-		offset2 = offset1
-		offset1 = s - t
-
-		if debugAsserts && s <= t {
-			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-		}
-
-		if debugAsserts && canRepeat && int(offset1) > len(src) {
-			panic("invalid offset")
-		}
-
-		// Extend the 4-byte match as long as possible.
-		l := e.matchlen(s+4, t+4, src) + 4
-
-		// Extend backwards
-		tMin := s - e.maxMatchOff
-		if tMin < 0 {
-			tMin = 0
-		}
-		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
-			s--
-			t--
-			l++
-		}
-
-		// Write our sequence.
-		var seq seq
-		seq.litLen = uint32(s - nextEmit)
-		seq.matchLen = uint32(l - zstdMinMatch)
-		if seq.litLen > 0 {
-			blk.literals = append(blk.literals, src[nextEmit:s]...)
-		}
-		// Don't use repeat offsets
-		seq.offset = uint32(s-t) + 3
-		s += l
-		if debugSequences {
-			println("sequence", seq, "next s:", s)
-		}
-		blk.sequences = append(blk.sequences, seq)
-		nextEmit = s
-		if s >= sLimit {
-			break encodeLoop
-		}
-		cv = load6432(src, s)
-
-		// Check offset 2
-		if o2 := s - offset2; canRepeat && load3232(src, o2) == uint32(cv) {
-			// We have at least 4 byte match.
-			// No need to check backwards. We come straight from a match
-			l := 4 + e.matchlen(s+4, o2+4, src)
-
-			// Store this, since we have it.
-			nextHash := hashLen(cv, hashLog, tableFastHashLen)
-			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
-			seq.matchLen = uint32(l) - zstdMinMatch
-			seq.litLen = 0
-			// Since litlen is always 0, this is offset 1.
-			seq.offset = 1
-			s += l
-			nextEmit = s
-			if debugSequences {
-				println("sequence", seq, "next s:", s)
-			}
-			blk.sequences = append(blk.sequences, seq)
-
-			// Swap offset 1 and 2.
-			offset1, offset2 = offset2, offset1
-			if s >= sLimit {
-				break encodeLoop
-			}
-			// Prepare next loop.
-			cv = load6432(src, s)
-		}
-	}
-
-	if int(nextEmit) < len(src) {
-		blk.literals = append(blk.literals, src[nextEmit:]...)
-		blk.extraLits = len(src) - int(nextEmit)
-	}
-	blk.recentOffsets[0] = uint32(offset1)
-	blk.recentOffsets[1] = uint32(offset2)
-	if debugEncoder {
-		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
-	}
-}
-
-// EncodeNoHist will encode a block with no history and no following blocks.
-// Most notable difference is that src will not be copied for history and
-// we do not need to check for max match length.
-func (e *fastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
-	const (
-		inputMargin            = 8
-		minNonLiteralBlockSize = 1 + 1 + inputMargin
-	)
-	if debugEncoder {
-		if len(src) > maxCompressedBlockSize {
-			panic("src too big")
-		}
-	}
-
-	// Protect against e.cur wraparound.
-	if e.cur >= e.bufferReset {
-		for i := range e.table[:] {
-			e.table[i] = tableEntry{}
-		}
-		e.cur = e.maxMatchOff
-	}
-
-	s := int32(0)
-	blk.size = len(src)
-	if len(src) < minNonLiteralBlockSize {
-		blk.extraLits = len(src)
-		blk.literals = blk.literals[:len(src)]
-		copy(blk.literals, src)
-		return
-	}
-
-	sLimit := int32(len(src)) - inputMargin
-	// stepSize is the number of bytes to skip on every main loop iteration.
-	// It should be >= 2.
-	const stepSize = 2
-
-	// TEMPLATE
-	const hashLog = tableBits
-	// seems global, but would be nice to tweak.
-	const kSearchStrength = 6
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := s
-	cv := load6432(src, s)
-
-	// Relative offsets
-	offset1 := int32(blk.recentOffsets[0])
-	offset2 := int32(blk.recentOffsets[1])
-
-	addLiterals := func(s *seq, until int32) {
-		if until == nextEmit {
-			return
-		}
-		blk.literals = append(blk.literals, src[nextEmit:until]...)
-		s.litLen = uint32(until - nextEmit)
-	}
-	if debugEncoder {
-		println("recent offsets:", blk.recentOffsets)
-	}
-
-encodeLoop:
-	for {
-		// t will contain the match offset when we find one.
-		// When existing the search loop, we have already checked 4 bytes.
-		var t int32
-
-		// We will not use repeat offsets across blocks.
-		// By not using them for the first 3 matches
-
-		for {
-			nextHash := hashLen(cv, hashLog, tableFastHashLen)
-			nextHash2 := hashLen(cv>>8, hashLog, tableFastHashLen)
-			candidate := e.table[nextHash]
-			candidate2 := e.table[nextHash2]
-			repIndex := s - offset1 + 2
-
-			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.table[nextHash2] = tableEntry{offset: s + e.cur + 1, val: uint32(cv >> 8)}
-
-			if len(blk.sequences) > 2 && load3232(src, repIndex) == uint32(cv>>16) {
-				// Consider history as well.
-				var seq seq
-				length := 4 + e.matchlen(s+6, repIndex+4, src)
-
-				seq.matchLen = uint32(length - zstdMinMatch)
-
-				// We might be able to match backwards.
-				// Extend as long as we can.
-				start := s + 2
-				// We end the search early, so we don't risk 0 literals
-				// and have to do special offset treatment.
-				startLimit := nextEmit + 1
-
-				sMin := s - e.maxMatchOff
-				if sMin < 0 {
-					sMin = 0
-				}
-				for repIndex > sMin && start > startLimit && src[repIndex-1] == src[start-1] {
-					repIndex--
-					start--
-					seq.matchLen++
-				}
-				addLiterals(&seq, start)
-
-				// rep 0
-				seq.offset = 1
-				if debugSequences {
-					println("repeat sequence", seq, "next s:", s)
-				}
-				blk.sequences = append(blk.sequences, seq)
-				s += length + 2
-				nextEmit = s
-				if s >= sLimit {
-					if debugEncoder {
-						println("repeat ended", s, length)
-
-					}
-					break encodeLoop
-				}
-				cv = load6432(src, s)
-				continue
-			}
-			coffset0 := s - (candidate.offset - e.cur)
-			coffset1 := s - (candidate2.offset - e.cur) + 1
-			if coffset0 < e.maxMatchOff && uint32(cv) == candidate.val {
-				// found a regular match
-				t = candidate.offset - e.cur
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugAsserts && t < 0 {
-					panic(fmt.Sprintf("t (%d) < 0, candidate.offset: %d, e.cur: %d, coffset0: %d, e.maxMatchOff: %d", t, candidate.offset, e.cur, coffset0, e.maxMatchOff))
-				}
-				break
-			}
-
-			if coffset1 < e.maxMatchOff && uint32(cv>>8) == candidate2.val {
-				// found a regular match
-				t = candidate2.offset - e.cur
-				s++
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugAsserts && t < 0 {
-					panic("t<0")
-				}
-				break
-			}
-			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
-			if s >= sLimit {
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-		// A 4-byte match has been found. We'll later see if more than 4 bytes.
-		offset2 = offset1
-		offset1 = s - t
-
-		if debugAsserts && s <= t {
-			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-		}
-
-		if debugAsserts && t < 0 {
-			panic(fmt.Sprintf("t (%d) < 0 ", t))
-		}
-		// Extend the 4-byte match as long as possible.
-		l := e.matchlen(s+4, t+4, src) + 4
-
-		// Extend backwards
-		tMin := s - e.maxMatchOff
-		if tMin < 0 {
-			tMin = 0
-		}
-		for t > tMin && s > nextEmit && src[t-1] == src[s-1] {
-			s--
-			t--
-			l++
-		}
-
-		// Write our sequence.
-		var seq seq
-		seq.litLen = uint32(s - nextEmit)
-		seq.matchLen = uint32(l - zstdMinMatch)
-		if seq.litLen > 0 {
-			blk.literals = append(blk.literals, src[nextEmit:s]...)
-		}
-		// Don't use repeat offsets
-		seq.offset = uint32(s-t) + 3
-		s += l
-		if debugSequences {
-			println("sequence", seq, "next s:", s)
-		}
-		blk.sequences = append(blk.sequences, seq)
-		nextEmit = s
-		if s >= sLimit {
-			break encodeLoop
-		}
-		cv = load6432(src, s)
-
-		// Check offset 2
-		if o2 := s - offset2; len(blk.sequences) > 2 && load3232(src, o2) == uint32(cv) {
-			// We have at least 4 byte match.
-			// No need to check backwards. We come straight from a match
-			l := 4 + e.matchlen(s+4, o2+4, src)
-
-			// Store this, since we have it.
-			nextHash := hashLen(cv, hashLog, tableFastHashLen)
-			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
-			seq.matchLen = uint32(l) - zstdMinMatch
-			seq.litLen = 0
-			// Since litlen is always 0, this is offset 1.
-			seq.offset = 1
-			s += l
-			nextEmit = s
-			if debugSequences {
-				println("sequence", seq, "next s:", s)
-			}
-			blk.sequences = append(blk.sequences, seq)
-
-			// Swap offset 1 and 2.
-			offset1, offset2 = offset2, offset1
-			if s >= sLimit {
-				break encodeLoop
-			}
-			// Prepare next loop.
-			cv = load6432(src, s)
-		}
-	}
-
-	if int(nextEmit) < len(src) {
-		blk.literals = append(blk.literals, src[nextEmit:]...)
-		blk.extraLits = len(src) - int(nextEmit)
-	}
-	if debugEncoder {
-		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
-	}
-	// We do not store history, so we must offset e.cur to avoid false matches for next user.
-	if e.cur < e.bufferReset {
-		e.cur += int32(len(src))
-	}
-}
-
-// Encode will encode the content, with a dictionary if initialized for it.
-func (e *fastEncoderDict) Encode(blk *blockEnc, src []byte) {
-	const (
-		inputMargin            = 8
-		minNonLiteralBlockSize = 1 + 1 + inputMargin
-	)
-	if e.allDirty || len(src) > 32<<10 {
-		e.fastEncoder.Encode(blk, src)
-		e.allDirty = true
-		return
-	}
-	// Protect against e.cur wraparound.
-	for e.cur >= e.bufferReset-int32(len(e.hist)) {
-		if len(e.hist) == 0 {
-			e.table = [tableSize]tableEntry{}
-			e.cur = e.maxMatchOff
-			break
-		}
-		// Shift down everything in the table that isn't already too far away.
-		minOff := e.cur + int32(len(e.hist)) - e.maxMatchOff
-		for i := range e.table[:] {
-			v := e.table[i].offset
-			if v < minOff {
-				v = 0
-			} else {
-				v = v - e.cur + e.maxMatchOff
-			}
-			e.table[i].offset = v
-		}
-		e.cur = e.maxMatchOff
-		break
-	}
-
-	s := e.addBlock(src)
-	blk.size = len(src)
-	if len(src) < minNonLiteralBlockSize {
-		blk.extraLits = len(src)
-		blk.literals = blk.literals[:len(src)]
-		copy(blk.literals, src)
-		return
-	}
-
-	// Override src
-	src = e.hist
-	sLimit := int32(len(src)) - inputMargin
-	// stepSize is the number of bytes to skip on every main loop iteration.
-	// It should be >= 2.
-	const stepSize = 2
-
-	// TEMPLATE
-	const hashLog = tableBits
-	// seems global, but would be nice to tweak.
-	const kSearchStrength = 7
-
-	// nextEmit is where in src the next emitLiteral should start from.
-	nextEmit := s
-	cv := load6432(src, s)
-
-	// Relative offsets
-	offset1 := int32(blk.recentOffsets[0])
-	offset2 := int32(blk.recentOffsets[1])
-
-	addLiterals := func(s *seq, until int32) {
-		if until == nextEmit {
-			return
-		}
-		blk.literals = append(blk.literals, src[nextEmit:until]...)
-		s.litLen = uint32(until - nextEmit)
-	}
-	if debugEncoder {
-		println("recent offsets:", blk.recentOffsets)
-	}
-
-encodeLoop:
-	for {
-		// t will contain the match offset when we find one.
-		// When existing the search loop, we have already checked 4 bytes.
-		var t int32
-
-		// We will not use repeat offsets across blocks.
-		// By not using them for the first 3 matches
-		canRepeat := len(blk.sequences) > 2
-
-		for {
-			if debugAsserts && canRepeat && offset1 == 0 {
-				panic("offset0 was 0")
-			}
-
-			nextHash := hashLen(cv, hashLog, tableFastHashLen)
-			nextHash2 := hashLen(cv>>8, hashLog, tableFastHashLen)
-			candidate := e.table[nextHash]
-			candidate2 := e.table[nextHash2]
-			repIndex := s - offset1 + 2
-
-			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.markShardDirty(nextHash)
-			e.table[nextHash2] = tableEntry{offset: s + e.cur + 1, val: uint32(cv >> 8)}
-			e.markShardDirty(nextHash2)
-
-			if canRepeat && repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>16) {
-				// Consider history as well.
-				var seq seq
-				length := 4 + e.matchlen(s+6, repIndex+4, src)
-
-				seq.matchLen = uint32(length - zstdMinMatch)
-
-				// We might be able to match backwards.
-				// Extend as long as we can.
-				start := s + 2
-				// We end the search early, so we don't risk 0 literals
-				// and have to do special offset treatment.
-				startLimit := nextEmit + 1
-
-				sMin := s - e.maxMatchOff
-				if sMin < 0 {
-					sMin = 0
-				}
-				for repIndex > sMin && start > startLimit && src[repIndex-1] == src[start-1] && seq.matchLen < maxMatchLength-zstdMinMatch {
-					repIndex--
-					start--
-					seq.matchLen++
-				}
-				addLiterals(&seq, start)
-
-				// rep 0
-				seq.offset = 1
-				if debugSequences {
-					println("repeat sequence", seq, "next s:", s)
-				}
-				blk.sequences = append(blk.sequences, seq)
-				s += length + 2
-				nextEmit = s
-				if s >= sLimit {
-					if debugEncoder {
-						println("repeat ended", s, length)
-
-					}
-					break encodeLoop
-				}
-				cv = load6432(src, s)
-				continue
-			}
-			coffset0 := s - (candidate.offset - e.cur)
-			coffset1 := s - (candidate2.offset - e.cur) + 1
-			if coffset0 < e.maxMatchOff && uint32(cv) == candidate.val {
-				// found a regular match
-				t = candidate.offset - e.cur
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				break
-			}
-
-			if coffset1 < e.maxMatchOff && uint32(cv>>8) == candidate2.val {
-				// found a regular match
-				t = candidate2.offset - e.cur
-				s++
-				if debugAsserts && s <= t {
-					panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-				}
-				if debugAsserts && s-t > e.maxMatchOff {
-					panic("s - t >e.maxMatchOff")
-				}
-				if debugAsserts && t < 0 {
-					panic("t<0")
-				}
-				break
-			}
-			s += stepSize + ((s - nextEmit) >> (kSearchStrength - 1))
-			if s >= sLimit {
-				break encodeLoop
-			}
-			cv = load6432(src, s)
-		}
-		// A 4-byte match has been found. We'll later see if more than 4 bytes.
-		offset2 = offset1
-		offset1 = s - t
-
-		if debugAsserts && s <= t {
-			panic(fmt.Sprintf("s (%d) <= t (%d)", s, t))
-		}
-
-		if debugAsserts && canRepeat && int(offset1) > len(src) {
-			panic("invalid offset")
-		}
-
-		// Extend the 4-byte match as long as possible.
-		l := e.matchlen(s+4, t+4, src) + 4
-
-		// Extend backwards
-		tMin := s - e.maxMatchOff
-		if tMin < 0 {
-			tMin = 0
-		}
-		for t > tMin && s > nextEmit && src[t-1] == src[s-1] && l < maxMatchLength {
-			s--
-			t--
-			l++
-		}
-
-		// Write our sequence.
-		var seq seq
-		seq.litLen = uint32(s - nextEmit)
-		seq.matchLen = uint32(l - zstdMinMatch)
-		if seq.litLen > 0 {
-			blk.literals = append(blk.literals, src[nextEmit:s]...)
-		}
-		// Don't use repeat offsets
-		seq.offset = uint32(s-t) + 3
-		s += l
-		if debugSequences {
-			println("sequence", seq, "next s:", s)
-		}
-		blk.sequences = append(blk.sequences, seq)
-		nextEmit = s
-		if s >= sLimit {
-			break encodeLoop
-		}
-		cv = load6432(src, s)
-
-		// Check offset 2
-		if o2 := s - offset2; canRepeat && load3232(src, o2) == uint32(cv) {
-			// We have at least 4 byte match.
-			// No need to check backwards. We come straight from a match
-			l := 4 + e.matchlen(s+4, o2+4, src)
-
-			// Store this, since we have it.
-			nextHash := hashLen(cv, hashLog, tableFastHashLen)
-			e.table[nextHash] = tableEntry{offset: s + e.cur, val: uint32(cv)}
-			e.markShardDirty(nextHash)
-			seq.matchLen = uint32(l) - zstdMinMatch
-			seq.litLen = 0
-			// Since litlen is always 0, this is offset 1.
-			seq.offset = 1
-			s += l
-			nextEmit = s
-			if debugSequences {
-				println("sequence", seq, "next s:", s)
-			}
-			blk.sequences = append(blk.sequences, seq)
-
-			// Swap offset 1 and 2.
-			offset1, offset2 = offset2, offset1
-			if s >= sLimit {
-				break encodeLoop
-			}
-			// Prepare next loop.
-			cv = load6432(src, s)
-		}
-	}
-
-	if int(nextEmit) < len(src) {
-		blk.literals = append(blk.literals, src[nextEmit:]...)
-		blk.extraLits = len(src) - int(nextEmit)
-	}
-	blk.recentOffsets[0] = uint32(offset1)
-	blk.recentOffsets[1] = uint32(offset2)
-	if debugEncoder {
-		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
-	}
-}
-
-// ResetDict will reset and set a dictionary if not nil
-func (e *fastEncoder) Reset(d *dict, singleBlock bool) {
-	e.resetBase(d, singleBlock)
-	if d != nil {
-		panic("fastEncoder: Reset with dict")
-	}
-}
-
-// ResetDict will reset and set a dictionary if not nil
-func (e *fastEncoderDict) Reset(d *dict, singleBlock bool) {
-	e.resetBase(d, singleBlock)
-	if d == nil {
-		return
-	}
-
-	// Init or copy dict table
-	if len(e.dictTable) != len(e.table) || d.id != e.lastDictID {
-		if len(e.dictTable) != len(e.table) {
-			e.dictTable = make([]tableEntry, len(e.table))
-		}
-		if true {
-			end := e.maxMatchOff + int32(len(d.content)) - 8
-			for i := e.maxMatchOff; i < end; i += 2 {
-				const hashLog = tableBits
-
-				cv := load6432(d.content, i-e.maxMatchOff)
-				nextHash := hashLen(cv, hashLog, tableFastHashLen)     // 0 -> 6
-				nextHash1 := hashLen(cv>>8, hashLog, tableFastHashLen) // 1 -> 7
-				e.dictTable[nextHash] = tableEntry{
-					val:    uint32(cv),
-					offset: i,
-				}
-				e.dictTable[nextHash1] = tableEntry{
-					val:    uint32(cv >> 8),
-					offset: i + 1,
-				}
-			}
-		}
-		e.lastDictID = d.id
-		e.allDirty = true
-	}
-
-	e.cur = e.maxMatchOff
-	dirtyShardCnt := 0
-	if !e.allDirty {
-		for i := range e.tableShardDirty {
-			if e.tableShardDirty[i] {
-				dirtyShardCnt++
-			}
-		}
-	}
-
-	const shardCnt = tableShardCnt
-	const shardSize = tableShardSize
-	if e.allDirty || dirtyShardCnt > shardCnt*4/6 {
-		//copy(e.table[:], e.dictTable)
-		e.table = *(*[tableSize]tableEntry)(e.dictTable)
-		for i := range e.tableShardDirty {
-			e.tableShardDirty[i] = false
-		}
-		e.allDirty = false
-		return
-	}
-	for i := range e.tableShardDirty {
-		if !e.tableShardDirty[i] {
-			continue
-		}
-
-		//copy(e.table[i*shardSize:(i+1)*shardSize], e.dictTable[i*shardSize:(i+1)*shardSize])
-		*(*[shardSize]tableEntry)(e.table[i*shardSize:]) = *(*[shardSize]tableEntry)(e.dictTable[i*shardSize:])
-		e.tableShardDirty[i] = false
-	}
-	e.allDirty = false
-}
-
-func (e *fastEncoderDict) markAllShardsDirty() {
-	e.allDirty = true
-}
-
-func (e *fastEncoderDict) markShardDirty(entryNum uint32) {
-	e.tableShardDirty[entryNum/tableShardSize] = true
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/encoder.go b/vendor/github.com/klauspost/compress/zstd/encoder.go
deleted file mode 100644
index 8f8223cd3..000000000
--- a/vendor/github.com/klauspost/compress/zstd/encoder.go
+++ /dev/null
@@ -1,642 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"crypto/rand"
-	"errors"
-	"fmt"
-	"io"
-	"math"
-	rdebug "runtime/debug"
-	"sync"
-
-	"github.com/klauspost/compress/zstd/internal/xxhash"
-)
-
-// Encoder provides encoding to Zstandard.
-// An Encoder can be used for either compressing a stream via the
-// io.WriteCloser interface supported by the Encoder or as multiple independent
-// tasks via the EncodeAll function.
-// Smaller encodes are encouraged to use the EncodeAll function.
-// Use NewWriter to create a new instance.
-type Encoder struct {
-	o        encoderOptions
-	encoders chan encoder
-	state    encoderState
-	init     sync.Once
-}
-
-type encoder interface {
-	Encode(blk *blockEnc, src []byte)
-	EncodeNoHist(blk *blockEnc, src []byte)
-	Block() *blockEnc
-	CRC() *xxhash.Digest
-	AppendCRC([]byte) []byte
-	WindowSize(size int64) int32
-	UseBlock(*blockEnc)
-	Reset(d *dict, singleBlock bool)
-}
-
-type encoderState struct {
-	w                io.Writer
-	filling          []byte
-	current          []byte
-	previous         []byte
-	encoder          encoder
-	writing          *blockEnc
-	err              error
-	writeErr         error
-	nWritten         int64
-	nInput           int64
-	frameContentSize int64
-	headerWritten    bool
-	eofWritten       bool
-	fullFrameWritten bool
-
-	// This waitgroup indicates an encode is running.
-	wg sync.WaitGroup
-	// This waitgroup indicates we have a block encoding/writing.
-	wWg sync.WaitGroup
-}
-
-// NewWriter will create a new Zstandard encoder.
-// If the encoder will be used for encoding blocks a nil writer can be used.
-func NewWriter(w io.Writer, opts ...EOption) (*Encoder, error) {
-	initPredefined()
-	var e Encoder
-	e.o.setDefault()
-	for _, o := range opts {
-		err := o(&e.o)
-		if err != nil {
-			return nil, err
-		}
-	}
-	if w != nil {
-		e.Reset(w)
-	}
-	return &e, nil
-}
-
-func (e *Encoder) initialize() {
-	if e.o.concurrent == 0 {
-		e.o.setDefault()
-	}
-	e.encoders = make(chan encoder, e.o.concurrent)
-	for i := 0; i < e.o.concurrent; i++ {
-		enc := e.o.encoder()
-		e.encoders <- enc
-	}
-}
-
-// Reset will re-initialize the writer and new writes will encode to the supplied writer
-// as a new, independent stream.
-func (e *Encoder) Reset(w io.Writer) {
-	s := &e.state
-	s.wg.Wait()
-	s.wWg.Wait()
-	if cap(s.filling) == 0 {
-		s.filling = make([]byte, 0, e.o.blockSize)
-	}
-	if e.o.concurrent > 1 {
-		if cap(s.current) == 0 {
-			s.current = make([]byte, 0, e.o.blockSize)
-		}
-		if cap(s.previous) == 0 {
-			s.previous = make([]byte, 0, e.o.blockSize)
-		}
-		s.current = s.current[:0]
-		s.previous = s.previous[:0]
-		if s.writing == nil {
-			s.writing = &blockEnc{lowMem: e.o.lowMem}
-			s.writing.init()
-		}
-		s.writing.initNewEncode()
-	}
-	if s.encoder == nil {
-		s.encoder = e.o.encoder()
-	}
-	s.filling = s.filling[:0]
-	s.encoder.Reset(e.o.dict, false)
-	s.headerWritten = false
-	s.eofWritten = false
-	s.fullFrameWritten = false
-	s.w = w
-	s.err = nil
-	s.nWritten = 0
-	s.nInput = 0
-	s.writeErr = nil
-	s.frameContentSize = 0
-}
-
-// ResetContentSize will reset and set a content size for the next stream.
-// If the bytes written does not match the size given an error will be returned
-// when calling Close().
-// This is removed when Reset is called.
-// Sizes <= 0 results in no content size set.
-func (e *Encoder) ResetContentSize(w io.Writer, size int64) {
-	e.Reset(w)
-	if size >= 0 {
-		e.state.frameContentSize = size
-	}
-}
-
-// Write data to the encoder.
-// Input data will be buffered and as the buffer fills up
-// content will be compressed and written to the output.
-// When done writing, use Close to flush the remaining output
-// and write CRC if requested.
-func (e *Encoder) Write(p []byte) (n int, err error) {
-	s := &e.state
-	if s.eofWritten {
-		return 0, ErrEncoderClosed
-	}
-	for len(p) > 0 {
-		if len(p)+len(s.filling) < e.o.blockSize {
-			if e.o.crc {
-				_, _ = s.encoder.CRC().Write(p)
-			}
-			s.filling = append(s.filling, p...)
-			return n + len(p), nil
-		}
-		add := p
-		if len(p)+len(s.filling) > e.o.blockSize {
-			add = add[:e.o.blockSize-len(s.filling)]
-		}
-		if e.o.crc {
-			_, _ = s.encoder.CRC().Write(add)
-		}
-		s.filling = append(s.filling, add...)
-		p = p[len(add):]
-		n += len(add)
-		if len(s.filling) < e.o.blockSize {
-			return n, nil
-		}
-		err := e.nextBlock(false)
-		if err != nil {
-			return n, err
-		}
-		if debugAsserts && len(s.filling) > 0 {
-			panic(len(s.filling))
-		}
-	}
-	return n, nil
-}
-
-// nextBlock will synchronize and start compressing input in e.state.filling.
-// If an error has occurred during encoding it will be returned.
-func (e *Encoder) nextBlock(final bool) error {
-	s := &e.state
-	// Wait for current block.
-	s.wg.Wait()
-	if s.err != nil {
-		return s.err
-	}
-	if len(s.filling) > e.o.blockSize {
-		return fmt.Errorf("block > maxStoreBlockSize")
-	}
-	if !s.headerWritten {
-		// If we have a single block encode, do a sync compression.
-		if final && len(s.filling) == 0 && !e.o.fullZero {
-			s.headerWritten = true
-			s.fullFrameWritten = true
-			s.eofWritten = true
-			return nil
-		}
-		if final && len(s.filling) > 0 {
-			s.current = e.encodeAll(s.encoder, s.filling, s.current[:0])
-			var n2 int
-			n2, s.err = s.w.Write(s.current)
-			if s.err != nil {
-				return s.err
-			}
-			s.nWritten += int64(n2)
-			s.nInput += int64(len(s.filling))
-			s.current = s.current[:0]
-			s.filling = s.filling[:0]
-			s.headerWritten = true
-			s.fullFrameWritten = true
-			s.eofWritten = true
-			return nil
-		}
-
-		var tmp [maxHeaderSize]byte
-		fh := frameHeader{
-			ContentSize:   uint64(s.frameContentSize),
-			WindowSize:    uint32(s.encoder.WindowSize(s.frameContentSize)),
-			SingleSegment: false,
-			Checksum:      e.o.crc,
-			DictID:        e.o.dict.ID(),
-		}
-
-		dst := fh.appendTo(tmp[:0])
-		s.headerWritten = true
-		s.wWg.Wait()
-		var n2 int
-		n2, s.err = s.w.Write(dst)
-		if s.err != nil {
-			return s.err
-		}
-		s.nWritten += int64(n2)
-	}
-	if s.eofWritten {
-		// Ensure we only write it once.
-		final = false
-	}
-
-	if len(s.filling) == 0 {
-		// Final block, but no data.
-		if final {
-			enc := s.encoder
-			blk := enc.Block()
-			blk.reset(nil)
-			blk.last = true
-			blk.encodeRaw(nil)
-			s.wWg.Wait()
-			_, s.err = s.w.Write(blk.output)
-			s.nWritten += int64(len(blk.output))
-			s.eofWritten = true
-		}
-		return s.err
-	}
-
-	// SYNC:
-	if e.o.concurrent == 1 {
-		src := s.filling
-		s.nInput += int64(len(s.filling))
-		if debugEncoder {
-			println("Adding sync block,", len(src), "bytes, final:", final)
-		}
-		enc := s.encoder
-		blk := enc.Block()
-		blk.reset(nil)
-		enc.Encode(blk, src)
-		blk.last = final
-		if final {
-			s.eofWritten = true
-		}
-
-		s.err = blk.encode(src, e.o.noEntropy, !e.o.allLitEntropy)
-		if s.err != nil {
-			return s.err
-		}
-		_, s.err = s.w.Write(blk.output)
-		s.nWritten += int64(len(blk.output))
-		s.filling = s.filling[:0]
-		return s.err
-	}
-
-	// Move blocks forward.
-	s.filling, s.current, s.previous = s.previous[:0], s.filling, s.current
-	s.nInput += int64(len(s.current))
-	s.wg.Add(1)
-	if final {
-		s.eofWritten = true
-	}
-	go func(src []byte) {
-		if debugEncoder {
-			println("Adding block,", len(src), "bytes, final:", final)
-		}
-		defer func() {
-			if r := recover(); r != nil {
-				s.err = fmt.Errorf("panic while encoding: %v", r)
-				rdebug.PrintStack()
-			}
-			s.wg.Done()
-		}()
-		enc := s.encoder
-		blk := enc.Block()
-		enc.Encode(blk, src)
-		blk.last = final
-		// Wait for pending writes.
-		s.wWg.Wait()
-		if s.writeErr != nil {
-			s.err = s.writeErr
-			return
-		}
-		// Transfer encoders from previous write block.
-		blk.swapEncoders(s.writing)
-		// Transfer recent offsets to next.
-		enc.UseBlock(s.writing)
-		s.writing = blk
-		s.wWg.Add(1)
-		go func() {
-			defer func() {
-				if r := recover(); r != nil {
-					s.writeErr = fmt.Errorf("panic while encoding/writing: %v", r)
-					rdebug.PrintStack()
-				}
-				s.wWg.Done()
-			}()
-			s.writeErr = blk.encode(src, e.o.noEntropy, !e.o.allLitEntropy)
-			if s.writeErr != nil {
-				return
-			}
-			_, s.writeErr = s.w.Write(blk.output)
-			s.nWritten += int64(len(blk.output))
-		}()
-	}(s.current)
-	return nil
-}
-
-// ReadFrom reads data from r until EOF or error.
-// The return value n is the number of bytes read.
-// Any error except io.EOF encountered during the read is also returned.
-//
-// The Copy function uses ReaderFrom if available.
-func (e *Encoder) ReadFrom(r io.Reader) (n int64, err error) {
-	if debugEncoder {
-		println("Using ReadFrom")
-	}
-
-	// Flush any current writes.
-	if len(e.state.filling) > 0 {
-		if err := e.nextBlock(false); err != nil {
-			return 0, err
-		}
-	}
-	e.state.filling = e.state.filling[:e.o.blockSize]
-	src := e.state.filling
-	for {
-		n2, err := r.Read(src)
-		if e.o.crc {
-			_, _ = e.state.encoder.CRC().Write(src[:n2])
-		}
-		// src is now the unfilled part...
-		src = src[n2:]
-		n += int64(n2)
-		switch err {
-		case io.EOF:
-			e.state.filling = e.state.filling[:len(e.state.filling)-len(src)]
-			if debugEncoder {
-				println("ReadFrom: got EOF final block:", len(e.state.filling))
-			}
-			return n, nil
-		case nil:
-		default:
-			if debugEncoder {
-				println("ReadFrom: got error:", err)
-			}
-			e.state.err = err
-			return n, err
-		}
-		if len(src) > 0 {
-			if debugEncoder {
-				println("ReadFrom: got space left in source:", len(src))
-			}
-			continue
-		}
-		err = e.nextBlock(false)
-		if err != nil {
-			return n, err
-		}
-		e.state.filling = e.state.filling[:e.o.blockSize]
-		src = e.state.filling
-	}
-}
-
-// Flush will send the currently written data to output
-// and block until everything has been written.
-// This should only be used on rare occasions where pushing the currently queued data is critical.
-func (e *Encoder) Flush() error {
-	s := &e.state
-	if len(s.filling) > 0 {
-		err := e.nextBlock(false)
-		if err != nil {
-			// Ignore Flush after Close.
-			if errors.Is(s.err, ErrEncoderClosed) {
-				return nil
-			}
-			return err
-		}
-	}
-	s.wg.Wait()
-	s.wWg.Wait()
-	if s.err != nil {
-		// Ignore Flush after Close.
-		if errors.Is(s.err, ErrEncoderClosed) {
-			return nil
-		}
-		return s.err
-	}
-	return s.writeErr
-}
-
-// Close will flush the final output and close the stream.
-// The function will block until everything has been written.
-// The Encoder can still be re-used after calling this.
-func (e *Encoder) Close() error {
-	s := &e.state
-	if s.encoder == nil {
-		return nil
-	}
-	err := e.nextBlock(true)
-	if err != nil {
-		if errors.Is(s.err, ErrEncoderClosed) {
-			return nil
-		}
-		return err
-	}
-	if s.frameContentSize > 0 {
-		if s.nInput != s.frameContentSize {
-			return fmt.Errorf("frame content size %d given, but %d bytes was written", s.frameContentSize, s.nInput)
-		}
-	}
-	if e.state.fullFrameWritten {
-		return s.err
-	}
-	s.wg.Wait()
-	s.wWg.Wait()
-
-	if s.err != nil {
-		return s.err
-	}
-	if s.writeErr != nil {
-		return s.writeErr
-	}
-
-	// Write CRC
-	if e.o.crc && s.err == nil {
-		// heap alloc.
-		var tmp [4]byte
-		_, s.err = s.w.Write(s.encoder.AppendCRC(tmp[:0]))
-		s.nWritten += 4
-	}
-
-	// Add padding with content from crypto/rand.Reader
-	if s.err == nil && e.o.pad > 0 {
-		add := calcSkippableFrame(s.nWritten, int64(e.o.pad))
-		frame, err := skippableFrame(s.filling[:0], add, rand.Reader)
-		if err != nil {
-			return err
-		}
-		_, s.err = s.w.Write(frame)
-	}
-	if s.err == nil {
-		s.err = ErrEncoderClosed
-		return nil
-	}
-
-	return s.err
-}
-
-// EncodeAll will encode all input in src and append it to dst.
-// This function can be called concurrently, but each call will only run on a single goroutine.
-// If empty input is given, nothing is returned, unless WithZeroFrames is specified.
-// Encoded blocks can be concatenated and the result will be the combined input stream.
-// Data compressed with EncodeAll can be decoded with the Decoder,
-// using either a stream or DecodeAll.
-func (e *Encoder) EncodeAll(src, dst []byte) []byte {
-	e.init.Do(e.initialize)
-	enc := <-e.encoders
-	defer func() {
-		e.encoders <- enc
-	}()
-	return e.encodeAll(enc, src, dst)
-}
-
-func (e *Encoder) encodeAll(enc encoder, src, dst []byte) []byte {
-	if len(src) == 0 {
-		if e.o.fullZero {
-			// Add frame header.
-			fh := frameHeader{
-				ContentSize:   0,
-				WindowSize:    MinWindowSize,
-				SingleSegment: true,
-				// Adding a checksum would be a waste of space.
-				Checksum: false,
-				DictID:   0,
-			}
-			dst = fh.appendTo(dst)
-
-			// Write raw block as last one only.
-			var blk blockHeader
-			blk.setSize(0)
-			blk.setType(blockTypeRaw)
-			blk.setLast(true)
-			dst = blk.appendTo(dst)
-		}
-		return dst
-	}
-
-	// Use single segments when above minimum window and below window size.
-	single := len(src) <= e.o.windowSize && len(src) > MinWindowSize
-	if e.o.single != nil {
-		single = *e.o.single
-	}
-	fh := frameHeader{
-		ContentSize:   uint64(len(src)),
-		WindowSize:    uint32(enc.WindowSize(int64(len(src)))),
-		SingleSegment: single,
-		Checksum:      e.o.crc,
-		DictID:        e.o.dict.ID(),
-	}
-
-	// If less than 1MB, allocate a buffer up front.
-	if len(dst) == 0 && cap(dst) == 0 && len(src) < 1<<20 && !e.o.lowMem {
-		dst = make([]byte, 0, len(src))
-	}
-	dst = fh.appendTo(dst)
-
-	// If we can do everything in one block, prefer that.
-	if len(src) <= e.o.blockSize {
-		enc.Reset(e.o.dict, true)
-		// Slightly faster with no history and everything in one block.
-		if e.o.crc {
-			_, _ = enc.CRC().Write(src)
-		}
-		blk := enc.Block()
-		blk.last = true
-		if e.o.dict == nil {
-			enc.EncodeNoHist(blk, src)
-		} else {
-			enc.Encode(blk, src)
-		}
-
-		// If we got the exact same number of literals as input,
-		// assume the literals cannot be compressed.
-		oldout := blk.output
-		// Output directly to dst
-		blk.output = dst
-
-		err := blk.encode(src, e.o.noEntropy, !e.o.allLitEntropy)
-		if err != nil {
-			panic(err)
-		}
-		dst = blk.output
-		blk.output = oldout
-	} else {
-		enc.Reset(e.o.dict, false)
-		blk := enc.Block()
-		for len(src) > 0 {
-			todo := src
-			if len(todo) > e.o.blockSize {
-				todo = todo[:e.o.blockSize]
-			}
-			src = src[len(todo):]
-			if e.o.crc {
-				_, _ = enc.CRC().Write(todo)
-			}
-			blk.pushOffsets()
-			enc.Encode(blk, todo)
-			if len(src) == 0 {
-				blk.last = true
-			}
-			err := blk.encode(todo, e.o.noEntropy, !e.o.allLitEntropy)
-			if err != nil {
-				panic(err)
-			}
-			dst = append(dst, blk.output...)
-			blk.reset(nil)
-		}
-	}
-	if e.o.crc {
-		dst = enc.AppendCRC(dst)
-	}
-	// Add padding with content from crypto/rand.Reader
-	if e.o.pad > 0 {
-		add := calcSkippableFrame(int64(len(dst)), int64(e.o.pad))
-		var err error
-		dst, err = skippableFrame(dst, add, rand.Reader)
-		if err != nil {
-			panic(err)
-		}
-	}
-	return dst
-}
-
-// MaxEncodedSize returns the expected maximum
-// size of an encoded block or stream.
-func (e *Encoder) MaxEncodedSize(size int) int {
-	frameHeader := 4 + 2 // magic + frame header & window descriptor
-	if e.o.dict != nil {
-		frameHeader += 4
-	}
-	// Frame content size:
-	if size < 256 {
-		frameHeader++
-	} else if size < 65536+256 {
-		frameHeader += 2
-	} else if size < math.MaxInt32 {
-		frameHeader += 4
-	} else {
-		frameHeader += 8
-	}
-	// Final crc
-	if e.o.crc {
-		frameHeader += 4
-	}
-
-	// Max overhead is 3 bytes/block.
-	// There cannot be 0 blocks.
-	blocks := (size + e.o.blockSize) / e.o.blockSize
-
-	// Combine, add padding.
-	maxSz := frameHeader + 3*blocks + size
-	if e.o.pad > 1 {
-		maxSz += calcSkippableFrame(int64(maxSz), int64(e.o.pad))
-	}
-	return maxSz
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/encoder_options.go b/vendor/github.com/klauspost/compress/zstd/encoder_options.go
deleted file mode 100644
index 20671dcb9..000000000
--- a/vendor/github.com/klauspost/compress/zstd/encoder_options.go
+++ /dev/null
@@ -1,339 +0,0 @@
-package zstd
-
-import (
-	"errors"
-	"fmt"
-	"math"
-	"math/bits"
-	"runtime"
-	"strings"
-)
-
-// EOption is an option for creating a encoder.
-type EOption func(*encoderOptions) error
-
-// options retains accumulated state of multiple options.
-type encoderOptions struct {
-	concurrent      int
-	level           EncoderLevel
-	single          *bool
-	pad             int
-	blockSize       int
-	windowSize      int
-	crc             bool
-	fullZero        bool
-	noEntropy       bool
-	allLitEntropy   bool
-	customWindow    bool
-	customALEntropy bool
-	customBlockSize bool
-	lowMem          bool
-	dict            *dict
-}
-
-func (o *encoderOptions) setDefault() {
-	*o = encoderOptions{
-		concurrent:    runtime.GOMAXPROCS(0),
-		crc:           true,
-		single:        nil,
-		blockSize:     maxCompressedBlockSize,
-		windowSize:    8 << 20,
-		level:         SpeedDefault,
-		allLitEntropy: false,
-		lowMem:        false,
-	}
-}
-
-// encoder returns an encoder with the selected options.
-func (o encoderOptions) encoder() encoder {
-	switch o.level {
-	case SpeedFastest:
-		if o.dict != nil {
-			return &fastEncoderDict{fastEncoder: fastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}}
-		}
-		return &fastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}
-
-	case SpeedDefault:
-		if o.dict != nil {
-			return &doubleFastEncoderDict{fastEncoderDict: fastEncoderDict{fastEncoder: fastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}}}
-		}
-		return &doubleFastEncoder{fastEncoder: fastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}}
-	case SpeedBetterCompression:
-		if o.dict != nil {
-			return &betterFastEncoderDict{betterFastEncoder: betterFastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}}
-		}
-		return &betterFastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}
-	case SpeedBestCompression:
-		return &bestFastEncoder{fastBase: fastBase{maxMatchOff: int32(o.windowSize), bufferReset: math.MaxInt32 - int32(o.windowSize*2), lowMem: o.lowMem}}
-	}
-	panic("unknown compression level")
-}
-
-// WithEncoderCRC will add CRC value to output.
-// Output will be 4 bytes larger.
-func WithEncoderCRC(b bool) EOption {
-	return func(o *encoderOptions) error { o.crc = b; return nil }
-}
-
-// WithEncoderConcurrency will set the concurrency,
-// meaning the maximum number of encoders to run concurrently.
-// The value supplied must be at least 1.
-// For streams, setting a value of 1 will disable async compression.
-// By default this will be set to GOMAXPROCS.
-func WithEncoderConcurrency(n int) EOption {
-	return func(o *encoderOptions) error {
-		if n <= 0 {
-			return fmt.Errorf("concurrency must be at least 1")
-		}
-		o.concurrent = n
-		return nil
-	}
-}
-
-// WithWindowSize will set the maximum allowed back-reference distance.
-// The value must be a power of two between MinWindowSize and MaxWindowSize.
-// A larger value will enable better compression but allocate more memory and,
-// for above-default values, take considerably longer.
-// The default value is determined by the compression level and max 8MB.
-func WithWindowSize(n int) EOption {
-	return func(o *encoderOptions) error {
-		switch {
-		case n < MinWindowSize:
-			return fmt.Errorf("window size must be at least %d", MinWindowSize)
-		case n > MaxWindowSize:
-			return fmt.Errorf("window size must be at most %d", MaxWindowSize)
-		case (n & (n - 1)) != 0:
-			return errors.New("window size must be a power of 2")
-		}
-
-		o.windowSize = n
-		o.customWindow = true
-		if o.blockSize > o.windowSize {
-			o.blockSize = o.windowSize
-			o.customBlockSize = true
-		}
-		return nil
-	}
-}
-
-// WithEncoderPadding will add padding to all output so the size will be a multiple of n.
-// This can be used to obfuscate the exact output size or make blocks of a certain size.
-// The contents will be a skippable frame, so it will be invisible by the decoder.
-// n must be > 0 and <= 1GB, 1<<30 bytes.
-// The padded area will be filled with data from crypto/rand.Reader.
-// If `EncodeAll` is used with data already in the destination, the total size will be multiple of this.
-func WithEncoderPadding(n int) EOption {
-	return func(o *encoderOptions) error {
-		if n <= 0 {
-			return fmt.Errorf("padding must be at least 1")
-		}
-		// No need to waste our time.
-		if n == 1 {
-			n = 0
-		}
-		if n > 1<<30 {
-			return fmt.Errorf("padding must less than 1GB (1<<30 bytes) ")
-		}
-		o.pad = n
-		return nil
-	}
-}
-
-// EncoderLevel predefines encoder compression levels.
-// Only use the constants made available, since the actual mapping
-// of these values are very likely to change and your compression could change
-// unpredictably when upgrading the library.
-type EncoderLevel int
-
-const (
-	speedNotSet EncoderLevel = iota
-
-	// SpeedFastest will choose the fastest reasonable compression.
-	// This is roughly equivalent to the fastest Zstandard mode.
-	SpeedFastest
-
-	// SpeedDefault is the default "pretty fast" compression option.
-	// This is roughly equivalent to the default Zstandard mode (level 3).
-	SpeedDefault
-
-	// SpeedBetterCompression will yield better compression than the default.
-	// Currently it is about zstd level 7-8 with ~ 2x-3x the default CPU usage.
-	// By using this, notice that CPU usage may go up in the future.
-	SpeedBetterCompression
-
-	// SpeedBestCompression will choose the best available compression option.
-	// This will offer the best compression no matter the CPU cost.
-	SpeedBestCompression
-
-	// speedLast should be kept as the last actual compression option.
-	// The is not for external usage, but is used to keep track of the valid options.
-	speedLast
-)
-
-// EncoderLevelFromString will convert a string representation of an encoding level back
-// to a compression level. The compare is not case sensitive.
-// If the string wasn't recognized, (false, SpeedDefault) will be returned.
-func EncoderLevelFromString(s string) (bool, EncoderLevel) {
-	for l := speedNotSet + 1; l < speedLast; l++ {
-		if strings.EqualFold(s, l.String()) {
-			return true, l
-		}
-	}
-	return false, SpeedDefault
-}
-
-// EncoderLevelFromZstd will return an encoder level that closest matches the compression
-// ratio of a specific zstd compression level.
-// Many input values will provide the same compression level.
-func EncoderLevelFromZstd(level int) EncoderLevel {
-	switch {
-	case level < 3:
-		return SpeedFastest
-	case level >= 3 && level < 6:
-		return SpeedDefault
-	case level >= 6 && level < 10:
-		return SpeedBetterCompression
-	default:
-		return SpeedBestCompression
-	}
-}
-
-// String provides a string representation of the compression level.
-func (e EncoderLevel) String() string {
-	switch e {
-	case SpeedFastest:
-		return "fastest"
-	case SpeedDefault:
-		return "default"
-	case SpeedBetterCompression:
-		return "better"
-	case SpeedBestCompression:
-		return "best"
-	default:
-		return "invalid"
-	}
-}
-
-// WithEncoderLevel specifies a predefined compression level.
-func WithEncoderLevel(l EncoderLevel) EOption {
-	return func(o *encoderOptions) error {
-		switch {
-		case l <= speedNotSet || l >= speedLast:
-			return fmt.Errorf("unknown encoder level")
-		}
-		o.level = l
-		if !o.customWindow {
-			switch o.level {
-			case SpeedFastest:
-				o.windowSize = 4 << 20
-				if !o.customBlockSize {
-					o.blockSize = 1 << 16
-				}
-			case SpeedDefault:
-				o.windowSize = 8 << 20
-			case SpeedBetterCompression:
-				o.windowSize = 8 << 20
-			case SpeedBestCompression:
-				o.windowSize = 8 << 20
-			}
-		}
-		if !o.customALEntropy {
-			o.allLitEntropy = l > SpeedDefault
-		}
-
-		return nil
-	}
-}
-
-// WithZeroFrames will encode 0 length input as full frames.
-// This can be needed for compatibility with zstandard usage,
-// but is not needed for this package.
-func WithZeroFrames(b bool) EOption {
-	return func(o *encoderOptions) error {
-		o.fullZero = b
-		return nil
-	}
-}
-
-// WithAllLitEntropyCompression will apply entropy compression if no matches are found.
-// Disabling this will skip incompressible data faster, but in cases with no matches but
-// skewed character distribution compression is lost.
-// Default value depends on the compression level selected.
-func WithAllLitEntropyCompression(b bool) EOption {
-	return func(o *encoderOptions) error {
-		o.customALEntropy = true
-		o.allLitEntropy = b
-		return nil
-	}
-}
-
-// WithNoEntropyCompression will always skip entropy compression of literals.
-// This can be useful if content has matches, but unlikely to benefit from entropy
-// compression. Usually the slight speed improvement is not worth enabling this.
-func WithNoEntropyCompression(b bool) EOption {
-	return func(o *encoderOptions) error {
-		o.noEntropy = b
-		return nil
-	}
-}
-
-// WithSingleSegment will set the "single segment" flag when EncodeAll is used.
-// If this flag is set, data must be regenerated within a single continuous memory segment.
-// In this case, Window_Descriptor byte is skipped, but Frame_Content_Size is necessarily present.
-// As a consequence, the decoder must allocate a memory segment of size equal or larger than size of your content.
-// In order to preserve the decoder from unreasonable memory requirements,
-// a decoder is allowed to reject a compressed frame which requests a memory size beyond decoder's authorized range.
-// For broader compatibility, decoders are recommended to support memory sizes of at least 8 MB.
-// This is only a recommendation, each decoder is free to support higher or lower limits, depending on local limitations.
-// If this is not specified, block encodes will automatically choose this based on the input size and the window size.
-// This setting has no effect on streamed encodes.
-func WithSingleSegment(b bool) EOption {
-	return func(o *encoderOptions) error {
-		o.single = &b
-		return nil
-	}
-}
-
-// WithLowerEncoderMem will trade in some memory cases trade less memory usage for
-// slower encoding speed.
-// This will not change the window size which is the primary function for reducing
-// memory usage. See WithWindowSize.
-func WithLowerEncoderMem(b bool) EOption {
-	return func(o *encoderOptions) error {
-		o.lowMem = b
-		return nil
-	}
-}
-
-// WithEncoderDict allows to register a dictionary that will be used for the encode.
-//
-// The slice dict must be in the [dictionary format] produced by
-// "zstd --train" from the Zstandard reference implementation.
-//
-// The encoder *may* choose to use no dictionary instead for certain payloads.
-//
-// [dictionary format]: https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#dictionary-format
-func WithEncoderDict(dict []byte) EOption {
-	return func(o *encoderOptions) error {
-		d, err := loadDict(dict)
-		if err != nil {
-			return err
-		}
-		o.dict = d
-		return nil
-	}
-}
-
-// WithEncoderDictRaw registers a dictionary that may be used by the encoder.
-//
-// The slice content may contain arbitrary data. It will be used as an initial
-// history.
-func WithEncoderDictRaw(id uint32, content []byte) EOption {
-	return func(o *encoderOptions) error {
-		if bits.UintSize > 32 && uint(len(content)) > dictMaxLength {
-			return fmt.Errorf("dictionary of size %d > 2GiB too large", len(content))
-		}
-		o.dict = &dict{id: id, content: content, offsets: [3]int{1, 4, 8}}
-		return nil
-	}
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/framedec.go b/vendor/github.com/klauspost/compress/zstd/framedec.go
deleted file mode 100644
index e47af66e7..000000000
--- a/vendor/github.com/klauspost/compress/zstd/framedec.go
+++ /dev/null
@@ -1,415 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"encoding/binary"
-	"encoding/hex"
-	"errors"
-	"io"
-
-	"github.com/klauspost/compress/zstd/internal/xxhash"
-)
-
-type frameDec struct {
-	o   decoderOptions
-	crc *xxhash.Digest
-
-	WindowSize uint64
-
-	// Frame history passed between blocks
-	history history
-
-	rawInput byteBuffer
-
-	// Byte buffer that can be reused for small input blocks.
-	bBuf byteBuf
-
-	FrameContentSize uint64
-
-	DictionaryID  uint32
-	HasCheckSum   bool
-	SingleSegment bool
-}
-
-const (
-	// MinWindowSize is the minimum Window Size, which is 1 KB.
-	MinWindowSize = 1 << 10
-
-	// MaxWindowSize is the maximum encoder window size
-	// and the default decoder maximum window size.
-	MaxWindowSize = 1 << 29
-)
-
-const (
-	frameMagic          = "\x28\xb5\x2f\xfd"
-	skippableFrameMagic = "\x2a\x4d\x18"
-)
-
-func newFrameDec(o decoderOptions) *frameDec {
-	if o.maxWindowSize > o.maxDecodedSize {
-		o.maxWindowSize = o.maxDecodedSize
-	}
-	d := frameDec{
-		o: o,
-	}
-	return &d
-}
-
-// reset will read the frame header and prepare for block decoding.
-// If nothing can be read from the input, io.EOF will be returned.
-// Any other error indicated that the stream contained data, but
-// there was a problem.
-func (d *frameDec) reset(br byteBuffer) error {
-	d.HasCheckSum = false
-	d.WindowSize = 0
-	var signature [4]byte
-	for {
-		var err error
-		// Check if we can read more...
-		b, err := br.readSmall(1)
-		switch err {
-		case io.EOF, io.ErrUnexpectedEOF:
-			return io.EOF
-		case nil:
-			signature[0] = b[0]
-		default:
-			return err
-		}
-		// Read the rest, don't allow io.ErrUnexpectedEOF
-		b, err = br.readSmall(3)
-		switch err {
-		case io.EOF:
-			return io.EOF
-		case nil:
-			copy(signature[1:], b)
-		default:
-			return err
-		}
-
-		if string(signature[1:4]) != skippableFrameMagic || signature[0]&0xf0 != 0x50 {
-			if debugDecoder {
-				println("Not skippable", hex.EncodeToString(signature[:]), hex.EncodeToString([]byte(skippableFrameMagic)))
-			}
-			// Break if not skippable frame.
-			break
-		}
-		// Read size to skip
-		b, err = br.readSmall(4)
-		if err != nil {
-			if debugDecoder {
-				println("Reading Frame Size", err)
-			}
-			return err
-		}
-		n := uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
-		println("Skipping frame with", n, "bytes.")
-		err = br.skipN(int64(n))
-		if err != nil {
-			if debugDecoder {
-				println("Reading discarded frame", err)
-			}
-			return err
-		}
-	}
-	if string(signature[:]) != frameMagic {
-		if debugDecoder {
-			println("Got magic numbers: ", signature, "want:", []byte(frameMagic))
-		}
-		return ErrMagicMismatch
-	}
-
-	// Read Frame_Header_Descriptor
-	fhd, err := br.readByte()
-	if err != nil {
-		if debugDecoder {
-			println("Reading Frame_Header_Descriptor", err)
-		}
-		return err
-	}
-	d.SingleSegment = fhd&(1<<5) != 0
-
-	if fhd&(1<<3) != 0 {
-		return errors.New("reserved bit set on frame header")
-	}
-
-	// Read Window_Descriptor
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#window_descriptor
-	d.WindowSize = 0
-	if !d.SingleSegment {
-		wd, err := br.readByte()
-		if err != nil {
-			if debugDecoder {
-				println("Reading Window_Descriptor", err)
-			}
-			return err
-		}
-		if debugDecoder {
-			printf("raw: %x, mantissa: %d, exponent: %d\n", wd, wd&7, wd>>3)
-		}
-		windowLog := 10 + (wd >> 3)
-		windowBase := uint64(1) << windowLog
-		windowAdd := (windowBase / 8) * uint64(wd&0x7)
-		d.WindowSize = windowBase + windowAdd
-	}
-
-	// Read Dictionary_ID
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#dictionary_id
-	d.DictionaryID = 0
-	if size := fhd & 3; size != 0 {
-		if size == 3 {
-			size = 4
-		}
-
-		b, err := br.readSmall(int(size))
-		if err != nil {
-			println("Reading Dictionary_ID", err)
-			return err
-		}
-		var id uint32
-		switch len(b) {
-		case 1:
-			id = uint32(b[0])
-		case 2:
-			id = uint32(b[0]) | (uint32(b[1]) << 8)
-		case 4:
-			id = uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
-		}
-		if debugDecoder {
-			println("Dict size", size, "ID:", id)
-		}
-		d.DictionaryID = id
-	}
-
-	// Read Frame_Content_Size
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#frame_content_size
-	var fcsSize int
-	v := fhd >> 6
-	switch v {
-	case 0:
-		if d.SingleSegment {
-			fcsSize = 1
-		}
-	default:
-		fcsSize = 1 << v
-	}
-	d.FrameContentSize = fcsUnknown
-	if fcsSize > 0 {
-		b, err := br.readSmall(fcsSize)
-		if err != nil {
-			println("Reading Frame content", err)
-			return err
-		}
-		switch len(b) {
-		case 1:
-			d.FrameContentSize = uint64(b[0])
-		case 2:
-			// When FCS_Field_Size is 2, the offset of 256 is added.
-			d.FrameContentSize = uint64(b[0]) | (uint64(b[1]) << 8) + 256
-		case 4:
-			d.FrameContentSize = uint64(b[0]) | (uint64(b[1]) << 8) | (uint64(b[2]) << 16) | (uint64(b[3]) << 24)
-		case 8:
-			d1 := uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
-			d2 := uint32(b[4]) | (uint32(b[5]) << 8) | (uint32(b[6]) << 16) | (uint32(b[7]) << 24)
-			d.FrameContentSize = uint64(d1) | (uint64(d2) << 32)
-		}
-		if debugDecoder {
-			println("Read FCS:", d.FrameContentSize)
-		}
-	}
-
-	// Move this to shared.
-	d.HasCheckSum = fhd&(1<<2) != 0
-	if d.HasCheckSum {
-		if d.crc == nil {
-			d.crc = xxhash.New()
-		}
-		d.crc.Reset()
-	}
-
-	if d.WindowSize > d.o.maxWindowSize {
-		if debugDecoder {
-			printf("window size %d > max %d\n", d.WindowSize, d.o.maxWindowSize)
-		}
-		return ErrWindowSizeExceeded
-	}
-
-	if d.WindowSize == 0 && d.SingleSegment {
-		// We may not need window in this case.
-		d.WindowSize = d.FrameContentSize
-		if d.WindowSize < MinWindowSize {
-			d.WindowSize = MinWindowSize
-		}
-		if d.WindowSize > d.o.maxDecodedSize {
-			if debugDecoder {
-				printf("window size %d > max %d\n", d.WindowSize, d.o.maxWindowSize)
-			}
-			return ErrDecoderSizeExceeded
-		}
-	}
-
-	// The minimum Window_Size is 1 KB.
-	if d.WindowSize < MinWindowSize {
-		if debugDecoder {
-			println("got window size: ", d.WindowSize)
-		}
-		return ErrWindowSizeTooSmall
-	}
-	d.history.windowSize = int(d.WindowSize)
-	if !d.o.lowMem || d.history.windowSize < maxBlockSize {
-		// Alloc 2x window size if not low-mem, or window size below 2MB.
-		d.history.allocFrameBuffer = d.history.windowSize * 2
-	} else {
-		if d.o.lowMem {
-			// Alloc with 1MB extra.
-			d.history.allocFrameBuffer = d.history.windowSize + maxBlockSize/2
-		} else {
-			// Alloc with 2MB extra.
-			d.history.allocFrameBuffer = d.history.windowSize + maxBlockSize
-		}
-	}
-
-	if debugDecoder {
-		println("Frame: Dict:", d.DictionaryID, "FrameContentSize:", d.FrameContentSize, "singleseg:", d.SingleSegment, "window:", d.WindowSize, "crc:", d.HasCheckSum)
-	}
-
-	// history contains input - maybe we do something
-	d.rawInput = br
-	return nil
-}
-
-// next will start decoding the next block from stream.
-func (d *frameDec) next(block *blockDec) error {
-	if debugDecoder {
-		println("decoding new block")
-	}
-	err := block.reset(d.rawInput, d.WindowSize)
-	if err != nil {
-		println("block error:", err)
-		// Signal the frame decoder we have a problem.
-		block.sendErr(err)
-		return err
-	}
-	return nil
-}
-
-// checkCRC will check the checksum, assuming the frame has one.
-// Will return ErrCRCMismatch if crc check failed, otherwise nil.
-func (d *frameDec) checkCRC() error {
-	// We can overwrite upper tmp now
-	buf, err := d.rawInput.readSmall(4)
-	if err != nil {
-		println("CRC missing?", err)
-		return err
-	}
-
-	want := binary.LittleEndian.Uint32(buf[:4])
-	got := uint32(d.crc.Sum64())
-
-	if got != want {
-		if debugDecoder {
-			printf("CRC check failed: got %08x, want %08x\n", got, want)
-		}
-		return ErrCRCMismatch
-	}
-	if debugDecoder {
-		printf("CRC ok %08x\n", got)
-	}
-	return nil
-}
-
-// consumeCRC skips over the checksum, assuming the frame has one.
-func (d *frameDec) consumeCRC() error {
-	_, err := d.rawInput.readSmall(4)
-	if err != nil {
-		println("CRC missing?", err)
-	}
-	return err
-}
-
-// runDecoder will run the decoder for the remainder of the frame.
-func (d *frameDec) runDecoder(dst []byte, dec *blockDec) ([]byte, error) {
-	saved := d.history.b
-
-	// We use the history for output to avoid copying it.
-	d.history.b = dst
-	d.history.ignoreBuffer = len(dst)
-	// Store input length, so we only check new data.
-	crcStart := len(dst)
-	d.history.decoders.maxSyncLen = 0
-	if d.o.limitToCap {
-		d.history.decoders.maxSyncLen = uint64(cap(dst) - len(dst))
-	}
-	if d.FrameContentSize != fcsUnknown {
-		if !d.o.limitToCap || d.FrameContentSize+uint64(len(dst)) < d.history.decoders.maxSyncLen {
-			d.history.decoders.maxSyncLen = d.FrameContentSize + uint64(len(dst))
-		}
-		if d.history.decoders.maxSyncLen > d.o.maxDecodedSize {
-			if debugDecoder {
-				println("maxSyncLen:", d.history.decoders.maxSyncLen, "> maxDecodedSize:", d.o.maxDecodedSize)
-			}
-			return dst, ErrDecoderSizeExceeded
-		}
-		if debugDecoder {
-			println("maxSyncLen:", d.history.decoders.maxSyncLen)
-		}
-		if !d.o.limitToCap && uint64(cap(dst)) < d.history.decoders.maxSyncLen {
-			// Alloc for output
-			dst2 := make([]byte, len(dst), d.history.decoders.maxSyncLen+compressedBlockOverAlloc)
-			copy(dst2, dst)
-			dst = dst2
-		}
-	}
-	var err error
-	for {
-		err = dec.reset(d.rawInput, d.WindowSize)
-		if err != nil {
-			break
-		}
-		if debugDecoder {
-			println("next block:", dec)
-		}
-		err = dec.decodeBuf(&d.history)
-		if err != nil {
-			break
-		}
-		if uint64(len(d.history.b)-crcStart) > d.o.maxDecodedSize {
-			println("runDecoder: maxDecodedSize exceeded", uint64(len(d.history.b)-crcStart), ">", d.o.maxDecodedSize)
-			err = ErrDecoderSizeExceeded
-			break
-		}
-		if d.o.limitToCap && len(d.history.b) > cap(dst) {
-			println("runDecoder: cap exceeded", uint64(len(d.history.b)), ">", cap(dst))
-			err = ErrDecoderSizeExceeded
-			break
-		}
-		if uint64(len(d.history.b)-crcStart) > d.FrameContentSize {
-			println("runDecoder: FrameContentSize exceeded", uint64(len(d.history.b)-crcStart), ">", d.FrameContentSize)
-			err = ErrFrameSizeExceeded
-			break
-		}
-		if dec.Last {
-			break
-		}
-		if debugDecoder {
-			println("runDecoder: FrameContentSize", uint64(len(d.history.b)-crcStart), "<=", d.FrameContentSize)
-		}
-	}
-	dst = d.history.b
-	if err == nil {
-		if d.FrameContentSize != fcsUnknown && uint64(len(d.history.b)-crcStart) != d.FrameContentSize {
-			err = ErrFrameSizeMismatch
-		} else if d.HasCheckSum {
-			if d.o.ignoreChecksum {
-				err = d.consumeCRC()
-			} else {
-				d.crc.Write(dst[crcStart:])
-				err = d.checkCRC()
-			}
-		}
-	}
-	d.history.b = saved
-	return dst, err
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/frameenc.go b/vendor/github.com/klauspost/compress/zstd/frameenc.go
deleted file mode 100644
index 667ca0679..000000000
--- a/vendor/github.com/klauspost/compress/zstd/frameenc.go
+++ /dev/null
@@ -1,137 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"encoding/binary"
-	"fmt"
-	"io"
-	"math"
-	"math/bits"
-)
-
-type frameHeader struct {
-	ContentSize   uint64
-	WindowSize    uint32
-	SingleSegment bool
-	Checksum      bool
-	DictID        uint32
-}
-
-const maxHeaderSize = 14
-
-func (f frameHeader) appendTo(dst []byte) []byte {
-	dst = append(dst, frameMagic...)
-	var fhd uint8
-	if f.Checksum {
-		fhd |= 1 << 2
-	}
-	if f.SingleSegment {
-		fhd |= 1 << 5
-	}
-
-	var dictIDContent []byte
-	if f.DictID > 0 {
-		var tmp [4]byte
-		if f.DictID < 256 {
-			fhd |= 1
-			tmp[0] = uint8(f.DictID)
-			dictIDContent = tmp[:1]
-		} else if f.DictID < 1<<16 {
-			fhd |= 2
-			binary.LittleEndian.PutUint16(tmp[:2], uint16(f.DictID))
-			dictIDContent = tmp[:2]
-		} else {
-			fhd |= 3
-			binary.LittleEndian.PutUint32(tmp[:4], f.DictID)
-			dictIDContent = tmp[:4]
-		}
-	}
-	var fcs uint8
-	if f.ContentSize >= 256 {
-		fcs++
-	}
-	if f.ContentSize >= 65536+256 {
-		fcs++
-	}
-	if f.ContentSize >= 0xffffffff {
-		fcs++
-	}
-
-	fhd |= fcs << 6
-
-	dst = append(dst, fhd)
-	if !f.SingleSegment {
-		const winLogMin = 10
-		windowLog := (bits.Len32(f.WindowSize-1) - winLogMin) << 3
-		dst = append(dst, uint8(windowLog))
-	}
-	if f.DictID > 0 {
-		dst = append(dst, dictIDContent...)
-	}
-	switch fcs {
-	case 0:
-		if f.SingleSegment {
-			dst = append(dst, uint8(f.ContentSize))
-		}
-		// Unless SingleSegment is set, framessizes < 256 are not stored.
-	case 1:
-		f.ContentSize -= 256
-		dst = append(dst, uint8(f.ContentSize), uint8(f.ContentSize>>8))
-	case 2:
-		dst = append(dst, uint8(f.ContentSize), uint8(f.ContentSize>>8), uint8(f.ContentSize>>16), uint8(f.ContentSize>>24))
-	case 3:
-		dst = append(dst, uint8(f.ContentSize), uint8(f.ContentSize>>8), uint8(f.ContentSize>>16), uint8(f.ContentSize>>24),
-			uint8(f.ContentSize>>32), uint8(f.ContentSize>>40), uint8(f.ContentSize>>48), uint8(f.ContentSize>>56))
-	default:
-		panic("invalid fcs")
-	}
-	return dst
-}
-
-const skippableFrameHeader = 4 + 4
-
-// calcSkippableFrame will return a total size to be added for written
-// to be divisible by multiple.
-// The value will always be > skippableFrameHeader.
-// The function will panic if written < 0 or wantMultiple <= 0.
-func calcSkippableFrame(written, wantMultiple int64) int {
-	if wantMultiple <= 0 {
-		panic("wantMultiple <= 0")
-	}
-	if written < 0 {
-		panic("written < 0")
-	}
-	leftOver := written % wantMultiple
-	if leftOver == 0 {
-		return 0
-	}
-	toAdd := wantMultiple - leftOver
-	for toAdd < skippableFrameHeader {
-		toAdd += wantMultiple
-	}
-	return int(toAdd)
-}
-
-// skippableFrame will add a skippable frame with a total size of bytes.
-// total should be >= skippableFrameHeader and < math.MaxUint32.
-func skippableFrame(dst []byte, total int, r io.Reader) ([]byte, error) {
-	if total == 0 {
-		return dst, nil
-	}
-	if total < skippableFrameHeader {
-		return dst, fmt.Errorf("requested skippable frame (%d) < 8", total)
-	}
-	if int64(total) > math.MaxUint32 {
-		return dst, fmt.Errorf("requested skippable frame (%d) > max uint32", total)
-	}
-	dst = append(dst, 0x50, 0x2a, 0x4d, 0x18)
-	f := uint32(total - skippableFrameHeader)
-	dst = append(dst, uint8(f), uint8(f>>8), uint8(f>>16), uint8(f>>24))
-	start := len(dst)
-	dst = append(dst, make([]byte, f)...)
-	_, err := io.ReadFull(r, dst[start:])
-	return dst, err
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_decoder.go b/vendor/github.com/klauspost/compress/zstd/fse_decoder.go
deleted file mode 100644
index 2f8860a72..000000000
--- a/vendor/github.com/klauspost/compress/zstd/fse_decoder.go
+++ /dev/null
@@ -1,307 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"encoding/binary"
-	"errors"
-	"fmt"
-	"io"
-)
-
-const (
-	tablelogAbsoluteMax = 9
-)
-
-const (
-	/*!MEMORY_USAGE :
-	 *  Memory usage formula : N->2^N Bytes (examples : 10 -> 1KB; 12 -> 4KB ; 16 -> 64KB; 20 -> 1MB; etc.)
-	 *  Increasing memory usage improves compression ratio
-	 *  Reduced memory usage can improve speed, due to cache effect
-	 *  Recommended max value is 14, for 16KB, which nicely fits into Intel x86 L1 cache */
-	maxMemoryUsage = tablelogAbsoluteMax + 2
-
-	maxTableLog    = maxMemoryUsage - 2
-	maxTablesize   = 1 << maxTableLog
-	maxTableMask   = (1 << maxTableLog) - 1
-	minTablelog    = 5
-	maxSymbolValue = 255
-)
-
-// fseDecoder provides temporary storage for compression and decompression.
-type fseDecoder struct {
-	dt             [maxTablesize]decSymbol // Decompression table.
-	symbolLen      uint16                  // Length of active part of the symbol table.
-	actualTableLog uint8                   // Selected tablelog.
-	maxBits        uint8                   // Maximum number of additional bits
-
-	// used for table creation to avoid allocations.
-	stateTable [256]uint16
-	norm       [maxSymbolValue + 1]int16
-	preDefined bool
-}
-
-// tableStep returns the next table index.
-func tableStep(tableSize uint32) uint32 {
-	return (tableSize >> 1) + (tableSize >> 3) + 3
-}
-
-// readNCount will read the symbol distribution so decoding tables can be constructed.
-func (s *fseDecoder) readNCount(b *byteReader, maxSymbol uint16) error {
-	var (
-		charnum   uint16
-		previous0 bool
-	)
-	if b.remain() < 4 {
-		return errors.New("input too small")
-	}
-	bitStream := b.Uint32NC()
-	nbBits := uint((bitStream & 0xF) + minTablelog) // extract tableLog
-	if nbBits > tablelogAbsoluteMax {
-		println("Invalid tablelog:", nbBits)
-		return errors.New("tableLog too large")
-	}
-	bitStream >>= 4
-	bitCount := uint(4)
-
-	s.actualTableLog = uint8(nbBits)
-	remaining := int32((1 << nbBits) + 1)
-	threshold := int32(1 << nbBits)
-	gotTotal := int32(0)
-	nbBits++
-
-	for remaining > 1 && charnum <= maxSymbol {
-		if previous0 {
-			//println("prev0")
-			n0 := charnum
-			for (bitStream & 0xFFFF) == 0xFFFF {
-				//println("24 x 0")
-				n0 += 24
-				if r := b.remain(); r > 5 {
-					b.advance(2)
-					// The check above should make sure we can read 32 bits
-					bitStream = b.Uint32NC() >> bitCount
-				} else {
-					// end of bit stream
-					bitStream >>= 16
-					bitCount += 16
-				}
-			}
-			//printf("bitstream: %d, 0b%b", bitStream&3, bitStream)
-			for (bitStream & 3) == 3 {
-				n0 += 3
-				bitStream >>= 2
-				bitCount += 2
-			}
-			n0 += uint16(bitStream & 3)
-			bitCount += 2
-
-			if n0 > maxSymbolValue {
-				return errors.New("maxSymbolValue too small")
-			}
-			//println("inserting ", n0-charnum, "zeroes from idx", charnum, "ending before", n0)
-			for charnum < n0 {
-				s.norm[uint8(charnum)] = 0
-				charnum++
-			}
-
-			if r := b.remain(); r >= 7 || r-int(bitCount>>3) >= 4 {
-				b.advance(bitCount >> 3)
-				bitCount &= 7
-				// The check above should make sure we can read 32 bits
-				bitStream = b.Uint32NC() >> bitCount
-			} else {
-				bitStream >>= 2
-			}
-		}
-
-		max := (2*threshold - 1) - remaining
-		var count int32
-
-		if int32(bitStream)&(threshold-1) < max {
-			count = int32(bitStream) & (threshold - 1)
-			if debugAsserts && nbBits < 1 {
-				panic("nbBits underflow")
-			}
-			bitCount += nbBits - 1
-		} else {
-			count = int32(bitStream) & (2*threshold - 1)
-			if count >= threshold {
-				count -= max
-			}
-			bitCount += nbBits
-		}
-
-		// extra accuracy
-		count--
-		if count < 0 {
-			// -1 means +1
-			remaining += count
-			gotTotal -= count
-		} else {
-			remaining -= count
-			gotTotal += count
-		}
-		s.norm[charnum&0xff] = int16(count)
-		charnum++
-		previous0 = count == 0
-		for remaining < threshold {
-			nbBits--
-			threshold >>= 1
-		}
-
-		if r := b.remain(); r >= 7 || r-int(bitCount>>3) >= 4 {
-			b.advance(bitCount >> 3)
-			bitCount &= 7
-			// The check above should make sure we can read 32 bits
-			bitStream = b.Uint32NC() >> (bitCount & 31)
-		} else {
-			bitCount -= (uint)(8 * (len(b.b) - 4 - b.off))
-			b.off = len(b.b) - 4
-			bitStream = b.Uint32() >> (bitCount & 31)
-		}
-	}
-	s.symbolLen = charnum
-	if s.symbolLen <= 1 {
-		return fmt.Errorf("symbolLen (%d) too small", s.symbolLen)
-	}
-	if s.symbolLen > maxSymbolValue+1 {
-		return fmt.Errorf("symbolLen (%d) too big", s.symbolLen)
-	}
-	if remaining != 1 {
-		return fmt.Errorf("corruption detected (remaining %d != 1)", remaining)
-	}
-	if bitCount > 32 {
-		return fmt.Errorf("corruption detected (bitCount %d > 32)", bitCount)
-	}
-	if gotTotal != 1<> 3)
-	return s.buildDtable()
-}
-
-func (s *fseDecoder) mustReadFrom(r io.Reader) {
-	fatalErr := func(err error) {
-		if err != nil {
-			panic(err)
-		}
-	}
-	// 	dt             [maxTablesize]decSymbol // Decompression table.
-	//	symbolLen      uint16                  // Length of active part of the symbol table.
-	//	actualTableLog uint8                   // Selected tablelog.
-	//	maxBits        uint8                   // Maximum number of additional bits
-	//	// used for table creation to avoid allocations.
-	//	stateTable [256]uint16
-	//	norm       [maxSymbolValue + 1]int16
-	//	preDefined bool
-	fatalErr(binary.Read(r, binary.LittleEndian, &s.dt))
-	fatalErr(binary.Read(r, binary.LittleEndian, &s.symbolLen))
-	fatalErr(binary.Read(r, binary.LittleEndian, &s.actualTableLog))
-	fatalErr(binary.Read(r, binary.LittleEndian, &s.maxBits))
-	fatalErr(binary.Read(r, binary.LittleEndian, &s.stateTable))
-	fatalErr(binary.Read(r, binary.LittleEndian, &s.norm))
-	fatalErr(binary.Read(r, binary.LittleEndian, &s.preDefined))
-}
-
-// decSymbol contains information about a state entry,
-// Including the state offset base, the output symbol and
-// the number of bits to read for the low part of the destination state.
-// Using a composite uint64 is faster than a struct with separate members.
-type decSymbol uint64
-
-func newDecSymbol(nbits, addBits uint8, newState uint16, baseline uint32) decSymbol {
-	return decSymbol(nbits) | (decSymbol(addBits) << 8) | (decSymbol(newState) << 16) | (decSymbol(baseline) << 32)
-}
-
-func (d decSymbol) nbBits() uint8 {
-	return uint8(d)
-}
-
-func (d decSymbol) addBits() uint8 {
-	return uint8(d >> 8)
-}
-
-func (d decSymbol) newState() uint16 {
-	return uint16(d >> 16)
-}
-
-func (d decSymbol) baselineInt() int {
-	return int(d >> 32)
-}
-
-func (d *decSymbol) setNBits(nBits uint8) {
-	const mask = 0xffffffffffffff00
-	*d = (*d & mask) | decSymbol(nBits)
-}
-
-func (d *decSymbol) setAddBits(addBits uint8) {
-	const mask = 0xffffffffffff00ff
-	*d = (*d & mask) | (decSymbol(addBits) << 8)
-}
-
-func (d *decSymbol) setNewState(state uint16) {
-	const mask = 0xffffffff0000ffff
-	*d = (*d & mask) | decSymbol(state)<<16
-}
-
-func (d *decSymbol) setExt(addBits uint8, baseline uint32) {
-	const mask = 0xffff00ff
-	*d = (*d & mask) | (decSymbol(addBits) << 8) | (decSymbol(baseline) << 32)
-}
-
-// decSymbolValue returns the transformed decSymbol for the given symbol.
-func decSymbolValue(symb uint8, t []baseOffset) (decSymbol, error) {
-	if int(symb) >= len(t) {
-		return 0, fmt.Errorf("rle symbol %d >= max %d", symb, len(t))
-	}
-	lu := t[symb]
-	return newDecSymbol(0, lu.addBits, 0, lu.baseLine), nil
-}
-
-// setRLE will set the decoder til RLE mode.
-func (s *fseDecoder) setRLE(symbol decSymbol) {
-	s.actualTableLog = 0
-	s.maxBits = symbol.addBits()
-	s.dt[0] = symbol
-}
-
-// transform will transform the decoder table into a table usable for
-// decoding without having to apply the transformation while decoding.
-// The state will contain the base value and the number of bits to read.
-func (s *fseDecoder) transform(t []baseOffset) error {
-	tableSize := uint16(1 << s.actualTableLog)
-	s.maxBits = 0
-	for i, v := range s.dt[:tableSize] {
-		add := v.addBits()
-		if int(add) >= len(t) {
-			return fmt.Errorf("invalid decoding table entry %d, symbol %d >= max (%d)", i, v.addBits(), len(t))
-		}
-		lu := t[add]
-		if lu.addBits > s.maxBits {
-			s.maxBits = lu.addBits
-		}
-		v.setExt(lu.addBits, lu.baseLine)
-		s.dt[i] = v
-	}
-	return nil
-}
-
-type fseState struct {
-	dt    []decSymbol
-	state decSymbol
-}
-
-// Initialize and decodeAsync first state and symbol.
-func (s *fseState) init(br *bitReader, tableLog uint8, dt []decSymbol) {
-	s.dt = dt
-	br.fill()
-	s.state = dt[br.getBits(tableLog)]
-}
-
-// final returns the current state symbol without decoding the next.
-func (s decSymbol) final() (int, uint8) {
-	return s.baselineInt(), s.addBits()
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.go b/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.go
deleted file mode 100644
index d04a829b0..000000000
--- a/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.go
+++ /dev/null
@@ -1,65 +0,0 @@
-//go:build amd64 && !appengine && !noasm && gc
-// +build amd64,!appengine,!noasm,gc
-
-package zstd
-
-import (
-	"fmt"
-)
-
-type buildDtableAsmContext struct {
-	// inputs
-	stateTable *uint16
-	norm       *int16
-	dt         *uint64
-
-	// outputs --- set by the procedure in the case of error;
-	// for interpretation please see the error handling part below
-	errParam1 uint64
-	errParam2 uint64
-}
-
-// buildDtable_asm is an x86 assembly implementation of fseDecoder.buildDtable.
-// Function returns non-zero exit code on error.
-//
-//go:noescape
-func buildDtable_asm(s *fseDecoder, ctx *buildDtableAsmContext) int
-
-// please keep in sync with _generate/gen_fse.go
-const (
-	errorCorruptedNormalizedCounter = 1
-	errorNewStateTooBig             = 2
-	errorNewStateNoBits             = 3
-)
-
-// buildDtable will build the decoding table.
-func (s *fseDecoder) buildDtable() error {
-	ctx := buildDtableAsmContext{
-		stateTable: &s.stateTable[0],
-		norm:       &s.norm[0],
-		dt:         (*uint64)(&s.dt[0]),
-	}
-	code := buildDtable_asm(s, &ctx)
-
-	if code != 0 {
-		switch code {
-		case errorCorruptedNormalizedCounter:
-			position := ctx.errParam1
-			return fmt.Errorf("corrupted input (position=%d, expected 0)", position)
-
-		case errorNewStateTooBig:
-			newState := decSymbol(ctx.errParam1)
-			size := ctx.errParam2
-			return fmt.Errorf("newState (%d) outside table size (%d)", newState, size)
-
-		case errorNewStateNoBits:
-			newState := decSymbol(ctx.errParam1)
-			oldState := decSymbol(ctx.errParam2)
-			return fmt.Errorf("newState (%d) == oldState (%d) and no bits", newState, oldState)
-
-		default:
-			return fmt.Errorf("buildDtable_asm returned unhandled nonzero code = %d", code)
-		}
-	}
-	return nil
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.s b/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.s
deleted file mode 100644
index bcde39869..000000000
--- a/vendor/github.com/klauspost/compress/zstd/fse_decoder_amd64.s
+++ /dev/null
@@ -1,126 +0,0 @@
-// Code generated by command: go run gen_fse.go -out ../fse_decoder_amd64.s -pkg=zstd. DO NOT EDIT.
-
-//go:build !appengine && !noasm && gc && !noasm
-
-// func buildDtable_asm(s *fseDecoder, ctx *buildDtableAsmContext) int
-TEXT ·buildDtable_asm(SB), $0-24
-	MOVQ ctx+8(FP), CX
-	MOVQ s+0(FP), DI
-
-	// Load values
-	MOVBQZX 4098(DI), DX
-	XORQ    AX, AX
-	BTSQ    DX, AX
-	MOVQ    (CX), BX
-	MOVQ    16(CX), SI
-	LEAQ    -1(AX), R8
-	MOVQ    8(CX), CX
-	MOVWQZX 4096(DI), DI
-
-	// End load values
-	// Init, lay down lowprob symbols
-	XORQ R9, R9
-	JMP  init_main_loop_condition
-
-init_main_loop:
-	MOVWQSX (CX)(R9*2), R10
-	CMPW    R10, $-1
-	JNE     do_not_update_high_threshold
-	MOVB    R9, 1(SI)(R8*8)
-	DECQ    R8
-	MOVQ    $0x0000000000000001, R10
-
-do_not_update_high_threshold:
-	MOVW R10, (BX)(R9*2)
-	INCQ R9
-
-init_main_loop_condition:
-	CMPQ R9, DI
-	JL   init_main_loop
-
-	// Spread symbols
-	// Calculate table step
-	MOVQ AX, R9
-	SHRQ $0x01, R9
-	MOVQ AX, R10
-	SHRQ $0x03, R10
-	LEAQ 3(R9)(R10*1), R9
-
-	// Fill add bits values
-	LEAQ -1(AX), R10
-	XORQ R11, R11
-	XORQ R12, R12
-	JMP  spread_main_loop_condition
-
-spread_main_loop:
-	XORQ    R13, R13
-	MOVWQSX (CX)(R12*2), R14
-	JMP     spread_inner_loop_condition
-
-spread_inner_loop:
-	MOVB R12, 1(SI)(R11*8)
-
-adjust_position:
-	ADDQ R9, R11
-	ANDQ R10, R11
-	CMPQ R11, R8
-	JG   adjust_position
-	INCQ R13
-
-spread_inner_loop_condition:
-	CMPQ R13, R14
-	JL   spread_inner_loop
-	INCQ R12
-
-spread_main_loop_condition:
-	CMPQ  R12, DI
-	JL    spread_main_loop
-	TESTQ R11, R11
-	JZ    spread_check_ok
-	MOVQ  ctx+8(FP), AX
-	MOVQ  R11, 24(AX)
-	MOVQ  $+1, ret+16(FP)
-	RET
-
-spread_check_ok:
-	// Build Decoding table
-	XORQ DI, DI
-
-build_table_main_table:
-	MOVBQZX 1(SI)(DI*8), CX
-	MOVWQZX (BX)(CX*2), R8
-	LEAQ    1(R8), R9
-	MOVW    R9, (BX)(CX*2)
-	MOVQ    R8, R9
-	BSRQ    R9, R9
-	MOVQ    DX, CX
-	SUBQ    R9, CX
-	SHLQ    CL, R8
-	SUBQ    AX, R8
-	MOVB    CL, (SI)(DI*8)
-	MOVW    R8, 2(SI)(DI*8)
-	CMPQ    R8, AX
-	JLE     build_table_check1_ok
-	MOVQ    ctx+8(FP), CX
-	MOVQ    R8, 24(CX)
-	MOVQ    AX, 32(CX)
-	MOVQ    $+2, ret+16(FP)
-	RET
-
-build_table_check1_ok:
-	TESTB CL, CL
-	JNZ   build_table_check2_ok
-	CMPW  R8, DI
-	JNE   build_table_check2_ok
-	MOVQ  ctx+8(FP), AX
-	MOVQ  R8, 24(AX)
-	MOVQ  DI, 32(AX)
-	MOVQ  $+3, ret+16(FP)
-	RET
-
-build_table_check2_ok:
-	INCQ DI
-	CMPQ DI, AX
-	JL   build_table_main_table
-	MOVQ $+0, ret+16(FP)
-	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go b/vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go
deleted file mode 100644
index 8adfebb02..000000000
--- a/vendor/github.com/klauspost/compress/zstd/fse_decoder_generic.go
+++ /dev/null
@@ -1,73 +0,0 @@
-//go:build !amd64 || appengine || !gc || noasm
-// +build !amd64 appengine !gc noasm
-
-package zstd
-
-import (
-	"errors"
-	"fmt"
-)
-
-// buildDtable will build the decoding table.
-func (s *fseDecoder) buildDtable() error {
-	tableSize := uint32(1 << s.actualTableLog)
-	highThreshold := tableSize - 1
-	symbolNext := s.stateTable[:256]
-
-	// Init, lay down lowprob symbols
-	{
-		for i, v := range s.norm[:s.symbolLen] {
-			if v == -1 {
-				s.dt[highThreshold].setAddBits(uint8(i))
-				highThreshold--
-				v = 1
-			}
-			symbolNext[i] = uint16(v)
-		}
-	}
-
-	// Spread symbols
-	{
-		tableMask := tableSize - 1
-		step := tableStep(tableSize)
-		position := uint32(0)
-		for ss, v := range s.norm[:s.symbolLen] {
-			for i := 0; i < int(v); i++ {
-				s.dt[position].setAddBits(uint8(ss))
-				for {
-					// lowprob area
-					position = (position + step) & tableMask
-					if position <= highThreshold {
-						break
-					}
-				}
-			}
-		}
-		if position != 0 {
-			// position must reach all cells once, otherwise normalizedCounter is incorrect
-			return errors.New("corrupted input (position != 0)")
-		}
-	}
-
-	// Build Decoding table
-	{
-		tableSize := uint16(1 << s.actualTableLog)
-		for u, v := range s.dt[:tableSize] {
-			symbol := v.addBits()
-			nextState := symbolNext[symbol]
-			symbolNext[symbol] = nextState + 1
-			nBits := s.actualTableLog - byte(highBits(uint32(nextState)))
-			s.dt[u&maxTableMask].setNBits(nBits)
-			newState := (nextState << nBits) - tableSize
-			if newState > tableSize {
-				return fmt.Errorf("newState (%d) outside table size (%d)", newState, tableSize)
-			}
-			if newState == uint16(u) && nBits == 0 {
-				// Seems weird that this is possible with nbits > 0.
-				return fmt.Errorf("newState (%d) == oldState (%d) and no bits", newState, u)
-			}
-			s.dt[u&maxTableMask].setNewState(newState)
-		}
-	}
-	return nil
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_encoder.go b/vendor/github.com/klauspost/compress/zstd/fse_encoder.go
deleted file mode 100644
index ab26326a8..000000000
--- a/vendor/github.com/klauspost/compress/zstd/fse_encoder.go
+++ /dev/null
@@ -1,701 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"errors"
-	"fmt"
-	"math"
-)
-
-const (
-	// For encoding we only support up to
-	maxEncTableLog    = 8
-	maxEncTablesize   = 1 << maxTableLog
-	maxEncTableMask   = (1 << maxTableLog) - 1
-	minEncTablelog    = 5
-	maxEncSymbolValue = maxMatchLengthSymbol
-)
-
-// Scratch provides temporary storage for compression and decompression.
-type fseEncoder struct {
-	symbolLen      uint16 // Length of active part of the symbol table.
-	actualTableLog uint8  // Selected tablelog.
-	ct             cTable // Compression tables.
-	maxCount       int    // count of the most probable symbol
-	zeroBits       bool   // no bits has prob > 50%.
-	clearCount     bool   // clear count
-	useRLE         bool   // This encoder is for RLE
-	preDefined     bool   // This encoder is predefined.
-	reUsed         bool   // Set to know when the encoder has been reused.
-	rleVal         uint8  // RLE Symbol
-	maxBits        uint8  // Maximum output bits after transform.
-
-	// TODO: Technically zstd should be fine with 64 bytes.
-	count [256]uint32
-	norm  [256]int16
-}
-
-// cTable contains tables used for compression.
-type cTable struct {
-	tableSymbol []byte
-	stateTable  []uint16
-	symbolTT    []symbolTransform
-}
-
-// symbolTransform contains the state transform for a symbol.
-type symbolTransform struct {
-	deltaNbBits    uint32
-	deltaFindState int16
-	outBits        uint8
-}
-
-// String prints values as a human readable string.
-func (s symbolTransform) String() string {
-	return fmt.Sprintf("{deltabits: %08x, findstate:%d outbits:%d}", s.deltaNbBits, s.deltaFindState, s.outBits)
-}
-
-// Histogram allows to populate the histogram and skip that step in the compression,
-// It otherwise allows to inspect the histogram when compression is done.
-// To indicate that you have populated the histogram call HistogramFinished
-// with the value of the highest populated symbol, as well as the number of entries
-// in the most populated entry. These are accepted at face value.
-func (s *fseEncoder) Histogram() *[256]uint32 {
-	return &s.count
-}
-
-// HistogramFinished can be called to indicate that the histogram has been populated.
-// maxSymbol is the index of the highest set symbol of the next data segment.
-// maxCount is the number of entries in the most populated entry.
-// These are accepted at face value.
-func (s *fseEncoder) HistogramFinished(maxSymbol uint8, maxCount int) {
-	s.maxCount = maxCount
-	s.symbolLen = uint16(maxSymbol) + 1
-	s.clearCount = maxCount != 0
-}
-
-// allocCtable will allocate tables needed for compression.
-// If existing tables a re big enough, they are simply re-used.
-func (s *fseEncoder) allocCtable() {
-	tableSize := 1 << s.actualTableLog
-	// get tableSymbol that is big enough.
-	if cap(s.ct.tableSymbol) < tableSize {
-		s.ct.tableSymbol = make([]byte, tableSize)
-	}
-	s.ct.tableSymbol = s.ct.tableSymbol[:tableSize]
-
-	ctSize := tableSize
-	if cap(s.ct.stateTable) < ctSize {
-		s.ct.stateTable = make([]uint16, ctSize)
-	}
-	s.ct.stateTable = s.ct.stateTable[:ctSize]
-
-	if cap(s.ct.symbolTT) < 256 {
-		s.ct.symbolTT = make([]symbolTransform, 256)
-	}
-	s.ct.symbolTT = s.ct.symbolTT[:256]
-}
-
-// buildCTable will populate the compression table so it is ready to be used.
-func (s *fseEncoder) buildCTable() error {
-	tableSize := uint32(1 << s.actualTableLog)
-	highThreshold := tableSize - 1
-	var cumul [256]int16
-
-	s.allocCtable()
-	tableSymbol := s.ct.tableSymbol[:tableSize]
-	// symbol start positions
-	{
-		cumul[0] = 0
-		for ui, v := range s.norm[:s.symbolLen-1] {
-			u := byte(ui) // one less than reference
-			if v == -1 {
-				// Low proba symbol
-				cumul[u+1] = cumul[u] + 1
-				tableSymbol[highThreshold] = u
-				highThreshold--
-			} else {
-				cumul[u+1] = cumul[u] + v
-			}
-		}
-		// Encode last symbol separately to avoid overflowing u
-		u := int(s.symbolLen - 1)
-		v := s.norm[s.symbolLen-1]
-		if v == -1 {
-			// Low proba symbol
-			cumul[u+1] = cumul[u] + 1
-			tableSymbol[highThreshold] = byte(u)
-			highThreshold--
-		} else {
-			cumul[u+1] = cumul[u] + v
-		}
-		if uint32(cumul[s.symbolLen]) != tableSize {
-			return fmt.Errorf("internal error: expected cumul[s.symbolLen] (%d) == tableSize (%d)", cumul[s.symbolLen], tableSize)
-		}
-		cumul[s.symbolLen] = int16(tableSize) + 1
-	}
-	// Spread symbols
-	s.zeroBits = false
-	{
-		step := tableStep(tableSize)
-		tableMask := tableSize - 1
-		var position uint32
-		// if any symbol > largeLimit, we may have 0 bits output.
-		largeLimit := int16(1 << (s.actualTableLog - 1))
-		for ui, v := range s.norm[:s.symbolLen] {
-			symbol := byte(ui)
-			if v > largeLimit {
-				s.zeroBits = true
-			}
-			for nbOccurrences := int16(0); nbOccurrences < v; nbOccurrences++ {
-				tableSymbol[position] = symbol
-				position = (position + step) & tableMask
-				for position > highThreshold {
-					position = (position + step) & tableMask
-				} /* Low proba area */
-			}
-		}
-
-		// Check if we have gone through all positions
-		if position != 0 {
-			return errors.New("position!=0")
-		}
-	}
-
-	// Build table
-	table := s.ct.stateTable
-	{
-		tsi := int(tableSize)
-		for u, v := range tableSymbol {
-			// TableU16 : sorted by symbol order; gives next state value
-			table[cumul[v]] = uint16(tsi + u)
-			cumul[v]++
-		}
-	}
-
-	// Build Symbol Transformation Table
-	{
-		total := int16(0)
-		symbolTT := s.ct.symbolTT[:s.symbolLen]
-		tableLog := s.actualTableLog
-		tl := (uint32(tableLog) << 16) - (1 << tableLog)
-		for i, v := range s.norm[:s.symbolLen] {
-			switch v {
-			case 0:
-			case -1, 1:
-				symbolTT[i].deltaNbBits = tl
-				symbolTT[i].deltaFindState = total - 1
-				total++
-			default:
-				maxBitsOut := uint32(tableLog) - highBit(uint32(v-1))
-				minStatePlus := uint32(v) << maxBitsOut
-				symbolTT[i].deltaNbBits = (maxBitsOut << 16) - minStatePlus
-				symbolTT[i].deltaFindState = total - v
-				total += v
-			}
-		}
-		if total != int16(tableSize) {
-			return fmt.Errorf("total mismatch %d (got) != %d (want)", total, tableSize)
-		}
-	}
-	return nil
-}
-
-var rtbTable = [...]uint32{0, 473195, 504333, 520860, 550000, 700000, 750000, 830000}
-
-func (s *fseEncoder) setRLE(val byte) {
-	s.allocCtable()
-	s.actualTableLog = 0
-	s.ct.stateTable = s.ct.stateTable[:1]
-	s.ct.symbolTT[val] = symbolTransform{
-		deltaFindState: 0,
-		deltaNbBits:    0,
-	}
-	if debugEncoder {
-		println("setRLE: val", val, "symbolTT", s.ct.symbolTT[val])
-	}
-	s.rleVal = val
-	s.useRLE = true
-}
-
-// setBits will set output bits for the transform.
-// if nil is provided, the number of bits is equal to the index.
-func (s *fseEncoder) setBits(transform []byte) {
-	if s.reUsed || s.preDefined {
-		return
-	}
-	if s.useRLE {
-		if transform == nil {
-			s.ct.symbolTT[s.rleVal].outBits = s.rleVal
-			s.maxBits = s.rleVal
-			return
-		}
-		s.maxBits = transform[s.rleVal]
-		s.ct.symbolTT[s.rleVal].outBits = s.maxBits
-		return
-	}
-	if transform == nil {
-		for i := range s.ct.symbolTT[:s.symbolLen] {
-			s.ct.symbolTT[i].outBits = uint8(i)
-		}
-		s.maxBits = uint8(s.symbolLen - 1)
-		return
-	}
-	s.maxBits = 0
-	for i, v := range transform[:s.symbolLen] {
-		s.ct.symbolTT[i].outBits = v
-		if v > s.maxBits {
-			// We could assume bits always going up, but we play safe.
-			s.maxBits = v
-		}
-	}
-}
-
-// normalizeCount will normalize the count of the symbols so
-// the total is equal to the table size.
-// If successful, compression tables will also be made ready.
-func (s *fseEncoder) normalizeCount(length int) error {
-	if s.reUsed {
-		return nil
-	}
-	s.optimalTableLog(length)
-	var (
-		tableLog          = s.actualTableLog
-		scale             = 62 - uint64(tableLog)
-		step              = (1 << 62) / uint64(length)
-		vStep             = uint64(1) << (scale - 20)
-		stillToDistribute = int16(1 << tableLog)
-		largest           int
-		largestP          int16
-		lowThreshold      = (uint32)(length >> tableLog)
-	)
-	if s.maxCount == length {
-		s.useRLE = true
-		return nil
-	}
-	s.useRLE = false
-	for i, cnt := range s.count[:s.symbolLen] {
-		// already handled
-		// if (count[s] == s.length) return 0;   /* rle special case */
-
-		if cnt == 0 {
-			s.norm[i] = 0
-			continue
-		}
-		if cnt <= lowThreshold {
-			s.norm[i] = -1
-			stillToDistribute--
-		} else {
-			proba := (int16)((uint64(cnt) * step) >> scale)
-			if proba < 8 {
-				restToBeat := vStep * uint64(rtbTable[proba])
-				v := uint64(cnt)*step - (uint64(proba) << scale)
-				if v > restToBeat {
-					proba++
-				}
-			}
-			if proba > largestP {
-				largestP = proba
-				largest = i
-			}
-			s.norm[i] = proba
-			stillToDistribute -= proba
-		}
-	}
-
-	if -stillToDistribute >= (s.norm[largest] >> 1) {
-		// corner case, need another normalization method
-		err := s.normalizeCount2(length)
-		if err != nil {
-			return err
-		}
-		if debugAsserts {
-			err = s.validateNorm()
-			if err != nil {
-				return err
-			}
-		}
-		return s.buildCTable()
-	}
-	s.norm[largest] += stillToDistribute
-	if debugAsserts {
-		err := s.validateNorm()
-		if err != nil {
-			return err
-		}
-	}
-	return s.buildCTable()
-}
-
-// Secondary normalization method.
-// To be used when primary method fails.
-func (s *fseEncoder) normalizeCount2(length int) error {
-	const notYetAssigned = -2
-	var (
-		distributed  uint32
-		total        = uint32(length)
-		tableLog     = s.actualTableLog
-		lowThreshold = total >> tableLog
-		lowOne       = (total * 3) >> (tableLog + 1)
-	)
-	for i, cnt := range s.count[:s.symbolLen] {
-		if cnt == 0 {
-			s.norm[i] = 0
-			continue
-		}
-		if cnt <= lowThreshold {
-			s.norm[i] = -1
-			distributed++
-			total -= cnt
-			continue
-		}
-		if cnt <= lowOne {
-			s.norm[i] = 1
-			distributed++
-			total -= cnt
-			continue
-		}
-		s.norm[i] = notYetAssigned
-	}
-	toDistribute := (1 << tableLog) - distributed
-
-	if (total / toDistribute) > lowOne {
-		// risk of rounding to zero
-		lowOne = (total * 3) / (toDistribute * 2)
-		for i, cnt := range s.count[:s.symbolLen] {
-			if (s.norm[i] == notYetAssigned) && (cnt <= lowOne) {
-				s.norm[i] = 1
-				distributed++
-				total -= cnt
-				continue
-			}
-		}
-		toDistribute = (1 << tableLog) - distributed
-	}
-	if distributed == uint32(s.symbolLen)+1 {
-		// all values are pretty poor;
-		//   probably incompressible data (should have already been detected);
-		//   find max, then give all remaining points to max
-		var maxV int
-		var maxC uint32
-		for i, cnt := range s.count[:s.symbolLen] {
-			if cnt > maxC {
-				maxV = i
-				maxC = cnt
-			}
-		}
-		s.norm[maxV] += int16(toDistribute)
-		return nil
-	}
-
-	if total == 0 {
-		// all of the symbols were low enough for the lowOne or lowThreshold
-		for i := uint32(0); toDistribute > 0; i = (i + 1) % (uint32(s.symbolLen)) {
-			if s.norm[i] > 0 {
-				toDistribute--
-				s.norm[i]++
-			}
-		}
-		return nil
-	}
-
-	var (
-		vStepLog = 62 - uint64(tableLog)
-		mid      = uint64((1 << (vStepLog - 1)) - 1)
-		rStep    = (((1 << vStepLog) * uint64(toDistribute)) + mid) / uint64(total) // scale on remaining
-		tmpTotal = mid
-	)
-	for i, cnt := range s.count[:s.symbolLen] {
-		if s.norm[i] == notYetAssigned {
-			var (
-				end    = tmpTotal + uint64(cnt)*rStep
-				sStart = uint32(tmpTotal >> vStepLog)
-				sEnd   = uint32(end >> vStepLog)
-				weight = sEnd - sStart
-			)
-			if weight < 1 {
-				return errors.New("weight < 1")
-			}
-			s.norm[i] = int16(weight)
-			tmpTotal = end
-		}
-	}
-	return nil
-}
-
-// optimalTableLog calculates and sets the optimal tableLog in s.actualTableLog
-func (s *fseEncoder) optimalTableLog(length int) {
-	tableLog := uint8(maxEncTableLog)
-	minBitsSrc := highBit(uint32(length)) + 1
-	minBitsSymbols := highBit(uint32(s.symbolLen-1)) + 2
-	minBits := uint8(minBitsSymbols)
-	if minBitsSrc < minBitsSymbols {
-		minBits = uint8(minBitsSrc)
-	}
-
-	maxBitsSrc := uint8(highBit(uint32(length-1))) - 2
-	if maxBitsSrc < tableLog {
-		// Accuracy can be reduced
-		tableLog = maxBitsSrc
-	}
-	if minBits > tableLog {
-		tableLog = minBits
-	}
-	// Need a minimum to safely represent all symbol values
-	if tableLog < minEncTablelog {
-		tableLog = minEncTablelog
-	}
-	if tableLog > maxEncTableLog {
-		tableLog = maxEncTableLog
-	}
-	s.actualTableLog = tableLog
-}
-
-// validateNorm validates the normalized histogram table.
-func (s *fseEncoder) validateNorm() (err error) {
-	var total int
-	for _, v := range s.norm[:s.symbolLen] {
-		if v >= 0 {
-			total += int(v)
-		} else {
-			total -= int(v)
-		}
-	}
-	defer func() {
-		if err == nil {
-			return
-		}
-		fmt.Printf("selected TableLog: %d, Symbol length: %d\n", s.actualTableLog, s.symbolLen)
-		for i, v := range s.norm[:s.symbolLen] {
-			fmt.Printf("%3d: %5d -> %4d \n", i, s.count[i], v)
-		}
-	}()
-	if total != (1 << s.actualTableLog) {
-		return fmt.Errorf("warning: Total == %d != %d", total, 1<> 3) + 3 + 2
-
-		// Write Table Size
-		bitStream = uint32(tableLog - minEncTablelog)
-		bitCount  = uint(4)
-		remaining = int16(tableSize + 1) /* +1 for extra accuracy */
-		threshold = int16(tableSize)
-		nbBits    = uint(tableLog + 1)
-		outP      = len(out)
-	)
-	if cap(out) < outP+maxHeaderSize {
-		out = append(out, make([]byte, maxHeaderSize*3)...)
-		out = out[:len(out)-maxHeaderSize*3]
-	}
-	out = out[:outP+maxHeaderSize]
-
-	// stops at 1
-	for remaining > 1 {
-		if previous0 {
-			start := charnum
-			for s.norm[charnum] == 0 {
-				charnum++
-			}
-			for charnum >= start+24 {
-				start += 24
-				bitStream += uint32(0xFFFF) << bitCount
-				out[outP] = byte(bitStream)
-				out[outP+1] = byte(bitStream >> 8)
-				outP += 2
-				bitStream >>= 16
-			}
-			for charnum >= start+3 {
-				start += 3
-				bitStream += 3 << bitCount
-				bitCount += 2
-			}
-			bitStream += uint32(charnum-start) << bitCount
-			bitCount += 2
-			if bitCount > 16 {
-				out[outP] = byte(bitStream)
-				out[outP+1] = byte(bitStream >> 8)
-				outP += 2
-				bitStream >>= 16
-				bitCount -= 16
-			}
-		}
-
-		count := s.norm[charnum]
-		charnum++
-		max := (2*threshold - 1) - remaining
-		if count < 0 {
-			remaining += count
-		} else {
-			remaining -= count
-		}
-		count++ // +1 for extra accuracy
-		if count >= threshold {
-			count += max // [0..max[ [max..threshold[ (...) [threshold+max 2*threshold[
-		}
-		bitStream += uint32(count) << bitCount
-		bitCount += nbBits
-		if count < max {
-			bitCount--
-		}
-
-		previous0 = count == 1
-		if remaining < 1 {
-			return nil, errors.New("internal error: remaining < 1")
-		}
-		for remaining < threshold {
-			nbBits--
-			threshold >>= 1
-		}
-
-		if bitCount > 16 {
-			out[outP] = byte(bitStream)
-			out[outP+1] = byte(bitStream >> 8)
-			outP += 2
-			bitStream >>= 16
-			bitCount -= 16
-		}
-	}
-
-	if outP+2 > len(out) {
-		return nil, fmt.Errorf("internal error: %d > %d, maxheader: %d, sl: %d, tl: %d, normcount: %v", outP+2, len(out), maxHeaderSize, s.symbolLen, int(tableLog), s.norm[:s.symbolLen])
-	}
-	out[outP] = byte(bitStream)
-	out[outP+1] = byte(bitStream >> 8)
-	outP += int((bitCount + 7) / 8)
-
-	if charnum > s.symbolLen {
-		return nil, errors.New("internal error: charnum > s.symbolLen")
-	}
-	return out[:outP], nil
-}
-
-// Approximate symbol cost, as fractional value, using fixed-point format (accuracyLog fractional bits)
-// note 1 : assume symbolValue is valid (<= maxSymbolValue)
-// note 2 : if freq[symbolValue]==0, @return a fake cost of tableLog+1 bits *
-func (s *fseEncoder) bitCost(symbolValue uint8, accuracyLog uint32) uint32 {
-	minNbBits := s.ct.symbolTT[symbolValue].deltaNbBits >> 16
-	threshold := (minNbBits + 1) << 16
-	if debugAsserts {
-		if !(s.actualTableLog < 16) {
-			panic("!s.actualTableLog < 16")
-		}
-		// ensure enough room for renormalization double shift
-		if !(uint8(accuracyLog) < 31-s.actualTableLog) {
-			panic("!uint8(accuracyLog) < 31-s.actualTableLog")
-		}
-	}
-	tableSize := uint32(1) << s.actualTableLog
-	deltaFromThreshold := threshold - (s.ct.symbolTT[symbolValue].deltaNbBits + tableSize)
-	// linear interpolation (very approximate)
-	normalizedDeltaFromThreshold := (deltaFromThreshold << accuracyLog) >> s.actualTableLog
-	bitMultiplier := uint32(1) << accuracyLog
-	if debugAsserts {
-		if s.ct.symbolTT[symbolValue].deltaNbBits+tableSize > threshold {
-			panic("s.ct.symbolTT[symbolValue].deltaNbBits+tableSize > threshold")
-		}
-		if normalizedDeltaFromThreshold > bitMultiplier {
-			panic("normalizedDeltaFromThreshold > bitMultiplier")
-		}
-	}
-	return (minNbBits+1)*bitMultiplier - normalizedDeltaFromThreshold
-}
-
-// Returns the cost in bits of encoding the distribution in count using ctable.
-// Histogram should only be up to the last non-zero symbol.
-// Returns an -1 if ctable cannot represent all the symbols in count.
-func (s *fseEncoder) approxSize(hist []uint32) uint32 {
-	if int(s.symbolLen) < len(hist) {
-		// More symbols than we have.
-		return math.MaxUint32
-	}
-	if s.useRLE {
-		// We will never reuse RLE encoders.
-		return math.MaxUint32
-	}
-	const kAccuracyLog = 8
-	badCost := (uint32(s.actualTableLog) + 1) << kAccuracyLog
-	var cost uint32
-	for i, v := range hist {
-		if v == 0 {
-			continue
-		}
-		if s.norm[i] == 0 {
-			return math.MaxUint32
-		}
-		bitCost := s.bitCost(uint8(i), kAccuracyLog)
-		if bitCost > badCost {
-			return math.MaxUint32
-		}
-		cost += v * bitCost
-	}
-	return cost >> kAccuracyLog
-}
-
-// maxHeaderSize returns the maximum header size in bits.
-// This is not exact size, but we want a penalty for new tables anyway.
-func (s *fseEncoder) maxHeaderSize() uint32 {
-	if s.preDefined {
-		return 0
-	}
-	if s.useRLE {
-		return 8
-	}
-	return (((uint32(s.symbolLen) * uint32(s.actualTableLog)) >> 3) + 3) * 8
-}
-
-// cState contains the compression state of a stream.
-type cState struct {
-	bw         *bitWriter
-	stateTable []uint16
-	state      uint16
-}
-
-// init will initialize the compression state to the first symbol of the stream.
-func (c *cState) init(bw *bitWriter, ct *cTable, first symbolTransform) {
-	c.bw = bw
-	c.stateTable = ct.stateTable
-	if len(c.stateTable) == 1 {
-		// RLE
-		c.stateTable[0] = uint16(0)
-		c.state = 0
-		return
-	}
-	nbBitsOut := (first.deltaNbBits + (1 << 15)) >> 16
-	im := int32((nbBitsOut << 16) - first.deltaNbBits)
-	lu := (im >> nbBitsOut) + int32(first.deltaFindState)
-	c.state = c.stateTable[lu]
-}
-
-// flush will write the tablelog to the output and flush the remaining full bytes.
-func (c *cState) flush(tableLog uint8) {
-	c.bw.flush32()
-	c.bw.addBits16NC(c.state, tableLog)
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_predefined.go b/vendor/github.com/klauspost/compress/zstd/fse_predefined.go
deleted file mode 100644
index 474cb77d2..000000000
--- a/vendor/github.com/klauspost/compress/zstd/fse_predefined.go
+++ /dev/null
@@ -1,158 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"fmt"
-	"math"
-	"sync"
-)
-
-var (
-	// fsePredef are the predefined fse tables as defined here:
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#default-distributions
-	// These values are already transformed.
-	fsePredef [3]fseDecoder
-
-	// fsePredefEnc are the predefined encoder based on fse tables as defined here:
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#default-distributions
-	// These values are already transformed.
-	fsePredefEnc [3]fseEncoder
-
-	// symbolTableX contain the transformations needed for each type as defined in
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#the-codes-for-literals-lengths-match-lengths-and-offsets
-	symbolTableX [3][]baseOffset
-
-	// maxTableSymbol is the biggest supported symbol for each table type
-	// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#the-codes-for-literals-lengths-match-lengths-and-offsets
-	maxTableSymbol = [3]uint8{tableLiteralLengths: maxLiteralLengthSymbol, tableOffsets: maxOffsetLengthSymbol, tableMatchLengths: maxMatchLengthSymbol}
-
-	// bitTables is the bits table for each table.
-	bitTables = [3][]byte{tableLiteralLengths: llBitsTable[:], tableOffsets: nil, tableMatchLengths: mlBitsTable[:]}
-)
-
-type tableIndex uint8
-
-const (
-	// indexes for fsePredef and symbolTableX
-	tableLiteralLengths tableIndex = 0
-	tableOffsets        tableIndex = 1
-	tableMatchLengths   tableIndex = 2
-
-	maxLiteralLengthSymbol = 35
-	maxOffsetLengthSymbol  = 30
-	maxMatchLengthSymbol   = 52
-)
-
-// baseOffset is used for calculating transformations.
-type baseOffset struct {
-	baseLine uint32
-	addBits  uint8
-}
-
-// fillBase will precalculate base offsets with the given bit distributions.
-func fillBase(dst []baseOffset, base uint32, bits ...uint8) {
-	if len(bits) != len(dst) {
-		panic(fmt.Sprintf("len(dst) (%d) != len(bits) (%d)", len(dst), len(bits)))
-	}
-	for i, bit := range bits {
-		if base > math.MaxInt32 {
-			panic("invalid decoding table, base overflows int32")
-		}
-
-		dst[i] = baseOffset{
-			baseLine: base,
-			addBits:  bit,
-		}
-		base += 1 << bit
-	}
-}
-
-var predef sync.Once
-
-func initPredefined() {
-	predef.Do(func() {
-		// Literals length codes
-		tmp := make([]baseOffset, 36)
-		for i := range tmp[:16] {
-			tmp[i] = baseOffset{
-				baseLine: uint32(i),
-				addBits:  0,
-			}
-		}
-		fillBase(tmp[16:], 16, 1, 1, 1, 1, 2, 2, 3, 3, 4, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-		symbolTableX[tableLiteralLengths] = tmp
-
-		// Match length codes
-		tmp = make([]baseOffset, 53)
-		for i := range tmp[:32] {
-			tmp[i] = baseOffset{
-				// The transformation adds the 3 length.
-				baseLine: uint32(i) + 3,
-				addBits:  0,
-			}
-		}
-		fillBase(tmp[32:], 35, 1, 1, 1, 1, 2, 2, 3, 3, 4, 4, 5, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-		symbolTableX[tableMatchLengths] = tmp
-
-		// Offset codes
-		tmp = make([]baseOffset, maxOffsetBits+1)
-		tmp[1] = baseOffset{
-			baseLine: 1,
-			addBits:  1,
-		}
-		fillBase(tmp[2:], 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-		symbolTableX[tableOffsets] = tmp
-
-		// Fill predefined tables and transform them.
-		// https://github.com/facebook/zstd/blob/dev/doc/zstd_compression_format.md#default-distributions
-		for i := range fsePredef[:] {
-			f := &fsePredef[i]
-			switch tableIndex(i) {
-			case tableLiteralLengths:
-				// https://github.com/facebook/zstd/blob/ededcfca57366461021c922720878c81a5854a0a/lib/decompress/zstd_decompress_block.c#L243
-				f.actualTableLog = 6
-				copy(f.norm[:], []int16{4, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1,
-					2, 2, 2, 2, 2, 2, 2, 2, 2, 3, 2, 1, 1, 1, 1, 1,
-					-1, -1, -1, -1})
-				f.symbolLen = 36
-			case tableOffsets:
-				// https://github.com/facebook/zstd/blob/ededcfca57366461021c922720878c81a5854a0a/lib/decompress/zstd_decompress_block.c#L281
-				f.actualTableLog = 5
-				copy(f.norm[:], []int16{
-					1, 1, 1, 1, 1, 1, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1,
-					1, 1, 1, 1, 1, 1, 1, 1, -1, -1, -1, -1, -1})
-				f.symbolLen = 29
-			case tableMatchLengths:
-				//https://github.com/facebook/zstd/blob/ededcfca57366461021c922720878c81a5854a0a/lib/decompress/zstd_decompress_block.c#L304
-				f.actualTableLog = 6
-				copy(f.norm[:], []int16{
-					1, 4, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1,
-					1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-					1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, -1, -1,
-					-1, -1, -1, -1, -1})
-				f.symbolLen = 53
-			}
-			if err := f.buildDtable(); err != nil {
-				panic(fmt.Errorf("building table %v: %v", tableIndex(i), err))
-			}
-			if err := f.transform(symbolTableX[i]); err != nil {
-				panic(fmt.Errorf("building table %v: %v", tableIndex(i), err))
-			}
-			f.preDefined = true
-
-			// Create encoder as well
-			enc := &fsePredefEnc[i]
-			copy(enc.norm[:], f.norm[:])
-			enc.symbolLen = f.symbolLen
-			enc.actualTableLog = f.actualTableLog
-			if err := enc.buildCTable(); err != nil {
-				panic(fmt.Errorf("building encoding table %v: %v", tableIndex(i), err))
-			}
-			enc.setBits(bitTables[i])
-			enc.preDefined = true
-		}
-	})
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/hash.go b/vendor/github.com/klauspost/compress/zstd/hash.go
deleted file mode 100644
index 5d73c21eb..000000000
--- a/vendor/github.com/klauspost/compress/zstd/hash.go
+++ /dev/null
@@ -1,35 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-const (
-	prime3bytes = 506832829
-	prime4bytes = 2654435761
-	prime5bytes = 889523592379
-	prime6bytes = 227718039650203
-	prime7bytes = 58295818150454627
-	prime8bytes = 0xcf1bbcdcb7a56463
-)
-
-// hashLen returns a hash of the lowest mls bytes of with length output bits.
-// mls must be >=3 and <=8. Any other value will return hash for 4 bytes.
-// length should always be < 32.
-// Preferably length and mls should be a constant for inlining.
-func hashLen(u uint64, length, mls uint8) uint32 {
-	switch mls {
-	case 3:
-		return (uint32(u<<8) * prime3bytes) >> (32 - length)
-	case 5:
-		return uint32(((u << (64 - 40)) * prime5bytes) >> (64 - length))
-	case 6:
-		return uint32(((u << (64 - 48)) * prime6bytes) >> (64 - length))
-	case 7:
-		return uint32(((u << (64 - 56)) * prime7bytes) >> (64 - length))
-	case 8:
-		return uint32((u * prime8bytes) >> (64 - length))
-	default:
-		return (uint32(u) * prime4bytes) >> (32 - length)
-	}
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/history.go b/vendor/github.com/klauspost/compress/zstd/history.go
deleted file mode 100644
index 09164856d..000000000
--- a/vendor/github.com/klauspost/compress/zstd/history.go
+++ /dev/null
@@ -1,116 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"github.com/klauspost/compress/huff0"
-)
-
-// history contains the information transferred between blocks.
-type history struct {
-	// Literal decompression
-	huffTree *huff0.Scratch
-
-	// Sequence decompression
-	decoders      sequenceDecs
-	recentOffsets [3]int
-
-	// History buffer...
-	b []byte
-
-	// ignoreBuffer is meant to ignore a number of bytes
-	// when checking for matches in history
-	ignoreBuffer int
-
-	windowSize       int
-	allocFrameBuffer int // needed?
-	error            bool
-	dict             *dict
-}
-
-// reset will reset the history to initial state of a frame.
-// The history must already have been initialized to the desired size.
-func (h *history) reset() {
-	h.b = h.b[:0]
-	h.ignoreBuffer = 0
-	h.error = false
-	h.recentOffsets = [3]int{1, 4, 8}
-	h.decoders.freeDecoders()
-	h.decoders = sequenceDecs{br: h.decoders.br}
-	h.freeHuffDecoder()
-	h.huffTree = nil
-	h.dict = nil
-	//printf("history created: %+v (l: %d, c: %d)", *h, len(h.b), cap(h.b))
-}
-
-func (h *history) freeHuffDecoder() {
-	if h.huffTree != nil {
-		if h.dict == nil || h.dict.litEnc != h.huffTree {
-			huffDecoderPool.Put(h.huffTree)
-			h.huffTree = nil
-		}
-	}
-}
-
-func (h *history) setDict(dict *dict) {
-	if dict == nil {
-		return
-	}
-	h.dict = dict
-	h.decoders.litLengths = dict.llDec
-	h.decoders.offsets = dict.ofDec
-	h.decoders.matchLengths = dict.mlDec
-	h.decoders.dict = dict.content
-	h.recentOffsets = dict.offsets
-	h.huffTree = dict.litEnc
-}
-
-// append bytes to history.
-// This function will make sure there is space for it,
-// if the buffer has been allocated with enough extra space.
-func (h *history) append(b []byte) {
-	if len(b) >= h.windowSize {
-		// Discard all history by simply overwriting
-		h.b = h.b[:h.windowSize]
-		copy(h.b, b[len(b)-h.windowSize:])
-		return
-	}
-
-	// If there is space, append it.
-	if len(b) < cap(h.b)-len(h.b) {
-		h.b = append(h.b, b...)
-		return
-	}
-
-	// Move data down so we only have window size left.
-	// We know we have less than window size in b at this point.
-	discard := len(b) + len(h.b) - h.windowSize
-	copy(h.b, h.b[discard:])
-	h.b = h.b[:h.windowSize]
-	copy(h.b[h.windowSize-len(b):], b)
-}
-
-// ensureBlock will ensure there is space for at least one block...
-func (h *history) ensureBlock() {
-	if cap(h.b) < h.allocFrameBuffer {
-		h.b = make([]byte, 0, h.allocFrameBuffer)
-		return
-	}
-
-	avail := cap(h.b) - len(h.b)
-	if avail >= h.windowSize || avail > maxCompressedBlockSize {
-		return
-	}
-	// Move data down so we only have window size left.
-	// We know we have less than window size in b at this point.
-	discard := len(h.b) - h.windowSize
-	copy(h.b, h.b[discard:])
-	h.b = h.b[:h.windowSize]
-}
-
-// append bytes to history without ever discarding anything.
-func (h *history) appendKeep(b []byte) {
-	h.b = append(h.b, b...)
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/LICENSE.txt b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/LICENSE.txt
deleted file mode 100644
index 24b53065f..000000000
--- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/LICENSE.txt
+++ /dev/null
@@ -1,22 +0,0 @@
-Copyright (c) 2016 Caleb Spare
-
-MIT License
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/README.md b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/README.md
deleted file mode 100644
index 777290d44..000000000
--- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/README.md
+++ /dev/null
@@ -1,71 +0,0 @@
-# xxhash
-
-VENDORED: Go to [github.com/cespare/xxhash](https://github.com/cespare/xxhash) for original package.
-
-xxhash is a Go implementation of the 64-bit [xxHash] algorithm, XXH64. This is a
-high-quality hashing algorithm that is much faster than anything in the Go
-standard library.
-
-This package provides a straightforward API:
-
-```
-func Sum64(b []byte) uint64
-func Sum64String(s string) uint64
-type Digest struct{ ... }
-    func New() *Digest
-```
-
-The `Digest` type implements hash.Hash64. Its key methods are:
-
-```
-func (*Digest) Write([]byte) (int, error)
-func (*Digest) WriteString(string) (int, error)
-func (*Digest) Sum64() uint64
-```
-
-The package is written with optimized pure Go and also contains even faster
-assembly implementations for amd64 and arm64. If desired, the `purego` build tag
-opts into using the Go code even on those architectures.
-
-[xxHash]: http://cyan4973.github.io/xxHash/
-
-## Compatibility
-
-This package is in a module and the latest code is in version 2 of the module.
-You need a version of Go with at least "minimal module compatibility" to use
-github.com/cespare/xxhash/v2:
-
-* 1.9.7+ for Go 1.9
-* 1.10.3+ for Go 1.10
-* Go 1.11 or later
-
-I recommend using the latest release of Go.
-
-## Benchmarks
-
-Here are some quick benchmarks comparing the pure-Go and assembly
-implementations of Sum64.
-
-| input size | purego    | asm       |
-| ---------- | --------- | --------- |
-| 4 B        |  1.3 GB/s |  1.2 GB/s |
-| 16 B       |  2.9 GB/s |  3.5 GB/s |
-| 100 B      |  6.9 GB/s |  8.1 GB/s |
-| 4 KB       | 11.7 GB/s | 16.7 GB/s |
-| 10 MB      | 12.0 GB/s | 17.3 GB/s |
-
-These numbers were generated on Ubuntu 20.04 with an Intel Xeon Platinum 8252C
-CPU using the following commands under Go 1.19.2:
-
-```
-benchstat <(go test -tags purego -benchtime 500ms -count 15 -bench 'Sum64$')
-benchstat <(go test -benchtime 500ms -count 15 -bench 'Sum64$')
-```
-
-## Projects using this package
-
-- [InfluxDB](https://github.com/influxdata/influxdb)
-- [Prometheus](https://github.com/prometheus/prometheus)
-- [VictoriaMetrics](https://github.com/VictoriaMetrics/VictoriaMetrics)
-- [FreeCache](https://github.com/coocood/freecache)
-- [FastCache](https://github.com/VictoriaMetrics/fastcache)
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash.go
deleted file mode 100644
index fc40c8200..000000000
--- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash.go
+++ /dev/null
@@ -1,230 +0,0 @@
-// Package xxhash implements the 64-bit variant of xxHash (XXH64) as described
-// at http://cyan4973.github.io/xxHash/.
-// THIS IS VENDORED: Go to github.com/cespare/xxhash for original package.
-
-package xxhash
-
-import (
-	"encoding/binary"
-	"errors"
-	"math/bits"
-)
-
-const (
-	prime1 uint64 = 11400714785074694791
-	prime2 uint64 = 14029467366897019727
-	prime3 uint64 = 1609587929392839161
-	prime4 uint64 = 9650029242287828579
-	prime5 uint64 = 2870177450012600261
-)
-
-// Store the primes in an array as well.
-//
-// The consts are used when possible in Go code to avoid MOVs but we need a
-// contiguous array of the assembly code.
-var primes = [...]uint64{prime1, prime2, prime3, prime4, prime5}
-
-// Digest implements hash.Hash64.
-type Digest struct {
-	v1    uint64
-	v2    uint64
-	v3    uint64
-	v4    uint64
-	total uint64
-	mem   [32]byte
-	n     int // how much of mem is used
-}
-
-// New creates a new Digest that computes the 64-bit xxHash algorithm.
-func New() *Digest {
-	var d Digest
-	d.Reset()
-	return &d
-}
-
-// Reset clears the Digest's state so that it can be reused.
-func (d *Digest) Reset() {
-	d.v1 = primes[0] + prime2
-	d.v2 = prime2
-	d.v3 = 0
-	d.v4 = -primes[0]
-	d.total = 0
-	d.n = 0
-}
-
-// Size always returns 8 bytes.
-func (d *Digest) Size() int { return 8 }
-
-// BlockSize always returns 32 bytes.
-func (d *Digest) BlockSize() int { return 32 }
-
-// Write adds more data to d. It always returns len(b), nil.
-func (d *Digest) Write(b []byte) (n int, err error) {
-	n = len(b)
-	d.total += uint64(n)
-
-	memleft := d.mem[d.n&(len(d.mem)-1):]
-
-	if d.n+n < 32 {
-		// This new data doesn't even fill the current block.
-		copy(memleft, b)
-		d.n += n
-		return
-	}
-
-	if d.n > 0 {
-		// Finish off the partial block.
-		c := copy(memleft, b)
-		d.v1 = round(d.v1, u64(d.mem[0:8]))
-		d.v2 = round(d.v2, u64(d.mem[8:16]))
-		d.v3 = round(d.v3, u64(d.mem[16:24]))
-		d.v4 = round(d.v4, u64(d.mem[24:32]))
-		b = b[c:]
-		d.n = 0
-	}
-
-	if len(b) >= 32 {
-		// One or more full blocks left.
-		nw := writeBlocks(d, b)
-		b = b[nw:]
-	}
-
-	// Store any remaining partial block.
-	copy(d.mem[:], b)
-	d.n = len(b)
-
-	return
-}
-
-// Sum appends the current hash to b and returns the resulting slice.
-func (d *Digest) Sum(b []byte) []byte {
-	s := d.Sum64()
-	return append(
-		b,
-		byte(s>>56),
-		byte(s>>48),
-		byte(s>>40),
-		byte(s>>32),
-		byte(s>>24),
-		byte(s>>16),
-		byte(s>>8),
-		byte(s),
-	)
-}
-
-// Sum64 returns the current hash.
-func (d *Digest) Sum64() uint64 {
-	var h uint64
-
-	if d.total >= 32 {
-		v1, v2, v3, v4 := d.v1, d.v2, d.v3, d.v4
-		h = rol1(v1) + rol7(v2) + rol12(v3) + rol18(v4)
-		h = mergeRound(h, v1)
-		h = mergeRound(h, v2)
-		h = mergeRound(h, v3)
-		h = mergeRound(h, v4)
-	} else {
-		h = d.v3 + prime5
-	}
-
-	h += d.total
-
-	b := d.mem[:d.n&(len(d.mem)-1)]
-	for ; len(b) >= 8; b = b[8:] {
-		k1 := round(0, u64(b[:8]))
-		h ^= k1
-		h = rol27(h)*prime1 + prime4
-	}
-	if len(b) >= 4 {
-		h ^= uint64(u32(b[:4])) * prime1
-		h = rol23(h)*prime2 + prime3
-		b = b[4:]
-	}
-	for ; len(b) > 0; b = b[1:] {
-		h ^= uint64(b[0]) * prime5
-		h = rol11(h) * prime1
-	}
-
-	h ^= h >> 33
-	h *= prime2
-	h ^= h >> 29
-	h *= prime3
-	h ^= h >> 32
-
-	return h
-}
-
-const (
-	magic         = "xxh\x06"
-	marshaledSize = len(magic) + 8*5 + 32
-)
-
-// MarshalBinary implements the encoding.BinaryMarshaler interface.
-func (d *Digest) MarshalBinary() ([]byte, error) {
-	b := make([]byte, 0, marshaledSize)
-	b = append(b, magic...)
-	b = appendUint64(b, d.v1)
-	b = appendUint64(b, d.v2)
-	b = appendUint64(b, d.v3)
-	b = appendUint64(b, d.v4)
-	b = appendUint64(b, d.total)
-	b = append(b, d.mem[:d.n]...)
-	b = b[:len(b)+len(d.mem)-d.n]
-	return b, nil
-}
-
-// UnmarshalBinary implements the encoding.BinaryUnmarshaler interface.
-func (d *Digest) UnmarshalBinary(b []byte) error {
-	if len(b) < len(magic) || string(b[:len(magic)]) != magic {
-		return errors.New("xxhash: invalid hash state identifier")
-	}
-	if len(b) != marshaledSize {
-		return errors.New("xxhash: invalid hash state size")
-	}
-	b = b[len(magic):]
-	b, d.v1 = consumeUint64(b)
-	b, d.v2 = consumeUint64(b)
-	b, d.v3 = consumeUint64(b)
-	b, d.v4 = consumeUint64(b)
-	b, d.total = consumeUint64(b)
-	copy(d.mem[:], b)
-	d.n = int(d.total % uint64(len(d.mem)))
-	return nil
-}
-
-func appendUint64(b []byte, x uint64) []byte {
-	var a [8]byte
-	binary.LittleEndian.PutUint64(a[:], x)
-	return append(b, a[:]...)
-}
-
-func consumeUint64(b []byte) ([]byte, uint64) {
-	x := u64(b)
-	return b[8:], x
-}
-
-func u64(b []byte) uint64 { return binary.LittleEndian.Uint64(b) }
-func u32(b []byte) uint32 { return binary.LittleEndian.Uint32(b) }
-
-func round(acc, input uint64) uint64 {
-	acc += input * prime2
-	acc = rol31(acc)
-	acc *= prime1
-	return acc
-}
-
-func mergeRound(acc, val uint64) uint64 {
-	val = round(0, val)
-	acc ^= val
-	acc = acc*prime1 + prime4
-	return acc
-}
-
-func rol1(x uint64) uint64  { return bits.RotateLeft64(x, 1) }
-func rol7(x uint64) uint64  { return bits.RotateLeft64(x, 7) }
-func rol11(x uint64) uint64 { return bits.RotateLeft64(x, 11) }
-func rol12(x uint64) uint64 { return bits.RotateLeft64(x, 12) }
-func rol18(x uint64) uint64 { return bits.RotateLeft64(x, 18) }
-func rol23(x uint64) uint64 { return bits.RotateLeft64(x, 23) }
-func rol27(x uint64) uint64 { return bits.RotateLeft64(x, 27) }
-func rol31(x uint64) uint64 { return bits.RotateLeft64(x, 31) }
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.s b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.s
deleted file mode 100644
index ddb63aa91..000000000
--- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_amd64.s
+++ /dev/null
@@ -1,210 +0,0 @@
-//go:build !appengine && gc && !purego && !noasm
-// +build !appengine
-// +build gc
-// +build !purego
-// +build !noasm
-
-#include "textflag.h"
-
-// Registers:
-#define h      AX
-#define d      AX
-#define p      SI // pointer to advance through b
-#define n      DX
-#define end    BX // loop end
-#define v1     R8
-#define v2     R9
-#define v3     R10
-#define v4     R11
-#define x      R12
-#define prime1 R13
-#define prime2 R14
-#define prime4 DI
-
-#define round(acc, x) \
-	IMULQ prime2, x   \
-	ADDQ  x, acc      \
-	ROLQ  $31, acc    \
-	IMULQ prime1, acc
-
-// round0 performs the operation x = round(0, x).
-#define round0(x) \
-	IMULQ prime2, x \
-	ROLQ  $31, x    \
-	IMULQ prime1, x
-
-// mergeRound applies a merge round on the two registers acc and x.
-// It assumes that prime1, prime2, and prime4 have been loaded.
-#define mergeRound(acc, x) \
-	round0(x)         \
-	XORQ  x, acc      \
-	IMULQ prime1, acc \
-	ADDQ  prime4, acc
-
-// blockLoop processes as many 32-byte blocks as possible,
-// updating v1, v2, v3, and v4. It assumes that there is at least one block
-// to process.
-#define blockLoop() \
-loop:  \
-	MOVQ +0(p), x  \
-	round(v1, x)   \
-	MOVQ +8(p), x  \
-	round(v2, x)   \
-	MOVQ +16(p), x \
-	round(v3, x)   \
-	MOVQ +24(p), x \
-	round(v4, x)   \
-	ADDQ $32, p    \
-	CMPQ p, end    \
-	JLE  loop
-
-// func Sum64(b []byte) uint64
-TEXT ·Sum64(SB), NOSPLIT|NOFRAME, $0-32
-	// Load fixed primes.
-	MOVQ ·primes+0(SB), prime1
-	MOVQ ·primes+8(SB), prime2
-	MOVQ ·primes+24(SB), prime4
-
-	// Load slice.
-	MOVQ b_base+0(FP), p
-	MOVQ b_len+8(FP), n
-	LEAQ (p)(n*1), end
-
-	// The first loop limit will be len(b)-32.
-	SUBQ $32, end
-
-	// Check whether we have at least one block.
-	CMPQ n, $32
-	JLT  noBlocks
-
-	// Set up initial state (v1, v2, v3, v4).
-	MOVQ prime1, v1
-	ADDQ prime2, v1
-	MOVQ prime2, v2
-	XORQ v3, v3
-	XORQ v4, v4
-	SUBQ prime1, v4
-
-	blockLoop()
-
-	MOVQ v1, h
-	ROLQ $1, h
-	MOVQ v2, x
-	ROLQ $7, x
-	ADDQ x, h
-	MOVQ v3, x
-	ROLQ $12, x
-	ADDQ x, h
-	MOVQ v4, x
-	ROLQ $18, x
-	ADDQ x, h
-
-	mergeRound(h, v1)
-	mergeRound(h, v2)
-	mergeRound(h, v3)
-	mergeRound(h, v4)
-
-	JMP afterBlocks
-
-noBlocks:
-	MOVQ ·primes+32(SB), h
-
-afterBlocks:
-	ADDQ n, h
-
-	ADDQ $24, end
-	CMPQ p, end
-	JG   try4
-
-loop8:
-	MOVQ  (p), x
-	ADDQ  $8, p
-	round0(x)
-	XORQ  x, h
-	ROLQ  $27, h
-	IMULQ prime1, h
-	ADDQ  prime4, h
-
-	CMPQ p, end
-	JLE  loop8
-
-try4:
-	ADDQ $4, end
-	CMPQ p, end
-	JG   try1
-
-	MOVL  (p), x
-	ADDQ  $4, p
-	IMULQ prime1, x
-	XORQ  x, h
-
-	ROLQ  $23, h
-	IMULQ prime2, h
-	ADDQ  ·primes+16(SB), h
-
-try1:
-	ADDQ $4, end
-	CMPQ p, end
-	JGE  finalize
-
-loop1:
-	MOVBQZX (p), x
-	ADDQ    $1, p
-	IMULQ   ·primes+32(SB), x
-	XORQ    x, h
-	ROLQ    $11, h
-	IMULQ   prime1, h
-
-	CMPQ p, end
-	JL   loop1
-
-finalize:
-	MOVQ  h, x
-	SHRQ  $33, x
-	XORQ  x, h
-	IMULQ prime2, h
-	MOVQ  h, x
-	SHRQ  $29, x
-	XORQ  x, h
-	IMULQ ·primes+16(SB), h
-	MOVQ  h, x
-	SHRQ  $32, x
-	XORQ  x, h
-
-	MOVQ h, ret+24(FP)
-	RET
-
-// func writeBlocks(d *Digest, b []byte) int
-TEXT ·writeBlocks(SB), NOSPLIT|NOFRAME, $0-40
-	// Load fixed primes needed for round.
-	MOVQ ·primes+0(SB), prime1
-	MOVQ ·primes+8(SB), prime2
-
-	// Load slice.
-	MOVQ b_base+8(FP), p
-	MOVQ b_len+16(FP), n
-	LEAQ (p)(n*1), end
-	SUBQ $32, end
-
-	// Load vN from d.
-	MOVQ s+0(FP), d
-	MOVQ 0(d), v1
-	MOVQ 8(d), v2
-	MOVQ 16(d), v3
-	MOVQ 24(d), v4
-
-	// We don't need to check the loop condition here; this function is
-	// always called with at least one block of data to process.
-	blockLoop()
-
-	// Copy vN back to d.
-	MOVQ v1, 0(d)
-	MOVQ v2, 8(d)
-	MOVQ v3, 16(d)
-	MOVQ v4, 24(d)
-
-	// The number of bytes written is p minus the old base pointer.
-	SUBQ b_base+8(FP), p
-	MOVQ p, ret+32(FP)
-
-	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s
deleted file mode 100644
index ae7d4d329..000000000
--- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_arm64.s
+++ /dev/null
@@ -1,184 +0,0 @@
-//go:build !appengine && gc && !purego && !noasm
-// +build !appengine
-// +build gc
-// +build !purego
-// +build !noasm
-
-#include "textflag.h"
-
-// Registers:
-#define digest	R1
-#define h	R2 // return value
-#define p	R3 // input pointer
-#define n	R4 // input length
-#define nblocks	R5 // n / 32
-#define prime1	R7
-#define prime2	R8
-#define prime3	R9
-#define prime4	R10
-#define prime5	R11
-#define v1	R12
-#define v2	R13
-#define v3	R14
-#define v4	R15
-#define x1	R20
-#define x2	R21
-#define x3	R22
-#define x4	R23
-
-#define round(acc, x) \
-	MADD prime2, acc, x, acc \
-	ROR  $64-31, acc         \
-	MUL  prime1, acc
-
-// round0 performs the operation x = round(0, x).
-#define round0(x) \
-	MUL prime2, x \
-	ROR $64-31, x \
-	MUL prime1, x
-
-#define mergeRound(acc, x) \
-	round0(x)                     \
-	EOR  x, acc                   \
-	MADD acc, prime4, prime1, acc
-
-// blockLoop processes as many 32-byte blocks as possible,
-// updating v1, v2, v3, and v4. It assumes that n >= 32.
-#define blockLoop() \
-	LSR     $5, n, nblocks  \
-	PCALIGN $16             \
-	loop:                   \
-	LDP.P   16(p), (x1, x2) \
-	LDP.P   16(p), (x3, x4) \
-	round(v1, x1)           \
-	round(v2, x2)           \
-	round(v3, x3)           \
-	round(v4, x4)           \
-	SUB     $1, nblocks     \
-	CBNZ    nblocks, loop
-
-// func Sum64(b []byte) uint64
-TEXT ·Sum64(SB), NOSPLIT|NOFRAME, $0-32
-	LDP b_base+0(FP), (p, n)
-
-	LDP  ·primes+0(SB), (prime1, prime2)
-	LDP  ·primes+16(SB), (prime3, prime4)
-	MOVD ·primes+32(SB), prime5
-
-	CMP  $32, n
-	CSEL LT, prime5, ZR, h // if n < 32 { h = prime5 } else { h = 0 }
-	BLT  afterLoop
-
-	ADD  prime1, prime2, v1
-	MOVD prime2, v2
-	MOVD $0, v3
-	NEG  prime1, v4
-
-	blockLoop()
-
-	ROR $64-1, v1, x1
-	ROR $64-7, v2, x2
-	ADD x1, x2
-	ROR $64-12, v3, x3
-	ROR $64-18, v4, x4
-	ADD x3, x4
-	ADD x2, x4, h
-
-	mergeRound(h, v1)
-	mergeRound(h, v2)
-	mergeRound(h, v3)
-	mergeRound(h, v4)
-
-afterLoop:
-	ADD n, h
-
-	TBZ   $4, n, try8
-	LDP.P 16(p), (x1, x2)
-
-	round0(x1)
-
-	// NOTE: here and below, sequencing the EOR after the ROR (using a
-	// rotated register) is worth a small but measurable speedup for small
-	// inputs.
-	ROR  $64-27, h
-	EOR  x1 @> 64-27, h, h
-	MADD h, prime4, prime1, h
-
-	round0(x2)
-	ROR  $64-27, h
-	EOR  x2 @> 64-27, h, h
-	MADD h, prime4, prime1, h
-
-try8:
-	TBZ    $3, n, try4
-	MOVD.P 8(p), x1
-
-	round0(x1)
-	ROR  $64-27, h
-	EOR  x1 @> 64-27, h, h
-	MADD h, prime4, prime1, h
-
-try4:
-	TBZ     $2, n, try2
-	MOVWU.P 4(p), x2
-
-	MUL  prime1, x2
-	ROR  $64-23, h
-	EOR  x2 @> 64-23, h, h
-	MADD h, prime3, prime2, h
-
-try2:
-	TBZ     $1, n, try1
-	MOVHU.P 2(p), x3
-	AND     $255, x3, x1
-	LSR     $8, x3, x2
-
-	MUL prime5, x1
-	ROR $64-11, h
-	EOR x1 @> 64-11, h, h
-	MUL prime1, h
-
-	MUL prime5, x2
-	ROR $64-11, h
-	EOR x2 @> 64-11, h, h
-	MUL prime1, h
-
-try1:
-	TBZ   $0, n, finalize
-	MOVBU (p), x4
-
-	MUL prime5, x4
-	ROR $64-11, h
-	EOR x4 @> 64-11, h, h
-	MUL prime1, h
-
-finalize:
-	EOR h >> 33, h
-	MUL prime2, h
-	EOR h >> 29, h
-	MUL prime3, h
-	EOR h >> 32, h
-
-	MOVD h, ret+24(FP)
-	RET
-
-// func writeBlocks(s *Digest, b []byte) int
-TEXT ·writeBlocks(SB), NOSPLIT|NOFRAME, $0-40
-	LDP ·primes+0(SB), (prime1, prime2)
-
-	// Load state. Assume v[1-4] are stored contiguously.
-	MOVD s+0(FP), digest
-	LDP  0(digest), (v1, v2)
-	LDP  16(digest), (v3, v4)
-
-	LDP b_base+8(FP), (p, n)
-
-	blockLoop()
-
-	// Store updated state.
-	STP (v1, v2), 0(digest)
-	STP (v3, v4), 16(digest)
-
-	BIC  $31, n
-	MOVD n, ret+32(FP)
-	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go
deleted file mode 100644
index d4221edf4..000000000
--- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_asm.go
+++ /dev/null
@@ -1,16 +0,0 @@
-//go:build (amd64 || arm64) && !appengine && gc && !purego && !noasm
-// +build amd64 arm64
-// +build !appengine
-// +build gc
-// +build !purego
-// +build !noasm
-
-package xxhash
-
-// Sum64 computes the 64-bit xxHash digest of b.
-//
-//go:noescape
-func Sum64(b []byte) uint64
-
-//go:noescape
-func writeBlocks(s *Digest, b []byte) int
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go
deleted file mode 100644
index 0be16cefc..000000000
--- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_other.go
+++ /dev/null
@@ -1,76 +0,0 @@
-//go:build (!amd64 && !arm64) || appengine || !gc || purego || noasm
-// +build !amd64,!arm64 appengine !gc purego noasm
-
-package xxhash
-
-// Sum64 computes the 64-bit xxHash digest of b.
-func Sum64(b []byte) uint64 {
-	// A simpler version would be
-	//   d := New()
-	//   d.Write(b)
-	//   return d.Sum64()
-	// but this is faster, particularly for small inputs.
-
-	n := len(b)
-	var h uint64
-
-	if n >= 32 {
-		v1 := primes[0] + prime2
-		v2 := prime2
-		v3 := uint64(0)
-		v4 := -primes[0]
-		for len(b) >= 32 {
-			v1 = round(v1, u64(b[0:8:len(b)]))
-			v2 = round(v2, u64(b[8:16:len(b)]))
-			v3 = round(v3, u64(b[16:24:len(b)]))
-			v4 = round(v4, u64(b[24:32:len(b)]))
-			b = b[32:len(b):len(b)]
-		}
-		h = rol1(v1) + rol7(v2) + rol12(v3) + rol18(v4)
-		h = mergeRound(h, v1)
-		h = mergeRound(h, v2)
-		h = mergeRound(h, v3)
-		h = mergeRound(h, v4)
-	} else {
-		h = prime5
-	}
-
-	h += uint64(n)
-
-	for ; len(b) >= 8; b = b[8:] {
-		k1 := round(0, u64(b[:8]))
-		h ^= k1
-		h = rol27(h)*prime1 + prime4
-	}
-	if len(b) >= 4 {
-		h ^= uint64(u32(b[:4])) * prime1
-		h = rol23(h)*prime2 + prime3
-		b = b[4:]
-	}
-	for ; len(b) > 0; b = b[1:] {
-		h ^= uint64(b[0]) * prime5
-		h = rol11(h) * prime1
-	}
-
-	h ^= h >> 33
-	h *= prime2
-	h ^= h >> 29
-	h *= prime3
-	h ^= h >> 32
-
-	return h
-}
-
-func writeBlocks(d *Digest, b []byte) int {
-	v1, v2, v3, v4 := d.v1, d.v2, d.v3, d.v4
-	n := len(b)
-	for len(b) >= 32 {
-		v1 = round(v1, u64(b[0:8:len(b)]))
-		v2 = round(v2, u64(b[8:16:len(b)]))
-		v3 = round(v3, u64(b[16:24:len(b)]))
-		v4 = round(v4, u64(b[24:32:len(b)]))
-		b = b[32:len(b):len(b)]
-	}
-	d.v1, d.v2, d.v3, d.v4 = v1, v2, v3, v4
-	return n - len(b)
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_safe.go b/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_safe.go
deleted file mode 100644
index 6f3b0cb10..000000000
--- a/vendor/github.com/klauspost/compress/zstd/internal/xxhash/xxhash_safe.go
+++ /dev/null
@@ -1,11 +0,0 @@
-package xxhash
-
-// Sum64String computes the 64-bit xxHash digest of s.
-func Sum64String(s string) uint64 {
-	return Sum64([]byte(s))
-}
-
-// WriteString adds more data to d. It always returns len(s), nil.
-func (d *Digest) WriteString(s string) (n int, err error) {
-	return d.Write([]byte(s))
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.go b/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.go
deleted file mode 100644
index f41932b7a..000000000
--- a/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.go
+++ /dev/null
@@ -1,16 +0,0 @@
-//go:build amd64 && !appengine && !noasm && gc
-// +build amd64,!appengine,!noasm,gc
-
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-
-package zstd
-
-// matchLen returns how many bytes match in a and b
-//
-// It assumes that:
-//
-//	len(a) <= len(b) and len(a) > 0
-//
-//go:noescape
-func matchLen(a []byte, b []byte) int
diff --git a/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.s b/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.s
deleted file mode 100644
index 0782b86e3..000000000
--- a/vendor/github.com/klauspost/compress/zstd/matchlen_amd64.s
+++ /dev/null
@@ -1,66 +0,0 @@
-// Copied from S2 implementation.
-
-//go:build !appengine && !noasm && gc && !noasm
-
-#include "textflag.h"
-
-// func matchLen(a []byte, b []byte) int
-TEXT ·matchLen(SB), NOSPLIT, $0-56
-	MOVQ a_base+0(FP), AX
-	MOVQ b_base+24(FP), CX
-	MOVQ a_len+8(FP), DX
-
-	// matchLen
-	XORL SI, SI
-	CMPL DX, $0x08
-	JB   matchlen_match4_standalone
-
-matchlen_loopback_standalone:
-	MOVQ (AX)(SI*1), BX
-	XORQ (CX)(SI*1), BX
-	JZ   matchlen_loop_standalone
-
-#ifdef GOAMD64_v3
-	TZCNTQ BX, BX
-#else
-	BSFQ BX, BX
-#endif
-	SHRL $0x03, BX
-	LEAL (SI)(BX*1), SI
-	JMP  gen_match_len_end
-
-matchlen_loop_standalone:
-	LEAL -8(DX), DX
-	LEAL 8(SI), SI
-	CMPL DX, $0x08
-	JAE  matchlen_loopback_standalone
-
-matchlen_match4_standalone:
-	CMPL DX, $0x04
-	JB   matchlen_match2_standalone
-	MOVL (AX)(SI*1), BX
-	CMPL (CX)(SI*1), BX
-	JNE  matchlen_match2_standalone
-	LEAL -4(DX), DX
-	LEAL 4(SI), SI
-
-matchlen_match2_standalone:
-	CMPL DX, $0x02
-	JB   matchlen_match1_standalone
-	MOVW (AX)(SI*1), BX
-	CMPW (CX)(SI*1), BX
-	JNE  matchlen_match1_standalone
-	LEAL -2(DX), DX
-	LEAL 2(SI), SI
-
-matchlen_match1_standalone:
-	CMPL DX, $0x01
-	JB   gen_match_len_end
-	MOVB (AX)(SI*1), BL
-	CMPB (CX)(SI*1), BL
-	JNE  gen_match_len_end
-	INCL SI
-
-gen_match_len_end:
-	MOVQ SI, ret+48(FP)
-	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/matchlen_generic.go b/vendor/github.com/klauspost/compress/zstd/matchlen_generic.go
deleted file mode 100644
index 57b9c31c0..000000000
--- a/vendor/github.com/klauspost/compress/zstd/matchlen_generic.go
+++ /dev/null
@@ -1,33 +0,0 @@
-//go:build !amd64 || appengine || !gc || noasm
-// +build !amd64 appengine !gc noasm
-
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-
-package zstd
-
-import (
-	"encoding/binary"
-	"math/bits"
-)
-
-// matchLen returns the maximum common prefix length of a and b.
-// a must be the shortest of the two.
-func matchLen(a, b []byte) (n int) {
-	for ; len(a) >= 8 && len(b) >= 8; a, b = a[8:], b[8:] {
-		diff := binary.LittleEndian.Uint64(a) ^ binary.LittleEndian.Uint64(b)
-		if diff != 0 {
-			return n + bits.TrailingZeros64(diff)>>3
-		}
-		n += 8
-	}
-
-	for i := range a {
-		if a[i] != b[i] {
-			break
-		}
-		n++
-	}
-	return n
-
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/seqdec.go b/vendor/github.com/klauspost/compress/zstd/seqdec.go
deleted file mode 100644
index d7fe6d82d..000000000
--- a/vendor/github.com/klauspost/compress/zstd/seqdec.go
+++ /dev/null
@@ -1,503 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"errors"
-	"fmt"
-	"io"
-)
-
-type seq struct {
-	litLen   uint32
-	matchLen uint32
-	offset   uint32
-
-	// Codes are stored here for the encoder
-	// so they only have to be looked up once.
-	llCode, mlCode, ofCode uint8
-}
-
-type seqVals struct {
-	ll, ml, mo int
-}
-
-func (s seq) String() string {
-	if s.offset <= 3 {
-		if s.offset == 0 {
-			return fmt.Sprint("litLen:", s.litLen, ", matchLen:", s.matchLen+zstdMinMatch, ", offset: INVALID (0)")
-		}
-		return fmt.Sprint("litLen:", s.litLen, ", matchLen:", s.matchLen+zstdMinMatch, ", offset:", s.offset, " (repeat)")
-	}
-	return fmt.Sprint("litLen:", s.litLen, ", matchLen:", s.matchLen+zstdMinMatch, ", offset:", s.offset-3, " (new)")
-}
-
-type seqCompMode uint8
-
-const (
-	compModePredefined seqCompMode = iota
-	compModeRLE
-	compModeFSE
-	compModeRepeat
-)
-
-type sequenceDec struct {
-	// decoder keeps track of the current state and updates it from the bitstream.
-	fse    *fseDecoder
-	state  fseState
-	repeat bool
-}
-
-// init the state of the decoder with input from stream.
-func (s *sequenceDec) init(br *bitReader) error {
-	if s.fse == nil {
-		return errors.New("sequence decoder not defined")
-	}
-	s.state.init(br, s.fse.actualTableLog, s.fse.dt[:1< cap(s.out) {
-		addBytes := s.seqSize + len(s.out)
-		s.out = append(s.out, make([]byte, addBytes)...)
-		s.out = s.out[:len(s.out)-addBytes]
-	}
-
-	if debugDecoder {
-		printf("Execute %d seqs with hist %d, dict %d, literals: %d into %d bytes\n", len(seqs), len(hist), len(s.dict), len(s.literals), s.seqSize)
-	}
-
-	var t = len(s.out)
-	out := s.out[:t+s.seqSize]
-
-	for _, seq := range seqs {
-		// Add literals
-		copy(out[t:], s.literals[:seq.ll])
-		t += seq.ll
-		s.literals = s.literals[seq.ll:]
-
-		// Copy from dictionary...
-		if seq.mo > t+len(hist) || seq.mo > s.windowSize {
-			if len(s.dict) == 0 {
-				return fmt.Errorf("match offset (%d) bigger than current history (%d)", seq.mo, t+len(hist))
-			}
-
-			// we may be in dictionary.
-			dictO := len(s.dict) - (seq.mo - (t + len(hist)))
-			if dictO < 0 || dictO >= len(s.dict) {
-				return fmt.Errorf("match offset (%d) bigger than current history+dict (%d)", seq.mo, t+len(hist)+len(s.dict))
-			}
-			end := dictO + seq.ml
-			if end > len(s.dict) {
-				n := len(s.dict) - dictO
-				copy(out[t:], s.dict[dictO:])
-				t += n
-				seq.ml -= n
-			} else {
-				copy(out[t:], s.dict[dictO:end])
-				t += end - dictO
-				continue
-			}
-		}
-
-		// Copy from history.
-		if v := seq.mo - t; v > 0 {
-			// v is the start position in history from end.
-			start := len(hist) - v
-			if seq.ml > v {
-				// Some goes into current block.
-				// Copy remainder of history
-				copy(out[t:], hist[start:])
-				t += v
-				seq.ml -= v
-			} else {
-				copy(out[t:], hist[start:start+seq.ml])
-				t += seq.ml
-				continue
-			}
-		}
-		// We must be in current buffer now
-		if seq.ml > 0 {
-			start := t - seq.mo
-			if seq.ml <= t-start {
-				// No overlap
-				copy(out[t:], out[start:start+seq.ml])
-				t += seq.ml
-				continue
-			} else {
-				// Overlapping copy
-				// Extend destination slice and copy one byte at the time.
-				src := out[start : start+seq.ml]
-				dst := out[t:]
-				dst = dst[:len(src)]
-				t += len(src)
-				// Destination is the space we just added.
-				for i := range src {
-					dst[i] = src[i]
-				}
-			}
-		}
-	}
-
-	// Add final literals
-	copy(out[t:], s.literals)
-	if debugDecoder {
-		t += len(s.literals)
-		if t != len(out) {
-			panic(fmt.Errorf("length mismatch, want %d, got %d, ss: %d", len(out), t, s.seqSize))
-		}
-	}
-	s.out = out
-
-	return nil
-}
-
-// decode sequences from the stream with the provided history.
-func (s *sequenceDecs) decodeSync(hist []byte) error {
-	supported, err := s.decodeSyncSimple(hist)
-	if supported {
-		return err
-	}
-
-	br := s.br
-	seqs := s.nSeqs
-	startSize := len(s.out)
-	// Grab full sizes tables, to avoid bounds checks.
-	llTable, mlTable, ofTable := s.litLengths.fse.dt[:maxTablesize], s.matchLengths.fse.dt[:maxTablesize], s.offsets.fse.dt[:maxTablesize]
-	llState, mlState, ofState := s.litLengths.state.state, s.matchLengths.state.state, s.offsets.state.state
-	out := s.out
-	maxBlockSize := maxCompressedBlockSize
-	if s.windowSize < maxBlockSize {
-		maxBlockSize = s.windowSize
-	}
-
-	if debugDecoder {
-		println("decodeSync: decoding", seqs, "sequences", br.remain(), "bits remain on stream")
-	}
-	for i := seqs - 1; i >= 0; i-- {
-		if br.overread() {
-			printf("reading sequence %d, exceeded available data. Overread by %d\n", seqs-i, -br.remain())
-			return io.ErrUnexpectedEOF
-		}
-		var ll, mo, ml int
-		if len(br.in) > 4+((maxOffsetBits+16+16)>>3) {
-			// inlined function:
-			// ll, mo, ml = s.nextFast(br, llState, mlState, ofState)
-
-			// Final will not read from stream.
-			var llB, mlB, moB uint8
-			ll, llB = llState.final()
-			ml, mlB = mlState.final()
-			mo, moB = ofState.final()
-
-			// extra bits are stored in reverse order.
-			br.fillFast()
-			mo += br.getBits(moB)
-			if s.maxBits > 32 {
-				br.fillFast()
-			}
-			ml += br.getBits(mlB)
-			ll += br.getBits(llB)
-
-			if moB > 1 {
-				s.prevOffset[2] = s.prevOffset[1]
-				s.prevOffset[1] = s.prevOffset[0]
-				s.prevOffset[0] = mo
-			} else {
-				// mo = s.adjustOffset(mo, ll, moB)
-				// Inlined for rather big speedup
-				if ll == 0 {
-					// There is an exception though, when current sequence's literals_length = 0.
-					// In this case, repeated offsets are shifted by one, so an offset_value of 1 means Repeated_Offset2,
-					// an offset_value of 2 means Repeated_Offset3, and an offset_value of 3 means Repeated_Offset1 - 1_byte.
-					mo++
-				}
-
-				if mo == 0 {
-					mo = s.prevOffset[0]
-				} else {
-					var temp int
-					if mo == 3 {
-						temp = s.prevOffset[0] - 1
-					} else {
-						temp = s.prevOffset[mo]
-					}
-
-					if temp == 0 {
-						// 0 is not valid; input is corrupted; force offset to 1
-						println("WARNING: temp was 0")
-						temp = 1
-					}
-
-					if mo != 1 {
-						s.prevOffset[2] = s.prevOffset[1]
-					}
-					s.prevOffset[1] = s.prevOffset[0]
-					s.prevOffset[0] = temp
-					mo = temp
-				}
-			}
-			br.fillFast()
-		} else {
-			ll, mo, ml = s.next(br, llState, mlState, ofState)
-			br.fill()
-		}
-
-		if debugSequences {
-			println("Seq", seqs-i-1, "Litlen:", ll, "mo:", mo, "(abs) ml:", ml)
-		}
-
-		if ll > len(s.literals) {
-			return fmt.Errorf("unexpected literal count, want %d bytes, but only %d is available", ll, len(s.literals))
-		}
-		size := ll + ml + len(out)
-		if size-startSize > maxBlockSize {
-			return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
-		}
-		if size > cap(out) {
-			// Not enough size, which can happen under high volume block streaming conditions
-			// but could be if destination slice is too small for sync operations.
-			// over-allocating here can create a large amount of GC pressure so we try to keep
-			// it as contained as possible
-			used := len(out) - startSize
-			addBytes := 256 + ll + ml + used>>2
-			// Clamp to max block size.
-			if used+addBytes > maxBlockSize {
-				addBytes = maxBlockSize - used
-			}
-			out = append(out, make([]byte, addBytes)...)
-			out = out[:len(out)-addBytes]
-		}
-		if ml > maxMatchLen {
-			return fmt.Errorf("match len (%d) bigger than max allowed length", ml)
-		}
-
-		// Add literals
-		out = append(out, s.literals[:ll]...)
-		s.literals = s.literals[ll:]
-
-		if mo == 0 && ml > 0 {
-			return fmt.Errorf("zero matchoff and matchlen (%d) > 0", ml)
-		}
-
-		if mo > len(out)+len(hist) || mo > s.windowSize {
-			if len(s.dict) == 0 {
-				return fmt.Errorf("match offset (%d) bigger than current history (%d)", mo, len(out)+len(hist)-startSize)
-			}
-
-			// we may be in dictionary.
-			dictO := len(s.dict) - (mo - (len(out) + len(hist)))
-			if dictO < 0 || dictO >= len(s.dict) {
-				return fmt.Errorf("match offset (%d) bigger than current history (%d)", mo, len(out)+len(hist)-startSize)
-			}
-			end := dictO + ml
-			if end > len(s.dict) {
-				out = append(out, s.dict[dictO:]...)
-				ml -= len(s.dict) - dictO
-			} else {
-				out = append(out, s.dict[dictO:end]...)
-				mo = 0
-				ml = 0
-			}
-		}
-
-		// Copy from history.
-		// TODO: Blocks without history could be made to ignore this completely.
-		if v := mo - len(out); v > 0 {
-			// v is the start position in history from end.
-			start := len(hist) - v
-			if ml > v {
-				// Some goes into current block.
-				// Copy remainder of history
-				out = append(out, hist[start:]...)
-				ml -= v
-			} else {
-				out = append(out, hist[start:start+ml]...)
-				ml = 0
-			}
-		}
-		// We must be in current buffer now
-		if ml > 0 {
-			start := len(out) - mo
-			if ml <= len(out)-start {
-				// No overlap
-				out = append(out, out[start:start+ml]...)
-			} else {
-				// Overlapping copy
-				// Extend destination slice and copy one byte at the time.
-				out = out[:len(out)+ml]
-				src := out[start : start+ml]
-				// Destination is the space we just added.
-				dst := out[len(out)-ml:]
-				dst = dst[:len(src)]
-				for i := range src {
-					dst[i] = src[i]
-				}
-			}
-		}
-		if i == 0 {
-			// This is the last sequence, so we shouldn't update state.
-			break
-		}
-
-		// Manually inlined, ~ 5-20% faster
-		// Update all 3 states at once. Approx 20% faster.
-		nBits := llState.nbBits() + mlState.nbBits() + ofState.nbBits()
-		if nBits == 0 {
-			llState = llTable[llState.newState()&maxTableMask]
-			mlState = mlTable[mlState.newState()&maxTableMask]
-			ofState = ofTable[ofState.newState()&maxTableMask]
-		} else {
-			bits := br.get32BitsFast(nBits)
-
-			lowBits := uint16(bits >> ((ofState.nbBits() + mlState.nbBits()) & 31))
-			llState = llTable[(llState.newState()+lowBits)&maxTableMask]
-
-			lowBits = uint16(bits >> (ofState.nbBits() & 31))
-			lowBits &= bitMask[mlState.nbBits()&15]
-			mlState = mlTable[(mlState.newState()+lowBits)&maxTableMask]
-
-			lowBits = uint16(bits) & bitMask[ofState.nbBits()&15]
-			ofState = ofTable[(ofState.newState()+lowBits)&maxTableMask]
-		}
-	}
-
-	if size := len(s.literals) + len(out) - startSize; size > maxBlockSize {
-		return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
-	}
-
-	// Add final literals
-	s.out = append(out, s.literals...)
-	return br.close()
-}
-
-var bitMask [16]uint16
-
-func init() {
-	for i := range bitMask[:] {
-		bitMask[i] = uint16((1 << uint(i)) - 1)
-	}
-}
-
-func (s *sequenceDecs) next(br *bitReader, llState, mlState, ofState decSymbol) (ll, mo, ml int) {
-	// Final will not read from stream.
-	ll, llB := llState.final()
-	ml, mlB := mlState.final()
-	mo, moB := ofState.final()
-
-	// extra bits are stored in reverse order.
-	br.fill()
-	mo += br.getBits(moB)
-	if s.maxBits > 32 {
-		br.fill()
-	}
-	// matchlength+literal length, max 32 bits
-	ml += br.getBits(mlB)
-	ll += br.getBits(llB)
-	mo = s.adjustOffset(mo, ll, moB)
-	return
-}
-
-func (s *sequenceDecs) adjustOffset(offset, litLen int, offsetB uint8) int {
-	if offsetB > 1 {
-		s.prevOffset[2] = s.prevOffset[1]
-		s.prevOffset[1] = s.prevOffset[0]
-		s.prevOffset[0] = offset
-		return offset
-	}
-
-	if litLen == 0 {
-		// There is an exception though, when current sequence's literals_length = 0.
-		// In this case, repeated offsets are shifted by one, so an offset_value of 1 means Repeated_Offset2,
-		// an offset_value of 2 means Repeated_Offset3, and an offset_value of 3 means Repeated_Offset1 - 1_byte.
-		offset++
-	}
-
-	if offset == 0 {
-		return s.prevOffset[0]
-	}
-	var temp int
-	if offset == 3 {
-		temp = s.prevOffset[0] - 1
-	} else {
-		temp = s.prevOffset[offset]
-	}
-
-	if temp == 0 {
-		// 0 is not valid; input is corrupted; force offset to 1
-		println("temp was 0")
-		temp = 1
-	}
-
-	if offset != 1 {
-		s.prevOffset[2] = s.prevOffset[1]
-	}
-	s.prevOffset[1] = s.prevOffset[0]
-	s.prevOffset[0] = temp
-	return temp
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.go b/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.go
deleted file mode 100644
index c59f17e07..000000000
--- a/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.go
+++ /dev/null
@@ -1,394 +0,0 @@
-//go:build amd64 && !appengine && !noasm && gc
-// +build amd64,!appengine,!noasm,gc
-
-package zstd
-
-import (
-	"fmt"
-	"io"
-
-	"github.com/klauspost/compress/internal/cpuinfo"
-)
-
-type decodeSyncAsmContext struct {
-	llTable     []decSymbol
-	mlTable     []decSymbol
-	ofTable     []decSymbol
-	llState     uint64
-	mlState     uint64
-	ofState     uint64
-	iteration   int
-	litRemain   int
-	out         []byte
-	outPosition int
-	literals    []byte
-	litPosition int
-	history     []byte
-	windowSize  int
-	ll          int // set on error (not for all errors, please refer to _generate/gen.go)
-	ml          int // set on error (not for all errors, please refer to _generate/gen.go)
-	mo          int // set on error (not for all errors, please refer to _generate/gen.go)
-}
-
-// sequenceDecs_decodeSync_amd64 implements the main loop of sequenceDecs.decodeSync in x86 asm.
-//
-// Please refer to seqdec_generic.go for the reference implementation.
-//
-//go:noescape
-func sequenceDecs_decodeSync_amd64(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
-
-// sequenceDecs_decodeSync_bmi2 implements the main loop of sequenceDecs.decodeSync in x86 asm with BMI2 extensions.
-//
-//go:noescape
-func sequenceDecs_decodeSync_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
-
-// sequenceDecs_decodeSync_safe_amd64 does the same as above, but does not write more than output buffer.
-//
-//go:noescape
-func sequenceDecs_decodeSync_safe_amd64(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
-
-// sequenceDecs_decodeSync_safe_bmi2 does the same as above, but does not write more than output buffer.
-//
-//go:noescape
-func sequenceDecs_decodeSync_safe_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
-
-// decode sequences from the stream with the provided history but without a dictionary.
-func (s *sequenceDecs) decodeSyncSimple(hist []byte) (bool, error) {
-	if len(s.dict) > 0 {
-		return false, nil
-	}
-	if s.maxSyncLen == 0 && cap(s.out)-len(s.out) < maxCompressedBlockSize {
-		return false, nil
-	}
-
-	// FIXME: Using unsafe memory copies leads to rare, random crashes
-	// with fuzz testing. It is therefore disabled for now.
-	const useSafe = true
-	/*
-		useSafe := false
-		if s.maxSyncLen == 0 && cap(s.out)-len(s.out) < maxCompressedBlockSizeAlloc {
-			useSafe = true
-		}
-		if s.maxSyncLen > 0 && cap(s.out)-len(s.out)-compressedBlockOverAlloc < int(s.maxSyncLen) {
-			useSafe = true
-		}
-		if cap(s.literals) < len(s.literals)+compressedBlockOverAlloc {
-			useSafe = true
-		}
-	*/
-
-	br := s.br
-
-	maxBlockSize := maxCompressedBlockSize
-	if s.windowSize < maxBlockSize {
-		maxBlockSize = s.windowSize
-	}
-
-	ctx := decodeSyncAsmContext{
-		llTable:     s.litLengths.fse.dt[:maxTablesize],
-		mlTable:     s.matchLengths.fse.dt[:maxTablesize],
-		ofTable:     s.offsets.fse.dt[:maxTablesize],
-		llState:     uint64(s.litLengths.state.state),
-		mlState:     uint64(s.matchLengths.state.state),
-		ofState:     uint64(s.offsets.state.state),
-		iteration:   s.nSeqs - 1,
-		litRemain:   len(s.literals),
-		out:         s.out,
-		outPosition: len(s.out),
-		literals:    s.literals,
-		windowSize:  s.windowSize,
-		history:     hist,
-	}
-
-	s.seqSize = 0
-	startSize := len(s.out)
-
-	var errCode int
-	if cpuinfo.HasBMI2() {
-		if useSafe {
-			errCode = sequenceDecs_decodeSync_safe_bmi2(s, br, &ctx)
-		} else {
-			errCode = sequenceDecs_decodeSync_bmi2(s, br, &ctx)
-		}
-	} else {
-		if useSafe {
-			errCode = sequenceDecs_decodeSync_safe_amd64(s, br, &ctx)
-		} else {
-			errCode = sequenceDecs_decodeSync_amd64(s, br, &ctx)
-		}
-	}
-	switch errCode {
-	case noError:
-		break
-
-	case errorMatchLenOfsMismatch:
-		return true, fmt.Errorf("zero matchoff and matchlen (%d) > 0", ctx.ml)
-
-	case errorMatchLenTooBig:
-		return true, fmt.Errorf("match len (%d) bigger than max allowed length", ctx.ml)
-
-	case errorMatchOffTooBig:
-		return true, fmt.Errorf("match offset (%d) bigger than current history (%d)",
-			ctx.mo, ctx.outPosition+len(hist)-startSize)
-
-	case errorNotEnoughLiterals:
-		return true, fmt.Errorf("unexpected literal count, want %d bytes, but only %d is available",
-			ctx.ll, ctx.litRemain+ctx.ll)
-
-	case errorOverread:
-		return true, io.ErrUnexpectedEOF
-
-	case errorNotEnoughSpace:
-		size := ctx.outPosition + ctx.ll + ctx.ml
-		if debugDecoder {
-			println("msl:", s.maxSyncLen, "cap", cap(s.out), "bef:", startSize, "sz:", size-startSize, "mbs:", maxBlockSize, "outsz:", cap(s.out)-startSize)
-		}
-		return true, fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
-
-	default:
-		return true, fmt.Errorf("sequenceDecs_decode returned erroneous code %d", errCode)
-	}
-
-	s.seqSize += ctx.litRemain
-	if s.seqSize > maxBlockSize {
-		return true, fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
-	}
-	err := br.close()
-	if err != nil {
-		printf("Closing sequences: %v, %+v\n", err, *br)
-		return true, err
-	}
-
-	s.literals = s.literals[ctx.litPosition:]
-	t := ctx.outPosition
-	s.out = s.out[:t]
-
-	// Add final literals
-	s.out = append(s.out, s.literals...)
-	if debugDecoder {
-		t += len(s.literals)
-		if t != len(s.out) {
-			panic(fmt.Errorf("length mismatch, want %d, got %d", len(s.out), t))
-		}
-	}
-
-	return true, nil
-}
-
-// --------------------------------------------------------------------------------
-
-type decodeAsmContext struct {
-	llTable   []decSymbol
-	mlTable   []decSymbol
-	ofTable   []decSymbol
-	llState   uint64
-	mlState   uint64
-	ofState   uint64
-	iteration int
-	seqs      []seqVals
-	litRemain int
-}
-
-const noError = 0
-
-// error reported when mo == 0 && ml > 0
-const errorMatchLenOfsMismatch = 1
-
-// error reported when ml > maxMatchLen
-const errorMatchLenTooBig = 2
-
-// error reported when mo > available history or mo > s.windowSize
-const errorMatchOffTooBig = 3
-
-// error reported when the sum of literal lengths exeeceds the literal buffer size
-const errorNotEnoughLiterals = 4
-
-// error reported when capacity of `out` is too small
-const errorNotEnoughSpace = 5
-
-// error reported when bits are overread.
-const errorOverread = 6
-
-// sequenceDecs_decode implements the main loop of sequenceDecs in x86 asm.
-//
-// Please refer to seqdec_generic.go for the reference implementation.
-//
-//go:noescape
-func sequenceDecs_decode_amd64(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
-
-// sequenceDecs_decode implements the main loop of sequenceDecs in x86 asm.
-//
-// Please refer to seqdec_generic.go for the reference implementation.
-//
-//go:noescape
-func sequenceDecs_decode_56_amd64(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
-
-// sequenceDecs_decode implements the main loop of sequenceDecs in x86 asm with BMI2 extensions.
-//
-//go:noescape
-func sequenceDecs_decode_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
-
-// sequenceDecs_decode implements the main loop of sequenceDecs in x86 asm with BMI2 extensions.
-//
-//go:noescape
-func sequenceDecs_decode_56_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
-
-// decode sequences from the stream without the provided history.
-func (s *sequenceDecs) decode(seqs []seqVals) error {
-	br := s.br
-
-	maxBlockSize := maxCompressedBlockSize
-	if s.windowSize < maxBlockSize {
-		maxBlockSize = s.windowSize
-	}
-
-	ctx := decodeAsmContext{
-		llTable:   s.litLengths.fse.dt[:maxTablesize],
-		mlTable:   s.matchLengths.fse.dt[:maxTablesize],
-		ofTable:   s.offsets.fse.dt[:maxTablesize],
-		llState:   uint64(s.litLengths.state.state),
-		mlState:   uint64(s.matchLengths.state.state),
-		ofState:   uint64(s.offsets.state.state),
-		seqs:      seqs,
-		iteration: len(seqs) - 1,
-		litRemain: len(s.literals),
-	}
-
-	if debugDecoder {
-		println("decode: decoding", len(seqs), "sequences", br.remain(), "bits remain on stream")
-	}
-
-	s.seqSize = 0
-	lte56bits := s.maxBits+s.offsets.fse.actualTableLog+s.matchLengths.fse.actualTableLog+s.litLengths.fse.actualTableLog <= 56
-	var errCode int
-	if cpuinfo.HasBMI2() {
-		if lte56bits {
-			errCode = sequenceDecs_decode_56_bmi2(s, br, &ctx)
-		} else {
-			errCode = sequenceDecs_decode_bmi2(s, br, &ctx)
-		}
-	} else {
-		if lte56bits {
-			errCode = sequenceDecs_decode_56_amd64(s, br, &ctx)
-		} else {
-			errCode = sequenceDecs_decode_amd64(s, br, &ctx)
-		}
-	}
-	if errCode != 0 {
-		i := len(seqs) - ctx.iteration - 1
-		switch errCode {
-		case errorMatchLenOfsMismatch:
-			ml := ctx.seqs[i].ml
-			return fmt.Errorf("zero matchoff and matchlen (%d) > 0", ml)
-
-		case errorMatchLenTooBig:
-			ml := ctx.seqs[i].ml
-			return fmt.Errorf("match len (%d) bigger than max allowed length", ml)
-
-		case errorNotEnoughLiterals:
-			ll := ctx.seqs[i].ll
-			return fmt.Errorf("unexpected literal count, want %d bytes, but only %d is available", ll, ctx.litRemain+ll)
-		case errorOverread:
-			return io.ErrUnexpectedEOF
-		}
-
-		return fmt.Errorf("sequenceDecs_decode_amd64 returned erroneous code %d", errCode)
-	}
-
-	if ctx.litRemain < 0 {
-		return fmt.Errorf("literal count is too big: total available %d, total requested %d",
-			len(s.literals), len(s.literals)-ctx.litRemain)
-	}
-
-	s.seqSize += ctx.litRemain
-	if s.seqSize > maxBlockSize {
-		return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
-	}
-	if debugDecoder {
-		println("decode: ", br.remain(), "bits remain on stream. code:", errCode)
-	}
-	err := br.close()
-	if err != nil {
-		printf("Closing sequences: %v, %+v\n", err, *br)
-	}
-	return err
-}
-
-// --------------------------------------------------------------------------------
-
-type executeAsmContext struct {
-	seqs        []seqVals
-	seqIndex    int
-	out         []byte
-	history     []byte
-	literals    []byte
-	outPosition int
-	litPosition int
-	windowSize  int
-}
-
-// sequenceDecs_executeSimple_amd64 implements the main loop of sequenceDecs.executeSimple in x86 asm.
-//
-// Returns false if a match offset is too big.
-//
-// Please refer to seqdec_generic.go for the reference implementation.
-//
-//go:noescape
-func sequenceDecs_executeSimple_amd64(ctx *executeAsmContext) bool
-
-// Same as above, but with safe memcopies
-//
-//go:noescape
-func sequenceDecs_executeSimple_safe_amd64(ctx *executeAsmContext) bool
-
-// executeSimple handles cases when dictionary is not used.
-func (s *sequenceDecs) executeSimple(seqs []seqVals, hist []byte) error {
-	// Ensure we have enough output size...
-	if len(s.out)+s.seqSize+compressedBlockOverAlloc > cap(s.out) {
-		addBytes := s.seqSize + len(s.out) + compressedBlockOverAlloc
-		s.out = append(s.out, make([]byte, addBytes)...)
-		s.out = s.out[:len(s.out)-addBytes]
-	}
-
-	if debugDecoder {
-		printf("Execute %d seqs with literals: %d into %d bytes\n", len(seqs), len(s.literals), s.seqSize)
-	}
-
-	var t = len(s.out)
-	out := s.out[:t+s.seqSize]
-
-	ctx := executeAsmContext{
-		seqs:        seqs,
-		seqIndex:    0,
-		out:         out,
-		history:     hist,
-		outPosition: t,
-		litPosition: 0,
-		literals:    s.literals,
-		windowSize:  s.windowSize,
-	}
-	var ok bool
-	if cap(s.literals) < len(s.literals)+compressedBlockOverAlloc {
-		ok = sequenceDecs_executeSimple_safe_amd64(&ctx)
-	} else {
-		ok = sequenceDecs_executeSimple_amd64(&ctx)
-	}
-	if !ok {
-		return fmt.Errorf("match offset (%d) bigger than current history (%d)",
-			seqs[ctx.seqIndex].mo, ctx.outPosition+len(hist))
-	}
-	s.literals = s.literals[ctx.litPosition:]
-	t = ctx.outPosition
-
-	// Add final literals
-	copy(out[t:], s.literals)
-	if debugDecoder {
-		t += len(s.literals)
-		if t != len(out) {
-			panic(fmt.Errorf("length mismatch, want %d, got %d, ss: %d", len(out), t, s.seqSize))
-		}
-	}
-	s.out = out
-
-	return nil
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s b/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s
deleted file mode 100644
index f5591fa1e..000000000
--- a/vendor/github.com/klauspost/compress/zstd/seqdec_amd64.s
+++ /dev/null
@@ -1,4151 +0,0 @@
-// Code generated by command: go run gen.go -out ../seqdec_amd64.s -pkg=zstd. DO NOT EDIT.
-
-//go:build !appengine && !noasm && gc && !noasm
-
-// func sequenceDecs_decode_amd64(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
-// Requires: CMOV
-TEXT ·sequenceDecs_decode_amd64(SB), $8-32
-	MOVQ    br+8(FP), CX
-	MOVQ    24(CX), DX
-	MOVBQZX 32(CX), BX
-	MOVQ    (CX), AX
-	MOVQ    8(CX), SI
-	ADDQ    SI, AX
-	MOVQ    AX, (SP)
-	MOVQ    ctx+16(FP), AX
-	MOVQ    72(AX), DI
-	MOVQ    80(AX), R8
-	MOVQ    88(AX), R9
-	MOVQ    104(AX), R10
-	MOVQ    s+0(FP), AX
-	MOVQ    144(AX), R11
-	MOVQ    152(AX), R12
-	MOVQ    160(AX), R13
-
-sequenceDecs_decode_amd64_main_loop:
-	MOVQ (SP), R14
-
-	// Fill bitreader to have enough for the offset and match length.
-	CMPQ SI, $0x08
-	JL   sequenceDecs_decode_amd64_fill_byte_by_byte
-	MOVQ BX, AX
-	SHRQ $0x03, AX
-	SUBQ AX, R14
-	MOVQ (R14), DX
-	SUBQ AX, SI
-	ANDQ $0x07, BX
-	JMP  sequenceDecs_decode_amd64_fill_end
-
-sequenceDecs_decode_amd64_fill_byte_by_byte:
-	CMPQ    SI, $0x00
-	JLE     sequenceDecs_decode_amd64_fill_check_overread
-	CMPQ    BX, $0x07
-	JLE     sequenceDecs_decode_amd64_fill_end
-	SHLQ    $0x08, DX
-	SUBQ    $0x01, R14
-	SUBQ    $0x01, SI
-	SUBQ    $0x08, BX
-	MOVBQZX (R14), AX
-	ORQ     AX, DX
-	JMP     sequenceDecs_decode_amd64_fill_byte_by_byte
-
-sequenceDecs_decode_amd64_fill_check_overread:
-	CMPQ BX, $0x40
-	JA   error_overread
-
-sequenceDecs_decode_amd64_fill_end:
-	// Update offset
-	MOVQ  R9, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R15
-	SHLQ  CL, R15
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decode_amd64_of_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decode_amd64_of_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decode_amd64_of_update_zero
-	NEGQ  CX
-	SHRQ  CL, R15
-	ADDQ  R15, AX
-
-sequenceDecs_decode_amd64_of_update_zero:
-	MOVQ AX, 16(R10)
-
-	// Update match length
-	MOVQ  R8, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R15
-	SHLQ  CL, R15
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decode_amd64_ml_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decode_amd64_ml_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decode_amd64_ml_update_zero
-	NEGQ  CX
-	SHRQ  CL, R15
-	ADDQ  R15, AX
-
-sequenceDecs_decode_amd64_ml_update_zero:
-	MOVQ AX, 8(R10)
-
-	// Fill bitreader to have enough for the remaining
-	CMPQ SI, $0x08
-	JL   sequenceDecs_decode_amd64_fill_2_byte_by_byte
-	MOVQ BX, AX
-	SHRQ $0x03, AX
-	SUBQ AX, R14
-	MOVQ (R14), DX
-	SUBQ AX, SI
-	ANDQ $0x07, BX
-	JMP  sequenceDecs_decode_amd64_fill_2_end
-
-sequenceDecs_decode_amd64_fill_2_byte_by_byte:
-	CMPQ    SI, $0x00
-	JLE     sequenceDecs_decode_amd64_fill_2_check_overread
-	CMPQ    BX, $0x07
-	JLE     sequenceDecs_decode_amd64_fill_2_end
-	SHLQ    $0x08, DX
-	SUBQ    $0x01, R14
-	SUBQ    $0x01, SI
-	SUBQ    $0x08, BX
-	MOVBQZX (R14), AX
-	ORQ     AX, DX
-	JMP     sequenceDecs_decode_amd64_fill_2_byte_by_byte
-
-sequenceDecs_decode_amd64_fill_2_check_overread:
-	CMPQ BX, $0x40
-	JA   error_overread
-
-sequenceDecs_decode_amd64_fill_2_end:
-	// Update literal length
-	MOVQ  DI, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R15
-	SHLQ  CL, R15
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decode_amd64_ll_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decode_amd64_ll_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decode_amd64_ll_update_zero
-	NEGQ  CX
-	SHRQ  CL, R15
-	ADDQ  R15, AX
-
-sequenceDecs_decode_amd64_ll_update_zero:
-	MOVQ AX, (R10)
-
-	// Fill bitreader for state updates
-	MOVQ    R14, (SP)
-	MOVQ    R9, AX
-	SHRQ    $0x08, AX
-	MOVBQZX AL, AX
-	MOVQ    ctx+16(FP), CX
-	CMPQ    96(CX), $0x00
-	JZ      sequenceDecs_decode_amd64_skip_update
-
-	// Update Literal Length State
-	MOVBQZX DI, R14
-	SHRL    $0x10, DI
-	LEAQ    (BX)(R14*1), CX
-	MOVQ    DX, R15
-	MOVQ    CX, BX
-	ROLQ    CL, R15
-	MOVL    $0x00000001, BP
-	MOVB    R14, CL
-	SHLL    CL, BP
-	DECL    BP
-	ANDQ    BP, R15
-	ADDQ    R15, DI
-
-	// Load ctx.llTable
-	MOVQ ctx+16(FP), CX
-	MOVQ (CX), CX
-	MOVQ (CX)(DI*8), DI
-
-	// Update Match Length State
-	MOVBQZX R8, R14
-	SHRL    $0x10, R8
-	LEAQ    (BX)(R14*1), CX
-	MOVQ    DX, R15
-	MOVQ    CX, BX
-	ROLQ    CL, R15
-	MOVL    $0x00000001, BP
-	MOVB    R14, CL
-	SHLL    CL, BP
-	DECL    BP
-	ANDQ    BP, R15
-	ADDQ    R15, R8
-
-	// Load ctx.mlTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 24(CX), CX
-	MOVQ (CX)(R8*8), R8
-
-	// Update Offset State
-	MOVBQZX R9, R14
-	SHRL    $0x10, R9
-	LEAQ    (BX)(R14*1), CX
-	MOVQ    DX, R15
-	MOVQ    CX, BX
-	ROLQ    CL, R15
-	MOVL    $0x00000001, BP
-	MOVB    R14, CL
-	SHLL    CL, BP
-	DECL    BP
-	ANDQ    BP, R15
-	ADDQ    R15, R9
-
-	// Load ctx.ofTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 48(CX), CX
-	MOVQ (CX)(R9*8), R9
-
-sequenceDecs_decode_amd64_skip_update:
-	// Adjust offset
-	MOVQ 16(R10), CX
-	CMPQ AX, $0x01
-	JBE  sequenceDecs_decode_amd64_adjust_offsetB_1_or_0
-	MOVQ R12, R13
-	MOVQ R11, R12
-	MOVQ CX, R11
-	JMP  sequenceDecs_decode_amd64_after_adjust
-
-sequenceDecs_decode_amd64_adjust_offsetB_1_or_0:
-	CMPQ (R10), $0x00000000
-	JNE  sequenceDecs_decode_amd64_adjust_offset_maybezero
-	INCQ CX
-	JMP  sequenceDecs_decode_amd64_adjust_offset_nonzero
-
-sequenceDecs_decode_amd64_adjust_offset_maybezero:
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decode_amd64_adjust_offset_nonzero
-	MOVQ  R11, CX
-	JMP   sequenceDecs_decode_amd64_after_adjust
-
-sequenceDecs_decode_amd64_adjust_offset_nonzero:
-	CMPQ CX, $0x01
-	JB   sequenceDecs_decode_amd64_adjust_zero
-	JEQ  sequenceDecs_decode_amd64_adjust_one
-	CMPQ CX, $0x02
-	JA   sequenceDecs_decode_amd64_adjust_three
-	JMP  sequenceDecs_decode_amd64_adjust_two
-
-sequenceDecs_decode_amd64_adjust_zero:
-	MOVQ R11, AX
-	JMP  sequenceDecs_decode_amd64_adjust_test_temp_valid
-
-sequenceDecs_decode_amd64_adjust_one:
-	MOVQ R12, AX
-	JMP  sequenceDecs_decode_amd64_adjust_test_temp_valid
-
-sequenceDecs_decode_amd64_adjust_two:
-	MOVQ R13, AX
-	JMP  sequenceDecs_decode_amd64_adjust_test_temp_valid
-
-sequenceDecs_decode_amd64_adjust_three:
-	LEAQ -1(R11), AX
-
-sequenceDecs_decode_amd64_adjust_test_temp_valid:
-	TESTQ AX, AX
-	JNZ   sequenceDecs_decode_amd64_adjust_temp_valid
-	MOVQ  $0x00000001, AX
-
-sequenceDecs_decode_amd64_adjust_temp_valid:
-	CMPQ    CX, $0x01
-	CMOVQNE R12, R13
-	MOVQ    R11, R12
-	MOVQ    AX, R11
-	MOVQ    AX, CX
-
-sequenceDecs_decode_amd64_after_adjust:
-	MOVQ CX, 16(R10)
-
-	// Check values
-	MOVQ  8(R10), AX
-	MOVQ  (R10), R14
-	LEAQ  (AX)(R14*1), R15
-	MOVQ  s+0(FP), BP
-	ADDQ  R15, 256(BP)
-	MOVQ  ctx+16(FP), R15
-	SUBQ  R14, 128(R15)
-	JS    error_not_enough_literals
-	CMPQ  AX, $0x00020002
-	JA    sequenceDecs_decode_amd64_error_match_len_too_big
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decode_amd64_match_len_ofs_ok
-	TESTQ AX, AX
-	JNZ   sequenceDecs_decode_amd64_error_match_len_ofs_mismatch
-
-sequenceDecs_decode_amd64_match_len_ofs_ok:
-	ADDQ $0x18, R10
-	MOVQ ctx+16(FP), AX
-	DECQ 96(AX)
-	JNS  sequenceDecs_decode_amd64_main_loop
-	MOVQ s+0(FP), AX
-	MOVQ R11, 144(AX)
-	MOVQ R12, 152(AX)
-	MOVQ R13, 160(AX)
-	MOVQ br+8(FP), AX
-	MOVQ DX, 24(AX)
-	MOVB BL, 32(AX)
-	MOVQ SI, 8(AX)
-
-	// Return success
-	MOVQ $0x00000000, ret+24(FP)
-	RET
-
-	// Return with match length error
-sequenceDecs_decode_amd64_error_match_len_ofs_mismatch:
-	MOVQ $0x00000001, ret+24(FP)
-	RET
-
-	// Return with match too long error
-sequenceDecs_decode_amd64_error_match_len_too_big:
-	MOVQ $0x00000002, ret+24(FP)
-	RET
-
-	// Return with match offset too long error
-	MOVQ $0x00000003, ret+24(FP)
-	RET
-
-	// Return with not enough literals error
-error_not_enough_literals:
-	MOVQ $0x00000004, ret+24(FP)
-	RET
-
-	// Return with overread error
-error_overread:
-	MOVQ $0x00000006, ret+24(FP)
-	RET
-
-// func sequenceDecs_decode_56_amd64(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
-// Requires: CMOV
-TEXT ·sequenceDecs_decode_56_amd64(SB), $8-32
-	MOVQ    br+8(FP), CX
-	MOVQ    24(CX), DX
-	MOVBQZX 32(CX), BX
-	MOVQ    (CX), AX
-	MOVQ    8(CX), SI
-	ADDQ    SI, AX
-	MOVQ    AX, (SP)
-	MOVQ    ctx+16(FP), AX
-	MOVQ    72(AX), DI
-	MOVQ    80(AX), R8
-	MOVQ    88(AX), R9
-	MOVQ    104(AX), R10
-	MOVQ    s+0(FP), AX
-	MOVQ    144(AX), R11
-	MOVQ    152(AX), R12
-	MOVQ    160(AX), R13
-
-sequenceDecs_decode_56_amd64_main_loop:
-	MOVQ (SP), R14
-
-	// Fill bitreader to have enough for the offset and match length.
-	CMPQ SI, $0x08
-	JL   sequenceDecs_decode_56_amd64_fill_byte_by_byte
-	MOVQ BX, AX
-	SHRQ $0x03, AX
-	SUBQ AX, R14
-	MOVQ (R14), DX
-	SUBQ AX, SI
-	ANDQ $0x07, BX
-	JMP  sequenceDecs_decode_56_amd64_fill_end
-
-sequenceDecs_decode_56_amd64_fill_byte_by_byte:
-	CMPQ    SI, $0x00
-	JLE     sequenceDecs_decode_56_amd64_fill_check_overread
-	CMPQ    BX, $0x07
-	JLE     sequenceDecs_decode_56_amd64_fill_end
-	SHLQ    $0x08, DX
-	SUBQ    $0x01, R14
-	SUBQ    $0x01, SI
-	SUBQ    $0x08, BX
-	MOVBQZX (R14), AX
-	ORQ     AX, DX
-	JMP     sequenceDecs_decode_56_amd64_fill_byte_by_byte
-
-sequenceDecs_decode_56_amd64_fill_check_overread:
-	CMPQ BX, $0x40
-	JA   error_overread
-
-sequenceDecs_decode_56_amd64_fill_end:
-	// Update offset
-	MOVQ  R9, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R15
-	SHLQ  CL, R15
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decode_56_amd64_of_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decode_56_amd64_of_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decode_56_amd64_of_update_zero
-	NEGQ  CX
-	SHRQ  CL, R15
-	ADDQ  R15, AX
-
-sequenceDecs_decode_56_amd64_of_update_zero:
-	MOVQ AX, 16(R10)
-
-	// Update match length
-	MOVQ  R8, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R15
-	SHLQ  CL, R15
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decode_56_amd64_ml_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decode_56_amd64_ml_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decode_56_amd64_ml_update_zero
-	NEGQ  CX
-	SHRQ  CL, R15
-	ADDQ  R15, AX
-
-sequenceDecs_decode_56_amd64_ml_update_zero:
-	MOVQ AX, 8(R10)
-
-	// Update literal length
-	MOVQ  DI, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R15
-	SHLQ  CL, R15
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decode_56_amd64_ll_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decode_56_amd64_ll_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decode_56_amd64_ll_update_zero
-	NEGQ  CX
-	SHRQ  CL, R15
-	ADDQ  R15, AX
-
-sequenceDecs_decode_56_amd64_ll_update_zero:
-	MOVQ AX, (R10)
-
-	// Fill bitreader for state updates
-	MOVQ    R14, (SP)
-	MOVQ    R9, AX
-	SHRQ    $0x08, AX
-	MOVBQZX AL, AX
-	MOVQ    ctx+16(FP), CX
-	CMPQ    96(CX), $0x00
-	JZ      sequenceDecs_decode_56_amd64_skip_update
-
-	// Update Literal Length State
-	MOVBQZX DI, R14
-	SHRL    $0x10, DI
-	LEAQ    (BX)(R14*1), CX
-	MOVQ    DX, R15
-	MOVQ    CX, BX
-	ROLQ    CL, R15
-	MOVL    $0x00000001, BP
-	MOVB    R14, CL
-	SHLL    CL, BP
-	DECL    BP
-	ANDQ    BP, R15
-	ADDQ    R15, DI
-
-	// Load ctx.llTable
-	MOVQ ctx+16(FP), CX
-	MOVQ (CX), CX
-	MOVQ (CX)(DI*8), DI
-
-	// Update Match Length State
-	MOVBQZX R8, R14
-	SHRL    $0x10, R8
-	LEAQ    (BX)(R14*1), CX
-	MOVQ    DX, R15
-	MOVQ    CX, BX
-	ROLQ    CL, R15
-	MOVL    $0x00000001, BP
-	MOVB    R14, CL
-	SHLL    CL, BP
-	DECL    BP
-	ANDQ    BP, R15
-	ADDQ    R15, R8
-
-	// Load ctx.mlTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 24(CX), CX
-	MOVQ (CX)(R8*8), R8
-
-	// Update Offset State
-	MOVBQZX R9, R14
-	SHRL    $0x10, R9
-	LEAQ    (BX)(R14*1), CX
-	MOVQ    DX, R15
-	MOVQ    CX, BX
-	ROLQ    CL, R15
-	MOVL    $0x00000001, BP
-	MOVB    R14, CL
-	SHLL    CL, BP
-	DECL    BP
-	ANDQ    BP, R15
-	ADDQ    R15, R9
-
-	// Load ctx.ofTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 48(CX), CX
-	MOVQ (CX)(R9*8), R9
-
-sequenceDecs_decode_56_amd64_skip_update:
-	// Adjust offset
-	MOVQ 16(R10), CX
-	CMPQ AX, $0x01
-	JBE  sequenceDecs_decode_56_amd64_adjust_offsetB_1_or_0
-	MOVQ R12, R13
-	MOVQ R11, R12
-	MOVQ CX, R11
-	JMP  sequenceDecs_decode_56_amd64_after_adjust
-
-sequenceDecs_decode_56_amd64_adjust_offsetB_1_or_0:
-	CMPQ (R10), $0x00000000
-	JNE  sequenceDecs_decode_56_amd64_adjust_offset_maybezero
-	INCQ CX
-	JMP  sequenceDecs_decode_56_amd64_adjust_offset_nonzero
-
-sequenceDecs_decode_56_amd64_adjust_offset_maybezero:
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decode_56_amd64_adjust_offset_nonzero
-	MOVQ  R11, CX
-	JMP   sequenceDecs_decode_56_amd64_after_adjust
-
-sequenceDecs_decode_56_amd64_adjust_offset_nonzero:
-	CMPQ CX, $0x01
-	JB   sequenceDecs_decode_56_amd64_adjust_zero
-	JEQ  sequenceDecs_decode_56_amd64_adjust_one
-	CMPQ CX, $0x02
-	JA   sequenceDecs_decode_56_amd64_adjust_three
-	JMP  sequenceDecs_decode_56_amd64_adjust_two
-
-sequenceDecs_decode_56_amd64_adjust_zero:
-	MOVQ R11, AX
-	JMP  sequenceDecs_decode_56_amd64_adjust_test_temp_valid
-
-sequenceDecs_decode_56_amd64_adjust_one:
-	MOVQ R12, AX
-	JMP  sequenceDecs_decode_56_amd64_adjust_test_temp_valid
-
-sequenceDecs_decode_56_amd64_adjust_two:
-	MOVQ R13, AX
-	JMP  sequenceDecs_decode_56_amd64_adjust_test_temp_valid
-
-sequenceDecs_decode_56_amd64_adjust_three:
-	LEAQ -1(R11), AX
-
-sequenceDecs_decode_56_amd64_adjust_test_temp_valid:
-	TESTQ AX, AX
-	JNZ   sequenceDecs_decode_56_amd64_adjust_temp_valid
-	MOVQ  $0x00000001, AX
-
-sequenceDecs_decode_56_amd64_adjust_temp_valid:
-	CMPQ    CX, $0x01
-	CMOVQNE R12, R13
-	MOVQ    R11, R12
-	MOVQ    AX, R11
-	MOVQ    AX, CX
-
-sequenceDecs_decode_56_amd64_after_adjust:
-	MOVQ CX, 16(R10)
-
-	// Check values
-	MOVQ  8(R10), AX
-	MOVQ  (R10), R14
-	LEAQ  (AX)(R14*1), R15
-	MOVQ  s+0(FP), BP
-	ADDQ  R15, 256(BP)
-	MOVQ  ctx+16(FP), R15
-	SUBQ  R14, 128(R15)
-	JS    error_not_enough_literals
-	CMPQ  AX, $0x00020002
-	JA    sequenceDecs_decode_56_amd64_error_match_len_too_big
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decode_56_amd64_match_len_ofs_ok
-	TESTQ AX, AX
-	JNZ   sequenceDecs_decode_56_amd64_error_match_len_ofs_mismatch
-
-sequenceDecs_decode_56_amd64_match_len_ofs_ok:
-	ADDQ $0x18, R10
-	MOVQ ctx+16(FP), AX
-	DECQ 96(AX)
-	JNS  sequenceDecs_decode_56_amd64_main_loop
-	MOVQ s+0(FP), AX
-	MOVQ R11, 144(AX)
-	MOVQ R12, 152(AX)
-	MOVQ R13, 160(AX)
-	MOVQ br+8(FP), AX
-	MOVQ DX, 24(AX)
-	MOVB BL, 32(AX)
-	MOVQ SI, 8(AX)
-
-	// Return success
-	MOVQ $0x00000000, ret+24(FP)
-	RET
-
-	// Return with match length error
-sequenceDecs_decode_56_amd64_error_match_len_ofs_mismatch:
-	MOVQ $0x00000001, ret+24(FP)
-	RET
-
-	// Return with match too long error
-sequenceDecs_decode_56_amd64_error_match_len_too_big:
-	MOVQ $0x00000002, ret+24(FP)
-	RET
-
-	// Return with match offset too long error
-	MOVQ $0x00000003, ret+24(FP)
-	RET
-
-	// Return with not enough literals error
-error_not_enough_literals:
-	MOVQ $0x00000004, ret+24(FP)
-	RET
-
-	// Return with overread error
-error_overread:
-	MOVQ $0x00000006, ret+24(FP)
-	RET
-
-// func sequenceDecs_decode_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
-// Requires: BMI, BMI2, CMOV
-TEXT ·sequenceDecs_decode_bmi2(SB), $8-32
-	MOVQ    br+8(FP), BX
-	MOVQ    24(BX), AX
-	MOVBQZX 32(BX), DX
-	MOVQ    (BX), CX
-	MOVQ    8(BX), BX
-	ADDQ    BX, CX
-	MOVQ    CX, (SP)
-	MOVQ    ctx+16(FP), CX
-	MOVQ    72(CX), SI
-	MOVQ    80(CX), DI
-	MOVQ    88(CX), R8
-	MOVQ    104(CX), R9
-	MOVQ    s+0(FP), CX
-	MOVQ    144(CX), R10
-	MOVQ    152(CX), R11
-	MOVQ    160(CX), R12
-
-sequenceDecs_decode_bmi2_main_loop:
-	MOVQ (SP), R13
-
-	// Fill bitreader to have enough for the offset and match length.
-	CMPQ BX, $0x08
-	JL   sequenceDecs_decode_bmi2_fill_byte_by_byte
-	MOVQ DX, CX
-	SHRQ $0x03, CX
-	SUBQ CX, R13
-	MOVQ (R13), AX
-	SUBQ CX, BX
-	ANDQ $0x07, DX
-	JMP  sequenceDecs_decode_bmi2_fill_end
-
-sequenceDecs_decode_bmi2_fill_byte_by_byte:
-	CMPQ    BX, $0x00
-	JLE     sequenceDecs_decode_bmi2_fill_check_overread
-	CMPQ    DX, $0x07
-	JLE     sequenceDecs_decode_bmi2_fill_end
-	SHLQ    $0x08, AX
-	SUBQ    $0x01, R13
-	SUBQ    $0x01, BX
-	SUBQ    $0x08, DX
-	MOVBQZX (R13), CX
-	ORQ     CX, AX
-	JMP     sequenceDecs_decode_bmi2_fill_byte_by_byte
-
-sequenceDecs_decode_bmi2_fill_check_overread:
-	CMPQ DX, $0x40
-	JA   error_overread
-
-sequenceDecs_decode_bmi2_fill_end:
-	// Update offset
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, R8, R14
-	MOVQ   AX, R15
-	LEAQ   (DX)(R14*1), CX
-	ROLQ   CL, R15
-	BZHIQ  R14, R15, R15
-	MOVQ   CX, DX
-	MOVQ   R8, CX
-	SHRQ   $0x20, CX
-	ADDQ   R15, CX
-	MOVQ   CX, 16(R9)
-
-	// Update match length
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, DI, R14
-	MOVQ   AX, R15
-	LEAQ   (DX)(R14*1), CX
-	ROLQ   CL, R15
-	BZHIQ  R14, R15, R15
-	MOVQ   CX, DX
-	MOVQ   DI, CX
-	SHRQ   $0x20, CX
-	ADDQ   R15, CX
-	MOVQ   CX, 8(R9)
-
-	// Fill bitreader to have enough for the remaining
-	CMPQ BX, $0x08
-	JL   sequenceDecs_decode_bmi2_fill_2_byte_by_byte
-	MOVQ DX, CX
-	SHRQ $0x03, CX
-	SUBQ CX, R13
-	MOVQ (R13), AX
-	SUBQ CX, BX
-	ANDQ $0x07, DX
-	JMP  sequenceDecs_decode_bmi2_fill_2_end
-
-sequenceDecs_decode_bmi2_fill_2_byte_by_byte:
-	CMPQ    BX, $0x00
-	JLE     sequenceDecs_decode_bmi2_fill_2_check_overread
-	CMPQ    DX, $0x07
-	JLE     sequenceDecs_decode_bmi2_fill_2_end
-	SHLQ    $0x08, AX
-	SUBQ    $0x01, R13
-	SUBQ    $0x01, BX
-	SUBQ    $0x08, DX
-	MOVBQZX (R13), CX
-	ORQ     CX, AX
-	JMP     sequenceDecs_decode_bmi2_fill_2_byte_by_byte
-
-sequenceDecs_decode_bmi2_fill_2_check_overread:
-	CMPQ DX, $0x40
-	JA   error_overread
-
-sequenceDecs_decode_bmi2_fill_2_end:
-	// Update literal length
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, SI, R14
-	MOVQ   AX, R15
-	LEAQ   (DX)(R14*1), CX
-	ROLQ   CL, R15
-	BZHIQ  R14, R15, R15
-	MOVQ   CX, DX
-	MOVQ   SI, CX
-	SHRQ   $0x20, CX
-	ADDQ   R15, CX
-	MOVQ   CX, (R9)
-
-	// Fill bitreader for state updates
-	MOVQ    R13, (SP)
-	MOVQ    $0x00000808, CX
-	BEXTRQ  CX, R8, R13
-	MOVQ    ctx+16(FP), CX
-	CMPQ    96(CX), $0x00
-	JZ      sequenceDecs_decode_bmi2_skip_update
-	LEAQ    (SI)(DI*1), R14
-	ADDQ    R8, R14
-	MOVBQZX R14, R14
-	LEAQ    (DX)(R14*1), CX
-	MOVQ    AX, R15
-	MOVQ    CX, DX
-	ROLQ    CL, R15
-	BZHIQ   R14, R15, R15
-
-	// Update Offset State
-	BZHIQ R8, R15, CX
-	SHRXQ R8, R15, R15
-	SHRL  $0x10, R8
-	ADDQ  CX, R8
-
-	// Load ctx.ofTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 48(CX), CX
-	MOVQ (CX)(R8*8), R8
-
-	// Update Match Length State
-	BZHIQ DI, R15, CX
-	SHRXQ DI, R15, R15
-	SHRL  $0x10, DI
-	ADDQ  CX, DI
-
-	// Load ctx.mlTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 24(CX), CX
-	MOVQ (CX)(DI*8), DI
-
-	// Update Literal Length State
-	BZHIQ SI, R15, CX
-	SHRL  $0x10, SI
-	ADDQ  CX, SI
-
-	// Load ctx.llTable
-	MOVQ ctx+16(FP), CX
-	MOVQ (CX), CX
-	MOVQ (CX)(SI*8), SI
-
-sequenceDecs_decode_bmi2_skip_update:
-	// Adjust offset
-	MOVQ 16(R9), CX
-	CMPQ R13, $0x01
-	JBE  sequenceDecs_decode_bmi2_adjust_offsetB_1_or_0
-	MOVQ R11, R12
-	MOVQ R10, R11
-	MOVQ CX, R10
-	JMP  sequenceDecs_decode_bmi2_after_adjust
-
-sequenceDecs_decode_bmi2_adjust_offsetB_1_or_0:
-	CMPQ (R9), $0x00000000
-	JNE  sequenceDecs_decode_bmi2_adjust_offset_maybezero
-	INCQ CX
-	JMP  sequenceDecs_decode_bmi2_adjust_offset_nonzero
-
-sequenceDecs_decode_bmi2_adjust_offset_maybezero:
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decode_bmi2_adjust_offset_nonzero
-	MOVQ  R10, CX
-	JMP   sequenceDecs_decode_bmi2_after_adjust
-
-sequenceDecs_decode_bmi2_adjust_offset_nonzero:
-	CMPQ CX, $0x01
-	JB   sequenceDecs_decode_bmi2_adjust_zero
-	JEQ  sequenceDecs_decode_bmi2_adjust_one
-	CMPQ CX, $0x02
-	JA   sequenceDecs_decode_bmi2_adjust_three
-	JMP  sequenceDecs_decode_bmi2_adjust_two
-
-sequenceDecs_decode_bmi2_adjust_zero:
-	MOVQ R10, R13
-	JMP  sequenceDecs_decode_bmi2_adjust_test_temp_valid
-
-sequenceDecs_decode_bmi2_adjust_one:
-	MOVQ R11, R13
-	JMP  sequenceDecs_decode_bmi2_adjust_test_temp_valid
-
-sequenceDecs_decode_bmi2_adjust_two:
-	MOVQ R12, R13
-	JMP  sequenceDecs_decode_bmi2_adjust_test_temp_valid
-
-sequenceDecs_decode_bmi2_adjust_three:
-	LEAQ -1(R10), R13
-
-sequenceDecs_decode_bmi2_adjust_test_temp_valid:
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decode_bmi2_adjust_temp_valid
-	MOVQ  $0x00000001, R13
-
-sequenceDecs_decode_bmi2_adjust_temp_valid:
-	CMPQ    CX, $0x01
-	CMOVQNE R11, R12
-	MOVQ    R10, R11
-	MOVQ    R13, R10
-	MOVQ    R13, CX
-
-sequenceDecs_decode_bmi2_after_adjust:
-	MOVQ CX, 16(R9)
-
-	// Check values
-	MOVQ  8(R9), R13
-	MOVQ  (R9), R14
-	LEAQ  (R13)(R14*1), R15
-	MOVQ  s+0(FP), BP
-	ADDQ  R15, 256(BP)
-	MOVQ  ctx+16(FP), R15
-	SUBQ  R14, 128(R15)
-	JS    error_not_enough_literals
-	CMPQ  R13, $0x00020002
-	JA    sequenceDecs_decode_bmi2_error_match_len_too_big
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decode_bmi2_match_len_ofs_ok
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decode_bmi2_error_match_len_ofs_mismatch
-
-sequenceDecs_decode_bmi2_match_len_ofs_ok:
-	ADDQ $0x18, R9
-	MOVQ ctx+16(FP), CX
-	DECQ 96(CX)
-	JNS  sequenceDecs_decode_bmi2_main_loop
-	MOVQ s+0(FP), CX
-	MOVQ R10, 144(CX)
-	MOVQ R11, 152(CX)
-	MOVQ R12, 160(CX)
-	MOVQ br+8(FP), CX
-	MOVQ AX, 24(CX)
-	MOVB DL, 32(CX)
-	MOVQ BX, 8(CX)
-
-	// Return success
-	MOVQ $0x00000000, ret+24(FP)
-	RET
-
-	// Return with match length error
-sequenceDecs_decode_bmi2_error_match_len_ofs_mismatch:
-	MOVQ $0x00000001, ret+24(FP)
-	RET
-
-	// Return with match too long error
-sequenceDecs_decode_bmi2_error_match_len_too_big:
-	MOVQ $0x00000002, ret+24(FP)
-	RET
-
-	// Return with match offset too long error
-	MOVQ $0x00000003, ret+24(FP)
-	RET
-
-	// Return with not enough literals error
-error_not_enough_literals:
-	MOVQ $0x00000004, ret+24(FP)
-	RET
-
-	// Return with overread error
-error_overread:
-	MOVQ $0x00000006, ret+24(FP)
-	RET
-
-// func sequenceDecs_decode_56_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeAsmContext) int
-// Requires: BMI, BMI2, CMOV
-TEXT ·sequenceDecs_decode_56_bmi2(SB), $8-32
-	MOVQ    br+8(FP), BX
-	MOVQ    24(BX), AX
-	MOVBQZX 32(BX), DX
-	MOVQ    (BX), CX
-	MOVQ    8(BX), BX
-	ADDQ    BX, CX
-	MOVQ    CX, (SP)
-	MOVQ    ctx+16(FP), CX
-	MOVQ    72(CX), SI
-	MOVQ    80(CX), DI
-	MOVQ    88(CX), R8
-	MOVQ    104(CX), R9
-	MOVQ    s+0(FP), CX
-	MOVQ    144(CX), R10
-	MOVQ    152(CX), R11
-	MOVQ    160(CX), R12
-
-sequenceDecs_decode_56_bmi2_main_loop:
-	MOVQ (SP), R13
-
-	// Fill bitreader to have enough for the offset and match length.
-	CMPQ BX, $0x08
-	JL   sequenceDecs_decode_56_bmi2_fill_byte_by_byte
-	MOVQ DX, CX
-	SHRQ $0x03, CX
-	SUBQ CX, R13
-	MOVQ (R13), AX
-	SUBQ CX, BX
-	ANDQ $0x07, DX
-	JMP  sequenceDecs_decode_56_bmi2_fill_end
-
-sequenceDecs_decode_56_bmi2_fill_byte_by_byte:
-	CMPQ    BX, $0x00
-	JLE     sequenceDecs_decode_56_bmi2_fill_check_overread
-	CMPQ    DX, $0x07
-	JLE     sequenceDecs_decode_56_bmi2_fill_end
-	SHLQ    $0x08, AX
-	SUBQ    $0x01, R13
-	SUBQ    $0x01, BX
-	SUBQ    $0x08, DX
-	MOVBQZX (R13), CX
-	ORQ     CX, AX
-	JMP     sequenceDecs_decode_56_bmi2_fill_byte_by_byte
-
-sequenceDecs_decode_56_bmi2_fill_check_overread:
-	CMPQ DX, $0x40
-	JA   error_overread
-
-sequenceDecs_decode_56_bmi2_fill_end:
-	// Update offset
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, R8, R14
-	MOVQ   AX, R15
-	LEAQ   (DX)(R14*1), CX
-	ROLQ   CL, R15
-	BZHIQ  R14, R15, R15
-	MOVQ   CX, DX
-	MOVQ   R8, CX
-	SHRQ   $0x20, CX
-	ADDQ   R15, CX
-	MOVQ   CX, 16(R9)
-
-	// Update match length
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, DI, R14
-	MOVQ   AX, R15
-	LEAQ   (DX)(R14*1), CX
-	ROLQ   CL, R15
-	BZHIQ  R14, R15, R15
-	MOVQ   CX, DX
-	MOVQ   DI, CX
-	SHRQ   $0x20, CX
-	ADDQ   R15, CX
-	MOVQ   CX, 8(R9)
-
-	// Update literal length
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, SI, R14
-	MOVQ   AX, R15
-	LEAQ   (DX)(R14*1), CX
-	ROLQ   CL, R15
-	BZHIQ  R14, R15, R15
-	MOVQ   CX, DX
-	MOVQ   SI, CX
-	SHRQ   $0x20, CX
-	ADDQ   R15, CX
-	MOVQ   CX, (R9)
-
-	// Fill bitreader for state updates
-	MOVQ    R13, (SP)
-	MOVQ    $0x00000808, CX
-	BEXTRQ  CX, R8, R13
-	MOVQ    ctx+16(FP), CX
-	CMPQ    96(CX), $0x00
-	JZ      sequenceDecs_decode_56_bmi2_skip_update
-	LEAQ    (SI)(DI*1), R14
-	ADDQ    R8, R14
-	MOVBQZX R14, R14
-	LEAQ    (DX)(R14*1), CX
-	MOVQ    AX, R15
-	MOVQ    CX, DX
-	ROLQ    CL, R15
-	BZHIQ   R14, R15, R15
-
-	// Update Offset State
-	BZHIQ R8, R15, CX
-	SHRXQ R8, R15, R15
-	SHRL  $0x10, R8
-	ADDQ  CX, R8
-
-	// Load ctx.ofTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 48(CX), CX
-	MOVQ (CX)(R8*8), R8
-
-	// Update Match Length State
-	BZHIQ DI, R15, CX
-	SHRXQ DI, R15, R15
-	SHRL  $0x10, DI
-	ADDQ  CX, DI
-
-	// Load ctx.mlTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 24(CX), CX
-	MOVQ (CX)(DI*8), DI
-
-	// Update Literal Length State
-	BZHIQ SI, R15, CX
-	SHRL  $0x10, SI
-	ADDQ  CX, SI
-
-	// Load ctx.llTable
-	MOVQ ctx+16(FP), CX
-	MOVQ (CX), CX
-	MOVQ (CX)(SI*8), SI
-
-sequenceDecs_decode_56_bmi2_skip_update:
-	// Adjust offset
-	MOVQ 16(R9), CX
-	CMPQ R13, $0x01
-	JBE  sequenceDecs_decode_56_bmi2_adjust_offsetB_1_or_0
-	MOVQ R11, R12
-	MOVQ R10, R11
-	MOVQ CX, R10
-	JMP  sequenceDecs_decode_56_bmi2_after_adjust
-
-sequenceDecs_decode_56_bmi2_adjust_offsetB_1_or_0:
-	CMPQ (R9), $0x00000000
-	JNE  sequenceDecs_decode_56_bmi2_adjust_offset_maybezero
-	INCQ CX
-	JMP  sequenceDecs_decode_56_bmi2_adjust_offset_nonzero
-
-sequenceDecs_decode_56_bmi2_adjust_offset_maybezero:
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decode_56_bmi2_adjust_offset_nonzero
-	MOVQ  R10, CX
-	JMP   sequenceDecs_decode_56_bmi2_after_adjust
-
-sequenceDecs_decode_56_bmi2_adjust_offset_nonzero:
-	CMPQ CX, $0x01
-	JB   sequenceDecs_decode_56_bmi2_adjust_zero
-	JEQ  sequenceDecs_decode_56_bmi2_adjust_one
-	CMPQ CX, $0x02
-	JA   sequenceDecs_decode_56_bmi2_adjust_three
-	JMP  sequenceDecs_decode_56_bmi2_adjust_two
-
-sequenceDecs_decode_56_bmi2_adjust_zero:
-	MOVQ R10, R13
-	JMP  sequenceDecs_decode_56_bmi2_adjust_test_temp_valid
-
-sequenceDecs_decode_56_bmi2_adjust_one:
-	MOVQ R11, R13
-	JMP  sequenceDecs_decode_56_bmi2_adjust_test_temp_valid
-
-sequenceDecs_decode_56_bmi2_adjust_two:
-	MOVQ R12, R13
-	JMP  sequenceDecs_decode_56_bmi2_adjust_test_temp_valid
-
-sequenceDecs_decode_56_bmi2_adjust_three:
-	LEAQ -1(R10), R13
-
-sequenceDecs_decode_56_bmi2_adjust_test_temp_valid:
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decode_56_bmi2_adjust_temp_valid
-	MOVQ  $0x00000001, R13
-
-sequenceDecs_decode_56_bmi2_adjust_temp_valid:
-	CMPQ    CX, $0x01
-	CMOVQNE R11, R12
-	MOVQ    R10, R11
-	MOVQ    R13, R10
-	MOVQ    R13, CX
-
-sequenceDecs_decode_56_bmi2_after_adjust:
-	MOVQ CX, 16(R9)
-
-	// Check values
-	MOVQ  8(R9), R13
-	MOVQ  (R9), R14
-	LEAQ  (R13)(R14*1), R15
-	MOVQ  s+0(FP), BP
-	ADDQ  R15, 256(BP)
-	MOVQ  ctx+16(FP), R15
-	SUBQ  R14, 128(R15)
-	JS    error_not_enough_literals
-	CMPQ  R13, $0x00020002
-	JA    sequenceDecs_decode_56_bmi2_error_match_len_too_big
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decode_56_bmi2_match_len_ofs_ok
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decode_56_bmi2_error_match_len_ofs_mismatch
-
-sequenceDecs_decode_56_bmi2_match_len_ofs_ok:
-	ADDQ $0x18, R9
-	MOVQ ctx+16(FP), CX
-	DECQ 96(CX)
-	JNS  sequenceDecs_decode_56_bmi2_main_loop
-	MOVQ s+0(FP), CX
-	MOVQ R10, 144(CX)
-	MOVQ R11, 152(CX)
-	MOVQ R12, 160(CX)
-	MOVQ br+8(FP), CX
-	MOVQ AX, 24(CX)
-	MOVB DL, 32(CX)
-	MOVQ BX, 8(CX)
-
-	// Return success
-	MOVQ $0x00000000, ret+24(FP)
-	RET
-
-	// Return with match length error
-sequenceDecs_decode_56_bmi2_error_match_len_ofs_mismatch:
-	MOVQ $0x00000001, ret+24(FP)
-	RET
-
-	// Return with match too long error
-sequenceDecs_decode_56_bmi2_error_match_len_too_big:
-	MOVQ $0x00000002, ret+24(FP)
-	RET
-
-	// Return with match offset too long error
-	MOVQ $0x00000003, ret+24(FP)
-	RET
-
-	// Return with not enough literals error
-error_not_enough_literals:
-	MOVQ $0x00000004, ret+24(FP)
-	RET
-
-	// Return with overread error
-error_overread:
-	MOVQ $0x00000006, ret+24(FP)
-	RET
-
-// func sequenceDecs_executeSimple_amd64(ctx *executeAsmContext) bool
-// Requires: SSE
-TEXT ·sequenceDecs_executeSimple_amd64(SB), $8-9
-	MOVQ  ctx+0(FP), R10
-	MOVQ  8(R10), CX
-	TESTQ CX, CX
-	JZ    empty_seqs
-	MOVQ  (R10), AX
-	MOVQ  24(R10), DX
-	MOVQ  32(R10), BX
-	MOVQ  80(R10), SI
-	MOVQ  104(R10), DI
-	MOVQ  120(R10), R8
-	MOVQ  56(R10), R9
-	MOVQ  64(R10), R10
-	ADDQ  R10, R9
-
-	// seqsBase += 24 * seqIndex
-	LEAQ (DX)(DX*2), R11
-	SHLQ $0x03, R11
-	ADDQ R11, AX
-
-	// outBase += outPosition
-	ADDQ DI, BX
-
-main_loop:
-	MOVQ (AX), R11
-	MOVQ 16(AX), R12
-	MOVQ 8(AX), R13
-
-	// Copy literals
-	TESTQ R11, R11
-	JZ    check_offset
-	XORQ  R14, R14
-
-copy_1:
-	MOVUPS (SI)(R14*1), X0
-	MOVUPS X0, (BX)(R14*1)
-	ADDQ   $0x10, R14
-	CMPQ   R14, R11
-	JB     copy_1
-	ADDQ   R11, SI
-	ADDQ   R11, BX
-	ADDQ   R11, DI
-
-	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
-check_offset:
-	LEAQ (DI)(R10*1), R11
-	CMPQ R12, R11
-	JG   error_match_off_too_big
-	CMPQ R12, R8
-	JG   error_match_off_too_big
-
-	// Copy match from history
-	MOVQ R12, R11
-	SUBQ DI, R11
-	JLS  copy_match
-	MOVQ R9, R14
-	SUBQ R11, R14
-	CMPQ R13, R11
-	JG   copy_all_from_history
-	MOVQ R13, R11
-	SUBQ $0x10, R11
-	JB   copy_4_small
-
-copy_4_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (BX)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, BX
-	SUBQ   $0x10, R11
-	JAE    copy_4_loop
-	LEAQ   16(R14)(R11*1), R14
-	LEAQ   16(BX)(R11*1), BX
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(BX)
-	JMP    copy_4_end
-
-copy_4_small:
-	CMPQ R13, $0x03
-	JE   copy_4_move_3
-	CMPQ R13, $0x08
-	JB   copy_4_move_4through7
-	JMP  copy_4_move_8through16
-
-copy_4_move_3:
-	MOVW (R14), R11
-	MOVB 2(R14), R12
-	MOVW R11, (BX)
-	MOVB R12, 2(BX)
-	ADDQ R13, R14
-	ADDQ R13, BX
-	JMP  copy_4_end
-
-copy_4_move_4through7:
-	MOVL (R14), R11
-	MOVL -4(R14)(R13*1), R12
-	MOVL R11, (BX)
-	MOVL R12, -4(BX)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, BX
-	JMP  copy_4_end
-
-copy_4_move_8through16:
-	MOVQ (R14), R11
-	MOVQ -8(R14)(R13*1), R12
-	MOVQ R11, (BX)
-	MOVQ R12, -8(BX)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, BX
-
-copy_4_end:
-	ADDQ R13, DI
-	ADDQ $0x18, AX
-	INCQ DX
-	CMPQ DX, CX
-	JB   main_loop
-	JMP  loop_finished
-
-copy_all_from_history:
-	MOVQ R11, R15
-	SUBQ $0x10, R15
-	JB   copy_5_small
-
-copy_5_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (BX)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, BX
-	SUBQ   $0x10, R15
-	JAE    copy_5_loop
-	LEAQ   16(R14)(R15*1), R14
-	LEAQ   16(BX)(R15*1), BX
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(BX)
-	JMP    copy_5_end
-
-copy_5_small:
-	CMPQ R11, $0x03
-	JE   copy_5_move_3
-	JB   copy_5_move_1or2
-	CMPQ R11, $0x08
-	JB   copy_5_move_4through7
-	JMP  copy_5_move_8through16
-
-copy_5_move_1or2:
-	MOVB (R14), R15
-	MOVB -1(R14)(R11*1), BP
-	MOVB R15, (BX)
-	MOVB BP, -1(BX)(R11*1)
-	ADDQ R11, R14
-	ADDQ R11, BX
-	JMP  copy_5_end
-
-copy_5_move_3:
-	MOVW (R14), R15
-	MOVB 2(R14), BP
-	MOVW R15, (BX)
-	MOVB BP, 2(BX)
-	ADDQ R11, R14
-	ADDQ R11, BX
-	JMP  copy_5_end
-
-copy_5_move_4through7:
-	MOVL (R14), R15
-	MOVL -4(R14)(R11*1), BP
-	MOVL R15, (BX)
-	MOVL BP, -4(BX)(R11*1)
-	ADDQ R11, R14
-	ADDQ R11, BX
-	JMP  copy_5_end
-
-copy_5_move_8through16:
-	MOVQ (R14), R15
-	MOVQ -8(R14)(R11*1), BP
-	MOVQ R15, (BX)
-	MOVQ BP, -8(BX)(R11*1)
-	ADDQ R11, R14
-	ADDQ R11, BX
-
-copy_5_end:
-	ADDQ R11, DI
-	SUBQ R11, R13
-
-	// Copy match from the current buffer
-copy_match:
-	MOVQ BX, R11
-	SUBQ R12, R11
-
-	// ml <= mo
-	CMPQ R13, R12
-	JA   copy_overlapping_match
-
-	// Copy non-overlapping match
-	ADDQ R13, DI
-	MOVQ BX, R12
-	ADDQ R13, BX
-
-copy_2:
-	MOVUPS (R11), X0
-	MOVUPS X0, (R12)
-	ADDQ   $0x10, R11
-	ADDQ   $0x10, R12
-	SUBQ   $0x10, R13
-	JHI    copy_2
-	JMP    handle_loop
-
-	// Copy overlapping match
-copy_overlapping_match:
-	ADDQ R13, DI
-
-copy_slow_3:
-	MOVB (R11), R12
-	MOVB R12, (BX)
-	INCQ R11
-	INCQ BX
-	DECQ R13
-	JNZ  copy_slow_3
-
-handle_loop:
-	ADDQ $0x18, AX
-	INCQ DX
-	CMPQ DX, CX
-	JB   main_loop
-
-loop_finished:
-	// Return value
-	MOVB $0x01, ret+8(FP)
-
-	// Update the context
-	MOVQ ctx+0(FP), AX
-	MOVQ DX, 24(AX)
-	MOVQ DI, 104(AX)
-	SUBQ 80(AX), SI
-	MOVQ SI, 112(AX)
-	RET
-
-error_match_off_too_big:
-	// Return value
-	MOVB $0x00, ret+8(FP)
-
-	// Update the context
-	MOVQ ctx+0(FP), AX
-	MOVQ DX, 24(AX)
-	MOVQ DI, 104(AX)
-	SUBQ 80(AX), SI
-	MOVQ SI, 112(AX)
-	RET
-
-empty_seqs:
-	// Return value
-	MOVB $0x01, ret+8(FP)
-	RET
-
-// func sequenceDecs_executeSimple_safe_amd64(ctx *executeAsmContext) bool
-// Requires: SSE
-TEXT ·sequenceDecs_executeSimple_safe_amd64(SB), $8-9
-	MOVQ  ctx+0(FP), R10
-	MOVQ  8(R10), CX
-	TESTQ CX, CX
-	JZ    empty_seqs
-	MOVQ  (R10), AX
-	MOVQ  24(R10), DX
-	MOVQ  32(R10), BX
-	MOVQ  80(R10), SI
-	MOVQ  104(R10), DI
-	MOVQ  120(R10), R8
-	MOVQ  56(R10), R9
-	MOVQ  64(R10), R10
-	ADDQ  R10, R9
-
-	// seqsBase += 24 * seqIndex
-	LEAQ (DX)(DX*2), R11
-	SHLQ $0x03, R11
-	ADDQ R11, AX
-
-	// outBase += outPosition
-	ADDQ DI, BX
-
-main_loop:
-	MOVQ (AX), R11
-	MOVQ 16(AX), R12
-	MOVQ 8(AX), R13
-
-	// Copy literals
-	TESTQ R11, R11
-	JZ    check_offset
-	MOVQ  R11, R14
-	SUBQ  $0x10, R14
-	JB    copy_1_small
-
-copy_1_loop:
-	MOVUPS (SI), X0
-	MOVUPS X0, (BX)
-	ADDQ   $0x10, SI
-	ADDQ   $0x10, BX
-	SUBQ   $0x10, R14
-	JAE    copy_1_loop
-	LEAQ   16(SI)(R14*1), SI
-	LEAQ   16(BX)(R14*1), BX
-	MOVUPS -16(SI), X0
-	MOVUPS X0, -16(BX)
-	JMP    copy_1_end
-
-copy_1_small:
-	CMPQ R11, $0x03
-	JE   copy_1_move_3
-	JB   copy_1_move_1or2
-	CMPQ R11, $0x08
-	JB   copy_1_move_4through7
-	JMP  copy_1_move_8through16
-
-copy_1_move_1or2:
-	MOVB (SI), R14
-	MOVB -1(SI)(R11*1), R15
-	MOVB R14, (BX)
-	MOVB R15, -1(BX)(R11*1)
-	ADDQ R11, SI
-	ADDQ R11, BX
-	JMP  copy_1_end
-
-copy_1_move_3:
-	MOVW (SI), R14
-	MOVB 2(SI), R15
-	MOVW R14, (BX)
-	MOVB R15, 2(BX)
-	ADDQ R11, SI
-	ADDQ R11, BX
-	JMP  copy_1_end
-
-copy_1_move_4through7:
-	MOVL (SI), R14
-	MOVL -4(SI)(R11*1), R15
-	MOVL R14, (BX)
-	MOVL R15, -4(BX)(R11*1)
-	ADDQ R11, SI
-	ADDQ R11, BX
-	JMP  copy_1_end
-
-copy_1_move_8through16:
-	MOVQ (SI), R14
-	MOVQ -8(SI)(R11*1), R15
-	MOVQ R14, (BX)
-	MOVQ R15, -8(BX)(R11*1)
-	ADDQ R11, SI
-	ADDQ R11, BX
-
-copy_1_end:
-	ADDQ R11, DI
-
-	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
-check_offset:
-	LEAQ (DI)(R10*1), R11
-	CMPQ R12, R11
-	JG   error_match_off_too_big
-	CMPQ R12, R8
-	JG   error_match_off_too_big
-
-	// Copy match from history
-	MOVQ R12, R11
-	SUBQ DI, R11
-	JLS  copy_match
-	MOVQ R9, R14
-	SUBQ R11, R14
-	CMPQ R13, R11
-	JG   copy_all_from_history
-	MOVQ R13, R11
-	SUBQ $0x10, R11
-	JB   copy_4_small
-
-copy_4_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (BX)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, BX
-	SUBQ   $0x10, R11
-	JAE    copy_4_loop
-	LEAQ   16(R14)(R11*1), R14
-	LEAQ   16(BX)(R11*1), BX
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(BX)
-	JMP    copy_4_end
-
-copy_4_small:
-	CMPQ R13, $0x03
-	JE   copy_4_move_3
-	CMPQ R13, $0x08
-	JB   copy_4_move_4through7
-	JMP  copy_4_move_8through16
-
-copy_4_move_3:
-	MOVW (R14), R11
-	MOVB 2(R14), R12
-	MOVW R11, (BX)
-	MOVB R12, 2(BX)
-	ADDQ R13, R14
-	ADDQ R13, BX
-	JMP  copy_4_end
-
-copy_4_move_4through7:
-	MOVL (R14), R11
-	MOVL -4(R14)(R13*1), R12
-	MOVL R11, (BX)
-	MOVL R12, -4(BX)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, BX
-	JMP  copy_4_end
-
-copy_4_move_8through16:
-	MOVQ (R14), R11
-	MOVQ -8(R14)(R13*1), R12
-	MOVQ R11, (BX)
-	MOVQ R12, -8(BX)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, BX
-
-copy_4_end:
-	ADDQ R13, DI
-	ADDQ $0x18, AX
-	INCQ DX
-	CMPQ DX, CX
-	JB   main_loop
-	JMP  loop_finished
-
-copy_all_from_history:
-	MOVQ R11, R15
-	SUBQ $0x10, R15
-	JB   copy_5_small
-
-copy_5_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (BX)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, BX
-	SUBQ   $0x10, R15
-	JAE    copy_5_loop
-	LEAQ   16(R14)(R15*1), R14
-	LEAQ   16(BX)(R15*1), BX
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(BX)
-	JMP    copy_5_end
-
-copy_5_small:
-	CMPQ R11, $0x03
-	JE   copy_5_move_3
-	JB   copy_5_move_1or2
-	CMPQ R11, $0x08
-	JB   copy_5_move_4through7
-	JMP  copy_5_move_8through16
-
-copy_5_move_1or2:
-	MOVB (R14), R15
-	MOVB -1(R14)(R11*1), BP
-	MOVB R15, (BX)
-	MOVB BP, -1(BX)(R11*1)
-	ADDQ R11, R14
-	ADDQ R11, BX
-	JMP  copy_5_end
-
-copy_5_move_3:
-	MOVW (R14), R15
-	MOVB 2(R14), BP
-	MOVW R15, (BX)
-	MOVB BP, 2(BX)
-	ADDQ R11, R14
-	ADDQ R11, BX
-	JMP  copy_5_end
-
-copy_5_move_4through7:
-	MOVL (R14), R15
-	MOVL -4(R14)(R11*1), BP
-	MOVL R15, (BX)
-	MOVL BP, -4(BX)(R11*1)
-	ADDQ R11, R14
-	ADDQ R11, BX
-	JMP  copy_5_end
-
-copy_5_move_8through16:
-	MOVQ (R14), R15
-	MOVQ -8(R14)(R11*1), BP
-	MOVQ R15, (BX)
-	MOVQ BP, -8(BX)(R11*1)
-	ADDQ R11, R14
-	ADDQ R11, BX
-
-copy_5_end:
-	ADDQ R11, DI
-	SUBQ R11, R13
-
-	// Copy match from the current buffer
-copy_match:
-	MOVQ BX, R11
-	SUBQ R12, R11
-
-	// ml <= mo
-	CMPQ R13, R12
-	JA   copy_overlapping_match
-
-	// Copy non-overlapping match
-	ADDQ R13, DI
-	MOVQ R13, R12
-	SUBQ $0x10, R12
-	JB   copy_2_small
-
-copy_2_loop:
-	MOVUPS (R11), X0
-	MOVUPS X0, (BX)
-	ADDQ   $0x10, R11
-	ADDQ   $0x10, BX
-	SUBQ   $0x10, R12
-	JAE    copy_2_loop
-	LEAQ   16(R11)(R12*1), R11
-	LEAQ   16(BX)(R12*1), BX
-	MOVUPS -16(R11), X0
-	MOVUPS X0, -16(BX)
-	JMP    copy_2_end
-
-copy_2_small:
-	CMPQ R13, $0x03
-	JE   copy_2_move_3
-	JB   copy_2_move_1or2
-	CMPQ R13, $0x08
-	JB   copy_2_move_4through7
-	JMP  copy_2_move_8through16
-
-copy_2_move_1or2:
-	MOVB (R11), R12
-	MOVB -1(R11)(R13*1), R14
-	MOVB R12, (BX)
-	MOVB R14, -1(BX)(R13*1)
-	ADDQ R13, R11
-	ADDQ R13, BX
-	JMP  copy_2_end
-
-copy_2_move_3:
-	MOVW (R11), R12
-	MOVB 2(R11), R14
-	MOVW R12, (BX)
-	MOVB R14, 2(BX)
-	ADDQ R13, R11
-	ADDQ R13, BX
-	JMP  copy_2_end
-
-copy_2_move_4through7:
-	MOVL (R11), R12
-	MOVL -4(R11)(R13*1), R14
-	MOVL R12, (BX)
-	MOVL R14, -4(BX)(R13*1)
-	ADDQ R13, R11
-	ADDQ R13, BX
-	JMP  copy_2_end
-
-copy_2_move_8through16:
-	MOVQ (R11), R12
-	MOVQ -8(R11)(R13*1), R14
-	MOVQ R12, (BX)
-	MOVQ R14, -8(BX)(R13*1)
-	ADDQ R13, R11
-	ADDQ R13, BX
-
-copy_2_end:
-	JMP handle_loop
-
-	// Copy overlapping match
-copy_overlapping_match:
-	ADDQ R13, DI
-
-copy_slow_3:
-	MOVB (R11), R12
-	MOVB R12, (BX)
-	INCQ R11
-	INCQ BX
-	DECQ R13
-	JNZ  copy_slow_3
-
-handle_loop:
-	ADDQ $0x18, AX
-	INCQ DX
-	CMPQ DX, CX
-	JB   main_loop
-
-loop_finished:
-	// Return value
-	MOVB $0x01, ret+8(FP)
-
-	// Update the context
-	MOVQ ctx+0(FP), AX
-	MOVQ DX, 24(AX)
-	MOVQ DI, 104(AX)
-	SUBQ 80(AX), SI
-	MOVQ SI, 112(AX)
-	RET
-
-error_match_off_too_big:
-	// Return value
-	MOVB $0x00, ret+8(FP)
-
-	// Update the context
-	MOVQ ctx+0(FP), AX
-	MOVQ DX, 24(AX)
-	MOVQ DI, 104(AX)
-	SUBQ 80(AX), SI
-	MOVQ SI, 112(AX)
-	RET
-
-empty_seqs:
-	// Return value
-	MOVB $0x01, ret+8(FP)
-	RET
-
-// func sequenceDecs_decodeSync_amd64(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
-// Requires: CMOV, SSE
-TEXT ·sequenceDecs_decodeSync_amd64(SB), $64-32
-	MOVQ    br+8(FP), CX
-	MOVQ    24(CX), DX
-	MOVBQZX 32(CX), BX
-	MOVQ    (CX), AX
-	MOVQ    8(CX), SI
-	ADDQ    SI, AX
-	MOVQ    AX, (SP)
-	MOVQ    ctx+16(FP), AX
-	MOVQ    72(AX), DI
-	MOVQ    80(AX), R8
-	MOVQ    88(AX), R9
-	XORQ    CX, CX
-	MOVQ    CX, 8(SP)
-	MOVQ    CX, 16(SP)
-	MOVQ    CX, 24(SP)
-	MOVQ    112(AX), R10
-	MOVQ    128(AX), CX
-	MOVQ    CX, 32(SP)
-	MOVQ    144(AX), R11
-	MOVQ    136(AX), R12
-	MOVQ    200(AX), CX
-	MOVQ    CX, 56(SP)
-	MOVQ    176(AX), CX
-	MOVQ    CX, 48(SP)
-	MOVQ    184(AX), AX
-	MOVQ    AX, 40(SP)
-	MOVQ    40(SP), AX
-	ADDQ    AX, 48(SP)
-
-	// Calculate pointer to s.out[cap(s.out)] (a past-end pointer)
-	ADDQ R10, 32(SP)
-
-	// outBase += outPosition
-	ADDQ R12, R10
-
-sequenceDecs_decodeSync_amd64_main_loop:
-	MOVQ (SP), R13
-
-	// Fill bitreader to have enough for the offset and match length.
-	CMPQ SI, $0x08
-	JL   sequenceDecs_decodeSync_amd64_fill_byte_by_byte
-	MOVQ BX, AX
-	SHRQ $0x03, AX
-	SUBQ AX, R13
-	MOVQ (R13), DX
-	SUBQ AX, SI
-	ANDQ $0x07, BX
-	JMP  sequenceDecs_decodeSync_amd64_fill_end
-
-sequenceDecs_decodeSync_amd64_fill_byte_by_byte:
-	CMPQ    SI, $0x00
-	JLE     sequenceDecs_decodeSync_amd64_fill_check_overread
-	CMPQ    BX, $0x07
-	JLE     sequenceDecs_decodeSync_amd64_fill_end
-	SHLQ    $0x08, DX
-	SUBQ    $0x01, R13
-	SUBQ    $0x01, SI
-	SUBQ    $0x08, BX
-	MOVBQZX (R13), AX
-	ORQ     AX, DX
-	JMP     sequenceDecs_decodeSync_amd64_fill_byte_by_byte
-
-sequenceDecs_decodeSync_amd64_fill_check_overread:
-	CMPQ BX, $0x40
-	JA   error_overread
-
-sequenceDecs_decodeSync_amd64_fill_end:
-	// Update offset
-	MOVQ  R9, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R14
-	SHLQ  CL, R14
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decodeSync_amd64_of_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decodeSync_amd64_of_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decodeSync_amd64_of_update_zero
-	NEGQ  CX
-	SHRQ  CL, R14
-	ADDQ  R14, AX
-
-sequenceDecs_decodeSync_amd64_of_update_zero:
-	MOVQ AX, 8(SP)
-
-	// Update match length
-	MOVQ  R8, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R14
-	SHLQ  CL, R14
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decodeSync_amd64_ml_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decodeSync_amd64_ml_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decodeSync_amd64_ml_update_zero
-	NEGQ  CX
-	SHRQ  CL, R14
-	ADDQ  R14, AX
-
-sequenceDecs_decodeSync_amd64_ml_update_zero:
-	MOVQ AX, 16(SP)
-
-	// Fill bitreader to have enough for the remaining
-	CMPQ SI, $0x08
-	JL   sequenceDecs_decodeSync_amd64_fill_2_byte_by_byte
-	MOVQ BX, AX
-	SHRQ $0x03, AX
-	SUBQ AX, R13
-	MOVQ (R13), DX
-	SUBQ AX, SI
-	ANDQ $0x07, BX
-	JMP  sequenceDecs_decodeSync_amd64_fill_2_end
-
-sequenceDecs_decodeSync_amd64_fill_2_byte_by_byte:
-	CMPQ    SI, $0x00
-	JLE     sequenceDecs_decodeSync_amd64_fill_2_check_overread
-	CMPQ    BX, $0x07
-	JLE     sequenceDecs_decodeSync_amd64_fill_2_end
-	SHLQ    $0x08, DX
-	SUBQ    $0x01, R13
-	SUBQ    $0x01, SI
-	SUBQ    $0x08, BX
-	MOVBQZX (R13), AX
-	ORQ     AX, DX
-	JMP     sequenceDecs_decodeSync_amd64_fill_2_byte_by_byte
-
-sequenceDecs_decodeSync_amd64_fill_2_check_overread:
-	CMPQ BX, $0x40
-	JA   error_overread
-
-sequenceDecs_decodeSync_amd64_fill_2_end:
-	// Update literal length
-	MOVQ  DI, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R14
-	SHLQ  CL, R14
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decodeSync_amd64_ll_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decodeSync_amd64_ll_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decodeSync_amd64_ll_update_zero
-	NEGQ  CX
-	SHRQ  CL, R14
-	ADDQ  R14, AX
-
-sequenceDecs_decodeSync_amd64_ll_update_zero:
-	MOVQ AX, 24(SP)
-
-	// Fill bitreader for state updates
-	MOVQ    R13, (SP)
-	MOVQ    R9, AX
-	SHRQ    $0x08, AX
-	MOVBQZX AL, AX
-	MOVQ    ctx+16(FP), CX
-	CMPQ    96(CX), $0x00
-	JZ      sequenceDecs_decodeSync_amd64_skip_update
-
-	// Update Literal Length State
-	MOVBQZX DI, R13
-	SHRL    $0x10, DI
-	LEAQ    (BX)(R13*1), CX
-	MOVQ    DX, R14
-	MOVQ    CX, BX
-	ROLQ    CL, R14
-	MOVL    $0x00000001, R15
-	MOVB    R13, CL
-	SHLL    CL, R15
-	DECL    R15
-	ANDQ    R15, R14
-	ADDQ    R14, DI
-
-	// Load ctx.llTable
-	MOVQ ctx+16(FP), CX
-	MOVQ (CX), CX
-	MOVQ (CX)(DI*8), DI
-
-	// Update Match Length State
-	MOVBQZX R8, R13
-	SHRL    $0x10, R8
-	LEAQ    (BX)(R13*1), CX
-	MOVQ    DX, R14
-	MOVQ    CX, BX
-	ROLQ    CL, R14
-	MOVL    $0x00000001, R15
-	MOVB    R13, CL
-	SHLL    CL, R15
-	DECL    R15
-	ANDQ    R15, R14
-	ADDQ    R14, R8
-
-	// Load ctx.mlTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 24(CX), CX
-	MOVQ (CX)(R8*8), R8
-
-	// Update Offset State
-	MOVBQZX R9, R13
-	SHRL    $0x10, R9
-	LEAQ    (BX)(R13*1), CX
-	MOVQ    DX, R14
-	MOVQ    CX, BX
-	ROLQ    CL, R14
-	MOVL    $0x00000001, R15
-	MOVB    R13, CL
-	SHLL    CL, R15
-	DECL    R15
-	ANDQ    R15, R14
-	ADDQ    R14, R9
-
-	// Load ctx.ofTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 48(CX), CX
-	MOVQ (CX)(R9*8), R9
-
-sequenceDecs_decodeSync_amd64_skip_update:
-	// Adjust offset
-	MOVQ   s+0(FP), CX
-	MOVQ   8(SP), R13
-	CMPQ   AX, $0x01
-	JBE    sequenceDecs_decodeSync_amd64_adjust_offsetB_1_or_0
-	MOVUPS 144(CX), X0
-	MOVQ   R13, 144(CX)
-	MOVUPS X0, 152(CX)
-	JMP    sequenceDecs_decodeSync_amd64_after_adjust
-
-sequenceDecs_decodeSync_amd64_adjust_offsetB_1_or_0:
-	CMPQ 24(SP), $0x00000000
-	JNE  sequenceDecs_decodeSync_amd64_adjust_offset_maybezero
-	INCQ R13
-	JMP  sequenceDecs_decodeSync_amd64_adjust_offset_nonzero
-
-sequenceDecs_decodeSync_amd64_adjust_offset_maybezero:
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decodeSync_amd64_adjust_offset_nonzero
-	MOVQ  144(CX), R13
-	JMP   sequenceDecs_decodeSync_amd64_after_adjust
-
-sequenceDecs_decodeSync_amd64_adjust_offset_nonzero:
-	MOVQ    R13, AX
-	XORQ    R14, R14
-	MOVQ    $-1, R15
-	CMPQ    R13, $0x03
-	CMOVQEQ R14, AX
-	CMOVQEQ R15, R14
-	ADDQ    144(CX)(AX*8), R14
-	JNZ     sequenceDecs_decodeSync_amd64_adjust_temp_valid
-	MOVQ    $0x00000001, R14
-
-sequenceDecs_decodeSync_amd64_adjust_temp_valid:
-	CMPQ R13, $0x01
-	JZ   sequenceDecs_decodeSync_amd64_adjust_skip
-	MOVQ 152(CX), AX
-	MOVQ AX, 160(CX)
-
-sequenceDecs_decodeSync_amd64_adjust_skip:
-	MOVQ 144(CX), AX
-	MOVQ AX, 152(CX)
-	MOVQ R14, 144(CX)
-	MOVQ R14, R13
-
-sequenceDecs_decodeSync_amd64_after_adjust:
-	MOVQ R13, 8(SP)
-
-	// Check values
-	MOVQ  16(SP), AX
-	MOVQ  24(SP), CX
-	LEAQ  (AX)(CX*1), R14
-	MOVQ  s+0(FP), R15
-	ADDQ  R14, 256(R15)
-	MOVQ  ctx+16(FP), R14
-	SUBQ  CX, 104(R14)
-	JS    error_not_enough_literals
-	CMPQ  AX, $0x00020002
-	JA    sequenceDecs_decodeSync_amd64_error_match_len_too_big
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decodeSync_amd64_match_len_ofs_ok
-	TESTQ AX, AX
-	JNZ   sequenceDecs_decodeSync_amd64_error_match_len_ofs_mismatch
-
-sequenceDecs_decodeSync_amd64_match_len_ofs_ok:
-	MOVQ 24(SP), AX
-	MOVQ 8(SP), CX
-	MOVQ 16(SP), R13
-
-	// Check if we have enough space in s.out
-	LEAQ (AX)(R13*1), R14
-	ADDQ R10, R14
-	CMPQ R14, 32(SP)
-	JA   error_not_enough_space
-
-	// Copy literals
-	TESTQ AX, AX
-	JZ    check_offset
-	XORQ  R14, R14
-
-copy_1:
-	MOVUPS (R11)(R14*1), X0
-	MOVUPS X0, (R10)(R14*1)
-	ADDQ   $0x10, R14
-	CMPQ   R14, AX
-	JB     copy_1
-	ADDQ   AX, R11
-	ADDQ   AX, R10
-	ADDQ   AX, R12
-
-	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
-check_offset:
-	MOVQ R12, AX
-	ADDQ 40(SP), AX
-	CMPQ CX, AX
-	JG   error_match_off_too_big
-	CMPQ CX, 56(SP)
-	JG   error_match_off_too_big
-
-	// Copy match from history
-	MOVQ CX, AX
-	SUBQ R12, AX
-	JLS  copy_match
-	MOVQ 48(SP), R14
-	SUBQ AX, R14
-	CMPQ R13, AX
-	JG   copy_all_from_history
-	MOVQ R13, AX
-	SUBQ $0x10, AX
-	JB   copy_4_small
-
-copy_4_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (R10)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, R10
-	SUBQ   $0x10, AX
-	JAE    copy_4_loop
-	LEAQ   16(R14)(AX*1), R14
-	LEAQ   16(R10)(AX*1), R10
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(R10)
-	JMP    copy_4_end
-
-copy_4_small:
-	CMPQ R13, $0x03
-	JE   copy_4_move_3
-	CMPQ R13, $0x08
-	JB   copy_4_move_4through7
-	JMP  copy_4_move_8through16
-
-copy_4_move_3:
-	MOVW (R14), AX
-	MOVB 2(R14), CL
-	MOVW AX, (R10)
-	MOVB CL, 2(R10)
-	ADDQ R13, R14
-	ADDQ R13, R10
-	JMP  copy_4_end
-
-copy_4_move_4through7:
-	MOVL (R14), AX
-	MOVL -4(R14)(R13*1), CX
-	MOVL AX, (R10)
-	MOVL CX, -4(R10)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, R10
-	JMP  copy_4_end
-
-copy_4_move_8through16:
-	MOVQ (R14), AX
-	MOVQ -8(R14)(R13*1), CX
-	MOVQ AX, (R10)
-	MOVQ CX, -8(R10)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, R10
-
-copy_4_end:
-	ADDQ R13, R12
-	JMP  handle_loop
-	JMP loop_finished
-
-copy_all_from_history:
-	MOVQ AX, R15
-	SUBQ $0x10, R15
-	JB   copy_5_small
-
-copy_5_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (R10)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, R10
-	SUBQ   $0x10, R15
-	JAE    copy_5_loop
-	LEAQ   16(R14)(R15*1), R14
-	LEAQ   16(R10)(R15*1), R10
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(R10)
-	JMP    copy_5_end
-
-copy_5_small:
-	CMPQ AX, $0x03
-	JE   copy_5_move_3
-	JB   copy_5_move_1or2
-	CMPQ AX, $0x08
-	JB   copy_5_move_4through7
-	JMP  copy_5_move_8through16
-
-copy_5_move_1or2:
-	MOVB (R14), R15
-	MOVB -1(R14)(AX*1), BP
-	MOVB R15, (R10)
-	MOVB BP, -1(R10)(AX*1)
-	ADDQ AX, R14
-	ADDQ AX, R10
-	JMP  copy_5_end
-
-copy_5_move_3:
-	MOVW (R14), R15
-	MOVB 2(R14), BP
-	MOVW R15, (R10)
-	MOVB BP, 2(R10)
-	ADDQ AX, R14
-	ADDQ AX, R10
-	JMP  copy_5_end
-
-copy_5_move_4through7:
-	MOVL (R14), R15
-	MOVL -4(R14)(AX*1), BP
-	MOVL R15, (R10)
-	MOVL BP, -4(R10)(AX*1)
-	ADDQ AX, R14
-	ADDQ AX, R10
-	JMP  copy_5_end
-
-copy_5_move_8through16:
-	MOVQ (R14), R15
-	MOVQ -8(R14)(AX*1), BP
-	MOVQ R15, (R10)
-	MOVQ BP, -8(R10)(AX*1)
-	ADDQ AX, R14
-	ADDQ AX, R10
-
-copy_5_end:
-	ADDQ AX, R12
-	SUBQ AX, R13
-
-	// Copy match from the current buffer
-copy_match:
-	MOVQ R10, AX
-	SUBQ CX, AX
-
-	// ml <= mo
-	CMPQ R13, CX
-	JA   copy_overlapping_match
-
-	// Copy non-overlapping match
-	ADDQ R13, R12
-	MOVQ R10, CX
-	ADDQ R13, R10
-
-copy_2:
-	MOVUPS (AX), X0
-	MOVUPS X0, (CX)
-	ADDQ   $0x10, AX
-	ADDQ   $0x10, CX
-	SUBQ   $0x10, R13
-	JHI    copy_2
-	JMP    handle_loop
-
-	// Copy overlapping match
-copy_overlapping_match:
-	ADDQ R13, R12
-
-copy_slow_3:
-	MOVB (AX), CL
-	MOVB CL, (R10)
-	INCQ AX
-	INCQ R10
-	DECQ R13
-	JNZ  copy_slow_3
-
-handle_loop:
-	MOVQ ctx+16(FP), AX
-	DECQ 96(AX)
-	JNS  sequenceDecs_decodeSync_amd64_main_loop
-
-loop_finished:
-	MOVQ br+8(FP), AX
-	MOVQ DX, 24(AX)
-	MOVB BL, 32(AX)
-	MOVQ SI, 8(AX)
-
-	// Update the context
-	MOVQ ctx+16(FP), AX
-	MOVQ R12, 136(AX)
-	MOVQ 144(AX), CX
-	SUBQ CX, R11
-	MOVQ R11, 168(AX)
-
-	// Return success
-	MOVQ $0x00000000, ret+24(FP)
-	RET
-
-	// Return with match length error
-sequenceDecs_decodeSync_amd64_error_match_len_ofs_mismatch:
-	MOVQ 16(SP), AX
-	MOVQ ctx+16(FP), CX
-	MOVQ AX, 216(CX)
-	MOVQ $0x00000001, ret+24(FP)
-	RET
-
-	// Return with match too long error
-sequenceDecs_decodeSync_amd64_error_match_len_too_big:
-	MOVQ ctx+16(FP), AX
-	MOVQ 16(SP), CX
-	MOVQ CX, 216(AX)
-	MOVQ $0x00000002, ret+24(FP)
-	RET
-
-	// Return with match offset too long error
-error_match_off_too_big:
-	MOVQ ctx+16(FP), AX
-	MOVQ 8(SP), CX
-	MOVQ CX, 224(AX)
-	MOVQ R12, 136(AX)
-	MOVQ $0x00000003, ret+24(FP)
-	RET
-
-	// Return with not enough literals error
-error_not_enough_literals:
-	MOVQ ctx+16(FP), AX
-	MOVQ 24(SP), CX
-	MOVQ CX, 208(AX)
-	MOVQ $0x00000004, ret+24(FP)
-	RET
-
-	// Return with overread error
-error_overread:
-	MOVQ $0x00000006, ret+24(FP)
-	RET
-
-	// Return with not enough output space error
-error_not_enough_space:
-	MOVQ ctx+16(FP), AX
-	MOVQ 24(SP), CX
-	MOVQ CX, 208(AX)
-	MOVQ 16(SP), CX
-	MOVQ CX, 216(AX)
-	MOVQ R12, 136(AX)
-	MOVQ $0x00000005, ret+24(FP)
-	RET
-
-// func sequenceDecs_decodeSync_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
-// Requires: BMI, BMI2, CMOV, SSE
-TEXT ·sequenceDecs_decodeSync_bmi2(SB), $64-32
-	MOVQ    br+8(FP), BX
-	MOVQ    24(BX), AX
-	MOVBQZX 32(BX), DX
-	MOVQ    (BX), CX
-	MOVQ    8(BX), BX
-	ADDQ    BX, CX
-	MOVQ    CX, (SP)
-	MOVQ    ctx+16(FP), CX
-	MOVQ    72(CX), SI
-	MOVQ    80(CX), DI
-	MOVQ    88(CX), R8
-	XORQ    R9, R9
-	MOVQ    R9, 8(SP)
-	MOVQ    R9, 16(SP)
-	MOVQ    R9, 24(SP)
-	MOVQ    112(CX), R9
-	MOVQ    128(CX), R10
-	MOVQ    R10, 32(SP)
-	MOVQ    144(CX), R10
-	MOVQ    136(CX), R11
-	MOVQ    200(CX), R12
-	MOVQ    R12, 56(SP)
-	MOVQ    176(CX), R12
-	MOVQ    R12, 48(SP)
-	MOVQ    184(CX), CX
-	MOVQ    CX, 40(SP)
-	MOVQ    40(SP), CX
-	ADDQ    CX, 48(SP)
-
-	// Calculate pointer to s.out[cap(s.out)] (a past-end pointer)
-	ADDQ R9, 32(SP)
-
-	// outBase += outPosition
-	ADDQ R11, R9
-
-sequenceDecs_decodeSync_bmi2_main_loop:
-	MOVQ (SP), R12
-
-	// Fill bitreader to have enough for the offset and match length.
-	CMPQ BX, $0x08
-	JL   sequenceDecs_decodeSync_bmi2_fill_byte_by_byte
-	MOVQ DX, CX
-	SHRQ $0x03, CX
-	SUBQ CX, R12
-	MOVQ (R12), AX
-	SUBQ CX, BX
-	ANDQ $0x07, DX
-	JMP  sequenceDecs_decodeSync_bmi2_fill_end
-
-sequenceDecs_decodeSync_bmi2_fill_byte_by_byte:
-	CMPQ    BX, $0x00
-	JLE     sequenceDecs_decodeSync_bmi2_fill_check_overread
-	CMPQ    DX, $0x07
-	JLE     sequenceDecs_decodeSync_bmi2_fill_end
-	SHLQ    $0x08, AX
-	SUBQ    $0x01, R12
-	SUBQ    $0x01, BX
-	SUBQ    $0x08, DX
-	MOVBQZX (R12), CX
-	ORQ     CX, AX
-	JMP     sequenceDecs_decodeSync_bmi2_fill_byte_by_byte
-
-sequenceDecs_decodeSync_bmi2_fill_check_overread:
-	CMPQ DX, $0x40
-	JA   error_overread
-
-sequenceDecs_decodeSync_bmi2_fill_end:
-	// Update offset
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, R8, R13
-	MOVQ   AX, R14
-	LEAQ   (DX)(R13*1), CX
-	ROLQ   CL, R14
-	BZHIQ  R13, R14, R14
-	MOVQ   CX, DX
-	MOVQ   R8, CX
-	SHRQ   $0x20, CX
-	ADDQ   R14, CX
-	MOVQ   CX, 8(SP)
-
-	// Update match length
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, DI, R13
-	MOVQ   AX, R14
-	LEAQ   (DX)(R13*1), CX
-	ROLQ   CL, R14
-	BZHIQ  R13, R14, R14
-	MOVQ   CX, DX
-	MOVQ   DI, CX
-	SHRQ   $0x20, CX
-	ADDQ   R14, CX
-	MOVQ   CX, 16(SP)
-
-	// Fill bitreader to have enough for the remaining
-	CMPQ BX, $0x08
-	JL   sequenceDecs_decodeSync_bmi2_fill_2_byte_by_byte
-	MOVQ DX, CX
-	SHRQ $0x03, CX
-	SUBQ CX, R12
-	MOVQ (R12), AX
-	SUBQ CX, BX
-	ANDQ $0x07, DX
-	JMP  sequenceDecs_decodeSync_bmi2_fill_2_end
-
-sequenceDecs_decodeSync_bmi2_fill_2_byte_by_byte:
-	CMPQ    BX, $0x00
-	JLE     sequenceDecs_decodeSync_bmi2_fill_2_check_overread
-	CMPQ    DX, $0x07
-	JLE     sequenceDecs_decodeSync_bmi2_fill_2_end
-	SHLQ    $0x08, AX
-	SUBQ    $0x01, R12
-	SUBQ    $0x01, BX
-	SUBQ    $0x08, DX
-	MOVBQZX (R12), CX
-	ORQ     CX, AX
-	JMP     sequenceDecs_decodeSync_bmi2_fill_2_byte_by_byte
-
-sequenceDecs_decodeSync_bmi2_fill_2_check_overread:
-	CMPQ DX, $0x40
-	JA   error_overread
-
-sequenceDecs_decodeSync_bmi2_fill_2_end:
-	// Update literal length
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, SI, R13
-	MOVQ   AX, R14
-	LEAQ   (DX)(R13*1), CX
-	ROLQ   CL, R14
-	BZHIQ  R13, R14, R14
-	MOVQ   CX, DX
-	MOVQ   SI, CX
-	SHRQ   $0x20, CX
-	ADDQ   R14, CX
-	MOVQ   CX, 24(SP)
-
-	// Fill bitreader for state updates
-	MOVQ    R12, (SP)
-	MOVQ    $0x00000808, CX
-	BEXTRQ  CX, R8, R12
-	MOVQ    ctx+16(FP), CX
-	CMPQ    96(CX), $0x00
-	JZ      sequenceDecs_decodeSync_bmi2_skip_update
-	LEAQ    (SI)(DI*1), R13
-	ADDQ    R8, R13
-	MOVBQZX R13, R13
-	LEAQ    (DX)(R13*1), CX
-	MOVQ    AX, R14
-	MOVQ    CX, DX
-	ROLQ    CL, R14
-	BZHIQ   R13, R14, R14
-
-	// Update Offset State
-	BZHIQ R8, R14, CX
-	SHRXQ R8, R14, R14
-	SHRL  $0x10, R8
-	ADDQ  CX, R8
-
-	// Load ctx.ofTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 48(CX), CX
-	MOVQ (CX)(R8*8), R8
-
-	// Update Match Length State
-	BZHIQ DI, R14, CX
-	SHRXQ DI, R14, R14
-	SHRL  $0x10, DI
-	ADDQ  CX, DI
-
-	// Load ctx.mlTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 24(CX), CX
-	MOVQ (CX)(DI*8), DI
-
-	// Update Literal Length State
-	BZHIQ SI, R14, CX
-	SHRL  $0x10, SI
-	ADDQ  CX, SI
-
-	// Load ctx.llTable
-	MOVQ ctx+16(FP), CX
-	MOVQ (CX), CX
-	MOVQ (CX)(SI*8), SI
-
-sequenceDecs_decodeSync_bmi2_skip_update:
-	// Adjust offset
-	MOVQ   s+0(FP), CX
-	MOVQ   8(SP), R13
-	CMPQ   R12, $0x01
-	JBE    sequenceDecs_decodeSync_bmi2_adjust_offsetB_1_or_0
-	MOVUPS 144(CX), X0
-	MOVQ   R13, 144(CX)
-	MOVUPS X0, 152(CX)
-	JMP    sequenceDecs_decodeSync_bmi2_after_adjust
-
-sequenceDecs_decodeSync_bmi2_adjust_offsetB_1_or_0:
-	CMPQ 24(SP), $0x00000000
-	JNE  sequenceDecs_decodeSync_bmi2_adjust_offset_maybezero
-	INCQ R13
-	JMP  sequenceDecs_decodeSync_bmi2_adjust_offset_nonzero
-
-sequenceDecs_decodeSync_bmi2_adjust_offset_maybezero:
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decodeSync_bmi2_adjust_offset_nonzero
-	MOVQ  144(CX), R13
-	JMP   sequenceDecs_decodeSync_bmi2_after_adjust
-
-sequenceDecs_decodeSync_bmi2_adjust_offset_nonzero:
-	MOVQ    R13, R12
-	XORQ    R14, R14
-	MOVQ    $-1, R15
-	CMPQ    R13, $0x03
-	CMOVQEQ R14, R12
-	CMOVQEQ R15, R14
-	ADDQ    144(CX)(R12*8), R14
-	JNZ     sequenceDecs_decodeSync_bmi2_adjust_temp_valid
-	MOVQ    $0x00000001, R14
-
-sequenceDecs_decodeSync_bmi2_adjust_temp_valid:
-	CMPQ R13, $0x01
-	JZ   sequenceDecs_decodeSync_bmi2_adjust_skip
-	MOVQ 152(CX), R12
-	MOVQ R12, 160(CX)
-
-sequenceDecs_decodeSync_bmi2_adjust_skip:
-	MOVQ 144(CX), R12
-	MOVQ R12, 152(CX)
-	MOVQ R14, 144(CX)
-	MOVQ R14, R13
-
-sequenceDecs_decodeSync_bmi2_after_adjust:
-	MOVQ R13, 8(SP)
-
-	// Check values
-	MOVQ  16(SP), CX
-	MOVQ  24(SP), R12
-	LEAQ  (CX)(R12*1), R14
-	MOVQ  s+0(FP), R15
-	ADDQ  R14, 256(R15)
-	MOVQ  ctx+16(FP), R14
-	SUBQ  R12, 104(R14)
-	JS    error_not_enough_literals
-	CMPQ  CX, $0x00020002
-	JA    sequenceDecs_decodeSync_bmi2_error_match_len_too_big
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decodeSync_bmi2_match_len_ofs_ok
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decodeSync_bmi2_error_match_len_ofs_mismatch
-
-sequenceDecs_decodeSync_bmi2_match_len_ofs_ok:
-	MOVQ 24(SP), CX
-	MOVQ 8(SP), R12
-	MOVQ 16(SP), R13
-
-	// Check if we have enough space in s.out
-	LEAQ (CX)(R13*1), R14
-	ADDQ R9, R14
-	CMPQ R14, 32(SP)
-	JA   error_not_enough_space
-
-	// Copy literals
-	TESTQ CX, CX
-	JZ    check_offset
-	XORQ  R14, R14
-
-copy_1:
-	MOVUPS (R10)(R14*1), X0
-	MOVUPS X0, (R9)(R14*1)
-	ADDQ   $0x10, R14
-	CMPQ   R14, CX
-	JB     copy_1
-	ADDQ   CX, R10
-	ADDQ   CX, R9
-	ADDQ   CX, R11
-
-	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
-check_offset:
-	MOVQ R11, CX
-	ADDQ 40(SP), CX
-	CMPQ R12, CX
-	JG   error_match_off_too_big
-	CMPQ R12, 56(SP)
-	JG   error_match_off_too_big
-
-	// Copy match from history
-	MOVQ R12, CX
-	SUBQ R11, CX
-	JLS  copy_match
-	MOVQ 48(SP), R14
-	SUBQ CX, R14
-	CMPQ R13, CX
-	JG   copy_all_from_history
-	MOVQ R13, CX
-	SUBQ $0x10, CX
-	JB   copy_4_small
-
-copy_4_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (R9)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, R9
-	SUBQ   $0x10, CX
-	JAE    copy_4_loop
-	LEAQ   16(R14)(CX*1), R14
-	LEAQ   16(R9)(CX*1), R9
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(R9)
-	JMP    copy_4_end
-
-copy_4_small:
-	CMPQ R13, $0x03
-	JE   copy_4_move_3
-	CMPQ R13, $0x08
-	JB   copy_4_move_4through7
-	JMP  copy_4_move_8through16
-
-copy_4_move_3:
-	MOVW (R14), CX
-	MOVB 2(R14), R12
-	MOVW CX, (R9)
-	MOVB R12, 2(R9)
-	ADDQ R13, R14
-	ADDQ R13, R9
-	JMP  copy_4_end
-
-copy_4_move_4through7:
-	MOVL (R14), CX
-	MOVL -4(R14)(R13*1), R12
-	MOVL CX, (R9)
-	MOVL R12, -4(R9)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, R9
-	JMP  copy_4_end
-
-copy_4_move_8through16:
-	MOVQ (R14), CX
-	MOVQ -8(R14)(R13*1), R12
-	MOVQ CX, (R9)
-	MOVQ R12, -8(R9)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, R9
-
-copy_4_end:
-	ADDQ R13, R11
-	JMP  handle_loop
-	JMP loop_finished
-
-copy_all_from_history:
-	MOVQ CX, R15
-	SUBQ $0x10, R15
-	JB   copy_5_small
-
-copy_5_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (R9)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, R9
-	SUBQ   $0x10, R15
-	JAE    copy_5_loop
-	LEAQ   16(R14)(R15*1), R14
-	LEAQ   16(R9)(R15*1), R9
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(R9)
-	JMP    copy_5_end
-
-copy_5_small:
-	CMPQ CX, $0x03
-	JE   copy_5_move_3
-	JB   copy_5_move_1or2
-	CMPQ CX, $0x08
-	JB   copy_5_move_4through7
-	JMP  copy_5_move_8through16
-
-copy_5_move_1or2:
-	MOVB (R14), R15
-	MOVB -1(R14)(CX*1), BP
-	MOVB R15, (R9)
-	MOVB BP, -1(R9)(CX*1)
-	ADDQ CX, R14
-	ADDQ CX, R9
-	JMP  copy_5_end
-
-copy_5_move_3:
-	MOVW (R14), R15
-	MOVB 2(R14), BP
-	MOVW R15, (R9)
-	MOVB BP, 2(R9)
-	ADDQ CX, R14
-	ADDQ CX, R9
-	JMP  copy_5_end
-
-copy_5_move_4through7:
-	MOVL (R14), R15
-	MOVL -4(R14)(CX*1), BP
-	MOVL R15, (R9)
-	MOVL BP, -4(R9)(CX*1)
-	ADDQ CX, R14
-	ADDQ CX, R9
-	JMP  copy_5_end
-
-copy_5_move_8through16:
-	MOVQ (R14), R15
-	MOVQ -8(R14)(CX*1), BP
-	MOVQ R15, (R9)
-	MOVQ BP, -8(R9)(CX*1)
-	ADDQ CX, R14
-	ADDQ CX, R9
-
-copy_5_end:
-	ADDQ CX, R11
-	SUBQ CX, R13
-
-	// Copy match from the current buffer
-copy_match:
-	MOVQ R9, CX
-	SUBQ R12, CX
-
-	// ml <= mo
-	CMPQ R13, R12
-	JA   copy_overlapping_match
-
-	// Copy non-overlapping match
-	ADDQ R13, R11
-	MOVQ R9, R12
-	ADDQ R13, R9
-
-copy_2:
-	MOVUPS (CX), X0
-	MOVUPS X0, (R12)
-	ADDQ   $0x10, CX
-	ADDQ   $0x10, R12
-	SUBQ   $0x10, R13
-	JHI    copy_2
-	JMP    handle_loop
-
-	// Copy overlapping match
-copy_overlapping_match:
-	ADDQ R13, R11
-
-copy_slow_3:
-	MOVB (CX), R12
-	MOVB R12, (R9)
-	INCQ CX
-	INCQ R9
-	DECQ R13
-	JNZ  copy_slow_3
-
-handle_loop:
-	MOVQ ctx+16(FP), CX
-	DECQ 96(CX)
-	JNS  sequenceDecs_decodeSync_bmi2_main_loop
-
-loop_finished:
-	MOVQ br+8(FP), CX
-	MOVQ AX, 24(CX)
-	MOVB DL, 32(CX)
-	MOVQ BX, 8(CX)
-
-	// Update the context
-	MOVQ ctx+16(FP), AX
-	MOVQ R11, 136(AX)
-	MOVQ 144(AX), CX
-	SUBQ CX, R10
-	MOVQ R10, 168(AX)
-
-	// Return success
-	MOVQ $0x00000000, ret+24(FP)
-	RET
-
-	// Return with match length error
-sequenceDecs_decodeSync_bmi2_error_match_len_ofs_mismatch:
-	MOVQ 16(SP), AX
-	MOVQ ctx+16(FP), CX
-	MOVQ AX, 216(CX)
-	MOVQ $0x00000001, ret+24(FP)
-	RET
-
-	// Return with match too long error
-sequenceDecs_decodeSync_bmi2_error_match_len_too_big:
-	MOVQ ctx+16(FP), AX
-	MOVQ 16(SP), CX
-	MOVQ CX, 216(AX)
-	MOVQ $0x00000002, ret+24(FP)
-	RET
-
-	// Return with match offset too long error
-error_match_off_too_big:
-	MOVQ ctx+16(FP), AX
-	MOVQ 8(SP), CX
-	MOVQ CX, 224(AX)
-	MOVQ R11, 136(AX)
-	MOVQ $0x00000003, ret+24(FP)
-	RET
-
-	// Return with not enough literals error
-error_not_enough_literals:
-	MOVQ ctx+16(FP), AX
-	MOVQ 24(SP), CX
-	MOVQ CX, 208(AX)
-	MOVQ $0x00000004, ret+24(FP)
-	RET
-
-	// Return with overread error
-error_overread:
-	MOVQ $0x00000006, ret+24(FP)
-	RET
-
-	// Return with not enough output space error
-error_not_enough_space:
-	MOVQ ctx+16(FP), AX
-	MOVQ 24(SP), CX
-	MOVQ CX, 208(AX)
-	MOVQ 16(SP), CX
-	MOVQ CX, 216(AX)
-	MOVQ R11, 136(AX)
-	MOVQ $0x00000005, ret+24(FP)
-	RET
-
-// func sequenceDecs_decodeSync_safe_amd64(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
-// Requires: CMOV, SSE
-TEXT ·sequenceDecs_decodeSync_safe_amd64(SB), $64-32
-	MOVQ    br+8(FP), CX
-	MOVQ    24(CX), DX
-	MOVBQZX 32(CX), BX
-	MOVQ    (CX), AX
-	MOVQ    8(CX), SI
-	ADDQ    SI, AX
-	MOVQ    AX, (SP)
-	MOVQ    ctx+16(FP), AX
-	MOVQ    72(AX), DI
-	MOVQ    80(AX), R8
-	MOVQ    88(AX), R9
-	XORQ    CX, CX
-	MOVQ    CX, 8(SP)
-	MOVQ    CX, 16(SP)
-	MOVQ    CX, 24(SP)
-	MOVQ    112(AX), R10
-	MOVQ    128(AX), CX
-	MOVQ    CX, 32(SP)
-	MOVQ    144(AX), R11
-	MOVQ    136(AX), R12
-	MOVQ    200(AX), CX
-	MOVQ    CX, 56(SP)
-	MOVQ    176(AX), CX
-	MOVQ    CX, 48(SP)
-	MOVQ    184(AX), AX
-	MOVQ    AX, 40(SP)
-	MOVQ    40(SP), AX
-	ADDQ    AX, 48(SP)
-
-	// Calculate pointer to s.out[cap(s.out)] (a past-end pointer)
-	ADDQ R10, 32(SP)
-
-	// outBase += outPosition
-	ADDQ R12, R10
-
-sequenceDecs_decodeSync_safe_amd64_main_loop:
-	MOVQ (SP), R13
-
-	// Fill bitreader to have enough for the offset and match length.
-	CMPQ SI, $0x08
-	JL   sequenceDecs_decodeSync_safe_amd64_fill_byte_by_byte
-	MOVQ BX, AX
-	SHRQ $0x03, AX
-	SUBQ AX, R13
-	MOVQ (R13), DX
-	SUBQ AX, SI
-	ANDQ $0x07, BX
-	JMP  sequenceDecs_decodeSync_safe_amd64_fill_end
-
-sequenceDecs_decodeSync_safe_amd64_fill_byte_by_byte:
-	CMPQ    SI, $0x00
-	JLE     sequenceDecs_decodeSync_safe_amd64_fill_check_overread
-	CMPQ    BX, $0x07
-	JLE     sequenceDecs_decodeSync_safe_amd64_fill_end
-	SHLQ    $0x08, DX
-	SUBQ    $0x01, R13
-	SUBQ    $0x01, SI
-	SUBQ    $0x08, BX
-	MOVBQZX (R13), AX
-	ORQ     AX, DX
-	JMP     sequenceDecs_decodeSync_safe_amd64_fill_byte_by_byte
-
-sequenceDecs_decodeSync_safe_amd64_fill_check_overread:
-	CMPQ BX, $0x40
-	JA   error_overread
-
-sequenceDecs_decodeSync_safe_amd64_fill_end:
-	// Update offset
-	MOVQ  R9, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R14
-	SHLQ  CL, R14
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decodeSync_safe_amd64_of_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decodeSync_safe_amd64_of_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decodeSync_safe_amd64_of_update_zero
-	NEGQ  CX
-	SHRQ  CL, R14
-	ADDQ  R14, AX
-
-sequenceDecs_decodeSync_safe_amd64_of_update_zero:
-	MOVQ AX, 8(SP)
-
-	// Update match length
-	MOVQ  R8, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R14
-	SHLQ  CL, R14
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decodeSync_safe_amd64_ml_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decodeSync_safe_amd64_ml_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decodeSync_safe_amd64_ml_update_zero
-	NEGQ  CX
-	SHRQ  CL, R14
-	ADDQ  R14, AX
-
-sequenceDecs_decodeSync_safe_amd64_ml_update_zero:
-	MOVQ AX, 16(SP)
-
-	// Fill bitreader to have enough for the remaining
-	CMPQ SI, $0x08
-	JL   sequenceDecs_decodeSync_safe_amd64_fill_2_byte_by_byte
-	MOVQ BX, AX
-	SHRQ $0x03, AX
-	SUBQ AX, R13
-	MOVQ (R13), DX
-	SUBQ AX, SI
-	ANDQ $0x07, BX
-	JMP  sequenceDecs_decodeSync_safe_amd64_fill_2_end
-
-sequenceDecs_decodeSync_safe_amd64_fill_2_byte_by_byte:
-	CMPQ    SI, $0x00
-	JLE     sequenceDecs_decodeSync_safe_amd64_fill_2_check_overread
-	CMPQ    BX, $0x07
-	JLE     sequenceDecs_decodeSync_safe_amd64_fill_2_end
-	SHLQ    $0x08, DX
-	SUBQ    $0x01, R13
-	SUBQ    $0x01, SI
-	SUBQ    $0x08, BX
-	MOVBQZX (R13), AX
-	ORQ     AX, DX
-	JMP     sequenceDecs_decodeSync_safe_amd64_fill_2_byte_by_byte
-
-sequenceDecs_decodeSync_safe_amd64_fill_2_check_overread:
-	CMPQ BX, $0x40
-	JA   error_overread
-
-sequenceDecs_decodeSync_safe_amd64_fill_2_end:
-	// Update literal length
-	MOVQ  DI, AX
-	MOVQ  BX, CX
-	MOVQ  DX, R14
-	SHLQ  CL, R14
-	MOVB  AH, CL
-	SHRQ  $0x20, AX
-	TESTQ CX, CX
-	JZ    sequenceDecs_decodeSync_safe_amd64_ll_update_zero
-	ADDQ  CX, BX
-	CMPQ  BX, $0x40
-	JA    sequenceDecs_decodeSync_safe_amd64_ll_update_zero
-	CMPQ  CX, $0x40
-	JAE   sequenceDecs_decodeSync_safe_amd64_ll_update_zero
-	NEGQ  CX
-	SHRQ  CL, R14
-	ADDQ  R14, AX
-
-sequenceDecs_decodeSync_safe_amd64_ll_update_zero:
-	MOVQ AX, 24(SP)
-
-	// Fill bitreader for state updates
-	MOVQ    R13, (SP)
-	MOVQ    R9, AX
-	SHRQ    $0x08, AX
-	MOVBQZX AL, AX
-	MOVQ    ctx+16(FP), CX
-	CMPQ    96(CX), $0x00
-	JZ      sequenceDecs_decodeSync_safe_amd64_skip_update
-
-	// Update Literal Length State
-	MOVBQZX DI, R13
-	SHRL    $0x10, DI
-	LEAQ    (BX)(R13*1), CX
-	MOVQ    DX, R14
-	MOVQ    CX, BX
-	ROLQ    CL, R14
-	MOVL    $0x00000001, R15
-	MOVB    R13, CL
-	SHLL    CL, R15
-	DECL    R15
-	ANDQ    R15, R14
-	ADDQ    R14, DI
-
-	// Load ctx.llTable
-	MOVQ ctx+16(FP), CX
-	MOVQ (CX), CX
-	MOVQ (CX)(DI*8), DI
-
-	// Update Match Length State
-	MOVBQZX R8, R13
-	SHRL    $0x10, R8
-	LEAQ    (BX)(R13*1), CX
-	MOVQ    DX, R14
-	MOVQ    CX, BX
-	ROLQ    CL, R14
-	MOVL    $0x00000001, R15
-	MOVB    R13, CL
-	SHLL    CL, R15
-	DECL    R15
-	ANDQ    R15, R14
-	ADDQ    R14, R8
-
-	// Load ctx.mlTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 24(CX), CX
-	MOVQ (CX)(R8*8), R8
-
-	// Update Offset State
-	MOVBQZX R9, R13
-	SHRL    $0x10, R9
-	LEAQ    (BX)(R13*1), CX
-	MOVQ    DX, R14
-	MOVQ    CX, BX
-	ROLQ    CL, R14
-	MOVL    $0x00000001, R15
-	MOVB    R13, CL
-	SHLL    CL, R15
-	DECL    R15
-	ANDQ    R15, R14
-	ADDQ    R14, R9
-
-	// Load ctx.ofTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 48(CX), CX
-	MOVQ (CX)(R9*8), R9
-
-sequenceDecs_decodeSync_safe_amd64_skip_update:
-	// Adjust offset
-	MOVQ   s+0(FP), CX
-	MOVQ   8(SP), R13
-	CMPQ   AX, $0x01
-	JBE    sequenceDecs_decodeSync_safe_amd64_adjust_offsetB_1_or_0
-	MOVUPS 144(CX), X0
-	MOVQ   R13, 144(CX)
-	MOVUPS X0, 152(CX)
-	JMP    sequenceDecs_decodeSync_safe_amd64_after_adjust
-
-sequenceDecs_decodeSync_safe_amd64_adjust_offsetB_1_or_0:
-	CMPQ 24(SP), $0x00000000
-	JNE  sequenceDecs_decodeSync_safe_amd64_adjust_offset_maybezero
-	INCQ R13
-	JMP  sequenceDecs_decodeSync_safe_amd64_adjust_offset_nonzero
-
-sequenceDecs_decodeSync_safe_amd64_adjust_offset_maybezero:
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decodeSync_safe_amd64_adjust_offset_nonzero
-	MOVQ  144(CX), R13
-	JMP   sequenceDecs_decodeSync_safe_amd64_after_adjust
-
-sequenceDecs_decodeSync_safe_amd64_adjust_offset_nonzero:
-	MOVQ    R13, AX
-	XORQ    R14, R14
-	MOVQ    $-1, R15
-	CMPQ    R13, $0x03
-	CMOVQEQ R14, AX
-	CMOVQEQ R15, R14
-	ADDQ    144(CX)(AX*8), R14
-	JNZ     sequenceDecs_decodeSync_safe_amd64_adjust_temp_valid
-	MOVQ    $0x00000001, R14
-
-sequenceDecs_decodeSync_safe_amd64_adjust_temp_valid:
-	CMPQ R13, $0x01
-	JZ   sequenceDecs_decodeSync_safe_amd64_adjust_skip
-	MOVQ 152(CX), AX
-	MOVQ AX, 160(CX)
-
-sequenceDecs_decodeSync_safe_amd64_adjust_skip:
-	MOVQ 144(CX), AX
-	MOVQ AX, 152(CX)
-	MOVQ R14, 144(CX)
-	MOVQ R14, R13
-
-sequenceDecs_decodeSync_safe_amd64_after_adjust:
-	MOVQ R13, 8(SP)
-
-	// Check values
-	MOVQ  16(SP), AX
-	MOVQ  24(SP), CX
-	LEAQ  (AX)(CX*1), R14
-	MOVQ  s+0(FP), R15
-	ADDQ  R14, 256(R15)
-	MOVQ  ctx+16(FP), R14
-	SUBQ  CX, 104(R14)
-	JS    error_not_enough_literals
-	CMPQ  AX, $0x00020002
-	JA    sequenceDecs_decodeSync_safe_amd64_error_match_len_too_big
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decodeSync_safe_amd64_match_len_ofs_ok
-	TESTQ AX, AX
-	JNZ   sequenceDecs_decodeSync_safe_amd64_error_match_len_ofs_mismatch
-
-sequenceDecs_decodeSync_safe_amd64_match_len_ofs_ok:
-	MOVQ 24(SP), AX
-	MOVQ 8(SP), CX
-	MOVQ 16(SP), R13
-
-	// Check if we have enough space in s.out
-	LEAQ (AX)(R13*1), R14
-	ADDQ R10, R14
-	CMPQ R14, 32(SP)
-	JA   error_not_enough_space
-
-	// Copy literals
-	TESTQ AX, AX
-	JZ    check_offset
-	MOVQ  AX, R14
-	SUBQ  $0x10, R14
-	JB    copy_1_small
-
-copy_1_loop:
-	MOVUPS (R11), X0
-	MOVUPS X0, (R10)
-	ADDQ   $0x10, R11
-	ADDQ   $0x10, R10
-	SUBQ   $0x10, R14
-	JAE    copy_1_loop
-	LEAQ   16(R11)(R14*1), R11
-	LEAQ   16(R10)(R14*1), R10
-	MOVUPS -16(R11), X0
-	MOVUPS X0, -16(R10)
-	JMP    copy_1_end
-
-copy_1_small:
-	CMPQ AX, $0x03
-	JE   copy_1_move_3
-	JB   copy_1_move_1or2
-	CMPQ AX, $0x08
-	JB   copy_1_move_4through7
-	JMP  copy_1_move_8through16
-
-copy_1_move_1or2:
-	MOVB (R11), R14
-	MOVB -1(R11)(AX*1), R15
-	MOVB R14, (R10)
-	MOVB R15, -1(R10)(AX*1)
-	ADDQ AX, R11
-	ADDQ AX, R10
-	JMP  copy_1_end
-
-copy_1_move_3:
-	MOVW (R11), R14
-	MOVB 2(R11), R15
-	MOVW R14, (R10)
-	MOVB R15, 2(R10)
-	ADDQ AX, R11
-	ADDQ AX, R10
-	JMP  copy_1_end
-
-copy_1_move_4through7:
-	MOVL (R11), R14
-	MOVL -4(R11)(AX*1), R15
-	MOVL R14, (R10)
-	MOVL R15, -4(R10)(AX*1)
-	ADDQ AX, R11
-	ADDQ AX, R10
-	JMP  copy_1_end
-
-copy_1_move_8through16:
-	MOVQ (R11), R14
-	MOVQ -8(R11)(AX*1), R15
-	MOVQ R14, (R10)
-	MOVQ R15, -8(R10)(AX*1)
-	ADDQ AX, R11
-	ADDQ AX, R10
-
-copy_1_end:
-	ADDQ AX, R12
-
-	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
-check_offset:
-	MOVQ R12, AX
-	ADDQ 40(SP), AX
-	CMPQ CX, AX
-	JG   error_match_off_too_big
-	CMPQ CX, 56(SP)
-	JG   error_match_off_too_big
-
-	// Copy match from history
-	MOVQ CX, AX
-	SUBQ R12, AX
-	JLS  copy_match
-	MOVQ 48(SP), R14
-	SUBQ AX, R14
-	CMPQ R13, AX
-	JG   copy_all_from_history
-	MOVQ R13, AX
-	SUBQ $0x10, AX
-	JB   copy_4_small
-
-copy_4_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (R10)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, R10
-	SUBQ   $0x10, AX
-	JAE    copy_4_loop
-	LEAQ   16(R14)(AX*1), R14
-	LEAQ   16(R10)(AX*1), R10
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(R10)
-	JMP    copy_4_end
-
-copy_4_small:
-	CMPQ R13, $0x03
-	JE   copy_4_move_3
-	CMPQ R13, $0x08
-	JB   copy_4_move_4through7
-	JMP  copy_4_move_8through16
-
-copy_4_move_3:
-	MOVW (R14), AX
-	MOVB 2(R14), CL
-	MOVW AX, (R10)
-	MOVB CL, 2(R10)
-	ADDQ R13, R14
-	ADDQ R13, R10
-	JMP  copy_4_end
-
-copy_4_move_4through7:
-	MOVL (R14), AX
-	MOVL -4(R14)(R13*1), CX
-	MOVL AX, (R10)
-	MOVL CX, -4(R10)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, R10
-	JMP  copy_4_end
-
-copy_4_move_8through16:
-	MOVQ (R14), AX
-	MOVQ -8(R14)(R13*1), CX
-	MOVQ AX, (R10)
-	MOVQ CX, -8(R10)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, R10
-
-copy_4_end:
-	ADDQ R13, R12
-	JMP  handle_loop
-	JMP loop_finished
-
-copy_all_from_history:
-	MOVQ AX, R15
-	SUBQ $0x10, R15
-	JB   copy_5_small
-
-copy_5_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (R10)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, R10
-	SUBQ   $0x10, R15
-	JAE    copy_5_loop
-	LEAQ   16(R14)(R15*1), R14
-	LEAQ   16(R10)(R15*1), R10
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(R10)
-	JMP    copy_5_end
-
-copy_5_small:
-	CMPQ AX, $0x03
-	JE   copy_5_move_3
-	JB   copy_5_move_1or2
-	CMPQ AX, $0x08
-	JB   copy_5_move_4through7
-	JMP  copy_5_move_8through16
-
-copy_5_move_1or2:
-	MOVB (R14), R15
-	MOVB -1(R14)(AX*1), BP
-	MOVB R15, (R10)
-	MOVB BP, -1(R10)(AX*1)
-	ADDQ AX, R14
-	ADDQ AX, R10
-	JMP  copy_5_end
-
-copy_5_move_3:
-	MOVW (R14), R15
-	MOVB 2(R14), BP
-	MOVW R15, (R10)
-	MOVB BP, 2(R10)
-	ADDQ AX, R14
-	ADDQ AX, R10
-	JMP  copy_5_end
-
-copy_5_move_4through7:
-	MOVL (R14), R15
-	MOVL -4(R14)(AX*1), BP
-	MOVL R15, (R10)
-	MOVL BP, -4(R10)(AX*1)
-	ADDQ AX, R14
-	ADDQ AX, R10
-	JMP  copy_5_end
-
-copy_5_move_8through16:
-	MOVQ (R14), R15
-	MOVQ -8(R14)(AX*1), BP
-	MOVQ R15, (R10)
-	MOVQ BP, -8(R10)(AX*1)
-	ADDQ AX, R14
-	ADDQ AX, R10
-
-copy_5_end:
-	ADDQ AX, R12
-	SUBQ AX, R13
-
-	// Copy match from the current buffer
-copy_match:
-	MOVQ R10, AX
-	SUBQ CX, AX
-
-	// ml <= mo
-	CMPQ R13, CX
-	JA   copy_overlapping_match
-
-	// Copy non-overlapping match
-	ADDQ R13, R12
-	MOVQ R13, CX
-	SUBQ $0x10, CX
-	JB   copy_2_small
-
-copy_2_loop:
-	MOVUPS (AX), X0
-	MOVUPS X0, (R10)
-	ADDQ   $0x10, AX
-	ADDQ   $0x10, R10
-	SUBQ   $0x10, CX
-	JAE    copy_2_loop
-	LEAQ   16(AX)(CX*1), AX
-	LEAQ   16(R10)(CX*1), R10
-	MOVUPS -16(AX), X0
-	MOVUPS X0, -16(R10)
-	JMP    copy_2_end
-
-copy_2_small:
-	CMPQ R13, $0x03
-	JE   copy_2_move_3
-	JB   copy_2_move_1or2
-	CMPQ R13, $0x08
-	JB   copy_2_move_4through7
-	JMP  copy_2_move_8through16
-
-copy_2_move_1or2:
-	MOVB (AX), CL
-	MOVB -1(AX)(R13*1), R14
-	MOVB CL, (R10)
-	MOVB R14, -1(R10)(R13*1)
-	ADDQ R13, AX
-	ADDQ R13, R10
-	JMP  copy_2_end
-
-copy_2_move_3:
-	MOVW (AX), CX
-	MOVB 2(AX), R14
-	MOVW CX, (R10)
-	MOVB R14, 2(R10)
-	ADDQ R13, AX
-	ADDQ R13, R10
-	JMP  copy_2_end
-
-copy_2_move_4through7:
-	MOVL (AX), CX
-	MOVL -4(AX)(R13*1), R14
-	MOVL CX, (R10)
-	MOVL R14, -4(R10)(R13*1)
-	ADDQ R13, AX
-	ADDQ R13, R10
-	JMP  copy_2_end
-
-copy_2_move_8through16:
-	MOVQ (AX), CX
-	MOVQ -8(AX)(R13*1), R14
-	MOVQ CX, (R10)
-	MOVQ R14, -8(R10)(R13*1)
-	ADDQ R13, AX
-	ADDQ R13, R10
-
-copy_2_end:
-	JMP handle_loop
-
-	// Copy overlapping match
-copy_overlapping_match:
-	ADDQ R13, R12
-
-copy_slow_3:
-	MOVB (AX), CL
-	MOVB CL, (R10)
-	INCQ AX
-	INCQ R10
-	DECQ R13
-	JNZ  copy_slow_3
-
-handle_loop:
-	MOVQ ctx+16(FP), AX
-	DECQ 96(AX)
-	JNS  sequenceDecs_decodeSync_safe_amd64_main_loop
-
-loop_finished:
-	MOVQ br+8(FP), AX
-	MOVQ DX, 24(AX)
-	MOVB BL, 32(AX)
-	MOVQ SI, 8(AX)
-
-	// Update the context
-	MOVQ ctx+16(FP), AX
-	MOVQ R12, 136(AX)
-	MOVQ 144(AX), CX
-	SUBQ CX, R11
-	MOVQ R11, 168(AX)
-
-	// Return success
-	MOVQ $0x00000000, ret+24(FP)
-	RET
-
-	// Return with match length error
-sequenceDecs_decodeSync_safe_amd64_error_match_len_ofs_mismatch:
-	MOVQ 16(SP), AX
-	MOVQ ctx+16(FP), CX
-	MOVQ AX, 216(CX)
-	MOVQ $0x00000001, ret+24(FP)
-	RET
-
-	// Return with match too long error
-sequenceDecs_decodeSync_safe_amd64_error_match_len_too_big:
-	MOVQ ctx+16(FP), AX
-	MOVQ 16(SP), CX
-	MOVQ CX, 216(AX)
-	MOVQ $0x00000002, ret+24(FP)
-	RET
-
-	// Return with match offset too long error
-error_match_off_too_big:
-	MOVQ ctx+16(FP), AX
-	MOVQ 8(SP), CX
-	MOVQ CX, 224(AX)
-	MOVQ R12, 136(AX)
-	MOVQ $0x00000003, ret+24(FP)
-	RET
-
-	// Return with not enough literals error
-error_not_enough_literals:
-	MOVQ ctx+16(FP), AX
-	MOVQ 24(SP), CX
-	MOVQ CX, 208(AX)
-	MOVQ $0x00000004, ret+24(FP)
-	RET
-
-	// Return with overread error
-error_overread:
-	MOVQ $0x00000006, ret+24(FP)
-	RET
-
-	// Return with not enough output space error
-error_not_enough_space:
-	MOVQ ctx+16(FP), AX
-	MOVQ 24(SP), CX
-	MOVQ CX, 208(AX)
-	MOVQ 16(SP), CX
-	MOVQ CX, 216(AX)
-	MOVQ R12, 136(AX)
-	MOVQ $0x00000005, ret+24(FP)
-	RET
-
-// func sequenceDecs_decodeSync_safe_bmi2(s *sequenceDecs, br *bitReader, ctx *decodeSyncAsmContext) int
-// Requires: BMI, BMI2, CMOV, SSE
-TEXT ·sequenceDecs_decodeSync_safe_bmi2(SB), $64-32
-	MOVQ    br+8(FP), BX
-	MOVQ    24(BX), AX
-	MOVBQZX 32(BX), DX
-	MOVQ    (BX), CX
-	MOVQ    8(BX), BX
-	ADDQ    BX, CX
-	MOVQ    CX, (SP)
-	MOVQ    ctx+16(FP), CX
-	MOVQ    72(CX), SI
-	MOVQ    80(CX), DI
-	MOVQ    88(CX), R8
-	XORQ    R9, R9
-	MOVQ    R9, 8(SP)
-	MOVQ    R9, 16(SP)
-	MOVQ    R9, 24(SP)
-	MOVQ    112(CX), R9
-	MOVQ    128(CX), R10
-	MOVQ    R10, 32(SP)
-	MOVQ    144(CX), R10
-	MOVQ    136(CX), R11
-	MOVQ    200(CX), R12
-	MOVQ    R12, 56(SP)
-	MOVQ    176(CX), R12
-	MOVQ    R12, 48(SP)
-	MOVQ    184(CX), CX
-	MOVQ    CX, 40(SP)
-	MOVQ    40(SP), CX
-	ADDQ    CX, 48(SP)
-
-	// Calculate pointer to s.out[cap(s.out)] (a past-end pointer)
-	ADDQ R9, 32(SP)
-
-	// outBase += outPosition
-	ADDQ R11, R9
-
-sequenceDecs_decodeSync_safe_bmi2_main_loop:
-	MOVQ (SP), R12
-
-	// Fill bitreader to have enough for the offset and match length.
-	CMPQ BX, $0x08
-	JL   sequenceDecs_decodeSync_safe_bmi2_fill_byte_by_byte
-	MOVQ DX, CX
-	SHRQ $0x03, CX
-	SUBQ CX, R12
-	MOVQ (R12), AX
-	SUBQ CX, BX
-	ANDQ $0x07, DX
-	JMP  sequenceDecs_decodeSync_safe_bmi2_fill_end
-
-sequenceDecs_decodeSync_safe_bmi2_fill_byte_by_byte:
-	CMPQ    BX, $0x00
-	JLE     sequenceDecs_decodeSync_safe_bmi2_fill_check_overread
-	CMPQ    DX, $0x07
-	JLE     sequenceDecs_decodeSync_safe_bmi2_fill_end
-	SHLQ    $0x08, AX
-	SUBQ    $0x01, R12
-	SUBQ    $0x01, BX
-	SUBQ    $0x08, DX
-	MOVBQZX (R12), CX
-	ORQ     CX, AX
-	JMP     sequenceDecs_decodeSync_safe_bmi2_fill_byte_by_byte
-
-sequenceDecs_decodeSync_safe_bmi2_fill_check_overread:
-	CMPQ DX, $0x40
-	JA   error_overread
-
-sequenceDecs_decodeSync_safe_bmi2_fill_end:
-	// Update offset
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, R8, R13
-	MOVQ   AX, R14
-	LEAQ   (DX)(R13*1), CX
-	ROLQ   CL, R14
-	BZHIQ  R13, R14, R14
-	MOVQ   CX, DX
-	MOVQ   R8, CX
-	SHRQ   $0x20, CX
-	ADDQ   R14, CX
-	MOVQ   CX, 8(SP)
-
-	// Update match length
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, DI, R13
-	MOVQ   AX, R14
-	LEAQ   (DX)(R13*1), CX
-	ROLQ   CL, R14
-	BZHIQ  R13, R14, R14
-	MOVQ   CX, DX
-	MOVQ   DI, CX
-	SHRQ   $0x20, CX
-	ADDQ   R14, CX
-	MOVQ   CX, 16(SP)
-
-	// Fill bitreader to have enough for the remaining
-	CMPQ BX, $0x08
-	JL   sequenceDecs_decodeSync_safe_bmi2_fill_2_byte_by_byte
-	MOVQ DX, CX
-	SHRQ $0x03, CX
-	SUBQ CX, R12
-	MOVQ (R12), AX
-	SUBQ CX, BX
-	ANDQ $0x07, DX
-	JMP  sequenceDecs_decodeSync_safe_bmi2_fill_2_end
-
-sequenceDecs_decodeSync_safe_bmi2_fill_2_byte_by_byte:
-	CMPQ    BX, $0x00
-	JLE     sequenceDecs_decodeSync_safe_bmi2_fill_2_check_overread
-	CMPQ    DX, $0x07
-	JLE     sequenceDecs_decodeSync_safe_bmi2_fill_2_end
-	SHLQ    $0x08, AX
-	SUBQ    $0x01, R12
-	SUBQ    $0x01, BX
-	SUBQ    $0x08, DX
-	MOVBQZX (R12), CX
-	ORQ     CX, AX
-	JMP     sequenceDecs_decodeSync_safe_bmi2_fill_2_byte_by_byte
-
-sequenceDecs_decodeSync_safe_bmi2_fill_2_check_overread:
-	CMPQ DX, $0x40
-	JA   error_overread
-
-sequenceDecs_decodeSync_safe_bmi2_fill_2_end:
-	// Update literal length
-	MOVQ   $0x00000808, CX
-	BEXTRQ CX, SI, R13
-	MOVQ   AX, R14
-	LEAQ   (DX)(R13*1), CX
-	ROLQ   CL, R14
-	BZHIQ  R13, R14, R14
-	MOVQ   CX, DX
-	MOVQ   SI, CX
-	SHRQ   $0x20, CX
-	ADDQ   R14, CX
-	MOVQ   CX, 24(SP)
-
-	// Fill bitreader for state updates
-	MOVQ    R12, (SP)
-	MOVQ    $0x00000808, CX
-	BEXTRQ  CX, R8, R12
-	MOVQ    ctx+16(FP), CX
-	CMPQ    96(CX), $0x00
-	JZ      sequenceDecs_decodeSync_safe_bmi2_skip_update
-	LEAQ    (SI)(DI*1), R13
-	ADDQ    R8, R13
-	MOVBQZX R13, R13
-	LEAQ    (DX)(R13*1), CX
-	MOVQ    AX, R14
-	MOVQ    CX, DX
-	ROLQ    CL, R14
-	BZHIQ   R13, R14, R14
-
-	// Update Offset State
-	BZHIQ R8, R14, CX
-	SHRXQ R8, R14, R14
-	SHRL  $0x10, R8
-	ADDQ  CX, R8
-
-	// Load ctx.ofTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 48(CX), CX
-	MOVQ (CX)(R8*8), R8
-
-	// Update Match Length State
-	BZHIQ DI, R14, CX
-	SHRXQ DI, R14, R14
-	SHRL  $0x10, DI
-	ADDQ  CX, DI
-
-	// Load ctx.mlTable
-	MOVQ ctx+16(FP), CX
-	MOVQ 24(CX), CX
-	MOVQ (CX)(DI*8), DI
-
-	// Update Literal Length State
-	BZHIQ SI, R14, CX
-	SHRL  $0x10, SI
-	ADDQ  CX, SI
-
-	// Load ctx.llTable
-	MOVQ ctx+16(FP), CX
-	MOVQ (CX), CX
-	MOVQ (CX)(SI*8), SI
-
-sequenceDecs_decodeSync_safe_bmi2_skip_update:
-	// Adjust offset
-	MOVQ   s+0(FP), CX
-	MOVQ   8(SP), R13
-	CMPQ   R12, $0x01
-	JBE    sequenceDecs_decodeSync_safe_bmi2_adjust_offsetB_1_or_0
-	MOVUPS 144(CX), X0
-	MOVQ   R13, 144(CX)
-	MOVUPS X0, 152(CX)
-	JMP    sequenceDecs_decodeSync_safe_bmi2_after_adjust
-
-sequenceDecs_decodeSync_safe_bmi2_adjust_offsetB_1_or_0:
-	CMPQ 24(SP), $0x00000000
-	JNE  sequenceDecs_decodeSync_safe_bmi2_adjust_offset_maybezero
-	INCQ R13
-	JMP  sequenceDecs_decodeSync_safe_bmi2_adjust_offset_nonzero
-
-sequenceDecs_decodeSync_safe_bmi2_adjust_offset_maybezero:
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decodeSync_safe_bmi2_adjust_offset_nonzero
-	MOVQ  144(CX), R13
-	JMP   sequenceDecs_decodeSync_safe_bmi2_after_adjust
-
-sequenceDecs_decodeSync_safe_bmi2_adjust_offset_nonzero:
-	MOVQ    R13, R12
-	XORQ    R14, R14
-	MOVQ    $-1, R15
-	CMPQ    R13, $0x03
-	CMOVQEQ R14, R12
-	CMOVQEQ R15, R14
-	ADDQ    144(CX)(R12*8), R14
-	JNZ     sequenceDecs_decodeSync_safe_bmi2_adjust_temp_valid
-	MOVQ    $0x00000001, R14
-
-sequenceDecs_decodeSync_safe_bmi2_adjust_temp_valid:
-	CMPQ R13, $0x01
-	JZ   sequenceDecs_decodeSync_safe_bmi2_adjust_skip
-	MOVQ 152(CX), R12
-	MOVQ R12, 160(CX)
-
-sequenceDecs_decodeSync_safe_bmi2_adjust_skip:
-	MOVQ 144(CX), R12
-	MOVQ R12, 152(CX)
-	MOVQ R14, 144(CX)
-	MOVQ R14, R13
-
-sequenceDecs_decodeSync_safe_bmi2_after_adjust:
-	MOVQ R13, 8(SP)
-
-	// Check values
-	MOVQ  16(SP), CX
-	MOVQ  24(SP), R12
-	LEAQ  (CX)(R12*1), R14
-	MOVQ  s+0(FP), R15
-	ADDQ  R14, 256(R15)
-	MOVQ  ctx+16(FP), R14
-	SUBQ  R12, 104(R14)
-	JS    error_not_enough_literals
-	CMPQ  CX, $0x00020002
-	JA    sequenceDecs_decodeSync_safe_bmi2_error_match_len_too_big
-	TESTQ R13, R13
-	JNZ   sequenceDecs_decodeSync_safe_bmi2_match_len_ofs_ok
-	TESTQ CX, CX
-	JNZ   sequenceDecs_decodeSync_safe_bmi2_error_match_len_ofs_mismatch
-
-sequenceDecs_decodeSync_safe_bmi2_match_len_ofs_ok:
-	MOVQ 24(SP), CX
-	MOVQ 8(SP), R12
-	MOVQ 16(SP), R13
-
-	// Check if we have enough space in s.out
-	LEAQ (CX)(R13*1), R14
-	ADDQ R9, R14
-	CMPQ R14, 32(SP)
-	JA   error_not_enough_space
-
-	// Copy literals
-	TESTQ CX, CX
-	JZ    check_offset
-	MOVQ  CX, R14
-	SUBQ  $0x10, R14
-	JB    copy_1_small
-
-copy_1_loop:
-	MOVUPS (R10), X0
-	MOVUPS X0, (R9)
-	ADDQ   $0x10, R10
-	ADDQ   $0x10, R9
-	SUBQ   $0x10, R14
-	JAE    copy_1_loop
-	LEAQ   16(R10)(R14*1), R10
-	LEAQ   16(R9)(R14*1), R9
-	MOVUPS -16(R10), X0
-	MOVUPS X0, -16(R9)
-	JMP    copy_1_end
-
-copy_1_small:
-	CMPQ CX, $0x03
-	JE   copy_1_move_3
-	JB   copy_1_move_1or2
-	CMPQ CX, $0x08
-	JB   copy_1_move_4through7
-	JMP  copy_1_move_8through16
-
-copy_1_move_1or2:
-	MOVB (R10), R14
-	MOVB -1(R10)(CX*1), R15
-	MOVB R14, (R9)
-	MOVB R15, -1(R9)(CX*1)
-	ADDQ CX, R10
-	ADDQ CX, R9
-	JMP  copy_1_end
-
-copy_1_move_3:
-	MOVW (R10), R14
-	MOVB 2(R10), R15
-	MOVW R14, (R9)
-	MOVB R15, 2(R9)
-	ADDQ CX, R10
-	ADDQ CX, R9
-	JMP  copy_1_end
-
-copy_1_move_4through7:
-	MOVL (R10), R14
-	MOVL -4(R10)(CX*1), R15
-	MOVL R14, (R9)
-	MOVL R15, -4(R9)(CX*1)
-	ADDQ CX, R10
-	ADDQ CX, R9
-	JMP  copy_1_end
-
-copy_1_move_8through16:
-	MOVQ (R10), R14
-	MOVQ -8(R10)(CX*1), R15
-	MOVQ R14, (R9)
-	MOVQ R15, -8(R9)(CX*1)
-	ADDQ CX, R10
-	ADDQ CX, R9
-
-copy_1_end:
-	ADDQ CX, R11
-
-	// Malformed input if seq.mo > t+len(hist) || seq.mo > s.windowSize)
-check_offset:
-	MOVQ R11, CX
-	ADDQ 40(SP), CX
-	CMPQ R12, CX
-	JG   error_match_off_too_big
-	CMPQ R12, 56(SP)
-	JG   error_match_off_too_big
-
-	// Copy match from history
-	MOVQ R12, CX
-	SUBQ R11, CX
-	JLS  copy_match
-	MOVQ 48(SP), R14
-	SUBQ CX, R14
-	CMPQ R13, CX
-	JG   copy_all_from_history
-	MOVQ R13, CX
-	SUBQ $0x10, CX
-	JB   copy_4_small
-
-copy_4_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (R9)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, R9
-	SUBQ   $0x10, CX
-	JAE    copy_4_loop
-	LEAQ   16(R14)(CX*1), R14
-	LEAQ   16(R9)(CX*1), R9
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(R9)
-	JMP    copy_4_end
-
-copy_4_small:
-	CMPQ R13, $0x03
-	JE   copy_4_move_3
-	CMPQ R13, $0x08
-	JB   copy_4_move_4through7
-	JMP  copy_4_move_8through16
-
-copy_4_move_3:
-	MOVW (R14), CX
-	MOVB 2(R14), R12
-	MOVW CX, (R9)
-	MOVB R12, 2(R9)
-	ADDQ R13, R14
-	ADDQ R13, R9
-	JMP  copy_4_end
-
-copy_4_move_4through7:
-	MOVL (R14), CX
-	MOVL -4(R14)(R13*1), R12
-	MOVL CX, (R9)
-	MOVL R12, -4(R9)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, R9
-	JMP  copy_4_end
-
-copy_4_move_8through16:
-	MOVQ (R14), CX
-	MOVQ -8(R14)(R13*1), R12
-	MOVQ CX, (R9)
-	MOVQ R12, -8(R9)(R13*1)
-	ADDQ R13, R14
-	ADDQ R13, R9
-
-copy_4_end:
-	ADDQ R13, R11
-	JMP  handle_loop
-	JMP loop_finished
-
-copy_all_from_history:
-	MOVQ CX, R15
-	SUBQ $0x10, R15
-	JB   copy_5_small
-
-copy_5_loop:
-	MOVUPS (R14), X0
-	MOVUPS X0, (R9)
-	ADDQ   $0x10, R14
-	ADDQ   $0x10, R9
-	SUBQ   $0x10, R15
-	JAE    copy_5_loop
-	LEAQ   16(R14)(R15*1), R14
-	LEAQ   16(R9)(R15*1), R9
-	MOVUPS -16(R14), X0
-	MOVUPS X0, -16(R9)
-	JMP    copy_5_end
-
-copy_5_small:
-	CMPQ CX, $0x03
-	JE   copy_5_move_3
-	JB   copy_5_move_1or2
-	CMPQ CX, $0x08
-	JB   copy_5_move_4through7
-	JMP  copy_5_move_8through16
-
-copy_5_move_1or2:
-	MOVB (R14), R15
-	MOVB -1(R14)(CX*1), BP
-	MOVB R15, (R9)
-	MOVB BP, -1(R9)(CX*1)
-	ADDQ CX, R14
-	ADDQ CX, R9
-	JMP  copy_5_end
-
-copy_5_move_3:
-	MOVW (R14), R15
-	MOVB 2(R14), BP
-	MOVW R15, (R9)
-	MOVB BP, 2(R9)
-	ADDQ CX, R14
-	ADDQ CX, R9
-	JMP  copy_5_end
-
-copy_5_move_4through7:
-	MOVL (R14), R15
-	MOVL -4(R14)(CX*1), BP
-	MOVL R15, (R9)
-	MOVL BP, -4(R9)(CX*1)
-	ADDQ CX, R14
-	ADDQ CX, R9
-	JMP  copy_5_end
-
-copy_5_move_8through16:
-	MOVQ (R14), R15
-	MOVQ -8(R14)(CX*1), BP
-	MOVQ R15, (R9)
-	MOVQ BP, -8(R9)(CX*1)
-	ADDQ CX, R14
-	ADDQ CX, R9
-
-copy_5_end:
-	ADDQ CX, R11
-	SUBQ CX, R13
-
-	// Copy match from the current buffer
-copy_match:
-	MOVQ R9, CX
-	SUBQ R12, CX
-
-	// ml <= mo
-	CMPQ R13, R12
-	JA   copy_overlapping_match
-
-	// Copy non-overlapping match
-	ADDQ R13, R11
-	MOVQ R13, R12
-	SUBQ $0x10, R12
-	JB   copy_2_small
-
-copy_2_loop:
-	MOVUPS (CX), X0
-	MOVUPS X0, (R9)
-	ADDQ   $0x10, CX
-	ADDQ   $0x10, R9
-	SUBQ   $0x10, R12
-	JAE    copy_2_loop
-	LEAQ   16(CX)(R12*1), CX
-	LEAQ   16(R9)(R12*1), R9
-	MOVUPS -16(CX), X0
-	MOVUPS X0, -16(R9)
-	JMP    copy_2_end
-
-copy_2_small:
-	CMPQ R13, $0x03
-	JE   copy_2_move_3
-	JB   copy_2_move_1or2
-	CMPQ R13, $0x08
-	JB   copy_2_move_4through7
-	JMP  copy_2_move_8through16
-
-copy_2_move_1or2:
-	MOVB (CX), R12
-	MOVB -1(CX)(R13*1), R14
-	MOVB R12, (R9)
-	MOVB R14, -1(R9)(R13*1)
-	ADDQ R13, CX
-	ADDQ R13, R9
-	JMP  copy_2_end
-
-copy_2_move_3:
-	MOVW (CX), R12
-	MOVB 2(CX), R14
-	MOVW R12, (R9)
-	MOVB R14, 2(R9)
-	ADDQ R13, CX
-	ADDQ R13, R9
-	JMP  copy_2_end
-
-copy_2_move_4through7:
-	MOVL (CX), R12
-	MOVL -4(CX)(R13*1), R14
-	MOVL R12, (R9)
-	MOVL R14, -4(R9)(R13*1)
-	ADDQ R13, CX
-	ADDQ R13, R9
-	JMP  copy_2_end
-
-copy_2_move_8through16:
-	MOVQ (CX), R12
-	MOVQ -8(CX)(R13*1), R14
-	MOVQ R12, (R9)
-	MOVQ R14, -8(R9)(R13*1)
-	ADDQ R13, CX
-	ADDQ R13, R9
-
-copy_2_end:
-	JMP handle_loop
-
-	// Copy overlapping match
-copy_overlapping_match:
-	ADDQ R13, R11
-
-copy_slow_3:
-	MOVB (CX), R12
-	MOVB R12, (R9)
-	INCQ CX
-	INCQ R9
-	DECQ R13
-	JNZ  copy_slow_3
-
-handle_loop:
-	MOVQ ctx+16(FP), CX
-	DECQ 96(CX)
-	JNS  sequenceDecs_decodeSync_safe_bmi2_main_loop
-
-loop_finished:
-	MOVQ br+8(FP), CX
-	MOVQ AX, 24(CX)
-	MOVB DL, 32(CX)
-	MOVQ BX, 8(CX)
-
-	// Update the context
-	MOVQ ctx+16(FP), AX
-	MOVQ R11, 136(AX)
-	MOVQ 144(AX), CX
-	SUBQ CX, R10
-	MOVQ R10, 168(AX)
-
-	// Return success
-	MOVQ $0x00000000, ret+24(FP)
-	RET
-
-	// Return with match length error
-sequenceDecs_decodeSync_safe_bmi2_error_match_len_ofs_mismatch:
-	MOVQ 16(SP), AX
-	MOVQ ctx+16(FP), CX
-	MOVQ AX, 216(CX)
-	MOVQ $0x00000001, ret+24(FP)
-	RET
-
-	// Return with match too long error
-sequenceDecs_decodeSync_safe_bmi2_error_match_len_too_big:
-	MOVQ ctx+16(FP), AX
-	MOVQ 16(SP), CX
-	MOVQ CX, 216(AX)
-	MOVQ $0x00000002, ret+24(FP)
-	RET
-
-	// Return with match offset too long error
-error_match_off_too_big:
-	MOVQ ctx+16(FP), AX
-	MOVQ 8(SP), CX
-	MOVQ CX, 224(AX)
-	MOVQ R11, 136(AX)
-	MOVQ $0x00000003, ret+24(FP)
-	RET
-
-	// Return with not enough literals error
-error_not_enough_literals:
-	MOVQ ctx+16(FP), AX
-	MOVQ 24(SP), CX
-	MOVQ CX, 208(AX)
-	MOVQ $0x00000004, ret+24(FP)
-	RET
-
-	// Return with overread error
-error_overread:
-	MOVQ $0x00000006, ret+24(FP)
-	RET
-
-	// Return with not enough output space error
-error_not_enough_space:
-	MOVQ ctx+16(FP), AX
-	MOVQ 24(SP), CX
-	MOVQ CX, 208(AX)
-	MOVQ 16(SP), CX
-	MOVQ CX, 216(AX)
-	MOVQ R11, 136(AX)
-	MOVQ $0x00000005, ret+24(FP)
-	RET
diff --git a/vendor/github.com/klauspost/compress/zstd/seqdec_generic.go b/vendor/github.com/klauspost/compress/zstd/seqdec_generic.go
deleted file mode 100644
index 2fb35b788..000000000
--- a/vendor/github.com/klauspost/compress/zstd/seqdec_generic.go
+++ /dev/null
@@ -1,237 +0,0 @@
-//go:build !amd64 || appengine || !gc || noasm
-// +build !amd64 appengine !gc noasm
-
-package zstd
-
-import (
-	"fmt"
-	"io"
-)
-
-// decode sequences from the stream with the provided history but without dictionary.
-func (s *sequenceDecs) decodeSyncSimple(hist []byte) (bool, error) {
-	return false, nil
-}
-
-// decode sequences from the stream without the provided history.
-func (s *sequenceDecs) decode(seqs []seqVals) error {
-	br := s.br
-
-	// Grab full sizes tables, to avoid bounds checks.
-	llTable, mlTable, ofTable := s.litLengths.fse.dt[:maxTablesize], s.matchLengths.fse.dt[:maxTablesize], s.offsets.fse.dt[:maxTablesize]
-	llState, mlState, ofState := s.litLengths.state.state, s.matchLengths.state.state, s.offsets.state.state
-	s.seqSize = 0
-	litRemain := len(s.literals)
-
-	maxBlockSize := maxCompressedBlockSize
-	if s.windowSize < maxBlockSize {
-		maxBlockSize = s.windowSize
-	}
-	for i := range seqs {
-		var ll, mo, ml int
-		if len(br.in) > 4+((maxOffsetBits+16+16)>>3) {
-			// inlined function:
-			// ll, mo, ml = s.nextFast(br, llState, mlState, ofState)
-
-			// Final will not read from stream.
-			var llB, mlB, moB uint8
-			ll, llB = llState.final()
-			ml, mlB = mlState.final()
-			mo, moB = ofState.final()
-
-			// extra bits are stored in reverse order.
-			br.fillFast()
-			mo += br.getBits(moB)
-			if s.maxBits > 32 {
-				br.fillFast()
-			}
-			ml += br.getBits(mlB)
-			ll += br.getBits(llB)
-
-			if moB > 1 {
-				s.prevOffset[2] = s.prevOffset[1]
-				s.prevOffset[1] = s.prevOffset[0]
-				s.prevOffset[0] = mo
-			} else {
-				// mo = s.adjustOffset(mo, ll, moB)
-				// Inlined for rather big speedup
-				if ll == 0 {
-					// There is an exception though, when current sequence's literals_length = 0.
-					// In this case, repeated offsets are shifted by one, so an offset_value of 1 means Repeated_Offset2,
-					// an offset_value of 2 means Repeated_Offset3, and an offset_value of 3 means Repeated_Offset1 - 1_byte.
-					mo++
-				}
-
-				if mo == 0 {
-					mo = s.prevOffset[0]
-				} else {
-					var temp int
-					if mo == 3 {
-						temp = s.prevOffset[0] - 1
-					} else {
-						temp = s.prevOffset[mo]
-					}
-
-					if temp == 0 {
-						// 0 is not valid; input is corrupted; force offset to 1
-						println("WARNING: temp was 0")
-						temp = 1
-					}
-
-					if mo != 1 {
-						s.prevOffset[2] = s.prevOffset[1]
-					}
-					s.prevOffset[1] = s.prevOffset[0]
-					s.prevOffset[0] = temp
-					mo = temp
-				}
-			}
-			br.fillFast()
-		} else {
-			if br.overread() {
-				if debugDecoder {
-					printf("reading sequence %d, exceeded available data\n", i)
-				}
-				return io.ErrUnexpectedEOF
-			}
-			ll, mo, ml = s.next(br, llState, mlState, ofState)
-			br.fill()
-		}
-
-		if debugSequences {
-			println("Seq", i, "Litlen:", ll, "mo:", mo, "(abs) ml:", ml)
-		}
-		// Evaluate.
-		// We might be doing this async, so do it early.
-		if mo == 0 && ml > 0 {
-			return fmt.Errorf("zero matchoff and matchlen (%d) > 0", ml)
-		}
-		if ml > maxMatchLen {
-			return fmt.Errorf("match len (%d) bigger than max allowed length", ml)
-		}
-		s.seqSize += ll + ml
-		if s.seqSize > maxBlockSize {
-			return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
-		}
-		litRemain -= ll
-		if litRemain < 0 {
-			return fmt.Errorf("unexpected literal count, want %d bytes, but only %d is available", ll, litRemain+ll)
-		}
-		seqs[i] = seqVals{
-			ll: ll,
-			ml: ml,
-			mo: mo,
-		}
-		if i == len(seqs)-1 {
-			// This is the last sequence, so we shouldn't update state.
-			break
-		}
-
-		// Manually inlined, ~ 5-20% faster
-		// Update all 3 states at once. Approx 20% faster.
-		nBits := llState.nbBits() + mlState.nbBits() + ofState.nbBits()
-		if nBits == 0 {
-			llState = llTable[llState.newState()&maxTableMask]
-			mlState = mlTable[mlState.newState()&maxTableMask]
-			ofState = ofTable[ofState.newState()&maxTableMask]
-		} else {
-			bits := br.get32BitsFast(nBits)
-			lowBits := uint16(bits >> ((ofState.nbBits() + mlState.nbBits()) & 31))
-			llState = llTable[(llState.newState()+lowBits)&maxTableMask]
-
-			lowBits = uint16(bits >> (ofState.nbBits() & 31))
-			lowBits &= bitMask[mlState.nbBits()&15]
-			mlState = mlTable[(mlState.newState()+lowBits)&maxTableMask]
-
-			lowBits = uint16(bits) & bitMask[ofState.nbBits()&15]
-			ofState = ofTable[(ofState.newState()+lowBits)&maxTableMask]
-		}
-	}
-	s.seqSize += litRemain
-	if s.seqSize > maxBlockSize {
-		return fmt.Errorf("output bigger than max block size (%d)", maxBlockSize)
-	}
-	err := br.close()
-	if err != nil {
-		printf("Closing sequences: %v, %+v\n", err, *br)
-	}
-	return err
-}
-
-// executeSimple handles cases when a dictionary is not used.
-func (s *sequenceDecs) executeSimple(seqs []seqVals, hist []byte) error {
-	// Ensure we have enough output size...
-	if len(s.out)+s.seqSize > cap(s.out) {
-		addBytes := s.seqSize + len(s.out)
-		s.out = append(s.out, make([]byte, addBytes)...)
-		s.out = s.out[:len(s.out)-addBytes]
-	}
-
-	if debugDecoder {
-		printf("Execute %d seqs with literals: %d into %d bytes\n", len(seqs), len(s.literals), s.seqSize)
-	}
-
-	var t = len(s.out)
-	out := s.out[:t+s.seqSize]
-
-	for _, seq := range seqs {
-		// Add literals
-		copy(out[t:], s.literals[:seq.ll])
-		t += seq.ll
-		s.literals = s.literals[seq.ll:]
-
-		// Malformed input
-		if seq.mo > t+len(hist) || seq.mo > s.windowSize {
-			return fmt.Errorf("match offset (%d) bigger than current history (%d)", seq.mo, t+len(hist))
-		}
-
-		// Copy from history.
-		if v := seq.mo - t; v > 0 {
-			// v is the start position in history from end.
-			start := len(hist) - v
-			if seq.ml > v {
-				// Some goes into the current block.
-				// Copy remainder of history
-				copy(out[t:], hist[start:])
-				t += v
-				seq.ml -= v
-			} else {
-				copy(out[t:], hist[start:start+seq.ml])
-				t += seq.ml
-				continue
-			}
-		}
-
-		// We must be in the current buffer now
-		if seq.ml > 0 {
-			start := t - seq.mo
-			if seq.ml <= t-start {
-				// No overlap
-				copy(out[t:], out[start:start+seq.ml])
-				t += seq.ml
-			} else {
-				// Overlapping copy
-				// Extend destination slice and copy one byte at the time.
-				src := out[start : start+seq.ml]
-				dst := out[t:]
-				dst = dst[:len(src)]
-				t += len(src)
-				// Destination is the space we just added.
-				for i := range src {
-					dst[i] = src[i]
-				}
-			}
-		}
-	}
-	// Add final literals
-	copy(out[t:], s.literals)
-	if debugDecoder {
-		t += len(s.literals)
-		if t != len(out) {
-			panic(fmt.Errorf("length mismatch, want %d, got %d, ss: %d", len(out), t, s.seqSize))
-		}
-	}
-	s.out = out
-
-	return nil
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/seqenc.go b/vendor/github.com/klauspost/compress/zstd/seqenc.go
deleted file mode 100644
index 8014174a7..000000000
--- a/vendor/github.com/klauspost/compress/zstd/seqenc.go
+++ /dev/null
@@ -1,114 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import "math/bits"
-
-type seqCoders struct {
-	llEnc, ofEnc, mlEnc    *fseEncoder
-	llPrev, ofPrev, mlPrev *fseEncoder
-}
-
-// swap coders with another (block).
-func (s *seqCoders) swap(other *seqCoders) {
-	*s, *other = *other, *s
-}
-
-// setPrev will update the previous encoders to the actually used ones
-// and make sure a fresh one is in the main slot.
-func (s *seqCoders) setPrev(ll, ml, of *fseEncoder) {
-	compareSwap := func(used *fseEncoder, current, prev **fseEncoder) {
-		// We used the new one, more current to history and reuse the previous history
-		if *current == used {
-			*prev, *current = *current, *prev
-			c := *current
-			p := *prev
-			c.reUsed = false
-			p.reUsed = true
-			return
-		}
-		if used == *prev {
-			return
-		}
-		// Ensure we cannot reuse by accident
-		prevEnc := *prev
-		prevEnc.symbolLen = 0
-	}
-	compareSwap(ll, &s.llEnc, &s.llPrev)
-	compareSwap(ml, &s.mlEnc, &s.mlPrev)
-	compareSwap(of, &s.ofEnc, &s.ofPrev)
-}
-
-func highBit(val uint32) (n uint32) {
-	return uint32(bits.Len32(val) - 1)
-}
-
-var llCodeTable = [64]byte{0, 1, 2, 3, 4, 5, 6, 7,
-	8, 9, 10, 11, 12, 13, 14, 15,
-	16, 16, 17, 17, 18, 18, 19, 19,
-	20, 20, 20, 20, 21, 21, 21, 21,
-	22, 22, 22, 22, 22, 22, 22, 22,
-	23, 23, 23, 23, 23, 23, 23, 23,
-	24, 24, 24, 24, 24, 24, 24, 24,
-	24, 24, 24, 24, 24, 24, 24, 24}
-
-// Up to 6 bits
-const maxLLCode = 35
-
-// llBitsTable translates from ll code to number of bits.
-var llBitsTable = [maxLLCode + 1]byte{
-	0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0,
-	1, 1, 1, 1, 2, 2, 3, 3,
-	4, 6, 7, 8, 9, 10, 11, 12,
-	13, 14, 15, 16}
-
-// llCode returns the code that represents the literal length requested.
-func llCode(litLength uint32) uint8 {
-	const llDeltaCode = 19
-	if litLength <= 63 {
-		// Compiler insists on bounds check (Go 1.12)
-		return llCodeTable[litLength&63]
-	}
-	return uint8(highBit(litLength)) + llDeltaCode
-}
-
-var mlCodeTable = [128]byte{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
-	16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31,
-	32, 32, 33, 33, 34, 34, 35, 35, 36, 36, 36, 36, 37, 37, 37, 37,
-	38, 38, 38, 38, 38, 38, 38, 38, 39, 39, 39, 39, 39, 39, 39, 39,
-	40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40, 40,
-	41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41, 41,
-	42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42,
-	42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42, 42}
-
-// Up to 6 bits
-const maxMLCode = 52
-
-// mlBitsTable translates from ml code to number of bits.
-var mlBitsTable = [maxMLCode + 1]byte{
-	0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0,
-	1, 1, 1, 1, 2, 2, 3, 3,
-	4, 4, 5, 7, 8, 9, 10, 11,
-	12, 13, 14, 15, 16}
-
-// note : mlBase = matchLength - MINMATCH;
-// because it's the format it's stored in seqStore->sequences
-func mlCode(mlBase uint32) uint8 {
-	const mlDeltaCode = 36
-	if mlBase <= 127 {
-		// Compiler insists on bounds check (Go 1.12)
-		return mlCodeTable[mlBase&127]
-	}
-	return uint8(highBit(mlBase)) + mlDeltaCode
-}
-
-func ofCode(offset uint32) uint8 {
-	// A valid offset will always be > 0.
-	return uint8(bits.Len32(offset) - 1)
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/snappy.go b/vendor/github.com/klauspost/compress/zstd/snappy.go
deleted file mode 100644
index ec13594e8..000000000
--- a/vendor/github.com/klauspost/compress/zstd/snappy.go
+++ /dev/null
@@ -1,434 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-// Based on work by Yann Collet, released under BSD License.
-
-package zstd
-
-import (
-	"encoding/binary"
-	"errors"
-	"hash/crc32"
-	"io"
-
-	"github.com/klauspost/compress/huff0"
-	snappy "github.com/klauspost/compress/internal/snapref"
-)
-
-const (
-	snappyTagLiteral = 0x00
-	snappyTagCopy1   = 0x01
-	snappyTagCopy2   = 0x02
-	snappyTagCopy4   = 0x03
-)
-
-const (
-	snappyChecksumSize = 4
-	snappyMagicBody    = "sNaPpY"
-
-	// snappyMaxBlockSize is the maximum size of the input to encodeBlock. It is not
-	// part of the wire format per se, but some parts of the encoder assume
-	// that an offset fits into a uint16.
-	//
-	// Also, for the framing format (Writer type instead of Encode function),
-	// https://github.com/google/snappy/blob/master/framing_format.txt says
-	// that "the uncompressed data in a chunk must be no longer than 65536
-	// bytes".
-	snappyMaxBlockSize = 65536
-
-	// snappyMaxEncodedLenOfMaxBlockSize equals MaxEncodedLen(snappyMaxBlockSize), but is
-	// hard coded to be a const instead of a variable, so that obufLen can also
-	// be a const. Their equivalence is confirmed by
-	// TestMaxEncodedLenOfMaxBlockSize.
-	snappyMaxEncodedLenOfMaxBlockSize = 76490
-)
-
-const (
-	chunkTypeCompressedData   = 0x00
-	chunkTypeUncompressedData = 0x01
-	chunkTypePadding          = 0xfe
-	chunkTypeStreamIdentifier = 0xff
-)
-
-var (
-	// ErrSnappyCorrupt reports that the input is invalid.
-	ErrSnappyCorrupt = errors.New("snappy: corrupt input")
-	// ErrSnappyTooLarge reports that the uncompressed length is too large.
-	ErrSnappyTooLarge = errors.New("snappy: decoded block is too large")
-	// ErrSnappyUnsupported reports that the input isn't supported.
-	ErrSnappyUnsupported = errors.New("snappy: unsupported input")
-
-	errUnsupportedLiteralLength = errors.New("snappy: unsupported literal length")
-)
-
-// SnappyConverter can read SnappyConverter-compressed streams and convert them to zstd.
-// Conversion is done by converting the stream directly from Snappy without intermediate
-// full decoding.
-// Therefore the compression ratio is much less than what can be done by a full decompression
-// and compression, and a faulty Snappy stream may lead to a faulty Zstandard stream without
-// any errors being generated.
-// No CRC value is being generated and not all CRC values of the Snappy stream are checked.
-// However, it provides really fast recompression of Snappy streams.
-// The converter can be reused to avoid allocations, even after errors.
-type SnappyConverter struct {
-	r     io.Reader
-	err   error
-	buf   []byte
-	block *blockEnc
-}
-
-// Convert the Snappy stream supplied in 'in' and write the zStandard stream to 'w'.
-// If any error is detected on the Snappy stream it is returned.
-// The number of bytes written is returned.
-func (r *SnappyConverter) Convert(in io.Reader, w io.Writer) (int64, error) {
-	initPredefined()
-	r.err = nil
-	r.r = in
-	if r.block == nil {
-		r.block = &blockEnc{}
-		r.block.init()
-	}
-	r.block.initNewEncode()
-	if len(r.buf) != snappyMaxEncodedLenOfMaxBlockSize+snappyChecksumSize {
-		r.buf = make([]byte, snappyMaxEncodedLenOfMaxBlockSize+snappyChecksumSize)
-	}
-	r.block.litEnc.Reuse = huff0.ReusePolicyNone
-	var written int64
-	var readHeader bool
-	{
-		header := frameHeader{WindowSize: snappyMaxBlockSize}.appendTo(r.buf[:0])
-
-		var n int
-		n, r.err = w.Write(header)
-		if r.err != nil {
-			return written, r.err
-		}
-		written += int64(n)
-	}
-
-	for {
-		if !r.readFull(r.buf[:4], true) {
-			// Add empty last block
-			r.block.reset(nil)
-			r.block.last = true
-			err := r.block.encodeLits(r.block.literals, false)
-			if err != nil {
-				return written, err
-			}
-			n, err := w.Write(r.block.output)
-			if err != nil {
-				return written, err
-			}
-			written += int64(n)
-
-			return written, r.err
-		}
-		chunkType := r.buf[0]
-		if !readHeader {
-			if chunkType != chunkTypeStreamIdentifier {
-				println("chunkType != chunkTypeStreamIdentifier", chunkType)
-				r.err = ErrSnappyCorrupt
-				return written, r.err
-			}
-			readHeader = true
-		}
-		chunkLen := int(r.buf[1]) | int(r.buf[2])<<8 | int(r.buf[3])<<16
-		if chunkLen > len(r.buf) {
-			println("chunkLen > len(r.buf)", chunkType)
-			r.err = ErrSnappyUnsupported
-			return written, r.err
-		}
-
-		// The chunk types are specified at
-		// https://github.com/google/snappy/blob/master/framing_format.txt
-		switch chunkType {
-		case chunkTypeCompressedData:
-			// Section 4.2. Compressed data (chunk type 0x00).
-			if chunkLen < snappyChecksumSize {
-				println("chunkLen < snappyChecksumSize", chunkLen, snappyChecksumSize)
-				r.err = ErrSnappyCorrupt
-				return written, r.err
-			}
-			buf := r.buf[:chunkLen]
-			if !r.readFull(buf, false) {
-				return written, r.err
-			}
-			//checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24
-			buf = buf[snappyChecksumSize:]
-
-			n, hdr, err := snappyDecodedLen(buf)
-			if err != nil {
-				r.err = err
-				return written, r.err
-			}
-			buf = buf[hdr:]
-			if n > snappyMaxBlockSize {
-				println("n > snappyMaxBlockSize", n, snappyMaxBlockSize)
-				r.err = ErrSnappyCorrupt
-				return written, r.err
-			}
-			r.block.reset(nil)
-			r.block.pushOffsets()
-			if err := decodeSnappy(r.block, buf); err != nil {
-				r.err = err
-				return written, r.err
-			}
-			if r.block.size+r.block.extraLits != n {
-				printf("invalid size, want %d, got %d\n", n, r.block.size+r.block.extraLits)
-				r.err = ErrSnappyCorrupt
-				return written, r.err
-			}
-			err = r.block.encode(nil, false, false)
-			switch err {
-			case errIncompressible:
-				r.block.popOffsets()
-				r.block.reset(nil)
-				r.block.literals, err = snappy.Decode(r.block.literals[:n], r.buf[snappyChecksumSize:chunkLen])
-				if err != nil {
-					return written, err
-				}
-				err = r.block.encodeLits(r.block.literals, false)
-				if err != nil {
-					return written, err
-				}
-			case nil:
-			default:
-				return written, err
-			}
-
-			n, r.err = w.Write(r.block.output)
-			if r.err != nil {
-				return written, err
-			}
-			written += int64(n)
-			continue
-		case chunkTypeUncompressedData:
-			if debugEncoder {
-				println("Uncompressed, chunklen", chunkLen)
-			}
-			// Section 4.3. Uncompressed data (chunk type 0x01).
-			if chunkLen < snappyChecksumSize {
-				println("chunkLen < snappyChecksumSize", chunkLen, snappyChecksumSize)
-				r.err = ErrSnappyCorrupt
-				return written, r.err
-			}
-			r.block.reset(nil)
-			buf := r.buf[:snappyChecksumSize]
-			if !r.readFull(buf, false) {
-				return written, r.err
-			}
-			checksum := uint32(buf[0]) | uint32(buf[1])<<8 | uint32(buf[2])<<16 | uint32(buf[3])<<24
-			// Read directly into r.decoded instead of via r.buf.
-			n := chunkLen - snappyChecksumSize
-			if n > snappyMaxBlockSize {
-				println("n > snappyMaxBlockSize", n, snappyMaxBlockSize)
-				r.err = ErrSnappyCorrupt
-				return written, r.err
-			}
-			r.block.literals = r.block.literals[:n]
-			if !r.readFull(r.block.literals, false) {
-				return written, r.err
-			}
-			if snappyCRC(r.block.literals) != checksum {
-				println("literals crc mismatch")
-				r.err = ErrSnappyCorrupt
-				return written, r.err
-			}
-			err := r.block.encodeLits(r.block.literals, false)
-			if err != nil {
-				return written, err
-			}
-			n, r.err = w.Write(r.block.output)
-			if r.err != nil {
-				return written, err
-			}
-			written += int64(n)
-			continue
-
-		case chunkTypeStreamIdentifier:
-			if debugEncoder {
-				println("stream id", chunkLen, len(snappyMagicBody))
-			}
-			// Section 4.1. Stream identifier (chunk type 0xff).
-			if chunkLen != len(snappyMagicBody) {
-				println("chunkLen != len(snappyMagicBody)", chunkLen, len(snappyMagicBody))
-				r.err = ErrSnappyCorrupt
-				return written, r.err
-			}
-			if !r.readFull(r.buf[:len(snappyMagicBody)], false) {
-				return written, r.err
-			}
-			for i := 0; i < len(snappyMagicBody); i++ {
-				if r.buf[i] != snappyMagicBody[i] {
-					println("r.buf[i] != snappyMagicBody[i]", r.buf[i], snappyMagicBody[i], i)
-					r.err = ErrSnappyCorrupt
-					return written, r.err
-				}
-			}
-			continue
-		}
-
-		if chunkType <= 0x7f {
-			// Section 4.5. Reserved unskippable chunks (chunk types 0x02-0x7f).
-			println("chunkType <= 0x7f")
-			r.err = ErrSnappyUnsupported
-			return written, r.err
-		}
-		// Section 4.4 Padding (chunk type 0xfe).
-		// Section 4.6. Reserved skippable chunks (chunk types 0x80-0xfd).
-		if !r.readFull(r.buf[:chunkLen], false) {
-			return written, r.err
-		}
-	}
-}
-
-// decodeSnappy writes the decoding of src to dst. It assumes that the varint-encoded
-// length of the decompressed bytes has already been read.
-func decodeSnappy(blk *blockEnc, src []byte) error {
-	//decodeRef(make([]byte, snappyMaxBlockSize), src)
-	var s, length int
-	lits := blk.extraLits
-	var offset uint32
-	for s < len(src) {
-		switch src[s] & 0x03 {
-		case snappyTagLiteral:
-			x := uint32(src[s] >> 2)
-			switch {
-			case x < 60:
-				s++
-			case x == 60:
-				s += 2
-				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-					println("uint(s) > uint(len(src)", s, src)
-					return ErrSnappyCorrupt
-				}
-				x = uint32(src[s-1])
-			case x == 61:
-				s += 3
-				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-					println("uint(s) > uint(len(src)", s, src)
-					return ErrSnappyCorrupt
-				}
-				x = uint32(src[s-2]) | uint32(src[s-1])<<8
-			case x == 62:
-				s += 4
-				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-					println("uint(s) > uint(len(src)", s, src)
-					return ErrSnappyCorrupt
-				}
-				x = uint32(src[s-3]) | uint32(src[s-2])<<8 | uint32(src[s-1])<<16
-			case x == 63:
-				s += 5
-				if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-					println("uint(s) > uint(len(src)", s, src)
-					return ErrSnappyCorrupt
-				}
-				x = uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24
-			}
-			if x > snappyMaxBlockSize {
-				println("x > snappyMaxBlockSize", x, snappyMaxBlockSize)
-				return ErrSnappyCorrupt
-			}
-			length = int(x) + 1
-			if length <= 0 {
-				println("length <= 0 ", length)
-
-				return errUnsupportedLiteralLength
-			}
-			//if length > snappyMaxBlockSize-d || uint32(length) > len(src)-s {
-			//	return ErrSnappyCorrupt
-			//}
-
-			blk.literals = append(blk.literals, src[s:s+length]...)
-			//println(length, "litLen")
-			lits += length
-			s += length
-			continue
-
-		case snappyTagCopy1:
-			s += 2
-			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-				println("uint(s) > uint(len(src)", s, len(src))
-				return ErrSnappyCorrupt
-			}
-			length = 4 + int(src[s-2])>>2&0x7
-			offset = uint32(src[s-2])&0xe0<<3 | uint32(src[s-1])
-
-		case snappyTagCopy2:
-			s += 3
-			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-				println("uint(s) > uint(len(src)", s, len(src))
-				return ErrSnappyCorrupt
-			}
-			length = 1 + int(src[s-3])>>2
-			offset = uint32(src[s-2]) | uint32(src[s-1])<<8
-
-		case snappyTagCopy4:
-			s += 5
-			if uint(s) > uint(len(src)) { // The uint conversions catch overflow from the previous line.
-				println("uint(s) > uint(len(src)", s, len(src))
-				return ErrSnappyCorrupt
-			}
-			length = 1 + int(src[s-5])>>2
-			offset = uint32(src[s-4]) | uint32(src[s-3])<<8 | uint32(src[s-2])<<16 | uint32(src[s-1])<<24
-		}
-
-		if offset <= 0 || blk.size+lits < int(offset) /*|| length > len(blk)-d */ {
-			println("offset <= 0 || blk.size+lits < int(offset)", offset, blk.size+lits, int(offset), blk.size, lits)
-
-			return ErrSnappyCorrupt
-		}
-
-		// Check if offset is one of the recent offsets.
-		// Adjusts the output offset accordingly.
-		// Gives a tiny bit of compression, typically around 1%.
-		if false {
-			offset = blk.matchOffset(offset, uint32(lits))
-		} else {
-			offset += 3
-		}
-
-		blk.sequences = append(blk.sequences, seq{
-			litLen:   uint32(lits),
-			offset:   offset,
-			matchLen: uint32(length) - zstdMinMatch,
-		})
-		blk.size += length + lits
-		lits = 0
-	}
-	blk.extraLits = lits
-	return nil
-}
-
-func (r *SnappyConverter) readFull(p []byte, allowEOF bool) (ok bool) {
-	if _, r.err = io.ReadFull(r.r, p); r.err != nil {
-		if r.err == io.ErrUnexpectedEOF || (r.err == io.EOF && !allowEOF) {
-			r.err = ErrSnappyCorrupt
-		}
-		return false
-	}
-	return true
-}
-
-var crcTable = crc32.MakeTable(crc32.Castagnoli)
-
-// crc implements the checksum specified in section 3 of
-// https://github.com/google/snappy/blob/master/framing_format.txt
-func snappyCRC(b []byte) uint32 {
-	c := crc32.Update(0, crcTable, b)
-	return c>>15 | c<<17 + 0xa282ead8
-}
-
-// snappyDecodedLen returns the length of the decoded block and the number of bytes
-// that the length header occupied.
-func snappyDecodedLen(src []byte) (blockLen, headerLen int, err error) {
-	v, n := binary.Uvarint(src)
-	if n <= 0 || v > 0xffffffff {
-		return 0, 0, ErrSnappyCorrupt
-	}
-
-	const wordSize = 32 << (^uint(0) >> 32 & 1)
-	if wordSize == 32 && v > 0x7fffffff {
-		return 0, 0, ErrSnappyTooLarge
-	}
-	return int(v), n, nil
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/zip.go b/vendor/github.com/klauspost/compress/zstd/zip.go
deleted file mode 100644
index 29c15c8c4..000000000
--- a/vendor/github.com/klauspost/compress/zstd/zip.go
+++ /dev/null
@@ -1,141 +0,0 @@
-// Copyright 2019+ Klaus Post. All rights reserved.
-// License information can be found in the LICENSE file.
-
-package zstd
-
-import (
-	"errors"
-	"io"
-	"sync"
-)
-
-// ZipMethodWinZip is the method for Zstandard compressed data inside Zip files for WinZip.
-// See https://www.winzip.com/win/en/comp_info.html
-const ZipMethodWinZip = 93
-
-// ZipMethodPKWare is the original method number used by PKWARE to indicate Zstandard compression.
-// Deprecated: This has been deprecated by PKWARE, use ZipMethodWinZip instead for compression.
-// See https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.3.9.TXT
-const ZipMethodPKWare = 20
-
-// zipReaderPool is the default reader pool.
-var zipReaderPool = sync.Pool{New: func() interface{} {
-	z, err := NewReader(nil, WithDecoderLowmem(true), WithDecoderMaxWindow(128<<20), WithDecoderConcurrency(1))
-	if err != nil {
-		panic(err)
-	}
-	return z
-}}
-
-// newZipReader creates a pooled zip decompressor.
-func newZipReader(opts ...DOption) func(r io.Reader) io.ReadCloser {
-	pool := &zipReaderPool
-	if len(opts) > 0 {
-		opts = append([]DOption{WithDecoderLowmem(true), WithDecoderMaxWindow(128 << 20)}, opts...)
-		// Force concurrency 1
-		opts = append(opts, WithDecoderConcurrency(1))
-		// Create our own pool
-		pool = &sync.Pool{}
-	}
-	return func(r io.Reader) io.ReadCloser {
-		dec, ok := pool.Get().(*Decoder)
-		if ok {
-			dec.Reset(r)
-		} else {
-			d, err := NewReader(r, opts...)
-			if err != nil {
-				panic(err)
-			}
-			dec = d
-		}
-		return &pooledZipReader{dec: dec, pool: pool}
-	}
-}
-
-type pooledZipReader struct {
-	mu   sync.Mutex // guards Close and Read
-	pool *sync.Pool
-	dec  *Decoder
-}
-
-func (r *pooledZipReader) Read(p []byte) (n int, err error) {
-	r.mu.Lock()
-	defer r.mu.Unlock()
-	if r.dec == nil {
-		return 0, errors.New("read after close or EOF")
-	}
-	dec, err := r.dec.Read(p)
-	if err == io.EOF {
-		r.dec.Reset(nil)
-		r.pool.Put(r.dec)
-		r.dec = nil
-	}
-	return dec, err
-}
-
-func (r *pooledZipReader) Close() error {
-	r.mu.Lock()
-	defer r.mu.Unlock()
-	var err error
-	if r.dec != nil {
-		err = r.dec.Reset(nil)
-		r.pool.Put(r.dec)
-		r.dec = nil
-	}
-	return err
-}
-
-type pooledZipWriter struct {
-	mu   sync.Mutex // guards Close and Read
-	enc  *Encoder
-	pool *sync.Pool
-}
-
-func (w *pooledZipWriter) Write(p []byte) (n int, err error) {
-	w.mu.Lock()
-	defer w.mu.Unlock()
-	if w.enc == nil {
-		return 0, errors.New("Write after Close")
-	}
-	return w.enc.Write(p)
-}
-
-func (w *pooledZipWriter) Close() error {
-	w.mu.Lock()
-	defer w.mu.Unlock()
-	var err error
-	if w.enc != nil {
-		err = w.enc.Close()
-		w.pool.Put(w.enc)
-		w.enc = nil
-	}
-	return err
-}
-
-// ZipCompressor returns a compressor that can be registered with zip libraries.
-// The provided encoder options will be used on all encodes.
-func ZipCompressor(opts ...EOption) func(w io.Writer) (io.WriteCloser, error) {
-	var pool sync.Pool
-	return func(w io.Writer) (io.WriteCloser, error) {
-		enc, ok := pool.Get().(*Encoder)
-		if ok {
-			enc.Reset(w)
-		} else {
-			var err error
-			enc, err = NewWriter(w, opts...)
-			if err != nil {
-				return nil, err
-			}
-		}
-		return &pooledZipWriter{enc: enc, pool: &pool}, nil
-	}
-}
-
-// ZipDecompressor returns a decompressor that can be registered with zip libraries.
-// See ZipCompressor for example.
-// Options can be specified. WithDecoderConcurrency(1) is forced,
-// and by default a 128MB maximum decompression window is specified.
-// The window size can be overridden if required.
-func ZipDecompressor(opts ...DOption) func(r io.Reader) io.ReadCloser {
-	return newZipReader(opts...)
-}
diff --git a/vendor/github.com/klauspost/compress/zstd/zstd.go b/vendor/github.com/klauspost/compress/zstd/zstd.go
deleted file mode 100644
index 066bef2a4..000000000
--- a/vendor/github.com/klauspost/compress/zstd/zstd.go
+++ /dev/null
@@ -1,125 +0,0 @@
-// Package zstd provides decompression of zstandard files.
-//
-// For advanced usage and examples, go to the README: https://github.com/klauspost/compress/tree/master/zstd#zstd
-package zstd
-
-import (
-	"bytes"
-	"encoding/binary"
-	"errors"
-	"log"
-	"math"
-)
-
-// enable debug printing
-const debug = false
-
-// enable encoding debug printing
-const debugEncoder = debug
-
-// enable decoding debug printing
-const debugDecoder = debug
-
-// Enable extra assertions.
-const debugAsserts = debug || false
-
-// print sequence details
-const debugSequences = false
-
-// print detailed matching information
-const debugMatches = false
-
-// force encoder to use predefined tables.
-const forcePreDef = false
-
-// zstdMinMatch is the minimum zstd match length.
-const zstdMinMatch = 3
-
-// fcsUnknown is used for unknown frame content size.
-const fcsUnknown = math.MaxUint64
-
-var (
-	// ErrReservedBlockType is returned when a reserved block type is found.
-	// Typically this indicates wrong or corrupted input.
-	ErrReservedBlockType = errors.New("invalid input: reserved block type encountered")
-
-	// ErrCompressedSizeTooBig is returned when a block is bigger than allowed.
-	// Typically this indicates wrong or corrupted input.
-	ErrCompressedSizeTooBig = errors.New("invalid input: compressed size too big")
-
-	// ErrBlockTooSmall is returned when a block is too small to be decoded.
-	// Typically returned on invalid input.
-	ErrBlockTooSmall = errors.New("block too small")
-
-	// ErrUnexpectedBlockSize is returned when a block has unexpected size.
-	// Typically returned on invalid input.
-	ErrUnexpectedBlockSize = errors.New("unexpected block size")
-
-	// ErrMagicMismatch is returned when a "magic" number isn't what is expected.
-	// Typically this indicates wrong or corrupted input.
-	ErrMagicMismatch = errors.New("invalid input: magic number mismatch")
-
-	// ErrWindowSizeExceeded is returned when a reference exceeds the valid window size.
-	// Typically this indicates wrong or corrupted input.
-	ErrWindowSizeExceeded = errors.New("window size exceeded")
-
-	// ErrWindowSizeTooSmall is returned when no window size is specified.
-	// Typically this indicates wrong or corrupted input.
-	ErrWindowSizeTooSmall = errors.New("invalid input: window size was too small")
-
-	// ErrDecoderSizeExceeded is returned if decompressed size exceeds the configured limit.
-	ErrDecoderSizeExceeded = errors.New("decompressed size exceeds configured limit")
-
-	// ErrUnknownDictionary is returned if the dictionary ID is unknown.
-	ErrUnknownDictionary = errors.New("unknown dictionary")
-
-	// ErrFrameSizeExceeded is returned if the stated frame size is exceeded.
-	// This is only returned if SingleSegment is specified on the frame.
-	ErrFrameSizeExceeded = errors.New("frame size exceeded")
-
-	// ErrFrameSizeMismatch is returned if the stated frame size does not match the expected size.
-	// This is only returned if SingleSegment is specified on the frame.
-	ErrFrameSizeMismatch = errors.New("frame size does not match size on stream")
-
-	// ErrCRCMismatch is returned if CRC mismatches.
-	ErrCRCMismatch = errors.New("CRC check failed")
-
-	// ErrDecoderClosed will be returned if the Decoder was used after
-	// Close has been called.
-	ErrDecoderClosed = errors.New("decoder used after Close")
-
-	// ErrEncoderClosed will be returned if the Encoder was used after
-	// Close has been called.
-	ErrEncoderClosed = errors.New("encoder used after Close")
-
-	// ErrDecoderNilInput is returned when a nil Reader was provided
-	// and an operation other than Reset/DecodeAll/Close was attempted.
-	ErrDecoderNilInput = errors.New("nil input provided as reader")
-)
-
-func println(a ...interface{}) {
-	if debug || debugDecoder || debugEncoder {
-		log.Println(a...)
-	}
-}
-
-func printf(format string, a ...interface{}) {
-	if debug || debugDecoder || debugEncoder {
-		log.Printf(format, a...)
-	}
-}
-
-func load3232(b []byte, i int32) uint32 {
-	return binary.LittleEndian.Uint32(b[:len(b):len(b)][i:])
-}
-
-func load6432(b []byte, i int32) uint64 {
-	return binary.LittleEndian.Uint64(b[:len(b):len(b)][i:])
-}
-
-type byter interface {
-	Bytes() []byte
-	Len() int
-}
-
-var _ byter = &bytes.Buffer{}
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
index 52ee2a3dc..53d7560ec 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.c
@@ -1,7 +1,7 @@
 #ifndef USE_LIBSQLITE3
 /******************************************************************************
 ** This file is an amalgamation of many separate C source files from SQLite
-** version 3.46.1.  By combining all the individual C code files into this
+** version 3.45.1.  By combining all the individual C code files into this
 ** single large file, the entire code can be compiled as a single translation
 ** unit.  This allows many compilers to do optimizations that would not be
 ** possible if the files were compiled separately.  Performance improvements
@@ -19,7 +19,7 @@
 ** separate file. This file contains only code for the core SQLite library.
 **
 ** The content in this amalgamation comes from Fossil check-in
-** c9c2ab54ba1f5f46360f1b4f35d849cd3f08.
+** e876e51a0ed5c5b3126f52e532044363a014.
 */
 #define SQLITE_CORE 1
 #define SQLITE_AMALGAMATION 1
@@ -460,9 +460,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.46.1"
-#define SQLITE_VERSION_NUMBER 3046001
-#define SQLITE_SOURCE_ID      "2024-08-13 09:16:08 c9c2ab54ba1f5f46360f1b4f35d849cd3f080e6fc2b6c60e91b16c63f69a1e33"
+#define SQLITE_VERSION        "3.45.1"
+#define SQLITE_VERSION_NUMBER 3045001
+#define SQLITE_SOURCE_ID      "2024-01-30 16:01:20 e876e51a0ed5c5b3126f52e532044363a014bc594cfefa87ffb5b82257cc467a"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -734,8 +734,6 @@ typedef int (*sqlite3_callback)(void*,int,char**, char**);
 **      the 1st parameter to sqlite3_exec() while sqlite3_exec() is running.
 ** 
  •  The application must not modify the SQL statement text passed into
 **      the 2nd parameter of sqlite3_exec() while sqlite3_exec() is running.
-** 
  •  The application must not dereference the arrays or string pointers
-**       passed as the 3rd and 4th callback parameters after it returns.
 ** 
 */
 SQLITE_API int sqlite3_exec(
@@ -1078,11 +1076,11 @@ struct sqlite3_file {
 ** 
 ** xLock() upgrades the database file lock.  In other words, xLock() moves the
 ** database file lock in the direction NONE toward EXCLUSIVE. The argument to
-** xLock() is always one of SHARED, RESERVED, PENDING, or EXCLUSIVE, never
+** xLock() is always on of SHARED, RESERVED, PENDING, or EXCLUSIVE, never
 ** SQLITE_LOCK_NONE.  If the database file lock is already at or above the
 ** requested lock, then the call to xLock() is a no-op.
 ** xUnlock() downgrades the database file lock to either SHARED or NONE.
-** If the lock is already at or below the requested lock state, then the call
+*  If the lock is already at or below the requested lock state, then the call
 ** to xUnlock() is a no-op.
 ** The xCheckReservedLock() method checks whether any database connection,
 ** either in this process or in some other process, is holding a RESERVED,
@@ -2457,22 +2455,6 @@ struct sqlite3_mem_methods {
 ** configuration setting is never used, then the default maximum is determined
 ** by the [SQLITE_MEMDB_DEFAULT_MAXSIZE] compile-time option.  If that
 ** compile-time option is not set, then the default maximum is 1073741824.
-**
-** [[SQLITE_CONFIG_ROWID_IN_VIEW]]
-** 
    SQLITE_CONFIG_ROWID_IN_VIEW
-** 
    The SQLITE_CONFIG_ROWID_IN_VIEW option enables or disables the ability
-** for VIEWs to have a ROWID.  The capability can only be enabled if SQLite is
-** compiled with -DSQLITE_ALLOW_ROWID_IN_VIEW, in which case the capability
-** defaults to on.  This configuration option queries the current setting or
-** changes the setting to off or on.  The argument is a pointer to an integer.
-** If that integer initially holds a value of 1, then the ability for VIEWs to
-** have ROWIDs is activated.  If the integer initially holds zero, then the
-** ability is deactivated.  Any other initial value for the integer leaves the
-** setting unchanged.  After changes, if any, the integer is written with
-** a 1 or 0, if the ability for VIEWs to have ROWIDs is on or off.  If SQLite
-** is compiled without -DSQLITE_ALLOW_ROWID_IN_VIEW (which is the usual and
-** recommended case) then the integer is always filled with zero, regardless
-** if its initial value.
 ** 
 */
 #define SQLITE_CONFIG_SINGLETHREAD         1  /* nil */
@@ -2504,7 +2486,6 @@ struct sqlite3_mem_methods {
 #define SQLITE_CONFIG_SMALL_MALLOC        27  /* boolean */
 #define SQLITE_CONFIG_SORTERREF_SIZE      28  /* int nByte */
 #define SQLITE_CONFIG_MEMDB_MAXSIZE       29  /* sqlite3_int64 */
-#define SQLITE_CONFIG_ROWID_IN_VIEW       30  /* int* */
 
 /*
 ** CAPI3REF: Database Connection Configuration Options
@@ -3619,8 +3600,8 @@ SQLITE_API int sqlite3_set_authorizer(
 #define SQLITE_RECURSIVE            33   /* NULL            NULL            */
 
 /*
-** CAPI3REF: Deprecated Tracing And Profiling Functions
-** DEPRECATED
+** CAPI3REF: Tracing And Profiling Functions
+** METHOD: sqlite3
 **
 ** These routines are deprecated. Use the [sqlite3_trace_v2()] interface
 ** instead of the routines described here.
@@ -7201,12 +7182,6 @@ SQLITE_API int sqlite3_autovacuum_pages(
 ** The exceptions defined in this paragraph might change in a future
 ** release of SQLite.
 **
-** Whether the update hook is invoked before or after the
-** corresponding change is currently unspecified and may differ
-** depending on the type of change. Do not rely on the order of the
-** hook call with regards to the final result of the operation which
-** triggers the hook.
-**
 ** The update hook implementation must not do anything that will modify
 ** the database connection that invoked the update hook.  Any actions
 ** to modify the database connection must be deferred until after the
@@ -8677,7 +8652,7 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 ** The sqlite3_keyword_count() interface returns the number of distinct
 ** keywords understood by SQLite.
 **
-** The sqlite3_keyword_name(N,Z,L) interface finds the 0-based N-th keyword and
+** The sqlite3_keyword_name(N,Z,L) interface finds the N-th keyword and
 ** makes *Z point to that keyword expressed as UTF8 and writes the number
 ** of bytes in the keyword into *L.  The string that *Z points to is not
 ** zero-terminated.  The sqlite3_keyword_name(N,Z,L) routine returns
@@ -10256,45 +10231,24 @@ SQLITE_API const char *sqlite3_vtab_collation(sqlite3_index_info*,int);
 ** 
  • 
 ** ^(If the sqlite3_vtab_distinct() interface returns 2, that means
 ** that the query planner does not need the rows returned in any particular
-** order, as long as rows with the same values in all columns identified
-** by "aOrderBy" are adjacent.)^  ^(Furthermore, when two or more rows
-** contain the same values for all columns identified by "colUsed", all but
-** one such row may optionally be omitted from the result.)^
-** The virtual table is not required to omit rows that are duplicates
-** over the "colUsed" columns, but if the virtual table can do that without
-** too much extra effort, it could potentially help the query to run faster.
+** order, as long as rows with the same values in all "aOrderBy" columns
+** are adjacent.)^  ^(Furthermore, only a single row for each particular
+** combination of values in the columns identified by the "aOrderBy" field
+** needs to be returned.)^  ^It is always ok for two or more rows with the same
+** values in all "aOrderBy" columns to be returned, as long as all such rows
+** are adjacent.  ^The virtual table may, if it chooses, omit extra rows
+** that have the same value for all columns identified by "aOrderBy".
+** ^However omitting the extra rows is optional.
 ** This mode is used for a DISTINCT query.
 ** 
  • 
-** ^(If the sqlite3_vtab_distinct() interface returns 3, that means the
-** virtual table must return rows in the order defined by "aOrderBy" as
-** if the sqlite3_vtab_distinct() interface had returned 0.  However if
-** two or more rows in the result have the same values for all columns
-** identified by "colUsed", then all but one such row may optionally be
-** omitted.)^  Like when the return value is 2, the virtual table
-** is not required to omit rows that are duplicates over the "colUsed"
-** columns, but if the virtual table can do that without
-** too much extra effort, it could potentially help the query to run faster.
-** This mode is used for queries
+** ^(If the sqlite3_vtab_distinct() interface returns 3, that means
+** that the query planner needs only distinct rows but it does need the
+** rows to be sorted.)^ ^The virtual table implementation is free to omit
+** rows that are identical in all aOrderBy columns, if it wants to, but
+** it is not required to omit any rows.  This mode is used for queries
 ** that have both DISTINCT and ORDER BY clauses.
 ** 
 **
-** 
    The following table summarizes the conditions under which the
-** virtual table is allowed to set the "orderByConsumed" flag based on
-** the value returned by sqlite3_vtab_distinct().  This table is a
-** restatement of the previous four paragraphs:
-**
-** 
-** 
-** 
    sqlite3_vtab_distinct() return value
-** Rows are returned in aOrderBy order
-** Rows with the same value in all aOrderBy columns are adjacent
-** Duplicates over all colUsed columns may be omitted
-** 
    0yesyesno
-** 
    1noyesno
-** 
    2noyesyes
-** 
    3yesyesyes
-** 
    
-**
 ** ^For the purposes of comparing virtual table output values to see if the
 ** values are same value for sorting purposes, two NULL values are considered
 ** to be the same.  In other words, the comparison operator is "IS"
@@ -12339,30 +12293,6 @@ SQLITE_API int sqlite3changegroup_schema(sqlite3_changegroup*, sqlite3*, const c
 */
 SQLITE_API int sqlite3changegroup_add(sqlite3_changegroup*, int nData, void *pData);
 
-/*
-** CAPI3REF: Add A Single Change To A Changegroup
-** METHOD: sqlite3_changegroup
-**
-** This function adds the single change currently indicated by the iterator
-** passed as the second argument to the changegroup object. The rules for
-** adding the change are just as described for [sqlite3changegroup_add()].
-**
-** If the change is successfully added to the changegroup, SQLITE_OK is
-** returned. Otherwise, an SQLite error code is returned.
-**
-** The iterator must point to a valid entry when this function is called.
-** If it does not, SQLITE_ERROR is returned and no change is added to the
-** changegroup. Additionally, the iterator must not have been opened with
-** the SQLITE_CHANGESETAPPLY_INVERT flag. In this case SQLITE_ERROR is also
-** returned.
-*/
-SQLITE_API int sqlite3changegroup_add_change(
-  sqlite3_changegroup*,
-  sqlite3_changeset_iter*
-);
-
-
-
 /*
 ** CAPI3REF: Obtain A Composite Changeset From A Changegroup
 ** METHOD: sqlite3_changegroup
@@ -13167,8 +13097,8 @@ struct Fts5PhraseIter {
 ** EXTENSION API FUNCTIONS
 **
 ** xUserData(pFts):
-**   Return a copy of the pUserData pointer passed to the xCreateFunction()
-**   API when the extension function was registered.
+**   Return a copy of the context pointer the extension function was
+**   registered with.
 **
 ** xColumnTotalSize(pFts, iCol, pnToken):
 **   If parameter iCol is less than zero, set output variable *pnToken
@@ -14366,8 +14296,6 @@ struct fts5_api {
 # define SQLITE_OMIT_ALTERTABLE
 #endif
 
-#define SQLITE_DIGIT_SEPARATOR '_'
-
 /*
 ** Return true (non-zero) if the input is an integer that is too large
 ** to fit in 32-bits.  This macro is used inside of various testcase()
@@ -14660,8 +14588,8 @@ SQLITE_PRIVATE void sqlite3HashClear(Hash*);
 #define TK_TRUEFALSE                      170
 #define TK_ISNOT                          171
 #define TK_FUNCTION                       172
-#define TK_UPLUS                          173
-#define TK_UMINUS                         174
+#define TK_UMINUS                         173
+#define TK_UPLUS                          174
 #define TK_TRUTH                          175
 #define TK_REGISTER                       176
 #define TK_VECTOR                         177
@@ -14670,9 +14598,8 @@ SQLITE_PRIVATE void sqlite3HashClear(Hash*);
 #define TK_ASTERISK                       180
 #define TK_SPAN                           181
 #define TK_ERROR                          182
-#define TK_QNUMBER                        183
-#define TK_SPACE                          184
-#define TK_ILLEGAL                        185
+#define TK_SPACE                          183
+#define TK_ILLEGAL                        184
 
 /************** End of parse.h ***********************************************/
 /************** Continuing where we left off in sqliteInt.h ******************/
@@ -14934,7 +14861,7 @@ typedef INT16_TYPE LogEst;
 #   define SQLITE_PTRSIZE __SIZEOF_POINTER__
 # elif defined(i386)     || defined(__i386__)   || defined(_M_IX86) ||    \
        defined(_M_ARM)   || defined(__arm__)    || defined(__x86)   ||    \
-      (defined(__APPLE__) && defined(__ppc__)) ||                         \
+      (defined(__APPLE__) && defined(__POWERPC__)) ||                     \
       (defined(__TOS_AIX__) && !defined(__64BIT__))
 #   define SQLITE_PTRSIZE 4
 # else
@@ -15171,7 +15098,6 @@ SQLITE_PRIVATE u32 sqlite3TreeTrace;
 **   0x00010000     Beginning of DELETE/INSERT/UPDATE processing
 **   0x00020000     Transform DISTINCT into GROUP BY
 **   0x00040000     SELECT tree dump after all code has been generated
-**   0x00080000     NOT NULL strength reduction
 */
 
 /*
@@ -15202,7 +15128,7 @@ SQLITE_PRIVATE u32 sqlite3WhereTrace;
 ** 0x00000010   Display sqlite3_index_info xBestIndex calls
 ** 0x00000020   Range an equality scan metrics
 ** 0x00000040   IN operator decisions
-** 0x00000080   WhereLoop cost adjustments
+** 0x00000080   WhereLoop cost adjustements
 ** 0x00000100
 ** 0x00000200   Covering index decisions
 ** 0x00000400   OR optimization
@@ -16351,7 +16277,6 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   sqlite3 *db,  /* Database connection that is running the check */
   Btree *p,     /* The btree to be checked */
   Pgno *aRoot,  /* An array of root pages numbers for individual trees */
-  sqlite3_value *aCnt,  /* OUT: entry counts for each btree in aRoot[] */
   int nRoot,    /* Number of entries in aRoot[] */
   int mxErr,    /* Stop reporting errors after this many */
   int *pnErr,   /* OUT: Write number of errors seen to this variable */
@@ -16622,12 +16547,12 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_Vacuum          5
 #define OP_VFilter         6 /* jump, synopsis: iplan=r[P3] zplan='P4'     */
 #define OP_VUpdate         7 /* synopsis: data=r[P3@P2]                    */
-#define OP_Init            8 /* jump0, synopsis: Start at P2               */
+#define OP_Init            8 /* jump, synopsis: Start at P2                */
 #define OP_Goto            9 /* jump                                       */
 #define OP_Gosub          10 /* jump                                       */
-#define OP_InitCoroutine  11 /* jump0                                      */
-#define OP_Yield          12 /* jump0                                      */
-#define OP_MustBeInt      13 /* jump0                                      */
+#define OP_InitCoroutine  11 /* jump                                       */
+#define OP_Yield          12 /* jump                                       */
+#define OP_MustBeInt      13 /* jump                                       */
 #define OP_Jump           14 /* jump                                       */
 #define OP_Once           15 /* jump                                       */
 #define OP_If             16 /* jump                                       */
@@ -16635,22 +16560,22 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_IsType         18 /* jump, synopsis: if typeof(P1.P3) in P5 goto P2 */
 #define OP_Not            19 /* same as TK_NOT, synopsis: r[P2]= !r[P1]    */
 #define OP_IfNullRow      20 /* jump, synopsis: if P1.nullRow then r[P3]=NULL, goto P2 */
-#define OP_SeekLT         21 /* jump0, synopsis: key=r[P3@P4]              */
-#define OP_SeekLE         22 /* jump0, synopsis: key=r[P3@P4]              */
-#define OP_SeekGE         23 /* jump0, synopsis: key=r[P3@P4]              */
-#define OP_SeekGT         24 /* jump0, synopsis: key=r[P3@P4]              */
+#define OP_SeekLT         21 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_SeekLE         22 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_SeekGE         23 /* jump, synopsis: key=r[P3@P4]               */
+#define OP_SeekGT         24 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_IfNotOpen      25 /* jump, synopsis: if( !csr[P1] ) goto P2     */
 #define OP_IfNoHope       26 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_NoConflict     27 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_NotFound       28 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_Found          29 /* jump, synopsis: key=r[P3@P4]               */
-#define OP_SeekRowid      30 /* jump0, synopsis: intkey=r[P3]              */
+#define OP_SeekRowid      30 /* jump, synopsis: intkey=r[P3]               */
 #define OP_NotExists      31 /* jump, synopsis: intkey=r[P3]               */
-#define OP_Last           32 /* jump0                                      */
-#define OP_IfSizeBetween  33 /* jump                                       */
+#define OP_Last           32 /* jump                                       */
+#define OP_IfSmaller      33 /* jump                                       */
 #define OP_SorterSort     34 /* jump                                       */
 #define OP_Sort           35 /* jump                                       */
-#define OP_Rewind         36 /* jump0                                      */
+#define OP_Rewind         36 /* jump                                       */
 #define OP_SorterNext     37 /* jump                                       */
 #define OP_Prev           38 /* jump                                       */
 #define OP_Next           39 /* jump                                       */
@@ -16662,7 +16587,7 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_IdxGE          45 /* jump, synopsis: key=r[P3@P4]               */
 #define OP_RowSetRead     46 /* jump, synopsis: r[P3]=rowset(P1)           */
 #define OP_RowSetTest     47 /* jump, synopsis: if r[P3] in rowset(P1) goto P2 */
-#define OP_Program        48 /* jump0                                      */
+#define OP_Program        48 /* jump                                       */
 #define OP_FkIfZero       49 /* jump, synopsis: if fkctr[P1]==0 goto P2    */
 #define OP_IsNull         50 /* jump, same as TK_ISNULL, synopsis: if r[P1]==NULL goto P2 */
 #define OP_NotNull        51 /* jump, same as TK_NOTNULL, synopsis: if r[P1]!=NULL goto P2 */
@@ -16692,7 +16617,7 @@ typedef struct VdbeOpList VdbeOpList;
 #define OP_Null           75 /* synopsis: r[P2..P3]=NULL                   */
 #define OP_SoftNull       76 /* synopsis: r[P1]=NULL                       */
 #define OP_Blob           77 /* synopsis: r[P2]=P4 (len=P1)                */
-#define OP_Variable       78 /* synopsis: r[P2]=parameter(P1)              */
+#define OP_Variable       78 /* synopsis: r[P2]=parameter(P1,P4)           */
 #define OP_Move           79 /* synopsis: r[P2@P3]=r[P1@P3]                */
 #define OP_Copy           80 /* synopsis: r[P2@P3+1]=r[P1@P3+1]            */
 #define OP_SCopy          81 /* synopsis: r[P2]=r[P1]                      */
@@ -16816,15 +16741,14 @@ typedef struct VdbeOpList VdbeOpList;
 #define OPFLG_OUT2        0x10  /* out2:  P2 is an output */
 #define OPFLG_OUT3        0x20  /* out3:  P3 is an output */
 #define OPFLG_NCYCLE      0x40  /* ncycle:Cycles count against P1 */
-#define OPFLG_JUMP0       0x80  /* jump0:  P2 might be zero */
 #define OPFLG_INITIALIZER {\
 /*   0 */ 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x41, 0x00,\
-/*   8 */ 0x81, 0x01, 0x01, 0x81, 0x83, 0x83, 0x01, 0x01,\
-/*  16 */ 0x03, 0x03, 0x01, 0x12, 0x01, 0xc9, 0xc9, 0xc9,\
-/*  24 */ 0xc9, 0x01, 0x49, 0x49, 0x49, 0x49, 0xc9, 0x49,\
-/*  32 */ 0xc1, 0x01, 0x41, 0x41, 0xc1, 0x01, 0x41, 0x41,\
+/*   8 */ 0x01, 0x01, 0x01, 0x01, 0x03, 0x03, 0x01, 0x01,\
+/*  16 */ 0x03, 0x03, 0x01, 0x12, 0x01, 0x49, 0x49, 0x49,\
+/*  24 */ 0x49, 0x01, 0x49, 0x49, 0x49, 0x49, 0x49, 0x49,\
+/*  32 */ 0x41, 0x01, 0x41, 0x41, 0x41, 0x01, 0x41, 0x41,\
 /*  40 */ 0x41, 0x41, 0x41, 0x26, 0x26, 0x41, 0x23, 0x0b,\
-/*  48 */ 0x81, 0x01, 0x03, 0x03, 0x0b, 0x0b, 0x0b, 0x0b,\
+/*  48 */ 0x01, 0x01, 0x03, 0x03, 0x0b, 0x0b, 0x0b, 0x0b,\
 /*  56 */ 0x0b, 0x0b, 0x01, 0x03, 0x03, 0x03, 0x01, 0x41,\
 /*  64 */ 0x01, 0x00, 0x00, 0x02, 0x02, 0x08, 0x00, 0x10,\
 /*  72 */ 0x10, 0x10, 0x00, 0x10, 0x00, 0x10, 0x10, 0x00,\
@@ -16984,8 +16908,6 @@ SQLITE_PRIVATE RecordCompare sqlite3VdbeFindCompare(UnpackedRecord*);
 SQLITE_PRIVATE void sqlite3VdbeLinkSubProgram(Vdbe *, SubProgram *);
 SQLITE_PRIVATE int sqlite3VdbeHasSubProgram(Vdbe*);
 
-SQLITE_PRIVATE void sqlite3MemSetArrayInt64(sqlite3_value *aMem, int iIdx, i64 val);
-
 SQLITE_PRIVATE int sqlite3NotPureFunc(sqlite3_context*);
 #ifdef SQLITE_ENABLE_BYTECODE_VTAB
 SQLITE_PRIVATE int sqlite3VdbeBytecodeVtabInit(sqlite3*);
@@ -17573,10 +17495,6 @@ struct FuncDefHash {
 };
 #define SQLITE_FUNC_HASH(C,L) (((C)+(L))%SQLITE_FUNC_HASH_SZ)
 
-#if defined(SQLITE_USER_AUTHENTICATION)
-# warning  "The SQLITE_USER_AUTHENTICATION extension is deprecated. \
- See ext/userauth/user-auth.txt for details."
-#endif
 #ifdef SQLITE_USER_AUTHENTICATION
 /*
 ** Information held in the "sqlite3" database connection object and used
@@ -17880,7 +17798,7 @@ struct sqlite3 {
 #define SQLITE_CursorHints    0x00000400 /* Add OP_CursorHint opcodes */
 #define SQLITE_Stat4          0x00000800 /* Use STAT4 data */
    /* TH3 expects this value  ^^^^^^^^^^ to be 0x0000800. Don't change it */
-#define SQLITE_PushDown       0x00001000 /* WHERE-clause push-down opt */
+#define SQLITE_PushDown       0x00001000 /* The push-down optimization */
 #define SQLITE_SimplifyJoin   0x00002000 /* Convert LEFT JOIN to JOIN */
 #define SQLITE_SkipScan       0x00004000 /* Skip-scans */
 #define SQLITE_PropagateConst 0x00008000 /* The constant propagation opt */
@@ -18453,7 +18371,8 @@ struct Table {
 #define TF_HasStored      0x00000040 /* Has one or more STORED columns */
 #define TF_HasGenerated   0x00000060 /* Combo: HasVirtual + HasStored */
 #define TF_WithoutRowid   0x00000080 /* No rowid.  PRIMARY KEY is the key */
-#define TF_MaybeReanalyze 0x00000100 /* Maybe run ANALYZE on this table */
+#define TF_StatsUsed      0x00000100 /* Query planner decisions affected by
+                                     ** Index.aiRowLogEst[] values */
 #define TF_NoVisibleRowid 0x00000200 /* No user-visible "rowid" column */
 #define TF_OOOHidden      0x00000400 /* Out-of-Order hidden columns */
 #define TF_HasNotNull     0x00000800 /* Contains NOT NULL constraints */
@@ -18509,15 +18428,6 @@ struct Table {
 #define HasRowid(X)     (((X)->tabFlags & TF_WithoutRowid)==0)
 #define VisibleRowid(X) (((X)->tabFlags & TF_NoVisibleRowid)==0)
 
-/* Macro is true if the SQLITE_ALLOW_ROWID_IN_VIEW (mis-)feature is
-** available.  By default, this macro is false
-*/
-#ifndef SQLITE_ALLOW_ROWID_IN_VIEW
-# define ViewCanHaveRowid     0
-#else
-# define ViewCanHaveRowid     (sqlite3Config.mNoVisibleRowid==0)
-#endif
-
 /*
 ** Each foreign key constraint is an instance of the following structure.
 **
@@ -19253,12 +19163,10 @@ struct IdList {
 **
 ** Union member validity:
 **
-**    u1.zIndexedBy      fg.isIndexedBy && !fg.isTabFunc
-**    u1.pFuncArg        fg.isTabFunc   && !fg.isIndexedBy
-**    u1.nRow            !fg.isTabFunc  && !fg.isIndexedBy
-**
-**    u2.pIBIndex        fg.isIndexedBy && !fg.isCte
-**    u2.pCteUse         fg.isCte       && !fg.isIndexedBy
+**    u1.zIndexedBy          fg.isIndexedBy && !fg.isTabFunc
+**    u1.pFuncArg            fg.isTabFunc   && !fg.isIndexedBy
+**    u2.pIBIndex            fg.isIndexedBy && !fg.isCte
+**    u2.pCteUse             fg.isCte       && !fg.isIndexedBy
 */
 struct SrcItem {
   Schema *pSchema;  /* Schema to which this item is fixed */
@@ -19286,7 +19194,6 @@ struct SrcItem {
     unsigned isOn :1;          /* u3.pOn was once valid and non-NULL */
     unsigned isSynthUsing :1;  /* u3.pUsing is synthesized from NATURAL */
     unsigned isNestedFrom :1;  /* pSelect is a SF_NestedFrom subquery */
-    unsigned rowidUsed :1;     /* The ROWID of this table is referenced */
   } fg;
   int iCursor;      /* The VDBE cursor number used to access this table */
   union {
@@ -19297,7 +19204,6 @@ struct SrcItem {
   union {
     char *zIndexedBy;    /* Identifier from "INDEXED BY " clause */
     ExprList *pFuncArg;  /* Arguments to table-valued-function */
-    u32 nRow;            /* Number of rows in a VALUES clause */
   } u1;
   union {
     Index *pIBIndex;  /* Index structure corresponding to u1.zIndexedBy */
@@ -19362,7 +19268,7 @@ struct SrcList {
 #define WHERE_AGG_DISTINCT     0x0400 /* Query is "SELECT agg(DISTINCT ...)" */
 #define WHERE_ORDERBY_LIMIT    0x0800 /* ORDERBY+LIMIT on the inner loop */
 #define WHERE_RIGHT_JOIN       0x1000 /* Processing a RIGHT JOIN */
-#define WHERE_KEEP_ALL_JOINS   0x2000 /* Do not do the omit-noop-join opt */
+                        /*     0x2000    not currently used */
 #define WHERE_USE_LIMIT        0x4000 /* Use the LIMIT in cost estimates */
                         /*     0x8000    not currently used */
 
@@ -19441,7 +19347,6 @@ struct NameContext {
 #define NC_InAggFunc 0x020000 /* True if analyzing arguments to an agg func */
 #define NC_FromDDL   0x040000 /* SQL text comes from sqlite_schema */
 #define NC_NoSelect  0x080000 /* Do not descend into sub-selects */
-#define NC_Where     0x100000 /* Processing WHERE clause of a SELECT */
 #define NC_OrderAgg 0x8000000 /* Has an aggregate other than count/min/max */
 
 /*
@@ -19465,7 +19370,6 @@ struct Upsert {
   Expr *pUpsertWhere;       /* WHERE clause for the ON CONFLICT UPDATE */
   Upsert *pNextUpsert;      /* Next ON CONFLICT clause in the list */
   u8 isDoUpdate;            /* True for DO UPDATE.  False for DO NOTHING */
-  u8 isDup;                 /* True if 2nd or later with same pUpsertIdx */
   /* Above this point is the parse tree for the ON CONFLICT clauses.
   ** The next group of fields stores intermediate data. */
   void *pToFree;            /* Free memory when deleting the Upsert object */
@@ -19555,12 +19459,11 @@ struct Select {
 #define SF_View          0x0200000 /* SELECT statement is a view */
 #define SF_NoopOrderBy   0x0400000 /* ORDER BY is ignored for this query */
 #define SF_UFSrcCheck    0x0800000 /* Check pSrc as required by UPDATE...FROM */
-#define SF_PushDown      0x1000000 /* Modified by WHERE-clause push-down opt */
+#define SF_PushDown      0x1000000 /* SELECT has be modified by push-down opt */
 #define SF_MultiPart     0x2000000 /* Has multiple incompatible PARTITIONs */
 #define SF_CopyCte       0x4000000 /* SELECT statement is a copy of a CTE */
 #define SF_OrderByReqd   0x8000000 /* The ORDER BY clause may not be omitted */
 #define SF_UpdateFrom   0x10000000 /* Query originates with UPDATE FROM */
-#define SF_Correlated   0x20000000 /* True if references the outer context */
 
 /* True if S exists and has SF_NestedFrom */
 #define IsNestedFrom(S) ((S)!=0 && ((S)->selFlags&SF_NestedFrom)!=0)
@@ -19800,7 +19703,6 @@ struct Parse {
   u8 disableLookaside; /* Number of times lookaside has been disabled */
   u8 prepFlags;        /* SQLITE_PREPARE_* flags */
   u8 withinRJSubrtn;   /* Nesting level for RIGHT JOIN body subroutines */
-  u8 bHasWith;         /* True if statement contains WITH */
 #if defined(SQLITE_DEBUG) || defined(SQLITE_COVERAGE_TEST)
   u8 earlyCleanup;     /* OOM inside sqlite3ParserAddCleanup() */
 #endif
@@ -20238,11 +20140,6 @@ struct Sqlite3Config {
 #endif
 #ifndef SQLITE_UNTESTABLE
   int (*xTestCallback)(int);        /* Invoked by sqlite3FaultSim() */
-#endif
-#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
-  u32 mNoVisibleRowid;              /* TF_NoVisibleRowid if the ROWID_IN_VIEW
-                                    ** feature is disabled.  0 if rowids can
-                                    ** occur in views. */
 #endif
   int bLocaltimeFault;              /* True to fail localtime() calls */
   int (*xAltLocaltime)(const void*,void*); /* Alternative localtime() routine */
@@ -20480,9 +20377,6 @@ struct Window {
                           ** due to the SQLITE_SUBTYPE flag */
 };
 
-SQLITE_PRIVATE Select *sqlite3MultiValues(Parse *pParse, Select *pLeft, ExprList *pRow);
-SQLITE_PRIVATE void sqlite3MultiValuesEnd(Parse *pParse, Select *pVal);
-
 #ifndef SQLITE_OMIT_WINDOWFUNC
 SQLITE_PRIVATE void sqlite3WindowDelete(sqlite3*, Window*);
 SQLITE_PRIVATE void sqlite3WindowUnlinkFromSelect(Window*);
@@ -20702,13 +20596,10 @@ SQLITE_PRIVATE void sqlite3MutexWarnOnContention(sqlite3_mutex*);
 # define EXP754 (((u64)0x7ff)<<52)
 # define MAN754 ((((u64)1)<<52)-1)
 # define IsNaN(X) (((X)&EXP754)==EXP754 && ((X)&MAN754)!=0)
-# define IsOvfl(X) (((X)&EXP754)==EXP754)
 SQLITE_PRIVATE   int sqlite3IsNaN(double);
-SQLITE_PRIVATE   int sqlite3IsOverflow(double);
 #else
-# define IsNaN(X)             0
-# define sqlite3IsNaN(X)      0
-# define sqlite3IsOVerflow(X) 0
+# define IsNaN(X)         0
+# define sqlite3IsNaN(X)  0
 #endif
 
 /*
@@ -20800,7 +20691,6 @@ SQLITE_PRIVATE int sqlite3ErrorToParser(sqlite3*,int);
 SQLITE_PRIVATE void sqlite3Dequote(char*);
 SQLITE_PRIVATE void sqlite3DequoteExpr(Expr*);
 SQLITE_PRIVATE void sqlite3DequoteToken(Token*);
-SQLITE_PRIVATE void sqlite3DequoteNumber(Parse*, Expr*);
 SQLITE_PRIVATE void sqlite3TokenInit(Token*,char*);
 SQLITE_PRIVATE int sqlite3KeywordCode(const unsigned char*, int);
 SQLITE_PRIVATE int sqlite3RunParser(Parse*, const char*);
@@ -20831,7 +20721,7 @@ SQLITE_PRIVATE void sqlite3ExprFunctionUsable(Parse*,const Expr*,const FuncDef*)
 SQLITE_PRIVATE void sqlite3ExprAssignVarNumber(Parse*, Expr*, u32);
 SQLITE_PRIVATE void sqlite3ExprDelete(sqlite3*, Expr*);
 SQLITE_PRIVATE void sqlite3ExprDeleteGeneric(sqlite3*,void*);
-SQLITE_PRIVATE int sqlite3ExprDeferredDelete(Parse*, Expr*);
+SQLITE_PRIVATE void sqlite3ExprDeferredDelete(Parse*, Expr*);
 SQLITE_PRIVATE void sqlite3ExprUnmapAndDelete(Parse*, Expr*);
 SQLITE_PRIVATE ExprList *sqlite3ExprListAppend(Parse*,ExprList*,Expr*);
 SQLITE_PRIVATE ExprList *sqlite3ExprListAppendVector(Parse*,ExprList*,IdList*,Expr*);
@@ -21054,10 +20944,12 @@ SQLITE_PRIVATE void sqlite3LeaveMutexAndCloseZombie(sqlite3*);
 SQLITE_PRIVATE u32 sqlite3IsTrueOrFalse(const char*);
 SQLITE_PRIVATE int sqlite3ExprIdToTrueFalse(Expr*);
 SQLITE_PRIVATE int sqlite3ExprTruthValue(const Expr*);
-SQLITE_PRIVATE int sqlite3ExprIsConstant(Parse*,Expr*);
+SQLITE_PRIVATE int sqlite3ExprIsConstant(Expr*);
+SQLITE_PRIVATE int sqlite3ExprIsConstantNotJoin(Expr*);
 SQLITE_PRIVATE int sqlite3ExprIsConstantOrFunction(Expr*, u8);
 SQLITE_PRIVATE int sqlite3ExprIsConstantOrGroupBy(Parse*, Expr*, ExprList*);
-SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(Expr*,const SrcList*,int,int);
+SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr*,int);
+SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(Expr*,const SrcList*,int);
 #ifdef SQLITE_ENABLE_CURSOR_HINTS
 SQLITE_PRIVATE int sqlite3ExprContainsSubquery(Expr*);
 #endif
@@ -21242,9 +21134,7 @@ SQLITE_PRIVATE void sqlite3ErrorWithMsg(sqlite3*, int, const char*,...);
 SQLITE_PRIVATE void sqlite3Error(sqlite3*,int);
 SQLITE_PRIVATE void sqlite3ErrorClear(sqlite3*);
 SQLITE_PRIVATE void sqlite3SystemError(sqlite3*,int);
-#if !defined(SQLITE_OMIT_BLOB_LITERAL)
 SQLITE_PRIVATE void *sqlite3HexToBlob(sqlite3*, const char *z, int n);
-#endif
 SQLITE_PRIVATE u8 sqlite3HexToInt(int h);
 SQLITE_PRIVATE int sqlite3TwoPartName(Parse *, Token *, Token *, Token **);
 
@@ -21555,7 +21445,7 @@ SQLITE_PRIVATE   With *sqlite3WithPush(Parse*, With*, u8);
 SQLITE_PRIVATE   Upsert *sqlite3UpsertNew(sqlite3*,ExprList*,Expr*,ExprList*,Expr*,Upsert*);
 SQLITE_PRIVATE   void sqlite3UpsertDelete(sqlite3*,Upsert*);
 SQLITE_PRIVATE   Upsert *sqlite3UpsertDup(sqlite3*,Upsert*);
-SQLITE_PRIVATE   int sqlite3UpsertAnalyzeTarget(Parse*,SrcList*,Upsert*,Upsert*);
+SQLITE_PRIVATE   int sqlite3UpsertAnalyzeTarget(Parse*,SrcList*,Upsert*);
 SQLITE_PRIVATE   void sqlite3UpsertDoUpdate(Parse*,Upsert*,Table*,Index*,int);
 SQLITE_PRIVATE   Upsert *sqlite3UpsertOfIndex(Upsert*,Index*);
 SQLITE_PRIVATE   int sqlite3UpsertNextIsIPK(Upsert*);
@@ -21945,9 +21835,6 @@ static const char * const sqlite3azCompileOpt[] = {
   "ALLOW_COVERING_INDEX_SCAN=" CTIMEOPT_VAL(SQLITE_ALLOW_COVERING_INDEX_SCAN),
 # endif
 #endif
-#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
-  "ALLOW_ROWID_IN_VIEW",
-#endif
 #ifdef SQLITE_ALLOW_URI_AUTHORITY
   "ALLOW_URI_AUTHORITY",
 #endif
@@ -22967,9 +22854,6 @@ SQLITE_PRIVATE SQLITE_WSD struct Sqlite3Config sqlite3Config = {
 #endif
 #ifndef SQLITE_UNTESTABLE
    0,                         /* xTestCallback */
-#endif
-#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
-   0,                         /* mNoVisibleRowid.  0 == allow rowid-in-view */
 #endif
    0,                         /* bLocaltimeFault */
    0,                         /* xAltLocaltime */
@@ -24291,14 +24175,13 @@ struct DateTime {
   int tz;             /* Timezone offset in minutes */
   double s;           /* Seconds */
   char validJD;       /* True (1) if iJD is valid */
+  char rawS;          /* Raw numeric value stored in s */
   char validYMD;      /* True (1) if Y,M,D are valid */
   char validHMS;      /* True (1) if h,m,s are valid */
-  char nFloor;            /* Days to implement "floor" */
-  unsigned rawS      : 1; /* Raw numeric value stored in s */
-  unsigned isError   : 1; /* An overflow has occurred */
-  unsigned useSubsec : 1; /* Display subsecond precision */
-  unsigned isUtc     : 1; /* Time is known to be UTC */
-  unsigned isLocal   : 1; /* Time is known to be localtime */
+  char validTZ;       /* True (1) if tz is valid */
+  char tzSet;         /* Timezone was set explicitly */
+  char isError;       /* An overflow has occurred */
+  char useSubsec;     /* Display subsecond precision */
 };
 
 
@@ -24396,8 +24279,6 @@ static int parseTimezone(const char *zDate, DateTime *p){
     sgn = +1;
   }else if( c=='Z' || c=='z' ){
     zDate++;
-    p->isLocal = 0;
-    p->isUtc = 1;
     goto zulu_time;
   }else{
     return c!=0;
@@ -24410,6 +24291,7 @@ static int parseTimezone(const char *zDate, DateTime *p){
   p->tz = sgn*(nMn + nHr*60);
 zulu_time:
   while( sqlite3Isspace(*zDate) ){ zDate++; }
+  p->tzSet = 1;
   return *zDate!=0;
 }
 
@@ -24453,6 +24335,7 @@ static int parseHhMmSs(const char *zDate, DateTime *p){
   p->m = m;
   p->s = s + ms;
   if( parseTimezone(zDate, p) ) return 1;
+  p->validTZ = (p->tz!=0)?1:0;
   return 0;
 }
 
@@ -24499,40 +24382,15 @@ static void computeJD(DateTime *p){
   p->validJD = 1;
   if( p->validHMS ){
     p->iJD += p->h*3600000 + p->m*60000 + (sqlite3_int64)(p->s*1000 + 0.5);
-    if( p->tz ){
+    if( p->validTZ ){
       p->iJD -= p->tz*60000;
       p->validYMD = 0;
       p->validHMS = 0;
-      p->tz = 0;
-      p->isUtc = 1;
-      p->isLocal = 0;
+      p->validTZ = 0;
     }
   }
 }
 
-/*
-** Given the YYYY-MM-DD information current in p, determine if there
-** is day-of-month overflow and set nFloor to the number of days that
-** would need to be subtracted from the date in order to bring the
-** date back to the end of the month.
-*/
-static void computeFloor(DateTime *p){
-  assert( p->validYMD || p->isError );
-  assert( p->D>=0 && p->D<=31 );
-  assert( p->M>=0 && p->M<=12 );
-  if( p->D<=28 ){
-    p->nFloor = 0;
-  }else if( (1<M) & 0x15aa ){
-    p->nFloor = 0;
-  }else if( p->M!=2 ){
-    p->nFloor = (p->D==31);
-  }else if( p->Y%4!=0 || (p->Y%100==0 && p->Y%400!=0) ){
-    p->nFloor = p->D - 28;
-  }else{
-    p->nFloor = p->D - 29;
-  }
-}
-
 /*
 ** Parse dates of the form
 **
@@ -24571,16 +24429,12 @@ static int parseYyyyMmDd(const char *zDate, DateTime *p){
   p->Y = neg ? -Y : Y;
   p->M = M;
   p->D = D;
-  computeFloor(p);
-  if( p->tz ){
+  if( p->validTZ ){
     computeJD(p);
   }
   return 0;
 }
 
-
-static void clearYMD_HMS_TZ(DateTime *p);  /* Forward declaration */
-
 /*
 ** Set the time to the current time reported by the VFS.
 **
@@ -24590,9 +24444,6 @@ static int setDateTimeToCurrent(sqlite3_context *context, DateTime *p){
   p->iJD = sqlite3StmtCurrentTime(context);
   if( p->iJD>0 ){
     p->validJD = 1;
-    p->isUtc = 1;
-    p->isLocal = 0;
-    clearYMD_HMS_TZ(p);
     return 0;
   }else{
     return 1;
@@ -24731,7 +24582,7 @@ static void computeYMD_HMS(DateTime *p){
 static void clearYMD_HMS_TZ(DateTime *p){
   p->validYMD = 0;
   p->validHMS = 0;
-  p->tz = 0;
+  p->validTZ = 0;
 }
 
 #ifndef SQLITE_OMIT_LOCALTIME
@@ -24863,7 +24714,7 @@ static int toLocaltime(
   p->validHMS = 1;
   p->validJD = 0;
   p->rawS = 0;
-  p->tz = 0;
+  p->validTZ = 0;
   p->isError = 0;
   return SQLITE_OK;
 }
@@ -24883,12 +24734,12 @@ static const struct {
   float rLimit;       /* Maximum NNN value for this transform */
   float rXform;       /* Constant used for this transform */
 } aXformType[] = {
-  /* 0 */ { 6, "second",   4.6427e+14,         1.0  },
-  /* 1 */ { 6, "minute",   7.7379e+12,        60.0  },
-  /* 2 */ { 4, "hour",     1.2897e+11,      3600.0  },
-  /* 3 */ { 3, "day",      5373485.0,      86400.0  },
-  /* 4 */ { 5, "month",    176546.0,  30.0*86400.0  },
-  /* 5 */ { 4, "year",     14713.0,  365.0*86400.0  },
+  { 6, "second", 4.6427e+14,       1.0  },
+  { 6, "minute", 7.7379e+12,      60.0  },
+  { 4, "hour",   1.2897e+11,    3600.0  },
+  { 3, "day",    5373485.0,    86400.0  },
+  { 5, "month",  176546.0,   2592000.0  },
+  { 4, "year",   14713.0,   31536000.0  },
 };
 
 /*
@@ -24920,20 +24771,14 @@ static void autoAdjustDate(DateTime *p){
 **     NNN.NNNN seconds
 **     NNN months
 **     NNN years
-**     +/-YYYY-MM-DD HH:MM:SS.SSS
-**     ceiling
-**     floor
 **     start of month
 **     start of year
 **     start of week
 **     start of day
 **     weekday N
 **     unixepoch
-**     auto
 **     localtime
 **     utc
-**     subsec
-**     subsecond
 **
 ** Return 0 on success and 1 if there is any kind of error. If the error
 ** is in a system call (i.e. localtime()), then an error message is written
@@ -24964,37 +24809,6 @@ static int parseModifier(
       }
       break;
     }
-    case 'c': {
-      /*
-      **    ceiling
-      **
-      ** Resolve day-of-month overflow by rolling forward into the next
-      ** month.  As this is the default action, this modifier is really
-      ** a no-op that is only included for symmetry.  See "floor".
-      */
-      if( sqlite3_stricmp(z, "ceiling")==0 ){
-        computeJD(p);
-        clearYMD_HMS_TZ(p);
-        rc = 0;
-        p->nFloor = 0;
-      }
-      break;
-    }
-    case 'f': {
-      /*
-      **    floor
-      **
-      ** Resolve day-of-month overflow by rolling back to the end of the
-      ** previous month.
-      */
-      if( sqlite3_stricmp(z, "floor")==0 ){
-        computeJD(p);
-        p->iJD -= p->nFloor*86400000;
-        clearYMD_HMS_TZ(p);
-        rc = 0;
-      }
-      break;
-    }
     case 'j': {
       /*
       **    julianday
@@ -25021,9 +24835,7 @@ static int parseModifier(
       ** show local time.
       */
       if( sqlite3_stricmp(z, "localtime")==0 && sqlite3NotPureFunc(pCtx) ){
-        rc = p->isLocal ? SQLITE_OK : toLocaltime(p, pCtx);
-        p->isUtc = 0;
-        p->isLocal = 1;
+        rc = toLocaltime(p, pCtx);
       }
       break;
     }
@@ -25048,7 +24860,7 @@ static int parseModifier(
       }
 #ifndef SQLITE_OMIT_LOCALTIME
       else if( sqlite3_stricmp(z, "utc")==0 && sqlite3NotPureFunc(pCtx) ){
-        if( p->isUtc==0 ){
+        if( p->tzSet==0 ){
           i64 iOrigJD;              /* Original localtime */
           i64 iGuess;               /* Guess at the corresponding utc time */
           int cnt = 0;              /* Safety to prevent infinite loop */
@@ -25071,8 +24883,7 @@ static int parseModifier(
           memset(p, 0, sizeof(*p));
           p->iJD = iGuess;
           p->validJD = 1;
-          p->isUtc = 1;
-          p->isLocal = 0;
+          p->tzSet = 1;
         }
         rc = SQLITE_OK;
       }
@@ -25092,7 +24903,7 @@ static int parseModifier(
                && r>=0.0 && r<7.0 && (n=(int)r)==r ){
         sqlite3_int64 Z;
         computeYMD_HMS(p);
-        p->tz = 0;
+        p->validTZ = 0;
         p->validJD = 0;
         computeJD(p);
         Z = ((p->iJD + 129600000)/86400000) % 7;
@@ -25132,7 +24943,7 @@ static int parseModifier(
       p->h = p->m = 0;
       p->s = 0.0;
       p->rawS = 0;
-      p->tz = 0;
+      p->validTZ = 0;
       p->validJD = 0;
       if( sqlite3_stricmp(z,"month")==0 ){
         p->D = 1;
@@ -25203,7 +25014,6 @@ static int parseModifier(
         x = p->M>0 ? (p->M-1)/12 : (p->M-12)/12;
         p->Y += x;
         p->M -= x*12;
-        computeFloor(p);
         computeJD(p);
         p->validHMS = 0;
         p->validYMD = 0;
@@ -25250,12 +25060,11 @@ static int parseModifier(
       z += n;
       while( sqlite3Isspace(*z) ) z++;
       n = sqlite3Strlen30(z);
-      if( n<3 || n>10 ) break;
+      if( n>10 || n<3 ) break;
       if( sqlite3UpperToLower[(u8)z[n-1]]=='s' ) n--;
       computeJD(p);
       assert( rc==1 );
       rRounder = r<0 ? -0.5 : +0.5;
-      p->nFloor = 0;
       for(i=0; iM += (int)r;
               x = p->M>0 ? (p->M-1)/12 : (p->M-12)/12;
               p->Y += x;
               p->M -= x*12;
-              computeFloor(p);
               p->validJD = 0;
               r -= (int)r;
               break;
             }
             case 5: { /* Special processing to add years */
               int y = (int)r;
-              assert( strcmp(aXformType[5].zName,"year")==0 );
+              assert( strcmp(aXformType[i].zName,"year")==0 );
               computeYMD_HMS(p);
-              assert( p->M>=0 && p->M<=12 );
               p->Y += y;
-              computeFloor(p);
               p->validJD = 0;
               r -= (int)r;
               break;
@@ -25534,83 +25340,22 @@ static void dateFunc(
   }
 }
 
-/*
-** Compute the number of days after the most recent January 1.
-**
-** In other words, compute the zero-based day number for the
-** current year:
-**
-**   Jan01 = 0,  Jan02 = 1, ..., Jan31 = 30, Feb01 = 31, ...
-**   Dec31 = 364 or 365.
-*/
-static int daysAfterJan01(DateTime *pDate){
-  DateTime jan01 = *pDate;
-  assert( jan01.validYMD );
-  assert( jan01.validHMS );
-  assert( pDate->validJD );
-  jan01.validJD = 0;
-  jan01.M = 1;
-  jan01.D = 1;
-  computeJD(&jan01);
-  return (int)((pDate->iJD-jan01.iJD+43200000)/86400000);
-}
-
-/*
-** Return the number of days after the most recent Monday.
-**
-** In other words, return the day of the week according
-** to this code:
-**
-**   0=Monday, 1=Tuesday, 2=Wednesday, ..., 6=Sunday.
-*/
-static int daysAfterMonday(DateTime *pDate){
-  assert( pDate->validJD );
-  return (int)((pDate->iJD+43200000)/86400000) % 7;
-}
-
-/*
-** Return the number of days after the most recent Sunday.
-**
-** In other words, return the day of the week according
-** to this code:
-**
-**   0=Sunday, 1=Monday, 2=Tues, ..., 6=Saturday
-*/
-static int daysAfterSunday(DateTime *pDate){
-  assert( pDate->validJD );
-  return (int)((pDate->iJD+129600000)/86400000) % 7;
-}
-
 /*
 **    strftime( FORMAT, TIMESTRING, MOD, MOD, ...)
 **
 ** Return a string described by FORMAT.  Conversions as follows:
 **
-**   %d  day of month  01-31
-**   %e  day of month  1-31
+**   %d  day of month
 **   %f  ** fractional seconds  SS.SSS
-**   %F  ISO date.  YYYY-MM-DD
-**   %G  ISO year corresponding to %V 0000-9999.
-**   %g  2-digit ISO year corresponding to %V 00-99
 **   %H  hour 00-24
-**   %k  hour  0-24  (leading zero converted to space)
-**   %I  hour 01-12
-**   %j  day of year 001-366
+**   %j  day of year 000-366
 **   %J  ** julian day number
-**   %l  hour  1-12  (leading zero converted to space)
 **   %m  month 01-12
 **   %M  minute 00-59
-**   %p  "am" or "pm"
-**   %P  "AM" or "PM"
-**   %R  time as HH:MM
 **   %s  seconds since 1970-01-01
 **   %S  seconds 00-59
-**   %T  time as HH:MM:SS
-**   %u  day of week 1-7  Monday==1, Sunday==7
-**   %w  day of week 0-6  Sunday==0, Monday==1
-**   %U  week of year 00-53  (First Sunday is start of week 01)
-**   %V  week of year 01-53  (First week containing Thursday is week 01)
-**   %W  week of year 00-53  (First Monday is start of week 01)
+**   %w  day of week 0-6  Sunday==0
+**   %W  week of year 00-53
 **   %Y  year 0000-9999
 **   %%  %
 */
@@ -25647,7 +25392,7 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes, cf=='d' ? "%02d" : "%2d", x.D);
         break;
       }
-      case 'f': {  /* Fractional seconds.  (Non-standard) */
+      case 'f': {
         double s = x.s;
         if( s>59.999 ) s = 59.999;
         sqlite3_str_appendf(&sRes, "%06.3f", s);
@@ -25657,21 +25402,6 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes, "%04d-%02d-%02d", x.Y, x.M, x.D);
         break;
       }
-      case 'G': /* Fall thru */
-      case 'g': {
-        DateTime y = x;
-        assert( y.validJD );
-        /* Move y so that it is the Thursday in the same week as x */
-        y.iJD += (3 - daysAfterMonday(&x))*86400000;
-        y.validYMD = 0;
-        computeYMD(&y);
-        if( cf=='g' ){
-          sqlite3_str_appendf(&sRes, "%02d", y.Y%100);
-        }else{
-          sqlite3_str_appendf(&sRes, "%04d", y.Y);
-        }
-        break;
-      }
       case 'H':
       case 'k': {
         sqlite3_str_appendf(&sRes, cf=='H' ? "%02d" : "%2d", x.h);
@@ -25685,11 +25415,25 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes, cf=='I' ? "%02d" : "%2d", h);
         break;
       }
-      case 'j': {  /* Day of year.  Jan01==1, Jan02==2, and so forth */
-        sqlite3_str_appendf(&sRes,"%03d",daysAfterJan01(&x)+1);
+      case 'W': /* Fall thru */
+      case 'j': {
+        int nDay;             /* Number of days since 1st day of year */
+        DateTime y = x;
+        y.validJD = 0;
+        y.M = 1;
+        y.D = 1;
+        computeJD(&y);
+        nDay = (int)((x.iJD-y.iJD+43200000)/86400000);
+        if( cf=='W' ){
+          int wd;   /* 0=Monday, 1=Tuesday, ... 6=Sunday */
+          wd = (int)(((x.iJD+43200000)/86400000)%7);
+          sqlite3_str_appendf(&sRes,"%02d",(nDay+7-wd)/7);
+        }else{
+          sqlite3_str_appendf(&sRes,"%03d",nDay+1);
+        }
         break;
       }
-      case 'J': {  /* Julian day number.  (Non-standard) */
+      case 'J': {
         sqlite3_str_appendf(&sRes,"%.16g",x.iJD/86400000.0);
         break;
       }
@@ -25732,33 +25476,13 @@ static void strftimeFunc(
         sqlite3_str_appendf(&sRes,"%02d:%02d:%02d", x.h, x.m, (int)x.s);
         break;
       }
-      case 'u':    /* Day of week.  1 to 7.  Monday==1, Sunday==7 */
-      case 'w': {  /* Day of week.  0 to 6.  Sunday==0, Monday==1 */
-        char c = (char)daysAfterSunday(&x) + '0';
+      case 'u': /* Fall thru */
+      case 'w': {
+        char c = (char)(((x.iJD+129600000)/86400000) % 7) + '0';
         if( c=='0' && cf=='u' ) c = '7';
         sqlite3_str_appendchar(&sRes, 1, c);
         break;
       }
-      case 'U': {  /* Week num. 00-53. First Sun of the year is week 01 */
-        sqlite3_str_appendf(&sRes,"%02d",
-              (daysAfterJan01(&x)-daysAfterSunday(&x)+7)/7);
-        break;
-      }
-      case 'V': {  /* Week num. 01-53. First week with a Thur is week 01 */
-        DateTime y = x;
-        /* Adjust y so that is the Thursday in the same week as x */
-        assert( y.validJD );
-        y.iJD += (3 - daysAfterMonday(&x))*86400000;
-        y.validYMD = 0;
-        computeYMD(&y);
-        sqlite3_str_appendf(&sRes,"%02d", daysAfterJan01(&y)/7+1);
-        break;
-      }
-      case 'W': {  /* Week num. 00-53. First Mon of the year is week 01 */
-        sqlite3_str_appendf(&sRes,"%02d",
-           (daysAfterJan01(&x)-daysAfterMonday(&x)+7)/7);
-        break;
-      }
       case 'Y': {
         sqlite3_str_appendf(&sRes,"%04d",x.Y);
         break;
@@ -25905,7 +25629,9 @@ static void timediffFunc(
     d1.iJD = d2.iJD - d1.iJD;
     d1.iJD += (u64)1486995408 * (u64)100000;
   }
-  clearYMD_HMS_TZ(&d1);
+  d1.validYMD = 0;
+  d1.validHMS = 0;
+  d1.validTZ = 0;
   computeYMD_HMS(&d1);
   sqlite3StrAccumInit(&sRes, 0, 0, 0, 100);
   sqlite3_str_appendf(&sRes, "%c%04d-%02d-%02d %02d:%02d:%06.3f",
@@ -25974,36 +25700,6 @@ static void currentTimeFunc(
 }
 #endif
 
-#if !defined(SQLITE_OMIT_DATETIME_FUNCS) && defined(SQLITE_DEBUG)
-/*
-**   datedebug(...)
-**
-** This routine returns JSON that describes the internal DateTime object.
-** Used for debugging and testing only.  Subject to change.
-*/
-static void datedebugFunc(
-  sqlite3_context *context,
-  int argc,
-  sqlite3_value **argv
-){
-  DateTime x;
-  if( isDate(context, argc, argv, &x)==0 ){
-    char *zJson;
-    zJson = sqlite3_mprintf(
-      "{iJD:%lld,Y:%d,M:%d,D:%d,h:%d,m:%d,tz:%d,"
-      "s:%.3f,validJD:%d,validYMS:%d,validHMS:%d,"
-      "nFloor:%d,rawS:%d,isError:%d,useSubsec:%d,"
-      "isUtc:%d,isLocal:%d}",
-      x.iJD, x.Y, x.M, x.D, x.h, x.m, x.tz,
-      x.s, x.validJD, x.validYMD, x.validHMS,
-      x.nFloor, x.rawS, x.isError, x.useSubsec,
-      x.isUtc, x.isLocal);
-    sqlite3_result_text(context, zJson, -1, sqlite3_free);
-  }
-}
-#endif /* !SQLITE_OMIT_DATETIME_FUNCS && SQLITE_DEBUG */
-
-
 /*
 ** This function registered all of the above C functions as SQL
 ** functions.  This should be the only routine in this file with
@@ -26019,9 +25715,6 @@ SQLITE_PRIVATE void sqlite3RegisterDateTimeFunctions(void){
     PURE_DATE(datetime,         -1, 0, 0, datetimeFunc  ),
     PURE_DATE(strftime,         -1, 0, 0, strftimeFunc  ),
     PURE_DATE(timediff,          2, 0, 0, timediffFunc  ),
-#ifdef SQLITE_DEBUG
-    PURE_DATE(datedebug,        -1, 0, 0, datedebugFunc ),
-#endif
     DFUNCTION(current_time,      0, 0, 0, ctimeFunc     ),
     DFUNCTION(current_timestamp, 0, 0, 0, ctimestampFunc),
     DFUNCTION(current_date,      0, 0, 0, cdateFunc     ),
@@ -30437,24 +30130,6 @@ static void sqlite3MallocAlarm(int nByte){
   sqlite3_mutex_enter(mem0.mutex);
 }
 
-#ifdef SQLITE_DEBUG
-/*
-** This routine is called whenever an out-of-memory condition is seen,
-** It's only purpose to to serve as a breakpoint for gdb or similar
-** code debuggers when working on out-of-memory conditions, for example
-** caused by PRAGMA hard_heap_limit=N.
-*/
-static SQLITE_NOINLINE void test_oom_breakpoint(u64 n){
-  static u64 nOomFault = 0;
-  nOomFault += n;
-  /* The assert() is never reached in a human lifetime.  It  is here mostly
-  ** to prevent code optimizers from optimizing out this function. */
-  assert( (nOomFault>>32) < 0xffffffff );
-}
-#else
-# define test_oom_breakpoint(X)   /* No-op for production builds */
-#endif
-
 /*
 ** Do a memory allocation with statistics and alarms.  Assume the
 ** lock is already held.
@@ -30481,7 +30156,6 @@ static void mallocWithAlarm(int n, void **pp){
       if( mem0.hardLimit ){
         nUsed = sqlite3StatusValue(SQLITE_STATUS_MEMORY_USED);
         if( nUsed >= mem0.hardLimit - nFull ){
-          test_oom_breakpoint(1);
           *pp = 0;
           return;
         }
@@ -30770,7 +30444,6 @@ SQLITE_PRIVATE void *sqlite3Realloc(void *pOld, u64 nBytes){
       sqlite3MallocAlarm(nDiff);
       if( mem0.hardLimit>0 && nUsed >= mem0.hardLimit - nDiff ){
         sqlite3_mutex_leave(mem0.mutex);
-        test_oom_breakpoint(1);
         return 0;
       }
     }
@@ -31637,7 +31310,6 @@ SQLITE_API void sqlite3_str_vappendf(
         if( xtype==etFLOAT ){
           iRound = -precision;
         }else if( xtype==etGENERIC ){
-          if( precision==0 ) precision = 1;
           iRound = precision;
         }else{
           iRound = precision+1;
@@ -31673,14 +31345,13 @@ SQLITE_API void sqlite3_str_vappendf(
         }
 
         exp = s.iDP-1;
+        if( xtype==etGENERIC && precision>0 ) precision--;
 
         /*
         ** If the field type is etGENERIC, then convert to either etEXP
         ** or etFLOAT, as appropriate.
         */
         if( xtype==etGENERIC ){
-          assert( precision>0 );
-          precision--;
           flag_rtz = !flag_alternateform;
           if( exp<-4 || exp>precision ){
             xtype = etEXP;
@@ -31996,13 +31667,9 @@ SQLITE_API void sqlite3_str_vappendf(
           sqlite3_str_appendall(pAccum, pItem->zAlias);
         }else{
           Select *pSel = pItem->pSelect;
-          assert( pSel!=0 ); /* Because of tag-20240424-1 */
+          assert( pSel!=0 );
           if( pSel->selFlags & SF_NestedFrom ){
             sqlite3_str_appendf(pAccum, "(join-%u)", pSel->selId);
-          }else if( pSel->selFlags & SF_MultiValue ){
-            assert( !pItem->fg.isTabFunc && !pItem->fg.isIndexedBy );
-            sqlite3_str_appendf(pAccum, "%u-ROW VALUES CLAUSE",
-                                pItem->u1.nRow);
           }else{
             sqlite3_str_appendf(pAccum, "(subquery-%u)", pSel->selId);
           }
@@ -32779,10 +32446,8 @@ SQLITE_PRIVATE void sqlite3TreeViewSrcList(TreeView *pView, const SrcList *pSrc)
     x.printfFlags |= SQLITE_PRINTF_INTERNAL;
     sqlite3_str_appendf(&x, "{%d:*} %!S", pItem->iCursor, pItem);
     if( pItem->pTab ){
-      sqlite3_str_appendf(&x, " tab=%Q nCol=%d ptr=%p used=%llx%s",
-           pItem->pTab->zName, pItem->pTab->nCol, pItem->pTab,
-           pItem->colUsed,
-           pItem->fg.rowidUsed ? "+rowid" : "");
+      sqlite3_str_appendf(&x, " tab=%Q nCol=%d ptr=%p used=%llx",
+           pItem->pTab->zName, pItem->pTab->nCol, pItem->pTab, pItem->colUsed);
     }
     if( (pItem->fg.jointype & (JT_LEFT|JT_RIGHT))==(JT_LEFT|JT_RIGHT) ){
       sqlite3_str_appendf(&x, " FULL-OUTER-JOIN");
@@ -32822,14 +32487,12 @@ SQLITE_PRIVATE void sqlite3TreeViewSrcList(TreeView *pView, const SrcList *pSrc)
       sqlite3TreeViewIdList(pView, pItem->u3.pUsing, (--n)>0, "USING");
     }
     if( pItem->pSelect ){
-      sqlite3TreeViewPush(&pView, i+1nSrc);
       if( pItem->pTab ){
         Table *pTab = pItem->pTab;
         sqlite3TreeViewColumnList(pView, pTab->aCol, pTab->nCol, 1);
       }
       assert( (int)pItem->fg.isNestedFrom == IsNestedFrom(pItem->pSelect) );
       sqlite3TreeViewSelect(pView, pItem->pSelect, (--n)>0);
-      sqlite3TreeViewPop(&pView);
     }
     if( pItem->fg.isTabFunc ){
       sqlite3TreeViewExprList(pView, pItem->u1.pFuncArg, 0, "func-args:");
@@ -32933,7 +32596,7 @@ SQLITE_PRIVATE void sqlite3TreeViewSelect(TreeView *pView, const Select *p, u8 m
       sqlite3TreeViewItem(pView, "LIMIT", (n--)>0);
       sqlite3TreeViewExpr(pView, p->pLimit->pLeft, p->pLimit->pRight!=0);
       if( p->pLimit->pRight ){
-        sqlite3TreeViewItem(pView, "OFFSET", 0);
+        sqlite3TreeViewItem(pView, "OFFSET", (n--)>0);
         sqlite3TreeViewExpr(pView, p->pLimit->pRight, 0);
         sqlite3TreeViewPop(&pView);
       }
@@ -34978,19 +34641,6 @@ SQLITE_PRIVATE int sqlite3IsNaN(double x){
 }
 #endif /* SQLITE_OMIT_FLOATING_POINT */
 
-#ifndef SQLITE_OMIT_FLOATING_POINT
-/*
-** Return true if the floating point value is NaN or +Inf or -Inf.
-*/
-SQLITE_PRIVATE int sqlite3IsOverflow(double x){
-  int rc;   /* The value return */
-  u64 y;
-  memcpy(&y,&x,sizeof(y));
-  rc = IsOvfl(y);
-  return rc;
-}
-#endif /* SQLITE_OMIT_FLOATING_POINT */
-
 /*
 ** Compute a string length that is limited to what can be stored in
 ** lower 30 bits of a 32-bit signed integer.
@@ -35234,44 +34884,6 @@ SQLITE_PRIVATE void sqlite3DequoteExpr(Expr *p){
   sqlite3Dequote(p->u.zToken);
 }
 
-/*
-** Expression p is a QNUMBER (quoted number). Dequote the value in p->u.zToken
-** and set the type to INTEGER or FLOAT. "Quoted" integers or floats are those
-** that contain '_' characters that must be removed before further processing.
-*/
-SQLITE_PRIVATE void sqlite3DequoteNumber(Parse *pParse, Expr *p){
-  assert( p!=0 || pParse->db->mallocFailed );
-  if( p ){
-    const char *pIn = p->u.zToken;
-    char *pOut = p->u.zToken;
-    int bHex = (pIn[0]=='0' && (pIn[1]=='x' || pIn[1]=='X'));
-    int iValue;
-    assert( p->op==TK_QNUMBER );
-    p->op = TK_INTEGER;
-    do {
-      if( *pIn!=SQLITE_DIGIT_SEPARATOR ){
-        *pOut++ = *pIn;
-        if( *pIn=='e' || *pIn=='E' || *pIn=='.' ) p->op = TK_FLOAT;
-      }else{
-        if( (bHex==0 && (!sqlite3Isdigit(pIn[-1]) || !sqlite3Isdigit(pIn[1])))
-         || (bHex==1 && (!sqlite3Isxdigit(pIn[-1]) || !sqlite3Isxdigit(pIn[1])))
-        ){
-          sqlite3ErrorMsg(pParse, "unrecognized token: \"%s\"", p->u.zToken);
-        }
-      }
-    }while( *pIn++ );
-    if( bHex ) p->op = TK_INTEGER;
-
-    /* tag-20240227-a: If after dequoting, the number is an integer that
-    ** fits in 32 bits, then it must be converted into EP_IntValue.  Other
-    ** parts of the code expect this.  See also tag-20240227-b. */
-    if( p->op==TK_INTEGER && sqlite3GetInt32(p->u.zToken, &iValue) ){
-      p->u.iValue = iValue;
-      p->flags |= EP_IntValue;
-    }
-  }
-}
-
 /*
 ** If the input token p is quoted, try to adjust the token to remove
 ** the quotes.  This is not always possible:
@@ -35588,9 +35200,6 @@ SQLITE_PRIVATE int sqlite3AtoF(const char *z, double *pResult, int length, u8 en
     u64 s2;
     rr[0] = (double)s;
     s2 = (u64)rr[0];
-#if defined(_MSC_VER) && _MSC_VER<1700
-    if( s2==0x8000000000000000LL ){ s2 = 2*(u64)(0.5*rr[0]); }
-#endif
     rr[1] = s>=s2 ? (double)(s - s2) : -(double)(s2 - s);
     if( e>0 ){
       while( e>=100  ){
@@ -36033,7 +35642,7 @@ SQLITE_PRIVATE void sqlite3FpDecode(FpDecode *p, double r, int iRound, int mxRou
   assert( p->n>0 );
   assert( p->nzBuf) );
   p->iDP = p->n + exp;
-  if( iRound<=0 ){
+  if( iRound<0 ){
     iRound = p->iDP - iRound;
     if( iRound==0 && p->zBuf[i+1]>='5' ){
       iRound = 1;
@@ -37211,7 +36820,7 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
     /*  30 */ "SeekRowid"        OpHelp("intkey=r[P3]"),
     /*  31 */ "NotExists"        OpHelp("intkey=r[P3]"),
     /*  32 */ "Last"             OpHelp(""),
-    /*  33 */ "IfSizeBetween"    OpHelp(""),
+    /*  33 */ "IfSmaller"        OpHelp(""),
     /*  34 */ "SorterSort"       OpHelp(""),
     /*  35 */ "Sort"             OpHelp(""),
     /*  36 */ "Rewind"           OpHelp(""),
@@ -37256,7 +36865,7 @@ SQLITE_PRIVATE const char *sqlite3OpcodeName(int i){
     /*  75 */ "Null"             OpHelp("r[P2..P3]=NULL"),
     /*  76 */ "SoftNull"         OpHelp("r[P1]=NULL"),
     /*  77 */ "Blob"             OpHelp("r[P2]=P4 (len=P1)"),
-    /*  78 */ "Variable"         OpHelp("r[P2]=parameter(P1)"),
+    /*  78 */ "Variable"         OpHelp("r[P2]=parameter(P1,P4)"),
     /*  79 */ "Move"             OpHelp("r[P2@P3]=r[P1@P3]"),
     /*  80 */ "Copy"             OpHelp("r[P2@P3+1]=r[P1@P3+1]"),
     /*  81 */ "SCopy"            OpHelp("r[P2]=r[P1]"),
@@ -39654,12 +39263,8 @@ static int unixLogErrorAtLine(
   ** available, the error message will often be an empty string. Not a
   ** huge problem. Incorrectly concluding that the GNU version is available
   ** could lead to a segfault though.
-  **
-  ** Forum post 3f13857fa4062301 reports that the Android SDK may use
-  ** int-type return, depending on its version.
   */
-#if (defined(STRERROR_R_CHAR_P) || defined(__USE_GNU)) \
-  && !defined(ANDROID) && !defined(__ANDROID__)
+#if defined(STRERROR_R_CHAR_P) || defined(__USE_GNU)
   zErr =
 # endif
   strerror_r(iErrno, aErr, sizeof(aErr)-1);
@@ -44757,19 +44362,12 @@ static int unixOpen(
         rc = SQLITE_READONLY_DIRECTORY;
       }else if( errno!=EISDIR && isReadWrite ){
         /* Failed to open the file for read/write access. Try read-only. */
-        UnixUnusedFd *pReadonly = 0;
         flags &= ~(SQLITE_OPEN_READWRITE|SQLITE_OPEN_CREATE);
         openFlags &= ~(O_RDWR|O_CREAT);
         flags |= SQLITE_OPEN_READONLY;
         openFlags |= O_RDONLY;
         isReadonly = 1;
-        pReadonly = findReusableFd(zName, flags);
-        if( pReadonly ){
-          fd = pReadonly->fd;
-          sqlite3_free(pReadonly);
-        }else{
-          fd = robust_open(zName, openFlags, openMode);
-        }
+        fd = robust_open(zName, openFlags, openMode);
       }
     }
     if( fd<0 ){
@@ -53665,14 +53263,6 @@ SQLITE_API unsigned char *sqlite3_serialize(
     pOut = 0;
   }else{
     sz = sqlite3_column_int64(pStmt, 0)*szPage;
-    if( sz==0 ){
-      sqlite3_reset(pStmt);
-      sqlite3_exec(db, "BEGIN IMMEDIATE; COMMIT;", 0, 0, 0);
-      rc = sqlite3_step(pStmt);
-      if( rc==SQLITE_ROW ){
-        sz = sqlite3_column_int64(pStmt, 0)*szPage;
-      }
-    }
     if( piSize ) *piSize = sz;
     if( mFlags & SQLITE_SERIALIZE_NOCOPY ){
       pOut = 0;
@@ -64196,7 +63786,7 @@ SQLITE_PRIVATE sqlite3_file *sqlite3PagerFile(Pager *pPager){
 ** This will be either the rollback journal or the WAL file.
 */
 SQLITE_PRIVATE sqlite3_file *sqlite3PagerJrnlFile(Pager *pPager){
-#ifdef SQLITE_OMIT_WAL
+#if SQLITE_OMIT_WAL
   return pPager->jfd;
 #else
   return pPager->pWal ? sqlite3WalFile(pPager->pWal) : pPager->jfd;
@@ -70220,7 +69810,6 @@ struct IntegrityCk {
   StrAccum errMsg;  /* Accumulate the error message text here */
   u32 *heap;        /* Min-heap used for analyzing cell coverage */
   sqlite3 *db;      /* Database connection running the check */
-  i64 nRow;         /* Number of rows visited in current tree */
 };
 
 /*
@@ -70695,47 +70284,8 @@ int corruptPageError(int lineno, MemPage *p){
 # define SQLITE_CORRUPT_PAGE(pMemPage) SQLITE_CORRUPT_PGNO(pMemPage->pgno)
 #endif
 
-/* Default value for SHARED_LOCK_TRACE macro if shared-cache is disabled
-** or if the lock tracking is disabled.  This is always the value for
-** release builds.
-*/
-#define SHARED_LOCK_TRACE(X,MSG,TAB,TYPE)  /*no-op*/
-
 #ifndef SQLITE_OMIT_SHARED_CACHE
 
-#if 0
-/*  ^----  Change to 1 and recompile to enable shared-lock tracing
-**         for debugging purposes.
-**
-** Print all shared-cache locks on a BtShared.  Debugging use only.
-*/
-static void sharedLockTrace(
-  BtShared *pBt,
-  const char *zMsg,
-  int iRoot,
-  int eLockType
-){
-  BtLock *pLock;
-  if( iRoot>0 ){
-    printf("%s-%p %u%s:", zMsg, pBt, iRoot, eLockType==READ_LOCK?"R":"W");
-  }else{
-    printf("%s-%p:", zMsg, pBt);
-  }
-  for(pLock=pBt->pLock; pLock; pLock=pLock->pNext){
-    printf(" %p/%u%s", pLock->pBtree, pLock->iTable,
-           pLock->eLock==READ_LOCK ? "R" : "W");
-    while( pLock->pNext && pLock->pBtree==pLock->pNext->pBtree ){
-      pLock = pLock->pNext;
-      printf(",%u%s", pLock->iTable, pLock->eLock==READ_LOCK ? "R" : "W");
-    }
-  }
-  printf("\n");
-  fflush(stdout);
-}
-#undef SHARED_LOCK_TRACE
-#define SHARED_LOCK_TRACE(X,MSG,TAB,TYPE)  sharedLockTrace(X,MSG,TAB,TYPE)
-#endif /* Shared-lock tracing */
-
 #ifdef SQLITE_DEBUG
 /*
 **** This function is only used as part of an assert() statement. ***
@@ -70812,8 +70362,6 @@ static int hasSharedCacheTableLock(
     iTab = iRoot;
   }
 
-  SHARED_LOCK_TRACE(pBtree->pBt,"hasLock",iRoot,eLockType);
-
   /* Search for the required lock. Either a write-lock on root-page iTab, a
   ** write-lock on the schema table, or (if the client is reading) a
   ** read-lock on iTab will suffice. Return 1 if any of these are found.  */
@@ -70947,8 +70495,6 @@ static int setSharedCacheTableLock(Btree *p, Pgno iTable, u8 eLock){
   BtLock *pLock = 0;
   BtLock *pIter;
 
-  SHARED_LOCK_TRACE(pBt,"setLock", iTable, eLock);
-
   assert( sqlite3BtreeHoldsMutex(p) );
   assert( eLock==READ_LOCK || eLock==WRITE_LOCK );
   assert( p->db!=0 );
@@ -71016,8 +70562,6 @@ static void clearAllSharedCacheTableLocks(Btree *p){
   assert( p->sharable || 0==*ppIter );
   assert( p->inTrans>0 );
 
-  SHARED_LOCK_TRACE(pBt, "clearAllLocks", 0, 0);
-
   while( *ppIter ){
     BtLock *pLock = *ppIter;
     assert( (pBt->btsFlags & BTS_EXCLUSIVE)==0 || pBt->pWriter==pLock->pBtree );
@@ -71056,9 +70600,6 @@ static void clearAllSharedCacheTableLocks(Btree *p){
 */
 static void downgradeAllSharedCacheTableLocks(Btree *p){
   BtShared *pBt = p->pBt;
-
-  SHARED_LOCK_TRACE(pBt, "downgradeLocks", 0, 0);
-
   if( pBt->pWriter==p ){
     BtLock *pLock;
     pBt->pWriter = 0;
@@ -75672,12 +75213,9 @@ static int accessPayload(
       if( pCur->aOverflow==0
        || nOvfl*(int)sizeof(Pgno) > sqlite3MallocSize(pCur->aOverflow)
       ){
-        Pgno *aNew;
-        if( sqlite3FaultSim(413) ){
-          aNew = 0;
-        }else{
-          aNew = (Pgno*)sqlite3Realloc(pCur->aOverflow, nOvfl*2*sizeof(Pgno));
-        }
+        Pgno *aNew = (Pgno*)sqlite3Realloc(
+            pCur->aOverflow, nOvfl*2*sizeof(Pgno)
+        );
         if( aNew==0 ){
           return SQLITE_NOMEM_BKPT;
         }else{
@@ -75687,12 +75225,6 @@ static int accessPayload(
       memset(pCur->aOverflow, 0, nOvfl*sizeof(Pgno));
       pCur->curFlags |= BTCF_ValidOvfl;
     }else{
-      /* Sanity check the validity of the overflow page cache */
-      assert( pCur->aOverflow[0]==nextPage
-           || pCur->aOverflow[0]==0
-           || CORRUPT_DB );
-      assert( pCur->aOverflow[0]!=0 || pCur->aOverflow[offset/ovflSize]==0 );
-
       /* If the overflow page-list cache has been allocated and the
       ** entry for the first required overflow page is valid, skip
       ** directly to it.
@@ -76174,23 +75706,6 @@ SQLITE_PRIVATE int sqlite3BtreeFirst(BtCursor *pCur, int *pRes){
   return rc;
 }
 
-#ifdef SQLITE_DEBUG
-/* The cursors is CURSOR_VALID and has BTCF_AtLast set.  Verify that
-** this flags are true for a consistent database.
-**
-** This routine is is called from within assert() statements only.
-** It is an internal verification routine and does not appear in production
-** builds.
-*/
-static int cursorIsAtLastEntry(BtCursor *pCur){
-  int ii;
-  for(ii=0; iiiPage; ii++){
-    if( pCur->aiIdx[ii]!=pCur->apPage[ii]->nCell ) return 0;
-  }
-  return pCur->ix==pCur->pPage->nCell-1 && pCur->pPage->leaf!=0;
-}
-#endif
-
 /* Move the cursor to the last entry in the table.  Return SQLITE_OK
 ** on success.  Set *pRes to 0 if the cursor actually points to something
 ** or set *pRes to 1 if the table is empty.
@@ -76219,7 +75734,18 @@ SQLITE_PRIVATE int sqlite3BtreeLast(BtCursor *pCur, int *pRes){
 
   /* If the cursor already points to the last entry, this is a no-op. */
   if( CURSOR_VALID==pCur->eState && (pCur->curFlags & BTCF_AtLast)!=0 ){
-    assert( cursorIsAtLastEntry(pCur) || CORRUPT_DB );
+#ifdef SQLITE_DEBUG
+    /* This block serves to assert() that the cursor really does point
+    ** to the last entry in the b-tree. */
+    int ii;
+    for(ii=0; iiiPage; ii++){
+      assert( pCur->aiIdx[ii]==pCur->apPage[ii]->nCell );
+    }
+    assert( pCur->ix==pCur->pPage->nCell-1 || CORRUPT_DB );
+    testcase( pCur->ix!=pCur->pPage->nCell-1 );
+    /* ^-- dbsqlfuzz b92b72e4de80b5140c30ab71372ca719b8feb618 */
+    assert( pCur->pPage->leaf );
+#endif
     *pRes = 0;
     return SQLITE_OK;
   }
@@ -76272,7 +75798,6 @@ SQLITE_PRIVATE int sqlite3BtreeTableMoveto(
     }
     if( pCur->info.nKeycurFlags & BTCF_AtLast)!=0 ){
-        assert( cursorIsAtLastEntry(pCur) || CORRUPT_DB );
         *pRes = -1;
         return SQLITE_OK;
       }
@@ -76739,10 +76264,10 @@ SQLITE_PRIVATE i64 sqlite3BtreeRowCountEst(BtCursor *pCur){
   assert( cursorOwnsBtShared(pCur) );
   assert( sqlite3_mutex_held(pCur->pBtree->db->mutex) );
 
-  /* Currently this interface is only called by the OP_IfSizeBetween
-  ** opcode and the OP_Count opcode with P3=1.  In either case,
-  ** the cursor will always be valid unless the btree is empty. */
-  if( pCur->eState!=CURSOR_VALID ) return 0;
+  /* Currently this interface is only called by the OP_IfSmaller
+  ** opcode, and it that case the cursor will always be valid and
+  ** will always point to a leaf node. */
+  if( NEVER(pCur->eState!=CURSOR_VALID) ) return -1;
   if( NEVER(pCur->pPage->leaf==0) ) return -1;
 
   n = pCur->pPage->nCell;
@@ -77564,10 +77089,7 @@ static int fillInCell(
     n = nHeader + nPayload;
     testcase( n==3 );
     testcase( n==4 );
-    if( n<4 ){
-      n = 4;
-      pPayload[nPayload] = 0;
-    }
+    if( n<4 ) n = 4;
     *pnSize = n;
     assert( nSrc<=nPayload );
     testcase( nSrcaData[0]!=apOld[0]->aData[0] ){
-      rc = SQLITE_CORRUPT_PAGE(pOld);
+      rc = SQLITE_CORRUPT_BKPT;
       goto balance_cleanup;
     }
 
@@ -78897,7 +78419,7 @@ static int balance_nonroot(
     memset(&b.szCell[b.nCell], 0, sizeof(b.szCell[0])*(limit+pOld->nOverflow));
     if( pOld->nOverflow>0 ){
       if( NEVER(limitaiOvfl[0]) ){
-        rc = SQLITE_CORRUPT_PAGE(pOld);
+        rc = SQLITE_CORRUPT_BKPT;
         goto balance_cleanup;
       }
       limit = pOld->aiOvfl[0];
@@ -79540,7 +79062,7 @@ static int anotherValidCursor(BtCursor *pCur){
      && pOther->eState==CURSOR_VALID
      && pOther->pPage==pCur->pPage
     ){
-      return SQLITE_CORRUPT_PAGE(pCur->pPage);
+      return SQLITE_CORRUPT_BKPT;
     }
   }
   return SQLITE_OK;
@@ -79600,7 +79122,7 @@ static int balance(BtCursor *pCur){
       /* The page being written is not a root page, and there is currently
       ** more than one reference to it. This only happens if the page is one
       ** of its own ancestor pages. Corruption. */
-      rc = SQLITE_CORRUPT_PAGE(pPage);
+      rc = SQLITE_CORRUPT_BKPT;
     }else{
       MemPage * const pParent = pCur->apPage[iPage-1];
       int const iIdx = pCur->aiIdx[iPage-1];
@@ -79764,7 +79286,7 @@ static SQLITE_NOINLINE int btreeOverwriteOverflowCell(
     rc = btreeGetPage(pBt, ovflPgno, &pPage, 0);
     if( rc ) return rc;
     if( sqlite3PagerPageRefcount(pPage->pDbPage)!=1 || pPage->isInit ){
-      rc = SQLITE_CORRUPT_PAGE(pPage);
+      rc = SQLITE_CORRUPT_BKPT;
     }else{
       if( iOffset+ovflPageSize<(u32)nTotal ){
         ovflPgno = get4byte(pPage->aData);
@@ -79792,7 +79314,7 @@ static int btreeOverwriteCell(BtCursor *pCur, const BtreePayload *pX){
   if( pCur->info.pPayload + pCur->info.nLocal > pPage->aDataEnd
    || pCur->info.pPayload < pPage->aData + pPage->cellOffset
   ){
-    return SQLITE_CORRUPT_PAGE(pPage);
+    return SQLITE_CORRUPT_BKPT;
   }
   if( pCur->info.nLocal==nTotal ){
     /* The entire cell is local */
@@ -79873,7 +79395,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
       ** Which can only happen if the SQLITE_NoSchemaError flag was set when
       ** the schema was loaded. This cannot be asserted though, as a user might
       ** set the flag, load the schema, and then unset the flag.  */
-      return SQLITE_CORRUPT_PGNO(pCur->pgnoRoot);
+      return SQLITE_CORRUPT_BKPT;
     }
   }
 
@@ -79996,7 +79518,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   if( pPage->nFree<0 ){
     if( NEVER(pCur->eState>CURSOR_INVALID) ){
      /* ^^^^^--- due to the moveToRoot() call above */
-      rc = SQLITE_CORRUPT_PAGE(pPage);
+      rc = SQLITE_CORRUPT_BKPT;
     }else{
       rc = btreeComputeFreeSpace(pPage);
     }
@@ -80013,10 +79535,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   if( flags & BTREE_PREFORMAT ){
     rc = SQLITE_OK;
     szNew = p->pBt->nPreformatSize;
-    if( szNew<4 ){
-      szNew = 4;
-      newCell[3] = 0;
-    }
+    if( szNew<4 ) szNew = 4;
     if( ISAUTOVACUUM(p->pBt) && szNew>pPage->maxLocal ){
       CellInfo info;
       pPage->xParseCell(pPage, newCell, &info);
@@ -80038,7 +79557,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
     CellInfo info;
     assert( idx>=0 );
     if( idx>=pPage->nCell ){
-      return SQLITE_CORRUPT_PAGE(pPage);
+      return SQLITE_CORRUPT_BKPT;
     }
     rc = sqlite3PagerWrite(pPage->pDbPage);
     if( rc ){
@@ -80065,10 +79584,10 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
       ** necessary to add the PTRMAP_OVERFLOW1 pointer-map entry.  */
       assert( rc==SQLITE_OK ); /* clearCell never fails when nLocal==nPayload */
       if( oldCell < pPage->aData+pPage->hdrOffset+10 ){
-        return SQLITE_CORRUPT_PAGE(pPage);
+        return SQLITE_CORRUPT_BKPT;
       }
       if( oldCell+szNew > pPage->aDataEnd ){
-        return SQLITE_CORRUPT_PAGE(pPage);
+        return SQLITE_CORRUPT_BKPT;
       }
       memcpy(oldCell, newCell, szNew);
       return SQLITE_OK;
@@ -80078,7 +79597,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   }else if( loc<0 && pPage->nCell>0 ){
     assert( pPage->leaf );
     idx = ++pCur->ix;
-    pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl);
+    pCur->curFlags &= ~BTCF_ValidNKey;
   }else{
     assert( pPage->leaf );
   }
@@ -80108,7 +79627,7 @@ SQLITE_PRIVATE int sqlite3BtreeInsert(
   */
   if( pPage->nOverflow ){
     assert( rc==SQLITE_OK );
-    pCur->curFlags &= ~(BTCF_ValidNKey|BTCF_ValidOvfl);
+    pCur->curFlags &= ~(BTCF_ValidNKey);
     rc = balance(pCur);
 
     /* Must make sure nOverflow is reset to zero even if the balance()
@@ -80170,7 +79689,7 @@ SQLITE_PRIVATE int sqlite3BtreeTransferRow(BtCursor *pDest, BtCursor *pSrc, i64
   nIn = pSrc->info.nLocal;
   aIn = pSrc->info.pPayload;
   if( aIn+nIn>pSrc->pPage->aDataEnd ){
-    return SQLITE_CORRUPT_PAGE(pSrc->pPage);
+    return SQLITE_CORRUPT_BKPT;
   }
   nRem = pSrc->info.nPayload;
   if( nIn==nRem && nInpPage->maxLocal ){
@@ -80195,7 +79714,7 @@ SQLITE_PRIVATE int sqlite3BtreeTransferRow(BtCursor *pDest, BtCursor *pSrc, i64
 
     if( nRem>nIn ){
       if( aIn+nIn+4>pSrc->pPage->aDataEnd ){
-        return SQLITE_CORRUPT_PAGE(pSrc->pPage);
+        return SQLITE_CORRUPT_BKPT;
       }
       ovflIn = get4byte(&pSrc->info.pPayload[nIn]);
     }
@@ -80291,7 +79810,7 @@ SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
       assert( rc!=SQLITE_OK || CORRUPT_DB || pCur->eState==CURSOR_VALID );
       if( rc || pCur->eState!=CURSOR_VALID ) return rc;
     }else{
-      return SQLITE_CORRUPT_PGNO(pCur->pgnoRoot);
+      return SQLITE_CORRUPT_BKPT;
     }
   }
   assert( pCur->eState==CURSOR_VALID );
@@ -80300,14 +79819,14 @@ SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
   iCellIdx = pCur->ix;
   pPage = pCur->pPage;
   if( pPage->nCell<=iCellIdx ){
-    return SQLITE_CORRUPT_PAGE(pPage);
+    return SQLITE_CORRUPT_BKPT;
   }
   pCell = findCell(pPage, iCellIdx);
   if( pPage->nFree<0 && btreeComputeFreeSpace(pPage) ){
-    return SQLITE_CORRUPT_PAGE(pPage);
+    return SQLITE_CORRUPT_BKPT;
   }
   if( pCell<&pPage->aCellIdx[pPage->nCell] ){
-    return SQLITE_CORRUPT_PAGE(pPage);
+    return SQLITE_CORRUPT_BKPT;
   }
 
   /* If the BTREE_SAVEPOSITION bit is on, then the cursor position must
@@ -80398,7 +79917,7 @@ SQLITE_PRIVATE int sqlite3BtreeDelete(BtCursor *pCur, u8 flags){
       n = pCur->pPage->pgno;
     }
     pCell = findCell(pLeaf, pLeaf->nCell-1);
-    if( pCell<&pLeaf->aData[4] ) return SQLITE_CORRUPT_PAGE(pLeaf);
+    if( pCell<&pLeaf->aData[4] ) return SQLITE_CORRUPT_BKPT;
     nCell = pLeaf->xCellSize(pLeaf, pCell);
     assert( MX_CELL_SIZE(pBt) >= nCell );
     pTmp = pBt->pTmpSpace;
@@ -80514,7 +80033,7 @@ static int btreeCreateTable(Btree *p, Pgno *piTable, int createTabFlags){
     */
     sqlite3BtreeGetMeta(p, BTREE_LARGEST_ROOT_PAGE, &pgnoRoot);
     if( pgnoRoot>btreePagecount(pBt) ){
-      return SQLITE_CORRUPT_PGNO(pgnoRoot);
+      return SQLITE_CORRUPT_BKPT;
     }
     pgnoRoot++;
 
@@ -80562,7 +80081,7 @@ static int btreeCreateTable(Btree *p, Pgno *piTable, int createTabFlags){
       }
       rc = ptrmapGet(pBt, pgnoRoot, &eType, &iPtrPage);
       if( eType==PTRMAP_ROOTPAGE || eType==PTRMAP_FREEPAGE ){
-        rc = SQLITE_CORRUPT_PGNO(pgnoRoot);
+        rc = SQLITE_CORRUPT_BKPT;
       }
       if( rc!=SQLITE_OK ){
         releasePage(pRoot);
@@ -80652,14 +80171,14 @@ static int clearDatabasePage(
 
   assert( sqlite3_mutex_held(pBt->mutex) );
   if( pgno>btreePagecount(pBt) ){
-    return SQLITE_CORRUPT_PGNO(pgno);
+    return SQLITE_CORRUPT_BKPT;
   }
   rc = getAndInitPage(pBt, pgno, &pPage, 0);
   if( rc ) return rc;
   if( (pBt->openFlags & BTREE_SINGLE)==0
    && sqlite3PagerPageRefcount(pPage->pDbPage) != (1 + (pgno==1))
   ){
-    rc = SQLITE_CORRUPT_PAGE(pPage);
+    rc = SQLITE_CORRUPT_BKPT;
     goto cleardatabasepage_out;
   }
   hdr = pPage->hdrOffset;
@@ -80763,7 +80282,7 @@ static int btreeDropTable(Btree *p, Pgno iTable, int *piMoved){
   assert( p->inTrans==TRANS_WRITE );
   assert( iTable>=2 );
   if( iTable>btreePagecount(pBt) ){
-    return SQLITE_CORRUPT_PGNO(iTable);
+    return SQLITE_CORRUPT_BKPT;
   }
 
   rc = sqlite3BtreeClearTable(p, iTable, 0);
@@ -81357,9 +80876,6 @@ static int checkTreePage(
   ** number of cells on the page. */
   nCell = get2byte(&data[hdr+3]);
   assert( pPage->nCell==nCell );
-  if( pPage->leaf || pPage->intKey==0 ){
-    pCheck->nRow += nCell;
-  }
 
   /* EVIDENCE-OF: R-23882-45353 The cell pointer array of a b-tree page
   ** immediately follows the b-tree page header. */
@@ -81471,7 +80987,6 @@ static int checkTreePage(
         btreeHeapInsert(heap, (pc<<16)|(pc+size-1));
       }
     }
-    assert( heap!=0 );
     /* Add the freeblocks to the min-heap
     **
     ** EVIDENCE-OF: R-20690-50594 The second field of the b-tree page header
@@ -81571,7 +81086,6 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   sqlite3 *db,  /* Database connection that is running the check */
   Btree *p,     /* The btree to be checked */
   Pgno *aRoot,  /* An array of root pages numbers for individual trees */
-  Mem *aCnt,    /* Memory cells to write counts for each tree to */
   int nRoot,    /* Number of entries in aRoot[] */
   int mxErr,    /* Stop reporting errors after this many */
   int *pnErr,   /* OUT: Write number of errors seen to this variable */
@@ -81585,9 +81099,7 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   int bPartial = 0;            /* True if not checking all btrees */
   int bCkFreelist = 1;         /* True to scan the freelist */
   VVA_ONLY( int nRef );
-
   assert( nRoot>0 );
-  assert( aCnt!=0 );
 
   /* aRoot[0]==0 means this is a partial check */
   if( aRoot[0]==0 ){
@@ -81660,18 +81172,15 @@ SQLITE_PRIVATE int sqlite3BtreeIntegrityCheck(
   testcase( pBt->db->flags & SQLITE_CellSizeCk );
   pBt->db->flags &= ~(u64)SQLITE_CellSizeCk;
   for(i=0; (int)iautoVacuum && aRoot[i]>1 && !bPartial ){
-        checkPtrmap(&sCheck, aRoot[i], PTRMAP_ROOTPAGE, 0);
-      }
-#endif
-      sCheck.v0 = aRoot[i];
-      checkTreePage(&sCheck, aRoot[i], ¬Used, LARGEST_INT64);
+    if( pBt->autoVacuum && aRoot[i]>1 && !bPartial ){
+      checkPtrmap(&sCheck, aRoot[i], PTRMAP_ROOTPAGE, 0);
     }
-    sqlite3MemSetArrayInt64(aCnt, i, sCheck.nRow);
+#endif
+    sCheck.v0 = aRoot[i];
+    checkTreePage(&sCheck, aRoot[i], ¬Used, LARGEST_INT64);
   }
   pBt->db->flags = savedDbFlags;
 
@@ -83726,13 +83235,6 @@ SQLITE_PRIVATE void sqlite3VdbeMemSetInt64(Mem *pMem, i64 val){
   }
 }
 
-/*
-** Set the iIdx'th entry of array aMem[] to contain integer value val.
-*/
-SQLITE_PRIVATE void sqlite3MemSetArrayInt64(sqlite3_value *aMem, int iIdx, i64 val){
-  sqlite3VdbeMemSetInt64(&aMem[iIdx], val);
-}
-
 /* A no-op destructor */
 SQLITE_PRIVATE void sqlite3NoopDestructor(void *p){ UNUSED_PARAMETER(p); }
 
@@ -84421,20 +83923,14 @@ static int valueFromExpr(
   }
 
   /* Handle negative integers in a single step.  This is needed in the
-  ** case when the value is -9223372036854775808. Except - do not do this
-  ** for hexadecimal literals.  */
-  if( op==TK_UMINUS ){
-    Expr *pLeft = pExpr->pLeft;
-    if( (pLeft->op==TK_INTEGER || pLeft->op==TK_FLOAT) ){
-      if( ExprHasProperty(pLeft, EP_IntValue)
-       || pLeft->u.zToken[0]!='0' || (pLeft->u.zToken[1] & ~0x20)!='X'
-      ){
-        pExpr = pLeft;
-        op = pExpr->op;
-        negInt = -1;
-        zNeg = "-";
-      }
-    }
+  ** case when the value is -9223372036854775808.
+  */
+  if( op==TK_UMINUS
+   && (pExpr->pLeft->op==TK_INTEGER || pExpr->pLeft->op==TK_FLOAT) ){
+    pExpr = pExpr->pLeft;
+    op = pExpr->op;
+    negInt = -1;
+    zNeg = "-";
   }
 
   if( op==TK_STRING || op==TK_FLOAT || op==TK_INTEGER ){
@@ -84443,26 +83939,12 @@ static int valueFromExpr(
     if( ExprHasProperty(pExpr, EP_IntValue) ){
       sqlite3VdbeMemSetInt64(pVal, (i64)pExpr->u.iValue*negInt);
     }else{
-      i64 iVal;
-      if( op==TK_INTEGER && 0==sqlite3DecOrHexToI64(pExpr->u.zToken, &iVal) ){
-        sqlite3VdbeMemSetInt64(pVal, iVal*negInt);
-      }else{
-        zVal = sqlite3MPrintf(db, "%s%s", zNeg, pExpr->u.zToken);
-        if( zVal==0 ) goto no_mem;
-        sqlite3ValueSetStr(pVal, -1, zVal, SQLITE_UTF8, SQLITE_DYNAMIC);
-      }
+      zVal = sqlite3MPrintf(db, "%s%s", zNeg, pExpr->u.zToken);
+      if( zVal==0 ) goto no_mem;
+      sqlite3ValueSetStr(pVal, -1, zVal, SQLITE_UTF8, SQLITE_DYNAMIC);
     }
-    if( affinity==SQLITE_AFF_BLOB ){
-      if( op==TK_FLOAT ){
-        assert( pVal && pVal->z && pVal->flags==(MEM_Str|MEM_Term) );
-        sqlite3AtoF(pVal->z, &pVal->u.r, pVal->n, SQLITE_UTF8);
-        pVal->flags = MEM_Real;
-      }else if( op==TK_INTEGER ){
-        /* This case is required by -9223372036854775808 and other strings
-        ** that look like integers but cannot be handled by the
-        ** sqlite3DecOrHexToI64() call above.  */
-        sqlite3ValueApplyAffinity(pVal, SQLITE_AFF_NUMERIC, SQLITE_UTF8);
-      }
+    if( (op==TK_INTEGER || op==TK_FLOAT ) && affinity==SQLITE_AFF_BLOB ){
+      sqlite3ValueApplyAffinity(pVal, SQLITE_AFF_NUMERIC, SQLITE_UTF8);
     }else{
       sqlite3ValueApplyAffinity(pVal, affinity, SQLITE_UTF8);
     }
@@ -84732,17 +84214,17 @@ SQLITE_PRIVATE int sqlite3Stat4Column(
   sqlite3_value **ppVal           /* OUT: Extracted value */
 ){
   u32 t = 0;                      /* a column type code */
-  u32 nHdr;                       /* Size of the header in the record */
-  u32 iHdr;                       /* Next unread header byte */
-  i64 iField;                     /* Next unread data byte */
-  u32 szField = 0;                /* Size of the current data field */
+  int nHdr;                       /* Size of the header in the record */
+  int iHdr;                       /* Next unread header byte */
+  int iField;                     /* Next unread data byte */
+  int szField = 0;                /* Size of the current data field */
   int i;                          /* Column index */
   u8 *a = (u8*)pRec;              /* Typecast byte array */
   Mem *pMem = *ppVal;             /* Write result into this Mem object */
 
   assert( iCol>0 );
   iHdr = getVarint32(a, nHdr);
-  if( nHdr>(u32)nRec || iHdr>=nHdr ) return SQLITE_CORRUPT_BKPT;
+  if( nHdr>nRec || iHdr>=nHdr ) return SQLITE_CORRUPT_BKPT;
   iField = nHdr;
   for(i=0; i<=iCol; i++){
     iHdr += getVarint32(&a[iHdr], t);
@@ -85777,15 +85259,6 @@ static void resolveP2Values(Vdbe *p, int *pMaxFuncArgs){
             assert( aLabel!=0 );  /* True because of tag-20230419-1 */
             pOp->p2 = aLabel[ADDR(pOp->p2)];
           }
-
-          /* OPFLG_JUMP opcodes never have P2==0, though OPFLG_JUMP0 opcodes
-          ** might */
-          assert( pOp->p2>0
-                  || (sqlite3OpcodeProperty[pOp->opcode] & OPFLG_JUMP0)!=0 );
-
-          /* Jumps never go off the end of the bytecode array */
-          assert( pOp->p2nOp
-                  || (sqlite3OpcodeProperty[pOp->opcode] & OPFLG_JUMP)==0 );
           break;
         }
       }
@@ -88193,7 +87666,7 @@ SQLITE_PRIVATE int sqlite3VdbeHalt(Vdbe *p){
 
     /* Check for immediate foreign key violations. */
     if( p->rc==SQLITE_OK || (p->errorAction==OE_Fail && !isSpecialError) ){
-      (void)sqlite3VdbeCheckFk(p, 0);
+      sqlite3VdbeCheckFk(p, 0);
     }
 
     /* If the auto-commit flag is set and this is the only active writer
@@ -88907,23 +88380,6 @@ static void serialGet(
     pMem->flags = IsNaN(x) ? MEM_Null : MEM_Real;
   }
 }
-static int serialGet7(
-  const unsigned char *buf,     /* Buffer to deserialize from */
-  Mem *pMem                     /* Memory cell to write value into */
-){
-  u64 x = FOUR_BYTE_UINT(buf);
-  u32 y = FOUR_BYTE_UINT(buf+4);
-  x = (x<<32) + y;
-  assert( sizeof(x)==8 && sizeof(pMem->u.r)==8 );
-  swapMixedEndianFloat(x);
-  memcpy(&pMem->u.r, &x, sizeof(x));
-  if( IsNaN(x) ){
-    pMem->flags = MEM_Null;
-    return 1;
-  }
-  pMem->flags = MEM_Real;
-  return 0;
-}
 SQLITE_PRIVATE void sqlite3VdbeSerialGet(
   const unsigned char *buf,     /* Buffer to deserialize from */
   u32 serial_type,              /* Serial type to deserialize */
@@ -89363,15 +88819,17 @@ SQLITE_PRIVATE int sqlite3IntFloatCompare(i64 i, double r){
     return (xr);
   }else{
     i64 y;
+    double s;
     if( r<-9223372036854775808.0 ) return +1;
     if( r>=9223372036854775808.0 ) return -1;
     y = (i64)r;
     if( iy ) return +1;
-    testcase( doubleLt(((double)i),r) );
-    testcase( doubleLt(r,((double)i)) );
-    testcase( doubleEq(r,((double)i)) );
-    return (((double)i)r);
+    s = (double)i;
+    testcase( doubleLt(s,r) );
+    testcase( doubleLt(r,s) );
+    testcase( doubleEq(r,s) );
+    return (sr);
   }
 }
 
@@ -89601,7 +89059,7 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
       }else if( serial_type==0 ){
         rc = -1;
       }else if( serial_type==7 ){
-        serialGet7(&aKey1[d1], &mem1);
+        sqlite3VdbeSerialGet(&aKey1[d1], serial_type, &mem1);
         rc = -sqlite3IntFloatCompare(pRhs->u.i, mem1.u.r);
       }else{
         i64 lhs = vdbeRecordDecodeInt(serial_type, &aKey1[d1]);
@@ -89626,18 +89084,14 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
       }else if( serial_type==0 ){
         rc = -1;
       }else{
+        sqlite3VdbeSerialGet(&aKey1[d1], serial_type, &mem1);
         if( serial_type==7 ){
-          if( serialGet7(&aKey1[d1], &mem1) ){
-            rc = -1;  /* mem1 is a NaN */
-          }else if( mem1.u.ru.r ){
+          if( mem1.u.ru.r ){
             rc = -1;
           }else if( mem1.u.r>pRhs->u.r ){
             rc = +1;
-          }else{
-            assert( rc==0 );
           }
         }else{
-          sqlite3VdbeSerialGet(&aKey1[d1], serial_type, &mem1);
           rc = sqlite3IntFloatCompare(mem1.u.i, pRhs->u.r);
         }
       }
@@ -89707,14 +89161,7 @@ SQLITE_PRIVATE int sqlite3VdbeRecordCompareWithSkip(
     /* RHS is null */
     else{
       serial_type = aKey1[idx1];
-      if( serial_type==0
-       || serial_type==10
-       || (serial_type==7 && serialGet7(&aKey1[d1], &mem1)!=0)
-      ){
-        assert( rc==0 );
-      }else{
-        rc = 1;
-      }
+      rc = (serial_type!=0 && serial_type!=10);
     }
 
     if( rc!=0 ){
@@ -90174,8 +89621,7 @@ SQLITE_PRIVATE sqlite3_value *sqlite3VdbeGetBoundValue(Vdbe *v, int iVar, u8 aff
   assert( iVar>0 );
   if( v ){
     Mem *pMem = &v->aVar[iVar-1];
-    assert( (v->db->flags & SQLITE_EnableQPSG)==0
-         || (v->db->mDbFlags & DBFLAG_InternalFunc)!=0 );
+    assert( (v->db->flags & SQLITE_EnableQPSG)==0 );
     if( 0==(pMem->flags & MEM_Null) ){
       sqlite3_value *pRet = sqlite3ValueNew(v->db);
       if( pRet ){
@@ -90195,8 +89641,7 @@ SQLITE_PRIVATE sqlite3_value *sqlite3VdbeGetBoundValue(Vdbe *v, int iVar, u8 aff
 */
 SQLITE_PRIVATE void sqlite3VdbeSetVarmask(Vdbe *v, int iVar){
   assert( iVar>0 );
-  assert( (v->db->flags & SQLITE_EnableQPSG)==0
-       || (v->db->mDbFlags & DBFLAG_InternalFunc)!=0 );
+  assert( (v->db->flags & SQLITE_EnableQPSG)==0 );
   if( iVar>=32 ){
     v->expmask |= 0x80000000;
   }else{
@@ -92781,6 +92226,7 @@ SQLITE_API int sqlite3_stmt_scanstatus_v2(
   }
   if( flags & SQLITE_SCANSTAT_COMPLEX ){
     idx = iScan;
+    pScan = &p->aScan[idx];
   }else{
     /* If the COMPLEX flag is clear, then this function must ignore any
     ** ScanStatus structures with ScanStatus.addrLoop set to 0. */
@@ -92793,8 +92239,6 @@ SQLITE_API int sqlite3_stmt_scanstatus_v2(
     }
   }
   if( idx>=p->nScan ) return 1;
-  assert( pScan==0 || pScan==&p->aScan[idx] );
-  pScan = &p->aScan[idx];
 
   switch( iScanStatusOp ){
     case SQLITE_SCANSTAT_NLOOP: {
@@ -94243,7 +93687,7 @@ case OP_Return: {           /* in1 */
 **
 ** See also: EndCoroutine
 */
-case OP_InitCoroutine: {     /* jump0 */
+case OP_InitCoroutine: {     /* jump */
   assert( pOp->p1>0 &&  pOp->p1<=(p->nMem+1 - p->nCursor) );
   assert( pOp->p2>=0 && pOp->p2nOp );
   assert( pOp->p3>=0 && pOp->p3nOp );
@@ -94266,9 +93710,7 @@ case OP_InitCoroutine: {     /* jump0 */
 **
 ** The instruction at the address in register P1 is a Yield.
 ** Jump to the P2 parameter of that Yield.
-** After the jump, the value register P1 is left with a value
-** such that subsequent OP_Yields go back to the this same
-** OP_EndCoroutine instruction.
+** After the jump, register P1 becomes undefined.
 **
 ** See also: InitCoroutine
 */
@@ -94280,8 +93722,8 @@ case OP_EndCoroutine: {           /* in1 */
   pCaller = &aOp[pIn1->u.i];
   assert( pCaller->opcode==OP_Yield );
   assert( pCaller->p2>=0 && pCaller->p2nOp );
-  pIn1->u.i = (int)(pOp - p->aOp) - 1;
   pOp = &aOp[pCaller->p2 - 1];
+  pIn1->flags = MEM_Undefined;
   break;
 }
 
@@ -94298,7 +93740,7 @@ case OP_EndCoroutine: {           /* in1 */
 **
 ** See also: InitCoroutine
 */
-case OP_Yield: {            /* in1, jump0 */
+case OP_Yield: {            /* in1, jump */
   int pcDest;
   pIn1 = &aMem[pOp->p1];
   assert( VdbeMemDynamic(pIn1)==0 );
@@ -94628,15 +94070,19 @@ case OP_Blob: {                /* out2 */
   break;
 }
 
-/* Opcode: Variable P1 P2 * * *
-** Synopsis: r[P2]=parameter(P1)
+/* Opcode: Variable P1 P2 * P4 *
+** Synopsis: r[P2]=parameter(P1,P4)
 **
 ** Transfer the values of bound parameter P1 into register P2
+**
+** If the parameter is named, then its name appears in P4.
+** The P4 value is used by sqlite3_bind_parameter_name().
 */
 case OP_Variable: {            /* out2 */
   Mem *pVar;       /* Value being transferred */
 
   assert( pOp->p1>0 && pOp->p1<=p->nVar );
+  assert( pOp->p4.z==0 || pOp->p4.z==sqlite3VListNumToName(p->pVList,pOp->p1) );
   pVar = &p->aVar[pOp->p1 - 1];
   if( sqlite3VdbeMemTooBig(pVar) ){
     goto too_big;
@@ -95157,7 +94603,7 @@ case OP_AddImm: {            /* in1 */
 ** without data loss, then jump immediately to P2, or if P2==0
 ** raise an SQLITE_MISMATCH exception.
 */
-case OP_MustBeInt: {            /* jump0, in1 */
+case OP_MustBeInt: {            /* jump, in1 */
   pIn1 = &aMem[pOp->p1];
   if( (pIn1->flags & MEM_Int)==0 ){
     applyAffinity(pIn1, SQLITE_AFF_NUMERIC, encoding);
@@ -95198,7 +94644,7 @@ case OP_RealAffinity: {                  /* in1 */
 }
 #endif
 
-#if !defined(SQLITE_OMIT_CAST) && !defined(SQLITE_OMIT_ANALYZE)
+#ifndef SQLITE_OMIT_CAST
 /* Opcode: Cast P1 P2 * * *
 ** Synopsis: affinity(r[P1])
 **
@@ -95413,9 +94859,7 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
         }
       }
     }else if( affinity==SQLITE_AFF_TEXT && ((flags1 | flags3) & MEM_Str)!=0 ){
-      if( (flags1 & MEM_Str)!=0 ){
-        pIn1->flags &= ~(MEM_Int|MEM_Real|MEM_IntReal);
-      }else if( (flags1&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
+      if( (flags1 & MEM_Str)==0 && (flags1&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
         testcase( pIn1->flags & MEM_Int );
         testcase( pIn1->flags & MEM_Real );
         testcase( pIn1->flags & MEM_IntReal );
@@ -95424,9 +94868,7 @@ case OP_Ge: {             /* same as TK_GE, jump, in1, in3 */
         flags1 = (pIn1->flags & ~MEM_TypeMask) | (flags1 & MEM_TypeMask);
         if( NEVER(pIn1==pIn3) ) flags3 = flags1 | MEM_Str;
       }
-      if( (flags3 & MEM_Str)!=0 ){
-        pIn3->flags &= ~(MEM_Int|MEM_Real|MEM_IntReal);
-      }else if( (flags3&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
+      if( (flags3 & MEM_Str)==0 && (flags3&(MEM_Int|MEM_Real|MEM_IntReal))!=0 ){
         testcase( pIn3->flags & MEM_Int );
         testcase( pIn3->flags & MEM_Real );
         testcase( pIn3->flags & MEM_IntReal );
@@ -96770,16 +96212,11 @@ case OP_MakeRecord: {
         switch( len ){
           default: zPayload[7] = (u8)(v&0xff); v >>= 8;
                    zPayload[6] = (u8)(v&0xff); v >>= 8;
-                   /* no break */ deliberate_fall_through
           case 6:  zPayload[5] = (u8)(v&0xff); v >>= 8;
                    zPayload[4] = (u8)(v&0xff); v >>= 8;
-                   /* no break */ deliberate_fall_through
           case 4:  zPayload[3] = (u8)(v&0xff); v >>= 8;
-                   /* no break */ deliberate_fall_through
           case 3:  zPayload[2] = (u8)(v&0xff); v >>= 8;
-                   /* no break */ deliberate_fall_through
           case 2:  zPayload[1] = (u8)(v&0xff); v >>= 8;
-                   /* no break */ deliberate_fall_through
           case 1:  zPayload[0] = (u8)(v&0xff);
         }
         zPayload += len;
@@ -97698,8 +97135,7 @@ case OP_SequenceTest: {
 ** is the only cursor opcode that works with a pseudo-table.
 **
 ** P3 is the number of fields in the records that will be stored by
-** the pseudo-table.  If P2 is 0 or negative then the pseudo-cursor
-** will return NULL for every column.
+** the pseudo-table.
 */
 case OP_OpenPseudo: {
   VdbeCursor *pCx;
@@ -97842,10 +97278,10 @@ case OP_ColumnsUsed: {
 **
 ** See also: Found, NotFound, SeekGt, SeekGe, SeekLt
 */
-case OP_SeekLT:         /* jump0, in3, group, ncycle */
-case OP_SeekLE:         /* jump0, in3, group, ncycle */
-case OP_SeekGE:         /* jump0, in3, group, ncycle */
-case OP_SeekGT: {       /* jump0, in3, group, ncycle */
+case OP_SeekLT:         /* jump, in3, group, ncycle */
+case OP_SeekLE:         /* jump, in3, group, ncycle */
+case OP_SeekGE:         /* jump, in3, group, ncycle */
+case OP_SeekGT: {       /* jump, in3, group, ncycle */
   int res;           /* Comparison result */
   int oc;            /* Opcode */
   VdbeCursor *pC;    /* The cursor to seek */
@@ -98512,7 +97948,7 @@ case OP_Found: {        /* jump, in3, ncycle */
 **
 ** See also: Found, NotFound, NoConflict, SeekRowid
 */
-case OP_SeekRowid: {        /* jump0, in3, ncycle */
+case OP_SeekRowid: {        /* jump, in3, ncycle */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
@@ -99271,7 +98707,7 @@ case OP_NullRow: {
 ** configured to use Prev, not Next.
 */
 case OP_SeekEnd:             /* ncycle */
-case OP_Last: {              /* jump0, ncycle */
+case OP_Last: {              /* jump, ncycle */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
@@ -99305,38 +98741,28 @@ case OP_Last: {              /* jump0, ncycle */
   break;
 }
 
-/* Opcode: IfSizeBetween P1 P2 P3 P4 *
+/* Opcode: IfSmaller P1 P2 P3 * *
 **
-** Let N be the approximate number of rows in the table or index
-** with cursor P1 and let X be 10*log2(N) if N is positive or -1
-** if N is zero.
-**
-** Jump to P2 if X is in between P3 and P4, inclusive.
+** Estimate the number of rows in the table P1.  Jump to P2 if that
+** estimate is less than approximately 2**(0.1*P3).
 */
-case OP_IfSizeBetween: {        /* jump */
+case OP_IfSmaller: {        /* jump */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
   i64 sz;
 
   assert( pOp->p1>=0 && pOp->p1nCursor );
-  assert( pOp->p4type==P4_INT32 );
-  assert( pOp->p3>=-1 && pOp->p3<=640*2 );
-  assert( pOp->p4.i>=-1 && pOp->p4.i<=640*2 );
   pC = p->apCsr[pOp->p1];
   assert( pC!=0 );
   pCrsr = pC->uc.pCursor;
   assert( pCrsr );
   rc = sqlite3BtreeFirst(pCrsr, &res);
   if( rc ) goto abort_due_to_error;
-  if( res!=0 ){
-    sz = -1;  /* -Infinity encoding */
-  }else{
+  if( res==0 ){
     sz = sqlite3BtreeRowCountEst(pCrsr);
-    assert( sz>0 );
-    sz = sqlite3LogEst((u64)sz);
+    if( ALWAYS(sz>=0) && sqlite3LogEst((u64)sz)p3 ) res = 1;
   }
-  res = sz>=pOp->p3 && sz<=pOp->p4.i;
   VdbeBranchTaken(res!=0,2);
   if( res ) goto jump_to_p2;
   break;
@@ -99389,7 +98815,7 @@ case OP_Sort: {        /* jump ncycle */
 ** from the beginning toward the end.  In other words, the cursor is
 ** configured to use Next, not Prev.
 */
-case OP_Rewind: {        /* jump0, ncycle */
+case OP_Rewind: {        /* jump, ncycle */
   VdbeCursor *pC;
   BtCursor *pCrsr;
   int res;
@@ -100036,18 +99462,11 @@ case OP_CreateBtree: {          /* out2 */
   break;
 }
 
-/* Opcode: SqlExec P1 P2 * P4 *
+/* Opcode: SqlExec * * * P4 *
 **
 ** Run the SQL statement or statements specified in the P4 string.
-**
-** The P1 parameter is a bitmask of options:
-**
-**    0x0001     Disable Auth and Trace callbacks while the statements
-**               in P4 are running.
-**
-**    0x0002     Set db->nAnalysisLimit to P2 while the statements in
-**               P4 are running.
-**
+** Disable Auth and Trace callbacks while those statements are running if
+** P1 is true.
 */
 case OP_SqlExec: {
   char *zErr;
@@ -100055,7 +99474,6 @@ case OP_SqlExec: {
   sqlite3_xauth xAuth;
 #endif
   u8 mTrace;
-  int savedAnalysisLimit;
 
   sqlite3VdbeIncrWriteCounter(p, 0);
   db->nSqlExec++;
@@ -100064,23 +99482,18 @@ case OP_SqlExec: {
   xAuth = db->xAuth;
 #endif
   mTrace = db->mTrace;
-  savedAnalysisLimit = db->nAnalysisLimit;
-  if( pOp->p1 & 0x0001 ){
+  if( pOp->p1 ){
 #ifndef SQLITE_OMIT_AUTHORIZATION
     db->xAuth = 0;
 #endif
     db->mTrace = 0;
   }
-  if( pOp->p1 & 0x0002 ){
-    db->nAnalysisLimit = pOp->p2;
-  }
   rc = sqlite3_exec(db, pOp->p4.z, 0, 0, &zErr);
   db->nSqlExec--;
 #ifndef SQLITE_OMIT_AUTHORIZATION
   db->xAuth = xAuth;
 #endif
   db->mTrace = mTrace;
-  db->nAnalysisLimit = savedAnalysisLimit;
   if( zErr || rc ){
     sqlite3VdbeError(p, "%s", zErr);
     sqlite3_free(zErr);
@@ -100232,11 +99645,11 @@ case OP_DropTrigger: {
 /* Opcode: IntegrityCk P1 P2 P3 P4 P5
 **
 ** Do an analysis of the currently open database.  Store in
-** register (P1+1) the text of an error message describing any problems.
-** If no problems are found, store a NULL in register (P1+1).
+** register P1 the text of an error message describing any problems.
+** If no problems are found, store a NULL in register P1.
 **
-** The register (P1) contains one less than the maximum number of allowed
-** errors.  At most reg(P1) errors will be reported.
+** The register P3 contains one less than the maximum number of allowed errors.
+** At most reg(P3) errors will be reported.
 ** In other words, the analysis stops as soon as reg(P1) errors are
 ** seen.  Reg(P1) is updated with the number of errors remaining.
 **
@@ -100256,21 +99669,19 @@ case OP_IntegrityCk: {
   Mem *pnErr;     /* Register keeping track of errors remaining */
 
   assert( p->bIsReader );
-  assert( pOp->p4type==P4_INTARRAY );
   nRoot = pOp->p2;
   aRoot = pOp->p4.ai;
   assert( nRoot>0 );
-  assert( aRoot!=0 );
   assert( aRoot[0]==(Pgno)nRoot );
-  assert( pOp->p1>0 && (pOp->p1+1)<=(p->nMem+1 - p->nCursor) );
-  pnErr = &aMem[pOp->p1];
+  assert( pOp->p3>0 && pOp->p3<=(p->nMem+1 - p->nCursor) );
+  pnErr = &aMem[pOp->p3];
   assert( (pnErr->flags & MEM_Int)!=0 );
   assert( (pnErr->flags & (MEM_Str|MEM_Blob))==0 );
-  pIn1 = &aMem[pOp->p1+1];
+  pIn1 = &aMem[pOp->p1];
   assert( pOp->p5nDb );
   assert( DbMaskTest(p->btreeMask, pOp->p5) );
-  rc = sqlite3BtreeIntegrityCheck(db, db->aDb[pOp->p5].pBt, &aRoot[1],
-      &aMem[pOp->p3], nRoot, (int)pnErr->u.i+1, &nErr, &z);
+  rc = sqlite3BtreeIntegrityCheck(db, db->aDb[pOp->p5].pBt, &aRoot[1], nRoot,
+                                 (int)pnErr->u.i+1, &nErr, &z);
   sqlite3VdbeMemSetNull(pIn1);
   if( nErr==0 ){
     assert( z==0 );
@@ -100397,9 +99808,7 @@ case OP_RowSetTest: {                     /* jump, in1, in3 */
 ** P1 contains the address of the memory cell that contains the first memory
 ** cell in an array of values used as arguments to the sub-program. P2
 ** contains the address to jump to if the sub-program throws an IGNORE
-** exception using the RAISE() function. P2 might be zero, if there is
-** no possibility that an IGNORE exception will be raised.
-** Register P3 contains the address
+** exception using the RAISE() function. Register P3 contains the address
 ** of a memory cell in this (the parent) VM that is used to allocate the
 ** memory required by the sub-vdbe at runtime.
 **
@@ -100407,7 +99816,7 @@ case OP_RowSetTest: {                     /* jump, in1, in3 */
 **
 ** If P5 is non-zero, then recursive program invocation is enabled.
 */
-case OP_Program: {        /* jump0 */
+case OP_Program: {        /* jump */
   int nMem;               /* Number of memory registers for sub-program */
   int nByte;              /* Bytes of runtime space required for sub-program */
   Mem *pRt;               /* Register to allocate runtime space */
@@ -101956,7 +101365,7 @@ case OP_Filter: {          /* jump */
 ** error is encountered.
 */
 case OP_Trace:
-case OP_Init: {          /* jump0 */
+case OP_Init: {          /* jump */
   int i;
 #ifndef SQLITE_OMIT_TRACE
   char *zTrace;
@@ -105857,10 +105266,10 @@ static int bytecodevtabColumn(
 
 #ifdef SQLITE_ENABLE_STMT_SCANSTATUS
     case 9:     /* nexec */
-      sqlite3_result_int64(ctx, pOp->nExec);
+      sqlite3_result_int(ctx, pOp->nExec);
       break;
     case 10:    /* ncycle */
-      sqlite3_result_int64(ctx, pOp->nCycle);
+      sqlite3_result_int(ctx, pOp->nCycle);
       break;
 #else
     case 9:     /* nexec */
@@ -106804,8 +106213,6 @@ static void resolveAlias(
   assert( iCol>=0 && iColnExpr );
   pOrig = pEList->a[iCol].pExpr;
   assert( pOrig!=0 );
-  assert( !ExprHasProperty(pExpr, EP_Reduced|EP_TokenOnly) );
-  if( pExpr->pAggInfo ) return;
   db = pParse->db;
   pDup = sqlite3ExprDup(db, pOrig, 0);
   if( db->mallocFailed ){
@@ -106953,7 +106360,7 @@ static void extendFJMatch(
 static SQLITE_NOINLINE int isValidSchemaTableName(
   const char *zTab,         /* Name as it appears in the SQL */
   Table *pTab,              /* The schema table we are trying to match */
-  const char *zDb           /* non-NULL if a database qualifier is present */
+  Schema *pSchema           /* non-NULL if a database qualifier is present */
 ){
   const char *zLegacy;
   assert( pTab!=0 );
@@ -106964,7 +106371,7 @@ static SQLITE_NOINLINE int isValidSchemaTableName(
     if( sqlite3StrICmp(zTab+7, &PREFERRED_TEMP_SCHEMA_TABLE[7])==0 ){
       return 1;
     }
-    if( zDb==0 ) return 0;
+    if( pSchema==0 ) return 0;
     if( sqlite3StrICmp(zTab+7, &LEGACY_SCHEMA_TABLE[7])==0 ) return 1;
     if( sqlite3StrICmp(zTab+7, &PREFERRED_SCHEMA_TABLE[7])==0 ) return 1;
   }else{
@@ -107004,7 +106411,7 @@ static int lookupName(
   Parse *pParse,       /* The parsing context */
   const char *zDb,     /* Name of the database containing table, or NULL */
   const char *zTab,    /* Name of table containing column, or NULL */
-  const Expr *pRight,  /* Name of the column. */
+  const char *zCol,    /* Name of the column. */
   NameContext *pNC,    /* The name context used to resolve the name */
   Expr *pExpr          /* Make this EXPR node point to the selected column */
 ){
@@ -107021,7 +106428,6 @@ static int lookupName(
   Table *pTab = 0;                  /* Table holding the row */
   Column *pCol;                     /* A column of pTab */
   ExprList *pFJMatch = 0;           /* Matches for FULL JOIN .. USING */
-  const char *zCol = pRight->u.zToken;
 
   assert( pNC );     /* the name context cannot be NULL. */
   assert( zCol );    /* The Z in X.Y.Z cannot be NULL */
@@ -107147,7 +106553,7 @@ static int lookupName(
             }
           }else if( sqlite3StrICmp(zTab, pTab->zName)!=0 ){
             if( pTab->tnum!=1 ) continue;
-            if( !isValidSchemaTableName(zTab, pTab, zDb) ) continue;
+            if( !isValidSchemaTableName(zTab, pTab, pSchema) ) continue;
           }
           assert( ExprUseYTab(pExpr) );
           if( IN_RENAME_OBJECT && pItem->zAlias ){
@@ -107194,37 +106600,8 @@ static int lookupName(
           }
         }
         if( 0==cnt && VisibleRowid(pTab) ){
-          /* pTab is a potential ROWID match.  Keep track of it and match
-          ** the ROWID later if that seems appropriate.  (Search for "cntTab"
-          ** to find related code.)  Only allow a ROWID match if there is
-          ** a single ROWID match candidate.
-          */
-#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
-          /* In SQLITE_ALLOW_ROWID_IN_VIEW mode, allow a ROWID match
-          ** if there is a single VIEW candidate or if there is a single
-          ** non-VIEW candidate plus multiple VIEW candidates.  In other
-          ** words non-VIEW candidate terms take precedence over VIEWs.
-          */
-          if( cntTab==0
-           || (cntTab==1
-               && ALWAYS(pMatch!=0)
-               && ALWAYS(pMatch->pTab!=0)
-               && (pMatch->pTab->tabFlags & TF_Ephemeral)!=0
-               && (pTab->tabFlags & TF_Ephemeral)==0)
-          ){
-            cntTab = 1;
-            pMatch = pItem;
-          }else{
-            cntTab++;
-          }
-#else
-          /* The (much more common) non-SQLITE_ALLOW_ROWID_IN_VIEW case is
-          ** simpler since we require exactly one candidate, which will
-          ** always be a non-VIEW
-          */
           cntTab++;
           pMatch = pItem;
-#endif
         }
       }
       if( pMatch ){
@@ -107253,8 +106630,7 @@ static int lookupName(
         if( pParse->bReturning ){
           if( (pNC->ncFlags & NC_UBaseReg)!=0
            && ALWAYS(zTab==0
-                     || sqlite3StrICmp(zTab,pParse->pTriggerTab->zName)==0
-                     || isValidSchemaTableName(zTab, pParse->pTriggerTab, 0))
+                     || sqlite3StrICmp(zTab,pParse->pTriggerTab->zName)==0)
           ){
             pExpr->iTable = op!=TK_DELETE;
             pTab = pParse->pTriggerTab;
@@ -107351,18 +106727,13 @@ static int lookupName(
     ** Perhaps the name is a reference to the ROWID
     */
     if( cnt==0
-     && cntTab>=1
+     && cntTab==1
      && pMatch
      && (pNC->ncFlags & (NC_IdxExpr|NC_GenCol))==0
      && sqlite3IsRowid(zCol)
      && ALWAYS(VisibleRowid(pMatch->pTab) || pMatch->fg.isNestedFrom)
     ){
-      cnt = cntTab;
-#if SQLITE_ALLOW_ROWID_IN_VIEW+0==2
-      if( pMatch->pTab!=0 && IsView(pMatch->pTab) ){
-        eNewExprOp = TK_NULL;
-      }
-#endif
+      cnt = 1;
       if( pMatch->fg.isNestedFrom==0 ) pExpr->iColumn = -1;
       pExpr->affExpr = SQLITE_AFF_INTEGER;
     }
@@ -107516,10 +106887,6 @@ static int lookupName(
       sqlite3ErrorMsg(pParse, "%s: %s.%s.%s", zErr, zDb, zTab, zCol);
     }else if( zTab ){
       sqlite3ErrorMsg(pParse, "%s: %s.%s", zErr, zTab, zCol);
-    }else if( cnt==0 && ExprHasProperty(pRight,EP_DblQuoted) ){
-      sqlite3ErrorMsg(pParse, "%s: \"%s\" - should this be a"
-                              " string literal in single-quotes?",
-                              zErr, zCol);
     }else{
       sqlite3ErrorMsg(pParse, "%s: %s", zErr, zCol);
     }
@@ -107553,12 +106920,8 @@ static int lookupName(
   ** If a generated column is referenced, set bits for every column
   ** of the table.
   */
-  if( pMatch ){
-    if( pExpr->iColumn>=0 ){
-      pMatch->colUsed |= sqlite3ExprColUsed(pExpr);
-    }else{
-      pMatch->fg.rowidUsed = 1;
-    }
+  if( pExpr->iColumn>=0 && cnt==1 && pMatch!=0 ){
+    pMatch->colUsed |= sqlite3ExprColUsed(pExpr);
   }
 
   pExpr->op = eNewExprOp;
@@ -107735,19 +107098,6 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
     ** resolved.  This prevents "column" from being counted as having been
     ** referenced, which might prevent a SELECT from being erroneously
     ** marked as correlated.
-    **
-    ** 2024-03-28: Beware of aggregates.  A bare column of aggregated table
-    ** can still evaluate to NULL even though it is marked as NOT NULL.
-    ** Example:
-    **
-    **       CREATE TABLE t1(a INT NOT NULL);
-    **       SELECT a, a IS NULL, a IS NOT NULL, count(*) FROM t1;
-    **
-    ** The "a IS NULL" and "a IS NOT NULL" expressions cannot be optimized
-    ** here because at the time this case is hit, we do not yet know whether
-    ** or not t1 is being aggregated.  We have to assume the worst and omit
-    ** the optimization.  The only time it is safe to apply this optimization
-    ** is within the WHERE clause.
     */
     case TK_NOTNULL:
     case TK_ISNULL: {
@@ -107758,36 +107108,19 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         anRef[i] = p->nRef;
       }
       sqlite3WalkExpr(pWalker, pExpr->pLeft);
-      if( IN_RENAME_OBJECT ) return WRC_Prune;
-      if( sqlite3ExprCanBeNull(pExpr->pLeft) ){
-        /* The expression can be NULL.  So the optimization does not apply */
-        return WRC_Prune;
-      }
+      if( 0==sqlite3ExprCanBeNull(pExpr->pLeft) && !IN_RENAME_OBJECT ){
+        testcase( ExprHasProperty(pExpr, EP_OuterON) );
+        assert( !ExprHasProperty(pExpr, EP_IntValue) );
+        pExpr->u.iValue = (pExpr->op==TK_NOTNULL);
+        pExpr->flags |= EP_IntValue;
+        pExpr->op = TK_INTEGER;
 
-      for(i=0, p=pNC; p; p=p->pNext, i++){
-        if( (p->ncFlags & NC_Where)==0 ){
-          return WRC_Prune;  /* Not in a WHERE clause.  Unsafe to optimize. */
+        for(i=0, p=pNC; p && ipNext, i++){
+          p->nRef = anRef[i];
         }
+        sqlite3ExprDelete(pParse->db, pExpr->pLeft);
+        pExpr->pLeft = 0;
       }
-      testcase( ExprHasProperty(pExpr, EP_OuterON) );
-      assert( !ExprHasProperty(pExpr, EP_IntValue) );
-#if TREETRACE_ENABLED
-      if( sqlite3TreeTrace & 0x80000 ){
-        sqlite3DebugPrintf(
-           "NOT NULL strength reduction converts the following to %d:\n",
-           pExpr->op==TK_NOTNULL
-        );
-        sqlite3ShowExpr(pExpr);
-      }
-#endif /* TREETRACE_ENABLED */
-      pExpr->u.iValue = (pExpr->op==TK_NOTNULL);
-      pExpr->flags |= EP_IntValue;
-      pExpr->op = TK_INTEGER;
-      for(i=0, p=pNC; p && ipNext, i++){
-        p->nRef = anRef[i];
-      }
-      sqlite3ExprDelete(pParse->db, pExpr->pLeft);
-      pExpr->pLeft = 0;
       return WRC_Prune;
     }
 
@@ -107801,6 +107134,7 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
     */
     case TK_ID:
     case TK_DOT: {
+      const char *zColumn;
       const char *zTable;
       const char *zDb;
       Expr *pRight;
@@ -107809,7 +107143,7 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         zDb = 0;
         zTable = 0;
         assert( !ExprHasProperty(pExpr, EP_IntValue) );
-        pRight = pExpr;
+        zColumn = pExpr->u.zToken;
       }else{
         Expr *pLeft = pExpr->pLeft;
         testcase( pNC->ncFlags & NC_IdxExpr );
@@ -107828,13 +107162,14 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         }
         assert( ExprUseUToken(pLeft) && ExprUseUToken(pRight) );
         zTable = pLeft->u.zToken;
+        zColumn = pRight->u.zToken;
         assert( ExprUseYTab(pExpr) );
         if( IN_RENAME_OBJECT ){
           sqlite3RenameTokenRemap(pParse, (void*)pExpr, (void*)pRight);
           sqlite3RenameTokenRemap(pParse, (void*)&pExpr->y.pTab, (void*)pLeft);
         }
       }
-      return lookupName(pParse, zDb, zTable, pRight, pNC, pExpr);
+      return lookupName(pParse, zDb, zTable, zColumn, pNC, pExpr);
     }
 
     /* Resolve function names
@@ -108010,9 +107345,11 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
 #endif
         }
       }
-      else if( ExprHasProperty(pExpr, EP_WinFunc) || pExpr->pLeft ){
+#ifndef SQLITE_OMIT_WINDOWFUNC
+      else if( ExprHasProperty(pExpr, EP_WinFunc) ){
         is_agg = 1;
       }
+#endif
       sqlite3WalkExprList(pWalker, pList);
       if( is_agg ){
         if( pExpr->pLeft ){
@@ -108082,7 +107419,6 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         testcase( pNC->ncFlags & NC_PartIdx );
         testcase( pNC->ncFlags & NC_IdxExpr );
         testcase( pNC->ncFlags & NC_GenCol );
-        assert( pExpr->x.pSelect );
         if( pNC->ncFlags & NC_SelfRef ){
           notValidImpl(pParse, pNC, "subqueries", pExpr, pExpr);
         }else{
@@ -108091,7 +107427,6 @@ static int resolveExprStep(Walker *pWalker, Expr *pExpr){
         assert( pNC->nRef>=nRef );
         if( nRef!=pNC->nRef ){
           ExprSetProperty(pExpr, EP_VarSelect);
-          pExpr->x.pSelect->selFlags |= SF_Correlated;
         }
         pNC->ncFlags |= NC_Subquery;
       }
@@ -108617,7 +107952,6 @@ static int resolveSelectStep(Walker *pWalker, Select *p){
     if( pOuterNC ) pOuterNC->nNestedSelect++;
     for(i=0; ipSrc->nSrc; i++){
       SrcItem *pItem = &p->pSrc->a[i];
-      assert( pItem->zName!=0 || pItem->pSelect!=0 );/* Test of tag-20240424-1*/
       if( pItem->pSelect && (pItem->pSelect->selFlags & SF_Resolved)==0 ){
         int nRef = pOuterNC ? pOuterNC->nRef : 0;
         const char *zSavedContext = pParse->zAuthContext;
@@ -108686,9 +108020,7 @@ static int resolveSelectStep(Walker *pWalker, Select *p){
       }
       if( sqlite3ResolveExprNames(&sNC, p->pHaving) ) return WRC_Abort;
     }
-    sNC.ncFlags |= NC_Where;
     if( sqlite3ResolveExprNames(&sNC, p->pWhere) ) return WRC_Abort;
-    sNC.ncFlags &= ~NC_Where;
 
     /* Resolve names in table-valued-function arguments */
     for(i=0; ipSrc->nSrc; i++){
@@ -108879,9 +108211,6 @@ SQLITE_PRIVATE int sqlite3ResolveExprNames(
 ** Resolve all names for all expression in an expression list.  This is
 ** just like sqlite3ResolveExprNames() except that it works for an expression
 ** list rather than a single expression.
-**
-** The return value is SQLITE_OK (0) for success or SQLITE_ERROR (1) for a
-** failure.
 */
 SQLITE_PRIVATE int sqlite3ResolveExprListNames(
   NameContext *pNC,       /* Namespace to resolve expressions in. */
@@ -108890,7 +108219,7 @@ SQLITE_PRIVATE int sqlite3ResolveExprListNames(
   int i;
   int savedHasAgg = 0;
   Walker w;
-  if( pList==0 ) return SQLITE_OK;
+  if( pList==0 ) return WRC_Continue;
   w.pParse = pNC->pParse;
   w.xExprCallback = resolveExprStep;
   w.xSelectCallback = resolveSelectStep;
@@ -108904,7 +108233,7 @@ SQLITE_PRIVATE int sqlite3ResolveExprListNames(
 #if SQLITE_MAX_EXPR_DEPTH>0
     w.pParse->nHeight += pExpr->nHeight;
     if( sqlite3ExprCheckHeight(w.pParse, w.pParse->nHeight) ){
-      return SQLITE_ERROR;
+      return WRC_Abort;
     }
 #endif
     sqlite3WalkExprNN(&w, pExpr);
@@ -108921,10 +108250,10 @@ SQLITE_PRIVATE int sqlite3ResolveExprListNames(
                           (NC_HasAgg|NC_MinMaxAgg|NC_HasWin|NC_OrderAgg);
       pNC->ncFlags &= ~(NC_HasAgg|NC_MinMaxAgg|NC_HasWin|NC_OrderAgg);
     }
-    if( w.pParse->nErr>0 ) return SQLITE_ERROR;
+    if( w.pParse->nErr>0 ) return WRC_Abort;
   }
   pNC->ncFlags |= savedHasAgg;
-  return SQLITE_OK;
+  return WRC_Continue;
 }
 
 /*
@@ -109230,10 +108559,9 @@ SQLITE_PRIVATE Expr *sqlite3ExprSkipCollateAndLikely(Expr *pExpr){
       assert( pExpr->x.pList->nExpr>0 );
       assert( pExpr->op==TK_FUNCTION );
       pExpr = pExpr->x.pList->a[0].pExpr;
-    }else if( pExpr->op==TK_COLLATE ){
-      pExpr = pExpr->pLeft;
     }else{
-      break;
+      assert( pExpr->op==TK_COLLATE );
+      pExpr = pExpr->pLeft;
     }
   }
   return pExpr;
@@ -109927,12 +109255,11 @@ SQLITE_PRIVATE void sqlite3ExprSetErrorOffset(Expr *pExpr, int iOfst){
 ** appear to be quoted.  If the quotes were of the form "..." (double-quotes)
 ** then the EP_DblQuoted flag is set on the expression node.
 **
-** Special case (tag-20240227-a):  If op==TK_INTEGER and pToken points to
-** a string that can be translated into a 32-bit integer, then the token is
-** not stored in u.zToken.  Instead, the integer values is written
-** into u.iValue and the EP_IntValue flag is set. No extra storage
+** Special case:  If op==TK_INTEGER and pToken points to a string that
+** can be translated into a 32-bit integer, then the token is not
+** stored in u.zToken.  Instead, the integer values is written
+** into u.iValue and the EP_IntValue flag is set.  No extra storage
 ** is allocated to hold the integer text and the dequote flag is ignored.
-** See also tag-20240227-b.
 */
 SQLITE_PRIVATE Expr *sqlite3ExprAlloc(
   sqlite3 *db,            /* Handle for sqlite3DbMallocRawNN() */
@@ -109948,7 +109275,7 @@ SQLITE_PRIVATE Expr *sqlite3ExprAlloc(
   if( pToken ){
     if( op!=TK_INTEGER || pToken->z==0
           || sqlite3GetInt32(pToken->z, &iValue)==0 ){
-      nExtra = pToken->n+1;  /* tag-20240227-a */
+      nExtra = pToken->n+1;
       assert( iValue>=0 );
     }
   }
@@ -110380,7 +109707,6 @@ SQLITE_PRIVATE void sqlite3ExprAssignVarNumber(Parse *pParse, Expr *pExpr, u32 n
 static SQLITE_NOINLINE void sqlite3ExprDeleteNN(sqlite3 *db, Expr *p){
   assert( p!=0 );
   assert( db!=0 );
-exprDeleteRestart:
   assert( !ExprUseUValue(p) || p->u.iValue>=0 );
   assert( !ExprUseYWin(p) || !ExprUseYSub(p) );
   assert( !ExprUseYWin(p) || p->y.pWin!=0 || db->mallocFailed );
@@ -110396,6 +109722,7 @@ static SQLITE_NOINLINE void sqlite3ExprDeleteNN(sqlite3 *db, Expr *p){
   if( !ExprHasProperty(p, (EP_TokenOnly|EP_Leaf)) ){
     /* The Expr.x union is never used at the same time as Expr.pRight */
     assert( (ExprUseXList(p) && p->x.pList==0) || p->pRight==0 );
+    if( p->pLeft && p->op!=TK_SELECT_COLUMN ) sqlite3ExprDeleteNN(db, p->pLeft);
     if( p->pRight ){
       assert( !ExprHasProperty(p, EP_WinFunc) );
       sqlite3ExprDeleteNN(db, p->pRight);
@@ -110410,19 +109737,6 @@ static SQLITE_NOINLINE void sqlite3ExprDeleteNN(sqlite3 *db, Expr *p){
       }
 #endif
     }
-    if( p->pLeft && p->op!=TK_SELECT_COLUMN ){
-      Expr *pLeft = p->pLeft;
-      if( !ExprHasProperty(p, EP_Static)
-       && !ExprHasProperty(pLeft, EP_Static)
-      ){
-        /* Avoid unnecessary recursion on unary operators */
-        sqlite3DbNNFreeNN(db, p);
-        p = pLeft;
-        goto exprDeleteRestart;
-      }else{
-        sqlite3ExprDeleteNN(db, pLeft);
-      }
-    }
   }
   if( !ExprHasProperty(p, EP_Static) ){
     sqlite3DbNNFreeNN(db, p);
@@ -110455,11 +109769,11 @@ SQLITE_PRIVATE void sqlite3ClearOnOrUsing(sqlite3 *db, OnOrUsing *p){
 **
 ** The pExpr might be deleted immediately on an OOM error.
 **
-** Return 0 if the delete was successfully deferred.  Return non-zero
-** if the delete happened immediately because of an OOM.
+** The deferred delete is (currently) implemented by adding the
+** pExpr to the pParse->pConstExpr list with a register number of 0.
 */
-SQLITE_PRIVATE int sqlite3ExprDeferredDelete(Parse *pParse, Expr *pExpr){
-  return 0==sqlite3ParserAddCleanup(pParse, sqlite3ExprDeleteGeneric, pExpr);
+SQLITE_PRIVATE void sqlite3ExprDeferredDelete(Parse *pParse, Expr *pExpr){
+  sqlite3ParserAddCleanup(pParse, sqlite3ExprDeleteGeneric, pExpr);
 }
 
 /* Invoke sqlite3RenameExprUnmap() and sqlite3ExprDelete() on the
@@ -110895,19 +110209,17 @@ SQLITE_PRIVATE SrcList *sqlite3SrcListDup(sqlite3 *db, const SrcList *p, int fla
     pNewItem->iCursor = pOldItem->iCursor;
     pNewItem->addrFillSub = pOldItem->addrFillSub;
     pNewItem->regReturn = pOldItem->regReturn;
-    pNewItem->regResult = pOldItem->regResult;
     if( pNewItem->fg.isIndexedBy ){
       pNewItem->u1.zIndexedBy = sqlite3DbStrDup(db, pOldItem->u1.zIndexedBy);
-    }else if( pNewItem->fg.isTabFunc ){
-      pNewItem->u1.pFuncArg =
-          sqlite3ExprListDup(db, pOldItem->u1.pFuncArg, flags);
-    }else{
-      pNewItem->u1.nRow = pOldItem->u1.nRow;
     }
     pNewItem->u2 = pOldItem->u2;
     if( pNewItem->fg.isCte ){
       pNewItem->u2.pCteUse->nUse++;
     }
+    if( pNewItem->fg.isTabFunc ){
+      pNewItem->u1.pFuncArg =
+          sqlite3ExprListDup(db, pOldItem->u1.pFuncArg, flags);
+    }
     pTab = pNewItem->pTab = pOldItem->pTab;
     if( pTab ){
       pTab->nTabRef++;
@@ -111373,54 +110685,6 @@ SQLITE_PRIVATE Expr *sqlite3ExprSimplifiedAndOr(Expr *pExpr){
   return pExpr;
 }
 
-/*
-** pExpr is a TK_FUNCTION node.  Try to determine whether or not the
-** function is a constant function.  A function is constant if all of
-** the following are true:
-**
-**    (1)  It is a scalar function (not an aggregate or window function)
-**    (2)  It has either the SQLITE_FUNC_CONSTANT or SQLITE_FUNC_SLOCHNG
-**         property.
-**    (3)  All of its arguments are constants
-**
-** This routine sets pWalker->eCode to 0 if pExpr is not a constant.
-** It makes no changes to pWalker->eCode if pExpr is constant.  In
-** every case, it returns WRC_Abort.
-**
-** Called as a service subroutine from exprNodeIsConstant().
-*/
-static SQLITE_NOINLINE int exprNodeIsConstantFunction(
-  Walker *pWalker,
-  Expr *pExpr
-){
-  int n;             /* Number of arguments */
-  ExprList *pList;   /* List of arguments */
-  FuncDef *pDef;     /* The function */
-  sqlite3 *db;       /* The database */
-
-  assert( pExpr->op==TK_FUNCTION );
-  if( ExprHasProperty(pExpr, EP_TokenOnly)
-   || (pList = pExpr->x.pList)==0
-  ){;
-    n = 0;
-  }else{
-    n = pList->nExpr;
-    sqlite3WalkExprList(pWalker, pList);
-    if( pWalker->eCode==0 ) return WRC_Abort;
-  }
-  db = pWalker->pParse->db;
-  pDef = sqlite3FindFunction(db, pExpr->u.zToken, n, ENC(db), 0);
-  if( pDef==0
-   || pDef->xFinalize!=0
-   || (pDef->funcFlags & (SQLITE_FUNC_CONSTANT|SQLITE_FUNC_SLOCHNG))==0
-   || ExprHasProperty(pExpr, EP_WinFunc)
-  ){
-    pWalker->eCode = 0;
-    return WRC_Abort;
-  }
-  return WRC_Prune;
-}
-
 
 /*
 ** These routines are Walker callbacks used to check expressions to
@@ -111449,7 +110713,6 @@ static SQLITE_NOINLINE int exprNodeIsConstantFunction(
 ** malformed schema error.
 */
 static int exprNodeIsConstant(Walker *pWalker, Expr *pExpr){
-  assert( pWalker->eCode>0 );
 
   /* If pWalker->eCode is 2 then any term of the expression that comes from
   ** the ON or USING clauses of an outer join disqualifies the expression
@@ -111469,8 +110732,6 @@ static int exprNodeIsConstant(Walker *pWalker, Expr *pExpr){
       ){
         if( pWalker->eCode==5 ) ExprSetProperty(pExpr, EP_FromDDL);
         return WRC_Continue;
-      }else if( pWalker->pParse ){
-        return exprNodeIsConstantFunction(pWalker, pExpr);
       }else{
         pWalker->eCode = 0;
         return WRC_Abort;
@@ -111499,11 +110760,9 @@ static int exprNodeIsConstant(Walker *pWalker, Expr *pExpr){
     case TK_IF_NULL_ROW:
     case TK_REGISTER:
     case TK_DOT:
-    case TK_RAISE:
       testcase( pExpr->op==TK_REGISTER );
       testcase( pExpr->op==TK_IF_NULL_ROW );
       testcase( pExpr->op==TK_DOT );
-      testcase( pExpr->op==TK_RAISE );
       pWalker->eCode = 0;
       return WRC_Abort;
     case TK_VARIABLE:
@@ -111525,15 +110784,15 @@ static int exprNodeIsConstant(Walker *pWalker, Expr *pExpr){
       return WRC_Continue;
   }
 }
-static int exprIsConst(Parse *pParse, Expr *p, int initFlag){
+static int exprIsConst(Expr *p, int initFlag, int iCur){
   Walker w;
   w.eCode = initFlag;
-  w.pParse = pParse;
   w.xExprCallback = exprNodeIsConstant;
   w.xSelectCallback = sqlite3SelectWalkFail;
 #ifdef SQLITE_DEBUG
   w.xSelectCallback2 = sqlite3SelectWalkAssert2;
 #endif
+  w.u.iCur = iCur;
   sqlite3WalkExpr(&w, p);
   return w.eCode;
 }
@@ -111545,15 +110804,9 @@ static int exprIsConst(Parse *pParse, Expr *p, int initFlag){
 ** For the purposes of this function, a double-quoted string (ex: "abc")
 ** is considered a variable but a single-quoted string (ex: 'abc') is
 ** a constant.
-**
-** The pParse parameter may be NULL.  But if it is NULL, there is no way
-** to determine if function calls are constant or not, and hence all
-** function calls will be considered to be non-constant.  If pParse is
-** not NULL, then a function call might be constant, depending on the
-** function and on its parameters.
 */
-SQLITE_PRIVATE int sqlite3ExprIsConstant(Parse *pParse, Expr *p){
-  return exprIsConst(pParse, p, 1);
+SQLITE_PRIVATE int sqlite3ExprIsConstant(Expr *p){
+  return exprIsConst(p, 1, 0);
 }
 
 /*
@@ -111569,24 +110822,8 @@ SQLITE_PRIVATE int sqlite3ExprIsConstant(Parse *pParse, Expr *p){
 ** can be added to the pParse->pConstExpr list and evaluated once when
 ** the prepared statement starts up.  See sqlite3ExprCodeRunJustOnce().
 */
-static int sqlite3ExprIsConstantNotJoin(Parse *pParse, Expr *p){
-  return exprIsConst(pParse, p, 2);
-}
-
-/*
-** This routine examines sub-SELECT statements as an expression is being
-** walked as part of sqlite3ExprIsTableConstant().  Sub-SELECTs are considered
-** constant as long as they are uncorrelated - meaning that they do not
-** contain any terms from outer contexts.
-*/
-static int exprSelectWalkTableConstant(Walker *pWalker, Select *pSelect){
-  assert( pSelect!=0 );
-  assert( pWalker->eCode==3 || pWalker->eCode==0 );
-  if( (pSelect->selFlags & SF_Correlated)!=0 ){
-    pWalker->eCode = 0;
-    return WRC_Abort;
-  }
-  return WRC_Prune;
+SQLITE_PRIVATE int sqlite3ExprIsConstantNotJoin(Expr *p){
+  return exprIsConst(p, 2, 0);
 }
 
 /*
@@ -111594,26 +110831,9 @@ static int exprSelectWalkTableConstant(Walker *pWalker, Select *pSelect){
 ** for any single row of the table with cursor iCur.  In other words, the
 ** expression must not refer to any non-deterministic function nor any
 ** table other than iCur.
-**
-** Consider uncorrelated subqueries to be constants if the bAllowSubq
-** parameter is true.
 */
-static int sqlite3ExprIsTableConstant(Expr *p, int iCur, int bAllowSubq){
-  Walker w;
-  w.eCode = 3;
-  w.pParse = 0;
-  w.xExprCallback = exprNodeIsConstant;
-  if( bAllowSubq ){
-    w.xSelectCallback = exprSelectWalkTableConstant;
-  }else{
-    w.xSelectCallback = sqlite3SelectWalkFail;
-#ifdef SQLITE_DEBUG
-    w.xSelectCallback2 = sqlite3SelectWalkAssert2;
-#endif
-  }
-  w.u.iCur = iCur;
-  sqlite3WalkExpr(&w, p);
-  return w.eCode;
+SQLITE_PRIVATE int sqlite3ExprIsTableConstant(Expr *p, int iCur){
+  return exprIsConst(p, 3, iCur);
 }
 
 /*
@@ -111631,10 +110851,7 @@ static int sqlite3ExprIsTableConstant(Expr *p, int iCur, int bAllowSubq){
 **
 **   (1)  pExpr cannot refer to any table other than pSrc->iCursor.
 **
-**   (2a) pExpr cannot use subqueries unless the bAllowSubq parameter is
-**        true and the subquery is non-correlated
-**
-**   (2b) pExpr cannot use non-deterministic functions.
+**   (2)  pExpr cannot use subqueries or non-deterministic functions.
 **
 **   (3)  pSrc cannot be part of the left operand for a RIGHT JOIN.
 **        (Is there some way to relax this constraint?)
@@ -111663,8 +110880,7 @@ static int sqlite3ExprIsTableConstant(Expr *p, int iCur, int bAllowSubq){
 SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(
   Expr *pExpr,                 /* The constraint */
   const SrcList *pSrcList,     /* Complete FROM clause */
-  int iSrc,                    /* Which element of pSrcList to use */
-  int bAllowSubq               /* Allow non-correlated subqueries */
+  int iSrc                     /* Which element of pSrcList to use */
 ){
   const SrcItem *pSrc = &pSrcList->a[iSrc];
   if( pSrc->fg.jointype & JT_LTORJ ){
@@ -111689,8 +110905,7 @@ SQLITE_PRIVATE int sqlite3ExprIsSingleTableConstraint(
       }
     }
   }
-  /* Rules (1), (2a), and (2b) handled by the following: */
-  return sqlite3ExprIsTableConstant(pExpr, pSrc->iCursor, bAllowSubq);
+  return sqlite3ExprIsTableConstant(pExpr, pSrc->iCursor); /* rules (1), (2) */
 }
 
 
@@ -111775,7 +110990,7 @@ SQLITE_PRIVATE int sqlite3ExprIsConstantOrGroupBy(Parse *pParse, Expr *p, ExprLi
 */
 SQLITE_PRIVATE int sqlite3ExprIsConstantOrFunction(Expr *p, u8 isInit){
   assert( isInit==0 || isInit==1 );
-  return exprIsConst(0, p, 4+isInit);
+  return exprIsConst(p, 4+isInit, 0);
 }
 
 #ifdef SQLITE_ENABLE_CURSOR_HINTS
@@ -111865,12 +111080,9 @@ SQLITE_PRIVATE int sqlite3ExprCanBeNull(const Expr *p){
       return 0;
     case TK_COLUMN:
       assert( ExprUseYTab(p) );
-      return ExprHasProperty(p, EP_CanBeNull)
-          || NEVER(p->y.pTab==0) /* Reference to column of index on expr */
-#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
-          || (p->iColumn==XN_ROWID && IsView(p->y.pTab))
-#endif
-          || (p->iColumn>=0
+      return ExprHasProperty(p, EP_CanBeNull) ||
+             NEVER(p->y.pTab==0) ||  /* Reference to column of index on expr */
+             (p->iColumn>=0
               && p->y.pTab->aCol!=0 /* Possible due to prior error */
               && ALWAYS(p->iColumny.pTab->nCol)
               && p->y.pTab->aCol[p->iColumn].notNull==0);
@@ -112023,13 +111235,13 @@ static void sqlite3SetHasNullFlag(Vdbe *v, int iCur, int regHasNull){
 ** The argument is an IN operator with a list (not a subquery) on the
 ** right-hand side.  Return TRUE if that list is constant.
 */
-static int sqlite3InRhsIsConstant(Parse *pParse, Expr *pIn){
+static int sqlite3InRhsIsConstant(Expr *pIn){
   Expr *pLHS;
   int res;
   assert( !ExprHasProperty(pIn, EP_xIsSelect) );
   pLHS = pIn->pLeft;
   pIn->pLeft = 0;
-  res = sqlite3ExprIsConstant(pParse, pIn);
+  res = sqlite3ExprIsConstant(pIn);
   pIn->pLeft = pLHS;
   return res;
 }
@@ -112298,7 +111510,7 @@ SQLITE_PRIVATE int sqlite3FindInIndex(
   if( eType==0
    && (inFlags & IN_INDEX_NOOP_OK)
    && ExprUseXList(pX)
-   && (!sqlite3InRhsIsConstant(pParse,pX) || pX->x.pList->nExpr<=2)
+   && (!sqlite3InRhsIsConstant(pX) || pX->x.pList->nExpr<=2)
   ){
     pParse->nTab--;  /* Back out the allocation of the unused cursor */
     iTab = -1;       /* Cursor is not allocated */
@@ -112581,7 +111793,7 @@ SQLITE_PRIVATE void sqlite3CodeRhsOfIN(
       ** this code only executes once.  Because for a non-constant
       ** expression we need to rerun this code each time.
       */
-      if( addrOnce && !sqlite3ExprIsConstant(pParse, pE2) ){
+      if( addrOnce && !sqlite3ExprIsConstant(pE2) ){
         sqlite3VdbeChangeToNoop(v, addrOnce-1);
         sqlite3VdbeChangeToNoop(v, addrOnce);
         ExprClearProperty(pExpr, EP_Subrtn);
@@ -113745,6 +112957,12 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       assert( pExpr->u.zToken!=0 );
       assert( pExpr->u.zToken[0]!=0 );
       sqlite3VdbeAddOp2(v, OP_Variable, pExpr->iColumn, target);
+      if( pExpr->u.zToken[1]!=0 ){
+        const char *z = sqlite3VListNumToName(pParse->pVList, pExpr->iColumn);
+        assert( pExpr->u.zToken[0]=='?' || (z && !strcmp(pExpr->u.zToken, z)) );
+        pParse->pVList[0] = 0; /* Indicate VList may no longer be enlarged */
+        sqlite3VdbeAppendP4(v, (char*)z, P4_STATIC);
+      }
       return target;
     }
     case TK_REGISTER: {
@@ -113918,9 +113136,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       }
 #endif
 
-      if( ConstFactorOk(pParse)
-       && sqlite3ExprIsConstantNotJoin(pParse,pExpr)
-      ){
+      if( ConstFactorOk(pParse) && sqlite3ExprIsConstantNotJoin(pExpr) ){
         /* SQL functions can be expensive. So try to avoid running them
         ** multiple times if we know they always give the same result */
         return sqlite3ExprCodeRunJustOnce(pParse, pExpr, -1);
@@ -113951,7 +113167,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       }
 
       for(i=0; ia[i].pExpr) ){
+        if( i<32 && sqlite3ExprIsConstant(pFarg->a[i].pExpr) ){
           testcase( i==31 );
           constMask |= MASKBIT32(i);
         }
@@ -114093,9 +113309,8 @@ SQLITE_PRIVATE int sqlite3ExprCodeTarget(Parse *pParse, Expr *pExpr, int target)
       if( !ExprHasProperty(pExpr, EP_Collate) ){
         /* A TK_COLLATE Expr node without the EP_Collate tag is a so-called
         ** "SOFT-COLLATE" that is added to constraints that are pushed down
-        ** from outer queries into sub-queries by the WHERE-clause push-down
-        ** optimization. Clear subtypes as subtypes may not cross a subquery
-        ** boundary.
+        ** from outer queries into sub-queries by the push-down optimization.
+        ** Clear subtypes as subtypes may not cross a subquery boundary.
         */
         assert( pExpr->pLeft );
         sqlite3ExprCode(pParse, pExpr->pLeft, target);
@@ -114419,7 +113634,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeTemp(Parse *pParse, Expr *pExpr, int *pReg){
   if( ConstFactorOk(pParse)
    && ALWAYS(pExpr!=0)
    && pExpr->op!=TK_REGISTER
-   && sqlite3ExprIsConstantNotJoin(pParse, pExpr)
+   && sqlite3ExprIsConstantNotJoin(pExpr)
   ){
     *pReg  = 0;
     r2 = sqlite3ExprCodeRunJustOnce(pParse, pExpr, -1);
@@ -114483,7 +113698,7 @@ SQLITE_PRIVATE void sqlite3ExprCodeCopy(Parse *pParse, Expr *pExpr, int target){
 ** might choose to code the expression at initialization time.
 */
 SQLITE_PRIVATE void sqlite3ExprCodeFactorable(Parse *pParse, Expr *pExpr, int target){
-  if( pParse->okConstFactor && sqlite3ExprIsConstantNotJoin(pParse,pExpr) ){
+  if( pParse->okConstFactor && sqlite3ExprIsConstantNotJoin(pExpr) ){
     sqlite3ExprCodeRunJustOnce(pParse, pExpr, target);
   }else{
     sqlite3ExprCodeCopy(pParse, pExpr, target);
@@ -114542,7 +113757,7 @@ SQLITE_PRIVATE int sqlite3ExprCodeExprList(
         sqlite3VdbeAddOp2(v, copyOp, j+srcReg-1, target+i);
       }
     }else if( (flags & SQLITE_ECEL_FACTOR)!=0
-           && sqlite3ExprIsConstantNotJoin(pParse,pExpr)
+           && sqlite3ExprIsConstantNotJoin(pExpr)
     ){
       sqlite3ExprCodeRunJustOnce(pParse, pExpr, target+i);
     }else{
@@ -115693,8 +114908,9 @@ static int agginfoPersistExprCb(Walker *pWalker, Expr *pExpr){
        && pAggInfo->aCol[iAgg].pCExpr==pExpr
       ){
         pExpr = sqlite3ExprDup(db, pExpr, 0);
-        if( pExpr && !sqlite3ExprDeferredDelete(pParse, pExpr) ){
+        if( pExpr ){
           pAggInfo->aCol[iAgg].pCExpr = pExpr;
+          sqlite3ExprDeferredDelete(pParse, pExpr);
         }
       }
     }else{
@@ -115703,8 +114919,9 @@ static int agginfoPersistExprCb(Walker *pWalker, Expr *pExpr){
        && pAggInfo->aFunc[iAgg].pFExpr==pExpr
       ){
         pExpr = sqlite3ExprDup(db, pExpr, 0);
-        if( pExpr && !sqlite3ExprDeferredDelete(pParse, pExpr) ){
+        if( pExpr ){
           pAggInfo->aFunc[iAgg].pFExpr = pExpr;
+          sqlite3ExprDeferredDelete(pParse, pExpr);
         }
       }
     }
@@ -117463,7 +116680,7 @@ static int renameResolveTrigger(Parse *pParse){
   /* ALWAYS() because if the table of the trigger does not exist, the
   ** error would have been hit before this point */
   if( ALWAYS(pParse->pTriggerTab) ){
-    rc = sqlite3ViewGetColumnNames(pParse, pParse->pTriggerTab)!=0;
+    rc = sqlite3ViewGetColumnNames(pParse, pParse->pTriggerTab);
   }
 
   /* Resolve symbols in WHEN clause */
@@ -118405,12 +117622,7 @@ SQLITE_PRIVATE void sqlite3AlterDropColumn(Parse *pParse, SrcList *pSrc, const T
         if( i==pTab->iPKey ){
           sqlite3VdbeAddOp2(v, OP_Null, 0, regOut);
         }else{
-          char aff = pTab->aCol[i].affinity;
-          if( aff==SQLITE_AFF_REAL ){
-            pTab->aCol[i].affinity = SQLITE_AFF_NUMERIC;
-          }
           sqlite3ExprCodeGetColumnOfTable(v, pTab, iCur, i, regOut);
-          pTab->aCol[i].affinity = aff;
         }
         nField++;
       }
@@ -119329,7 +118541,7 @@ static void statGet(
       if( iVal==2 && p->nRow*10 <= nDistinct*11 ) iVal = 1;
       sqlite3_str_appendf(&sStat, " %llu", iVal);
 #ifdef SQLITE_ENABLE_STAT4
-      assert( p->current.anEq[i] || p->nRow==0 );
+      assert( p->current.anEq[i] );
 #endif
     }
     sqlite3ResultStrAccum(context, &sStat);
@@ -119514,7 +118726,7 @@ static void analyzeOneTable(
 
   for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
     int nCol;                     /* Number of columns in pIdx. "N" */
-    int addrGotoEnd;               /* Address of "OP_Rewind iIdxCur" */
+    int addrRewind;               /* Address of "OP_Rewind iIdxCur" */
     int addrNextRow;              /* Address of "next_row:" */
     const char *zIdxName;         /* Name of the index */
     int nColTest;                 /* Number of columns to test for changes */
@@ -119538,14 +118750,9 @@ static void analyzeOneTable(
     /*
     ** Pseudo-code for loop that calls stat_push():
     **
-    **   regChng = 0
     **   Rewind csr
-    **   if eof(csr){
-    **      stat_init() with count = 0;
-    **      goto end_of_scan;
-    **   }
-    **   count()
-    **   stat_init()
+    **   if eof(csr) goto end_of_scan;
+    **   regChng = 0
     **   goto chng_addr_0;
     **
     **  next_row:
@@ -119584,36 +118791,41 @@ static void analyzeOneTable(
     sqlite3VdbeSetP4KeyInfo(pParse, pIdx);
     VdbeComment((v, "%s", pIdx->zName));
 
-    /* Implementation of the following:
+    /* Invoke the stat_init() function. The arguments are:
     **
-    **   regChng = 0
-    **   Rewind csr
-    **   if eof(csr){
-    **      stat_init() with count = 0;
-    **      goto end_of_scan;
-    **   }
-    **   count()
-    **   stat_init()
-    **   goto chng_addr_0;
-    */
-    assert( regTemp2==regStat+4 );
-    sqlite3VdbeAddOp2(v, OP_Integer, db->nAnalysisLimit, regTemp2);
-
-    /* Arguments to stat_init():
     **    (1) the number of columns in the index including the rowid
     **        (or for a WITHOUT ROWID table, the number of PK columns),
     **    (2) the number of columns in the key without the rowid/pk
-    **    (3) estimated number of rows in the index. */
+    **    (3) estimated number of rows in the index,
+    */
     sqlite3VdbeAddOp2(v, OP_Integer, nCol, regStat+1);
     assert( regRowid==regStat+2 );
     sqlite3VdbeAddOp2(v, OP_Integer, pIdx->nKeyCol, regRowid);
-    sqlite3VdbeAddOp3(v, OP_Count, iIdxCur, regTemp,
-                      OptimizationDisabled(db, SQLITE_Stat4));
+#ifdef SQLITE_ENABLE_STAT4
+    if( OptimizationEnabled(db, SQLITE_Stat4) ){
+      sqlite3VdbeAddOp2(v, OP_Count, iIdxCur, regTemp);
+      addrRewind = sqlite3VdbeAddOp1(v, OP_Rewind, iIdxCur);
+      VdbeCoverage(v);
+    }else
+#endif
+    {
+      addrRewind = sqlite3VdbeAddOp1(v, OP_Rewind, iIdxCur);
+      VdbeCoverage(v);
+      sqlite3VdbeAddOp3(v, OP_Count, iIdxCur, regTemp, 1);
+    }
+    assert( regTemp2==regStat+4 );
+    sqlite3VdbeAddOp2(v, OP_Integer, db->nAnalysisLimit, regTemp2);
     sqlite3VdbeAddFunctionCall(pParse, 0, regStat+1, regStat, 4,
                                &statInitFuncdef, 0);
-    addrGotoEnd = sqlite3VdbeAddOp1(v, OP_Rewind, iIdxCur);
-    VdbeCoverage(v);
 
+    /* Implementation of the following:
+    **
+    **   Rewind csr
+    **   if eof(csr) goto end_of_scan;
+    **   regChng = 0
+    **   goto next_push_0;
+    **
+    */
     sqlite3VdbeAddOp2(v, OP_Integer, 0, regChng);
     addrNextRow = sqlite3VdbeCurrentAddr(v);
 
@@ -119720,12 +118932,6 @@ static void analyzeOneTable(
     }
 
     /* Add the entry to the stat1 table. */
-    if( pIdx->pPartIdxWhere ){
-      /* Partial indexes might get a zero-entry in sqlite_stat1.  But
-      ** an empty table is omitted from sqlite_stat1. */
-      sqlite3VdbeJumpHere(v, addrGotoEnd);
-      addrGotoEnd = 0;
-    }
     callStatGet(pParse, regStat, STAT_GET_STAT1, regStat1);
     assert( "BBB"[0]==SQLITE_AFF_TEXT );
     sqlite3VdbeAddOp4(v, OP_MakeRecord, regTabname, 3, regTemp, "BBB", 0);
@@ -119749,13 +118955,6 @@ static void analyzeOneTable(
       int addrIsNull;
       u8 seekOp = HasRowid(pTab) ? OP_NotExists : OP_NotFound;
 
-      /* No STAT4 data is generated if the number of rows is zero */
-      if( addrGotoEnd==0 ){
-        sqlite3VdbeAddOp2(v, OP_Cast, regStat1, SQLITE_AFF_INTEGER);
-        addrGotoEnd = sqlite3VdbeAddOp1(v, OP_IfNot, regStat1);
-        VdbeCoverage(v);
-      }
-
       if( doOnce ){
         int mxCol = nCol;
         Index *pX;
@@ -119808,7 +119007,7 @@ static void analyzeOneTable(
 #endif /* SQLITE_ENABLE_STAT4 */
 
     /* End of analysis */
-    if( addrGotoEnd ) sqlite3VdbeJumpHere(v, addrGotoEnd);
+    sqlite3VdbeJumpHere(v, addrRewind);
   }
 
 
@@ -121557,7 +120756,7 @@ SQLITE_PRIVATE void sqlite3FinishCoding(Parse *pParse){
     }
     sqlite3VdbeAddOp0(v, OP_Halt);
 
-#if SQLITE_USER_AUTHENTICATION && !defined(SQLITE_OMIT_SHARED_CACHE)
+#if SQLITE_USER_AUTHENTICATION
     if( pParse->nTableLock>0 && db->init.busy==0 ){
       sqlite3UserAuthInit(db);
       if( db->auth.authLevelrc = SQLITE_ERROR;
         pParse->nErr++;
         return;
       }
-      iCsr = pParse->nTab++;
       regYield = ++pParse->nMem;
       regRec = ++pParse->nMem;
       regRowid = ++pParse->nMem;
+      assert(pParse->nTab==1);
       sqlite3MayAbort(pParse);
-      sqlite3VdbeAddOp3(v, OP_OpenWrite, iCsr, pParse->regRoot, iDb);
+      sqlite3VdbeAddOp3(v, OP_OpenWrite, 1, pParse->regRoot, iDb);
       sqlite3VdbeChangeP5(v, OPFLAG_P2ISREG);
+      pParse->nTab = 2;
       addrTop = sqlite3VdbeCurrentAddr(v) + 1;
       sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, addrTop);
       if( pParse->nErr ) return;
@@ -124230,11 +123429,11 @@ SQLITE_PRIVATE void sqlite3EndTable(
       VdbeCoverage(v);
       sqlite3VdbeAddOp3(v, OP_MakeRecord, dest.iSdst, dest.nSdst, regRec);
       sqlite3TableAffinity(v, p, 0);
-      sqlite3VdbeAddOp2(v, OP_NewRowid, iCsr, regRowid);
-      sqlite3VdbeAddOp3(v, OP_Insert, iCsr, regRec, regRowid);
+      sqlite3VdbeAddOp2(v, OP_NewRowid, 1, regRowid);
+      sqlite3VdbeAddOp3(v, OP_Insert, 1, regRec, regRowid);
       sqlite3VdbeGoto(v, addrInsLoop);
       sqlite3VdbeJumpHere(v, addrInsLoop);
-      sqlite3VdbeAddOp1(v, OP_Close, iCsr);
+      sqlite3VdbeAddOp1(v, OP_Close, 1);
     }
 
     /* Compute the complete text of the CREATE statement */
@@ -124291,10 +123490,13 @@ SQLITE_PRIVATE void sqlite3EndTable(
     /* Test for cycles in generated columns and illegal expressions
     ** in CHECK constraints and in DEFAULT clauses. */
     if( p->tabFlags & TF_HasGenerated ){
-      sqlite3VdbeAddOp4(v, OP_SqlExec, 0x0001, 0, 0,
+      sqlite3VdbeAddOp4(v, OP_SqlExec, 1, 0, 0,
              sqlite3MPrintf(db, "SELECT*FROM\"%w\".\"%w\"",
                    db->aDb[iDb].zDbSName, p->zName), P4_DYNAMIC);
     }
+    sqlite3VdbeAddOp4(v, OP_SqlExec, 1, 0, 0,
+           sqlite3MPrintf(db, "PRAGMA \"%w\".integrity_check(%Q)",
+                 db->aDb[iDb].zDbSName, p->zName), P4_DYNAMIC);
   }
 
   /* Add the table to the in-memory representation of the database.
@@ -124371,12 +123573,9 @@ SQLITE_PRIVATE void sqlite3CreateView(
   ** on a view, even though views do not have rowids.  The following flag
   ** setting fixes this problem.  But the fix can be disabled by compiling
   ** with -DSQLITE_ALLOW_ROWID_IN_VIEW in case there are legacy apps that
-  ** depend upon the old buggy behavior.  The ability can also be toggled
-  ** using sqlite3_config(SQLITE_CONFIG_ROWID_IN_VIEW,...) */
-#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
-  p->tabFlags |= sqlite3Config.mNoVisibleRowid; /* Optional. Allow by default */
-#else
-  p->tabFlags |= TF_NoVisibleRowid;             /* Never allow rowid in view */
+  ** depend upon the old buggy behavior. */
+#ifndef SQLITE_ALLOW_ROWID_IN_VIEW
+  p->tabFlags |= TF_NoVisibleRowid;
 #endif
 
   sqlite3TwoPartName(pParse, pName1, pName2, &pName);
@@ -124432,9 +123631,8 @@ SQLITE_PRIVATE void sqlite3CreateView(
 #if !defined(SQLITE_OMIT_VIEW) || !defined(SQLITE_OMIT_VIRTUALTABLE)
 /*
 ** The Table structure pTable is really a VIEW.  Fill in the names of
-** the columns of the view in the pTable structure.  Return non-zero if
-** there are errors.  If an error is seen an error message is left
-** in pParse->zErrMsg.
+** the columns of the view in the pTable structure.  Return the number
+** of errors.  If an error is seen leave an error message in pParse->zErrMsg.
 */
 static SQLITE_NOINLINE int viewGetColumnNames(Parse *pParse, Table *pTable){
   Table *pSelTab;   /* A fake table from which we get the result set */
@@ -124557,7 +123755,7 @@ static SQLITE_NOINLINE int viewGetColumnNames(Parse *pParse, Table *pTable){
     sqlite3DeleteColumnNames(db, pTable);
   }
 #endif /* SQLITE_OMIT_VIEW */
-  return nErr + pParse->nErr;
+  return nErr;
 }
 SQLITE_PRIVATE int sqlite3ViewGetColumnNames(Parse *pParse, Table *pTable){
   assert( pTable!=0 );
@@ -129750,13 +128948,13 @@ SQLITE_PRIVATE void sqlite3QuoteValue(StrAccum *pStr, sqlite3_value *pValue){
       double r1, r2;
       const char *zVal;
       r1 = sqlite3_value_double(pValue);
-      sqlite3_str_appendf(pStr, "%!0.15g", r1);
+      sqlite3_str_appendf(pStr, "%!.15g", r1);
       zVal = sqlite3_str_value(pStr);
       if( zVal ){
         sqlite3AtoF(zVal, &r2, pStr->nChar, SQLITE_UTF8);
         if( r1!=r2 ){
           sqlite3_str_reset(pStr);
-          sqlite3_str_appendf(pStr, "%!0.20e", r1);
+          sqlite3_str_appendf(pStr, "%!.20e", r1);
         }
       }
       break;
@@ -130058,7 +129256,7 @@ static void replaceFunc(
   }
   if( zPattern[0]==0 ){
     assert( sqlite3_value_type(argv[1])!=SQLITE_NULL );
-    sqlite3_result_text(context, (const char*)zStr, nStr, SQLITE_TRANSIENT);
+    sqlite3_result_value(context, argv[0]);
     return;
   }
   nPattern = sqlite3_value_bytes(argv[1]);
@@ -130541,7 +129739,7 @@ static void sumFinalize(sqlite3_context *context){
     if( p->approx ){
       if( p->ovrfl ){
         sqlite3_result_error(context,"integer overflow",-1);
-      }else if( !sqlite3IsOverflow(p->rErr) ){
+      }else if( !sqlite3IsNaN(p->rErr) ){
         sqlite3_result_double(context, p->rSum+p->rErr);
       }else{
         sqlite3_result_double(context, p->rSum);
@@ -130558,7 +129756,7 @@ static void avgFinalize(sqlite3_context *context){
     double r;
     if( p->approx ){
       r = p->rSum;
-      if( !sqlite3IsOverflow(p->rErr) ) r += p->rErr;
+      if( !sqlite3IsNaN(p->rErr) ) r += p->rErr;
     }else{
       r = (double)(p->iSum);
     }
@@ -130572,7 +129770,7 @@ static void totalFinalize(sqlite3_context *context){
   if( p ){
     if( p->approx ){
       r = p->rSum;
-      if( !sqlite3IsOverflow(p->rErr) ) r += p->rErr;
+      if( !sqlite3IsNaN(p->rErr) ) r += p->rErr;
     }else{
       r = (double)(p->iSum);
     }
@@ -130855,8 +130053,6 @@ static void groupConcatValue(sqlite3_context *context){
       sqlite3_result_error_toobig(context);
     }else if( pAccum->accError==SQLITE_NOMEM ){
       sqlite3_result_error_nomem(context);
-    }else if( pGCC->nAccum>0 && pAccum->nChar==0 ){
-      sqlite3_result_text(context, "", 1, SQLITE_STATIC);
     }else{
       const char *zText = sqlite3_str_value(pAccum);
       sqlite3_result_text(context, zText, pAccum->nChar, SQLITE_TRANSIENT);
@@ -133471,196 +132667,6 @@ SQLITE_PRIVATE void sqlite3AutoincrementEnd(Parse *pParse){
 # define autoIncStep(A,B,C)
 #endif /* SQLITE_OMIT_AUTOINCREMENT */
 
-/*
-** If argument pVal is a Select object returned by an sqlite3MultiValues()
-** that was able to use the co-routine optimization, finish coding the
-** co-routine.
-*/
-SQLITE_PRIVATE void sqlite3MultiValuesEnd(Parse *pParse, Select *pVal){
-  if( ALWAYS(pVal) && pVal->pSrc->nSrc>0 ){
-    SrcItem *pItem = &pVal->pSrc->a[0];
-    sqlite3VdbeEndCoroutine(pParse->pVdbe, pItem->regReturn);
-    sqlite3VdbeJumpHere(pParse->pVdbe, pItem->addrFillSub - 1);
-  }
-}
-
-/*
-** Return true if all expressions in the expression-list passed as the
-** only argument are constant.
-*/
-static int exprListIsConstant(Parse *pParse, ExprList *pRow){
-  int ii;
-  for(ii=0; iinExpr; ii++){
-    if( 0==sqlite3ExprIsConstant(pParse, pRow->a[ii].pExpr) ) return 0;
-  }
-  return 1;
-}
-
-/*
-** Return true if all expressions in the expression-list passed as the
-** only argument are both constant and have no affinity.
-*/
-static int exprListIsNoAffinity(Parse *pParse, ExprList *pRow){
-  int ii;
-  if( exprListIsConstant(pParse,pRow)==0 ) return 0;
-  for(ii=0; iinExpr; ii++){
-    Expr *pExpr = pRow->a[ii].pExpr;
-    assert( pExpr->op!=TK_RAISE );
-    assert( pExpr->affExpr==0 );
-    if( 0!=sqlite3ExprAffinity(pExpr) ) return 0;
-  }
-  return 1;
-
-}
-
-/*
-** This function is called by the parser for the second and subsequent
-** rows of a multi-row VALUES clause. Argument pLeft is the part of
-** the VALUES clause already parsed, argument pRow is the vector of values
-** for the new row. The Select object returned represents the complete
-** VALUES clause, including the new row.
-**
-** There are two ways in which this may be achieved - by incremental
-** coding of a co-routine (the "co-routine" method) or by returning a
-** Select object equivalent to the following (the "UNION ALL" method):
-**
-**        "pLeft UNION ALL SELECT pRow"
-**
-** If the VALUES clause contains a lot of rows, this compound Select
-** object may consume a lot of memory.
-**
-** When the co-routine method is used, each row that will be returned
-** by the VALUES clause is coded into part of a co-routine as it is
-** passed to this function. The returned Select object is equivalent to:
-**
-**     SELECT * FROM (
-**       Select object to read co-routine
-**     )
-**
-** The co-routine method is used in most cases. Exceptions are:
-**
-**    a) If the current statement has a WITH clause. This is to avoid
-**       statements like:
-**
-**            WITH cte AS ( VALUES('x'), ('y') ... )
-**            SELECT * FROM cte AS a, cte AS b;
-**
-**       This will not work, as the co-routine uses a hard-coded register
-**       for its OP_Yield instructions, and so it is not possible for two
-**       cursors to iterate through it concurrently.
-**
-**    b) The schema is currently being parsed (i.e. the VALUES clause is part
-**       of a schema item like a VIEW or TRIGGER). In this case there is no VM
-**       being generated when parsing is taking place, and so generating
-**       a co-routine is not possible.
-**
-**    c) There are non-constant expressions in the VALUES clause (e.g.
-**       the VALUES clause is part of a correlated sub-query).
-**
-**    d) One or more of the values in the first row of the VALUES clause
-**       has an affinity (i.e. is a CAST expression). This causes problems
-**       because the complex rules SQLite uses (see function
-**       sqlite3SubqueryColumnTypes() in select.c) to determine the effective
-**       affinity of such a column for all rows require access to all values in
-**       the column simultaneously.
-*/
-SQLITE_PRIVATE Select *sqlite3MultiValues(Parse *pParse, Select *pLeft, ExprList *pRow){
-
-  if( pParse->bHasWith                   /* condition (a) above */
-   || pParse->db->init.busy              /* condition (b) above */
-   || exprListIsConstant(pParse,pRow)==0 /* condition (c) above */
-   || (pLeft->pSrc->nSrc==0 &&
-       exprListIsNoAffinity(pParse,pLeft->pEList)==0) /* condition (d) above */
-   || IN_SPECIAL_PARSE
-  ){
-    /* The co-routine method cannot be used. Fall back to UNION ALL. */
-    Select *pSelect = 0;
-    int f = SF_Values | SF_MultiValue;
-    if( pLeft->pSrc->nSrc ){
-      sqlite3MultiValuesEnd(pParse, pLeft);
-      f = SF_Values;
-    }else if( pLeft->pPrior ){
-      /* In this case set the SF_MultiValue flag only if it was set on pLeft */
-      f = (f & pLeft->selFlags);
-    }
-    pSelect = sqlite3SelectNew(pParse, pRow, 0, 0, 0, 0, 0, f, 0);
-    pLeft->selFlags &= ~SF_MultiValue;
-    if( pSelect ){
-      pSelect->op = TK_ALL;
-      pSelect->pPrior = pLeft;
-      pLeft = pSelect;
-    }
-  }else{
-    SrcItem *p = 0;               /* SrcItem that reads from co-routine */
-
-    if( pLeft->pSrc->nSrc==0 ){
-      /* Co-routine has not yet been started and the special Select object
-      ** that accesses the co-routine has not yet been created. This block
-      ** does both those things. */
-      Vdbe *v = sqlite3GetVdbe(pParse);
-      Select *pRet = sqlite3SelectNew(pParse, 0, 0, 0, 0, 0, 0, 0, 0);
-
-      /* Ensure the database schema has been read. This is to ensure we have
-      ** the correct text encoding.  */
-      if( (pParse->db->mDbFlags & DBFLAG_SchemaKnownOk)==0 ){
-        sqlite3ReadSchema(pParse);
-      }
-
-      if( pRet ){
-        SelectDest dest;
-        pRet->pSrc->nSrc = 1;
-        pRet->pPrior = pLeft->pPrior;
-        pRet->op = pLeft->op;
-        if( pRet->pPrior ) pRet->selFlags |= SF_Values;
-        pLeft->pPrior = 0;
-        pLeft->op = TK_SELECT;
-        assert( pLeft->pNext==0 );
-        assert( pRet->pNext==0 );
-        p = &pRet->pSrc->a[0];
-        p->pSelect = pLeft;
-        p->fg.viaCoroutine = 1;
-        p->addrFillSub = sqlite3VdbeCurrentAddr(v) + 1;
-        p->regReturn = ++pParse->nMem;
-        p->iCursor = -1;
-        p->u1.nRow = 2;
-        sqlite3VdbeAddOp3(v,OP_InitCoroutine,p->regReturn,0,p->addrFillSub);
-        sqlite3SelectDestInit(&dest, SRT_Coroutine, p->regReturn);
-
-        /* Allocate registers for the output of the co-routine. Do so so
-        ** that there are two unused registers immediately before those
-        ** used by the co-routine. This allows the code in sqlite3Insert()
-        ** to use these registers directly, instead of copying the output
-        ** of the co-routine to a separate array for processing.  */
-        dest.iSdst = pParse->nMem + 3;
-        dest.nSdst = pLeft->pEList->nExpr;
-        pParse->nMem += 2 + dest.nSdst;
-
-        pLeft->selFlags |= SF_MultiValue;
-        sqlite3Select(pParse, pLeft, &dest);
-        p->regResult = dest.iSdst;
-        assert( pParse->nErr || dest.iSdst>0 );
-        pLeft = pRet;
-      }
-    }else{
-      p = &pLeft->pSrc->a[0];
-      assert( !p->fg.isTabFunc && !p->fg.isIndexedBy );
-      p->u1.nRow++;
-    }
-
-    if( pParse->nErr==0 ){
-      assert( p!=0 );
-      if( p->pSelect->pEList->nExpr!=pRow->nExpr ){
-        sqlite3SelectWrongNumTermsError(pParse, p->pSelect);
-      }else{
-        sqlite3ExprCodeExprList(pParse, pRow, p->regResult, 0, 0);
-        sqlite3VdbeAddOp1(pParse->pVdbe, OP_Yield, p->regReturn);
-      }
-    }
-    sqlite3ExprListDelete(pParse->db, pRow);
-  }
-
-  return pLeft;
-}
 
 /* Forward declaration */
 static int xferOptimization(
@@ -133997,40 +133003,25 @@ SQLITE_PRIVATE void sqlite3Insert(
   if( pSelect ){
     /* Data is coming from a SELECT or from a multi-row VALUES clause.
     ** Generate a co-routine to run the SELECT. */
+    int regYield;       /* Register holding co-routine entry-point */
+    int addrTop;        /* Top of the co-routine */
     int rc;             /* Result code */
 
-    if( pSelect->pSrc->nSrc==1
-     && pSelect->pSrc->a[0].fg.viaCoroutine
-     && pSelect->pPrior==0
-    ){
-      SrcItem *pItem = &pSelect->pSrc->a[0];
-      dest.iSDParm = pItem->regReturn;
-      regFromSelect = pItem->regResult;
-      nColumn = pItem->pSelect->pEList->nExpr;
-      ExplainQueryPlan((pParse, 0, "SCAN %S", pItem));
-      if( bIdListInOrder && nColumn==pTab->nCol ){
-        regData = regFromSelect;
-        regRowid = regData - 1;
-        regIns = regRowid - (IsVirtual(pTab) ? 1 : 0);
-      }
-    }else{
-      int addrTop;        /* Top of the co-routine */
-      int regYield = ++pParse->nMem;
-      addrTop = sqlite3VdbeCurrentAddr(v) + 1;
-      sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, addrTop);
-      sqlite3SelectDestInit(&dest, SRT_Coroutine, regYield);
-      dest.iSdst = bIdListInOrder ? regData : 0;
-      dest.nSdst = pTab->nCol;
-      rc = sqlite3Select(pParse, pSelect, &dest);
-      regFromSelect = dest.iSdst;
-      assert( db->pParse==pParse );
-      if( rc || pParse->nErr ) goto insert_cleanup;
-      assert( db->mallocFailed==0 );
-      sqlite3VdbeEndCoroutine(v, regYield);
-      sqlite3VdbeJumpHere(v, addrTop - 1);                       /* label B: */
-      assert( pSelect->pEList );
-      nColumn = pSelect->pEList->nExpr;
-    }
+    regYield = ++pParse->nMem;
+    addrTop = sqlite3VdbeCurrentAddr(v) + 1;
+    sqlite3VdbeAddOp3(v, OP_InitCoroutine, regYield, 0, addrTop);
+    sqlite3SelectDestInit(&dest, SRT_Coroutine, regYield);
+    dest.iSdst = bIdListInOrder ? regData : 0;
+    dest.nSdst = pTab->nCol;
+    rc = sqlite3Select(pParse, pSelect, &dest);
+    regFromSelect = dest.iSdst;
+    assert( db->pParse==pParse );
+    if( rc || pParse->nErr ) goto insert_cleanup;
+    assert( db->mallocFailed==0 );
+    sqlite3VdbeEndCoroutine(v, regYield);
+    sqlite3VdbeJumpHere(v, addrTop - 1);                       /* label B: */
+    assert( pSelect->pEList );
+    nColumn = pSelect->pEList->nExpr;
 
     /* Set useTempTable to TRUE if the result of the SELECT statement
     ** should be written into a temporary table (template 4).  Set to
@@ -134185,7 +133176,7 @@ SQLITE_PRIVATE void sqlite3Insert(
       pNx->iDataCur = iDataCur;
       pNx->iIdxCur = iIdxCur;
       if( pNx->pUpsertTarget ){
-        if( sqlite3UpsertAnalyzeTarget(pParse, pTabList, pNx, pUpsert) ){
+        if( sqlite3UpsertAnalyzeTarget(pParse, pTabList, pNx) ){
           goto insert_cleanup;
         }
       }
@@ -136077,10 +135068,7 @@ static int xferOptimization(
     }
   }
 #ifndef SQLITE_OMIT_CHECK
-  if( pDest->pCheck
-   && (db->mDbFlags & DBFLAG_Vacuum)==0
-   && sqlite3ExprListCompare(pSrc->pCheck,pDest->pCheck,-1)
-  ){
+  if( pDest->pCheck && sqlite3ExprListCompare(pSrc->pCheck,pDest->pCheck,-1) ){
     return 0;   /* Tables have different CHECK constraints.  Ticket #2252 */
   }
 #endif
@@ -138755,34 +137743,6 @@ static const PragmaName aPragmaName[] = {
 /************** End of pragma.h **********************************************/
 /************** Continuing where we left off in pragma.c *********************/
 
-/*
-** When the 0x10 bit of PRAGMA optimize is set, any ANALYZE commands
-** will be run with an analysis_limit set to the lessor of the value of
-** the following macro or to the actual analysis_limit if it is non-zero,
-** in order to prevent PRAGMA optimize from running for too long.
-**
-** The value of 2000 is chosen emperically so that the worst-case run-time
-** for PRAGMA optimize does not exceed 100 milliseconds against a variety
-** of test databases on a RaspberryPI-4 compiled using -Os and without
-** -DSQLITE_DEBUG.  Of course, your mileage may vary.  For the purpose of
-** this paragraph, "worst-case" means that ANALYZE ends up being
-** run on every table in the database.  The worst case typically only
-** happens if PRAGMA optimize is run on a database file for which ANALYZE
-** has not been previously run and the 0x10000 flag is included so that
-** all tables are analyzed.  The usual case for PRAGMA optimize is that
-** no ANALYZE commands will be run at all, or if any ANALYZE happens it
-** will be against a single table, so that expected timing for PRAGMA
-** optimize on a PI-4 is more like 1 millisecond or less with the 0x10000
-** flag or less than 100 microseconds without the 0x10000 flag.
-**
-** An analysis limit of 2000 is almost always sufficient for the query
-** planner to fully characterize an index.  The additional accuracy from
-** a larger analysis is not usually helpful.
-*/
-#ifndef SQLITE_DEFAULT_OPTIMIZE_LIMIT
-# define SQLITE_DEFAULT_OPTIMIZE_LIMIT 2000
-#endif
-
 /*
 ** Interpret the given string as a safety level.  Return 0 for OFF,
 ** 1 for ON or NORMAL, 2 for FULL, and 3 for EXTRA.  Return 1 for an empty or
@@ -140428,7 +139388,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
     /* Set the maximum error count */
     mxErr = SQLITE_INTEGRITY_CHECK_ERROR_MAX;
     if( zRight ){
-      if( sqlite3GetInt32(pValue->z, &mxErr) ){
+      if( sqlite3GetInt32(zRight, &mxErr) ){
         if( mxErr<=0 ){
           mxErr = SQLITE_INTEGRITY_CHECK_ERROR_MAX;
         }
@@ -140445,6 +139405,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
       Hash *pTbls;     /* Set of all tables in the schema */
       int *aRoot;      /* Array of root page numbers of all btrees */
       int cnt = 0;     /* Number of entries in aRoot[] */
+      int mxIdx = 0;   /* Maximum number of indexes for any table */
 
       if( OMIT_TEMPDB && i==1 ) continue;
       if( iDb>=0 && i!=iDb ) continue;
@@ -140466,6 +139427,7 @@ SQLITE_PRIVATE void sqlite3Pragma(
         if( pObjTab && pObjTab!=pTab ) continue;
         if( HasRowid(pTab) ) cnt++;
         for(nIdx=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, nIdx++){ cnt++; }
+        if( nIdx>mxIdx ) mxIdx = nIdx;
       }
       if( cnt==0 ) continue;
       if( pObjTab ) cnt++;
@@ -140485,11 +139447,11 @@ SQLITE_PRIVATE void sqlite3Pragma(
       aRoot[0] = cnt;
 
       /* Make sure sufficient number of registers have been allocated */
-      sqlite3TouchRegister(pParse, 8+cnt);
+      sqlite3TouchRegister(pParse, 8+mxIdx);
       sqlite3ClearTempRegCache(pParse);
 
       /* Do the b-tree integrity checks */
-      sqlite3VdbeAddOp4(v, OP_IntegrityCk, 1, cnt, 8, (char*)aRoot,P4_INTARRAY);
+      sqlite3VdbeAddOp4(v, OP_IntegrityCk, 2, cnt, 1, (char*)aRoot,P4_INTARRAY);
       sqlite3VdbeChangeP5(v, (u8)i);
       addr = sqlite3VdbeAddOp1(v, OP_IsNull, 2); VdbeCoverage(v);
       sqlite3VdbeAddOp4(v, OP_String8, 0, 3, 0,
@@ -140499,36 +139461,6 @@ SQLITE_PRIVATE void sqlite3Pragma(
       integrityCheckResultRow(v);
       sqlite3VdbeJumpHere(v, addr);
 
-      /* Check that the indexes all have the right number of rows */
-      cnt = pObjTab ? 1 : 0;
-      sqlite3VdbeLoadString(v, 2, "wrong # of entries in index ");
-      for(x=sqliteHashFirst(pTbls); x; x=sqliteHashNext(x)){
-        int iTab = 0;
-        Table *pTab = sqliteHashData(x);
-        Index *pIdx;
-        if( pObjTab && pObjTab!=pTab ) continue;
-        if( HasRowid(pTab) ){
-          iTab = cnt++;
-        }else{
-          iTab = cnt;
-          for(pIdx=pTab->pIndex; ALWAYS(pIdx); pIdx=pIdx->pNext){
-            if( IsPrimaryKeyIndex(pIdx) ) break;
-            iTab++;
-          }
-        }
-        for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
-          if( pIdx->pPartIdxWhere==0 ){
-            addr = sqlite3VdbeAddOp3(v, OP_Eq, 8+cnt, 0, 8+iTab);
-            VdbeCoverageNeverNull(v);
-            sqlite3VdbeLoadString(v, 4, pIdx->zName);
-            sqlite3VdbeAddOp3(v, OP_Concat, 4, 2, 3);
-            integrityCheckResultRow(v);
-            sqlite3VdbeJumpHere(v, addr);
-          }
-          cnt++;
-        }
-      }
-
       /* Make sure all the indices are constructed correctly.
       */
       for(x=sqliteHashFirst(pTbls); x; x=sqliteHashNext(x)){
@@ -140543,7 +139475,31 @@ SQLITE_PRIVATE void sqlite3Pragma(
         int mxCol;              /* Maximum non-virtual column number */
 
         if( pObjTab && pObjTab!=pTab ) continue;
-        if( !IsOrdinaryTable(pTab) ) continue;
+        if( !IsOrdinaryTable(pTab) ){
+#ifndef SQLITE_OMIT_VIRTUALTABLE
+          sqlite3_vtab *pVTab;
+          int a1;
+          if( !IsVirtual(pTab) ) continue;
+          if( pTab->nCol<=0 ){
+            const char *zMod = pTab->u.vtab.azArg[0];
+            if( sqlite3HashFind(&db->aModule, zMod)==0 ) continue;
+          }
+          sqlite3ViewGetColumnNames(pParse, pTab);
+          if( pTab->u.vtab.p==0 ) continue;
+          pVTab = pTab->u.vtab.p->pVtab;
+          if( NEVER(pVTab==0) ) continue;
+          if( NEVER(pVTab->pModule==0) ) continue;
+          if( pVTab->pModule->iVersion<4 ) continue;
+          if( pVTab->pModule->xIntegrity==0 ) continue;
+          sqlite3VdbeAddOp3(v, OP_VCheck, i, 3, isQuick);
+          pTab->nTabRef++;
+          sqlite3VdbeAppendP4(v, pTab, P4_TABLEREF);
+          a1 = sqlite3VdbeAddOp1(v, OP_IsNull, 3); VdbeCoverage(v);
+          integrityCheckResultRow(v);
+          sqlite3VdbeJumpHere(v, a1);
+#endif
+          continue;
+        }
         if( isQuick || HasRowid(pTab) ){
           pPk = 0;
           r2 = 0;
@@ -140678,7 +139634,6 @@ SQLITE_PRIVATE void sqlite3Pragma(
               ** is REAL, we have to load the actual data using OP_Column
               ** to reliably determine if the value is a NULL. */
               sqlite3VdbeAddOp3(v, OP_Column, p1, p3, 3);
-              sqlite3ColumnDefault(v, pTab, j, 3);
               jmp3 = sqlite3VdbeAddOp2(v, OP_NotNull, 3, labelOk);
               VdbeCoverage(v);
             }
@@ -140852,43 +139807,23 @@ SQLITE_PRIVATE void sqlite3Pragma(
         }
         sqlite3VdbeAddOp2(v, OP_Next, iDataCur, loopTop); VdbeCoverage(v);
         sqlite3VdbeJumpHere(v, loopTop-1);
-        if( pPk ){
-          assert( !isQuick );
-          sqlite3ReleaseTempRange(pParse, r2, pPk->nKeyCol);
+        if( !isQuick ){
+          sqlite3VdbeLoadString(v, 2, "wrong # of entries in index ");
+          for(j=0, pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext, j++){
+            if( pPk==pIdx ) continue;
+            sqlite3VdbeAddOp2(v, OP_Count, iIdxCur+j, 3);
+            addr = sqlite3VdbeAddOp3(v, OP_Eq, 8+j, 0, 3); VdbeCoverage(v);
+            sqlite3VdbeChangeP5(v, SQLITE_NOTNULL);
+            sqlite3VdbeLoadString(v, 4, pIdx->zName);
+            sqlite3VdbeAddOp3(v, OP_Concat, 4, 2, 3);
+            integrityCheckResultRow(v);
+            sqlite3VdbeJumpHere(v, addr);
+          }
+          if( pPk ){
+            sqlite3ReleaseTempRange(pParse, r2, pPk->nKeyCol);
+          }
         }
       }
-
-#ifndef SQLITE_OMIT_VIRTUALTABLE
-      /* Second pass to invoke the xIntegrity method on all virtual
-      ** tables.
-      */
-      for(x=sqliteHashFirst(pTbls); x; x=sqliteHashNext(x)){
-        Table *pTab = sqliteHashData(x);
-        sqlite3_vtab *pVTab;
-        int a1;
-        if( pObjTab && pObjTab!=pTab ) continue;
-        if( IsOrdinaryTable(pTab) ) continue;
-        if( !IsVirtual(pTab) ) continue;
-        if( pTab->nCol<=0 ){
-          const char *zMod = pTab->u.vtab.azArg[0];
-          if( sqlite3HashFind(&db->aModule, zMod)==0 ) continue;
-        }
-        sqlite3ViewGetColumnNames(pParse, pTab);
-        if( pTab->u.vtab.p==0 ) continue;
-        pVTab = pTab->u.vtab.p->pVtab;
-        if( NEVER(pVTab==0) ) continue;
-        if( NEVER(pVTab->pModule==0) ) continue;
-        if( pVTab->pModule->iVersion<4 ) continue;
-        if( pVTab->pModule->xIntegrity==0 ) continue;
-        sqlite3VdbeAddOp3(v, OP_VCheck, i, 3, isQuick);
-        pTab->nTabRef++;
-        sqlite3VdbeAppendP4(v, pTab, P4_TABLEREF);
-        a1 = sqlite3VdbeAddOp1(v, OP_IsNull, 3); VdbeCoverage(v);
-        integrityCheckResultRow(v);
-        sqlite3VdbeJumpHere(v, a1);
-        continue;
-      }
-#endif
     }
     {
       static const int iLn = VDBE_OFFSET_LINENO(2);
@@ -141152,63 +140087,44 @@ SQLITE_PRIVATE void sqlite3Pragma(
   **
   ** The optional argument is a bitmask of optimizations to perform:
   **
-  **    0x00001    Debugging mode.  Do not actually perform any optimizations
-  **               but instead return one line of text for each optimization
-  **               that would have been done.  Off by default.
+  **    0x0001    Debugging mode.  Do not actually perform any optimizations
+  **              but instead return one line of text for each optimization
+  **              that would have been done.  Off by default.
   **
-  **    0x00002    Run ANALYZE on tables that might benefit.  On by default.
-  **               See below for additional information.
+  **    0x0002    Run ANALYZE on tables that might benefit.  On by default.
+  **              See below for additional information.
   **
-  **    0x00010    Run all ANALYZE operations using an analysis_limit that
-  **               is the lessor of the current analysis_limit and the
-  **               SQLITE_DEFAULT_OPTIMIZE_LIMIT compile-time option.
-  **               The default value of SQLITE_DEFAULT_OPTIMIZE_LIMIT is
-  **               currently (2024-02-19) set to 2000, which is such that
-  **               the worst case run-time for PRAGMA optimize on a 100MB
-  **               database will usually be less than 100 milliseconds on
-  **               a RaspberryPI-4 class machine.  On by default.
+  **    0x0004    (Not yet implemented) Record usage and performance
+  **              information from the current session in the
+  **              database file so that it will be available to "optimize"
+  **              pragmas run by future database connections.
   **
-  **    0x10000    Look at tables to see if they need to be reanalyzed
-  **               due to growth or shrinkage even if they have not been
-  **               queried during the current connection.  Off by default.
+  **    0x0008    (Not yet implemented) Create indexes that might have
+  **              been helpful to recent queries
   **
-  ** The default MASK is and always shall be 0x0fffe.  In the current
-  ** implementation, the default mask only covers the 0x00002 optimization,
-  ** though additional optimizations that are covered by 0x0fffe might be
-  ** added in the future.  Optimizations that are off by default and must
-  ** be explicitly requested have masks of 0x10000 or greater.
+  ** The default MASK is and always shall be 0xfffe.  0xfffe means perform all
+  ** of the optimizations listed above except Debug Mode, including new
+  ** optimizations that have not yet been invented.  If new optimizations are
+  ** ever added that should be off by default, those off-by-default
+  ** optimizations will have bitmasks of 0x10000 or larger.
   **
   ** DETERMINATION OF WHEN TO RUN ANALYZE
   **
   ** In the current implementation, a table is analyzed if only if all of
   ** the following are true:
   **
-  ** (1) MASK bit 0x00002 is set.
+  ** (1) MASK bit 0x02 is set.
   **
-  ** (2) The table is an ordinary table, not a virtual table or view.
+  ** (2) The query planner used sqlite_stat1-style statistics for one or
+  **     more indexes of the table at some point during the lifetime of
+  **     the current connection.
   **
-  ** (3) The table name does not begin with "sqlite_".
-  **
-  ** (4) One or more of the following is true:
-  **      (4a) The 0x10000 MASK bit is set.
-  **      (4b) One or more indexes on the table lacks an entry
-  **           in the sqlite_stat1 table.
-  **      (4c) The query planner used sqlite_stat1-style statistics for one
-  **           or more indexes of the table at some point during the lifetime
-  **           of the current connection.
-  **
-  ** (5) One or more of the following is true:
-  **      (5a) One or more indexes on the table lacks an entry
-  **           in the sqlite_stat1 table.  (Same as 4a)
-  **      (5b) The number of rows in the table has increased or decreased by
-  **           10-fold.  In other words, the current size of the table is
-  **           10 times larger than the size in sqlite_stat1 or else the
-  **           current size is less than 1/10th the size in sqlite_stat1.
+  ** (3) One or more indexes of the table are currently unanalyzed OR
+  **     the number of rows in the table has increased by 25 times or more
+  **     since the last time ANALYZE was run.
   **
   ** The rules for when tables are analyzed are likely to change in
-  ** future releases.  Future versions of SQLite might accept a string
-  ** literal argument to this pragma that contains a mnemonic description
-  ** of the options rather than a bitmap.
+  ** future releases.
   */
   case PragTyp_OPTIMIZE: {
     int iDbLast;           /* Loop termination point for the schema loop */
@@ -141220,10 +140136,6 @@ SQLITE_PRIVATE void sqlite3Pragma(
     LogEst szThreshold;    /* Size threshold above which reanalysis needed */
     char *zSubSql;         /* SQL statement for the OP_SqlExec opcode */
     u32 opMask;            /* Mask of operations to perform */
-    int nLimit;            /* Analysis limit to use */
-    int nCheck = 0;        /* Number of tables to be optimized */
-    int nBtree = 0;        /* Number of btrees to scan */
-    int nIndex;            /* Number of indexes on the current table */
 
     if( zRight ){
       opMask = (u32)sqlite3Atoi(zRight);
@@ -141231,14 +140143,6 @@ SQLITE_PRIVATE void sqlite3Pragma(
     }else{
       opMask = 0xfffe;
     }
-    if( (opMask & 0x10)==0 ){
-      nLimit = 0;
-    }else if( db->nAnalysisLimit>0
-           && db->nAnalysisLimitnTab++;
     for(iDbLast = zDb?iDb:db->nDb-1; iDb<=iDbLast; iDb++){
       if( iDb==1 ) continue;
@@ -141247,61 +140151,23 @@ SQLITE_PRIVATE void sqlite3Pragma(
       for(k=sqliteHashFirst(&pSchema->tblHash); k; k=sqliteHashNext(k)){
         pTab = (Table*)sqliteHashData(k);
 
-        /* This only works for ordinary tables */
-        if( !IsOrdinaryTable(pTab) ) continue;
-
-        /* Do not scan system tables */
-        if( 0==sqlite3StrNICmp(pTab->zName, "sqlite_", 7) ) continue;
+        /* If table pTab has not been used in a way that would benefit from
+        ** having analysis statistics during the current session, then skip it.
+        ** This also has the effect of skipping virtual tables and views */
+        if( (pTab->tabFlags & TF_StatsUsed)==0 ) continue;
 
-        /* Find the size of the table as last recorded in sqlite_stat1.
-        ** If any index is unanalyzed, then the threshold is -1 to
-        ** indicate a new, unanalyzed index
-        */
-        szThreshold = pTab->nRowLogEst;
-        nIndex = 0;
+        /* Reanalyze if the table is 25 times larger than the last analysis */
+        szThreshold = pTab->nRowLogEst + 46; assert( sqlite3LogEst(25)==46 );
         for(pIdx=pTab->pIndex; pIdx; pIdx=pIdx->pNext){
-          nIndex++;
           if( !pIdx->hasStat1 ){
-            szThreshold = -1; /* Always analyze if any index lacks statistics */
+            szThreshold = 0; /* Always analyze if any index lacks statistics */
+            break;
           }
         }
-
-        /* If table pTab has not been used in a way that would benefit from
-        ** having analysis statistics during the current session, then skip it,
-        ** unless the 0x10000 MASK bit is set. */
-        if( (pTab->tabFlags & TF_MaybeReanalyze)!=0 ){
-          /* Check for size change if stat1 has been used for a query */
-        }else if( opMask & 0x10000 ){
-          /* Check for size change if 0x10000 is set */
-        }else if( pTab->pIndex!=0 && szThreshold<0 ){
-          /* Do analysis if unanalyzed indexes exists */
-        }else{
-          /* Otherwise, we can skip this table */
-          continue;
-        }
-
-        nCheck++;
-        if( nCheck==2 ){
-          /* If ANALYZE might be invoked two or more times, hold a write
-          ** transaction for efficiency */
-          sqlite3BeginWriteOperation(pParse, 0, iDb);
-        }
-        nBtree += nIndex+1;
-
-        /* Reanalyze if the table is 10 times larger or smaller than
-        ** the last analysis.  Unconditional reanalysis if there are
-        ** unanalyzed indexes. */
-        sqlite3OpenTable(pParse, iTabCur, iDb, pTab, OP_OpenRead);
-        if( szThreshold>=0 ){
-          const LogEst iRange = 33;   /* 10x size change */
-          sqlite3VdbeAddOp4Int(v, OP_IfSizeBetween, iTabCur,
-                         sqlite3VdbeCurrentAddr(v)+2+(opMask&1),
-                         szThreshold>=iRange ? szThreshold-iRange : -1,
-                         szThreshold+iRange);
-          VdbeCoverage(v);
-        }else{
-          sqlite3VdbeAddOp2(v, OP_Rewind, iTabCur,
-                         sqlite3VdbeCurrentAddr(v)+2+(opMask&1));
+        if( szThreshold ){
+          sqlite3OpenTable(pParse, iTabCur, iDb, pTab, OP_OpenRead);
+          sqlite3VdbeAddOp3(v, OP_IfSmaller, iTabCur,
+                         sqlite3VdbeCurrentAddr(v)+2+(opMask&1), szThreshold);
           VdbeCoverage(v);
         }
         zSubSql = sqlite3MPrintf(db, "ANALYZE \"%w\".\"%w\"",
@@ -141311,27 +140177,11 @@ SQLITE_PRIVATE void sqlite3Pragma(
           sqlite3VdbeAddOp4(v, OP_String8, 0, r1, 0, zSubSql, P4_DYNAMIC);
           sqlite3VdbeAddOp2(v, OP_ResultRow, r1, 1);
         }else{
-          sqlite3VdbeAddOp4(v, OP_SqlExec, nLimit ? 0x02 : 00, nLimit, 0,
-                            zSubSql, P4_DYNAMIC);
+          sqlite3VdbeAddOp4(v, OP_SqlExec, 0, 0, 0, zSubSql, P4_DYNAMIC);
         }
       }
     }
     sqlite3VdbeAddOp0(v, OP_Expire);
-
-    /* In a schema with a large number of tables and indexes, scale back
-    ** the analysis_limit to avoid excess run-time in the worst case.
-    */
-    if( !db->mallocFailed && nLimit>0 && nBtree>100 ){
-      int iAddr, iEnd;
-      VdbeOp *aOp;
-      nLimit = 100*nLimit/nBtree;
-      if( nLimit<100 ) nLimit = 100;
-      aOp = sqlite3VdbeGetOp(v, 0);
-      iEnd = sqlite3VdbeCurrentAddr(v);
-      for(iAddr=0; iAddrnConstraint; i++, pConstraint++){
-    if( pConstraint->iColumn < pTab->iHidden ) continue;
+    if( pConstraint->usable==0 ) continue;
     if( pConstraint->op!=SQLITE_INDEX_CONSTRAINT_EQ ) continue;
-    if( pConstraint->usable==0 ) return SQLITE_CONSTRAINT;
+    if( pConstraint->iColumn < pTab->iHidden ) continue;
     j = pConstraint->iColumn - pTab->iHidden;
     assert( j < 2 );
     seen[j] = i+1;
@@ -141610,13 +140460,12 @@ static int pragmaVtabBestIndex(sqlite3_vtab *tab, sqlite3_index_info *pIdxInfo){
   j = seen[0]-1;
   pIdxInfo->aConstraintUsage[j].argvIndex = 1;
   pIdxInfo->aConstraintUsage[j].omit = 1;
+  if( seen[1]==0 ) return SQLITE_OK;
   pIdxInfo->estimatedCost = (double)20;
   pIdxInfo->estimatedRows = 20;
-  if( seen[1] ){
-    j = seen[1]-1;
-    pIdxInfo->aConstraintUsage[j].argvIndex = 2;
-    pIdxInfo->aConstraintUsage[j].omit = 1;
-  }
+  j = seen[1]-1;
+  pIdxInfo->aConstraintUsage[j].argvIndex = 2;
+  pIdxInfo->aConstraintUsage[j].omit = 1;
   return SQLITE_OK;
 }
 
@@ -141636,7 +140485,6 @@ static void pragmaVtabCursorClear(PragmaVtabCursor *pCsr){
   int i;
   sqlite3_finalize(pCsr->pPragma);
   pCsr->pPragma = 0;
-  pCsr->iRowid = 0;
   for(i=0; iazArg); i++){
     sqlite3_free(pCsr->azArg[i]);
     pCsr->azArg[i] = 0;
@@ -142437,13 +141285,7 @@ SQLITE_PRIVATE void *sqlite3ParserAddCleanup(
   void (*xCleanup)(sqlite3*,void*),   /* The cleanup routine */
   void *pPtr                          /* Pointer to object to be cleaned up */
 ){
-  ParseCleanup *pCleanup;
-  if( sqlite3FaultSim(300) ){
-    pCleanup = 0;
-    sqlite3OomFault(pParse->db);
-  }else{
-    pCleanup = sqlite3DbMallocRaw(pParse->db, sizeof(*pCleanup));
-  }
+  ParseCleanup *pCleanup = sqlite3DbMallocRaw(pParse->db, sizeof(*pCleanup));
   if( pCleanup ){
     pCleanup->pNext = pParse->pCleanup;
     pParse->pCleanup = pCleanup;
@@ -144565,16 +143407,9 @@ static void generateSortTail(
   int addrExplain;                /* Address of OP_Explain instruction */
 #endif
 
-  nKey = pOrderBy->nExpr - pSort->nOBSat;
-  if( pSort->nOBSat==0 || nKey==1 ){
-    ExplainQueryPlan2(addrExplain, (pParse, 0,
-      "USE TEMP B-TREE FOR %sORDER BY", pSort->nOBSat?"LAST TERM OF ":""
-    ));
-  }else{
-    ExplainQueryPlan2(addrExplain, (pParse, 0,
-      "USE TEMP B-TREE FOR LAST %d TERMS OF ORDER BY", nKey
-    ));
-  }
+  ExplainQueryPlan2(addrExplain, (pParse, 0,
+        "USE TEMP B-TREE FOR %sORDER BY", pSort->nOBSat>0?"RIGHT PART OF ":"")
+  );
   sqlite3VdbeScanStatusRange(v, addrExplain,pSort->addrPush,pSort->addrPushEnd);
   sqlite3VdbeScanStatusCounters(v, addrExplain, addrExplain, pSort->addrPush);
 
@@ -144612,6 +143447,7 @@ static void generateSortTail(
       regRow = sqlite3GetTempRange(pParse, nColumn);
     }
   }
+  nKey = pOrderBy->nExpr - pSort->nOBSat;
   if( pSort->sortFlags & SORTFLAG_UseSorter ){
     int regSortOut = ++pParse->nMem;
     iSortTab = pParse->nTab++;
@@ -144851,7 +143687,11 @@ static const char *columnTypeImpl(
         ** data for the result-set column of the sub-select.
         */
         if( iColpEList->nExpr
-         && (!ViewCanHaveRowid || iCol>=0)
+#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
+         && iCol>=0
+#else
+         && ALWAYS(iCol>=0)
+#endif
         ){
           /* If iCol is less than zero, then the expression requests the
           ** rowid of the sub-select or view. This expression is legal (see
@@ -145216,7 +144056,8 @@ SQLITE_PRIVATE void sqlite3SubqueryColumnTypes(
   NameContext sNC;
 
   assert( pSelect!=0 );
-  assert( (pSelect->selFlags & SF_Resolved)!=0 );
+  testcase( (pSelect->selFlags & SF_Resolved)==0 );
+  assert( (pSelect->selFlags & SF_Resolved)!=0 || IN_RENAME_OBJECT );
   assert( pTab->nCol==pSelect->pEList->nExpr || pParse->nErr>0 );
   assert( aff==SQLITE_AFF_NONE || aff==SQLITE_AFF_BLOB );
   if( db->mallocFailed || IN_RENAME_OBJECT ) return;
@@ -145227,22 +144068,17 @@ SQLITE_PRIVATE void sqlite3SubqueryColumnTypes(
   for(i=0, pCol=pTab->aCol; inCol; i++, pCol++){
     const char *zType;
     i64 n;
-    int m = 0;
-    Select *pS2 = pSelect;
     pTab->tabFlags |= (pCol->colFlags & COLFLAG_NOINSERT);
     p = a[i].pExpr;
     /* pCol->szEst = ... // Column size est for SELECT tables never used */
     pCol->affinity = sqlite3ExprAffinity(p);
-    while( pCol->affinity<=SQLITE_AFF_NONE && pS2->pNext!=0 ){
-      m |= sqlite3ExprDataType(pS2->pEList->a[i].pExpr);
-      pS2 = pS2->pNext;
-      pCol->affinity = sqlite3ExprAffinity(pS2->pEList->a[i].pExpr);
-    }
     if( pCol->affinity<=SQLITE_AFF_NONE ){
       pCol->affinity = aff;
     }
-    if( pCol->affinity>=SQLITE_AFF_TEXT && (pS2->pNext || pS2!=pSelect) ){
-      for(pS2=pS2->pNext; pS2; pS2=pS2->pNext){
+    if( pCol->affinity>=SQLITE_AFF_TEXT && pSelect->pNext ){
+      int m = 0;
+      Select *pS2;
+      for(m=0, pS2=pSelect->pNext; pS2; pS2=pS2->pNext){
         m |= sqlite3ExprDataType(pS2->pEList->a[i].pExpr);
       }
       if( pCol->affinity==SQLITE_AFF_TEXT && (m&0x01)!=0 ){
@@ -145272,12 +144108,12 @@ SQLITE_PRIVATE void sqlite3SubqueryColumnTypes(
       }
     }
     if( zType ){
-      const i64 k = sqlite3Strlen30(zType);
+      i64 m = sqlite3Strlen30(zType);
       n = sqlite3Strlen30(pCol->zCnName);
-      pCol->zCnName = sqlite3DbReallocOrFree(db, pCol->zCnName, n+k+2);
+      pCol->zCnName = sqlite3DbReallocOrFree(db, pCol->zCnName, n+m+2);
       pCol->colFlags &= ~(COLFLAG_HASTYPE|COLFLAG_HASCOLL);
       if( pCol->zCnName ){
-        memcpy(&pCol->zCnName[n+1], zType, k+1);
+        memcpy(&pCol->zCnName[n+1], zType, m+1);
         pCol->colFlags |= COLFLAG_HASTYPE;
       }
     }
@@ -147674,7 +146510,7 @@ static void constInsert(
 ){
   int i;
   assert( pColumn->op==TK_COLUMN );
-  assert( sqlite3ExprIsConstant(pConst->pParse, pValue) );
+  assert( sqlite3ExprIsConstant(pValue) );
 
   if( ExprHasProperty(pColumn, EP_FixedCol) ) return;
   if( sqlite3ExprAffinity(pValue)!=0 ) return;
@@ -147732,10 +146568,10 @@ static void findConstInWhere(WhereConst *pConst, Expr *pExpr){
   pLeft = pExpr->pLeft;
   assert( pRight!=0 );
   assert( pLeft!=0 );
-  if( pRight->op==TK_COLUMN && sqlite3ExprIsConstant(pConst->pParse, pLeft) ){
+  if( pRight->op==TK_COLUMN && sqlite3ExprIsConstant(pLeft) ){
     constInsert(pConst,pRight,pLeft,pExpr);
   }
-  if( pLeft->op==TK_COLUMN && sqlite3ExprIsConstant(pConst->pParse, pRight) ){
+  if( pLeft->op==TK_COLUMN && sqlite3ExprIsConstant(pRight) ){
     constInsert(pConst,pLeft,pRight,pExpr);
   }
 }
@@ -147956,18 +146792,6 @@ static int pushDownWindowCheck(Parse *pParse, Select *pSubq, Expr *pExpr){
 ** The hope is that the terms added to the inner query will make it more
 ** efficient.
 **
-** NAME AMBIGUITY
-**
-** This optimization is called the "WHERE-clause push-down optimization".
-**
-** Do not confuse this optimization with another unrelated optimization
-** with a similar name:  The "MySQL push-down optimization" causes WHERE
-** clause terms that can be evaluated using only the index and without
-** reference to the table are run first, so that if they are false,
-** unnecessary table seeks are avoided.
-**
-** RULES
-**
 ** Do not attempt this optimization if:
 **
 **   (1) (** This restriction was removed on 2017-09-29.  We used to
@@ -148033,19 +146857,15 @@ static int pushDownWindowCheck(Parse *pParse, Select *pSubq, Expr *pExpr){
 **       (9c) There is a RIGHT JOIN (or FULL JOIN) in between the ON/USING
 **            clause and the subquery.
 **
-**       Without this restriction, the WHERE-clause push-down optimization
-**       might move the ON/USING filter expression from the left side of a
-**       RIGHT JOIN over to the right side, which leads to incorrect answers.
-**       See also restriction (6) in sqlite3ExprIsSingleTableConstraint().
+**       Without this restriction, the push-down optimization might move
+**       the ON/USING filter expression from the left side of a RIGHT JOIN
+**       over to the right side, which leads to incorrect answers.  See
+**       also restriction (6) in sqlite3ExprIsSingleTableConstraint().
 **
 **  (10) The inner query is not the right-hand table of a RIGHT JOIN.
 **
 **  (11) The subquery is not a VALUES clause
 **
-**  (12) The WHERE clause is not "rowid ISNULL" or the equivalent.  This
-**       case only comes up if SQLite is compiled using
-**       SQLITE_ALLOW_ROWID_IN_VIEW.
-**
 ** Return 0 if no changes are made and non-zero if one or more WHERE clause
 ** terms are duplicated into the subquery.
 */
@@ -148156,19 +146976,7 @@ static int pushDownWhereTerms(
   }
 #endif
 
-#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
-  if( ViewCanHaveRowid && (pWhere->op==TK_ISNULL || pWhere->op==TK_NOTNULL) ){
-    Expr *pLeft = pWhere->pLeft;
-    if( ALWAYS(pLeft)
-     && pLeft->op==TK_COLUMN
-     && pLeft->iColumn < 0
-    ){
-      return 0;  /* Restriction (12) */
-    }
-  }
-#endif
-
-  if( sqlite3ExprIsSingleTableConstraint(pWhere, pSrcList, iSrc, 1) ){
+  if( sqlite3ExprIsSingleTableConstraint(pWhere, pSrcList, iSrc) ){
     nChng++;
     pSubq->selFlags |= SF_PushDown;
     while( pSubq ){
@@ -148795,14 +147603,12 @@ SQLITE_PRIVATE int sqlite3ExpandSubquery(Parse *pParse, SrcItem *pFrom){
   while( pSel->pPrior ){ pSel = pSel->pPrior; }
   sqlite3ColumnsFromExprList(pParse, pSel->pEList,&pTab->nCol,&pTab->aCol);
   pTab->iPKey = -1;
-  pTab->eTabType = TABTYP_VIEW;
   pTab->nRowLogEst = 200; assert( 200==sqlite3LogEst(1048576) );
 #ifndef SQLITE_ALLOW_ROWID_IN_VIEW
   /* The usual case - do not allow ROWID on a subquery */
   pTab->tabFlags |= TF_Ephemeral | TF_NoVisibleRowid;
 #else
-  /* Legacy compatibility mode */
-  pTab->tabFlags |= TF_Ephemeral | sqlite3Config.mNoVisibleRowid;
+  pTab->tabFlags |= TF_Ephemeral;  /* Legacy compatibility mode */
 #endif
   return pParse->nErr ? SQLITE_ERROR : SQLITE_OK;
 }
@@ -149070,7 +147876,7 @@ static int selectExpander(Walker *pWalker, Select *p){
             pNestedFrom = pFrom->pSelect->pEList;
             assert( pNestedFrom!=0 );
             assert( pNestedFrom->nExpr==pTab->nCol );
-            assert( VisibleRowid(pTab)==0 || ViewCanHaveRowid );
+            assert( VisibleRowid(pTab)==0 );
           }else{
             if( zTName && sqlite3StrICmp(zTName, zTabName)!=0 ){
               continue;
@@ -149102,8 +147908,7 @@ static int selectExpander(Walker *pWalker, Select *p){
             pUsing = 0;
           }
 
-          nAdd = pTab->nCol;
-          if( VisibleRowid(pTab) && (selFlags & SF_NestedFrom)!=0 ) nAdd++;
+          nAdd = pTab->nCol + (VisibleRowid(pTab) && (selFlags&SF_NestedFrom));
           for(j=0; ja[pNew->nExpr-1];
             assert( pX->zEName==0 );
             if( (selFlags & SF_NestedFrom)!=0 && !IN_RENAME_OBJECT ){
-              if( pNestedFrom && (!ViewCanHaveRowid || jnExpr) ){
-                assert( jnExpr );
+              if( pNestedFrom ){
                 pX->zEName = sqlite3DbStrDup(db, pNestedFrom->a[j].zEName);
                 testcase( pX->zEName==0 );
               }else{
@@ -149303,7 +148107,8 @@ static void selectAddSubqueryTypeInfo(Walker *pWalker, Select *p){
   if( p->selFlags & SF_HasTypeInfo ) return;
   p->selFlags |= SF_HasTypeInfo;
   pParse = pWalker->pParse;
-  assert( (p->selFlags & SF_Resolved) );
+  testcase( (p->selFlags & SF_Resolved)==0 );
+  assert( (p->selFlags & SF_Resolved) || IN_RENAME_OBJECT );
   pTabList = p->pSrc;
   for(i=0, pFrom=pTabList->a; inSrc; i++, pFrom++){
     Table *pTab = pFrom->pTab;
@@ -149373,8 +148178,6 @@ SQLITE_PRIVATE void sqlite3SelectPrep(
 */
 static void printAggInfo(AggInfo *pAggInfo){
   int ii;
-  sqlite3DebugPrintf("AggInfo %d/%p:\n",
-     pAggInfo->selId, pAggInfo);
   for(ii=0; iinColumn; ii++){
     struct AggInfo_col *pCol = &pAggInfo->aCol[ii];
     sqlite3DebugPrintf(
@@ -150565,7 +149368,7 @@ SQLITE_PRIVATE int sqlite3Select(
     /* Generate code for all sub-queries in the FROM clause
     */
     pSub = pItem->pSelect;
-    if( pSub==0 || pItem->addrFillSub!=0 ) continue;
+    if( pSub==0 ) continue;
 
     /* The code for a subquery should only be generated once. */
     assert( pItem->addrFillSub==0 );
@@ -150596,7 +149399,7 @@ SQLITE_PRIVATE int sqlite3Select(
 #endif
       assert( pItem->pSelect && (pItem->pSelect->selFlags & SF_PushDown)!=0 );
     }else{
-      TREETRACE(0x4000,pParse,p,("WHERE-lcause push-down not possible\n"));
+      TREETRACE(0x4000,pParse,p,("Push-down not possible\n"));
     }
 
     /* Convert unused result columns of the subquery into simple NULL
@@ -151477,12 +150280,6 @@ SQLITE_PRIVATE int sqlite3Select(
   sqlite3ExprListDelete(db, pMinMaxOrderBy);
 #ifdef SQLITE_DEBUG
   if( pAggInfo && !db->mallocFailed ){
-#if TREETRACE_ENABLED
-    if( sqlite3TreeTrace & 0x20 ){
-      TREETRACE(0x20,pParse,p,("Finished with AggInfo\n"));
-      printAggInfo(pAggInfo);
-    }
-#endif
     for(i=0; inColumn; i++){
       Expr *pExpr = pAggInfo->aCol[i].pCExpr;
       if( pExpr==0 ) continue;
@@ -152664,72 +151461,6 @@ static ExprList *sqlite3ExpandReturning(
   return pNew;
 }
 
-/* If the Expr node is a subquery or an EXISTS operator or an IN operator that
-** uses a subquery, and if the subquery is SF_Correlated, then mark the
-** expression as EP_VarSelect.
-*/
-static int sqlite3ReturningSubqueryVarSelect(Walker *NotUsed, Expr *pExpr){
-  UNUSED_PARAMETER(NotUsed);
-  if( ExprUseXSelect(pExpr)
-   && (pExpr->x.pSelect->selFlags & SF_Correlated)!=0
-  ){
-    testcase( ExprHasProperty(pExpr, EP_VarSelect) );
-    ExprSetProperty(pExpr, EP_VarSelect);
-  }
-  return WRC_Continue;
-}
-
-
-/*
-** If the SELECT references the table pWalker->u.pTab, then do two things:
-**
-**    (1) Mark the SELECT as as SF_Correlated.
-**    (2) Set pWalker->eCode to non-zero so that the caller will know
-**        that (1) has happened.
-*/
-static int sqlite3ReturningSubqueryCorrelated(Walker *pWalker, Select *pSelect){
-  int i;
-  SrcList *pSrc;
-  assert( pSelect!=0 );
-  pSrc = pSelect->pSrc;
-  assert( pSrc!=0 );
-  for(i=0; inSrc; i++){
-    if( pSrc->a[i].pTab==pWalker->u.pTab ){
-      testcase( pSelect->selFlags & SF_Correlated );
-      pSelect->selFlags |= SF_Correlated;
-      pWalker->eCode = 1;
-      break;
-    }
-  }
-  return WRC_Continue;
-}
-
-/*
-** Scan the expression list that is the argument to RETURNING looking
-** for subqueries that depend on the table which is being modified in the
-** statement that is hosting the RETURNING clause (pTab).  Mark all such
-** subqueries as SF_Correlated.  If the subqueries are part of an
-** expression, mark the expression as EP_VarSelect.
-**
-** https://sqlite.org/forum/forumpost/2c83569ce8945d39
-*/
-static void sqlite3ProcessReturningSubqueries(
-  ExprList *pEList,
-  Table *pTab
-){
-  Walker w;
-  memset(&w, 0, sizeof(w));
-  w.xExprCallback = sqlite3ExprWalkNoop;
-  w.xSelectCallback = sqlite3ReturningSubqueryCorrelated;
-  w.u.pTab = pTab;
-  sqlite3WalkExprList(&w, pEList);
-  if( w.eCode ){
-    w.xExprCallback = sqlite3ReturningSubqueryVarSelect;
-    w.xSelectCallback = sqlite3SelectWalkNoop;
-    sqlite3WalkExprList(&w, pEList);
-  }
-}
-
 /*
 ** Generate code for the RETURNING trigger.  Unlike other triggers
 ** that invoke a subprogram in the bytecode, the code for RETURNING
@@ -152766,7 +151497,6 @@ static void codeReturningTrigger(
   sSelect.pSrc = &sFrom;
   sFrom.nSrc = 1;
   sFrom.a[0].pTab = pTab;
-  sFrom.a[0].zName = pTab->zName; /* tag-20240424-1 */
   sFrom.a[0].iCursor = -1;
   sqlite3SelectPrep(pParse, &sSelect, 0);
   if( pParse->nErr==0 ){
@@ -152793,7 +151523,6 @@ static void codeReturningTrigger(
       int i;
       int nCol = pNew->nExpr;
       int reg = pParse->nMem+1;
-      sqlite3ProcessReturningSubqueries(pNew, pTab);
       pParse->nMem += nCol+2;
       pReturning->iRetReg = reg;
       for(i=0; ipUpsertIdx = pIdx;
-      if( sqlite3UpsertOfIndex(pAll,pIdx)!=pUpsert ){
-        /* Really this should be an error.  The isDup ON CONFLICT clause will
-        ** never fire.  But this problem was not discovered until three years
-        ** after multi-CONFLICT upsert was added, and so we silently ignore
-        ** the problem to prevent breaking applications that might actually
-        ** have redundant ON CONFLICT clauses. */
-        pUpsert->isDup = 1;
-      }
       break;
     }
     if( pUpsert->pUpsertIdx==0 ){
@@ -154873,13 +153590,9 @@ SQLITE_PRIVATE int sqlite3UpsertNextIsIPK(Upsert *pUpsert){
   Upsert *pNext;
   if( NEVER(pUpsert==0) ) return 0;
   pNext = pUpsert->pNextUpsert;
-  while( 1 /*exit-by-return*/ ){
-    if( pNext==0 ) return 1;
-    if( pNext->pUpsertTarget==0 ) return 1;
-    if( pNext->pUpsertIdx==0 ) return 1;
-    if( !pNext->isDup ) return 0;
-    pNext = pNext->pNextUpsert;
-  }
+  if( pNext==0 ) return 1;
+  if( pNext->pUpsertTarget==0 ) return 1;
+  if( pNext->pUpsertIdx==0 ) return 1;
   return 0;
 }
 
@@ -156004,8 +154717,6 @@ static int vtabCallConstructor(
   db->pVtabCtx = &sCtx;
   pTab->nTabRef++;
   rc = xConstruct(db, pMod->pAux, nArg, azArg, &pVTable->pVtab, &zErr);
-  assert( pTab!=0 );
-  assert( pTab->nTabRef>1 || rc!=SQLITE_OK );
   sqlite3DeleteTable(db, pTab);
   db->pVtabCtx = sCtx.pPrior;
   if( rc==SQLITE_NOMEM ) sqlite3OomFault(db);
@@ -156028,7 +154739,7 @@ static int vtabCallConstructor(
     pVTable->nRef = 1;
     if( sCtx.bDeclared==0 ){
       const char *zFormat = "vtable constructor did not declare schema: %s";
-      *pzErr = sqlite3MPrintf(db, zFormat, zModuleName);
+      *pzErr = sqlite3MPrintf(db, zFormat, pTab->zName);
       sqlite3VtabUnlock(pVTable);
       rc = SQLITE_ERROR;
     }else{
@@ -156206,30 +154917,12 @@ SQLITE_API int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){
   Table *pTab;
   Parse sParse;
   int initBusy;
-  int i;
-  const unsigned char *z;
-  static const u8 aKeyword[] = { TK_CREATE, TK_TABLE, 0 };
 
 #ifdef SQLITE_ENABLE_API_ARMOR
   if( !sqlite3SafetyCheckOk(db) || zCreateTable==0 ){
     return SQLITE_MISUSE_BKPT;
   }
 #endif
-
-  /* Verify that the first two keywords in the CREATE TABLE statement
-  ** really are "CREATE" and "TABLE".  If this is not the case, then
-  ** sqlite3_declare_vtab() is being misused.
-  */
-  z = (const unsigned char*)zCreateTable;
-  for(i=0; aKeyword[i]; i++){
-    int tokenType = 0;
-    do{ z += sqlite3GetToken(z, &tokenType); }while( tokenType==TK_SPACE );
-    if( tokenType!=aKeyword[i] ){
-      sqlite3ErrorWithMsg(db, SQLITE_ERROR, "syntax error");
-      return SQLITE_ERROR;
-    }
-  }
-
   sqlite3_mutex_enter(db->mutex);
   pCtx = db->pVtabCtx;
   if( !pCtx || pCtx->bDeclared ){
@@ -156237,7 +154930,6 @@ SQLITE_API int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){
     sqlite3_mutex_leave(db->mutex);
     return SQLITE_MISUSE_BKPT;
   }
-
   pTab = pCtx->pTab;
   assert( IsVirtual(pTab) );
 
@@ -156251,10 +154943,11 @@ SQLITE_API int sqlite3_declare_vtab(sqlite3 *db, const char *zCreateTable){
   initBusy = db->init.busy;
   db->init.busy = 0;
   sParse.nQueryLoop = 1;
-  if( SQLITE_OK==sqlite3RunParser(&sParse, zCreateTable) ){
-    assert( sParse.pNewTable!=0 );
-    assert( !db->mallocFailed );
-    assert( IsOrdinaryTable(sParse.pNewTable) );
+  if( SQLITE_OK==sqlite3RunParser(&sParse, zCreateTable)
+   && ALWAYS(sParse.pNewTable!=0)
+   && ALWAYS(!db->mallocFailed)
+   && IsOrdinaryTable(sParse.pNewTable)
+  ){
     assert( sParse.zErrMsg==0 );
     if( !pTab->aCol ){
       Table *pNew = sParse.pNewTable;
@@ -158749,27 +157442,6 @@ static SQLITE_NOINLINE void filterPullDown(
   }
 }
 
-/*
-** Loop pLoop is a WHERE_INDEXED level that uses at least one IN(...)
-** operator. Return true if level pLoop is guaranteed to visit only one
-** row for each key generated for the index.
-*/
-static int whereLoopIsOneRow(WhereLoop *pLoop){
-  if( pLoop->u.btree.pIndex->onError
-   && pLoop->nSkip==0
-   && pLoop->u.btree.nEq==pLoop->u.btree.pIndex->nKeyCol
-  ){
-    int ii;
-    for(ii=0; iiu.btree.nEq; ii++){
-      if( pLoop->aLTerm[ii]->eOperator & (WO_IS|WO_ISNULL) ){
-        return 0;
-      }
-    }
-    return 1;
-  }
-  return 0;
-}
-
 /*
 ** Generate code for the start of the iLevel-th loop in the WHERE clause
 ** implementation described by pWInfo.
@@ -158848,7 +157520,7 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
   if( pLevel->iFrom>0 && (pTabItem[0].fg.jointype & JT_LEFT)!=0 ){
     pLevel->iLeftJoin = ++pParse->nMem;
     sqlite3VdbeAddOp2(v, OP_Integer, 0, pLevel->iLeftJoin);
-    VdbeComment((v, "init LEFT JOIN match flag"));
+    VdbeComment((v, "init LEFT JOIN no-match flag"));
   }
 
   /* Compute a safe address to jump to if we discover that the table for
@@ -159517,9 +158189,7 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
     }
 
     /* Record the instruction used to terminate the loop. */
-    if( (pLoop->wsFlags & WHERE_ONEROW)
-     || (pLevel->u.in.nIn && regBignull==0 && whereLoopIsOneRow(pLoop))
-    ){
+    if( pLoop->wsFlags & WHERE_ONEROW ){
       pLevel->op = OP_Noop;
     }else if( bRev ){
       pLevel->op = OP_Prev;
@@ -159909,12 +158579,6 @@ SQLITE_PRIVATE Bitmask sqlite3WhereCodeOneLoopStart(
   ** iLoop==3: Code all remaining expressions.
   **
   ** An effort is made to skip unnecessary iterations of the loop.
-  **
-  ** This optimization of causing simple query restrictions to occur before
-  ** more complex one is call the "push-down" optimization in MySQL.  Here
-  ** in SQLite, the name is "MySQL push-down", since there is also another
-  ** totally unrelated optimization called "WHERE-clause push-down".
-  ** Sometimes the qualifier is omitted, resulting in an ambiguity, so beware.
   */
   iLoop = (pIdx ? 1 : 2);
   do{
@@ -160165,16 +158829,7 @@ SQLITE_PRIVATE SQLITE_NOINLINE void sqlite3WhereRightJoinLoop(
                                   pRJ->regReturn);
   for(k=0; ka[k].pWLoop->iTab == pWInfo->a[k].iFrom );
-    pRight = &pWInfo->pTabList->a[pWInfo->a[k].iFrom];
     mAll |= pWInfo->a[k].pWLoop->maskSelf;
-    if( pRight->fg.viaCoroutine ){
-      sqlite3VdbeAddOp3(
-          v, OP_Null, 0, pRight->regResult,
-          pRight->regResult + pRight->pSelect->pEList->nExpr-1
-      );
-    }
     sqlite3VdbeAddOp1(v, OP_NullRow, pWInfo->a[k].iTabCur);
     iIdxCur = pWInfo->a[k].iIdxCur;
     if( iIdxCur ){
@@ -161231,7 +159886,7 @@ static SQLITE_NOINLINE int exprMightBeIndexed2(
         if( pIdx->aiColumn[i]!=XN_EXPR ) continue;
         assert( pIdx->bHasExpr );
         if( sqlite3ExprCompareSkip(pExpr,pIdx->aColExpr->a[i].pExpr,iCur)==0
-         && !sqlite3ExprIsConstant(0,pIdx->aColExpr->a[i].pExpr)
+          && pExpr->op!=TK_STRING
         ){
           aiCurCol[0] = iCur;
           aiCurCol[1] = XN_EXPR;
@@ -161880,7 +160535,6 @@ SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3WhereAddLimit(WhereClause *pWC, Selec
         continue;
       }
       if( pWC->a[ii].leftCursor!=iCsr ) return;
-      if( pWC->a[ii].prereqRight!=0 ) return;
     }
 
     /* Check condition (5). Return early if it is not met. */
@@ -161895,14 +160549,12 @@ SQLITE_PRIVATE void SQLITE_NOINLINE sqlite3WhereAddLimit(WhereClause *pWC, Selec
 
     /* All conditions are met. Add the terms to the where-clause object. */
     assert( p->pLimit->op==TK_LIMIT );
-    if( p->iOffset!=0 && (p->selFlags & SF_Compound)==0 ){
+    whereAddLimitExpr(pWC, p->iLimit, p->pLimit->pLeft,
+                      iCsr, SQLITE_INDEX_CONSTRAINT_LIMIT);
+    if( p->iOffset>0 ){
       whereAddLimitExpr(pWC, p->iOffset, p->pLimit->pRight,
                         iCsr, SQLITE_INDEX_CONSTRAINT_OFFSET);
     }
-    if( p->iOffset==0 || (p->selFlags & SF_Compound)==0 ){
-      whereAddLimitExpr(pWC, p->iLimit, p->pLimit->pLeft,
-                        iCsr, SQLITE_INDEX_CONSTRAINT_LIMIT);
-    }
   }
 }
 
@@ -162420,42 +161072,6 @@ static Expr *whereRightSubexprIsColumn(Expr *p){
   return 0;
 }
 
-/*
-** Term pTerm is guaranteed to be a WO_IN term. It may be a component term
-** of a vector IN expression of the form "(x, y, ...) IN (SELECT ...)".
-** This function checks to see if the term is compatible with an index
-** column with affinity idxaff (one of the SQLITE_AFF_XYZ values). If so,
-** it returns a pointer to the name of the collation sequence (e.g. "BINARY"
-** or "NOCASE") used by the comparison in pTerm. If it is not compatible
-** with affinity idxaff, NULL is returned.
-*/
-static SQLITE_NOINLINE const char *indexInAffinityOk(
-  Parse *pParse,
-  WhereTerm *pTerm,
-  u8 idxaff
-){
-  Expr *pX = pTerm->pExpr;
-  Expr inexpr;
-
-  assert( pTerm->eOperator & WO_IN );
-
-  if( sqlite3ExprIsVector(pX->pLeft) ){
-    int iField = pTerm->u.x.iField - 1;
-    inexpr.flags = 0;
-    inexpr.op = TK_EQ;
-    inexpr.pLeft = pX->pLeft->x.pList->a[iField].pExpr;
-    assert( ExprUseXSelect(pX) );
-    inexpr.pRight = pX->x.pSelect->pEList->a[iField].pExpr;
-    pX = &inexpr;
-  }
-
-  if( sqlite3IndexAffinityOk(pX, idxaff) ){
-    CollSeq *pRet = sqlite3ExprCompareCollSeq(pParse, pX);
-    return pRet ? pRet->zName : sqlite3StrBINARY;
-  }
-  return 0;
-}
-
 /*
 ** Advance to the next WhereTerm that matches according to the criteria
 ** established when the pScan object was initialized by whereScanInit().
@@ -162506,24 +161122,16 @@ static WhereTerm *whereScanNext(WhereScan *pScan){
           if( (pTerm->eOperator & pScan->opMask)!=0 ){
             /* Verify the affinity and collating sequence match */
             if( pScan->zCollName && (pTerm->eOperator & WO_ISNULL)==0 ){
-              const char *zCollName;
+              CollSeq *pColl;
               Parse *pParse = pWC->pWInfo->pParse;
               pX = pTerm->pExpr;
-
-              if( (pTerm->eOperator & WO_IN) ){
-                zCollName = indexInAffinityOk(pParse, pTerm, pScan->idxaff);
-                if( !zCollName ) continue;
-              }else{
-                CollSeq *pColl;
-                if( !sqlite3IndexAffinityOk(pX, pScan->idxaff) ){
-                  continue;
-                }
-                assert(pX->pLeft);
-                pColl = sqlite3ExprCompareCollSeq(pParse, pX);
-                zCollName = pColl ? pColl->zName : sqlite3StrBINARY;
+              if( !sqlite3IndexAffinityOk(pX, pScan->idxaff) ){
+                continue;
               }
-
-              if( sqlite3StrICmp(zCollName, pScan->zCollName) ){
+              assert(pX->pLeft);
+              pColl = sqlite3ExprCompareCollSeq(pParse, pX);
+              if( pColl==0 ) pColl = pParse->db->pDfltColl;
+              if( sqlite3StrICmp(pColl->zName, pScan->zCollName) ){
                 continue;
               }
             }
@@ -162875,13 +161483,9 @@ static void translateColumnToCopy(
 ** are no-ops.
 */
 #if !defined(SQLITE_OMIT_VIRTUALTABLE) && defined(WHERETRACE_ENABLED)
-static void whereTraceIndexInfoInputs(
-  sqlite3_index_info *p,   /* The IndexInfo object */
-  Table *pTab              /* The TABLE that is the virtual table */
-){
+static void whereTraceIndexInfoInputs(sqlite3_index_info *p){
   int i;
   if( (sqlite3WhereTrace & 0x10)==0 ) return;
-  sqlite3DebugPrintf("sqlite3_index_info inputs for %s:\n", pTab->zName);
   for(i=0; inConstraint; i++){
     sqlite3DebugPrintf(
        "  constraint[%d]: col=%d termid=%d op=%d usabled=%d collseq=%s\n",
@@ -162899,13 +161503,9 @@ static void whereTraceIndexInfoInputs(
        p->aOrderBy[i].desc);
   }
 }
-static void whereTraceIndexInfoOutputs(
-  sqlite3_index_info *p,   /* The IndexInfo object */
-  Table *pTab              /* The TABLE that is the virtual table */
-){
+static void whereTraceIndexInfoOutputs(sqlite3_index_info *p){
   int i;
   if( (sqlite3WhereTrace & 0x10)==0 ) return;
-  sqlite3DebugPrintf("sqlite3_index_info outputs for %s:\n", pTab->zName);
   for(i=0; inConstraint; i++){
     sqlite3DebugPrintf("  usage[%d]: argvIdx=%d omit=%d\n",
        i,
@@ -162919,8 +161519,8 @@ static void whereTraceIndexInfoOutputs(
   sqlite3DebugPrintf("  estimatedRows=%lld\n", p->estimatedRows);
 }
 #else
-#define whereTraceIndexInfoInputs(A,B)
-#define whereTraceIndexInfoOutputs(A,B)
+#define whereTraceIndexInfoInputs(A)
+#define whereTraceIndexInfoOutputs(A)
 #endif
 
 /*
@@ -163104,7 +161704,7 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
     ** WHERE clause (or the ON clause of a LEFT join) that constrain which
     ** rows of the target table (pSrc) that can be used. */
     if( (pTerm->wtFlags & TERM_VIRTUAL)==0
-     && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, pLevel->iFrom, 0)
+     && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, pLevel->iFrom)
     ){
       pPartial = sqlite3ExprAnd(pParse, pPartial,
                                 sqlite3ExprDup(pParse->db, pExpr, 0));
@@ -163146,7 +161746,7 @@ static SQLITE_NOINLINE void constructAutomaticIndex(
   ** if they go out of sync.
   */
   if( IsView(pTable) ){
-    extraCols = ALLBITS & ~idxCols;
+    extraCols = ALLBITS;
   }else{
     extraCols = pSrc->colUsed & (~idxCols | MASKBIT(BMS-1));
   }
@@ -163373,7 +161973,7 @@ static SQLITE_NOINLINE void sqlite3ConstructBloomFilter(
     for(pTerm=pWInfo->sWC.a; pTermpExpr;
       if( (pTerm->wtFlags & TERM_VIRTUAL)==0
-       && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, iSrc, 0)
+       && sqlite3ExprIsSingleTableConstraint(pExpr, pTabList, iSrc)
       ){
         sqlite3ExprIfFalse(pParse, pTerm->pExpr, addrCont, SQLITE_JUMPIFNULL);
       }
@@ -163499,7 +162099,7 @@ static sqlite3_index_info *allocateIndexInfo(
       Expr *pE2;
 
       /* Skip over constant terms in the ORDER BY clause */
-      if( sqlite3ExprIsConstant(0, pExpr) ){
+      if( sqlite3ExprIsConstant(pExpr) ){
         continue;
       }
 
@@ -163534,7 +162134,7 @@ static sqlite3_index_info *allocateIndexInfo(
     }
     if( i==n ){
       nOrderBy = n;
-      if( (pWInfo->wctrlFlags & WHERE_DISTINCTBY) && !pSrc->fg.rowidUsed ){
+      if( (pWInfo->wctrlFlags & WHERE_DISTINCTBY) ){
         eDistinct = 2 + ((pWInfo->wctrlFlags & WHERE_SORTBYGROUP)!=0);
       }else if( pWInfo->wctrlFlags & WHERE_GROUPBY ){
         eDistinct = 1;
@@ -163611,7 +162211,7 @@ static sqlite3_index_info *allocateIndexInfo(
   pIdxInfo->nConstraint = j;
   for(i=j=0; ia[i].pExpr;
-    if( sqlite3ExprIsConstant(0, pExpr) ) continue;
+    if( sqlite3ExprIsConstant(pExpr) ) continue;
     assert( pExpr->op==TK_COLUMN
          || (pExpr->op==TK_COLLATE && pExpr->pLeft->op==TK_COLUMN
               && pExpr->iColumn==pExpr->pLeft->iColumn) );
@@ -163663,11 +162263,11 @@ static int vtabBestIndex(Parse *pParse, Table *pTab, sqlite3_index_info *p){
   sqlite3_vtab *pVtab = sqlite3GetVTable(pParse->db, pTab)->pVtab;
   int rc;
 
-  whereTraceIndexInfoInputs(p, pTab);
+  whereTraceIndexInfoInputs(p);
   pParse->db->nSchemaLock++;
   rc = pVtab->pModule->xBestIndex(pVtab, p);
   pParse->db->nSchemaLock--;
-  whereTraceIndexInfoOutputs(p, pTab);
+  whereTraceIndexInfoOutputs(p);
 
   if( rc!=SQLITE_OK && rc!=SQLITE_CONSTRAINT ){
     if( rc==SQLITE_NOMEM ){
@@ -165145,9 +163745,7 @@ static int whereLoopAddBtreeIndex(
   }
   if( pProbe->bUnordered || pProbe->bLowQual ){
     if( pProbe->bUnordered ) opMask &= ~(WO_GT|WO_GE|WO_LT|WO_LE);
-    if( pProbe->bLowQual && pSrc->fg.isIndexedBy==0 ){
-      opMask &= ~(WO_EQ|WO_IN|WO_IS);
-    }
+    if( pProbe->bLowQual )   opMask &= ~(WO_EQ|WO_IN|WO_IS);
   }
 
   assert( pNew->u.btree.nEqnColumn );
@@ -165414,13 +164012,10 @@ static int whereLoopAddBtreeIndex(
       }
     }
 
-    /* Set rCostIdx to the estimated cost of visiting selected rows in the
-    ** index.  The estimate is the sum of two values:
-    **   1.  The cost of doing one search-by-key to find the first matching
-    **       entry
-    **   2.  Stepping forward in the index pNew->nOut times to find all
-    **       additional matching entries.
-    */
+    /* Set rCostIdx to the cost of visiting selected rows in index. Add
+    ** it to pNew->rRun, which is currently set to the cost of the index
+    ** seek only. Then, if this is a non-covering index, add the cost of
+    ** visiting the rows in the main table.  */
     assert( pSrc->pTab->szTabRow>0 );
     if( pProbe->idxType==SQLITE_IDXTYPE_IPK ){
       /* The pProbe->szIdxRow is low for an IPK table since the interior
@@ -165431,15 +164026,7 @@ static int whereLoopAddBtreeIndex(
     }else{
       rCostIdx = pNew->nOut + 1 + (15*pProbe->szIdxRow)/pSrc->pTab->szTabRow;
     }
-    rCostIdx = sqlite3LogEstAdd(rLogSize, rCostIdx);
-
-    /* Estimate the cost of running the loop.  If all data is coming
-    ** from the index, then this is just the cost of doing the index
-    ** lookup and scan.  But if some data is coming out of the main table,
-    ** we also have to add in the cost of doing pNew->nOut searches to
-    ** locate the row in the main table that corresponds to the index entry.
-    */
-    pNew->rRun = rCostIdx;
+    pNew->rRun = sqlite3LogEstAdd(rLogSize, rCostIdx);
     if( (pNew->wsFlags & (WHERE_IDX_ONLY|WHERE_IPK|WHERE_EXPRIDX))==0 ){
       pNew->rRun = sqlite3LogEstAdd(pNew->rRun, pNew->nOut + 16);
     }
@@ -165545,9 +164132,7 @@ static int indexMightHelpWithOrderBy(
   for(ii=0; iinExpr; ii++){
     Expr *pExpr = sqlite3ExprSkipCollateAndLikely(pOB->a[ii].pExpr);
     if( NEVER(pExpr==0) ) continue;
-    if( (pExpr->op==TK_COLUMN || pExpr->op==TK_AGG_COLUMN)
-     && pExpr->iTable==iCursor
-    ){
+    if( pExpr->op==TK_COLUMN && pExpr->iTable==iCursor ){
       if( pExpr->iColumn<0 ) return 1;
       for(jj=0; jjnKeyCol; jj++){
         if( pExpr->iColumn==pIndex->aiColumn[jj] ) return 1;
@@ -165804,7 +164389,7 @@ static void wherePartIdxExpr(
     u8 aff;
 
     if( pLeft->op!=TK_COLUMN ) return;
-    if( !sqlite3ExprIsConstant(0, pRight) ) return;
+    if( !sqlite3ExprIsConstant(pRight) ) return;
     if( !sqlite3IsBinary(sqlite3ExprCompareCollSeq(pParse, pPart)) ) return;
     if( pLeft->iColumn<0 ) return;
     aff = pIdx->pTable->aCol[pLeft->iColumn].affinity;
@@ -166077,9 +164662,7 @@ static int whereLoopAddBtree(
                   " according to whereIsCoveringIndex()\n", pProbe->zName));
             }
           }
-        }else if( m==0
-           && (HasRowid(pTab) || pWInfo->pSelect!=0 || sqlite3FaultSim(700))
-        ){
+        }else if( m==0 ){
           WHERETRACE(0x200,
              ("-> %s a covering index according to bitmasks\n",
              pProbe->zName, m==0 ? "is" : "is not"));
@@ -166155,7 +164738,7 @@ static int whereLoopAddBtree(
       ** unique index is used (making the index functionally non-unique)
       ** then the sqlite_stat1 data becomes important for scoring the
       ** plan */
-      pTab->tabFlags |= TF_MaybeReanalyze;
+      pTab->tabFlags |= TF_StatsUsed;
     }
 #ifdef SQLITE_ENABLE_STAT4
     sqlite3Stat4ProbeFree(pBuilder->pRec);
@@ -166177,21 +164760,6 @@ static int isLimitTerm(WhereTerm *pTerm){
       && pTerm->eMatchOp<=SQLITE_INDEX_CONSTRAINT_OFFSET;
 }
 
-/*
-** Return true if the first nCons constraints in the pUsage array are
-** marked as in-use (have argvIndex>0). False otherwise.
-*/
-static int allConstraintsUsed(
-  struct sqlite3_index_constraint_usage *aUsage,
-  int nCons
-){
-  int ii;
-  for(ii=0; iipNew->iTab. This
@@ -166332,20 +164900,13 @@ static int whereLoopAddVirtualOne(
         *pbIn = 1; assert( (mExclude & WO_IN)==0 );
       }
 
-      /* Unless pbRetryLimit is non-NULL, there should be no LIMIT/OFFSET
-      ** terms. And if there are any, they should follow all other terms. */
       assert( pbRetryLimit || !isLimitTerm(pTerm) );
-      assert( !isLimitTerm(pTerm) || i>=nConstraint-2 );
-      assert( !isLimitTerm(pTerm) || i==nConstraint-1 || isLimitTerm(pTerm+1) );
-
-      if( isLimitTerm(pTerm) && (*pbIn || !allConstraintsUsed(pUsage, i)) ){
+      if( isLimitTerm(pTerm) && *pbIn ){
         /* If there is an IN(...) term handled as an == (separate call to
         ** xFilter for each value on the RHS of the IN) and a LIMIT or
-        ** OFFSET term handled as well, the plan is unusable. Similarly,
-        ** if there is a LIMIT/OFFSET and there are other unused terms,
-        ** the plan cannot be used. In these cases set variable *pbRetryLimit
-        ** to true to tell the caller to retry with LIMIT and OFFSET
-        ** disabled. */
+        ** OFFSET term handled as well, the plan is unusable. Set output
+        ** variable *pbRetryLimit to true to tell the caller to retry with
+        ** LIMIT and OFFSET disabled. */
         if( pIdxInfo->needToFreeIdxStr ){
           sqlite3_free(pIdxInfo->idxStr);
           pIdxInfo->idxStr = 0;
@@ -167202,7 +165763,7 @@ static i8 wherePathSatisfiesOrderBy(
         if( MASKBIT(i) & obSat ) continue;
         p = pOrderBy->a[i].pExpr;
         mTerm = sqlite3WhereExprUsage(&pWInfo->sMaskSet,p);
-        if( mTerm==0 && !sqlite3ExprIsConstant(0,p) ) continue;
+        if( mTerm==0 && !sqlite3ExprIsConstant(p) ) continue;
         if( (mTerm&~orderDistinctMask)==0 ){
           obSat |= MASKBIT(i);
         }
@@ -167671,9 +166232,10 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
       if( pFrom->isOrdered==pWInfo->pOrderBy->nExpr ){
         pWInfo->eDistinct = WHERE_DISTINCT_ORDERED;
       }
-      /* vvv--- See check-in [12ad822d9b827777] on 2023-03-16 ---vvv */
-      assert( pWInfo->pSelect->pOrderBy==0
-           || pWInfo->nOBSat <= pWInfo->pSelect->pOrderBy->nExpr );
+      if( pWInfo->pSelect->pOrderBy
+       && pWInfo->nOBSat > pWInfo->pSelect->pOrderBy->nExpr ){
+        pWInfo->nOBSat = pWInfo->pSelect->pOrderBy->nExpr;
+      }
     }else{
       pWInfo->revMask = pFrom->revLoop;
       if( pWInfo->nOBSat<=0 ){
@@ -167716,6 +166278,7 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
     }
   }
 
+
   pWInfo->nRowOut = pFrom->nRow;
 
   /* Free temporary memory and return success */
@@ -167723,83 +166286,6 @@ static int wherePathSolver(WhereInfo *pWInfo, LogEst nRowEst){
   return SQLITE_OK;
 }
 
-/*
-** This routine implements a heuristic designed to improve query planning.
-** This routine is called in between the first and second call to
-** wherePathSolver().  Hence the name "Interstage" "Heuristic".
-**
-** The first call to wherePathSolver() (hereafter just "solver()") computes
-** the best path without regard to the order of the outputs.  The second call
-** to the solver() builds upon the first call to try to find an alternative
-** path that satisfies the ORDER BY clause.
-**
-** This routine looks at the results of the first solver() run, and for
-** every FROM clause term in the resulting query plan that uses an equality
-** constraint against an index, disable other WhereLoops for that same
-** FROM clause term that would try to do a full-table scan.  This prevents
-** an index search from being converted into a full-table scan in order to
-** satisfy an ORDER BY clause, since even though we might get slightly better
-** performance using the full-scan without sorting if the output size
-** estimates are very precise, we might also get severe performance
-** degradation using the full-scan if the output size estimate is too large.
-** It is better to err on the side of caution.
-**
-** Except, if the first solver() call generated a full-table scan in an outer
-** loop then stop this analysis at the first full-scan, since the second
-** solver() run might try to swap that full-scan for another in order to
-** get the output into the correct order.  In other words, we allow a
-** rewrite like this:
-**
-**     First Solver()                      Second Solver()
-**       |-- SCAN t1                         |-- SCAN t2
-**       |-- SEARCH t2                       `-- SEARCH t1
-**       `-- SORT USING B-TREE
-**
-** The purpose of this routine is to disallow rewrites such as:
-**
-**     First Solver()                      Second Solver()
-**       |-- SEARCH t1                       |-- SCAN t2     <--- bad!
-**       |-- SEARCH t2                       `-- SEARCH t1
-**       `-- SORT USING B-TREE
-**
-** See test cases in test/whereN.test for the real-world query that
-** originally provoked this heuristic.
-*/
-static SQLITE_NOINLINE void whereInterstageHeuristic(WhereInfo *pWInfo){
-  int i;
-#ifdef WHERETRACE_ENABLED
-  int once = 0;
-#endif
-  for(i=0; inLevel; i++){
-    WhereLoop *p = pWInfo->a[i].pWLoop;
-    if( p==0 ) break;
-    if( (p->wsFlags & WHERE_VIRTUALTABLE)!=0 ) continue;
-    if( (p->wsFlags & (WHERE_COLUMN_EQ|WHERE_COLUMN_NULL|WHERE_COLUMN_IN))!=0 ){
-      u8 iTab = p->iTab;
-      WhereLoop *pLoop;
-      for(pLoop=pWInfo->pLoops; pLoop; pLoop=pLoop->pNextLoop){
-        if( pLoop->iTab!=iTab ) continue;
-        if( (pLoop->wsFlags & (WHERE_CONSTRAINT|WHERE_AUTO_INDEX))!=0 ){
-          /* Auto-index and index-constrained loops allowed to remain */
-          continue;
-        }
-#ifdef WHERETRACE_ENABLED
-        if( sqlite3WhereTrace & 0x80 ){
-          if( once==0 ){
-            sqlite3DebugPrintf("Loops disabled by interstage heuristic:\n");
-            once = 1;
-          }
-          sqlite3WhereLoopPrint(pLoop, &pWInfo->sWC);
-        }
-#endif /* WHERETRACE_ENABLED */
-        pLoop->prereq = ALLBITS;  /* Prevent 2nd solver() from using this one */
-      }
-    }else{
-      break;
-    }
-  }
-}
-
 /*
 ** Most queries use only a single table (they are not joins) and have
 ** simple == constraints against indexed fields.  This routine attempts
@@ -167968,10 +166454,6 @@ static void showAllWhereLoops(WhereInfo *pWInfo, WhereClause *pWC){
 **      the right-most table of a subquery that was flattened into the
 **      main query and that subquery was the right-hand operand of an
 **      inner join that held an ON or USING clause.
-**   6) The ORDER BY clause has 63 or fewer terms
-**   7) The omit-noop-join optimization is enabled.
-**
-** Items (1), (6), and (7) are checked by the caller.
 **
 ** For example, given:
 **
@@ -168092,7 +166574,7 @@ static SQLITE_NOINLINE void whereCheckIfBloomFilterIsUseful(
     SrcItem *pItem = &pWInfo->pTabList->a[pLoop->iTab];
     Table *pTab = pItem->pTab;
     if( (pTab->tabFlags & TF_HasStat1)==0 ) break;
-    pTab->tabFlags |= TF_MaybeReanalyze;
+    pTab->tabFlags |= TF_StatsUsed;
     if( i>=1
      && (pLoop->wsFlags & reqFlags)==reqFlags
      /* vvvvvv--- Always the case if WHERE_COLUMN_EQ is defined */
@@ -168113,58 +166595,6 @@ static SQLITE_NOINLINE void whereCheckIfBloomFilterIsUseful(
   }
 }
 
-/*
-** Expression Node callback for sqlite3ExprCanReturnSubtype().
-**
-** Only a function call is able to return a subtype.  So if the node
-** is not a function call, return WRC_Prune immediately.
-**
-** A function call is able to return a subtype if it has the
-** SQLITE_RESULT_SUBTYPE property.
-**
-** Assume that every function is able to pass-through a subtype from
-** one of its argument (using sqlite3_result_value()).  Most functions
-** are not this way, but we don't have a mechanism to distinguish those
-** that are from those that are not, so assume they all work this way.
-** That means that if one of its arguments is another function and that
-** other function is able to return a subtype, then this function is
-** able to return a subtype.
-*/
-static int exprNodeCanReturnSubtype(Walker *pWalker, Expr *pExpr){
-  int n;
-  FuncDef *pDef;
-  sqlite3 *db;
-  if( pExpr->op!=TK_FUNCTION ){
-    return WRC_Prune;
-  }
-  assert( ExprUseXList(pExpr) );
-  db = pWalker->pParse->db;
-  n = pExpr->x.pList ? pExpr->x.pList->nExpr : 0;
-  pDef = sqlite3FindFunction(db, pExpr->u.zToken, n, ENC(db), 0);
-  if( pDef==0 || (pDef->funcFlags & SQLITE_RESULT_SUBTYPE)!=0 ){
-    pWalker->eCode = 1;
-    return WRC_Prune;
-  }
-  return WRC_Continue;
-}
-
-/*
-** Return TRUE if expression pExpr is able to return a subtype.
-**
-** A TRUE return does not guarantee that a subtype will be returned.
-** It only indicates that a subtype return is possible.  False positives
-** are acceptable as they only disable an optimization.  False negatives,
-** on the other hand, can lead to incorrect answers.
-*/
-static int sqlite3ExprCanReturnSubtype(Parse *pParse, Expr *pExpr){
-  Walker w;
-  memset(&w, 0, sizeof(w));
-  w.pParse = pParse;
-  w.xExprCallback = exprNodeCanReturnSubtype;
-  sqlite3WalkExpr(&w, pExpr);
-  return w.eCode;
-}
-
 /*
 ** The index pIdx is used by a query and contains one or more expressions.
 ** In other words pIdx is an index on an expression.  iIdxCur is the cursor
@@ -168190,19 +166620,33 @@ static SQLITE_NOINLINE void whereAddIndexedExpr(
   for(i=0; inColumn; i++){
     Expr *pExpr;
     int j = pIdx->aiColumn[i];
+    int bMaybeNullRow;
     if( j==XN_EXPR ){
       pExpr = pIdx->aColExpr->a[i].pExpr;
+      testcase( pTabItem->fg.jointype & JT_LEFT );
+      testcase( pTabItem->fg.jointype & JT_RIGHT );
+      testcase( pTabItem->fg.jointype & JT_LTORJ );
+      bMaybeNullRow = (pTabItem->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0;
     }else if( j>=0 && (pTab->aCol[j].colFlags & COLFLAG_VIRTUAL)!=0 ){
       pExpr = sqlite3ColumnExpr(pTab, &pTab->aCol[j]);
+      bMaybeNullRow = 0;
     }else{
       continue;
     }
-    if( sqlite3ExprIsConstant(0,pExpr) ) continue;
-    if( pExpr->op==TK_FUNCTION && sqlite3ExprCanReturnSubtype(pParse,pExpr) ){
+    if( sqlite3ExprIsConstant(pExpr) ) continue;
+    if( pExpr->op==TK_FUNCTION ){
       /* Functions that might set a subtype should not be replaced by the
       ** value taken from an expression index since the index omits the
       ** subtype.  https://sqlite.org/forum/forumpost/68d284c86b082c3e */
-      continue;
+      int n;
+      FuncDef *pDef;
+      sqlite3 *db = pParse->db;
+      assert( ExprUseXList(pExpr) );
+      n = pExpr->x.pList ? pExpr->x.pList->nExpr : 0;
+      pDef = sqlite3FindFunction(db, pExpr->u.zToken, n, ENC(db), 0);
+      if( pDef==0 || (pDef->funcFlags & SQLITE_RESULT_SUBTYPE)!=0 ){
+        continue;
+      }
     }
     p = sqlite3DbMallocRaw(pParse->db,  sizeof(IndexedExpr));
     if( p==0 ) break;
@@ -168217,7 +166661,7 @@ static SQLITE_NOINLINE void whereAddIndexedExpr(
     p->iDataCur = pTabItem->iCursor;
     p->iIdxCur = iIdxCur;
     p->iIdxCol = i;
-    p->bMaybeNullRow = (pTabItem->fg.jointype & (JT_LEFT|JT_LTORJ|JT_RIGHT))!=0;
+    p->bMaybeNullRow = bMaybeNullRow;
     if( sqlite3IndexAffinityStr(pParse->db, pIdx) ){
       p->aff = pIdx->zColAff[i];
     }
@@ -168385,7 +166829,6 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   if( pOrderBy && pOrderBy->nExpr>=BMS ){
     pOrderBy = 0;
     wctrlFlags &= ~WHERE_WANT_DISTINCT;
-    wctrlFlags |= WHERE_KEEP_ALL_JOINS; /* Disable omit-noop-join opt */
   }
 
   /* The number of tables in the FROM clause is limited by the number of
@@ -168468,11 +166911,7 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
     ){
       pWInfo->eDistinct = WHERE_DISTINCT_UNIQUE;
     }
-    if( ALWAYS(pWInfo->pSelect)
-     && (pWInfo->pSelect->selFlags & SF_MultiValue)==0
-    ){
-      ExplainQueryPlan((pParse, 0, "SCAN CONSTANT ROW"));
-    }
+    ExplainQueryPlan((pParse, 0, "SCAN CONSTANT ROW"));
   }else{
     /* Assign a bit from the bitmask to every term in the FROM clause.
     **
@@ -168625,7 +167064,6 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
     wherePathSolver(pWInfo, 0);
     if( db->mallocFailed ) goto whereBeginError;
     if( pWInfo->pOrderBy ){
-       whereInterstageHeuristic(pWInfo);
        wherePathSolver(pWInfo, pWInfo->nRowOut+1);
        if( db->mallocFailed ) goto whereBeginError;
     }
@@ -168686,10 +167124,10 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   ** in-line sqlite3WhereCodeOneLoopStart() for performance reasons.
   */
   notReady = ~(Bitmask)0;
-  if( pWInfo->nLevel>=2       /* Must be a join, or this opt8n is pointless */
-   && pResultSet!=0           /* Condition (1) */
-   && 0==(wctrlFlags & (WHERE_AGG_DISTINCT|WHERE_KEEP_ALL_JOINS)) /* (1),(6) */
-   && OptimizationEnabled(db, SQLITE_OmitNoopJoin)                /* (7) */
+  if( pWInfo->nLevel>=2
+   && pResultSet!=0                         /* these two combine to guarantee */
+   && 0==(wctrlFlags & WHERE_AGG_DISTINCT)  /* condition (1) above */
+   && OptimizationEnabled(db, SQLITE_OmitNoopJoin)
   ){
     notReady = whereOmitNoopJoin(pWInfo, notReady);
     nTabList = pWInfo->nLevel;
@@ -169009,6 +167447,26 @@ SQLITE_PRIVATE WhereInfo *sqlite3WhereBegin(
   }
 #endif
 
+#ifdef SQLITE_DEBUG
+/*
+** Return true if cursor iCur is opened by instruction k of the
+** bytecode.  Used inside of assert() only.
+*/
+static int cursorIsOpen(Vdbe *v, int iCur, int k){
+  while( k>=0 ){
+    VdbeOp *pOp = sqlite3VdbeGetOp(v,k--);
+    if( pOp->p1!=iCur ) continue;
+    if( pOp->opcode==OP_Close ) return 0;
+    if( pOp->opcode==OP_OpenRead ) return 1;
+    if( pOp->opcode==OP_OpenWrite ) return 1;
+    if( pOp->opcode==OP_OpenDup ) return 1;
+    if( pOp->opcode==OP_OpenAutoindex ) return 1;
+    if( pOp->opcode==OP_OpenEphemeral ) return 1;
+  }
+  return 0;
+}
+#endif /* SQLITE_DEBUG */
+
 /*
 ** Generate the end of the WHERE loop.  See comments on
 ** sqlite3WhereBegin() for additional information.
@@ -169155,15 +167613,7 @@ SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
       addr = sqlite3VdbeAddOp1(v, OP_IfPos, pLevel->iLeftJoin); VdbeCoverage(v);
       assert( (ws & WHERE_IDX_ONLY)==0 || (ws & WHERE_INDEXED)!=0 );
       if( (ws & WHERE_IDX_ONLY)==0 ){
-        SrcItem *pSrc = &pTabList->a[pLevel->iFrom];
-        assert( pLevel->iTabCur==pSrc->iCursor );
-        if( pSrc->fg.viaCoroutine ){
-          int m, n;
-          n = pSrc->regResult;
-          assert( pSrc->pTab!=0 );
-          m = pSrc->pTab->nCol;
-          sqlite3VdbeAddOp3(v, OP_Null, 0, n, n+m-1);
-        }
+        assert( pLevel->iTabCur==pTabList->a[pLevel->iFrom].iCursor );
         sqlite3VdbeAddOp1(v, OP_NullRow, pLevel->iTabCur);
       }
       if( (ws & WHERE_INDEXED)
@@ -169213,7 +167663,6 @@ SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
     */
     if( pTabItem->fg.viaCoroutine ){
       testcase( pParse->db->mallocFailed );
-      assert( pTabItem->regResult>=0 );
       translateColumnToCopy(pParse, pLevel->addrBody, pLevel->iTabCur,
                             pTabItem->regResult, 0);
       continue;
@@ -169308,10 +167757,16 @@ SQLITE_PRIVATE void sqlite3WhereEnd(WhereInfo *pWInfo){
             ** reference.  Verify that this is harmless - that the
             ** table being referenced really is open.
             */
-            if( pLoop->wsFlags & WHERE_IDX_ONLY ){
-              sqlite3ErrorMsg(pParse, "internal query planner error");
-              pParse->rc = SQLITE_INTERNAL;
-            }
+#ifdef SQLITE_ENABLE_OFFSET_SQL_FUNC
+            assert( (pLoop->wsFlags & WHERE_IDX_ONLY)==0
+                 || cursorIsOpen(v,pOp->p1,k)
+                 || pOp->opcode==OP_Offset
+            );
+#else
+            assert( (pLoop->wsFlags & WHERE_IDX_ONLY)==0
+                 || cursorIsOpen(v,pOp->p1,k)
+            );
+#endif
           }
         }else if( pOp->opcode==OP_Rowid ){
           pOp->p1 = pLevel->iIdxCur;
@@ -170512,7 +168967,7 @@ SQLITE_PRIVATE void sqlite3WindowListDelete(sqlite3 *db, Window *p){
 ** variable values in the expression tree.
 */
 static Expr *sqlite3WindowOffsetExpr(Parse *pParse, Expr *pExpr){
-  if( 0==sqlite3ExprIsConstant(0,pExpr) ){
+  if( 0==sqlite3ExprIsConstant(pExpr) ){
     if( IN_RENAME_OBJECT ) sqlite3RenameExprUnmap(pParse, pExpr);
     sqlite3ExprDelete(pParse->db, pExpr);
     pExpr = sqlite3ExprAlloc(pParse->db, TK_NULL, 0, 0);
@@ -172582,9 +171037,9 @@ static void updateDeleteLimitError(
           break;
         }
       }
-      if( (p->selFlags & (SF_MultiValue|SF_Values))==0
-       && (mxSelect = pParse->db->aLimit[SQLITE_LIMIT_COMPOUND_SELECT])>0
-       && cnt>mxSelect
+      if( (p->selFlags & SF_MultiValue)==0 &&
+        (mxSelect = pParse->db->aLimit[SQLITE_LIMIT_COMPOUND_SELECT])>0 &&
+        cnt>mxSelect
       ){
         sqlite3ErrorMsg(pParse, "too many terms in compound SELECT");
       }
@@ -172604,14 +171059,6 @@ static void updateDeleteLimitError(
     return pSelect;
   }
 
-  /* Memory allocator for parser stack resizing.  This is a thin wrapper around
-  ** sqlite3_realloc() that includes a call to sqlite3FaultSim() to facilitate
-  ** testing.
-  */
-  static void *parserStackRealloc(void *pOld, sqlite3_uint64 newSize){
-    return sqlite3FaultSim(700) ? 0 : sqlite3_realloc(pOld, newSize);
-  }
-
 
   /* Construct a new Expr object from a single token */
   static Expr *tokenExpr(Parse *pParse, int op, Token t){
@@ -172861,8 +171308,8 @@ static void updateDeleteLimitError(
 #define TK_TRUEFALSE                      170
 #define TK_ISNOT                          171
 #define TK_FUNCTION                       172
-#define TK_UPLUS                          173
-#define TK_UMINUS                         174
+#define TK_UMINUS                         173
+#define TK_UPLUS                          174
 #define TK_TRUTH                          175
 #define TK_REGISTER                       176
 #define TK_VECTOR                         177
@@ -172871,9 +171318,8 @@ static void updateDeleteLimitError(
 #define TK_ASTERISK                       180
 #define TK_SPAN                           181
 #define TK_ERROR                          182
-#define TK_QNUMBER                        183
-#define TK_SPACE                          184
-#define TK_ILLEGAL                        185
+#define TK_SPACE                          183
+#define TK_ILLEGAL                        184
 #endif
 /**************** End token definitions ***************************************/
 
@@ -172914,9 +171360,6 @@ static void updateDeleteLimitError(
 **    sqlite3ParserARG_STORE     Code to store %extra_argument into yypParser
 **    sqlite3ParserARG_FETCH     Code to extract %extra_argument from yypParser
 **    sqlite3ParserCTX_*         As sqlite3ParserARG_ except for %extra_context
-**    YYREALLOC          Name of the realloc() function to use
-**    YYFREE             Name of the free() function to use
-**    YYDYNSTACK         True if stack space should be extended on heap
 **    YYERRORSYMBOL      is the code number of the error symbol.  If not
 **                       defined, then do no error processing.
 **    YYNSTATE           the combined number of states.
@@ -172930,39 +171373,37 @@ static void updateDeleteLimitError(
 **    YY_NO_ACTION       The yy_action[] code for no-op
 **    YY_MIN_REDUCE      Minimum value for reduce actions
 **    YY_MAX_REDUCE      Maximum value for reduce actions
-**    YY_MIN_DSTRCTR     Minimum symbol value that has a destructor
-**    YY_MAX_DSTRCTR     Maximum symbol value that has a destructor
 */
 #ifndef INTERFACE
 # define INTERFACE 1
 #endif
 /************* Begin control #defines *****************************************/
 #define YYCODETYPE unsigned short int
-#define YYNOCODE 322
+#define YYNOCODE 319
 #define YYACTIONTYPE unsigned short int
 #define YYWILDCARD 101
 #define sqlite3ParserTOKENTYPE Token
 typedef union {
   int yyinit;
   sqlite3ParserTOKENTYPE yy0;
-  ExprList* yy14;
-  With* yy59;
-  Cte* yy67;
-  Upsert* yy122;
-  IdList* yy132;
-  int yy144;
-  const char* yy168;
-  SrcList* yy203;
-  Window* yy211;
-  OnOrUsing yy269;
-  struct TrigEvent yy286;
-  struct {int value; int mask;} yy383;
-  u32 yy391;
-  TriggerStep* yy427;
-  Expr* yy454;
-  u8 yy462;
-  struct FrameBound yy509;
-  Select* yy555;
+  TriggerStep* yy33;
+  Window* yy41;
+  Select* yy47;
+  SrcList* yy131;
+  struct TrigEvent yy180;
+  struct {int value; int mask;} yy231;
+  IdList* yy254;
+  u32 yy285;
+  ExprList* yy322;
+  Cte* yy385;
+  int yy394;
+  Upsert* yy444;
+  u8 yy516;
+  With* yy521;
+  const char* yy522;
+  Expr* yy528;
+  OnOrUsing yy561;
+  struct FrameBound yy595;
 } YYMINORTYPE;
 #ifndef YYSTACKDEPTH
 #define YYSTACKDEPTH 100
@@ -172972,29 +171413,24 @@ typedef union {
 #define sqlite3ParserARG_PARAM
 #define sqlite3ParserARG_FETCH
 #define sqlite3ParserARG_STORE
-#define YYREALLOC parserStackRealloc
-#define YYFREE sqlite3_free
-#define YYDYNSTACK 1
 #define sqlite3ParserCTX_SDECL Parse *pParse;
 #define sqlite3ParserCTX_PDECL ,Parse *pParse
 #define sqlite3ParserCTX_PARAM ,pParse
 #define sqlite3ParserCTX_FETCH Parse *pParse=yypParser->pParse;
 #define sqlite3ParserCTX_STORE yypParser->pParse=pParse;
 #define YYFALLBACK 1
-#define YYNSTATE             583
-#define YYNRULE              409
-#define YYNRULE_WITH_ACTION  344
-#define YYNTOKEN             186
-#define YY_MAX_SHIFT         582
-#define YY_MIN_SHIFTREDUCE   845
-#define YY_MAX_SHIFTREDUCE   1253
-#define YY_ERROR_ACTION      1254
-#define YY_ACCEPT_ACTION     1255
-#define YY_NO_ACTION         1256
-#define YY_MIN_REDUCE        1257
-#define YY_MAX_REDUCE        1665
-#define YY_MIN_DSTRCTR       205
-#define YY_MAX_DSTRCTR       319
+#define YYNSTATE             579
+#define YYNRULE              405
+#define YYNRULE_WITH_ACTION  340
+#define YYNTOKEN             185
+#define YY_MAX_SHIFT         578
+#define YY_MIN_SHIFTREDUCE   838
+#define YY_MAX_SHIFTREDUCE   1242
+#define YY_ERROR_ACTION      1243
+#define YY_ACCEPT_ACTION     1244
+#define YY_NO_ACTION         1245
+#define YY_MIN_REDUCE        1246
+#define YY_MAX_REDUCE        1650
 /************* End control #defines *******************************************/
 #define YY_NLOOKAHEAD ((int)(sizeof(yy_lookahead)/sizeof(yy_lookahead[0])))
 
@@ -173010,22 +171446,6 @@ typedef union {
 # define yytestcase(X)
 #endif
 
-/* Macro to determine if stack space has the ability to grow using
-** heap memory.
-*/
-#if YYSTACKDEPTH<=0 || YYDYNSTACK
-# define YYGROWABLESTACK 1
-#else
-# define YYGROWABLESTACK 0
-#endif
-
-/* Guarantee a minimum number of initial stack slots.
-*/
-#if YYSTACKDEPTH<=0
-# undef YYSTACKDEPTH
-# define YYSTACKDEPTH 2  /* Need a minimum stack size */
-#endif
-
 
 /* Next are the tables used to determine what action to take based on the
 ** current state and lookahead token.  These tables are used to implement
@@ -173077,630 +171497,619 @@ typedef union {
 **  yy_default[]       Default action for each state.
 **
 *********** Begin parsing tables **********************************************/
-#define YY_ACTTAB_COUNT (2142)
+#define YY_ACTTAB_COUNT (2100)
 static const YYACTIONTYPE yy_action[] = {
- /*     0 */   576,  128,  125,  232, 1622,  549,  576, 1290, 1281,  576,
- /*    10 */   328,  576, 1300,  212,  576,  128,  125,  232,  578,  412,
- /*    20 */   578,  391, 1542,   51,   51,  523,  405, 1293,  529,   51,
- /*    30 */    51,  983,   51,   51,   81,   81, 1107,   61,   61,  984,
- /*    40 */  1107, 1292,  380,  135,  136,   90, 1228, 1228, 1063, 1066,
- /*    50 */  1053, 1053,  133,  133,  134,  134,  134,  134, 1577,  412,
- /*    60 */   287,  287,    7,  287,  287,  422, 1050, 1050, 1064, 1067,
- /*    70 */   289,  556,  492,  573,  524,  561,  573,  497,  561,  482,
- /*    80 */   530,  262,  229,  135,  136,   90, 1228, 1228, 1063, 1066,
- /*    90 */  1053, 1053,  133,  133,  134,  134,  134,  134,  128,  125,
- /*   100 */   232, 1506,  132,  132,  132,  132,  131,  131,  130,  130,
- /*   110 */   130,  129,  126,  450, 1204, 1255,    1,    1,  582,    2,
- /*   120 */  1259, 1571,  420, 1582,  379,  320, 1174,  153, 1174, 1584,
- /*   130 */   412,  378, 1582,  543, 1341,  330,  111,  570,  570,  570,
- /*   140 */   293, 1054,  132,  132,  132,  132,  131,  131,  130,  130,
- /*   150 */   130,  129,  126,  450,  135,  136,   90, 1228, 1228, 1063,
- /*   160 */  1066, 1053, 1053,  133,  133,  134,  134,  134,  134,  287,
- /*   170 */   287, 1204, 1205, 1204,  255,  287,  287,  510,  507,  506,
- /*   180 */   137,  455,  573,  212,  561,  447,  446,  505,  573, 1616,
- /*   190 */   561,  134,  134,  134,  134,  127,  400,  243,  132,  132,
- /*   200 */   132,  132,  131,  131,  130,  130,  130,  129,  126,  450,
- /*   210 */   282,  471,  345,  132,  132,  132,  132,  131,  131,  130,
- /*   220 */   130,  130,  129,  126,  450,  574,  155,  936,  936,  454,
- /*   230 */   227,  521, 1236,  412, 1236,  134,  134,  134,  134,  132,
- /*   240 */   132,  132,  132,  131,  131,  130,  130,  130,  129,  126,
- /*   250 */   450,  130,  130,  130,  129,  126,  450,  135,  136,   90,
- /*   260 */  1228, 1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,
- /*   270 */   134,  134,  128,  125,  232,  450,  576,  412,  397, 1249,
- /*   280 */   180,   92,   93,  132,  132,  132,  132,  131,  131,  130,
- /*   290 */   130,  130,  129,  126,  450,  381,  387, 1204,  383,   81,
- /*   300 */    81,  135,  136,   90, 1228, 1228, 1063, 1066, 1053, 1053,
- /*   310 */   133,  133,  134,  134,  134,  134,  132,  132,  132,  132,
- /*   320 */   131,  131,  130,  130,  130,  129,  126,  450,  131,  131,
- /*   330 */   130,  130,  130,  129,  126,  450,  556, 1204,  302,  319,
- /*   340 */   567,  121,  568,  480,    4,  555, 1149, 1657, 1628, 1657,
- /*   350 */    45,  128,  125,  232, 1204, 1205, 1204, 1250,  571, 1169,
- /*   360 */   132,  132,  132,  132,  131,  131,  130,  130,  130,  129,
- /*   370 */   126,  450, 1169,  287,  287, 1169, 1019,  576,  422, 1019,
- /*   380 */   412,  451, 1602,  582,    2, 1259,  573,   44,  561,   95,
- /*   390 */   320,  110,  153,  565, 1204, 1205, 1204,  522,  522, 1341,
- /*   400 */    81,   81,    7,   44,  135,  136,   90, 1228, 1228, 1063,
- /*   410 */  1066, 1053, 1053,  133,  133,  134,  134,  134,  134,  295,
- /*   420 */  1149, 1658, 1040, 1658, 1204, 1147,  319,  567,  119,  119,
- /*   430 */   343,  466,  331,  343,  287,  287,  120,  556,  451,  577,
- /*   440 */   451, 1169, 1169, 1028,  319,  567,  438,  573,  210,  561,
- /*   450 */  1339, 1451,  546,  531, 1169, 1169, 1598, 1169, 1169,  416,
- /*   460 */   319,  567,  243,  132,  132,  132,  132,  131,  131,  130,
- /*   470 */   130,  130,  129,  126,  450, 1028, 1028, 1030, 1031,   35,
- /*   480 */    44, 1204, 1205, 1204,  472,  287,  287, 1328,  412, 1307,
- /*   490 */   372, 1595,  359,  225,  454, 1204,  195, 1328,  573, 1147,
- /*   500 */   561, 1333, 1333,  274,  576, 1188,  576,  340,   46,  196,
- /*   510 */   537,  217,  135,  136,   90, 1228, 1228, 1063, 1066, 1053,
- /*   520 */  1053,  133,  133,  134,  134,  134,  134,   19,   19,   19,
- /*   530 */    19,  412,  581, 1204, 1259,  511, 1204,  319,  567,  320,
- /*   540 */   944,  153,  425,  491,  430,  943, 1204,  488, 1341, 1450,
- /*   550 */   532, 1277, 1204, 1205, 1204,  135,  136,   90, 1228, 1228,
- /*   560 */  1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,  134,
- /*   570 */   575,  132,  132,  132,  132,  131,  131,  130,  130,  130,
- /*   580 */   129,  126,  450,  287,  287,  528,  287,  287,  372, 1595,
- /*   590 */  1204, 1205, 1204, 1204, 1205, 1204,  573,  486,  561,  573,
- /*   600 */   889,  561,  412, 1204, 1205, 1204,  886,   40,   22,   22,
- /*   610 */   220,  243,  525, 1449,  132,  132,  132,  132,  131,  131,
- /*   620 */   130,  130,  130,  129,  126,  450,  135,  136,   90, 1228,
- /*   630 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
- /*   640 */   134,  412,  180,  454, 1204,  879,  255,  287,  287,  510,
- /*   650 */   507,  506,  372, 1595, 1568, 1331, 1331,  576,  889,  505,
- /*   660 */   573,   44,  561,  559, 1207,  135,  136,   90, 1228, 1228,
- /*   670 */  1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,  134,
- /*   680 */    81,   81,  422,  576,  377,  132,  132,  132,  132,  131,
- /*   690 */   131,  130,  130,  130,  129,  126,  450,  297,  287,  287,
- /*   700 */   460, 1204, 1205, 1204, 1204,  534,   19,   19,  448,  448,
- /*   710 */   448,  573,  412,  561,  230,  436, 1187,  535,  319,  567,
- /*   720 */   363,  432, 1207, 1435,  132,  132,  132,  132,  131,  131,
- /*   730 */   130,  130,  130,  129,  126,  450,  135,  136,   90, 1228,
- /*   740 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
- /*   750 */   134,  412,  211,  949, 1169, 1041, 1110, 1110,  494,  547,
- /*   760 */   547, 1204, 1205, 1204,    7,  539, 1570, 1169,  376,  576,
- /*   770 */  1169,    5, 1204,  486,    3,  135,  136,   90, 1228, 1228,
- /*   780 */  1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,  134,
- /*   790 */   576,  513,   19,   19,  427,  132,  132,  132,  132,  131,
- /*   800 */   131,  130,  130,  130,  129,  126,  450,  305, 1204,  433,
- /*   810 */   225, 1204,  385,   19,   19,  273,  290,  371,  516,  366,
- /*   820 */   515,  260,  412,  538, 1568,  549, 1024,  362,  437, 1204,
- /*   830 */  1205, 1204,  902, 1552,  132,  132,  132,  132,  131,  131,
- /*   840 */   130,  130,  130,  129,  126,  450,  135,  136,   90, 1228,
- /*   850 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
- /*   860 */   134,  412, 1435,  514, 1281, 1204, 1205, 1204, 1204, 1205,
- /*   870 */  1204,  903,   48,  342, 1568, 1568, 1279, 1627, 1568,  911,
- /*   880 */   576,  129,  126,  450,  110,  135,  136,   90, 1228, 1228,
- /*   890 */  1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,  134,
- /*   900 */   265,  576,  459,   19,   19,  132,  132,  132,  132,  131,
- /*   910 */   131,  130,  130,  130,  129,  126,  450, 1345,  204,  576,
- /*   920 */   459,  458,   50,   47,   19,   19,   49,  434, 1105,  573,
- /*   930 */   497,  561,  412,  428,  108, 1224, 1569, 1554,  376,  205,
- /*   940 */   550,  550,   81,   81,  132,  132,  132,  132,  131,  131,
- /*   950 */   130,  130,  130,  129,  126,  450,  135,  136,   90, 1228,
- /*   960 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
- /*   970 */   134,  480,  576, 1204,  576, 1541,  412, 1435,  969,  315,
- /*   980 */  1659,  398,  284,  497,  969,  893, 1569, 1569,  376,  376,
- /*   990 */  1569,  461,  376, 1224,  459,   80,   80,   81,   81,  497,
- /*  1000 */   374,  114,   90, 1228, 1228, 1063, 1066, 1053, 1053,  133,
- /*  1010 */   133,  134,  134,  134,  134,  132,  132,  132,  132,  131,
- /*  1020 */   131,  130,  130,  130,  129,  126,  450, 1204, 1505,  576,
- /*  1030 */  1204, 1205, 1204, 1366,  316,  486,  281,  281,  497,  431,
- /*  1040 */   557,  288,  288,  402, 1340,  471,  345,  298,  429,  573,
- /*  1050 */   576,  561,   81,   81,  573,  374,  561,  971,  386,  132,
- /*  1060 */   132,  132,  132,  131,  131,  130,  130,  130,  129,  126,
- /*  1070 */   450,  231,  117,   81,   81,  287,  287,  231,  287,  287,
- /*  1080 */   576, 1511,  576, 1336, 1204, 1205, 1204,  139,  573,  556,
- /*  1090 */   561,  573,  412,  561,  441,  456,  969,  213,  558, 1511,
- /*  1100 */  1513, 1550,  969,  143,  143,  145,  145, 1368,  314,  478,
- /*  1110 */   444,  970,  412,  850,  851,  852,  135,  136,   90, 1228,
- /*  1120 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
- /*  1130 */   134,  357,  412,  397, 1148,  304,  135,  136,   90, 1228,
- /*  1140 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
- /*  1150 */   134, 1575,  323,    6,  862,    7,  135,  124,   90, 1228,
- /*  1160 */  1228, 1063, 1066, 1053, 1053,  133,  133,  134,  134,  134,
- /*  1170 */   134,  409,  408, 1511,  212,  132,  132,  132,  132,  131,
- /*  1180 */   131,  130,  130,  130,  129,  126,  450,  411,  118, 1204,
- /*  1190 */   116,   10,  352,  265,  355,  132,  132,  132,  132,  131,
- /*  1200 */   131,  130,  130,  130,  129,  126,  450,  576,  324,  306,
- /*  1210 */   576,  306, 1250,  469,  158,  132,  132,  132,  132,  131,
- /*  1220 */   131,  130,  130,  130,  129,  126,  450,  207, 1224, 1126,
- /*  1230 */    65,   65,  470,   66,   66,  412,  447,  446,  882,  531,
- /*  1240 */   335,  258,  257,  256, 1127, 1233, 1204, 1205, 1204,  327,
- /*  1250 */  1235,  874,  159,  576,   16,  480, 1085, 1040, 1234, 1128,
- /*  1260 */   136,   90, 1228, 1228, 1063, 1066, 1053, 1053,  133,  133,
- /*  1270 */   134,  134,  134,  134, 1029,  576,   81,   81, 1028, 1040,
- /*  1280 */   922,  576,  463, 1236,  576, 1236, 1224,  502,  107, 1435,
- /*  1290 */   923,    6,  576,  410, 1498,  882, 1029,  480,   21,   21,
- /*  1300 */  1028,  332, 1380,  334,   53,   53,  497,   81,   81,  874,
- /*  1310 */  1028, 1028, 1030,  445,  259,   19,   19,  533,  132,  132,
- /*  1320 */   132,  132,  131,  131,  130,  130,  130,  129,  126,  450,
- /*  1330 */   551,  301, 1028, 1028, 1030,  107,  532,  545,  121,  568,
- /*  1340 */  1188,    4, 1126, 1576,  449,  576,  462,    7, 1282,  418,
- /*  1350 */   462,  350, 1435,  576,  518,  571,  544, 1127,  121,  568,
- /*  1360 */   442,    4, 1188,  464,  533, 1180, 1223,    9,   67,   67,
- /*  1370 */   487,  576, 1128,  303,  410,  571,   54,   54,  451,  576,
- /*  1380 */   123,  944,  576,  417,  576,  333,  943, 1379,  576,  236,
- /*  1390 */   565,  576, 1574,  564,   68,   68,    7,  576,  451,  362,
- /*  1400 */   419,  182,   69,   69,  541,   70,   70,   71,   71,  540,
- /*  1410 */   565,   72,   72,  484,   55,   55,  473, 1180,  296, 1040,
- /*  1420 */    56,   56,  296,  493,  541,  119,  119,  410, 1573,  542,
- /*  1430 */   569,  418,    7,  120, 1244,  451,  577,  451,  465, 1040,
- /*  1440 */  1028,  576, 1557,  552,  476,  119,  119,  527,  259,  121,
- /*  1450 */   568,  240,    4,  120,  576,  451,  577,  451,  576,  477,
- /*  1460 */  1028,  576,  156,  576,   57,   57,  571,  576,  286,  229,
- /*  1470 */   410,  336, 1028, 1028, 1030, 1031,   35,   59,   59,  219,
- /*  1480 */   983,   60,   60,  220,   73,   73,   74,   74,  984,  451,
- /*  1490 */    75,   75, 1028, 1028, 1030, 1031,   35,   96,  216,  291,
- /*  1500 */   552,  565, 1188,  318,  395,  395,  394,  276,  392,  576,
- /*  1510 */   485,  859,  474, 1311,  410,  541,  576,  417, 1530, 1144,
- /*  1520 */   540,  399, 1188,  292,  237, 1153,  326,   38,   23,  576,
- /*  1530 */  1040,  576,   20,   20,  325,  299,  119,  119,  164,   76,
- /*  1540 */    76, 1529,  121,  568,  120,    4,  451,  577,  451,  203,
- /*  1550 */   576, 1028,  141,  141,  142,  142,  576,  322,   39,  571,
- /*  1560 */   341, 1021,  110,  264,  239,  901,  900,  423,  242,  908,
- /*  1570 */   909,  370,  173,   77,   77,   43,  479, 1310,  264,   62,
- /*  1580 */    62,  369,  451, 1028, 1028, 1030, 1031,   35, 1601, 1192,
- /*  1590 */   453, 1092,  238,  291,  565,  163, 1309,  110,  395,  395,
- /*  1600 */   394,  276,  392,  986,  987,  859,  481,  346,  264,  110,
- /*  1610 */  1032,  489,  576, 1188,  503, 1088,  261,  261,  237,  576,
- /*  1620 */   326,  121,  568, 1040,    4,  347, 1376,  413,  325,  119,
- /*  1630 */   119,  948,  319,  567,  351,   78,   78,  120,  571,  451,
- /*  1640 */   577,  451,   79,   79, 1028,  354,  356,  576,  360, 1092,
- /*  1650 */   110,  576,  974,  942,  264,  123,  457,  358,  239,  576,
- /*  1660 */   519,  451,  939, 1104,  123, 1104,  173,  576, 1032,   43,
- /*  1670 */    63,   63, 1324,  565,  168,  168, 1028, 1028, 1030, 1031,
- /*  1680 */    35,  576,  169,  169, 1308,  872,  238,  157, 1589,  576,
- /*  1690 */    86,   86,  365,   89,  568,  375,    4, 1103,  941, 1103,
- /*  1700 */   123,  576, 1040, 1389,   64,   64, 1188, 1434,  119,  119,
- /*  1710 */   571,  576,   82,   82,  563,  576,  120,  165,  451,  577,
- /*  1720 */   451,  413, 1362, 1028,  144,  144,  319,  567,  576, 1374,
- /*  1730 */   562,  498,  279,  451,   83,   83, 1439,  576,  166,  166,
- /*  1740 */   576, 1289,  554,  576, 1280,  565,  576,   12,  576, 1268,
- /*  1750 */   457,  146,  146, 1267,  576, 1028, 1028, 1030, 1031,   35,
- /*  1760 */   140,  140, 1269,  167,  167, 1609,  160,  160, 1359,  150,
- /*  1770 */   150,  149,  149,  311, 1040,  576,  312,  147,  147,  313,
- /*  1780 */   119,  119,  222,  235,  576, 1188,  396,  576,  120,  576,
- /*  1790 */   451,  577,  451, 1192,  453, 1028,  508,  291,  148,  148,
- /*  1800 */  1421, 1612,  395,  395,  394,  276,  392,   85,   85,  859,
- /*  1810 */    87,   87,   84,   84,  553,  576,  294,  576, 1426,  338,
- /*  1820 */   339, 1425,  237,  300,  326, 1416, 1409, 1028, 1028, 1030,
- /*  1830 */  1031,   35,  325,  344,  403,  483,  226, 1307,   52,   52,
- /*  1840 */    58,   58,  368, 1371, 1502,  566, 1501,  121,  568,  221,
- /*  1850 */     4,  208,  268,  209,  390, 1244, 1549, 1188, 1372, 1370,
- /*  1860 */  1369, 1547,  239,  184,  571,  233,  421, 1241,   95,  218,
- /*  1870 */   173, 1507,  193,   43,   91,   94,  178,  186,  467,  188,
- /*  1880 */   468, 1422,   13,  189,  190,  191,  501,  451,  245,  108,
- /*  1890 */   238,  401, 1428, 1427, 1430,  475,  404, 1496,  197,  565,
- /*  1900 */    14,  490,  249,  101, 1518,  496,  349,  280,  251,  201,
- /*  1910 */   353,  499,  252,  406, 1270,  253,  517, 1327, 1326,  435,
- /*  1920 */  1325, 1318,  103,  893, 1296,  413,  227,  407, 1040, 1626,
- /*  1930 */   319,  567, 1625, 1297,  119,  119,  439,  367, 1317, 1295,
- /*  1940 */  1624,  526,  120,  440,  451,  577,  451, 1594,  309, 1028,
- /*  1950 */   310,  373,  266,  267,  457, 1580, 1579,  443,  138, 1394,
- /*  1960 */   552, 1393,   11, 1483,  384,  115,  317, 1350,  109,  536,
- /*  1970 */    42,  579,  382,  214, 1349,  388, 1198,  389,  275,  277,
- /*  1980 */   278, 1028, 1028, 1030, 1031,   35,  580, 1265,  414, 1260,
- /*  1990 */   170,  415,  183, 1534, 1535, 1533,  171,  154,  307, 1532,
- /*  2000 */   846,  223,  224,   88,  452,  215,  172,  321,  234, 1102,
- /*  2010 */   152, 1188, 1100,  329,  185,  174, 1223,  925,  187,  241,
- /*  2020 */   337,  244, 1116,  192,  175,  176,  424,  426,   97,  194,
- /*  2030 */    98,   99,  100,  177, 1119, 1115,  246,  247,  161,   24,
- /*  2040 */   248,  348, 1238,  264, 1108,  250,  495,  199,  198,   15,
- /*  2050 */   861,  500,  369,  254,  504,  509,  512,  200,  102,   25,
- /*  2060 */   179,  361,   26,  364,  104,  891,  308,  162,  105,  904,
- /*  2070 */   520,  106, 1185, 1069, 1155,   17,  228,   27, 1154,  283,
- /*  2080 */   285,  263,  978,  202,  972,  123,   28, 1175,   29,   30,
- /*  2090 */  1179, 1171,   31, 1173, 1160,   41,   32,  206,  548,   33,
- /*  2100 */   110, 1178, 1083,    8,  112, 1070,  113, 1068, 1072,   34,
- /*  2110 */  1073,  560, 1125,  269, 1124,  270,   36,   18, 1194, 1033,
- /*  2120 */   873,  151,  122,   37,  393,  271,  272,  572,  181, 1193,
- /*  2130 */  1256, 1256, 1256,  935, 1256, 1256, 1256, 1256, 1256, 1256,
- /*  2140 */  1256, 1617,
+ /*     0 */   572,  210,  572,  119,  116,  231,  572,  119,  116,  231,
+ /*    10 */   572, 1317,  379, 1296,  410,  566,  566,  566,  572,  411,
+ /*    20 */   380, 1317, 1279,   42,   42,   42,   42,  210, 1529,   72,
+ /*    30 */    72,  974,  421,   42,   42,  495,  305,  281,  305,  975,
+ /*    40 */   399,   72,   72,  126,  127,   81, 1217, 1217, 1054, 1057,
+ /*    50 */  1044, 1044,  124,  124,  125,  125,  125,  125,  480,  411,
+ /*    60 */  1244,    1,    1,  578,    2, 1248,  554,  119,  116,  231,
+ /*    70 */   319,  484,  147,  484,  528,  119,  116,  231,  533, 1330,
+ /*    80 */   419,  527,  143,  126,  127,   81, 1217, 1217, 1054, 1057,
+ /*    90 */  1044, 1044,  124,  124,  125,  125,  125,  125,  119,  116,
+ /*   100 */   231,  329,  123,  123,  123,  123,  122,  122,  121,  121,
+ /*   110 */   121,  120,  117,  448,  286,  286,  286,  286,  446,  446,
+ /*   120 */   446, 1568,  378, 1570, 1193,  377, 1164,  569, 1164,  569,
+ /*   130 */   411, 1568,  541,  261,  228,  448,  102,  146,  453,  318,
+ /*   140 */   563,  242,  123,  123,  123,  123,  122,  122,  121,  121,
+ /*   150 */   121,  120,  117,  448,  126,  127,   81, 1217, 1217, 1054,
+ /*   160 */  1057, 1044, 1044,  124,  124,  125,  125,  125,  125,  143,
+ /*   170 */   296, 1193,  341,  452,  121,  121,  121,  120,  117,  448,
+ /*   180 */   128, 1193, 1194, 1193,  149,  445,  444,  572,  120,  117,
+ /*   190 */   448,  125,  125,  125,  125,  118,  123,  123,  123,  123,
+ /*   200 */   122,  122,  121,  121,  121,  120,  117,  448,  458,  114,
+ /*   210 */    13,   13,  550,  123,  123,  123,  123,  122,  122,  121,
+ /*   220 */   121,  121,  120,  117,  448,  424,  318,  563, 1193, 1194,
+ /*   230 */  1193,  150, 1225,  411, 1225,  125,  125,  125,  125,  123,
+ /*   240 */   123,  123,  123,  122,  122,  121,  121,  121,  120,  117,
+ /*   250 */   448,  469,  344, 1041, 1041, 1055, 1058,  126,  127,   81,
+ /*   260 */  1217, 1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,
+ /*   270 */   125,  125, 1282,  526,  224, 1193,  572,  411,  226,  519,
+ /*   280 */   177,   83,   84,  123,  123,  123,  123,  122,  122,  121,
+ /*   290 */   121,  121,  120,  117,  448, 1010,   16,   16, 1193,  134,
+ /*   300 */   134,  126,  127,   81, 1217, 1217, 1054, 1057, 1044, 1044,
+ /*   310 */   124,  124,  125,  125,  125,  125,  123,  123,  123,  123,
+ /*   320 */   122,  122,  121,  121,  121,  120,  117,  448, 1045,  550,
+ /*   330 */  1193,  375, 1193, 1194, 1193,  254, 1438,  401,  508,  505,
+ /*   340 */   504,  112,  564,  570,    4,  929,  929,  435,  503,  342,
+ /*   350 */   464,  330,  362,  396, 1238, 1193, 1194, 1193,  567,  572,
+ /*   360 */   123,  123,  123,  123,  122,  122,  121,  121,  121,  120,
+ /*   370 */   117,  448,  286,  286,  371, 1581, 1607,  445,  444,  155,
+ /*   380 */   411,  449,   72,   72, 1289,  569, 1222, 1193, 1194, 1193,
+ /*   390 */    86, 1224,  273,  561,  547,  520,  520,  572,   99, 1223,
+ /*   400 */     6, 1281,  476,  143,  126,  127,   81, 1217, 1217, 1054,
+ /*   410 */  1057, 1044, 1044,  124,  124,  125,  125,  125,  125,  554,
+ /*   420 */    13,   13, 1031,  511, 1225, 1193, 1225,  553,  110,  110,
+ /*   430 */   224,  572, 1239,  177,  572,  429,  111,  199,  449,  573,
+ /*   440 */   449,  432, 1555, 1019,  327,  555, 1193,  272,  289,  370,
+ /*   450 */   514,  365,  513,  259,   72,   72,  547,   72,   72,  361,
+ /*   460 */   318,  563, 1613,  123,  123,  123,  123,  122,  122,  121,
+ /*   470 */   121,  121,  120,  117,  448, 1019, 1019, 1021, 1022,   28,
+ /*   480 */   286,  286, 1193, 1194, 1193, 1159,  572, 1612,  411,  904,
+ /*   490 */   192,  554,  358,  569,  554,  940,  537,  521, 1159,  437,
+ /*   500 */   415, 1159,  556, 1193, 1194, 1193,  572,  548,  548,   52,
+ /*   510 */    52,  216,  126,  127,   81, 1217, 1217, 1054, 1057, 1044,
+ /*   520 */  1044,  124,  124,  125,  125,  125,  125, 1193,  478,  136,
+ /*   530 */   136,  411,  286,  286, 1493,  509,  122,  122,  121,  121,
+ /*   540 */   121,  120,  117,  448, 1010,  569,  522,  219,  545,  545,
+ /*   550 */   318,  563,  143,    6,  536,  126,  127,   81, 1217, 1217,
+ /*   560 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
+ /*   570 */  1557,  123,  123,  123,  123,  122,  122,  121,  121,  121,
+ /*   580 */   120,  117,  448,  489, 1193, 1194, 1193,  486,  283, 1270,
+ /*   590 */   960,  254, 1193,  375,  508,  505,  504, 1193,  342,  574,
+ /*   600 */  1193,  574,  411,  294,  503,  960,  879,  193,  484,  318,
+ /*   610 */   563,  386,  292,  382,  123,  123,  123,  123,  122,  122,
+ /*   620 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
+ /*   630 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*   640 */   125,  411,  396, 1139, 1193,  872,  101,  286,  286, 1193,
+ /*   650 */  1194, 1193,  375, 1096, 1193, 1194, 1193, 1193, 1194, 1193,
+ /*   660 */   569,  459,   33,  375,  235,  126,  127,   81, 1217, 1217,
+ /*   670 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
+ /*   680 */  1437,  962,  572,  230,  961,  123,  123,  123,  123,  122,
+ /*   690 */   122,  121,  121,  121,  120,  117,  448, 1159,  230, 1193,
+ /*   700 */   158, 1193, 1194, 1193, 1556,   13,   13,  303,  960, 1233,
+ /*   710 */  1159,  154,  411, 1159,  375, 1584, 1177,    5,  371, 1581,
+ /*   720 */   431, 1239,    3,  960,  123,  123,  123,  123,  122,  122,
+ /*   730 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
+ /*   740 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*   750 */   125,  411,  210,  571, 1193, 1032, 1193, 1194, 1193, 1193,
+ /*   760 */   390,  855,  156, 1555,  376,  404, 1101, 1101,  492,  572,
+ /*   770 */   469,  344, 1322, 1322, 1555,  126,  127,   81, 1217, 1217,
+ /*   780 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
+ /*   790 */   130,  572,   13,   13,  532,  123,  123,  123,  123,  122,
+ /*   800 */   122,  121,  121,  121,  120,  117,  448,  304,  572,  457,
+ /*   810 */   229, 1193, 1194, 1193,   13,   13, 1193, 1194, 1193, 1300,
+ /*   820 */   467, 1270,  411, 1320, 1320, 1555, 1015,  457,  456,  436,
+ /*   830 */   301,   72,   72, 1268,  123,  123,  123,  123,  122,  122,
+ /*   840 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
+ /*   850 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*   860 */   125,  411,  384, 1076, 1159,  286,  286,  421,  314,  280,
+ /*   870 */   280,  287,  287,  461,  408,  407, 1539, 1159,  569,  572,
+ /*   880 */  1159, 1196,  569,  409,  569,  126,  127,   81, 1217, 1217,
+ /*   890 */  1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,  125,
+ /*   900 */   457, 1485,   13,   13, 1541,  123,  123,  123,  123,  122,
+ /*   910 */   122,  121,  121,  121,  120,  117,  448,  202,  572,  462,
+ /*   920 */  1587,  578,    2, 1248,  843,  844,  845, 1563,  319,  409,
+ /*   930 */   147,    6,  411,  257,  256,  255,  208, 1330,    9, 1196,
+ /*   940 */   264,   72,   72, 1436,  123,  123,  123,  123,  122,  122,
+ /*   950 */   121,  121,  121,  120,  117,  448,  126,  127,   81, 1217,
+ /*   960 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*   970 */   125,  572,  286,  286,  572, 1213,  411,  577,  315, 1248,
+ /*   980 */   421,  371, 1581,  356,  319,  569,  147,  495,  529, 1644,
+ /*   990 */   397,  935,  495, 1330,   71,   71,  934,   72,   72,  242,
+ /*  1000 */  1328,  105,   81, 1217, 1217, 1054, 1057, 1044, 1044,  124,
+ /*  1010 */   124,  125,  125,  125,  125,  123,  123,  123,  123,  122,
+ /*  1020 */   122,  121,  121,  121,  120,  117,  448, 1117,  286,  286,
+ /*  1030 */  1422,  452, 1528, 1213,  443,  286,  286, 1492, 1355,  313,
+ /*  1040 */   478,  569, 1118,  454,  351,  495,  354, 1266,  569,  209,
+ /*  1050 */   572,  418,  179,  572, 1031,  242,  385, 1119,  523,  123,
+ /*  1060 */   123,  123,  123,  122,  122,  121,  121,  121,  120,  117,
+ /*  1070 */   448, 1020,  108,   72,   72, 1019,   13,   13,  915,  572,
+ /*  1080 */  1498,  572,  286,  286,   98,  530, 1537,  452,  916, 1334,
+ /*  1090 */  1329,  203,  411,  286,  286,  569,  152,  211, 1498, 1500,
+ /*  1100 */   426,  569,   56,   56,   57,   57,  569, 1019, 1019, 1021,
+ /*  1110 */   447,  572,  411,  531,   12,  297,  126,  127,   81, 1217,
+ /*  1120 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*  1130 */   125,  572,  411,  867,   15,   15,  126,  127,   81, 1217,
+ /*  1140 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*  1150 */   125,  373,  529,  264,   44,   44,  126,  115,   81, 1217,
+ /*  1160 */  1217, 1054, 1057, 1044, 1044,  124,  124,  125,  125,  125,
+ /*  1170 */   125, 1498,  478, 1271,  417,  123,  123,  123,  123,  122,
+ /*  1180 */   122,  121,  121,  121,  120,  117,  448,  205, 1213,  495,
+ /*  1190 */   430,  867,  468,  322,  495,  123,  123,  123,  123,  122,
+ /*  1200 */   122,  121,  121,  121,  120,  117,  448,  572,  557, 1140,
+ /*  1210 */  1642, 1422, 1642,  543,  572,  123,  123,  123,  123,  122,
+ /*  1220 */   122,  121,  121,  121,  120,  117,  448,  572, 1422,  572,
+ /*  1230 */    13,   13,  542,  323, 1325,  411,  334,   58,   58,  349,
+ /*  1240 */  1422, 1170,  326,  286,  286,  549, 1213,  300,  895,  530,
+ /*  1250 */    45,   45,   59,   59, 1140, 1643,  569, 1643,  565,  417,
+ /*  1260 */   127,   81, 1217, 1217, 1054, 1057, 1044, 1044,  124,  124,
+ /*  1270 */   125,  125,  125,  125, 1367,  373,  500,  290, 1193,  512,
+ /*  1280 */  1366,  427,  394,  394,  393,  275,  391,  896, 1138,  852,
+ /*  1290 */   478,  258, 1422, 1170,  463, 1159,   12,  331,  428,  333,
+ /*  1300 */  1117,  460,  236,  258,  325,  460,  544, 1544, 1159, 1098,
+ /*  1310 */   491, 1159,  324, 1098,  440, 1118,  335,  516,  123,  123,
+ /*  1320 */   123,  123,  122,  122,  121,  121,  121,  120,  117,  448,
+ /*  1330 */  1119,  318,  563, 1138,  572, 1193, 1194, 1193,  112,  564,
+ /*  1340 */   201,    4,  238,  433,  935,  490,  285,  228, 1517,  934,
+ /*  1350 */   170,  560,  572,  142, 1516,  567,  572,   60,   60,  572,
+ /*  1360 */   416,  572,  441,  572,  535,  302,  875,    8,  487,  572,
+ /*  1370 */   237,  572,  416,  572,  485,   61,   61,  572,  449,   62,
+ /*  1380 */    62,  332,   63,   63,   46,   46,   47,   47,  361,  572,
+ /*  1390 */   561,  572,   48,   48,   50,   50,   51,   51,  572,  295,
+ /*  1400 */    64,   64,  482,  295,  539,  412,  471, 1031,  572,  538,
+ /*  1410 */   318,  563,   65,   65,   66,   66,  409,  475,  572, 1031,
+ /*  1420 */   572,   14,   14,  875, 1020,  110,  110,  409, 1019,  572,
+ /*  1430 */   474,   67,   67,  111,  455,  449,  573,  449,   98,  317,
+ /*  1440 */  1019,  132,  132,  133,  133,  572, 1561,  572,  974,  409,
+ /*  1450 */     6, 1562,   68,   68, 1560,    6,  975,  572,    6, 1559,
+ /*  1460 */  1019, 1019, 1021,    6,  346,  218,  101,  531,   53,   53,
+ /*  1470 */    69,   69, 1019, 1019, 1021, 1022,   28, 1586, 1181,  451,
+ /*  1480 */    70,   70,  290,   87,  215,   31, 1363,  394,  394,  393,
+ /*  1490 */   275,  391,  350,  109,  852,  107,  572,  112,  564,  483,
+ /*  1500 */     4, 1212,  572,  239,  153,  572,   39,  236, 1299,  325,
+ /*  1510 */   112,  564, 1298,    4,  567,  572,   32,  324,  572,   54,
+ /*  1520 */    54,  572, 1135,  353,  398,  165,  165,  567,  166,  166,
+ /*  1530 */   572,  291,  355,  572,   17,  357,  572,  449,   77,   77,
+ /*  1540 */  1313,   55,   55, 1297,   73,   73,  572,  238,  470,  561,
+ /*  1550 */   449,  472,  364,  135,  135,  170,   74,   74,  142,  163,
+ /*  1560 */   163,  374,  561,  539,  572,  321,  572,  886,  540,  137,
+ /*  1570 */   137,  339, 1353,  422,  298,  237,  539,  572, 1031,  572,
+ /*  1580 */   340,  538,  101,  369,  110,  110,  162,  131,  131,  164,
+ /*  1590 */   164, 1031,  111,  368,  449,  573,  449,  110,  110, 1019,
+ /*  1600 */   157,  157,  141,  141,  572,  111,  572,  449,  573,  449,
+ /*  1610 */   412,  288, 1019,  572,  882,  318,  563,  572,  219,  572,
+ /*  1620 */   241, 1012,  477,  263,  263,  894,  893,  140,  140,  138,
+ /*  1630 */   138, 1019, 1019, 1021, 1022,   28,  139,  139,  525,  455,
+ /*  1640 */    76,   76,   78,   78, 1019, 1019, 1021, 1022,   28, 1181,
+ /*  1650 */   451,  572, 1083,  290,  112,  564, 1575,    4,  394,  394,
+ /*  1660 */   393,  275,  391,  572, 1023,  852,  572,  479,  345,  263,
+ /*  1670 */   101,  567,  882, 1376,   75,   75, 1421,  501,  236,  260,
+ /*  1680 */   325,  112,  564,  359,    4,  101,   43,   43,  324,   49,
+ /*  1690 */    49,  901,  902,  161,  449,  101,  977,  978,  567, 1079,
+ /*  1700 */  1349,  260,  965,  932,  263,  114,  561, 1095,  517, 1095,
+ /*  1710 */  1083, 1094,  865, 1094,  151,  933, 1144,  114,  238, 1361,
+ /*  1720 */   558,  449, 1023,  559, 1426, 1278,  170, 1269, 1257,  142,
+ /*  1730 */  1601, 1256, 1258,  561, 1594, 1031,  496,  278,  213, 1346,
+ /*  1740 */   310,  110,  110,  939,  311,  312,  237,   11,  234,  111,
+ /*  1750 */   221,  449,  573,  449,  293,  395, 1019, 1408,  337, 1403,
+ /*  1760 */  1396,  338, 1031,  299,  343, 1413, 1412,  481,  110,  110,
+ /*  1770 */   506,  402,  225, 1296,  206,  367,  111, 1358,  449,  573,
+ /*  1780 */   449,  412, 1359, 1019, 1489, 1488,  318,  563, 1019, 1019,
+ /*  1790 */  1021, 1022,   28,  562,  207,  220,   80,  564,  389,    4,
+ /*  1800 */  1597, 1357,  552, 1356, 1233,  181,  267,  232, 1536, 1534,
+ /*  1810 */   455, 1230,  420,  567,   82, 1019, 1019, 1021, 1022,   28,
+ /*  1820 */    86,  217,   85, 1494,  190,  175,  183,  465,  185,  466,
+ /*  1830 */    36, 1409,  186,  187,  188,  499,  449,  244,   37,   99,
+ /*  1840 */   400, 1415, 1414,  488, 1417,  194,  473,  403,  561, 1483,
+ /*  1850 */   248,   92, 1505,  494,  198,  279,  112,  564,  250,    4,
+ /*  1860 */   348,  497,  405,  352, 1259,  251,  252,  515, 1316,  434,
+ /*  1870 */  1315, 1314,   94,  567, 1307,  886, 1306, 1031,  226,  406,
+ /*  1880 */  1611, 1610,  438,  110,  110, 1580, 1286,  524,  439,  308,
+ /*  1890 */   266,  111, 1285,  449,  573,  449,  449,  309, 1019,  366,
+ /*  1900 */  1284, 1609,  265, 1566, 1565,  442,  372, 1381,  561,  129,
+ /*  1910 */   550, 1380,   10, 1470,  383,  106,  316,  551,  100,   35,
+ /*  1920 */   534,  575,  212, 1339,  381,  387, 1187, 1338,  274,  276,
+ /*  1930 */  1019, 1019, 1021, 1022,   28,  277,  413, 1031,  576, 1254,
+ /*  1940 */   388, 1521, 1249,  110,  110,  167, 1522,  168,  148, 1520,
+ /*  1950 */  1519,  111,  306,  449,  573,  449,  222,  223, 1019,  839,
+ /*  1960 */   169,   79,  450,  214,  414,  233,  320,  145, 1093, 1091,
+ /*  1970 */   328,  182,  171, 1212,  918,  184,  240,  336,  243, 1107,
+ /*  1980 */   189,  172,  173,  423,  425,   88,  180,  191,   89,   90,
+ /*  1990 */  1019, 1019, 1021, 1022,   28,   91,  174, 1110,  245, 1106,
+ /*  2000 */   246,  159,   18,  247,  347, 1099,  263,  195, 1227,  493,
+ /*  2010 */   249,  196,   38,  854,  498,  368,  253,  360,  897,  197,
+ /*  2020 */   502,   93,   19,   20,  507,  884,  363,  510,   95,  307,
+ /*  2030 */   160,   96,  518,   97, 1175, 1060, 1146,   40,   21,  227,
+ /*  2040 */   176, 1145,  282,  284,  969,  200,  963,  114,  262, 1165,
+ /*  2050 */    22,   23,   24, 1161, 1169,   25, 1163, 1150,   34,   26,
+ /*  2060 */  1168,  546,   27,  204,  101,  103,  104, 1074,    7, 1061,
+ /*  2070 */  1059, 1063, 1116, 1064, 1115,  268,  269,   29,   41,  270,
+ /*  2080 */  1024,  866,  113,   30,  568,  392, 1183,  144,  178, 1182,
+ /*  2090 */   271,  928, 1245, 1245, 1245, 1245, 1245, 1245, 1245, 1602,
 };
 static const YYCODETYPE yy_lookahead[] = {
- /*     0 */   194,  276,  277,  278,  216,  194,  194,  217,  194,  194,
- /*    10 */   194,  194,  224,  194,  194,  276,  277,  278,  204,   19,
- /*    20 */   206,  202,  297,  217,  218,  205,  207,  217,  205,  217,
- /*    30 */   218,   31,  217,  218,  217,  218,   29,  217,  218,   39,
- /*    40 */    33,  217,  220,   43,   44,   45,   46,   47,   48,   49,
- /*    50 */    50,   51,   52,   53,   54,   55,   56,   57,  312,   19,
- /*    60 */   240,  241,  316,  240,  241,  194,   46,   47,   48,   49,
- /*    70 */    22,  254,   65,  253,  254,  255,  253,  194,  255,  194,
- /*    80 */   263,  258,  259,   43,   44,   45,   46,   47,   48,   49,
- /*    90 */    50,   51,   52,   53,   54,   55,   56,   57,  276,  277,
- /*   100 */   278,  285,  102,  103,  104,  105,  106,  107,  108,  109,
- /*   110 */   110,  111,  112,  113,   59,  186,  187,  188,  189,  190,
- /*   120 */   191,  310,  239,  317,  318,  196,   86,  198,   88,  317,
- /*   130 */    19,  319,  317,  318,  205,  264,   25,  211,  212,  213,
- /*   140 */   205,  121,  102,  103,  104,  105,  106,  107,  108,  109,
+ /*     0 */   193,  193,  193,  274,  275,  276,  193,  274,  275,  276,
+ /*    10 */   193,  223,  219,  225,  206,  210,  211,  212,  193,   19,
+ /*    20 */   219,  233,  216,  216,  217,  216,  217,  193,  295,  216,
+ /*    30 */   217,   31,  193,  216,  217,  193,  228,  213,  230,   39,
+ /*    40 */   206,  216,  217,   43,   44,   45,   46,   47,   48,   49,
+ /*    50 */    50,   51,   52,   53,   54,   55,   56,   57,  193,   19,
+ /*    60 */   185,  186,  187,  188,  189,  190,  253,  274,  275,  276,
+ /*    70 */   195,  193,  197,  193,  261,  274,  275,  276,  253,  204,
+ /*    80 */   238,  204,   81,   43,   44,   45,   46,   47,   48,   49,
+ /*    90 */    50,   51,   52,   53,   54,   55,   56,   57,  274,  275,
+ /*   100 */   276,  262,  102,  103,  104,  105,  106,  107,  108,  109,
+ /*   110 */   110,  111,  112,  113,  239,  240,  239,  240,  210,  211,
+ /*   120 */   212,  314,  315,  314,   59,  316,   86,  252,   88,  252,
+ /*   130 */    19,  314,  315,  256,  257,  113,   25,   72,  296,  138,
+ /*   140 */   139,  266,  102,  103,  104,  105,  106,  107,  108,  109,
  /*   150 */   110,  111,  112,  113,   43,   44,   45,   46,   47,   48,
- /*   160 */    49,   50,   51,   52,   53,   54,   55,   56,   57,  240,
- /*   170 */   241,  116,  117,  118,  119,  240,  241,  122,  123,  124,
- /*   180 */    69,  298,  253,  194,  255,  106,  107,  132,  253,  141,
- /*   190 */   255,   54,   55,   56,   57,   58,  207,  268,  102,  103,
- /*   200 */   104,  105,  106,  107,  108,  109,  110,  111,  112,  113,
- /*   210 */   214,  128,  129,  102,  103,  104,  105,  106,  107,  108,
- /*   220 */   109,  110,  111,  112,  113,  134,   25,  136,  137,  300,
- /*   230 */   165,  166,  153,   19,  155,   54,   55,   56,   57,  102,
+ /*   160 */    49,   50,   51,   52,   53,   54,   55,   56,   57,   81,
+ /*   170 */   292,   59,  292,  298,  108,  109,  110,  111,  112,  113,
+ /*   180 */    69,  116,  117,  118,   72,  106,  107,  193,  111,  112,
+ /*   190 */   113,   54,   55,   56,   57,   58,  102,  103,  104,  105,
+ /*   200 */   106,  107,  108,  109,  110,  111,  112,  113,  120,   25,
+ /*   210 */   216,  217,  145,  102,  103,  104,  105,  106,  107,  108,
+ /*   220 */   109,  110,  111,  112,  113,  231,  138,  139,  116,  117,
+ /*   230 */   118,  164,  153,   19,  155,   54,   55,   56,   57,  102,
  /*   240 */   103,  104,  105,  106,  107,  108,  109,  110,  111,  112,
- /*   250 */   113,  108,  109,  110,  111,  112,  113,   43,   44,   45,
+ /*   250 */   113,  128,  129,   46,   47,   48,   49,   43,   44,   45,
  /*   260 */    46,   47,   48,   49,   50,   51,   52,   53,   54,   55,
- /*   270 */    56,   57,  276,  277,  278,  113,  194,   19,   22,   23,
- /*   280 */   194,   67,   24,  102,  103,  104,  105,  106,  107,  108,
- /*   290 */   109,  110,  111,  112,  113,  220,  250,   59,  252,  217,
- /*   300 */   218,   43,   44,   45,   46,   47,   48,   49,   50,   51,
+ /*   270 */    56,   57,  216,  193,   25,   59,  193,   19,  165,  166,
+ /*   280 */   193,   67,   24,  102,  103,  104,  105,  106,  107,  108,
+ /*   290 */   109,  110,  111,  112,  113,   73,  216,  217,   59,  216,
+ /*   300 */   217,   43,   44,   45,   46,   47,   48,   49,   50,   51,
  /*   310 */    52,   53,   54,   55,   56,   57,  102,  103,  104,  105,
- /*   320 */   106,  107,  108,  109,  110,  111,  112,  113,  106,  107,
- /*   330 */   108,  109,  110,  111,  112,  113,  254,   59,  205,  138,
- /*   340 */   139,   19,   20,  194,   22,  263,   22,   23,  231,   25,
- /*   350 */    72,  276,  277,  278,  116,  117,  118,  101,   36,   76,
+ /*   320 */   106,  107,  108,  109,  110,  111,  112,  113,  121,  145,
+ /*   330 */    59,  193,  116,  117,  118,  119,  273,  204,  122,  123,
+ /*   340 */   124,   19,   20,  134,   22,  136,  137,   19,  132,  127,
+ /*   350 */   128,  129,   24,   22,   23,  116,  117,  118,   36,  193,
  /*   360 */   102,  103,  104,  105,  106,  107,  108,  109,  110,  111,
- /*   370 */   112,  113,   89,  240,  241,   92,   73,  194,  194,   73,
- /*   380 */    19,   59,  188,  189,  190,  191,  253,   81,  255,  151,
- /*   390 */   196,   25,  198,   71,  116,  117,  118,  311,  312,  205,
- /*   400 */   217,  218,  316,   81,   43,   44,   45,   46,   47,   48,
- /*   410 */    49,   50,   51,   52,   53,   54,   55,   56,   57,  270,
- /*   420 */    22,   23,  100,   25,   59,  101,  138,  139,  106,  107,
- /*   430 */   127,  128,  129,  127,  240,  241,  114,  254,  116,  117,
- /*   440 */   118,   76,   76,  121,  138,  139,  263,  253,  264,  255,
- /*   450 */   205,  275,   87,   19,   89,   89,  194,   92,   92,  199,
- /*   460 */   138,  139,  268,  102,  103,  104,  105,  106,  107,  108,
+ /*   370 */   112,  113,  239,  240,  311,  312,  215,  106,  107,  241,
+ /*   380 */    19,   59,  216,  217,  223,  252,  115,  116,  117,  118,
+ /*   390 */   151,  120,   26,   71,  193,  308,  309,  193,  149,  128,
+ /*   400 */   313,  216,  269,   81,   43,   44,   45,   46,   47,   48,
+ /*   410 */    49,   50,   51,   52,   53,   54,   55,   56,   57,  253,
+ /*   420 */   216,  217,  100,   95,  153,   59,  155,  261,  106,  107,
+ /*   430 */    25,  193,  101,  193,  193,  231,  114,   25,  116,  117,
+ /*   440 */   118,  113,  304,  121,  193,  204,   59,  119,  120,  121,
+ /*   450 */   122,  123,  124,  125,  216,  217,  193,  216,  217,  131,
+ /*   460 */   138,  139,  230,  102,  103,  104,  105,  106,  107,  108,
  /*   470 */   109,  110,  111,  112,  113,  153,  154,  155,  156,  157,
- /*   480 */    81,  116,  117,  118,  129,  240,  241,  224,   19,  226,
- /*   490 */   314,  315,   23,   25,  300,   59,   22,  234,  253,  101,
- /*   500 */   255,  236,  237,   26,  194,  183,  194,  152,   72,   22,
- /*   510 */   145,  150,   43,   44,   45,   46,   47,   48,   49,   50,
- /*   520 */    51,   52,   53,   54,   55,   56,   57,  217,  218,  217,
- /*   530 */   218,   19,  189,   59,  191,   23,   59,  138,  139,  196,
- /*   540 */   135,  198,  232,  283,  232,  140,   59,  287,  205,  275,
- /*   550 */   116,  205,  116,  117,  118,   43,   44,   45,   46,   47,
+ /*   480 */   239,  240,  116,  117,  118,   76,  193,   23,   19,   25,
+ /*   490 */    22,  253,   23,  252,  253,  108,   87,  204,   89,  261,
+ /*   500 */   198,   92,  261,  116,  117,  118,  193,  306,  307,  216,
+ /*   510 */   217,  150,   43,   44,   45,   46,   47,   48,   49,   50,
+ /*   520 */    51,   52,   53,   54,   55,   56,   57,   59,  193,  216,
+ /*   530 */   217,   19,  239,  240,  283,   23,  106,  107,  108,  109,
+ /*   540 */   110,  111,  112,  113,   73,  252,  253,  142,  308,  309,
+ /*   550 */   138,  139,   81,  313,  145,   43,   44,   45,   46,   47,
  /*   560 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
- /*   570 */   194,  102,  103,  104,  105,  106,  107,  108,  109,  110,
- /*   580 */   111,  112,  113,  240,  241,  194,  240,  241,  314,  315,
- /*   590 */   116,  117,  118,  116,  117,  118,  253,  194,  255,  253,
- /*   600 */    59,  255,   19,  116,  117,  118,   23,   22,  217,  218,
- /*   610 */   142,  268,  205,  275,  102,  103,  104,  105,  106,  107,
+ /*   570 */   307,  102,  103,  104,  105,  106,  107,  108,  109,  110,
+ /*   580 */   111,  112,  113,  281,  116,  117,  118,  285,   23,  193,
+ /*   590 */    25,  119,   59,  193,  122,  123,  124,   59,  127,  203,
+ /*   600 */    59,  205,   19,  268,  132,   25,   23,   22,  193,  138,
+ /*   610 */   139,  249,  204,  251,  102,  103,  104,  105,  106,  107,
  /*   620 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   630 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*   640 */    57,   19,  194,  300,   59,   23,  119,  240,  241,  122,
- /*   650 */   123,  124,  314,  315,  194,  236,  237,  194,  117,  132,
- /*   660 */   253,   81,  255,  205,   59,   43,   44,   45,   46,   47,
+ /*   640 */    57,   19,   22,   23,   59,   23,   25,  239,  240,  116,
+ /*   650 */   117,  118,  193,   11,  116,  117,  118,  116,  117,  118,
+ /*   660 */   252,  269,   22,  193,   15,   43,   44,   45,   46,   47,
  /*   670 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
- /*   680 */   217,  218,  194,  194,  194,  102,  103,  104,  105,  106,
- /*   690 */   107,  108,  109,  110,  111,  112,  113,  294,  240,  241,
- /*   700 */   120,  116,  117,  118,   59,  194,  217,  218,  211,  212,
- /*   710 */   213,  253,   19,  255,  194,   19,   23,  254,  138,  139,
- /*   720 */    24,  232,  117,  194,  102,  103,  104,  105,  106,  107,
+ /*   680 */   273,  143,  193,  118,  143,  102,  103,  104,  105,  106,
+ /*   690 */   107,  108,  109,  110,  111,  112,  113,   76,  118,   59,
+ /*   700 */   241,  116,  117,  118,  304,  216,  217,  292,  143,   60,
+ /*   710 */    89,  241,   19,   92,  193,  193,   23,   22,  311,  312,
+ /*   720 */   231,  101,   22,  143,  102,  103,  104,  105,  106,  107,
  /*   730 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   740 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*   750 */    57,   19,  264,  108,   76,   23,  127,  128,  129,  311,
- /*   760 */   312,  116,  117,  118,  316,   87,  306,   89,  308,  194,
- /*   770 */    92,   22,   59,  194,   22,   43,   44,   45,   46,   47,
+ /*   750 */    57,   19,  193,  193,   59,   23,  116,  117,  118,   59,
+ /*   760 */   201,   21,  241,  304,  193,  206,  127,  128,  129,  193,
+ /*   770 */   128,  129,  235,  236,  304,   43,   44,   45,   46,   47,
  /*   780 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
- /*   790 */   194,   95,  217,  218,  265,  102,  103,  104,  105,  106,
- /*   800 */   107,  108,  109,  110,  111,  112,  113,  232,   59,  113,
- /*   810 */    25,   59,  194,  217,  218,  119,  120,  121,  122,  123,
- /*   820 */   124,  125,   19,  145,  194,  194,   23,  131,  232,  116,
- /*   830 */   117,  118,   35,  194,  102,  103,  104,  105,  106,  107,
+ /*   790 */    22,  193,  216,  217,  193,  102,  103,  104,  105,  106,
+ /*   800 */   107,  108,  109,  110,  111,  112,  113,  231,  193,  193,
+ /*   810 */   193,  116,  117,  118,  216,  217,  116,  117,  118,  226,
+ /*   820 */    80,  193,   19,  235,  236,  304,   23,  211,  212,  231,
+ /*   830 */   204,  216,  217,  205,  102,  103,  104,  105,  106,  107,
  /*   840 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   850 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*   860 */    57,   19,  194,   66,  194,  116,  117,  118,  116,  117,
- /*   870 */   118,   74,  242,  294,  194,  194,  206,   23,  194,   25,
- /*   880 */   194,  111,  112,  113,   25,   43,   44,   45,   46,   47,
+ /*   860 */    57,   19,  193,  123,   76,  239,  240,  193,  253,  239,
+ /*   870 */   240,  239,  240,  244,  106,  107,  193,   89,  252,  193,
+ /*   880 */    92,   59,  252,  254,  252,   43,   44,   45,   46,   47,
  /*   890 */    48,   49,   50,   51,   52,   53,   54,   55,   56,   57,
- /*   900 */    24,  194,  194,  217,  218,  102,  103,  104,  105,  106,
- /*   910 */   107,  108,  109,  110,  111,  112,  113,  241,  232,  194,
- /*   920 */   212,  213,  242,  242,  217,  218,  242,  130,   11,  253,
- /*   930 */   194,  255,   19,  265,  149,   59,  306,  194,  308,  232,
- /*   940 */   309,  310,  217,  218,  102,  103,  104,  105,  106,  107,
+ /*   900 */   284,  161,  216,  217,  193,  102,  103,  104,  105,  106,
+ /*   910 */   107,  108,  109,  110,  111,  112,  113,  231,  193,  244,
+ /*   920 */   187,  188,  189,  190,    7,    8,    9,  309,  195,  254,
+ /*   930 */   197,  313,   19,  127,  128,  129,  262,  204,   22,  117,
+ /*   940 */    24,  216,  217,  273,  102,  103,  104,  105,  106,  107,
  /*   950 */   108,  109,  110,  111,  112,  113,   43,   44,   45,   46,
  /*   960 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*   970 */    57,  194,  194,   59,  194,  239,   19,  194,   25,  254,
- /*   980 */   303,  304,   23,  194,   25,  126,  306,  306,  308,  308,
- /*   990 */   306,  271,  308,  117,  286,  217,  218,  217,  218,  194,
- /*  1000 */   194,  159,   45,   46,   47,   48,   49,   50,   51,   52,
+ /*   970 */    57,  193,  239,  240,  193,   59,   19,  188,  253,  190,
+ /*   980 */   193,  311,  312,   16,  195,  252,  197,  193,   19,  301,
+ /*   990 */   302,  135,  193,  204,  216,  217,  140,  216,  217,  266,
+ /*  1000 */   204,  159,   45,   46,   47,   48,   49,   50,   51,   52,
  /*  1010 */    53,   54,   55,   56,   57,  102,  103,  104,  105,  106,
- /*  1020 */   107,  108,  109,  110,  111,  112,  113,   59,  239,  194,
- /*  1030 */   116,  117,  118,  260,  254,  194,  240,  241,  194,  233,
- /*  1040 */   205,  240,  241,  205,  239,  128,  129,  270,  265,  253,
- /*  1050 */   194,  255,  217,  218,  253,  194,  255,  143,  280,  102,
+ /*  1020 */   107,  108,  109,  110,  111,  112,  113,   12,  239,  240,
+ /*  1030 */   193,  298,  238,  117,  253,  239,  240,  238,  259,  260,
+ /*  1040 */   193,  252,   27,  193,   77,  193,   79,  204,  252,  262,
+ /*  1050 */   193,  299,  300,  193,  100,  266,  278,   42,  204,  102,
  /*  1060 */   103,  104,  105,  106,  107,  108,  109,  110,  111,  112,
- /*  1070 */   113,  118,  159,  217,  218,  240,  241,  118,  240,  241,
- /*  1080 */   194,  194,  194,  239,  116,  117,  118,   22,  253,  254,
- /*  1090 */   255,  253,   19,  255,  233,  194,  143,   24,  263,  212,
- /*  1100 */   213,  194,  143,  217,  218,  217,  218,  261,  262,  271,
- /*  1110 */   254,  143,   19,    7,    8,    9,   43,   44,   45,   46,
+ /*  1070 */   113,  117,  159,  216,  217,  121,  216,  217,   63,  193,
+ /*  1080 */   193,  193,  239,  240,  115,  116,  193,  298,   73,  240,
+ /*  1090 */   238,  231,   19,  239,  240,  252,   22,   24,  211,  212,
+ /*  1100 */   263,  252,  216,  217,  216,  217,  252,  153,  154,  155,
+ /*  1110 */   253,  193,   19,  144,  213,  268,   43,   44,   45,   46,
  /*  1120 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*  1130 */    57,   16,   19,   22,   23,  294,   43,   44,   45,   46,
+ /*  1130 */    57,  193,   19,   59,  216,  217,   43,   44,   45,   46,
  /*  1140 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*  1150 */    57,  312,  194,  214,   21,  316,   43,   44,   45,   46,
+ /*  1150 */    57,  193,   19,   24,  216,  217,   43,   44,   45,   46,
  /*  1160 */    47,   48,   49,   50,   51,   52,   53,   54,   55,   56,
- /*  1170 */    57,  106,  107,  286,  194,  102,  103,  104,  105,  106,
- /*  1180 */   107,  108,  109,  110,  111,  112,  113,  207,  158,   59,
- /*  1190 */   160,   22,   77,   24,   79,  102,  103,  104,  105,  106,
- /*  1200 */   107,  108,  109,  110,  111,  112,  113,  194,  194,  229,
- /*  1210 */   194,  231,  101,   80,   22,  102,  103,  104,  105,  106,
- /*  1220 */   107,  108,  109,  110,  111,  112,  113,  288,   59,   12,
- /*  1230 */   217,  218,  293,  217,  218,   19,  106,  107,   59,   19,
- /*  1240 */    16,  127,  128,  129,   27,  115,  116,  117,  118,  194,
- /*  1250 */   120,   59,   22,  194,   24,  194,  123,  100,  128,   42,
+ /*  1170 */    57,  284,  193,  208,  209,  102,  103,  104,  105,  106,
+ /*  1180 */   107,  108,  109,  110,  111,  112,  113,  286,   59,  193,
+ /*  1190 */   232,  117,  291,  193,  193,  102,  103,  104,  105,  106,
+ /*  1200 */   107,  108,  109,  110,  111,  112,  113,  193,  204,   22,
+ /*  1210 */    23,  193,   25,   66,  193,  102,  103,  104,  105,  106,
+ /*  1220 */   107,  108,  109,  110,  111,  112,  113,  193,  193,  193,
+ /*  1230 */   216,  217,   85,  193,  238,   19,   16,  216,  217,  238,
+ /*  1240 */   193,   94,  193,  239,  240,  231,  117,  268,   35,  116,
+ /*  1250 */   216,  217,  216,  217,   22,   23,  252,   25,  208,  209,
  /*  1260 */    44,   45,   46,   47,   48,   49,   50,   51,   52,   53,
- /*  1270 */    54,   55,   56,   57,  117,  194,  217,  218,  121,  100,
- /*  1280 */    63,  194,  245,  153,  194,  155,  117,   19,  115,  194,
- /*  1290 */    73,  214,  194,  256,  161,  116,  117,  194,  217,  218,
- /*  1300 */   121,   77,  194,   79,  217,  218,  194,  217,  218,  117,
- /*  1310 */   153,  154,  155,  254,   46,  217,  218,  144,  102,  103,
+ /*  1270 */    54,   55,   56,   57,  193,  193,   19,    5,   59,   66,
+ /*  1280 */   193,  263,   10,   11,   12,   13,   14,   74,  101,   17,
+ /*  1290 */   193,   46,  193,  146,  193,   76,  213,   77,  263,   79,
+ /*  1300 */    12,  260,   30,   46,   32,  264,   87,  193,   89,   29,
+ /*  1310 */   263,   92,   40,   33,  232,   27,  193,  108,  102,  103,
  /*  1320 */   104,  105,  106,  107,  108,  109,  110,  111,  112,  113,
- /*  1330 */   232,  270,  153,  154,  155,  115,  116,   66,   19,   20,
- /*  1340 */   183,   22,   12,  312,  254,  194,  262,  316,  209,  210,
- /*  1350 */   266,  239,  194,  194,  108,   36,   85,   27,   19,   20,
- /*  1360 */   265,   22,  183,  245,  144,   94,   25,   48,  217,  218,
- /*  1370 */   293,  194,   42,  270,  256,   36,  217,  218,   59,  194,
- /*  1380 */    25,  135,  194,  115,  194,  161,  140,  194,  194,   15,
- /*  1390 */    71,  194,  312,   63,  217,  218,  316,  194,   59,  131,
- /*  1400 */   301,  302,  217,  218,   85,  217,  218,  217,  218,   90,
- /*  1410 */    71,  217,  218,   19,  217,  218,  245,  146,  262,  100,
- /*  1420 */   217,  218,  266,  265,   85,  106,  107,  256,  312,   90,
- /*  1430 */   209,  210,  316,  114,   60,  116,  117,  118,  194,  100,
- /*  1440 */   121,  194,  194,  145,  115,  106,  107,   19,   46,   19,
- /*  1450 */    20,   24,   22,  114,  194,  116,  117,  118,  194,  245,
- /*  1460 */   121,  194,  164,  194,  217,  218,   36,  194,  258,  259,
- /*  1470 */   256,  194,  153,  154,  155,  156,  157,  217,  218,  150,
- /*  1480 */    31,  217,  218,  142,  217,  218,  217,  218,   39,   59,
- /*  1490 */   217,  218,  153,  154,  155,  156,  157,  149,  150,    5,
- /*  1500 */   145,   71,  183,  245,   10,   11,   12,   13,   14,  194,
- /*  1510 */   116,   17,  129,  227,  256,   85,  194,  115,  194,   23,
- /*  1520 */    90,   25,  183,   99,   30,   97,   32,   22,   22,  194,
- /*  1530 */   100,  194,  217,  218,   40,  152,  106,  107,   23,  217,
- /*  1540 */   218,  194,   19,   20,  114,   22,  116,  117,  118,  257,
- /*  1550 */   194,  121,  217,  218,  217,  218,  194,  133,   53,   36,
- /*  1560 */    23,   23,   25,   25,   70,  120,  121,   61,  141,    7,
- /*  1570 */     8,  121,   78,  217,  218,   81,   23,  227,   25,  217,
- /*  1580 */   218,  131,   59,  153,  154,  155,  156,  157,    0,    1,
- /*  1590 */     2,   59,   98,    5,   71,   23,  227,   25,   10,   11,
- /*  1600 */    12,   13,   14,   83,   84,   17,   23,   23,   25,   25,
- /*  1610 */    59,  194,  194,  183,   23,   23,   25,   25,   30,  194,
- /*  1620 */    32,   19,   20,  100,   22,  194,  194,  133,   40,  106,
- /*  1630 */   107,  108,  138,  139,  194,  217,  218,  114,   36,  116,
- /*  1640 */   117,  118,  217,  218,  121,  194,  194,  194,   23,  117,
- /*  1650 */    25,  194,   23,   23,   25,   25,  162,  194,   70,  194,
- /*  1660 */   145,   59,   23,  153,   25,  155,   78,  194,  117,   81,
- /*  1670 */   217,  218,  194,   71,  217,  218,  153,  154,  155,  156,
- /*  1680 */   157,  194,  217,  218,  194,   23,   98,   25,  321,  194,
- /*  1690 */   217,  218,  194,   19,   20,  194,   22,  153,   23,  155,
- /*  1700 */    25,  194,  100,  194,  217,  218,  183,  194,  106,  107,
- /*  1710 */    36,  194,  217,  218,  237,  194,  114,  243,  116,  117,
- /*  1720 */   118,  133,  194,  121,  217,  218,  138,  139,  194,  194,
- /*  1730 */   194,  290,  289,   59,  217,  218,  194,  194,  217,  218,
- /*  1740 */   194,  194,  140,  194,  194,   71,  194,  244,  194,  194,
- /*  1750 */   162,  217,  218,  194,  194,  153,  154,  155,  156,  157,
- /*  1760 */   217,  218,  194,  217,  218,  194,  217,  218,  257,  217,
- /*  1770 */   218,  217,  218,  257,  100,  194,  257,  217,  218,  257,
- /*  1780 */   106,  107,  215,  299,  194,  183,  192,  194,  114,  194,
- /*  1790 */   116,  117,  118,    1,    2,  121,  221,    5,  217,  218,
- /*  1800 */   273,  197,   10,   11,   12,   13,   14,  217,  218,   17,
- /*  1810 */   217,  218,  217,  218,  140,  194,  246,  194,  273,  295,
- /*  1820 */   247,  273,   30,  247,   32,  269,  269,  153,  154,  155,
- /*  1830 */   156,  157,   40,  246,  273,  295,  230,  226,  217,  218,
- /*  1840 */   217,  218,  220,  261,  220,  282,  220,   19,   20,  244,
- /*  1850 */    22,  250,  141,  250,  246,   60,  201,  183,  261,  261,
- /*  1860 */   261,  201,   70,  299,   36,  299,  201,   38,  151,  150,
- /*  1870 */    78,  285,   22,   81,  296,  296,   43,  235,   18,  238,
- /*  1880 */   201,  274,  272,  238,  238,  238,   18,   59,  200,  149,
- /*  1890 */    98,  247,  274,  274,  235,  247,  247,  247,  235,   71,
- /*  1900 */   272,  201,  200,  158,  292,   62,  291,  201,  200,   22,
- /*  1910 */   201,  222,  200,  222,  201,  200,  115,  219,  219,   64,
- /*  1920 */   219,  228,   22,  126,  221,  133,  165,  222,  100,  225,
- /*  1930 */   138,  139,  225,  219,  106,  107,   24,  219,  228,  219,
- /*  1940 */   219,  307,  114,  113,  116,  117,  118,  315,  284,  121,
- /*  1950 */   284,  222,  201,   91,  162,  320,  320,   82,  148,  267,
- /*  1960 */   145,  267,   22,  279,  201,  158,  281,  251,  147,  146,
- /*  1970 */    25,  203,  250,  249,  251,  248,   13,  247,  195,  195,
- /*  1980 */     6,  153,  154,  155,  156,  157,  193,  193,  305,  193,
- /*  1990 */   208,  305,  302,  214,  214,  214,  208,  223,  223,  214,
- /*  2000 */     4,  215,  215,  214,    3,   22,  208,  163,   15,   23,
- /*  2010 */    16,  183,   23,  139,  151,  130,   25,   20,  142,   24,
- /*  2020 */    16,  144,    1,  142,  130,  130,   61,   37,   53,  151,
- /*  2030 */    53,   53,   53,  130,  116,    1,   34,  141,    5,   22,
- /*  2040 */   115,  161,   75,   25,   68,  141,   41,  115,   68,   24,
- /*  2050 */    20,   19,  131,  125,   67,   67,   96,   22,   22,   22,
- /*  2060 */    37,   23,   22,   24,   22,   59,   67,   23,  149,   28,
- /*  2070 */    22,   25,   23,   23,   23,   22,  141,   34,   97,   23,
- /*  2080 */    23,   34,  116,   22,  143,   25,   34,   75,   34,   34,
- /*  2090 */    75,   88,   34,   86,   23,   22,   34,   25,   24,   34,
- /*  2100 */    25,   93,   23,   44,  142,   23,  142,   23,   23,   22,
- /*  2110 */    11,   25,   23,   25,   23,   22,   22,   22,    1,   23,
- /*  2120 */    23,   23,   22,   22,   15,  141,  141,   25,   25,    1,
- /*  2130 */   322,  322,  322,  135,  322,  322,  322,  322,  322,  322,
- /*  2140 */   322,  141,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2150 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2160 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2170 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2180 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2190 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2200 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2210 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2220 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2230 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2240 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2250 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2260 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2270 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2280 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2290 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2300 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2310 */   322,  322,  322,  322,  322,  322,  322,  322,  322,  322,
- /*  2320 */   322,  322,  322,  322,  322,  322,  322,  322,
+ /*  1330 */    42,  138,  139,  101,  193,  116,  117,  118,   19,   20,
+ /*  1340 */   255,   22,   70,  130,  135,   65,  256,  257,  193,  140,
+ /*  1350 */    78,   63,  193,   81,  193,   36,  193,  216,  217,  193,
+ /*  1360 */   115,  193,  263,  193,  145,  268,   59,   48,  193,  193,
+ /*  1370 */    98,  193,  115,  193,  291,  216,  217,  193,   59,  216,
+ /*  1380 */   217,  161,  216,  217,  216,  217,  216,  217,  131,  193,
+ /*  1390 */    71,  193,  216,  217,  216,  217,  216,  217,  193,  260,
+ /*  1400 */   216,  217,   19,  264,   85,  133,  244,  100,  193,   90,
+ /*  1410 */   138,  139,  216,  217,  216,  217,  254,  244,  193,  100,
+ /*  1420 */   193,  216,  217,  116,  117,  106,  107,  254,  121,  193,
+ /*  1430 */   115,  216,  217,  114,  162,  116,  117,  118,  115,  244,
+ /*  1440 */   121,  216,  217,  216,  217,  193,  309,  193,   31,  254,
+ /*  1450 */   313,  309,  216,  217,  309,  313,   39,  193,  313,  309,
+ /*  1460 */   153,  154,  155,  313,  193,  150,   25,  144,  216,  217,
+ /*  1470 */   216,  217,  153,  154,  155,  156,  157,    0,    1,    2,
+ /*  1480 */   216,  217,    5,  149,  150,   22,  193,   10,   11,   12,
+ /*  1490 */    13,   14,  193,  158,   17,  160,  193,   19,   20,  116,
+ /*  1500 */    22,   25,  193,   24,   22,  193,   24,   30,  226,   32,
+ /*  1510 */    19,   20,  226,   22,   36,  193,   53,   40,  193,  216,
+ /*  1520 */   217,  193,   23,  193,   25,  216,  217,   36,  216,  217,
+ /*  1530 */   193,   99,  193,  193,   22,  193,  193,   59,  216,  217,
+ /*  1540 */   193,  216,  217,  193,  216,  217,  193,   70,  129,   71,
+ /*  1550 */    59,  129,  193,  216,  217,   78,  216,  217,   81,  216,
+ /*  1560 */   217,  193,   71,   85,  193,  133,  193,  126,   90,  216,
+ /*  1570 */   217,  152,  258,   61,  152,   98,   85,  193,  100,  193,
+ /*  1580 */    23,   90,   25,  121,  106,  107,   23,  216,  217,  216,
+ /*  1590 */   217,  100,  114,  131,  116,  117,  118,  106,  107,  121,
+ /*  1600 */   216,  217,  216,  217,  193,  114,  193,  116,  117,  118,
+ /*  1610 */   133,   22,  121,  193,   59,  138,  139,  193,  142,  193,
+ /*  1620 */   141,   23,   23,   25,   25,  120,  121,  216,  217,  216,
+ /*  1630 */   217,  153,  154,  155,  156,  157,  216,  217,   19,  162,
+ /*  1640 */   216,  217,  216,  217,  153,  154,  155,  156,  157,    1,
+ /*  1650 */     2,  193,   59,    5,   19,   20,  318,   22,   10,   11,
+ /*  1660 */    12,   13,   14,  193,   59,   17,  193,   23,   23,   25,
+ /*  1670 */    25,   36,  117,  193,  216,  217,  193,   23,   30,   25,
+ /*  1680 */    32,   19,   20,   23,   22,   25,  216,  217,   40,  216,
+ /*  1690 */   217,    7,    8,   23,   59,   25,   83,   84,   36,   23,
+ /*  1700 */   193,   25,   23,   23,   25,   25,   71,  153,  145,  155,
+ /*  1710 */   117,  153,   23,  155,   25,   23,   97,   25,   70,  193,
+ /*  1720 */   193,   59,  117,  236,  193,  193,   78,  193,  193,   81,
+ /*  1730 */   141,  193,  193,   71,  193,  100,  288,  287,  242,  255,
+ /*  1740 */   255,  106,  107,  108,  255,  255,   98,  243,  297,  114,
+ /*  1750 */   214,  116,  117,  118,  245,  191,  121,  271,  293,  267,
+ /*  1760 */   267,  246,  100,  246,  245,  271,  271,  293,  106,  107,
+ /*  1770 */   220,  271,  229,  225,  249,  219,  114,  259,  116,  117,
+ /*  1780 */   118,  133,  259,  121,  219,  219,  138,  139,  153,  154,
+ /*  1790 */   155,  156,  157,  280,  249,  243,   19,   20,  245,   22,
+ /*  1800 */   196,  259,  140,  259,   60,  297,  141,  297,  200,  200,
+ /*  1810 */   162,   38,  200,   36,  294,  153,  154,  155,  156,  157,
+ /*  1820 */   151,  150,  294,  283,   22,   43,  234,   18,  237,  200,
+ /*  1830 */   270,  272,  237,  237,  237,   18,   59,  199,  270,  149,
+ /*  1840 */   246,  272,  272,  200,  234,  234,  246,  246,   71,  246,
+ /*  1850 */   199,  158,  290,   62,   22,  200,   19,   20,  199,   22,
+ /*  1860 */   289,  221,  221,  200,  200,  199,  199,  115,  218,   64,
+ /*  1870 */   218,  218,   22,   36,  227,  126,  227,  100,  165,  221,
+ /*  1880 */   224,  224,   24,  106,  107,  312,  218,  305,  113,  282,
+ /*  1890 */    91,  114,  220,  116,  117,  118,   59,  282,  121,  218,
+ /*  1900 */   218,  218,  200,  317,  317,   82,  221,  265,   71,  148,
+ /*  1910 */   145,  265,   22,  277,  200,  158,  279,  140,  147,   25,
+ /*  1920 */   146,  202,  248,  250,  249,  247,   13,  250,  194,  194,
+ /*  1930 */   153,  154,  155,  156,  157,    6,  303,  100,  192,  192,
+ /*  1940 */   246,  213,  192,  106,  107,  207,  213,  207,  222,  213,
+ /*  1950 */   213,  114,  222,  116,  117,  118,  214,  214,  121,    4,
+ /*  1960 */   207,  213,    3,   22,  303,   15,  163,   16,   23,   23,
+ /*  1970 */   139,  151,  130,   25,   20,  142,   24,   16,  144,    1,
+ /*  1980 */   142,  130,  130,   61,   37,   53,  300,  151,   53,   53,
+ /*  1990 */   153,  154,  155,  156,  157,   53,  130,  116,   34,    1,
+ /*  2000 */   141,    5,   22,  115,  161,   68,   25,   68,   75,   41,
+ /*  2010 */   141,  115,   24,   20,   19,  131,  125,   23,   28,   22,
+ /*  2020 */    67,   22,   22,   22,   67,   59,   24,   96,   22,   67,
+ /*  2030 */    23,  149,   22,   25,   23,   23,   23,   22,   34,  141,
+ /*  2040 */    37,   97,   23,   23,  116,   22,  143,   25,   34,   75,
+ /*  2050 */    34,   34,   34,   88,   75,   34,   86,   23,   22,   34,
+ /*  2060 */    93,   24,   34,   25,   25,  142,  142,   23,   44,   23,
+ /*  2070 */    23,   23,   23,   11,   23,   25,   22,   22,   22,  141,
+ /*  2080 */    23,   23,   22,   22,   25,   15,    1,   23,   25,    1,
+ /*  2090 */   141,  135,  319,  319,  319,  319,  319,  319,  319,  141,
+ /*  2100 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2110 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2120 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2130 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2140 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2150 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2160 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2170 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2180 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2190 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2200 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2210 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2220 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2230 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2240 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2250 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2260 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2270 */   319,  319,  319,  319,  319,  319,  319,  319,  319,  319,
+ /*  2280 */   319,  319,  319,  319,  319,
 };
-#define YY_SHIFT_COUNT    (582)
+#define YY_SHIFT_COUNT    (578)
 #define YY_SHIFT_MIN      (0)
-#define YY_SHIFT_MAX      (2128)
+#define YY_SHIFT_MAX      (2088)
 static const unsigned short int yy_shift_ofst[] = {
- /*     0 */  1792, 1588, 1494,  322,  322,  399,  306, 1319, 1339, 1430,
- /*    10 */  1828, 1828, 1828,  580,  399,  399,  399,  399,  399,    0,
- /*    20 */     0,  214, 1093, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
- /*    30 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1130, 1130,
- /*    40 */   365,  365,   55,  278,  436,  713,  713,  201,  201,  201,
- /*    50 */   201,   40,  111,  258,  361,  469,  512,  583,  622,  693,
- /*    60 */   732,  803,  842,  913, 1073, 1093, 1093, 1093, 1093, 1093,
- /*    70 */  1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093,
- /*    80 */  1093, 1093, 1093, 1113, 1093, 1216,  957,  957, 1523, 1602,
- /*    90 */  1674, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
- /*   100 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
- /*   110 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
- /*   120 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
- /*   130 */  1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828, 1828,
- /*   140 */   137,  181,  181,  181,  181,  181,  181,  181,   96,  222,
- /*   150 */   143,  477,  713, 1133, 1268,  713,  713,   79,   79,  713,
- /*   160 */   770,   83,   65,   65,   65,  288,  162,  162, 2142, 2142,
- /*   170 */   696,  696,  696,  238,  474,  474,  474,  474, 1217, 1217,
- /*   180 */   678,  477,  324,  398,  713,  713,  713,  713,  713,  713,
- /*   190 */   713,  713,  713,  713,  713,  713,  713,  713,  713,  713,
- /*   200 */   713,  713,  713, 1220,  366,  366,  713,  917,  283,  283,
- /*   210 */   434,  434,  605,  605, 1298, 2142, 2142, 2142, 2142, 2142,
- /*   220 */  2142, 2142, 1179, 1157, 1157,  487,  527,  585,  645,  749,
- /*   230 */   914,  968,  752,  713,  713,  713,  713,  713,  713,  713,
- /*   240 */   713,  713,  713,  303,  713,  713,  713,  713,  713,  713,
- /*   250 */   713,  713,  713,  713,  713,  713,  797,  797,  797,  713,
- /*   260 */   713,  713,  959,  713,  713,  713, 1169, 1271,  713,  713,
- /*   270 */  1330,  713,  713,  713,  713,  713,  713,  713,  713,  629,
- /*   280 */     7,   91,  876,  876,  876,  876,  953,   91,   91, 1246,
- /*   290 */  1065, 1106, 1374, 1329, 1348,  468, 1348, 1394,  785, 1329,
- /*   300 */  1329,  785, 1329,  468, 1394,  859,  854, 1402, 1449, 1449,
- /*   310 */  1449, 1173, 1173, 1173, 1173, 1355, 1355, 1030, 1341,  405,
- /*   320 */  1230, 1795, 1795, 1711, 1711, 1829, 1829, 1711, 1717, 1719,
- /*   330 */  1850, 1833, 1860, 1860, 1860, 1860, 1711, 1868, 1740, 1719,
- /*   340 */  1719, 1740, 1850, 1833, 1740, 1833, 1740, 1711, 1868, 1745,
- /*   350 */  1843, 1711, 1868, 1887, 1711, 1868, 1711, 1868, 1887, 1801,
- /*   360 */  1801, 1801, 1855, 1900, 1900, 1887, 1801, 1797, 1801, 1855,
- /*   370 */  1801, 1801, 1761, 1912, 1830, 1830, 1887, 1711, 1862, 1862,
- /*   380 */  1875, 1875, 1810, 1815, 1940, 1711, 1807, 1810, 1821, 1823,
- /*   390 */  1740, 1945, 1963, 1963, 1974, 1974, 1974, 2142, 2142, 2142,
- /*   400 */  2142, 2142, 2142, 2142, 2142, 2142, 2142, 2142, 2142, 2142,
- /*   410 */  2142, 2142,   20, 1224,  256, 1111, 1115, 1114, 1192, 1496,
- /*   420 */  1424, 1505, 1427,  355, 1383, 1537, 1506, 1538, 1553, 1583,
- /*   430 */  1584, 1591, 1625,  541, 1445, 1562, 1450, 1572, 1515, 1428,
- /*   440 */  1532, 1592, 1629, 1520, 1630, 1639, 1510, 1544, 1662, 1675,
- /*   450 */  1551,   48, 1996, 2001, 1983, 1844, 1993, 1994, 1986, 1989,
- /*   460 */  1874, 1863, 1885, 1991, 1991, 1995, 1876, 1997, 1877, 2004,
- /*   470 */  2021, 1881, 1894, 1991, 1895, 1965, 1990, 1991, 1878, 1975,
- /*   480 */  1977, 1978, 1979, 1903, 1918, 2002, 1896, 2034, 2033, 2017,
- /*   490 */  1925, 1880, 1976, 2018, 1980, 1967, 2005, 1904, 1932, 2025,
- /*   500 */  2030, 2032, 1921, 1928, 2035, 1987, 2036, 2037, 2038, 2040,
- /*   510 */  1988, 2006, 2039, 1960, 2041, 2042, 1999, 2023, 2044, 2043,
- /*   520 */  1919, 2048, 2049, 2050, 2046, 2051, 2053, 1981, 1935, 2056,
- /*   530 */  2057, 1966, 2047, 2061, 1941, 2060, 2052, 2054, 2055, 2058,
- /*   540 */  2003, 2012, 2007, 2059, 2015, 2008, 2062, 2071, 2073, 2074,
- /*   550 */  2072, 2075, 2065, 1962, 1964, 2079, 2060, 2082, 2084, 2085,
- /*   560 */  2087, 2086, 2089, 2088, 2091, 2093, 2099, 2094, 2095, 2096,
- /*   570 */  2097, 2100, 2101, 2102, 1998, 1984, 1985, 2000, 2103, 2098,
- /*   580 */  2109, 2117, 2128,
+ /*     0 */  1648, 1477, 1272,  322,  322,    1, 1319, 1478, 1491, 1837,
+ /*    10 */  1837, 1837,  471,    0,    0,  214, 1093, 1837, 1837, 1837,
+ /*    20 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
+ /*    30 */  1837,  271,  271, 1219, 1219,  216,   88,    1,    1,    1,
+ /*    40 */     1,    1,   40,  111,  258,  361,  469,  512,  583,  622,
+ /*    50 */   693,  732,  803,  842,  913, 1073, 1093, 1093, 1093, 1093,
+ /*    60 */  1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093, 1093,
+ /*    70 */  1093, 1093, 1093, 1093, 1113, 1093, 1216,  957,  957, 1635,
+ /*    80 */  1662, 1777, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
+ /*    90 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
+ /*   100 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
+ /*   110 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
+ /*   120 */  1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837, 1837,
+ /*   130 */  1837,  137,  181,  181,  181,  181,  181,  181,  181,   94,
+ /*   140 */   430,   66,   65,  112,  366,  533,  533,  740, 1257,  533,
+ /*   150 */   533,   79,   79,  533,  412,  412,  412,   77,  412,  123,
+ /*   160 */   113,  113,  113,   22,   22, 2100, 2100,  328,  328,  328,
+ /*   170 */   239,  468,  468,  468,  468, 1015, 1015,  409,  366, 1187,
+ /*   180 */  1232,  533,  533,  533,  533,  533,  533,  533,  533,  533,
+ /*   190 */   533,  533,  533,  533,  533,  533,  533,  533,  533,  533,
+ /*   200 */   533,  969,  621,  621,  533,  642,  788,  788, 1133, 1133,
+ /*   210 */   822,  822,   67, 1193, 2100, 2100, 2100, 2100, 2100, 2100,
+ /*   220 */  2100, 1307,  954,  954,  585,  472,  640,  387,  695,  538,
+ /*   230 */   541,  700,  533,  533,  533,  533,  533,  533,  533,  533,
+ /*   240 */   533,  533,  222,  533,  533,  533,  533,  533,  533,  533,
+ /*   250 */   533,  533,  533,  533,  533, 1213, 1213, 1213,  533,  533,
+ /*   260 */   533,  565,  533,  533,  533,  916, 1147,  533,  533, 1288,
+ /*   270 */   533,  533,  533,  533,  533,  533,  533,  533,  639, 1280,
+ /*   280 */   209, 1129, 1129, 1129, 1129,  580,  209,  209, 1209,  768,
+ /*   290 */   917,  649, 1315, 1334,  405, 1334, 1383,  249, 1315, 1315,
+ /*   300 */   249, 1315,  405, 1383, 1441,  464, 1245, 1417, 1417, 1417,
+ /*   310 */  1323, 1323, 1323, 1323,  184,  184, 1335, 1476,  856, 1482,
+ /*   320 */  1744, 1744, 1665, 1665, 1773, 1773, 1665, 1669, 1671, 1802,
+ /*   330 */  1782, 1809, 1809, 1809, 1809, 1665, 1817, 1690, 1671, 1671,
+ /*   340 */  1690, 1802, 1782, 1690, 1782, 1690, 1665, 1817, 1693, 1791,
+ /*   350 */  1665, 1817, 1832, 1665, 1817, 1665, 1817, 1832, 1752, 1752,
+ /*   360 */  1752, 1805, 1850, 1850, 1832, 1752, 1749, 1752, 1805, 1752,
+ /*   370 */  1752, 1713, 1858, 1775, 1775, 1832, 1665, 1799, 1799, 1823,
+ /*   380 */  1823, 1761, 1765, 1890, 1665, 1757, 1761, 1771, 1774, 1690,
+ /*   390 */  1894, 1913, 1913, 1929, 1929, 1929, 2100, 2100, 2100, 2100,
+ /*   400 */  2100, 2100, 2100, 2100, 2100, 2100, 2100, 2100, 2100, 2100,
+ /*   410 */  2100,  207, 1220,  331,  620,  967,  806, 1074, 1499, 1432,
+ /*   420 */  1463, 1479, 1419, 1422, 1557, 1512, 1598, 1599, 1644, 1645,
+ /*   430 */  1654, 1660, 1555, 1505, 1684, 1462, 1670, 1563, 1619, 1593,
+ /*   440 */  1676, 1679, 1613, 1680, 1554, 1558, 1689, 1692, 1605, 1589,
+ /*   450 */  1955, 1959, 1941, 1803, 1950, 1951, 1945, 1946, 1831, 1820,
+ /*   460 */  1842, 1948, 1948, 1952, 1833, 1954, 1834, 1961, 1978, 1838,
+ /*   470 */  1851, 1948, 1852, 1922, 1947, 1948, 1836, 1932, 1935, 1936,
+ /*   480 */  1942, 1866, 1881, 1964, 1859, 1998, 1996, 1980, 1888, 1843,
+ /*   490 */  1937, 1981, 1939, 1933, 1968, 1869, 1896, 1988, 1993, 1995,
+ /*   500 */  1884, 1891, 1997, 1953, 1999, 2000, 1994, 2001, 1957, 1966,
+ /*   510 */  2002, 1931, 1990, 2006, 1962, 2003, 2007, 2004, 1882, 2010,
+ /*   520 */  2011, 2012, 2008, 2013, 2015, 1944, 1898, 2019, 2020, 1928,
+ /*   530 */  2014, 2023, 1903, 2022, 2016, 2017, 2018, 2021, 1965, 1974,
+ /*   540 */  1970, 2024, 1979, 1967, 2025, 2034, 2036, 2037, 2038, 2039,
+ /*   550 */  2028, 1923, 1924, 2044, 2022, 2046, 2047, 2048, 2049, 2050,
+ /*   560 */  2051, 2054, 2062, 2055, 2056, 2057, 2058, 2060, 2061, 2059,
+ /*   570 */  1956, 1938, 1949, 1958, 2063, 2064, 2070, 2085, 2088,
 };
-#define YY_REDUCE_COUNT (411)
-#define YY_REDUCE_MIN   (-275)
-#define YY_REDUCE_MAX   (1798)
+#define YY_REDUCE_COUNT (410)
+#define YY_REDUCE_MIN   (-271)
+#define YY_REDUCE_MAX   (1753)
 static const short yy_reduce_ofst[] = {
- /*     0 */   -71,  194,  343,  835, -180, -177,  838, -194, -188, -185,
- /*    10 */  -183,   82,  183,  -65,  133,  245,  346,  407,  458, -178,
- /*    20 */    75, -275,   -4,  310,  312,  489,  575,  596,  463,  686,
- /*    30 */   707,  725,  780, 1098,  856,  778, 1059, 1090,  708,  887,
- /*    40 */    86,  448,  980,  630,  680,  681,  684,  796,  801,  796,
- /*    50 */   801, -261, -261, -261, -261, -261, -261, -261, -261, -261,
- /*    60 */  -261, -261, -261, -261, -261, -261, -261, -261, -261, -261,
- /*    70 */  -261, -261, -261, -261, -261, -261, -261, -261, -261, -261,
- /*    80 */  -261, -261, -261, -261, -261, -261, -261, -261,  391,  886,
- /*    90 */   888, 1013, 1016, 1081, 1087, 1151, 1159, 1177, 1185, 1188,
- /*   100 */  1190, 1194, 1197, 1203, 1247, 1260, 1264, 1267, 1269, 1273,
- /*   110 */  1315, 1322, 1335, 1337, 1356, 1362, 1418, 1425, 1453, 1457,
- /*   120 */  1465, 1473, 1487, 1495, 1507, 1517, 1521, 1534, 1543, 1546,
- /*   130 */  1549, 1552, 1554, 1560, 1581, 1590, 1593, 1595, 1621, 1623,
- /*   140 */  -261, -261, -261, -261, -261, -261, -261, -261, -261, -261,
- /*   150 */  -261, -186, -117,  260,  263,  460,  631,  -74,  497, -181,
- /*   160 */  -261,  939,  176,  274,  338,  676, -261, -261, -261, -261,
- /*   170 */  -212, -212, -212, -184,  149,  777, 1061, 1103,  265,  419,
- /*   180 */  -254,  670,  677,  677,  -11, -129,  184,  488,  736,  789,
- /*   190 */   805,  844,  403,  529,  579,  668,  783,  841, 1158, 1112,
- /*   200 */   806,  861, 1095,  846,  839, 1031, -189, 1077, 1080, 1116,
- /*   210 */  1084, 1156, 1139, 1221,   46, 1099, 1037, 1118, 1171, 1214,
- /*   220 */  1210, 1258, -210, -190, -176, -115,  117,  262,  376,  490,
- /*   230 */   511,  520,  618,  639,  743,  901,  907,  958, 1014, 1055,
- /*   240 */  1108, 1193, 1244,  720, 1248, 1277, 1324, 1347, 1417, 1431,
- /*   250 */  1432, 1440, 1451, 1452, 1463, 1478, 1286, 1350, 1369, 1490,
- /*   260 */  1498, 1501,  773, 1509, 1513, 1528, 1292, 1367, 1535, 1536,
- /*   270 */  1477, 1542,  376, 1547, 1550, 1555, 1559, 1568, 1571, 1441,
- /*   280 */  1443, 1474, 1511, 1516, 1519, 1522,  773, 1474, 1474, 1503,
- /*   290 */  1567, 1594, 1484, 1527, 1556, 1570, 1557, 1524, 1573, 1545,
- /*   300 */  1548, 1576, 1561, 1587, 1540, 1575, 1606, 1611, 1622, 1624,
- /*   310 */  1626, 1582, 1597, 1598, 1599, 1601, 1603, 1563, 1608, 1605,
- /*   320 */  1604, 1564, 1566, 1655, 1660, 1578, 1579, 1665, 1586, 1607,
- /*   330 */  1610, 1642, 1641, 1645, 1646, 1647, 1679, 1688, 1644, 1618,
- /*   340 */  1619, 1648, 1628, 1659, 1649, 1663, 1650, 1700, 1702, 1612,
- /*   350 */  1615, 1706, 1708, 1689, 1709, 1712, 1713, 1715, 1691, 1698,
- /*   360 */  1699, 1701, 1693, 1704, 1707, 1705, 1714, 1703, 1718, 1710,
- /*   370 */  1720, 1721, 1632, 1634, 1664, 1666, 1729, 1751, 1635, 1636,
- /*   380 */  1692, 1694, 1716, 1722, 1684, 1763, 1685, 1723, 1724, 1727,
- /*   390 */  1730, 1768, 1783, 1784, 1793, 1794, 1796, 1683, 1686, 1690,
- /*   400 */  1782, 1779, 1780, 1781, 1785, 1788, 1774, 1775, 1786, 1787,
- /*   410 */  1789, 1798,
+ /*     0 */  -125,  733,  789,  241,  293, -123, -193, -191, -183, -187,
+ /*    10 */   166,  238,  133, -207, -199, -267, -176,   -6,  204,  489,
+ /*    20 */   576,  598, -175,  686,  860,  615,  725, 1014,  778,  781,
+ /*    30 */   857,  616,  887,   87,  240, -192,  408,  626,  796,  843,
+ /*    40 */   854, 1004, -271, -271, -271, -271, -271, -271, -271, -271,
+ /*    50 */  -271, -271, -271, -271, -271, -271, -271, -271, -271, -271,
+ /*    60 */  -271, -271, -271, -271, -271, -271, -271, -271, -271, -271,
+ /*    70 */  -271, -271, -271, -271, -271, -271, -271, -271, -271,   80,
+ /*    80 */    83,  313,  886,  888,  918,  938, 1021, 1034, 1036, 1141,
+ /*    90 */  1159, 1163, 1166, 1168, 1170, 1176, 1178, 1180, 1184, 1196,
+ /*   100 */  1198, 1205, 1215, 1225, 1227, 1236, 1252, 1254, 1264, 1303,
+ /*   110 */  1309, 1312, 1322, 1325, 1328, 1337, 1340, 1343, 1353, 1371,
+ /*   120 */  1373, 1384, 1386, 1411, 1413, 1420, 1424, 1426, 1458, 1470,
+ /*   130 */  1473, -271, -271, -271, -271, -271, -271, -271, -271, -271,
+ /*   140 */  -271, -271,  138,  459,  396, -158,  470,  302, -212,  521,
+ /*   150 */   201, -195,  -92,  559,  630,  632,  630, -271,  632,  901,
+ /*   160 */    63,  407,  670, -271, -271, -271, -271,  161,  161,  161,
+ /*   170 */   251,  335,  847,  979, 1097,  537,  588,  618,  628,  688,
+ /*   180 */   688, -166, -161,  674,  787,  794,  799,  852,  996, -122,
+ /*   190 */   837, -120, 1018, 1035,  415, 1047, 1001,  958, 1082,  400,
+ /*   200 */  1099,  779, 1137, 1142,  263, 1083, 1145, 1150, 1041, 1139,
+ /*   210 */   965, 1050,  362,  849,  752,  629,  675, 1162, 1173, 1090,
+ /*   220 */  1195, -194,   56,  185, -135,  232,  522,  560,  571,  601,
+ /*   230 */   617,  669,  683,  711,  850,  893, 1000, 1040, 1049, 1081,
+ /*   240 */  1087, 1101,  392, 1114, 1123, 1155, 1161, 1175, 1271, 1293,
+ /*   250 */  1299, 1330, 1339, 1342, 1347,  593, 1282, 1286, 1350, 1359,
+ /*   260 */  1368, 1314, 1480, 1483, 1507, 1085, 1338, 1526, 1527, 1487,
+ /*   270 */  1531,  560, 1532, 1534, 1535, 1538, 1539, 1541, 1448, 1450,
+ /*   280 */  1496, 1484, 1485, 1489, 1490, 1314, 1496, 1496, 1504, 1536,
+ /*   290 */  1564, 1451, 1486, 1492, 1509, 1493, 1465, 1515, 1494, 1495,
+ /*   300 */  1517, 1500, 1519, 1474, 1550, 1543, 1548, 1556, 1565, 1566,
+ /*   310 */  1518, 1523, 1542, 1544, 1525, 1545, 1513, 1553, 1552, 1604,
+ /*   320 */  1508, 1510, 1608, 1609, 1520, 1528, 1612, 1540, 1559, 1560,
+ /*   330 */  1592, 1591, 1595, 1596, 1597, 1629, 1638, 1594, 1569, 1570,
+ /*   340 */  1600, 1568, 1610, 1601, 1611, 1603, 1643, 1651, 1562, 1571,
+ /*   350 */  1655, 1659, 1640, 1663, 1666, 1664, 1667, 1641, 1650, 1652,
+ /*   360 */  1653, 1647, 1656, 1657, 1658, 1668, 1672, 1681, 1649, 1682,
+ /*   370 */  1683, 1573, 1582, 1607, 1615, 1685, 1702, 1586, 1587, 1642,
+ /*   380 */  1646, 1673, 1675, 1636, 1714, 1637, 1677, 1674, 1678, 1694,
+ /*   390 */  1719, 1734, 1735, 1746, 1747, 1750, 1633, 1661, 1686, 1738,
+ /*   400 */  1728, 1733, 1736, 1737, 1740, 1726, 1730, 1742, 1743, 1748,
+ /*   410 */  1753,
 };
 static const YYACTIONTYPE yy_default[] = {
- /*     0 */  1663, 1663, 1663, 1491, 1254, 1367, 1254, 1254, 1254, 1254,
- /*    10 */  1491, 1491, 1491, 1254, 1254, 1254, 1254, 1254, 1254, 1397,
- /*    20 */  1397, 1544, 1287, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*    30 */  1254, 1254, 1254, 1254, 1254, 1490, 1254, 1254, 1254, 1254,
- /*    40 */  1578, 1578, 1254, 1254, 1254, 1254, 1254, 1563, 1562, 1254,
- /*    50 */  1254, 1254, 1406, 1254, 1413, 1254, 1254, 1254, 1254, 1254,
- /*    60 */  1492, 1493, 1254, 1254, 1254, 1543, 1545, 1508, 1420, 1419,
- /*    70 */  1418, 1417, 1526, 1385, 1411, 1404, 1408, 1487, 1488, 1486,
- /*    80 */  1641, 1493, 1492, 1254, 1407, 1455, 1471, 1454, 1254, 1254,
- /*    90 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   100 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   110 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   120 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   130 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   140 */  1463, 1470, 1469, 1468, 1477, 1467, 1464, 1457, 1456, 1458,
- /*   150 */  1459, 1278, 1254, 1275, 1329, 1254, 1254, 1254, 1254, 1254,
- /*   160 */  1460, 1287, 1448, 1447, 1446, 1254, 1474, 1461, 1473, 1472,
- /*   170 */  1551, 1615, 1614, 1509, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   180 */  1578, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   190 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   200 */  1254, 1254, 1254, 1387, 1578, 1578, 1254, 1287, 1578, 1578,
- /*   210 */  1388, 1388, 1283, 1283, 1391, 1558, 1358, 1358, 1358, 1358,
- /*   220 */  1367, 1358, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   230 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1548, 1546, 1254,
- /*   240 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   250 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   260 */  1254, 1254, 1254, 1254, 1254, 1254, 1363, 1254, 1254, 1254,
- /*   270 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1608, 1254,
- /*   280 */  1521, 1343, 1363, 1363, 1363, 1363, 1365, 1344, 1342, 1357,
- /*   290 */  1288, 1261, 1655, 1423, 1412, 1364, 1412, 1652, 1410, 1423,
- /*   300 */  1423, 1410, 1423, 1364, 1652, 1304, 1630, 1299, 1397, 1397,
- /*   310 */  1397, 1387, 1387, 1387, 1387, 1391, 1391, 1489, 1364, 1357,
- /*   320 */  1254, 1655, 1655, 1373, 1373, 1654, 1654, 1373, 1509, 1638,
- /*   330 */  1432, 1332, 1338, 1338, 1338, 1338, 1373, 1272, 1410, 1638,
- /*   340 */  1638, 1410, 1432, 1332, 1410, 1332, 1410, 1373, 1272, 1525,
- /*   350 */  1649, 1373, 1272, 1499, 1373, 1272, 1373, 1272, 1499, 1330,
- /*   360 */  1330, 1330, 1319, 1254, 1254, 1499, 1330, 1304, 1330, 1319,
- /*   370 */  1330, 1330, 1596, 1254, 1503, 1503, 1499, 1373, 1588, 1588,
- /*   380 */  1400, 1400, 1405, 1391, 1494, 1373, 1254, 1405, 1403, 1401,
- /*   390 */  1410, 1322, 1611, 1611, 1607, 1607, 1607, 1660, 1660, 1558,
- /*   400 */  1623, 1287, 1287, 1287, 1287, 1623, 1306, 1306, 1288, 1288,
- /*   410 */  1287, 1623, 1254, 1254, 1254, 1254, 1254, 1254, 1618, 1254,
- /*   420 */  1553, 1510, 1377, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   430 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1564,
- /*   440 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   450 */  1254, 1437, 1254, 1257, 1555, 1254, 1254, 1254, 1254, 1254,
- /*   460 */  1254, 1254, 1254, 1414, 1415, 1378, 1254, 1254, 1254, 1254,
- /*   470 */  1254, 1254, 1254, 1429, 1254, 1254, 1254, 1424, 1254, 1254,
- /*   480 */  1254, 1254, 1254, 1254, 1254, 1254, 1651, 1254, 1254, 1254,
- /*   490 */  1254, 1254, 1254, 1524, 1523, 1254, 1254, 1375, 1254, 1254,
- /*   500 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   510 */  1254, 1302, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   520 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   530 */  1254, 1254, 1254, 1254, 1254, 1402, 1254, 1254, 1254, 1254,
- /*   540 */  1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   550 */  1593, 1392, 1254, 1254, 1254, 1254, 1642, 1254, 1254, 1254,
- /*   560 */  1254, 1352, 1254, 1254, 1254, 1254, 1254, 1254, 1254, 1254,
- /*   570 */  1254, 1254, 1254, 1634, 1346, 1438, 1254, 1441, 1276, 1254,
- /*   580 */  1266, 1254, 1254,
+ /*     0 */  1648, 1648, 1648, 1478, 1243, 1354, 1243, 1243, 1243, 1478,
+ /*    10 */  1478, 1478, 1243, 1384, 1384, 1531, 1276, 1243, 1243, 1243,
+ /*    20 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1477, 1243,
+ /*    30 */  1243, 1243, 1243, 1564, 1564, 1243, 1243, 1243, 1243, 1243,
+ /*    40 */  1243, 1243, 1243, 1393, 1243, 1400, 1243, 1243, 1243, 1243,
+ /*    50 */  1243, 1479, 1480, 1243, 1243, 1243, 1530, 1532, 1495, 1407,
+ /*    60 */  1406, 1405, 1404, 1513, 1372, 1398, 1391, 1395, 1474, 1475,
+ /*    70 */  1473, 1626, 1480, 1479, 1243, 1394, 1442, 1458, 1441, 1243,
+ /*    80 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*    90 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   100 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   110 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   120 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   130 */  1243, 1450, 1457, 1456, 1455, 1464, 1454, 1451, 1444, 1443,
+ /*   140 */  1445, 1446, 1243, 1243, 1267, 1243, 1243, 1264, 1318, 1243,
+ /*   150 */  1243, 1243, 1243, 1243, 1550, 1549, 1243, 1447, 1243, 1276,
+ /*   160 */  1435, 1434, 1433, 1461, 1448, 1460, 1459, 1538, 1600, 1599,
+ /*   170 */  1496, 1243, 1243, 1243, 1243, 1243, 1243, 1564, 1243, 1243,
+ /*   180 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   190 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   200 */  1243, 1374, 1564, 1564, 1243, 1276, 1564, 1564, 1375, 1375,
+ /*   210 */  1272, 1272, 1378, 1243, 1545, 1345, 1345, 1345, 1345, 1354,
+ /*   220 */  1345, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   230 */  1243, 1243, 1243, 1243, 1243, 1243, 1535, 1533, 1243, 1243,
+ /*   240 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   250 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   260 */  1243, 1243, 1243, 1243, 1243, 1350, 1243, 1243, 1243, 1243,
+ /*   270 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1593, 1243, 1508,
+ /*   280 */  1332, 1350, 1350, 1350, 1350, 1352, 1333, 1331, 1344, 1277,
+ /*   290 */  1250, 1640, 1410, 1399, 1351, 1399, 1637, 1397, 1410, 1410,
+ /*   300 */  1397, 1410, 1351, 1637, 1293, 1615, 1288, 1384, 1384, 1384,
+ /*   310 */  1374, 1374, 1374, 1374, 1378, 1378, 1476, 1351, 1344, 1243,
+ /*   320 */  1640, 1640, 1360, 1360, 1639, 1639, 1360, 1496, 1623, 1419,
+ /*   330 */  1321, 1327, 1327, 1327, 1327, 1360, 1261, 1397, 1623, 1623,
+ /*   340 */  1397, 1419, 1321, 1397, 1321, 1397, 1360, 1261, 1512, 1634,
+ /*   350 */  1360, 1261, 1486, 1360, 1261, 1360, 1261, 1486, 1319, 1319,
+ /*   360 */  1319, 1308, 1243, 1243, 1486, 1319, 1293, 1319, 1308, 1319,
+ /*   370 */  1319, 1582, 1243, 1490, 1490, 1486, 1360, 1574, 1574, 1387,
+ /*   380 */  1387, 1392, 1378, 1481, 1360, 1243, 1392, 1390, 1388, 1397,
+ /*   390 */  1311, 1596, 1596, 1592, 1592, 1592, 1645, 1645, 1545, 1608,
+ /*   400 */  1276, 1276, 1276, 1276, 1608, 1295, 1295, 1277, 1277, 1276,
+ /*   410 */  1608, 1243, 1243, 1243, 1243, 1243, 1243, 1603, 1243, 1540,
+ /*   420 */  1497, 1364, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   430 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1551, 1243,
+ /*   440 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1424,
+ /*   450 */  1243, 1246, 1542, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   460 */  1243, 1401, 1402, 1365, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   470 */  1243, 1416, 1243, 1243, 1243, 1411, 1243, 1243, 1243, 1243,
+ /*   480 */  1243, 1243, 1243, 1243, 1636, 1243, 1243, 1243, 1243, 1243,
+ /*   490 */  1243, 1511, 1510, 1243, 1243, 1362, 1243, 1243, 1243, 1243,
+ /*   500 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1291,
+ /*   510 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   520 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   530 */  1243, 1243, 1243, 1389, 1243, 1243, 1243, 1243, 1243, 1243,
+ /*   540 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1579, 1379,
+ /*   550 */  1243, 1243, 1243, 1243, 1627, 1243, 1243, 1243, 1243, 1243,
+ /*   560 */  1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1243, 1619,
+ /*   570 */  1335, 1425, 1243, 1428, 1265, 1243, 1255, 1243, 1243,
 };
 /********** End of lemon-generated parsing tables *****************************/
 
@@ -173893,8 +172302,8 @@ static const YYCODETYPE yyFallback[] = {
     0,  /*  TRUEFALSE => nothing */
     0,  /*      ISNOT => nothing */
     0,  /*   FUNCTION => nothing */
-    0,  /*      UPLUS => nothing */
     0,  /*     UMINUS => nothing */
+    0,  /*      UPLUS => nothing */
     0,  /*      TRUTH => nothing */
     0,  /*   REGISTER => nothing */
     0,  /*     VECTOR => nothing */
@@ -173903,7 +172312,6 @@ static const YYCODETYPE yyFallback[] = {
     0,  /*   ASTERISK => nothing */
     0,  /*       SPAN => nothing */
     0,  /*      ERROR => nothing */
-    0,  /*    QNUMBER => nothing */
     0,  /*      SPACE => nothing */
     0,  /*    ILLEGAL => nothing */
 };
@@ -173946,9 +172354,14 @@ struct yyParser {
 #endif
   sqlite3ParserARG_SDECL                /* A place to hold %extra_argument */
   sqlite3ParserCTX_SDECL                /* A place to hold %extra_context */
-  yyStackEntry *yystackEnd;           /* Last entry in the stack */
-  yyStackEntry *yystack;              /* The parser stack */
-  yyStackEntry yystk0[YYSTACKDEPTH];  /* Initial stack space */
+#if YYSTACKDEPTH<=0
+  int yystksz;                  /* Current side of the stack */
+  yyStackEntry *yystack;        /* The parser's stack */
+  yyStackEntry yystk0;          /* First stack entry */
+#else
+  yyStackEntry yystack[YYSTACKDEPTH];  /* The parser's stack */
+  yyStackEntry *yystackEnd;            /* Last entry in the stack */
+#endif
 };
 typedef struct yyParser yyParser;
 
@@ -174162,8 +172575,8 @@ static const char *const yyTokenName[] = {
   /*  170 */ "TRUEFALSE",
   /*  171 */ "ISNOT",
   /*  172 */ "FUNCTION",
-  /*  173 */ "UPLUS",
-  /*  174 */ "UMINUS",
+  /*  173 */ "UMINUS",
+  /*  174 */ "UPLUS",
   /*  175 */ "TRUTH",
   /*  176 */ "REGISTER",
   /*  177 */ "VECTOR",
@@ -174172,145 +172585,142 @@ static const char *const yyTokenName[] = {
   /*  180 */ "ASTERISK",
   /*  181 */ "SPAN",
   /*  182 */ "ERROR",
-  /*  183 */ "QNUMBER",
-  /*  184 */ "SPACE",
-  /*  185 */ "ILLEGAL",
-  /*  186 */ "input",
-  /*  187 */ "cmdlist",
-  /*  188 */ "ecmd",
-  /*  189 */ "cmdx",
-  /*  190 */ "explain",
-  /*  191 */ "cmd",
-  /*  192 */ "transtype",
-  /*  193 */ "trans_opt",
-  /*  194 */ "nm",
-  /*  195 */ "savepoint_opt",
-  /*  196 */ "create_table",
-  /*  197 */ "create_table_args",
-  /*  198 */ "createkw",
-  /*  199 */ "temp",
-  /*  200 */ "ifnotexists",
-  /*  201 */ "dbnm",
-  /*  202 */ "columnlist",
-  /*  203 */ "conslist_opt",
-  /*  204 */ "table_option_set",
-  /*  205 */ "select",
-  /*  206 */ "table_option",
-  /*  207 */ "columnname",
-  /*  208 */ "carglist",
-  /*  209 */ "typetoken",
-  /*  210 */ "typename",
-  /*  211 */ "signed",
-  /*  212 */ "plus_num",
-  /*  213 */ "minus_num",
-  /*  214 */ "scanpt",
-  /*  215 */ "scantok",
-  /*  216 */ "ccons",
-  /*  217 */ "term",
-  /*  218 */ "expr",
-  /*  219 */ "onconf",
-  /*  220 */ "sortorder",
-  /*  221 */ "autoinc",
-  /*  222 */ "eidlist_opt",
-  /*  223 */ "refargs",
-  /*  224 */ "defer_subclause",
-  /*  225 */ "generated",
-  /*  226 */ "refarg",
-  /*  227 */ "refact",
-  /*  228 */ "init_deferred_pred_opt",
-  /*  229 */ "conslist",
-  /*  230 */ "tconscomma",
-  /*  231 */ "tcons",
-  /*  232 */ "sortlist",
-  /*  233 */ "eidlist",
-  /*  234 */ "defer_subclause_opt",
-  /*  235 */ "orconf",
-  /*  236 */ "resolvetype",
-  /*  237 */ "raisetype",
-  /*  238 */ "ifexists",
-  /*  239 */ "fullname",
-  /*  240 */ "selectnowith",
-  /*  241 */ "oneselect",
-  /*  242 */ "wqlist",
-  /*  243 */ "multiselect_op",
-  /*  244 */ "distinct",
-  /*  245 */ "selcollist",
-  /*  246 */ "from",
-  /*  247 */ "where_opt",
-  /*  248 */ "groupby_opt",
-  /*  249 */ "having_opt",
-  /*  250 */ "orderby_opt",
-  /*  251 */ "limit_opt",
-  /*  252 */ "window_clause",
-  /*  253 */ "values",
-  /*  254 */ "nexprlist",
-  /*  255 */ "mvalues",
-  /*  256 */ "sclp",
-  /*  257 */ "as",
-  /*  258 */ "seltablist",
-  /*  259 */ "stl_prefix",
-  /*  260 */ "joinop",
-  /*  261 */ "on_using",
-  /*  262 */ "indexed_by",
-  /*  263 */ "exprlist",
-  /*  264 */ "xfullname",
-  /*  265 */ "idlist",
-  /*  266 */ "indexed_opt",
-  /*  267 */ "nulls",
-  /*  268 */ "with",
-  /*  269 */ "where_opt_ret",
-  /*  270 */ "setlist",
-  /*  271 */ "insert_cmd",
-  /*  272 */ "idlist_opt",
-  /*  273 */ "upsert",
-  /*  274 */ "returning",
-  /*  275 */ "filter_over",
-  /*  276 */ "likeop",
-  /*  277 */ "between_op",
-  /*  278 */ "in_op",
-  /*  279 */ "paren_exprlist",
-  /*  280 */ "case_operand",
-  /*  281 */ "case_exprlist",
-  /*  282 */ "case_else",
-  /*  283 */ "uniqueflag",
-  /*  284 */ "collate",
-  /*  285 */ "vinto",
-  /*  286 */ "nmnum",
-  /*  287 */ "trigger_decl",
-  /*  288 */ "trigger_cmd_list",
-  /*  289 */ "trigger_time",
-  /*  290 */ "trigger_event",
-  /*  291 */ "foreach_clause",
-  /*  292 */ "when_clause",
-  /*  293 */ "trigger_cmd",
-  /*  294 */ "trnm",
-  /*  295 */ "tridxby",
-  /*  296 */ "database_kw_opt",
-  /*  297 */ "key_opt",
-  /*  298 */ "add_column_fullname",
-  /*  299 */ "kwcolumn_opt",
-  /*  300 */ "create_vtab",
-  /*  301 */ "vtabarglist",
-  /*  302 */ "vtabarg",
-  /*  303 */ "vtabargtoken",
-  /*  304 */ "lp",
-  /*  305 */ "anylist",
-  /*  306 */ "wqitem",
-  /*  307 */ "wqas",
-  /*  308 */ "withnm",
-  /*  309 */ "windowdefn_list",
-  /*  310 */ "windowdefn",
-  /*  311 */ "window",
-  /*  312 */ "frame_opt",
-  /*  313 */ "part_opt",
-  /*  314 */ "filter_clause",
-  /*  315 */ "over_clause",
-  /*  316 */ "range_or_rows",
-  /*  317 */ "frame_bound",
-  /*  318 */ "frame_bound_s",
-  /*  319 */ "frame_bound_e",
-  /*  320 */ "frame_exclude_opt",
-  /*  321 */ "frame_exclude",
+  /*  183 */ "SPACE",
+  /*  184 */ "ILLEGAL",
+  /*  185 */ "input",
+  /*  186 */ "cmdlist",
+  /*  187 */ "ecmd",
+  /*  188 */ "cmdx",
+  /*  189 */ "explain",
+  /*  190 */ "cmd",
+  /*  191 */ "transtype",
+  /*  192 */ "trans_opt",
+  /*  193 */ "nm",
+  /*  194 */ "savepoint_opt",
+  /*  195 */ "create_table",
+  /*  196 */ "create_table_args",
+  /*  197 */ "createkw",
+  /*  198 */ "temp",
+  /*  199 */ "ifnotexists",
+  /*  200 */ "dbnm",
+  /*  201 */ "columnlist",
+  /*  202 */ "conslist_opt",
+  /*  203 */ "table_option_set",
+  /*  204 */ "select",
+  /*  205 */ "table_option",
+  /*  206 */ "columnname",
+  /*  207 */ "carglist",
+  /*  208 */ "typetoken",
+  /*  209 */ "typename",
+  /*  210 */ "signed",
+  /*  211 */ "plus_num",
+  /*  212 */ "minus_num",
+  /*  213 */ "scanpt",
+  /*  214 */ "scantok",
+  /*  215 */ "ccons",
+  /*  216 */ "term",
+  /*  217 */ "expr",
+  /*  218 */ "onconf",
+  /*  219 */ "sortorder",
+  /*  220 */ "autoinc",
+  /*  221 */ "eidlist_opt",
+  /*  222 */ "refargs",
+  /*  223 */ "defer_subclause",
+  /*  224 */ "generated",
+  /*  225 */ "refarg",
+  /*  226 */ "refact",
+  /*  227 */ "init_deferred_pred_opt",
+  /*  228 */ "conslist",
+  /*  229 */ "tconscomma",
+  /*  230 */ "tcons",
+  /*  231 */ "sortlist",
+  /*  232 */ "eidlist",
+  /*  233 */ "defer_subclause_opt",
+  /*  234 */ "orconf",
+  /*  235 */ "resolvetype",
+  /*  236 */ "raisetype",
+  /*  237 */ "ifexists",
+  /*  238 */ "fullname",
+  /*  239 */ "selectnowith",
+  /*  240 */ "oneselect",
+  /*  241 */ "wqlist",
+  /*  242 */ "multiselect_op",
+  /*  243 */ "distinct",
+  /*  244 */ "selcollist",
+  /*  245 */ "from",
+  /*  246 */ "where_opt",
+  /*  247 */ "groupby_opt",
+  /*  248 */ "having_opt",
+  /*  249 */ "orderby_opt",
+  /*  250 */ "limit_opt",
+  /*  251 */ "window_clause",
+  /*  252 */ "values",
+  /*  253 */ "nexprlist",
+  /*  254 */ "sclp",
+  /*  255 */ "as",
+  /*  256 */ "seltablist",
+  /*  257 */ "stl_prefix",
+  /*  258 */ "joinop",
+  /*  259 */ "on_using",
+  /*  260 */ "indexed_by",
+  /*  261 */ "exprlist",
+  /*  262 */ "xfullname",
+  /*  263 */ "idlist",
+  /*  264 */ "indexed_opt",
+  /*  265 */ "nulls",
+  /*  266 */ "with",
+  /*  267 */ "where_opt_ret",
+  /*  268 */ "setlist",
+  /*  269 */ "insert_cmd",
+  /*  270 */ "idlist_opt",
+  /*  271 */ "upsert",
+  /*  272 */ "returning",
+  /*  273 */ "filter_over",
+  /*  274 */ "likeop",
+  /*  275 */ "between_op",
+  /*  276 */ "in_op",
+  /*  277 */ "paren_exprlist",
+  /*  278 */ "case_operand",
+  /*  279 */ "case_exprlist",
+  /*  280 */ "case_else",
+  /*  281 */ "uniqueflag",
+  /*  282 */ "collate",
+  /*  283 */ "vinto",
+  /*  284 */ "nmnum",
+  /*  285 */ "trigger_decl",
+  /*  286 */ "trigger_cmd_list",
+  /*  287 */ "trigger_time",
+  /*  288 */ "trigger_event",
+  /*  289 */ "foreach_clause",
+  /*  290 */ "when_clause",
+  /*  291 */ "trigger_cmd",
+  /*  292 */ "trnm",
+  /*  293 */ "tridxby",
+  /*  294 */ "database_kw_opt",
+  /*  295 */ "key_opt",
+  /*  296 */ "add_column_fullname",
+  /*  297 */ "kwcolumn_opt",
+  /*  298 */ "create_vtab",
+  /*  299 */ "vtabarglist",
+  /*  300 */ "vtabarg",
+  /*  301 */ "vtabargtoken",
+  /*  302 */ "lp",
+  /*  303 */ "anylist",
+  /*  304 */ "wqitem",
+  /*  305 */ "wqas",
+  /*  306 */ "windowdefn_list",
+  /*  307 */ "windowdefn",
+  /*  308 */ "window",
+  /*  309 */ "frame_opt",
+  /*  310 */ "part_opt",
+  /*  311 */ "filter_clause",
+  /*  312 */ "over_clause",
+  /*  313 */ "range_or_rows",
+  /*  314 */ "frame_bound",
+  /*  315 */ "frame_bound_s",
+  /*  316 */ "frame_bound_e",
+  /*  317 */ "frame_exclude_opt",
+  /*  318 */ "frame_exclude",
 };
 #endif /* defined(YYCOVERAGE) || !defined(NDEBUG) */
 
@@ -174413,363 +172823,351 @@ static const char *const yyRuleName[] = {
  /*  92 */ "oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt",
  /*  93 */ "oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt",
  /*  94 */ "values ::= VALUES LP nexprlist RP",
- /*  95 */ "oneselect ::= mvalues",
- /*  96 */ "mvalues ::= values COMMA LP nexprlist RP",
- /*  97 */ "mvalues ::= mvalues COMMA LP nexprlist RP",
- /*  98 */ "distinct ::= DISTINCT",
- /*  99 */ "distinct ::= ALL",
- /* 100 */ "distinct ::=",
- /* 101 */ "sclp ::=",
- /* 102 */ "selcollist ::= sclp scanpt expr scanpt as",
- /* 103 */ "selcollist ::= sclp scanpt STAR",
- /* 104 */ "selcollist ::= sclp scanpt nm DOT STAR",
- /* 105 */ "as ::= AS nm",
- /* 106 */ "as ::=",
- /* 107 */ "from ::=",
- /* 108 */ "from ::= FROM seltablist",
- /* 109 */ "stl_prefix ::= seltablist joinop",
- /* 110 */ "stl_prefix ::=",
- /* 111 */ "seltablist ::= stl_prefix nm dbnm as on_using",
- /* 112 */ "seltablist ::= stl_prefix nm dbnm as indexed_by on_using",
- /* 113 */ "seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using",
- /* 114 */ "seltablist ::= stl_prefix LP select RP as on_using",
- /* 115 */ "seltablist ::= stl_prefix LP seltablist RP as on_using",
- /* 116 */ "dbnm ::=",
- /* 117 */ "dbnm ::= DOT nm",
- /* 118 */ "fullname ::= nm",
- /* 119 */ "fullname ::= nm DOT nm",
- /* 120 */ "xfullname ::= nm",
- /* 121 */ "xfullname ::= nm DOT nm",
- /* 122 */ "xfullname ::= nm DOT nm AS nm",
- /* 123 */ "xfullname ::= nm AS nm",
- /* 124 */ "joinop ::= COMMA|JOIN",
- /* 125 */ "joinop ::= JOIN_KW JOIN",
- /* 126 */ "joinop ::= JOIN_KW nm JOIN",
- /* 127 */ "joinop ::= JOIN_KW nm nm JOIN",
- /* 128 */ "on_using ::= ON expr",
- /* 129 */ "on_using ::= USING LP idlist RP",
- /* 130 */ "on_using ::=",
- /* 131 */ "indexed_opt ::=",
- /* 132 */ "indexed_by ::= INDEXED BY nm",
- /* 133 */ "indexed_by ::= NOT INDEXED",
- /* 134 */ "orderby_opt ::=",
- /* 135 */ "orderby_opt ::= ORDER BY sortlist",
- /* 136 */ "sortlist ::= sortlist COMMA expr sortorder nulls",
- /* 137 */ "sortlist ::= expr sortorder nulls",
- /* 138 */ "sortorder ::= ASC",
- /* 139 */ "sortorder ::= DESC",
- /* 140 */ "sortorder ::=",
- /* 141 */ "nulls ::= NULLS FIRST",
- /* 142 */ "nulls ::= NULLS LAST",
- /* 143 */ "nulls ::=",
- /* 144 */ "groupby_opt ::=",
- /* 145 */ "groupby_opt ::= GROUP BY nexprlist",
- /* 146 */ "having_opt ::=",
- /* 147 */ "having_opt ::= HAVING expr",
- /* 148 */ "limit_opt ::=",
- /* 149 */ "limit_opt ::= LIMIT expr",
- /* 150 */ "limit_opt ::= LIMIT expr OFFSET expr",
- /* 151 */ "limit_opt ::= LIMIT expr COMMA expr",
- /* 152 */ "cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret",
- /* 153 */ "where_opt ::=",
- /* 154 */ "where_opt ::= WHERE expr",
- /* 155 */ "where_opt_ret ::=",
- /* 156 */ "where_opt_ret ::= WHERE expr",
- /* 157 */ "where_opt_ret ::= RETURNING selcollist",
- /* 158 */ "where_opt_ret ::= WHERE expr RETURNING selcollist",
- /* 159 */ "cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret",
- /* 160 */ "setlist ::= setlist COMMA nm EQ expr",
- /* 161 */ "setlist ::= setlist COMMA LP idlist RP EQ expr",
- /* 162 */ "setlist ::= nm EQ expr",
- /* 163 */ "setlist ::= LP idlist RP EQ expr",
- /* 164 */ "cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert",
- /* 165 */ "cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning",
- /* 166 */ "upsert ::=",
- /* 167 */ "upsert ::= RETURNING selcollist",
- /* 168 */ "upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert",
- /* 169 */ "upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert",
- /* 170 */ "upsert ::= ON CONFLICT DO NOTHING returning",
- /* 171 */ "upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning",
- /* 172 */ "returning ::= RETURNING selcollist",
- /* 173 */ "insert_cmd ::= INSERT orconf",
- /* 174 */ "insert_cmd ::= REPLACE",
- /* 175 */ "idlist_opt ::=",
- /* 176 */ "idlist_opt ::= LP idlist RP",
- /* 177 */ "idlist ::= idlist COMMA nm",
- /* 178 */ "idlist ::= nm",
- /* 179 */ "expr ::= LP expr RP",
- /* 180 */ "expr ::= ID|INDEXED|JOIN_KW",
- /* 181 */ "expr ::= nm DOT nm",
- /* 182 */ "expr ::= nm DOT nm DOT nm",
- /* 183 */ "term ::= NULL|FLOAT|BLOB",
- /* 184 */ "term ::= STRING",
- /* 185 */ "term ::= INTEGER",
- /* 186 */ "expr ::= VARIABLE",
- /* 187 */ "expr ::= expr COLLATE ID|STRING",
- /* 188 */ "expr ::= CAST LP expr AS typetoken RP",
- /* 189 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP",
- /* 190 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP",
- /* 191 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP",
- /* 192 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over",
- /* 193 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over",
- /* 194 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over",
- /* 195 */ "term ::= CTIME_KW",
- /* 196 */ "expr ::= LP nexprlist COMMA expr RP",
- /* 197 */ "expr ::= expr AND expr",
- /* 198 */ "expr ::= expr OR expr",
- /* 199 */ "expr ::= expr LT|GT|GE|LE expr",
- /* 200 */ "expr ::= expr EQ|NE expr",
- /* 201 */ "expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr",
- /* 202 */ "expr ::= expr PLUS|MINUS expr",
- /* 203 */ "expr ::= expr STAR|SLASH|REM expr",
- /* 204 */ "expr ::= expr CONCAT expr",
- /* 205 */ "likeop ::= NOT LIKE_KW|MATCH",
- /* 206 */ "expr ::= expr likeop expr",
- /* 207 */ "expr ::= expr likeop expr ESCAPE expr",
- /* 208 */ "expr ::= expr ISNULL|NOTNULL",
- /* 209 */ "expr ::= expr NOT NULL",
- /* 210 */ "expr ::= expr IS expr",
- /* 211 */ "expr ::= expr IS NOT expr",
- /* 212 */ "expr ::= expr IS NOT DISTINCT FROM expr",
- /* 213 */ "expr ::= expr IS DISTINCT FROM expr",
- /* 214 */ "expr ::= NOT expr",
- /* 215 */ "expr ::= BITNOT expr",
- /* 216 */ "expr ::= PLUS|MINUS expr",
- /* 217 */ "expr ::= expr PTR expr",
- /* 218 */ "between_op ::= BETWEEN",
- /* 219 */ "between_op ::= NOT BETWEEN",
- /* 220 */ "expr ::= expr between_op expr AND expr",
- /* 221 */ "in_op ::= IN",
- /* 222 */ "in_op ::= NOT IN",
- /* 223 */ "expr ::= expr in_op LP exprlist RP",
- /* 224 */ "expr ::= LP select RP",
- /* 225 */ "expr ::= expr in_op LP select RP",
- /* 226 */ "expr ::= expr in_op nm dbnm paren_exprlist",
- /* 227 */ "expr ::= EXISTS LP select RP",
- /* 228 */ "expr ::= CASE case_operand case_exprlist case_else END",
- /* 229 */ "case_exprlist ::= case_exprlist WHEN expr THEN expr",
- /* 230 */ "case_exprlist ::= WHEN expr THEN expr",
- /* 231 */ "case_else ::= ELSE expr",
- /* 232 */ "case_else ::=",
- /* 233 */ "case_operand ::=",
- /* 234 */ "exprlist ::=",
- /* 235 */ "nexprlist ::= nexprlist COMMA expr",
- /* 236 */ "nexprlist ::= expr",
- /* 237 */ "paren_exprlist ::=",
- /* 238 */ "paren_exprlist ::= LP exprlist RP",
- /* 239 */ "cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt",
- /* 240 */ "uniqueflag ::= UNIQUE",
- /* 241 */ "uniqueflag ::=",
- /* 242 */ "eidlist_opt ::=",
- /* 243 */ "eidlist_opt ::= LP eidlist RP",
- /* 244 */ "eidlist ::= eidlist COMMA nm collate sortorder",
- /* 245 */ "eidlist ::= nm collate sortorder",
- /* 246 */ "collate ::=",
- /* 247 */ "collate ::= COLLATE ID|STRING",
- /* 248 */ "cmd ::= DROP INDEX ifexists fullname",
- /* 249 */ "cmd ::= VACUUM vinto",
- /* 250 */ "cmd ::= VACUUM nm vinto",
- /* 251 */ "vinto ::= INTO expr",
- /* 252 */ "vinto ::=",
- /* 253 */ "cmd ::= PRAGMA nm dbnm",
- /* 254 */ "cmd ::= PRAGMA nm dbnm EQ nmnum",
- /* 255 */ "cmd ::= PRAGMA nm dbnm LP nmnum RP",
- /* 256 */ "cmd ::= PRAGMA nm dbnm EQ minus_num",
- /* 257 */ "cmd ::= PRAGMA nm dbnm LP minus_num RP",
- /* 258 */ "plus_num ::= PLUS INTEGER|FLOAT",
- /* 259 */ "minus_num ::= MINUS INTEGER|FLOAT",
- /* 260 */ "cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END",
- /* 261 */ "trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause",
- /* 262 */ "trigger_time ::= BEFORE|AFTER",
- /* 263 */ "trigger_time ::= INSTEAD OF",
- /* 264 */ "trigger_time ::=",
- /* 265 */ "trigger_event ::= DELETE|INSERT",
- /* 266 */ "trigger_event ::= UPDATE",
- /* 267 */ "trigger_event ::= UPDATE OF idlist",
- /* 268 */ "when_clause ::=",
- /* 269 */ "when_clause ::= WHEN expr",
- /* 270 */ "trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI",
- /* 271 */ "trigger_cmd_list ::= trigger_cmd SEMI",
- /* 272 */ "trnm ::= nm DOT nm",
- /* 273 */ "tridxby ::= INDEXED BY nm",
- /* 274 */ "tridxby ::= NOT INDEXED",
- /* 275 */ "trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt",
- /* 276 */ "trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt",
- /* 277 */ "trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt",
- /* 278 */ "trigger_cmd ::= scanpt select scanpt",
- /* 279 */ "expr ::= RAISE LP IGNORE RP",
- /* 280 */ "expr ::= RAISE LP raisetype COMMA nm RP",
- /* 281 */ "raisetype ::= ROLLBACK",
- /* 282 */ "raisetype ::= ABORT",
- /* 283 */ "raisetype ::= FAIL",
- /* 284 */ "cmd ::= DROP TRIGGER ifexists fullname",
- /* 285 */ "cmd ::= ATTACH database_kw_opt expr AS expr key_opt",
- /* 286 */ "cmd ::= DETACH database_kw_opt expr",
- /* 287 */ "key_opt ::=",
- /* 288 */ "key_opt ::= KEY expr",
- /* 289 */ "cmd ::= REINDEX",
- /* 290 */ "cmd ::= REINDEX nm dbnm",
- /* 291 */ "cmd ::= ANALYZE",
- /* 292 */ "cmd ::= ANALYZE nm dbnm",
- /* 293 */ "cmd ::= ALTER TABLE fullname RENAME TO nm",
- /* 294 */ "cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist",
- /* 295 */ "cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm",
- /* 296 */ "add_column_fullname ::= fullname",
- /* 297 */ "cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm",
- /* 298 */ "cmd ::= create_vtab",
- /* 299 */ "cmd ::= create_vtab LP vtabarglist RP",
- /* 300 */ "create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm",
- /* 301 */ "vtabarg ::=",
- /* 302 */ "vtabargtoken ::= ANY",
- /* 303 */ "vtabargtoken ::= lp anylist RP",
- /* 304 */ "lp ::= LP",
- /* 305 */ "with ::= WITH wqlist",
- /* 306 */ "with ::= WITH RECURSIVE wqlist",
- /* 307 */ "wqas ::= AS",
- /* 308 */ "wqas ::= AS MATERIALIZED",
- /* 309 */ "wqas ::= AS NOT MATERIALIZED",
- /* 310 */ "wqitem ::= withnm eidlist_opt wqas LP select RP",
- /* 311 */ "withnm ::= nm",
- /* 312 */ "wqlist ::= wqitem",
- /* 313 */ "wqlist ::= wqlist COMMA wqitem",
- /* 314 */ "windowdefn_list ::= windowdefn_list COMMA windowdefn",
- /* 315 */ "windowdefn ::= nm AS LP window RP",
- /* 316 */ "window ::= PARTITION BY nexprlist orderby_opt frame_opt",
- /* 317 */ "window ::= nm PARTITION BY nexprlist orderby_opt frame_opt",
- /* 318 */ "window ::= ORDER BY sortlist frame_opt",
- /* 319 */ "window ::= nm ORDER BY sortlist frame_opt",
- /* 320 */ "window ::= nm frame_opt",
- /* 321 */ "frame_opt ::=",
- /* 322 */ "frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt",
- /* 323 */ "frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt",
- /* 324 */ "range_or_rows ::= RANGE|ROWS|GROUPS",
- /* 325 */ "frame_bound_s ::= frame_bound",
- /* 326 */ "frame_bound_s ::= UNBOUNDED PRECEDING",
- /* 327 */ "frame_bound_e ::= frame_bound",
- /* 328 */ "frame_bound_e ::= UNBOUNDED FOLLOWING",
- /* 329 */ "frame_bound ::= expr PRECEDING|FOLLOWING",
- /* 330 */ "frame_bound ::= CURRENT ROW",
- /* 331 */ "frame_exclude_opt ::=",
- /* 332 */ "frame_exclude_opt ::= EXCLUDE frame_exclude",
- /* 333 */ "frame_exclude ::= NO OTHERS",
- /* 334 */ "frame_exclude ::= CURRENT ROW",
- /* 335 */ "frame_exclude ::= GROUP|TIES",
- /* 336 */ "window_clause ::= WINDOW windowdefn_list",
- /* 337 */ "filter_over ::= filter_clause over_clause",
- /* 338 */ "filter_over ::= over_clause",
- /* 339 */ "filter_over ::= filter_clause",
- /* 340 */ "over_clause ::= OVER LP window RP",
- /* 341 */ "over_clause ::= OVER nm",
- /* 342 */ "filter_clause ::= FILTER LP WHERE expr RP",
- /* 343 */ "term ::= QNUMBER",
- /* 344 */ "input ::= cmdlist",
- /* 345 */ "cmdlist ::= cmdlist ecmd",
- /* 346 */ "cmdlist ::= ecmd",
- /* 347 */ "ecmd ::= SEMI",
- /* 348 */ "ecmd ::= cmdx SEMI",
- /* 349 */ "ecmd ::= explain cmdx SEMI",
- /* 350 */ "trans_opt ::=",
- /* 351 */ "trans_opt ::= TRANSACTION",
- /* 352 */ "trans_opt ::= TRANSACTION nm",
- /* 353 */ "savepoint_opt ::= SAVEPOINT",
- /* 354 */ "savepoint_opt ::=",
- /* 355 */ "cmd ::= create_table create_table_args",
- /* 356 */ "table_option_set ::= table_option",
- /* 357 */ "columnlist ::= columnlist COMMA columnname carglist",
- /* 358 */ "columnlist ::= columnname carglist",
- /* 359 */ "nm ::= ID|INDEXED|JOIN_KW",
- /* 360 */ "nm ::= STRING",
- /* 361 */ "typetoken ::= typename",
- /* 362 */ "typename ::= ID|STRING",
- /* 363 */ "signed ::= plus_num",
- /* 364 */ "signed ::= minus_num",
- /* 365 */ "carglist ::= carglist ccons",
- /* 366 */ "carglist ::=",
- /* 367 */ "ccons ::= NULL onconf",
- /* 368 */ "ccons ::= GENERATED ALWAYS AS generated",
- /* 369 */ "ccons ::= AS generated",
- /* 370 */ "conslist_opt ::= COMMA conslist",
- /* 371 */ "conslist ::= conslist tconscomma tcons",
- /* 372 */ "conslist ::= tcons",
- /* 373 */ "tconscomma ::=",
- /* 374 */ "defer_subclause_opt ::= defer_subclause",
- /* 375 */ "resolvetype ::= raisetype",
- /* 376 */ "selectnowith ::= oneselect",
- /* 377 */ "oneselect ::= values",
- /* 378 */ "sclp ::= selcollist COMMA",
- /* 379 */ "as ::= ID|STRING",
- /* 380 */ "indexed_opt ::= indexed_by",
- /* 381 */ "returning ::=",
- /* 382 */ "expr ::= term",
- /* 383 */ "likeop ::= LIKE_KW|MATCH",
- /* 384 */ "case_operand ::= expr",
- /* 385 */ "exprlist ::= nexprlist",
- /* 386 */ "nmnum ::= plus_num",
- /* 387 */ "nmnum ::= nm",
- /* 388 */ "nmnum ::= ON",
- /* 389 */ "nmnum ::= DELETE",
- /* 390 */ "nmnum ::= DEFAULT",
- /* 391 */ "plus_num ::= INTEGER|FLOAT",
- /* 392 */ "foreach_clause ::=",
- /* 393 */ "foreach_clause ::= FOR EACH ROW",
- /* 394 */ "trnm ::= nm",
- /* 395 */ "tridxby ::=",
- /* 396 */ "database_kw_opt ::= DATABASE",
- /* 397 */ "database_kw_opt ::=",
- /* 398 */ "kwcolumn_opt ::=",
- /* 399 */ "kwcolumn_opt ::= COLUMNKW",
- /* 400 */ "vtabarglist ::= vtabarg",
- /* 401 */ "vtabarglist ::= vtabarglist COMMA vtabarg",
- /* 402 */ "vtabarg ::= vtabarg vtabargtoken",
- /* 403 */ "anylist ::=",
- /* 404 */ "anylist ::= anylist LP anylist RP",
- /* 405 */ "anylist ::= anylist ANY",
- /* 406 */ "with ::=",
- /* 407 */ "windowdefn_list ::= windowdefn",
- /* 408 */ "window ::= frame_opt",
+ /*  95 */ "values ::= values COMMA LP nexprlist RP",
+ /*  96 */ "distinct ::= DISTINCT",
+ /*  97 */ "distinct ::= ALL",
+ /*  98 */ "distinct ::=",
+ /*  99 */ "sclp ::=",
+ /* 100 */ "selcollist ::= sclp scanpt expr scanpt as",
+ /* 101 */ "selcollist ::= sclp scanpt STAR",
+ /* 102 */ "selcollist ::= sclp scanpt nm DOT STAR",
+ /* 103 */ "as ::= AS nm",
+ /* 104 */ "as ::=",
+ /* 105 */ "from ::=",
+ /* 106 */ "from ::= FROM seltablist",
+ /* 107 */ "stl_prefix ::= seltablist joinop",
+ /* 108 */ "stl_prefix ::=",
+ /* 109 */ "seltablist ::= stl_prefix nm dbnm as on_using",
+ /* 110 */ "seltablist ::= stl_prefix nm dbnm as indexed_by on_using",
+ /* 111 */ "seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using",
+ /* 112 */ "seltablist ::= stl_prefix LP select RP as on_using",
+ /* 113 */ "seltablist ::= stl_prefix LP seltablist RP as on_using",
+ /* 114 */ "dbnm ::=",
+ /* 115 */ "dbnm ::= DOT nm",
+ /* 116 */ "fullname ::= nm",
+ /* 117 */ "fullname ::= nm DOT nm",
+ /* 118 */ "xfullname ::= nm",
+ /* 119 */ "xfullname ::= nm DOT nm",
+ /* 120 */ "xfullname ::= nm DOT nm AS nm",
+ /* 121 */ "xfullname ::= nm AS nm",
+ /* 122 */ "joinop ::= COMMA|JOIN",
+ /* 123 */ "joinop ::= JOIN_KW JOIN",
+ /* 124 */ "joinop ::= JOIN_KW nm JOIN",
+ /* 125 */ "joinop ::= JOIN_KW nm nm JOIN",
+ /* 126 */ "on_using ::= ON expr",
+ /* 127 */ "on_using ::= USING LP idlist RP",
+ /* 128 */ "on_using ::=",
+ /* 129 */ "indexed_opt ::=",
+ /* 130 */ "indexed_by ::= INDEXED BY nm",
+ /* 131 */ "indexed_by ::= NOT INDEXED",
+ /* 132 */ "orderby_opt ::=",
+ /* 133 */ "orderby_opt ::= ORDER BY sortlist",
+ /* 134 */ "sortlist ::= sortlist COMMA expr sortorder nulls",
+ /* 135 */ "sortlist ::= expr sortorder nulls",
+ /* 136 */ "sortorder ::= ASC",
+ /* 137 */ "sortorder ::= DESC",
+ /* 138 */ "sortorder ::=",
+ /* 139 */ "nulls ::= NULLS FIRST",
+ /* 140 */ "nulls ::= NULLS LAST",
+ /* 141 */ "nulls ::=",
+ /* 142 */ "groupby_opt ::=",
+ /* 143 */ "groupby_opt ::= GROUP BY nexprlist",
+ /* 144 */ "having_opt ::=",
+ /* 145 */ "having_opt ::= HAVING expr",
+ /* 146 */ "limit_opt ::=",
+ /* 147 */ "limit_opt ::= LIMIT expr",
+ /* 148 */ "limit_opt ::= LIMIT expr OFFSET expr",
+ /* 149 */ "limit_opt ::= LIMIT expr COMMA expr",
+ /* 150 */ "cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret",
+ /* 151 */ "where_opt ::=",
+ /* 152 */ "where_opt ::= WHERE expr",
+ /* 153 */ "where_opt_ret ::=",
+ /* 154 */ "where_opt_ret ::= WHERE expr",
+ /* 155 */ "where_opt_ret ::= RETURNING selcollist",
+ /* 156 */ "where_opt_ret ::= WHERE expr RETURNING selcollist",
+ /* 157 */ "cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret",
+ /* 158 */ "setlist ::= setlist COMMA nm EQ expr",
+ /* 159 */ "setlist ::= setlist COMMA LP idlist RP EQ expr",
+ /* 160 */ "setlist ::= nm EQ expr",
+ /* 161 */ "setlist ::= LP idlist RP EQ expr",
+ /* 162 */ "cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert",
+ /* 163 */ "cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning",
+ /* 164 */ "upsert ::=",
+ /* 165 */ "upsert ::= RETURNING selcollist",
+ /* 166 */ "upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert",
+ /* 167 */ "upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert",
+ /* 168 */ "upsert ::= ON CONFLICT DO NOTHING returning",
+ /* 169 */ "upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning",
+ /* 170 */ "returning ::= RETURNING selcollist",
+ /* 171 */ "insert_cmd ::= INSERT orconf",
+ /* 172 */ "insert_cmd ::= REPLACE",
+ /* 173 */ "idlist_opt ::=",
+ /* 174 */ "idlist_opt ::= LP idlist RP",
+ /* 175 */ "idlist ::= idlist COMMA nm",
+ /* 176 */ "idlist ::= nm",
+ /* 177 */ "expr ::= LP expr RP",
+ /* 178 */ "expr ::= ID|INDEXED|JOIN_KW",
+ /* 179 */ "expr ::= nm DOT nm",
+ /* 180 */ "expr ::= nm DOT nm DOT nm",
+ /* 181 */ "term ::= NULL|FLOAT|BLOB",
+ /* 182 */ "term ::= STRING",
+ /* 183 */ "term ::= INTEGER",
+ /* 184 */ "expr ::= VARIABLE",
+ /* 185 */ "expr ::= expr COLLATE ID|STRING",
+ /* 186 */ "expr ::= CAST LP expr AS typetoken RP",
+ /* 187 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP",
+ /* 188 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP",
+ /* 189 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP",
+ /* 190 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over",
+ /* 191 */ "expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over",
+ /* 192 */ "expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over",
+ /* 193 */ "term ::= CTIME_KW",
+ /* 194 */ "expr ::= LP nexprlist COMMA expr RP",
+ /* 195 */ "expr ::= expr AND expr",
+ /* 196 */ "expr ::= expr OR expr",
+ /* 197 */ "expr ::= expr LT|GT|GE|LE expr",
+ /* 198 */ "expr ::= expr EQ|NE expr",
+ /* 199 */ "expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr",
+ /* 200 */ "expr ::= expr PLUS|MINUS expr",
+ /* 201 */ "expr ::= expr STAR|SLASH|REM expr",
+ /* 202 */ "expr ::= expr CONCAT expr",
+ /* 203 */ "likeop ::= NOT LIKE_KW|MATCH",
+ /* 204 */ "expr ::= expr likeop expr",
+ /* 205 */ "expr ::= expr likeop expr ESCAPE expr",
+ /* 206 */ "expr ::= expr ISNULL|NOTNULL",
+ /* 207 */ "expr ::= expr NOT NULL",
+ /* 208 */ "expr ::= expr IS expr",
+ /* 209 */ "expr ::= expr IS NOT expr",
+ /* 210 */ "expr ::= expr IS NOT DISTINCT FROM expr",
+ /* 211 */ "expr ::= expr IS DISTINCT FROM expr",
+ /* 212 */ "expr ::= NOT expr",
+ /* 213 */ "expr ::= BITNOT expr",
+ /* 214 */ "expr ::= PLUS|MINUS expr",
+ /* 215 */ "expr ::= expr PTR expr",
+ /* 216 */ "between_op ::= BETWEEN",
+ /* 217 */ "between_op ::= NOT BETWEEN",
+ /* 218 */ "expr ::= expr between_op expr AND expr",
+ /* 219 */ "in_op ::= IN",
+ /* 220 */ "in_op ::= NOT IN",
+ /* 221 */ "expr ::= expr in_op LP exprlist RP",
+ /* 222 */ "expr ::= LP select RP",
+ /* 223 */ "expr ::= expr in_op LP select RP",
+ /* 224 */ "expr ::= expr in_op nm dbnm paren_exprlist",
+ /* 225 */ "expr ::= EXISTS LP select RP",
+ /* 226 */ "expr ::= CASE case_operand case_exprlist case_else END",
+ /* 227 */ "case_exprlist ::= case_exprlist WHEN expr THEN expr",
+ /* 228 */ "case_exprlist ::= WHEN expr THEN expr",
+ /* 229 */ "case_else ::= ELSE expr",
+ /* 230 */ "case_else ::=",
+ /* 231 */ "case_operand ::=",
+ /* 232 */ "exprlist ::=",
+ /* 233 */ "nexprlist ::= nexprlist COMMA expr",
+ /* 234 */ "nexprlist ::= expr",
+ /* 235 */ "paren_exprlist ::=",
+ /* 236 */ "paren_exprlist ::= LP exprlist RP",
+ /* 237 */ "cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt",
+ /* 238 */ "uniqueflag ::= UNIQUE",
+ /* 239 */ "uniqueflag ::=",
+ /* 240 */ "eidlist_opt ::=",
+ /* 241 */ "eidlist_opt ::= LP eidlist RP",
+ /* 242 */ "eidlist ::= eidlist COMMA nm collate sortorder",
+ /* 243 */ "eidlist ::= nm collate sortorder",
+ /* 244 */ "collate ::=",
+ /* 245 */ "collate ::= COLLATE ID|STRING",
+ /* 246 */ "cmd ::= DROP INDEX ifexists fullname",
+ /* 247 */ "cmd ::= VACUUM vinto",
+ /* 248 */ "cmd ::= VACUUM nm vinto",
+ /* 249 */ "vinto ::= INTO expr",
+ /* 250 */ "vinto ::=",
+ /* 251 */ "cmd ::= PRAGMA nm dbnm",
+ /* 252 */ "cmd ::= PRAGMA nm dbnm EQ nmnum",
+ /* 253 */ "cmd ::= PRAGMA nm dbnm LP nmnum RP",
+ /* 254 */ "cmd ::= PRAGMA nm dbnm EQ minus_num",
+ /* 255 */ "cmd ::= PRAGMA nm dbnm LP minus_num RP",
+ /* 256 */ "plus_num ::= PLUS INTEGER|FLOAT",
+ /* 257 */ "minus_num ::= MINUS INTEGER|FLOAT",
+ /* 258 */ "cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END",
+ /* 259 */ "trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause",
+ /* 260 */ "trigger_time ::= BEFORE|AFTER",
+ /* 261 */ "trigger_time ::= INSTEAD OF",
+ /* 262 */ "trigger_time ::=",
+ /* 263 */ "trigger_event ::= DELETE|INSERT",
+ /* 264 */ "trigger_event ::= UPDATE",
+ /* 265 */ "trigger_event ::= UPDATE OF idlist",
+ /* 266 */ "when_clause ::=",
+ /* 267 */ "when_clause ::= WHEN expr",
+ /* 268 */ "trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI",
+ /* 269 */ "trigger_cmd_list ::= trigger_cmd SEMI",
+ /* 270 */ "trnm ::= nm DOT nm",
+ /* 271 */ "tridxby ::= INDEXED BY nm",
+ /* 272 */ "tridxby ::= NOT INDEXED",
+ /* 273 */ "trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt",
+ /* 274 */ "trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt",
+ /* 275 */ "trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt",
+ /* 276 */ "trigger_cmd ::= scanpt select scanpt",
+ /* 277 */ "expr ::= RAISE LP IGNORE RP",
+ /* 278 */ "expr ::= RAISE LP raisetype COMMA nm RP",
+ /* 279 */ "raisetype ::= ROLLBACK",
+ /* 280 */ "raisetype ::= ABORT",
+ /* 281 */ "raisetype ::= FAIL",
+ /* 282 */ "cmd ::= DROP TRIGGER ifexists fullname",
+ /* 283 */ "cmd ::= ATTACH database_kw_opt expr AS expr key_opt",
+ /* 284 */ "cmd ::= DETACH database_kw_opt expr",
+ /* 285 */ "key_opt ::=",
+ /* 286 */ "key_opt ::= KEY expr",
+ /* 287 */ "cmd ::= REINDEX",
+ /* 288 */ "cmd ::= REINDEX nm dbnm",
+ /* 289 */ "cmd ::= ANALYZE",
+ /* 290 */ "cmd ::= ANALYZE nm dbnm",
+ /* 291 */ "cmd ::= ALTER TABLE fullname RENAME TO nm",
+ /* 292 */ "cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist",
+ /* 293 */ "cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm",
+ /* 294 */ "add_column_fullname ::= fullname",
+ /* 295 */ "cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm",
+ /* 296 */ "cmd ::= create_vtab",
+ /* 297 */ "cmd ::= create_vtab LP vtabarglist RP",
+ /* 298 */ "create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm",
+ /* 299 */ "vtabarg ::=",
+ /* 300 */ "vtabargtoken ::= ANY",
+ /* 301 */ "vtabargtoken ::= lp anylist RP",
+ /* 302 */ "lp ::= LP",
+ /* 303 */ "with ::= WITH wqlist",
+ /* 304 */ "with ::= WITH RECURSIVE wqlist",
+ /* 305 */ "wqas ::= AS",
+ /* 306 */ "wqas ::= AS MATERIALIZED",
+ /* 307 */ "wqas ::= AS NOT MATERIALIZED",
+ /* 308 */ "wqitem ::= nm eidlist_opt wqas LP select RP",
+ /* 309 */ "wqlist ::= wqitem",
+ /* 310 */ "wqlist ::= wqlist COMMA wqitem",
+ /* 311 */ "windowdefn_list ::= windowdefn_list COMMA windowdefn",
+ /* 312 */ "windowdefn ::= nm AS LP window RP",
+ /* 313 */ "window ::= PARTITION BY nexprlist orderby_opt frame_opt",
+ /* 314 */ "window ::= nm PARTITION BY nexprlist orderby_opt frame_opt",
+ /* 315 */ "window ::= ORDER BY sortlist frame_opt",
+ /* 316 */ "window ::= nm ORDER BY sortlist frame_opt",
+ /* 317 */ "window ::= nm frame_opt",
+ /* 318 */ "frame_opt ::=",
+ /* 319 */ "frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt",
+ /* 320 */ "frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt",
+ /* 321 */ "range_or_rows ::= RANGE|ROWS|GROUPS",
+ /* 322 */ "frame_bound_s ::= frame_bound",
+ /* 323 */ "frame_bound_s ::= UNBOUNDED PRECEDING",
+ /* 324 */ "frame_bound_e ::= frame_bound",
+ /* 325 */ "frame_bound_e ::= UNBOUNDED FOLLOWING",
+ /* 326 */ "frame_bound ::= expr PRECEDING|FOLLOWING",
+ /* 327 */ "frame_bound ::= CURRENT ROW",
+ /* 328 */ "frame_exclude_opt ::=",
+ /* 329 */ "frame_exclude_opt ::= EXCLUDE frame_exclude",
+ /* 330 */ "frame_exclude ::= NO OTHERS",
+ /* 331 */ "frame_exclude ::= CURRENT ROW",
+ /* 332 */ "frame_exclude ::= GROUP|TIES",
+ /* 333 */ "window_clause ::= WINDOW windowdefn_list",
+ /* 334 */ "filter_over ::= filter_clause over_clause",
+ /* 335 */ "filter_over ::= over_clause",
+ /* 336 */ "filter_over ::= filter_clause",
+ /* 337 */ "over_clause ::= OVER LP window RP",
+ /* 338 */ "over_clause ::= OVER nm",
+ /* 339 */ "filter_clause ::= FILTER LP WHERE expr RP",
+ /* 340 */ "input ::= cmdlist",
+ /* 341 */ "cmdlist ::= cmdlist ecmd",
+ /* 342 */ "cmdlist ::= ecmd",
+ /* 343 */ "ecmd ::= SEMI",
+ /* 344 */ "ecmd ::= cmdx SEMI",
+ /* 345 */ "ecmd ::= explain cmdx SEMI",
+ /* 346 */ "trans_opt ::=",
+ /* 347 */ "trans_opt ::= TRANSACTION",
+ /* 348 */ "trans_opt ::= TRANSACTION nm",
+ /* 349 */ "savepoint_opt ::= SAVEPOINT",
+ /* 350 */ "savepoint_opt ::=",
+ /* 351 */ "cmd ::= create_table create_table_args",
+ /* 352 */ "table_option_set ::= table_option",
+ /* 353 */ "columnlist ::= columnlist COMMA columnname carglist",
+ /* 354 */ "columnlist ::= columnname carglist",
+ /* 355 */ "nm ::= ID|INDEXED|JOIN_KW",
+ /* 356 */ "nm ::= STRING",
+ /* 357 */ "typetoken ::= typename",
+ /* 358 */ "typename ::= ID|STRING",
+ /* 359 */ "signed ::= plus_num",
+ /* 360 */ "signed ::= minus_num",
+ /* 361 */ "carglist ::= carglist ccons",
+ /* 362 */ "carglist ::=",
+ /* 363 */ "ccons ::= NULL onconf",
+ /* 364 */ "ccons ::= GENERATED ALWAYS AS generated",
+ /* 365 */ "ccons ::= AS generated",
+ /* 366 */ "conslist_opt ::= COMMA conslist",
+ /* 367 */ "conslist ::= conslist tconscomma tcons",
+ /* 368 */ "conslist ::= tcons",
+ /* 369 */ "tconscomma ::=",
+ /* 370 */ "defer_subclause_opt ::= defer_subclause",
+ /* 371 */ "resolvetype ::= raisetype",
+ /* 372 */ "selectnowith ::= oneselect",
+ /* 373 */ "oneselect ::= values",
+ /* 374 */ "sclp ::= selcollist COMMA",
+ /* 375 */ "as ::= ID|STRING",
+ /* 376 */ "indexed_opt ::= indexed_by",
+ /* 377 */ "returning ::=",
+ /* 378 */ "expr ::= term",
+ /* 379 */ "likeop ::= LIKE_KW|MATCH",
+ /* 380 */ "case_operand ::= expr",
+ /* 381 */ "exprlist ::= nexprlist",
+ /* 382 */ "nmnum ::= plus_num",
+ /* 383 */ "nmnum ::= nm",
+ /* 384 */ "nmnum ::= ON",
+ /* 385 */ "nmnum ::= DELETE",
+ /* 386 */ "nmnum ::= DEFAULT",
+ /* 387 */ "plus_num ::= INTEGER|FLOAT",
+ /* 388 */ "foreach_clause ::=",
+ /* 389 */ "foreach_clause ::= FOR EACH ROW",
+ /* 390 */ "trnm ::= nm",
+ /* 391 */ "tridxby ::=",
+ /* 392 */ "database_kw_opt ::= DATABASE",
+ /* 393 */ "database_kw_opt ::=",
+ /* 394 */ "kwcolumn_opt ::=",
+ /* 395 */ "kwcolumn_opt ::= COLUMNKW",
+ /* 396 */ "vtabarglist ::= vtabarg",
+ /* 397 */ "vtabarglist ::= vtabarglist COMMA vtabarg",
+ /* 398 */ "vtabarg ::= vtabarg vtabargtoken",
+ /* 399 */ "anylist ::=",
+ /* 400 */ "anylist ::= anylist LP anylist RP",
+ /* 401 */ "anylist ::= anylist ANY",
+ /* 402 */ "with ::=",
+ /* 403 */ "windowdefn_list ::= windowdefn",
+ /* 404 */ "window ::= frame_opt",
 };
 #endif /* NDEBUG */
 
 
-#if YYGROWABLESTACK
+#if YYSTACKDEPTH<=0
 /*
 ** Try to increase the size of the parser stack.  Return the number
 ** of errors.  Return 0 on success.
 */
 static int yyGrowStack(yyParser *p){
-  int oldSize = 1 + (int)(p->yystackEnd - p->yystack);
   int newSize;
   int idx;
   yyStackEntry *pNew;
 
-  newSize = oldSize*2 + 100;
-  idx = (int)(p->yytos - p->yystack);
-  if( p->yystack==p->yystk0 ){
-    pNew = YYREALLOC(0, newSize*sizeof(pNew[0]));
-    if( pNew==0 ) return 1;
-    memcpy(pNew, p->yystack, oldSize*sizeof(pNew[0]));
+  newSize = p->yystksz*2 + 100;
+  idx = p->yytos ? (int)(p->yytos - p->yystack) : 0;
+  if( p->yystack==&p->yystk0 ){
+    pNew = malloc(newSize*sizeof(pNew[0]));
+    if( pNew ) pNew[0] = p->yystk0;
   }else{
-    pNew = YYREALLOC(p->yystack, newSize*sizeof(pNew[0]));
-    if( pNew==0 ) return 1;
+    pNew = realloc(p->yystack, newSize*sizeof(pNew[0]));
   }
-  p->yystack = pNew;
-  p->yytos = &p->yystack[idx];
+  if( pNew ){
+    p->yystack = pNew;
+    p->yytos = &p->yystack[idx];
 #ifndef NDEBUG
-  if( yyTraceFILE ){
-    fprintf(yyTraceFILE,"%sStack grows from %d to %d entries.\n",
-            yyTracePrompt, oldSize, newSize);
-  }
+    if( yyTraceFILE ){
+      fprintf(yyTraceFILE,"%sStack grows from %d to %d entries.\n",
+              yyTracePrompt, p->yystksz, newSize);
+    }
 #endif
-  p->yystackEnd = &p->yystack[newSize-1];
-  return 0;
+    p->yystksz = newSize;
+  }
+  return pNew==0;
 }
-#endif /* YYGROWABLESTACK */
-
-#if !YYGROWABLESTACK
-/* For builds that do no have a growable stack, yyGrowStack always
-** returns an error.
-*/
-# define yyGrowStack(X) 1
 #endif
 
 /* Datatype of the argument to the memory allocated passed as the
@@ -174789,14 +173187,24 @@ SQLITE_PRIVATE void sqlite3ParserInit(void *yypRawParser sqlite3ParserCTX_PDECL)
 #ifdef YYTRACKMAXSTACKDEPTH
   yypParser->yyhwm = 0;
 #endif
-  yypParser->yystack = yypParser->yystk0;
-  yypParser->yystackEnd = &yypParser->yystack[YYSTACKDEPTH-1];
+#if YYSTACKDEPTH<=0
+  yypParser->yytos = NULL;
+  yypParser->yystack = NULL;
+  yypParser->yystksz = 0;
+  if( yyGrowStack(yypParser) ){
+    yypParser->yystack = &yypParser->yystk0;
+    yypParser->yystksz = 1;
+  }
+#endif
 #ifndef YYNOERRORRECOVERY
   yypParser->yyerrcnt = -1;
 #endif
   yypParser->yytos = yypParser->yystack;
   yypParser->yystack[0].stateno = 0;
   yypParser->yystack[0].major = 0;
+#if YYSTACKDEPTH>0
+  yypParser->yystackEnd = &yypParser->yystack[YYSTACKDEPTH-1];
+#endif
 }
 
 #ifndef sqlite3Parser_ENGINEALWAYSONSTACK
@@ -174850,98 +173258,97 @@ static void yy_destructor(
     ** inside the C code.
     */
 /********* Begin destructor definitions ***************************************/
-    case 205: /* select */
-    case 240: /* selectnowith */
-    case 241: /* oneselect */
-    case 253: /* values */
-    case 255: /* mvalues */
+    case 204: /* select */
+    case 239: /* selectnowith */
+    case 240: /* oneselect */
+    case 252: /* values */
 {
-sqlite3SelectDelete(pParse->db, (yypminor->yy555));
-}
-      break;
-    case 217: /* term */
-    case 218: /* expr */
-    case 247: /* where_opt */
-    case 249: /* having_opt */
-    case 269: /* where_opt_ret */
-    case 280: /* case_operand */
-    case 282: /* case_else */
-    case 285: /* vinto */
-    case 292: /* when_clause */
-    case 297: /* key_opt */
-    case 314: /* filter_clause */
+sqlite3SelectDelete(pParse->db, (yypminor->yy47));
+}
+      break;
+    case 216: /* term */
+    case 217: /* expr */
+    case 246: /* where_opt */
+    case 248: /* having_opt */
+    case 267: /* where_opt_ret */
+    case 278: /* case_operand */
+    case 280: /* case_else */
+    case 283: /* vinto */
+    case 290: /* when_clause */
+    case 295: /* key_opt */
+    case 311: /* filter_clause */
 {
-sqlite3ExprDelete(pParse->db, (yypminor->yy454));
-}
-      break;
-    case 222: /* eidlist_opt */
-    case 232: /* sortlist */
-    case 233: /* eidlist */
-    case 245: /* selcollist */
-    case 248: /* groupby_opt */
-    case 250: /* orderby_opt */
-    case 254: /* nexprlist */
-    case 256: /* sclp */
-    case 263: /* exprlist */
-    case 270: /* setlist */
-    case 279: /* paren_exprlist */
-    case 281: /* case_exprlist */
-    case 313: /* part_opt */
+sqlite3ExprDelete(pParse->db, (yypminor->yy528));
+}
+      break;
+    case 221: /* eidlist_opt */
+    case 231: /* sortlist */
+    case 232: /* eidlist */
+    case 244: /* selcollist */
+    case 247: /* groupby_opt */
+    case 249: /* orderby_opt */
+    case 253: /* nexprlist */
+    case 254: /* sclp */
+    case 261: /* exprlist */
+    case 268: /* setlist */
+    case 277: /* paren_exprlist */
+    case 279: /* case_exprlist */
+    case 310: /* part_opt */
 {
-sqlite3ExprListDelete(pParse->db, (yypminor->yy14));
+sqlite3ExprListDelete(pParse->db, (yypminor->yy322));
 }
       break;
-    case 239: /* fullname */
-    case 246: /* from */
-    case 258: /* seltablist */
-    case 259: /* stl_prefix */
-    case 264: /* xfullname */
+    case 238: /* fullname */
+    case 245: /* from */
+    case 256: /* seltablist */
+    case 257: /* stl_prefix */
+    case 262: /* xfullname */
 {
-sqlite3SrcListDelete(pParse->db, (yypminor->yy203));
+sqlite3SrcListDelete(pParse->db, (yypminor->yy131));
 }
       break;
-    case 242: /* wqlist */
+    case 241: /* wqlist */
 {
-sqlite3WithDelete(pParse->db, (yypminor->yy59));
+sqlite3WithDelete(pParse->db, (yypminor->yy521));
 }
       break;
-    case 252: /* window_clause */
-    case 309: /* windowdefn_list */
+    case 251: /* window_clause */
+    case 306: /* windowdefn_list */
 {
-sqlite3WindowListDelete(pParse->db, (yypminor->yy211));
+sqlite3WindowListDelete(pParse->db, (yypminor->yy41));
 }
       break;
-    case 265: /* idlist */
-    case 272: /* idlist_opt */
+    case 263: /* idlist */
+    case 270: /* idlist_opt */
 {
-sqlite3IdListDelete(pParse->db, (yypminor->yy132));
+sqlite3IdListDelete(pParse->db, (yypminor->yy254));
 }
       break;
-    case 275: /* filter_over */
-    case 310: /* windowdefn */
-    case 311: /* window */
-    case 312: /* frame_opt */
-    case 315: /* over_clause */
+    case 273: /* filter_over */
+    case 307: /* windowdefn */
+    case 308: /* window */
+    case 309: /* frame_opt */
+    case 312: /* over_clause */
 {
-sqlite3WindowDelete(pParse->db, (yypminor->yy211));
+sqlite3WindowDelete(pParse->db, (yypminor->yy41));
 }
       break;
-    case 288: /* trigger_cmd_list */
-    case 293: /* trigger_cmd */
+    case 286: /* trigger_cmd_list */
+    case 291: /* trigger_cmd */
 {
-sqlite3DeleteTriggerStep(pParse->db, (yypminor->yy427));
+sqlite3DeleteTriggerStep(pParse->db, (yypminor->yy33));
 }
       break;
-    case 290: /* trigger_event */
+    case 288: /* trigger_event */
 {
-sqlite3IdListDelete(pParse->db, (yypminor->yy286).b);
+sqlite3IdListDelete(pParse->db, (yypminor->yy180).b);
 }
       break;
-    case 317: /* frame_bound */
-    case 318: /* frame_bound_s */
-    case 319: /* frame_bound_e */
+    case 314: /* frame_bound */
+    case 315: /* frame_bound_s */
+    case 316: /* frame_bound_e */
 {
-sqlite3ExprDelete(pParse->db, (yypminor->yy509).pExpr);
+sqlite3ExprDelete(pParse->db, (yypminor->yy595).pExpr);
 }
       break;
 /********* End destructor definitions *****************************************/
@@ -174975,26 +173382,9 @@ static void yy_pop_parser_stack(yyParser *pParser){
 */
 SQLITE_PRIVATE void sqlite3ParserFinalize(void *p){
   yyParser *pParser = (yyParser*)p;
-
-  /* In-lined version of calling yy_pop_parser_stack() for each
-  ** element left in the stack */
-  yyStackEntry *yytos = pParser->yytos;
-  while( yytos>pParser->yystack ){
-#ifndef NDEBUG
-    if( yyTraceFILE ){
-      fprintf(yyTraceFILE,"%sPopping %s\n",
-        yyTracePrompt,
-        yyTokenName[yytos->major]);
-    }
-#endif
-    if( yytos->major>=YY_MIN_DSTRCTR ){
-      yy_destructor(pParser, yytos->major, &yytos->minor);
-    }
-    yytos--;
-  }
-
-#if YYGROWABLESTACK
-  if( pParser->yystack!=pParser->yystk0 ) YYFREE(pParser->yystack);
+  while( pParser->yytos>pParser->yystack ) yy_pop_parser_stack(pParser);
+#if YYSTACKDEPTH<=0
+  if( pParser->yystack!=&pParser->yystk0 ) free(pParser->yystack);
 #endif
 }
 
@@ -175177,7 +173567,7 @@ static void yyStackOverflow(yyParser *yypParser){
    ** stack every overflows */
 /******** Begin %stack_overflow code ******************************************/
 
-  sqlite3OomFault(pParse->db);
+  sqlite3ErrorMsg(pParse, "parser stack overflow");
 /******** End %stack_overflow code ********************************************/
    sqlite3ParserARG_STORE /* Suppress warning about unused %extra_argument var */
    sqlite3ParserCTX_STORE
@@ -175221,19 +173611,25 @@ static void yy_shift(
     assert( yypParser->yyhwm == (int)(yypParser->yytos - yypParser->yystack) );
   }
 #endif
-  yytos = yypParser->yytos;
-  if( yytos>yypParser->yystackEnd ){
+#if YYSTACKDEPTH>0
+  if( yypParser->yytos>yypParser->yystackEnd ){
+    yypParser->yytos--;
+    yyStackOverflow(yypParser);
+    return;
+  }
+#else
+  if( yypParser->yytos>=&yypParser->yystack[yypParser->yystksz] ){
     if( yyGrowStack(yypParser) ){
       yypParser->yytos--;
       yyStackOverflow(yypParser);
       return;
     }
-    yytos = yypParser->yytos;
-    assert( yytos <= yypParser->yystackEnd );
   }
+#endif
   if( yyNewState > YY_MAX_SHIFT ){
     yyNewState += YY_MIN_REDUCE - YY_MIN_SHIFTREDUCE;
   }
+  yytos = yypParser->yytos;
   yytos->stateno = yyNewState;
   yytos->major = yyMajor;
   yytos->minor.yy0 = yyMinor;
@@ -175243,415 +173639,411 @@ static void yy_shift(
 /* For rule J, yyRuleInfoLhs[J] contains the symbol on the left-hand side
 ** of that rule */
 static const YYCODETYPE yyRuleInfoLhs[] = {
-   190,  /* (0) explain ::= EXPLAIN */
-   190,  /* (1) explain ::= EXPLAIN QUERY PLAN */
-   189,  /* (2) cmdx ::= cmd */
-   191,  /* (3) cmd ::= BEGIN transtype trans_opt */
-   192,  /* (4) transtype ::= */
-   192,  /* (5) transtype ::= DEFERRED */
-   192,  /* (6) transtype ::= IMMEDIATE */
-   192,  /* (7) transtype ::= EXCLUSIVE */
-   191,  /* (8) cmd ::= COMMIT|END trans_opt */
-   191,  /* (9) cmd ::= ROLLBACK trans_opt */
-   191,  /* (10) cmd ::= SAVEPOINT nm */
-   191,  /* (11) cmd ::= RELEASE savepoint_opt nm */
-   191,  /* (12) cmd ::= ROLLBACK trans_opt TO savepoint_opt nm */
-   196,  /* (13) create_table ::= createkw temp TABLE ifnotexists nm dbnm */
-   198,  /* (14) createkw ::= CREATE */
-   200,  /* (15) ifnotexists ::= */
-   200,  /* (16) ifnotexists ::= IF NOT EXISTS */
-   199,  /* (17) temp ::= TEMP */
-   199,  /* (18) temp ::= */
-   197,  /* (19) create_table_args ::= LP columnlist conslist_opt RP table_option_set */
-   197,  /* (20) create_table_args ::= AS select */
-   204,  /* (21) table_option_set ::= */
-   204,  /* (22) table_option_set ::= table_option_set COMMA table_option */
-   206,  /* (23) table_option ::= WITHOUT nm */
-   206,  /* (24) table_option ::= nm */
-   207,  /* (25) columnname ::= nm typetoken */
-   209,  /* (26) typetoken ::= */
-   209,  /* (27) typetoken ::= typename LP signed RP */
-   209,  /* (28) typetoken ::= typename LP signed COMMA signed RP */
-   210,  /* (29) typename ::= typename ID|STRING */
-   214,  /* (30) scanpt ::= */
-   215,  /* (31) scantok ::= */
-   216,  /* (32) ccons ::= CONSTRAINT nm */
-   216,  /* (33) ccons ::= DEFAULT scantok term */
-   216,  /* (34) ccons ::= DEFAULT LP expr RP */
-   216,  /* (35) ccons ::= DEFAULT PLUS scantok term */
-   216,  /* (36) ccons ::= DEFAULT MINUS scantok term */
-   216,  /* (37) ccons ::= DEFAULT scantok ID|INDEXED */
-   216,  /* (38) ccons ::= NOT NULL onconf */
-   216,  /* (39) ccons ::= PRIMARY KEY sortorder onconf autoinc */
-   216,  /* (40) ccons ::= UNIQUE onconf */
-   216,  /* (41) ccons ::= CHECK LP expr RP */
-   216,  /* (42) ccons ::= REFERENCES nm eidlist_opt refargs */
-   216,  /* (43) ccons ::= defer_subclause */
-   216,  /* (44) ccons ::= COLLATE ID|STRING */
-   225,  /* (45) generated ::= LP expr RP */
-   225,  /* (46) generated ::= LP expr RP ID */
-   221,  /* (47) autoinc ::= */
-   221,  /* (48) autoinc ::= AUTOINCR */
-   223,  /* (49) refargs ::= */
-   223,  /* (50) refargs ::= refargs refarg */
-   226,  /* (51) refarg ::= MATCH nm */
-   226,  /* (52) refarg ::= ON INSERT refact */
-   226,  /* (53) refarg ::= ON DELETE refact */
-   226,  /* (54) refarg ::= ON UPDATE refact */
-   227,  /* (55) refact ::= SET NULL */
-   227,  /* (56) refact ::= SET DEFAULT */
-   227,  /* (57) refact ::= CASCADE */
-   227,  /* (58) refact ::= RESTRICT */
-   227,  /* (59) refact ::= NO ACTION */
-   224,  /* (60) defer_subclause ::= NOT DEFERRABLE init_deferred_pred_opt */
-   224,  /* (61) defer_subclause ::= DEFERRABLE init_deferred_pred_opt */
-   228,  /* (62) init_deferred_pred_opt ::= */
-   228,  /* (63) init_deferred_pred_opt ::= INITIALLY DEFERRED */
-   228,  /* (64) init_deferred_pred_opt ::= INITIALLY IMMEDIATE */
-   203,  /* (65) conslist_opt ::= */
-   230,  /* (66) tconscomma ::= COMMA */
-   231,  /* (67) tcons ::= CONSTRAINT nm */
-   231,  /* (68) tcons ::= PRIMARY KEY LP sortlist autoinc RP onconf */
-   231,  /* (69) tcons ::= UNIQUE LP sortlist RP onconf */
-   231,  /* (70) tcons ::= CHECK LP expr RP onconf */
-   231,  /* (71) tcons ::= FOREIGN KEY LP eidlist RP REFERENCES nm eidlist_opt refargs defer_subclause_opt */
-   234,  /* (72) defer_subclause_opt ::= */
-   219,  /* (73) onconf ::= */
-   219,  /* (74) onconf ::= ON CONFLICT resolvetype */
-   235,  /* (75) orconf ::= */
-   235,  /* (76) orconf ::= OR resolvetype */
-   236,  /* (77) resolvetype ::= IGNORE */
-   236,  /* (78) resolvetype ::= REPLACE */
-   191,  /* (79) cmd ::= DROP TABLE ifexists fullname */
-   238,  /* (80) ifexists ::= IF EXISTS */
-   238,  /* (81) ifexists ::= */
-   191,  /* (82) cmd ::= createkw temp VIEW ifnotexists nm dbnm eidlist_opt AS select */
-   191,  /* (83) cmd ::= DROP VIEW ifexists fullname */
-   191,  /* (84) cmd ::= select */
-   205,  /* (85) select ::= WITH wqlist selectnowith */
-   205,  /* (86) select ::= WITH RECURSIVE wqlist selectnowith */
-   205,  /* (87) select ::= selectnowith */
-   240,  /* (88) selectnowith ::= selectnowith multiselect_op oneselect */
-   243,  /* (89) multiselect_op ::= UNION */
-   243,  /* (90) multiselect_op ::= UNION ALL */
-   243,  /* (91) multiselect_op ::= EXCEPT|INTERSECT */
-   241,  /* (92) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt */
-   241,  /* (93) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt */
-   253,  /* (94) values ::= VALUES LP nexprlist RP */
-   241,  /* (95) oneselect ::= mvalues */
-   255,  /* (96) mvalues ::= values COMMA LP nexprlist RP */
-   255,  /* (97) mvalues ::= mvalues COMMA LP nexprlist RP */
-   244,  /* (98) distinct ::= DISTINCT */
-   244,  /* (99) distinct ::= ALL */
-   244,  /* (100) distinct ::= */
-   256,  /* (101) sclp ::= */
-   245,  /* (102) selcollist ::= sclp scanpt expr scanpt as */
-   245,  /* (103) selcollist ::= sclp scanpt STAR */
-   245,  /* (104) selcollist ::= sclp scanpt nm DOT STAR */
-   257,  /* (105) as ::= AS nm */
-   257,  /* (106) as ::= */
-   246,  /* (107) from ::= */
-   246,  /* (108) from ::= FROM seltablist */
-   259,  /* (109) stl_prefix ::= seltablist joinop */
-   259,  /* (110) stl_prefix ::= */
-   258,  /* (111) seltablist ::= stl_prefix nm dbnm as on_using */
-   258,  /* (112) seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
-   258,  /* (113) seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
-   258,  /* (114) seltablist ::= stl_prefix LP select RP as on_using */
-   258,  /* (115) seltablist ::= stl_prefix LP seltablist RP as on_using */
-   201,  /* (116) dbnm ::= */
-   201,  /* (117) dbnm ::= DOT nm */
-   239,  /* (118) fullname ::= nm */
-   239,  /* (119) fullname ::= nm DOT nm */
-   264,  /* (120) xfullname ::= nm */
-   264,  /* (121) xfullname ::= nm DOT nm */
-   264,  /* (122) xfullname ::= nm DOT nm AS nm */
-   264,  /* (123) xfullname ::= nm AS nm */
-   260,  /* (124) joinop ::= COMMA|JOIN */
-   260,  /* (125) joinop ::= JOIN_KW JOIN */
-   260,  /* (126) joinop ::= JOIN_KW nm JOIN */
-   260,  /* (127) joinop ::= JOIN_KW nm nm JOIN */
-   261,  /* (128) on_using ::= ON expr */
-   261,  /* (129) on_using ::= USING LP idlist RP */
-   261,  /* (130) on_using ::= */
-   266,  /* (131) indexed_opt ::= */
-   262,  /* (132) indexed_by ::= INDEXED BY nm */
-   262,  /* (133) indexed_by ::= NOT INDEXED */
-   250,  /* (134) orderby_opt ::= */
-   250,  /* (135) orderby_opt ::= ORDER BY sortlist */
-   232,  /* (136) sortlist ::= sortlist COMMA expr sortorder nulls */
-   232,  /* (137) sortlist ::= expr sortorder nulls */
-   220,  /* (138) sortorder ::= ASC */
-   220,  /* (139) sortorder ::= DESC */
-   220,  /* (140) sortorder ::= */
-   267,  /* (141) nulls ::= NULLS FIRST */
-   267,  /* (142) nulls ::= NULLS LAST */
-   267,  /* (143) nulls ::= */
-   248,  /* (144) groupby_opt ::= */
-   248,  /* (145) groupby_opt ::= GROUP BY nexprlist */
-   249,  /* (146) having_opt ::= */
-   249,  /* (147) having_opt ::= HAVING expr */
-   251,  /* (148) limit_opt ::= */
-   251,  /* (149) limit_opt ::= LIMIT expr */
-   251,  /* (150) limit_opt ::= LIMIT expr OFFSET expr */
-   251,  /* (151) limit_opt ::= LIMIT expr COMMA expr */
-   191,  /* (152) cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
-   247,  /* (153) where_opt ::= */
-   247,  /* (154) where_opt ::= WHERE expr */
-   269,  /* (155) where_opt_ret ::= */
-   269,  /* (156) where_opt_ret ::= WHERE expr */
-   269,  /* (157) where_opt_ret ::= RETURNING selcollist */
-   269,  /* (158) where_opt_ret ::= WHERE expr RETURNING selcollist */
-   191,  /* (159) cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
-   270,  /* (160) setlist ::= setlist COMMA nm EQ expr */
-   270,  /* (161) setlist ::= setlist COMMA LP idlist RP EQ expr */
-   270,  /* (162) setlist ::= nm EQ expr */
-   270,  /* (163) setlist ::= LP idlist RP EQ expr */
-   191,  /* (164) cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
-   191,  /* (165) cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
-   273,  /* (166) upsert ::= */
-   273,  /* (167) upsert ::= RETURNING selcollist */
-   273,  /* (168) upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
-   273,  /* (169) upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
-   273,  /* (170) upsert ::= ON CONFLICT DO NOTHING returning */
-   273,  /* (171) upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
-   274,  /* (172) returning ::= RETURNING selcollist */
-   271,  /* (173) insert_cmd ::= INSERT orconf */
-   271,  /* (174) insert_cmd ::= REPLACE */
-   272,  /* (175) idlist_opt ::= */
-   272,  /* (176) idlist_opt ::= LP idlist RP */
-   265,  /* (177) idlist ::= idlist COMMA nm */
-   265,  /* (178) idlist ::= nm */
-   218,  /* (179) expr ::= LP expr RP */
-   218,  /* (180) expr ::= ID|INDEXED|JOIN_KW */
-   218,  /* (181) expr ::= nm DOT nm */
-   218,  /* (182) expr ::= nm DOT nm DOT nm */
-   217,  /* (183) term ::= NULL|FLOAT|BLOB */
-   217,  /* (184) term ::= STRING */
-   217,  /* (185) term ::= INTEGER */
-   218,  /* (186) expr ::= VARIABLE */
-   218,  /* (187) expr ::= expr COLLATE ID|STRING */
-   218,  /* (188) expr ::= CAST LP expr AS typetoken RP */
-   218,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
-   218,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
-   218,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
-   218,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
-   218,  /* (193) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
-   218,  /* (194) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
-   217,  /* (195) term ::= CTIME_KW */
-   218,  /* (196) expr ::= LP nexprlist COMMA expr RP */
-   218,  /* (197) expr ::= expr AND expr */
-   218,  /* (198) expr ::= expr OR expr */
-   218,  /* (199) expr ::= expr LT|GT|GE|LE expr */
-   218,  /* (200) expr ::= expr EQ|NE expr */
-   218,  /* (201) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
-   218,  /* (202) expr ::= expr PLUS|MINUS expr */
-   218,  /* (203) expr ::= expr STAR|SLASH|REM expr */
-   218,  /* (204) expr ::= expr CONCAT expr */
-   276,  /* (205) likeop ::= NOT LIKE_KW|MATCH */
-   218,  /* (206) expr ::= expr likeop expr */
-   218,  /* (207) expr ::= expr likeop expr ESCAPE expr */
-   218,  /* (208) expr ::= expr ISNULL|NOTNULL */
-   218,  /* (209) expr ::= expr NOT NULL */
-   218,  /* (210) expr ::= expr IS expr */
-   218,  /* (211) expr ::= expr IS NOT expr */
-   218,  /* (212) expr ::= expr IS NOT DISTINCT FROM expr */
-   218,  /* (213) expr ::= expr IS DISTINCT FROM expr */
-   218,  /* (214) expr ::= NOT expr */
-   218,  /* (215) expr ::= BITNOT expr */
-   218,  /* (216) expr ::= PLUS|MINUS expr */
-   218,  /* (217) expr ::= expr PTR expr */
-   277,  /* (218) between_op ::= BETWEEN */
-   277,  /* (219) between_op ::= NOT BETWEEN */
-   218,  /* (220) expr ::= expr between_op expr AND expr */
-   278,  /* (221) in_op ::= IN */
-   278,  /* (222) in_op ::= NOT IN */
-   218,  /* (223) expr ::= expr in_op LP exprlist RP */
-   218,  /* (224) expr ::= LP select RP */
-   218,  /* (225) expr ::= expr in_op LP select RP */
-   218,  /* (226) expr ::= expr in_op nm dbnm paren_exprlist */
-   218,  /* (227) expr ::= EXISTS LP select RP */
-   218,  /* (228) expr ::= CASE case_operand case_exprlist case_else END */
-   281,  /* (229) case_exprlist ::= case_exprlist WHEN expr THEN expr */
-   281,  /* (230) case_exprlist ::= WHEN expr THEN expr */
-   282,  /* (231) case_else ::= ELSE expr */
-   282,  /* (232) case_else ::= */
-   280,  /* (233) case_operand ::= */
-   263,  /* (234) exprlist ::= */
-   254,  /* (235) nexprlist ::= nexprlist COMMA expr */
-   254,  /* (236) nexprlist ::= expr */
-   279,  /* (237) paren_exprlist ::= */
-   279,  /* (238) paren_exprlist ::= LP exprlist RP */
-   191,  /* (239) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
-   283,  /* (240) uniqueflag ::= UNIQUE */
-   283,  /* (241) uniqueflag ::= */
-   222,  /* (242) eidlist_opt ::= */
-   222,  /* (243) eidlist_opt ::= LP eidlist RP */
-   233,  /* (244) eidlist ::= eidlist COMMA nm collate sortorder */
-   233,  /* (245) eidlist ::= nm collate sortorder */
-   284,  /* (246) collate ::= */
-   284,  /* (247) collate ::= COLLATE ID|STRING */
-   191,  /* (248) cmd ::= DROP INDEX ifexists fullname */
-   191,  /* (249) cmd ::= VACUUM vinto */
-   191,  /* (250) cmd ::= VACUUM nm vinto */
-   285,  /* (251) vinto ::= INTO expr */
-   285,  /* (252) vinto ::= */
-   191,  /* (253) cmd ::= PRAGMA nm dbnm */
-   191,  /* (254) cmd ::= PRAGMA nm dbnm EQ nmnum */
-   191,  /* (255) cmd ::= PRAGMA nm dbnm LP nmnum RP */
-   191,  /* (256) cmd ::= PRAGMA nm dbnm EQ minus_num */
-   191,  /* (257) cmd ::= PRAGMA nm dbnm LP minus_num RP */
-   212,  /* (258) plus_num ::= PLUS INTEGER|FLOAT */
-   213,  /* (259) minus_num ::= MINUS INTEGER|FLOAT */
-   191,  /* (260) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
-   287,  /* (261) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
-   289,  /* (262) trigger_time ::= BEFORE|AFTER */
-   289,  /* (263) trigger_time ::= INSTEAD OF */
-   289,  /* (264) trigger_time ::= */
-   290,  /* (265) trigger_event ::= DELETE|INSERT */
-   290,  /* (266) trigger_event ::= UPDATE */
-   290,  /* (267) trigger_event ::= UPDATE OF idlist */
-   292,  /* (268) when_clause ::= */
-   292,  /* (269) when_clause ::= WHEN expr */
-   288,  /* (270) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
-   288,  /* (271) trigger_cmd_list ::= trigger_cmd SEMI */
-   294,  /* (272) trnm ::= nm DOT nm */
-   295,  /* (273) tridxby ::= INDEXED BY nm */
-   295,  /* (274) tridxby ::= NOT INDEXED */
-   293,  /* (275) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-   293,  /* (276) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
-   293,  /* (277) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-   293,  /* (278) trigger_cmd ::= scanpt select scanpt */
-   218,  /* (279) expr ::= RAISE LP IGNORE RP */
-   218,  /* (280) expr ::= RAISE LP raisetype COMMA nm RP */
-   237,  /* (281) raisetype ::= ROLLBACK */
-   237,  /* (282) raisetype ::= ABORT */
-   237,  /* (283) raisetype ::= FAIL */
-   191,  /* (284) cmd ::= DROP TRIGGER ifexists fullname */
-   191,  /* (285) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
-   191,  /* (286) cmd ::= DETACH database_kw_opt expr */
-   297,  /* (287) key_opt ::= */
-   297,  /* (288) key_opt ::= KEY expr */
-   191,  /* (289) cmd ::= REINDEX */
-   191,  /* (290) cmd ::= REINDEX nm dbnm */
-   191,  /* (291) cmd ::= ANALYZE */
-   191,  /* (292) cmd ::= ANALYZE nm dbnm */
-   191,  /* (293) cmd ::= ALTER TABLE fullname RENAME TO nm */
-   191,  /* (294) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
-   191,  /* (295) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
-   298,  /* (296) add_column_fullname ::= fullname */
-   191,  /* (297) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
-   191,  /* (298) cmd ::= create_vtab */
-   191,  /* (299) cmd ::= create_vtab LP vtabarglist RP */
-   300,  /* (300) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
-   302,  /* (301) vtabarg ::= */
-   303,  /* (302) vtabargtoken ::= ANY */
-   303,  /* (303) vtabargtoken ::= lp anylist RP */
-   304,  /* (304) lp ::= LP */
-   268,  /* (305) with ::= WITH wqlist */
-   268,  /* (306) with ::= WITH RECURSIVE wqlist */
-   307,  /* (307) wqas ::= AS */
-   307,  /* (308) wqas ::= AS MATERIALIZED */
-   307,  /* (309) wqas ::= AS NOT MATERIALIZED */
-   306,  /* (310) wqitem ::= withnm eidlist_opt wqas LP select RP */
-   308,  /* (311) withnm ::= nm */
-   242,  /* (312) wqlist ::= wqitem */
-   242,  /* (313) wqlist ::= wqlist COMMA wqitem */
-   309,  /* (314) windowdefn_list ::= windowdefn_list COMMA windowdefn */
-   310,  /* (315) windowdefn ::= nm AS LP window RP */
-   311,  /* (316) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
-   311,  /* (317) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
-   311,  /* (318) window ::= ORDER BY sortlist frame_opt */
-   311,  /* (319) window ::= nm ORDER BY sortlist frame_opt */
-   311,  /* (320) window ::= nm frame_opt */
-   312,  /* (321) frame_opt ::= */
-   312,  /* (322) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
-   312,  /* (323) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
-   316,  /* (324) range_or_rows ::= RANGE|ROWS|GROUPS */
-   318,  /* (325) frame_bound_s ::= frame_bound */
-   318,  /* (326) frame_bound_s ::= UNBOUNDED PRECEDING */
-   319,  /* (327) frame_bound_e ::= frame_bound */
-   319,  /* (328) frame_bound_e ::= UNBOUNDED FOLLOWING */
-   317,  /* (329) frame_bound ::= expr PRECEDING|FOLLOWING */
-   317,  /* (330) frame_bound ::= CURRENT ROW */
-   320,  /* (331) frame_exclude_opt ::= */
-   320,  /* (332) frame_exclude_opt ::= EXCLUDE frame_exclude */
-   321,  /* (333) frame_exclude ::= NO OTHERS */
-   321,  /* (334) frame_exclude ::= CURRENT ROW */
-   321,  /* (335) frame_exclude ::= GROUP|TIES */
-   252,  /* (336) window_clause ::= WINDOW windowdefn_list */
-   275,  /* (337) filter_over ::= filter_clause over_clause */
-   275,  /* (338) filter_over ::= over_clause */
-   275,  /* (339) filter_over ::= filter_clause */
-   315,  /* (340) over_clause ::= OVER LP window RP */
-   315,  /* (341) over_clause ::= OVER nm */
-   314,  /* (342) filter_clause ::= FILTER LP WHERE expr RP */
-   217,  /* (343) term ::= QNUMBER */
-   186,  /* (344) input ::= cmdlist */
-   187,  /* (345) cmdlist ::= cmdlist ecmd */
-   187,  /* (346) cmdlist ::= ecmd */
-   188,  /* (347) ecmd ::= SEMI */
-   188,  /* (348) ecmd ::= cmdx SEMI */
-   188,  /* (349) ecmd ::= explain cmdx SEMI */
-   193,  /* (350) trans_opt ::= */
-   193,  /* (351) trans_opt ::= TRANSACTION */
-   193,  /* (352) trans_opt ::= TRANSACTION nm */
-   195,  /* (353) savepoint_opt ::= SAVEPOINT */
-   195,  /* (354) savepoint_opt ::= */
-   191,  /* (355) cmd ::= create_table create_table_args */
-   204,  /* (356) table_option_set ::= table_option */
-   202,  /* (357) columnlist ::= columnlist COMMA columnname carglist */
-   202,  /* (358) columnlist ::= columnname carglist */
-   194,  /* (359) nm ::= ID|INDEXED|JOIN_KW */
-   194,  /* (360) nm ::= STRING */
-   209,  /* (361) typetoken ::= typename */
-   210,  /* (362) typename ::= ID|STRING */
-   211,  /* (363) signed ::= plus_num */
-   211,  /* (364) signed ::= minus_num */
-   208,  /* (365) carglist ::= carglist ccons */
-   208,  /* (366) carglist ::= */
-   216,  /* (367) ccons ::= NULL onconf */
-   216,  /* (368) ccons ::= GENERATED ALWAYS AS generated */
-   216,  /* (369) ccons ::= AS generated */
-   203,  /* (370) conslist_opt ::= COMMA conslist */
-   229,  /* (371) conslist ::= conslist tconscomma tcons */
-   229,  /* (372) conslist ::= tcons */
-   230,  /* (373) tconscomma ::= */
-   234,  /* (374) defer_subclause_opt ::= defer_subclause */
-   236,  /* (375) resolvetype ::= raisetype */
-   240,  /* (376) selectnowith ::= oneselect */
-   241,  /* (377) oneselect ::= values */
-   256,  /* (378) sclp ::= selcollist COMMA */
-   257,  /* (379) as ::= ID|STRING */
-   266,  /* (380) indexed_opt ::= indexed_by */
-   274,  /* (381) returning ::= */
-   218,  /* (382) expr ::= term */
-   276,  /* (383) likeop ::= LIKE_KW|MATCH */
-   280,  /* (384) case_operand ::= expr */
-   263,  /* (385) exprlist ::= nexprlist */
-   286,  /* (386) nmnum ::= plus_num */
-   286,  /* (387) nmnum ::= nm */
-   286,  /* (388) nmnum ::= ON */
-   286,  /* (389) nmnum ::= DELETE */
-   286,  /* (390) nmnum ::= DEFAULT */
-   212,  /* (391) plus_num ::= INTEGER|FLOAT */
-   291,  /* (392) foreach_clause ::= */
-   291,  /* (393) foreach_clause ::= FOR EACH ROW */
-   294,  /* (394) trnm ::= nm */
-   295,  /* (395) tridxby ::= */
-   296,  /* (396) database_kw_opt ::= DATABASE */
-   296,  /* (397) database_kw_opt ::= */
-   299,  /* (398) kwcolumn_opt ::= */
-   299,  /* (399) kwcolumn_opt ::= COLUMNKW */
-   301,  /* (400) vtabarglist ::= vtabarg */
-   301,  /* (401) vtabarglist ::= vtabarglist COMMA vtabarg */
-   302,  /* (402) vtabarg ::= vtabarg vtabargtoken */
-   305,  /* (403) anylist ::= */
-   305,  /* (404) anylist ::= anylist LP anylist RP */
-   305,  /* (405) anylist ::= anylist ANY */
-   268,  /* (406) with ::= */
-   309,  /* (407) windowdefn_list ::= windowdefn */
-   311,  /* (408) window ::= frame_opt */
+   189,  /* (0) explain ::= EXPLAIN */
+   189,  /* (1) explain ::= EXPLAIN QUERY PLAN */
+   188,  /* (2) cmdx ::= cmd */
+   190,  /* (3) cmd ::= BEGIN transtype trans_opt */
+   191,  /* (4) transtype ::= */
+   191,  /* (5) transtype ::= DEFERRED */
+   191,  /* (6) transtype ::= IMMEDIATE */
+   191,  /* (7) transtype ::= EXCLUSIVE */
+   190,  /* (8) cmd ::= COMMIT|END trans_opt */
+   190,  /* (9) cmd ::= ROLLBACK trans_opt */
+   190,  /* (10) cmd ::= SAVEPOINT nm */
+   190,  /* (11) cmd ::= RELEASE savepoint_opt nm */
+   190,  /* (12) cmd ::= ROLLBACK trans_opt TO savepoint_opt nm */
+   195,  /* (13) create_table ::= createkw temp TABLE ifnotexists nm dbnm */
+   197,  /* (14) createkw ::= CREATE */
+   199,  /* (15) ifnotexists ::= */
+   199,  /* (16) ifnotexists ::= IF NOT EXISTS */
+   198,  /* (17) temp ::= TEMP */
+   198,  /* (18) temp ::= */
+   196,  /* (19) create_table_args ::= LP columnlist conslist_opt RP table_option_set */
+   196,  /* (20) create_table_args ::= AS select */
+   203,  /* (21) table_option_set ::= */
+   203,  /* (22) table_option_set ::= table_option_set COMMA table_option */
+   205,  /* (23) table_option ::= WITHOUT nm */
+   205,  /* (24) table_option ::= nm */
+   206,  /* (25) columnname ::= nm typetoken */
+   208,  /* (26) typetoken ::= */
+   208,  /* (27) typetoken ::= typename LP signed RP */
+   208,  /* (28) typetoken ::= typename LP signed COMMA signed RP */
+   209,  /* (29) typename ::= typename ID|STRING */
+   213,  /* (30) scanpt ::= */
+   214,  /* (31) scantok ::= */
+   215,  /* (32) ccons ::= CONSTRAINT nm */
+   215,  /* (33) ccons ::= DEFAULT scantok term */
+   215,  /* (34) ccons ::= DEFAULT LP expr RP */
+   215,  /* (35) ccons ::= DEFAULT PLUS scantok term */
+   215,  /* (36) ccons ::= DEFAULT MINUS scantok term */
+   215,  /* (37) ccons ::= DEFAULT scantok ID|INDEXED */
+   215,  /* (38) ccons ::= NOT NULL onconf */
+   215,  /* (39) ccons ::= PRIMARY KEY sortorder onconf autoinc */
+   215,  /* (40) ccons ::= UNIQUE onconf */
+   215,  /* (41) ccons ::= CHECK LP expr RP */
+   215,  /* (42) ccons ::= REFERENCES nm eidlist_opt refargs */
+   215,  /* (43) ccons ::= defer_subclause */
+   215,  /* (44) ccons ::= COLLATE ID|STRING */
+   224,  /* (45) generated ::= LP expr RP */
+   224,  /* (46) generated ::= LP expr RP ID */
+   220,  /* (47) autoinc ::= */
+   220,  /* (48) autoinc ::= AUTOINCR */
+   222,  /* (49) refargs ::= */
+   222,  /* (50) refargs ::= refargs refarg */
+   225,  /* (51) refarg ::= MATCH nm */
+   225,  /* (52) refarg ::= ON INSERT refact */
+   225,  /* (53) refarg ::= ON DELETE refact */
+   225,  /* (54) refarg ::= ON UPDATE refact */
+   226,  /* (55) refact ::= SET NULL */
+   226,  /* (56) refact ::= SET DEFAULT */
+   226,  /* (57) refact ::= CASCADE */
+   226,  /* (58) refact ::= RESTRICT */
+   226,  /* (59) refact ::= NO ACTION */
+   223,  /* (60) defer_subclause ::= NOT DEFERRABLE init_deferred_pred_opt */
+   223,  /* (61) defer_subclause ::= DEFERRABLE init_deferred_pred_opt */
+   227,  /* (62) init_deferred_pred_opt ::= */
+   227,  /* (63) init_deferred_pred_opt ::= INITIALLY DEFERRED */
+   227,  /* (64) init_deferred_pred_opt ::= INITIALLY IMMEDIATE */
+   202,  /* (65) conslist_opt ::= */
+   229,  /* (66) tconscomma ::= COMMA */
+   230,  /* (67) tcons ::= CONSTRAINT nm */
+   230,  /* (68) tcons ::= PRIMARY KEY LP sortlist autoinc RP onconf */
+   230,  /* (69) tcons ::= UNIQUE LP sortlist RP onconf */
+   230,  /* (70) tcons ::= CHECK LP expr RP onconf */
+   230,  /* (71) tcons ::= FOREIGN KEY LP eidlist RP REFERENCES nm eidlist_opt refargs defer_subclause_opt */
+   233,  /* (72) defer_subclause_opt ::= */
+   218,  /* (73) onconf ::= */
+   218,  /* (74) onconf ::= ON CONFLICT resolvetype */
+   234,  /* (75) orconf ::= */
+   234,  /* (76) orconf ::= OR resolvetype */
+   235,  /* (77) resolvetype ::= IGNORE */
+   235,  /* (78) resolvetype ::= REPLACE */
+   190,  /* (79) cmd ::= DROP TABLE ifexists fullname */
+   237,  /* (80) ifexists ::= IF EXISTS */
+   237,  /* (81) ifexists ::= */
+   190,  /* (82) cmd ::= createkw temp VIEW ifnotexists nm dbnm eidlist_opt AS select */
+   190,  /* (83) cmd ::= DROP VIEW ifexists fullname */
+   190,  /* (84) cmd ::= select */
+   204,  /* (85) select ::= WITH wqlist selectnowith */
+   204,  /* (86) select ::= WITH RECURSIVE wqlist selectnowith */
+   204,  /* (87) select ::= selectnowith */
+   239,  /* (88) selectnowith ::= selectnowith multiselect_op oneselect */
+   242,  /* (89) multiselect_op ::= UNION */
+   242,  /* (90) multiselect_op ::= UNION ALL */
+   242,  /* (91) multiselect_op ::= EXCEPT|INTERSECT */
+   240,  /* (92) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt */
+   240,  /* (93) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt */
+   252,  /* (94) values ::= VALUES LP nexprlist RP */
+   252,  /* (95) values ::= values COMMA LP nexprlist RP */
+   243,  /* (96) distinct ::= DISTINCT */
+   243,  /* (97) distinct ::= ALL */
+   243,  /* (98) distinct ::= */
+   254,  /* (99) sclp ::= */
+   244,  /* (100) selcollist ::= sclp scanpt expr scanpt as */
+   244,  /* (101) selcollist ::= sclp scanpt STAR */
+   244,  /* (102) selcollist ::= sclp scanpt nm DOT STAR */
+   255,  /* (103) as ::= AS nm */
+   255,  /* (104) as ::= */
+   245,  /* (105) from ::= */
+   245,  /* (106) from ::= FROM seltablist */
+   257,  /* (107) stl_prefix ::= seltablist joinop */
+   257,  /* (108) stl_prefix ::= */
+   256,  /* (109) seltablist ::= stl_prefix nm dbnm as on_using */
+   256,  /* (110) seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
+   256,  /* (111) seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
+   256,  /* (112) seltablist ::= stl_prefix LP select RP as on_using */
+   256,  /* (113) seltablist ::= stl_prefix LP seltablist RP as on_using */
+   200,  /* (114) dbnm ::= */
+   200,  /* (115) dbnm ::= DOT nm */
+   238,  /* (116) fullname ::= nm */
+   238,  /* (117) fullname ::= nm DOT nm */
+   262,  /* (118) xfullname ::= nm */
+   262,  /* (119) xfullname ::= nm DOT nm */
+   262,  /* (120) xfullname ::= nm DOT nm AS nm */
+   262,  /* (121) xfullname ::= nm AS nm */
+   258,  /* (122) joinop ::= COMMA|JOIN */
+   258,  /* (123) joinop ::= JOIN_KW JOIN */
+   258,  /* (124) joinop ::= JOIN_KW nm JOIN */
+   258,  /* (125) joinop ::= JOIN_KW nm nm JOIN */
+   259,  /* (126) on_using ::= ON expr */
+   259,  /* (127) on_using ::= USING LP idlist RP */
+   259,  /* (128) on_using ::= */
+   264,  /* (129) indexed_opt ::= */
+   260,  /* (130) indexed_by ::= INDEXED BY nm */
+   260,  /* (131) indexed_by ::= NOT INDEXED */
+   249,  /* (132) orderby_opt ::= */
+   249,  /* (133) orderby_opt ::= ORDER BY sortlist */
+   231,  /* (134) sortlist ::= sortlist COMMA expr sortorder nulls */
+   231,  /* (135) sortlist ::= expr sortorder nulls */
+   219,  /* (136) sortorder ::= ASC */
+   219,  /* (137) sortorder ::= DESC */
+   219,  /* (138) sortorder ::= */
+   265,  /* (139) nulls ::= NULLS FIRST */
+   265,  /* (140) nulls ::= NULLS LAST */
+   265,  /* (141) nulls ::= */
+   247,  /* (142) groupby_opt ::= */
+   247,  /* (143) groupby_opt ::= GROUP BY nexprlist */
+   248,  /* (144) having_opt ::= */
+   248,  /* (145) having_opt ::= HAVING expr */
+   250,  /* (146) limit_opt ::= */
+   250,  /* (147) limit_opt ::= LIMIT expr */
+   250,  /* (148) limit_opt ::= LIMIT expr OFFSET expr */
+   250,  /* (149) limit_opt ::= LIMIT expr COMMA expr */
+   190,  /* (150) cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
+   246,  /* (151) where_opt ::= */
+   246,  /* (152) where_opt ::= WHERE expr */
+   267,  /* (153) where_opt_ret ::= */
+   267,  /* (154) where_opt_ret ::= WHERE expr */
+   267,  /* (155) where_opt_ret ::= RETURNING selcollist */
+   267,  /* (156) where_opt_ret ::= WHERE expr RETURNING selcollist */
+   190,  /* (157) cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
+   268,  /* (158) setlist ::= setlist COMMA nm EQ expr */
+   268,  /* (159) setlist ::= setlist COMMA LP idlist RP EQ expr */
+   268,  /* (160) setlist ::= nm EQ expr */
+   268,  /* (161) setlist ::= LP idlist RP EQ expr */
+   190,  /* (162) cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
+   190,  /* (163) cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
+   271,  /* (164) upsert ::= */
+   271,  /* (165) upsert ::= RETURNING selcollist */
+   271,  /* (166) upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
+   271,  /* (167) upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
+   271,  /* (168) upsert ::= ON CONFLICT DO NOTHING returning */
+   271,  /* (169) upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
+   272,  /* (170) returning ::= RETURNING selcollist */
+   269,  /* (171) insert_cmd ::= INSERT orconf */
+   269,  /* (172) insert_cmd ::= REPLACE */
+   270,  /* (173) idlist_opt ::= */
+   270,  /* (174) idlist_opt ::= LP idlist RP */
+   263,  /* (175) idlist ::= idlist COMMA nm */
+   263,  /* (176) idlist ::= nm */
+   217,  /* (177) expr ::= LP expr RP */
+   217,  /* (178) expr ::= ID|INDEXED|JOIN_KW */
+   217,  /* (179) expr ::= nm DOT nm */
+   217,  /* (180) expr ::= nm DOT nm DOT nm */
+   216,  /* (181) term ::= NULL|FLOAT|BLOB */
+   216,  /* (182) term ::= STRING */
+   216,  /* (183) term ::= INTEGER */
+   217,  /* (184) expr ::= VARIABLE */
+   217,  /* (185) expr ::= expr COLLATE ID|STRING */
+   217,  /* (186) expr ::= CAST LP expr AS typetoken RP */
+   217,  /* (187) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
+   217,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
+   217,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+   217,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+   217,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
+   217,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+   216,  /* (193) term ::= CTIME_KW */
+   217,  /* (194) expr ::= LP nexprlist COMMA expr RP */
+   217,  /* (195) expr ::= expr AND expr */
+   217,  /* (196) expr ::= expr OR expr */
+   217,  /* (197) expr ::= expr LT|GT|GE|LE expr */
+   217,  /* (198) expr ::= expr EQ|NE expr */
+   217,  /* (199) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
+   217,  /* (200) expr ::= expr PLUS|MINUS expr */
+   217,  /* (201) expr ::= expr STAR|SLASH|REM expr */
+   217,  /* (202) expr ::= expr CONCAT expr */
+   274,  /* (203) likeop ::= NOT LIKE_KW|MATCH */
+   217,  /* (204) expr ::= expr likeop expr */
+   217,  /* (205) expr ::= expr likeop expr ESCAPE expr */
+   217,  /* (206) expr ::= expr ISNULL|NOTNULL */
+   217,  /* (207) expr ::= expr NOT NULL */
+   217,  /* (208) expr ::= expr IS expr */
+   217,  /* (209) expr ::= expr IS NOT expr */
+   217,  /* (210) expr ::= expr IS NOT DISTINCT FROM expr */
+   217,  /* (211) expr ::= expr IS DISTINCT FROM expr */
+   217,  /* (212) expr ::= NOT expr */
+   217,  /* (213) expr ::= BITNOT expr */
+   217,  /* (214) expr ::= PLUS|MINUS expr */
+   217,  /* (215) expr ::= expr PTR expr */
+   275,  /* (216) between_op ::= BETWEEN */
+   275,  /* (217) between_op ::= NOT BETWEEN */
+   217,  /* (218) expr ::= expr between_op expr AND expr */
+   276,  /* (219) in_op ::= IN */
+   276,  /* (220) in_op ::= NOT IN */
+   217,  /* (221) expr ::= expr in_op LP exprlist RP */
+   217,  /* (222) expr ::= LP select RP */
+   217,  /* (223) expr ::= expr in_op LP select RP */
+   217,  /* (224) expr ::= expr in_op nm dbnm paren_exprlist */
+   217,  /* (225) expr ::= EXISTS LP select RP */
+   217,  /* (226) expr ::= CASE case_operand case_exprlist case_else END */
+   279,  /* (227) case_exprlist ::= case_exprlist WHEN expr THEN expr */
+   279,  /* (228) case_exprlist ::= WHEN expr THEN expr */
+   280,  /* (229) case_else ::= ELSE expr */
+   280,  /* (230) case_else ::= */
+   278,  /* (231) case_operand ::= */
+   261,  /* (232) exprlist ::= */
+   253,  /* (233) nexprlist ::= nexprlist COMMA expr */
+   253,  /* (234) nexprlist ::= expr */
+   277,  /* (235) paren_exprlist ::= */
+   277,  /* (236) paren_exprlist ::= LP exprlist RP */
+   190,  /* (237) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+   281,  /* (238) uniqueflag ::= UNIQUE */
+   281,  /* (239) uniqueflag ::= */
+   221,  /* (240) eidlist_opt ::= */
+   221,  /* (241) eidlist_opt ::= LP eidlist RP */
+   232,  /* (242) eidlist ::= eidlist COMMA nm collate sortorder */
+   232,  /* (243) eidlist ::= nm collate sortorder */
+   282,  /* (244) collate ::= */
+   282,  /* (245) collate ::= COLLATE ID|STRING */
+   190,  /* (246) cmd ::= DROP INDEX ifexists fullname */
+   190,  /* (247) cmd ::= VACUUM vinto */
+   190,  /* (248) cmd ::= VACUUM nm vinto */
+   283,  /* (249) vinto ::= INTO expr */
+   283,  /* (250) vinto ::= */
+   190,  /* (251) cmd ::= PRAGMA nm dbnm */
+   190,  /* (252) cmd ::= PRAGMA nm dbnm EQ nmnum */
+   190,  /* (253) cmd ::= PRAGMA nm dbnm LP nmnum RP */
+   190,  /* (254) cmd ::= PRAGMA nm dbnm EQ minus_num */
+   190,  /* (255) cmd ::= PRAGMA nm dbnm LP minus_num RP */
+   211,  /* (256) plus_num ::= PLUS INTEGER|FLOAT */
+   212,  /* (257) minus_num ::= MINUS INTEGER|FLOAT */
+   190,  /* (258) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+   285,  /* (259) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+   287,  /* (260) trigger_time ::= BEFORE|AFTER */
+   287,  /* (261) trigger_time ::= INSTEAD OF */
+   287,  /* (262) trigger_time ::= */
+   288,  /* (263) trigger_event ::= DELETE|INSERT */
+   288,  /* (264) trigger_event ::= UPDATE */
+   288,  /* (265) trigger_event ::= UPDATE OF idlist */
+   290,  /* (266) when_clause ::= */
+   290,  /* (267) when_clause ::= WHEN expr */
+   286,  /* (268) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+   286,  /* (269) trigger_cmd_list ::= trigger_cmd SEMI */
+   292,  /* (270) trnm ::= nm DOT nm */
+   293,  /* (271) tridxby ::= INDEXED BY nm */
+   293,  /* (272) tridxby ::= NOT INDEXED */
+   291,  /* (273) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+   291,  /* (274) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+   291,  /* (275) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+   291,  /* (276) trigger_cmd ::= scanpt select scanpt */
+   217,  /* (277) expr ::= RAISE LP IGNORE RP */
+   217,  /* (278) expr ::= RAISE LP raisetype COMMA nm RP */
+   236,  /* (279) raisetype ::= ROLLBACK */
+   236,  /* (280) raisetype ::= ABORT */
+   236,  /* (281) raisetype ::= FAIL */
+   190,  /* (282) cmd ::= DROP TRIGGER ifexists fullname */
+   190,  /* (283) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+   190,  /* (284) cmd ::= DETACH database_kw_opt expr */
+   295,  /* (285) key_opt ::= */
+   295,  /* (286) key_opt ::= KEY expr */
+   190,  /* (287) cmd ::= REINDEX */
+   190,  /* (288) cmd ::= REINDEX nm dbnm */
+   190,  /* (289) cmd ::= ANALYZE */
+   190,  /* (290) cmd ::= ANALYZE nm dbnm */
+   190,  /* (291) cmd ::= ALTER TABLE fullname RENAME TO nm */
+   190,  /* (292) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+   190,  /* (293) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+   296,  /* (294) add_column_fullname ::= fullname */
+   190,  /* (295) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+   190,  /* (296) cmd ::= create_vtab */
+   190,  /* (297) cmd ::= create_vtab LP vtabarglist RP */
+   298,  /* (298) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+   300,  /* (299) vtabarg ::= */
+   301,  /* (300) vtabargtoken ::= ANY */
+   301,  /* (301) vtabargtoken ::= lp anylist RP */
+   302,  /* (302) lp ::= LP */
+   266,  /* (303) with ::= WITH wqlist */
+   266,  /* (304) with ::= WITH RECURSIVE wqlist */
+   305,  /* (305) wqas ::= AS */
+   305,  /* (306) wqas ::= AS MATERIALIZED */
+   305,  /* (307) wqas ::= AS NOT MATERIALIZED */
+   304,  /* (308) wqitem ::= nm eidlist_opt wqas LP select RP */
+   241,  /* (309) wqlist ::= wqitem */
+   241,  /* (310) wqlist ::= wqlist COMMA wqitem */
+   306,  /* (311) windowdefn_list ::= windowdefn_list COMMA windowdefn */
+   307,  /* (312) windowdefn ::= nm AS LP window RP */
+   308,  /* (313) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+   308,  /* (314) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+   308,  /* (315) window ::= ORDER BY sortlist frame_opt */
+   308,  /* (316) window ::= nm ORDER BY sortlist frame_opt */
+   308,  /* (317) window ::= nm frame_opt */
+   309,  /* (318) frame_opt ::= */
+   309,  /* (319) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
+   309,  /* (320) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
+   313,  /* (321) range_or_rows ::= RANGE|ROWS|GROUPS */
+   315,  /* (322) frame_bound_s ::= frame_bound */
+   315,  /* (323) frame_bound_s ::= UNBOUNDED PRECEDING */
+   316,  /* (324) frame_bound_e ::= frame_bound */
+   316,  /* (325) frame_bound_e ::= UNBOUNDED FOLLOWING */
+   314,  /* (326) frame_bound ::= expr PRECEDING|FOLLOWING */
+   314,  /* (327) frame_bound ::= CURRENT ROW */
+   317,  /* (328) frame_exclude_opt ::= */
+   317,  /* (329) frame_exclude_opt ::= EXCLUDE frame_exclude */
+   318,  /* (330) frame_exclude ::= NO OTHERS */
+   318,  /* (331) frame_exclude ::= CURRENT ROW */
+   318,  /* (332) frame_exclude ::= GROUP|TIES */
+   251,  /* (333) window_clause ::= WINDOW windowdefn_list */
+   273,  /* (334) filter_over ::= filter_clause over_clause */
+   273,  /* (335) filter_over ::= over_clause */
+   273,  /* (336) filter_over ::= filter_clause */
+   312,  /* (337) over_clause ::= OVER LP window RP */
+   312,  /* (338) over_clause ::= OVER nm */
+   311,  /* (339) filter_clause ::= FILTER LP WHERE expr RP */
+   185,  /* (340) input ::= cmdlist */
+   186,  /* (341) cmdlist ::= cmdlist ecmd */
+   186,  /* (342) cmdlist ::= ecmd */
+   187,  /* (343) ecmd ::= SEMI */
+   187,  /* (344) ecmd ::= cmdx SEMI */
+   187,  /* (345) ecmd ::= explain cmdx SEMI */
+   192,  /* (346) trans_opt ::= */
+   192,  /* (347) trans_opt ::= TRANSACTION */
+   192,  /* (348) trans_opt ::= TRANSACTION nm */
+   194,  /* (349) savepoint_opt ::= SAVEPOINT */
+   194,  /* (350) savepoint_opt ::= */
+   190,  /* (351) cmd ::= create_table create_table_args */
+   203,  /* (352) table_option_set ::= table_option */
+   201,  /* (353) columnlist ::= columnlist COMMA columnname carglist */
+   201,  /* (354) columnlist ::= columnname carglist */
+   193,  /* (355) nm ::= ID|INDEXED|JOIN_KW */
+   193,  /* (356) nm ::= STRING */
+   208,  /* (357) typetoken ::= typename */
+   209,  /* (358) typename ::= ID|STRING */
+   210,  /* (359) signed ::= plus_num */
+   210,  /* (360) signed ::= minus_num */
+   207,  /* (361) carglist ::= carglist ccons */
+   207,  /* (362) carglist ::= */
+   215,  /* (363) ccons ::= NULL onconf */
+   215,  /* (364) ccons ::= GENERATED ALWAYS AS generated */
+   215,  /* (365) ccons ::= AS generated */
+   202,  /* (366) conslist_opt ::= COMMA conslist */
+   228,  /* (367) conslist ::= conslist tconscomma tcons */
+   228,  /* (368) conslist ::= tcons */
+   229,  /* (369) tconscomma ::= */
+   233,  /* (370) defer_subclause_opt ::= defer_subclause */
+   235,  /* (371) resolvetype ::= raisetype */
+   239,  /* (372) selectnowith ::= oneselect */
+   240,  /* (373) oneselect ::= values */
+   254,  /* (374) sclp ::= selcollist COMMA */
+   255,  /* (375) as ::= ID|STRING */
+   264,  /* (376) indexed_opt ::= indexed_by */
+   272,  /* (377) returning ::= */
+   217,  /* (378) expr ::= term */
+   274,  /* (379) likeop ::= LIKE_KW|MATCH */
+   278,  /* (380) case_operand ::= expr */
+   261,  /* (381) exprlist ::= nexprlist */
+   284,  /* (382) nmnum ::= plus_num */
+   284,  /* (383) nmnum ::= nm */
+   284,  /* (384) nmnum ::= ON */
+   284,  /* (385) nmnum ::= DELETE */
+   284,  /* (386) nmnum ::= DEFAULT */
+   211,  /* (387) plus_num ::= INTEGER|FLOAT */
+   289,  /* (388) foreach_clause ::= */
+   289,  /* (389) foreach_clause ::= FOR EACH ROW */
+   292,  /* (390) trnm ::= nm */
+   293,  /* (391) tridxby ::= */
+   294,  /* (392) database_kw_opt ::= DATABASE */
+   294,  /* (393) database_kw_opt ::= */
+   297,  /* (394) kwcolumn_opt ::= */
+   297,  /* (395) kwcolumn_opt ::= COLUMNKW */
+   299,  /* (396) vtabarglist ::= vtabarg */
+   299,  /* (397) vtabarglist ::= vtabarglist COMMA vtabarg */
+   300,  /* (398) vtabarg ::= vtabarg vtabargtoken */
+   303,  /* (399) anylist ::= */
+   303,  /* (400) anylist ::= anylist LP anylist RP */
+   303,  /* (401) anylist ::= anylist ANY */
+   266,  /* (402) with ::= */
+   306,  /* (403) windowdefn_list ::= windowdefn */
+   308,  /* (404) window ::= frame_opt */
 };
 
 /* For rule J, yyRuleInfoNRhs[J] contains the negative of the number
@@ -175752,320 +174144,316 @@ static const signed char yyRuleInfoNRhs[] = {
    -9,  /* (92) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt */
   -10,  /* (93) oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt */
    -4,  /* (94) values ::= VALUES LP nexprlist RP */
-   -1,  /* (95) oneselect ::= mvalues */
-   -5,  /* (96) mvalues ::= values COMMA LP nexprlist RP */
-   -5,  /* (97) mvalues ::= mvalues COMMA LP nexprlist RP */
-   -1,  /* (98) distinct ::= DISTINCT */
-   -1,  /* (99) distinct ::= ALL */
-    0,  /* (100) distinct ::= */
-    0,  /* (101) sclp ::= */
-   -5,  /* (102) selcollist ::= sclp scanpt expr scanpt as */
-   -3,  /* (103) selcollist ::= sclp scanpt STAR */
-   -5,  /* (104) selcollist ::= sclp scanpt nm DOT STAR */
-   -2,  /* (105) as ::= AS nm */
-    0,  /* (106) as ::= */
-    0,  /* (107) from ::= */
-   -2,  /* (108) from ::= FROM seltablist */
-   -2,  /* (109) stl_prefix ::= seltablist joinop */
-    0,  /* (110) stl_prefix ::= */
-   -5,  /* (111) seltablist ::= stl_prefix nm dbnm as on_using */
-   -6,  /* (112) seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
-   -8,  /* (113) seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
-   -6,  /* (114) seltablist ::= stl_prefix LP select RP as on_using */
-   -6,  /* (115) seltablist ::= stl_prefix LP seltablist RP as on_using */
-    0,  /* (116) dbnm ::= */
-   -2,  /* (117) dbnm ::= DOT nm */
-   -1,  /* (118) fullname ::= nm */
-   -3,  /* (119) fullname ::= nm DOT nm */
-   -1,  /* (120) xfullname ::= nm */
-   -3,  /* (121) xfullname ::= nm DOT nm */
-   -5,  /* (122) xfullname ::= nm DOT nm AS nm */
-   -3,  /* (123) xfullname ::= nm AS nm */
-   -1,  /* (124) joinop ::= COMMA|JOIN */
-   -2,  /* (125) joinop ::= JOIN_KW JOIN */
-   -3,  /* (126) joinop ::= JOIN_KW nm JOIN */
-   -4,  /* (127) joinop ::= JOIN_KW nm nm JOIN */
-   -2,  /* (128) on_using ::= ON expr */
-   -4,  /* (129) on_using ::= USING LP idlist RP */
-    0,  /* (130) on_using ::= */
-    0,  /* (131) indexed_opt ::= */
-   -3,  /* (132) indexed_by ::= INDEXED BY nm */
-   -2,  /* (133) indexed_by ::= NOT INDEXED */
-    0,  /* (134) orderby_opt ::= */
-   -3,  /* (135) orderby_opt ::= ORDER BY sortlist */
-   -5,  /* (136) sortlist ::= sortlist COMMA expr sortorder nulls */
-   -3,  /* (137) sortlist ::= expr sortorder nulls */
-   -1,  /* (138) sortorder ::= ASC */
-   -1,  /* (139) sortorder ::= DESC */
-    0,  /* (140) sortorder ::= */
-   -2,  /* (141) nulls ::= NULLS FIRST */
-   -2,  /* (142) nulls ::= NULLS LAST */
-    0,  /* (143) nulls ::= */
-    0,  /* (144) groupby_opt ::= */
-   -3,  /* (145) groupby_opt ::= GROUP BY nexprlist */
-    0,  /* (146) having_opt ::= */
-   -2,  /* (147) having_opt ::= HAVING expr */
-    0,  /* (148) limit_opt ::= */
-   -2,  /* (149) limit_opt ::= LIMIT expr */
-   -4,  /* (150) limit_opt ::= LIMIT expr OFFSET expr */
-   -4,  /* (151) limit_opt ::= LIMIT expr COMMA expr */
-   -6,  /* (152) cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
-    0,  /* (153) where_opt ::= */
-   -2,  /* (154) where_opt ::= WHERE expr */
-    0,  /* (155) where_opt_ret ::= */
-   -2,  /* (156) where_opt_ret ::= WHERE expr */
-   -2,  /* (157) where_opt_ret ::= RETURNING selcollist */
-   -4,  /* (158) where_opt_ret ::= WHERE expr RETURNING selcollist */
-   -9,  /* (159) cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
-   -5,  /* (160) setlist ::= setlist COMMA nm EQ expr */
-   -7,  /* (161) setlist ::= setlist COMMA LP idlist RP EQ expr */
-   -3,  /* (162) setlist ::= nm EQ expr */
-   -5,  /* (163) setlist ::= LP idlist RP EQ expr */
-   -7,  /* (164) cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
-   -8,  /* (165) cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
-    0,  /* (166) upsert ::= */
-   -2,  /* (167) upsert ::= RETURNING selcollist */
-  -12,  /* (168) upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
-   -9,  /* (169) upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
-   -5,  /* (170) upsert ::= ON CONFLICT DO NOTHING returning */
-   -8,  /* (171) upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
-   -2,  /* (172) returning ::= RETURNING selcollist */
-   -2,  /* (173) insert_cmd ::= INSERT orconf */
-   -1,  /* (174) insert_cmd ::= REPLACE */
-    0,  /* (175) idlist_opt ::= */
-   -3,  /* (176) idlist_opt ::= LP idlist RP */
-   -3,  /* (177) idlist ::= idlist COMMA nm */
-   -1,  /* (178) idlist ::= nm */
-   -3,  /* (179) expr ::= LP expr RP */
-   -1,  /* (180) expr ::= ID|INDEXED|JOIN_KW */
-   -3,  /* (181) expr ::= nm DOT nm */
-   -5,  /* (182) expr ::= nm DOT nm DOT nm */
-   -1,  /* (183) term ::= NULL|FLOAT|BLOB */
-   -1,  /* (184) term ::= STRING */
-   -1,  /* (185) term ::= INTEGER */
-   -1,  /* (186) expr ::= VARIABLE */
-   -3,  /* (187) expr ::= expr COLLATE ID|STRING */
-   -6,  /* (188) expr ::= CAST LP expr AS typetoken RP */
-   -5,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
-   -8,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
-   -4,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
-   -6,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
-   -9,  /* (193) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
-   -5,  /* (194) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
-   -1,  /* (195) term ::= CTIME_KW */
-   -5,  /* (196) expr ::= LP nexprlist COMMA expr RP */
-   -3,  /* (197) expr ::= expr AND expr */
-   -3,  /* (198) expr ::= expr OR expr */
-   -3,  /* (199) expr ::= expr LT|GT|GE|LE expr */
-   -3,  /* (200) expr ::= expr EQ|NE expr */
-   -3,  /* (201) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
-   -3,  /* (202) expr ::= expr PLUS|MINUS expr */
-   -3,  /* (203) expr ::= expr STAR|SLASH|REM expr */
-   -3,  /* (204) expr ::= expr CONCAT expr */
-   -2,  /* (205) likeop ::= NOT LIKE_KW|MATCH */
-   -3,  /* (206) expr ::= expr likeop expr */
-   -5,  /* (207) expr ::= expr likeop expr ESCAPE expr */
-   -2,  /* (208) expr ::= expr ISNULL|NOTNULL */
-   -3,  /* (209) expr ::= expr NOT NULL */
-   -3,  /* (210) expr ::= expr IS expr */
-   -4,  /* (211) expr ::= expr IS NOT expr */
-   -6,  /* (212) expr ::= expr IS NOT DISTINCT FROM expr */
-   -5,  /* (213) expr ::= expr IS DISTINCT FROM expr */
-   -2,  /* (214) expr ::= NOT expr */
-   -2,  /* (215) expr ::= BITNOT expr */
-   -2,  /* (216) expr ::= PLUS|MINUS expr */
-   -3,  /* (217) expr ::= expr PTR expr */
-   -1,  /* (218) between_op ::= BETWEEN */
-   -2,  /* (219) between_op ::= NOT BETWEEN */
-   -5,  /* (220) expr ::= expr between_op expr AND expr */
-   -1,  /* (221) in_op ::= IN */
-   -2,  /* (222) in_op ::= NOT IN */
-   -5,  /* (223) expr ::= expr in_op LP exprlist RP */
-   -3,  /* (224) expr ::= LP select RP */
-   -5,  /* (225) expr ::= expr in_op LP select RP */
-   -5,  /* (226) expr ::= expr in_op nm dbnm paren_exprlist */
-   -4,  /* (227) expr ::= EXISTS LP select RP */
-   -5,  /* (228) expr ::= CASE case_operand case_exprlist case_else END */
-   -5,  /* (229) case_exprlist ::= case_exprlist WHEN expr THEN expr */
-   -4,  /* (230) case_exprlist ::= WHEN expr THEN expr */
-   -2,  /* (231) case_else ::= ELSE expr */
-    0,  /* (232) case_else ::= */
-    0,  /* (233) case_operand ::= */
-    0,  /* (234) exprlist ::= */
-   -3,  /* (235) nexprlist ::= nexprlist COMMA expr */
-   -1,  /* (236) nexprlist ::= expr */
-    0,  /* (237) paren_exprlist ::= */
-   -3,  /* (238) paren_exprlist ::= LP exprlist RP */
-  -12,  /* (239) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
-   -1,  /* (240) uniqueflag ::= UNIQUE */
-    0,  /* (241) uniqueflag ::= */
-    0,  /* (242) eidlist_opt ::= */
-   -3,  /* (243) eidlist_opt ::= LP eidlist RP */
-   -5,  /* (244) eidlist ::= eidlist COMMA nm collate sortorder */
-   -3,  /* (245) eidlist ::= nm collate sortorder */
-    0,  /* (246) collate ::= */
-   -2,  /* (247) collate ::= COLLATE ID|STRING */
-   -4,  /* (248) cmd ::= DROP INDEX ifexists fullname */
-   -2,  /* (249) cmd ::= VACUUM vinto */
-   -3,  /* (250) cmd ::= VACUUM nm vinto */
-   -2,  /* (251) vinto ::= INTO expr */
-    0,  /* (252) vinto ::= */
-   -3,  /* (253) cmd ::= PRAGMA nm dbnm */
-   -5,  /* (254) cmd ::= PRAGMA nm dbnm EQ nmnum */
-   -6,  /* (255) cmd ::= PRAGMA nm dbnm LP nmnum RP */
-   -5,  /* (256) cmd ::= PRAGMA nm dbnm EQ minus_num */
-   -6,  /* (257) cmd ::= PRAGMA nm dbnm LP minus_num RP */
-   -2,  /* (258) plus_num ::= PLUS INTEGER|FLOAT */
-   -2,  /* (259) minus_num ::= MINUS INTEGER|FLOAT */
-   -5,  /* (260) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
-  -11,  /* (261) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
-   -1,  /* (262) trigger_time ::= BEFORE|AFTER */
-   -2,  /* (263) trigger_time ::= INSTEAD OF */
-    0,  /* (264) trigger_time ::= */
-   -1,  /* (265) trigger_event ::= DELETE|INSERT */
-   -1,  /* (266) trigger_event ::= UPDATE */
-   -3,  /* (267) trigger_event ::= UPDATE OF idlist */
-    0,  /* (268) when_clause ::= */
-   -2,  /* (269) when_clause ::= WHEN expr */
-   -3,  /* (270) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
-   -2,  /* (271) trigger_cmd_list ::= trigger_cmd SEMI */
-   -3,  /* (272) trnm ::= nm DOT nm */
-   -3,  /* (273) tridxby ::= INDEXED BY nm */
-   -2,  /* (274) tridxby ::= NOT INDEXED */
-   -9,  /* (275) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-   -8,  /* (276) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
-   -6,  /* (277) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-   -3,  /* (278) trigger_cmd ::= scanpt select scanpt */
-   -4,  /* (279) expr ::= RAISE LP IGNORE RP */
-   -6,  /* (280) expr ::= RAISE LP raisetype COMMA nm RP */
-   -1,  /* (281) raisetype ::= ROLLBACK */
-   -1,  /* (282) raisetype ::= ABORT */
-   -1,  /* (283) raisetype ::= FAIL */
-   -4,  /* (284) cmd ::= DROP TRIGGER ifexists fullname */
-   -6,  /* (285) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
-   -3,  /* (286) cmd ::= DETACH database_kw_opt expr */
-    0,  /* (287) key_opt ::= */
-   -2,  /* (288) key_opt ::= KEY expr */
-   -1,  /* (289) cmd ::= REINDEX */
-   -3,  /* (290) cmd ::= REINDEX nm dbnm */
-   -1,  /* (291) cmd ::= ANALYZE */
-   -3,  /* (292) cmd ::= ANALYZE nm dbnm */
-   -6,  /* (293) cmd ::= ALTER TABLE fullname RENAME TO nm */
-   -7,  /* (294) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
-   -6,  /* (295) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
-   -1,  /* (296) add_column_fullname ::= fullname */
-   -8,  /* (297) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
-   -1,  /* (298) cmd ::= create_vtab */
-   -4,  /* (299) cmd ::= create_vtab LP vtabarglist RP */
-   -8,  /* (300) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
-    0,  /* (301) vtabarg ::= */
-   -1,  /* (302) vtabargtoken ::= ANY */
-   -3,  /* (303) vtabargtoken ::= lp anylist RP */
-   -1,  /* (304) lp ::= LP */
-   -2,  /* (305) with ::= WITH wqlist */
-   -3,  /* (306) with ::= WITH RECURSIVE wqlist */
-   -1,  /* (307) wqas ::= AS */
-   -2,  /* (308) wqas ::= AS MATERIALIZED */
-   -3,  /* (309) wqas ::= AS NOT MATERIALIZED */
-   -6,  /* (310) wqitem ::= withnm eidlist_opt wqas LP select RP */
-   -1,  /* (311) withnm ::= nm */
-   -1,  /* (312) wqlist ::= wqitem */
-   -3,  /* (313) wqlist ::= wqlist COMMA wqitem */
-   -3,  /* (314) windowdefn_list ::= windowdefn_list COMMA windowdefn */
-   -5,  /* (315) windowdefn ::= nm AS LP window RP */
-   -5,  /* (316) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
-   -6,  /* (317) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
-   -4,  /* (318) window ::= ORDER BY sortlist frame_opt */
-   -5,  /* (319) window ::= nm ORDER BY sortlist frame_opt */
-   -2,  /* (320) window ::= nm frame_opt */
-    0,  /* (321) frame_opt ::= */
-   -3,  /* (322) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
-   -6,  /* (323) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
-   -1,  /* (324) range_or_rows ::= RANGE|ROWS|GROUPS */
-   -1,  /* (325) frame_bound_s ::= frame_bound */
-   -2,  /* (326) frame_bound_s ::= UNBOUNDED PRECEDING */
-   -1,  /* (327) frame_bound_e ::= frame_bound */
-   -2,  /* (328) frame_bound_e ::= UNBOUNDED FOLLOWING */
-   -2,  /* (329) frame_bound ::= expr PRECEDING|FOLLOWING */
-   -2,  /* (330) frame_bound ::= CURRENT ROW */
-    0,  /* (331) frame_exclude_opt ::= */
-   -2,  /* (332) frame_exclude_opt ::= EXCLUDE frame_exclude */
-   -2,  /* (333) frame_exclude ::= NO OTHERS */
-   -2,  /* (334) frame_exclude ::= CURRENT ROW */
-   -1,  /* (335) frame_exclude ::= GROUP|TIES */
-   -2,  /* (336) window_clause ::= WINDOW windowdefn_list */
-   -2,  /* (337) filter_over ::= filter_clause over_clause */
-   -1,  /* (338) filter_over ::= over_clause */
-   -1,  /* (339) filter_over ::= filter_clause */
-   -4,  /* (340) over_clause ::= OVER LP window RP */
-   -2,  /* (341) over_clause ::= OVER nm */
-   -5,  /* (342) filter_clause ::= FILTER LP WHERE expr RP */
-   -1,  /* (343) term ::= QNUMBER */
-   -1,  /* (344) input ::= cmdlist */
-   -2,  /* (345) cmdlist ::= cmdlist ecmd */
-   -1,  /* (346) cmdlist ::= ecmd */
-   -1,  /* (347) ecmd ::= SEMI */
-   -2,  /* (348) ecmd ::= cmdx SEMI */
-   -3,  /* (349) ecmd ::= explain cmdx SEMI */
-    0,  /* (350) trans_opt ::= */
-   -1,  /* (351) trans_opt ::= TRANSACTION */
-   -2,  /* (352) trans_opt ::= TRANSACTION nm */
-   -1,  /* (353) savepoint_opt ::= SAVEPOINT */
-    0,  /* (354) savepoint_opt ::= */
-   -2,  /* (355) cmd ::= create_table create_table_args */
-   -1,  /* (356) table_option_set ::= table_option */
-   -4,  /* (357) columnlist ::= columnlist COMMA columnname carglist */
-   -2,  /* (358) columnlist ::= columnname carglist */
-   -1,  /* (359) nm ::= ID|INDEXED|JOIN_KW */
-   -1,  /* (360) nm ::= STRING */
-   -1,  /* (361) typetoken ::= typename */
-   -1,  /* (362) typename ::= ID|STRING */
-   -1,  /* (363) signed ::= plus_num */
-   -1,  /* (364) signed ::= minus_num */
-   -2,  /* (365) carglist ::= carglist ccons */
-    0,  /* (366) carglist ::= */
-   -2,  /* (367) ccons ::= NULL onconf */
-   -4,  /* (368) ccons ::= GENERATED ALWAYS AS generated */
-   -2,  /* (369) ccons ::= AS generated */
-   -2,  /* (370) conslist_opt ::= COMMA conslist */
-   -3,  /* (371) conslist ::= conslist tconscomma tcons */
-   -1,  /* (372) conslist ::= tcons */
-    0,  /* (373) tconscomma ::= */
-   -1,  /* (374) defer_subclause_opt ::= defer_subclause */
-   -1,  /* (375) resolvetype ::= raisetype */
-   -1,  /* (376) selectnowith ::= oneselect */
-   -1,  /* (377) oneselect ::= values */
-   -2,  /* (378) sclp ::= selcollist COMMA */
-   -1,  /* (379) as ::= ID|STRING */
-   -1,  /* (380) indexed_opt ::= indexed_by */
-    0,  /* (381) returning ::= */
-   -1,  /* (382) expr ::= term */
-   -1,  /* (383) likeop ::= LIKE_KW|MATCH */
-   -1,  /* (384) case_operand ::= expr */
-   -1,  /* (385) exprlist ::= nexprlist */
-   -1,  /* (386) nmnum ::= plus_num */
-   -1,  /* (387) nmnum ::= nm */
-   -1,  /* (388) nmnum ::= ON */
-   -1,  /* (389) nmnum ::= DELETE */
-   -1,  /* (390) nmnum ::= DEFAULT */
-   -1,  /* (391) plus_num ::= INTEGER|FLOAT */
-    0,  /* (392) foreach_clause ::= */
-   -3,  /* (393) foreach_clause ::= FOR EACH ROW */
-   -1,  /* (394) trnm ::= nm */
-    0,  /* (395) tridxby ::= */
-   -1,  /* (396) database_kw_opt ::= DATABASE */
-    0,  /* (397) database_kw_opt ::= */
-    0,  /* (398) kwcolumn_opt ::= */
-   -1,  /* (399) kwcolumn_opt ::= COLUMNKW */
-   -1,  /* (400) vtabarglist ::= vtabarg */
-   -3,  /* (401) vtabarglist ::= vtabarglist COMMA vtabarg */
-   -2,  /* (402) vtabarg ::= vtabarg vtabargtoken */
-    0,  /* (403) anylist ::= */
-   -4,  /* (404) anylist ::= anylist LP anylist RP */
-   -2,  /* (405) anylist ::= anylist ANY */
-    0,  /* (406) with ::= */
-   -1,  /* (407) windowdefn_list ::= windowdefn */
-   -1,  /* (408) window ::= frame_opt */
+   -5,  /* (95) values ::= values COMMA LP nexprlist RP */
+   -1,  /* (96) distinct ::= DISTINCT */
+   -1,  /* (97) distinct ::= ALL */
+    0,  /* (98) distinct ::= */
+    0,  /* (99) sclp ::= */
+   -5,  /* (100) selcollist ::= sclp scanpt expr scanpt as */
+   -3,  /* (101) selcollist ::= sclp scanpt STAR */
+   -5,  /* (102) selcollist ::= sclp scanpt nm DOT STAR */
+   -2,  /* (103) as ::= AS nm */
+    0,  /* (104) as ::= */
+    0,  /* (105) from ::= */
+   -2,  /* (106) from ::= FROM seltablist */
+   -2,  /* (107) stl_prefix ::= seltablist joinop */
+    0,  /* (108) stl_prefix ::= */
+   -5,  /* (109) seltablist ::= stl_prefix nm dbnm as on_using */
+   -6,  /* (110) seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
+   -8,  /* (111) seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
+   -6,  /* (112) seltablist ::= stl_prefix LP select RP as on_using */
+   -6,  /* (113) seltablist ::= stl_prefix LP seltablist RP as on_using */
+    0,  /* (114) dbnm ::= */
+   -2,  /* (115) dbnm ::= DOT nm */
+   -1,  /* (116) fullname ::= nm */
+   -3,  /* (117) fullname ::= nm DOT nm */
+   -1,  /* (118) xfullname ::= nm */
+   -3,  /* (119) xfullname ::= nm DOT nm */
+   -5,  /* (120) xfullname ::= nm DOT nm AS nm */
+   -3,  /* (121) xfullname ::= nm AS nm */
+   -1,  /* (122) joinop ::= COMMA|JOIN */
+   -2,  /* (123) joinop ::= JOIN_KW JOIN */
+   -3,  /* (124) joinop ::= JOIN_KW nm JOIN */
+   -4,  /* (125) joinop ::= JOIN_KW nm nm JOIN */
+   -2,  /* (126) on_using ::= ON expr */
+   -4,  /* (127) on_using ::= USING LP idlist RP */
+    0,  /* (128) on_using ::= */
+    0,  /* (129) indexed_opt ::= */
+   -3,  /* (130) indexed_by ::= INDEXED BY nm */
+   -2,  /* (131) indexed_by ::= NOT INDEXED */
+    0,  /* (132) orderby_opt ::= */
+   -3,  /* (133) orderby_opt ::= ORDER BY sortlist */
+   -5,  /* (134) sortlist ::= sortlist COMMA expr sortorder nulls */
+   -3,  /* (135) sortlist ::= expr sortorder nulls */
+   -1,  /* (136) sortorder ::= ASC */
+   -1,  /* (137) sortorder ::= DESC */
+    0,  /* (138) sortorder ::= */
+   -2,  /* (139) nulls ::= NULLS FIRST */
+   -2,  /* (140) nulls ::= NULLS LAST */
+    0,  /* (141) nulls ::= */
+    0,  /* (142) groupby_opt ::= */
+   -3,  /* (143) groupby_opt ::= GROUP BY nexprlist */
+    0,  /* (144) having_opt ::= */
+   -2,  /* (145) having_opt ::= HAVING expr */
+    0,  /* (146) limit_opt ::= */
+   -2,  /* (147) limit_opt ::= LIMIT expr */
+   -4,  /* (148) limit_opt ::= LIMIT expr OFFSET expr */
+   -4,  /* (149) limit_opt ::= LIMIT expr COMMA expr */
+   -6,  /* (150) cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
+    0,  /* (151) where_opt ::= */
+   -2,  /* (152) where_opt ::= WHERE expr */
+    0,  /* (153) where_opt_ret ::= */
+   -2,  /* (154) where_opt_ret ::= WHERE expr */
+   -2,  /* (155) where_opt_ret ::= RETURNING selcollist */
+   -4,  /* (156) where_opt_ret ::= WHERE expr RETURNING selcollist */
+   -9,  /* (157) cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
+   -5,  /* (158) setlist ::= setlist COMMA nm EQ expr */
+   -7,  /* (159) setlist ::= setlist COMMA LP idlist RP EQ expr */
+   -3,  /* (160) setlist ::= nm EQ expr */
+   -5,  /* (161) setlist ::= LP idlist RP EQ expr */
+   -7,  /* (162) cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
+   -8,  /* (163) cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
+    0,  /* (164) upsert ::= */
+   -2,  /* (165) upsert ::= RETURNING selcollist */
+  -12,  /* (166) upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
+   -9,  /* (167) upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
+   -5,  /* (168) upsert ::= ON CONFLICT DO NOTHING returning */
+   -8,  /* (169) upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
+   -2,  /* (170) returning ::= RETURNING selcollist */
+   -2,  /* (171) insert_cmd ::= INSERT orconf */
+   -1,  /* (172) insert_cmd ::= REPLACE */
+    0,  /* (173) idlist_opt ::= */
+   -3,  /* (174) idlist_opt ::= LP idlist RP */
+   -3,  /* (175) idlist ::= idlist COMMA nm */
+   -1,  /* (176) idlist ::= nm */
+   -3,  /* (177) expr ::= LP expr RP */
+   -1,  /* (178) expr ::= ID|INDEXED|JOIN_KW */
+   -3,  /* (179) expr ::= nm DOT nm */
+   -5,  /* (180) expr ::= nm DOT nm DOT nm */
+   -1,  /* (181) term ::= NULL|FLOAT|BLOB */
+   -1,  /* (182) term ::= STRING */
+   -1,  /* (183) term ::= INTEGER */
+   -1,  /* (184) expr ::= VARIABLE */
+   -3,  /* (185) expr ::= expr COLLATE ID|STRING */
+   -6,  /* (186) expr ::= CAST LP expr AS typetoken RP */
+   -5,  /* (187) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
+   -8,  /* (188) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
+   -4,  /* (189) expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+   -6,  /* (190) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+   -9,  /* (191) expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
+   -5,  /* (192) expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+   -1,  /* (193) term ::= CTIME_KW */
+   -5,  /* (194) expr ::= LP nexprlist COMMA expr RP */
+   -3,  /* (195) expr ::= expr AND expr */
+   -3,  /* (196) expr ::= expr OR expr */
+   -3,  /* (197) expr ::= expr LT|GT|GE|LE expr */
+   -3,  /* (198) expr ::= expr EQ|NE expr */
+   -3,  /* (199) expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */
+   -3,  /* (200) expr ::= expr PLUS|MINUS expr */
+   -3,  /* (201) expr ::= expr STAR|SLASH|REM expr */
+   -3,  /* (202) expr ::= expr CONCAT expr */
+   -2,  /* (203) likeop ::= NOT LIKE_KW|MATCH */
+   -3,  /* (204) expr ::= expr likeop expr */
+   -5,  /* (205) expr ::= expr likeop expr ESCAPE expr */
+   -2,  /* (206) expr ::= expr ISNULL|NOTNULL */
+   -3,  /* (207) expr ::= expr NOT NULL */
+   -3,  /* (208) expr ::= expr IS expr */
+   -4,  /* (209) expr ::= expr IS NOT expr */
+   -6,  /* (210) expr ::= expr IS NOT DISTINCT FROM expr */
+   -5,  /* (211) expr ::= expr IS DISTINCT FROM expr */
+   -2,  /* (212) expr ::= NOT expr */
+   -2,  /* (213) expr ::= BITNOT expr */
+   -2,  /* (214) expr ::= PLUS|MINUS expr */
+   -3,  /* (215) expr ::= expr PTR expr */
+   -1,  /* (216) between_op ::= BETWEEN */
+   -2,  /* (217) between_op ::= NOT BETWEEN */
+   -5,  /* (218) expr ::= expr between_op expr AND expr */
+   -1,  /* (219) in_op ::= IN */
+   -2,  /* (220) in_op ::= NOT IN */
+   -5,  /* (221) expr ::= expr in_op LP exprlist RP */
+   -3,  /* (222) expr ::= LP select RP */
+   -5,  /* (223) expr ::= expr in_op LP select RP */
+   -5,  /* (224) expr ::= expr in_op nm dbnm paren_exprlist */
+   -4,  /* (225) expr ::= EXISTS LP select RP */
+   -5,  /* (226) expr ::= CASE case_operand case_exprlist case_else END */
+   -5,  /* (227) case_exprlist ::= case_exprlist WHEN expr THEN expr */
+   -4,  /* (228) case_exprlist ::= WHEN expr THEN expr */
+   -2,  /* (229) case_else ::= ELSE expr */
+    0,  /* (230) case_else ::= */
+    0,  /* (231) case_operand ::= */
+    0,  /* (232) exprlist ::= */
+   -3,  /* (233) nexprlist ::= nexprlist COMMA expr */
+   -1,  /* (234) nexprlist ::= expr */
+    0,  /* (235) paren_exprlist ::= */
+   -3,  /* (236) paren_exprlist ::= LP exprlist RP */
+  -12,  /* (237) cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+   -1,  /* (238) uniqueflag ::= UNIQUE */
+    0,  /* (239) uniqueflag ::= */
+    0,  /* (240) eidlist_opt ::= */
+   -3,  /* (241) eidlist_opt ::= LP eidlist RP */
+   -5,  /* (242) eidlist ::= eidlist COMMA nm collate sortorder */
+   -3,  /* (243) eidlist ::= nm collate sortorder */
+    0,  /* (244) collate ::= */
+   -2,  /* (245) collate ::= COLLATE ID|STRING */
+   -4,  /* (246) cmd ::= DROP INDEX ifexists fullname */
+   -2,  /* (247) cmd ::= VACUUM vinto */
+   -3,  /* (248) cmd ::= VACUUM nm vinto */
+   -2,  /* (249) vinto ::= INTO expr */
+    0,  /* (250) vinto ::= */
+   -3,  /* (251) cmd ::= PRAGMA nm dbnm */
+   -5,  /* (252) cmd ::= PRAGMA nm dbnm EQ nmnum */
+   -6,  /* (253) cmd ::= PRAGMA nm dbnm LP nmnum RP */
+   -5,  /* (254) cmd ::= PRAGMA nm dbnm EQ minus_num */
+   -6,  /* (255) cmd ::= PRAGMA nm dbnm LP minus_num RP */
+   -2,  /* (256) plus_num ::= PLUS INTEGER|FLOAT */
+   -2,  /* (257) minus_num ::= MINUS INTEGER|FLOAT */
+   -5,  /* (258) cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+  -11,  /* (259) trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+   -1,  /* (260) trigger_time ::= BEFORE|AFTER */
+   -2,  /* (261) trigger_time ::= INSTEAD OF */
+    0,  /* (262) trigger_time ::= */
+   -1,  /* (263) trigger_event ::= DELETE|INSERT */
+   -1,  /* (264) trigger_event ::= UPDATE */
+   -3,  /* (265) trigger_event ::= UPDATE OF idlist */
+    0,  /* (266) when_clause ::= */
+   -2,  /* (267) when_clause ::= WHEN expr */
+   -3,  /* (268) trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+   -2,  /* (269) trigger_cmd_list ::= trigger_cmd SEMI */
+   -3,  /* (270) trnm ::= nm DOT nm */
+   -3,  /* (271) tridxby ::= INDEXED BY nm */
+   -2,  /* (272) tridxby ::= NOT INDEXED */
+   -9,  /* (273) trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+   -8,  /* (274) trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+   -6,  /* (275) trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+   -3,  /* (276) trigger_cmd ::= scanpt select scanpt */
+   -4,  /* (277) expr ::= RAISE LP IGNORE RP */
+   -6,  /* (278) expr ::= RAISE LP raisetype COMMA nm RP */
+   -1,  /* (279) raisetype ::= ROLLBACK */
+   -1,  /* (280) raisetype ::= ABORT */
+   -1,  /* (281) raisetype ::= FAIL */
+   -4,  /* (282) cmd ::= DROP TRIGGER ifexists fullname */
+   -6,  /* (283) cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+   -3,  /* (284) cmd ::= DETACH database_kw_opt expr */
+    0,  /* (285) key_opt ::= */
+   -2,  /* (286) key_opt ::= KEY expr */
+   -1,  /* (287) cmd ::= REINDEX */
+   -3,  /* (288) cmd ::= REINDEX nm dbnm */
+   -1,  /* (289) cmd ::= ANALYZE */
+   -3,  /* (290) cmd ::= ANALYZE nm dbnm */
+   -6,  /* (291) cmd ::= ALTER TABLE fullname RENAME TO nm */
+   -7,  /* (292) cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+   -6,  /* (293) cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+   -1,  /* (294) add_column_fullname ::= fullname */
+   -8,  /* (295) cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+   -1,  /* (296) cmd ::= create_vtab */
+   -4,  /* (297) cmd ::= create_vtab LP vtabarglist RP */
+   -8,  /* (298) create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+    0,  /* (299) vtabarg ::= */
+   -1,  /* (300) vtabargtoken ::= ANY */
+   -3,  /* (301) vtabargtoken ::= lp anylist RP */
+   -1,  /* (302) lp ::= LP */
+   -2,  /* (303) with ::= WITH wqlist */
+   -3,  /* (304) with ::= WITH RECURSIVE wqlist */
+   -1,  /* (305) wqas ::= AS */
+   -2,  /* (306) wqas ::= AS MATERIALIZED */
+   -3,  /* (307) wqas ::= AS NOT MATERIALIZED */
+   -6,  /* (308) wqitem ::= nm eidlist_opt wqas LP select RP */
+   -1,  /* (309) wqlist ::= wqitem */
+   -3,  /* (310) wqlist ::= wqlist COMMA wqitem */
+   -3,  /* (311) windowdefn_list ::= windowdefn_list COMMA windowdefn */
+   -5,  /* (312) windowdefn ::= nm AS LP window RP */
+   -5,  /* (313) window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+   -6,  /* (314) window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+   -4,  /* (315) window ::= ORDER BY sortlist frame_opt */
+   -5,  /* (316) window ::= nm ORDER BY sortlist frame_opt */
+   -2,  /* (317) window ::= nm frame_opt */
+    0,  /* (318) frame_opt ::= */
+   -3,  /* (319) frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
+   -6,  /* (320) frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
+   -1,  /* (321) range_or_rows ::= RANGE|ROWS|GROUPS */
+   -1,  /* (322) frame_bound_s ::= frame_bound */
+   -2,  /* (323) frame_bound_s ::= UNBOUNDED PRECEDING */
+   -1,  /* (324) frame_bound_e ::= frame_bound */
+   -2,  /* (325) frame_bound_e ::= UNBOUNDED FOLLOWING */
+   -2,  /* (326) frame_bound ::= expr PRECEDING|FOLLOWING */
+   -2,  /* (327) frame_bound ::= CURRENT ROW */
+    0,  /* (328) frame_exclude_opt ::= */
+   -2,  /* (329) frame_exclude_opt ::= EXCLUDE frame_exclude */
+   -2,  /* (330) frame_exclude ::= NO OTHERS */
+   -2,  /* (331) frame_exclude ::= CURRENT ROW */
+   -1,  /* (332) frame_exclude ::= GROUP|TIES */
+   -2,  /* (333) window_clause ::= WINDOW windowdefn_list */
+   -2,  /* (334) filter_over ::= filter_clause over_clause */
+   -1,  /* (335) filter_over ::= over_clause */
+   -1,  /* (336) filter_over ::= filter_clause */
+   -4,  /* (337) over_clause ::= OVER LP window RP */
+   -2,  /* (338) over_clause ::= OVER nm */
+   -5,  /* (339) filter_clause ::= FILTER LP WHERE expr RP */
+   -1,  /* (340) input ::= cmdlist */
+   -2,  /* (341) cmdlist ::= cmdlist ecmd */
+   -1,  /* (342) cmdlist ::= ecmd */
+   -1,  /* (343) ecmd ::= SEMI */
+   -2,  /* (344) ecmd ::= cmdx SEMI */
+   -3,  /* (345) ecmd ::= explain cmdx SEMI */
+    0,  /* (346) trans_opt ::= */
+   -1,  /* (347) trans_opt ::= TRANSACTION */
+   -2,  /* (348) trans_opt ::= TRANSACTION nm */
+   -1,  /* (349) savepoint_opt ::= SAVEPOINT */
+    0,  /* (350) savepoint_opt ::= */
+   -2,  /* (351) cmd ::= create_table create_table_args */
+   -1,  /* (352) table_option_set ::= table_option */
+   -4,  /* (353) columnlist ::= columnlist COMMA columnname carglist */
+   -2,  /* (354) columnlist ::= columnname carglist */
+   -1,  /* (355) nm ::= ID|INDEXED|JOIN_KW */
+   -1,  /* (356) nm ::= STRING */
+   -1,  /* (357) typetoken ::= typename */
+   -1,  /* (358) typename ::= ID|STRING */
+   -1,  /* (359) signed ::= plus_num */
+   -1,  /* (360) signed ::= minus_num */
+   -2,  /* (361) carglist ::= carglist ccons */
+    0,  /* (362) carglist ::= */
+   -2,  /* (363) ccons ::= NULL onconf */
+   -4,  /* (364) ccons ::= GENERATED ALWAYS AS generated */
+   -2,  /* (365) ccons ::= AS generated */
+   -2,  /* (366) conslist_opt ::= COMMA conslist */
+   -3,  /* (367) conslist ::= conslist tconscomma tcons */
+   -1,  /* (368) conslist ::= tcons */
+    0,  /* (369) tconscomma ::= */
+   -1,  /* (370) defer_subclause_opt ::= defer_subclause */
+   -1,  /* (371) resolvetype ::= raisetype */
+   -1,  /* (372) selectnowith ::= oneselect */
+   -1,  /* (373) oneselect ::= values */
+   -2,  /* (374) sclp ::= selcollist COMMA */
+   -1,  /* (375) as ::= ID|STRING */
+   -1,  /* (376) indexed_opt ::= indexed_by */
+    0,  /* (377) returning ::= */
+   -1,  /* (378) expr ::= term */
+   -1,  /* (379) likeop ::= LIKE_KW|MATCH */
+   -1,  /* (380) case_operand ::= expr */
+   -1,  /* (381) exprlist ::= nexprlist */
+   -1,  /* (382) nmnum ::= plus_num */
+   -1,  /* (383) nmnum ::= nm */
+   -1,  /* (384) nmnum ::= ON */
+   -1,  /* (385) nmnum ::= DELETE */
+   -1,  /* (386) nmnum ::= DEFAULT */
+   -1,  /* (387) plus_num ::= INTEGER|FLOAT */
+    0,  /* (388) foreach_clause ::= */
+   -3,  /* (389) foreach_clause ::= FOR EACH ROW */
+   -1,  /* (390) trnm ::= nm */
+    0,  /* (391) tridxby ::= */
+   -1,  /* (392) database_kw_opt ::= DATABASE */
+    0,  /* (393) database_kw_opt ::= */
+    0,  /* (394) kwcolumn_opt ::= */
+   -1,  /* (395) kwcolumn_opt ::= COLUMNKW */
+   -1,  /* (396) vtabarglist ::= vtabarg */
+   -3,  /* (397) vtabarglist ::= vtabarglist COMMA vtabarg */
+   -2,  /* (398) vtabarg ::= vtabarg vtabargtoken */
+    0,  /* (399) anylist ::= */
+   -4,  /* (400) anylist ::= anylist LP anylist RP */
+   -2,  /* (401) anylist ::= anylist ANY */
+    0,  /* (402) with ::= */
+   -1,  /* (403) windowdefn_list ::= windowdefn */
+   -1,  /* (404) window ::= frame_opt */
 };
 
 static void yy_accept(yyParser*);  /* Forward Declaration */
@@ -176117,16 +174505,16 @@ static YYACTIONTYPE yy_reduce(
 { sqlite3FinishCoding(pParse); }
         break;
       case 3: /* cmd ::= BEGIN transtype trans_opt */
-{sqlite3BeginTransaction(pParse, yymsp[-1].minor.yy144);}
+{sqlite3BeginTransaction(pParse, yymsp[-1].minor.yy394);}
         break;
       case 4: /* transtype ::= */
-{yymsp[1].minor.yy144 = TK_DEFERRED;}
+{yymsp[1].minor.yy394 = TK_DEFERRED;}
         break;
       case 5: /* transtype ::= DEFERRED */
       case 6: /* transtype ::= IMMEDIATE */ yytestcase(yyruleno==6);
       case 7: /* transtype ::= EXCLUSIVE */ yytestcase(yyruleno==7);
-      case 324: /* range_or_rows ::= RANGE|ROWS|GROUPS */ yytestcase(yyruleno==324);
-{yymsp[0].minor.yy144 = yymsp[0].major; /*A-overwrites-X*/}
+      case 321: /* range_or_rows ::= RANGE|ROWS|GROUPS */ yytestcase(yyruleno==321);
+{yymsp[0].minor.yy394 = yymsp[0].major; /*A-overwrites-X*/}
         break;
       case 8: /* cmd ::= COMMIT|END trans_opt */
       case 9: /* cmd ::= ROLLBACK trans_opt */ yytestcase(yyruleno==9);
@@ -176149,7 +174537,7 @@ static YYACTIONTYPE yy_reduce(
         break;
       case 13: /* create_table ::= createkw temp TABLE ifnotexists nm dbnm */
 {
-   sqlite3StartTable(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,yymsp[-4].minor.yy144,0,0,yymsp[-2].minor.yy144);
+   sqlite3StartTable(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,yymsp[-4].minor.yy394,0,0,yymsp[-2].minor.yy394);
 }
         break;
       case 14: /* createkw ::= CREATE */
@@ -176161,40 +174549,40 @@ static YYACTIONTYPE yy_reduce(
       case 62: /* init_deferred_pred_opt ::= */ yytestcase(yyruleno==62);
       case 72: /* defer_subclause_opt ::= */ yytestcase(yyruleno==72);
       case 81: /* ifexists ::= */ yytestcase(yyruleno==81);
-      case 100: /* distinct ::= */ yytestcase(yyruleno==100);
-      case 246: /* collate ::= */ yytestcase(yyruleno==246);
-{yymsp[1].minor.yy144 = 0;}
+      case 98: /* distinct ::= */ yytestcase(yyruleno==98);
+      case 244: /* collate ::= */ yytestcase(yyruleno==244);
+{yymsp[1].minor.yy394 = 0;}
         break;
       case 16: /* ifnotexists ::= IF NOT EXISTS */
-{yymsp[-2].minor.yy144 = 1;}
+{yymsp[-2].minor.yy394 = 1;}
         break;
       case 17: /* temp ::= TEMP */
-{yymsp[0].minor.yy144 = pParse->db->init.busy==0;}
+{yymsp[0].minor.yy394 = pParse->db->init.busy==0;}
         break;
       case 19: /* create_table_args ::= LP columnlist conslist_opt RP table_option_set */
 {
-  sqlite3EndTable(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,yymsp[0].minor.yy391,0);
+  sqlite3EndTable(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,yymsp[0].minor.yy285,0);
 }
         break;
       case 20: /* create_table_args ::= AS select */
 {
-  sqlite3EndTable(pParse,0,0,0,yymsp[0].minor.yy555);
-  sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy555);
+  sqlite3EndTable(pParse,0,0,0,yymsp[0].minor.yy47);
+  sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy47);
 }
         break;
       case 21: /* table_option_set ::= */
-{yymsp[1].minor.yy391 = 0;}
+{yymsp[1].minor.yy285 = 0;}
         break;
       case 22: /* table_option_set ::= table_option_set COMMA table_option */
-{yylhsminor.yy391 = yymsp[-2].minor.yy391|yymsp[0].minor.yy391;}
-  yymsp[-2].minor.yy391 = yylhsminor.yy391;
+{yylhsminor.yy285 = yymsp[-2].minor.yy285|yymsp[0].minor.yy285;}
+  yymsp[-2].minor.yy285 = yylhsminor.yy285;
         break;
       case 23: /* table_option ::= WITHOUT nm */
 {
   if( yymsp[0].minor.yy0.n==5 && sqlite3_strnicmp(yymsp[0].minor.yy0.z,"rowid",5)==0 ){
-    yymsp[-1].minor.yy391 = TF_WithoutRowid | TF_NoVisibleRowid;
+    yymsp[-1].minor.yy285 = TF_WithoutRowid | TF_NoVisibleRowid;
   }else{
-    yymsp[-1].minor.yy391 = 0;
+    yymsp[-1].minor.yy285 = 0;
     sqlite3ErrorMsg(pParse, "unknown table option: %.*s", yymsp[0].minor.yy0.n, yymsp[0].minor.yy0.z);
   }
 }
@@ -176202,20 +174590,20 @@ static YYACTIONTYPE yy_reduce(
       case 24: /* table_option ::= nm */
 {
   if( yymsp[0].minor.yy0.n==6 && sqlite3_strnicmp(yymsp[0].minor.yy0.z,"strict",6)==0 ){
-    yylhsminor.yy391 = TF_Strict;
+    yylhsminor.yy285 = TF_Strict;
   }else{
-    yylhsminor.yy391 = 0;
+    yylhsminor.yy285 = 0;
     sqlite3ErrorMsg(pParse, "unknown table option: %.*s", yymsp[0].minor.yy0.n, yymsp[0].minor.yy0.z);
   }
 }
-  yymsp[0].minor.yy391 = yylhsminor.yy391;
+  yymsp[0].minor.yy285 = yylhsminor.yy285;
         break;
       case 25: /* columnname ::= nm typetoken */
 {sqlite3AddColumn(pParse,yymsp[-1].minor.yy0,yymsp[0].minor.yy0);}
         break;
       case 26: /* typetoken ::= */
       case 65: /* conslist_opt ::= */ yytestcase(yyruleno==65);
-      case 106: /* as ::= */ yytestcase(yyruleno==106);
+      case 104: /* as ::= */ yytestcase(yyruleno==104);
 {yymsp[1].minor.yy0.n = 0; yymsp[1].minor.yy0.z = 0;}
         break;
       case 27: /* typetoken ::= typename LP signed RP */
@@ -176234,7 +174622,7 @@ static YYACTIONTYPE yy_reduce(
       case 30: /* scanpt ::= */
 {
   assert( yyLookahead!=YYNOCODE );
-  yymsp[1].minor.yy168 = yyLookaheadToken.z;
+  yymsp[1].minor.yy522 = yyLookaheadToken.z;
 }
         break;
       case 31: /* scantok ::= */
@@ -176248,17 +174636,17 @@ static YYACTIONTYPE yy_reduce(
 {pParse->constraintName = yymsp[0].minor.yy0;}
         break;
       case 33: /* ccons ::= DEFAULT scantok term */
-{sqlite3AddDefaultValue(pParse,yymsp[0].minor.yy454,yymsp[-1].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);}
+{sqlite3AddDefaultValue(pParse,yymsp[0].minor.yy528,yymsp[-1].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);}
         break;
       case 34: /* ccons ::= DEFAULT LP expr RP */
-{sqlite3AddDefaultValue(pParse,yymsp[-1].minor.yy454,yymsp[-2].minor.yy0.z+1,yymsp[0].minor.yy0.z);}
+{sqlite3AddDefaultValue(pParse,yymsp[-1].minor.yy528,yymsp[-2].minor.yy0.z+1,yymsp[0].minor.yy0.z);}
         break;
       case 35: /* ccons ::= DEFAULT PLUS scantok term */
-{sqlite3AddDefaultValue(pParse,yymsp[0].minor.yy454,yymsp[-2].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);}
+{sqlite3AddDefaultValue(pParse,yymsp[0].minor.yy528,yymsp[-2].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);}
         break;
       case 36: /* ccons ::= DEFAULT MINUS scantok term */
 {
-  Expr *p = sqlite3PExpr(pParse, TK_UMINUS, yymsp[0].minor.yy454, 0);
+  Expr *p = sqlite3PExpr(pParse, TK_UMINUS, yymsp[0].minor.yy528, 0);
   sqlite3AddDefaultValue(pParse,p,yymsp[-2].minor.yy0.z,&yymsp[-1].minor.yy0.z[yymsp[-1].minor.yy0.n]);
 }
         break;
@@ -176273,151 +174661,151 @@ static YYACTIONTYPE yy_reduce(
 }
         break;
       case 38: /* ccons ::= NOT NULL onconf */
-{sqlite3AddNotNull(pParse, yymsp[0].minor.yy144);}
+{sqlite3AddNotNull(pParse, yymsp[0].minor.yy394);}
         break;
       case 39: /* ccons ::= PRIMARY KEY sortorder onconf autoinc */
-{sqlite3AddPrimaryKey(pParse,0,yymsp[-1].minor.yy144,yymsp[0].minor.yy144,yymsp[-2].minor.yy144);}
+{sqlite3AddPrimaryKey(pParse,0,yymsp[-1].minor.yy394,yymsp[0].minor.yy394,yymsp[-2].minor.yy394);}
         break;
       case 40: /* ccons ::= UNIQUE onconf */
-{sqlite3CreateIndex(pParse,0,0,0,0,yymsp[0].minor.yy144,0,0,0,0,
+{sqlite3CreateIndex(pParse,0,0,0,0,yymsp[0].minor.yy394,0,0,0,0,
                                    SQLITE_IDXTYPE_UNIQUE);}
         break;
       case 41: /* ccons ::= CHECK LP expr RP */
-{sqlite3AddCheckConstraint(pParse,yymsp[-1].minor.yy454,yymsp[-2].minor.yy0.z,yymsp[0].minor.yy0.z);}
+{sqlite3AddCheckConstraint(pParse,yymsp[-1].minor.yy528,yymsp[-2].minor.yy0.z,yymsp[0].minor.yy0.z);}
         break;
       case 42: /* ccons ::= REFERENCES nm eidlist_opt refargs */
-{sqlite3CreateForeignKey(pParse,0,&yymsp[-2].minor.yy0,yymsp[-1].minor.yy14,yymsp[0].minor.yy144);}
+{sqlite3CreateForeignKey(pParse,0,&yymsp[-2].minor.yy0,yymsp[-1].minor.yy322,yymsp[0].minor.yy394);}
         break;
       case 43: /* ccons ::= defer_subclause */
-{sqlite3DeferForeignKey(pParse,yymsp[0].minor.yy144);}
+{sqlite3DeferForeignKey(pParse,yymsp[0].minor.yy394);}
         break;
       case 44: /* ccons ::= COLLATE ID|STRING */
 {sqlite3AddCollateType(pParse, &yymsp[0].minor.yy0);}
         break;
       case 45: /* generated ::= LP expr RP */
-{sqlite3AddGenerated(pParse,yymsp[-1].minor.yy454,0);}
+{sqlite3AddGenerated(pParse,yymsp[-1].minor.yy528,0);}
         break;
       case 46: /* generated ::= LP expr RP ID */
-{sqlite3AddGenerated(pParse,yymsp[-2].minor.yy454,&yymsp[0].minor.yy0);}
+{sqlite3AddGenerated(pParse,yymsp[-2].minor.yy528,&yymsp[0].minor.yy0);}
         break;
       case 48: /* autoinc ::= AUTOINCR */
-{yymsp[0].minor.yy144 = 1;}
+{yymsp[0].minor.yy394 = 1;}
         break;
       case 49: /* refargs ::= */
-{ yymsp[1].minor.yy144 = OE_None*0x0101; /* EV: R-19803-45884 */}
+{ yymsp[1].minor.yy394 = OE_None*0x0101; /* EV: R-19803-45884 */}
         break;
       case 50: /* refargs ::= refargs refarg */
-{ yymsp[-1].minor.yy144 = (yymsp[-1].minor.yy144 & ~yymsp[0].minor.yy383.mask) | yymsp[0].minor.yy383.value; }
+{ yymsp[-1].minor.yy394 = (yymsp[-1].minor.yy394 & ~yymsp[0].minor.yy231.mask) | yymsp[0].minor.yy231.value; }
         break;
       case 51: /* refarg ::= MATCH nm */
-{ yymsp[-1].minor.yy383.value = 0;     yymsp[-1].minor.yy383.mask = 0x000000; }
+{ yymsp[-1].minor.yy231.value = 0;     yymsp[-1].minor.yy231.mask = 0x000000; }
         break;
       case 52: /* refarg ::= ON INSERT refact */
-{ yymsp[-2].minor.yy383.value = 0;     yymsp[-2].minor.yy383.mask = 0x000000; }
+{ yymsp[-2].minor.yy231.value = 0;     yymsp[-2].minor.yy231.mask = 0x000000; }
         break;
       case 53: /* refarg ::= ON DELETE refact */
-{ yymsp[-2].minor.yy383.value = yymsp[0].minor.yy144;     yymsp[-2].minor.yy383.mask = 0x0000ff; }
+{ yymsp[-2].minor.yy231.value = yymsp[0].minor.yy394;     yymsp[-2].minor.yy231.mask = 0x0000ff; }
         break;
       case 54: /* refarg ::= ON UPDATE refact */
-{ yymsp[-2].minor.yy383.value = yymsp[0].minor.yy144<<8;  yymsp[-2].minor.yy383.mask = 0x00ff00; }
+{ yymsp[-2].minor.yy231.value = yymsp[0].minor.yy394<<8;  yymsp[-2].minor.yy231.mask = 0x00ff00; }
         break;
       case 55: /* refact ::= SET NULL */
-{ yymsp[-1].minor.yy144 = OE_SetNull;  /* EV: R-33326-45252 */}
+{ yymsp[-1].minor.yy394 = OE_SetNull;  /* EV: R-33326-45252 */}
         break;
       case 56: /* refact ::= SET DEFAULT */
-{ yymsp[-1].minor.yy144 = OE_SetDflt;  /* EV: R-33326-45252 */}
+{ yymsp[-1].minor.yy394 = OE_SetDflt;  /* EV: R-33326-45252 */}
         break;
       case 57: /* refact ::= CASCADE */
-{ yymsp[0].minor.yy144 = OE_Cascade;  /* EV: R-33326-45252 */}
+{ yymsp[0].minor.yy394 = OE_Cascade;  /* EV: R-33326-45252 */}
         break;
       case 58: /* refact ::= RESTRICT */
-{ yymsp[0].minor.yy144 = OE_Restrict; /* EV: R-33326-45252 */}
+{ yymsp[0].minor.yy394 = OE_Restrict; /* EV: R-33326-45252 */}
         break;
       case 59: /* refact ::= NO ACTION */
-{ yymsp[-1].minor.yy144 = OE_None;     /* EV: R-33326-45252 */}
+{ yymsp[-1].minor.yy394 = OE_None;     /* EV: R-33326-45252 */}
         break;
       case 60: /* defer_subclause ::= NOT DEFERRABLE init_deferred_pred_opt */
-{yymsp[-2].minor.yy144 = 0;}
+{yymsp[-2].minor.yy394 = 0;}
         break;
       case 61: /* defer_subclause ::= DEFERRABLE init_deferred_pred_opt */
       case 76: /* orconf ::= OR resolvetype */ yytestcase(yyruleno==76);
-      case 173: /* insert_cmd ::= INSERT orconf */ yytestcase(yyruleno==173);
-{yymsp[-1].minor.yy144 = yymsp[0].minor.yy144;}
+      case 171: /* insert_cmd ::= INSERT orconf */ yytestcase(yyruleno==171);
+{yymsp[-1].minor.yy394 = yymsp[0].minor.yy394;}
         break;
       case 63: /* init_deferred_pred_opt ::= INITIALLY DEFERRED */
       case 80: /* ifexists ::= IF EXISTS */ yytestcase(yyruleno==80);
-      case 219: /* between_op ::= NOT BETWEEN */ yytestcase(yyruleno==219);
-      case 222: /* in_op ::= NOT IN */ yytestcase(yyruleno==222);
-      case 247: /* collate ::= COLLATE ID|STRING */ yytestcase(yyruleno==247);
-{yymsp[-1].minor.yy144 = 1;}
+      case 217: /* between_op ::= NOT BETWEEN */ yytestcase(yyruleno==217);
+      case 220: /* in_op ::= NOT IN */ yytestcase(yyruleno==220);
+      case 245: /* collate ::= COLLATE ID|STRING */ yytestcase(yyruleno==245);
+{yymsp[-1].minor.yy394 = 1;}
         break;
       case 64: /* init_deferred_pred_opt ::= INITIALLY IMMEDIATE */
-{yymsp[-1].minor.yy144 = 0;}
+{yymsp[-1].minor.yy394 = 0;}
         break;
       case 66: /* tconscomma ::= COMMA */
 {pParse->constraintName.n = 0;}
         break;
       case 68: /* tcons ::= PRIMARY KEY LP sortlist autoinc RP onconf */
-{sqlite3AddPrimaryKey(pParse,yymsp[-3].minor.yy14,yymsp[0].minor.yy144,yymsp[-2].minor.yy144,0);}
+{sqlite3AddPrimaryKey(pParse,yymsp[-3].minor.yy322,yymsp[0].minor.yy394,yymsp[-2].minor.yy394,0);}
         break;
       case 69: /* tcons ::= UNIQUE LP sortlist RP onconf */
-{sqlite3CreateIndex(pParse,0,0,0,yymsp[-2].minor.yy14,yymsp[0].minor.yy144,0,0,0,0,
+{sqlite3CreateIndex(pParse,0,0,0,yymsp[-2].minor.yy322,yymsp[0].minor.yy394,0,0,0,0,
                                        SQLITE_IDXTYPE_UNIQUE);}
         break;
       case 70: /* tcons ::= CHECK LP expr RP onconf */
-{sqlite3AddCheckConstraint(pParse,yymsp[-2].minor.yy454,yymsp[-3].minor.yy0.z,yymsp[-1].minor.yy0.z);}
+{sqlite3AddCheckConstraint(pParse,yymsp[-2].minor.yy528,yymsp[-3].minor.yy0.z,yymsp[-1].minor.yy0.z);}
         break;
       case 71: /* tcons ::= FOREIGN KEY LP eidlist RP REFERENCES nm eidlist_opt refargs defer_subclause_opt */
 {
-    sqlite3CreateForeignKey(pParse, yymsp[-6].minor.yy14, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy14, yymsp[-1].minor.yy144);
-    sqlite3DeferForeignKey(pParse, yymsp[0].minor.yy144);
+    sqlite3CreateForeignKey(pParse, yymsp[-6].minor.yy322, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy322, yymsp[-1].minor.yy394);
+    sqlite3DeferForeignKey(pParse, yymsp[0].minor.yy394);
 }
         break;
       case 73: /* onconf ::= */
       case 75: /* orconf ::= */ yytestcase(yyruleno==75);
-{yymsp[1].minor.yy144 = OE_Default;}
+{yymsp[1].minor.yy394 = OE_Default;}
         break;
       case 74: /* onconf ::= ON CONFLICT resolvetype */
-{yymsp[-2].minor.yy144 = yymsp[0].minor.yy144;}
+{yymsp[-2].minor.yy394 = yymsp[0].minor.yy394;}
         break;
       case 77: /* resolvetype ::= IGNORE */
-{yymsp[0].minor.yy144 = OE_Ignore;}
+{yymsp[0].minor.yy394 = OE_Ignore;}
         break;
       case 78: /* resolvetype ::= REPLACE */
-      case 174: /* insert_cmd ::= REPLACE */ yytestcase(yyruleno==174);
-{yymsp[0].minor.yy144 = OE_Replace;}
+      case 172: /* insert_cmd ::= REPLACE */ yytestcase(yyruleno==172);
+{yymsp[0].minor.yy394 = OE_Replace;}
         break;
       case 79: /* cmd ::= DROP TABLE ifexists fullname */
 {
-  sqlite3DropTable(pParse, yymsp[0].minor.yy203, 0, yymsp[-1].minor.yy144);
+  sqlite3DropTable(pParse, yymsp[0].minor.yy131, 0, yymsp[-1].minor.yy394);
 }
         break;
       case 82: /* cmd ::= createkw temp VIEW ifnotexists nm dbnm eidlist_opt AS select */
 {
-  sqlite3CreateView(pParse, &yymsp[-8].minor.yy0, &yymsp[-4].minor.yy0, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy14, yymsp[0].minor.yy555, yymsp[-7].minor.yy144, yymsp[-5].minor.yy144);
+  sqlite3CreateView(pParse, &yymsp[-8].minor.yy0, &yymsp[-4].minor.yy0, &yymsp[-3].minor.yy0, yymsp[-2].minor.yy322, yymsp[0].minor.yy47, yymsp[-7].minor.yy394, yymsp[-5].minor.yy394);
 }
         break;
       case 83: /* cmd ::= DROP VIEW ifexists fullname */
 {
-  sqlite3DropTable(pParse, yymsp[0].minor.yy203, 1, yymsp[-1].minor.yy144);
+  sqlite3DropTable(pParse, yymsp[0].minor.yy131, 1, yymsp[-1].minor.yy394);
 }
         break;
       case 84: /* cmd ::= select */
 {
   SelectDest dest = {SRT_Output, 0, 0, 0, 0, 0, 0};
-  sqlite3Select(pParse, yymsp[0].minor.yy555, &dest);
-  sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy555);
+  sqlite3Select(pParse, yymsp[0].minor.yy47, &dest);
+  sqlite3SelectDelete(pParse->db, yymsp[0].minor.yy47);
 }
         break;
       case 85: /* select ::= WITH wqlist selectnowith */
-{yymsp[-2].minor.yy555 = attachWithToSelect(pParse,yymsp[0].minor.yy555,yymsp[-1].minor.yy59);}
+{yymsp[-2].minor.yy47 = attachWithToSelect(pParse,yymsp[0].minor.yy47,yymsp[-1].minor.yy521);}
         break;
       case 86: /* select ::= WITH RECURSIVE wqlist selectnowith */
-{yymsp[-3].minor.yy555 = attachWithToSelect(pParse,yymsp[0].minor.yy555,yymsp[-1].minor.yy59);}
+{yymsp[-3].minor.yy47 = attachWithToSelect(pParse,yymsp[0].minor.yy47,yymsp[-1].minor.yy521);}
         break;
       case 87: /* select ::= selectnowith */
 {
-  Select *p = yymsp[0].minor.yy555;
+  Select *p = yymsp[0].minor.yy47;
   if( p ){
     parserDoubleLinkSelect(pParse, p);
   }
@@ -176425,8 +174813,8 @@ static YYACTIONTYPE yy_reduce(
         break;
       case 88: /* selectnowith ::= selectnowith multiselect_op oneselect */
 {
-  Select *pRhs = yymsp[0].minor.yy555;
-  Select *pLhs = yymsp[-2].minor.yy555;
+  Select *pRhs = yymsp[0].minor.yy47;
+  Select *pLhs = yymsp[-2].minor.yy47;
   if( pRhs && pRhs->pPrior ){
     SrcList *pFrom;
     Token x;
@@ -176436,145 +174824,148 @@ static YYACTIONTYPE yy_reduce(
     pRhs = sqlite3SelectNew(pParse,0,pFrom,0,0,0,0,0,0);
   }
   if( pRhs ){
-    pRhs->op = (u8)yymsp[-1].minor.yy144;
+    pRhs->op = (u8)yymsp[-1].minor.yy394;
     pRhs->pPrior = pLhs;
     if( ALWAYS(pLhs) ) pLhs->selFlags &= ~SF_MultiValue;
     pRhs->selFlags &= ~SF_MultiValue;
-    if( yymsp[-1].minor.yy144!=TK_ALL ) pParse->hasCompound = 1;
+    if( yymsp[-1].minor.yy394!=TK_ALL ) pParse->hasCompound = 1;
   }else{
     sqlite3SelectDelete(pParse->db, pLhs);
   }
-  yymsp[-2].minor.yy555 = pRhs;
+  yymsp[-2].minor.yy47 = pRhs;
 }
         break;
       case 89: /* multiselect_op ::= UNION */
       case 91: /* multiselect_op ::= EXCEPT|INTERSECT */ yytestcase(yyruleno==91);
-{yymsp[0].minor.yy144 = yymsp[0].major; /*A-overwrites-OP*/}
+{yymsp[0].minor.yy394 = yymsp[0].major; /*A-overwrites-OP*/}
         break;
       case 90: /* multiselect_op ::= UNION ALL */
-{yymsp[-1].minor.yy144 = TK_ALL;}
+{yymsp[-1].minor.yy394 = TK_ALL;}
         break;
       case 92: /* oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt orderby_opt limit_opt */
 {
-  yymsp[-8].minor.yy555 = sqlite3SelectNew(pParse,yymsp[-6].minor.yy14,yymsp[-5].minor.yy203,yymsp[-4].minor.yy454,yymsp[-3].minor.yy14,yymsp[-2].minor.yy454,yymsp[-1].minor.yy14,yymsp[-7].minor.yy144,yymsp[0].minor.yy454);
+  yymsp[-8].minor.yy47 = sqlite3SelectNew(pParse,yymsp[-6].minor.yy322,yymsp[-5].minor.yy131,yymsp[-4].minor.yy528,yymsp[-3].minor.yy322,yymsp[-2].minor.yy528,yymsp[-1].minor.yy322,yymsp[-7].minor.yy394,yymsp[0].minor.yy528);
 }
         break;
       case 93: /* oneselect ::= SELECT distinct selcollist from where_opt groupby_opt having_opt window_clause orderby_opt limit_opt */
 {
-  yymsp[-9].minor.yy555 = sqlite3SelectNew(pParse,yymsp[-7].minor.yy14,yymsp[-6].minor.yy203,yymsp[-5].minor.yy454,yymsp[-4].minor.yy14,yymsp[-3].minor.yy454,yymsp[-1].minor.yy14,yymsp[-8].minor.yy144,yymsp[0].minor.yy454);
-  if( yymsp[-9].minor.yy555 ){
-    yymsp[-9].minor.yy555->pWinDefn = yymsp[-2].minor.yy211;
+  yymsp[-9].minor.yy47 = sqlite3SelectNew(pParse,yymsp[-7].minor.yy322,yymsp[-6].minor.yy131,yymsp[-5].minor.yy528,yymsp[-4].minor.yy322,yymsp[-3].minor.yy528,yymsp[-1].minor.yy322,yymsp[-8].minor.yy394,yymsp[0].minor.yy528);
+  if( yymsp[-9].minor.yy47 ){
+    yymsp[-9].minor.yy47->pWinDefn = yymsp[-2].minor.yy41;
   }else{
-    sqlite3WindowListDelete(pParse->db, yymsp[-2].minor.yy211);
+    sqlite3WindowListDelete(pParse->db, yymsp[-2].minor.yy41);
   }
 }
         break;
       case 94: /* values ::= VALUES LP nexprlist RP */
 {
-  yymsp[-3].minor.yy555 = sqlite3SelectNew(pParse,yymsp[-1].minor.yy14,0,0,0,0,0,SF_Values,0);
+  yymsp[-3].minor.yy47 = sqlite3SelectNew(pParse,yymsp[-1].minor.yy322,0,0,0,0,0,SF_Values,0);
 }
         break;
-      case 95: /* oneselect ::= mvalues */
+      case 95: /* values ::= values COMMA LP nexprlist RP */
 {
-  sqlite3MultiValuesEnd(pParse, yymsp[0].minor.yy555);
-}
-        break;
-      case 96: /* mvalues ::= values COMMA LP nexprlist RP */
-      case 97: /* mvalues ::= mvalues COMMA LP nexprlist RP */ yytestcase(yyruleno==97);
-{
-  yymsp[-4].minor.yy555 = sqlite3MultiValues(pParse, yymsp[-4].minor.yy555, yymsp[-1].minor.yy14);
+  Select *pRight, *pLeft = yymsp[-4].minor.yy47;
+  pRight = sqlite3SelectNew(pParse,yymsp[-1].minor.yy322,0,0,0,0,0,SF_Values|SF_MultiValue,0);
+  if( ALWAYS(pLeft) ) pLeft->selFlags &= ~SF_MultiValue;
+  if( pRight ){
+    pRight->op = TK_ALL;
+    pRight->pPrior = pLeft;
+    yymsp[-4].minor.yy47 = pRight;
+  }else{
+    yymsp[-4].minor.yy47 = pLeft;
+  }
 }
         break;
-      case 98: /* distinct ::= DISTINCT */
-{yymsp[0].minor.yy144 = SF_Distinct;}
+      case 96: /* distinct ::= DISTINCT */
+{yymsp[0].minor.yy394 = SF_Distinct;}
         break;
-      case 99: /* distinct ::= ALL */
-{yymsp[0].minor.yy144 = SF_All;}
+      case 97: /* distinct ::= ALL */
+{yymsp[0].minor.yy394 = SF_All;}
         break;
-      case 101: /* sclp ::= */
-      case 134: /* orderby_opt ::= */ yytestcase(yyruleno==134);
-      case 144: /* groupby_opt ::= */ yytestcase(yyruleno==144);
-      case 234: /* exprlist ::= */ yytestcase(yyruleno==234);
-      case 237: /* paren_exprlist ::= */ yytestcase(yyruleno==237);
-      case 242: /* eidlist_opt ::= */ yytestcase(yyruleno==242);
-{yymsp[1].minor.yy14 = 0;}
+      case 99: /* sclp ::= */
+      case 132: /* orderby_opt ::= */ yytestcase(yyruleno==132);
+      case 142: /* groupby_opt ::= */ yytestcase(yyruleno==142);
+      case 232: /* exprlist ::= */ yytestcase(yyruleno==232);
+      case 235: /* paren_exprlist ::= */ yytestcase(yyruleno==235);
+      case 240: /* eidlist_opt ::= */ yytestcase(yyruleno==240);
+{yymsp[1].minor.yy322 = 0;}
         break;
-      case 102: /* selcollist ::= sclp scanpt expr scanpt as */
+      case 100: /* selcollist ::= sclp scanpt expr scanpt as */
 {
-   yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse, yymsp[-4].minor.yy14, yymsp[-2].minor.yy454);
-   if( yymsp[0].minor.yy0.n>0 ) sqlite3ExprListSetName(pParse, yymsp[-4].minor.yy14, &yymsp[0].minor.yy0, 1);
-   sqlite3ExprListSetSpan(pParse,yymsp[-4].minor.yy14,yymsp[-3].minor.yy168,yymsp[-1].minor.yy168);
+   yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-4].minor.yy322, yymsp[-2].minor.yy528);
+   if( yymsp[0].minor.yy0.n>0 ) sqlite3ExprListSetName(pParse, yymsp[-4].minor.yy322, &yymsp[0].minor.yy0, 1);
+   sqlite3ExprListSetSpan(pParse,yymsp[-4].minor.yy322,yymsp[-3].minor.yy522,yymsp[-1].minor.yy522);
 }
         break;
-      case 103: /* selcollist ::= sclp scanpt STAR */
+      case 101: /* selcollist ::= sclp scanpt STAR */
 {
   Expr *p = sqlite3Expr(pParse->db, TK_ASTERISK, 0);
   sqlite3ExprSetErrorOffset(p, (int)(yymsp[0].minor.yy0.z - pParse->zTail));
-  yymsp[-2].minor.yy14 = sqlite3ExprListAppend(pParse, yymsp[-2].minor.yy14, p);
+  yymsp[-2].minor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-2].minor.yy322, p);
 }
         break;
-      case 104: /* selcollist ::= sclp scanpt nm DOT STAR */
+      case 102: /* selcollist ::= sclp scanpt nm DOT STAR */
 {
   Expr *pRight, *pLeft, *pDot;
   pRight = sqlite3PExpr(pParse, TK_ASTERISK, 0, 0);
   sqlite3ExprSetErrorOffset(pRight, (int)(yymsp[0].minor.yy0.z - pParse->zTail));
   pLeft = tokenExpr(pParse, TK_ID, yymsp[-2].minor.yy0);
   pDot = sqlite3PExpr(pParse, TK_DOT, pLeft, pRight);
-  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy14, pDot);
+  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, pDot);
 }
         break;
-      case 105: /* as ::= AS nm */
-      case 117: /* dbnm ::= DOT nm */ yytestcase(yyruleno==117);
-      case 258: /* plus_num ::= PLUS INTEGER|FLOAT */ yytestcase(yyruleno==258);
-      case 259: /* minus_num ::= MINUS INTEGER|FLOAT */ yytestcase(yyruleno==259);
+      case 103: /* as ::= AS nm */
+      case 115: /* dbnm ::= DOT nm */ yytestcase(yyruleno==115);
+      case 256: /* plus_num ::= PLUS INTEGER|FLOAT */ yytestcase(yyruleno==256);
+      case 257: /* minus_num ::= MINUS INTEGER|FLOAT */ yytestcase(yyruleno==257);
 {yymsp[-1].minor.yy0 = yymsp[0].minor.yy0;}
         break;
-      case 107: /* from ::= */
-      case 110: /* stl_prefix ::= */ yytestcase(yyruleno==110);
-{yymsp[1].minor.yy203 = 0;}
+      case 105: /* from ::= */
+      case 108: /* stl_prefix ::= */ yytestcase(yyruleno==108);
+{yymsp[1].minor.yy131 = 0;}
         break;
-      case 108: /* from ::= FROM seltablist */
+      case 106: /* from ::= FROM seltablist */
 {
-  yymsp[-1].minor.yy203 = yymsp[0].minor.yy203;
-  sqlite3SrcListShiftJoinType(pParse,yymsp[-1].minor.yy203);
+  yymsp[-1].minor.yy131 = yymsp[0].minor.yy131;
+  sqlite3SrcListShiftJoinType(pParse,yymsp[-1].minor.yy131);
 }
         break;
-      case 109: /* stl_prefix ::= seltablist joinop */
+      case 107: /* stl_prefix ::= seltablist joinop */
 {
-   if( ALWAYS(yymsp[-1].minor.yy203 && yymsp[-1].minor.yy203->nSrc>0) ) yymsp[-1].minor.yy203->a[yymsp[-1].minor.yy203->nSrc-1].fg.jointype = (u8)yymsp[0].minor.yy144;
+   if( ALWAYS(yymsp[-1].minor.yy131 && yymsp[-1].minor.yy131->nSrc>0) ) yymsp[-1].minor.yy131->a[yymsp[-1].minor.yy131->nSrc-1].fg.jointype = (u8)yymsp[0].minor.yy394;
 }
         break;
-      case 111: /* seltablist ::= stl_prefix nm dbnm as on_using */
+      case 109: /* seltablist ::= stl_prefix nm dbnm as on_using */
 {
-  yymsp[-4].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-4].minor.yy203,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy269);
+  yymsp[-4].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-4].minor.yy131,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy561);
 }
         break;
-      case 112: /* seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
+      case 110: /* seltablist ::= stl_prefix nm dbnm as indexed_by on_using */
 {
-  yymsp[-5].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy203,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,0,&yymsp[0].minor.yy269);
-  sqlite3SrcListIndexedBy(pParse, yymsp[-5].minor.yy203, &yymsp[-1].minor.yy0);
+  yymsp[-5].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy131,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,0,&yymsp[0].minor.yy561);
+  sqlite3SrcListIndexedBy(pParse, yymsp[-5].minor.yy131, &yymsp[-1].minor.yy0);
 }
         break;
-      case 113: /* seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
+      case 111: /* seltablist ::= stl_prefix nm dbnm LP exprlist RP as on_using */
 {
-  yymsp[-7].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-7].minor.yy203,&yymsp[-6].minor.yy0,&yymsp[-5].minor.yy0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy269);
-  sqlite3SrcListFuncArgs(pParse, yymsp[-7].minor.yy203, yymsp[-3].minor.yy14);
+  yymsp[-7].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-7].minor.yy131,&yymsp[-6].minor.yy0,&yymsp[-5].minor.yy0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy561);
+  sqlite3SrcListFuncArgs(pParse, yymsp[-7].minor.yy131, yymsp[-3].minor.yy322);
 }
         break;
-      case 114: /* seltablist ::= stl_prefix LP select RP as on_using */
+      case 112: /* seltablist ::= stl_prefix LP select RP as on_using */
 {
-    yymsp[-5].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy203,0,0,&yymsp[-1].minor.yy0,yymsp[-3].minor.yy555,&yymsp[0].minor.yy269);
+    yymsp[-5].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy131,0,0,&yymsp[-1].minor.yy0,yymsp[-3].minor.yy47,&yymsp[0].minor.yy561);
   }
         break;
-      case 115: /* seltablist ::= stl_prefix LP seltablist RP as on_using */
+      case 113: /* seltablist ::= stl_prefix LP seltablist RP as on_using */
 {
-    if( yymsp[-5].minor.yy203==0 && yymsp[-1].minor.yy0.n==0 && yymsp[0].minor.yy269.pOn==0 && yymsp[0].minor.yy269.pUsing==0 ){
-      yymsp[-5].minor.yy203 = yymsp[-3].minor.yy203;
-    }else if( ALWAYS(yymsp[-3].minor.yy203!=0) && yymsp[-3].minor.yy203->nSrc==1 ){
-      yymsp[-5].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy203,0,0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy269);
-      if( yymsp[-5].minor.yy203 ){
-        SrcItem *pNew = &yymsp[-5].minor.yy203->a[yymsp[-5].minor.yy203->nSrc-1];
-        SrcItem *pOld = yymsp[-3].minor.yy203->a;
+    if( yymsp[-5].minor.yy131==0 && yymsp[-1].minor.yy0.n==0 && yymsp[0].minor.yy561.pOn==0 && yymsp[0].minor.yy561.pUsing==0 ){
+      yymsp[-5].minor.yy131 = yymsp[-3].minor.yy131;
+    }else if( ALWAYS(yymsp[-3].minor.yy131!=0) && yymsp[-3].minor.yy131->nSrc==1 ){
+      yymsp[-5].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy131,0,0,&yymsp[-1].minor.yy0,0,&yymsp[0].minor.yy561);
+      if( yymsp[-5].minor.yy131 ){
+        SrcItem *pNew = &yymsp[-5].minor.yy131->a[yymsp[-5].minor.yy131->nSrc-1];
+        SrcItem *pOld = yymsp[-3].minor.yy131->a;
         pNew->zName = pOld->zName;
         pNew->zDatabase = pOld->zDatabase;
         pNew->pSelect = pOld->pSelect;
@@ -176590,153 +174981,153 @@ static YYACTIONTYPE yy_reduce(
         pOld->zName = pOld->zDatabase = 0;
         pOld->pSelect = 0;
       }
-      sqlite3SrcListDelete(pParse->db, yymsp[-3].minor.yy203);
+      sqlite3SrcListDelete(pParse->db, yymsp[-3].minor.yy131);
     }else{
       Select *pSubquery;
-      sqlite3SrcListShiftJoinType(pParse,yymsp[-3].minor.yy203);
-      pSubquery = sqlite3SelectNew(pParse,0,yymsp[-3].minor.yy203,0,0,0,0,SF_NestedFrom,0);
-      yymsp[-5].minor.yy203 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy203,0,0,&yymsp[-1].minor.yy0,pSubquery,&yymsp[0].minor.yy269);
+      sqlite3SrcListShiftJoinType(pParse,yymsp[-3].minor.yy131);
+      pSubquery = sqlite3SelectNew(pParse,0,yymsp[-3].minor.yy131,0,0,0,0,SF_NestedFrom,0);
+      yymsp[-5].minor.yy131 = sqlite3SrcListAppendFromTerm(pParse,yymsp[-5].minor.yy131,0,0,&yymsp[-1].minor.yy0,pSubquery,&yymsp[0].minor.yy561);
     }
   }
         break;
-      case 116: /* dbnm ::= */
-      case 131: /* indexed_opt ::= */ yytestcase(yyruleno==131);
+      case 114: /* dbnm ::= */
+      case 129: /* indexed_opt ::= */ yytestcase(yyruleno==129);
 {yymsp[1].minor.yy0.z=0; yymsp[1].minor.yy0.n=0;}
         break;
-      case 118: /* fullname ::= nm */
+      case 116: /* fullname ::= nm */
 {
-  yylhsminor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[0].minor.yy0,0);
-  if( IN_RENAME_OBJECT && yylhsminor.yy203 ) sqlite3RenameTokenMap(pParse, yylhsminor.yy203->a[0].zName, &yymsp[0].minor.yy0);
+  yylhsminor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[0].minor.yy0,0);
+  if( IN_RENAME_OBJECT && yylhsminor.yy131 ) sqlite3RenameTokenMap(pParse, yylhsminor.yy131->a[0].zName, &yymsp[0].minor.yy0);
 }
-  yymsp[0].minor.yy203 = yylhsminor.yy203;
+  yymsp[0].minor.yy131 = yylhsminor.yy131;
         break;
-      case 119: /* fullname ::= nm DOT nm */
+      case 117: /* fullname ::= nm DOT nm */
 {
-  yylhsminor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0);
-  if( IN_RENAME_OBJECT && yylhsminor.yy203 ) sqlite3RenameTokenMap(pParse, yylhsminor.yy203->a[0].zName, &yymsp[0].minor.yy0);
+  yylhsminor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0);
+  if( IN_RENAME_OBJECT && yylhsminor.yy131 ) sqlite3RenameTokenMap(pParse, yylhsminor.yy131->a[0].zName, &yymsp[0].minor.yy0);
 }
-  yymsp[-2].minor.yy203 = yylhsminor.yy203;
+  yymsp[-2].minor.yy131 = yylhsminor.yy131;
         break;
-      case 120: /* xfullname ::= nm */
-{yymsp[0].minor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[0].minor.yy0,0); /*A-overwrites-X*/}
+      case 118: /* xfullname ::= nm */
+{yymsp[0].minor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[0].minor.yy0,0); /*A-overwrites-X*/}
         break;
-      case 121: /* xfullname ::= nm DOT nm */
-{yymsp[-2].minor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0); /*A-overwrites-X*/}
+      case 119: /* xfullname ::= nm DOT nm */
+{yymsp[-2].minor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0); /*A-overwrites-X*/}
         break;
-      case 122: /* xfullname ::= nm DOT nm AS nm */
+      case 120: /* xfullname ::= nm DOT nm AS nm */
 {
-   yymsp[-4].minor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,&yymsp[-2].minor.yy0); /*A-overwrites-X*/
-   if( yymsp[-4].minor.yy203 ) yymsp[-4].minor.yy203->a[0].zAlias = sqlite3NameFromToken(pParse->db, &yymsp[0].minor.yy0);
+   yymsp[-4].minor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,&yymsp[-2].minor.yy0); /*A-overwrites-X*/
+   if( yymsp[-4].minor.yy131 ) yymsp[-4].minor.yy131->a[0].zAlias = sqlite3NameFromToken(pParse->db, &yymsp[0].minor.yy0);
 }
         break;
-      case 123: /* xfullname ::= nm AS nm */
+      case 121: /* xfullname ::= nm AS nm */
 {
-   yymsp[-2].minor.yy203 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,0); /*A-overwrites-X*/
-   if( yymsp[-2].minor.yy203 ) yymsp[-2].minor.yy203->a[0].zAlias = sqlite3NameFromToken(pParse->db, &yymsp[0].minor.yy0);
+   yymsp[-2].minor.yy131 = sqlite3SrcListAppend(pParse,0,&yymsp[-2].minor.yy0,0); /*A-overwrites-X*/
+   if( yymsp[-2].minor.yy131 ) yymsp[-2].minor.yy131->a[0].zAlias = sqlite3NameFromToken(pParse->db, &yymsp[0].minor.yy0);
 }
         break;
-      case 124: /* joinop ::= COMMA|JOIN */
-{ yymsp[0].minor.yy144 = JT_INNER; }
+      case 122: /* joinop ::= COMMA|JOIN */
+{ yymsp[0].minor.yy394 = JT_INNER; }
         break;
-      case 125: /* joinop ::= JOIN_KW JOIN */
-{yymsp[-1].minor.yy144 = sqlite3JoinType(pParse,&yymsp[-1].minor.yy0,0,0);  /*X-overwrites-A*/}
+      case 123: /* joinop ::= JOIN_KW JOIN */
+{yymsp[-1].minor.yy394 = sqlite3JoinType(pParse,&yymsp[-1].minor.yy0,0,0);  /*X-overwrites-A*/}
         break;
-      case 126: /* joinop ::= JOIN_KW nm JOIN */
-{yymsp[-2].minor.yy144 = sqlite3JoinType(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,0); /*X-overwrites-A*/}
+      case 124: /* joinop ::= JOIN_KW nm JOIN */
+{yymsp[-2].minor.yy394 = sqlite3JoinType(pParse,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0,0); /*X-overwrites-A*/}
         break;
-      case 127: /* joinop ::= JOIN_KW nm nm JOIN */
-{yymsp[-3].minor.yy144 = sqlite3JoinType(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0);/*X-overwrites-A*/}
+      case 125: /* joinop ::= JOIN_KW nm nm JOIN */
+{yymsp[-3].minor.yy394 = sqlite3JoinType(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0);/*X-overwrites-A*/}
         break;
-      case 128: /* on_using ::= ON expr */
-{yymsp[-1].minor.yy269.pOn = yymsp[0].minor.yy454; yymsp[-1].minor.yy269.pUsing = 0;}
+      case 126: /* on_using ::= ON expr */
+{yymsp[-1].minor.yy561.pOn = yymsp[0].minor.yy528; yymsp[-1].minor.yy561.pUsing = 0;}
         break;
-      case 129: /* on_using ::= USING LP idlist RP */
-{yymsp[-3].minor.yy269.pOn = 0; yymsp[-3].minor.yy269.pUsing = yymsp[-1].minor.yy132;}
+      case 127: /* on_using ::= USING LP idlist RP */
+{yymsp[-3].minor.yy561.pOn = 0; yymsp[-3].minor.yy561.pUsing = yymsp[-1].minor.yy254;}
         break;
-      case 130: /* on_using ::= */
-{yymsp[1].minor.yy269.pOn = 0; yymsp[1].minor.yy269.pUsing = 0;}
+      case 128: /* on_using ::= */
+{yymsp[1].minor.yy561.pOn = 0; yymsp[1].minor.yy561.pUsing = 0;}
         break;
-      case 132: /* indexed_by ::= INDEXED BY nm */
+      case 130: /* indexed_by ::= INDEXED BY nm */
 {yymsp[-2].minor.yy0 = yymsp[0].minor.yy0;}
         break;
-      case 133: /* indexed_by ::= NOT INDEXED */
+      case 131: /* indexed_by ::= NOT INDEXED */
 {yymsp[-1].minor.yy0.z=0; yymsp[-1].minor.yy0.n=1;}
         break;
-      case 135: /* orderby_opt ::= ORDER BY sortlist */
-      case 145: /* groupby_opt ::= GROUP BY nexprlist */ yytestcase(yyruleno==145);
-{yymsp[-2].minor.yy14 = yymsp[0].minor.yy14;}
+      case 133: /* orderby_opt ::= ORDER BY sortlist */
+      case 143: /* groupby_opt ::= GROUP BY nexprlist */ yytestcase(yyruleno==143);
+{yymsp[-2].minor.yy322 = yymsp[0].minor.yy322;}
         break;
-      case 136: /* sortlist ::= sortlist COMMA expr sortorder nulls */
+      case 134: /* sortlist ::= sortlist COMMA expr sortorder nulls */
 {
-  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy14,yymsp[-2].minor.yy454);
-  sqlite3ExprListSetSortOrder(yymsp[-4].minor.yy14,yymsp[-1].minor.yy144,yymsp[0].minor.yy144);
+  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322,yymsp[-2].minor.yy528);
+  sqlite3ExprListSetSortOrder(yymsp[-4].minor.yy322,yymsp[-1].minor.yy394,yymsp[0].minor.yy394);
 }
         break;
-      case 137: /* sortlist ::= expr sortorder nulls */
+      case 135: /* sortlist ::= expr sortorder nulls */
 {
-  yymsp[-2].minor.yy14 = sqlite3ExprListAppend(pParse,0,yymsp[-2].minor.yy454); /*A-overwrites-Y*/
-  sqlite3ExprListSetSortOrder(yymsp[-2].minor.yy14,yymsp[-1].minor.yy144,yymsp[0].minor.yy144);
+  yymsp[-2].minor.yy322 = sqlite3ExprListAppend(pParse,0,yymsp[-2].minor.yy528); /*A-overwrites-Y*/
+  sqlite3ExprListSetSortOrder(yymsp[-2].minor.yy322,yymsp[-1].minor.yy394,yymsp[0].minor.yy394);
 }
         break;
-      case 138: /* sortorder ::= ASC */
-{yymsp[0].minor.yy144 = SQLITE_SO_ASC;}
+      case 136: /* sortorder ::= ASC */
+{yymsp[0].minor.yy394 = SQLITE_SO_ASC;}
         break;
-      case 139: /* sortorder ::= DESC */
-{yymsp[0].minor.yy144 = SQLITE_SO_DESC;}
+      case 137: /* sortorder ::= DESC */
+{yymsp[0].minor.yy394 = SQLITE_SO_DESC;}
         break;
-      case 140: /* sortorder ::= */
-      case 143: /* nulls ::= */ yytestcase(yyruleno==143);
-{yymsp[1].minor.yy144 = SQLITE_SO_UNDEFINED;}
+      case 138: /* sortorder ::= */
+      case 141: /* nulls ::= */ yytestcase(yyruleno==141);
+{yymsp[1].minor.yy394 = SQLITE_SO_UNDEFINED;}
         break;
-      case 141: /* nulls ::= NULLS FIRST */
-{yymsp[-1].minor.yy144 = SQLITE_SO_ASC;}
+      case 139: /* nulls ::= NULLS FIRST */
+{yymsp[-1].minor.yy394 = SQLITE_SO_ASC;}
         break;
-      case 142: /* nulls ::= NULLS LAST */
-{yymsp[-1].minor.yy144 = SQLITE_SO_DESC;}
+      case 140: /* nulls ::= NULLS LAST */
+{yymsp[-1].minor.yy394 = SQLITE_SO_DESC;}
         break;
-      case 146: /* having_opt ::= */
-      case 148: /* limit_opt ::= */ yytestcase(yyruleno==148);
-      case 153: /* where_opt ::= */ yytestcase(yyruleno==153);
-      case 155: /* where_opt_ret ::= */ yytestcase(yyruleno==155);
-      case 232: /* case_else ::= */ yytestcase(yyruleno==232);
-      case 233: /* case_operand ::= */ yytestcase(yyruleno==233);
-      case 252: /* vinto ::= */ yytestcase(yyruleno==252);
-{yymsp[1].minor.yy454 = 0;}
+      case 144: /* having_opt ::= */
+      case 146: /* limit_opt ::= */ yytestcase(yyruleno==146);
+      case 151: /* where_opt ::= */ yytestcase(yyruleno==151);
+      case 153: /* where_opt_ret ::= */ yytestcase(yyruleno==153);
+      case 230: /* case_else ::= */ yytestcase(yyruleno==230);
+      case 231: /* case_operand ::= */ yytestcase(yyruleno==231);
+      case 250: /* vinto ::= */ yytestcase(yyruleno==250);
+{yymsp[1].minor.yy528 = 0;}
         break;
-      case 147: /* having_opt ::= HAVING expr */
-      case 154: /* where_opt ::= WHERE expr */ yytestcase(yyruleno==154);
-      case 156: /* where_opt_ret ::= WHERE expr */ yytestcase(yyruleno==156);
-      case 231: /* case_else ::= ELSE expr */ yytestcase(yyruleno==231);
-      case 251: /* vinto ::= INTO expr */ yytestcase(yyruleno==251);
-{yymsp[-1].minor.yy454 = yymsp[0].minor.yy454;}
+      case 145: /* having_opt ::= HAVING expr */
+      case 152: /* where_opt ::= WHERE expr */ yytestcase(yyruleno==152);
+      case 154: /* where_opt_ret ::= WHERE expr */ yytestcase(yyruleno==154);
+      case 229: /* case_else ::= ELSE expr */ yytestcase(yyruleno==229);
+      case 249: /* vinto ::= INTO expr */ yytestcase(yyruleno==249);
+{yymsp[-1].minor.yy528 = yymsp[0].minor.yy528;}
         break;
-      case 149: /* limit_opt ::= LIMIT expr */
-{yymsp[-1].minor.yy454 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[0].minor.yy454,0);}
+      case 147: /* limit_opt ::= LIMIT expr */
+{yymsp[-1].minor.yy528 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[0].minor.yy528,0);}
         break;
-      case 150: /* limit_opt ::= LIMIT expr OFFSET expr */
-{yymsp[-3].minor.yy454 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[-2].minor.yy454,yymsp[0].minor.yy454);}
+      case 148: /* limit_opt ::= LIMIT expr OFFSET expr */
+{yymsp[-3].minor.yy528 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
         break;
-      case 151: /* limit_opt ::= LIMIT expr COMMA expr */
-{yymsp[-3].minor.yy454 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[0].minor.yy454,yymsp[-2].minor.yy454);}
+      case 149: /* limit_opt ::= LIMIT expr COMMA expr */
+{yymsp[-3].minor.yy528 = sqlite3PExpr(pParse,TK_LIMIT,yymsp[0].minor.yy528,yymsp[-2].minor.yy528);}
         break;
-      case 152: /* cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
+      case 150: /* cmd ::= with DELETE FROM xfullname indexed_opt where_opt_ret */
 {
-  sqlite3SrcListIndexedBy(pParse, yymsp[-2].minor.yy203, &yymsp[-1].minor.yy0);
-  sqlite3DeleteFrom(pParse,yymsp[-2].minor.yy203,yymsp[0].minor.yy454,0,0);
+  sqlite3SrcListIndexedBy(pParse, yymsp[-2].minor.yy131, &yymsp[-1].minor.yy0);
+  sqlite3DeleteFrom(pParse,yymsp[-2].minor.yy131,yymsp[0].minor.yy528,0,0);
 }
         break;
-      case 157: /* where_opt_ret ::= RETURNING selcollist */
-{sqlite3AddReturning(pParse,yymsp[0].minor.yy14); yymsp[-1].minor.yy454 = 0;}
+      case 155: /* where_opt_ret ::= RETURNING selcollist */
+{sqlite3AddReturning(pParse,yymsp[0].minor.yy322); yymsp[-1].minor.yy528 = 0;}
         break;
-      case 158: /* where_opt_ret ::= WHERE expr RETURNING selcollist */
-{sqlite3AddReturning(pParse,yymsp[0].minor.yy14); yymsp[-3].minor.yy454 = yymsp[-2].minor.yy454;}
+      case 156: /* where_opt_ret ::= WHERE expr RETURNING selcollist */
+{sqlite3AddReturning(pParse,yymsp[0].minor.yy322); yymsp[-3].minor.yy528 = yymsp[-2].minor.yy528;}
         break;
-      case 159: /* cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
+      case 157: /* cmd ::= with UPDATE orconf xfullname indexed_opt SET setlist from where_opt_ret */
 {
-  sqlite3SrcListIndexedBy(pParse, yymsp[-5].minor.yy203, &yymsp[-4].minor.yy0);
-  sqlite3ExprListCheckLength(pParse,yymsp[-2].minor.yy14,"set list");
-  if( yymsp[-1].minor.yy203 ){
-    SrcList *pFromClause = yymsp[-1].minor.yy203;
+  sqlite3SrcListIndexedBy(pParse, yymsp[-5].minor.yy131, &yymsp[-4].minor.yy0);
+  sqlite3ExprListCheckLength(pParse,yymsp[-2].minor.yy322,"set list");
+  if( yymsp[-1].minor.yy131 ){
+    SrcList *pFromClause = yymsp[-1].minor.yy131;
     if( pFromClause->nSrc>1 ){
       Select *pSubquery;
       Token as;
@@ -176745,92 +175136,92 @@ static YYACTIONTYPE yy_reduce(
       as.z = 0;
       pFromClause = sqlite3SrcListAppendFromTerm(pParse,0,0,0,&as,pSubquery,0);
     }
-    yymsp[-5].minor.yy203 = sqlite3SrcListAppendList(pParse, yymsp[-5].minor.yy203, pFromClause);
+    yymsp[-5].minor.yy131 = sqlite3SrcListAppendList(pParse, yymsp[-5].minor.yy131, pFromClause);
   }
-  sqlite3Update(pParse,yymsp[-5].minor.yy203,yymsp[-2].minor.yy14,yymsp[0].minor.yy454,yymsp[-6].minor.yy144,0,0,0);
+  sqlite3Update(pParse,yymsp[-5].minor.yy131,yymsp[-2].minor.yy322,yymsp[0].minor.yy528,yymsp[-6].minor.yy394,0,0,0);
 }
         break;
-      case 160: /* setlist ::= setlist COMMA nm EQ expr */
+      case 158: /* setlist ::= setlist COMMA nm EQ expr */
 {
-  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse, yymsp[-4].minor.yy14, yymsp[0].minor.yy454);
-  sqlite3ExprListSetName(pParse, yymsp[-4].minor.yy14, &yymsp[-2].minor.yy0, 1);
+  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse, yymsp[-4].minor.yy322, yymsp[0].minor.yy528);
+  sqlite3ExprListSetName(pParse, yymsp[-4].minor.yy322, &yymsp[-2].minor.yy0, 1);
 }
         break;
-      case 161: /* setlist ::= setlist COMMA LP idlist RP EQ expr */
+      case 159: /* setlist ::= setlist COMMA LP idlist RP EQ expr */
 {
-  yymsp[-6].minor.yy14 = sqlite3ExprListAppendVector(pParse, yymsp[-6].minor.yy14, yymsp[-3].minor.yy132, yymsp[0].minor.yy454);
+  yymsp[-6].minor.yy322 = sqlite3ExprListAppendVector(pParse, yymsp[-6].minor.yy322, yymsp[-3].minor.yy254, yymsp[0].minor.yy528);
 }
         break;
-      case 162: /* setlist ::= nm EQ expr */
+      case 160: /* setlist ::= nm EQ expr */
 {
-  yylhsminor.yy14 = sqlite3ExprListAppend(pParse, 0, yymsp[0].minor.yy454);
-  sqlite3ExprListSetName(pParse, yylhsminor.yy14, &yymsp[-2].minor.yy0, 1);
+  yylhsminor.yy322 = sqlite3ExprListAppend(pParse, 0, yymsp[0].minor.yy528);
+  sqlite3ExprListSetName(pParse, yylhsminor.yy322, &yymsp[-2].minor.yy0, 1);
 }
-  yymsp[-2].minor.yy14 = yylhsminor.yy14;
+  yymsp[-2].minor.yy322 = yylhsminor.yy322;
         break;
-      case 163: /* setlist ::= LP idlist RP EQ expr */
+      case 161: /* setlist ::= LP idlist RP EQ expr */
 {
-  yymsp[-4].minor.yy14 = sqlite3ExprListAppendVector(pParse, 0, yymsp[-3].minor.yy132, yymsp[0].minor.yy454);
+  yymsp[-4].minor.yy322 = sqlite3ExprListAppendVector(pParse, 0, yymsp[-3].minor.yy254, yymsp[0].minor.yy528);
 }
         break;
-      case 164: /* cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
+      case 162: /* cmd ::= with insert_cmd INTO xfullname idlist_opt select upsert */
 {
-  sqlite3Insert(pParse, yymsp[-3].minor.yy203, yymsp[-1].minor.yy555, yymsp[-2].minor.yy132, yymsp[-5].minor.yy144, yymsp[0].minor.yy122);
+  sqlite3Insert(pParse, yymsp[-3].minor.yy131, yymsp[-1].minor.yy47, yymsp[-2].minor.yy254, yymsp[-5].minor.yy394, yymsp[0].minor.yy444);
 }
         break;
-      case 165: /* cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
+      case 163: /* cmd ::= with insert_cmd INTO xfullname idlist_opt DEFAULT VALUES returning */
 {
-  sqlite3Insert(pParse, yymsp[-4].minor.yy203, 0, yymsp[-3].minor.yy132, yymsp[-6].minor.yy144, 0);
+  sqlite3Insert(pParse, yymsp[-4].minor.yy131, 0, yymsp[-3].minor.yy254, yymsp[-6].minor.yy394, 0);
 }
         break;
-      case 166: /* upsert ::= */
-{ yymsp[1].minor.yy122 = 0; }
+      case 164: /* upsert ::= */
+{ yymsp[1].minor.yy444 = 0; }
         break;
-      case 167: /* upsert ::= RETURNING selcollist */
-{ yymsp[-1].minor.yy122 = 0; sqlite3AddReturning(pParse,yymsp[0].minor.yy14); }
+      case 165: /* upsert ::= RETURNING selcollist */
+{ yymsp[-1].minor.yy444 = 0; sqlite3AddReturning(pParse,yymsp[0].minor.yy322); }
         break;
-      case 168: /* upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
-{ yymsp[-11].minor.yy122 = sqlite3UpsertNew(pParse->db,yymsp[-8].minor.yy14,yymsp[-6].minor.yy454,yymsp[-2].minor.yy14,yymsp[-1].minor.yy454,yymsp[0].minor.yy122);}
+      case 166: /* upsert ::= ON CONFLICT LP sortlist RP where_opt DO UPDATE SET setlist where_opt upsert */
+{ yymsp[-11].minor.yy444 = sqlite3UpsertNew(pParse->db,yymsp[-8].minor.yy322,yymsp[-6].minor.yy528,yymsp[-2].minor.yy322,yymsp[-1].minor.yy528,yymsp[0].minor.yy444);}
         break;
-      case 169: /* upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
-{ yymsp[-8].minor.yy122 = sqlite3UpsertNew(pParse->db,yymsp[-5].minor.yy14,yymsp[-3].minor.yy454,0,0,yymsp[0].minor.yy122); }
+      case 167: /* upsert ::= ON CONFLICT LP sortlist RP where_opt DO NOTHING upsert */
+{ yymsp[-8].minor.yy444 = sqlite3UpsertNew(pParse->db,yymsp[-5].minor.yy322,yymsp[-3].minor.yy528,0,0,yymsp[0].minor.yy444); }
         break;
-      case 170: /* upsert ::= ON CONFLICT DO NOTHING returning */
-{ yymsp[-4].minor.yy122 = sqlite3UpsertNew(pParse->db,0,0,0,0,0); }
+      case 168: /* upsert ::= ON CONFLICT DO NOTHING returning */
+{ yymsp[-4].minor.yy444 = sqlite3UpsertNew(pParse->db,0,0,0,0,0); }
         break;
-      case 171: /* upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
-{ yymsp[-7].minor.yy122 = sqlite3UpsertNew(pParse->db,0,0,yymsp[-2].minor.yy14,yymsp[-1].minor.yy454,0);}
+      case 169: /* upsert ::= ON CONFLICT DO UPDATE SET setlist where_opt returning */
+{ yymsp[-7].minor.yy444 = sqlite3UpsertNew(pParse->db,0,0,yymsp[-2].minor.yy322,yymsp[-1].minor.yy528,0);}
         break;
-      case 172: /* returning ::= RETURNING selcollist */
-{sqlite3AddReturning(pParse,yymsp[0].minor.yy14);}
+      case 170: /* returning ::= RETURNING selcollist */
+{sqlite3AddReturning(pParse,yymsp[0].minor.yy322);}
         break;
-      case 175: /* idlist_opt ::= */
-{yymsp[1].minor.yy132 = 0;}
+      case 173: /* idlist_opt ::= */
+{yymsp[1].minor.yy254 = 0;}
         break;
-      case 176: /* idlist_opt ::= LP idlist RP */
-{yymsp[-2].minor.yy132 = yymsp[-1].minor.yy132;}
+      case 174: /* idlist_opt ::= LP idlist RP */
+{yymsp[-2].minor.yy254 = yymsp[-1].minor.yy254;}
         break;
-      case 177: /* idlist ::= idlist COMMA nm */
-{yymsp[-2].minor.yy132 = sqlite3IdListAppend(pParse,yymsp[-2].minor.yy132,&yymsp[0].minor.yy0);}
+      case 175: /* idlist ::= idlist COMMA nm */
+{yymsp[-2].minor.yy254 = sqlite3IdListAppend(pParse,yymsp[-2].minor.yy254,&yymsp[0].minor.yy0);}
         break;
-      case 178: /* idlist ::= nm */
-{yymsp[0].minor.yy132 = sqlite3IdListAppend(pParse,0,&yymsp[0].minor.yy0); /*A-overwrites-Y*/}
+      case 176: /* idlist ::= nm */
+{yymsp[0].minor.yy254 = sqlite3IdListAppend(pParse,0,&yymsp[0].minor.yy0); /*A-overwrites-Y*/}
         break;
-      case 179: /* expr ::= LP expr RP */
-{yymsp[-2].minor.yy454 = yymsp[-1].minor.yy454;}
+      case 177: /* expr ::= LP expr RP */
+{yymsp[-2].minor.yy528 = yymsp[-1].minor.yy528;}
         break;
-      case 180: /* expr ::= ID|INDEXED|JOIN_KW */
-{yymsp[0].minor.yy454=tokenExpr(pParse,TK_ID,yymsp[0].minor.yy0); /*A-overwrites-X*/}
+      case 178: /* expr ::= ID|INDEXED|JOIN_KW */
+{yymsp[0].minor.yy528=tokenExpr(pParse,TK_ID,yymsp[0].minor.yy0); /*A-overwrites-X*/}
         break;
-      case 181: /* expr ::= nm DOT nm */
+      case 179: /* expr ::= nm DOT nm */
 {
   Expr *temp1 = tokenExpr(pParse,TK_ID,yymsp[-2].minor.yy0);
   Expr *temp2 = tokenExpr(pParse,TK_ID,yymsp[0].minor.yy0);
-  yylhsminor.yy454 = sqlite3PExpr(pParse, TK_DOT, temp1, temp2);
+  yylhsminor.yy528 = sqlite3PExpr(pParse, TK_DOT, temp1, temp2);
 }
-  yymsp[-2].minor.yy454 = yylhsminor.yy454;
+  yymsp[-2].minor.yy528 = yylhsminor.yy528;
         break;
-      case 182: /* expr ::= nm DOT nm DOT nm */
+      case 180: /* expr ::= nm DOT nm DOT nm */
 {
   Expr *temp1 = tokenExpr(pParse,TK_ID,yymsp[-4].minor.yy0);
   Expr *temp2 = tokenExpr(pParse,TK_ID,yymsp[-2].minor.yy0);
@@ -176839,27 +175230,27 @@ static YYACTIONTYPE yy_reduce(
   if( IN_RENAME_OBJECT ){
     sqlite3RenameTokenRemap(pParse, 0, temp1);
   }
-  yylhsminor.yy454 = sqlite3PExpr(pParse, TK_DOT, temp1, temp4);
+  yylhsminor.yy528 = sqlite3PExpr(pParse, TK_DOT, temp1, temp4);
 }
-  yymsp[-4].minor.yy454 = yylhsminor.yy454;
+  yymsp[-4].minor.yy528 = yylhsminor.yy528;
         break;
-      case 183: /* term ::= NULL|FLOAT|BLOB */
-      case 184: /* term ::= STRING */ yytestcase(yyruleno==184);
-{yymsp[0].minor.yy454=tokenExpr(pParse,yymsp[0].major,yymsp[0].minor.yy0); /*A-overwrites-X*/}
+      case 181: /* term ::= NULL|FLOAT|BLOB */
+      case 182: /* term ::= STRING */ yytestcase(yyruleno==182);
+{yymsp[0].minor.yy528=tokenExpr(pParse,yymsp[0].major,yymsp[0].minor.yy0); /*A-overwrites-X*/}
         break;
-      case 185: /* term ::= INTEGER */
+      case 183: /* term ::= INTEGER */
 {
-  yylhsminor.yy454 = sqlite3ExprAlloc(pParse->db, TK_INTEGER, &yymsp[0].minor.yy0, 1);
-  if( yylhsminor.yy454 ) yylhsminor.yy454->w.iOfst = (int)(yymsp[0].minor.yy0.z - pParse->zTail);
+  yylhsminor.yy528 = sqlite3ExprAlloc(pParse->db, TK_INTEGER, &yymsp[0].minor.yy0, 1);
+  if( yylhsminor.yy528 ) yylhsminor.yy528->w.iOfst = (int)(yymsp[0].minor.yy0.z - pParse->zTail);
 }
-  yymsp[0].minor.yy454 = yylhsminor.yy454;
+  yymsp[0].minor.yy528 = yylhsminor.yy528;
         break;
-      case 186: /* expr ::= VARIABLE */
+      case 184: /* expr ::= VARIABLE */
 {
   if( !(yymsp[0].minor.yy0.z[0]=='#' && sqlite3Isdigit(yymsp[0].minor.yy0.z[1])) ){
     u32 n = yymsp[0].minor.yy0.n;
-    yymsp[0].minor.yy454 = tokenExpr(pParse, TK_VARIABLE, yymsp[0].minor.yy0);
-    sqlite3ExprAssignVarNumber(pParse, yymsp[0].minor.yy454, n);
+    yymsp[0].minor.yy528 = tokenExpr(pParse, TK_VARIABLE, yymsp[0].minor.yy0);
+    sqlite3ExprAssignVarNumber(pParse, yymsp[0].minor.yy528, n);
   }else{
     /* When doing a nested parse, one can include terms in an expression
     ** that look like this:   #1 #2 ...  These terms refer to registers
@@ -176868,203 +175259,194 @@ static YYACTIONTYPE yy_reduce(
     assert( t.n>=2 );
     if( pParse->nested==0 ){
       sqlite3ErrorMsg(pParse, "near \"%T\": syntax error", &t);
-      yymsp[0].minor.yy454 = 0;
+      yymsp[0].minor.yy528 = 0;
     }else{
-      yymsp[0].minor.yy454 = sqlite3PExpr(pParse, TK_REGISTER, 0, 0);
-      if( yymsp[0].minor.yy454 ) sqlite3GetInt32(&t.z[1], &yymsp[0].minor.yy454->iTable);
+      yymsp[0].minor.yy528 = sqlite3PExpr(pParse, TK_REGISTER, 0, 0);
+      if( yymsp[0].minor.yy528 ) sqlite3GetInt32(&t.z[1], &yymsp[0].minor.yy528->iTable);
     }
   }
 }
         break;
-      case 187: /* expr ::= expr COLLATE ID|STRING */
+      case 185: /* expr ::= expr COLLATE ID|STRING */
 {
-  yymsp[-2].minor.yy454 = sqlite3ExprAddCollateToken(pParse, yymsp[-2].minor.yy454, &yymsp[0].minor.yy0, 1);
+  yymsp[-2].minor.yy528 = sqlite3ExprAddCollateToken(pParse, yymsp[-2].minor.yy528, &yymsp[0].minor.yy0, 1);
 }
         break;
-      case 188: /* expr ::= CAST LP expr AS typetoken RP */
+      case 186: /* expr ::= CAST LP expr AS typetoken RP */
 {
-  yymsp[-5].minor.yy454 = sqlite3ExprAlloc(pParse->db, TK_CAST, &yymsp[-1].minor.yy0, 1);
-  sqlite3ExprAttachSubtrees(pParse->db, yymsp[-5].minor.yy454, yymsp[-3].minor.yy454, 0);
+  yymsp[-5].minor.yy528 = sqlite3ExprAlloc(pParse->db, TK_CAST, &yymsp[-1].minor.yy0, 1);
+  sqlite3ExprAttachSubtrees(pParse->db, yymsp[-5].minor.yy528, yymsp[-3].minor.yy528, 0);
 }
         break;
-      case 189: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
+      case 187: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP */
 {
-  yylhsminor.yy454 = sqlite3ExprFunction(pParse, yymsp[-1].minor.yy14, &yymsp[-4].minor.yy0, yymsp[-2].minor.yy144);
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-1].minor.yy322, &yymsp[-4].minor.yy0, yymsp[-2].minor.yy394);
 }
-  yymsp[-4].minor.yy454 = yylhsminor.yy454;
+  yymsp[-4].minor.yy528 = yylhsminor.yy528;
         break;
-      case 190: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
+      case 188: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP */
 {
-  yylhsminor.yy454 = sqlite3ExprFunction(pParse, yymsp[-4].minor.yy14, &yymsp[-7].minor.yy0, yymsp[-5].minor.yy144);
-  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy454, yymsp[-1].minor.yy14);
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-4].minor.yy322, &yymsp[-7].minor.yy0, yymsp[-5].minor.yy394);
+  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy528, yymsp[-1].minor.yy322);
 }
-  yymsp[-7].minor.yy454 = yylhsminor.yy454;
+  yymsp[-7].minor.yy528 = yylhsminor.yy528;
         break;
-      case 191: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
+      case 189: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP */
 {
-  yylhsminor.yy454 = sqlite3ExprFunction(pParse, 0, &yymsp[-3].minor.yy0, 0);
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[-3].minor.yy0, 0);
 }
-  yymsp[-3].minor.yy454 = yylhsminor.yy454;
+  yymsp[-3].minor.yy528 = yylhsminor.yy528;
         break;
-      case 192: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
+      case 190: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist RP filter_over */
 {
-  yylhsminor.yy454 = sqlite3ExprFunction(pParse, yymsp[-2].minor.yy14, &yymsp[-5].minor.yy0, yymsp[-3].minor.yy144);
-  sqlite3WindowAttach(pParse, yylhsminor.yy454, yymsp[0].minor.yy211);
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-2].minor.yy322, &yymsp[-5].minor.yy0, yymsp[-3].minor.yy394);
+  sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
 }
-  yymsp[-5].minor.yy454 = yylhsminor.yy454;
+  yymsp[-5].minor.yy528 = yylhsminor.yy528;
         break;
-      case 193: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
+      case 191: /* expr ::= ID|INDEXED|JOIN_KW LP distinct exprlist ORDER BY sortlist RP filter_over */
 {
-  yylhsminor.yy454 = sqlite3ExprFunction(pParse, yymsp[-5].minor.yy14, &yymsp[-8].minor.yy0, yymsp[-6].minor.yy144);
-  sqlite3WindowAttach(pParse, yylhsminor.yy454, yymsp[0].minor.yy211);
-  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy454, yymsp[-2].minor.yy14);
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, yymsp[-5].minor.yy322, &yymsp[-8].minor.yy0, yymsp[-6].minor.yy394);
+  sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
+  sqlite3ExprAddFunctionOrderBy(pParse, yylhsminor.yy528, yymsp[-2].minor.yy322);
 }
-  yymsp[-8].minor.yy454 = yylhsminor.yy454;
+  yymsp[-8].minor.yy528 = yylhsminor.yy528;
         break;
-      case 194: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
+      case 192: /* expr ::= ID|INDEXED|JOIN_KW LP STAR RP filter_over */
 {
-  yylhsminor.yy454 = sqlite3ExprFunction(pParse, 0, &yymsp[-4].minor.yy0, 0);
-  sqlite3WindowAttach(pParse, yylhsminor.yy454, yymsp[0].minor.yy211);
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[-4].minor.yy0, 0);
+  sqlite3WindowAttach(pParse, yylhsminor.yy528, yymsp[0].minor.yy41);
 }
-  yymsp[-4].minor.yy454 = yylhsminor.yy454;
+  yymsp[-4].minor.yy528 = yylhsminor.yy528;
         break;
-      case 195: /* term ::= CTIME_KW */
+      case 193: /* term ::= CTIME_KW */
 {
-  yylhsminor.yy454 = sqlite3ExprFunction(pParse, 0, &yymsp[0].minor.yy0, 0);
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, 0, &yymsp[0].minor.yy0, 0);
 }
-  yymsp[0].minor.yy454 = yylhsminor.yy454;
+  yymsp[0].minor.yy528 = yylhsminor.yy528;
         break;
-      case 196: /* expr ::= LP nexprlist COMMA expr RP */
+      case 194: /* expr ::= LP nexprlist COMMA expr RP */
 {
-  ExprList *pList = sqlite3ExprListAppend(pParse, yymsp[-3].minor.yy14, yymsp[-1].minor.yy454);
-  yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_VECTOR, 0, 0);
-  if( yymsp[-4].minor.yy454 ){
-    yymsp[-4].minor.yy454->x.pList = pList;
+  ExprList *pList = sqlite3ExprListAppend(pParse, yymsp[-3].minor.yy322, yymsp[-1].minor.yy528);
+  yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_VECTOR, 0, 0);
+  if( yymsp[-4].minor.yy528 ){
+    yymsp[-4].minor.yy528->x.pList = pList;
     if( ALWAYS(pList->nExpr) ){
-      yymsp[-4].minor.yy454->flags |= pList->a[0].pExpr->flags & EP_Propagate;
+      yymsp[-4].minor.yy528->flags |= pList->a[0].pExpr->flags & EP_Propagate;
     }
   }else{
     sqlite3ExprListDelete(pParse->db, pList);
   }
 }
         break;
-      case 197: /* expr ::= expr AND expr */
-{yymsp[-2].minor.yy454=sqlite3ExprAnd(pParse,yymsp[-2].minor.yy454,yymsp[0].minor.yy454);}
+      case 195: /* expr ::= expr AND expr */
+{yymsp[-2].minor.yy528=sqlite3ExprAnd(pParse,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
         break;
-      case 198: /* expr ::= expr OR expr */
-      case 199: /* expr ::= expr LT|GT|GE|LE expr */ yytestcase(yyruleno==199);
-      case 200: /* expr ::= expr EQ|NE expr */ yytestcase(yyruleno==200);
-      case 201: /* expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */ yytestcase(yyruleno==201);
-      case 202: /* expr ::= expr PLUS|MINUS expr */ yytestcase(yyruleno==202);
-      case 203: /* expr ::= expr STAR|SLASH|REM expr */ yytestcase(yyruleno==203);
-      case 204: /* expr ::= expr CONCAT expr */ yytestcase(yyruleno==204);
-{yymsp[-2].minor.yy454=sqlite3PExpr(pParse,yymsp[-1].major,yymsp[-2].minor.yy454,yymsp[0].minor.yy454);}
+      case 196: /* expr ::= expr OR expr */
+      case 197: /* expr ::= expr LT|GT|GE|LE expr */ yytestcase(yyruleno==197);
+      case 198: /* expr ::= expr EQ|NE expr */ yytestcase(yyruleno==198);
+      case 199: /* expr ::= expr BITAND|BITOR|LSHIFT|RSHIFT expr */ yytestcase(yyruleno==199);
+      case 200: /* expr ::= expr PLUS|MINUS expr */ yytestcase(yyruleno==200);
+      case 201: /* expr ::= expr STAR|SLASH|REM expr */ yytestcase(yyruleno==201);
+      case 202: /* expr ::= expr CONCAT expr */ yytestcase(yyruleno==202);
+{yymsp[-2].minor.yy528=sqlite3PExpr(pParse,yymsp[-1].major,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);}
         break;
-      case 205: /* likeop ::= NOT LIKE_KW|MATCH */
+      case 203: /* likeop ::= NOT LIKE_KW|MATCH */
 {yymsp[-1].minor.yy0=yymsp[0].minor.yy0; yymsp[-1].minor.yy0.n|=0x80000000; /*yymsp[-1].minor.yy0-overwrite-yymsp[0].minor.yy0*/}
         break;
-      case 206: /* expr ::= expr likeop expr */
+      case 204: /* expr ::= expr likeop expr */
 {
   ExprList *pList;
   int bNot = yymsp[-1].minor.yy0.n & 0x80000000;
   yymsp[-1].minor.yy0.n &= 0x7fffffff;
-  pList = sqlite3ExprListAppend(pParse,0, yymsp[0].minor.yy454);
-  pList = sqlite3ExprListAppend(pParse,pList, yymsp[-2].minor.yy454);
-  yymsp[-2].minor.yy454 = sqlite3ExprFunction(pParse, pList, &yymsp[-1].minor.yy0, 0);
-  if( bNot ) yymsp[-2].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-2].minor.yy454, 0);
-  if( yymsp[-2].minor.yy454 ) yymsp[-2].minor.yy454->flags |= EP_InfixFunc;
+  pList = sqlite3ExprListAppend(pParse,0, yymsp[0].minor.yy528);
+  pList = sqlite3ExprListAppend(pParse,pList, yymsp[-2].minor.yy528);
+  yymsp[-2].minor.yy528 = sqlite3ExprFunction(pParse, pList, &yymsp[-1].minor.yy0, 0);
+  if( bNot ) yymsp[-2].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-2].minor.yy528, 0);
+  if( yymsp[-2].minor.yy528 ) yymsp[-2].minor.yy528->flags |= EP_InfixFunc;
 }
         break;
-      case 207: /* expr ::= expr likeop expr ESCAPE expr */
+      case 205: /* expr ::= expr likeop expr ESCAPE expr */
 {
   ExprList *pList;
   int bNot = yymsp[-3].minor.yy0.n & 0x80000000;
   yymsp[-3].minor.yy0.n &= 0x7fffffff;
-  pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy454);
-  pList = sqlite3ExprListAppend(pParse,pList, yymsp[-4].minor.yy454);
-  pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy454);
-  yymsp[-4].minor.yy454 = sqlite3ExprFunction(pParse, pList, &yymsp[-3].minor.yy0, 0);
-  if( bNot ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
-  if( yymsp[-4].minor.yy454 ) yymsp[-4].minor.yy454->flags |= EP_InfixFunc;
+  pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
+  pList = sqlite3ExprListAppend(pParse,pList, yymsp[-4].minor.yy528);
+  pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy528);
+  yymsp[-4].minor.yy528 = sqlite3ExprFunction(pParse, pList, &yymsp[-3].minor.yy0, 0);
+  if( bNot ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
+  if( yymsp[-4].minor.yy528 ) yymsp[-4].minor.yy528->flags |= EP_InfixFunc;
 }
         break;
-      case 208: /* expr ::= expr ISNULL|NOTNULL */
-{yymsp[-1].minor.yy454 = sqlite3PExpr(pParse,yymsp[0].major,yymsp[-1].minor.yy454,0);}
+      case 206: /* expr ::= expr ISNULL|NOTNULL */
+{yymsp[-1].minor.yy528 = sqlite3PExpr(pParse,yymsp[0].major,yymsp[-1].minor.yy528,0);}
         break;
-      case 209: /* expr ::= expr NOT NULL */
-{yymsp[-2].minor.yy454 = sqlite3PExpr(pParse,TK_NOTNULL,yymsp[-2].minor.yy454,0);}
+      case 207: /* expr ::= expr NOT NULL */
+{yymsp[-2].minor.yy528 = sqlite3PExpr(pParse,TK_NOTNULL,yymsp[-2].minor.yy528,0);}
         break;
-      case 210: /* expr ::= expr IS expr */
+      case 208: /* expr ::= expr IS expr */
 {
-  yymsp[-2].minor.yy454 = sqlite3PExpr(pParse,TK_IS,yymsp[-2].minor.yy454,yymsp[0].minor.yy454);
-  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy454, yymsp[-2].minor.yy454, TK_ISNULL);
+  yymsp[-2].minor.yy528 = sqlite3PExpr(pParse,TK_IS,yymsp[-2].minor.yy528,yymsp[0].minor.yy528);
+  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-2].minor.yy528, TK_ISNULL);
 }
         break;
-      case 211: /* expr ::= expr IS NOT expr */
+      case 209: /* expr ::= expr IS NOT expr */
 {
-  yymsp[-3].minor.yy454 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-3].minor.yy454,yymsp[0].minor.yy454);
-  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy454, yymsp[-3].minor.yy454, TK_NOTNULL);
+  yymsp[-3].minor.yy528 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-3].minor.yy528,yymsp[0].minor.yy528);
+  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-3].minor.yy528, TK_NOTNULL);
 }
         break;
-      case 212: /* expr ::= expr IS NOT DISTINCT FROM expr */
+      case 210: /* expr ::= expr IS NOT DISTINCT FROM expr */
 {
-  yymsp[-5].minor.yy454 = sqlite3PExpr(pParse,TK_IS,yymsp[-5].minor.yy454,yymsp[0].minor.yy454);
-  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy454, yymsp[-5].minor.yy454, TK_ISNULL);
+  yymsp[-5].minor.yy528 = sqlite3PExpr(pParse,TK_IS,yymsp[-5].minor.yy528,yymsp[0].minor.yy528);
+  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-5].minor.yy528, TK_ISNULL);
 }
         break;
-      case 213: /* expr ::= expr IS DISTINCT FROM expr */
+      case 211: /* expr ::= expr IS DISTINCT FROM expr */
 {
-  yymsp[-4].minor.yy454 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-4].minor.yy454,yymsp[0].minor.yy454);
-  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy454, yymsp[-4].minor.yy454, TK_NOTNULL);
+  yymsp[-4].minor.yy528 = sqlite3PExpr(pParse,TK_ISNOT,yymsp[-4].minor.yy528,yymsp[0].minor.yy528);
+  binaryToUnaryIfNull(pParse, yymsp[0].minor.yy528, yymsp[-4].minor.yy528, TK_NOTNULL);
 }
         break;
-      case 214: /* expr ::= NOT expr */
-      case 215: /* expr ::= BITNOT expr */ yytestcase(yyruleno==215);
-{yymsp[-1].minor.yy454 = sqlite3PExpr(pParse, yymsp[-1].major, yymsp[0].minor.yy454, 0);/*A-overwrites-B*/}
+      case 212: /* expr ::= NOT expr */
+      case 213: /* expr ::= BITNOT expr */ yytestcase(yyruleno==213);
+{yymsp[-1].minor.yy528 = sqlite3PExpr(pParse, yymsp[-1].major, yymsp[0].minor.yy528, 0);/*A-overwrites-B*/}
         break;
-      case 216: /* expr ::= PLUS|MINUS expr */
+      case 214: /* expr ::= PLUS|MINUS expr */
 {
-  Expr *p = yymsp[0].minor.yy454;
-  u8 op = yymsp[-1].major + (TK_UPLUS-TK_PLUS);
-  assert( TK_UPLUS>TK_PLUS );
-  assert( TK_UMINUS == TK_MINUS + (TK_UPLUS - TK_PLUS) );
-  if( p && p->op==TK_UPLUS ){
-    p->op = op;
-    yymsp[-1].minor.yy454 = p;
-  }else{
-    yymsp[-1].minor.yy454 = sqlite3PExpr(pParse, op, p, 0);
-    /*A-overwrites-B*/
-  }
+  yymsp[-1].minor.yy528 = sqlite3PExpr(pParse, yymsp[-1].major==TK_PLUS ? TK_UPLUS : TK_UMINUS, yymsp[0].minor.yy528, 0);
+  /*A-overwrites-B*/
 }
         break;
-      case 217: /* expr ::= expr PTR expr */
+      case 215: /* expr ::= expr PTR expr */
 {
-  ExprList *pList = sqlite3ExprListAppend(pParse, 0, yymsp[-2].minor.yy454);
-  pList = sqlite3ExprListAppend(pParse, pList, yymsp[0].minor.yy454);
-  yylhsminor.yy454 = sqlite3ExprFunction(pParse, pList, &yymsp[-1].minor.yy0, 0);
+  ExprList *pList = sqlite3ExprListAppend(pParse, 0, yymsp[-2].minor.yy528);
+  pList = sqlite3ExprListAppend(pParse, pList, yymsp[0].minor.yy528);
+  yylhsminor.yy528 = sqlite3ExprFunction(pParse, pList, &yymsp[-1].minor.yy0, 0);
 }
-  yymsp[-2].minor.yy454 = yylhsminor.yy454;
+  yymsp[-2].minor.yy528 = yylhsminor.yy528;
         break;
-      case 218: /* between_op ::= BETWEEN */
-      case 221: /* in_op ::= IN */ yytestcase(yyruleno==221);
-{yymsp[0].minor.yy144 = 0;}
+      case 216: /* between_op ::= BETWEEN */
+      case 219: /* in_op ::= IN */ yytestcase(yyruleno==219);
+{yymsp[0].minor.yy394 = 0;}
         break;
-      case 220: /* expr ::= expr between_op expr AND expr */
+      case 218: /* expr ::= expr between_op expr AND expr */
 {
-  ExprList *pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy454);
-  pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy454);
-  yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_BETWEEN, yymsp[-4].minor.yy454, 0);
-  if( yymsp[-4].minor.yy454 ){
-    yymsp[-4].minor.yy454->x.pList = pList;
+  ExprList *pList = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
+  pList = sqlite3ExprListAppend(pParse,pList, yymsp[0].minor.yy528);
+  yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_BETWEEN, yymsp[-4].minor.yy528, 0);
+  if( yymsp[-4].minor.yy528 ){
+    yymsp[-4].minor.yy528->x.pList = pList;
   }else{
     sqlite3ExprListDelete(pParse->db, pList);
   }
-  if( yymsp[-3].minor.yy144 ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
+  if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
 }
         break;
-      case 223: /* expr ::= expr in_op LP exprlist RP */
+      case 221: /* expr ::= expr in_op LP exprlist RP */
 {
-    if( yymsp[-1].minor.yy14==0 ){
+    if( yymsp[-1].minor.yy322==0 ){
       /* Expressions of the form
       **
       **      expr1 IN ()
@@ -177073,208 +175455,208 @@ static YYACTIONTYPE yy_reduce(
       ** simplify to constants 0 (false) and 1 (true), respectively,
       ** regardless of the value of expr1.
       */
-      sqlite3ExprUnmapAndDelete(pParse, yymsp[-4].minor.yy454);
-      yymsp[-4].minor.yy454 = sqlite3Expr(pParse->db, TK_STRING, yymsp[-3].minor.yy144 ? "true" : "false");
-      if( yymsp[-4].minor.yy454 ) sqlite3ExprIdToTrueFalse(yymsp[-4].minor.yy454);
-    }else{
-      Expr *pRHS = yymsp[-1].minor.yy14->a[0].pExpr;
-      if( yymsp[-1].minor.yy14->nExpr==1 && sqlite3ExprIsConstant(pParse,pRHS) && yymsp[-4].minor.yy454->op!=TK_VECTOR ){
-        yymsp[-1].minor.yy14->a[0].pExpr = 0;
-        sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy14);
+      sqlite3ExprUnmapAndDelete(pParse, yymsp[-4].minor.yy528);
+      yymsp[-4].minor.yy528 = sqlite3Expr(pParse->db, TK_STRING, yymsp[-3].minor.yy394 ? "true" : "false");
+      if( yymsp[-4].minor.yy528 ) sqlite3ExprIdToTrueFalse(yymsp[-4].minor.yy528);
+    }else{
+      Expr *pRHS = yymsp[-1].minor.yy322->a[0].pExpr;
+      if( yymsp[-1].minor.yy322->nExpr==1 && sqlite3ExprIsConstant(pRHS) && yymsp[-4].minor.yy528->op!=TK_VECTOR ){
+        yymsp[-1].minor.yy322->a[0].pExpr = 0;
+        sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
         pRHS = sqlite3PExpr(pParse, TK_UPLUS, pRHS, 0);
-        yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_EQ, yymsp[-4].minor.yy454, pRHS);
-      }else if( yymsp[-1].minor.yy14->nExpr==1 && pRHS->op==TK_SELECT ){
-        yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy454, 0);
-        sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy454, pRHS->x.pSelect);
+        yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_EQ, yymsp[-4].minor.yy528, pRHS);
+      }else if( yymsp[-1].minor.yy322->nExpr==1 && pRHS->op==TK_SELECT ){
+        yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
+        sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, pRHS->x.pSelect);
         pRHS->x.pSelect = 0;
-        sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy14);
-      }else{
-        yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy454, 0);
-        if( yymsp[-4].minor.yy454==0 ){
-          sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy14);
-        }else if( yymsp[-4].minor.yy454->pLeft->op==TK_VECTOR ){
-          int nExpr = yymsp[-4].minor.yy454->pLeft->x.pList->nExpr;
-          Select *pSelectRHS = sqlite3ExprListToValues(pParse, nExpr, yymsp[-1].minor.yy14);
+        sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
+      }else{
+        yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
+        if( yymsp[-4].minor.yy528==0 ){
+          sqlite3ExprListDelete(pParse->db, yymsp[-1].minor.yy322);
+        }else if( yymsp[-4].minor.yy528->pLeft->op==TK_VECTOR ){
+          int nExpr = yymsp[-4].minor.yy528->pLeft->x.pList->nExpr;
+          Select *pSelectRHS = sqlite3ExprListToValues(pParse, nExpr, yymsp[-1].minor.yy322);
           if( pSelectRHS ){
             parserDoubleLinkSelect(pParse, pSelectRHS);
-            sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy454, pSelectRHS);
+            sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, pSelectRHS);
           }
         }else{
-          yymsp[-4].minor.yy454->x.pList = yymsp[-1].minor.yy14;
-          sqlite3ExprSetHeightAndFlags(pParse, yymsp[-4].minor.yy454);
+          yymsp[-4].minor.yy528->x.pList = yymsp[-1].minor.yy322;
+          sqlite3ExprSetHeightAndFlags(pParse, yymsp[-4].minor.yy528);
         }
       }
-      if( yymsp[-3].minor.yy144 ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
+      if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
     }
   }
         break;
-      case 224: /* expr ::= LP select RP */
+      case 222: /* expr ::= LP select RP */
 {
-    yymsp[-2].minor.yy454 = sqlite3PExpr(pParse, TK_SELECT, 0, 0);
-    sqlite3PExprAddSelect(pParse, yymsp[-2].minor.yy454, yymsp[-1].minor.yy555);
+    yymsp[-2].minor.yy528 = sqlite3PExpr(pParse, TK_SELECT, 0, 0);
+    sqlite3PExprAddSelect(pParse, yymsp[-2].minor.yy528, yymsp[-1].minor.yy47);
   }
         break;
-      case 225: /* expr ::= expr in_op LP select RP */
+      case 223: /* expr ::= expr in_op LP select RP */
 {
-    yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy454, 0);
-    sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy454, yymsp[-1].minor.yy555);
-    if( yymsp[-3].minor.yy144 ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
+    yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
+    sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, yymsp[-1].minor.yy47);
+    if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
   }
         break;
-      case 226: /* expr ::= expr in_op nm dbnm paren_exprlist */
+      case 224: /* expr ::= expr in_op nm dbnm paren_exprlist */
 {
     SrcList *pSrc = sqlite3SrcListAppend(pParse, 0,&yymsp[-2].minor.yy0,&yymsp[-1].minor.yy0);
     Select *pSelect = sqlite3SelectNew(pParse, 0,pSrc,0,0,0,0,0,0);
-    if( yymsp[0].minor.yy14 )  sqlite3SrcListFuncArgs(pParse, pSelect ? pSrc : 0, yymsp[0].minor.yy14);
-    yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy454, 0);
-    sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy454, pSelect);
-    if( yymsp[-3].minor.yy144 ) yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy454, 0);
+    if( yymsp[0].minor.yy322 )  sqlite3SrcListFuncArgs(pParse, pSelect ? pSrc : 0, yymsp[0].minor.yy322);
+    yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_IN, yymsp[-4].minor.yy528, 0);
+    sqlite3PExprAddSelect(pParse, yymsp[-4].minor.yy528, pSelect);
+    if( yymsp[-3].minor.yy394 ) yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_NOT, yymsp[-4].minor.yy528, 0);
   }
         break;
-      case 227: /* expr ::= EXISTS LP select RP */
+      case 225: /* expr ::= EXISTS LP select RP */
 {
     Expr *p;
-    p = yymsp[-3].minor.yy454 = sqlite3PExpr(pParse, TK_EXISTS, 0, 0);
-    sqlite3PExprAddSelect(pParse, p, yymsp[-1].minor.yy555);
+    p = yymsp[-3].minor.yy528 = sqlite3PExpr(pParse, TK_EXISTS, 0, 0);
+    sqlite3PExprAddSelect(pParse, p, yymsp[-1].minor.yy47);
   }
         break;
-      case 228: /* expr ::= CASE case_operand case_exprlist case_else END */
+      case 226: /* expr ::= CASE case_operand case_exprlist case_else END */
 {
-  yymsp[-4].minor.yy454 = sqlite3PExpr(pParse, TK_CASE, yymsp[-3].minor.yy454, 0);
-  if( yymsp[-4].minor.yy454 ){
-    yymsp[-4].minor.yy454->x.pList = yymsp[-1].minor.yy454 ? sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy14,yymsp[-1].minor.yy454) : yymsp[-2].minor.yy14;
-    sqlite3ExprSetHeightAndFlags(pParse, yymsp[-4].minor.yy454);
+  yymsp[-4].minor.yy528 = sqlite3PExpr(pParse, TK_CASE, yymsp[-3].minor.yy528, 0);
+  if( yymsp[-4].minor.yy528 ){
+    yymsp[-4].minor.yy528->x.pList = yymsp[-1].minor.yy528 ? sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy322,yymsp[-1].minor.yy528) : yymsp[-2].minor.yy322;
+    sqlite3ExprSetHeightAndFlags(pParse, yymsp[-4].minor.yy528);
   }else{
-    sqlite3ExprListDelete(pParse->db, yymsp[-2].minor.yy14);
-    sqlite3ExprDelete(pParse->db, yymsp[-1].minor.yy454);
+    sqlite3ExprListDelete(pParse->db, yymsp[-2].minor.yy322);
+    sqlite3ExprDelete(pParse->db, yymsp[-1].minor.yy528);
   }
 }
         break;
-      case 229: /* case_exprlist ::= case_exprlist WHEN expr THEN expr */
+      case 227: /* case_exprlist ::= case_exprlist WHEN expr THEN expr */
 {
-  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy14, yymsp[-2].minor.yy454);
-  yymsp[-4].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy14, yymsp[0].minor.yy454);
+  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, yymsp[-2].minor.yy528);
+  yymsp[-4].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-4].minor.yy322, yymsp[0].minor.yy528);
 }
         break;
-      case 230: /* case_exprlist ::= WHEN expr THEN expr */
+      case 228: /* case_exprlist ::= WHEN expr THEN expr */
 {
-  yymsp[-3].minor.yy14 = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy454);
-  yymsp[-3].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-3].minor.yy14, yymsp[0].minor.yy454);
+  yymsp[-3].minor.yy322 = sqlite3ExprListAppend(pParse,0, yymsp[-2].minor.yy528);
+  yymsp[-3].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-3].minor.yy322, yymsp[0].minor.yy528);
 }
         break;
-      case 235: /* nexprlist ::= nexprlist COMMA expr */
-{yymsp[-2].minor.yy14 = sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy14,yymsp[0].minor.yy454);}
+      case 233: /* nexprlist ::= nexprlist COMMA expr */
+{yymsp[-2].minor.yy322 = sqlite3ExprListAppend(pParse,yymsp[-2].minor.yy322,yymsp[0].minor.yy528);}
         break;
-      case 236: /* nexprlist ::= expr */
-{yymsp[0].minor.yy14 = sqlite3ExprListAppend(pParse,0,yymsp[0].minor.yy454); /*A-overwrites-Y*/}
+      case 234: /* nexprlist ::= expr */
+{yymsp[0].minor.yy322 = sqlite3ExprListAppend(pParse,0,yymsp[0].minor.yy528); /*A-overwrites-Y*/}
         break;
-      case 238: /* paren_exprlist ::= LP exprlist RP */
-      case 243: /* eidlist_opt ::= LP eidlist RP */ yytestcase(yyruleno==243);
-{yymsp[-2].minor.yy14 = yymsp[-1].minor.yy14;}
+      case 236: /* paren_exprlist ::= LP exprlist RP */
+      case 241: /* eidlist_opt ::= LP eidlist RP */ yytestcase(yyruleno==241);
+{yymsp[-2].minor.yy322 = yymsp[-1].minor.yy322;}
         break;
-      case 239: /* cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
+      case 237: /* cmd ::= createkw uniqueflag INDEX ifnotexists nm dbnm ON nm LP sortlist RP where_opt */
 {
   sqlite3CreateIndex(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0,
-                     sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,0), yymsp[-2].minor.yy14, yymsp[-10].minor.yy144,
-                      &yymsp[-11].minor.yy0, yymsp[0].minor.yy454, SQLITE_SO_ASC, yymsp[-8].minor.yy144, SQLITE_IDXTYPE_APPDEF);
+                     sqlite3SrcListAppend(pParse,0,&yymsp[-4].minor.yy0,0), yymsp[-2].minor.yy322, yymsp[-10].minor.yy394,
+                      &yymsp[-11].minor.yy0, yymsp[0].minor.yy528, SQLITE_SO_ASC, yymsp[-8].minor.yy394, SQLITE_IDXTYPE_APPDEF);
   if( IN_RENAME_OBJECT && pParse->pNewIndex ){
     sqlite3RenameTokenMap(pParse, pParse->pNewIndex->zName, &yymsp[-4].minor.yy0);
   }
 }
         break;
-      case 240: /* uniqueflag ::= UNIQUE */
-      case 282: /* raisetype ::= ABORT */ yytestcase(yyruleno==282);
-{yymsp[0].minor.yy144 = OE_Abort;}
+      case 238: /* uniqueflag ::= UNIQUE */
+      case 280: /* raisetype ::= ABORT */ yytestcase(yyruleno==280);
+{yymsp[0].minor.yy394 = OE_Abort;}
         break;
-      case 241: /* uniqueflag ::= */
-{yymsp[1].minor.yy144 = OE_None;}
+      case 239: /* uniqueflag ::= */
+{yymsp[1].minor.yy394 = OE_None;}
         break;
-      case 244: /* eidlist ::= eidlist COMMA nm collate sortorder */
+      case 242: /* eidlist ::= eidlist COMMA nm collate sortorder */
 {
-  yymsp[-4].minor.yy14 = parserAddExprIdListTerm(pParse, yymsp[-4].minor.yy14, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy144, yymsp[0].minor.yy144);
+  yymsp[-4].minor.yy322 = parserAddExprIdListTerm(pParse, yymsp[-4].minor.yy322, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy394, yymsp[0].minor.yy394);
 }
         break;
-      case 245: /* eidlist ::= nm collate sortorder */
+      case 243: /* eidlist ::= nm collate sortorder */
 {
-  yymsp[-2].minor.yy14 = parserAddExprIdListTerm(pParse, 0, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy144, yymsp[0].minor.yy144); /*A-overwrites-Y*/
+  yymsp[-2].minor.yy322 = parserAddExprIdListTerm(pParse, 0, &yymsp[-2].minor.yy0, yymsp[-1].minor.yy394, yymsp[0].minor.yy394); /*A-overwrites-Y*/
 }
         break;
-      case 248: /* cmd ::= DROP INDEX ifexists fullname */
-{sqlite3DropIndex(pParse, yymsp[0].minor.yy203, yymsp[-1].minor.yy144);}
+      case 246: /* cmd ::= DROP INDEX ifexists fullname */
+{sqlite3DropIndex(pParse, yymsp[0].minor.yy131, yymsp[-1].minor.yy394);}
         break;
-      case 249: /* cmd ::= VACUUM vinto */
-{sqlite3Vacuum(pParse,0,yymsp[0].minor.yy454);}
+      case 247: /* cmd ::= VACUUM vinto */
+{sqlite3Vacuum(pParse,0,yymsp[0].minor.yy528);}
         break;
-      case 250: /* cmd ::= VACUUM nm vinto */
-{sqlite3Vacuum(pParse,&yymsp[-1].minor.yy0,yymsp[0].minor.yy454);}
+      case 248: /* cmd ::= VACUUM nm vinto */
+{sqlite3Vacuum(pParse,&yymsp[-1].minor.yy0,yymsp[0].minor.yy528);}
         break;
-      case 253: /* cmd ::= PRAGMA nm dbnm */
+      case 251: /* cmd ::= PRAGMA nm dbnm */
 {sqlite3Pragma(pParse,&yymsp[-1].minor.yy0,&yymsp[0].minor.yy0,0,0);}
         break;
-      case 254: /* cmd ::= PRAGMA nm dbnm EQ nmnum */
+      case 252: /* cmd ::= PRAGMA nm dbnm EQ nmnum */
 {sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,0);}
         break;
-      case 255: /* cmd ::= PRAGMA nm dbnm LP nmnum RP */
+      case 253: /* cmd ::= PRAGMA nm dbnm LP nmnum RP */
 {sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,0);}
         break;
-      case 256: /* cmd ::= PRAGMA nm dbnm EQ minus_num */
+      case 254: /* cmd ::= PRAGMA nm dbnm EQ minus_num */
 {sqlite3Pragma(pParse,&yymsp[-3].minor.yy0,&yymsp[-2].minor.yy0,&yymsp[0].minor.yy0,1);}
         break;
-      case 257: /* cmd ::= PRAGMA nm dbnm LP minus_num RP */
+      case 255: /* cmd ::= PRAGMA nm dbnm LP minus_num RP */
 {sqlite3Pragma(pParse,&yymsp[-4].minor.yy0,&yymsp[-3].minor.yy0,&yymsp[-1].minor.yy0,1);}
         break;
-      case 260: /* cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
+      case 258: /* cmd ::= createkw trigger_decl BEGIN trigger_cmd_list END */
 {
   Token all;
   all.z = yymsp[-3].minor.yy0.z;
   all.n = (int)(yymsp[0].minor.yy0.z - yymsp[-3].minor.yy0.z) + yymsp[0].minor.yy0.n;
-  sqlite3FinishTrigger(pParse, yymsp[-1].minor.yy427, &all);
+  sqlite3FinishTrigger(pParse, yymsp[-1].minor.yy33, &all);
 }
         break;
-      case 261: /* trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
+      case 259: /* trigger_decl ::= temp TRIGGER ifnotexists nm dbnm trigger_time trigger_event ON fullname foreach_clause when_clause */
 {
-  sqlite3BeginTrigger(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0, yymsp[-5].minor.yy144, yymsp[-4].minor.yy286.a, yymsp[-4].minor.yy286.b, yymsp[-2].minor.yy203, yymsp[0].minor.yy454, yymsp[-10].minor.yy144, yymsp[-8].minor.yy144);
+  sqlite3BeginTrigger(pParse, &yymsp[-7].minor.yy0, &yymsp[-6].minor.yy0, yymsp[-5].minor.yy394, yymsp[-4].minor.yy180.a, yymsp[-4].minor.yy180.b, yymsp[-2].minor.yy131, yymsp[0].minor.yy528, yymsp[-10].minor.yy394, yymsp[-8].minor.yy394);
   yymsp[-10].minor.yy0 = (yymsp[-6].minor.yy0.n==0?yymsp[-7].minor.yy0:yymsp[-6].minor.yy0); /*A-overwrites-T*/
 }
         break;
-      case 262: /* trigger_time ::= BEFORE|AFTER */
-{ yymsp[0].minor.yy144 = yymsp[0].major; /*A-overwrites-X*/ }
+      case 260: /* trigger_time ::= BEFORE|AFTER */
+{ yymsp[0].minor.yy394 = yymsp[0].major; /*A-overwrites-X*/ }
         break;
-      case 263: /* trigger_time ::= INSTEAD OF */
-{ yymsp[-1].minor.yy144 = TK_INSTEAD;}
+      case 261: /* trigger_time ::= INSTEAD OF */
+{ yymsp[-1].minor.yy394 = TK_INSTEAD;}
         break;
-      case 264: /* trigger_time ::= */
-{ yymsp[1].minor.yy144 = TK_BEFORE; }
+      case 262: /* trigger_time ::= */
+{ yymsp[1].minor.yy394 = TK_BEFORE; }
         break;
-      case 265: /* trigger_event ::= DELETE|INSERT */
-      case 266: /* trigger_event ::= UPDATE */ yytestcase(yyruleno==266);
-{yymsp[0].minor.yy286.a = yymsp[0].major; /*A-overwrites-X*/ yymsp[0].minor.yy286.b = 0;}
+      case 263: /* trigger_event ::= DELETE|INSERT */
+      case 264: /* trigger_event ::= UPDATE */ yytestcase(yyruleno==264);
+{yymsp[0].minor.yy180.a = yymsp[0].major; /*A-overwrites-X*/ yymsp[0].minor.yy180.b = 0;}
         break;
-      case 267: /* trigger_event ::= UPDATE OF idlist */
-{yymsp[-2].minor.yy286.a = TK_UPDATE; yymsp[-2].minor.yy286.b = yymsp[0].minor.yy132;}
+      case 265: /* trigger_event ::= UPDATE OF idlist */
+{yymsp[-2].minor.yy180.a = TK_UPDATE; yymsp[-2].minor.yy180.b = yymsp[0].minor.yy254;}
         break;
-      case 268: /* when_clause ::= */
-      case 287: /* key_opt ::= */ yytestcase(yyruleno==287);
-{ yymsp[1].minor.yy454 = 0; }
+      case 266: /* when_clause ::= */
+      case 285: /* key_opt ::= */ yytestcase(yyruleno==285);
+{ yymsp[1].minor.yy528 = 0; }
         break;
-      case 269: /* when_clause ::= WHEN expr */
-      case 288: /* key_opt ::= KEY expr */ yytestcase(yyruleno==288);
-{ yymsp[-1].minor.yy454 = yymsp[0].minor.yy454; }
+      case 267: /* when_clause ::= WHEN expr */
+      case 286: /* key_opt ::= KEY expr */ yytestcase(yyruleno==286);
+{ yymsp[-1].minor.yy528 = yymsp[0].minor.yy528; }
         break;
-      case 270: /* trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
+      case 268: /* trigger_cmd_list ::= trigger_cmd_list trigger_cmd SEMI */
 {
-  assert( yymsp[-2].minor.yy427!=0 );
-  yymsp[-2].minor.yy427->pLast->pNext = yymsp[-1].minor.yy427;
-  yymsp[-2].minor.yy427->pLast = yymsp[-1].minor.yy427;
+  assert( yymsp[-2].minor.yy33!=0 );
+  yymsp[-2].minor.yy33->pLast->pNext = yymsp[-1].minor.yy33;
+  yymsp[-2].minor.yy33->pLast = yymsp[-1].minor.yy33;
 }
         break;
-      case 271: /* trigger_cmd_list ::= trigger_cmd SEMI */
+      case 269: /* trigger_cmd_list ::= trigger_cmd SEMI */
 {
-  assert( yymsp[-1].minor.yy427!=0 );
-  yymsp[-1].minor.yy427->pLast = yymsp[-1].minor.yy427;
+  assert( yymsp[-1].minor.yy33!=0 );
+  yymsp[-1].minor.yy33->pLast = yymsp[-1].minor.yy33;
 }
         break;
-      case 272: /* trnm ::= nm DOT nm */
+      case 270: /* trnm ::= nm DOT nm */
 {
   yymsp[-2].minor.yy0 = yymsp[0].minor.yy0;
   sqlite3ErrorMsg(pParse,
@@ -177282,377 +175664,367 @@ static YYACTIONTYPE yy_reduce(
         "statements within triggers");
 }
         break;
-      case 273: /* tridxby ::= INDEXED BY nm */
+      case 271: /* tridxby ::= INDEXED BY nm */
 {
   sqlite3ErrorMsg(pParse,
         "the INDEXED BY clause is not allowed on UPDATE or DELETE statements "
         "within triggers");
 }
         break;
-      case 274: /* tridxby ::= NOT INDEXED */
+      case 272: /* tridxby ::= NOT INDEXED */
 {
   sqlite3ErrorMsg(pParse,
         "the NOT INDEXED clause is not allowed on UPDATE or DELETE statements "
         "within triggers");
 }
         break;
-      case 275: /* trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
-{yylhsminor.yy427 = sqlite3TriggerUpdateStep(pParse, &yymsp[-6].minor.yy0, yymsp[-2].minor.yy203, yymsp[-3].minor.yy14, yymsp[-1].minor.yy454, yymsp[-7].minor.yy144, yymsp[-8].minor.yy0.z, yymsp[0].minor.yy168);}
-  yymsp[-8].minor.yy427 = yylhsminor.yy427;
+      case 273: /* trigger_cmd ::= UPDATE orconf trnm tridxby SET setlist from where_opt scanpt */
+{yylhsminor.yy33 = sqlite3TriggerUpdateStep(pParse, &yymsp[-6].minor.yy0, yymsp[-2].minor.yy131, yymsp[-3].minor.yy322, yymsp[-1].minor.yy528, yymsp[-7].minor.yy394, yymsp[-8].minor.yy0.z, yymsp[0].minor.yy522);}
+  yymsp[-8].minor.yy33 = yylhsminor.yy33;
         break;
-      case 276: /* trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
+      case 274: /* trigger_cmd ::= scanpt insert_cmd INTO trnm idlist_opt select upsert scanpt */
 {
-   yylhsminor.yy427 = sqlite3TriggerInsertStep(pParse,&yymsp[-4].minor.yy0,yymsp[-3].minor.yy132,yymsp[-2].minor.yy555,yymsp[-6].minor.yy144,yymsp[-1].minor.yy122,yymsp[-7].minor.yy168,yymsp[0].minor.yy168);/*yylhsminor.yy427-overwrites-yymsp[-6].minor.yy144*/
+   yylhsminor.yy33 = sqlite3TriggerInsertStep(pParse,&yymsp[-4].minor.yy0,yymsp[-3].minor.yy254,yymsp[-2].minor.yy47,yymsp[-6].minor.yy394,yymsp[-1].minor.yy444,yymsp[-7].minor.yy522,yymsp[0].minor.yy522);/*yylhsminor.yy33-overwrites-yymsp[-6].minor.yy394*/
 }
-  yymsp[-7].minor.yy427 = yylhsminor.yy427;
+  yymsp[-7].minor.yy33 = yylhsminor.yy33;
         break;
-      case 277: /* trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
-{yylhsminor.yy427 = sqlite3TriggerDeleteStep(pParse, &yymsp[-3].minor.yy0, yymsp[-1].minor.yy454, yymsp[-5].minor.yy0.z, yymsp[0].minor.yy168);}
-  yymsp[-5].minor.yy427 = yylhsminor.yy427;
+      case 275: /* trigger_cmd ::= DELETE FROM trnm tridxby where_opt scanpt */
+{yylhsminor.yy33 = sqlite3TriggerDeleteStep(pParse, &yymsp[-3].minor.yy0, yymsp[-1].minor.yy528, yymsp[-5].minor.yy0.z, yymsp[0].minor.yy522);}
+  yymsp[-5].minor.yy33 = yylhsminor.yy33;
         break;
-      case 278: /* trigger_cmd ::= scanpt select scanpt */
-{yylhsminor.yy427 = sqlite3TriggerSelectStep(pParse->db, yymsp[-1].minor.yy555, yymsp[-2].minor.yy168, yymsp[0].minor.yy168); /*yylhsminor.yy427-overwrites-yymsp[-1].minor.yy555*/}
-  yymsp[-2].minor.yy427 = yylhsminor.yy427;
+      case 276: /* trigger_cmd ::= scanpt select scanpt */
+{yylhsminor.yy33 = sqlite3TriggerSelectStep(pParse->db, yymsp[-1].minor.yy47, yymsp[-2].minor.yy522, yymsp[0].minor.yy522); /*yylhsminor.yy33-overwrites-yymsp[-1].minor.yy47*/}
+  yymsp[-2].minor.yy33 = yylhsminor.yy33;
         break;
-      case 279: /* expr ::= RAISE LP IGNORE RP */
+      case 277: /* expr ::= RAISE LP IGNORE RP */
 {
-  yymsp[-3].minor.yy454 = sqlite3PExpr(pParse, TK_RAISE, 0, 0);
-  if( yymsp[-3].minor.yy454 ){
-    yymsp[-3].minor.yy454->affExpr = OE_Ignore;
+  yymsp[-3].minor.yy528 = sqlite3PExpr(pParse, TK_RAISE, 0, 0);
+  if( yymsp[-3].minor.yy528 ){
+    yymsp[-3].minor.yy528->affExpr = OE_Ignore;
   }
 }
         break;
-      case 280: /* expr ::= RAISE LP raisetype COMMA nm RP */
+      case 278: /* expr ::= RAISE LP raisetype COMMA nm RP */
 {
-  yymsp[-5].minor.yy454 = sqlite3ExprAlloc(pParse->db, TK_RAISE, &yymsp[-1].minor.yy0, 1);
-  if( yymsp[-5].minor.yy454 ) {
-    yymsp[-5].minor.yy454->affExpr = (char)yymsp[-3].minor.yy144;
+  yymsp[-5].minor.yy528 = sqlite3ExprAlloc(pParse->db, TK_RAISE, &yymsp[-1].minor.yy0, 1);
+  if( yymsp[-5].minor.yy528 ) {
+    yymsp[-5].minor.yy528->affExpr = (char)yymsp[-3].minor.yy394;
   }
 }
         break;
-      case 281: /* raisetype ::= ROLLBACK */
-{yymsp[0].minor.yy144 = OE_Rollback;}
+      case 279: /* raisetype ::= ROLLBACK */
+{yymsp[0].minor.yy394 = OE_Rollback;}
         break;
-      case 283: /* raisetype ::= FAIL */
-{yymsp[0].minor.yy144 = OE_Fail;}
+      case 281: /* raisetype ::= FAIL */
+{yymsp[0].minor.yy394 = OE_Fail;}
         break;
-      case 284: /* cmd ::= DROP TRIGGER ifexists fullname */
+      case 282: /* cmd ::= DROP TRIGGER ifexists fullname */
 {
-  sqlite3DropTrigger(pParse,yymsp[0].minor.yy203,yymsp[-1].minor.yy144);
+  sqlite3DropTrigger(pParse,yymsp[0].minor.yy131,yymsp[-1].minor.yy394);
 }
         break;
-      case 285: /* cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
+      case 283: /* cmd ::= ATTACH database_kw_opt expr AS expr key_opt */
 {
-  sqlite3Attach(pParse, yymsp[-3].minor.yy454, yymsp[-1].minor.yy454, yymsp[0].minor.yy454);
+  sqlite3Attach(pParse, yymsp[-3].minor.yy528, yymsp[-1].minor.yy528, yymsp[0].minor.yy528);
 }
         break;
-      case 286: /* cmd ::= DETACH database_kw_opt expr */
+      case 284: /* cmd ::= DETACH database_kw_opt expr */
 {
-  sqlite3Detach(pParse, yymsp[0].minor.yy454);
+  sqlite3Detach(pParse, yymsp[0].minor.yy528);
 }
         break;
-      case 289: /* cmd ::= REINDEX */
+      case 287: /* cmd ::= REINDEX */
 {sqlite3Reindex(pParse, 0, 0);}
         break;
-      case 290: /* cmd ::= REINDEX nm dbnm */
+      case 288: /* cmd ::= REINDEX nm dbnm */
 {sqlite3Reindex(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
         break;
-      case 291: /* cmd ::= ANALYZE */
+      case 289: /* cmd ::= ANALYZE */
 {sqlite3Analyze(pParse, 0, 0);}
         break;
-      case 292: /* cmd ::= ANALYZE nm dbnm */
+      case 290: /* cmd ::= ANALYZE nm dbnm */
 {sqlite3Analyze(pParse, &yymsp[-1].minor.yy0, &yymsp[0].minor.yy0);}
         break;
-      case 293: /* cmd ::= ALTER TABLE fullname RENAME TO nm */
+      case 291: /* cmd ::= ALTER TABLE fullname RENAME TO nm */
 {
-  sqlite3AlterRenameTable(pParse,yymsp[-3].minor.yy203,&yymsp[0].minor.yy0);
+  sqlite3AlterRenameTable(pParse,yymsp[-3].minor.yy131,&yymsp[0].minor.yy0);
 }
         break;
-      case 294: /* cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
+      case 292: /* cmd ::= ALTER TABLE add_column_fullname ADD kwcolumn_opt columnname carglist */
 {
   yymsp[-1].minor.yy0.n = (int)(pParse->sLastToken.z-yymsp[-1].minor.yy0.z) + pParse->sLastToken.n;
   sqlite3AlterFinishAddColumn(pParse, &yymsp[-1].minor.yy0);
 }
         break;
-      case 295: /* cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
+      case 293: /* cmd ::= ALTER TABLE fullname DROP kwcolumn_opt nm */
 {
-  sqlite3AlterDropColumn(pParse, yymsp[-3].minor.yy203, &yymsp[0].minor.yy0);
+  sqlite3AlterDropColumn(pParse, yymsp[-3].minor.yy131, &yymsp[0].minor.yy0);
 }
         break;
-      case 296: /* add_column_fullname ::= fullname */
+      case 294: /* add_column_fullname ::= fullname */
 {
   disableLookaside(pParse);
-  sqlite3AlterBeginAddColumn(pParse, yymsp[0].minor.yy203);
+  sqlite3AlterBeginAddColumn(pParse, yymsp[0].minor.yy131);
 }
         break;
-      case 297: /* cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
+      case 295: /* cmd ::= ALTER TABLE fullname RENAME kwcolumn_opt nm TO nm */
 {
-  sqlite3AlterRenameColumn(pParse, yymsp[-5].minor.yy203, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0);
+  sqlite3AlterRenameColumn(pParse, yymsp[-5].minor.yy131, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0);
 }
         break;
-      case 298: /* cmd ::= create_vtab */
+      case 296: /* cmd ::= create_vtab */
 {sqlite3VtabFinishParse(pParse,0);}
         break;
-      case 299: /* cmd ::= create_vtab LP vtabarglist RP */
+      case 297: /* cmd ::= create_vtab LP vtabarglist RP */
 {sqlite3VtabFinishParse(pParse,&yymsp[0].minor.yy0);}
         break;
-      case 300: /* create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
+      case 298: /* create_vtab ::= createkw VIRTUAL TABLE ifnotexists nm dbnm USING nm */
 {
-    sqlite3VtabBeginParse(pParse, &yymsp[-3].minor.yy0, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0, yymsp[-4].minor.yy144);
+    sqlite3VtabBeginParse(pParse, &yymsp[-3].minor.yy0, &yymsp[-2].minor.yy0, &yymsp[0].minor.yy0, yymsp[-4].minor.yy394);
 }
         break;
-      case 301: /* vtabarg ::= */
+      case 299: /* vtabarg ::= */
 {sqlite3VtabArgInit(pParse);}
         break;
-      case 302: /* vtabargtoken ::= ANY */
-      case 303: /* vtabargtoken ::= lp anylist RP */ yytestcase(yyruleno==303);
-      case 304: /* lp ::= LP */ yytestcase(yyruleno==304);
+      case 300: /* vtabargtoken ::= ANY */
+      case 301: /* vtabargtoken ::= lp anylist RP */ yytestcase(yyruleno==301);
+      case 302: /* lp ::= LP */ yytestcase(yyruleno==302);
 {sqlite3VtabArgExtend(pParse,&yymsp[0].minor.yy0);}
         break;
-      case 305: /* with ::= WITH wqlist */
-      case 306: /* with ::= WITH RECURSIVE wqlist */ yytestcase(yyruleno==306);
-{ sqlite3WithPush(pParse, yymsp[0].minor.yy59, 1); }
+      case 303: /* with ::= WITH wqlist */
+      case 304: /* with ::= WITH RECURSIVE wqlist */ yytestcase(yyruleno==304);
+{ sqlite3WithPush(pParse, yymsp[0].minor.yy521, 1); }
         break;
-      case 307: /* wqas ::= AS */
-{yymsp[0].minor.yy462 = M10d_Any;}
+      case 305: /* wqas ::= AS */
+{yymsp[0].minor.yy516 = M10d_Any;}
         break;
-      case 308: /* wqas ::= AS MATERIALIZED */
-{yymsp[-1].minor.yy462 = M10d_Yes;}
+      case 306: /* wqas ::= AS MATERIALIZED */
+{yymsp[-1].minor.yy516 = M10d_Yes;}
         break;
-      case 309: /* wqas ::= AS NOT MATERIALIZED */
-{yymsp[-2].minor.yy462 = M10d_No;}
+      case 307: /* wqas ::= AS NOT MATERIALIZED */
+{yymsp[-2].minor.yy516 = M10d_No;}
         break;
-      case 310: /* wqitem ::= withnm eidlist_opt wqas LP select RP */
+      case 308: /* wqitem ::= nm eidlist_opt wqas LP select RP */
 {
-  yymsp[-5].minor.yy67 = sqlite3CteNew(pParse, &yymsp[-5].minor.yy0, yymsp[-4].minor.yy14, yymsp[-1].minor.yy555, yymsp[-3].minor.yy462); /*A-overwrites-X*/
+  yymsp[-5].minor.yy385 = sqlite3CteNew(pParse, &yymsp[-5].minor.yy0, yymsp[-4].minor.yy322, yymsp[-1].minor.yy47, yymsp[-3].minor.yy516); /*A-overwrites-X*/
 }
         break;
-      case 311: /* withnm ::= nm */
-{pParse->bHasWith = 1;}
-        break;
-      case 312: /* wqlist ::= wqitem */
+      case 309: /* wqlist ::= wqitem */
 {
-  yymsp[0].minor.yy59 = sqlite3WithAdd(pParse, 0, yymsp[0].minor.yy67); /*A-overwrites-X*/
+  yymsp[0].minor.yy521 = sqlite3WithAdd(pParse, 0, yymsp[0].minor.yy385); /*A-overwrites-X*/
 }
         break;
-      case 313: /* wqlist ::= wqlist COMMA wqitem */
+      case 310: /* wqlist ::= wqlist COMMA wqitem */
 {
-  yymsp[-2].minor.yy59 = sqlite3WithAdd(pParse, yymsp[-2].minor.yy59, yymsp[0].minor.yy67);
+  yymsp[-2].minor.yy521 = sqlite3WithAdd(pParse, yymsp[-2].minor.yy521, yymsp[0].minor.yy385);
 }
         break;
-      case 314: /* windowdefn_list ::= windowdefn_list COMMA windowdefn */
+      case 311: /* windowdefn_list ::= windowdefn_list COMMA windowdefn */
 {
-  assert( yymsp[0].minor.yy211!=0 );
-  sqlite3WindowChain(pParse, yymsp[0].minor.yy211, yymsp[-2].minor.yy211);
-  yymsp[0].minor.yy211->pNextWin = yymsp[-2].minor.yy211;
-  yylhsminor.yy211 = yymsp[0].minor.yy211;
+  assert( yymsp[0].minor.yy41!=0 );
+  sqlite3WindowChain(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy41);
+  yymsp[0].minor.yy41->pNextWin = yymsp[-2].minor.yy41;
+  yylhsminor.yy41 = yymsp[0].minor.yy41;
 }
-  yymsp[-2].minor.yy211 = yylhsminor.yy211;
+  yymsp[-2].minor.yy41 = yylhsminor.yy41;
         break;
-      case 315: /* windowdefn ::= nm AS LP window RP */
+      case 312: /* windowdefn ::= nm AS LP window RP */
 {
-  if( ALWAYS(yymsp[-1].minor.yy211) ){
-    yymsp[-1].minor.yy211->zName = sqlite3DbStrNDup(pParse->db, yymsp[-4].minor.yy0.z, yymsp[-4].minor.yy0.n);
+  if( ALWAYS(yymsp[-1].minor.yy41) ){
+    yymsp[-1].minor.yy41->zName = sqlite3DbStrNDup(pParse->db, yymsp[-4].minor.yy0.z, yymsp[-4].minor.yy0.n);
   }
-  yylhsminor.yy211 = yymsp[-1].minor.yy211;
+  yylhsminor.yy41 = yymsp[-1].minor.yy41;
 }
-  yymsp[-4].minor.yy211 = yylhsminor.yy211;
+  yymsp[-4].minor.yy41 = yylhsminor.yy41;
         break;
-      case 316: /* window ::= PARTITION BY nexprlist orderby_opt frame_opt */
+      case 313: /* window ::= PARTITION BY nexprlist orderby_opt frame_opt */
 {
-  yymsp[-4].minor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, yymsp[-2].minor.yy14, yymsp[-1].minor.yy14, 0);
+  yymsp[-4].minor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy322, yymsp[-1].minor.yy322, 0);
 }
         break;
-      case 317: /* window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
+      case 314: /* window ::= nm PARTITION BY nexprlist orderby_opt frame_opt */
 {
-  yylhsminor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, yymsp[-2].minor.yy14, yymsp[-1].minor.yy14, &yymsp[-5].minor.yy0);
+  yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, yymsp[-2].minor.yy322, yymsp[-1].minor.yy322, &yymsp[-5].minor.yy0);
 }
-  yymsp[-5].minor.yy211 = yylhsminor.yy211;
+  yymsp[-5].minor.yy41 = yylhsminor.yy41;
         break;
-      case 318: /* window ::= ORDER BY sortlist frame_opt */
+      case 315: /* window ::= ORDER BY sortlist frame_opt */
 {
-  yymsp[-3].minor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, 0, yymsp[-1].minor.yy14, 0);
+  yymsp[-3].minor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, yymsp[-1].minor.yy322, 0);
 }
         break;
-      case 319: /* window ::= nm ORDER BY sortlist frame_opt */
+      case 316: /* window ::= nm ORDER BY sortlist frame_opt */
 {
-  yylhsminor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, 0, yymsp[-1].minor.yy14, &yymsp[-4].minor.yy0);
+  yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, yymsp[-1].minor.yy322, &yymsp[-4].minor.yy0);
 }
-  yymsp[-4].minor.yy211 = yylhsminor.yy211;
+  yymsp[-4].minor.yy41 = yylhsminor.yy41;
         break;
-      case 320: /* window ::= nm frame_opt */
+      case 317: /* window ::= nm frame_opt */
 {
-  yylhsminor.yy211 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy211, 0, 0, &yymsp[-1].minor.yy0);
+  yylhsminor.yy41 = sqlite3WindowAssemble(pParse, yymsp[0].minor.yy41, 0, 0, &yymsp[-1].minor.yy0);
 }
-  yymsp[-1].minor.yy211 = yylhsminor.yy211;
+  yymsp[-1].minor.yy41 = yylhsminor.yy41;
         break;
-      case 321: /* frame_opt ::= */
+      case 318: /* frame_opt ::= */
 {
-  yymsp[1].minor.yy211 = sqlite3WindowAlloc(pParse, 0, TK_UNBOUNDED, 0, TK_CURRENT, 0, 0);
+  yymsp[1].minor.yy41 = sqlite3WindowAlloc(pParse, 0, TK_UNBOUNDED, 0, TK_CURRENT, 0, 0);
 }
         break;
-      case 322: /* frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
+      case 319: /* frame_opt ::= range_or_rows frame_bound_s frame_exclude_opt */
 {
-  yylhsminor.yy211 = sqlite3WindowAlloc(pParse, yymsp[-2].minor.yy144, yymsp[-1].minor.yy509.eType, yymsp[-1].minor.yy509.pExpr, TK_CURRENT, 0, yymsp[0].minor.yy462);
+  yylhsminor.yy41 = sqlite3WindowAlloc(pParse, yymsp[-2].minor.yy394, yymsp[-1].minor.yy595.eType, yymsp[-1].minor.yy595.pExpr, TK_CURRENT, 0, yymsp[0].minor.yy516);
 }
-  yymsp[-2].minor.yy211 = yylhsminor.yy211;
+  yymsp[-2].minor.yy41 = yylhsminor.yy41;
         break;
-      case 323: /* frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
+      case 320: /* frame_opt ::= range_or_rows BETWEEN frame_bound_s AND frame_bound_e frame_exclude_opt */
 {
-  yylhsminor.yy211 = sqlite3WindowAlloc(pParse, yymsp[-5].minor.yy144, yymsp[-3].minor.yy509.eType, yymsp[-3].minor.yy509.pExpr, yymsp[-1].minor.yy509.eType, yymsp[-1].minor.yy509.pExpr, yymsp[0].minor.yy462);
+  yylhsminor.yy41 = sqlite3WindowAlloc(pParse, yymsp[-5].minor.yy394, yymsp[-3].minor.yy595.eType, yymsp[-3].minor.yy595.pExpr, yymsp[-1].minor.yy595.eType, yymsp[-1].minor.yy595.pExpr, yymsp[0].minor.yy516);
 }
-  yymsp[-5].minor.yy211 = yylhsminor.yy211;
+  yymsp[-5].minor.yy41 = yylhsminor.yy41;
         break;
-      case 325: /* frame_bound_s ::= frame_bound */
-      case 327: /* frame_bound_e ::= frame_bound */ yytestcase(yyruleno==327);
-{yylhsminor.yy509 = yymsp[0].minor.yy509;}
-  yymsp[0].minor.yy509 = yylhsminor.yy509;
+      case 322: /* frame_bound_s ::= frame_bound */
+      case 324: /* frame_bound_e ::= frame_bound */ yytestcase(yyruleno==324);
+{yylhsminor.yy595 = yymsp[0].minor.yy595;}
+  yymsp[0].minor.yy595 = yylhsminor.yy595;
         break;
-      case 326: /* frame_bound_s ::= UNBOUNDED PRECEDING */
-      case 328: /* frame_bound_e ::= UNBOUNDED FOLLOWING */ yytestcase(yyruleno==328);
-      case 330: /* frame_bound ::= CURRENT ROW */ yytestcase(yyruleno==330);
-{yylhsminor.yy509.eType = yymsp[-1].major; yylhsminor.yy509.pExpr = 0;}
-  yymsp[-1].minor.yy509 = yylhsminor.yy509;
+      case 323: /* frame_bound_s ::= UNBOUNDED PRECEDING */
+      case 325: /* frame_bound_e ::= UNBOUNDED FOLLOWING */ yytestcase(yyruleno==325);
+      case 327: /* frame_bound ::= CURRENT ROW */ yytestcase(yyruleno==327);
+{yylhsminor.yy595.eType = yymsp[-1].major; yylhsminor.yy595.pExpr = 0;}
+  yymsp[-1].minor.yy595 = yylhsminor.yy595;
         break;
-      case 329: /* frame_bound ::= expr PRECEDING|FOLLOWING */
-{yylhsminor.yy509.eType = yymsp[0].major; yylhsminor.yy509.pExpr = yymsp[-1].minor.yy454;}
-  yymsp[-1].minor.yy509 = yylhsminor.yy509;
+      case 326: /* frame_bound ::= expr PRECEDING|FOLLOWING */
+{yylhsminor.yy595.eType = yymsp[0].major; yylhsminor.yy595.pExpr = yymsp[-1].minor.yy528;}
+  yymsp[-1].minor.yy595 = yylhsminor.yy595;
         break;
-      case 331: /* frame_exclude_opt ::= */
-{yymsp[1].minor.yy462 = 0;}
+      case 328: /* frame_exclude_opt ::= */
+{yymsp[1].minor.yy516 = 0;}
         break;
-      case 332: /* frame_exclude_opt ::= EXCLUDE frame_exclude */
-{yymsp[-1].minor.yy462 = yymsp[0].minor.yy462;}
+      case 329: /* frame_exclude_opt ::= EXCLUDE frame_exclude */
+{yymsp[-1].minor.yy516 = yymsp[0].minor.yy516;}
         break;
-      case 333: /* frame_exclude ::= NO OTHERS */
-      case 334: /* frame_exclude ::= CURRENT ROW */ yytestcase(yyruleno==334);
-{yymsp[-1].minor.yy462 = yymsp[-1].major; /*A-overwrites-X*/}
+      case 330: /* frame_exclude ::= NO OTHERS */
+      case 331: /* frame_exclude ::= CURRENT ROW */ yytestcase(yyruleno==331);
+{yymsp[-1].minor.yy516 = yymsp[-1].major; /*A-overwrites-X*/}
         break;
-      case 335: /* frame_exclude ::= GROUP|TIES */
-{yymsp[0].minor.yy462 = yymsp[0].major; /*A-overwrites-X*/}
+      case 332: /* frame_exclude ::= GROUP|TIES */
+{yymsp[0].minor.yy516 = yymsp[0].major; /*A-overwrites-X*/}
         break;
-      case 336: /* window_clause ::= WINDOW windowdefn_list */
-{ yymsp[-1].minor.yy211 = yymsp[0].minor.yy211; }
+      case 333: /* window_clause ::= WINDOW windowdefn_list */
+{ yymsp[-1].minor.yy41 = yymsp[0].minor.yy41; }
         break;
-      case 337: /* filter_over ::= filter_clause over_clause */
+      case 334: /* filter_over ::= filter_clause over_clause */
 {
-  if( yymsp[0].minor.yy211 ){
-    yymsp[0].minor.yy211->pFilter = yymsp[-1].minor.yy454;
+  if( yymsp[0].minor.yy41 ){
+    yymsp[0].minor.yy41->pFilter = yymsp[-1].minor.yy528;
   }else{
-    sqlite3ExprDelete(pParse->db, yymsp[-1].minor.yy454);
+    sqlite3ExprDelete(pParse->db, yymsp[-1].minor.yy528);
   }
-  yylhsminor.yy211 = yymsp[0].minor.yy211;
+  yylhsminor.yy41 = yymsp[0].minor.yy41;
 }
-  yymsp[-1].minor.yy211 = yylhsminor.yy211;
+  yymsp[-1].minor.yy41 = yylhsminor.yy41;
         break;
-      case 338: /* filter_over ::= over_clause */
+      case 335: /* filter_over ::= over_clause */
 {
-  yylhsminor.yy211 = yymsp[0].minor.yy211;
+  yylhsminor.yy41 = yymsp[0].minor.yy41;
 }
-  yymsp[0].minor.yy211 = yylhsminor.yy211;
+  yymsp[0].minor.yy41 = yylhsminor.yy41;
         break;
-      case 339: /* filter_over ::= filter_clause */
+      case 336: /* filter_over ::= filter_clause */
 {
-  yylhsminor.yy211 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
-  if( yylhsminor.yy211 ){
-    yylhsminor.yy211->eFrmType = TK_FILTER;
-    yylhsminor.yy211->pFilter = yymsp[0].minor.yy454;
+  yylhsminor.yy41 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
+  if( yylhsminor.yy41 ){
+    yylhsminor.yy41->eFrmType = TK_FILTER;
+    yylhsminor.yy41->pFilter = yymsp[0].minor.yy528;
   }else{
-    sqlite3ExprDelete(pParse->db, yymsp[0].minor.yy454);
+    sqlite3ExprDelete(pParse->db, yymsp[0].minor.yy528);
   }
 }
-  yymsp[0].minor.yy211 = yylhsminor.yy211;
+  yymsp[0].minor.yy41 = yylhsminor.yy41;
         break;
-      case 340: /* over_clause ::= OVER LP window RP */
+      case 337: /* over_clause ::= OVER LP window RP */
 {
-  yymsp[-3].minor.yy211 = yymsp[-1].minor.yy211;
-  assert( yymsp[-3].minor.yy211!=0 );
+  yymsp[-3].minor.yy41 = yymsp[-1].minor.yy41;
+  assert( yymsp[-3].minor.yy41!=0 );
 }
         break;
-      case 341: /* over_clause ::= OVER nm */
+      case 338: /* over_clause ::= OVER nm */
 {
-  yymsp[-1].minor.yy211 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
-  if( yymsp[-1].minor.yy211 ){
-    yymsp[-1].minor.yy211->zName = sqlite3DbStrNDup(pParse->db, yymsp[0].minor.yy0.z, yymsp[0].minor.yy0.n);
+  yymsp[-1].minor.yy41 = (Window*)sqlite3DbMallocZero(pParse->db, sizeof(Window));
+  if( yymsp[-1].minor.yy41 ){
+    yymsp[-1].minor.yy41->zName = sqlite3DbStrNDup(pParse->db, yymsp[0].minor.yy0.z, yymsp[0].minor.yy0.n);
   }
 }
         break;
-      case 342: /* filter_clause ::= FILTER LP WHERE expr RP */
-{ yymsp[-4].minor.yy454 = yymsp[-1].minor.yy454; }
-        break;
-      case 343: /* term ::= QNUMBER */
-{
-  yylhsminor.yy454=tokenExpr(pParse,yymsp[0].major,yymsp[0].minor.yy0);
-  sqlite3DequoteNumber(pParse, yylhsminor.yy454);
-}
-  yymsp[0].minor.yy454 = yylhsminor.yy454;
+      case 339: /* filter_clause ::= FILTER LP WHERE expr RP */
+{ yymsp[-4].minor.yy528 = yymsp[-1].minor.yy528; }
         break;
       default:
-      /* (344) input ::= cmdlist */ yytestcase(yyruleno==344);
-      /* (345) cmdlist ::= cmdlist ecmd */ yytestcase(yyruleno==345);
-      /* (346) cmdlist ::= ecmd (OPTIMIZED OUT) */ assert(yyruleno!=346);
-      /* (347) ecmd ::= SEMI */ yytestcase(yyruleno==347);
-      /* (348) ecmd ::= cmdx SEMI */ yytestcase(yyruleno==348);
-      /* (349) ecmd ::= explain cmdx SEMI (NEVER REDUCES) */ assert(yyruleno!=349);
-      /* (350) trans_opt ::= */ yytestcase(yyruleno==350);
-      /* (351) trans_opt ::= TRANSACTION */ yytestcase(yyruleno==351);
-      /* (352) trans_opt ::= TRANSACTION nm */ yytestcase(yyruleno==352);
-      /* (353) savepoint_opt ::= SAVEPOINT */ yytestcase(yyruleno==353);
-      /* (354) savepoint_opt ::= */ yytestcase(yyruleno==354);
-      /* (355) cmd ::= create_table create_table_args */ yytestcase(yyruleno==355);
-      /* (356) table_option_set ::= table_option (OPTIMIZED OUT) */ assert(yyruleno!=356);
-      /* (357) columnlist ::= columnlist COMMA columnname carglist */ yytestcase(yyruleno==357);
-      /* (358) columnlist ::= columnname carglist */ yytestcase(yyruleno==358);
-      /* (359) nm ::= ID|INDEXED|JOIN_KW */ yytestcase(yyruleno==359);
-      /* (360) nm ::= STRING */ yytestcase(yyruleno==360);
-      /* (361) typetoken ::= typename */ yytestcase(yyruleno==361);
-      /* (362) typename ::= ID|STRING */ yytestcase(yyruleno==362);
-      /* (363) signed ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=363);
-      /* (364) signed ::= minus_num (OPTIMIZED OUT) */ assert(yyruleno!=364);
-      /* (365) carglist ::= carglist ccons */ yytestcase(yyruleno==365);
-      /* (366) carglist ::= */ yytestcase(yyruleno==366);
-      /* (367) ccons ::= NULL onconf */ yytestcase(yyruleno==367);
-      /* (368) ccons ::= GENERATED ALWAYS AS generated */ yytestcase(yyruleno==368);
-      /* (369) ccons ::= AS generated */ yytestcase(yyruleno==369);
-      /* (370) conslist_opt ::= COMMA conslist */ yytestcase(yyruleno==370);
-      /* (371) conslist ::= conslist tconscomma tcons */ yytestcase(yyruleno==371);
-      /* (372) conslist ::= tcons (OPTIMIZED OUT) */ assert(yyruleno!=372);
-      /* (373) tconscomma ::= */ yytestcase(yyruleno==373);
-      /* (374) defer_subclause_opt ::= defer_subclause (OPTIMIZED OUT) */ assert(yyruleno!=374);
-      /* (375) resolvetype ::= raisetype (OPTIMIZED OUT) */ assert(yyruleno!=375);
-      /* (376) selectnowith ::= oneselect (OPTIMIZED OUT) */ assert(yyruleno!=376);
-      /* (377) oneselect ::= values */ yytestcase(yyruleno==377);
-      /* (378) sclp ::= selcollist COMMA */ yytestcase(yyruleno==378);
-      /* (379) as ::= ID|STRING */ yytestcase(yyruleno==379);
-      /* (380) indexed_opt ::= indexed_by (OPTIMIZED OUT) */ assert(yyruleno!=380);
-      /* (381) returning ::= */ yytestcase(yyruleno==381);
-      /* (382) expr ::= term (OPTIMIZED OUT) */ assert(yyruleno!=382);
-      /* (383) likeop ::= LIKE_KW|MATCH */ yytestcase(yyruleno==383);
-      /* (384) case_operand ::= expr */ yytestcase(yyruleno==384);
-      /* (385) exprlist ::= nexprlist */ yytestcase(yyruleno==385);
-      /* (386) nmnum ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=386);
-      /* (387) nmnum ::= nm (OPTIMIZED OUT) */ assert(yyruleno!=387);
-      /* (388) nmnum ::= ON */ yytestcase(yyruleno==388);
-      /* (389) nmnum ::= DELETE */ yytestcase(yyruleno==389);
-      /* (390) nmnum ::= DEFAULT */ yytestcase(yyruleno==390);
-      /* (391) plus_num ::= INTEGER|FLOAT */ yytestcase(yyruleno==391);
-      /* (392) foreach_clause ::= */ yytestcase(yyruleno==392);
-      /* (393) foreach_clause ::= FOR EACH ROW */ yytestcase(yyruleno==393);
-      /* (394) trnm ::= nm */ yytestcase(yyruleno==394);
-      /* (395) tridxby ::= */ yytestcase(yyruleno==395);
-      /* (396) database_kw_opt ::= DATABASE */ yytestcase(yyruleno==396);
-      /* (397) database_kw_opt ::= */ yytestcase(yyruleno==397);
-      /* (398) kwcolumn_opt ::= */ yytestcase(yyruleno==398);
-      /* (399) kwcolumn_opt ::= COLUMNKW */ yytestcase(yyruleno==399);
-      /* (400) vtabarglist ::= vtabarg */ yytestcase(yyruleno==400);
-      /* (401) vtabarglist ::= vtabarglist COMMA vtabarg */ yytestcase(yyruleno==401);
-      /* (402) vtabarg ::= vtabarg vtabargtoken */ yytestcase(yyruleno==402);
-      /* (403) anylist ::= */ yytestcase(yyruleno==403);
-      /* (404) anylist ::= anylist LP anylist RP */ yytestcase(yyruleno==404);
-      /* (405) anylist ::= anylist ANY */ yytestcase(yyruleno==405);
-      /* (406) with ::= */ yytestcase(yyruleno==406);
-      /* (407) windowdefn_list ::= windowdefn (OPTIMIZED OUT) */ assert(yyruleno!=407);
-      /* (408) window ::= frame_opt (OPTIMIZED OUT) */ assert(yyruleno!=408);
+      /* (340) input ::= cmdlist */ yytestcase(yyruleno==340);
+      /* (341) cmdlist ::= cmdlist ecmd */ yytestcase(yyruleno==341);
+      /* (342) cmdlist ::= ecmd (OPTIMIZED OUT) */ assert(yyruleno!=342);
+      /* (343) ecmd ::= SEMI */ yytestcase(yyruleno==343);
+      /* (344) ecmd ::= cmdx SEMI */ yytestcase(yyruleno==344);
+      /* (345) ecmd ::= explain cmdx SEMI (NEVER REDUCES) */ assert(yyruleno!=345);
+      /* (346) trans_opt ::= */ yytestcase(yyruleno==346);
+      /* (347) trans_opt ::= TRANSACTION */ yytestcase(yyruleno==347);
+      /* (348) trans_opt ::= TRANSACTION nm */ yytestcase(yyruleno==348);
+      /* (349) savepoint_opt ::= SAVEPOINT */ yytestcase(yyruleno==349);
+      /* (350) savepoint_opt ::= */ yytestcase(yyruleno==350);
+      /* (351) cmd ::= create_table create_table_args */ yytestcase(yyruleno==351);
+      /* (352) table_option_set ::= table_option (OPTIMIZED OUT) */ assert(yyruleno!=352);
+      /* (353) columnlist ::= columnlist COMMA columnname carglist */ yytestcase(yyruleno==353);
+      /* (354) columnlist ::= columnname carglist */ yytestcase(yyruleno==354);
+      /* (355) nm ::= ID|INDEXED|JOIN_KW */ yytestcase(yyruleno==355);
+      /* (356) nm ::= STRING */ yytestcase(yyruleno==356);
+      /* (357) typetoken ::= typename */ yytestcase(yyruleno==357);
+      /* (358) typename ::= ID|STRING */ yytestcase(yyruleno==358);
+      /* (359) signed ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=359);
+      /* (360) signed ::= minus_num (OPTIMIZED OUT) */ assert(yyruleno!=360);
+      /* (361) carglist ::= carglist ccons */ yytestcase(yyruleno==361);
+      /* (362) carglist ::= */ yytestcase(yyruleno==362);
+      /* (363) ccons ::= NULL onconf */ yytestcase(yyruleno==363);
+      /* (364) ccons ::= GENERATED ALWAYS AS generated */ yytestcase(yyruleno==364);
+      /* (365) ccons ::= AS generated */ yytestcase(yyruleno==365);
+      /* (366) conslist_opt ::= COMMA conslist */ yytestcase(yyruleno==366);
+      /* (367) conslist ::= conslist tconscomma tcons */ yytestcase(yyruleno==367);
+      /* (368) conslist ::= tcons (OPTIMIZED OUT) */ assert(yyruleno!=368);
+      /* (369) tconscomma ::= */ yytestcase(yyruleno==369);
+      /* (370) defer_subclause_opt ::= defer_subclause (OPTIMIZED OUT) */ assert(yyruleno!=370);
+      /* (371) resolvetype ::= raisetype (OPTIMIZED OUT) */ assert(yyruleno!=371);
+      /* (372) selectnowith ::= oneselect (OPTIMIZED OUT) */ assert(yyruleno!=372);
+      /* (373) oneselect ::= values */ yytestcase(yyruleno==373);
+      /* (374) sclp ::= selcollist COMMA */ yytestcase(yyruleno==374);
+      /* (375) as ::= ID|STRING */ yytestcase(yyruleno==375);
+      /* (376) indexed_opt ::= indexed_by (OPTIMIZED OUT) */ assert(yyruleno!=376);
+      /* (377) returning ::= */ yytestcase(yyruleno==377);
+      /* (378) expr ::= term (OPTIMIZED OUT) */ assert(yyruleno!=378);
+      /* (379) likeop ::= LIKE_KW|MATCH */ yytestcase(yyruleno==379);
+      /* (380) case_operand ::= expr */ yytestcase(yyruleno==380);
+      /* (381) exprlist ::= nexprlist */ yytestcase(yyruleno==381);
+      /* (382) nmnum ::= plus_num (OPTIMIZED OUT) */ assert(yyruleno!=382);
+      /* (383) nmnum ::= nm (OPTIMIZED OUT) */ assert(yyruleno!=383);
+      /* (384) nmnum ::= ON */ yytestcase(yyruleno==384);
+      /* (385) nmnum ::= DELETE */ yytestcase(yyruleno==385);
+      /* (386) nmnum ::= DEFAULT */ yytestcase(yyruleno==386);
+      /* (387) plus_num ::= INTEGER|FLOAT */ yytestcase(yyruleno==387);
+      /* (388) foreach_clause ::= */ yytestcase(yyruleno==388);
+      /* (389) foreach_clause ::= FOR EACH ROW */ yytestcase(yyruleno==389);
+      /* (390) trnm ::= nm */ yytestcase(yyruleno==390);
+      /* (391) tridxby ::= */ yytestcase(yyruleno==391);
+      /* (392) database_kw_opt ::= DATABASE */ yytestcase(yyruleno==392);
+      /* (393) database_kw_opt ::= */ yytestcase(yyruleno==393);
+      /* (394) kwcolumn_opt ::= */ yytestcase(yyruleno==394);
+      /* (395) kwcolumn_opt ::= COLUMNKW */ yytestcase(yyruleno==395);
+      /* (396) vtabarglist ::= vtabarg */ yytestcase(yyruleno==396);
+      /* (397) vtabarglist ::= vtabarglist COMMA vtabarg */ yytestcase(yyruleno==397);
+      /* (398) vtabarg ::= vtabarg vtabargtoken */ yytestcase(yyruleno==398);
+      /* (399) anylist ::= */ yytestcase(yyruleno==399);
+      /* (400) anylist ::= anylist LP anylist RP */ yytestcase(yyruleno==400);
+      /* (401) anylist ::= anylist ANY */ yytestcase(yyruleno==401);
+      /* (402) with ::= */ yytestcase(yyruleno==402);
+      /* (403) windowdefn_list ::= windowdefn (OPTIMIZED OUT) */ assert(yyruleno!=403);
+      /* (404) window ::= frame_opt (OPTIMIZED OUT) */ assert(yyruleno!=404);
         break;
 /********** End reduce actions ************************************************/
   };
@@ -177839,12 +176211,19 @@ SQLITE_PRIVATE void sqlite3Parser(
                   (int)(yypParser->yytos - yypParser->yystack));
         }
 #endif
+#if YYSTACKDEPTH>0
         if( yypParser->yytos>=yypParser->yystackEnd ){
+          yyStackOverflow(yypParser);
+          break;
+        }
+#else
+        if( yypParser->yytos>=&yypParser->yystack[yypParser->yystksz-1] ){
           if( yyGrowStack(yypParser) ){
             yyStackOverflow(yypParser);
             break;
           }
         }
+#endif
       }
       yyact = yy_reduce(yypParser,yyruleno,yymajor,yyminor sqlite3ParserCTX_PARAM);
     }else if( yyact <= YY_MAX_SHIFTREDUCE ){
@@ -178915,58 +177294,27 @@ SQLITE_PRIVATE int sqlite3GetToken(const unsigned char *z, int *tokenType){
       *tokenType = TK_INTEGER;
 #ifndef SQLITE_OMIT_HEX_INTEGER
       if( z[0]=='0' && (z[1]=='x' || z[1]=='X') && sqlite3Isxdigit(z[2]) ){
-        for(i=3; 1; i++){
-          if( sqlite3Isxdigit(z[i])==0 ){
-            if( z[i]==SQLITE_DIGIT_SEPARATOR ){
-              *tokenType = TK_QNUMBER;
-            }else{
-              break;
-            }
-          }
-        }
-      }else
+        for(i=3; sqlite3Isxdigit(z[i]); i++){}
+        return i;
+      }
 #endif
-        {
-        for(i=0; 1; i++){
-          if( sqlite3Isdigit(z[i])==0 ){
-            if( z[i]==SQLITE_DIGIT_SEPARATOR ){
-              *tokenType = TK_QNUMBER;
-            }else{
-              break;
-            }
-          }
-        }
+      for(i=0; sqlite3Isdigit(z[i]); i++){}
 #ifndef SQLITE_OMIT_FLOATING_POINT
-        if( z[i]=='.' ){
-          if( *tokenType==TK_INTEGER ) *tokenType = TK_FLOAT;
-          for(i++; 1; i++){
-            if( sqlite3Isdigit(z[i])==0 ){
-              if( z[i]==SQLITE_DIGIT_SEPARATOR ){
-                *tokenType = TK_QNUMBER;
-              }else{
-                break;
-              }
-            }
-          }
-        }
-        if( (z[i]=='e' || z[i]=='E') &&
-             ( sqlite3Isdigit(z[i+1])
-              || ((z[i+1]=='+' || z[i+1]=='-') && sqlite3Isdigit(z[i+2]))
-             )
-        ){
-          if( *tokenType==TK_INTEGER ) *tokenType = TK_FLOAT;
-          for(i+=2; 1; i++){
-            if( sqlite3Isdigit(z[i])==0 ){
-              if( z[i]==SQLITE_DIGIT_SEPARATOR ){
-                *tokenType = TK_QNUMBER;
-              }else{
-                break;
-              }
-            }
-          }
-        }
-#endif
+      if( z[i]=='.' ){
+        i++;
+        while( sqlite3Isdigit(z[i]) ){ i++; }
+        *tokenType = TK_FLOAT;
+      }
+      if( (z[i]=='e' || z[i]=='E') &&
+           ( sqlite3Isdigit(z[i+1])
+            || ((z[i+1]=='+' || z[i+1]=='-') && sqlite3Isdigit(z[i+2]))
+           )
+      ){
+        i += 2;
+        while( sqlite3Isdigit(z[i]) ){ i++; }
+        *tokenType = TK_FLOAT;
       }
+#endif
       while( IdChar(z[i]) ){
         *tokenType = TK_ILLEGAL;
         i++;
@@ -179131,13 +177479,10 @@ SQLITE_PRIVATE int sqlite3RunParser(Parse *pParse, const char *zSql){
     if( tokenType>=TK_WINDOW ){
       assert( tokenType==TK_SPACE || tokenType==TK_OVER || tokenType==TK_FILTER
            || tokenType==TK_ILLEGAL || tokenType==TK_WINDOW
-           || tokenType==TK_QNUMBER
       );
 #else
     if( tokenType>=TK_SPACE ){
-      assert( tokenType==TK_SPACE || tokenType==TK_ILLEGAL
-           || tokenType==TK_QNUMBER
-      );
+      assert( tokenType==TK_SPACE || tokenType==TK_ILLEGAL );
 #endif /* SQLITE_OMIT_WINDOWFUNC */
       if( AtomicLoad(&db->u1.isInterrupted) ){
         pParse->rc = SQLITE_INTERRUPT;
@@ -179170,7 +177515,7 @@ SQLITE_PRIVATE int sqlite3RunParser(Parse *pParse, const char *zSql){
         assert( n==6 );
         tokenType = analyzeFilterKeyword((const u8*)&zSql[6], lastTokenParsed);
 #endif /* SQLITE_OMIT_WINDOWFUNC */
-      }else if( tokenType!=TK_QNUMBER ){
+      }else{
         Token x;
         x.z = zSql;
         x.n = n;
@@ -180521,18 +178866,6 @@ SQLITE_API int sqlite3_config(int op, ...){
     }
 #endif /* SQLITE_OMIT_DESERIALIZE */
 
-    case SQLITE_CONFIG_ROWID_IN_VIEW: {
-      int *pVal = va_arg(ap,int*);
-#ifdef SQLITE_ALLOW_ROWID_IN_VIEW
-      if( 0==*pVal ) sqlite3GlobalConfig.mNoVisibleRowid = TF_NoVisibleRowid;
-      if( 1==*pVal ) sqlite3GlobalConfig.mNoVisibleRowid = 0;
-      *pVal = (sqlite3GlobalConfig.mNoVisibleRowid==0);
-#else
-      *pVal = 0;
-#endif
-      break;
-    }
-
     default: {
       rc = SQLITE_ERROR;
       break;
@@ -190165,24 +188498,22 @@ static int fts3IntegrityMethod(
   char **pzErr              /* Write error message here */
 ){
   Fts3Table *p = (Fts3Table*)pVtab;
-  int rc = SQLITE_OK;
+  int rc;
   int bOk = 0;
 
   UNUSED_PARAMETER(isQuick);
   rc = sqlite3Fts3IntegrityCheck(p, &bOk);
-  assert( rc!=SQLITE_CORRUPT_VTAB );
-  if( rc==SQLITE_ERROR || (rc&0xFF)==SQLITE_CORRUPT ){
+  assert( rc!=SQLITE_CORRUPT_VTAB || bOk==0 );
+  if( rc!=SQLITE_OK && rc!=SQLITE_CORRUPT_VTAB ){
     *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
                              " FTS%d table %s.%s: %s",
                 p->bFts4 ? 4 : 3, zSchema, zTabname, sqlite3_errstr(rc));
-    if( *pzErr ) rc = SQLITE_OK;
-  }else if( rc==SQLITE_OK && bOk==0 ){
+  }else if( bOk==0 ){
     *pzErr = sqlite3_mprintf("malformed inverted index for FTS%d table %s.%s",
                 p->bFts4 ? 4 : 3, zSchema, zTabname);
-    if( *pzErr==0 ) rc = SQLITE_NOMEM;
   }
   sqlite3Fts3SegmentsClose(p);
-  return rc;
+  return SQLITE_OK;
 }
 
 
@@ -201844,12 +200175,7 @@ SQLITE_PRIVATE int sqlite3Fts3IntegrityCheck(Fts3Table *p, int *pbOk){
     sqlite3_finalize(pStmt);
   }
 
-  if( rc==SQLITE_CORRUPT_VTAB ){
-    rc = SQLITE_OK;
-    *pbOk = 0;
-  }else{
-    *pbOk = (rc==SQLITE_OK && cksum1==cksum2);
-  }
+  *pbOk = (rc==SQLITE_OK && cksum1==cksum2);
   return rc;
 }
 
@@ -202755,7 +201081,7 @@ static void fts3SnippetDetails(
         }
         mCover |= mPhrase;
 
-        for(j=0; jnToken && jnSnippet; j++){
+        for(j=0; jnToken; j++){
           mHighlight |= (mPos>>j);
         }
 
@@ -205416,6 +203742,7 @@ static void jsonAppendRawNZ(JsonString *p, const char *zIn, u32 N){
   }
 }
 
+
 /* Append formatted text (not to exceed N bytes) to the JsonString.
 */
 static void jsonPrintf(int N, JsonString *p, const char *zFormat, ...){
@@ -205473,40 +203800,6 @@ static void jsonAppendSeparator(JsonString *p){
   jsonAppendChar(p, ',');
 }
 
-/* c is a control character.  Append the canonical JSON representation
-** of that control character to p.
-**
-** This routine assumes that the output buffer has already been enlarged
-** sufficiently to hold the worst-case encoding plus a nul terminator.
-*/
-static void jsonAppendControlChar(JsonString *p, u8 c){
-  static const char aSpecial[] = {
-     0, 0, 0, 0, 0, 0, 0, 0, 'b', 't', 'n', 0, 'f', 'r', 0, 0,
-     0, 0, 0, 0, 0, 0, 0, 0,   0,   0,   0, 0,   0,   0, 0, 0
-  };
-  assert( sizeof(aSpecial)==32 );
-  assert( aSpecial['\b']=='b' );
-  assert( aSpecial['\f']=='f' );
-  assert( aSpecial['\n']=='n' );
-  assert( aSpecial['\r']=='r' );
-  assert( aSpecial['\t']=='t' );
-  assert( c>=0 && cnUsed+7 <= p->nAlloc );
-  if( aSpecial[c] ){
-    p->zBuf[p->nUsed] = '\\';
-    p->zBuf[p->nUsed+1] = aSpecial[c];
-    p->nUsed += 2;
-  }else{
-    p->zBuf[p->nUsed] = '\\';
-    p->zBuf[p->nUsed+1] = 'u';
-    p->zBuf[p->nUsed+2] = '0';
-    p->zBuf[p->nUsed+3] = '0';
-    p->zBuf[p->nUsed+4] = "0123456789abcdef"[c>>4];
-    p->zBuf[p->nUsed+5] = "0123456789abcdef"[c&0xf];
-    p->nUsed += 6;
-  }
-}
-
 /* Append the N-byte string in zIn to the end of the JsonString string
 ** under construction.  Enclose the string in double-quotes ("...") and
 ** escape any double-quotes or backslash characters contained within the
@@ -205566,14 +203859,35 @@ static void jsonAppendString(JsonString *p, const char *zIn, u32 N){
     }
     c = z[0];
     if( c=='"' || c=='\\' ){
+      json_simple_escape:
       if( (p->nUsed+N+3 > p->nAlloc) && jsonStringGrow(p,N+3)!=0 ) return;
       p->zBuf[p->nUsed++] = '\\';
       p->zBuf[p->nUsed++] = c;
     }else if( c=='\'' ){
       p->zBuf[p->nUsed++] = c;
     }else{
+      static const char aSpecial[] = {
+         0, 0, 0, 0, 0, 0, 0, 0, 'b', 't', 'n', 0, 'f', 'r', 0, 0,
+         0, 0, 0, 0, 0, 0, 0, 0,   0,   0,   0, 0,   0,   0, 0, 0
+      };
+      assert( sizeof(aSpecial)==32 );
+      assert( aSpecial['\b']=='b' );
+      assert( aSpecial['\f']=='f' );
+      assert( aSpecial['\n']=='n' );
+      assert( aSpecial['\r']=='r' );
+      assert( aSpecial['\t']=='t' );
+      assert( c>=0 && cnUsed+N+7 > p->nAlloc) && jsonStringGrow(p,N+7)!=0 ) return;
-      jsonAppendControlChar(p, c);
+      p->zBuf[p->nUsed++] = '\\';
+      p->zBuf[p->nUsed++] = 'u';
+      p->zBuf[p->nUsed++] = '0';
+      p->zBuf[p->nUsed++] = '0';
+      p->zBuf[p->nUsed++] = "0123456789abcdef"[c>>4];
+      p->zBuf[p->nUsed++] = "0123456789abcdef"[c&0xf];
     }
     z++;
     N--;
@@ -206274,10 +204588,7 @@ static u32 jsonbValidityCheck(
         if( !jsonIsOk[z[j]] && z[j]!='\'' ){
           if( z[j]=='"' ){
             if( x==JSONB_TEXTJ ) return j+1;
-          }else if( z[j]<=0x1f ){
-            /* Control characters in JSON5 string literals are ok */
-            if( x==JSONB_TEXTJ ) return j+1;
-          }else if( NEVER(z[j]!='\\') || j+1>=k ){
+          }else if( z[j]!='\\' || j+1>=k ){
             return j+1;
           }else if( strchr("\"\\/bfnrt",z[j+1])!=0 ){
             j++;
@@ -206475,7 +204786,6 @@ static int jsonTranslateTextToBlob(JsonParse *pParse, u32 i){
   case '[': {
     /* Parse array */
     iThis = pParse->nBlob;
-    assert( i<=(u32)pParse->nJson );
     jsonBlobAppendNode(pParse, JSONB_ARRAY, pParse->nJson - i, 0);
     iStart = pParse->nBlob;
     if( pParse->oom ) return -1;
@@ -206572,14 +204882,9 @@ static int jsonTranslateTextToBlob(JsonParse *pParse, u32 i){
           return -1;
         }
       }else if( c<=0x1f ){
-        if( c==0 ){
-          pParse->iErr = j;
-          return -1;
-        }
-        /* Control characters are not allowed in canonical JSON string
-        ** literals, but are allowed in JSON5 string literals. */
-        opcode = JSONB_TEXT5;
-        pParse->hasNonstd = 1;
+        /* Control characters are not allowed in strings */
+        pParse->iErr = j;
+        return -1;
       }else if( c=='"' ){
         opcode = JSONB_TEXT5;
       }
@@ -206795,7 +205100,6 @@ static int jsonTranslateTextToBlob(JsonParse *pParse, u32 i){
       return i+4;
     }
     /* fall-through into the default case that checks for NaN */
-    /* no break */ deliberate_fall_through
   }
   default: {
     u32 k;
@@ -206880,10 +205184,6 @@ static void jsonReturnStringAsBlob(JsonString *pStr){
   JsonParse px;
   memset(&px, 0, sizeof(px));
   jsonStringTerminate(pStr);
-  if( pStr->eErr ){
-    sqlite3_result_error_nomem(pStr->pCtx);
-    return;
-  }
   px.zJson = pStr->zBuf;
   px.nJson = pStr->nUsed;
   px.db = sqlite3_context_db_handle(pStr->pCtx);
@@ -207064,7 +205364,7 @@ static u32 jsonTranslateBlobToText(
       zIn = (const char*)&pParse->aBlob[i+n];
       jsonAppendChar(pOut, '"');
       while( sz2>0 ){
-        for(k=0; k0 ){
           jsonAppendRawNZ(pOut, zIn, k);
           if( k>=sz2 ){
@@ -207079,13 +205379,6 @@ static u32 jsonTranslateBlobToText(
           sz2--;
           continue;
         }
-        if( zIn[0]<=0x1f ){
-          if( pOut->nUsed+7>pOut->nAlloc && jsonStringGrow(pOut,7) ) break;
-          jsonAppendControlChar(pOut, zIn[0]);
-          zIn++;
-          sz2--;
-          continue;
-        }
         assert( zIn[0]=='\\' );
         assert( sz2>=1 );
         if( sz2<2 ){
@@ -207188,112 +205481,6 @@ static u32 jsonTranslateBlobToText(
   return i+n+sz;
 }
 
-/* Context for recursion of json_pretty()
-*/
-typedef struct JsonPretty JsonPretty;
-struct JsonPretty {
-  JsonParse *pParse;        /* The BLOB being rendered */
-  JsonString *pOut;         /* Generate pretty output into this string */
-  const char *zIndent;      /* Use this text for indentation */
-  u32 szIndent;             /* Bytes in zIndent[] */
-  u32 nIndent;              /* Current level of indentation */
-};
-
-/* Append indentation to the pretty JSON under construction */
-static void jsonPrettyIndent(JsonPretty *pPretty){
-  u32 jj;
-  for(jj=0; jjnIndent; jj++){
-    jsonAppendRaw(pPretty->pOut, pPretty->zIndent, pPretty->szIndent);
-  }
-}
-
-/*
-** Translate the binary JSONB representation of JSON beginning at
-** pParse->aBlob[i] into a JSON text string.  Append the JSON
-** text onto the end of pOut.  Return the index in pParse->aBlob[]
-** of the first byte past the end of the element that is translated.
-**
-** This is a variant of jsonTranslateBlobToText() that "pretty-prints"
-** the output.  Extra whitespace is inserted to make the JSON easier
-** for humans to read.
-**
-** If an error is detected in the BLOB input, the pOut->eErr flag
-** might get set to JSTRING_MALFORMED.  But not all BLOB input errors
-** are detected.  So a malformed JSONB input might either result
-** in an error, or in incorrect JSON.
-**
-** The pOut->eErr JSTRING_OOM flag is set on a OOM.
-*/
-static u32 jsonTranslateBlobToPrettyText(
-  JsonPretty *pPretty,       /* Pretty-printing context */
-  u32 i                      /* Start rendering at this index */
-){
-  u32 sz, n, j, iEnd;
-  const JsonParse *pParse = pPretty->pParse;
-  JsonString *pOut = pPretty->pOut;
-  n = jsonbPayloadSize(pParse, i, &sz);
-  if( n==0 ){
-    pOut->eErr |= JSTRING_MALFORMED;
-    return pParse->nBlob+1;
-  }
-  switch( pParse->aBlob[i] & 0x0f ){
-    case JSONB_ARRAY: {
-      j = i+n;
-      iEnd = j+sz;
-      jsonAppendChar(pOut, '[');
-      if( jnIndent++;
-        while( pOut->eErr==0 ){
-          jsonPrettyIndent(pPretty);
-          j = jsonTranslateBlobToPrettyText(pPretty, j);
-          if( j>=iEnd ) break;
-          jsonAppendRawNZ(pOut, ",\n", 2);
-        }
-        jsonAppendChar(pOut, '\n');
-        pPretty->nIndent--;
-        jsonPrettyIndent(pPretty);
-      }
-      jsonAppendChar(pOut, ']');
-      i = iEnd;
-      break;
-    }
-    case JSONB_OBJECT: {
-      j = i+n;
-      iEnd = j+sz;
-      jsonAppendChar(pOut, '{');
-      if( jnIndent++;
-        while( pOut->eErr==0 ){
-          jsonPrettyIndent(pPretty);
-          j = jsonTranslateBlobToText(pParse, j, pOut);
-          if( j>iEnd ){
-            pOut->eErr |= JSTRING_MALFORMED;
-            break;
-          }
-          jsonAppendRawNZ(pOut, ": ", 2);
-          j = jsonTranslateBlobToPrettyText(pPretty, j);
-          if( j>=iEnd ) break;
-          jsonAppendRawNZ(pOut, ",\n", 2);
-        }
-        jsonAppendChar(pOut, '\n');
-        pPretty->nIndent--;
-        jsonPrettyIndent(pPretty);
-      }
-      jsonAppendChar(pOut, '}');
-      i = iEnd;
-      break;
-    }
-    default: {
-      i = jsonTranslateBlobToText(pParse, i, pOut);
-      break;
-    }
-  }
-  return i;
-}
-
-
 /* Return true if the input pJson
 **
 ** For performance reasons, this routine does not do a detailed check of the
@@ -208322,9 +206509,8 @@ static JsonParse *jsonParseFuncArg(
   }
   p->zJson = (char*)sqlite3_value_text(pArg);
   p->nJson = sqlite3_value_bytes(pArg);
-  if( db->mallocFailed ) goto json_pfa_oom;
   if( p->nJson==0 ) goto json_pfa_malformed;
-  assert( p->zJson!=0 );
+  if( NEVER(p->zJson==0) ) goto json_pfa_oom;
   if( jsonConvertTextToBlob(p, (flgs & JSON_KEEPERROR) ? 0 : ctx) ){
     if( flgs & JSON_KEEPERROR ){
       p->nErr = 1;
@@ -208490,10 +206676,10 @@ static void jsonDebugPrintBlob(
       if( sz==0 && x<=JSONB_FALSE ){
         sqlite3_str_append(pOut, "\n", 1);
       }else{
-        u32 j;
+        u32 i;
         sqlite3_str_appendall(pOut, ": \"");
-        for(j=iStart+n; jaBlob[j];
+        for(i=iStart+n; iaBlob[i];
           if( c<0x20 || c>=0x7f ) c = '.';
           sqlite3_str_append(pOut, (char*)&c, 1);
         }
@@ -208544,12 +206730,11 @@ static void jsonParseFunc(
   if( p==0 ) return;
   if( argc==1 ){
     jsonDebugPrintBlob(p, 0, p->nBlob, 0, &out);
-    sqlite3_result_text64(ctx,out.zText,out.nChar,SQLITE_TRANSIENT,SQLITE_UTF8);
+    sqlite3_result_text64(ctx, out.zText, out.nChar, SQLITE_DYNAMIC, SQLITE_UTF8);
   }else{
     jsonShowParse(p);
   }
   jsonParseFree(p);
-  sqlite3_str_reset(&out);
 }
 #endif /* SQLITE_DEBUG */
 
@@ -208648,6 +206833,13 @@ static void jsonArrayLengthFunc(
   jsonParseFree(p);
 }
 
+/* True if the string is all digits */
+static int jsonAllDigits(const char *z, int n){
+  int i;
+  for(i=0; i  $[NUMBER]     // Not PG.  Purely for convenience
       */
       jsonStringInit(&jx, ctx);
-      if( sqlite3_value_type(argv[i])==SQLITE_INTEGER ){
+      if( jsonAllDigits(zPath, nPath) ){
         jsonAppendRawNZ(&jx, "[", 1);
         jsonAppendRaw(&jx, zPath, nPath);
         jsonAppendRawNZ(&jx, "]", 2);
@@ -209206,40 +207398,6 @@ static void jsonTypeFunc(
   jsonParseFree(p);
 }
 
-/*
-** json_pretty(JSON)
-** json_pretty(JSON, INDENT)
-**
-** Return text that is a pretty-printed rendering of the input JSON.
-** If the argument is not valid JSON, return NULL.
-**
-** The INDENT argument is text that is used for indentation.  If omitted,
-** it defaults to four spaces (the same as PostgreSQL).
-*/
-static void jsonPrettyFunc(
-  sqlite3_context *ctx,
-  int argc,
-  sqlite3_value **argv
-){
-  JsonString s;          /* The output string */
-  JsonPretty x;          /* Pretty printing context */
-
-  memset(&x, 0, sizeof(x));
-  x.pParse = jsonParseFuncArg(ctx, argv[0], 0);
-  if( x.pParse==0 ) return;
-  x.pOut = &s;
-  jsonStringInit(&s, ctx);
-  if( argc==1 || (x.zIndent = (const char*)sqlite3_value_text(argv[1]))==0 ){
-    x.zIndent = "    ";
-    x.szIndent = 4;
-  }else{
-    x.szIndent = (u32)strlen(x.zIndent);
-  }
-  jsonTranslateBlobToPrettyText(&x, 0);
-  jsonReturnString(&s, 0, 0);
-  jsonParseFree(x.pParse);
-}
-
 /*
 ** json_valid(JSON)
 ** json_valid(JSON, FLAGS)
@@ -209929,9 +208087,6 @@ static int jsonEachColumn(
     case JEACH_VALUE: {
       u32 i = jsonSkipLabel(p);
       jsonReturnFromBlob(&p->sParse, i, ctx, 1);
-      if( (p->sParse.aBlob[i] & 0x0f)>=JSONB_ARRAY ){
-        sqlite3_result_subtype(ctx, JSON_SUBTYPE);
-      }
       break;
     }
     case JEACH_TYPE: {
@@ -209978,9 +208133,9 @@ static int jsonEachColumn(
     case JEACH_JSON: {
       if( p->sParse.zJson==0 ){
         sqlite3_result_blob(ctx, p->sParse.aBlob, p->sParse.nBlob,
-                            SQLITE_TRANSIENT);
+                            SQLITE_STATIC);
       }else{
-        sqlite3_result_text(ctx, p->sParse.zJson, -1, SQLITE_TRANSIENT);
+        sqlite3_result_text(ctx, p->sParse.zJson, -1, SQLITE_STATIC);
       }
       break;
     }
@@ -210254,8 +208409,6 @@ SQLITE_PRIVATE void sqlite3RegisterJsonFunctions(void){
     JFUNCTION(jsonb_object,      -1,0,1, 1,1,0,          jsonObjectFunc),
     JFUNCTION(json_patch,         2,1,1, 0,0,0,          jsonPatchFunc),
     JFUNCTION(jsonb_patch,        2,1,0, 0,1,0,          jsonPatchFunc),
-    JFUNCTION(json_pretty,        1,1,0, 0,0,0,          jsonPrettyFunc),
-    JFUNCTION(json_pretty,        2,1,0, 0,0,0,          jsonPrettyFunc),
     JFUNCTION(json_quote,         1,0,1, 1,0,0,          jsonQuoteFunc),
     JFUNCTION(json_remove,       -1,1,1, 0,0,0,          jsonRemoveFunc),
     JFUNCTION(jsonb_remove,      -1,1,0, 0,1,0,          jsonRemoveFunc),
@@ -211008,9 +209161,11 @@ static RtreeNode *nodeNew(Rtree *pRtree, RtreeNode *pParent){
 ** Clear the Rtree.pNodeBlob object
 */
 static void nodeBlobReset(Rtree *pRtree){
-  sqlite3_blob *pBlob = pRtree->pNodeBlob;
-  pRtree->pNodeBlob = 0;
-  sqlite3_blob_close(pBlob);
+  if( pRtree->pNodeBlob && pRtree->inWrTrans==0 && pRtree->nCursor==0 ){
+    sqlite3_blob *pBlob = pRtree->pNodeBlob;
+    pRtree->pNodeBlob = 0;
+    sqlite3_blob_close(pBlob);
+  }
 }
 
 /*
@@ -211054,6 +209209,7 @@ static int nodeAcquire(
                            &pRtree->pNodeBlob);
   }
   if( rc ){
+    nodeBlobReset(pRtree);
     *ppNode = 0;
     /* If unable to open an sqlite3_blob on the desired row, that can only
     ** be because the shadow tables hold erroneous data. */
@@ -211113,7 +209269,6 @@ static int nodeAcquire(
     }
     *ppNode = pNode;
   }else{
-    nodeBlobReset(pRtree);
     if( pNode ){
       pRtree->nNodeRef--;
       sqlite3_free(pNode);
@@ -211258,7 +209413,6 @@ static void nodeGetCoord(
   int iCoord,                  /* Which coordinate to extract */
   RtreeCoord *pCoord           /* OUT: Space to write result to */
 ){
-  assert( iCellzData[12 + pRtree->nBytesPerCell*iCell + 4*iCoord], pCoord);
 }
 
@@ -211448,9 +209602,7 @@ static int rtreeClose(sqlite3_vtab_cursor *cur){
   sqlite3_finalize(pCsr->pReadAux);
   sqlite3_free(pCsr);
   pRtree->nCursor--;
-  if( pRtree->nCursor==0 && pRtree->inWrTrans==0 ){
-    nodeBlobReset(pRtree);
-  }
+  nodeBlobReset(pRtree);
   return SQLITE_OK;
 }
 
@@ -212035,11 +210187,7 @@ static int rtreeRowid(sqlite3_vtab_cursor *pVtabCursor, sqlite_int64 *pRowid){
   int rc = SQLITE_OK;
   RtreeNode *pNode = rtreeNodeOfFirstSearchPoint(pCsr, &rc);
   if( rc==SQLITE_OK && ALWAYS(p) ){
-    if( p->iCell>=NCELL(pNode) ){
-      rc = SQLITE_ABORT;
-    }else{
-      *pRowid = nodeGetRowid(RTREE_OF_CURSOR(pCsr), pNode, p->iCell);
-    }
+    *pRowid = nodeGetRowid(RTREE_OF_CURSOR(pCsr), pNode, p->iCell);
   }
   return rc;
 }
@@ -212057,7 +210205,6 @@ static int rtreeColumn(sqlite3_vtab_cursor *cur, sqlite3_context *ctx, int i){
 
   if( rc ) return rc;
   if( NEVER(p==0) ) return SQLITE_OK;
-  if( p->iCell>=NCELL(pNode) ) return SQLITE_ABORT;
   if( i==0 ){
     sqlite3_result_int64(ctx, nodeGetRowid(pRtree, pNode, p->iCell));
   }else if( i<=pRtree->nDim2 ){
@@ -212155,8 +210302,6 @@ static int deserializeGeometry(sqlite3_value *pValue, RtreeConstraint *pCons){
   return SQLITE_OK;
 }
 
-SQLITE_PRIVATE int sqlite3IntFloatCompare(i64,double);
-
 /*
 ** Rtree virtual table module xFilter method.
 */
@@ -212186,8 +210331,7 @@ static int rtreeFilter(
     i64 iNode = 0;
     int eType = sqlite3_value_numeric_type(argv[0]);
     if( eType==SQLITE_INTEGER
-     || (eType==SQLITE_FLOAT
-         && 0==sqlite3IntFloatCompare(iRowid,sqlite3_value_double(argv[0])))
+     || (eType==SQLITE_FLOAT && sqlite3_value_double(argv[0])==iRowid)
     ){
       rc = findLeafNode(pRtree, iRowid, &pLeaf, &iNode);
     }else{
@@ -213543,7 +211687,7 @@ static int rtreeUpdate(
 static int rtreeBeginTransaction(sqlite3_vtab *pVtab){
   Rtree *pRtree = (Rtree *)pVtab;
   assert( pRtree->inWrTrans==0 );
-  pRtree->inWrTrans = 1;
+  pRtree->inWrTrans++;
   return SQLITE_OK;
 }
 
@@ -213557,9 +211701,6 @@ static int rtreeEndTransaction(sqlite3_vtab *pVtab){
   nodeBlobReset(pRtree);
   return SQLITE_OK;
 }
-static int rtreeRollback(sqlite3_vtab *pVtab){
-  return rtreeEndTransaction(pVtab);
-}
 
 /*
 ** The xRename method for rtree module virtual tables.
@@ -213678,7 +211819,7 @@ static sqlite3_module rtreeModule = {
   rtreeBeginTransaction,      /* xBegin - begin transaction */
   rtreeEndTransaction,        /* xSync - sync transaction */
   rtreeEndTransaction,        /* xCommit - commit transaction */
-  rtreeRollback,              /* xRollback - rollback transaction */
+  rtreeEndTransaction,        /* xRollback - rollback transaction */
   0,                          /* xFindFunction - function overloading */
   rtreeRename,                /* xRename - rename the table */
   rtreeSavepoint,             /* xSavepoint */
@@ -217097,7 +215238,7 @@ static void icuLoadCollation(
   UCollator *pUCollator;    /* ICU library collation object */
   int rc;                   /* Return code from sqlite3_create_collation_x() */
 
-  assert(nArg==2 || nArg==3);
+  assert(nArg==2);
   (void)nArg; /* Unused parameter */
   zLocale = (const char *)sqlite3_value_text(apArg[0]);
   zName = (const char *)sqlite3_value_text(apArg[1]);
@@ -217112,39 +215253,7 @@ static void icuLoadCollation(
     return;
   }
   assert(p);
-  if(nArg==3){
-    const char *zOption = (const char*)sqlite3_value_text(apArg[2]);
-    static const struct {
-       const char *zName;
-       UColAttributeValue val;
-    } aStrength[] = {
-      {  "PRIMARY",      UCOL_PRIMARY           },
-      {  "SECONDARY",    UCOL_SECONDARY         },
-      {  "TERTIARY",     UCOL_TERTIARY          },
-      {  "DEFAULT",      UCOL_DEFAULT_STRENGTH  },
-      {  "QUARTERNARY",  UCOL_QUATERNARY        },
-      {  "IDENTICAL",    UCOL_IDENTICAL         },
-    };
-    unsigned int i;
-    for(i=0; i=sizeof(aStrength)/sizeof(aStrength[0]) ){
-      sqlite3_str *pStr = sqlite3_str_new(sqlite3_context_db_handle(p));
-      sqlite3_str_appendf(pStr,
-         "unknown collation strength \"%s\" - should be one of:",
-         zOption);
-      for(i=0; ipTblIter, &p->zErrmsg);
           pIter->zTbl = 0;
-          pIter->zDataTbl = 0;
         }else{
           pIter->zTbl = (const char*)sqlite3_column_text(pIter->pTblIter, 0);
           pIter->zDataTbl = (const char*)sqlite3_column_text(pIter->pTblIter,1);
@@ -221100,7 +219206,7 @@ static i64 rbuShmChecksum(sqlite3rbu *p){
     u32 volatile *ptr;
     p->rc = pDb->pMethods->xShmMap(pDb, 0, 32*1024, 0, (void volatile**)&ptr);
     if( p->rc==SQLITE_OK ){
-      iRet = (i64)(((u64)ptr[10] << 32) + ptr[11]);
+      iRet = ((i64)ptr[10] << 32) + ptr[11];
     }
   }
   return iRet;
@@ -228571,14 +226677,14 @@ static int sessionChangesetNextOne(
   p->rc = sessionInputBuffer(&p->in, 2);
   if( p->rc!=SQLITE_OK ) return p->rc;
 
-  sessionDiscardData(&p->in);
-  p->in.iCurrent = p->in.iNext;
-
   /* If the iterator is already at the end of the changeset, return DONE. */
   if( p->in.iNext>=p->in.nData ){
     return SQLITE_DONE;
   }
 
+  sessionDiscardData(&p->in);
+  p->in.iCurrent = p->in.iNext;
+
   op = p->in.aData[p->in.iNext++];
   while( op=='T' || op=='P' ){
     if( pbNew ) *pbNew = 1;
@@ -230313,7 +228419,6 @@ struct sqlite3_changegroup {
   int rc;                         /* Error code */
   int bPatch;                     /* True to accumulate patchsets */
   SessionTable *pList;            /* List of tables in current patch */
-  SessionBuffer rec;
 
   sqlite3 *db;                    /* Configured by changegroup_schema() */
   char *zDb;                      /* Configured by changegroup_schema() */
@@ -230612,128 +228717,108 @@ static int sessionChangesetExtendRecord(
 }
 
 /*
-** Locate or create a SessionTable object that may be used to add the
-** change currently pointed to by iterator pIter to changegroup pGrp.
-** If successful, set output variable (*ppTab) to point to the table
-** object and return SQLITE_OK. Otherwise, if some error occurs, return
-** an SQLite error code and leave (*ppTab) set to NULL.
+** Add all changes in the changeset traversed by the iterator passed as
+** the first argument to the changegroup hash tables.
 */
-static int sessionChangesetFindTable(
-  sqlite3_changegroup *pGrp,
-  const char *zTab,
-  sqlite3_changeset_iter *pIter,
-  SessionTable **ppTab
+static int sessionChangesetToHash(
+  sqlite3_changeset_iter *pIter,   /* Iterator to read from */
+  sqlite3_changegroup *pGrp,       /* Changegroup object to add changeset to */
+  int bRebase                      /* True if hash table is for rebasing */
 ){
+  u8 *aRec;
+  int nRec;
   int rc = SQLITE_OK;
   SessionTable *pTab = 0;
-  int nTab = (int)strlen(zTab);
-  u8 *abPK = 0;
-  int nCol = 0;
-
-  *ppTab = 0;
-  sqlite3changeset_pk(pIter, &abPK, &nCol);
-
-  /* Search the list for an existing table */
-  for(pTab = pGrp->pList; pTab; pTab=pTab->pNext){
-    if( 0==sqlite3_strnicmp(pTab->zName, zTab, nTab+1) ) break;
-  }
+  SessionBuffer rec = {0, 0, 0};
 
-  /* If one was not found above, create a new table now */
-  if( !pTab ){
-    SessionTable **ppNew;
-
-    pTab = sqlite3_malloc64(sizeof(SessionTable) + nCol + nTab+1);
-    if( !pTab ){
-      return SQLITE_NOMEM;
-    }
-    memset(pTab, 0, sizeof(SessionTable));
-    pTab->nCol = nCol;
-    pTab->abPK = (u8*)&pTab[1];
-    memcpy(pTab->abPK, abPK, nCol);
-    pTab->zName = (char*)&pTab->abPK[nCol];
-    memcpy(pTab->zName, zTab, nTab+1);
-
-    if( pGrp->db ){
-      pTab->nCol = 0;
-      rc = sessionInitTable(0, pTab, pGrp->db, pGrp->zDb);
-      if( rc ){
-        assert( pTab->azCol==0 );
-        sqlite3_free(pTab);
-        return rc;
-      }
+  while( SQLITE_ROW==sessionChangesetNext(pIter, &aRec, &nRec, 0) ){
+    const char *zNew;
+    int nCol;
+    int op;
+    int iHash;
+    int bIndirect;
+    SessionChange *pChange;
+    SessionChange *pExist = 0;
+    SessionChange **pp;
+
+    /* Ensure that only changesets, or only patchsets, but not a mixture
+    ** of both, are being combined. It is an error to try to combine a
+    ** changeset and a patchset.  */
+    if( pGrp->pList==0 ){
+      pGrp->bPatch = pIter->bPatchset;
+    }else if( pIter->bPatchset!=pGrp->bPatch ){
+      rc = SQLITE_ERROR;
+      break;
     }
 
-    /* The new object must be linked on to the end of the list, not
-    ** simply added to the start of it. This is to ensure that the
-    ** tables within the output of sqlite3changegroup_output() are in
-    ** the right order.  */
-    for(ppNew=&pGrp->pList; *ppNew; ppNew=&(*ppNew)->pNext);
-    *ppNew = pTab;
-  }
-
-  /* Check that the table is compatible. */
-  if( !sessionChangesetCheckCompat(pTab, nCol, abPK) ){
-    rc = SQLITE_SCHEMA;
-  }
+    sqlite3changeset_op(pIter, &zNew, &nCol, &op, &bIndirect);
+    if( !pTab || sqlite3_stricmp(zNew, pTab->zName) ){
+      /* Search the list for a matching table */
+      int nNew = (int)strlen(zNew);
+      u8 *abPK;
 
-  *ppTab = pTab;
-  return rc;
-}
+      sqlite3changeset_pk(pIter, &abPK, 0);
+      for(pTab = pGrp->pList; pTab; pTab=pTab->pNext){
+        if( 0==sqlite3_strnicmp(pTab->zName, zNew, nNew+1) ) break;
+      }
+      if( !pTab ){
+        SessionTable **ppTab;
 
-/*
-** Add the change currently indicated by iterator pIter to the hash table
-** belonging to changegroup pGrp.
-*/
-static int sessionOneChangeToHash(
-  sqlite3_changegroup *pGrp,
-  sqlite3_changeset_iter *pIter,
-  int bRebase
-){
-  int rc = SQLITE_OK;
-  int nCol = 0;
-  int op = 0;
-  int iHash = 0;
-  int bIndirect = 0;
-  SessionChange *pChange = 0;
-  SessionChange *pExist = 0;
-  SessionChange **pp = 0;
-  SessionTable *pTab = 0;
-  u8 *aRec = &pIter->in.aData[pIter->in.iCurrent + 2];
-  int nRec = (pIter->in.iNext - pIter->in.iCurrent) - 2;
-
-  /* Ensure that only changesets, or only patchsets, but not a mixture
-  ** of both, are being combined. It is an error to try to combine a
-  ** changeset and a patchset.  */
-  if( pGrp->pList==0 ){
-    pGrp->bPatch = pIter->bPatchset;
-  }else if( pIter->bPatchset!=pGrp->bPatch ){
-    rc = SQLITE_ERROR;
-  }
+        pTab = sqlite3_malloc64(sizeof(SessionTable) + nCol + nNew+1);
+        if( !pTab ){
+          rc = SQLITE_NOMEM;
+          break;
+        }
+        memset(pTab, 0, sizeof(SessionTable));
+        pTab->nCol = nCol;
+        pTab->abPK = (u8*)&pTab[1];
+        memcpy(pTab->abPK, abPK, nCol);
+        pTab->zName = (char*)&pTab->abPK[nCol];
+        memcpy(pTab->zName, zNew, nNew+1);
+
+        if( pGrp->db ){
+          pTab->nCol = 0;
+          rc = sessionInitTable(0, pTab, pGrp->db, pGrp->zDb);
+          if( rc ){
+            assert( pTab->azCol==0 );
+            sqlite3_free(pTab);
+            break;
+          }
+        }
 
-  if( rc==SQLITE_OK ){
-    const char *zTab = 0;
-    sqlite3changeset_op(pIter, &zTab, &nCol, &op, &bIndirect);
-    rc = sessionChangesetFindTable(pGrp, zTab, pIter, &pTab);
-  }
+        /* The new object must be linked on to the end of the list, not
+        ** simply added to the start of it. This is to ensure that the
+        ** tables within the output of sqlite3changegroup_output() are in
+        ** the right order.  */
+        for(ppTab=&pGrp->pList; *ppTab; ppTab=&(*ppTab)->pNext);
+        *ppTab = pTab;
+      }
 
-  if( rc==SQLITE_OK && nColnCol ){
-    SessionBuffer *pBuf = &pGrp->rec;
-    rc = sessionChangesetExtendRecord(pGrp, pTab, nCol, op, aRec, nRec, pBuf);
-    aRec = pBuf->aBuf;
-    nRec = pBuf->nBuf;
-    assert( pGrp->db );
-  }
+      if( !sessionChangesetCheckCompat(pTab, nCol, abPK) ){
+        rc = SQLITE_SCHEMA;
+        break;
+      }
+    }
 
-  if( rc==SQLITE_OK && sessionGrowHash(0, pIter->bPatchset, pTab) ){
-    rc = SQLITE_NOMEM;
-  }
+    if( nColnCol ){
+      assert( pGrp->db );
+      rc = sessionChangesetExtendRecord(pGrp, pTab, nCol, op, aRec, nRec, &rec);
+      if( rc ) break;
+      aRec = rec.aBuf;
+      nRec = rec.nBuf;
+    }
 
-  if( rc==SQLITE_OK ){
-    /* Search for existing entry. If found, remove it from the hash table.
-    ** Code below may link it back in.  */
+    if( sessionGrowHash(0, pIter->bPatchset, pTab) ){
+      rc = SQLITE_NOMEM;
+      break;
+    }
     iHash = sessionChangeHash(
         pTab, (pIter->bPatchset && op==SQLITE_DELETE), aRec, pTab->nChange
     );
+
+    /* Search for existing entry. If found, remove it from the hash table.
+    ** Code below may link it back in.
+    */
     for(pp=&pTab->apChange[iHash]; *pp; pp=&(*pp)->pNext){
       int bPkOnly1 = 0;
       int bPkOnly2 = 0;
@@ -230748,41 +228833,19 @@ static int sessionOneChangeToHash(
         break;
       }
     }
-  }
 
-  if( rc==SQLITE_OK ){
     rc = sessionChangeMerge(pTab, bRebase,
         pIter->bPatchset, pExist, op, bIndirect, aRec, nRec, &pChange
     );
-  }
-  if( rc==SQLITE_OK && pChange ){
-    pChange->pNext = pTab->apChange[iHash];
-    pTab->apChange[iHash] = pChange;
-    pTab->nEntry++;
-  }
-
-  if( rc==SQLITE_OK ) rc = pIter->rc;
-  return rc;
-}
-
-/*
-** Add all changes in the changeset traversed by the iterator passed as
-** the first argument to the changegroup hash tables.
-*/
-static int sessionChangesetToHash(
-  sqlite3_changeset_iter *pIter,   /* Iterator to read from */
-  sqlite3_changegroup *pGrp,       /* Changegroup object to add changeset to */
-  int bRebase                      /* True if hash table is for rebasing */
-){
-  u8 *aRec;
-  int nRec;
-  int rc = SQLITE_OK;
-
-  while( SQLITE_ROW==(sessionChangesetNext(pIter, &aRec, &nRec, 0)) ){
-    rc = sessionOneChangeToHash(pGrp, pIter, bRebase);
-    if( rc!=SQLITE_OK ) break;
+    if( rc ) break;
+    if( pChange ){
+      pChange->pNext = pTab->apChange[iHash];
+      pTab->apChange[iHash] = pChange;
+      pTab->nEntry++;
+    }
   }
 
+  sqlite3_free(rec.aBuf);
   if( rc==SQLITE_OK ) rc = pIter->rc;
   return rc;
 }
@@ -230910,23 +228973,6 @@ SQLITE_API int sqlite3changegroup_add(sqlite3_changegroup *pGrp, int nData, void
   return rc;
 }
 
-/*
-** Add a single change to a changeset-group.
-*/
-SQLITE_API int sqlite3changegroup_add_change(
-  sqlite3_changegroup *pGrp,
-  sqlite3_changeset_iter *pIter
-){
-  if( pIter->in.iCurrent==pIter->in.iNext
-   || pIter->rc!=SQLITE_OK
-   || pIter->bInvert
-  ){
-    /* Iterator does not point to any valid entry or is an INVERT iterator. */
-    return SQLITE_ERROR;
-  }
-  return sessionOneChangeToHash(pGrp, pIter, 0);
-}
-
 /*
 ** Obtain a buffer containing a changeset representing the concatenation
 ** of all changesets added to the group so far.
@@ -230976,7 +229022,6 @@ SQLITE_API void sqlite3changegroup_delete(sqlite3_changegroup *pGrp){
   if( pGrp ){
     sqlite3_free(pGrp->zDb);
     sessionDeleteTable(0, pGrp->pList);
-    sqlite3_free(pGrp->rec.aBuf);
     sqlite3_free(pGrp);
   }
 }
@@ -231378,7 +229423,6 @@ SQLITE_API int sqlite3rebaser_rebase_strm(
 SQLITE_API void sqlite3rebaser_delete(sqlite3_rebaser *p){
   if( p ){
     sessionDeleteTable(0, p->grp.pList);
-    sqlite3_free(p->grp.rec.aBuf);
     sqlite3_free(p);
   }
 }
@@ -231476,8 +229520,8 @@ struct Fts5PhraseIter {
 ** EXTENSION API FUNCTIONS
 **
 ** xUserData(pFts):
-**   Return a copy of the pUserData pointer passed to the xCreateFunction()
-**   API when the extension function was registered.
+**   Return a copy of the context pointer the extension function was
+**   registered with.
 **
 ** xColumnTotalSize(pFts, iCol, pnToken):
 **   If parameter iCol is less than zero, set output variable *pnToken
@@ -233073,9 +231117,6 @@ static void sqlite3Fts5UnicodeAscii(u8*, u8*);
 **    sqlite3Fts5ParserARG_STORE     Code to store %extra_argument into fts5yypParser
 **    sqlite3Fts5ParserARG_FETCH     Code to extract %extra_argument from fts5yypParser
 **    sqlite3Fts5ParserCTX_*         As sqlite3Fts5ParserARG_ except for %extra_context
-**    fts5YYREALLOC          Name of the realloc() function to use
-**    fts5YYFREE             Name of the free() function to use
-**    fts5YYDYNSTACK         True if stack space should be extended on heap
 **    fts5YYERRORSYMBOL      is the code number of the error symbol.  If not
 **                       defined, then do no error processing.
 **    fts5YYNSTATE           the combined number of states.
@@ -233089,8 +231130,6 @@ static void sqlite3Fts5UnicodeAscii(u8*, u8*);
 **    fts5YY_NO_ACTION       The fts5yy_action[] code for no-op
 **    fts5YY_MIN_REDUCE      Minimum value for reduce actions
 **    fts5YY_MAX_REDUCE      Maximum value for reduce actions
-**    fts5YY_MIN_DSTRCTR     Minimum symbol value that has a destructor
-**    fts5YY_MAX_DSTRCTR     Maximum symbol value that has a destructor
 */
 #ifndef INTERFACE
 # define INTERFACE 1
@@ -233117,9 +231156,6 @@ typedef union {
 #define sqlite3Fts5ParserARG_PARAM ,pParse
 #define sqlite3Fts5ParserARG_FETCH Fts5Parse *pParse=fts5yypParser->pParse;
 #define sqlite3Fts5ParserARG_STORE fts5yypParser->pParse=pParse;
-#define fts5YYREALLOC realloc
-#define fts5YYFREE free
-#define fts5YYDYNSTACK 0
 #define sqlite3Fts5ParserCTX_SDECL
 #define sqlite3Fts5ParserCTX_PDECL
 #define sqlite3Fts5ParserCTX_PARAM
@@ -233137,8 +231173,6 @@ typedef union {
 #define fts5YY_NO_ACTION         82
 #define fts5YY_MIN_REDUCE        83
 #define fts5YY_MAX_REDUCE        110
-#define fts5YY_MIN_DSTRCTR       16
-#define fts5YY_MAX_DSTRCTR       24
 /************* End control #defines *******************************************/
 #define fts5YY_NLOOKAHEAD ((int)(sizeof(fts5yy_lookahead)/sizeof(fts5yy_lookahead[0])))
 
@@ -233154,22 +231188,6 @@ typedef union {
 # define fts5yytestcase(X)
 #endif
 
-/* Macro to determine if stack space has the ability to grow using
-** heap memory.
-*/
-#if fts5YYSTACKDEPTH<=0 || fts5YYDYNSTACK
-# define fts5YYGROWABLESTACK 1
-#else
-# define fts5YYGROWABLESTACK 0
-#endif
-
-/* Guarantee a minimum number of initial stack slots.
-*/
-#if fts5YYSTACKDEPTH<=0
-# undef fts5YYSTACKDEPTH
-# define fts5YYSTACKDEPTH 2  /* Need a minimum stack size */
-#endif
-
 
 /* Next are the tables used to determine what action to take based on the
 ** current state and lookahead token.  These tables are used to implement
@@ -233330,9 +231348,14 @@ struct fts5yyParser {
 #endif
   sqlite3Fts5ParserARG_SDECL                /* A place to hold %extra_argument */
   sqlite3Fts5ParserCTX_SDECL                /* A place to hold %extra_context */
-  fts5yyStackEntry *fts5yystackEnd;           /* Last entry in the stack */
-  fts5yyStackEntry *fts5yystack;              /* The parser stack */
-  fts5yyStackEntry fts5yystk0[fts5YYSTACKDEPTH];  /* Initial stack space */
+#if fts5YYSTACKDEPTH<=0
+  int fts5yystksz;                  /* Current side of the stack */
+  fts5yyStackEntry *fts5yystack;        /* The parser's stack */
+  fts5yyStackEntry fts5yystk0;          /* First stack entry */
+#else
+  fts5yyStackEntry fts5yystack[fts5YYSTACKDEPTH];  /* The parser's stack */
+  fts5yyStackEntry *fts5yystackEnd;            /* Last entry in the stack */
+#endif
 };
 typedef struct fts5yyParser fts5yyParser;
 
@@ -233439,45 +231462,37 @@ static const char *const fts5yyRuleName[] = {
 #endif /* NDEBUG */
 
 
-#if fts5YYGROWABLESTACK
+#if fts5YYSTACKDEPTH<=0
 /*
 ** Try to increase the size of the parser stack.  Return the number
 ** of errors.  Return 0 on success.
 */
 static int fts5yyGrowStack(fts5yyParser *p){
-  int oldSize = 1 + (int)(p->fts5yystackEnd - p->fts5yystack);
   int newSize;
   int idx;
   fts5yyStackEntry *pNew;
 
-  newSize = oldSize*2 + 100;
-  idx = (int)(p->fts5yytos - p->fts5yystack);
-  if( p->fts5yystack==p->fts5yystk0 ){
-    pNew = fts5YYREALLOC(0, newSize*sizeof(pNew[0]));
-    if( pNew==0 ) return 1;
-    memcpy(pNew, p->fts5yystack, oldSize*sizeof(pNew[0]));
+  newSize = p->fts5yystksz*2 + 100;
+  idx = p->fts5yytos ? (int)(p->fts5yytos - p->fts5yystack) : 0;
+  if( p->fts5yystack==&p->fts5yystk0 ){
+    pNew = malloc(newSize*sizeof(pNew[0]));
+    if( pNew ) pNew[0] = p->fts5yystk0;
   }else{
-    pNew = fts5YYREALLOC(p->fts5yystack, newSize*sizeof(pNew[0]));
-    if( pNew==0 ) return 1;
+    pNew = realloc(p->fts5yystack, newSize*sizeof(pNew[0]));
   }
-  p->fts5yystack = pNew;
-  p->fts5yytos = &p->fts5yystack[idx];
+  if( pNew ){
+    p->fts5yystack = pNew;
+    p->fts5yytos = &p->fts5yystack[idx];
 #ifndef NDEBUG
-  if( fts5yyTraceFILE ){
-    fprintf(fts5yyTraceFILE,"%sStack grows from %d to %d entries.\n",
-            fts5yyTracePrompt, oldSize, newSize);
-  }
+    if( fts5yyTraceFILE ){
+      fprintf(fts5yyTraceFILE,"%sStack grows from %d to %d entries.\n",
+              fts5yyTracePrompt, p->fts5yystksz, newSize);
+    }
 #endif
-  p->fts5yystackEnd = &p->fts5yystack[newSize-1];
-  return 0;
+    p->fts5yystksz = newSize;
+  }
+  return pNew==0;
 }
-#endif /* fts5YYGROWABLESTACK */
-
-#if !fts5YYGROWABLESTACK
-/* For builds that do no have a growable stack, fts5yyGrowStack always
-** returns an error.
-*/
-# define fts5yyGrowStack(X) 1
 #endif
 
 /* Datatype of the argument to the memory allocated passed as the
@@ -233497,14 +231512,24 @@ static void sqlite3Fts5ParserInit(void *fts5yypRawParser sqlite3Fts5ParserCTX_PD
 #ifdef fts5YYTRACKMAXSTACKDEPTH
   fts5yypParser->fts5yyhwm = 0;
 #endif
-  fts5yypParser->fts5yystack = fts5yypParser->fts5yystk0;
-  fts5yypParser->fts5yystackEnd = &fts5yypParser->fts5yystack[fts5YYSTACKDEPTH-1];
+#if fts5YYSTACKDEPTH<=0
+  fts5yypParser->fts5yytos = NULL;
+  fts5yypParser->fts5yystack = NULL;
+  fts5yypParser->fts5yystksz = 0;
+  if( fts5yyGrowStack(fts5yypParser) ){
+    fts5yypParser->fts5yystack = &fts5yypParser->fts5yystk0;
+    fts5yypParser->fts5yystksz = 1;
+  }
+#endif
 #ifndef fts5YYNOERRORRECOVERY
   fts5yypParser->fts5yyerrcnt = -1;
 #endif
   fts5yypParser->fts5yytos = fts5yypParser->fts5yystack;
   fts5yypParser->fts5yystack[0].stateno = 0;
   fts5yypParser->fts5yystack[0].major = 0;
+#if fts5YYSTACKDEPTH>0
+  fts5yypParser->fts5yystackEnd = &fts5yypParser->fts5yystack[fts5YYSTACKDEPTH-1];
+#endif
 }
 
 #ifndef sqlite3Fts5Parser_ENGINEALWAYSONSTACK
@@ -233618,26 +231643,9 @@ static void fts5yy_pop_parser_stack(fts5yyParser *pParser){
 */
 static void sqlite3Fts5ParserFinalize(void *p){
   fts5yyParser *pParser = (fts5yyParser*)p;
-
-  /* In-lined version of calling fts5yy_pop_parser_stack() for each
-  ** element left in the stack */
-  fts5yyStackEntry *fts5yytos = pParser->fts5yytos;
-  while( fts5yytos>pParser->fts5yystack ){
-#ifndef NDEBUG
-    if( fts5yyTraceFILE ){
-      fprintf(fts5yyTraceFILE,"%sPopping %s\n",
-        fts5yyTracePrompt,
-        fts5yyTokenName[fts5yytos->major]);
-    }
-#endif
-    if( fts5yytos->major>=fts5YY_MIN_DSTRCTR ){
-      fts5yy_destructor(pParser, fts5yytos->major, &fts5yytos->minor);
-    }
-    fts5yytos--;
-  }
-
-#if fts5YYGROWABLESTACK
-  if( pParser->fts5yystack!=pParser->fts5yystk0 ) fts5YYFREE(pParser->fts5yystack);
+  while( pParser->fts5yytos>pParser->fts5yystack ) fts5yy_pop_parser_stack(pParser);
+#if fts5YYSTACKDEPTH<=0
+  if( pParser->fts5yystack!=&pParser->fts5yystk0 ) free(pParser->fts5yystack);
 #endif
 }
 
@@ -233864,19 +231872,25 @@ static void fts5yy_shift(
     assert( fts5yypParser->fts5yyhwm == (int)(fts5yypParser->fts5yytos - fts5yypParser->fts5yystack) );
   }
 #endif
-  fts5yytos = fts5yypParser->fts5yytos;
-  if( fts5yytos>fts5yypParser->fts5yystackEnd ){
+#if fts5YYSTACKDEPTH>0
+  if( fts5yypParser->fts5yytos>fts5yypParser->fts5yystackEnd ){
+    fts5yypParser->fts5yytos--;
+    fts5yyStackOverflow(fts5yypParser);
+    return;
+  }
+#else
+  if( fts5yypParser->fts5yytos>=&fts5yypParser->fts5yystack[fts5yypParser->fts5yystksz] ){
     if( fts5yyGrowStack(fts5yypParser) ){
       fts5yypParser->fts5yytos--;
       fts5yyStackOverflow(fts5yypParser);
       return;
     }
-    fts5yytos = fts5yypParser->fts5yytos;
-    assert( fts5yytos <= fts5yypParser->fts5yystackEnd );
   }
+#endif
   if( fts5yyNewState > fts5YY_MAX_SHIFT ){
     fts5yyNewState += fts5YY_MIN_REDUCE - fts5YY_MIN_SHIFTREDUCE;
   }
+  fts5yytos = fts5yypParser->fts5yytos;
   fts5yytos->stateno = fts5yyNewState;
   fts5yytos->major = fts5yyMajor;
   fts5yytos->minor.fts5yy0 = fts5yyMinor;
@@ -234313,12 +232327,19 @@ static void sqlite3Fts5Parser(
                   (int)(fts5yypParser->fts5yytos - fts5yypParser->fts5yystack));
         }
 #endif
+#if fts5YYSTACKDEPTH>0
         if( fts5yypParser->fts5yytos>=fts5yypParser->fts5yystackEnd ){
+          fts5yyStackOverflow(fts5yypParser);
+          break;
+        }
+#else
+        if( fts5yypParser->fts5yytos>=&fts5yypParser->fts5yystack[fts5yypParser->fts5yystksz-1] ){
           if( fts5yyGrowStack(fts5yypParser) ){
             fts5yyStackOverflow(fts5yypParser);
             break;
           }
         }
+#endif
       }
       fts5yyact = fts5yy_reduce(fts5yypParser,fts5yyruleno,fts5yymajor,fts5yyminor sqlite3Fts5ParserCTX_PARAM);
     }else if( fts5yyact <= fts5YY_MAX_SHIFTREDUCE ){
@@ -236995,11 +235016,7 @@ static int sqlite3Fts5ExprNew(
   }
 
   sqlite3_free(sParse.apPhrase);
-  if( 0==*pzErr ){
-    *pzErr = sParse.zErr;
-  }else{
-    sqlite3_free(sParse.zErr);
-  }
+  *pzErr = sParse.zErr;
   return sParse.rc;
 }
 
@@ -239127,7 +237144,6 @@ static Fts5ExprNode *sqlite3Fts5ParseImplicitAnd(
     assert( pRight->eType==FTS5_STRING
         || pRight->eType==FTS5_TERM
         || pRight->eType==FTS5_EOF
-        || (pRight->eType==FTS5_AND && pParse->bPhraseToAnd)
     );
 
     if( pLeft->eType==FTS5_AND ){
@@ -247362,26 +245378,23 @@ static void fts5IterSetOutputsTokendata(Fts5Iter *pIter){
 static void fts5TokendataIterNext(Fts5Iter *pIter, int bFrom, i64 iFrom){
   int ii;
   Fts5TokenDataIter *pT = pIter->pTokenDataIter;
-  Fts5Index *pIndex = pIter->pIndex;
 
   for(ii=0; iinIter; ii++){
     Fts5Iter *p = pT->apIter[ii];
     if( p->base.bEof==0
      && (p->base.iRowid==pIter->base.iRowid || (bFrom && p->base.iRowidpIndex, p, bFrom, iFrom);
       while( bFrom && p->base.bEof==0
           && p->base.iRowidrc==SQLITE_OK
+          && p->pIndex->rc==SQLITE_OK
       ){
-        fts5MultiIterNext(pIndex, p, 0, 0);
+        fts5MultiIterNext(p->pIndex, p, 0, 0);
       }
     }
   }
 
-  if( pIndex->rc==SQLITE_OK ){
-    fts5IterSetOutputsTokendata(pIter);
-  }
+  fts5IterSetOutputsTokendata(pIter);
 }
 
 /*
@@ -251295,7 +249308,6 @@ static int fts5UpdateMethod(
         rc = SQLITE_ERROR;
       }else{
         rc = fts5SpecialDelete(pTab, apVal);
-        bUpdateOrDelete = 1;
       }
     }else{
       rc = fts5SpecialInsert(pTab, z, apVal[2 + pConfig->nCol + 1]);
@@ -252470,16 +250482,14 @@ static int sqlite3Fts5GetTokenizer(
   if( pMod==0 ){
     assert( nArg>0 );
     rc = SQLITE_ERROR;
-    if( pzErr ) *pzErr = sqlite3_mprintf("no such tokenizer: %s", azArg[0]);
+    *pzErr = sqlite3_mprintf("no such tokenizer: %s", azArg[0]);
   }else{
     rc = pMod->x.xCreate(
         pMod->pUserData, (azArg?&azArg[1]:0), (nArg?nArg-1:0), &pConfig->pTok
     );
     pConfig->pTokApi = &pMod->x;
     if( rc!=SQLITE_OK ){
-      if( pzErr && rc!=SQLITE_NOMEM ){
-        *pzErr = sqlite3_mprintf("error in tokenizer constructor");
-      }
+      if( pzErr ) *pzErr = sqlite3_mprintf("error in tokenizer constructor");
     }else{
       pConfig->ePattern = sqlite3Fts5TokenizerPattern(
           pMod->x.xCreate, pConfig->pTok
@@ -252538,7 +250548,7 @@ static void fts5SourceIdFunc(
 ){
   assert( nArg==0 );
   UNUSED_PARAM2(nArg, apUnused);
-  sqlite3_result_text(pCtx, "fts5: 2024-08-13 09:16:08 c9c2ab54ba1f5f46360f1b4f35d849cd3f080e6fc2b6c60e91b16c63f69a1e33", -1, SQLITE_TRANSIENT);
+  sqlite3_result_text(pCtx, "fts5: 2024-01-30 16:01:20 e876e51a0ed5c5b3126f52e532044363a014bc594cfefa87ffb5b82257cc467a", -1, SQLITE_TRANSIENT);
 }
 
 /*
@@ -252573,25 +250583,18 @@ static int fts5IntegrityMethod(
 
   assert( pzErr!=0 && *pzErr==0 );
   UNUSED_PARAM(isQuick);
-  assert( pTab->p.pConfig->pzErrmsg==0 );
-  pTab->p.pConfig->pzErrmsg = pzErr;
   rc = sqlite3Fts5StorageIntegrity(pTab->pStorage, 0);
-  if( *pzErr==0 && rc!=SQLITE_OK ){
-    if( (rc&0xff)==SQLITE_CORRUPT ){
-      *pzErr = sqlite3_mprintf("malformed inverted index for FTS5 table %s.%s",
-          zSchema, zTabname);
-      rc = (*pzErr) ? SQLITE_OK : SQLITE_NOMEM;
-    }else{
-      *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
-          " FTS5 table %s.%s: %s",
-          zSchema, zTabname, sqlite3_errstr(rc));
-    }
+  if( (rc&0xff)==SQLITE_CORRUPT ){
+    *pzErr = sqlite3_mprintf("malformed inverted index for FTS5 table %s.%s",
+                zSchema, zTabname);
+  }else if( rc!=SQLITE_OK ){
+    *pzErr = sqlite3_mprintf("unable to validate the inverted index for"
+                             " FTS5 table %s.%s: %s",
+                zSchema, zTabname, sqlite3_errstr(rc));
   }
-
   sqlite3Fts5IndexCloseReader(pTab->p.pIndex);
-  pTab->p.pConfig->pzErrmsg = 0;
 
-  return rc;
+  return SQLITE_OK;
 }
 
 static int fts5Init(sqlite3 *db){
@@ -254023,7 +252026,7 @@ static int fts5AsciiCreate(
       int i;
       memset(p, 0, sizeof(AsciiTokenizer));
       memcpy(p->aTokenChar, aAsciiTokenChar, sizeof(aAsciiTokenChar));
-      for(i=0; rc==SQLITE_OK && ibFold = 1;
     pNew->iFoldParam = 0;
-    for(i=0; rc==SQLITE_OK && iiFoldParam!=0 && pNew->bFold==0 ){
       rc = SQLITE_ERROR;
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
index d67a4adb6..a07a51952 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3-binding.h
@@ -147,9 +147,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION        "3.46.1"
-#define SQLITE_VERSION_NUMBER 3046001
-#define SQLITE_SOURCE_ID      "2024-08-13 09:16:08 c9c2ab54ba1f5f46360f1b4f35d849cd3f080e6fc2b6c60e91b16c63f69a1e33"
+#define SQLITE_VERSION        "3.45.1"
+#define SQLITE_VERSION_NUMBER 3045001
+#define SQLITE_SOURCE_ID      "2024-01-30 16:01:20 e876e51a0ed5c5b3126f52e532044363a014bc594cfefa87ffb5b82257cc467a"
 
 /*
 ** CAPI3REF: Run-Time Library Version Numbers
@@ -421,8 +421,6 @@ typedef int (*sqlite3_callback)(void*,int,char**, char**);
 **      the 1st parameter to sqlite3_exec() while sqlite3_exec() is running.
 ** 
  •  The application must not modify the SQL statement text passed into
 **      the 2nd parameter of sqlite3_exec() while sqlite3_exec() is running.
-** 
  •  The application must not dereference the arrays or string pointers
-**       passed as the 3rd and 4th callback parameters after it returns.
 ** 
 */
 SQLITE_API int sqlite3_exec(
@@ -765,11 +763,11 @@ struct sqlite3_file {
 ** 
 ** xLock() upgrades the database file lock.  In other words, xLock() moves the
 ** database file lock in the direction NONE toward EXCLUSIVE. The argument to
-** xLock() is always one of SHARED, RESERVED, PENDING, or EXCLUSIVE, never
+** xLock() is always on of SHARED, RESERVED, PENDING, or EXCLUSIVE, never
 ** SQLITE_LOCK_NONE.  If the database file lock is already at or above the
 ** requested lock, then the call to xLock() is a no-op.
 ** xUnlock() downgrades the database file lock to either SHARED or NONE.
-** If the lock is already at or below the requested lock state, then the call
+*  If the lock is already at or below the requested lock state, then the call
 ** to xUnlock() is a no-op.
 ** The xCheckReservedLock() method checks whether any database connection,
 ** either in this process or in some other process, is holding a RESERVED,
@@ -2144,22 +2142,6 @@ struct sqlite3_mem_methods {
 ** configuration setting is never used, then the default maximum is determined
 ** by the [SQLITE_MEMDB_DEFAULT_MAXSIZE] compile-time option.  If that
 ** compile-time option is not set, then the default maximum is 1073741824.
-**
-** [[SQLITE_CONFIG_ROWID_IN_VIEW]]
-** 
    SQLITE_CONFIG_ROWID_IN_VIEW
-** 
    The SQLITE_CONFIG_ROWID_IN_VIEW option enables or disables the ability
-** for VIEWs to have a ROWID.  The capability can only be enabled if SQLite is
-** compiled with -DSQLITE_ALLOW_ROWID_IN_VIEW, in which case the capability
-** defaults to on.  This configuration option queries the current setting or
-** changes the setting to off or on.  The argument is a pointer to an integer.
-** If that integer initially holds a value of 1, then the ability for VIEWs to
-** have ROWIDs is activated.  If the integer initially holds zero, then the
-** ability is deactivated.  Any other initial value for the integer leaves the
-** setting unchanged.  After changes, if any, the integer is written with
-** a 1 or 0, if the ability for VIEWs to have ROWIDs is on or off.  If SQLite
-** is compiled without -DSQLITE_ALLOW_ROWID_IN_VIEW (which is the usual and
-** recommended case) then the integer is always filled with zero, regardless
-** if its initial value.
 ** 
 */
 #define SQLITE_CONFIG_SINGLETHREAD         1  /* nil */
@@ -2191,7 +2173,6 @@ struct sqlite3_mem_methods {
 #define SQLITE_CONFIG_SMALL_MALLOC        27  /* boolean */
 #define SQLITE_CONFIG_SORTERREF_SIZE      28  /* int nByte */
 #define SQLITE_CONFIG_MEMDB_MAXSIZE       29  /* sqlite3_int64 */
-#define SQLITE_CONFIG_ROWID_IN_VIEW       30  /* int* */
 
 /*
 ** CAPI3REF: Database Connection Configuration Options
@@ -3306,8 +3287,8 @@ SQLITE_API int sqlite3_set_authorizer(
 #define SQLITE_RECURSIVE            33   /* NULL            NULL            */
 
 /*
-** CAPI3REF: Deprecated Tracing And Profiling Functions
-** DEPRECATED
+** CAPI3REF: Tracing And Profiling Functions
+** METHOD: sqlite3
 **
 ** These routines are deprecated. Use the [sqlite3_trace_v2()] interface
 ** instead of the routines described here.
@@ -6888,12 +6869,6 @@ SQLITE_API int sqlite3_autovacuum_pages(
 ** The exceptions defined in this paragraph might change in a future
 ** release of SQLite.
 **
-** Whether the update hook is invoked before or after the
-** corresponding change is currently unspecified and may differ
-** depending on the type of change. Do not rely on the order of the
-** hook call with regards to the final result of the operation which
-** triggers the hook.
-**
 ** The update hook implementation must not do anything that will modify
 ** the database connection that invoked the update hook.  Any actions
 ** to modify the database connection must be deferred until after the
@@ -8364,7 +8339,7 @@ SQLITE_API int sqlite3_test_control(int op, ...);
 ** The sqlite3_keyword_count() interface returns the number of distinct
 ** keywords understood by SQLite.
 **
-** The sqlite3_keyword_name(N,Z,L) interface finds the 0-based N-th keyword and
+** The sqlite3_keyword_name(N,Z,L) interface finds the N-th keyword and
 ** makes *Z point to that keyword expressed as UTF8 and writes the number
 ** of bytes in the keyword into *L.  The string that *Z points to is not
 ** zero-terminated.  The sqlite3_keyword_name(N,Z,L) routine returns
@@ -9943,45 +9918,24 @@ SQLITE_API const char *sqlite3_vtab_collation(sqlite3_index_info*,int);
 ** 
  • 
 ** ^(If the sqlite3_vtab_distinct() interface returns 2, that means
 ** that the query planner does not need the rows returned in any particular
-** order, as long as rows with the same values in all columns identified
-** by "aOrderBy" are adjacent.)^  ^(Furthermore, when two or more rows
-** contain the same values for all columns identified by "colUsed", all but
-** one such row may optionally be omitted from the result.)^
-** The virtual table is not required to omit rows that are duplicates
-** over the "colUsed" columns, but if the virtual table can do that without
-** too much extra effort, it could potentially help the query to run faster.
+** order, as long as rows with the same values in all "aOrderBy" columns
+** are adjacent.)^  ^(Furthermore, only a single row for each particular
+** combination of values in the columns identified by the "aOrderBy" field
+** needs to be returned.)^  ^It is always ok for two or more rows with the same
+** values in all "aOrderBy" columns to be returned, as long as all such rows
+** are adjacent.  ^The virtual table may, if it chooses, omit extra rows
+** that have the same value for all columns identified by "aOrderBy".
+** ^However omitting the extra rows is optional.
 ** This mode is used for a DISTINCT query.
 ** 
  • 
-** ^(If the sqlite3_vtab_distinct() interface returns 3, that means the
-** virtual table must return rows in the order defined by "aOrderBy" as
-** if the sqlite3_vtab_distinct() interface had returned 0.  However if
-** two or more rows in the result have the same values for all columns
-** identified by "colUsed", then all but one such row may optionally be
-** omitted.)^  Like when the return value is 2, the virtual table
-** is not required to omit rows that are duplicates over the "colUsed"
-** columns, but if the virtual table can do that without
-** too much extra effort, it could potentially help the query to run faster.
-** This mode is used for queries
+** ^(If the sqlite3_vtab_distinct() interface returns 3, that means
+** that the query planner needs only distinct rows but it does need the
+** rows to be sorted.)^ ^The virtual table implementation is free to omit
+** rows that are identical in all aOrderBy columns, if it wants to, but
+** it is not required to omit any rows.  This mode is used for queries
 ** that have both DISTINCT and ORDER BY clauses.
 ** 
 **
-** 
    The following table summarizes the conditions under which the
-** virtual table is allowed to set the "orderByConsumed" flag based on
-** the value returned by sqlite3_vtab_distinct().  This table is a
-** restatement of the previous four paragraphs:
-**
-** 
-** 
-** 
    sqlite3_vtab_distinct() return value
-** Rows are returned in aOrderBy order
-** Rows with the same value in all aOrderBy columns are adjacent
-** Duplicates over all colUsed columns may be omitted
-** 
    0yesyesno
-** 
    1noyesno
-** 
    2noyesyes
-** 
    3yesyesyes
-** 
    
-**
 ** ^For the purposes of comparing virtual table output values to see if the
 ** values are same value for sorting purposes, two NULL values are considered
 ** to be the same.  In other words, the comparison operator is "IS"
@@ -12026,30 +11980,6 @@ SQLITE_API int sqlite3changegroup_schema(sqlite3_changegroup*, sqlite3*, const c
 */
 SQLITE_API int sqlite3changegroup_add(sqlite3_changegroup*, int nData, void *pData);
 
-/*
-** CAPI3REF: Add A Single Change To A Changegroup
-** METHOD: sqlite3_changegroup
-**
-** This function adds the single change currently indicated by the iterator
-** passed as the second argument to the changegroup object. The rules for
-** adding the change are just as described for [sqlite3changegroup_add()].
-**
-** If the change is successfully added to the changegroup, SQLITE_OK is
-** returned. Otherwise, an SQLite error code is returned.
-**
-** The iterator must point to a valid entry when this function is called.
-** If it does not, SQLITE_ERROR is returned and no change is added to the
-** changegroup. Additionally, the iterator must not have been opened with
-** the SQLITE_CHANGESETAPPLY_INVERT flag. In this case SQLITE_ERROR is also
-** returned.
-*/
-SQLITE_API int sqlite3changegroup_add_change(
-  sqlite3_changegroup*,
-  sqlite3_changeset_iter*
-);
-
-
-
 /*
 ** CAPI3REF: Obtain A Composite Changeset From A Changegroup
 ** METHOD: sqlite3_changegroup
@@ -12854,8 +12784,8 @@ struct Fts5PhraseIter {
 ** EXTENSION API FUNCTIONS
 **
 ** xUserData(pFts):
-**   Return a copy of the pUserData pointer passed to the xCreateFunction()
-**   API when the extension function was registered.
+**   Return a copy of the context pointer the extension function was
+**   registered with.
 **
 ** xColumnTotalSize(pFts, iCol, pnToken):
 **   If parameter iCol is less than zero, set output variable *pnToken
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
index ed2a9e2a3..4b3b6cab5 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3.go
@@ -1679,7 +1679,7 @@ func (d *SQLiteDriver) Open(dsn string) (driver.Conn, error) {
 		}
 	}
 
-	// Foreign Keys
+	// Forgein Keys
 	if foreignKeys > -1 {
 		if err := exec(fmt.Sprintf("PRAGMA foreign_keys = %d;", foreignKeys)); err != nil {
 			C.sqlite3_close_v2(db)
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
index 6ef230862..95cc7c0b6 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_libsqlite3.go
@@ -18,6 +18,5 @@ package sqlite3
 #cgo openbsd LDFLAGS: -lsqlite3
 #cgo solaris LDFLAGS: -lsqlite3
 #cgo windows LDFLAGS: -lsqlite3
-#cgo zos LDFLAGS: -lsqlite3
 */
 import "C"
diff --git a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go
index 76d840164..de9630c27 100644
--- a/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go
+++ b/vendor/github.com/mattn/go-sqlite3/sqlite3_opt_userauth.go
@@ -86,7 +86,7 @@ var (
 // combination is incorrect or unknown.
 //
 // If the SQLITE_USER table is not present in the database file, then
-// this interface is a harmless no-op returning SQLITE_OK.
+// this interface is a harmless no-op returnning SQLITE_OK.
 func (c *SQLiteConn) Authenticate(username, password string) error {
 	rv := c.authenticate(username, password)
 	switch rv {
diff --git a/vendor/github.com/munnerz/goautoneg/LICENSE b/vendor/github.com/munnerz/goautoneg/LICENSE
deleted file mode 100644
index bbc7b897c..000000000
--- a/vendor/github.com/munnerz/goautoneg/LICENSE
+++ /dev/null
@@ -1,31 +0,0 @@
-Copyright (c) 2011, Open Knowledge Foundation Ltd.
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-    Redistributions of source code must retain the above copyright
-    notice, this list of conditions and the following disclaimer.
-
-    Redistributions in binary form must reproduce the above copyright
-    notice, this list of conditions and the following disclaimer in
-    the documentation and/or other materials provided with the
-    distribution.
-
-    Neither the name of the Open Knowledge Foundation Ltd. nor the
-    names of its contributors may be used to endorse or promote
-    products derived from this software without specific prior written
-    permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/munnerz/goautoneg/Makefile b/vendor/github.com/munnerz/goautoneg/Makefile
deleted file mode 100644
index e33ee1730..000000000
--- a/vendor/github.com/munnerz/goautoneg/Makefile
+++ /dev/null
@@ -1,13 +0,0 @@
-include $(GOROOT)/src/Make.inc
-
-TARG=bitbucket.org/ww/goautoneg
-GOFILES=autoneg.go
-
-include $(GOROOT)/src/Make.pkg
-
-format:
-	gofmt -w *.go
-
-docs:
-	gomake clean
-	godoc ${TARG} > README.txt
diff --git a/vendor/github.com/prometheus/client_golang/NOTICE b/vendor/github.com/prometheus/client_golang/NOTICE
index b9cc55abb..dd878a30e 100644
--- a/vendor/github.com/prometheus/client_golang/NOTICE
+++ b/vendor/github.com/prometheus/client_golang/NOTICE
@@ -16,3 +16,8 @@ Go support for Protocol Buffers - Google's data interchange format
 http://github.com/golang/protobuf/
 Copyright 2010 The Go Authors
 See source code for license details.
+
+Support for streaming Protocol Buffer messages for the Go language (golang).
+https://github.com/matttproud/golang_protobuf_extensions
+Copyright 2013 Matt T. Proud
+Licensed under the Apache License, Version 2.0
diff --git a/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/LICENSE b/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/LICENSE
deleted file mode 100644
index 65d761bc9..000000000
--- a/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/LICENSE
+++ /dev/null
@@ -1,27 +0,0 @@
-Copyright (c) 2013 The Go Authors. All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-   * Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-   * Redistributions in binary form must reproduce the above
-copyright notice, this list of conditions and the following disclaimer
-in the documentation and/or other materials provided with the
-distribution.
-   * Neither the name of Google Inc. nor the names of its
-contributors may be used to endorse or promote products derived from
-this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header/header.go b/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header/header.go
deleted file mode 100644
index 8547c8dfd..000000000
--- a/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header/header.go
+++ /dev/null
@@ -1,145 +0,0 @@
-// Copyright 2013 The Go Authors. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file or at
-// https://developers.google.com/open-source/licenses/bsd.
-
-// Package header provides functions for parsing HTTP headers.
-package header
-
-import (
-	"net/http"
-	"strings"
-)
-
-// Octet types from RFC 2616.
-var octetTypes [256]octetType
-
-type octetType byte
-
-const (
-	isToken octetType = 1 << iota
-	isSpace
-)
-
-func init() {
-	// OCTET      = 
-	// CHAR       = 
-	// CTL        = 
-	// CR         = 
-	// LF         = 
-	// SP         = 
-	// HT         = 
-	// <">        = 
-	// CRLF       = CR LF
-	// LWS        = [CRLF] 1*( SP | HT )
-	// TEXT       = 
-	// separators = "(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\" | <">
-	//              | "/" | "[" | "]" | "?" | "=" | "{" | "}" | SP | HT
-	// token      = 1*
-	// qdtext     = >
-
-	for c := 0; c < 256; c++ {
-		var t octetType
-		isCtl := c <= 31 || c == 127
-		isChar := 0 <= c && c <= 127
-		isSeparator := strings.ContainsRune(" \t\"(),/:;<=>?@[]\\{}", rune(c))
-		if strings.ContainsRune(" \t\r\n", rune(c)) {
-			t |= isSpace
-		}
-		if isChar && !isCtl && !isSeparator {
-			t |= isToken
-		}
-		octetTypes[c] = t
-	}
-}
-
-// AcceptSpec describes an Accept* header.
-type AcceptSpec struct {
-	Value string
-	Q     float64
-}
-
-// ParseAccept parses Accept* headers.
-func ParseAccept(header http.Header, key string) (specs []AcceptSpec) {
-loop:
-	for _, s := range header[key] {
-		for {
-			var spec AcceptSpec
-			spec.Value, s = expectTokenSlash(s)
-			if spec.Value == "" {
-				continue loop
-			}
-			spec.Q = 1.0
-			s = skipSpace(s)
-			if strings.HasPrefix(s, ";") {
-				s = skipSpace(s[1:])
-				if !strings.HasPrefix(s, "q=") {
-					continue loop
-				}
-				spec.Q, s = expectQuality(s[2:])
-				if spec.Q < 0.0 {
-					continue loop
-				}
-			}
-			specs = append(specs, spec)
-			s = skipSpace(s)
-			if !strings.HasPrefix(s, ",") {
-				continue loop
-			}
-			s = skipSpace(s[1:])
-		}
-	}
-	return
-}
-
-func skipSpace(s string) (rest string) {
-	i := 0
-	for ; i < len(s); i++ {
-		if octetTypes[s[i]]&isSpace == 0 {
-			break
-		}
-	}
-	return s[i:]
-}
-
-func expectTokenSlash(s string) (token, rest string) {
-	i := 0
-	for ; i < len(s); i++ {
-		b := s[i]
-		if (octetTypes[b]&isToken == 0) && b != '/' {
-			break
-		}
-	}
-	return s[:i], s[i:]
-}
-
-func expectQuality(s string) (q float64, rest string) {
-	switch {
-	case len(s) == 0:
-		return -1, ""
-	case s[0] == '0':
-		q = 0
-	case s[0] == '1':
-		q = 1
-	default:
-		return -1, ""
-	}
-	s = s[1:]
-	if !strings.HasPrefix(s, ".") {
-		return q, s
-	}
-	s = s[1:]
-	i := 0
-	n := 0
-	d := 1
-	for ; i < len(s); i++ {
-		b := s[i]
-		if b < '0' || b > '9' {
-			break
-		}
-		n = n*10 + int(b) - '0'
-		d *= 10
-	}
-	return q + float64(n)/float64(d), s[i:]
-}
diff --git a/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/negotiate.go b/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/negotiate.go
deleted file mode 100644
index 2e45780b7..000000000
--- a/vendor/github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/negotiate.go
+++ /dev/null
@@ -1,36 +0,0 @@
-// Copyright 2013 The Go Authors. All rights reserved.
-//
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file or at
-// https://developers.google.com/open-source/licenses/bsd.
-
-package httputil
-
-import (
-	"net/http"
-
-	"github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header"
-)
-
-// NegotiateContentEncoding returns the best offered content encoding for the
-// request's Accept-Encoding header. If two offers match with equal weight and
-// then the offer earlier in the list is preferred. If no offers are
-// acceptable, then "" is returned.
-func NegotiateContentEncoding(r *http.Request, offers []string) string {
-	bestOffer := "identity"
-	bestQ := -1.0
-	specs := header.ParseAccept(r.Header, "Accept-Encoding")
-	for _, offer := range offers {
-		for _, spec := range specs {
-			if spec.Q > bestQ &&
-				(spec.Value == "*" || spec.Value == offer) {
-				bestQ = spec.Q
-				bestOffer = offer
-			}
-		}
-	}
-	if bestQ == 0 {
-		bestOffer = ""
-	}
-	return bestOffer
-}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go b/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go
index 520cbd7d4..ad9a71a5e 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go
@@ -22,13 +22,13 @@ import (
 // goRuntimeMemStats provides the metrics initially provided by runtime.ReadMemStats.
 // From Go 1.17 those similar (and better) statistics are provided by runtime/metrics, so
 // while eval closure works on runtime.MemStats, the struct from Go 1.17+ is
-// populated using runtime/metrics. Those are the defaults we can't alter.
+// populated using runtime/metrics.
 func goRuntimeMemStats() memStatsMetrics {
 	return memStatsMetrics{
 		{
 			desc: NewDesc(
 				memstatNamespace("alloc_bytes"),
-				"Number of bytes allocated in heap and currently in use. Equals to /memory/classes/heap/objects:bytes.",
+				"Number of bytes allocated and still in use.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Alloc) },
@@ -36,7 +36,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("alloc_bytes_total"),
-				"Total number of bytes allocated in heap until now, even if released already. Equals to /gc/heap/allocs:bytes.",
+				"Total number of bytes allocated, even if freed.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.TotalAlloc) },
@@ -44,16 +44,23 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("sys_bytes"),
-				"Number of bytes obtained from system. Equals to /memory/classes/total:byte.",
+				"Number of bytes obtained from system.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Sys) },
 			valType: GaugeValue,
+		}, {
+			desc: NewDesc(
+				memstatNamespace("lookups_total"),
+				"Total number of pointer lookups.",
+				nil, nil,
+			),
+			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Lookups) },
+			valType: CounterValue,
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mallocs_total"),
-				// TODO(bwplotka): We could add go_memstats_heap_objects, probably useful for discovery. Let's gather more feedback, kind of a waste of bytes for everybody for compatibility reasons to keep both, and we can't really rename/remove useful metric.
-				"Total number of heap objects allocated, both live and gc-ed. Semantically a counter version for go_memstats_heap_objects gauge. Equals to /gc/heap/allocs:objects + /gc/heap/tiny/allocs:objects.",
+				"Total number of mallocs.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Mallocs) },
@@ -61,7 +68,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("frees_total"),
-				"Total number of heap objects frees. Equals to /gc/heap/frees:objects + /gc/heap/tiny/allocs:objects.",
+				"Total number of frees.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.Frees) },
@@ -69,7 +76,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_alloc_bytes"),
-				"Number of heap bytes allocated and currently in use, same as go_memstats_alloc_bytes. Equals to /memory/classes/heap/objects:bytes.",
+				"Number of heap bytes allocated and still in use.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapAlloc) },
@@ -77,7 +84,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_sys_bytes"),
-				"Number of heap bytes obtained from system. Equals to /memory/classes/heap/objects:bytes + /memory/classes/heap/unused:bytes + /memory/classes/heap/released:bytes + /memory/classes/heap/free:bytes.",
+				"Number of heap bytes obtained from system.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapSys) },
@@ -85,7 +92,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_idle_bytes"),
-				"Number of heap bytes waiting to be used. Equals to /memory/classes/heap/released:bytes + /memory/classes/heap/free:bytes.",
+				"Number of heap bytes waiting to be used.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapIdle) },
@@ -93,7 +100,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_inuse_bytes"),
-				"Number of heap bytes that are in use. Equals to /memory/classes/heap/objects:bytes + /memory/classes/heap/unused:bytes",
+				"Number of heap bytes that are in use.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapInuse) },
@@ -101,7 +108,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_released_bytes"),
-				"Number of heap bytes released to OS. Equals to /memory/classes/heap/released:bytes.",
+				"Number of heap bytes released to OS.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapReleased) },
@@ -109,7 +116,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("heap_objects"),
-				"Number of currently allocated objects. Equals to /gc/heap/objects:objects.",
+				"Number of allocated objects.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.HeapObjects) },
@@ -117,7 +124,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("stack_inuse_bytes"),
-				"Number of bytes obtained from system for stack allocator in non-CGO environments. Equals to /memory/classes/heap/stacks:bytes.",
+				"Number of bytes in use by the stack allocator.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.StackInuse) },
@@ -125,7 +132,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("stack_sys_bytes"),
-				"Number of bytes obtained from system for stack allocator. Equals to /memory/classes/heap/stacks:bytes + /memory/classes/os-stacks:bytes.",
+				"Number of bytes obtained from system for stack allocator.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.StackSys) },
@@ -133,7 +140,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mspan_inuse_bytes"),
-				"Number of bytes in use by mspan structures. Equals to /memory/classes/metadata/mspan/inuse:bytes.",
+				"Number of bytes in use by mspan structures.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.MSpanInuse) },
@@ -141,7 +148,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mspan_sys_bytes"),
-				"Number of bytes used for mspan structures obtained from system. Equals to /memory/classes/metadata/mspan/inuse:bytes + /memory/classes/metadata/mspan/free:bytes.",
+				"Number of bytes used for mspan structures obtained from system.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.MSpanSys) },
@@ -149,7 +156,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mcache_inuse_bytes"),
-				"Number of bytes in use by mcache structures. Equals to /memory/classes/metadata/mcache/inuse:bytes.",
+				"Number of bytes in use by mcache structures.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.MCacheInuse) },
@@ -157,7 +164,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("mcache_sys_bytes"),
-				"Number of bytes used for mcache structures obtained from system. Equals to /memory/classes/metadata/mcache/inuse:bytes + /memory/classes/metadata/mcache/free:bytes.",
+				"Number of bytes used for mcache structures obtained from system.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.MCacheSys) },
@@ -165,7 +172,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("buck_hash_sys_bytes"),
-				"Number of bytes used by the profiling bucket hash table. Equals to /memory/classes/profiling/buckets:bytes.",
+				"Number of bytes used by the profiling bucket hash table.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.BuckHashSys) },
@@ -173,7 +180,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("gc_sys_bytes"),
-				"Number of bytes used for garbage collection system metadata. Equals to /memory/classes/metadata/other:bytes.",
+				"Number of bytes used for garbage collection system metadata.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.GCSys) },
@@ -181,7 +188,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("other_sys_bytes"),
-				"Number of bytes used for other system allocations. Equals to /memory/classes/other:bytes.",
+				"Number of bytes used for other system allocations.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.OtherSys) },
@@ -189,7 +196,7 @@ func goRuntimeMemStats() memStatsMetrics {
 		}, {
 			desc: NewDesc(
 				memstatNamespace("next_gc_bytes"),
-				"Number of heap bytes when next garbage collection will take place. Equals to /gc/heap/goal:bytes.",
+				"Number of heap bytes when next garbage collection will take place.",
 				nil, nil,
 			),
 			eval:    func(ms *runtime.MemStats) float64 { return float64(ms.NextGC) },
@@ -218,7 +225,7 @@ func newBaseGoCollector() baseGoCollector {
 			nil, nil),
 		gcDesc: NewDesc(
 			"go_gc_duration_seconds",
-			"A summary of the wall-time pause (stop-the-world) duration in garbage collection cycles.",
+			"A summary of the pause duration of garbage collection cycles.",
 			nil, nil),
 		gcLastTimeDesc: NewDesc(
 			"go_memstats_last_gc_time_seconds",
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go b/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go
index 511746417..2d8d9f64f 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/go_collector_latest.go
@@ -17,7 +17,6 @@
 package prometheus
 
 import (
-	"fmt"
 	"math"
 	"runtime"
 	"runtime/metrics"
@@ -154,8 +153,7 @@ func defaultGoCollectorOptions() internal.GoCollectorOptions {
 			"/gc/heap/frees-by-size:bytes":  goGCHeapFreesBytes,
 		},
 		RuntimeMetricRules: []internal.GoCollectorRule{
-			// Recommended metrics we want by default from runtime/metrics.
-			{Matcher: internal.GoCollectorDefaultRuntimeMetrics},
+			//{Matcher: regexp.MustCompile("")},
 		},
 	}
 }
@@ -205,7 +203,6 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 			// to fail here. This condition is tested in TestExpectedRuntimeMetrics.
 			continue
 		}
-		help := attachOriginalName(d.Description.Description, d.Name)
 
 		sampleBuf = append(sampleBuf, metrics.Sample{Name: d.Name})
 		sampleMap[d.Name] = &sampleBuf[len(sampleBuf)-1]
@@ -217,7 +214,7 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 			m = newBatchHistogram(
 				NewDesc(
 					BuildFQName(namespace, subsystem, name),
-					help,
+					d.Description.Description,
 					nil,
 					nil,
 				),
@@ -229,7 +226,7 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 				Namespace: namespace,
 				Subsystem: subsystem,
 				Name:      name,
-				Help:      help,
+				Help:      d.Description.Description,
 			},
 			)
 		} else {
@@ -237,7 +234,7 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 				Namespace: namespace,
 				Subsystem: subsystem,
 				Name:      name,
-				Help:      help,
+				Help:      d.Description.Description,
 			})
 		}
 		metricSet = append(metricSet, m)
@@ -287,10 +284,6 @@ func NewGoCollector(opts ...func(o *internal.GoCollectorOptions)) Collector {
 	}
 }
 
-func attachOriginalName(desc, origName string) string {
-	return fmt.Sprintf("%s Sourced from %s", desc, origName)
-}
-
 // Describe returns all descriptions of the collector.
 func (c *goCollector) Describe(ch chan<- *Desc) {
 	c.base.Describe(ch)
@@ -383,13 +376,13 @@ func unwrapScalarRMValue(v metrics.Value) float64 {
 		//
 		// This should never happen because we always populate our metric
 		// set from the runtime/metrics package.
-		panic("unexpected bad kind metric")
+		panic("unexpected unsupported metric")
 	default:
 		// Unsupported metric kind.
 		//
 		// This should never happen because we check for this during initialization
 		// and flag and filter metrics whose kinds we don't understand.
-		panic(fmt.Sprintf("unexpected unsupported metric: %v", v.Kind()))
+		panic("unexpected unsupported metric kind")
 	}
 }
 
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
index 519db348a..b5c8bcb39 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
@@ -440,7 +440,7 @@ type HistogramOpts struct {
 	// constant (or any negative float value).
 	NativeHistogramZeroThreshold float64
 
-	// The next three fields define a strategy to limit the number of
+	// The remaining fields define a strategy to limit the number of
 	// populated sparse buckets. If NativeHistogramMaxBucketNumber is left
 	// at zero, the number of buckets is not limited. (Note that this might
 	// lead to unbounded memory consumption if the values observed by the
@@ -473,22 +473,6 @@ type HistogramOpts struct {
 	NativeHistogramMinResetDuration time.Duration
 	NativeHistogramMaxZeroThreshold float64
 
-	// NativeHistogramMaxExemplars limits the number of exemplars
-	// that are kept in memory for each native histogram. If you leave it at
-	// zero, a default value of 10 is used. If no exemplars should be kept specifically
-	// for native histograms, set it to a negative value. (Scrapers can
-	// still use the exemplars exposed for classic buckets, which are managed
-	// independently.)
-	NativeHistogramMaxExemplars int
-	// NativeHistogramExemplarTTL is only checked once
-	// NativeHistogramMaxExemplars is exceeded. In that case, the
-	// oldest exemplar is removed if it is older than NativeHistogramExemplarTTL.
-	// Otherwise, the older exemplar in the pair of exemplars that are closest
-	// together (on an exponential scale) is removed.
-	// If NativeHistogramExemplarTTL is left at its zero value, a default value of
-	// 5m is used. To always delete the oldest exemplar, set it to a negative value.
-	NativeHistogramExemplarTTL time.Duration
-
 	// now is for testing purposes, by default it's time.Now.
 	now func() time.Time
 
@@ -548,7 +532,6 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr
 	if opts.afterFunc == nil {
 		opts.afterFunc = time.AfterFunc
 	}
-
 	h := &histogram{
 		desc:                            desc,
 		upperBounds:                     opts.Buckets,
@@ -573,7 +556,6 @@ func newHistogram(desc *Desc, opts HistogramOpts, labelValues ...string) Histogr
 			h.nativeHistogramZeroThreshold = DefNativeHistogramZeroThreshold
 		} // Leave h.nativeHistogramZeroThreshold at 0 otherwise.
 		h.nativeHistogramSchema = pickSchema(opts.NativeHistogramBucketFactor)
-		h.nativeExemplars = makeNativeExemplars(opts.NativeHistogramExemplarTTL, opts.NativeHistogramMaxExemplars)
 	}
 	for i, upperBound := range h.upperBounds {
 		if i < len(h.upperBounds)-1 {
@@ -743,8 +725,7 @@ type histogram struct {
 	// resetScheduled is protected by mtx. It is true if a reset is
 	// scheduled for a later time (when nativeHistogramMinResetDuration has
 	// passed).
-	resetScheduled  bool
-	nativeExemplars nativeExemplars
+	resetScheduled bool
 
 	// now is for testing purposes, by default it's time.Now.
 	now func() time.Time
@@ -761,9 +742,6 @@ func (h *histogram) Observe(v float64) {
 	h.observe(v, h.findBucket(v))
 }
 
-// ObserveWithExemplar should not be called in a high-frequency setting
-// for a native histogram with configured exemplars. For this case,
-// the implementation isn't lock-free and might suffer from lock contention.
 func (h *histogram) ObserveWithExemplar(v float64, e Labels) {
 	i := h.findBucket(v)
 	h.observe(v, i)
@@ -843,13 +821,6 @@ func (h *histogram) Write(out *dto.Metric) error {
 				Length: proto.Uint32(0),
 			}}
 		}
-
-		if h.nativeExemplars.isEnabled() {
-			h.nativeExemplars.Lock()
-			his.Exemplars = append(his.Exemplars, h.nativeExemplars.exemplars...)
-			h.nativeExemplars.Unlock()
-		}
-
 	}
 	addAndResetCounts(hotCounts, coldCounts)
 	return nil
@@ -1120,10 +1091,8 @@ func (h *histogram) resetCounts(counts *histogramCounts) {
 	deleteSyncMap(&counts.nativeHistogramBucketsPositive)
 }
 
-// updateExemplar replaces the exemplar for the provided classic bucket.
-// With empty labels, it's a no-op. It panics if any of the labels is invalid.
-// If histogram is native, the exemplar will be cached into nativeExemplars,
-// which has a limit, and will remove one exemplar when limit is reached.
+// updateExemplar replaces the exemplar for the provided bucket. With empty
+// labels, it's a no-op. It panics if any of the labels is invalid.
 func (h *histogram) updateExemplar(v float64, bucket int, l Labels) {
 	if l == nil {
 		return
@@ -1133,10 +1102,6 @@ func (h *histogram) updateExemplar(v float64, bucket int, l Labels) {
 		panic(err)
 	}
 	h.exemplars[bucket].Store(e)
-	doSparse := h.nativeHistogramSchema > math.MinInt32 && !math.IsNaN(v)
-	if doSparse {
-		h.nativeExemplars.addExemplar(e)
-	}
 }
 
 // HistogramVec is a Collector that bundles a set of Histograms that all share the
@@ -1371,48 +1336,6 @@ func MustNewConstHistogram(
 	return m
 }
 
-// NewConstHistogramWithCreatedTimestamp does the same thing as NewConstHistogram but sets the created timestamp.
-func NewConstHistogramWithCreatedTimestamp(
-	desc *Desc,
-	count uint64,
-	sum float64,
-	buckets map[float64]uint64,
-	ct time.Time,
-	labelValues ...string,
-) (Metric, error) {
-	if desc.err != nil {
-		return nil, desc.err
-	}
-	if err := validateLabelValues(labelValues, len(desc.variableLabels.names)); err != nil {
-		return nil, err
-	}
-	return &constHistogram{
-		desc:       desc,
-		count:      count,
-		sum:        sum,
-		buckets:    buckets,
-		labelPairs: MakeLabelPairs(desc, labelValues),
-		createdTs:  timestamppb.New(ct),
-	}, nil
-}
-
-// MustNewConstHistogramWithCreatedTimestamp is a version of NewConstHistogramWithCreatedTimestamp that panics where
-// NewConstHistogramWithCreatedTimestamp would have returned an error.
-func MustNewConstHistogramWithCreatedTimestamp(
-	desc *Desc,
-	count uint64,
-	sum float64,
-	buckets map[float64]uint64,
-	ct time.Time,
-	labelValues ...string,
-) Metric {
-	m, err := NewConstHistogramWithCreatedTimestamp(desc, count, sum, buckets, ct, labelValues...)
-	if err != nil {
-		panic(err)
-	}
-	return m
-}
-
 type buckSort []*dto.Bucket
 
 func (s buckSort) Len() int {
@@ -1652,186 +1575,3 @@ func addAndResetCounts(hot, cold *histogramCounts) {
 	atomic.AddUint64(&hot.nativeHistogramZeroBucket, atomic.LoadUint64(&cold.nativeHistogramZeroBucket))
 	atomic.StoreUint64(&cold.nativeHistogramZeroBucket, 0)
 }
-
-type nativeExemplars struct {
-	sync.Mutex
-
-	// Time-to-live for exemplars, it is set to -1 if exemplars are disabled, that is NativeHistogramMaxExemplars is below 0.
-	// The ttl is used on insertion to remove an exemplar that is older than ttl, if present.
-	ttl time.Duration
-
-	exemplars []*dto.Exemplar
-}
-
-func (n *nativeExemplars) isEnabled() bool {
-	return n.ttl != -1
-}
-
-func makeNativeExemplars(ttl time.Duration, maxCount int) nativeExemplars {
-	if ttl == 0 {
-		ttl = 5 * time.Minute
-	}
-
-	if maxCount == 0 {
-		maxCount = 10
-	}
-
-	if maxCount < 0 {
-		maxCount = 0
-		ttl = -1
-	}
-
-	return nativeExemplars{
-		ttl:       ttl,
-		exemplars: make([]*dto.Exemplar, 0, maxCount),
-	}
-}
-
-func (n *nativeExemplars) addExemplar(e *dto.Exemplar) {
-	if !n.isEnabled() {
-		return
-	}
-
-	n.Lock()
-	defer n.Unlock()
-
-	// When the number of exemplars has not yet exceeded or
-	// is equal to cap(n.exemplars), then
-	// insert the new exemplar directly.
-	if len(n.exemplars) < cap(n.exemplars) {
-		var nIdx int
-		for nIdx = 0; nIdx < len(n.exemplars); nIdx++ {
-			if *e.Value < *n.exemplars[nIdx].Value {
-				break
-			}
-		}
-		n.exemplars = append(n.exemplars[:nIdx], append([]*dto.Exemplar{e}, n.exemplars[nIdx:]...)...)
-		return
-	}
-
-	if len(n.exemplars) == 1 {
-		// When the number of exemplars is 1, then
-		// replace the existing exemplar with the new exemplar.
-		n.exemplars[0] = e
-		return
-	}
-	// From this point on, the number of exemplars is greater than 1.
-
-	// When the number of exemplars exceeds the limit, remove one exemplar.
-	var (
-		ot    = time.Time{} // Oldest timestamp seen. Initial value doesn't matter as we replace it due to otIdx == -1 in the loop.
-		otIdx = -1          // Index of the exemplar with the oldest timestamp.
-
-		md = -1.0 // Logarithm of the delta of the closest pair of exemplars.
-
-		// The insertion point of the new exemplar in the exemplars slice after insertion.
-		// This is calculated purely based on the order of the exemplars by value.
-		// nIdx == len(n.exemplars) means the new exemplar is to be inserted after the end.
-		nIdx = -1
-
-		// rIdx is ultimately the index for the exemplar that we are replacing with the new exemplar.
-		// The aim is to keep a good spread of exemplars by value and not let them bunch up too much.
-		// It is calculated in 3 steps:
-		//   1. First we set rIdx to the index of the older exemplar within the closest pair by value.
-		//      That is the following will be true (on log scale):
-		//      either the exemplar pair on index (rIdx-1, rIdx) or (rIdx, rIdx+1) will have
-		//      the closest values to each other from all pairs.
-		//      For example, suppose the values are distributed like this:
-		//        |-----------x-------------x----------------x----x-----|
-		//                                                   ^--rIdx as this is older.
-		//      Or like this:
-		//        |-----------x-------------x----------------x----x-----|
-		//                                                        ^--rIdx as this is older.
-		//   2. If there is an exemplar that expired, then we simple reset rIdx to that index.
-		//   3. We check if by inserting the new exemplar we would create a closer pair at
-		//      (nIdx-1, nIdx) or (nIdx, nIdx+1) and set rIdx to nIdx-1 or nIdx accordingly to
-		//      keep the spread of exemplars by value; otherwise we keep rIdx as it is.
-		rIdx = -1
-		cLog float64 // Logarithm of the current exemplar.
-		pLog float64 // Logarithm of the previous exemplar.
-	)
-
-	for i, exemplar := range n.exemplars {
-		// Find the exemplar with the oldest timestamp.
-		if otIdx == -1 || exemplar.Timestamp.AsTime().Before(ot) {
-			ot = exemplar.Timestamp.AsTime()
-			otIdx = i
-		}
-
-		// Find the index at which to insert new the exemplar.
-		if nIdx == -1 && *e.Value <= *exemplar.Value {
-			nIdx = i
-		}
-
-		// Find the two closest exemplars and pick the one the with older timestamp.
-		pLog = cLog
-		cLog = math.Log(exemplar.GetValue())
-		if i == 0 {
-			continue
-		}
-		diff := math.Abs(cLog - pLog)
-		if md == -1 || diff < md {
-			// The closest exemplar pair is at index: i-1, i.
-			// Choose the exemplar with the older timestamp for replacement.
-			md = diff
-			if n.exemplars[i].Timestamp.AsTime().Before(n.exemplars[i-1].Timestamp.AsTime()) {
-				rIdx = i
-			} else {
-				rIdx = i - 1
-			}
-		}
-
-	}
-
-	// If all existing exemplar are smaller than new exemplar,
-	// then the exemplar should be inserted at the end.
-	if nIdx == -1 {
-		nIdx = len(n.exemplars)
-	}
-	// Here, we have the following relationships:
-	// n.exemplars[nIdx-1].Value < e.Value (if nIdx > 0)
-	// e.Value <= n.exemplars[nIdx].Value (if nIdx < len(n.exemplars))
-
-	if otIdx != -1 && e.Timestamp.AsTime().Sub(ot) > n.ttl {
-		// If the oldest exemplar has expired, then replace it with the new exemplar.
-		rIdx = otIdx
-	} else {
-		// In the previous for loop, when calculating the closest pair of exemplars,
-		// we did not take into account the newly inserted exemplar.
-		// So we need to calculate with the newly inserted exemplar again.
-		elog := math.Log(e.GetValue())
-		if nIdx > 0 {
-			diff := math.Abs(elog - math.Log(n.exemplars[nIdx-1].GetValue()))
-			if diff < md {
-				// The value we are about to insert is closer to the previous exemplar at the insertion point than what we calculated before in rIdx.
-				//                                            v--rIdx
-				// |-----------x-n-----------x----------------x----x-----|
-				//     nIdx-1--^ ^--new exemplar value
-				// Do not make the spread worse, replace nIdx-1 and not rIdx.
-				md = diff
-				rIdx = nIdx - 1
-			}
-		}
-		if nIdx < len(n.exemplars) {
-			diff := math.Abs(math.Log(n.exemplars[nIdx].GetValue()) - elog)
-			if diff < md {
-				// The value we are about to insert is closer to the next exemplar at the insertion point than what we calculated before in rIdx.
-				//                                            v--rIdx
-				// |-----------x-----------n-x----------------x----x-----|
-				//     new exemplar value--^ ^--nIdx
-				// Do not make the spread worse, replace nIdx-1 and not rIdx.
-				rIdx = nIdx
-			}
-		}
-	}
-
-	// Adjust the slice according to rIdx and nIdx.
-	switch {
-	case rIdx == nIdx:
-		n.exemplars[nIdx] = e
-	case rIdx < nIdx:
-		n.exemplars = append(n.exemplars[:rIdx], append(n.exemplars[rIdx+1:nIdx], append([]*dto.Exemplar{e}, n.exemplars[nIdx:]...)...)...)
-	case rIdx > nIdx:
-		n.exemplars = append(n.exemplars[:nIdx], append([]*dto.Exemplar{e}, append(n.exemplars[nIdx:rIdx], n.exemplars[rIdx+1:]...)...)...)
-	}
-}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/internal/go_collector_options.go b/vendor/github.com/prometheus/client_golang/prometheus/internal/go_collector_options.go
index a4fa6eabd..723b45d64 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/internal/go_collector_options.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/internal/go_collector_options.go
@@ -30,5 +30,3 @@ type GoCollectorOptions struct {
 	RuntimeMetricSumForHist    map[string]string
 	RuntimeMetricRules         []GoCollectorRule
 }
-
-var GoCollectorDefaultRuntimeMetrics = regexp.MustCompile(`/gc/gogc:percent|/gc/gomemlimit:bytes|/sched/gomaxprocs:threads`)
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/metric.go b/vendor/github.com/prometheus/client_golang/prometheus/metric.go
index 9d9b81ab4..f018e5723 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/metric.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/metric.go
@@ -234,7 +234,7 @@ func NewMetricWithExemplars(m Metric, exemplars ...Exemplar) (Metric, error) {
 	)
 	for i, e := range exemplars {
 		ts := e.Timestamp
-		if ts.IsZero() {
+		if ts == (time.Time{}) {
 			ts = now
 		}
 		exs[i], err = newExemplar(e.Value, ts, e.Labels)
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go b/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go
index 62a4e7ad9..8548dd18e 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go
@@ -22,15 +22,14 @@ import (
 )
 
 type processCollector struct {
-	collectFn         func(chan<- Metric)
-	pidFn             func() (int, error)
-	reportErrors      bool
-	cpuTotal          *Desc
-	openFDs, maxFDs   *Desc
-	vsize, maxVsize   *Desc
-	rss               *Desc
-	startTime         *Desc
-	inBytes, outBytes *Desc
+	collectFn       func(chan<- Metric)
+	pidFn           func() (int, error)
+	reportErrors    bool
+	cpuTotal        *Desc
+	openFDs, maxFDs *Desc
+	vsize, maxVsize *Desc
+	rss             *Desc
+	startTime       *Desc
 }
 
 // ProcessCollectorOpts defines the behavior of a process metrics collector
@@ -101,16 +100,6 @@ func NewProcessCollector(opts ProcessCollectorOpts) Collector {
 			"Start time of the process since unix epoch in seconds.",
 			nil, nil,
 		),
-		inBytes: NewDesc(
-			ns+"process_network_receive_bytes_total",
-			"Number of bytes received by the process over the network.",
-			nil, nil,
-		),
-		outBytes: NewDesc(
-			ns+"process_network_transmit_bytes_total",
-			"Number of bytes sent by the process over the network.",
-			nil, nil,
-		),
 	}
 
 	if opts.PidFn == nil {
@@ -140,8 +129,6 @@ func (c *processCollector) Describe(ch chan<- *Desc) {
 	ch <- c.maxVsize
 	ch <- c.rss
 	ch <- c.startTime
-	ch <- c.inBytes
-	ch <- c.outBytes
 }
 
 // Collect returns the current state of all metrics of the collector.
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go b/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go
index 14d56d2d0..8c1136cee 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/process_collector_other.go
@@ -63,18 +63,4 @@ func (c *processCollector) processCollect(ch chan<- Metric) {
 	} else {
 		c.reportError(ch, nil, err)
 	}
-
-	if netstat, err := p.Netstat(); err == nil {
-		var inOctets, outOctets float64
-		if netstat.IpExt.InOctets != nil {
-			inOctets = *netstat.IpExt.InOctets
-		}
-		if netstat.IpExt.OutOctets != nil {
-			outOctets = *netstat.IpExt.OutOctets
-		}
-		ch <- MustNewConstMetric(c.inBytes, CounterValue, inOctets)
-		ch <- MustNewConstMetric(c.outBytes, CounterValue, outOctets)
-	} else {
-		c.reportError(ch, nil, err)
-	}
 }
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go
index 315eab5f1..9819917b8 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/delegator.go
@@ -76,12 +76,6 @@ func (r *responseWriterDelegator) Write(b []byte) (int, error) {
 	return n, err
 }
 
-// Unwrap lets http.ResponseController get the underlying http.ResponseWriter,
-// by implementing the [rwUnwrapper](https://cs.opensource.google/go/go/+/refs/tags/go1.21.4:src/net/http/responsecontroller.go;l=42-44) interface.
-func (r *responseWriterDelegator) Unwrap() http.ResponseWriter {
-	return r.ResponseWriter
-}
-
 type (
 	closeNotifierDelegator struct{ *responseWriterDelegator }
 	flusherDelegator       struct{ *responseWriterDelegator }
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
index e598e66e6..09b8d2fbe 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/promhttp/http.go
@@ -38,13 +38,12 @@ import (
 	"io"
 	"net/http"
 	"strconv"
+	"strings"
 	"sync"
 	"time"
 
-	"github.com/klauspost/compress/zstd"
 	"github.com/prometheus/common/expfmt"
 
-	"github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil"
 	"github.com/prometheus/client_golang/prometheus"
 )
 
@@ -55,18 +54,6 @@ const (
 	processStartTimeHeader = "Process-Start-Time-Unix"
 )
 
-// Compression represents the content encodings handlers support for the HTTP
-// responses.
-type Compression string
-
-const (
-	Identity Compression = "identity"
-	Gzip     Compression = "gzip"
-	Zstd     Compression = "zstd"
-)
-
-var defaultCompressionFormats = []Compression{Identity, Gzip, Zstd}
-
 var gzipPool = sync.Pool{
 	New: func() interface{} {
 		return gzip.NewWriter(nil)
@@ -135,18 +122,6 @@ func HandlerForTransactional(reg prometheus.TransactionalGatherer, opts HandlerO
 		}
 	}
 
-	// Select compression formats to offer based on default or user choice.
-	var compressions []string
-	if !opts.DisableCompression {
-		offers := defaultCompressionFormats
-		if len(opts.OfferedCompressions) > 0 {
-			offers = opts.OfferedCompressions
-		}
-		for _, comp := range offers {
-			compressions = append(compressions, string(comp))
-		}
-	}
-
 	h := http.HandlerFunc(func(rsp http.ResponseWriter, req *http.Request) {
 		if !opts.ProcessStartTime.IsZero() {
 			rsp.Header().Set(processStartTimeHeader, strconv.FormatInt(opts.ProcessStartTime.Unix(), 10))
@@ -190,23 +165,21 @@ func HandlerForTransactional(reg prometheus.TransactionalGatherer, opts HandlerO
 		} else {
 			contentType = expfmt.Negotiate(req.Header)
 		}
-		rsp.Header().Set(contentTypeHeader, string(contentType))
+		header := rsp.Header()
+		header.Set(contentTypeHeader, string(contentType))
 
-		w, encodingHeader, closeWriter, err := negotiateEncodingWriter(req, rsp, compressions)
-		if err != nil {
-			if opts.ErrorLog != nil {
-				opts.ErrorLog.Println("error getting writer", err)
-			}
-			w = io.Writer(rsp)
-			encodingHeader = string(Identity)
-		}
+		w := io.Writer(rsp)
+		if !opts.DisableCompression && gzipAccepted(req.Header) {
+			header.Set(contentEncodingHeader, "gzip")
+			gz := gzipPool.Get().(*gzip.Writer)
+			defer gzipPool.Put(gz)
 
-		defer closeWriter()
+			gz.Reset(w)
+			defer gz.Close()
 
-		// Set Content-Encoding only when data is compressed
-		if encodingHeader != string(Identity) {
-			rsp.Header().Set(contentEncodingHeader, encodingHeader)
+			w = gz
 		}
+
 		enc := expfmt.NewEncoder(w, contentType)
 
 		// handleError handles the error according to opts.ErrorHandling
@@ -370,19 +343,9 @@ type HandlerOpts struct {
 	// no effect on the HTTP status code because ErrorHandling is set to
 	// ContinueOnError.
 	Registry prometheus.Registerer
-	// DisableCompression disables the response encoding (compression) and
-	// encoding negotiation. If true, the handler will
-	// never compress the response, even if requested
-	// by the client and the OfferedCompressions field is set.
+	// If DisableCompression is true, the handler will never compress the
+	// response, even if requested by the client.
 	DisableCompression bool
-	// OfferedCompressions is a set of encodings (compressions) handler will
-	// try to offer when negotiating with the client. This defaults to identity, gzip
-	// and zstd.
-	// NOTE: If handler can't agree with the client on the encodings or
-	// unsupported or empty encodings are set in OfferedCompressions,
-	// handler always fallbacks to no compression (identity), for
-	// compatibility reasons. In such cases ErrorLog will be used if set.
-	OfferedCompressions []Compression
 	// The number of concurrent HTTP requests is limited to
 	// MaxRequestsInFlight. Additional requests are responded to with 503
 	// Service Unavailable and a suitable message in the body. If
@@ -418,6 +381,19 @@ type HandlerOpts struct {
 	ProcessStartTime time.Time
 }
 
+// gzipAccepted returns whether the client will accept gzip-encoded content.
+func gzipAccepted(header http.Header) bool {
+	a := header.Get(acceptEncodingHeader)
+	parts := strings.Split(a, ",")
+	for _, part := range parts {
+		part = strings.TrimSpace(part)
+		if part == "gzip" || strings.HasPrefix(part, "gzip;") {
+			return true
+		}
+	}
+	return false
+}
+
 // httpError removes any content-encoding header and then calls http.Error with
 // the provided error and http.StatusInternalServerError. Error contents is
 // supposed to be uncompressed plain text. Same as with a plain http.Error, this
@@ -430,38 +406,3 @@ func httpError(rsp http.ResponseWriter, err error) {
 		http.StatusInternalServerError,
 	)
 }
-
-// negotiateEncodingWriter reads the Accept-Encoding header from a request and
-// selects the right compression based on an allow-list of supported
-// compressions. It returns a writer implementing the compression and an the
-// correct value that the caller can set in the response header.
-func negotiateEncodingWriter(r *http.Request, rw io.Writer, compressions []string) (_ io.Writer, encodingHeaderValue string, closeWriter func(), _ error) {
-	if len(compressions) == 0 {
-		return rw, string(Identity), func() {}, nil
-	}
-
-	// TODO(mrueg): Replace internal/github.com/gddo once https://github.com/golang/go/issues/19307 is implemented.
-	selected := httputil.NegotiateContentEncoding(r, compressions)
-
-	switch selected {
-	case "zstd":
-		// TODO(mrueg): Replace klauspost/compress with stdlib implementation once https://github.com/golang/go/issues/62513 is implemented.
-		z, err := zstd.NewWriter(rw, zstd.WithEncoderLevel(zstd.SpeedFastest))
-		if err != nil {
-			return nil, "", func() {}, err
-		}
-
-		z.Reset(rw)
-		return z, selected, func() { _ = z.Close() }, nil
-	case "gzip":
-		gz := gzipPool.Get().(*gzip.Writer)
-		gz.Reset(rw)
-		return gz, selected, func() { _ = gz.Close(); gzipPool.Put(gz) }, nil
-	case "identity":
-		// This means the content is not compressed.
-		return rw, selected, func() {}, nil
-	default:
-		// The content encoding was not implemented yet.
-		return nil, "", func() {}, fmt.Errorf("content compression format not recognized: %s. Valid formats are: %s", selected, defaultCompressionFormats)
-	}
-}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/registry.go b/vendor/github.com/prometheus/client_golang/prometheus/registry.go
index c6fd2f58b..5e2ced25a 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/registry.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/registry.go
@@ -314,17 +314,16 @@ func (r *Registry) Register(c Collector) error {
 			if dimHash != desc.dimHash {
 				return fmt.Errorf("a previously registered descriptor with the same fully-qualified name as %s has different label names or a different help string", desc)
 			}
-			continue
-		}
-
-		// ...then check the new descriptors already seen.
-		if dimHash, exists := newDimHashesByName[desc.fqName]; exists {
-			if dimHash != desc.dimHash {
-				return fmt.Errorf("descriptors reported by collector have inconsistent label names or help strings for the same fully-qualified name, offender is %s", desc)
+		} else {
+			// ...then check the new descriptors already seen.
+			if dimHash, exists := newDimHashesByName[desc.fqName]; exists {
+				if dimHash != desc.dimHash {
+					return fmt.Errorf("descriptors reported by collector have inconsistent label names or help strings for the same fully-qualified name, offender is %s", desc)
+				}
+			} else {
+				newDimHashesByName[desc.fqName] = desc.dimHash
 			}
-			continue
 		}
-		newDimHashesByName[desc.fqName] = desc.dimHash
 	}
 	// A Collector yielding no Desc at all is considered unchecked.
 	if len(newDescIDs) == 0 {
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/summary.go b/vendor/github.com/prometheus/client_golang/prometheus/summary.go
index 1ab0e4796..146270444 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/summary.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/summary.go
@@ -783,45 +783,3 @@ func MustNewConstSummary(
 	}
 	return m
 }
-
-// NewConstSummaryWithCreatedTimestamp does the same thing as NewConstSummary but sets the created timestamp.
-func NewConstSummaryWithCreatedTimestamp(
-	desc *Desc,
-	count uint64,
-	sum float64,
-	quantiles map[float64]float64,
-	ct time.Time,
-	labelValues ...string,
-) (Metric, error) {
-	if desc.err != nil {
-		return nil, desc.err
-	}
-	if err := validateLabelValues(labelValues, len(desc.variableLabels.names)); err != nil {
-		return nil, err
-	}
-	return &constSummary{
-		desc:       desc,
-		count:      count,
-		sum:        sum,
-		quantiles:  quantiles,
-		labelPairs: MakeLabelPairs(desc, labelValues),
-		createdTs:  timestamppb.New(ct),
-	}, nil
-}
-
-// MustNewConstSummaryWithCreatedTimestamp is a version of NewConstSummaryWithCreatedTimestamp that panics where
-// NewConstSummaryWithCreatedTimestamp would have returned an error.
-func MustNewConstSummaryWithCreatedTimestamp(
-	desc *Desc,
-	count uint64,
-	sum float64,
-	quantiles map[float64]float64,
-	ct time.Time,
-	labelValues ...string,
-) Metric {
-	m, err := NewConstSummaryWithCreatedTimestamp(desc, count, sum, quantiles, ct, labelValues...)
-	if err != nil {
-		panic(err)
-	}
-	return m
-}
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/vec.go b/vendor/github.com/prometheus/client_golang/prometheus/vec.go
index 2c808eece..955cfd59f 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/vec.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/vec.go
@@ -507,7 +507,7 @@ func (m *metricMap) getOrCreateMetricWithLabelValues(
 	return metric
 }
 
-// getOrCreateMetricWithLabels retrieves the metric by hash and label value
+// getOrCreateMetricWithLabelValues retrieves the metric by hash and label value
 // or creates it and returns the new one.
 //
 // This function holds the mutex.
diff --git a/vendor/github.com/prometheus/client_model/go/metrics.pb.go b/vendor/github.com/prometheus/client_model/go/metrics.pb.go
index 2f1549075..cee360db7 100644
--- a/vendor/github.com/prometheus/client_model/go/metrics.pb.go
+++ b/vendor/github.com/prometheus/client_model/go/metrics.pb.go
@@ -483,8 +483,6 @@ type Histogram struct {
 	// histograms.
 	PositiveDelta []int64   `protobuf:"zigzag64,13,rep,name=positive_delta,json=positiveDelta" json:"positive_delta,omitempty"` // Count delta of each bucket compared to previous one (or to zero for 1st bucket).
 	PositiveCount []float64 `protobuf:"fixed64,14,rep,name=positive_count,json=positiveCount" json:"positive_count,omitempty"`  // Absolute count of each bucket.
-	// Only used for native histograms. These exemplars MUST have a timestamp.
-	Exemplars []*Exemplar `protobuf:"bytes,16,rep,name=exemplars" json:"exemplars,omitempty"`
 }
 
 func (x *Histogram) Reset() {
@@ -624,13 +622,6 @@ func (x *Histogram) GetPositiveCount() []float64 {
 	return nil
 }
 
-func (x *Histogram) GetExemplars() []*Exemplar {
-	if x != nil {
-		return x.Exemplars
-	}
-	return nil
-}
-
 // A Bucket of a conventional histogram, each of which is treated as
 // an individual counter-like time series by Prometheus.
 type Bucket struct {
@@ -932,7 +923,6 @@ type MetricFamily struct {
 	Help   *string     `protobuf:"bytes,2,opt,name=help" json:"help,omitempty"`
 	Type   *MetricType `protobuf:"varint,3,opt,name=type,enum=io.prometheus.client.MetricType" json:"type,omitempty"`
 	Metric []*Metric   `protobuf:"bytes,4,rep,name=metric" json:"metric,omitempty"`
-	Unit   *string     `protobuf:"bytes,5,opt,name=unit" json:"unit,omitempty"`
 }
 
 func (x *MetricFamily) Reset() {
@@ -995,13 +985,6 @@ func (x *MetricFamily) GetMetric() []*Metric {
 	return nil
 }
 
-func (x *MetricFamily) GetUnit() string {
-	if x != nil && x.Unit != nil {
-		return *x.Unit
-	}
-	return ""
-}
-
 var File_io_prometheus_client_metrics_proto protoreflect.FileDescriptor
 
 var file_io_prometheus_client_metrics_proto_rawDesc = []byte{
@@ -1045,7 +1028,7 @@ var file_io_prometheus_client_metrics_proto_rawDesc = []byte{
 	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x10, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64,
 	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x22, 0x1f, 0x0a, 0x07, 0x55, 0x6e, 0x74,
 	0x79, 0x70, 0x65, 0x64, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xea, 0x05, 0x0a, 0x09, 0x48,
+	0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x22, 0xac, 0x05, 0x0a, 0x09, 0x48,
 	0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x73, 0x61, 0x6d, 0x70,
 	0x6c, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0b,
 	0x73, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x2c, 0x0a, 0x12, 0x73,
@@ -1088,84 +1071,79 @@ var file_io_prometheus_client_metrics_proto_rawDesc = []byte{
 	0x03, 0x28, 0x12, 0x52, 0x0d, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x44, 0x65, 0x6c,
 	0x74, 0x61, 0x12, 0x25, 0x0a, 0x0e, 0x70, 0x6f, 0x73, 0x69, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63,
 	0x6f, 0x75, 0x6e, 0x74, 0x18, 0x0e, 0x20, 0x03, 0x28, 0x01, 0x52, 0x0d, 0x70, 0x6f, 0x73, 0x69,
-	0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x3c, 0x0a, 0x09, 0x65, 0x78, 0x65,
-	0x6d, 0x70, 0x6c, 0x61, 0x72, 0x73, 0x18, 0x10, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69,
-	0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69,
-	0x65, 0x6e, 0x74, 0x2e, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x09, 0x65, 0x78,
-	0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x73, 0x22, 0xc6, 0x01, 0x0a, 0x06, 0x42, 0x75, 0x63, 0x6b,
-	0x65, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65,
-	0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0f, 0x63, 0x75,
-	0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x34, 0x0a,
-	0x16, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e,
-	0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x01, 0x52, 0x14, 0x63,
-	0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x46, 0x6c,
-	0x6f, 0x61, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x75, 0x70, 0x70, 0x65, 0x72, 0x5f, 0x62, 0x6f, 0x75,
-	0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0a, 0x75, 0x70, 0x70, 0x65, 0x72, 0x42,
-	0x6f, 0x75, 0x6e, 0x64, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72,
-	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d,
-	0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x45, 0x78,
-	0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72,
-	0x22, 0x3c, 0x0a, 0x0a, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, 0x6e, 0x12, 0x16,
-	0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x11, 0x52, 0x06,
-	0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68,
-	0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x22, 0x91,
-	0x01, 0x0a, 0x08, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x12, 0x35, 0x0a, 0x05, 0x6c,
-	0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e,
-	0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e,
-	0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, 0x72, 0x52, 0x05, 0x6c, 0x61, 0x62,
-	0x65, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
-	0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65,
-	0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e, 0x67, 0x6f,
-	0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x54, 0x69,
-	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
-	0x6d, 0x70, 0x22, 0xff, 0x02, 0x0a, 0x06, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x12, 0x35, 0x0a,
+	0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x22, 0xc6, 0x01, 0x0a, 0x06, 0x42, 0x75,
+	0x63, 0x6b, 0x65, 0x74, 0x12, 0x29, 0x0a, 0x10, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69,
+	0x76, 0x65, 0x5f, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x04, 0x52, 0x0f,
+	0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x12,
+	0x34, 0x0a, 0x16, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x5f, 0x63, 0x6f,
+	0x75, 0x6e, 0x74, 0x5f, 0x66, 0x6c, 0x6f, 0x61, 0x74, 0x18, 0x04, 0x20, 0x01, 0x28, 0x01, 0x52,
+	0x14, 0x63, 0x75, 0x6d, 0x75, 0x6c, 0x61, 0x74, 0x69, 0x76, 0x65, 0x43, 0x6f, 0x75, 0x6e, 0x74,
+	0x46, 0x6c, 0x6f, 0x61, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x75, 0x70, 0x70, 0x65, 0x72, 0x5f, 0x62,
+	0x6f, 0x75, 0x6e, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x01, 0x52, 0x0a, 0x75, 0x70, 0x70, 0x65,
+	0x72, 0x42, 0x6f, 0x75, 0x6e, 0x64, 0x12, 0x3a, 0x0a, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c,
+	0x61, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1e, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72,
+	0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e,
+	0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x52, 0x08, 0x65, 0x78, 0x65, 0x6d, 0x70, 0x6c,
+	0x61, 0x72, 0x22, 0x3c, 0x0a, 0x0a, 0x42, 0x75, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x70, 0x61, 0x6e,
+	0x12, 0x16, 0x0a, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x11,
+	0x52, 0x06, 0x6f, 0x66, 0x66, 0x73, 0x65, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x6c, 0x65, 0x6e, 0x67,
+	0x74, 0x68, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68,
+	0x22, 0x91, 0x01, 0x0a, 0x08, 0x45, 0x78, 0x65, 0x6d, 0x70, 0x6c, 0x61, 0x72, 0x12, 0x35, 0x0a,
 	0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69,
 	0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69,
 	0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, 0x72, 0x52, 0x05, 0x6c,
-	0x61, 0x62, 0x65, 0x6c, 0x12, 0x31, 0x0a, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68,
-	0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x47, 0x61, 0x75, 0x67, 0x65,
-	0x52, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x12, 0x37, 0x0a, 0x07, 0x63, 0x6f, 0x75, 0x6e, 0x74,
-	0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72,
-	0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e,
-	0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x52, 0x07, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72,
-	0x12, 0x37, 0x0a, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x18, 0x04, 0x20, 0x01, 0x28,
-	0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75,
-	0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x53, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79,
-	0x52, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x37, 0x0a, 0x07, 0x75, 0x6e, 0x74,
-	0x79, 0x70, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e,
+	0x61, 0x62, 0x65, 0x6c, 0x12, 0x14, 0x0a, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x01, 0x52, 0x05, 0x76, 0x61, 0x6c, 0x75, 0x65, 0x12, 0x38, 0x0a, 0x09, 0x74, 0x69,
+	0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1a, 0x2e,
+	0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
+	0x54, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x73,
+	0x74, 0x61, 0x6d, 0x70, 0x22, 0xff, 0x02, 0x0a, 0x06, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x12,
+	0x35, 0x0a, 0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x18, 0x01, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1f,
+	0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63,
+	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4c, 0x61, 0x62, 0x65, 0x6c, 0x50, 0x61, 0x69, 0x72, 0x52,
+	0x05, 0x6c, 0x61, 0x62, 0x65, 0x6c, 0x12, 0x31, 0x0a, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x18,
+	0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1b, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
+	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x47, 0x61, 0x75,
+	0x67, 0x65, 0x52, 0x05, 0x67, 0x61, 0x75, 0x67, 0x65, 0x12, 0x37, 0x0a, 0x07, 0x63, 0x6f, 0x75,
+	0x6e, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e,
 	0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e,
-	0x74, 0x2e, 0x55, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x52, 0x07, 0x75, 0x6e, 0x74, 0x79, 0x70,
-	0x65, 0x64, 0x12, 0x3d, 0x0a, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x18,
-	0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
-	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x48, 0x69, 0x73,
-	0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x52, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61,
-	0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x5f, 0x6d,
-	0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61,
-	0x6d, 0x70, 0x4d, 0x73, 0x22, 0xb6, 0x01, 0x0a, 0x0c, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x46,
-	0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x68, 0x65, 0x6c,
-	0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x65, 0x6c, 0x70, 0x12, 0x34, 0x0a,
-	0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e, 0x69, 0x6f,
-	0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65,
-	0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x52, 0x04, 0x74,
-	0x79, 0x70, 0x65, 0x12, 0x34, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x18, 0x04, 0x20,
-	0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68,
-	0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69,
-	0x63, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x12, 0x12, 0x0a, 0x04, 0x75, 0x6e, 0x69,
-	0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x75, 0x6e, 0x69, 0x74, 0x2a, 0x62, 0x0a,
-	0x0a, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x43,
-	0x4f, 0x55, 0x4e, 0x54, 0x45, 0x52, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x47, 0x41, 0x55, 0x47,
-	0x45, 0x10, 0x01, 0x12, 0x0b, 0x0a, 0x07, 0x53, 0x55, 0x4d, 0x4d, 0x41, 0x52, 0x59, 0x10, 0x02,
-	0x12, 0x0b, 0x0a, 0x07, 0x55, 0x4e, 0x54, 0x59, 0x50, 0x45, 0x44, 0x10, 0x03, 0x12, 0x0d, 0x0a,
-	0x09, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x04, 0x12, 0x13, 0x0a, 0x0f,
-	0x47, 0x41, 0x55, 0x47, 0x45, 0x5f, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10,
-	0x05, 0x42, 0x52, 0x0a, 0x14, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65,
-	0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5a, 0x3a, 0x67, 0x69, 0x74, 0x68, 0x75,
-	0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73,
-	0x2f, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x2f, 0x67, 0x6f,
-	0x3b, 0x69, 0x6f, 0x5f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x5f, 0x63,
-	0x6c, 0x69, 0x65, 0x6e, 0x74,
+	0x74, 0x2e, 0x43, 0x6f, 0x75, 0x6e, 0x74, 0x65, 0x72, 0x52, 0x07, 0x63, 0x6f, 0x75, 0x6e, 0x74,
+	0x65, 0x72, 0x12, 0x37, 0x0a, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68,
+	0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x53, 0x75, 0x6d, 0x6d, 0x61,
+	0x72, 0x79, 0x52, 0x07, 0x73, 0x75, 0x6d, 0x6d, 0x61, 0x72, 0x79, 0x12, 0x37, 0x0a, 0x07, 0x75,
+	0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1d, 0x2e, 0x69,
+	0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69,
+	0x65, 0x6e, 0x74, 0x2e, 0x55, 0x6e, 0x74, 0x79, 0x70, 0x65, 0x64, 0x52, 0x07, 0x75, 0x6e, 0x74,
+	0x79, 0x70, 0x65, 0x64, 0x12, 0x3d, 0x0a, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61,
+	0x6d, 0x18, 0x07, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x1f, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f,
+	0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x48,
+	0x69, 0x73, 0x74, 0x6f, 0x67, 0x72, 0x61, 0x6d, 0x52, 0x09, 0x68, 0x69, 0x73, 0x74, 0x6f, 0x67,
+	0x72, 0x61, 0x6d, 0x12, 0x21, 0x0a, 0x0c, 0x74, 0x69, 0x6d, 0x65, 0x73, 0x74, 0x61, 0x6d, 0x70,
+	0x5f, 0x6d, 0x73, 0x18, 0x06, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x73,
+	0x74, 0x61, 0x6d, 0x70, 0x4d, 0x73, 0x22, 0xa2, 0x01, 0x0a, 0x0c, 0x4d, 0x65, 0x74, 0x72, 0x69,
+	0x63, 0x46, 0x61, 0x6d, 0x69, 0x6c, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x18,
+	0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x12, 0x0a, 0x04, 0x68,
+	0x65, 0x6c, 0x70, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x68, 0x65, 0x6c, 0x70, 0x12,
+	0x34, 0x0a, 0x04, 0x74, 0x79, 0x70, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x20, 0x2e,
+	0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c,
+	0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x52,
+	0x04, 0x74, 0x79, 0x70, 0x65, 0x12, 0x34, 0x0a, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x18,
+	0x04, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x1c, 0x2e, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65,
+	0x74, 0x68, 0x65, 0x75, 0x73, 0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2e, 0x4d, 0x65, 0x74,
+	0x72, 0x69, 0x63, 0x52, 0x06, 0x6d, 0x65, 0x74, 0x72, 0x69, 0x63, 0x2a, 0x62, 0x0a, 0x0a, 0x4d,
+	0x65, 0x74, 0x72, 0x69, 0x63, 0x54, 0x79, 0x70, 0x65, 0x12, 0x0b, 0x0a, 0x07, 0x43, 0x4f, 0x55,
+	0x4e, 0x54, 0x45, 0x52, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x47, 0x41, 0x55, 0x47, 0x45, 0x10,
+	0x01, 0x12, 0x0b, 0x0a, 0x07, 0x53, 0x55, 0x4d, 0x4d, 0x41, 0x52, 0x59, 0x10, 0x02, 0x12, 0x0b,
+	0x0a, 0x07, 0x55, 0x4e, 0x54, 0x59, 0x50, 0x45, 0x44, 0x10, 0x03, 0x12, 0x0d, 0x0a, 0x09, 0x48,
+	0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x04, 0x12, 0x13, 0x0a, 0x0f, 0x47, 0x41,
+	0x55, 0x47, 0x45, 0x5f, 0x48, 0x49, 0x53, 0x54, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x10, 0x05, 0x42,
+	0x52, 0x0a, 0x14, 0x69, 0x6f, 0x2e, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73,
+	0x2e, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5a, 0x3a, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x2f, 0x63,
+	0x6c, 0x69, 0x65, 0x6e, 0x74, 0x5f, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x2f, 0x67, 0x6f, 0x3b, 0x69,
+	0x6f, 0x5f, 0x70, 0x72, 0x6f, 0x6d, 0x65, 0x74, 0x68, 0x65, 0x75, 0x73, 0x5f, 0x63, 0x6c, 0x69,
+	0x65, 0x6e, 0x74,
 }
 
 var (
@@ -1207,23 +1185,22 @@ var file_io_prometheus_client_metrics_proto_depIdxs = []int32{
 	13, // 5: io.prometheus.client.Histogram.created_timestamp:type_name -> google.protobuf.Timestamp
 	9,  // 6: io.prometheus.client.Histogram.negative_span:type_name -> io.prometheus.client.BucketSpan
 	9,  // 7: io.prometheus.client.Histogram.positive_span:type_name -> io.prometheus.client.BucketSpan
-	10, // 8: io.prometheus.client.Histogram.exemplars:type_name -> io.prometheus.client.Exemplar
-	10, // 9: io.prometheus.client.Bucket.exemplar:type_name -> io.prometheus.client.Exemplar
-	1,  // 10: io.prometheus.client.Exemplar.label:type_name -> io.prometheus.client.LabelPair
-	13, // 11: io.prometheus.client.Exemplar.timestamp:type_name -> google.protobuf.Timestamp
-	1,  // 12: io.prometheus.client.Metric.label:type_name -> io.prometheus.client.LabelPair
-	2,  // 13: io.prometheus.client.Metric.gauge:type_name -> io.prometheus.client.Gauge
-	3,  // 14: io.prometheus.client.Metric.counter:type_name -> io.prometheus.client.Counter
-	5,  // 15: io.prometheus.client.Metric.summary:type_name -> io.prometheus.client.Summary
-	6,  // 16: io.prometheus.client.Metric.untyped:type_name -> io.prometheus.client.Untyped
-	7,  // 17: io.prometheus.client.Metric.histogram:type_name -> io.prometheus.client.Histogram
-	0,  // 18: io.prometheus.client.MetricFamily.type:type_name -> io.prometheus.client.MetricType
-	11, // 19: io.prometheus.client.MetricFamily.metric:type_name -> io.prometheus.client.Metric
-	20, // [20:20] is the sub-list for method output_type
-	20, // [20:20] is the sub-list for method input_type
-	20, // [20:20] is the sub-list for extension type_name
-	20, // [20:20] is the sub-list for extension extendee
-	0,  // [0:20] is the sub-list for field type_name
+	10, // 8: io.prometheus.client.Bucket.exemplar:type_name -> io.prometheus.client.Exemplar
+	1,  // 9: io.prometheus.client.Exemplar.label:type_name -> io.prometheus.client.LabelPair
+	13, // 10: io.prometheus.client.Exemplar.timestamp:type_name -> google.protobuf.Timestamp
+	1,  // 11: io.prometheus.client.Metric.label:type_name -> io.prometheus.client.LabelPair
+	2,  // 12: io.prometheus.client.Metric.gauge:type_name -> io.prometheus.client.Gauge
+	3,  // 13: io.prometheus.client.Metric.counter:type_name -> io.prometheus.client.Counter
+	5,  // 14: io.prometheus.client.Metric.summary:type_name -> io.prometheus.client.Summary
+	6,  // 15: io.prometheus.client.Metric.untyped:type_name -> io.prometheus.client.Untyped
+	7,  // 16: io.prometheus.client.Metric.histogram:type_name -> io.prometheus.client.Histogram
+	0,  // 17: io.prometheus.client.MetricFamily.type:type_name -> io.prometheus.client.MetricType
+	11, // 18: io.prometheus.client.MetricFamily.metric:type_name -> io.prometheus.client.Metric
+	19, // [19:19] is the sub-list for method output_type
+	19, // [19:19] is the sub-list for method input_type
+	19, // [19:19] is the sub-list for extension type_name
+	19, // [19:19] is the sub-list for extension extendee
+	0,  // [0:19] is the sub-list for field type_name
 }
 
 func init() { file_io_prometheus_client_metrics_proto_init() }
diff --git a/vendor/github.com/prometheus/common/expfmt/decode.go b/vendor/github.com/prometheus/common/expfmt/decode.go
index 25cfaa216..b2b89b017 100644
--- a/vendor/github.com/prometheus/common/expfmt/decode.go
+++ b/vendor/github.com/prometheus/common/expfmt/decode.go
@@ -75,14 +75,14 @@ func ResponseFormat(h http.Header) Format {
 func NewDecoder(r io.Reader, format Format) Decoder {
 	switch format.FormatType() {
 	case TypeProtoDelim:
-		return &protoDecoder{r: bufio.NewReader(r)}
+		return &protoDecoder{r: r}
 	}
 	return &textDecoder{r: r}
 }
 
 // protoDecoder implements the Decoder interface for protocol buffers.
 type protoDecoder struct {
-	r protodelim.Reader
+	r io.Reader
 }
 
 // Decode implements the Decoder interface.
@@ -90,7 +90,7 @@ func (d *protoDecoder) Decode(v *dto.MetricFamily) error {
 	opts := protodelim.UnmarshalOptions{
 		MaxSize: -1,
 	}
-	if err := opts.UnmarshalFrom(d.r, v); err != nil {
+	if err := opts.UnmarshalFrom(bufio.NewReader(d.r), v); err != nil {
 		return err
 	}
 	if !model.IsValidMetricName(model.LabelValue(v.GetName())) {
diff --git a/vendor/github.com/prometheus/common/expfmt/encode.go b/vendor/github.com/prometheus/common/expfmt/encode.go
index ff5ef7a9d..8fd806184 100644
--- a/vendor/github.com/prometheus/common/expfmt/encode.go
+++ b/vendor/github.com/prometheus/common/expfmt/encode.go
@@ -21,10 +21,9 @@ import (
 	"google.golang.org/protobuf/encoding/protodelim"
 	"google.golang.org/protobuf/encoding/prototext"
 
+	"github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg"
 	"github.com/prometheus/common/model"
 
-	"github.com/munnerz/goautoneg"
-
 	dto "github.com/prometheus/client_model/go"
 )
 
@@ -140,13 +139,7 @@ func NegotiateIncludingOpenMetrics(h http.Header) Format {
 // interface is kept for backwards compatibility.
 // In cases where the Format does not allow for UTF-8 names, the global
 // NameEscapingScheme will be applied.
-//
-// NewEncoder can be called with additional options to customize the OpenMetrics text output.
-// For example:
-// NewEncoder(w, FmtOpenMetrics_1_0_0, WithCreatedLines())
-//
-// Extra options are ignored for all other formats.
-func NewEncoder(w io.Writer, format Format, options ...EncoderOption) Encoder {
+func NewEncoder(w io.Writer, format Format) Encoder {
 	escapingScheme := format.ToEscapingScheme()
 
 	switch format.FormatType() {
@@ -185,7 +178,7 @@ func NewEncoder(w io.Writer, format Format, options ...EncoderOption) Encoder {
 	case TypeOpenMetrics:
 		return encoderCloser{
 			encode: func(v *dto.MetricFamily) error {
-				_, err := MetricFamilyToOpenMetrics(w, model.EscapeMetricFamily(v, escapingScheme), options...)
+				_, err := MetricFamilyToOpenMetrics(w, model.EscapeMetricFamily(v, escapingScheme))
 				return err
 			},
 			close: func() error {
diff --git a/vendor/github.com/prometheus/common/expfmt/expfmt.go b/vendor/github.com/prometheus/common/expfmt/expfmt.go
index 051b38cd1..6fc9555e3 100644
--- a/vendor/github.com/prometheus/common/expfmt/expfmt.go
+++ b/vendor/github.com/prometheus/common/expfmt/expfmt.go
@@ -15,7 +15,6 @@
 package expfmt
 
 import (
-	"fmt"
 	"strings"
 
 	"github.com/prometheus/common/model"
@@ -64,7 +63,7 @@ const (
 type FormatType int
 
 const (
-	TypeUnknown FormatType = iota
+	TypeUnknown = iota
 	TypeProtoCompact
 	TypeProtoDelim
 	TypeProtoText
@@ -74,8 +73,7 @@ const (
 
 // NewFormat generates a new Format from the type provided. Mostly used for
 // tests, most Formats should be generated as part of content negotiation in
-// encode.go. If a type has more than one version, the latest version will be
-// returned.
+// encode.go.
 func NewFormat(t FormatType) Format {
 	switch t {
 	case TypeProtoCompact:
@@ -93,21 +91,13 @@ func NewFormat(t FormatType) Format {
 	}
 }
 
-// NewOpenMetricsFormat generates a new OpenMetrics format matching the
-// specified version number.
-func NewOpenMetricsFormat(version string) (Format, error) {
-	if version == OpenMetricsVersion_0_0_1 {
-		return fmtOpenMetrics_0_0_1, nil
-	}
-	if version == OpenMetricsVersion_1_0_0 {
-		return fmtOpenMetrics_1_0_0, nil
-	}
-	return fmtUnknown, fmt.Errorf("unknown open metrics version string")
-}
-
 // FormatType deduces an overall FormatType for the given format.
 func (f Format) FormatType() FormatType {
 	toks := strings.Split(string(f), ";")
+	if len(toks) < 2 {
+		return TypeUnknown
+	}
+
 	params := make(map[string]string)
 	for i, t := range toks {
 		if i == 0 {
diff --git a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go
index 353c5e93f..5622578ed 100644
--- a/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go
+++ b/vendor/github.com/prometheus/common/expfmt/openmetrics_create.go
@@ -22,47 +22,11 @@ import (
 	"strconv"
 	"strings"
 
-	"google.golang.org/protobuf/types/known/timestamppb"
-
 	"github.com/prometheus/common/model"
 
 	dto "github.com/prometheus/client_model/go"
 )
 
-type encoderOption struct {
-	withCreatedLines bool
-	withUnit         bool
-}
-
-type EncoderOption func(*encoderOption)
-
-// WithCreatedLines is an EncoderOption that configures the OpenMetrics encoder
-// to include _created lines (See
-// https://github.com/OpenObservability/OpenMetrics/blob/main/specification/OpenMetrics.md#counter-1).
-// Created timestamps can improve the accuracy of series reset detection, but
-// come with a bandwidth cost.
-//
-// At the time of writing, created timestamp ingestion is still experimental in
-// Prometheus and need to be enabled with the feature-flag
-// `--feature-flag=created-timestamp-zero-ingestion`, and breaking changes are
-// still possible. Therefore, it is recommended to use this feature with caution.
-func WithCreatedLines() EncoderOption {
-	return func(t *encoderOption) {
-		t.withCreatedLines = true
-	}
-}
-
-// WithUnit is an EncoderOption enabling a set unit to be written to the output
-// and to be added to the metric name, if it's not there already, as a suffix.
-// Without opting in this way, the unit will not be added to the metric name and,
-// on top of that, the unit will not be passed onto the output, even if it
-// were declared in the *dto.MetricFamily struct, i.e. even if in.Unit !=nil.
-func WithUnit() EncoderOption {
-	return func(t *encoderOption) {
-		t.withUnit = true
-	}
-}
-
 // MetricFamilyToOpenMetrics converts a MetricFamily proto message into the
 // OpenMetrics text format and writes the resulting lines to 'out'. It returns
 // the number of bytes written and any error encountered. The output will have
@@ -95,34 +59,20 @@ func WithUnit() EncoderOption {
 // Prometheus to OpenMetrics or vice versa:
 //
 //   - Counters are expected to have the `_total` suffix in their metric name. In
-//     the output, the suffix will be truncated from the `# TYPE`, `# HELP` and `# UNIT`
-//     lines. A counter with a missing `_total` suffix is not an error. However,
+//     the output, the suffix will be truncated from the `# TYPE` and `# HELP`
+//     line. A counter with a missing `_total` suffix is not an error. However,
 //     its type will be set to `unknown` in that case to avoid invalid OpenMetrics
 //     output.
 //
-//   - According to the OM specs, the `# UNIT` line is optional, but if populated,
-//     the unit has to be present in the metric name as its suffix:
-//     (see https://github.com/OpenObservability/OpenMetrics/blob/main/specification/OpenMetrics.md#unit).
-//     However, in order to accommodate any potential scenario where such a change in the
-//     metric name is not desirable, the users are here given the choice of either explicitly
-//     opt in, in case they wish for the unit to be included in the output AND in the metric name
-//     as a suffix (see the description of the WithUnit function above),
-//     or not to opt in, in case they don't want for any of that to happen.
-//
-//   - No support for the following (optional) features: info type,
-//     stateset type, gaugehistogram type.
+//   - No support for the following (optional) features: `# UNIT` line, `_created`
+//     line, info type, stateset type, gaugehistogram type.
 //
 //   - The size of exemplar labels is not checked (i.e. it's possible to create
 //     exemplars that are larger than allowed by the OpenMetrics specification).
 //
 //   - The value of Counters is not checked. (OpenMetrics doesn't allow counters
 //     with a `NaN` value.)
-func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...EncoderOption) (written int, err error) {
-	toOM := encoderOption{}
-	for _, option := range options {
-		option(&toOM)
-	}
-
+func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily) (written int, err error) {
 	name := in.GetName()
 	if name == "" {
 		return 0, fmt.Errorf("MetricFamily has no name: %s", in)
@@ -145,15 +95,12 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E
 	}
 
 	var (
-		n             int
-		metricType    = in.GetType()
-		compliantName = name
+		n          int
+		metricType = in.GetType()
+		shortName  = name
 	)
-	if metricType == dto.MetricType_COUNTER && strings.HasSuffix(compliantName, "_total") {
-		compliantName = name[:len(name)-6]
-	}
-	if toOM.withUnit && in.Unit != nil && !strings.HasSuffix(compliantName, fmt.Sprintf("_%s", *in.Unit)) {
-		compliantName = compliantName + fmt.Sprintf("_%s", *in.Unit)
+	if metricType == dto.MetricType_COUNTER && strings.HasSuffix(shortName, "_total") {
+		shortName = name[:len(name)-6]
 	}
 
 	// Comments, first HELP, then TYPE.
@@ -163,7 +110,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E
 		if err != nil {
 			return
 		}
-		n, err = writeName(w, compliantName)
+		n, err = writeName(w, shortName)
 		written += n
 		if err != nil {
 			return
@@ -189,7 +136,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E
 	if err != nil {
 		return
 	}
-	n, err = writeName(w, compliantName)
+	n, err = writeName(w, shortName)
 	written += n
 	if err != nil {
 		return
@@ -216,89 +163,55 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E
 	if err != nil {
 		return
 	}
-	if toOM.withUnit && in.Unit != nil {
-		n, err = w.WriteString("# UNIT ")
-		written += n
-		if err != nil {
-			return
-		}
-		n, err = writeName(w, compliantName)
-		written += n
-		if err != nil {
-			return
-		}
-
-		err = w.WriteByte(' ')
-		written++
-		if err != nil {
-			return
-		}
-		n, err = writeEscapedString(w, *in.Unit, true)
-		written += n
-		if err != nil {
-			return
-		}
-		err = w.WriteByte('\n')
-		written++
-		if err != nil {
-			return
-		}
-	}
-
-	var createdTsBytesWritten int
 
 	// Finally the samples, one line for each.
-	if metricType == dto.MetricType_COUNTER && strings.HasSuffix(name, "_total") {
-		compliantName = compliantName + "_total"
-	}
 	for _, metric := range in.Metric {
 		switch metricType {
 		case dto.MetricType_COUNTER:
 			if metric.Counter == nil {
 				return written, fmt.Errorf(
-					"expected counter in metric %s %s", compliantName, metric,
+					"expected counter in metric %s %s", name, metric,
 				)
 			}
+			// Note that we have ensured above that either the name
+			// ends on `_total` or that the rendered type is
+			// `unknown`. Therefore, no `_total` must be added here.
 			n, err = writeOpenMetricsSample(
-				w, compliantName, "", metric, "", 0,
+				w, name, "", metric, "", 0,
 				metric.Counter.GetValue(), 0, false,
 				metric.Counter.Exemplar,
 			)
-			if toOM.withCreatedLines && metric.Counter.CreatedTimestamp != nil {
-				createdTsBytesWritten, err = writeOpenMetricsCreated(w, compliantName, "_total", metric, "", 0, metric.Counter.GetCreatedTimestamp())
-				n += createdTsBytesWritten
-			}
 		case dto.MetricType_GAUGE:
 			if metric.Gauge == nil {
 				return written, fmt.Errorf(
-					"expected gauge in metric %s %s", compliantName, metric,
+					"expected gauge in metric %s %s", name, metric,
 				)
 			}
 			n, err = writeOpenMetricsSample(
-				w, compliantName, "", metric, "", 0,
+				w, name, "", metric, "", 0,
 				metric.Gauge.GetValue(), 0, false,
 				nil,
 			)
 		case dto.MetricType_UNTYPED:
 			if metric.Untyped == nil {
 				return written, fmt.Errorf(
-					"expected untyped in metric %s %s", compliantName, metric,
+					"expected untyped in metric %s %s", name, metric,
 				)
 			}
 			n, err = writeOpenMetricsSample(
-				w, compliantName, "", metric, "", 0,
+				w, name, "", metric, "", 0,
 				metric.Untyped.GetValue(), 0, false,
 				nil,
 			)
 		case dto.MetricType_SUMMARY:
 			if metric.Summary == nil {
 				return written, fmt.Errorf(
-					"expected summary in metric %s %s", compliantName, metric,
+					"expected summary in metric %s %s", name, metric,
 				)
 			}
 			for _, q := range metric.Summary.Quantile {
 				n, err = writeOpenMetricsSample(
-					w, compliantName, "", metric,
+					w, name, "", metric,
 					model.QuantileLabel, q.GetQuantile(),
 					q.GetValue(), 0, false,
 					nil,
@@ -309,7 +222,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E
 				}
 			}
 			n, err = writeOpenMetricsSample(
-				w, compliantName, "_sum", metric, "", 0,
+				w, name, "_sum", metric, "", 0,
 				metric.Summary.GetSampleSum(), 0, false,
 				nil,
 			)
@@ -318,24 +231,20 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E
 				return
 			}
 			n, err = writeOpenMetricsSample(
-				w, compliantName, "_count", metric, "", 0,
+				w, name, "_count", metric, "", 0,
 				0, metric.Summary.GetSampleCount(), true,
 				nil,
 			)
-			if toOM.withCreatedLines && metric.Summary.CreatedTimestamp != nil {
-				createdTsBytesWritten, err = writeOpenMetricsCreated(w, compliantName, "", metric, "", 0, metric.Summary.GetCreatedTimestamp())
-				n += createdTsBytesWritten
-			}
 		case dto.MetricType_HISTOGRAM:
 			if metric.Histogram == nil {
 				return written, fmt.Errorf(
-					"expected histogram in metric %s %s", compliantName, metric,
+					"expected histogram in metric %s %s", name, metric,
 				)
 			}
 			infSeen := false
 			for _, b := range metric.Histogram.Bucket {
 				n, err = writeOpenMetricsSample(
-					w, compliantName, "_bucket", metric,
+					w, name, "_bucket", metric,
 					model.BucketLabel, b.GetUpperBound(),
 					0, b.GetCumulativeCount(), true,
 					b.Exemplar,
@@ -350,7 +259,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E
 			}
 			if !infSeen {
 				n, err = writeOpenMetricsSample(
-					w, compliantName, "_bucket", metric,
+					w, name, "_bucket", metric,
 					model.BucketLabel, math.Inf(+1),
 					0, metric.Histogram.GetSampleCount(), true,
 					nil,
@@ -361,7 +270,7 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E
 				}
 			}
 			n, err = writeOpenMetricsSample(
-				w, compliantName, "_sum", metric, "", 0,
+				w, name, "_sum", metric, "", 0,
 				metric.Histogram.GetSampleSum(), 0, false,
 				nil,
 			)
@@ -370,17 +279,13 @@ func MetricFamilyToOpenMetrics(out io.Writer, in *dto.MetricFamily, options ...E
 				return
 			}
 			n, err = writeOpenMetricsSample(
-				w, compliantName, "_count", metric, "", 0,
+				w, name, "_count", metric, "", 0,
 				0, metric.Histogram.GetSampleCount(), true,
 				nil,
 			)
-			if toOM.withCreatedLines && metric.Histogram.CreatedTimestamp != nil {
-				createdTsBytesWritten, err = writeOpenMetricsCreated(w, compliantName, "", metric, "", 0, metric.Histogram.GetCreatedTimestamp())
-				n += createdTsBytesWritten
-			}
 		default:
 			return written, fmt.Errorf(
-				"unexpected type in metric %s %s", compliantName, metric,
+				"unexpected type in metric %s %s", name, metric,
 			)
 		}
 		written += n
@@ -445,7 +350,7 @@ func writeOpenMetricsSample(
 			return written, err
 		}
 	}
-	if exemplar != nil && len(exemplar.Label) > 0 {
+	if exemplar != nil {
 		n, err = writeExemplar(w, exemplar)
 		written += n
 		if err != nil {
@@ -568,49 +473,6 @@ func writeOpenMetricsNameAndLabelPairs(
 	return written, nil
 }
 
-// writeOpenMetricsCreated writes the created timestamp for a single time series
-// following OpenMetrics text format to w, given the metric name, the metric proto
-// message itself, optionally a suffix to be removed, e.g. '_total' for counters,
-// an additional label name with a float64 value (use empty string as label name if
-// not required) and the timestamp that represents the created timestamp.
-// The function returns the number of bytes written and any error encountered.
-func writeOpenMetricsCreated(w enhancedWriter,
-	name, suffixToTrim string, metric *dto.Metric,
-	additionalLabelName string, additionalLabelValue float64,
-	createdTimestamp *timestamppb.Timestamp,
-) (int, error) {
-	written := 0
-	n, err := writeOpenMetricsNameAndLabelPairs(
-		w, strings.TrimSuffix(name, suffixToTrim)+"_created", metric.Label, additionalLabelName, additionalLabelValue,
-	)
-	written += n
-	if err != nil {
-		return written, err
-	}
-
-	err = w.WriteByte(' ')
-	written++
-	if err != nil {
-		return written, err
-	}
-
-	// TODO(beorn7): Format this directly from components of ts to
-	// avoid overflow/underflow and precision issues of the float
-	// conversion.
-	n, err = writeOpenMetricsFloat(w, float64(createdTimestamp.AsTime().UnixNano())/1e9)
-	written += n
-	if err != nil {
-		return written, err
-	}
-
-	err = w.WriteByte('\n')
-	written++
-	if err != nil {
-		return written, err
-	}
-	return written, nil
-}
-
 // writeExemplar writes the provided exemplar in OpenMetrics format to w. The
 // function returns the number of bytes written and any error encountered.
 func writeExemplar(w enhancedWriter, e *dto.Exemplar) (int, error) {
diff --git a/vendor/github.com/munnerz/goautoneg/README.txt b/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/README.txt
similarity index 100%
rename from vendor/github.com/munnerz/goautoneg/README.txt
rename to vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/README.txt
diff --git a/vendor/github.com/munnerz/goautoneg/autoneg.go b/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go
similarity index 52%
rename from vendor/github.com/munnerz/goautoneg/autoneg.go
rename to vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go
index 1dd1cad64..a21b9d15d 100644
--- a/vendor/github.com/munnerz/goautoneg/autoneg.go
+++ b/vendor/github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg/autoneg.go
@@ -1,28 +1,28 @@
 /*
+Copyright (c) 2011, Open Knowledge Foundation Ltd.
+All rights reserved.
+
 HTTP Content-Type Autonegotiation.
 
 The functions in this package implement the behaviour specified in
 http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
 
-Copyright (c) 2011, Open Knowledge Foundation Ltd.
-All rights reserved.
-
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:
 
-    Redistributions of source code must retain the above copyright
-    notice, this list of conditions and the following disclaimer.
+	Redistributions of source code must retain the above copyright
+	notice, this list of conditions and the following disclaimer.
 
-    Redistributions in binary form must reproduce the above copyright
-    notice, this list of conditions and the following disclaimer in
-    the documentation and/or other materials provided with the
-    distribution.
+	Redistributions in binary form must reproduce the above copyright
+	notice, this list of conditions and the following disclaimer in
+	the documentation and/or other materials provided with the
+	distribution.
 
-    Neither the name of the Open Knowledge Foundation Ltd. nor the
-    names of its contributors may be used to endorse or promote
-    products derived from this software without specific prior written
-    permission.
+	Neither the name of the Open Knowledge Foundation Ltd. nor the
+	names of its contributors may be used to endorse or promote
+	products derived from this software without specific prior written
+	permission.
 
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
@@ -36,7 +36,6 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
-
 package goautoneg
 
 import (
@@ -52,14 +51,16 @@ type Accept struct {
 	Params        map[string]string
 }
 
-// acceptSlice is defined to implement sort interface.
-type acceptSlice []Accept
+// For internal use, so that we can use the sort interface
+type accept_slice []Accept
 
-func (slice acceptSlice) Len() int {
+func (accept accept_slice) Len() int {
+	slice := []Accept(accept)
 	return len(slice)
 }
 
-func (slice acceptSlice) Less(i, j int) bool {
+func (accept accept_slice) Less(i, j int) bool {
+	slice := []Accept(accept)
 	ai, aj := slice[i], slice[j]
 	if ai.Q > aj.Q {
 		return true
@@ -73,93 +74,63 @@ func (slice acceptSlice) Less(i, j int) bool {
 	return false
 }
 
-func (slice acceptSlice) Swap(i, j int) {
+func (accept accept_slice) Swap(i, j int) {
+	slice := []Accept(accept)
 	slice[i], slice[j] = slice[j], slice[i]
 }
 
-func stringTrimSpaceCutset(r rune) bool {
-	return r == ' '
-}
-
-func nextSplitElement(s, sep string) (item string, remaining string) {
-	if index := strings.Index(s, sep); index != -1 {
-		return s[:index], s[index+1:]
-	}
-	return s, ""
-}
-
 // Parse an Accept Header string returning a sorted list
 // of clauses
-func ParseAccept(header string) acceptSlice {
-	partsCount := 0
-	remaining := header
-	for len(remaining) > 0 {
-		partsCount++
-		_, remaining = nextSplitElement(remaining, ",")
-	}
-	accept := make(acceptSlice, 0, partsCount)
-
-	remaining = header
-	var part string
-	for len(remaining) > 0 {
-		part, remaining = nextSplitElement(remaining, ",")
-		part = strings.TrimFunc(part, stringTrimSpaceCutset)
+func ParseAccept(header string) (accept []Accept) {
+	parts := strings.Split(header, ",")
+	accept = make([]Accept, 0, len(parts))
+	for _, part := range parts {
+		part := strings.Trim(part, " ")
 
-		a := Accept{
-			Q: 1.0,
-		}
+		a := Accept{}
+		a.Params = make(map[string]string)
+		a.Q = 1.0
 
-		sp, remainingPart := nextSplitElement(part, ";")
+		mrp := strings.Split(part, ";")
 
-		sp0, spRemaining := nextSplitElement(sp, "/")
-		a.Type = strings.TrimFunc(sp0, stringTrimSpaceCutset)
+		media_range := mrp[0]
+		sp := strings.Split(media_range, "/")
+		a.Type = strings.Trim(sp[0], " ")
 
 		switch {
-		case len(spRemaining) == 0:
-			if a.Type == "*" {
-				a.SubType = "*"
-			} else {
-				continue
-			}
+		case len(sp) == 1 && a.Type == "*":
+			a.SubType = "*"
+		case len(sp) == 2:
+			a.SubType = strings.Trim(sp[1], " ")
 		default:
-			var sp1 string
-			sp1, spRemaining = nextSplitElement(spRemaining, "/")
-			if len(spRemaining) > 0 {
-				continue
-			}
-			a.SubType = strings.TrimFunc(sp1, stringTrimSpaceCutset)
+			continue
 		}
 
-		if len(remainingPart) == 0 {
+		if len(mrp) == 1 {
 			accept = append(accept, a)
 			continue
 		}
 
-		a.Params = make(map[string]string)
-		for len(remainingPart) > 0 {
-			sp, remainingPart = nextSplitElement(remainingPart, ";")
-			sp0, spRemaining = nextSplitElement(sp, "=")
-			if len(spRemaining) == 0 {
-				continue
-			}
-			var sp1 string
-			sp1, spRemaining = nextSplitElement(spRemaining, "=")
-			if len(spRemaining) != 0 {
+		for _, param := range mrp[1:] {
+			sp := strings.SplitN(param, "=", 2)
+			if len(sp) != 2 {
 				continue
 			}
-			token := strings.TrimFunc(sp0, stringTrimSpaceCutset)
+			token := strings.Trim(sp[0], " ")
 			if token == "q" {
-				a.Q, _ = strconv.ParseFloat(sp1, 32)
+				a.Q, _ = strconv.ParseFloat(sp[1], 32)
 			} else {
-				a.Params[token] = strings.TrimFunc(sp1, stringTrimSpaceCutset)
+				a.Params[token] = strings.Trim(sp[1], " ")
 			}
 		}
 
 		accept = append(accept, a)
 	}
 
-	sort.Sort(accept)
-	return accept
+	slice := accept_slice(accept)
+	sort.Sort(slice)
+
+	return
 }
 
 // Negotiate the most appropriate content_type given the accept header
diff --git a/vendor/github.com/prometheus/common/model/alert.go b/vendor/github.com/prometheus/common/model/alert.go
index 80d1fe944..178fdbaf6 100644
--- a/vendor/github.com/prometheus/common/model/alert.go
+++ b/vendor/github.com/prometheus/common/model/alert.go
@@ -75,12 +75,7 @@ func (a *Alert) ResolvedAt(ts time.Time) bool {
 
 // Status returns the status of the alert.
 func (a *Alert) Status() AlertStatus {
-	return a.StatusAt(time.Now())
-}
-
-// StatusAt returns the status of the alert at the given timestamp.
-func (a *Alert) StatusAt(ts time.Time) AlertStatus {
-	if a.ResolvedAt(ts) {
+	if a.Resolved() {
 		return AlertResolved
 	}
 	return AlertFiring
@@ -132,17 +127,6 @@ func (as Alerts) HasFiring() bool {
 	return false
 }
 
-// HasFiringAt returns true iff one of the alerts is not resolved
-// at the time ts.
-func (as Alerts) HasFiringAt(ts time.Time) bool {
-	for _, a := range as {
-		if !a.ResolvedAt(ts) {
-			return true
-		}
-	}
-	return false
-}
-
 // Status returns StatusFiring iff at least one of the alerts is firing.
 func (as Alerts) Status() AlertStatus {
 	if as.HasFiring() {
@@ -150,12 +134,3 @@ func (as Alerts) Status() AlertStatus {
 	}
 	return AlertResolved
 }
-
-// StatusAt returns StatusFiring iff at least one of the alerts is firing
-// at the time ts.
-func (as Alerts) StatusAt(ts time.Time) AlertStatus {
-	if as.HasFiringAt(ts) {
-		return AlertFiring
-	}
-	return AlertResolved
-}
diff --git a/vendor/github.com/prometheus/common/model/labelset.go b/vendor/github.com/prometheus/common/model/labelset.go
index d0ad88da3..6eda08a73 100644
--- a/vendor/github.com/prometheus/common/model/labelset.go
+++ b/vendor/github.com/prometheus/common/model/labelset.go
@@ -17,6 +17,7 @@ import (
 	"encoding/json"
 	"fmt"
 	"sort"
+	"strings"
 )
 
 // A LabelSet is a collection of LabelName and LabelValue pairs.  The LabelSet
@@ -128,6 +129,16 @@ func (l LabelSet) Merge(other LabelSet) LabelSet {
 	return result
 }
 
+func (l LabelSet) String() string {
+	lstrs := make([]string, 0, len(l))
+	for l, v := range l {
+		lstrs = append(lstrs, fmt.Sprintf("%s=%q", l, v))
+	}
+
+	sort.Strings(lstrs)
+	return fmt.Sprintf("{%s}", strings.Join(lstrs, ", "))
+}
+
 // Fingerprint returns the LabelSet's fingerprint.
 func (ls LabelSet) Fingerprint() Fingerprint {
 	return labelSetToFingerprint(ls)
diff --git a/vendor/github.com/prometheus/common/model/labelset_string.go b/vendor/github.com/prometheus/common/model/labelset_string.go
deleted file mode 100644
index 481c47b46..000000000
--- a/vendor/github.com/prometheus/common/model/labelset_string.go
+++ /dev/null
@@ -1,45 +0,0 @@
-// Copyright 2024 The Prometheus Authors
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//go:build go1.21
-
-package model
-
-import (
-	"bytes"
-	"slices"
-	"strconv"
-)
-
-// String will look like `{foo="bar", more="less"}`. Names are sorted alphabetically.
-func (l LabelSet) String() string {
-	var lna [32]string // On stack to avoid memory allocation for sorting names.
-	labelNames := lna[:0]
-	for name := range l {
-		labelNames = append(labelNames, string(name))
-	}
-	slices.Sort(labelNames)
-	var bytea [1024]byte // On stack to avoid memory allocation while building the output.
-	b := bytes.NewBuffer(bytea[:0])
-	b.WriteByte('{')
-	for i, name := range labelNames {
-		if i > 0 {
-			b.WriteString(", ")
-		}
-		b.WriteString(name)
-		b.WriteByte('=')
-		b.Write(strconv.AppendQuote(b.AvailableBuffer(), string(l[LabelName(name)])))
-	}
-	b.WriteByte('}')
-	return b.String()
-}
diff --git a/vendor/github.com/prometheus/common/model/labelset_string_go120.go b/vendor/github.com/prometheus/common/model/labelset_string_go120.go
deleted file mode 100644
index c4212685e..000000000
--- a/vendor/github.com/prometheus/common/model/labelset_string_go120.go
+++ /dev/null
@@ -1,39 +0,0 @@
-// Copyright 2024 The Prometheus Authors
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//go:build !go1.21
-
-package model
-
-import (
-	"fmt"
-	"sort"
-	"strings"
-)
-
-// String was optimized using functions not available for go 1.20
-// or lower. We keep the old implementation for compatibility with client_golang.
-// Once client golang drops support for go 1.20 (scheduled for August 2024), this
-// file can be removed.
-func (l LabelSet) String() string {
-	labelNames := make([]string, 0, len(l))
-	for name := range l {
-		labelNames = append(labelNames, string(name))
-	}
-	sort.Strings(labelNames)
-	lstrs := make([]string, 0, len(l))
-	for _, name := range labelNames {
-		lstrs = append(lstrs, fmt.Sprintf("%s=%q", name, l[LabelName(name)]))
-	}
-	return fmt.Sprintf("{%s}", strings.Join(lstrs, ", "))
-}
diff --git a/vendor/github.com/prometheus/common/model/metric.go b/vendor/github.com/prometheus/common/model/metric.go
index eb865e5a5..0bd29b3a3 100644
--- a/vendor/github.com/prometheus/common/model/metric.go
+++ b/vendor/github.com/prometheus/common/model/metric.go
@@ -204,7 +204,6 @@ func EscapeMetricFamily(v *dto.MetricFamily, scheme EscapingScheme) *dto.MetricF
 	out := &dto.MetricFamily{
 		Help: v.Help,
 		Type: v.Type,
-		Unit: v.Unit,
 	}
 
 	// If the name is nil, copy as-is, don't try to escape.
diff --git a/vendor/github.com/prometheus/procfs/.golangci.yml b/vendor/github.com/prometheus/procfs/.golangci.yml
index 126df9e67..c24864a92 100644
--- a/vendor/github.com/prometheus/procfs/.golangci.yml
+++ b/vendor/github.com/prometheus/procfs/.golangci.yml
@@ -1,16 +1,9 @@
 ---
 linters:
   enable:
-  - errcheck
   - godot
-  - gosimple
-  - govet
-  - ineffassign
   - misspell
   - revive
-  - staticcheck
-  - testifylint
-  - unused
 
 linter-settings:
   godot:
diff --git a/vendor/github.com/prometheus/procfs/MAINTAINERS.md b/vendor/github.com/prometheus/procfs/MAINTAINERS.md
index e00f3b365..56ba67d3e 100644
--- a/vendor/github.com/prometheus/procfs/MAINTAINERS.md
+++ b/vendor/github.com/prometheus/procfs/MAINTAINERS.md
@@ -1,3 +1,2 @@
 * Johannes 'fish' Ziemke  @discordianfish
-* Paul Gier  @pgier
-* Ben Kochie  @SuperQ
+* Paul Gier  @pgier
diff --git a/vendor/github.com/prometheus/procfs/Makefile.common b/vendor/github.com/prometheus/procfs/Makefile.common
index 161729235..062a28185 100644
--- a/vendor/github.com/prometheus/procfs/Makefile.common
+++ b/vendor/github.com/prometheus/procfs/Makefile.common
@@ -49,23 +49,23 @@ endif
 GOTEST := $(GO) test
 GOTEST_DIR :=
 ifneq ($(CIRCLE_JOB),)
-ifneq ($(shell command -v gotestsum 2> /dev/null),)
+ifneq ($(shell command -v gotestsum > /dev/null),)
 	GOTEST_DIR := test-results
 	GOTEST := gotestsum --junitfile $(GOTEST_DIR)/unit-tests.xml --
 endif
 endif
 
-PROMU_VERSION ?= 0.17.0
+PROMU_VERSION ?= 0.15.0
 PROMU_URL     := https://github.com/prometheus/promu/releases/download/v$(PROMU_VERSION)/promu-$(PROMU_VERSION).$(GO_BUILD_PLATFORM).tar.gz
 
 SKIP_GOLANGCI_LINT :=
 GOLANGCI_LINT :=
 GOLANGCI_LINT_OPTS ?=
-GOLANGCI_LINT_VERSION ?= v1.59.0
-# golangci-lint only supports linux, darwin and windows platforms on i386/amd64/arm64.
+GOLANGCI_LINT_VERSION ?= v1.54.2
+# golangci-lint only supports linux, darwin and windows platforms on i386/amd64.
 # windows isn't included here because of the path separator being different.
 ifeq ($(GOHOSTOS),$(filter $(GOHOSTOS),linux darwin))
-	ifeq ($(GOHOSTARCH),$(filter $(GOHOSTARCH),amd64 i386 arm64))
+	ifeq ($(GOHOSTARCH),$(filter $(GOHOSTARCH),amd64 i386))
 		# If we're in CI and there is an Actions file, that means the linter
 		# is being run in Actions, so we don't need to run it here.
 		ifneq (,$(SKIP_GOLANGCI_LINT))
@@ -169,20 +169,16 @@ common-vet:
 common-lint: $(GOLANGCI_LINT)
 ifdef GOLANGCI_LINT
 	@echo ">> running golangci-lint"
+# 'go list' needs to be executed before staticcheck to prepopulate the modules cache.
+# Otherwise staticcheck might fail randomly for some reason not yet explained.
+	$(GO) list -e -compiled -test=true -export=false -deps=true -find=false -tags= -- ./... > /dev/null
 	$(GOLANGCI_LINT) run $(GOLANGCI_LINT_OPTS) $(pkgs)
 endif
 
-.PHONY: common-lint-fix
-common-lint-fix: $(GOLANGCI_LINT)
-ifdef GOLANGCI_LINT
-	@echo ">> running golangci-lint fix"
-	$(GOLANGCI_LINT) run --fix $(GOLANGCI_LINT_OPTS) $(pkgs)
-endif
-
 .PHONY: common-yamllint
 common-yamllint:
 	@echo ">> running yamllint on all YAML files in the repository"
-ifeq (, $(shell command -v yamllint 2> /dev/null))
+ifeq (, $(shell command -v yamllint > /dev/null))
 	@echo "yamllint not installed so skipping"
 else
 	yamllint .
@@ -208,10 +204,6 @@ common-tarball: promu
 	@echo ">> building release tarball"
 	$(PROMU) tarball --prefix $(PREFIX) $(BIN_DIR)
 
-.PHONY: common-docker-repo-name
-common-docker-repo-name:
-	@echo "$(DOCKER_REPO)/$(DOCKER_IMAGE_NAME)"
-
 .PHONY: common-docker $(BUILD_DOCKER_ARCHS)
 common-docker: $(BUILD_DOCKER_ARCHS)
 $(BUILD_DOCKER_ARCHS): common-docker-%:
diff --git a/vendor/github.com/prometheus/procfs/arp.go b/vendor/github.com/prometheus/procfs/arp.go
index cdcc8a7cc..28783e2dd 100644
--- a/vendor/github.com/prometheus/procfs/arp.go
+++ b/vendor/github.com/prometheus/procfs/arp.go
@@ -55,7 +55,7 @@ type ARPEntry struct {
 func (fs FS) GatherARPEntries() ([]ARPEntry, error) {
 	data, err := os.ReadFile(fs.proc.Path("net/arp"))
 	if err != nil {
-		return nil, fmt.Errorf("%w: error reading arp %s: %w", ErrFileRead, fs.proc.Path("net/arp"), err)
+		return nil, fmt.Errorf("%s: error reading arp %s: %w", ErrFileRead, fs.proc.Path("net/arp"), err)
 	}
 
 	return parseARPEntries(data)
@@ -78,11 +78,11 @@ func parseARPEntries(data []byte) ([]ARPEntry, error) {
 		} else if width == expectedDataWidth {
 			entry, err := parseARPEntry(columns)
 			if err != nil {
-				return []ARPEntry{}, fmt.Errorf("%w: Failed to parse ARP entry: %v: %w", ErrFileParse, entry, err)
+				return []ARPEntry{}, fmt.Errorf("%s: Failed to parse ARP entry: %v: %w", ErrFileParse, entry, err)
 			}
 			entries = append(entries, entry)
 		} else {
-			return []ARPEntry{}, fmt.Errorf("%w: %d columns found, but expected %d: %w", ErrFileParse, width, expectedDataWidth, err)
+			return []ARPEntry{}, fmt.Errorf("%s: %d columns found, but expected %d: %w", ErrFileParse, width, expectedDataWidth, err)
 		}
 
 	}
diff --git a/vendor/github.com/prometheus/procfs/buddyinfo.go b/vendor/github.com/prometheus/procfs/buddyinfo.go
index 838075009..4a173636c 100644
--- a/vendor/github.com/prometheus/procfs/buddyinfo.go
+++ b/vendor/github.com/prometheus/procfs/buddyinfo.go
@@ -58,8 +58,8 @@ func parseBuddyInfo(r io.Reader) ([]BuddyInfo, error) {
 			return nil, fmt.Errorf("%w: Invalid number of fields, found: %v", ErrFileParse, parts)
 		}
 
-		node := strings.TrimSuffix(parts[1], ",")
-		zone := strings.TrimSuffix(parts[3], ",")
+		node := strings.TrimRight(parts[1], ",")
+		zone := strings.TrimRight(parts[3], ",")
 		arraySize := len(parts[4:])
 
 		if bucketCount == -1 {
@@ -74,7 +74,7 @@ func parseBuddyInfo(r io.Reader) ([]BuddyInfo, error) {
 		for i := 0; i < arraySize; i++ {
 			sizes[i], err = strconv.ParseFloat(parts[i+4], 64)
 			if err != nil {
-				return nil, fmt.Errorf("%w: Invalid valid in buddyinfo: %f: %w", ErrFileParse, sizes[i], err)
+				return nil, fmt.Errorf("%s: Invalid valid in buddyinfo: %f: %w", ErrFileParse, sizes[i], err)
 			}
 		}
 
diff --git a/vendor/github.com/prometheus/procfs/cpuinfo.go b/vendor/github.com/prometheus/procfs/cpuinfo.go
index f0950bb49..f4f5501c6 100644
--- a/vendor/github.com/prometheus/procfs/cpuinfo.go
+++ b/vendor/github.com/prometheus/procfs/cpuinfo.go
@@ -194,7 +194,7 @@ func parseCPUInfoARM(info []byte) ([]CPUInfo, error) {
 	firstLine := firstNonEmptyLine(scanner)
 	match, err := regexp.MatchString("^[Pp]rocessor", firstLine)
 	if !match || !strings.Contains(firstLine, ":") {
-		return nil, fmt.Errorf("%w: Cannot parse line: %q: %w", ErrFileParse, firstLine, err)
+		return nil, fmt.Errorf("%s: Cannot parse line: %q: %w", ErrFileParse, firstLine, err)
 
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
@@ -386,7 +386,7 @@ func parseCPUInfoLoong(info []byte) ([]CPUInfo, error) {
 	// find the first "processor" line
 	firstLine := firstNonEmptyLine(scanner)
 	if !strings.HasPrefix(firstLine, "system type") || !strings.Contains(firstLine, ":") {
-		return nil, fmt.Errorf("%w: %q", ErrFileParse, firstLine)
+		return nil, errors.New("invalid cpuinfo file: " + firstLine)
 	}
 	field := strings.SplitN(firstLine, ": ", 2)
 	cpuinfo := []CPUInfo{}
diff --git a/vendor/github.com/prometheus/procfs/crypto.go b/vendor/github.com/prometheus/procfs/crypto.go
index 5f2a37a78..9a73e2639 100644
--- a/vendor/github.com/prometheus/procfs/crypto.go
+++ b/vendor/github.com/prometheus/procfs/crypto.go
@@ -55,13 +55,13 @@ func (fs FS) Crypto() ([]Crypto, error) {
 	path := fs.proc.Path("crypto")
 	b, err := util.ReadFileNoStat(path)
 	if err != nil {
-		return nil, fmt.Errorf("%w: Cannot read file %v: %w", ErrFileRead, b, err)
+		return nil, fmt.Errorf("%s: Cannot read file %v: %w", ErrFileRead, b, err)
 
 	}
 
 	crypto, err := parseCrypto(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse %v: %w", ErrFileParse, crypto, err)
+		return nil, fmt.Errorf("%s: Cannot parse %v: %w", ErrFileParse, crypto, err)
 	}
 
 	return crypto, nil
@@ -84,7 +84,7 @@ func parseCrypto(r io.Reader) ([]Crypto, error) {
 
 		kv := strings.Split(text, ":")
 		if len(kv) != 2 {
-			return nil, fmt.Errorf("%w: Cannot parse line: %q", ErrFileParse, text)
+			return nil, fmt.Errorf("%w: Cannot parae line: %q", ErrFileParse, text)
 		}
 
 		k := strings.TrimSpace(kv[0])
diff --git a/vendor/github.com/prometheus/procfs/fscache.go b/vendor/github.com/prometheus/procfs/fscache.go
index cf2e3eaa0..f560a8db3 100644
--- a/vendor/github.com/prometheus/procfs/fscache.go
+++ b/vendor/github.com/prometheus/procfs/fscache.go
@@ -236,7 +236,7 @@ func (fs FS) Fscacheinfo() (Fscacheinfo, error) {
 
 	m, err := parseFscacheinfo(bytes.NewReader(b))
 	if err != nil {
-		return Fscacheinfo{}, fmt.Errorf("%w: Cannot parse %v: %w", ErrFileParse, m, err)
+		return Fscacheinfo{}, fmt.Errorf("%s: Cannot parse %v: %w", ErrFileParse, m, err)
 	}
 
 	return *m, nil
@@ -245,7 +245,7 @@ func (fs FS) Fscacheinfo() (Fscacheinfo, error) {
 func setFSCacheFields(fields []string, setFields ...*uint64) error {
 	var err error
 	if len(fields) < len(setFields) {
-		return fmt.Errorf("%w: Expected %d, but got %d: %w", ErrFileParse, len(setFields), len(fields), err)
+		return fmt.Errorf("%s: Expected %d, but got %d: %w", ErrFileParse, len(setFields), len(fields), err)
 	}
 
 	for i := range setFields {
diff --git a/vendor/github.com/prometheus/procfs/ipvs.go b/vendor/github.com/prometheus/procfs/ipvs.go
index bc3a20c93..5a145bbfe 100644
--- a/vendor/github.com/prometheus/procfs/ipvs.go
+++ b/vendor/github.com/prometheus/procfs/ipvs.go
@@ -221,16 +221,16 @@ func parseIPPort(s string) (net.IP, uint16, error) {
 	case 46:
 		ip = net.ParseIP(s[1:40])
 		if ip == nil {
-			return nil, 0, fmt.Errorf("%w: Invalid IPv6 addr %s: %w", ErrFileParse, s[1:40], err)
+			return nil, 0, fmt.Errorf("%s: Invalid IPv6 addr %s: %w", ErrFileParse, s[1:40], err)
 		}
 	default:
-		return nil, 0, fmt.Errorf("%w: Unexpected IP:Port %s: %w", ErrFileParse, s, err)
+		return nil, 0, fmt.Errorf("%s: Unexpected IP:Port %s: %w", ErrFileParse, s, err)
 	}
 
 	portString := s[len(s)-4:]
 	if len(portString) != 4 {
 		return nil, 0,
-			fmt.Errorf("%w: Unexpected port string format %s: %w", ErrFileParse, portString, err)
+			fmt.Errorf("%s: Unexpected port string format %s: %w", ErrFileParse, portString, err)
 	}
 	port, err := strconv.ParseUint(portString, 16, 16)
 	if err != nil {
diff --git a/vendor/github.com/prometheus/procfs/loadavg.go b/vendor/github.com/prometheus/procfs/loadavg.go
index 332e76c17..59465c5bb 100644
--- a/vendor/github.com/prometheus/procfs/loadavg.go
+++ b/vendor/github.com/prometheus/procfs/loadavg.go
@@ -51,7 +51,7 @@ func parseLoad(loadavgBytes []byte) (*LoadAvg, error) {
 	for i, load := range parts[0:3] {
 		loads[i], err = strconv.ParseFloat(load, 64)
 		if err != nil {
-			return nil, fmt.Errorf("%w: Cannot parse load: %f: %w", ErrFileParse, loads[i], err)
+			return nil, fmt.Errorf("%s: Cannot parse load: %f: %w", ErrFileParse, loads[i], err)
 		}
 	}
 	return &LoadAvg{
diff --git a/vendor/github.com/prometheus/procfs/mdstat.go b/vendor/github.com/prometheus/procfs/mdstat.go
index 67a9d2b44..fdd4b9544 100644
--- a/vendor/github.com/prometheus/procfs/mdstat.go
+++ b/vendor/github.com/prometheus/procfs/mdstat.go
@@ -23,7 +23,7 @@ import (
 
 var (
 	statusLineRE         = regexp.MustCompile(`(\d+) blocks .*\[(\d+)/(\d+)\] \[([U_]+)\]`)
-	recoveryLineBlocksRE = regexp.MustCompile(`\((\d+/\d+)\)`)
+	recoveryLineBlocksRE = regexp.MustCompile(`\((\d+)/\d+\)`)
 	recoveryLinePctRE    = regexp.MustCompile(`= (.+)%`)
 	recoveryLineFinishRE = regexp.MustCompile(`finish=(.+)min`)
 	recoveryLineSpeedRE  = regexp.MustCompile(`speed=(.+)[A-Z]`)
@@ -50,8 +50,6 @@ type MDStat struct {
 	BlocksTotal int64
 	// Number of blocks on the device that are in sync.
 	BlocksSynced int64
-	// Number of blocks on the device that need to be synced.
-	BlocksToBeSynced int64
 	// progress percentage of current sync
 	BlocksSyncedPct float64
 	// estimated finishing time for current sync (in minutes)
@@ -72,7 +70,7 @@ func (fs FS) MDStat() ([]MDStat, error) {
 	}
 	mdstat, err := parseMDStat(data)
 	if err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse %v: %w", ErrFileParse, fs.proc.Path("mdstat"), err)
+		return nil, fmt.Errorf("%s: Cannot parse %v: %w", ErrFileParse, fs.proc.Path("mdstat"), err)
 	}
 	return mdstat, nil
 }
@@ -92,7 +90,7 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 
 		deviceFields := strings.Fields(line)
 		if len(deviceFields) < 3 {
-			return nil, fmt.Errorf("%w: Expected 3+ lines, got %q", ErrFileParse, line)
+			return nil, fmt.Errorf("%s: Expected 3+ lines, got %q", ErrFileParse, line)
 		}
 		mdName := deviceFields[0] // mdx
 		state := deviceFields[2]  // active or inactive
@@ -107,7 +105,7 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 		active, total, down, size, err := evalStatusLine(lines[i], lines[i+1])
 
 		if err != nil {
-			return nil, fmt.Errorf("%w: Cannot parse md device lines: %v: %w", ErrFileParse, active, err)
+			return nil, fmt.Errorf("%s: Cannot parse md device lines: %v: %w", ErrFileParse, active, err)
 		}
 
 		syncLineIdx := i + 2
@@ -117,8 +115,7 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 
 		// If device is syncing at the moment, get the number of currently
 		// synced bytes, otherwise that number equals the size of the device.
-		blocksSynced := size
-		blocksToBeSynced := size
+		syncedBlocks := size
 		speed := float64(0)
 		finish := float64(0)
 		pct := float64(0)
@@ -139,11 +136,11 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 			// Handle case when resync=PENDING or resync=DELAYED.
 			if strings.Contains(lines[syncLineIdx], "PENDING") ||
 				strings.Contains(lines[syncLineIdx], "DELAYED") {
-				blocksSynced = 0
+				syncedBlocks = 0
 			} else {
-				blocksSynced, blocksToBeSynced, pct, finish, speed, err = evalRecoveryLine(lines[syncLineIdx])
+				syncedBlocks, pct, finish, speed, err = evalRecoveryLine(lines[syncLineIdx])
 				if err != nil {
-					return nil, fmt.Errorf("%w: Cannot parse sync line in md device: %q: %w", ErrFileParse, mdName, err)
+					return nil, fmt.Errorf("%s: Cannot parse sync line in md device: %q: %w", ErrFileParse, mdName, err)
 				}
 			}
 		}
@@ -157,8 +154,7 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 			DisksSpare:             spare,
 			DisksTotal:             total,
 			BlocksTotal:            size,
-			BlocksSynced:           blocksSynced,
-			BlocksToBeSynced:       blocksToBeSynced,
+			BlocksSynced:           syncedBlocks,
 			BlocksSyncedPct:        pct,
 			BlocksSyncedFinishTime: finish,
 			BlocksSyncedSpeed:      speed,
@@ -172,13 +168,13 @@ func parseMDStat(mdStatData []byte) ([]MDStat, error) {
 func evalStatusLine(deviceLine, statusLine string) (active, total, down, size int64, err error) {
 	statusFields := strings.Fields(statusLine)
 	if len(statusFields) < 1 {
-		return 0, 0, 0, 0, fmt.Errorf("%w: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
 	}
 
 	sizeStr := statusFields[0]
 	size, err = strconv.ParseInt(sizeStr, 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("%w: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
 	}
 
 	if strings.Contains(deviceLine, "raid0") || strings.Contains(deviceLine, "linear") {
@@ -193,71 +189,65 @@ func evalStatusLine(deviceLine, statusLine string) (active, total, down, size in
 
 	matches := statusLineRE.FindStringSubmatch(statusLine)
 	if len(matches) != 5 {
-		return 0, 0, 0, 0, fmt.Errorf("%w: Could not fild all substring matches %s: %w", ErrFileParse, statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Could not fild all substring matches %s: %w", ErrFileParse, statusLine, err)
 	}
 
 	total, err = strconv.ParseInt(matches[2], 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("%w: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected statusline %q: %w", ErrFileParse, statusLine, err)
 	}
 
 	active, err = strconv.ParseInt(matches[3], 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, fmt.Errorf("%w: Unexpected active %d: %w", ErrFileParse, active, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected active %d: %w", ErrFileParse, active, err)
 	}
 	down = int64(strings.Count(matches[4], "_"))
 
 	return active, total, down, size, nil
 }
 
-func evalRecoveryLine(recoveryLine string) (blocksSynced int64, blocksToBeSynced int64, pct float64, finish float64, speed float64, err error) {
+func evalRecoveryLine(recoveryLine string) (syncedBlocks int64, pct float64, finish float64, speed float64, err error) {
 	matches := recoveryLineBlocksRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return 0, 0, 0, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine blocks %s: %w", ErrFileParse, recoveryLine, err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected recoveryLine %s: %w", ErrFileParse, recoveryLine, err)
 	}
 
-	blocks := strings.Split(matches[1], "/")
-	blocksSynced, err = strconv.ParseInt(blocks[0], 10, 64)
+	syncedBlocks, err = strconv.ParseInt(matches[1], 10, 64)
 	if err != nil {
-		return 0, 0, 0, 0, 0, fmt.Errorf("%w: Unable to parse recovery blocks synced %q: %w", ErrFileParse, matches[1], err)
-	}
-
-	blocksToBeSynced, err = strconv.ParseInt(blocks[1], 10, 64)
-	if err != nil {
-		return blocksSynced, 0, 0, 0, 0, fmt.Errorf("%w: Unable to parse recovery to be synced blocks %q: %w", ErrFileParse, matches[2], err)
+		return 0, 0, 0, 0, fmt.Errorf("%s: Unexpected parsing of recoveryLine %q: %w", ErrFileParse, recoveryLine, err)
 	}
 
 	// Get percentage complete
 	matches = recoveryLinePctRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return blocksSynced, blocksToBeSynced, 0, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching percentage %s", ErrFileParse, recoveryLine)
+		return syncedBlocks, 0, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching percentage %s", ErrFileParse, recoveryLine)
 	}
 	pct, err = strconv.ParseFloat(strings.TrimSpace(matches[1]), 64)
 	if err != nil {
-		return blocksSynced, blocksToBeSynced, 0, 0, 0, fmt.Errorf("%w: Error parsing float from recoveryLine %q", ErrFileParse, recoveryLine)
+		return syncedBlocks, 0, 0, 0, fmt.Errorf("%w: Error parsing float from recoveryLine %q", ErrFileParse, recoveryLine)
 	}
 
 	// Get time expected left to complete
 	matches = recoveryLineFinishRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return blocksSynced, blocksToBeSynced, pct, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching est. finish time: %s", ErrFileParse, recoveryLine)
+		return syncedBlocks, pct, 0, 0, fmt.Errorf("%w: Unexpected recoveryLine matching est. finish time: %s", ErrFileParse, recoveryLine)
 	}
 	finish, err = strconv.ParseFloat(matches[1], 64)
 	if err != nil {
-		return blocksSynced, blocksToBeSynced, pct, 0, 0, fmt.Errorf("%w: Unable to parse float from recoveryLine: %q", ErrFileParse, recoveryLine)
+		return syncedBlocks, pct, 0, 0, fmt.Errorf("%w: Unable to parse float from recoveryLine: %q", ErrFileParse, recoveryLine)
 	}
 
 	// Get recovery speed
 	matches = recoveryLineSpeedRE.FindStringSubmatch(recoveryLine)
 	if len(matches) != 2 {
-		return blocksSynced, blocksToBeSynced, pct, finish, 0, fmt.Errorf("%w: Unexpected recoveryLine value: %s", ErrFileParse, recoveryLine)
+		return syncedBlocks, pct, finish, 0, fmt.Errorf("%w: Unexpected recoveryLine value: %s", ErrFileParse, recoveryLine)
 	}
 	speed, err = strconv.ParseFloat(matches[1], 64)
 	if err != nil {
-		return blocksSynced, blocksToBeSynced, pct, finish, 0, fmt.Errorf("%w: Error parsing float from recoveryLine: %q: %w", ErrFileParse, recoveryLine, err)
+		return syncedBlocks, pct, finish, 0, fmt.Errorf("%s: Error parsing float from recoveryLine: %q: %w", ErrFileParse, recoveryLine, err)
 	}
 
-	return blocksSynced, blocksToBeSynced, pct, finish, speed, nil
+	return syncedBlocks, pct, finish, speed, nil
 }
 
 func evalComponentDevices(deviceFields []string) []string {
diff --git a/vendor/github.com/prometheus/procfs/meminfo.go b/vendor/github.com/prometheus/procfs/meminfo.go
index 4b2c4050a..eaf00e224 100644
--- a/vendor/github.com/prometheus/procfs/meminfo.go
+++ b/vendor/github.com/prometheus/procfs/meminfo.go
@@ -126,7 +126,6 @@ type Meminfo struct {
 	VmallocUsed *uint64
 	// largest contiguous block of vmalloc area which is free
 	VmallocChunk      *uint64
-	Percpu            *uint64
 	HardwareCorrupted *uint64
 	AnonHugePages     *uint64
 	ShmemHugePages    *uint64
@@ -141,55 +140,6 @@ type Meminfo struct {
 	DirectMap4k       *uint64
 	DirectMap2M       *uint64
 	DirectMap1G       *uint64
-
-	// The struct fields below are the byte-normalized counterparts to the
-	// existing struct fields. Values are normalized using the optional
-	// unit field in the meminfo line.
-	MemTotalBytes          *uint64
-	MemFreeBytes           *uint64
-	MemAvailableBytes      *uint64
-	BuffersBytes           *uint64
-	CachedBytes            *uint64
-	SwapCachedBytes        *uint64
-	ActiveBytes            *uint64
-	InactiveBytes          *uint64
-	ActiveAnonBytes        *uint64
-	InactiveAnonBytes      *uint64
-	ActiveFileBytes        *uint64
-	InactiveFileBytes      *uint64
-	UnevictableBytes       *uint64
-	MlockedBytes           *uint64
-	SwapTotalBytes         *uint64
-	SwapFreeBytes          *uint64
-	DirtyBytes             *uint64
-	WritebackBytes         *uint64
-	AnonPagesBytes         *uint64
-	MappedBytes            *uint64
-	ShmemBytes             *uint64
-	SlabBytes              *uint64
-	SReclaimableBytes      *uint64
-	SUnreclaimBytes        *uint64
-	KernelStackBytes       *uint64
-	PageTablesBytes        *uint64
-	NFSUnstableBytes       *uint64
-	BounceBytes            *uint64
-	WritebackTmpBytes      *uint64
-	CommitLimitBytes       *uint64
-	CommittedASBytes       *uint64
-	VmallocTotalBytes      *uint64
-	VmallocUsedBytes       *uint64
-	VmallocChunkBytes      *uint64
-	PercpuBytes            *uint64
-	HardwareCorruptedBytes *uint64
-	AnonHugePagesBytes     *uint64
-	ShmemHugePagesBytes    *uint64
-	ShmemPmdMappedBytes    *uint64
-	CmaTotalBytes          *uint64
-	CmaFreeBytes           *uint64
-	HugepagesizeBytes      *uint64
-	DirectMap4kBytes       *uint64
-	DirectMap2MBytes       *uint64
-	DirectMap1GBytes       *uint64
 }
 
 // Meminfo returns an information about current kernel/system memory statistics.
@@ -202,7 +152,7 @@ func (fs FS) Meminfo() (Meminfo, error) {
 
 	m, err := parseMemInfo(bytes.NewReader(b))
 	if err != nil {
-		return Meminfo{}, fmt.Errorf("%w: %w", ErrFileParse, err)
+		return Meminfo{}, fmt.Errorf("%s: %w", ErrFileParse, err)
 	}
 
 	return *m, nil
@@ -212,176 +162,114 @@ func parseMemInfo(r io.Reader) (*Meminfo, error) {
 	var m Meminfo
 	s := bufio.NewScanner(r)
 	for s.Scan() {
+		// Each line has at least a name and value; we ignore the unit.
 		fields := strings.Fields(s.Text())
-		var val, valBytes uint64
+		if len(fields) < 2 {
+			return nil, fmt.Errorf("%w: Malformed line %q", ErrFileParse, s.Text())
+		}
 
-		val, err := strconv.ParseUint(fields[1], 0, 64)
+		v, err := strconv.ParseUint(fields[1], 0, 64)
 		if err != nil {
 			return nil, err
 		}
 
-		switch len(fields) {
-		case 2:
-			// No unit present, use the parsed the value as bytes directly.
-			valBytes = val
-		case 3:
-			// Unit present in optional 3rd field, convert it to
-			// bytes. The only unit supported within the Linux
-			// kernel is `kB`.
-			if fields[2] != "kB" {
-				return nil, fmt.Errorf("%w: Unsupported unit in optional 3rd field %q", ErrFileParse, fields[2])
-			}
-
-			valBytes = 1024 * val
-
-		default:
-			return nil, fmt.Errorf("%w: Malformed line %q", ErrFileParse, s.Text())
-		}
-
 		switch fields[0] {
 		case "MemTotal:":
-			m.MemTotal = &val
-			m.MemTotalBytes = &valBytes
+			m.MemTotal = &v
 		case "MemFree:":
-			m.MemFree = &val
-			m.MemFreeBytes = &valBytes
+			m.MemFree = &v
 		case "MemAvailable:":
-			m.MemAvailable = &val
-			m.MemAvailableBytes = &valBytes
+			m.MemAvailable = &v
 		case "Buffers:":
-			m.Buffers = &val
-			m.BuffersBytes = &valBytes
+			m.Buffers = &v
 		case "Cached:":
-			m.Cached = &val
-			m.CachedBytes = &valBytes
+			m.Cached = &v
 		case "SwapCached:":
-			m.SwapCached = &val
-			m.SwapCachedBytes = &valBytes
+			m.SwapCached = &v
 		case "Active:":
-			m.Active = &val
-			m.ActiveBytes = &valBytes
+			m.Active = &v
 		case "Inactive:":
-			m.Inactive = &val
-			m.InactiveBytes = &valBytes
+			m.Inactive = &v
 		case "Active(anon):":
-			m.ActiveAnon = &val
-			m.ActiveAnonBytes = &valBytes
+			m.ActiveAnon = &v
 		case "Inactive(anon):":
-			m.InactiveAnon = &val
-			m.InactiveAnonBytes = &valBytes
+			m.InactiveAnon = &v
 		case "Active(file):":
-			m.ActiveFile = &val
-			m.ActiveFileBytes = &valBytes
+			m.ActiveFile = &v
 		case "Inactive(file):":
-			m.InactiveFile = &val
-			m.InactiveFileBytes = &valBytes
+			m.InactiveFile = &v
 		case "Unevictable:":
-			m.Unevictable = &val
-			m.UnevictableBytes = &valBytes
+			m.Unevictable = &v
 		case "Mlocked:":
-			m.Mlocked = &val
-			m.MlockedBytes = &valBytes
+			m.Mlocked = &v
 		case "SwapTotal:":
-			m.SwapTotal = &val
-			m.SwapTotalBytes = &valBytes
+			m.SwapTotal = &v
 		case "SwapFree:":
-			m.SwapFree = &val
-			m.SwapFreeBytes = &valBytes
+			m.SwapFree = &v
 		case "Dirty:":
-			m.Dirty = &val
-			m.DirtyBytes = &valBytes
+			m.Dirty = &v
 		case "Writeback:":
-			m.Writeback = &val
-			m.WritebackBytes = &valBytes
+			m.Writeback = &v
 		case "AnonPages:":
-			m.AnonPages = &val
-			m.AnonPagesBytes = &valBytes
+			m.AnonPages = &v
 		case "Mapped:":
-			m.Mapped = &val
-			m.MappedBytes = &valBytes
+			m.Mapped = &v
 		case "Shmem:":
-			m.Shmem = &val
-			m.ShmemBytes = &valBytes
+			m.Shmem = &v
 		case "Slab:":
-			m.Slab = &val
-			m.SlabBytes = &valBytes
+			m.Slab = &v
 		case "SReclaimable:":
-			m.SReclaimable = &val
-			m.SReclaimableBytes = &valBytes
+			m.SReclaimable = &v
 		case "SUnreclaim:":
-			m.SUnreclaim = &val
-			m.SUnreclaimBytes = &valBytes
+			m.SUnreclaim = &v
 		case "KernelStack:":
-			m.KernelStack = &val
-			m.KernelStackBytes = &valBytes
+			m.KernelStack = &v
 		case "PageTables:":
-			m.PageTables = &val
-			m.PageTablesBytes = &valBytes
+			m.PageTables = &v
 		case "NFS_Unstable:":
-			m.NFSUnstable = &val
-			m.NFSUnstableBytes = &valBytes
+			m.NFSUnstable = &v
 		case "Bounce:":
-			m.Bounce = &val
-			m.BounceBytes = &valBytes
+			m.Bounce = &v
 		case "WritebackTmp:":
-			m.WritebackTmp = &val
-			m.WritebackTmpBytes = &valBytes
+			m.WritebackTmp = &v
 		case "CommitLimit:":
-			m.CommitLimit = &val
-			m.CommitLimitBytes = &valBytes
+			m.CommitLimit = &v
 		case "Committed_AS:":
-			m.CommittedAS = &val
-			m.CommittedASBytes = &valBytes
+			m.CommittedAS = &v
 		case "VmallocTotal:":
-			m.VmallocTotal = &val
-			m.VmallocTotalBytes = &valBytes
+			m.VmallocTotal = &v
 		case "VmallocUsed:":
-			m.VmallocUsed = &val
-			m.VmallocUsedBytes = &valBytes
+			m.VmallocUsed = &v
 		case "VmallocChunk:":
-			m.VmallocChunk = &val
-			m.VmallocChunkBytes = &valBytes
-		case "Percpu:":
-			m.Percpu = &val
-			m.PercpuBytes = &valBytes
+			m.VmallocChunk = &v
 		case "HardwareCorrupted:":
-			m.HardwareCorrupted = &val
-			m.HardwareCorruptedBytes = &valBytes
+			m.HardwareCorrupted = &v
 		case "AnonHugePages:":
-			m.AnonHugePages = &val
-			m.AnonHugePagesBytes = &valBytes
+			m.AnonHugePages = &v
 		case "ShmemHugePages:":
-			m.ShmemHugePages = &val
-			m.ShmemHugePagesBytes = &valBytes
+			m.ShmemHugePages = &v
 		case "ShmemPmdMapped:":
-			m.ShmemPmdMapped = &val
-			m.ShmemPmdMappedBytes = &valBytes
+			m.ShmemPmdMapped = &v
 		case "CmaTotal:":
-			m.CmaTotal = &val
-			m.CmaTotalBytes = &valBytes
+			m.CmaTotal = &v
 		case "CmaFree:":
-			m.CmaFree = &val
-			m.CmaFreeBytes = &valBytes
+			m.CmaFree = &v
 		case "HugePages_Total:":
-			m.HugePagesTotal = &val
+			m.HugePagesTotal = &v
 		case "HugePages_Free:":
-			m.HugePagesFree = &val
+			m.HugePagesFree = &v
 		case "HugePages_Rsvd:":
-			m.HugePagesRsvd = &val
+			m.HugePagesRsvd = &v
 		case "HugePages_Surp:":
-			m.HugePagesSurp = &val
+			m.HugePagesSurp = &v
 		case "Hugepagesize:":
-			m.Hugepagesize = &val
-			m.HugepagesizeBytes = &valBytes
+			m.Hugepagesize = &v
 		case "DirectMap4k:":
-			m.DirectMap4k = &val
-			m.DirectMap4kBytes = &valBytes
+			m.DirectMap4k = &v
 		case "DirectMap2M:":
-			m.DirectMap2M = &val
-			m.DirectMap2MBytes = &valBytes
+			m.DirectMap2M = &v
 		case "DirectMap1G:":
-			m.DirectMap1G = &val
-			m.DirectMap1GBytes = &valBytes
+			m.DirectMap1G = &v
 		}
 	}
 
diff --git a/vendor/github.com/prometheus/procfs/mountinfo.go b/vendor/github.com/prometheus/procfs/mountinfo.go
index a704c5e73..388ebf396 100644
--- a/vendor/github.com/prometheus/procfs/mountinfo.go
+++ b/vendor/github.com/prometheus/procfs/mountinfo.go
@@ -109,7 +109,7 @@ func parseMountInfoString(mountString string) (*MountInfo, error) {
 	if mountInfo[6] != "" {
 		mount.OptionalFields, err = mountOptionsParseOptionalFields(mountInfo[6 : mountInfoLength-4])
 		if err != nil {
-			return nil, fmt.Errorf("%w: %w", ErrFileParse, err)
+			return nil, fmt.Errorf("%s: %w", ErrFileParse, err)
 		}
 	}
 	return mount, nil
diff --git a/vendor/github.com/prometheus/procfs/mountstats.go b/vendor/github.com/prometheus/procfs/mountstats.go
index 75a3b6c81..9d8af6db7 100644
--- a/vendor/github.com/prometheus/procfs/mountstats.go
+++ b/vendor/github.com/prometheus/procfs/mountstats.go
@@ -88,7 +88,7 @@ type MountStatsNFS struct {
 	// Statistics broken down by filesystem operation.
 	Operations []NFSOperationStats
 	// Statistics about the NFS RPC transport.
-	Transport []NFSTransportStats
+	Transport NFSTransportStats
 }
 
 // mountStats implements MountStats.
@@ -194,6 +194,8 @@ type NFSOperationStats struct {
 	CumulativeTotalResponseMilliseconds uint64
 	// Duration from when a request was enqueued to when it was completely handled.
 	CumulativeTotalRequestMilliseconds uint64
+	// The average time from the point the client sends RPC requests until it receives the response.
+	AverageRTTMilliseconds float64
 	// The count of operations that complete with tk_status < 0.  These statuses usually indicate error conditions.
 	Errors uint64
 }
@@ -432,7 +434,7 @@ func parseMountStatsNFS(s *bufio.Scanner, statVersion string) (*MountStatsNFS, e
 				return nil, err
 			}
 
-			stats.Transport = append(stats.Transport, *tstats)
+			stats.Transport = *tstats
 		}
 
 		// When encountering "per-operation statistics", we must break this
@@ -580,6 +582,9 @@ func parseNFSOperationStats(s *bufio.Scanner) ([]NFSOperationStats, error) {
 			CumulativeTotalResponseMilliseconds: ns[6],
 			CumulativeTotalRequestMilliseconds:  ns[7],
 		}
+		if ns[0] != 0 {
+			opStats.AverageRTTMilliseconds = float64(ns[6]) / float64(ns[0])
+		}
 
 		if len(ns) > 8 {
 			opStats.Errors = ns[8]
@@ -627,7 +632,7 @@ func parseNFSTransportStats(ss []string, statVersion string) (*NFSTransportStats
 			return nil, fmt.Errorf("%w: invalid NFS transport stats 1.1 statement: %v, protocol: %v", ErrFileParse, ss, protocol)
 		}
 	default:
-		return nil, fmt.Errorf("%w: Unrecognized NFS transport stats version: %q, protocol: %v", ErrFileParse, statVersion, protocol)
+		return nil, fmt.Errorf("%s: Unrecognized NFS transport stats version: %q, protocol: %v", ErrFileParse, statVersion, protocol)
 	}
 
 	// Allocate enough for v1.1 stats since zero value for v1.1 stats will be okay
diff --git a/vendor/github.com/prometheus/procfs/net_conntrackstat.go b/vendor/github.com/prometheus/procfs/net_conntrackstat.go
index 316df5fbb..fdfa45611 100644
--- a/vendor/github.com/prometheus/procfs/net_conntrackstat.go
+++ b/vendor/github.com/prometheus/procfs/net_conntrackstat.go
@@ -58,7 +58,7 @@ func readConntrackStat(path string) ([]ConntrackStatEntry, error) {
 
 	stat, err := parseConntrackStat(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%w: Cannot read file: %v: %w", ErrFileRead, path, err)
+		return nil, fmt.Errorf("%s: Cannot read file: %v: %w", ErrFileRead, path, err)
 	}
 
 	return stat, nil
@@ -86,7 +86,7 @@ func parseConntrackStat(r io.Reader) ([]ConntrackStatEntry, error) {
 func parseConntrackStatEntry(fields []string) (*ConntrackStatEntry, error) {
 	entries, err := util.ParseHexUint64s(fields)
 	if err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse entry: %d: %w", ErrFileParse, entries, err)
+		return nil, fmt.Errorf("%s: Cannot parse entry: %d: %w", ErrFileParse, entries, err)
 	}
 	numEntries := len(entries)
 	if numEntries < 16 || numEntries > 17 {
diff --git a/vendor/github.com/prometheus/procfs/net_ip_socket.go b/vendor/github.com/prometheus/procfs/net_ip_socket.go
index b70f1fc7a..4da81ea57 100644
--- a/vendor/github.com/prometheus/procfs/net_ip_socket.go
+++ b/vendor/github.com/prometheus/procfs/net_ip_socket.go
@@ -50,13 +50,10 @@ type (
 		// UsedSockets shows the total number of parsed lines representing the
 		// number of used sockets.
 		UsedSockets uint64
-		// Drops shows the total number of dropped packets of all UPD sockets.
-		Drops *uint64
 	}
 
 	// netIPSocketLine represents the fields parsed from a single line
 	// in /proc/net/{t,u}dp{,6}. Fields which are not used by IPSocket are skipped.
-	// Drops is non-nil for udp{,6}, but nil for tcp{,6}.
 	// For the proc file format details, see https://linux.die.net/man/5/proc.
 	netIPSocketLine struct {
 		Sl        uint64
@@ -69,7 +66,6 @@ type (
 		RxQueue   uint64
 		UID       uint64
 		Inode     uint64
-		Drops     *uint64
 	}
 )
 
@@ -81,14 +77,13 @@ func newNetIPSocket(file string) (NetIPSocket, error) {
 	defer f.Close()
 
 	var netIPSocket NetIPSocket
-	isUDP := strings.Contains(file, "udp")
 
 	lr := io.LimitReader(f, readLimit)
 	s := bufio.NewScanner(lr)
 	s.Scan() // skip first line with headers
 	for s.Scan() {
 		fields := strings.Fields(s.Text())
-		line, err := parseNetIPSocketLine(fields, isUDP)
+		line, err := parseNetIPSocketLine(fields)
 		if err != nil {
 			return nil, err
 		}
@@ -109,25 +104,19 @@ func newNetIPSocketSummary(file string) (*NetIPSocketSummary, error) {
 	defer f.Close()
 
 	var netIPSocketSummary NetIPSocketSummary
-	var udpPacketDrops uint64
-	isUDP := strings.Contains(file, "udp")
 
 	lr := io.LimitReader(f, readLimit)
 	s := bufio.NewScanner(lr)
 	s.Scan() // skip first line with headers
 	for s.Scan() {
 		fields := strings.Fields(s.Text())
-		line, err := parseNetIPSocketLine(fields, isUDP)
+		line, err := parseNetIPSocketLine(fields)
 		if err != nil {
 			return nil, err
 		}
 		netIPSocketSummary.TxQueueLength += line.TxQueue
 		netIPSocketSummary.RxQueueLength += line.RxQueue
 		netIPSocketSummary.UsedSockets++
-		if isUDP {
-			udpPacketDrops += *line.Drops
-			netIPSocketSummary.Drops = &udpPacketDrops
-		}
 	}
 	if err := s.Err(); err != nil {
 		return nil, err
@@ -141,7 +130,7 @@ func parseIP(hexIP string) (net.IP, error) {
 	var byteIP []byte
 	byteIP, err := hex.DecodeString(hexIP)
 	if err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse socket field in %q: %w", ErrFileParse, hexIP, err)
+		return nil, fmt.Errorf("%s: Cannot parse socket field in %q: %w", ErrFileParse, hexIP, err)
 	}
 	switch len(byteIP) {
 	case 4:
@@ -155,12 +144,12 @@ func parseIP(hexIP string) (net.IP, error) {
 		}
 		return i, nil
 	default:
-		return nil, fmt.Errorf("%w: Unable to parse IP %s: %v", ErrFileParse, hexIP, nil)
+		return nil, fmt.Errorf("%s: Unable to parse IP %s: %w", ErrFileParse, hexIP, nil)
 	}
 }
 
 // parseNetIPSocketLine parses a single line, represented by a list of fields.
-func parseNetIPSocketLine(fields []string, isUDP bool) (*netIPSocketLine, error) {
+func parseNetIPSocketLine(fields []string) (*netIPSocketLine, error) {
 	line := &netIPSocketLine{}
 	if len(fields) < 10 {
 		return nil, fmt.Errorf(
@@ -178,7 +167,7 @@ func parseNetIPSocketLine(fields []string, isUDP bool) (*netIPSocketLine, error)
 	}
 
 	if line.Sl, err = strconv.ParseUint(s[0], 0, 64); err != nil {
-		return nil, fmt.Errorf("%w: Unable to parse sl field in %q: %w", ErrFileParse, line.Sl, err)
+		return nil, fmt.Errorf("%s: Unable to parse sl field in %q: %w", ErrFileParse, line.Sl, err)
 	}
 	// local_address
 	l := strings.Split(fields[1], ":")
@@ -189,7 +178,7 @@ func parseNetIPSocketLine(fields []string, isUDP bool) (*netIPSocketLine, error)
 		return nil, err
 	}
 	if line.LocalPort, err = strconv.ParseUint(l[1], 16, 64); err != nil {
-		return nil, fmt.Errorf("%w: Unable to parse local_address port value line %q: %w", ErrFileParse, line.LocalPort, err)
+		return nil, fmt.Errorf("%s: Unable to parse local_address port value line %q: %w", ErrFileParse, line.LocalPort, err)
 	}
 
 	// remote_address
@@ -201,12 +190,12 @@ func parseNetIPSocketLine(fields []string, isUDP bool) (*netIPSocketLine, error)
 		return nil, err
 	}
 	if line.RemPort, err = strconv.ParseUint(r[1], 16, 64); err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse rem_address port value in %q: %w", ErrFileParse, line.RemPort, err)
+		return nil, fmt.Errorf("%s: Cannot parse rem_address port value in %q: %w", ErrFileParse, line.RemPort, err)
 	}
 
 	// st
 	if line.St, err = strconv.ParseUint(fields[3], 16, 64); err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse st value in %q: %w", ErrFileParse, line.St, err)
+		return nil, fmt.Errorf("%s: Cannot parse st value in %q: %w", ErrFileParse, line.St, err)
 	}
 
 	// tx_queue and rx_queue
@@ -219,29 +208,20 @@ func parseNetIPSocketLine(fields []string, isUDP bool) (*netIPSocketLine, error)
 		)
 	}
 	if line.TxQueue, err = strconv.ParseUint(q[0], 16, 64); err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse tx_queue value in %q: %w", ErrFileParse, line.TxQueue, err)
+		return nil, fmt.Errorf("%s: Cannot parse tx_queue value in %q: %w", ErrFileParse, line.TxQueue, err)
 	}
 	if line.RxQueue, err = strconv.ParseUint(q[1], 16, 64); err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse trx_queue value in %q: %w", ErrFileParse, line.RxQueue, err)
+		return nil, fmt.Errorf("%s: Cannot parse trx_queue value in %q: %w", ErrFileParse, line.RxQueue, err)
 	}
 
 	// uid
 	if line.UID, err = strconv.ParseUint(fields[7], 0, 64); err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse UID value in %q: %w", ErrFileParse, line.UID, err)
+		return nil, fmt.Errorf("%s: Cannot parse UID value in %q: %w", ErrFileParse, line.UID, err)
 	}
 
 	// inode
 	if line.Inode, err = strconv.ParseUint(fields[9], 0, 64); err != nil {
-		return nil, fmt.Errorf("%w: Cannot parse inode value in %q: %w", ErrFileParse, line.Inode, err)
-	}
-
-	// drops
-	if isUDP {
-		drops, err := strconv.ParseUint(fields[12], 0, 64)
-		if err != nil {
-			return nil, fmt.Errorf("%w: Cannot parse drops value in %q: %w", ErrFileParse, drops, err)
-		}
-		line.Drops = &drops
+		return nil, fmt.Errorf("%s: Cannot parse inode value in %q: %w", ErrFileParse, line.Inode, err)
 	}
 
 	return line, nil
diff --git a/vendor/github.com/prometheus/procfs/net_sockstat.go b/vendor/github.com/prometheus/procfs/net_sockstat.go
index fae62b13d..360e36af7 100644
--- a/vendor/github.com/prometheus/procfs/net_sockstat.go
+++ b/vendor/github.com/prometheus/procfs/net_sockstat.go
@@ -69,7 +69,7 @@ func readSockstat(name string) (*NetSockstat, error) {
 
 	stat, err := parseSockstat(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%w: sockstats from %q: %w", ErrFileRead, name, err)
+		return nil, fmt.Errorf("%s: sockstats from %q: %w", ErrFileRead, name, err)
 	}
 
 	return stat, nil
@@ -89,7 +89,7 @@ func parseSockstat(r io.Reader) (*NetSockstat, error) {
 		// The remaining fields are key/value pairs.
 		kvs, err := parseSockstatKVs(fields[1:])
 		if err != nil {
-			return nil, fmt.Errorf("%w: sockstat key/value pairs from %q: %w", ErrFileParse, s.Text(), err)
+			return nil, fmt.Errorf("%s: sockstat key/value pairs from %q: %w", ErrFileParse, s.Text(), err)
 		}
 
 		// The first field is the protocol. We must trim its colon suffix.
diff --git a/vendor/github.com/prometheus/procfs/net_softnet.go b/vendor/github.com/prometheus/procfs/net_softnet.go
index 71c8059f4..c77085291 100644
--- a/vendor/github.com/prometheus/procfs/net_softnet.go
+++ b/vendor/github.com/prometheus/procfs/net_softnet.go
@@ -64,7 +64,7 @@ func (fs FS) NetSoftnetStat() ([]SoftnetStat, error) {
 
 	entries, err := parseSoftnet(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%w: /proc/net/softnet_stat: %w", ErrFileParse, err)
+		return nil, fmt.Errorf("%s: /proc/net/softnet_stat: %w", ErrFileParse, err)
 	}
 
 	return entries, nil
diff --git a/vendor/github.com/prometheus/procfs/net_tls_stat.go b/vendor/github.com/prometheus/procfs/net_tls_stat.go
deleted file mode 100644
index 13994c178..000000000
--- a/vendor/github.com/prometheus/procfs/net_tls_stat.go
+++ /dev/null
@@ -1,119 +0,0 @@
-// Copyright 2023 Prometheus Team
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package procfs
-
-import (
-	"bufio"
-	"fmt"
-	"os"
-	"strconv"
-	"strings"
-)
-
-// TLSStat struct represents data in /proc/net/tls_stat.
-// See https://docs.kernel.org/networking/tls.html#statistics
-type TLSStat struct {
-	// number of TX sessions currently installed where host handles cryptography
-	TLSCurrTxSw int
-	// number of RX sessions currently installed where host handles cryptography
-	TLSCurrRxSw int
-	// number of TX sessions currently installed where NIC handles cryptography
-	TLSCurrTxDevice int
-	// number of RX sessions currently installed where NIC handles cryptography
-	TLSCurrRxDevice int
-	//number of TX sessions opened with host cryptography
-	TLSTxSw int
-	//number of RX sessions opened with host cryptography
-	TLSRxSw int
-	// number of TX sessions opened with NIC cryptography
-	TLSTxDevice int
-	// number of RX sessions opened with NIC cryptography
-	TLSRxDevice int
-	// record decryption failed (e.g. due to incorrect authentication tag)
-	TLSDecryptError int
-	//  number of RX resyncs sent to NICs handling cryptography
-	TLSRxDeviceResync int
-	// number of RX records which had to be re-decrypted due to TLS_RX_EXPECT_NO_PAD mis-prediction. Note that this counter will also increment for non-data records.
-	TLSDecryptRetry int
-	// number of data RX records which had to be re-decrypted due to TLS_RX_EXPECT_NO_PAD mis-prediction.
-	TLSRxNoPadViolation int
-}
-
-// NewTLSStat reads the tls_stat statistics.
-func NewTLSStat() (TLSStat, error) {
-	fs, err := NewFS(DefaultMountPoint)
-	if err != nil {
-		return TLSStat{}, err
-	}
-
-	return fs.NewTLSStat()
-}
-
-// NewTLSStat reads the tls_stat statistics.
-func (fs FS) NewTLSStat() (TLSStat, error) {
-	file, err := os.Open(fs.proc.Path("net/tls_stat"))
-	if err != nil {
-		return TLSStat{}, err
-	}
-	defer file.Close()
-
-	var (
-		tlsstat = TLSStat{}
-		s       = bufio.NewScanner(file)
-	)
-
-	for s.Scan() {
-		fields := strings.Fields(s.Text())
-
-		if len(fields) != 2 {
-			return TLSStat{}, fmt.Errorf("%w: %q line %q", ErrFileParse, file.Name(), s.Text())
-		}
-
-		name := fields[0]
-		value, err := strconv.Atoi(fields[1])
-		if err != nil {
-			return TLSStat{}, err
-		}
-
-		switch name {
-		case "TlsCurrTxSw":
-			tlsstat.TLSCurrTxSw = value
-		case "TlsCurrRxSw":
-			tlsstat.TLSCurrRxSw = value
-		case "TlsCurrTxDevice":
-			tlsstat.TLSCurrTxDevice = value
-		case "TlsCurrRxDevice":
-			tlsstat.TLSCurrRxDevice = value
-		case "TlsTxSw":
-			tlsstat.TLSTxSw = value
-		case "TlsRxSw":
-			tlsstat.TLSRxSw = value
-		case "TlsTxDevice":
-			tlsstat.TLSTxDevice = value
-		case "TlsRxDevice":
-			tlsstat.TLSRxDevice = value
-		case "TlsDecryptError":
-			tlsstat.TLSDecryptError = value
-		case "TlsRxDeviceResync":
-			tlsstat.TLSRxDeviceResync = value
-		case "TlsDecryptRetry":
-			tlsstat.TLSDecryptRetry = value
-		case "TlsRxNoPadViolation":
-			tlsstat.TLSRxNoPadViolation = value
-		}
-
-	}
-
-	return tlsstat, s.Err()
-}
diff --git a/vendor/github.com/prometheus/procfs/net_unix.go b/vendor/github.com/prometheus/procfs/net_unix.go
index d868cebda..acbbc57ea 100644
--- a/vendor/github.com/prometheus/procfs/net_unix.go
+++ b/vendor/github.com/prometheus/procfs/net_unix.go
@@ -108,14 +108,14 @@ func parseNetUNIX(r io.Reader) (*NetUNIX, error) {
 		line := s.Text()
 		item, err := nu.parseLine(line, hasInode, minFields)
 		if err != nil {
-			return nil, fmt.Errorf("%w: /proc/net/unix encountered data %q: %w", ErrFileParse, line, err)
+			return nil, fmt.Errorf("%s: /proc/net/unix encountered data %q: %w", ErrFileParse, line, err)
 		}
 
 		nu.Rows = append(nu.Rows, item)
 	}
 
 	if err := s.Err(); err != nil {
-		return nil, fmt.Errorf("%w: /proc/net/unix encountered data: %w", ErrFileParse, err)
+		return nil, fmt.Errorf("%s: /proc/net/unix encountered data: %w", ErrFileParse, err)
 	}
 
 	return &nu, nil
@@ -136,29 +136,29 @@ func (u *NetUNIX) parseLine(line string, hasInode bool, min int) (*NetUNIXLine,
 
 	users, err := u.parseUsers(fields[1])
 	if err != nil {
-		return nil, fmt.Errorf("%w: ref count %q: %w", ErrFileParse, fields[1], err)
+		return nil, fmt.Errorf("%s: ref count %q: %w", ErrFileParse, fields[1], err)
 	}
 
 	flags, err := u.parseFlags(fields[3])
 	if err != nil {
-		return nil, fmt.Errorf("%w: Unable to parse flags %q: %w", ErrFileParse, fields[3], err)
+		return nil, fmt.Errorf("%s: Unable to parse flags %q: %w", ErrFileParse, fields[3], err)
 	}
 
 	typ, err := u.parseType(fields[4])
 	if err != nil {
-		return nil, fmt.Errorf("%w: Failed to parse type %q: %w", ErrFileParse, fields[4], err)
+		return nil, fmt.Errorf("%s: Failed to parse type %q: %w", ErrFileParse, fields[4], err)
 	}
 
 	state, err := u.parseState(fields[5])
 	if err != nil {
-		return nil, fmt.Errorf("%w: Failed to parse state %q: %w", ErrFileParse, fields[5], err)
+		return nil, fmt.Errorf("%s: Failed to parse state %q: %w", ErrFileParse, fields[5], err)
 	}
 
 	var inode uint64
 	if hasInode {
 		inode, err = u.parseInode(fields[6])
 		if err != nil {
-			return nil, fmt.Errorf("%w failed to parse inode %q: %w", ErrFileParse, fields[6], err)
+			return nil, fmt.Errorf("%s failed to parse inode %q: %w", ErrFileParse, fields[6], err)
 		}
 	}
 
diff --git a/vendor/github.com/prometheus/procfs/net_wireless.go b/vendor/github.com/prometheus/procfs/net_wireless.go
index 7c597bc87..7443edca9 100644
--- a/vendor/github.com/prometheus/procfs/net_wireless.go
+++ b/vendor/github.com/prometheus/procfs/net_wireless.go
@@ -68,7 +68,7 @@ func (fs FS) Wireless() ([]*Wireless, error) {
 
 	m, err := parseWireless(bytes.NewReader(b))
 	if err != nil {
-		return nil, fmt.Errorf("%w: wireless: %w", ErrFileParse, err)
+		return nil, fmt.Errorf("%s: wireless: %w", ErrFileParse, err)
 	}
 
 	return m, nil
@@ -114,47 +114,47 @@ func parseWireless(r io.Reader) ([]*Wireless, error) {
 
 		qlink, err := strconv.Atoi(strings.TrimSuffix(stats[1], "."))
 		if err != nil {
-			return nil, fmt.Errorf("%w: parse Quality:link as integer %q: %w", ErrFileParse, qlink, err)
+			return nil, fmt.Errorf("%s: parse Quality:link as integer %q: %w", ErrFileParse, qlink, err)
 		}
 
 		qlevel, err := strconv.Atoi(strings.TrimSuffix(stats[2], "."))
 		if err != nil {
-			return nil, fmt.Errorf("%w: Quality:level as integer %q: %w", ErrFileParse, qlevel, err)
+			return nil, fmt.Errorf("%s: Quality:level as integer %q: %w", ErrFileParse, qlevel, err)
 		}
 
 		qnoise, err := strconv.Atoi(strings.TrimSuffix(stats[3], "."))
 		if err != nil {
-			return nil, fmt.Errorf("%w: Quality:noise as integer %q: %w", ErrFileParse, qnoise, err)
+			return nil, fmt.Errorf("%s: Quality:noise as integer %q: %w", ErrFileParse, qnoise, err)
 		}
 
 		dnwid, err := strconv.Atoi(stats[4])
 		if err != nil {
-			return nil, fmt.Errorf("%w: Discarded:nwid as integer %q: %w", ErrFileParse, dnwid, err)
+			return nil, fmt.Errorf("%s: Discarded:nwid as integer %q: %w", ErrFileParse, dnwid, err)
 		}
 
 		dcrypt, err := strconv.Atoi(stats[5])
 		if err != nil {
-			return nil, fmt.Errorf("%w: Discarded:crypt as integer %q: %w", ErrFileParse, dcrypt, err)
+			return nil, fmt.Errorf("%s: Discarded:crypt as integer %q: %w", ErrFileParse, dcrypt, err)
 		}
 
 		dfrag, err := strconv.Atoi(stats[6])
 		if err != nil {
-			return nil, fmt.Errorf("%w: Discarded:frag as integer %q: %w", ErrFileParse, dfrag, err)
+			return nil, fmt.Errorf("%s: Discarded:frag as integer %q: %w", ErrFileParse, dfrag, err)
 		}
 
 		dretry, err := strconv.Atoi(stats[7])
 		if err != nil {
-			return nil, fmt.Errorf("%w: Discarded:retry as integer %q: %w", ErrFileParse, dretry, err)
+			return nil, fmt.Errorf("%s: Discarded:retry as integer %q: %w", ErrFileParse, dretry, err)
 		}
 
 		dmisc, err := strconv.Atoi(stats[8])
 		if err != nil {
-			return nil, fmt.Errorf("%w: Discarded:misc as integer %q: %w", ErrFileParse, dmisc, err)
+			return nil, fmt.Errorf("%s: Discarded:misc as integer %q: %w", ErrFileParse, dmisc, err)
 		}
 
 		mbeacon, err := strconv.Atoi(stats[9])
 		if err != nil {
-			return nil, fmt.Errorf("%w: Missed:beacon as integer %q: %w", ErrFileParse, mbeacon, err)
+			return nil, fmt.Errorf("%s: Missed:beacon as integer %q: %w", ErrFileParse, mbeacon, err)
 		}
 
 		w := &Wireless{
@@ -175,7 +175,7 @@ func parseWireless(r io.Reader) ([]*Wireless, error) {
 	}
 
 	if err := scanner.Err(); err != nil {
-		return nil, fmt.Errorf("%w: Failed to scan /proc/net/wireless: %w", ErrFileRead, err)
+		return nil, fmt.Errorf("%s: Failed to scan /proc/net/wireless: %w", ErrFileRead, err)
 	}
 
 	return interfaces, nil
diff --git a/vendor/github.com/prometheus/procfs/proc.go b/vendor/github.com/prometheus/procfs/proc.go
index 142796368..d1f71caa5 100644
--- a/vendor/github.com/prometheus/procfs/proc.go
+++ b/vendor/github.com/prometheus/procfs/proc.go
@@ -111,7 +111,7 @@ func (fs FS) AllProcs() (Procs, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return Procs{}, fmt.Errorf("%w: Cannot read file: %v: %w", ErrFileRead, names, err)
+		return Procs{}, fmt.Errorf("%s: Cannot read file: %v: %w", ErrFileRead, names, err)
 	}
 
 	p := Procs{}
@@ -137,7 +137,7 @@ func (p Proc) CmdLine() ([]string, error) {
 		return []string{}, nil
 	}
 
-	return strings.Split(string(bytes.TrimRight(data, "\x00")), "\x00"), nil
+	return strings.Split(string(bytes.TrimRight(data, string("\x00"))), string(byte(0))), nil
 }
 
 // Wchan returns the wchan (wait channel) of a process.
@@ -212,7 +212,7 @@ func (p Proc) FileDescriptors() ([]uintptr, error) {
 	for i, n := range names {
 		fd, err := strconv.ParseInt(n, 10, 32)
 		if err != nil {
-			return nil, fmt.Errorf("%w: Cannot parse line: %v: %w", ErrFileParse, i, err)
+			return nil, fmt.Errorf("%s: Cannot parse line: %v: %w", ErrFileParse, i, err)
 		}
 		fds[i] = uintptr(fd)
 	}
@@ -297,7 +297,7 @@ func (p Proc) fileDescriptors() ([]string, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return nil, fmt.Errorf("%w: Cannot read file: %v: %w", ErrFileRead, names, err)
+		return nil, fmt.Errorf("%s: Cannot read file: %v: %w", ErrFileRead, names, err)
 	}
 
 	return names, nil
diff --git a/vendor/github.com/prometheus/procfs/proc_limits.go b/vendor/github.com/prometheus/procfs/proc_limits.go
index 9530b14bc..c86d815d7 100644
--- a/vendor/github.com/prometheus/procfs/proc_limits.go
+++ b/vendor/github.com/prometheus/procfs/proc_limits.go
@@ -154,7 +154,7 @@ func parseUint(s string) (uint64, error) {
 	}
 	i, err := strconv.ParseUint(s, 10, 64)
 	if err != nil {
-		return 0, fmt.Errorf("%w: couldn't parse value %q: %w", ErrFileParse, s, err)
+		return 0, fmt.Errorf("%s: couldn't parse value %q: %w", ErrFileParse, s, err)
 	}
 	return i, nil
 }
diff --git a/vendor/github.com/prometheus/procfs/proc_ns.go b/vendor/github.com/prometheus/procfs/proc_ns.go
index 0f8f847f9..c22666750 100644
--- a/vendor/github.com/prometheus/procfs/proc_ns.go
+++ b/vendor/github.com/prometheus/procfs/proc_ns.go
@@ -40,7 +40,7 @@ func (p Proc) Namespaces() (Namespaces, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return nil, fmt.Errorf("%w: failed to read contents of ns dir: %w", ErrFileRead, err)
+		return nil, fmt.Errorf("%s: failed to read contents of ns dir: %w", ErrFileRead, err)
 	}
 
 	ns := make(Namespaces, len(names))
@@ -58,7 +58,7 @@ func (p Proc) Namespaces() (Namespaces, error) {
 		typ := fields[0]
 		inode, err := strconv.ParseUint(strings.Trim(fields[1], "[]"), 10, 32)
 		if err != nil {
-			return nil, fmt.Errorf("%w: inode from %q: %w", ErrFileParse, fields[1], err)
+			return nil, fmt.Errorf("%s: inode from %q: %w", ErrFileParse, fields[1], err)
 		}
 
 		ns[name] = Namespace{typ, uint32(inode)}
diff --git a/vendor/github.com/prometheus/procfs/proc_psi.go b/vendor/github.com/prometheus/procfs/proc_psi.go
index ccd35f153..fe9dbb425 100644
--- a/vendor/github.com/prometheus/procfs/proc_psi.go
+++ b/vendor/github.com/prometheus/procfs/proc_psi.go
@@ -61,7 +61,7 @@ type PSIStats struct {
 func (fs FS) PSIStatsForResource(resource string) (PSIStats, error) {
 	data, err := util.ReadFileNoStat(fs.proc.Path(fmt.Sprintf("%s/%s", "pressure", resource)))
 	if err != nil {
-		return PSIStats{}, fmt.Errorf("%w: psi_stats: unavailable for %q: %w", ErrFileRead, resource, err)
+		return PSIStats{}, fmt.Errorf("%s: psi_stats: unavailable for %q: %w", ErrFileRead, resource, err)
 	}
 
 	return parsePSIStats(bytes.NewReader(data))
diff --git a/vendor/github.com/prometheus/procfs/proc_smaps.go b/vendor/github.com/prometheus/procfs/proc_smaps.go
index 09060e820..ad8785a40 100644
--- a/vendor/github.com/prometheus/procfs/proc_smaps.go
+++ b/vendor/github.com/prometheus/procfs/proc_smaps.go
@@ -127,7 +127,7 @@ func (s *ProcSMapsRollup) parseLine(line string) error {
 	}
 
 	v := strings.TrimSpace(kv[1])
-	v = strings.TrimSuffix(v, " kB")
+	v = strings.TrimRight(v, " kB")
 
 	vKBytes, err := strconv.ParseUint(v, 10, 64)
 	if err != nil {
diff --git a/vendor/github.com/prometheus/procfs/proc_stat.go b/vendor/github.com/prometheus/procfs/proc_stat.go
index 06a8d931c..923e55005 100644
--- a/vendor/github.com/prometheus/procfs/proc_stat.go
+++ b/vendor/github.com/prometheus/procfs/proc_stat.go
@@ -110,11 +110,6 @@ type ProcStat struct {
 	Policy uint
 	// Aggregated block I/O delays, measured in clock ticks (centiseconds).
 	DelayAcctBlkIOTicks uint64
-	// Guest time of the process (time spent running a virtual CPU for a guest
-	// operating system), measured in clock ticks.
-	GuestTime int
-	// Guest time of the process's children, measured in clock ticks.
-	CGuestTime int
 
 	proc FS
 }
@@ -194,8 +189,6 @@ func (p Proc) Stat() (ProcStat, error) {
 		&s.RTPriority,
 		&s.Policy,
 		&s.DelayAcctBlkIOTicks,
-		&s.GuestTime,
-		&s.CGuestTime,
 	)
 	if err != nil {
 		return ProcStat{}, err
diff --git a/vendor/github.com/prometheus/procfs/proc_status.go b/vendor/github.com/prometheus/procfs/proc_status.go
index a055197c6..46307f572 100644
--- a/vendor/github.com/prometheus/procfs/proc_status.go
+++ b/vendor/github.com/prometheus/procfs/proc_status.go
@@ -15,7 +15,6 @@ package procfs
 
 import (
 	"bytes"
-	"math/bits"
 	"sort"
 	"strconv"
 	"strings"
@@ -77,9 +76,9 @@ type ProcStatus struct {
 	NonVoluntaryCtxtSwitches uint64
 
 	// UIDs of the process (Real, effective, saved set, and filesystem UIDs)
-	UIDs [4]uint64
+	UIDs [4]string
 	// GIDs of the process (Real, effective, saved set, and filesystem GIDs)
-	GIDs [4]uint64
+	GIDs [4]string
 
 	// CpusAllowedList: List of cpu cores processes are allowed to run on.
 	CpusAllowedList []uint64
@@ -114,37 +113,22 @@ func (p Proc) NewStatus() (ProcStatus, error) {
 		// convert kB to B
 		vBytes := vKBytes * 1024
 
-		err = s.fillStatus(k, v, vKBytes, vBytes)
-		if err != nil {
-			return ProcStatus{}, err
-		}
+		s.fillStatus(k, v, vKBytes, vBytes)
 	}
 
 	return s, nil
 }
 
-func (s *ProcStatus) fillStatus(k string, vString string, vUint uint64, vUintBytes uint64) error {
+func (s *ProcStatus) fillStatus(k string, vString string, vUint uint64, vUintBytes uint64) {
 	switch k {
 	case "Tgid":
 		s.TGID = int(vUint)
 	case "Name":
 		s.Name = vString
 	case "Uid":
-		var err error
-		for i, v := range strings.Split(vString, "\t") {
-			s.UIDs[i], err = strconv.ParseUint(v, 10, bits.UintSize)
-			if err != nil {
-				return err
-			}
-		}
+		copy(s.UIDs[:], strings.Split(vString, "\t"))
 	case "Gid":
-		var err error
-		for i, v := range strings.Split(vString, "\t") {
-			s.GIDs[i], err = strconv.ParseUint(v, 10, bits.UintSize)
-			if err != nil {
-				return err
-			}
-		}
+		copy(s.GIDs[:], strings.Split(vString, "\t"))
 	case "NSpid":
 		s.NSpids = calcNSPidsList(vString)
 	case "VmPeak":
@@ -189,7 +173,6 @@ func (s *ProcStatus) fillStatus(k string, vString string, vUint uint64, vUintByt
 		s.CpusAllowedList = calcCpusAllowedList(vString)
 	}
 
-	return nil
 }
 
 // TotalCtxtSwitches returns the total context switch.
diff --git a/vendor/github.com/prometheus/procfs/proc_sys.go b/vendor/github.com/prometheus/procfs/proc_sys.go
index 5eefbe2ef..12c5bf05b 100644
--- a/vendor/github.com/prometheus/procfs/proc_sys.go
+++ b/vendor/github.com/prometheus/procfs/proc_sys.go
@@ -44,7 +44,7 @@ func (fs FS) SysctlInts(sysctl string) ([]int, error) {
 		vp := util.NewValueParser(f)
 		values[i] = vp.Int()
 		if err := vp.Err(); err != nil {
-			return nil, fmt.Errorf("%w: field %d in sysctl %s is not a valid int: %w", ErrFileParse, i, sysctl, err)
+			return nil, fmt.Errorf("%s: field %d in sysctl %s is not a valid int: %w", ErrFileParse, i, sysctl, err)
 		}
 	}
 	return values, nil
diff --git a/vendor/github.com/prometheus/procfs/softirqs.go b/vendor/github.com/prometheus/procfs/softirqs.go
index 28708e074..b8fad677d 100644
--- a/vendor/github.com/prometheus/procfs/softirqs.go
+++ b/vendor/github.com/prometheus/procfs/softirqs.go
@@ -74,7 +74,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Hi = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Hi[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (HI%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (HI%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "TIMER:":
@@ -82,7 +82,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Timer = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Timer[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (TIMER%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (TIMER%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "NET_TX:":
@@ -90,7 +90,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.NetTx = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.NetTx[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (NET_TX%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (NET_TX%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "NET_RX:":
@@ -98,7 +98,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.NetRx = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.NetRx[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (NET_RX%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (NET_RX%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "BLOCK:":
@@ -106,7 +106,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Block = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Block[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (BLOCK%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (BLOCK%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "IRQ_POLL:":
@@ -114,7 +114,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.IRQPoll = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.IRQPoll[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (IRQ_POLL%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (IRQ_POLL%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "TASKLET:":
@@ -122,7 +122,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Tasklet = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Tasklet[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (TASKLET%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (TASKLET%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "SCHED:":
@@ -130,7 +130,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.Sched = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.Sched[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (SCHED%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (SCHED%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "HRTIMER:":
@@ -138,7 +138,7 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.HRTimer = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.HRTimer[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (HRTIMER%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (HRTIMER%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "RCU:":
@@ -146,14 +146,14 @@ func parseSoftirqs(r io.Reader) (Softirqs, error) {
 			softirqs.RCU = make([]uint64, len(perCPU))
 			for i, count := range perCPU {
 				if softirqs.RCU[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Softirqs{}, fmt.Errorf("%w: couldn't parse %q (RCU%d): %w", ErrFileParse, count, i, err)
+					return Softirqs{}, fmt.Errorf("%s: couldn't parse %q (RCU%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		}
 	}
 
 	if err := scanner.Err(); err != nil {
-		return Softirqs{}, fmt.Errorf("%w: couldn't parse softirqs: %w", ErrFileParse, err)
+		return Softirqs{}, fmt.Errorf("%s: couldn't parse softirqs: %w", ErrFileParse, err)
 	}
 
 	return softirqs, scanner.Err()
diff --git a/vendor/github.com/prometheus/procfs/stat.go b/vendor/github.com/prometheus/procfs/stat.go
index e36b41c18..34fc3ee21 100644
--- a/vendor/github.com/prometheus/procfs/stat.go
+++ b/vendor/github.com/prometheus/procfs/stat.go
@@ -93,7 +93,7 @@ func parseCPUStat(line string) (CPUStat, int64, error) {
 		&cpuStat.Guest, &cpuStat.GuestNice)
 
 	if err != nil && err != io.EOF {
-		return CPUStat{}, -1, fmt.Errorf("%w: couldn't parse %q (cpu): %w", ErrFileParse, line, err)
+		return CPUStat{}, -1, fmt.Errorf("%s: couldn't parse %q (cpu): %w", ErrFileParse, line, err)
 	}
 	if count == 0 {
 		return CPUStat{}, -1, fmt.Errorf("%w: couldn't parse %q (cpu): 0 elements parsed", ErrFileParse, line)
@@ -116,7 +116,7 @@ func parseCPUStat(line string) (CPUStat, int64, error) {
 
 	cpuID, err := strconv.ParseInt(cpu[3:], 10, 64)
 	if err != nil {
-		return CPUStat{}, -1, fmt.Errorf("%w: couldn't parse %q (cpu/cpuid): %w", ErrFileParse, line, err)
+		return CPUStat{}, -1, fmt.Errorf("%s: couldn't parse %q (cpu/cpuid): %w", ErrFileParse, line, err)
 	}
 
 	return cpuStat, cpuID, nil
@@ -136,7 +136,7 @@ func parseSoftIRQStat(line string) (SoftIRQStat, uint64, error) {
 		&softIRQStat.Hrtimer, &softIRQStat.Rcu)
 
 	if err != nil {
-		return SoftIRQStat{}, 0, fmt.Errorf("%w: couldn't parse %q (softirq): %w", ErrFileParse, line, err)
+		return SoftIRQStat{}, 0, fmt.Errorf("%s: couldn't parse %q (softirq): %w", ErrFileParse, line, err)
 	}
 
 	return softIRQStat, total, nil
@@ -201,34 +201,34 @@ func parseStat(r io.Reader, fileName string) (Stat, error) {
 		switch {
 		case parts[0] == "btime":
 			if stat.BootTime, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%w: couldn't parse %q (btime): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (btime): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "intr":
 			if stat.IRQTotal, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%w: couldn't parse %q (intr): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (intr): %w", ErrFileParse, parts[1], err)
 			}
 			numberedIRQs := parts[2:]
 			stat.IRQ = make([]uint64, len(numberedIRQs))
 			for i, count := range numberedIRQs {
 				if stat.IRQ[i], err = strconv.ParseUint(count, 10, 64); err != nil {
-					return Stat{}, fmt.Errorf("%w: couldn't parse %q (intr%d): %w", ErrFileParse, count, i, err)
+					return Stat{}, fmt.Errorf("%s: couldn't parse %q (intr%d): %w", ErrFileParse, count, i, err)
 				}
 			}
 		case parts[0] == "ctxt":
 			if stat.ContextSwitches, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%w: couldn't parse %q (ctxt): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (ctxt): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "processes":
 			if stat.ProcessCreated, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%w: couldn't parse %q (processes): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (processes): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "procs_running":
 			if stat.ProcessesRunning, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%w: couldn't parse %q (procs_running): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (procs_running): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "procs_blocked":
 			if stat.ProcessesBlocked, err = strconv.ParseUint(parts[1], 10, 64); err != nil {
-				return Stat{}, fmt.Errorf("%w: couldn't parse %q (procs_blocked): %w", ErrFileParse, parts[1], err)
+				return Stat{}, fmt.Errorf("%s: couldn't parse %q (procs_blocked): %w", ErrFileParse, parts[1], err)
 			}
 		case parts[0] == "softirq":
 			softIRQStats, total, err := parseSoftIRQStat(line)
@@ -251,7 +251,7 @@ func parseStat(r io.Reader, fileName string) (Stat, error) {
 	}
 
 	if err := scanner.Err(); err != nil {
-		return Stat{}, fmt.Errorf("%w: couldn't parse %q: %w", ErrFileParse, fileName, err)
+		return Stat{}, fmt.Errorf("%s: couldn't parse %q: %w", ErrFileParse, fileName, err)
 	}
 
 	return stat, nil
diff --git a/vendor/github.com/prometheus/procfs/swaps.go b/vendor/github.com/prometheus/procfs/swaps.go
index 65fec834b..fa00f555d 100644
--- a/vendor/github.com/prometheus/procfs/swaps.go
+++ b/vendor/github.com/prometheus/procfs/swaps.go
@@ -74,15 +74,15 @@ func parseSwapString(swapString string) (*Swap, error) {
 
 	swap.Size, err = strconv.Atoi(swapFields[2])
 	if err != nil {
-		return nil, fmt.Errorf("%w: invalid swap size: %s: %w", ErrFileParse, swapFields[2], err)
+		return nil, fmt.Errorf("%s: invalid swap size: %s: %w", ErrFileParse, swapFields[2], err)
 	}
 	swap.Used, err = strconv.Atoi(swapFields[3])
 	if err != nil {
-		return nil, fmt.Errorf("%w: invalid swap used: %s: %w", ErrFileParse, swapFields[3], err)
+		return nil, fmt.Errorf("%s: invalid swap used: %s: %w", ErrFileParse, swapFields[3], err)
 	}
 	swap.Priority, err = strconv.Atoi(swapFields[4])
 	if err != nil {
-		return nil, fmt.Errorf("%w: invalid swap priority: %s: %w", ErrFileParse, swapFields[4], err)
+		return nil, fmt.Errorf("%s: invalid swap priority: %s: %w", ErrFileParse, swapFields[4], err)
 	}
 
 	return swap, nil
diff --git a/vendor/github.com/prometheus/procfs/thread.go b/vendor/github.com/prometheus/procfs/thread.go
index 80e0e947b..df2215ece 100644
--- a/vendor/github.com/prometheus/procfs/thread.go
+++ b/vendor/github.com/prometheus/procfs/thread.go
@@ -45,7 +45,7 @@ func (fs FS) AllThreads(pid int) (Procs, error) {
 
 	names, err := d.Readdirnames(-1)
 	if err != nil {
-		return Procs{}, fmt.Errorf("%w: could not read %q: %w", ErrFileRead, d.Name(), err)
+		return Procs{}, fmt.Errorf("%s: could not read %q: %w", ErrFileRead, d.Name(), err)
 	}
 
 	t := Procs{}
diff --git a/vendor/github.com/prometheus/procfs/zoneinfo.go b/vendor/github.com/prometheus/procfs/zoneinfo.go
index e54d94b09..ce5fefa5b 100644
--- a/vendor/github.com/prometheus/procfs/zoneinfo.go
+++ b/vendor/github.com/prometheus/procfs/zoneinfo.go
@@ -75,11 +75,11 @@ var nodeZoneRE = regexp.MustCompile(`(\d+), zone\s+(\w+)`)
 func (fs FS) Zoneinfo() ([]Zoneinfo, error) {
 	data, err := os.ReadFile(fs.proc.Path("zoneinfo"))
 	if err != nil {
-		return nil, fmt.Errorf("%w: error reading zoneinfo %q: %w", ErrFileRead, fs.proc.Path("zoneinfo"), err)
+		return nil, fmt.Errorf("%s: error reading zoneinfo %q: %w", ErrFileRead, fs.proc.Path("zoneinfo"), err)
 	}
 	zoneinfo, err := parseZoneinfo(data)
 	if err != nil {
-		return nil, fmt.Errorf("%w: error parsing zoneinfo %q: %w", ErrFileParse, fs.proc.Path("zoneinfo"), err)
+		return nil, fmt.Errorf("%s: error parsing zoneinfo %q: %w", ErrFileParse, fs.proc.Path("zoneinfo"), err)
 	}
 	return zoneinfo, nil
 }
diff --git a/vendor/golang.org/x/crypto/LICENSE b/vendor/golang.org/x/crypto/LICENSE
index 2a7cf70da..6a66aea5e 100644
--- a/vendor/golang.org/x/crypto/LICENSE
+++ b/vendor/golang.org/x/crypto/LICENSE
@@ -1,4 +1,4 @@
-Copyright 2009 The Go Authors.
+Copyright (c) 2009 The Go Authors. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
-   * Neither the name of Google LLC nor the names of its
+   * Neither the name of Google Inc. nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 
diff --git a/vendor/golang.org/x/crypto/blowfish/cipher.go b/vendor/golang.org/x/crypto/blowfish/cipher.go
index 089895680..213bf204a 100644
--- a/vendor/golang.org/x/crypto/blowfish/cipher.go
+++ b/vendor/golang.org/x/crypto/blowfish/cipher.go
@@ -11,7 +11,7 @@
 // Deprecated: any new system should use AES (from crypto/aes, if necessary in
 // an AEAD mode like crypto/cipher.NewGCM) or XChaCha20-Poly1305 (from
 // golang.org/x/crypto/chacha20poly1305).
-package blowfish
+package blowfish // import "golang.org/x/crypto/blowfish"
 
 // The code is a port of Bruce Schneier's C implementation.
 // See https://www.schneier.com/blowfish.html.
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
index c709b7284..db42e6676 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_noasm.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build (!arm64 && !s390x && !ppc64 && !ppc64le) || !gc || purego
+//go:build (!arm64 && !s390x && !ppc64le) || !gc || purego
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.go b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
similarity index 89%
rename from vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.go
rename to vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
index bd183d9ba..3a4287f99 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.go
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build gc && !purego && (ppc64 || ppc64le)
+//go:build gc && !purego
 
 package chacha20
 
diff --git a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.s b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
similarity index 66%
rename from vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.s
rename to vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
index a660b4112..66aebae25 100644
--- a/vendor/golang.org/x/crypto/chacha20/chacha_ppc64x.s
+++ b/vendor/golang.org/x/crypto/chacha20/chacha_ppc64le.s
@@ -19,7 +19,7 @@
 // The differences in this and the original implementation are
 // due to the calling conventions and initialization of constants.
 
-//go:build gc && !purego && (ppc64 || ppc64le)
+//go:build gc && !purego
 
 #include "textflag.h"
 
@@ -33,70 +33,27 @@
 #define CONSTBASE  R16
 #define BLOCKS R17
 
-// for VPERMXOR
-#define MASK  R18
-
-DATA consts<>+0x00(SB)/4, $0x61707865
-DATA consts<>+0x04(SB)/4, $0x3320646e
-DATA consts<>+0x08(SB)/4, $0x79622d32
-DATA consts<>+0x0c(SB)/4, $0x6b206574
-DATA consts<>+0x10(SB)/4, $0x00000001
-DATA consts<>+0x14(SB)/4, $0x00000000
-DATA consts<>+0x18(SB)/4, $0x00000000
-DATA consts<>+0x1c(SB)/4, $0x00000000
-DATA consts<>+0x20(SB)/4, $0x00000004
-DATA consts<>+0x24(SB)/4, $0x00000000
-DATA consts<>+0x28(SB)/4, $0x00000000
-DATA consts<>+0x2c(SB)/4, $0x00000000
-DATA consts<>+0x30(SB)/4, $0x0e0f0c0d
-DATA consts<>+0x34(SB)/4, $0x0a0b0809
-DATA consts<>+0x38(SB)/4, $0x06070405
-DATA consts<>+0x3c(SB)/4, $0x02030001
-DATA consts<>+0x40(SB)/4, $0x0d0e0f0c
-DATA consts<>+0x44(SB)/4, $0x090a0b08
-DATA consts<>+0x48(SB)/4, $0x05060704
-DATA consts<>+0x4c(SB)/4, $0x01020300
-DATA consts<>+0x50(SB)/4, $0x61707865
-DATA consts<>+0x54(SB)/4, $0x61707865
-DATA consts<>+0x58(SB)/4, $0x61707865
-DATA consts<>+0x5c(SB)/4, $0x61707865
-DATA consts<>+0x60(SB)/4, $0x3320646e
-DATA consts<>+0x64(SB)/4, $0x3320646e
-DATA consts<>+0x68(SB)/4, $0x3320646e
-DATA consts<>+0x6c(SB)/4, $0x3320646e
-DATA consts<>+0x70(SB)/4, $0x79622d32
-DATA consts<>+0x74(SB)/4, $0x79622d32
-DATA consts<>+0x78(SB)/4, $0x79622d32
-DATA consts<>+0x7c(SB)/4, $0x79622d32
-DATA consts<>+0x80(SB)/4, $0x6b206574
-DATA consts<>+0x84(SB)/4, $0x6b206574
-DATA consts<>+0x88(SB)/4, $0x6b206574
-DATA consts<>+0x8c(SB)/4, $0x6b206574
-DATA consts<>+0x90(SB)/4, $0x00000000
-DATA consts<>+0x94(SB)/4, $0x00000001
-DATA consts<>+0x98(SB)/4, $0x00000002
-DATA consts<>+0x9c(SB)/4, $0x00000003
-DATA consts<>+0xa0(SB)/4, $0x11223300
-DATA consts<>+0xa4(SB)/4, $0x55667744
-DATA consts<>+0xa8(SB)/4, $0x99aabb88
-DATA consts<>+0xac(SB)/4, $0xddeeffcc
-DATA consts<>+0xb0(SB)/4, $0x22330011
-DATA consts<>+0xb4(SB)/4, $0x66774455
-DATA consts<>+0xb8(SB)/4, $0xaabb8899
-DATA consts<>+0xbc(SB)/4, $0xeeffccdd
-GLOBL consts<>(SB), RODATA, $0xc0
-
-#ifdef GOARCH_ppc64
-#define BE_XXBRW_INIT() \
-		LVSL (R0)(R0), V24 \
-		VSPLTISB $3, V25   \
-		VXOR V24, V25, V24 \
-
-#define BE_XXBRW(vr) VPERM vr, vr, V24, vr
-#else
-#define BE_XXBRW_INIT()
-#define BE_XXBRW(vr)
-#endif
+DATA consts<>+0x00(SB)/8, $0x3320646e61707865
+DATA consts<>+0x08(SB)/8, $0x6b20657479622d32
+DATA consts<>+0x10(SB)/8, $0x0000000000000001
+DATA consts<>+0x18(SB)/8, $0x0000000000000000
+DATA consts<>+0x20(SB)/8, $0x0000000000000004
+DATA consts<>+0x28(SB)/8, $0x0000000000000000
+DATA consts<>+0x30(SB)/8, $0x0a0b08090e0f0c0d
+DATA consts<>+0x38(SB)/8, $0x0203000106070405
+DATA consts<>+0x40(SB)/8, $0x090a0b080d0e0f0c
+DATA consts<>+0x48(SB)/8, $0x0102030005060704
+DATA consts<>+0x50(SB)/8, $0x6170786561707865
+DATA consts<>+0x58(SB)/8, $0x6170786561707865
+DATA consts<>+0x60(SB)/8, $0x3320646e3320646e
+DATA consts<>+0x68(SB)/8, $0x3320646e3320646e
+DATA consts<>+0x70(SB)/8, $0x79622d3279622d32
+DATA consts<>+0x78(SB)/8, $0x79622d3279622d32
+DATA consts<>+0x80(SB)/8, $0x6b2065746b206574
+DATA consts<>+0x88(SB)/8, $0x6b2065746b206574
+DATA consts<>+0x90(SB)/8, $0x0000000100000000
+DATA consts<>+0x98(SB)/8, $0x0000000300000002
+GLOBL consts<>(SB), RODATA, $0xa0
 
 //func chaCha20_ctr32_vsx(out, inp *byte, len int, key *[8]uint32, counter *uint32)
 TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
@@ -113,9 +70,6 @@ TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
 	MOVD $48, R10
 	MOVD $64, R11
 	SRD $6, LEN, BLOCKS
-	// for VPERMXOR
-	MOVD $consts<>+0xa0(SB), MASK
-	MOVD $16, R20
 	// V16
 	LXVW4X (CONSTBASE)(R0), VS48
 	ADD $80,CONSTBASE
@@ -130,15 +84,9 @@ TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
 	// Clear V27
 	VXOR V27, V27, V27
 
-	BE_XXBRW_INIT()
-
 	// V28
 	LXVW4X (CONSTBASE)(R11), VS60
 
-	// Load mask constants for VPERMXOR
-	LXVW4X (MASK)(R0), V20
-	LXVW4X (MASK)(R20), V21
-
 	// splat slot from V19 -> V26
 	VSPLTW $0, V19, V26
 
@@ -149,7 +97,7 @@ TEXT ·chaCha20_ctr32_vsx(SB),NOSPLIT,$64-40
 
 	MOVD $10, R14
 	MOVD R14, CTR
-	PCALIGN $16
+
 loop_outer_vsx:
 	// V0, V1, V2, V3
 	LXVW4X (R0)(CONSTBASE), VS32
@@ -180,17 +128,22 @@ loop_outer_vsx:
 	VSPLTISW $12, V28
 	VSPLTISW $8, V29
 	VSPLTISW $7, V30
-	PCALIGN $16
+
 loop_vsx:
 	VADDUWM V0, V4, V0
 	VADDUWM V1, V5, V1
 	VADDUWM V2, V6, V2
 	VADDUWM V3, V7, V3
 
-	VPERMXOR V12, V0, V21, V12
-	VPERMXOR V13, V1, V21, V13
-	VPERMXOR V14, V2, V21, V14
-	VPERMXOR V15, V3, V21, V15
+	VXOR V12, V0, V12
+	VXOR V13, V1, V13
+	VXOR V14, V2, V14
+	VXOR V15, V3, V15
+
+	VRLW V12, V27, V12
+	VRLW V13, V27, V13
+	VRLW V14, V27, V14
+	VRLW V15, V27, V15
 
 	VADDUWM V8, V12, V8
 	VADDUWM V9, V13, V9
@@ -212,10 +165,15 @@ loop_vsx:
 	VADDUWM V2, V6, V2
 	VADDUWM V3, V7, V3
 
-	VPERMXOR V12, V0, V20, V12
-	VPERMXOR V13, V1, V20, V13
-	VPERMXOR V14, V2, V20, V14
-	VPERMXOR V15, V3, V20, V15
+	VXOR V12, V0, V12
+	VXOR V13, V1, V13
+	VXOR V14, V2, V14
+	VXOR V15, V3, V15
+
+	VRLW V12, V29, V12
+	VRLW V13, V29, V13
+	VRLW V14, V29, V14
+	VRLW V15, V29, V15
 
 	VADDUWM V8, V12, V8
 	VADDUWM V9, V13, V9
@@ -237,10 +195,15 @@ loop_vsx:
 	VADDUWM V2, V7, V2
 	VADDUWM V3, V4, V3
 
-	VPERMXOR V15, V0, V21, V15
-	VPERMXOR V12, V1, V21, V12
-	VPERMXOR V13, V2, V21, V13
-	VPERMXOR V14, V3, V21, V14
+	VXOR V15, V0, V15
+	VXOR V12, V1, V12
+	VXOR V13, V2, V13
+	VXOR V14, V3, V14
+
+	VRLW V15, V27, V15
+	VRLW V12, V27, V12
+	VRLW V13, V27, V13
+	VRLW V14, V27, V14
 
 	VADDUWM V10, V15, V10
 	VADDUWM V11, V12, V11
@@ -262,10 +225,15 @@ loop_vsx:
 	VADDUWM V2, V7, V2
 	VADDUWM V3, V4, V3
 
-	VPERMXOR V15, V0, V20, V15
-	VPERMXOR V12, V1, V20, V12
-	VPERMXOR V13, V2, V20, V13
-	VPERMXOR V14, V3, V20, V14
+	VXOR V15, V0, V15
+	VXOR V12, V1, V12
+	VXOR V13, V2, V13
+	VXOR V14, V3, V14
+
+	VRLW V15, V29, V15
+	VRLW V12, V29, V12
+	VRLW V13, V29, V13
+	VRLW V14, V29, V14
 
 	VADDUWM V10, V15, V10
 	VADDUWM V11, V12, V11
@@ -281,48 +249,48 @@ loop_vsx:
 	VRLW V6, V30, V6
 	VRLW V7, V30, V7
 	VRLW V4, V30, V4
-	BDNZ   loop_vsx
+	BC   16, LT, loop_vsx
 
 	VADDUWM V12, V26, V12
 
-	VMRGEW V0, V1, V27
-	VMRGEW V2, V3, V28
+	WORD $0x13600F8C		// VMRGEW V0, V1, V27
+	WORD $0x13821F8C		// VMRGEW V2, V3, V28
 
-	VMRGOW V0, V1, V0
-	VMRGOW V2, V3, V2
+	WORD $0x10000E8C		// VMRGOW V0, V1, V0
+	WORD $0x10421E8C		// VMRGOW V2, V3, V2
 
-	VMRGEW V4, V5, V29
-	VMRGEW V6, V7, V30
+	WORD $0x13A42F8C		// VMRGEW V4, V5, V29
+	WORD $0x13C63F8C		// VMRGEW V6, V7, V30
 
 	XXPERMDI VS32, VS34, $0, VS33
 	XXPERMDI VS32, VS34, $3, VS35
 	XXPERMDI VS59, VS60, $0, VS32
 	XXPERMDI VS59, VS60, $3, VS34
 
-	VMRGOW V4, V5, V4
-	VMRGOW V6, V7, V6
+	WORD $0x10842E8C		// VMRGOW V4, V5, V4
+	WORD $0x10C63E8C		// VMRGOW V6, V7, V6
 
-	VMRGEW V8, V9, V27
-	VMRGEW V10, V11, V28
+	WORD $0x13684F8C		// VMRGEW V8, V9, V27
+	WORD $0x138A5F8C		// VMRGEW V10, V11, V28
 
 	XXPERMDI VS36, VS38, $0, VS37
 	XXPERMDI VS36, VS38, $3, VS39
 	XXPERMDI VS61, VS62, $0, VS36
 	XXPERMDI VS61, VS62, $3, VS38
 
-	VMRGOW V8, V9, V8
-	VMRGOW V10, V11, V10
+	WORD $0x11084E8C		// VMRGOW V8, V9, V8
+	WORD $0x114A5E8C		// VMRGOW V10, V11, V10
 
-	VMRGEW V12, V13, V29
-	VMRGEW V14, V15, V30
+	WORD $0x13AC6F8C		// VMRGEW V12, V13, V29
+	WORD $0x13CE7F8C		// VMRGEW V14, V15, V30
 
 	XXPERMDI VS40, VS42, $0, VS41
 	XXPERMDI VS40, VS42, $3, VS43
 	XXPERMDI VS59, VS60, $0, VS40
 	XXPERMDI VS59, VS60, $3, VS42
 
-	VMRGOW V12, V13, V12
-	VMRGOW V14, V15, V14
+	WORD $0x118C6E8C		// VMRGOW V12, V13, V12
+	WORD $0x11CE7E8C		// VMRGOW V14, V15, V14
 
 	VSPLTISW $4, V27
 	VADDUWM V26, V27, V26
@@ -337,11 +305,6 @@ loop_vsx:
 	VADDUWM V8, V18, V8
 	VADDUWM V12, V19, V12
 
-	BE_XXBRW(V0)
-	BE_XXBRW(V4)
-	BE_XXBRW(V8)
-	BE_XXBRW(V12)
-
 	CMPU LEN, $64
 	BLT tail_vsx
 
@@ -370,11 +333,6 @@ loop_vsx:
 	VADDUWM V9, V18, V8
 	VADDUWM V13, V19, V12
 
-	BE_XXBRW(V0)
-	BE_XXBRW(V4)
-	BE_XXBRW(V8)
-	BE_XXBRW(V12)
-
 	CMPU  LEN, $64
 	BLT   tail_vsx
 
@@ -382,8 +340,8 @@ loop_vsx:
 	LXVW4X (INP)(R8), VS60
 	LXVW4X (INP)(R9), VS61
 	LXVW4X (INP)(R10), VS62
+	VXOR   V27, V0, V27
 
-	VXOR V27, V0, V27
 	VXOR V28, V4, V28
 	VXOR V29, V8, V29
 	VXOR V30, V12, V30
@@ -402,11 +360,6 @@ loop_vsx:
 	VADDUWM V10, V18, V8
 	VADDUWM V14, V19, V12
 
-	BE_XXBRW(V0)
-	BE_XXBRW(V4)
-	BE_XXBRW(V8)
-	BE_XXBRW(V12)
-
 	CMPU LEN, $64
 	BLT  tail_vsx
 
@@ -434,11 +387,6 @@ loop_vsx:
 	VADDUWM V11, V18, V8
 	VADDUWM V15, V19, V12
 
-	BE_XXBRW(V0)
-	BE_XXBRW(V4)
-	BE_XXBRW(V8)
-	BE_XXBRW(V12)
-
 	CMPU  LEN, $64
 	BLT   tail_vsx
 
@@ -466,9 +414,9 @@ loop_vsx:
 
 done_vsx:
 	// Increment counter by number of 64 byte blocks
-	MOVWZ (CNT), R14
+	MOVD (CNT), R14
 	ADD  BLOCKS, R14
-	MOVWZ R14, (CNT)
+	MOVD R14, (CNT)
 	RET
 
 tail_vsx:
@@ -483,7 +431,7 @@ tail_vsx:
 	ADD $-1, R11, R12
 	ADD $-1, INP
 	ADD $-1, OUT
-	PCALIGN $16
+
 looptail_vsx:
 	// Copying the result to OUT
 	// in bytes.
@@ -491,7 +439,7 @@ looptail_vsx:
 	MOVBZU 1(INP), TMP
 	XOR    KEY, TMP, KEY
 	MOVBU  KEY, 1(OUT)
-	BDNZ   looptail_vsx
+	BC     16, LT, looptail_vsx
 
 	// Clear the stack values
 	STXVW4X VS48, (R11)(R0)
diff --git a/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go b/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
index 90ef6a241..cda8e3edf 100644
--- a/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
+++ b/vendor/golang.org/x/crypto/cryptobyte/asn1/asn1.go
@@ -4,7 +4,7 @@
 
 // Package asn1 contains supporting types for parsing and building ASN.1
 // messages with the cryptobyte package.
-package asn1
+package asn1 // import "golang.org/x/crypto/cryptobyte/asn1"
 
 // Tag represents an ASN.1 identifier octet, consisting of a tag number
 // (indicating a type) and class (such as context-specific or constructed).
diff --git a/vendor/golang.org/x/crypto/cryptobyte/string.go b/vendor/golang.org/x/crypto/cryptobyte/string.go
index 4b0f8097f..10692a8a3 100644
--- a/vendor/golang.org/x/crypto/cryptobyte/string.go
+++ b/vendor/golang.org/x/crypto/cryptobyte/string.go
@@ -15,7 +15,7 @@
 //
 // See the documentation and examples for the Builder and String types to get
 // started.
-package cryptobyte
+package cryptobyte // import "golang.org/x/crypto/cryptobyte"
 
 // String represents a string of bytes. It provides methods for parsing
 // fixed-length and length-prefixed values from it.
diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519.go b/vendor/golang.org/x/crypto/curve25519/curve25519.go
index 21ca3b2ee..00f963ea2 100644
--- a/vendor/golang.org/x/crypto/curve25519/curve25519.go
+++ b/vendor/golang.org/x/crypto/curve25519/curve25519.go
@@ -6,11 +6,9 @@
 // performs scalar multiplication on the elliptic curve known as Curve25519.
 // See RFC 7748.
 //
-// This package is a wrapper for the X25519 implementation
+// Starting in Go 1.20, this package is a wrapper for the X25519 implementation
 // in the crypto/ecdh package.
-package curve25519
-
-import "crypto/ecdh"
+package curve25519 // import "golang.org/x/crypto/curve25519"
 
 // ScalarMult sets dst to the product scalar * point.
 //
@@ -18,13 +16,7 @@ import "crypto/ecdh"
 // zeroes, irrespective of the scalar. Instead, use the X25519 function, which
 // will return an error.
 func ScalarMult(dst, scalar, point *[32]byte) {
-	if _, err := x25519(dst, scalar[:], point[:]); err != nil {
-		// The only error condition for x25519 when the inputs are 32 bytes long
-		// is if the output would have been the all-zero value.
-		for i := range dst {
-			dst[i] = 0
-		}
-	}
+	scalarMult(dst, scalar, point)
 }
 
 // ScalarBaseMult sets dst to the product scalar * base where base is the
@@ -33,12 +25,7 @@ func ScalarMult(dst, scalar, point *[32]byte) {
 // It is recommended to use the X25519 function with Basepoint instead, as
 // copying into fixed size arrays can lead to unexpected bugs.
 func ScalarBaseMult(dst, scalar *[32]byte) {
-	curve := ecdh.X25519()
-	priv, err := curve.NewPrivateKey(scalar[:])
-	if err != nil {
-		panic("curve25519: internal error: scalarBaseMult was not 32 bytes")
-	}
-	copy(dst[:], priv.PublicKey().Bytes())
+	scalarBaseMult(dst, scalar)
 }
 
 const (
@@ -70,21 +57,3 @@ func X25519(scalar, point []byte) ([]byte, error) {
 	var dst [32]byte
 	return x25519(&dst, scalar, point)
 }
-
-func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
-	curve := ecdh.X25519()
-	pub, err := curve.NewPublicKey(point)
-	if err != nil {
-		return nil, err
-	}
-	priv, err := curve.NewPrivateKey(scalar)
-	if err != nil {
-		return nil, err
-	}
-	out, err := priv.ECDH(pub)
-	if err != nil {
-		return nil, err
-	}
-	copy(dst[:], out)
-	return dst[:], nil
-}
diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519_compat.go b/vendor/golang.org/x/crypto/curve25519/curve25519_compat.go
new file mode 100644
index 000000000..ba647e8d7
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/curve25519_compat.go
@@ -0,0 +1,105 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !go1.20
+
+package curve25519
+
+import (
+	"crypto/subtle"
+	"errors"
+	"strconv"
+
+	"golang.org/x/crypto/curve25519/internal/field"
+)
+
+func scalarMult(dst, scalar, point *[32]byte) {
+	var e [32]byte
+
+	copy(e[:], scalar[:])
+	e[0] &= 248
+	e[31] &= 127
+	e[31] |= 64
+
+	var x1, x2, z2, x3, z3, tmp0, tmp1 field.Element
+	x1.SetBytes(point[:])
+	x2.One()
+	x3.Set(&x1)
+	z3.One()
+
+	swap := 0
+	for pos := 254; pos >= 0; pos-- {
+		b := e[pos/8] >> uint(pos&7)
+		b &= 1
+		swap ^= int(b)
+		x2.Swap(&x3, swap)
+		z2.Swap(&z3, swap)
+		swap = int(b)
+
+		tmp0.Subtract(&x3, &z3)
+		tmp1.Subtract(&x2, &z2)
+		x2.Add(&x2, &z2)
+		z2.Add(&x3, &z3)
+		z3.Multiply(&tmp0, &x2)
+		z2.Multiply(&z2, &tmp1)
+		tmp0.Square(&tmp1)
+		tmp1.Square(&x2)
+		x3.Add(&z3, &z2)
+		z2.Subtract(&z3, &z2)
+		x2.Multiply(&tmp1, &tmp0)
+		tmp1.Subtract(&tmp1, &tmp0)
+		z2.Square(&z2)
+
+		z3.Mult32(&tmp1, 121666)
+		x3.Square(&x3)
+		tmp0.Add(&tmp0, &z3)
+		z3.Multiply(&x1, &z2)
+		z2.Multiply(&tmp1, &tmp0)
+	}
+
+	x2.Swap(&x3, swap)
+	z2.Swap(&z3, swap)
+
+	z2.Invert(&z2)
+	x2.Multiply(&x2, &z2)
+	copy(dst[:], x2.Bytes())
+}
+
+func scalarBaseMult(dst, scalar *[32]byte) {
+	checkBasepoint()
+	scalarMult(dst, scalar, &basePoint)
+}
+
+func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
+	var in [32]byte
+	if l := len(scalar); l != 32 {
+		return nil, errors.New("bad scalar length: " + strconv.Itoa(l) + ", expected 32")
+	}
+	if l := len(point); l != 32 {
+		return nil, errors.New("bad point length: " + strconv.Itoa(l) + ", expected 32")
+	}
+	copy(in[:], scalar)
+	if &point[0] == &Basepoint[0] {
+		scalarBaseMult(dst, &in)
+	} else {
+		var base, zero [32]byte
+		copy(base[:], point)
+		scalarMult(dst, &in, &base)
+		if subtle.ConstantTimeCompare(dst[:], zero[:]) == 1 {
+			return nil, errors.New("bad input point: low order point")
+		}
+	}
+	return dst[:], nil
+}
+
+func checkBasepoint() {
+	if subtle.ConstantTimeCompare(Basepoint, []byte{
+		0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+		0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+	}) != 1 {
+		panic("curve25519: global Basepoint value was modified")
+	}
+}
diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519_go120.go b/vendor/golang.org/x/crypto/curve25519/curve25519_go120.go
new file mode 100644
index 000000000..627df4972
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/curve25519_go120.go
@@ -0,0 +1,46 @@
+// Copyright 2022 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build go1.20
+
+package curve25519
+
+import "crypto/ecdh"
+
+func x25519(dst *[32]byte, scalar, point []byte) ([]byte, error) {
+	curve := ecdh.X25519()
+	pub, err := curve.NewPublicKey(point)
+	if err != nil {
+		return nil, err
+	}
+	priv, err := curve.NewPrivateKey(scalar)
+	if err != nil {
+		return nil, err
+	}
+	out, err := priv.ECDH(pub)
+	if err != nil {
+		return nil, err
+	}
+	copy(dst[:], out)
+	return dst[:], nil
+}
+
+func scalarMult(dst, scalar, point *[32]byte) {
+	if _, err := x25519(dst, scalar[:], point[:]); err != nil {
+		// The only error condition for x25519 when the inputs are 32 bytes long
+		// is if the output would have been the all-zero value.
+		for i := range dst {
+			dst[i] = 0
+		}
+	}
+}
+
+func scalarBaseMult(dst, scalar *[32]byte) {
+	curve := ecdh.X25519()
+	priv, err := curve.NewPrivateKey(scalar[:])
+	if err != nil {
+		panic("curve25519: internal error: scalarBaseMult was not 32 bytes")
+	}
+	copy(dst[:], priv.PublicKey().Bytes())
+}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/README b/vendor/golang.org/x/crypto/curve25519/internal/field/README
new file mode 100644
index 000000000..e25bca7dc
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/README
@@ -0,0 +1,7 @@
+This package is kept in sync with crypto/ed25519/internal/edwards25519/field in
+the standard library.
+
+If there are any changes in the standard library that need to be synced to this
+package, run sync.sh. It will not overwrite any local changes made since the
+previous sync, so it's ok to land changes in this package first, and then sync
+to the standard library later.
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe.go
new file mode 100644
index 000000000..ca841ad99
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe.go
@@ -0,0 +1,416 @@
+// Copyright (c) 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package field implements fast arithmetic modulo 2^255-19.
+package field
+
+import (
+	"crypto/subtle"
+	"encoding/binary"
+	"math/bits"
+)
+
+// Element represents an element of the field GF(2^255-19). Note that this
+// is not a cryptographically secure group, and should only be used to interact
+// with edwards25519.Point coordinates.
+//
+// This type works similarly to math/big.Int, and all arguments and receivers
+// are allowed to alias.
+//
+// The zero value is a valid zero element.
+type Element struct {
+	// An element t represents the integer
+	//     t.l0 + t.l1*2^51 + t.l2*2^102 + t.l3*2^153 + t.l4*2^204
+	//
+	// Between operations, all limbs are expected to be lower than 2^52.
+	l0 uint64
+	l1 uint64
+	l2 uint64
+	l3 uint64
+	l4 uint64
+}
+
+const maskLow51Bits uint64 = (1 << 51) - 1
+
+var feZero = &Element{0, 0, 0, 0, 0}
+
+// Zero sets v = 0, and returns v.
+func (v *Element) Zero() *Element {
+	*v = *feZero
+	return v
+}
+
+var feOne = &Element{1, 0, 0, 0, 0}
+
+// One sets v = 1, and returns v.
+func (v *Element) One() *Element {
+	*v = *feOne
+	return v
+}
+
+// reduce reduces v modulo 2^255 - 19 and returns it.
+func (v *Element) reduce() *Element {
+	v.carryPropagate()
+
+	// After the light reduction we now have a field element representation
+	// v < 2^255 + 2^13 * 19, but need v < 2^255 - 19.
+
+	// If v >= 2^255 - 19, then v + 19 >= 2^255, which would overflow 2^255 - 1,
+	// generating a carry. That is, c will be 0 if v < 2^255 - 19, and 1 otherwise.
+	c := (v.l0 + 19) >> 51
+	c = (v.l1 + c) >> 51
+	c = (v.l2 + c) >> 51
+	c = (v.l3 + c) >> 51
+	c = (v.l4 + c) >> 51
+
+	// If v < 2^255 - 19 and c = 0, this will be a no-op. Otherwise, it's
+	// effectively applying the reduction identity to the carry.
+	v.l0 += 19 * c
+
+	v.l1 += v.l0 >> 51
+	v.l0 = v.l0 & maskLow51Bits
+	v.l2 += v.l1 >> 51
+	v.l1 = v.l1 & maskLow51Bits
+	v.l3 += v.l2 >> 51
+	v.l2 = v.l2 & maskLow51Bits
+	v.l4 += v.l3 >> 51
+	v.l3 = v.l3 & maskLow51Bits
+	// no additional carry
+	v.l4 = v.l4 & maskLow51Bits
+
+	return v
+}
+
+// Add sets v = a + b, and returns v.
+func (v *Element) Add(a, b *Element) *Element {
+	v.l0 = a.l0 + b.l0
+	v.l1 = a.l1 + b.l1
+	v.l2 = a.l2 + b.l2
+	v.l3 = a.l3 + b.l3
+	v.l4 = a.l4 + b.l4
+	// Using the generic implementation here is actually faster than the
+	// assembly. Probably because the body of this function is so simple that
+	// the compiler can figure out better optimizations by inlining the carry
+	// propagation. TODO
+	return v.carryPropagateGeneric()
+}
+
+// Subtract sets v = a - b, and returns v.
+func (v *Element) Subtract(a, b *Element) *Element {
+	// We first add 2 * p, to guarantee the subtraction won't underflow, and
+	// then subtract b (which can be up to 2^255 + 2^13 * 19).
+	v.l0 = (a.l0 + 0xFFFFFFFFFFFDA) - b.l0
+	v.l1 = (a.l1 + 0xFFFFFFFFFFFFE) - b.l1
+	v.l2 = (a.l2 + 0xFFFFFFFFFFFFE) - b.l2
+	v.l3 = (a.l3 + 0xFFFFFFFFFFFFE) - b.l3
+	v.l4 = (a.l4 + 0xFFFFFFFFFFFFE) - b.l4
+	return v.carryPropagate()
+}
+
+// Negate sets v = -a, and returns v.
+func (v *Element) Negate(a *Element) *Element {
+	return v.Subtract(feZero, a)
+}
+
+// Invert sets v = 1/z mod p, and returns v.
+//
+// If z == 0, Invert returns v = 0.
+func (v *Element) Invert(z *Element) *Element {
+	// Inversion is implemented as exponentiation with exponent p − 2. It uses the
+	// same sequence of 255 squarings and 11 multiplications as [Curve25519].
+	var z2, z9, z11, z2_5_0, z2_10_0, z2_20_0, z2_50_0, z2_100_0, t Element
+
+	z2.Square(z)             // 2
+	t.Square(&z2)            // 4
+	t.Square(&t)             // 8
+	z9.Multiply(&t, z)       // 9
+	z11.Multiply(&z9, &z2)   // 11
+	t.Square(&z11)           // 22
+	z2_5_0.Multiply(&t, &z9) // 31 = 2^5 - 2^0
+
+	t.Square(&z2_5_0) // 2^6 - 2^1
+	for i := 0; i < 4; i++ {
+		t.Square(&t) // 2^10 - 2^5
+	}
+	z2_10_0.Multiply(&t, &z2_5_0) // 2^10 - 2^0
+
+	t.Square(&z2_10_0) // 2^11 - 2^1
+	for i := 0; i < 9; i++ {
+		t.Square(&t) // 2^20 - 2^10
+	}
+	z2_20_0.Multiply(&t, &z2_10_0) // 2^20 - 2^0
+
+	t.Square(&z2_20_0) // 2^21 - 2^1
+	for i := 0; i < 19; i++ {
+		t.Square(&t) // 2^40 - 2^20
+	}
+	t.Multiply(&t, &z2_20_0) // 2^40 - 2^0
+
+	t.Square(&t) // 2^41 - 2^1
+	for i := 0; i < 9; i++ {
+		t.Square(&t) // 2^50 - 2^10
+	}
+	z2_50_0.Multiply(&t, &z2_10_0) // 2^50 - 2^0
+
+	t.Square(&z2_50_0) // 2^51 - 2^1
+	for i := 0; i < 49; i++ {
+		t.Square(&t) // 2^100 - 2^50
+	}
+	z2_100_0.Multiply(&t, &z2_50_0) // 2^100 - 2^0
+
+	t.Square(&z2_100_0) // 2^101 - 2^1
+	for i := 0; i < 99; i++ {
+		t.Square(&t) // 2^200 - 2^100
+	}
+	t.Multiply(&t, &z2_100_0) // 2^200 - 2^0
+
+	t.Square(&t) // 2^201 - 2^1
+	for i := 0; i < 49; i++ {
+		t.Square(&t) // 2^250 - 2^50
+	}
+	t.Multiply(&t, &z2_50_0) // 2^250 - 2^0
+
+	t.Square(&t) // 2^251 - 2^1
+	t.Square(&t) // 2^252 - 2^2
+	t.Square(&t) // 2^253 - 2^3
+	t.Square(&t) // 2^254 - 2^4
+	t.Square(&t) // 2^255 - 2^5
+
+	return v.Multiply(&t, &z11) // 2^255 - 21
+}
+
+// Set sets v = a, and returns v.
+func (v *Element) Set(a *Element) *Element {
+	*v = *a
+	return v
+}
+
+// SetBytes sets v to x, which must be a 32-byte little-endian encoding.
+//
+// Consistent with RFC 7748, the most significant bit (the high bit of the
+// last byte) is ignored, and non-canonical values (2^255-19 through 2^255-1)
+// are accepted. Note that this is laxer than specified by RFC 8032.
+func (v *Element) SetBytes(x []byte) *Element {
+	if len(x) != 32 {
+		panic("edwards25519: invalid field element input size")
+	}
+
+	// Bits 0:51 (bytes 0:8, bits 0:64, shift 0, mask 51).
+	v.l0 = binary.LittleEndian.Uint64(x[0:8])
+	v.l0 &= maskLow51Bits
+	// Bits 51:102 (bytes 6:14, bits 48:112, shift 3, mask 51).
+	v.l1 = binary.LittleEndian.Uint64(x[6:14]) >> 3
+	v.l1 &= maskLow51Bits
+	// Bits 102:153 (bytes 12:20, bits 96:160, shift 6, mask 51).
+	v.l2 = binary.LittleEndian.Uint64(x[12:20]) >> 6
+	v.l2 &= maskLow51Bits
+	// Bits 153:204 (bytes 19:27, bits 152:216, shift 1, mask 51).
+	v.l3 = binary.LittleEndian.Uint64(x[19:27]) >> 1
+	v.l3 &= maskLow51Bits
+	// Bits 204:251 (bytes 24:32, bits 192:256, shift 12, mask 51).
+	// Note: not bytes 25:33, shift 4, to avoid overread.
+	v.l4 = binary.LittleEndian.Uint64(x[24:32]) >> 12
+	v.l4 &= maskLow51Bits
+
+	return v
+}
+
+// Bytes returns the canonical 32-byte little-endian encoding of v.
+func (v *Element) Bytes() []byte {
+	// This function is outlined to make the allocations inline in the caller
+	// rather than happen on the heap.
+	var out [32]byte
+	return v.bytes(&out)
+}
+
+func (v *Element) bytes(out *[32]byte) []byte {
+	t := *v
+	t.reduce()
+
+	var buf [8]byte
+	for i, l := range [5]uint64{t.l0, t.l1, t.l2, t.l3, t.l4} {
+		bitsOffset := i * 51
+		binary.LittleEndian.PutUint64(buf[:], l<= len(out) {
+				break
+			}
+			out[off] |= bb
+		}
+	}
+
+	return out[:]
+}
+
+// Equal returns 1 if v and u are equal, and 0 otherwise.
+func (v *Element) Equal(u *Element) int {
+	sa, sv := u.Bytes(), v.Bytes()
+	return subtle.ConstantTimeCompare(sa, sv)
+}
+
+// mask64Bits returns 0xffffffff if cond is 1, and 0 otherwise.
+func mask64Bits(cond int) uint64 { return ^(uint64(cond) - 1) }
+
+// Select sets v to a if cond == 1, and to b if cond == 0.
+func (v *Element) Select(a, b *Element, cond int) *Element {
+	m := mask64Bits(cond)
+	v.l0 = (m & a.l0) | (^m & b.l0)
+	v.l1 = (m & a.l1) | (^m & b.l1)
+	v.l2 = (m & a.l2) | (^m & b.l2)
+	v.l3 = (m & a.l3) | (^m & b.l3)
+	v.l4 = (m & a.l4) | (^m & b.l4)
+	return v
+}
+
+// Swap swaps v and u if cond == 1 or leaves them unchanged if cond == 0, and returns v.
+func (v *Element) Swap(u *Element, cond int) {
+	m := mask64Bits(cond)
+	t := m & (v.l0 ^ u.l0)
+	v.l0 ^= t
+	u.l0 ^= t
+	t = m & (v.l1 ^ u.l1)
+	v.l1 ^= t
+	u.l1 ^= t
+	t = m & (v.l2 ^ u.l2)
+	v.l2 ^= t
+	u.l2 ^= t
+	t = m & (v.l3 ^ u.l3)
+	v.l3 ^= t
+	u.l3 ^= t
+	t = m & (v.l4 ^ u.l4)
+	v.l4 ^= t
+	u.l4 ^= t
+}
+
+// IsNegative returns 1 if v is negative, and 0 otherwise.
+func (v *Element) IsNegative() int {
+	return int(v.Bytes()[0] & 1)
+}
+
+// Absolute sets v to |u|, and returns v.
+func (v *Element) Absolute(u *Element) *Element {
+	return v.Select(new(Element).Negate(u), u, u.IsNegative())
+}
+
+// Multiply sets v = x * y, and returns v.
+func (v *Element) Multiply(x, y *Element) *Element {
+	feMul(v, x, y)
+	return v
+}
+
+// Square sets v = x * x, and returns v.
+func (v *Element) Square(x *Element) *Element {
+	feSquare(v, x)
+	return v
+}
+
+// Mult32 sets v = x * y, and returns v.
+func (v *Element) Mult32(x *Element, y uint32) *Element {
+	x0lo, x0hi := mul51(x.l0, y)
+	x1lo, x1hi := mul51(x.l1, y)
+	x2lo, x2hi := mul51(x.l2, y)
+	x3lo, x3hi := mul51(x.l3, y)
+	x4lo, x4hi := mul51(x.l4, y)
+	v.l0 = x0lo + 19*x4hi // carried over per the reduction identity
+	v.l1 = x1lo + x0hi
+	v.l2 = x2lo + x1hi
+	v.l3 = x3lo + x2hi
+	v.l4 = x4lo + x3hi
+	// The hi portions are going to be only 32 bits, plus any previous excess,
+	// so we can skip the carry propagation.
+	return v
+}
+
+// mul51 returns lo + hi * 2⁵¹ = a * b.
+func mul51(a uint64, b uint32) (lo uint64, hi uint64) {
+	mh, ml := bits.Mul64(a, uint64(b))
+	lo = ml & maskLow51Bits
+	hi = (mh << 13) | (ml >> 51)
+	return
+}
+
+// Pow22523 set v = x^((p-5)/8), and returns v. (p-5)/8 is 2^252-3.
+func (v *Element) Pow22523(x *Element) *Element {
+	var t0, t1, t2 Element
+
+	t0.Square(x)             // x^2
+	t1.Square(&t0)           // x^4
+	t1.Square(&t1)           // x^8
+	t1.Multiply(x, &t1)      // x^9
+	t0.Multiply(&t0, &t1)    // x^11
+	t0.Square(&t0)           // x^22
+	t0.Multiply(&t1, &t0)    // x^31
+	t1.Square(&t0)           // x^62
+	for i := 1; i < 5; i++ { // x^992
+		t1.Square(&t1)
+	}
+	t0.Multiply(&t1, &t0)     // x^1023 -> 1023 = 2^10 - 1
+	t1.Square(&t0)            // 2^11 - 2
+	for i := 1; i < 10; i++ { // 2^20 - 2^10
+		t1.Square(&t1)
+	}
+	t1.Multiply(&t1, &t0)     // 2^20 - 1
+	t2.Square(&t1)            // 2^21 - 2
+	for i := 1; i < 20; i++ { // 2^40 - 2^20
+		t2.Square(&t2)
+	}
+	t1.Multiply(&t2, &t1)     // 2^40 - 1
+	t1.Square(&t1)            // 2^41 - 2
+	for i := 1; i < 10; i++ { // 2^50 - 2^10
+		t1.Square(&t1)
+	}
+	t0.Multiply(&t1, &t0)     // 2^50 - 1
+	t1.Square(&t0)            // 2^51 - 2
+	for i := 1; i < 50; i++ { // 2^100 - 2^50
+		t1.Square(&t1)
+	}
+	t1.Multiply(&t1, &t0)      // 2^100 - 1
+	t2.Square(&t1)             // 2^101 - 2
+	for i := 1; i < 100; i++ { // 2^200 - 2^100
+		t2.Square(&t2)
+	}
+	t1.Multiply(&t2, &t1)     // 2^200 - 1
+	t1.Square(&t1)            // 2^201 - 2
+	for i := 1; i < 50; i++ { // 2^250 - 2^50
+		t1.Square(&t1)
+	}
+	t0.Multiply(&t1, &t0)     // 2^250 - 1
+	t0.Square(&t0)            // 2^251 - 2
+	t0.Square(&t0)            // 2^252 - 4
+	return v.Multiply(&t0, x) // 2^252 - 3 -> x^(2^252-3)
+}
+
+// sqrtM1 is 2^((p-1)/4), which squared is equal to -1 by Euler's Criterion.
+var sqrtM1 = &Element{1718705420411056, 234908883556509,
+	2233514472574048, 2117202627021982, 765476049583133}
+
+// SqrtRatio sets r to the non-negative square root of the ratio of u and v.
+//
+// If u/v is square, SqrtRatio returns r and 1. If u/v is not square, SqrtRatio
+// sets r according to Section 4.3 of draft-irtf-cfrg-ristretto255-decaf448-00,
+// and returns r and 0.
+func (r *Element) SqrtRatio(u, v *Element) (rr *Element, wasSquare int) {
+	var a, b Element
+
+	// r = (u * v3) * (u * v7)^((p-5)/8)
+	v2 := a.Square(v)
+	uv3 := b.Multiply(u, b.Multiply(v2, v))
+	uv7 := a.Multiply(uv3, a.Square(v2))
+	r.Multiply(uv3, r.Pow22523(uv7))
+
+	check := a.Multiply(v, a.Square(r)) // check = v * r^2
+
+	uNeg := b.Negate(u)
+	correctSignSqrt := check.Equal(u)
+	flippedSignSqrt := check.Equal(uNeg)
+	flippedSignSqrtI := check.Equal(uNeg.Multiply(uNeg, sqrtM1))
+
+	rPrime := b.Multiply(r, sqrtM1) // r_prime = SQRT_M1 * r
+	// r = CT_SELECT(r_prime IF flipped_sign_sqrt | flipped_sign_sqrt_i ELSE r)
+	r.Select(rPrime, r, flippedSignSqrt|flippedSignSqrtI)
+
+	r.Absolute(r) // Choose the nonnegative square root.
+	return r, correctSignSqrt | flippedSignSqrt
+}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go
new file mode 100644
index 000000000..70c541692
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.go
@@ -0,0 +1,15 @@
+// Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
+
+//go:build amd64 && gc && !purego
+
+package field
+
+// feMul sets out = a * b. It works like feMulGeneric.
+//
+//go:noescape
+func feMul(out *Element, a *Element, b *Element)
+
+// feSquare sets out = a * a. It works like feSquareGeneric.
+//
+//go:noescape
+func feSquare(out *Element, a *Element)
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s
new file mode 100644
index 000000000..60817acc4
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64.s
@@ -0,0 +1,378 @@
+// Code generated by command: go run fe_amd64_asm.go -out ../fe_amd64.s -stubs ../fe_amd64.go -pkg field. DO NOT EDIT.
+
+//go:build amd64 && gc && !purego
+
+#include "textflag.h"
+
+// func feMul(out *Element, a *Element, b *Element)
+TEXT ·feMul(SB), NOSPLIT, $0-24
+	MOVQ a+8(FP), CX
+	MOVQ b+16(FP), BX
+
+	// r0 = a0×b0
+	MOVQ (CX), AX
+	MULQ (BX)
+	MOVQ AX, DI
+	MOVQ DX, SI
+
+	// r0 += 19×a1×b4
+	MOVQ   8(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(BX)
+	ADDQ   AX, DI
+	ADCQ   DX, SI
+
+	// r0 += 19×a2×b3
+	MOVQ   16(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   24(BX)
+	ADDQ   AX, DI
+	ADCQ   DX, SI
+
+	// r0 += 19×a3×b2
+	MOVQ   24(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   16(BX)
+	ADDQ   AX, DI
+	ADCQ   DX, SI
+
+	// r0 += 19×a4×b1
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   8(BX)
+	ADDQ   AX, DI
+	ADCQ   DX, SI
+
+	// r1 = a0×b1
+	MOVQ (CX), AX
+	MULQ 8(BX)
+	MOVQ AX, R9
+	MOVQ DX, R8
+
+	// r1 += a1×b0
+	MOVQ 8(CX), AX
+	MULQ (BX)
+	ADDQ AX, R9
+	ADCQ DX, R8
+
+	// r1 += 19×a2×b4
+	MOVQ   16(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(BX)
+	ADDQ   AX, R9
+	ADCQ   DX, R8
+
+	// r1 += 19×a3×b3
+	MOVQ   24(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   24(BX)
+	ADDQ   AX, R9
+	ADCQ   DX, R8
+
+	// r1 += 19×a4×b2
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   16(BX)
+	ADDQ   AX, R9
+	ADCQ   DX, R8
+
+	// r2 = a0×b2
+	MOVQ (CX), AX
+	MULQ 16(BX)
+	MOVQ AX, R11
+	MOVQ DX, R10
+
+	// r2 += a1×b1
+	MOVQ 8(CX), AX
+	MULQ 8(BX)
+	ADDQ AX, R11
+	ADCQ DX, R10
+
+	// r2 += a2×b0
+	MOVQ 16(CX), AX
+	MULQ (BX)
+	ADDQ AX, R11
+	ADCQ DX, R10
+
+	// r2 += 19×a3×b4
+	MOVQ   24(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(BX)
+	ADDQ   AX, R11
+	ADCQ   DX, R10
+
+	// r2 += 19×a4×b3
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   24(BX)
+	ADDQ   AX, R11
+	ADCQ   DX, R10
+
+	// r3 = a0×b3
+	MOVQ (CX), AX
+	MULQ 24(BX)
+	MOVQ AX, R13
+	MOVQ DX, R12
+
+	// r3 += a1×b2
+	MOVQ 8(CX), AX
+	MULQ 16(BX)
+	ADDQ AX, R13
+	ADCQ DX, R12
+
+	// r3 += a2×b1
+	MOVQ 16(CX), AX
+	MULQ 8(BX)
+	ADDQ AX, R13
+	ADCQ DX, R12
+
+	// r3 += a3×b0
+	MOVQ 24(CX), AX
+	MULQ (BX)
+	ADDQ AX, R13
+	ADCQ DX, R12
+
+	// r3 += 19×a4×b4
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(BX)
+	ADDQ   AX, R13
+	ADCQ   DX, R12
+
+	// r4 = a0×b4
+	MOVQ (CX), AX
+	MULQ 32(BX)
+	MOVQ AX, R15
+	MOVQ DX, R14
+
+	// r4 += a1×b3
+	MOVQ 8(CX), AX
+	MULQ 24(BX)
+	ADDQ AX, R15
+	ADCQ DX, R14
+
+	// r4 += a2×b2
+	MOVQ 16(CX), AX
+	MULQ 16(BX)
+	ADDQ AX, R15
+	ADCQ DX, R14
+
+	// r4 += a3×b1
+	MOVQ 24(CX), AX
+	MULQ 8(BX)
+	ADDQ AX, R15
+	ADCQ DX, R14
+
+	// r4 += a4×b0
+	MOVQ 32(CX), AX
+	MULQ (BX)
+	ADDQ AX, R15
+	ADCQ DX, R14
+
+	// First reduction chain
+	MOVQ   $0x0007ffffffffffff, AX
+	SHLQ   $0x0d, DI, SI
+	SHLQ   $0x0d, R9, R8
+	SHLQ   $0x0d, R11, R10
+	SHLQ   $0x0d, R13, R12
+	SHLQ   $0x0d, R15, R14
+	ANDQ   AX, DI
+	IMUL3Q $0x13, R14, R14
+	ADDQ   R14, DI
+	ANDQ   AX, R9
+	ADDQ   SI, R9
+	ANDQ   AX, R11
+	ADDQ   R8, R11
+	ANDQ   AX, R13
+	ADDQ   R10, R13
+	ANDQ   AX, R15
+	ADDQ   R12, R15
+
+	// Second reduction chain (carryPropagate)
+	MOVQ   DI, SI
+	SHRQ   $0x33, SI
+	MOVQ   R9, R8
+	SHRQ   $0x33, R8
+	MOVQ   R11, R10
+	SHRQ   $0x33, R10
+	MOVQ   R13, R12
+	SHRQ   $0x33, R12
+	MOVQ   R15, R14
+	SHRQ   $0x33, R14
+	ANDQ   AX, DI
+	IMUL3Q $0x13, R14, R14
+	ADDQ   R14, DI
+	ANDQ   AX, R9
+	ADDQ   SI, R9
+	ANDQ   AX, R11
+	ADDQ   R8, R11
+	ANDQ   AX, R13
+	ADDQ   R10, R13
+	ANDQ   AX, R15
+	ADDQ   R12, R15
+
+	// Store output
+	MOVQ out+0(FP), AX
+	MOVQ DI, (AX)
+	MOVQ R9, 8(AX)
+	MOVQ R11, 16(AX)
+	MOVQ R13, 24(AX)
+	MOVQ R15, 32(AX)
+	RET
+
+// func feSquare(out *Element, a *Element)
+TEXT ·feSquare(SB), NOSPLIT, $0-16
+	MOVQ a+8(FP), CX
+
+	// r0 = l0×l0
+	MOVQ (CX), AX
+	MULQ (CX)
+	MOVQ AX, SI
+	MOVQ DX, BX
+
+	// r0 += 38×l1×l4
+	MOVQ   8(CX), AX
+	IMUL3Q $0x26, AX, AX
+	MULQ   32(CX)
+	ADDQ   AX, SI
+	ADCQ   DX, BX
+
+	// r0 += 38×l2×l3
+	MOVQ   16(CX), AX
+	IMUL3Q $0x26, AX, AX
+	MULQ   24(CX)
+	ADDQ   AX, SI
+	ADCQ   DX, BX
+
+	// r1 = 2×l0×l1
+	MOVQ (CX), AX
+	SHLQ $0x01, AX
+	MULQ 8(CX)
+	MOVQ AX, R8
+	MOVQ DX, DI
+
+	// r1 += 38×l2×l4
+	MOVQ   16(CX), AX
+	IMUL3Q $0x26, AX, AX
+	MULQ   32(CX)
+	ADDQ   AX, R8
+	ADCQ   DX, DI
+
+	// r1 += 19×l3×l3
+	MOVQ   24(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   24(CX)
+	ADDQ   AX, R8
+	ADCQ   DX, DI
+
+	// r2 = 2×l0×l2
+	MOVQ (CX), AX
+	SHLQ $0x01, AX
+	MULQ 16(CX)
+	MOVQ AX, R10
+	MOVQ DX, R9
+
+	// r2 += l1×l1
+	MOVQ 8(CX), AX
+	MULQ 8(CX)
+	ADDQ AX, R10
+	ADCQ DX, R9
+
+	// r2 += 38×l3×l4
+	MOVQ   24(CX), AX
+	IMUL3Q $0x26, AX, AX
+	MULQ   32(CX)
+	ADDQ   AX, R10
+	ADCQ   DX, R9
+
+	// r3 = 2×l0×l3
+	MOVQ (CX), AX
+	SHLQ $0x01, AX
+	MULQ 24(CX)
+	MOVQ AX, R12
+	MOVQ DX, R11
+
+	// r3 += 2×l1×l2
+	MOVQ   8(CX), AX
+	IMUL3Q $0x02, AX, AX
+	MULQ   16(CX)
+	ADDQ   AX, R12
+	ADCQ   DX, R11
+
+	// r3 += 19×l4×l4
+	MOVQ   32(CX), AX
+	IMUL3Q $0x13, AX, AX
+	MULQ   32(CX)
+	ADDQ   AX, R12
+	ADCQ   DX, R11
+
+	// r4 = 2×l0×l4
+	MOVQ (CX), AX
+	SHLQ $0x01, AX
+	MULQ 32(CX)
+	MOVQ AX, R14
+	MOVQ DX, R13
+
+	// r4 += 2×l1×l3
+	MOVQ   8(CX), AX
+	IMUL3Q $0x02, AX, AX
+	MULQ   24(CX)
+	ADDQ   AX, R14
+	ADCQ   DX, R13
+
+	// r4 += l2×l2
+	MOVQ 16(CX), AX
+	MULQ 16(CX)
+	ADDQ AX, R14
+	ADCQ DX, R13
+
+	// First reduction chain
+	MOVQ   $0x0007ffffffffffff, AX
+	SHLQ   $0x0d, SI, BX
+	SHLQ   $0x0d, R8, DI
+	SHLQ   $0x0d, R10, R9
+	SHLQ   $0x0d, R12, R11
+	SHLQ   $0x0d, R14, R13
+	ANDQ   AX, SI
+	IMUL3Q $0x13, R13, R13
+	ADDQ   R13, SI
+	ANDQ   AX, R8
+	ADDQ   BX, R8
+	ANDQ   AX, R10
+	ADDQ   DI, R10
+	ANDQ   AX, R12
+	ADDQ   R9, R12
+	ANDQ   AX, R14
+	ADDQ   R11, R14
+
+	// Second reduction chain (carryPropagate)
+	MOVQ   SI, BX
+	SHRQ   $0x33, BX
+	MOVQ   R8, DI
+	SHRQ   $0x33, DI
+	MOVQ   R10, R9
+	SHRQ   $0x33, R9
+	MOVQ   R12, R11
+	SHRQ   $0x33, R11
+	MOVQ   R14, R13
+	SHRQ   $0x33, R13
+	ANDQ   AX, SI
+	IMUL3Q $0x13, R13, R13
+	ADDQ   R13, SI
+	ANDQ   AX, R8
+	ADDQ   BX, R8
+	ANDQ   AX, R10
+	ADDQ   DI, R10
+	ANDQ   AX, R12
+	ADDQ   R9, R12
+	ANDQ   AX, R14
+	ADDQ   R11, R14
+
+	// Store output
+	MOVQ out+0(FP), AX
+	MOVQ SI, (AX)
+	MOVQ R8, 8(AX)
+	MOVQ R10, 16(AX)
+	MOVQ R12, 24(AX)
+	MOVQ R14, 32(AX)
+	RET
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go
new file mode 100644
index 000000000..9da280d1d
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_amd64_noasm.go
@@ -0,0 +1,11 @@
+// Copyright (c) 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !amd64 || !gc || purego
+
+package field
+
+func feMul(v, x, y *Element) { feMulGeneric(v, x, y) }
+
+func feSquare(v, x *Element) { feSquareGeneric(v, x) }
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go
new file mode 100644
index 000000000..075fe9b92
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.go
@@ -0,0 +1,15 @@
+// Copyright (c) 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build arm64 && gc && !purego
+
+package field
+
+//go:noescape
+func carryPropagate(v *Element)
+
+func (v *Element) carryPropagate() *Element {
+	carryPropagate(v)
+	return v
+}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s
new file mode 100644
index 000000000..3126a4341
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64.s
@@ -0,0 +1,42 @@
+// Copyright (c) 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build arm64 && gc && !purego
+
+#include "textflag.h"
+
+// carryPropagate works exactly like carryPropagateGeneric and uses the
+// same AND, ADD, and LSR+MADD instructions emitted by the compiler, but
+// avoids loading R0-R4 twice and uses LDP and STP.
+//
+// See https://golang.org/issues/43145 for the main compiler issue.
+//
+// func carryPropagate(v *Element)
+TEXT ·carryPropagate(SB),NOFRAME|NOSPLIT,$0-8
+	MOVD v+0(FP), R20
+
+	LDP 0(R20), (R0, R1)
+	LDP 16(R20), (R2, R3)
+	MOVD 32(R20), R4
+
+	AND $0x7ffffffffffff, R0, R10
+	AND $0x7ffffffffffff, R1, R11
+	AND $0x7ffffffffffff, R2, R12
+	AND $0x7ffffffffffff, R3, R13
+	AND $0x7ffffffffffff, R4, R14
+
+	ADD R0>>51, R11, R11
+	ADD R1>>51, R12, R12
+	ADD R2>>51, R13, R13
+	ADD R3>>51, R14, R14
+	// R4>>51 * 19 + R10 -> R10
+	LSR $51, R4, R21
+	MOVD $19, R22
+	MADD R22, R10, R21, R10
+
+	STP (R10, R11), 0(R20)
+	STP (R12, R13), 16(R20)
+	MOVD R14, 32(R20)
+
+	RET
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go
new file mode 100644
index 000000000..fc029ac12
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_arm64_noasm.go
@@ -0,0 +1,11 @@
+// Copyright (c) 2021 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !arm64 || !gc || purego
+
+package field
+
+func (v *Element) carryPropagate() *Element {
+	return v.carryPropagateGeneric()
+}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go
new file mode 100644
index 000000000..2671217da
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/fe_generic.go
@@ -0,0 +1,264 @@
+// Copyright (c) 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package field
+
+import "math/bits"
+
+// uint128 holds a 128-bit number as two 64-bit limbs, for use with the
+// bits.Mul64 and bits.Add64 intrinsics.
+type uint128 struct {
+	lo, hi uint64
+}
+
+// mul64 returns a * b.
+func mul64(a, b uint64) uint128 {
+	hi, lo := bits.Mul64(a, b)
+	return uint128{lo, hi}
+}
+
+// addMul64 returns v + a * b.
+func addMul64(v uint128, a, b uint64) uint128 {
+	hi, lo := bits.Mul64(a, b)
+	lo, c := bits.Add64(lo, v.lo, 0)
+	hi, _ = bits.Add64(hi, v.hi, c)
+	return uint128{lo, hi}
+}
+
+// shiftRightBy51 returns a >> 51. a is assumed to be at most 115 bits.
+func shiftRightBy51(a uint128) uint64 {
+	return (a.hi << (64 - 51)) | (a.lo >> 51)
+}
+
+func feMulGeneric(v, a, b *Element) {
+	a0 := a.l0
+	a1 := a.l1
+	a2 := a.l2
+	a3 := a.l3
+	a4 := a.l4
+
+	b0 := b.l0
+	b1 := b.l1
+	b2 := b.l2
+	b3 := b.l3
+	b4 := b.l4
+
+	// Limb multiplication works like pen-and-paper columnar multiplication, but
+	// with 51-bit limbs instead of digits.
+	//
+	//                          a4   a3   a2   a1   a0  x
+	//                          b4   b3   b2   b1   b0  =
+	//                         ------------------------
+	//                        a4b0 a3b0 a2b0 a1b0 a0b0  +
+	//                   a4b1 a3b1 a2b1 a1b1 a0b1       +
+	//              a4b2 a3b2 a2b2 a1b2 a0b2            +
+	//         a4b3 a3b3 a2b3 a1b3 a0b3                 +
+	//    a4b4 a3b4 a2b4 a1b4 a0b4                      =
+	//   ----------------------------------------------
+	//      r8   r7   r6   r5   r4   r3   r2   r1   r0
+	//
+	// We can then use the reduction identity (a * 2²⁵⁵ + b = a * 19 + b) to
+	// reduce the limbs that would overflow 255 bits. r5 * 2²⁵⁵ becomes 19 * r5,
+	// r6 * 2³⁰⁶ becomes 19 * r6 * 2⁵¹, etc.
+	//
+	// Reduction can be carried out simultaneously to multiplication. For
+	// example, we do not compute r5: whenever the result of a multiplication
+	// belongs to r5, like a1b4, we multiply it by 19 and add the result to r0.
+	//
+	//            a4b0    a3b0    a2b0    a1b0    a0b0  +
+	//            a3b1    a2b1    a1b1    a0b1 19×a4b1  +
+	//            a2b2    a1b2    a0b2 19×a4b2 19×a3b2  +
+	//            a1b3    a0b3 19×a4b3 19×a3b3 19×a2b3  +
+	//            a0b4 19×a4b4 19×a3b4 19×a2b4 19×a1b4  =
+	//           --------------------------------------
+	//              r4      r3      r2      r1      r0
+	//
+	// Finally we add up the columns into wide, overlapping limbs.
+
+	a1_19 := a1 * 19
+	a2_19 := a2 * 19
+	a3_19 := a3 * 19
+	a4_19 := a4 * 19
+
+	// r0 = a0×b0 + 19×(a1×b4 + a2×b3 + a3×b2 + a4×b1)
+	r0 := mul64(a0, b0)
+	r0 = addMul64(r0, a1_19, b4)
+	r0 = addMul64(r0, a2_19, b3)
+	r0 = addMul64(r0, a3_19, b2)
+	r0 = addMul64(r0, a4_19, b1)
+
+	// r1 = a0×b1 + a1×b0 + 19×(a2×b4 + a3×b3 + a4×b2)
+	r1 := mul64(a0, b1)
+	r1 = addMul64(r1, a1, b0)
+	r1 = addMul64(r1, a2_19, b4)
+	r1 = addMul64(r1, a3_19, b3)
+	r1 = addMul64(r1, a4_19, b2)
+
+	// r2 = a0×b2 + a1×b1 + a2×b0 + 19×(a3×b4 + a4×b3)
+	r2 := mul64(a0, b2)
+	r2 = addMul64(r2, a1, b1)
+	r2 = addMul64(r2, a2, b0)
+	r2 = addMul64(r2, a3_19, b4)
+	r2 = addMul64(r2, a4_19, b3)
+
+	// r3 = a0×b3 + a1×b2 + a2×b1 + a3×b0 + 19×a4×b4
+	r3 := mul64(a0, b3)
+	r3 = addMul64(r3, a1, b2)
+	r3 = addMul64(r3, a2, b1)
+	r3 = addMul64(r3, a3, b0)
+	r3 = addMul64(r3, a4_19, b4)
+
+	// r4 = a0×b4 + a1×b3 + a2×b2 + a3×b1 + a4×b0
+	r4 := mul64(a0, b4)
+	r4 = addMul64(r4, a1, b3)
+	r4 = addMul64(r4, a2, b2)
+	r4 = addMul64(r4, a3, b1)
+	r4 = addMul64(r4, a4, b0)
+
+	// After the multiplication, we need to reduce (carry) the five coefficients
+	// to obtain a result with limbs that are at most slightly larger than 2⁵¹,
+	// to respect the Element invariant.
+	//
+	// Overall, the reduction works the same as carryPropagate, except with
+	// wider inputs: we take the carry for each coefficient by shifting it right
+	// by 51, and add it to the limb above it. The top carry is multiplied by 19
+	// according to the reduction identity and added to the lowest limb.
+	//
+	// The largest coefficient (r0) will be at most 111 bits, which guarantees
+	// that all carries are at most 111 - 51 = 60 bits, which fits in a uint64.
+	//
+	//     r0 = a0×b0 + 19×(a1×b4 + a2×b3 + a3×b2 + a4×b1)
+	//     r0 < 2⁵²×2⁵² + 19×(2⁵²×2⁵² + 2⁵²×2⁵² + 2⁵²×2⁵² + 2⁵²×2⁵²)
+	//     r0 < (1 + 19 × 4) × 2⁵² × 2⁵²
+	//     r0 < 2⁷ × 2⁵² × 2⁵²
+	//     r0 < 2¹¹¹
+	//
+	// Moreover, the top coefficient (r4) is at most 107 bits, so c4 is at most
+	// 56 bits, and c4 * 19 is at most 61 bits, which again fits in a uint64 and
+	// allows us to easily apply the reduction identity.
+	//
+	//     r4 = a0×b4 + a1×b3 + a2×b2 + a3×b1 + a4×b0
+	//     r4 < 5 × 2⁵² × 2⁵²
+	//     r4 < 2¹⁰⁷
+	//
+
+	c0 := shiftRightBy51(r0)
+	c1 := shiftRightBy51(r1)
+	c2 := shiftRightBy51(r2)
+	c3 := shiftRightBy51(r3)
+	c4 := shiftRightBy51(r4)
+
+	rr0 := r0.lo&maskLow51Bits + c4*19
+	rr1 := r1.lo&maskLow51Bits + c0
+	rr2 := r2.lo&maskLow51Bits + c1
+	rr3 := r3.lo&maskLow51Bits + c2
+	rr4 := r4.lo&maskLow51Bits + c3
+
+	// Now all coefficients fit into 64-bit registers but are still too large to
+	// be passed around as a Element. We therefore do one last carry chain,
+	// where the carries will be small enough to fit in the wiggle room above 2⁵¹.
+	*v = Element{rr0, rr1, rr2, rr3, rr4}
+	v.carryPropagate()
+}
+
+func feSquareGeneric(v, a *Element) {
+	l0 := a.l0
+	l1 := a.l1
+	l2 := a.l2
+	l3 := a.l3
+	l4 := a.l4
+
+	// Squaring works precisely like multiplication above, but thanks to its
+	// symmetry we get to group a few terms together.
+	//
+	//                          l4   l3   l2   l1   l0  x
+	//                          l4   l3   l2   l1   l0  =
+	//                         ------------------------
+	//                        l4l0 l3l0 l2l0 l1l0 l0l0  +
+	//                   l4l1 l3l1 l2l1 l1l1 l0l1       +
+	//              l4l2 l3l2 l2l2 l1l2 l0l2            +
+	//         l4l3 l3l3 l2l3 l1l3 l0l3                 +
+	//    l4l4 l3l4 l2l4 l1l4 l0l4                      =
+	//   ----------------------------------------------
+	//      r8   r7   r6   r5   r4   r3   r2   r1   r0
+	//
+	//            l4l0    l3l0    l2l0    l1l0    l0l0  +
+	//            l3l1    l2l1    l1l1    l0l1 19×l4l1  +
+	//            l2l2    l1l2    l0l2 19×l4l2 19×l3l2  +
+	//            l1l3    l0l3 19×l4l3 19×l3l3 19×l2l3  +
+	//            l0l4 19×l4l4 19×l3l4 19×l2l4 19×l1l4  =
+	//           --------------------------------------
+	//              r4      r3      r2      r1      r0
+	//
+	// With precomputed 2×, 19×, and 2×19× terms, we can compute each limb with
+	// only three Mul64 and four Add64, instead of five and eight.
+
+	l0_2 := l0 * 2
+	l1_2 := l1 * 2
+
+	l1_38 := l1 * 38
+	l2_38 := l2 * 38
+	l3_38 := l3 * 38
+
+	l3_19 := l3 * 19
+	l4_19 := l4 * 19
+
+	// r0 = l0×l0 + 19×(l1×l4 + l2×l3 + l3×l2 + l4×l1) = l0×l0 + 19×2×(l1×l4 + l2×l3)
+	r0 := mul64(l0, l0)
+	r0 = addMul64(r0, l1_38, l4)
+	r0 = addMul64(r0, l2_38, l3)
+
+	// r1 = l0×l1 + l1×l0 + 19×(l2×l4 + l3×l3 + l4×l2) = 2×l0×l1 + 19×2×l2×l4 + 19×l3×l3
+	r1 := mul64(l0_2, l1)
+	r1 = addMul64(r1, l2_38, l4)
+	r1 = addMul64(r1, l3_19, l3)
+
+	// r2 = l0×l2 + l1×l1 + l2×l0 + 19×(l3×l4 + l4×l3) = 2×l0×l2 + l1×l1 + 19×2×l3×l4
+	r2 := mul64(l0_2, l2)
+	r2 = addMul64(r2, l1, l1)
+	r2 = addMul64(r2, l3_38, l4)
+
+	// r3 = l0×l3 + l1×l2 + l2×l1 + l3×l0 + 19×l4×l4 = 2×l0×l3 + 2×l1×l2 + 19×l4×l4
+	r3 := mul64(l0_2, l3)
+	r3 = addMul64(r3, l1_2, l2)
+	r3 = addMul64(r3, l4_19, l4)
+
+	// r4 = l0×l4 + l1×l3 + l2×l2 + l3×l1 + l4×l0 = 2×l0×l4 + 2×l1×l3 + l2×l2
+	r4 := mul64(l0_2, l4)
+	r4 = addMul64(r4, l1_2, l3)
+	r4 = addMul64(r4, l2, l2)
+
+	c0 := shiftRightBy51(r0)
+	c1 := shiftRightBy51(r1)
+	c2 := shiftRightBy51(r2)
+	c3 := shiftRightBy51(r3)
+	c4 := shiftRightBy51(r4)
+
+	rr0 := r0.lo&maskLow51Bits + c4*19
+	rr1 := r1.lo&maskLow51Bits + c0
+	rr2 := r2.lo&maskLow51Bits + c1
+	rr3 := r3.lo&maskLow51Bits + c2
+	rr4 := r4.lo&maskLow51Bits + c3
+
+	*v = Element{rr0, rr1, rr2, rr3, rr4}
+	v.carryPropagate()
+}
+
+// carryPropagateGeneric brings the limbs below 52 bits by applying the reduction
+// identity (a * 2²⁵⁵ + b = a * 19 + b) to the l4 carry. TODO inline
+func (v *Element) carryPropagateGeneric() *Element {
+	c0 := v.l0 >> 51
+	c1 := v.l1 >> 51
+	c2 := v.l2 >> 51
+	c3 := v.l3 >> 51
+	c4 := v.l4 >> 51
+
+	v.l0 = v.l0&maskLow51Bits + c4*19
+	v.l1 = v.l1&maskLow51Bits + c0
+	v.l2 = v.l2&maskLow51Bits + c1
+	v.l3 = v.l3&maskLow51Bits + c2
+	v.l4 = v.l4&maskLow51Bits + c3
+
+	return v
+}
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/sync.checkpoint b/vendor/golang.org/x/crypto/curve25519/internal/field/sync.checkpoint
new file mode 100644
index 000000000..e3685f95c
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/sync.checkpoint
@@ -0,0 +1 @@
+b0c49ae9f59d233526f8934262c5bbbe14d4358d
diff --git a/vendor/golang.org/x/crypto/curve25519/internal/field/sync.sh b/vendor/golang.org/x/crypto/curve25519/internal/field/sync.sh
new file mode 100644
index 000000000..1ba22a8b4
--- /dev/null
+++ b/vendor/golang.org/x/crypto/curve25519/internal/field/sync.sh
@@ -0,0 +1,19 @@
+#! /bin/bash
+set -euo pipefail
+
+cd "$(git rev-parse --show-toplevel)"
+
+STD_PATH=src/crypto/ed25519/internal/edwards25519/field
+LOCAL_PATH=curve25519/internal/field
+LAST_SYNC_REF=$(cat $LOCAL_PATH/sync.checkpoint)
+
+git fetch https://go.googlesource.com/go master
+
+if git diff --quiet $LAST_SYNC_REF:$STD_PATH FETCH_HEAD:$STD_PATH; then
+    echo "No changes."
+else
+    NEW_REF=$(git rev-parse FETCH_HEAD | tee $LOCAL_PATH/sync.checkpoint)
+    echo "Applying changes from $LAST_SYNC_REF to $NEW_REF..."
+    git diff $LAST_SYNC_REF:$STD_PATH FETCH_HEAD:$STD_PATH | \
+        git apply -3 --directory=$LOCAL_PATH
+fi
diff --git a/vendor/golang.org/x/crypto/ed25519/ed25519.go b/vendor/golang.org/x/crypto/ed25519/ed25519.go
index 59b3a95a7..a7828345f 100644
--- a/vendor/golang.org/x/crypto/ed25519/ed25519.go
+++ b/vendor/golang.org/x/crypto/ed25519/ed25519.go
@@ -11,7 +11,9 @@
 // operations with the same key more efficient. This package refers to the RFC
 // 8032 private key as the “seed”.
 //
-// This package is a wrapper around the standard library crypto/ed25519 package.
+// Beginning with Go 1.13, the functionality of this package was moved to the
+// standard library as crypto/ed25519. This package only acts as a compatibility
+// wrapper.
 package ed25519
 
 import (
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go b/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
index bd896bdc7..333da285b 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/mac_noasm.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build (!amd64 && !ppc64le && !ppc64 && !s390x) || !gc || purego
+//go:build (!amd64 && !ppc64le && !s390x) || !gc || purego
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s b/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s
index 133757384..e0d3c6475 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_amd64.s
@@ -1,93 +1,108 @@
-// Code generated by command: go run sum_amd64_asm.go -out ../sum_amd64.s -pkg poly1305. DO NOT EDIT.
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
 
 //go:build gc && !purego
 
-// func update(state *macState, msg []byte)
+#include "textflag.h"
+
+#define POLY1305_ADD(msg, h0, h1, h2) \
+	ADDQ 0(msg), h0;  \
+	ADCQ 8(msg), h1;  \
+	ADCQ $1, h2;      \
+	LEAQ 16(msg), msg
+
+#define POLY1305_MUL(h0, h1, h2, r0, r1, t0, t1, t2, t3) \
+	MOVQ  r0, AX;                  \
+	MULQ  h0;                      \
+	MOVQ  AX, t0;                  \
+	MOVQ  DX, t1;                  \
+	MOVQ  r0, AX;                  \
+	MULQ  h1;                      \
+	ADDQ  AX, t1;                  \
+	ADCQ  $0, DX;                  \
+	MOVQ  r0, t2;                  \
+	IMULQ h2, t2;                  \
+	ADDQ  DX, t2;                  \
+	                               \
+	MOVQ  r1, AX;                  \
+	MULQ  h0;                      \
+	ADDQ  AX, t1;                  \
+	ADCQ  $0, DX;                  \
+	MOVQ  DX, h0;                  \
+	MOVQ  r1, t3;                  \
+	IMULQ h2, t3;                  \
+	MOVQ  r1, AX;                  \
+	MULQ  h1;                      \
+	ADDQ  AX, t2;                  \
+	ADCQ  DX, t3;                  \
+	ADDQ  h0, t2;                  \
+	ADCQ  $0, t3;                  \
+	                               \
+	MOVQ  t0, h0;                  \
+	MOVQ  t1, h1;                  \
+	MOVQ  t2, h2;                  \
+	ANDQ  $3, h2;                  \
+	MOVQ  t2, t0;                  \
+	ANDQ  $0xFFFFFFFFFFFFFFFC, t0; \
+	ADDQ  t0, h0;                  \
+	ADCQ  t3, h1;                  \
+	ADCQ  $0, h2;                  \
+	SHRQ  $2, t3, t2;              \
+	SHRQ  $2, t3;                  \
+	ADDQ  t2, h0;                  \
+	ADCQ  t3, h1;                  \
+	ADCQ  $0, h2
+
+// func update(state *[7]uint64, msg []byte)
 TEXT ·update(SB), $0-32
 	MOVQ state+0(FP), DI
 	MOVQ msg_base+8(FP), SI
 	MOVQ msg_len+16(FP), R15
-	MOVQ (DI), R8
-	MOVQ 8(DI), R9
-	MOVQ 16(DI), R10
-	MOVQ 24(DI), R11
-	MOVQ 32(DI), R12
-	CMPQ R15, $0x10
+
+	MOVQ 0(DI), R8   // h0
+	MOVQ 8(DI), R9   // h1
+	MOVQ 16(DI), R10 // h2
+	MOVQ 24(DI), R11 // r0
+	MOVQ 32(DI), R12 // r1
+
+	CMPQ R15, $16
 	JB   bytes_between_0_and_15
 
 loop:
-	ADDQ (SI), R8
-	ADCQ 8(SI), R9
-	ADCQ $0x01, R10
-	LEAQ 16(SI), SI
+	POLY1305_ADD(SI, R8, R9, R10)
 
 multiply:
-	MOVQ  R11, AX
-	MULQ  R8
-	MOVQ  AX, BX
-	MOVQ  DX, CX
-	MOVQ  R11, AX
-	MULQ  R9
-	ADDQ  AX, CX
-	ADCQ  $0x00, DX
-	MOVQ  R11, R13
-	IMULQ R10, R13
-	ADDQ  DX, R13
-	MOVQ  R12, AX
-	MULQ  R8
-	ADDQ  AX, CX
-	ADCQ  $0x00, DX
-	MOVQ  DX, R8
-	MOVQ  R12, R14
-	IMULQ R10, R14
-	MOVQ  R12, AX
-	MULQ  R9
-	ADDQ  AX, R13
-	ADCQ  DX, R14
-	ADDQ  R8, R13
-	ADCQ  $0x00, R14
-	MOVQ  BX, R8
-	MOVQ  CX, R9
-	MOVQ  R13, R10
-	ANDQ  $0x03, R10
-	MOVQ  R13, BX
-	ANDQ  $-4, BX
-	ADDQ  BX, R8
-	ADCQ  R14, R9
-	ADCQ  $0x00, R10
-	SHRQ  $0x02, R14, R13
-	SHRQ  $0x02, R14
-	ADDQ  R13, R8
-	ADCQ  R14, R9
-	ADCQ  $0x00, R10
-	SUBQ  $0x10, R15
-	CMPQ  R15, $0x10
-	JAE   loop
+	POLY1305_MUL(R8, R9, R10, R11, R12, BX, CX, R13, R14)
+	SUBQ $16, R15
+	CMPQ R15, $16
+	JAE  loop
 
 bytes_between_0_and_15:
 	TESTQ R15, R15
 	JZ    done
-	MOVQ  $0x00000001, BX
+	MOVQ  $1, BX
 	XORQ  CX, CX
 	XORQ  R13, R13
 	ADDQ  R15, SI
 
 flush_buffer:
-	SHLQ $0x08, BX, CX
-	SHLQ $0x08, BX
+	SHLQ $8, BX, CX
+	SHLQ $8, BX
 	MOVB -1(SI), R13
 	XORQ R13, BX
 	DECQ SI
 	DECQ R15
 	JNZ  flush_buffer
+
 	ADDQ BX, R8
 	ADCQ CX, R9
-	ADCQ $0x00, R10
-	MOVQ $0x00000010, R15
+	ADCQ $0, R10
+	MOVQ $16, R15
 	JMP  multiply
 
 done:
-	MOVQ R8, (DI)
+	MOVQ R8, 0(DI)
 	MOVQ R9, 8(DI)
 	MOVQ R10, 16(DI)
 	RET
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
similarity index 95%
rename from vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go
rename to vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
index 1a1679aaa..4aec4874b 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.go
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build gc && !purego && (ppc64 || ppc64le)
+//go:build gc && !purego
 
 package poly1305
 
diff --git a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
similarity index 89%
rename from vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s
rename to vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
index 6899a1dab..b3c1699bf 100644
--- a/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64x.s
+++ b/vendor/golang.org/x/crypto/internal/poly1305/sum_ppc64le.s
@@ -2,25 +2,15 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build gc && !purego && (ppc64 || ppc64le)
+//go:build gc && !purego
 
 #include "textflag.h"
 
 // This was ported from the amd64 implementation.
 
-#ifdef GOARCH_ppc64le
-#define LE_MOVD MOVD
-#define LE_MOVWZ MOVWZ
-#define LE_MOVHZ MOVHZ
-#else
-#define LE_MOVD MOVDBR
-#define LE_MOVWZ MOVWBR
-#define LE_MOVHZ MOVHBR
-#endif
-
 #define POLY1305_ADD(msg, h0, h1, h2, t0, t1, t2) \
-	LE_MOVD (msg)( R0), t0; \
-	LE_MOVD (msg)(R24), t1; \
+	MOVD (msg), t0;  \
+	MOVD 8(msg), t1; \
 	MOVD $1, t2;     \
 	ADDC t0, h0, h0; \
 	ADDE t1, h1, h1; \
@@ -60,6 +50,10 @@
 	ADDE   t3, h1, h1;  \
 	ADDZE  h2
 
+DATA ·poly1305Mask<>+0x00(SB)/8, $0x0FFFFFFC0FFFFFFF
+DATA ·poly1305Mask<>+0x08(SB)/8, $0x0FFFFFFC0FFFFFFC
+GLOBL ·poly1305Mask<>(SB), RODATA, $16
+
 // func update(state *[7]uint64, msg []byte)
 TEXT ·update(SB), $0-32
 	MOVD state+0(FP), R3
@@ -72,8 +66,6 @@ TEXT ·update(SB), $0-32
 	MOVD 24(R3), R11 // r0
 	MOVD 32(R3), R12 // r1
 
-	MOVD $8, R24
-
 	CMP R5, $16
 	BLT bytes_between_0_and_15
 
@@ -102,7 +94,7 @@ flush_buffer:
 
 	// Greater than 8 -- load the rightmost remaining bytes in msg
 	// and put into R17 (h1)
-	LE_MOVD (R4)(R21), R17
+	MOVD (R4)(R21), R17
 	MOVD $16, R22
 
 	// Find the offset to those bytes
@@ -126,7 +118,7 @@ just1:
 	BLT less8
 
 	// Exactly 8
-	LE_MOVD (R4), R16
+	MOVD (R4), R16
 
 	CMP R17, $0
 
@@ -141,7 +133,7 @@ less8:
 	MOVD  $0, R22   // shift count
 	CMP   R5, $4
 	BLT   less4
-	LE_MOVWZ (R4), R16
+	MOVWZ (R4), R16
 	ADD   $4, R4
 	ADD   $-4, R5
 	MOVD  $32, R22
@@ -149,7 +141,7 @@ less8:
 less4:
 	CMP   R5, $2
 	BLT   less2
-	LE_MOVHZ (R4), R21
+	MOVHZ (R4), R21
 	SLD   R22, R21, R21
 	OR    R16, R21, R16
 	ADD   $16, R22
diff --git a/vendor/golang.org/x/crypto/ocsp/ocsp.go b/vendor/golang.org/x/crypto/ocsp/ocsp.go
index e6c645e7c..bf2259537 100644
--- a/vendor/golang.org/x/crypto/ocsp/ocsp.go
+++ b/vendor/golang.org/x/crypto/ocsp/ocsp.go
@@ -5,7 +5,7 @@
 // Package ocsp parses OCSP responses as specified in RFC 2560. OCSP responses
 // are signed messages attesting to the validity of a certificate for a small
 // period of time. This is used to manage revocation for X.509 certificates.
-package ocsp
+package ocsp // import "golang.org/x/crypto/ocsp"
 
 import (
 	"crypto"
diff --git a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
index 28cd99c7f..904b57e01 100644
--- a/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
+++ b/vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go
@@ -16,7 +16,7 @@ Hash Functions SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 for HMAC. To
 choose, you can pass the `New` functions from the different SHA packages to
 pbkdf2.Key.
 */
-package pbkdf2
+package pbkdf2 // import "golang.org/x/crypto/pbkdf2"
 
 import (
 	"crypto/hmac"
diff --git a/vendor/golang.org/x/crypto/pkcs12/crypto.go b/vendor/golang.org/x/crypto/pkcs12/crypto.go
index 212538cb5..96f4a1a56 100644
--- a/vendor/golang.org/x/crypto/pkcs12/crypto.go
+++ b/vendor/golang.org/x/crypto/pkcs12/crypto.go
@@ -26,7 +26,7 @@ type pbeCipher interface {
 	create(key []byte) (cipher.Block, error)
 	// deriveKey returns a key derived from the given password and salt.
 	deriveKey(salt, password []byte, iterations int) []byte
-	// deriveIV returns an IV derived from the given password and salt.
+	// deriveKey returns an IV derived from the given password and salt.
 	deriveIV(salt, password []byte, iterations int) []byte
 }
 
diff --git a/vendor/golang.org/x/crypto/scrypt/scrypt.go b/vendor/golang.org/x/crypto/scrypt/scrypt.go
index 76fa40fb2..c971a99fa 100644
--- a/vendor/golang.org/x/crypto/scrypt/scrypt.go
+++ b/vendor/golang.org/x/crypto/scrypt/scrypt.go
@@ -5,7 +5,7 @@
 // Package scrypt implements the scrypt key derivation function as defined in
 // Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard
 // Functions" (https://www.tarsnap.com/scrypt/scrypt.pdf).
-package scrypt
+package scrypt // import "golang.org/x/crypto/scrypt"
 
 import (
 	"crypto/sha256"
diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go
index b86dde151..34bf089d0 100644
--- a/vendor/golang.org/x/crypto/ssh/client_auth.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth.go
@@ -71,10 +71,6 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
 	for auth := AuthMethod(new(noneAuth)); auth != nil; {
 		ok, methods, err := auth.auth(sessionID, config.User, c.transport, config.Rand, extensions)
 		if err != nil {
-			// On disconnect, return error immediately
-			if _, ok := err.(*disconnectMsg); ok {
-				return err
-			}
 			// We return the error later if there is no other method left to
 			// try.
 			ok = authFailure
@@ -408,10 +404,10 @@ func validateKey(key PublicKey, algo string, user string, c packetConn) (bool, e
 		return false, err
 	}
 
-	return confirmKeyAck(key, c)
+	return confirmKeyAck(key, algo, c)
 }
 
-func confirmKeyAck(key PublicKey, c packetConn) (bool, error) {
+func confirmKeyAck(key PublicKey, algo string, c packetConn) (bool, error) {
 	pubKey := key.Marshal()
 
 	for {
@@ -429,15 +425,7 @@ func confirmKeyAck(key PublicKey, c packetConn) (bool, error) {
 			if err := Unmarshal(packet, &msg); err != nil {
 				return false, err
 			}
-			// According to RFC 4252 Section 7 the algorithm in
-			// SSH_MSG_USERAUTH_PK_OK should match that of the request but some
-			// servers send the key type instead. OpenSSH allows any algorithm
-			// that matches the public key, so we do the same.
-			// https://github.com/openssh/openssh-portable/blob/86bdd385/sshconnect2.c#L709
-			if !contains(algorithmsForKeyFormat(key.Type()), msg.Algo) {
-				return false, nil
-			}
-			if !bytes.Equal(msg.PubKey, pubKey) {
+			if msg.Algo != algo || !bytes.Equal(msg.PubKey, pubKey) {
 				return false, nil
 			}
 			return true, nil
@@ -555,7 +543,6 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
 	}
 
 	gotMsgExtInfo := false
-	gotUserAuthInfoRequest := false
 	for {
 		packet, err := c.readPacket()
 		if err != nil {
@@ -586,9 +573,6 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
 			if msg.PartialSuccess {
 				return authPartialSuccess, msg.Methods, nil
 			}
-			if !gotUserAuthInfoRequest {
-				return authFailure, msg.Methods, unexpectedMessageError(msgUserAuthInfoRequest, packet[0])
-			}
 			return authFailure, msg.Methods, nil
 		case msgUserAuthSuccess:
 			return authSuccess, nil, nil
@@ -600,7 +584,6 @@ func (cb KeyboardInteractiveChallenge) auth(session []byte, user string, c packe
 		if err := Unmarshal(packet, &msg); err != nil {
 			return authFailure, nil, err
 		}
-		gotUserAuthInfoRequest = true
 
 		// Manually unpack the prompt/echo pairs.
 		rest := msg.Prompts
diff --git a/vendor/golang.org/x/crypto/ssh/doc.go b/vendor/golang.org/x/crypto/ssh/doc.go
index f5d352fe3..edbe63340 100644
--- a/vendor/golang.org/x/crypto/ssh/doc.go
+++ b/vendor/golang.org/x/crypto/ssh/doc.go
@@ -20,4 +20,4 @@ References:
 This package does not fall under the stability promise of the Go language itself,
 so its API may be changed when pressing needs arise.
 */
-package ssh
+package ssh // import "golang.org/x/crypto/ssh"
diff --git a/vendor/golang.org/x/crypto/ssh/keys.go b/vendor/golang.org/x/crypto/ssh/keys.go
index 98e6706d5..df4ebdada 100644
--- a/vendor/golang.org/x/crypto/ssh/keys.go
+++ b/vendor/golang.org/x/crypto/ssh/keys.go
@@ -488,49 +488,7 @@ func (r *rsaPublicKey) Verify(data []byte, sig *Signature) error {
 	h := hash.New()
 	h.Write(data)
 	digest := h.Sum(nil)
-
-	// Signatures in PKCS1v15 must match the key's modulus in
-	// length. However with SSH, some signers provide RSA
-	// signatures which are missing the MSB 0's of the bignum
-	// represented. With ssh-rsa signatures, this is encouraged by
-	// the spec (even though e.g. OpenSSH will give the full
-	// length unconditionally). With rsa-sha2-* signatures, the
-	// verifier is allowed to support these, even though they are
-	// out of spec. See RFC 4253 Section 6.6 for ssh-rsa and RFC
-	// 8332 Section 3 for rsa-sha2-* details.
-	//
-	// In practice:
-	// * OpenSSH always allows "short" signatures:
-	//   https://github.com/openssh/openssh-portable/blob/V_9_8_P1/ssh-rsa.c#L526
-	//   but always generates padded signatures:
-	//   https://github.com/openssh/openssh-portable/blob/V_9_8_P1/ssh-rsa.c#L439
-	//
-	// * PuTTY versions 0.81 and earlier will generate short
-	//   signatures for all RSA signature variants. Note that
-	//   PuTTY is embedded in other software, such as WinSCP and
-	//   FileZilla. At the time of writing, a patch has been
-	//   applied to PuTTY to generate padded signatures for
-	//   rsa-sha2-*, but not yet released:
-	//   https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=a5bcf3d384e1bf15a51a6923c3724cbbee022d8e
-	//
-	// * SSH.NET versions 2024.0.0 and earlier will generate short
-	//   signatures for all RSA signature variants, fixed in 2024.1.0:
-	//   https://github.com/sshnet/SSH.NET/releases/tag/2024.1.0
-	//
-	// As a result, we pad these up to the key size by inserting
-	// leading 0's.
-	//
-	// Note that support for short signatures with rsa-sha2-* may
-	// be removed in the future due to such signatures not being
-	// allowed by the spec.
-	blob := sig.Blob
-	keySize := (*rsa.PublicKey)(r).Size()
-	if len(blob) < keySize {
-		padded := make([]byte, keySize)
-		copy(padded[keySize-len(blob):], blob)
-		blob = padded
-	}
-	return rsa.VerifyPKCS1v15((*rsa.PublicKey)(r), hash, digest, blob)
+	return rsa.VerifyPKCS1v15((*rsa.PublicKey)(r), hash, digest, sig.Blob)
 }
 
 func (r *rsaPublicKey) CryptoPublicKey() crypto.PublicKey {
@@ -946,10 +904,6 @@ func (k *skECDSAPublicKey) Verify(data []byte, sig *Signature) error {
 	return errors.New("ssh: signature did not verify")
 }
 
-func (k *skECDSAPublicKey) CryptoPublicKey() crypto.PublicKey {
-	return &k.PublicKey
-}
-
 type skEd25519PublicKey struct {
 	// application is a URL-like string, typically "ssh:" for SSH.
 	// see openssh/PROTOCOL.u2f for details.
@@ -1046,10 +1000,6 @@ func (k *skEd25519PublicKey) Verify(data []byte, sig *Signature) error {
 	return nil
 }
 
-func (k *skEd25519PublicKey) CryptoPublicKey() crypto.PublicKey {
-	return k.PublicKey
-}
-
 // NewSignerFromKey takes an *rsa.PrivateKey, *dsa.PrivateKey,
 // *ecdsa.PrivateKey or any other crypto.Signer and returns a
 // corresponding Signer instance. ECDSA keys must use P-256, P-384 or
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index 5b5ccd96f..c2dfe3268 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -149,7 +149,7 @@ func (s *ServerConfig) AddHostKey(key Signer) {
 }
 
 // cachedPubKey contains the results of querying whether a public key is
-// acceptable for a user. This is a FIFO cache.
+// acceptable for a user.
 type cachedPubKey struct {
 	user       string
 	pubKeyData []byte
@@ -157,13 +157,7 @@ type cachedPubKey struct {
 	perms      *Permissions
 }
 
-// maxCachedPubKeys is the number of cache entries we store.
-//
-// Due to consistent misuse of the PublicKeyCallback API, we have reduced this
-// to 1, such that the only key in the cache is the most recently seen one. This
-// forces the behavior that the last call to PublicKeyCallback will always be
-// with the key that is used for authentication.
-const maxCachedPubKeys = 1
+const maxCachedPubKeys = 16
 
 // pubKeyCache caches tests for public keys.  Since SSH clients
 // will query whether a public key is acceptable before attempting to
@@ -185,10 +179,9 @@ func (c *pubKeyCache) get(user string, pubKeyData []byte) (cachedPubKey, bool) {
 
 // add adds the given tuple to the cache.
 func (c *pubKeyCache) add(candidate cachedPubKey) {
-	if len(c.keys) >= maxCachedPubKeys {
-		c.keys = c.keys[1:]
+	if len(c.keys) < maxCachedPubKeys {
+		c.keys = append(c.keys, candidate)
 	}
-	c.keys = append(c.keys, candidate)
 }
 
 // ServerConn is an authenticated SSH connection, as seen from the
@@ -433,35 +426,6 @@ func (l ServerAuthError) Error() string {
 	return "[" + strings.Join(errs, ", ") + "]"
 }
 
-// ServerAuthCallbacks defines server-side authentication callbacks.
-type ServerAuthCallbacks struct {
-	// PasswordCallback behaves like [ServerConfig.PasswordCallback].
-	PasswordCallback func(conn ConnMetadata, password []byte) (*Permissions, error)
-
-	// PublicKeyCallback behaves like [ServerConfig.PublicKeyCallback].
-	PublicKeyCallback func(conn ConnMetadata, key PublicKey) (*Permissions, error)
-
-	// KeyboardInteractiveCallback behaves like [ServerConfig.KeyboardInteractiveCallback].
-	KeyboardInteractiveCallback func(conn ConnMetadata, client KeyboardInteractiveChallenge) (*Permissions, error)
-
-	// GSSAPIWithMICConfig behaves like [ServerConfig.GSSAPIWithMICConfig].
-	GSSAPIWithMICConfig *GSSAPIWithMICConfig
-}
-
-// PartialSuccessError can be returned by any of the [ServerConfig]
-// authentication callbacks to indicate to the client that authentication has
-// partially succeeded, but further steps are required.
-type PartialSuccessError struct {
-	// Next defines the authentication callbacks to apply to further steps. The
-	// available methods communicated to the client are based on the non-nil
-	// ServerAuthCallbacks fields.
-	Next ServerAuthCallbacks
-}
-
-func (p *PartialSuccessError) Error() string {
-	return "ssh: authenticated with partial success"
-}
-
 // ErrNoAuth is the error value returned if no
 // authentication method has been passed yet. This happens as a normal
 // part of the authentication loop, since the client first tries
@@ -469,42 +433,14 @@ func (p *PartialSuccessError) Error() string {
 // It is returned in ServerAuthError.Errors from NewServerConn.
 var ErrNoAuth = errors.New("ssh: no auth passed yet")
 
-// BannerError is an error that can be returned by authentication handlers in
-// ServerConfig to send a banner message to the client.
-type BannerError struct {
-	Err     error
-	Message string
-}
-
-func (b *BannerError) Unwrap() error {
-	return b.Err
-}
-
-func (b *BannerError) Error() string {
-	if b.Err == nil {
-		return b.Message
-	}
-	return b.Err.Error()
-}
-
 func (s *connection) serverAuthenticate(config *ServerConfig) (*Permissions, error) {
 	sessionID := s.transport.getSessionID()
 	var cache pubKeyCache
 	var perms *Permissions
 
 	authFailures := 0
-	noneAuthCount := 0
 	var authErrs []error
 	var displayedBanner bool
-	partialSuccessReturned := false
-	// Set the initial authentication callbacks from the config. They can be
-	// changed if a PartialSuccessError is returned.
-	authConfig := ServerAuthCallbacks{
-		PasswordCallback:            config.PasswordCallback,
-		PublicKeyCallback:           config.PublicKeyCallback,
-		KeyboardInteractiveCallback: config.KeyboardInteractiveCallback,
-		GSSAPIWithMICConfig:         config.GSSAPIWithMICConfig,
-	}
 
 userAuthLoop:
 	for {
@@ -517,8 +453,8 @@ userAuthLoop:
 			if err := s.transport.writePacket(Marshal(discMsg)); err != nil {
 				return nil, err
 			}
-			authErrs = append(authErrs, discMsg)
-			return nil, &ServerAuthError{Errors: authErrs}
+
+			return nil, discMsg
 		}
 
 		var userAuthReq userAuthRequestMsg
@@ -535,11 +471,6 @@ userAuthLoop:
 			return nil, errors.New("ssh: client attempted to negotiate for unknown service: " + userAuthReq.Service)
 		}
 
-		if s.user != userAuthReq.User && partialSuccessReturned {
-			return nil, fmt.Errorf("ssh: client changed the user after a partial success authentication, previous user %q, current user %q",
-				s.user, userAuthReq.User)
-		}
-
 		s.user = userAuthReq.User
 
 		if !displayedBanner && config.BannerCallback != nil {
@@ -560,18 +491,20 @@ userAuthLoop:
 
 		switch userAuthReq.Method {
 		case "none":
-			noneAuthCount++
-			// We don't allow none authentication after a partial success
-			// response.
-			if config.NoClientAuth && !partialSuccessReturned {
+			if config.NoClientAuth {
 				if config.NoClientAuthCallback != nil {
 					perms, authErr = config.NoClientAuthCallback(s)
 				} else {
 					authErr = nil
 				}
 			}
+
+			// allow initial attempt of 'none' without penalty
+			if authFailures == 0 {
+				authFailures--
+			}
 		case "password":
-			if authConfig.PasswordCallback == nil {
+			if config.PasswordCallback == nil {
 				authErr = errors.New("ssh: password auth not configured")
 				break
 			}
@@ -585,17 +518,17 @@ userAuthLoop:
 				return nil, parseError(msgUserAuthRequest)
 			}
 
-			perms, authErr = authConfig.PasswordCallback(s, password)
+			perms, authErr = config.PasswordCallback(s, password)
 		case "keyboard-interactive":
-			if authConfig.KeyboardInteractiveCallback == nil {
+			if config.KeyboardInteractiveCallback == nil {
 				authErr = errors.New("ssh: keyboard-interactive auth not configured")
 				break
 			}
 
 			prompter := &sshClientKeyboardInteractive{s}
-			perms, authErr = authConfig.KeyboardInteractiveCallback(s, prompter.Challenge)
+			perms, authErr = config.KeyboardInteractiveCallback(s, prompter.Challenge)
 		case "publickey":
-			if authConfig.PublicKeyCallback == nil {
+			if config.PublicKeyCallback == nil {
 				authErr = errors.New("ssh: publickey auth not configured")
 				break
 			}
@@ -629,18 +562,11 @@ userAuthLoop:
 			if !ok {
 				candidate.user = s.user
 				candidate.pubKeyData = pubKeyData
-				candidate.perms, candidate.result = authConfig.PublicKeyCallback(s, pubKey)
-				_, isPartialSuccessError := candidate.result.(*PartialSuccessError)
-
-				if (candidate.result == nil || isPartialSuccessError) &&
-					candidate.perms != nil &&
-					candidate.perms.CriticalOptions != nil &&
-					candidate.perms.CriticalOptions[sourceAddressCriticalOption] != "" {
-					if err := checkSourceAddress(
+				candidate.perms, candidate.result = config.PublicKeyCallback(s, pubKey)
+				if candidate.result == nil && candidate.perms != nil && candidate.perms.CriticalOptions != nil && candidate.perms.CriticalOptions[sourceAddressCriticalOption] != "" {
+					candidate.result = checkSourceAddress(
 						s.RemoteAddr(),
-						candidate.perms.CriticalOptions[sourceAddressCriticalOption]); err != nil {
-						candidate.result = err
-					}
+						candidate.perms.CriticalOptions[sourceAddressCriticalOption])
 				}
 				cache.add(candidate)
 			}
@@ -652,8 +578,8 @@ userAuthLoop:
 				if len(payload) > 0 {
 					return nil, parseError(msgUserAuthRequest)
 				}
-				_, isPartialSuccessError := candidate.result.(*PartialSuccessError)
-				if candidate.result == nil || isPartialSuccessError {
+
+				if candidate.result == nil {
 					okMsg := userAuthPubKeyOkMsg{
 						Algo:   algo,
 						PubKey: pubKeyData,
@@ -703,11 +629,11 @@ userAuthLoop:
 				perms = candidate.perms
 			}
 		case "gssapi-with-mic":
-			if authConfig.GSSAPIWithMICConfig == nil {
+			if config.GSSAPIWithMICConfig == nil {
 				authErr = errors.New("ssh: gssapi-with-mic auth not configured")
 				break
 			}
-			gssapiConfig := authConfig.GSSAPIWithMICConfig
+			gssapiConfig := config.GSSAPIWithMICConfig
 			userAuthRequestGSSAPI, err := parseGSSAPIPayload(userAuthReq.Payload)
 			if err != nil {
 				return nil, parseError(msgUserAuthRequest)
@@ -759,86 +685,53 @@ userAuthLoop:
 			config.AuthLogCallback(s, userAuthReq.Method, authErr)
 		}
 
-		var bannerErr *BannerError
-		if errors.As(authErr, &bannerErr) {
-			if bannerErr.Message != "" {
-				bannerMsg := &userAuthBannerMsg{
-					Message: bannerErr.Message,
-				}
-				if err := s.transport.writePacket(Marshal(bannerMsg)); err != nil {
-					return nil, err
-				}
-			}
-		}
-
 		if authErr == nil {
 			break userAuthLoop
 		}
 
-		var failureMsg userAuthFailureMsg
-
-		if partialSuccess, ok := authErr.(*PartialSuccessError); ok {
-			// After a partial success error we don't allow changing the user
-			// name and execute the NoClientAuthCallback.
-			partialSuccessReturned = true
-
-			// In case a partial success is returned, the server may send
-			// a new set of authentication methods.
-			authConfig = partialSuccess.Next
-
-			// Reset pubkey cache, as the new PublicKeyCallback might
-			// accept a different set of public keys.
-			cache = pubKeyCache{}
-
-			// Send back a partial success message to the user.
-			failureMsg.PartialSuccess = true
-		} else {
-			// Allow initial attempt of 'none' without penalty.
-			if authFailures > 0 || userAuthReq.Method != "none" || noneAuthCount != 1 {
-				authFailures++
-			}
-			if config.MaxAuthTries > 0 && authFailures >= config.MaxAuthTries {
-				// If we have hit the max attempts, don't bother sending the
-				// final SSH_MSG_USERAUTH_FAILURE message, since there are
-				// no more authentication methods which can be attempted,
-				// and this message may cause the client to re-attempt
-				// authentication while we send the disconnect message.
-				// Continue, and trigger the disconnect at the start of
-				// the loop.
-				//
-				// The SSH specification is somewhat confusing about this,
-				// RFC 4252 Section 5.1 requires each authentication failure
-				// be responded to with a respective SSH_MSG_USERAUTH_FAILURE
-				// message, but Section 4 says the server should disconnect
-				// after some number of attempts, but it isn't explicit which
-				// message should take precedence (i.e. should there be a failure
-				// message than a disconnect message, or if we are going to
-				// disconnect, should we only send that message.)
-				//
-				// Either way, OpenSSH disconnects immediately after the last
-				// failed authentication attempt, and given they are typically
-				// considered the golden implementation it seems reasonable
-				// to match that behavior.
-				continue
-			}
+		authFailures++
+		if config.MaxAuthTries > 0 && authFailures >= config.MaxAuthTries {
+			// If we have hit the max attempts, don't bother sending the
+			// final SSH_MSG_USERAUTH_FAILURE message, since there are
+			// no more authentication methods which can be attempted,
+			// and this message may cause the client to re-attempt
+			// authentication while we send the disconnect message.
+			// Continue, and trigger the disconnect at the start of
+			// the loop.
+			//
+			// The SSH specification is somewhat confusing about this,
+			// RFC 4252 Section 5.1 requires each authentication failure
+			// be responded to with a respective SSH_MSG_USERAUTH_FAILURE
+			// message, but Section 4 says the server should disconnect
+			// after some number of attempts, but it isn't explicit which
+			// message should take precedence (i.e. should there be a failure
+			// message than a disconnect message, or if we are going to
+			// disconnect, should we only send that message.)
+			//
+			// Either way, OpenSSH disconnects immediately after the last
+			// failed authnetication attempt, and given they are typically
+			// considered the golden implementation it seems reasonable
+			// to match that behavior.
+			continue
 		}
 
-		if authConfig.PasswordCallback != nil {
+		var failureMsg userAuthFailureMsg
+		if config.PasswordCallback != nil {
 			failureMsg.Methods = append(failureMsg.Methods, "password")
 		}
-		if authConfig.PublicKeyCallback != nil {
+		if config.PublicKeyCallback != nil {
 			failureMsg.Methods = append(failureMsg.Methods, "publickey")
 		}
-		if authConfig.KeyboardInteractiveCallback != nil {
+		if config.KeyboardInteractiveCallback != nil {
 			failureMsg.Methods = append(failureMsg.Methods, "keyboard-interactive")
 		}
-		if authConfig.GSSAPIWithMICConfig != nil && authConfig.GSSAPIWithMICConfig.Server != nil &&
-			authConfig.GSSAPIWithMICConfig.AllowLogin != nil {
+		if config.GSSAPIWithMICConfig != nil && config.GSSAPIWithMICConfig.Server != nil &&
+			config.GSSAPIWithMICConfig.AllowLogin != nil {
 			failureMsg.Methods = append(failureMsg.Methods, "gssapi-with-mic")
 		}
 
 		if len(failureMsg.Methods) == 0 {
-			return nil, errors.New("ssh: no authentication methods available")
+			return nil, errors.New("ssh: no authentication methods configured but NoClientAuth is also false")
 		}
 
 		if err := s.transport.writePacket(Marshal(&failureMsg)); err != nil {
diff --git a/vendor/golang.org/x/net/LICENSE b/vendor/golang.org/x/net/LICENSE
index 2a7cf70da..6a66aea5e 100644
--- a/vendor/golang.org/x/net/LICENSE
+++ b/vendor/golang.org/x/net/LICENSE
@@ -1,4 +1,4 @@
-Copyright 2009 The Go Authors.
+Copyright (c) 2009 The Go Authors. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
-   * Neither the name of Google LLC nor the names of its
+   * Neither the name of Google Inc. nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 
diff --git a/vendor/golang.org/x/sys/LICENSE b/vendor/golang.org/x/sys/LICENSE
index 2a7cf70da..6a66aea5e 100644
--- a/vendor/golang.org/x/sys/LICENSE
+++ b/vendor/golang.org/x/sys/LICENSE
@@ -1,4 +1,4 @@
-Copyright 2009 The Go Authors.
+Copyright (c) 2009 The Go Authors. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
-   * Neither the name of Google LLC nor the names of its
+   * Neither the name of Google Inc. nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 
diff --git a/vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s b/vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s
deleted file mode 100644
index ec2acfe54..000000000
--- a/vendor/golang.org/x/sys/cpu/asm_darwin_x86_gc.s
+++ /dev/null
@@ -1,17 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build darwin && amd64 && gc
-
-#include "textflag.h"
-
-TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_sysctl(SB)
-GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
-DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
-
-TEXT libc_sysctlbyname_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_sysctlbyname(SB)
-GLOBL	·libc_sysctlbyname_trampoline_addr(SB), RODATA, $8
-DATA	·libc_sysctlbyname_trampoline_addr(SB)/8, $libc_sysctlbyname_trampoline<>(SB)
diff --git a/vendor/golang.org/x/sys/cpu/cpu.go b/vendor/golang.org/x/sys/cpu/cpu.go
index 02609d5b2..4756ad5f7 100644
--- a/vendor/golang.org/x/sys/cpu/cpu.go
+++ b/vendor/golang.org/x/sys/cpu/cpu.go
@@ -103,10 +103,7 @@ var ARM64 struct {
 	HasASIMDDP  bool // Advanced SIMD double precision instruction set
 	HasSHA512   bool // SHA512 hardware implementation
 	HasSVE      bool // Scalable Vector Extensions
-	HasSVE2     bool // Scalable Vector Extensions 2
 	HasASIMDFHM bool // Advanced SIMD multiplication FP16 to FP32
-	HasDIT      bool // Data Independent Timing support
-	HasI8MM     bool // Advanced SIMD Int8 matrix multiplication instructions
 	_           CacheLinePad
 }
 
@@ -201,25 +198,6 @@ var S390X struct {
 	_         CacheLinePad
 }
 
-// RISCV64 contains the supported CPU features and performance characteristics for riscv64
-// platforms. The booleans in RISCV64, with the exception of HasFastMisaligned, indicate
-// the presence of RISC-V extensions.
-//
-// It is safe to assume that all the RV64G extensions are supported and so they are omitted from
-// this structure. As riscv64 Go programs require at least RV64G, the code that populates
-// this structure cannot run successfully if some of the RV64G extensions are missing.
-// The struct is padded to avoid false sharing.
-var RISCV64 struct {
-	_                 CacheLinePad
-	HasFastMisaligned bool // Fast misaligned accesses
-	HasC              bool // Compressed instruction-set extension
-	HasV              bool // Vector extension compatible with RVV 1.0
-	HasZba            bool // Address generation instructions extension
-	HasZbb            bool // Basic bit-manipulation extension
-	HasZbs            bool // Single-bit instructions extension
-	_                 CacheLinePad
-}
-
 func init() {
 	archInit()
 	initOptions()
diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_arm64.go
index af2aa99f9..f3eb993bf 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.go
@@ -28,7 +28,6 @@ func initOptions() {
 		{Name: "sm3", Feature: &ARM64.HasSM3},
 		{Name: "sm4", Feature: &ARM64.HasSM4},
 		{Name: "sve", Feature: &ARM64.HasSVE},
-		{Name: "sve2", Feature: &ARM64.HasSVE2},
 		{Name: "crc32", Feature: &ARM64.HasCRC32},
 		{Name: "atomics", Feature: &ARM64.HasATOMICS},
 		{Name: "asimdhp", Feature: &ARM64.HasASIMDHP},
@@ -38,8 +37,6 @@ func initOptions() {
 		{Name: "dcpop", Feature: &ARM64.HasDCPOP},
 		{Name: "asimddp", Feature: &ARM64.HasASIMDDP},
 		{Name: "asimdfhm", Feature: &ARM64.HasASIMDFHM},
-		{Name: "dit", Feature: &ARM64.HasDIT},
-		{Name: "i8mm", Feature: &ARM64.HasI8MM},
 	}
 }
 
@@ -147,11 +144,6 @@ func parseARM64SystemRegisters(isar0, isar1, pfr0 uint64) {
 		ARM64.HasLRCPC = true
 	}
 
-	switch extractBits(isar1, 52, 55) {
-	case 1:
-		ARM64.HasI8MM = true
-	}
-
 	// ID_AA64PFR0_EL1
 	switch extractBits(pfr0, 16, 19) {
 	case 0:
@@ -172,20 +164,6 @@ func parseARM64SystemRegisters(isar0, isar1, pfr0 uint64) {
 	switch extractBits(pfr0, 32, 35) {
 	case 1:
 		ARM64.HasSVE = true
-
-		parseARM64SVERegister(getzfr0())
-	}
-
-	switch extractBits(pfr0, 48, 51) {
-	case 1:
-		ARM64.HasDIT = true
-	}
-}
-
-func parseARM64SVERegister(zfr0 uint64) {
-	switch extractBits(zfr0, 0, 3) {
-	case 1:
-		ARM64.HasSVE2 = true
 	}
 }
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_arm64.s b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
index 22cc99844..fcb9a3888 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_arm64.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_arm64.s
@@ -29,11 +29,3 @@ TEXT ·getpfr0(SB),NOSPLIT,$0-8
 	WORD	$0xd5380400
 	MOVD	R0, ret+0(FP)
 	RET
-
-// func getzfr0() uint64
-TEXT ·getzfr0(SB),NOSPLIT,$0-8
-	// get SVE Feature Register 0 into x0
-	// mrs	x0, ID_AA64ZFR0_EL1 = d5380480
-	WORD $0xd5380480
-	MOVD	R0, ret+0(FP)
-	RET
diff --git a/vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go b/vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go
deleted file mode 100644
index b838cb9e9..000000000
--- a/vendor/golang.org/x/sys/cpu/cpu_darwin_x86.go
+++ /dev/null
@@ -1,61 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build darwin && amd64 && gc
-
-package cpu
-
-// darwinSupportsAVX512 checks Darwin kernel for AVX512 support via sysctl
-// call (see issue 43089). It also restricts AVX512 support for Darwin to
-// kernel version 21.3.0 (MacOS 12.2.0) or later (see issue 49233).
-//
-// Background:
-// Darwin implements a special mechanism to economize on thread state when
-// AVX512 specific registers are not in use. This scheme minimizes state when
-// preempting threads that haven't yet used any AVX512 instructions, but adds
-// special requirements to check for AVX512 hardware support at runtime (e.g.
-// via sysctl call or commpage inspection). See issue 43089 and link below for
-// full background:
-// https://github.com/apple-oss-distributions/xnu/blob/xnu-11215.1.10/osfmk/i386/fpu.c#L214-L240
-//
-// Additionally, all versions of the Darwin kernel from 19.6.0 through 21.2.0
-// (corresponding to MacOS 10.15.6 - 12.1) have a bug that can cause corruption
-// of the AVX512 mask registers (K0-K7) upon signal return. For this reason
-// AVX512 is considered unsafe to use on Darwin for kernel versions prior to
-// 21.3.0, where a fix has been confirmed. See issue 49233 for full background.
-func darwinSupportsAVX512() bool {
-	return darwinSysctlEnabled([]byte("hw.optional.avx512f\x00")) && darwinKernelVersionCheck(21, 3, 0)
-}
-
-// Ensure Darwin kernel version is at least major.minor.patch, avoiding dependencies
-func darwinKernelVersionCheck(major, minor, patch int) bool {
-	var release [256]byte
-	err := darwinOSRelease(&release)
-	if err != nil {
-		return false
-	}
-
-	var mmp [3]int
-	c := 0
-Loop:
-	for _, b := range release[:] {
-		switch {
-		case b >= '0' && b <= '9':
-			mmp[c] = 10*mmp[c] + int(b-'0')
-		case b == '.':
-			c++
-			if c > 2 {
-				return false
-			}
-		case b == 0:
-			break Loop
-		default:
-			return false
-		}
-	}
-	if c != 2 {
-		return false
-	}
-	return mmp[0] > major || mmp[0] == major && (mmp[1] > minor || mmp[1] == minor && mmp[2] >= patch)
-}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
index 6ac6e1efb..a8acd3e32 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_arm64.go
@@ -9,4 +9,3 @@ package cpu
 func getisar0() uint64
 func getisar1() uint64
 func getpfr0() uint64
-func getzfr0() uint64
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
index 32a44514e..910728fb1 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gc_x86.go
@@ -6,10 +6,10 @@
 
 package cpu
 
-// cpuid is implemented in cpu_gc_x86.s for gc compiler
+// cpuid is implemented in cpu_x86.s for gc compiler
 // and in cpu_gccgo.c for gccgo.
 func cpuid(eaxArg, ecxArg uint32) (eax, ebx, ecx, edx uint32)
 
-// xgetbv with ecx = 0 is implemented in cpu_gc_x86.s for gc compiler
+// xgetbv with ecx = 0 is implemented in cpu_x86.s for gc compiler
 // and in cpu_gccgo.c for gccgo.
 func xgetbv() (eax, edx uint32)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
index 170d21ddf..99c60fe9f 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_gccgo_x86.go
@@ -23,3 +23,9 @@ func xgetbv() (eax, edx uint32) {
 	gccgoXgetbv(&a, &d)
 	return a, d
 }
+
+// gccgo doesn't build on Darwin, per:
+// https://github.com/Homebrew/homebrew-core/blob/HEAD/Formula/gcc.rb#L76
+func darwinSupportsAVX512() bool {
+	return false
+}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go
index f1caf0f78..a968b80fa 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_arm64.go
@@ -35,10 +35,6 @@ const (
 	hwcap_SHA512   = 1 << 21
 	hwcap_SVE      = 1 << 22
 	hwcap_ASIMDFHM = 1 << 23
-	hwcap_DIT      = 1 << 24
-
-	hwcap2_SVE2 = 1 << 1
-	hwcap2_I8MM = 1 << 13
 )
 
 // linuxKernelCanEmulateCPUID reports whether we're running
@@ -108,11 +104,6 @@ func doinit() {
 	ARM64.HasSHA512 = isSet(hwCap, hwcap_SHA512)
 	ARM64.HasSVE = isSet(hwCap, hwcap_SVE)
 	ARM64.HasASIMDFHM = isSet(hwCap, hwcap_ASIMDFHM)
-	ARM64.HasDIT = isSet(hwCap, hwcap_DIT)
-
-	// HWCAP2 feature bits
-	ARM64.HasSVE2 = isSet(hwCap2, hwcap2_SVE2)
-	ARM64.HasI8MM = isSet(hwCap2, hwcap2_I8MM)
 }
 
 func isSet(hwc uint, value uint) bool {
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go b/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
index 7d902b684..cd63e7335 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_linux_noinit.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build linux && !arm && !arm64 && !mips64 && !mips64le && !ppc64 && !ppc64le && !s390x && !riscv64
+//go:build linux && !arm && !arm64 && !mips64 && !mips64le && !ppc64 && !ppc64le && !s390x
 
 package cpu
 
diff --git a/vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.go b/vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.go
deleted file mode 100644
index cb4a0c572..000000000
--- a/vendor/golang.org/x/sys/cpu/cpu_linux_riscv64.go
+++ /dev/null
@@ -1,137 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package cpu
-
-import (
-	"syscall"
-	"unsafe"
-)
-
-// RISC-V extension discovery code for Linux. The approach here is to first try the riscv_hwprobe
-// syscall falling back to HWCAP to check for the C extension if riscv_hwprobe is not available.
-//
-// A note on detection of the Vector extension using HWCAP.
-//
-// Support for the Vector extension version 1.0 was added to the Linux kernel in release 6.5.
-// Support for the riscv_hwprobe syscall was added in 6.4. It follows that if the riscv_hwprobe
-// syscall is not available then neither is the Vector extension (which needs kernel support).
-// The riscv_hwprobe syscall should then be all we need to detect the Vector extension.
-// However, some RISC-V board manufacturers ship boards with an older kernel on top of which
-// they have back-ported various versions of the Vector extension patches but not the riscv_hwprobe
-// patches. These kernels advertise support for the Vector extension using HWCAP. Falling
-// back to HWCAP to detect the Vector extension, if riscv_hwprobe is not available, or simply not
-// bothering with riscv_hwprobe at all and just using HWCAP may then seem like an attractive option.
-//
-// Unfortunately, simply checking the 'V' bit in AT_HWCAP will not work as this bit is used by
-// RISC-V board and cloud instance providers to mean different things. The Lichee Pi 4A board
-// and the Scaleway RV1 cloud instances use the 'V' bit to advertise their support for the unratified
-// 0.7.1 version of the Vector Specification. The Banana Pi BPI-F3 and the CanMV-K230 board use
-// it to advertise support for 1.0 of the Vector extension. Versions 0.7.1 and 1.0 of the Vector
-// extension are binary incompatible. HWCAP can then not be used in isolation to populate the
-// HasV field as this field indicates that the underlying CPU is compatible with RVV 1.0.
-//
-// There is a way at runtime to distinguish between versions 0.7.1 and 1.0 of the Vector
-// specification by issuing a RVV 1.0 vsetvli instruction and checking the vill bit of the vtype
-// register. This check would allow us to safely detect version 1.0 of the Vector extension
-// with HWCAP, if riscv_hwprobe were not available. However, the check cannot
-// be added until the assembler supports the Vector instructions.
-//
-// Note the riscv_hwprobe syscall does not suffer from these ambiguities by design as all of the
-// extensions it advertises support for are explicitly versioned. It's also worth noting that
-// the riscv_hwprobe syscall is the only way to detect multi-letter RISC-V extensions, e.g., Zba.
-// These cannot be detected using HWCAP and so riscv_hwprobe must be used to detect the majority
-// of RISC-V extensions.
-//
-// Please see https://docs.kernel.org/arch/riscv/hwprobe.html for more information.
-
-// golang.org/x/sys/cpu is not allowed to depend on golang.org/x/sys/unix so we must
-// reproduce the constants, types and functions needed to make the riscv_hwprobe syscall
-// here.
-
-const (
-	// Copied from golang.org/x/sys/unix/ztypes_linux_riscv64.go.
-	riscv_HWPROBE_KEY_IMA_EXT_0   = 0x4
-	riscv_HWPROBE_IMA_C           = 0x2
-	riscv_HWPROBE_IMA_V           = 0x4
-	riscv_HWPROBE_EXT_ZBA         = 0x8
-	riscv_HWPROBE_EXT_ZBB         = 0x10
-	riscv_HWPROBE_EXT_ZBS         = 0x20
-	riscv_HWPROBE_KEY_CPUPERF_0   = 0x5
-	riscv_HWPROBE_MISALIGNED_FAST = 0x3
-	riscv_HWPROBE_MISALIGNED_MASK = 0x7
-)
-
-const (
-	// sys_RISCV_HWPROBE is copied from golang.org/x/sys/unix/zsysnum_linux_riscv64.go.
-	sys_RISCV_HWPROBE = 258
-)
-
-// riscvHWProbePairs is copied from golang.org/x/sys/unix/ztypes_linux_riscv64.go.
-type riscvHWProbePairs struct {
-	key   int64
-	value uint64
-}
-
-const (
-	// CPU features
-	hwcap_RISCV_ISA_C = 1 << ('C' - 'A')
-)
-
-func doinit() {
-	// A slice of key/value pair structures is passed to the RISCVHWProbe syscall. The key
-	// field should be initialised with one of the key constants defined above, e.g.,
-	// RISCV_HWPROBE_KEY_IMA_EXT_0. The syscall will set the value field to the appropriate value.
-	// If the kernel does not recognise a key it will set the key field to -1 and the value field to 0.
-
-	pairs := []riscvHWProbePairs{
-		{riscv_HWPROBE_KEY_IMA_EXT_0, 0},
-		{riscv_HWPROBE_KEY_CPUPERF_0, 0},
-	}
-
-	// This call only indicates that extensions are supported if they are implemented on all cores.
-	if riscvHWProbe(pairs, 0) {
-		if pairs[0].key != -1 {
-			v := uint(pairs[0].value)
-			RISCV64.HasC = isSet(v, riscv_HWPROBE_IMA_C)
-			RISCV64.HasV = isSet(v, riscv_HWPROBE_IMA_V)
-			RISCV64.HasZba = isSet(v, riscv_HWPROBE_EXT_ZBA)
-			RISCV64.HasZbb = isSet(v, riscv_HWPROBE_EXT_ZBB)
-			RISCV64.HasZbs = isSet(v, riscv_HWPROBE_EXT_ZBS)
-		}
-		if pairs[1].key != -1 {
-			v := pairs[1].value & riscv_HWPROBE_MISALIGNED_MASK
-			RISCV64.HasFastMisaligned = v == riscv_HWPROBE_MISALIGNED_FAST
-		}
-	}
-
-	// Let's double check with HWCAP if the C extension does not appear to be supported.
-	// This may happen if we're running on a kernel older than 6.4.
-
-	if !RISCV64.HasC {
-		RISCV64.HasC = isSet(hwCap, hwcap_RISCV_ISA_C)
-	}
-}
-
-func isSet(hwc uint, value uint) bool {
-	return hwc&value != 0
-}
-
-// riscvHWProbe is a simplified version of the generated wrapper function found in
-// golang.org/x/sys/unix/zsyscall_linux_riscv64.go. We simplify it by removing the
-// cpuCount and cpus parameters which we do not need. We always want to pass 0 for
-// these parameters here so the kernel only reports the extensions that are present
-// on all cores.
-func riscvHWProbe(pairs []riscvHWProbePairs, flags uint) bool {
-	var _zero uintptr
-	var p0 unsafe.Pointer
-	if len(pairs) > 0 {
-		p0 = unsafe.Pointer(&pairs[0])
-	} else {
-		p0 = unsafe.Pointer(&_zero)
-	}
-
-	_, _, e1 := syscall.Syscall6(sys_RISCV_HWPROBE, uintptr(p0), uintptr(len(pairs)), uintptr(0), uintptr(0), uintptr(flags), 0)
-	return e1 == 0
-}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_x86.go b/vendor/golang.org/x/sys/cpu/cpu_other_x86.go
deleted file mode 100644
index a0fd7e2f7..000000000
--- a/vendor/golang.org/x/sys/cpu/cpu_other_x86.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build 386 || amd64p32 || (amd64 && (!darwin || !gc))
-
-package cpu
-
-func darwinSupportsAVX512() bool {
-	panic("only implemented for gc && amd64 && darwin")
-}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
index aca3199c9..7f0c79c00 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_riscv64.go
@@ -8,13 +8,4 @@ package cpu
 
 const cacheLineSize = 64
 
-func initOptions() {
-	options = []option{
-		{Name: "fastmisaligned", Feature: &RISCV64.HasFastMisaligned},
-		{Name: "c", Feature: &RISCV64.HasC},
-		{Name: "v", Feature: &RISCV64.HasV},
-		{Name: "zba", Feature: &RISCV64.HasZba},
-		{Name: "zbb", Feature: &RISCV64.HasZbb},
-		{Name: "zbs", Feature: &RISCV64.HasZbs},
-	}
-}
+func initOptions() {}
diff --git a/vendor/golang.org/x/sys/cpu/cpu_x86.go b/vendor/golang.org/x/sys/cpu/cpu_x86.go
index 600a68078..c29f5e4c5 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_x86.go
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.go
@@ -92,8 +92,10 @@ func archInit() {
 		osSupportsAVX = isSet(1, eax) && isSet(2, eax)
 
 		if runtime.GOOS == "darwin" {
-			// Darwin requires special AVX512 checks, see cpu_darwin_x86.go
-			osSupportsAVX512 = osSupportsAVX && darwinSupportsAVX512()
+			// Darwin doesn't save/restore AVX-512 mask registers correctly across signal handlers.
+			// Since users can't rely on mask register contents, let's not advertise AVX-512 support.
+			// See issue 49233.
+			osSupportsAVX512 = false
 		} else {
 			// Check if OPMASK and ZMM registers have OS support.
 			osSupportsAVX512 = osSupportsAVX && isSet(5, eax) && isSet(6, eax) && isSet(7, eax)
diff --git a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.s b/vendor/golang.org/x/sys/cpu/cpu_x86.s
similarity index 94%
rename from vendor/golang.org/x/sys/cpu/cpu_gc_x86.s
rename to vendor/golang.org/x/sys/cpu/cpu_x86.s
index ce208ce6d..7d7ba33ef 100644
--- a/vendor/golang.org/x/sys/cpu/cpu_gc_x86.s
+++ b/vendor/golang.org/x/sys/cpu/cpu_x86.s
@@ -18,7 +18,7 @@ TEXT ·cpuid(SB), NOSPLIT, $0-24
 	RET
 
 // func xgetbv() (eax, edx uint32)
-TEXT ·xgetbv(SB), NOSPLIT, $0-8
+TEXT ·xgetbv(SB),NOSPLIT,$0-8
 	MOVL $0, CX
 	XGETBV
 	MOVL AX, eax+0(FP)
diff --git a/vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go b/vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go
deleted file mode 100644
index 4d0888b0c..000000000
--- a/vendor/golang.org/x/sys/cpu/syscall_darwin_x86_gc.go
+++ /dev/null
@@ -1,98 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Minimal copy of x/sys/unix so the cpu package can make a
-// system call on Darwin without depending on x/sys/unix.
-
-//go:build darwin && amd64 && gc
-
-package cpu
-
-import (
-	"syscall"
-	"unsafe"
-)
-
-type _C_int int32
-
-// adapted from unix.Uname() at x/sys/unix/syscall_darwin.go L419
-func darwinOSRelease(release *[256]byte) error {
-	// from x/sys/unix/zerrors_openbsd_amd64.go
-	const (
-		CTL_KERN       = 0x1
-		KERN_OSRELEASE = 0x2
-	)
-
-	mib := []_C_int{CTL_KERN, KERN_OSRELEASE}
-	n := unsafe.Sizeof(*release)
-
-	return sysctl(mib, &release[0], &n, nil, 0)
-}
-
-type Errno = syscall.Errno
-
-var _zero uintptr // Single-word zero for use when we need a valid pointer to 0 bytes.
-
-// from x/sys/unix/zsyscall_darwin_amd64.go L791-807
-func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) error {
-	var _p0 unsafe.Pointer
-	if len(mib) > 0 {
-		_p0 = unsafe.Pointer(&mib[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	if _, _, err := syscall_syscall6(
-		libc_sysctl_trampoline_addr,
-		uintptr(_p0),
-		uintptr(len(mib)),
-		uintptr(unsafe.Pointer(old)),
-		uintptr(unsafe.Pointer(oldlen)),
-		uintptr(unsafe.Pointer(new)),
-		uintptr(newlen),
-	); err != 0 {
-		return err
-	}
-
-	return nil
-}
-
-var libc_sysctl_trampoline_addr uintptr
-
-// adapted from internal/cpu/cpu_arm64_darwin.go
-func darwinSysctlEnabled(name []byte) bool {
-	out := int32(0)
-	nout := unsafe.Sizeof(out)
-	if ret := sysctlbyname(&name[0], (*byte)(unsafe.Pointer(&out)), &nout, nil, 0); ret != nil {
-		return false
-	}
-	return out > 0
-}
-
-//go:cgo_import_dynamic libc_sysctl sysctl "/usr/lib/libSystem.B.dylib"
-
-var libc_sysctlbyname_trampoline_addr uintptr
-
-// adapted from runtime/sys_darwin.go in the pattern of sysctl() above, as defined in x/sys/unix
-func sysctlbyname(name *byte, old *byte, oldlen *uintptr, new *byte, newlen uintptr) error {
-	if _, _, err := syscall_syscall6(
-		libc_sysctlbyname_trampoline_addr,
-		uintptr(unsafe.Pointer(name)),
-		uintptr(unsafe.Pointer(old)),
-		uintptr(unsafe.Pointer(oldlen)),
-		uintptr(unsafe.Pointer(new)),
-		uintptr(newlen),
-		0,
-	); err != 0 {
-		return err
-	}
-
-	return nil
-}
-
-//go:cgo_import_dynamic libc_sysctlbyname sysctlbyname "/usr/lib/libSystem.B.dylib"
-
-// Implemented in the runtime package (runtime/sys_darwin.go)
-func syscall_syscall6(fn, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
-
-//go:linkname syscall_syscall6 syscall.syscall6
diff --git a/vendor/golang.org/x/sys/unix/README.md b/vendor/golang.org/x/sys/unix/README.md
index 6e08a76a7..7d3c060e1 100644
--- a/vendor/golang.org/x/sys/unix/README.md
+++ b/vendor/golang.org/x/sys/unix/README.md
@@ -156,7 +156,7 @@ from the generated architecture-specific files listed below, and merge these
 into a common file for each OS.
 
 The merge is performed in the following steps:
-1. Construct the set of common code that is identical in all architecture-specific files.
+1. Construct the set of common code that is idential in all architecture-specific files.
 2. Write this common code to the merged file.
 3. Remove the common code from all architecture-specific files.
 
diff --git a/vendor/golang.org/x/sys/unix/asm_zos_s390x.s b/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
index 813dfad7d..2f67ba86d 100644
--- a/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
+++ b/vendor/golang.org/x/sys/unix/asm_zos_s390x.s
@@ -9,11 +9,9 @@
 #define PSALAA            1208(R0)
 #define GTAB64(x)           80(x)
 #define LCA64(x)            88(x)
-#define SAVSTACK_ASYNC(x)  336(x) // in the LCA
 #define CAA(x)               8(x)
-#define CEECAATHDID(x)     976(x) // in the CAA
-#define EDCHPXV(x)        1016(x) // in the CAA
-#define GOCB(x)           1104(x) // in the CAA
+#define EDCHPXV(x)        1016(x)       // in the CAA
+#define SAVSTACK_ASYNC(x)  336(x)       // in the LCA
 
 // SS_*, where x=SAVSTACK_ASYNC
 #define SS_LE(x)             0(x)
@@ -21,362 +19,405 @@
 #define SS_ERRNO(x)         16(x)
 #define SS_ERRNOJR(x)       20(x)
 
-// Function Descriptor Offsets
-#define __errno  0x156*16
-#define __err2ad 0x16C*16
+#define LE_CALL BYTE $0x0D; BYTE $0x76; // BL R7, R6
 
-// Call Instructions
-#define LE_CALL    BYTE $0x0D; BYTE $0x76 // BL R7, R6
-#define SVC_LOAD   BYTE $0x0A; BYTE $0x08 // SVC 08 LOAD
-#define SVC_DELETE BYTE $0x0A; BYTE $0x09 // SVC 09 DELETE
-
-DATA zosLibVec<>(SB)/8, $0
-GLOBL zosLibVec<>(SB), NOPTR, $8
-
-TEXT ·initZosLibVec(SB), NOSPLIT|NOFRAME, $0-0
-	MOVW PSALAA, R8
-	MOVD LCA64(R8), R8
-	MOVD CAA(R8), R8
-	MOVD EDCHPXV(R8), R8
-	MOVD R8, zosLibVec<>(SB)
-	RET
-
-TEXT ·GetZosLibVec(SB), NOSPLIT|NOFRAME, $0-0
-	MOVD zosLibVec<>(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·clearErrno(SB), NOSPLIT, $0-0
-	BL   addrerrno<>(SB)
-	MOVD $0, 0(R3)
+TEXT ·clearErrno(SB),NOSPLIT,$0-0
+	BL	addrerrno<>(SB)
+	MOVD	$0, 0(R3)
 	RET
 
 // Returns the address of errno in R3.
-TEXT addrerrno<>(SB), NOSPLIT|NOFRAME, $0-0
+TEXT addrerrno<>(SB),NOSPLIT|NOFRAME,$0-0
 	// Get library control area (LCA).
-	MOVW PSALAA, R8
-	MOVD LCA64(R8), R8
+	MOVW	PSALAA, R8
+	MOVD	LCA64(R8), R8
 
 	// Get __errno FuncDesc.
-	MOVD CAA(R8), R9
-	MOVD EDCHPXV(R9), R9
-	ADD  $(__errno), R9
-	LMG  0(R9), R5, R6
+	MOVD	CAA(R8), R9
+	MOVD	EDCHPXV(R9), R9
+	ADD	$(0x156*16), R9
+	LMG	0(R9), R5, R6
 
 	// Switch to saved LE stack.
-	MOVD SAVSTACK_ASYNC(R8), R9
-	MOVD 0(R9), R4
-	MOVD $0, 0(R9)
+	MOVD	SAVSTACK_ASYNC(R8), R9
+	MOVD	0(R9), R4
+	MOVD	$0, 0(R9)
 
 	// Call __errno function.
 	LE_CALL
 	NOPH
 
 	// Switch back to Go stack.
-	XOR  R0, R0    // Restore R0 to $0.
-	MOVD R4, 0(R9) // Save stack pointer.
+	XOR	R0, R0      // Restore R0 to $0.
+	MOVD	R4, 0(R9)   // Save stack pointer.
 	RET
 
-// func svcCall(fnptr unsafe.Pointer, argv *unsafe.Pointer, dsa *uint64)
-TEXT ·svcCall(SB), NOSPLIT, $0
-	BL   runtime·save_g(SB)     // Save g and stack pointer
-	MOVW PSALAA, R8
-	MOVD LCA64(R8), R8
-	MOVD SAVSTACK_ASYNC(R8), R9
-	MOVD R15, 0(R9)
+TEXT ·syscall_syscall(SB),NOSPLIT,$0-56
+	BL	runtime·entersyscall(SB)
+	MOVD	a1+8(FP), R1
+	MOVD	a2+16(FP), R2
+	MOVD	a3+24(FP), R3
 
-	MOVD argv+8(FP), R1   // Move function arguments into registers
-	MOVD dsa+16(FP), g
-	MOVD fnptr+0(FP), R15
+	// Get library control area (LCA).
+	MOVW	PSALAA, R8
+	MOVD	LCA64(R8), R8
 
-	BYTE $0x0D // Branch to function
-	BYTE $0xEF
+	// Get function.
+	MOVD	CAA(R8), R9
+	MOVD	EDCHPXV(R9), R9
+	MOVD	trap+0(FP), R5
+	SLD	$4, R5
+	ADD	R5, R9
+	LMG	0(R9), R5, R6
 
-	BL   runtime·load_g(SB)     // Restore g and stack pointer
-	MOVW PSALAA, R8
-	MOVD LCA64(R8), R8
-	MOVD SAVSTACK_ASYNC(R8), R9
-	MOVD 0(R9), R15
+	// Restore LE stack.
+	MOVD	SAVSTACK_ASYNC(R8), R9
+	MOVD	0(R9), R4
+	MOVD	$0, 0(R9)
 
+	// Call function.
+	LE_CALL
+	NOPH
+	XOR	R0, R0      // Restore R0 to $0.
+	MOVD	R4, 0(R9)   // Save stack pointer.
+
+	MOVD	R3, r1+32(FP)
+	MOVD	R0, r2+40(FP)
+	MOVD	R0, err+48(FP)
+	MOVW	R3, R4
+	CMP	R4, $-1
+	BNE	done
+	BL	addrerrno<>(SB)
+	MOVWZ	0(R3), R3
+	MOVD	R3, err+48(FP)
+done:
+	BL	runtime·exitsyscall(SB)
 	RET
 
-// func svcLoad(name *byte) unsafe.Pointer
-TEXT ·svcLoad(SB), NOSPLIT, $0
-	MOVD R15, R2         // Save go stack pointer
-	MOVD name+0(FP), R0  // Move SVC args into registers
-	MOVD $0x80000000, R1
-	MOVD $0, R15
-	SVC_LOAD
-	MOVW R15, R3         // Save return code from SVC
-	MOVD R2, R15         // Restore go stack pointer
-	CMP  R3, $0          // Check SVC return code
-	BNE  error
-
-	MOVD $-2, R3       // Reset last bit of entry point to zero
-	AND  R0, R3
-	MOVD R3, ret+8(FP) // Return entry point returned by SVC
-	CMP  R0, R3        // Check if last bit of entry point was set
-	BNE  done
-
-	MOVD R15, R2 // Save go stack pointer
-	MOVD $0, R15 // Move SVC args into registers (entry point still in r0 from SVC 08)
-	SVC_DELETE
-	MOVD R2, R15 // Restore go stack pointer
+TEXT ·syscall_rawsyscall(SB),NOSPLIT,$0-56
+	MOVD	a1+8(FP), R1
+	MOVD	a2+16(FP), R2
+	MOVD	a3+24(FP), R3
 
-error:
-	MOVD $0, ret+8(FP) // Return 0 on failure
+	// Get library control area (LCA).
+	MOVW	PSALAA, R8
+	MOVD	LCA64(R8), R8
+
+	// Get function.
+	MOVD	CAA(R8), R9
+	MOVD	EDCHPXV(R9), R9
+	MOVD	trap+0(FP), R5
+	SLD	$4, R5
+	ADD	R5, R9
+	LMG	0(R9), R5, R6
 
+	// Restore LE stack.
+	MOVD	SAVSTACK_ASYNC(R8), R9
+	MOVD	0(R9), R4
+	MOVD	$0, 0(R9)
+
+	// Call function.
+	LE_CALL
+	NOPH
+	XOR	R0, R0      // Restore R0 to $0.
+	MOVD	R4, 0(R9)   // Save stack pointer.
+
+	MOVD	R3, r1+32(FP)
+	MOVD	R0, r2+40(FP)
+	MOVD	R0, err+48(FP)
+	MOVW	R3, R4
+	CMP	R4, $-1
+	BNE	done
+	BL	addrerrno<>(SB)
+	MOVWZ	0(R3), R3
+	MOVD	R3, err+48(FP)
 done:
-	XOR R0, R0 // Reset r0 to 0
 	RET
 
-// func svcUnload(name *byte, fnptr unsafe.Pointer) int64
-TEXT ·svcUnload(SB), NOSPLIT, $0
-	MOVD R15, R2          // Save go stack pointer
-	MOVD name+0(FP), R0   // Move SVC args into registers
-	MOVD fnptr+8(FP), R15
-	SVC_DELETE
-	XOR  R0, R0           // Reset r0 to 0
-	MOVD R15, R1          // Save SVC return code
-	MOVD R2, R15          // Restore go stack pointer
-	MOVD R1, ret+16(FP)   // Return SVC return code
-	RET
+TEXT ·syscall_syscall6(SB),NOSPLIT,$0-80
+	BL	runtime·entersyscall(SB)
+	MOVD	a1+8(FP), R1
+	MOVD	a2+16(FP), R2
+	MOVD	a3+24(FP), R3
 
-// func gettid() uint64
-TEXT ·gettid(SB), NOSPLIT, $0
 	// Get library control area (LCA).
-	MOVW PSALAA, R8
-	MOVD LCA64(R8), R8
+	MOVW	PSALAA, R8
+	MOVD	LCA64(R8), R8
 
-	// Get CEECAATHDID
-	MOVD CAA(R8), R9
-	MOVD CEECAATHDID(R9), R9
-	MOVD R9, ret+0(FP)
+	// Get function.
+	MOVD	CAA(R8), R9
+	MOVD	EDCHPXV(R9), R9
+	MOVD	trap+0(FP), R5
+	SLD	$4, R5
+	ADD	R5, R9
+	LMG	0(R9), R5, R6
 
+	// Restore LE stack.
+	MOVD	SAVSTACK_ASYNC(R8), R9
+	MOVD	0(R9), R4
+	MOVD	$0, 0(R9)
+
+	// Fill in parameter list.
+	MOVD	a4+32(FP), R12
+	MOVD	R12, (2176+24)(R4)
+	MOVD	a5+40(FP), R12
+	MOVD	R12, (2176+32)(R4)
+	MOVD	a6+48(FP), R12
+	MOVD	R12, (2176+40)(R4)
+
+	// Call function.
+	LE_CALL
+	NOPH
+	XOR	R0, R0      // Restore R0 to $0.
+	MOVD	R4, 0(R9)   // Save stack pointer.
+
+	MOVD	R3, r1+56(FP)
+	MOVD	R0, r2+64(FP)
+	MOVD	R0, err+72(FP)
+	MOVW	R3, R4
+	CMP	R4, $-1
+	BNE	done
+	BL	addrerrno<>(SB)
+	MOVWZ	0(R3), R3
+	MOVD	R3, err+72(FP)
+done:
+	BL	runtime·exitsyscall(SB)
 	RET
 
-//
-// Call LE function, if the return is -1
-// errno and errno2 is retrieved
-//
-TEXT ·CallLeFuncWithErr(SB), NOSPLIT, $0
-	MOVW PSALAA, R8
-	MOVD LCA64(R8), R8
-	MOVD CAA(R8), R9
-	MOVD g, GOCB(R9)
+TEXT ·syscall_rawsyscall6(SB),NOSPLIT,$0-80
+	MOVD	a1+8(FP), R1
+	MOVD	a2+16(FP), R2
+	MOVD	a3+24(FP), R3
+
+	// Get library control area (LCA).
+	MOVW	PSALAA, R8
+	MOVD	LCA64(R8), R8
+
+	// Get function.
+	MOVD	CAA(R8), R9
+	MOVD	EDCHPXV(R9), R9
+	MOVD	trap+0(FP), R5
+	SLD	$4, R5
+	ADD	R5, R9
+	LMG	0(R9), R5, R6
 
 	// Restore LE stack.
-	MOVD SAVSTACK_ASYNC(R8), R9 // R9-> LE stack frame saving address
-	MOVD 0(R9), R4              // R4-> restore previously saved stack frame pointer
-
-	MOVD parms_base+8(FP), R7 // R7 -> argument array
-	MOVD parms_len+16(FP), R8 // R8 number of arguments
-
-	//  arg 1 ---> R1
-	CMP  R8, $0
-	BEQ  docall
-	SUB  $1, R8
-	MOVD 0(R7), R1
-
-	//  arg 2 ---> R2
-	CMP  R8, $0
-	BEQ  docall
-	SUB  $1, R8
-	ADD  $8, R7
-	MOVD 0(R7), R2
-
-	//  arg 3 --> R3
-	CMP  R8, $0
-	BEQ  docall
-	SUB  $1, R8
-	ADD  $8, R7
-	MOVD 0(R7), R3
-
-	CMP  R8, $0
-	BEQ  docall
-	MOVD $2176+16, R6 // starting LE stack address-8 to store 4th argument
-
-repeat:
-	ADD  $8, R7
-	MOVD 0(R7), R0      // advance arg pointer by 8 byte
-	ADD  $8, R6         // advance LE argument address by 8 byte
-	MOVD R0, (R4)(R6*1) // copy argument from go-slice to le-frame
-	SUB  $1, R8
-	CMP  R8, $0
-	BNE  repeat
-
-docall:
-	MOVD funcdesc+0(FP), R8 // R8-> function descriptor
-	LMG  0(R8), R5, R6
-	MOVD $0, 0(R9)          // R9 address of SAVSTACK_ASYNC
-	LE_CALL                 // balr R7, R6 (return #1)
-	NOPH
-	MOVD R3, ret+32(FP)
-	CMP  R3, $-1            // compare result to -1
-	BNE  done
-
-	// retrieve errno and errno2
-	MOVD  zosLibVec<>(SB), R8
-	ADD   $(__errno), R8
-	LMG   0(R8), R5, R6
-	LE_CALL                   // balr R7, R6 __errno (return #3)
-	NOPH
-	MOVWZ 0(R3), R3
-	MOVD  R3, err+48(FP)
-	MOVD  zosLibVec<>(SB), R8
-	ADD   $(__err2ad), R8
-	LMG   0(R8), R5, R6
-	LE_CALL                   // balr R7, R6 __err2ad (return #2)
+	MOVD	SAVSTACK_ASYNC(R8), R9
+	MOVD	0(R9), R4
+	MOVD	$0, 0(R9)
+
+	// Fill in parameter list.
+	MOVD	a4+32(FP), R12
+	MOVD	R12, (2176+24)(R4)
+	MOVD	a5+40(FP), R12
+	MOVD	R12, (2176+32)(R4)
+	MOVD	a6+48(FP), R12
+	MOVD	R12, (2176+40)(R4)
+
+	// Call function.
+	LE_CALL
 	NOPH
-	MOVW  (R3), R2            // retrieve errno2
-	MOVD  R2, errno2+40(FP)   // store in return area
-
+	XOR	R0, R0      // Restore R0 to $0.
+	MOVD	R4, 0(R9)   // Save stack pointer.
+
+	MOVD	R3, r1+56(FP)
+	MOVD	R0, r2+64(FP)
+	MOVD	R0, err+72(FP)
+	MOVW	R3, R4
+	CMP	R4, $-1
+	BNE	done
+	BL	·rrno<>(SB)
+	MOVWZ	0(R3), R3
+	MOVD	R3, err+72(FP)
 done:
-	MOVD R4, 0(R9)            // Save stack pointer.
 	RET
 
-//
-// Call LE function, if the return is 0
-// errno and errno2 is retrieved
-//
-TEXT ·CallLeFuncWithPtrReturn(SB), NOSPLIT, $0
-	MOVW PSALAA, R8
-	MOVD LCA64(R8), R8
-	MOVD CAA(R8), R9
-	MOVD g, GOCB(R9)
+TEXT ·syscall_syscall9(SB),NOSPLIT,$0
+	BL	runtime·entersyscall(SB)
+	MOVD	a1+8(FP), R1
+	MOVD	a2+16(FP), R2
+	MOVD	a3+24(FP), R3
+
+	// Get library control area (LCA).
+	MOVW	PSALAA, R8
+	MOVD	LCA64(R8), R8
+
+	// Get function.
+	MOVD	CAA(R8), R9
+	MOVD	EDCHPXV(R9), R9
+	MOVD	trap+0(FP), R5
+	SLD	$4, R5
+	ADD	R5, R9
+	LMG	0(R9), R5, R6
 
 	// Restore LE stack.
-	MOVD SAVSTACK_ASYNC(R8), R9 // R9-> LE stack frame saving address
-	MOVD 0(R9), R4              // R4-> restore previously saved stack frame pointer
-
-	MOVD parms_base+8(FP), R7 // R7 -> argument array
-	MOVD parms_len+16(FP), R8 // R8 number of arguments
-
-	//  arg 1 ---> R1
-	CMP  R8, $0
-	BEQ  docall
-	SUB  $1, R8
-	MOVD 0(R7), R1
-
-	//  arg 2 ---> R2
-	CMP  R8, $0
-	BEQ  docall
-	SUB  $1, R8
-	ADD  $8, R7
-	MOVD 0(R7), R2
-
-	//  arg 3 --> R3
-	CMP  R8, $0
-	BEQ  docall
-	SUB  $1, R8
-	ADD  $8, R7
-	MOVD 0(R7), R3
-
-	CMP  R8, $0
-	BEQ  docall
-	MOVD $2176+16, R6 // starting LE stack address-8 to store 4th argument
-
-repeat:
-	ADD  $8, R7
-	MOVD 0(R7), R0      // advance arg pointer by 8 byte
-	ADD  $8, R6         // advance LE argument address by 8 byte
-	MOVD R0, (R4)(R6*1) // copy argument from go-slice to le-frame
-	SUB  $1, R8
-	CMP  R8, $0
-	BNE  repeat
-
-docall:
-	MOVD funcdesc+0(FP), R8 // R8-> function descriptor
-	LMG  0(R8), R5, R6
-	MOVD $0, 0(R9)          // R9 address of SAVSTACK_ASYNC
-	LE_CALL                 // balr R7, R6 (return #1)
-	NOPH
-	MOVD R3, ret+32(FP)
-	CMP  R3, $0             // compare result to 0
-	BNE  done
-
-	// retrieve errno and errno2
-	MOVD  zosLibVec<>(SB), R8
-	ADD   $(__errno), R8
-	LMG   0(R8), R5, R6
-	LE_CALL                   // balr R7, R6 __errno (return #3)
+	MOVD	SAVSTACK_ASYNC(R8), R9
+	MOVD	0(R9), R4
+	MOVD	$0, 0(R9)
+
+	// Fill in parameter list.
+	MOVD	a4+32(FP), R12
+	MOVD	R12, (2176+24)(R4)
+	MOVD	a5+40(FP), R12
+	MOVD	R12, (2176+32)(R4)
+	MOVD	a6+48(FP), R12
+	MOVD	R12, (2176+40)(R4)
+	MOVD	a7+56(FP), R12
+	MOVD	R12, (2176+48)(R4)
+	MOVD	a8+64(FP), R12
+	MOVD	R12, (2176+56)(R4)
+	MOVD	a9+72(FP), R12
+	MOVD	R12, (2176+64)(R4)
+
+	// Call function.
+	LE_CALL
 	NOPH
-	MOVWZ 0(R3), R3
-	MOVD  R3, err+48(FP)
-	MOVD  zosLibVec<>(SB), R8
-	ADD   $(__err2ad), R8
-	LMG   0(R8), R5, R6
-	LE_CALL                   // balr R7, R6 __err2ad (return #2)
+	XOR	R0, R0      // Restore R0 to $0.
+	MOVD	R4, 0(R9)   // Save stack pointer.
+
+	MOVD	R3, r1+80(FP)
+	MOVD	R0, r2+88(FP)
+	MOVD	R0, err+96(FP)
+	MOVW	R3, R4
+	CMP	R4, $-1
+	BNE	done
+	BL	addrerrno<>(SB)
+	MOVWZ	0(R3), R3
+	MOVD	R3, err+96(FP)
+done:
+        BL	runtime·exitsyscall(SB)
+        RET
+
+TEXT ·syscall_rawsyscall9(SB),NOSPLIT,$0
+	MOVD	a1+8(FP), R1
+	MOVD	a2+16(FP), R2
+	MOVD	a3+24(FP), R3
+
+	// Get library control area (LCA).
+	MOVW	PSALAA, R8
+	MOVD	LCA64(R8), R8
+
+	// Get function.
+	MOVD	CAA(R8), R9
+	MOVD	EDCHPXV(R9), R9
+	MOVD	trap+0(FP), R5
+	SLD	$4, R5
+	ADD	R5, R9
+	LMG	0(R9), R5, R6
+
+	// Restore LE stack.
+	MOVD	SAVSTACK_ASYNC(R8), R9
+	MOVD	0(R9), R4
+	MOVD	$0, 0(R9)
+
+	// Fill in parameter list.
+	MOVD	a4+32(FP), R12
+	MOVD	R12, (2176+24)(R4)
+	MOVD	a5+40(FP), R12
+	MOVD	R12, (2176+32)(R4)
+	MOVD	a6+48(FP), R12
+	MOVD	R12, (2176+40)(R4)
+	MOVD	a7+56(FP), R12
+	MOVD	R12, (2176+48)(R4)
+	MOVD	a8+64(FP), R12
+	MOVD	R12, (2176+56)(R4)
+	MOVD	a9+72(FP), R12
+	MOVD	R12, (2176+64)(R4)
+
+	// Call function.
+	LE_CALL
 	NOPH
-	MOVW  (R3), R2            // retrieve errno2
-	MOVD  R2, errno2+40(FP)   // store in return area
-	XOR   R2, R2
-	MOVWZ R2, (R3)            // clear errno2
+	XOR	R0, R0      // Restore R0 to $0.
+	MOVD	R4, 0(R9)   // Save stack pointer.
+
+	MOVD	R3, r1+80(FP)
+	MOVD	R0, r2+88(FP)
+	MOVD	R0, err+96(FP)
+	MOVW	R3, R4
+	CMP	R4, $-1
+	BNE	done
+	BL	addrerrno<>(SB)
+	MOVWZ	0(R3), R3
+	MOVD	R3, err+96(FP)
+done:
+	RET
+
+// func svcCall(fnptr unsafe.Pointer, argv *unsafe.Pointer, dsa *uint64)
+TEXT ·svcCall(SB),NOSPLIT,$0
+	BL	runtime·save_g(SB)   // Save g and stack pointer
+	MOVW	PSALAA, R8
+	MOVD	LCA64(R8), R8
+	MOVD	SAVSTACK_ASYNC(R8), R9
+	MOVD	R15, 0(R9)
+
+	MOVD	argv+8(FP), R1       // Move function arguments into registers
+	MOVD	dsa+16(FP), g
+	MOVD	fnptr+0(FP), R15
+
+	BYTE	$0x0D                // Branch to function
+	BYTE	$0xEF
+
+	BL	runtime·load_g(SB)   // Restore g and stack pointer
+	MOVW	PSALAA, R8
+	MOVD	LCA64(R8), R8
+	MOVD	SAVSTACK_ASYNC(R8), R9
+	MOVD	0(R9), R15
 
+	RET
+
+// func svcLoad(name *byte) unsafe.Pointer
+TEXT ·svcLoad(SB),NOSPLIT,$0
+	MOVD	R15, R2          // Save go stack pointer
+	MOVD	name+0(FP), R0   // Move SVC args into registers
+	MOVD	$0x80000000, R1
+	MOVD	$0, R15
+	BYTE	$0x0A            // SVC 08 LOAD
+	BYTE	$0x08
+	MOVW	R15, R3          // Save return code from SVC
+	MOVD	R2, R15          // Restore go stack pointer
+	CMP	R3, $0           // Check SVC return code
+	BNE	error
+
+	MOVD	$-2, R3          // Reset last bit of entry point to zero
+	AND	R0, R3
+	MOVD	R3, addr+8(FP)   // Return entry point returned by SVC
+	CMP	R0, R3           // Check if last bit of entry point was set
+	BNE	done
+
+	MOVD	R15, R2          // Save go stack pointer
+	MOVD	$0, R15          // Move SVC args into registers (entry point still in r0 from SVC 08)
+	BYTE	$0x0A            // SVC 09 DELETE
+	BYTE	$0x09
+	MOVD	R2, R15          // Restore go stack pointer
+
+error:
+	MOVD	$0, addr+8(FP)   // Return 0 on failure
 done:
-	MOVD R4, 0(R9)            // Save stack pointer.
+	XOR	R0, R0           // Reset r0 to 0
 	RET
 
-//
-// function to test if a pointer can be safely dereferenced (content read)
-// return 0 for succces
-//
-TEXT ·ptrtest(SB), NOSPLIT, $0-16
-	MOVD arg+0(FP), R10 // test pointer in R10
-
-	// set up R2 to point to CEECAADMC
-	BYTE $0xE3; BYTE $0x20; BYTE $0x04; BYTE $0xB8; BYTE $0x00; BYTE $0x17 // llgt  2,1208
-	BYTE $0xB9; BYTE $0x17; BYTE $0x00; BYTE $0x22                         // llgtr 2,2
-	BYTE $0xA5; BYTE $0x26; BYTE $0x7F; BYTE $0xFF                         // nilh  2,32767
-	BYTE $0xE3; BYTE $0x22; BYTE $0x00; BYTE $0x58; BYTE $0x00; BYTE $0x04 // lg    2,88(2)
-	BYTE $0xE3; BYTE $0x22; BYTE $0x00; BYTE $0x08; BYTE $0x00; BYTE $0x04 // lg    2,8(2)
-	BYTE $0x41; BYTE $0x22; BYTE $0x03; BYTE $0x68                         // la    2,872(2)
-
-	// set up R5 to point to the "shunt" path which set 1 to R3 (failure)
-	BYTE $0xB9; BYTE $0x82; BYTE $0x00; BYTE $0x33 // xgr   3,3
-	BYTE $0xA7; BYTE $0x55; BYTE $0x00; BYTE $0x04 // bras  5,lbl1
-	BYTE $0xA7; BYTE $0x39; BYTE $0x00; BYTE $0x01 // lghi  3,1
-
-	// if r3 is not zero (failed) then branch to finish
-	BYTE $0xB9; BYTE $0x02; BYTE $0x00; BYTE $0x33 // lbl1     ltgr  3,3
-	BYTE $0xA7; BYTE $0x74; BYTE $0x00; BYTE $0x08 // brc   b'0111',lbl2
-
-	// stomic store shunt address in R5 into CEECAADMC
-	BYTE $0xE3; BYTE $0x52; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x24 // stg   5,0(2)
-
-	// now try reading from the test pointer in R10, if it fails it branches to the "lghi" instruction above
-	BYTE $0xE3; BYTE $0x9A; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x04 // lg    9,0(10)
-
-	// finish here, restore 0 into CEECAADMC
-	BYTE $0xB9; BYTE $0x82; BYTE $0x00; BYTE $0x99                         // lbl2     xgr   9,9
-	BYTE $0xE3; BYTE $0x92; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x24 // stg   9,0(2)
-	MOVD R3, ret+8(FP)                                                     // result in R3
+// func svcUnload(name *byte, fnptr unsafe.Pointer) int64
+TEXT ·svcUnload(SB),NOSPLIT,$0
+	MOVD	R15, R2          // Save go stack pointer
+	MOVD	name+0(FP), R0   // Move SVC args into registers
+	MOVD	addr+8(FP), R15
+	BYTE	$0x0A            // SVC 09
+	BYTE	$0x09
+	XOR	R0, R0           // Reset r0 to 0
+	MOVD	R15, R1          // Save SVC return code
+	MOVD	R2, R15          // Restore go stack pointer
+	MOVD	R1, rc+0(FP)     // Return SVC return code
 	RET
 
-//
-// function to test if a untptr can be loaded from a pointer
-// return 1: the 8-byte content
-//        2: 0 for success, 1 for failure
-//
-// func safeload(ptr uintptr) ( value uintptr, error uintptr)
-TEXT ·safeload(SB), NOSPLIT, $0-24
-	MOVD ptr+0(FP), R10                                                    // test pointer in R10
-	MOVD $0x0, R6
-	BYTE $0xE3; BYTE $0x20; BYTE $0x04; BYTE $0xB8; BYTE $0x00; BYTE $0x17 // llgt  2,1208
-	BYTE $0xB9; BYTE $0x17; BYTE $0x00; BYTE $0x22                         // llgtr 2,2
-	BYTE $0xA5; BYTE $0x26; BYTE $0x7F; BYTE $0xFF                         // nilh  2,32767
-	BYTE $0xE3; BYTE $0x22; BYTE $0x00; BYTE $0x58; BYTE $0x00; BYTE $0x04 // lg    2,88(2)
-	BYTE $0xE3; BYTE $0x22; BYTE $0x00; BYTE $0x08; BYTE $0x00; BYTE $0x04 // lg    2,8(2)
-	BYTE $0x41; BYTE $0x22; BYTE $0x03; BYTE $0x68                         // la    2,872(2)
-	BYTE $0xB9; BYTE $0x82; BYTE $0x00; BYTE $0x33                         // xgr   3,3
-	BYTE $0xA7; BYTE $0x55; BYTE $0x00; BYTE $0x04                         // bras  5,lbl1
-	BYTE $0xA7; BYTE $0x39; BYTE $0x00; BYTE $0x01                         // lghi  3,1
-	BYTE $0xB9; BYTE $0x02; BYTE $0x00; BYTE $0x33                         // lbl1     ltgr  3,3
-	BYTE $0xA7; BYTE $0x74; BYTE $0x00; BYTE $0x08                         // brc   b'0111',lbl2
-	BYTE $0xE3; BYTE $0x52; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x24 // stg 5,0(2)
-	BYTE $0xE3; BYTE $0x6A; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x04 // lg    6,0(10)
-	BYTE $0xB9; BYTE $0x82; BYTE $0x00; BYTE $0x99                         // lbl2     xgr   9,9
-	BYTE $0xE3; BYTE $0x92; BYTE $0x00; BYTE $0x00; BYTE $0x00; BYTE $0x24 // stg   9,0(2)
-	MOVD R6, value+8(FP)                                                   // result in R6
-	MOVD R3, error+16(FP)                                                  // error in R3
+// func gettid() uint64
+TEXT ·gettid(SB), NOSPLIT, $0
+	// Get library control area (LCA).
+	MOVW PSALAA, R8
+	MOVD LCA64(R8), R8
+
+	// Get CEECAATHDID
+	MOVD CAA(R8), R9
+	MOVD 0x3D0(R9), R9
+	MOVD R9, ret+0(FP)
+
 	RET
diff --git a/vendor/golang.org/x/sys/unix/bpxsvc_zos.go b/vendor/golang.org/x/sys/unix/bpxsvc_zos.go
deleted file mode 100644
index 39d647d86..000000000
--- a/vendor/golang.org/x/sys/unix/bpxsvc_zos.go
+++ /dev/null
@@ -1,657 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build zos
-
-package unix
-
-import (
-	"bytes"
-	"fmt"
-	"unsafe"
-)
-
-//go:noescape
-func bpxcall(plist []unsafe.Pointer, bpx_offset int64)
-
-//go:noescape
-func A2e([]byte)
-
-//go:noescape
-func E2a([]byte)
-
-const (
-	BPX4STA = 192  // stat
-	BPX4FST = 104  // fstat
-	BPX4LST = 132  // lstat
-	BPX4OPN = 156  // open
-	BPX4CLO = 72   // close
-	BPX4CHR = 500  // chattr
-	BPX4FCR = 504  // fchattr
-	BPX4LCR = 1180 // lchattr
-	BPX4CTW = 492  // cond_timed_wait
-	BPX4GTH = 1056 // __getthent
-	BPX4PTQ = 412  // pthread_quiesc
-	BPX4PTR = 320  // ptrace
-)
-
-const (
-	//options
-	//byte1
-	BPX_OPNFHIGH = 0x80
-	//byte2
-	BPX_OPNFEXEC = 0x80
-	//byte3
-	BPX_O_NOLARGEFILE = 0x08
-	BPX_O_LARGEFILE   = 0x04
-	BPX_O_ASYNCSIG    = 0x02
-	BPX_O_SYNC        = 0x01
-	//byte4
-	BPX_O_CREXCL   = 0xc0
-	BPX_O_CREAT    = 0x80
-	BPX_O_EXCL     = 0x40
-	BPX_O_NOCTTY   = 0x20
-	BPX_O_TRUNC    = 0x10
-	BPX_O_APPEND   = 0x08
-	BPX_O_NONBLOCK = 0x04
-	BPX_FNDELAY    = 0x04
-	BPX_O_RDWR     = 0x03
-	BPX_O_RDONLY   = 0x02
-	BPX_O_WRONLY   = 0x01
-	BPX_O_ACCMODE  = 0x03
-	BPX_O_GETFL    = 0x0f
-
-	//mode
-	// byte1 (file type)
-	BPX_FT_DIR      = 1
-	BPX_FT_CHARSPEC = 2
-	BPX_FT_REGFILE  = 3
-	BPX_FT_FIFO     = 4
-	BPX_FT_SYMLINK  = 5
-	BPX_FT_SOCKET   = 6
-	//byte3
-	BPX_S_ISUID  = 0x08
-	BPX_S_ISGID  = 0x04
-	BPX_S_ISVTX  = 0x02
-	BPX_S_IRWXU1 = 0x01
-	BPX_S_IRUSR  = 0x01
-	//byte4
-	BPX_S_IRWXU2 = 0xc0
-	BPX_S_IWUSR  = 0x80
-	BPX_S_IXUSR  = 0x40
-	BPX_S_IRWXG  = 0x38
-	BPX_S_IRGRP  = 0x20
-	BPX_S_IWGRP  = 0x10
-	BPX_S_IXGRP  = 0x08
-	BPX_S_IRWXOX = 0x07
-	BPX_S_IROTH  = 0x04
-	BPX_S_IWOTH  = 0x02
-	BPX_S_IXOTH  = 0x01
-
-	CW_INTRPT  = 1
-	CW_CONDVAR = 32
-	CW_TIMEOUT = 64
-
-	PGTHA_NEXT        = 2
-	PGTHA_CURRENT     = 1
-	PGTHA_FIRST       = 0
-	PGTHA_LAST        = 3
-	PGTHA_PROCESS     = 0x80
-	PGTHA_CONTTY      = 0x40
-	PGTHA_PATH        = 0x20
-	PGTHA_COMMAND     = 0x10
-	PGTHA_FILEDATA    = 0x08
-	PGTHA_THREAD      = 0x04
-	PGTHA_PTAG        = 0x02
-	PGTHA_COMMANDLONG = 0x01
-	PGTHA_THREADFAST  = 0x80
-	PGTHA_FILEPATH    = 0x40
-	PGTHA_THDSIGMASK  = 0x20
-	// thread quiece mode
-	QUIESCE_TERM       int32 = 1
-	QUIESCE_FORCE      int32 = 2
-	QUIESCE_QUERY      int32 = 3
-	QUIESCE_FREEZE     int32 = 4
-	QUIESCE_UNFREEZE   int32 = 5
-	FREEZE_THIS_THREAD int32 = 6
-	FREEZE_EXIT        int32 = 8
-	QUIESCE_SRB        int32 = 9
-)
-
-type Pgtha struct {
-	Pid        uint32 // 0
-	Tid0       uint32 // 4
-	Tid1       uint32
-	Accesspid  byte    // C
-	Accesstid  byte    // D
-	Accessasid uint16  // E
-	Loginname  [8]byte // 10
-	Flag1      byte    // 18
-	Flag1b2    byte    // 19
-}
-
-type Bpxystat_t struct { // DSECT BPXYSTAT
-	St_id           [4]uint8  // 0
-	St_length       uint16    // 0x4
-	St_version      uint16    // 0x6
-	St_mode         uint32    // 0x8
-	St_ino          uint32    // 0xc
-	St_dev          uint32    // 0x10
-	St_nlink        uint32    // 0x14
-	St_uid          uint32    // 0x18
-	St_gid          uint32    // 0x1c
-	St_size         uint64    // 0x20
-	St_atime        uint32    // 0x28
-	St_mtime        uint32    // 0x2c
-	St_ctime        uint32    // 0x30
-	St_rdev         uint32    // 0x34
-	St_auditoraudit uint32    // 0x38
-	St_useraudit    uint32    // 0x3c
-	St_blksize      uint32    // 0x40
-	St_createtime   uint32    // 0x44
-	St_auditid      [4]uint32 // 0x48
-	St_res01        uint32    // 0x58
-	Ft_ccsid        uint16    // 0x5c
-	Ft_flags        uint16    // 0x5e
-	St_res01a       [2]uint32 // 0x60
-	St_res02        uint32    // 0x68
-	St_blocks       uint32    // 0x6c
-	St_opaque       [3]uint8  // 0x70
-	St_visible      uint8     // 0x73
-	St_reftime      uint32    // 0x74
-	St_fid          uint64    // 0x78
-	St_filefmt      uint8     // 0x80
-	St_fspflag2     uint8     // 0x81
-	St_res03        [2]uint8  // 0x82
-	St_ctimemsec    uint32    // 0x84
-	St_seclabel     [8]uint8  // 0x88
-	St_res04        [4]uint8  // 0x90
-	// end of version 1
-	_               uint32    // 0x94
-	St_atime64      uint64    // 0x98
-	St_mtime64      uint64    // 0xa0
-	St_ctime64      uint64    // 0xa8
-	St_createtime64 uint64    // 0xb0
-	St_reftime64    uint64    // 0xb8
-	_               uint64    // 0xc0
-	St_res05        [16]uint8 // 0xc8
-	// end of version 2
-}
-
-type BpxFilestatus struct {
-	Oflag1 byte
-	Oflag2 byte
-	Oflag3 byte
-	Oflag4 byte
-}
-
-type BpxMode struct {
-	Ftype byte
-	Mode1 byte
-	Mode2 byte
-	Mode3 byte
-}
-
-// Thr attribute structure for extended attributes
-type Bpxyatt_t struct { // DSECT BPXYATT
-	Att_id           [4]uint8
-	Att_version      uint16
-	Att_res01        [2]uint8
-	Att_setflags1    uint8
-	Att_setflags2    uint8
-	Att_setflags3    uint8
-	Att_setflags4    uint8
-	Att_mode         uint32
-	Att_uid          uint32
-	Att_gid          uint32
-	Att_opaquemask   [3]uint8
-	Att_visblmaskres uint8
-	Att_opaque       [3]uint8
-	Att_visibleres   uint8
-	Att_size_h       uint32
-	Att_size_l       uint32
-	Att_atime        uint32
-	Att_mtime        uint32
-	Att_auditoraudit uint32
-	Att_useraudit    uint32
-	Att_ctime        uint32
-	Att_reftime      uint32
-	// end of version 1
-	Att_filefmt uint8
-	Att_res02   [3]uint8
-	Att_filetag uint32
-	Att_res03   [8]uint8
-	// end of version 2
-	Att_atime64   uint64
-	Att_mtime64   uint64
-	Att_ctime64   uint64
-	Att_reftime64 uint64
-	Att_seclabel  [8]uint8
-	Att_ver3res02 [8]uint8
-	// end of version 3
-}
-
-func BpxOpen(name string, options *BpxFilestatus, mode *BpxMode) (rv int32, rc int32, rn int32) {
-	if len(name) < 1024 {
-		var namebuf [1024]byte
-		sz := int32(copy(namebuf[:], name))
-		A2e(namebuf[:sz])
-		var parms [7]unsafe.Pointer
-		parms[0] = unsafe.Pointer(&sz)
-		parms[1] = unsafe.Pointer(&namebuf[0])
-		parms[2] = unsafe.Pointer(options)
-		parms[3] = unsafe.Pointer(mode)
-		parms[4] = unsafe.Pointer(&rv)
-		parms[5] = unsafe.Pointer(&rc)
-		parms[6] = unsafe.Pointer(&rn)
-		bpxcall(parms[:], BPX4OPN)
-		return rv, rc, rn
-	}
-	return -1, -1, -1
-}
-
-func BpxClose(fd int32) (rv int32, rc int32, rn int32) {
-	var parms [4]unsafe.Pointer
-	parms[0] = unsafe.Pointer(&fd)
-	parms[1] = unsafe.Pointer(&rv)
-	parms[2] = unsafe.Pointer(&rc)
-	parms[3] = unsafe.Pointer(&rn)
-	bpxcall(parms[:], BPX4CLO)
-	return rv, rc, rn
-}
-
-func BpxFileFStat(fd int32, st *Bpxystat_t) (rv int32, rc int32, rn int32) {
-	st.St_id = [4]uint8{0xe2, 0xe3, 0xc1, 0xe3}
-	st.St_version = 2
-	stat_sz := uint32(unsafe.Sizeof(*st))
-	var parms [6]unsafe.Pointer
-	parms[0] = unsafe.Pointer(&fd)
-	parms[1] = unsafe.Pointer(&stat_sz)
-	parms[2] = unsafe.Pointer(st)
-	parms[3] = unsafe.Pointer(&rv)
-	parms[4] = unsafe.Pointer(&rc)
-	parms[5] = unsafe.Pointer(&rn)
-	bpxcall(parms[:], BPX4FST)
-	return rv, rc, rn
-}
-
-func BpxFileStat(name string, st *Bpxystat_t) (rv int32, rc int32, rn int32) {
-	if len(name) < 1024 {
-		var namebuf [1024]byte
-		sz := int32(copy(namebuf[:], name))
-		A2e(namebuf[:sz])
-		st.St_id = [4]uint8{0xe2, 0xe3, 0xc1, 0xe3}
-		st.St_version = 2
-		stat_sz := uint32(unsafe.Sizeof(*st))
-		var parms [7]unsafe.Pointer
-		parms[0] = unsafe.Pointer(&sz)
-		parms[1] = unsafe.Pointer(&namebuf[0])
-		parms[2] = unsafe.Pointer(&stat_sz)
-		parms[3] = unsafe.Pointer(st)
-		parms[4] = unsafe.Pointer(&rv)
-		parms[5] = unsafe.Pointer(&rc)
-		parms[6] = unsafe.Pointer(&rn)
-		bpxcall(parms[:], BPX4STA)
-		return rv, rc, rn
-	}
-	return -1, -1, -1
-}
-
-func BpxFileLStat(name string, st *Bpxystat_t) (rv int32, rc int32, rn int32) {
-	if len(name) < 1024 {
-		var namebuf [1024]byte
-		sz := int32(copy(namebuf[:], name))
-		A2e(namebuf[:sz])
-		st.St_id = [4]uint8{0xe2, 0xe3, 0xc1, 0xe3}
-		st.St_version = 2
-		stat_sz := uint32(unsafe.Sizeof(*st))
-		var parms [7]unsafe.Pointer
-		parms[0] = unsafe.Pointer(&sz)
-		parms[1] = unsafe.Pointer(&namebuf[0])
-		parms[2] = unsafe.Pointer(&stat_sz)
-		parms[3] = unsafe.Pointer(st)
-		parms[4] = unsafe.Pointer(&rv)
-		parms[5] = unsafe.Pointer(&rc)
-		parms[6] = unsafe.Pointer(&rn)
-		bpxcall(parms[:], BPX4LST)
-		return rv, rc, rn
-	}
-	return -1, -1, -1
-}
-
-func BpxChattr(path string, attr *Bpxyatt_t) (rv int32, rc int32, rn int32) {
-	if len(path) >= 1024 {
-		return -1, -1, -1
-	}
-	var namebuf [1024]byte
-	sz := int32(copy(namebuf[:], path))
-	A2e(namebuf[:sz])
-	attr_sz := uint32(unsafe.Sizeof(*attr))
-	var parms [7]unsafe.Pointer
-	parms[0] = unsafe.Pointer(&sz)
-	parms[1] = unsafe.Pointer(&namebuf[0])
-	parms[2] = unsafe.Pointer(&attr_sz)
-	parms[3] = unsafe.Pointer(attr)
-	parms[4] = unsafe.Pointer(&rv)
-	parms[5] = unsafe.Pointer(&rc)
-	parms[6] = unsafe.Pointer(&rn)
-	bpxcall(parms[:], BPX4CHR)
-	return rv, rc, rn
-}
-
-func BpxLchattr(path string, attr *Bpxyatt_t) (rv int32, rc int32, rn int32) {
-	if len(path) >= 1024 {
-		return -1, -1, -1
-	}
-	var namebuf [1024]byte
-	sz := int32(copy(namebuf[:], path))
-	A2e(namebuf[:sz])
-	attr_sz := uint32(unsafe.Sizeof(*attr))
-	var parms [7]unsafe.Pointer
-	parms[0] = unsafe.Pointer(&sz)
-	parms[1] = unsafe.Pointer(&namebuf[0])
-	parms[2] = unsafe.Pointer(&attr_sz)
-	parms[3] = unsafe.Pointer(attr)
-	parms[4] = unsafe.Pointer(&rv)
-	parms[5] = unsafe.Pointer(&rc)
-	parms[6] = unsafe.Pointer(&rn)
-	bpxcall(parms[:], BPX4LCR)
-	return rv, rc, rn
-}
-
-func BpxFchattr(fd int32, attr *Bpxyatt_t) (rv int32, rc int32, rn int32) {
-	attr_sz := uint32(unsafe.Sizeof(*attr))
-	var parms [6]unsafe.Pointer
-	parms[0] = unsafe.Pointer(&fd)
-	parms[1] = unsafe.Pointer(&attr_sz)
-	parms[2] = unsafe.Pointer(attr)
-	parms[3] = unsafe.Pointer(&rv)
-	parms[4] = unsafe.Pointer(&rc)
-	parms[5] = unsafe.Pointer(&rn)
-	bpxcall(parms[:], BPX4FCR)
-	return rv, rc, rn
-}
-
-func BpxCondTimedWait(sec uint32, nsec uint32, events uint32, secrem *uint32, nsecrem *uint32) (rv int32, rc int32, rn int32) {
-	var parms [8]unsafe.Pointer
-	parms[0] = unsafe.Pointer(&sec)
-	parms[1] = unsafe.Pointer(&nsec)
-	parms[2] = unsafe.Pointer(&events)
-	parms[3] = unsafe.Pointer(secrem)
-	parms[4] = unsafe.Pointer(nsecrem)
-	parms[5] = unsafe.Pointer(&rv)
-	parms[6] = unsafe.Pointer(&rc)
-	parms[7] = unsafe.Pointer(&rn)
-	bpxcall(parms[:], BPX4CTW)
-	return rv, rc, rn
-}
-func BpxGetthent(in *Pgtha, outlen *uint32, out unsafe.Pointer) (rv int32, rc int32, rn int32) {
-	var parms [7]unsafe.Pointer
-	inlen := uint32(26) // nothing else will work. Go says Pgtha is 28-byte because of alignment, but Pgtha is "packed" and must be 26-byte
-	parms[0] = unsafe.Pointer(&inlen)
-	parms[1] = unsafe.Pointer(&in)
-	parms[2] = unsafe.Pointer(outlen)
-	parms[3] = unsafe.Pointer(&out)
-	parms[4] = unsafe.Pointer(&rv)
-	parms[5] = unsafe.Pointer(&rc)
-	parms[6] = unsafe.Pointer(&rn)
-	bpxcall(parms[:], BPX4GTH)
-	return rv, rc, rn
-}
-func ZosJobname() (jobname string, err error) {
-	var pgtha Pgtha
-	pgtha.Pid = uint32(Getpid())
-	pgtha.Accesspid = PGTHA_CURRENT
-	pgtha.Flag1 = PGTHA_PROCESS
-	var out [256]byte
-	var outlen uint32
-	outlen = 256
-	rv, rc, rn := BpxGetthent(&pgtha, &outlen, unsafe.Pointer(&out[0]))
-	if rv == 0 {
-		gthc := []byte{0x87, 0xa3, 0x88, 0x83} // 'gthc' in ebcdic
-		ix := bytes.Index(out[:], gthc)
-		if ix == -1 {
-			err = fmt.Errorf("BPX4GTH: gthc return data not found")
-			return
-		}
-		jn := out[ix+80 : ix+88] // we didn't declare Pgthc, but jobname is 8-byte at offset 80
-		E2a(jn)
-		jobname = string(bytes.TrimRight(jn, " "))
-
-	} else {
-		err = fmt.Errorf("BPX4GTH: rc=%d errno=%d reason=code=0x%x", rv, rc, rn)
-	}
-	return
-}
-func Bpx4ptq(code int32, data string) (rv int32, rc int32, rn int32) {
-	var userdata [8]byte
-	var parms [5]unsafe.Pointer
-	copy(userdata[:], data+"        ")
-	A2e(userdata[:])
-	parms[0] = unsafe.Pointer(&code)
-	parms[1] = unsafe.Pointer(&userdata[0])
-	parms[2] = unsafe.Pointer(&rv)
-	parms[3] = unsafe.Pointer(&rc)
-	parms[4] = unsafe.Pointer(&rn)
-	bpxcall(parms[:], BPX4PTQ)
-	return rv, rc, rn
-}
-
-const (
-	PT_TRACE_ME             = 0  // Debug this process
-	PT_READ_I               = 1  // Read a full word
-	PT_READ_D               = 2  // Read a full word
-	PT_READ_U               = 3  // Read control info
-	PT_WRITE_I              = 4  //Write a full word
-	PT_WRITE_D              = 5  //Write a full word
-	PT_CONTINUE             = 7  //Continue the process
-	PT_KILL                 = 8  //Terminate the process
-	PT_READ_GPR             = 11 // Read GPR, CR, PSW
-	PT_READ_FPR             = 12 // Read FPR
-	PT_READ_VR              = 13 // Read VR
-	PT_WRITE_GPR            = 14 // Write GPR, CR, PSW
-	PT_WRITE_FPR            = 15 // Write FPR
-	PT_WRITE_VR             = 16 // Write VR
-	PT_READ_BLOCK           = 17 // Read storage
-	PT_WRITE_BLOCK          = 19 // Write storage
-	PT_READ_GPRH            = 20 // Read GPRH
-	PT_WRITE_GPRH           = 21 // Write GPRH
-	PT_REGHSET              = 22 // Read all GPRHs
-	PT_ATTACH               = 30 // Attach to a process
-	PT_DETACH               = 31 // Detach from a process
-	PT_REGSET               = 32 // Read all GPRs
-	PT_REATTACH             = 33 // Reattach to a process
-	PT_LDINFO               = 34 // Read loader info
-	PT_MULTI                = 35 // Multi process mode
-	PT_LD64INFO             = 36 // RMODE64 Info Area
-	PT_BLOCKREQ             = 40 // Block request
-	PT_THREAD_INFO          = 60 // Read thread info
-	PT_THREAD_MODIFY        = 61
-	PT_THREAD_READ_FOCUS    = 62
-	PT_THREAD_WRITE_FOCUS   = 63
-	PT_THREAD_HOLD          = 64
-	PT_THREAD_SIGNAL        = 65
-	PT_EXPLAIN              = 66
-	PT_EVENTS               = 67
-	PT_THREAD_INFO_EXTENDED = 68
-	PT_REATTACH2            = 71
-	PT_CAPTURE              = 72
-	PT_UNCAPTURE            = 73
-	PT_GET_THREAD_TCB       = 74
-	PT_GET_ALET             = 75
-	PT_SWAPIN               = 76
-	PT_EXTENDED_EVENT       = 98
-	PT_RECOVER              = 99  // Debug a program check
-	PT_GPR0                 = 0   // General purpose register 0
-	PT_GPR1                 = 1   // General purpose register 1
-	PT_GPR2                 = 2   // General purpose register 2
-	PT_GPR3                 = 3   // General purpose register 3
-	PT_GPR4                 = 4   // General purpose register 4
-	PT_GPR5                 = 5   // General purpose register 5
-	PT_GPR6                 = 6   // General purpose register 6
-	PT_GPR7                 = 7   // General purpose register 7
-	PT_GPR8                 = 8   // General purpose register 8
-	PT_GPR9                 = 9   // General purpose register 9
-	PT_GPR10                = 10  // General purpose register 10
-	PT_GPR11                = 11  // General purpose register 11
-	PT_GPR12                = 12  // General purpose register 12
-	PT_GPR13                = 13  // General purpose register 13
-	PT_GPR14                = 14  // General purpose register 14
-	PT_GPR15                = 15  // General purpose register 15
-	PT_FPR0                 = 16  // Floating point register 0
-	PT_FPR1                 = 17  // Floating point register 1
-	PT_FPR2                 = 18  // Floating point register 2
-	PT_FPR3                 = 19  // Floating point register 3
-	PT_FPR4                 = 20  // Floating point register 4
-	PT_FPR5                 = 21  // Floating point register 5
-	PT_FPR6                 = 22  // Floating point register 6
-	PT_FPR7                 = 23  // Floating point register 7
-	PT_FPR8                 = 24  // Floating point register 8
-	PT_FPR9                 = 25  // Floating point register 9
-	PT_FPR10                = 26  // Floating point register 10
-	PT_FPR11                = 27  // Floating point register 11
-	PT_FPR12                = 28  // Floating point register 12
-	PT_FPR13                = 29  // Floating point register 13
-	PT_FPR14                = 30  // Floating point register 14
-	PT_FPR15                = 31  // Floating point register 15
-	PT_FPC                  = 32  // Floating point control register
-	PT_PSW                  = 40  // PSW
-	PT_PSW0                 = 40  // Left half of the PSW
-	PT_PSW1                 = 41  // Right half of the PSW
-	PT_CR0                  = 42  // Control register 0
-	PT_CR1                  = 43  // Control register 1
-	PT_CR2                  = 44  // Control register 2
-	PT_CR3                  = 45  // Control register 3
-	PT_CR4                  = 46  // Control register 4
-	PT_CR5                  = 47  // Control register 5
-	PT_CR6                  = 48  // Control register 6
-	PT_CR7                  = 49  // Control register 7
-	PT_CR8                  = 50  // Control register 8
-	PT_CR9                  = 51  // Control register 9
-	PT_CR10                 = 52  // Control register 10
-	PT_CR11                 = 53  // Control register 11
-	PT_CR12                 = 54  // Control register 12
-	PT_CR13                 = 55  // Control register 13
-	PT_CR14                 = 56  // Control register 14
-	PT_CR15                 = 57  // Control register 15
-	PT_GPRH0                = 58  // GP High register 0
-	PT_GPRH1                = 59  // GP High register 1
-	PT_GPRH2                = 60  // GP High register 2
-	PT_GPRH3                = 61  // GP High register 3
-	PT_GPRH4                = 62  // GP High register 4
-	PT_GPRH5                = 63  // GP High register 5
-	PT_GPRH6                = 64  // GP High register 6
-	PT_GPRH7                = 65  // GP High register 7
-	PT_GPRH8                = 66  // GP High register 8
-	PT_GPRH9                = 67  // GP High register 9
-	PT_GPRH10               = 68  // GP High register 10
-	PT_GPRH11               = 69  // GP High register 11
-	PT_GPRH12               = 70  // GP High register 12
-	PT_GPRH13               = 71  // GP High register 13
-	PT_GPRH14               = 72  // GP High register 14
-	PT_GPRH15               = 73  // GP High register 15
-	PT_VR0                  = 74  // Vector register 0
-	PT_VR1                  = 75  // Vector register 1
-	PT_VR2                  = 76  // Vector register 2
-	PT_VR3                  = 77  // Vector register 3
-	PT_VR4                  = 78  // Vector register 4
-	PT_VR5                  = 79  // Vector register 5
-	PT_VR6                  = 80  // Vector register 6
-	PT_VR7                  = 81  // Vector register 7
-	PT_VR8                  = 82  // Vector register 8
-	PT_VR9                  = 83  // Vector register 9
-	PT_VR10                 = 84  // Vector register 10
-	PT_VR11                 = 85  // Vector register 11
-	PT_VR12                 = 86  // Vector register 12
-	PT_VR13                 = 87  // Vector register 13
-	PT_VR14                 = 88  // Vector register 14
-	PT_VR15                 = 89  // Vector register 15
-	PT_VR16                 = 90  // Vector register 16
-	PT_VR17                 = 91  // Vector register 17
-	PT_VR18                 = 92  // Vector register 18
-	PT_VR19                 = 93  // Vector register 19
-	PT_VR20                 = 94  // Vector register 20
-	PT_VR21                 = 95  // Vector register 21
-	PT_VR22                 = 96  // Vector register 22
-	PT_VR23                 = 97  // Vector register 23
-	PT_VR24                 = 98  // Vector register 24
-	PT_VR25                 = 99  // Vector register 25
-	PT_VR26                 = 100 // Vector register 26
-	PT_VR27                 = 101 // Vector register 27
-	PT_VR28                 = 102 // Vector register 28
-	PT_VR29                 = 103 // Vector register 29
-	PT_VR30                 = 104 // Vector register 30
-	PT_VR31                 = 105 // Vector register 31
-	PT_PSWG                 = 106 // PSWG
-	PT_PSWG0                = 106 // Bytes 0-3
-	PT_PSWG1                = 107 // Bytes 4-7
-	PT_PSWG2                = 108 // Bytes 8-11 (IA high word)
-	PT_PSWG3                = 109 // Bytes 12-15 (IA low word)
-)
-
-func Bpx4ptr(request int32, pid int32, addr unsafe.Pointer, data unsafe.Pointer, buffer unsafe.Pointer) (rv int32, rc int32, rn int32) {
-	var parms [8]unsafe.Pointer
-	parms[0] = unsafe.Pointer(&request)
-	parms[1] = unsafe.Pointer(&pid)
-	parms[2] = unsafe.Pointer(&addr)
-	parms[3] = unsafe.Pointer(&data)
-	parms[4] = unsafe.Pointer(&buffer)
-	parms[5] = unsafe.Pointer(&rv)
-	parms[6] = unsafe.Pointer(&rc)
-	parms[7] = unsafe.Pointer(&rn)
-	bpxcall(parms[:], BPX4PTR)
-	return rv, rc, rn
-}
-
-func copyU8(val uint8, dest []uint8) int {
-	if len(dest) < 1 {
-		return 0
-	}
-	dest[0] = val
-	return 1
-}
-
-func copyU8Arr(src, dest []uint8) int {
-	if len(dest) < len(src) {
-		return 0
-	}
-	for i, v := range src {
-		dest[i] = v
-	}
-	return len(src)
-}
-
-func copyU16(val uint16, dest []uint16) int {
-	if len(dest) < 1 {
-		return 0
-	}
-	dest[0] = val
-	return 1
-}
-
-func copyU32(val uint32, dest []uint32) int {
-	if len(dest) < 1 {
-		return 0
-	}
-	dest[0] = val
-	return 1
-}
-
-func copyU32Arr(src, dest []uint32) int {
-	if len(dest) < len(src) {
-		return 0
-	}
-	for i, v := range src {
-		dest[i] = v
-	}
-	return len(src)
-}
-
-func copyU64(val uint64, dest []uint64) int {
-	if len(dest) < 1 {
-		return 0
-	}
-	dest[0] = val
-	return 1
-}
diff --git a/vendor/golang.org/x/sys/unix/bpxsvc_zos.s b/vendor/golang.org/x/sys/unix/bpxsvc_zos.s
deleted file mode 100644
index 4bd4a1798..000000000
--- a/vendor/golang.org/x/sys/unix/bpxsvc_zos.s
+++ /dev/null
@@ -1,192 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-#include "go_asm.h"
-#include "textflag.h"
-
-// function to call USS assembly language services
-//
-// doc: https://www.ibm.com/support/knowledgecenter/en/SSLTBW_3.1.0/com.ibm.zos.v3r1.bpxb100/bit64env.htm
-//
-//   arg1 unsafe.Pointer array that ressembles an OS PLIST
-//
-//   arg2 function offset as in
-//       doc: https://www.ibm.com/support/knowledgecenter/en/SSLTBW_3.1.0/com.ibm.zos.v3r1.bpxb100/bpx2cr_List_of_offsets.htm
-//
-// func bpxcall(plist []unsafe.Pointer, bpx_offset int64)
-
-TEXT ·bpxcall(SB), NOSPLIT|NOFRAME, $0
-	MOVD  plist_base+0(FP), R1  // r1 points to plist
-	MOVD  bpx_offset+24(FP), R2 // r2 offset to BPX vector table
-	MOVD  R14, R7               // save r14
-	MOVD  R15, R8               // save r15
-	MOVWZ 16(R0), R9
-	MOVWZ 544(R9), R9
-	MOVWZ 24(R9), R9            // call vector in r9
-	ADD   R2, R9                // add offset to vector table
-	MOVWZ (R9), R9              // r9 points to entry point
-	BYTE  $0x0D                 // BL R14,R9 --> basr r14,r9
-	BYTE  $0xE9                 // clobbers 0,1,14,15
-	MOVD  R8, R15               // restore 15
-	JMP   R7                    // return via saved return address
-
-//   func A2e(arr [] byte)
-//   code page conversion from  819 to 1047
-TEXT ·A2e(SB), NOSPLIT|NOFRAME, $0
-	MOVD arg_base+0(FP), R2                        // pointer to arry of characters
-	MOVD arg_len+8(FP), R3                         // count
-	XOR  R0, R0
-	XOR  R1, R1
-	BYTE $0xA7; BYTE $0x15; BYTE $0x00; BYTE $0x82 // BRAS 1,(2+(256/2))
-
-	// ASCII -> EBCDIC conversion table:
-	BYTE $0x00; BYTE $0x01; BYTE $0x02; BYTE $0x03
-	BYTE $0x37; BYTE $0x2d; BYTE $0x2e; BYTE $0x2f
-	BYTE $0x16; BYTE $0x05; BYTE $0x15; BYTE $0x0b
-	BYTE $0x0c; BYTE $0x0d; BYTE $0x0e; BYTE $0x0f
-	BYTE $0x10; BYTE $0x11; BYTE $0x12; BYTE $0x13
-	BYTE $0x3c; BYTE $0x3d; BYTE $0x32; BYTE $0x26
-	BYTE $0x18; BYTE $0x19; BYTE $0x3f; BYTE $0x27
-	BYTE $0x1c; BYTE $0x1d; BYTE $0x1e; BYTE $0x1f
-	BYTE $0x40; BYTE $0x5a; BYTE $0x7f; BYTE $0x7b
-	BYTE $0x5b; BYTE $0x6c; BYTE $0x50; BYTE $0x7d
-	BYTE $0x4d; BYTE $0x5d; BYTE $0x5c; BYTE $0x4e
-	BYTE $0x6b; BYTE $0x60; BYTE $0x4b; BYTE $0x61
-	BYTE $0xf0; BYTE $0xf1; BYTE $0xf2; BYTE $0xf3
-	BYTE $0xf4; BYTE $0xf5; BYTE $0xf6; BYTE $0xf7
-	BYTE $0xf8; BYTE $0xf9; BYTE $0x7a; BYTE $0x5e
-	BYTE $0x4c; BYTE $0x7e; BYTE $0x6e; BYTE $0x6f
-	BYTE $0x7c; BYTE $0xc1; BYTE $0xc2; BYTE $0xc3
-	BYTE $0xc4; BYTE $0xc5; BYTE $0xc6; BYTE $0xc7
-	BYTE $0xc8; BYTE $0xc9; BYTE $0xd1; BYTE $0xd2
-	BYTE $0xd3; BYTE $0xd4; BYTE $0xd5; BYTE $0xd6
-	BYTE $0xd7; BYTE $0xd8; BYTE $0xd9; BYTE $0xe2
-	BYTE $0xe3; BYTE $0xe4; BYTE $0xe5; BYTE $0xe6
-	BYTE $0xe7; BYTE $0xe8; BYTE $0xe9; BYTE $0xad
-	BYTE $0xe0; BYTE $0xbd; BYTE $0x5f; BYTE $0x6d
-	BYTE $0x79; BYTE $0x81; BYTE $0x82; BYTE $0x83
-	BYTE $0x84; BYTE $0x85; BYTE $0x86; BYTE $0x87
-	BYTE $0x88; BYTE $0x89; BYTE $0x91; BYTE $0x92
-	BYTE $0x93; BYTE $0x94; BYTE $0x95; BYTE $0x96
-	BYTE $0x97; BYTE $0x98; BYTE $0x99; BYTE $0xa2
-	BYTE $0xa3; BYTE $0xa4; BYTE $0xa5; BYTE $0xa6
-	BYTE $0xa7; BYTE $0xa8; BYTE $0xa9; BYTE $0xc0
-	BYTE $0x4f; BYTE $0xd0; BYTE $0xa1; BYTE $0x07
-	BYTE $0x20; BYTE $0x21; BYTE $0x22; BYTE $0x23
-	BYTE $0x24; BYTE $0x25; BYTE $0x06; BYTE $0x17
-	BYTE $0x28; BYTE $0x29; BYTE $0x2a; BYTE $0x2b
-	BYTE $0x2c; BYTE $0x09; BYTE $0x0a; BYTE $0x1b
-	BYTE $0x30; BYTE $0x31; BYTE $0x1a; BYTE $0x33
-	BYTE $0x34; BYTE $0x35; BYTE $0x36; BYTE $0x08
-	BYTE $0x38; BYTE $0x39; BYTE $0x3a; BYTE $0x3b
-	BYTE $0x04; BYTE $0x14; BYTE $0x3e; BYTE $0xff
-	BYTE $0x41; BYTE $0xaa; BYTE $0x4a; BYTE $0xb1
-	BYTE $0x9f; BYTE $0xb2; BYTE $0x6a; BYTE $0xb5
-	BYTE $0xbb; BYTE $0xb4; BYTE $0x9a; BYTE $0x8a
-	BYTE $0xb0; BYTE $0xca; BYTE $0xaf; BYTE $0xbc
-	BYTE $0x90; BYTE $0x8f; BYTE $0xea; BYTE $0xfa
-	BYTE $0xbe; BYTE $0xa0; BYTE $0xb6; BYTE $0xb3
-	BYTE $0x9d; BYTE $0xda; BYTE $0x9b; BYTE $0x8b
-	BYTE $0xb7; BYTE $0xb8; BYTE $0xb9; BYTE $0xab
-	BYTE $0x64; BYTE $0x65; BYTE $0x62; BYTE $0x66
-	BYTE $0x63; BYTE $0x67; BYTE $0x9e; BYTE $0x68
-	BYTE $0x74; BYTE $0x71; BYTE $0x72; BYTE $0x73
-	BYTE $0x78; BYTE $0x75; BYTE $0x76; BYTE $0x77
-	BYTE $0xac; BYTE $0x69; BYTE $0xed; BYTE $0xee
-	BYTE $0xeb; BYTE $0xef; BYTE $0xec; BYTE $0xbf
-	BYTE $0x80; BYTE $0xfd; BYTE $0xfe; BYTE $0xfb
-	BYTE $0xfc; BYTE $0xba; BYTE $0xae; BYTE $0x59
-	BYTE $0x44; BYTE $0x45; BYTE $0x42; BYTE $0x46
-	BYTE $0x43; BYTE $0x47; BYTE $0x9c; BYTE $0x48
-	BYTE $0x54; BYTE $0x51; BYTE $0x52; BYTE $0x53
-	BYTE $0x58; BYTE $0x55; BYTE $0x56; BYTE $0x57
-	BYTE $0x8c; BYTE $0x49; BYTE $0xcd; BYTE $0xce
-	BYTE $0xcb; BYTE $0xcf; BYTE $0xcc; BYTE $0xe1
-	BYTE $0x70; BYTE $0xdd; BYTE $0xde; BYTE $0xdb
-	BYTE $0xdc; BYTE $0x8d; BYTE $0x8e; BYTE $0xdf
-
-retry:
-	WORD $0xB9931022 // TROO 2,2,b'0001'
-	BVS  retry
-	RET
-
-//   func e2a(arr [] byte)
-//   code page conversion from  1047 to 819
-TEXT ·E2a(SB), NOSPLIT|NOFRAME, $0
-	MOVD arg_base+0(FP), R2                        // pointer to arry of characters
-	MOVD arg_len+8(FP), R3                         // count
-	XOR  R0, R0
-	XOR  R1, R1
-	BYTE $0xA7; BYTE $0x15; BYTE $0x00; BYTE $0x82 // BRAS 1,(2+(256/2))
-
-	// EBCDIC -> ASCII conversion table:
-	BYTE $0x00; BYTE $0x01; BYTE $0x02; BYTE $0x03
-	BYTE $0x9c; BYTE $0x09; BYTE $0x86; BYTE $0x7f
-	BYTE $0x97; BYTE $0x8d; BYTE $0x8e; BYTE $0x0b
-	BYTE $0x0c; BYTE $0x0d; BYTE $0x0e; BYTE $0x0f
-	BYTE $0x10; BYTE $0x11; BYTE $0x12; BYTE $0x13
-	BYTE $0x9d; BYTE $0x0a; BYTE $0x08; BYTE $0x87
-	BYTE $0x18; BYTE $0x19; BYTE $0x92; BYTE $0x8f
-	BYTE $0x1c; BYTE $0x1d; BYTE $0x1e; BYTE $0x1f
-	BYTE $0x80; BYTE $0x81; BYTE $0x82; BYTE $0x83
-	BYTE $0x84; BYTE $0x85; BYTE $0x17; BYTE $0x1b
-	BYTE $0x88; BYTE $0x89; BYTE $0x8a; BYTE $0x8b
-	BYTE $0x8c; BYTE $0x05; BYTE $0x06; BYTE $0x07
-	BYTE $0x90; BYTE $0x91; BYTE $0x16; BYTE $0x93
-	BYTE $0x94; BYTE $0x95; BYTE $0x96; BYTE $0x04
-	BYTE $0x98; BYTE $0x99; BYTE $0x9a; BYTE $0x9b
-	BYTE $0x14; BYTE $0x15; BYTE $0x9e; BYTE $0x1a
-	BYTE $0x20; BYTE $0xa0; BYTE $0xe2; BYTE $0xe4
-	BYTE $0xe0; BYTE $0xe1; BYTE $0xe3; BYTE $0xe5
-	BYTE $0xe7; BYTE $0xf1; BYTE $0xa2; BYTE $0x2e
-	BYTE $0x3c; BYTE $0x28; BYTE $0x2b; BYTE $0x7c
-	BYTE $0x26; BYTE $0xe9; BYTE $0xea; BYTE $0xeb
-	BYTE $0xe8; BYTE $0xed; BYTE $0xee; BYTE $0xef
-	BYTE $0xec; BYTE $0xdf; BYTE $0x21; BYTE $0x24
-	BYTE $0x2a; BYTE $0x29; BYTE $0x3b; BYTE $0x5e
-	BYTE $0x2d; BYTE $0x2f; BYTE $0xc2; BYTE $0xc4
-	BYTE $0xc0; BYTE $0xc1; BYTE $0xc3; BYTE $0xc5
-	BYTE $0xc7; BYTE $0xd1; BYTE $0xa6; BYTE $0x2c
-	BYTE $0x25; BYTE $0x5f; BYTE $0x3e; BYTE $0x3f
-	BYTE $0xf8; BYTE $0xc9; BYTE $0xca; BYTE $0xcb
-	BYTE $0xc8; BYTE $0xcd; BYTE $0xce; BYTE $0xcf
-	BYTE $0xcc; BYTE $0x60; BYTE $0x3a; BYTE $0x23
-	BYTE $0x40; BYTE $0x27; BYTE $0x3d; BYTE $0x22
-	BYTE $0xd8; BYTE $0x61; BYTE $0x62; BYTE $0x63
-	BYTE $0x64; BYTE $0x65; BYTE $0x66; BYTE $0x67
-	BYTE $0x68; BYTE $0x69; BYTE $0xab; BYTE $0xbb
-	BYTE $0xf0; BYTE $0xfd; BYTE $0xfe; BYTE $0xb1
-	BYTE $0xb0; BYTE $0x6a; BYTE $0x6b; BYTE $0x6c
-	BYTE $0x6d; BYTE $0x6e; BYTE $0x6f; BYTE $0x70
-	BYTE $0x71; BYTE $0x72; BYTE $0xaa; BYTE $0xba
-	BYTE $0xe6; BYTE $0xb8; BYTE $0xc6; BYTE $0xa4
-	BYTE $0xb5; BYTE $0x7e; BYTE $0x73; BYTE $0x74
-	BYTE $0x75; BYTE $0x76; BYTE $0x77; BYTE $0x78
-	BYTE $0x79; BYTE $0x7a; BYTE $0xa1; BYTE $0xbf
-	BYTE $0xd0; BYTE $0x5b; BYTE $0xde; BYTE $0xae
-	BYTE $0xac; BYTE $0xa3; BYTE $0xa5; BYTE $0xb7
-	BYTE $0xa9; BYTE $0xa7; BYTE $0xb6; BYTE $0xbc
-	BYTE $0xbd; BYTE $0xbe; BYTE $0xdd; BYTE $0xa8
-	BYTE $0xaf; BYTE $0x5d; BYTE $0xb4; BYTE $0xd7
-	BYTE $0x7b; BYTE $0x41; BYTE $0x42; BYTE $0x43
-	BYTE $0x44; BYTE $0x45; BYTE $0x46; BYTE $0x47
-	BYTE $0x48; BYTE $0x49; BYTE $0xad; BYTE $0xf4
-	BYTE $0xf6; BYTE $0xf2; BYTE $0xf3; BYTE $0xf5
-	BYTE $0x7d; BYTE $0x4a; BYTE $0x4b; BYTE $0x4c
-	BYTE $0x4d; BYTE $0x4e; BYTE $0x4f; BYTE $0x50
-	BYTE $0x51; BYTE $0x52; BYTE $0xb9; BYTE $0xfb
-	BYTE $0xfc; BYTE $0xf9; BYTE $0xfa; BYTE $0xff
-	BYTE $0x5c; BYTE $0xf7; BYTE $0x53; BYTE $0x54
-	BYTE $0x55; BYTE $0x56; BYTE $0x57; BYTE $0x58
-	BYTE $0x59; BYTE $0x5a; BYTE $0xb2; BYTE $0xd4
-	BYTE $0xd6; BYTE $0xd2; BYTE $0xd3; BYTE $0xd5
-	BYTE $0x30; BYTE $0x31; BYTE $0x32; BYTE $0x33
-	BYTE $0x34; BYTE $0x35; BYTE $0x36; BYTE $0x37
-	BYTE $0x38; BYTE $0x39; BYTE $0xb3; BYTE $0xdb
-	BYTE $0xdc; BYTE $0xd9; BYTE $0xda; BYTE $0x9f
-
-retry:
-	WORD $0xB9931022 // TROO 2,2,b'0001'
-	BVS  retry
-	RET
diff --git a/vendor/golang.org/x/sys/unix/epoll_zos.go b/vendor/golang.org/x/sys/unix/epoll_zos.go
new file mode 100644
index 000000000..7753fddea
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/epoll_zos.go
@@ -0,0 +1,220 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+
+package unix
+
+import (
+	"sync"
+)
+
+// This file simulates epoll on z/OS using poll.
+
+// Analogous to epoll_event on Linux.
+// TODO(neeilan): Pad is because the Linux kernel expects a 96-bit struct. We never pass this to the kernel; remove?
+type EpollEvent struct {
+	Events uint32
+	Fd     int32
+	Pad    int32
+}
+
+const (
+	EPOLLERR      = 0x8
+	EPOLLHUP      = 0x10
+	EPOLLIN       = 0x1
+	EPOLLMSG      = 0x400
+	EPOLLOUT      = 0x4
+	EPOLLPRI      = 0x2
+	EPOLLRDBAND   = 0x80
+	EPOLLRDNORM   = 0x40
+	EPOLLWRBAND   = 0x200
+	EPOLLWRNORM   = 0x100
+	EPOLL_CTL_ADD = 0x1
+	EPOLL_CTL_DEL = 0x2
+	EPOLL_CTL_MOD = 0x3
+	// The following constants are part of the epoll API, but represent
+	// currently unsupported functionality on z/OS.
+	// EPOLL_CLOEXEC  = 0x80000
+	// EPOLLET        = 0x80000000
+	// EPOLLONESHOT   = 0x40000000
+	// EPOLLRDHUP     = 0x2000     // Typically used with edge-triggered notis
+	// EPOLLEXCLUSIVE = 0x10000000 // Exclusive wake-up mode
+	// EPOLLWAKEUP    = 0x20000000 // Relies on Linux's BLOCK_SUSPEND capability
+)
+
+// TODO(neeilan): We can eliminate these epToPoll / pToEpoll calls by using identical mask values for POLL/EPOLL
+// constants where possible The lower 16 bits of epoll events (uint32) can fit any system poll event (int16).
+
+// epToPollEvt converts epoll event field to poll equivalent.
+// In epoll, Events is a 32-bit field, while poll uses 16 bits.
+func epToPollEvt(events uint32) int16 {
+	var ep2p = map[uint32]int16{
+		EPOLLIN:  POLLIN,
+		EPOLLOUT: POLLOUT,
+		EPOLLHUP: POLLHUP,
+		EPOLLPRI: POLLPRI,
+		EPOLLERR: POLLERR,
+	}
+
+	var pollEvts int16 = 0
+	for epEvt, pEvt := range ep2p {
+		if (events & epEvt) != 0 {
+			pollEvts |= pEvt
+		}
+	}
+
+	return pollEvts
+}
+
+// pToEpollEvt converts 16 bit poll event bitfields to 32-bit epoll event fields.
+func pToEpollEvt(revents int16) uint32 {
+	var p2ep = map[int16]uint32{
+		POLLIN:  EPOLLIN,
+		POLLOUT: EPOLLOUT,
+		POLLHUP: EPOLLHUP,
+		POLLPRI: EPOLLPRI,
+		POLLERR: EPOLLERR,
+	}
+
+	var epollEvts uint32 = 0
+	for pEvt, epEvt := range p2ep {
+		if (revents & pEvt) != 0 {
+			epollEvts |= epEvt
+		}
+	}
+
+	return epollEvts
+}
+
+// Per-process epoll implementation.
+type epollImpl struct {
+	mu       sync.Mutex
+	epfd2ep  map[int]*eventPoll
+	nextEpfd int
+}
+
+// eventPoll holds a set of file descriptors being watched by the process. A process can have multiple epoll instances.
+// On Linux, this is an in-kernel data structure accessed through a fd.
+type eventPoll struct {
+	mu  sync.Mutex
+	fds map[int]*EpollEvent
+}
+
+// epoll impl for this process.
+var impl epollImpl = epollImpl{
+	epfd2ep:  make(map[int]*eventPoll),
+	nextEpfd: 0,
+}
+
+func (e *epollImpl) epollcreate(size int) (epfd int, err error) {
+	e.mu.Lock()
+	defer e.mu.Unlock()
+	epfd = e.nextEpfd
+	e.nextEpfd++
+
+	e.epfd2ep[epfd] = &eventPoll{
+		fds: make(map[int]*EpollEvent),
+	}
+	return epfd, nil
+}
+
+func (e *epollImpl) epollcreate1(flag int) (fd int, err error) {
+	return e.epollcreate(4)
+}
+
+func (e *epollImpl) epollctl(epfd int, op int, fd int, event *EpollEvent) (err error) {
+	e.mu.Lock()
+	defer e.mu.Unlock()
+
+	ep, ok := e.epfd2ep[epfd]
+	if !ok {
+
+		return EBADF
+	}
+
+	switch op {
+	case EPOLL_CTL_ADD:
+		// TODO(neeilan): When we make epfds and fds disjoint, detect epoll
+		// loops here (instances watching each other) and return ELOOP.
+		if _, ok := ep.fds[fd]; ok {
+			return EEXIST
+		}
+		ep.fds[fd] = event
+	case EPOLL_CTL_MOD:
+		if _, ok := ep.fds[fd]; !ok {
+			return ENOENT
+		}
+		ep.fds[fd] = event
+	case EPOLL_CTL_DEL:
+		if _, ok := ep.fds[fd]; !ok {
+			return ENOENT
+		}
+		delete(ep.fds, fd)
+
+	}
+	return nil
+}
+
+// Must be called while holding ep.mu
+func (ep *eventPoll) getFds() []int {
+	fds := make([]int, len(ep.fds))
+	for fd := range ep.fds {
+		fds = append(fds, fd)
+	}
+	return fds
+}
+
+func (e *epollImpl) epollwait(epfd int, events []EpollEvent, msec int) (n int, err error) {
+	e.mu.Lock() // in [rare] case of concurrent epollcreate + epollwait
+	ep, ok := e.epfd2ep[epfd]
+
+	if !ok {
+		e.mu.Unlock()
+		return 0, EBADF
+	}
+
+	pollfds := make([]PollFd, 4)
+	for fd, epollevt := range ep.fds {
+		pollfds = append(pollfds, PollFd{Fd: int32(fd), Events: epToPollEvt(epollevt.Events)})
+	}
+	e.mu.Unlock()
+
+	n, err = Poll(pollfds, msec)
+	if err != nil {
+		return n, err
+	}
+
+	i := 0
+	for _, pFd := range pollfds {
+		if pFd.Revents != 0 {
+			events[i] = EpollEvent{Fd: pFd.Fd, Events: pToEpollEvt(pFd.Revents)}
+			i++
+		}
+
+		if i == n {
+			break
+		}
+	}
+
+	return n, nil
+}
+
+func EpollCreate(size int) (fd int, err error) {
+	return impl.epollcreate(size)
+}
+
+func EpollCreate1(flag int) (fd int, err error) {
+	return impl.epollcreate1(flag)
+}
+
+func EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
+	return impl.epollctl(epfd, op, fd, event)
+}
+
+// Because EpollWait mutates events, the caller is expected to coordinate
+// concurrent access if calling with the same epfd from multiple goroutines.
+func EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
+	return impl.epollwait(epfd, events, msec)
+}
diff --git a/vendor/golang.org/x/sys/unix/fstatfs_zos.go b/vendor/golang.org/x/sys/unix/fstatfs_zos.go
new file mode 100644
index 000000000..c8bde601e
--- /dev/null
+++ b/vendor/golang.org/x/sys/unix/fstatfs_zos.go
@@ -0,0 +1,163 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build zos && s390x
+
+package unix
+
+import (
+	"unsafe"
+)
+
+// This file simulates fstatfs on z/OS using fstatvfs and w_getmntent.
+
+func Fstatfs(fd int, stat *Statfs_t) (err error) {
+	var stat_v Statvfs_t
+	err = Fstatvfs(fd, &stat_v)
+	if err == nil {
+		// populate stat
+		stat.Type = 0
+		stat.Bsize = stat_v.Bsize
+		stat.Blocks = stat_v.Blocks
+		stat.Bfree = stat_v.Bfree
+		stat.Bavail = stat_v.Bavail
+		stat.Files = stat_v.Files
+		stat.Ffree = stat_v.Ffree
+		stat.Fsid = stat_v.Fsid
+		stat.Namelen = stat_v.Namemax
+		stat.Frsize = stat_v.Frsize
+		stat.Flags = stat_v.Flag
+		for passn := 0; passn < 5; passn++ {
+			switch passn {
+			case 0:
+				err = tryGetmntent64(stat)
+				break
+			case 1:
+				err = tryGetmntent128(stat)
+				break
+			case 2:
+				err = tryGetmntent256(stat)
+				break
+			case 3:
+				err = tryGetmntent512(stat)
+				break
+			case 4:
+				err = tryGetmntent1024(stat)
+				break
+			default:
+				break
+			}
+			//proceed to return if: err is nil (found), err is nonnil but not ERANGE (another error occurred)
+			if err == nil || err != nil && err != ERANGE {
+				break
+			}
+		}
+	}
+	return err
+}
+
+func tryGetmntent64(stat *Statfs_t) (err error) {
+	var mnt_ent_buffer struct {
+		header       W_Mnth
+		filesys_info [64]W_Mntent
+	}
+	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+	if err != nil {
+		return err
+	}
+	err = ERANGE //return ERANGE if no match is found in this batch
+	for i := 0; i < fs_count; i++ {
+		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+			err = nil
+			break
+		}
+	}
+	return err
+}
+
+func tryGetmntent128(stat *Statfs_t) (err error) {
+	var mnt_ent_buffer struct {
+		header       W_Mnth
+		filesys_info [128]W_Mntent
+	}
+	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+	if err != nil {
+		return err
+	}
+	err = ERANGE //return ERANGE if no match is found in this batch
+	for i := 0; i < fs_count; i++ {
+		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+			err = nil
+			break
+		}
+	}
+	return err
+}
+
+func tryGetmntent256(stat *Statfs_t) (err error) {
+	var mnt_ent_buffer struct {
+		header       W_Mnth
+		filesys_info [256]W_Mntent
+	}
+	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+	if err != nil {
+		return err
+	}
+	err = ERANGE //return ERANGE if no match is found in this batch
+	for i := 0; i < fs_count; i++ {
+		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+			err = nil
+			break
+		}
+	}
+	return err
+}
+
+func tryGetmntent512(stat *Statfs_t) (err error) {
+	var mnt_ent_buffer struct {
+		header       W_Mnth
+		filesys_info [512]W_Mntent
+	}
+	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+	if err != nil {
+		return err
+	}
+	err = ERANGE //return ERANGE if no match is found in this batch
+	for i := 0; i < fs_count; i++ {
+		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+			err = nil
+			break
+		}
+	}
+	return err
+}
+
+func tryGetmntent1024(stat *Statfs_t) (err error) {
+	var mnt_ent_buffer struct {
+		header       W_Mnth
+		filesys_info [1024]W_Mntent
+	}
+	var buffer_size int = int(unsafe.Sizeof(mnt_ent_buffer))
+	fs_count, err := W_Getmntent((*byte)(unsafe.Pointer(&mnt_ent_buffer)), buffer_size)
+	if err != nil {
+		return err
+	}
+	err = ERANGE //return ERANGE if no match is found in this batch
+	for i := 0; i < fs_count; i++ {
+		if stat.Fsid == uint64(mnt_ent_buffer.filesys_info[i].Dev) {
+			stat.Type = uint32(mnt_ent_buffer.filesys_info[i].Fstname[0])
+			err = nil
+			break
+		}
+	}
+	return err
+}
diff --git a/vendor/golang.org/x/sys/unix/ioctl_linux.go b/vendor/golang.org/x/sys/unix/ioctl_linux.go
index 7ca4fa12a..dbe680eab 100644
--- a/vendor/golang.org/x/sys/unix/ioctl_linux.go
+++ b/vendor/golang.org/x/sys/unix/ioctl_linux.go
@@ -58,102 +58,6 @@ func IoctlGetEthtoolDrvinfo(fd int, ifname string) (*EthtoolDrvinfo, error) {
 	return &value, err
 }
 
-// IoctlGetEthtoolTsInfo fetches ethtool timestamping and PHC
-// association for the network device specified by ifname.
-func IoctlGetEthtoolTsInfo(fd int, ifname string) (*EthtoolTsInfo, error) {
-	ifr, err := NewIfreq(ifname)
-	if err != nil {
-		return nil, err
-	}
-
-	value := EthtoolTsInfo{Cmd: ETHTOOL_GET_TS_INFO}
-	ifrd := ifr.withData(unsafe.Pointer(&value))
-
-	err = ioctlIfreqData(fd, SIOCETHTOOL, &ifrd)
-	return &value, err
-}
-
-// IoctlGetHwTstamp retrieves the hardware timestamping configuration
-// for the network device specified by ifname.
-func IoctlGetHwTstamp(fd int, ifname string) (*HwTstampConfig, error) {
-	ifr, err := NewIfreq(ifname)
-	if err != nil {
-		return nil, err
-	}
-
-	value := HwTstampConfig{}
-	ifrd := ifr.withData(unsafe.Pointer(&value))
-
-	err = ioctlIfreqData(fd, SIOCGHWTSTAMP, &ifrd)
-	return &value, err
-}
-
-// IoctlSetHwTstamp updates the hardware timestamping configuration for
-// the network device specified by ifname.
-func IoctlSetHwTstamp(fd int, ifname string, cfg *HwTstampConfig) error {
-	ifr, err := NewIfreq(ifname)
-	if err != nil {
-		return err
-	}
-	ifrd := ifr.withData(unsafe.Pointer(cfg))
-	return ioctlIfreqData(fd, SIOCSHWTSTAMP, &ifrd)
-}
-
-// FdToClockID derives the clock ID from the file descriptor number
-// - see clock_gettime(3), FD_TO_CLOCKID macros. The resulting ID is
-// suitable for system calls like ClockGettime.
-func FdToClockID(fd int) int32 { return int32((int(^fd) << 3) | 3) }
-
-// IoctlPtpClockGetcaps returns the description of a given PTP device.
-func IoctlPtpClockGetcaps(fd int) (*PtpClockCaps, error) {
-	var value PtpClockCaps
-	err := ioctlPtr(fd, PTP_CLOCK_GETCAPS2, unsafe.Pointer(&value))
-	return &value, err
-}
-
-// IoctlPtpSysOffsetPrecise returns a description of the clock
-// offset compared to the system clock.
-func IoctlPtpSysOffsetPrecise(fd int) (*PtpSysOffsetPrecise, error) {
-	var value PtpSysOffsetPrecise
-	err := ioctlPtr(fd, PTP_SYS_OFFSET_PRECISE2, unsafe.Pointer(&value))
-	return &value, err
-}
-
-// IoctlPtpSysOffsetExtended returns an extended description of the
-// clock offset compared to the system clock. The samples parameter
-// specifies the desired number of measurements.
-func IoctlPtpSysOffsetExtended(fd int, samples uint) (*PtpSysOffsetExtended, error) {
-	value := PtpSysOffsetExtended{Samples: uint32(samples)}
-	err := ioctlPtr(fd, PTP_SYS_OFFSET_EXTENDED2, unsafe.Pointer(&value))
-	return &value, err
-}
-
-// IoctlPtpPinGetfunc returns the configuration of the specified
-// I/O pin on given PTP device.
-func IoctlPtpPinGetfunc(fd int, index uint) (*PtpPinDesc, error) {
-	value := PtpPinDesc{Index: uint32(index)}
-	err := ioctlPtr(fd, PTP_PIN_GETFUNC2, unsafe.Pointer(&value))
-	return &value, err
-}
-
-// IoctlPtpPinSetfunc updates configuration of the specified PTP
-// I/O pin.
-func IoctlPtpPinSetfunc(fd int, pd *PtpPinDesc) error {
-	return ioctlPtr(fd, PTP_PIN_SETFUNC2, unsafe.Pointer(pd))
-}
-
-// IoctlPtpPeroutRequest configures the periodic output mode of the
-// PTP I/O pins.
-func IoctlPtpPeroutRequest(fd int, r *PtpPeroutRequest) error {
-	return ioctlPtr(fd, PTP_PEROUT_REQUEST2, unsafe.Pointer(r))
-}
-
-// IoctlPtpExttsRequest configures the external timestamping mode
-// of the PTP I/O pins.
-func IoctlPtpExttsRequest(fd int, r *PtpExttsRequest) error {
-	return ioctlPtr(fd, PTP_EXTTS_REQUEST2, unsafe.Pointer(r))
-}
-
 // IoctlGetWatchdogInfo fetches information about a watchdog device from the
 // Linux watchdog API. For more information, see:
 // https://www.kernel.org/doc/html/latest/watchdog/watchdog-api.html.
diff --git a/vendor/golang.org/x/sys/unix/mkerrors.sh b/vendor/golang.org/x/sys/unix/mkerrors.sh
index 6ab02b6c3..fdcaa974d 100644
--- a/vendor/golang.org/x/sys/unix/mkerrors.sh
+++ b/vendor/golang.org/x/sys/unix/mkerrors.sh
@@ -58,7 +58,6 @@ includes_Darwin='
 #define _DARWIN_USE_64_BIT_INODE
 #define __APPLE_USE_RFC_3542
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -158,16 +157,6 @@ includes_Linux='
 #endif
 #define _GNU_SOURCE
 
-// See the description in unix/linux/types.go
-#if defined(__ARM_EABI__) || \
-	(defined(__mips__) && (_MIPS_SIM == _ABIO32)) || \
-	(defined(__powerpc__) && (!defined(__powerpc64__)))
-# ifdef   _TIME_BITS
-#  undef  _TIME_BITS
-# endif
-# define  _TIME_BITS 32
-#endif
-
 //  is broken on powerpc64, as it fails to include definitions of
 // these structures. We just include them copied from .
 #if defined(__powerpc__)
@@ -266,7 +255,6 @@ struct ltchars {
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -275,7 +263,6 @@ struct ltchars {
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -538,7 +525,6 @@ ccflags="$@"
 		$2 ~ /^(AF|SOCK|SO|SOL|IPPROTO|IP|IPV6|TCP|MCAST|EVFILT|NOTE|SHUT|PROT|MAP|MREMAP|MFD|T?PACKET|MSG|SCM|MCL|DT|MADV|PR|LOCAL|TCPOPT|UDP)_/ ||
 		$2 ~ /^NFC_(GENL|PROTO|COMM|RF|SE|DIRECTION|LLCP|SOCKPROTO)_/ ||
 		$2 ~ /^NFC_.*_(MAX)?SIZE$/ ||
-		$2 ~ /^PTP_/ ||
 		$2 ~ /^RAW_PAYLOAD_/ ||
 		$2 ~ /^[US]F_/ ||
 		$2 ~ /^TP_STATUS_/ ||
@@ -563,8 +549,6 @@ ccflags="$@"
 		$2 !~ "NLA_TYPE_MASK" &&
 		$2 !~ /^RTC_VL_(ACCURACY|BACKUP|DATA)/ &&
 		$2 ~ /^(NETLINK|NLM|NLMSG|NLA|IFA|IFAN|RT|RTC|RTCF|RTN|RTPROT|RTNH|ARPHRD|ETH_P|NETNSA)_/ ||
-		$2 ~ /^SOCK_|SK_DIAG_|SKNLGRP_$/ ||
-		$2 ~ /^(CONNECT|SAE)_/ ||
 		$2 ~ /^FIORDCHK$/ ||
 		$2 ~ /^SIOC/ ||
 		$2 ~ /^TIOC/ ||
@@ -668,7 +652,7 @@ errors=$(
 signals=$(
 	echo '#include ' | $CC -x c - -E -dM $ccflags |
 	awk '$1=="#define" && $2 ~ /^SIG[A-Z0-9]+$/ { print $2 }' |
-	grep -E -v '(SIGSTKSIZE|SIGSTKSZ|SIGRT|SIGMAX64)' |
+	grep -v 'SIGSTKSIZE\|SIGSTKSZ\|SIGRT\|SIGMAX64' |
 	sort
 )
 
@@ -678,7 +662,7 @@ echo '#include ' | $CC -x c - -E -dM $ccflags |
 	sort >_error.grep
 echo '#include ' | $CC -x c - -E -dM $ccflags |
 	awk '$1=="#define" && $2 ~ /^SIG[A-Z0-9]+$/ { print "^\t" $2 "[ \t]*=" }' |
-	grep -E -v '(SIGSTKSIZE|SIGSTKSZ|SIGRT|SIGMAX64)' |
+	grep -v 'SIGSTKSIZE\|SIGSTKSZ\|SIGRT\|SIGMAX64' |
 	sort >_signal.grep
 
 echo '// mkerrors.sh' "$@"
diff --git a/vendor/golang.org/x/sys/unix/mmap_nomremap.go b/vendor/golang.org/x/sys/unix/mmap_nomremap.go
index 7f602ffd2..4b68e5978 100644
--- a/vendor/golang.org/x/sys/unix/mmap_nomremap.go
+++ b/vendor/golang.org/x/sys/unix/mmap_nomremap.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build aix || darwin || dragonfly || freebsd || openbsd || solaris || zos
+//go:build aix || darwin || dragonfly || freebsd || openbsd || solaris
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/mremap.go b/vendor/golang.org/x/sys/unix/mremap.go
index 3a5e776f8..fd45fe529 100644
--- a/vendor/golang.org/x/sys/unix/mremap.go
+++ b/vendor/golang.org/x/sys/unix/mremap.go
@@ -50,8 +50,3 @@ func (m *mremapMmapper) Mremap(oldData []byte, newLength int, flags int) (data [
 func Mremap(oldData []byte, newLength int, flags int) (data []byte, err error) {
 	return mapper.Mremap(oldData, newLength, flags)
 }
-
-func MremapPtr(oldAddr unsafe.Pointer, oldSize uintptr, newAddr unsafe.Pointer, newSize uintptr, flags int) (ret unsafe.Pointer, err error) {
-	xaddr, err := mapper.mremap(uintptr(oldAddr), oldSize, newSize, flags, uintptr(newAddr))
-	return unsafe.Pointer(xaddr), err
-}
diff --git a/vendor/golang.org/x/sys/unix/pagesize_unix.go b/vendor/golang.org/x/sys/unix/pagesize_unix.go
index 0482408d7..4d0a3430e 100644
--- a/vendor/golang.org/x/sys/unix/pagesize_unix.go
+++ b/vendor/golang.org/x/sys/unix/pagesize_unix.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos
+//go:build aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris
 
 // For Unix, get the pagesize from the runtime.
 
diff --git a/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go b/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
index b903c0060..130398b6b 100644
--- a/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
+++ b/vendor/golang.org/x/sys/unix/readdirent_getdirentries.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build darwin || zos
+//go:build darwin
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/sockcmsg_zos.go b/vendor/golang.org/x/sys/unix/sockcmsg_zos.go
deleted file mode 100644
index 3e53dbc02..000000000
--- a/vendor/golang.org/x/sys/unix/sockcmsg_zos.go
+++ /dev/null
@@ -1,58 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Socket control messages
-
-package unix
-
-import "unsafe"
-
-// UnixCredentials encodes credentials into a socket control message
-// for sending to another process. This can be used for
-// authentication.
-func UnixCredentials(ucred *Ucred) []byte {
-	b := make([]byte, CmsgSpace(SizeofUcred))
-	h := (*Cmsghdr)(unsafe.Pointer(&b[0]))
-	h.Level = SOL_SOCKET
-	h.Type = SCM_CREDENTIALS
-	h.SetLen(CmsgLen(SizeofUcred))
-	*(*Ucred)(h.data(0)) = *ucred
-	return b
-}
-
-// ParseUnixCredentials decodes a socket control message that contains
-// credentials in a Ucred structure. To receive such a message, the
-// SO_PASSCRED option must be enabled on the socket.
-func ParseUnixCredentials(m *SocketControlMessage) (*Ucred, error) {
-	if m.Header.Level != SOL_SOCKET {
-		return nil, EINVAL
-	}
-	if m.Header.Type != SCM_CREDENTIALS {
-		return nil, EINVAL
-	}
-	ucred := *(*Ucred)(unsafe.Pointer(&m.Data[0]))
-	return &ucred, nil
-}
-
-// PktInfo4 encodes Inet4Pktinfo into a socket control message of type IP_PKTINFO.
-func PktInfo4(info *Inet4Pktinfo) []byte {
-	b := make([]byte, CmsgSpace(SizeofInet4Pktinfo))
-	h := (*Cmsghdr)(unsafe.Pointer(&b[0]))
-	h.Level = SOL_IP
-	h.Type = IP_PKTINFO
-	h.SetLen(CmsgLen(SizeofInet4Pktinfo))
-	*(*Inet4Pktinfo)(h.data(0)) = *info
-	return b
-}
-
-// PktInfo6 encodes Inet6Pktinfo into a socket control message of type IPV6_PKTINFO.
-func PktInfo6(info *Inet6Pktinfo) []byte {
-	b := make([]byte, CmsgSpace(SizeofInet6Pktinfo))
-	h := (*Cmsghdr)(unsafe.Pointer(&b[0]))
-	h.Level = SOL_IPV6
-	h.Type = IPV6_PKTINFO
-	h.SetLen(CmsgLen(SizeofInet6Pktinfo))
-	*(*Inet6Pktinfo)(h.data(0)) = *info
-	return b
-}
diff --git a/vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s b/vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s
deleted file mode 100644
index 3c4f33cb6..000000000
--- a/vendor/golang.org/x/sys/unix/symaddr_zos_s390x.s
+++ /dev/null
@@ -1,75 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build zos && s390x && gc
-
-#include "textflag.h"
-
-//  provide the address of function variable to be fixed up.
-
-TEXT ·getPipe2Addr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Pipe2(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_FlockAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Flock(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_GetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Getxattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_NanosleepAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Nanosleep(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_SetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Setxattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_Wait4Addr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Wait4(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_MountAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Mount(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_UnmountAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Unmount(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_UtimesNanoAtAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·UtimesNanoAt(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_UtimesNanoAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·UtimesNano(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_MkfifoatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Mkfifoat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_ChtagAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Chtag(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-TEXT ·get_ReadlinkatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Readlinkat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-	
diff --git a/vendor/golang.org/x/sys/unix/syscall_aix.go b/vendor/golang.org/x/sys/unix/syscall_aix.go
index 6f15ba1ea..67ce6cef2 100644
--- a/vendor/golang.org/x/sys/unix/syscall_aix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_aix.go
@@ -360,7 +360,7 @@ func Wait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int,
 	var status _C_int
 	var r Pid_t
 	err = ERESTART
-	// AIX wait4 may return with ERESTART errno, while the process is still
+	// AIX wait4 may return with ERESTART errno, while the processus is still
 	// active.
 	for err == ERESTART {
 		r, err = wait4(Pid_t(pid), &status, options, rusage)
diff --git a/vendor/golang.org/x/sys/unix/syscall_darwin.go b/vendor/golang.org/x/sys/unix/syscall_darwin.go
index 099867dee..59542a897 100644
--- a/vendor/golang.org/x/sys/unix/syscall_darwin.go
+++ b/vendor/golang.org/x/sys/unix/syscall_darwin.go
@@ -402,18 +402,6 @@ func IoctlSetIfreqMTU(fd int, ifreq *IfreqMTU) error {
 	return ioctlPtr(fd, SIOCSIFMTU, unsafe.Pointer(ifreq))
 }
 
-//sys	renamexNp(from string, to string, flag uint32) (err error)
-
-func RenamexNp(from string, to string, flag uint32) (err error) {
-	return renamexNp(from, to, flag)
-}
-
-//sys	renameatxNp(fromfd int, from string, tofd int, to string, flag uint32) (err error)
-
-func RenameatxNp(fromfd int, from string, tofd int, to string, flag uint32) (err error) {
-	return renameatxNp(fromfd, from, tofd, to, flag)
-}
-
 //sys	sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) = SYS_SYSCTL
 
 func Uname(uname *Utsname) error {
@@ -554,55 +542,6 @@ func SysctlKinfoProcSlice(name string, args ...int) ([]KinfoProc, error) {
 	}
 }
 
-//sys	pthread_chdir_np(path string) (err error)
-
-func PthreadChdir(path string) (err error) {
-	return pthread_chdir_np(path)
-}
-
-//sys	pthread_fchdir_np(fd int) (err error)
-
-func PthreadFchdir(fd int) (err error) {
-	return pthread_fchdir_np(fd)
-}
-
-// Connectx calls connectx(2) to initiate a connection on a socket.
-//
-// srcIf, srcAddr, and dstAddr are filled into a [SaEndpoints] struct and passed as the endpoints argument.
-//
-//   - srcIf is the optional source interface index. 0 means unspecified.
-//   - srcAddr is the optional source address. nil means unspecified.
-//   - dstAddr is the destination address.
-//
-// On success, Connectx returns the number of bytes enqueued for transmission.
-func Connectx(fd int, srcIf uint32, srcAddr, dstAddr Sockaddr, associd SaeAssocID, flags uint32, iov []Iovec, connid *SaeConnID) (n uintptr, err error) {
-	endpoints := SaEndpoints{
-		Srcif: srcIf,
-	}
-
-	if srcAddr != nil {
-		addrp, addrlen, err := srcAddr.sockaddr()
-		if err != nil {
-			return 0, err
-		}
-		endpoints.Srcaddr = (*RawSockaddr)(addrp)
-		endpoints.Srcaddrlen = uint32(addrlen)
-	}
-
-	if dstAddr != nil {
-		addrp, addrlen, err := dstAddr.sockaddr()
-		if err != nil {
-			return 0, err
-		}
-		endpoints.Dstaddr = (*RawSockaddr)(addrp)
-		endpoints.Dstaddrlen = uint32(addrlen)
-	}
-
-	err = connectx(fd, &endpoints, associd, flags, iov, &n, connid)
-	return
-}
-
-//sys	connectx(fd int, endpoints *SaEndpoints, associd SaeAssocID, flags uint32, iov []Iovec, n *uintptr, connid *SaeConnID) (err error)
 //sys	sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error)
 
 //sys	shmat(id int, addr uintptr, flag int) (ret uintptr, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
index be8c00207..97cb916f2 100644
--- a/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
+++ b/vendor/golang.org/x/sys/unix/syscall_dragonfly.go
@@ -246,18 +246,6 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 	return sendfile(outfd, infd, offset, count)
 }
 
-func Dup3(oldfd, newfd, flags int) error {
-	if oldfd == newfd || flags&^O_CLOEXEC != 0 {
-		return EINVAL
-	}
-	how := F_DUP2FD
-	if flags&O_CLOEXEC != 0 {
-		how = F_DUP2FD_CLOEXEC
-	}
-	_, err := fcntl(oldfd, how, newfd)
-	return err
-}
-
 /*
  * Exposed directly
  */
diff --git a/vendor/golang.org/x/sys/unix/syscall_hurd.go b/vendor/golang.org/x/sys/unix/syscall_hurd.go
index a6a2d2fc2..ba46651f8 100644
--- a/vendor/golang.org/x/sys/unix/syscall_hurd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_hurd.go
@@ -11,7 +11,6 @@ package unix
 int ioctl(int, unsigned long int, uintptr_t);
 */
 import "C"
-import "unsafe"
 
 func ioctl(fd int, req uint, arg uintptr) (err error) {
 	r0, er := C.ioctl(C.int(fd), C.ulong(req), C.uintptr_t(arg))
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux.go b/vendor/golang.org/x/sys/unix/syscall_linux.go
index 230a94549..5682e2628 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux.go
@@ -1295,48 +1295,6 @@ func GetsockoptTCPInfo(fd, level, opt int) (*TCPInfo, error) {
 	return &value, err
 }
 
-// GetsockoptTCPCCVegasInfo returns algorithm specific congestion control information for a socket using the "vegas"
-// algorithm.
-//
-// The socket's congestion control algorighm can be retrieved via [GetsockoptString] with the [TCP_CONGESTION] option:
-//
-//	algo, err := unix.GetsockoptString(fd, unix.IPPROTO_TCP, unix.TCP_CONGESTION)
-func GetsockoptTCPCCVegasInfo(fd, level, opt int) (*TCPVegasInfo, error) {
-	var value [SizeofTCPCCInfo / 4]uint32 // ensure proper alignment
-	vallen := _Socklen(SizeofTCPCCInfo)
-	err := getsockopt(fd, level, opt, unsafe.Pointer(&value[0]), &vallen)
-	out := (*TCPVegasInfo)(unsafe.Pointer(&value[0]))
-	return out, err
-}
-
-// GetsockoptTCPCCDCTCPInfo returns algorithm specific congestion control information for a socket using the "dctp"
-// algorithm.
-//
-// The socket's congestion control algorighm can be retrieved via [GetsockoptString] with the [TCP_CONGESTION] option:
-//
-//	algo, err := unix.GetsockoptString(fd, unix.IPPROTO_TCP, unix.TCP_CONGESTION)
-func GetsockoptTCPCCDCTCPInfo(fd, level, opt int) (*TCPDCTCPInfo, error) {
-	var value [SizeofTCPCCInfo / 4]uint32 // ensure proper alignment
-	vallen := _Socklen(SizeofTCPCCInfo)
-	err := getsockopt(fd, level, opt, unsafe.Pointer(&value[0]), &vallen)
-	out := (*TCPDCTCPInfo)(unsafe.Pointer(&value[0]))
-	return out, err
-}
-
-// GetsockoptTCPCCBBRInfo returns algorithm specific congestion control information for a socket using the "bbr"
-// algorithm.
-//
-// The socket's congestion control algorighm can be retrieved via [GetsockoptString] with the [TCP_CONGESTION] option:
-//
-//	algo, err := unix.GetsockoptString(fd, unix.IPPROTO_TCP, unix.TCP_CONGESTION)
-func GetsockoptTCPCCBBRInfo(fd, level, opt int) (*TCPBBRInfo, error) {
-	var value [SizeofTCPCCInfo / 4]uint32 // ensure proper alignment
-	vallen := _Socklen(SizeofTCPCCInfo)
-	err := getsockopt(fd, level, opt, unsafe.Pointer(&value[0]), &vallen)
-	out := (*TCPBBRInfo)(unsafe.Pointer(&value[0]))
-	return out, err
-}
-
 // GetsockoptString returns the string value of the socket option opt for the
 // socket associated with fd at the given socket level.
 func GetsockoptString(fd, level, opt int) (string, error) {
@@ -1860,7 +1818,6 @@ func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err e
 //sys	ClockAdjtime(clockid int32, buf *Timex) (state int, err error)
 //sys	ClockGetres(clockid int32, res *Timespec) (err error)
 //sys	ClockGettime(clockid int32, time *Timespec) (err error)
-//sys	ClockSettime(clockid int32, time *Timespec) (err error)
 //sys	ClockNanosleep(clockid int32, flags int, request *Timespec, remain *Timespec) (err error)
 //sys	Close(fd int) (err error)
 //sys	CloseRange(first uint, last uint, flags uint) (err error)
@@ -2002,26 +1959,7 @@ func Getpgrp() (pid int) {
 //sysnb	Getpid() (pid int)
 //sysnb	Getppid() (ppid int)
 //sys	Getpriority(which int, who int) (prio int, err error)
-
-func Getrandom(buf []byte, flags int) (n int, err error) {
-	vdsoRet, supported := vgetrandom(buf, uint32(flags))
-	if supported {
-		if vdsoRet < 0 {
-			return 0, errnoErr(syscall.Errno(-vdsoRet))
-		}
-		return vdsoRet, nil
-	}
-	var p *byte
-	if len(buf) > 0 {
-		p = &buf[0]
-	}
-	r, _, e := Syscall(SYS_GETRANDOM, uintptr(unsafe.Pointer(p)), uintptr(len(buf)), uintptr(flags))
-	if e != 0 {
-		return 0, errnoErr(e)
-	}
-	return int(r), nil
-}
-
+//sys	Getrandom(buf []byte, flags int) (n int, err error)
 //sysnb	Getrusage(who int, rusage *Rusage) (err error)
 //sysnb	Getsid(pid int) (sid int, err error)
 //sysnb	Gettid() (tid int)
@@ -2654,4 +2592,3 @@ func SchedGetAttr(pid int, flags uint) (*SchedAttr, error) {
 }
 
 //sys	Cachestat(fd uint, crange *CachestatRange, cstat *Cachestat_t, flags uint) (err error)
-//sys	Mseal(b []byte, flags uint) (err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
index 745e5c7e6..cf2ee6c75 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_arm64.go
@@ -182,5 +182,3 @@ func KexecFileLoad(kernelFd int, initrdFd int, cmdline string, flags int) error
 	}
 	return kexecFileLoad(kernelFd, initrdFd, cmdlineLen, cmdline, flags)
 }
-
-const SYS_FSTATAT = SYS_NEWFSTATAT
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
index dd2262a40..3d0e98451 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_loong64.go
@@ -214,5 +214,3 @@ func KexecFileLoad(kernelFd int, initrdFd int, cmdline string, flags int) error
 	}
 	return kexecFileLoad(kernelFd, initrdFd, cmdlineLen, cmdline, flags)
 }
-
-const SYS_FSTATAT = SYS_NEWFSTATAT
diff --git a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
index 8cf3670bd..6f5a28894 100644
--- a/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/syscall_linux_riscv64.go
@@ -187,5 +187,3 @@ func RISCVHWProbe(pairs []RISCVHWProbePairs, set *CPUSet, flags uint) (err error
 	}
 	return riscvHWProbe(pairs, setSize, set, flags)
 }
-
-const SYS_FSTATAT = SYS_NEWFSTATAT
diff --git a/vendor/golang.org/x/sys/unix/syscall_openbsd.go b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
index b86ded549..b25343c71 100644
--- a/vendor/golang.org/x/sys/unix/syscall_openbsd.go
+++ b/vendor/golang.org/x/sys/unix/syscall_openbsd.go
@@ -293,7 +293,6 @@ func Uname(uname *Utsname) error {
 //sys	Mkfifoat(dirfd int, path string, mode uint32) (err error)
 //sys	Mknod(path string, mode uint32, dev int) (err error)
 //sys	Mknodat(dirfd int, path string, mode uint32, dev int) (err error)
-//sys	Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error)
 //sys	Nanosleep(time *Timespec, leftover *Timespec) (err error)
 //sys	Open(path string, mode int, perm uint32) (fd int, err error)
 //sys	Openat(dirfd int, path string, mode int, perm uint32) (fd int, err error)
diff --git a/vendor/golang.org/x/sys/unix/syscall_unix.go b/vendor/golang.org/x/sys/unix/syscall_unix.go
index 4e92e5aa4..77081de8c 100644
--- a/vendor/golang.org/x/sys/unix/syscall_unix.go
+++ b/vendor/golang.org/x/sys/unix/syscall_unix.go
@@ -154,15 +154,6 @@ func Munmap(b []byte) (err error) {
 	return mapper.Munmap(b)
 }
 
-func MmapPtr(fd int, offset int64, addr unsafe.Pointer, length uintptr, prot int, flags int) (ret unsafe.Pointer, err error) {
-	xaddr, err := mapper.mmap(uintptr(addr), length, prot, flags, fd, offset)
-	return unsafe.Pointer(xaddr), err
-}
-
-func MunmapPtr(addr unsafe.Pointer, length uintptr) (err error) {
-	return mapper.munmap(uintptr(addr), length)
-}
-
 func Read(fd int, p []byte) (n int, err error) {
 	n, err = read(fd, p)
 	if raceenabled {
diff --git a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
index 7bf5c04bb..b473038c6 100644
--- a/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/syscall_zos_s390x.go
@@ -4,21 +4,11 @@
 
 //go:build zos && s390x
 
-// Many of the following syscalls are not available on all versions of z/OS.
-// Some missing calls have legacy implementations/simulations but others
-// will be missing completely. To achieve consistent failing behaviour on
-// legacy systems, we first test the function pointer via a safeloading
-// mechanism to see if the function exists on a given system. Then execution
-// is branched to either continue the function call, or return an error.
-
 package unix
 
 import (
 	"bytes"
 	"fmt"
-	"os"
-	"reflect"
-	"regexp"
 	"runtime"
 	"sort"
 	"strings"
@@ -27,205 +17,17 @@ import (
 	"unsafe"
 )
 
-//go:noescape
-func initZosLibVec()
-
-//go:noescape
-func GetZosLibVec() uintptr
-
-func init() {
-	initZosLibVec()
-	r0, _, _ := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS_____GETENV_A<<4, uintptr(unsafe.Pointer(&([]byte("__ZOS_XSYSTRACE\x00"))[0])))
-	if r0 != 0 {
-		n, _, _ := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___ATOI_A<<4, r0)
-		ZosTraceLevel = int(n)
-		r0, _, _ := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS_____GETENV_A<<4, uintptr(unsafe.Pointer(&([]byte("__ZOS_XSYSTRACEFD\x00"))[0])))
-		if r0 != 0 {
-			fd, _, _ := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___ATOI_A<<4, r0)
-			f := os.NewFile(fd, "zostracefile")
-			if f != nil {
-				ZosTracefile = f
-			}
-		}
-
-	}
-}
-
-//go:noescape
-func CallLeFuncWithErr(funcdesc uintptr, parms ...uintptr) (ret, errno2 uintptr, err Errno)
-
-//go:noescape
-func CallLeFuncWithPtrReturn(funcdesc uintptr, parms ...uintptr) (ret, errno2 uintptr, err Errno)
-
-// -------------------------------
-// pointer validity test
-// good pointer returns 0
-// bad pointer returns 1
-//
-//go:nosplit
-func ptrtest(uintptr) uint64
-
-// Load memory at ptr location with error handling if the location is invalid
-//
-//go:noescape
-func safeload(ptr uintptr) (value uintptr, error uintptr)
-
 const (
-	entrypointLocationOffset = 8 // From function descriptor
-
-	xplinkEyecatcher   = 0x00c300c500c500f1 // ".C.E.E.1"
-	eyecatcherOffset   = 16                 // From function entrypoint (negative)
-	ppa1LocationOffset = 8                  // From function entrypoint (negative)
-
-	nameLenOffset = 0x14 // From PPA1 start
-	nameOffset    = 0x16 // From PPA1 start
+	O_CLOEXEC = 0       // Dummy value (not supported).
+	AF_LOCAL  = AF_UNIX // AF_LOCAL is an alias for AF_UNIX
 )
 
-func getPpaOffset(funcptr uintptr) int64 {
-	entrypoint, err := safeload(funcptr + entrypointLocationOffset)
-	if err != 0 {
-		return -1
-	}
-
-	// XPLink functions have ".C.E.E.1" as the first 8 bytes (EBCDIC)
-	val, err := safeload(entrypoint - eyecatcherOffset)
-	if err != 0 {
-		return -1
-	}
-	if val != xplinkEyecatcher {
-		return -1
-	}
-
-	ppaoff, err := safeload(entrypoint - ppa1LocationOffset)
-	if err != 0 {
-		return -1
-	}
-
-	ppaoff >>= 32
-	return int64(ppaoff)
-}
-
-//-------------------------------
-// function descriptor pointer validity test
-// good pointer returns 0
-// bad pointer returns 1
-
-// TODO: currently mksyscall_zos_s390x.go generate empty string for funcName
-// have correct funcName pass to the funcptrtest function
-func funcptrtest(funcptr uintptr, funcName string) uint64 {
-	entrypoint, err := safeload(funcptr + entrypointLocationOffset)
-	if err != 0 {
-		return 1
-	}
-
-	ppaoff := getPpaOffset(funcptr)
-	if ppaoff == -1 {
-		return 1
-	}
-
-	// PPA1 offset value is from the start of the entire function block, not the entrypoint
-	ppa1 := (entrypoint - eyecatcherOffset) + uintptr(ppaoff)
-
-	nameLen, err := safeload(ppa1 + nameLenOffset)
-	if err != 0 {
-		return 1
-	}
-
-	nameLen >>= 48
-	if nameLen > 128 {
-		return 1
-	}
-
-	// no function name input to argument end here
-	if funcName == "" {
-		return 0
-	}
-
-	var funcname [128]byte
-	for i := 0; i < int(nameLen); i += 8 {
-		v, err := safeload(ppa1 + nameOffset + uintptr(i))
-		if err != 0 {
-			return 1
-		}
-		funcname[i] = byte(v >> 56)
-		funcname[i+1] = byte(v >> 48)
-		funcname[i+2] = byte(v >> 40)
-		funcname[i+3] = byte(v >> 32)
-		funcname[i+4] = byte(v >> 24)
-		funcname[i+5] = byte(v >> 16)
-		funcname[i+6] = byte(v >> 8)
-		funcname[i+7] = byte(v)
-	}
-
-	runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___E2A_L<<4, // __e2a_l
-		[]uintptr{uintptr(unsafe.Pointer(&funcname[0])), nameLen})
-
-	name := string(funcname[:nameLen])
-	if name != funcName {
-		return 1
-	}
-
-	return 0
-}
-
-// For detection of capabilities on a system.
-// Is function descriptor f a valid function?
-func isValidLeFunc(f uintptr) error {
-	ret := funcptrtest(f, "")
-	if ret != 0 {
-		return fmt.Errorf("Bad pointer, not an LE function ")
-	}
-	return nil
-}
-
-// Retrieve function name from descriptor
-func getLeFuncName(f uintptr) (string, error) {
-	// assume it has been checked, only check ppa1 validity here
-	entry := ((*[2]uintptr)(unsafe.Pointer(f)))[1]
-	preamp := ((*[4]uint32)(unsafe.Pointer(entry - eyecatcherOffset)))
-
-	offsetPpa1 := preamp[2]
-	if offsetPpa1 > 0x0ffff {
-		return "", fmt.Errorf("PPA1 offset seems too big 0x%x\n", offsetPpa1)
-	}
-
-	ppa1 := uintptr(unsafe.Pointer(preamp)) + uintptr(offsetPpa1)
-	res := ptrtest(ppa1)
-	if res != 0 {
-		return "", fmt.Errorf("PPA1 address not valid")
-	}
-
-	size := *(*uint16)(unsafe.Pointer(ppa1 + nameLenOffset))
-	if size > 128 {
-		return "", fmt.Errorf("Function name seems too long, length=%d\n", size)
-	}
-
-	var name [128]byte
-	funcname := (*[128]byte)(unsafe.Pointer(ppa1 + nameOffset))
-	copy(name[0:size], funcname[0:size])
-
-	runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___E2A_L<<4, // __e2a_l
-		[]uintptr{uintptr(unsafe.Pointer(&name[0])), uintptr(size)})
-
-	return string(name[:size]), nil
-}
-
-// Check z/OS version
-func zosLeVersion() (version, release uint32) {
-	p1 := (*(*uintptr)(unsafe.Pointer(uintptr(1208)))) >> 32
-	p1 = *(*uintptr)(unsafe.Pointer(uintptr(p1 + 88)))
-	p1 = *(*uintptr)(unsafe.Pointer(uintptr(p1 + 8)))
-	p1 = *(*uintptr)(unsafe.Pointer(uintptr(p1 + 984)))
-	vrm := *(*uint32)(unsafe.Pointer(p1 + 80))
-	version = (vrm & 0x00ff0000) >> 16
-	release = (vrm & 0x0000ff00) >> 8
-	return
-}
-
-// returns a zos C FILE * for stdio fd 0, 1, 2
-func ZosStdioFilep(fd int32) uintptr {
-	return uintptr(*(*uint64)(unsafe.Pointer(uintptr(*(*uint64)(unsafe.Pointer(uintptr(*(*uint64)(unsafe.Pointer(uintptr(uint64(*(*uint32)(unsafe.Pointer(uintptr(1208)))) + 80))) + uint64((fd+2)<<3))))))))
-}
+func syscall_syscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_rawsyscall(trap, a1, a2, a3 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_syscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_rawsyscall6(trap, a1, a2, a3, a4, a5, a6 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_syscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err Errno)
+func syscall_rawsyscall9(trap, a1, a2, a3, a4, a5, a6, a7, a8, a9 uintptr) (r1, r2 uintptr, err Errno)
 
 func copyStat(stat *Stat_t, statLE *Stat_LE_t) {
 	stat.Dev = uint64(statLE.Dev)
@@ -263,21 +65,6 @@ func (d *Dirent) NameString() string {
 	}
 }
 
-func DecodeData(dest []byte, sz int, val uint64) {
-	for i := 0; i < sz; i++ {
-		dest[sz-1-i] = byte((val >> (uint64(i * 8))) & 0xff)
-	}
-}
-
-func EncodeData(data []byte) uint64 {
-	var value uint64
-	sz := len(data)
-	for i := 0; i < sz; i++ {
-		value |= uint64(data[i]) << uint64(((sz - i - 1) * 8))
-	}
-	return value
-}
-
 func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	if sa.Port < 0 || sa.Port > 0xFFFF {
 		return nil, 0, EINVAL
@@ -287,9 +74,7 @@ func (sa *SockaddrInet4) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p := (*[2]byte)(unsafe.Pointer(&sa.raw.Port))
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
 }
 
@@ -303,9 +88,7 @@ func (sa *SockaddrInet6) sockaddr() (unsafe.Pointer, _Socklen, error) {
 	p[0] = byte(sa.Port >> 8)
 	p[1] = byte(sa.Port)
 	sa.raw.Scope_id = sa.ZoneId
-	for i := 0; i < len(sa.Addr); i++ {
-		sa.raw.Addr[i] = sa.Addr[i]
-	}
+	sa.raw.Addr = sa.Addr
 	return unsafe.Pointer(&sa.raw), _Socklen(sa.raw.Len), nil
 }
 
@@ -363,9 +146,7 @@ func anyToSockaddr(_ int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		sa := new(SockaddrInet4)
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 
 	case AF_INET6:
@@ -374,9 +155,7 @@ func anyToSockaddr(_ int, rsa *RawSockaddrAny) (Sockaddr, error) {
 		p := (*[2]byte)(unsafe.Pointer(&pp.Port))
 		sa.Port = int(p[0])<<8 + int(p[1])
 		sa.ZoneId = pp.Scope_id
-		for i := 0; i < len(sa.Addr); i++ {
-			sa.Addr[i] = pp.Addr[i]
-		}
+		sa.Addr = pp.Addr
 		return sa, nil
 	}
 	return nil, EAFNOSUPPORT
@@ -398,43 +177,6 @@ func Accept(fd int) (nfd int, sa Sockaddr, err error) {
 	return
 }
 
-func Accept4(fd int, flags int) (nfd int, sa Sockaddr, err error) {
-	var rsa RawSockaddrAny
-	var len _Socklen = SizeofSockaddrAny
-	nfd, err = accept4(fd, &rsa, &len, flags)
-	if err != nil {
-		return
-	}
-	if len > SizeofSockaddrAny {
-		panic("RawSockaddrAny too small")
-	}
-	// TODO(neeilan): Remove 0 in call
-	sa, err = anyToSockaddr(0, &rsa)
-	if err != nil {
-		Close(nfd)
-		nfd = 0
-	}
-	return
-}
-
-func Ctermid() (tty string, err error) {
-	var termdev [1025]byte
-	runtime.EnterSyscall()
-	r0, err2, err1 := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___CTERMID_A<<4, uintptr(unsafe.Pointer(&termdev[0])))
-	runtime.ExitSyscall()
-	if r0 == 0 {
-		return "", fmt.Errorf("%s (errno2=0x%x)\n", err1.Error(), err2)
-	}
-	s := string(termdev[:])
-	idx := strings.Index(s, string(rune(0)))
-	if idx == -1 {
-		tty = s
-	} else {
-		tty = s[:idx]
-	}
-	return
-}
-
 func (iov *Iovec) SetLen(length int) {
 	iov.Len = uint64(length)
 }
@@ -448,16 +190,10 @@ func (cmsg *Cmsghdr) SetLen(length int) {
 }
 
 //sys   fcntl(fd int, cmd int, arg int) (val int, err error)
-//sys   Flistxattr(fd int, dest []byte) (sz int, err error) = SYS___FLISTXATTR_A
-//sys   Fremovexattr(fd int, attr string) (err error) = SYS___FREMOVEXATTR_A
 //sys	read(fd int, p []byte) (n int, err error)
 //sys	write(fd int, p []byte) (n int, err error)
 
-//sys   Fgetxattr(fd int, attr string, dest []byte) (sz int, err error) = SYS___FGETXATTR_A
-//sys   Fsetxattr(fd int, attr string, data []byte, flag int) (err error) = SYS___FSETXATTR_A
-
 //sys	accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) = SYS___ACCEPT_A
-//sys	accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) = SYS___ACCEPT4_A
 //sys	bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) = SYS___BIND_A
 //sys	connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) = SYS___CONNECT_A
 //sysnb	getgroups(n int, list *_Gid_t) (nn int, err error)
@@ -468,7 +204,6 @@ func (cmsg *Cmsghdr) SetLen(length int) {
 //sysnb	socketpair(domain int, typ int, proto int, fd *[2]int32) (err error)
 //sysnb	getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) = SYS___GETPEERNAME_A
 //sysnb	getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) = SYS___GETSOCKNAME_A
-//sys   Removexattr(path string, attr string) (err error) = SYS___REMOVEXATTR_A
 //sys	recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Socklen) (n int, err error) = SYS___RECVFROM_A
 //sys	sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (err error) = SYS___SENDTO_A
 //sys	recvmsg(s int, msg *Msghdr, flags int) (n int, err error) = SYS___RECVMSG_A
@@ -477,10 +212,6 @@ func (cmsg *Cmsghdr) SetLen(length int) {
 //sys   munmap(addr uintptr, length uintptr) (err error) = SYS_MUNMAP
 //sys   ioctl(fd int, req int, arg uintptr) (err error) = SYS_IOCTL
 //sys   ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) = SYS_IOCTL
-//sys	shmat(id int, addr uintptr, flag int) (ret uintptr, err error) = SYS_SHMAT
-//sys	shmctl(id int, cmd int, buf *SysvShmDesc) (result int, err error) = SYS_SHMCTL64
-//sys	shmdt(addr uintptr) (err error) = SYS_SHMDT
-//sys	shmget(key int, size int, flag int) (id int, err error) = SYS_SHMGET
 
 //sys   Access(path string, mode uint32) (err error) = SYS___ACCESS_A
 //sys   Chdir(path string) (err error) = SYS___CHDIR_A
@@ -489,31 +220,14 @@ func (cmsg *Cmsghdr) SetLen(length int) {
 //sys   Creat(path string, mode uint32) (fd int, err error) = SYS___CREAT_A
 //sys	Dup(oldfd int) (fd int, err error)
 //sys	Dup2(oldfd int, newfd int) (err error)
-//sys	Dup3(oldfd int, newfd int, flags int) (err error) = SYS_DUP3
-//sys	Dirfd(dirp uintptr) (fd int, err error) = SYS_DIRFD
-//sys	EpollCreate(size int) (fd int, err error) = SYS_EPOLL_CREATE
-//sys	EpollCreate1(flags int) (fd int, err error) = SYS_EPOLL_CREATE1
-//sys	EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) = SYS_EPOLL_CTL
-//sys	EpollPwait(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error) = SYS_EPOLL_PWAIT
-//sys	EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) = SYS_EPOLL_WAIT
 //sys	Errno2() (er2 int) = SYS___ERRNO2
-//sys	Eventfd(initval uint, flags int) (fd int, err error) = SYS_EVENTFD
+//sys	Err2ad() (eadd *int) = SYS___ERR2AD
 //sys	Exit(code int)
-//sys	Faccessat(dirfd int, path string, mode uint32, flags int) (err error) = SYS___FACCESSAT_A
-
-func Faccessat2(dirfd int, path string, mode uint32, flags int) (err error) {
-	return Faccessat(dirfd, path, mode, flags)
-}
-
 //sys	Fchdir(fd int) (err error)
 //sys	Fchmod(fd int, mode uint32) (err error)
-//sys	Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) = SYS___FCHMODAT_A
 //sys	Fchown(fd int, uid int, gid int) (err error)
-//sys	Fchownat(fd int, path string, uid int, gid int, flags int) (err error) = SYS___FCHOWNAT_A
 //sys	FcntlInt(fd uintptr, cmd int, arg int) (retval int, err error) = SYS_FCNTL
-//sys	Fdatasync(fd int) (err error) = SYS_FDATASYNC
 //sys	fstat(fd int, stat *Stat_LE_t) (err error)
-//sys	fstatat(dirfd int, path string, stat *Stat_LE_t, flags int) (err error) = SYS___FSTATAT_A
 
 func Fstat(fd int, stat *Stat_t) (err error) {
 	var statLE Stat_LE_t
@@ -522,208 +236,28 @@ func Fstat(fd int, stat *Stat_t) (err error) {
 	return
 }
 
-func Fstatat(dirfd int, path string, stat *Stat_t, flags int) (err error) {
-	var statLE Stat_LE_t
-	err = fstatat(dirfd, path, &statLE, flags)
-	copyStat(stat, &statLE)
-	return
-}
-
-func impl_Getxattr(path string, attr string, dest []byte) (sz int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(attr)
-	if err != nil {
-		return
-	}
-	var _p2 unsafe.Pointer
-	if len(dest) > 0 {
-		_p2 = unsafe.Pointer(&dest[0])
-	} else {
-		_p2 = unsafe.Pointer(&_zero)
-	}
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___GETXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(_p2), uintptr(len(dest)))
-	sz = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_GetxattrAddr() *(func(path string, attr string, dest []byte) (sz int, err error))
-
-var Getxattr = enter_Getxattr
-
-func enter_Getxattr(path string, attr string, dest []byte) (sz int, err error) {
-	funcref := get_GetxattrAddr()
-	if validGetxattr() {
-		*funcref = impl_Getxattr
-	} else {
-		*funcref = error_Getxattr
-	}
-	return (*funcref)(path, attr, dest)
-}
-
-func error_Getxattr(path string, attr string, dest []byte) (sz int, err error) {
-	return -1, ENOSYS
-}
-
-func validGetxattr() bool {
-	if funcptrtest(GetZosLibVec()+SYS___GETXATTR_A<<4, "") == 0 {
-		if name, err := getLeFuncName(GetZosLibVec() + SYS___GETXATTR_A<<4); err == nil {
-			return name == "__getxattr_a"
-		}
-	}
-	return false
-}
-
-//sys   Lgetxattr(link string, attr string, dest []byte) (sz int, err error) = SYS___LGETXATTR_A
-//sys   Lsetxattr(path string, attr string, data []byte, flags int) (err error) = SYS___LSETXATTR_A
-
-func impl_Setxattr(path string, attr string, data []byte, flags int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(attr)
-	if err != nil {
-		return
-	}
-	var _p2 unsafe.Pointer
-	if len(data) > 0 {
-		_p2 = unsafe.Pointer(&data[0])
-	} else {
-		_p2 = unsafe.Pointer(&_zero)
-	}
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SETXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(_p2), uintptr(len(data)), uintptr(flags))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_SetxattrAddr() *(func(path string, attr string, data []byte, flags int) (err error))
-
-var Setxattr = enter_Setxattr
-
-func enter_Setxattr(path string, attr string, data []byte, flags int) (err error) {
-	funcref := get_SetxattrAddr()
-	if validSetxattr() {
-		*funcref = impl_Setxattr
-	} else {
-		*funcref = error_Setxattr
-	}
-	return (*funcref)(path, attr, data, flags)
-}
-
-func error_Setxattr(path string, attr string, data []byte, flags int) (err error) {
-	return ENOSYS
-}
-
-func validSetxattr() bool {
-	if funcptrtest(GetZosLibVec()+SYS___SETXATTR_A<<4, "") == 0 {
-		if name, err := getLeFuncName(GetZosLibVec() + SYS___SETXATTR_A<<4); err == nil {
-			return name == "__setxattr_a"
-		}
-	}
-	return false
-}
-
-//sys	Fstatfs(fd int, buf *Statfs_t) (err error) = SYS_FSTATFS
 //sys	Fstatvfs(fd int, stat *Statvfs_t) (err error) = SYS_FSTATVFS
 //sys	Fsync(fd int) (err error)
-//sys	Futimes(fd int, tv []Timeval) (err error) = SYS_FUTIMES
-//sys	Futimesat(dirfd int, path string, tv []Timeval) (err error) = SYS___FUTIMESAT_A
 //sys	Ftruncate(fd int, length int64) (err error)
-//sys	Getrandom(buf []byte, flags int) (n int, err error) = SYS_GETRANDOM
-//sys	InotifyInit() (fd int, err error) = SYS_INOTIFY_INIT
-//sys	InotifyInit1(flags int) (fd int, err error) = SYS_INOTIFY_INIT1
-//sys	InotifyAddWatch(fd int, pathname string, mask uint32) (watchdesc int, err error) = SYS___INOTIFY_ADD_WATCH_A
-//sys	InotifyRmWatch(fd int, watchdesc uint32) (success int, err error) = SYS_INOTIFY_RM_WATCH
-//sys   Listxattr(path string, dest []byte) (sz int, err error) = SYS___LISTXATTR_A
-//sys   Llistxattr(path string, dest []byte) (sz int, err error) = SYS___LLISTXATTR_A
-//sys   Lremovexattr(path string, attr string) (err error) = SYS___LREMOVEXATTR_A
-//sys	Lutimes(path string, tv []Timeval) (err error) = SYS___LUTIMES_A
+//sys   Getpagesize() (pgsize int) = SYS_GETPAGESIZE
 //sys   Mprotect(b []byte, prot int) (err error) = SYS_MPROTECT
 //sys   Msync(b []byte, flags int) (err error) = SYS_MSYNC
-//sys   Console2(cmsg *ConsMsg2, modstr *byte, concmd *uint32) (err error) = SYS___CONSOLE2
-
-// Pipe2 begin
-
-//go:nosplit
-func getPipe2Addr() *(func([]int, int) error)
-
-var Pipe2 = pipe2Enter
-
-func pipe2Enter(p []int, flags int) (err error) {
-	if funcptrtest(GetZosLibVec()+SYS_PIPE2<<4, "") == 0 {
-		*getPipe2Addr() = pipe2Impl
-	} else {
-		*getPipe2Addr() = pipe2Error
-	}
-	return (*getPipe2Addr())(p, flags)
-}
-
-func pipe2Impl(p []int, flags int) (err error) {
-	var pp [2]_C_int
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PIPE2<<4, uintptr(unsafe.Pointer(&pp[0])), uintptr(flags))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	} else {
-		p[0] = int(pp[0])
-		p[1] = int(pp[1])
-	}
-	return
-}
-func pipe2Error(p []int, flags int) (err error) {
-	return fmt.Errorf("Pipe2 is not available on this system")
-}
-
-// Pipe2 end
-
 //sys   Poll(fds []PollFd, timeout int) (n int, err error) = SYS_POLL
-
-func Readdir(dir uintptr) (dirent *Dirent, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___READDIR_A<<4, uintptr(dir))
-	runtime.ExitSyscall()
-	dirent = (*Dirent)(unsafe.Pointer(r0))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//sys	Readdir_r(dirp uintptr, entry *direntLE, result **direntLE) (err error) = SYS___READDIR_R_A
-//sys	Statfs(path string, buf *Statfs_t) (err error) = SYS___STATFS_A
-//sys	Syncfs(fd int) (err error) = SYS_SYNCFS
 //sys   Times(tms *Tms) (ticks uintptr, err error) = SYS_TIMES
 //sys   W_Getmntent(buff *byte, size int) (lastsys int, err error) = SYS_W_GETMNTENT
 //sys   W_Getmntent_A(buff *byte, size int) (lastsys int, err error) = SYS___W_GETMNTENT_A
 
 //sys   mount_LE(path string, filesystem string, fstype string, mtm uint32, parmlen int32, parm string) (err error) = SYS___MOUNT_A
-//sys   unmount_LE(filesystem string, mtm int) (err error) = SYS___UMOUNT_A
+//sys   unmount(filesystem string, mtm int) (err error) = SYS___UMOUNT_A
 //sys   Chroot(path string) (err error) = SYS___CHROOT_A
 //sys   Select(nmsgsfds int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (ret int, err error) = SYS_SELECT
-//sysnb Uname(buf *Utsname) (err error) = SYS_____OSNAME_A
-//sys   Unshare(flags int) (err error) = SYS_UNSHARE
+//sysnb Uname(buf *Utsname) (err error) = SYS___UNAME_A
 
 func Ptsname(fd int) (name string, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___PTSNAME_A<<4, uintptr(fd))
-	runtime.ExitSyscall()
-	if r0 == 0 {
-		err = errnoErr2(e1, e2)
-	} else {
-		name = u2s(unsafe.Pointer(r0))
+	r0, _, e1 := syscall_syscall(SYS___PTSNAME_A, uintptr(fd), 0, 0)
+	name = u2s(unsafe.Pointer(r0))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -738,19 +272,13 @@ func u2s(cstr unsafe.Pointer) string {
 }
 
 func Close(fd int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_CLOSE<<4, uintptr(fd))
-	runtime.ExitSyscall()
+	_, _, e1 := syscall_syscall(SYS_CLOSE, uintptr(fd), 0, 0)
 	for i := 0; e1 == EAGAIN && i < 10; i++ {
-		runtime.EnterSyscall()
-		CallLeFuncWithErr(GetZosLibVec()+SYS_USLEEP<<4, uintptr(10))
-		runtime.ExitSyscall()
-		runtime.EnterSyscall()
-		r0, e2, e1 = CallLeFuncWithErr(GetZosLibVec()+SYS_CLOSE<<4, uintptr(fd))
-		runtime.ExitSyscall()
+		_, _, _ = syscall_syscall(SYS_USLEEP, uintptr(10), 0, 0)
+		_, _, e1 = syscall_syscall(SYS_CLOSE, uintptr(fd), 0, 0)
 	}
-	if r0 != 0 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -760,24 +288,9 @@ func Madvise(b []byte, advice int) (err error) {
 	return
 }
 
-func Mmap(fd int, offset int64, length int, prot int, flags int) (data []byte, err error) {
-	return mapper.Mmap(fd, offset, length, prot, flags)
-}
-
-func Munmap(b []byte) (err error) {
-	return mapper.Munmap(b)
-}
-
-func MmapPtr(fd int, offset int64, addr unsafe.Pointer, length uintptr, prot int, flags int) (ret unsafe.Pointer, err error) {
-	xaddr, err := mapper.mmap(uintptr(addr), length, prot, flags, fd, offset)
-	return unsafe.Pointer(xaddr), err
-}
-
-func MunmapPtr(addr unsafe.Pointer, length uintptr) (err error) {
-	return mapper.munmap(uintptr(addr), length)
-}
-
 //sys   Gethostname(buf []byte) (err error) = SYS___GETHOSTNAME_A
+//sysnb	Getegid() (egid int)
+//sysnb	Geteuid() (uid int)
 //sysnb	Getgid() (gid int)
 //sysnb	Getpid() (pid int)
 //sysnb	Getpgid(pid int) (pgid int, err error) = SYS_GETPGID
@@ -804,14 +317,11 @@ func Getrusage(who int, rusage *Rusage) (err error) {
 	return
 }
 
-//sys	Getegid() (egid int) = SYS_GETEGID
-//sys	Geteuid() (euid int) = SYS_GETEUID
 //sysnb Getsid(pid int) (sid int, err error) = SYS_GETSID
 //sysnb	Getuid() (uid int)
 //sysnb	Kill(pid int, sig Signal) (err error)
 //sys	Lchown(path string, uid int, gid int) (err error) = SYS___LCHOWN_A
 //sys	Link(path string, link string) (err error) = SYS___LINK_A
-//sys	Linkat(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error) = SYS___LINKAT_A
 //sys	Listen(s int, n int) (err error)
 //sys	lstat(path string, stat *Stat_LE_t) (err error) = SYS___LSTAT_A
 
@@ -822,150 +332,15 @@ func Lstat(path string, stat *Stat_t) (err error) {
 	return
 }
 
-// for checking symlinks begins with $VERSION/ $SYSNAME/ $SYSSYMR/ $SYSSYMA/
-func isSpecialPath(path []byte) (v bool) {
-	var special = [4][8]byte{
-		{'V', 'E', 'R', 'S', 'I', 'O', 'N', '/'},
-		{'S', 'Y', 'S', 'N', 'A', 'M', 'E', '/'},
-		{'S', 'Y', 'S', 'S', 'Y', 'M', 'R', '/'},
-		{'S', 'Y', 'S', 'S', 'Y', 'M', 'A', '/'}}
-
-	var i, j int
-	for i = 0; i < len(special); i++ {
-		for j = 0; j < len(special[i]); j++ {
-			if path[j] != special[i][j] {
-				break
-			}
-		}
-		if j == len(special[i]) {
-			return true
-		}
-	}
-	return false
-}
-
-func realpath(srcpath string, abspath []byte) (pathlen int, errno int) {
-	var source [1024]byte
-	copy(source[:], srcpath)
-	source[len(srcpath)] = 0
-	ret := runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___REALPATH_A<<4, //__realpath_a()
-		[]uintptr{uintptr(unsafe.Pointer(&source[0])),
-			uintptr(unsafe.Pointer(&abspath[0]))})
-	if ret != 0 {
-		index := bytes.IndexByte(abspath[:], byte(0))
-		if index != -1 {
-			return index, 0
-		}
-	} else {
-		errptr := (*int)(unsafe.Pointer(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO<<4, []uintptr{}))) //__errno()
-		return 0, *errptr
-	}
-	return 0, 245 // EBADDATA   245
-}
-
-func Readlink(path string, buf []byte) (n int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 unsafe.Pointer
-	if len(buf) > 0 {
-		_p1 = unsafe.Pointer(&buf[0])
-	} else {
-		_p1 = unsafe.Pointer(&_zero)
-	}
-	n = int(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___READLINK_A<<4,
-		[]uintptr{uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf))}))
-	runtime.KeepAlive(unsafe.Pointer(_p0))
-	if n == -1 {
-		value := *(*int32)(unsafe.Pointer(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO<<4, []uintptr{})))
-		err = errnoErr(Errno(value))
-	} else {
-		if buf[0] == '$' {
-			if isSpecialPath(buf[1:9]) {
-				cnt, err1 := realpath(path, buf)
-				if err1 == 0 {
-					n = cnt
-				}
-			}
-		}
-	}
-	return
-}
-
-func impl_Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 unsafe.Pointer
-	if len(buf) > 0 {
-		_p1 = unsafe.Pointer(&buf[0])
-	} else {
-		_p1 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___READLINKAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
-	runtime.ExitSyscall()
-	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-		return n, err
-	} else {
-		if buf[0] == '$' {
-			if isSpecialPath(buf[1:9]) {
-				cnt, err1 := realpath(path, buf)
-				if err1 == 0 {
-					n = cnt
-				}
-			}
-		}
-	}
-	return
-}
-
-//go:nosplit
-func get_ReadlinkatAddr() *(func(dirfd int, path string, buf []byte) (n int, err error))
-
-var Readlinkat = enter_Readlinkat
-
-func enter_Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
-	funcref := get_ReadlinkatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___READLINKAT_A<<4, "") == 0 {
-		*funcref = impl_Readlinkat
-	} else {
-		*funcref = error_Readlinkat
-	}
-	return (*funcref)(dirfd, path, buf)
-}
-
-func error_Readlinkat(dirfd int, path string, buf []byte) (n int, err error) {
-	n = -1
-	err = ENOSYS
-	return
-}
-
 //sys	Mkdir(path string, mode uint32) (err error) = SYS___MKDIR_A
-//sys	Mkdirat(dirfd int, path string, mode uint32) (err error) = SYS___MKDIRAT_A
 //sys   Mkfifo(path string, mode uint32) (err error) = SYS___MKFIFO_A
 //sys	Mknod(path string, mode uint32, dev int) (err error) = SYS___MKNOD_A
-//sys	Mknodat(dirfd int, path string, mode uint32, dev int) (err error) = SYS___MKNODAT_A
-//sys	PivotRoot(newroot string, oldroot string) (err error) = SYS___PIVOT_ROOT_A
 //sys	Pread(fd int, p []byte, offset int64) (n int, err error)
 //sys	Pwrite(fd int, p []byte, offset int64) (n int, err error)
-//sys	Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) = SYS___PRCTL_A
-//sysnb	Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) = SYS_PRLIMIT
+//sys	Readlink(path string, buf []byte) (n int, err error) = SYS___READLINK_A
 //sys	Rename(from string, to string) (err error) = SYS___RENAME_A
-//sys	Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) = SYS___RENAMEAT_A
-//sys	Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error) = SYS___RENAMEAT2_A
 //sys	Rmdir(path string) (err error) = SYS___RMDIR_A
 //sys   Seek(fd int, offset int64, whence int) (off int64, err error) = SYS_LSEEK
-//sys	Setegid(egid int) (err error) = SYS_SETEGID
-//sys	Seteuid(euid int) (err error) = SYS_SETEUID
-//sys	Sethostname(p []byte) (err error) = SYS___SETHOSTNAME_A
-//sys   Setns(fd int, nstype int) (err error) = SYS_SETNS
 //sys	Setpriority(which int, who int, prio int) (err error)
 //sysnb	Setpgid(pid int, pgid int) (err error) = SYS_SETPGID
 //sysnb	Setrlimit(resource int, lim *Rlimit) (err error)
@@ -985,57 +360,32 @@ func Stat(path string, sta *Stat_t) (err error) {
 }
 
 //sys	Symlink(path string, link string) (err error) = SYS___SYMLINK_A
-//sys	Symlinkat(oldPath string, dirfd int, newPath string) (err error) = SYS___SYMLINKAT_A
 //sys	Sync() = SYS_SYNC
 //sys	Truncate(path string, length int64) (err error) = SYS___TRUNCATE_A
 //sys	Tcgetattr(fildes int, termptr *Termios) (err error) = SYS_TCGETATTR
 //sys	Tcsetattr(fildes int, when int, termptr *Termios) (err error) = SYS_TCSETATTR
 //sys	Umask(mask int) (oldmask int)
 //sys	Unlink(path string) (err error) = SYS___UNLINK_A
-//sys	Unlinkat(dirfd int, path string, flags int) (err error) = SYS___UNLINKAT_A
 //sys	Utime(path string, utim *Utimbuf) (err error) = SYS___UTIME_A
 
 //sys	open(path string, mode int, perm uint32) (fd int, err error) = SYS___OPEN_A
 
 func Open(path string, mode int, perm uint32) (fd int, err error) {
-	if mode&O_ACCMODE == 0 {
-		mode |= O_RDONLY
-	}
 	return open(path, mode, perm)
 }
 
-//sys	openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) = SYS___OPENAT_A
-
-func Openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) {
-	if flags&O_ACCMODE == 0 {
-		flags |= O_RDONLY
+func Mkfifoat(dirfd int, path string, mode uint32) (err error) {
+	wd, err := Getwd()
+	if err != nil {
+		return err
 	}
-	return openat(dirfd, path, flags, mode)
-}
-
-//sys	openat2(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error) = SYS___OPENAT2_A
 
-func Openat2(dirfd int, path string, how *OpenHow) (fd int, err error) {
-	if how.Flags&O_ACCMODE == 0 {
-		how.Flags |= O_RDONLY
+	if err := Fchdir(dirfd); err != nil {
+		return err
 	}
-	return openat2(dirfd, path, how, SizeofOpenHow)
-}
+	defer Chdir(wd)
 
-func ZosFdToPath(dirfd int) (path string, err error) {
-	var buffer [1024]byte
-	runtime.EnterSyscall()
-	ret, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_W_IOCTL<<4, uintptr(dirfd), 17, 1024, uintptr(unsafe.Pointer(&buffer[0])))
-	runtime.ExitSyscall()
-	if ret == 0 {
-		zb := bytes.IndexByte(buffer[:], 0)
-		if zb == -1 {
-			zb = len(buffer)
-		}
-		CallLeFuncWithErr(GetZosLibVec()+SYS___E2A_L<<4, uintptr(unsafe.Pointer(&buffer[0])), uintptr(zb))
-		return string(buffer[:zb]), nil
-	}
-	return "", errnoErr2(e1, e2)
+	return Mkfifo(path, mode)
 }
 
 //sys	remove(path string) (err error)
@@ -1053,12 +403,10 @@ func Getcwd(buf []byte) (n int, err error) {
 	} else {
 		p = unsafe.Pointer(&_zero)
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___GETCWD_A<<4, uintptr(p), uintptr(len(buf)))
-	runtime.ExitSyscall()
+	_, _, e := syscall_syscall(SYS___GETCWD_A, uintptr(p), uintptr(len(buf)), 0)
 	n = clen(buf) + 1
-	if r0 == 0 {
-		err = errnoErr2(e1, e2)
+	if e != 0 {
+		err = errnoErr(e)
 	}
 	return
 }
@@ -1172,41 +520,9 @@ func (w WaitStatus) StopSignal() Signal {
 
 func (w WaitStatus) TrapCause() int { return -1 }
 
-//sys	waitid(idType int, id int, info *Siginfo, options int) (err error)
-
-func Waitid(idType int, id int, info *Siginfo, options int, rusage *Rusage) (err error) {
-	return waitid(idType, id, info, options)
-}
-
 //sys	waitpid(pid int, wstatus *_C_int, options int) (wpid int, err error)
 
-func impl_Wait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_WAIT4<<4, uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options), uintptr(unsafe.Pointer(rusage)))
-	runtime.ExitSyscall()
-	wpid = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_Wait4Addr() *(func(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error))
-
-var Wait4 = enter_Wait4
-
-func enter_Wait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error) {
-	funcref := get_Wait4Addr()
-	if funcptrtest(GetZosLibVec()+SYS_WAIT4<<4, "") == 0 {
-		*funcref = impl_Wait4
-	} else {
-		*funcref = legacyWait4
-	}
-	return (*funcref)(pid, wstatus, options, rusage)
-}
-
-func legacyWait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error) {
+func Wait4(pid int, wstatus *WaitStatus, options int, rusage *Rusage) (wpid int, err error) {
 	// TODO(mundaym): z/OS doesn't have wait4. I don't think getrusage does what we want.
 	// At the moment rusage will not be touched.
 	var status _C_int
@@ -1255,62 +571,23 @@ func Pipe(p []int) (err error) {
 	}
 	var pp [2]_C_int
 	err = pipe(&pp)
-	p[0] = int(pp[0])
-	p[1] = int(pp[1])
+	if err == nil {
+		p[0] = int(pp[0])
+		p[1] = int(pp[1])
+	}
 	return
 }
 
 //sys	utimes(path string, timeval *[2]Timeval) (err error) = SYS___UTIMES_A
 
 func Utimes(path string, tv []Timeval) (err error) {
-	if tv == nil {
-		return utimes(path, nil)
-	}
 	if len(tv) != 2 {
 		return EINVAL
 	}
 	return utimes(path, (*[2]Timeval)(unsafe.Pointer(&tv[0])))
 }
 
-//sys	utimensat(dirfd int, path string, ts *[2]Timespec, flags int) (err error) = SYS___UTIMENSAT_A
-
-func validUtimensat() bool {
-	if funcptrtest(GetZosLibVec()+SYS___UTIMENSAT_A<<4, "") == 0 {
-		if name, err := getLeFuncName(GetZosLibVec() + SYS___UTIMENSAT_A<<4); err == nil {
-			return name == "__utimensat_a"
-		}
-	}
-	return false
-}
-
-// Begin UtimesNano
-
-//go:nosplit
-func get_UtimesNanoAddr() *(func(path string, ts []Timespec) (err error))
-
-var UtimesNano = enter_UtimesNano
-
-func enter_UtimesNano(path string, ts []Timespec) (err error) {
-	funcref := get_UtimesNanoAddr()
-	if validUtimensat() {
-		*funcref = utimesNanoImpl
-	} else {
-		*funcref = legacyUtimesNano
-	}
-	return (*funcref)(path, ts)
-}
-
-func utimesNanoImpl(path string, ts []Timespec) (err error) {
-	if ts == nil {
-		return utimensat(AT_FDCWD, path, nil, 0)
-	}
-	if len(ts) != 2 {
-		return EINVAL
-	}
-	return utimensat(AT_FDCWD, path, (*[2]Timespec)(unsafe.Pointer(&ts[0])), 0)
-}
-
-func legacyUtimesNano(path string, ts []Timespec) (err error) {
+func UtimesNano(path string, ts []Timespec) error {
 	if len(ts) != 2 {
 		return EINVAL
 	}
@@ -1323,70 +600,6 @@ func legacyUtimesNano(path string, ts []Timespec) (err error) {
 	return utimes(path, (*[2]Timeval)(unsafe.Pointer(&tv[0])))
 }
 
-// End UtimesNano
-
-// Begin UtimesNanoAt
-
-//go:nosplit
-func get_UtimesNanoAtAddr() *(func(dirfd int, path string, ts []Timespec, flags int) (err error))
-
-var UtimesNanoAt = enter_UtimesNanoAt
-
-func enter_UtimesNanoAt(dirfd int, path string, ts []Timespec, flags int) (err error) {
-	funcref := get_UtimesNanoAtAddr()
-	if validUtimensat() {
-		*funcref = utimesNanoAtImpl
-	} else {
-		*funcref = legacyUtimesNanoAt
-	}
-	return (*funcref)(dirfd, path, ts, flags)
-}
-
-func utimesNanoAtImpl(dirfd int, path string, ts []Timespec, flags int) (err error) {
-	if ts == nil {
-		return utimensat(dirfd, path, nil, flags)
-	}
-	if len(ts) != 2 {
-		return EINVAL
-	}
-	return utimensat(dirfd, path, (*[2]Timespec)(unsafe.Pointer(&ts[0])), flags)
-}
-
-func legacyUtimesNanoAt(dirfd int, path string, ts []Timespec, flags int) (err error) {
-	if path[0] != '/' {
-		dirPath, err := ZosFdToPath(dirfd)
-		if err != nil {
-			return err
-		}
-		path = dirPath + "/" + path
-	}
-	if flags == AT_SYMLINK_NOFOLLOW {
-		if len(ts) != 2 {
-			return EINVAL
-		}
-
-		if ts[0].Nsec >= 5e8 {
-			ts[0].Sec++
-		}
-		ts[0].Nsec = 0
-		if ts[1].Nsec >= 5e8 {
-			ts[1].Sec++
-		}
-		ts[1].Nsec = 0
-
-		// Not as efficient as it could be because Timespec and
-		// Timeval have different types in the different OSes
-		tv := []Timeval{
-			NsecToTimeval(TimespecToNsec(ts[0])),
-			NsecToTimeval(TimespecToNsec(ts[1])),
-		}
-		return Lutimes(path, tv)
-	}
-	return UtimesNano(path, ts)
-}
-
-// End UtimesNanoAt
-
 func Getsockname(fd int) (sa Sockaddr, err error) {
 	var rsa RawSockaddrAny
 	var len _Socklen = SizeofSockaddrAny
@@ -1978,13 +1191,10 @@ func Opendir(name string) (uintptr, error) {
 	if err != nil {
 		return 0, err
 	}
-	err = nil
-	runtime.EnterSyscall()
-	dir, e2, e1 := CallLeFuncWithPtrReturn(GetZosLibVec()+SYS___OPENDIR_A<<4, uintptr(unsafe.Pointer(p)))
-	runtime.ExitSyscall()
+	dir, _, e := syscall_syscall(SYS___OPENDIR_A, uintptr(unsafe.Pointer(p)), 0, 0)
 	runtime.KeepAlive(unsafe.Pointer(p))
-	if dir == 0 {
-		err = errnoErr2(e1, e2)
+	if e != 0 {
+		err = errnoErr(e)
 	}
 	return dir, err
 }
@@ -1992,27 +1202,51 @@ func Opendir(name string) (uintptr, error) {
 // clearsyscall.Errno resets the errno value to 0.
 func clearErrno()
 
+func Readdir(dir uintptr) (*Dirent, error) {
+	var ent Dirent
+	var res uintptr
+	// __readdir_r_a returns errno at the end of the directory stream, rather than 0.
+	// Therefore to avoid false positives we clear errno before calling it.
+
+	// TODO(neeilan): Commented this out to get sys/unix compiling on z/OS. Uncomment and fix. Error: "undefined: clearsyscall"
+	//clearsyscall.Errno() // TODO(mundaym): check pre-emption rules.
+
+	e, _, _ := syscall_syscall(SYS___READDIR_R_A, dir, uintptr(unsafe.Pointer(&ent)), uintptr(unsafe.Pointer(&res)))
+	var err error
+	if e != 0 {
+		err = errnoErr(Errno(e))
+	}
+	if res == 0 {
+		return nil, err
+	}
+	return &ent, err
+}
+
+func readdir_r(dirp uintptr, entry *direntLE, result **direntLE) (err error) {
+	r0, _, e1 := syscall_syscall(SYS___READDIR_R_A, dirp, uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
+	if int64(r0) == -1 {
+		err = errnoErr(Errno(e1))
+	}
+	return
+}
+
 func Closedir(dir uintptr) error {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_CLOSEDIR<<4, dir)
-	runtime.ExitSyscall()
-	if r0 != 0 {
-		return errnoErr2(e1, e2)
+	_, _, e := syscall_syscall(SYS_CLOSEDIR, dir, 0, 0)
+	if e != 0 {
+		return errnoErr(e)
 	}
 	return nil
 }
 
 func Seekdir(dir uintptr, pos int) {
-	runtime.EnterSyscall()
-	CallLeFuncWithErr(GetZosLibVec()+SYS_SEEKDIR<<4, dir, uintptr(pos))
-	runtime.ExitSyscall()
+	_, _, _ = syscall_syscall(SYS_SEEKDIR, dir, uintptr(pos), 0)
 }
 
 func Telldir(dir uintptr) (int, error) {
-	p, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_TELLDIR<<4, dir)
+	p, _, e := syscall_syscall(SYS_TELLDIR, dir, 0, 0)
 	pos := int(p)
-	if int64(p) == -1 {
-		return pos, errnoErr2(e1, e2)
+	if pos == -1 {
+		return pos, errnoErr(e)
 	}
 	return pos, nil
 }
@@ -2027,55 +1261,19 @@ func FcntlFlock(fd uintptr, cmd int, lk *Flock_t) error {
 	*(*int64)(unsafe.Pointer(&flock[4])) = lk.Start
 	*(*int64)(unsafe.Pointer(&flock[12])) = lk.Len
 	*(*int32)(unsafe.Pointer(&flock[20])) = lk.Pid
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCNTL<<4, fd, uintptr(cmd), uintptr(unsafe.Pointer(&flock)))
-	runtime.ExitSyscall()
+	_, _, errno := syscall_syscall(SYS_FCNTL, fd, uintptr(cmd), uintptr(unsafe.Pointer(&flock)))
 	lk.Type = *(*int16)(unsafe.Pointer(&flock[0]))
 	lk.Whence = *(*int16)(unsafe.Pointer(&flock[2]))
 	lk.Start = *(*int64)(unsafe.Pointer(&flock[4]))
 	lk.Len = *(*int64)(unsafe.Pointer(&flock[12]))
 	lk.Pid = *(*int32)(unsafe.Pointer(&flock[20]))
-	if r0 == 0 {
+	if errno == 0 {
 		return nil
 	}
-	return errnoErr2(e1, e2)
-}
-
-func impl_Flock(fd int, how int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FLOCK<<4, uintptr(fd), uintptr(how))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FlockAddr() *(func(fd int, how int) (err error))
-
-var Flock = enter_Flock
-
-func validFlock(fp uintptr) bool {
-	if funcptrtest(GetZosLibVec()+SYS_FLOCK<<4, "") == 0 {
-		if name, err := getLeFuncName(GetZosLibVec() + SYS_FLOCK<<4); err == nil {
-			return name == "flock"
-		}
-	}
-	return false
-}
-
-func enter_Flock(fd int, how int) (err error) {
-	funcref := get_FlockAddr()
-	if validFlock(GetZosLibVec() + SYS_FLOCK<<4) {
-		*funcref = impl_Flock
-	} else {
-		*funcref = legacyFlock
-	}
-	return (*funcref)(fd, how)
+	return errno
 }
 
-func legacyFlock(fd int, how int) error {
+func Flock(fd int, how int) error {
 
 	var flock_type int16
 	var fcntl_cmd int
@@ -2109,51 +1307,41 @@ func legacyFlock(fd int, how int) error {
 }
 
 func Mlock(b []byte) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_NONSWAP)
-	runtime.ExitSyscall()
-	if r0 != 0 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_NONSWAP, 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 func Mlock2(b []byte, flags int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_NONSWAP)
-	runtime.ExitSyscall()
-	if r0 != 0 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_NONSWAP, 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 func Mlockall(flags int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_NONSWAP)
-	runtime.ExitSyscall()
-	if r0 != 0 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_NONSWAP, 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 func Munlock(b []byte) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_SWAP)
-	runtime.ExitSyscall()
-	if r0 != 0 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_SWAP, 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 func Munlockall() (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MLOCKALL<<4, _BPX_SWAP)
-	runtime.ExitSyscall()
-	if r0 != 0 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___MLOCKALL, _BPX_SWAP, 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2169,119 +1357,30 @@ func ClockGettime(clockid int32, ts *Timespec) error {
 	if clockid == CLOCK_REALTIME || clockid == CLOCK_MONOTONIC {
 		var nanotime int64 = runtime.Nanotime1()
 		ts.Sec = nanotime / nsec_per_sec
-		ts.Nsec = nanotime % nsec_per_sec
-	} else if clockid == CLOCK_PROCESS_CPUTIME_ID || clockid == CLOCK_THREAD_CPUTIME_ID {
-		var tm Tms
-		_, err := Times(&tm)
-		if err != nil {
-			return EFAULT
-		}
-		ts.Sec = int64(tm.Utime / ticks_per_sec)
-		ts.Nsec = int64(tm.Utime) * nsec_per_sec / int64(ticks_per_sec)
-	} else {
-		return EINVAL
-	}
-	return nil
-}
-
-// Chtag
-
-//go:nosplit
-func get_ChtagAddr() *(func(path string, ccsid uint64, textbit uint64) error)
-
-var Chtag = enter_Chtag
-
-func enter_Chtag(path string, ccsid uint64, textbit uint64) error {
-	funcref := get_ChtagAddr()
-	if validSetxattr() {
-		*funcref = impl_Chtag
-	} else {
-		*funcref = legacy_Chtag
-	}
-	return (*funcref)(path, ccsid, textbit)
-}
-
-func legacy_Chtag(path string, ccsid uint64, textbit uint64) error {
-	tag := ccsid<<16 | textbit<<15
-	var tag_buff [8]byte
-	DecodeData(tag_buff[:], 8, tag)
-	return Setxattr(path, "filetag", tag_buff[:], XATTR_REPLACE)
-}
-
-func impl_Chtag(path string, ccsid uint64, textbit uint64) error {
-	tag := ccsid<<16 | textbit<<15
-	var tag_buff [4]byte
-	DecodeData(tag_buff[:], 4, tag)
-	return Setxattr(path, "system.filetag", tag_buff[:], XATTR_REPLACE)
-}
-
-// End of Chtag
-
-// Nanosleep
-
-//go:nosplit
-func get_NanosleepAddr() *(func(time *Timespec, leftover *Timespec) error)
-
-var Nanosleep = enter_Nanosleep
-
-func enter_Nanosleep(time *Timespec, leftover *Timespec) error {
-	funcref := get_NanosleepAddr()
-	if funcptrtest(GetZosLibVec()+SYS_NANOSLEEP<<4, "") == 0 {
-		*funcref = impl_Nanosleep
+		ts.Nsec = nanotime % nsec_per_sec
+	} else if clockid == CLOCK_PROCESS_CPUTIME_ID || clockid == CLOCK_THREAD_CPUTIME_ID {
+		var tm Tms
+		_, err := Times(&tm)
+		if err != nil {
+			return EFAULT
+		}
+		ts.Sec = int64(tm.Utime / ticks_per_sec)
+		ts.Nsec = int64(tm.Utime) * nsec_per_sec / int64(ticks_per_sec)
 	} else {
-		*funcref = legacyNanosleep
-	}
-	return (*funcref)(time, leftover)
-}
-
-func impl_Nanosleep(time *Timespec, leftover *Timespec) error {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_NANOSLEEP<<4, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		return errnoErr2(e1, e2)
+		return EINVAL
 	}
 	return nil
 }
 
-func legacyNanosleep(time *Timespec, leftover *Timespec) error {
-	t0 := runtime.Nanotime1()
-	var secrem uint32
-	var nsecrem uint32
-	total := time.Sec*1000000000 + time.Nsec
-	elapsed := runtime.Nanotime1() - t0
-	var rv int32
-	var rc int32
-	var err error
-	// repeatedly sleep for 1 second until less than 1 second left
-	for total-elapsed > 1000000000 {
-		rv, rc, _ = BpxCondTimedWait(uint32(1), uint32(0), uint32(CW_CONDVAR), &secrem, &nsecrem)
-		if rv != 0 && rc != 112 { // 112 is EAGAIN
-			if leftover != nil && rc == 120 { // 120 is EINTR
-				leftover.Sec = int64(secrem)
-				leftover.Nsec = int64(nsecrem)
-			}
-			err = Errno(rc)
-			return err
-		}
-		elapsed = runtime.Nanotime1() - t0
-	}
-	// sleep the remainder
-	if total > elapsed {
-		rv, rc, _ = BpxCondTimedWait(uint32(0), uint32(total-elapsed), uint32(CW_CONDVAR), &secrem, &nsecrem)
-	}
-	if leftover != nil && rc == 120 {
-		leftover.Sec = int64(secrem)
-		leftover.Nsec = int64(nsecrem)
-	}
-	if rv != 0 && rc != 112 {
-		err = Errno(rc)
+func Statfs(path string, stat *Statfs_t) (err error) {
+	fd, err := open(path, O_RDONLY, 0)
+	defer Close(fd)
+	if err != nil {
+		return err
 	}
-	return err
+	return Fstatfs(fd, stat)
 }
 
-// End of Nanosleep
-
 var (
 	Stdin  = 0
 	Stdout = 1
@@ -2296,9 +1395,6 @@ var (
 	errENOENT error = syscall.ENOENT
 )
 
-var ZosTraceLevel int
-var ZosTracefile *os.File
-
 var (
 	signalNameMapOnce sync.Once
 	signalNameMap     map[string]syscall.Signal
@@ -2320,56 +1416,6 @@ func errnoErr(e Errno) error {
 	return e
 }
 
-var reg *regexp.Regexp
-
-// enhanced with zos specific errno2
-func errnoErr2(e Errno, e2 uintptr) error {
-	switch e {
-	case 0:
-		return nil
-	case EAGAIN:
-		return errEAGAIN
-		/*
-			Allow the retrieval of errno2 for EINVAL and ENOENT on zos
-				case EINVAL:
-					return errEINVAL
-				case ENOENT:
-					return errENOENT
-		*/
-	}
-	if ZosTraceLevel > 0 {
-		var name string
-		if reg == nil {
-			reg = regexp.MustCompile("(^unix\\.[^/]+$|.*\\/unix\\.[^/]+$)")
-		}
-		i := 1
-		pc, file, line, ok := runtime.Caller(i)
-		if ok {
-			name = runtime.FuncForPC(pc).Name()
-		}
-		for ok && reg.MatchString(runtime.FuncForPC(pc).Name()) {
-			i += 1
-			pc, file, line, ok = runtime.Caller(i)
-		}
-		if ok {
-			if ZosTracefile == nil {
-				ZosConsolePrintf("From %s:%d\n", file, line)
-				ZosConsolePrintf("%s: %s (errno2=0x%x)\n", name, e.Error(), e2)
-			} else {
-				fmt.Fprintf(ZosTracefile, "From %s:%d\n", file, line)
-				fmt.Fprintf(ZosTracefile, "%s: %s (errno2=0x%x)\n", name, e.Error(), e2)
-			}
-		} else {
-			if ZosTracefile == nil {
-				ZosConsolePrintf("%s (errno2=0x%x)\n", e.Error(), e2)
-			} else {
-				fmt.Fprintf(ZosTracefile, "%s (errno2=0x%x)\n", e.Error(), e2)
-			}
-		}
-	}
-	return e
-}
-
 // ErrnoName returns the error name for error number e.
 func ErrnoName(e Errno) string {
 	i := sort.Search(len(errorList), func(i int) bool {
@@ -2428,9 +1474,6 @@ func (m *mmapper) Mmap(fd int, offset int64, length int, prot int, flags int) (d
 		return nil, EINVAL
 	}
 
-	// Set __MAP_64 by default
-	flags |= __MAP_64
-
 	// Map the requested memory.
 	addr, errno := m.mmap(0, uintptr(length), prot, flags, fd, offset)
 	if errno != nil {
@@ -2735,170 +1778,83 @@ func Exec(argv0 string, argv []string, envv []string) error {
 	return syscall.Exec(argv0, argv, envv)
 }
 
-func Getag(path string) (ccsid uint16, flag uint16, err error) {
-	var val [8]byte
-	sz, err := Getxattr(path, "ccsid", val[:])
-	if err != nil {
-		return
-	}
-	ccsid = uint16(EncodeData(val[0:sz]))
-	sz, err = Getxattr(path, "flags", val[:])
-	if err != nil {
-		return
-	}
-	flag = uint16(EncodeData(val[0:sz]) >> 15)
-	return
-}
-
-// Mount begin
-func impl_Mount(source string, target string, fstype string, flags uintptr, data string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(source)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(target)
-	if err != nil {
-		return
-	}
-	var _p2 *byte
-	_p2, err = BytePtrFromString(fstype)
-	if err != nil {
-		return
-	}
-	var _p3 *byte
-	_p3, err = BytePtrFromString(data)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MOUNT1_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(_p2)), uintptr(flags), uintptr(unsafe.Pointer(_p3)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_MountAddr() *(func(source string, target string, fstype string, flags uintptr, data string) (err error))
-
-var Mount = enter_Mount
-
-func enter_Mount(source string, target string, fstype string, flags uintptr, data string) (err error) {
-	funcref := get_MountAddr()
-	if validMount() {
-		*funcref = impl_Mount
-	} else {
-		*funcref = legacyMount
-	}
-	return (*funcref)(source, target, fstype, flags, data)
-}
-
-func legacyMount(source string, target string, fstype string, flags uintptr, data string) (err error) {
+func Mount(source string, target string, fstype string, flags uintptr, data string) (err error) {
 	if needspace := 8 - len(fstype); needspace <= 0 {
-		fstype = fstype[0:8]
+		fstype = fstype[:8]
 	} else {
-		fstype += "        "[0:needspace]
+		fstype += "        "[:needspace]
 	}
 	return mount_LE(target, source, fstype, uint32(flags), int32(len(data)), data)
 }
 
-func validMount() bool {
-	if funcptrtest(GetZosLibVec()+SYS___MOUNT1_A<<4, "") == 0 {
-		if name, err := getLeFuncName(GetZosLibVec() + SYS___MOUNT1_A<<4); err == nil {
-			return name == "__mount1_a"
-		}
-	}
-	return false
-}
-
-// Mount end
-
-// Unmount begin
-func impl_Unmount(target string, flags int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(target)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UMOUNT2_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_UnmountAddr() *(func(target string, flags int) (err error))
-
-var Unmount = enter_Unmount
-
-func enter_Unmount(target string, flags int) (err error) {
-	funcref := get_UnmountAddr()
-	if funcptrtest(GetZosLibVec()+SYS___UMOUNT2_A<<4, "") == 0 {
-		*funcref = impl_Unmount
-	} else {
-		*funcref = legacyUnmount
-	}
-	return (*funcref)(target, flags)
-}
-
-func legacyUnmount(name string, mtm int) (err error) {
+func Unmount(name string, mtm int) (err error) {
 	// mountpoint is always a full path and starts with a '/'
 	// check if input string is not a mountpoint but a filesystem name
 	if name[0] != '/' {
-		return unmount_LE(name, mtm)
+		return unmount(name, mtm)
 	}
 	// treat name as mountpoint
 	b2s := func(arr []byte) string {
-		var str string
-		for i := 0; i < len(arr); i++ {
-			if arr[i] == 0 {
-				str = string(arr[:i])
-				break
-			}
+		nulli := bytes.IndexByte(arr, 0)
+		if nulli == -1 {
+			return string(arr)
+		} else {
+			return string(arr[:nulli])
 		}
-		return str
 	}
 	var buffer struct {
 		header W_Mnth
 		fsinfo [64]W_Mntent
 	}
-	fs_count, err := W_Getmntent_A((*byte)(unsafe.Pointer(&buffer)), int(unsafe.Sizeof(buffer)))
-	if err == nil {
-		err = EINVAL
-		for i := 0; i < fs_count; i++ {
-			if b2s(buffer.fsinfo[i].Mountpoint[:]) == name {
-				err = unmount_LE(b2s(buffer.fsinfo[i].Fsname[:]), mtm)
-				break
-			}
+	fsCount, err := W_Getmntent_A((*byte)(unsafe.Pointer(&buffer)), int(unsafe.Sizeof(buffer)))
+	if err != nil {
+		return err
+	}
+	if fsCount == 0 {
+		return EINVAL
+	}
+	for i := 0; i < fsCount; i++ {
+		if b2s(buffer.fsinfo[i].Mountpoint[:]) == name {
+			err = unmount(b2s(buffer.fsinfo[i].Fsname[:]), mtm)
+			break
 		}
-	} else if fs_count == 0 {
-		err = EINVAL
 	}
 	return err
 }
 
-// Unmount end
-
-func direntIno(buf []byte) (uint64, bool) {
-	return readInt(buf, unsafe.Offsetof(Dirent{}.Ino), unsafe.Sizeof(Dirent{}.Ino))
-}
-
-func direntReclen(buf []byte) (uint64, bool) {
-	return readInt(buf, unsafe.Offsetof(Dirent{}.Reclen), unsafe.Sizeof(Dirent{}.Reclen))
-}
-
-func direntNamlen(buf []byte) (uint64, bool) {
-	reclen, ok := direntReclen(buf)
-	if !ok {
-		return 0, false
+func fdToPath(dirfd int) (path string, err error) {
+	var buffer [1024]byte
+	// w_ctrl()
+	ret := runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS_W_IOCTL<<4,
+		[]uintptr{uintptr(dirfd), 17, 1024, uintptr(unsafe.Pointer(&buffer[0]))})
+	if ret == 0 {
+		zb := bytes.IndexByte(buffer[:], 0)
+		if zb == -1 {
+			zb = len(buffer)
+		}
+		// __e2a_l()
+		runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___E2A_L<<4,
+			[]uintptr{uintptr(unsafe.Pointer(&buffer[0])), uintptr(zb)})
+		return string(buffer[:zb]), nil
+	}
+	// __errno()
+	errno := int(*(*int32)(unsafe.Pointer(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO<<4,
+		[]uintptr{}))))
+	// __errno2()
+	errno2 := int(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO2<<4,
+		[]uintptr{}))
+	// strerror_r()
+	ret = runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS_STRERROR_R<<4,
+		[]uintptr{uintptr(errno), uintptr(unsafe.Pointer(&buffer[0])), 1024})
+	if ret == 0 {
+		zb := bytes.IndexByte(buffer[:], 0)
+		if zb == -1 {
+			zb = len(buffer)
+		}
+		return "", fmt.Errorf("%s (errno2=0x%x)", buffer[:zb], errno2)
+	} else {
+		return "", fmt.Errorf("fdToPath errno %d (errno2=0x%x)", errno, errno2)
 	}
-	return reclen - uint64(unsafe.Offsetof(Dirent{}.Name)), true
 }
 
 func direntLeToDirentUnix(dirent *direntLE, dir uintptr, path string) (Dirent, error) {
@@ -2940,7 +1896,7 @@ func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
 	}
 
 	// Get path from fd to avoid unavailable call (fdopendir)
-	path, err := ZosFdToPath(fd)
+	path, err := fdToPath(fd)
 	if err != nil {
 		return 0, err
 	}
@@ -2954,7 +1910,7 @@ func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
 	for {
 		var entryLE direntLE
 		var entrypLE *direntLE
-		e := Readdir_r(d, &entryLE, &entrypLE)
+		e := readdir_r(d, &entryLE, &entrypLE)
 		if e != nil {
 			return n, e
 		}
@@ -3000,214 +1956,23 @@ func Getdirentries(fd int, buf []byte, basep *uintptr) (n int, err error) {
 	return n, nil
 }
 
-func Err2ad() (eadd *int) {
-	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS___ERR2AD<<4)
-	eadd = (*int)(unsafe.Pointer(r0))
-	return
-}
-
-func ZosConsolePrintf(format string, v ...interface{}) (int, error) {
-	type __cmsg struct {
-		_            uint16
-		_            [2]uint8
-		__msg_length uint32
-		__msg        uintptr
-		_            [4]uint8
-	}
-	msg := fmt.Sprintf(format, v...)
-	strptr := unsafe.Pointer((*reflect.StringHeader)(unsafe.Pointer(&msg)).Data)
-	len := (*reflect.StringHeader)(unsafe.Pointer(&msg)).Len
-	cmsg := __cmsg{__msg_length: uint32(len), __msg: uintptr(strptr)}
-	cmd := uint32(0)
-	runtime.EnterSyscall()
-	rc, err2, err1 := CallLeFuncWithErr(GetZosLibVec()+SYS_____CONSOLE_A<<4, uintptr(unsafe.Pointer(&cmsg)), 0, uintptr(unsafe.Pointer(&cmd)))
-	runtime.ExitSyscall()
-	if rc != 0 {
-		return 0, fmt.Errorf("%s (errno2=0x%x)\n", err1.Error(), err2)
-	}
-	return 0, nil
-}
-func ZosStringToEbcdicBytes(str string, nullterm bool) (ebcdicBytes []byte) {
-	if nullterm {
-		ebcdicBytes = []byte(str + "\x00")
-	} else {
-		ebcdicBytes = []byte(str)
-	}
-	A2e(ebcdicBytes)
-	return
-}
-func ZosEbcdicBytesToString(b []byte, trimRight bool) (str string) {
-	res := make([]byte, len(b))
-	copy(res, b)
-	E2a(res)
-	if trimRight {
-		str = string(bytes.TrimRight(res, " \x00"))
-	} else {
-		str = string(res)
-	}
-	return
-}
-
-func fdToPath(dirfd int) (path string, err error) {
-	var buffer [1024]byte
-	// w_ctrl()
-	ret := runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS_W_IOCTL<<4,
-		[]uintptr{uintptr(dirfd), 17, 1024, uintptr(unsafe.Pointer(&buffer[0]))})
-	if ret == 0 {
-		zb := bytes.IndexByte(buffer[:], 0)
-		if zb == -1 {
-			zb = len(buffer)
-		}
-		// __e2a_l()
-		runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___E2A_L<<4,
-			[]uintptr{uintptr(unsafe.Pointer(&buffer[0])), uintptr(zb)})
-		return string(buffer[:zb]), nil
-	}
-	// __errno()
-	errno := int(*(*int32)(unsafe.Pointer(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO<<4,
-		[]uintptr{}))))
-	// __errno2()
-	errno2 := int(runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS___ERRNO2<<4,
-		[]uintptr{}))
-	// strerror_r()
-	ret = runtime.CallLeFuncByPtr(runtime.XplinkLibvec+SYS_STRERROR_R<<4,
-		[]uintptr{uintptr(errno), uintptr(unsafe.Pointer(&buffer[0])), 1024})
-	if ret == 0 {
-		zb := bytes.IndexByte(buffer[:], 0)
-		if zb == -1 {
-			zb = len(buffer)
-		}
-		return "", fmt.Errorf("%s (errno2=0x%x)", buffer[:zb], errno2)
-	} else {
-		return "", fmt.Errorf("fdToPath errno %d (errno2=0x%x)", errno, errno2)
-	}
-}
-
-func impl_Mkfifoat(dirfd int, path string, mode uint32) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKFIFOAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_MkfifoatAddr() *(func(dirfd int, path string, mode uint32) (err error))
-
-var Mkfifoat = enter_Mkfifoat
-
-func enter_Mkfifoat(dirfd int, path string, mode uint32) (err error) {
-	funcref := get_MkfifoatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___MKFIFOAT_A<<4, "") == 0 {
-		*funcref = impl_Mkfifoat
-	} else {
-		*funcref = legacy_Mkfifoat
-	}
-	return (*funcref)(dirfd, path, mode)
-}
-
-func legacy_Mkfifoat(dirfd int, path string, mode uint32) (err error) {
-	dirname, err := ZosFdToPath(dirfd)
-	if err != nil {
-		return err
-	}
-	return Mkfifo(dirname+"/"+path, mode)
-}
-
-//sys	Posix_openpt(oflag int) (fd int, err error) = SYS_POSIX_OPENPT
-//sys	Grantpt(fildes int) (rc int, err error) = SYS_GRANTPT
-//sys	Unlockpt(fildes int) (rc int, err error) = SYS_UNLOCKPT
-
-func fcntlAsIs(fd uintptr, cmd int, arg uintptr) (val int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCNTL<<4, uintptr(fd), uintptr(cmd), arg)
-	runtime.ExitSyscall()
-	val = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
+func ReadDirent(fd int, buf []byte) (n int, err error) {
+	var base = (*uintptr)(unsafe.Pointer(new(uint64)))
+	return Getdirentries(fd, buf, base)
 }
 
-func Fcntl(fd uintptr, cmd int, op interface{}) (ret int, err error) {
-	switch op.(type) {
-	case *Flock_t:
-		err = FcntlFlock(fd, cmd, op.(*Flock_t))
-		if err != nil {
-			ret = -1
-		}
-		return
-	case int:
-		return FcntlInt(fd, cmd, op.(int))
-	case *F_cnvrt:
-		return fcntlAsIs(fd, cmd, uintptr(unsafe.Pointer(op.(*F_cnvrt))))
-	case unsafe.Pointer:
-		return fcntlAsIs(fd, cmd, uintptr(op.(unsafe.Pointer)))
-	default:
-		return -1, EINVAL
-	}
-	return
+func direntIno(buf []byte) (uint64, bool) {
+	return readInt(buf, unsafe.Offsetof(Dirent{}.Ino), unsafe.Sizeof(Dirent{}.Ino))
 }
 
-func Sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) {
-	if raceenabled {
-		raceReleaseMerge(unsafe.Pointer(&ioSync))
-	}
-	return sendfile(outfd, infd, offset, count)
+func direntReclen(buf []byte) (uint64, bool) {
+	return readInt(buf, unsafe.Offsetof(Dirent{}.Reclen), unsafe.Sizeof(Dirent{}.Reclen))
 }
 
-func sendfile(outfd int, infd int, offset *int64, count int) (written int, err error) {
-	// TODO: use LE call instead if the call is implemented
-	originalOffset, err := Seek(infd, 0, SEEK_CUR)
-	if err != nil {
-		return -1, err
-	}
-	//start reading data from in_fd
-	if offset != nil {
-		_, err := Seek(infd, *offset, SEEK_SET)
-		if err != nil {
-			return -1, err
-		}
-	}
-
-	buf := make([]byte, count)
-	readBuf := make([]byte, 0)
-	var n int = 0
-	for i := 0; i < count; i += n {
-		n, err := Read(infd, buf)
-		if n == 0 {
-			if err != nil {
-				return -1, err
-			} else { // EOF
-				break
-			}
-		}
-		readBuf = append(readBuf, buf...)
-		buf = buf[0:0]
-	}
-
-	n2, err := Write(outfd, readBuf)
-	if err != nil {
-		return -1, err
-	}
-
-	//When sendfile() returns, this variable will be set to the
-	// offset of the byte following the last byte that was read.
-	if offset != nil {
-		*offset = *offset + int64(n)
-		// If offset is not NULL, then sendfile() does not modify the file
-		// offset of in_fd
-		_, err := Seek(infd, originalOffset, SEEK_SET)
-		if err != nil {
-			return -1, err
-		}
+func direntNamlen(buf []byte) (uint64, bool) {
+	reclen, ok := direntReclen(buf)
+	if !ok {
+		return 0, false
 	}
-	return n2, nil
+	return reclen - uint64(unsafe.Offsetof(Dirent{}.Name)), true
 }
diff --git a/vendor/golang.org/x/sys/unix/sysvshm_unix.go b/vendor/golang.org/x/sys/unix/sysvshm_unix.go
index 672d6b0a8..79a84f18b 100644
--- a/vendor/golang.org/x/sys/unix/sysvshm_unix.go
+++ b/vendor/golang.org/x/sys/unix/sysvshm_unix.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build (darwin && !ios) || linux || zos
+//go:build (darwin && !ios) || linux
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go b/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go
index 8b7977a28..9eb0db664 100644
--- a/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go
+++ b/vendor/golang.org/x/sys/unix/sysvshm_unix_other.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build (darwin && !ios) || zos
+//go:build darwin && !ios
 
 package unix
 
diff --git a/vendor/golang.org/x/sys/unix/vgetrandom_linux.go b/vendor/golang.org/x/sys/unix/vgetrandom_linux.go
deleted file mode 100644
index 07ac8e09d..000000000
--- a/vendor/golang.org/x/sys/unix/vgetrandom_linux.go
+++ /dev/null
@@ -1,13 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build linux && go1.24
-
-package unix
-
-import _ "unsafe"
-
-//go:linkname vgetrandom runtime.vgetrandom
-//go:noescape
-func vgetrandom(p []byte, flags uint32) (ret int, supported bool)
diff --git a/vendor/golang.org/x/sys/unix/vgetrandom_unsupported.go b/vendor/golang.org/x/sys/unix/vgetrandom_unsupported.go
deleted file mode 100644
index 297e97bce..000000000
--- a/vendor/golang.org/x/sys/unix/vgetrandom_unsupported.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !linux || !go1.24
-
-package unix
-
-func vgetrandom(p []byte, flags uint32) (ret int, supported bool) {
-	return -1, false
-}
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
index d73c4652e..e40fa8524 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
@@ -237,9 +237,6 @@ const (
 	CLOCK_UPTIME_RAW_APPROX                 = 0x9
 	CLONE_NOFOLLOW                          = 0x1
 	CLONE_NOOWNERCOPY                       = 0x2
-	CONNECT_DATA_AUTHENTICATED              = 0x4
-	CONNECT_DATA_IDEMPOTENT                 = 0x2
-	CONNECT_RESUME_ON_READ_WRITE            = 0x1
 	CR0                                     = 0x0
 	CR1                                     = 0x1000
 	CR2                                     = 0x2000
@@ -1172,11 +1169,6 @@ const (
 	PT_WRITE_D                              = 0x5
 	PT_WRITE_I                              = 0x4
 	PT_WRITE_U                              = 0x6
-	RENAME_EXCL                             = 0x4
-	RENAME_NOFOLLOW_ANY                     = 0x10
-	RENAME_RESERVED1                        = 0x8
-	RENAME_SECLUDE                          = 0x1
-	RENAME_SWAP                             = 0x2
 	RLIMIT_AS                               = 0x5
 	RLIMIT_CORE                             = 0x4
 	RLIMIT_CPU                              = 0x0
@@ -1268,10 +1260,6 @@ const (
 	RTV_SSTHRESH                            = 0x20
 	RUSAGE_CHILDREN                         = -0x1
 	RUSAGE_SELF                             = 0x0
-	SAE_ASSOCID_ALL                         = 0xffffffff
-	SAE_ASSOCID_ANY                         = 0x0
-	SAE_CONNID_ALL                          = 0xffffffff
-	SAE_CONNID_ANY                          = 0x0
 	SCM_CREDS                               = 0x3
 	SCM_RIGHTS                              = 0x1
 	SCM_TIMESTAMP                           = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
index 4a55a4005..bb02aa6c0 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
@@ -237,9 +237,6 @@ const (
 	CLOCK_UPTIME_RAW_APPROX                 = 0x9
 	CLONE_NOFOLLOW                          = 0x1
 	CLONE_NOOWNERCOPY                       = 0x2
-	CONNECT_DATA_AUTHENTICATED              = 0x4
-	CONNECT_DATA_IDEMPOTENT                 = 0x2
-	CONNECT_RESUME_ON_READ_WRITE            = 0x1
 	CR0                                     = 0x0
 	CR1                                     = 0x1000
 	CR2                                     = 0x2000
@@ -1172,11 +1169,6 @@ const (
 	PT_WRITE_D                              = 0x5
 	PT_WRITE_I                              = 0x4
 	PT_WRITE_U                              = 0x6
-	RENAME_EXCL                             = 0x4
-	RENAME_NOFOLLOW_ANY                     = 0x10
-	RENAME_RESERVED1                        = 0x8
-	RENAME_SECLUDE                          = 0x1
-	RENAME_SWAP                             = 0x2
 	RLIMIT_AS                               = 0x5
 	RLIMIT_CORE                             = 0x4
 	RLIMIT_CPU                              = 0x0
@@ -1268,10 +1260,6 @@ const (
 	RTV_SSTHRESH                            = 0x20
 	RUSAGE_CHILDREN                         = -0x1
 	RUSAGE_SELF                             = 0x0
-	SAE_ASSOCID_ALL                         = 0xffffffff
-	SAE_ASSOCID_ANY                         = 0x0
-	SAE_CONNID_ALL                          = 0xffffffff
-	SAE_CONNID_ANY                          = 0x0
 	SCM_CREDS                               = 0x3
 	SCM_RIGHTS                              = 0x1
 	SCM_TIMESTAMP                           = 0x2
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go
index 6ebc48b3f..36bf8399f 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go
@@ -321,9 +321,6 @@ const (
 	AUDIT_INTEGRITY_STATUS                      = 0x70a
 	AUDIT_IPC                                   = 0x517
 	AUDIT_IPC_SET_PERM                          = 0x51f
-	AUDIT_IPE_ACCESS                            = 0x58c
-	AUDIT_IPE_CONFIG_CHANGE                     = 0x58d
-	AUDIT_IPE_POLICY_LOAD                       = 0x58e
 	AUDIT_KERNEL                                = 0x7d0
 	AUDIT_KERNEL_OTHER                          = 0x524
 	AUDIT_KERN_MODULE                           = 0x532
@@ -460,7 +457,6 @@ const (
 	B600                                        = 0x8
 	B75                                         = 0x2
 	B9600                                       = 0xd
-	BCACHEFS_SUPER_MAGIC                        = 0xca451a4e
 	BDEVFS_MAGIC                                = 0x62646576
 	BINDERFS_SUPER_MAGIC                        = 0x6c6f6f70
 	BINFMTFS_MAGIC                              = 0x42494e4d
@@ -492,14 +488,11 @@ const (
 	BPF_F_ID                                    = 0x20
 	BPF_F_NETFILTER_IP_DEFRAG                   = 0x1
 	BPF_F_QUERY_EFFECTIVE                       = 0x1
-	BPF_F_REDIRECT_FLAGS                        = 0x19
 	BPF_F_REPLACE                               = 0x4
 	BPF_F_SLEEPABLE                             = 0x10
 	BPF_F_STRICT_ALIGNMENT                      = 0x1
-	BPF_F_TEST_REG_INVARIANTS                   = 0x80
 	BPF_F_TEST_RND_HI32                         = 0x4
 	BPF_F_TEST_RUN_ON_CPU                       = 0x1
-	BPF_F_TEST_SKB_CHECKSUM_COMPLETE            = 0x4
 	BPF_F_TEST_STATE_FREQ                       = 0x8
 	BPF_F_TEST_XDP_LIVE_FRAMES                  = 0x2
 	BPF_F_XDP_DEV_BOUND_ONLY                    = 0x40
@@ -508,7 +501,6 @@ const (
 	BPF_IMM                                     = 0x0
 	BPF_IND                                     = 0x40
 	BPF_JA                                      = 0x0
-	BPF_JCOND                                   = 0xe0
 	BPF_JEQ                                     = 0x10
 	BPF_JGE                                     = 0x30
 	BPF_JGT                                     = 0x20
@@ -664,9 +656,6 @@ const (
 	CAN_NPROTO                                  = 0x8
 	CAN_RAW                                     = 0x1
 	CAN_RAW_FILTER_MAX                          = 0x200
-	CAN_RAW_XL_VCID_RX_FILTER                   = 0x4
-	CAN_RAW_XL_VCID_TX_PASS                     = 0x2
-	CAN_RAW_XL_VCID_TX_SET                      = 0x1
 	CAN_RTR_FLAG                                = 0x40000000
 	CAN_SFF_ID_BITS                             = 0xb
 	CAN_SFF_MASK                                = 0x7ff
@@ -934,7 +923,6 @@ const (
 	EPOLL_CTL_ADD                               = 0x1
 	EPOLL_CTL_DEL                               = 0x2
 	EPOLL_CTL_MOD                               = 0x3
-	EPOLL_IOC_TYPE                              = 0x8a
 	EROFS_SUPER_MAGIC_V1                        = 0xe0f5e1e2
 	ESP_V4_FLOW                                 = 0xa
 	ESP_V6_FLOW                                 = 0xc
@@ -948,6 +936,9 @@ const (
 	ETHTOOL_FEC_OFF                             = 0x4
 	ETHTOOL_FEC_RS                              = 0x8
 	ETHTOOL_FLAG_ALL                            = 0x7
+	ETHTOOL_FLAG_COMPACT_BITSETS                = 0x1
+	ETHTOOL_FLAG_OMIT_REPLY                     = 0x2
+	ETHTOOL_FLAG_STATS                          = 0x4
 	ETHTOOL_FLASHDEV                            = 0x33
 	ETHTOOL_FLASH_MAX_FILENAME                  = 0x80
 	ETHTOOL_FWVERS_LEN                          = 0x20
@@ -1170,7 +1161,6 @@ const (
 	EXTA                                        = 0xe
 	EXTB                                        = 0xf
 	F2FS_SUPER_MAGIC                            = 0xf2f52010
-	FALLOC_FL_ALLOCATE_RANGE                    = 0x0
 	FALLOC_FL_COLLAPSE_RANGE                    = 0x8
 	FALLOC_FL_INSERT_RANGE                      = 0x20
 	FALLOC_FL_KEEP_SIZE                         = 0x1
@@ -1348,7 +1338,6 @@ const (
 	F_OFD_SETLK                                 = 0x25
 	F_OFD_SETLKW                                = 0x26
 	F_OK                                        = 0x0
-	F_SEAL_EXEC                                 = 0x20
 	F_SEAL_FUTURE_WRITE                         = 0x10
 	F_SEAL_GROW                                 = 0x4
 	F_SEAL_SEAL                                 = 0x1
@@ -1637,7 +1626,6 @@ const (
 	IP_FREEBIND                                 = 0xf
 	IP_HDRINCL                                  = 0x3
 	IP_IPSEC_POLICY                             = 0x10
-	IP_LOCAL_PORT_RANGE                         = 0x33
 	IP_MAXPACKET                                = 0xffff
 	IP_MAX_MEMBERSHIPS                          = 0x14
 	IP_MF                                       = 0x2000
@@ -1664,7 +1652,6 @@ const (
 	IP_PMTUDISC_OMIT                            = 0x5
 	IP_PMTUDISC_PROBE                           = 0x3
 	IP_PMTUDISC_WANT                            = 0x1
-	IP_PROTOCOL                                 = 0x34
 	IP_RECVERR                                  = 0xb
 	IP_RECVERR_RFC4884                          = 0x1a
 	IP_RECVFRAGSIZE                             = 0x19
@@ -1710,8 +1697,6 @@ const (
 	KEXEC_ARCH_S390                             = 0x160000
 	KEXEC_ARCH_SH                               = 0x2a0000
 	KEXEC_ARCH_X86_64                           = 0x3e0000
-	KEXEC_CRASH_HOTPLUG_SUPPORT                 = 0x8
-	KEXEC_FILE_DEBUG                            = 0x8
 	KEXEC_FILE_NO_INITRAMFS                     = 0x4
 	KEXEC_FILE_ON_CRASH                         = 0x2
 	KEXEC_FILE_UNLOAD                           = 0x1
@@ -1786,7 +1771,6 @@ const (
 	KEY_SPEC_USER_KEYRING                       = -0x4
 	KEY_SPEC_USER_SESSION_KEYRING               = -0x5
 	LANDLOCK_ACCESS_FS_EXECUTE                  = 0x1
-	LANDLOCK_ACCESS_FS_IOCTL_DEV                = 0x8000
 	LANDLOCK_ACCESS_FS_MAKE_BLOCK               = 0x800
 	LANDLOCK_ACCESS_FS_MAKE_CHAR                = 0x40
 	LANDLOCK_ACCESS_FS_MAKE_DIR                 = 0x80
@@ -1804,8 +1788,6 @@ const (
 	LANDLOCK_ACCESS_NET_BIND_TCP                = 0x1
 	LANDLOCK_ACCESS_NET_CONNECT_TCP             = 0x2
 	LANDLOCK_CREATE_RULESET_VERSION             = 0x1
-	LANDLOCK_SCOPE_ABSTRACT_UNIX_SOCKET         = 0x1
-	LANDLOCK_SCOPE_SIGNAL                       = 0x2
 	LINUX_REBOOT_CMD_CAD_OFF                    = 0x0
 	LINUX_REBOOT_CMD_CAD_ON                     = 0x89abcdef
 	LINUX_REBOOT_CMD_HALT                       = 0xcdef0123
@@ -1870,19 +1852,6 @@ const (
 	MAP_FILE                                    = 0x0
 	MAP_FIXED                                   = 0x10
 	MAP_FIXED_NOREPLACE                         = 0x100000
-	MAP_HUGE_16GB                               = 0x88000000
-	MAP_HUGE_16KB                               = 0x38000000
-	MAP_HUGE_16MB                               = 0x60000000
-	MAP_HUGE_1GB                                = 0x78000000
-	MAP_HUGE_1MB                                = 0x50000000
-	MAP_HUGE_256MB                              = 0x70000000
-	MAP_HUGE_2GB                                = 0x7c000000
-	MAP_HUGE_2MB                                = 0x54000000
-	MAP_HUGE_32MB                               = 0x64000000
-	MAP_HUGE_512KB                              = 0x4c000000
-	MAP_HUGE_512MB                              = 0x74000000
-	MAP_HUGE_64KB                               = 0x40000000
-	MAP_HUGE_8MB                                = 0x5c000000
 	MAP_HUGE_MASK                               = 0x3f
 	MAP_HUGE_SHIFT                              = 0x1a
 	MAP_PRIVATE                                 = 0x2
@@ -1929,9 +1898,6 @@ const (
 	MNT_DETACH                                  = 0x2
 	MNT_EXPIRE                                  = 0x4
 	MNT_FORCE                                   = 0x1
-	MNT_ID_REQ_SIZE_VER0                        = 0x18
-	MNT_ID_REQ_SIZE_VER1                        = 0x20
-	MNT_NS_INFO_SIZE_VER0                       = 0x10
 	MODULE_INIT_COMPRESSED_FILE                 = 0x4
 	MODULE_INIT_IGNORE_MODVERSIONS              = 0x1
 	MODULE_INIT_IGNORE_VERMAGIC                 = 0x2
@@ -2197,10 +2163,10 @@ const (
 	NFT_REG_SIZE                                = 0x10
 	NFT_REJECT_ICMPX_MAX                        = 0x3
 	NFT_RT_MAX                                  = 0x4
-	NFT_SECMARK_CTX_MAXLEN                      = 0x1000
+	NFT_SECMARK_CTX_MAXLEN                      = 0x100
 	NFT_SET_MAXNAMELEN                          = 0x100
 	NFT_SOCKET_MAX                              = 0x3
-	NFT_TABLE_F_MASK                            = 0x7
+	NFT_TABLE_F_MASK                            = 0x3
 	NFT_TABLE_MAXNAMELEN                        = 0x100
 	NFT_TRACETYPE_MAX                           = 0x3
 	NFT_TUNNEL_F_MASK                           = 0x7
@@ -2336,7 +2302,6 @@ const (
 	PERF_AUX_FLAG_PARTIAL                       = 0x4
 	PERF_AUX_FLAG_PMU_FORMAT_TYPE_MASK          = 0xff00
 	PERF_AUX_FLAG_TRUNCATED                     = 0x1
-	PERF_BRANCH_ENTRY_INFO_BITS_MAX             = 0x21
 	PERF_BR_ARM64_DEBUG_DATA                    = 0x7
 	PERF_BR_ARM64_DEBUG_EXIT                    = 0x5
 	PERF_BR_ARM64_DEBUG_HALT                    = 0x4
@@ -2366,11 +2331,9 @@ const (
 	PERF_MEM_LVLNUM_IO                          = 0xa
 	PERF_MEM_LVLNUM_L1                          = 0x1
 	PERF_MEM_LVLNUM_L2                          = 0x2
-	PERF_MEM_LVLNUM_L2_MHB                      = 0x5
 	PERF_MEM_LVLNUM_L3                          = 0x3
 	PERF_MEM_LVLNUM_L4                          = 0x4
 	PERF_MEM_LVLNUM_LFB                         = 0xc
-	PERF_MEM_LVLNUM_MSC                         = 0x6
 	PERF_MEM_LVLNUM_NA                          = 0xf
 	PERF_MEM_LVLNUM_PMEM                        = 0xe
 	PERF_MEM_LVLNUM_RAM                         = 0xd
@@ -2436,14 +2399,12 @@ const (
 	PERF_RECORD_MISC_USER                       = 0x2
 	PERF_SAMPLE_BRANCH_PLM_ALL                  = 0x7
 	PERF_SAMPLE_WEIGHT_TYPE                     = 0x1004000
-	PID_FS_MAGIC                                = 0x50494446
 	PIPEFS_MAGIC                                = 0x50495045
 	PPPIOCGNPMODE                               = 0xc008744c
 	PPPIOCNEWUNIT                               = 0xc004743e
 	PRIO_PGRP                                   = 0x1
 	PRIO_PROCESS                                = 0x0
 	PRIO_USER                                   = 0x2
-	PROCFS_IOCTL_MAGIC                          = 'f'
 	PROC_SUPER_MAGIC                            = 0x9fa0
 	PROT_EXEC                                   = 0x4
 	PROT_GROWSDOWN                              = 0x1000000
@@ -2525,23 +2486,6 @@ const (
 	PR_PAC_GET_ENABLED_KEYS                     = 0x3d
 	PR_PAC_RESET_KEYS                           = 0x36
 	PR_PAC_SET_ENABLED_KEYS                     = 0x3c
-	PR_PPC_DEXCR_CTRL_CLEAR                     = 0x4
-	PR_PPC_DEXCR_CTRL_CLEAR_ONEXEC              = 0x10
-	PR_PPC_DEXCR_CTRL_EDITABLE                  = 0x1
-	PR_PPC_DEXCR_CTRL_MASK                      = 0x1f
-	PR_PPC_DEXCR_CTRL_SET                       = 0x2
-	PR_PPC_DEXCR_CTRL_SET_ONEXEC                = 0x8
-	PR_PPC_DEXCR_IBRTPD                         = 0x1
-	PR_PPC_DEXCR_NPHIE                          = 0x3
-	PR_PPC_DEXCR_SBHE                           = 0x0
-	PR_PPC_DEXCR_SRAPD                          = 0x2
-	PR_PPC_GET_DEXCR                            = 0x48
-	PR_PPC_SET_DEXCR                            = 0x49
-	PR_RISCV_CTX_SW_FENCEI_OFF                  = 0x1
-	PR_RISCV_CTX_SW_FENCEI_ON                   = 0x0
-	PR_RISCV_SCOPE_PER_PROCESS                  = 0x0
-	PR_RISCV_SCOPE_PER_THREAD                   = 0x1
-	PR_RISCV_SET_ICACHE_FLUSH_CTX               = 0x47
 	PR_RISCV_V_GET_CONTROL                      = 0x46
 	PR_RISCV_V_SET_CONTROL                      = 0x45
 	PR_RISCV_V_VSTATE_CTRL_CUR_MASK             = 0x3
@@ -2633,28 +2577,6 @@ const (
 	PR_UNALIGN_NOPRINT                          = 0x1
 	PR_UNALIGN_SIGBUS                           = 0x2
 	PSTOREFS_MAGIC                              = 0x6165676c
-	PTP_CLK_MAGIC                               = '='
-	PTP_ENABLE_FEATURE                          = 0x1
-	PTP_EXTTS_EDGES                             = 0x6
-	PTP_EXTTS_EVENT_VALID                       = 0x1
-	PTP_EXTTS_V1_VALID_FLAGS                    = 0x7
-	PTP_EXTTS_VALID_FLAGS                       = 0x1f
-	PTP_EXT_OFFSET                              = 0x10
-	PTP_FALLING_EDGE                            = 0x4
-	PTP_MAX_SAMPLES                             = 0x19
-	PTP_PEROUT_DUTY_CYCLE                       = 0x2
-	PTP_PEROUT_ONE_SHOT                         = 0x1
-	PTP_PEROUT_PHASE                            = 0x4
-	PTP_PEROUT_V1_VALID_FLAGS                   = 0x0
-	PTP_PEROUT_VALID_FLAGS                      = 0x7
-	PTP_PIN_GETFUNC                             = 0xc0603d06
-	PTP_PIN_GETFUNC2                            = 0xc0603d0f
-	PTP_RISING_EDGE                             = 0x2
-	PTP_STRICT_FLAGS                            = 0x8
-	PTP_SYS_OFFSET_EXTENDED                     = 0xc4c03d09
-	PTP_SYS_OFFSET_EXTENDED2                    = 0xc4c03d12
-	PTP_SYS_OFFSET_PRECISE                      = 0xc0403d08
-	PTP_SYS_OFFSET_PRECISE2                     = 0xc0403d11
 	PTRACE_ATTACH                               = 0x10
 	PTRACE_CONT                                 = 0x7
 	PTRACE_DETACH                               = 0x11
@@ -2968,17 +2890,14 @@ const (
 	RUSAGE_SELF                                 = 0x0
 	RUSAGE_THREAD                               = 0x1
 	RWF_APPEND                                  = 0x10
-	RWF_ATOMIC                                  = 0x40
 	RWF_DSYNC                                   = 0x2
 	RWF_HIPRI                                   = 0x1
-	RWF_NOAPPEND                                = 0x20
 	RWF_NOWAIT                                  = 0x8
-	RWF_SUPPORTED                               = 0x7f
+	RWF_SUPPORTED                               = 0x1f
 	RWF_SYNC                                    = 0x4
 	RWF_WRITE_LIFE_NOT_SET                      = 0x0
 	SCHED_BATCH                                 = 0x3
 	SCHED_DEADLINE                              = 0x6
-	SCHED_EXT                                   = 0x7
 	SCHED_FIFO                                  = 0x1
 	SCHED_FLAG_ALL                              = 0x7f
 	SCHED_FLAG_DL_OVERRUN                       = 0x4
@@ -2995,9 +2914,7 @@ const (
 	SCHED_RESET_ON_FORK                         = 0x40000000
 	SCHED_RR                                    = 0x2
 	SCM_CREDENTIALS                             = 0x2
-	SCM_PIDFD                                   = 0x4
 	SCM_RIGHTS                                  = 0x1
-	SCM_SECURITY                                = 0x3
 	SCM_TIMESTAMP                               = 0x1d
 	SC_LOG_FLUSH                                = 0x100000
 	SECCOMP_ADDFD_FLAG_SEND                     = 0x2
@@ -3130,8 +3047,6 @@ const (
 	SIOCSMIIREG                                 = 0x8949
 	SIOCSRARP                                   = 0x8962
 	SIOCWANDEV                                  = 0x894a
-	SK_DIAG_BPF_STORAGE_MAX                     = 0x3
-	SK_DIAG_BPF_STORAGE_REQ_MAX                 = 0x1
 	SMACK_MAGIC                                 = 0x43415d53
 	SMART_AUTOSAVE                              = 0xd2
 	SMART_AUTO_OFFLINE                          = 0xdb
@@ -3152,8 +3067,6 @@ const (
 	SOCKFS_MAGIC                                = 0x534f434b
 	SOCK_BUF_LOCK_MASK                          = 0x3
 	SOCK_DCCP                                   = 0x6
-	SOCK_DESTROY                                = 0x15
-	SOCK_DIAG_BY_FAMILY                         = 0x14
 	SOCK_IOC_TYPE                               = 0x89
 	SOCK_PACKET                                 = 0xa
 	SOCK_RAW                                    = 0x3
@@ -3247,7 +3160,6 @@ const (
 	STATX_ATTR_MOUNT_ROOT                       = 0x2000
 	STATX_ATTR_NODUMP                           = 0x40
 	STATX_ATTR_VERITY                           = 0x100000
-	STATX_ATTR_WRITE_ATOMIC                     = 0x400000
 	STATX_BASIC_STATS                           = 0x7ff
 	STATX_BLOCKS                                = 0x400
 	STATX_BTIME                                 = 0x800
@@ -3256,15 +3168,12 @@ const (
 	STATX_GID                                   = 0x10
 	STATX_INO                                   = 0x100
 	STATX_MNT_ID                                = 0x1000
-	STATX_MNT_ID_UNIQUE                         = 0x4000
 	STATX_MODE                                  = 0x2
 	STATX_MTIME                                 = 0x40
 	STATX_NLINK                                 = 0x4
 	STATX_SIZE                                  = 0x200
-	STATX_SUBVOL                                = 0x8000
 	STATX_TYPE                                  = 0x1
 	STATX_UID                                   = 0x8
-	STATX_WRITE_ATOMIC                          = 0x10000
 	STATX__RESERVED                             = 0x80000000
 	SYNC_FILE_RANGE_WAIT_AFTER                  = 0x4
 	SYNC_FILE_RANGE_WAIT_BEFORE                 = 0x1
@@ -3346,7 +3255,6 @@ const (
 	TCP_MAX_WINSHIFT                            = 0xe
 	TCP_MD5SIG                                  = 0xe
 	TCP_MD5SIG_EXT                              = 0x20
-	TCP_MD5SIG_FLAG_IFINDEX                     = 0x2
 	TCP_MD5SIG_FLAG_PREFIX                      = 0x1
 	TCP_MD5SIG_MAXKEYLEN                        = 0x50
 	TCP_MSS                                     = 0x200
@@ -3654,17 +3562,12 @@ const (
 	XDP_RX_RING                                 = 0x2
 	XDP_SHARED_UMEM                             = 0x1
 	XDP_STATISTICS                              = 0x7
-	XDP_TXMD_FLAGS_CHECKSUM                     = 0x2
-	XDP_TXMD_FLAGS_TIMESTAMP                    = 0x1
-	XDP_TX_METADATA                             = 0x2
 	XDP_TX_RING                                 = 0x3
 	XDP_UMEM_COMPLETION_RING                    = 0x6
 	XDP_UMEM_FILL_RING                          = 0x5
 	XDP_UMEM_PGOFF_COMPLETION_RING              = 0x180000000
 	XDP_UMEM_PGOFF_FILL_RING                    = 0x100000000
 	XDP_UMEM_REG                                = 0x4
-	XDP_UMEM_TX_METADATA_LEN                    = 0x4
-	XDP_UMEM_TX_SW_CSUM                         = 0x2
 	XDP_UMEM_UNALIGNED_CHUNK_FLAG               = 0x1
 	XDP_USE_NEED_WAKEUP                         = 0x8
 	XDP_USE_SG                                  = 0x10
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
index c0d45e320..42ff8c3c1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x80088a02
-	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -109,7 +107,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
-	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -121,7 +118,6 @@ const (
 	IXOFF                            = 0x1000
 	IXON                             = 0x400
 	MAP_32BIT                        = 0x40
-	MAP_ABOVE4G                      = 0x80
 	MAP_ANON                         = 0x20
 	MAP_ANONYMOUS                    = 0x20
 	MAP_DENYWRITE                    = 0x800
@@ -154,14 +150,9 @@ const (
 	NFDBITS                          = 0x20
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
-	NS_GET_PID_FROM_PIDNS            = 0x8004b706
-	NS_GET_PID_IN_PIDNS              = 0x8004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
-	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -238,20 +229,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffff
-	PTP_CLOCK_GETCAPS                = 0x80503d01
-	PTP_CLOCK_GETCAPS2               = 0x80503d0a
-	PTP_ENABLE_PPS                   = 0x40043d04
-	PTP_ENABLE_PPS2                  = 0x40043d0d
-	PTP_EXTTS_REQUEST                = 0x40103d02
-	PTP_EXTTS_REQUEST2               = 0x40103d0b
-	PTP_MASK_CLEAR_ALL               = 0x3d13
-	PTP_MASK_EN_SINGLE               = 0x40043d14
-	PTP_PEROUT_REQUEST               = 0x40383d03
-	PTP_PEROUT_REQUEST2              = 0x40383d0c
-	PTP_PIN_SETFUNC                  = 0x40603d07
-	PTP_PIN_SETFUNC2                 = 0x40603d10
-	PTP_SYS_OFFSET                   = 0x43403d05
-	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETFPXREGS                = 0x12
 	PTRACE_GET_THREAD_AREA           = 0x19
@@ -298,8 +275,6 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -338,9 +313,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
index c731d24f0..dca436004 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x80088a02
-	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -109,7 +107,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
-	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -121,7 +118,6 @@ const (
 	IXOFF                            = 0x1000
 	IXON                             = 0x400
 	MAP_32BIT                        = 0x40
-	MAP_ABOVE4G                      = 0x80
 	MAP_ANON                         = 0x20
 	MAP_ANONYMOUS                    = 0x20
 	MAP_DENYWRITE                    = 0x800
@@ -154,14 +150,9 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
-	NS_GET_PID_FROM_PIDNS            = 0x8004b706
-	NS_GET_PID_IN_PIDNS              = 0x8004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
-	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -238,20 +229,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x80503d01
-	PTP_CLOCK_GETCAPS2               = 0x80503d0a
-	PTP_ENABLE_PPS                   = 0x40043d04
-	PTP_ENABLE_PPS2                  = 0x40043d0d
-	PTP_EXTTS_REQUEST                = 0x40103d02
-	PTP_EXTTS_REQUEST2               = 0x40103d0b
-	PTP_MASK_CLEAR_ALL               = 0x3d13
-	PTP_MASK_EN_SINGLE               = 0x40043d14
-	PTP_PEROUT_REQUEST               = 0x40383d03
-	PTP_PEROUT_REQUEST2              = 0x40383d0c
-	PTP_PIN_SETFUNC                  = 0x40603d07
-	PTP_PIN_SETFUNC2                 = 0x40603d10
-	PTP_SYS_OFFSET                   = 0x43403d05
-	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_ARCH_PRCTL                = 0x1e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETFPXREGS                = 0x12
@@ -299,8 +276,6 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -339,9 +314,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
index 680018a4a..5cca668ac 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x80088a02
-	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
-	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -151,14 +148,9 @@ const (
 	NFDBITS                          = 0x20
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
-	NS_GET_PID_FROM_PIDNS            = 0x8004b706
-	NS_GET_PID_IN_PIDNS              = 0x8004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
-	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -235,20 +227,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffff
-	PTP_CLOCK_GETCAPS                = 0x80503d01
-	PTP_CLOCK_GETCAPS2               = 0x80503d0a
-	PTP_ENABLE_PPS                   = 0x40043d04
-	PTP_ENABLE_PPS2                  = 0x40043d0d
-	PTP_EXTTS_REQUEST                = 0x40103d02
-	PTP_EXTTS_REQUEST2               = 0x40103d0b
-	PTP_MASK_CLEAR_ALL               = 0x3d13
-	PTP_MASK_EN_SINGLE               = 0x40043d14
-	PTP_PEROUT_REQUEST               = 0x40383d03
-	PTP_PEROUT_REQUEST2              = 0x40383d0c
-	PTP_PIN_SETFUNC                  = 0x40603d07
-	PTP_PIN_SETFUNC2                 = 0x40603d10
-	PTP_SYS_OFFSET                   = 0x43403d05
-	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_GETCRUNCHREGS             = 0x19
 	PTRACE_GETFDPIC                  = 0x1f
 	PTRACE_GETFDPIC_EXEC             = 0x0
@@ -304,8 +282,6 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -344,9 +320,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
index a63909f30..d8cae6d15 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x80088a02
-	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	ESR_MAGIC                        = 0x45535201
 	EXTPROC                          = 0x10000
@@ -89,7 +87,6 @@ const (
 	FICLONE                          = 0x40049409
 	FICLONERANGE                     = 0x4020940d
 	FLUSHO                           = 0x1000
-	FPMR_MAGIC                       = 0x46504d52
 	FPSIMD_MAGIC                     = 0x46508001
 	FS_IOC_ENABLE_VERITY             = 0x40806685
 	FS_IOC_GETFLAGS                  = 0x80086601
@@ -112,7 +109,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
-	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -155,14 +151,9 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
-	NS_GET_PID_FROM_PIDNS            = 0x8004b706
-	NS_GET_PID_IN_PIDNS              = 0x8004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
-	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -206,7 +197,6 @@ const (
 	PERF_EVENT_IOC_SET_BPF           = 0x40042408
 	PERF_EVENT_IOC_SET_FILTER        = 0x40082406
 	PERF_EVENT_IOC_SET_OUTPUT        = 0x2405
-	POE_MAGIC                        = 0x504f4530
 	PPPIOCATTACH                     = 0x4004743d
 	PPPIOCATTCHAN                    = 0x40047438
 	PPPIOCBRIDGECHAN                 = 0x40047435
@@ -242,20 +232,6 @@ const (
 	PROT_BTI                         = 0x10
 	PROT_MTE                         = 0x20
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x80503d01
-	PTP_CLOCK_GETCAPS2               = 0x80503d0a
-	PTP_ENABLE_PPS                   = 0x40043d04
-	PTP_ENABLE_PPS2                  = 0x40043d0d
-	PTP_EXTTS_REQUEST                = 0x40103d02
-	PTP_EXTTS_REQUEST2               = 0x40103d0b
-	PTP_MASK_CLEAR_ALL               = 0x3d13
-	PTP_MASK_EN_SINGLE               = 0x40043d14
-	PTP_PEROUT_REQUEST               = 0x40383d03
-	PTP_PEROUT_REQUEST2              = 0x40383d0c
-	PTP_PIN_SETFUNC                  = 0x40603d07
-	PTP_PIN_SETFUNC2                 = 0x40603d10
-	PTP_SYS_OFFSET                   = 0x43403d05
-	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_PEEKMTETAGS               = 0x21
 	PTRACE_POKEMTETAGS               = 0x22
 	PTRACE_SYSEMU                    = 0x1f
@@ -296,8 +272,6 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -336,9 +310,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
index 9b0a2573f..28e39afdc 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x80088a02
-	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -109,7 +107,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
-	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -155,14 +152,9 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
-	NS_GET_PID_FROM_PIDNS            = 0x8004b706
-	NS_GET_PID_IN_PIDNS              = 0x8004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
-	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -239,20 +231,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x80503d01
-	PTP_CLOCK_GETCAPS2               = 0x80503d0a
-	PTP_ENABLE_PPS                   = 0x40043d04
-	PTP_ENABLE_PPS2                  = 0x40043d0d
-	PTP_EXTTS_REQUEST                = 0x40103d02
-	PTP_EXTTS_REQUEST2               = 0x40103d0b
-	PTP_MASK_CLEAR_ALL               = 0x3d13
-	PTP_MASK_EN_SINGLE               = 0x40043d14
-	PTP_PEROUT_REQUEST               = 0x40383d03
-	PTP_PEROUT_REQUEST2              = 0x40383d0c
-	PTP_PIN_SETFUNC                  = 0x40603d07
-	PTP_PIN_SETFUNC2                 = 0x40603d10
-	PTP_SYS_OFFSET                   = 0x43403d05
-	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_SYSEMU                    = 0x1f
 	PTRACE_SYSEMU_SINGLESTEP         = 0x20
 	RLIMIT_AS                        = 0x9
@@ -291,8 +269,6 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -331,9 +307,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
index 958e6e064..cd66e92cb 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x80
-	EPIOCGPARAMS                     = 0x40088a02
-	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
-	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x100
@@ -151,14 +148,9 @@ const (
 	NFDBITS                          = 0x20
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
-	NS_GET_PID_FROM_PIDNS            = 0x4004b706
-	NS_GET_PID_IN_PIDNS              = 0x4004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
-	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -235,20 +227,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffff
-	PTP_CLOCK_GETCAPS                = 0x40503d01
-	PTP_CLOCK_GETCAPS2               = 0x40503d0a
-	PTP_ENABLE_PPS                   = 0x80043d04
-	PTP_ENABLE_PPS2                  = 0x80043d0d
-	PTP_EXTTS_REQUEST                = 0x80103d02
-	PTP_EXTTS_REQUEST2               = 0x80103d0b
-	PTP_MASK_CLEAR_ALL               = 0x20003d13
-	PTP_MASK_EN_SINGLE               = 0x80043d14
-	PTP_PEROUT_REQUEST               = 0x80383d03
-	PTP_PEROUT_REQUEST2              = 0x80383d0c
-	PTP_PIN_SETFUNC                  = 0x80603d07
-	PTP_PIN_SETFUNC2                 = 0x80603d10
-	PTP_SYS_OFFSET                   = 0x83403d05
-	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GET_THREAD_AREA           = 0x19
 	PTRACE_GET_THREAD_AREA_3264      = 0xc4
@@ -297,8 +275,6 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -337,9 +313,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
index 50c7f25bd..c1595eba7 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x80
-	EPIOCGPARAMS                     = 0x40088a02
-	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
-	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x100
@@ -151,14 +148,9 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
-	NS_GET_PID_FROM_PIDNS            = 0x4004b706
-	NS_GET_PID_IN_PIDNS              = 0x4004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
-	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -235,20 +227,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x40503d01
-	PTP_CLOCK_GETCAPS2               = 0x40503d0a
-	PTP_ENABLE_PPS                   = 0x80043d04
-	PTP_ENABLE_PPS2                  = 0x80043d0d
-	PTP_EXTTS_REQUEST                = 0x80103d02
-	PTP_EXTTS_REQUEST2               = 0x80103d0b
-	PTP_MASK_CLEAR_ALL               = 0x20003d13
-	PTP_MASK_EN_SINGLE               = 0x80043d14
-	PTP_PEROUT_REQUEST               = 0x80383d03
-	PTP_PEROUT_REQUEST2              = 0x80383d0c
-	PTP_PIN_SETFUNC                  = 0x80603d07
-	PTP_PIN_SETFUNC2                 = 0x80603d10
-	PTP_SYS_OFFSET                   = 0x83403d05
-	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GET_THREAD_AREA           = 0x19
 	PTRACE_GET_THREAD_AREA_3264      = 0xc4
@@ -297,8 +275,6 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -337,9 +313,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
index ced21d66d..ee9456b0d 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x80
-	EPIOCGPARAMS                     = 0x40088a02
-	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
-	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x100
@@ -151,14 +148,9 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
-	NS_GET_PID_FROM_PIDNS            = 0x4004b706
-	NS_GET_PID_IN_PIDNS              = 0x4004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
-	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -235,20 +227,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x40503d01
-	PTP_CLOCK_GETCAPS2               = 0x40503d0a
-	PTP_ENABLE_PPS                   = 0x80043d04
-	PTP_ENABLE_PPS2                  = 0x80043d0d
-	PTP_EXTTS_REQUEST                = 0x80103d02
-	PTP_EXTTS_REQUEST2               = 0x80103d0b
-	PTP_MASK_CLEAR_ALL               = 0x20003d13
-	PTP_MASK_EN_SINGLE               = 0x80043d14
-	PTP_PEROUT_REQUEST               = 0x80383d03
-	PTP_PEROUT_REQUEST2              = 0x80383d0c
-	PTP_PIN_SETFUNC                  = 0x80603d07
-	PTP_PIN_SETFUNC2                 = 0x80603d10
-	PTP_SYS_OFFSET                   = 0x83403d05
-	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GET_THREAD_AREA           = 0x19
 	PTRACE_GET_THREAD_AREA_3264      = 0xc4
@@ -297,8 +275,6 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -337,9 +313,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
index 226c04419..8cfca81e1 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x80
-	EPIOCGPARAMS                     = 0x40088a02
-	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
-	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x100
@@ -151,14 +148,9 @@ const (
 	NFDBITS                          = 0x20
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
-	NS_GET_PID_FROM_PIDNS            = 0x4004b706
-	NS_GET_PID_IN_PIDNS              = 0x4004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
-	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -235,20 +227,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffff
-	PTP_CLOCK_GETCAPS                = 0x40503d01
-	PTP_CLOCK_GETCAPS2               = 0x40503d0a
-	PTP_ENABLE_PPS                   = 0x80043d04
-	PTP_ENABLE_PPS2                  = 0x80043d0d
-	PTP_EXTTS_REQUEST                = 0x80103d02
-	PTP_EXTTS_REQUEST2               = 0x80103d0b
-	PTP_MASK_CLEAR_ALL               = 0x20003d13
-	PTP_MASK_EN_SINGLE               = 0x80043d14
-	PTP_PEROUT_REQUEST               = 0x80383d03
-	PTP_PEROUT_REQUEST2              = 0x80383d0c
-	PTP_PIN_SETFUNC                  = 0x80603d07
-	PTP_PIN_SETFUNC2                 = 0x80603d10
-	PTP_SYS_OFFSET                   = 0x83403d05
-	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GET_THREAD_AREA           = 0x19
 	PTRACE_GET_THREAD_AREA_3264      = 0xc4
@@ -297,8 +275,6 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -337,9 +313,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
index 3122737cd..60b0deb3a 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x20
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x40088a02
-	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000000
 	FF1                              = 0x4000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
-	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x4000
 	ICANON                           = 0x100
 	IEXTEN                           = 0x400
@@ -153,14 +150,9 @@ const (
 	NL3                              = 0x300
 	NLDLY                            = 0x300
 	NOFLSH                           = 0x80000000
-	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
-	NS_GET_PID_FROM_PIDNS            = 0x4004b706
-	NS_GET_PID_IN_PIDNS              = 0x4004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
-	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x4
 	ONLCR                            = 0x2
@@ -238,20 +230,6 @@ const (
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PROT_SAO                         = 0x10
 	PR_SET_PTRACER_ANY               = 0xffffffff
-	PTP_CLOCK_GETCAPS                = 0x40503d01
-	PTP_CLOCK_GETCAPS2               = 0x40503d0a
-	PTP_ENABLE_PPS                   = 0x80043d04
-	PTP_ENABLE_PPS2                  = 0x80043d0d
-	PTP_EXTTS_REQUEST                = 0x80103d02
-	PTP_EXTTS_REQUEST2               = 0x80103d0b
-	PTP_MASK_CLEAR_ALL               = 0x20003d13
-	PTP_MASK_EN_SINGLE               = 0x80043d14
-	PTP_PEROUT_REQUEST               = 0x80383d03
-	PTP_PEROUT_REQUEST2              = 0x80383d0c
-	PTP_PIN_SETFUNC                  = 0x80603d07
-	PTP_PIN_SETFUNC2                 = 0x80603d10
-	PTP_SYS_OFFSET                   = 0x83403d05
-	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETEVRREGS                = 0x14
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETREGS64                 = 0x16
@@ -352,8 +330,6 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -392,9 +368,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
index eb5d3467e..f90aa7281 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x20
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x40088a02
-	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000000
 	FF1                              = 0x4000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
-	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x4000
 	ICANON                           = 0x100
 	IEXTEN                           = 0x400
@@ -153,14 +150,9 @@ const (
 	NL3                              = 0x300
 	NLDLY                            = 0x300
 	NOFLSH                           = 0x80000000
-	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
-	NS_GET_PID_FROM_PIDNS            = 0x4004b706
-	NS_GET_PID_IN_PIDNS              = 0x4004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
-	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x4
 	ONLCR                            = 0x2
@@ -238,20 +230,6 @@ const (
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PROT_SAO                         = 0x10
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x40503d01
-	PTP_CLOCK_GETCAPS2               = 0x40503d0a
-	PTP_ENABLE_PPS                   = 0x80043d04
-	PTP_ENABLE_PPS2                  = 0x80043d0d
-	PTP_EXTTS_REQUEST                = 0x80103d02
-	PTP_EXTTS_REQUEST2               = 0x80103d0b
-	PTP_MASK_CLEAR_ALL               = 0x20003d13
-	PTP_MASK_EN_SINGLE               = 0x80043d14
-	PTP_PEROUT_REQUEST               = 0x80383d03
-	PTP_PEROUT_REQUEST2              = 0x80383d0c
-	PTP_PIN_SETFUNC                  = 0x80603d07
-	PTP_PIN_SETFUNC2                 = 0x80603d10
-	PTP_SYS_OFFSET                   = 0x83403d05
-	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETEVRREGS                = 0x14
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETREGS64                 = 0x16
@@ -356,8 +334,6 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -396,9 +372,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
index e921ebc60..ba9e01503 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x20
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x40088a02
-	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000000
 	FF1                              = 0x4000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
-	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x4000
 	ICANON                           = 0x100
 	IEXTEN                           = 0x400
@@ -153,14 +150,9 @@ const (
 	NL3                              = 0x300
 	NLDLY                            = 0x300
 	NOFLSH                           = 0x80000000
-	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
-	NS_GET_PID_FROM_PIDNS            = 0x4004b706
-	NS_GET_PID_IN_PIDNS              = 0x4004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
-	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x4
 	ONLCR                            = 0x2
@@ -238,20 +230,6 @@ const (
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PROT_SAO                         = 0x10
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x40503d01
-	PTP_CLOCK_GETCAPS2               = 0x40503d0a
-	PTP_ENABLE_PPS                   = 0x80043d04
-	PTP_ENABLE_PPS2                  = 0x80043d0d
-	PTP_EXTTS_REQUEST                = 0x80103d02
-	PTP_EXTTS_REQUEST2               = 0x80103d0b
-	PTP_MASK_CLEAR_ALL               = 0x20003d13
-	PTP_MASK_EN_SINGLE               = 0x80043d14
-	PTP_PEROUT_REQUEST               = 0x80383d03
-	PTP_PEROUT_REQUEST2              = 0x80383d0c
-	PTP_PIN_SETFUNC                  = 0x80603d07
-	PTP_PIN_SETFUNC2                 = 0x80603d10
-	PTP_SYS_OFFSET                   = 0x83403d05
-	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETEVRREGS                = 0x14
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETREGS64                 = 0x16
@@ -356,8 +334,6 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -396,9 +372,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
index 38ba81c55..07cdfd6e9 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x80088a02
-	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
-	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -151,14 +148,9 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
-	NS_GET_PID_FROM_PIDNS            = 0x8004b706
-	NS_GET_PID_IN_PIDNS              = 0x8004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
-	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -235,20 +227,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x80503d01
-	PTP_CLOCK_GETCAPS2               = 0x80503d0a
-	PTP_ENABLE_PPS                   = 0x40043d04
-	PTP_ENABLE_PPS2                  = 0x40043d0d
-	PTP_EXTTS_REQUEST                = 0x40103d02
-	PTP_EXTTS_REQUEST2               = 0x40103d0b
-	PTP_MASK_CLEAR_ALL               = 0x3d13
-	PTP_MASK_EN_SINGLE               = 0x40043d14
-	PTP_PEROUT_REQUEST               = 0x40383d03
-	PTP_PEROUT_REQUEST2              = 0x40383d0c
-	PTP_PIN_SETFUNC                  = 0x40603d07
-	PTP_PIN_SETFUNC2                 = 0x40603d10
-	PTP_SYS_OFFSET                   = 0x43403d05
-	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_GETFDPIC                  = 0x21
 	PTRACE_GETFDPIC_EXEC             = 0x0
 	PTRACE_GETFDPIC_INTERP           = 0x1
@@ -288,8 +266,6 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -328,9 +304,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
index 71f040097..2f1dd214a 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go
@@ -78,8 +78,6 @@ const (
 	ECHOPRT                          = 0x400
 	EFD_CLOEXEC                      = 0x80000
 	EFD_NONBLOCK                     = 0x800
-	EPIOCGPARAMS                     = 0x80088a02
-	EPIOCSPARAMS                     = 0x40088a01
 	EPOLL_CLOEXEC                    = 0x80000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -108,7 +106,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x80084803
 	HIDIOCGRDESC                     = 0x90044802
 	HIDIOCGRDESCSIZE                 = 0x80044801
-	HIDIOCREVOKE                     = 0x4004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -151,14 +148,9 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x8008b705
 	NS_GET_NSTYPE                    = 0xb703
 	NS_GET_OWNER_UID                 = 0xb704
 	NS_GET_PARENT                    = 0xb702
-	NS_GET_PID_FROM_PIDNS            = 0x8004b706
-	NS_GET_PID_IN_PIDNS              = 0x8004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x8004b707
-	NS_GET_TGID_IN_PIDNS             = 0x8004b709
 	NS_GET_USERNS                    = 0xb701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -235,20 +227,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x7434
 	PPPIOCXFERUNIT                   = 0x744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x80503d01
-	PTP_CLOCK_GETCAPS2               = 0x80503d0a
-	PTP_ENABLE_PPS                   = 0x40043d04
-	PTP_ENABLE_PPS2                  = 0x40043d0d
-	PTP_EXTTS_REQUEST                = 0x40103d02
-	PTP_EXTTS_REQUEST2               = 0x40103d0b
-	PTP_MASK_CLEAR_ALL               = 0x3d13
-	PTP_MASK_EN_SINGLE               = 0x40043d14
-	PTP_PEROUT_REQUEST               = 0x40383d03
-	PTP_PEROUT_REQUEST2              = 0x40383d0c
-	PTP_PIN_SETFUNC                  = 0x40603d07
-	PTP_PIN_SETFUNC2                 = 0x40603d10
-	PTP_SYS_OFFSET                   = 0x43403d05
-	PTP_SYS_OFFSET2                  = 0x43403d0e
 	PTRACE_DISABLE_TE                = 0x5010
 	PTRACE_ENABLE_TE                 = 0x5009
 	PTRACE_GET_LAST_BREAK            = 0x5006
@@ -360,8 +338,6 @@ const (
 	RTC_WIE_ON                       = 0x700f
 	RTC_WKALM_RD                     = 0x80287010
 	RTC_WKALM_SET                    = 0x4028700f
-	SCM_DEVMEM_DMABUF                = 0x4f
-	SCM_DEVMEM_LINEAR                = 0x4e
 	SCM_TIMESTAMPING                 = 0x25
 	SCM_TIMESTAMPING_OPT_STATS       = 0x36
 	SCM_TIMESTAMPING_PKTINFO         = 0x3a
@@ -400,9 +376,6 @@ const (
 	SO_CNX_ADVICE                    = 0x35
 	SO_COOKIE                        = 0x39
 	SO_DETACH_REUSEPORT_BPF          = 0x44
-	SO_DEVMEM_DMABUF                 = 0x4f
-	SO_DEVMEM_DONTNEED               = 0x50
-	SO_DEVMEM_LINEAR                 = 0x4e
 	SO_DOMAIN                        = 0x27
 	SO_DONTROUTE                     = 0x5
 	SO_ERROR                         = 0x4
diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
index c44a31332..f40519d90 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go
@@ -82,8 +82,6 @@ const (
 	EFD_CLOEXEC                      = 0x400000
 	EFD_NONBLOCK                     = 0x4000
 	EMT_TAGOVF                       = 0x1
-	EPIOCGPARAMS                     = 0x40088a02
-	EPIOCSPARAMS                     = 0x80088a01
 	EPOLL_CLOEXEC                    = 0x400000
 	EXTPROC                          = 0x10000
 	FF1                              = 0x8000
@@ -112,7 +110,6 @@ const (
 	HIDIOCGRAWINFO                   = 0x40084803
 	HIDIOCGRDESC                     = 0x50044802
 	HIDIOCGRDESCSIZE                 = 0x40044801
-	HIDIOCREVOKE                     = 0x8004480d
 	HUPCL                            = 0x400
 	ICANON                           = 0x2
 	IEXTEN                           = 0x8000
@@ -156,14 +153,9 @@ const (
 	NFDBITS                          = 0x40
 	NLDLY                            = 0x100
 	NOFLSH                           = 0x80
-	NS_GET_MNTNS_ID                  = 0x4008b705
 	NS_GET_NSTYPE                    = 0x2000b703
 	NS_GET_OWNER_UID                 = 0x2000b704
 	NS_GET_PARENT                    = 0x2000b702
-	NS_GET_PID_FROM_PIDNS            = 0x4004b706
-	NS_GET_PID_IN_PIDNS              = 0x4004b708
-	NS_GET_TGID_FROM_PIDNS           = 0x4004b707
-	NS_GET_TGID_IN_PIDNS             = 0x4004b709
 	NS_GET_USERNS                    = 0x2000b701
 	OLCUC                            = 0x2
 	ONLCR                            = 0x4
@@ -240,20 +232,6 @@ const (
 	PPPIOCUNBRIDGECHAN               = 0x20007434
 	PPPIOCXFERUNIT                   = 0x2000744e
 	PR_SET_PTRACER_ANY               = 0xffffffffffffffff
-	PTP_CLOCK_GETCAPS                = 0x40503d01
-	PTP_CLOCK_GETCAPS2               = 0x40503d0a
-	PTP_ENABLE_PPS                   = 0x80043d04
-	PTP_ENABLE_PPS2                  = 0x80043d0d
-	PTP_EXTTS_REQUEST                = 0x80103d02
-	PTP_EXTTS_REQUEST2               = 0x80103d0b
-	PTP_MASK_CLEAR_ALL               = 0x20003d13
-	PTP_MASK_EN_SINGLE               = 0x80043d14
-	PTP_PEROUT_REQUEST               = 0x80383d03
-	PTP_PEROUT_REQUEST2              = 0x80383d0c
-	PTP_PIN_SETFUNC                  = 0x80603d07
-	PTP_PIN_SETFUNC2                 = 0x80603d10
-	PTP_SYS_OFFSET                   = 0x83403d05
-	PTP_SYS_OFFSET2                  = 0x83403d0e
 	PTRACE_GETFPAREGS                = 0x14
 	PTRACE_GETFPREGS                 = 0xe
 	PTRACE_GETFPREGS64               = 0x19
@@ -351,8 +329,6 @@ const (
 	RTC_WIE_ON                       = 0x2000700f
 	RTC_WKALM_RD                     = 0x40287010
 	RTC_WKALM_SET                    = 0x8028700f
-	SCM_DEVMEM_DMABUF                = 0x58
-	SCM_DEVMEM_LINEAR                = 0x57
 	SCM_TIMESTAMPING                 = 0x23
 	SCM_TIMESTAMPING_OPT_STATS       = 0x38
 	SCM_TIMESTAMPING_PKTINFO         = 0x3c
@@ -439,9 +415,6 @@ const (
 	SO_CNX_ADVICE                    = 0x37
 	SO_COOKIE                        = 0x3b
 	SO_DETACH_REUSEPORT_BPF          = 0x47
-	SO_DEVMEM_DMABUF                 = 0x58
-	SO_DEVMEM_DONTNEED               = 0x59
-	SO_DEVMEM_LINEAR                 = 0x57
 	SO_DOMAIN                        = 0x1029
 	SO_DONTROUTE                     = 0x10
 	SO_ERROR                         = 0x1007
diff --git a/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
index 1ec2b1407..4dfd2e051 100644
--- a/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zerrors_zos_s390x.go
@@ -10,99 +10,41 @@
 package unix
 
 const (
-	BRKINT                   = 0x0001
-	CLOCAL                   = 0x1
-	CLOCK_MONOTONIC          = 0x1
-	CLOCK_PROCESS_CPUTIME_ID = 0x2
-	CLOCK_REALTIME           = 0x0
-	CLOCK_THREAD_CPUTIME_ID  = 0x3
-	CLONE_NEWIPC             = 0x08000000
-	CLONE_NEWNET             = 0x40000000
-	CLONE_NEWNS              = 0x00020000
-	CLONE_NEWPID             = 0x20000000
-	CLONE_NEWUTS             = 0x04000000
-	CLONE_PARENT             = 0x00008000
-	CS8                      = 0x0030
-	CSIZE                    = 0x0030
-	ECHO                     = 0x00000008
-	ECHONL                   = 0x00000001
-	EFD_SEMAPHORE            = 0x00002000
-	EFD_CLOEXEC              = 0x00001000
-	EFD_NONBLOCK             = 0x00000004
-	EPOLL_CLOEXEC            = 0x00001000
-	EPOLL_CTL_ADD            = 0
-	EPOLL_CTL_MOD            = 1
-	EPOLL_CTL_DEL            = 2
-	EPOLLRDNORM              = 0x0001
-	EPOLLRDBAND              = 0x0002
-	EPOLLIN                  = 0x0003
-	EPOLLOUT                 = 0x0004
-	EPOLLWRBAND              = 0x0008
-	EPOLLPRI                 = 0x0010
-	EPOLLERR                 = 0x0020
-	EPOLLHUP                 = 0x0040
-	EPOLLEXCLUSIVE           = 0x20000000
-	EPOLLONESHOT             = 0x40000000
-	FD_CLOEXEC               = 0x01
-	FD_CLOFORK               = 0x02
-	FD_SETSIZE               = 0x800
-	FNDELAY                  = 0x04
-	F_CLOSFD                 = 9
-	F_CONTROL_CVT            = 13
-	F_DUPFD                  = 0
-	F_DUPFD2                 = 8
-	F_GETFD                  = 1
-	F_GETFL                  = 259
-	F_GETLK                  = 5
-	F_GETOWN                 = 10
-	F_OK                     = 0x0
-	F_RDLCK                  = 1
-	F_SETFD                  = 2
-	F_SETFL                  = 4
-	F_SETLK                  = 6
-	F_SETLKW                 = 7
-	F_SETOWN                 = 11
-	F_SETTAG                 = 12
-	F_UNLCK                  = 3
-	F_WRLCK                  = 2
-	FSTYPE_ZFS               = 0xe9 //"Z"
-	FSTYPE_HFS               = 0xc8 //"H"
-	FSTYPE_NFS               = 0xd5 //"N"
-	FSTYPE_TFS               = 0xe3 //"T"
-	FSTYPE_AUTOMOUNT         = 0xc1 //"A"
-	GRND_NONBLOCK            = 1
-	GRND_RANDOM              = 2
-	HUPCL                    = 0x0100 // Hang up on last close
-	IN_CLOEXEC               = 0x00001000
-	IN_NONBLOCK              = 0x00000004
-	IN_ACCESS                = 0x00000001
-	IN_MODIFY                = 0x00000002
-	IN_ATTRIB                = 0x00000004
-	IN_CLOSE_WRITE           = 0x00000008
-	IN_CLOSE_NOWRITE         = 0x00000010
-	IN_OPEN                  = 0x00000020
-	IN_MOVED_FROM            = 0x00000040
-	IN_MOVED_TO              = 0x00000080
-	IN_CREATE                = 0x00000100
-	IN_DELETE                = 0x00000200
-	IN_DELETE_SELF           = 0x00000400
-	IN_MOVE_SELF             = 0x00000800
-	IN_UNMOUNT               = 0x00002000
-	IN_Q_OVERFLOW            = 0x00004000
-	IN_IGNORED               = 0x00008000
-	IN_CLOSE                 = (IN_CLOSE_WRITE | IN_CLOSE_NOWRITE)
-	IN_MOVE                  = (IN_MOVED_FROM | IN_MOVED_TO)
-	IN_ALL_EVENTS            = (IN_ACCESS | IN_MODIFY | IN_ATTRIB |
-		IN_CLOSE | IN_OPEN | IN_MOVE |
-		IN_CREATE | IN_DELETE | IN_DELETE_SELF |
-		IN_MOVE_SELF)
-	IN_ONLYDIR                      = 0x01000000
-	IN_DONT_FOLLOW                  = 0x02000000
-	IN_EXCL_UNLINK                  = 0x04000000
-	IN_MASK_CREATE                  = 0x10000000
-	IN_MASK_ADD                     = 0x20000000
-	IN_ISDIR                        = 0x40000000
-	IN_ONESHOT                      = 0x80000000
+	BRKINT                          = 0x0001
+	CLOCK_MONOTONIC                 = 0x1
+	CLOCK_PROCESS_CPUTIME_ID        = 0x2
+	CLOCK_REALTIME                  = 0x0
+	CLOCK_THREAD_CPUTIME_ID         = 0x3
+	CS8                             = 0x0030
+	CSIZE                           = 0x0030
+	ECHO                            = 0x00000008
+	ECHONL                          = 0x00000001
+	FD_CLOEXEC                      = 0x01
+	FD_CLOFORK                      = 0x02
+	FNDELAY                         = 0x04
+	F_CLOSFD                        = 9
+	F_CONTROL_CVT                   = 13
+	F_DUPFD                         = 0
+	F_DUPFD2                        = 8
+	F_GETFD                         = 1
+	F_GETFL                         = 259
+	F_GETLK                         = 5
+	F_GETOWN                        = 10
+	F_OK                            = 0x0
+	F_RDLCK                         = 1
+	F_SETFD                         = 2
+	F_SETFL                         = 4
+	F_SETLK                         = 6
+	F_SETLKW                        = 7
+	F_SETOWN                        = 11
+	F_SETTAG                        = 12
+	F_UNLCK                         = 3
+	F_WRLCK                         = 2
+	FSTYPE_ZFS                      = 0xe9 //"Z"
+	FSTYPE_HFS                      = 0xc8 //"H"
+	FSTYPE_NFS                      = 0xd5 //"N"
+	FSTYPE_TFS                      = 0xe3 //"T"
+	FSTYPE_AUTOMOUNT                = 0xc1 //"A"
 	IP6F_MORE_FRAG                  = 0x0001
 	IP6F_OFF_MASK                   = 0xfff8
 	IP6F_RESERVED_MASK              = 0x0006
@@ -210,18 +152,10 @@ const (
 	IP_PKTINFO                      = 101
 	IP_RECVPKTINFO                  = 102
 	IP_TOS                          = 2
-	IP_TTL                          = 14
+	IP_TTL                          = 3
 	IP_UNBLOCK_SOURCE               = 11
-	ICMP6_FILTER                    = 1
-	MCAST_INCLUDE                   = 0
-	MCAST_EXCLUDE                   = 1
-	MCAST_JOIN_GROUP                = 40
-	MCAST_LEAVE_GROUP               = 41
-	MCAST_JOIN_SOURCE_GROUP         = 42
-	MCAST_LEAVE_SOURCE_GROUP        = 43
-	MCAST_BLOCK_SOURCE              = 44
-	MCAST_UNBLOCK_SOURCE            = 46
 	ICANON                          = 0x0010
+	ICMP6_FILTER                    = 0x26
 	ICRNL                           = 0x0002
 	IEXTEN                          = 0x0020
 	IGNBRK                          = 0x0004
@@ -231,10 +165,10 @@ const (
 	ISTRIP                          = 0x0080
 	IXON                            = 0x0200
 	IXOFF                           = 0x0100
-	LOCK_SH                         = 0x1
-	LOCK_EX                         = 0x2
-	LOCK_NB                         = 0x4
-	LOCK_UN                         = 0x8
+	LOCK_SH                         = 0x1 // Not exist on zOS
+	LOCK_EX                         = 0x2 // Not exist on zOS
+	LOCK_NB                         = 0x4 // Not exist on zOS
+	LOCK_UN                         = 0x8 // Not exist on zOS
 	POLLIN                          = 0x0003
 	POLLOUT                         = 0x0004
 	POLLPRI                         = 0x0010
@@ -248,29 +182,15 @@ const (
 	MAP_PRIVATE                     = 0x1 // changes are private
 	MAP_SHARED                      = 0x2 // changes are shared
 	MAP_FIXED                       = 0x4 // place exactly
-	__MAP_MEGA                      = 0x8
-	__MAP_64                        = 0x10
-	MAP_ANON                        = 0x20
-	MAP_ANONYMOUS                   = 0x20
+	MCAST_JOIN_GROUP                = 40
+	MCAST_LEAVE_GROUP               = 41
+	MCAST_JOIN_SOURCE_GROUP         = 42
+	MCAST_LEAVE_SOURCE_GROUP        = 43
+	MCAST_BLOCK_SOURCE              = 44
+	MCAST_UNBLOCK_SOURCE            = 45
 	MS_SYNC                         = 0x1 // msync - synchronous writes
 	MS_ASYNC                        = 0x2 // asynchronous writes
 	MS_INVALIDATE                   = 0x4 // invalidate mappings
-	MS_BIND                         = 0x00001000
-	MS_MOVE                         = 0x00002000
-	MS_NOSUID                       = 0x00000002
-	MS_PRIVATE                      = 0x00040000
-	MS_REC                          = 0x00004000
-	MS_REMOUNT                      = 0x00008000
-	MS_RDONLY                       = 0x00000001
-	MS_UNBINDABLE                   = 0x00020000
-	MNT_DETACH                      = 0x00000004
-	ZOSDSFS_SUPER_MAGIC             = 0x44534653 // zOS DSFS
-	NFS_SUPER_MAGIC                 = 0x6969     // NFS
-	NSFS_MAGIC                      = 0x6e736673 // PROCNS
-	PROC_SUPER_MAGIC                = 0x9fa0     // proc FS
-	ZOSTFS_SUPER_MAGIC              = 0x544653   // zOS TFS
-	ZOSUFS_SUPER_MAGIC              = 0x554653   // zOS UFS
-	ZOSZFS_SUPER_MAGIC              = 0x5A4653   // zOS ZFS
 	MTM_RDONLY                      = 0x80000000
 	MTM_RDWR                        = 0x40000000
 	MTM_UMOUNT                      = 0x10000000
@@ -285,20 +205,13 @@ const (
 	MTM_REMOUNT                     = 0x00000100
 	MTM_NOSECURITY                  = 0x00000080
 	NFDBITS                         = 0x20
-	ONLRET                          = 0x0020 // NL performs CR function
 	O_ACCMODE                       = 0x03
 	O_APPEND                        = 0x08
 	O_ASYNCSIG                      = 0x0200
 	O_CREAT                         = 0x80
-	O_DIRECT                        = 0x00002000
-	O_NOFOLLOW                      = 0x00004000
-	O_DIRECTORY                     = 0x00008000
-	O_PATH                          = 0x00080000
-	O_CLOEXEC                       = 0x00001000
 	O_EXCL                          = 0x40
 	O_GETFL                         = 0x0F
 	O_LARGEFILE                     = 0x0400
-	O_NDELAY                        = 0x4
 	O_NONBLOCK                      = 0x04
 	O_RDONLY                        = 0x02
 	O_RDWR                          = 0x03
@@ -335,7 +248,6 @@ const (
 	AF_IUCV                         = 17
 	AF_LAT                          = 14
 	AF_LINK                         = 18
-	AF_LOCAL                        = AF_UNIX // AF_LOCAL is an alias for AF_UNIX
 	AF_MAX                          = 30
 	AF_NBS                          = 7
 	AF_NDD                          = 23
@@ -373,33 +285,15 @@ const (
 	RLIMIT_AS                       = 5
 	RLIMIT_NOFILE                   = 6
 	RLIMIT_MEMLIMIT                 = 7
-	RLIMIT_MEMLOCK                  = 0x8
 	RLIM_INFINITY                   = 2147483647
-	SCHED_FIFO                      = 0x2
-	SCM_CREDENTIALS                 = 0x2
 	SCM_RIGHTS                      = 0x01
 	SF_CLOSE                        = 0x00000002
 	SF_REUSE                        = 0x00000001
-	SHM_RND                         = 0x2
-	SHM_RDONLY                      = 0x1
-	SHMLBA                          = 0x1000
-	IPC_STAT                        = 0x3
-	IPC_SET                         = 0x2
-	IPC_RMID                        = 0x1
-	IPC_PRIVATE                     = 0x0
-	IPC_CREAT                       = 0x1000000
-	__IPC_MEGA                      = 0x4000000
-	__IPC_SHAREAS                   = 0x20000000
-	__IPC_BELOWBAR                  = 0x10000000
-	IPC_EXCL                        = 0x2000000
-	__IPC_GIGA                      = 0x8000000
 	SHUT_RD                         = 0
 	SHUT_RDWR                       = 2
 	SHUT_WR                         = 1
-	SOCK_CLOEXEC                    = 0x00001000
 	SOCK_CONN_DGRAM                 = 6
 	SOCK_DGRAM                      = 2
-	SOCK_NONBLOCK                   = 0x800
 	SOCK_RAW                        = 3
 	SOCK_RDM                        = 4
 	SOCK_SEQPACKET                  = 5
@@ -484,6 +378,8 @@ const (
 	S_IFMST                         = 0x00FF0000
 	TCP_KEEPALIVE                   = 0x8
 	TCP_NODELAY                     = 0x1
+	TCP_INFO                        = 0xb
+	TCP_USER_TIMEOUT                = 0x1
 	TIOCGWINSZ                      = 0x4008a368
 	TIOCSWINSZ                      = 0x8008a367
 	TIOCSBRK                        = 0x2000a77b
@@ -531,10 +427,7 @@ const (
 	VSUSP                           = 9
 	VTIME                           = 10
 	WCONTINUED                      = 0x4
-	WEXITED                         = 0x8
 	WNOHANG                         = 0x1
-	WNOWAIT                         = 0x20
-	WSTOPPED                        = 0x10
 	WUNTRACED                       = 0x2
 	_BPX_SWAP                       = 1
 	_BPX_NONSWAP                    = 2
@@ -559,30 +452,8 @@ const (
 	MADV_FREE                       = 15 // for Linux compatibility -- no zos semantics
 	MADV_WIPEONFORK                 = 16 // for Linux compatibility -- no zos semantics
 	MADV_KEEPONFORK                 = 17 // for Linux compatibility -- no zos semantics
-	AT_SYMLINK_FOLLOW               = 0x400
-	AT_SYMLINK_NOFOLLOW             = 0x100
-	XATTR_CREATE                    = 0x1
-	XATTR_REPLACE                   = 0x2
-	P_PID                           = 0
-	P_PGID                          = 1
-	P_ALL                           = 2
-	PR_SET_NAME                     = 15
-	PR_GET_NAME                     = 16
-	PR_SET_NO_NEW_PRIVS             = 38
-	PR_GET_NO_NEW_PRIVS             = 39
-	PR_SET_DUMPABLE                 = 4
-	PR_GET_DUMPABLE                 = 3
-	PR_SET_PDEATHSIG                = 1
-	PR_GET_PDEATHSIG                = 2
-	PR_SET_CHILD_SUBREAPER          = 36
-	PR_GET_CHILD_SUBREAPER          = 37
-	AT_FDCWD                        = -100
-	AT_EACCESS                      = 0x200
-	AT_EMPTY_PATH                   = 0x1000
-	AT_REMOVEDIR                    = 0x200
-	RENAME_NOREPLACE                = 1 << 0
-	ST_RDONLY                       = 1
-	ST_NOSUID                       = 2
+	AT_SYMLINK_NOFOLLOW             = 1  // for Unix  compatibility -- no zos semantics
+	AT_FDCWD                        = 2  // for Unix  compatibility -- no zos semantics
 )
 
 const (
@@ -605,7 +476,6 @@ const (
 	EMLINK             = Errno(125)
 	ENAMETOOLONG       = Errno(126)
 	ENFILE             = Errno(127)
-	ENOATTR            = Errno(265)
 	ENODEV             = Errno(128)
 	ENOENT             = Errno(129)
 	ENOEXEC            = Errno(130)
@@ -830,7 +700,7 @@ var errorList = [...]struct {
 	{145, "EDC5145I", "The parameter list is too long, or the message to receive was too large for the buffer."},
 	{146, "EDC5146I", "Too many levels of symbolic links."},
 	{147, "EDC5147I", "Illegal byte sequence."},
-	{148, "EDC5148I", "The named attribute or data not available."},
+	{148, "", ""},
 	{149, "EDC5149I", "Value Overflow Error."},
 	{150, "EDC5150I", "UNIX System Services is not active."},
 	{151, "EDC5151I", "Dynamic allocation error."},
@@ -873,7 +743,6 @@ var errorList = [...]struct {
 	{259, "EDC5259I", "A CUN_RS_NO_CONVERSION error was issued by Unicode Services."},
 	{260, "EDC5260I", "A CUN_RS_TABLE_NOT_ALIGNED error was issued by Unicode Services."},
 	{262, "EDC5262I", "An iconv() function encountered an unexpected error while using Unicode Services."},
-	{265, "EDC5265I", "The named attribute not available."},
 	{1000, "EDC8000I", "A bad socket-call constant was found in the IUCV header."},
 	{1001, "EDC8001I", "An error was found in the IUCV header."},
 	{1002, "EDC8002I", "A socket descriptor is out of range."},
diff --git a/vendor/golang.org/x/sys/unix/zsymaddr_zos_s390x.s b/vendor/golang.org/x/sys/unix/zsymaddr_zos_s390x.s
deleted file mode 100644
index b77ff5db9..000000000
--- a/vendor/golang.org/x/sys/unix/zsymaddr_zos_s390x.s
+++ /dev/null
@@ -1,364 +0,0 @@
-// go run mksyscall_zos_s390x.go -o_sysnum zsysnum_zos_s390x.go -o_syscall zsyscall_zos_s390x.go -i_syscall syscall_zos_s390x.go -o_asm zsymaddr_zos_s390x.s
-// Code generated by the command above; see README.md. DO NOT EDIT.
-
-//go:build zos && s390x
-#include "textflag.h"
-
-//  provide the address of function variable to be fixed up.
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FlistxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Flistxattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FremovexattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Fremovexattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FgetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Fgetxattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FsetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Fsetxattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_accept4Addr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·accept4(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_RemovexattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Removexattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_Dup3Addr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Dup3(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_DirfdAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Dirfd(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_EpollCreateAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·EpollCreate(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_EpollCreate1Addr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·EpollCreate1(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_EpollCtlAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·EpollCtl(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_EpollPwaitAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·EpollPwait(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_EpollWaitAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·EpollWait(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_EventfdAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Eventfd(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FaccessatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Faccessat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FchmodatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Fchmodat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FchownatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Fchownat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FdatasyncAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Fdatasync(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_fstatatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·fstatat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_LgetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Lgetxattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_LsetxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Lsetxattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FstatfsAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Fstatfs(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FutimesAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Futimes(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_FutimesatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Futimesat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_GetrandomAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Getrandom(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_InotifyInitAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·InotifyInit(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_InotifyInit1Addr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·InotifyInit1(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_InotifyAddWatchAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·InotifyAddWatch(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_InotifyRmWatchAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·InotifyRmWatch(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_ListxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Listxattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_LlistxattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Llistxattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_LremovexattrAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Lremovexattr(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_LutimesAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Lutimes(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_StatfsAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Statfs(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_SyncfsAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Syncfs(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_UnshareAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Unshare(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_LinkatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Linkat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_MkdiratAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Mkdirat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_MknodatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Mknodat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_PivotRootAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·PivotRoot(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_PrctlAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Prctl(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_PrlimitAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Prlimit(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_RenameatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Renameat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_Renameat2Addr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Renameat2(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_SethostnameAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Sethostname(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_SetnsAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Setns(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_SymlinkatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Symlinkat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_UnlinkatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·Unlinkat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_openatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·openat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_openat2Addr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·openat2(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-TEXT ·get_utimensatAddr(SB), NOSPLIT|NOFRAME, $0-8
-	MOVD $·utimensat(SB), R8
-	MOVD R8, ret+0(FP)
-	RET
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
index 24b346e1a..ccb02f240 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
@@ -740,54 +740,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func renamexNp(from string, to string, flag uint32) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(from)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(to)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall(libc_renamex_np_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flag))
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_renamex_np_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_renamex_np renamex_np "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func renameatxNp(fromfd int, from string, tofd int, to string, flag uint32) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(from)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(to)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(libc_renameatx_np_trampoline_addr, uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), uintptr(flag), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_renameatx_np_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_renameatx_np renameatx_np "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
 	var _p0 unsafe.Pointer
 	if len(mib) > 0 {
@@ -808,59 +760,6 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func pthread_chdir_np(path string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall(libc_pthread_chdir_np_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_pthread_chdir_np_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_pthread_chdir_np pthread_chdir_np "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func pthread_fchdir_np(fd int) (err error) {
-	_, _, e1 := syscall_syscall(libc_pthread_fchdir_np_trampoline_addr, uintptr(fd), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_pthread_fchdir_np_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_pthread_fchdir_np pthread_fchdir_np "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func connectx(fd int, endpoints *SaEndpoints, associd SaeAssocID, flags uint32, iov []Iovec, n *uintptr, connid *SaeConnID) (err error) {
-	var _p0 unsafe.Pointer
-	if len(iov) > 0 {
-		_p0 = unsafe.Pointer(&iov[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	_, _, e1 := syscall_syscall9(libc_connectx_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(endpoints)), uintptr(associd), uintptr(flags), uintptr(_p0), uintptr(len(iov)), uintptr(unsafe.Pointer(n)), uintptr(unsafe.Pointer(connid)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_connectx_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_connectx connectx "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error) {
 	_, _, e1 := syscall_syscall6(libc_sendfile_trampoline_addr, uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
index ebd213100..8b8bb2840 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
@@ -223,36 +223,11 @@ TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ioctl_trampoline_addr(SB)/8, $libc_ioctl_trampoline<>(SB)
 
-TEXT libc_renamex_np_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_renamex_np(SB)
-GLOBL	·libc_renamex_np_trampoline_addr(SB), RODATA, $8
-DATA	·libc_renamex_np_trampoline_addr(SB)/8, $libc_renamex_np_trampoline<>(SB)
-
-TEXT libc_renameatx_np_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_renameatx_np(SB)
-GLOBL	·libc_renameatx_np_trampoline_addr(SB), RODATA, $8
-DATA	·libc_renameatx_np_trampoline_addr(SB)/8, $libc_renameatx_np_trampoline<>(SB)
-
 TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sysctl(SB)
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
-TEXT libc_pthread_chdir_np_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_pthread_chdir_np(SB)
-GLOBL	·libc_pthread_chdir_np_trampoline_addr(SB), RODATA, $8
-DATA	·libc_pthread_chdir_np_trampoline_addr(SB)/8, $libc_pthread_chdir_np_trampoline<>(SB)
-
-TEXT libc_pthread_fchdir_np_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_pthread_fchdir_np(SB)
-GLOBL	·libc_pthread_fchdir_np_trampoline_addr(SB), RODATA, $8
-DATA	·libc_pthread_fchdir_np_trampoline_addr(SB)/8, $libc_pthread_fchdir_np_trampoline<>(SB)
-
-TEXT libc_connectx_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_connectx(SB)
-GLOBL	·libc_connectx_trampoline_addr(SB), RODATA, $8
-DATA	·libc_connectx_trampoline_addr(SB)/8, $libc_connectx_trampoline<>(SB)
-
 TEXT libc_sendfile_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendfile(SB)
 GLOBL	·libc_sendfile_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
index 824b9c2d5..1b40b997b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
@@ -740,54 +740,6 @@ func ioctlPtr(fd int, req uint, arg unsafe.Pointer) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func renamexNp(from string, to string, flag uint32) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(from)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(to)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall(libc_renamex_np_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flag))
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_renamex_np_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_renamex_np renamex_np "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func renameatxNp(fromfd int, from string, tofd int, to string, flag uint32) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(from)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(to)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(libc_renameatx_np_trampoline_addr, uintptr(fromfd), uintptr(unsafe.Pointer(_p0)), uintptr(tofd), uintptr(unsafe.Pointer(_p1)), uintptr(flag), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_renameatx_np_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_renameatx_np renameatx_np "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func sysctl(mib []_C_int, old *byte, oldlen *uintptr, new *byte, newlen uintptr) (err error) {
 	var _p0 unsafe.Pointer
 	if len(mib) > 0 {
@@ -808,59 +760,6 @@ var libc_sysctl_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func pthread_chdir_np(path string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall(libc_pthread_chdir_np_trampoline_addr, uintptr(unsafe.Pointer(_p0)), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_pthread_chdir_np_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_pthread_chdir_np pthread_chdir_np "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func pthread_fchdir_np(fd int) (err error) {
-	_, _, e1 := syscall_syscall(libc_pthread_fchdir_np_trampoline_addr, uintptr(fd), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_pthread_fchdir_np_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_pthread_fchdir_np pthread_fchdir_np "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func connectx(fd int, endpoints *SaEndpoints, associd SaeAssocID, flags uint32, iov []Iovec, n *uintptr, connid *SaeConnID) (err error) {
-	var _p0 unsafe.Pointer
-	if len(iov) > 0 {
-		_p0 = unsafe.Pointer(&iov[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	_, _, e1 := syscall_syscall9(libc_connectx_trampoline_addr, uintptr(fd), uintptr(unsafe.Pointer(endpoints)), uintptr(associd), uintptr(flags), uintptr(_p0), uintptr(len(iov)), uintptr(unsafe.Pointer(n)), uintptr(unsafe.Pointer(connid)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_connectx_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_connectx connectx "/usr/lib/libSystem.B.dylib"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error) {
 	_, _, e1 := syscall_syscall6(libc_sendfile_trampoline_addr, uintptr(infd), uintptr(outfd), uintptr(offset), uintptr(unsafe.Pointer(len)), uintptr(hdtr), uintptr(flags))
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
index 4f178a229..08362c1ab 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
@@ -223,36 +223,11 @@ TEXT libc_ioctl_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_ioctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_ioctl_trampoline_addr(SB)/8, $libc_ioctl_trampoline<>(SB)
 
-TEXT libc_renamex_np_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_renamex_np(SB)
-GLOBL	·libc_renamex_np_trampoline_addr(SB), RODATA, $8
-DATA	·libc_renamex_np_trampoline_addr(SB)/8, $libc_renamex_np_trampoline<>(SB)
-
-TEXT libc_renameatx_np_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_renameatx_np(SB)
-GLOBL	·libc_renameatx_np_trampoline_addr(SB), RODATA, $8
-DATA	·libc_renameatx_np_trampoline_addr(SB)/8, $libc_renameatx_np_trampoline<>(SB)
-
 TEXT libc_sysctl_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sysctl(SB)
 GLOBL	·libc_sysctl_trampoline_addr(SB), RODATA, $8
 DATA	·libc_sysctl_trampoline_addr(SB)/8, $libc_sysctl_trampoline<>(SB)
 
-TEXT libc_pthread_chdir_np_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_pthread_chdir_np(SB)
-GLOBL	·libc_pthread_chdir_np_trampoline_addr(SB), RODATA, $8
-DATA	·libc_pthread_chdir_np_trampoline_addr(SB)/8, $libc_pthread_chdir_np_trampoline<>(SB)
-
-TEXT libc_pthread_fchdir_np_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_pthread_fchdir_np(SB)
-GLOBL	·libc_pthread_fchdir_np_trampoline_addr(SB), RODATA, $8
-DATA	·libc_pthread_fchdir_np_trampoline_addr(SB)/8, $libc_pthread_fchdir_np_trampoline<>(SB)
-
-TEXT libc_connectx_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_connectx(SB)
-GLOBL	·libc_connectx_trampoline_addr(SB), RODATA, $8
-DATA	·libc_connectx_trampoline_addr(SB)/8, $libc_connectx_trampoline<>(SB)
-
 TEXT libc_sendfile_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_sendfile(SB)
 GLOBL	·libc_sendfile_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_linux.go b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
index 5cc1e8eb2..87d8612a1 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_linux.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_linux.go
@@ -592,16 +592,6 @@ func ClockGettime(clockid int32, time *Timespec) (err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func ClockSettime(clockid int32, time *Timespec) (err error) {
-	_, _, e1 := Syscall(SYS_CLOCK_SETTIME, uintptr(clockid), uintptr(unsafe.Pointer(time)), 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func ClockNanosleep(clockid int32, flags int, request *Timespec, remain *Timespec) (err error) {
 	_, _, e1 := Syscall6(SYS_CLOCK_NANOSLEEP, uintptr(clockid), uintptr(flags), uintptr(unsafe.Pointer(request)), uintptr(unsafe.Pointer(remain)), 0, 0)
 	if e1 != 0 {
@@ -981,6 +971,23 @@ func Getpriority(which int, who int) (prio int, err error) {
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
+func Getrandom(buf []byte, flags int) (n int, err error) {
+	var _p0 unsafe.Pointer
+	if len(buf) > 0 {
+		_p0 = unsafe.Pointer(&buf[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	r0, _, e1 := Syscall(SYS_GETRANDOM, uintptr(_p0), uintptr(len(buf)), uintptr(flags))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
 func Getrusage(who int, rusage *Rusage) (err error) {
 	_, _, e1 := RawSyscall(SYS_GETRUSAGE, uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
 	if e1 != 0 {
@@ -2222,19 +2229,3 @@ func Cachestat(fd uint, crange *CachestatRange, cstat *Cachestat_t, flags uint)
 	}
 	return
 }
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mseal(b []byte, flags uint) (err error) {
-	var _p0 unsafe.Pointer
-	if len(b) > 0 {
-		_p0 = unsafe.Pointer(&b[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	_, _, e1 := Syscall(SYS_MSEAL, uintptr(_p0), uintptr(len(b)), uintptr(flags))
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
index 1851df14e..9dc42410b 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.go
@@ -1493,30 +1493,6 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(fsType)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(dir)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_mount_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_mount mount "libc.so"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
index 0b43c6936..41b561731 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_386.s
@@ -463,11 +463,6 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $4
 DATA	·libc_mknodat_trampoline_addr(SB)/4, $libc_mknodat_trampoline<>(SB)
 
-TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_mount(SB)
-GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $4
-DATA	·libc_mount_trampoline_addr(SB)/4, $libc_mount_trampoline<>(SB)
-
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $4
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
index e1ec0dbe4..0d3a0751c 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.go
@@ -1493,30 +1493,6 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(fsType)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(dir)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_mount_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_mount mount "libc.so"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
index 880c6d6e3..4019a656f 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_amd64.s
@@ -463,11 +463,6 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
-TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_mount(SB)
-GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
-DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
-
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
index 7c8452a63..c39f7776d 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.go
@@ -1493,30 +1493,6 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(fsType)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(dir)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_mount_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_mount mount "libc.so"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
index b8ef95b0f..ac4af24f9 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm.s
@@ -463,11 +463,6 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $4
 DATA	·libc_mknodat_trampoline_addr(SB)/4, $libc_mknodat_trampoline<>(SB)
 
-TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_mount(SB)
-GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $4
-DATA	·libc_mount_trampoline_addr(SB)/4, $libc_mount_trampoline<>(SB)
-
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $4
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
index 2ffdf861f..57571d072 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.go
@@ -1493,30 +1493,6 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(fsType)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(dir)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_mount_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_mount mount "libc.so"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
index 2af3b5c76..f77d53212 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_arm64.s
@@ -463,11 +463,6 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
-TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_mount(SB)
-GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
-DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
-
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
index 1da08d526..e62963e67 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.go
@@ -1493,30 +1493,6 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(fsType)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(dir)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_mount_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_mount mount "libc.so"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
index b7a251353..fae140b62 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_mips64.s
@@ -463,11 +463,6 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
-TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_mount(SB)
-GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
-DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
-
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
index 6e85b0aac..00831354c 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.go
@@ -1493,30 +1493,6 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(fsType)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(dir)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_mount_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_mount mount "libc.so"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
index f15dadf05..9d1e0ff06 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_ppc64.s
@@ -555,12 +555,6 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
-TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
-	CALL	libc_mount(SB)
-	RET
-GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
-DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
-
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	CALL	libc_nanosleep(SB)
 	RET
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
index 28b487df2..79029ed58 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.go
@@ -1493,30 +1493,6 @@ var libc_mknodat_trampoline_addr uintptr
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Mount(fsType string, dir string, flags int, data unsafe.Pointer) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(fsType)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(dir)
-	if err != nil {
-		return
-	}
-	_, _, e1 := syscall_syscall6(libc_mount_trampoline_addr, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(flags), uintptr(data), 0, 0)
-	if e1 != 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-var libc_mount_trampoline_addr uintptr
-
-//go:cgo_import_dynamic libc_mount mount "libc.so"
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
 func Nanosleep(time *Timespec, leftover *Timespec) (err error) {
 	_, _, e1 := syscall_syscall(libc_nanosleep_trampoline_addr, uintptr(unsafe.Pointer(time)), uintptr(unsafe.Pointer(leftover)), 0)
 	if e1 != 0 {
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
index 1e7f321e4..da115f9a4 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
+++ b/vendor/golang.org/x/sys/unix/zsyscall_openbsd_riscv64.s
@@ -463,11 +463,6 @@ TEXT libc_mknodat_trampoline<>(SB),NOSPLIT,$0-0
 GLOBL	·libc_mknodat_trampoline_addr(SB), RODATA, $8
 DATA	·libc_mknodat_trampoline_addr(SB)/8, $libc_mknodat_trampoline<>(SB)
 
-TEXT libc_mount_trampoline<>(SB),NOSPLIT,$0-0
-	JMP	libc_mount(SB)
-GLOBL	·libc_mount_trampoline_addr(SB), RODATA, $8
-DATA	·libc_mount_trampoline_addr(SB)/8, $libc_mount_trampoline<>(SB)
-
 TEXT libc_nanosleep_trampoline<>(SB),NOSPLIT,$0-0
 	JMP	libc_nanosleep(SB)
 GLOBL	·libc_nanosleep_trampoline_addr(SB), RODATA, $8
diff --git a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
index 7ccf66b7e..94f011238 100644
--- a/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsyscall_zos_s390x.go
@@ -1,4 +1,4 @@
-// go run mksyscall_zos_s390x.go -o_sysnum zsysnum_zos_s390x.go -o_syscall zsyscall_zos_s390x.go -i_syscall syscall_zos_s390x.go -o_asm zsymaddr_zos_s390x.s
+// go run mksyscall.go -tags zos,s390x syscall_zos_s390x.go
 // Code generated by the command above; see README.md. DO NOT EDIT.
 
 //go:build zos && s390x
@@ -6,100 +6,17 @@
 package unix
 
 import (
-	"runtime"
-	"syscall"
 	"unsafe"
 )
 
-var _ syscall.Errno
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func fcntl(fd int, cmd int, arg int) (val int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCNTL<<4, uintptr(fd), uintptr(cmd), uintptr(arg))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS_FCNTL, uintptr(fd), uintptr(cmd), uintptr(arg))
 	val = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Flistxattr(fd int, dest []byte) (sz int, err error) {
-	var _p0 unsafe.Pointer
-	if len(dest) > 0 {
-		_p0 = unsafe.Pointer(&dest[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FLISTXATTR_A<<4, uintptr(fd), uintptr(_p0), uintptr(len(dest)))
-	runtime.ExitSyscall()
-	sz = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FlistxattrAddr() *(func(fd int, dest []byte) (sz int, err error))
-
-var Flistxattr = enter_Flistxattr
-
-func enter_Flistxattr(fd int, dest []byte) (sz int, err error) {
-	funcref := get_FlistxattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___FLISTXATTR_A<<4, "") == 0 {
-		*funcref = impl_Flistxattr
-	} else {
-		*funcref = error_Flistxattr
-	}
-	return (*funcref)(fd, dest)
-}
-
-func error_Flistxattr(fd int, dest []byte) (sz int, err error) {
-	sz = -1
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Fremovexattr(fd int, attr string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(attr)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FREMOVEXATTR_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FremovexattrAddr() *(func(fd int, attr string) (err error))
-
-var Fremovexattr = enter_Fremovexattr
-
-func enter_Fremovexattr(fd int, attr string) (err error) {
-	funcref := get_FremovexattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___FREMOVEXATTR_A<<4, "") == 0 {
-		*funcref = impl_Fremovexattr
-	} else {
-		*funcref = error_Fremovexattr
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(fd, attr)
-}
-
-func error_Fremovexattr(fd int, attr string) (err error) {
-	err = ENOSYS
 	return
 }
 
@@ -112,12 +29,10 @@ func read(fd int, p []byte) (n int, err error) {
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_READ<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS_READ, uintptr(fd), uintptr(_p0), uintptr(len(p)))
 	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -131,159 +46,31 @@ func write(fd int, p []byte) (n int, err error) {
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_WRITE<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS_WRITE, uintptr(fd), uintptr(_p0), uintptr(len(p)))
 	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Fgetxattr(fd int, attr string, dest []byte) (sz int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(attr)
-	if err != nil {
-		return
-	}
-	var _p1 unsafe.Pointer
-	if len(dest) > 0 {
-		_p1 = unsafe.Pointer(&dest[0])
-	} else {
-		_p1 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FGETXATTR_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(dest)))
-	runtime.ExitSyscall()
-	sz = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FgetxattrAddr() *(func(fd int, attr string, dest []byte) (sz int, err error))
-
-var Fgetxattr = enter_Fgetxattr
-
-func enter_Fgetxattr(fd int, attr string, dest []byte) (sz int, err error) {
-	funcref := get_FgetxattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___FGETXATTR_A<<4, "") == 0 {
-		*funcref = impl_Fgetxattr
-	} else {
-		*funcref = error_Fgetxattr
-	}
-	return (*funcref)(fd, attr, dest)
-}
-
-func error_Fgetxattr(fd int, attr string, dest []byte) (sz int, err error) {
-	sz = -1
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Fsetxattr(fd int, attr string, data []byte, flag int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(attr)
-	if err != nil {
-		return
-	}
-	var _p1 unsafe.Pointer
-	if len(data) > 0 {
-		_p1 = unsafe.Pointer(&data[0])
-	} else {
-		_p1 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FSETXATTR_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(data)), uintptr(flag))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FsetxattrAddr() *(func(fd int, attr string, data []byte, flag int) (err error))
-
-var Fsetxattr = enter_Fsetxattr
-
-func enter_Fsetxattr(fd int, attr string, data []byte, flag int) (err error) {
-	funcref := get_FsetxattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___FSETXATTR_A<<4, "") == 0 {
-		*funcref = impl_Fsetxattr
-	} else {
-		*funcref = error_Fsetxattr
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(fd, attr, data, flag)
-}
-
-func error_Fsetxattr(fd int, attr string, data []byte, flag int) (err error) {
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func accept(s int, rsa *RawSockaddrAny, addrlen *_Socklen) (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___ACCEPT_A<<4, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___ACCEPT4_A<<4, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)), uintptr(flags))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS___ACCEPT_A, uintptr(s), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
 	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_accept4Addr() *(func(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error))
-
-var accept4 = enter_accept4
-
-func enter_accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) {
-	funcref := get_accept4Addr()
-	if funcptrtest(GetZosLibVec()+SYS___ACCEPT4_A<<4, "") == 0 {
-		*funcref = impl_accept4
-	} else {
-		*funcref = error_accept4
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(s, rsa, addrlen, flags)
-}
-
-func error_accept4(s int, rsa *RawSockaddrAny, addrlen *_Socklen, flags int) (fd int, err error) {
-	fd = -1
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___BIND_A<<4, uintptr(s), uintptr(addr), uintptr(addrlen))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___BIND_A, uintptr(s), uintptr(addr), uintptr(addrlen))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -291,11 +78,9 @@ func bind(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CONNECT_A<<4, uintptr(s), uintptr(addr), uintptr(addrlen))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___CONNECT_A, uintptr(s), uintptr(addr), uintptr(addrlen))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -303,10 +88,10 @@ func connect(s int, addr unsafe.Pointer, addrlen _Socklen) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func getgroups(n int, list *_Gid_t) (nn int, err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETGROUPS<<4, uintptr(n), uintptr(unsafe.Pointer(list)))
+	r0, _, e1 := syscall_rawsyscall(SYS_GETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0)
 	nn = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -314,9 +99,9 @@ func getgroups(n int, list *_Gid_t) (nn int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func setgroups(n int, list *_Gid_t) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETGROUPS<<4, uintptr(n), uintptr(unsafe.Pointer(list)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_rawsyscall(SYS_SETGROUPS, uintptr(n), uintptr(unsafe.Pointer(list)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -324,11 +109,9 @@ func setgroups(n int, list *_Gid_t) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETSOCKOPT<<4, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall6(SYS_GETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(unsafe.Pointer(vallen)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -336,11 +119,9 @@ func getsockopt(s int, level int, name int, val unsafe.Pointer, vallen *_Socklen
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETSOCKOPT<<4, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall6(SYS_SETSOCKOPT, uintptr(s), uintptr(level), uintptr(name), uintptr(val), uintptr(vallen), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -348,10 +129,10 @@ func setsockopt(s int, level int, name int, val unsafe.Pointer, vallen uintptr)
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func socket(domain int, typ int, proto int) (fd int, err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SOCKET<<4, uintptr(domain), uintptr(typ), uintptr(proto))
+	r0, _, e1 := syscall_rawsyscall(SYS_SOCKET, uintptr(domain), uintptr(typ), uintptr(proto))
 	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -359,9 +140,9 @@ func socket(domain int, typ int, proto int) (fd int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SOCKETPAIR<<4, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_rawsyscall6(SYS_SOCKETPAIR, uintptr(domain), uintptr(typ), uintptr(proto), uintptr(unsafe.Pointer(fd)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -369,9 +150,9 @@ func socketpair(domain int, typ int, proto int, fd *[2]int32) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___GETPEERNAME_A<<4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_rawsyscall(SYS___GETPEERNAME_A, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -379,52 +160,10 @@ func getpeername(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func getsockname(fd int, rsa *RawSockaddrAny, addrlen *_Socklen) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___GETSOCKNAME_A<<4, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Removexattr(path string, attr string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(attr)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___REMOVEXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_RemovexattrAddr() *(func(path string, attr string) (err error))
-
-var Removexattr = enter_Removexattr
-
-func enter_Removexattr(path string, attr string) (err error) {
-	funcref := get_RemovexattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___REMOVEXATTR_A<<4, "") == 0 {
-		*funcref = impl_Removexattr
-	} else {
-		*funcref = error_Removexattr
+	_, _, e1 := syscall_rawsyscall(SYS___GETSOCKNAME_A, uintptr(fd), uintptr(unsafe.Pointer(rsa)), uintptr(unsafe.Pointer(addrlen)))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(path, attr)
-}
-
-func error_Removexattr(path string, attr string) (err error) {
-	err = ENOSYS
 	return
 }
 
@@ -437,12 +176,10 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RECVFROM_A<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall6(SYS___RECVFROM_A, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(flags), uintptr(unsafe.Pointer(from)), uintptr(unsafe.Pointer(fromlen)))
 	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -456,11 +193,9 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SENDTO_A<<4, uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall6(SYS___SENDTO_A, uintptr(s), uintptr(_p0), uintptr(len(buf)), uintptr(flags), uintptr(to), uintptr(addrlen))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -468,12 +203,10 @@ func sendto(s int, buf []byte, flags int, to unsafe.Pointer, addrlen _Socklen) (
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RECVMSG_A<<4, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS___RECVMSG_A, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
 	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -481,12 +214,10 @@ func recvmsg(s int, msg *Msghdr, flags int) (n int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SENDMSG_A<<4, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS___SENDMSG_A, uintptr(s), uintptr(unsafe.Pointer(msg)), uintptr(flags))
 	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -494,12 +225,10 @@ func sendmsg(s int, msg *Msghdr, flags int) (n int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (ret uintptr, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_MMAP<<4, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall6(SYS_MMAP, uintptr(addr), uintptr(length), uintptr(prot), uintptr(flag), uintptr(fd), uintptr(pos))
 	ret = uintptr(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -507,11 +236,9 @@ func mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos int64) (
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func munmap(addr uintptr, length uintptr) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_MUNMAP<<4, uintptr(addr), uintptr(length))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_MUNMAP, uintptr(addr), uintptr(length), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -519,11 +246,9 @@ func munmap(addr uintptr, length uintptr) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func ioctl(fd int, req int, arg uintptr) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_IOCTL<<4, uintptr(fd), uintptr(req), uintptr(arg))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -531,62 +256,9 @@ func ioctl(fd int, req int, arg uintptr) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func ioctlPtr(fd int, req int, arg unsafe.Pointer) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_IOCTL<<4, uintptr(fd), uintptr(req), uintptr(arg))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func shmat(id int, addr uintptr, flag int) (ret uintptr, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHMAT<<4, uintptr(id), uintptr(addr), uintptr(flag))
-	runtime.ExitSyscall()
-	ret = uintptr(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func shmctl(id int, cmd int, buf *SysvShmDesc) (result int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHMCTL64<<4, uintptr(id), uintptr(cmd), uintptr(unsafe.Pointer(buf)))
-	runtime.ExitSyscall()
-	result = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func shmdt(addr uintptr) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHMDT<<4, uintptr(addr))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func shmget(key int, size int, flag int) (id int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHMGET<<4, uintptr(key), uintptr(size), uintptr(flag))
-	runtime.ExitSyscall()
-	id = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_IOCTL, uintptr(fd), uintptr(req), uintptr(arg))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -599,11 +271,9 @@ func Access(path string, mode uint32) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___ACCESS_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___ACCESS_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -616,11 +286,9 @@ func Chdir(path string) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CHDIR_A<<4, uintptr(unsafe.Pointer(_p0)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___CHDIR_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -633,11 +301,9 @@ func Chown(path string, uid int, gid int) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CHOWN_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___CHOWN_A, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -650,11 +316,9 @@ func Chmod(path string, mode uint32) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CHMOD_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___CHMOD_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -667,12 +331,10 @@ func Creat(path string, mode uint32) (fd int, err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CREAT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS___CREAT_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
 	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -680,12 +342,10 @@ func Creat(path string, mode uint32) (fd int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Dup(oldfd int) (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_DUP<<4, uintptr(oldfd))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS_DUP, uintptr(oldfd), 0, 0)
 	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -693,2216 +353,617 @@ func Dup(oldfd int) (fd int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Dup2(oldfd int, newfd int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_DUP2<<4, uintptr(oldfd), uintptr(newfd))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_DUP2, uintptr(oldfd), uintptr(newfd), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Dup3(oldfd int, newfd int, flags int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_DUP3<<4, uintptr(oldfd), uintptr(newfd), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
+func Errno2() (er2 int) {
+	uer2, _, _ := syscall_syscall(SYS___ERRNO2, 0, 0, 0)
+	er2 = int(uer2)
 	return
 }
 
-//go:nosplit
-func get_Dup3Addr() *(func(oldfd int, newfd int, flags int) (err error))
-
-var Dup3 = enter_Dup3
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_Dup3(oldfd int, newfd int, flags int) (err error) {
-	funcref := get_Dup3Addr()
-	if funcptrtest(GetZosLibVec()+SYS_DUP3<<4, "") == 0 {
-		*funcref = impl_Dup3
-	} else {
-		*funcref = error_Dup3
-	}
-	return (*funcref)(oldfd, newfd, flags)
+func Err2ad() (eadd *int) {
+	ueadd, _, _ := syscall_syscall(SYS___ERR2AD, 0, 0, 0)
+	eadd = (*int)(unsafe.Pointer(ueadd))
+	return
 }
 
-func error_Dup3(oldfd int, newfd int, flags int) (err error) {
-	err = ENOSYS
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Exit(code int) {
+	syscall_syscall(SYS_EXIT, uintptr(code), 0, 0)
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Dirfd(dirp uintptr) (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_DIRFD<<4, uintptr(dirp))
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Fchdir(fd int) (err error) {
+	_, _, e1 := syscall_syscall(SYS_FCHDIR, uintptr(fd), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_DirfdAddr() *(func(dirp uintptr) (fd int, err error))
-
-var Dirfd = enter_Dirfd
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_Dirfd(dirp uintptr) (fd int, err error) {
-	funcref := get_DirfdAddr()
-	if funcptrtest(GetZosLibVec()+SYS_DIRFD<<4, "") == 0 {
-		*funcref = impl_Dirfd
-	} else {
-		*funcref = error_Dirfd
+func Fchmod(fd int, mode uint32) (err error) {
+	_, _, e1 := syscall_syscall(SYS_FCHMOD, uintptr(fd), uintptr(mode), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(dirp)
-}
-
-func error_Dirfd(dirp uintptr) (fd int, err error) {
-	fd = -1
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_EpollCreate(size int) (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_CREATE<<4, uintptr(size))
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Fchown(fd int, uid int, gid int) (err error) {
+	_, _, e1 := syscall_syscall(SYS_FCHOWN, uintptr(fd), uintptr(uid), uintptr(gid))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_EpollCreateAddr() *(func(size int) (fd int, err error))
-
-var EpollCreate = enter_EpollCreate
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_EpollCreate(size int) (fd int, err error) {
-	funcref := get_EpollCreateAddr()
-	if funcptrtest(GetZosLibVec()+SYS_EPOLL_CREATE<<4, "") == 0 {
-		*funcref = impl_EpollCreate
-	} else {
-		*funcref = error_EpollCreate
+func FcntlInt(fd uintptr, cmd int, arg int) (retval int, err error) {
+	r0, _, e1 := syscall_syscall(SYS_FCNTL, uintptr(fd), uintptr(cmd), uintptr(arg))
+	retval = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(size)
-}
-
-func error_EpollCreate(size int) (fd int, err error) {
-	fd = -1
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_EpollCreate1(flags int) (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_CREATE1<<4, uintptr(flags))
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func fstat(fd int, stat *Stat_LE_t) (err error) {
+	_, _, e1 := syscall_syscall(SYS_FSTAT, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_EpollCreate1Addr() *(func(flags int) (fd int, err error))
-
-var EpollCreate1 = enter_EpollCreate1
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_EpollCreate1(flags int) (fd int, err error) {
-	funcref := get_EpollCreate1Addr()
-	if funcptrtest(GetZosLibVec()+SYS_EPOLL_CREATE1<<4, "") == 0 {
-		*funcref = impl_EpollCreate1
-	} else {
-		*funcref = error_EpollCreate1
+func Fstatvfs(fd int, stat *Statvfs_t) (err error) {
+	_, _, e1 := syscall_syscall(SYS_FSTATVFS, uintptr(fd), uintptr(unsafe.Pointer(stat)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(flags)
-}
-
-func error_EpollCreate1(flags int) (fd int, err error) {
-	fd = -1
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_CTL<<4, uintptr(epfd), uintptr(op), uintptr(fd), uintptr(unsafe.Pointer(event)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Fsync(fd int) (err error) {
+	_, _, e1 := syscall_syscall(SYS_FSYNC, uintptr(fd), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_EpollCtlAddr() *(func(epfd int, op int, fd int, event *EpollEvent) (err error))
-
-var EpollCtl = enter_EpollCtl
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
-	funcref := get_EpollCtlAddr()
-	if funcptrtest(GetZosLibVec()+SYS_EPOLL_CTL<<4, "") == 0 {
-		*funcref = impl_EpollCtl
-	} else {
-		*funcref = error_EpollCtl
+func Ftruncate(fd int, length int64) (err error) {
+	_, _, e1 := syscall_syscall(SYS_FTRUNCATE, uintptr(fd), uintptr(length), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(epfd, op, fd, event)
+	return
 }
 
-func error_EpollCtl(epfd int, op int, fd int, event *EpollEvent) (err error) {
-	err = ENOSYS
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Getpagesize() (pgsize int) {
+	r0, _, _ := syscall_syscall(SYS_GETPAGESIZE, 0, 0, 0)
+	pgsize = int(r0)
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_EpollPwait(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error) {
+func Mprotect(b []byte, prot int) (err error) {
 	var _p0 unsafe.Pointer
-	if len(events) > 0 {
-		_p0 = unsafe.Pointer(&events[0])
+	if len(b) > 0 {
+		_p0 = unsafe.Pointer(&b[0])
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_PWAIT<<4, uintptr(epfd), uintptr(_p0), uintptr(len(events)), uintptr(msec), uintptr(unsafe.Pointer(sigmask)))
-	runtime.ExitSyscall()
-	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_MPROTECT, uintptr(_p0), uintptr(len(b)), uintptr(prot))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_EpollPwaitAddr() *(func(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error))
-
-var EpollPwait = enter_EpollPwait
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_EpollPwait(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error) {
-	funcref := get_EpollPwaitAddr()
-	if funcptrtest(GetZosLibVec()+SYS_EPOLL_PWAIT<<4, "") == 0 {
-		*funcref = impl_EpollPwait
+func Msync(b []byte, flags int) (err error) {
+	var _p0 unsafe.Pointer
+	if len(b) > 0 {
+		_p0 = unsafe.Pointer(&b[0])
 	} else {
-		*funcref = error_EpollPwait
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	_, _, e1 := syscall_syscall(SYS_MSYNC, uintptr(_p0), uintptr(len(b)), uintptr(flags))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(epfd, events, msec, sigmask)
-}
-
-func error_EpollPwait(epfd int, events []EpollEvent, msec int, sigmask *int) (n int, err error) {
-	n = -1
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
+func Poll(fds []PollFd, timeout int) (n int, err error) {
 	var _p0 unsafe.Pointer
-	if len(events) > 0 {
-		_p0 = unsafe.Pointer(&events[0])
+	if len(fds) > 0 {
+		_p0 = unsafe.Pointer(&fds[0])
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EPOLL_WAIT<<4, uintptr(epfd), uintptr(_p0), uintptr(len(events)), uintptr(msec))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS_POLL, uintptr(_p0), uintptr(len(fds)), uintptr(timeout))
 	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_EpollWaitAddr() *(func(epfd int, events []EpollEvent, msec int) (n int, err error))
-
-var EpollWait = enter_EpollWait
-
-func enter_EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
-	funcref := get_EpollWaitAddr()
-	if funcptrtest(GetZosLibVec()+SYS_EPOLL_WAIT<<4, "") == 0 {
-		*funcref = impl_EpollWait
-	} else {
-		*funcref = error_EpollWait
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(epfd, events, msec)
-}
-
-func error_EpollWait(epfd int, events []EpollEvent, msec int) (n int, err error) {
-	n = -1
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Errno2() (er2 int) {
-	runtime.EnterSyscall()
-	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS___ERRNO2<<4)
-	runtime.ExitSyscall()
-	er2 = int(r0)
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Eventfd(initval uint, flags int) (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_EVENTFD<<4, uintptr(initval), uintptr(flags))
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Times(tms *Tms) (ticks uintptr, err error) {
+	r0, _, e1 := syscall_syscall(SYS_TIMES, uintptr(unsafe.Pointer(tms)), 0, 0)
+	ticks = uintptr(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_EventfdAddr() *(func(initval uint, flags int) (fd int, err error))
-
-var Eventfd = enter_Eventfd
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_Eventfd(initval uint, flags int) (fd int, err error) {
-	funcref := get_EventfdAddr()
-	if funcptrtest(GetZosLibVec()+SYS_EVENTFD<<4, "") == 0 {
-		*funcref = impl_Eventfd
-	} else {
-		*funcref = error_Eventfd
+func W_Getmntent(buff *byte, size int) (lastsys int, err error) {
+	r0, _, e1 := syscall_syscall(SYS_W_GETMNTENT, uintptr(unsafe.Pointer(buff)), uintptr(size), 0)
+	lastsys = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(initval, flags)
-}
-
-func error_Eventfd(initval uint, flags int) (fd int, err error) {
-	fd = -1
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Exit(code int) {
-	runtime.EnterSyscall()
-	CallLeFuncWithErr(GetZosLibVec()+SYS_EXIT<<4, uintptr(code))
-	runtime.ExitSyscall()
+func W_Getmntent_A(buff *byte, size int) (lastsys int, err error) {
+	r0, _, e1 := syscall_syscall(SYS___W_GETMNTENT_A, uintptr(unsafe.Pointer(buff)), uintptr(size), 0)
+	lastsys = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
+func mount_LE(path string, filesystem string, fstype string, mtm uint32, parmlen int32, parm string) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FACCESSAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	var _p1 *byte
+	_p1, err = BytePtrFromString(filesystem)
+	if err != nil {
+		return
+	}
+	var _p2 *byte
+	_p2, err = BytePtrFromString(fstype)
+	if err != nil {
+		return
+	}
+	var _p3 *byte
+	_p3, err = BytePtrFromString(parm)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall6(SYS___MOUNT_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(_p2)), uintptr(mtm), uintptr(parmlen), uintptr(unsafe.Pointer(_p3)))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_FaccessatAddr() *(func(dirfd int, path string, mode uint32, flags int) (err error))
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-var Faccessat = enter_Faccessat
-
-func enter_Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
-	funcref := get_FaccessatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___FACCESSAT_A<<4, "") == 0 {
-		*funcref = impl_Faccessat
-	} else {
-		*funcref = error_Faccessat
-	}
-	return (*funcref)(dirfd, path, mode, flags)
-}
-
-func error_Faccessat(dirfd int, path string, mode uint32, flags int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchdir(fd int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCHDIR<<4, uintptr(fd))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchmod(fd int, mode uint32) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCHMOD<<4, uintptr(fd), uintptr(mode))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FCHMODAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FchmodatAddr() *(func(dirfd int, path string, mode uint32, flags int) (err error))
-
-var Fchmodat = enter_Fchmodat
-
-func enter_Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
-	funcref := get_FchmodatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___FCHMODAT_A<<4, "") == 0 {
-		*funcref = impl_Fchmodat
-	} else {
-		*funcref = error_Fchmodat
-	}
-	return (*funcref)(dirfd, path, mode, flags)
-}
-
-func error_Fchmodat(dirfd int, path string, mode uint32, flags int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fchown(fd int, uid int, gid int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCHOWN<<4, uintptr(fd), uintptr(uid), uintptr(gid))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Fchownat(fd int, path string, uid int, gid int, flags int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FCHOWNAT_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FchownatAddr() *(func(fd int, path string, uid int, gid int, flags int) (err error))
-
-var Fchownat = enter_Fchownat
-
-func enter_Fchownat(fd int, path string, uid int, gid int, flags int) (err error) {
-	funcref := get_FchownatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___FCHOWNAT_A<<4, "") == 0 {
-		*funcref = impl_Fchownat
-	} else {
-		*funcref = error_Fchownat
-	}
-	return (*funcref)(fd, path, uid, gid, flags)
-}
-
-func error_Fchownat(fd int, path string, uid int, gid int, flags int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func FcntlInt(fd uintptr, cmd int, arg int) (retval int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FCNTL<<4, uintptr(fd), uintptr(cmd), uintptr(arg))
-	runtime.ExitSyscall()
-	retval = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Fdatasync(fd int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FDATASYNC<<4, uintptr(fd))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FdatasyncAddr() *(func(fd int) (err error))
-
-var Fdatasync = enter_Fdatasync
-
-func enter_Fdatasync(fd int) (err error) {
-	funcref := get_FdatasyncAddr()
-	if funcptrtest(GetZosLibVec()+SYS_FDATASYNC<<4, "") == 0 {
-		*funcref = impl_Fdatasync
-	} else {
-		*funcref = error_Fdatasync
-	}
-	return (*funcref)(fd)
-}
-
-func error_Fdatasync(fd int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func fstat(fd int, stat *Stat_LE_t) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FSTAT<<4, uintptr(fd), uintptr(unsafe.Pointer(stat)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_fstatat(dirfd int, path string, stat *Stat_LE_t, flags int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FSTATAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_fstatatAddr() *(func(dirfd int, path string, stat *Stat_LE_t, flags int) (err error))
-
-var fstatat = enter_fstatat
-
-func enter_fstatat(dirfd int, path string, stat *Stat_LE_t, flags int) (err error) {
-	funcref := get_fstatatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___FSTATAT_A<<4, "") == 0 {
-		*funcref = impl_fstatat
-	} else {
-		*funcref = error_fstatat
-	}
-	return (*funcref)(dirfd, path, stat, flags)
-}
-
-func error_fstatat(dirfd int, path string, stat *Stat_LE_t, flags int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Lgetxattr(link string, attr string, dest []byte) (sz int, err error) {
+func unmount(filesystem string, mtm int) (err error) {
 	var _p0 *byte
-	_p0, err = BytePtrFromString(link)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(attr)
+	_p0, err = BytePtrFromString(filesystem)
 	if err != nil {
 		return
 	}
-	var _p2 unsafe.Pointer
-	if len(dest) > 0 {
-		_p2 = unsafe.Pointer(&dest[0])
-	} else {
-		_p2 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LGETXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(_p2), uintptr(len(dest)))
-	runtime.ExitSyscall()
-	sz = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___UMOUNT_A, uintptr(unsafe.Pointer(_p0)), uintptr(mtm), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_LgetxattrAddr() *(func(link string, attr string, dest []byte) (sz int, err error))
-
-var Lgetxattr = enter_Lgetxattr
-
-func enter_Lgetxattr(link string, attr string, dest []byte) (sz int, err error) {
-	funcref := get_LgetxattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___LGETXATTR_A<<4, "") == 0 {
-		*funcref = impl_Lgetxattr
-	} else {
-		*funcref = error_Lgetxattr
-	}
-	return (*funcref)(link, attr, dest)
-}
-
-func error_Lgetxattr(link string, attr string, dest []byte) (sz int, err error) {
-	sz = -1
-	err = ENOSYS
-	return
-}
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Lsetxattr(path string, attr string, data []byte, flags int) (err error) {
+func Chroot(path string) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(attr)
-	if err != nil {
-		return
-	}
-	var _p2 unsafe.Pointer
-	if len(data) > 0 {
-		_p2 = unsafe.Pointer(&data[0])
-	} else {
-		_p2 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LSETXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(_p2), uintptr(len(data)), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_LsetxattrAddr() *(func(path string, attr string, data []byte, flags int) (err error))
-
-var Lsetxattr = enter_Lsetxattr
-
-func enter_Lsetxattr(path string, attr string, data []byte, flags int) (err error) {
-	funcref := get_LsetxattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___LSETXATTR_A<<4, "") == 0 {
-		*funcref = impl_Lsetxattr
-	} else {
-		*funcref = error_Lsetxattr
-	}
-	return (*funcref)(path, attr, data, flags)
-}
-
-func error_Lsetxattr(path string, attr string, data []byte, flags int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Fstatfs(fd int, buf *Statfs_t) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FSTATFS<<4, uintptr(fd), uintptr(unsafe.Pointer(buf)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FstatfsAddr() *(func(fd int, buf *Statfs_t) (err error))
-
-var Fstatfs = enter_Fstatfs
-
-func enter_Fstatfs(fd int, buf *Statfs_t) (err error) {
-	funcref := get_FstatfsAddr()
-	if funcptrtest(GetZosLibVec()+SYS_FSTATFS<<4, "") == 0 {
-		*funcref = impl_Fstatfs
-	} else {
-		*funcref = error_Fstatfs
-	}
-	return (*funcref)(fd, buf)
-}
-
-func error_Fstatfs(fd int, buf *Statfs_t) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Fstatvfs(fd int, stat *Statvfs_t) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FSTATVFS<<4, uintptr(fd), uintptr(unsafe.Pointer(stat)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___CHROOT_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Fsync(fd int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FSYNC<<4, uintptr(fd))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Uname(buf *Utsname) (err error) {
+	_, _, e1 := syscall_rawsyscall(SYS___UNAME_A, uintptr(unsafe.Pointer(buf)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Futimes(fd int, tv []Timeval) (err error) {
+func Gethostname(buf []byte) (err error) {
 	var _p0 unsafe.Pointer
-	if len(tv) > 0 {
-		_p0 = unsafe.Pointer(&tv[0])
+	if len(buf) > 0 {
+		_p0 = unsafe.Pointer(&buf[0])
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FUTIMES<<4, uintptr(fd), uintptr(_p0), uintptr(len(tv)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FutimesAddr() *(func(fd int, tv []Timeval) (err error))
-
-var Futimes = enter_Futimes
-
-func enter_Futimes(fd int, tv []Timeval) (err error) {
-	funcref := get_FutimesAddr()
-	if funcptrtest(GetZosLibVec()+SYS_FUTIMES<<4, "") == 0 {
-		*funcref = impl_Futimes
-	} else {
-		*funcref = error_Futimes
+	_, _, e1 := syscall_syscall(SYS___GETHOSTNAME_A, uintptr(_p0), uintptr(len(buf)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(fd, tv)
-}
-
-func error_Futimes(fd int, tv []Timeval) (err error) {
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Futimesat(dirfd int, path string, tv []Timeval) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 unsafe.Pointer
-	if len(tv) > 0 {
-		_p1 = unsafe.Pointer(&tv[0])
-	} else {
-		_p1 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___FUTIMESAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(tv)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_FutimesatAddr() *(func(dirfd int, path string, tv []Timeval) (err error))
-
-var Futimesat = enter_Futimesat
-
-func enter_Futimesat(dirfd int, path string, tv []Timeval) (err error) {
-	funcref := get_FutimesatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___FUTIMESAT_A<<4, "") == 0 {
-		*funcref = impl_Futimesat
-	} else {
-		*funcref = error_Futimesat
-	}
-	return (*funcref)(dirfd, path, tv)
-}
-
-func error_Futimesat(dirfd int, path string, tv []Timeval) (err error) {
-	err = ENOSYS
+func Getegid() (egid int) {
+	r0, _, _ := syscall_rawsyscall(SYS_GETEGID, 0, 0, 0)
+	egid = int(r0)
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Ftruncate(fd int, length int64) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_FTRUNCATE<<4, uintptr(fd), uintptr(length))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
+func Geteuid() (uid int) {
+	r0, _, _ := syscall_rawsyscall(SYS_GETEUID, 0, 0, 0)
+	uid = int(r0)
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Getrandom(buf []byte, flags int) (n int, err error) {
-	var _p0 unsafe.Pointer
-	if len(buf) > 0 {
-		_p0 = unsafe.Pointer(&buf[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETRANDOM<<4, uintptr(_p0), uintptr(len(buf)), uintptr(flags))
-	runtime.ExitSyscall()
-	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_GetrandomAddr() *(func(buf []byte, flags int) (n int, err error))
-
-var Getrandom = enter_Getrandom
-
-func enter_Getrandom(buf []byte, flags int) (n int, err error) {
-	funcref := get_GetrandomAddr()
-	if funcptrtest(GetZosLibVec()+SYS_GETRANDOM<<4, "") == 0 {
-		*funcref = impl_Getrandom
-	} else {
-		*funcref = error_Getrandom
-	}
-	return (*funcref)(buf, flags)
-}
-
-func error_Getrandom(buf []byte, flags int) (n int, err error) {
-	n = -1
-	err = ENOSYS
+func Getgid() (gid int) {
+	r0, _, _ := syscall_rawsyscall(SYS_GETGID, 0, 0, 0)
+	gid = int(r0)
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_InotifyInit() (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec() + SYS_INOTIFY_INIT<<4)
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_InotifyInitAddr() *(func() (fd int, err error))
-
-var InotifyInit = enter_InotifyInit
-
-func enter_InotifyInit() (fd int, err error) {
-	funcref := get_InotifyInitAddr()
-	if funcptrtest(GetZosLibVec()+SYS_INOTIFY_INIT<<4, "") == 0 {
-		*funcref = impl_InotifyInit
-	} else {
-		*funcref = error_InotifyInit
-	}
-	return (*funcref)()
-}
-
-func error_InotifyInit() (fd int, err error) {
-	fd = -1
-	err = ENOSYS
+func Getpid() (pid int) {
+	r0, _, _ := syscall_rawsyscall(SYS_GETPID, 0, 0, 0)
+	pid = int(r0)
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_InotifyInit1(flags int) (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_INOTIFY_INIT1<<4, uintptr(flags))
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Getpgid(pid int) (pgid int, err error) {
+	r0, _, e1 := syscall_rawsyscall(SYS_GETPGID, uintptr(pid), 0, 0)
+	pgid = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_InotifyInit1Addr() *(func(flags int) (fd int, err error))
-
-var InotifyInit1 = enter_InotifyInit1
-
-func enter_InotifyInit1(flags int) (fd int, err error) {
-	funcref := get_InotifyInit1Addr()
-	if funcptrtest(GetZosLibVec()+SYS_INOTIFY_INIT1<<4, "") == 0 {
-		*funcref = impl_InotifyInit1
-	} else {
-		*funcref = error_InotifyInit1
-	}
-	return (*funcref)(flags)
-}
-
-func error_InotifyInit1(flags int) (fd int, err error) {
-	fd = -1
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_InotifyAddWatch(fd int, pathname string, mask uint32) (watchdesc int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(pathname)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___INOTIFY_ADD_WATCH_A<<4, uintptr(fd), uintptr(unsafe.Pointer(_p0)), uintptr(mask))
-	runtime.ExitSyscall()
-	watchdesc = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_InotifyAddWatchAddr() *(func(fd int, pathname string, mask uint32) (watchdesc int, err error))
-
-var InotifyAddWatch = enter_InotifyAddWatch
-
-func enter_InotifyAddWatch(fd int, pathname string, mask uint32) (watchdesc int, err error) {
-	funcref := get_InotifyAddWatchAddr()
-	if funcptrtest(GetZosLibVec()+SYS___INOTIFY_ADD_WATCH_A<<4, "") == 0 {
-		*funcref = impl_InotifyAddWatch
-	} else {
-		*funcref = error_InotifyAddWatch
-	}
-	return (*funcref)(fd, pathname, mask)
-}
-
-func error_InotifyAddWatch(fd int, pathname string, mask uint32) (watchdesc int, err error) {
-	watchdesc = -1
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_InotifyRmWatch(fd int, watchdesc uint32) (success int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_INOTIFY_RM_WATCH<<4, uintptr(fd), uintptr(watchdesc))
-	runtime.ExitSyscall()
-	success = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_InotifyRmWatchAddr() *(func(fd int, watchdesc uint32) (success int, err error))
-
-var InotifyRmWatch = enter_InotifyRmWatch
-
-func enter_InotifyRmWatch(fd int, watchdesc uint32) (success int, err error) {
-	funcref := get_InotifyRmWatchAddr()
-	if funcptrtest(GetZosLibVec()+SYS_INOTIFY_RM_WATCH<<4, "") == 0 {
-		*funcref = impl_InotifyRmWatch
-	} else {
-		*funcref = error_InotifyRmWatch
-	}
-	return (*funcref)(fd, watchdesc)
-}
-
-func error_InotifyRmWatch(fd int, watchdesc uint32) (success int, err error) {
-	success = -1
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Listxattr(path string, dest []byte) (sz int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 unsafe.Pointer
-	if len(dest) > 0 {
-		_p1 = unsafe.Pointer(&dest[0])
-	} else {
-		_p1 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LISTXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(dest)))
-	runtime.ExitSyscall()
-	sz = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_ListxattrAddr() *(func(path string, dest []byte) (sz int, err error))
-
-var Listxattr = enter_Listxattr
-
-func enter_Listxattr(path string, dest []byte) (sz int, err error) {
-	funcref := get_ListxattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___LISTXATTR_A<<4, "") == 0 {
-		*funcref = impl_Listxattr
-	} else {
-		*funcref = error_Listxattr
-	}
-	return (*funcref)(path, dest)
-}
-
-func error_Listxattr(path string, dest []byte) (sz int, err error) {
-	sz = -1
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Llistxattr(path string, dest []byte) (sz int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 unsafe.Pointer
-	if len(dest) > 0 {
-		_p1 = unsafe.Pointer(&dest[0])
-	} else {
-		_p1 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LLISTXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(dest)))
-	runtime.ExitSyscall()
-	sz = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_LlistxattrAddr() *(func(path string, dest []byte) (sz int, err error))
-
-var Llistxattr = enter_Llistxattr
-
-func enter_Llistxattr(path string, dest []byte) (sz int, err error) {
-	funcref := get_LlistxattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___LLISTXATTR_A<<4, "") == 0 {
-		*funcref = impl_Llistxattr
-	} else {
-		*funcref = error_Llistxattr
-	}
-	return (*funcref)(path, dest)
-}
-
-func error_Llistxattr(path string, dest []byte) (sz int, err error) {
-	sz = -1
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Lremovexattr(path string, attr string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(attr)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LREMOVEXATTR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_LremovexattrAddr() *(func(path string, attr string) (err error))
-
-var Lremovexattr = enter_Lremovexattr
-
-func enter_Lremovexattr(path string, attr string) (err error) {
-	funcref := get_LremovexattrAddr()
-	if funcptrtest(GetZosLibVec()+SYS___LREMOVEXATTR_A<<4, "") == 0 {
-		*funcref = impl_Lremovexattr
-	} else {
-		*funcref = error_Lremovexattr
-	}
-	return (*funcref)(path, attr)
-}
-
-func error_Lremovexattr(path string, attr string) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Lutimes(path string, tv []Timeval) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 unsafe.Pointer
-	if len(tv) > 0 {
-		_p1 = unsafe.Pointer(&tv[0])
-	} else {
-		_p1 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LUTIMES_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(tv)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_LutimesAddr() *(func(path string, tv []Timeval) (err error))
-
-var Lutimes = enter_Lutimes
-
-func enter_Lutimes(path string, tv []Timeval) (err error) {
-	funcref := get_LutimesAddr()
-	if funcptrtest(GetZosLibVec()+SYS___LUTIMES_A<<4, "") == 0 {
-		*funcref = impl_Lutimes
-	} else {
-		*funcref = error_Lutimes
-	}
-	return (*funcref)(path, tv)
-}
-
-func error_Lutimes(path string, tv []Timeval) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mprotect(b []byte, prot int) (err error) {
-	var _p0 unsafe.Pointer
-	if len(b) > 0 {
-		_p0 = unsafe.Pointer(&b[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_MPROTECT<<4, uintptr(_p0), uintptr(len(b)), uintptr(prot))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Msync(b []byte, flags int) (err error) {
-	var _p0 unsafe.Pointer
-	if len(b) > 0 {
-		_p0 = unsafe.Pointer(&b[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_MSYNC<<4, uintptr(_p0), uintptr(len(b)), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Console2(cmsg *ConsMsg2, modstr *byte, concmd *uint32) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CONSOLE2<<4, uintptr(unsafe.Pointer(cmsg)), uintptr(unsafe.Pointer(modstr)), uintptr(unsafe.Pointer(concmd)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Poll(fds []PollFd, timeout int) (n int, err error) {
-	var _p0 unsafe.Pointer
-	if len(fds) > 0 {
-		_p0 = unsafe.Pointer(&fds[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_POLL<<4, uintptr(_p0), uintptr(len(fds)), uintptr(timeout))
-	runtime.ExitSyscall()
-	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Readdir_r(dirp uintptr, entry *direntLE, result **direntLE) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___READDIR_R_A<<4, uintptr(dirp), uintptr(unsafe.Pointer(entry)), uintptr(unsafe.Pointer(result)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Statfs(path string, buf *Statfs_t) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___STATFS_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(buf)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_StatfsAddr() *(func(path string, buf *Statfs_t) (err error))
-
-var Statfs = enter_Statfs
-
-func enter_Statfs(path string, buf *Statfs_t) (err error) {
-	funcref := get_StatfsAddr()
-	if funcptrtest(GetZosLibVec()+SYS___STATFS_A<<4, "") == 0 {
-		*funcref = impl_Statfs
-	} else {
-		*funcref = error_Statfs
-	}
-	return (*funcref)(path, buf)
-}
-
-func error_Statfs(path string, buf *Statfs_t) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Syncfs(fd int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SYNCFS<<4, uintptr(fd))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_SyncfsAddr() *(func(fd int) (err error))
-
-var Syncfs = enter_Syncfs
-
-func enter_Syncfs(fd int) (err error) {
-	funcref := get_SyncfsAddr()
-	if funcptrtest(GetZosLibVec()+SYS_SYNCFS<<4, "") == 0 {
-		*funcref = impl_Syncfs
-	} else {
-		*funcref = error_Syncfs
-	}
-	return (*funcref)(fd)
-}
-
-func error_Syncfs(fd int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Times(tms *Tms) (ticks uintptr, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_TIMES<<4, uintptr(unsafe.Pointer(tms)))
-	runtime.ExitSyscall()
-	ticks = uintptr(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func W_Getmntent(buff *byte, size int) (lastsys int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_W_GETMNTENT<<4, uintptr(unsafe.Pointer(buff)), uintptr(size))
-	runtime.ExitSyscall()
-	lastsys = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func W_Getmntent_A(buff *byte, size int) (lastsys int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___W_GETMNTENT_A<<4, uintptr(unsafe.Pointer(buff)), uintptr(size))
-	runtime.ExitSyscall()
-	lastsys = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func mount_LE(path string, filesystem string, fstype string, mtm uint32, parmlen int32, parm string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(filesystem)
-	if err != nil {
-		return
-	}
-	var _p2 *byte
-	_p2, err = BytePtrFromString(fstype)
-	if err != nil {
-		return
-	}
-	var _p3 *byte
-	_p3, err = BytePtrFromString(parm)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MOUNT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), uintptr(unsafe.Pointer(_p2)), uintptr(mtm), uintptr(parmlen), uintptr(unsafe.Pointer(_p3)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func unmount_LE(filesystem string, mtm int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(filesystem)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UMOUNT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mtm))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Chroot(path string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___CHROOT_A<<4, uintptr(unsafe.Pointer(_p0)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Select(nmsgsfds int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (ret int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SELECT<<4, uintptr(nmsgsfds), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)))
-	runtime.ExitSyscall()
-	ret = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Uname(buf *Utsname) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_____OSNAME_A<<4, uintptr(unsafe.Pointer(buf)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Unshare(flags int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_UNSHARE<<4, uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_UnshareAddr() *(func(flags int) (err error))
-
-var Unshare = enter_Unshare
-
-func enter_Unshare(flags int) (err error) {
-	funcref := get_UnshareAddr()
-	if funcptrtest(GetZosLibVec()+SYS_UNSHARE<<4, "") == 0 {
-		*funcref = impl_Unshare
-	} else {
-		*funcref = error_Unshare
-	}
-	return (*funcref)(flags)
-}
-
-func error_Unshare(flags int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Gethostname(buf []byte) (err error) {
-	var _p0 unsafe.Pointer
-	if len(buf) > 0 {
-		_p0 = unsafe.Pointer(&buf[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___GETHOSTNAME_A<<4, uintptr(_p0), uintptr(len(buf)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getgid() (gid int) {
-	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETGID<<4)
-	gid = int(r0)
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpid() (pid int) {
-	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETPID<<4)
-	pid = int(r0)
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpgid(pid int) (pgid int, err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETPGID<<4, uintptr(pid))
-	pgid = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Getppid() (pid int) {
-	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETPPID<<4)
-	pid = int(r0)
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getpriority(which int, who int) (prio int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETPRIORITY<<4, uintptr(which), uintptr(who))
-	runtime.ExitSyscall()
-	prio = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getrlimit(resource int, rlim *Rlimit) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETRLIMIT<<4, uintptr(resource), uintptr(unsafe.Pointer(rlim)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func getrusage(who int, rusage *rusage_zos) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETRUSAGE<<4, uintptr(who), uintptr(unsafe.Pointer(rusage)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getegid() (egid int) {
-	runtime.EnterSyscall()
-	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETEGID<<4)
-	runtime.ExitSyscall()
-	egid = int(r0)
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Geteuid() (euid int) {
-	runtime.EnterSyscall()
-	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETEUID<<4)
-	runtime.ExitSyscall()
-	euid = int(r0)
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getsid(pid int) (sid int, err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETSID<<4, uintptr(pid))
-	sid = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Getuid() (uid int) {
-	r0, _, _ := CallLeFuncWithErr(GetZosLibVec() + SYS_GETUID<<4)
-	uid = int(r0)
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Kill(pid int, sig Signal) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_KILL<<4, uintptr(pid), uintptr(sig))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Lchown(path string, uid int, gid int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LCHOWN_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Link(path string, link string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(link)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LINK_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Linkat(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(oldPath)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(newPath)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LINKAT_A<<4, uintptr(oldDirFd), uintptr(unsafe.Pointer(_p0)), uintptr(newDirFd), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_LinkatAddr() *(func(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error))
-
-var Linkat = enter_Linkat
-
-func enter_Linkat(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error) {
-	funcref := get_LinkatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___LINKAT_A<<4, "") == 0 {
-		*funcref = impl_Linkat
-	} else {
-		*funcref = error_Linkat
-	}
-	return (*funcref)(oldDirFd, oldPath, newDirFd, newPath, flags)
-}
-
-func error_Linkat(oldDirFd int, oldPath string, newDirFd int, newPath string, flags int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Listen(s int, n int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_LISTEN<<4, uintptr(s), uintptr(n))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func lstat(path string, stat *Stat_LE_t) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___LSTAT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mkdir(path string, mode uint32) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKDIR_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Mkdirat(dirfd int, path string, mode uint32) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKDIRAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_MkdiratAddr() *(func(dirfd int, path string, mode uint32) (err error))
-
-var Mkdirat = enter_Mkdirat
-
-func enter_Mkdirat(dirfd int, path string, mode uint32) (err error) {
-	funcref := get_MkdiratAddr()
-	if funcptrtest(GetZosLibVec()+SYS___MKDIRAT_A<<4, "") == 0 {
-		*funcref = impl_Mkdirat
-	} else {
-		*funcref = error_Mkdirat
-	}
-	return (*funcref)(dirfd, path, mode)
-}
-
-func error_Mkdirat(dirfd int, path string, mode uint32) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mkfifo(path string, mode uint32) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKFIFO_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Mknod(path string, mode uint32, dev int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKNOD_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Mknodat(dirfd int, path string, mode uint32, dev int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___MKNODAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_MknodatAddr() *(func(dirfd int, path string, mode uint32, dev int) (err error))
-
-var Mknodat = enter_Mknodat
-
-func enter_Mknodat(dirfd int, path string, mode uint32, dev int) (err error) {
-	funcref := get_MknodatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___MKNODAT_A<<4, "") == 0 {
-		*funcref = impl_Mknodat
-	} else {
-		*funcref = error_Mknodat
-	}
-	return (*funcref)(dirfd, path, mode, dev)
-}
-
-func error_Mknodat(dirfd int, path string, mode uint32, dev int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_PivotRoot(newroot string, oldroot string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(newroot)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(oldroot)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___PIVOT_ROOT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_PivotRootAddr() *(func(newroot string, oldroot string) (err error))
-
-var PivotRoot = enter_PivotRoot
-
-func enter_PivotRoot(newroot string, oldroot string) (err error) {
-	funcref := get_PivotRootAddr()
-	if funcptrtest(GetZosLibVec()+SYS___PIVOT_ROOT_A<<4, "") == 0 {
-		*funcref = impl_PivotRoot
-	} else {
-		*funcref = error_PivotRoot
-	}
-	return (*funcref)(newroot, oldroot)
-}
-
-func error_PivotRoot(newroot string, oldroot string) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Pread(fd int, p []byte, offset int64) (n int, err error) {
-	var _p0 unsafe.Pointer
-	if len(p) > 0 {
-		_p0 = unsafe.Pointer(&p[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PREAD<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset))
-	runtime.ExitSyscall()
-	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
+	r0, _, _ := syscall_rawsyscall(SYS_GETPPID, 0, 0, 0)
+	pid = int(r0)
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
-	var _p0 unsafe.Pointer
-	if len(p) > 0 {
-		_p0 = unsafe.Pointer(&p[0])
-	} else {
-		_p0 = unsafe.Pointer(&_zero)
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PWRITE<<4, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset))
-	runtime.ExitSyscall()
-	n = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Getpriority(which int, who int) (prio int, err error) {
+	r0, _, e1 := syscall_syscall(SYS_GETPRIORITY, uintptr(which), uintptr(who), 0)
+	prio = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___PRCTL_A<<4, uintptr(option), uintptr(arg2), uintptr(arg3), uintptr(arg4), uintptr(arg5))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Getrlimit(resource int, rlim *Rlimit) (err error) {
+	_, _, e1 := syscall_rawsyscall(SYS_GETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(rlim)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_PrctlAddr() *(func(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error))
-
-var Prctl = enter_Prctl
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) {
-	funcref := get_PrctlAddr()
-	if funcptrtest(GetZosLibVec()+SYS___PRCTL_A<<4, "") == 0 {
-		*funcref = impl_Prctl
-	} else {
-		*funcref = error_Prctl
+func getrusage(who int, rusage *rusage_zos) (err error) {
+	_, _, e1 := syscall_rawsyscall(SYS_GETRUSAGE, uintptr(who), uintptr(unsafe.Pointer(rusage)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(option, arg2, arg3, arg4, arg5)
-}
-
-func error_Prctl(option int, arg2 uintptr, arg3 uintptr, arg4 uintptr, arg5 uintptr) (err error) {
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PRLIMIT<<4, uintptr(pid), uintptr(resource), uintptr(unsafe.Pointer(newlimit)), uintptr(unsafe.Pointer(old)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Getsid(pid int) (sid int, err error) {
+	r0, _, e1 := syscall_rawsyscall(SYS_GETSID, uintptr(pid), 0, 0)
+	sid = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_PrlimitAddr() *(func(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error))
-
-var Prlimit = enter_Prlimit
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) {
-	funcref := get_PrlimitAddr()
-	if funcptrtest(GetZosLibVec()+SYS_PRLIMIT<<4, "") == 0 {
-		*funcref = impl_Prlimit
-	} else {
-		*funcref = error_Prlimit
-	}
-	return (*funcref)(pid, resource, newlimit, old)
+func Getuid() (uid int) {
+	r0, _, _ := syscall_rawsyscall(SYS_GETUID, 0, 0, 0)
+	uid = int(r0)
+	return
 }
 
-func error_Prlimit(pid int, resource int, newlimit *Rlimit, old *Rlimit) (err error) {
-	err = ENOSYS
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Kill(pid int, sig Signal) (err error) {
+	_, _, e1 := syscall_rawsyscall(SYS_KILL, uintptr(pid), uintptr(sig), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Rename(from string, to string) (err error) {
+func Lchown(path string, uid int, gid int) (err error) {
 	var _p0 *byte
-	_p0, err = BytePtrFromString(from)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(to)
+	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RENAME_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___LCHOWN_A, uintptr(unsafe.Pointer(_p0)), uintptr(uid), uintptr(gid))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) {
+func Link(path string, link string) (err error) {
 	var _p0 *byte
-	_p0, err = BytePtrFromString(oldpath)
+	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
 	var _p1 *byte
-	_p1, err = BytePtrFromString(newpath)
+	_p1, err = BytePtrFromString(link)
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RENAMEAT_A<<4, uintptr(olddirfd), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___LINK_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_RenameatAddr() *(func(olddirfd int, oldpath string, newdirfd int, newpath string) (err error))
-
-var Renameat = enter_Renameat
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) {
-	funcref := get_RenameatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___RENAMEAT_A<<4, "") == 0 {
-		*funcref = impl_Renameat
-	} else {
-		*funcref = error_Renameat
+func Listen(s int, n int) (err error) {
+	_, _, e1 := syscall_syscall(SYS_LISTEN, uintptr(s), uintptr(n), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(olddirfd, oldpath, newdirfd, newpath)
-}
-
-func error_Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error) {
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error) {
+func lstat(path string, stat *Stat_LE_t) (err error) {
 	var _p0 *byte
-	_p0, err = BytePtrFromString(oldpath)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(newpath)
+	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RENAMEAT2_A<<4, uintptr(olddirfd), uintptr(unsafe.Pointer(_p0)), uintptr(newdirfd), uintptr(unsafe.Pointer(_p1)), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_Renameat2Addr() *(func(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error))
-
-var Renameat2 = enter_Renameat2
-
-func enter_Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error) {
-	funcref := get_Renameat2Addr()
-	if funcptrtest(GetZosLibVec()+SYS___RENAMEAT2_A<<4, "") == 0 {
-		*funcref = impl_Renameat2
-	} else {
-		*funcref = error_Renameat2
+	_, _, e1 := syscall_syscall(SYS___LSTAT_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(stat)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(olddirfd, oldpath, newdirfd, newpath, flags)
-}
-
-func error_Renameat2(olddirfd int, oldpath string, newdirfd int, newpath string, flags uint) (err error) {
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Rmdir(path string) (err error) {
+func Mkdir(path string, mode uint32) (err error) {
 	var _p0 *byte
 	_p0, err = BytePtrFromString(path)
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___RMDIR_A<<4, uintptr(unsafe.Pointer(_p0)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___MKDIR_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Seek(fd int, offset int64, whence int) (off int64, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_LSEEK<<4, uintptr(fd), uintptr(offset), uintptr(whence))
-	runtime.ExitSyscall()
-	off = int64(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Mkfifo(path string, mode uint32) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall(SYS___MKFIFO_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Setegid(egid int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETEGID<<4, uintptr(egid))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Mknod(path string, mode uint32, dev int) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall(SYS___MKNOD_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(dev))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Seteuid(euid int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETEUID<<4, uintptr(euid))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Pread(fd int, p []byte, offset int64) (n int, err error) {
+	var _p0 unsafe.Pointer
+	if len(p) > 0 {
+		_p0 = unsafe.Pointer(&p[0])
+	} else {
+		_p0 = unsafe.Pointer(&_zero)
+	}
+	r0, _, e1 := syscall_syscall6(SYS_PREAD, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Sethostname(p []byte) (err error) {
+func Pwrite(fd int, p []byte, offset int64) (n int, err error) {
 	var _p0 unsafe.Pointer
 	if len(p) > 0 {
 		_p0 = unsafe.Pointer(&p[0])
 	} else {
 		_p0 = unsafe.Pointer(&_zero)
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SETHOSTNAME_A<<4, uintptr(_p0), uintptr(len(p)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	r0, _, e1 := syscall_syscall6(SYS_PWRITE, uintptr(fd), uintptr(_p0), uintptr(len(p)), uintptr(offset), 0, 0)
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_SethostnameAddr() *(func(p []byte) (err error))
-
-var Sethostname = enter_Sethostname
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_Sethostname(p []byte) (err error) {
-	funcref := get_SethostnameAddr()
-	if funcptrtest(GetZosLibVec()+SYS___SETHOSTNAME_A<<4, "") == 0 {
-		*funcref = impl_Sethostname
+func Readlink(path string, buf []byte) (n int, err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	var _p1 unsafe.Pointer
+	if len(buf) > 0 {
+		_p1 = unsafe.Pointer(&buf[0])
 	} else {
-		*funcref = error_Sethostname
+		_p1 = unsafe.Pointer(&_zero)
+	}
+	r0, _, e1 := syscall_syscall(SYS___READLINK_A, uintptr(unsafe.Pointer(_p0)), uintptr(_p1), uintptr(len(buf)))
+	n = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(p)
-}
-
-func error_Sethostname(p []byte) (err error) {
-	err = ENOSYS
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func impl_Setns(fd int, nstype int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETNS<<4, uintptr(fd), uintptr(nstype))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Rename(from string, to string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(from)
+	if err != nil {
+		return
+	}
+	var _p1 *byte
+	_p1, err = BytePtrFromString(to)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall(SYS___RENAME_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_SetnsAddr() *(func(fd int, nstype int) (err error))
-
-var Setns = enter_Setns
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func enter_Setns(fd int, nstype int) (err error) {
-	funcref := get_SetnsAddr()
-	if funcptrtest(GetZosLibVec()+SYS_SETNS<<4, "") == 0 {
-		*funcref = impl_Setns
-	} else {
-		*funcref = error_Setns
+func Rmdir(path string) (err error) {
+	var _p0 *byte
+	_p0, err = BytePtrFromString(path)
+	if err != nil {
+		return
+	}
+	_, _, e1 := syscall_syscall(SYS___RMDIR_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(fd, nstype)
+	return
 }
 
-func error_Setns(fd int, nstype int) (err error) {
-	err = ENOSYS
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func Seek(fd int, offset int64, whence int) (off int64, err error) {
+	r0, _, e1 := syscall_syscall(SYS_LSEEK, uintptr(fd), uintptr(offset), uintptr(whence))
+	off = int64(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
+	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setpriority(which int, who int, prio int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETPRIORITY<<4, uintptr(which), uintptr(who), uintptr(prio))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_SETPRIORITY, uintptr(which), uintptr(who), uintptr(prio))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2910,9 +971,9 @@ func Setpriority(which int, who int, prio int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setpgid(pid int, pgid int) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETPGID<<4, uintptr(pid), uintptr(pgid))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_rawsyscall(SYS_SETPGID, uintptr(pid), uintptr(pgid), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2920,9 +981,9 @@ func Setpgid(pid int, pgid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setrlimit(resource int, lim *Rlimit) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETRLIMIT<<4, uintptr(resource), uintptr(unsafe.Pointer(lim)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_rawsyscall(SYS_SETRLIMIT, uintptr(resource), uintptr(unsafe.Pointer(lim)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2930,9 +991,9 @@ func Setrlimit(resource int, lim *Rlimit) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setregid(rgid int, egid int) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETREGID<<4, uintptr(rgid), uintptr(egid))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_rawsyscall(SYS_SETREGID, uintptr(rgid), uintptr(egid), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2940,9 +1001,9 @@ func Setregid(rgid int, egid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setreuid(ruid int, euid int) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETREUID<<4, uintptr(ruid), uintptr(euid))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_rawsyscall(SYS_SETREUID, uintptr(ruid), uintptr(euid), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2950,10 +1011,10 @@ func Setreuid(ruid int, euid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setsid() (pid int, err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec() + SYS_SETSID<<4)
+	r0, _, e1 := syscall_rawsyscall(SYS_SETSID, 0, 0, 0)
 	pid = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2961,11 +1022,9 @@ func Setsid() (pid int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setuid(uid int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETUID<<4, uintptr(uid))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_SETUID, uintptr(uid), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2973,11 +1032,9 @@ func Setuid(uid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Setgid(uid int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SETGID<<4, uintptr(uid))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_SETGID, uintptr(uid), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -2985,11 +1042,9 @@ func Setgid(uid int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Shutdown(fd int, how int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_SHUTDOWN<<4, uintptr(fd), uintptr(how))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_SHUTDOWN, uintptr(fd), uintptr(how), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3002,11 +1057,9 @@ func stat(path string, statLE *Stat_LE_t) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___STAT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(statLE)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___STAT_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(statLE)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3024,63 +1077,17 @@ func Symlink(path string, link string) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SYMLINK_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Symlinkat(oldPath string, dirfd int, newPath string) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(oldPath)
-	if err != nil {
-		return
-	}
-	var _p1 *byte
-	_p1, err = BytePtrFromString(newPath)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___SYMLINKAT_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(dirfd), uintptr(unsafe.Pointer(_p1)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___SYMLINK_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(_p1)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
-//go:nosplit
-func get_SymlinkatAddr() *(func(oldPath string, dirfd int, newPath string) (err error))
-
-var Symlinkat = enter_Symlinkat
-
-func enter_Symlinkat(oldPath string, dirfd int, newPath string) (err error) {
-	funcref := get_SymlinkatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___SYMLINKAT_A<<4, "") == 0 {
-		*funcref = impl_Symlinkat
-	} else {
-		*funcref = error_Symlinkat
-	}
-	return (*funcref)(oldPath, dirfd, newPath)
-}
-
-func error_Symlinkat(oldPath string, dirfd int, newPath string) (err error) {
-	err = ENOSYS
-	return
-}
-
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Sync() {
-	runtime.EnterSyscall()
-	CallLeFuncWithErr(GetZosLibVec() + SYS_SYNC<<4)
-	runtime.ExitSyscall()
+	syscall_syscall(SYS_SYNC, 0, 0, 0)
 	return
 }
 
@@ -3092,11 +1099,9 @@ func Truncate(path string, length int64) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___TRUNCATE_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(length))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___TRUNCATE_A, uintptr(unsafe.Pointer(_p0)), uintptr(length), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3104,11 +1109,9 @@ func Truncate(path string, length int64) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Tcgetattr(fildes int, termptr *Termios) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_TCGETATTR<<4, uintptr(fildes), uintptr(unsafe.Pointer(termptr)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_TCGETATTR, uintptr(fildes), uintptr(unsafe.Pointer(termptr)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3116,11 +1119,9 @@ func Tcgetattr(fildes int, termptr *Termios) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Tcsetattr(fildes int, when int, termptr *Termios) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_TCSETATTR<<4, uintptr(fildes), uintptr(when), uintptr(unsafe.Pointer(termptr)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_TCSETATTR, uintptr(fildes), uintptr(when), uintptr(unsafe.Pointer(termptr)))
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3128,9 +1129,7 @@ func Tcsetattr(fildes int, when int, termptr *Termios) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func Umask(mask int) (oldmask int) {
-	runtime.EnterSyscall()
-	r0, _, _ := CallLeFuncWithErr(GetZosLibVec()+SYS_UMASK<<4, uintptr(mask))
-	runtime.ExitSyscall()
+	r0, _, _ := syscall_syscall(SYS_UMASK, uintptr(mask), 0, 0)
 	oldmask = int(r0)
 	return
 }
@@ -3143,49 +1142,10 @@ func Unlink(path string) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UNLINK_A<<4, uintptr(unsafe.Pointer(_p0)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_Unlinkat(dirfd int, path string, flags int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UNLINKAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_UnlinkatAddr() *(func(dirfd int, path string, flags int) (err error))
-
-var Unlinkat = enter_Unlinkat
-
-func enter_Unlinkat(dirfd int, path string, flags int) (err error) {
-	funcref := get_UnlinkatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___UNLINKAT_A<<4, "") == 0 {
-		*funcref = impl_Unlinkat
-	} else {
-		*funcref = error_Unlinkat
+	_, _, e1 := syscall_syscall(SYS___UNLINK_A, uintptr(unsafe.Pointer(_p0)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(dirfd, path, flags)
-}
-
-func error_Unlinkat(dirfd int, path string, flags int) (err error) {
-	err = ENOSYS
 	return
 }
 
@@ -3197,11 +1157,9 @@ func Utime(path string, utim *Utimbuf) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UTIME_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(utim)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___UTIME_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(utim)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3214,91 +1172,11 @@ func open(path string, mode int, perm uint32) (fd int, err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___OPEN_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___OPENAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(flags), uintptr(mode))
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_openatAddr() *(func(dirfd int, path string, flags int, mode uint32) (fd int, err error))
-
-var openat = enter_openat
-
-func enter_openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) {
-	funcref := get_openatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___OPENAT_A<<4, "") == 0 {
-		*funcref = impl_openat
-	} else {
-		*funcref = error_openat
-	}
-	return (*funcref)(dirfd, path, flags, mode)
-}
-
-func error_openat(dirfd int, path string, flags int, mode uint32) (fd int, err error) {
-	fd = -1
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_openat2(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___OPENAT2_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(open_how)), uintptr(size))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS___OPEN_A, uintptr(unsafe.Pointer(_p0)), uintptr(mode), uintptr(perm))
 	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_openat2Addr() *(func(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error))
-
-var openat2 = enter_openat2
-
-func enter_openat2(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error) {
-	funcref := get_openat2Addr()
-	if funcptrtest(GetZosLibVec()+SYS___OPENAT2_A<<4, "") == 0 {
-		*funcref = impl_openat2
-	} else {
-		*funcref = error_openat2
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
-	return (*funcref)(dirfd, path, open_how, size)
-}
-
-func error_openat2(dirfd int, path string, open_how *OpenHow, size int) (fd int, err error) {
-	fd = -1
-	err = ENOSYS
 	return
 }
 
@@ -3310,23 +1188,9 @@ func remove(path string) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_REMOVE<<4, uintptr(unsafe.Pointer(_p0)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func waitid(idType int, id int, info *Siginfo, options int) (err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_WAITID<<4, uintptr(idType), uintptr(id), uintptr(unsafe.Pointer(info)), uintptr(options))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS_REMOVE, uintptr(unsafe.Pointer(_p0)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3334,12 +1198,10 @@ func waitid(idType int, id int, info *Siginfo, options int) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func waitpid(pid int, wstatus *_C_int, options int) (wpid int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_WAITPID<<4, uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options))
-	runtime.ExitSyscall()
+	r0, _, e1 := syscall_syscall(SYS_WAITPID, uintptr(pid), uintptr(unsafe.Pointer(wstatus)), uintptr(options))
 	wpid = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3347,9 +1209,9 @@ func waitpid(pid int, wstatus *_C_int, options int) (wpid int, err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func gettimeofday(tv *timeval_zos) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GETTIMEOFDAY<<4, uintptr(unsafe.Pointer(tv)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_rawsyscall(SYS_GETTIMEOFDAY, uintptr(unsafe.Pointer(tv)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3357,9 +1219,9 @@ func gettimeofday(tv *timeval_zos) (err error) {
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
 func pipe(p *[2]_C_int) (err error) {
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_PIPE<<4, uintptr(unsafe.Pointer(p)))
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_rawsyscall(SYS_PIPE, uintptr(unsafe.Pointer(p)), 0, 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
@@ -3372,87 +1234,20 @@ func utimes(path string, timeval *[2]Timeval) (err error) {
 	if err != nil {
 		return
 	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UTIMES_A<<4, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func impl_utimensat(dirfd int, path string, ts *[2]Timespec, flags int) (err error) {
-	var _p0 *byte
-	_p0, err = BytePtrFromString(path)
-	if err != nil {
-		return
-	}
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS___UTIMENSAT_A<<4, uintptr(dirfd), uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(ts)), uintptr(flags))
-	runtime.ExitSyscall()
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-//go:nosplit
-func get_utimensatAddr() *(func(dirfd int, path string, ts *[2]Timespec, flags int) (err error))
-
-var utimensat = enter_utimensat
-
-func enter_utimensat(dirfd int, path string, ts *[2]Timespec, flags int) (err error) {
-	funcref := get_utimensatAddr()
-	if funcptrtest(GetZosLibVec()+SYS___UTIMENSAT_A<<4, "") == 0 {
-		*funcref = impl_utimensat
-	} else {
-		*funcref = error_utimensat
-	}
-	return (*funcref)(dirfd, path, ts, flags)
-}
-
-func error_utimensat(dirfd int, path string, ts *[2]Timespec, flags int) (err error) {
-	err = ENOSYS
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Posix_openpt(oflag int) (fd int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_POSIX_OPENPT<<4, uintptr(oflag))
-	runtime.ExitSyscall()
-	fd = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+	_, _, e1 := syscall_syscall(SYS___UTIMES_A, uintptr(unsafe.Pointer(_p0)), uintptr(unsafe.Pointer(timeval)), 0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
 
 // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
 
-func Grantpt(fildes int) (rc int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_GRANTPT<<4, uintptr(fildes))
-	runtime.ExitSyscall()
-	rc = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
-	}
-	return
-}
-
-// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
-
-func Unlockpt(fildes int) (rc int, err error) {
-	runtime.EnterSyscall()
-	r0, e2, e1 := CallLeFuncWithErr(GetZosLibVec()+SYS_UNLOCKPT<<4, uintptr(fildes))
-	runtime.ExitSyscall()
-	rc = int(r0)
-	if int64(r0) == -1 {
-		err = errnoErr2(e1, e2)
+func Select(nmsgsfds int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (ret int, err error) {
+	r0, _, e1 := syscall_syscall6(SYS_SELECT, uintptr(nmsgsfds), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
+	ret = int(r0)
+	if e1 != 0 {
+		err = errnoErr(e1)
 	}
 	return
 }
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
index 524b0820c..0cc3ce496 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go
@@ -452,10 +452,4 @@ const (
 	SYS_FUTEX_WAKE                   = 454
 	SYS_FUTEX_WAIT                   = 455
 	SYS_FUTEX_REQUEUE                = 456
-	SYS_STATMOUNT                    = 457
-	SYS_LISTMOUNT                    = 458
-	SYS_LSM_GET_SELF_ATTR            = 459
-	SYS_LSM_SET_SELF_ATTR            = 460
-	SYS_LSM_LIST_MODULES             = 461
-	SYS_MSEAL                        = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
index f485dbf45..856d92d69 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go
@@ -341,7 +341,6 @@ const (
 	SYS_STATX                   = 332
 	SYS_IO_PGETEVENTS           = 333
 	SYS_RSEQ                    = 334
-	SYS_URETPROBE               = 335
 	SYS_PIDFD_SEND_SIGNAL       = 424
 	SYS_IO_URING_SETUP          = 425
 	SYS_IO_URING_ENTER          = 426
@@ -375,10 +374,4 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
-	SYS_STATMOUNT               = 457
-	SYS_LISTMOUNT               = 458
-	SYS_LSM_GET_SELF_ATTR       = 459
-	SYS_LSM_SET_SELF_ATTR       = 460
-	SYS_LSM_LIST_MODULES        = 461
-	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
index 70b35bf3b..8d467094c 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go
@@ -416,10 +416,4 @@ const (
 	SYS_FUTEX_WAKE                   = 454
 	SYS_FUTEX_WAIT                   = 455
 	SYS_FUTEX_REQUEUE                = 456
-	SYS_STATMOUNT                    = 457
-	SYS_LISTMOUNT                    = 458
-	SYS_LSM_GET_SELF_ATTR            = 459
-	SYS_LSM_SET_SELF_ATTR            = 460
-	SYS_LSM_LIST_MODULES             = 461
-	SYS_MSEAL                        = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
index 1893e2fe8..edc173244 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go
@@ -85,7 +85,7 @@ const (
 	SYS_SPLICE                  = 76
 	SYS_TEE                     = 77
 	SYS_READLINKAT              = 78
-	SYS_NEWFSTATAT              = 79
+	SYS_FSTATAT                 = 79
 	SYS_FSTAT                   = 80
 	SYS_SYNC                    = 81
 	SYS_FSYNC                   = 82
@@ -319,10 +319,4 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
-	SYS_STATMOUNT               = 457
-	SYS_LISTMOUNT               = 458
-	SYS_LSM_GET_SELF_ATTR       = 459
-	SYS_LSM_SET_SELF_ATTR       = 460
-	SYS_LSM_LIST_MODULES        = 461
-	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
index 16a4017da..445eba206 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go
@@ -84,8 +84,6 @@ const (
 	SYS_SPLICE                  = 76
 	SYS_TEE                     = 77
 	SYS_READLINKAT              = 78
-	SYS_NEWFSTATAT              = 79
-	SYS_FSTAT                   = 80
 	SYS_SYNC                    = 81
 	SYS_FSYNC                   = 82
 	SYS_FDATASYNC               = 83
@@ -315,10 +313,4 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
-	SYS_STATMOUNT               = 457
-	SYS_LISTMOUNT               = 458
-	SYS_LSM_GET_SELF_ATTR       = 459
-	SYS_LSM_SET_SELF_ATTR       = 460
-	SYS_LSM_LIST_MODULES        = 461
-	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
index 7e567f1ef..adba01bca 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go
@@ -436,10 +436,4 @@ const (
 	SYS_FUTEX_WAKE                   = 4454
 	SYS_FUTEX_WAIT                   = 4455
 	SYS_FUTEX_REQUEUE                = 4456
-	SYS_STATMOUNT                    = 4457
-	SYS_LISTMOUNT                    = 4458
-	SYS_LSM_GET_SELF_ATTR            = 4459
-	SYS_LSM_SET_SELF_ATTR            = 4460
-	SYS_LSM_LIST_MODULES             = 4461
-	SYS_MSEAL                        = 4462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
index 38ae55e5e..014c4e9c7 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go
@@ -366,10 +366,4 @@ const (
 	SYS_FUTEX_WAKE              = 5454
 	SYS_FUTEX_WAIT              = 5455
 	SYS_FUTEX_REQUEUE           = 5456
-	SYS_STATMOUNT               = 5457
-	SYS_LISTMOUNT               = 5458
-	SYS_LSM_GET_SELF_ATTR       = 5459
-	SYS_LSM_SET_SELF_ATTR       = 5460
-	SYS_LSM_LIST_MODULES        = 5461
-	SYS_MSEAL                   = 5462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
index 55e92e60a..ccc97d74d 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go
@@ -366,10 +366,4 @@ const (
 	SYS_FUTEX_WAKE              = 5454
 	SYS_FUTEX_WAIT              = 5455
 	SYS_FUTEX_REQUEUE           = 5456
-	SYS_STATMOUNT               = 5457
-	SYS_LISTMOUNT               = 5458
-	SYS_LSM_GET_SELF_ATTR       = 5459
-	SYS_LSM_SET_SELF_ATTR       = 5460
-	SYS_LSM_LIST_MODULES        = 5461
-	SYS_MSEAL                   = 5462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
index 60658d6a0..ec2b64a95 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go
@@ -436,10 +436,4 @@ const (
 	SYS_FUTEX_WAKE                   = 4454
 	SYS_FUTEX_WAIT                   = 4455
 	SYS_FUTEX_REQUEUE                = 4456
-	SYS_STATMOUNT                    = 4457
-	SYS_LISTMOUNT                    = 4458
-	SYS_LSM_GET_SELF_ATTR            = 4459
-	SYS_LSM_SET_SELF_ATTR            = 4460
-	SYS_LSM_LIST_MODULES             = 4461
-	SYS_MSEAL                        = 4462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
index e203e8a7e..21a839e33 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go
@@ -443,10 +443,4 @@ const (
 	SYS_FUTEX_WAKE                   = 454
 	SYS_FUTEX_WAIT                   = 455
 	SYS_FUTEX_REQUEUE                = 456
-	SYS_STATMOUNT                    = 457
-	SYS_LISTMOUNT                    = 458
-	SYS_LSM_GET_SELF_ATTR            = 459
-	SYS_LSM_SET_SELF_ATTR            = 460
-	SYS_LSM_LIST_MODULES             = 461
-	SYS_MSEAL                        = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
index 5944b97d5..c11121ec3 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go
@@ -415,10 +415,4 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
-	SYS_STATMOUNT               = 457
-	SYS_LISTMOUNT               = 458
-	SYS_LSM_GET_SELF_ATTR       = 459
-	SYS_LSM_SET_SELF_ATTR       = 460
-	SYS_LSM_LIST_MODULES        = 461
-	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
index c66d416da..909b631fc 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go
@@ -415,10 +415,4 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
-	SYS_STATMOUNT               = 457
-	SYS_LISTMOUNT               = 458
-	SYS_LSM_GET_SELF_ATTR       = 459
-	SYS_LSM_SET_SELF_ATTR       = 460
-	SYS_LSM_LIST_MODULES        = 461
-	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
index a5459e766..e49bed16e 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go
@@ -84,7 +84,7 @@ const (
 	SYS_SPLICE                  = 76
 	SYS_TEE                     = 77
 	SYS_READLINKAT              = 78
-	SYS_NEWFSTATAT              = 79
+	SYS_FSTATAT                 = 79
 	SYS_FSTAT                   = 80
 	SYS_SYNC                    = 81
 	SYS_FSYNC                   = 82
@@ -320,10 +320,4 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
-	SYS_STATMOUNT               = 457
-	SYS_LISTMOUNT               = 458
-	SYS_LSM_GET_SELF_ATTR       = 459
-	SYS_LSM_SET_SELF_ATTR       = 460
-	SYS_LSM_LIST_MODULES        = 461
-	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
index 01d86825b..66017d2d3 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go
@@ -381,10 +381,4 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
-	SYS_STATMOUNT               = 457
-	SYS_LISTMOUNT               = 458
-	SYS_LSM_GET_SELF_ATTR       = 459
-	SYS_LSM_SET_SELF_ATTR       = 460
-	SYS_LSM_LIST_MODULES        = 461
-	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
index 7b703e77c..47bab18dc 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go
@@ -394,10 +394,4 @@ const (
 	SYS_FUTEX_WAKE              = 454
 	SYS_FUTEX_WAIT              = 455
 	SYS_FUTEX_REQUEUE           = 456
-	SYS_STATMOUNT               = 457
-	SYS_LISTMOUNT               = 458
-	SYS_LSM_GET_SELF_ATTR       = 459
-	SYS_LSM_SET_SELF_ATTR       = 460
-	SYS_LSM_LIST_MODULES        = 461
-	SYS_MSEAL                   = 462
 )
diff --git a/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
index 5e8c263ca..b2e308581 100644
--- a/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/zsysnum_zos_s390x.go
@@ -1,2852 +1,2669 @@
-// go run mksyscall_zos_s390x.go -o_sysnum zsysnum_zos_s390x.go -o_syscall zsyscall_zos_s390x.go -i_syscall syscall_zos_s390x.go -o_asm zsymaddr_zos_s390x.s
-// Code generated by the command above; see README.md. DO NOT EDIT.
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
 
 //go:build zos && s390x
 
 package unix
 
-const (
-	SYS_LOG                             = 0x17  // 23
-	SYS_COSH                            = 0x18  // 24
-	SYS_TANH                            = 0x19  // 25
-	SYS_EXP                             = 0x1A  // 26
-	SYS_MODF                            = 0x1B  // 27
-	SYS_LOG10                           = 0x1C  // 28
-	SYS_FREXP                           = 0x1D  // 29
-	SYS_LDEXP                           = 0x1E  // 30
-	SYS_CEIL                            = 0x1F  // 31
-	SYS_POW                             = 0x20  // 32
-	SYS_SQRT                            = 0x21  // 33
-	SYS_FLOOR                           = 0x22  // 34
-	SYS_J1                              = 0x23  // 35
-	SYS_FABS                            = 0x24  // 36
-	SYS_FMOD                            = 0x25  // 37
-	SYS_J0                              = 0x26  // 38
-	SYS_YN                              = 0x27  // 39
-	SYS_JN                              = 0x28  // 40
-	SYS_Y0                              = 0x29  // 41
-	SYS_Y1                              = 0x2A  // 42
-	SYS_HYPOT                           = 0x2B  // 43
-	SYS_ERF                             = 0x2C  // 44
-	SYS_ERFC                            = 0x2D  // 45
-	SYS_GAMMA                           = 0x2E  // 46
-	SYS_ISALPHA                         = 0x30  // 48
-	SYS_ISALNUM                         = 0x31  // 49
-	SYS_ISLOWER                         = 0x32  // 50
-	SYS_ISCNTRL                         = 0x33  // 51
-	SYS_ISDIGIT                         = 0x34  // 52
-	SYS_ISGRAPH                         = 0x35  // 53
-	SYS_ISUPPER                         = 0x36  // 54
-	SYS_ISPRINT                         = 0x37  // 55
-	SYS_ISPUNCT                         = 0x38  // 56
-	SYS_ISSPACE                         = 0x39  // 57
-	SYS_SETLOCAL                        = 0x3A  // 58
-	SYS_SETLOCALE                       = 0x3A  // 58
-	SYS_ISXDIGIT                        = 0x3B  // 59
-	SYS_TOLOWER                         = 0x3C  // 60
-	SYS_TOUPPER                         = 0x3D  // 61
-	SYS_ASIN                            = 0x3E  // 62
-	SYS_SIN                             = 0x3F  // 63
-	SYS_COS                             = 0x40  // 64
-	SYS_TAN                             = 0x41  // 65
-	SYS_SINH                            = 0x42  // 66
-	SYS_ACOS                            = 0x43  // 67
-	SYS_ATAN                            = 0x44  // 68
-	SYS_ATAN2                           = 0x45  // 69
-	SYS_FTELL                           = 0x46  // 70
-	SYS_FGETPOS                         = 0x47  // 71
-	SYS_FSEEK                           = 0x48  // 72
-	SYS_FSETPOS                         = 0x49  // 73
-	SYS_FERROR                          = 0x4A  // 74
-	SYS_REWIND                          = 0x4B  // 75
-	SYS_CLEARERR                        = 0x4C  // 76
-	SYS_FEOF                            = 0x4D  // 77
-	SYS_ATOL                            = 0x4E  // 78
-	SYS_PERROR                          = 0x4F  // 79
-	SYS_ATOF                            = 0x50  // 80
-	SYS_ATOI                            = 0x51  // 81
-	SYS_RAND                            = 0x52  // 82
-	SYS_STRTOD                          = 0x53  // 83
-	SYS_STRTOL                          = 0x54  // 84
-	SYS_STRTOUL                         = 0x55  // 85
-	SYS_MALLOC                          = 0x56  // 86
-	SYS_SRAND                           = 0x57  // 87
-	SYS_CALLOC                          = 0x58  // 88
-	SYS_FREE                            = 0x59  // 89
-	SYS_EXIT                            = 0x5A  // 90
-	SYS_REALLOC                         = 0x5B  // 91
-	SYS_ABORT                           = 0x5C  // 92
-	SYS___ABORT                         = 0x5C  // 92
-	SYS_ATEXIT                          = 0x5D  // 93
-	SYS_RAISE                           = 0x5E  // 94
-	SYS_SETJMP                          = 0x5F  // 95
-	SYS_LONGJMP                         = 0x60  // 96
-	SYS_SIGNAL                          = 0x61  // 97
-	SYS_TMPNAM                          = 0x62  // 98
-	SYS_REMOVE                          = 0x63  // 99
-	SYS_RENAME                          = 0x64  // 100
-	SYS_TMPFILE                         = 0x65  // 101
-	SYS_FREOPEN                         = 0x66  // 102
-	SYS_FCLOSE                          = 0x67  // 103
-	SYS_FFLUSH                          = 0x68  // 104
-	SYS_FOPEN                           = 0x69  // 105
-	SYS_FSCANF                          = 0x6A  // 106
-	SYS_SETBUF                          = 0x6B  // 107
-	SYS_SETVBUF                         = 0x6C  // 108
-	SYS_FPRINTF                         = 0x6D  // 109
-	SYS_SSCANF                          = 0x6E  // 110
-	SYS_PRINTF                          = 0x6F  // 111
-	SYS_SCANF                           = 0x70  // 112
-	SYS_SPRINTF                         = 0x71  // 113
-	SYS_FGETC                           = 0x72  // 114
-	SYS_VFPRINTF                        = 0x73  // 115
-	SYS_VPRINTF                         = 0x74  // 116
-	SYS_VSPRINTF                        = 0x75  // 117
-	SYS_GETC                            = 0x76  // 118
-	SYS_FGETS                           = 0x77  // 119
-	SYS_FPUTC                           = 0x78  // 120
-	SYS_FPUTS                           = 0x79  // 121
-	SYS_PUTCHAR                         = 0x7A  // 122
-	SYS_GETCHAR                         = 0x7B  // 123
-	SYS_GETS                            = 0x7C  // 124
-	SYS_PUTC                            = 0x7D  // 125
-	SYS_FWRITE                          = 0x7E  // 126
-	SYS_PUTS                            = 0x7F  // 127
-	SYS_UNGETC                          = 0x80  // 128
-	SYS_FREAD                           = 0x81  // 129
-	SYS_WCSTOMBS                        = 0x82  // 130
-	SYS_MBTOWC                          = 0x83  // 131
-	SYS_WCTOMB                          = 0x84  // 132
-	SYS_MBSTOWCS                        = 0x85  // 133
-	SYS_WCSCPY                          = 0x86  // 134
-	SYS_WCSCAT                          = 0x87  // 135
-	SYS_WCSCHR                          = 0x88  // 136
-	SYS_WCSCMP                          = 0x89  // 137
-	SYS_WCSNCMP                         = 0x8A  // 138
-	SYS_WCSCSPN                         = 0x8B  // 139
-	SYS_WCSLEN                          = 0x8C  // 140
-	SYS_WCSNCAT                         = 0x8D  // 141
-	SYS_WCSSPN                          = 0x8E  // 142
-	SYS_WCSNCPY                         = 0x8F  // 143
-	SYS_ABS                             = 0x90  // 144
-	SYS_DIV                             = 0x91  // 145
-	SYS_LABS                            = 0x92  // 146
-	SYS_STRNCPY                         = 0x93  // 147
-	SYS_MEMCPY                          = 0x94  // 148
-	SYS_MEMMOVE                         = 0x95  // 149
-	SYS_STRCPY                          = 0x96  // 150
-	SYS_STRCMP                          = 0x97  // 151
-	SYS_STRCAT                          = 0x98  // 152
-	SYS_STRNCAT                         = 0x99  // 153
-	SYS_MEMCMP                          = 0x9A  // 154
-	SYS_MEMCHR                          = 0x9B  // 155
-	SYS_STRCOLL                         = 0x9C  // 156
-	SYS_STRNCMP                         = 0x9D  // 157
-	SYS_STRXFRM                         = 0x9E  // 158
-	SYS_STRRCHR                         = 0x9F  // 159
-	SYS_STRCHR                          = 0xA0  // 160
-	SYS_STRCSPN                         = 0xA1  // 161
-	SYS_STRPBRK                         = 0xA2  // 162
-	SYS_MEMSET                          = 0xA3  // 163
-	SYS_STRSPN                          = 0xA4  // 164
-	SYS_STRSTR                          = 0xA5  // 165
-	SYS_STRTOK                          = 0xA6  // 166
-	SYS_DIFFTIME                        = 0xA7  // 167
-	SYS_STRERROR                        = 0xA8  // 168
-	SYS_STRLEN                          = 0xA9  // 169
-	SYS_CLOCK                           = 0xAA  // 170
-	SYS_CTIME                           = 0xAB  // 171
-	SYS_MKTIME                          = 0xAC  // 172
-	SYS_TIME                            = 0xAD  // 173
-	SYS_ASCTIME                         = 0xAE  // 174
-	SYS_MBLEN                           = 0xAF  // 175
-	SYS_GMTIME                          = 0xB0  // 176
-	SYS_LOCALTIM                        = 0xB1  // 177
-	SYS_LOCALTIME                       = 0xB1  // 177
-	SYS_STRFTIME                        = 0xB2  // 178
-	SYS___GETCB                         = 0xB4  // 180
-	SYS_FUPDATE                         = 0xB5  // 181
-	SYS___FUPDT                         = 0xB5  // 181
-	SYS_CLRMEMF                         = 0xBD  // 189
-	SYS___CLRMF                         = 0xBD  // 189
-	SYS_FETCHEP                         = 0xBF  // 191
-	SYS___FTCHEP                        = 0xBF  // 191
-	SYS_FLDATA                          = 0xC1  // 193
-	SYS___FLDATA                        = 0xC1  // 193
-	SYS_DYNFREE                         = 0xC2  // 194
-	SYS___DYNFRE                        = 0xC2  // 194
-	SYS_DYNALLOC                        = 0xC3  // 195
-	SYS___DYNALL                        = 0xC3  // 195
-	SYS___CDUMP                         = 0xC4  // 196
-	SYS_CSNAP                           = 0xC5  // 197
-	SYS___CSNAP                         = 0xC5  // 197
-	SYS_CTRACE                          = 0xC6  // 198
-	SYS___CTRACE                        = 0xC6  // 198
-	SYS___CTEST                         = 0xC7  // 199
-	SYS_SETENV                          = 0xC8  // 200
-	SYS___SETENV                        = 0xC8  // 200
-	SYS_CLEARENV                        = 0xC9  // 201
-	SYS___CLRENV                        = 0xC9  // 201
-	SYS___REGCOMP_STD                   = 0xEA  // 234
-	SYS_NL_LANGINFO                     = 0xFC  // 252
-	SYS_GETSYNTX                        = 0xFD  // 253
-	SYS_ISBLANK                         = 0xFE  // 254
-	SYS___ISBLNK                        = 0xFE  // 254
-	SYS_ISWALNUM                        = 0xFF  // 255
-	SYS_ISWALPHA                        = 0x100 // 256
-	SYS_ISWBLANK                        = 0x101 // 257
-	SYS___ISWBLK                        = 0x101 // 257
-	SYS_ISWCNTRL                        = 0x102 // 258
-	SYS_ISWDIGIT                        = 0x103 // 259
-	SYS_ISWGRAPH                        = 0x104 // 260
-	SYS_ISWLOWER                        = 0x105 // 261
-	SYS_ISWPRINT                        = 0x106 // 262
-	SYS_ISWPUNCT                        = 0x107 // 263
-	SYS_ISWSPACE                        = 0x108 // 264
-	SYS_ISWUPPER                        = 0x109 // 265
-	SYS_ISWXDIGI                        = 0x10A // 266
-	SYS_ISWXDIGIT                       = 0x10A // 266
-	SYS_WCTYPE                          = 0x10B // 267
-	SYS_ISWCTYPE                        = 0x10C // 268
-	SYS_TOWLOWER                        = 0x10D // 269
-	SYS_TOWUPPER                        = 0x10E // 270
-	SYS_MBSINIT                         = 0x10F // 271
-	SYS_WCTOB                           = 0x110 // 272
-	SYS_MBRLEN                          = 0x111 // 273
-	SYS_MBRTOWC                         = 0x112 // 274
-	SYS_MBSRTOWC                        = 0x113 // 275
-	SYS_MBSRTOWCS                       = 0x113 // 275
-	SYS_WCRTOMB                         = 0x114 // 276
-	SYS_WCSRTOMB                        = 0x115 // 277
-	SYS_WCSRTOMBS                       = 0x115 // 277
-	SYS___CSID                          = 0x116 // 278
-	SYS___WCSID                         = 0x117 // 279
-	SYS_STRPTIME                        = 0x118 // 280
-	SYS___STRPTM                        = 0x118 // 280
-	SYS_STRFMON                         = 0x119 // 281
-	SYS___RPMTCH                        = 0x11A // 282
-	SYS_WCSSTR                          = 0x11B // 283
-	SYS_WCSTOK                          = 0x12C // 300
-	SYS_WCSTOL                          = 0x12D // 301
-	SYS_WCSTOD                          = 0x12E // 302
-	SYS_WCSTOUL                         = 0x12F // 303
-	SYS_WCSCOLL                         = 0x130 // 304
-	SYS_WCSXFRM                         = 0x131 // 305
-	SYS_WCSWIDTH                        = 0x132 // 306
-	SYS_WCWIDTH                         = 0x133 // 307
-	SYS_WCSFTIME                        = 0x134 // 308
-	SYS_SWPRINTF                        = 0x135 // 309
-	SYS_VSWPRINT                        = 0x136 // 310
-	SYS_VSWPRINTF                       = 0x136 // 310
-	SYS_SWSCANF                         = 0x137 // 311
-	SYS_REGCOMP                         = 0x138 // 312
-	SYS_REGEXEC                         = 0x139 // 313
-	SYS_REGFREE                         = 0x13A // 314
-	SYS_REGERROR                        = 0x13B // 315
-	SYS_FGETWC                          = 0x13C // 316
-	SYS_FGETWS                          = 0x13D // 317
-	SYS_FPUTWC                          = 0x13E // 318
-	SYS_FPUTWS                          = 0x13F // 319
-	SYS_GETWC                           = 0x140 // 320
-	SYS_GETWCHAR                        = 0x141 // 321
-	SYS_PUTWC                           = 0x142 // 322
-	SYS_PUTWCHAR                        = 0x143 // 323
-	SYS_UNGETWC                         = 0x144 // 324
-	SYS_ICONV_OPEN                      = 0x145 // 325
-	SYS_ICONV                           = 0x146 // 326
-	SYS_ICONV_CLOSE                     = 0x147 // 327
-	SYS_ISMCCOLLEL                      = 0x14C // 332
-	SYS_STRTOCOLL                       = 0x14D // 333
-	SYS_COLLTOSTR                       = 0x14E // 334
-	SYS_COLLEQUIV                       = 0x14F // 335
-	SYS_COLLRANGE                       = 0x150 // 336
-	SYS_CCLASS                          = 0x151 // 337
-	SYS_COLLORDER                       = 0x152 // 338
-	SYS___DEMANGLE                      = 0x154 // 340
-	SYS_FDOPEN                          = 0x155 // 341
-	SYS___ERRNO                         = 0x156 // 342
-	SYS___ERRNO2                        = 0x157 // 343
-	SYS___TERROR                        = 0x158 // 344
-	SYS_MAXCOLL                         = 0x169 // 361
-	SYS_GETMCCOLL                       = 0x16A // 362
-	SYS_GETWMCCOLL                      = 0x16B // 363
-	SYS___ERR2AD                        = 0x16C // 364
-	SYS_DLLQUERYFN                      = 0x16D // 365
-	SYS_DLLQUERYVAR                     = 0x16E // 366
-	SYS_DLLFREE                         = 0x16F // 367
-	SYS_DLLLOAD                         = 0x170 // 368
-	SYS__EXIT                           = 0x174 // 372
-	SYS_ACCESS                          = 0x175 // 373
-	SYS_ALARM                           = 0x176 // 374
-	SYS_CFGETISPEED                     = 0x177 // 375
-	SYS_CFGETOSPEED                     = 0x178 // 376
-	SYS_CFSETISPEED                     = 0x179 // 377
-	SYS_CFSETOSPEED                     = 0x17A // 378
-	SYS_CHDIR                           = 0x17B // 379
-	SYS_CHMOD                           = 0x17C // 380
-	SYS_CHOWN                           = 0x17D // 381
-	SYS_CLOSE                           = 0x17E // 382
-	SYS_CLOSEDIR                        = 0x17F // 383
-	SYS_CREAT                           = 0x180 // 384
-	SYS_CTERMID                         = 0x181 // 385
-	SYS_DUP                             = 0x182 // 386
-	SYS_DUP2                            = 0x183 // 387
-	SYS_EXECL                           = 0x184 // 388
-	SYS_EXECLE                          = 0x185 // 389
-	SYS_EXECLP                          = 0x186 // 390
-	SYS_EXECV                           = 0x187 // 391
-	SYS_EXECVE                          = 0x188 // 392
-	SYS_EXECVP                          = 0x189 // 393
-	SYS_FCHMOD                          = 0x18A // 394
-	SYS_FCHOWN                          = 0x18B // 395
-	SYS_FCNTL                           = 0x18C // 396
-	SYS_FILENO                          = 0x18D // 397
-	SYS_FORK                            = 0x18E // 398
-	SYS_FPATHCONF                       = 0x18F // 399
-	SYS_FSTAT                           = 0x190 // 400
-	SYS_FSYNC                           = 0x191 // 401
-	SYS_FTRUNCATE                       = 0x192 // 402
-	SYS_GETCWD                          = 0x193 // 403
-	SYS_GETEGID                         = 0x194 // 404
-	SYS_GETEUID                         = 0x195 // 405
-	SYS_GETGID                          = 0x196 // 406
-	SYS_GETGRGID                        = 0x197 // 407
-	SYS_GETGRNAM                        = 0x198 // 408
-	SYS_GETGROUPS                       = 0x199 // 409
-	SYS_GETLOGIN                        = 0x19A // 410
-	SYS_W_GETMNTENT                     = 0x19B // 411
-	SYS_GETPGRP                         = 0x19C // 412
-	SYS_GETPID                          = 0x19D // 413
-	SYS_GETPPID                         = 0x19E // 414
-	SYS_GETPWNAM                        = 0x19F // 415
-	SYS_GETPWUID                        = 0x1A0 // 416
-	SYS_GETUID                          = 0x1A1 // 417
-	SYS_W_IOCTL                         = 0x1A2 // 418
-	SYS_ISATTY                          = 0x1A3 // 419
-	SYS_KILL                            = 0x1A4 // 420
-	SYS_LINK                            = 0x1A5 // 421
-	SYS_LSEEK                           = 0x1A6 // 422
-	SYS_LSTAT                           = 0x1A7 // 423
-	SYS_MKDIR                           = 0x1A8 // 424
-	SYS_MKFIFO                          = 0x1A9 // 425
-	SYS_MKNOD                           = 0x1AA // 426
-	SYS_MOUNT                           = 0x1AB // 427
-	SYS_OPEN                            = 0x1AC // 428
-	SYS_OPENDIR                         = 0x1AD // 429
-	SYS_PATHCONF                        = 0x1AE // 430
-	SYS_PAUSE                           = 0x1AF // 431
-	SYS_PIPE                            = 0x1B0 // 432
-	SYS_W_GETPSENT                      = 0x1B1 // 433
-	SYS_READ                            = 0x1B2 // 434
-	SYS_READDIR                         = 0x1B3 // 435
-	SYS_READLINK                        = 0x1B4 // 436
-	SYS_REWINDDIR                       = 0x1B5 // 437
-	SYS_RMDIR                           = 0x1B6 // 438
-	SYS_SETEGID                         = 0x1B7 // 439
-	SYS_SETEUID                         = 0x1B8 // 440
-	SYS_SETGID                          = 0x1B9 // 441
-	SYS_SETPGID                         = 0x1BA // 442
-	SYS_SETSID                          = 0x1BB // 443
-	SYS_SETUID                          = 0x1BC // 444
-	SYS_SIGACTION                       = 0x1BD // 445
-	SYS_SIGADDSET                       = 0x1BE // 446
-	SYS_SIGDELSET                       = 0x1BF // 447
-	SYS_SIGEMPTYSET                     = 0x1C0 // 448
-	SYS_SIGFILLSET                      = 0x1C1 // 449
-	SYS_SIGISMEMBER                     = 0x1C2 // 450
-	SYS_SIGLONGJMP                      = 0x1C3 // 451
-	SYS_SIGPENDING                      = 0x1C4 // 452
-	SYS_SIGPROCMASK                     = 0x1C5 // 453
-	SYS_SIGSETJMP                       = 0x1C6 // 454
-	SYS_SIGSUSPEND                      = 0x1C7 // 455
-	SYS_SLEEP                           = 0x1C8 // 456
-	SYS_STAT                            = 0x1C9 // 457
-	SYS_W_STATFS                        = 0x1CA // 458
-	SYS_SYMLINK                         = 0x1CB // 459
-	SYS_SYSCONF                         = 0x1CC // 460
-	SYS_TCDRAIN                         = 0x1CD // 461
-	SYS_TCFLOW                          = 0x1CE // 462
-	SYS_TCFLUSH                         = 0x1CF // 463
-	SYS_TCGETATTR                       = 0x1D0 // 464
-	SYS_TCGETPGRP                       = 0x1D1 // 465
-	SYS_TCSENDBREAK                     = 0x1D2 // 466
-	SYS_TCSETATTR                       = 0x1D3 // 467
-	SYS_TCSETPGRP                       = 0x1D4 // 468
-	SYS_TIMES                           = 0x1D5 // 469
-	SYS_TTYNAME                         = 0x1D6 // 470
-	SYS_TZSET                           = 0x1D7 // 471
-	SYS_UMASK                           = 0x1D8 // 472
-	SYS_UMOUNT                          = 0x1D9 // 473
-	SYS_UNAME                           = 0x1DA // 474
-	SYS_UNLINK                          = 0x1DB // 475
-	SYS_UTIME                           = 0x1DC // 476
-	SYS_WAIT                            = 0x1DD // 477
-	SYS_WAITPID                         = 0x1DE // 478
-	SYS_WRITE                           = 0x1DF // 479
-	SYS_CHAUDIT                         = 0x1E0 // 480
-	SYS_FCHAUDIT                        = 0x1E1 // 481
-	SYS_GETGROUPSBYNAME                 = 0x1E2 // 482
-	SYS_SIGWAIT                         = 0x1E3 // 483
-	SYS_PTHREAD_EXIT                    = 0x1E4 // 484
-	SYS_PTHREAD_KILL                    = 0x1E5 // 485
-	SYS_PTHREAD_ATTR_INIT               = 0x1E6 // 486
-	SYS_PTHREAD_ATTR_DESTROY            = 0x1E7 // 487
-	SYS_PTHREAD_ATTR_SETSTACKSIZE       = 0x1E8 // 488
-	SYS_PTHREAD_ATTR_GETSTACKSIZE       = 0x1E9 // 489
-	SYS_PTHREAD_ATTR_SETDETACHSTATE     = 0x1EA // 490
-	SYS_PTHREAD_ATTR_GETDETACHSTATE     = 0x1EB // 491
-	SYS_PTHREAD_ATTR_SETWEIGHT_NP       = 0x1EC // 492
-	SYS_PTHREAD_ATTR_GETWEIGHT_NP       = 0x1ED // 493
-	SYS_PTHREAD_CANCEL                  = 0x1EE // 494
-	SYS_PTHREAD_CLEANUP_PUSH            = 0x1EF // 495
-	SYS_PTHREAD_CLEANUP_POP             = 0x1F0 // 496
-	SYS_PTHREAD_CONDATTR_INIT           = 0x1F1 // 497
-	SYS_PTHREAD_CONDATTR_DESTROY        = 0x1F2 // 498
-	SYS_PTHREAD_COND_INIT               = 0x1F3 // 499
-	SYS_PTHREAD_COND_DESTROY            = 0x1F4 // 500
-	SYS_PTHREAD_COND_SIGNAL             = 0x1F5 // 501
-	SYS_PTHREAD_COND_BROADCAST          = 0x1F6 // 502
-	SYS_PTHREAD_COND_WAIT               = 0x1F7 // 503
-	SYS_PTHREAD_COND_TIMEDWAIT          = 0x1F8 // 504
-	SYS_PTHREAD_CREATE                  = 0x1F9 // 505
-	SYS_PTHREAD_DETACH                  = 0x1FA // 506
-	SYS_PTHREAD_EQUAL                   = 0x1FB // 507
-	SYS_PTHREAD_GETSPECIFIC             = 0x1FC // 508
-	SYS_PTHREAD_JOIN                    = 0x1FD // 509
-	SYS_PTHREAD_KEY_CREATE              = 0x1FE // 510
-	SYS_PTHREAD_MUTEXATTR_INIT          = 0x1FF // 511
-	SYS_PTHREAD_MUTEXATTR_DESTROY       = 0x200 // 512
-	SYS_PTHREAD_MUTEXATTR_SETKIND_NP    = 0x201 // 513
-	SYS_PTHREAD_MUTEXATTR_GETKIND_NP    = 0x202 // 514
-	SYS_PTHREAD_MUTEX_INIT              = 0x203 // 515
-	SYS_PTHREAD_MUTEX_DESTROY           = 0x204 // 516
-	SYS_PTHREAD_MUTEX_LOCK              = 0x205 // 517
-	SYS_PTHREAD_MUTEX_TRYLOCK           = 0x206 // 518
-	SYS_PTHREAD_MUTEX_UNLOCK            = 0x207 // 519
-	SYS_PTHREAD_ONCE                    = 0x209 // 521
-	SYS_PTHREAD_SELF                    = 0x20A // 522
-	SYS_PTHREAD_SETINTR                 = 0x20B // 523
-	SYS_PTHREAD_SETINTRTYPE             = 0x20C // 524
-	SYS_PTHREAD_SETSPECIFIC             = 0x20D // 525
-	SYS_PTHREAD_TESTINTR                = 0x20E // 526
-	SYS_PTHREAD_YIELD                   = 0x20F // 527
-	SYS_TW_OPEN                         = 0x210 // 528
-	SYS_TW_FCNTL                        = 0x211 // 529
-	SYS_PTHREAD_JOIN_D4_NP              = 0x212 // 530
-	SYS_PTHREAD_CONDATTR_SETKIND_NP     = 0x213 // 531
-	SYS_PTHREAD_CONDATTR_GETKIND_NP     = 0x214 // 532
-	SYS_EXTLINK_NP                      = 0x215 // 533
-	SYS___PASSWD                        = 0x216 // 534
-	SYS_SETGROUPS                       = 0x217 // 535
-	SYS_INITGROUPS                      = 0x218 // 536
-	SYS_WCSPBRK                         = 0x23F // 575
-	SYS_WCSRCHR                         = 0x240 // 576
-	SYS_SVC99                           = 0x241 // 577
-	SYS___SVC99                         = 0x241 // 577
-	SYS_WCSWCS                          = 0x242 // 578
-	SYS_LOCALECO                        = 0x243 // 579
-	SYS_LOCALECONV                      = 0x243 // 579
-	SYS___LIBREL                        = 0x244 // 580
-	SYS_RELEASE                         = 0x245 // 581
-	SYS___RLSE                          = 0x245 // 581
-	SYS_FLOCATE                         = 0x246 // 582
-	SYS___FLOCT                         = 0x246 // 582
-	SYS_FDELREC                         = 0x247 // 583
-	SYS___FDLREC                        = 0x247 // 583
-	SYS_FETCH                           = 0x248 // 584
-	SYS___FETCH                         = 0x248 // 584
-	SYS_QSORT                           = 0x249 // 585
-	SYS_GETENV                          = 0x24A // 586
-	SYS_SYSTEM                          = 0x24B // 587
-	SYS_BSEARCH                         = 0x24C // 588
-	SYS_LDIV                            = 0x24D // 589
-	SYS___THROW                         = 0x25E // 606
-	SYS___RETHROW                       = 0x25F // 607
-	SYS___CLEANUPCATCH                  = 0x260 // 608
-	SYS___CATCHMATCH                    = 0x261 // 609
-	SYS___CLEAN2UPCATCH                 = 0x262 // 610
-	SYS_PUTENV                          = 0x26A // 618
-	SYS___GETENV                        = 0x26F // 623
-	SYS_GETPRIORITY                     = 0x270 // 624
-	SYS_NICE                            = 0x271 // 625
-	SYS_SETPRIORITY                     = 0x272 // 626
-	SYS_GETITIMER                       = 0x273 // 627
-	SYS_SETITIMER                       = 0x274 // 628
-	SYS_MSGCTL                          = 0x275 // 629
-	SYS_MSGGET                          = 0x276 // 630
-	SYS_MSGRCV                          = 0x277 // 631
-	SYS_MSGSND                          = 0x278 // 632
-	SYS_MSGXRCV                         = 0x279 // 633
-	SYS___MSGXR                         = 0x279 // 633
-	SYS_SEMCTL                          = 0x27A // 634
-	SYS_SEMGET                          = 0x27B // 635
-	SYS_SEMOP                           = 0x27C // 636
-	SYS_SHMAT                           = 0x27D // 637
-	SYS_SHMCTL                          = 0x27E // 638
-	SYS_SHMDT                           = 0x27F // 639
-	SYS_SHMGET                          = 0x280 // 640
-	SYS___GETIPC                        = 0x281 // 641
-	SYS_SETGRENT                        = 0x282 // 642
-	SYS_GETGRENT                        = 0x283 // 643
-	SYS_ENDGRENT                        = 0x284 // 644
-	SYS_SETPWENT                        = 0x285 // 645
-	SYS_GETPWENT                        = 0x286 // 646
-	SYS_ENDPWENT                        = 0x287 // 647
-	SYS_BSD_SIGNAL                      = 0x288 // 648
-	SYS_KILLPG                          = 0x289 // 649
-	SYS_SIGALTSTACK                     = 0x28A // 650
-	SYS_SIGHOLD                         = 0x28B // 651
-	SYS_SIGIGNORE                       = 0x28C // 652
-	SYS_SIGINTERRUPT                    = 0x28D // 653
-	SYS_SIGPAUSE                        = 0x28E // 654
-	SYS_SIGRELSE                        = 0x28F // 655
-	SYS_SIGSET                          = 0x290 // 656
-	SYS_SIGSTACK                        = 0x291 // 657
-	SYS_GETRLIMIT                       = 0x292 // 658
-	SYS_SETRLIMIT                       = 0x293 // 659
-	SYS_GETRUSAGE                       = 0x294 // 660
-	SYS_MMAP                            = 0x295 // 661
-	SYS_MPROTECT                        = 0x296 // 662
-	SYS_MSYNC                           = 0x297 // 663
-	SYS_MUNMAP                          = 0x298 // 664
-	SYS_CONFSTR                         = 0x299 // 665
-	SYS_GETOPT                          = 0x29A // 666
-	SYS_LCHOWN                          = 0x29B // 667
-	SYS_TRUNCATE                        = 0x29C // 668
-	SYS_GETSUBOPT                       = 0x29D // 669
-	SYS_SETPGRP                         = 0x29E // 670
-	SYS___GDERR                         = 0x29F // 671
-	SYS___TZONE                         = 0x2A0 // 672
-	SYS___DLGHT                         = 0x2A1 // 673
-	SYS___OPARGF                        = 0x2A2 // 674
-	SYS___OPOPTF                        = 0x2A3 // 675
-	SYS___OPINDF                        = 0x2A4 // 676
-	SYS___OPERRF                        = 0x2A5 // 677
-	SYS_GETDATE                         = 0x2A6 // 678
-	SYS_WAIT3                           = 0x2A7 // 679
-	SYS_WAITID                          = 0x2A8 // 680
-	SYS___CATTRM                        = 0x2A9 // 681
-	SYS___GDTRM                         = 0x2AA // 682
-	SYS___RNDTRM                        = 0x2AB // 683
-	SYS_CRYPT                           = 0x2AC // 684
-	SYS_ENCRYPT                         = 0x2AD // 685
-	SYS_SETKEY                          = 0x2AE // 686
-	SYS___CNVBLK                        = 0x2AF // 687
-	SYS___CRYTRM                        = 0x2B0 // 688
-	SYS___ECRTRM                        = 0x2B1 // 689
-	SYS_DRAND48                         = 0x2B2 // 690
-	SYS_ERAND48                         = 0x2B3 // 691
-	SYS_FSTATVFS                        = 0x2B4 // 692
-	SYS_STATVFS                         = 0x2B5 // 693
-	SYS_CATCLOSE                        = 0x2B6 // 694
-	SYS_CATGETS                         = 0x2B7 // 695
-	SYS_CATOPEN                         = 0x2B8 // 696
-	SYS_BCMP                            = 0x2B9 // 697
-	SYS_BCOPY                           = 0x2BA // 698
-	SYS_BZERO                           = 0x2BB // 699
-	SYS_FFS                             = 0x2BC // 700
-	SYS_INDEX                           = 0x2BD // 701
-	SYS_RINDEX                          = 0x2BE // 702
-	SYS_STRCASECMP                      = 0x2BF // 703
-	SYS_STRDUP                          = 0x2C0 // 704
-	SYS_STRNCASECMP                     = 0x2C1 // 705
-	SYS_INITSTATE                       = 0x2C2 // 706
-	SYS_SETSTATE                        = 0x2C3 // 707
-	SYS_RANDOM                          = 0x2C4 // 708
-	SYS_SRANDOM                         = 0x2C5 // 709
-	SYS_HCREATE                         = 0x2C6 // 710
-	SYS_HDESTROY                        = 0x2C7 // 711
-	SYS_HSEARCH                         = 0x2C8 // 712
-	SYS_LFIND                           = 0x2C9 // 713
-	SYS_LSEARCH                         = 0x2CA // 714
-	SYS_TDELETE                         = 0x2CB // 715
-	SYS_TFIND                           = 0x2CC // 716
-	SYS_TSEARCH                         = 0x2CD // 717
-	SYS_TWALK                           = 0x2CE // 718
-	SYS_INSQUE                          = 0x2CF // 719
-	SYS_REMQUE                          = 0x2D0 // 720
-	SYS_POPEN                           = 0x2D1 // 721
-	SYS_PCLOSE                          = 0x2D2 // 722
-	SYS_SWAB                            = 0x2D3 // 723
-	SYS_MEMCCPY                         = 0x2D4 // 724
-	SYS_GETPAGESIZE                     = 0x2D8 // 728
-	SYS_FCHDIR                          = 0x2D9 // 729
-	SYS___OCLCK                         = 0x2DA // 730
-	SYS___ATOE                          = 0x2DB // 731
-	SYS___ATOE_L                        = 0x2DC // 732
-	SYS___ETOA                          = 0x2DD // 733
-	SYS___ETOA_L                        = 0x2DE // 734
-	SYS_SETUTXENT                       = 0x2DF // 735
-	SYS_GETUTXENT                       = 0x2E0 // 736
-	SYS_ENDUTXENT                       = 0x2E1 // 737
-	SYS_GETUTXID                        = 0x2E2 // 738
-	SYS_GETUTXLINE                      = 0x2E3 // 739
-	SYS_PUTUTXLINE                      = 0x2E4 // 740
-	SYS_FMTMSG                          = 0x2E5 // 741
-	SYS_JRAND48                         = 0x2E6 // 742
-	SYS_LRAND48                         = 0x2E7 // 743
-	SYS_MRAND48                         = 0x2E8 // 744
-	SYS_NRAND48                         = 0x2E9 // 745
-	SYS_LCONG48                         = 0x2EA // 746
-	SYS_SRAND48                         = 0x2EB // 747
-	SYS_SEED48                          = 0x2EC // 748
-	SYS_ISASCII                         = 0x2ED // 749
-	SYS_TOASCII                         = 0x2EE // 750
-	SYS_A64L                            = 0x2EF // 751
-	SYS_L64A                            = 0x2F0 // 752
-	SYS_UALARM                          = 0x2F1 // 753
-	SYS_USLEEP                          = 0x2F2 // 754
-	SYS___UTXTRM                        = 0x2F3 // 755
-	SYS___SRCTRM                        = 0x2F4 // 756
-	SYS_FTIME                           = 0x2F5 // 757
-	SYS_GETTIMEOFDAY                    = 0x2F6 // 758
-	SYS_DBM_CLEARERR                    = 0x2F7 // 759
-	SYS_DBM_CLOSE                       = 0x2F8 // 760
-	SYS_DBM_DELETE                      = 0x2F9 // 761
-	SYS_DBM_ERROR                       = 0x2FA // 762
-	SYS_DBM_FETCH                       = 0x2FB // 763
-	SYS_DBM_FIRSTKEY                    = 0x2FC // 764
-	SYS_DBM_NEXTKEY                     = 0x2FD // 765
-	SYS_DBM_OPEN                        = 0x2FE // 766
-	SYS_DBM_STORE                       = 0x2FF // 767
-	SYS___NDMTRM                        = 0x300 // 768
-	SYS_FTOK                            = 0x301 // 769
-	SYS_BASENAME                        = 0x302 // 770
-	SYS_DIRNAME                         = 0x303 // 771
-	SYS_GETDTABLESIZE                   = 0x304 // 772
-	SYS_MKSTEMP                         = 0x305 // 773
-	SYS_MKTEMP                          = 0x306 // 774
-	SYS_NFTW                            = 0x307 // 775
-	SYS_GETWD                           = 0x308 // 776
-	SYS_LOCKF                           = 0x309 // 777
-	SYS__LONGJMP                        = 0x30D // 781
-	SYS__SETJMP                         = 0x30E // 782
-	SYS_VFORK                           = 0x30F // 783
-	SYS_WORDEXP                         = 0x310 // 784
-	SYS_WORDFREE                        = 0x311 // 785
-	SYS_GETPGID                         = 0x312 // 786
-	SYS_GETSID                          = 0x313 // 787
-	SYS___UTMPXNAME                     = 0x314 // 788
-	SYS_CUSERID                         = 0x315 // 789
-	SYS_GETPASS                         = 0x316 // 790
-	SYS_FNMATCH                         = 0x317 // 791
-	SYS_FTW                             = 0x318 // 792
-	SYS_GETW                            = 0x319 // 793
-	SYS_GLOB                            = 0x31A // 794
-	SYS_GLOBFREE                        = 0x31B // 795
-	SYS_PUTW                            = 0x31C // 796
-	SYS_SEEKDIR                         = 0x31D // 797
-	SYS_TELLDIR                         = 0x31E // 798
-	SYS_TEMPNAM                         = 0x31F // 799
-	SYS_ACOSH                           = 0x320 // 800
-	SYS_ASINH                           = 0x321 // 801
-	SYS_ATANH                           = 0x322 // 802
-	SYS_CBRT                            = 0x323 // 803
-	SYS_EXPM1                           = 0x324 // 804
-	SYS_ILOGB                           = 0x325 // 805
-	SYS_LOGB                            = 0x326 // 806
-	SYS_LOG1P                           = 0x327 // 807
-	SYS_NEXTAFTER                       = 0x328 // 808
-	SYS_RINT                            = 0x329 // 809
-	SYS_REMAINDER                       = 0x32A // 810
-	SYS_SCALB                           = 0x32B // 811
-	SYS_LGAMMA                          = 0x32C // 812
-	SYS_TTYSLOT                         = 0x32D // 813
-	SYS_GETTIMEOFDAY_R                  = 0x32E // 814
-	SYS_SYNC                            = 0x32F // 815
-	SYS_SPAWN                           = 0x330 // 816
-	SYS_SPAWNP                          = 0x331 // 817
-	SYS_GETLOGIN_UU                     = 0x332 // 818
-	SYS_ECVT                            = 0x333 // 819
-	SYS_FCVT                            = 0x334 // 820
-	SYS_GCVT                            = 0x335 // 821
-	SYS_ACCEPT                          = 0x336 // 822
-	SYS_BIND                            = 0x337 // 823
-	SYS_CONNECT                         = 0x338 // 824
-	SYS_ENDHOSTENT                      = 0x339 // 825
-	SYS_ENDPROTOENT                     = 0x33A // 826
-	SYS_ENDSERVENT                      = 0x33B // 827
-	SYS_GETHOSTBYADDR_R                 = 0x33C // 828
-	SYS_GETHOSTBYADDR                   = 0x33D // 829
-	SYS_GETHOSTBYNAME_R                 = 0x33E // 830
-	SYS_GETHOSTBYNAME                   = 0x33F // 831
-	SYS_GETHOSTENT                      = 0x340 // 832
-	SYS_GETHOSTID                       = 0x341 // 833
-	SYS_GETHOSTNAME                     = 0x342 // 834
-	SYS_GETNETBYADDR                    = 0x343 // 835
-	SYS_GETNETBYNAME                    = 0x344 // 836
-	SYS_GETNETENT                       = 0x345 // 837
-	SYS_GETPEERNAME                     = 0x346 // 838
-	SYS_GETPROTOBYNAME                  = 0x347 // 839
-	SYS_GETPROTOBYNUMBER                = 0x348 // 840
-	SYS_GETPROTOENT                     = 0x349 // 841
-	SYS_GETSERVBYNAME                   = 0x34A // 842
-	SYS_GETSERVBYPORT                   = 0x34B // 843
-	SYS_GETSERVENT                      = 0x34C // 844
-	SYS_GETSOCKNAME                     = 0x34D // 845
-	SYS_GETSOCKOPT                      = 0x34E // 846
-	SYS_INET_ADDR                       = 0x34F // 847
-	SYS_INET_LNAOF                      = 0x350 // 848
-	SYS_INET_MAKEADDR                   = 0x351 // 849
-	SYS_INET_NETOF                      = 0x352 // 850
-	SYS_INET_NETWORK                    = 0x353 // 851
-	SYS_INET_NTOA                       = 0x354 // 852
-	SYS_IOCTL                           = 0x355 // 853
-	SYS_LISTEN                          = 0x356 // 854
-	SYS_READV                           = 0x357 // 855
-	SYS_RECV                            = 0x358 // 856
-	SYS_RECVFROM                        = 0x359 // 857
-	SYS_SELECT                          = 0x35B // 859
-	SYS_SELECTEX                        = 0x35C // 860
-	SYS_SEND                            = 0x35D // 861
-	SYS_SENDTO                          = 0x35F // 863
-	SYS_SETHOSTENT                      = 0x360 // 864
-	SYS_SETNETENT                       = 0x361 // 865
-	SYS_SETPEER                         = 0x362 // 866
-	SYS_SETPROTOENT                     = 0x363 // 867
-	SYS_SETSERVENT                      = 0x364 // 868
-	SYS_SETSOCKOPT                      = 0x365 // 869
-	SYS_SHUTDOWN                        = 0x366 // 870
-	SYS_SOCKET                          = 0x367 // 871
-	SYS_SOCKETPAIR                      = 0x368 // 872
-	SYS_WRITEV                          = 0x369 // 873
-	SYS_CHROOT                          = 0x36A // 874
-	SYS_W_STATVFS                       = 0x36B // 875
-	SYS_ULIMIT                          = 0x36C // 876
-	SYS_ISNAN                           = 0x36D // 877
-	SYS_UTIMES                          = 0x36E // 878
-	SYS___H_ERRNO                       = 0x36F // 879
-	SYS_ENDNETENT                       = 0x370 // 880
-	SYS_CLOSELOG                        = 0x371 // 881
-	SYS_OPENLOG                         = 0x372 // 882
-	SYS_SETLOGMASK                      = 0x373 // 883
-	SYS_SYSLOG                          = 0x374 // 884
-	SYS_PTSNAME                         = 0x375 // 885
-	SYS_SETREUID                        = 0x376 // 886
-	SYS_SETREGID                        = 0x377 // 887
-	SYS_REALPATH                        = 0x378 // 888
-	SYS___SIGNGAM                       = 0x379 // 889
-	SYS_GRANTPT                         = 0x37A // 890
-	SYS_UNLOCKPT                        = 0x37B // 891
-	SYS_TCGETSID                        = 0x37C // 892
-	SYS___TCGETCP                       = 0x37D // 893
-	SYS___TCSETCP                       = 0x37E // 894
-	SYS___TCSETTABLES                   = 0x37F // 895
-	SYS_POLL                            = 0x380 // 896
-	SYS_REXEC                           = 0x381 // 897
-	SYS___ISASCII2                      = 0x382 // 898
-	SYS___TOASCII2                      = 0x383 // 899
-	SYS_CHPRIORITY                      = 0x384 // 900
-	SYS_PTHREAD_ATTR_SETSYNCTYPE_NP     = 0x385 // 901
-	SYS_PTHREAD_ATTR_GETSYNCTYPE_NP     = 0x386 // 902
-	SYS_PTHREAD_SET_LIMIT_NP            = 0x387 // 903
-	SYS___STNETENT                      = 0x388 // 904
-	SYS___STPROTOENT                    = 0x389 // 905
-	SYS___STSERVENT                     = 0x38A // 906
-	SYS___STHOSTENT                     = 0x38B // 907
-	SYS_NLIST                           = 0x38C // 908
-	SYS___IPDBCS                        = 0x38D // 909
-	SYS___IPDSPX                        = 0x38E // 910
-	SYS___IPMSGC                        = 0x38F // 911
-	SYS___SELECT1                       = 0x390 // 912
-	SYS_PTHREAD_SECURITY_NP             = 0x391 // 913
-	SYS___CHECK_RESOURCE_AUTH_NP        = 0x392 // 914
-	SYS___CONVERT_ID_NP                 = 0x393 // 915
-	SYS___OPENVMREL                     = 0x394 // 916
-	SYS_WMEMCHR                         = 0x395 // 917
-	SYS_WMEMCMP                         = 0x396 // 918
-	SYS_WMEMCPY                         = 0x397 // 919
-	SYS_WMEMMOVE                        = 0x398 // 920
-	SYS_WMEMSET                         = 0x399 // 921
-	SYS___FPUTWC                        = 0x400 // 1024
-	SYS___PUTWC                         = 0x401 // 1025
-	SYS___PWCHAR                        = 0x402 // 1026
-	SYS___WCSFTM                        = 0x403 // 1027
-	SYS___WCSTOK                        = 0x404 // 1028
-	SYS___WCWDTH                        = 0x405 // 1029
-	SYS_T_ACCEPT                        = 0x409 // 1033
-	SYS_T_ALLOC                         = 0x40A // 1034
-	SYS_T_BIND                          = 0x40B // 1035
-	SYS_T_CLOSE                         = 0x40C // 1036
-	SYS_T_CONNECT                       = 0x40D // 1037
-	SYS_T_ERROR                         = 0x40E // 1038
-	SYS_T_FREE                          = 0x40F // 1039
-	SYS_T_GETINFO                       = 0x410 // 1040
-	SYS_T_GETPROTADDR                   = 0x411 // 1041
-	SYS_T_GETSTATE                      = 0x412 // 1042
-	SYS_T_LISTEN                        = 0x413 // 1043
-	SYS_T_LOOK                          = 0x414 // 1044
-	SYS_T_OPEN                          = 0x415 // 1045
-	SYS_T_OPTMGMT                       = 0x416 // 1046
-	SYS_T_RCV                           = 0x417 // 1047
-	SYS_T_RCVCONNECT                    = 0x418 // 1048
-	SYS_T_RCVDIS                        = 0x419 // 1049
-	SYS_T_RCVREL                        = 0x41A // 1050
-	SYS_T_RCVUDATA                      = 0x41B // 1051
-	SYS_T_RCVUDERR                      = 0x41C // 1052
-	SYS_T_SND                           = 0x41D // 1053
-	SYS_T_SNDDIS                        = 0x41E // 1054
-	SYS_T_SNDREL                        = 0x41F // 1055
-	SYS_T_SNDUDATA                      = 0x420 // 1056
-	SYS_T_STRERROR                      = 0x421 // 1057
-	SYS_T_SYNC                          = 0x422 // 1058
-	SYS_T_UNBIND                        = 0x423 // 1059
-	SYS___T_ERRNO                       = 0x424 // 1060
-	SYS___RECVMSG2                      = 0x425 // 1061
-	SYS___SENDMSG2                      = 0x426 // 1062
-	SYS_FATTACH                         = 0x427 // 1063
-	SYS_FDETACH                         = 0x428 // 1064
-	SYS_GETMSG                          = 0x429 // 1065
-	SYS_GETPMSG                         = 0x42A // 1066
-	SYS_ISASTREAM                       = 0x42B // 1067
-	SYS_PUTMSG                          = 0x42C // 1068
-	SYS_PUTPMSG                         = 0x42D // 1069
-	SYS___ISPOSIXON                     = 0x42E // 1070
-	SYS___OPENMVSREL                    = 0x42F // 1071
-	SYS_GETCONTEXT                      = 0x430 // 1072
-	SYS_SETCONTEXT                      = 0x431 // 1073
-	SYS_MAKECONTEXT                     = 0x432 // 1074
-	SYS_SWAPCONTEXT                     = 0x433 // 1075
-	SYS_PTHREAD_GETSPECIFIC_D8_NP       = 0x434 // 1076
-	SYS_GETCLIENTID                     = 0x470 // 1136
-	SYS___GETCLIENTID                   = 0x471 // 1137
-	SYS_GETSTABLESIZE                   = 0x472 // 1138
-	SYS_GETIBMOPT                       = 0x473 // 1139
-	SYS_GETIBMSOCKOPT                   = 0x474 // 1140
-	SYS_GIVESOCKET                      = 0x475 // 1141
-	SYS_IBMSFLUSH                       = 0x476 // 1142
-	SYS_MAXDESC                         = 0x477 // 1143
-	SYS_SETIBMOPT                       = 0x478 // 1144
-	SYS_SETIBMSOCKOPT                   = 0x479 // 1145
-	SYS_SOCK_DEBUG                      = 0x47A // 1146
-	SYS_SOCK_DO_TESTSTOR                = 0x47D // 1149
-	SYS_TAKESOCKET                      = 0x47E // 1150
-	SYS___SERVER_INIT                   = 0x47F // 1151
-	SYS___SERVER_PWU                    = 0x480 // 1152
-	SYS_PTHREAD_TAG_NP                  = 0x481 // 1153
-	SYS___CONSOLE                       = 0x482 // 1154
-	SYS___WSINIT                        = 0x483 // 1155
-	SYS___IPTCPN                        = 0x489 // 1161
-	SYS___SMF_RECORD                    = 0x48A // 1162
-	SYS___IPHOST                        = 0x48B // 1163
-	SYS___IPNODE                        = 0x48C // 1164
-	SYS___SERVER_CLASSIFY_CREATE        = 0x48D // 1165
-	SYS___SERVER_CLASSIFY_DESTROY       = 0x48E // 1166
-	SYS___SERVER_CLASSIFY_RESET         = 0x48F // 1167
-	SYS___SERVER_CLASSIFY               = 0x490 // 1168
-	SYS___HEAPRPT                       = 0x496 // 1174
-	SYS___FNWSA                         = 0x49B // 1179
-	SYS___SPAWN2                        = 0x49D // 1181
-	SYS___SPAWNP2                       = 0x49E // 1182
-	SYS___GDRR                          = 0x4A1 // 1185
-	SYS___HRRNO                         = 0x4A2 // 1186
-	SYS___OPRG                          = 0x4A3 // 1187
-	SYS___OPRR                          = 0x4A4 // 1188
-	SYS___OPND                          = 0x4A5 // 1189
-	SYS___OPPT                          = 0x4A6 // 1190
-	SYS___SIGGM                         = 0x4A7 // 1191
-	SYS___DGHT                          = 0x4A8 // 1192
-	SYS___TZNE                          = 0x4A9 // 1193
-	SYS___TZZN                          = 0x4AA // 1194
-	SYS___TRRNO                         = 0x4AF // 1199
-	SYS___ENVN                          = 0x4B0 // 1200
-	SYS___MLOCKALL                      = 0x4B1 // 1201
-	SYS_CREATEWO                        = 0x4B2 // 1202
-	SYS_CREATEWORKUNIT                  = 0x4B2 // 1202
-	SYS_CONTINUE                        = 0x4B3 // 1203
-	SYS_CONTINUEWORKUNIT                = 0x4B3 // 1203
-	SYS_CONNECTW                        = 0x4B4 // 1204
-	SYS_CONNECTWORKMGR                  = 0x4B4 // 1204
-	SYS_CONNECTS                        = 0x4B5 // 1205
-	SYS_CONNECTSERVER                   = 0x4B5 // 1205
-	SYS_DISCONNE                        = 0x4B6 // 1206
-	SYS_DISCONNECTSERVER                = 0x4B6 // 1206
-	SYS_JOINWORK                        = 0x4B7 // 1207
-	SYS_JOINWORKUNIT                    = 0x4B7 // 1207
-	SYS_LEAVEWOR                        = 0x4B8 // 1208
-	SYS_LEAVEWORKUNIT                   = 0x4B8 // 1208
-	SYS_DELETEWO                        = 0x4B9 // 1209
-	SYS_DELETEWORKUNIT                  = 0x4B9 // 1209
-	SYS_QUERYMET                        = 0x4BA // 1210
-	SYS_QUERYMETRICS                    = 0x4BA // 1210
-	SYS_QUERYSCH                        = 0x4BB // 1211
-	SYS_QUERYSCHENV                     = 0x4BB // 1211
-	SYS_CHECKSCH                        = 0x4BC // 1212
-	SYS_CHECKSCHENV                     = 0x4BC // 1212
-	SYS___PID_AFFINITY                  = 0x4BD // 1213
-	SYS___ASINH_B                       = 0x4BE // 1214
-	SYS___ATAN_B                        = 0x4BF // 1215
-	SYS___CBRT_B                        = 0x4C0 // 1216
-	SYS___CEIL_B                        = 0x4C1 // 1217
-	SYS_COPYSIGN                        = 0x4C2 // 1218
-	SYS___COS_B                         = 0x4C3 // 1219
-	SYS___ERF_B                         = 0x4C4 // 1220
-	SYS___ERFC_B                        = 0x4C5 // 1221
-	SYS___EXPM1_B                       = 0x4C6 // 1222
-	SYS___FABS_B                        = 0x4C7 // 1223
-	SYS_FINITE                          = 0x4C8 // 1224
-	SYS___FLOOR_B                       = 0x4C9 // 1225
-	SYS___FREXP_B                       = 0x4CA // 1226
-	SYS___ILOGB_B                       = 0x4CB // 1227
-	SYS___ISNAN_B                       = 0x4CC // 1228
-	SYS___LDEXP_B                       = 0x4CD // 1229
-	SYS___LOG1P_B                       = 0x4CE // 1230
-	SYS___LOGB_B                        = 0x4CF // 1231
-	SYS_MATHERR                         = 0x4D0 // 1232
-	SYS___MODF_B                        = 0x4D1 // 1233
-	SYS___NEXTAFTER_B                   = 0x4D2 // 1234
-	SYS___RINT_B                        = 0x4D3 // 1235
-	SYS_SCALBN                          = 0x4D4 // 1236
-	SYS_SIGNIFIC                        = 0x4D5 // 1237
-	SYS_SIGNIFICAND                     = 0x4D5 // 1237
-	SYS___SIN_B                         = 0x4D6 // 1238
-	SYS___TAN_B                         = 0x4D7 // 1239
-	SYS___TANH_B                        = 0x4D8 // 1240
-	SYS___ACOS_B                        = 0x4D9 // 1241
-	SYS___ACOSH_B                       = 0x4DA // 1242
-	SYS___ASIN_B                        = 0x4DB // 1243
-	SYS___ATAN2_B                       = 0x4DC // 1244
-	SYS___ATANH_B                       = 0x4DD // 1245
-	SYS___COSH_B                        = 0x4DE // 1246
-	SYS___EXP_B                         = 0x4DF // 1247
-	SYS___FMOD_B                        = 0x4E0 // 1248
-	SYS___GAMMA_B                       = 0x4E1 // 1249
-	SYS_GAMMA_R                         = 0x4E2 // 1250
-	SYS___HYPOT_B                       = 0x4E3 // 1251
-	SYS___J0_B                          = 0x4E4 // 1252
-	SYS___Y0_B                          = 0x4E5 // 1253
-	SYS___J1_B                          = 0x4E6 // 1254
-	SYS___Y1_B                          = 0x4E7 // 1255
-	SYS___JN_B                          = 0x4E8 // 1256
-	SYS___YN_B                          = 0x4E9 // 1257
-	SYS___LGAMMA_B                      = 0x4EA // 1258
-	SYS_LGAMMA_R                        = 0x4EB // 1259
-	SYS___LOG_B                         = 0x4EC // 1260
-	SYS___LOG10_B                       = 0x4ED // 1261
-	SYS___POW_B                         = 0x4EE // 1262
-	SYS___REMAINDER_B                   = 0x4EF // 1263
-	SYS___SCALB_B                       = 0x4F0 // 1264
-	SYS___SINH_B                        = 0x4F1 // 1265
-	SYS___SQRT_B                        = 0x4F2 // 1266
-	SYS___OPENDIR2                      = 0x4F3 // 1267
-	SYS___READDIR2                      = 0x4F4 // 1268
-	SYS___LOGIN                         = 0x4F5 // 1269
-	SYS___OPEN_STAT                     = 0x4F6 // 1270
-	SYS_ACCEPT_AND_RECV                 = 0x4F7 // 1271
-	SYS___FP_SETMODE                    = 0x4F8 // 1272
-	SYS___SIGACTIONSET                  = 0x4FB // 1275
-	SYS___UCREATE                       = 0x4FC // 1276
-	SYS___UMALLOC                       = 0x4FD // 1277
-	SYS___UFREE                         = 0x4FE // 1278
-	SYS___UHEAPREPORT                   = 0x4FF // 1279
-	SYS___ISBFP                         = 0x500 // 1280
-	SYS___FP_CAST                       = 0x501 // 1281
-	SYS___CERTIFICATE                   = 0x502 // 1282
-	SYS_SEND_FILE                       = 0x503 // 1283
-	SYS_AIO_CANCEL                      = 0x504 // 1284
-	SYS_AIO_ERROR                       = 0x505 // 1285
-	SYS_AIO_READ                        = 0x506 // 1286
-	SYS_AIO_RETURN                      = 0x507 // 1287
-	SYS_AIO_SUSPEND                     = 0x508 // 1288
-	SYS_AIO_WRITE                       = 0x509 // 1289
-	SYS_PTHREAD_MUTEXATTR_GETPSHARED    = 0x50A // 1290
-	SYS_PTHREAD_MUTEXATTR_SETPSHARED    = 0x50B // 1291
-	SYS_PTHREAD_RWLOCK_DESTROY          = 0x50C // 1292
-	SYS_PTHREAD_RWLOCK_INIT             = 0x50D // 1293
-	SYS_PTHREAD_RWLOCK_RDLOCK           = 0x50E // 1294
-	SYS_PTHREAD_RWLOCK_TRYRDLOCK        = 0x50F // 1295
-	SYS_PTHREAD_RWLOCK_TRYWRLOCK        = 0x510 // 1296
-	SYS_PTHREAD_RWLOCK_UNLOCK           = 0x511 // 1297
-	SYS_PTHREAD_RWLOCK_WRLOCK           = 0x512 // 1298
-	SYS_PTHREAD_RWLOCKATTR_GETPSHARED   = 0x513 // 1299
-	SYS_PTHREAD_RWLOCKATTR_SETPSHARED   = 0x514 // 1300
-	SYS_PTHREAD_RWLOCKATTR_INIT         = 0x515 // 1301
-	SYS_PTHREAD_RWLOCKATTR_DESTROY      = 0x516 // 1302
-	SYS___CTTBL                         = 0x517 // 1303
-	SYS_PTHREAD_MUTEXATTR_SETTYPE       = 0x518 // 1304
-	SYS_PTHREAD_MUTEXATTR_GETTYPE       = 0x519 // 1305
-	SYS___FP_CLR_FLAG                   = 0x51A // 1306
-	SYS___FP_READ_FLAG                  = 0x51B // 1307
-	SYS___FP_RAISE_XCP                  = 0x51C // 1308
-	SYS___FP_CLASS                      = 0x51D // 1309
-	SYS___FP_FINITE                     = 0x51E // 1310
-	SYS___FP_ISNAN                      = 0x51F // 1311
-	SYS___FP_UNORDERED                  = 0x520 // 1312
-	SYS___FP_READ_RND                   = 0x521 // 1313
-	SYS___FP_READ_RND_B                 = 0x522 // 1314
-	SYS___FP_SWAP_RND                   = 0x523 // 1315
-	SYS___FP_SWAP_RND_B                 = 0x524 // 1316
-	SYS___FP_LEVEL                      = 0x525 // 1317
-	SYS___FP_BTOH                       = 0x526 // 1318
-	SYS___FP_HTOB                       = 0x527 // 1319
-	SYS___FPC_RD                        = 0x528 // 1320
-	SYS___FPC_WR                        = 0x529 // 1321
-	SYS___FPC_RW                        = 0x52A // 1322
-	SYS___FPC_SM                        = 0x52B // 1323
-	SYS___FPC_RS                        = 0x52C // 1324
-	SYS_SIGTIMEDWAIT                    = 0x52D // 1325
-	SYS_SIGWAITINFO                     = 0x52E // 1326
-	SYS___CHKBFP                        = 0x52F // 1327
-	SYS___W_PIOCTL                      = 0x59E // 1438
-	SYS___OSENV                         = 0x59F // 1439
-	SYS_EXPORTWO                        = 0x5A1 // 1441
-	SYS_EXPORTWORKUNIT                  = 0x5A1 // 1441
-	SYS_UNDOEXPO                        = 0x5A2 // 1442
-	SYS_UNDOEXPORTWORKUNIT              = 0x5A2 // 1442
-	SYS_IMPORTWO                        = 0x5A3 // 1443
-	SYS_IMPORTWORKUNIT                  = 0x5A3 // 1443
-	SYS_UNDOIMPO                        = 0x5A4 // 1444
-	SYS_UNDOIMPORTWORKUNIT              = 0x5A4 // 1444
-	SYS_EXTRACTW                        = 0x5A5 // 1445
-	SYS_EXTRACTWORKUNIT                 = 0x5A5 // 1445
-	SYS___CPL                           = 0x5A6 // 1446
-	SYS___MAP_INIT                      = 0x5A7 // 1447
-	SYS___MAP_SERVICE                   = 0x5A8 // 1448
-	SYS_SIGQUEUE                        = 0x5A9 // 1449
-	SYS___MOUNT                         = 0x5AA // 1450
-	SYS___GETUSERID                     = 0x5AB // 1451
-	SYS___IPDOMAINNAME                  = 0x5AC // 1452
-	SYS_QUERYENC                        = 0x5AD // 1453
-	SYS_QUERYWORKUNITCLASSIFICATION     = 0x5AD // 1453
-	SYS_CONNECTE                        = 0x5AE // 1454
-	SYS_CONNECTEXPORTIMPORT             = 0x5AE // 1454
-	SYS___FP_SWAPMODE                   = 0x5AF // 1455
-	SYS_STRTOLL                         = 0x5B0 // 1456
-	SYS_STRTOULL                        = 0x5B1 // 1457
-	SYS___DSA_PREV                      = 0x5B2 // 1458
-	SYS___EP_FIND                       = 0x5B3 // 1459
-	SYS___SERVER_THREADS_QUERY          = 0x5B4 // 1460
-	SYS___MSGRCV_TIMED                  = 0x5B7 // 1463
-	SYS___SEMOP_TIMED                   = 0x5B8 // 1464
-	SYS___GET_CPUID                     = 0x5B9 // 1465
-	SYS___GET_SYSTEM_SETTINGS           = 0x5BA // 1466
-	SYS_FTELLO                          = 0x5C8 // 1480
-	SYS_FSEEKO                          = 0x5C9 // 1481
-	SYS_LLDIV                           = 0x5CB // 1483
-	SYS_WCSTOLL                         = 0x5CC // 1484
-	SYS_WCSTOULL                        = 0x5CD // 1485
-	SYS_LLABS                           = 0x5CE // 1486
-	SYS___CONSOLE2                      = 0x5D2 // 1490
-	SYS_INET_NTOP                       = 0x5D3 // 1491
-	SYS_INET_PTON                       = 0x5D4 // 1492
-	SYS___RES                           = 0x5D6 // 1494
-	SYS_RES_MKQUERY                     = 0x5D7 // 1495
-	SYS_RES_INIT                        = 0x5D8 // 1496
-	SYS_RES_QUERY                       = 0x5D9 // 1497
-	SYS_RES_SEARCH                      = 0x5DA // 1498
-	SYS_RES_SEND                        = 0x5DB // 1499
-	SYS_RES_QUERYDOMAIN                 = 0x5DC // 1500
-	SYS_DN_EXPAND                       = 0x5DD // 1501
-	SYS_DN_SKIPNAME                     = 0x5DE // 1502
-	SYS_DN_COMP                         = 0x5DF // 1503
-	SYS_ASCTIME_R                       = 0x5E0 // 1504
-	SYS_CTIME_R                         = 0x5E1 // 1505
-	SYS_GMTIME_R                        = 0x5E2 // 1506
-	SYS_LOCALTIME_R                     = 0x5E3 // 1507
-	SYS_RAND_R                          = 0x5E4 // 1508
-	SYS_STRTOK_R                        = 0x5E5 // 1509
-	SYS_READDIR_R                       = 0x5E6 // 1510
-	SYS_GETGRGID_R                      = 0x5E7 // 1511
-	SYS_GETGRNAM_R                      = 0x5E8 // 1512
-	SYS_GETLOGIN_R                      = 0x5E9 // 1513
-	SYS_GETPWNAM_R                      = 0x5EA // 1514
-	SYS_GETPWUID_R                      = 0x5EB // 1515
-	SYS_TTYNAME_R                       = 0x5EC // 1516
-	SYS_PTHREAD_ATFORK                  = 0x5ED // 1517
-	SYS_PTHREAD_ATTR_GETGUARDSIZE       = 0x5EE // 1518
-	SYS_PTHREAD_ATTR_GETSTACKADDR       = 0x5EF // 1519
-	SYS_PTHREAD_ATTR_SETGUARDSIZE       = 0x5F0 // 1520
-	SYS_PTHREAD_ATTR_SETSTACKADDR       = 0x5F1 // 1521
-	SYS_PTHREAD_CONDATTR_GETPSHARED     = 0x5F2 // 1522
-	SYS_PTHREAD_CONDATTR_SETPSHARED     = 0x5F3 // 1523
-	SYS_PTHREAD_GETCONCURRENCY          = 0x5F4 // 1524
-	SYS_PTHREAD_KEY_DELETE              = 0x5F5 // 1525
-	SYS_PTHREAD_SETCONCURRENCY          = 0x5F6 // 1526
-	SYS_PTHREAD_SIGMASK                 = 0x5F7 // 1527
-	SYS___DISCARDDATA                   = 0x5F8 // 1528
-	SYS_PTHREAD_ATTR_GETSCHEDPARAM      = 0x5F9 // 1529
-	SYS_PTHREAD_ATTR_SETSCHEDPARAM      = 0x5FA // 1530
-	SYS_PTHREAD_ATTR_GETDETACHSTATE_U98 = 0x5FB // 1531
-	SYS_PTHREAD_ATTR_SETDETACHSTATE_U98 = 0x5FC // 1532
-	SYS_PTHREAD_DETACH_U98              = 0x5FD // 1533
-	SYS_PTHREAD_GETSPECIFIC_U98         = 0x5FE // 1534
-	SYS_PTHREAD_SETCANCELSTATE          = 0x5FF // 1535
-	SYS_PTHREAD_SETCANCELTYPE           = 0x600 // 1536
-	SYS_PTHREAD_TESTCANCEL              = 0x601 // 1537
-	SYS___ATANF_B                       = 0x602 // 1538
-	SYS___ATANL_B                       = 0x603 // 1539
-	SYS___CEILF_B                       = 0x604 // 1540
-	SYS___CEILL_B                       = 0x605 // 1541
-	SYS___COSF_B                        = 0x606 // 1542
-	SYS___COSL_B                        = 0x607 // 1543
-	SYS___FABSF_B                       = 0x608 // 1544
-	SYS___FABSL_B                       = 0x609 // 1545
-	SYS___FLOORF_B                      = 0x60A // 1546
-	SYS___FLOORL_B                      = 0x60B // 1547
-	SYS___FREXPF_B                      = 0x60C // 1548
-	SYS___FREXPL_B                      = 0x60D // 1549
-	SYS___LDEXPF_B                      = 0x60E // 1550
-	SYS___LDEXPL_B                      = 0x60F // 1551
-	SYS___SINF_B                        = 0x610 // 1552
-	SYS___SINL_B                        = 0x611 // 1553
-	SYS___TANF_B                        = 0x612 // 1554
-	SYS___TANL_B                        = 0x613 // 1555
-	SYS___TANHF_B                       = 0x614 // 1556
-	SYS___TANHL_B                       = 0x615 // 1557
-	SYS___ACOSF_B                       = 0x616 // 1558
-	SYS___ACOSL_B                       = 0x617 // 1559
-	SYS___ASINF_B                       = 0x618 // 1560
-	SYS___ASINL_B                       = 0x619 // 1561
-	SYS___ATAN2F_B                      = 0x61A // 1562
-	SYS___ATAN2L_B                      = 0x61B // 1563
-	SYS___COSHF_B                       = 0x61C // 1564
-	SYS___COSHL_B                       = 0x61D // 1565
-	SYS___EXPF_B                        = 0x61E // 1566
-	SYS___EXPL_B                        = 0x61F // 1567
-	SYS___LOGF_B                        = 0x620 // 1568
-	SYS___LOGL_B                        = 0x621 // 1569
-	SYS___LOG10F_B                      = 0x622 // 1570
-	SYS___LOG10L_B                      = 0x623 // 1571
-	SYS___POWF_B                        = 0x624 // 1572
-	SYS___POWL_B                        = 0x625 // 1573
-	SYS___SINHF_B                       = 0x626 // 1574
-	SYS___SINHL_B                       = 0x627 // 1575
-	SYS___SQRTF_B                       = 0x628 // 1576
-	SYS___SQRTL_B                       = 0x629 // 1577
-	SYS___ABSF_B                        = 0x62A // 1578
-	SYS___ABS_B                         = 0x62B // 1579
-	SYS___ABSL_B                        = 0x62C // 1580
-	SYS___FMODF_B                       = 0x62D // 1581
-	SYS___FMODL_B                       = 0x62E // 1582
-	SYS___MODFF_B                       = 0x62F // 1583
-	SYS___MODFL_B                       = 0x630 // 1584
-	SYS_ABSF                            = 0x631 // 1585
-	SYS_ABSL                            = 0x632 // 1586
-	SYS_ACOSF                           = 0x633 // 1587
-	SYS_ACOSL                           = 0x634 // 1588
-	SYS_ASINF                           = 0x635 // 1589
-	SYS_ASINL                           = 0x636 // 1590
-	SYS_ATAN2F                          = 0x637 // 1591
-	SYS_ATAN2L                          = 0x638 // 1592
-	SYS_ATANF                           = 0x639 // 1593
-	SYS_ATANL                           = 0x63A // 1594
-	SYS_CEILF                           = 0x63B // 1595
-	SYS_CEILL                           = 0x63C // 1596
-	SYS_COSF                            = 0x63D // 1597
-	SYS_COSL                            = 0x63E // 1598
-	SYS_COSHF                           = 0x63F // 1599
-	SYS_COSHL                           = 0x640 // 1600
-	SYS_EXPF                            = 0x641 // 1601
-	SYS_EXPL                            = 0x642 // 1602
-	SYS_TANHF                           = 0x643 // 1603
-	SYS_TANHL                           = 0x644 // 1604
-	SYS_LOG10F                          = 0x645 // 1605
-	SYS_LOG10L                          = 0x646 // 1606
-	SYS_LOGF                            = 0x647 // 1607
-	SYS_LOGL                            = 0x648 // 1608
-	SYS_POWF                            = 0x649 // 1609
-	SYS_POWL                            = 0x64A // 1610
-	SYS_SINF                            = 0x64B // 1611
-	SYS_SINL                            = 0x64C // 1612
-	SYS_SQRTF                           = 0x64D // 1613
-	SYS_SQRTL                           = 0x64E // 1614
-	SYS_SINHF                           = 0x64F // 1615
-	SYS_SINHL                           = 0x650 // 1616
-	SYS_TANF                            = 0x651 // 1617
-	SYS_TANL                            = 0x652 // 1618
-	SYS_FABSF                           = 0x653 // 1619
-	SYS_FABSL                           = 0x654 // 1620
-	SYS_FLOORF                          = 0x655 // 1621
-	SYS_FLOORL                          = 0x656 // 1622
-	SYS_FMODF                           = 0x657 // 1623
-	SYS_FMODL                           = 0x658 // 1624
-	SYS_FREXPF                          = 0x659 // 1625
-	SYS_FREXPL                          = 0x65A // 1626
-	SYS_LDEXPF                          = 0x65B // 1627
-	SYS_LDEXPL                          = 0x65C // 1628
-	SYS_MODFF                           = 0x65D // 1629
-	SYS_MODFL                           = 0x65E // 1630
-	SYS_BTOWC                           = 0x65F // 1631
-	SYS___CHATTR                        = 0x660 // 1632
-	SYS___FCHATTR                       = 0x661 // 1633
-	SYS___TOCCSID                       = 0x662 // 1634
-	SYS___CSNAMETYPE                    = 0x663 // 1635
-	SYS___TOCSNAME                      = 0x664 // 1636
-	SYS___CCSIDTYPE                     = 0x665 // 1637
-	SYS___AE_CORRESTBL_QUERY            = 0x666 // 1638
-	SYS___AE_AUTOCONVERT_STATE          = 0x667 // 1639
-	SYS_DN_FIND                         = 0x668 // 1640
-	SYS___GETHOSTBYADDR_A               = 0x669 // 1641
-	SYS___GETHOSTBYNAME_A               = 0x66A // 1642
-	SYS___RES_INIT_A                    = 0x66B // 1643
-	SYS___GETHOSTBYADDR_R_A             = 0x66C // 1644
-	SYS___GETHOSTBYNAME_R_A             = 0x66D // 1645
-	SYS___CHARMAP_INIT_A                = 0x66E // 1646
-	SYS___MBLEN_A                       = 0x66F // 1647
-	SYS___MBLEN_SB_A                    = 0x670 // 1648
-	SYS___MBLEN_STD_A                   = 0x671 // 1649
-	SYS___MBLEN_UTF                     = 0x672 // 1650
-	SYS___MBSTOWCS_A                    = 0x673 // 1651
-	SYS___MBSTOWCS_STD_A                = 0x674 // 1652
-	SYS___MBTOWC_A                      = 0x675 // 1653
-	SYS___MBTOWC_ISO1                   = 0x676 // 1654
-	SYS___MBTOWC_SBCS                   = 0x677 // 1655
-	SYS___MBTOWC_MBCS                   = 0x678 // 1656
-	SYS___MBTOWC_UTF                    = 0x679 // 1657
-	SYS___WCSTOMBS_A                    = 0x67A // 1658
-	SYS___WCSTOMBS_STD_A                = 0x67B // 1659
-	SYS___WCSWIDTH_A                    = 0x67C // 1660
-	SYS___GETGRGID_R_A                  = 0x67D // 1661
-	SYS___WCSWIDTH_STD_A                = 0x67E // 1662
-	SYS___WCSWIDTH_ASIA                 = 0x67F // 1663
-	SYS___CSID_A                        = 0x680 // 1664
-	SYS___CSID_STD_A                    = 0x681 // 1665
-	SYS___WCSID_A                       = 0x682 // 1666
-	SYS___WCSID_STD_A                   = 0x683 // 1667
-	SYS___WCTOMB_A                      = 0x684 // 1668
-	SYS___WCTOMB_ISO1                   = 0x685 // 1669
-	SYS___WCTOMB_STD_A                  = 0x686 // 1670
-	SYS___WCTOMB_UTF                    = 0x687 // 1671
-	SYS___WCWIDTH_A                     = 0x688 // 1672
-	SYS___GETGRNAM_R_A                  = 0x689 // 1673
-	SYS___WCWIDTH_STD_A                 = 0x68A // 1674
-	SYS___WCWIDTH_ASIA                  = 0x68B // 1675
-	SYS___GETPWNAM_R_A                  = 0x68C // 1676
-	SYS___GETPWUID_R_A                  = 0x68D // 1677
-	SYS___GETLOGIN_R_A                  = 0x68E // 1678
-	SYS___TTYNAME_R_A                   = 0x68F // 1679
-	SYS___READDIR_R_A                   = 0x690 // 1680
-	SYS___E2A_S                         = 0x691 // 1681
-	SYS___FNMATCH_A                     = 0x692 // 1682
-	SYS___FNMATCH_C_A                   = 0x693 // 1683
-	SYS___EXECL_A                       = 0x694 // 1684
-	SYS___FNMATCH_STD_A                 = 0x695 // 1685
-	SYS___REGCOMP_A                     = 0x696 // 1686
-	SYS___REGCOMP_STD_A                 = 0x697 // 1687
-	SYS___REGERROR_A                    = 0x698 // 1688
-	SYS___REGERROR_STD_A                = 0x699 // 1689
-	SYS___REGEXEC_A                     = 0x69A // 1690
-	SYS___REGEXEC_STD_A                 = 0x69B // 1691
-	SYS___REGFREE_A                     = 0x69C // 1692
-	SYS___REGFREE_STD_A                 = 0x69D // 1693
-	SYS___STRCOLL_A                     = 0x69E // 1694
-	SYS___STRCOLL_C_A                   = 0x69F // 1695
-	SYS___EXECLE_A                      = 0x6A0 // 1696
-	SYS___STRCOLL_STD_A                 = 0x6A1 // 1697
-	SYS___STRXFRM_A                     = 0x6A2 // 1698
-	SYS___STRXFRM_C_A                   = 0x6A3 // 1699
-	SYS___EXECLP_A                      = 0x6A4 // 1700
-	SYS___STRXFRM_STD_A                 = 0x6A5 // 1701
-	SYS___WCSCOLL_A                     = 0x6A6 // 1702
-	SYS___WCSCOLL_C_A                   = 0x6A7 // 1703
-	SYS___WCSCOLL_STD_A                 = 0x6A8 // 1704
-	SYS___WCSXFRM_A                     = 0x6A9 // 1705
-	SYS___WCSXFRM_C_A                   = 0x6AA // 1706
-	SYS___WCSXFRM_STD_A                 = 0x6AB // 1707
-	SYS___COLLATE_INIT_A                = 0x6AC // 1708
-	SYS___WCTYPE_A                      = 0x6AD // 1709
-	SYS___GET_WCTYPE_STD_A              = 0x6AE // 1710
-	SYS___CTYPE_INIT_A                  = 0x6AF // 1711
-	SYS___ISWCTYPE_A                    = 0x6B0 // 1712
-	SYS___EXECV_A                       = 0x6B1 // 1713
-	SYS___IS_WCTYPE_STD_A               = 0x6B2 // 1714
-	SYS___TOWLOWER_A                    = 0x6B3 // 1715
-	SYS___TOWLOWER_STD_A                = 0x6B4 // 1716
-	SYS___TOWUPPER_A                    = 0x6B5 // 1717
-	SYS___TOWUPPER_STD_A                = 0x6B6 // 1718
-	SYS___LOCALE_INIT_A                 = 0x6B7 // 1719
-	SYS___LOCALECONV_A                  = 0x6B8 // 1720
-	SYS___LOCALECONV_STD_A              = 0x6B9 // 1721
-	SYS___NL_LANGINFO_A                 = 0x6BA // 1722
-	SYS___NL_LNAGINFO_STD_A             = 0x6BB // 1723
-	SYS___MONETARY_INIT_A               = 0x6BC // 1724
-	SYS___STRFMON_A                     = 0x6BD // 1725
-	SYS___STRFMON_STD_A                 = 0x6BE // 1726
-	SYS___GETADDRINFO_A                 = 0x6BF // 1727
-	SYS___CATGETS_A                     = 0x6C0 // 1728
-	SYS___EXECVE_A                      = 0x6C1 // 1729
-	SYS___EXECVP_A                      = 0x6C2 // 1730
-	SYS___SPAWN_A                       = 0x6C3 // 1731
-	SYS___GETNAMEINFO_A                 = 0x6C4 // 1732
-	SYS___SPAWNP_A                      = 0x6C5 // 1733
-	SYS___NUMERIC_INIT_A                = 0x6C6 // 1734
-	SYS___RESP_INIT_A                   = 0x6C7 // 1735
-	SYS___RPMATCH_A                     = 0x6C8 // 1736
-	SYS___RPMATCH_C_A                   = 0x6C9 // 1737
-	SYS___RPMATCH_STD_A                 = 0x6CA // 1738
-	SYS___TIME_INIT_A                   = 0x6CB // 1739
-	SYS___STRFTIME_A                    = 0x6CC // 1740
-	SYS___STRFTIME_STD_A                = 0x6CD // 1741
-	SYS___STRPTIME_A                    = 0x6CE // 1742
-	SYS___STRPTIME_STD_A                = 0x6CF // 1743
-	SYS___WCSFTIME_A                    = 0x6D0 // 1744
-	SYS___WCSFTIME_STD_A                = 0x6D1 // 1745
-	SYS_____SPAWN2_A                    = 0x6D2 // 1746
-	SYS_____SPAWNP2_A                   = 0x6D3 // 1747
-	SYS___SYNTAX_INIT_A                 = 0x6D4 // 1748
-	SYS___TOD_INIT_A                    = 0x6D5 // 1749
-	SYS___NL_CSINFO_A                   = 0x6D6 // 1750
-	SYS___NL_MONINFO_A                  = 0x6D7 // 1751
-	SYS___NL_NUMINFO_A                  = 0x6D8 // 1752
-	SYS___NL_RESPINFO_A                 = 0x6D9 // 1753
-	SYS___NL_TIMINFO_A                  = 0x6DA // 1754
-	SYS___IF_NAMETOINDEX_A              = 0x6DB // 1755
-	SYS___IF_INDEXTONAME_A              = 0x6DC // 1756
-	SYS___PRINTF_A                      = 0x6DD // 1757
-	SYS___ICONV_OPEN_A                  = 0x6DE // 1758
-	SYS___DLLLOAD_A                     = 0x6DF // 1759
-	SYS___DLLQUERYFN_A                  = 0x6E0 // 1760
-	SYS___DLLQUERYVAR_A                 = 0x6E1 // 1761
-	SYS_____CHATTR_A                    = 0x6E2 // 1762
-	SYS___E2A_L                         = 0x6E3 // 1763
-	SYS_____TOCCSID_A                   = 0x6E4 // 1764
-	SYS_____TOCSNAME_A                  = 0x6E5 // 1765
-	SYS_____CCSIDTYPE_A                 = 0x6E6 // 1766
-	SYS_____CSNAMETYPE_A                = 0x6E7 // 1767
-	SYS___CHMOD_A                       = 0x6E8 // 1768
-	SYS___MKDIR_A                       = 0x6E9 // 1769
-	SYS___STAT_A                        = 0x6EA // 1770
-	SYS___STAT_O_A                      = 0x6EB // 1771
-	SYS___MKFIFO_A                      = 0x6EC // 1772
-	SYS_____OPEN_STAT_A                 = 0x6ED // 1773
-	SYS___LSTAT_A                       = 0x6EE // 1774
-	SYS___LSTAT_O_A                     = 0x6EF // 1775
-	SYS___MKNOD_A                       = 0x6F0 // 1776
-	SYS___MOUNT_A                       = 0x6F1 // 1777
-	SYS___UMOUNT_A                      = 0x6F2 // 1778
-	SYS___CHAUDIT_A                     = 0x6F4 // 1780
-	SYS___W_GETMNTENT_A                 = 0x6F5 // 1781
-	SYS___CREAT_A                       = 0x6F6 // 1782
-	SYS___OPEN_A                        = 0x6F7 // 1783
-	SYS___SETLOCALE_A                   = 0x6F9 // 1785
-	SYS___FPRINTF_A                     = 0x6FA // 1786
-	SYS___SPRINTF_A                     = 0x6FB // 1787
-	SYS___VFPRINTF_A                    = 0x6FC // 1788
-	SYS___VPRINTF_A                     = 0x6FD // 1789
-	SYS___VSPRINTF_A                    = 0x6FE // 1790
-	SYS___VSWPRINTF_A                   = 0x6FF // 1791
-	SYS___SWPRINTF_A                    = 0x700 // 1792
-	SYS___FSCANF_A                      = 0x701 // 1793
-	SYS___SCANF_A                       = 0x702 // 1794
-	SYS___SSCANF_A                      = 0x703 // 1795
-	SYS___SWSCANF_A                     = 0x704 // 1796
-	SYS___ATOF_A                        = 0x705 // 1797
-	SYS___ATOI_A                        = 0x706 // 1798
-	SYS___ATOL_A                        = 0x707 // 1799
-	SYS___STRTOD_A                      = 0x708 // 1800
-	SYS___STRTOL_A                      = 0x709 // 1801
-	SYS___STRTOUL_A                     = 0x70A // 1802
-	SYS_____AE_CORRESTBL_QUERY_A        = 0x70B // 1803
-	SYS___A64L_A                        = 0x70C // 1804
-	SYS___ECVT_A                        = 0x70D // 1805
-	SYS___FCVT_A                        = 0x70E // 1806
-	SYS___GCVT_A                        = 0x70F // 1807
-	SYS___L64A_A                        = 0x710 // 1808
-	SYS___STRERROR_A                    = 0x711 // 1809
-	SYS___PERROR_A                      = 0x712 // 1810
-	SYS___FETCH_A                       = 0x713 // 1811
-	SYS___GETENV_A                      = 0x714 // 1812
-	SYS___MKSTEMP_A                     = 0x717 // 1815
-	SYS___PTSNAME_A                     = 0x718 // 1816
-	SYS___PUTENV_A                      = 0x719 // 1817
-	SYS___REALPATH_A                    = 0x71A // 1818
-	SYS___SETENV_A                      = 0x71B // 1819
-	SYS___SYSTEM_A                      = 0x71C // 1820
-	SYS___GETOPT_A                      = 0x71D // 1821
-	SYS___CATOPEN_A                     = 0x71E // 1822
-	SYS___ACCESS_A                      = 0x71F // 1823
-	SYS___CHDIR_A                       = 0x720 // 1824
-	SYS___CHOWN_A                       = 0x721 // 1825
-	SYS___CHROOT_A                      = 0x722 // 1826
-	SYS___GETCWD_A                      = 0x723 // 1827
-	SYS___GETWD_A                       = 0x724 // 1828
-	SYS___LCHOWN_A                      = 0x725 // 1829
-	SYS___LINK_A                        = 0x726 // 1830
-	SYS___PATHCONF_A                    = 0x727 // 1831
-	SYS___IF_NAMEINDEX_A                = 0x728 // 1832
-	SYS___READLINK_A                    = 0x729 // 1833
-	SYS___RMDIR_A                       = 0x72A // 1834
-	SYS___STATVFS_A                     = 0x72B // 1835
-	SYS___SYMLINK_A                     = 0x72C // 1836
-	SYS___TRUNCATE_A                    = 0x72D // 1837
-	SYS___UNLINK_A                      = 0x72E // 1838
-	SYS___GAI_STRERROR_A                = 0x72F // 1839
-	SYS___EXTLINK_NP_A                  = 0x730 // 1840
-	SYS___ISALNUM_A                     = 0x731 // 1841
-	SYS___ISALPHA_A                     = 0x732 // 1842
-	SYS___A2E_S                         = 0x733 // 1843
-	SYS___ISCNTRL_A                     = 0x734 // 1844
-	SYS___ISDIGIT_A                     = 0x735 // 1845
-	SYS___ISGRAPH_A                     = 0x736 // 1846
-	SYS___ISLOWER_A                     = 0x737 // 1847
-	SYS___ISPRINT_A                     = 0x738 // 1848
-	SYS___ISPUNCT_A                     = 0x739 // 1849
-	SYS___ISSPACE_A                     = 0x73A // 1850
-	SYS___ISUPPER_A                     = 0x73B // 1851
-	SYS___ISXDIGIT_A                    = 0x73C // 1852
-	SYS___TOLOWER_A                     = 0x73D // 1853
-	SYS___TOUPPER_A                     = 0x73E // 1854
-	SYS___ISWALNUM_A                    = 0x73F // 1855
-	SYS___ISWALPHA_A                    = 0x740 // 1856
-	SYS___A2E_L                         = 0x741 // 1857
-	SYS___ISWCNTRL_A                    = 0x742 // 1858
-	SYS___ISWDIGIT_A                    = 0x743 // 1859
-	SYS___ISWGRAPH_A                    = 0x744 // 1860
-	SYS___ISWLOWER_A                    = 0x745 // 1861
-	SYS___ISWPRINT_A                    = 0x746 // 1862
-	SYS___ISWPUNCT_A                    = 0x747 // 1863
-	SYS___ISWSPACE_A                    = 0x748 // 1864
-	SYS___ISWUPPER_A                    = 0x749 // 1865
-	SYS___ISWXDIGIT_A                   = 0x74A // 1866
-	SYS___CONFSTR_A                     = 0x74B // 1867
-	SYS___FTOK_A                        = 0x74C // 1868
-	SYS___MKTEMP_A                      = 0x74D // 1869
-	SYS___FDOPEN_A                      = 0x74E // 1870
-	SYS___FLDATA_A                      = 0x74F // 1871
-	SYS___REMOVE_A                      = 0x750 // 1872
-	SYS___RENAME_A                      = 0x751 // 1873
-	SYS___TMPNAM_A                      = 0x752 // 1874
-	SYS___FOPEN_A                       = 0x753 // 1875
-	SYS___FREOPEN_A                     = 0x754 // 1876
-	SYS___CUSERID_A                     = 0x755 // 1877
-	SYS___POPEN_A                       = 0x756 // 1878
-	SYS___TEMPNAM_A                     = 0x757 // 1879
-	SYS___FTW_A                         = 0x758 // 1880
-	SYS___GETGRENT_A                    = 0x759 // 1881
-	SYS___GETGRGID_A                    = 0x75A // 1882
-	SYS___GETGRNAM_A                    = 0x75B // 1883
-	SYS___GETGROUPSBYNAME_A             = 0x75C // 1884
-	SYS___GETHOSTENT_A                  = 0x75D // 1885
-	SYS___GETHOSTNAME_A                 = 0x75E // 1886
-	SYS___GETLOGIN_A                    = 0x75F // 1887
-	SYS___INET_NTOP_A                   = 0x760 // 1888
-	SYS___GETPASS_A                     = 0x761 // 1889
-	SYS___GETPWENT_A                    = 0x762 // 1890
-	SYS___GETPWNAM_A                    = 0x763 // 1891
-	SYS___GETPWUID_A                    = 0x764 // 1892
-	SYS_____CHECK_RESOURCE_AUTH_NP_A    = 0x765 // 1893
-	SYS___CHECKSCHENV_A                 = 0x766 // 1894
-	SYS___CONNECTSERVER_A               = 0x767 // 1895
-	SYS___CONNECTWORKMGR_A              = 0x768 // 1896
-	SYS_____CONSOLE_A                   = 0x769 // 1897
-	SYS___CREATEWORKUNIT_A              = 0x76A // 1898
-	SYS___CTERMID_A                     = 0x76B // 1899
-	SYS___FMTMSG_A                      = 0x76C // 1900
-	SYS___INITGROUPS_A                  = 0x76D // 1901
-	SYS_____LOGIN_A                     = 0x76E // 1902
-	SYS___MSGRCV_A                      = 0x76F // 1903
-	SYS___MSGSND_A                      = 0x770 // 1904
-	SYS___MSGXRCV_A                     = 0x771 // 1905
-	SYS___NFTW_A                        = 0x772 // 1906
-	SYS_____PASSWD_A                    = 0x773 // 1907
-	SYS___PTHREAD_SECURITY_NP_A         = 0x774 // 1908
-	SYS___QUERYMETRICS_A                = 0x775 // 1909
-	SYS___QUERYSCHENV                   = 0x776 // 1910
-	SYS___READV_A                       = 0x777 // 1911
-	SYS_____SERVER_CLASSIFY_A           = 0x778 // 1912
-	SYS_____SERVER_INIT_A               = 0x779 // 1913
-	SYS_____SERVER_PWU_A                = 0x77A // 1914
-	SYS___STRCASECMP_A                  = 0x77B // 1915
-	SYS___STRNCASECMP_A                 = 0x77C // 1916
-	SYS___TTYNAME_A                     = 0x77D // 1917
-	SYS___UNAME_A                       = 0x77E // 1918
-	SYS___UTIMES_A                      = 0x77F // 1919
-	SYS___W_GETPSENT_A                  = 0x780 // 1920
-	SYS___WRITEV_A                      = 0x781 // 1921
-	SYS___W_STATFS_A                    = 0x782 // 1922
-	SYS___W_STATVFS_A                   = 0x783 // 1923
-	SYS___FPUTC_A                       = 0x784 // 1924
-	SYS___PUTCHAR_A                     = 0x785 // 1925
-	SYS___PUTS_A                        = 0x786 // 1926
-	SYS___FGETS_A                       = 0x787 // 1927
-	SYS___GETS_A                        = 0x788 // 1928
-	SYS___FPUTS_A                       = 0x789 // 1929
-	SYS___FREAD_A                       = 0x78A // 1930
-	SYS___FWRITE_A                      = 0x78B // 1931
-	SYS___OPEN_O_A                      = 0x78C // 1932
-	SYS___ISASCII                       = 0x78D // 1933
-	SYS___CREAT_O_A                     = 0x78E // 1934
-	SYS___ENVNA                         = 0x78F // 1935
-	SYS___PUTC_A                        = 0x790 // 1936
-	SYS___AE_THREAD_SETMODE             = 0x791 // 1937
-	SYS___AE_THREAD_SWAPMODE            = 0x792 // 1938
-	SYS___GETNETBYADDR_A                = 0x793 // 1939
-	SYS___GETNETBYNAME_A                = 0x794 // 1940
-	SYS___GETNETENT_A                   = 0x795 // 1941
-	SYS___GETPROTOBYNAME_A              = 0x796 // 1942
-	SYS___GETPROTOBYNUMBER_A            = 0x797 // 1943
-	SYS___GETPROTOENT_A                 = 0x798 // 1944
-	SYS___GETSERVBYNAME_A               = 0x799 // 1945
-	SYS___GETSERVBYPORT_A               = 0x79A // 1946
-	SYS___GETSERVENT_A                  = 0x79B // 1947
-	SYS___ASCTIME_A                     = 0x79C // 1948
-	SYS___CTIME_A                       = 0x79D // 1949
-	SYS___GETDATE_A                     = 0x79E // 1950
-	SYS___TZSET_A                       = 0x79F // 1951
-	SYS___UTIME_A                       = 0x7A0 // 1952
-	SYS___ASCTIME_R_A                   = 0x7A1 // 1953
-	SYS___CTIME_R_A                     = 0x7A2 // 1954
-	SYS___STRTOLL_A                     = 0x7A3 // 1955
-	SYS___STRTOULL_A                    = 0x7A4 // 1956
-	SYS___FPUTWC_A                      = 0x7A5 // 1957
-	SYS___PUTWC_A                       = 0x7A6 // 1958
-	SYS___PUTWCHAR_A                    = 0x7A7 // 1959
-	SYS___FPUTWS_A                      = 0x7A8 // 1960
-	SYS___UNGETWC_A                     = 0x7A9 // 1961
-	SYS___FGETWC_A                      = 0x7AA // 1962
-	SYS___GETWC_A                       = 0x7AB // 1963
-	SYS___GETWCHAR_A                    = 0x7AC // 1964
-	SYS___FGETWS_A                      = 0x7AD // 1965
-	SYS___GETTIMEOFDAY_A                = 0x7AE // 1966
-	SYS___GMTIME_A                      = 0x7AF // 1967
-	SYS___GMTIME_R_A                    = 0x7B0 // 1968
-	SYS___LOCALTIME_A                   = 0x7B1 // 1969
-	SYS___LOCALTIME_R_A                 = 0x7B2 // 1970
-	SYS___MKTIME_A                      = 0x7B3 // 1971
-	SYS___TZZNA                         = 0x7B4 // 1972
-	SYS_UNATEXIT                        = 0x7B5 // 1973
-	SYS___CEE3DMP_A                     = 0x7B6 // 1974
-	SYS___CDUMP_A                       = 0x7B7 // 1975
-	SYS___CSNAP_A                       = 0x7B8 // 1976
-	SYS___CTEST_A                       = 0x7B9 // 1977
-	SYS___CTRACE_A                      = 0x7BA // 1978
-	SYS___VSWPRNTF2_A                   = 0x7BB // 1979
-	SYS___INET_PTON_A                   = 0x7BC // 1980
-	SYS___SYSLOG_A                      = 0x7BD // 1981
-	SYS___CRYPT_A                       = 0x7BE // 1982
-	SYS_____OPENDIR2_A                  = 0x7BF // 1983
-	SYS_____READDIR2_A                  = 0x7C0 // 1984
-	SYS___OPENDIR_A                     = 0x7C2 // 1986
-	SYS___READDIR_A                     = 0x7C3 // 1987
-	SYS_PREAD                           = 0x7C7 // 1991
-	SYS_PWRITE                          = 0x7C8 // 1992
-	SYS_M_CREATE_LAYOUT                 = 0x7C9 // 1993
-	SYS_M_DESTROY_LAYOUT                = 0x7CA // 1994
-	SYS_M_GETVALUES_LAYOUT              = 0x7CB // 1995
-	SYS_M_SETVALUES_LAYOUT              = 0x7CC // 1996
-	SYS_M_TRANSFORM_LAYOUT              = 0x7CD // 1997
-	SYS_M_WTRANSFORM_LAYOUT             = 0x7CE // 1998
-	SYS_FWPRINTF                        = 0x7D1 // 2001
-	SYS_WPRINTF                         = 0x7D2 // 2002
-	SYS_VFWPRINT                        = 0x7D3 // 2003
-	SYS_VFWPRINTF                       = 0x7D3 // 2003
-	SYS_VWPRINTF                        = 0x7D4 // 2004
-	SYS_FWSCANF                         = 0x7D5 // 2005
-	SYS_WSCANF                          = 0x7D6 // 2006
-	SYS_WCTRANS                         = 0x7D7 // 2007
-	SYS_TOWCTRAN                        = 0x7D8 // 2008
-	SYS_TOWCTRANS                       = 0x7D8 // 2008
-	SYS___WCSTOD_A                      = 0x7D9 // 2009
-	SYS___WCSTOL_A                      = 0x7DA // 2010
-	SYS___WCSTOUL_A                     = 0x7DB // 2011
-	SYS___BASENAME_A                    = 0x7DC // 2012
-	SYS___DIRNAME_A                     = 0x7DD // 2013
-	SYS___GLOB_A                        = 0x7DE // 2014
-	SYS_FWIDE                           = 0x7DF // 2015
-	SYS___OSNAME                        = 0x7E0 // 2016
-	SYS_____OSNAME_A                    = 0x7E1 // 2017
-	SYS___BTOWC_A                       = 0x7E4 // 2020
-	SYS___WCTOB_A                       = 0x7E5 // 2021
-	SYS___DBM_OPEN_A                    = 0x7E6 // 2022
-	SYS___VFPRINTF2_A                   = 0x7E7 // 2023
-	SYS___VPRINTF2_A                    = 0x7E8 // 2024
-	SYS___VSPRINTF2_A                   = 0x7E9 // 2025
-	SYS___CEIL_H                        = 0x7EA // 2026
-	SYS___FLOOR_H                       = 0x7EB // 2027
-	SYS___MODF_H                        = 0x7EC // 2028
-	SYS___FABS_H                        = 0x7ED // 2029
-	SYS___J0_H                          = 0x7EE // 2030
-	SYS___J1_H                          = 0x7EF // 2031
-	SYS___JN_H                          = 0x7F0 // 2032
-	SYS___Y0_H                          = 0x7F1 // 2033
-	SYS___Y1_H                          = 0x7F2 // 2034
-	SYS___YN_H                          = 0x7F3 // 2035
-	SYS___CEILF_H                       = 0x7F4 // 2036
-	SYS___CEILL_H                       = 0x7F5 // 2037
-	SYS___FLOORF_H                      = 0x7F6 // 2038
-	SYS___FLOORL_H                      = 0x7F7 // 2039
-	SYS___MODFF_H                       = 0x7F8 // 2040
-	SYS___MODFL_H                       = 0x7F9 // 2041
-	SYS___FABSF_H                       = 0x7FA // 2042
-	SYS___FABSL_H                       = 0x7FB // 2043
-	SYS___MALLOC24                      = 0x7FC // 2044
-	SYS___MALLOC31                      = 0x7FD // 2045
-	SYS_ACL_INIT                        = 0x7FE // 2046
-	SYS_ACL_FREE                        = 0x7FF // 2047
-	SYS_ACL_FIRST_ENTRY                 = 0x800 // 2048
-	SYS_ACL_GET_ENTRY                   = 0x801 // 2049
-	SYS_ACL_VALID                       = 0x802 // 2050
-	SYS_ACL_CREATE_ENTRY                = 0x803 // 2051
-	SYS_ACL_DELETE_ENTRY                = 0x804 // 2052
-	SYS_ACL_UPDATE_ENTRY                = 0x805 // 2053
-	SYS_ACL_DELETE_FD                   = 0x806 // 2054
-	SYS_ACL_DELETE_FILE                 = 0x807 // 2055
-	SYS_ACL_GET_FD                      = 0x808 // 2056
-	SYS_ACL_GET_FILE                    = 0x809 // 2057
-	SYS_ACL_SET_FD                      = 0x80A // 2058
-	SYS_ACL_SET_FILE                    = 0x80B // 2059
-	SYS_ACL_FROM_TEXT                   = 0x80C // 2060
-	SYS_ACL_TO_TEXT                     = 0x80D // 2061
-	SYS_ACL_SORT                        = 0x80E // 2062
-	SYS___SHUTDOWN_REGISTRATION         = 0x80F // 2063
-	SYS___ERFL_B                        = 0x810 // 2064
-	SYS___ERFCL_B                       = 0x811 // 2065
-	SYS___LGAMMAL_B                     = 0x812 // 2066
-	SYS___SETHOOKEVENTS                 = 0x813 // 2067
-	SYS_IF_NAMETOINDEX                  = 0x814 // 2068
-	SYS_IF_INDEXTONAME                  = 0x815 // 2069
-	SYS_IF_NAMEINDEX                    = 0x816 // 2070
-	SYS_IF_FREENAMEINDEX                = 0x817 // 2071
-	SYS_GETADDRINFO                     = 0x818 // 2072
-	SYS_GETNAMEINFO                     = 0x819 // 2073
-	SYS_FREEADDRINFO                    = 0x81A // 2074
-	SYS_GAI_STRERROR                    = 0x81B // 2075
-	SYS_REXEC_AF                        = 0x81C // 2076
-	SYS___POE                           = 0x81D // 2077
-	SYS___DYNALLOC_A                    = 0x81F // 2079
-	SYS___DYNFREE_A                     = 0x820 // 2080
-	SYS___RES_QUERY_A                   = 0x821 // 2081
-	SYS___RES_SEARCH_A                  = 0x822 // 2082
-	SYS___RES_QUERYDOMAIN_A             = 0x823 // 2083
-	SYS___RES_MKQUERY_A                 = 0x824 // 2084
-	SYS___RES_SEND_A                    = 0x825 // 2085
-	SYS___DN_EXPAND_A                   = 0x826 // 2086
-	SYS___DN_SKIPNAME_A                 = 0x827 // 2087
-	SYS___DN_COMP_A                     = 0x828 // 2088
-	SYS___DN_FIND_A                     = 0x829 // 2089
-	SYS___NLIST_A                       = 0x82A // 2090
-	SYS_____TCGETCP_A                   = 0x82B // 2091
-	SYS_____TCSETCP_A                   = 0x82C // 2092
-	SYS_____W_PIOCTL_A                  = 0x82E // 2094
-	SYS___INET_ADDR_A                   = 0x82F // 2095
-	SYS___INET_NTOA_A                   = 0x830 // 2096
-	SYS___INET_NETWORK_A                = 0x831 // 2097
-	SYS___ACCEPT_A                      = 0x832 // 2098
-	SYS___ACCEPT_AND_RECV_A             = 0x833 // 2099
-	SYS___BIND_A                        = 0x834 // 2100
-	SYS___CONNECT_A                     = 0x835 // 2101
-	SYS___GETPEERNAME_A                 = 0x836 // 2102
-	SYS___GETSOCKNAME_A                 = 0x837 // 2103
-	SYS___RECVFROM_A                    = 0x838 // 2104
-	SYS___SENDTO_A                      = 0x839 // 2105
-	SYS___SENDMSG_A                     = 0x83A // 2106
-	SYS___RECVMSG_A                     = 0x83B // 2107
-	SYS_____LCHATTR_A                   = 0x83C // 2108
-	SYS___CABEND                        = 0x83D // 2109
-	SYS___LE_CIB_GET                    = 0x83E // 2110
-	SYS___SET_LAA_FOR_JIT               = 0x83F // 2111
-	SYS___LCHATTR                       = 0x840 // 2112
-	SYS___WRITEDOWN                     = 0x841 // 2113
-	SYS_PTHREAD_MUTEX_INIT2             = 0x842 // 2114
-	SYS___ACOSHF_B                      = 0x843 // 2115
-	SYS___ACOSHL_B                      = 0x844 // 2116
-	SYS___ASINHF_B                      = 0x845 // 2117
-	SYS___ASINHL_B                      = 0x846 // 2118
-	SYS___ATANHF_B                      = 0x847 // 2119
-	SYS___ATANHL_B                      = 0x848 // 2120
-	SYS___CBRTF_B                       = 0x849 // 2121
-	SYS___CBRTL_B                       = 0x84A // 2122
-	SYS___COPYSIGNF_B                   = 0x84B // 2123
-	SYS___COPYSIGNL_B                   = 0x84C // 2124
-	SYS___COTANF_B                      = 0x84D // 2125
-	SYS___COTAN_B                       = 0x84E // 2126
-	SYS___COTANL_B                      = 0x84F // 2127
-	SYS___EXP2F_B                       = 0x850 // 2128
-	SYS___EXP2L_B                       = 0x851 // 2129
-	SYS___EXPM1F_B                      = 0x852 // 2130
-	SYS___EXPM1L_B                      = 0x853 // 2131
-	SYS___FDIMF_B                       = 0x854 // 2132
-	SYS___FDIM_B                        = 0x855 // 2133
-	SYS___FDIML_B                       = 0x856 // 2134
-	SYS___HYPOTF_B                      = 0x857 // 2135
-	SYS___HYPOTL_B                      = 0x858 // 2136
-	SYS___LOG1PF_B                      = 0x859 // 2137
-	SYS___LOG1PL_B                      = 0x85A // 2138
-	SYS___LOG2F_B                       = 0x85B // 2139
-	SYS___LOG2_B                        = 0x85C // 2140
-	SYS___LOG2L_B                       = 0x85D // 2141
-	SYS___REMAINDERF_B                  = 0x85E // 2142
-	SYS___REMAINDERL_B                  = 0x85F // 2143
-	SYS___REMQUOF_B                     = 0x860 // 2144
-	SYS___REMQUO_B                      = 0x861 // 2145
-	SYS___REMQUOL_B                     = 0x862 // 2146
-	SYS___TGAMMAF_B                     = 0x863 // 2147
-	SYS___TGAMMA_B                      = 0x864 // 2148
-	SYS___TGAMMAL_B                     = 0x865 // 2149
-	SYS___TRUNCF_B                      = 0x866 // 2150
-	SYS___TRUNC_B                       = 0x867 // 2151
-	SYS___TRUNCL_B                      = 0x868 // 2152
-	SYS___LGAMMAF_B                     = 0x869 // 2153
-	SYS___LROUNDF_B                     = 0x86A // 2154
-	SYS___LROUND_B                      = 0x86B // 2155
-	SYS___ERFF_B                        = 0x86C // 2156
-	SYS___ERFCF_B                       = 0x86D // 2157
-	SYS_ACOSHF                          = 0x86E // 2158
-	SYS_ACOSHL                          = 0x86F // 2159
-	SYS_ASINHF                          = 0x870 // 2160
-	SYS_ASINHL                          = 0x871 // 2161
-	SYS_ATANHF                          = 0x872 // 2162
-	SYS_ATANHL                          = 0x873 // 2163
-	SYS_CBRTF                           = 0x874 // 2164
-	SYS_CBRTL                           = 0x875 // 2165
-	SYS_COPYSIGNF                       = 0x876 // 2166
-	SYS_CPYSIGNF                        = 0x876 // 2166
-	SYS_COPYSIGNL                       = 0x877 // 2167
-	SYS_CPYSIGNL                        = 0x877 // 2167
-	SYS_COTANF                          = 0x878 // 2168
-	SYS___COTANF                        = 0x878 // 2168
-	SYS_COTAN                           = 0x879 // 2169
-	SYS___COTAN                         = 0x879 // 2169
-	SYS_COTANL                          = 0x87A // 2170
-	SYS___COTANL                        = 0x87A // 2170
-	SYS_EXP2F                           = 0x87B // 2171
-	SYS_EXP2L                           = 0x87C // 2172
-	SYS_EXPM1F                          = 0x87D // 2173
-	SYS_EXPM1L                          = 0x87E // 2174
-	SYS_FDIMF                           = 0x87F // 2175
-	SYS_FDIM                            = 0x881 // 2177
-	SYS_FDIML                           = 0x882 // 2178
-	SYS_HYPOTF                          = 0x883 // 2179
-	SYS_HYPOTL                          = 0x884 // 2180
-	SYS_LOG1PF                          = 0x885 // 2181
-	SYS_LOG1PL                          = 0x886 // 2182
-	SYS_LOG2F                           = 0x887 // 2183
-	SYS_LOG2                            = 0x888 // 2184
-	SYS_LOG2L                           = 0x889 // 2185
-	SYS_REMAINDERF                      = 0x88A // 2186
-	SYS_REMAINDF                        = 0x88A // 2186
-	SYS_REMAINDERL                      = 0x88B // 2187
-	SYS_REMAINDL                        = 0x88B // 2187
-	SYS_REMQUOF                         = 0x88C // 2188
-	SYS_REMQUO                          = 0x88D // 2189
-	SYS_REMQUOL                         = 0x88E // 2190
-	SYS_TGAMMAF                         = 0x88F // 2191
-	SYS_TGAMMA                          = 0x890 // 2192
-	SYS_TGAMMAL                         = 0x891 // 2193
-	SYS_TRUNCF                          = 0x892 // 2194
-	SYS_TRUNC                           = 0x893 // 2195
-	SYS_TRUNCL                          = 0x894 // 2196
-	SYS_LGAMMAF                         = 0x895 // 2197
-	SYS_LGAMMAL                         = 0x896 // 2198
-	SYS_LROUNDF                         = 0x897 // 2199
-	SYS_LROUND                          = 0x898 // 2200
-	SYS_ERFF                            = 0x899 // 2201
-	SYS_ERFL                            = 0x89A // 2202
-	SYS_ERFCF                           = 0x89B // 2203
-	SYS_ERFCL                           = 0x89C // 2204
-	SYS___EXP2_B                        = 0x89D // 2205
-	SYS_EXP2                            = 0x89E // 2206
-	SYS___FAR_JUMP                      = 0x89F // 2207
-	SYS___TCGETATTR_A                   = 0x8A1 // 2209
-	SYS___TCSETATTR_A                   = 0x8A2 // 2210
-	SYS___SUPERKILL                     = 0x8A4 // 2212
-	SYS___LE_CONDITION_TOKEN_BUILD      = 0x8A5 // 2213
-	SYS___LE_MSG_ADD_INSERT             = 0x8A6 // 2214
-	SYS___LE_MSG_GET                    = 0x8A7 // 2215
-	SYS___LE_MSG_GET_AND_WRITE          = 0x8A8 // 2216
-	SYS___LE_MSG_WRITE                  = 0x8A9 // 2217
-	SYS___ITOA                          = 0x8AA // 2218
-	SYS___UTOA                          = 0x8AB // 2219
-	SYS___LTOA                          = 0x8AC // 2220
-	SYS___ULTOA                         = 0x8AD // 2221
-	SYS___LLTOA                         = 0x8AE // 2222
-	SYS___ULLTOA                        = 0x8AF // 2223
-	SYS___ITOA_A                        = 0x8B0 // 2224
-	SYS___UTOA_A                        = 0x8B1 // 2225
-	SYS___LTOA_A                        = 0x8B2 // 2226
-	SYS___ULTOA_A                       = 0x8B3 // 2227
-	SYS___LLTOA_A                       = 0x8B4 // 2228
-	SYS___ULLTOA_A                      = 0x8B5 // 2229
-	SYS_____GETENV_A                    = 0x8C3 // 2243
-	SYS___REXEC_A                       = 0x8C4 // 2244
-	SYS___REXEC_AF_A                    = 0x8C5 // 2245
-	SYS___GETUTXENT_A                   = 0x8C6 // 2246
-	SYS___GETUTXID_A                    = 0x8C7 // 2247
-	SYS___GETUTXLINE_A                  = 0x8C8 // 2248
-	SYS___PUTUTXLINE_A                  = 0x8C9 // 2249
-	SYS_____UTMPXNAME_A                 = 0x8CA // 2250
-	SYS___PUTC_UNLOCKED_A               = 0x8CB // 2251
-	SYS___PUTCHAR_UNLOCKED_A            = 0x8CC // 2252
-	SYS___SNPRINTF_A                    = 0x8CD // 2253
-	SYS___VSNPRINTF_A                   = 0x8CE // 2254
-	SYS___DLOPEN_A                      = 0x8D0 // 2256
-	SYS___DLSYM_A                       = 0x8D1 // 2257
-	SYS___DLERROR_A                     = 0x8D2 // 2258
-	SYS_FLOCKFILE                       = 0x8D3 // 2259
-	SYS_FTRYLOCKFILE                    = 0x8D4 // 2260
-	SYS_FUNLOCKFILE                     = 0x8D5 // 2261
-	SYS_GETC_UNLOCKED                   = 0x8D6 // 2262
-	SYS_GETCHAR_UNLOCKED                = 0x8D7 // 2263
-	SYS_PUTC_UNLOCKED                   = 0x8D8 // 2264
-	SYS_PUTCHAR_UNLOCKED                = 0x8D9 // 2265
-	SYS_SNPRINTF                        = 0x8DA // 2266
-	SYS_VSNPRINTF                       = 0x8DB // 2267
-	SYS_DLOPEN                          = 0x8DD // 2269
-	SYS_DLSYM                           = 0x8DE // 2270
-	SYS_DLCLOSE                         = 0x8DF // 2271
-	SYS_DLERROR                         = 0x8E0 // 2272
-	SYS___SET_EXCEPTION_HANDLER         = 0x8E2 // 2274
-	SYS___RESET_EXCEPTION_HANDLER       = 0x8E3 // 2275
-	SYS___VHM_EVENT                     = 0x8E4 // 2276
-	SYS___ABS_H                         = 0x8E6 // 2278
-	SYS___ABSF_H                        = 0x8E7 // 2279
-	SYS___ABSL_H                        = 0x8E8 // 2280
-	SYS___ACOS_H                        = 0x8E9 // 2281
-	SYS___ACOSF_H                       = 0x8EA // 2282
-	SYS___ACOSL_H                       = 0x8EB // 2283
-	SYS___ACOSH_H                       = 0x8EC // 2284
-	SYS___ASIN_H                        = 0x8ED // 2285
-	SYS___ASINF_H                       = 0x8EE // 2286
-	SYS___ASINL_H                       = 0x8EF // 2287
-	SYS___ASINH_H                       = 0x8F0 // 2288
-	SYS___ATAN_H                        = 0x8F1 // 2289
-	SYS___ATANF_H                       = 0x8F2 // 2290
-	SYS___ATANL_H                       = 0x8F3 // 2291
-	SYS___ATANH_H                       = 0x8F4 // 2292
-	SYS___ATANHF_H                      = 0x8F5 // 2293
-	SYS___ATANHL_H                      = 0x8F6 // 2294
-	SYS___ATAN2_H                       = 0x8F7 // 2295
-	SYS___ATAN2F_H                      = 0x8F8 // 2296
-	SYS___ATAN2L_H                      = 0x8F9 // 2297
-	SYS___CBRT_H                        = 0x8FA // 2298
-	SYS___COPYSIGNF_H                   = 0x8FB // 2299
-	SYS___COPYSIGNL_H                   = 0x8FC // 2300
-	SYS___COS_H                         = 0x8FD // 2301
-	SYS___COSF_H                        = 0x8FE // 2302
-	SYS___COSL_H                        = 0x8FF // 2303
-	SYS___COSHF_H                       = 0x900 // 2304
-	SYS___COSHL_H                       = 0x901 // 2305
-	SYS___COTAN_H                       = 0x902 // 2306
-	SYS___COTANF_H                      = 0x903 // 2307
-	SYS___COTANL_H                      = 0x904 // 2308
-	SYS___ERF_H                         = 0x905 // 2309
-	SYS___ERFF_H                        = 0x906 // 2310
-	SYS___ERFL_H                        = 0x907 // 2311
-	SYS___ERFC_H                        = 0x908 // 2312
-	SYS___ERFCF_H                       = 0x909 // 2313
-	SYS___ERFCL_H                       = 0x90A // 2314
-	SYS___EXP_H                         = 0x90B // 2315
-	SYS___EXPF_H                        = 0x90C // 2316
-	SYS___EXPL_H                        = 0x90D // 2317
-	SYS___EXPM1_H                       = 0x90E // 2318
-	SYS___FDIM_H                        = 0x90F // 2319
-	SYS___FDIMF_H                       = 0x910 // 2320
-	SYS___FDIML_H                       = 0x911 // 2321
-	SYS___FMOD_H                        = 0x912 // 2322
-	SYS___FMODF_H                       = 0x913 // 2323
-	SYS___FMODL_H                       = 0x914 // 2324
-	SYS___GAMMA_H                       = 0x915 // 2325
-	SYS___HYPOT_H                       = 0x916 // 2326
-	SYS___ILOGB_H                       = 0x917 // 2327
-	SYS___LGAMMA_H                      = 0x918 // 2328
-	SYS___LGAMMAF_H                     = 0x919 // 2329
-	SYS___LOG_H                         = 0x91A // 2330
-	SYS___LOGF_H                        = 0x91B // 2331
-	SYS___LOGL_H                        = 0x91C // 2332
-	SYS___LOGB_H                        = 0x91D // 2333
-	SYS___LOG2_H                        = 0x91E // 2334
-	SYS___LOG2F_H                       = 0x91F // 2335
-	SYS___LOG2L_H                       = 0x920 // 2336
-	SYS___LOG1P_H                       = 0x921 // 2337
-	SYS___LOG10_H                       = 0x922 // 2338
-	SYS___LOG10F_H                      = 0x923 // 2339
-	SYS___LOG10L_H                      = 0x924 // 2340
-	SYS___LROUND_H                      = 0x925 // 2341
-	SYS___LROUNDF_H                     = 0x926 // 2342
-	SYS___NEXTAFTER_H                   = 0x927 // 2343
-	SYS___POW_H                         = 0x928 // 2344
-	SYS___POWF_H                        = 0x929 // 2345
-	SYS___POWL_H                        = 0x92A // 2346
-	SYS___REMAINDER_H                   = 0x92B // 2347
-	SYS___RINT_H                        = 0x92C // 2348
-	SYS___SCALB_H                       = 0x92D // 2349
-	SYS___SIN_H                         = 0x92E // 2350
-	SYS___SINF_H                        = 0x92F // 2351
-	SYS___SINL_H                        = 0x930 // 2352
-	SYS___SINH_H                        = 0x931 // 2353
-	SYS___SINHF_H                       = 0x932 // 2354
-	SYS___SINHL_H                       = 0x933 // 2355
-	SYS___SQRT_H                        = 0x934 // 2356
-	SYS___SQRTF_H                       = 0x935 // 2357
-	SYS___SQRTL_H                       = 0x936 // 2358
-	SYS___TAN_H                         = 0x937 // 2359
-	SYS___TANF_H                        = 0x938 // 2360
-	SYS___TANL_H                        = 0x939 // 2361
-	SYS___TANH_H                        = 0x93A // 2362
-	SYS___TANHF_H                       = 0x93B // 2363
-	SYS___TANHL_H                       = 0x93C // 2364
-	SYS___TGAMMA_H                      = 0x93D // 2365
-	SYS___TGAMMAF_H                     = 0x93E // 2366
-	SYS___TRUNC_H                       = 0x93F // 2367
-	SYS___TRUNCF_H                      = 0x940 // 2368
-	SYS___TRUNCL_H                      = 0x941 // 2369
-	SYS___COSH_H                        = 0x942 // 2370
-	SYS___LE_DEBUG_SET_RESUME_MCH       = 0x943 // 2371
-	SYS_VFSCANF                         = 0x944 // 2372
-	SYS_VSCANF                          = 0x946 // 2374
-	SYS_VSSCANF                         = 0x948 // 2376
-	SYS_VFWSCANF                        = 0x94A // 2378
-	SYS_VWSCANF                         = 0x94C // 2380
-	SYS_VSWSCANF                        = 0x94E // 2382
-	SYS_IMAXABS                         = 0x950 // 2384
-	SYS_IMAXDIV                         = 0x951 // 2385
-	SYS_STRTOIMAX                       = 0x952 // 2386
-	SYS_STRTOUMAX                       = 0x953 // 2387
-	SYS_WCSTOIMAX                       = 0x954 // 2388
-	SYS_WCSTOUMAX                       = 0x955 // 2389
-	SYS_ATOLL                           = 0x956 // 2390
-	SYS_STRTOF                          = 0x957 // 2391
-	SYS_STRTOLD                         = 0x958 // 2392
-	SYS_WCSTOF                          = 0x959 // 2393
-	SYS_WCSTOLD                         = 0x95A // 2394
-	SYS_INET6_RTH_SPACE                 = 0x95B // 2395
-	SYS_INET6_RTH_INIT                  = 0x95C // 2396
-	SYS_INET6_RTH_ADD                   = 0x95D // 2397
-	SYS_INET6_RTH_REVERSE               = 0x95E // 2398
-	SYS_INET6_RTH_SEGMENTS              = 0x95F // 2399
-	SYS_INET6_RTH_GETADDR               = 0x960 // 2400
-	SYS_INET6_OPT_INIT                  = 0x961 // 2401
-	SYS_INET6_OPT_APPEND                = 0x962 // 2402
-	SYS_INET6_OPT_FINISH                = 0x963 // 2403
-	SYS_INET6_OPT_SET_VAL               = 0x964 // 2404
-	SYS_INET6_OPT_NEXT                  = 0x965 // 2405
-	SYS_INET6_OPT_FIND                  = 0x966 // 2406
-	SYS_INET6_OPT_GET_VAL               = 0x967 // 2407
-	SYS___POW_I                         = 0x987 // 2439
-	SYS___POW_I_B                       = 0x988 // 2440
-	SYS___POW_I_H                       = 0x989 // 2441
-	SYS___POW_II                        = 0x98A // 2442
-	SYS___POW_II_B                      = 0x98B // 2443
-	SYS___POW_II_H                      = 0x98C // 2444
-	SYS_CABS                            = 0x98E // 2446
-	SYS___CABS_B                        = 0x98F // 2447
-	SYS___CABS_H                        = 0x990 // 2448
-	SYS_CABSF                           = 0x991 // 2449
-	SYS___CABSF_B                       = 0x992 // 2450
-	SYS___CABSF_H                       = 0x993 // 2451
-	SYS_CABSL                           = 0x994 // 2452
-	SYS___CABSL_B                       = 0x995 // 2453
-	SYS___CABSL_H                       = 0x996 // 2454
-	SYS_CACOS                           = 0x997 // 2455
-	SYS___CACOS_B                       = 0x998 // 2456
-	SYS___CACOS_H                       = 0x999 // 2457
-	SYS_CACOSF                          = 0x99A // 2458
-	SYS___CACOSF_B                      = 0x99B // 2459
-	SYS___CACOSF_H                      = 0x99C // 2460
-	SYS_CACOSL                          = 0x99D // 2461
-	SYS___CACOSL_B                      = 0x99E // 2462
-	SYS___CACOSL_H                      = 0x99F // 2463
-	SYS_CACOSH                          = 0x9A0 // 2464
-	SYS___CACOSH_B                      = 0x9A1 // 2465
-	SYS___CACOSH_H                      = 0x9A2 // 2466
-	SYS_CACOSHF                         = 0x9A3 // 2467
-	SYS___CACOSHF_B                     = 0x9A4 // 2468
-	SYS___CACOSHF_H                     = 0x9A5 // 2469
-	SYS_CACOSHL                         = 0x9A6 // 2470
-	SYS___CACOSHL_B                     = 0x9A7 // 2471
-	SYS___CACOSHL_H                     = 0x9A8 // 2472
-	SYS_CARG                            = 0x9A9 // 2473
-	SYS___CARG_B                        = 0x9AA // 2474
-	SYS___CARG_H                        = 0x9AB // 2475
-	SYS_CARGF                           = 0x9AC // 2476
-	SYS___CARGF_B                       = 0x9AD // 2477
-	SYS___CARGF_H                       = 0x9AE // 2478
-	SYS_CARGL                           = 0x9AF // 2479
-	SYS___CARGL_B                       = 0x9B0 // 2480
-	SYS___CARGL_H                       = 0x9B1 // 2481
-	SYS_CASIN                           = 0x9B2 // 2482
-	SYS___CASIN_B                       = 0x9B3 // 2483
-	SYS___CASIN_H                       = 0x9B4 // 2484
-	SYS_CASINF                          = 0x9B5 // 2485
-	SYS___CASINF_B                      = 0x9B6 // 2486
-	SYS___CASINF_H                      = 0x9B7 // 2487
-	SYS_CASINL                          = 0x9B8 // 2488
-	SYS___CASINL_B                      = 0x9B9 // 2489
-	SYS___CASINL_H                      = 0x9BA // 2490
-	SYS_CASINH                          = 0x9BB // 2491
-	SYS___CASINH_B                      = 0x9BC // 2492
-	SYS___CASINH_H                      = 0x9BD // 2493
-	SYS_CASINHF                         = 0x9BE // 2494
-	SYS___CASINHF_B                     = 0x9BF // 2495
-	SYS___CASINHF_H                     = 0x9C0 // 2496
-	SYS_CASINHL                         = 0x9C1 // 2497
-	SYS___CASINHL_B                     = 0x9C2 // 2498
-	SYS___CASINHL_H                     = 0x9C3 // 2499
-	SYS_CATAN                           = 0x9C4 // 2500
-	SYS___CATAN_B                       = 0x9C5 // 2501
-	SYS___CATAN_H                       = 0x9C6 // 2502
-	SYS_CATANF                          = 0x9C7 // 2503
-	SYS___CATANF_B                      = 0x9C8 // 2504
-	SYS___CATANF_H                      = 0x9C9 // 2505
-	SYS_CATANL                          = 0x9CA // 2506
-	SYS___CATANL_B                      = 0x9CB // 2507
-	SYS___CATANL_H                      = 0x9CC // 2508
-	SYS_CATANH                          = 0x9CD // 2509
-	SYS___CATANH_B                      = 0x9CE // 2510
-	SYS___CATANH_H                      = 0x9CF // 2511
-	SYS_CATANHF                         = 0x9D0 // 2512
-	SYS___CATANHF_B                     = 0x9D1 // 2513
-	SYS___CATANHF_H                     = 0x9D2 // 2514
-	SYS_CATANHL                         = 0x9D3 // 2515
-	SYS___CATANHL_B                     = 0x9D4 // 2516
-	SYS___CATANHL_H                     = 0x9D5 // 2517
-	SYS_CCOS                            = 0x9D6 // 2518
-	SYS___CCOS_B                        = 0x9D7 // 2519
-	SYS___CCOS_H                        = 0x9D8 // 2520
-	SYS_CCOSF                           = 0x9D9 // 2521
-	SYS___CCOSF_B                       = 0x9DA // 2522
-	SYS___CCOSF_H                       = 0x9DB // 2523
-	SYS_CCOSL                           = 0x9DC // 2524
-	SYS___CCOSL_B                       = 0x9DD // 2525
-	SYS___CCOSL_H                       = 0x9DE // 2526
-	SYS_CCOSH                           = 0x9DF // 2527
-	SYS___CCOSH_B                       = 0x9E0 // 2528
-	SYS___CCOSH_H                       = 0x9E1 // 2529
-	SYS_CCOSHF                          = 0x9E2 // 2530
-	SYS___CCOSHF_B                      = 0x9E3 // 2531
-	SYS___CCOSHF_H                      = 0x9E4 // 2532
-	SYS_CCOSHL                          = 0x9E5 // 2533
-	SYS___CCOSHL_B                      = 0x9E6 // 2534
-	SYS___CCOSHL_H                      = 0x9E7 // 2535
-	SYS_CEXP                            = 0x9E8 // 2536
-	SYS___CEXP_B                        = 0x9E9 // 2537
-	SYS___CEXP_H                        = 0x9EA // 2538
-	SYS_CEXPF                           = 0x9EB // 2539
-	SYS___CEXPF_B                       = 0x9EC // 2540
-	SYS___CEXPF_H                       = 0x9ED // 2541
-	SYS_CEXPL                           = 0x9EE // 2542
-	SYS___CEXPL_B                       = 0x9EF // 2543
-	SYS___CEXPL_H                       = 0x9F0 // 2544
-	SYS_CIMAG                           = 0x9F1 // 2545
-	SYS___CIMAG_B                       = 0x9F2 // 2546
-	SYS___CIMAG_H                       = 0x9F3 // 2547
-	SYS_CIMAGF                          = 0x9F4 // 2548
-	SYS___CIMAGF_B                      = 0x9F5 // 2549
-	SYS___CIMAGF_H                      = 0x9F6 // 2550
-	SYS_CIMAGL                          = 0x9F7 // 2551
-	SYS___CIMAGL_B                      = 0x9F8 // 2552
-	SYS___CIMAGL_H                      = 0x9F9 // 2553
-	SYS___CLOG                          = 0x9FA // 2554
-	SYS___CLOG_B                        = 0x9FB // 2555
-	SYS___CLOG_H                        = 0x9FC // 2556
-	SYS_CLOGF                           = 0x9FD // 2557
-	SYS___CLOGF_B                       = 0x9FE // 2558
-	SYS___CLOGF_H                       = 0x9FF // 2559
-	SYS_CLOGL                           = 0xA00 // 2560
-	SYS___CLOGL_B                       = 0xA01 // 2561
-	SYS___CLOGL_H                       = 0xA02 // 2562
-	SYS_CONJ                            = 0xA03 // 2563
-	SYS___CONJ_B                        = 0xA04 // 2564
-	SYS___CONJ_H                        = 0xA05 // 2565
-	SYS_CONJF                           = 0xA06 // 2566
-	SYS___CONJF_B                       = 0xA07 // 2567
-	SYS___CONJF_H                       = 0xA08 // 2568
-	SYS_CONJL                           = 0xA09 // 2569
-	SYS___CONJL_B                       = 0xA0A // 2570
-	SYS___CONJL_H                       = 0xA0B // 2571
-	SYS_CPOW                            = 0xA0C // 2572
-	SYS___CPOW_B                        = 0xA0D // 2573
-	SYS___CPOW_H                        = 0xA0E // 2574
-	SYS_CPOWF                           = 0xA0F // 2575
-	SYS___CPOWF_B                       = 0xA10 // 2576
-	SYS___CPOWF_H                       = 0xA11 // 2577
-	SYS_CPOWL                           = 0xA12 // 2578
-	SYS___CPOWL_B                       = 0xA13 // 2579
-	SYS___CPOWL_H                       = 0xA14 // 2580
-	SYS_CPROJ                           = 0xA15 // 2581
-	SYS___CPROJ_B                       = 0xA16 // 2582
-	SYS___CPROJ_H                       = 0xA17 // 2583
-	SYS_CPROJF                          = 0xA18 // 2584
-	SYS___CPROJF_B                      = 0xA19 // 2585
-	SYS___CPROJF_H                      = 0xA1A // 2586
-	SYS_CPROJL                          = 0xA1B // 2587
-	SYS___CPROJL_B                      = 0xA1C // 2588
-	SYS___CPROJL_H                      = 0xA1D // 2589
-	SYS_CREAL                           = 0xA1E // 2590
-	SYS___CREAL_B                       = 0xA1F // 2591
-	SYS___CREAL_H                       = 0xA20 // 2592
-	SYS_CREALF                          = 0xA21 // 2593
-	SYS___CREALF_B                      = 0xA22 // 2594
-	SYS___CREALF_H                      = 0xA23 // 2595
-	SYS_CREALL                          = 0xA24 // 2596
-	SYS___CREALL_B                      = 0xA25 // 2597
-	SYS___CREALL_H                      = 0xA26 // 2598
-	SYS_CSIN                            = 0xA27 // 2599
-	SYS___CSIN_B                        = 0xA28 // 2600
-	SYS___CSIN_H                        = 0xA29 // 2601
-	SYS_CSINF                           = 0xA2A // 2602
-	SYS___CSINF_B                       = 0xA2B // 2603
-	SYS___CSINF_H                       = 0xA2C // 2604
-	SYS_CSINL                           = 0xA2D // 2605
-	SYS___CSINL_B                       = 0xA2E // 2606
-	SYS___CSINL_H                       = 0xA2F // 2607
-	SYS_CSINH                           = 0xA30 // 2608
-	SYS___CSINH_B                       = 0xA31 // 2609
-	SYS___CSINH_H                       = 0xA32 // 2610
-	SYS_CSINHF                          = 0xA33 // 2611
-	SYS___CSINHF_B                      = 0xA34 // 2612
-	SYS___CSINHF_H                      = 0xA35 // 2613
-	SYS_CSINHL                          = 0xA36 // 2614
-	SYS___CSINHL_B                      = 0xA37 // 2615
-	SYS___CSINHL_H                      = 0xA38 // 2616
-	SYS_CSQRT                           = 0xA39 // 2617
-	SYS___CSQRT_B                       = 0xA3A // 2618
-	SYS___CSQRT_H                       = 0xA3B // 2619
-	SYS_CSQRTF                          = 0xA3C // 2620
-	SYS___CSQRTF_B                      = 0xA3D // 2621
-	SYS___CSQRTF_H                      = 0xA3E // 2622
-	SYS_CSQRTL                          = 0xA3F // 2623
-	SYS___CSQRTL_B                      = 0xA40 // 2624
-	SYS___CSQRTL_H                      = 0xA41 // 2625
-	SYS_CTAN                            = 0xA42 // 2626
-	SYS___CTAN_B                        = 0xA43 // 2627
-	SYS___CTAN_H                        = 0xA44 // 2628
-	SYS_CTANF                           = 0xA45 // 2629
-	SYS___CTANF_B                       = 0xA46 // 2630
-	SYS___CTANF_H                       = 0xA47 // 2631
-	SYS_CTANL                           = 0xA48 // 2632
-	SYS___CTANL_B                       = 0xA49 // 2633
-	SYS___CTANL_H                       = 0xA4A // 2634
-	SYS_CTANH                           = 0xA4B // 2635
-	SYS___CTANH_B                       = 0xA4C // 2636
-	SYS___CTANH_H                       = 0xA4D // 2637
-	SYS_CTANHF                          = 0xA4E // 2638
-	SYS___CTANHF_B                      = 0xA4F // 2639
-	SYS___CTANHF_H                      = 0xA50 // 2640
-	SYS_CTANHL                          = 0xA51 // 2641
-	SYS___CTANHL_B                      = 0xA52 // 2642
-	SYS___CTANHL_H                      = 0xA53 // 2643
-	SYS___ACOSHF_H                      = 0xA54 // 2644
-	SYS___ACOSHL_H                      = 0xA55 // 2645
-	SYS___ASINHF_H                      = 0xA56 // 2646
-	SYS___ASINHL_H                      = 0xA57 // 2647
-	SYS___CBRTF_H                       = 0xA58 // 2648
-	SYS___CBRTL_H                       = 0xA59 // 2649
-	SYS___COPYSIGN_B                    = 0xA5A // 2650
-	SYS___EXPM1F_H                      = 0xA5B // 2651
-	SYS___EXPM1L_H                      = 0xA5C // 2652
-	SYS___EXP2_H                        = 0xA5D // 2653
-	SYS___EXP2F_H                       = 0xA5E // 2654
-	SYS___EXP2L_H                       = 0xA5F // 2655
-	SYS___LOG1PF_H                      = 0xA60 // 2656
-	SYS___LOG1PL_H                      = 0xA61 // 2657
-	SYS___LGAMMAL_H                     = 0xA62 // 2658
-	SYS_FMA                             = 0xA63 // 2659
-	SYS___FMA_B                         = 0xA64 // 2660
-	SYS___FMA_H                         = 0xA65 // 2661
-	SYS_FMAF                            = 0xA66 // 2662
-	SYS___FMAF_B                        = 0xA67 // 2663
-	SYS___FMAF_H                        = 0xA68 // 2664
-	SYS_FMAL                            = 0xA69 // 2665
-	SYS___FMAL_B                        = 0xA6A // 2666
-	SYS___FMAL_H                        = 0xA6B // 2667
-	SYS_FMAX                            = 0xA6C // 2668
-	SYS___FMAX_B                        = 0xA6D // 2669
-	SYS___FMAX_H                        = 0xA6E // 2670
-	SYS_FMAXF                           = 0xA6F // 2671
-	SYS___FMAXF_B                       = 0xA70 // 2672
-	SYS___FMAXF_H                       = 0xA71 // 2673
-	SYS_FMAXL                           = 0xA72 // 2674
-	SYS___FMAXL_B                       = 0xA73 // 2675
-	SYS___FMAXL_H                       = 0xA74 // 2676
-	SYS_FMIN                            = 0xA75 // 2677
-	SYS___FMIN_B                        = 0xA76 // 2678
-	SYS___FMIN_H                        = 0xA77 // 2679
-	SYS_FMINF                           = 0xA78 // 2680
-	SYS___FMINF_B                       = 0xA79 // 2681
-	SYS___FMINF_H                       = 0xA7A // 2682
-	SYS_FMINL                           = 0xA7B // 2683
-	SYS___FMINL_B                       = 0xA7C // 2684
-	SYS___FMINL_H                       = 0xA7D // 2685
-	SYS_ILOGBF                          = 0xA7E // 2686
-	SYS___ILOGBF_B                      = 0xA7F // 2687
-	SYS___ILOGBF_H                      = 0xA80 // 2688
-	SYS_ILOGBL                          = 0xA81 // 2689
-	SYS___ILOGBL_B                      = 0xA82 // 2690
-	SYS___ILOGBL_H                      = 0xA83 // 2691
-	SYS_LLRINT                          = 0xA84 // 2692
-	SYS___LLRINT_B                      = 0xA85 // 2693
-	SYS___LLRINT_H                      = 0xA86 // 2694
-	SYS_LLRINTF                         = 0xA87 // 2695
-	SYS___LLRINTF_B                     = 0xA88 // 2696
-	SYS___LLRINTF_H                     = 0xA89 // 2697
-	SYS_LLRINTL                         = 0xA8A // 2698
-	SYS___LLRINTL_B                     = 0xA8B // 2699
-	SYS___LLRINTL_H                     = 0xA8C // 2700
-	SYS_LLROUND                         = 0xA8D // 2701
-	SYS___LLROUND_B                     = 0xA8E // 2702
-	SYS___LLROUND_H                     = 0xA8F // 2703
-	SYS_LLROUNDF                        = 0xA90 // 2704
-	SYS___LLROUNDF_B                    = 0xA91 // 2705
-	SYS___LLROUNDF_H                    = 0xA92 // 2706
-	SYS_LLROUNDL                        = 0xA93 // 2707
-	SYS___LLROUNDL_B                    = 0xA94 // 2708
-	SYS___LLROUNDL_H                    = 0xA95 // 2709
-	SYS_LOGBF                           = 0xA96 // 2710
-	SYS___LOGBF_B                       = 0xA97 // 2711
-	SYS___LOGBF_H                       = 0xA98 // 2712
-	SYS_LOGBL                           = 0xA99 // 2713
-	SYS___LOGBL_B                       = 0xA9A // 2714
-	SYS___LOGBL_H                       = 0xA9B // 2715
-	SYS_LRINT                           = 0xA9C // 2716
-	SYS___LRINT_B                       = 0xA9D // 2717
-	SYS___LRINT_H                       = 0xA9E // 2718
-	SYS_LRINTF                          = 0xA9F // 2719
-	SYS___LRINTF_B                      = 0xAA0 // 2720
-	SYS___LRINTF_H                      = 0xAA1 // 2721
-	SYS_LRINTL                          = 0xAA2 // 2722
-	SYS___LRINTL_B                      = 0xAA3 // 2723
-	SYS___LRINTL_H                      = 0xAA4 // 2724
-	SYS_LROUNDL                         = 0xAA5 // 2725
-	SYS___LROUNDL_B                     = 0xAA6 // 2726
-	SYS___LROUNDL_H                     = 0xAA7 // 2727
-	SYS_NAN                             = 0xAA8 // 2728
-	SYS___NAN_B                         = 0xAA9 // 2729
-	SYS_NANF                            = 0xAAA // 2730
-	SYS___NANF_B                        = 0xAAB // 2731
-	SYS_NANL                            = 0xAAC // 2732
-	SYS___NANL_B                        = 0xAAD // 2733
-	SYS_NEARBYINT                       = 0xAAE // 2734
-	SYS___NEARBYINT_B                   = 0xAAF // 2735
-	SYS___NEARBYINT_H                   = 0xAB0 // 2736
-	SYS_NEARBYINTF                      = 0xAB1 // 2737
-	SYS___NEARBYINTF_B                  = 0xAB2 // 2738
-	SYS___NEARBYINTF_H                  = 0xAB3 // 2739
-	SYS_NEARBYINTL                      = 0xAB4 // 2740
-	SYS___NEARBYINTL_B                  = 0xAB5 // 2741
-	SYS___NEARBYINTL_H                  = 0xAB6 // 2742
-	SYS_NEXTAFTERF                      = 0xAB7 // 2743
-	SYS___NEXTAFTERF_B                  = 0xAB8 // 2744
-	SYS___NEXTAFTERF_H                  = 0xAB9 // 2745
-	SYS_NEXTAFTERL                      = 0xABA // 2746
-	SYS___NEXTAFTERL_B                  = 0xABB // 2747
-	SYS___NEXTAFTERL_H                  = 0xABC // 2748
-	SYS_NEXTTOWARD                      = 0xABD // 2749
-	SYS___NEXTTOWARD_B                  = 0xABE // 2750
-	SYS___NEXTTOWARD_H                  = 0xABF // 2751
-	SYS_NEXTTOWARDF                     = 0xAC0 // 2752
-	SYS___NEXTTOWARDF_B                 = 0xAC1 // 2753
-	SYS___NEXTTOWARDF_H                 = 0xAC2 // 2754
-	SYS_NEXTTOWARDL                     = 0xAC3 // 2755
-	SYS___NEXTTOWARDL_B                 = 0xAC4 // 2756
-	SYS___NEXTTOWARDL_H                 = 0xAC5 // 2757
-	SYS___REMAINDERF_H                  = 0xAC6 // 2758
-	SYS___REMAINDERL_H                  = 0xAC7 // 2759
-	SYS___REMQUO_H                      = 0xAC8 // 2760
-	SYS___REMQUOF_H                     = 0xAC9 // 2761
-	SYS___REMQUOL_H                     = 0xACA // 2762
-	SYS_RINTF                           = 0xACB // 2763
-	SYS___RINTF_B                       = 0xACC // 2764
-	SYS_RINTL                           = 0xACD // 2765
-	SYS___RINTL_B                       = 0xACE // 2766
-	SYS_ROUND                           = 0xACF // 2767
-	SYS___ROUND_B                       = 0xAD0 // 2768
-	SYS___ROUND_H                       = 0xAD1 // 2769
-	SYS_ROUNDF                          = 0xAD2 // 2770
-	SYS___ROUNDF_B                      = 0xAD3 // 2771
-	SYS___ROUNDF_H                      = 0xAD4 // 2772
-	SYS_ROUNDL                          = 0xAD5 // 2773
-	SYS___ROUNDL_B                      = 0xAD6 // 2774
-	SYS___ROUNDL_H                      = 0xAD7 // 2775
-	SYS_SCALBLN                         = 0xAD8 // 2776
-	SYS___SCALBLN_B                     = 0xAD9 // 2777
-	SYS___SCALBLN_H                     = 0xADA // 2778
-	SYS_SCALBLNF                        = 0xADB // 2779
-	SYS___SCALBLNF_B                    = 0xADC // 2780
-	SYS___SCALBLNF_H                    = 0xADD // 2781
-	SYS_SCALBLNL                        = 0xADE // 2782
-	SYS___SCALBLNL_B                    = 0xADF // 2783
-	SYS___SCALBLNL_H                    = 0xAE0 // 2784
-	SYS___SCALBN_B                      = 0xAE1 // 2785
-	SYS___SCALBN_H                      = 0xAE2 // 2786
-	SYS_SCALBNF                         = 0xAE3 // 2787
-	SYS___SCALBNF_B                     = 0xAE4 // 2788
-	SYS___SCALBNF_H                     = 0xAE5 // 2789
-	SYS_SCALBNL                         = 0xAE6 // 2790
-	SYS___SCALBNL_B                     = 0xAE7 // 2791
-	SYS___SCALBNL_H                     = 0xAE8 // 2792
-	SYS___TGAMMAL_H                     = 0xAE9 // 2793
-	SYS_FECLEAREXCEPT                   = 0xAEA // 2794
-	SYS_FEGETENV                        = 0xAEB // 2795
-	SYS_FEGETEXCEPTFLAG                 = 0xAEC // 2796
-	SYS_FEGETROUND                      = 0xAED // 2797
-	SYS_FEHOLDEXCEPT                    = 0xAEE // 2798
-	SYS_FERAISEEXCEPT                   = 0xAEF // 2799
-	SYS_FESETENV                        = 0xAF0 // 2800
-	SYS_FESETEXCEPTFLAG                 = 0xAF1 // 2801
-	SYS_FESETROUND                      = 0xAF2 // 2802
-	SYS_FETESTEXCEPT                    = 0xAF3 // 2803
-	SYS_FEUPDATEENV                     = 0xAF4 // 2804
-	SYS___COPYSIGN_H                    = 0xAF5 // 2805
-	SYS___HYPOTF_H                      = 0xAF6 // 2806
-	SYS___HYPOTL_H                      = 0xAF7 // 2807
-	SYS___CLASS                         = 0xAFA // 2810
-	SYS___CLASS_B                       = 0xAFB // 2811
-	SYS___CLASS_H                       = 0xAFC // 2812
-	SYS___ISBLANK_A                     = 0xB2E // 2862
-	SYS___ISWBLANK_A                    = 0xB2F // 2863
-	SYS___LROUND_FIXUP                  = 0xB30 // 2864
-	SYS___LROUNDF_FIXUP                 = 0xB31 // 2865
-	SYS_SCHED_YIELD                     = 0xB32 // 2866
-	SYS_STRERROR_R                      = 0xB33 // 2867
-	SYS_UNSETENV                        = 0xB34 // 2868
-	SYS___LGAMMA_H_C99                  = 0xB38 // 2872
-	SYS___LGAMMA_B_C99                  = 0xB39 // 2873
-	SYS___LGAMMA_R_C99                  = 0xB3A // 2874
-	SYS___FTELL2                        = 0xB3B // 2875
-	SYS___FSEEK2                        = 0xB3C // 2876
-	SYS___STATIC_REINIT                 = 0xB3D // 2877
-	SYS_PTHREAD_ATTR_GETSTACK           = 0xB3E // 2878
-	SYS_PTHREAD_ATTR_SETSTACK           = 0xB3F // 2879
-	SYS___TGAMMA_H_C99                  = 0xB78 // 2936
-	SYS___TGAMMAF_H_C99                 = 0xB79 // 2937
-	SYS___LE_TRACEBACK                  = 0xB7A // 2938
-	SYS___MUST_STAY_CLEAN               = 0xB7C // 2940
-	SYS___O_ENV                         = 0xB7D // 2941
-	SYS_ACOSD32                         = 0xB7E // 2942
-	SYS_ACOSD64                         = 0xB7F // 2943
-	SYS_ACOSD128                        = 0xB80 // 2944
-	SYS_ACOSHD32                        = 0xB81 // 2945
-	SYS_ACOSHD64                        = 0xB82 // 2946
-	SYS_ACOSHD128                       = 0xB83 // 2947
-	SYS_ASIND32                         = 0xB84 // 2948
-	SYS_ASIND64                         = 0xB85 // 2949
-	SYS_ASIND128                        = 0xB86 // 2950
-	SYS_ASINHD32                        = 0xB87 // 2951
-	SYS_ASINHD64                        = 0xB88 // 2952
-	SYS_ASINHD128                       = 0xB89 // 2953
-	SYS_ATAND32                         = 0xB8A // 2954
-	SYS_ATAND64                         = 0xB8B // 2955
-	SYS_ATAND128                        = 0xB8C // 2956
-	SYS_ATAN2D32                        = 0xB8D // 2957
-	SYS_ATAN2D64                        = 0xB8E // 2958
-	SYS_ATAN2D128                       = 0xB8F // 2959
-	SYS_ATANHD32                        = 0xB90 // 2960
-	SYS_ATANHD64                        = 0xB91 // 2961
-	SYS_ATANHD128                       = 0xB92 // 2962
-	SYS_CBRTD32                         = 0xB93 // 2963
-	SYS_CBRTD64                         = 0xB94 // 2964
-	SYS_CBRTD128                        = 0xB95 // 2965
-	SYS_CEILD32                         = 0xB96 // 2966
-	SYS_CEILD64                         = 0xB97 // 2967
-	SYS_CEILD128                        = 0xB98 // 2968
-	SYS___CLASS2                        = 0xB99 // 2969
-	SYS___CLASS2_B                      = 0xB9A // 2970
-	SYS___CLASS2_H                      = 0xB9B // 2971
-	SYS_COPYSIGND32                     = 0xB9C // 2972
-	SYS_COPYSIGND64                     = 0xB9D // 2973
-	SYS_COPYSIGND128                    = 0xB9E // 2974
-	SYS_COSD32                          = 0xB9F // 2975
-	SYS_COSD64                          = 0xBA0 // 2976
-	SYS_COSD128                         = 0xBA1 // 2977
-	SYS_COSHD32                         = 0xBA2 // 2978
-	SYS_COSHD64                         = 0xBA3 // 2979
-	SYS_COSHD128                        = 0xBA4 // 2980
-	SYS_ERFD32                          = 0xBA5 // 2981
-	SYS_ERFD64                          = 0xBA6 // 2982
-	SYS_ERFD128                         = 0xBA7 // 2983
-	SYS_ERFCD32                         = 0xBA8 // 2984
-	SYS_ERFCD64                         = 0xBA9 // 2985
-	SYS_ERFCD128                        = 0xBAA // 2986
-	SYS_EXPD32                          = 0xBAB // 2987
-	SYS_EXPD64                          = 0xBAC // 2988
-	SYS_EXPD128                         = 0xBAD // 2989
-	SYS_EXP2D32                         = 0xBAE // 2990
-	SYS_EXP2D64                         = 0xBAF // 2991
-	SYS_EXP2D128                        = 0xBB0 // 2992
-	SYS_EXPM1D32                        = 0xBB1 // 2993
-	SYS_EXPM1D64                        = 0xBB2 // 2994
-	SYS_EXPM1D128                       = 0xBB3 // 2995
-	SYS_FABSD32                         = 0xBB4 // 2996
-	SYS_FABSD64                         = 0xBB5 // 2997
-	SYS_FABSD128                        = 0xBB6 // 2998
-	SYS_FDIMD32                         = 0xBB7 // 2999
-	SYS_FDIMD64                         = 0xBB8 // 3000
-	SYS_FDIMD128                        = 0xBB9 // 3001
-	SYS_FE_DEC_GETROUND                 = 0xBBA // 3002
-	SYS_FE_DEC_SETROUND                 = 0xBBB // 3003
-	SYS_FLOORD32                        = 0xBBC // 3004
-	SYS_FLOORD64                        = 0xBBD // 3005
-	SYS_FLOORD128                       = 0xBBE // 3006
-	SYS_FMAD32                          = 0xBBF // 3007
-	SYS_FMAD64                          = 0xBC0 // 3008
-	SYS_FMAD128                         = 0xBC1 // 3009
-	SYS_FMAXD32                         = 0xBC2 // 3010
-	SYS_FMAXD64                         = 0xBC3 // 3011
-	SYS_FMAXD128                        = 0xBC4 // 3012
-	SYS_FMIND32                         = 0xBC5 // 3013
-	SYS_FMIND64                         = 0xBC6 // 3014
-	SYS_FMIND128                        = 0xBC7 // 3015
-	SYS_FMODD32                         = 0xBC8 // 3016
-	SYS_FMODD64                         = 0xBC9 // 3017
-	SYS_FMODD128                        = 0xBCA // 3018
-	SYS___FP_CAST_D                     = 0xBCB // 3019
-	SYS_FREXPD32                        = 0xBCC // 3020
-	SYS_FREXPD64                        = 0xBCD // 3021
-	SYS_FREXPD128                       = 0xBCE // 3022
-	SYS_HYPOTD32                        = 0xBCF // 3023
-	SYS_HYPOTD64                        = 0xBD0 // 3024
-	SYS_HYPOTD128                       = 0xBD1 // 3025
-	SYS_ILOGBD32                        = 0xBD2 // 3026
-	SYS_ILOGBD64                        = 0xBD3 // 3027
-	SYS_ILOGBD128                       = 0xBD4 // 3028
-	SYS_LDEXPD32                        = 0xBD5 // 3029
-	SYS_LDEXPD64                        = 0xBD6 // 3030
-	SYS_LDEXPD128                       = 0xBD7 // 3031
-	SYS_LGAMMAD32                       = 0xBD8 // 3032
-	SYS_LGAMMAD64                       = 0xBD9 // 3033
-	SYS_LGAMMAD128                      = 0xBDA // 3034
-	SYS_LLRINTD32                       = 0xBDB // 3035
-	SYS_LLRINTD64                       = 0xBDC // 3036
-	SYS_LLRINTD128                      = 0xBDD // 3037
-	SYS_LLROUNDD32                      = 0xBDE // 3038
-	SYS_LLROUNDD64                      = 0xBDF // 3039
-	SYS_LLROUNDD128                     = 0xBE0 // 3040
-	SYS_LOGD32                          = 0xBE1 // 3041
-	SYS_LOGD64                          = 0xBE2 // 3042
-	SYS_LOGD128                         = 0xBE3 // 3043
-	SYS_LOG10D32                        = 0xBE4 // 3044
-	SYS_LOG10D64                        = 0xBE5 // 3045
-	SYS_LOG10D128                       = 0xBE6 // 3046
-	SYS_LOG1PD32                        = 0xBE7 // 3047
-	SYS_LOG1PD64                        = 0xBE8 // 3048
-	SYS_LOG1PD128                       = 0xBE9 // 3049
-	SYS_LOG2D32                         = 0xBEA // 3050
-	SYS_LOG2D64                         = 0xBEB // 3051
-	SYS_LOG2D128                        = 0xBEC // 3052
-	SYS_LOGBD32                         = 0xBED // 3053
-	SYS_LOGBD64                         = 0xBEE // 3054
-	SYS_LOGBD128                        = 0xBEF // 3055
-	SYS_LRINTD32                        = 0xBF0 // 3056
-	SYS_LRINTD64                        = 0xBF1 // 3057
-	SYS_LRINTD128                       = 0xBF2 // 3058
-	SYS_LROUNDD32                       = 0xBF3 // 3059
-	SYS_LROUNDD64                       = 0xBF4 // 3060
-	SYS_LROUNDD128                      = 0xBF5 // 3061
-	SYS_MODFD32                         = 0xBF6 // 3062
-	SYS_MODFD64                         = 0xBF7 // 3063
-	SYS_MODFD128                        = 0xBF8 // 3064
-	SYS_NAND32                          = 0xBF9 // 3065
-	SYS_NAND64                          = 0xBFA // 3066
-	SYS_NAND128                         = 0xBFB // 3067
-	SYS_NEARBYINTD32                    = 0xBFC // 3068
-	SYS_NEARBYINTD64                    = 0xBFD // 3069
-	SYS_NEARBYINTD128                   = 0xBFE // 3070
-	SYS_NEXTAFTERD32                    = 0xBFF // 3071
-	SYS_NEXTAFTERD64                    = 0xC00 // 3072
-	SYS_NEXTAFTERD128                   = 0xC01 // 3073
-	SYS_NEXTTOWARDD32                   = 0xC02 // 3074
-	SYS_NEXTTOWARDD64                   = 0xC03 // 3075
-	SYS_NEXTTOWARDD128                  = 0xC04 // 3076
-	SYS_POWD32                          = 0xC05 // 3077
-	SYS_POWD64                          = 0xC06 // 3078
-	SYS_POWD128                         = 0xC07 // 3079
-	SYS_QUANTIZED32                     = 0xC08 // 3080
-	SYS_QUANTIZED64                     = 0xC09 // 3081
-	SYS_QUANTIZED128                    = 0xC0A // 3082
-	SYS_REMAINDERD32                    = 0xC0B // 3083
-	SYS_REMAINDERD64                    = 0xC0C // 3084
-	SYS_REMAINDERD128                   = 0xC0D // 3085
-	SYS___REMQUOD32                     = 0xC0E // 3086
-	SYS___REMQUOD64                     = 0xC0F // 3087
-	SYS___REMQUOD128                    = 0xC10 // 3088
-	SYS_RINTD32                         = 0xC11 // 3089
-	SYS_RINTD64                         = 0xC12 // 3090
-	SYS_RINTD128                        = 0xC13 // 3091
-	SYS_ROUNDD32                        = 0xC14 // 3092
-	SYS_ROUNDD64                        = 0xC15 // 3093
-	SYS_ROUNDD128                       = 0xC16 // 3094
-	SYS_SAMEQUANTUMD32                  = 0xC17 // 3095
-	SYS_SAMEQUANTUMD64                  = 0xC18 // 3096
-	SYS_SAMEQUANTUMD128                 = 0xC19 // 3097
-	SYS_SCALBLND32                      = 0xC1A // 3098
-	SYS_SCALBLND64                      = 0xC1B // 3099
-	SYS_SCALBLND128                     = 0xC1C // 3100
-	SYS_SCALBND32                       = 0xC1D // 3101
-	SYS_SCALBND64                       = 0xC1E // 3102
-	SYS_SCALBND128                      = 0xC1F // 3103
-	SYS_SIND32                          = 0xC20 // 3104
-	SYS_SIND64                          = 0xC21 // 3105
-	SYS_SIND128                         = 0xC22 // 3106
-	SYS_SINHD32                         = 0xC23 // 3107
-	SYS_SINHD64                         = 0xC24 // 3108
-	SYS_SINHD128                        = 0xC25 // 3109
-	SYS_SQRTD32                         = 0xC26 // 3110
-	SYS_SQRTD64                         = 0xC27 // 3111
-	SYS_SQRTD128                        = 0xC28 // 3112
-	SYS_STRTOD32                        = 0xC29 // 3113
-	SYS_STRTOD64                        = 0xC2A // 3114
-	SYS_STRTOD128                       = 0xC2B // 3115
-	SYS_TAND32                          = 0xC2C // 3116
-	SYS_TAND64                          = 0xC2D // 3117
-	SYS_TAND128                         = 0xC2E // 3118
-	SYS_TANHD32                         = 0xC2F // 3119
-	SYS_TANHD64                         = 0xC30 // 3120
-	SYS_TANHD128                        = 0xC31 // 3121
-	SYS_TGAMMAD32                       = 0xC32 // 3122
-	SYS_TGAMMAD64                       = 0xC33 // 3123
-	SYS_TGAMMAD128                      = 0xC34 // 3124
-	SYS_TRUNCD32                        = 0xC3E // 3134
-	SYS_TRUNCD64                        = 0xC3F // 3135
-	SYS_TRUNCD128                       = 0xC40 // 3136
-	SYS_WCSTOD32                        = 0xC41 // 3137
-	SYS_WCSTOD64                        = 0xC42 // 3138
-	SYS_WCSTOD128                       = 0xC43 // 3139
-	SYS___CODEPAGE_INFO                 = 0xC64 // 3172
-	SYS_POSIX_OPENPT                    = 0xC66 // 3174
-	SYS_PSELECT                         = 0xC67 // 3175
-	SYS_SOCKATMARK                      = 0xC68 // 3176
-	SYS_AIO_FSYNC                       = 0xC69 // 3177
-	SYS_LIO_LISTIO                      = 0xC6A // 3178
-	SYS___ATANPID32                     = 0xC6B // 3179
-	SYS___ATANPID64                     = 0xC6C // 3180
-	SYS___ATANPID128                    = 0xC6D // 3181
-	SYS___COSPID32                      = 0xC6E // 3182
-	SYS___COSPID64                      = 0xC6F // 3183
-	SYS___COSPID128                     = 0xC70 // 3184
-	SYS___SINPID32                      = 0xC71 // 3185
-	SYS___SINPID64                      = 0xC72 // 3186
-	SYS___SINPID128                     = 0xC73 // 3187
-	SYS_SETIPV4SOURCEFILTER             = 0xC76 // 3190
-	SYS_GETIPV4SOURCEFILTER             = 0xC77 // 3191
-	SYS_SETSOURCEFILTER                 = 0xC78 // 3192
-	SYS_GETSOURCEFILTER                 = 0xC79 // 3193
-	SYS_FWRITE_UNLOCKED                 = 0xC7A // 3194
-	SYS_FREAD_UNLOCKED                  = 0xC7B // 3195
-	SYS_FGETS_UNLOCKED                  = 0xC7C // 3196
-	SYS_GETS_UNLOCKED                   = 0xC7D // 3197
-	SYS_FPUTS_UNLOCKED                  = 0xC7E // 3198
-	SYS_PUTS_UNLOCKED                   = 0xC7F // 3199
-	SYS_FGETC_UNLOCKED                  = 0xC80 // 3200
-	SYS_FPUTC_UNLOCKED                  = 0xC81 // 3201
-	SYS_DLADDR                          = 0xC82 // 3202
-	SYS_SHM_OPEN                        = 0xC8C // 3212
-	SYS_SHM_UNLINK                      = 0xC8D // 3213
-	SYS___CLASS2F                       = 0xC91 // 3217
-	SYS___CLASS2L                       = 0xC92 // 3218
-	SYS___CLASS2F_B                     = 0xC93 // 3219
-	SYS___CLASS2F_H                     = 0xC94 // 3220
-	SYS___CLASS2L_B                     = 0xC95 // 3221
-	SYS___CLASS2L_H                     = 0xC96 // 3222
-	SYS___CLASS2D32                     = 0xC97 // 3223
-	SYS___CLASS2D64                     = 0xC98 // 3224
-	SYS___CLASS2D128                    = 0xC99 // 3225
-	SYS___TOCSNAME2                     = 0xC9A // 3226
-	SYS___D1TOP                         = 0xC9B // 3227
-	SYS___D2TOP                         = 0xC9C // 3228
-	SYS___D4TOP                         = 0xC9D // 3229
-	SYS___PTOD1                         = 0xC9E // 3230
-	SYS___PTOD2                         = 0xC9F // 3231
-	SYS___PTOD4                         = 0xCA0 // 3232
-	SYS_CLEARERR_UNLOCKED               = 0xCA1 // 3233
-	SYS_FDELREC_UNLOCKED                = 0xCA2 // 3234
-	SYS_FEOF_UNLOCKED                   = 0xCA3 // 3235
-	SYS_FERROR_UNLOCKED                 = 0xCA4 // 3236
-	SYS_FFLUSH_UNLOCKED                 = 0xCA5 // 3237
-	SYS_FGETPOS_UNLOCKED                = 0xCA6 // 3238
-	SYS_FGETWC_UNLOCKED                 = 0xCA7 // 3239
-	SYS_FGETWS_UNLOCKED                 = 0xCA8 // 3240
-	SYS_FILENO_UNLOCKED                 = 0xCA9 // 3241
-	SYS_FLDATA_UNLOCKED                 = 0xCAA // 3242
-	SYS_FLOCATE_UNLOCKED                = 0xCAB // 3243
-	SYS_FPRINTF_UNLOCKED                = 0xCAC // 3244
-	SYS_FPUTWC_UNLOCKED                 = 0xCAD // 3245
-	SYS_FPUTWS_UNLOCKED                 = 0xCAE // 3246
-	SYS_FSCANF_UNLOCKED                 = 0xCAF // 3247
-	SYS_FSEEK_UNLOCKED                  = 0xCB0 // 3248
-	SYS_FSEEKO_UNLOCKED                 = 0xCB1 // 3249
-	SYS_FSETPOS_UNLOCKED                = 0xCB3 // 3251
-	SYS_FTELL_UNLOCKED                  = 0xCB4 // 3252
-	SYS_FTELLO_UNLOCKED                 = 0xCB5 // 3253
-	SYS_FUPDATE_UNLOCKED                = 0xCB7 // 3255
-	SYS_FWIDE_UNLOCKED                  = 0xCB8 // 3256
-	SYS_FWPRINTF_UNLOCKED               = 0xCB9 // 3257
-	SYS_FWSCANF_UNLOCKED                = 0xCBA // 3258
-	SYS_GETWC_UNLOCKED                  = 0xCBB // 3259
-	SYS_GETWCHAR_UNLOCKED               = 0xCBC // 3260
-	SYS_PERROR_UNLOCKED                 = 0xCBD // 3261
-	SYS_PRINTF_UNLOCKED                 = 0xCBE // 3262
-	SYS_PUTWC_UNLOCKED                  = 0xCBF // 3263
-	SYS_PUTWCHAR_UNLOCKED               = 0xCC0 // 3264
-	SYS_REWIND_UNLOCKED                 = 0xCC1 // 3265
-	SYS_SCANF_UNLOCKED                  = 0xCC2 // 3266
-	SYS_UNGETC_UNLOCKED                 = 0xCC3 // 3267
-	SYS_UNGETWC_UNLOCKED                = 0xCC4 // 3268
-	SYS_VFPRINTF_UNLOCKED               = 0xCC5 // 3269
-	SYS_VFSCANF_UNLOCKED                = 0xCC7 // 3271
-	SYS_VFWPRINTF_UNLOCKED              = 0xCC9 // 3273
-	SYS_VFWSCANF_UNLOCKED               = 0xCCB // 3275
-	SYS_VPRINTF_UNLOCKED                = 0xCCD // 3277
-	SYS_VSCANF_UNLOCKED                 = 0xCCF // 3279
-	SYS_VWPRINTF_UNLOCKED               = 0xCD1 // 3281
-	SYS_VWSCANF_UNLOCKED                = 0xCD3 // 3283
-	SYS_WPRINTF_UNLOCKED                = 0xCD5 // 3285
-	SYS_WSCANF_UNLOCKED                 = 0xCD6 // 3286
-	SYS_ASCTIME64                       = 0xCD7 // 3287
-	SYS_ASCTIME64_R                     = 0xCD8 // 3288
-	SYS_CTIME64                         = 0xCD9 // 3289
-	SYS_CTIME64_R                       = 0xCDA // 3290
-	SYS_DIFFTIME64                      = 0xCDB // 3291
-	SYS_GMTIME64                        = 0xCDC // 3292
-	SYS_GMTIME64_R                      = 0xCDD // 3293
-	SYS_LOCALTIME64                     = 0xCDE // 3294
-	SYS_LOCALTIME64_R                   = 0xCDF // 3295
-	SYS_MKTIME64                        = 0xCE0 // 3296
-	SYS_TIME64                          = 0xCE1 // 3297
-	SYS___LOGIN_APPLID                  = 0xCE2 // 3298
-	SYS___PASSWD_APPLID                 = 0xCE3 // 3299
-	SYS_PTHREAD_SECURITY_APPLID_NP      = 0xCE4 // 3300
-	SYS___GETTHENT                      = 0xCE5 // 3301
-	SYS_FREEIFADDRS                     = 0xCE6 // 3302
-	SYS_GETIFADDRS                      = 0xCE7 // 3303
-	SYS_POSIX_FALLOCATE                 = 0xCE8 // 3304
-	SYS_POSIX_MEMALIGN                  = 0xCE9 // 3305
-	SYS_SIZEOF_ALLOC                    = 0xCEA // 3306
-	SYS_RESIZE_ALLOC                    = 0xCEB // 3307
-	SYS_FREAD_NOUPDATE                  = 0xCEC // 3308
-	SYS_FREAD_NOUPDATE_UNLOCKED         = 0xCED // 3309
-	SYS_FGETPOS64                       = 0xCEE // 3310
-	SYS_FSEEK64                         = 0xCEF // 3311
-	SYS_FSEEKO64                        = 0xCF0 // 3312
-	SYS_FSETPOS64                       = 0xCF1 // 3313
-	SYS_FTELL64                         = 0xCF2 // 3314
-	SYS_FTELLO64                        = 0xCF3 // 3315
-	SYS_FGETPOS64_UNLOCKED              = 0xCF4 // 3316
-	SYS_FSEEK64_UNLOCKED                = 0xCF5 // 3317
-	SYS_FSEEKO64_UNLOCKED               = 0xCF6 // 3318
-	SYS_FSETPOS64_UNLOCKED              = 0xCF7 // 3319
-	SYS_FTELL64_UNLOCKED                = 0xCF8 // 3320
-	SYS_FTELLO64_UNLOCKED               = 0xCF9 // 3321
-	SYS_FOPEN_UNLOCKED                  = 0xCFA // 3322
-	SYS_FREOPEN_UNLOCKED                = 0xCFB // 3323
-	SYS_FDOPEN_UNLOCKED                 = 0xCFC // 3324
-	SYS_TMPFILE_UNLOCKED                = 0xCFD // 3325
-	SYS___MOSERVICES                    = 0xD3D // 3389
-	SYS___GETTOD                        = 0xD3E // 3390
-	SYS_C16RTOMB                        = 0xD40 // 3392
-	SYS_C32RTOMB                        = 0xD41 // 3393
-	SYS_MBRTOC16                        = 0xD42 // 3394
-	SYS_MBRTOC32                        = 0xD43 // 3395
-	SYS_QUANTEXPD32                     = 0xD44 // 3396
-	SYS_QUANTEXPD64                     = 0xD45 // 3397
-	SYS_QUANTEXPD128                    = 0xD46 // 3398
-	SYS___LOCALE_CTL                    = 0xD47 // 3399
-	SYS___SMF_RECORD2                   = 0xD48 // 3400
-	SYS_FOPEN64                         = 0xD49 // 3401
-	SYS_FOPEN64_UNLOCKED                = 0xD4A // 3402
-	SYS_FREOPEN64                       = 0xD4B // 3403
-	SYS_FREOPEN64_UNLOCKED              = 0xD4C // 3404
-	SYS_TMPFILE64                       = 0xD4D // 3405
-	SYS_TMPFILE64_UNLOCKED              = 0xD4E // 3406
-	SYS_GETDATE64                       = 0xD4F // 3407
-	SYS_GETTIMEOFDAY64                  = 0xD50 // 3408
-	SYS_BIND2ADDRSEL                    = 0xD59 // 3417
-	SYS_INET6_IS_SRCADDR                = 0xD5A // 3418
-	SYS___GETGRGID1                     = 0xD5B // 3419
-	SYS___GETGRNAM1                     = 0xD5C // 3420
-	SYS___FBUFSIZE                      = 0xD60 // 3424
-	SYS___FPENDING                      = 0xD61 // 3425
-	SYS___FLBF                          = 0xD62 // 3426
-	SYS___FREADABLE                     = 0xD63 // 3427
-	SYS___FWRITABLE                     = 0xD64 // 3428
-	SYS___FREADING                      = 0xD65 // 3429
-	SYS___FWRITING                      = 0xD66 // 3430
-	SYS___FSETLOCKING                   = 0xD67 // 3431
-	SYS__FLUSHLBF                       = 0xD68 // 3432
-	SYS___FPURGE                        = 0xD69 // 3433
-	SYS___FREADAHEAD                    = 0xD6A // 3434
-	SYS___FSETERR                       = 0xD6B // 3435
-	SYS___FPENDING_UNLOCKED             = 0xD6C // 3436
-	SYS___FREADING_UNLOCKED             = 0xD6D // 3437
-	SYS___FWRITING_UNLOCKED             = 0xD6E // 3438
-	SYS__FLUSHLBF_UNLOCKED              = 0xD6F // 3439
-	SYS___FPURGE_UNLOCKED               = 0xD70 // 3440
-	SYS___FREADAHEAD_UNLOCKED           = 0xD71 // 3441
-	SYS___LE_CEEGTJS                    = 0xD72 // 3442
-	SYS___LE_RECORD_DUMP                = 0xD73 // 3443
-	SYS_FSTAT64                         = 0xD74 // 3444
-	SYS_LSTAT64                         = 0xD75 // 3445
-	SYS_STAT64                          = 0xD76 // 3446
-	SYS___READDIR2_64                   = 0xD77 // 3447
-	SYS___OPEN_STAT64                   = 0xD78 // 3448
-	SYS_FTW64                           = 0xD79 // 3449
-	SYS_NFTW64                          = 0xD7A // 3450
-	SYS_UTIME64                         = 0xD7B // 3451
-	SYS_UTIMES64                        = 0xD7C // 3452
-	SYS___GETIPC64                      = 0xD7D // 3453
-	SYS_MSGCTL64                        = 0xD7E // 3454
-	SYS_SEMCTL64                        = 0xD7F // 3455
-	SYS_SHMCTL64                        = 0xD80 // 3456
-	SYS_MSGXRCV64                       = 0xD81 // 3457
-	SYS___MGXR64                        = 0xD81 // 3457
-	SYS_W_GETPSENT64                    = 0xD82 // 3458
-	SYS_PTHREAD_COND_TIMEDWAIT64        = 0xD83 // 3459
-	SYS_FTIME64                         = 0xD85 // 3461
-	SYS_GETUTXENT64                     = 0xD86 // 3462
-	SYS_GETUTXID64                      = 0xD87 // 3463
-	SYS_GETUTXLINE64                    = 0xD88 // 3464
-	SYS_PUTUTXLINE64                    = 0xD89 // 3465
-	SYS_NEWLOCALE                       = 0xD8A // 3466
-	SYS_FREELOCALE                      = 0xD8B // 3467
-	SYS_USELOCALE                       = 0xD8C // 3468
-	SYS_DUPLOCALE                       = 0xD8D // 3469
-	SYS___CHATTR64                      = 0xD9C // 3484
-	SYS___LCHATTR64                     = 0xD9D // 3485
-	SYS___FCHATTR64                     = 0xD9E // 3486
-	SYS_____CHATTR64_A                  = 0xD9F // 3487
-	SYS_____LCHATTR64_A                 = 0xDA0 // 3488
-	SYS___LE_CEEUSGD                    = 0xDA1 // 3489
-	SYS___LE_IFAM_CON                   = 0xDA2 // 3490
-	SYS___LE_IFAM_DSC                   = 0xDA3 // 3491
-	SYS___LE_IFAM_GET                   = 0xDA4 // 3492
-	SYS___LE_IFAM_QRY                   = 0xDA5 // 3493
-	SYS_ALIGNED_ALLOC                   = 0xDA6 // 3494
-	SYS_ACCEPT4                         = 0xDA7 // 3495
-	SYS___ACCEPT4_A                     = 0xDA8 // 3496
-	SYS_COPYFILERANGE                   = 0xDA9 // 3497
-	SYS_GETLINE                         = 0xDAA // 3498
-	SYS___GETLINE_A                     = 0xDAB // 3499
-	SYS_DIRFD                           = 0xDAC // 3500
-	SYS_CLOCK_GETTIME                   = 0xDAD // 3501
-	SYS_DUP3                            = 0xDAE // 3502
-	SYS_EPOLL_CREATE                    = 0xDAF // 3503
-	SYS_EPOLL_CREATE1                   = 0xDB0 // 3504
-	SYS_EPOLL_CTL                       = 0xDB1 // 3505
-	SYS_EPOLL_WAIT                      = 0xDB2 // 3506
-	SYS_EPOLL_PWAIT                     = 0xDB3 // 3507
-	SYS_EVENTFD                         = 0xDB4 // 3508
-	SYS_STATFS                          = 0xDB5 // 3509
-	SYS___STATFS_A                      = 0xDB6 // 3510
-	SYS_FSTATFS                         = 0xDB7 // 3511
-	SYS_INOTIFY_INIT                    = 0xDB8 // 3512
-	SYS_INOTIFY_INIT1                   = 0xDB9 // 3513
-	SYS_INOTIFY_ADD_WATCH               = 0xDBA // 3514
-	SYS___INOTIFY_ADD_WATCH_A           = 0xDBB // 3515
-	SYS_INOTIFY_RM_WATCH                = 0xDBC // 3516
-	SYS_PIPE2                           = 0xDBD // 3517
-	SYS_PIVOT_ROOT                      = 0xDBE // 3518
-	SYS___PIVOT_ROOT_A                  = 0xDBF // 3519
-	SYS_PRCTL                           = 0xDC0 // 3520
-	SYS_PRLIMIT                         = 0xDC1 // 3521
-	SYS_SETHOSTNAME                     = 0xDC2 // 3522
-	SYS___SETHOSTNAME_A                 = 0xDC3 // 3523
-	SYS_SETRESUID                       = 0xDC4 // 3524
-	SYS_SETRESGID                       = 0xDC5 // 3525
-	SYS_PTHREAD_CONDATTR_GETCLOCK       = 0xDC6 // 3526
-	SYS_FLOCK                           = 0xDC7 // 3527
-	SYS_FGETXATTR                       = 0xDC8 // 3528
-	SYS___FGETXATTR_A                   = 0xDC9 // 3529
-	SYS_FLISTXATTR                      = 0xDCA // 3530
-	SYS___FLISTXATTR_A                  = 0xDCB // 3531
-	SYS_FREMOVEXATTR                    = 0xDCC // 3532
-	SYS___FREMOVEXATTR_A                = 0xDCD // 3533
-	SYS_FSETXATTR                       = 0xDCE // 3534
-	SYS___FSETXATTR_A                   = 0xDCF // 3535
-	SYS_GETXATTR                        = 0xDD0 // 3536
-	SYS___GETXATTR_A                    = 0xDD1 // 3537
-	SYS_LGETXATTR                       = 0xDD2 // 3538
-	SYS___LGETXATTR_A                   = 0xDD3 // 3539
-	SYS_LISTXATTR                       = 0xDD4 // 3540
-	SYS___LISTXATTR_A                   = 0xDD5 // 3541
-	SYS_LLISTXATTR                      = 0xDD6 // 3542
-	SYS___LLISTXATTR_A                  = 0xDD7 // 3543
-	SYS_LREMOVEXATTR                    = 0xDD8 // 3544
-	SYS___LREMOVEXATTR_A                = 0xDD9 // 3545
-	SYS_LSETXATTR                       = 0xDDA // 3546
-	SYS___LSETXATTR_A                   = 0xDDB // 3547
-	SYS_REMOVEXATTR                     = 0xDDC // 3548
-	SYS___REMOVEXATTR_A                 = 0xDDD // 3549
-	SYS_SETXATTR                        = 0xDDE // 3550
-	SYS___SETXATTR_A                    = 0xDDF // 3551
-	SYS_FDATASYNC                       = 0xDE0 // 3552
-	SYS_SYNCFS                          = 0xDE1 // 3553
-	SYS_FUTIMES                         = 0xDE2 // 3554
-	SYS_FUTIMESAT                       = 0xDE3 // 3555
-	SYS___FUTIMESAT_A                   = 0xDE4 // 3556
-	SYS_LUTIMES                         = 0xDE5 // 3557
-	SYS___LUTIMES_A                     = 0xDE6 // 3558
-	SYS_INET_ATON                       = 0xDE7 // 3559
-	SYS_GETRANDOM                       = 0xDE8 // 3560
-	SYS_GETTID                          = 0xDE9 // 3561
-	SYS_MEMFD_CREATE                    = 0xDEA // 3562
-	SYS___MEMFD_CREATE_A                = 0xDEB // 3563
-	SYS_FACCESSAT                       = 0xDEC // 3564
-	SYS___FACCESSAT_A                   = 0xDED // 3565
-	SYS_FCHMODAT                        = 0xDEE // 3566
-	SYS___FCHMODAT_A                    = 0xDEF // 3567
-	SYS_FCHOWNAT                        = 0xDF0 // 3568
-	SYS___FCHOWNAT_A                    = 0xDF1 // 3569
-	SYS_FSTATAT                         = 0xDF2 // 3570
-	SYS___FSTATAT_A                     = 0xDF3 // 3571
-	SYS_LINKAT                          = 0xDF4 // 3572
-	SYS___LINKAT_A                      = 0xDF5 // 3573
-	SYS_MKDIRAT                         = 0xDF6 // 3574
-	SYS___MKDIRAT_A                     = 0xDF7 // 3575
-	SYS_MKFIFOAT                        = 0xDF8 // 3576
-	SYS___MKFIFOAT_A                    = 0xDF9 // 3577
-	SYS_MKNODAT                         = 0xDFA // 3578
-	SYS___MKNODAT_A                     = 0xDFB // 3579
-	SYS_OPENAT                          = 0xDFC // 3580
-	SYS___OPENAT_A                      = 0xDFD // 3581
-	SYS_READLINKAT                      = 0xDFE // 3582
-	SYS___READLINKAT_A                  = 0xDFF // 3583
-	SYS_RENAMEAT                        = 0xE00 // 3584
-	SYS___RENAMEAT_A                    = 0xE01 // 3585
-	SYS_RENAMEAT2                       = 0xE02 // 3586
-	SYS___RENAMEAT2_A                   = 0xE03 // 3587
-	SYS_SYMLINKAT                       = 0xE04 // 3588
-	SYS___SYMLINKAT_A                   = 0xE05 // 3589
-	SYS_UNLINKAT                        = 0xE06 // 3590
-	SYS___UNLINKAT_A                    = 0xE07 // 3591
-	SYS_SYSINFO                         = 0xE08 // 3592
-	SYS_WAIT4                           = 0xE0A // 3594
-	SYS_CLONE                           = 0xE0B // 3595
-	SYS_UNSHARE                         = 0xE0C // 3596
-	SYS_SETNS                           = 0xE0D // 3597
-	SYS_CAPGET                          = 0xE0E // 3598
-	SYS_CAPSET                          = 0xE0F // 3599
-	SYS_STRCHRNUL                       = 0xE10 // 3600
-	SYS_PTHREAD_CONDATTR_SETCLOCK       = 0xE12 // 3602
-	SYS_OPEN_BY_HANDLE_AT               = 0xE13 // 3603
-	SYS___OPEN_BY_HANDLE_AT_A           = 0xE14 // 3604
-	SYS___INET_ATON_A                   = 0xE15 // 3605
-	SYS_MOUNT1                          = 0xE16 // 3606
-	SYS___MOUNT1_A                      = 0xE17 // 3607
-	SYS_UMOUNT1                         = 0xE18 // 3608
-	SYS___UMOUNT1_A                     = 0xE19 // 3609
-	SYS_UMOUNT2                         = 0xE1A // 3610
-	SYS___UMOUNT2_A                     = 0xE1B // 3611
-	SYS___PRCTL_A                       = 0xE1C // 3612
-	SYS_LOCALTIME_R2                    = 0xE1D // 3613
-	SYS___LOCALTIME_R2_A                = 0xE1E // 3614
-	SYS_OPENAT2                         = 0xE1F // 3615
-	SYS___OPENAT2_A                     = 0xE20 // 3616
-	SYS___LE_CEEMICT                    = 0xE21 // 3617
-	SYS_GETENTROPY                      = 0xE22 // 3618
-	SYS_NANOSLEEP                       = 0xE23 // 3619
-	SYS_UTIMENSAT                       = 0xE24 // 3620
-	SYS___UTIMENSAT_A                   = 0xE25 // 3621
-	SYS_ASPRINTF                        = 0xE26 // 3622
-	SYS___ASPRINTF_A                    = 0xE27 // 3623
-	SYS_VASPRINTF                       = 0xE28 // 3624
-	SYS___VASPRINTF_A                   = 0xE29 // 3625
-	SYS_DPRINTF                         = 0xE2A // 3626
-	SYS___DPRINTF_A                     = 0xE2B // 3627
-	SYS_GETOPT_LONG                     = 0xE2C // 3628
-	SYS___GETOPT_LONG_A                 = 0xE2D // 3629
-	SYS_PSIGNAL                         = 0xE2E // 3630
-	SYS___PSIGNAL_A                     = 0xE2F // 3631
-	SYS_PSIGNAL_UNLOCKED                = 0xE30 // 3632
-	SYS___PSIGNAL_UNLOCKED_A            = 0xE31 // 3633
-	SYS_FSTATAT_O                       = 0xE32 // 3634
-	SYS___FSTATAT_O_A                   = 0xE33 // 3635
-	SYS_FSTATAT64                       = 0xE34 // 3636
-	SYS___FSTATAT64_A                   = 0xE35 // 3637
-	SYS___CHATTRAT                      = 0xE36 // 3638
-	SYS_____CHATTRAT_A                  = 0xE37 // 3639
-	SYS___CHATTRAT64                    = 0xE38 // 3640
-	SYS_____CHATTRAT64_A                = 0xE39 // 3641
-	SYS_MADVISE                         = 0xE3A // 3642
-	SYS___AUTHENTICATE                  = 0xE3B // 3643
+// TODO: auto-generate.
 
+const (
+	SYS_ACOSD128                        = 0xB80
+	SYS_ACOSD32                         = 0xB7E
+	SYS_ACOSD64                         = 0xB7F
+	SYS_ACOSHD128                       = 0xB83
+	SYS_ACOSHD32                        = 0xB81
+	SYS_ACOSHD64                        = 0xB82
+	SYS_AIO_FSYNC                       = 0xC69
+	SYS_ASCTIME                         = 0x0AE
+	SYS_ASCTIME64                       = 0xCD7
+	SYS_ASCTIME64_R                     = 0xCD8
+	SYS_ASIND128                        = 0xB86
+	SYS_ASIND32                         = 0xB84
+	SYS_ASIND64                         = 0xB85
+	SYS_ASINHD128                       = 0xB89
+	SYS_ASINHD32                        = 0xB87
+	SYS_ASINHD64                        = 0xB88
+	SYS_ATAN2D128                       = 0xB8F
+	SYS_ATAN2D32                        = 0xB8D
+	SYS_ATAN2D64                        = 0xB8E
+	SYS_ATAND128                        = 0xB8C
+	SYS_ATAND32                         = 0xB8A
+	SYS_ATAND64                         = 0xB8B
+	SYS_ATANHD128                       = 0xB92
+	SYS_ATANHD32                        = 0xB90
+	SYS_ATANHD64                        = 0xB91
+	SYS_BIND2ADDRSEL                    = 0xD59
+	SYS_C16RTOMB                        = 0xD40
+	SYS_C32RTOMB                        = 0xD41
+	SYS_CBRTD128                        = 0xB95
+	SYS_CBRTD32                         = 0xB93
+	SYS_CBRTD64                         = 0xB94
+	SYS_CEILD128                        = 0xB98
+	SYS_CEILD32                         = 0xB96
+	SYS_CEILD64                         = 0xB97
+	SYS_CLEARENV                        = 0x0C9
+	SYS_CLEARERR_UNLOCKED               = 0xCA1
+	SYS_CLOCK                           = 0x0AA
+	SYS_CLOGL                           = 0xA00
+	SYS_CLRMEMF                         = 0x0BD
+	SYS_CONJ                            = 0xA03
+	SYS_CONJF                           = 0xA06
+	SYS_CONJL                           = 0xA09
+	SYS_COPYSIGND128                    = 0xB9E
+	SYS_COPYSIGND32                     = 0xB9C
+	SYS_COPYSIGND64                     = 0xB9D
+	SYS_COSD128                         = 0xBA1
+	SYS_COSD32                          = 0xB9F
+	SYS_COSD64                          = 0xBA0
+	SYS_COSHD128                        = 0xBA4
+	SYS_COSHD32                         = 0xBA2
+	SYS_COSHD64                         = 0xBA3
+	SYS_CPOW                            = 0xA0C
+	SYS_CPOWF                           = 0xA0F
+	SYS_CPOWL                           = 0xA12
+	SYS_CPROJ                           = 0xA15
+	SYS_CPROJF                          = 0xA18
+	SYS_CPROJL                          = 0xA1B
+	SYS_CREAL                           = 0xA1E
+	SYS_CREALF                          = 0xA21
+	SYS_CREALL                          = 0xA24
+	SYS_CSIN                            = 0xA27
+	SYS_CSINF                           = 0xA2A
+	SYS_CSINH                           = 0xA30
+	SYS_CSINHF                          = 0xA33
+	SYS_CSINHL                          = 0xA36
+	SYS_CSINL                           = 0xA2D
+	SYS_CSNAP                           = 0x0C5
+	SYS_CSQRT                           = 0xA39
+	SYS_CSQRTF                          = 0xA3C
+	SYS_CSQRTL                          = 0xA3F
+	SYS_CTAN                            = 0xA42
+	SYS_CTANF                           = 0xA45
+	SYS_CTANH                           = 0xA4B
+	SYS_CTANHF                          = 0xA4E
+	SYS_CTANHL                          = 0xA51
+	SYS_CTANL                           = 0xA48
+	SYS_CTIME                           = 0x0AB
+	SYS_CTIME64                         = 0xCD9
+	SYS_CTIME64_R                       = 0xCDA
+	SYS_CTRACE                          = 0x0C6
+	SYS_DIFFTIME                        = 0x0A7
+	SYS_DIFFTIME64                      = 0xCDB
+	SYS_DLADDR                          = 0xC82
+	SYS_DYNALLOC                        = 0x0C3
+	SYS_DYNFREE                         = 0x0C2
+	SYS_ERFCD128                        = 0xBAA
+	SYS_ERFCD32                         = 0xBA8
+	SYS_ERFCD64                         = 0xBA9
+	SYS_ERFD128                         = 0xBA7
+	SYS_ERFD32                          = 0xBA5
+	SYS_ERFD64                          = 0xBA6
+	SYS_EXP2D128                        = 0xBB0
+	SYS_EXP2D32                         = 0xBAE
+	SYS_EXP2D64                         = 0xBAF
+	SYS_EXPD128                         = 0xBAD
+	SYS_EXPD32                          = 0xBAB
+	SYS_EXPD64                          = 0xBAC
+	SYS_EXPM1D128                       = 0xBB3
+	SYS_EXPM1D32                        = 0xBB1
+	SYS_EXPM1D64                        = 0xBB2
+	SYS_FABSD128                        = 0xBB6
+	SYS_FABSD32                         = 0xBB4
+	SYS_FABSD64                         = 0xBB5
+	SYS_FDELREC_UNLOCKED                = 0xCA2
+	SYS_FDIMD128                        = 0xBB9
+	SYS_FDIMD32                         = 0xBB7
+	SYS_FDIMD64                         = 0xBB8
+	SYS_FDOPEN_UNLOCKED                 = 0xCFC
+	SYS_FECLEAREXCEPT                   = 0xAEA
+	SYS_FEGETENV                        = 0xAEB
+	SYS_FEGETEXCEPTFLAG                 = 0xAEC
+	SYS_FEGETROUND                      = 0xAED
+	SYS_FEHOLDEXCEPT                    = 0xAEE
+	SYS_FEOF_UNLOCKED                   = 0xCA3
+	SYS_FERAISEEXCEPT                   = 0xAEF
+	SYS_FERROR_UNLOCKED                 = 0xCA4
+	SYS_FESETENV                        = 0xAF0
+	SYS_FESETEXCEPTFLAG                 = 0xAF1
+	SYS_FESETROUND                      = 0xAF2
+	SYS_FETCHEP                         = 0x0BF
+	SYS_FETESTEXCEPT                    = 0xAF3
+	SYS_FEUPDATEENV                     = 0xAF4
+	SYS_FE_DEC_GETROUND                 = 0xBBA
+	SYS_FE_DEC_SETROUND                 = 0xBBB
+	SYS_FFLUSH_UNLOCKED                 = 0xCA5
+	SYS_FGETC_UNLOCKED                  = 0xC80
+	SYS_FGETPOS64                       = 0xCEE
+	SYS_FGETPOS64_UNLOCKED              = 0xCF4
+	SYS_FGETPOS_UNLOCKED                = 0xCA6
+	SYS_FGETS_UNLOCKED                  = 0xC7C
+	SYS_FGETWC_UNLOCKED                 = 0xCA7
+	SYS_FGETWS_UNLOCKED                 = 0xCA8
+	SYS_FILENO_UNLOCKED                 = 0xCA9
+	SYS_FLDATA                          = 0x0C1
+	SYS_FLDATA_UNLOCKED                 = 0xCAA
+	SYS_FLOCATE_UNLOCKED                = 0xCAB
+	SYS_FLOORD128                       = 0xBBE
+	SYS_FLOORD32                        = 0xBBC
+	SYS_FLOORD64                        = 0xBBD
+	SYS_FMA                             = 0xA63
+	SYS_FMAD128                         = 0xBC1
+	SYS_FMAD32                          = 0xBBF
+	SYS_FMAD64                          = 0xBC0
+	SYS_FMAF                            = 0xA66
+	SYS_FMAL                            = 0xA69
+	SYS_FMAX                            = 0xA6C
+	SYS_FMAXD128                        = 0xBC4
+	SYS_FMAXD32                         = 0xBC2
+	SYS_FMAXD64                         = 0xBC3
+	SYS_FMAXF                           = 0xA6F
+	SYS_FMAXL                           = 0xA72
+	SYS_FMIN                            = 0xA75
+	SYS_FMIND128                        = 0xBC7
+	SYS_FMIND32                         = 0xBC5
+	SYS_FMIND64                         = 0xBC6
+	SYS_FMINF                           = 0xA78
+	SYS_FMINL                           = 0xA7B
+	SYS_FMODD128                        = 0xBCA
+	SYS_FMODD32                         = 0xBC8
+	SYS_FMODD64                         = 0xBC9
+	SYS_FOPEN64                         = 0xD49
+	SYS_FOPEN64_UNLOCKED                = 0xD4A
+	SYS_FOPEN_UNLOCKED                  = 0xCFA
+	SYS_FPRINTF_UNLOCKED                = 0xCAC
+	SYS_FPUTC_UNLOCKED                  = 0xC81
+	SYS_FPUTS_UNLOCKED                  = 0xC7E
+	SYS_FPUTWC_UNLOCKED                 = 0xCAD
+	SYS_FPUTWS_UNLOCKED                 = 0xCAE
+	SYS_FREAD_NOUPDATE                  = 0xCEC
+	SYS_FREAD_NOUPDATE_UNLOCKED         = 0xCED
+	SYS_FREAD_UNLOCKED                  = 0xC7B
+	SYS_FREEIFADDRS                     = 0xCE6
+	SYS_FREOPEN64                       = 0xD4B
+	SYS_FREOPEN64_UNLOCKED              = 0xD4C
+	SYS_FREOPEN_UNLOCKED                = 0xCFB
+	SYS_FREXPD128                       = 0xBCE
+	SYS_FREXPD32                        = 0xBCC
+	SYS_FREXPD64                        = 0xBCD
+	SYS_FSCANF_UNLOCKED                 = 0xCAF
+	SYS_FSEEK64                         = 0xCEF
+	SYS_FSEEK64_UNLOCKED                = 0xCF5
+	SYS_FSEEKO64                        = 0xCF0
+	SYS_FSEEKO64_UNLOCKED               = 0xCF6
+	SYS_FSEEKO_UNLOCKED                 = 0xCB1
+	SYS_FSEEK_UNLOCKED                  = 0xCB0
+	SYS_FSETPOS64                       = 0xCF1
+	SYS_FSETPOS64_UNLOCKED              = 0xCF7
+	SYS_FSETPOS_UNLOCKED                = 0xCB3
+	SYS_FTELL64                         = 0xCF2
+	SYS_FTELL64_UNLOCKED                = 0xCF8
+	SYS_FTELLO64                        = 0xCF3
+	SYS_FTELLO64_UNLOCKED               = 0xCF9
+	SYS_FTELLO_UNLOCKED                 = 0xCB5
+	SYS_FTELL_UNLOCKED                  = 0xCB4
+	SYS_FUPDATE                         = 0x0B5
+	SYS_FUPDATE_UNLOCKED                = 0xCB7
+	SYS_FWIDE_UNLOCKED                  = 0xCB8
+	SYS_FWPRINTF_UNLOCKED               = 0xCB9
+	SYS_FWRITE_UNLOCKED                 = 0xC7A
+	SYS_FWSCANF_UNLOCKED                = 0xCBA
+	SYS_GETDATE64                       = 0xD4F
+	SYS_GETIFADDRS                      = 0xCE7
+	SYS_GETIPV4SOURCEFILTER             = 0xC77
+	SYS_GETSOURCEFILTER                 = 0xC79
+	SYS_GETSYNTX                        = 0x0FD
+	SYS_GETS_UNLOCKED                   = 0xC7D
+	SYS_GETTIMEOFDAY64                  = 0xD50
+	SYS_GETWCHAR_UNLOCKED               = 0xCBC
+	SYS_GETWC_UNLOCKED                  = 0xCBB
+	SYS_GMTIME                          = 0x0B0
+	SYS_GMTIME64                        = 0xCDC
+	SYS_GMTIME64_R                      = 0xCDD
+	SYS_HYPOTD128                       = 0xBD1
+	SYS_HYPOTD32                        = 0xBCF
+	SYS_HYPOTD64                        = 0xBD0
+	SYS_ILOGBD128                       = 0xBD4
+	SYS_ILOGBD32                        = 0xBD2
+	SYS_ILOGBD64                        = 0xBD3
+	SYS_ILOGBF                          = 0xA7E
+	SYS_ILOGBL                          = 0xA81
+	SYS_INET6_IS_SRCADDR                = 0xD5A
+	SYS_ISBLANK                         = 0x0FE
+	SYS_ISWALNUM                        = 0x0FF
+	SYS_LDEXPD128                       = 0xBD7
+	SYS_LDEXPD32                        = 0xBD5
+	SYS_LDEXPD64                        = 0xBD6
+	SYS_LGAMMAD128                      = 0xBDA
+	SYS_LGAMMAD32                       = 0xBD8
+	SYS_LGAMMAD64                       = 0xBD9
+	SYS_LIO_LISTIO                      = 0xC6A
+	SYS_LLRINT                          = 0xA84
+	SYS_LLRINTD128                      = 0xBDD
+	SYS_LLRINTD32                       = 0xBDB
+	SYS_LLRINTD64                       = 0xBDC
+	SYS_LLRINTF                         = 0xA87
+	SYS_LLRINTL                         = 0xA8A
+	SYS_LLROUND                         = 0xA8D
+	SYS_LLROUNDD128                     = 0xBE0
+	SYS_LLROUNDD32                      = 0xBDE
+	SYS_LLROUNDD64                      = 0xBDF
+	SYS_LLROUNDF                        = 0xA90
+	SYS_LLROUNDL                        = 0xA93
+	SYS_LOCALTIM                        = 0x0B1
+	SYS_LOCALTIME                       = 0x0B1
+	SYS_LOCALTIME64                     = 0xCDE
+	SYS_LOCALTIME64_R                   = 0xCDF
+	SYS_LOG10D128                       = 0xBE6
+	SYS_LOG10D32                        = 0xBE4
+	SYS_LOG10D64                        = 0xBE5
+	SYS_LOG1PD128                       = 0xBE9
+	SYS_LOG1PD32                        = 0xBE7
+	SYS_LOG1PD64                        = 0xBE8
+	SYS_LOG2D128                        = 0xBEC
+	SYS_LOG2D32                         = 0xBEA
+	SYS_LOG2D64                         = 0xBEB
+	SYS_LOGBD128                        = 0xBEF
+	SYS_LOGBD32                         = 0xBED
+	SYS_LOGBD64                         = 0xBEE
+	SYS_LOGBF                           = 0xA96
+	SYS_LOGBL                           = 0xA99
+	SYS_LOGD128                         = 0xBE3
+	SYS_LOGD32                          = 0xBE1
+	SYS_LOGD64                          = 0xBE2
+	SYS_LRINT                           = 0xA9C
+	SYS_LRINTD128                       = 0xBF2
+	SYS_LRINTD32                        = 0xBF0
+	SYS_LRINTD64                        = 0xBF1
+	SYS_LRINTF                          = 0xA9F
+	SYS_LRINTL                          = 0xAA2
+	SYS_LROUNDD128                      = 0xBF5
+	SYS_LROUNDD32                       = 0xBF3
+	SYS_LROUNDD64                       = 0xBF4
+	SYS_LROUNDL                         = 0xAA5
+	SYS_MBLEN                           = 0x0AF
+	SYS_MBRTOC16                        = 0xD42
+	SYS_MBRTOC32                        = 0xD43
+	SYS_MEMSET                          = 0x0A3
+	SYS_MKTIME                          = 0x0AC
+	SYS_MKTIME64                        = 0xCE0
+	SYS_MODFD128                        = 0xBF8
+	SYS_MODFD32                         = 0xBF6
+	SYS_MODFD64                         = 0xBF7
+	SYS_NAN                             = 0xAA8
+	SYS_NAND128                         = 0xBFB
+	SYS_NAND32                          = 0xBF9
+	SYS_NAND64                          = 0xBFA
+	SYS_NANF                            = 0xAAA
+	SYS_NANL                            = 0xAAC
+	SYS_NEARBYINT                       = 0xAAE
+	SYS_NEARBYINTD128                   = 0xBFE
+	SYS_NEARBYINTD32                    = 0xBFC
+	SYS_NEARBYINTD64                    = 0xBFD
+	SYS_NEARBYINTF                      = 0xAB1
+	SYS_NEARBYINTL                      = 0xAB4
+	SYS_NEXTAFTERD128                   = 0xC01
+	SYS_NEXTAFTERD32                    = 0xBFF
+	SYS_NEXTAFTERD64                    = 0xC00
+	SYS_NEXTAFTERF                      = 0xAB7
+	SYS_NEXTAFTERL                      = 0xABA
+	SYS_NEXTTOWARD                      = 0xABD
+	SYS_NEXTTOWARDD128                  = 0xC04
+	SYS_NEXTTOWARDD32                   = 0xC02
+	SYS_NEXTTOWARDD64                   = 0xC03
+	SYS_NEXTTOWARDF                     = 0xAC0
+	SYS_NEXTTOWARDL                     = 0xAC3
+	SYS_NL_LANGINFO                     = 0x0FC
+	SYS_PERROR_UNLOCKED                 = 0xCBD
+	SYS_POSIX_FALLOCATE                 = 0xCE8
+	SYS_POSIX_MEMALIGN                  = 0xCE9
+	SYS_POSIX_OPENPT                    = 0xC66
+	SYS_POWD128                         = 0xC07
+	SYS_POWD32                          = 0xC05
+	SYS_POWD64                          = 0xC06
+	SYS_PRINTF_UNLOCKED                 = 0xCBE
+	SYS_PSELECT                         = 0xC67
+	SYS_PTHREAD_ATTR_GETSTACK           = 0xB3E
+	SYS_PTHREAD_ATTR_SETSTACK           = 0xB3F
+	SYS_PTHREAD_SECURITY_APPLID_NP      = 0xCE4
+	SYS_PUTS_UNLOCKED                   = 0xC7F
+	SYS_PUTWCHAR_UNLOCKED               = 0xCC0
+	SYS_PUTWC_UNLOCKED                  = 0xCBF
+	SYS_QUANTEXPD128                    = 0xD46
+	SYS_QUANTEXPD32                     = 0xD44
+	SYS_QUANTEXPD64                     = 0xD45
+	SYS_QUANTIZED128                    = 0xC0A
+	SYS_QUANTIZED32                     = 0xC08
+	SYS_QUANTIZED64                     = 0xC09
+	SYS_REMAINDERD128                   = 0xC0D
+	SYS_REMAINDERD32                    = 0xC0B
+	SYS_REMAINDERD64                    = 0xC0C
+	SYS_RESIZE_ALLOC                    = 0xCEB
+	SYS_REWIND_UNLOCKED                 = 0xCC1
+	SYS_RINTD128                        = 0xC13
+	SYS_RINTD32                         = 0xC11
+	SYS_RINTD64                         = 0xC12
+	SYS_RINTF                           = 0xACB
+	SYS_RINTL                           = 0xACD
+	SYS_ROUND                           = 0xACF
+	SYS_ROUNDD128                       = 0xC16
+	SYS_ROUNDD32                        = 0xC14
+	SYS_ROUNDD64                        = 0xC15
+	SYS_ROUNDF                          = 0xAD2
+	SYS_ROUNDL                          = 0xAD5
+	SYS_SAMEQUANTUMD128                 = 0xC19
+	SYS_SAMEQUANTUMD32                  = 0xC17
+	SYS_SAMEQUANTUMD64                  = 0xC18
+	SYS_SCALBLN                         = 0xAD8
+	SYS_SCALBLND128                     = 0xC1C
+	SYS_SCALBLND32                      = 0xC1A
+	SYS_SCALBLND64                      = 0xC1B
+	SYS_SCALBLNF                        = 0xADB
+	SYS_SCALBLNL                        = 0xADE
+	SYS_SCALBND128                      = 0xC1F
+	SYS_SCALBND32                       = 0xC1D
+	SYS_SCALBND64                       = 0xC1E
+	SYS_SCALBNF                         = 0xAE3
+	SYS_SCALBNL                         = 0xAE6
+	SYS_SCANF_UNLOCKED                  = 0xCC2
+	SYS_SCHED_YIELD                     = 0xB32
+	SYS_SETENV                          = 0x0C8
+	SYS_SETIPV4SOURCEFILTER             = 0xC76
+	SYS_SETSOURCEFILTER                 = 0xC78
+	SYS_SHM_OPEN                        = 0xC8C
+	SYS_SHM_UNLINK                      = 0xC8D
+	SYS_SIND128                         = 0xC22
+	SYS_SIND32                          = 0xC20
+	SYS_SIND64                          = 0xC21
+	SYS_SINHD128                        = 0xC25
+	SYS_SINHD32                         = 0xC23
+	SYS_SINHD64                         = 0xC24
+	SYS_SIZEOF_ALLOC                    = 0xCEA
+	SYS_SOCKATMARK                      = 0xC68
+	SYS_SQRTD128                        = 0xC28
+	SYS_SQRTD32                         = 0xC26
+	SYS_SQRTD64                         = 0xC27
+	SYS_STRCHR                          = 0x0A0
+	SYS_STRCSPN                         = 0x0A1
+	SYS_STRERROR                        = 0x0A8
+	SYS_STRERROR_R                      = 0xB33
+	SYS_STRFTIME                        = 0x0B2
+	SYS_STRLEN                          = 0x0A9
+	SYS_STRPBRK                         = 0x0A2
+	SYS_STRSPN                          = 0x0A4
+	SYS_STRSTR                          = 0x0A5
+	SYS_STRTOD128                       = 0xC2B
+	SYS_STRTOD32                        = 0xC29
+	SYS_STRTOD64                        = 0xC2A
+	SYS_STRTOK                          = 0x0A6
+	SYS_TAND128                         = 0xC2E
+	SYS_TAND32                          = 0xC2C
+	SYS_TAND64                          = 0xC2D
+	SYS_TANHD128                        = 0xC31
+	SYS_TANHD32                         = 0xC2F
+	SYS_TANHD64                         = 0xC30
+	SYS_TGAMMAD128                      = 0xC34
+	SYS_TGAMMAD32                       = 0xC32
+	SYS_TGAMMAD64                       = 0xC33
+	SYS_TIME                            = 0x0AD
+	SYS_TIME64                          = 0xCE1
+	SYS_TMPFILE64                       = 0xD4D
+	SYS_TMPFILE64_UNLOCKED              = 0xD4E
+	SYS_TMPFILE_UNLOCKED                = 0xCFD
+	SYS_TRUNCD128                       = 0xC40
+	SYS_TRUNCD32                        = 0xC3E
+	SYS_TRUNCD64                        = 0xC3F
+	SYS_UNGETC_UNLOCKED                 = 0xCC3
+	SYS_UNGETWC_UNLOCKED                = 0xCC4
+	SYS_UNSETENV                        = 0xB34
+	SYS_VFPRINTF_UNLOCKED               = 0xCC5
+	SYS_VFSCANF_UNLOCKED                = 0xCC7
+	SYS_VFWPRINTF_UNLOCKED              = 0xCC9
+	SYS_VFWSCANF_UNLOCKED               = 0xCCB
+	SYS_VPRINTF_UNLOCKED                = 0xCCD
+	SYS_VSCANF_UNLOCKED                 = 0xCCF
+	SYS_VWPRINTF_UNLOCKED               = 0xCD1
+	SYS_VWSCANF_UNLOCKED                = 0xCD3
+	SYS_WCSTOD128                       = 0xC43
+	SYS_WCSTOD32                        = 0xC41
+	SYS_WCSTOD64                        = 0xC42
+	SYS_WPRINTF_UNLOCKED                = 0xCD5
+	SYS_WSCANF_UNLOCKED                 = 0xCD6
+	SYS__FLUSHLBF                       = 0xD68
+	SYS__FLUSHLBF_UNLOCKED              = 0xD6F
+	SYS___ACOSHF_H                      = 0xA54
+	SYS___ACOSHL_H                      = 0xA55
+	SYS___ASINHF_H                      = 0xA56
+	SYS___ASINHL_H                      = 0xA57
+	SYS___ATANPID128                    = 0xC6D
+	SYS___ATANPID32                     = 0xC6B
+	SYS___ATANPID64                     = 0xC6C
+	SYS___CBRTF_H                       = 0xA58
+	SYS___CBRTL_H                       = 0xA59
+	SYS___CDUMP                         = 0x0C4
+	SYS___CLASS                         = 0xAFA
+	SYS___CLASS2                        = 0xB99
+	SYS___CLASS2D128                    = 0xC99
+	SYS___CLASS2D32                     = 0xC97
+	SYS___CLASS2D64                     = 0xC98
+	SYS___CLASS2F                       = 0xC91
+	SYS___CLASS2F_B                     = 0xC93
+	SYS___CLASS2F_H                     = 0xC94
+	SYS___CLASS2L                       = 0xC92
+	SYS___CLASS2L_B                     = 0xC95
+	SYS___CLASS2L_H                     = 0xC96
+	SYS___CLASS2_B                      = 0xB9A
+	SYS___CLASS2_H                      = 0xB9B
+	SYS___CLASS_B                       = 0xAFB
+	SYS___CLASS_H                       = 0xAFC
+	SYS___CLOGL_B                       = 0xA01
+	SYS___CLOGL_H                       = 0xA02
+	SYS___CLRENV                        = 0x0C9
+	SYS___CLRMF                         = 0x0BD
+	SYS___CODEPAGE_INFO                 = 0xC64
+	SYS___CONJF_B                       = 0xA07
+	SYS___CONJF_H                       = 0xA08
+	SYS___CONJL_B                       = 0xA0A
+	SYS___CONJL_H                       = 0xA0B
+	SYS___CONJ_B                        = 0xA04
+	SYS___CONJ_H                        = 0xA05
+	SYS___COPYSIGN_B                    = 0xA5A
+	SYS___COPYSIGN_H                    = 0xAF5
+	SYS___COSPID128                     = 0xC70
+	SYS___COSPID32                      = 0xC6E
+	SYS___COSPID64                      = 0xC6F
+	SYS___CPOWF_B                       = 0xA10
+	SYS___CPOWF_H                       = 0xA11
+	SYS___CPOWL_B                       = 0xA13
+	SYS___CPOWL_H                       = 0xA14
+	SYS___CPOW_B                        = 0xA0D
+	SYS___CPOW_H                        = 0xA0E
+	SYS___CPROJF_B                      = 0xA19
+	SYS___CPROJF_H                      = 0xA1A
+	SYS___CPROJL_B                      = 0xA1C
+	SYS___CPROJL_H                      = 0xA1D
+	SYS___CPROJ_B                       = 0xA16
+	SYS___CPROJ_H                       = 0xA17
+	SYS___CREALF_B                      = 0xA22
+	SYS___CREALF_H                      = 0xA23
+	SYS___CREALL_B                      = 0xA25
+	SYS___CREALL_H                      = 0xA26
+	SYS___CREAL_B                       = 0xA1F
+	SYS___CREAL_H                       = 0xA20
+	SYS___CSINF_B                       = 0xA2B
+	SYS___CSINF_H                       = 0xA2C
+	SYS___CSINHF_B                      = 0xA34
+	SYS___CSINHF_H                      = 0xA35
+	SYS___CSINHL_B                      = 0xA37
+	SYS___CSINHL_H                      = 0xA38
+	SYS___CSINH_B                       = 0xA31
+	SYS___CSINH_H                       = 0xA32
+	SYS___CSINL_B                       = 0xA2E
+	SYS___CSINL_H                       = 0xA2F
+	SYS___CSIN_B                        = 0xA28
+	SYS___CSIN_H                        = 0xA29
+	SYS___CSNAP                         = 0x0C5
+	SYS___CSQRTF_B                      = 0xA3D
+	SYS___CSQRTF_H                      = 0xA3E
+	SYS___CSQRTL_B                      = 0xA40
+	SYS___CSQRTL_H                      = 0xA41
+	SYS___CSQRT_B                       = 0xA3A
+	SYS___CSQRT_H                       = 0xA3B
+	SYS___CTANF_B                       = 0xA46
+	SYS___CTANF_H                       = 0xA47
+	SYS___CTANHF_B                      = 0xA4F
+	SYS___CTANHF_H                      = 0xA50
+	SYS___CTANHL_B                      = 0xA52
+	SYS___CTANHL_H                      = 0xA53
+	SYS___CTANH_B                       = 0xA4C
+	SYS___CTANH_H                       = 0xA4D
+	SYS___CTANL_B                       = 0xA49
+	SYS___CTANL_H                       = 0xA4A
+	SYS___CTAN_B                        = 0xA43
+	SYS___CTAN_H                        = 0xA44
+	SYS___CTEST                         = 0x0C7
+	SYS___CTRACE                        = 0x0C6
+	SYS___D1TOP                         = 0xC9B
+	SYS___D2TOP                         = 0xC9C
+	SYS___D4TOP                         = 0xC9D
+	SYS___DYNALL                        = 0x0C3
+	SYS___DYNFRE                        = 0x0C2
+	SYS___EXP2F_H                       = 0xA5E
+	SYS___EXP2L_H                       = 0xA5F
+	SYS___EXP2_H                        = 0xA5D
+	SYS___EXPM1F_H                      = 0xA5B
+	SYS___EXPM1L_H                      = 0xA5C
+	SYS___FBUFSIZE                      = 0xD60
+	SYS___FLBF                          = 0xD62
+	SYS___FLDATA                        = 0x0C1
+	SYS___FMAF_B                        = 0xA67
+	SYS___FMAF_H                        = 0xA68
+	SYS___FMAL_B                        = 0xA6A
+	SYS___FMAL_H                        = 0xA6B
+	SYS___FMAXF_B                       = 0xA70
+	SYS___FMAXF_H                       = 0xA71
+	SYS___FMAXL_B                       = 0xA73
+	SYS___FMAXL_H                       = 0xA74
+	SYS___FMAX_B                        = 0xA6D
+	SYS___FMAX_H                        = 0xA6E
+	SYS___FMA_B                         = 0xA64
+	SYS___FMA_H                         = 0xA65
+	SYS___FMINF_B                       = 0xA79
+	SYS___FMINF_H                       = 0xA7A
+	SYS___FMINL_B                       = 0xA7C
+	SYS___FMINL_H                       = 0xA7D
+	SYS___FMIN_B                        = 0xA76
+	SYS___FMIN_H                        = 0xA77
+	SYS___FPENDING                      = 0xD61
+	SYS___FPENDING_UNLOCKED             = 0xD6C
+	SYS___FPURGE                        = 0xD69
+	SYS___FPURGE_UNLOCKED               = 0xD70
+	SYS___FP_CAST_D                     = 0xBCB
+	SYS___FREADABLE                     = 0xD63
+	SYS___FREADAHEAD                    = 0xD6A
+	SYS___FREADAHEAD_UNLOCKED           = 0xD71
+	SYS___FREADING                      = 0xD65
+	SYS___FREADING_UNLOCKED             = 0xD6D
+	SYS___FSEEK2                        = 0xB3C
+	SYS___FSETERR                       = 0xD6B
+	SYS___FSETLOCKING                   = 0xD67
+	SYS___FTCHEP                        = 0x0BF
+	SYS___FTELL2                        = 0xB3B
+	SYS___FUPDT                         = 0x0B5
+	SYS___FWRITABLE                     = 0xD64
+	SYS___FWRITING                      = 0xD66
+	SYS___FWRITING_UNLOCKED             = 0xD6E
+	SYS___GETCB                         = 0x0B4
+	SYS___GETGRGID1                     = 0xD5B
+	SYS___GETGRNAM1                     = 0xD5C
+	SYS___GETTHENT                      = 0xCE5
+	SYS___GETTOD                        = 0xD3E
+	SYS___HYPOTF_H                      = 0xAF6
+	SYS___HYPOTL_H                      = 0xAF7
+	SYS___ILOGBF_B                      = 0xA7F
+	SYS___ILOGBF_H                      = 0xA80
+	SYS___ILOGBL_B                      = 0xA82
+	SYS___ILOGBL_H                      = 0xA83
+	SYS___ISBLANK_A                     = 0xB2E
+	SYS___ISBLNK                        = 0x0FE
+	SYS___ISWBLANK_A                    = 0xB2F
+	SYS___LE_CEEGTJS                    = 0xD72
+	SYS___LE_TRACEBACK                  = 0xB7A
+	SYS___LGAMMAL_H                     = 0xA62
+	SYS___LGAMMA_B_C99                  = 0xB39
+	SYS___LGAMMA_H_C99                  = 0xB38
+	SYS___LGAMMA_R_C99                  = 0xB3A
+	SYS___LLRINTF_B                     = 0xA88
+	SYS___LLRINTF_H                     = 0xA89
+	SYS___LLRINTL_B                     = 0xA8B
+	SYS___LLRINTL_H                     = 0xA8C
+	SYS___LLRINT_B                      = 0xA85
+	SYS___LLRINT_H                      = 0xA86
+	SYS___LLROUNDF_B                    = 0xA91
+	SYS___LLROUNDF_H                    = 0xA92
+	SYS___LLROUNDL_B                    = 0xA94
+	SYS___LLROUNDL_H                    = 0xA95
+	SYS___LLROUND_B                     = 0xA8E
+	SYS___LLROUND_H                     = 0xA8F
+	SYS___LOCALE_CTL                    = 0xD47
+	SYS___LOG1PF_H                      = 0xA60
+	SYS___LOG1PL_H                      = 0xA61
+	SYS___LOGBF_B                       = 0xA97
+	SYS___LOGBF_H                       = 0xA98
+	SYS___LOGBL_B                       = 0xA9A
+	SYS___LOGBL_H                       = 0xA9B
+	SYS___LOGIN_APPLID                  = 0xCE2
+	SYS___LRINTF_B                      = 0xAA0
+	SYS___LRINTF_H                      = 0xAA1
+	SYS___LRINTL_B                      = 0xAA3
+	SYS___LRINTL_H                      = 0xAA4
+	SYS___LRINT_B                       = 0xA9D
+	SYS___LRINT_H                       = 0xA9E
+	SYS___LROUNDF_FIXUP                 = 0xB31
+	SYS___LROUNDL_B                     = 0xAA6
+	SYS___LROUNDL_H                     = 0xAA7
+	SYS___LROUND_FIXUP                  = 0xB30
+	SYS___MOSERVICES                    = 0xD3D
+	SYS___MUST_STAY_CLEAN               = 0xB7C
+	SYS___NANF_B                        = 0xAAB
+	SYS___NANL_B                        = 0xAAD
+	SYS___NAN_B                         = 0xAA9
+	SYS___NEARBYINTF_B                  = 0xAB2
+	SYS___NEARBYINTF_H                  = 0xAB3
+	SYS___NEARBYINTL_B                  = 0xAB5
+	SYS___NEARBYINTL_H                  = 0xAB6
+	SYS___NEARBYINT_B                   = 0xAAF
+	SYS___NEARBYINT_H                   = 0xAB0
+	SYS___NEXTAFTERF_B                  = 0xAB8
+	SYS___NEXTAFTERF_H                  = 0xAB9
+	SYS___NEXTAFTERL_B                  = 0xABB
+	SYS___NEXTAFTERL_H                  = 0xABC
+	SYS___NEXTTOWARDF_B                 = 0xAC1
+	SYS___NEXTTOWARDF_H                 = 0xAC2
+	SYS___NEXTTOWARDL_B                 = 0xAC4
+	SYS___NEXTTOWARDL_H                 = 0xAC5
+	SYS___NEXTTOWARD_B                  = 0xABE
+	SYS___NEXTTOWARD_H                  = 0xABF
+	SYS___O_ENV                         = 0xB7D
+	SYS___PASSWD_APPLID                 = 0xCE3
+	SYS___PTOD1                         = 0xC9E
+	SYS___PTOD2                         = 0xC9F
+	SYS___PTOD4                         = 0xCA0
+	SYS___REGCOMP_STD                   = 0x0EA
+	SYS___REMAINDERF_H                  = 0xAC6
+	SYS___REMAINDERL_H                  = 0xAC7
+	SYS___REMQUOD128                    = 0xC10
+	SYS___REMQUOD32                     = 0xC0E
+	SYS___REMQUOD64                     = 0xC0F
+	SYS___REMQUOF_H                     = 0xAC9
+	SYS___REMQUOL_H                     = 0xACA
+	SYS___REMQUO_H                      = 0xAC8
+	SYS___RINTF_B                       = 0xACC
+	SYS___RINTL_B                       = 0xACE
+	SYS___ROUNDF_B                      = 0xAD3
+	SYS___ROUNDF_H                      = 0xAD4
+	SYS___ROUNDL_B                      = 0xAD6
+	SYS___ROUNDL_H                      = 0xAD7
+	SYS___ROUND_B                       = 0xAD0
+	SYS___ROUND_H                       = 0xAD1
+	SYS___SCALBLNF_B                    = 0xADC
+	SYS___SCALBLNF_H                    = 0xADD
+	SYS___SCALBLNL_B                    = 0xADF
+	SYS___SCALBLNL_H                    = 0xAE0
+	SYS___SCALBLN_B                     = 0xAD9
+	SYS___SCALBLN_H                     = 0xADA
+	SYS___SCALBNF_B                     = 0xAE4
+	SYS___SCALBNF_H                     = 0xAE5
+	SYS___SCALBNL_B                     = 0xAE7
+	SYS___SCALBNL_H                     = 0xAE8
+	SYS___SCALBN_B                      = 0xAE1
+	SYS___SCALBN_H                      = 0xAE2
+	SYS___SETENV                        = 0x0C8
+	SYS___SINPID128                     = 0xC73
+	SYS___SINPID32                      = 0xC71
+	SYS___SINPID64                      = 0xC72
+	SYS___SMF_RECORD2                   = 0xD48
+	SYS___STATIC_REINIT                 = 0xB3D
+	SYS___TGAMMAF_H_C99                 = 0xB79
+	SYS___TGAMMAL_H                     = 0xAE9
+	SYS___TGAMMA_H_C99                  = 0xB78
+	SYS___TOCSNAME2                     = 0xC9A
+	SYS_CEIL                            = 0x01F
+	SYS_CHAUDIT                         = 0x1E0
+	SYS_EXP                             = 0x01A
+	SYS_FCHAUDIT                        = 0x1E1
+	SYS_FREXP                           = 0x01D
+	SYS_GETGROUPSBYNAME                 = 0x1E2
+	SYS_GETPWUID                        = 0x1A0
+	SYS_GETUID                          = 0x1A1
+	SYS_ISATTY                          = 0x1A3
+	SYS_KILL                            = 0x1A4
+	SYS_LDEXP                           = 0x01E
+	SYS_LINK                            = 0x1A5
+	SYS_LOG10                           = 0x01C
+	SYS_LSEEK                           = 0x1A6
+	SYS_LSTAT                           = 0x1A7
+	SYS_MKDIR                           = 0x1A8
+	SYS_MKFIFO                          = 0x1A9
+	SYS_MKNOD                           = 0x1AA
+	SYS_MODF                            = 0x01B
+	SYS_MOUNT                           = 0x1AB
+	SYS_OPEN                            = 0x1AC
+	SYS_OPENDIR                         = 0x1AD
+	SYS_PATHCONF                        = 0x1AE
+	SYS_PAUSE                           = 0x1AF
+	SYS_PIPE                            = 0x1B0
+	SYS_PTHREAD_ATTR_DESTROY            = 0x1E7
+	SYS_PTHREAD_ATTR_GETDETACHSTATE     = 0x1EB
+	SYS_PTHREAD_ATTR_GETSTACKSIZE       = 0x1E9
+	SYS_PTHREAD_ATTR_GETWEIGHT_NP       = 0x1ED
+	SYS_PTHREAD_ATTR_INIT               = 0x1E6
+	SYS_PTHREAD_ATTR_SETDETACHSTATE     = 0x1EA
+	SYS_PTHREAD_ATTR_SETSTACKSIZE       = 0x1E8
+	SYS_PTHREAD_ATTR_SETWEIGHT_NP       = 0x1EC
+	SYS_PTHREAD_CANCEL                  = 0x1EE
+	SYS_PTHREAD_CLEANUP_POP             = 0x1F0
+	SYS_PTHREAD_CLEANUP_PUSH            = 0x1EF
+	SYS_PTHREAD_CONDATTR_DESTROY        = 0x1F2
+	SYS_PTHREAD_CONDATTR_INIT           = 0x1F1
+	SYS_PTHREAD_COND_BROADCAST          = 0x1F6
+	SYS_PTHREAD_COND_DESTROY            = 0x1F4
+	SYS_PTHREAD_COND_INIT               = 0x1F3
+	SYS_PTHREAD_COND_SIGNAL             = 0x1F5
+	SYS_PTHREAD_COND_TIMEDWAIT          = 0x1F8
+	SYS_PTHREAD_COND_WAIT               = 0x1F7
+	SYS_PTHREAD_CREATE                  = 0x1F9
+	SYS_PTHREAD_DETACH                  = 0x1FA
+	SYS_PTHREAD_EQUAL                   = 0x1FB
+	SYS_PTHREAD_EXIT                    = 0x1E4
+	SYS_PTHREAD_GETSPECIFIC             = 0x1FC
+	SYS_PTHREAD_JOIN                    = 0x1FD
+	SYS_PTHREAD_KEY_CREATE              = 0x1FE
+	SYS_PTHREAD_KILL                    = 0x1E5
+	SYS_PTHREAD_MUTEXATTR_INIT          = 0x1FF
+	SYS_READ                            = 0x1B2
+	SYS_READDIR                         = 0x1B3
+	SYS_READLINK                        = 0x1B4
+	SYS_REWINDDIR                       = 0x1B5
+	SYS_RMDIR                           = 0x1B6
+	SYS_SETEGID                         = 0x1B7
+	SYS_SETEUID                         = 0x1B8
+	SYS_SETGID                          = 0x1B9
+	SYS_SETPGID                         = 0x1BA
+	SYS_SETSID                          = 0x1BB
+	SYS_SETUID                          = 0x1BC
+	SYS_SIGACTION                       = 0x1BD
+	SYS_SIGADDSET                       = 0x1BE
+	SYS_SIGDELSET                       = 0x1BF
+	SYS_SIGEMPTYSET                     = 0x1C0
+	SYS_SIGFILLSET                      = 0x1C1
+	SYS_SIGISMEMBER                     = 0x1C2
+	SYS_SIGLONGJMP                      = 0x1C3
+	SYS_SIGPENDING                      = 0x1C4
+	SYS_SIGPROCMASK                     = 0x1C5
+	SYS_SIGSETJMP                       = 0x1C6
+	SYS_SIGSUSPEND                      = 0x1C7
+	SYS_SIGWAIT                         = 0x1E3
+	SYS_SLEEP                           = 0x1C8
+	SYS_STAT                            = 0x1C9
+	SYS_SYMLINK                         = 0x1CB
+	SYS_SYSCONF                         = 0x1CC
+	SYS_TCDRAIN                         = 0x1CD
+	SYS_TCFLOW                          = 0x1CE
+	SYS_TCFLUSH                         = 0x1CF
+	SYS_TCGETATTR                       = 0x1D0
+	SYS_TCGETPGRP                       = 0x1D1
+	SYS_TCSENDBREAK                     = 0x1D2
+	SYS_TCSETATTR                       = 0x1D3
+	SYS_TCSETPGRP                       = 0x1D4
+	SYS_TIMES                           = 0x1D5
+	SYS_TTYNAME                         = 0x1D6
+	SYS_TZSET                           = 0x1D7
+	SYS_UMASK                           = 0x1D8
+	SYS_UMOUNT                          = 0x1D9
+	SYS_UNAME                           = 0x1DA
+	SYS_UNLINK                          = 0x1DB
+	SYS_UTIME                           = 0x1DC
+	SYS_WAIT                            = 0x1DD
+	SYS_WAITPID                         = 0x1DE
+	SYS_WRITE                           = 0x1DF
+	SYS_W_GETPSENT                      = 0x1B1
+	SYS_W_IOCTL                         = 0x1A2
+	SYS_W_STATFS                        = 0x1CA
+	SYS_A64L                            = 0x2EF
+	SYS_BCMP                            = 0x2B9
+	SYS_BCOPY                           = 0x2BA
+	SYS_BZERO                           = 0x2BB
+	SYS_CATCLOSE                        = 0x2B6
+	SYS_CATGETS                         = 0x2B7
+	SYS_CATOPEN                         = 0x2B8
+	SYS_CRYPT                           = 0x2AC
+	SYS_DBM_CLEARERR                    = 0x2F7
+	SYS_DBM_CLOSE                       = 0x2F8
+	SYS_DBM_DELETE                      = 0x2F9
+	SYS_DBM_ERROR                       = 0x2FA
+	SYS_DBM_FETCH                       = 0x2FB
+	SYS_DBM_FIRSTKEY                    = 0x2FC
+	SYS_DBM_NEXTKEY                     = 0x2FD
+	SYS_DBM_OPEN                        = 0x2FE
+	SYS_DBM_STORE                       = 0x2FF
+	SYS_DRAND48                         = 0x2B2
+	SYS_ENCRYPT                         = 0x2AD
+	SYS_ENDUTXENT                       = 0x2E1
+	SYS_ERAND48                         = 0x2B3
+	SYS_ERF                             = 0x02C
+	SYS_ERFC                            = 0x02D
+	SYS_FCHDIR                          = 0x2D9
+	SYS_FFS                             = 0x2BC
+	SYS_FMTMSG                          = 0x2E5
+	SYS_FSTATVFS                        = 0x2B4
+	SYS_FTIME                           = 0x2F5
+	SYS_GAMMA                           = 0x02E
+	SYS_GETDATE                         = 0x2A6
+	SYS_GETPAGESIZE                     = 0x2D8
+	SYS_GETTIMEOFDAY                    = 0x2F6
+	SYS_GETUTXENT                       = 0x2E0
+	SYS_GETUTXID                        = 0x2E2
+	SYS_GETUTXLINE                      = 0x2E3
+	SYS_HCREATE                         = 0x2C6
+	SYS_HDESTROY                        = 0x2C7
+	SYS_HSEARCH                         = 0x2C8
+	SYS_HYPOT                           = 0x02B
+	SYS_INDEX                           = 0x2BD
+	SYS_INITSTATE                       = 0x2C2
+	SYS_INSQUE                          = 0x2CF
+	SYS_ISASCII                         = 0x2ED
+	SYS_JRAND48                         = 0x2E6
+	SYS_L64A                            = 0x2F0
+	SYS_LCONG48                         = 0x2EA
+	SYS_LFIND                           = 0x2C9
+	SYS_LRAND48                         = 0x2E7
+	SYS_LSEARCH                         = 0x2CA
+	SYS_MEMCCPY                         = 0x2D4
+	SYS_MRAND48                         = 0x2E8
+	SYS_NRAND48                         = 0x2E9
+	SYS_PCLOSE                          = 0x2D2
+	SYS_POPEN                           = 0x2D1
+	SYS_PUTUTXLINE                      = 0x2E4
+	SYS_RANDOM                          = 0x2C4
+	SYS_REMQUE                          = 0x2D0
+	SYS_RINDEX                          = 0x2BE
+	SYS_SEED48                          = 0x2EC
+	SYS_SETKEY                          = 0x2AE
+	SYS_SETSTATE                        = 0x2C3
+	SYS_SETUTXENT                       = 0x2DF
+	SYS_SRAND48                         = 0x2EB
+	SYS_SRANDOM                         = 0x2C5
+	SYS_STATVFS                         = 0x2B5
+	SYS_STRCASECMP                      = 0x2BF
+	SYS_STRDUP                          = 0x2C0
+	SYS_STRNCASECMP                     = 0x2C1
+	SYS_SWAB                            = 0x2D3
+	SYS_TDELETE                         = 0x2CB
+	SYS_TFIND                           = 0x2CC
+	SYS_TOASCII                         = 0x2EE
+	SYS_TSEARCH                         = 0x2CD
+	SYS_TWALK                           = 0x2CE
+	SYS_UALARM                          = 0x2F1
+	SYS_USLEEP                          = 0x2F2
+	SYS_WAIT3                           = 0x2A7
+	SYS_WAITID                          = 0x2A8
+	SYS_Y1                              = 0x02A
+	SYS___ATOE                          = 0x2DB
+	SYS___ATOE_L                        = 0x2DC
+	SYS___CATTRM                        = 0x2A9
+	SYS___CNVBLK                        = 0x2AF
+	SYS___CRYTRM                        = 0x2B0
+	SYS___DLGHT                         = 0x2A1
+	SYS___ECRTRM                        = 0x2B1
+	SYS___ETOA                          = 0x2DD
+	SYS___ETOA_L                        = 0x2DE
+	SYS___GDTRM                         = 0x2AA
+	SYS___OCLCK                         = 0x2DA
+	SYS___OPARGF                        = 0x2A2
+	SYS___OPERRF                        = 0x2A5
+	SYS___OPINDF                        = 0x2A4
+	SYS___OPOPTF                        = 0x2A3
+	SYS___RNDTRM                        = 0x2AB
+	SYS___SRCTRM                        = 0x2F4
+	SYS___TZONE                         = 0x2A0
+	SYS___UTXTRM                        = 0x2F3
+	SYS_ASIN                            = 0x03E
+	SYS_ISXDIGIT                        = 0x03B
+	SYS_SETLOCAL                        = 0x03A
+	SYS_SETLOCALE                       = 0x03A
+	SYS_SIN                             = 0x03F
+	SYS_TOLOWER                         = 0x03C
+	SYS_TOUPPER                         = 0x03D
+	SYS_ACCEPT_AND_RECV                 = 0x4F7
+	SYS_ATOL                            = 0x04E
+	SYS_CHECKSCH                        = 0x4BC
+	SYS_CHECKSCHENV                     = 0x4BC
+	SYS_CLEARERR                        = 0x04C
+	SYS_CONNECTS                        = 0x4B5
+	SYS_CONNECTSERVER                   = 0x4B5
+	SYS_CONNECTW                        = 0x4B4
+	SYS_CONNECTWORKMGR                  = 0x4B4
+	SYS_CONTINUE                        = 0x4B3
+	SYS_CONTINUEWORKUNIT                = 0x4B3
+	SYS_COPYSIGN                        = 0x4C2
+	SYS_CREATEWO                        = 0x4B2
+	SYS_CREATEWORKUNIT                  = 0x4B2
+	SYS_DELETEWO                        = 0x4B9
+	SYS_DELETEWORKUNIT                  = 0x4B9
+	SYS_DISCONNE                        = 0x4B6
+	SYS_DISCONNECTSERVER                = 0x4B6
+	SYS_FEOF                            = 0x04D
+	SYS_FERROR                          = 0x04A
+	SYS_FINITE                          = 0x4C8
+	SYS_GAMMA_R                         = 0x4E2
+	SYS_JOINWORK                        = 0x4B7
+	SYS_JOINWORKUNIT                    = 0x4B7
+	SYS_LEAVEWOR                        = 0x4B8
+	SYS_LEAVEWORKUNIT                   = 0x4B8
+	SYS_LGAMMA_R                        = 0x4EB
+	SYS_MATHERR                         = 0x4D0
+	SYS_PERROR                          = 0x04F
+	SYS_QUERYMET                        = 0x4BA
+	SYS_QUERYMETRICS                    = 0x4BA
+	SYS_QUERYSCH                        = 0x4BB
+	SYS_QUERYSCHENV                     = 0x4BB
+	SYS_REWIND                          = 0x04B
+	SYS_SCALBN                          = 0x4D4
+	SYS_SIGNIFIC                        = 0x4D5
+	SYS_SIGNIFICAND                     = 0x4D5
+	SYS___ACOSH_B                       = 0x4DA
+	SYS___ACOS_B                        = 0x4D9
+	SYS___ASINH_B                       = 0x4BE
+	SYS___ASIN_B                        = 0x4DB
+	SYS___ATAN2_B                       = 0x4DC
+	SYS___ATANH_B                       = 0x4DD
+	SYS___ATAN_B                        = 0x4BF
+	SYS___CBRT_B                        = 0x4C0
+	SYS___CEIL_B                        = 0x4C1
+	SYS___COSH_B                        = 0x4DE
+	SYS___COS_B                         = 0x4C3
+	SYS___DGHT                          = 0x4A8
+	SYS___ENVN                          = 0x4B0
+	SYS___ERFC_B                        = 0x4C5
+	SYS___ERF_B                         = 0x4C4
+	SYS___EXPM1_B                       = 0x4C6
+	SYS___EXP_B                         = 0x4DF
+	SYS___FABS_B                        = 0x4C7
+	SYS___FLOOR_B                       = 0x4C9
+	SYS___FMOD_B                        = 0x4E0
+	SYS___FP_SETMODE                    = 0x4F8
+	SYS___FREXP_B                       = 0x4CA
+	SYS___GAMMA_B                       = 0x4E1
+	SYS___GDRR                          = 0x4A1
+	SYS___HRRNO                         = 0x4A2
+	SYS___HYPOT_B                       = 0x4E3
+	SYS___ILOGB_B                       = 0x4CB
+	SYS___ISNAN_B                       = 0x4CC
+	SYS___J0_B                          = 0x4E4
+	SYS___J1_B                          = 0x4E6
+	SYS___JN_B                          = 0x4E8
+	SYS___LDEXP_B                       = 0x4CD
+	SYS___LGAMMA_B                      = 0x4EA
+	SYS___LOG10_B                       = 0x4ED
+	SYS___LOG1P_B                       = 0x4CE
+	SYS___LOGB_B                        = 0x4CF
+	SYS___LOGIN                         = 0x4F5
+	SYS___LOG_B                         = 0x4EC
+	SYS___MLOCKALL                      = 0x4B1
+	SYS___MODF_B                        = 0x4D1
+	SYS___NEXTAFTER_B                   = 0x4D2
+	SYS___OPENDIR2                      = 0x4F3
+	SYS___OPEN_STAT                     = 0x4F6
+	SYS___OPND                          = 0x4A5
+	SYS___OPPT                          = 0x4A6
+	SYS___OPRG                          = 0x4A3
+	SYS___OPRR                          = 0x4A4
+	SYS___PID_AFFINITY                  = 0x4BD
+	SYS___POW_B                         = 0x4EE
+	SYS___READDIR2                      = 0x4F4
+	SYS___REMAINDER_B                   = 0x4EF
+	SYS___RINT_B                        = 0x4D3
+	SYS___SCALB_B                       = 0x4F0
+	SYS___SIGACTIONSET                  = 0x4FB
+	SYS___SIGGM                         = 0x4A7
+	SYS___SINH_B                        = 0x4F1
+	SYS___SIN_B                         = 0x4D6
+	SYS___SQRT_B                        = 0x4F2
+	SYS___TANH_B                        = 0x4D8
+	SYS___TAN_B                         = 0x4D7
+	SYS___TRRNO                         = 0x4AF
+	SYS___TZNE                          = 0x4A9
+	SYS___TZZN                          = 0x4AA
+	SYS___UCREATE                       = 0x4FC
+	SYS___UFREE                         = 0x4FE
+	SYS___UHEAPREPORT                   = 0x4FF
+	SYS___UMALLOC                       = 0x4FD
+	SYS___Y0_B                          = 0x4E5
+	SYS___Y1_B                          = 0x4E7
+	SYS___YN_B                          = 0x4E9
+	SYS_ABORT                           = 0x05C
+	SYS_ASCTIME_R                       = 0x5E0
+	SYS_ATEXIT                          = 0x05D
+	SYS_CONNECTE                        = 0x5AE
+	SYS_CONNECTEXPORTIMPORT             = 0x5AE
+	SYS_CTIME_R                         = 0x5E1
+	SYS_DN_COMP                         = 0x5DF
+	SYS_DN_EXPAND                       = 0x5DD
+	SYS_DN_SKIPNAME                     = 0x5DE
+	SYS_EXIT                            = 0x05A
+	SYS_EXPORTWO                        = 0x5A1
+	SYS_EXPORTWORKUNIT                  = 0x5A1
+	SYS_EXTRACTW                        = 0x5A5
+	SYS_EXTRACTWORKUNIT                 = 0x5A5
+	SYS_FSEEKO                          = 0x5C9
+	SYS_FTELLO                          = 0x5C8
+	SYS_GETGRGID_R                      = 0x5E7
+	SYS_GETGRNAM_R                      = 0x5E8
+	SYS_GETLOGIN_R                      = 0x5E9
+	SYS_GETPWNAM_R                      = 0x5EA
+	SYS_GETPWUID_R                      = 0x5EB
+	SYS_GMTIME_R                        = 0x5E2
+	SYS_IMPORTWO                        = 0x5A3
+	SYS_IMPORTWORKUNIT                  = 0x5A3
+	SYS_INET_NTOP                       = 0x5D3
+	SYS_INET_PTON                       = 0x5D4
+	SYS_LLABS                           = 0x5CE
+	SYS_LLDIV                           = 0x5CB
+	SYS_LOCALTIME_R                     = 0x5E3
+	SYS_PTHREAD_ATFORK                  = 0x5ED
+	SYS_PTHREAD_ATTR_GETDETACHSTATE_U98 = 0x5FB
+	SYS_PTHREAD_ATTR_GETGUARDSIZE       = 0x5EE
+	SYS_PTHREAD_ATTR_GETSCHEDPARAM      = 0x5F9
+	SYS_PTHREAD_ATTR_GETSTACKADDR       = 0x5EF
+	SYS_PTHREAD_ATTR_SETDETACHSTATE_U98 = 0x5FC
+	SYS_PTHREAD_ATTR_SETGUARDSIZE       = 0x5F0
+	SYS_PTHREAD_ATTR_SETSCHEDPARAM      = 0x5FA
+	SYS_PTHREAD_ATTR_SETSTACKADDR       = 0x5F1
+	SYS_PTHREAD_CONDATTR_GETPSHARED     = 0x5F2
+	SYS_PTHREAD_CONDATTR_SETPSHARED     = 0x5F3
+	SYS_PTHREAD_DETACH_U98              = 0x5FD
+	SYS_PTHREAD_GETCONCURRENCY          = 0x5F4
+	SYS_PTHREAD_GETSPECIFIC_U98         = 0x5FE
+	SYS_PTHREAD_KEY_DELETE              = 0x5F5
+	SYS_PTHREAD_SETCANCELSTATE          = 0x5FF
+	SYS_PTHREAD_SETCONCURRENCY          = 0x5F6
+	SYS_PTHREAD_SIGMASK                 = 0x5F7
+	SYS_QUERYENC                        = 0x5AD
+	SYS_QUERYWORKUNITCLASSIFICATION     = 0x5AD
+	SYS_RAISE                           = 0x05E
+	SYS_RAND_R                          = 0x5E4
+	SYS_READDIR_R                       = 0x5E6
+	SYS_REALLOC                         = 0x05B
+	SYS_RES_INIT                        = 0x5D8
+	SYS_RES_MKQUERY                     = 0x5D7
+	SYS_RES_QUERY                       = 0x5D9
+	SYS_RES_QUERYDOMAIN                 = 0x5DC
+	SYS_RES_SEARCH                      = 0x5DA
+	SYS_RES_SEND                        = 0x5DB
+	SYS_SETJMP                          = 0x05F
+	SYS_SIGQUEUE                        = 0x5A9
+	SYS_STRTOK_R                        = 0x5E5
+	SYS_STRTOLL                         = 0x5B0
+	SYS_STRTOULL                        = 0x5B1
+	SYS_TTYNAME_R                       = 0x5EC
+	SYS_UNDOEXPO                        = 0x5A2
+	SYS_UNDOEXPORTWORKUNIT              = 0x5A2
+	SYS_UNDOIMPO                        = 0x5A4
+	SYS_UNDOIMPORTWORKUNIT              = 0x5A4
+	SYS_WCSTOLL                         = 0x5CC
+	SYS_WCSTOULL                        = 0x5CD
+	SYS___ABORT                         = 0x05C
+	SYS___CONSOLE2                      = 0x5D2
+	SYS___CPL                           = 0x5A6
+	SYS___DISCARDDATA                   = 0x5F8
+	SYS___DSA_PREV                      = 0x5B2
+	SYS___EP_FIND                       = 0x5B3
+	SYS___FP_SWAPMODE                   = 0x5AF
+	SYS___GETUSERID                     = 0x5AB
+	SYS___GET_CPUID                     = 0x5B9
+	SYS___GET_SYSTEM_SETTINGS           = 0x5BA
+	SYS___IPDOMAINNAME                  = 0x5AC
+	SYS___MAP_INIT                      = 0x5A7
+	SYS___MAP_SERVICE                   = 0x5A8
+	SYS___MOUNT                         = 0x5AA
+	SYS___MSGRCV_TIMED                  = 0x5B7
+	SYS___RES                           = 0x5D6
+	SYS___SEMOP_TIMED                   = 0x5B8
+	SYS___SERVER_THREADS_QUERY          = 0x5B4
+	SYS_FPRINTF                         = 0x06D
+	SYS_FSCANF                          = 0x06A
+	SYS_PRINTF                          = 0x06F
+	SYS_SETBUF                          = 0x06B
+	SYS_SETVBUF                         = 0x06C
+	SYS_SSCANF                          = 0x06E
+	SYS___CATGETS_A                     = 0x6C0
+	SYS___CHAUDIT_A                     = 0x6F4
+	SYS___CHMOD_A                       = 0x6E8
+	SYS___COLLATE_INIT_A                = 0x6AC
+	SYS___CREAT_A                       = 0x6F6
+	SYS___CTYPE_INIT_A                  = 0x6AF
+	SYS___DLLLOAD_A                     = 0x6DF
+	SYS___DLLQUERYFN_A                  = 0x6E0
+	SYS___DLLQUERYVAR_A                 = 0x6E1
+	SYS___E2A_L                         = 0x6E3
+	SYS___EXECLE_A                      = 0x6A0
+	SYS___EXECLP_A                      = 0x6A4
+	SYS___EXECVE_A                      = 0x6C1
+	SYS___EXECVP_A                      = 0x6C2
+	SYS___EXECV_A                       = 0x6B1
+	SYS___FPRINTF_A                     = 0x6FA
+	SYS___GETADDRINFO_A                 = 0x6BF
+	SYS___GETNAMEINFO_A                 = 0x6C4
+	SYS___GET_WCTYPE_STD_A              = 0x6AE
+	SYS___ICONV_OPEN_A                  = 0x6DE
+	SYS___IF_INDEXTONAME_A              = 0x6DC
+	SYS___IF_NAMETOINDEX_A              = 0x6DB
+	SYS___ISWCTYPE_A                    = 0x6B0
+	SYS___IS_WCTYPE_STD_A               = 0x6B2
+	SYS___LOCALECONV_A                  = 0x6B8
+	SYS___LOCALECONV_STD_A              = 0x6B9
+	SYS___LOCALE_INIT_A                 = 0x6B7
+	SYS___LSTAT_A                       = 0x6EE
+	SYS___LSTAT_O_A                     = 0x6EF
+	SYS___MKDIR_A                       = 0x6E9
+	SYS___MKFIFO_A                      = 0x6EC
+	SYS___MKNOD_A                       = 0x6F0
+	SYS___MONETARY_INIT_A               = 0x6BC
+	SYS___MOUNT_A                       = 0x6F1
+	SYS___NL_CSINFO_A                   = 0x6D6
+	SYS___NL_LANGINFO_A                 = 0x6BA
+	SYS___NL_LNAGINFO_STD_A             = 0x6BB
+	SYS___NL_MONINFO_A                  = 0x6D7
+	SYS___NL_NUMINFO_A                  = 0x6D8
+	SYS___NL_RESPINFO_A                 = 0x6D9
+	SYS___NL_TIMINFO_A                  = 0x6DA
+	SYS___NUMERIC_INIT_A                = 0x6C6
+	SYS___OPEN_A                        = 0x6F7
+	SYS___PRINTF_A                      = 0x6DD
+	SYS___RESP_INIT_A                   = 0x6C7
+	SYS___RPMATCH_A                     = 0x6C8
+	SYS___RPMATCH_C_A                   = 0x6C9
+	SYS___RPMATCH_STD_A                 = 0x6CA
+	SYS___SETLOCALE_A                   = 0x6F9
+	SYS___SPAWNP_A                      = 0x6C5
+	SYS___SPAWN_A                       = 0x6C3
+	SYS___SPRINTF_A                     = 0x6FB
+	SYS___STAT_A                        = 0x6EA
+	SYS___STAT_O_A                      = 0x6EB
+	SYS___STRCOLL_STD_A                 = 0x6A1
+	SYS___STRFMON_A                     = 0x6BD
+	SYS___STRFMON_STD_A                 = 0x6BE
+	SYS___STRFTIME_A                    = 0x6CC
+	SYS___STRFTIME_STD_A                = 0x6CD
+	SYS___STRPTIME_A                    = 0x6CE
+	SYS___STRPTIME_STD_A                = 0x6CF
+	SYS___STRXFRM_A                     = 0x6A2
+	SYS___STRXFRM_C_A                   = 0x6A3
+	SYS___STRXFRM_STD_A                 = 0x6A5
+	SYS___SYNTAX_INIT_A                 = 0x6D4
+	SYS___TIME_INIT_A                   = 0x6CB
+	SYS___TOD_INIT_A                    = 0x6D5
+	SYS___TOWLOWER_A                    = 0x6B3
+	SYS___TOWLOWER_STD_A                = 0x6B4
+	SYS___TOWUPPER_A                    = 0x6B5
+	SYS___TOWUPPER_STD_A                = 0x6B6
+	SYS___UMOUNT_A                      = 0x6F2
+	SYS___VFPRINTF_A                    = 0x6FC
+	SYS___VPRINTF_A                     = 0x6FD
+	SYS___VSPRINTF_A                    = 0x6FE
+	SYS___VSWPRINTF_A                   = 0x6FF
+	SYS___WCSCOLL_A                     = 0x6A6
+	SYS___WCSCOLL_C_A                   = 0x6A7
+	SYS___WCSCOLL_STD_A                 = 0x6A8
+	SYS___WCSFTIME_A                    = 0x6D0
+	SYS___WCSFTIME_STD_A                = 0x6D1
+	SYS___WCSXFRM_A                     = 0x6A9
+	SYS___WCSXFRM_C_A                   = 0x6AA
+	SYS___WCSXFRM_STD_A                 = 0x6AB
+	SYS___WCTYPE_A                      = 0x6AD
+	SYS___W_GETMNTENT_A                 = 0x6F5
+	SYS_____CCSIDTYPE_A                 = 0x6E6
+	SYS_____CHATTR_A                    = 0x6E2
+	SYS_____CSNAMETYPE_A                = 0x6E7
+	SYS_____OPEN_STAT_A                 = 0x6ED
+	SYS_____SPAWN2_A                    = 0x6D2
+	SYS_____SPAWNP2_A                   = 0x6D3
+	SYS_____TOCCSID_A                   = 0x6E4
+	SYS_____TOCSNAME_A                  = 0x6E5
+	SYS_ACL_FREE                        = 0x7FF
+	SYS_ACL_INIT                        = 0x7FE
+	SYS_FWIDE                           = 0x7DF
+	SYS_FWPRINTF                        = 0x7D1
+	SYS_FWRITE                          = 0x07E
+	SYS_FWSCANF                         = 0x7D5
+	SYS_GETCHAR                         = 0x07B
+	SYS_GETS                            = 0x07C
+	SYS_M_CREATE_LAYOUT                 = 0x7C9
+	SYS_M_DESTROY_LAYOUT                = 0x7CA
+	SYS_M_GETVALUES_LAYOUT              = 0x7CB
+	SYS_M_SETVALUES_LAYOUT              = 0x7CC
+	SYS_M_TRANSFORM_LAYOUT              = 0x7CD
+	SYS_M_WTRANSFORM_LAYOUT             = 0x7CE
+	SYS_PREAD                           = 0x7C7
+	SYS_PUTC                            = 0x07D
+	SYS_PUTCHAR                         = 0x07A
+	SYS_PUTS                            = 0x07F
+	SYS_PWRITE                          = 0x7C8
+	SYS_TOWCTRAN                        = 0x7D8
+	SYS_TOWCTRANS                       = 0x7D8
+	SYS_UNATEXIT                        = 0x7B5
+	SYS_VFWPRINT                        = 0x7D3
+	SYS_VFWPRINTF                       = 0x7D3
+	SYS_VWPRINTF                        = 0x7D4
+	SYS_WCTRANS                         = 0x7D7
+	SYS_WPRINTF                         = 0x7D2
+	SYS_WSCANF                          = 0x7D6
+	SYS___ASCTIME_R_A                   = 0x7A1
+	SYS___BASENAME_A                    = 0x7DC
+	SYS___BTOWC_A                       = 0x7E4
+	SYS___CDUMP_A                       = 0x7B7
+	SYS___CEE3DMP_A                     = 0x7B6
+	SYS___CEILF_H                       = 0x7F4
+	SYS___CEILL_H                       = 0x7F5
+	SYS___CEIL_H                        = 0x7EA
+	SYS___CRYPT_A                       = 0x7BE
+	SYS___CSNAP_A                       = 0x7B8
+	SYS___CTEST_A                       = 0x7B9
+	SYS___CTIME_R_A                     = 0x7A2
+	SYS___CTRACE_A                      = 0x7BA
+	SYS___DBM_OPEN_A                    = 0x7E6
+	SYS___DIRNAME_A                     = 0x7DD
+	SYS___FABSF_H                       = 0x7FA
+	SYS___FABSL_H                       = 0x7FB
+	SYS___FABS_H                        = 0x7ED
+	SYS___FGETWC_A                      = 0x7AA
+	SYS___FGETWS_A                      = 0x7AD
+	SYS___FLOORF_H                      = 0x7F6
+	SYS___FLOORL_H                      = 0x7F7
+	SYS___FLOOR_H                       = 0x7EB
+	SYS___FPUTWC_A                      = 0x7A5
+	SYS___FPUTWS_A                      = 0x7A8
+	SYS___GETTIMEOFDAY_A                = 0x7AE
+	SYS___GETWCHAR_A                    = 0x7AC
+	SYS___GETWC_A                       = 0x7AB
+	SYS___GLOB_A                        = 0x7DE
+	SYS___GMTIME_A                      = 0x7AF
+	SYS___GMTIME_R_A                    = 0x7B0
+	SYS___INET_PTON_A                   = 0x7BC
+	SYS___J0_H                          = 0x7EE
+	SYS___J1_H                          = 0x7EF
+	SYS___JN_H                          = 0x7F0
+	SYS___LOCALTIME_A                   = 0x7B1
+	SYS___LOCALTIME_R_A                 = 0x7B2
+	SYS___MALLOC24                      = 0x7FC
+	SYS___MALLOC31                      = 0x7FD
+	SYS___MKTIME_A                      = 0x7B3
+	SYS___MODFF_H                       = 0x7F8
+	SYS___MODFL_H                       = 0x7F9
+	SYS___MODF_H                        = 0x7EC
+	SYS___OPENDIR_A                     = 0x7C2
+	SYS___OSNAME                        = 0x7E0
+	SYS___PUTWCHAR_A                    = 0x7A7
+	SYS___PUTWC_A                       = 0x7A6
+	SYS___READDIR_A                     = 0x7C3
+	SYS___STRTOLL_A                     = 0x7A3
+	SYS___STRTOULL_A                    = 0x7A4
+	SYS___SYSLOG_A                      = 0x7BD
+	SYS___TZZNA                         = 0x7B4
+	SYS___UNGETWC_A                     = 0x7A9
+	SYS___UTIME_A                       = 0x7A0
+	SYS___VFPRINTF2_A                   = 0x7E7
+	SYS___VPRINTF2_A                    = 0x7E8
+	SYS___VSPRINTF2_A                   = 0x7E9
+	SYS___VSWPRNTF2_A                   = 0x7BB
+	SYS___WCSTOD_A                      = 0x7D9
+	SYS___WCSTOL_A                      = 0x7DA
+	SYS___WCSTOUL_A                     = 0x7DB
+	SYS___WCTOB_A                       = 0x7E5
+	SYS___Y0_H                          = 0x7F1
+	SYS___Y1_H                          = 0x7F2
+	SYS___YN_H                          = 0x7F3
+	SYS_____OPENDIR2_A                  = 0x7BF
+	SYS_____OSNAME_A                    = 0x7E1
+	SYS_____READDIR2_A                  = 0x7C0
+	SYS_DLCLOSE                         = 0x8DF
+	SYS_DLERROR                         = 0x8E0
+	SYS_DLOPEN                          = 0x8DD
+	SYS_DLSYM                           = 0x8DE
+	SYS_FLOCKFILE                       = 0x8D3
+	SYS_FTRYLOCKFILE                    = 0x8D4
+	SYS_FUNLOCKFILE                     = 0x8D5
+	SYS_GETCHAR_UNLOCKED                = 0x8D7
+	SYS_GETC_UNLOCKED                   = 0x8D6
+	SYS_PUTCHAR_UNLOCKED                = 0x8D9
+	SYS_PUTC_UNLOCKED                   = 0x8D8
+	SYS_SNPRINTF                        = 0x8DA
+	SYS_VSNPRINTF                       = 0x8DB
+	SYS_WCSCSPN                         = 0x08B
+	SYS_WCSLEN                          = 0x08C
+	SYS_WCSNCAT                         = 0x08D
+	SYS_WCSNCMP                         = 0x08A
+	SYS_WCSNCPY                         = 0x08F
+	SYS_WCSSPN                          = 0x08E
+	SYS___ABSF_H                        = 0x8E7
+	SYS___ABSL_H                        = 0x8E8
+	SYS___ABS_H                         = 0x8E6
+	SYS___ACOSF_H                       = 0x8EA
+	SYS___ACOSH_H                       = 0x8EC
+	SYS___ACOSL_H                       = 0x8EB
+	SYS___ACOS_H                        = 0x8E9
+	SYS___ASINF_H                       = 0x8EE
+	SYS___ASINH_H                       = 0x8F0
+	SYS___ASINL_H                       = 0x8EF
+	SYS___ASIN_H                        = 0x8ED
+	SYS___ATAN2F_H                      = 0x8F8
+	SYS___ATAN2L_H                      = 0x8F9
+	SYS___ATAN2_H                       = 0x8F7
+	SYS___ATANF_H                       = 0x8F2
+	SYS___ATANHF_H                      = 0x8F5
+	SYS___ATANHL_H                      = 0x8F6
+	SYS___ATANH_H                       = 0x8F4
+	SYS___ATANL_H                       = 0x8F3
+	SYS___ATAN_H                        = 0x8F1
+	SYS___CBRT_H                        = 0x8FA
+	SYS___COPYSIGNF_H                   = 0x8FB
+	SYS___COPYSIGNL_H                   = 0x8FC
+	SYS___COSF_H                        = 0x8FE
+	SYS___COSL_H                        = 0x8FF
+	SYS___COS_H                         = 0x8FD
+	SYS___DLERROR_A                     = 0x8D2
+	SYS___DLOPEN_A                      = 0x8D0
+	SYS___DLSYM_A                       = 0x8D1
+	SYS___GETUTXENT_A                   = 0x8C6
+	SYS___GETUTXID_A                    = 0x8C7
+	SYS___GETUTXLINE_A                  = 0x8C8
+	SYS___ITOA                          = 0x8AA
+	SYS___ITOA_A                        = 0x8B0
+	SYS___LE_CONDITION_TOKEN_BUILD      = 0x8A5
+	SYS___LE_MSG_ADD_INSERT             = 0x8A6
+	SYS___LE_MSG_GET                    = 0x8A7
+	SYS___LE_MSG_GET_AND_WRITE          = 0x8A8
+	SYS___LE_MSG_WRITE                  = 0x8A9
+	SYS___LLTOA                         = 0x8AE
+	SYS___LLTOA_A                       = 0x8B4
+	SYS___LTOA                          = 0x8AC
+	SYS___LTOA_A                        = 0x8B2
+	SYS___PUTCHAR_UNLOCKED_A            = 0x8CC
+	SYS___PUTC_UNLOCKED_A               = 0x8CB
+	SYS___PUTUTXLINE_A                  = 0x8C9
+	SYS___RESET_EXCEPTION_HANDLER       = 0x8E3
+	SYS___REXEC_A                       = 0x8C4
+	SYS___REXEC_AF_A                    = 0x8C5
+	SYS___SET_EXCEPTION_HANDLER         = 0x8E2
+	SYS___SNPRINTF_A                    = 0x8CD
+	SYS___SUPERKILL                     = 0x8A4
+	SYS___TCGETATTR_A                   = 0x8A1
+	SYS___TCSETATTR_A                   = 0x8A2
+	SYS___ULLTOA                        = 0x8AF
+	SYS___ULLTOA_A                      = 0x8B5
+	SYS___ULTOA                         = 0x8AD
+	SYS___ULTOA_A                       = 0x8B3
+	SYS___UTOA                          = 0x8AB
+	SYS___UTOA_A                        = 0x8B1
+	SYS___VHM_EVENT                     = 0x8E4
+	SYS___VSNPRINTF_A                   = 0x8CE
+	SYS_____GETENV_A                    = 0x8C3
+	SYS_____UTMPXNAME_A                 = 0x8CA
+	SYS_CACOSH                          = 0x9A0
+	SYS_CACOSHF                         = 0x9A3
+	SYS_CACOSHL                         = 0x9A6
+	SYS_CARG                            = 0x9A9
+	SYS_CARGF                           = 0x9AC
+	SYS_CARGL                           = 0x9AF
+	SYS_CASIN                           = 0x9B2
+	SYS_CASINF                          = 0x9B5
+	SYS_CASINH                          = 0x9BB
+	SYS_CASINHF                         = 0x9BE
+	SYS_CASINHL                         = 0x9C1
+	SYS_CASINL                          = 0x9B8
+	SYS_CATAN                           = 0x9C4
+	SYS_CATANF                          = 0x9C7
+	SYS_CATANH                          = 0x9CD
+	SYS_CATANHF                         = 0x9D0
+	SYS_CATANHL                         = 0x9D3
+	SYS_CATANL                          = 0x9CA
+	SYS_CCOS                            = 0x9D6
+	SYS_CCOSF                           = 0x9D9
+	SYS_CCOSH                           = 0x9DF
+	SYS_CCOSHF                          = 0x9E2
+	SYS_CCOSHL                          = 0x9E5
+	SYS_CCOSL                           = 0x9DC
+	SYS_CEXP                            = 0x9E8
+	SYS_CEXPF                           = 0x9EB
+	SYS_CEXPL                           = 0x9EE
+	SYS_CIMAG                           = 0x9F1
+	SYS_CIMAGF                          = 0x9F4
+	SYS_CIMAGL                          = 0x9F7
+	SYS_CLOGF                           = 0x9FD
+	SYS_MEMCHR                          = 0x09B
+	SYS_MEMCMP                          = 0x09A
+	SYS_STRCOLL                         = 0x09C
+	SYS_STRNCMP                         = 0x09D
+	SYS_STRRCHR                         = 0x09F
+	SYS_STRXFRM                         = 0x09E
+	SYS___CACOSHF_B                     = 0x9A4
+	SYS___CACOSHF_H                     = 0x9A5
+	SYS___CACOSHL_B                     = 0x9A7
+	SYS___CACOSHL_H                     = 0x9A8
+	SYS___CACOSH_B                      = 0x9A1
+	SYS___CACOSH_H                      = 0x9A2
+	SYS___CARGF_B                       = 0x9AD
+	SYS___CARGF_H                       = 0x9AE
+	SYS___CARGL_B                       = 0x9B0
+	SYS___CARGL_H                       = 0x9B1
+	SYS___CARG_B                        = 0x9AA
+	SYS___CARG_H                        = 0x9AB
+	SYS___CASINF_B                      = 0x9B6
+	SYS___CASINF_H                      = 0x9B7
+	SYS___CASINHF_B                     = 0x9BF
+	SYS___CASINHF_H                     = 0x9C0
+	SYS___CASINHL_B                     = 0x9C2
+	SYS___CASINHL_H                     = 0x9C3
+	SYS___CASINH_B                      = 0x9BC
+	SYS___CASINH_H                      = 0x9BD
+	SYS___CASINL_B                      = 0x9B9
+	SYS___CASINL_H                      = 0x9BA
+	SYS___CASIN_B                       = 0x9B3
+	SYS___CASIN_H                       = 0x9B4
+	SYS___CATANF_B                      = 0x9C8
+	SYS___CATANF_H                      = 0x9C9
+	SYS___CATANHF_B                     = 0x9D1
+	SYS___CATANHF_H                     = 0x9D2
+	SYS___CATANHL_B                     = 0x9D4
+	SYS___CATANHL_H                     = 0x9D5
+	SYS___CATANH_B                      = 0x9CE
+	SYS___CATANH_H                      = 0x9CF
+	SYS___CATANL_B                      = 0x9CB
+	SYS___CATANL_H                      = 0x9CC
+	SYS___CATAN_B                       = 0x9C5
+	SYS___CATAN_H                       = 0x9C6
+	SYS___CCOSF_B                       = 0x9DA
+	SYS___CCOSF_H                       = 0x9DB
+	SYS___CCOSHF_B                      = 0x9E3
+	SYS___CCOSHF_H                      = 0x9E4
+	SYS___CCOSHL_B                      = 0x9E6
+	SYS___CCOSHL_H                      = 0x9E7
+	SYS___CCOSH_B                       = 0x9E0
+	SYS___CCOSH_H                       = 0x9E1
+	SYS___CCOSL_B                       = 0x9DD
+	SYS___CCOSL_H                       = 0x9DE
+	SYS___CCOS_B                        = 0x9D7
+	SYS___CCOS_H                        = 0x9D8
+	SYS___CEXPF_B                       = 0x9EC
+	SYS___CEXPF_H                       = 0x9ED
+	SYS___CEXPL_B                       = 0x9EF
+	SYS___CEXPL_H                       = 0x9F0
+	SYS___CEXP_B                        = 0x9E9
+	SYS___CEXP_H                        = 0x9EA
+	SYS___CIMAGF_B                      = 0x9F5
+	SYS___CIMAGF_H                      = 0x9F6
+	SYS___CIMAGL_B                      = 0x9F8
+	SYS___CIMAGL_H                      = 0x9F9
+	SYS___CIMAG_B                       = 0x9F2
+	SYS___CIMAG_H                       = 0x9F3
+	SYS___CLOG                          = 0x9FA
+	SYS___CLOGF_B                       = 0x9FE
+	SYS___CLOGF_H                       = 0x9FF
+	SYS___CLOG_B                        = 0x9FB
+	SYS___CLOG_H                        = 0x9FC
+	SYS_ISWCTYPE                        = 0x10C
+	SYS_ISWXDIGI                        = 0x10A
+	SYS_ISWXDIGIT                       = 0x10A
+	SYS_MBSINIT                         = 0x10F
+	SYS_TOWLOWER                        = 0x10D
+	SYS_TOWUPPER                        = 0x10E
+	SYS_WCTYPE                          = 0x10B
+	SYS_WCSSTR                          = 0x11B
+	SYS___RPMTCH                        = 0x11A
+	SYS_WCSTOD                          = 0x12E
+	SYS_WCSTOK                          = 0x12C
+	SYS_WCSTOL                          = 0x12D
+	SYS_WCSTOUL                         = 0x12F
+	SYS_FGETWC                          = 0x13C
+	SYS_FGETWS                          = 0x13D
+	SYS_FPUTWC                          = 0x13E
+	SYS_FPUTWS                          = 0x13F
+	SYS_REGERROR                        = 0x13B
+	SYS_REGFREE                         = 0x13A
+	SYS_COLLEQUIV                       = 0x14F
+	SYS_COLLTOSTR                       = 0x14E
+	SYS_ISMCCOLLEL                      = 0x14C
+	SYS_STRTOCOLL                       = 0x14D
+	SYS_DLLFREE                         = 0x16F
+	SYS_DLLQUERYFN                      = 0x16D
+	SYS_DLLQUERYVAR                     = 0x16E
+	SYS_GETMCCOLL                       = 0x16A
+	SYS_GETWMCCOLL                      = 0x16B
+	SYS___ERR2AD                        = 0x16C
+	SYS_CFSETOSPEED                     = 0x17A
+	SYS_CHDIR                           = 0x17B
+	SYS_CHMOD                           = 0x17C
+	SYS_CHOWN                           = 0x17D
+	SYS_CLOSE                           = 0x17E
+	SYS_CLOSEDIR                        = 0x17F
+	SYS_LOG                             = 0x017
+	SYS_COSH                            = 0x018
+	SYS_FCHMOD                          = 0x18A
+	SYS_FCHOWN                          = 0x18B
+	SYS_FCNTL                           = 0x18C
+	SYS_FILENO                          = 0x18D
+	SYS_FORK                            = 0x18E
+	SYS_FPATHCONF                       = 0x18F
+	SYS_GETLOGIN                        = 0x19A
+	SYS_GETPGRP                         = 0x19C
+	SYS_GETPID                          = 0x19D
+	SYS_GETPPID                         = 0x19E
+	SYS_GETPWNAM                        = 0x19F
+	SYS_TANH                            = 0x019
+	SYS_W_GETMNTENT                     = 0x19B
+	SYS_POW                             = 0x020
+	SYS_PTHREAD_SELF                    = 0x20A
+	SYS_PTHREAD_SETINTR                 = 0x20B
+	SYS_PTHREAD_SETINTRTYPE             = 0x20C
+	SYS_PTHREAD_SETSPECIFIC             = 0x20D
+	SYS_PTHREAD_TESTINTR                = 0x20E
+	SYS_PTHREAD_YIELD                   = 0x20F
+	SYS_SQRT                            = 0x021
+	SYS_FLOOR                           = 0x022
+	SYS_J1                              = 0x023
+	SYS_WCSPBRK                         = 0x23F
+	SYS_BSEARCH                         = 0x24C
+	SYS_FABS                            = 0x024
+	SYS_GETENV                          = 0x24A
+	SYS_LDIV                            = 0x24D
+	SYS_SYSTEM                          = 0x24B
+	SYS_FMOD                            = 0x025
+	SYS___RETHROW                       = 0x25F
+	SYS___THROW                         = 0x25E
+	SYS_J0                              = 0x026
+	SYS_PUTENV                          = 0x26A
+	SYS___GETENV                        = 0x26F
+	SYS_SEMCTL                          = 0x27A
+	SYS_SEMGET                          = 0x27B
+	SYS_SEMOP                           = 0x27C
+	SYS_SHMAT                           = 0x27D
+	SYS_SHMCTL                          = 0x27E
+	SYS_SHMDT                           = 0x27F
+	SYS_YN                              = 0x027
+	SYS_JN                              = 0x028
+	SYS_SIGALTSTACK                     = 0x28A
+	SYS_SIGHOLD                         = 0x28B
+	SYS_SIGIGNORE                       = 0x28C
+	SYS_SIGINTERRUPT                    = 0x28D
+	SYS_SIGPAUSE                        = 0x28E
+	SYS_SIGRELSE                        = 0x28F
+	SYS_GETOPT                          = 0x29A
+	SYS_GETSUBOPT                       = 0x29D
+	SYS_LCHOWN                          = 0x29B
+	SYS_SETPGRP                         = 0x29E
+	SYS_TRUNCATE                        = 0x29C
+	SYS_Y0                              = 0x029
+	SYS___GDERR                         = 0x29F
+	SYS_ISALPHA                         = 0x030
+	SYS_VFORK                           = 0x30F
+	SYS__LONGJMP                        = 0x30D
+	SYS__SETJMP                         = 0x30E
+	SYS_GLOB                            = 0x31A
+	SYS_GLOBFREE                        = 0x31B
+	SYS_ISALNUM                         = 0x031
+	SYS_PUTW                            = 0x31C
+	SYS_SEEKDIR                         = 0x31D
+	SYS_TELLDIR                         = 0x31E
+	SYS_TEMPNAM                         = 0x31F
+	SYS_GETTIMEOFDAY_R                  = 0x32E
+	SYS_ISLOWER                         = 0x032
+	SYS_LGAMMA                          = 0x32C
+	SYS_REMAINDER                       = 0x32A
+	SYS_SCALB                           = 0x32B
+	SYS_SYNC                            = 0x32F
+	SYS_TTYSLOT                         = 0x32D
+	SYS_ENDPROTOENT                     = 0x33A
+	SYS_ENDSERVENT                      = 0x33B
+	SYS_GETHOSTBYADDR                   = 0x33D
+	SYS_GETHOSTBYADDR_R                 = 0x33C
+	SYS_GETHOSTBYNAME                   = 0x33F
+	SYS_GETHOSTBYNAME_R                 = 0x33E
+	SYS_ISCNTRL                         = 0x033
+	SYS_GETSERVBYNAME                   = 0x34A
+	SYS_GETSERVBYPORT                   = 0x34B
+	SYS_GETSERVENT                      = 0x34C
+	SYS_GETSOCKNAME                     = 0x34D
+	SYS_GETSOCKOPT                      = 0x34E
+	SYS_INET_ADDR                       = 0x34F
+	SYS_ISDIGIT                         = 0x034
+	SYS_ISGRAPH                         = 0x035
+	SYS_SELECT                          = 0x35B
+	SYS_SELECTEX                        = 0x35C
+	SYS_SEND                            = 0x35D
+	SYS_SENDTO                          = 0x35F
+	SYS_CHROOT                          = 0x36A
+	SYS_ISNAN                           = 0x36D
+	SYS_ISUPPER                         = 0x036
+	SYS_ULIMIT                          = 0x36C
+	SYS_UTIMES                          = 0x36E
+	SYS_W_STATVFS                       = 0x36B
+	SYS___H_ERRNO                       = 0x36F
+	SYS_GRANTPT                         = 0x37A
+	SYS_ISPRINT                         = 0x037
+	SYS_TCGETSID                        = 0x37C
+	SYS_UNLOCKPT                        = 0x37B
+	SYS___TCGETCP                       = 0x37D
+	SYS___TCSETCP                       = 0x37E
+	SYS___TCSETTABLES                   = 0x37F
+	SYS_ISPUNCT                         = 0x038
+	SYS_NLIST                           = 0x38C
+	SYS___IPDBCS                        = 0x38D
+	SYS___IPDSPX                        = 0x38E
+	SYS___IPMSGC                        = 0x38F
+	SYS___STHOSTENT                     = 0x38B
+	SYS___STSERVENT                     = 0x38A
+	SYS_ISSPACE                         = 0x039
+	SYS_COS                             = 0x040
+	SYS_T_ALLOC                         = 0x40A
+	SYS_T_BIND                          = 0x40B
+	SYS_T_CLOSE                         = 0x40C
+	SYS_T_CONNECT                       = 0x40D
+	SYS_T_ERROR                         = 0x40E
+	SYS_T_FREE                          = 0x40F
+	SYS_TAN                             = 0x041
+	SYS_T_RCVREL                        = 0x41A
+	SYS_T_RCVUDATA                      = 0x41B
+	SYS_T_RCVUDERR                      = 0x41C
+	SYS_T_SND                           = 0x41D
+	SYS_T_SNDDIS                        = 0x41E
+	SYS_T_SNDREL                        = 0x41F
+	SYS_GETPMSG                         = 0x42A
+	SYS_ISASTREAM                       = 0x42B
+	SYS_PUTMSG                          = 0x42C
+	SYS_PUTPMSG                         = 0x42D
+	SYS_SINH                            = 0x042
+	SYS___ISPOSIXON                     = 0x42E
+	SYS___OPENMVSREL                    = 0x42F
+	SYS_ACOS                            = 0x043
+	SYS_ATAN                            = 0x044
+	SYS_ATAN2                           = 0x045
+	SYS_FTELL                           = 0x046
+	SYS_FGETPOS                         = 0x047
+	SYS_SOCK_DEBUG                      = 0x47A
+	SYS_SOCK_DO_TESTSTOR                = 0x47D
+	SYS_TAKESOCKET                      = 0x47E
+	SYS___SERVER_INIT                   = 0x47F
+	SYS_FSEEK                           = 0x048
+	SYS___IPHOST                        = 0x48B
+	SYS___IPNODE                        = 0x48C
+	SYS___SERVER_CLASSIFY_CREATE        = 0x48D
+	SYS___SERVER_CLASSIFY_DESTROY       = 0x48E
+	SYS___SERVER_CLASSIFY_RESET         = 0x48F
+	SYS___SMF_RECORD                    = 0x48A
+	SYS_FSETPOS                         = 0x049
+	SYS___FNWSA                         = 0x49B
+	SYS___SPAWN2                        = 0x49D
+	SYS___SPAWNP2                       = 0x49E
+	SYS_ATOF                            = 0x050
+	SYS_PTHREAD_MUTEXATTR_GETPSHARED    = 0x50A
+	SYS_PTHREAD_MUTEXATTR_SETPSHARED    = 0x50B
+	SYS_PTHREAD_RWLOCK_DESTROY          = 0x50C
+	SYS_PTHREAD_RWLOCK_INIT             = 0x50D
+	SYS_PTHREAD_RWLOCK_RDLOCK           = 0x50E
+	SYS_PTHREAD_RWLOCK_TRYRDLOCK        = 0x50F
+	SYS_ATOI                            = 0x051
+	SYS___FP_CLASS                      = 0x51D
+	SYS___FP_CLR_FLAG                   = 0x51A
+	SYS___FP_FINITE                     = 0x51E
+	SYS___FP_ISNAN                      = 0x51F
+	SYS___FP_RAISE_XCP                  = 0x51C
+	SYS___FP_READ_FLAG                  = 0x51B
+	SYS_RAND                            = 0x052
+	SYS_SIGTIMEDWAIT                    = 0x52D
+	SYS_SIGWAITINFO                     = 0x52E
+	SYS___CHKBFP                        = 0x52F
+	SYS___FPC_RS                        = 0x52C
+	SYS___FPC_RW                        = 0x52A
+	SYS___FPC_SM                        = 0x52B
+	SYS_STRTOD                          = 0x053
+	SYS_STRTOL                          = 0x054
+	SYS_STRTOUL                         = 0x055
+	SYS_MALLOC                          = 0x056
+	SYS_SRAND                           = 0x057
+	SYS_CALLOC                          = 0x058
+	SYS_FREE                            = 0x059
+	SYS___OSENV                         = 0x59F
+	SYS___W_PIOCTL                      = 0x59E
+	SYS_LONGJMP                         = 0x060
+	SYS___FLOORF_B                      = 0x60A
+	SYS___FLOORL_B                      = 0x60B
+	SYS___FREXPF_B                      = 0x60C
+	SYS___FREXPL_B                      = 0x60D
+	SYS___LDEXPF_B                      = 0x60E
+	SYS___LDEXPL_B                      = 0x60F
+	SYS_SIGNAL                          = 0x061
+	SYS___ATAN2F_B                      = 0x61A
+	SYS___ATAN2L_B                      = 0x61B
+	SYS___COSHF_B                       = 0x61C
+	SYS___COSHL_B                       = 0x61D
+	SYS___EXPF_B                        = 0x61E
+	SYS___EXPL_B                        = 0x61F
+	SYS_TMPNAM                          = 0x062
+	SYS___ABSF_B                        = 0x62A
+	SYS___ABSL_B                        = 0x62C
+	SYS___ABS_B                         = 0x62B
+	SYS___FMODF_B                       = 0x62D
+	SYS___FMODL_B                       = 0x62E
+	SYS___MODFF_B                       = 0x62F
+	SYS_ATANL                           = 0x63A
+	SYS_CEILF                           = 0x63B
+	SYS_CEILL                           = 0x63C
+	SYS_COSF                            = 0x63D
+	SYS_COSHF                           = 0x63F
+	SYS_COSL                            = 0x63E
+	SYS_REMOVE                          = 0x063
+	SYS_POWL                            = 0x64A
+	SYS_RENAME                          = 0x064
+	SYS_SINF                            = 0x64B
+	SYS_SINHF                           = 0x64F
+	SYS_SINL                            = 0x64C
+	SYS_SQRTF                           = 0x64D
+	SYS_SQRTL                           = 0x64E
+	SYS_BTOWC                           = 0x65F
+	SYS_FREXPL                          = 0x65A
+	SYS_LDEXPF                          = 0x65B
+	SYS_LDEXPL                          = 0x65C
+	SYS_MODFF                           = 0x65D
+	SYS_MODFL                           = 0x65E
+	SYS_TMPFILE                         = 0x065
+	SYS_FREOPEN                         = 0x066
+	SYS___CHARMAP_INIT_A                = 0x66E
+	SYS___GETHOSTBYADDR_R_A             = 0x66C
+	SYS___GETHOSTBYNAME_A               = 0x66A
+	SYS___GETHOSTBYNAME_R_A             = 0x66D
+	SYS___MBLEN_A                       = 0x66F
+	SYS___RES_INIT_A                    = 0x66B
+	SYS_FCLOSE                          = 0x067
+	SYS___GETGRGID_R_A                  = 0x67D
+	SYS___WCSTOMBS_A                    = 0x67A
+	SYS___WCSTOMBS_STD_A                = 0x67B
+	SYS___WCSWIDTH_A                    = 0x67C
+	SYS___WCSWIDTH_ASIA                 = 0x67F
+	SYS___WCSWIDTH_STD_A                = 0x67E
+	SYS_FFLUSH                          = 0x068
+	SYS___GETLOGIN_R_A                  = 0x68E
+	SYS___GETPWNAM_R_A                  = 0x68C
+	SYS___GETPWUID_R_A                  = 0x68D
+	SYS___TTYNAME_R_A                   = 0x68F
+	SYS___WCWIDTH_ASIA                  = 0x68B
+	SYS___WCWIDTH_STD_A                 = 0x68A
+	SYS_FOPEN                           = 0x069
+	SYS___REGEXEC_A                     = 0x69A
+	SYS___REGEXEC_STD_A                 = 0x69B
+	SYS___REGFREE_A                     = 0x69C
+	SYS___REGFREE_STD_A                 = 0x69D
+	SYS___STRCOLL_A                     = 0x69E
+	SYS___STRCOLL_C_A                   = 0x69F
+	SYS_SCANF                           = 0x070
+	SYS___A64L_A                        = 0x70C
+	SYS___ECVT_A                        = 0x70D
+	SYS___FCVT_A                        = 0x70E
+	SYS___GCVT_A                        = 0x70F
+	SYS___STRTOUL_A                     = 0x70A
+	SYS_____AE_CORRESTBL_QUERY_A        = 0x70B
+	SYS_SPRINTF                         = 0x071
+	SYS___ACCESS_A                      = 0x71F
+	SYS___CATOPEN_A                     = 0x71E
+	SYS___GETOPT_A                      = 0x71D
+	SYS___REALPATH_A                    = 0x71A
+	SYS___SETENV_A                      = 0x71B
+	SYS___SYSTEM_A                      = 0x71C
+	SYS_FGETC                           = 0x072
+	SYS___GAI_STRERROR_A                = 0x72F
+	SYS___RMDIR_A                       = 0x72A
+	SYS___STATVFS_A                     = 0x72B
+	SYS___SYMLINK_A                     = 0x72C
+	SYS___TRUNCATE_A                    = 0x72D
+	SYS___UNLINK_A                      = 0x72E
+	SYS_VFPRINTF                        = 0x073
+	SYS___ISSPACE_A                     = 0x73A
+	SYS___ISUPPER_A                     = 0x73B
+	SYS___ISWALNUM_A                    = 0x73F
+	SYS___ISXDIGIT_A                    = 0x73C
+	SYS___TOLOWER_A                     = 0x73D
+	SYS___TOUPPER_A                     = 0x73E
+	SYS_VPRINTF                         = 0x074
+	SYS___CONFSTR_A                     = 0x74B
+	SYS___FDOPEN_A                      = 0x74E
+	SYS___FLDATA_A                      = 0x74F
+	SYS___FTOK_A                        = 0x74C
+	SYS___ISWXDIGIT_A                   = 0x74A
+	SYS___MKTEMP_A                      = 0x74D
+	SYS_VSPRINTF                        = 0x075
+	SYS___GETGRGID_A                    = 0x75A
+	SYS___GETGRNAM_A                    = 0x75B
+	SYS___GETGROUPSBYNAME_A             = 0x75C
+	SYS___GETHOSTENT_A                  = 0x75D
+	SYS___GETHOSTNAME_A                 = 0x75E
+	SYS___GETLOGIN_A                    = 0x75F
+	SYS_GETC                            = 0x076
+	SYS___CREATEWORKUNIT_A              = 0x76A
+	SYS___CTERMID_A                     = 0x76B
+	SYS___FMTMSG_A                      = 0x76C
+	SYS___INITGROUPS_A                  = 0x76D
+	SYS___MSGRCV_A                      = 0x76F
+	SYS_____LOGIN_A                     = 0x76E
+	SYS_FGETS                           = 0x077
+	SYS___STRCASECMP_A                  = 0x77B
+	SYS___STRNCASECMP_A                 = 0x77C
+	SYS___TTYNAME_A                     = 0x77D
+	SYS___UNAME_A                       = 0x77E
+	SYS___UTIMES_A                      = 0x77F
+	SYS_____SERVER_PWU_A                = 0x77A
+	SYS_FPUTC                           = 0x078
+	SYS___CREAT_O_A                     = 0x78E
+	SYS___ENVNA                         = 0x78F
+	SYS___FREAD_A                       = 0x78A
+	SYS___FWRITE_A                      = 0x78B
+	SYS___ISASCII                       = 0x78D
+	SYS___OPEN_O_A                      = 0x78C
+	SYS_FPUTS                           = 0x079
+	SYS___ASCTIME_A                     = 0x79C
+	SYS___CTIME_A                       = 0x79D
+	SYS___GETDATE_A                     = 0x79E
+	SYS___GETSERVBYPORT_A               = 0x79A
+	SYS___GETSERVENT_A                  = 0x79B
+	SYS___TZSET_A                       = 0x79F
+	SYS_ACL_FROM_TEXT                   = 0x80C
+	SYS_ACL_SET_FD                      = 0x80A
+	SYS_ACL_SET_FILE                    = 0x80B
+	SYS_ACL_SORT                        = 0x80E
+	SYS_ACL_TO_TEXT                     = 0x80D
+	SYS_UNGETC                          = 0x080
+	SYS___SHUTDOWN_REGISTRATION         = 0x80F
+	SYS_FREAD                           = 0x081
+	SYS_FREEADDRINFO                    = 0x81A
+	SYS_GAI_STRERROR                    = 0x81B
+	SYS_REXEC_AF                        = 0x81C
+	SYS___DYNALLOC_A                    = 0x81F
+	SYS___POE                           = 0x81D
+	SYS_WCSTOMBS                        = 0x082
+	SYS___INET_ADDR_A                   = 0x82F
+	SYS___NLIST_A                       = 0x82A
+	SYS_____TCGETCP_A                   = 0x82B
+	SYS_____TCSETCP_A                   = 0x82C
+	SYS_____W_PIOCTL_A                  = 0x82E
+	SYS_MBTOWC                          = 0x083
+	SYS___CABEND                        = 0x83D
+	SYS___LE_CIB_GET                    = 0x83E
+	SYS___RECVMSG_A                     = 0x83B
+	SYS___SENDMSG_A                     = 0x83A
+	SYS___SET_LAA_FOR_JIT               = 0x83F
+	SYS_____LCHATTR_A                   = 0x83C
+	SYS_WCTOMB                          = 0x084
+	SYS___CBRTL_B                       = 0x84A
+	SYS___COPYSIGNF_B                   = 0x84B
+	SYS___COPYSIGNL_B                   = 0x84C
+	SYS___COTANF_B                      = 0x84D
+	SYS___COTANL_B                      = 0x84F
+	SYS___COTAN_B                       = 0x84E
+	SYS_MBSTOWCS                        = 0x085
+	SYS___LOG1PL_B                      = 0x85A
+	SYS___LOG2F_B                       = 0x85B
+	SYS___LOG2L_B                       = 0x85D
+	SYS___LOG2_B                        = 0x85C
+	SYS___REMAINDERF_B                  = 0x85E
+	SYS___REMAINDERL_B                  = 0x85F
+	SYS_ACOSHF                          = 0x86E
+	SYS_ACOSHL                          = 0x86F
+	SYS_WCSCPY                          = 0x086
+	SYS___ERFCF_B                       = 0x86D
+	SYS___ERFF_B                        = 0x86C
+	SYS___LROUNDF_B                     = 0x86A
+	SYS___LROUND_B                      = 0x86B
+	SYS_COTANL                          = 0x87A
+	SYS_EXP2F                           = 0x87B
+	SYS_EXP2L                           = 0x87C
+	SYS_EXPM1F                          = 0x87D
+	SYS_EXPM1L                          = 0x87E
+	SYS_FDIMF                           = 0x87F
+	SYS_WCSCAT                          = 0x087
+	SYS___COTANL                        = 0x87A
+	SYS_REMAINDERF                      = 0x88A
+	SYS_REMAINDERL                      = 0x88B
+	SYS_REMAINDF                        = 0x88A
+	SYS_REMAINDL                        = 0x88B
+	SYS_REMQUO                          = 0x88D
+	SYS_REMQUOF                         = 0x88C
+	SYS_REMQUOL                         = 0x88E
+	SYS_TGAMMAF                         = 0x88F
+	SYS_WCSCHR                          = 0x088
+	SYS_ERFCF                           = 0x89B
+	SYS_ERFCL                           = 0x89C
+	SYS_ERFL                            = 0x89A
+	SYS_EXP2                            = 0x89E
+	SYS_WCSCMP                          = 0x089
+	SYS___EXP2_B                        = 0x89D
+	SYS___FAR_JUMP                      = 0x89F
+	SYS_ABS                             = 0x090
+	SYS___ERFCL_H                       = 0x90A
+	SYS___EXPF_H                        = 0x90C
+	SYS___EXPL_H                        = 0x90D
+	SYS___EXPM1_H                       = 0x90E
+	SYS___EXP_H                         = 0x90B
+	SYS___FDIM_H                        = 0x90F
+	SYS_DIV                             = 0x091
+	SYS___LOG2F_H                       = 0x91F
+	SYS___LOG2_H                        = 0x91E
+	SYS___LOGB_H                        = 0x91D
+	SYS___LOGF_H                        = 0x91B
+	SYS___LOGL_H                        = 0x91C
+	SYS___LOG_H                         = 0x91A
+	SYS_LABS                            = 0x092
+	SYS___POWL_H                        = 0x92A
+	SYS___REMAINDER_H                   = 0x92B
+	SYS___RINT_H                        = 0x92C
+	SYS___SCALB_H                       = 0x92D
+	SYS___SINF_H                        = 0x92F
+	SYS___SIN_H                         = 0x92E
+	SYS_STRNCPY                         = 0x093
+	SYS___TANHF_H                       = 0x93B
+	SYS___TANHL_H                       = 0x93C
+	SYS___TANH_H                        = 0x93A
+	SYS___TGAMMAF_H                     = 0x93E
+	SYS___TGAMMA_H                      = 0x93D
+	SYS___TRUNC_H                       = 0x93F
+	SYS_MEMCPY                          = 0x094
+	SYS_VFWSCANF                        = 0x94A
+	SYS_VSWSCANF                        = 0x94E
+	SYS_VWSCANF                         = 0x94C
+	SYS_INET6_RTH_ADD                   = 0x95D
+	SYS_INET6_RTH_INIT                  = 0x95C
+	SYS_INET6_RTH_REVERSE               = 0x95E
+	SYS_INET6_RTH_SEGMENTS              = 0x95F
+	SYS_INET6_RTH_SPACE                 = 0x95B
+	SYS_MEMMOVE                         = 0x095
+	SYS_WCSTOLD                         = 0x95A
+	SYS_STRCPY                          = 0x096
+	SYS_STRCMP                          = 0x097
+	SYS_CABS                            = 0x98E
+	SYS_STRCAT                          = 0x098
+	SYS___CABS_B                        = 0x98F
+	SYS___POW_II                        = 0x98A
+	SYS___POW_II_B                      = 0x98B
+	SYS___POW_II_H                      = 0x98C
+	SYS_CACOSF                          = 0x99A
+	SYS_CACOSL                          = 0x99D
+	SYS_STRNCAT                         = 0x099
+	SYS___CACOSF_B                      = 0x99B
+	SYS___CACOSF_H                      = 0x99C
+	SYS___CACOSL_B                      = 0x99E
+	SYS___CACOSL_H                      = 0x99F
+	SYS_ISWALPHA                        = 0x100
+	SYS_ISWBLANK                        = 0x101
+	SYS___ISWBLK                        = 0x101
+	SYS_ISWCNTRL                        = 0x102
+	SYS_ISWDIGIT                        = 0x103
+	SYS_ISWGRAPH                        = 0x104
+	SYS_ISWLOWER                        = 0x105
+	SYS_ISWPRINT                        = 0x106
+	SYS_ISWPUNCT                        = 0x107
+	SYS_ISWSPACE                        = 0x108
+	SYS_ISWUPPER                        = 0x109
+	SYS_WCTOB                           = 0x110
+	SYS_MBRLEN                          = 0x111
+	SYS_MBRTOWC                         = 0x112
+	SYS_MBSRTOWC                        = 0x113
+	SYS_MBSRTOWCS                       = 0x113
+	SYS_WCRTOMB                         = 0x114
+	SYS_WCSRTOMB                        = 0x115
+	SYS_WCSRTOMBS                       = 0x115
+	SYS___CSID                          = 0x116
+	SYS___WCSID                         = 0x117
+	SYS_STRPTIME                        = 0x118
+	SYS___STRPTM                        = 0x118
+	SYS_STRFMON                         = 0x119
+	SYS_WCSCOLL                         = 0x130
+	SYS_WCSXFRM                         = 0x131
+	SYS_WCSWIDTH                        = 0x132
+	SYS_WCWIDTH                         = 0x133
+	SYS_WCSFTIME                        = 0x134
+	SYS_SWPRINTF                        = 0x135
+	SYS_VSWPRINT                        = 0x136
+	SYS_VSWPRINTF                       = 0x136
+	SYS_SWSCANF                         = 0x137
+	SYS_REGCOMP                         = 0x138
+	SYS_REGEXEC                         = 0x139
+	SYS_GETWC                           = 0x140
+	SYS_GETWCHAR                        = 0x141
+	SYS_PUTWC                           = 0x142
+	SYS_PUTWCHAR                        = 0x143
+	SYS_UNGETWC                         = 0x144
+	SYS_ICONV_OPEN                      = 0x145
+	SYS_ICONV                           = 0x146
+	SYS_ICONV_CLOSE                     = 0x147
+	SYS_COLLRANGE                       = 0x150
+	SYS_CCLASS                          = 0x151
+	SYS_COLLORDER                       = 0x152
+	SYS___DEMANGLE                      = 0x154
+	SYS_FDOPEN                          = 0x155
+	SYS___ERRNO                         = 0x156
+	SYS___ERRNO2                        = 0x157
+	SYS___TERROR                        = 0x158
+	SYS_MAXCOLL                         = 0x169
+	SYS_DLLLOAD                         = 0x170
+	SYS__EXIT                           = 0x174
+	SYS_ACCESS                          = 0x175
+	SYS_ALARM                           = 0x176
+	SYS_CFGETISPEED                     = 0x177
+	SYS_CFGETOSPEED                     = 0x178
+	SYS_CFSETISPEED                     = 0x179
+	SYS_CREAT                           = 0x180
+	SYS_CTERMID                         = 0x181
+	SYS_DUP                             = 0x182
+	SYS_DUP2                            = 0x183
+	SYS_EXECL                           = 0x184
+	SYS_EXECLE                          = 0x185
+	SYS_EXECLP                          = 0x186
+	SYS_EXECV                           = 0x187
+	SYS_EXECVE                          = 0x188
+	SYS_EXECVP                          = 0x189
+	SYS_FSTAT                           = 0x190
+	SYS_FSYNC                           = 0x191
+	SYS_FTRUNCATE                       = 0x192
+	SYS_GETCWD                          = 0x193
+	SYS_GETEGID                         = 0x194
+	SYS_GETEUID                         = 0x195
+	SYS_GETGID                          = 0x196
+	SYS_GETGRGID                        = 0x197
+	SYS_GETGRNAM                        = 0x198
+	SYS_GETGROUPS                       = 0x199
+	SYS_PTHREAD_MUTEXATTR_DESTROY       = 0x200
+	SYS_PTHREAD_MUTEXATTR_SETKIND_NP    = 0x201
+	SYS_PTHREAD_MUTEXATTR_GETKIND_NP    = 0x202
+	SYS_PTHREAD_MUTEX_INIT              = 0x203
+	SYS_PTHREAD_MUTEX_DESTROY           = 0x204
+	SYS_PTHREAD_MUTEX_LOCK              = 0x205
+	SYS_PTHREAD_MUTEX_TRYLOCK           = 0x206
+	SYS_PTHREAD_MUTEX_UNLOCK            = 0x207
+	SYS_PTHREAD_ONCE                    = 0x209
+	SYS_TW_OPEN                         = 0x210
+	SYS_TW_FCNTL                        = 0x211
+	SYS_PTHREAD_JOIN_D4_NP              = 0x212
+	SYS_PTHREAD_CONDATTR_SETKIND_NP     = 0x213
+	SYS_PTHREAD_CONDATTR_GETKIND_NP     = 0x214
+	SYS_EXTLINK_NP                      = 0x215
+	SYS___PASSWD                        = 0x216
+	SYS_SETGROUPS                       = 0x217
+	SYS_INITGROUPS                      = 0x218
+	SYS_WCSRCHR                         = 0x240
+	SYS_SVC99                           = 0x241
+	SYS___SVC99                         = 0x241
+	SYS_WCSWCS                          = 0x242
+	SYS_LOCALECO                        = 0x243
+	SYS_LOCALECONV                      = 0x243
+	SYS___LIBREL                        = 0x244
+	SYS_RELEASE                         = 0x245
+	SYS___RLSE                          = 0x245
+	SYS_FLOCATE                         = 0x246
+	SYS___FLOCT                         = 0x246
+	SYS_FDELREC                         = 0x247
+	SYS___FDLREC                        = 0x247
+	SYS_FETCH                           = 0x248
+	SYS___FETCH                         = 0x248
+	SYS_QSORT                           = 0x249
+	SYS___CLEANUPCATCH                  = 0x260
+	SYS___CATCHMATCH                    = 0x261
+	SYS___CLEAN2UPCATCH                 = 0x262
+	SYS_GETPRIORITY                     = 0x270
+	SYS_NICE                            = 0x271
+	SYS_SETPRIORITY                     = 0x272
+	SYS_GETITIMER                       = 0x273
+	SYS_SETITIMER                       = 0x274
+	SYS_MSGCTL                          = 0x275
+	SYS_MSGGET                          = 0x276
+	SYS_MSGRCV                          = 0x277
+	SYS_MSGSND                          = 0x278
+	SYS_MSGXRCV                         = 0x279
+	SYS___MSGXR                         = 0x279
+	SYS_SHMGET                          = 0x280
+	SYS___GETIPC                        = 0x281
+	SYS_SETGRENT                        = 0x282
+	SYS_GETGRENT                        = 0x283
+	SYS_ENDGRENT                        = 0x284
+	SYS_SETPWENT                        = 0x285
+	SYS_GETPWENT                        = 0x286
+	SYS_ENDPWENT                        = 0x287
+	SYS_BSD_SIGNAL                      = 0x288
+	SYS_KILLPG                          = 0x289
+	SYS_SIGSET                          = 0x290
+	SYS_SIGSTACK                        = 0x291
+	SYS_GETRLIMIT                       = 0x292
+	SYS_SETRLIMIT                       = 0x293
+	SYS_GETRUSAGE                       = 0x294
+	SYS_MMAP                            = 0x295
+	SYS_MPROTECT                        = 0x296
+	SYS_MSYNC                           = 0x297
+	SYS_MUNMAP                          = 0x298
+	SYS_CONFSTR                         = 0x299
+	SYS___NDMTRM                        = 0x300
+	SYS_FTOK                            = 0x301
+	SYS_BASENAME                        = 0x302
+	SYS_DIRNAME                         = 0x303
+	SYS_GETDTABLESIZE                   = 0x304
+	SYS_MKSTEMP                         = 0x305
+	SYS_MKTEMP                          = 0x306
+	SYS_NFTW                            = 0x307
+	SYS_GETWD                           = 0x308
+	SYS_LOCKF                           = 0x309
+	SYS_WORDEXP                         = 0x310
+	SYS_WORDFREE                        = 0x311
+	SYS_GETPGID                         = 0x312
+	SYS_GETSID                          = 0x313
+	SYS___UTMPXNAME                     = 0x314
+	SYS_CUSERID                         = 0x315
+	SYS_GETPASS                         = 0x316
+	SYS_FNMATCH                         = 0x317
+	SYS_FTW                             = 0x318
+	SYS_GETW                            = 0x319
+	SYS_ACOSH                           = 0x320
+	SYS_ASINH                           = 0x321
+	SYS_ATANH                           = 0x322
+	SYS_CBRT                            = 0x323
+	SYS_EXPM1                           = 0x324
+	SYS_ILOGB                           = 0x325
+	SYS_LOGB                            = 0x326
+	SYS_LOG1P                           = 0x327
+	SYS_NEXTAFTER                       = 0x328
+	SYS_RINT                            = 0x329
+	SYS_SPAWN                           = 0x330
+	SYS_SPAWNP                          = 0x331
+	SYS_GETLOGIN_UU                     = 0x332
+	SYS_ECVT                            = 0x333
+	SYS_FCVT                            = 0x334
+	SYS_GCVT                            = 0x335
+	SYS_ACCEPT                          = 0x336
+	SYS_BIND                            = 0x337
+	SYS_CONNECT                         = 0x338
+	SYS_ENDHOSTENT                      = 0x339
+	SYS_GETHOSTENT                      = 0x340
+	SYS_GETHOSTID                       = 0x341
+	SYS_GETHOSTNAME                     = 0x342
+	SYS_GETNETBYADDR                    = 0x343
+	SYS_GETNETBYNAME                    = 0x344
+	SYS_GETNETENT                       = 0x345
+	SYS_GETPEERNAME                     = 0x346
+	SYS_GETPROTOBYNAME                  = 0x347
+	SYS_GETPROTOBYNUMBER                = 0x348
+	SYS_GETPROTOENT                     = 0x349
+	SYS_INET_LNAOF                      = 0x350
+	SYS_INET_MAKEADDR                   = 0x351
+	SYS_INET_NETOF                      = 0x352
+	SYS_INET_NETWORK                    = 0x353
+	SYS_INET_NTOA                       = 0x354
+	SYS_IOCTL                           = 0x355
+	SYS_LISTEN                          = 0x356
+	SYS_READV                           = 0x357
+	SYS_RECV                            = 0x358
+	SYS_RECVFROM                        = 0x359
+	SYS_SETHOSTENT                      = 0x360
+	SYS_SETNETENT                       = 0x361
+	SYS_SETPEER                         = 0x362
+	SYS_SETPROTOENT                     = 0x363
+	SYS_SETSERVENT                      = 0x364
+	SYS_SETSOCKOPT                      = 0x365
+	SYS_SHUTDOWN                        = 0x366
+	SYS_SOCKET                          = 0x367
+	SYS_SOCKETPAIR                      = 0x368
+	SYS_WRITEV                          = 0x369
+	SYS_ENDNETENT                       = 0x370
+	SYS_CLOSELOG                        = 0x371
+	SYS_OPENLOG                         = 0x372
+	SYS_SETLOGMASK                      = 0x373
+	SYS_SYSLOG                          = 0x374
+	SYS_PTSNAME                         = 0x375
+	SYS_SETREUID                        = 0x376
+	SYS_SETREGID                        = 0x377
+	SYS_REALPATH                        = 0x378
+	SYS___SIGNGAM                       = 0x379
+	SYS_POLL                            = 0x380
+	SYS_REXEC                           = 0x381
+	SYS___ISASCII2                      = 0x382
+	SYS___TOASCII2                      = 0x383
+	SYS_CHPRIORITY                      = 0x384
+	SYS_PTHREAD_ATTR_SETSYNCTYPE_NP     = 0x385
+	SYS_PTHREAD_ATTR_GETSYNCTYPE_NP     = 0x386
+	SYS_PTHREAD_SET_LIMIT_NP            = 0x387
+	SYS___STNETENT                      = 0x388
+	SYS___STPROTOENT                    = 0x389
+	SYS___SELECT1                       = 0x390
+	SYS_PTHREAD_SECURITY_NP             = 0x391
+	SYS___CHECK_RESOURCE_AUTH_NP        = 0x392
+	SYS___CONVERT_ID_NP                 = 0x393
+	SYS___OPENVMREL                     = 0x394
+	SYS_WMEMCHR                         = 0x395
+	SYS_WMEMCMP                         = 0x396
+	SYS_WMEMCPY                         = 0x397
+	SYS_WMEMMOVE                        = 0x398
+	SYS_WMEMSET                         = 0x399
+	SYS___FPUTWC                        = 0x400
+	SYS___PUTWC                         = 0x401
+	SYS___PWCHAR                        = 0x402
+	SYS___WCSFTM                        = 0x403
+	SYS___WCSTOK                        = 0x404
+	SYS___WCWDTH                        = 0x405
+	SYS_T_ACCEPT                        = 0x409
+	SYS_T_GETINFO                       = 0x410
+	SYS_T_GETPROTADDR                   = 0x411
+	SYS_T_GETSTATE                      = 0x412
+	SYS_T_LISTEN                        = 0x413
+	SYS_T_LOOK                          = 0x414
+	SYS_T_OPEN                          = 0x415
+	SYS_T_OPTMGMT                       = 0x416
+	SYS_T_RCV                           = 0x417
+	SYS_T_RCVCONNECT                    = 0x418
+	SYS_T_RCVDIS                        = 0x419
+	SYS_T_SNDUDATA                      = 0x420
+	SYS_T_STRERROR                      = 0x421
+	SYS_T_SYNC                          = 0x422
+	SYS_T_UNBIND                        = 0x423
+	SYS___T_ERRNO                       = 0x424
+	SYS___RECVMSG2                      = 0x425
+	SYS___SENDMSG2                      = 0x426
+	SYS_FATTACH                         = 0x427
+	SYS_FDETACH                         = 0x428
+	SYS_GETMSG                          = 0x429
+	SYS_GETCONTEXT                      = 0x430
+	SYS_SETCONTEXT                      = 0x431
+	SYS_MAKECONTEXT                     = 0x432
+	SYS_SWAPCONTEXT                     = 0x433
+	SYS_PTHREAD_GETSPECIFIC_D8_NP       = 0x434
+	SYS_GETCLIENTID                     = 0x470
+	SYS___GETCLIENTID                   = 0x471
+	SYS_GETSTABLESIZE                   = 0x472
+	SYS_GETIBMOPT                       = 0x473
+	SYS_GETIBMSOCKOPT                   = 0x474
+	SYS_GIVESOCKET                      = 0x475
+	SYS_IBMSFLUSH                       = 0x476
+	SYS_MAXDESC                         = 0x477
+	SYS_SETIBMOPT                       = 0x478
+	SYS_SETIBMSOCKOPT                   = 0x479
+	SYS___SERVER_PWU                    = 0x480
+	SYS_PTHREAD_TAG_NP                  = 0x481
+	SYS___CONSOLE                       = 0x482
+	SYS___WSINIT                        = 0x483
+	SYS___IPTCPN                        = 0x489
+	SYS___SERVER_CLASSIFY               = 0x490
+	SYS___HEAPRPT                       = 0x496
+	SYS___ISBFP                         = 0x500
+	SYS___FP_CAST                       = 0x501
+	SYS___CERTIFICATE                   = 0x502
+	SYS_SEND_FILE                       = 0x503
+	SYS_AIO_CANCEL                      = 0x504
+	SYS_AIO_ERROR                       = 0x505
+	SYS_AIO_READ                        = 0x506
+	SYS_AIO_RETURN                      = 0x507
+	SYS_AIO_SUSPEND                     = 0x508
+	SYS_AIO_WRITE                       = 0x509
+	SYS_PTHREAD_RWLOCK_TRYWRLOCK        = 0x510
+	SYS_PTHREAD_RWLOCK_UNLOCK           = 0x511
+	SYS_PTHREAD_RWLOCK_WRLOCK           = 0x512
+	SYS_PTHREAD_RWLOCKATTR_GETPSHARED   = 0x513
+	SYS_PTHREAD_RWLOCKATTR_SETPSHARED   = 0x514
+	SYS_PTHREAD_RWLOCKATTR_INIT         = 0x515
+	SYS_PTHREAD_RWLOCKATTR_DESTROY      = 0x516
+	SYS___CTTBL                         = 0x517
+	SYS_PTHREAD_MUTEXATTR_SETTYPE       = 0x518
+	SYS_PTHREAD_MUTEXATTR_GETTYPE       = 0x519
+	SYS___FP_UNORDERED                  = 0x520
+	SYS___FP_READ_RND                   = 0x521
+	SYS___FP_READ_RND_B                 = 0x522
+	SYS___FP_SWAP_RND                   = 0x523
+	SYS___FP_SWAP_RND_B                 = 0x524
+	SYS___FP_LEVEL                      = 0x525
+	SYS___FP_BTOH                       = 0x526
+	SYS___FP_HTOB                       = 0x527
+	SYS___FPC_RD                        = 0x528
+	SYS___FPC_WR                        = 0x529
+	SYS_PTHREAD_SETCANCELTYPE           = 0x600
+	SYS_PTHREAD_TESTCANCEL              = 0x601
+	SYS___ATANF_B                       = 0x602
+	SYS___ATANL_B                       = 0x603
+	SYS___CEILF_B                       = 0x604
+	SYS___CEILL_B                       = 0x605
+	SYS___COSF_B                        = 0x606
+	SYS___COSL_B                        = 0x607
+	SYS___FABSF_B                       = 0x608
+	SYS___FABSL_B                       = 0x609
+	SYS___SINF_B                        = 0x610
+	SYS___SINL_B                        = 0x611
+	SYS___TANF_B                        = 0x612
+	SYS___TANL_B                        = 0x613
+	SYS___TANHF_B                       = 0x614
+	SYS___TANHL_B                       = 0x615
+	SYS___ACOSF_B                       = 0x616
+	SYS___ACOSL_B                       = 0x617
+	SYS___ASINF_B                       = 0x618
+	SYS___ASINL_B                       = 0x619
+	SYS___LOGF_B                        = 0x620
+	SYS___LOGL_B                        = 0x621
+	SYS___LOG10F_B                      = 0x622
+	SYS___LOG10L_B                      = 0x623
+	SYS___POWF_B                        = 0x624
+	SYS___POWL_B                        = 0x625
+	SYS___SINHF_B                       = 0x626
+	SYS___SINHL_B                       = 0x627
+	SYS___SQRTF_B                       = 0x628
+	SYS___SQRTL_B                       = 0x629
+	SYS___MODFL_B                       = 0x630
+	SYS_ABSF                            = 0x631
+	SYS_ABSL                            = 0x632
+	SYS_ACOSF                           = 0x633
+	SYS_ACOSL                           = 0x634
+	SYS_ASINF                           = 0x635
+	SYS_ASINL                           = 0x636
+	SYS_ATAN2F                          = 0x637
+	SYS_ATAN2L                          = 0x638
+	SYS_ATANF                           = 0x639
+	SYS_COSHL                           = 0x640
+	SYS_EXPF                            = 0x641
+	SYS_EXPL                            = 0x642
+	SYS_TANHF                           = 0x643
+	SYS_TANHL                           = 0x644
+	SYS_LOG10F                          = 0x645
+	SYS_LOG10L                          = 0x646
+	SYS_LOGF                            = 0x647
+	SYS_LOGL                            = 0x648
+	SYS_POWF                            = 0x649
+	SYS_SINHL                           = 0x650
+	SYS_TANF                            = 0x651
+	SYS_TANL                            = 0x652
+	SYS_FABSF                           = 0x653
+	SYS_FABSL                           = 0x654
+	SYS_FLOORF                          = 0x655
+	SYS_FLOORL                          = 0x656
+	SYS_FMODF                           = 0x657
+	SYS_FMODL                           = 0x658
+	SYS_FREXPF                          = 0x659
+	SYS___CHATTR                        = 0x660
+	SYS___FCHATTR                       = 0x661
+	SYS___TOCCSID                       = 0x662
+	SYS___CSNAMETYPE                    = 0x663
+	SYS___TOCSNAME                      = 0x664
+	SYS___CCSIDTYPE                     = 0x665
+	SYS___AE_CORRESTBL_QUERY            = 0x666
+	SYS___AE_AUTOCONVERT_STATE          = 0x667
+	SYS_DN_FIND                         = 0x668
+	SYS___GETHOSTBYADDR_A               = 0x669
+	SYS___MBLEN_SB_A                    = 0x670
+	SYS___MBLEN_STD_A                   = 0x671
+	SYS___MBLEN_UTF                     = 0x672
+	SYS___MBSTOWCS_A                    = 0x673
+	SYS___MBSTOWCS_STD_A                = 0x674
+	SYS___MBTOWC_A                      = 0x675
+	SYS___MBTOWC_ISO1                   = 0x676
+	SYS___MBTOWC_SBCS                   = 0x677
+	SYS___MBTOWC_MBCS                   = 0x678
+	SYS___MBTOWC_UTF                    = 0x679
+	SYS___CSID_A                        = 0x680
+	SYS___CSID_STD_A                    = 0x681
+	SYS___WCSID_A                       = 0x682
+	SYS___WCSID_STD_A                   = 0x683
+	SYS___WCTOMB_A                      = 0x684
+	SYS___WCTOMB_ISO1                   = 0x685
+	SYS___WCTOMB_STD_A                  = 0x686
+	SYS___WCTOMB_UTF                    = 0x687
+	SYS___WCWIDTH_A                     = 0x688
+	SYS___GETGRNAM_R_A                  = 0x689
+	SYS___READDIR_R_A                   = 0x690
+	SYS___E2A_S                         = 0x691
+	SYS___FNMATCH_A                     = 0x692
+	SYS___FNMATCH_C_A                   = 0x693
+	SYS___EXECL_A                       = 0x694
+	SYS___FNMATCH_STD_A                 = 0x695
+	SYS___REGCOMP_A                     = 0x696
+	SYS___REGCOMP_STD_A                 = 0x697
+	SYS___REGERROR_A                    = 0x698
+	SYS___REGERROR_STD_A                = 0x699
+	SYS___SWPRINTF_A                    = 0x700
+	SYS___FSCANF_A                      = 0x701
+	SYS___SCANF_A                       = 0x702
+	SYS___SSCANF_A                      = 0x703
+	SYS___SWSCANF_A                     = 0x704
+	SYS___ATOF_A                        = 0x705
+	SYS___ATOI_A                        = 0x706
+	SYS___ATOL_A                        = 0x707
+	SYS___STRTOD_A                      = 0x708
+	SYS___STRTOL_A                      = 0x709
+	SYS___L64A_A                        = 0x710
+	SYS___STRERROR_A                    = 0x711
+	SYS___PERROR_A                      = 0x712
+	SYS___FETCH_A                       = 0x713
+	SYS___GETENV_A                      = 0x714
+	SYS___MKSTEMP_A                     = 0x717
+	SYS___PTSNAME_A                     = 0x718
+	SYS___PUTENV_A                      = 0x719
+	SYS___CHDIR_A                       = 0x720
+	SYS___CHOWN_A                       = 0x721
+	SYS___CHROOT_A                      = 0x722
+	SYS___GETCWD_A                      = 0x723
+	SYS___GETWD_A                       = 0x724
+	SYS___LCHOWN_A                      = 0x725
+	SYS___LINK_A                        = 0x726
+	SYS___PATHCONF_A                    = 0x727
+	SYS___IF_NAMEINDEX_A                = 0x728
+	SYS___READLINK_A                    = 0x729
+	SYS___EXTLINK_NP_A                  = 0x730
+	SYS___ISALNUM_A                     = 0x731
+	SYS___ISALPHA_A                     = 0x732
+	SYS___A2E_S                         = 0x733
+	SYS___ISCNTRL_A                     = 0x734
+	SYS___ISDIGIT_A                     = 0x735
+	SYS___ISGRAPH_A                     = 0x736
+	SYS___ISLOWER_A                     = 0x737
+	SYS___ISPRINT_A                     = 0x738
+	SYS___ISPUNCT_A                     = 0x739
+	SYS___ISWALPHA_A                    = 0x740
+	SYS___A2E_L                         = 0x741
+	SYS___ISWCNTRL_A                    = 0x742
+	SYS___ISWDIGIT_A                    = 0x743
+	SYS___ISWGRAPH_A                    = 0x744
+	SYS___ISWLOWER_A                    = 0x745
+	SYS___ISWPRINT_A                    = 0x746
+	SYS___ISWPUNCT_A                    = 0x747
+	SYS___ISWSPACE_A                    = 0x748
+	SYS___ISWUPPER_A                    = 0x749
+	SYS___REMOVE_A                      = 0x750
+	SYS___RENAME_A                      = 0x751
+	SYS___TMPNAM_A                      = 0x752
+	SYS___FOPEN_A                       = 0x753
+	SYS___FREOPEN_A                     = 0x754
+	SYS___CUSERID_A                     = 0x755
+	SYS___POPEN_A                       = 0x756
+	SYS___TEMPNAM_A                     = 0x757
+	SYS___FTW_A                         = 0x758
+	SYS___GETGRENT_A                    = 0x759
+	SYS___INET_NTOP_A                   = 0x760
+	SYS___GETPASS_A                     = 0x761
+	SYS___GETPWENT_A                    = 0x762
+	SYS___GETPWNAM_A                    = 0x763
+	SYS___GETPWUID_A                    = 0x764
+	SYS_____CHECK_RESOURCE_AUTH_NP_A    = 0x765
+	SYS___CHECKSCHENV_A                 = 0x766
+	SYS___CONNECTSERVER_A               = 0x767
+	SYS___CONNECTWORKMGR_A              = 0x768
+	SYS_____CONSOLE_A                   = 0x769
+	SYS___MSGSND_A                      = 0x770
+	SYS___MSGXRCV_A                     = 0x771
+	SYS___NFTW_A                        = 0x772
+	SYS_____PASSWD_A                    = 0x773
+	SYS___PTHREAD_SECURITY_NP_A         = 0x774
+	SYS___QUERYMETRICS_A                = 0x775
+	SYS___QUERYSCHENV                   = 0x776
+	SYS___READV_A                       = 0x777
+	SYS_____SERVER_CLASSIFY_A           = 0x778
+	SYS_____SERVER_INIT_A               = 0x779
+	SYS___W_GETPSENT_A                  = 0x780
+	SYS___WRITEV_A                      = 0x781
+	SYS___W_STATFS_A                    = 0x782
+	SYS___W_STATVFS_A                   = 0x783
+	SYS___FPUTC_A                       = 0x784
+	SYS___PUTCHAR_A                     = 0x785
+	SYS___PUTS_A                        = 0x786
+	SYS___FGETS_A                       = 0x787
+	SYS___GETS_A                        = 0x788
+	SYS___FPUTS_A                       = 0x789
+	SYS___PUTC_A                        = 0x790
+	SYS___AE_THREAD_SETMODE             = 0x791
+	SYS___AE_THREAD_SWAPMODE            = 0x792
+	SYS___GETNETBYADDR_A                = 0x793
+	SYS___GETNETBYNAME_A                = 0x794
+	SYS___GETNETENT_A                   = 0x795
+	SYS___GETPROTOBYNAME_A              = 0x796
+	SYS___GETPROTOBYNUMBER_A            = 0x797
+	SYS___GETPROTOENT_A                 = 0x798
+	SYS___GETSERVBYNAME_A               = 0x799
+	SYS_ACL_FIRST_ENTRY                 = 0x800
+	SYS_ACL_GET_ENTRY                   = 0x801
+	SYS_ACL_VALID                       = 0x802
+	SYS_ACL_CREATE_ENTRY                = 0x803
+	SYS_ACL_DELETE_ENTRY                = 0x804
+	SYS_ACL_UPDATE_ENTRY                = 0x805
+	SYS_ACL_DELETE_FD                   = 0x806
+	SYS_ACL_DELETE_FILE                 = 0x807
+	SYS_ACL_GET_FD                      = 0x808
+	SYS_ACL_GET_FILE                    = 0x809
+	SYS___ERFL_B                        = 0x810
+	SYS___ERFCL_B                       = 0x811
+	SYS___LGAMMAL_B                     = 0x812
+	SYS___SETHOOKEVENTS                 = 0x813
+	SYS_IF_NAMETOINDEX                  = 0x814
+	SYS_IF_INDEXTONAME                  = 0x815
+	SYS_IF_NAMEINDEX                    = 0x816
+	SYS_IF_FREENAMEINDEX                = 0x817
+	SYS_GETADDRINFO                     = 0x818
+	SYS_GETNAMEINFO                     = 0x819
+	SYS___DYNFREE_A                     = 0x820
+	SYS___RES_QUERY_A                   = 0x821
+	SYS___RES_SEARCH_A                  = 0x822
+	SYS___RES_QUERYDOMAIN_A             = 0x823
+	SYS___RES_MKQUERY_A                 = 0x824
+	SYS___RES_SEND_A                    = 0x825
+	SYS___DN_EXPAND_A                   = 0x826
+	SYS___DN_SKIPNAME_A                 = 0x827
+	SYS___DN_COMP_A                     = 0x828
+	SYS___DN_FIND_A                     = 0x829
+	SYS___INET_NTOA_A                   = 0x830
+	SYS___INET_NETWORK_A                = 0x831
+	SYS___ACCEPT_A                      = 0x832
+	SYS___ACCEPT_AND_RECV_A             = 0x833
+	SYS___BIND_A                        = 0x834
+	SYS___CONNECT_A                     = 0x835
+	SYS___GETPEERNAME_A                 = 0x836
+	SYS___GETSOCKNAME_A                 = 0x837
+	SYS___RECVFROM_A                    = 0x838
+	SYS___SENDTO_A                      = 0x839
+	SYS___LCHATTR                       = 0x840
+	SYS___WRITEDOWN                     = 0x841
+	SYS_PTHREAD_MUTEX_INIT2             = 0x842
+	SYS___ACOSHF_B                      = 0x843
+	SYS___ACOSHL_B                      = 0x844
+	SYS___ASINHF_B                      = 0x845
+	SYS___ASINHL_B                      = 0x846
+	SYS___ATANHF_B                      = 0x847
+	SYS___ATANHL_B                      = 0x848
+	SYS___CBRTF_B                       = 0x849
+	SYS___EXP2F_B                       = 0x850
+	SYS___EXP2L_B                       = 0x851
+	SYS___EXPM1F_B                      = 0x852
+	SYS___EXPM1L_B                      = 0x853
+	SYS___FDIMF_B                       = 0x854
+	SYS___FDIM_B                        = 0x855
+	SYS___FDIML_B                       = 0x856
+	SYS___HYPOTF_B                      = 0x857
+	SYS___HYPOTL_B                      = 0x858
+	SYS___LOG1PF_B                      = 0x859
+	SYS___REMQUOF_B                     = 0x860
+	SYS___REMQUO_B                      = 0x861
+	SYS___REMQUOL_B                     = 0x862
+	SYS___TGAMMAF_B                     = 0x863
+	SYS___TGAMMA_B                      = 0x864
+	SYS___TGAMMAL_B                     = 0x865
+	SYS___TRUNCF_B                      = 0x866
+	SYS___TRUNC_B                       = 0x867
+	SYS___TRUNCL_B                      = 0x868
+	SYS___LGAMMAF_B                     = 0x869
+	SYS_ASINHF                          = 0x870
+	SYS_ASINHL                          = 0x871
+	SYS_ATANHF                          = 0x872
+	SYS_ATANHL                          = 0x873
+	SYS_CBRTF                           = 0x874
+	SYS_CBRTL                           = 0x875
+	SYS_COPYSIGNF                       = 0x876
+	SYS_CPYSIGNF                        = 0x876
+	SYS_COPYSIGNL                       = 0x877
+	SYS_CPYSIGNL                        = 0x877
+	SYS_COTANF                          = 0x878
+	SYS___COTANF                        = 0x878
+	SYS_COTAN                           = 0x879
+	SYS___COTAN                         = 0x879
+	SYS_FDIM                            = 0x881
+	SYS_FDIML                           = 0x882
+	SYS_HYPOTF                          = 0x883
+	SYS_HYPOTL                          = 0x884
+	SYS_LOG1PF                          = 0x885
+	SYS_LOG1PL                          = 0x886
+	SYS_LOG2F                           = 0x887
+	SYS_LOG2                            = 0x888
+	SYS_LOG2L                           = 0x889
+	SYS_TGAMMA                          = 0x890
+	SYS_TGAMMAL                         = 0x891
+	SYS_TRUNCF                          = 0x892
+	SYS_TRUNC                           = 0x893
+	SYS_TRUNCL                          = 0x894
+	SYS_LGAMMAF                         = 0x895
+	SYS_LGAMMAL                         = 0x896
+	SYS_LROUNDF                         = 0x897
+	SYS_LROUND                          = 0x898
+	SYS_ERFF                            = 0x899
+	SYS___COSHF_H                       = 0x900
+	SYS___COSHL_H                       = 0x901
+	SYS___COTAN_H                       = 0x902
+	SYS___COTANF_H                      = 0x903
+	SYS___COTANL_H                      = 0x904
+	SYS___ERF_H                         = 0x905
+	SYS___ERFF_H                        = 0x906
+	SYS___ERFL_H                        = 0x907
+	SYS___ERFC_H                        = 0x908
+	SYS___ERFCF_H                       = 0x909
+	SYS___FDIMF_H                       = 0x910
+	SYS___FDIML_H                       = 0x911
+	SYS___FMOD_H                        = 0x912
+	SYS___FMODF_H                       = 0x913
+	SYS___FMODL_H                       = 0x914
+	SYS___GAMMA_H                       = 0x915
+	SYS___HYPOT_H                       = 0x916
+	SYS___ILOGB_H                       = 0x917
+	SYS___LGAMMA_H                      = 0x918
+	SYS___LGAMMAF_H                     = 0x919
+	SYS___LOG2L_H                       = 0x920
+	SYS___LOG1P_H                       = 0x921
+	SYS___LOG10_H                       = 0x922
+	SYS___LOG10F_H                      = 0x923
+	SYS___LOG10L_H                      = 0x924
+	SYS___LROUND_H                      = 0x925
+	SYS___LROUNDF_H                     = 0x926
+	SYS___NEXTAFTER_H                   = 0x927
+	SYS___POW_H                         = 0x928
+	SYS___POWF_H                        = 0x929
+	SYS___SINL_H                        = 0x930
+	SYS___SINH_H                        = 0x931
+	SYS___SINHF_H                       = 0x932
+	SYS___SINHL_H                       = 0x933
+	SYS___SQRT_H                        = 0x934
+	SYS___SQRTF_H                       = 0x935
+	SYS___SQRTL_H                       = 0x936
+	SYS___TAN_H                         = 0x937
+	SYS___TANF_H                        = 0x938
+	SYS___TANL_H                        = 0x939
+	SYS___TRUNCF_H                      = 0x940
+	SYS___TRUNCL_H                      = 0x941
+	SYS___COSH_H                        = 0x942
+	SYS___LE_DEBUG_SET_RESUME_MCH       = 0x943
+	SYS_VFSCANF                         = 0x944
+	SYS_VSCANF                          = 0x946
+	SYS_VSSCANF                         = 0x948
+	SYS_IMAXABS                         = 0x950
+	SYS_IMAXDIV                         = 0x951
+	SYS_STRTOIMAX                       = 0x952
+	SYS_STRTOUMAX                       = 0x953
+	SYS_WCSTOIMAX                       = 0x954
+	SYS_WCSTOUMAX                       = 0x955
+	SYS_ATOLL                           = 0x956
+	SYS_STRTOF                          = 0x957
+	SYS_STRTOLD                         = 0x958
+	SYS_WCSTOF                          = 0x959
+	SYS_INET6_RTH_GETADDR               = 0x960
+	SYS_INET6_OPT_INIT                  = 0x961
+	SYS_INET6_OPT_APPEND                = 0x962
+	SYS_INET6_OPT_FINISH                = 0x963
+	SYS_INET6_OPT_SET_VAL               = 0x964
+	SYS_INET6_OPT_NEXT                  = 0x965
+	SYS_INET6_OPT_FIND                  = 0x966
+	SYS_INET6_OPT_GET_VAL               = 0x967
+	SYS___POW_I                         = 0x987
+	SYS___POW_I_B                       = 0x988
+	SYS___POW_I_H                       = 0x989
+	SYS___CABS_H                        = 0x990
+	SYS_CABSF                           = 0x991
+	SYS___CABSF_B                       = 0x992
+	SYS___CABSF_H                       = 0x993
+	SYS_CABSL                           = 0x994
+	SYS___CABSL_B                       = 0x995
+	SYS___CABSL_H                       = 0x996
+	SYS_CACOS                           = 0x997
+	SYS___CACOS_B                       = 0x998
+	SYS___CACOS_H                       = 0x999
 )
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
index 17c53bd9b..091d107f3 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
@@ -306,19 +306,6 @@ type XVSockPgen struct {
 
 type _Socklen uint32
 
-type SaeAssocID uint32
-
-type SaeConnID uint32
-
-type SaEndpoints struct {
-	Srcif      uint32
-	Srcaddr    *RawSockaddr
-	Srcaddrlen uint32
-	Dstaddr    *RawSockaddr
-	Dstaddrlen uint32
-	_          [4]byte
-}
-
 type Xucred struct {
 	Version uint32
 	Uid     uint32
@@ -462,14 +449,11 @@ type FdSet struct {
 
 const (
 	SizeofIfMsghdr    = 0x70
-	SizeofIfMsghdr2   = 0xa0
 	SizeofIfData      = 0x60
-	SizeofIfData64    = 0x80
 	SizeofIfaMsghdr   = 0x14
 	SizeofIfmaMsghdr  = 0x10
 	SizeofIfmaMsghdr2 = 0x14
 	SizeofRtMsghdr    = 0x5c
-	SizeofRtMsghdr2   = 0x5c
 	SizeofRtMetrics   = 0x38
 )
 
@@ -483,20 +467,6 @@ type IfMsghdr struct {
 	Data    IfData
 }
 
-type IfMsghdr2 struct {
-	Msglen     uint16
-	Version    uint8
-	Type       uint8
-	Addrs      int32
-	Flags      int32
-	Index      uint16
-	Snd_len    int32
-	Snd_maxlen int32
-	Snd_drops  int32
-	Timer      int32
-	Data       IfData64
-}
-
 type IfData struct {
 	Type       uint8
 	Typelen    uint8
@@ -529,34 +499,6 @@ type IfData struct {
 	Reserved2  uint32
 }
 
-type IfData64 struct {
-	Type       uint8
-	Typelen    uint8
-	Physical   uint8
-	Addrlen    uint8
-	Hdrlen     uint8
-	Recvquota  uint8
-	Xmitquota  uint8
-	Unused1    uint8
-	Mtu        uint32
-	Metric     uint32
-	Baudrate   uint64
-	Ipackets   uint64
-	Ierrors    uint64
-	Opackets   uint64
-	Oerrors    uint64
-	Collisions uint64
-	Ibytes     uint64
-	Obytes     uint64
-	Imcasts    uint64
-	Omcasts    uint64
-	Iqdrops    uint64
-	Noproto    uint64
-	Recvtiming uint32
-	Xmittiming uint32
-	Lastchange Timeval32
-}
-
 type IfaMsghdr struct {
 	Msglen  uint16
 	Version uint8
@@ -602,21 +544,6 @@ type RtMsghdr struct {
 	Rmx     RtMetrics
 }
 
-type RtMsghdr2 struct {
-	Msglen      uint16
-	Version     uint8
-	Type        uint8
-	Index       uint16
-	Flags       int32
-	Addrs       int32
-	Refcnt      int32
-	Parentflags int32
-	Reserved    int32
-	Use         int32
-	Inits       uint32
-	Rmx         RtMetrics
-}
-
 type RtMetrics struct {
 	Locks    uint32
 	Mtu      uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
index 2392226a7..28ff4ef74 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
@@ -306,19 +306,6 @@ type XVSockPgen struct {
 
 type _Socklen uint32
 
-type SaeAssocID uint32
-
-type SaeConnID uint32
-
-type SaEndpoints struct {
-	Srcif      uint32
-	Srcaddr    *RawSockaddr
-	Srcaddrlen uint32
-	Dstaddr    *RawSockaddr
-	Dstaddrlen uint32
-	_          [4]byte
-}
-
 type Xucred struct {
 	Version uint32
 	Uid     uint32
@@ -462,14 +449,11 @@ type FdSet struct {
 
 const (
 	SizeofIfMsghdr    = 0x70
-	SizeofIfMsghdr2   = 0xa0
 	SizeofIfData      = 0x60
-	SizeofIfData64    = 0x80
 	SizeofIfaMsghdr   = 0x14
 	SizeofIfmaMsghdr  = 0x10
 	SizeofIfmaMsghdr2 = 0x14
 	SizeofRtMsghdr    = 0x5c
-	SizeofRtMsghdr2   = 0x5c
 	SizeofRtMetrics   = 0x38
 )
 
@@ -483,20 +467,6 @@ type IfMsghdr struct {
 	Data    IfData
 }
 
-type IfMsghdr2 struct {
-	Msglen     uint16
-	Version    uint8
-	Type       uint8
-	Addrs      int32
-	Flags      int32
-	Index      uint16
-	Snd_len    int32
-	Snd_maxlen int32
-	Snd_drops  int32
-	Timer      int32
-	Data       IfData64
-}
-
 type IfData struct {
 	Type       uint8
 	Typelen    uint8
@@ -529,34 +499,6 @@ type IfData struct {
 	Reserved2  uint32
 }
 
-type IfData64 struct {
-	Type       uint8
-	Typelen    uint8
-	Physical   uint8
-	Addrlen    uint8
-	Hdrlen     uint8
-	Recvquota  uint8
-	Xmitquota  uint8
-	Unused1    uint8
-	Mtu        uint32
-	Metric     uint32
-	Baudrate   uint64
-	Ipackets   uint64
-	Ierrors    uint64
-	Opackets   uint64
-	Oerrors    uint64
-	Collisions uint64
-	Ibytes     uint64
-	Obytes     uint64
-	Imcasts    uint64
-	Omcasts    uint64
-	Iqdrops    uint64
-	Noproto    uint64
-	Recvtiming uint32
-	Xmittiming uint32
-	Lastchange Timeval32
-}
-
 type IfaMsghdr struct {
 	Msglen  uint16
 	Version uint8
@@ -602,21 +544,6 @@ type RtMsghdr struct {
 	Rmx     RtMetrics
 }
 
-type RtMsghdr2 struct {
-	Msglen      uint16
-	Version     uint8
-	Type        uint8
-	Index       uint16
-	Flags       int32
-	Addrs       int32
-	Refcnt      int32
-	Parentflags int32
-	Reserved    int32
-	Use         int32
-	Inits       uint32
-	Rmx         RtMetrics
-}
-
 type RtMetrics struct {
 	Locks    uint32
 	Mtu      uint32
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
index 51e13eb05..6cbd094a3 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
@@ -625,7 +625,6 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
-	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
index d002d8ef3..7c03b6ee7 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
@@ -630,7 +630,6 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
-	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
index 3f863d898..422107ee8 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
@@ -616,7 +616,6 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
-	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
index 61c729310..505a12acf 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
@@ -610,7 +610,6 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
-	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go
index b5d17414f..cc986c790 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_freebsd_riscv64.go
@@ -612,7 +612,6 @@ const (
 	POLLRDNORM   = 0x40
 	POLLWRBAND   = 0x100
 	POLLWRNORM   = 0x4
-	POLLRDHUP    = 0x4000
 )
 
 type CapRights struct {
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go
index 5537148dc..eff6bcdef 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go
@@ -87,35 +87,30 @@ type StatxTimestamp struct {
 }
 
 type Statx_t struct {
-	Mask                      uint32
-	Blksize                   uint32
-	Attributes                uint64
-	Nlink                     uint32
-	Uid                       uint32
-	Gid                       uint32
-	Mode                      uint16
-	_                         [1]uint16
-	Ino                       uint64
-	Size                      uint64
-	Blocks                    uint64
-	Attributes_mask           uint64
-	Atime                     StatxTimestamp
-	Btime                     StatxTimestamp
-	Ctime                     StatxTimestamp
-	Mtime                     StatxTimestamp
-	Rdev_major                uint32
-	Rdev_minor                uint32
-	Dev_major                 uint32
-	Dev_minor                 uint32
-	Mnt_id                    uint64
-	Dio_mem_align             uint32
-	Dio_offset_align          uint32
-	Subvol                    uint64
-	Atomic_write_unit_min     uint32
-	Atomic_write_unit_max     uint32
-	Atomic_write_segments_max uint32
-	_                         [1]uint32
-	_                         [9]uint64
+	Mask             uint32
+	Blksize          uint32
+	Attributes       uint64
+	Nlink            uint32
+	Uid              uint32
+	Gid              uint32
+	Mode             uint16
+	_                [1]uint16
+	Ino              uint64
+	Size             uint64
+	Blocks           uint64
+	Attributes_mask  uint64
+	Atime            StatxTimestamp
+	Btime            StatxTimestamp
+	Ctime            StatxTimestamp
+	Mtime            StatxTimestamp
+	Rdev_major       uint32
+	Rdev_minor       uint32
+	Dev_major        uint32
+	Dev_minor        uint32
+	Mnt_id           uint64
+	Dio_mem_align    uint32
+	Dio_offset_align uint32
+	_                [12]uint64
 }
 
 type Fsid struct {
@@ -520,29 +515,6 @@ type TCPInfo struct {
 	Total_rto_time       uint32
 }
 
-type TCPVegasInfo struct {
-	Enabled uint32
-	Rttcnt  uint32
-	Rtt     uint32
-	Minrtt  uint32
-}
-
-type TCPDCTCPInfo struct {
-	Enabled  uint16
-	Ce_state uint16
-	Alpha    uint32
-	Ab_ecn   uint32
-	Ab_tot   uint32
-}
-
-type TCPBBRInfo struct {
-	Bw_lo       uint32
-	Bw_hi       uint32
-	Min_rtt     uint32
-	Pacing_gain uint32
-	Cwnd_gain   uint32
-}
-
 type CanFilter struct {
 	Id   uint32
 	Mask uint32
@@ -584,7 +556,6 @@ const (
 	SizeofICMPv6Filter      = 0x20
 	SizeofUcred             = 0xc
 	SizeofTCPInfo           = 0xf8
-	SizeofTCPCCInfo         = 0x14
 	SizeofCanFilter         = 0x8
 	SizeofTCPRepairOpt      = 0x8
 )
@@ -1207,8 +1178,7 @@ const (
 	PERF_SAMPLE_BRANCH_TYPE_SAVE_SHIFT    = 0x10
 	PERF_SAMPLE_BRANCH_HW_INDEX_SHIFT     = 0x11
 	PERF_SAMPLE_BRANCH_PRIV_SAVE_SHIFT    = 0x12
-	PERF_SAMPLE_BRANCH_COUNTERS           = 0x80000
-	PERF_SAMPLE_BRANCH_MAX_SHIFT          = 0x14
+	PERF_SAMPLE_BRANCH_MAX_SHIFT          = 0x13
 	PERF_SAMPLE_BRANCH_USER               = 0x1
 	PERF_SAMPLE_BRANCH_KERNEL             = 0x2
 	PERF_SAMPLE_BRANCH_HV                 = 0x4
@@ -1228,7 +1198,7 @@ const (
 	PERF_SAMPLE_BRANCH_TYPE_SAVE          = 0x10000
 	PERF_SAMPLE_BRANCH_HW_INDEX           = 0x20000
 	PERF_SAMPLE_BRANCH_PRIV_SAVE          = 0x40000
-	PERF_SAMPLE_BRANCH_MAX                = 0x100000
+	PERF_SAMPLE_BRANCH_MAX                = 0x80000
 	PERF_BR_UNKNOWN                       = 0x0
 	PERF_BR_COND                          = 0x1
 	PERF_BR_UNCOND                        = 0x2
@@ -1752,6 +1722,12 @@ const (
 	IFLA_IPVLAN_UNSPEC                         = 0x0
 	IFLA_IPVLAN_MODE                           = 0x1
 	IFLA_IPVLAN_FLAGS                          = 0x2
+	NETKIT_NEXT                                = -0x1
+	NETKIT_PASS                                = 0x0
+	NETKIT_DROP                                = 0x2
+	NETKIT_REDIRECT                            = 0x7
+	NETKIT_L2                                  = 0x0
+	NETKIT_L3                                  = 0x1
 	IFLA_NETKIT_UNSPEC                         = 0x0
 	IFLA_NETKIT_PEER_INFO                      = 0x1
 	IFLA_NETKIT_PRIMARY                        = 0x2
@@ -1790,7 +1766,6 @@ const (
 	IFLA_VXLAN_DF                              = 0x1d
 	IFLA_VXLAN_VNIFILTER                       = 0x1e
 	IFLA_VXLAN_LOCALBYPASS                     = 0x1f
-	IFLA_VXLAN_LABEL_POLICY                    = 0x20
 	IFLA_GENEVE_UNSPEC                         = 0x0
 	IFLA_GENEVE_ID                             = 0x1
 	IFLA_GENEVE_REMOTE                         = 0x2
@@ -1820,8 +1795,6 @@ const (
 	IFLA_GTP_ROLE                              = 0x4
 	IFLA_GTP_CREATE_SOCKETS                    = 0x5
 	IFLA_GTP_RESTART_COUNT                     = 0x6
-	IFLA_GTP_LOCAL                             = 0x7
-	IFLA_GTP_LOCAL6                            = 0x8
 	IFLA_BOND_UNSPEC                           = 0x0
 	IFLA_BOND_MODE                             = 0x1
 	IFLA_BOND_ACTIVE_SLAVE                     = 0x2
@@ -1854,7 +1827,6 @@ const (
 	IFLA_BOND_AD_LACP_ACTIVE                   = 0x1d
 	IFLA_BOND_MISSED_MAX                       = 0x1e
 	IFLA_BOND_NS_IP6_TARGET                    = 0x1f
-	IFLA_BOND_COUPLED_CONTROL                  = 0x20
 	IFLA_BOND_AD_INFO_UNSPEC                   = 0x0
 	IFLA_BOND_AD_INFO_AGGREGATOR               = 0x1
 	IFLA_BOND_AD_INFO_NUM_PORTS                = 0x2
@@ -1923,7 +1895,6 @@ const (
 	IFLA_HSR_SEQ_NR                            = 0x5
 	IFLA_HSR_VERSION                           = 0x6
 	IFLA_HSR_PROTOCOL                          = 0x7
-	IFLA_HSR_INTERLINK                         = 0x8
 	IFLA_STATS_UNSPEC                          = 0x0
 	IFLA_STATS_LINK_64                         = 0x1
 	IFLA_STATS_LINK_XSTATS                     = 0x2
@@ -1976,15 +1947,6 @@ const (
 	IFLA_DSA_MASTER                            = 0x1
 )
 
-const (
-	NETKIT_NEXT     = -0x1
-	NETKIT_PASS     = 0x0
-	NETKIT_DROP     = 0x2
-	NETKIT_REDIRECT = 0x7
-	NETKIT_L2       = 0x0
-	NETKIT_L3       = 0x1
-)
-
 const (
 	NF_INET_PRE_ROUTING  = 0x0
 	NF_INET_LOCAL_IN     = 0x1
@@ -2519,15 +2481,6 @@ type XDPMmapOffsets struct {
 	Cr XDPRingOffset
 }
 
-type XDPUmemReg struct {
-	Addr            uint64
-	Len             uint64
-	Size            uint32
-	Headroom        uint32
-	Flags           uint32
-	Tx_metadata_len uint32
-}
-
 type XDPStatistics struct {
 	Rx_dropped               uint64
 	Rx_invalid_descs         uint64
@@ -2594,8 +2547,8 @@ const (
 	SOF_TIMESTAMPING_BIND_PHC     = 0x8000
 	SOF_TIMESTAMPING_OPT_ID_TCP   = 0x10000
 
-	SOF_TIMESTAMPING_LAST = 0x20000
-	SOF_TIMESTAMPING_MASK = 0x3ffff
+	SOF_TIMESTAMPING_LAST = 0x10000
+	SOF_TIMESTAMPING_MASK = 0x1ffff
 
 	SCM_TSTAMP_SND   = 0x0
 	SCM_TSTAMP_SCHED = 0x1
@@ -2982,7 +2935,7 @@ const (
 	BPF_TCP_LISTEN                             = 0xa
 	BPF_TCP_CLOSING                            = 0xb
 	BPF_TCP_NEW_SYN_RECV                       = 0xc
-	BPF_TCP_MAX_STATES                         = 0xe
+	BPF_TCP_MAX_STATES                         = 0xd
 	TCP_BPF_IW                                 = 0x3e9
 	TCP_BPF_SNDCWND_CLAMP                      = 0x3ea
 	TCP_BPF_DELACK_MAX                         = 0x3eb
@@ -3258,7 +3211,7 @@ const (
 	DEVLINK_CMD_LINECARD_NEW                           = 0x50
 	DEVLINK_CMD_LINECARD_DEL                           = 0x51
 	DEVLINK_CMD_SELFTESTS_GET                          = 0x52
-	DEVLINK_CMD_MAX                                    = 0x54
+	DEVLINK_CMD_MAX                                    = 0x53
 	DEVLINK_PORT_TYPE_NOTSET                           = 0x0
 	DEVLINK_PORT_TYPE_AUTO                             = 0x1
 	DEVLINK_PORT_TYPE_ETH                              = 0x2
@@ -3510,7 +3463,7 @@ const (
 	DEVLINK_PORT_FN_ATTR_STATE                         = 0x2
 	DEVLINK_PORT_FN_ATTR_OPSTATE                       = 0x3
 	DEVLINK_PORT_FN_ATTR_CAPS                          = 0x4
-	DEVLINK_PORT_FUNCTION_ATTR_MAX                     = 0x6
+	DEVLINK_PORT_FUNCTION_ATTR_MAX                     = 0x5
 )
 
 type FsverityDigest struct {
@@ -3541,7 +3494,7 @@ type Nhmsg struct {
 type NexthopGrp struct {
 	Id     uint32
 	Weight uint8
-	High   uint8
+	Resvd1 uint8
 	Resvd2 uint16
 }
 
@@ -3802,7 +3755,7 @@ const (
 	ETHTOOL_MSG_PSE_GET                       = 0x24
 	ETHTOOL_MSG_PSE_SET                       = 0x25
 	ETHTOOL_MSG_RSS_GET                       = 0x26
-	ETHTOOL_MSG_USER_MAX                      = 0x2d
+	ETHTOOL_MSG_USER_MAX                      = 0x2b
 	ETHTOOL_MSG_KERNEL_NONE                   = 0x0
 	ETHTOOL_MSG_STRSET_GET_REPLY              = 0x1
 	ETHTOOL_MSG_LINKINFO_GET_REPLY            = 0x2
@@ -3842,15 +3795,12 @@ const (
 	ETHTOOL_MSG_MODULE_NTF                    = 0x24
 	ETHTOOL_MSG_PSE_GET_REPLY                 = 0x25
 	ETHTOOL_MSG_RSS_GET_REPLY                 = 0x26
-	ETHTOOL_MSG_KERNEL_MAX                    = 0x2e
-	ETHTOOL_FLAG_COMPACT_BITSETS              = 0x1
-	ETHTOOL_FLAG_OMIT_REPLY                   = 0x2
-	ETHTOOL_FLAG_STATS                        = 0x4
+	ETHTOOL_MSG_KERNEL_MAX                    = 0x2b
 	ETHTOOL_A_HEADER_UNSPEC                   = 0x0
 	ETHTOOL_A_HEADER_DEV_INDEX                = 0x1
 	ETHTOOL_A_HEADER_DEV_NAME                 = 0x2
 	ETHTOOL_A_HEADER_FLAGS                    = 0x3
-	ETHTOOL_A_HEADER_MAX                      = 0x4
+	ETHTOOL_A_HEADER_MAX                      = 0x3
 	ETHTOOL_A_BITSET_BIT_UNSPEC               = 0x0
 	ETHTOOL_A_BITSET_BIT_INDEX                = 0x1
 	ETHTOOL_A_BITSET_BIT_NAME                 = 0x2
@@ -3987,7 +3937,7 @@ const (
 	ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL   = 0x17
 	ETHTOOL_A_COALESCE_USE_CQE_MODE_TX        = 0x18
 	ETHTOOL_A_COALESCE_USE_CQE_MODE_RX        = 0x19
-	ETHTOOL_A_COALESCE_MAX                    = 0x1e
+	ETHTOOL_A_COALESCE_MAX                    = 0x1c
 	ETHTOOL_A_PAUSE_UNSPEC                    = 0x0
 	ETHTOOL_A_PAUSE_HEADER                    = 0x1
 	ETHTOOL_A_PAUSE_AUTONEG                   = 0x2
@@ -4015,7 +3965,7 @@ const (
 	ETHTOOL_A_TSINFO_TX_TYPES                 = 0x3
 	ETHTOOL_A_TSINFO_RX_FILTERS               = 0x4
 	ETHTOOL_A_TSINFO_PHC_INDEX                = 0x5
-	ETHTOOL_A_TSINFO_MAX                      = 0x6
+	ETHTOOL_A_TSINFO_MAX                      = 0x5
 	ETHTOOL_A_CABLE_TEST_UNSPEC               = 0x0
 	ETHTOOL_A_CABLE_TEST_HEADER               = 0x1
 	ETHTOOL_A_CABLE_TEST_MAX                  = 0x1
@@ -4031,11 +3981,11 @@ const (
 	ETHTOOL_A_CABLE_RESULT_UNSPEC             = 0x0
 	ETHTOOL_A_CABLE_RESULT_PAIR               = 0x1
 	ETHTOOL_A_CABLE_RESULT_CODE               = 0x2
-	ETHTOOL_A_CABLE_RESULT_MAX                = 0x3
+	ETHTOOL_A_CABLE_RESULT_MAX                = 0x2
 	ETHTOOL_A_CABLE_FAULT_LENGTH_UNSPEC       = 0x0
 	ETHTOOL_A_CABLE_FAULT_LENGTH_PAIR         = 0x1
 	ETHTOOL_A_CABLE_FAULT_LENGTH_CM           = 0x2
-	ETHTOOL_A_CABLE_FAULT_LENGTH_MAX          = 0x3
+	ETHTOOL_A_CABLE_FAULT_LENGTH_MAX          = 0x2
 	ETHTOOL_A_CABLE_TEST_NTF_STATUS_UNSPEC    = 0x0
 	ETHTOOL_A_CABLE_TEST_NTF_STATUS_STARTED   = 0x1
 	ETHTOOL_A_CABLE_TEST_NTF_STATUS_COMPLETED = 0x2
@@ -4118,107 +4068,6 @@ type EthtoolDrvinfo struct {
 	Regdump_len  uint32
 }
 
-type EthtoolTsInfo struct {
-	Cmd             uint32
-	So_timestamping uint32
-	Phc_index       int32
-	Tx_types        uint32
-	Tx_reserved     [3]uint32
-	Rx_filters      uint32
-	Rx_reserved     [3]uint32
-}
-
-type HwTstampConfig struct {
-	Flags     int32
-	Tx_type   int32
-	Rx_filter int32
-}
-
-const (
-	HWTSTAMP_FILTER_NONE            = 0x0
-	HWTSTAMP_FILTER_ALL             = 0x1
-	HWTSTAMP_FILTER_SOME            = 0x2
-	HWTSTAMP_FILTER_PTP_V1_L4_EVENT = 0x3
-	HWTSTAMP_FILTER_PTP_V2_L4_EVENT = 0x6
-	HWTSTAMP_FILTER_PTP_V2_L2_EVENT = 0x9
-	HWTSTAMP_FILTER_PTP_V2_EVENT    = 0xc
-)
-
-const (
-	HWTSTAMP_TX_OFF          = 0x0
-	HWTSTAMP_TX_ON           = 0x1
-	HWTSTAMP_TX_ONESTEP_SYNC = 0x2
-)
-
-type (
-	PtpClockCaps struct {
-		Max_adj            int32
-		N_alarm            int32
-		N_ext_ts           int32
-		N_per_out          int32
-		Pps                int32
-		N_pins             int32
-		Cross_timestamping int32
-		Adjust_phase       int32
-		Max_phase_adj      int32
-		Rsv                [11]int32
-	}
-	PtpClockTime struct {
-		Sec      int64
-		Nsec     uint32
-		Reserved uint32
-	}
-	PtpExttsEvent struct {
-		T     PtpClockTime
-		Index uint32
-		Flags uint32
-		Rsv   [2]uint32
-	}
-	PtpExttsRequest struct {
-		Index uint32
-		Flags uint32
-		Rsv   [2]uint32
-	}
-	PtpPeroutRequest struct {
-		StartOrPhase PtpClockTime
-		Period       PtpClockTime
-		Index        uint32
-		Flags        uint32
-		On           PtpClockTime
-	}
-	PtpPinDesc struct {
-		Name  [64]byte
-		Index uint32
-		Func  uint32
-		Chan  uint32
-		Rsv   [5]uint32
-	}
-	PtpSysOffset struct {
-		Samples uint32
-		Rsv     [3]uint32
-		Ts      [51]PtpClockTime
-	}
-	PtpSysOffsetExtended struct {
-		Samples uint32
-		Clockid int32
-		Rsv     [2]uint32
-		Ts      [25][3]PtpClockTime
-	}
-	PtpSysOffsetPrecise struct {
-		Device   PtpClockTime
-		Realtime PtpClockTime
-		Monoraw  PtpClockTime
-		Rsv      [4]uint32
-	}
-)
-
-const (
-	PTP_PF_NONE    = 0x0
-	PTP_PF_EXTTS   = 0x1
-	PTP_PF_PEROUT  = 0x2
-	PTP_PF_PHYSYNC = 0x3
-)
-
 type (
 	HIDRawReportDescriptor struct {
 		Size  uint32
@@ -4400,7 +4249,6 @@ const (
 type LandlockRulesetAttr struct {
 	Access_fs  uint64
 	Access_net uint64
-	Scoped     uint64
 }
 
 type LandlockPathBeneathAttr struct {
@@ -4747,7 +4595,7 @@ const (
 	NL80211_ATTR_MAC_HINT                                   = 0xc8
 	NL80211_ATTR_MAC_MASK                                   = 0xd7
 	NL80211_ATTR_MAX_AP_ASSOC_STA                           = 0xca
-	NL80211_ATTR_MAX                                        = 0x14c
+	NL80211_ATTR_MAX                                        = 0x146
 	NL80211_ATTR_MAX_CRIT_PROT_DURATION                     = 0xb4
 	NL80211_ATTR_MAX_CSA_COUNTERS                           = 0xce
 	NL80211_ATTR_MAX_MATCH_SETS                             = 0x85
@@ -5013,7 +4861,7 @@ const (
 	NL80211_BSS_FREQUENCY_OFFSET                            = 0x14
 	NL80211_BSS_INFORMATION_ELEMENTS                        = 0x6
 	NL80211_BSS_LAST_SEEN_BOOTTIME                          = 0xf
-	NL80211_BSS_MAX                                         = 0x18
+	NL80211_BSS_MAX                                         = 0x16
 	NL80211_BSS_MLD_ADDR                                    = 0x16
 	NL80211_BSS_MLO_LINK_ID                                 = 0x15
 	NL80211_BSS_PAD                                         = 0x10
@@ -5117,7 +4965,7 @@ const (
 	NL80211_CMD_LEAVE_IBSS                                  = 0x2c
 	NL80211_CMD_LEAVE_MESH                                  = 0x45
 	NL80211_CMD_LEAVE_OCB                                   = 0x6d
-	NL80211_CMD_MAX                                         = 0x9b
+	NL80211_CMD_MAX                                         = 0x9a
 	NL80211_CMD_MICHAEL_MIC_FAILURE                         = 0x29
 	NL80211_CMD_MODIFY_LINK_STA                             = 0x97
 	NL80211_CMD_NAN_MATCH                                   = 0x78
@@ -5351,7 +5199,7 @@ const (
 	NL80211_FREQUENCY_ATTR_GO_CONCURRENT                    = 0xf
 	NL80211_FREQUENCY_ATTR_INDOOR_ONLY                      = 0xe
 	NL80211_FREQUENCY_ATTR_IR_CONCURRENT                    = 0xf
-	NL80211_FREQUENCY_ATTR_MAX                              = 0x21
+	NL80211_FREQUENCY_ATTR_MAX                              = 0x1c
 	NL80211_FREQUENCY_ATTR_MAX_TX_POWER                     = 0x6
 	NL80211_FREQUENCY_ATTR_NO_10MHZ                         = 0x11
 	NL80211_FREQUENCY_ATTR_NO_160MHZ                        = 0xc
@@ -5845,7 +5693,7 @@ const (
 	NL80211_STA_FLAG_ASSOCIATED                             = 0x7
 	NL80211_STA_FLAG_AUTHENTICATED                          = 0x5
 	NL80211_STA_FLAG_AUTHORIZED                             = 0x1
-	NL80211_STA_FLAG_MAX                                    = 0x8
+	NL80211_STA_FLAG_MAX                                    = 0x7
 	NL80211_STA_FLAG_MAX_OLD_API                            = 0x6
 	NL80211_STA_FLAG_MFP                                    = 0x4
 	NL80211_STA_FLAG_SHORT_PREAMBLE                         = 0x2
@@ -6143,34 +5991,3 @@ type CachestatRange struct {
 	Off uint64
 	Len uint64
 }
-
-const (
-	SK_MEMINFO_RMEM_ALLOC          = 0x0
-	SK_MEMINFO_RCVBUF              = 0x1
-	SK_MEMINFO_WMEM_ALLOC          = 0x2
-	SK_MEMINFO_SNDBUF              = 0x3
-	SK_MEMINFO_FWD_ALLOC           = 0x4
-	SK_MEMINFO_WMEM_QUEUED         = 0x5
-	SK_MEMINFO_OPTMEM              = 0x6
-	SK_MEMINFO_BACKLOG             = 0x7
-	SK_MEMINFO_DROPS               = 0x8
-	SK_MEMINFO_VARS                = 0x9
-	SKNLGRP_NONE                   = 0x0
-	SKNLGRP_INET_TCP_DESTROY       = 0x1
-	SKNLGRP_INET_UDP_DESTROY       = 0x2
-	SKNLGRP_INET6_TCP_DESTROY      = 0x3
-	SKNLGRP_INET6_UDP_DESTROY      = 0x4
-	SK_DIAG_BPF_STORAGE_REQ_NONE   = 0x0
-	SK_DIAG_BPF_STORAGE_REQ_MAP_FD = 0x1
-	SK_DIAG_BPF_STORAGE_REP_NONE   = 0x0
-	SK_DIAG_BPF_STORAGE            = 0x1
-	SK_DIAG_BPF_STORAGE_NONE       = 0x0
-	SK_DIAG_BPF_STORAGE_PAD        = 0x1
-	SK_DIAG_BPF_STORAGE_MAP_ID     = 0x2
-	SK_DIAG_BPF_STORAGE_MAP_VALUE  = 0x3
-)
-
-type SockDiagReq struct {
-	Family   uint8
-	Protocol uint8
-}
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
index fd402da43..438a30aff 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_386.go
@@ -477,6 +477,14 @@ const (
 	BLKPG = 0x1269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
index eb7a5e186..adceca355 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_amd64.go
@@ -492,6 +492,15 @@ const (
 	BLKPG = 0x1269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
index d78ac108b..eeaa00a37 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm.go
@@ -470,6 +470,15 @@ const (
 	BLKPG = 0x1269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
index cd06d47f1..6739aa91d 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_arm64.go
@@ -471,6 +471,15 @@ const (
 	BLKPG = 0x1269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
index 2f28fe26c..9920ef631 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_loong64.go
@@ -472,6 +472,15 @@ const (
 	BLKPG = 0x1269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
index 71d6cac2f..2923b799a 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips.go
@@ -476,6 +476,15 @@ const (
 	BLKPG = 0x20001269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
index 8596d4535..ce2750ee4 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64.go
@@ -474,6 +474,15 @@ const (
 	BLKPG = 0x20001269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
index cd60ea186..3038811d7 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mips64le.go
@@ -474,6 +474,15 @@ const (
 	BLKPG = 0x20001269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
index b0ae420c4..efc6fed18 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_mipsle.go
@@ -476,6 +476,15 @@ const (
 	BLKPG = 0x20001269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
index 835972875..9a654b75a 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc.go
@@ -482,6 +482,15 @@ const (
 	BLKPG = 0x20001269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
index 69eb6a5c6..40d358e33 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64.go
@@ -481,6 +481,15 @@ const (
 	BLKPG = 0x20001269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
index 5f583cb62..148c6ceb8 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_ppc64le.go
@@ -481,6 +481,15 @@ const (
 	BLKPG = 0x20001269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
index ad05b51a6..72ba81543 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_riscv64.go
@@ -499,6 +499,15 @@ const (
 	BLKPG = 0x1269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]uint8
 	Driver_name [64]uint8
@@ -727,37 +736,6 @@ const (
 	RISCV_HWPROBE_EXT_ZBA                = 0x8
 	RISCV_HWPROBE_EXT_ZBB                = 0x10
 	RISCV_HWPROBE_EXT_ZBS                = 0x20
-	RISCV_HWPROBE_EXT_ZICBOZ             = 0x40
-	RISCV_HWPROBE_EXT_ZBC                = 0x80
-	RISCV_HWPROBE_EXT_ZBKB               = 0x100
-	RISCV_HWPROBE_EXT_ZBKC               = 0x200
-	RISCV_HWPROBE_EXT_ZBKX               = 0x400
-	RISCV_HWPROBE_EXT_ZKND               = 0x800
-	RISCV_HWPROBE_EXT_ZKNE               = 0x1000
-	RISCV_HWPROBE_EXT_ZKNH               = 0x2000
-	RISCV_HWPROBE_EXT_ZKSED              = 0x4000
-	RISCV_HWPROBE_EXT_ZKSH               = 0x8000
-	RISCV_HWPROBE_EXT_ZKT                = 0x10000
-	RISCV_HWPROBE_EXT_ZVBB               = 0x20000
-	RISCV_HWPROBE_EXT_ZVBC               = 0x40000
-	RISCV_HWPROBE_EXT_ZVKB               = 0x80000
-	RISCV_HWPROBE_EXT_ZVKG               = 0x100000
-	RISCV_HWPROBE_EXT_ZVKNED             = 0x200000
-	RISCV_HWPROBE_EXT_ZVKNHA             = 0x400000
-	RISCV_HWPROBE_EXT_ZVKNHB             = 0x800000
-	RISCV_HWPROBE_EXT_ZVKSED             = 0x1000000
-	RISCV_HWPROBE_EXT_ZVKSH              = 0x2000000
-	RISCV_HWPROBE_EXT_ZVKT               = 0x4000000
-	RISCV_HWPROBE_EXT_ZFH                = 0x8000000
-	RISCV_HWPROBE_EXT_ZFHMIN             = 0x10000000
-	RISCV_HWPROBE_EXT_ZIHINTNTL          = 0x20000000
-	RISCV_HWPROBE_EXT_ZVFH               = 0x40000000
-	RISCV_HWPROBE_EXT_ZVFHMIN            = 0x80000000
-	RISCV_HWPROBE_EXT_ZFA                = 0x100000000
-	RISCV_HWPROBE_EXT_ZTSO               = 0x200000000
-	RISCV_HWPROBE_EXT_ZACAS              = 0x400000000
-	RISCV_HWPROBE_EXT_ZICOND             = 0x800000000
-	RISCV_HWPROBE_EXT_ZIHINTPAUSE        = 0x1000000000
 	RISCV_HWPROBE_KEY_CPUPERF_0          = 0x5
 	RISCV_HWPROBE_MISALIGNED_UNKNOWN     = 0x0
 	RISCV_HWPROBE_MISALIGNED_EMULATED    = 0x1
@@ -765,6 +743,4 @@ const (
 	RISCV_HWPROBE_MISALIGNED_FAST        = 0x3
 	RISCV_HWPROBE_MISALIGNED_UNSUPPORTED = 0x4
 	RISCV_HWPROBE_MISALIGNED_MASK        = 0x7
-	RISCV_HWPROBE_KEY_ZICBOZ_BLOCK_SIZE  = 0x6
-	RISCV_HWPROBE_WHICH_CPUS             = 0x1
 )
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
index cf3ce9003..71e765508 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_s390x.go
@@ -495,6 +495,15 @@ const (
 	BLKPG = 0x1269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
index 590b56739..4abbdb9de 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_linux_sparc64.go
@@ -476,6 +476,15 @@ const (
 	BLKPG = 0x20001269
 )
 
+type XDPUmemReg struct {
+	Addr     uint64
+	Len      uint64
+	Size     uint32
+	Headroom uint32
+	Flags    uint32
+	_        [4]byte
+}
+
 type CryptoUserAlg struct {
 	Name        [64]int8
 	Driver_name [64]int8
diff --git a/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
index 2e5d5a443..54f31be63 100644
--- a/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
+++ b/vendor/golang.org/x/sys/unix/ztypes_zos_s390x.go
@@ -25,13 +25,10 @@ const (
 	SizeofIPv6Mreq      = 20
 	SizeofICMPv6Filter  = 32
 	SizeofIPv6MTUInfo   = 32
-	SizeofInet4Pktinfo  = 8
-	SizeofInet6Pktinfo  = 20
 	SizeofLinger        = 8
 	SizeofSockaddrInet4 = 16
 	SizeofSockaddrInet6 = 28
 	SizeofTCPInfo       = 0x68
-	SizeofUcred         = 12
 )
 
 type (
@@ -72,17 +69,12 @@ type Utimbuf struct {
 }
 
 type Utsname struct {
-	Sysname  [16]byte
-	Nodename [32]byte
-	Release  [8]byte
-	Version  [8]byte
-	Machine  [16]byte
-}
-
-type Ucred struct {
-	Pid int32
-	Uid uint32
-	Gid uint32
+	Sysname    [65]byte
+	Nodename   [65]byte
+	Release    [65]byte
+	Version    [65]byte
+	Machine    [65]byte
+	Domainname [65]byte
 }
 
 type RawSockaddrInet4 struct {
@@ -333,7 +325,7 @@ type Statvfs_t struct {
 }
 
 type Statfs_t struct {
-	Type    uint64
+	Type    uint32
 	Bsize   uint64
 	Blocks  uint64
 	Bfree   uint64
@@ -344,7 +336,6 @@ type Statfs_t struct {
 	Namelen uint64
 	Frsize  uint64
 	Flags   uint64
-	_       [4]uint64
 }
 
 type direntLE struct {
@@ -377,12 +368,6 @@ type Flock_t struct {
 	Pid    int32
 }
 
-type F_cnvrt struct {
-	Cvtcmd int32
-	Pccsid int16
-	Fccsid int16
-}
-
 type Termios struct {
 	Cflag uint32
 	Iflag uint32
@@ -427,126 +412,3 @@ type W_Mntent struct {
 	Quiesceowner [8]byte
 	_            [38]byte
 }
-
-type EpollEvent struct {
-	Events uint32
-	_      int32
-	Fd     int32
-	Pad    int32
-}
-
-type InotifyEvent struct {
-	Wd     int32
-	Mask   uint32
-	Cookie uint32
-	Len    uint32
-	Name   string
-}
-
-const (
-	SizeofInotifyEvent = 0x10
-)
-
-type ConsMsg2 struct {
-	Cm2Format       uint16
-	Cm2R1           uint16
-	Cm2Msglength    uint32
-	Cm2Msg          *byte
-	Cm2R2           [4]byte
-	Cm2R3           [4]byte
-	Cm2Routcde      *uint32
-	Cm2Descr        *uint32
-	Cm2Msgflag      uint32
-	Cm2Token        uint32
-	Cm2Msgid        *uint32
-	Cm2R4           [4]byte
-	Cm2DomToken     uint32
-	Cm2DomMsgid     *uint32
-	Cm2ModCartptr   *byte
-	Cm2ModConsidptr *byte
-	Cm2MsgCart      [8]byte
-	Cm2MsgConsid    [4]byte
-	Cm2R5           [12]byte
-}
-
-const (
-	CC_modify        = 1
-	CC_stop          = 2
-	CONSOLE_FORMAT_2 = 2
-	CONSOLE_FORMAT_3 = 3
-	CONSOLE_HRDCPY   = 0x80000000
-)
-
-type OpenHow struct {
-	Flags   uint64
-	Mode    uint64
-	Resolve uint64
-}
-
-const SizeofOpenHow = 0x18
-
-const (
-	RESOLVE_CACHED        = 0x20
-	RESOLVE_BENEATH       = 0x8
-	RESOLVE_IN_ROOT       = 0x10
-	RESOLVE_NO_MAGICLINKS = 0x2
-	RESOLVE_NO_SYMLINKS   = 0x4
-	RESOLVE_NO_XDEV       = 0x1
-)
-
-type Siginfo struct {
-	Signo int32
-	Errno int32
-	Code  int32
-	Pid   int32
-	Uid   uint32
-	_     [44]byte
-}
-
-type SysvIpcPerm struct {
-	Uid  uint32
-	Gid  uint32
-	Cuid uint32
-	Cgid uint32
-	Mode int32
-}
-
-type SysvShmDesc struct {
-	Perm   SysvIpcPerm
-	_      [4]byte
-	Lpid   int32
-	Cpid   int32
-	Nattch uint32
-	_      [4]byte
-	_      [4]byte
-	_      [4]byte
-	_      int32
-	_      uint8
-	_      uint8
-	_      uint16
-	_      *byte
-	Segsz  uint64
-	Atime  Time_t
-	Dtime  Time_t
-	Ctime  Time_t
-}
-
-type SysvShmDesc64 struct {
-	Perm   SysvIpcPerm
-	_      [4]byte
-	Lpid   int32
-	Cpid   int32
-	Nattch uint32
-	_      [4]byte
-	_      [4]byte
-	_      [4]byte
-	_      int32
-	_      byte
-	_      uint8
-	_      uint16
-	_      *byte
-	Segsz  uint64
-	Atime  int64
-	Dtime  int64
-	Ctime  int64
-}
diff --git a/vendor/golang.org/x/sys/windows/aliases.go b/vendor/golang.org/x/sys/windows/aliases.go
index 16f90560a..ce2d713d6 100644
--- a/vendor/golang.org/x/sys/windows/aliases.go
+++ b/vendor/golang.org/x/sys/windows/aliases.go
@@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build windows
+//go:build windows && go1.9
 
 package windows
 
diff --git a/vendor/golang.org/x/sys/windows/dll_windows.go b/vendor/golang.org/x/sys/windows/dll_windows.go
index 3ca814f54..115341fba 100644
--- a/vendor/golang.org/x/sys/windows/dll_windows.go
+++ b/vendor/golang.org/x/sys/windows/dll_windows.go
@@ -43,8 +43,8 @@ type DLL struct {
 // LoadDLL loads DLL file into memory.
 //
 // Warning: using LoadDLL without an absolute path name is subject to
-// DLL preloading attacks. To safely load a system DLL, use [NewLazySystemDLL],
-// or use [LoadLibraryEx] directly.
+// DLL preloading attacks. To safely load a system DLL, use LazyDLL
+// with System set to true, or use LoadLibraryEx directly.
 func LoadDLL(name string) (dll *DLL, err error) {
 	namep, err := UTF16PtrFromString(name)
 	if err != nil {
@@ -65,7 +65,7 @@ func LoadDLL(name string) (dll *DLL, err error) {
 	return d, nil
 }
 
-// MustLoadDLL is like LoadDLL but panics if load operation fails.
+// MustLoadDLL is like LoadDLL but panics if load operation failes.
 func MustLoadDLL(name string) *DLL {
 	d, e := LoadDLL(name)
 	if e != nil {
@@ -271,9 +271,6 @@ func (d *LazyDLL) NewProc(name string) *LazyProc {
 }
 
 // NewLazyDLL creates new LazyDLL associated with DLL file.
-//
-// Warning: using NewLazyDLL without an absolute path name is subject to
-// DLL preloading attacks. To safely load a system DLL, use [NewLazySystemDLL].
 func NewLazyDLL(name string) *LazyDLL {
 	return &LazyDLL{Name: name}
 }
@@ -413,3 +410,7 @@ func loadLibraryEx(name string, system bool) (*DLL, error) {
 	}
 	return &DLL{Name: name, Handle: h}, nil
 }
+
+type errString string
+
+func (s errString) Error() string { return string(s) }
diff --git a/vendor/golang.org/x/sys/windows/empty.s b/vendor/golang.org/x/sys/windows/empty.s
new file mode 100644
index 000000000..ba64caca5
--- /dev/null
+++ b/vendor/golang.org/x/sys/windows/empty.s
@@ -0,0 +1,8 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !go1.12
+
+// This file is here to allow bodyless functions with go:linkname for Go 1.11
+// and earlier (see https://golang.org/issue/23311).
diff --git a/vendor/golang.org/x/sys/windows/security_windows.go b/vendor/golang.org/x/sys/windows/security_windows.go
index b6e1ab76f..26be94a8a 100644
--- a/vendor/golang.org/x/sys/windows/security_windows.go
+++ b/vendor/golang.org/x/sys/windows/security_windows.go
@@ -68,7 +68,6 @@ type UserInfo10 struct {
 //sys	NetUserGetInfo(serverName *uint16, userName *uint16, level uint32, buf **byte) (neterr error) = netapi32.NetUserGetInfo
 //sys	NetGetJoinInformation(server *uint16, name **uint16, bufType *uint32) (neterr error) = netapi32.NetGetJoinInformation
 //sys	NetApiBufferFree(buf *byte) (neterr error) = netapi32.NetApiBufferFree
-//sys   NetUserEnum(serverName *uint16, level uint32, filter uint32, buf **byte, prefMaxLen uint32, entriesRead *uint32, totalEntries *uint32, resumeHandle *uint32) (neterr error) = netapi32.NetUserEnum
 
 const (
 	// do not reorder
@@ -894,7 +893,7 @@ type ACL struct {
 	aclRevision byte
 	sbz1        byte
 	aclSize     uint16
-	AceCount    uint16
+	aceCount    uint16
 	sbz2        uint16
 }
 
@@ -1087,27 +1086,6 @@ type EXPLICIT_ACCESS struct {
 	Trustee           TRUSTEE
 }
 
-// https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-ace_header
-type ACE_HEADER struct {
-	AceType  uint8
-	AceFlags uint8
-	AceSize  uint16
-}
-
-// https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-access_allowed_ace
-type ACCESS_ALLOWED_ACE struct {
-	Header   ACE_HEADER
-	Mask     ACCESS_MASK
-	SidStart uint32
-}
-
-const (
-	// Constants for AceType
-	// https://learn.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-ace_header
-	ACCESS_ALLOWED_ACE_TYPE = 0
-	ACCESS_DENIED_ACE_TYPE  = 1
-)
-
 // This type is the union inside of TRUSTEE and must be created using one of the TrusteeValueFrom* functions.
 type TrusteeValue uintptr
 
@@ -1179,7 +1157,6 @@ type OBJECTS_AND_NAME struct {
 //sys	makeSelfRelativeSD(absoluteSD *SECURITY_DESCRIPTOR, selfRelativeSD *SECURITY_DESCRIPTOR, selfRelativeSDSize *uint32) (err error) = advapi32.MakeSelfRelativeSD
 
 //sys	setEntriesInAcl(countExplicitEntries uint32, explicitEntries *EXPLICIT_ACCESS, oldACL *ACL, newACL **ACL) (ret error) = advapi32.SetEntriesInAclW
-//sys	GetAce(acl *ACL, aceIndex uint32, pAce **ACCESS_ALLOWED_ACE) (err error) = advapi32.GetAce
 
 // Control returns the security descriptor control bits.
 func (sd *SECURITY_DESCRIPTOR) Control() (control SECURITY_DESCRIPTOR_CONTROL, revision uint32, err error) {
diff --git a/vendor/golang.org/x/sys/windows/syscall_windows.go b/vendor/golang.org/x/sys/windows/syscall_windows.go
index 4a3254386..6395a031d 100644
--- a/vendor/golang.org/x/sys/windows/syscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/syscall_windows.go
@@ -17,10 +17,8 @@ import (
 	"unsafe"
 )
 
-type (
-	Handle uintptr
-	HWND   uintptr
-)
+type Handle uintptr
+type HWND uintptr
 
 const (
 	InvalidHandle = ^Handle(0)
@@ -167,9 +165,6 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	CreateFile(name *uint16, access uint32, mode uint32, sa *SecurityAttributes, createmode uint32, attrs uint32, templatefile Handle) (handle Handle, err error) [failretval==InvalidHandle] = CreateFileW
 //sys	CreateNamedPipe(name *uint16, flags uint32, pipeMode uint32, maxInstances uint32, outSize uint32, inSize uint32, defaultTimeout uint32, sa *SecurityAttributes) (handle Handle, err error)  [failretval==InvalidHandle] = CreateNamedPipeW
 //sys	ConnectNamedPipe(pipe Handle, overlapped *Overlapped) (err error)
-//sys	DisconnectNamedPipe(pipe Handle) (err error)
-//sys   GetNamedPipeClientProcessId(pipe Handle, clientProcessID *uint32) (err error)
-//sys   GetNamedPipeServerProcessId(pipe Handle, serverProcessID *uint32) (err error)
 //sys	GetNamedPipeInfo(pipe Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error)
 //sys	GetNamedPipeHandleState(pipe Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) = GetNamedPipeHandleStateW
 //sys	SetNamedPipeHandleState(pipe Handle, state *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32) (err error) = SetNamedPipeHandleState
@@ -215,10 +210,6 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	OpenProcess(desiredAccess uint32, inheritHandle bool, processId uint32) (handle Handle, err error)
 //sys	ShellExecute(hwnd Handle, verb *uint16, file *uint16, args *uint16, cwd *uint16, showCmd int32) (err error) [failretval<=32] = shell32.ShellExecuteW
 //sys	GetWindowThreadProcessId(hwnd HWND, pid *uint32) (tid uint32, err error) = user32.GetWindowThreadProcessId
-//sys	LoadKeyboardLayout(name *uint16, flags uint32) (hkl Handle, err error) [failretval==0] = user32.LoadKeyboardLayoutW
-//sys	UnloadKeyboardLayout(hkl Handle) (err error) = user32.UnloadKeyboardLayout
-//sys	GetKeyboardLayout(tid uint32) (hkl Handle) = user32.GetKeyboardLayout
-//sys	ToUnicodeEx(vkey uint32, scancode uint32, keystate *byte, pwszBuff *uint16, cchBuff int32, flags uint32, hkl Handle) (ret int32) = user32.ToUnicodeEx
 //sys	GetShellWindow() (shellWindow HWND) = user32.GetShellWindow
 //sys	MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) [failretval==0] = user32.MessageBoxW
 //sys	ExitWindowsEx(flags uint32, reason uint32) (err error) = user32.ExitWindowsEx
@@ -315,10 +306,6 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	SetConsoleMode(console Handle, mode uint32) (err error) = kernel32.SetConsoleMode
 //sys	GetConsoleScreenBufferInfo(console Handle, info *ConsoleScreenBufferInfo) (err error) = kernel32.GetConsoleScreenBufferInfo
 //sys	setConsoleCursorPosition(console Handle, position uint32) (err error) = kernel32.SetConsoleCursorPosition
-//sys	GetConsoleCP() (cp uint32, err error) = kernel32.GetConsoleCP
-//sys	GetConsoleOutputCP() (cp uint32, err error) = kernel32.GetConsoleOutputCP
-//sys	SetConsoleCP(cp uint32) (err error) = kernel32.SetConsoleCP
-//sys	SetConsoleOutputCP(cp uint32) (err error) = kernel32.SetConsoleOutputCP
 //sys	WriteConsole(console Handle, buf *uint16, towrite uint32, written *uint32, reserved *byte) (err error) = kernel32.WriteConsoleW
 //sys	ReadConsole(console Handle, buf *uint16, toread uint32, read *uint32, inputControl *byte) (err error) = kernel32.ReadConsoleW
 //sys	resizePseudoConsole(pconsole Handle, size uint32) (hr error) = kernel32.ResizePseudoConsole
@@ -361,19 +348,8 @@ func NewCallbackCDecl(fn interface{}) uintptr {
 //sys	SetProcessPriorityBoost(process Handle, disable bool) (err error) = kernel32.SetProcessPriorityBoost
 //sys	GetProcessWorkingSetSizeEx(hProcess Handle, lpMinimumWorkingSetSize *uintptr, lpMaximumWorkingSetSize *uintptr, flags *uint32)
 //sys	SetProcessWorkingSetSizeEx(hProcess Handle, dwMinimumWorkingSetSize uintptr, dwMaximumWorkingSetSize uintptr, flags uint32) (err error)
-//sys	ClearCommBreak(handle Handle) (err error)
-//sys	ClearCommError(handle Handle, lpErrors *uint32, lpStat *ComStat) (err error)
-//sys	EscapeCommFunction(handle Handle, dwFunc uint32) (err error)
-//sys	GetCommState(handle Handle, lpDCB *DCB) (err error)
-//sys	GetCommModemStatus(handle Handle, lpModemStat *uint32) (err error)
 //sys	GetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error)
-//sys	PurgeComm(handle Handle, dwFlags uint32) (err error)
-//sys	SetCommBreak(handle Handle) (err error)
-//sys	SetCommMask(handle Handle, dwEvtMask uint32) (err error)
-//sys	SetCommState(handle Handle, lpDCB *DCB) (err error)
 //sys	SetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error)
-//sys	SetupComm(handle Handle, dwInQueue uint32, dwOutQueue uint32) (err error)
-//sys	WaitCommEvent(handle Handle, lpEvtMask *uint32, lpOverlapped *Overlapped) (err error)
 //sys	GetActiveProcessorCount(groupNumber uint16) (ret uint32)
 //sys	GetMaximumProcessorCount(groupNumber uint16) (ret uint32)
 //sys	EnumWindows(enumFunc uintptr, param unsafe.Pointer) (err error) = user32.EnumWindows
@@ -727,12 +703,20 @@ func DurationSinceBoot() time.Duration {
 }
 
 func Ftruncate(fd Handle, length int64) (err error) {
-	type _FILE_END_OF_FILE_INFO struct {
-		EndOfFile int64
+	curoffset, e := Seek(fd, 0, 1)
+	if e != nil {
+		return e
+	}
+	defer Seek(fd, curoffset, 0)
+	_, e = Seek(fd, length, 0)
+	if e != nil {
+		return e
 	}
-	var info _FILE_END_OF_FILE_INFO
-	info.EndOfFile = length
-	return SetFileInformationByHandle(fd, FileEndOfFileInfo, (*byte)(unsafe.Pointer(&info)), uint32(unsafe.Sizeof(info)))
+	e = SetEndOfFile(fd)
+	if e != nil {
+		return e
+	}
+	return nil
 }
 
 func Gettimeofday(tv *Timeval) (err error) {
@@ -888,11 +872,6 @@ const socket_error = uintptr(^uint32(0))
 //sys	GetACP() (acp uint32) = kernel32.GetACP
 //sys	MultiByteToWideChar(codePage uint32, dwFlags uint32, str *byte, nstr int32, wchar *uint16, nwchar int32) (nwrite int32, err error) = kernel32.MultiByteToWideChar
 //sys	getBestInterfaceEx(sockaddr unsafe.Pointer, pdwBestIfIndex *uint32) (errcode error) = iphlpapi.GetBestInterfaceEx
-//sys   GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) = iphlpapi.GetIfEntry2Ex
-//sys   GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) = iphlpapi.GetUnicastIpAddressEntry
-//sys   NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyIpInterfaceChange
-//sys   NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) = iphlpapi.NotifyUnicastIpAddressChange
-//sys   CancelMibChangeNotify2(notificationHandle Handle) (errcode error) = iphlpapi.CancelMibChangeNotify2
 
 // For testing: clients can set this flag to force
 // creation of IPv6 sockets to return EAFNOSUPPORT.
@@ -1377,11 +1356,9 @@ func SetsockoptLinger(fd Handle, level, opt int, l *Linger) (err error) {
 func SetsockoptInet4Addr(fd Handle, level, opt int, value [4]byte) (err error) {
 	return Setsockopt(fd, int32(level), int32(opt), (*byte)(unsafe.Pointer(&value[0])), 4)
 }
-
 func SetsockoptIPMreq(fd Handle, level, opt int, mreq *IPMreq) (err error) {
 	return Setsockopt(fd, int32(level), int32(opt), (*byte)(unsafe.Pointer(mreq)), int32(unsafe.Sizeof(*mreq)))
 }
-
 func SetsockoptIPv6Mreq(fd Handle, level, opt int, mreq *IPv6Mreq) (err error) {
 	return syscall.EWINDOWS
 }
@@ -1684,16 +1661,13 @@ func (s NTStatus) Error() string {
 // do not use NTUnicodeString, and instead UTF16PtrFromString should be used for
 // the more common *uint16 string type.
 func NewNTUnicodeString(s string) (*NTUnicodeString, error) {
-	s16, err := UTF16FromString(s)
+	var u NTUnicodeString
+	s16, err := UTF16PtrFromString(s)
 	if err != nil {
 		return nil, err
 	}
-	n := uint16(len(s16) * 2)
-	return &NTUnicodeString{
-		Length:        n - 2, // subtract 2 bytes for the NULL terminator
-		MaximumLength: n,
-		Buffer:        &s16[0],
-	}, nil
+	RtlInitUnicodeString(&u, s16)
+	return &u, nil
 }
 
 // Slice returns a uint16 slice that aliases the data in the NTUnicodeString.
@@ -1860,73 +1834,3 @@ func ResizePseudoConsole(pconsole Handle, size Coord) error {
 	// accept arguments that can be casted to uintptr, and Coord can't.
 	return resizePseudoConsole(pconsole, *((*uint32)(unsafe.Pointer(&size))))
 }
-
-// DCB constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/ns-winbase-dcb.
-const (
-	CBR_110    = 110
-	CBR_300    = 300
-	CBR_600    = 600
-	CBR_1200   = 1200
-	CBR_2400   = 2400
-	CBR_4800   = 4800
-	CBR_9600   = 9600
-	CBR_14400  = 14400
-	CBR_19200  = 19200
-	CBR_38400  = 38400
-	CBR_57600  = 57600
-	CBR_115200 = 115200
-	CBR_128000 = 128000
-	CBR_256000 = 256000
-
-	DTR_CONTROL_DISABLE   = 0x00000000
-	DTR_CONTROL_ENABLE    = 0x00000010
-	DTR_CONTROL_HANDSHAKE = 0x00000020
-
-	RTS_CONTROL_DISABLE   = 0x00000000
-	RTS_CONTROL_ENABLE    = 0x00001000
-	RTS_CONTROL_HANDSHAKE = 0x00002000
-	RTS_CONTROL_TOGGLE    = 0x00003000
-
-	NOPARITY    = 0
-	ODDPARITY   = 1
-	EVENPARITY  = 2
-	MARKPARITY  = 3
-	SPACEPARITY = 4
-
-	ONESTOPBIT   = 0
-	ONE5STOPBITS = 1
-	TWOSTOPBITS  = 2
-)
-
-// EscapeCommFunction constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-escapecommfunction.
-const (
-	SETXOFF  = 1
-	SETXON   = 2
-	SETRTS   = 3
-	CLRRTS   = 4
-	SETDTR   = 5
-	CLRDTR   = 6
-	SETBREAK = 8
-	CLRBREAK = 9
-)
-
-// PurgeComm constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-purgecomm.
-const (
-	PURGE_TXABORT = 0x0001
-	PURGE_RXABORT = 0x0002
-	PURGE_TXCLEAR = 0x0004
-	PURGE_RXCLEAR = 0x0008
-)
-
-// SetCommMask constants. See https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-setcommmask.
-const (
-	EV_RXCHAR  = 0x0001
-	EV_RXFLAG  = 0x0002
-	EV_TXEMPTY = 0x0004
-	EV_CTS     = 0x0008
-	EV_DSR     = 0x0010
-	EV_RLSD    = 0x0020
-	EV_BREAK   = 0x0040
-	EV_ERR     = 0x0080
-	EV_RING    = 0x0100
-)
diff --git a/vendor/golang.org/x/sys/windows/types_windows.go b/vendor/golang.org/x/sys/windows/types_windows.go
index 9d138de5f..359780f6a 100644
--- a/vendor/golang.org/x/sys/windows/types_windows.go
+++ b/vendor/golang.org/x/sys/windows/types_windows.go
@@ -176,7 +176,6 @@ const (
 	WAIT_FAILED    = 0xFFFFFFFF
 
 	// Access rights for process.
-	PROCESS_ALL_ACCESS                = 0xFFFF
 	PROCESS_CREATE_PROCESS            = 0x0080
 	PROCESS_CREATE_THREAD             = 0x0002
 	PROCESS_DUP_HANDLE                = 0x0040
@@ -1061,7 +1060,6 @@ const (
 	SIO_GET_EXTENSION_FUNCTION_POINTER = IOC_INOUT | IOC_WS2 | 6
 	SIO_KEEPALIVE_VALS                 = IOC_IN | IOC_VENDOR | 4
 	SIO_UDP_CONNRESET                  = IOC_IN | IOC_VENDOR | 12
-	SIO_UDP_NETRESET                   = IOC_IN | IOC_VENDOR | 15
 
 	// cf. http://support.microsoft.com/default.aspx?scid=kb;en-us;257460
 
@@ -2005,21 +2003,7 @@ const (
 	MOVEFILE_FAIL_IF_NOT_TRACKABLE = 0x20
 )
 
-// Flags for GetAdaptersAddresses, see
-// https://learn.microsoft.com/en-us/windows/win32/api/iphlpapi/nf-iphlpapi-getadaptersaddresses.
-const (
-	GAA_FLAG_SKIP_UNICAST                = 0x1
-	GAA_FLAG_SKIP_ANYCAST                = 0x2
-	GAA_FLAG_SKIP_MULTICAST              = 0x4
-	GAA_FLAG_SKIP_DNS_SERVER             = 0x8
-	GAA_FLAG_INCLUDE_PREFIX              = 0x10
-	GAA_FLAG_SKIP_FRIENDLY_NAME          = 0x20
-	GAA_FLAG_INCLUDE_WINS_INFO           = 0x40
-	GAA_FLAG_INCLUDE_GATEWAYS            = 0x80
-	GAA_FLAG_INCLUDE_ALL_INTERFACES      = 0x100
-	GAA_FLAG_INCLUDE_ALL_COMPARTMENTS    = 0x200
-	GAA_FLAG_INCLUDE_TUNNEL_BINDINGORDER = 0x400
-)
+const GAA_FLAG_INCLUDE_PREFIX = 0x00000010
 
 const (
 	IF_TYPE_OTHER              = 1
@@ -2033,50 +2017,6 @@ const (
 	IF_TYPE_IEEE1394           = 144
 )
 
-// Enum NL_PREFIX_ORIGIN for [IpAdapterUnicastAddress], see
-// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_prefix_origin
-const (
-	IpPrefixOriginOther               = 0
-	IpPrefixOriginManual              = 1
-	IpPrefixOriginWellKnown           = 2
-	IpPrefixOriginDhcp                = 3
-	IpPrefixOriginRouterAdvertisement = 4
-	IpPrefixOriginUnchanged           = 1 << 4
-)
-
-// Enum NL_SUFFIX_ORIGIN for [IpAdapterUnicastAddress], see
-// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_suffix_origin
-const (
-	NlsoOther                      = 0
-	NlsoManual                     = 1
-	NlsoWellKnown                  = 2
-	NlsoDhcp                       = 3
-	NlsoLinkLayerAddress           = 4
-	NlsoRandom                     = 5
-	IpSuffixOriginOther            = 0
-	IpSuffixOriginManual           = 1
-	IpSuffixOriginWellKnown        = 2
-	IpSuffixOriginDhcp             = 3
-	IpSuffixOriginLinkLayerAddress = 4
-	IpSuffixOriginRandom           = 5
-	IpSuffixOriginUnchanged        = 1 << 4
-)
-
-// Enum NL_DAD_STATE for [IpAdapterUnicastAddress], see
-// https://learn.microsoft.com/en-us/windows/win32/api/nldef/ne-nldef-nl_dad_state
-const (
-	NldsInvalid          = 0
-	NldsTentative        = 1
-	NldsDuplicate        = 2
-	NldsDeprecated       = 3
-	NldsPreferred        = 4
-	IpDadStateInvalid    = 0
-	IpDadStateTentative  = 1
-	IpDadStateDuplicate  = 2
-	IpDadStateDeprecated = 3
-	IpDadStatePreferred  = 4
-)
-
 type SocketAddress struct {
 	Sockaddr       *syscall.RawSockaddrAny
 	SockaddrLength int32
@@ -2204,132 +2144,6 @@ const (
 	IfOperStatusLowerLayerDown = 7
 )
 
-const (
-	IF_MAX_PHYS_ADDRESS_LENGTH = 32
-	IF_MAX_STRING_SIZE         = 256
-)
-
-// MIB_IF_ENTRY_LEVEL enumeration from netioapi.h or
-// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/nf-netioapi-getifentry2ex.
-const (
-	MibIfEntryNormal                  = 0
-	MibIfEntryNormalWithoutStatistics = 2
-)
-
-// MIB_NOTIFICATION_TYPE enumeration from netioapi.h or
-// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ne-netioapi-mib_notification_type.
-const (
-	MibParameterNotification = 0
-	MibAddInstance           = 1
-	MibDeleteInstance        = 2
-	MibInitialNotification   = 3
-)
-
-// MibIfRow2 stores information about a particular interface. See
-// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_if_row2.
-type MibIfRow2 struct {
-	InterfaceLuid               uint64
-	InterfaceIndex              uint32
-	InterfaceGuid               GUID
-	Alias                       [IF_MAX_STRING_SIZE + 1]uint16
-	Description                 [IF_MAX_STRING_SIZE + 1]uint16
-	PhysicalAddressLength       uint32
-	PhysicalAddress             [IF_MAX_PHYS_ADDRESS_LENGTH]uint8
-	PermanentPhysicalAddress    [IF_MAX_PHYS_ADDRESS_LENGTH]uint8
-	Mtu                         uint32
-	Type                        uint32
-	TunnelType                  uint32
-	MediaType                   uint32
-	PhysicalMediumType          uint32
-	AccessType                  uint32
-	DirectionType               uint32
-	InterfaceAndOperStatusFlags uint8
-	OperStatus                  uint32
-	AdminStatus                 uint32
-	MediaConnectState           uint32
-	NetworkGuid                 GUID
-	ConnectionType              uint32
-	TransmitLinkSpeed           uint64
-	ReceiveLinkSpeed            uint64
-	InOctets                    uint64
-	InUcastPkts                 uint64
-	InNUcastPkts                uint64
-	InDiscards                  uint64
-	InErrors                    uint64
-	InUnknownProtos             uint64
-	InUcastOctets               uint64
-	InMulticastOctets           uint64
-	InBroadcastOctets           uint64
-	OutOctets                   uint64
-	OutUcastPkts                uint64
-	OutNUcastPkts               uint64
-	OutDiscards                 uint64
-	OutErrors                   uint64
-	OutUcastOctets              uint64
-	OutMulticastOctets          uint64
-	OutBroadcastOctets          uint64
-	OutQLen                     uint64
-}
-
-// MIB_UNICASTIPADDRESS_ROW stores information about a unicast IP address. See
-// https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_unicastipaddress_row.
-type MibUnicastIpAddressRow struct {
-	Address            RawSockaddrInet6 // SOCKADDR_INET union
-	InterfaceLuid      uint64
-	InterfaceIndex     uint32
-	PrefixOrigin       uint32
-	SuffixOrigin       uint32
-	ValidLifetime      uint32
-	PreferredLifetime  uint32
-	OnLinkPrefixLength uint8
-	SkipAsSource       uint8
-	DadState           uint32
-	ScopeId            uint32
-	CreationTimeStamp  Filetime
-}
-
-const ScopeLevelCount = 16
-
-// MIB_IPINTERFACE_ROW stores interface management information for a particular IP address family on a network interface.
-// See https://learn.microsoft.com/en-us/windows/win32/api/netioapi/ns-netioapi-mib_ipinterface_row.
-type MibIpInterfaceRow struct {
-	Family                               uint16
-	InterfaceLuid                        uint64
-	InterfaceIndex                       uint32
-	MaxReassemblySize                    uint32
-	InterfaceIdentifier                  uint64
-	MinRouterAdvertisementInterval       uint32
-	MaxRouterAdvertisementInterval       uint32
-	AdvertisingEnabled                   uint8
-	ForwardingEnabled                    uint8
-	WeakHostSend                         uint8
-	WeakHostReceive                      uint8
-	UseAutomaticMetric                   uint8
-	UseNeighborUnreachabilityDetection   uint8
-	ManagedAddressConfigurationSupported uint8
-	OtherStatefulConfigurationSupported  uint8
-	AdvertiseDefaultRoute                uint8
-	RouterDiscoveryBehavior              uint32
-	DadTransmits                         uint32
-	BaseReachableTime                    uint32
-	RetransmitTime                       uint32
-	PathMtuDiscoveryTimeout              uint32
-	LinkLocalAddressBehavior             uint32
-	LinkLocalAddressTimeout              uint32
-	ZoneIndices                          [ScopeLevelCount]uint32
-	SitePrefixLength                     uint32
-	Metric                               uint32
-	NlMtu                                uint32
-	Connected                            uint8
-	SupportsWakeUpPatterns               uint8
-	SupportsNeighborDiscovery            uint8
-	SupportsRouterDiscovery              uint8
-	ReachableTime                        uint32
-	TransmitOffload                      uint32
-	ReceiveOffload                       uint32
-	DisableDefaultRoutes                 uint8
-}
-
 // Console related constants used for the mode parameter to SetConsoleMode. See
 // https://docs.microsoft.com/en-us/windows/console/setconsolemode for details.
 
@@ -3566,38 +3380,3 @@ type BLOB struct {
 	Size     uint32
 	BlobData *byte
 }
-
-type ComStat struct {
-	Flags    uint32
-	CBInQue  uint32
-	CBOutQue uint32
-}
-
-type DCB struct {
-	DCBlength  uint32
-	BaudRate   uint32
-	Flags      uint32
-	wReserved  uint16
-	XonLim     uint16
-	XoffLim    uint16
-	ByteSize   uint8
-	Parity     uint8
-	StopBits   uint8
-	XonChar    byte
-	XoffChar   byte
-	ErrorChar  byte
-	EofChar    byte
-	EvtChar    byte
-	wReserved1 uint16
-}
-
-// Keyboard Layout Flags.
-// See https://learn.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-loadkeyboardlayoutw
-const (
-	KLF_ACTIVATE      = 0x00000001
-	KLF_SUBSTITUTE_OK = 0x00000002
-	KLF_REORDER       = 0x00000008
-	KLF_REPLACELANG   = 0x00000010
-	KLF_NOTELLSHELL   = 0x00000080
-	KLF_SETFORPROCESS = 0x00000100
-)
diff --git a/vendor/golang.org/x/sys/windows/zsyscall_windows.go b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
index 01c0716c2..e8791c82c 100644
--- a/vendor/golang.org/x/sys/windows/zsyscall_windows.go
+++ b/vendor/golang.org/x/sys/windows/zsyscall_windows.go
@@ -91,7 +91,6 @@ var (
 	procEnumServicesStatusExW                                = modadvapi32.NewProc("EnumServicesStatusExW")
 	procEqualSid                                             = modadvapi32.NewProc("EqualSid")
 	procFreeSid                                              = modadvapi32.NewProc("FreeSid")
-	procGetAce                                               = modadvapi32.NewProc("GetAce")
 	procGetLengthSid                                         = modadvapi32.NewProc("GetLengthSid")
 	procGetNamedSecurityInfoW                                = modadvapi32.NewProc("GetNamedSecurityInfoW")
 	procGetSecurityDescriptorControl                         = modadvapi32.NewProc("GetSecurityDescriptorControl")
@@ -181,21 +180,14 @@ var (
 	procDnsRecordListFree                                    = moddnsapi.NewProc("DnsRecordListFree")
 	procDwmGetWindowAttribute                                = moddwmapi.NewProc("DwmGetWindowAttribute")
 	procDwmSetWindowAttribute                                = moddwmapi.NewProc("DwmSetWindowAttribute")
-	procCancelMibChangeNotify2                               = modiphlpapi.NewProc("CancelMibChangeNotify2")
 	procGetAdaptersAddresses                                 = modiphlpapi.NewProc("GetAdaptersAddresses")
 	procGetAdaptersInfo                                      = modiphlpapi.NewProc("GetAdaptersInfo")
 	procGetBestInterfaceEx                                   = modiphlpapi.NewProc("GetBestInterfaceEx")
 	procGetIfEntry                                           = modiphlpapi.NewProc("GetIfEntry")
-	procGetIfEntry2Ex                                        = modiphlpapi.NewProc("GetIfEntry2Ex")
-	procGetUnicastIpAddressEntry                             = modiphlpapi.NewProc("GetUnicastIpAddressEntry")
-	procNotifyIpInterfaceChange                              = modiphlpapi.NewProc("NotifyIpInterfaceChange")
-	procNotifyUnicastIpAddressChange                         = modiphlpapi.NewProc("NotifyUnicastIpAddressChange")
 	procAddDllDirectory                                      = modkernel32.NewProc("AddDllDirectory")
 	procAssignProcessToJobObject                             = modkernel32.NewProc("AssignProcessToJobObject")
 	procCancelIo                                             = modkernel32.NewProc("CancelIo")
 	procCancelIoEx                                           = modkernel32.NewProc("CancelIoEx")
-	procClearCommBreak                                       = modkernel32.NewProc("ClearCommBreak")
-	procClearCommError                                       = modkernel32.NewProc("ClearCommError")
 	procCloseHandle                                          = modkernel32.NewProc("CloseHandle")
 	procClosePseudoConsole                                   = modkernel32.NewProc("ClosePseudoConsole")
 	procConnectNamedPipe                                     = modkernel32.NewProc("ConnectNamedPipe")
@@ -220,9 +212,7 @@ var (
 	procDeleteProcThreadAttributeList                        = modkernel32.NewProc("DeleteProcThreadAttributeList")
 	procDeleteVolumeMountPointW                              = modkernel32.NewProc("DeleteVolumeMountPointW")
 	procDeviceIoControl                                      = modkernel32.NewProc("DeviceIoControl")
-	procDisconnectNamedPipe                                  = modkernel32.NewProc("DisconnectNamedPipe")
 	procDuplicateHandle                                      = modkernel32.NewProc("DuplicateHandle")
-	procEscapeCommFunction                                   = modkernel32.NewProc("EscapeCommFunction")
 	procExitProcess                                          = modkernel32.NewProc("ExitProcess")
 	procExpandEnvironmentStringsW                            = modkernel32.NewProc("ExpandEnvironmentStringsW")
 	procFindClose                                            = modkernel32.NewProc("FindClose")
@@ -246,15 +236,11 @@ var (
 	procGenerateConsoleCtrlEvent                             = modkernel32.NewProc("GenerateConsoleCtrlEvent")
 	procGetACP                                               = modkernel32.NewProc("GetACP")
 	procGetActiveProcessorCount                              = modkernel32.NewProc("GetActiveProcessorCount")
-	procGetCommModemStatus                                   = modkernel32.NewProc("GetCommModemStatus")
-	procGetCommState                                         = modkernel32.NewProc("GetCommState")
 	procGetCommTimeouts                                      = modkernel32.NewProc("GetCommTimeouts")
 	procGetCommandLineW                                      = modkernel32.NewProc("GetCommandLineW")
 	procGetComputerNameExW                                   = modkernel32.NewProc("GetComputerNameExW")
 	procGetComputerNameW                                     = modkernel32.NewProc("GetComputerNameW")
-	procGetConsoleCP                                         = modkernel32.NewProc("GetConsoleCP")
 	procGetConsoleMode                                       = modkernel32.NewProc("GetConsoleMode")
-	procGetConsoleOutputCP                                   = modkernel32.NewProc("GetConsoleOutputCP")
 	procGetConsoleScreenBufferInfo                           = modkernel32.NewProc("GetConsoleScreenBufferInfo")
 	procGetCurrentDirectoryW                                 = modkernel32.NewProc("GetCurrentDirectoryW")
 	procGetCurrentProcessId                                  = modkernel32.NewProc("GetCurrentProcessId")
@@ -280,10 +266,8 @@ var (
 	procGetMaximumProcessorCount                             = modkernel32.NewProc("GetMaximumProcessorCount")
 	procGetModuleFileNameW                                   = modkernel32.NewProc("GetModuleFileNameW")
 	procGetModuleHandleExW                                   = modkernel32.NewProc("GetModuleHandleExW")
-	procGetNamedPipeClientProcessId                          = modkernel32.NewProc("GetNamedPipeClientProcessId")
 	procGetNamedPipeHandleStateW                             = modkernel32.NewProc("GetNamedPipeHandleStateW")
 	procGetNamedPipeInfo                                     = modkernel32.NewProc("GetNamedPipeInfo")
-	procGetNamedPipeServerProcessId                          = modkernel32.NewProc("GetNamedPipeServerProcessId")
 	procGetOverlappedResult                                  = modkernel32.NewProc("GetOverlappedResult")
 	procGetPriorityClass                                     = modkernel32.NewProc("GetPriorityClass")
 	procGetProcAddress                                       = modkernel32.NewProc("GetProcAddress")
@@ -338,7 +322,6 @@ var (
 	procProcess32NextW                                       = modkernel32.NewProc("Process32NextW")
 	procProcessIdToSessionId                                 = modkernel32.NewProc("ProcessIdToSessionId")
 	procPulseEvent                                           = modkernel32.NewProc("PulseEvent")
-	procPurgeComm                                            = modkernel32.NewProc("PurgeComm")
 	procQueryDosDeviceW                                      = modkernel32.NewProc("QueryDosDeviceW")
 	procQueryFullProcessImageNameW                           = modkernel32.NewProc("QueryFullProcessImageNameW")
 	procQueryInformationJobObject                            = modkernel32.NewProc("QueryInformationJobObject")
@@ -352,18 +335,14 @@ var (
 	procResetEvent                                           = modkernel32.NewProc("ResetEvent")
 	procResizePseudoConsole                                  = modkernel32.NewProc("ResizePseudoConsole")
 	procResumeThread                                         = modkernel32.NewProc("ResumeThread")
-	procSetCommBreak                                         = modkernel32.NewProc("SetCommBreak")
-	procSetCommMask                                          = modkernel32.NewProc("SetCommMask")
-	procSetCommState                                         = modkernel32.NewProc("SetCommState")
 	procSetCommTimeouts                                      = modkernel32.NewProc("SetCommTimeouts")
-	procSetConsoleCP                                         = modkernel32.NewProc("SetConsoleCP")
 	procSetConsoleCursorPosition                             = modkernel32.NewProc("SetConsoleCursorPosition")
 	procSetConsoleMode                                       = modkernel32.NewProc("SetConsoleMode")
-	procSetConsoleOutputCP                                   = modkernel32.NewProc("SetConsoleOutputCP")
 	procSetCurrentDirectoryW                                 = modkernel32.NewProc("SetCurrentDirectoryW")
 	procSetDefaultDllDirectories                             = modkernel32.NewProc("SetDefaultDllDirectories")
 	procSetDllDirectoryW                                     = modkernel32.NewProc("SetDllDirectoryW")
 	procSetEndOfFile                                         = modkernel32.NewProc("SetEndOfFile")
+	procSetFileValidData                                     = modkernel32.NewProc("SetFileValidData")
 	procSetEnvironmentVariableW                              = modkernel32.NewProc("SetEnvironmentVariableW")
 	procSetErrorMode                                         = modkernel32.NewProc("SetErrorMode")
 	procSetEvent                                             = modkernel32.NewProc("SetEvent")
@@ -372,7 +351,6 @@ var (
 	procSetFileInformationByHandle                           = modkernel32.NewProc("SetFileInformationByHandle")
 	procSetFilePointer                                       = modkernel32.NewProc("SetFilePointer")
 	procSetFileTime                                          = modkernel32.NewProc("SetFileTime")
-	procSetFileValidData                                     = modkernel32.NewProc("SetFileValidData")
 	procSetHandleInformation                                 = modkernel32.NewProc("SetHandleInformation")
 	procSetInformationJobObject                              = modkernel32.NewProc("SetInformationJobObject")
 	procSetNamedPipeHandleState                              = modkernel32.NewProc("SetNamedPipeHandleState")
@@ -383,7 +361,6 @@ var (
 	procSetStdHandle                                         = modkernel32.NewProc("SetStdHandle")
 	procSetVolumeLabelW                                      = modkernel32.NewProc("SetVolumeLabelW")
 	procSetVolumeMountPointW                                 = modkernel32.NewProc("SetVolumeMountPointW")
-	procSetupComm                                            = modkernel32.NewProc("SetupComm")
 	procSizeofResource                                       = modkernel32.NewProc("SizeofResource")
 	procSleepEx                                              = modkernel32.NewProc("SleepEx")
 	procTerminateJobObject                                   = modkernel32.NewProc("TerminateJobObject")
@@ -402,7 +379,6 @@ var (
 	procVirtualQueryEx                                       = modkernel32.NewProc("VirtualQueryEx")
 	procVirtualUnlock                                        = modkernel32.NewProc("VirtualUnlock")
 	procWTSGetActiveConsoleSessionId                         = modkernel32.NewProc("WTSGetActiveConsoleSessionId")
-	procWaitCommEvent                                        = modkernel32.NewProc("WaitCommEvent")
 	procWaitForMultipleObjects                               = modkernel32.NewProc("WaitForMultipleObjects")
 	procWaitForSingleObject                                  = modkernel32.NewProc("WaitForSingleObject")
 	procWriteConsoleW                                        = modkernel32.NewProc("WriteConsoleW")
@@ -413,7 +389,6 @@ var (
 	procTransmitFile                                         = modmswsock.NewProc("TransmitFile")
 	procNetApiBufferFree                                     = modnetapi32.NewProc("NetApiBufferFree")
 	procNetGetJoinInformation                                = modnetapi32.NewProc("NetGetJoinInformation")
-	procNetUserEnum                                          = modnetapi32.NewProc("NetUserEnum")
 	procNetUserGetInfo                                       = modnetapi32.NewProc("NetUserGetInfo")
 	procNtCreateFile                                         = modntdll.NewProc("NtCreateFile")
 	procNtCreateNamedPipeFile                                = modntdll.NewProc("NtCreateNamedPipeFile")
@@ -489,16 +464,12 @@ var (
 	procGetDesktopWindow                                     = moduser32.NewProc("GetDesktopWindow")
 	procGetForegroundWindow                                  = moduser32.NewProc("GetForegroundWindow")
 	procGetGUIThreadInfo                                     = moduser32.NewProc("GetGUIThreadInfo")
-	procGetKeyboardLayout                                    = moduser32.NewProc("GetKeyboardLayout")
 	procGetShellWindow                                       = moduser32.NewProc("GetShellWindow")
 	procGetWindowThreadProcessId                             = moduser32.NewProc("GetWindowThreadProcessId")
 	procIsWindow                                             = moduser32.NewProc("IsWindow")
 	procIsWindowUnicode                                      = moduser32.NewProc("IsWindowUnicode")
 	procIsWindowVisible                                      = moduser32.NewProc("IsWindowVisible")
-	procLoadKeyboardLayoutW                                  = moduser32.NewProc("LoadKeyboardLayoutW")
 	procMessageBoxW                                          = moduser32.NewProc("MessageBoxW")
-	procToUnicodeEx                                          = moduser32.NewProc("ToUnicodeEx")
-	procUnloadKeyboardLayout                                 = moduser32.NewProc("UnloadKeyboardLayout")
 	procCreateEnvironmentBlock                               = moduserenv.NewProc("CreateEnvironmentBlock")
 	procDestroyEnvironmentBlock                              = moduserenv.NewProc("DestroyEnvironmentBlock")
 	procGetUserProfileDirectoryW                             = moduserenv.NewProc("GetUserProfileDirectoryW")
@@ -804,14 +775,6 @@ func FreeSid(sid *SID) (err error) {
 	return
 }
 
-func GetAce(acl *ACL, aceIndex uint32, pAce **ACCESS_ALLOWED_ACE) (err error) {
-	r1, _, e1 := syscall.Syscall(procGetAce.Addr(), 3, uintptr(unsafe.Pointer(acl)), uintptr(aceIndex), uintptr(unsafe.Pointer(pAce)))
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func GetLengthSid(sid *SID) (len uint32) {
 	r0, _, _ := syscall.Syscall(procGetLengthSid.Addr(), 1, uintptr(unsafe.Pointer(sid)), 0, 0)
 	len = uint32(r0)
@@ -1613,14 +1576,6 @@ func DwmSetWindowAttribute(hwnd HWND, attribute uint32, value unsafe.Pointer, si
 	return
 }
 
-func CancelMibChangeNotify2(notificationHandle Handle) (errcode error) {
-	r0, _, _ := syscall.Syscall(procCancelMibChangeNotify2.Addr(), 1, uintptr(notificationHandle), 0, 0)
-	if r0 != 0 {
-		errcode = syscall.Errno(r0)
-	}
-	return
-}
-
 func GetAdaptersAddresses(family uint32, flags uint32, reserved uintptr, adapterAddresses *IpAdapterAddresses, sizePointer *uint32) (errcode error) {
 	r0, _, _ := syscall.Syscall6(procGetAdaptersAddresses.Addr(), 5, uintptr(family), uintptr(flags), uintptr(reserved), uintptr(unsafe.Pointer(adapterAddresses)), uintptr(unsafe.Pointer(sizePointer)), 0)
 	if r0 != 0 {
@@ -1653,46 +1608,6 @@ func GetIfEntry(pIfRow *MibIfRow) (errcode error) {
 	return
 }
 
-func GetIfEntry2Ex(level uint32, row *MibIfRow2) (errcode error) {
-	r0, _, _ := syscall.Syscall(procGetIfEntry2Ex.Addr(), 2, uintptr(level), uintptr(unsafe.Pointer(row)), 0)
-	if r0 != 0 {
-		errcode = syscall.Errno(r0)
-	}
-	return
-}
-
-func GetUnicastIpAddressEntry(row *MibUnicastIpAddressRow) (errcode error) {
-	r0, _, _ := syscall.Syscall(procGetUnicastIpAddressEntry.Addr(), 1, uintptr(unsafe.Pointer(row)), 0, 0)
-	if r0 != 0 {
-		errcode = syscall.Errno(r0)
-	}
-	return
-}
-
-func NotifyIpInterfaceChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
-	var _p0 uint32
-	if initialNotification {
-		_p0 = 1
-	}
-	r0, _, _ := syscall.Syscall6(procNotifyIpInterfaceChange.Addr(), 5, uintptr(family), uintptr(callback), uintptr(callerContext), uintptr(_p0), uintptr(unsafe.Pointer(notificationHandle)), 0)
-	if r0 != 0 {
-		errcode = syscall.Errno(r0)
-	}
-	return
-}
-
-func NotifyUnicastIpAddressChange(family uint16, callback uintptr, callerContext unsafe.Pointer, initialNotification bool, notificationHandle *Handle) (errcode error) {
-	var _p0 uint32
-	if initialNotification {
-		_p0 = 1
-	}
-	r0, _, _ := syscall.Syscall6(procNotifyUnicastIpAddressChange.Addr(), 5, uintptr(family), uintptr(callback), uintptr(callerContext), uintptr(_p0), uintptr(unsafe.Pointer(notificationHandle)), 0)
-	if r0 != 0 {
-		errcode = syscall.Errno(r0)
-	}
-	return
-}
-
 func AddDllDirectory(path *uint16) (cookie uintptr, err error) {
 	r0, _, e1 := syscall.Syscall(procAddDllDirectory.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
 	cookie = uintptr(r0)
@@ -1726,22 +1641,6 @@ func CancelIoEx(s Handle, o *Overlapped) (err error) {
 	return
 }
 
-func ClearCommBreak(handle Handle) (err error) {
-	r1, _, e1 := syscall.Syscall(procClearCommBreak.Addr(), 1, uintptr(handle), 0, 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-func ClearCommError(handle Handle, lpErrors *uint32, lpStat *ComStat) (err error) {
-	r1, _, e1 := syscall.Syscall(procClearCommError.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(lpErrors)), uintptr(unsafe.Pointer(lpStat)))
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func CloseHandle(handle Handle) (err error) {
 	r1, _, e1 := syscall.Syscall(procCloseHandle.Addr(), 1, uintptr(handle), 0, 0)
 	if r1 == 0 {
@@ -1946,14 +1845,6 @@ func DeviceIoControl(handle Handle, ioControlCode uint32, inBuffer *byte, inBuff
 	return
 }
 
-func DisconnectNamedPipe(pipe Handle) (err error) {
-	r1, _, e1 := syscall.Syscall(procDisconnectNamedPipe.Addr(), 1, uintptr(pipe), 0, 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func DuplicateHandle(hSourceProcessHandle Handle, hSourceHandle Handle, hTargetProcessHandle Handle, lpTargetHandle *Handle, dwDesiredAccess uint32, bInheritHandle bool, dwOptions uint32) (err error) {
 	var _p0 uint32
 	if bInheritHandle {
@@ -1966,14 +1857,6 @@ func DuplicateHandle(hSourceProcessHandle Handle, hSourceHandle Handle, hTargetP
 	return
 }
 
-func EscapeCommFunction(handle Handle, dwFunc uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procEscapeCommFunction.Addr(), 2, uintptr(handle), uintptr(dwFunc), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func ExitProcess(exitcode uint32) {
 	syscall.Syscall(procExitProcess.Addr(), 1, uintptr(exitcode), 0, 0)
 	return
@@ -2175,22 +2058,6 @@ func GetActiveProcessorCount(groupNumber uint16) (ret uint32) {
 	return
 }
 
-func GetCommModemStatus(handle Handle, lpModemStat *uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procGetCommModemStatus.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(lpModemStat)), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-func GetCommState(handle Handle, lpDCB *DCB) (err error) {
-	r1, _, e1 := syscall.Syscall(procGetCommState.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(lpDCB)), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func GetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error) {
 	r1, _, e1 := syscall.Syscall(procGetCommTimeouts.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(timeouts)), 0)
 	if r1 == 0 {
@@ -2221,15 +2088,6 @@ func GetComputerName(buf *uint16, n *uint32) (err error) {
 	return
 }
 
-func GetConsoleCP() (cp uint32, err error) {
-	r0, _, e1 := syscall.Syscall(procGetConsoleCP.Addr(), 0, 0, 0, 0)
-	cp = uint32(r0)
-	if cp == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func GetConsoleMode(console Handle, mode *uint32) (err error) {
 	r1, _, e1 := syscall.Syscall(procGetConsoleMode.Addr(), 2, uintptr(console), uintptr(unsafe.Pointer(mode)), 0)
 	if r1 == 0 {
@@ -2238,15 +2096,6 @@ func GetConsoleMode(console Handle, mode *uint32) (err error) {
 	return
 }
 
-func GetConsoleOutputCP() (cp uint32, err error) {
-	r0, _, e1 := syscall.Syscall(procGetConsoleOutputCP.Addr(), 0, 0, 0, 0)
-	cp = uint32(r0)
-	if cp == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func GetConsoleScreenBufferInfo(console Handle, info *ConsoleScreenBufferInfo) (err error) {
 	r1, _, e1 := syscall.Syscall(procGetConsoleScreenBufferInfo.Addr(), 2, uintptr(console), uintptr(unsafe.Pointer(info)), 0)
 	if r1 == 0 {
@@ -2448,14 +2297,6 @@ func GetModuleHandleEx(flags uint32, moduleName *uint16, module *Handle) (err er
 	return
 }
 
-func GetNamedPipeClientProcessId(pipe Handle, clientProcessID *uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procGetNamedPipeClientProcessId.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(clientProcessID)), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func GetNamedPipeHandleState(pipe Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) {
 	r1, _, e1 := syscall.Syscall9(procGetNamedPipeHandleStateW.Addr(), 7, uintptr(pipe), uintptr(unsafe.Pointer(state)), uintptr(unsafe.Pointer(curInstances)), uintptr(unsafe.Pointer(maxCollectionCount)), uintptr(unsafe.Pointer(collectDataTimeout)), uintptr(unsafe.Pointer(userName)), uintptr(maxUserNameSize), 0, 0)
 	if r1 == 0 {
@@ -2472,14 +2313,6 @@ func GetNamedPipeInfo(pipe Handle, flags *uint32, outSize *uint32, inSize *uint3
 	return
 }
 
-func GetNamedPipeServerProcessId(pipe Handle, serverProcessID *uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procGetNamedPipeServerProcessId.Addr(), 2, uintptr(pipe), uintptr(unsafe.Pointer(serverProcessID)), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func GetOverlappedResult(handle Handle, overlapped *Overlapped, done *uint32, wait bool) (err error) {
 	var _p0 uint32
 	if wait {
@@ -2977,14 +2810,6 @@ func PulseEvent(event Handle) (err error) {
 	return
 }
 
-func PurgeComm(handle Handle, dwFlags uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procPurgeComm.Addr(), 2, uintptr(handle), uintptr(dwFlags), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func QueryDosDevice(deviceName *uint16, targetPath *uint16, max uint32) (n uint32, err error) {
 	r0, _, e1 := syscall.Syscall(procQueryDosDeviceW.Addr(), 3, uintptr(unsafe.Pointer(deviceName)), uintptr(unsafe.Pointer(targetPath)), uintptr(max))
 	n = uint32(r0)
@@ -3099,30 +2924,6 @@ func ResumeThread(thread Handle) (ret uint32, err error) {
 	return
 }
 
-func SetCommBreak(handle Handle) (err error) {
-	r1, _, e1 := syscall.Syscall(procSetCommBreak.Addr(), 1, uintptr(handle), 0, 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-func SetCommMask(handle Handle, dwEvtMask uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procSetCommMask.Addr(), 2, uintptr(handle), uintptr(dwEvtMask), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
-func SetCommState(handle Handle, lpDCB *DCB) (err error) {
-	r1, _, e1 := syscall.Syscall(procSetCommState.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(lpDCB)), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func SetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetCommTimeouts.Addr(), 2, uintptr(handle), uintptr(unsafe.Pointer(timeouts)), 0)
 	if r1 == 0 {
@@ -3131,14 +2932,6 @@ func SetCommTimeouts(handle Handle, timeouts *CommTimeouts) (err error) {
 	return
 }
 
-func SetConsoleCP(cp uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procSetConsoleCP.Addr(), 1, uintptr(cp), 0, 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func setConsoleCursorPosition(console Handle, position uint32) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetConsoleCursorPosition.Addr(), 2, uintptr(console), uintptr(position), 0)
 	if r1 == 0 {
@@ -3155,14 +2948,6 @@ func SetConsoleMode(console Handle, mode uint32) (err error) {
 	return
 }
 
-func SetConsoleOutputCP(cp uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procSetConsoleOutputCP.Addr(), 1, uintptr(cp), 0, 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func SetCurrentDirectory(path *uint16) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetCurrentDirectoryW.Addr(), 1, uintptr(unsafe.Pointer(path)), 0, 0)
 	if r1 == 0 {
@@ -3204,6 +2989,14 @@ func SetEndOfFile(handle Handle) (err error) {
 	return
 }
 
+func SetFileValidData(handle Handle, validDataLength int64) (err error) {
+	r1, _, e1 := syscall.Syscall(procSetFileValidData.Addr(), 2, uintptr(handle), uintptr(validDataLength), 0)
+	if r1 == 0 {
+		err = errnoErr(e1)
+	}
+	return
+}
+
 func SetEnvironmentVariable(name *uint16, value *uint16) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetEnvironmentVariableW.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(unsafe.Pointer(value)), 0)
 	if r1 == 0 {
@@ -3267,14 +3060,6 @@ func SetFileTime(handle Handle, ctime *Filetime, atime *Filetime, wtime *Filetim
 	return
 }
 
-func SetFileValidData(handle Handle, validDataLength int64) (err error) {
-	r1, _, e1 := syscall.Syscall(procSetFileValidData.Addr(), 2, uintptr(handle), uintptr(validDataLength), 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func SetHandleInformation(handle Handle, mask uint32, flags uint32) (err error) {
 	r1, _, e1 := syscall.Syscall(procSetHandleInformation.Addr(), 3, uintptr(handle), uintptr(mask), uintptr(flags))
 	if r1 == 0 {
@@ -3360,14 +3145,6 @@ func SetVolumeMountPoint(volumeMountPoint *uint16, volumeName *uint16) (err erro
 	return
 }
 
-func SetupComm(handle Handle, dwInQueue uint32, dwOutQueue uint32) (err error) {
-	r1, _, e1 := syscall.Syscall(procSetupComm.Addr(), 3, uintptr(handle), uintptr(dwInQueue), uintptr(dwOutQueue))
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func SizeofResource(module Handle, resInfo Handle) (size uint32, err error) {
 	r0, _, e1 := syscall.Syscall(procSizeofResource.Addr(), 2, uintptr(module), uintptr(resInfo), 0)
 	size = uint32(r0)
@@ -3514,14 +3291,6 @@ func WTSGetActiveConsoleSessionId() (sessionID uint32) {
 	return
 }
 
-func WaitCommEvent(handle Handle, lpEvtMask *uint32, lpOverlapped *Overlapped) (err error) {
-	r1, _, e1 := syscall.Syscall(procWaitCommEvent.Addr(), 3, uintptr(handle), uintptr(unsafe.Pointer(lpEvtMask)), uintptr(unsafe.Pointer(lpOverlapped)))
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func waitForMultipleObjects(count uint32, handles uintptr, waitAll bool, waitMilliseconds uint32) (event uint32, err error) {
 	var _p0 uint32
 	if waitAll {
@@ -3609,14 +3378,6 @@ func NetGetJoinInformation(server *uint16, name **uint16, bufType *uint32) (nete
 	return
 }
 
-func NetUserEnum(serverName *uint16, level uint32, filter uint32, buf **byte, prefMaxLen uint32, entriesRead *uint32, totalEntries *uint32, resumeHandle *uint32) (neterr error) {
-	r0, _, _ := syscall.Syscall9(procNetUserEnum.Addr(), 8, uintptr(unsafe.Pointer(serverName)), uintptr(level), uintptr(filter), uintptr(unsafe.Pointer(buf)), uintptr(prefMaxLen), uintptr(unsafe.Pointer(entriesRead)), uintptr(unsafe.Pointer(totalEntries)), uintptr(unsafe.Pointer(resumeHandle)), 0)
-	if r0 != 0 {
-		neterr = syscall.Errno(r0)
-	}
-	return
-}
-
 func NetUserGetInfo(serverName *uint16, userName *uint16, level uint32, buf **byte) (neterr error) {
 	r0, _, _ := syscall.Syscall6(procNetUserGetInfo.Addr(), 4, uintptr(unsafe.Pointer(serverName)), uintptr(unsafe.Pointer(userName)), uintptr(level), uintptr(unsafe.Pointer(buf)), 0, 0)
 	if r0 != 0 {
@@ -4195,12 +3956,6 @@ func GetGUIThreadInfo(thread uint32, info *GUIThreadInfo) (err error) {
 	return
 }
 
-func GetKeyboardLayout(tid uint32) (hkl Handle) {
-	r0, _, _ := syscall.Syscall(procGetKeyboardLayout.Addr(), 1, uintptr(tid), 0, 0)
-	hkl = Handle(r0)
-	return
-}
-
 func GetShellWindow() (shellWindow HWND) {
 	r0, _, _ := syscall.Syscall(procGetShellWindow.Addr(), 0, 0, 0, 0)
 	shellWindow = HWND(r0)
@@ -4234,15 +3989,6 @@ func IsWindowVisible(hwnd HWND) (isVisible bool) {
 	return
 }
 
-func LoadKeyboardLayout(name *uint16, flags uint32) (hkl Handle, err error) {
-	r0, _, e1 := syscall.Syscall(procLoadKeyboardLayoutW.Addr(), 2, uintptr(unsafe.Pointer(name)), uintptr(flags), 0)
-	hkl = Handle(r0)
-	if hkl == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret int32, err error) {
 	r0, _, e1 := syscall.Syscall6(procMessageBoxW.Addr(), 4, uintptr(hwnd), uintptr(unsafe.Pointer(text)), uintptr(unsafe.Pointer(caption)), uintptr(boxtype), 0, 0)
 	ret = int32(r0)
@@ -4252,20 +3998,6 @@ func MessageBox(hwnd HWND, text *uint16, caption *uint16, boxtype uint32) (ret i
 	return
 }
 
-func ToUnicodeEx(vkey uint32, scancode uint32, keystate *byte, pwszBuff *uint16, cchBuff int32, flags uint32, hkl Handle) (ret int32) {
-	r0, _, _ := syscall.Syscall9(procToUnicodeEx.Addr(), 7, uintptr(vkey), uintptr(scancode), uintptr(unsafe.Pointer(keystate)), uintptr(unsafe.Pointer(pwszBuff)), uintptr(cchBuff), uintptr(flags), uintptr(hkl), 0, 0)
-	ret = int32(r0)
-	return
-}
-
-func UnloadKeyboardLayout(hkl Handle) (err error) {
-	r1, _, e1 := syscall.Syscall(procUnloadKeyboardLayout.Addr(), 1, uintptr(hkl), 0, 0)
-	if r1 == 0 {
-		err = errnoErr(e1)
-	}
-	return
-}
-
 func CreateEnvironmentBlock(block **uint16, token Token, inheritExisting bool) (err error) {
 	var _p0 uint32
 	if inheritExisting {
diff --git a/vendor/golang.org/x/text/LICENSE b/vendor/golang.org/x/text/LICENSE
index 2a7cf70da..6a66aea5e 100644
--- a/vendor/golang.org/x/text/LICENSE
+++ b/vendor/golang.org/x/text/LICENSE
@@ -1,4 +1,4 @@
-Copyright 2009 The Go Authors.
+Copyright (c) 2009 The Go Authors. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
@@ -10,7 +10,7 @@ notice, this list of conditions and the following disclaimer.
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
-   * Neither the name of Google LLC nor the names of its
+   * Neither the name of Google Inc. nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 
diff --git a/vendor/google.golang.org/protobuf/encoding/prototext/decode.go b/vendor/google.golang.org/protobuf/encoding/prototext/decode.go
index 24bc98ac4..a45f112bc 100644
--- a/vendor/google.golang.org/protobuf/encoding/prototext/decode.go
+++ b/vendor/google.golang.org/protobuf/encoding/prototext/decode.go
@@ -84,7 +84,7 @@ type decoder struct {
 }
 
 // newError returns an error object with position info.
-func (d decoder) newError(pos int, f string, x ...any) error {
+func (d decoder) newError(pos int, f string, x ...interface{}) error {
 	line, column := d.Position(pos)
 	head := fmt.Sprintf("(line %d:%d): ", line, column)
 	return errors.New(head+f, x...)
@@ -96,7 +96,7 @@ func (d decoder) unexpectedTokenError(tok text.Token) error {
 }
 
 // syntaxError returns a syntax error for given position.
-func (d decoder) syntaxError(pos int, f string, x ...any) error {
+func (d decoder) syntaxError(pos int, f string, x ...interface{}) error {
 	line, column := d.Position(pos)
 	head := fmt.Sprintf("syntax error (line %d:%d): ", line, column)
 	return errors.New(head+f, x...)
diff --git a/vendor/google.golang.org/protobuf/encoding/prototext/encode.go b/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
index 1f57e6610..95967e811 100644
--- a/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
+++ b/vendor/google.golang.org/protobuf/encoding/prototext/encode.go
@@ -27,17 +27,15 @@ const defaultIndent = "  "
 
 // Format formats the message as a multiline string.
 // This function is only intended for human consumption and ignores errors.
-// Do not depend on the output being stable. Its output will change across
-// different builds of your program, even when using the same version of the
-// protobuf module.
+// Do not depend on the output being stable. It may change over time across
+// different versions of the program.
 func Format(m proto.Message) string {
 	return MarshalOptions{Multiline: true}.Format(m)
 }
 
 // Marshal writes the given [proto.Message] in textproto format using default
-// options. Do not depend on the output being stable. Its output will change
-// across different builds of your program, even when using the same version of
-// the protobuf module.
+// options. Do not depend on the output being stable. It may change over time
+// across different versions of the program.
 func Marshal(m proto.Message) ([]byte, error) {
 	return MarshalOptions{}.Marshal(m)
 }
@@ -86,9 +84,8 @@ type MarshalOptions struct {
 
 // Format formats the message as a string.
 // This method is only intended for human consumption and ignores errors.
-// Do not depend on the output being stable. Its output will change across
-// different builds of your program, even when using the same version of the
-// protobuf module.
+// Do not depend on the output being stable. It may change over time across
+// different versions of the program.
 func (o MarshalOptions) Format(m proto.Message) string {
 	if m == nil || !m.ProtoReflect().IsValid() {
 		return "" // invalid syntax, but okay since this is for debugging
@@ -101,9 +98,8 @@ func (o MarshalOptions) Format(m proto.Message) string {
 }
 
 // Marshal writes the given [proto.Message] in textproto format using options in
-// MarshalOptions object. Do not depend on the output being stable. Its output
-// will change across different builds of your program, even when using the
-// same version of the protobuf module.
+// MarshalOptions object. Do not depend on the output being stable. It may
+// change over time across different versions of the program.
 func (o MarshalOptions) Marshal(m proto.Message) ([]byte, error) {
 	return o.marshal(nil, m)
 }
diff --git a/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go b/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go
index 87e46bd4d..a45625c8d 100644
--- a/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go
+++ b/vendor/google.golang.org/protobuf/internal/descfmt/stringer.go
@@ -252,7 +252,6 @@ func formatDescOpt(t protoreflect.Descriptor, isRoot, allowMulti bool, record fu
 				{rv.MethodByName("Values"), "Values"},
 				{rv.MethodByName("ReservedNames"), "ReservedNames"},
 				{rv.MethodByName("ReservedRanges"), "ReservedRanges"},
-				{rv.MethodByName("IsClosed"), "IsClosed"},
 			}...)
 
 		case protoreflect.EnumValueDescriptor:
diff --git a/vendor/google.golang.org/protobuf/internal/descopts/options.go b/vendor/google.golang.org/protobuf/internal/descopts/options.go
index 024ffebd3..8401be8c8 100644
--- a/vendor/google.golang.org/protobuf/internal/descopts/options.go
+++ b/vendor/google.golang.org/protobuf/internal/descopts/options.go
@@ -9,7 +9,7 @@
 // dependency on the descriptor proto package).
 package descopts
 
-import "google.golang.org/protobuf/reflect/protoreflect"
+import pref "google.golang.org/protobuf/reflect/protoreflect"
 
 // These variables are set by the init function in descriptor.pb.go via logic
 // in internal/filetype. In other words, so long as the descriptor proto package
@@ -17,13 +17,13 @@ import "google.golang.org/protobuf/reflect/protoreflect"
 //
 // Each variable is populated with a nil pointer to the options struct.
 var (
-	File           protoreflect.ProtoMessage
-	Enum           protoreflect.ProtoMessage
-	EnumValue      protoreflect.ProtoMessage
-	Message        protoreflect.ProtoMessage
-	Field          protoreflect.ProtoMessage
-	Oneof          protoreflect.ProtoMessage
-	ExtensionRange protoreflect.ProtoMessage
-	Service        protoreflect.ProtoMessage
-	Method         protoreflect.ProtoMessage
+	File           pref.ProtoMessage
+	Enum           pref.ProtoMessage
+	EnumValue      pref.ProtoMessage
+	Message        pref.ProtoMessage
+	Field          pref.ProtoMessage
+	Oneof          pref.ProtoMessage
+	ExtensionRange pref.ProtoMessage
+	Service        pref.ProtoMessage
+	Method         pref.ProtoMessage
 )
diff --git a/vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb b/vendor/google.golang.org/protobuf/internal/editiondefaults/editions_defaults.binpb
index 5a57ef6f3c80a4a930b7bdb33b039ea94d1eb5f2..18f0756874367adcdb790ffde125b6a7388b4eaa 100644
GIT binary patch
literal 63
zcmd-Q6yo7v6kw8IQef6#G+>f=#?A#2ViI7KU{qiN3NcDNhX^qu3B6!fc*d^rf*k<7
Cln3+x

literal 138
zcmd;*muO*EV!mX@pe4$|D8MAaq`<7fXux#Ijt$6VkYMDJmv|0Wz$CyZ!KlClRKN&Q
wzyMY7f?Y`%s2WL*1th1%ddZFnY{E-+C6MVz3P75fB^b3pHY+@1*LcYe04AXnGXMYp

diff --git a/vendor/google.golang.org/protobuf/internal/encoding/tag/tag.go b/vendor/google.golang.org/protobuf/internal/encoding/tag/tag.go
index 7e87c7604..373d20837 100644
--- a/vendor/google.golang.org/protobuf/internal/encoding/tag/tag.go
+++ b/vendor/google.golang.org/protobuf/internal/encoding/tag/tag.go
@@ -32,7 +32,6 @@ var byteType = reflect.TypeOf(byte(0))
 func Unmarshal(tag string, goType reflect.Type, evs protoreflect.EnumValueDescriptors) protoreflect.FieldDescriptor {
 	f := new(filedesc.Field)
 	f.L0.ParentFile = filedesc.SurrogateProto2
-	f.L1.EditionFeatures = f.L0.ParentFile.L1.EditionFeatures
 	for len(tag) > 0 {
 		i := strings.IndexByte(tag, ',')
 		if i < 0 {
@@ -108,7 +107,8 @@ func Unmarshal(tag string, goType reflect.Type, evs protoreflect.EnumValueDescri
 				f.L1.StringName.InitJSON(jsonName)
 			}
 		case s == "packed":
-			f.L1.EditionFeatures.IsPacked = true
+			f.L1.HasPacked = true
+			f.L1.IsPacked = true
 		case strings.HasPrefix(s, "weak="):
 			f.L1.IsWeak = true
 			f.L1.Message = filedesc.PlaceholderMessage(protoreflect.FullName(s[len("weak="):]))
diff --git a/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go b/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go
index 099b2bf45..87853e786 100644
--- a/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go
+++ b/vendor/google.golang.org/protobuf/internal/encoding/text/decode.go
@@ -601,7 +601,7 @@ func (d *Decoder) consumeToken(kind Kind, size int, attrs uint8) Token {
 
 // newSyntaxError returns a syntax error with line and column information for
 // current position.
-func (d *Decoder) newSyntaxError(f string, x ...any) error {
+func (d *Decoder) newSyntaxError(f string, x ...interface{}) error {
 	e := errors.New(f, x...)
 	line, column := d.Position(len(d.orig) - len(d.in))
 	return errors.New("syntax error (line %d:%d): %v", line, column, e)
diff --git a/vendor/google.golang.org/protobuf/internal/errors/errors.go b/vendor/google.golang.org/protobuf/internal/errors/errors.go
index c2d6bd526..20c17b35e 100644
--- a/vendor/google.golang.org/protobuf/internal/errors/errors.go
+++ b/vendor/google.golang.org/protobuf/internal/errors/errors.go
@@ -17,7 +17,7 @@ var Error = errors.New("protobuf error")
 
 // New formats a string according to the format specifier and arguments and
 // returns an error that has a "proto" prefix.
-func New(f string, x ...any) error {
+func New(f string, x ...interface{}) error {
 	return &prefixError{s: format(f, x...)}
 }
 
@@ -43,7 +43,7 @@ func (e *prefixError) Unwrap() error {
 
 // Wrap returns an error that has a "proto" prefix, the formatted string described
 // by the format specifier and arguments, and a suffix of err. The error wraps err.
-func Wrap(err error, f string, x ...any) error {
+func Wrap(err error, f string, x ...interface{}) error {
 	return &wrapError{
 		s:   format(f, x...),
 		err: err,
@@ -67,7 +67,7 @@ func (e *wrapError) Is(target error) bool {
 	return target == Error
 }
 
-func format(f string, x ...any) string {
+func format(f string, x ...interface{}) string {
 	// avoid "proto: " prefix when chaining
 	for i := 0; i < len(x); i++ {
 		switch e := x[i].(type) {
@@ -87,18 +87,3 @@ func InvalidUTF8(name string) error {
 func RequiredNotSet(name string) error {
 	return New("required field %v not set", name)
 }
-
-type SizeMismatchError struct {
-	Calculated, Measured int
-}
-
-func (e *SizeMismatchError) Error() string {
-	return fmt.Sprintf("size mismatch (see https://github.com/golang/protobuf/issues/1609): calculated=%d, measured=%d", e.Calculated, e.Measured)
-}
-
-func MismatchedSizeCalculation(calculated, measured int) error {
-	return &SizeMismatchError{
-		Calculated: calculated,
-		Measured:   measured,
-	}
-}
diff --git a/vendor/google.golang.org/protobuf/internal/errors/is_go112.go b/vendor/google.golang.org/protobuf/internal/errors/is_go112.go
new file mode 100644
index 000000000..fbcd34920
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/errors/is_go112.go
@@ -0,0 +1,40 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build !go1.13
+// +build !go1.13
+
+package errors
+
+import "reflect"
+
+// Is is a copy of Go 1.13's errors.Is for use with older Go versions.
+func Is(err, target error) bool {
+	if target == nil {
+		return err == target
+	}
+
+	isComparable := reflect.TypeOf(target).Comparable()
+	for {
+		if isComparable && err == target {
+			return true
+		}
+		if x, ok := err.(interface{ Is(error) bool }); ok && x.Is(target) {
+			return true
+		}
+		if err = unwrap(err); err == nil {
+			return false
+		}
+	}
+}
+
+func unwrap(err error) error {
+	u, ok := err.(interface {
+		Unwrap() error
+	})
+	if !ok {
+		return nil
+	}
+	return u.Unwrap()
+}
diff --git a/vendor/google.golang.org/protobuf/internal/errors/is_go113.go b/vendor/google.golang.org/protobuf/internal/errors/is_go113.go
new file mode 100644
index 000000000..5e72f1cde
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/errors/is_go113.go
@@ -0,0 +1,13 @@
+// Copyright 2020 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build go1.13
+// +build go1.13
+
+package errors
+
+import "errors"
+
+// Is is errors.Is.
+func Is(err, target error) bool { return errors.Is(err, target) }
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
index 378b826fa..8826bcf40 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc.go
@@ -7,7 +7,6 @@ package filedesc
 import (
 	"bytes"
 	"fmt"
-	"strings"
 	"sync"
 	"sync/atomic"
 
@@ -32,7 +31,6 @@ const (
 	EditionProto2      Edition = 998
 	EditionProto3      Edition = 999
 	Edition2023        Edition = 1000
-	Edition2024        Edition = 1001
 	EditionUnsupported Edition = 100000
 )
 
@@ -78,48 +76,31 @@ type (
 		Locations SourceLocations
 	}
 
-	// EditionFeatures is a frequently-instantiated struct, so please take care
-	// to minimize padding when adding new fields to this struct (add them in
-	// the right place/order).
 	EditionFeatures struct {
-		// StripEnumPrefix determines if the plugin generates enum value
-		// constants as-is, with their prefix stripped, or both variants.
-		StripEnumPrefix int
-
 		// IsFieldPresence is true if field_presence is EXPLICIT
 		// https://protobuf.dev/editions/features/#field_presence
 		IsFieldPresence bool
-
 		// IsFieldPresence is true if field_presence is LEGACY_REQUIRED
 		// https://protobuf.dev/editions/features/#field_presence
 		IsLegacyRequired bool
-
 		// IsOpenEnum is true if enum_type is OPEN
 		// https://protobuf.dev/editions/features/#enum_type
 		IsOpenEnum bool
-
 		// IsPacked is true if repeated_field_encoding is PACKED
 		// https://protobuf.dev/editions/features/#repeated_field_encoding
 		IsPacked bool
-
 		// IsUTF8Validated is true if utf_validation is VERIFY
 		// https://protobuf.dev/editions/features/#utf8_validation
 		IsUTF8Validated bool
-
 		// IsDelimitedEncoded is true if message_encoding is DELIMITED
 		// https://protobuf.dev/editions/features/#message_encoding
 		IsDelimitedEncoded bool
-
 		// IsJSONCompliant is true if json_format is ALLOW
 		// https://protobuf.dev/editions/features/#json_format
 		IsJSONCompliant bool
-
 		// GenerateLegacyUnmarshalJSON determines if the plugin generates the
 		// UnmarshalJSON([]byte) error method for enums.
 		GenerateLegacyUnmarshalJSON bool
-		// APILevel controls which API (Open, Hybrid or Opaque) should be used
-		// for generated code (.pb.go files).
-		APILevel int
 	}
 )
 
@@ -127,12 +108,9 @@ func (fd *File) ParentFile() protoreflect.FileDescriptor { return fd }
 func (fd *File) Parent() protoreflect.Descriptor         { return nil }
 func (fd *File) Index() int                              { return 0 }
 func (fd *File) Syntax() protoreflect.Syntax             { return fd.L1.Syntax }
-
-// Not exported and just used to reconstruct the original FileDescriptor proto
-func (fd *File) Edition() int32                  { return int32(fd.L1.Edition) }
-func (fd *File) Name() protoreflect.Name         { return fd.L1.Package.Name() }
-func (fd *File) FullName() protoreflect.FullName { return fd.L1.Package }
-func (fd *File) IsPlaceholder() bool             { return false }
+func (fd *File) Name() protoreflect.Name                 { return fd.L1.Package.Name() }
+func (fd *File) FullName() protoreflect.FullName         { return fd.L1.Package }
+func (fd *File) IsPlaceholder() bool                     { return false }
 func (fd *File) Options() protoreflect.ProtoMessage {
 	if f := fd.lazyInit().Options; f != nil {
 		return f()
@@ -224,9 +202,6 @@ func (ed *Enum) lazyInit() *EnumL2 {
 	ed.L0.ParentFile.lazyInit() // implicitly initializes L2
 	return ed.L2
 }
-func (ed *Enum) IsClosed() bool {
-	return !ed.L1.EditionFeatures.IsOpenEnum
-}
 
 func (ed *EnumValue) Options() protoreflect.ProtoMessage {
 	if f := ed.L1.Options; f != nil {
@@ -276,7 +251,10 @@ type (
 		StringName       stringName
 		IsProto3Optional bool // promoted from google.protobuf.FieldDescriptorProto
 		IsWeak           bool // promoted from google.protobuf.FieldOptions
-		IsLazy           bool // promoted from google.protobuf.FieldOptions
+		HasPacked        bool // promoted from google.protobuf.FieldOptions
+		IsPacked         bool // promoted from google.protobuf.FieldOptions
+		HasEnforceUTF8   bool // promoted from google.protobuf.FieldOptions
+		EnforceUTF8      bool // promoted from google.protobuf.FieldOptions
 		Default          defaultValue
 		ContainingOneof  protoreflect.OneofDescriptor // must be consistent with Message.Oneofs.Fields
 		Enum             protoreflect.EnumDescriptor
@@ -353,7 +331,8 @@ func (fd *Field) HasPresence() bool {
 	if fd.L1.Cardinality == protoreflect.Repeated {
 		return false
 	}
-	return fd.IsExtension() || fd.L1.EditionFeatures.IsFieldPresence || fd.L1.Message != nil || fd.L1.ContainingOneof != nil
+	explicitFieldPresence := fd.Syntax() == protoreflect.Editions && fd.L1.EditionFeatures.IsFieldPresence
+	return fd.Syntax() == protoreflect.Proto2 || explicitFieldPresence || fd.L1.Message != nil || fd.L1.ContainingOneof != nil
 }
 func (fd *Field) HasOptionalKeyword() bool {
 	return (fd.L0.ParentFile.L1.Syntax == protoreflect.Proto2 && fd.L1.Cardinality == protoreflect.Optional && fd.L1.ContainingOneof == nil) || fd.L1.IsProto3Optional
@@ -366,11 +345,17 @@ func (fd *Field) IsPacked() bool {
 	case protoreflect.StringKind, protoreflect.BytesKind, protoreflect.MessageKind, protoreflect.GroupKind:
 		return false
 	}
-	return fd.L1.EditionFeatures.IsPacked
+	if fd.L0.ParentFile.L1.Syntax == protoreflect.Editions {
+		return fd.L1.EditionFeatures.IsPacked
+	}
+	if fd.L0.ParentFile.L1.Syntax == protoreflect.Proto3 {
+		// proto3 repeated fields are packed by default.
+		return !fd.L1.HasPacked || fd.L1.IsPacked
+	}
+	return fd.L1.IsPacked
 }
 func (fd *Field) IsExtension() bool { return false }
 func (fd *Field) IsWeak() bool      { return fd.L1.IsWeak }
-func (fd *Field) IsLazy() bool      { return fd.L1.IsLazy }
 func (fd *Field) IsList() bool      { return fd.Cardinality() == protoreflect.Repeated && !fd.IsMap() }
 func (fd *Field) IsMap() bool       { return fd.Message() != nil && fd.Message().IsMapEntry() }
 func (fd *Field) MapKey() protoreflect.FieldDescriptor {
@@ -403,10 +388,6 @@ func (fd *Field) Message() protoreflect.MessageDescriptor {
 	}
 	return fd.L1.Message
 }
-func (fd *Field) IsMapEntry() bool {
-	parent, ok := fd.L0.Parent.(protoreflect.MessageDescriptor)
-	return ok && parent.IsMapEntry()
-}
 func (fd *Field) Format(s fmt.State, r rune)             { descfmt.FormatDesc(s, r, fd) }
 func (fd *Field) ProtoType(protoreflect.FieldDescriptor) {}
 
@@ -418,7 +399,13 @@ func (fd *Field) ProtoType(protoreflect.FieldDescriptor) {}
 // WARNING: This method is exempt from the compatibility promise and may be
 // removed in the future without warning.
 func (fd *Field) EnforceUTF8() bool {
-	return fd.L1.EditionFeatures.IsUTF8Validated
+	if fd.L0.ParentFile.L1.Syntax == protoreflect.Editions {
+		return fd.L1.EditionFeatures.IsUTF8Validated
+	}
+	if fd.L1.HasEnforceUTF8 {
+		return fd.L1.EnforceUTF8
+	}
+	return fd.L0.ParentFile.L1.Syntax == protoreflect.Proto3
 }
 
 func (od *Oneof) IsSynthetic() bool {
@@ -445,13 +432,13 @@ type (
 		Extendee        protoreflect.MessageDescriptor
 		Cardinality     protoreflect.Cardinality
 		Kind            protoreflect.Kind
-		IsLazy          bool
 		EditionFeatures EditionFeatures
 	}
 	ExtensionL2 struct {
 		Options          func() protoreflect.ProtoMessage
 		StringName       stringName
 		IsProto3Optional bool // promoted from google.protobuf.FieldDescriptorProto
+		IsPacked         bool // promoted from google.protobuf.FieldOptions
 		Default          defaultValue
 		Enum             protoreflect.EnumDescriptor
 		Message          protoreflect.MessageDescriptor
@@ -474,19 +461,9 @@ func (xd *Extension) HasPresence() bool                     { return xd.L1.Cardi
 func (xd *Extension) HasOptionalKeyword() bool {
 	return (xd.L0.ParentFile.L1.Syntax == protoreflect.Proto2 && xd.L1.Cardinality == protoreflect.Optional) || xd.lazyInit().IsProto3Optional
 }
-func (xd *Extension) IsPacked() bool {
-	if xd.L1.Cardinality != protoreflect.Repeated {
-		return false
-	}
-	switch xd.L1.Kind {
-	case protoreflect.StringKind, protoreflect.BytesKind, protoreflect.MessageKind, protoreflect.GroupKind:
-		return false
-	}
-	return xd.L1.EditionFeatures.IsPacked
-}
+func (xd *Extension) IsPacked() bool                         { return xd.lazyInit().IsPacked }
 func (xd *Extension) IsExtension() bool                      { return true }
 func (xd *Extension) IsWeak() bool                           { return false }
-func (xd *Extension) IsLazy() bool                           { return xd.L1.IsLazy }
 func (xd *Extension) IsList() bool                           { return xd.Cardinality() == protoreflect.Repeated }
 func (xd *Extension) IsMap() bool                            { return false }
 func (xd *Extension) MapKey() protoreflect.FieldDescriptor   { return nil }
@@ -565,9 +542,8 @@ func (md *Method) ProtoInternal(pragma.DoNotImplement)     {}
 // Surrogate files are can be used to create standalone descriptors
 // where the syntax is only information derived from the parent file.
 var (
-	SurrogateProto2      = &File{L1: FileL1{Syntax: protoreflect.Proto2}, L2: &FileL2{}}
-	SurrogateProto3      = &File{L1: FileL1{Syntax: protoreflect.Proto3}, L2: &FileL2{}}
-	SurrogateEdition2023 = &File{L1: FileL1{Syntax: protoreflect.Editions, Edition: Edition2023}, L2: &FileL2{}}
+	SurrogateProto2 = &File{L1: FileL1{Syntax: protoreflect.Proto2}, L2: &FileL2{}}
+	SurrogateProto3 = &File{L1: FileL1{Syntax: protoreflect.Proto3}, L2: &FileL2{}}
 )
 
 type (
@@ -609,34 +585,6 @@ func (s *stringName) InitJSON(name string) {
 	s.nameJSON = name
 }
 
-// Returns true if this field is structured like the synthetic field of a proto2
-// group. This allows us to expand our treatment of delimited fields without
-// breaking proto2 files that have been upgraded to editions.
-func isGroupLike(fd protoreflect.FieldDescriptor) bool {
-	// Groups are always group types.
-	if fd.Kind() != protoreflect.GroupKind {
-		return false
-	}
-
-	// Group fields are always the lowercase type name.
-	if strings.ToLower(string(fd.Message().Name())) != string(fd.Name()) {
-		return false
-	}
-
-	// Groups could only be defined in the same file they're used.
-	if fd.Message().ParentFile() != fd.ParentFile() {
-		return false
-	}
-
-	// Group messages are always defined in the same scope as the field.  File
-	// level extensions will compare NULL == NULL here, which is why the file
-	// comparison above is necessary to ensure both come from the same file.
-	if fd.IsExtension() {
-		return fd.Parent() == fd.Message().Parent()
-	}
-	return fd.ContainingMessage() == fd.Message().Parent()
-}
-
 func (s *stringName) lazyInit(fd protoreflect.FieldDescriptor) *stringName {
 	s.once.Do(func() {
 		if fd.IsExtension() {
@@ -657,7 +605,7 @@ func (s *stringName) lazyInit(fd protoreflect.FieldDescriptor) *stringName {
 
 			// Format the text name.
 			s.nameText = string(fd.Name())
-			if isGroupLike(fd) {
+			if fd.Kind() == protoreflect.GroupKind {
 				s.nameText = string(fd.Message().Name())
 			}
 		}
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go
index d2f549497..237e64fd2 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc_init.go
@@ -113,10 +113,8 @@ func (fd *File) unmarshalSeed(b []byte) {
 				switch string(v) {
 				case "proto2":
 					fd.L1.Syntax = protoreflect.Proto2
-					fd.L1.Edition = EditionProto2
 				case "proto3":
 					fd.L1.Syntax = protoreflect.Proto3
-					fd.L1.Edition = EditionProto3
 				case "editions":
 					fd.L1.Syntax = protoreflect.Editions
 				default:
@@ -179,10 +177,11 @@ func (fd *File) unmarshalSeed(b []byte) {
 	// If syntax is missing, it is assumed to be proto2.
 	if fd.L1.Syntax == 0 {
 		fd.L1.Syntax = protoreflect.Proto2
-		fd.L1.Edition = EditionProto2
 	}
 
-	fd.L1.EditionFeatures = getFeaturesFor(fd.L1.Edition)
+	if fd.L1.Syntax == protoreflect.Editions {
+		fd.L1.EditionFeatures = getFeaturesFor(fd.L1.Edition)
+	}
 
 	// Parse editions features from options if any
 	if options != nil {
@@ -268,7 +267,6 @@ func (ed *Enum) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd protorefl
 	ed.L0.ParentFile = pf
 	ed.L0.Parent = pd
 	ed.L0.Index = i
-	ed.L1.EditionFeatures = featuresFromParentDesc(ed.Parent())
 
 	var numValues int
 	for b := b; len(b) > 0; {
@@ -445,7 +443,6 @@ func (xd *Extension) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd prot
 	xd.L0.ParentFile = pf
 	xd.L0.Parent = pd
 	xd.L0.Index = i
-	xd.L1.EditionFeatures = featuresFromParentDesc(pd)
 
 	for len(b) > 0 {
 		num, typ, n := protowire.ConsumeTag(b)
@@ -470,40 +467,6 @@ func (xd *Extension) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd prot
 				xd.L0.FullName = appendFullName(sb, pd.FullName(), v)
 			case genid.FieldDescriptorProto_Extendee_field_number:
 				xd.L1.Extendee = PlaceholderMessage(makeFullName(sb, v))
-			case genid.FieldDescriptorProto_Options_field_number:
-				xd.unmarshalOptions(v)
-			}
-		default:
-			m := protowire.ConsumeFieldValue(num, typ, b)
-			b = b[m:]
-		}
-	}
-
-	if xd.L1.Kind == protoreflect.MessageKind && xd.L1.EditionFeatures.IsDelimitedEncoded {
-		xd.L1.Kind = protoreflect.GroupKind
-	}
-}
-
-func (xd *Extension) unmarshalOptions(b []byte) {
-	for len(b) > 0 {
-		num, typ, n := protowire.ConsumeTag(b)
-		b = b[n:]
-		switch typ {
-		case protowire.VarintType:
-			v, m := protowire.ConsumeVarint(b)
-			b = b[m:]
-			switch num {
-			case genid.FieldOptions_Packed_field_number:
-				xd.L1.EditionFeatures.IsPacked = protowire.DecodeBool(v)
-			case genid.FieldOptions_Lazy_field_number:
-				xd.L1.IsLazy = protowire.DecodeBool(v)
-			}
-		case protowire.BytesType:
-			v, m := protowire.ConsumeBytes(b)
-			b = b[m:]
-			switch num {
-			case genid.FieldOptions_Features_field_number:
-				xd.L1.EditionFeatures = unmarshalFeatureSet(v, xd.L1.EditionFeatures)
 			}
 		default:
 			m := protowire.ConsumeFieldValue(num, typ, b)
@@ -536,7 +499,7 @@ func (sd *Service) unmarshalSeed(b []byte, sb *strs.Builder, pf *File, pd protor
 }
 
 var nameBuilderPool = sync.Pool{
-	New: func() any { return new(strs.Builder) },
+	New: func() interface{} { return new(strs.Builder) },
 }
 
 func getBuilder() *strs.Builder {
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go
index 67a51b327..482a61cc1 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc_lazy.go
@@ -45,11 +45,6 @@ func (file *File) resolveMessages() {
 			case protoreflect.MessageKind, protoreflect.GroupKind:
 				fd.L1.Message = file.resolveMessageDependency(fd.L1.Message, listFieldDeps, depIdx)
 				depIdx++
-				if fd.L1.Kind == protoreflect.GroupKind && (fd.IsMap() || fd.IsMapEntry()) {
-					// A map field might inherit delimited encoding from a file-wide default feature.
-					// But maps never actually use delimited encoding. (At least for now...)
-					fd.L1.Kind = protoreflect.MessageKind
-				}
 			}
 
 			// Default is resolved here since it depends on Enum being resolved.
@@ -471,10 +466,10 @@ func (fd *Field) unmarshalFull(b []byte, sb *strs.Builder, pf *File, pd protoref
 			b = b[m:]
 		}
 	}
-	if fd.L1.Kind == protoreflect.MessageKind && fd.L1.EditionFeatures.IsDelimitedEncoded {
+	if fd.Syntax() == protoreflect.Editions && fd.L1.Kind == protoreflect.MessageKind && fd.L1.EditionFeatures.IsDelimitedEncoded {
 		fd.L1.Kind = protoreflect.GroupKind
 	}
-	if fd.L1.EditionFeatures.IsLegacyRequired {
+	if fd.Syntax() == protoreflect.Editions && fd.L1.EditionFeatures.IsLegacyRequired {
 		fd.L1.Cardinality = protoreflect.Required
 	}
 	if rawTypeName != nil {
@@ -501,13 +496,13 @@ func (fd *Field) unmarshalOptions(b []byte) {
 			b = b[m:]
 			switch num {
 			case genid.FieldOptions_Packed_field_number:
-				fd.L1.EditionFeatures.IsPacked = protowire.DecodeBool(v)
+				fd.L1.HasPacked = true
+				fd.L1.IsPacked = protowire.DecodeBool(v)
 			case genid.FieldOptions_Weak_field_number:
 				fd.L1.IsWeak = protowire.DecodeBool(v)
-			case genid.FieldOptions_Lazy_field_number:
-				fd.L1.IsLazy = protowire.DecodeBool(v)
 			case FieldOptions_EnforceUTF8:
-				fd.L1.EditionFeatures.IsUTF8Validated = protowire.DecodeBool(v)
+				fd.L1.HasEnforceUTF8 = true
+				fd.L1.EnforceUTF8 = protowire.DecodeBool(v)
 			}
 		case protowire.BytesType:
 			v, m := protowire.ConsumeBytes(b)
@@ -553,6 +548,7 @@ func (od *Oneof) unmarshalFull(b []byte, sb *strs.Builder, pf *File, pd protoref
 func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 	var rawTypeName []byte
 	var rawOptions []byte
+	xd.L1.EditionFeatures = featuresFromParentDesc(xd.L1.Extendee)
 	xd.L2 = new(ExtensionL2)
 	for len(b) > 0 {
 		num, typ, n := protowire.ConsumeTag(b)
@@ -576,6 +572,7 @@ func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 			case genid.FieldDescriptorProto_TypeName_field_number:
 				rawTypeName = v
 			case genid.FieldDescriptorProto_Options_field_number:
+				xd.unmarshalOptions(v)
 				rawOptions = appendOptions(rawOptions, v)
 			}
 		default:
@@ -583,6 +580,12 @@ func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 			b = b[m:]
 		}
 	}
+	if xd.Syntax() == protoreflect.Editions && xd.L1.Kind == protoreflect.MessageKind && xd.L1.EditionFeatures.IsDelimitedEncoded {
+		xd.L1.Kind = protoreflect.GroupKind
+	}
+	if xd.Syntax() == protoreflect.Editions && xd.L1.EditionFeatures.IsLegacyRequired {
+		xd.L1.Cardinality = protoreflect.Required
+	}
 	if rawTypeName != nil {
 		name := makeFullName(sb, rawTypeName)
 		switch xd.L1.Kind {
@@ -595,6 +598,32 @@ func (xd *Extension) unmarshalFull(b []byte, sb *strs.Builder) {
 	xd.L2.Options = xd.L0.ParentFile.builder.optionsUnmarshaler(&descopts.Field, rawOptions)
 }
 
+func (xd *Extension) unmarshalOptions(b []byte) {
+	for len(b) > 0 {
+		num, typ, n := protowire.ConsumeTag(b)
+		b = b[n:]
+		switch typ {
+		case protowire.VarintType:
+			v, m := protowire.ConsumeVarint(b)
+			b = b[m:]
+			switch num {
+			case genid.FieldOptions_Packed_field_number:
+				xd.L2.IsPacked = protowire.DecodeBool(v)
+			}
+		case protowire.BytesType:
+			v, m := protowire.ConsumeBytes(b)
+			b = b[m:]
+			switch num {
+			case genid.FieldOptions_Features_field_number:
+				xd.L1.EditionFeatures = unmarshalFeatureSet(v, xd.L1.EditionFeatures)
+			}
+		default:
+			m := protowire.ConsumeFieldValue(num, typ, b)
+			b = b[m:]
+		}
+	}
+}
+
 func (sd *Service) unmarshalFull(b []byte, sb *strs.Builder) {
 	var rawMethods [][]byte
 	var rawOptions []byte
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/desc_list_gen.go b/vendor/google.golang.org/protobuf/internal/filedesc/desc_list_gen.go
index f4107c05f..30db19fdc 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/desc_list_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/desc_list_gen.go
@@ -8,7 +8,6 @@ package filedesc
 
 import (
 	"fmt"
-	"strings"
 	"sync"
 
 	"google.golang.org/protobuf/internal/descfmt"
@@ -199,16 +198,6 @@ func (p *Fields) lazyInit() *Fields {
 				if _, ok := p.byText[d.TextName()]; !ok {
 					p.byText[d.TextName()] = d
 				}
-				if isGroupLike(d) {
-					lowerJSONName := strings.ToLower(d.JSONName())
-					if _, ok := p.byJSON[lowerJSONName]; !ok {
-						p.byJSON[lowerJSONName] = d
-					}
-					lowerTextName := strings.ToLower(d.TextName())
-					if _, ok := p.byText[lowerTextName]; !ok {
-						p.byText[lowerTextName] = d
-					}
-				}
 				if _, ok := p.byNum[d.Number()]; !ok {
 					p.byNum[d.Number()] = d
 				}
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/editions.go b/vendor/google.golang.org/protobuf/internal/filedesc/editions.go
index 10132c9b3..0375a49d4 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/editions.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/editions.go
@@ -14,13 +14,9 @@ import (
 )
 
 var defaultsCache = make(map[Edition]EditionFeatures)
-var defaultsKeys = []Edition{}
 
 func init() {
 	unmarshalEditionDefaults(editiondefaults.Defaults)
-	SurrogateProto2.L1.EditionFeatures = getFeaturesFor(EditionProto2)
-	SurrogateProto3.L1.EditionFeatures = getFeaturesFor(EditionProto3)
-	SurrogateEdition2023.L1.EditionFeatures = getFeaturesFor(Edition2023)
 }
 
 func unmarshalGoFeature(b []byte, parent EditionFeatures) EditionFeatures {
@@ -32,14 +28,6 @@ func unmarshalGoFeature(b []byte, parent EditionFeatures) EditionFeatures {
 			v, m := protowire.ConsumeVarint(b)
 			b = b[m:]
 			parent.GenerateLegacyUnmarshalJSON = protowire.DecodeBool(v)
-		case genid.GoFeatures_ApiLevel_field_number:
-			v, m := protowire.ConsumeVarint(b)
-			b = b[m:]
-			parent.APILevel = int(v)
-		case genid.GoFeatures_StripEnumPrefix_field_number:
-			v, m := protowire.ConsumeVarint(b)
-			b = b[m:]
-			parent.StripEnumPrefix = int(v)
 		default:
 			panic(fmt.Sprintf("unkown field number %d while unmarshalling GoFeatures", num))
 		}
@@ -76,7 +64,7 @@ func unmarshalFeatureSet(b []byte, parent EditionFeatures) EditionFeatures {
 			v, m := protowire.ConsumeBytes(b)
 			b = b[m:]
 			switch num {
-			case genid.FeatureSet_Go_ext_number:
+			case genid.GoFeatures_LegacyUnmarshalJsonEnum_field_number:
 				parent = unmarshalGoFeature(v, parent)
 			}
 		}
@@ -116,15 +104,12 @@ func unmarshalEditionDefault(b []byte) {
 			v, m := protowire.ConsumeBytes(b)
 			b = b[m:]
 			switch num {
-			case genid.FeatureSetDefaults_FeatureSetEditionDefault_FixedFeatures_field_number:
-				fs = unmarshalFeatureSet(v, fs)
-			case genid.FeatureSetDefaults_FeatureSetEditionDefault_OverridableFeatures_field_number:
+			case genid.FeatureSetDefaults_FeatureSetEditionDefault_Features_field_number:
 				fs = unmarshalFeatureSet(v, fs)
 			}
 		}
 	}
 	defaultsCache[ed] = fs
-	defaultsKeys = append(defaultsKeys, ed)
 }
 
 func unmarshalEditionDefaults(b []byte) {
@@ -150,15 +135,8 @@ func unmarshalEditionDefaults(b []byte) {
 }
 
 func getFeaturesFor(ed Edition) EditionFeatures {
-	match := EditionUnknown
-	for _, key := range defaultsKeys {
-		if key > ed {
-			break
-		}
-		match = key
-	}
-	if match == EditionUnknown {
-		panic(fmt.Sprintf("unsupported edition: %v", ed))
+	if def, ok := defaultsCache[ed]; ok {
+		return def
 	}
-	return defaultsCache[match]
+	panic(fmt.Sprintf("unsupported edition: %v", ed))
 }
diff --git a/vendor/google.golang.org/protobuf/internal/filedesc/placeholder.go b/vendor/google.golang.org/protobuf/internal/filedesc/placeholder.go
index bfb3b8417..28240ebc5 100644
--- a/vendor/google.golang.org/protobuf/internal/filedesc/placeholder.go
+++ b/vendor/google.golang.org/protobuf/internal/filedesc/placeholder.go
@@ -63,7 +63,6 @@ func (e PlaceholderEnum) Options() protoreflect.ProtoMessage        { return des
 func (e PlaceholderEnum) Values() protoreflect.EnumValueDescriptors { return emptyEnumValues }
 func (e PlaceholderEnum) ReservedNames() protoreflect.Names         { return emptyNames }
 func (e PlaceholderEnum) ReservedRanges() protoreflect.EnumRanges   { return emptyEnumRanges }
-func (e PlaceholderEnum) IsClosed() bool                            { return false }
 func (e PlaceholderEnum) ProtoType(protoreflect.EnumDescriptor)     { return }
 func (e PlaceholderEnum) ProtoInternal(pragma.DoNotImplement)       { return }
 
diff --git a/vendor/google.golang.org/protobuf/internal/filetype/build.go b/vendor/google.golang.org/protobuf/internal/filetype/build.go
index ba83fea44..f0e38c4ef 100644
--- a/vendor/google.golang.org/protobuf/internal/filetype/build.go
+++ b/vendor/google.golang.org/protobuf/internal/filetype/build.go
@@ -68,7 +68,7 @@ type Builder struct {
 	// and for input and output messages referenced by service methods.
 	// Dependencies must come after declarations, but the ordering of
 	// dependencies themselves is unspecified.
-	GoTypes []any
+	GoTypes []interface{}
 
 	// DependencyIndexes is an ordered list of indexes into GoTypes for the
 	// dependencies of messages, extensions, or services.
@@ -268,7 +268,7 @@ func (x depIdxs) Get(i, j int32) int32 {
 
 type (
 	resolverByIndex struct {
-		goTypes []any
+		goTypes []interface{}
 		depIdxs depIdxs
 		fileRegistry
 	}
diff --git a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
index f30ab6b58..40272c893 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/descriptor_gen.go
@@ -21,7 +21,6 @@ const (
 // Enum values for google.protobuf.Edition.
 const (
 	Edition_EDITION_UNKNOWN_enum_value         = 0
-	Edition_EDITION_LEGACY_enum_value          = 900
 	Edition_EDITION_PROTO2_enum_value          = 998
 	Edition_EDITION_PROTO3_enum_value          = 999
 	Edition_EDITION_2023_enum_value            = 1000
@@ -654,7 +653,6 @@ const (
 	FieldOptions_Targets_field_name             protoreflect.Name = "targets"
 	FieldOptions_EditionDefaults_field_name     protoreflect.Name = "edition_defaults"
 	FieldOptions_Features_field_name            protoreflect.Name = "features"
-	FieldOptions_FeatureSupport_field_name      protoreflect.Name = "feature_support"
 	FieldOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
 	FieldOptions_Ctype_field_fullname               protoreflect.FullName = "google.protobuf.FieldOptions.ctype"
@@ -669,7 +667,6 @@ const (
 	FieldOptions_Targets_field_fullname             protoreflect.FullName = "google.protobuf.FieldOptions.targets"
 	FieldOptions_EditionDefaults_field_fullname     protoreflect.FullName = "google.protobuf.FieldOptions.edition_defaults"
 	FieldOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.FieldOptions.features"
-	FieldOptions_FeatureSupport_field_fullname      protoreflect.FullName = "google.protobuf.FieldOptions.feature_support"
 	FieldOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.uninterpreted_option"
 )
 
@@ -687,7 +684,6 @@ const (
 	FieldOptions_Targets_field_number             protoreflect.FieldNumber = 19
 	FieldOptions_EditionDefaults_field_number     protoreflect.FieldNumber = 20
 	FieldOptions_Features_field_number            protoreflect.FieldNumber = 21
-	FieldOptions_FeatureSupport_field_number      protoreflect.FieldNumber = 22
 	FieldOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
 
@@ -771,33 +767,6 @@ const (
 	FieldOptions_EditionDefault_Value_field_number   protoreflect.FieldNumber = 2
 )
 
-// Names for google.protobuf.FieldOptions.FeatureSupport.
-const (
-	FieldOptions_FeatureSupport_message_name     protoreflect.Name     = "FeatureSupport"
-	FieldOptions_FeatureSupport_message_fullname protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport"
-)
-
-// Field names for google.protobuf.FieldOptions.FeatureSupport.
-const (
-	FieldOptions_FeatureSupport_EditionIntroduced_field_name  protoreflect.Name = "edition_introduced"
-	FieldOptions_FeatureSupport_EditionDeprecated_field_name  protoreflect.Name = "edition_deprecated"
-	FieldOptions_FeatureSupport_DeprecationWarning_field_name protoreflect.Name = "deprecation_warning"
-	FieldOptions_FeatureSupport_EditionRemoved_field_name     protoreflect.Name = "edition_removed"
-
-	FieldOptions_FeatureSupport_EditionIntroduced_field_fullname  protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport.edition_introduced"
-	FieldOptions_FeatureSupport_EditionDeprecated_field_fullname  protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport.edition_deprecated"
-	FieldOptions_FeatureSupport_DeprecationWarning_field_fullname protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport.deprecation_warning"
-	FieldOptions_FeatureSupport_EditionRemoved_field_fullname     protoreflect.FullName = "google.protobuf.FieldOptions.FeatureSupport.edition_removed"
-)
-
-// Field numbers for google.protobuf.FieldOptions.FeatureSupport.
-const (
-	FieldOptions_FeatureSupport_EditionIntroduced_field_number  protoreflect.FieldNumber = 1
-	FieldOptions_FeatureSupport_EditionDeprecated_field_number  protoreflect.FieldNumber = 2
-	FieldOptions_FeatureSupport_DeprecationWarning_field_number protoreflect.FieldNumber = 3
-	FieldOptions_FeatureSupport_EditionRemoved_field_number     protoreflect.FieldNumber = 4
-)
-
 // Names for google.protobuf.OneofOptions.
 const (
 	OneofOptions_message_name     protoreflect.Name     = "OneofOptions"
@@ -860,13 +829,11 @@ const (
 	EnumValueOptions_Deprecated_field_name          protoreflect.Name = "deprecated"
 	EnumValueOptions_Features_field_name            protoreflect.Name = "features"
 	EnumValueOptions_DebugRedact_field_name         protoreflect.Name = "debug_redact"
-	EnumValueOptions_FeatureSupport_field_name      protoreflect.Name = "feature_support"
 	EnumValueOptions_UninterpretedOption_field_name protoreflect.Name = "uninterpreted_option"
 
 	EnumValueOptions_Deprecated_field_fullname          protoreflect.FullName = "google.protobuf.EnumValueOptions.deprecated"
 	EnumValueOptions_Features_field_fullname            protoreflect.FullName = "google.protobuf.EnumValueOptions.features"
 	EnumValueOptions_DebugRedact_field_fullname         protoreflect.FullName = "google.protobuf.EnumValueOptions.debug_redact"
-	EnumValueOptions_FeatureSupport_field_fullname      protoreflect.FullName = "google.protobuf.EnumValueOptions.feature_support"
 	EnumValueOptions_UninterpretedOption_field_fullname protoreflect.FullName = "google.protobuf.EnumValueOptions.uninterpreted_option"
 )
 
@@ -875,7 +842,6 @@ const (
 	EnumValueOptions_Deprecated_field_number          protoreflect.FieldNumber = 1
 	EnumValueOptions_Features_field_number            protoreflect.FieldNumber = 2
 	EnumValueOptions_DebugRedact_field_number         protoreflect.FieldNumber = 3
-	EnumValueOptions_FeatureSupport_field_number      protoreflect.FieldNumber = 4
 	EnumValueOptions_UninterpretedOption_field_number protoreflect.FieldNumber = 999
 )
 
@@ -1144,20 +1110,17 @@ const (
 
 // Field names for google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.
 const (
-	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_name             protoreflect.Name = "edition"
-	FeatureSetDefaults_FeatureSetEditionDefault_OverridableFeatures_field_name protoreflect.Name = "overridable_features"
-	FeatureSetDefaults_FeatureSetEditionDefault_FixedFeatures_field_name       protoreflect.Name = "fixed_features"
+	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_name  protoreflect.Name = "edition"
+	FeatureSetDefaults_FeatureSetEditionDefault_Features_field_name protoreflect.Name = "features"
 
-	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_fullname             protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.edition"
-	FeatureSetDefaults_FeatureSetEditionDefault_OverridableFeatures_field_fullname protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.overridable_features"
-	FeatureSetDefaults_FeatureSetEditionDefault_FixedFeatures_field_fullname       protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.fixed_features"
+	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_fullname  protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.edition"
+	FeatureSetDefaults_FeatureSetEditionDefault_Features_field_fullname protoreflect.FullName = "google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.features"
 )
 
 // Field numbers for google.protobuf.FeatureSetDefaults.FeatureSetEditionDefault.
 const (
-	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_number             protoreflect.FieldNumber = 3
-	FeatureSetDefaults_FeatureSetEditionDefault_OverridableFeatures_field_number protoreflect.FieldNumber = 4
-	FeatureSetDefaults_FeatureSetEditionDefault_FixedFeatures_field_number       protoreflect.FieldNumber = 5
+	FeatureSetDefaults_FeatureSetEditionDefault_Edition_field_number  protoreflect.FieldNumber = 3
+	FeatureSetDefaults_FeatureSetEditionDefault_Features_field_number protoreflect.FieldNumber = 2
 )
 
 // Names for google.protobuf.SourceCodeInfo.
diff --git a/vendor/google.golang.org/protobuf/internal/genid/doc.go b/vendor/google.golang.org/protobuf/internal/genid/doc.go
index d9b9d916a..45ccd0121 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/doc.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/doc.go
@@ -6,6 +6,6 @@
 // and the well-known types.
 package genid
 
-import "google.golang.org/protobuf/reflect/protoreflect"
+import protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 
 const GoogleProtobuf_package protoreflect.FullName = "google.protobuf"
diff --git a/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go b/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go
index f5ee7f5c2..fd9015e8e 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/go_features_gen.go
@@ -10,61 +10,22 @@ import (
 	protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 )
 
-const File_google_protobuf_go_features_proto = "google/protobuf/go_features.proto"
+const File_reflect_protodesc_proto_go_features_proto = "reflect/protodesc/proto/go_features.proto"
 
-// Names for pb.GoFeatures.
+// Names for google.protobuf.GoFeatures.
 const (
 	GoFeatures_message_name     protoreflect.Name     = "GoFeatures"
-	GoFeatures_message_fullname protoreflect.FullName = "pb.GoFeatures"
+	GoFeatures_message_fullname protoreflect.FullName = "google.protobuf.GoFeatures"
 )
 
-// Field names for pb.GoFeatures.
+// Field names for google.protobuf.GoFeatures.
 const (
 	GoFeatures_LegacyUnmarshalJsonEnum_field_name protoreflect.Name = "legacy_unmarshal_json_enum"
-	GoFeatures_ApiLevel_field_name                protoreflect.Name = "api_level"
-	GoFeatures_StripEnumPrefix_field_name         protoreflect.Name = "strip_enum_prefix"
 
-	GoFeatures_LegacyUnmarshalJsonEnum_field_fullname protoreflect.FullName = "pb.GoFeatures.legacy_unmarshal_json_enum"
-	GoFeatures_ApiLevel_field_fullname                protoreflect.FullName = "pb.GoFeatures.api_level"
-	GoFeatures_StripEnumPrefix_field_fullname         protoreflect.FullName = "pb.GoFeatures.strip_enum_prefix"
+	GoFeatures_LegacyUnmarshalJsonEnum_field_fullname protoreflect.FullName = "google.protobuf.GoFeatures.legacy_unmarshal_json_enum"
 )
 
-// Field numbers for pb.GoFeatures.
+// Field numbers for google.protobuf.GoFeatures.
 const (
 	GoFeatures_LegacyUnmarshalJsonEnum_field_number protoreflect.FieldNumber = 1
-	GoFeatures_ApiLevel_field_number                protoreflect.FieldNumber = 2
-	GoFeatures_StripEnumPrefix_field_number         protoreflect.FieldNumber = 3
-)
-
-// Full and short names for pb.GoFeatures.APILevel.
-const (
-	GoFeatures_APILevel_enum_fullname = "pb.GoFeatures.APILevel"
-	GoFeatures_APILevel_enum_name     = "APILevel"
-)
-
-// Enum values for pb.GoFeatures.APILevel.
-const (
-	GoFeatures_API_LEVEL_UNSPECIFIED_enum_value = 0
-	GoFeatures_API_OPEN_enum_value              = 1
-	GoFeatures_API_HYBRID_enum_value            = 2
-	GoFeatures_API_OPAQUE_enum_value            = 3
-)
-
-// Full and short names for pb.GoFeatures.StripEnumPrefix.
-const (
-	GoFeatures_StripEnumPrefix_enum_fullname = "pb.GoFeatures.StripEnumPrefix"
-	GoFeatures_StripEnumPrefix_enum_name     = "StripEnumPrefix"
-)
-
-// Enum values for pb.GoFeatures.StripEnumPrefix.
-const (
-	GoFeatures_STRIP_ENUM_PREFIX_UNSPECIFIED_enum_value   = 0
-	GoFeatures_STRIP_ENUM_PREFIX_KEEP_enum_value          = 1
-	GoFeatures_STRIP_ENUM_PREFIX_GENERATE_BOTH_enum_value = 2
-	GoFeatures_STRIP_ENUM_PREFIX_STRIP_enum_value         = 3
-)
-
-// Extension numbers
-const (
-	FeatureSet_Go_ext_number protoreflect.FieldNumber = 1002
 )
diff --git a/vendor/google.golang.org/protobuf/internal/genid/map_entry.go b/vendor/google.golang.org/protobuf/internal/genid/map_entry.go
index bef5a25fb..8f9ea02ff 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/map_entry.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/map_entry.go
@@ -4,7 +4,7 @@
 
 package genid
 
-import "google.golang.org/protobuf/reflect/protoreflect"
+import protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 
 // Generic field names and numbers for synthetic map entry messages.
 const (
diff --git a/vendor/google.golang.org/protobuf/internal/genid/name.go b/vendor/google.golang.org/protobuf/internal/genid/name.go
deleted file mode 100644
index 224f33930..000000000
--- a/vendor/google.golang.org/protobuf/internal/genid/name.go
+++ /dev/null
@@ -1,12 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package genid
-
-const (
-	NoUnkeyedLiteral_goname  = "noUnkeyedLiteral"
-	NoUnkeyedLiteralA_goname = "XXX_NoUnkeyedLiteral"
-
-	BuilderSuffix_goname = "_builder"
-)
diff --git a/vendor/google.golang.org/protobuf/internal/genid/wrappers.go b/vendor/google.golang.org/protobuf/internal/genid/wrappers.go
index 9404270de..429384b85 100644
--- a/vendor/google.golang.org/protobuf/internal/genid/wrappers.go
+++ b/vendor/google.golang.org/protobuf/internal/genid/wrappers.go
@@ -4,7 +4,7 @@
 
 package genid
 
-import "google.golang.org/protobuf/reflect/protoreflect"
+import protoreflect "google.golang.org/protobuf/reflect/protoreflect"
 
 // Generic field name and number for messages in wrappers.proto.
 const (
diff --git a/vendor/google.golang.org/protobuf/internal/impl/api_export.go b/vendor/google.golang.org/protobuf/internal/impl/api_export.go
index 5d5771c2e..a371f98de 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/api_export.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/api_export.go
@@ -22,13 +22,13 @@ type Export struct{}
 
 // NewError formats a string according to the format specifier and arguments and
 // returns an error that has a "proto" prefix.
-func (Export) NewError(f string, x ...any) error {
+func (Export) NewError(f string, x ...interface{}) error {
 	return errors.New(f, x...)
 }
 
 // enum is any enum type generated by protoc-gen-go
 // and must be a named int32 type.
-type enum = any
+type enum = interface{}
 
 // EnumOf returns the protoreflect.Enum interface over e.
 // It returns nil if e is nil.
@@ -81,7 +81,7 @@ func (Export) EnumStringOf(ed protoreflect.EnumDescriptor, n protoreflect.EnumNu
 
 // message is any message type generated by protoc-gen-go
 // and must be a pointer to a named struct type.
-type message = any
+type message = interface{}
 
 // legacyMessageWrapper wraps a v2 message as a v1 message.
 type legacyMessageWrapper struct{ m protoreflect.ProtoMessage }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/api_export_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/api_export_opaque.go
deleted file mode 100644
index 6075d6f69..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/api_export_opaque.go
+++ /dev/null
@@ -1,128 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package impl
-
-import (
-	"strconv"
-	"sync/atomic"
-	"unsafe"
-
-	"google.golang.org/protobuf/reflect/protoreflect"
-)
-
-func (Export) UnmarshalField(msg any, fieldNum int32) {
-	UnmarshalField(msg.(protoreflect.ProtoMessage).ProtoReflect(), protoreflect.FieldNumber(fieldNum))
-}
-
-// Present checks the presence set for a certain field number (zero
-// based, ordered by appearance in original proto file). part is
-// a pointer to the correct element in the bitmask array, num is the
-// field number unaltered.  Example (field number 70 -> part =
-// &m.XXX_presence[1], num = 70)
-func (Export) Present(part *uint32, num uint32) bool {
-	// This hook will read an unprotected shadow presence set if
-	// we're unning under the race detector
-	raceDetectHookPresent(part, num)
-	return atomic.LoadUint32(part)&(1<<(num%32)) > 0
-}
-
-// SetPresent adds a field to the presence set. part is a pointer to
-// the relevant element in the array and num is the field number
-// unaltered.  size is the number of fields in the protocol
-// buffer.
-func (Export) SetPresent(part *uint32, num uint32, size uint32) {
-	// This hook will mutate an unprotected shadow presence set if
-	// we're running under the race detector
-	raceDetectHookSetPresent(part, num, presenceSize(size))
-	for {
-		old := atomic.LoadUint32(part)
-		if atomic.CompareAndSwapUint32(part, old, old|(1<<(num%32))) {
-			return
-		}
-	}
-}
-
-// SetPresentNonAtomic is like SetPresent, but operates non-atomically.
-// It is meant for use by builder methods, where the message is known not
-// to be accessible yet by other goroutines.
-func (Export) SetPresentNonAtomic(part *uint32, num uint32, size uint32) {
-	// This hook will mutate an unprotected shadow presence set if
-	// we're running under the race detector
-	raceDetectHookSetPresent(part, num, presenceSize(size))
-	*part |= 1 << (num % 32)
-}
-
-// ClearPresence removes a field from the presence set. part is a
-// pointer to the relevant element in the presence array and num is
-// the field number unaltered.
-func (Export) ClearPresent(part *uint32, num uint32) {
-	// This hook will mutate an unprotected shadow presence set if
-	// we're running under the race detector
-	raceDetectHookClearPresent(part, num)
-	for {
-		old := atomic.LoadUint32(part)
-		if atomic.CompareAndSwapUint32(part, old, old&^(1<<(num%32))) {
-			return
-		}
-	}
-}
-
-// interfaceToPointer takes a pointer to an empty interface whose value is a
-// pointer type, and converts it into a "pointer" that points to the same
-// target
-func interfaceToPointer(i *any) pointer {
-	return pointer{p: (*[2]unsafe.Pointer)(unsafe.Pointer(i))[1]}
-}
-
-func (p pointer) atomicGetPointer() pointer {
-	return pointer{p: atomic.LoadPointer((*unsafe.Pointer)(p.p))}
-}
-
-func (p pointer) atomicSetPointer(q pointer) {
-	atomic.StorePointer((*unsafe.Pointer)(p.p), q.p)
-}
-
-// AtomicCheckPointerIsNil takes an interface (which is a pointer to a
-// pointer) and returns true if the pointed-to pointer is nil (using an
-// atomic load).  This function is inlineable and, on x86, just becomes a
-// simple load and compare.
-func (Export) AtomicCheckPointerIsNil(ptr any) bool {
-	return interfaceToPointer(&ptr).atomicGetPointer().IsNil()
-}
-
-// AtomicSetPointer takes two interfaces (first is a pointer to a pointer,
-// second is a pointer) and atomically sets the second pointer into location
-// referenced by first pointer.  Unfortunately, atomicSetPointer() does not inline
-// (even on x86), so this does not become a simple store on x86.
-func (Export) AtomicSetPointer(dstPtr, valPtr any) {
-	interfaceToPointer(&dstPtr).atomicSetPointer(interfaceToPointer(&valPtr))
-}
-
-// AtomicLoadPointer loads the pointer at the location pointed at by src,
-// and stores that pointer value into the location pointed at by dst.
-func (Export) AtomicLoadPointer(ptr Pointer, dst Pointer) {
-	*(*unsafe.Pointer)(unsafe.Pointer(dst)) = atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(ptr)))
-}
-
-// AtomicInitializePointer makes ptr and dst point to the same value.
-//
-// If *ptr is a nil pointer, it sets *ptr = *dst.
-//
-// If *ptr is a non-nil pointer, it sets *dst = *ptr.
-func (Export) AtomicInitializePointer(ptr Pointer, dst Pointer) {
-	if !atomic.CompareAndSwapPointer((*unsafe.Pointer)(ptr), unsafe.Pointer(nil), *(*unsafe.Pointer)(dst)) {
-		*(*unsafe.Pointer)(unsafe.Pointer(dst)) = atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(ptr)))
-	}
-}
-
-// MessageFieldStringOf returns the field formatted as a string,
-// either as the field name if resolvable otherwise as a decimal string.
-func (Export) MessageFieldStringOf(md protoreflect.MessageDescriptor, n protoreflect.FieldNumber) string {
-	fd := md.Fields().ByNumber(n)
-	if fd != nil {
-		return string(fd.Name())
-	}
-	return strconv.Itoa(int(n))
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/bitmap.go b/vendor/google.golang.org/protobuf/internal/impl/bitmap.go
deleted file mode 100644
index ea276547c..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/bitmap.go
+++ /dev/null
@@ -1,34 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build !race
-
-package impl
-
-// There is no additional data as we're not running under race detector.
-type RaceDetectHookData struct{}
-
-// Empty stubs for when not using the race detector. Calls to these from index.go should be optimized away.
-func (presence) raceDetectHookPresent(num uint32)                       {}
-func (presence) raceDetectHookSetPresent(num uint32, size presenceSize) {}
-func (presence) raceDetectHookClearPresent(num uint32)                  {}
-func (presence) raceDetectHookAllocAndCopy(src presence)                {}
-
-// raceDetectHookPresent is called by the generated file interface
-// (*proto.internalFuncs) Present to optionally read an unprotected
-// shadow bitmap when race detection is enabled. In regular code it is
-// a noop.
-func raceDetectHookPresent(field *uint32, num uint32) {}
-
-// raceDetectHookSetPresent is called by the generated file interface
-// (*proto.internalFuncs) SetPresent to optionally write an unprotected
-// shadow bitmap when race detection is enabled. In regular code it is
-// a noop.
-func raceDetectHookSetPresent(field *uint32, num uint32, size presenceSize) {}
-
-// raceDetectHookClearPresent is called by the generated file interface
-// (*proto.internalFuncs) ClearPresent to optionally write an unprotected
-// shadow bitmap when race detection is enabled. In regular code it is
-// a noop.
-func raceDetectHookClearPresent(field *uint32, num uint32) {}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/bitmap_race.go b/vendor/google.golang.org/protobuf/internal/impl/bitmap_race.go
deleted file mode 100644
index e9a27583a..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/bitmap_race.go
+++ /dev/null
@@ -1,126 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build race
-
-package impl
-
-// When running under race detector, we add a presence map of bytes, that we can access
-// in the hook functions so that we trigger the race detection whenever we have concurrent
-// Read-Writes or Write-Writes. The race detector does not otherwise detect invalid concurrent
-// access to lazy fields as all updates of bitmaps and pointers are done using atomic operations.
-type RaceDetectHookData struct {
-	shadowPresence *[]byte
-}
-
-// Hooks for presence bitmap operations that allocate, read and write the shadowPresence
-// using non-atomic operations.
-func (data *RaceDetectHookData) raceDetectHookAlloc(size presenceSize) {
-	sp := make([]byte, size)
-	atomicStoreShadowPresence(&data.shadowPresence, &sp)
-}
-
-func (p presence) raceDetectHookPresent(num uint32) {
-	data := p.toRaceDetectData()
-	if data == nil {
-		return
-	}
-	sp := atomicLoadShadowPresence(&data.shadowPresence)
-	if sp != nil {
-		_ = (*sp)[num]
-	}
-}
-
-func (p presence) raceDetectHookSetPresent(num uint32, size presenceSize) {
-	data := p.toRaceDetectData()
-	if data == nil {
-		return
-	}
-	sp := atomicLoadShadowPresence(&data.shadowPresence)
-	if sp == nil {
-		data.raceDetectHookAlloc(size)
-		sp = atomicLoadShadowPresence(&data.shadowPresence)
-	}
-	(*sp)[num] = 1
-}
-
-func (p presence) raceDetectHookClearPresent(num uint32) {
-	data := p.toRaceDetectData()
-	if data == nil {
-		return
-	}
-	sp := atomicLoadShadowPresence(&data.shadowPresence)
-	if sp != nil {
-		(*sp)[num] = 0
-
-	}
-}
-
-// raceDetectHookAllocAndCopy allocates a new shadowPresence slice at lazy and copies
-// shadowPresence bytes from src to lazy.
-func (p presence) raceDetectHookAllocAndCopy(q presence) {
-	sData := q.toRaceDetectData()
-	dData := p.toRaceDetectData()
-	if sData == nil {
-		return
-	}
-	srcSp := atomicLoadShadowPresence(&sData.shadowPresence)
-	if srcSp == nil {
-		atomicStoreShadowPresence(&dData.shadowPresence, nil)
-		return
-	}
-	n := len(*srcSp)
-	dSlice := make([]byte, n)
-	atomicStoreShadowPresence(&dData.shadowPresence, &dSlice)
-	for i := 0; i < n; i++ {
-		dSlice[i] = (*srcSp)[i]
-	}
-}
-
-// raceDetectHookPresent is called by the generated file interface
-// (*proto.internalFuncs) Present to optionally read an unprotected
-// shadow bitmap when race detection is enabled. In regular code it is
-// a noop.
-func raceDetectHookPresent(field *uint32, num uint32) {
-	data := findPointerToRaceDetectData(field, num)
-	if data == nil {
-		return
-	}
-	sp := atomicLoadShadowPresence(&data.shadowPresence)
-	if sp != nil {
-		_ = (*sp)[num]
-	}
-}
-
-// raceDetectHookSetPresent is called by the generated file interface
-// (*proto.internalFuncs) SetPresent to optionally write an unprotected
-// shadow bitmap when race detection is enabled. In regular code it is
-// a noop.
-func raceDetectHookSetPresent(field *uint32, num uint32, size presenceSize) {
-	data := findPointerToRaceDetectData(field, num)
-	if data == nil {
-		return
-	}
-	sp := atomicLoadShadowPresence(&data.shadowPresence)
-	if sp == nil {
-		data.raceDetectHookAlloc(size)
-		sp = atomicLoadShadowPresence(&data.shadowPresence)
-	}
-	(*sp)[num] = 1
-}
-
-// raceDetectHookClearPresent is called by the generated file interface
-// (*proto.internalFuncs) ClearPresent to optionally write an unprotected
-// shadow bitmap when race detection is enabled. In regular code it is
-// a noop.
-func raceDetectHookClearPresent(field *uint32, num uint32) {
-	data := findPointerToRaceDetectData(field, num)
-	if data == nil {
-		return
-	}
-	sp := atomicLoadShadowPresence(&data.shadowPresence)
-	if sp != nil {
-		(*sp)[num] = 0
-	}
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/checkinit.go b/vendor/google.golang.org/protobuf/internal/impl/checkinit.go
index fe2c719ce..bff041edc 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/checkinit.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/checkinit.go
@@ -35,12 +35,6 @@ func (mi *MessageInfo) checkInitializedPointer(p pointer) error {
 		}
 		return nil
 	}
-
-	var presence presence
-	if mi.presenceOffset.IsValid() {
-		presence = p.Apply(mi.presenceOffset).PresenceInfo()
-	}
-
 	if mi.extensionOffset.IsValid() {
 		e := p.Apply(mi.extensionOffset).Extensions()
 		if err := mi.isInitExtensions(e); err != nil {
@@ -51,33 +45,6 @@ func (mi *MessageInfo) checkInitializedPointer(p pointer) error {
 		if !f.isRequired && f.funcs.isInit == nil {
 			continue
 		}
-
-		if f.presenceIndex != noPresence {
-			if !presence.Present(f.presenceIndex) {
-				if f.isRequired {
-					return errors.RequiredNotSet(string(mi.Desc.Fields().ByNumber(f.num).FullName()))
-				}
-				continue
-			}
-			if f.funcs.isInit != nil {
-				f.mi.init()
-				if f.mi.needsInitCheck {
-					if f.isLazy && p.Apply(f.offset).AtomicGetPointer().IsNil() {
-						lazy := *p.Apply(mi.lazyOffset).LazyInfoPtr()
-						if !lazy.AllowedPartial() {
-							// Nothing to see here, it was checked on unmarshal
-							continue
-						}
-						mi.lazyUnmarshal(p, f.num)
-					}
-					if err := f.funcs.isInit(p.Apply(f.offset), f); err != nil {
-						return err
-					}
-				}
-			}
-			continue
-		}
-
 		fptr := p.Apply(f.offset)
 		if f.isPointer && fptr.Elem().IsNil() {
 			if f.isRequired {
@@ -101,7 +68,7 @@ func (mi *MessageInfo) isInitExtensions(ext *map[int32]ExtensionField) error {
 	}
 	for _, x := range *ext {
 		ei := getExtensionFieldInfo(x.Type())
-		if ei.funcs.isInit == nil || x.isUnexpandedLazy() {
+		if ei.funcs.isInit == nil {
 			continue
 		}
 		v := x.Value()
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go b/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go
index 0d5b546e0..2b8f122c2 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_extension.go
@@ -67,6 +67,7 @@ type lazyExtensionValue struct {
 	xi         *extensionFieldInfo
 	value      protoreflect.Value
 	b          []byte
+	fn         func() protoreflect.Value
 }
 
 type ExtensionField struct {
@@ -98,28 +99,6 @@ func (f *ExtensionField) canLazy(xt protoreflect.ExtensionType) bool {
 	return false
 }
 
-// isUnexpandedLazy returns true if the ExensionField is lazy and not
-// yet expanded, which means it's present and already checked for
-// initialized required fields.
-func (f *ExtensionField) isUnexpandedLazy() bool {
-	return f.lazy != nil && atomic.LoadUint32(&f.lazy.atomicOnce) == 0
-}
-
-// lazyBuffer retrieves the buffer for a lazy extension if it's not yet expanded.
-//
-// The returned buffer has to be kept over whatever operation we're planning,
-// as re-retrieving it will fail after the message is lazily decoded.
-func (f *ExtensionField) lazyBuffer() []byte {
-	// This function might be in the critical path, so check the atomic without
-	// taking a look first, then only take the lock if needed.
-	if !f.isUnexpandedLazy() {
-		return nil
-	}
-	f.lazy.mu.Lock()
-	defer f.lazy.mu.Unlock()
-	return f.lazy.b
-}
-
 func (f *ExtensionField) lazyInit() {
 	f.lazy.mu.Lock()
 	defer f.lazy.mu.Unlock()
@@ -157,9 +136,10 @@ func (f *ExtensionField) lazyInit() {
 		}
 		f.lazy.value = val
 	} else {
-		panic("No support for lazy fns for ExtensionField")
+		f.lazy.value = f.lazy.fn()
 	}
 	f.lazy.xi = nil
+	f.lazy.fn = nil
 	f.lazy.b = nil
 	atomic.StoreUint32(&f.lazy.atomicOnce, 1)
 }
@@ -172,6 +152,13 @@ func (f *ExtensionField) Set(t protoreflect.ExtensionType, v protoreflect.Value)
 	f.lazy = nil
 }
 
+// SetLazy sets the type and a value that is to be lazily evaluated upon first use.
+// This must not be called concurrently.
+func (f *ExtensionField) SetLazy(t protoreflect.ExtensionType, fn func() protoreflect.Value) {
+	f.typ = t
+	f.lazy = &lazyExtensionValue{fn: fn}
+}
+
 // Value returns the value of the extension field.
 // This may be called concurrently.
 func (f *ExtensionField) Value() protoreflect.Value {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_field.go b/vendor/google.golang.org/protobuf/internal/impl/codec_field.go
index 7c1f66c8c..3fadd241e 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_field.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_field.go
@@ -65,9 +65,6 @@ func (mi *MessageInfo) initOneofFieldCoders(od protoreflect.OneofDescriptor, si
 			if err != nil {
 				return out, err
 			}
-			if cf.funcs.isInit == nil {
-				out.initialized = true
-			}
 			vi.Set(vw)
 			return out, nil
 		}
@@ -236,15 +233,9 @@ func sizeMessageInfo(p pointer, f *coderFieldInfo, opts marshalOptions) int {
 }
 
 func appendMessageInfo(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	calculatedSize := f.mi.sizePointer(p.Elem(), opts)
 	b = protowire.AppendVarint(b, f.wiretag)
-	b = protowire.AppendVarint(b, uint64(calculatedSize))
-	before := len(b)
-	b, err := f.mi.marshalAppendPointer(b, p.Elem(), opts)
-	if measuredSize := len(b) - before; calculatedSize != measuredSize && err == nil {
-		return nil, errors.MismatchedSizeCalculation(calculatedSize, measuredSize)
-	}
-	return b, err
+	b = protowire.AppendVarint(b, uint64(f.mi.sizePointer(p.Elem(), opts)))
+	return f.mi.marshalAppendPointer(b, p.Elem(), opts)
 }
 
 func consumeMessageInfo(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
@@ -271,21 +262,14 @@ func isInitMessageInfo(p pointer, f *coderFieldInfo) error {
 	return f.mi.checkInitializedPointer(p.Elem())
 }
 
-func sizeMessage(m proto.Message, tagsize int, opts marshalOptions) int {
-	return protowire.SizeBytes(opts.Options().Size(m)) + tagsize
+func sizeMessage(m proto.Message, tagsize int, _ marshalOptions) int {
+	return protowire.SizeBytes(proto.Size(m)) + tagsize
 }
 
 func appendMessage(b []byte, m proto.Message, wiretag uint64, opts marshalOptions) ([]byte, error) {
-	mopts := opts.Options()
-	calculatedSize := mopts.Size(m)
 	b = protowire.AppendVarint(b, wiretag)
-	b = protowire.AppendVarint(b, uint64(calculatedSize))
-	before := len(b)
-	b, err := mopts.MarshalAppend(b, m)
-	if measuredSize := len(b) - before; calculatedSize != measuredSize && err == nil {
-		return nil, errors.MismatchedSizeCalculation(calculatedSize, measuredSize)
-	}
-	return b, err
+	b = protowire.AppendVarint(b, uint64(proto.Size(m)))
+	return opts.Options().MarshalAppend(b, m)
 }
 
 func consumeMessage(b []byte, m proto.Message, wtyp protowire.Type, opts unmarshalOptions) (out unmarshalOutput, err error) {
@@ -421,8 +405,8 @@ func consumeGroupType(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInf
 	return f.mi.unmarshalPointer(b, p.Elem(), f.num, opts)
 }
 
-func sizeGroup(m proto.Message, tagsize int, opts marshalOptions) int {
-	return 2*tagsize + opts.Options().Size(m)
+func sizeGroup(m proto.Message, tagsize int, _ marshalOptions) int {
+	return 2*tagsize + proto.Size(m)
 }
 
 func appendGroup(b []byte, m proto.Message, wiretag uint64, opts marshalOptions) ([]byte, error) {
@@ -498,14 +482,10 @@ func appendMessageSliceInfo(b []byte, p pointer, f *coderFieldInfo, opts marshal
 		b = protowire.AppendVarint(b, f.wiretag)
 		siz := f.mi.sizePointer(v, opts)
 		b = protowire.AppendVarint(b, uint64(siz))
-		before := len(b)
 		b, err = f.mi.marshalAppendPointer(b, v, opts)
 		if err != nil {
 			return b, err
 		}
-		if measuredSize := len(b) - before; siz != measuredSize {
-			return nil, errors.MismatchedSizeCalculation(siz, measuredSize)
-		}
 	}
 	return b, nil
 }
@@ -540,34 +520,28 @@ func isInitMessageSliceInfo(p pointer, f *coderFieldInfo) error {
 	return nil
 }
 
-func sizeMessageSlice(p pointer, goType reflect.Type, tagsize int, opts marshalOptions) int {
-	mopts := opts.Options()
+func sizeMessageSlice(p pointer, goType reflect.Type, tagsize int, _ marshalOptions) int {
 	s := p.PointerSlice()
 	n := 0
 	for _, v := range s {
 		m := asMessage(v.AsValueOf(goType.Elem()))
-		n += protowire.SizeBytes(mopts.Size(m)) + tagsize
+		n += protowire.SizeBytes(proto.Size(m)) + tagsize
 	}
 	return n
 }
 
 func appendMessageSlice(b []byte, p pointer, wiretag uint64, goType reflect.Type, opts marshalOptions) ([]byte, error) {
-	mopts := opts.Options()
 	s := p.PointerSlice()
 	var err error
 	for _, v := range s {
 		m := asMessage(v.AsValueOf(goType.Elem()))
 		b = protowire.AppendVarint(b, wiretag)
-		siz := mopts.Size(m)
+		siz := proto.Size(m)
 		b = protowire.AppendVarint(b, uint64(siz))
-		before := len(b)
-		b, err = mopts.MarshalAppend(b, m)
+		b, err = opts.Options().MarshalAppend(b, m)
 		if err != nil {
 			return b, err
 		}
-		if measuredSize := len(b) - before; siz != measuredSize {
-			return nil, errors.MismatchedSizeCalculation(siz, measuredSize)
-		}
 	}
 	return b, nil
 }
@@ -608,12 +582,11 @@ func isInitMessageSlice(p pointer, goType reflect.Type) error {
 // Slices of messages
 
 func sizeMessageSliceValue(listv protoreflect.Value, tagsize int, opts marshalOptions) int {
-	mopts := opts.Options()
 	list := listv.List()
 	n := 0
 	for i, llen := 0, list.Len(); i < llen; i++ {
 		m := list.Get(i).Message().Interface()
-		n += protowire.SizeBytes(mopts.Size(m)) + tagsize
+		n += protowire.SizeBytes(proto.Size(m)) + tagsize
 	}
 	return n
 }
@@ -624,17 +597,13 @@ func appendMessageSliceValue(b []byte, listv protoreflect.Value, wiretag uint64,
 	for i, llen := 0, list.Len(); i < llen; i++ {
 		m := list.Get(i).Message().Interface()
 		b = protowire.AppendVarint(b, wiretag)
-		siz := mopts.Size(m)
+		siz := proto.Size(m)
 		b = protowire.AppendVarint(b, uint64(siz))
-		before := len(b)
 		var err error
 		b, err = mopts.MarshalAppend(b, m)
 		if err != nil {
 			return b, err
 		}
-		if measuredSize := len(b) - before; siz != measuredSize {
-			return nil, errors.MismatchedSizeCalculation(siz, measuredSize)
-		}
 	}
 	return b, nil
 }
@@ -682,12 +651,11 @@ var coderMessageSliceValue = valueCoderFuncs{
 }
 
 func sizeGroupSliceValue(listv protoreflect.Value, tagsize int, opts marshalOptions) int {
-	mopts := opts.Options()
 	list := listv.List()
 	n := 0
 	for i, llen := 0, list.Len(); i < llen; i++ {
 		m := list.Get(i).Message().Interface()
-		n += 2*tagsize + mopts.Size(m)
+		n += 2*tagsize + proto.Size(m)
 	}
 	return n
 }
@@ -770,13 +738,12 @@ func makeGroupSliceFieldCoder(fd protoreflect.FieldDescriptor, ft reflect.Type)
 	}
 }
 
-func sizeGroupSlice(p pointer, messageType reflect.Type, tagsize int, opts marshalOptions) int {
-	mopts := opts.Options()
+func sizeGroupSlice(p pointer, messageType reflect.Type, tagsize int, _ marshalOptions) int {
 	s := p.PointerSlice()
 	n := 0
 	for _, v := range s {
 		m := asMessage(v.AsValueOf(messageType.Elem()))
-		n += 2*tagsize + mopts.Size(m)
+		n += 2*tagsize + proto.Size(m)
 	}
 	return n
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_field_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/codec_field_opaque.go
deleted file mode 100644
index 76818ea25..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_field_opaque.go
+++ /dev/null
@@ -1,264 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package impl
-
-import (
-	"fmt"
-	"reflect"
-
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/internal/errors"
-	"google.golang.org/protobuf/reflect/protoreflect"
-)
-
-func makeOpaqueMessageFieldCoder(fd protoreflect.FieldDescriptor, ft reflect.Type) (*MessageInfo, pointerCoderFuncs) {
-	mi := getMessageInfo(ft)
-	if mi == nil {
-		panic(fmt.Sprintf("invalid field: %v: unsupported message type %v", fd.FullName(), ft))
-	}
-	switch fd.Kind() {
-	case protoreflect.MessageKind:
-		return mi, pointerCoderFuncs{
-			size:      sizeOpaqueMessage,
-			marshal:   appendOpaqueMessage,
-			unmarshal: consumeOpaqueMessage,
-			isInit:    isInitOpaqueMessage,
-			merge:     mergeOpaqueMessage,
-		}
-	case protoreflect.GroupKind:
-		return mi, pointerCoderFuncs{
-			size:      sizeOpaqueGroup,
-			marshal:   appendOpaqueGroup,
-			unmarshal: consumeOpaqueGroup,
-			isInit:    isInitOpaqueMessage,
-			merge:     mergeOpaqueMessage,
-		}
-	}
-	panic("unexpected field kind")
-}
-
-func sizeOpaqueMessage(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
-	return protowire.SizeBytes(f.mi.sizePointer(p.AtomicGetPointer(), opts)) + f.tagsize
-}
-
-func appendOpaqueMessage(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	mp := p.AtomicGetPointer()
-	calculatedSize := f.mi.sizePointer(mp, opts)
-	b = protowire.AppendVarint(b, f.wiretag)
-	b = protowire.AppendVarint(b, uint64(calculatedSize))
-	before := len(b)
-	b, err := f.mi.marshalAppendPointer(b, mp, opts)
-	if measuredSize := len(b) - before; calculatedSize != measuredSize && err == nil {
-		return nil, errors.MismatchedSizeCalculation(calculatedSize, measuredSize)
-	}
-	return b, err
-}
-
-func consumeOpaqueMessage(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
-	if wtyp != protowire.BytesType {
-		return out, errUnknown
-	}
-	v, n := protowire.ConsumeBytes(b)
-	if n < 0 {
-		return out, errDecode
-	}
-	mp := p.AtomicGetPointer()
-	if mp.IsNil() {
-		mp = p.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.mi.GoReflectType.Elem())))
-	}
-	o, err := f.mi.unmarshalPointer(v, mp, 0, opts)
-	if err != nil {
-		return out, err
-	}
-	out.n = n
-	out.initialized = o.initialized
-	return out, nil
-}
-
-func isInitOpaqueMessage(p pointer, f *coderFieldInfo) error {
-	mp := p.AtomicGetPointer()
-	if mp.IsNil() {
-		return nil
-	}
-	return f.mi.checkInitializedPointer(mp)
-}
-
-func mergeOpaqueMessage(dst, src pointer, f *coderFieldInfo, opts mergeOptions) {
-	dstmp := dst.AtomicGetPointer()
-	if dstmp.IsNil() {
-		dstmp = dst.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.mi.GoReflectType.Elem())))
-	}
-	f.mi.mergePointer(dstmp, src.AtomicGetPointer(), opts)
-}
-
-func sizeOpaqueGroup(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
-	return 2*f.tagsize + f.mi.sizePointer(p.AtomicGetPointer(), opts)
-}
-
-func appendOpaqueGroup(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	b = protowire.AppendVarint(b, f.wiretag) // start group
-	b, err := f.mi.marshalAppendPointer(b, p.AtomicGetPointer(), opts)
-	b = protowire.AppendVarint(b, f.wiretag+1) // end group
-	return b, err
-}
-
-func consumeOpaqueGroup(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
-	if wtyp != protowire.StartGroupType {
-		return out, errUnknown
-	}
-	mp := p.AtomicGetPointer()
-	if mp.IsNil() {
-		mp = p.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.mi.GoReflectType.Elem())))
-	}
-	o, e := f.mi.unmarshalPointer(b, mp, f.num, opts)
-	return o, e
-}
-
-func makeOpaqueRepeatedMessageFieldCoder(fd protoreflect.FieldDescriptor, ft reflect.Type) (*MessageInfo, pointerCoderFuncs) {
-	if ft.Kind() != reflect.Ptr || ft.Elem().Kind() != reflect.Slice {
-		panic(fmt.Sprintf("invalid field: %v: unsupported type for opaque repeated message: %v", fd.FullName(), ft))
-	}
-	mt := ft.Elem().Elem() // *[]*T -> *T
-	mi := getMessageInfo(mt)
-	if mi == nil {
-		panic(fmt.Sprintf("invalid field: %v: unsupported message type %v", fd.FullName(), mt))
-	}
-	switch fd.Kind() {
-	case protoreflect.MessageKind:
-		return mi, pointerCoderFuncs{
-			size:      sizeOpaqueMessageSlice,
-			marshal:   appendOpaqueMessageSlice,
-			unmarshal: consumeOpaqueMessageSlice,
-			isInit:    isInitOpaqueMessageSlice,
-			merge:     mergeOpaqueMessageSlice,
-		}
-	case protoreflect.GroupKind:
-		return mi, pointerCoderFuncs{
-			size:      sizeOpaqueGroupSlice,
-			marshal:   appendOpaqueGroupSlice,
-			unmarshal: consumeOpaqueGroupSlice,
-			isInit:    isInitOpaqueMessageSlice,
-			merge:     mergeOpaqueMessageSlice,
-		}
-	}
-	panic("unexpected field kind")
-}
-
-func sizeOpaqueMessageSlice(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
-	s := p.AtomicGetPointer().PointerSlice()
-	n := 0
-	for _, v := range s {
-		n += protowire.SizeBytes(f.mi.sizePointer(v, opts)) + f.tagsize
-	}
-	return n
-}
-
-func appendOpaqueMessageSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	s := p.AtomicGetPointer().PointerSlice()
-	var err error
-	for _, v := range s {
-		b = protowire.AppendVarint(b, f.wiretag)
-		siz := f.mi.sizePointer(v, opts)
-		b = protowire.AppendVarint(b, uint64(siz))
-		before := len(b)
-		b, err = f.mi.marshalAppendPointer(b, v, opts)
-		if err != nil {
-			return b, err
-		}
-		if measuredSize := len(b) - before; siz != measuredSize {
-			return nil, errors.MismatchedSizeCalculation(siz, measuredSize)
-		}
-	}
-	return b, nil
-}
-
-func consumeOpaqueMessageSlice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
-	if wtyp != protowire.BytesType {
-		return out, errUnknown
-	}
-	v, n := protowire.ConsumeBytes(b)
-	if n < 0 {
-		return out, errDecode
-	}
-	mp := pointerOfValue(reflect.New(f.mi.GoReflectType.Elem()))
-	o, err := f.mi.unmarshalPointer(v, mp, 0, opts)
-	if err != nil {
-		return out, err
-	}
-	sp := p.AtomicGetPointer()
-	if sp.IsNil() {
-		sp = p.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.ft.Elem())))
-	}
-	sp.AppendPointerSlice(mp)
-	out.n = n
-	out.initialized = o.initialized
-	return out, nil
-}
-
-func isInitOpaqueMessageSlice(p pointer, f *coderFieldInfo) error {
-	sp := p.AtomicGetPointer()
-	if sp.IsNil() {
-		return nil
-	}
-	s := sp.PointerSlice()
-	for _, v := range s {
-		if err := f.mi.checkInitializedPointer(v); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func mergeOpaqueMessageSlice(dst, src pointer, f *coderFieldInfo, opts mergeOptions) {
-	ds := dst.AtomicGetPointer()
-	if ds.IsNil() {
-		ds = dst.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.ft.Elem())))
-	}
-	for _, sp := range src.AtomicGetPointer().PointerSlice() {
-		dm := pointerOfValue(reflect.New(f.mi.GoReflectType.Elem()))
-		f.mi.mergePointer(dm, sp, opts)
-		ds.AppendPointerSlice(dm)
-	}
-}
-
-func sizeOpaqueGroupSlice(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
-	s := p.AtomicGetPointer().PointerSlice()
-	n := 0
-	for _, v := range s {
-		n += 2*f.tagsize + f.mi.sizePointer(v, opts)
-	}
-	return n
-}
-
-func appendOpaqueGroupSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
-	s := p.AtomicGetPointer().PointerSlice()
-	var err error
-	for _, v := range s {
-		b = protowire.AppendVarint(b, f.wiretag) // start group
-		b, err = f.mi.marshalAppendPointer(b, v, opts)
-		if err != nil {
-			return b, err
-		}
-		b = protowire.AppendVarint(b, f.wiretag+1) // end group
-	}
-	return b, nil
-}
-
-func consumeOpaqueGroupSlice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
-	if wtyp != protowire.StartGroupType {
-		return out, errUnknown
-	}
-	mp := pointerOfValue(reflect.New(f.mi.GoReflectType.Elem()))
-	out, err = f.mi.unmarshalPointer(b, mp, f.num, opts)
-	if err != nil {
-		return out, err
-	}
-	sp := p.AtomicGetPointer()
-	if sp.IsNil() {
-		sp = p.AtomicSetPointerIfNil(pointerOfValue(reflect.New(f.ft.Elem())))
-	}
-	sp.AppendPointerSlice(mp)
-	return out, err
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_map.go b/vendor/google.golang.org/protobuf/internal/impl/codec_map.go
index fb35f0bae..111b9d16f 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_map.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_map.go
@@ -9,7 +9,6 @@ import (
 	"sort"
 
 	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/internal/errors"
 	"google.golang.org/protobuf/internal/genid"
 	"google.golang.org/protobuf/reflect/protoreflect"
 )
@@ -241,16 +240,11 @@ func appendMapItem(b []byte, keyrv, valrv reflect.Value, mapi *mapInfo, f *coder
 		size += mapi.keyFuncs.size(key.Value(), mapKeyTagSize, opts)
 		size += mapi.valFuncs.size(val, mapValTagSize, opts)
 		b = protowire.AppendVarint(b, uint64(size))
-		before := len(b)
 		b, err := mapi.keyFuncs.marshal(b, key.Value(), mapi.keyWiretag, opts)
 		if err != nil {
 			return nil, err
 		}
-		b, err = mapi.valFuncs.marshal(b, val, mapi.valWiretag, opts)
-		if measuredSize := len(b) - before; size != measuredSize && err == nil {
-			return nil, errors.MismatchedSizeCalculation(size, measuredSize)
-		}
-		return b, err
+		return mapi.valFuncs.marshal(b, val, mapi.valWiretag, opts)
 	} else {
 		key := mapi.conv.keyConv.PBValueOf(keyrv).MapKey()
 		val := pointerOfValue(valrv)
@@ -265,12 +259,7 @@ func appendMapItem(b []byte, keyrv, valrv reflect.Value, mapi *mapInfo, f *coder
 		}
 		b = protowire.AppendVarint(b, mapi.valWiretag)
 		b = protowire.AppendVarint(b, uint64(valSize))
-		before := len(b)
-		b, err = f.mi.marshalAppendPointer(b, val, opts)
-		if measuredSize := len(b) - before; valSize != measuredSize && err == nil {
-			return nil, errors.MismatchedSizeCalculation(valSize, measuredSize)
-		}
-		return b, err
+		return f.mi.marshalAppendPointer(b, val, opts)
 	}
 }
 
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_message.go b/vendor/google.golang.org/protobuf/internal/impl/codec_message.go
index 2f7b363ec..6b2fdbb73 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_message.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_message.go
@@ -32,10 +32,6 @@ type coderMessageInfo struct {
 	needsInitCheck     bool
 	isMessageSet       bool
 	numRequiredFields  uint8
-
-	lazyOffset     offset
-	presenceOffset offset
-	presenceSize   presenceSize
 }
 
 type coderFieldInfo struct {
@@ -49,19 +45,12 @@ type coderFieldInfo struct {
 	tagsize    int                      // size of the varint-encoded tag
 	isPointer  bool                     // true if IsNil may be called on the struct field
 	isRequired bool                     // true if field is required
-
-	isLazy        bool
-	presenceIndex uint32
 }
 
-const noPresence = 0xffffffff
-
 func (mi *MessageInfo) makeCoderMethods(t reflect.Type, si structInfo) {
 	mi.sizecacheOffset = invalidOffset
 	mi.unknownOffset = invalidOffset
 	mi.extensionOffset = invalidOffset
-	mi.lazyOffset = invalidOffset
-	mi.presenceOffset = si.presenceOffset
 
 	if si.sizecacheOffset.IsValid() && si.sizecacheType == sizecacheType {
 		mi.sizecacheOffset = si.sizecacheOffset
@@ -138,8 +127,6 @@ func (mi *MessageInfo) makeCoderMethods(t reflect.Type, si structInfo) {
 			validation: newFieldValidationInfo(mi, si, fd, ft),
 			isPointer:  fd.Cardinality() == protoreflect.Repeated || fd.HasPresence(),
 			isRequired: fd.Cardinality() == protoreflect.Required,
-
-			presenceIndex: noPresence,
 		}
 		mi.orderedCoderFields = append(mi.orderedCoderFields, cf)
 		mi.coderFields[cf.num] = cf
@@ -202,9 +189,6 @@ func (mi *MessageInfo) makeCoderMethods(t reflect.Type, si structInfo) {
 	if mi.methods.Merge == nil {
 		mi.methods.Merge = mi.merge
 	}
-	if mi.methods.Equal == nil {
-		mi.methods.Equal = equal
-	}
 }
 
 // getUnknownBytes returns a *[]byte for the unknown fields.
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_message_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/codec_message_opaque.go
deleted file mode 100644
index 88c16ae5b..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_message_opaque.go
+++ /dev/null
@@ -1,156 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package impl
-
-import (
-	"fmt"
-	"reflect"
-	"sort"
-
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/internal/encoding/messageset"
-	"google.golang.org/protobuf/internal/order"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	piface "google.golang.org/protobuf/runtime/protoiface"
-)
-
-func (mi *MessageInfo) makeOpaqueCoderMethods(t reflect.Type, si opaqueStructInfo) {
-	mi.sizecacheOffset = si.sizecacheOffset
-	mi.unknownOffset = si.unknownOffset
-	mi.unknownPtrKind = si.unknownType.Kind() == reflect.Ptr
-	mi.extensionOffset = si.extensionOffset
-	mi.lazyOffset = si.lazyOffset
-	mi.presenceOffset = si.presenceOffset
-
-	mi.coderFields = make(map[protowire.Number]*coderFieldInfo)
-	fields := mi.Desc.Fields()
-	for i := 0; i < fields.Len(); i++ {
-		fd := fields.Get(i)
-
-		fs := si.fieldsByNumber[fd.Number()]
-		if fd.ContainingOneof() != nil && !fd.ContainingOneof().IsSynthetic() {
-			fs = si.oneofsByName[fd.ContainingOneof().Name()]
-		}
-		ft := fs.Type
-		var wiretag uint64
-		if !fd.IsPacked() {
-			wiretag = protowire.EncodeTag(fd.Number(), wireTypes[fd.Kind()])
-		} else {
-			wiretag = protowire.EncodeTag(fd.Number(), protowire.BytesType)
-		}
-		var fieldOffset offset
-		var funcs pointerCoderFuncs
-		var childMessage *MessageInfo
-		switch {
-		case fd.ContainingOneof() != nil && !fd.ContainingOneof().IsSynthetic():
-			fieldOffset = offsetOf(fs, mi.Exporter)
-		case fd.IsWeak():
-			fieldOffset = si.weakOffset
-			funcs = makeWeakMessageFieldCoder(fd)
-		case fd.Message() != nil && !fd.IsMap():
-			fieldOffset = offsetOf(fs, mi.Exporter)
-			if fd.IsList() {
-				childMessage, funcs = makeOpaqueRepeatedMessageFieldCoder(fd, ft)
-			} else {
-				childMessage, funcs = makeOpaqueMessageFieldCoder(fd, ft)
-			}
-		default:
-			fieldOffset = offsetOf(fs, mi.Exporter)
-			childMessage, funcs = fieldCoder(fd, ft)
-		}
-		cf := &coderFieldInfo{
-			num:        fd.Number(),
-			offset:     fieldOffset,
-			wiretag:    wiretag,
-			ft:         ft,
-			tagsize:    protowire.SizeVarint(wiretag),
-			funcs:      funcs,
-			mi:         childMessage,
-			validation: newFieldValidationInfo(mi, si.structInfo, fd, ft),
-			isPointer: (fd.Cardinality() == protoreflect.Repeated ||
-				fd.Kind() == protoreflect.MessageKind ||
-				fd.Kind() == protoreflect.GroupKind),
-			isRequired:    fd.Cardinality() == protoreflect.Required,
-			presenceIndex: noPresence,
-		}
-
-		// TODO: Use presence for all fields.
-		//
-		// In some cases, such as maps, presence means only "might be set" rather
-		// than "is definitely set", but every field should have a presence bit to
-		// permit us to skip over definitely-unset fields at marshal time.
-
-		var hasPresence bool
-		hasPresence, cf.isLazy = usePresenceForField(si, fd)
-
-		if hasPresence {
-			cf.presenceIndex, mi.presenceSize = presenceIndex(mi.Desc, fd)
-		}
-
-		mi.orderedCoderFields = append(mi.orderedCoderFields, cf)
-		mi.coderFields[cf.num] = cf
-	}
-	for i, oneofs := 0, mi.Desc.Oneofs(); i < oneofs.Len(); i++ {
-		if od := oneofs.Get(i); !od.IsSynthetic() {
-			mi.initOneofFieldCoders(od, si.structInfo)
-		}
-	}
-	if messageset.IsMessageSet(mi.Desc) {
-		if !mi.extensionOffset.IsValid() {
-			panic(fmt.Sprintf("%v: MessageSet with no extensions field", mi.Desc.FullName()))
-		}
-		if !mi.unknownOffset.IsValid() {
-			panic(fmt.Sprintf("%v: MessageSet with no unknown field", mi.Desc.FullName()))
-		}
-		mi.isMessageSet = true
-	}
-	sort.Slice(mi.orderedCoderFields, func(i, j int) bool {
-		return mi.orderedCoderFields[i].num < mi.orderedCoderFields[j].num
-	})
-
-	var maxDense protoreflect.FieldNumber
-	for _, cf := range mi.orderedCoderFields {
-		if cf.num >= 16 && cf.num >= 2*maxDense {
-			break
-		}
-		maxDense = cf.num
-	}
-	mi.denseCoderFields = make([]*coderFieldInfo, maxDense+1)
-	for _, cf := range mi.orderedCoderFields {
-		if int(cf.num) > len(mi.denseCoderFields) {
-			break
-		}
-		mi.denseCoderFields[cf.num] = cf
-	}
-
-	// To preserve compatibility with historic wire output, marshal oneofs last.
-	if mi.Desc.Oneofs().Len() > 0 {
-		sort.Slice(mi.orderedCoderFields, func(i, j int) bool {
-			fi := fields.ByNumber(mi.orderedCoderFields[i].num)
-			fj := fields.ByNumber(mi.orderedCoderFields[j].num)
-			return order.LegacyFieldOrder(fi, fj)
-		})
-	}
-
-	mi.needsInitCheck = needsInitCheck(mi.Desc)
-	if mi.methods.Marshal == nil && mi.methods.Size == nil {
-		mi.methods.Flags |= piface.SupportMarshalDeterministic
-		mi.methods.Marshal = mi.marshal
-		mi.methods.Size = mi.size
-	}
-	if mi.methods.Unmarshal == nil {
-		mi.methods.Flags |= piface.SupportUnmarshalDiscardUnknown
-		mi.methods.Unmarshal = mi.unmarshal
-	}
-	if mi.methods.CheckInitialized == nil {
-		mi.methods.CheckInitialized = mi.checkInitialized
-	}
-	if mi.methods.Merge == nil {
-		mi.methods.Merge = mi.merge
-	}
-	if mi.methods.Equal == nil {
-		mi.methods.Equal = equal
-	}
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_messageset.go b/vendor/google.golang.org/protobuf/internal/impl/codec_messageset.go
index 7a16ec13d..b7a23faf1 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_messageset.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_messageset.go
@@ -26,15 +26,6 @@ func sizeMessageSet(mi *MessageInfo, p pointer, opts marshalOptions) (size int)
 		}
 		num, _ := protowire.DecodeTag(xi.wiretag)
 		size += messageset.SizeField(num)
-		if fullyLazyExtensions(opts) {
-			// Don't expand the extension, instead use the buffer to calculate size
-			if lb := x.lazyBuffer(); lb != nil {
-				// We got hold of the buffer, so it's still lazy.
-				// Don't count the tag size in the extension buffer, it's already added.
-				size += protowire.SizeTag(messageset.FieldMessage) + len(lb) - xi.tagsize
-				continue
-			}
-		}
 		size += xi.funcs.size(x.Value(), protowire.SizeTag(messageset.FieldMessage), opts)
 	}
 
@@ -94,19 +85,6 @@ func marshalMessageSetField(mi *MessageInfo, b []byte, x ExtensionField, opts ma
 	xi := getExtensionFieldInfo(x.Type())
 	num, _ := protowire.DecodeTag(xi.wiretag)
 	b = messageset.AppendFieldStart(b, num)
-
-	if fullyLazyExtensions(opts) {
-		// Don't expand the extension if it's still in wire format, instead use the buffer content.
-		if lb := x.lazyBuffer(); lb != nil {
-			// The tag inside the lazy buffer is a different tag (the extension
-			// number), but what we need here is the tag for FieldMessage:
-			b = protowire.AppendVarint(b, protowire.EncodeTag(messageset.FieldMessage, protowire.BytesType))
-			b = append(b, lb[xi.tagsize:]...)
-			b = messageset.AppendFieldEnd(b)
-			return b, nil
-		}
-	}
-
 	b, err := xi.funcs.marshal(b, x.Value(), protowire.EncodeTag(messageset.FieldMessage, protowire.BytesType), opts)
 	if err != nil {
 		return b, err
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_reflect.go b/vendor/google.golang.org/protobuf/internal/impl/codec_reflect.go
new file mode 100644
index 000000000..145c577bd
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_reflect.go
@@ -0,0 +1,210 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build purego || appengine
+// +build purego appengine
+
+package impl
+
+import (
+	"reflect"
+
+	"google.golang.org/protobuf/encoding/protowire"
+)
+
+func sizeEnum(p pointer, f *coderFieldInfo, _ marshalOptions) (size int) {
+	v := p.v.Elem().Int()
+	return f.tagsize + protowire.SizeVarint(uint64(v))
+}
+
+func appendEnum(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	v := p.v.Elem().Int()
+	b = protowire.AppendVarint(b, f.wiretag)
+	b = protowire.AppendVarint(b, uint64(v))
+	return b, nil
+}
+
+func consumeEnum(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, _ unmarshalOptions) (out unmarshalOutput, err error) {
+	if wtyp != protowire.VarintType {
+		return out, errUnknown
+	}
+	v, n := protowire.ConsumeVarint(b)
+	if n < 0 {
+		return out, errDecode
+	}
+	p.v.Elem().SetInt(int64(v))
+	out.n = n
+	return out, nil
+}
+
+func mergeEnum(dst, src pointer, _ *coderFieldInfo, _ mergeOptions) {
+	dst.v.Elem().Set(src.v.Elem())
+}
+
+var coderEnum = pointerCoderFuncs{
+	size:      sizeEnum,
+	marshal:   appendEnum,
+	unmarshal: consumeEnum,
+	merge:     mergeEnum,
+}
+
+func sizeEnumNoZero(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
+	if p.v.Elem().Int() == 0 {
+		return 0
+	}
+	return sizeEnum(p, f, opts)
+}
+
+func appendEnumNoZero(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	if p.v.Elem().Int() == 0 {
+		return b, nil
+	}
+	return appendEnum(b, p, f, opts)
+}
+
+func mergeEnumNoZero(dst, src pointer, _ *coderFieldInfo, _ mergeOptions) {
+	if src.v.Elem().Int() != 0 {
+		dst.v.Elem().Set(src.v.Elem())
+	}
+}
+
+var coderEnumNoZero = pointerCoderFuncs{
+	size:      sizeEnumNoZero,
+	marshal:   appendEnumNoZero,
+	unmarshal: consumeEnum,
+	merge:     mergeEnumNoZero,
+}
+
+func sizeEnumPtr(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
+	return sizeEnum(pointer{p.v.Elem()}, f, opts)
+}
+
+func appendEnumPtr(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	return appendEnum(b, pointer{p.v.Elem()}, f, opts)
+}
+
+func consumeEnumPtr(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
+	if wtyp != protowire.VarintType {
+		return out, errUnknown
+	}
+	if p.v.Elem().IsNil() {
+		p.v.Elem().Set(reflect.New(p.v.Elem().Type().Elem()))
+	}
+	return consumeEnum(b, pointer{p.v.Elem()}, wtyp, f, opts)
+}
+
+func mergeEnumPtr(dst, src pointer, _ *coderFieldInfo, _ mergeOptions) {
+	if !src.v.Elem().IsNil() {
+		v := reflect.New(dst.v.Type().Elem().Elem())
+		v.Elem().Set(src.v.Elem().Elem())
+		dst.v.Elem().Set(v)
+	}
+}
+
+var coderEnumPtr = pointerCoderFuncs{
+	size:      sizeEnumPtr,
+	marshal:   appendEnumPtr,
+	unmarshal: consumeEnumPtr,
+	merge:     mergeEnumPtr,
+}
+
+func sizeEnumSlice(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
+	s := p.v.Elem()
+	for i, llen := 0, s.Len(); i < llen; i++ {
+		size += protowire.SizeVarint(uint64(s.Index(i).Int())) + f.tagsize
+	}
+	return size
+}
+
+func appendEnumSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	s := p.v.Elem()
+	for i, llen := 0, s.Len(); i < llen; i++ {
+		b = protowire.AppendVarint(b, f.wiretag)
+		b = protowire.AppendVarint(b, uint64(s.Index(i).Int()))
+	}
+	return b, nil
+}
+
+func consumeEnumSlice(b []byte, p pointer, wtyp protowire.Type, f *coderFieldInfo, opts unmarshalOptions) (out unmarshalOutput, err error) {
+	s := p.v.Elem()
+	if wtyp == protowire.BytesType {
+		b, n := protowire.ConsumeBytes(b)
+		if n < 0 {
+			return out, errDecode
+		}
+		for len(b) > 0 {
+			v, n := protowire.ConsumeVarint(b)
+			if n < 0 {
+				return out, errDecode
+			}
+			rv := reflect.New(s.Type().Elem()).Elem()
+			rv.SetInt(int64(v))
+			s.Set(reflect.Append(s, rv))
+			b = b[n:]
+		}
+		out.n = n
+		return out, nil
+	}
+	if wtyp != protowire.VarintType {
+		return out, errUnknown
+	}
+	v, n := protowire.ConsumeVarint(b)
+	if n < 0 {
+		return out, errDecode
+	}
+	rv := reflect.New(s.Type().Elem()).Elem()
+	rv.SetInt(int64(v))
+	s.Set(reflect.Append(s, rv))
+	out.n = n
+	return out, nil
+}
+
+func mergeEnumSlice(dst, src pointer, _ *coderFieldInfo, _ mergeOptions) {
+	dst.v.Elem().Set(reflect.AppendSlice(dst.v.Elem(), src.v.Elem()))
+}
+
+var coderEnumSlice = pointerCoderFuncs{
+	size:      sizeEnumSlice,
+	marshal:   appendEnumSlice,
+	unmarshal: consumeEnumSlice,
+	merge:     mergeEnumSlice,
+}
+
+func sizeEnumPackedSlice(p pointer, f *coderFieldInfo, opts marshalOptions) (size int) {
+	s := p.v.Elem()
+	llen := s.Len()
+	if llen == 0 {
+		return 0
+	}
+	n := 0
+	for i := 0; i < llen; i++ {
+		n += protowire.SizeVarint(uint64(s.Index(i).Int()))
+	}
+	return f.tagsize + protowire.SizeBytes(n)
+}
+
+func appendEnumPackedSlice(b []byte, p pointer, f *coderFieldInfo, opts marshalOptions) ([]byte, error) {
+	s := p.v.Elem()
+	llen := s.Len()
+	if llen == 0 {
+		return b, nil
+	}
+	b = protowire.AppendVarint(b, f.wiretag)
+	n := 0
+	for i := 0; i < llen; i++ {
+		n += protowire.SizeVarint(uint64(s.Index(i).Int()))
+	}
+	b = protowire.AppendVarint(b, uint64(n))
+	for i := 0; i < llen; i++ {
+		b = protowire.AppendVarint(b, uint64(s.Index(i).Int()))
+	}
+	return b, nil
+}
+
+var coderEnumPackedSlice = pointerCoderFuncs{
+	size:      sizeEnumPackedSlice,
+	marshal:   appendEnumPackedSlice,
+	unmarshal: consumeEnumSlice,
+	merge:     mergeEnumSlice,
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/codec_unsafe.go b/vendor/google.golang.org/protobuf/internal/impl/codec_unsafe.go
index 077712c2c..757642e23 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/codec_unsafe.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/codec_unsafe.go
@@ -2,6 +2,9 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build !purego && !appengine
+// +build !purego,!appengine
+
 package impl
 
 // When using unsafe pointers, we can just treat enum values as int32s.
diff --git a/vendor/google.golang.org/protobuf/internal/impl/convert.go b/vendor/google.golang.org/protobuf/internal/impl/convert.go
index f72ddd882..185ef2efa 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/convert.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/convert.go
@@ -14,7 +14,7 @@ import (
 // unwrapper unwraps the value to the underlying value.
 // This is implemented by List and Map.
 type unwrapper interface {
-	protoUnwrap() any
+	protoUnwrap() interface{}
 }
 
 // A Converter coverts to/from Go reflect.Value types and protobuf protoreflect.Value types.
@@ -322,7 +322,7 @@ func (c *stringConverter) PBValueOf(v reflect.Value) protoreflect.Value {
 	return protoreflect.ValueOfString(v.Convert(stringType).String())
 }
 func (c *stringConverter) GoValueOf(v protoreflect.Value) reflect.Value {
-	// protoreflect.Value.String never panics, so we go through an interface
+	// pref.Value.String never panics, so we go through an interface
 	// conversion here to check the type.
 	s := v.Interface().(string)
 	if c.goType.Kind() == reflect.Slice && s == "" {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/convert_list.go b/vendor/google.golang.org/protobuf/internal/impl/convert_list.go
index 18cb96fd7..f89136516 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/convert_list.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/convert_list.go
@@ -136,6 +136,6 @@ func (ls *listReflect) NewElement() protoreflect.Value {
 func (ls *listReflect) IsValid() bool {
 	return !ls.v.IsNil()
 }
-func (ls *listReflect) protoUnwrap() any {
+func (ls *listReflect) protoUnwrap() interface{} {
 	return ls.v.Interface()
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/convert_map.go b/vendor/google.golang.org/protobuf/internal/impl/convert_map.go
index 304244a65..f30b0a057 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/convert_map.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/convert_map.go
@@ -116,6 +116,6 @@ func (ms *mapReflect) NewValue() protoreflect.Value {
 func (ms *mapReflect) IsValid() bool {
 	return !ms.v.IsNil()
 }
-func (ms *mapReflect) protoUnwrap() any {
+func (ms *mapReflect) protoUnwrap() interface{} {
 	return ms.v.Interface()
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/decode.go b/vendor/google.golang.org/protobuf/internal/impl/decode.go
index e0dd21fa5..cda0520c2 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/decode.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/decode.go
@@ -34,8 +34,6 @@ func (o unmarshalOptions) Options() proto.UnmarshalOptions {
 		AllowPartial:   true,
 		DiscardUnknown: o.DiscardUnknown(),
 		Resolver:       o.resolver,
-
-		NoLazyDecoding: o.NoLazyDecoding(),
 	}
 }
 
@@ -43,26 +41,13 @@ func (o unmarshalOptions) DiscardUnknown() bool {
 	return o.flags&protoiface.UnmarshalDiscardUnknown != 0
 }
 
-func (o unmarshalOptions) AliasBuffer() bool { return o.flags&protoiface.UnmarshalAliasBuffer != 0 }
-func (o unmarshalOptions) Validated() bool   { return o.flags&protoiface.UnmarshalValidated != 0 }
-func (o unmarshalOptions) NoLazyDecoding() bool {
-	return o.flags&protoiface.UnmarshalNoLazyDecoding != 0
-}
-
-func (o unmarshalOptions) CanBeLazy() bool {
-	if o.resolver != protoregistry.GlobalTypes {
-		return false
-	}
-	// We ignore the UnmarshalInvalidateSizeCache even though it's not in the default set
-	return (o.flags & ^(protoiface.UnmarshalAliasBuffer | protoiface.UnmarshalValidated | protoiface.UnmarshalCheckRequired)) == 0
+func (o unmarshalOptions) IsDefault() bool {
+	return o.flags == 0 && o.resolver == protoregistry.GlobalTypes
 }
 
 var lazyUnmarshalOptions = unmarshalOptions{
 	resolver: protoregistry.GlobalTypes,
-
-	flags: protoiface.UnmarshalAliasBuffer | protoiface.UnmarshalValidated,
-
-	depth: protowire.DefaultRecursionLimit,
+	depth:    protowire.DefaultRecursionLimit,
 }
 
 type unmarshalOutput struct {
@@ -109,30 +94,9 @@ func (mi *MessageInfo) unmarshalPointer(b []byte, p pointer, groupTag protowire.
 	if flags.ProtoLegacy && mi.isMessageSet {
 		return unmarshalMessageSet(mi, b, p, opts)
 	}
-
-	lazyDecoding := LazyEnabled() // default
-	if opts.NoLazyDecoding() {
-		lazyDecoding = false // explicitly disabled
-	}
-	if mi.lazyOffset.IsValid() && lazyDecoding {
-		return mi.unmarshalPointerLazy(b, p, groupTag, opts)
-	}
-	return mi.unmarshalPointerEager(b, p, groupTag, opts)
-}
-
-// unmarshalPointerEager is the message unmarshalling function for all messages that are not lazy.
-// The corresponding function for Lazy is in google_lazy.go.
-func (mi *MessageInfo) unmarshalPointerEager(b []byte, p pointer, groupTag protowire.Number, opts unmarshalOptions) (out unmarshalOutput, err error) {
-
 	initialized := true
 	var requiredMask uint64
 	var exts *map[int32]ExtensionField
-
-	var presence presence
-	if mi.presenceOffset.IsValid() {
-		presence = p.Apply(mi.presenceOffset).PresenceInfo()
-	}
-
 	start := len(b)
 	for len(b) > 0 {
 		// Parse the tag (field number and wire type).
@@ -190,11 +154,6 @@ func (mi *MessageInfo) unmarshalPointerEager(b []byte, p pointer, groupTag proto
 			if f.funcs.isInit != nil && !o.initialized {
 				initialized = false
 			}
-
-			if f.presenceIndex != noPresence {
-				presence.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
-			}
-
 		default:
 			// Possible extension.
 			if exts == nil && mi.extensionOffset.IsValid() {
@@ -263,7 +222,7 @@ func (mi *MessageInfo) unmarshalExtension(b []byte, num protowire.Number, wtyp p
 		return out, errUnknown
 	}
 	if flags.LazyUnmarshalExtensions {
-		if opts.CanBeLazy() && x.canLazy(xt) {
+		if opts.IsDefault() && x.canLazy(xt) {
 			out, valid := skipExtension(b, xi, num, wtyp, opts)
 			switch valid {
 			case ValidationValid:
@@ -311,13 +270,6 @@ func skipExtension(b []byte, xi *extensionFieldInfo, num protowire.Number, wtyp
 		if n < 0 {
 			return out, ValidationUnknown
 		}
-
-		if opts.Validated() {
-			out.initialized = true
-			out.n = n
-			return out, ValidationValid
-		}
-
 		out, st := xi.validation.mi.validate(v, 0, opts)
 		out.n = n
 		return out, st
diff --git a/vendor/google.golang.org/protobuf/internal/impl/encode.go b/vendor/google.golang.org/protobuf/internal/impl/encode.go
index b2e212291..845c67d6e 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/encode.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/encode.go
@@ -10,8 +10,7 @@ import (
 	"sync/atomic"
 
 	"google.golang.org/protobuf/internal/flags"
-	"google.golang.org/protobuf/internal/protolazy"
-	"google.golang.org/protobuf/proto"
+	proto "google.golang.org/protobuf/proto"
 	piface "google.golang.org/protobuf/runtime/protoiface"
 )
 
@@ -50,11 +49,8 @@ func (mi *MessageInfo) sizePointer(p pointer, opts marshalOptions) (size int) {
 		return 0
 	}
 	if opts.UseCachedSize() && mi.sizecacheOffset.IsValid() {
-		// The size cache contains the size + 1, to allow the
-		// zero value to be invalid, while also allowing for a
-		// 0 size to be cached.
-		if size := atomic.LoadInt32(p.Apply(mi.sizecacheOffset).Int32()); size > 0 {
-			return int(size - 1)
+		if size := atomic.LoadInt32(p.Apply(mi.sizecacheOffset).Int32()); size >= 0 {
+			return int(size)
 		}
 	}
 	return mi.sizePointerSlow(p, opts)
@@ -64,7 +60,7 @@ func (mi *MessageInfo) sizePointerSlow(p pointer, opts marshalOptions) (size int
 	if flags.ProtoLegacy && mi.isMessageSet {
 		size = sizeMessageSet(mi, p, opts)
 		if mi.sizecacheOffset.IsValid() {
-			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), int32(size+1))
+			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), int32(size))
 		}
 		return size
 	}
@@ -72,39 +68,11 @@ func (mi *MessageInfo) sizePointerSlow(p pointer, opts marshalOptions) (size int
 		e := p.Apply(mi.extensionOffset).Extensions()
 		size += mi.sizeExtensions(e, opts)
 	}
-
-	var lazy **protolazy.XXX_lazyUnmarshalInfo
-	var presence presence
-	if mi.presenceOffset.IsValid() {
-		presence = p.Apply(mi.presenceOffset).PresenceInfo()
-		if mi.lazyOffset.IsValid() {
-			lazy = p.Apply(mi.lazyOffset).LazyInfoPtr()
-		}
-	}
-
 	for _, f := range mi.orderedCoderFields {
 		if f.funcs.size == nil {
 			continue
 		}
 		fptr := p.Apply(f.offset)
-
-		if f.presenceIndex != noPresence {
-			if !presence.Present(f.presenceIndex) {
-				continue
-			}
-
-			if f.isLazy && fptr.AtomicGetPointer().IsNil() {
-				if lazyFields(opts) {
-					size += (*lazy).SizeField(uint32(f.num))
-					continue
-				} else {
-					mi.lazyUnmarshal(p, f.num)
-				}
-			}
-			size += f.funcs.size(fptr, f, opts)
-			continue
-		}
-
 		if f.isPointer && fptr.Elem().IsNil() {
 			continue
 		}
@@ -116,16 +84,13 @@ func (mi *MessageInfo) sizePointerSlow(p pointer, opts marshalOptions) (size int
 		}
 	}
 	if mi.sizecacheOffset.IsValid() {
-		if size > (math.MaxInt32 - 1) {
+		if size > math.MaxInt32 {
 			// The size is too large for the int32 sizecache field.
 			// We will need to recompute the size when encoding;
 			// unfortunately expensive, but better than invalid output.
-			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), 0)
+			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), -1)
 		} else {
-			// The size cache contains the size + 1, to allow the
-			// zero value to be invalid, while also allowing for a
-			// 0 size to be cached.
-			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), int32(size+1))
+			atomic.StoreInt32(p.Apply(mi.sizecacheOffset).Int32(), int32(size))
 		}
 	}
 	return size
@@ -163,52 +128,11 @@ func (mi *MessageInfo) marshalAppendPointer(b []byte, p pointer, opts marshalOpt
 			return b, err
 		}
 	}
-
-	var lazy **protolazy.XXX_lazyUnmarshalInfo
-	var presence presence
-	if mi.presenceOffset.IsValid() {
-		presence = p.Apply(mi.presenceOffset).PresenceInfo()
-		if mi.lazyOffset.IsValid() {
-			lazy = p.Apply(mi.lazyOffset).LazyInfoPtr()
-		}
-	}
-
 	for _, f := range mi.orderedCoderFields {
 		if f.funcs.marshal == nil {
 			continue
 		}
 		fptr := p.Apply(f.offset)
-
-		if f.presenceIndex != noPresence {
-			if !presence.Present(f.presenceIndex) {
-				continue
-			}
-			if f.isLazy {
-				// Be careful, this field needs to be read atomically, like for a get
-				if f.isPointer && fptr.AtomicGetPointer().IsNil() {
-					if lazyFields(opts) {
-						b, _ = (*lazy).AppendField(b, uint32(f.num))
-						continue
-					} else {
-						mi.lazyUnmarshal(p, f.num)
-					}
-				}
-
-				b, err = f.funcs.marshal(b, fptr, f, opts)
-				if err != nil {
-					return b, err
-				}
-				continue
-			} else if f.isPointer && fptr.Elem().IsNil() {
-				continue
-			}
-			b, err = f.funcs.marshal(b, fptr, f, opts)
-			if err != nil {
-				return b, err
-			}
-			continue
-		}
-
 		if f.isPointer && fptr.Elem().IsNil() {
 			continue
 		}
@@ -225,22 +149,6 @@ func (mi *MessageInfo) marshalAppendPointer(b []byte, p pointer, opts marshalOpt
 	return b, nil
 }
 
-// fullyLazyExtensions returns true if we should attempt to keep extensions lazy over size and marshal.
-func fullyLazyExtensions(opts marshalOptions) bool {
-	// When deterministic marshaling is requested, force an unmarshal for lazy
-	// extensions to produce a deterministic result, instead of passing through
-	// bytes lazily that may or may not match what Go Protobuf would produce.
-	return opts.flags&piface.MarshalDeterministic == 0
-}
-
-// lazyFields returns true if we should attempt to keep fields lazy over size and marshal.
-func lazyFields(opts marshalOptions) bool {
-	// When deterministic marshaling is requested, force an unmarshal for lazy
-	// fields to produce a deterministic result, instead of passing through
-	// bytes lazily that may or may not match what Go Protobuf would produce.
-	return opts.flags&piface.MarshalDeterministic == 0
-}
-
 func (mi *MessageInfo) sizeExtensions(ext *map[int32]ExtensionField, opts marshalOptions) (n int) {
 	if ext == nil {
 		return 0
@@ -250,14 +158,6 @@ func (mi *MessageInfo) sizeExtensions(ext *map[int32]ExtensionField, opts marsha
 		if xi.funcs.size == nil {
 			continue
 		}
-		if fullyLazyExtensions(opts) {
-			// Don't expand the extension, instead use the buffer to calculate size
-			if lb := x.lazyBuffer(); lb != nil {
-				// We got hold of the buffer, so it's still lazy.
-				n += len(lb)
-				continue
-			}
-		}
 		n += xi.funcs.size(x.Value(), xi.tagsize, opts)
 	}
 	return n
@@ -276,13 +176,6 @@ func (mi *MessageInfo) appendExtensions(b []byte, ext *map[int32]ExtensionField,
 		var err error
 		for _, x := range *ext {
 			xi := getExtensionFieldInfo(x.Type())
-			if fullyLazyExtensions(opts) {
-				// Don't expand the extension if it's still in wire format, instead use the buffer content.
-				if lb := x.lazyBuffer(); lb != nil {
-					b = append(b, lb...)
-					continue
-				}
-			}
 			b, err = xi.funcs.marshal(b, x.Value(), xi.wiretag, opts)
 		}
 		return b, err
@@ -298,13 +191,6 @@ func (mi *MessageInfo) appendExtensions(b []byte, ext *map[int32]ExtensionField,
 		for _, k := range keys {
 			x := (*ext)[int32(k)]
 			xi := getExtensionFieldInfo(x.Type())
-			if fullyLazyExtensions(opts) {
-				// Don't expand the extension if it's still in wire format, instead use the buffer content.
-				if lb := x.lazyBuffer(); lb != nil {
-					b = append(b, lb...)
-					continue
-				}
-			}
 			b, err = xi.funcs.marshal(b, x.Value(), xi.wiretag, opts)
 			if err != nil {
 				return b, err
diff --git a/vendor/google.golang.org/protobuf/internal/impl/equal.go b/vendor/google.golang.org/protobuf/internal/impl/equal.go
deleted file mode 100644
index 9f6c32a7d..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/equal.go
+++ /dev/null
@@ -1,224 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package impl
-
-import (
-	"bytes"
-
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/runtime/protoiface"
-)
-
-func equal(in protoiface.EqualInput) protoiface.EqualOutput {
-	return protoiface.EqualOutput{Equal: equalMessage(in.MessageA, in.MessageB)}
-}
-
-// equalMessage is a fast-path variant of protoreflect.equalMessage.
-// It takes advantage of the internal messageState type to avoid
-// unnecessary allocations, type assertions.
-func equalMessage(mx, my protoreflect.Message) bool {
-	if mx == nil || my == nil {
-		return mx == my
-	}
-	if mx.Descriptor() != my.Descriptor() {
-		return false
-	}
-
-	msx, ok := mx.(*messageState)
-	if !ok {
-		return protoreflect.ValueOfMessage(mx).Equal(protoreflect.ValueOfMessage(my))
-	}
-	msy, ok := my.(*messageState)
-	if !ok {
-		return protoreflect.ValueOfMessage(mx).Equal(protoreflect.ValueOfMessage(my))
-	}
-
-	mi := msx.messageInfo()
-	miy := msy.messageInfo()
-	if mi != miy {
-		return protoreflect.ValueOfMessage(mx).Equal(protoreflect.ValueOfMessage(my))
-	}
-	mi.init()
-	// Compares regular fields
-	// Modified Message.Range code that compares two messages of the same type
-	// while going over the fields.
-	for _, ri := range mi.rangeInfos {
-		var fd protoreflect.FieldDescriptor
-		var vx, vy protoreflect.Value
-
-		switch ri := ri.(type) {
-		case *fieldInfo:
-			hx := ri.has(msx.pointer())
-			hy := ri.has(msy.pointer())
-			if hx != hy {
-				return false
-			}
-			if !hx {
-				continue
-			}
-			fd = ri.fieldDesc
-			vx = ri.get(msx.pointer())
-			vy = ri.get(msy.pointer())
-		case *oneofInfo:
-			fnx := ri.which(msx.pointer())
-			fny := ri.which(msy.pointer())
-			if fnx != fny {
-				return false
-			}
-			if fnx <= 0 {
-				continue
-			}
-			fi := mi.fields[fnx]
-			fd = fi.fieldDesc
-			vx = fi.get(msx.pointer())
-			vy = fi.get(msy.pointer())
-		}
-
-		if !equalValue(fd, vx, vy) {
-			return false
-		}
-	}
-
-	// Compare extensions.
-	// This is more complicated because mx or my could have empty/nil extension maps,
-	// however some populated extension map values are equal to nil extension maps.
-	emx := mi.extensionMap(msx.pointer())
-	emy := mi.extensionMap(msy.pointer())
-	if emx != nil {
-		for k, x := range *emx {
-			xd := x.Type().TypeDescriptor()
-			xv := x.Value()
-			var y ExtensionField
-			ok := false
-			if emy != nil {
-				y, ok = (*emy)[k]
-			}
-			// We need to treat empty lists as equal to nil values
-			if emy == nil || !ok {
-				if xd.IsList() && xv.List().Len() == 0 {
-					continue
-				}
-				return false
-			}
-
-			if !equalValue(xd, xv, y.Value()) {
-				return false
-			}
-		}
-	}
-	if emy != nil {
-		// emy may have extensions emx does not have, need to check them as well
-		for k, y := range *emy {
-			if emx != nil {
-				// emx has the field, so we already checked it
-				if _, ok := (*emx)[k]; ok {
-					continue
-				}
-			}
-			// Empty lists are equal to nil
-			if y.Type().TypeDescriptor().IsList() && y.Value().List().Len() == 0 {
-				continue
-			}
-
-			// Cant be equal if the extension is populated
-			return false
-		}
-	}
-
-	return equalUnknown(mx.GetUnknown(), my.GetUnknown())
-}
-
-func equalValue(fd protoreflect.FieldDescriptor, vx, vy protoreflect.Value) bool {
-	// slow path
-	if fd.Kind() != protoreflect.MessageKind {
-		return vx.Equal(vy)
-	}
-
-	// fast path special cases
-	if fd.IsMap() {
-		if fd.MapValue().Kind() == protoreflect.MessageKind {
-			return equalMessageMap(vx.Map(), vy.Map())
-		}
-		return vx.Equal(vy)
-	}
-
-	if fd.IsList() {
-		return equalMessageList(vx.List(), vy.List())
-	}
-
-	return equalMessage(vx.Message(), vy.Message())
-}
-
-// Mostly copied from protoreflect.equalMap.
-// This variant only works for messages as map types.
-// All other map types should be handled via Value.Equal.
-func equalMessageMap(mx, my protoreflect.Map) bool {
-	if mx.Len() != my.Len() {
-		return false
-	}
-	equal := true
-	mx.Range(func(k protoreflect.MapKey, vx protoreflect.Value) bool {
-		if !my.Has(k) {
-			equal = false
-			return false
-		}
-		vy := my.Get(k)
-		equal = equalMessage(vx.Message(), vy.Message())
-		return equal
-	})
-	return equal
-}
-
-// Mostly copied from protoreflect.equalList.
-// The only change is the usage of equalImpl instead of protoreflect.equalValue.
-func equalMessageList(lx, ly protoreflect.List) bool {
-	if lx.Len() != ly.Len() {
-		return false
-	}
-	for i := 0; i < lx.Len(); i++ {
-		// We only operate on messages here since equalImpl will not call us in any other case.
-		if !equalMessage(lx.Get(i).Message(), ly.Get(i).Message()) {
-			return false
-		}
-	}
-	return true
-}
-
-// equalUnknown compares unknown fields by direct comparison on the raw bytes
-// of each individual field number.
-// Copied from protoreflect.equalUnknown.
-func equalUnknown(x, y protoreflect.RawFields) bool {
-	if len(x) != len(y) {
-		return false
-	}
-	if bytes.Equal([]byte(x), []byte(y)) {
-		return true
-	}
-
-	mx := make(map[protoreflect.FieldNumber]protoreflect.RawFields)
-	my := make(map[protoreflect.FieldNumber]protoreflect.RawFields)
-	for len(x) > 0 {
-		fnum, _, n := protowire.ConsumeField(x)
-		mx[fnum] = append(mx[fnum], x[:n]...)
-		x = x[n:]
-	}
-	for len(y) > 0 {
-		fnum, _, n := protowire.ConsumeField(y)
-		my[fnum] = append(my[fnum], y[:n]...)
-		y = y[n:]
-	}
-	if len(mx) != len(my) {
-		return false
-	}
-
-	for k, v1 := range mx {
-		if v2, ok := my[k]; !ok || !bytes.Equal([]byte(v1), []byte(v2)) {
-			return false
-		}
-	}
-
-	return true
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/extension.go b/vendor/google.golang.org/protobuf/internal/impl/extension.go
index e31249f64..cb25b0bae 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/extension.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/extension.go
@@ -53,7 +53,7 @@ type ExtensionInfo struct {
 	// type returned by InterfaceOf may not be identical.
 	//
 	// Deprecated: Use InterfaceOf(xt.Zero()) instead.
-	ExtensionType any
+	ExtensionType interface{}
 
 	// Field is the field number of the extension.
 	//
@@ -95,16 +95,16 @@ func (xi *ExtensionInfo) New() protoreflect.Value {
 func (xi *ExtensionInfo) Zero() protoreflect.Value {
 	return xi.lazyInit().Zero()
 }
-func (xi *ExtensionInfo) ValueOf(v any) protoreflect.Value {
+func (xi *ExtensionInfo) ValueOf(v interface{}) protoreflect.Value {
 	return xi.lazyInit().PBValueOf(reflect.ValueOf(v))
 }
-func (xi *ExtensionInfo) InterfaceOf(v protoreflect.Value) any {
+func (xi *ExtensionInfo) InterfaceOf(v protoreflect.Value) interface{} {
 	return xi.lazyInit().GoValueOf(v).Interface()
 }
 func (xi *ExtensionInfo) IsValidValue(v protoreflect.Value) bool {
 	return xi.lazyInit().IsValidPB(v)
 }
-func (xi *ExtensionInfo) IsValidInterface(v any) bool {
+func (xi *ExtensionInfo) IsValidInterface(v interface{}) bool {
 	return xi.lazyInit().IsValidGo(reflect.ValueOf(v))
 }
 func (xi *ExtensionInfo) TypeDescriptor() protoreflect.ExtensionTypeDescriptor {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/lazy.go b/vendor/google.golang.org/protobuf/internal/impl/lazy.go
deleted file mode 100644
index e8fb6c35b..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/lazy.go
+++ /dev/null
@@ -1,433 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package impl
-
-import (
-	"fmt"
-	"math/bits"
-	"os"
-	"reflect"
-	"sort"
-	"sync/atomic"
-
-	"google.golang.org/protobuf/encoding/protowire"
-	"google.golang.org/protobuf/internal/errors"
-	"google.golang.org/protobuf/internal/protolazy"
-	"google.golang.org/protobuf/reflect/protoreflect"
-	preg "google.golang.org/protobuf/reflect/protoregistry"
-	piface "google.golang.org/protobuf/runtime/protoiface"
-)
-
-var enableLazy int32 = func() int32 {
-	if os.Getenv("GOPROTODEBUG") == "nolazy" {
-		return 0
-	}
-	return 1
-}()
-
-// EnableLazyUnmarshal enables lazy unmarshaling.
-func EnableLazyUnmarshal(enable bool) {
-	if enable {
-		atomic.StoreInt32(&enableLazy, 1)
-		return
-	}
-	atomic.StoreInt32(&enableLazy, 0)
-}
-
-// LazyEnabled reports whether lazy unmarshalling is currently enabled.
-func LazyEnabled() bool {
-	return atomic.LoadInt32(&enableLazy) != 0
-}
-
-// UnmarshalField unmarshals a field in a message.
-func UnmarshalField(m interface{}, num protowire.Number) {
-	switch m := m.(type) {
-	case *messageState:
-		m.messageInfo().lazyUnmarshal(m.pointer(), num)
-	case *messageReflectWrapper:
-		m.messageInfo().lazyUnmarshal(m.pointer(), num)
-	default:
-		panic(fmt.Sprintf("unsupported wrapper type %T", m))
-	}
-}
-
-func (mi *MessageInfo) lazyUnmarshal(p pointer, num protoreflect.FieldNumber) {
-	var f *coderFieldInfo
-	if int(num) < len(mi.denseCoderFields) {
-		f = mi.denseCoderFields[num]
-	} else {
-		f = mi.coderFields[num]
-	}
-	if f == nil {
-		panic(fmt.Sprintf("lazyUnmarshal: field info for %v.%v", mi.Desc.FullName(), num))
-	}
-	lazy := *p.Apply(mi.lazyOffset).LazyInfoPtr()
-	start, end, found, _, multipleEntries := lazy.FindFieldInProto(uint32(num))
-	if !found && multipleEntries == nil {
-		panic(fmt.Sprintf("lazyUnmarshal: can't find field data for %v.%v", mi.Desc.FullName(), num))
-	}
-	// The actual pointer in the message can not be set until the whole struct is filled in, otherwise we will have races.
-	// Create another pointer and set it atomically, if we won the race and the pointer in the original message is still nil.
-	fp := pointerOfValue(reflect.New(f.ft))
-	if multipleEntries != nil {
-		for _, entry := range multipleEntries {
-			mi.unmarshalField(lazy.Buffer()[entry.Start:entry.End], fp, f, lazy, lazy.UnmarshalFlags())
-		}
-	} else {
-		mi.unmarshalField(lazy.Buffer()[start:end], fp, f, lazy, lazy.UnmarshalFlags())
-	}
-	p.Apply(f.offset).AtomicSetPointerIfNil(fp.Elem())
-}
-
-func (mi *MessageInfo) unmarshalField(b []byte, p pointer, f *coderFieldInfo, lazyInfo *protolazy.XXX_lazyUnmarshalInfo, flags piface.UnmarshalInputFlags) error {
-	opts := lazyUnmarshalOptions
-	opts.flags |= flags
-	for len(b) > 0 {
-		// Parse the tag (field number and wire type).
-		var tag uint64
-		if b[0] < 0x80 {
-			tag = uint64(b[0])
-			b = b[1:]
-		} else if len(b) >= 2 && b[1] < 128 {
-			tag = uint64(b[0]&0x7f) + uint64(b[1])<<7
-			b = b[2:]
-		} else {
-			var n int
-			tag, n = protowire.ConsumeVarint(b)
-			if n < 0 {
-				return errors.New("invalid wire data")
-			}
-			b = b[n:]
-		}
-		var num protowire.Number
-		if n := tag >> 3; n < uint64(protowire.MinValidNumber) || n > uint64(protowire.MaxValidNumber) {
-			return errors.New("invalid wire data")
-		} else {
-			num = protowire.Number(n)
-		}
-		wtyp := protowire.Type(tag & 7)
-		if num == f.num {
-			o, err := f.funcs.unmarshal(b, p, wtyp, f, opts)
-			if err == nil {
-				b = b[o.n:]
-				continue
-			}
-			if err != errUnknown {
-				return err
-			}
-		}
-		n := protowire.ConsumeFieldValue(num, wtyp, b)
-		if n < 0 {
-			return errors.New("invalid wire data")
-		}
-		b = b[n:]
-	}
-	return nil
-}
-
-func (mi *MessageInfo) skipField(b []byte, f *coderFieldInfo, wtyp protowire.Type, opts unmarshalOptions) (out unmarshalOutput, _ ValidationStatus) {
-	fmi := f.validation.mi
-	if fmi == nil {
-		fd := mi.Desc.Fields().ByNumber(f.num)
-		if fd == nil || !fd.IsWeak() {
-			return out, ValidationUnknown
-		}
-		messageName := fd.Message().FullName()
-		messageType, err := preg.GlobalTypes.FindMessageByName(messageName)
-		if err != nil {
-			return out, ValidationUnknown
-		}
-		var ok bool
-		fmi, ok = messageType.(*MessageInfo)
-		if !ok {
-			return out, ValidationUnknown
-		}
-	}
-	fmi.init()
-	switch f.validation.typ {
-	case validationTypeMessage:
-		if wtyp != protowire.BytesType {
-			return out, ValidationWrongWireType
-		}
-		v, n := protowire.ConsumeBytes(b)
-		if n < 0 {
-			return out, ValidationInvalid
-		}
-		out, st := fmi.validate(v, 0, opts)
-		out.n = n
-		return out, st
-	case validationTypeGroup:
-		if wtyp != protowire.StartGroupType {
-			return out, ValidationWrongWireType
-		}
-		out, st := fmi.validate(b, f.num, opts)
-		return out, st
-	default:
-		return out, ValidationUnknown
-	}
-}
-
-// unmarshalPointerLazy is similar to unmarshalPointerEager, but it
-// specifically handles lazy unmarshalling.  it expects lazyOffset and
-// presenceOffset to both be valid.
-func (mi *MessageInfo) unmarshalPointerLazy(b []byte, p pointer, groupTag protowire.Number, opts unmarshalOptions) (out unmarshalOutput, err error) {
-	initialized := true
-	var requiredMask uint64
-	var lazy **protolazy.XXX_lazyUnmarshalInfo
-	var presence presence
-	var lazyIndex []protolazy.IndexEntry
-	var lastNum protowire.Number
-	outOfOrder := false
-	lazyDecode := false
-	presence = p.Apply(mi.presenceOffset).PresenceInfo()
-	lazy = p.Apply(mi.lazyOffset).LazyInfoPtr()
-	if !presence.AnyPresent(mi.presenceSize) {
-		if opts.CanBeLazy() {
-			// If the message contains existing data, we need to merge into it.
-			// Lazy unmarshaling doesn't merge, so only enable it when the
-			// message is empty (has no presence bitmap).
-			lazyDecode = true
-			if *lazy == nil {
-				*lazy = &protolazy.XXX_lazyUnmarshalInfo{}
-			}
-			(*lazy).SetUnmarshalFlags(opts.flags)
-			if !opts.AliasBuffer() {
-				// Make a copy of the buffer for lazy unmarshaling.
-				// Set the AliasBuffer flag so recursive unmarshal
-				// operations reuse the copy.
-				b = append([]byte{}, b...)
-				opts.flags |= piface.UnmarshalAliasBuffer
-			}
-			(*lazy).SetBuffer(b)
-		}
-	}
-	// Track special handling of lazy fields.
-	//
-	// In the common case, all fields are lazyValidateOnly (and lazyFields remains nil).
-	// In the event that validation for a field fails, this map tracks handling of the field.
-	type lazyAction uint8
-	const (
-		lazyValidateOnly   lazyAction = iota // validate the field only
-		lazyUnmarshalNow                     // eagerly unmarshal the field
-		lazyUnmarshalLater                   // unmarshal the field after the message is fully processed
-	)
-	var lazyFields map[*coderFieldInfo]lazyAction
-	var exts *map[int32]ExtensionField
-	start := len(b)
-	pos := 0
-	for len(b) > 0 {
-		// Parse the tag (field number and wire type).
-		var tag uint64
-		if b[0] < 0x80 {
-			tag = uint64(b[0])
-			b = b[1:]
-		} else if len(b) >= 2 && b[1] < 128 {
-			tag = uint64(b[0]&0x7f) + uint64(b[1])<<7
-			b = b[2:]
-		} else {
-			var n int
-			tag, n = protowire.ConsumeVarint(b)
-			if n < 0 {
-				return out, errDecode
-			}
-			b = b[n:]
-		}
-		var num protowire.Number
-		if n := tag >> 3; n < uint64(protowire.MinValidNumber) || n > uint64(protowire.MaxValidNumber) {
-			return out, errors.New("invalid field number")
-		} else {
-			num = protowire.Number(n)
-		}
-		wtyp := protowire.Type(tag & 7)
-
-		if wtyp == protowire.EndGroupType {
-			if num != groupTag {
-				return out, errors.New("mismatching end group marker")
-			}
-			groupTag = 0
-			break
-		}
-
-		var f *coderFieldInfo
-		if int(num) < len(mi.denseCoderFields) {
-			f = mi.denseCoderFields[num]
-		} else {
-			f = mi.coderFields[num]
-		}
-		var n int
-		err := errUnknown
-		discardUnknown := false
-	Field:
-		switch {
-		case f != nil:
-			if f.funcs.unmarshal == nil {
-				break
-			}
-			if f.isLazy && lazyDecode {
-				switch {
-				case lazyFields == nil || lazyFields[f] == lazyValidateOnly:
-					// Attempt to validate this field and leave it for later lazy unmarshaling.
-					o, valid := mi.skipField(b, f, wtyp, opts)
-					switch valid {
-					case ValidationValid:
-						// Skip over the valid field and continue.
-						err = nil
-						presence.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
-						requiredMask |= f.validation.requiredBit
-						if !o.initialized {
-							initialized = false
-						}
-						n = o.n
-						break Field
-					case ValidationInvalid:
-						return out, errors.New("invalid proto wire format")
-					case ValidationWrongWireType:
-						break Field
-					case ValidationUnknown:
-						if lazyFields == nil {
-							lazyFields = make(map[*coderFieldInfo]lazyAction)
-						}
-						if presence.Present(f.presenceIndex) {
-							// We were unable to determine if the field is valid or not,
-							// and we've already skipped over at least one instance of this
-							// field. Clear the presence bit (so if we stop decoding early,
-							// we don't leave a partially-initialized field around) and flag
-							// the field for unmarshaling before we return.
-							presence.ClearPresent(f.presenceIndex)
-							lazyFields[f] = lazyUnmarshalLater
-							discardUnknown = true
-							break Field
-						} else {
-							// We were unable to determine if the field is valid or not,
-							// but this is the first time we've seen it. Flag it as needing
-							// eager unmarshaling and fall through to the eager unmarshal case below.
-							lazyFields[f] = lazyUnmarshalNow
-						}
-					}
-				case lazyFields[f] == lazyUnmarshalLater:
-					// This field will be unmarshaled in a separate pass below.
-					// Skip over it here.
-					discardUnknown = true
-					break Field
-				default:
-					// Eagerly unmarshal the field.
-				}
-			}
-			if f.isLazy && !lazyDecode && presence.Present(f.presenceIndex) {
-				if p.Apply(f.offset).AtomicGetPointer().IsNil() {
-					mi.lazyUnmarshal(p, f.num)
-				}
-			}
-			var o unmarshalOutput
-			o, err = f.funcs.unmarshal(b, p.Apply(f.offset), wtyp, f, opts)
-			n = o.n
-			if err != nil {
-				break
-			}
-			requiredMask |= f.validation.requiredBit
-			if f.funcs.isInit != nil && !o.initialized {
-				initialized = false
-			}
-			if f.presenceIndex != noPresence {
-				presence.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
-			}
-		default:
-			// Possible extension.
-			if exts == nil && mi.extensionOffset.IsValid() {
-				exts = p.Apply(mi.extensionOffset).Extensions()
-				if *exts == nil {
-					*exts = make(map[int32]ExtensionField)
-				}
-			}
-			if exts == nil {
-				break
-			}
-			var o unmarshalOutput
-			o, err = mi.unmarshalExtension(b, num, wtyp, *exts, opts)
-			if err != nil {
-				break
-			}
-			n = o.n
-			if !o.initialized {
-				initialized = false
-			}
-		}
-		if err != nil {
-			if err != errUnknown {
-				return out, err
-			}
-			n = protowire.ConsumeFieldValue(num, wtyp, b)
-			if n < 0 {
-				return out, errDecode
-			}
-			if !discardUnknown && !opts.DiscardUnknown() && mi.unknownOffset.IsValid() {
-				u := mi.mutableUnknownBytes(p)
-				*u = protowire.AppendTag(*u, num, wtyp)
-				*u = append(*u, b[:n]...)
-			}
-		}
-		b = b[n:]
-		end := start - len(b)
-		if lazyDecode && f != nil && f.isLazy {
-			if num != lastNum {
-				lazyIndex = append(lazyIndex, protolazy.IndexEntry{
-					FieldNum: uint32(num),
-					Start:    uint32(pos),
-					End:      uint32(end),
-				})
-			} else {
-				i := len(lazyIndex) - 1
-				lazyIndex[i].End = uint32(end)
-				lazyIndex[i].MultipleContiguous = true
-			}
-		}
-		if num < lastNum {
-			outOfOrder = true
-		}
-		pos = end
-		lastNum = num
-	}
-	if groupTag != 0 {
-		return out, errors.New("missing end group marker")
-	}
-	if lazyFields != nil {
-		// Some fields failed validation, and now need to be unmarshaled.
-		for f, action := range lazyFields {
-			if action != lazyUnmarshalLater {
-				continue
-			}
-			initialized = false
-			if *lazy == nil {
-				*lazy = &protolazy.XXX_lazyUnmarshalInfo{}
-			}
-			if err := mi.unmarshalField((*lazy).Buffer(), p.Apply(f.offset), f, *lazy, opts.flags); err != nil {
-				return out, err
-			}
-			presence.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
-		}
-	}
-	if lazyDecode {
-		if outOfOrder {
-			sort.Slice(lazyIndex, func(i, j int) bool {
-				return lazyIndex[i].FieldNum < lazyIndex[j].FieldNum ||
-					(lazyIndex[i].FieldNum == lazyIndex[j].FieldNum &&
-						lazyIndex[i].Start < lazyIndex[j].Start)
-			})
-		}
-		if *lazy == nil {
-			*lazy = &protolazy.XXX_lazyUnmarshalInfo{}
-		}
-
-		(*lazy).SetIndex(lazyIndex)
-	}
-	if mi.numRequiredFields > 0 && bits.OnesCount64(requiredMask) != int(mi.numRequiredFields) {
-		initialized = false
-	}
-	if initialized {
-		out.initialized = true
-	}
-	out.n = start - len(b)
-	return out, nil
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/legacy_enum.go b/vendor/google.golang.org/protobuf/internal/impl/legacy_enum.go
index 81b2b1a76..c2a803bb2 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/legacy_enum.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/legacy_enum.go
@@ -97,7 +97,7 @@ func (e *legacyEnumWrapper) Number() protoreflect.EnumNumber {
 func (e *legacyEnumWrapper) ProtoReflect() protoreflect.Enum {
 	return e
 }
-func (e *legacyEnumWrapper) protoUnwrap() any {
+func (e *legacyEnumWrapper) protoUnwrap() interface{} {
 	v := reflect.New(e.goTyp).Elem()
 	v.SetInt(int64(e.num))
 	return v.Interface()
@@ -167,7 +167,6 @@ func aberrantLoadEnumDesc(t reflect.Type) protoreflect.EnumDescriptor {
 	ed := &filedesc.Enum{L2: new(filedesc.EnumL2)}
 	ed.L0.FullName = AberrantDeriveFullName(t) // e.g., github_com.user.repo.MyEnum
 	ed.L0.ParentFile = filedesc.SurrogateProto3
-	ed.L1.EditionFeatures = ed.L0.ParentFile.L1.EditionFeatures
 	ed.L2.Values.List = append(ed.L2.Values.List, filedesc.EnumValue{})
 
 	// TODO: Use the presence of a UnmarshalJSON method to determine proto2?
diff --git a/vendor/google.golang.org/protobuf/internal/impl/legacy_extension.go b/vendor/google.golang.org/protobuf/internal/impl/legacy_extension.go
index b6849d669..87b30d050 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/legacy_extension.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/legacy_extension.go
@@ -118,7 +118,7 @@ func (xi *ExtensionInfo) initFromLegacy() {
 	xd.L1.Number = protoreflect.FieldNumber(xi.Field)
 	xd.L1.Cardinality = fd.L1.Cardinality
 	xd.L1.Kind = fd.L1.Kind
-	xd.L1.EditionFeatures = fd.L1.EditionFeatures
+	xd.L2.IsPacked = fd.L1.IsPacked
 	xd.L2.Default = fd.L1.Default
 	xd.L1.Extendee = Export{}.MessageDescriptorOf(xi.ExtendedType)
 	xd.L2.Enum = ed
@@ -160,7 +160,6 @@ func (x placeholderExtension) HasPresence() bool
 func (x placeholderExtension) HasOptionalKeyword() bool                           { return false }
 func (x placeholderExtension) IsExtension() bool                                  { return true }
 func (x placeholderExtension) IsWeak() bool                                       { return false }
-func (x placeholderExtension) IsLazy() bool                                       { return false }
 func (x placeholderExtension) IsPacked() bool                                     { return false }
 func (x placeholderExtension) IsList() bool                                       { return false }
 func (x placeholderExtension) IsMap() bool                                        { return false }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/legacy_file.go b/vendor/google.golang.org/protobuf/internal/impl/legacy_file.go
index b649f1124..9ab091086 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/legacy_file.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/legacy_file.go
@@ -7,7 +7,7 @@ package impl
 import (
 	"bytes"
 	"compress/gzip"
-	"io"
+	"io/ioutil"
 	"sync"
 
 	"google.golang.org/protobuf/internal/filedesc"
@@ -51,7 +51,7 @@ func legacyLoadFileDesc(b []byte) protoreflect.FileDescriptor {
 	if err != nil {
 		panic(err)
 	}
-	b2, err := io.ReadAll(zr)
+	b2, err := ioutil.ReadAll(zr)
 	if err != nil {
 		panic(err)
 	}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go b/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go
index bf0b6049b..2ab2c6297 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/legacy_message.go
@@ -204,7 +204,6 @@ func aberrantLoadMessageDescReentrant(t reflect.Type, name protoreflect.FullName
 		}
 	}
 
-	md.L1.EditionFeatures = md.L0.ParentFile.L1.EditionFeatures
 	// Obtain a list of oneof wrapper types.
 	var oneofWrappers []reflect.Type
 	methods := make([]reflect.Method, 0, 2)
@@ -216,7 +215,7 @@ func aberrantLoadMessageDescReentrant(t reflect.Type, name protoreflect.FullName
 	}
 	for _, fn := range methods {
 		for _, v := range fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))}) {
-			if vs, ok := v.Interface().([]any); ok {
+			if vs, ok := v.Interface().([]interface{}); ok {
 				for _, v := range vs {
 					oneofWrappers = append(oneofWrappers, reflect.TypeOf(v))
 				}
@@ -251,7 +250,6 @@ func aberrantLoadMessageDescReentrant(t reflect.Type, name protoreflect.FullName
 			od := &md.L2.Oneofs.List[n]
 			od.L0.FullName = md.FullName().Append(protoreflect.Name(tag))
 			od.L0.ParentFile = md.L0.ParentFile
-			od.L1.EditionFeatures = md.L1.EditionFeatures
 			od.L0.Parent = md
 			od.L0.Index = n
 
@@ -262,7 +260,6 @@ func aberrantLoadMessageDescReentrant(t reflect.Type, name protoreflect.FullName
 						aberrantAppendField(md, f.Type, tag, "", "")
 						fd := &md.L2.Fields.List[len(md.L2.Fields.List)-1]
 						fd.L1.ContainingOneof = od
-						fd.L1.EditionFeatures = od.L1.EditionFeatures
 						od.L1.Fields.List = append(od.L1.Fields.List, fd)
 					}
 				}
@@ -310,14 +307,14 @@ func aberrantAppendField(md *filedesc.Message, goType reflect.Type, tag, tagKey,
 	fd.L0.Parent = md
 	fd.L0.Index = n
 
-	if fd.L1.IsWeak || fd.L1.EditionFeatures.IsPacked {
+	if fd.L1.IsWeak || fd.L1.HasPacked {
 		fd.L1.Options = func() protoreflect.ProtoMessage {
 			opts := descopts.Field.ProtoReflect().New()
 			if fd.L1.IsWeak {
 				opts.Set(opts.Descriptor().Fields().ByName("weak"), protoreflect.ValueOfBool(true))
 			}
-			if fd.L1.EditionFeatures.IsPacked {
-				opts.Set(opts.Descriptor().Fields().ByName("packed"), protoreflect.ValueOfBool(fd.L1.EditionFeatures.IsPacked))
+			if fd.L1.HasPacked {
+				opts.Set(opts.Descriptor().Fields().ByName("packed"), protoreflect.ValueOfBool(fd.L1.IsPacked))
 			}
 			return opts.Interface()
 		}
@@ -347,7 +344,6 @@ func aberrantAppendField(md *filedesc.Message, goType reflect.Type, tag, tagKey,
 				md2.L0.ParentFile = md.L0.ParentFile
 				md2.L0.Parent = md
 				md2.L0.Index = n
-				md2.L1.EditionFeatures = md.L1.EditionFeatures
 
 				md2.L1.IsMapEntry = true
 				md2.L2.Options = func() protoreflect.ProtoMessage {
@@ -567,6 +563,6 @@ func (m aberrantMessage) IsValid() bool {
 func (m aberrantMessage) ProtoMethods() *protoiface.Methods {
 	return aberrantProtoMethods
 }
-func (m aberrantMessage) protoUnwrap() any {
+func (m aberrantMessage) protoUnwrap() interface{} {
 	return m.v.Interface()
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/merge.go b/vendor/google.golang.org/protobuf/internal/impl/merge.go
index 8ffdce67d..7e65f64f2 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/merge.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/merge.go
@@ -41,38 +41,11 @@ func (mi *MessageInfo) mergePointer(dst, src pointer, opts mergeOptions) {
 	if src.IsNil() {
 		return
 	}
-
-	var presenceSrc presence
-	var presenceDst presence
-	if mi.presenceOffset.IsValid() {
-		presenceSrc = src.Apply(mi.presenceOffset).PresenceInfo()
-		presenceDst = dst.Apply(mi.presenceOffset).PresenceInfo()
-	}
-
 	for _, f := range mi.orderedCoderFields {
 		if f.funcs.merge == nil {
 			continue
 		}
 		sfptr := src.Apply(f.offset)
-
-		if f.presenceIndex != noPresence {
-			if !presenceSrc.Present(f.presenceIndex) {
-				continue
-			}
-			dfptr := dst.Apply(f.offset)
-			if f.isLazy {
-				if sfptr.AtomicGetPointer().IsNil() {
-					mi.lazyUnmarshal(src, f.num)
-				}
-				if presenceDst.Present(f.presenceIndex) && dfptr.AtomicGetPointer().IsNil() {
-					mi.lazyUnmarshal(dst, f.num)
-				}
-			}
-			f.funcs.merge(dst.Apply(f.offset), sfptr, f, opts)
-			presenceDst.SetPresentUnatomic(f.presenceIndex, mi.presenceSize)
-			continue
-		}
-
 		if f.isPointer && sfptr.Elem().IsNil() {
 			continue
 		}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message.go b/vendor/google.golang.org/protobuf/internal/impl/message.go
index fa10a0f5c..629bacdce 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message.go
@@ -30,12 +30,12 @@ type MessageInfo struct {
 	// Desc is the underlying message descriptor type and must be populated.
 	Desc protoreflect.MessageDescriptor
 
-	// Deprecated: Exporter will be removed the next time we bump
-	// protoimpl.GenVersion. See https://github.com/golang/protobuf/issues/1640
+	// Exporter must be provided in a purego environment in order to provide
+	// access to unexported fields.
 	Exporter exporter
 
 	// OneofWrappers is list of pointers to oneof wrapper struct types.
-	OneofWrappers []any
+	OneofWrappers []interface{}
 
 	initMu   sync.Mutex // protects all unexported fields
 	initDone uint32
@@ -47,7 +47,7 @@ type MessageInfo struct {
 // exporter is a function that returns a reference to the ith field of v,
 // where v is a pointer to a struct. It returns nil if it does not support
 // exporting the requested field (e.g., already exported).
-type exporter func(v any, i int) any
+type exporter func(v interface{}, i int) interface{}
 
 // getMessageInfo returns the MessageInfo for any message type that
 // is generated by our implementation of protoc-gen-go (for v2 and on).
@@ -79,9 +79,6 @@ func (mi *MessageInfo) initOnce() {
 	if mi.initDone == 1 {
 		return
 	}
-	if opaqueInitHook(mi) {
-		return
-	}
 
 	t := mi.GoReflectType
 	if t.Kind() != reflect.Ptr && t.Elem().Kind() != reflect.Struct {
@@ -136,9 +133,6 @@ type structInfo struct {
 	extensionOffset offset
 	extensionType   reflect.Type
 
-	lazyOffset     offset
-	presenceOffset offset
-
 	fieldsByNumber        map[protoreflect.FieldNumber]reflect.StructField
 	oneofsByName          map[protoreflect.Name]reflect.StructField
 	oneofWrappersByType   map[reflect.Type]protoreflect.FieldNumber
@@ -151,8 +145,6 @@ func (mi *MessageInfo) makeStructInfo(t reflect.Type) structInfo {
 		weakOffset:      invalidOffset,
 		unknownOffset:   invalidOffset,
 		extensionOffset: invalidOffset,
-		lazyOffset:      invalidOffset,
-		presenceOffset:  invalidOffset,
 
 		fieldsByNumber:        map[protoreflect.FieldNumber]reflect.StructField{},
 		oneofsByName:          map[protoreflect.Name]reflect.StructField{},
@@ -183,10 +175,6 @@ fieldLoop:
 				si.extensionOffset = offsetOf(f, mi.Exporter)
 				si.extensionType = f.Type
 			}
-		case "lazyFields", "XXX_lazyUnmarshalInfo":
-			si.lazyOffset = offsetOf(f, mi.Exporter)
-		case "XXX_presence":
-			si.presenceOffset = offsetOf(f, mi.Exporter)
 		default:
 			for _, s := range strings.Split(f.Tag.Get("protobuf"), ",") {
 				if len(s) > 0 && strings.Trim(s, "0123456789") == "" {
@@ -213,7 +201,7 @@ fieldLoop:
 	}
 	for _, fn := range methods {
 		for _, v := range fn.Func.Call([]reflect.Value{reflect.Zero(fn.Type.In(0))}) {
-			if vs, ok := v.Interface().([]any); ok {
+			if vs, ok := v.Interface().([]interface{}); ok {
 				oneofWrappers = vs
 			}
 		}
@@ -268,7 +256,7 @@ func (mi *MessageInfo) Message(i int) protoreflect.MessageType {
 
 type mapEntryType struct {
 	desc    protoreflect.MessageDescriptor
-	valType any // zero value of enum or message type
+	valType interface{} // zero value of enum or message type
 }
 
 func (mt mapEntryType) New() protoreflect.Message {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/message_opaque.go
deleted file mode 100644
index d7ec53f07..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/message_opaque.go
+++ /dev/null
@@ -1,632 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package impl
-
-import (
-	"fmt"
-	"math"
-	"reflect"
-	"strings"
-	"sync/atomic"
-
-	"google.golang.org/protobuf/reflect/protoreflect"
-)
-
-type opaqueStructInfo struct {
-	structInfo
-}
-
-// isOpaque determines whether a protobuf message type is on the Opaque API.  It
-// checks whether the type is a Go struct that protoc-gen-go would generate.
-//
-// This function only detects newly generated messages from the v2
-// implementation of protoc-gen-go. It is unable to classify generated messages
-// that are too old or those that are generated by a different generator
-// such as protoc-gen-gogo.
-func isOpaque(t reflect.Type) bool {
-	// The current detection mechanism is to simply check the first field
-	// for a struct tag with the "protogen" key.
-	if t.Kind() == reflect.Struct && t.NumField() > 0 {
-		pgt := t.Field(0).Tag.Get("protogen")
-		return strings.HasPrefix(pgt, "opaque.")
-	}
-	return false
-}
-
-func opaqueInitHook(mi *MessageInfo) bool {
-	mt := mi.GoReflectType.Elem()
-	si := opaqueStructInfo{
-		structInfo: mi.makeStructInfo(mt),
-	}
-
-	if !isOpaque(mt) {
-		return false
-	}
-
-	defer atomic.StoreUint32(&mi.initDone, 1)
-
-	mi.fields = map[protoreflect.FieldNumber]*fieldInfo{}
-	fds := mi.Desc.Fields()
-	for i := 0; i < fds.Len(); i++ {
-		fd := fds.Get(i)
-		fs := si.fieldsByNumber[fd.Number()]
-		var fi fieldInfo
-		usePresence, _ := usePresenceForField(si, fd)
-
-		switch {
-		case fd.IsWeak():
-			// Weak fields are no different for opaque.
-			fi = fieldInfoForWeakMessage(fd, si.weakOffset)
-		case fd.ContainingOneof() != nil && !fd.ContainingOneof().IsSynthetic():
-			// Oneofs are no different for opaque.
-			fi = fieldInfoForOneof(fd, si.oneofsByName[fd.ContainingOneof().Name()], mi.Exporter, si.oneofWrappersByNumber[fd.Number()])
-		case fd.IsMap():
-			fi = mi.fieldInfoForMapOpaque(si, fd, fs)
-		case fd.IsList() && fd.Message() == nil && usePresence:
-			fi = mi.fieldInfoForScalarListOpaque(si, fd, fs)
-		case fd.IsList() && fd.Message() == nil:
-			// Proto3 lists without presence can use same access methods as open
-			fi = fieldInfoForList(fd, fs, mi.Exporter)
-		case fd.IsList() && usePresence:
-			fi = mi.fieldInfoForMessageListOpaque(si, fd, fs)
-		case fd.IsList():
-			// Proto3 opaque messages that does not need presence bitmap.
-			// Different representation than open struct, but same logic
-			fi = mi.fieldInfoForMessageListOpaqueNoPresence(si, fd, fs)
-		case fd.Message() != nil && usePresence:
-			fi = mi.fieldInfoForMessageOpaque(si, fd, fs)
-		case fd.Message() != nil:
-			// Proto3 messages without presence can use same access methods as open
-			fi = fieldInfoForMessage(fd, fs, mi.Exporter)
-		default:
-			fi = mi.fieldInfoForScalarOpaque(si, fd, fs)
-		}
-		mi.fields[fd.Number()] = &fi
-	}
-	mi.oneofs = map[protoreflect.Name]*oneofInfo{}
-	for i := 0; i < mi.Desc.Oneofs().Len(); i++ {
-		od := mi.Desc.Oneofs().Get(i)
-		mi.oneofs[od.Name()] = makeOneofInfoOpaque(mi, od, si.structInfo, mi.Exporter)
-	}
-
-	mi.denseFields = make([]*fieldInfo, fds.Len()*2)
-	for i := 0; i < fds.Len(); i++ {
-		if fd := fds.Get(i); int(fd.Number()) < len(mi.denseFields) {
-			mi.denseFields[fd.Number()] = mi.fields[fd.Number()]
-		}
-	}
-
-	for i := 0; i < fds.Len(); {
-		fd := fds.Get(i)
-		if od := fd.ContainingOneof(); od != nil && !fd.ContainingOneof().IsSynthetic() {
-			mi.rangeInfos = append(mi.rangeInfos, mi.oneofs[od.Name()])
-			i += od.Fields().Len()
-		} else {
-			mi.rangeInfos = append(mi.rangeInfos, mi.fields[fd.Number()])
-			i++
-		}
-	}
-
-	mi.makeExtensionFieldsFunc(mt, si.structInfo)
-	mi.makeUnknownFieldsFunc(mt, si.structInfo)
-	mi.makeOpaqueCoderMethods(mt, si)
-	mi.makeFieldTypes(si.structInfo)
-
-	return true
-}
-
-func makeOneofInfoOpaque(mi *MessageInfo, od protoreflect.OneofDescriptor, si structInfo, x exporter) *oneofInfo {
-	oi := &oneofInfo{oneofDesc: od}
-	if od.IsSynthetic() {
-		fd := od.Fields().Get(0)
-		index, _ := presenceIndex(mi.Desc, fd)
-		oi.which = func(p pointer) protoreflect.FieldNumber {
-			if p.IsNil() {
-				return 0
-			}
-			if !mi.present(p, index) {
-				return 0
-			}
-			return od.Fields().Get(0).Number()
-		}
-		return oi
-	}
-	// Dispatch to non-opaque oneof implementation for non-synthetic oneofs.
-	return makeOneofInfo(od, si, x)
-}
-
-func (mi *MessageInfo) fieldInfoForMapOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
-	ft := fs.Type
-	if ft.Kind() != reflect.Map {
-		panic(fmt.Sprintf("invalid type: got %v, want map kind", ft))
-	}
-	fieldOffset := offsetOf(fs, mi.Exporter)
-	conv := NewConverter(ft, fd)
-	return fieldInfo{
-		fieldDesc: fd,
-		has: func(p pointer) bool {
-			if p.IsNil() {
-				return false
-			}
-			// Don't bother checking presence bits, since we need to
-			// look at the map length even if the presence bit is set.
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			return rv.Len() > 0
-		},
-		clear: func(p pointer) {
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			rv.Set(reflect.Zero(rv.Type()))
-		},
-		get: func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			if rv.Len() == 0 {
-				return conv.Zero()
-			}
-			return conv.PBValueOf(rv)
-		},
-		set: func(p pointer, v protoreflect.Value) {
-			pv := conv.GoValueOf(v)
-			if pv.IsNil() {
-				panic(fmt.Sprintf("invalid value: setting map field to read-only value"))
-			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			rv.Set(pv)
-		},
-		mutable: func(p pointer) protoreflect.Value {
-			v := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			if v.IsNil() {
-				v.Set(reflect.MakeMap(fs.Type))
-			}
-			return conv.PBValueOf(v)
-		},
-		newField: func() protoreflect.Value {
-			return conv.New()
-		},
-	}
-}
-
-func (mi *MessageInfo) fieldInfoForScalarListOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
-	ft := fs.Type
-	if ft.Kind() != reflect.Slice {
-		panic(fmt.Sprintf("invalid type: got %v, want slice kind", ft))
-	}
-	conv := NewConverter(reflect.PtrTo(ft), fd)
-	fieldOffset := offsetOf(fs, mi.Exporter)
-	index, _ := presenceIndex(mi.Desc, fd)
-	return fieldInfo{
-		fieldDesc: fd,
-		has: func(p pointer) bool {
-			if p.IsNil() {
-				return false
-			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			return rv.Len() > 0
-		},
-		clear: func(p pointer) {
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			rv.Set(reflect.Zero(rv.Type()))
-		},
-		get: func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type)
-			if rv.Elem().Len() == 0 {
-				return conv.Zero()
-			}
-			return conv.PBValueOf(rv)
-		},
-		set: func(p pointer, v protoreflect.Value) {
-			pv := conv.GoValueOf(v)
-			if pv.IsNil() {
-				panic(fmt.Sprintf("invalid value: setting repeated field to read-only value"))
-			}
-			mi.setPresent(p, index)
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			rv.Set(pv.Elem())
-		},
-		mutable: func(p pointer) protoreflect.Value {
-			mi.setPresent(p, index)
-			return conv.PBValueOf(p.Apply(fieldOffset).AsValueOf(fs.Type))
-		},
-		newField: func() protoreflect.Value {
-			return conv.New()
-		},
-	}
-}
-
-func (mi *MessageInfo) fieldInfoForMessageListOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
-	ft := fs.Type
-	if ft.Kind() != reflect.Ptr || ft.Elem().Kind() != reflect.Slice {
-		panic(fmt.Sprintf("invalid type: got %v, want slice kind", ft))
-	}
-	conv := NewConverter(ft, fd)
-	fieldOffset := offsetOf(fs, mi.Exporter)
-	index, _ := presenceIndex(mi.Desc, fd)
-	fieldNumber := fd.Number()
-	return fieldInfo{
-		fieldDesc: fd,
-		has: func(p pointer) bool {
-			if p.IsNil() {
-				return false
-			}
-			if !mi.present(p, index) {
-				return false
-			}
-			sp := p.Apply(fieldOffset).AtomicGetPointer()
-			if sp.IsNil() {
-				// Lazily unmarshal this field.
-				mi.lazyUnmarshal(p, fieldNumber)
-				sp = p.Apply(fieldOffset).AtomicGetPointer()
-			}
-			rv := sp.AsValueOf(fs.Type.Elem())
-			return rv.Elem().Len() > 0
-		},
-		clear: func(p pointer) {
-			fp := p.Apply(fieldOffset)
-			sp := fp.AtomicGetPointer()
-			if sp.IsNil() {
-				sp = fp.AtomicSetPointerIfNil(pointerOfValue(reflect.New(fs.Type.Elem())))
-				mi.setPresent(p, index)
-			}
-			rv := sp.AsValueOf(fs.Type.Elem())
-			rv.Elem().Set(reflect.Zero(rv.Type().Elem()))
-		},
-		get: func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			if !mi.present(p, index) {
-				return conv.Zero()
-			}
-			sp := p.Apply(fieldOffset).AtomicGetPointer()
-			if sp.IsNil() {
-				// Lazily unmarshal this field.
-				mi.lazyUnmarshal(p, fieldNumber)
-				sp = p.Apply(fieldOffset).AtomicGetPointer()
-			}
-			rv := sp.AsValueOf(fs.Type.Elem())
-			if rv.Elem().Len() == 0 {
-				return conv.Zero()
-			}
-			return conv.PBValueOf(rv)
-		},
-		set: func(p pointer, v protoreflect.Value) {
-			fp := p.Apply(fieldOffset)
-			sp := fp.AtomicGetPointer()
-			if sp.IsNil() {
-				sp = fp.AtomicSetPointerIfNil(pointerOfValue(reflect.New(fs.Type.Elem())))
-				mi.setPresent(p, index)
-			}
-			rv := sp.AsValueOf(fs.Type.Elem())
-			val := conv.GoValueOf(v)
-			if val.IsNil() {
-				panic(fmt.Sprintf("invalid value: setting repeated field to read-only value"))
-			} else {
-				rv.Elem().Set(val.Elem())
-			}
-		},
-		mutable: func(p pointer) protoreflect.Value {
-			fp := p.Apply(fieldOffset)
-			sp := fp.AtomicGetPointer()
-			if sp.IsNil() {
-				if mi.present(p, index) {
-					// Lazily unmarshal this field.
-					mi.lazyUnmarshal(p, fieldNumber)
-					sp = p.Apply(fieldOffset).AtomicGetPointer()
-				} else {
-					sp = fp.AtomicSetPointerIfNil(pointerOfValue(reflect.New(fs.Type.Elem())))
-					mi.setPresent(p, index)
-				}
-			}
-			rv := sp.AsValueOf(fs.Type.Elem())
-			return conv.PBValueOf(rv)
-		},
-		newField: func() protoreflect.Value {
-			return conv.New()
-		},
-	}
-}
-
-func (mi *MessageInfo) fieldInfoForMessageListOpaqueNoPresence(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
-	ft := fs.Type
-	if ft.Kind() != reflect.Ptr || ft.Elem().Kind() != reflect.Slice {
-		panic(fmt.Sprintf("invalid type: got %v, want slice kind", ft))
-	}
-	conv := NewConverter(ft, fd)
-	fieldOffset := offsetOf(fs, mi.Exporter)
-	return fieldInfo{
-		fieldDesc: fd,
-		has: func(p pointer) bool {
-			if p.IsNil() {
-				return false
-			}
-			sp := p.Apply(fieldOffset).AtomicGetPointer()
-			if sp.IsNil() {
-				return false
-			}
-			rv := sp.AsValueOf(fs.Type.Elem())
-			return rv.Elem().Len() > 0
-		},
-		clear: func(p pointer) {
-			sp := p.Apply(fieldOffset).AtomicGetPointer()
-			if !sp.IsNil() {
-				rv := sp.AsValueOf(fs.Type.Elem())
-				rv.Elem().Set(reflect.Zero(rv.Type().Elem()))
-			}
-		},
-		get: func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			sp := p.Apply(fieldOffset).AtomicGetPointer()
-			if sp.IsNil() {
-				return conv.Zero()
-			}
-			rv := sp.AsValueOf(fs.Type.Elem())
-			if rv.Elem().Len() == 0 {
-				return conv.Zero()
-			}
-			return conv.PBValueOf(rv)
-		},
-		set: func(p pointer, v protoreflect.Value) {
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			if rv.IsNil() {
-				rv.Set(reflect.New(fs.Type.Elem()))
-			}
-			val := conv.GoValueOf(v)
-			if val.IsNil() {
-				panic(fmt.Sprintf("invalid value: setting repeated field to read-only value"))
-			} else {
-				rv.Elem().Set(val.Elem())
-			}
-		},
-		mutable: func(p pointer) protoreflect.Value {
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			if rv.IsNil() {
-				rv.Set(reflect.New(fs.Type.Elem()))
-			}
-			return conv.PBValueOf(rv)
-		},
-		newField: func() protoreflect.Value {
-			return conv.New()
-		},
-	}
-}
-
-func (mi *MessageInfo) fieldInfoForScalarOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
-	ft := fs.Type
-	nullable := fd.HasPresence()
-	if oneof := fd.ContainingOneof(); oneof != nil && oneof.IsSynthetic() {
-		nullable = true
-	}
-	deref := false
-	if nullable && ft.Kind() == reflect.Ptr {
-		ft = ft.Elem()
-		deref = true
-	}
-	conv := NewConverter(ft, fd)
-	fieldOffset := offsetOf(fs, mi.Exporter)
-	index, _ := presenceIndex(mi.Desc, fd)
-	var getter func(p pointer) protoreflect.Value
-	if !nullable {
-		getter = getterForDirectScalar(fd, fs, conv, fieldOffset)
-	} else {
-		getter = getterForOpaqueNullableScalar(mi, index, fd, fs, conv, fieldOffset)
-	}
-	return fieldInfo{
-		fieldDesc: fd,
-		has: func(p pointer) bool {
-			if p.IsNil() {
-				return false
-			}
-			if nullable {
-				return mi.present(p, index)
-			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			switch rv.Kind() {
-			case reflect.Bool:
-				return rv.Bool()
-			case reflect.Int32, reflect.Int64:
-				return rv.Int() != 0
-			case reflect.Uint32, reflect.Uint64:
-				return rv.Uint() != 0
-			case reflect.Float32, reflect.Float64:
-				return rv.Float() != 0 || math.Signbit(rv.Float())
-			case reflect.String, reflect.Slice:
-				return rv.Len() > 0
-			default:
-				panic(fmt.Sprintf("invalid type: %v", rv.Type())) // should never happen
-			}
-		},
-		clear: func(p pointer) {
-			if nullable {
-				mi.clearPresent(p, index)
-			}
-			// This is only valuable for bytes and strings, but we do it unconditionally.
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			rv.Set(reflect.Zero(rv.Type()))
-		},
-		get: getter,
-		// TODO: Implement unsafe fast path for set?
-		set: func(p pointer, v protoreflect.Value) {
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			if deref {
-				if rv.IsNil() {
-					rv.Set(reflect.New(ft))
-				}
-				rv = rv.Elem()
-			}
-
-			rv.Set(conv.GoValueOf(v))
-			if nullable && rv.Kind() == reflect.Slice && rv.IsNil() {
-				rv.Set(emptyBytes)
-			}
-			if nullable {
-				mi.setPresent(p, index)
-			}
-		},
-		newField: func() protoreflect.Value {
-			return conv.New()
-		},
-	}
-}
-
-func (mi *MessageInfo) fieldInfoForMessageOpaque(si opaqueStructInfo, fd protoreflect.FieldDescriptor, fs reflect.StructField) fieldInfo {
-	ft := fs.Type
-	conv := NewConverter(ft, fd)
-	fieldOffset := offsetOf(fs, mi.Exporter)
-	index, _ := presenceIndex(mi.Desc, fd)
-	fieldNumber := fd.Number()
-	elemType := fs.Type.Elem()
-	return fieldInfo{
-		fieldDesc: fd,
-		has: func(p pointer) bool {
-			if p.IsNil() {
-				return false
-			}
-			return mi.present(p, index)
-		},
-		clear: func(p pointer) {
-			mi.clearPresent(p, index)
-			p.Apply(fieldOffset).AtomicSetNilPointer()
-		},
-		get: func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			fp := p.Apply(fieldOffset)
-			mp := fp.AtomicGetPointer()
-			if mp.IsNil() {
-				// Lazily unmarshal this field.
-				mi.lazyUnmarshal(p, fieldNumber)
-				mp = fp.AtomicGetPointer()
-			}
-			rv := mp.AsValueOf(elemType)
-			return conv.PBValueOf(rv)
-		},
-		set: func(p pointer, v protoreflect.Value) {
-			val := pointerOfValue(conv.GoValueOf(v))
-			if val.IsNil() {
-				panic("invalid nil pointer")
-			}
-			p.Apply(fieldOffset).AtomicSetPointer(val)
-			mi.setPresent(p, index)
-		},
-		mutable: func(p pointer) protoreflect.Value {
-			fp := p.Apply(fieldOffset)
-			mp := fp.AtomicGetPointer()
-			if mp.IsNil() {
-				if mi.present(p, index) {
-					// Lazily unmarshal this field.
-					mi.lazyUnmarshal(p, fieldNumber)
-					mp = fp.AtomicGetPointer()
-				} else {
-					mp = pointerOfValue(conv.GoValueOf(conv.New()))
-					fp.AtomicSetPointer(mp)
-					mi.setPresent(p, index)
-				}
-			}
-			return conv.PBValueOf(mp.AsValueOf(fs.Type.Elem()))
-		},
-		newMessage: func() protoreflect.Message {
-			return conv.New().Message()
-		},
-		newField: func() protoreflect.Value {
-			return conv.New()
-		},
-	}
-}
-
-// A presenceList wraps a List, updating presence bits as necessary when the
-// list contents change.
-type presenceList struct {
-	pvalueList
-	setPresence func(bool)
-}
-type pvalueList interface {
-	protoreflect.List
-	//Unwrapper
-}
-
-func (list presenceList) Append(v protoreflect.Value) {
-	list.pvalueList.Append(v)
-	list.setPresence(true)
-}
-func (list presenceList) Truncate(i int) {
-	list.pvalueList.Truncate(i)
-	list.setPresence(i > 0)
-}
-
-// presenceIndex returns the index to pass to presence functions.
-//
-// TODO: field.Desc.Index() would be simpler, and would give space to record the presence of oneof fields.
-func presenceIndex(md protoreflect.MessageDescriptor, fd protoreflect.FieldDescriptor) (uint32, presenceSize) {
-	found := false
-	var index, numIndices uint32
-	for i := 0; i < md.Fields().Len(); i++ {
-		f := md.Fields().Get(i)
-		if f == fd {
-			found = true
-			index = numIndices
-		}
-		if f.ContainingOneof() == nil || isLastOneofField(f) {
-			numIndices++
-		}
-	}
-	if !found {
-		panic(fmt.Sprintf("BUG: %v not in %v", fd.Name(), md.FullName()))
-	}
-	return index, presenceSize(numIndices)
-}
-
-func isLastOneofField(fd protoreflect.FieldDescriptor) bool {
-	fields := fd.ContainingOneof().Fields()
-	return fields.Get(fields.Len()-1) == fd
-}
-
-func (mi *MessageInfo) setPresent(p pointer, index uint32) {
-	p.Apply(mi.presenceOffset).PresenceInfo().SetPresent(index, mi.presenceSize)
-}
-
-func (mi *MessageInfo) clearPresent(p pointer, index uint32) {
-	p.Apply(mi.presenceOffset).PresenceInfo().ClearPresent(index)
-}
-
-func (mi *MessageInfo) present(p pointer, index uint32) bool {
-	return p.Apply(mi.presenceOffset).PresenceInfo().Present(index)
-}
-
-// usePresenceForField implements the somewhat intricate logic of when
-// the presence bitmap is used for a field.  The main logic is that a
-// field that is optional or that can be lazy will use the presence
-// bit, but for proto2, also maps have a presence bit. It also records
-// if the field can ever be lazy, which is true if we have a
-// lazyOffset and the field is a message or a slice of messages. A
-// field that is lazy will always need a presence bit.  Oneofs are not
-// lazy and do not use presence, unless they are a synthetic oneof,
-// which is a proto3 optional field. For proto3 optionals, we use the
-// presence and they can also be lazy when applicable (a message).
-func usePresenceForField(si opaqueStructInfo, fd protoreflect.FieldDescriptor) (usePresence, canBeLazy bool) {
-	hasLazyField := fd.(interface{ IsLazy() bool }).IsLazy()
-
-	// Non-oneof scalar fields with explicit field presence use the presence array.
-	usesPresenceArray := fd.HasPresence() && fd.Message() == nil && (fd.ContainingOneof() == nil || fd.ContainingOneof().IsSynthetic())
-	switch {
-	case fd.ContainingOneof() != nil && !fd.ContainingOneof().IsSynthetic():
-		return false, false
-	case fd.IsWeak():
-		return false, false
-	case fd.IsMap():
-		return false, false
-	case fd.Kind() == protoreflect.MessageKind || fd.Kind() == protoreflect.GroupKind:
-		return hasLazyField, hasLazyField
-	default:
-		return usesPresenceArray || (hasLazyField && fd.HasPresence()), false
-	}
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_opaque_gen.go b/vendor/google.golang.org/protobuf/internal/impl/message_opaque_gen.go
deleted file mode 100644
index a69825699..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/message_opaque_gen.go
+++ /dev/null
@@ -1,132 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Code generated by generate-types. DO NOT EDIT.
-
-package impl
-
-import (
-	"reflect"
-
-	"google.golang.org/protobuf/reflect/protoreflect"
-)
-
-func getterForOpaqueNullableScalar(mi *MessageInfo, index uint32, fd protoreflect.FieldDescriptor, fs reflect.StructField, conv Converter, fieldOffset offset) func(p pointer) protoreflect.Value {
-	ft := fs.Type
-	if ft.Kind() == reflect.Ptr {
-		ft = ft.Elem()
-	}
-	if fd.Kind() == protoreflect.EnumKind {
-		// Enums for nullable opaque types.
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			return conv.PBValueOf(rv)
-		}
-	}
-	switch ft.Kind() {
-	case reflect.Bool:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Bool()
-			return protoreflect.ValueOfBool(*x)
-		}
-	case reflect.Int32:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Int32()
-			return protoreflect.ValueOfInt32(*x)
-		}
-	case reflect.Uint32:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Uint32()
-			return protoreflect.ValueOfUint32(*x)
-		}
-	case reflect.Int64:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Int64()
-			return protoreflect.ValueOfInt64(*x)
-		}
-	case reflect.Uint64:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Uint64()
-			return protoreflect.ValueOfUint64(*x)
-		}
-	case reflect.Float32:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Float32()
-			return protoreflect.ValueOfFloat32(*x)
-		}
-	case reflect.Float64:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Float64()
-			return protoreflect.ValueOfFloat64(*x)
-		}
-	case reflect.String:
-		if fd.Kind() == protoreflect.BytesKind {
-			return func(p pointer) protoreflect.Value {
-				if p.IsNil() || !mi.present(p, index) {
-					return conv.Zero()
-				}
-				x := p.Apply(fieldOffset).StringPtr()
-				if *x == nil {
-					return conv.Zero()
-				}
-				if len(**x) == 0 {
-					return protoreflect.ValueOfBytes(nil)
-				}
-				return protoreflect.ValueOfBytes([]byte(**x))
-			}
-		}
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).StringPtr()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfString(**x)
-		}
-	case reflect.Slice:
-		if fd.Kind() == protoreflect.StringKind {
-			return func(p pointer) protoreflect.Value {
-				if p.IsNil() || !mi.present(p, index) {
-					return conv.Zero()
-				}
-				x := p.Apply(fieldOffset).Bytes()
-				return protoreflect.ValueOfString(string(*x))
-			}
-		}
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() || !mi.present(p, index) {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Bytes()
-			return protoreflect.ValueOfBytes(*x)
-		}
-	}
-	panic("unexpected protobuf kind: " + ft.Kind().String())
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_reflect.go b/vendor/google.golang.org/protobuf/internal/impl/message_reflect.go
index 31c19b54f..d9ea010be 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message_reflect.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_reflect.go
@@ -20,7 +20,7 @@ type reflectMessageInfo struct {
 	// fieldTypes contains the zero value of an enum or message field.
 	// For lists, it contains the element type.
 	// For maps, it contains the entry value type.
-	fieldTypes map[protoreflect.FieldNumber]any
+	fieldTypes map[protoreflect.FieldNumber]interface{}
 
 	// denseFields is a subset of fields where:
 	//	0 < fieldDesc.Number() < len(denseFields)
@@ -28,7 +28,7 @@ type reflectMessageInfo struct {
 	denseFields []*fieldInfo
 
 	// rangeInfos is a list of all fields (not belonging to a oneof) and oneofs.
-	rangeInfos []any // either *fieldInfo or *oneofInfo
+	rangeInfos []interface{} // either *fieldInfo or *oneofInfo
 
 	getUnknown   func(pointer) protoreflect.RawFields
 	setUnknown   func(pointer, protoreflect.RawFields)
@@ -205,11 +205,6 @@ func (mi *MessageInfo) makeFieldTypes(si structInfo) {
 		case fd.IsList():
 			if fd.Enum() != nil || fd.Message() != nil {
 				ft = fs.Type.Elem()
-
-				if ft.Kind() == reflect.Slice {
-					ft = ft.Elem()
-				}
-
 			}
 			isMessage = fd.Message() != nil
 		case fd.Enum() != nil:
@@ -229,7 +224,7 @@ func (mi *MessageInfo) makeFieldTypes(si structInfo) {
 		}
 		if ft != nil {
 			if mi.fieldTypes == nil {
-				mi.fieldTypes = make(map[protoreflect.FieldNumber]any)
+				mi.fieldTypes = make(map[protoreflect.FieldNumber]interface{})
 			}
 			mi.fieldTypes[fd.Number()] = reflect.Zero(ft).Interface()
 		}
@@ -252,39 +247,39 @@ func (m *extensionMap) Range(f func(protoreflect.FieldDescriptor, protoreflect.V
 		}
 	}
 }
-func (m *extensionMap) Has(xd protoreflect.ExtensionTypeDescriptor) (ok bool) {
+func (m *extensionMap) Has(xt protoreflect.ExtensionType) (ok bool) {
 	if m == nil {
 		return false
 	}
+	xd := xt.TypeDescriptor()
 	x, ok := (*m)[int32(xd.Number())]
 	if !ok {
 		return false
 	}
-	if x.isUnexpandedLazy() {
-		// Avoid calling x.Value(), which triggers a lazy unmarshal.
-		return true
-	}
 	switch {
 	case xd.IsList():
 		return x.Value().List().Len() > 0
 	case xd.IsMap():
 		return x.Value().Map().Len() > 0
+	case xd.Message() != nil:
+		return x.Value().Message().IsValid()
 	}
 	return true
 }
-func (m *extensionMap) Clear(xd protoreflect.ExtensionTypeDescriptor) {
-	delete(*m, int32(xd.Number()))
+func (m *extensionMap) Clear(xt protoreflect.ExtensionType) {
+	delete(*m, int32(xt.TypeDescriptor().Number()))
 }
-func (m *extensionMap) Get(xd protoreflect.ExtensionTypeDescriptor) protoreflect.Value {
+func (m *extensionMap) Get(xt protoreflect.ExtensionType) protoreflect.Value {
+	xd := xt.TypeDescriptor()
 	if m != nil {
 		if x, ok := (*m)[int32(xd.Number())]; ok {
 			return x.Value()
 		}
 	}
-	return xd.Type().Zero()
+	return xt.Zero()
 }
-func (m *extensionMap) Set(xd protoreflect.ExtensionTypeDescriptor, v protoreflect.Value) {
-	xt := xd.Type()
+func (m *extensionMap) Set(xt protoreflect.ExtensionType, v protoreflect.Value) {
+	xd := xt.TypeDescriptor()
 	isValid := true
 	switch {
 	case !xt.IsValidValue(v):
@@ -297,7 +292,7 @@ func (m *extensionMap) Set(xd protoreflect.ExtensionTypeDescriptor, v protorefle
 		isValid = v.Message().IsValid()
 	}
 	if !isValid {
-		panic(fmt.Sprintf("%v: assigning invalid value", xd.FullName()))
+		panic(fmt.Sprintf("%v: assigning invalid value", xt.TypeDescriptor().FullName()))
 	}
 
 	if *m == nil {
@@ -307,15 +302,16 @@ func (m *extensionMap) Set(xd protoreflect.ExtensionTypeDescriptor, v protorefle
 	x.Set(xt, v)
 	(*m)[int32(xd.Number())] = x
 }
-func (m *extensionMap) Mutable(xd protoreflect.ExtensionTypeDescriptor) protoreflect.Value {
+func (m *extensionMap) Mutable(xt protoreflect.ExtensionType) protoreflect.Value {
+	xd := xt.TypeDescriptor()
 	if xd.Kind() != protoreflect.MessageKind && xd.Kind() != protoreflect.GroupKind && !xd.IsList() && !xd.IsMap() {
 		panic("invalid Mutable on field with non-composite type")
 	}
 	if x, ok := (*m)[int32(xd.Number())]; ok {
 		return x.Value()
 	}
-	v := xd.Type().New()
-	m.Set(xd, v)
+	v := xt.New()
+	m.Set(xt, v)
 	return v
 }
 
@@ -398,7 +394,7 @@ var (
 // MessageOf returns a reflective view over a message. The input must be a
 // pointer to a named Go struct. If the provided type has a ProtoReflect method,
 // it must be implemented by calling this method.
-func (mi *MessageInfo) MessageOf(m any) protoreflect.Message {
+func (mi *MessageInfo) MessageOf(m interface{}) protoreflect.Message {
 	if reflect.TypeOf(m) != mi.GoReflectType {
 		panic(fmt.Sprintf("type mismatch: got %T, want %v", m, mi.GoReflectType))
 	}
@@ -426,13 +422,13 @@ func (m *messageIfaceWrapper) Reset() {
 func (m *messageIfaceWrapper) ProtoReflect() protoreflect.Message {
 	return (*messageReflectWrapper)(m)
 }
-func (m *messageIfaceWrapper) protoUnwrap() any {
+func (m *messageIfaceWrapper) protoUnwrap() interface{} {
 	return m.p.AsIfaceOf(m.mi.GoReflectType.Elem())
 }
 
 // checkField verifies that the provided field descriptor is valid.
 // Exactly one of the returned values is populated.
-func (mi *MessageInfo) checkField(fd protoreflect.FieldDescriptor) (*fieldInfo, protoreflect.ExtensionTypeDescriptor) {
+func (mi *MessageInfo) checkField(fd protoreflect.FieldDescriptor) (*fieldInfo, protoreflect.ExtensionType) {
 	var fi *fieldInfo
 	if n := fd.Number(); 0 < n && int(n) < len(mi.denseFields) {
 		fi = mi.denseFields[n]
@@ -461,7 +457,7 @@ func (mi *MessageInfo) checkField(fd protoreflect.FieldDescriptor) (*fieldInfo,
 		if !ok {
 			panic(fmt.Sprintf("extension %v does not implement protoreflect.ExtensionTypeDescriptor", fd.FullName()))
 		}
-		return nil, xtd
+		return nil, xtd.Type()
 	}
 	panic(fmt.Sprintf("field %v is invalid", fd.FullName()))
 }
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go
index a74064620..986322b19 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field.go
@@ -256,7 +256,6 @@ func fieldInfoForScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField,
 	ft := fs.Type
 	nullable := fd.HasPresence()
 	isBytes := ft.Kind() == reflect.Slice && ft.Elem().Kind() == reflect.Uint8
-	var getter func(p pointer) protoreflect.Value
 	if nullable {
 		if ft.Kind() != reflect.Ptr && ft.Kind() != reflect.Slice {
 			// This never occurs for generated message types.
@@ -269,25 +268,19 @@ func fieldInfoForScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField,
 		}
 	}
 	conv := NewConverter(ft, fd)
-	fieldOffset := offsetOf(fs, x)
-
-	// Generate specialized getter functions to avoid going through reflect.Value
-	if nullable {
-		getter = getterForNullableScalar(fd, fs, conv, fieldOffset)
-	} else {
-		getter = getterForDirectScalar(fd, fs, conv, fieldOffset)
-	}
 
+	// TODO: Implement unsafe fast path?
+	fieldOffset := offsetOf(fs, x)
 	return fieldInfo{
 		fieldDesc: fd,
 		has: func(p pointer) bool {
 			if p.IsNil() {
 				return false
 			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
 			if nullable {
-				return !p.Apply(fieldOffset).Elem().IsNil()
+				return !rv.IsNil()
 			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
 			switch rv.Kind() {
 			case reflect.Bool:
 				return rv.Bool()
@@ -307,8 +300,21 @@ func fieldInfoForScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField,
 			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
 			rv.Set(reflect.Zero(rv.Type()))
 		},
-		get: getter,
-		// TODO: Implement unsafe fast path for set?
+		get: func(p pointer) protoreflect.Value {
+			if p.IsNil() {
+				return conv.Zero()
+			}
+			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
+			if nullable {
+				if rv.IsNil() {
+					return conv.Zero()
+				}
+				if rv.Kind() == reflect.Ptr {
+					rv = rv.Elem()
+				}
+			}
+			return conv.PBValueOf(rv)
+		},
 		set: func(p pointer, v protoreflect.Value) {
 			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
 			if nullable && rv.Kind() == reflect.Ptr {
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field_gen.go b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field_gen.go
deleted file mode 100644
index af5e063a1..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_field_gen.go
+++ /dev/null
@@ -1,273 +0,0 @@
-// Copyright 2018 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Code generated by generate-types. DO NOT EDIT.
-
-package impl
-
-import (
-	"reflect"
-
-	"google.golang.org/protobuf/reflect/protoreflect"
-)
-
-func getterForNullableScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField, conv Converter, fieldOffset offset) func(p pointer) protoreflect.Value {
-	ft := fs.Type
-	if ft.Kind() == reflect.Ptr {
-		ft = ft.Elem()
-	}
-	if fd.Kind() == protoreflect.EnumKind {
-		elemType := fs.Type.Elem()
-		// Enums for nullable types.
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			rv := p.Apply(fieldOffset).Elem().AsValueOf(elemType)
-			if rv.IsNil() {
-				return conv.Zero()
-			}
-			return conv.PBValueOf(rv.Elem())
-		}
-	}
-	switch ft.Kind() {
-	case reflect.Bool:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).BoolPtr()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfBool(**x)
-		}
-	case reflect.Int32:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Int32Ptr()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfInt32(**x)
-		}
-	case reflect.Uint32:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Uint32Ptr()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfUint32(**x)
-		}
-	case reflect.Int64:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Int64Ptr()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfInt64(**x)
-		}
-	case reflect.Uint64:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Uint64Ptr()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfUint64(**x)
-		}
-	case reflect.Float32:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Float32Ptr()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfFloat32(**x)
-		}
-	case reflect.Float64:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Float64Ptr()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfFloat64(**x)
-		}
-	case reflect.String:
-		if fd.Kind() == protoreflect.BytesKind {
-			return func(p pointer) protoreflect.Value {
-				if p.IsNil() {
-					return conv.Zero()
-				}
-				x := p.Apply(fieldOffset).StringPtr()
-				if *x == nil {
-					return conv.Zero()
-				}
-				if len(**x) == 0 {
-					return protoreflect.ValueOfBytes(nil)
-				}
-				return protoreflect.ValueOfBytes([]byte(**x))
-			}
-		}
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).StringPtr()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfString(**x)
-		}
-	case reflect.Slice:
-		if fd.Kind() == protoreflect.StringKind {
-			return func(p pointer) protoreflect.Value {
-				if p.IsNil() {
-					return conv.Zero()
-				}
-				x := p.Apply(fieldOffset).Bytes()
-				if len(*x) == 0 {
-					return conv.Zero()
-				}
-				return protoreflect.ValueOfString(string(*x))
-			}
-		}
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Bytes()
-			if *x == nil {
-				return conv.Zero()
-			}
-			return protoreflect.ValueOfBytes(*x)
-		}
-	}
-	panic("unexpected protobuf kind: " + ft.Kind().String())
-}
-
-func getterForDirectScalar(fd protoreflect.FieldDescriptor, fs reflect.StructField, conv Converter, fieldOffset offset) func(p pointer) protoreflect.Value {
-	ft := fs.Type
-	if fd.Kind() == protoreflect.EnumKind {
-		// Enums for non nullable types.
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			rv := p.Apply(fieldOffset).AsValueOf(fs.Type).Elem()
-			return conv.PBValueOf(rv)
-		}
-	}
-	switch ft.Kind() {
-	case reflect.Bool:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Bool()
-			return protoreflect.ValueOfBool(*x)
-		}
-	case reflect.Int32:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Int32()
-			return protoreflect.ValueOfInt32(*x)
-		}
-	case reflect.Uint32:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Uint32()
-			return protoreflect.ValueOfUint32(*x)
-		}
-	case reflect.Int64:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Int64()
-			return protoreflect.ValueOfInt64(*x)
-		}
-	case reflect.Uint64:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Uint64()
-			return protoreflect.ValueOfUint64(*x)
-		}
-	case reflect.Float32:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Float32()
-			return protoreflect.ValueOfFloat32(*x)
-		}
-	case reflect.Float64:
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Float64()
-			return protoreflect.ValueOfFloat64(*x)
-		}
-	case reflect.String:
-		if fd.Kind() == protoreflect.BytesKind {
-			return func(p pointer) protoreflect.Value {
-				if p.IsNil() {
-					return conv.Zero()
-				}
-				x := p.Apply(fieldOffset).String()
-				if len(*x) == 0 {
-					return protoreflect.ValueOfBytes(nil)
-				}
-				return protoreflect.ValueOfBytes([]byte(*x))
-			}
-		}
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).String()
-			return protoreflect.ValueOfString(*x)
-		}
-	case reflect.Slice:
-		if fd.Kind() == protoreflect.StringKind {
-			return func(p pointer) protoreflect.Value {
-				if p.IsNil() {
-					return conv.Zero()
-				}
-				x := p.Apply(fieldOffset).Bytes()
-				return protoreflect.ValueOfString(string(*x))
-			}
-		}
-		return func(p pointer) protoreflect.Value {
-			if p.IsNil() {
-				return conv.Zero()
-			}
-			x := p.Apply(fieldOffset).Bytes()
-			return protoreflect.ValueOfBytes(*x)
-		}
-	}
-	panic("unexpected protobuf kind: " + ft.Kind().String())
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_gen.go b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_gen.go
index 99dc23c6f..741d6e5b6 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/message_reflect_gen.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/message_reflect_gen.go
@@ -23,13 +23,12 @@ func (m *messageState) New() protoreflect.Message {
 func (m *messageState) Interface() protoreflect.ProtoMessage {
 	return m.protoUnwrap().(protoreflect.ProtoMessage)
 }
-func (m *messageState) protoUnwrap() any {
+func (m *messageState) protoUnwrap() interface{} {
 	return m.pointer().AsIfaceOf(m.messageInfo().GoReflectType.Elem())
 }
 func (m *messageState) ProtoMethods() *protoiface.Methods {
-	mi := m.messageInfo()
-	mi.init()
-	return &mi.methods
+	m.messageInfo().init()
+	return &m.messageInfo().methods
 }
 
 // ProtoMessageInfo is a pseudo-internal API for allowing the v1 code
@@ -42,9 +41,8 @@ func (m *messageState) ProtoMessageInfo() *MessageInfo {
 }
 
 func (m *messageState) Range(f func(protoreflect.FieldDescriptor, protoreflect.Value) bool) {
-	mi := m.messageInfo()
-	mi.init()
-	for _, ri := range mi.rangeInfos {
+	m.messageInfo().init()
+	for _, ri := range m.messageInfo().rangeInfos {
 		switch ri := ri.(type) {
 		case *fieldInfo:
 			if ri.has(m.pointer()) {
@@ -54,86 +52,77 @@ func (m *messageState) Range(f func(protoreflect.FieldDescriptor, protoreflect.V
 			}
 		case *oneofInfo:
 			if n := ri.which(m.pointer()); n > 0 {
-				fi := mi.fields[n]
+				fi := m.messageInfo().fields[n]
 				if !f(fi.fieldDesc, fi.get(m.pointer())) {
 					return
 				}
 			}
 		}
 	}
-	mi.extensionMap(m.pointer()).Range(f)
+	m.messageInfo().extensionMap(m.pointer()).Range(f)
 }
 func (m *messageState) Has(fd protoreflect.FieldDescriptor) bool {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		return fi.has(m.pointer())
 	} else {
-		return mi.extensionMap(m.pointer()).Has(xd)
+		return m.messageInfo().extensionMap(m.pointer()).Has(xt)
 	}
 }
 func (m *messageState) Clear(fd protoreflect.FieldDescriptor) {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		fi.clear(m.pointer())
 	} else {
-		mi.extensionMap(m.pointer()).Clear(xd)
+		m.messageInfo().extensionMap(m.pointer()).Clear(xt)
 	}
 }
 func (m *messageState) Get(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		return fi.get(m.pointer())
 	} else {
-		return mi.extensionMap(m.pointer()).Get(xd)
+		return m.messageInfo().extensionMap(m.pointer()).Get(xt)
 	}
 }
 func (m *messageState) Set(fd protoreflect.FieldDescriptor, v protoreflect.Value) {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		fi.set(m.pointer(), v)
 	} else {
-		mi.extensionMap(m.pointer()).Set(xd, v)
+		m.messageInfo().extensionMap(m.pointer()).Set(xt, v)
 	}
 }
 func (m *messageState) Mutable(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		return fi.mutable(m.pointer())
 	} else {
-		return mi.extensionMap(m.pointer()).Mutable(xd)
+		return m.messageInfo().extensionMap(m.pointer()).Mutable(xt)
 	}
 }
 func (m *messageState) NewField(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		return fi.newField()
 	} else {
-		return xd.Type().New()
+		return xt.New()
 	}
 }
 func (m *messageState) WhichOneof(od protoreflect.OneofDescriptor) protoreflect.FieldDescriptor {
-	mi := m.messageInfo()
-	mi.init()
-	if oi := mi.oneofs[od.Name()]; oi != nil && oi.oneofDesc == od {
+	m.messageInfo().init()
+	if oi := m.messageInfo().oneofs[od.Name()]; oi != nil && oi.oneofDesc == od {
 		return od.Fields().ByNumber(oi.which(m.pointer()))
 	}
 	panic("invalid oneof descriptor " + string(od.FullName()) + " for message " + string(m.Descriptor().FullName()))
 }
 func (m *messageState) GetUnknown() protoreflect.RawFields {
-	mi := m.messageInfo()
-	mi.init()
-	return mi.getUnknown(m.pointer())
+	m.messageInfo().init()
+	return m.messageInfo().getUnknown(m.pointer())
 }
 func (m *messageState) SetUnknown(b protoreflect.RawFields) {
-	mi := m.messageInfo()
-	mi.init()
-	mi.setUnknown(m.pointer(), b)
+	m.messageInfo().init()
+	m.messageInfo().setUnknown(m.pointer(), b)
 }
 func (m *messageState) IsValid() bool {
 	return !m.pointer().IsNil()
@@ -154,13 +143,12 @@ func (m *messageReflectWrapper) Interface() protoreflect.ProtoMessage {
 	}
 	return (*messageIfaceWrapper)(m)
 }
-func (m *messageReflectWrapper) protoUnwrap() any {
+func (m *messageReflectWrapper) protoUnwrap() interface{} {
 	return m.pointer().AsIfaceOf(m.messageInfo().GoReflectType.Elem())
 }
 func (m *messageReflectWrapper) ProtoMethods() *protoiface.Methods {
-	mi := m.messageInfo()
-	mi.init()
-	return &mi.methods
+	m.messageInfo().init()
+	return &m.messageInfo().methods
 }
 
 // ProtoMessageInfo is a pseudo-internal API for allowing the v1 code
@@ -173,9 +161,8 @@ func (m *messageReflectWrapper) ProtoMessageInfo() *MessageInfo {
 }
 
 func (m *messageReflectWrapper) Range(f func(protoreflect.FieldDescriptor, protoreflect.Value) bool) {
-	mi := m.messageInfo()
-	mi.init()
-	for _, ri := range mi.rangeInfos {
+	m.messageInfo().init()
+	for _, ri := range m.messageInfo().rangeInfos {
 		switch ri := ri.(type) {
 		case *fieldInfo:
 			if ri.has(m.pointer()) {
@@ -185,86 +172,77 @@ func (m *messageReflectWrapper) Range(f func(protoreflect.FieldDescriptor, proto
 			}
 		case *oneofInfo:
 			if n := ri.which(m.pointer()); n > 0 {
-				fi := mi.fields[n]
+				fi := m.messageInfo().fields[n]
 				if !f(fi.fieldDesc, fi.get(m.pointer())) {
 					return
 				}
 			}
 		}
 	}
-	mi.extensionMap(m.pointer()).Range(f)
+	m.messageInfo().extensionMap(m.pointer()).Range(f)
 }
 func (m *messageReflectWrapper) Has(fd protoreflect.FieldDescriptor) bool {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		return fi.has(m.pointer())
 	} else {
-		return mi.extensionMap(m.pointer()).Has(xd)
+		return m.messageInfo().extensionMap(m.pointer()).Has(xt)
 	}
 }
 func (m *messageReflectWrapper) Clear(fd protoreflect.FieldDescriptor) {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		fi.clear(m.pointer())
 	} else {
-		mi.extensionMap(m.pointer()).Clear(xd)
+		m.messageInfo().extensionMap(m.pointer()).Clear(xt)
 	}
 }
 func (m *messageReflectWrapper) Get(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		return fi.get(m.pointer())
 	} else {
-		return mi.extensionMap(m.pointer()).Get(xd)
+		return m.messageInfo().extensionMap(m.pointer()).Get(xt)
 	}
 }
 func (m *messageReflectWrapper) Set(fd protoreflect.FieldDescriptor, v protoreflect.Value) {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		fi.set(m.pointer(), v)
 	} else {
-		mi.extensionMap(m.pointer()).Set(xd, v)
+		m.messageInfo().extensionMap(m.pointer()).Set(xt, v)
 	}
 }
 func (m *messageReflectWrapper) Mutable(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		return fi.mutable(m.pointer())
 	} else {
-		return mi.extensionMap(m.pointer()).Mutable(xd)
+		return m.messageInfo().extensionMap(m.pointer()).Mutable(xt)
 	}
 }
 func (m *messageReflectWrapper) NewField(fd protoreflect.FieldDescriptor) protoreflect.Value {
-	mi := m.messageInfo()
-	mi.init()
-	if fi, xd := mi.checkField(fd); fi != nil {
+	m.messageInfo().init()
+	if fi, xt := m.messageInfo().checkField(fd); fi != nil {
 		return fi.newField()
 	} else {
-		return xd.Type().New()
+		return xt.New()
 	}
 }
 func (m *messageReflectWrapper) WhichOneof(od protoreflect.OneofDescriptor) protoreflect.FieldDescriptor {
-	mi := m.messageInfo()
-	mi.init()
-	if oi := mi.oneofs[od.Name()]; oi != nil && oi.oneofDesc == od {
+	m.messageInfo().init()
+	if oi := m.messageInfo().oneofs[od.Name()]; oi != nil && oi.oneofDesc == od {
 		return od.Fields().ByNumber(oi.which(m.pointer()))
 	}
 	panic("invalid oneof descriptor " + string(od.FullName()) + " for message " + string(m.Descriptor().FullName()))
 }
 func (m *messageReflectWrapper) GetUnknown() protoreflect.RawFields {
-	mi := m.messageInfo()
-	mi.init()
-	return mi.getUnknown(m.pointer())
+	m.messageInfo().init()
+	return m.messageInfo().getUnknown(m.pointer())
 }
 func (m *messageReflectWrapper) SetUnknown(b protoreflect.RawFields) {
-	mi := m.messageInfo()
-	mi.init()
-	mi.setUnknown(m.pointer(), b)
+	m.messageInfo().init()
+	m.messageInfo().setUnknown(m.pointer(), b)
 }
 func (m *messageReflectWrapper) IsValid() bool {
 	return !m.pointer().IsNil()
diff --git a/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go b/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go
new file mode 100644
index 000000000..517e94434
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/impl/pointer_reflect.go
@@ -0,0 +1,215 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build purego || appengine
+// +build purego appengine
+
+package impl
+
+import (
+	"fmt"
+	"reflect"
+	"sync"
+)
+
+const UnsafeEnabled = false
+
+// Pointer is an opaque pointer type.
+type Pointer interface{}
+
+// offset represents the offset to a struct field, accessible from a pointer.
+// The offset is the field index into a struct.
+type offset struct {
+	index  int
+	export exporter
+}
+
+// offsetOf returns a field offset for the struct field.
+func offsetOf(f reflect.StructField, x exporter) offset {
+	if len(f.Index) != 1 {
+		panic("embedded structs are not supported")
+	}
+	if f.PkgPath == "" {
+		return offset{index: f.Index[0]} // field is already exported
+	}
+	if x == nil {
+		panic("exporter must be provided for unexported field")
+	}
+	return offset{index: f.Index[0], export: x}
+}
+
+// IsValid reports whether the offset is valid.
+func (f offset) IsValid() bool { return f.index >= 0 }
+
+// invalidOffset is an invalid field offset.
+var invalidOffset = offset{index: -1}
+
+// zeroOffset is a noop when calling pointer.Apply.
+var zeroOffset = offset{index: 0}
+
+// pointer is an abstract representation of a pointer to a struct or field.
+type pointer struct{ v reflect.Value }
+
+// pointerOf returns p as a pointer.
+func pointerOf(p Pointer) pointer {
+	return pointerOfIface(p)
+}
+
+// pointerOfValue returns v as a pointer.
+func pointerOfValue(v reflect.Value) pointer {
+	return pointer{v: v}
+}
+
+// pointerOfIface returns the pointer portion of an interface.
+func pointerOfIface(v interface{}) pointer {
+	return pointer{v: reflect.ValueOf(v)}
+}
+
+// IsNil reports whether the pointer is nil.
+func (p pointer) IsNil() bool {
+	return p.v.IsNil()
+}
+
+// Apply adds an offset to the pointer to derive a new pointer
+// to a specified field. The current pointer must be pointing at a struct.
+func (p pointer) Apply(f offset) pointer {
+	if f.export != nil {
+		if v := reflect.ValueOf(f.export(p.v.Interface(), f.index)); v.IsValid() {
+			return pointer{v: v}
+		}
+	}
+	return pointer{v: p.v.Elem().Field(f.index).Addr()}
+}
+
+// AsValueOf treats p as a pointer to an object of type t and returns the value.
+// It is equivalent to reflect.ValueOf(p.AsIfaceOf(t))
+func (p pointer) AsValueOf(t reflect.Type) reflect.Value {
+	if got := p.v.Type().Elem(); got != t {
+		panic(fmt.Sprintf("invalid type: got %v, want %v", got, t))
+	}
+	return p.v
+}
+
+// AsIfaceOf treats p as a pointer to an object of type t and returns the value.
+// It is equivalent to p.AsValueOf(t).Interface()
+func (p pointer) AsIfaceOf(t reflect.Type) interface{} {
+	return p.AsValueOf(t).Interface()
+}
+
+func (p pointer) Bool() *bool              { return p.v.Interface().(*bool) }
+func (p pointer) BoolPtr() **bool          { return p.v.Interface().(**bool) }
+func (p pointer) BoolSlice() *[]bool       { return p.v.Interface().(*[]bool) }
+func (p pointer) Int32() *int32            { return p.v.Interface().(*int32) }
+func (p pointer) Int32Ptr() **int32        { return p.v.Interface().(**int32) }
+func (p pointer) Int32Slice() *[]int32     { return p.v.Interface().(*[]int32) }
+func (p pointer) Int64() *int64            { return p.v.Interface().(*int64) }
+func (p pointer) Int64Ptr() **int64        { return p.v.Interface().(**int64) }
+func (p pointer) Int64Slice() *[]int64     { return p.v.Interface().(*[]int64) }
+func (p pointer) Uint32() *uint32          { return p.v.Interface().(*uint32) }
+func (p pointer) Uint32Ptr() **uint32      { return p.v.Interface().(**uint32) }
+func (p pointer) Uint32Slice() *[]uint32   { return p.v.Interface().(*[]uint32) }
+func (p pointer) Uint64() *uint64          { return p.v.Interface().(*uint64) }
+func (p pointer) Uint64Ptr() **uint64      { return p.v.Interface().(**uint64) }
+func (p pointer) Uint64Slice() *[]uint64   { return p.v.Interface().(*[]uint64) }
+func (p pointer) Float32() *float32        { return p.v.Interface().(*float32) }
+func (p pointer) Float32Ptr() **float32    { return p.v.Interface().(**float32) }
+func (p pointer) Float32Slice() *[]float32 { return p.v.Interface().(*[]float32) }
+func (p pointer) Float64() *float64        { return p.v.Interface().(*float64) }
+func (p pointer) Float64Ptr() **float64    { return p.v.Interface().(**float64) }
+func (p pointer) Float64Slice() *[]float64 { return p.v.Interface().(*[]float64) }
+func (p pointer) String() *string          { return p.v.Interface().(*string) }
+func (p pointer) StringPtr() **string      { return p.v.Interface().(**string) }
+func (p pointer) StringSlice() *[]string   { return p.v.Interface().(*[]string) }
+func (p pointer) Bytes() *[]byte           { return p.v.Interface().(*[]byte) }
+func (p pointer) BytesPtr() **[]byte       { return p.v.Interface().(**[]byte) }
+func (p pointer) BytesSlice() *[][]byte    { return p.v.Interface().(*[][]byte) }
+func (p pointer) WeakFields() *weakFields  { return (*weakFields)(p.v.Interface().(*WeakFields)) }
+func (p pointer) Extensions() *map[int32]ExtensionField {
+	return p.v.Interface().(*map[int32]ExtensionField)
+}
+
+func (p pointer) Elem() pointer {
+	return pointer{v: p.v.Elem()}
+}
+
+// PointerSlice copies []*T from p as a new []pointer.
+// This behavior differs from the implementation in pointer_unsafe.go.
+func (p pointer) PointerSlice() []pointer {
+	// TODO: reconsider this
+	if p.v.IsNil() {
+		return nil
+	}
+	n := p.v.Elem().Len()
+	s := make([]pointer, n)
+	for i := 0; i < n; i++ {
+		s[i] = pointer{v: p.v.Elem().Index(i)}
+	}
+	return s
+}
+
+// AppendPointerSlice appends v to p, which must be a []*T.
+func (p pointer) AppendPointerSlice(v pointer) {
+	sp := p.v.Elem()
+	sp.Set(reflect.Append(sp, v.v))
+}
+
+// SetPointer sets *p to v.
+func (p pointer) SetPointer(v pointer) {
+	p.v.Elem().Set(v.v)
+}
+
+func growSlice(p pointer, addCap int) {
+	// TODO: Once we only support Go 1.20 and newer, use reflect.Grow.
+	in := p.v.Elem()
+	out := reflect.MakeSlice(in.Type(), in.Len(), in.Len()+addCap)
+	reflect.Copy(out, in)
+	p.v.Elem().Set(out)
+}
+
+func (p pointer) growBoolSlice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growInt32Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growUint32Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growInt64Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growUint64Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growFloat64Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (p pointer) growFloat32Slice(addCap int) {
+	growSlice(p, addCap)
+}
+
+func (Export) MessageStateOf(p Pointer) *messageState     { panic("not supported") }
+func (ms *messageState) pointer() pointer                 { panic("not supported") }
+func (ms *messageState) messageInfo() *MessageInfo        { panic("not supported") }
+func (ms *messageState) LoadMessageInfo() *MessageInfo    { panic("not supported") }
+func (ms *messageState) StoreMessageInfo(mi *MessageInfo) { panic("not supported") }
+
+type atomicNilMessage struct {
+	once sync.Once
+	m    messageReflectWrapper
+}
+
+func (m *atomicNilMessage) Init(mi *MessageInfo) *messageReflectWrapper {
+	m.once.Do(func() {
+		m.m.p = pointerOfIface(reflect.Zero(mi.GoReflectType).Interface())
+		m.m.mi = mi
+	})
+	return &m.m
+}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go b/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go
index 041ebde2d..4b020e311 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe.go
@@ -2,14 +2,15 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
+//go:build !purego && !appengine
+// +build !purego,!appengine
+
 package impl
 
 import (
 	"reflect"
 	"sync/atomic"
 	"unsafe"
-
-	"google.golang.org/protobuf/internal/protolazy"
 )
 
 const UnsafeEnabled = true
@@ -49,7 +50,7 @@ func pointerOfValue(v reflect.Value) pointer {
 }
 
 // pointerOfIface returns the pointer portion of an interface.
-func pointerOfIface(v any) pointer {
+func pointerOfIface(v interface{}) pointer {
 	type ifaceHeader struct {
 		Type unsafe.Pointer
 		Data unsafe.Pointer
@@ -79,7 +80,7 @@ func (p pointer) AsValueOf(t reflect.Type) reflect.Value {
 
 // AsIfaceOf treats p as a pointer to an object of type t and returns the value.
 // It is equivalent to p.AsValueOf(t).Interface()
-func (p pointer) AsIfaceOf(t reflect.Type) any {
+func (p pointer) AsIfaceOf(t reflect.Type) interface{} {
 	// TODO: Use tricky unsafe magic to directly create ifaceHeader.
 	return p.AsValueOf(t).Interface()
 }
@@ -113,13 +114,6 @@ func (p pointer) BytesPtr() **[]byte                    { return (**[]byte)(p.p)
 func (p pointer) BytesSlice() *[][]byte                 { return (*[][]byte)(p.p) }
 func (p pointer) WeakFields() *weakFields               { return (*weakFields)(p.p) }
 func (p pointer) Extensions() *map[int32]ExtensionField { return (*map[int32]ExtensionField)(p.p) }
-func (p pointer) LazyInfoPtr() **protolazy.XXX_lazyUnmarshalInfo {
-	return (**protolazy.XXX_lazyUnmarshalInfo)(p.p)
-}
-
-func (p pointer) PresenceInfo() presence {
-	return presence{P: p.p}
-}
 
 func (p pointer) Elem() pointer {
 	return pointer{p: *(*unsafe.Pointer)(p.p)}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe_opaque.go b/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe_opaque.go
deleted file mode 100644
index 38aa7b7dc..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/pointer_unsafe_opaque.go
+++ /dev/null
@@ -1,42 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package impl
-
-import (
-	"sync/atomic"
-	"unsafe"
-)
-
-func (p pointer) AtomicGetPointer() pointer {
-	return pointer{p: atomic.LoadPointer((*unsafe.Pointer)(p.p))}
-}
-
-func (p pointer) AtomicSetPointer(v pointer) {
-	atomic.StorePointer((*unsafe.Pointer)(p.p), v.p)
-}
-
-func (p pointer) AtomicSetNilPointer() {
-	atomic.StorePointer((*unsafe.Pointer)(p.p), unsafe.Pointer(nil))
-}
-
-func (p pointer) AtomicSetPointerIfNil(v pointer) pointer {
-	if atomic.CompareAndSwapPointer((*unsafe.Pointer)(p.p), unsafe.Pointer(nil), v.p) {
-		return v
-	}
-	return pointer{p: atomic.LoadPointer((*unsafe.Pointer)(p.p))}
-}
-
-type atomicV1MessageInfo struct{ p Pointer }
-
-func (mi *atomicV1MessageInfo) Get() Pointer {
-	return Pointer(atomic.LoadPointer((*unsafe.Pointer)(&mi.p)))
-}
-
-func (mi *atomicV1MessageInfo) SetIfNil(p Pointer) Pointer {
-	if atomic.CompareAndSwapPointer((*unsafe.Pointer)(&mi.p), nil, unsafe.Pointer(p)) {
-		return p
-	}
-	return mi.Get()
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/presence.go b/vendor/google.golang.org/protobuf/internal/impl/presence.go
deleted file mode 100644
index 914cb1ded..000000000
--- a/vendor/google.golang.org/protobuf/internal/impl/presence.go
+++ /dev/null
@@ -1,142 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package impl
-
-import (
-	"sync/atomic"
-	"unsafe"
-)
-
-// presenceSize represents the size of a presence set, which should be the largest index of the set+1
-type presenceSize uint32
-
-// presence is the internal representation of the bitmap array in a generated protobuf
-type presence struct {
-	// This is a pointer to the beginning of an array of uint32
-	P unsafe.Pointer
-}
-
-func (p presence) toElem(num uint32) (ret *uint32) {
-	const (
-		bitsPerByte = 8
-		siz         = unsafe.Sizeof(*ret)
-	)
-	// p.P points to an array of uint32, num is the bit in this array that the
-	// caller wants to check/manipulate. Calculate the index in the array that
-	// contains this specific bit. E.g.: 76 / 32 = 2 (integer division).
-	offset := uintptr(num) / (siz * bitsPerByte) * siz
-	return (*uint32)(unsafe.Pointer(uintptr(p.P) + offset))
-}
-
-// Present checks for the presence of a specific field number in a presence set.
-func (p presence) Present(num uint32) bool {
-	if p.P == nil {
-		return false
-	}
-	return Export{}.Present(p.toElem(num), num)
-}
-
-// SetPresent adds presence for a specific field number in a presence set.
-func (p presence) SetPresent(num uint32, size presenceSize) {
-	Export{}.SetPresent(p.toElem(num), num, uint32(size))
-}
-
-// SetPresentUnatomic adds presence for a specific field number in a presence set without using
-// atomic operations. Only to be called during unmarshaling.
-func (p presence) SetPresentUnatomic(num uint32, size presenceSize) {
-	Export{}.SetPresentNonAtomic(p.toElem(num), num, uint32(size))
-}
-
-// ClearPresent removes presence for a specific field number in a presence set.
-func (p presence) ClearPresent(num uint32) {
-	Export{}.ClearPresent(p.toElem(num), num)
-}
-
-// LoadPresenceCache (together with PresentInCache) allows for a
-// cached version of checking for presence without re-reading the word
-// for every field. It is optimized for efficiency and assumes no
-// simltaneous mutation of the presence set (or at least does not have
-// a problem with simultaneous mutation giving inconsistent results).
-func (p presence) LoadPresenceCache() (current uint32) {
-	if p.P == nil {
-		return 0
-	}
-	return atomic.LoadUint32((*uint32)(p.P))
-}
-
-// PresentInCache reads presence from a cached word in the presence
-// bitmap. It caches up a new word if the bit is outside the
-// word. This is for really fast iteration through bitmaps in cases
-// where we either know that the bitmap will not be altered, or we
-// don't care about inconsistencies caused by simultaneous writes.
-func (p presence) PresentInCache(num uint32, cachedElement *uint32, current *uint32) bool {
-	if num/32 != *cachedElement {
-		o := uintptr(num/32) * unsafe.Sizeof(uint32(0))
-		q := (*uint32)(unsafe.Pointer(uintptr(p.P) + o))
-		*current = atomic.LoadUint32(q)
-		*cachedElement = num / 32
-	}
-	return (*current & (1 << (num % 32))) > 0
-}
-
-// AnyPresent checks if any field is marked as present in the bitmap.
-func (p presence) AnyPresent(size presenceSize) bool {
-	n := uintptr((size + 31) / 32)
-	for j := uintptr(0); j < n; j++ {
-		o := j * unsafe.Sizeof(uint32(0))
-		q := (*uint32)(unsafe.Pointer(uintptr(p.P) + o))
-		b := atomic.LoadUint32(q)
-		if b > 0 {
-			return true
-		}
-	}
-	return false
-}
-
-// toRaceDetectData finds the preceding RaceDetectHookData in a
-// message by using pointer arithmetic. As the type of the presence
-// set (bitmap) varies with the number of fields in the protobuf, we
-// can not have a struct type containing the array and the
-// RaceDetectHookData.  instead the RaceDetectHookData is placed
-// immediately before the bitmap array, and we find it by walking
-// backwards in the struct.
-//
-// This method is only called from the race-detect version of the code,
-// so RaceDetectHookData is never an empty struct.
-func (p presence) toRaceDetectData() *RaceDetectHookData {
-	var template struct {
-		d RaceDetectHookData
-		a [1]uint32
-	}
-	o := (uintptr(unsafe.Pointer(&template.a)) - uintptr(unsafe.Pointer(&template.d)))
-	return (*RaceDetectHookData)(unsafe.Pointer(uintptr(p.P) - o))
-}
-
-func atomicLoadShadowPresence(p **[]byte) *[]byte {
-	return (*[]byte)(atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(p))))
-}
-func atomicStoreShadowPresence(p **[]byte, v *[]byte) {
-	atomic.CompareAndSwapPointer((*unsafe.Pointer)(unsafe.Pointer(p)), nil, unsafe.Pointer(v))
-}
-
-// findPointerToRaceDetectData finds the preceding RaceDetectHookData
-// in a message by using pointer arithmetic. For the methods called
-// directy from generated code, we don't have a pointer to the
-// beginning of the presence set, but a pointer inside the array. As
-// we know the index of the bit we're manipulating (num), we can
-// calculate which element of the array ptr is pointing to. With that
-// information we find the preceding RaceDetectHookData and can
-// manipulate the shadow bitmap.
-//
-// This method is only called from the race-detect version of the
-// code, so RaceDetectHookData is never an empty struct.
-func findPointerToRaceDetectData(ptr *uint32, num uint32) *RaceDetectHookData {
-	var template struct {
-		d RaceDetectHookData
-		a [1]uint32
-	}
-	o := (uintptr(unsafe.Pointer(&template.a)) - uintptr(unsafe.Pointer(&template.d))) + uintptr(num/32)*unsafe.Sizeof(uint32(0))
-	return (*RaceDetectHookData)(unsafe.Pointer(uintptr(unsafe.Pointer(ptr)) - o))
-}
diff --git a/vendor/google.golang.org/protobuf/internal/impl/validate.go b/vendor/google.golang.org/protobuf/internal/impl/validate.go
index b534a3d6d..a24e6bbd7 100644
--- a/vendor/google.golang.org/protobuf/internal/impl/validate.go
+++ b/vendor/google.golang.org/protobuf/internal/impl/validate.go
@@ -37,10 +37,6 @@ const (
 
 	// ValidationValid indicates that unmarshaling the message will succeed.
 	ValidationValid
-
-	// ValidationWrongWireType indicates that a validated field does not have
-	// the expected wire type.
-	ValidationWrongWireType
 )
 
 func (v ValidationStatus) String() string {
@@ -153,23 +149,11 @@ func newValidationInfo(fd protoreflect.FieldDescriptor, ft reflect.Type) validat
 		switch fd.Kind() {
 		case protoreflect.MessageKind:
 			vi.typ = validationTypeMessage
-
-			if ft.Kind() == reflect.Ptr {
-				// Repeated opaque message fields are *[]*T.
-				ft = ft.Elem()
-			}
-
 			if ft.Kind() == reflect.Slice {
 				vi.mi = getMessageInfo(ft.Elem())
 			}
 		case protoreflect.GroupKind:
 			vi.typ = validationTypeGroup
-
-			if ft.Kind() == reflect.Ptr {
-				// Repeated opaque message fields are *[]*T.
-				ft = ft.Elem()
-			}
-
 			if ft.Kind() == reflect.Slice {
 				vi.mi = getMessageInfo(ft.Elem())
 			}
diff --git a/vendor/google.golang.org/protobuf/internal/order/range.go b/vendor/google.golang.org/protobuf/internal/order/range.go
index a1f09162d..1665a68e5 100644
--- a/vendor/google.golang.org/protobuf/internal/order/range.go
+++ b/vendor/google.golang.org/protobuf/internal/order/range.go
@@ -18,7 +18,7 @@ type messageField struct {
 }
 
 var messageFieldPool = sync.Pool{
-	New: func() any { return new([]messageField) },
+	New: func() interface{} { return new([]messageField) },
 }
 
 type (
@@ -69,7 +69,7 @@ type mapEntry struct {
 }
 
 var mapEntryPool = sync.Pool{
-	New: func() any { return new([]mapEntry) },
+	New: func() interface{} { return new([]mapEntry) },
 }
 
 type (
diff --git a/vendor/google.golang.org/protobuf/internal/protolazy/bufferreader.go b/vendor/google.golang.org/protobuf/internal/protolazy/bufferreader.go
deleted file mode 100644
index 82e5cab4a..000000000
--- a/vendor/google.golang.org/protobuf/internal/protolazy/bufferreader.go
+++ /dev/null
@@ -1,364 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Helper code for parsing a protocol buffer
-
-package protolazy
-
-import (
-	"errors"
-	"fmt"
-	"io"
-
-	"google.golang.org/protobuf/encoding/protowire"
-)
-
-// BufferReader is a structure encapsulating a protobuf and a current position
-type BufferReader struct {
-	Buf []byte
-	Pos int
-}
-
-// NewBufferReader creates a new BufferRead from a protobuf
-func NewBufferReader(buf []byte) BufferReader {
-	return BufferReader{Buf: buf, Pos: 0}
-}
-
-var errOutOfBounds = errors.New("protobuf decoding: out of bounds")
-var errOverflow = errors.New("proto: integer overflow")
-
-func (b *BufferReader) DecodeVarintSlow() (x uint64, err error) {
-	i := b.Pos
-	l := len(b.Buf)
-
-	for shift := uint(0); shift < 64; shift += 7 {
-		if i >= l {
-			err = io.ErrUnexpectedEOF
-			return
-		}
-		v := b.Buf[i]
-		i++
-		x |= (uint64(v) & 0x7F) << shift
-		if v < 0x80 {
-			b.Pos = i
-			return
-		}
-	}
-
-	// The number is too large to represent in a 64-bit value.
-	err = errOverflow
-	return
-}
-
-// decodeVarint decodes a varint at the current position
-func (b *BufferReader) DecodeVarint() (x uint64, err error) {
-	i := b.Pos
-	buf := b.Buf
-
-	if i >= len(buf) {
-		return 0, io.ErrUnexpectedEOF
-	} else if buf[i] < 0x80 {
-		b.Pos++
-		return uint64(buf[i]), nil
-	} else if len(buf)-i < 10 {
-		return b.DecodeVarintSlow()
-	}
-
-	var v uint64
-	// we already checked the first byte
-	x = uint64(buf[i]) & 127
-	i++
-
-	v = uint64(buf[i])
-	i++
-	x |= (v & 127) << 7
-	if v < 128 {
-		goto done
-	}
-
-	v = uint64(buf[i])
-	i++
-	x |= (v & 127) << 14
-	if v < 128 {
-		goto done
-	}
-
-	v = uint64(buf[i])
-	i++
-	x |= (v & 127) << 21
-	if v < 128 {
-		goto done
-	}
-
-	v = uint64(buf[i])
-	i++
-	x |= (v & 127) << 28
-	if v < 128 {
-		goto done
-	}
-
-	v = uint64(buf[i])
-	i++
-	x |= (v & 127) << 35
-	if v < 128 {
-		goto done
-	}
-
-	v = uint64(buf[i])
-	i++
-	x |= (v & 127) << 42
-	if v < 128 {
-		goto done
-	}
-
-	v = uint64(buf[i])
-	i++
-	x |= (v & 127) << 49
-	if v < 128 {
-		goto done
-	}
-
-	v = uint64(buf[i])
-	i++
-	x |= (v & 127) << 56
-	if v < 128 {
-		goto done
-	}
-
-	v = uint64(buf[i])
-	i++
-	x |= (v & 127) << 63
-	if v < 128 {
-		goto done
-	}
-
-	return 0, errOverflow
-
-done:
-	b.Pos = i
-	return
-}
-
-// decodeVarint32 decodes a varint32 at the current position
-func (b *BufferReader) DecodeVarint32() (x uint32, err error) {
-	i := b.Pos
-	buf := b.Buf
-
-	if i >= len(buf) {
-		return 0, io.ErrUnexpectedEOF
-	} else if buf[i] < 0x80 {
-		b.Pos++
-		return uint32(buf[i]), nil
-	} else if len(buf)-i < 5 {
-		v, err := b.DecodeVarintSlow()
-		return uint32(v), err
-	}
-
-	var v uint32
-	// we already checked the first byte
-	x = uint32(buf[i]) & 127
-	i++
-
-	v = uint32(buf[i])
-	i++
-	x |= (v & 127) << 7
-	if v < 128 {
-		goto done
-	}
-
-	v = uint32(buf[i])
-	i++
-	x |= (v & 127) << 14
-	if v < 128 {
-		goto done
-	}
-
-	v = uint32(buf[i])
-	i++
-	x |= (v & 127) << 21
-	if v < 128 {
-		goto done
-	}
-
-	v = uint32(buf[i])
-	i++
-	x |= (v & 127) << 28
-	if v < 128 {
-		goto done
-	}
-
-	return 0, errOverflow
-
-done:
-	b.Pos = i
-	return
-}
-
-// skipValue skips a value in the protobuf, based on the specified tag
-func (b *BufferReader) SkipValue(tag uint32) (err error) {
-	wireType := tag & 0x7
-	switch protowire.Type(wireType) {
-	case protowire.VarintType:
-		err = b.SkipVarint()
-	case protowire.Fixed64Type:
-		err = b.SkipFixed64()
-	case protowire.BytesType:
-		var n uint32
-		n, err = b.DecodeVarint32()
-		if err == nil {
-			err = b.Skip(int(n))
-		}
-	case protowire.StartGroupType:
-		err = b.SkipGroup(tag)
-	case protowire.Fixed32Type:
-		err = b.SkipFixed32()
-	default:
-		err = fmt.Errorf("Unexpected wire type (%d)", wireType)
-	}
-	return
-}
-
-// skipGroup skips a group with the specified tag.  It executes efficiently using a tag stack
-func (b *BufferReader) SkipGroup(tag uint32) (err error) {
-	tagStack := make([]uint32, 0, 16)
-	tagStack = append(tagStack, tag)
-	var n uint32
-	for len(tagStack) > 0 {
-		tag, err = b.DecodeVarint32()
-		if err != nil {
-			return err
-		}
-		switch protowire.Type(tag & 0x7) {
-		case protowire.VarintType:
-			err = b.SkipVarint()
-		case protowire.Fixed64Type:
-			err = b.Skip(8)
-		case protowire.BytesType:
-			n, err = b.DecodeVarint32()
-			if err == nil {
-				err = b.Skip(int(n))
-			}
-		case protowire.StartGroupType:
-			tagStack = append(tagStack, tag)
-		case protowire.Fixed32Type:
-			err = b.SkipFixed32()
-		case protowire.EndGroupType:
-			if protoFieldNumber(tagStack[len(tagStack)-1]) == protoFieldNumber(tag) {
-				tagStack = tagStack[:len(tagStack)-1]
-			} else {
-				err = fmt.Errorf("end group tag %d does not match begin group tag %d at pos %d",
-					protoFieldNumber(tag), protoFieldNumber(tagStack[len(tagStack)-1]), b.Pos)
-			}
-		}
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-// skipVarint effiently skips a varint
-func (b *BufferReader) SkipVarint() (err error) {
-	i := b.Pos
-
-	if len(b.Buf)-i < 10 {
-		// Use DecodeVarintSlow() to check for buffer overflow, but ignore result
-		if _, err := b.DecodeVarintSlow(); err != nil {
-			return err
-		}
-		return nil
-	}
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	i++
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	i++
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	i++
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	i++
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	i++
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	i++
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	i++
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	i++
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	i++
-
-	if b.Buf[i] < 0x80 {
-		goto out
-	}
-	return errOverflow
-
-out:
-	b.Pos = i + 1
-	return nil
-}
-
-// skip skips the specified number of bytes
-func (b *BufferReader) Skip(n int) (err error) {
-	if len(b.Buf) < b.Pos+n {
-		return io.ErrUnexpectedEOF
-	}
-	b.Pos += n
-	return
-}
-
-// skipFixed64 skips a fixed64
-func (b *BufferReader) SkipFixed64() (err error) {
-	return b.Skip(8)
-}
-
-// skipFixed32 skips a fixed32
-func (b *BufferReader) SkipFixed32() (err error) {
-	return b.Skip(4)
-}
-
-// skipBytes skips a set of bytes
-func (b *BufferReader) SkipBytes() (err error) {
-	n, err := b.DecodeVarint32()
-	if err != nil {
-		return err
-	}
-	return b.Skip(int(n))
-}
-
-// Done returns whether we are at the end of the protobuf
-func (b *BufferReader) Done() bool {
-	return b.Pos == len(b.Buf)
-}
-
-// Remaining returns how many bytes remain
-func (b *BufferReader) Remaining() int {
-	return len(b.Buf) - b.Pos
-}
diff --git a/vendor/google.golang.org/protobuf/internal/protolazy/lazy.go b/vendor/google.golang.org/protobuf/internal/protolazy/lazy.go
deleted file mode 100644
index ff4d4834b..000000000
--- a/vendor/google.golang.org/protobuf/internal/protolazy/lazy.go
+++ /dev/null
@@ -1,359 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package protolazy contains internal data structures for lazy message decoding.
-package protolazy
-
-import (
-	"fmt"
-	"sort"
-
-	"google.golang.org/protobuf/encoding/protowire"
-	piface "google.golang.org/protobuf/runtime/protoiface"
-)
-
-// IndexEntry is the structure for an index of the fields in a message of a
-// proto (not descending to sub-messages)
-type IndexEntry struct {
-	FieldNum uint32
-	// first byte of this tag/field
-	Start uint32
-	// first byte after a contiguous sequence of bytes for this tag/field, which could
-	// include a single encoding of the field, or multiple encodings for the field
-	End uint32
-	// True if this protobuf segment includes multiple encodings of the field
-	MultipleContiguous bool
-}
-
-// XXX_lazyUnmarshalInfo has information about a particular lazily decoded message
-//
-// Deprecated: Do not use. This will be deleted in the near future.
-type XXX_lazyUnmarshalInfo struct {
-	// Index of fields and their positions in the protobuf for this
-	// message.  Make index be a pointer to a slice so it can be updated
-	// atomically.  The index pointer is only set once (lazily when/if
-	// the index is first needed), and must always be SET and LOADED
-	// ATOMICALLY.
-	index *[]IndexEntry
-	// The protobuf associated with this lazily decoded message.  It is
-	// only set during proto.Unmarshal().  It doesn't need to be set and
-	// loaded atomically, since any simultaneous set (Unmarshal) and read
-	// (during a get) would already be a race in the app code.
-	Protobuf []byte
-	// The flags present when Unmarshal was originally called for this particular message
-	unmarshalFlags piface.UnmarshalInputFlags
-}
-
-// The Buffer and SetBuffer methods let v2/internal/impl interact with
-// XXX_lazyUnmarshalInfo via an interface, to avoid an import cycle.
-
-// Buffer returns the lazy unmarshal buffer.
-//
-// Deprecated: Do not use. This will be deleted in the near future.
-func (lazy *XXX_lazyUnmarshalInfo) Buffer() []byte {
-	return lazy.Protobuf
-}
-
-// SetBuffer sets the lazy unmarshal buffer.
-//
-// Deprecated: Do not use. This will be deleted in the near future.
-func (lazy *XXX_lazyUnmarshalInfo) SetBuffer(b []byte) {
-	lazy.Protobuf = b
-}
-
-// SetUnmarshalFlags is called to set a copy of the original unmarshalInputFlags.
-// The flags should reflect how Unmarshal was called.
-func (lazy *XXX_lazyUnmarshalInfo) SetUnmarshalFlags(f piface.UnmarshalInputFlags) {
-	lazy.unmarshalFlags = f
-}
-
-// UnmarshalFlags returns the original unmarshalInputFlags.
-func (lazy *XXX_lazyUnmarshalInfo) UnmarshalFlags() piface.UnmarshalInputFlags {
-	return lazy.unmarshalFlags
-}
-
-// AllowedPartial returns true if the user originally unmarshalled this message with
-// AllowPartial set to true
-func (lazy *XXX_lazyUnmarshalInfo) AllowedPartial() bool {
-	return (lazy.unmarshalFlags & piface.UnmarshalCheckRequired) == 0
-}
-
-func protoFieldNumber(tag uint32) uint32 {
-	return tag >> 3
-}
-
-// buildIndex builds an index of the specified protobuf, return the index
-// array and an error.
-func buildIndex(buf []byte) ([]IndexEntry, error) {
-	index := make([]IndexEntry, 0, 16)
-	var lastProtoFieldNum uint32
-	var outOfOrder bool
-
-	var r BufferReader = NewBufferReader(buf)
-
-	for !r.Done() {
-		var tag uint32
-		var err error
-		var curPos = r.Pos
-		// INLINED: tag, err = r.DecodeVarint32()
-		{
-			i := r.Pos
-			buf := r.Buf
-
-			if i >= len(buf) {
-				return nil, errOutOfBounds
-			} else if buf[i] < 0x80 {
-				r.Pos++
-				tag = uint32(buf[i])
-			} else if r.Remaining() < 5 {
-				var v uint64
-				v, err = r.DecodeVarintSlow()
-				tag = uint32(v)
-			} else {
-				var v uint32
-				// we already checked the first byte
-				tag = uint32(buf[i]) & 127
-				i++
-
-				v = uint32(buf[i])
-				i++
-				tag |= (v & 127) << 7
-				if v < 128 {
-					goto done
-				}
-
-				v = uint32(buf[i])
-				i++
-				tag |= (v & 127) << 14
-				if v < 128 {
-					goto done
-				}
-
-				v = uint32(buf[i])
-				i++
-				tag |= (v & 127) << 21
-				if v < 128 {
-					goto done
-				}
-
-				v = uint32(buf[i])
-				i++
-				tag |= (v & 127) << 28
-				if v < 128 {
-					goto done
-				}
-
-				return nil, errOutOfBounds
-
-			done:
-				r.Pos = i
-			}
-		}
-		// DONE: tag, err = r.DecodeVarint32()
-
-		fieldNum := protoFieldNumber(tag)
-		if fieldNum < lastProtoFieldNum {
-			outOfOrder = true
-		}
-
-		// Skip the current value -- will skip over an entire group as well.
-		// INLINED: err = r.SkipValue(tag)
-		wireType := tag & 0x7
-		switch protowire.Type(wireType) {
-		case protowire.VarintType:
-			// INLINED: err = r.SkipVarint()
-			i := r.Pos
-
-			if len(r.Buf)-i < 10 {
-				// Use DecodeVarintSlow() to skip while
-				// checking for buffer overflow, but ignore result
-				_, err = r.DecodeVarintSlow()
-				goto out2
-			}
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			i++
-
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			i++
-
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			i++
-
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			i++
-
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			i++
-
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			i++
-
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			i++
-
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			i++
-
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			i++
-
-			if r.Buf[i] < 0x80 {
-				goto out
-			}
-			return nil, errOverflow
-		out:
-			r.Pos = i + 1
-			// DONE: err = r.SkipVarint()
-		case protowire.Fixed64Type:
-			err = r.SkipFixed64()
-		case protowire.BytesType:
-			var n uint32
-			n, err = r.DecodeVarint32()
-			if err == nil {
-				err = r.Skip(int(n))
-			}
-		case protowire.StartGroupType:
-			err = r.SkipGroup(tag)
-		case protowire.Fixed32Type:
-			err = r.SkipFixed32()
-		default:
-			err = fmt.Errorf("Unexpected wire type (%d)", wireType)
-		}
-		// DONE: err = r.SkipValue(tag)
-
-	out2:
-		if err != nil {
-			return nil, err
-		}
-		if fieldNum != lastProtoFieldNum {
-			index = append(index, IndexEntry{FieldNum: fieldNum,
-				Start: uint32(curPos),
-				End:   uint32(r.Pos)},
-			)
-		} else {
-			index[len(index)-1].End = uint32(r.Pos)
-			index[len(index)-1].MultipleContiguous = true
-		}
-		lastProtoFieldNum = fieldNum
-	}
-	if outOfOrder {
-		sort.Slice(index, func(i, j int) bool {
-			return index[i].FieldNum < index[j].FieldNum ||
-				(index[i].FieldNum == index[j].FieldNum &&
-					index[i].Start < index[j].Start)
-		})
-	}
-	return index, nil
-}
-
-func (lazy *XXX_lazyUnmarshalInfo) SizeField(num uint32) (size int) {
-	start, end, found, _, multipleEntries := lazy.FindFieldInProto(num)
-	if multipleEntries != nil {
-		for _, entry := range multipleEntries {
-			size += int(entry.End - entry.Start)
-		}
-		return size
-	}
-	if !found {
-		return 0
-	}
-	return int(end - start)
-}
-
-func (lazy *XXX_lazyUnmarshalInfo) AppendField(b []byte, num uint32) ([]byte, bool) {
-	start, end, found, _, multipleEntries := lazy.FindFieldInProto(num)
-	if multipleEntries != nil {
-		for _, entry := range multipleEntries {
-			b = append(b, lazy.Protobuf[entry.Start:entry.End]...)
-		}
-		return b, true
-	}
-	if !found {
-		return nil, false
-	}
-	b = append(b, lazy.Protobuf[start:end]...)
-	return b, true
-}
-
-func (lazy *XXX_lazyUnmarshalInfo) SetIndex(index []IndexEntry) {
-	atomicStoreIndex(&lazy.index, &index)
-}
-
-// FindFieldInProto looks for field fieldNum in lazyUnmarshalInfo information
-// (including protobuf), returns startOffset/endOffset/found.
-func (lazy *XXX_lazyUnmarshalInfo) FindFieldInProto(fieldNum uint32) (start, end uint32, found, multipleContiguous bool, multipleEntries []IndexEntry) {
-	if lazy.Protobuf == nil {
-		// There is no backing protobuf for this message -- it was made from a builder
-		return 0, 0, false, false, nil
-	}
-	index := atomicLoadIndex(&lazy.index)
-	if index == nil {
-		r, err := buildIndex(lazy.Protobuf)
-		if err != nil {
-			panic(fmt.Sprintf("findFieldInfo: error building index when looking for field %d: %v", fieldNum, err))
-		}
-		// lazy.index is a pointer to the slice returned by BuildIndex
-		index = &r
-		atomicStoreIndex(&lazy.index, index)
-	}
-	return lookupField(index, fieldNum)
-}
-
-// lookupField returns the offset at which the indicated field starts using
-// the index, offset immediately after field ends (including all instances of
-// a repeated field), and bools indicating if field was found and if there
-// are multiple encodings of the field in the byte range.
-//
-// To hande the uncommon case where there are repeated encodings for the same
-// field which are not consecutive in the protobuf (so we need to returns
-// multiple start/end offsets), we also return a slice multipleEntries.  If
-// multipleEntries is non-nil, then multiple entries were found, and the
-// values in the slice should be used, rather than start/end/found.
-func lookupField(indexp *[]IndexEntry, fieldNum uint32) (start, end uint32, found bool, multipleContiguous bool, multipleEntries []IndexEntry) {
-	// The pointer indexp to the index was already loaded atomically.
-	// The slice is uniquely associated with the pointer, so it doesn't
-	// need to be loaded atomically.
-	index := *indexp
-	for i, entry := range index {
-		if fieldNum == entry.FieldNum {
-			if i < len(index)-1 && entry.FieldNum == index[i+1].FieldNum {
-				// Handle the uncommon case where there are
-				// repeated entries for the same field which
-				// are not contiguous in the protobuf.
-				multiple := make([]IndexEntry, 1, 2)
-				multiple[0] = IndexEntry{fieldNum, entry.Start, entry.End, entry.MultipleContiguous}
-				i++
-				for i < len(index) && index[i].FieldNum == fieldNum {
-					multiple = append(multiple, IndexEntry{fieldNum, index[i].Start, index[i].End, index[i].MultipleContiguous})
-					i++
-				}
-				return 0, 0, false, false, multiple
-
-			}
-			return entry.Start, entry.End, true, entry.MultipleContiguous, nil
-		}
-		if fieldNum < entry.FieldNum {
-			return 0, 0, false, false, nil
-		}
-	}
-	return 0, 0, false, false, nil
-}
diff --git a/vendor/google.golang.org/protobuf/internal/protolazy/pointer_unsafe.go b/vendor/google.golang.org/protobuf/internal/protolazy/pointer_unsafe.go
deleted file mode 100644
index dc2a64ca6..000000000
--- a/vendor/google.golang.org/protobuf/internal/protolazy/pointer_unsafe.go
+++ /dev/null
@@ -1,17 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package protolazy
-
-import (
-	"sync/atomic"
-	"unsafe"
-)
-
-func atomicLoadIndex(p **[]IndexEntry) *[]IndexEntry {
-	return (*[]IndexEntry)(atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(p))))
-}
-func atomicStoreIndex(p **[]IndexEntry, v *[]IndexEntry) {
-	atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(p)), unsafe.Pointer(v))
-}
diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings_pure.go b/vendor/google.golang.org/protobuf/internal/strs/strings_pure.go
new file mode 100644
index 000000000..a1f6f3338
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/internal/strs/strings_pure.go
@@ -0,0 +1,28 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build purego || appengine
+// +build purego appengine
+
+package strs
+
+import pref "google.golang.org/protobuf/reflect/protoreflect"
+
+func UnsafeString(b []byte) string {
+	return string(b)
+}
+
+func UnsafeBytes(s string) []byte {
+	return []byte(s)
+}
+
+type Builder struct{}
+
+func (*Builder) AppendFullName(prefix pref.FullName, name pref.Name) pref.FullName {
+	return prefix.Append(name)
+}
+
+func (*Builder) MakeString(b []byte) string {
+	return string(b)
+}
diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go
index 832a7988f..a008acd09 100644
--- a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go
+++ b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go120.go
@@ -2,7 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !go1.21
+//go:build !purego && !appengine && !go1.21
+// +build !purego,!appengine,!go1.21
 
 package strs
 
diff --git a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go
index 1ffddf687..60166f2ba 100644
--- a/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go
+++ b/vendor/google.golang.org/protobuf/internal/strs/strings_unsafe_go121.go
@@ -2,7 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build go1.21
+//go:build !purego && !appengine && go1.21
+// +build !purego,!appengine,go1.21
 
 package strs
 
diff --git a/vendor/google.golang.org/protobuf/internal/version/version.go b/vendor/google.golang.org/protobuf/internal/version/version.go
index 386c823aa..a50fcfb49 100644
--- a/vendor/google.golang.org/protobuf/internal/version/version.go
+++ b/vendor/google.golang.org/protobuf/internal/version/version.go
@@ -51,8 +51,8 @@ import (
 //  10. Send out the CL for review and submit it.
 const (
 	Major      = 1
-	Minor      = 36
-	Patch      = 2
+	Minor      = 33
+	Patch      = 0
 	PreRelease = ""
 )
 
diff --git a/vendor/google.golang.org/protobuf/proto/decode.go b/vendor/google.golang.org/protobuf/proto/decode.go
index a3b5e142d..e5b03b567 100644
--- a/vendor/google.golang.org/protobuf/proto/decode.go
+++ b/vendor/google.golang.org/protobuf/proto/decode.go
@@ -47,18 +47,10 @@ type UnmarshalOptions struct {
 	// RecursionLimit limits how deeply messages may be nested.
 	// If zero, a default limit is applied.
 	RecursionLimit int
-
-	//
-	// NoLazyDecoding turns off lazy decoding, which otherwise is enabled by
-	// default. Lazy decoding only affects submessages (annotated with [lazy =
-	// true] in the .proto file) within messages that use the Opaque API.
-	NoLazyDecoding bool
 }
 
 // Unmarshal parses the wire-format message in b and places the result in m.
 // The provided message must be mutable (e.g., a non-nil pointer to a message).
-//
-// See the [UnmarshalOptions] type if you need more control.
 func Unmarshal(b []byte, m Message) error {
 	_, err := UnmarshalOptions{RecursionLimit: protowire.DefaultRecursionLimit}.unmarshal(b, m.ProtoReflect())
 	return err
@@ -110,16 +102,6 @@ func (o UnmarshalOptions) unmarshal(b []byte, m protoreflect.Message) (out proto
 		if o.DiscardUnknown {
 			in.Flags |= protoiface.UnmarshalDiscardUnknown
 		}
-
-		if !allowPartial {
-			// This does not affect how current unmarshal functions work, it just allows them
-			// to record this for lazy the decoding case.
-			in.Flags |= protoiface.UnmarshalCheckRequired
-		}
-		if o.NoLazyDecoding {
-			in.Flags |= protoiface.UnmarshalNoLazyDecoding
-		}
-
 		out, err = methods.Unmarshal(in)
 	} else {
 		o.RecursionLimit--
diff --git a/vendor/google.golang.org/protobuf/proto/encode.go b/vendor/google.golang.org/protobuf/proto/encode.go
index f0473c586..4fed202f9 100644
--- a/vendor/google.golang.org/protobuf/proto/encode.go
+++ b/vendor/google.golang.org/protobuf/proto/encode.go
@@ -5,17 +5,12 @@
 package proto
 
 import (
-	"errors"
-	"fmt"
-
 	"google.golang.org/protobuf/encoding/protowire"
 	"google.golang.org/protobuf/internal/encoding/messageset"
 	"google.golang.org/protobuf/internal/order"
 	"google.golang.org/protobuf/internal/pragma"
 	"google.golang.org/protobuf/reflect/protoreflect"
 	"google.golang.org/protobuf/runtime/protoiface"
-
-	protoerrors "google.golang.org/protobuf/internal/errors"
 )
 
 // MarshalOptions configures the marshaler.
@@ -63,8 +58,7 @@ type MarshalOptions struct {
 	// options (except for UseCachedSize itself).
 	//
 	// 2. The message and all its submessages have not changed in any
-	// way since the Size call. For lazily decoded messages, accessing
-	// a message results in decoding the message, which is a change.
+	// way since the Size call.
 	//
 	// If either of these invariants is violated,
 	// the results are undefined and may include panics or corrupted output.
@@ -76,32 +70,7 @@ type MarshalOptions struct {
 	UseCachedSize bool
 }
 
-// flags turns the specified MarshalOptions (user-facing) into
-// protoiface.MarshalInputFlags (used internally by the marshaler).
-//
-// See impl.marshalOptions.Options for the inverse operation.
-func (o MarshalOptions) flags() protoiface.MarshalInputFlags {
-	var flags protoiface.MarshalInputFlags
-
-	// Note: o.AllowPartial is always forced to true by MarshalOptions.marshal,
-	// which is why it is not a part of MarshalInputFlags.
-
-	if o.Deterministic {
-		flags |= protoiface.MarshalDeterministic
-	}
-
-	if o.UseCachedSize {
-		flags |= protoiface.MarshalUseCachedSize
-	}
-
-	return flags
-}
-
 // Marshal returns the wire-format encoding of m.
-//
-// This is the most common entry point for encoding a Protobuf message.
-//
-// See the [MarshalOptions] type if you need more control.
 func Marshal(m Message) ([]byte, error) {
 	// Treat nil message interface as an empty message; nothing to output.
 	if m == nil {
@@ -147,9 +116,6 @@ func emptyBytesForMessage(m Message) []byte {
 
 // MarshalAppend appends the wire-format encoding of m to b,
 // returning the result.
-//
-// This is a less common entry point than [Marshal], which is only needed if you
-// need to supply your own buffers for performance reasons.
 func (o MarshalOptions) MarshalAppend(b []byte, m Message) ([]byte, error) {
 	// Treat nil message interface as an empty message; nothing to append.
 	if m == nil {
@@ -179,7 +145,12 @@ func (o MarshalOptions) marshal(b []byte, m protoreflect.Message) (out protoifac
 		in := protoiface.MarshalInput{
 			Message: m,
 			Buf:     b,
-			Flags:   o.flags(),
+		}
+		if o.Deterministic {
+			in.Flags |= protoiface.MarshalDeterministic
+		}
+		if o.UseCachedSize {
+			in.Flags |= protoiface.MarshalUseCachedSize
 		}
 		if methods.Size != nil {
 			sout := methods.Size(protoiface.SizeInput{
@@ -197,10 +168,6 @@ func (o MarshalOptions) marshal(b []byte, m protoreflect.Message) (out protoifac
 		out.Buf, err = o.marshalMessageSlow(b, m)
 	}
 	if err != nil {
-		var mismatch *protoerrors.SizeMismatchError
-		if errors.As(err, &mismatch) {
-			return out, fmt.Errorf("marshaling %s: %v", string(m.Descriptor().FullName()), err)
-		}
 		return out, err
 	}
 	if allowPartial {
diff --git a/vendor/google.golang.org/protobuf/proto/equal.go b/vendor/google.golang.org/protobuf/proto/equal.go
index c36d4a9cd..1a0be1b03 100644
--- a/vendor/google.golang.org/protobuf/proto/equal.go
+++ b/vendor/google.golang.org/protobuf/proto/equal.go
@@ -8,7 +8,6 @@ import (
 	"reflect"
 
 	"google.golang.org/protobuf/reflect/protoreflect"
-	"google.golang.org/protobuf/runtime/protoiface"
 )
 
 // Equal reports whether two messages are equal,
@@ -52,14 +51,6 @@ func Equal(x, y Message) bool {
 	if mx.IsValid() != my.IsValid() {
 		return false
 	}
-
-	// Only one of the messages needs to implement the fast-path for it to work.
-	pmx := protoMethods(mx)
-	pmy := protoMethods(my)
-	if pmx != nil && pmy != nil && pmx.Equal != nil && pmy.Equal != nil {
-		return pmx.Equal(protoiface.EqualInput{MessageA: mx, MessageB: my}).Equal
-	}
-
 	vx := protoreflect.ValueOfMessage(mx)
 	vy := protoreflect.ValueOfMessage(my)
 	return vx.Equal(vy)
diff --git a/vendor/google.golang.org/protobuf/proto/extension.go b/vendor/google.golang.org/protobuf/proto/extension.go
index 78445d116..17899a3a7 100644
--- a/vendor/google.golang.org/protobuf/proto/extension.go
+++ b/vendor/google.golang.org/protobuf/proto/extension.go
@@ -11,21 +11,18 @@ import (
 // HasExtension reports whether an extension field is populated.
 // It returns false if m is invalid or if xt does not extend m.
 func HasExtension(m Message, xt protoreflect.ExtensionType) bool {
-	// Treat nil message interface or descriptor as an empty message; no populated
-	// fields.
-	if m == nil || xt == nil {
+	// Treat nil message interface as an empty message; no populated fields.
+	if m == nil {
 		return false
 	}
 
 	// As a special-case, we reports invalid or mismatching descriptors
 	// as always not being populated (since they aren't).
-	mr := m.ProtoReflect()
-	xd := xt.TypeDescriptor()
-	if mr.Descriptor() != xd.ContainingMessage() {
+	if xt == nil || m.ProtoReflect().Descriptor() != xt.TypeDescriptor().ContainingMessage() {
 		return false
 	}
 
-	return mr.Has(xd)
+	return m.ProtoReflect().Has(xt.TypeDescriptor())
 }
 
 // ClearExtension clears an extension field such that subsequent
@@ -39,49 +36,7 @@ func ClearExtension(m Message, xt protoreflect.ExtensionType) {
 // If the field is unpopulated, it returns the default value for
 // scalars and an immutable, empty value for lists or messages.
 // It panics if xt does not extend m.
-//
-// The type of the value is dependent on the field type of the extension.
-// For extensions generated by protoc-gen-go, the Go type is as follows:
-//
-//	╔═══════════════════╤═════════════════════════╗
-//	║ Go type           │ Protobuf kind           ║
-//	╠═══════════════════╪═════════════════════════╣
-//	║ bool              │ bool                    ║
-//	║ int32             │ int32, sint32, sfixed32 ║
-//	║ int64             │ int64, sint64, sfixed64 ║
-//	║ uint32            │ uint32, fixed32         ║
-//	║ uint64            │ uint64, fixed64         ║
-//	║ float32           │ float                   ║
-//	║ float64           │ double                  ║
-//	║ string            │ string                  ║
-//	║ []byte            │ bytes                   ║
-//	║ protoreflect.Enum │ enum                    ║
-//	║ proto.Message     │ message, group          ║
-//	╚═══════════════════╧═════════════════════════╝
-//
-// The protoreflect.Enum and proto.Message types are the concrete Go type
-// associated with the named enum or message. Repeated fields are represented
-// using a Go slice of the base element type.
-//
-// If a generated extension descriptor variable is directly passed to
-// GetExtension, then the call should be followed immediately by a
-// type assertion to the expected output value. For example:
-//
-//	mm := proto.GetExtension(m, foopb.E_MyExtension).(*foopb.MyMessage)
-//
-// This pattern enables static analysis tools to verify that the asserted type
-// matches the Go type associated with the extension field and
-// also enables a possible future migration to a type-safe extension API.
-//
-// Since singular messages are the most common extension type, the pattern of
-// calling HasExtension followed by GetExtension may be simplified to:
-//
-//	if mm := proto.GetExtension(m, foopb.E_MyExtension).(*foopb.MyMessage); mm != nil {
-//	    ... // make use of mm
-//	}
-//
-// The mm variable is non-nil if and only if HasExtension reports true.
-func GetExtension(m Message, xt protoreflect.ExtensionType) any {
+func GetExtension(m Message, xt protoreflect.ExtensionType) interface{} {
 	// Treat nil message interface as an empty message; return the default.
 	if m == nil {
 		return xt.InterfaceOf(xt.Zero())
@@ -93,36 +48,7 @@ func GetExtension(m Message, xt protoreflect.ExtensionType) any {
 // SetExtension stores the value of an extension field.
 // It panics if m is invalid, xt does not extend m, or if type of v
 // is invalid for the specified extension field.
-//
-// The type of the value is dependent on the field type of the extension.
-// For extensions generated by protoc-gen-go, the Go type is as follows:
-//
-//	╔═══════════════════╤═════════════════════════╗
-//	║ Go type           │ Protobuf kind           ║
-//	╠═══════════════════╪═════════════════════════╣
-//	║ bool              │ bool                    ║
-//	║ int32             │ int32, sint32, sfixed32 ║
-//	║ int64             │ int64, sint64, sfixed64 ║
-//	║ uint32            │ uint32, fixed32         ║
-//	║ uint64            │ uint64, fixed64         ║
-//	║ float32           │ float                   ║
-//	║ float64           │ double                  ║
-//	║ string            │ string                  ║
-//	║ []byte            │ bytes                   ║
-//	║ protoreflect.Enum │ enum                    ║
-//	║ proto.Message     │ message, group          ║
-//	╚═══════════════════╧═════════════════════════╝
-//
-// The protoreflect.Enum and proto.Message types are the concrete Go type
-// associated with the named enum or message. Repeated fields are represented
-// using a Go slice of the base element type.
-//
-// If a generated extension descriptor variable is directly passed to
-// SetExtension (e.g., foopb.E_MyExtension), then the value should be a
-// concrete type that matches the expected Go type for the extension descriptor
-// so that static analysis tools can verify type correctness.
-// This also enables a possible future migration to a type-safe extension API.
-func SetExtension(m Message, xt protoreflect.ExtensionType, v any) {
+func SetExtension(m Message, xt protoreflect.ExtensionType, v interface{}) {
 	xd := xt.TypeDescriptor()
 	pv := xt.ValueOf(v)
 
@@ -149,7 +75,7 @@ func SetExtension(m Message, xt protoreflect.ExtensionType, v any) {
 // It returns immediately if f returns false.
 // While iterating, mutating operations may only be performed
 // on the current extension field.
-func RangeExtensions(m Message, f func(protoreflect.ExtensionType, any) bool) {
+func RangeExtensions(m Message, f func(protoreflect.ExtensionType, interface{}) bool) {
 	// Treat nil message interface as an empty message; nothing to range over.
 	if m == nil {
 		return
diff --git a/vendor/google.golang.org/protobuf/proto/messageset.go b/vendor/google.golang.org/protobuf/proto/messageset.go
index 575d14831..312d5d45c 100644
--- a/vendor/google.golang.org/protobuf/proto/messageset.go
+++ b/vendor/google.golang.org/protobuf/proto/messageset.go
@@ -47,16 +47,11 @@ func (o MarshalOptions) marshalMessageSet(b []byte, m protoreflect.Message) ([]b
 func (o MarshalOptions) marshalMessageSetField(b []byte, fd protoreflect.FieldDescriptor, value protoreflect.Value) ([]byte, error) {
 	b = messageset.AppendFieldStart(b, fd.Number())
 	b = protowire.AppendTag(b, messageset.FieldMessage, protowire.BytesType)
-	calculatedSize := o.Size(value.Message().Interface())
-	b = protowire.AppendVarint(b, uint64(calculatedSize))
-	before := len(b)
+	b = protowire.AppendVarint(b, uint64(o.Size(value.Message().Interface())))
 	b, err := o.marshalMessage(b, value.Message())
 	if err != nil {
 		return b, err
 	}
-	if measuredSize := len(b) - before; calculatedSize != measuredSize {
-		return nil, errors.MismatchedSizeCalculation(calculatedSize, measuredSize)
-	}
 	b = messageset.AppendFieldEnd(b)
 	return b, nil
 }
diff --git a/vendor/google.golang.org/protobuf/proto/size.go b/vendor/google.golang.org/protobuf/proto/size.go
index c8675806c..f1692b49b 100644
--- a/vendor/google.golang.org/protobuf/proto/size.go
+++ b/vendor/google.golang.org/protobuf/proto/size.go
@@ -12,19 +12,11 @@ import (
 )
 
 // Size returns the size in bytes of the wire-format encoding of m.
-//
-// Note that Size might return more bytes than Marshal will write in the case of
-// lazily decoded messages that arrive in non-minimal wire format: see
-// https://protobuf.dev/reference/go/size/ for more details.
 func Size(m Message) int {
 	return MarshalOptions{}.Size(m)
 }
 
 // Size returns the size in bytes of the wire-format encoding of m.
-//
-// Note that Size might return more bytes than Marshal will write in the case of
-// lazily decoded messages that arrive in non-minimal wire format: see
-// https://protobuf.dev/reference/go/size/ for more details.
 func (o MarshalOptions) Size(m Message) int {
 	// Treat a nil message interface as an empty message; nothing to output.
 	if m == nil {
@@ -42,7 +34,6 @@ func (o MarshalOptions) size(m protoreflect.Message) (size int) {
 	if methods != nil && methods.Size != nil {
 		out := methods.Size(protoiface.SizeInput{
 			Message: m,
-			Flags:   o.flags(),
 		})
 		return out.Size
 	}
@@ -51,7 +42,6 @@ func (o MarshalOptions) size(m protoreflect.Message) (size int) {
 		// This case is mainly used for legacy types with a Marshal method.
 		out, _ := methods.Marshal(protoiface.MarshalInput{
 			Message: m,
-			Flags:   o.flags(),
 		})
 		return len(out.Buf)
 	}
diff --git a/vendor/google.golang.org/protobuf/proto/wrapperopaque.go b/vendor/google.golang.org/protobuf/proto/wrapperopaque.go
deleted file mode 100644
index 267fd0f1f..000000000
--- a/vendor/google.golang.org/protobuf/proto/wrapperopaque.go
+++ /dev/null
@@ -1,80 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proto
-
-// ValueOrNil returns nil if has is false, or a pointer to a new variable
-// containing the value returned by the specified getter.
-//
-// This function is similar to the wrappers (proto.Int32(), proto.String(),
-// etc.), but is generic (works for any field type) and works with the hasser
-// and getter of a field, as opposed to a value.
-//
-// This is convenient when populating builder fields.
-//
-// Example:
-//
-//	hop := attr.GetDirectHop()
-//	injectedRoute := ripb.InjectedRoute_builder{
-//	  Prefixes: route.GetPrefixes(),
-//	  NextHop:  proto.ValueOrNil(hop.HasAddress(), hop.GetAddress),
-//	}
-func ValueOrNil[T any](has bool, getter func() T) *T {
-	if !has {
-		return nil
-	}
-	v := getter()
-	return &v
-}
-
-// ValueOrDefault returns the protobuf message val if val is not nil, otherwise
-// it returns a pointer to an empty val message.
-//
-// This function allows for translating code from the old Open Struct API to the
-// new Opaque API.
-//
-// The old Open Struct API represented oneof fields with a wrapper struct:
-//
-//	var signedImg *accountpb.SignedImage
-//	profile := &accountpb.Profile{
-//		// The Avatar oneof will be set, with an empty SignedImage.
-//		Avatar: &accountpb.Profile_SignedImage{signedImg},
-//	}
-//
-// The new Opaque API treats oneof fields like regular fields, there are no more
-// wrapper structs:
-//
-//	var signedImg *accountpb.SignedImage
-//	profile := &accountpb.Profile{}
-//	profile.SetSignedImage(signedImg)
-//
-// For convenience, the Opaque API also offers Builders, which allow for a
-// direct translation of struct initialization. However, because Builders use
-// nilness to represent field presence (but there is no non-nil wrapper struct
-// anymore), Builders cannot distinguish between an unset oneof and a set oneof
-// with nil message. The above code would need to be translated with help of the
-// ValueOrDefault function to retain the same behavior:
-//
-//	var signedImg *accountpb.SignedImage
-//	return &accountpb.Profile_builder{
-//		SignedImage: proto.ValueOrDefault(signedImg),
-//	}.Build()
-func ValueOrDefault[T interface {
-	*P
-	Message
-}, P any](val T) T {
-	if val == nil {
-		return T(new(P))
-	}
-	return val
-}
-
-// ValueOrDefaultBytes is like ValueOrDefault but for working with fields of
-// type []byte.
-func ValueOrDefaultBytes(val []byte) []byte {
-	if val == nil {
-		return []byte{}
-	}
-	return val
-}
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/methods.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/methods.go
index 742cb518c..d5d5af6eb 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/methods.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/methods.go
@@ -23,7 +23,6 @@ type (
 		Unmarshal        func(unmarshalInput) (unmarshalOutput, error)
 		Merge            func(mergeInput) mergeOutput
 		CheckInitialized func(checkInitializedInput) (checkInitializedOutput, error)
-		Equal            func(equalInput) equalOutput
 	}
 	supportFlags = uint64
 	sizeInput    = struct {
@@ -76,13 +75,4 @@ type (
 	checkInitializedOutput = struct {
 		pragma.NoUnkeyedLiterals
 	}
-	equalInput = struct {
-		pragma.NoUnkeyedLiterals
-		MessageA Message
-		MessageB Message
-	}
-	equalOutput = struct {
-		pragma.NoUnkeyedLiterals
-		Equal bool
-	}
 )
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
index c85bfaa5b..00b01fbd8 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/proto.go
@@ -161,7 +161,7 @@ const (
 // IsValid reports whether the syntax is valid.
 func (s Syntax) IsValid() bool {
 	switch s {
-	case Proto2, Proto3, Editions:
+	case Proto2, Proto3:
 		return true
 	default:
 		return false
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
index ea154eec4..7dcc2ff09 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/source_gen.go
@@ -373,8 +373,6 @@ func (p *SourcePath) appendFieldOptions(b []byte) []byte {
 		b = p.appendRepeatedField(b, "edition_defaults", (*SourcePath).appendFieldOptions_EditionDefault)
 	case 21:
 		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
-	case 22:
-		b = p.appendSingularField(b, "feature_support", (*SourcePath).appendFieldOptions_FeatureSupport)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -485,8 +483,6 @@ func (p *SourcePath) appendEnumValueOptions(b []byte) []byte {
 		b = p.appendSingularField(b, "features", (*SourcePath).appendFeatureSet)
 	case 3:
 		b = p.appendSingularField(b, "debug_redact", nil)
-	case 4:
-		b = p.appendSingularField(b, "feature_support", (*SourcePath).appendFieldOptions_FeatureSupport)
 	case 999:
 		b = p.appendRepeatedField(b, "uninterpreted_option", (*SourcePath).appendUninterpretedOption)
 	}
@@ -523,23 +519,6 @@ func (p *SourcePath) appendFieldOptions_EditionDefault(b []byte) []byte {
 	return b
 }
 
-func (p *SourcePath) appendFieldOptions_FeatureSupport(b []byte) []byte {
-	if len(*p) == 0 {
-		return b
-	}
-	switch (*p)[0] {
-	case 1:
-		b = p.appendSingularField(b, "edition_introduced", nil)
-	case 2:
-		b = p.appendSingularField(b, "edition_deprecated", nil)
-	case 3:
-		b = p.appendSingularField(b, "deprecation_warning", nil)
-	case 4:
-		b = p.appendSingularField(b, "edition_removed", nil)
-	}
-	return b
-}
-
 func (p *SourcePath) appendUninterpretedOption_NamePart(b []byte) []byte {
 	if len(*p) == 0 {
 		return b
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go
index cd8fadbaf..60ff62b4c 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/type.go
@@ -510,7 +510,7 @@ type ExtensionType interface {
 	//
 	// ValueOf is more extensive than protoreflect.ValueOf for a given field's
 	// value as it has more type information available.
-	ValueOf(any) Value
+	ValueOf(interface{}) Value
 
 	// InterfaceOf completely unwraps the Value to the underlying Go type.
 	// InterfaceOf panics if the input is nil or does not represent the
@@ -519,13 +519,13 @@ type ExtensionType interface {
 	//
 	// InterfaceOf is able to unwrap the Value further than Value.Interface
 	// as it has more type information available.
-	InterfaceOf(Value) any
+	InterfaceOf(Value) interface{}
 
 	// IsValidValue reports whether the Value is valid to assign to the field.
 	IsValidValue(Value) bool
 
 	// IsValidInterface reports whether the input is valid to assign to the field.
-	IsValidInterface(any) bool
+	IsValidInterface(interface{}) bool
 }
 
 // EnumDescriptor describes an enum and
@@ -544,12 +544,6 @@ type EnumDescriptor interface {
 	// ReservedRanges is a list of reserved ranges of enum numbers.
 	ReservedRanges() EnumRanges
 
-	// IsClosed reports whether this enum uses closed semantics.
-	// See https://protobuf.dev/programming-guides/enum/#definitions.
-	// Note: the Go protobuf implementation is not spec compliant and treats
-	// all enums as open enums.
-	IsClosed() bool
-
 	isEnumDescriptor
 }
 type isEnumDescriptor interface{ ProtoType(EnumDescriptor) }
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go
index a4b78acef..a7b0d06ff 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value.go
@@ -152,7 +152,7 @@ type Message interface {
 	// This method may return nil.
 	//
 	// The returned methods type is identical to
-	// [google.golang.org/protobuf/runtime/protoiface.Methods].
+	// google.golang.org/protobuf/runtime/protoiface.Methods.
 	// Consult the protoiface package documentation for details.
 	ProtoMethods() *methods
 }
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_pure.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_pure.go
new file mode 100644
index 000000000..7ced876f4
--- /dev/null
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_pure.go
@@ -0,0 +1,60 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+//go:build purego || appengine
+// +build purego appengine
+
+package protoreflect
+
+import "google.golang.org/protobuf/internal/pragma"
+
+type valueType int
+
+const (
+	nilType valueType = iota
+	boolType
+	int32Type
+	int64Type
+	uint32Type
+	uint64Type
+	float32Type
+	float64Type
+	stringType
+	bytesType
+	enumType
+	ifaceType
+)
+
+// value is a union where only one type can be represented at a time.
+// This uses a distinct field for each type. This is type safe in Go, but
+// occupies more memory than necessary (72B).
+type value struct {
+	pragma.DoNotCompare // 0B
+
+	typ   valueType   // 8B
+	num   uint64      // 8B
+	str   string      // 16B
+	bin   []byte      // 24B
+	iface interface{} // 16B
+}
+
+func valueOfString(v string) Value {
+	return Value{typ: stringType, str: v}
+}
+func valueOfBytes(v []byte) Value {
+	return Value{typ: bytesType, bin: v}
+}
+func valueOfIface(v interface{}) Value {
+	return Value{typ: ifaceType, iface: v}
+}
+
+func (v Value) getString() string {
+	return v.str
+}
+func (v Value) getBytes() []byte {
+	return v.bin
+}
+func (v Value) getIface() interface{} {
+	return v.iface
+}
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go
index 9fe83cef5..160309731 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_union.go
@@ -69,8 +69,8 @@ import (
 // composite Value. Modifying an empty, read-only value panics.
 type Value value
 
-// The protoreflect API uses a custom Value union type instead of any
-// to keep the future open for performance optimizations. Using an any
+// The protoreflect API uses a custom Value union type instead of interface{}
+// to keep the future open for performance optimizations. Using an interface{}
 // always incurs an allocation for primitives (e.g., int64) since it needs to
 // be boxed on the heap (as interfaces can only contain pointers natively).
 // Instead, we represent the Value union as a flat struct that internally keeps
@@ -85,7 +85,7 @@ type Value value
 // ValueOf returns a Value initialized with the concrete value stored in v.
 // This panics if the type does not match one of the allowed types in the
 // Value union.
-func ValueOf(v any) Value {
+func ValueOf(v interface{}) Value {
 	switch v := v.(type) {
 	case nil:
 		return Value{}
@@ -192,10 +192,10 @@ func (v Value) IsValid() bool {
 	return v.typ != nilType
 }
 
-// Interface returns v as an any.
+// Interface returns v as an interface{}.
 //
 // Invariant: v == ValueOf(v).Interface()
-func (v Value) Interface() any {
+func (v Value) Interface() interface{} {
 	switch v.typ {
 	case nilType:
 		return nil
@@ -406,8 +406,8 @@ func (k MapKey) IsValid() bool {
 	return Value(k).IsValid()
 }
 
-// Interface returns k as an any.
-func (k MapKey) Interface() any {
+// Interface returns k as an interface{}.
+func (k MapKey) Interface() interface{} {
 	return Value(k).Interface()
 }
 
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go
index 0015fcb35..b1fdbe3e8 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go120.go
@@ -2,7 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build !go1.21
+//go:build !purego && !appengine && !go1.21
+// +build !purego,!appengine,!go1.21
 
 package protoreflect
 
@@ -44,7 +45,7 @@ var (
 
 // typeOf returns a pointer to the Go type information.
 // The pointer is comparable and equal if and only if the types are identical.
-func typeOf(t any) unsafe.Pointer {
+func typeOf(t interface{}) unsafe.Pointer {
 	return (*ifaceHeader)(unsafe.Pointer(&t)).Type
 }
 
@@ -79,7 +80,7 @@ func valueOfBytes(v []byte) Value {
 	p := (*sliceHeader)(unsafe.Pointer(&v))
 	return Value{typ: bytesType, ptr: p.Data, num: uint64(len(v))}
 }
-func valueOfIface(v any) Value {
+func valueOfIface(v interface{}) Value {
 	p := (*ifaceHeader)(unsafe.Pointer(&v))
 	return Value{typ: p.Type, ptr: p.Data}
 }
@@ -92,7 +93,7 @@ func (v Value) getBytes() (x []byte) {
 	*(*sliceHeader)(unsafe.Pointer(&x)) = sliceHeader{Data: v.ptr, Len: int(v.num), Cap: int(v.num)}
 	return x
 }
-func (v Value) getIface() (x any) {
+func (v Value) getIface() (x interface{}) {
 	*(*ifaceHeader)(unsafe.Pointer(&x)) = ifaceHeader{Type: v.typ, Data: v.ptr}
 	return x
 }
diff --git a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go
index 479527b58..435470111 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoreflect/value_unsafe_go121.go
@@ -2,7 +2,8 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.
 
-//go:build go1.21
+//go:build !purego && !appengine && go1.21
+// +build !purego,!appengine,go1.21
 
 package protoreflect
 
@@ -14,7 +15,7 @@ import (
 
 type (
 	ifaceHeader struct {
-		_    [0]any // if interfaces have greater alignment than unsafe.Pointer, this will enforce it.
+		_    [0]interface{} // if interfaces have greater alignment than unsafe.Pointer, this will enforce it.
 		Type unsafe.Pointer
 		Data unsafe.Pointer
 	}
@@ -36,7 +37,7 @@ var (
 
 // typeOf returns a pointer to the Go type information.
 // The pointer is comparable and equal if and only if the types are identical.
-func typeOf(t any) unsafe.Pointer {
+func typeOf(t interface{}) unsafe.Pointer {
 	return (*ifaceHeader)(unsafe.Pointer(&t)).Type
 }
 
@@ -69,7 +70,7 @@ func valueOfString(v string) Value {
 func valueOfBytes(v []byte) Value {
 	return Value{typ: bytesType, ptr: unsafe.Pointer(unsafe.SliceData(v)), num: uint64(len(v))}
 }
-func valueOfIface(v any) Value {
+func valueOfIface(v interface{}) Value {
 	p := (*ifaceHeader)(unsafe.Pointer(&v))
 	return Value{typ: p.Type, ptr: p.Data}
 }
@@ -80,7 +81,7 @@ func (v Value) getString() string {
 func (v Value) getBytes() []byte {
 	return unsafe.Slice((*byte)(v.ptr), v.num)
 }
-func (v Value) getIface() (x any) {
+func (v Value) getIface() (x interface{}) {
 	*(*ifaceHeader)(unsafe.Pointer(&x)) = ifaceHeader{Type: v.typ, Data: v.ptr}
 	return x
 }
diff --git a/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go b/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go
index de1777339..6267dc52a 100644
--- a/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go
+++ b/vendor/google.golang.org/protobuf/reflect/protoregistry/registry.go
@@ -95,7 +95,7 @@ type Files struct {
 	// multiple files. Only top-level declarations are registered.
 	// Note that enum values are in the top-level since that are in the same
 	// scope as the parent enum.
-	descsByName map[protoreflect.FullName]any
+	descsByName map[protoreflect.FullName]interface{}
 	filesByPath map[string][]protoreflect.FileDescriptor
 	numFiles    int
 }
@@ -117,7 +117,7 @@ func (r *Files) RegisterFile(file protoreflect.FileDescriptor) error {
 		defer globalMutex.Unlock()
 	}
 	if r.descsByName == nil {
-		r.descsByName = map[protoreflect.FullName]any{
+		r.descsByName = map[protoreflect.FullName]interface{}{
 			"": &packageDescriptor{},
 		}
 		r.filesByPath = make(map[string][]protoreflect.FileDescriptor)
@@ -485,7 +485,7 @@ type Types struct {
 }
 
 type (
-	typesByName         map[protoreflect.FullName]any
+	typesByName         map[protoreflect.FullName]interface{}
 	extensionsByMessage map[protoreflect.FullName]extensionsByNumber
 	extensionsByNumber  map[protoreflect.FieldNumber]protoreflect.ExtensionType
 )
@@ -570,7 +570,7 @@ func (r *Types) RegisterExtension(xt protoreflect.ExtensionType) error {
 	return nil
 }
 
-func (r *Types) register(kind string, desc protoreflect.Descriptor, typ any) error {
+func (r *Types) register(kind string, desc protoreflect.Descriptor, typ interface{}) error {
 	name := desc.FullName()
 	prev := r.typesByName[name]
 	if prev != nil {
@@ -841,7 +841,7 @@ func (r *Types) RangeExtensionsByMessage(message protoreflect.FullName, f func(p
 	}
 }
 
-func typeName(t any) string {
+func typeName(t interface{}) string {
 	switch t.(type) {
 	case protoreflect.EnumType:
 		return "enum"
@@ -854,7 +854,7 @@ func typeName(t any) string {
 	}
 }
 
-func amendErrorWithCaller(err error, prev, curr any) error {
+func amendErrorWithCaller(err error, prev, curr interface{}) error {
 	prevPkg := goPackage(prev)
 	currPkg := goPackage(curr)
 	if prevPkg == "" || currPkg == "" || prevPkg == currPkg {
@@ -863,7 +863,7 @@ func amendErrorWithCaller(err error, prev, curr any) error {
 	return errors.New("%s\n\tpreviously from: %q\n\tcurrently from:  %q", err, prevPkg, currPkg)
 }
 
-func goPackage(v any) string {
+func goPackage(v interface{}) string {
 	switch d := v.(type) {
 	case protoreflect.EnumType:
 		v = d.Descriptor()
diff --git a/vendor/google.golang.org/protobuf/runtime/protoiface/methods.go b/vendor/google.golang.org/protobuf/runtime/protoiface/methods.go
index 28e9e9f03..44cf467d8 100644
--- a/vendor/google.golang.org/protobuf/runtime/protoiface/methods.go
+++ b/vendor/google.golang.org/protobuf/runtime/protoiface/methods.go
@@ -39,9 +39,6 @@ type Methods = struct {
 
 	// CheckInitialized returns an error if any required fields in the message are not set.
 	CheckInitialized func(CheckInitializedInput) (CheckInitializedOutput, error)
-
-	// Equal compares two messages and returns EqualOutput.Equal == true if they are equal.
-	Equal func(EqualInput) EqualOutput
 }
 
 // SupportFlags indicate support for optional features.
@@ -122,22 +119,6 @@ type UnmarshalInputFlags = uint8
 
 const (
 	UnmarshalDiscardUnknown UnmarshalInputFlags = 1 << iota
-
-	// UnmarshalAliasBuffer permits unmarshal operations to alias the input buffer.
-	// The unmarshaller must not modify the contents of the buffer.
-	UnmarshalAliasBuffer
-
-	// UnmarshalValidated indicates that validation has already been
-	// performed on the input buffer.
-	UnmarshalValidated
-
-	// UnmarshalCheckRequired is set if this unmarshal operation ultimately will care if required fields are
-	// initialized.
-	UnmarshalCheckRequired
-
-	// UnmarshalNoLazyDecoding is set if this unmarshal operation should not use
-	// lazy decoding, even when otherwise available.
-	UnmarshalNoLazyDecoding
 )
 
 // UnmarshalOutputFlags are output from the Unmarshal method.
@@ -185,18 +166,3 @@ type CheckInitializedInput = struct {
 type CheckInitializedOutput = struct {
 	pragma.NoUnkeyedLiterals
 }
-
-// EqualInput is input to the Equal method.
-type EqualInput = struct {
-	pragma.NoUnkeyedLiterals
-
-	MessageA protoreflect.Message
-	MessageB protoreflect.Message
-}
-
-// EqualOutput is output from the Equal method.
-type EqualOutput = struct {
-	pragma.NoUnkeyedLiterals
-
-	Equal bool
-}
diff --git a/vendor/google.golang.org/protobuf/runtime/protoimpl/impl.go b/vendor/google.golang.org/protobuf/runtime/protoimpl/impl.go
index 93df1b569..4a1ab7fb3 100644
--- a/vendor/google.golang.org/protobuf/runtime/protoimpl/impl.go
+++ b/vendor/google.golang.org/protobuf/runtime/protoimpl/impl.go
@@ -15,7 +15,6 @@ import (
 	"google.golang.org/protobuf/internal/filedesc"
 	"google.golang.org/protobuf/internal/filetype"
 	"google.golang.org/protobuf/internal/impl"
-	"google.golang.org/protobuf/internal/protolazy"
 )
 
 // UnsafeEnabled specifies whether package unsafe can be used.
@@ -40,9 +39,6 @@ type (
 	ExtensionFieldV1 = impl.ExtensionField
 
 	Pointer = impl.Pointer
-
-	LazyUnmarshalInfo  = *protolazy.XXX_lazyUnmarshalInfo
-	RaceDetectHookData = impl.RaceDetectHookData
 )
 
 var X impl.Export
diff --git a/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go b/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
index 9550109aa..81511a336 100644
--- a/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
+++ b/vendor/google.golang.org/protobuf/types/known/timestamppb/timestamp.pb.go
@@ -170,7 +170,10 @@ import (
 // http://joda-time.sourceforge.net/apidocs/org/joda/time/format/ISODateTimeFormat.html#dateTime()
 // ) to obtain a formatter capable of generating timestamps in this format.
 type Timestamp struct {
-	state protoimpl.MessageState `protogen:"open.v1"`
+	state         protoimpl.MessageState
+	sizeCache     protoimpl.SizeCache
+	unknownFields protoimpl.UnknownFields
+
 	// Represents seconds of UTC time since Unix epoch
 	// 1970-01-01T00:00:00Z. Must be from 0001-01-01T00:00:00Z to
 	// 9999-12-31T23:59:59Z inclusive.
@@ -179,9 +182,7 @@ type Timestamp struct {
 	// second values with fractions must still have non-negative nanos values
 	// that count forward in time. Must be from 0 to 999,999,999
 	// inclusive.
-	Nanos         int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"`
-	unknownFields protoimpl.UnknownFields
-	sizeCache     protoimpl.SizeCache
+	Nanos int32 `protobuf:"varint,2,opt,name=nanos,proto3" json:"nanos,omitempty"`
 }
 
 // Now constructs a new Timestamp from the current time.
@@ -253,9 +254,11 @@ func (x *Timestamp) check() uint {
 
 func (x *Timestamp) Reset() {
 	*x = Timestamp{}
-	mi := &file_google_protobuf_timestamp_proto_msgTypes[0]
-	ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
-	ms.StoreMessageInfo(mi)
+	if protoimpl.UnsafeEnabled {
+		mi := &file_google_protobuf_timestamp_proto_msgTypes[0]
+		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
+		ms.StoreMessageInfo(mi)
+	}
 }
 
 func (x *Timestamp) String() string {
@@ -266,7 +269,7 @@ func (*Timestamp) ProtoMessage() {}
 
 func (x *Timestamp) ProtoReflect() protoreflect.Message {
 	mi := &file_google_protobuf_timestamp_proto_msgTypes[0]
-	if x != nil {
+	if protoimpl.UnsafeEnabled && x != nil {
 		ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x))
 		if ms.LoadMessageInfo() == nil {
 			ms.StoreMessageInfo(mi)
@@ -329,7 +332,7 @@ func file_google_protobuf_timestamp_proto_rawDescGZIP() []byte {
 }
 
 var file_google_protobuf_timestamp_proto_msgTypes = make([]protoimpl.MessageInfo, 1)
-var file_google_protobuf_timestamp_proto_goTypes = []any{
+var file_google_protobuf_timestamp_proto_goTypes = []interface{}{
 	(*Timestamp)(nil), // 0: google.protobuf.Timestamp
 }
 var file_google_protobuf_timestamp_proto_depIdxs = []int32{
@@ -345,6 +348,20 @@ func file_google_protobuf_timestamp_proto_init() {
 	if File_google_protobuf_timestamp_proto != nil {
 		return
 	}
+	if !protoimpl.UnsafeEnabled {
+		file_google_protobuf_timestamp_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} {
+			switch v := v.(*Timestamp); i {
+			case 0:
+				return &v.state
+			case 1:
+				return &v.sizeCache
+			case 2:
+				return &v.unknownFields
+			default:
+				return nil
+			}
+		}
+	}
 	type x struct{}
 	out := protoimpl.TypeBuilder{
 		File: protoimpl.DescBuilder{
diff --git a/vendor/k8s.io/klog/v2/klog.go b/vendor/k8s.io/klog/v2/klog.go
index 47ec9466a..026be9e3b 100644
--- a/vendor/k8s.io/klog/v2/klog.go
+++ b/vendor/k8s.io/klog/v2/klog.go
@@ -404,6 +404,13 @@ func (t *traceLocation) Set(value string) error {
 	return nil
 }
 
+// flushSyncWriter is the interface satisfied by logging destinations.
+type flushSyncWriter interface {
+	Flush() error
+	Sync() error
+	io.Writer
+}
+
 var logging loggingT
 var commandLine flag.FlagSet
 
@@ -479,7 +486,7 @@ type settings struct {
 	// Access to all of the following fields must be protected via a mutex.
 
 	// file holds writer for each of the log types.
-	file [severity.NumSeverity]io.Writer
+	file [severity.NumSeverity]flushSyncWriter
 	// flushInterval is the interval for periodic flushing. If zero,
 	// the global default will be used.
 	flushInterval time.Duration
@@ -824,12 +831,32 @@ func (l *loggingT) printS(err error, s severity.Severity, depth int, msg string,
 	buffer.PutBuffer(b)
 }
 
+// redirectBuffer is used to set an alternate destination for the logs
+type redirectBuffer struct {
+	w io.Writer
+}
+
+func (rb *redirectBuffer) Sync() error {
+	return nil
+}
+
+func (rb *redirectBuffer) Flush() error {
+	return nil
+}
+
+func (rb *redirectBuffer) Write(bytes []byte) (n int, err error) {
+	return rb.w.Write(bytes)
+}
+
 // SetOutput sets the output destination for all severities
 func SetOutput(w io.Writer) {
 	logging.mu.Lock()
 	defer logging.mu.Unlock()
 	for s := severity.FatalLog; s >= severity.InfoLog; s-- {
-		logging.file[s] = w
+		rb := &redirectBuffer{
+			w: w,
+		}
+		logging.file[s] = rb
 	}
 }
 
@@ -841,7 +868,10 @@ func SetOutputBySeverity(name string, w io.Writer) {
 	if !ok {
 		panic(fmt.Sprintf("SetOutputBySeverity(%q): unrecognized severity name", name))
 	}
-	logging.file[sev] = w
+	rb := &redirectBuffer{
+		w: w,
+	}
+	logging.file[sev] = rb
 }
 
 // LogToStderr sets whether to log exclusively to stderr, bypassing outputs
@@ -981,8 +1011,7 @@ func (l *loggingT) exit(err error) {
 		logExitFunc(err)
 		return
 	}
-	needToSync := l.flushAll()
-	l.syncAll(needToSync)
+	l.flushAll()
 	OsExit(2)
 }
 
@@ -999,6 +1028,10 @@ type syncBuffer struct {
 	maxbytes uint64 // The max number of bytes this syncBuffer.file can hold before cleaning up.
 }
 
+func (sb *syncBuffer) Sync() error {
+	return sb.file.Sync()
+}
+
 // CalculateMaxSize returns the real max size in bytes after considering the default max size and the flag options.
 func CalculateMaxSize() uint64 {
 	if logging.logFile != "" {
@@ -1190,45 +1223,24 @@ func StartFlushDaemon(interval time.Duration) {
 // lockAndFlushAll is like flushAll but locks l.mu first.
 func (l *loggingT) lockAndFlushAll() {
 	l.mu.Lock()
-	needToSync := l.flushAll()
+	l.flushAll()
 	l.mu.Unlock()
-	// Some environments are slow when syncing and holding the lock might cause contention.
-	l.syncAll(needToSync)
 }
 
-// flushAll flushes all the logs
+// flushAll flushes all the logs and attempts to "sync" their data to disk.
 // l.mu is held.
-//
-// The result is the number of files which need to be synced and the pointers to them.
-func (l *loggingT) flushAll() fileArray {
-	var needToSync fileArray
-
+func (l *loggingT) flushAll() {
 	// Flush from fatal down, in case there's trouble flushing.
 	for s := severity.FatalLog; s >= severity.InfoLog; s-- {
 		file := l.file[s]
-		if sb, ok := file.(*syncBuffer); ok && sb.file != nil {
-			_ = sb.Flush() // ignore error
-			needToSync.files[needToSync.num] = sb.file
-			needToSync.num++
+		if file != nil {
+			_ = file.Flush() // ignore error
+			_ = file.Sync()  // ignore error
 		}
 	}
 	if logging.loggerOptions.flush != nil {
 		logging.loggerOptions.flush()
 	}
-	return needToSync
-}
-
-type fileArray struct {
-	num   int
-	files [severity.NumSeverity]*os.File
-}
-
-// syncAll attempts to "sync" their data to disk.
-func (l *loggingT) syncAll(needToSync fileArray) {
-	// Flush from fatal down, in case there's trouble flushing.
-	for i := 0; i < needToSync.num; i++ {
-		_ = needToSync.files[i].Sync() // ignore error
-	}
 }
 
 // CopyStandardLogTo arranges for messages written to the Go "log" package's
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 48db5268c..cb8033fad 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -9,7 +9,7 @@ filippo.io/edwards25519/field
 # github.com/beorn7/perks v1.0.1
 ## explicit; go 1.11
 github.com/beorn7/perks/quantile
-# github.com/cespare/xxhash/v2 v2.3.0
+# github.com/cespare/xxhash/v2 v2.2.0
 ## explicit; go 1.11
 github.com/cespare/xxhash/v2
 # github.com/cloudflare/backoff v0.0.0-20161212185259-647f3cdfc87a
@@ -37,14 +37,14 @@ github.com/getsentry/sentry-go
 github.com/getsentry/sentry-go/internal/crypto/randutil
 github.com/getsentry/sentry-go/internal/debug
 github.com/getsentry/sentry-go/internal/ratelimit
-# github.com/go-logr/logr v1.4.2
+# github.com/go-logr/logr v1.4.1
 ## explicit; go 1.18
 github.com/go-logr/logr
-# github.com/go-sql-driver/mysql v1.8.1
+# github.com/go-sql-driver/mysql v1.8.0
 ## explicit; go 1.18
 github.com/go-sql-driver/mysql
-# github.com/google/certificate-transparency-go v1.3.1
-## explicit; go 1.22.0
+# github.com/google/certificate-transparency-go v1.1.8
+## explicit; go 1.21
 github.com/google/certificate-transparency-go
 github.com/google/certificate-transparency-go/asn1
 github.com/google/certificate-transparency-go/client
@@ -64,15 +64,6 @@ github.com/jmoiron/sqlx/types
 # github.com/kisielk/sqlstruct v0.0.0-20201105191214-5f3e10d3ab46
 ## explicit
 github.com/kisielk/sqlstruct
-# github.com/klauspost/compress v1.17.11
-## explicit; go 1.21
-github.com/klauspost/compress
-github.com/klauspost/compress/fse
-github.com/klauspost/compress/huff0
-github.com/klauspost/compress/internal/cpuinfo
-github.com/klauspost/compress/internal/snapref
-github.com/klauspost/compress/zstd
-github.com/klauspost/compress/zstd/internal/xxhash
 # github.com/kylelemons/go-gypsy v1.0.0
 ## explicit; go 1.5
 github.com/kylelemons/go-gypsy/yaml
@@ -81,35 +72,33 @@ github.com/kylelemons/go-gypsy/yaml
 github.com/lib/pq
 github.com/lib/pq/oid
 github.com/lib/pq/scram
-# github.com/mattn/go-sqlite3 v1.14.24
+# github.com/mattn/go-sqlite3 v1.14.22
 ## explicit; go 1.19
 github.com/mattn/go-sqlite3
-# github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
-## explicit
-github.com/munnerz/goautoneg
 # github.com/pelletier/go-toml v1.9.3
 ## explicit; go 1.12
 github.com/pelletier/go-toml
-# github.com/prometheus/client_golang v1.20.5
+# github.com/prometheus/client_golang v1.19.0
 ## explicit; go 1.20
-github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil
-github.com/prometheus/client_golang/internal/github.com/golang/gddo/httputil/header
 github.com/prometheus/client_golang/prometheus
 github.com/prometheus/client_golang/prometheus/internal
 github.com/prometheus/client_golang/prometheus/promauto
 github.com/prometheus/client_golang/prometheus/promhttp
-# github.com/prometheus/client_model v0.6.1
+# github.com/prometheus/client_model v0.5.0
 ## explicit; go 1.19
 github.com/prometheus/client_model/go
-# github.com/prometheus/common v0.55.0
+# github.com/prometheus/common v0.48.0
 ## explicit; go 1.20
 github.com/prometheus/common/expfmt
+github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg
 github.com/prometheus/common/model
-# github.com/prometheus/procfs v0.15.1
-## explicit; go 1.20
+# github.com/prometheus/procfs v0.12.0
+## explicit; go 1.19
 github.com/prometheus/procfs
 github.com/prometheus/procfs/internal/fs
 github.com/prometheus/procfs/internal/util
+# github.com/stretchr/testify v1.8.4
+## explicit; go 1.20
 # github.com/weppos/publicsuffix-go v0.30.0
 ## explicit; go 1.16
 github.com/weppos/publicsuffix-go/publicsuffix
@@ -142,13 +131,14 @@ github.com/zmap/zlint/v3/lints/etsi
 github.com/zmap/zlint/v3/lints/mozilla
 github.com/zmap/zlint/v3/lints/rfc
 github.com/zmap/zlint/v3/util
-# golang.org/x/crypto v0.32.0
-## explicit; go 1.20
+# golang.org/x/crypto v0.21.0
+## explicit; go 1.18
 golang.org/x/crypto/blowfish
 golang.org/x/crypto/chacha20
 golang.org/x/crypto/cryptobyte
 golang.org/x/crypto/cryptobyte/asn1
 golang.org/x/crypto/curve25519
+golang.org/x/crypto/curve25519/internal/field
 golang.org/x/crypto/ed25519
 golang.org/x/crypto/internal/alias
 golang.org/x/crypto/internal/poly1305
@@ -159,23 +149,23 @@ golang.org/x/crypto/pkcs12/internal/rc2
 golang.org/x/crypto/scrypt
 golang.org/x/crypto/ssh
 golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
-# golang.org/x/net v0.34.0
+# golang.org/x/net v0.22.0
 ## explicit; go 1.18
 golang.org/x/net/context/ctxhttp
 golang.org/x/net/idna
-# golang.org/x/sys v0.29.0
+# golang.org/x/sys v0.18.0
 ## explicit; go 1.18
 golang.org/x/sys/cpu
 golang.org/x/sys/unix
 golang.org/x/sys/windows
-# golang.org/x/text v0.21.0
+# golang.org/x/text v0.14.0
 ## explicit; go 1.18
 golang.org/x/text/secure/bidirule
 golang.org/x/text/transform
 golang.org/x/text/unicode/bidi
 golang.org/x/text/unicode/norm
-# google.golang.org/protobuf v1.36.2
-## explicit; go 1.21
+# google.golang.org/protobuf v1.33.0
+## explicit; go 1.17
 google.golang.org/protobuf/encoding/protodelim
 google.golang.org/protobuf/encoding/prototext
 google.golang.org/protobuf/encoding/protowire
@@ -195,7 +185,6 @@ google.golang.org/protobuf/internal/genid
 google.golang.org/protobuf/internal/impl
 google.golang.org/protobuf/internal/order
 google.golang.org/protobuf/internal/pragma
-google.golang.org/protobuf/internal/protolazy
 google.golang.org/protobuf/internal/set
 google.golang.org/protobuf/internal/strs
 google.golang.org/protobuf/internal/version
@@ -205,7 +194,7 @@ google.golang.org/protobuf/reflect/protoregistry
 google.golang.org/protobuf/runtime/protoiface
 google.golang.org/protobuf/runtime/protoimpl
 google.golang.org/protobuf/types/known/timestamppb
-# k8s.io/klog/v2 v2.130.1
+# k8s.io/klog/v2 v2.120.1
 ## explicit; go 1.18
 k8s.io/klog/v2
 k8s.io/klog/v2/internal/buffer

From faaff55b279b375f62632875b2da82754e313c10 Mon Sep 17 00:00:00 2001
From: Andrew Mitchell 
Date: Sat, 8 Feb 2025 16:50:29 -0500
Subject: [PATCH 70/73] Fixes #1237 partially by updating test data
 certificates to be valid

---
 .github/workflows/go.yml                     |     5 +-
 .golangci.yaml                               |     2 -
 Makefile                                     |    11 +-
 api/bundle/bundle_test.go                    |     1 -
 api/testdata/ca-bundle.pem                   |    31 +-
 bundler/bundle_from_remote_test.go           |     2 -
 bundler/bundler_test.go                      |     1 -
 bundler/testdata/ca-bundle.pem               |  5153 +-
 bundler/testdata/ca.pem                      |    31 +-
 bundler/testdata/client-auth/int.pem         |    18 +-
 bundler/testdata/client-auth/leaf-client.pem |    15 +-
 bundler/testdata/client-auth/leaf-server.pem |    15 +-
 bundler/testdata/client-auth/root.pem        |    17 +-
 bundler/testdata/int-bundle.pem              | 44534 +++++++++++++++--
 signer/remote/remote_test.go                 |     2 -
 signer/remote/testdata/ca.pem                |    45 +-
 signer/remote/testdata/client-key.pem        |    50 +-
 signer/remote/testdata/client.pem            |    45 +-
 signer/remote/testdata/server-key.pem        |    50 +-
 signer/remote/testdata/server.pem            |    47 +-
 ubiquity/testdata/godzilla.pem               |    31 +-
 ubiquity/testdata/macrosoft.pem              |    31 +-
 ubiquity/testdata/pineapple.pem              |    31 +-
 ubiquity/ubiquity_crypto.go                  |     7 +-
 ubiquity/ubiquity_test.go                    |    12 +-
 25 files changed, 44991 insertions(+), 5196 deletions(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index a296f5123..61734bcec 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -70,9 +70,10 @@ jobs:
     name: lint
     runs-on: ubuntu-latest
     steps:
+      - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
         with:
           go-version: 1.18
-      - uses: actions/checkout@v4
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v4
+        uses: golangci/golangci-lint-action@v6
+
diff --git a/.golangci.yaml b/.golangci.yaml
index 6b26bed0c..15aa43248 100644
--- a/.golangci.yaml
+++ b/.golangci.yaml
@@ -5,6 +5,4 @@ linters:
     - gosimple
     - ineffassign
     - unused
-    - deadcode
     - errcheck
-    - varcheck
diff --git a/Makefile b/Makefile
index ca617b1a1..d23cbea64 100644
--- a/Makefile
+++ b/Makefile
@@ -60,7 +60,7 @@ snapshot:
 	--rm \
     -v $(PWD):/cross \
     -w /cross \
-    ghcr.io/goreleaser/goreleaser-cross:latest --clean --snapshot --skip-publish
+    ghcr.io/goreleaser/goreleaser-cross:latest --clean --snapshot --skip=publish
 
 .PHONY: github-release
 github-release:
@@ -73,15 +73,8 @@ github-release:
     -w /cross \
     ghcr.io/goreleaser/goreleaser-cross:latest --clean
 
-.PHONY: docker-build
-docker-build:
-	docker build -f Dockerfile -t cfssl/cfssl:$(VERSION) .
-.PHONY: docker-push
-docker-push:
-	docker push cfssl/cfssl:$(VERSION)
-
 .PHONY: release
-release: github-release docker-build docker-push
+release: github-release
 
 BUILD_PATH   := $(CURDIR)/build
 INSTALL_PATH := $(BUILD_PATH)/usr/local/bin
diff --git a/api/bundle/bundle_test.go b/api/bundle/bundle_test.go
index 1adc2789f..0ab411191 100644
--- a/api/bundle/bundle_test.go
+++ b/api/bundle/bundle_test.go
@@ -184,7 +184,6 @@ var bundleTests = []bundleTest{
 }
 
 func TestBundle(t *testing.T) {
-	t.Skip("expired cert https://github.com/cloudflare/cfssl/issues/1237")
 	for i, test := range bundleTests {
 		resp, body := testBundleFile(t, test.Domain, test.IP, test.CertFile, test.KeyFile, test.Flavor)
 		if resp.StatusCode != test.ExpectedHTTPStatus {
diff --git a/api/testdata/ca-bundle.pem b/api/testdata/ca-bundle.pem
index b03e14bd6..ffe3b4556 100644
--- a/api/testdata/ca-bundle.pem
+++ b/api/testdata/ca-bundle.pem
@@ -1,17 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIICyDCCAjGgAwIBAgIJAPCgd7rafQZGMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp
-c2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQLDAtERVZfVEVTVElORzEW
-MBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTAeFw0xNDA0MTExNjQyMjBaFw0yNDA0MDgx
-NjQyMjBaMH0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYD
-VQQHDA1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQL
-DAtERVZfVEVTVElORzEWMBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTCBnzANBgkqhkiG
-9w0BAQEFAAOBjQAwgYkCgYEAm6f+jkP2t5q/vM0YAUZZkhq/EAYD+L1CMS59jJOL
-omfDnKUWOGKi/k7URBg1HNL3vm7/ESDazZWFy9l/nibWxNkSUPkQIrvrGsNivkRU
-zXkwgNX8IN8LOYAQ3BWxAqitXTpLjf4FeCTB6G59v9eYlAX3kicXRdY+cqhEvLFb
-u3MCAwEAAaNQME4wHQYDVR0OBBYEFLhe765nULfW8wflar5Vs2c6DZI+MB8GA1Ud
-IwQYMBaAFLhe765nULfW8wflar5Vs2c6DZI+MAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADgYEABYqqOUq3ZrtMYaTAoeA7Cr/OBMjBV+/TiOe8fRNoPZ7+aKSg
-E1baohCGqougm+/XOtBXeLv5tVQihz/2iKdwHmX4HjkxzevAXyazjxeW4IDA21Jl
-fKd7xUJHM0Du/opoDkXWr/vRVztOB33ndlAK7ruSLfTR3E9HoUe3aRH7ceQ=
+MIIC1jCCAj+gAwIBAgIUJhxh1ENJRZoFuCN+XB0xlP1zgeYwDQYJKoZIhvcNAQEL
+BQAwfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxhcmUxFDASBgNVBAsMC0RF
+Vl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NBMB4XDTI1MDIwODIwMTYy
+N1oXDTM1MDIwNjIwMTYyN1owfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlm
+b3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxh
+cmUxFDASBgNVBAsMC0RFVl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NB
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbp/6OQ/a3mr+8zRgBRlmSGr8Q
+BgP4vUIxLn2Mk4uiZ8OcpRY4YqL+TtREGDUc0ve+bv8RINrNlYXL2X+eJtbE2RJQ
++RAiu+saw2K+RFTNeTCA1fwg3ws5gBDcFbECqK1dOkuN/gV4JMHobn2/15iUBfeS
+JxdF1j5yqES8sVu7cwIDAQABo1MwUTAdBgNVHQ4EFgQUuF7vrmdQt9bzB+VqvlWz
+ZzoNkj4wHwYDVR0jBBgwFoAUuF7vrmdQt9bzB+VqvlWzZzoNkj4wDwYDVR0TAQH/
+BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQALmrNPUPlCyhabvgC8RsMZPhJjtxr9
+TotLuoa49zsHH18djRZLrm8mNzBwUVVNJ1hgwSpRnyrc7T4HQTTvjpCnyXEVRil/
+9HQbpVPBSw5W6oK3koLG0rFnZXHocqK+Qri4FkbwsTK5qlea35OJWkODiUY/ykVM
+E4sm6QDE79e0Iw==
 -----END CERTIFICATE-----
diff --git a/bundler/bundle_from_remote_test.go b/bundler/bundle_from_remote_test.go
index 68231f2c6..ac33bec36 100644
--- a/bundler/bundle_from_remote_test.go
+++ b/bundler/bundle_from_remote_test.go
@@ -103,7 +103,6 @@ var remoteTests = []remoteTest{
 
 // TestBundleFromRemote goes through the test cases defined in remoteTests and run them through. See above for test case definitions.
 func TestBundleFromRemote(t *testing.T) {
-	t.Skip("expired cert https://github.com/cloudflare/cfssl/issues/1237")
 	for _, bf := range []BundleFlavor{Ubiquitous, Optimal} {
 		for _, test := range remoteTests {
 			b := test.bundlerConstructor(t)
@@ -164,7 +163,6 @@ var remoteSNITests = []remoteTest{
 
 // TestBundleFromRemoteSNI goes through the test cases defined in remoteSNITests and run them through. See above for test case definitions.
 func TestBundleFromRemoteSNI(t *testing.T) {
-	t.Skip("expired cert https://github.com/cloudflare/cfssl/issues/1237")
 	for _, bf := range []BundleFlavor{Ubiquitous, Optimal} {
 		for _, test := range remoteSNITests {
 			b := test.bundlerConstructor(t)
diff --git a/bundler/bundler_test.go b/bundler/bundler_test.go
index c82e9c313..317cb30ba 100644
--- a/bundler/bundler_test.go
+++ b/bundler/bundler_test.go
@@ -916,7 +916,6 @@ func TestBundlerWithEmptyRootInfo(t *testing.T) {
 }
 
 func TestBundlerClientAuth(t *testing.T) {
-	t.Skip("expired cert https://github.com/cloudflare/cfssl/issues/1237")
 	b, err := NewBundler("testdata/client-auth/root.pem", "testdata/client-auth/int.pem")
 	if err != nil {
 		t.Fatal(err)
diff --git a/bundler/testdata/ca-bundle.pem b/bundler/testdata/ca-bundle.pem
index 8f77c53f1..0dff1c430 100644
--- a/bundler/testdata/ca-bundle.pem
+++ b/bundler/testdata/ca-bundle.pem
@@ -1,122 +1,4 @@
 -----BEGIN CERTIFICATE-----
-MIIDMDCCApmgAwIBAgIQDY4VEuGsu3eNOOMk34ww8jANBgkqhkiG9w0BAQUFADCB
-yzELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
-Q2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3Rl
-IFBlcnNvbmFsIEJhc2ljIENBMSgwJgYJKoZIhvcNAQkBFhlwZXJzb25hbC1iYXNp
-Y0B0aGF3dGUuY29tMB4XDTk2MDEwMTAwMDAwMFoXDTIxMDEwMTIzNTk1OVowgcsx
-CzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNh
-cGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0Nl
-cnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQ
-ZXJzb25hbCBCYXNpYyBDQTEoMCYGCSqGSIb3DQEJARYZcGVyc29uYWwtYmFzaWNA
-dGhhd3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvLyTU23AUE+C
-FeZIlDWmWr5vQvoPR+53dXLdjUmbllegeNTKP1GzaQuRdhciB5dqxFGTS+CN7zeV
-oQxN2jSQHReJl+A1OFdKwPQIcOk8RHtQfmGakOMj04gRRif1CwcOu93RfyAKiLlW
-Cy4cgNrx454p7xS9CkT7G1sY0b8jkyECAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB
-/zANBgkqhkiG9w0BAQUFAAOBgQCIO/64+XpCRhGgpKJkhc1IHJzVilHNL8F9sQfP
-1wHeMj+W5IT+0V6tDH4OY0lqDhDkl9A/xacp2aZTHkseP1T6wIQ1c+qRqdxdk1cF
-BgwHua8LRDmIIaDugnOpRi9pbCV0qc3fp9f9hTAElDVKpxszJCxEFu0KxN+AqmUa
-v3Em8A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDITCCAoqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCByzELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
-VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
-ZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFBlcnNvbmFsIEJhc2lj
-IENBMSgwJgYJKoZIhvcNAQkBFhlwZXJzb25hbC1iYXNpY0B0aGF3dGUuY29tMB4X
-DTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgcsxCzAJBgNVBAYTAlpBMRUw
-EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UE
-ChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
-dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQZXJzb25hbCBCYXNpYyBD
-QTEoMCYGCSqGSIb3DQEJARYZcGVyc29uYWwtYmFzaWNAdGhhd3RlLmNvbTCBnzAN
-BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvLyTU23AUE+CFeZIlDWmWr5vQvoPR+53
-dXLdjUmbllegeNTKP1GzaQuRdhciB5dqxFGTS+CN7zeVoQxN2jSQHReJl+A1OFdK
-wPQIcOk8RHtQfmGakOMj04gRRif1CwcOu93RfyAKiLlWCy4cgNrx454p7xS9CkT7
-G1sY0b8jkyECAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQF
-AAOBgQAt4plrsD16iddZopQBHyvdEktTwq1/qqcAXJFAVyVKOKqEcLnZgA+le1z7
-c8a914phXAPjLSeoF+CEhULcXpvGt7Jtu3Sv5D/Lp7ew4F2+eIMllNLbgQ95B21P
-9DkVWlIBe94y1k049hJcBlDfBVu9FEuh3ym6O0GN92NWod8isQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDPDCCAqWgAwIBAgIQEj3w59oqIkekOIngiu7JZzANBgkqhkiG9w0BAQUFADCB
-0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
-Q2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3Rl
-IFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1m
-cmVlbWFpbEB0aGF3dGUuY29tMB4XDTk2MDEwMTAwMDAwMFoXDTIxMDEwMTIzNTk1
-OVowgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNV
-BAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNV
-BAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1Ro
-YXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29u
-YWwtZnJlZW1haWxAdGhhd3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
-gYEA1GnX1LCUZFtx6UfYDFG26nKRsIRefS0Nj3sS34UldSh0OkIsYyeflXtL734Z
-hx2G6qPduc6WZBrCFG5ErHzmj+hND3EfQDimAKOHePb5lIZererAXnbr2RSjXW56
-fAylS1V/Bhkpf56aJtVquzgkCGqYx7Hao5iR/Xnb5VrEHLkCAwEAAaMTMBEwDwYD
-VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQAemGDU5fJUYLA9GoFkR/db
-o9lvwykLp9KpgUn2w22FFChFRAH0cVyVLhQPGivRqWvBX2c9FvFyIK++FsoOMF/J
-y6WTLMNnVB5yIoojdmyUHVFSbJ3E4EcC18y/8IB7GG4l3GJh1qb+wR1/2bP9jVxF
-EFrGZWSa6yz1A0/WSGL7Lg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDLTCCApagAwIBAgIBADANBgkqhkiG9w0BAQQFADCB0TELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
-VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
-ZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVt
-YWlsIENBMSswKQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUu
-Y29tMB4XDTk2MDEwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgdExCzAJBgNVBAYT
-AlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEa
-MBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRp
-b24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBG
-cmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhh
-d3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1GnX1LCUZFtx6UfY
-DFG26nKRsIRefS0Nj3sS34UldSh0OkIsYyeflXtL734Zhx2G6qPduc6WZBrCFG5E
-rHzmj+hND3EfQDimAKOHePb5lIZererAXnbr2RSjXW56fAylS1V/Bhkpf56aJtVq
-uzgkCGqYx7Hao5iR/Xnb5VrEHLkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zAN
-BgkqhkiG9w0BAQQFAAOBgQDH7JJ+Tvj1lqVnYiqk8E0RYNBvjWBYYawmu1I1XAjP
-MPuoSpaKH2JCI4wXD/S6ZJwXrEcp352YXtJsYHFcoqzceePnbgBHH7UNKOgCneSa
-/RP0ptl8sfjcXyMmCZGAc9AUG95DqYMl8uacLxXK/qarigd1iwzdUYRr5PjRznei
-gQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDODCCAqGgAwIBAgIQQAWyU6AaRkNQCYGPEhB27DANBgkqhkiG9w0BAQUFADCB
-zzELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
-Q2FwZSBUb3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEjMCEGA1UEAxMaVGhhd3Rl
-IFBlcnNvbmFsIFByZW1pdW0gQ0ExKjAoBgkqhkiG9w0BCQEWG3BlcnNvbmFsLXBy
-ZW1pdW1AdGhhd3RlLmNvbTAeFw05NjAxMDEwMDAwMDBaFw0yMTAxMDEyMzU5NTla
-MIHPMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQH
-EwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQL
-Ex9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSMwIQYDVQQDExpUaGF3
-dGUgUGVyc29uYWwgUHJlbWl1bSBDQTEqMCgGCSqGSIb3DQEJARYbcGVyc29uYWwt
-cHJlbWl1bUB0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJ
-Ztn4B0TPuYwu8KHvE0VsBd/eJxZRNkERbGw77f4QfRKe5ZtCmv5gMcNmt3M6SK5O
-0DI3lIi1DbbZ8/JE2dWIEt12TfIa/G8jHnrx2JhFTgcQ7xZC0EN1bUre4qrJMf8f
-AHB8Zs8QJQi6+u4A6UYDZicRFTuqW/KY3TZCstqIdQIDAQABoxMwETAPBgNVHRMB
-Af8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBALpkCujztDHJJ2+idqAtNnHHhsAI
-wk7t2pokGYf8WiOcck0I361cwzskgR1Xj7YSpSID7xK90S1elo8mJk9LG3w7oFIa
-pag3hsRHKsrdQfho9cITQSma8AyozaH8FSMC23or1GJRQkfEox/00sVNVBDr2vDM
-p083DL08yxDjGugV
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDKTCCApKgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBzzELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMRowGAYD
-VQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT
-ZXJ2aWNlcyBEaXZpc2lvbjEjMCEGA1UEAxMaVGhhd3RlIFBlcnNvbmFsIFByZW1p
-dW0gQ0ExKjAoBgkqhkiG9w0BCQEWG3BlcnNvbmFsLXByZW1pdW1AdGhhd3RlLmNv
-bTAeFw05NjAxMDEwMDAwMDBaFw0yMDEyMzEyMzU5NTlaMIHPMQswCQYDVQQGEwJa
-QTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAY
-BgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9u
-IFNlcnZpY2VzIERpdmlzaW9uMSMwIQYDVQQDExpUaGF3dGUgUGVyc29uYWwgUHJl
-bWl1bSBDQTEqMCgGCSqGSIb3DQEJARYbcGVyc29uYWwtcHJlbWl1bUB0aGF3dGUu
-Y29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJZtn4B0TPuYwu8KHvE0Vs
-Bd/eJxZRNkERbGw77f4QfRKe5ZtCmv5gMcNmt3M6SK5O0DI3lIi1DbbZ8/JE2dWI
-Et12TfIa/G8jHnrx2JhFTgcQ7xZC0EN1bUre4qrJMf8fAHB8Zs8QJQi6+u4A6UYD
-ZicRFTuqW/KY3TZCstqIdQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqG
-SIb3DQEBBAUAA4GBAGk2ifc0KjNyL2071CKyuG+axTZmDhs8obF1Wub9NdP4qPIH
-b4Vnjt4rueIXsDqg8A6iAJrf8xQVbrvIhVqYgPn/vnQdPfP+MCXRNzRn+qVxeTBh
-KXLA4CxM+1bkOqhv5TJZUtt1KFBZDPgLGeSs2a+WjS9Q2wfD6h+rM+D1KzGJ
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
 A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
 cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
@@ -202,141 +84,6 @@ CSqGSIb3DQEBBQUAA4GBABByUqkFFBkyCEHwxWsKzH4PIRnN5GfcX6kb5sroc50i
 2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/D/xwzoiQ
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
-VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
-biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
-MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
-MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
-DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
-dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
-cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
-DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
-gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
-yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
-L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
-EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
-7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
-QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
-qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
-VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
-biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
-dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
-MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
-MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
-A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
-b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
-cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
-bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
-VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
-ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
-uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
-9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
-hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
-pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDNjCCAp+gAwIBAgIQNhIilsXjOKUgodJfTNcJVDANBgkqhkiG9w0BAQUFADCB
-zjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
-Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE
-CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhh
-d3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNl
-cnZlckB0aGF3dGUuY29tMB4XDTk2MDgwMTAwMDAwMFoXDTIxMDEwMTIzNTk1OVow
-gc4xCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcT
-CUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNV
-BAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRo
-YXd0ZSBQcmVtaXVtIFNlcnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1z
-ZXJ2ZXJAdGhhd3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2
-aovXwlue2oFBYo847kkEVdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560
-ZXUCTe/LCaIhUdib0GfQug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j
-+ao6hnO2RlNYyIkFvYMRuHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/
-BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQBlkKyID1bZ5jA01CbH0FDxkt5r1DmI
-CSLGpmODA/eZd9iy5Ri4XWPz1HP7bJyZePFLeH0ZJMMrAoT4vCLZiiLXoPxx7JGH
-IPG47LHlVYCsPVLIOQ7C8MAFT9aCdYy9X9LcdpoFEsmvcsPcJX6kTY4XpeCHf+Ga
-WuFg3GQjPEIuTQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDIjCCAougAwIBAgIQNKT/9jCvTKU8MxdCoZRmdTANBgkqhkiG9w0BAQUFADCB
-xDELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
-Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE
-CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhh
-d3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0
-ZS5jb20wHhcNOTYwODAxMDAwMDAwWhcNMjEwMTAxMjM1OTU5WjCBxDELMAkGA1UE
-BhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du
-MR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlm
-aWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZl
-ciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8w
-DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl
-/Kj0R1HahbUgdJSGHg91yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF
-/rFrKbYvScg71CcEJRCXL+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982
-OsK1ZiIS1ocNAgMBAAGjEzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEF
-BQADgYEAvkBpQW/G28GnvwfAReTQtUMeTJUzNelewj4o9qgNUNX/4gwP/FACjq6R
-ua00io2fJ3GqGcxL6ATK1BdrEhrWxl/WzV7/iXa/2EjYWb0IiokdV81FHlK6EpqE
-+hiJX+j5MDVqAWC5mYCDhQpu2vTJj15zLTFKY6B08h+LItIpPus=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICsDCCAhmgAwIBAgIQZ8jh6OO+HL38kTuOpiOHSTANBgkqhkiG9w0BAQUFADCB
-izELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTEUMBIGA1UEBxML
-RHVyYmFudmlsbGUxDzANBgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUVGhhd3RlIENl
-cnRpZmljYXRpb24xHzAdBgNVBAMTFlRoYXd0ZSBUaW1lc3RhbXBpbmcgQ0EwHhcN
-OTcwMTAxMDAwMDAwWhcNMjEwMTAxMjM1OTU5WjCBizELMAkGA1UEBhMCWkExFTAT
-BgNVBAgTDFdlc3Rlcm4gQ2FwZTEUMBIGA1UEBxMLRHVyYmFudmlsbGUxDzANBgNV
-BAoTBlRoYXd0ZTEdMBsGA1UECxMUVGhhd3RlIENlcnRpZmljYXRpb24xHzAdBgNV
-BAMTFlRoYXd0ZSBUaW1lc3RhbXBpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0A
-MIGJAoGBANYrWHhhRYZT6jR7UZztsOYuGA7+4F+oJ9O0yeB8WU4WDnNUYMF/9p8u
-6TqFJBU820cEY8OexJQaWt9MevPZQx08EHp5JduQ/vBR5zDWQQD9nyjfeb6Uu522
-FOMjhdepQeBMpHmwKxqL8vg7ij5FrHGSALSQQZj7X+36ty6K+Ig3AgMBAAGjEzAR
-MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAS+mqF4EF+3kKMZ/F
-QfRWVKvpwuWXjhj+kckMPiZkyaFMJ2SnvQGTVXFuF0853BvcSTUQOSP/ypvIz2Y/
-3Ewa1IEGQlIf4SaxFhe65nByMUToTo1b5NP50OOPJWQx5yr4GIg2GlLFDUE1G2m3
-JvUXzMEZXkt8XOKDgJH6L/uatxY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIICoTCCAgqgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBizELMAkGA1UEBhMCWkEx
-FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTEUMBIGA1UEBxMLRHVyYmFudmlsbGUxDzAN
-BgNVBAoTBlRoYXd0ZTEdMBsGA1UECxMUVGhhd3RlIENlcnRpZmljYXRpb24xHzAd
-BgNVBAMTFlRoYXd0ZSBUaW1lc3RhbXBpbmcgQ0EwHhcNOTcwMTAxMDAwMDAwWhcN
-MjAxMjMxMjM1OTU5WjCBizELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4g
-Q2FwZTEUMBIGA1UEBxMLRHVyYmFudmlsbGUxDzANBgNVBAoTBlRoYXd0ZTEdMBsG
-A1UECxMUVGhhd3RlIENlcnRpZmljYXRpb24xHzAdBgNVBAMTFlRoYXd0ZSBUaW1l
-c3RhbXBpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYrWHhhRYZT
-6jR7UZztsOYuGA7+4F+oJ9O0yeB8WU4WDnNUYMF/9p8u6TqFJBU820cEY8OexJQa
-Wt9MevPZQx08EHp5JduQ/vBR5zDWQQD9nyjfeb6Uu522FOMjhdepQeBMpHmwKxqL
-8vg7ij5FrHGSALSQQZj7X+36ty6K+Ig3AgMBAAGjEzARMA8GA1UdEwEB/wQFMAMB
-Af8wDQYJKoZIhvcNAQEEBQADgYEAZ9viwuaHPUCDhjc1fR/OmsMMZiCouqoEiYbC
-9RAIDb/LogWK0E02PvTX72nGXuSwlG9KuefeW4i2e9vjJ+V2w/A1wcu1J5szedyQ
-pgCed/r8zSeUQhac0xxo7L9c3eWpexAKMnRUEzGLhQOEkbdYATAUOK8oyvyxUBkZ
-CayJSdM=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEEjCCAvqgAwIBAgIPAMEAizw8iBHRPvZj7N9AMA0GCSqGSIb3DQEBBAUAMHAx
-KzApBgNVBAsTIkNvcHlyaWdodCAoYykgMTk5NyBNaWNyb3NvZnQgQ29ycC4xHjAc
-BgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEhMB8GA1UEAxMYTWljcm9zb2Z0
-IFJvb3QgQXV0aG9yaXR5MB4XDTk3MDExMDA3MDAwMFoXDTIwMTIzMTA3MDAwMFow
-cDErMCkGA1UECxMiQ29weXJpZ2h0IChjKSAxOTk3IE1pY3Jvc29mdCBDb3JwLjEe
-MBwGA1UECxMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSEwHwYDVQQDExhNaWNyb3Nv
-ZnQgUm9vdCBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQCpAr3BcOY78k4bKJ+XeF4w6qKpjSVf+P6VTKO3/p2iID58UaKboo9gMmvRQmR5
-7qx2yVTa8uuchhyPn4Rms8VremIj1h083g8BkuiWxL8tZpqaaCaZ0Dosvwy1WCbB
-RucKPjiWLKkoOajsSYNC44QPu5psVWGsgnyhYC13TOmZtGQ7mlAcMQgkFJ+p55Er
-GOY9mGMUYFgFZZ8dN1KH96fvlALGG9O/VUWziYC/OuxUlE6u/ad6bXROrxjMlgko
-IQBXkGBpN7tLEgc8Vv9b+6RmCgim0oFWV++2O14WgXcE2va+roCV/rDNf9anGnJc
-PMq88AijIjCzBoXJsyB3E4XfAgMBAAGjgagwgaUwgaIGA1UdAQSBmjCBl4AQW9Bw
-72lyniNRfhSyTY7/y6FyMHAxKzApBgNVBAsTIkNvcHlyaWdodCAoYykgMTk5NyBN
-aWNyb3NvZnQgQ29ycC4xHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEh
-MB8GA1UEAxMYTWljcm9zb2Z0IFJvb3QgQXV0aG9yaXR5gg8AwQCLPDyIEdE+9mPs
-30AwDQYJKoZIhvcNAQEEBQADggEBAJXoC8CN85cYNe24ASTYdxHzXGAyn54Lyz4F
-kYiPyTrmIfLwV5MstaBHyGLv/NfMOztaqTZUaf4kbT/JzKreBXzdMY09nxBwarv+
-Ek8YacD80EPjEVogT+pie6+qGcgrNyUtvmWhEoolD2Oj91Qc+SHJ1hXzUqxuQzIH
-/YIX+OVnbA1R9r3xUse958Qw/CAxCYgdlSkaTdUdAqXxgOADtFv0sd3IV+5lScdS
-VLa0AygS/5DW8AiPfriXxas3LOR65Kh343agANBqP8HSNorgQRKoNWobats14dQc
-BOSoRQTIWjM4bk0cDWK3CqKM09VUP0bNHFWmcNsSOoeTdZ+n0qA=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJ
 BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xh
 c3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
@@ -576,49 +323,6 @@ ksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9HRCwBXbsdtTLS
 R9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
-MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
-DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
-PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
-Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
-rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
-OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
-xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
-7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
-aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
-HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
-SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
-ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
-AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
-R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
-JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
-Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID5TCCAs2gAwIBAgIEOeSXnjANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMC
-VVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSwwKgYDVQQLEyNXZWxscyBGYXJnbyBD
-ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0GA1UEAxMmV2VsbHMgRmFyZ28gUm9v
-dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDAxMDExMTY0MTI4WhcNMjEwMTE0
-MTY0MTI4WjCBgjELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1dlbGxzIEZhcmdvMSww
-KgYDVQQLEyNXZWxscyBGYXJnbyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEvMC0G
-A1UEAxMmV2VsbHMgRmFyZ28gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVqDM7Jvk0/82bfuUER84A4n13
-5zHCLielTWi5MbqNQ1mXx3Oqfz1cQJ4F5aHiidlMuD+b+Qy0yGIZLEWukR5zcUHE
-SxP9cMIlrCL1dQu3U+SlK93OvRw6esP3E48mVJwWa2uv+9iWsWCaSOAlIiR5NM4O
-JgALTqv9i86C1y8IcGjBqAr5dE8Hq6T54oN+J3N0Prj5OEL8pahbSCOz6+MlsoCu
-ltQKnMJ4msZoGK43YjdeUXWoWGPAUe5AeH6orxqg4bB4nVCMe+ez/I4jsNtlAHCE
-AQgAFG5Uhpq6zPk3EPbg3oQtnaSFN9OH4xXQwReQfhkhahKpdv0SAulPIV4XAgMB
-AAGjYTBfMA8GA1UdEwEB/wQFMAMBAf8wTAYDVR0gBEUwQzBBBgtghkgBhvt7hwcB
-CzAyMDAGCCsGAQUFBwIBFiRodHRwOi8vd3d3LndlbGxzZmFyZ28uY29tL2NlcnRw
-b2xpY3kwDQYJKoZIhvcNAQEFBQADggEBANIn3ZwKdyu7IvICtUpKkfnRLb7kuxpo
-7w6kAOnu5+/u9vnldKTC2FJYxHT7zmu1Oyl5GFrvm+0fazbuSCUlFLZWohDo7qd/
-0D+j0MNdJu4HzMPBJCGHHt8qElNvQRbn7a6U+oxy+hNH8Dx+rn0ROhPs7fpvcmR7
-nX1/Jv16+yWt6j4pf0zjAFcysLPp7VMX2YuyFA4w6OXVE8Zkr8QA1dhYJPz1j+zx
-x32l2w8n0cbyQIjmH/ZhqPRCyLk306m+LFZ4wnKbWV01QIroTmMatukgalHizqSQ
-33ZwmVxwQ023tqcZZE6St8WRPH9IFmV7Fv3L/PvZ1dZPIWU7Sn9Ho/s=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIDtTCCAp2gAwIBAgIIBhDCeat3PfIwDQYJKoZIhvcNAQEFBQAwdjELMAkGA1UE
 BhMCQ0gxEjAQBgNVBAoTCVN3aXNzU2lnbjEyMDAGA1UEAxMpU3dpc3NTaWduIENB
 IChSU0EgSUsgTWF5IDYgMTk5OSAxODowMDo1OCkxHzAdBgkqhkiG9w0BCQEWEGNh
@@ -641,30 +345,6 @@ NN6UCRNiUKl5vTijbKwUUwfER/1Vci3M1/O1QCfttQ4vRN4Buc0xqYtGL3cd5WiO
 vWzyhlTzAI6VUdNkQhhHJSAyTpj6dmXDRzrryoFGa2PjgESxz7XBaSI=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEGTCCAwGgAwIBAgIEOlxwGjANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJz
-aTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25zMREwDwYDVQQLEwhzaWdvdi1j
-YTAeFw0wMTAxMTAxMzUyNTJaFw0yMTAxMTAxNDIyNTJaMD0xCzAJBgNVBAYTAnNp
-MRswGQYDVQQKExJzdGF0ZS1pbnN0aXR1dGlvbnMxETAPBgNVBAsTCHNpZ292LWNh
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qsmzwd2ixtlEszoYPSQ
-k0PIDtKStoZSoC658FPIcG7eTtgYa7GuUDeuzAjSizWGF/3RENdJCmGDdq/+AQaz
-2JldVkvUc/+mxEsqnnfX4Yg801WnLGducmeRE4JBrvCpiIyU7LC+4SvpyRmBrPJk
-8nk5FN+Fjg+/gbAR+vsm6gSf24qUTaS5p8Nqg7ZMBiIsktg2v06QQGmi20EWeQUl
-ind0OINak/FCZDjwwaW8+Kn7YBb59eTCUzxQQp6XCxAjLGq3wDXF1U7rOhzyFHEf
-XvqWo5yiym/IBtUiy1vplLCb17F//aWmxeacFPyxcVNeeiS07NJWB9G0lB5QtP0H
-rQIDAQABo4IBHzCCARswEQYJYIZIAYb4QgEBBAQDAgAHMF8GA1UdHwRYMFYwVKBS
-oFCkTjBMMQswCQYDVQQGEwJzaTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25z
-MREwDwYDVQQLEwhzaWdvdi1jYTENMAsGA1UEAxMEQ1JMMTArBgNVHRAEJDAigA8y
-MDAxMDExMDEzNTI1MlqBDzIwMjEwMTEwMTQyMjUyWjALBgNVHQ8EBAMCAQYwHwYD
-VR0jBBgwFoAUHvjUU2uzgwbpBAZXAvmlv8ZYPHIwHQYDVR0OBBYEFB741FNrs4MG
-6QQGVwL5pb/GWDxyMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EABBAwDhsIVjUu
-MDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQCDwrYsqA2iEE9g7IcirrdWfFDu
-GZQ5iN+JfUpfefaIlV/jr6XGvHfdtoJQ2hZD9wxzo+Zl4bxrtUIK1WDlx/WXbpKe
-6dk2a4scE2spVUJcgJ0mrKYIoQUL/9qjqgQMc+2aGZm7ZatE/NPLxRIPsAIgbEtM
-W6DDMicXjEPJnZBV7vJP3fmQsw5UgYNM3KQka775hHwq0p4o9KoK11tUETA4AOQS
-SwSsYomUa/vKpW3nQcUc0+cqflU91FHUE43vfYdSkRTfm6/ivsLj9xKiJnOnWqFW
-bfnu38MgmxGw658H9uh7VccaTW2QcEblYVXsnkkwRDtFsqWb+ZU4vsn0SQ38
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIDYTCCAkmgAwIBAgIQCgEBAQAAAnwAAAAKAAAAAjANBgkqhkiG9w0BAQUFADA6
 MRkwFwYDVQQKExBSU0EgU2VjdXJpdHkgSW5jMR0wGwYDVQQLExRSU0EgU2VjdXJp
 dHkgMjA0OCBWMzAeFw0wMTAyMjIyMDM5MjNaFw0yNjAyMjIyMDM5MjNaMDoxGTAX
@@ -686,272 +366,6 @@ rSU3lIW+vaHU6rcMSzyd6BIA8F+sDeGscGNz9395nzIlQnQFgCi/vcEkllgVsRch
 7CAFYd4=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
-TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz
-MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw
-IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR
-dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp
-li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D
-rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ
-WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug
-F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU
-xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC
-Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv
-dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw
-ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl
-IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh
-c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy
-ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh
-Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI
-KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T
-KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq
-y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
-dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD
-VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL
-MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk
-fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
-7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R
-cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
-mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
-xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
-SnQ2+Q==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIESTCCAzGgAwIBAgIEOsP2HzANBgkqhkiG9w0BAQUFADBNMQswCQYDVQQGEwJT
-RzEoMCYGA1UEChMfTmV0cnVzdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMTEUMBIG
-A1UECxMLTmV0cnVzdCBDQTEwHhcNMDEwMzMwMDIyNzQ1WhcNMjEwMzMwMDI1NzQ1
-WjBNMQswCQYDVQQGEwJTRzEoMCYGA1UEChMfTmV0cnVzdCBDZXJ0aWZpY2F0ZSBB
-dXRob3JpdHkgMTEUMBIGA1UECxMLTmV0cnVzdCBDQTEwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDinM+1yzd2SIeOpxXFGqkLpBlnbjCxNwHCAVZIADRo
-FCIvtxLXgwI/o2TqeC3QsmvM75sNsKjV++1sVkYlGqXQP/A9cKbw+TUtq0S6x3kN
-rlE1BQoyljicpcP7R+KzCUbx7Nw4DLk+W5WEjfI6P6e2+4u7geh+xPpqUwfF+uk6
-srE92fh0SOGWS0ZkefIjcTngwAcpK/4Ae85/XQROYOZsQKvnehmMnOqCEyhYqvjd
-GrxXbdgvrT+Caf3OSg3AzlPqBarW8qR0NieRiUMbnZ9x5ucDLkqC4UQyjysK+lE3
-UCVhLydXS59BCKsfmPW04jYCxcmlX3042D09ApOIoCfrAgMBAAGjggEvMIIBKzAR
-BglghkgBhvhCAQEEBAMCAAcwbwYDVR0fBGgwZjBkoGKgYKReMFwxCzAJBgNVBAYT
-AlNHMSgwJgYDVQQKEx9OZXRydXN0IENlcnRpZmljYXRlIEF1dGhvcml0eSAxMRQw
-EgYDVQQLEwtOZXRydXN0IENBMTENMAsGA1UEAxMEQ1JMMTArBgNVHRAEJDAigA8y
-MDAxMDMzMDAyMjc0NVqBDzIwMjEwMzMwMDI1NzQ1WjALBgNVHQ8EBAMCAQYwHwYD
-VR0jBBgwFoAUHUSJskUmf29rksU6e3JjytJwKt0wHQYDVR0OBBYEFB1EibJFJn9v
-a5LFOntyY8rScCrdMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EABBAwDhsIVjUu
-MDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQBqB1ZWxlAFW8ZQBCqSiFBkqrxz
-Hgy5TWz3cWb40VOeW/h8nfABAaPmTU4AWYHV8i+2CZjBMTDngEqeKwmhTqUUAiPz
-tncq99G+nyKf6jSpOW2LnOra8ZSszqwhjp2fpKCtrtsTE/5b6D4wsvh/7GyJtZIb
-d1+t/yS236JTWf+UlOccEJ6ayXayC3mF55wNZ9l07yfF8Fgj4hjplgZtuEd3/6cO
-5yWtvdDPQq0NcIO/9oRHk1IJe/u71hbgQJo1lNaJh8Mgt03L5Dfjw5fbIA6IdgCi
-1cUNSa7XnkeKtBsTRj1mnk4+KAL+odzfktvRCSCYfLiY44mB2Sev4/02GkW7
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEKzCCAxOgAwIBAgIEOsylTDANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJE
-SzEVMBMGA1UEChMMVERDIEludGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQg
-Um9vdCBDQTAeFw0wMTA0MDUxNjMzMTdaFw0yMTA0MDUxNzAzMTdaMEMxCzAJBgNV
-BAYTAkRLMRUwEwYDVQQKEwxUREMgSW50ZXJuZXQxHTAbBgNVBAsTFFREQyBJbnRl
-cm5ldCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLhA
-vJHVYx/XmaCLDEAedLdInUaMArLgJF/wGROnN4NrXceO+YQwzho7+vvOi20jxsNu
-Zp+Jpd/gQlBn+h9sHvTQBda/ytZO5GhgbEaqHF1j4QeGDmUApy6mcca8uYGoOn0a
-0vnRrEvLznWv3Hv6gXPU/Lq9QYjUdLP5Xjg6PEOo0pVOd20TDJ2PeAG3WiAfAzc1
-4izbSysseLlJ28TQx5yc5IogCSEWVmb/Bexb4/DPqyQkXsN/cHoSxNK1EKC2IeGN
-eGlVRGn1ypYcNIUXJXfi9i8nmHj9eQY6otZaQ8H/7AQ77hPv01ha/5Lr7K7a8jcD
-R0G2l8ktCkEiu7vmpwIDAQABo4IBJTCCASEwEQYJYIZIAYb4QgEBBAQDAgAHMGUG
-A1UdHwReMFwwWqBYoFakVDBSMQswCQYDVQQGEwJESzEVMBMGA1UEChMMVERDIElu
-dGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQgUm9vdCBDQTENMAsGA1UEAxME
-Q1JMMTArBgNVHRAEJDAigA8yMDAxMDQwNTE2MzMxN1qBDzIwMjEwNDA1MTcwMzE3
-WjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUbGQBx/2FbazI2p5QCIUItTxWqFAw
-HQYDVR0OBBYEFGxkAcf9hW2syNqeUAiFCLU8VqhQMAwGA1UdEwQFMAMBAf8wHQYJ
-KoZIhvZ9B0EABBAwDhsIVjUuMDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQBO
-Q8zR3R0QGwZ/t6T609lN+yOfI1Rb5osvBCiLtSdtiaHsmGnc540mgwV5dOy0uaOX
-wTUA/RXaOYE6lTGQ3pfphqiZdwzlWqCE/xIWrG64jcN7ksKsLtB9KOy282A4aW8+
-2ARVPp7MVdK6/rtHBNcK2RYKNCn1WBPVT8+PVkuzHu7TmHnaCB4Mb7j4Fifvwm89
-9qNLPg7kbWzbO0ESm70NRyN/PErQr8Cv9u8btRXE64PECV90i9kR+8JWsTz4cMo0
-jUNAE4z9mQNUecYu6oah9jrUCbz0vGbMPVjQV0kK7iXiQe4T+Zs4NNEA9X7nlB38
-aQNiuJkFBT1reBK9sG9l
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
-MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAx
-MDQwNjA3Mjk0MFoXDTIxMDQwNjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNV
-BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMiBDQTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3/Ei9vX+ALTU74W+o
-Z6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybTdXnt
-5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s
-3TmVToMGf+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2Ej
-vOr7nQKV0ba5cTppCD8PtOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu
-8nYybieDwnPz3BjotJPqdURrBGAgcVeHnfO+oJAjPYok4doh28MCAwEAAaMzMDEw
-DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITTXjwwCwYDVR0PBAQDAgEG
-MA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt0jSv9zil
-zqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/
-3DEIcbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvD
-FNr450kkkdAdavphOe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6
-Tk6ezAyNlNzZRZxe7EJQY670XcSxEtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2
-ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLHllpwrN9M
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDIDCCAgigAwIBAgIBJDANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEP
-MA0GA1UEChMGU29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MxIENBMB4XDTAx
-MDQwNjEwNDkxM1oXDTIxMDQwNjEwNDkxM1owOTELMAkGA1UEBhMCRkkxDzANBgNV
-BAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJhIENsYXNzMSBDQTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBALWJHytPZwp5/8Ue+H887dF+2rDNbS82rDTG
-29lkFwhjMDMiikzujrsPDUJVyZ0upe/3p4zDq7mXy47vPxVnqIJyY1MPQYx9EJUk
-oVqlBvqSV536pQHydekfvFYmUk54GWVYVQNYwBSujHxVX3BbdyMGNpfzJLWaRpXk
-3w0LBUXl0fIdgrvGE+D+qnr9aTCU89JFhfzyMlsy3uhsXR/LpCJ0sICOXZT3BgBL
-qdReLjVQCfOAl/QMF6452F/NM8EcyonCIvdFEu1eEpOdY6uCLrnrQkFEy0oaAIIN
-nvmLVz5MxxftLItyM19yejhW1ebZrgUaHXVFsculJRwSVzb9IjcCAwEAAaMzMDEw
-DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIR+IMi/ZTiFIwCwYDVR0PBAQDAgEG
-MA0GCSqGSIb3DQEBBQUAA4IBAQCLGrLJXWG04bkruVPRsoWdd44W7hE928Jj2VuX
-ZfsSZ9gqXLar5V7DtxYvyOirHYr9qxp81V9jz9yw3Xe5qObSIjiHBxTZ/75Wtf0H
-DjxVyhbMp6Z3N/vbXB9OWQaHowND9Rart4S9Tu+fMTfwRvFAttEMpWT4Y14h21VO
-TzF2nBBhjrZTOqMRvq9tfB69ri3iDGnHhVNoomG6xT60eVR4ngrHAr5i0RGCS2Uv
-kVrCqIexVmiUefkl98HVrhq4uz2PqYo4Ffdz0Fpg0YCw8NzVUM1O7pJIae2yIx4w
-zMiUyLb1O4Z/P6Yun/Y+LLWSlj7fLJOK/4GMDw9ZIRlXvVWa
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFmTCCA4GgAwIBAgIQea0WoUqgpa1Mc1j0BxMuZTANBgkqhkiG9w0BAQUFADBf
-MRMwEQYKCZImiZPyLGQBGRYDY29tMRkwFwYKCZImiZPyLGQBGRYJbWljcm9zb2Z0
-MS0wKwYDVQQDEyRNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
-HhcNMDEwNTA5MjMxOTIyWhcNMjEwNTA5MjMyODEzWjBfMRMwEQYKCZImiZPyLGQB
-GRYDY29tMRkwFwYKCZImiZPyLGQBGRYJbWljcm9zb2Z0MS0wKwYDVQQDEyRNaWNy
-b3NvZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEB
-AQUAA4ICDwAwggIKAoICAQDzXfqAZ9Rap6kMLJAg0DUIPHWEzbcHiZyJ2t7Ow2D6
-kWhanpRxKRh2fMLgyCV2lA5Y+gQ0Nubfr/eAuulYCyuT5Z0F43cikfc0ZDwikR1e
-4QmQvBT+/HVYGeF5tweSo66IWQjYnwfKA1j8aCltMtfSqMtL/OELSDJP5uu4rU/k
-XG8TlJnbldV126gat5SRtHdb9UgMj2p5fRRwBH1tr5D12nDYR7e/my9s5wW34RFg
-rHmRFHzF1qbk4X7Vw37lktI8ALU2gt554W3ztW74nzPJy1J9c5g224uha6KVl5uj
-3sJNJv8GlmclBsjnrOTuEjOVMZnINQhONMp5U9W1vmMyWUA2wKVOBE0921sHM+RY
-v+8/U2TYQlk1V/0PRXwkBE2e1jh0EZcikM5oRHSSb9VLb7CG48c2QqDQ/MHAWvmj
-YbkwR3GWChawkcBCle8Qfyhq4yofseTNAz93cQTHIPxJDx1FiKTXy36IrY4t7EXb
-xFEEySr87IaemhGXW97OU4jm4rf9rJXCKEDb7wSQ34EzOdmyRaUjhwalVYkxuwYt
-YA5BGH0fLrWXyxHrFdUkpZTvFRSJ/Utz+jJb/NEzAPlZYnAHMuouq0Ate8rdIWcb
-MJmPFqojqEHRsG4RmzbE3kB0nOFYZcFgHnpbOMiPuwQmfNQWQOW2a2yqhv0Av87B
-NQIDAQABo1EwTzALBgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
-FgQUDqyCYEBWJ5flJRP8KuEKU5VZ5KQwEAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZI
-hvcNAQEFBQADggIBAMURTQM6YN1dUhF3j7K7NsiyBb+0t6jYIJ1cEwO2HCL6BhM1
-tshj1JpHbyZX0lXxBLEmX9apUGigvNK4bszD6azfGc14rFl0rGY0NsQbPmw4TDMO
-MBINoyb+UVMA/69aToQNDx/kbQUuToVLjWwzb1TSZKu/UK99ejmgN+1jAw/8EwbO
-FjbUVDuVG1FiOuVNF9QFOZKaJ6hbqr3su77jIIlgcWxWs6UT0G0OI36VA+1oPfLY
-Y7hrTbboMLXhypRL96KqXZkwsj2nwlFsKCABJCcrSwC3nRFrcL6yEIK8DJto0I07
-JIeqmShynTNfWZC99d6TnjpiWjQ54ohVHbkGsMGJay3XacMZEjaE0Mmg2v8vaXiy
-5Xra69cMwPe9Yxe4ORM4ojZbe/KFVmodZGLBOOKqv1FmopT1EpxmIhBr8rcwki3y
-KfA9OxRDaKLxnCk3y844ICVtfGfzfiQSJAMIgUfspZ6X9RjXz7vV73aW7/3O21ad
-laBC+ZdY4dcxItNfWeY+biIA6kOEtiXb2fMIVmjAZGsdfOy2k6JiV24u2OdYj8Qx
-SSbd3ik1h/UwcXBbFDxpvYkSfesuo/7Yf56CWlIKK8FDK9kwiJ/IEPuJjeahhXUz
-fmye23MTZGJppS99ypZtn/gETTCSPW4hFCHJPeDD/YprnUr90aGdmUN3P7Da
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGTCCAwGgAwIBAgIEOzz5yTANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJz
-aTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25zMREwDwYDVQQLEwhzaWdlbi1j
-YTAeFw0wMTA2MjkyMTI3NDZaFw0yMTA2MjkyMTU3NDZaMD0xCzAJBgNVBAYTAnNp
-MRswGQYDVQQKExJzdGF0ZS1pbnN0aXR1dGlvbnMxETAPBgNVBAsTCHNpZ2VuLWNh
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOVlssCsZJbyiBuz7Z7k
-AsZPK4jOLopRgHWvEFvyyzhmm6IObTRHlqWSEa/2NUeidyIMzhaIYqrTSW4YvC5E
-2L7GnsIaGaxBjvwwBwLyxmrUWyMA70E02KRzY98ikjOEAaWN84Nc+rjUejXf7Pht
-D+BM7a2cOn2G1qUIlL59ehEf/oU/VFqIY4ecpbGnTs23RHOvz4pJax/jzddJTVor
-F+ZcdrO7crlvJ9KbiRWI3xBfdiEBascVMQrRnFj4KBYFbdlO2aHXByDLSyaJTZKy
-p7qW6ONYjyKcAZZaxPcxTQtJteF4YeJUGAa7nlQ0fgw+6+61gB/dFoQdaDhmZ3P4
-kQIDAQABo4IBHzCCARswEQYJYIZIAYb4QgEBBAQDAgAHMF8GA1UdHwRYMFYwVKBS
-oFCkTjBMMQswCQYDVQQGEwJzaTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25z
-MREwDwYDVQQLEwhzaWdlbi1jYTENMAsGA1UEAxMEQ1JMMTArBgNVHRAEJDAigA8y
-MDAxMDYyOTIxMjc0NlqBDzIwMjEwNjI5MjE1NzQ2WjALBgNVHQ8EBAMCAQYwHwYD
-VR0jBBgwFoAUcXuKBh8xBVWrYBJ3RyAeA4gY7IkwHQYDVR0OBBYEFHF7igYfMQVV
-q2ASd0cgHgOIGOyJMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EABBAwDhsIVjUu
-MDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQAAumM08xgY7q5+jZLHNfXCE9TW
-AKohMhbW0Fv6KbCN+hd3kvmltvb5hz8GDyDuYj0096kvx6k70CeITKzdyanlWliF
-1xI1Pdywglty9Ltzt/v+OCGYBICyiGIPHqw6Fqnmswr2FRBFA6OX4s2sENz5AB6/
-c2xD7HciFgYvloOJe7C4U0RBCNyAHwXbGQl2h741nU4hS7STwWg6nV82/qGuMCxL
-3ngkOljWFkPvnZk4iyqY/jDRwurWryXVpXYLue9AOS72698yXh19h7VEzAI50iaV
-cthvhUOojw6jRs7Xzui5Vqn4iRcSH0NJBnoy5z++b3m+1jPXTDwo/BLxdnYY
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGizCCBXOgAwIBAgIEO0XlaDANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJF
-UzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJ
-R1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwHhcN
-MDEwNzA2MTYyMjQ3WhcNMjEwNzAxMTUyMjQ3WjBoMQswCQYDVQQGEwJFUzEfMB0G
-A1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0GA1UECxMGUEtJR1ZBMScw
-JQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVuY2lhbmEwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGKqtXETcvIorKA3Qdyu0togu8M1JAJke+
-WmmmO3I2F0zo37i7L3bhQEZ0ZQKQUgi0/6iMweDHiVYQOTPvaLRfX9ptI6GJXiKj
-SgbwJ/BXufjpTjJ3Cj9BZPPrZe52/lSqfR0grvPXdMIKX/UIKFIIzFVd0g/bmoGl
-u6GzwZTNVOAydTGRGmKy3nXiz0+J2ZGQD0EbtFpKd71ng+CT516nDOeB0/RSrFOy
-A8dEJvt55cs0YFAQexvba9dHq198aMpunUEDEO5rmXteJajCq+TA81yc477OMUxk
-Hl6AovWDfgzWyoxVjr7gvkkHD6MkQXpYHYTqWBLI4bft75PelAgxAgMBAAGjggM7
-MIIDNzAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLnBr
-aS5ndmEuZXMwEgYDVR0TAQH/BAgwBgEB/wIBAjCCAjQGA1UdIASCAiswggInMIIC
-IwYKKwYBBAG/VQIBADCCAhMwggHoBggrBgEFBQcCAjCCAdoeggHWAEEAdQB0AG8A
-cgBpAGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAFIA
-YQDtAHoAIABkAGUAIABsAGEAIABHAGUAbgBlAHIAYQBsAGkAdABhAHQAIABWAGEA
-bABlAG4AYwBpAGEAbgBhAC4ADQAKAEwAYQAgAEQAZQBjAGwAYQByAGEAYwBpAPMA
-bgAgAGQAZQAgAFAAcgDhAGMAdABpAGMAYQBzACAAZABlACAAQwBlAHIAdABpAGYA
-aQBjAGEAYwBpAPMAbgAgAHEAdQBlACAAcgBpAGcAZQAgAGUAbAAgAGYAdQBuAGMA
-aQBvAG4AYQBtAGkAZQBuAHQAbwAgAGQAZQAgAGwAYQAgAHAAcgBlAHMAZQBuAHQA
-ZQAgAEEAdQB0AG8AcgBpAGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEA
-YwBpAPMAbgAgAHMAZQAgAGUAbgBjAHUAZQBuAHQAcgBhACAAZQBuACAAbABhACAA
-ZABpAHIAZQBjAGMAaQDzAG4AIAB3AGUAYgAgAGgAdAB0AHAAOgAvAC8AdwB3AHcA
-LgBwAGsAaQAuAGcAdgBhAC4AZQBzAC8AYwBwAHMwJQYIKwYBBQUHAgEWGWh0dHA6
-Ly93d3cucGtpLmd2YS5lcy9jcHMwHQYDVR0OBBYEFHs100DSHHgZZu90ECjcPk+y
-eAT8MIGVBgNVHSMEgY0wgYqAFHs100DSHHgZZu90ECjcPk+yeAT8oWykajBoMQsw
-CQYDVQQGEwJFUzEfMB0GA1UEChMWR2VuZXJhbGl0YXQgVmFsZW5jaWFuYTEPMA0G
-A1UECxMGUEtJR1ZBMScwJQYDVQQDEx5Sb290IENBIEdlbmVyYWxpdGF0IFZhbGVu
-Y2lhbmGCBDtF5WgwDQYJKoZIhvcNAQEFBQADggEBACRhTvW1yEICKrNcda3Fbcrn
-lD+laJWIwVTAEGmiEi8YPyVQqHxK6sYJ2fR1xkDar1CdPaUWu20xxsdzCkj+IHLt
-b8zog2EWRpABlUt9jppSCS/2bxzkoXHPjCpaF3ODR00PNvsETUlR4hTJZGH71BTg
-9J63NI8KJr2XXPR5OkowGcytT6CYirQxlyric21+eLj4iIlPsSKRZEv1UN4D2+XF
-ducTZnV+ZfsBn5OHiJ35Rld8TWCvmHMTI6QgkYH60GFmuH3Rr9ZvHmw96RH9qfmC
-IoaZM3Fa6hlXPZHNqcCjbgcTpsnt+GijnsNacgmHKNHEc8RzGF9QdRYxn7fofMM=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFVTCCBD2gAwIBAgIEO/OB0DANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQGEwJj
-aDEOMAwGA1UEChMFYWRtaW4xETAPBgNVBAsTCFNlcnZpY2VzMSIwIAYDVQQLExlD
-ZXJ0aWZpY2F0aW9uIEF1dGhvcml0aWVzMRYwFAYDVQQDEw1BZG1pbi1Sb290LUNB
-MB4XDTAxMTExNTA4NTEwN1oXDTIxMTExMDA3NTEwN1owbDELMAkGA1UEBhMCY2gx
-DjAMBgNVBAoTBWFkbWluMREwDwYDVQQLEwhTZXJ2aWNlczEiMCAGA1UECxMZQ2Vy
-dGlmaWNhdGlvbiBBdXRob3JpdGllczEWMBQGA1UEAxMNQWRtaW4tUm9vdC1DQTCC
-ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMvgr0QUIv5qF0nyXZ3PXAJi
-C4C5Wr+oVTN7oxIkXkxvO0GJToM9n7OVJjSmzBL0zJ2HXj0MDRcvhSY+KiZZc6Go
-vDvr5Ua481l7ILFeQAFtumeza+vvxeL5Nd0Maga2miiacLNAKXbAcUYRa0Ov5VZB
-++YcOYNNt/aisWbJqA2y8He+NsEgJzK5zNdayvYXQTZN+7tVgWOck16Da3+4FXdy
-fH1NCWtZlebtMKtERtkVAaVbiWW24CjZKAiVfggjsiLo3yVMPGj3budLx5D9hEEm
-vlyDOtcjebca+AcZglppWMX/iHIrx7740y0zd6cWEqiLIcZCrnpkr/KzwO135GkC
-AwEAAaOCAf0wggH5MA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIASBkTCBjjCBiwYI
-YIV0AREDAQAwfzArBggrBgEFBQcCAjAfGh1UaGlzIGlzIHRoZSBBZG1pbi1Sb290
-LUNBIENQUzBQBggrBgEFBQcCARZEaHR0cDovL3d3dy5pbmZvcm1hdGlrLmFkbWlu
-LmNoL1BLSS9saW5rcy9DUFNfMl8xNl83NTZfMV8xN18zXzFfMC5wZGYwfwYDVR0f
-BHgwdjB0oHKgcKRuMGwxFjAUBgNVBAMTDUFkbWluLVJvb3QtQ0ExIjAgBgNVBAsT
-GUNlcnRpZmljYXRpb24gQXV0aG9yaXRpZXMxETAPBgNVBAsTCFNlcnZpY2VzMQ4w
-DAYDVQQKEwVhZG1pbjELMAkGA1UEBhMCY2gwHQYDVR0OBBYEFIKf+iNzIPGXi7JM
-Tb5CxX9mzWToMIGZBgNVHSMEgZEwgY6AFIKf+iNzIPGXi7JMTb5CxX9mzWTooXCk
-bjBsMQswCQYDVQQGEwJjaDEOMAwGA1UEChMFYWRtaW4xETAPBgNVBAsTCFNlcnZp
-Y2VzMSIwIAYDVQQLExlDZXJ0aWZpY2F0aW9uIEF1dGhvcml0aWVzMRYwFAYDVQQD
-Ew1BZG1pbi1Sb290LUNBggQ784HQMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0B
-AQUFAAOCAQEAeE96XCYRpy6umkPKXDWCRn7INo96ZrWpMggcDORuofHIwdTkgOeM
-vWOxDN/yuT7CC3FAaUajbPRbDw0hRMcqKz0aC8CgwcyIyhw/rFK29mfNTG3EviP9
-QSsEbnelFnjpm1wjz4EaBiFjatwpUbI6+Zv3XbEt9QQXBn+c6DeFLe4xvC4B+MTr
-a440xTk59pSYux8OHhEvqIwHCkiijGqZhTS3KmGFeBopaR+dJVBRBMoXwzk4B3Hn
-0Zib1dEYFZa84vPJZyvxCbLOnPRDJgH6V2uQqbG+6DXVaf/wORVOvF/wzzv0viM/
-RWbEtJZdvo8N3sdtCULzifnxP/V0T9+4ZQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg
-R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9
-9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq
-fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv
-iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU
-1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+
-bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW
-MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA
-ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l
-uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn
-Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS
-tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF
-PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un
-hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV
-5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIDpDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEc
 MBoGA1UEChMTQW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBP
 bmxpbmUgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyODA2
@@ -1083,28 +497,6 @@ O/fIR/RpbxXyEV6DHpx8Uq79AtoSqFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs
 6GAqm4VKQPNriiTsBhYscw==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBr
-MQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRl
-cm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv
-bW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2WhcNMjIwNjI0MDAxNjEyWjBrMQsw
-CQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5h
-dGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1l
-cmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h
-2mCxlCfLF9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4E
-lpF7sDPwsRROEW+1QK8bRaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdV
-ZqW1LS7YgFmypw23RuwhY/81q6UCzyr0TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq
-299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI/k4+oKsGGelT84ATB+0t
-vz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzsGHxBvfaL
-dXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
-AgEGMB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUF
-AAOCAQEAX/FBfXxcCLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcR
-zCSs00Rsca4BIGsDoo8Ytyk6feUWYFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3
-LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pzzkWKsKZJ/0x9nXGIxHYdkFsd
-7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBuYQa7FkKMcPcw
-++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt
-398znM/jra6O1I7mT1GvFpLgXPYHDw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/
 MQswCQYDVQQGEwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmlj
 YXRpb24gQXV0aG9yaXR5MB4XDTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1ow
@@ -1137,54 +529,6 @@ LMDDav7v3Aun+kbfYNucpllQdSNpc5Oy+fwC00fmcc4QAu4njIT/rEUNE1yDMuAl
 pYYsfPQS
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEAjCCAuqgAwIBAgIFORFFEJQwDQYJKoZIhvcNAQEFBQAwgYUxCzAJBgNVBAYT
-AkZSMQ8wDQYDVQQIEwZGcmFuY2UxDjAMBgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQ
-TS9TR0ROMQ4wDAYDVQQLEwVEQ1NTSTEOMAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG
-9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2LmZyMB4XDTAyMTIxMzE0MjkyM1oXDTIw
-MTAxNzE0MjkyMlowgYUxCzAJBgNVBAYTAkZSMQ8wDQYDVQQIEwZGcmFuY2UxDjAM
-BgNVBAcTBVBhcmlzMRAwDgYDVQQKEwdQTS9TR0ROMQ4wDAYDVQQLEwVEQ1NTSTEO
-MAwGA1UEAxMFSUdDL0ExIzAhBgkqhkiG9w0BCQEWFGlnY2FAc2dkbi5wbS5nb3V2
-LmZyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsh/R0GLFMzvABIaI
-s9z4iPf930Pfeo2aSVz2TqrMHLmh6yeJ8kbpO0px1R2OLc/mratjUMdUC24SyZA2
-xtgv2pGqaMVy/hcKshd+ebUyiHDKcMCWSo7kVc0dJ5S/znIq7Fz5cyD+vfcuiWe4
-u0dzEvfRNWk68gq5rv9GQkaiv6GFGvm/5P9JhfejcIYyHF2fYPepraX/z9E0+X1b
-F8bc1g4oa8Ld8fUzaJ1O/Id8NhLWo4DoQw1VYZTqZDdH6nfK0LJYBcNdfrGoRpAx
-Vs5wKpayMLh35nnAvSk7/ZR3TL0gzUEl4C7HG7vupARB0l2tEmqKm0f7yd1GQOGd
-PDPQtQIDAQABo3cwdTAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBRjAVBgNV
-HSAEDjAMMAoGCCqBegF5AQEBMB0GA1UdDgQWBBSjBS8YYFDCiQrdKyFP/45OqDAx
-NjAfBgNVHSMEGDAWgBSjBS8YYFDCiQrdKyFP/45OqDAxNjANBgkqhkiG9w0BAQUF
-AAOCAQEABdwm2Pp3FURo/C9mOnTgXeQp/wYHE4RKq89toB9RlPhJy3Q2FLwV3duJ
-L92PoF189RLrn544pEfMs5bZvpwlqwN+Mw+VgQ39FuCIvjfwbF3QMZsyK10XZZOY
-YLxuj7GoPB7ZHPOpJkL5ZB3C55L29B5aqhlSXa/oovdgoPaN8In1buAKBQGVyYsg
-Crpa/JosPL3Dt8ldeCUFP1YUmwza+zpI/pdpXsoQhvdOlgQITeywvl3cO45Pwf2a
-NjSaTFR+FwNIlQgRHAdvhQh+XU3Endv7rs6y0bO4g2wdsrN58dhwmX7wEwLOXt1R
-0982gaEbeC9xs/FZTEYYKKuF0mBWWg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEGjCCAwKgAwIBAgIDAYagMA0GCSqGSIb3DQEBBQUAMIGjMQswCQYDVQQGEwJG
-STEQMA4GA1UECBMHRmlubGFuZDEhMB8GA1UEChMYVmFlc3RvcmVraXN0ZXJpa2Vz
-a3VzIENBMSkwJwYDVQQLEyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBTZXJ2aWNl
-czEZMBcGA1UECxMQVmFybWVubmVwYWx2ZWx1dDEZMBcGA1UEAxMQVlJLIEdvdi4g
-Um9vdCBDQTAeFw0wMjEyMTgxMzUzMDBaFw0yMzEyMTgxMzUxMDhaMIGjMQswCQYD
-VQQGEwJGSTEQMA4GA1UECBMHRmlubGFuZDEhMB8GA1UEChMYVmFlc3RvcmVraXN0
-ZXJpa2Vza3VzIENBMSkwJwYDVQQLEyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBT
-ZXJ2aWNlczEZMBcGA1UECxMQVmFybWVubmVwYWx2ZWx1dDEZMBcGA1UEAxMQVlJL
-IEdvdi4gUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCF
-FdrIAzfQo0Y3bBseljDCWoUSZyPyu5/nioFgJ/gTqTy894aqqvTzJSm0/nWuHoGG
-igWyHWWyOOi0zCia+xc28ZPVec7Bg4shT8MNrUHfeJ1I4x9CRPw8bSEga60ihCRC
-jxdNwlAfZM0tOSJWiP2yY51U2kJpwMhP1xjiPshphJQ9LIDGfM6911Mf64i5psu7
-hVfvV3ZdDIvTXhJBnyHAOfQmbQj6OLOhd7HuFtjQaNq0mKWgZUZKa41+qk1guPjI
-DfxxPu45h4G02fhukO4/DmHXHSto5i7hQkQmeCxY8n0Wf2HASSQqiYe2XS8pGfim
-545SnkFLWg6quMJmQlMCAwEAAaNVMFMwDwYDVR0TAQH/BAUwAwEB/zARBglghkgB
-hvhCAQEEBAMCAAcwDgYDVR0PAQH/BAQDAgHGMB0GA1UdDgQWBBTb6eGb0tEkC/yr
-46Bn6q6cS3f0sDANBgkqhkiG9w0BAQUFAAOCAQEArX1ID1QRnljurw2bEi8hpM2b
-uoRH5sklVSPj3xhYKizbXvfNVPVRJHtiZ+GxH0mvNNDrsczZog1Sf0JLiGCXzyVy
-t08pLWKfT6HAVVdWDsRol5EfnGTCKTIB6dTI2riBmCguGMcs/OubUpbf9MiQGS0j
-8/G7cdqehSO9Gu8u5Hp5t8OdhkktY7ktdM9lDzJmid87Ie4pbzlj2RXBbvbfgD5Q
-eBmK3QOjFKU3p7UsfLYRh+cF8ry23tT/l4EohP7+bEaFEEGfTXWMB9SZZ291im/k
-UJL2mdUQuMSpe/cXjUu/15WfCdxEDx4yw8DP03kN5Mc7h/CQNIghYkmSBAQfvA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB
 8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
 dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1
@@ -1216,30 +560,6 @@ Agu+TGbrIP65y7WZf+a2E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xl
 nJ2lYJU6Un/10asIbvPuW/mIPX64b24D5EI=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIID8jCCAtqgAwIBAgIEPkOTSjANBgkqhkiG9w0BAQUFADAwMQswCQYDVQQGEwJT
-STEOMAwGA1UEChMFUE9TVEExETAPBgNVBAsTCFBPU1RBckNBMB4XDTAzMDIwNzEw
-MzY1OFoXDTIzMDIwNzExMDY1OFowMDELMAkGA1UEBhMCU0kxDjAMBgNVBAoTBVBP
-U1RBMREwDwYDVQQLEwhQT1NUQXJDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
-AQoCggEBAJvsv347w/cvDqzCr0NIWOt5lQ0LsqTTiwgUir23iacS+EdjZLrFxajS
-I1IXegmjAt/ODqYK/9HLdMlLPu0jXP6uDC9NKS10PqBaFzay21WcTIpryZ9g+ceg
-W8vDSgg84U3rpPN0cbRXnoCjkgAs6IIjGcBLtRGCDnfyd3E1kqSB5foZLhN3cFPI
-Kxm5UoEo1A9u67gYYEmx+32/f5ktqeZbGS6MUa7P2KT3ctfxfgWWDDRuVUjsJoKq
-Qf4lXFKLln8V5GekILIJ3fCdqfVwgxxxRlIiSptSABPpk6l26WyDcLVkSgU5qM/W
-Y54wFePJopzT3WC3BjlFlgIlgJRTUwsCAwEAAaOCARIwggEOMBEGCWCGSAGG+EIB
-AQQEAwIABzBSBgNVHR8ESzBJMEegRaBDpEEwPzELMAkGA1UEBhMCU0kxDjAMBgNV
-BAoTBVBPU1RBMREwDwYDVQQLEwhQT1NUQXJDQTENMAsGA1UEAxMEQ1JMMTArBgNV
-HRAEJDAigA8yMDAzMDIwNzEwMzY1OFqBDzIwMjMwMjA3MTEwNjU4WjALBgNVHQ8E
-BAMCAQYwHwYDVR0jBBgwFoAUP73Njt++0WtlRD9g7OpCLjBwH2gwHQYDVR0OBBYE
-FD+9zY7fvtFrZUQ/YOzqQi4wcB9oMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EA
-BBAwDhsIVjYuMDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQA+36evUQiRScVx
-KqNBE2wL6YsaMI0RtwtNVqpAR9M5/nn4q2jslHsGETtDhmJzw60u1JMe86w3yx7D
-ZTu4tztuepOxkXFpRet4IquM7UraVLEvNJ5eGpPaSLoS2jROFoNBTSLzcd8eHtMC
-uNxUgdIXGfD1KRIzWIsDJWtbQLUcOxUTVh+zSS720oRs5JKbE5pLjoOCqBzWrGba
-ELdvehXkutocbgx8a9yP8/oWGXyImhzjJQFy2TeK1G9+hzi8U1VJghXKv5iosT6s
-TuDJSiQVbqLRiXLTxw267WUC36pMs5djbj4ixqrZPDwCgoj0l0OjWZ3h4vdISVuq
-lsLa6hkG
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIFGTCCBAGgAwIBAgIEPki9xDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJE
 SzEMMAoGA1UEChMDVERDMRQwEgYDVQQDEwtUREMgT0NFUyBDQTAeFw0wMzAyMTEw
 ODM5MzBaFw0zNzAyMTEwOTA5MzBaMDExCzAJBgNVBAYTAkRLMQwwCgYDVQQKEwNU
@@ -1270,107 +590,6 @@ YqbsFbS1AoLbrIyigfCbmTH1ICCoiGEKB5+U/NDXG8wuF/MEJ3Zn61SD/aSQfgY9
 BKNDLdr8C2LqL19iUw==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIG0TCCBbmgAwIBAgIBezANBgkqhkiG9w0BAQUFADCByTELMAkGA1UEBhMCSFUx
-ETAPBgNVBAcTCEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0
-b25zYWdpIEtmdC4xGjAYBgNVBAsTEVRhbnVzaXR2YW55a2lhZG9rMUIwQAYDVQQD
-EzlOZXRMb2NrIE1pbm9zaXRldHQgS296amVneXpvaSAoQ2xhc3MgUUEpIFRhbnVz
-aXR2YW55a2lhZG8xHjAcBgkqhkiG9w0BCQEWD2luZm9AbmV0bG9jay5odTAeFw0w
-MzAzMzAwMTQ3MTFaFw0yMjEyMTUwMTQ3MTFaMIHJMQswCQYDVQQGEwJIVTERMA8G
-A1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNh
-Z2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxQjBABgNVBAMTOU5l
-dExvY2sgTWlub3NpdGV0dCBLb3pqZWd5em9pIChDbGFzcyBRQSkgVGFudXNpdHZh
-bnlraWFkbzEeMBwGCSqGSIb3DQEJARYPaW5mb0BuZXRsb2NrLmh1MIIBIjANBgkq
-hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1Ilstg91IRVCacbvWy5FPSKAtt2/Goq
-eKvld/Bu4IwjZ9ulZJm53QE+b+8tmjwi8F3JV6BVQX/yQ15YglMxZc4e8ia6AFQe
-r7C8HORSjKAyr7c3sVNnaHRnUPYtLmTeriZ539+Zhqurf4XsoPuAzPS4DB6TRWO5
-3Lhbm+1bOdRfYrCnjnxmOCyqsQhjF2d9zL2z8cM/z1A57dEZgxXbhxInlrfa6uWd
-vLrqOU+L73Sa58XQ0uqGURzk/mQIKAR5BevKxXEOC++r6uwSEaEYBTJp0QwsGj0l
-mT+1fMptsK6ZmfoIYOcZwvK9UdPM0wKswREMgM6r3JSda6M5UzrWhQIDAMV9o4IC
-wDCCArwwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwggJ1Bglg
-hkgBhvhCAQ0EggJmFoICYkZJR1lFTEVNISBFemVuIHRhbnVzaXR2YW55IGEgTmV0
-TG9jayBLZnQuIE1pbm9zaXRldHQgU3pvbGdhbHRhdGFzaSBTemFiYWx5emF0YWJh
-biBsZWlydCBlbGphcmFzb2sgYWxhcGphbiBrZXN6dWx0LiBBIG1pbm9zaXRldHQg
-ZWxla3Ryb25pa3VzIGFsYWlyYXMgam9naGF0YXMgZXJ2ZW55ZXN1bGVzZW5laywg
-dmFsYW1pbnQgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUgYSBNaW5vc2l0ZXR0IFN6
-b2xnYWx0YXRhc2kgU3phYmFseXphdGJhbiwgYXogQWx0YWxhbm9zIFN6ZXJ6b2Rl
-c2kgRmVsdGV0ZWxla2JlbiBlbG9pcnQgZWxsZW5vcnplc2kgZWxqYXJhcyBtZWd0
-ZXRlbGUuIEEgZG9rdW1lbnR1bW9rIG1lZ3RhbGFsaGF0b2sgYSBodHRwczovL3d3
-dy5uZXRsb2NrLmh1L2RvY3MvIGNpbWVuIHZhZ3kga2VyaGV0b2sgYXogaW5mb0Bu
-ZXRsb2NrLm5ldCBlLW1haWwgY2ltZW4uIFdBUk5JTkchIFRoZSBpc3N1YW5jZSBh
-bmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGFyZSBzdWJqZWN0IHRvIHRo
-ZSBOZXRMb2NrIFF1YWxpZmllZCBDUFMgYXZhaWxhYmxlIGF0IGh0dHBzOi8vd3d3
-Lm5ldGxvY2suaHUvZG9jcy8gb3IgYnkgZS1tYWlsIGF0IGluZm9AbmV0bG9jay5u
-ZXQwHQYDVR0OBBYEFAlqYhaSsFq7VQ7LdTI6MuWyIckoMA0GCSqGSIb3DQEBBQUA
-A4IBAQCRalCc23iBmz+LQuM7/KbD7kPgz/PigDVJRXYC4uMvBcXxKufAQTPGtpvQ
-MznNwNuhrWw3AkxYQTvyl5LGSKjN5Yo5iWH5Upfpvfb5lHTocQ68d4bDBsxafEp+
-NFAwLvt/MpqNPfMgW/hqyobzMUwsWYACff44yTB1HLdV47yfuqhthCgFdbOLDcCR
-VCHnpgu0mfVRQdzNo0ci2ccBgcTcR08m6h/t280NmPSjnLRzMkqWmf68f8glWPhY
-83ZmiVSkpj7EUFy6iRiCdUgh0k8T6GB+B3bbELVR5qq5aKrN9p2QdRLqOBrKROi3
-macqaJVmlaut74nLYKkGEsaUR+ko
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsx
-FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg
-Um9vdCBDQSAxMB4XDTAzMDUxNTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkG
-A1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdr
-b25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1ApzQ
-jVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEn
-PzlTCeqrauh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjh
-ZY4bXSNmO7ilMlHIhqqhqZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9
-nnV0ttgCXjqQesBCNnLsak3c78QA3xMYV18meMjWCnl3v/evt3a5pQuEF10Q6m/h
-q5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNVHRMBAf8ECDAGAQH/AgED
-MA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7ih9legYsC
-mEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI3
-7piol7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clB
-oiMBdDhViw+5LmeiIAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJs
-EhTkYY2sEJCehFC78JZvRZ+K88psT/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpO
-fMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilTc4afU9hDDl3WY4JxHYB0yvbi
-AmvZWg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDtzCCAp+gAwIBAgIEPsOGjjANBgkqhkiG9w0BAQUFADAdMQswCQYDVQQGEwJT
-STEOMAwGA1UEChMFQUNOTEIwHhcNMDMwNTE1MTE1MjQ1WhcNMjMwNTE1MTIyMjQ1
-WjAdMQswCQYDVQQGEwJTSTEOMAwGA1UEChMFQUNOTEIwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQC/dnU9DHxAOmZfTYz73Twu/n2UZO1K1ElIoe6RcbJ5
-yI4rH6rwMrQosqPCdU+k6aYa9qJmYSMnYSxuF5AL+t4ecVICKQSZeazAsMBmmJgR
-N2QQz5y8O0IcKVxVkPZ6Ik5Wrzdov3Q6bDzGmMxgIb/iCCfk2Su844SV19QkYPx+
-LS+dIeudkca7pNHryRKto+jItX9VS+uZAlTEgRwMrjnkanoF2E5woPoDd7Ou2LgU
-kvtBdxM1areiyohLrS1RvHaabLtAveckTCKm5v1OCHudCxDWEtKmxqFkMvQBc5aB
-4kiwwShjPTvnZ6xuxRT1FxOinB8rV/AVJ3Vd3bE01pMRAgMBAAGjgf4wgfswEQYJ
-YIZIAYb4QgEBBAQDAgAHMD8GA1UdHwQ4MDYwNKAyoDCkLjAsMQswCQYDVQQGEwJT
-STEOMAwGA1UEChMFQUNOTEIxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQwIoAPMjAw
-MzA1MTUxMTUyNDVagQ8yMDIzMDUxNTEyMjI0NVowCwYDVR0PBAQDAgEGMB8GA1Ud
-IwQYMBaAFMy7u4bWb/i+tEcid7O2rdcBWZZNMB0GA1UdDgQWBBTMu7uG1m/4vrRH
-Ineztq3XAVmWTTAMBgNVHRMEBTADAQH/MB0GCSqGSIb2fQdBAAQQMA4bCFY2LjA6
-NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEAEWfLy5prICHdb2mD1T8NupMVl05w
-diZc6J4k5zf+PFD01PkqLwwToV0EvNCw6cIDF4UFYT3Ap6p2TMO4OoOphs8D+XcO
-K7I9dhtl0WpxYHHbu7h6jvL5IYP4V0yox91lxu7vb7O2mbu0w9CrX7Kgft10ISzD
-WuuNocrY8MgX7Xa6hGNuW7m1ym3X/DQ5gC+6T9+N2PwYxDyKNS93gpatIJIYsuc2
-9K4ydLhH0dgP2CzLasIAdfks+EIOy/5zk6mP4ceuITfzyrkMtOeJfnEcVjQgw/E0
-uVVL01NS8QctKz5bGUCfEO3TKTPFrw8QVofaO8ix7TjZGftL8FAtpM3UWA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEY
-MBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21t
-dW5pY2F0aW9uIFJvb3RDQTEwHhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5
-WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMPU0VDT00gVHJ1c3QubmV0MScwJQYD
-VQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw8yl8
-9f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJ
-DKaVv0uMDPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9
-Ms+k2Y7CI9eNqPPYJayX5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/N
-QV3Is00qVUarH9oe4kA92819uZKAnDfdDJZkndwi92SL32HeFZRSFaB9UslLqCHJ
-xrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2JChzAgMBAAGjPzA9MB0G
-A1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYwDwYDVR0T
-AQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vG
-kl3g0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfr
-Uj94nK9NrvjVT8+amCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5
-Bw+SUEmK3TGXX8npN6o7WWWXlDLJs58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJU
-JRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ6rBK+1YWc26sTfcioU+tHXot
-RSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAiFL39vmwLAw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
 MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
 ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
@@ -1427,27 +646,6 @@ ecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREest2d/
 AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBF
-MQswCQYDVQQGEwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQL
-ExNUcnVzdGlzIEZQUyBSb290IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTEx
-MzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNVBAoTD1RydXN0aXMgTGltaXRlZDEc
-MBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD
-ggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQRUN+
-AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihH
-iTHcDnlkH5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjj
-vSkCqPoc4Vu5g6hBSLwacY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA
-0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zto3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlB
-OrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEAAaNTMFEwDwYDVR0TAQH/
-BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAdBgNVHQ4E
-FgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01
-GX2cGE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmW
-zaD+vkAMXBJV+JOCyinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP4
-1BIy+Q7DsdwyhEQsb8tGD+pmQQ9P8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZE
-f1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHVl/9D7S3B2l0pKoU/rGXuhg8F
-jZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYliB6XzCGcKQEN
-ZetX2fNXlrtIzYE=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEb
 MBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRow
 GAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmlj
@@ -1544,97 +742,6 @@ A6i26r7EARK1s11AdgYg1GS4KUYGis4fk5oQ7vuqWrTcL9Ury/bXBYSYBZELhPc9
 +tb5evosFeo2gkO3t7jj83EB7UNDogVFwygFBzXjAaU4HoDU18PZ3g==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFPDCCBCSgAwIBAgIRAPTPierdpMY+ka1IDi0iNoQwDQYJKoZIhvcNAQEFBQAw
-gYMxCzAJBgNVBAYTAkVTMUswSQYDVQQKE0JBZ2VuY2lhIE5vdGFyaWFsIGRlIENl
-cnRpZmljYWNpb24gUy5MLiBVbmlwZXJzb25hbCAtIENJRiBCODMzOTU5ODgxJzAl
-BgNVBAMTHkFOQ0VSVCBDZXJ0aWZpY2Fkb3MgTm90YXJpYWxlczAeFw0wNDAyMTEx
-NTU4MzBaFw0yNDAyMTExNTU4MjZaMIGDMQswCQYDVQQGEwJFUzFLMEkGA1UEChNC
-QWdlbmNpYSBOb3RhcmlhbCBkZSBDZXJ0aWZpY2FjaW9uIFMuTC4gVW5pcGVyc29u
-YWwgLSBDSUYgQjgzMzk1OTg4MScwJQYDVQQDEx5BTkNFUlQgQ2VydGlmaWNhZG9z
-IE5vdGFyaWFsZXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwkQ/Q
-Zy0psmNNHzV59mVrufPztViTJ2RPp9VbggVym38drgjSjNDRyWCwmRk11hnGADlp
-fSLvdCKDtH7qEIs+Mxzh3WQ2KfNSSm5Bw75RDB9juL+NqT8xMTu78TZEPCdlFHl1
-5hCkPFgby1NiEvWHWkaieaNg4xao3oSm+uXMxBAy9kLaR00YPeZ6DysOY/9nfUPV
-dBaQNLQPziZzIcFK2mTkT+Mjtdn2q7dKf5bhy0f9BkPRlDRpCv496GaqJgzVYzkG
-cJOtfLPkR8E7R45plwyRoEwHj8mATK5wk2iPocMiwvF1myh9kpJVOqhZGewSMRzv
-nRfcuUAJW/QtEyZzAgMBAAGjggGnMIIBozAcBgNVHREEFTATgRFhbmNlcnRAYW5j
-ZXJ0LmNvbTAfBgNVHSMEGDAWgBSE9/pyXohkZh0ojLB3vQxqn0xNYjAPBgNVHRMB
-Af8EBTADAQH/MIIBIAYDVR0gBIIBFzCCARMwggEPBgkrBgEEAYGTaAEwggEAMCUG
-CCsGAQUFBwIBFhlodHRwOi8vd3d3LmFuY2VydC5jb20vY3BzMIHWBggrBgEFBQcC
-AjCByTANFgZBTkNFUlQwAwIBARqBt0FnZW5jaWEgTm90YXJpYWwgZGUgQ2VydGlm
-aWNhY2lvbi4gTGEgZGVjbGFyYWNpb24gZGUgcHJhY3RpY2FzIGRlIGNlcnRpZmlh
-Y2lvbiBxdWUgcmlnZSBlbCBmdW5jaW9uYW1pZW50byBkZSBsYSBwcmVzZW50ZSBh
-dXRvcmlkYWQgc2UgZW5jdWVudHJhIGRpc3BvbmlibGUgZW4gaHR0cDovL3d3dy5h
-bmNlcnQuY29tL2NwczAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFIT3+nJeiGRm
-HSiMsHe9DGqfTE1iMA0GCSqGSIb3DQEBBQUAA4IBAQAv+OXYM6XClG5ewPHuoUwK
-rYYPwDPdntLZm+7FK4UpdqylElOTHaoH7Ok5ZAto8HUk6dGGjJxTausVoQm3GQe5
-nY8CshtJcMJjdN0Lqv4HxjdWxoP+wE8czDiq/e5VmIlcwlOtIIe6FmRSYezBn7vU
-YtEqyF3wK/jaEs4jy7HMwdIKvfzAgE5VSfqJ2GSjSsrui9fl7ZL7YOLiKs8tKD6m
-/4CcZcwSnqUcdFmQpYd/ZxWAEMCh0agw7KECkYpa0yMXk1pHIXnqM3oPfzg1mspW
-uL9kuqewtVEdFp6OiX04OsuETQeY2OXhjAVqpTcM1nkpPvFCxLb36hmgYeACTr8S
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFTTCCBDWgAwIBAgIQP7Ll8tF8ixhkVmKpOYF/pzANBgkqhkiG9w0BAQUFADCB
-jDELMAkGA1UEBhMCRVMxSzBJBgNVBAoTQkFnZW5jaWEgTm90YXJpYWwgZGUgQ2Vy
-dGlmaWNhY2lvbiBTLkwuIFVuaXBlcnNvbmFsIC0gQ0lGIEI4MzM5NTk4ODEwMC4G
-A1UEAxMnQU5DRVJUIENvcnBvcmFjaW9uZXMgZGUgRGVyZWNobyBQdWJsaWNvMB4X
-DTA0MDIxMTE3MjI0NVoXDTI0MDIxMTE3MjI0NVowgYwxCzAJBgNVBAYTAkVTMUsw
-SQYDVQQKE0JBZ2VuY2lhIE5vdGFyaWFsIGRlIENlcnRpZmljYWNpb24gUy5MLiBV
-bmlwZXJzb25hbCAtIENJRiBCODMzOTU5ODgxMDAuBgNVBAMTJ0FOQ0VSVCBDb3Jw
-b3JhY2lvbmVzIGRlIERlcmVjaG8gUHVibGljbzCCASIwDQYJKoZIhvcNAQEBBQAD
-ggEPADCCAQoCggEBAKIhlYfciuvWepCoaDX9F/x0OlQQkjWTQnUu2D7LqZShvmo3
-P1K6pHvahJkWeU4AaNQfE+lGOzxKnYM62CHvwvJAReEPYEUE7fyKGC75PeSkETIg
-jjq37pZAFRqZ6SGdcqzNH4muqtmhQLCoZ778eg5HsV68+DBqjjefBULsLMOmG4ur
-xFA9+uRz9SGwuFVfh+CiRzgvQF9PbKuUJFbjTI9+kOkngiibmLqa1rWbV29rFRz5
-u3ApfTz3E6jRcfGw/ohFcamldGXLw/n1Aw8Qw4YwAG7BwCaiiP4hxzI9u8Z7G7eb
-irP6sXxx2QGnQpCqL5iQhKrexq3sPFFKBR0BUZsCAwEAAaOCAacwggGjMA8GA1Ud
-EwEB/wQFMAMBAf8wggEgBgNVHSAEggEXMIIBEzCCAQ8GCSsGAQQBgZNoAzCCAQAw
-JQYIKwYBBQUHAgEWGWh0dHA6Ly93d3cuYW5jZXJ0LmNvbS9jcHMwgdYGCCsGAQUF
-BwICMIHJMA0WBkFOQ0VSVDADAgEBGoG3QWdlbmNpYSBOb3RhcmlhbCBkZSBDZXJ0
-aWZpY2FjaW9uLiBMYSBkZWNsYXJhY2lvbiBkZSBwcmFjdGljYXMgZGUgY2VydGlm
-aWFjaW9uIHF1ZSByaWdlIGVsIGZ1bmNpb25hbWllbnRvIGRlIGxhIHByZXNlbnRl
-IGF1dG9yaWRhZCBzZSBlbmN1ZW50cmEgZGlzcG9uaWJsZSBlbiBodHRwOi8vd3d3
-LmFuY2VydC5jb20vY3BzMA4GA1UdDwEB/wQEAwIBhjAcBgNVHREEFTATgRFhbmNl
-cnRAYW5jZXJ0LmNvbTAfBgNVHSMEGDAWgBSMTB43DLGf0qxECzq+As/0jS1mlTAd
-BgNVHQ4EFgQUjEweNwyxn9KsRAs6vgLP9I0tZpUwDQYJKoZIhvcNAQEFBQADggEB
-AEd0wJSR4qX7mFJEk2zEwB3gedtpZC1hrqR3kTW1t8qXqsCxhvUbaGuqWLJ8P+cD
-J/hBcbym0iCpgJWiR61tRnSthJvYb6n1uS9tm8DdmYftWbJ1gaWJhSrM0IWBTfOv
-d96MwSiaQqwFhww0nHGH/ewBFB++wy7w3/okpl0fPPGiC1GIAa4Sh6S1XXGy3+8N
-fCDjfxMLTabAd8w/1g9xx3FMLh76GQZlya1WbHeNRj+9MIMe4C5VuHgjdDxYCmM6
-TYF7bzVwrrYl2fYk/iPG2hqIr6gUk3PgwFuwMWka9ilfVrcaCsL5C+oCwTMRYmp8
-Q+jqGquQAIXgRQ99jrpQ1cY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFKjCCBBKgAwIBAgIPRHTsyGxyHljduCx+9PyVMA0GCSqGSIb3DQEBBQUAMHwx
-CzAJBgNVBAYTAkVTMUswSQYDVQQKE0JBZ2VuY2lhIE5vdGFyaWFsIGRlIENlcnRp
-ZmljYWNpb24gUy5MLiBVbmlwZXJzb25hbCAtIENJRiBCODMzOTU5ODgxIDAeBgNV
-BAMTF0FOQ0VSVCBDZXJ0aWZpY2Fkb3MgQ0dOMB4XDTA0MDIxMTE3MjcxMloXDTI0
-MDIxMTE3MjcxMlowfDELMAkGA1UEBhMCRVMxSzBJBgNVBAoTQkFnZW5jaWEgTm90
-YXJpYWwgZGUgQ2VydGlmaWNhY2lvbiBTLkwuIFVuaXBlcnNvbmFsIC0gQ0lGIEI4
-MzM5NTk4ODEgMB4GA1UEAxMXQU5DRVJUIENlcnRpZmljYWRvcyBDR04wggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQdT8/DKzK1HzESKcYuzq7obvVe9+L
-GeSCRPtl7LYSYT5pIhliNSS21RAGqUVqJCr1J4x4PMi58wVsxQID0k6AZOyGq3iU
-IgIAtWib1OVVX+DIgDDnC79r1wSOTnmYcEwcJrmzqOrwEaK5ilMCJnUSieH7iE5Z
-egDRgtgWruW2vJUlYEB3JRue743k/fBPMzElv+56ClTwkDhnEnulYNoMAYmadocu
-9RtDe+XnJkr7FWKrRRt71QqlTWxNq58oSIThg3W4GHBVU9vQ3ymQrznGF5XBlMVe
-2WVfXf9uFpWYIZ9eTfDNMTkhAxcNkR+hVZlB7FXJuz2ZXJvFf9EcXupTAgMBAAGj
-ggGnMIIBozAPBgNVHRMBAf8EBTADAQH/MIIBIAYDVR0gBIIBFzCCARMwggEPBgkr
-BgEEAYGTaAQwggEAMCUGCCsGAQUFBwIBFhlodHRwOi8vd3d3LmFuY2VydC5jb20v
-Y3BzMIHWBggrBgEFBQcCAjCByTANFgZBTkNFUlQwAwIBARqBt0FnZW5jaWEgTm90
-YXJpYWwgZGUgQ2VydGlmaWNhY2lvbi4gTGEgZGVjbGFyYWNpb24gZGUgcHJhY3Rp
-Y2FzIGRlIGNlcnRpZmlhY2lvbiBxdWUgcmlnZSBlbCBmdW5jaW9uYW1pZW50byBk
-ZSBsYSBwcmVzZW50ZSBhdXRvcmlkYWQgc2UgZW5jdWVudHJhIGRpc3BvbmlibGUg
-ZW4gaHR0cDovL3d3dy5hbmNlcnQuY29tL2NwczAOBgNVHQ8BAf8EBAMCAYYwHAYD
-VR0RBBUwE4ERYW5jZXJ0QGFuY2VydC5jb20wHwYDVR0jBBgwFoAU7FefyHYib8w6
-rlvwLaFiWNGNAswwHQYDVR0OBBYEFOxXn8h2Im/MOq5b8C2hYljRjQLMMA0GCSqG
-SIb3DQEBBQUAA4IBAQCLPd/cNix/J5z8tVhTcQoSXRBkUXG1Slb0XkRnHu8dsvGk
-UTxnbCxllnqhEqOvCwg3DpnWbiiHC2KrTnhOcoGb3xFPiWDIUaYbBglxc3w3txw4
-N5r5h+Hvoe5/18DqORT6fG8L+YbK5sV3aaCfjSmjd27FzNr23QZ602lmPmA74zLf
-rvAbniqdzITfGhBH7aVWlkI3tS1yDUESk7oyiETIrgnEvYDt/WAPcrK2ZPZjIDJw
-d4cuMy6fNchfqJJWt/8kOixd8iYFaBnyUWfP31IJ6YIEemuCp3/l0ql0axgmyLrU
-1R6lSzsmwZ0i4fsSvdViRtXXXdLdw/xhDTAFTwWL
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEW
 MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVy
 c2FsIENBMB4XDTA0MDMwNDA1MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UE
@@ -1850,79 +957,6 @@ i6mx5O+aGtA9aZnuqCij4Tyz8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQ
 O+7ETPTsJ3xCwnR8gooJybQDJbw=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEFjCCAv6gAwIBAgIIRitWxu+nkaAwDQYJKoZIhvcNAQEFBQAwZDELMAkGA1UE
-BhMCQlIxFDASBgNVBAoTC1NlcmFzYSBTLkEuMRUwEwYDVQQLEwxTZXJhc2EgQ0Eg
-SUkxKDAmBgNVBAMTH1NlcmFzYSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgSUkwHhcN
-MDQxMTI2MTIzNDQ4WhcNMjQxMTIxMTI0NDQ4WjBkMQswCQYDVQQGEwJCUjEUMBIG
-A1UEChMLU2VyYXNhIFMuQS4xFTATBgNVBAsTDFNlcmFzYSBDQSBJSTEoMCYGA1UE
-AxMfU2VyYXNhIENlcnRpZmljYXRlIEF1dGhvcml0eSBJSTCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBAK0fibJmnVu3qdXl8mBEhPmUbeJ5XW7Apa66MWOg
-qZ5RXlxuB9lKRXRfjZ5pOLYoQ5KuT4Kg/DZRNT6NoOcOKQgMNbcjPe9LGg4wWFdA
-ABLxgJqAI0rBoIaNQTiIUHNo8V9TiJQKESHFYLSiYGUrGPoQO5GSP/jVYk6+Vl7F
-kIVKNYCubjtBDJUS7qcqA068Zz1LgBkS4nQuXetIuU87bzz3wrAfGkQ9m1zAvboG
-ZQzndGcfyWQ+95+NLBtBkvgd3KlfkNJTcDWNBKokfvTNpSZO6PbzOBUwvq0a80ck
-j0pQJydT/mGaelzYbMdPVvQpLKWjFJffYg28kiNbo0r0OpUCAwEAAaOByzCByDAn
-BgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMIMF0GA1UdHwRW
-MFQwUqBQoE6GTGh0dHA6Ly93d3cuY2VydGlmaWNhZG9kaWdpdGFsLmNvbS5ici9y
-ZXBvc2l0b3Jpby9zZXJhc2FjYS9jcmwvU2VyYXNhQ0FJSS5jcmwwHQYDVR0OBBYE
-FJ7smRAASWvMij/bbwblyhQYcpODMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
-BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCgC7an3c01SOhuj6ho4LGbkSQhyVbp
-mvXucKE0sOR8PqrKl+iA/2IF5OxA7NnlnGVbAJm0ojBFBFwvtdCTr9qRBenfmTH1
-ioQPJdhn3ilrHLdI/bbekxKvd6oB6cPhMBSqX3ioR3/UulJhMfEZuNseK6iJnsYw
-cpEGsCOpAxlo8qcEq+7OUjZgykjbU/qcp3y19TQvQ36s9IS2lTKlpL7paqqLQZnK
-Ar0SO+cH0bHyRad0pybkvGhvzBkh8JTKyEJf/jn32zpeM6WbBqrQMqzIqn6LsTiI
-v+ZM6KDlj5xEHh4gHvAvYapphnzV9bfOySvFDN3KtyjCBd5nGastjaNn
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEJTCCAw2gAwIBAgIIO1f8N21wH7QwDQYJKoZIhvcNAQEFBQAwZjELMAkGA1UE
-BhMCQlIxFDASBgNVBAoTC1NlcmFzYSBTLkEuMRYwFAYDVQQLEw1TZXJhc2EgQ0Eg
-SUlJMSkwJwYDVQQDEyBTZXJhc2EgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IElJSTAe
-Fw0wNDExMjYxMzE0MTRaFw0yNDExMjExMzI0MTRaMGYxCzAJBgNVBAYTAkJSMRQw
-EgYDVQQKEwtTZXJhc2EgUy5BLjEWMBQGA1UECxMNU2VyYXNhIENBIElJSTEpMCcG
-A1UEAxMgU2VyYXNhIENlcnRpZmljYXRlIEF1dGhvcml0eSBJSUkwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyR8QAqB4a7+9PwD9vRTQ+OOqXvU40CHlD
-l4wUZJMkYRmLGFAMzB+yN8G4v8S1WUCtlVY3BJL8Wz6sIT7R2wbgks2F7gb2gV+G
-41+UtWx+2uJP5yYmMr2oY10CmjnfO+jOTGWECe94jQSlSYp7w1F+awHg6evSkhPM
-ANfGJh8E42Dv7BgU7xj2PANEQzhwNg2WINRDfr/Uhtj5LNzLLHsuHV6DF2/OEjVN
-T4ydINg1as/a/AxGBAEuA3pFToQLLSbLqy5Yf2hDlbeyTtT/l175p7IvlCFc834+
-wAAH9/+MLbWBTvb5KIW3+77jzrK+H0YdlqDkjev67DTGtLSWCfIJAgMBAAGjgdYw
-gdMwMQYDVR0lBCowKAYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYIKwYB
-BQUHAwQwXgYDVR0fBFcwVTBToFGgT4ZNaHR0cDovL3d3dy5jZXJ0aWZpY2Fkb2Rp
-Z2l0YWwuY29tLmJyL3JlcG9zaXRvcmlvL3NlcmFzYWNhL2NybC9TZXJhc2FDQUlJ
-SS5jcmwwHQYDVR0OBBYEFEbCeKtU4PhoJznfQrPzVMMGfSahMA8GA1UdEwEB/wQF
-MAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCAORydPYkg
-BvTtCVyPLh9hKWWwbDsheNgxk9iu/KeA7VUlVzgE6Bzqu16ZJ1i0PXADT+4GVGX7
-XQrUR5BRAO2C35f215CvGHlgM6BIFVz6UsANGWwmwnMbvhsDOHAYjpU8euD07jjC
-5jDDtgFsUgeKKV9UnVyPLP0+uQrPblf/3JD49NcmV8YCygsFrcZwx0gWqmXgllvK
-6/tdO7HGX7weOOugQNCo2JbibzSShT6WBBWqJAw4VbZpIjR8QdgQvDSbzx9MJQdW
-IJFCORlRCzyQ03kY2u8dn+7iugEUXhWDgzvOpwXzQMc7RpzAD9PWKk+TBwf1/4rU
-pwblLq4MSItw
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEETCCAvmgAwIBAgIIKdd635KqSkYwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UE
-BhMCQlIxFDASBgNVBAoTC1NlcmFzYSBTLkEuMRQwEgYDVQQLEwtTZXJhc2EgQ0Eg
-STEnMCUGA1UEAxMeU2VyYXNhIENlcnRpZmljYXRlIEF1dGhvcml0eSBJMB4XDTA0
-MTEyNjE0MDI0NVoXDTI0MTEyMTE0MTI0NVowYjELMAkGA1UEBhMCQlIxFDASBgNV
-BAoTC1NlcmFzYSBTLkEuMRQwEgYDVQQLEwtTZXJhc2EgQ0EgSTEnMCUGA1UEAxMe
-U2VyYXNhIENlcnRpZmljYXRlIEF1dGhvcml0eSBJMIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEA0LvctuizvowcbUXdlCuK8+Fz2Gu8hhPJU9t42GNeu1c3
-pYgcLoATazmsmJ7ZebHtJ7EAqkFyfo1VqUTzD7mYSe24T0YPTLx/ESCwmfJyj192
-RQXM68BjxsE9rpEWuHIKOc6hXLZH+WfX5e5iIcbydZYOUnrL3WNOieI7O6g/qK7B
-pFR98wNw1o4QbBnWE8l/huAoYZkPMx77zNa6/Rp5301ETK2QN2K63447MLXXKQKw
-sKT8eV9MAsHxdTIZ5HaJWY5h30uQPDHseVOibtYL9GN3bLpY21JVmvyOra/ImKXh
-Ge7x6YRLkn2If7qKU8yc8LWColm/kfNQEaPqmdHkHQIDAQABo4HKMIHHMCcGA1Ud
-JQQgMB4GCCsGAQUFBwMEBggrBgEFBQcDAgYIKwYBBQUHAwgwXAYDVR0fBFUwUzBR
-oE+gTYZLaHR0cDovL3d3dy5jZXJ0aWZpY2Fkb2RpZ2l0YWwuY29tLmJyL3JlcG9z
-aXRvcmlvL3NlcmFzYWNhL2NybC9TZXJhc2FDQUkuY3JsMB0GA1UdDgQWBBT4OO5c
-bu2rlqBF6zYP3NmrOjFY/TAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
-BjANBgkqhkiG9w0BAQUFAAOCAQEAZtQ25i1w/ZKICKkwquAhqrdQZ63AyGwgkxdx
-yK7IaWss3RO7fOJMCbnW2bMZa1ewb3VH7nWYKOii3C/V4GomKY47eRGy1mkKsg7W
-TTB/NblKXpAHoucle877Ku5yKJroD1qRYzi1lb5kOuoY0pz+ZKfm+hxSh6WEBbxZ
-fzFz7B8K82cR8pMgEzGVTiX50r4TG+MukoqFnl3PhRpS26LoUOAFFOFPisjNtqXh
-WANapXiag0D4EjVoXcyHAfmnEq0497Xz7TC3Potu6m7Jnscba51YfIwe/Btv+3L4
-dE7FWp4Auff/2/BN6urImkjPICgnA1MmC5xXKtnjM186X2Bygg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIDcDCCAligAwIBAgIBBTANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQGEwJVUzEY
 MBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsT
 A1BLSTEWMBQGA1UEAxMNRG9EIFJvb3QgQ0EgMjAeFw0wNDEyMTMxNTAwMTBaFw0y
@@ -1977,37 +1011,36 @@ W9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmODBCEIZ43ygknQW/2xzQ+D
 hNQ+IIX3Sj0rnP0qCglN6oH4EZw=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFujCCBKKgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhjELMAkGA1UEBhMCVVMx
-HTAbBgNVBAoTFEFwcGxlIENvbXB1dGVyLCBJbmMuMS0wKwYDVQQLEyRBcHBsZSBD
-b21wdXRlciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxKTAnBgNVBAMTIEFwcGxlIFJv
-b3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTA1MDIxMDAwMTgxNFoXDTI1MDIx
-MDAwMTgxNFowgYYxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRBcHBsZSBDb21wdXRl
-ciwgSW5jLjEtMCsGA1UECxMkQXBwbGUgQ29tcHV0ZXIgQ2VydGlmaWNhdGUgQXV0
-aG9yaXR5MSkwJwYDVQQDEyBBcHBsZSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0
-eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOSRqQkfkdseR1DrBe1e
-eYQt6zaiV0xV7IsZid75S2z1B6siMALoGD74UAnTf0GomPnRymacJGsR0KO75Bsq
-wx+VnnoMpEeLW9QWNzPLxA9NzhRp0ckZcvVdDtV/X5vyJQO6VY9NXQ3xZDUjFUsV
-WR2zlPf2nJ7PULrBWFBnjwi0IPfLrCwgb3C2PwEwjLdDzw+dPfMrSSgayP7OtbkO
-2V4c1ss9tTqt9A8OAJILsSEWLnTVPA3bYharo3GSR1NVwa8vQbP4++NwzeajTEV+
-H0xrUJZBicR0YgsQg0GHM4qBsTBY7FoEMoxos48d3mVz/2deZbxJ2HafMxRloXeU
-yS0CAwEAAaOCAi8wggIrMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
-MB0GA1UdDgQWBBQr0GlHlHYJ/vRrjS5ApvdHTX8IXjAfBgNVHSMEGDAWgBQr0GlH
-lHYJ/vRrjS5ApvdHTX8IXjCCASkGA1UdIASCASAwggEcMIIBGAYJKoZIhvdjZAUB
-MIIBCTBBBggrBgEFBQcCARY1aHR0cHM6Ly93d3cuYXBwbGUuY29tL2NlcnRpZmlj
-YXRlYXV0aG9yaXR5L3Rlcm1zLmh0bWwwgcMGCCsGAQUFBwICMIG2GoGzUmVsaWFu
-Y2Ugb24gdGhpcyBjZXJ0aWZpY2F0ZSBieSBhbnkgcGFydHkgYXNzdW1lcyBhY2Nl
-cHRhbmNlIG9mIHRoZSB0aGVuIGFwcGxpY2FibGUgc3RhbmRhcmQgdGVybXMgYW5k
-IGNvbmRpdGlvbnMgb2YgdXNlLCBjZXJ0aWZpY2F0ZSBwb2xpY3kgYW5kIGNlcnRp
-ZmljYXRpb24gcHJhY3RpY2Ugc3RhdGVtZW50cy4wRAYDVR0fBD0wOzA5oDegNYYz
-aHR0cHM6Ly93d3cuYXBwbGUuY29tL2NlcnRpZmljYXRlYXV0aG9yaXR5L3Jvb3Qu
-Y3JsMFUGCCsGAQUFBwEBBEkwRzBFBggrBgEFBQcwAoY5aHR0cHM6Ly93d3cuYXBw
-bGUuY29tL2NlcnRpZmljYXRlYXV0aG9yaXR5L2Nhc2lnbmVycy5odG1sMA0GCSqG
-SIb3DQEBBQUAA4IBAQCd2i0oWC99dgS5BNM+zrdmY06PL9T+S61yvaM5xlJNBZhS
-9YlRASR5vhoy9+VEi0tEBzmC1lrKtCBe2a4VXR2MHTK/ODFiSF3H4ZCx+CRA+F9Y
-m1FdV53B5f88zHIhbsTp6aF31ywXJsM/65roCwO66bNKcuszCVut5mIxauivL9Wv
-Hld2j383LS4CXN1jyfJxuCZA3xWNdUQ/eb3mHZnhQyw+rW++uaT+DjUZUWOxw961
-kj5ReAFziqQjyqSI8R5cH0EWLX6VCqrpiUGYGxrdyyC/R14MJsVVNU3GMIuZZxTH
-CR+6R8faAQmHJEKVvRNgGQrv6n8Obs3BREM6StXj
+MIIFlDCCBHygAwIBAgIBATANBgkqhkiG9w0BAQUFADCCATExFzAVBgNVBAcTDkFs
+dmFybyBPYnJlZ29uMRkwFwYDVQQIExBEaXN0cml0byBGZWRlcmFsMQswCQYDVQQG
+EwJNWDEOMAwGA1UEERMFMDEwMzAxHTAbBgNVBAkTFEluc3VyZ2VudGVzIFN1ciAx
+OTQwMUIwQAYDVQQDEzlBdXRvcmlkYWQgQ2VydGlmaWNhZG9yYSBSYWl6IGRlIGxh
+IFNlY3JldGFyaWEgZGUgRWNvbm9taWExNDAyBgNVBAsTK0RpcmVjY2lvbiBHZW5l
+cmFsIGRlIE5vcm1hdGl2aWRhZCBNZXJjYW50aWwxHzAdBgNVBAoTFlNlY3JldGFy
+aWEgZGUgRWNvbm9taWExJDAiBgkqhkiG9w0BCQEWFWFjcnNlQGVjb25vbWlhLmdv
+Yi5teDAeFw0wNTA1MDgwMDAwMDBaFw0yNTA1MDgwMDAwMDBaMIIBMTEXMBUGA1UE
+BxMOQWx2YXJvIE9icmVnb24xGTAXBgNVBAgTEERpc3RyaXRvIEZlZGVyYWwxCzAJ
+BgNVBAYTAk1YMQ4wDAYDVQQREwUwMTAzMDEdMBsGA1UECRMUSW5zdXJnZW50ZXMg
+U3VyIDE5NDAxQjBABgNVBAMTOUF1dG9yaWRhZCBDZXJ0aWZpY2Fkb3JhIFJhaXog
+ZGUgbGEgU2VjcmV0YXJpYSBkZSBFY29ub21pYTE0MDIGA1UECxMrRGlyZWNjaW9u
+IEdlbmVyYWwgZGUgTm9ybWF0aXZpZGFkIE1lcmNhbnRpbDEfMB0GA1UEChMWU2Vj
+cmV0YXJpYSBkZSBFY29ub21pYTEkMCIGCSqGSIb3DQEJARYVYWNyc2VAZWNvbm9t
+aWEuZ29iLm14MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWSg9OdS
+cLLqkxP0NTof6jocxRuLWOGW1gJBXo6FQP9BZkBT/Ji10TIyl2dAgJ3uID8OVPtC
+B/t3GpnYhvQcKogl8+lEo07+B76xyO88jYfgHspJEDso7yRRofyIF0rnHMhUZ2Po
+ajHmQ2z2QBGGxFbuvckdpkY8HkbCgo0uqejudgpD4HJNjPTFBvosAQAzYM44cDRr
+FxrremRhp5OkZWrXI8d2epRRC+yeqM87olAyHEK9Y+GHy7mFSA7A1Vi29s5L8gfP
+4wTVH8LWo26ju7a3bsTxoh8WvLYtsO/0Wpspjbzh/AdbHgkzgnjMQG1xs2MTL9NM
+Nqw5T8bBsLb1hQIDAQABo4GyMIGvMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9h
+Yy5lY29ub21pYS5nb2IubXgvbGFzdC5jcmwwRwYDVR0gBEAwPjA8Bghgg2RlCoI8
+ATAwMC4GCCsGAQUFBwIBFiJodHRwOi8vYWMuZWNvbm9taWEuZ29iLm14L2Nwcy5o
+dG1sMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMBEGCWCGSAGG+EIBAQQE
+AwIABzANBgkqhkiG9w0BAQUFAAOCAQEATCp4UwSWc2CrNazAxOPnyHClKS+HGOWo
+gt4H1Qj0z549nvxKLBZ8n6KdZRDMwRubamfasrMd/81kejhjrUj983Lh+p+7V92/
+zMJU2JU8ZtdrBrqvqeBtCO+ktpA9DG4gF6eWp3xoSpyYxAdvwQJikTibneOKeVOd
+nyR2JfatKFYGqu8HrLr2bOQlMX2IgDp4Rvh54TjgE+dhKUfzyxQA09ri3e1z30vy
+Y+Qm2HXQTUMUkBaURwH/oVlL5HabWQPe1hf2e9dc+Onjb8hO4EcmseKcfEox5WQR
+4LBf2pE2SB/6CYplaPUOwp/vuGrPd/4S7TbaETatGWrC1I5S12jvMQ==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEvDCCA6SgAwIBAgIQAJCLMk/BkBrOtMM4Cc3P5DANBgkqhkiG9w0BAQUFADB5
@@ -2554,47 +1587,48 @@ Aofo8DaR6/LntdIEuS64XY0dmi4LFhnNdqSr+9Hio6LchH176lDq9bIEO4lSOrLD
 GU+5JrG8vCyy4YGms2G19EVgLyx1xcgtiEsmu3DuO38BLQ==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIHqTCCBZGgAwIBAgIQYwaGp8U3ZaVDkKhqWMzUMjANBgkqhkiG9w0BAQUFADCB
-jzELMAkGA1UEBhMCTFYxNTAzBgNVBAoTLFZBUyBMYXR2aWphcyBQYXN0cyAtIFZp
-ZW4ucmVnLk5yLjQwMDAzMDUyNzkwMSMwIQYDVQQLExpTZXJ0aWZpa2FjaWphcyBw
-YWthbHBvanVtaTEkMCIGA1UEAxMbVkFTIExhdHZpamFzIFBhc3RzIFNTSShSQ0Ep
-MB4XDTA2MDkxMzA5MjIxMFoXDTI0MDkxMzA5Mjc1N1owgY8xCzAJBgNVBAYTAkxW
-MTUwMwYDVQQKEyxWQVMgTGF0dmlqYXMgUGFzdHMgLSBWaWVuLnJlZy5Oci40MDAw
-MzA1Mjc5MDEjMCEGA1UECxMaU2VydGlmaWthY2lqYXMgcGFrYWxwb2p1bWkxJDAi
-BgNVBAMTG1ZBUyBMYXR2aWphcyBQYXN0cyBTU0koUkNBKTCCAiIwDQYJKoZIhvcN
-AQEBBQADggIPADCCAgoCggIBAJu4+f1hVS9PpKUUtS6OuSSPrPuxVD9A/0/F5YZo
-e1OT+zWCNahQLpRSoNuDPnXaFXCsCc/ugkmtNkm5tHGLtAChQgbKCApjl7YI/O60
-3Jh4GYLJ+H9kPqrJ/rGN67Bk9bzzxD46kOpOjj8bGbxqg8ORPGxV+wpSwOjhXXeF
-M8VJ3+xqv79sN/6OSaIVGM6LjmseOKMwb4iBfnJWRBrEejkP9sSPltSy6wBOXN67
-5zu35iQFk2tN5pFEv+6YG8eFGxFBeyI2p74+6Ho33BjekJ2PzbLXmj/iF39bDOHv
-P2Y9biTksM7DDIhslNo4JXxSOeNzFLMARWOaDEJAXgTG93JkzsluM7Pk020klTeT
-fvIAXRmLH/NDc6ifRdIGqey0Qrv67gzHTz9RH9Gv0KwYf4eBIv6p3QeWbXz4TtlN
-OlBp1UF+xdp02I5z5X6D4cMZgbe9v0COvi6aogyqTgIuuyrhCF0xA8msJ7Cv3NXI
-FH1AnVWJIfmQzNTJYEFzq+jN2DpVOQqCmf6b9fU8HJHLwPpGVK4h/CqsXHveepdx
-/WxrzUiapNuBfBg3L5B9YZS9F8lctlQWd8oJSqrpvE+UdQFaVryS0o+515feVnQB
-9xZxSbH1GEaZQe5i4bMsZXVpKXJDA/ibH/o49J7sQBCOrJfVsDO+nxjcLfdBeFRK
-YkTnAgMBAAGjggH9MIIB+TAOBgNVHQ8BAf8EBAMCAQYwGAYIKwYBBQUHAQMEDDAK
-MAgGBgQAjkYBATAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTMw/Vm/3OsOFqW
-GyGJuIFMH8teJTAQBgkrBgEEAYI3FQEEAwIBADCCAYkGA1UdIASCAYAwggF8MIIB
-eAYLKwYBBAGBxFkBAQIwggFnMIIBOAYIKwYBBQUHAgIwggEqHoIBJgBTAGkAcwAg
-AGkAcgAgAHMAZQByAHQAaQBmAGkAawBhAHQAcwAsACAAawBvACAAaQB6AGQAZQB2
-AGkAcwAgAFYAQQBTACAATABhAHQAdgBpAGoAYQBzACAAUABhAHMAdABzACwAIABu
-AG8AZAByAG8AcwBpAG4AbwB0ACAAYQB0AGIAaQBsAHMAdABpAGIAdQAgAEUAbABl
-AGsAdAByAG8AbgBpAHMAawBvACAAZABvAGsAdQBtAGUAbgB0AHUAIABsAGkAawB1
-AG0AYQBtACAAdQBuACAARQBpAHIAbwBwAGEAcwAgAFAAYQByAGwAYQBtAGUAbgB0
-AGEAIABkAGkAcgBlAGsAdABpAHYAYQBpACAAMQA5ADkAOQAvADkAMwAvAEUASzAp
-BggrBgEFBQcCARYdaHR0cDovL3d3dy5lLW1lLmx2L3JlcG9zaXRvcnkwDQYJKoZI
-hvcNAQEFBQADggIBAB8oSjWQIWNoCi94r6MegiaXoz8nGdJLo0J6BhNlW8EEy+t9
-fO+U8vGJ9bffUgIhadLqljTloM+XuJxVDhCFoxReLAX4tTp28/l6uN62DCdp8suU
-kQsdudWOb5kvzfIZVjk6SFbwAf+Cdbay/dHU9fJjV0xNoX7MELoEae/0FPyzlx9F
-7m9KKH/Rxie8x6Opa3vtghNvq94P+3HrXBEaqSzQMJ/8NjdW75XpurcTtq6fAmGt
-nuxrBG82nw+Z98LJyEwouSjUIdeeVNXAzvSO5FWUe48kxjj8q3qkVnc9qEXvZJKk
-0Ep+u3OL9A1Sc7g6SF5DgNOpcHdi/8coHHMeQ+YnJFtJueY2pI79xS0veqV5EnrX
-IbIlbcgPosNhS+VI4le6n/KKId3bZPDaGd/OwJuAOcJ3d2MVU3KE+qSPBzeGIX1Q
-+j1qN9uRDjez/c4Lynth0Jx0nH04aG3pex3W8Sq07ztgUncF5gLCX4xbvPB9t3PH
-kWuyKrNjozTVq60lcUf/Gj56to2VdsPups0DCWzuRWeYz5lIdsHOinSaaFIBNCLI
-7eIUC4S9bhCMsXKbvugI11fVf+q0AT1O5OLoZ+eMfunnQhHvlUbIkda+JxeAGTSY
-58bfHvwhX56GPbx+8Jy9cp70R4JbcWfz+txUTKhc2FnH0AcOEzMnvPRp8Gsh
+MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW
+MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg
+Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9
+MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi
+U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh
+cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk
+pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf
+OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C
+Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT
+Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi
+HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM
+Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w
++2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+
+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3
+Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B
+26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID
+AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE
+FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j
+ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js
+LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM
+BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0
+Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy
+dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh
+cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh
+YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg
+dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp
+bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ
+YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT
+TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ
+9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8
+jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW
+FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz
+ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1
+ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L
+EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu
+L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq
+yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC
+O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V
+um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh
+NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW
@@ -3107,50 +2141,6 @@ wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHN
 pGxlaKFJdlxDydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1
-MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMjETMBEG
-A1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6ErPL
-v4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8
-eoLrvozps6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklq
-tTleiDTsvHgMCJiEbKjNS7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzd
-C9XZzPnqJworc5HGnRusyMvo4KD0L5CLTfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pa
-zq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6CygPCm48CAwEAAaOBnDCB
-mTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUm+IH
-V2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
-bG9iYWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG
-3lm0mi3f3BmGLjANBgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4Gs
-J0/WwbgcQ3izDJr86iw8bmEbTUsp9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO
-291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu01yiPqFbQfXf5WRDLenVOavS
-ot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG79G+dwfCMNYxd
-AfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7
-TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYG
-A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh
-bCBSb290MB4XDTA2MTIxNTA4MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UE
-ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS
-b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5
-7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS
-J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y
-HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP
-t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz
-FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY
-XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
-MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw
-hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js
-MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUA
-A4IBAQBW7wojoFROlZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMj
-Wqd8BfP9IjsO0QbE2zZMcwSO5bAi5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUx
-XOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2hO0j9n0Hq0V+09+zv+mKts2o
-omcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+TX3EJIrduPuoc
-A06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW
-WL1WMRJOEcgh4LMRkWXbtKaIOM5V
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIGKjCCBBKgAwIBAgIQZgej0p0pVhgO4V5ZmLGEVTANBgkqhkiG9w0BAQUFADB0
 MQswCQYDVQQGEwJMVDErMCkGA1UEChMiU2thaXRtZW5pbmlvIHNlcnRpZmlrYXZp
 bW8gY2VudHJhczEgMB4GA1UECxMXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFjAU
@@ -3317,6 +2307,60 @@ hGgNEVosr3mecJSfxWTLzHj2U1zg1w2xPuMWC/Om7DRCPnUQhKXYvbHj6mHmJJzC
 gdoe2G/8eC0W40QtwNI9Xn2g0lbUYDdx/kyOZZzWO9o23NgzZ9AB
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIJmzCCB4OgAwIBAgIBATANBgkqhkiG9w0BAQUFADCCAR4xPjA8BgNVBAMTNUF1
+dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
+YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
+dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
+aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
+IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
+KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTA3MDIxNjE1MzU1
+MVoXDTI3MDIxMTIzNTk1OVowggEeMT4wPAYDVQQDEzVBdXRvcmlkYWQgZGUgQ2Vy
+dGlmaWNhY2lvbiBSYWl6IGRlbCBFc3RhZG8gVmVuZXpvbGFubzELMAkGA1UEBhMC
+VkUxEDAOBgNVBAcTB0NhcmFjYXMxGTAXBgNVBAgTEERpc3RyaXRvIENhcGl0YWwx
+NjA0BgNVBAoTLVNpc3RlbWEgTmFjaW9uYWwgZGUgQ2VydGlmaWNhY2lvbiBFbGVj
+dHJvbmljYTFDMEEGA1UECxM6U3VwZXJpbnRlbmRlbmNpYSBkZSBTZXJ2aWNpb3Mg
+ZGUgQ2VydGlmaWNhY2lvbiBFbGVjdHJvbmljYTElMCMGCSqGSIb3DQEJARYWYWNy
+YWl6QHN1c2NlcnRlLmdvYi52ZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBALcok9KOeQsz+FEa+MXGdAJVJN63wozmjcrg6uCuKguU9VhnC1UzxQjFsUze
+rnpGVwX2QYVnA0NJxyzm9fWMSkimcynnpO85uHeFyk8M1DT7WBR8REn50eK9MqVo
+8tNXAS80lUxxGdm7dbKY4iL9TL8megLnfNBNSUUaLeq11d1NL47W/uW9+hAzWlu6
+aPt3cc/Fpd01XMlGL/K0w9NB5Tv9KQWDerAH6QWIKjMkmxmeQ5USojV55hztS1gP
+snlcPWk+5oPC9H/MkZxTPn8JK9ATXcOpFMAwNn9jgJL7BMljYzV/cZFHS03aurrz
+fnb+hI3leMTpCzlnbFAR/eUSN2JIyu/blsHu3S5aXQiDVxNb+q7NCMqACeza38Zd
+6ONTyaD8gvAV6JR9rY6wB3SqKWr5Nef0wMn9/EJoGhfTli5SIjYmfjYKWj5gzrDU
++vM3gHnlFix6hiskajdswgLEoK+PG7onW2ar6CQpay/U68FcDsn2jIDHhxAIaZIS
+K6FoecIYvZX6P8SlemDBMxuMaepXR9dFHM9hpyCaqzXbume4bscS8paLWQwMduil
+oQjOEP0Ocl7Fnuk4w2Kvek+aL69s0ykp6yPoGs0y03S83FmLfwtIt4rT5LfUYQv9
+3dDBluLOt++Elw3A3HbajirVPI4lzsLFlirwUXqm/Wf7Gy6PAgMBAAGjggLeMIIC
+2jASBgNVHRMBAf8ECDAGAQH/AgECMDcGA1UdEgQwMC6CD3N1c2NlcnRlLmdvYi52
+ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0wMB0GA1UdDgQWBBRmDZwMrrrR
+SkMD7hObbfHS1HLVmjCCAVAGA1UdIwSCAUcwggFDgBRmDZwMrrrRSkMD7hObbfHS
+1HLVmqGCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0b3JpZGFkIGRlIENlcnRpZmlj
+YWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xhbm8xCzAJBgNVBAYTAlZFMRAw
+DgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0cml0byBDYXBpdGFsMTYwNAYD
+VQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25p
+Y2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEgZGUgU2VydmljaW9zIGRlIENl
+cnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkqhkiG9w0BCQEWFmFjcmFpekBz
+dXNjZXJ0ZS5nb2IudmWCAQEwDgYDVR0PAQH/BAQDAgEGMDcGA1UdEQQwMC6CD3N1
+c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0wMFQGA1Ud
+HwRNMEswJKAioCCGHmh0dHA6Ly93d3cuc3VzY2VydGUuZ29iLnZlL2xjcjAjoCGg
+H4YdbGRhcDovL2FjcmFpei5zdXNjZXJ0ZS5nb2IudmUwNwYIKwYBBQUHAQEEKzAp
+MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5zdXNjZXJ0ZS5nb2IudmUwQAYDVR0g
+BDkwNzA1BgVghl4BAjAsMCoGCCsGAQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRl
+LmdvYi52ZS9kcGMwDQYJKoZIhvcNAQEFBQADggIBAIIZ7DHkEaEoHIGrJR44YAjG
+9wyGXUMOpagwfBUyBmrhUc2sARNuBhmQJkhYGUUnLwDuDZFx7Y3FwjcZoEYzls1n
+KJM689/pTskFl4gk6xZnRVl8imf2j8P1jWBVzQ+B2AFuuIE0VVHxkya577LkieqR
+5AcTbV+93DRdvy/tsgpNaEUdKQmIgZTb+HbzEUxJHNLJSyqctDuTAZi66gQGG/im
+kSu4raQHHdvcK8XmUoMwwzdhG/vKv6sAfvKTS+lAlZA73lZx8n/0A9wGz8fpEd0A
+dhhUDH3SAxyETKkrtNp2dsv0E2jbEvC6piAUoYvaJcGhZMMxq4dmAxzzwGFhilxR
+xDwv4RYJjxV9xHlRmHzViwVI1/NB7Ob8d5bIDc7w417eSIuel//xAIC8ufVzPsoM
+/12n3mheMLinbec52N0/Wi/gZKbVANl0e/1vWbPd6okO/ou7QE/PGk4aHwq8rA+U
+72NM6WATAicV+rZkR0/qlDVkgfWeIg/Spl5/kqrzAHHwT3YQCNEFZGnPy6sVqPbX
+DQnG50JaARYKLm8z3akalf8gjY5UIJ3PHb39JIqpIKRwU84Q/1RIsqJo9HELd3zM
+rtcHFBfTfa7dx3DPYo30r4mE7LNT9gZ5f9+Ct8eOAvbQ3WoubQGG5r55+c7FZAU2
+EHgFy96xE/FAndEXR872
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIG/zCCBOegAwIBAgICcRkwDQYJKoZIhvcNAQEFBQAwWjELMAkGA1UEBhMCRlIx
 EzARBgNVBAoTCkNlcnRldXJvcGUxFzAVBgNVBAsTDjAwMDIgNDM0MjAyMTgwMR0w
 GwYDVQQDExRDZXJ0ZXVyb3BlIFJvb3QgQ0EgMjAeFw0wNzAzMjcyMjAwMDBaFw0z
@@ -3377,60 +2421,6 @@ buXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2G8kS1sHNzYDzAgE8yGnLRUhj
 2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5mmxE=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIElTCCA32gAwIBAgIDAw6VMA0GCSqGSIb3DQEBBQUAMEsxCzAJBgNVBAYTAkRF
-MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJTAjBgNVBAMMHEQtVFJVU1QgUm9vdCBD
-bGFzcyAyIENBIDIwMDcwHhcNMDcwNTE2MDUyMDQ3WhcNMjIwNTE2MDUyMDQ3WjBL
-MQswCQYDVQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMSUwIwYDVQQDDBxE
-LVRSVVNUIFJvb3QgQ2xhc3MgMiBDQSAyMDA3MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAs83khBVJ+OTWzoSzmq32MHWQDYTr7tqzenUq4juk6jAs6z13
-jYGEaEqmpGjckHNhNGUHHSOlDOa/090zXdoy7aYNU6Z0alwZWaZMtS95AV6ef0r6
-usknftT/zQBZIOsGzLNEz9aF6e07DGzB6oxc4LmpAvATACeTnFD+zRNPbRtqqt0P
-/0YlGdzhXlCsGn8Oy9ruIPzD9JxKeDVu7jHHRRZyhdKCINtSRXw8v1lX+Yd0Vphb
-HVCOzC+zsz+L7uw3SQGI79ghDJPT9m6JT7oXy0SBt3unI7t0CtPY6jdFJ//c8J5D
-47p7ihuafemGoP4v0db2h1eq8imUh3MV+mpOrQIDAQABo4IBgDCCAXwwDwYDVR0T
-AQH/BAUwAwEB/zAdBgNVHQ4EFgQUkTCr9vPGRLfr3Si8DxSfUl1ifwIwOQYIKwYB
-BQUHAQEELTArMCkGCCsGAQUFBzABhh1odHRwOi8vdXNlcnMub2NzcC5kLXRydXN0
-Lm5ldDAzBgNVHREELDAqgRBpbmZvQGQtdHJ1c3QubmV0hhZodHRwOi8vd3d3LmQt
-dHJ1c3QubmV0MA4GA1UdDwEB/wQEAwIBBjCByQYDVR0fBIHBMIG+MIG7oIG4oIG1
-hnZsZGFwOi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290
-JTIwQ2xhc3MlMjAyJTIwQ0ElMjAyMDA3LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9j
-ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0hjtodHRwOi8vd3d3LmQtdHJ1c3QubmV0
-L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfMl9jYV8yMDA3LmNybDANBgkqhkiG9w0B
-AQUFAAOCAQEAW4vyQ+MFLmQf1ZKpUWtk/A5GzAeZ4rf8kykg3PwvYOSsfSUy7RDh
-D2/b8rxO7kHJs9QHSHoKr6S2/1Ew7cvSnOt/UO5L4mKnNMIg9vP29TbAy5EQ6+0u
-jfQHGiEMNXf0fC2NSaXXC0Ro1dLi5Qx4OBPKsUxSqirl1a9cBTmdLa2+I1bVL1Xz
-3p2rgjagTbdZkUfu3oOl6jteJwWAC20sUPQBN9Wjdxfs/t2E9MX4UJLQS8Yuo4tA
-5MM3o3e9zixV4qzfXWQAur6najEG/JlrUBUlnal2mqdNKpoCY+tw5/4RJtAYxaYf
-CkOT8hjZ9Tl5uAddjB/mP/PFyyFmMXt7zw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIElTCCA32gAwIBAgIDAw6WMA0GCSqGSIb3DQEBBQUAMEsxCzAJBgNVBAYTAkRF
-MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJTAjBgNVBAMMHEQtVFJVU1QgUm9vdCBD
-bGFzcyAzIENBIDIwMDcwHhcNMDcwNTE2MDUyMDQ3WhcNMjIwNTE2MDUyMDQ3WjBL
-MQswCQYDVQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMSUwIwYDVQQDDBxE
-LVRSVVNUIFJvb3QgQ2xhc3MgMyBDQSAyMDA3MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAuo3NNVMy7qa9SJCa8uroWA9HZqjMbgkS5KHLW9+TuPbpOTn4
-xtjpzxqGvKauD4yvCEXj8o4rwlxZK/qMNrNwHchQPKVWvuqu6Uf250kPr3+UJtQC
-Gge4ujlVzp+7Ijkp2DXFmQMh2Kc4Y/HkNN9Hrp838WygmcIisG1y3CLJMTnoVteg
-jzohW4aaTyj5HHb3zE8/+U53iyqciqp5QYrVHNk5b5jJXkWXHQmUGdlQUYVyc7+s
-S510NHGHIRYPfu7SSX7KSdP5kipHSE8PXVqhy9Uo7PCSxXJDRuuzA6bzVyVKCmGE
-CibW76a42BSNeLnTtyXRTuNaFqrsnwfuIxB9tQIDAQABo4IBgDCCAXwwDwYDVR0T
-AQH/BAUwAwEB/zAdBgNVHQ4EFgQUgi82I0l4IELXsFJYoNZ0VBV4v6owOQYIKwYB
-BQUHAQEELTArMCkGCCsGAQUFBzABhh1odHRwOi8vdXNlcnMub2NzcC5kLXRydXN0
-Lm5ldDAzBgNVHREELDAqgRBpbmZvQGQtdHJ1c3QubmV0hhZodHRwOi8vd3d3LmQt
-dHJ1c3QubmV0MA4GA1UdDwEB/wQEAwIBBjCByQYDVR0fBIHBMIG+MIG7oIG4oIG1
-hnZsZGFwOi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290
-JTIwQ2xhc3MlMjAzJTIwQ0ElMjAyMDA3LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9j
-ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0hjtodHRwOi8vd3d3LmQtdHJ1c3QubmV0
-L2NybC9kLXRydXN0X3Jvb3RfY2xhc3NfM19jYV8yMDA3LmNybDANBgkqhkiG9w0B
-AQUFAAOCAQEAVQ5oCo3c2aiGYAJpeY196ZDC2R0dtQ67c5JkYxRGTNBqu6N1XYYZ
-OGGGHbiKIjSjtDUVs6lgTFQXn7HeWzLifmveTyLwLR0iBJ62Sk+rLFad493ssSZO
-KtdVwj69gte+VbtFyClbhjydP2hEREQ2DWi/rgGiGbVMl//yljxnskLeD+Ggl07K
-5zRlrpWCYWcmcy3de+eVSw4hqpKuTPzGs6nlmYMyOfBgwkxRqMFHFDWJpU02D58b
-AnFBjUJKJPivbp0NcIaNqmITHgOLJPnDVJNJhRt1dmJ/Iv9JvXZzDD+YrSqy+ufF
-33T1/2kxVQo6wBliNcRJuSsZHfRwme7Y3A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIFijCCA3KgAwIBAgIQDHbanJEMTiye/hXQWJM8TDANBgkqhkiG9w0BAQUFADBf
 MQswCQYDVQQGEwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdp
 Tm90YXIgUm9vdCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmww
@@ -3506,56 +2496,6 @@ t0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw
 WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEuzCCA6OgAwIBAgIEOaaXFTANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJJ
-RTEQMA4GA1UEChMHQW4gUG9zdDEYMBYGA1UECxMPUG9zdC5UcnVzdCBMdGQuMRsw
-GQYDVQQDExJQb3N0LlRydXN0IFJvb3QgQ0EwHhcNMDcwNzA1MDkxNDA4WhcNMjIw
-NzA1MDkxMjMzWjBWMQswCQYDVQQGEwJJRTEQMA4GA1UEChMHQW4gUG9zdDEYMBYG
-A1UECxMPUG9zdC5UcnVzdCBMdGQuMRswGQYDVQQDExJQb3N0LlRydXN0IFJvb3Qg
-Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWfxPkDSTY2PvptsOx
-UqNO3Lc74vcOX4HmAfCm5jZw2BNzof9SCJDyFbzyMhyo1+EGEHtBqJTHPz1EFdyA
-Uecw/lNI9ZBfbW0l4GC7oPvWxin4TXBQGjegDs14KrZo85nUDI5eEmL/wl9amiuI
-R6q7odl18Cxc/m3CsVsxzIOHGqe+kA7oEFRTUgucSfOAAv5vJ6ajVzC427jQAAQD
-5OXUQwbrq2hNaCbSmTS54BKWf0u7a24hceYIRUodZg03yQPh0crcsS9w9reBYpYb
-ZKf+u+GG60GfqJzYyqDh1i/4D+G6QDj3bdGlykwZyJbczEkcCrbTqJE6+drsHc1z
-SiQ/AgMBAAGjggGPMIIBizAPBgNVHRMBAf8EBTADAQH/MIIBJgYDVR0gBIIBHTCC
-ARkwggEVBgcqgnS76CIBMIIBCDCBzQYIKwYBBQUHAgIwgcAagb1Jc3N1ZWQgYXMg
-YSBjZXJ0aWZpY2F0ZSBzdWJqZWN0IHRvIFBvc3QuVHJ1c3QgQ1BTIHdoaWNoIGxp
-bWl0cyB3YXJyYW50aWVzIGFuZCBsaWFiaWxpdHkgb2YgUG9zdC5UcnVzdCBMaW1p
-dGVkLiBCeSBhY2NlcHRpbmcsIHRoZSByZWx5aW5nIHBhcnR5IGFja25vd2xlZGdl
-cyBpdCBoYXMgcmVhZCBhbmQgYWNjZXB0ZWQgdGhlIENQUy4wNgYIKwYBBQUHAgEW
-KiBodHRwOi8vd3d3LnBvc3QudHJ1c3QuaWUvcmVwb3NpdC9jcHMuaHRtbDAOBgNV
-HQ8BAf8EBAMCAcYwHwYDVR0jBBgwFoAUjqFz+ToDIfAsV4sOAgvjnguznZcwHQYD
-VR0OBBYEFI6hc/k6AyHwLFeLDgIL454Ls52XMA0GCSqGSIb3DQEBBQUAA4IBAQCP
-LmEMeZQaIPo8fhwyMOud7u6DK8xsJkntVU3f9H3yvDUUeufzBRx8CYaWK2VH+ljv
-SSFppGZQsMXXnLTiMZOIne5QEl5baI9G5zRzviVhENQeNRW9u7sEJwOdp2Eean4/
-n9cKmaLKCjJWxz1kwRg8E9A2HdVAx94YfK5TeEBylZ2oPTo1sAKWllp1uoa+2J8q
-tkQNW3XvXdkc/ztmxI8HcblM2dVE/CMYJg1VGT0TlPYdcGa55VScOapsDQNAl6n0
-KtWm5nY2ikoCJ+gbGZL9eqe3ZLUOY7r/e9vlELfggXXgUa6yDX/rxn6YYd0CgFe3
-bTidKd30OgHXdGzQyVt4
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDjjCCAnagAwIBAgIIKv++n6Lw6YcwDQYJKoZIhvcNAQEFBQAwKDELMAkGA1UE
-BhMCQkUxGTAXBgNVBAMTEEJlbGdpdW0gUm9vdCBDQTIwHhcNMDcxMDA0MTAwMDAw
-WhcNMjExMjE1MDgwMDAwWjAoMQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1
-bSBSb290IENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZzQh6S
-/3UPi790hqc/7bIYLS2X+an7mEoj39WN4IzGMhwWLQdC1i22bi+n9fzGhYJdld61
-IgDMqFNAn68KNaJ6x+HK92AQZw6nUHMXU5WfIp8MXW+2QbyM69odRr2nlL/zGsvU
-+40OHjPIltfsjFPekx40HopQcSZYtF3CiInaYNKJIT/e1wEYNm7hLHADBGXvmAYr
-XR5i3FVr/mZkIV/4L+HXmymvb82fqgxG0YjFnaKVn6w/Fa7yYd/vw2uaItgscf1Y
-HewApDgglVrH1Tdjuk+bqv5WRi5j2Qsj1Yr6tSPwiRuhFA0m2kHwOI8w7QUmecFL
-TqG4flVSOmlGhHUCAwEAAaOBuzCBuDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/
-BAUwAwEB/zBCBgNVHSAEOzA5MDcGBWA4CQEBMC4wLAYIKwYBBQUHAgEWIGh0dHA6
-Ly9yZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBSFiuv0xbu+DlkD
-lN7WgAEV4xCcOTARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUhYrr9MW7
-vg5ZA5Te1oABFeMQnDkwDQYJKoZIhvcNAQEFBQADggEBAFHYhd27V2/MoGy1oyCc
-UwnzSgEMdL8rs5qauhjyC4isHLMzr87lEwEnkoRYmhC598wUkmt0FoqW6FHvv/pK
-JaeJtmMrXZRY0c8RcrYeuTlBFk0pvDVTC9rejg7NqZV3JcqUWumyaa7YwBO+mPyW
-nIR/VRPmPIfjvCCkpDZoa01gZhz5v6yAlGYuuUGK02XThIAC71AdXkbc98m6tTR8
-KvPG2F9fVJ3bTc0R5/0UAoNmXsimABKgX77OFP67H6dh96tK8QYUn8pJQsKpvO2F
-sauBQeYNxUJpU4c5nUwfAA4+Bw11V0SoU7Q2dmSZ3G7rPUZuFF1eR1ONeE3gJ7uO
-hXY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIDoTCCAomgAwIBAgIQKTZHquOKrIZKI1byyrdhrzANBgkqhkiG9w0BAQUFADBO
 MQswCQYDVQQGEwJ1czEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQ0wCwYDVQQL
 EwRGQkNBMRYwFAYDVQQDEw1Db21tb24gUG9saWN5MB4XDTA3MTAxNTE1NTgwMFoX
@@ -3730,34 +2670,6 @@ naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1ZWrOZyGls
 QyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEvTCCA6WgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBhTELMAkGA1UEBhMCVVMx
-IDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxs
-cyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9v
-dCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDcxMjEzMTcwNzU0WhcNMjIxMjE0
-MDAwNzU0WjCBhTELMAkGA1UEBhMCVVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdl
-bGxzU2VjdXJlMRwwGgYDVQQLDBNXZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQD
-DC1XZWxsc1NlY3VyZSBQdWJsaWMgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
-ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDub7S9eeKPCCGeOARBJe+r
-WxxTkqxtnt3CxC5FlAM1iGd0V+PfjLindo8796jE2yljDpFoNoqXjopxaAkH5OjU
-Dk/41itMpBb570OYj7OeUt9tkTmPOL13i0Nj67eT/DBMHAGTthP796EfvyXhdDcs
-HqRePGj4S78NuR4uNuip5Kf4D8uCdXw1LSLWwr8L87T8bJVhHlfXBIEyg1J55oNj
-z7fLY4sR4r1e6/aN7ZVyKLSsEmLpSjPmgzKuBXWVvYSV2ypcm44uDLiBK0HmOFaf
-SZtsdvqKXfcBeYF8wYNABf5x/Qw/zE5gCQ5lRxAvAcAFP4/4s0HvWkJ+We/Slwxl
-AgMBAAGjggE0MIIBMDAPBgNVHRMBAf8EBTADAQH/MDkGA1UdHwQyMDAwLqAsoCqG
-KGh0dHA6Ly9jcmwucGtpLndlbGxzZmFyZ28uY29tL3dzcHJjYS5jcmwwDgYDVR0P
-AQH/BAQDAgHGMB0GA1UdDgQWBBQmlRkQ2eihl5H/3BnZtQQ+0nMKajCBsgYDVR0j
-BIGqMIGngBQmlRkQ2eihl5H/3BnZtQQ+0nMKaqGBi6SBiDCBhTELMAkGA1UEBhMC
-VVMxIDAeBgNVBAoMF1dlbGxzIEZhcmdvIFdlbGxzU2VjdXJlMRwwGgYDVQQLDBNX
-ZWxscyBGYXJnbyBCYW5rIE5BMTYwNAYDVQQDDC1XZWxsc1NlY3VyZSBQdWJsaWMg
-Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHmCAQEwDQYJKoZIhvcNAQEFBQADggEB
-ALkVsUSRzCPIK0134/iaeycNzXK7mQDKfGYZUMbVmO2rvwNa5U3lHshPcZeG1eMd
-/ZDJPHV3V3p9+N701NX3leZ0bh08rnyd2wIDBSxxSyU+B+NemvVmFymIGjifz6pB
-A4SXa5M4esowRBskRDPQ5NHcKDj0E0M1NSljqHyita04pO2t/caaH/+Xc/77szWn
-k4bGdpEA5qxRFsQnMlzbc9qlk1eOPm01JghZ1edE13YgY+esE2fDbbFwRnzVlhE9
-iW9dqKHrjQrawx0zbKPqZxmamX9LPYNRKh3KL4YMon4QLSvUFpULB6ouFJJJtylv
-2G0xffX8oRAHh84vWdw+WNs=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIFkjCCA3qgAwIBAgIBCDANBgkqhkiG9w0BAQUFADA6MQswCQYDVQQGEwJDTjER
 MA8GA1UEChMIVW5pVHJ1c3QxGDAWBgNVBAMTD1VDQSBHbG9iYWwgUm9vdDAeFw0w
 ODAxMDEwMDAwMDBaFw0zNzEyMzEwMDAwMDBaMDoxCzAJBgNVBAYTAkNOMREwDwYD
@@ -4036,70 +2948,6 @@ rKnzN6uDw9HNgZjA5UA1uJ+R52/mSyAWilN7rDrRmDVU0NS/rn6aSx7pdaMlsDvn
 Zb9PlfQdvcS6yU2BUcI/WtkS9CEb1pXqPZD+qZPi
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIGijCCBHKgAwIBAgIQA6OkV7Xw84ZKEWPomP8WnDANBgkqhkiG9w0BAQUFADCB
-mDELMAkGA1UEBhMCTFQxLTArBgNVBAoTJFZJIFJlZ2lzdHJ1IENlbnRyYXMgLSBJ
-LmsuIDEyNDExMDI0NjEuMCwGA1UECxMlUmVnaXN0cnUgQ2VudHJvIFNlcnRpZmlr
-YXZpbW8gQ2VudHJhczEqMCgGA1UEAxMhVkkgUmVnaXN0cnUgQ2VudHJhcyBSQ1ND
-IChSb290Q0EpMB4XDTA4MDcyMTExNDc0NloXDTI0MDcyMTExNDc0NlowgZgxCzAJ
-BgNVBAYTAkxUMS0wKwYDVQQKEyRWSSBSZWdpc3RydSBDZW50cmFzIC0gSS5rLiAx
-MjQxMTAyNDYxLjAsBgNVBAsTJVJlZ2lzdHJ1IENlbnRybyBTZXJ0aWZpa2F2aW1v
-IENlbnRyYXMxKjAoBgNVBAMTIVZJIFJlZ2lzdHJ1IENlbnRyYXMgUkNTQyAoUm9v
-dENBKTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMiZ8iLHs4cVLqfL
-TUarZ5fPD3N3A/dkfHZIMiD0o9hZnRSpH6AekQ4NrfX+Z5KREyAhTQpVbnH6rBfL
-AP0OUAIz26nYvWEa/eAQV7FVeWAZtFR5nvuAMOLIQslSAgjYrC/DcUFUAvWBihLj
-aQKlh6FwfQW+pWK/BbAIlkdvf5OKreCs00LeveaPFOVzKKADm0H65T73OXQuZPSf
-S8D1eJlUa+UVIPzpMnJAq2V1vDxGNNL4EGHHDHjHfMARUdEFNvv4nP8tuOVxLUnw
-V0izk46c+zrJS20x11LVVumELpHUAh2ygAWBxYDKKcE0Z7mvBDBD9q9CR978AS7o
-Qpy+sgsU5DTc3a1ThHrYA1bRwgzUlyn4TPK1HN+dg65fWiVLorAo5b9aC9CcqJxw
-Km0OLuEnv60LbxHT+EYt9JdES8qwyOY2byK6juRSlRbsRGrUUB6YKPlopLrenjDt
-oslSock1ikDhjZub/fFGi6THT3BgUY3ykqnOuowvSVISZ9D1qwQlQHQD4titoXRY
-Ybe1DvN/JSwRY6/xEsP0pHOaZKzupgaP8rycrCipXBXTM63QNsghcGu8Kh/Vq7gB
-WHb8OxFN+/IcSCQR/U2PGSmua+htXrKhDXjO0mODdLTNKUy/m3CITxINRee+D2XE
-1jgk5EoVi9Fq6rs2oaGQpVPIpdZlAgMBAAGjgc0wgcowDgYDVR0PAQH/BAQDAgEG
-MC8GCCsGAQUFBwEDBCMwITAIBgYEAI5GAQEwCwYGBACORgEDAgEKMAgGBgQAjkYB
-BDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS8cz4vnJEMu4/Nd5k+zIXkzFho
-ETAQBgkrBgEEAYI3FQEEAwIBADBFBgNVHSAEPjA8MDoGCysGAQQBgfE3AQEBMCsw
-KQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucmNzYy5sdC9yZXBvc2l0b3J5MA0GCSqG
-SIb3DQEBBQUAA4ICAQAZeCxRE1+8mU5cpwH83rb+qR2GMRF7epmKs4iSpWDSBGM5
-vK+O2PErRXIyKTwt4tnYPXT6RzWH3BAANkE97ap+sszEGukxtPWR0YRK5/Xcz0Zn
-ApmvuHf6fu0hb5YjFHE/0Fi+qttDLDegHQZpNPBPj3Xus9IBu+wc6Y+pie/41BtB
-Apm+8F+6jizCIXDeUYHY97y4wzODw5fKCXPE6XfIcvRcrQ8Niurt0goBzutXnRXw
-KRXvWZyvrJKCcAyY2CKdL5g1qdGKibzVnVXCLp4HJUb2kk1Q+j2J8t+Tv5OU0Nmv
-V6PzZuaO8eigGxgGk1osiQ02xPogs9wo9WrujzGbWTjYTmqgIyHkhqvl+2Cj0c1a
-LEJJpg5VJCU1/dI6r2tYppFGX2nLvX4mm94IvR7snqb4nHWkQDaVSyJPxrZ9clG8
-48Jozc3li77Awk+bbmXOFrcIiMeH3v8yjMvrQkGs+9fPAUP4b8DWC/D3kunLRV1k
-sffKPLuJCJbJ2g7hcSoP7KRCLeNqD0dHsFOm1oVQlzDXjC5fRiLQrM48XpwecoP9
-DKf4FzK7Yd7jTy8YjoK1hxt0BTBKv2oeSDxUKLFdnZJfmxDjLiKKr902ZH8TdkeD
-NZUalI/1xFNtOb3Vi/XKzxhDBQGTpDbeMNIU87BktcrOlfe6dOyKcz5S015TAA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEgDCCA2igAwIBAgIBATANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UEBhMCQlIx
-EzARBgNVBAoTCklDUC1CcmFzaWwxPTA7BgNVBAsTNEluc3RpdHV0byBOYWNpb25h
-bCBkZSBUZWNub2xvZ2lhIGRhIEluZm9ybWFjYW8gLSBJVEkxNDAyBgNVBAMTK0F1
-dG9yaWRhZGUgQ2VydGlmaWNhZG9yYSBSYWl6IEJyYXNpbGVpcmEgdjEwHhcNMDgw
-NzI5MTkxNzEwWhcNMjEwNzI5MTkxNzEwWjCBlzELMAkGA1UEBhMCQlIxEzARBgNV
-BAoTCklDUC1CcmFzaWwxPTA7BgNVBAsTNEluc3RpdHV0byBOYWNpb25hbCBkZSBU
-ZWNub2xvZ2lhIGRhIEluZm9ybWFjYW8gLSBJVEkxNDAyBgNVBAMTK0F1dG9yaWRh
-ZGUgQ2VydGlmaWNhZG9yYSBSYWl6IEJyYXNpbGVpcmEgdjEwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQDOHOi+kzTOybHkVO4J9uykCIWgP8aKxnAwp4CM
-7T4BVAeMGSM7n7vHtIsgseL3QRYtXodmurAH3W/RPzzayFkznRWwn5LIVlRYijon
-ojQem3i1t83lm+nALhKecHgH+o7yTMD45XJ8HqmpYANXJkfbg3bDzsgSu9H/766z
-Yn2aoOS8bn0BLjRg3IfgX38FcFwwFSzCdaM/UANmI2Ys53R3eNtmF9/5Hw2CaI91
-h/fpMXpTT89YYrtAojTPwHCEUJcV2iBL6ftMQq0raI6j2a0FYv4IdMTowcyFE86t
-KDBQ3d7AgcFJsF4uJjjpYwQzd7WAds0qf/I8rF2TQjn0onNFAgMBAAGjgdQwgdEw
-TgYDVR0gBEcwRTBDBgVgTAEBADA6MDgGCCsGAQUFBwIBFixodHRwOi8vYWNyYWl6
-LmljcGJyYXNpbC5nb3YuYnIvRFBDYWNyYWl6LnBkZjA/BgNVHR8EODA2MDSgMqAw
-hi5odHRwOi8vYWNyYWl6LmljcGJyYXNpbC5nb3YuYnIvTENSYWNyYWl6djEuY3Js
-MB0GA1UdDgQWBBRCsixcdAEHvpv/VTM77im7XZG/BjAPBgNVHRMBAf8EBTADAQH/
-MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAWWyKdukZcVeD/qf0
-eg+egdDPBxwMI+kkDVHLM+gqCcN6/w6jgIZgwXCX4MAKVd2kZUyPp0ewV7fzq8TD
-GeOY7A2wG1GRydkJ1ulqs+cMsLKSh/uOTRXsEhQZeAxi6hQ5GArFVdtThdx7KPoV
-caPKdCWCD2cnNNeuUhMC+8XvmoAlpVKeOQ7tOvR4B1/VKHoKSvXQw2f3jFgXbwoA
-oyYQtGAiOkpIpdrgqYTeQ9ufQ6c/KARHki/352R1IdJPgc6qPmQO4w6tVZp+lJs0
-wdCuaU4eo9mzh1facMJafYfN+b833u1WNfe3Ig5Pkrg/CN+cnphe8m+5+pss+M1F
-2HKyIA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
 VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
 IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
@@ -4454,6 +3302,38 @@ LRMGfa4HocMM9dRask63IR0XxeW58h/jhgFdCwZ5XcnKPxZ+gR5NfvCaPCXFznR5
 nkrh8en1JUb2xN7kRGRzHcY5PnrmhXsY
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ
+WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ
+BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG
+Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/
+yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf
+BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz
+WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF
+tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z
+374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC
+IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL
+mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7
+wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS
+MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2
+ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet
+UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw
+AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H
+YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3
+LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD
+nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1
+RXxlDPiyN8+sD8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYM
+LVN0V2Ue1bLdI4E7pWYjJ2cJj+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf
+77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrTQfv6MooqtyuGC2mDOL7Nii4LcK2N
+JpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW+YJF1DngoABd15jm
+fZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7Ixjp
+6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp
+1txyM/1d8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B
+9kiABdcPUXmsEKvU7ANm5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wok
+RqEIr9baRRmW1FMdW4R58MD3R++Lj8UGrp1MYp3/RgT408m2ECVAdf4WqslKYIYv
+uu8wd+RU4riEmViAqhOLUTpPSPaLtrM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
 EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
 MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
@@ -4669,28 +3549,6 @@ tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c
 HMN1Rq41Bab2XD0h7lbwyYIiLXpUq3DDfSJlgnCW
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDlDCCAnygAwIBAgIBATANBgkqhkiG9w0BAQUFADBqMQswCQYDVQQGEwJJVDEP
-MA0GA1UEBwwGTWlsYW5vMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUy
-MDk2NzElMCMGA1UEAwwcQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBDQSBHMTAeFw0w
-OTA2MjMxNDA2MDBaFw0yMjA2MjUxNDA2MDBaMGoxCzAJBgNVBAYTAklUMQ8wDQYD
-VQQHDAZNaWxhbm8xIzAhBgNVBAoMGkFjdGFsaXMgUy5wLkEuLzAzMzU4NTIwOTY3
-MSUwIwYDVQQDDBxBY3RhbGlzIEF1dGhlbnRpY2F0aW9uIENBIEcxMIIBIjANBgkq
-hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwxyGND8nUkJguitg0CErydfpQHU6bFgP
-IzvPhj7UZKtu2urIKtiVRd/JHNIlkp4QmFqLcWnAlen2a2jc97bEDf5u9XA7waSo
-TyCiJwuf8RJ1fM+uf17LeAJYKNcvqtugrnQ9fqv26XKhKs/WkGDf4KA1ysDbBMQH
-VvxmdYyOehOhPAZrGuZ/OZyI5IRvouJ/a5/sAarSxMuy7Jo9uBcYrB9gmTPm6wXd
-zPJpZ7AOvigkQ8stuUeEGfnq5PH1aPSfx3tQUa+i/G93iDG/ktt/nMW1rKEImOdq
-M/7RuwDhtwUIr/OmVog2PeOKSuINnYCGZp/UwqNQuhwS14eKMUq4FQIDAQABo0Uw
-QzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU
-AbvWm1a0fubFWN0smPTKcvZfM4YwDQYJKoZIhvcNAQEFBQADggEBAKEg1suiNG08
-buFV0krQ2bqyN1GIdyfuAkiTRUHidVHyGZQJoPO4fboDgCOgJe8BGbXZGnot40KK
-sYYxD5bsZoTyziMSRpZrMV4Guq+jUqpCIKjRrqqb38QXnlNwAbSpGtpoyGMPtlpz
-U9FpEQYTUudrqAUxt7D8h0bFdYiB8V94AuefrZy7VO1fmWo31etVsyrAQ2BR3LRx
-kiajD8x6PdzAQokXKQhnVGTF+ahEvIRxWJY9Z1d/u6yQs3Eivz66rGYmRRCz8B86
-OmilUDXKtBeRBgEs9w2wcLJbVnW5d5nA2ZWFAi1zZgfJT5kR7lsrqONoIwWo8wQP
-BrsfCY7GWx0=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
 VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
 cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs
@@ -5104,38 +3962,6 @@ QOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk527RH89elWsn2/x20Kk4yl
 NVOFBkpdn627G190
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFnDCCBISgAwIBAgIBZDANBgkqhkiG9w0BAQsFADBbMQswCQYDVQQGEwJDWjEs
-MCoGA1UECgwjxIxlc2vDoSBwb8WhdGEsIHMucC4gW0nEjCA0NzExNDk4M10xHjAc
-BgNVBAMTFVBvc3RTaWdudW0gUm9vdCBRQ0EgMjAeFw0xMDAxMTkwODA0MzFaFw0y
-NTAxMTkwODA0MzFaMFsxCzAJBgNVBAYTAkNaMSwwKgYDVQQKDCPEjGVza8OhIHBv
-xaF0YSwgcy5wLiBbScSMIDQ3MTE0OTgzXTEeMBwGA1UEAxMVUG9zdFNpZ251bSBS
-b290IFFDQSAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFz8yBxf
-2gf1uN0GGXknvGHwurpp4Lw3ZPWZB6nEBDGjSGIXK0Or6Xa3ZT+tVDTeUUjT133G
-7Vs51D6z/ShWy+9T7a1f6XInakewyFj8PT0EdZ4tAybNYdEUO/dShg2WvUyfZfXH
-0jmmZm6qUDy0VfKQfiyWchQRi/Ax6zXaU2+X3hXBfvRMr5l6zgxYVATEyxCfOLM9
-a5U6lhpyCDf2Gg6dPc5Cy6QwYGGpYER1fzLGsN9stdutkwlP13DHU1Sp6W5ywtfL
-owYaV1bqOOdARbAoJ7q8LO6EBjyIVr03mFusPaMCOzcEn3zL5XafknM36Vqtdmqz
-iWR+3URAUgqE0wIDAQABo4ICaTCCAmUwgaUGA1UdHwSBnTCBmjAxoC+gLYYraHR0
-cDovL3d3dy5wb3N0c2lnbnVtLmN6L2NybC9wc3Jvb3RxY2EyLmNybDAyoDCgLoYs
-aHR0cDovL3d3dzIucG9zdHNpZ251bS5jei9jcmwvcHNyb290cWNhMi5jcmwwMaAv
-oC2GK2h0dHA6Ly9wb3N0c2lnbnVtLnR0Yy5jei9jcmwvcHNyb290cWNhMi5jcmww
-gfEGA1UdIASB6TCB5jCB4wYEVR0gADCB2jCB1wYIKwYBBQUHAgIwgcoagcdUZW50
-byBrdmFsaWZpa292YW55IHN5c3RlbW92eSBjZXJ0aWZpa2F0IGJ5bCB2eWRhbiBw
-b2RsZSB6YWtvbmEgMjI3LzIwMDBTYi4gYSBuYXZhem55Y2ggcHJlZHBpc3UvVGhp
-cyBxdWFsaWZpZWQgc3lzdGVtIGNlcnRpZmljYXRlIHdhcyBpc3N1ZWQgYWNjb3Jk
-aW5nIHRvIExhdyBObyAyMjcvMjAwMENvbGwuIGFuZCByZWxhdGVkIHJlZ3VsYXRp
-b25zMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQW
-BBQVKYzFRWmruLPD6v5LuDHY3PDndjCBgwYDVR0jBHwweoAUFSmMxUVpq7izw+r+
-S7gx2Nzw53ahX6RdMFsxCzAJBgNVBAYTAkNaMSwwKgYDVQQKDCPEjGVza8OhIHBv
-xaF0YSwgcy5wLiBbScSMIDQ3MTE0OTgzXTEeMBwGA1UEAxMVUG9zdFNpZ251bSBS
-b290IFFDQSAyggFkMA0GCSqGSIb3DQEBCwUAA4IBAQBeKtoLQKFqWJEgLNxPbQNN
-5OTjbpOTEEkq2jFI0tUhtRx//6zwuqJCzfO/KqggUrHBca+GV/qXcNzNAlytyM71
-fMv/VwgL9gBHTN/IFIw100JbciI23yFQTdF/UoEfK/m+IFfirxSRi8LRERdXHTEb
-vwxMXIzZVXloWvX64UwWtf4Tvw5bAoPj0O1Z2ly4aMTAT2a+y+z184UhuZ/oGyMw
-eIakmFM7M7RrNki507jiSLTzuaFMCpyWOX7ULIhzY6xKdm5iQLjTvExn2JTvVChF
-Y+jUu/G0zAdLyeU4vaXdQm1A8AEiJPTd0Z9LAxL6Sq2iraLNN36+NyEK/ts3mPLL
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
 BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
 dCBDb21tZXJjaWFsMB4XDTEwMDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDEL
@@ -5407,44 +4233,6 @@ u/fJdQX3W6v6h1mvGmcQfoTcjHDWROkQwdibLtHGQGrq5loPEH1s+1WHuk21cQOe
 F4942lU9V14iCmqY8I0Izd2WQlobzbpvJ7h0J6g/5aDWc8deLyE=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIGoTCCBImgAwIBAgIBATANBgkqhkiG9w0BAQ0FADCBlzELMAkGA1UEBhMCQlIx
-EzARBgNVBAoTCklDUC1CcmFzaWwxPTA7BgNVBAsTNEluc3RpdHV0byBOYWNpb25h
-bCBkZSBUZWNub2xvZ2lhIGRhIEluZm9ybWFjYW8gLSBJVEkxNDAyBgNVBAMTK0F1
-dG9yaWRhZGUgQ2VydGlmaWNhZG9yYSBSYWl6IEJyYXNpbGVpcmEgdjIwHhcNMTAw
-NjIxMTkwNDU3WhcNMjMwNjIxMTkwNDU3WjCBlzELMAkGA1UEBhMCQlIxEzARBgNV
-BAoTCklDUC1CcmFzaWwxPTA7BgNVBAsTNEluc3RpdHV0byBOYWNpb25hbCBkZSBU
-ZWNub2xvZ2lhIGRhIEluZm9ybWFjYW8gLSBJVEkxNDAyBgNVBAMTK0F1dG9yaWRh
-ZGUgQ2VydGlmaWNhZG9yYSBSYWl6IEJyYXNpbGVpcmEgdjIwggIiMA0GCSqGSIb3
-DQEBAQUAA4ICDwAwggIKAoICAQC6RqQO3edA8rWgfFKVV0X8bYTzhgHJhQOtmKvS
-8l4Fmcm7b2Jn/XdEuQMHPNIbAGLUcCxCg3lmq5lWroG8akm983QPYrfrWwdmlEIk
-nUasmkIYMPAkqFFB6quV8agrAnhptSknXpwuc8b+I6Xjps79bBtrAFTrAK1POkw8
-5wqIW9pemgtW5LVUOB3yCpNkTsNBklMgKs/8dG7U2zM4YuT+jkxYHPePKk3/xZLZ
-CVK9z3AAnWmaM2qIh0UhmRZRDTTfgr20aah8fNTd0/IVXEvFWBDqhRnLNiJYKnIM
-mpbeys8IUWG/tAUpBiuGkP7pTcMEBUfLz3bZf3Gmh3sVQOQzgHgHHaTyjptAO8ly
-UN9pvvAslh+QtdWudONltIwa6Wob+3JcxYJU6uBTB8TMEun33tcv1EgvRz8mYQSx
-Epoza7WGSxMr0IadR+1p+/yEEmb4VuUOimx2xGsaesKgWhLRI4lYAXwIWNoVjhXZ
-fn03tqRF9QOFzEf6i3lFuGZiM9MmSt4c6dR/5m0muTx9zQ8oCikPm91jq7mmRxqE
-14WkA2UGBEtSjYM0Qn8xjhEu5rNnlUB+l3pAAPkRbIM4WK0DM1umxMHFsKwNqQbw
-pmkBNLbp+JRITz6mdQnsSsU74MlesDL/n2lZzzwwbw3OJ1fsWhto/+xPb3gyPnnF
-tF2VfwIDAQABo4H1MIHyME4GA1UdIARHMEUwQwYFYEwBAQAwOjA4BggrBgEFBQcC
-ARYsaHR0cDovL2FjcmFpei5pY3BicmFzaWwuZ292LmJyL0RQQ2FjcmFpei5wZGYw
-PwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2FjcmFpei5pY3BicmFzaWwuZ292LmJy
-L0xDUmFjcmFpenYyLmNybDAfBgNVHSMEGDAWgBQMOSA6twEfy9cofUGgx/pKrTIk
-vjAdBgNVHQ4EFgQUDDkgOrcBH8vXKH1BoMf6Sq0yJL4wDwYDVR0TAQH/BAUwAwEB
-/zAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQADggIBAFmaFGkYbX0pQ3B9
-dpth33eOGnbkqdbLdqQWDEyUEsaQ0YEDxa0G2S1EvLIJdgmAOWcAGDRtBgrmtRBZ
-SLp1YPw/jh0YVXArnkuVrImrCncke2HEx5EmjkYTUTe2jCcK0w3wmisig4OzvYM1
-rZs8vHiDKTVhNvgRcTMgVGNTRQHYE1qEO9dmEyS3xEbFIthzJO4cExeWyCXoGx7P
-34VQbTzq91CeG5fep2vb1nPSz3xQwLCM5VMSeoY5rDVbZ8fq1PvRwl3qDpdzmK4p
-v+Q68wQ2UCzt3h7bhegdhAnu86aDM1tvR3lPSLX8uCYTq6qz9GER+0Vn8x0+bv4q
-SyZEGp+xouA82uDkBTp4rPuooU2/XSx3KZDNEx3vBijYtxTzW8jJnqd+MRKKeGLE
-0QW8BgJjBCsNid3kXFsygETUQuwq8/JAhzHVPuIKMgwUjdVybQvm/Y3kqPMFjXUX
-d5sKufqQkplliDJnQwWOLQsVuzXxYejZZ3ftFuXoAS1rND+Og7P36g9KHj41hJ2M
-gDQ/qZXow63EzZ7KFBYsGZ7kNou5uaNCJQc+w+XVaE+gZhyms7ZzHJAaP0C5GlZC
-cIf/by0PEf0e//eFMBUO4xcx7ieVzMnpmR6Xx21bB7UFaj3yRd+6gnkkcC6bgh9m
-qaVtJ8z2KqLRX4Vv4EadqtKlTlUO
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIF7TCCA9WgAwIBAgIQKMw6Jb+6RKxEmptYa0M5qjANBgkqhkiG9w0BAQsFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl
 ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMp
@@ -5635,6 +4423,104 @@ Yc5rSQeBMFIh8qHBmO/GQvMv4w5oaUXzkdFkUabaSnmaJFvDTLGHEcfh91z4Il43
 wucgMw5Ve/tCkwcaSF4t/kS3H2S+G8NNnerWMmA=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIGWDCCBECgAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBzjELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTEWMBQGA1UEBxMNU29tZXJzZXQgV2VzdDEq
+MCgGA1UEChMhU291dGggQWZyaWNhbiBQb3N0IE9mZmljZSBMaW1pdGVkMRowGAYD
+VQQLExFTQVBPIFRydXN0IENlbnRyZTEdMBsGA1UEAxMUU0FQTyBDbGFzcyAzIFJv
+b3QgQ0ExKTAnBgkqhkiG9w0BCQEWGnBraWFkbWluQHRydXN0Y2VudHJlLmNvLnph
+MB4XDTEwMDkxNTAwMDAwMFoXDTMwMDkxNDAwMDAwMFowgc4xCzAJBgNVBAYTAlpB
+MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxFjAUBgNVBAcTDVNvbWVyc2V0IFdlc3Qx
+KjAoBgNVBAoTIVNvdXRoIEFmcmljYW4gUG9zdCBPZmZpY2UgTGltaXRlZDEaMBgG
+A1UECxMRU0FQTyBUcnVzdCBDZW50cmUxHTAbBgNVBAMTFFNBUE8gQ2xhc3MgMyBS
+b290IENBMSkwJwYJKoZIhvcNAQkBFhpwa2lhZG1pbkB0cnVzdGNlbnRyZS5jby56
+YTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMp4Gge89vu0t4m80BlW
+OCpZnQfqGvn4+GhnXo/vyvf1aonmo5V/qdspJBw10DiWbD5WJP9eYlGQLofonMfa
+vDPxnqFvC44KJPT4TZCmss1eEdPCl0z1X0AdJiRNjQkQC/+7IBuTJhkMQz/pjrwx
+NxBukcpIglZGx7y5Op5GgWbP2ehcEM85nmXDnsVa9EvMRJlmhvRyG6NTSequR80y
+DXDmoKB2B53/WO/kPJHAteTcuAEM0/6zQqA7YQLUN1vXTEWV0nVd9W4wX1dRi7L/
+fsiLnKqjQTcMEJGopoVcucePBVGy0HjS4ktJ6dQapzusqjPmmioDQJhvdFITMZTR
+EsG0yzD5/0S4kltS1jDZM9F14xmlFhW3VFfxVlDOTr4DOy/stjDuFGBeX3o19E5k
+BxHqpQdmG26T4rBPXtbgROCz3K7vuP2os+zs5TmIRLShuxRgZI/WkpPL88xQ3ekH
+yGdn+fCHhJGyAGLpv0oVdMW/BEwFRl0Ky+XqYQDhb0GxNI6mAKJ8pqWm+mxMQ+Wo
+Jpo0mB6HmOdMeNGPnwVVXYpLyc+gC30GkJwYkrLEstfjRdlrc8OXOb8pHgYJVUC6
+vNpIdUPt/kR+PSzmYpED/T2J7370XSSPpQsrsz56KSi8uz+/63eFBCaLlLKQ9euN
+T6JEIlConCpESAB4GaudCJYVAgMBAAGjPzA9MA4GA1UdDwEB/wQEAwIBBjAMBgNV
+HRMEBTADAQH/MB0GA1UdDgQWBBRhs3lSnUqVklGOgiRw045AyMVm0DANBgkqhkiG
+9w0BAQUFAAOCAgEAf8azJIRQN/nEsMUwPBbpUA16urQ70iPl6Yl4auXjGwUekRzO
+BpeNZhYHRO+BuQh+o8c5NLi/mm2NsMEgQi4N9wsGA09uy7y3sC8ZcY2OrwpNWDGL
+RJkqKGaFx4AmZrBHwjmy+k8+Vb3ciSdLczME/ntHkMkFwC0z+LcIgilBQ/0mU+b6
+HzdWjU8Xutj9OoRw2D7wM67EBUhUobnVIT/qPsepMUf3m65KYpjRZyBl3nnhsTIe
+a9/7gGtHXDnHDgiqx6PuKek04pv5dbgm64idtDkRLnD9UQQyuw95hFAhRXwv5Nn/
+JTgGI6tOsQ7cOzEKrdpLAGlrLuLDDMkFAUVm4aWJYRxkmY0LmJCzfmY7C9ir6HUO
+2X+abn3JgyfJvOg0OMJahzJyBwz+1ZTR8MB48oCoRvVrmuzi2RaOivqE9tFSyZyy
+IVZgQ6YQ939Jv74H01BkbQK6KlUsz9nCbq98C0jQ8eGnwq10j4bk7ar6XIN9Quh9
+Bx0HVcwraTK5d4JoxnfyImmmyQpdh5nlcZ59LxMe0vT9CXknWCsKh4Eq+2ojLUsk
+hXQWRxgPCcX+qUgk46zQaT1fU5gyvezgUcFTSrH2O/A0SPWa3tzR4OO9JbNE6Dpz
+yXnQrNHt4gAKX6EdZllKc2jUBXIzOKdrr5HbDceMQOiekIjJ+/4k14Gs894=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWDCCBECgAwIBAgIBAzANBgkqhkiG9w0BAQUFADCBzjELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTEWMBQGA1UEBxMNU29tZXJzZXQgV2VzdDEq
+MCgGA1UEChMhU291dGggQWZyaWNhbiBQb3N0IE9mZmljZSBMaW1pdGVkMRowGAYD
+VQQLExFTQVBPIFRydXN0IENlbnRyZTEdMBsGA1UEAxMUU0FQTyBDbGFzcyA0IFJv
+b3QgQ0ExKTAnBgkqhkiG9w0BCQEWGnBraWFkbWluQHRydXN0Y2VudHJlLmNvLnph
+MB4XDTEwMDkxNTAwMDAwMFoXDTMwMDkxNDAwMDAwMFowgc4xCzAJBgNVBAYTAlpB
+MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxFjAUBgNVBAcTDVNvbWVyc2V0IFdlc3Qx
+KjAoBgNVBAoTIVNvdXRoIEFmcmljYW4gUG9zdCBPZmZpY2UgTGltaXRlZDEaMBgG
+A1UECxMRU0FQTyBUcnVzdCBDZW50cmUxHTAbBgNVBAMTFFNBUE8gQ2xhc3MgNCBS
+b290IENBMSkwJwYJKoZIhvcNAQkBFhpwa2lhZG1pbkB0cnVzdGNlbnRyZS5jby56
+YTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANvc7UiaoKOf4BGO2ciS
+dTpVwVEiygt6pDUNxeZXLYPwKm8iODcxbXyFJKIGL0OCPUUwQCUc7lhHQebwngAe
++PQvEbuSsphFLdMfgMl2FBPDzEDmres5YPzPyN8q/YwSUe/PDGTGV+gjUV3nZlLq
+Zr2Tf516KPEZcG6EnzBHt7A5axMs60tNLq8/v/0CE0o55z4zxRCRUb4PR51NUvws
+8+MTogCC4RQMzdKes/Lggdq+mZJT432Zd0Ph4UgpgZ7WBVc6cdw+mK1YcG9Gu34y
+A+KDm1lX9/izzVQW7LatoRwaktHUKZ6PzbPofVDxwoKsur20dVag9UVdGH0sjPF7
+QcyGsZqESwoqXZuW4c36qxYnQeeVNabLiqeW86XMUfktfR5D+9xttbk4vQX7WPou
+0+xeZC2vWAFKfCJG00HLPeSWXklDOLuJ6/ScaTkSA1yEu+WMHurgZrvAv4z+ngpN
+PWg/QHbWMqnqRbhqB1KOzVHxXShjDNNZOPzJ/YLJRSC85ujMogzLe2Q5SUZF9XMc
+apcg6yFC97QgUrdK/XW8yw8MZxFXH/cw8auQzF08lgVi08pVAUtGxYCHHHLQc1Qh
+6tejnNOuf9RT2Sj8V97lP1JKu8gmJEdTHHO6z8a0MM1eccdWvEk4JebFEAl42dQd
+XM1u7duRXKFTFFaqjSeppo4bAgMBAAGjPzA9MA4GA1UdDwEB/wQEAwIBBjAMBgNV
+HRMEBTADAQH/MB0GA1UdDgQWBBQWhC37G+e0HmiY00IgGm5+T5FXAjANBgkqhkiG
+9w0BAQUFAAOCAgEAe+MNYzpkIG3M/Cy46dar29erJilHogxW7XXMlZlSNssg+xE0
+F0JOdQWw2OS4sIQvmBm5+9A5bHIGGMlcinp0CDdIaf0ioV3F13gT8ChCQcPJwzkJ
+B9Sh+DciaeTfMlVvwny5k/GyN3XMrtIzlow29wHt42TpC2hbEKoBNpl8z5qUXf0a
+WWGiZRV9nhdk1J9TmAH9cVfQXUARFj8/RNKvyfwIMn12+NVD6Nw2aAfDTsOWl1fG
+fTZe23Ct/q7UiJ21pGDWo2K+fPk0Hvy79EpyxYMeRmjDDpeDGD3TDgoRNXxplcWr
+KvXIORBNDIkwKYlJG0SXkfTqZSEbPwpDcoIcbRFd4CJFX2FMoqb636NGuuGBYGwy
+tPzk3DYF5DP36493SaqNCu9IiuZBl347q0OH8ghgC2/XWWb9K7svzjNPcuC217NT
+V4nwO7xu4hC/cz5ij6UI6VNnwU7BLkJDp7Kk+RaLQu7cNH9Is5DbJOLI5FM1U5zq
+N4XPv5gGNUcm165t3YSpY1gmQfV1Mi5hnk+TUlL2WiPrwaBzJiUiQpGRkYBP/4jO
+XnPnlsLtCRL3dpapeWKQSYGDnwwyMuJbyt1INKyHjnGVrkzkfHgdp1HDvRH6AtGV
+iXMIRiKJaQDPT4DBTVuUxMqZUZgvDb19VGTUCtonWac3u1YM0AaicrkSuVs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEWDCCA0CgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBzjELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTEWMBQGA1UEBxMNU29tZXJzZXQgV2VzdDEq
+MCgGA1UEChMhU291dGggQWZyaWNhbiBQb3N0IE9mZmljZSBMaW1pdGVkMRowGAYD
+VQQLExFTQVBPIFRydXN0IENlbnRyZTEdMBsGA1UEAxMUU0FQTyBDbGFzcyAyIFJv
+b3QgQ0ExKTAnBgkqhkiG9w0BCQEWGnBraWFkbWluQHRydXN0Y2VudHJlLmNvLnph
+MB4XDTEwMDkxNTAwMDAwMFoXDTMwMDkxNDAwMDAwMFowgc4xCzAJBgNVBAYTAlpB
+MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxFjAUBgNVBAcTDVNvbWVyc2V0IFdlc3Qx
+KjAoBgNVBAoTIVNvdXRoIEFmcmljYW4gUG9zdCBPZmZpY2UgTGltaXRlZDEaMBgG
+A1UECxMRU0FQTyBUcnVzdCBDZW50cmUxHTAbBgNVBAMTFFNBUE8gQ2xhc3MgMiBS
+b290IENBMSkwJwYJKoZIhvcNAQkBFhpwa2lhZG1pbkB0cnVzdGNlbnRyZS5jby56
+YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALd8aXxg9Wwm9KocF39d
+1BFL5/Pa53On+qRCSWg/2qVAXAZoX07Mvb6BOCQtzCagRG0DyyPgu96FU0uUX197
+qsgal/7XI5PtsGq92PwAPrOSBOBLvk87mKed7c1j8IHnbJjUbGBVAOW5POY0lV3g
+/XGH6f+B7uV3bxj/88l8pZXdgtwU2aLhvs0nc7tFWz90sWJ4ZhAiLPVo8xeIFjua
+Gx37FK4NuvKQVaLVMNYrlTLHOW57ZdJ3OM5uVqXZI6s4sjtRhcAdG7cRLwVpR9gC
+ypKo4TPehQib7ZDV2CGZcb+29XPvZwiYZNLyKnpLIRbhH1hh3pFHHyGfH/6MI4aD
+GCcCAwEAAaM/MD0wDgYDVR0PAQH/BAQDAgEGMAwGA1UdEwQFMAMBAf8wHQYDVR0O
+BBYEFKudI5P9HzNKMi2qJFryLWSpAZpBMA0GCSqGSIb3DQEBBQUAA4IBAQBWUlG5
+DwLh9i6csTFapvjOvO4ChBUJ8ShSX+fhLL3beQp6v+tintWGRynudDDsTHW1HuOq
+M++t4WpMvzcBvlWDTKlS2DeYUG9o3UdBtywwyG5MByzG00m5tVzSy8zUNsYHDRhP
+P2MAxOy2iPsBZGOt0fd3fGRUKxI9NBWF8KC6eSlfmJtC6q7BqJ8TiYpt6bg4yWHt
+YOz3KlgFm6FgeIMX4X5f6P144GtWKoZ2rlvCXutF5DC4Me1ksV0uwD2ADccnE9N2
+4ob73NuACoHh/Qj5C8QxtGNb54wz5Qa2Umqz1+lr4zJ4MmaUTt2Nd23TJChbVGF3
+Amd1lEtXS+ZsxTlv
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIDNzCCAh+gAwIBAgICJxwwDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UEBhMCR1Ix
 HTAbBgNVBAoTFEF0aGVucyBFeGNoYW5nZSBTLkEuMRYwFAYDVQQDEw1BVEhFWCBS
 b290IENBMB4XDTEwMTAxODE1NTYwM1oXDTMwMTAxNzIxMDAwMFowRDELMAkGA1UE
@@ -5767,36 +4653,58 @@ Dn0KJnNR6obLB6jI/WNaNZvSr79PMUjBhHDbNXuaGQ/lj/RqDG8z2esccKIN47lQ
 A2EC/0rskqTcLe4qNJMHtyznGI8=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJO
-TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFh
-dCBkZXIgTmVkZXJsYW5kZW4gRVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0y
-MjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIg
-TmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRlcmxhbmRlbiBFViBS
-b290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkkSzrS
-M4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nC
-UiY4iKTWO0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3d
-Z//BYY1jTw+bbRcwJu+r0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46p
-rfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13l
-pJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gVXJrm0w912fxBmJc+qiXb
-j5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr08C+eKxC
-KFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS
-/ZbV0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0X
-cgOPvZuM5l5Tnrmd74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH
-1vI4gnPah1vlPNOePqc7nvQDs/nxfRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrP
-px9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB
-/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwaivsnuL8wbqg7
-MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI
-eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u
-2dfOWBfoqSmuc0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHS
-v4ilf0X8rLiltTMMgsT7B/Zq5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTC
-wPTxGfARKbalGAKb12NMcIxHowNDXLldRqANb/9Zjr7dn3LDWyvfjFvO5QxGbJKy
-CqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tNf1zuacpzEPuKqf2e
-vTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi5Dp6
-Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIa
-Gl6I6lD4WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeL
-eG9QgkRQP2YGiqtDhFZKDyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8
-FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGyeUN51q1veieQA6TqJIc/2b3Z6fJfUEkc
-7uzXLg==
+MIIJmDCCB4CgAwIBAgIBCjANBgkqhkiG9w0BAQwFADCCAR4xPjA8BgNVBAMTNUF1
+dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9s
+YW5vMQswCQYDVQQGEwJWRTEQMA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlz
+dHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0
+aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBlcmludGVuZGVuY2lh
+IGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUwIwYJ
+KoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NDEz
+NloXDTMwMTIyMzIzNTk1OVowggEeMT4wPAYDVQQDEzVBdXRvcmlkYWQgZGUgQ2Vy
+dGlmaWNhY2lvbiBSYWl6IGRlbCBFc3RhZG8gVmVuZXpvbGFubzELMAkGA1UEBhMC
+VkUxEDAOBgNVBAcTB0NhcmFjYXMxGTAXBgNVBAgTEERpc3RyaXRvIENhcGl0YWwx
+NjA0BgNVBAoTLVNpc3RlbWEgTmFjaW9uYWwgZGUgQ2VydGlmaWNhY2lvbiBFbGVj
+dHJvbmljYTFDMEEGA1UECxM6U3VwZXJpbnRlbmRlbmNpYSBkZSBTZXJ2aWNpb3Mg
+ZGUgQ2VydGlmaWNhY2lvbiBFbGVjdHJvbmljYTElMCMGCSqGSIb3DQEJARYWYWNy
+YWl6QHN1c2NlcnRlLmdvYi52ZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAME77xNS8ZlW47RsBeEaaRZhJoZ4rw785UAFCuPZOAVMqNS1wMYqzy95q6Gk
+UO81ER/ugiQX/KMcq/4HBn83fwdYWxPZfwBfK7BP2p/JsFgzYeFP0BXOLmvoJIzl
+Jb6FW+1MPwGBjuaZGFImWZsSmGUclb51mRYMZETh9/J5CLThR1exStxHQptwSzra
+zNFpkQY/zmj7+YZNA9yDoroVFv6sybYOZ7OxNDo7zkSLo45I7gMwtxqWZ8VkJZkC
+8+p0dX6mkhUT0QAV64Zc9HsZiH/oLhEkXjhrgZ28cF73MXIqLx1fyM4kPH1yOJi/
+R72nMwL7D+Sd6mZgI035TxuHXc2/uOwXfKrrTjaJDz8Jp6DdessOkxIgkKXRjP+F
+K3ze3n4NUIRGhGRtyvEjK95/2g02t6PeYiYVGur6ruS49n0RAaSS0/LJb6XzaAAe
+0mmO2evnEqxIKwy2mZRNPfAVW1l3wCnWiUwryBU6OsbFcFFrQm+00wOicXvOTHBM
+aiCVAVZTb9RSLyi+LJ1llzJZO3pq3IRiiBj38Nooo+2ZNbMEciSgmig7YXaUcmud
+SVQvLSL+Yw+SqawyezwZuASbp7d/0rutQ59d81zlbMt3J7yB567rT2IqIydQ8qBW
+k+fmXzghX+/FidYsh/aK+zZ7Wy68kKHuzEw1Vqkat5DGs+VzAgMBAAGjggLbMIIC
+1zASBgNVHRMBAf8ECDAGAQH/AgECMDcGA1UdEgQwMC6CD3N1c2NlcnRlLmdvYi52
+ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0wMB0GA1UdDgQWBBStuyIdxuDS
+Aaj9dlBSk+2YwU2u0zCCAVAGA1UdIwSCAUcwggFDgBStuyIdxuDSAaj9dlBSk+2Y
+wU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0b3JpZGFkIGRlIENlcnRpZmlj
+YWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xhbm8xCzAJBgNVBAYTAlZFMRAw
+DgYDVQQHEwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0cml0byBDYXBpdGFsMTYwNAYD
+VQQKEy1TaXN0ZW1hIE5hY2lvbmFsIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25p
+Y2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5kZW5jaWEgZGUgU2VydmljaW9zIGRlIENl
+cnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkqhkiG9w0BCQEWFmFjcmFpekBz
+dXNjZXJ0ZS5nb2IudmWCAQowCwYDVR0PBAQDAgEGMDcGA1UdEQQwMC6CD3N1c2Nl
+cnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAzNi0wMFQGA1UdHwRN
+MEswJKAioCCGHmh0dHA6Ly93d3cuc3VzY2VydGUuZ29iLnZlL2xjcjAjoCGgH4Yd
+bGRhcDovL2FjcmFpei5zdXNjZXJ0ZS5nb2IudmUwNwYIKwYBBQUHAQEEKzApMCcG
+CCsGAQUFBzABhhtodHRwOi8vb2NzcC5zdXNjZXJ0ZS5nb2IudmUwQAYDVR0gBDkw
+NzA1BgVghl4BAjAsMCoGCCsGAQUFBwIBFh5odHRwOi8vd3d3LnN1c2NlcnRlLmdv
+Yi52ZS9kcGMwDQYJKoZIhvcNAQEMBQADggIBABxZEOVepFHBR7tlsgtV4i+poye8
+4TyKx2wDVqOpKaKbipXYH/e2EmAWvnr0/QOBT/2BgapPgXAeLu/AkhJ7uw+FiMT5
+HUG1uiQqwygmE8r5APvXw1z5aOkbwRgiyaJsZMP4OcNOId3Wwt7ltizJXDjw3l5q
+5Cf0uDPEy2GSM1OozPydzVP7KAvv7X+wj3QitjVXgKiuBa4pCjuypP0949TBkPY/
+zrzkRP7RwX4oL/0AJDIgiMRvGHuRDkiQvJZiYIFtFAAaUbq1XWmNYUccLKxORSCp
+SEWjh0mjeJDdNkJ/2HZv/W2DAcb5f5ggf5YuImCroifAsDUk0Mm/M5kiUw5uH2JM
+JvwkM8rBA8ypF2FjMyTMaEDvr6LihcOIMNNFG+5W6lYKDwpHmzBZ2EnRMJAMJyom
+CChcMh8n160LSeUXUWPP5g07YFEavUMJUOaRtWPmZJeqC5cTAQaGXKUflb5Qjguy
+0mR/26tM5kPG5IWNav6N/ruUVR6RUycI07pnPTqhycHFFLr5Q1zFjiGMgqL9KjIl
+1RaMFVbAmPwuso4ZpBZxw0vdcf5x7CId8MGMmIGHtL8CuMQwMUfCwLCvezNjCt2s
+RZvBzICH9NmYXpyG/poE/2ZK/HthVL5XYwUHxqcBdVnkbjk7APSqnfOfiL/P0SUr
+339z7RaGqZBlD3Ap
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIDkDCCAnigAwIBAgIQHKAtwVI7am2LXB+VSu2sMDANBgkqhkiG9w0BAQUFADBi
@@ -5936,27 +4844,6 @@ t0XnWmp9wZ8UbzBXmBmgB0Pr7tEIhtdJnBIKADsPp0GxSquQs9S9CeeID54kDiv7
 YT1VmdNY5LjHffQVTWUOGHlBybvpmsFZGEQ0YtXoOHvKhRiYhnnNfbpH25U=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIDZDCCAkygAwIBAgICC7gwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCTFUx
-FjAUBgNVBAoTDUx1eFRydXN0IHMuYS4xHTAbBgNVBAMTFEx1eFRydXN0IEdsb2Jh
-bCBSb290MB4XDTExMDMxNzA5NTEzN1oXDTIxMDMxNzA5NTEzN1owRDELMAkGA1UE
-BhMCTFUxFjAUBgNVBAoTDUx1eFRydXN0IHMuYS4xHTAbBgNVBAMTFEx1eFRydXN0
-IEdsb2JhbCBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsn+n
-QPAiygz267Hxyw6VV0B1r6A/Ps7sqjJX5hmxZ0OYWmt8s7j6eJyqpoSyYBuAQc5j
-zR8XCJmk9e8+EsdMsFeaXHhAePxFjdqRZ9w6Ubltc+a3OY52OrQfBfVpVfmTz3iI
-Sr6qm9d7R1tGBEyCFqY19vx039a0r9jitScRdFmiwmYsaArhmIiIPIoFdRTjuK7z
-CISbasE/MRivJ6VLm6T9eTHemD0OYcqHmMH4ijCc+j4z1aXEAwfh95Z0GAAnOCfR
-K6qq4UFFi2/xJcLcopeVx0IUM115hCNq52XAV6DYXaljAeew5Ivo+MVjuOVsdJA9
-x3f8K7p56aTGEnin/wIDAQABo2AwXjAMBgNVHRMEBTADAQH/MA4GA1UdDwEB/wQE
-AwIBBjAfBgNVHSMEGDAWgBQXFYWJCS8kh28/HRvk8pZ5g0gTzjAdBgNVHQ4EFgQU
-FxWFiQkvJIdvPx0b5PKWeYNIE84wDQYJKoZIhvcNAQELBQADggEBAFrwHNDUUM9B
-fua4nX3DcNBeNv9ujnov3kgR1TQuPLdFwlQlp+HBHjeDtpSutkVIA+qVvuucarQ3
-XB8u02uCgUNbCj8RVWOs+nwIAjegPDkEM/6XMshS5dklTbDG7mgfcKpzzlcD3H0K
-DTPy0lrfCmw7zBFRlxqkIaKFNQLXgCLShLL4wKpov9XrqsMLq6F8K/f1O4fhVFfs
-BSTveUJO84ton+Ruy4KZycwq3FPCH3CDqyEPVrRI/98HIrOM+R2mBN8tAza53W/+
-MYhm/2xtRDSvCHc+JtJy9LtHVpM8mGPhM7uZI5K1g3noHZ9nrWLWidb2/CfeMifL
-hNp3hSGhEiE=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIF7TCCA9WgAwIBAgIQP4vItfyfspZDtWnWbELhRDANBgkqhkiG9w0BAQsFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl
 ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMp
@@ -6402,6 +5289,40 @@ B3hquXS0YPOEjQPcrpHadEQNe0Kpd9YrfKHGbBNTIqkSmqX5TyhFNbCXT0ZlhcX0
 Y2rwQMEsjQ==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCB
+gDELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIG
+A1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQSAyMCIYDzIwMTExMDA2MDgz
+OTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZ
+VW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3
+b3JrIENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWA
+DGSdhhuWZGc/IjoedQF97/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn
+0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+oCgCXhVqqndwpyeI1B+twTUrWwbNWuKFB
+OJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40bRr5HMNUuctHFY9rnY3lE
+fktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2puTRZCr+E
+Sv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1m
+o130GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02i
+sx7QBlrd9pPPV3WZ9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOW
+OZV7bIBaTxNyxtd9KXpEulKkKtVBRgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgez
+Tv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pyehizKV/Ma5ciSixqClnrDvFAS
+adgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vMBhBgu4M1t15n
+3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMC
+AQYwDQYJKoZIhvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQ
+F/xlhMcQSZDe28cmk4gmb3DWAl45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTf
+CVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuAL55MYIR4PSFk1vtBHxgP58l1cb29
+XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMoclm2q8KMZiYcdywm
+djWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tMpkT/
+WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jb
+AoJnwTnbw3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksq
+P/ujmv5zMnHCnsZy4YpoJ/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Ko
+b7a6bINDd82Kkhehnlt4Fj1F4jNy3eFmypnTycUm/Q1oBEauttmbjL4ZvrHG8hnj
+XALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLXis7VmFxWlgPF7ncGNf/P
+5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7zAYspsbi
+DrW5viSP
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIE5DCCA8ygAwIBAgIBATANBgkqhkiG9w0BAQsFADB/MQswCQYDVQQGEwJteTEL
 MAkGA1UECgwCVE0xNDAyBgNVBAsMK1RNIEFwcGxpZWQgQnVzaW5lc3MgQ2VydGlm
 aWNhdGlvbiBBdXRob3JpdHkxLTArBgNVBAMMJFRNIEFwcGxpZWQgQnVzaW5lc3Mg
@@ -6661,6 +5582,29 @@ mYaq3ozatqhs32g21mGLbsBzTrc5RfR9zknE8x35qXds7++SFRMnmUbon6mKG58p
 L6IdPtYrx+RVEDoY97N7Ty7HACLt5DHQ57jkVE/BgEUlbg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIDvTCCAqWgAwIBAgIQD2tVL56/kHsPZimpvfTYzjANBgkqhkiG9w0BAQsFADBk
+MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xNjA0
+BgNVBAMTLVN5bWFudGVjIEVudGVycHJpc2UgTW9iaWxlIFJvb3QgZm9yIE1pY3Jv
+c29mdDAeFw0xMjAzMTUwMDAwMDBaFw0zMjAzMTQyMzU5NTlaMGQxCzAJBgNVBAYT
+AlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3JhdGlvbjE2MDQGA1UEAxMtU3lt
+YW50ZWMgRW50ZXJwcmlzZSBNb2JpbGUgUm9vdCBmb3IgTWljcm9zb2Z0MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT2wcu6R6aVpnBFNevmz+j3ylJsj
+t6YD7GIY/IUSIv7BcX1Uk7mRfWL2yqg4FWX4dz3lgiA61LXRbo0GSb3fgg4khefv
+eC0Y8uALaEY+JBDIV+4ObXGm07FWHNcp1bLqVAUKqDyhuCVSBwWg3+fc7lw7QbWr
+XDMy0s7r6Zb4QPQKujMd+FYDCYL1ZwfEwDTBXfxFu+o8mtV0cW3VhtPC/IW8VOuj
+1fJP1UWvV7zwIsCPokXIdTR33qFtN3Kzc40Ma1O6WeGoPoBX0l9Z7mh1z4Gco8pF
+jDfbBXI0HDIC+NX5LA3aWJ7EF7SbyZDEiFk/cZGQRBi+Iot5ki5CsIuXWwIDAQAB
+o2swaTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAnBgNVHREEIDAe
+pBwwGjEYMBYGA1UEAxMPTVBLSS0yMDQ4LTEtMTExMB0GA1UdDgQWBBRN7N8mBtwk
+EMC2mfTXOcdvGfgmKDANBgkqhkiG9w0BAQsFAAOCAQEAqVdZ0AFUFEavx3lUDGoq
+W9g6HYHkiKMxtPHzNfFGc1xDyf68omoZwL0vX8s4o21u6BRe8nh+RXrhu/Qum0Xr
+4B1QHDRbf5iKhg+H2uRkJnf8Cd8jQU8On/oO+kSF8CmXpJTi9EAtkRx29Khg3nGm
+sAXiT2nZGQuJOuD6qyv68bMy7fx8cGVe0HsRe53oWxpKdqR7UTmsfakMdDjou1Xf
+xM7ApyFauBufAcWnEP59+WoImQHR9jVQOOT2Q+QY2IBM7McE4mGMfUntz7Sl8fKQ
+kgkINXOgIzLK6ZyeHL4LByx3XhdM2pyC4YAbpfPa94i/vzkn+CT+sUvIl+3kEhQl
+iA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIFkzCCA3ugAwIBAgIRAJBmYahiPWVEdwQ/cZrDlwwwDQYJKoZIhvcNAQEFBQAw
 OzELMAkGA1UEBhMCU0UxETAPBgNVBAoMCEluZXJhIEFCMRkwFwYDVQQDDBBTSVRI
 UyBSb290IENBIHYxMB4XDTEyMDMyOTA3NTQ0OVoXDTMyMDMyOTA3NTQ0OVowOzEL
@@ -6693,6 +5637,34 @@ uyIGKJqgpJhpbza01A0ODH3AKTG7LAMn4WenvdGLLraHxArgCQuCoeZPWJ372Phh
 sYtfov2Z6qJ7WWLRXq7RSnIYK0s2OXIHmlrwYzrPG/nP3UhzWXDk
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIExTCCA62gAwIBAgIESbY1GDANBgkqhkiG9w0BAQsFADBiMQswCQYDVQQGEwJT
+QTEyMDAGA1UECgwpTmF0aW9uYWwgQ2VudGVyIGZvciBEaWdpdGFsIENlcnRpZmlj
+YXRpb24xHzAdBgNVBAsMFlNhdWRpIE5hdGlvbmFsIFJvb3QgQ0EwHhcNMTIwNDI5
+MDY1NTIwWhcNMjkxMTI5MDcyNTIwWjBiMQswCQYDVQQGEwJTQTEyMDAGA1UECgwp
+TmF0aW9uYWwgQ2VudGVyIGZvciBEaWdpdGFsIENlcnRpZmljYXRpb24xHzAdBgNV
+BAsMFlNhdWRpIE5hdGlvbmFsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDj5CziDK+WOay1n4cRF/Ojv4FFDfMaDLoy4kzop4bbXNK52zVK
+Ls1+cYIk+twf8uS8zrfG4sreKWjP7yRbv6YVz57jaUuUufz7nNhjpblp383u3Mhc
+wKD+KRWTvz2Gg1W1lhy9p3DatwXkOZO/pXnk9ZNGGPLbDecqd2YMgCdKPjzdT5A1
+xmuBqj1vCaWMLiFXC7AKkOqhHvpYDUmnzyuyqMA46RPalFhAki/lOL22iSZzhIGN
+60pZNDB4KuqLFkjBN5J1mI0KSi5/2xKO1ik5MCvuvYC2KOlXcBSCfYST/gk1vGD1
+GHVQlBQkWkwYlxNCogT8mb2oWpvRZ7McG/KfAgMBAAGjggGBMIIBfTAOBgNVHQ8B
+Af8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAzBggrBgEFBQcBAQQnMCUwIwYIKwYB
+BQUHMAGGF2h0dHA6Ly9vY3NwLm5jZGMuZ292LnNhMIHkBgNVHR8Egdwwgdkwgaag
+gaOggaCGKWh0dHA6Ly93ZWIubmNkYy5nb3Yuc2EvY3JsL25yY2FwYXJ0YTEuY3Js
+pHMwcTELMAkGA1UEBhMCU0ExMjAwBgNVBAoMKU5hdGlvbmFsIENlbnRlciBmb3Ig
+RGlnaXRhbCBDZXJ0aWZpY2F0aW9uMR8wHQYDVQQLDBZTYXVkaSBOYXRpb25hbCBS
+b290IENBMQ0wCwYDVQQDDARDUkwxMC6gLKAqhihodHRwOi8vd2ViLm5jZGMuZ292
+LnNhL2NybC9ucmNhY29tYjEuY3JsMB8GA1UdIwQYMBaAFPyZmEEX4/M9Hv23cqm/
+oxbkKumqMB0GA1UdDgQWBBT8mZhBF+PzPR79t3Kpv6MW5CrpqjANBgkqhkiG9w0B
+AQsFAAOCAQEALpUOix3h+/qcQm1Ai7/f7DMESwUOXCI2H6QClDh1/AhZm52FvznN
+m86ATFaGmU1zZvW2Asm0JEiPC2Pzjn8xgZt8WXeRtSMIeXptPsXVD0eCsO+XLic0
+uYfR1AV8Xz0hN6R/yavRmJD3S5EYrsTpI4nou2DGS88L2PcrfSWM4DZk5KuqeD02
++qL0SZIDtRnu13JgsP7JB2q4YAWZP31WBHBI3TPGSOkB88LqRXGaQ1r9vhkzM4ne
+PFjJEodWE2EmHpEQQ3y8Hgw+0Fp8SX523G4BHUuSqdlm5Xod9LiLYC7slSz/TWTI
+7CUAD9jzEqpL1/PSBmXeLdniE6YHskWu6g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIEHjCCAwagAwIBAgIET7PQ7jANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMC
 WkExETAPBgNVBAoTCExBV3RydXN0MTIwMAYDVQQLEylMQVcgVHJ1c3RlZCBUaGly
 ZCBQYXJ0eSBTZXJ2aWNlcyBQVFkgTHRkLjEzMDEGA1UEAxMqTEFXdHJ1c3QgUm9v
@@ -6897,6 +5869,39 @@ DjQG/MAWifw3VOTWzz0TBPKR2ck2Lj7FWtClTILD/y58Jnb38/1FoqVuVa4uzM8s
 iTTa9g3nkagQ6hed8vbs
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIFojCCA4qgAwIBAgIGC4LclDN2MA0GCSqGSIb3DQEBCwUAMHAxCzAJBgNVBAYT
+AkNBMSswKQYDVQQKEyJDYXJpbGxvbiBJbmZvcm1hdGlvbiBTZWN1cml0eSBJbmMu
+MSIwIAYDVQQLExlDZXJ0aWZpY2F0aW9uIEF1dGhvcml0aWVzMRAwDgYDVQQDEwdD
+SVNSQ0ExMB4XDTEyMTAxNjE4MjgzM1oXDTMyMTAxNjE4MjgzM1owcDELMAkGA1UE
+BhMCQ0ExKzApBgNVBAoTIkNhcmlsbG9uIEluZm9ybWF0aW9uIFNlY3VyaXR5IElu
+Yy4xIjAgBgNVBAsTGUNlcnRpZmljYXRpb24gQXV0aG9yaXRpZXMxEDAOBgNVBAMT
+B0NJU1JDQTEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDEdvFial/N
+Kc0ENn9uYX5z9J1m3yJamoNEgWb9ThGwPqzoiLJTOf/jur7U/9OF2L1br2hPM6y4
+FH0SW3qVa8c2/iuP9IhgiTqqWThMwV1VgaXf2B8xetOjTvBRy8Mxh64L3speG6F0
+OPCSd3E8yxN+oMEKmL3YuPhUNJhOZxaaV0smhl8bZnKqwfJogp1YQXxxIuLPATH+
+4uBWqWjgrTOvNTkunG4GTPMjdi9pJugFOWm39Uga99/ZOTcyVREnBIEfnTyLjINS
+d8GuLM0rKkrlLfEZabqHXoud4HHIdNLN7m44N2pdGQDSdt2i6247qh31NgZPX15s
+whDz3W+12nla/tVGRDRIr4YANHwkhN1FkPkWgqyokdTpRjNvfrpHH+Hvr+VQ1sb5
+p+1sl6orKU5dxfge9nTJqyT4DVPHaBW+/FyrPXIL0nAEtxbjaanxZ7rGAEx7gDQ1
+Ll7tH6Al96WCahB/v49Zb8NGpspCTkIjhQY5NYy18dfBI0JF/S8lcfjzB9MHaL7b
+mGwq9qVH97BlYK2ufOYRHSdUCGWw2ILAYWvpfo8i1nEda0EgZdhXmh98DlpU4JSw
+bXXvKDI1PFXDbWf4JL37QPNanTbZNUy74mvZsTYP5G8gGsVvesOROa+vzPP2vSCG
+utMkITwfNynmn/wav5jfPLogIRKpwjoqkwIDAQABo0IwQDAdBgNVHQ4EFgQU6pUV
+2lw5AOKa28S6LWf6ofd1NO0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AcYwDQYJKoZIhvcNAQELBQADggIBADXQ2Lie8gn48J+ybkiy1+qhmyiJOc3+Fmod
+6ZyCX1FHOvWe0byuH5/iXErI7O1GQvF8QwcV326X9u2G/J/FCF6CDqMuqAouvI4b
+MRIo9nkowSK20ZVpQOhZCSeikWR26tATjXD8ZcNvEZ8qSMqnYvWDFOUaFseRi7QJ
+xc574+QdbZei6csmHmu03D6Ddi9eTahoiVT9TtJGqED22Mp4zzYaPVlljJv1Kx9M
+gt94eE0mSkdprW8zHwMeIk7ZBlmeRvxQNV/GhRvkG/gAyeDTOqsmQ81H+lr4hQvH
+Mtq1DS0wKTp5sxTppQ9wJdGNCVCU7U2SnjA3QNtaeEmPDzkvvS7XqwiUySmK992M
+vYJ8MFti6DVGVjhdkfYOb4zulZ/9dJ3t7RCrzouPt61/TWlJ8McRVZuagvei+jPy
+RBH6FUtGqZtrl0LWtLcJERR5U6bnfy0nOgo0JETOVYx6gHVzAkvi+kaUfTMUDUJW
+uaDmL4VIkZ9EuqEoqbEfiXomClNchbl8hJiMKGCltnqNPaAAPdx/qkjpqC6sX96H
+LVykaxbqveiVtc54CfhxNuWQaNIHlrq8AIsOmG1NcFPAw8wbE5xImpk9EsAnjmGS
+TGhSb40DHIn104bA/3FJTyBr/dFvkST18UcjTVnf0L1JQv1AOD7i8QVcJegQ5FoC
+A+O7fCUq
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIICpzCCAi2gAwIBAgIQTHm1miicdjFk9YlE0JEC3jAKBggqhkjOPQQDAzCBlDEL
 MAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYD
 VQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRlYyBD
@@ -6993,87 +5998,6 @@ R98crlOZF7ZvHH3hvxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nX
 hTcGtXsI/esni0qU+eH6p44mCOh8kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNV
-BAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBC
-aWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNV
-BAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQDDB9FLVR1
-Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMwNTEyMDk0OFoXDTIz
-MDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExQDA+
-BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhp
-em1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN
-ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA4vU/kwVRHoViVF56C/UY
-B4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vdhQd2h8y/L5VMzH2nPbxH
-D5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5KCKpbknSF
-Q9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEo
-q1+gElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3D
-k14opz8n8Y4e0ypQBaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcH
-fC425lAcP9tDJMW/hkd5s3kc91r0E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsut
-dEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gzrt48Ue7LE3wBf4QOXVGUnhMM
-ti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAqjqFGOjGY5RH8
-zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn
-rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUX
-U8u3Zg5mTPj5dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6
-Jyr+zE7S6E5UMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5
-XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAF
-Nzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAKkEh47U6YA5n+KGCR
-HTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jOXKqY
-GwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c
-77NCR807VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3
-+GbHeJAAFS6LrVE1Uweoa2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WK
-vJUawSg5TB9D0pH0clmKuVb8P7Sd2nCcdlqMQ1DujjByTd//SffGqWfZbawCEeI6
-FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEVKV0jq9BgoRJP3vQXzTLl
-yb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gTDx4JnW2P
-AJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpD
-y4Q08ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8d
-NL/+I5c30jn6PQ0GC7TbO6Orb1wdtn7os4I07QZcJA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDvTCCAqWgAwIBAgIRALpx8ZAJtM0mft/ePvV6BJYwDQYJKoZIhvcNAQELBQAw
-eDELMAkGA1UEBhMCVFIxKDAmBgNVBAoMH0VsZWt0cm9uaWsgQmlsZ2kgR3V2ZW5s
-aWdpIEEuUy4xPzA9BgNVBAMMNkUtR1VWRU4gS29rIEVsZWt0cm9uaWsgU2VydGlm
-aWthIEhpem1ldCBTYWdsYXlpY2lzaSBTMjAeFw0xMzAzMTExNDMyMDhaFw0yMzAz
-MTAxNDMyMDlaMHgxCzAJBgNVBAYTAlRSMSgwJgYDVQQKDB9FbGVrdHJvbmlrIEJp
-bGdpIEd1dmVubGlnaSBBLlMuMT8wPQYDVQQDDDZFLUdVVkVOIEtvayBFbGVrdHJv
-bmlrIFNlcnRpZmlrYSBIaXptZXQgU2FnbGF5aWNpc2kgUzIwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQCtfZONP0noZCnTOKeU/2N7oFytgbCNTi9bYTHn
-+pgNxZEHnFtjSUBkY6mundrKSP2i5FtSSCBwmKqPPox8DLStIGAFwNcN/yyHBPUF
-4cfF8Ir1/48ywLeaq7oivnCy508zyOLe0z7UjjmPy8xv+ufgpsvvNkehAajtJd32
-MVuZe1EcCbdX1GDAQsx7EmU/huq+t+inC01voBBC7MQmvW1NEzHyrEGKaINZWm8B
-IfGGdv4781AUtj+nSWcRxK+tqL72WlnWaA0uldent+StpKycBf1ivRiLbK1pBqdx
-UzZX3lQtXoR3fb3CCqxTAEEZjbI7j4tQrbdB3Cgeg8GE+cnbAgMBAAGjQjBAMA8G
-A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSWPa0YOj/Y
-AqS5bT/1B7lgnNw/AzANBgkqhkiG9w0BAQsFAAOCAQEAYadyeWa2dYbBBw8o3rDj
-B1zFFHl0XBaNn8P/wlz3Y+n4CrT8+HAHNCMkNWuJfjpIr5xeqWxRjJeDTuRbNjd7
-p/MkA+BqruLPb1hq/Pyfr3Q2LQqRY/uy0uBkstodZ94f+pixeIwRoM34GFoawh1d
-LZTB/ti2z1JyNK0prFLRH2ZLTZbXdi9HviGOp8Zsp/tbqTq1yqFfK/cfaOvPLGZX
-AuVCWMjDwETKrBFMfbUXLmtVESz+MHDevzWGAEdvzT/IWJ2R7t/kQkrkRh0SQcTX
-uiF8bUi5IYSVh4SMXu4/bSu7gJ5gkYx5nWMcBTYkIuSo8y3RTHQaFJzrEhCGCgoQ
-Nw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDvDCCAqSgAwIBAgIQbBECAlQtLx8xR3HOg+sB1zANBgkqhkiG9w0BAQsFADB4
-MQswCQYDVQQGEwJUUjEoMCYGA1UECgwfRWxla3Ryb25payBCaWxnaSBHdXZlbmxp
-Z2kgQS5TLjE/MD0GA1UEAww2RS1HVVZFTiBLb2sgRWxla3Ryb25payBTZXJ0aWZp
-a2EgSGl6bWV0IFNhZ2xheWljaXNpIFMzMB4XDTEzMDMxMTE0MzkzNVoXDTIzMDMx
-MDE0MzkzNVoweDELMAkGA1UEBhMCVFIxKDAmBgNVBAoMH0VsZWt0cm9uaWsgQmls
-Z2kgR3V2ZW5saWdpIEEuUy4xPzA9BgNVBAMMNkUtR1VWRU4gS29rIEVsZWt0cm9u
-aWsgU2VydGlmaWthIEhpem1ldCBTYWdsYXlpY2lzaSBTMzCCASIwDQYJKoZIhvcN
-AQEBBQADggEPADCCAQoCggEBALX0x15RGdmxfLyGC9YHfivm0mLrO72puT+DmjT0
-gjXMxYwCdIeta5j/D4b1svjzpuT4OBdUxSLahv1uKuCpB0c5yQXqyoOZTJmSi5HM
-HEIEbiA7kdfEBOobh5afFVnMMwp85mIFrYUim+pBSQk6lQVn/SgW0ZQKk7DfaWnI
-kXYGYEgXB2T945R6Mk1DE5QDwDA4Ez6b1gYG7dM/v0YZofFGrQqeekKDIxXeHss7
-tiE7afCik+czcVGgQ4t7elJeKgzuWA5FPXLu+CQiRs8I8XsfU5YAHQffLRVZcYgk
-p5j+OYwO22pppdovhq6+I8e4+g4tZRjJWp036KwvWKie/jECAwEAAaNCMEAwDwYD
-VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFOJ0M/8aVnkF
-Rdghx7AqiofnpHiwMA0GCSqGSIb3DQEBCwUAA4IBAQC1ZU/a1LDIzh+9ZAPS72IE
-j2Mu2+SYOY/bdr/DLjFkeY3RO4fkDlbf10H0V3NHi4cip418J7ERuLVWpBTLhe4D
-jqz8+qbQn62CMNk86bJZ/1H6vwqZJBPnsjaDhBPD2s/XAFXEJ4n1yEtJedq1JvsP
-kvDSh0C11Ihhb8x1brfBM8jTRTb7G3lCWm5t4EN0ZEWoD3T9DIAvwTwJzyS6Cawi
-Lh0x/ve1gkTzddjaISixhCLpdZCHo4mKs1lVBudtUIhNA/u7hllCjWxfYuLNGm0g
-fR/DFgdgy1PbUlemUxp3uoYk/8pkh95UOjZh7op+yD7Wu7A2NdAY0sGyL4xVSUaG
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIID9zCCAt+gAwIBAgILMTI1MzcyODI4MjgwDQYJKoZIhvcNAQELBQAwWDELMAkG
 A1UEBhMCSlAxHDAaBgNVBAoTE0phcGFuZXNlIEdvdmVybm1lbnQxDTALBgNVBAsT
 BEdQS0kxHDAaBgNVBAMTE0FwcGxpY2F0aW9uQ0EyIFJvb3QwHhcNMTMwMzEyMTUw
@@ -7098,6 +6022,43 @@ Y+TYmK5rtT6mVbgzPixy+ywRAPtbFi+E0hOe+gXFwctyTiLdhMpLvNIthhoEdlkf
 SUJiOxMfFui61/0=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIGgTCCBGmgAwIBAgIEUVLFjDANBgkqhkiG9w0BAQ0FADCBzzELMAkGA1UEBhMC
+VEgxSTBHBgNVBAoMQEVsZWN0cm9uaWMgVHJhbnNhY3Rpb25zIERldmVsb3BtZW50
+IEFnZW5jeSAoUHVibGljIE9yZ2FuaXphdGlvbikxNzA1BgNVBAsMLlRoYWlsYW5k
+IE5hdGlvbmFsIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxPDA6BgNVBAMM
+M1RoYWlsYW5kIE5hdGlvbmFsIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMTAeFw0xMzAzMjcwOTQwMjJaFw0zNjAzMjcxMDEwMjJaMIHPMQswCQYDVQQG
+EwJUSDFJMEcGA1UECgxARWxlY3Ryb25pYyBUcmFuc2FjdGlvbnMgRGV2ZWxvcG1l
+bnQgQWdlbmN5IChQdWJsaWMgT3JnYW5pemF0aW9uKTE3MDUGA1UECwwuVGhhaWxh
+bmQgTmF0aW9uYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTE8MDoGA1UE
+AwwzVGhhaWxhbmQgTmF0aW9uYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eSAtIEcxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1rpK5Izxmi6J
+F8JA84IAMf4TAnplygjYqyKxAppxNEpkWYLlQkbrI/aLWiKxzzbnc20UbfdJlF7v
+5zRZZ/aoz1ZZI4RV4vsaEcqj+YqrZx6CE9CLOZq/D8IPPNZh2OqbzxUOvtTwzD9z
+nAT0onFzfYCwnTHxBvmwE+WISTD2Fn2IVyk6LKKMkJjOERbOTVEP/MeyzPJmGCGA
+BYitudDFC3gB/k7SCIs28VbPbrpzJgvW96VGamlOlranBlbM5i4xn26L7ZwAVUf0
+e6Z6tt8BHUgEC6tCwnBKlL38rFHyqz/W62DfCP/1ErKJKnq5RZklfXzvzxXQSCwQ
+1tS8CCe1hinU49PEKpAS9qIq+YuvFv8C83puz6LLarTgcgv7PoV/4ofgL0Mj+IXJ
+merWQN6g++fedv+PgDnrZxITpvvlo/wmgFlj8tIj6x/GSHNRnbezoFuraoj5v/tx
+UdxutnbvsFvyy4gwugbbG0HTVbSttOogIfzUd7Y9W6EMLSUhUiNS1zRTbRYEUmb4
+1erxLFjyO7HxfkO13IK4XuOH4aOkX+eJDryc6Sk6JafYT2qH1JZElxgWh8JxUoXO
+eoytHme+ui2/oyEnxecw6QaZG7AM475SZZNNYUvyOOaPGPECUpgupg4dBc8m7AEj
+Bzb24BM3qUeIA4dHy92yAR9fZBsEm8UCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB
+/zAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUfyN2t4Mqcfcs0YgP3UxfMgpo
+u38wHQYDVR0OBBYEFH8jdreDKnH3LNGID91MXzIKaLt/MA0GCSqGSIb3DQEBDQUA
+A4ICAQANZRxaB6merEzJX0/dMWzZ4lMdP5GNWrOMvTSeLk3KWNOvWWJJNnOwYXYR
+vos2x5Sq+DZpByDfXC8L9o4CFu9SBjjd7TRgqodeF844bVBN5d/lUb4dBJb03Orl
+2eqO3p90y4KUU4Fs+14s1aF1lk37MFzNYaCeocyCuVJyC4djYXthNHS2Lt3i4Ye1
+SRRhFUdKSz53uQjSNk9YZ0KJgHhaEiPtRTvdvyAmVPxbP2ABGEHjZ3UTtyoVcMzL
+edIU+PPC4CoQ9/lC2NzaCtMBBdtXmMm26wyZCsqMfe87FijA91/hR1HT+AZFB/AL
+usKcmOzSf01+/Qb8c8LCVRJi0CNE3yLk+HnnpRBOPsmOqoPpNuqrecYFhM2WaHx0
+rD8y/67JQOyPUL9QqLdO1a02atcnM/rn2C3ZN5iFG6YM6nsQE3AenojF3D6OuQ1V
+3wHO0El2UdsQYnhBrWljpZUJtxgGb/0EZ9QQD07bO18MY3zrZL1uSwCogfqSMoYw
+jAm/fVg/ZQ2pN9FF42ZpxGj0YqmoHjfZLplJoLAGjEB/hbH18UxLOKAIzCrZlsDs
+wA08LkVXw++V2rbL7ltlqCsyr8kn+RVTN3VYH0vql6IiXGdW4qDMNcSswzFAuZwD
+er3JSA7qahXanLx4b8kV52QD2UkTZkVLLfSEmbPqpxKV5ZMu/A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIFyDCCA7CgAwIBAgIBATANBgkqhkiG9w0BAQsFADB1MQswCQYDVQQGEwJQTDEk
 MCIGA1UECgwbVGVsZWtvbXVuaWthY2phIFBvbHNrYSBTLkEuMScwJQYDVQQLDB5T
 aWduZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFzAVBgNVBAMMDlNpZ25ldCBS
@@ -7131,6 +6092,118 @@ TB2joiHcZcaAHtSXT/SAUwq6XY07doAnOllbH/VWhuHoili3mvdC71qoSu5U+iSe
 n7jM7KII4qyCjdIzI8Ju4+T/mfVcZ8WydiIbbSz2BveONFEi6PYZar9QmoI=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIFrjCCA5agAwIBAgIQUJZucr0Q1oxPa8diP5xwODANBgkqhkiG9w0BAQsFADBx
+MQswCQYDVQQGEwJMVDErMCkGA1UEChMiU2thaXRtZW5pbmlvIHNlcnRpZmlrYXZp
+bW8gY2VudHJhczEZMBcGA1UECxMQQ0EgUk9PVCBTZXJ2aWNlczEaMBgGA1UEAxMR
+U1NDIEdETCBDQSBSb290IEEwHhcNMTMwNjA0MTMwMDQ3WhcNMzMwNjA0MTMwMDQ3
+WjBxMQswCQYDVQQGEwJMVDErMCkGA1UEChMiU2thaXRtZW5pbmlvIHNlcnRpZmlr
+YXZpbW8gY2VudHJhczEZMBcGA1UECxMQQ0EgUk9PVCBTZXJ2aWNlczEaMBgGA1UE
+AxMRU1NDIEdETCBDQSBSb290IEEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCfXEr8HGu3GZfZATc+CukYhtMF6qLa3wmCV+5tK42aFj1VPonXyb7hAaOA
+NaNG7OER7ag8leU6UoHKTpgIKg+E3LvppPl5tknCFZ6glegPSPdQ1/mmQ9QHCzBB
+yTYSYrdseAsGPy6znuow/UFjT4QsN84Hpjlke3EVWysB8td9mA0YPtuFmuABUCEk
+uBujY0PTgVtNDIFOOGvOYMXqB+In4uv2w1SayMmz0SsyNwK8bXuekHcjjZMTJjuH
+V6NlTyZYFGpjJZrlYfocV/0NLGkPxgrwJjkXAqPWc4FCw0Ixg4vg+ktOWGExKJI8
+xskQCMkMW0SsY8LXYhnyce4gt0mDGZ5H2lbFHKykOWgXXxEabKqlko+9G8vF4AKA
+VdNwU+WLKv5C6r07XONSAH14PybMEa400TIM+Hug0X0944q8vh4ekj84sl8yXjXE
+fsKSDZ22y1nV6xJq3XIhURGwc+Uy6dbMDt2zOVoi7+T16QZphip8c68YInMsNiXc
+ValSMbOKjhV9sk4Qe1CKAEy6h+JFU3d+TWUCa4yTtmt17e+Wt0iOqOC6uYKyUm0h
+/5K60T6wXLGrGQ4Zc0Yr01JIZTTaBDXSeD7PYzWkU+ZL41CDvfObh7Ih2kihekvs
+suLx1CUFlFMWTCtmJBDI4NecEqSUwgEjk6EApuBuuzni9XpoqQIDAQABo0IwQDAO
+BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUoBF+H+SU
+ZFE7Ejl6bN1Jk/n9wFwwDQYJKoZIhvcNAQELBQADggIBAAzxS4zhTxYW0upikrat
+1FKOCxlkSznwmDlzSlLqTs2OZEewMI88Dy3aImXzGVgyPH+DjwoM5VTmqb64rpdW
+5rcNGXy9lyxqKqVWc4LeTpiLPRzE0Csru8UM+E7+La6/qWd/V7Nv7f+L01YM7zCM
+wV6m6VmKPC7cR8/MlF6DrBR2+n68DKMOXBuI7CsbNWiIsfV7xfOzxRq8+++1Xt/w
+OR51aO1EwksicD5ca5TJEKzw/cgvfiPigacbzgy6RTInUEU5rOD+ALQqdQcMZxu7
+ccCC45dWl9Dkd1m5/3xnXIRluwg2qEtOkcJp/h3smhMfdTMsKcbpsGiQI/8jX3/G
+O6coELgfoojNZBYlT+OAt8BKgFfwkNs6sgIyINVryNgUQMnZOBlUOOvoZTtvXNVF
+eq/b2diVnranlc0cCR0CHgHpBJVdhZc4Fb2ox5ne00RCXYaDQSR8UYmqQwknNOjx
+CrWWS7TzoP7yAI1qO3S5Q7lmuc/q6zfO/5vpI/hs0yP96Ongbvj7DVJAiqyAayAQ
+XdCo/ao9ORErL/9SkTqg3IrHdjYRWYW7MIqkSDCcYUOr1K927cC/F5R4NdtINwjU
+jmoA6SLdyvDTEjg8mJ9gTG0/Qv3vjJq3HnF6GknUYMnrj/Tpxr9wVIjSx1c7Vs3X
+btztDXR+5XVBkVeTNH2p9b2H
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFrjCCA5agAwIBAgIQPoxPvOQpg4JNhFWO1TWAzzANBgkqhkiG9w0BAQsFADBx
+MQswCQYDVQQGEwJMVDErMCkGA1UEChMiU2thaXRtZW5pbmlvIHNlcnRpZmlrYXZp
+bW8gY2VudHJhczEZMBcGA1UECxMQQ0EgUk9PVCBTZXJ2aWNlczEaMBgGA1UEAxMR
+U1NDIEdETCBDQSBSb290IEIwHhcNMTMwNjA0MTQyMDE1WhcNMzMwNjA0MTQyMTU1
+WjBxMQswCQYDVQQGEwJMVDErMCkGA1UEChMiU2thaXRtZW5pbmlvIHNlcnRpZmlr
+YXZpbW8gY2VudHJhczEZMBcGA1UECxMQQ0EgUk9PVCBTZXJ2aWNlczEaMBgGA1UE
+AxMRU1NDIEdETCBDQSBSb290IEIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCPlenS68FzJcc4Z/CDjlO8tsvOunPbTyf2IpA/Qr8h1t5igrRvBAVJCTt3
+AddLX1LS2RnHbXwMqToJYuQqGGmMoN3rrBO2DjkRgGlOY1/cPA362YxivmSFMjJZ
+l1CTid/7/9TYZXHHRlWiG5lhH9xQAMgXeehQsAxe5v52pgFOCchwbPqQs17cPQfN
+SaNOVl4ST2RBf34MFcOg3rOjKQZJRKFfbz+BoERN8HsKOCjtEu5jl8N7XYxPcd2V
+OtouqAFGCvNs6LXxHwgA8UCSGyYAMXU5RkkmuaTUcXcRpE8zzAnb2dEhS5JErM54
+YoIX+/oStH3V8obt9H6WFOaNA1KvzRei1Ryl/oGmmu195NkOMmYQj9vZMzGBfilX
+78yyoWDuilu5Zdt/G5osjycxiYoota+xVtQDIu4lT9iavdJsV7yDpkgfLFUHCTQr
+uXksAqWgX3x2nyQyPC2S3+tIV4eh9v4j+jSrifVoG44fqm4OpdIh0u+50bFJVzVa
+hNMe4gJtUhB/4oxNIdsyMhx9zJYiAy1qpwZCbW6Qh/ocXLBP0ANBE/oLU+bBEAJI
+C3dj9KWcUXuYZtfFdjLlb10UYX0Mu22VQNqpJsf3qcvS/ifBK/axaIb+42JSmVCO
+K95BIQcbh/VAHXCtz/3CQ6g1VhFCxcteZqHIqGj3/kxXYTZSgQIDAQABo0IwQDAO
+BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUcgNGh2H2
+HbPUlWO5UHduDauY/i8wDQYJKoZIhvcNAQELBQADggIBAAjbijKBdDNxFuwhhVNI
+Cm8fcuPjBPgutz/zJJVPnO0T4YiCAvZm97exLYAnra64bf4jBxEIq3RhjCgS+fYQ
+NPDPtnyjdS0S1JTfdO6xmKux7iJiS1kff/4aZa1N4qQRPxMhtNg1i3ZApl+9MxHf
+mOMhXh2ju3g2AjvY/WSE2jfNWe38DNB0pGtxPDYSRJ5+bk8KIRxlH0sSbL+Octbd
+PgBwmAFFK+yVkOPTaTjnK51+ZVlb4duFymP+q7/k0P3kUroa5v7GkLp7zvGkYsVH
+viTHoHrlIeHGCOAMiYOPgGn97qDfekw600gqFr+uppW13Wgf+w61BYzRskR8YDBW
+dhe1NU+o1QrrwrVuAu6cXw6jsQGo5VNvfoNBHxXY/+HCthrxRpxkoBrgSsq4prSJ
+JO57lZli1OJAu86jmn0dcvMbgUF3AF7sPKIwBTzNfEg2E8gysGtvnzgoOGlce+bi
+rYO7bRPRLrfRdm9dMF65UEVI1kiAk1HJFqkQXWfGy35nfQVP9CDvJCVe7WdDxvtu
+efuy8sjJzkF8BeCti80KRS7iYp+XkfT5Y+zywmCK3Bv/Iaj/I4eMc42wOswfjzFy
+Cv2Wod8aU9M2trB3Rt4D9sKALm+XI+ERzFGYP+5A//Q9m4h/jLvhWYa9CTQnXJ4K
+kzI7VSqpXgsND6mmUQTimyoR
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIGDCCBgCgAwIBAgIGAT8vMVNvMA0GCSqGSIb3DQEBBQUAMIIBCjELMAkGA1UE
+BhMCRVMxEjAQBgNVBAgMCUJhcmNlbG9uYTFYMFYGA1UEBwxPQmFyY2Vsb25hIChz
+ZWUgY3VycmVudCBhZGRyZXNzIGF0IGh0dHA6Ly93d3cuYW5mLmVzL2VzL2FkZHJl
+c3MtZGlyZWNjaW9uLmh0bWwgKTEnMCUGA1UECgweQU5GIEF1dG9yaWRhZCBkZSBD
+ZXJ0aWZpY2FjaW9uMRcwFQYDVQQLDA5BTkYgQ2xhc2UgMSBDQTEaMBgGCSqGSIb3
+DQEJARYLaW5mb0BhbmYuZXMxEjAQBgNVBAUTCUc2MzI4NzUxMDEbMBkGA1UEAwwS
+QU5GIEdsb2JhbCBSb290IENBMB4XDTEzMDYxMDE3NDUyOVoXDTMzMDYwNTE3NDUy
+OVowggEKMQswCQYDVQQGEwJFUzESMBAGA1UECAwJQmFyY2Vsb25hMVgwVgYDVQQH
+DE9CYXJjZWxvbmEgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgaHR0cDovL3d3dy5h
+bmYuZXMvZXMvYWRkcmVzcy1kaXJlY2Npb24uaHRtbCApMScwJQYDVQQKDB5BTkYg
+QXV0b3JpZGFkIGRlIENlcnRpZmljYWNpb24xFzAVBgNVBAsMDkFORiBDbGFzZSAx
+IENBMRowGAYJKoZIhvcNAQkBFgtpbmZvQGFuZi5lczESMBAGA1UEBRMJRzYzMjg3
+NTEwMRswGQYDVQQDDBJBTkYgR2xvYmFsIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDHPi9xy4wynbcUbWjorVUgQKeUAVh937J7P37XmsfH
+ZLOBZKIIlhhCtRwnDlg7x+BUvtJOTkIbEGMujDygUQ2s3HDYr5I41hTyM2Pl0cq2
+EuSGEbPIHb3dEX8NAguFexM0jqNjrreN3hM2/+TOkAxSdDJP2aMurlySC5zwl47K
+ZLHtcVrkZnkDa0o5iN24hJT4vBDT4t2q9khQ+qb1D8KgCOb02r1PxWXu3vfd6Ha2
+mkdB97iGuEh5gO2n4yOmFS5goFlVA2UdPbbhJsb8oKVKDd+YdCKGQDCkQyG4AjmC
+YiNm3UPG/qtftTH5cWri67DlLtm6fyUFOMmO6NSh0RtR745pL8GyWJUanyq/Q4bF
+HQB21E+WtTsCaqjGaoFcrBunMypmCd+jUZXl27TYENRFbrwNdAh7m2UztcIyb+Sg
+VJFyfvVsBQNvnp7GPimVxXZNc4VpxEXObRuPWQN1oZN/90PcZVqTia/SHzEyTryL
+ckhiLG3jZiaFZ7pTZ5I9wti9Pn+4kOHvE3Y/4nEnUo4mTxPX9pOlinF+VCiybtV2
+u1KSlc+YaIM7VmuyndDZCJRXm3v0/qTE7t5A5fArZl9lvibigMbWB8fpD+c1GpGH
+Eo8NRY0lkaM+DkIqQoaziIsz3IKJrfdKaq9bQMSlIfameKBZ8fNYTBZrH9KZAIhz
+YwIDAQABo4IBfjCCAXowHQYDVR0OBBYEFIf6nt9SdnXsSUogb1twlo+d77sXMB8G
+A1UdIwQYMBaAFIf6nt9SdnXsSUogb1twlo+d77sXMA8GA1UdEwEB/wQFMAMBAf8w
+DgYDVR0PAQH/BAQDAgEGMIIBFQYDVR0RBIIBDDCCAQiCEWh0dHA6Ly93d3cuYW5m
+LmVzgQtpbmZvQGFuZi5lc6SB5TCB4jE0MDIGA1UECQwrR3JhbiBWaWEgZGUgbGVz
+IENvcnRzIENhdGFsYW5lcy4gOTk2LiAwODAxODESMBAGA1UEBwwJQmFyY2Vsb25h
+MScwJQYDVQQKDB5BTkYgQXV0b3JpZGFkIGRlIENlcnRpZmljYWNpb24xEjAQBgNV
+BAUTCUc2MzI4NzUxMDFZMFcGA1UECwxQSW5zY3JpdGEgZW4gZWwgTWluaXN0ZXJp
+byBkZWwgSW50ZXJpb3IgZGUgRXNwYcOxYSBjb24gZWwgbnVtZXJvIG5hY2lvbmFs
+IDE3MS40NDMwDQYJKoZIhvcNAQEFBQADggIBADGB3clTJTMcaGs8j/NktDs2c7HI
+S3GApxTxog5JuUUUuOmA6Ju0BxXe+f4ZTi/Pb5IZSsBAoM4Gbfn8mkQyfh5BY7iS
+K3Fnzbl9GGF613eC3T+5Q4DI1lc6n8V+jVRIej9H4nMjH/wzbWmHZcKWA3L/fJXr
+s8iUrvRacyXx2FyCRUmqHgnca0VNOGt+obz1WUaOCmgWO8Ga06sylddooNLtOIHO
+vut26a583SDjFbstMWZfz+UD54Jmqr2KnTNmOHHWo/LzbtkErsZNMMlfNn7ri5ek
+1NHVrXOB8KaDszxQXxacwSMaXqpUU/X2Tx1DQK+Nb0mEBss9HQu0nfr2OeAxxxrc
+zt3fLv1Fsy2moQWCAQISMpIF149+VQAOoC5/u06yROCbBtMQniG8Ru8u2f+h5B2+
+IT3kJICXTanWfJST0WM3IOJ/efahqPaAMxkc669Zo3+Un9Zb9QfRmLkc/R3LHSFb
+QngpIwh04MnLhUaOMs4Y38uFUz8XHxJsW7pDxtMZdfGgEx94oNklvzrBP3rxeJxQ
+8FknN+Zaf2Lz2T4Q7srTH8ShMddMoiOCRFR5n3DbmamoCeyu5LxbZBud0M99RCoF
+f4Bov9yNQL8QqnP/ZtcwM2NjbfzYSPqDyt2l5e1oNGdbFewP7N+eaAHpltM7IdHE
+xJhqqSqPzE7W6RT9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBl
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
 d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
@@ -7237,6 +6310,102 @@ r/OSmbaz5mEP0oUA51Aa5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1
 gKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP82Z+
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIGQDCCBCigAwIBAgIIdPhg8eijj0EwDQYJKoZIhvcNAQELBQAwgasxCzAJBgNV
+BAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDE8MDoGA1UECgwzTklTWiBOZW16ZXRp
+IEluZm9rb21tdW5pa8OhY2nDs3MgU3pvbGfDoWx0YXTDsyBacnQuMUswSQYDVQQD
+DEJGxZF0YW7DunPDrXR2w6FueWtpYWTDsyAtIEtvcm3DoW55emF0aSBIaXRlbGVz
+w610w6lzIFN6b2xnw6FsdGF0w7MwHhcNMTMwOTEzMTAyNzA0WhcNMzMwOTEzMTAy
+NzA0WjCBqzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MTwwOgYDVQQK
+DDNOSVNaIE5lbXpldGkgSW5mb2tvbW11bmlrw6FjacOzcyBTem9sZ8OhbHRhdMOz
+IFpydC4xSzBJBgNVBAMMQkbFkXRhbsO6c8OtdHbDoW55a2lhZMOzIC0gS29ybcOh
+bnl6YXRpIEhpdGVsZXPDrXTDqXMgU3pvbGfDoWx0YXTDszCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBALVCpWRI22SlN/gsuJkCUbmiKMT7cATE2WyKhvcP
+iRekhMIubE71/0TvW0MOiX83NaVbyOQjW68ZnFvtrNYALttjysNU2K9n1MtgRKJP
+z6Te/B8xZla34d04ilP8zyMVi4qH/Qkw5ZhHBA4Waa8JBbzH1JBFj2hjvoJYN/vY
+TG+lrBV3daWIZDhc0mUPUwXOlDCXb3qB6WSYEtEeSp/B8xfbGTYQObgBs7d4TbUM
+e16qTp25zV04/39J/rdIrwNCbL5kG2H5zmt6m1BxAPNXl8UBdBurySZZbHq/Cpdn
+lrWARUgBRpxAFORhOCFbiWTiBTYToCrO24gEhkQ13JM0WVdq7VNj+ovCGBY89HHH
+PgwaEeTODyDDFyOro38TVay0/5bYwC96CZvbHJaNpoz8oWqma9EMnTGsmjH6UvmJ
+OfovU/PpkS5Qjqq4pCWvG4vZalKIVwrDC5pxn7zKRYrpudWVwbbCztENaUo2PK6N
+rMt19pAhwwmXzi0SdmJe6w6Pcl8rm7DJChXz/s/3RIRGAf3PZuzQMJd8bazROMFG
+cgcXDj77MObLNNW1cxNFIQ4dGWtIFtrokakG0Og9b/qM0bj1mQPx69i1abu4iU9S
+Aqd+PtvsxZcGlftT6+DT58iPiJn/LreXmX2E81H9joND3vOv4DN0xBUcKRenSXPc
+wE7dAgMBAAGjZjBkMB0GA1UdDgQWBBTVqFEOeTByXrSsFg3TtevqwUvcOjASBgNV
+HRMBAf8ECDAGAQH/AgEDMB8GA1UdIwQYMBaAFNWoUQ55MHJetKwWDdO16+rBS9w6
+MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAYfZkTup7l8LCAtlZ
+MoBtgpKi+k2Cc2ZanYLSVWIw+CDNp9OJwcZzxNhdST3Ovgx6HchpbD367wD2gZqN
+O1VPDJ1W2afmTeZrsKK1oP7fXYNbqxHyaxivq2bbG8lLGvdE3fGcgqyaXqioqDGe
+3pzBQiKMxBOE5SxDBhspaTPX4AcCH6vuSZ7Xw4iuWRuXy/gbZWABzG3hQCAtSyEB
+7B4ssYFr3saM9TSwjMOb3lg+EU3oSEyHlu5aR0tCb57og0iCuZrpPET5UZNUq5RF
++aiVrqaIefXmkqhYIi7UlEwYuq39p4VaghNqva5bwCwZXdiTwN11QDNp2U4mCjaH
+pAEM4d+tDBkYX4jKNbEKe4EHZvl/Dy1tGYrk5IO7Qx1eT9LhKTjBH/Vco1Rg6/hD
+3uaVBJmH4cupJDp5LRpwZZ8RJ104LkUNW/gRWS4ONRNq16dUBP5S+EwV5gOZXLKH
+/KpGCPjTaAdgHC8nUnWTAtjd07GH1P2ZdnzB/AOq78eCSXr6+kvah9sFn1jib75j
++hqjNMHPukwiAAcFgF8F5gFzV9SR4dBh74Yo433MyjKX47NtvL/wCaAtxABUM20F
+h/SHJB2Fzd7DOzeg5Qiv44sBHbgdNmOiEOElK2xS4B3Gx/ZtneDHIuTdsIYupqOY
+ZTMgdlbbZ/DGXkOCwgptZNXejGw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEDjCCAvagAwIBAgIDD92sMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD
+QSAzIDIwMTMwHhcNMTMwOTIwMDgyNTUxWhcNMjgwOTIwMDgyNTUxWjBFMQswCQYD
+VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR8wHQYDVQQDDBZELVRSVVNU
+IFJvb3QgQ0EgMyAyMDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+xHtCkoIf7O1UmI4SwMoJ35NuOpNcG+QQd55OaYhs9uFp8vabomGxvQcgdJhl8Ywm
+CM2oNcqANtFjbehEeoLDbF7eu+g20sRoNoyfMr2EIuDcwu4QRjltr5M5rofmw7wJ
+ySxrZ1vZm3Z1TAvgu8XXvD558l++0ZBX+a72Zl8xv9Ntj6e6SvMjZbu376Ml1wrq
+WLbviPr6ebJSWNXwrIyhUXQplapRO5AyA58ccnSQ3j3tYdLl4/1kR+W5t0qp9x+u
+loYErC/jpIF3t1oW/9gPP/a3eMykr/pbPBJbqFKJcu+I89VEgYaVI5973bzZNO98
+lDyqwEHC451QGsDkGSL8swIDAQABo4IBBTCCAQEwDwYDVR0TAQH/BAUwAwEB/zAd
+BgNVHQ4EFgQUP5DIfccVb/Mkj6nDL0uiDyGyL+cwDgYDVR0PAQH/BAQDAgEGMIG+
+BgNVHR8EgbYwgbMwdKByoHCGbmxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQv
+Q049RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDEzLE89RC1UcnVzdCUyMEdt
+YkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MDugOaA3hjVodHRwOi8v
+Y3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18yMDEzLmNybDAN
+BgkqhkiG9w0BAQsFAAOCAQEADlkOWOR0SCNEzzQhtZwUGq2aS7eziG1cqRdw8Cqf
+jXv5e4X6xznoEAiwNStfzwLS05zICx7uBVSuN5MECX1sj8J0vPgclL4xAUAt8yQg
+t4RVLFzI9XRKEBmLo8ftNdYJSNMOwLo5qLBGArDbxohZwr78e7Erz35ih1WWzAFv
+m2chlTWL+BD8cRu3SzdppjvW7IvuwbDzJcmPkn2h6sPKRL8mpXSSnON065102ctN
+h9j8tGlsi6BDB2B4l+nZk3zCRrybN1Kj7Yo8E6l7U0tJmhEFLAtuVqwfLoJs4Gln
+tQ5tLdnkwBXxP/oYcuEVbSdbLTAoK59ImmQrme/ydUlfXA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWzCCBEOgAwIBAgIRAMrpG4nxVQMNo+ZBbcTjpuEwDQYJKoZIhvcNAQELBQAw
+WjELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczEcMBoGA1UECwwTMDAw
+MiA0ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQQ2VydGlnbmEgUm9vdCBDQTAeFw0x
+MzEwMDEwODMyMjdaFw0zMzEwMDEwODMyMjdaMFoxCzAJBgNVBAYTAkZSMRIwEAYD
+VQQKDAlEaGlteW90aXMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgxMDAwMzYxGTAX
+BgNVBAMMEENlcnRpZ25hIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
+ggIKAoICAQDNGDllGlmx6mQWDoyUJJV8g9PFOSbcDO8WV43X2KyjQn+Cyu3NW9sO
+ty3tRQgXstmzy9YXUnIo245Onoq2C/mehJpNdt4iKVzSs9IGPjA5qXSjklYcoW9M
+CiBtnyN6tMbaLOQdLNyzKNAT8kxOAkmhVECe5uUFoC2EyP+YbNDrihqECB63aCPu
+I9Vwzm1RaRDuoXrC0SIxwoKF0vJVdlB8JXrJhFwLrN1CTivngqIkicuQstDuI7pm
+TLtipPlTWmR7fJj6o0ieD5Wupxj0auwuA0Wv8HT4Ks16XdG+RCYyKfHx9WzMfgIh
+C59vpD++nVPiz32pLHxYGpfhPTc3GGYo0kDFUYqMwy3OU4gkWGQwFsWq4NYKpkDf
+ePb1BHxpE4S80dGnBs8B92jAqFe7OmGtBIyT46388NtEbVncSVmurJqZNjBBe3Yz
+IoejwpKGbvlw7q6Hh5UbxHq9MfPU0uWZ/75I7HX1eBYdpnDBfzwboZL7z8g81sWT
+Co/1VTp2lc5ZmIoJlXcymoO6LAQ6l73UL77XbJuiyn1tJslV1c/DeVIICZkHJC1k
+JWumIWmbat10TWuXekG9qxf5kBdIjzb5LdXF2+6qhUVB+s06RbFo5jZMm5BX7CO5
+hwjCxAnxl4YqKE3idMDaxIzb3+KhF1nOJFl0Mdp//TBt2dzhauH8XwIDAQABo4IB
+GjCCARYwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE
+FBiHVuBud+4kNTxOc5of1uHieX4rMB8GA1UdIwQYMBaAFBiHVuBud+4kNTxOc5of
+1uHieX4rMEQGA1UdIAQ9MDswOQYEVR0gADAxMC8GCCsGAQUFBwIBFiNodHRwczov
+L3d3d3cuY2VydGlnbmEuZnIvYXV0b3JpdGVzLzBtBgNVHR8EZjBkMC+gLaArhilo
+dHRwOi8vY3JsLmNlcnRpZ25hLmZyL2NlcnRpZ25hcm9vdGNhLmNybDAxoC+gLYYr
+aHR0cDovL2NybC5kaGlteW90aXMuY29tL2NlcnRpZ25hcm9vdGNhLmNybDANBgkq
+hkiG9w0BAQsFAAOCAgEAlLieT/DjlQgi581oQfccVdV8AOItOoldaDgvUSILSo3L
+6btdPrtcPbEo/uRTVRPPoZAbAh1fZkYJMyjhDSSXcNMQH+pkV5a7XdrnxIxPTGRG
+HVyH41neQtGbqH6mid2PHMkwgu07nM3A6RngatgCdTer9zQoKJHyBApPNeNgJgH6
+0BGM+RFq7q89w1DTj18zeTyGqHNFkIwgtnJzFyO+B2XleJINugHA64wcZr+shncB
+lA2c5uk5jR+mUYyZDDl34bSb+hxnV29qao6pK0xXeXpXIs/NX2NGjVxZOob4Mkdi
+o2cNGJHc+6Zr9UhhcyNZjgKnvETq9Emd8VRY+WCv2hikLyhF3HqgiIZd8zvn/yk1
+gPxkQ5Tm4xxvvq0OKmOZK8l+hfZx6AYDlf7ej0gcWtSS6Cvu5zHbugRqh5jnxV/v
+faci9wHYTfmJ0A6aBVmknpjZbyvKcL5kwlWj9Omvw5Ip3IgWJJk8jSaYtlu3zM63
+Nwf9JtmYhST/WSMDmu2dnajkXjjO11INb9I/bbEFa0nOipFGc/T2L/Coc3cOZayh
+jWZSaX5LaAzHHjcng6WMxwLkFM1JAbBzs/3GkDpv0mztO+7skb6iQ12LAEpmJURw
+3kAP+HwV96LOPNdeE4yBFxgX0b3xdxA61GU5wSesVywlVP+i2k+KYTlerj1KjL0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjET
 MBEGA1UEChMKQ2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAb
 BgNVBAMTFENlcnRpbm9taXMgLSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMz
@@ -7324,6 +6493,63 @@ QFH1T/U67cjF68IeHRaVesd+QnGTbksVtzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM
 94B7IWcnMFk=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx
+GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp
+bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w
+KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0
+BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy
+dW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYDVQQG
+EwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXll
+IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU
+QUsxLTArBgNVBAsTJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT
+TTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11IFNNIFNTTCBLb2sgU2VydGlmaWthc2kg
+LSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3UwM6q7
+a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y86Ij5iySr
+LqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INr
+N3wcwv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2X
+YacQuFWQfw4tJzh03+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/
+iSIzL+aFCr2lqBs23tPcLG07xxO9WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4f
+AJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQUZT/HiobGPN08VFw1+DrtUgxH
+V8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL
+BQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh
+AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPf
+IPP54+M638yclNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4
+lzwDGrpDxpa5RXI4s6ehlj2Re37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c
+8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0jq5Rm+K37DwhuJi1/FwcJsoz7UMCf
+lo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFbDCCA1SgAwIBAgIQDLMPcPKGpDPguQmJ3gHttzANBgkqhkiG9w0BAQsFADBQ
+MQswCQYDVQQGEwJVUzEYMBYGA1UEChMPV0ZBIEhvdHNwb3QgMi4wMScwJQYDVQQD
+Ex5Ib3RzcG90IDIuMCBUcnVzdCBSb290IENBIC0gMDMwHhcNMTMxMjA4MTIwMDAw
+WhcNNDMxMjA4MTIwMDAwWjBQMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPV0ZBIEhv
+dHNwb3QgMi4wMScwJQYDVQQDEx5Ib3RzcG90IDIuMCBUcnVzdCBSb290IENBIC0g
+MDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCsdEtReIUbMlO+hR6b
+yQk4nGVITv3meYTaDeVwZnQVal8EjHuu4Kd89g8yRYVTv3J1kq9ukE7CDrDehrXK
+ym+8VlR7ro0lB/lwRyNk3W7yNccg3AknQ0x5fKVwcFznwD/FYg37owGmhGFtpMTB
+cxzreQaLXvLta8YNlJU10ZkfputBpzi9bLPWsLOkIrQw7KH1Wc+Oiy4hUMUbTlSi
+cjqacKPR188mVIoxxUoICHyVV1KvMmYZrVdc/b5dbmd0haMHxC0VSqbydXxxS7vv
+/lCrC2d5qbKE66PiuBPkhzyU7SI9C8GU/S7akYm1MMSTn5W7lSp2AWRDnf9LQg51
+dLvDxJ7t2fruXtSkkqG/cwY1yQI8O+WZYPDThKPcDmNbaxVE9lOizAHXFVsfYrXA
+PbbMOkzKehYwaIikmNgcpxtQNw+wikJiZb9N8VwwtwHK71XEFi+n5DGlPa9VDYgB
+YkBcxvVo2rbE3i3teQgHm+pWZNP08aFNWwMk9yQkm/SOGdLq1jLbQA9yd7fyR1Ct
+W1GLzKi1Ojr/6XiB9/noL3oxP/+gb8OSgcqVfkZp4QLvrGdlKiOI2fE7Bslmzn6l
+B3UTpApjab7BQ99rCXzDwt3Xd7IrCtAJNkxi302J7k6hnGlW8S4oPQBElkOtoH9y
+XEhp9rNS0lZiuwtFmWW2q50fkQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUZw5JLGEXnuvt4FTnhNmbrWRgc2UwDQYJ
+KoZIhvcNAQELBQADggIBAFPoGFDyzFg9B9+jJUPGW32omftBhChVcgjllI07RCie
+KTMBi47+auuLgiMox3xRyP7/dX7YaUeMXEQ1BMv6nlrsXWv1lH4yu+RNuehPlqRs
+fY351mAfPtQ654SBUi0Wg++9iyTOfgF5a9IWEDt4lnSZMvA4vlw8pUCz6zpKXHnA
+RXKrpY3bU+2dnrFDKR0XQhmAQdo7UvdsT1elVoFIxHhLpwfzx+kpEhtrXw3nGgt+
+M4jNp684XoWpxVGaQ4Vvv00Sm2DQ8jq2sf9F+kRWszZpQOTiMGKZr0lX2CI5cww1
+dfmd1BkAjI9cIWLkD8YSeaggZzvYe1o9d7e7lKfdJmjDlSQ0uBiG77keUK4tF2fi
+xFTxibtPux56p3GYQ2GdRsBaKjH3A3HMJSKXwIGR+wb1sgz/bBdlyJSylG8hYD//
+0Hyo+UrMUszAdszoPhMY+4Ol3QE3QRWzXi+W/NtKeYD2K8xUzjZM10wMdxCfoFOa
+8bzzWnxZQlnu880ULUSHIxDPeE+DDZYYOaN1hV2Rh/hrFKvvV+gJj2eXHF5G7y9u
+Yg7nHYCCf7Hy8UTIXDtAAeDCQNon1ReN8G+XOqhLQ9TalmnJ5U5ARtC0MdQDht7T
+DZpWeEVv+pQHARX9GDV/T85MV2RPJWKqfZ6kK0gvQDkunADdg8IhZAjwMMx3k6B/
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBN
 MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
 VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcN
@@ -7386,6 +6612,40 @@ mUlO+KWA2yUPHGNiiskzZ2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A
 7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7RcGzM7vRX+Bi6hG6H
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIF8TCCA9mgAwIBAgIIVE2lvEA1VlowDQYJKoZIhvcNAQELBQAwgYUxCzAJBgNV
+BAYTAlBUMUIwQAYDVQQKDDlNVUxUSUNFUlQgLSBTZXJ2acOnb3MgZGUgQ2VydGlm
+aWNhw6fDo28gRWxlY3Ryw7NuaWNhIFMuQS4xMjAwBgNVBAMMKU1VTFRJQ0VSVCBS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IDAxMB4XDTE0MDQwNDA4NTk0N1oX
+DTM5MDQwNDA4NTk0N1owgYUxCzAJBgNVBAYTAlBUMUIwQAYDVQQKDDlNVUxUSUNF
+UlQgLSBTZXJ2acOnb3MgZGUgQ2VydGlmaWNhw6fDo28gRWxlY3Ryw7NuaWNhIFMu
+QS4xMjAwBgNVBAMMKU1VTFRJQ0VSVCBSb290IENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5IDAxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAztw/9BluuxVp
+hvTkzec6cDvHmos7gwCBW/sgFlq+v1gAXynmV29+iiwVB1waY4xCXxbd2omERVcX
+lqCcoXUiQRo6/cUXkRP2vmIKvG4lLVvAjBBm9+LW+9xIMaMaqOVNSMmiHHP+j2ZA
+Y3dZBzw9FJ/U94WR0MNC9Rths3eAgCptEgKWi1HZwW8nCxoHNAD/0llMKejXGWPY
+kbQ//I4OJfKhEgdlyjXeq/4WowiMr39+EvRZFgUf6K10eTL3eAK2tMyr2x44YQQZ
+ekFA2loRZHUC/WTR1pRCDyLnZc2vkA4MWzEBmVHvRYx9pTjannxL5Kbos6SC1gM0
+Lk+3Uat3OAn1Bv7cZhsPP/p974xVvuANhpWh3L3EwwjRRR7yvb5w8eYmxrsIsSil
+wqXtiNahwPsj8Sc5zOGEBxm8fvbMOP9uELtG6SOJJIH/AOJRANxSUH0TUH0WPUCN
+07/5imXYYhIpd8K6wkk0T4p5aclLFfM03s+vhuLlyKlWYUwGVFrFbBnq88hEzSQa
+dtFxAFlr2XWbzv0Q/rGDoqW3koZ2m0r3HdyMhaZYrYqmaGkXyW0bps8nSyks3XFC
+GokQ5dWbEl9Ji4S82Ahc+884Qq++0W57kapmQMUFfivQZrbH31L+9EVtI5IhnhIB
+kHOD4qUJDdfA+IWVHmPRPzXalNE32fUCAwEAAaNjMGEwHQYDVR0OBBYEFNU5HJxb
+bwSqopVM7yDdKXSkxUVxMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU1Tkc
+nFtvBKqilUzvIN0pdKTFRXEwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUA
+A4ICAQA/51/zIhbeg54g5ILn5Z53yfsrsHQN3xt0Ig9zEKGwF+xMDNQocGpmckRp
+EJN2Nc8v+I88qxl8cZKVcRs3FcIbKHrvbng43/uPmwEg3K/21o0JZtrERqn8lapE
+IxLfR8CwFey1sZ5sD5GqpjrlwQ1gbFBAcFxcyM6zzOvtqogZVqWkyAx65XZAZzO0
+PZbcd8sjePlTW8+N3rGnjlp6ojJjo4jXJWFaXUk6cubPqpSGbG73guCOZ5MoxagN
+Te84rXlKZo2EAQgEefNSxkHnmmIGs/USHuzZAEPT65Z3dOF5+RSUhG26VIIFjN8B
+8jCIgax6L4tDLHY0zjXnh45OCwqlGlexU1q/a9i+AH7G+e5mMQix35QzhJx3T3tk
+L++OD1koIsvwXD4r/TXWlf8D7GVSfr7yGfh71VIsUneakWZBcI3VSecLSH+Krt5F
+Pd3+5tLkksN7zjCgSW43rajTLLY9niHbBlfi8K4G+9nFETehe9sdEXxodiA+9byl
+2Wa1Ia1FJsZdHgKjQcTUfYEZyxeXBg/m7HQARsR13T3wQzSvprz89oL7z8X6sw8l
+pT9mENaegqXbOhN53o2p16aNhtIv2WkN4nV4fklfIquGcChRs3q2oHn61OWDp7B3
+ytsBgu/ivk0v08BN0ONpbnwmm+um+0XvsQSKL6ohBvbm1LxBIw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIFkjCCA3qgAwIBAgIIAeDltYNno+AwDQYJKoZIhvcNAQEMBQAwZzEbMBkGA1UE
 AwwSQXBwbGUgUm9vdCBDQSAtIEcyMSYwJAYDVQQLDB1BcHBsZSBDZXJ0aWZpY2F0
 aW9uIEF1dGhvcml0eTETMBEGA1UECgwKQXBwbGUgSW5jLjELMAkGA1UEBhMCVVMw
@@ -7431,4 +6691,2893 @@ MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2gA
 MGUCMQCD6cHEFl4aXTQY2e3v9GwOAEZLuN+yRhHFD/3meoyhpmvOwgPUnPWTxnS4
 at+qIxUCMG1mihDK1A3UT82NQz60imOlM27jbdoXt2QfyFMm+YhidDkLF1vLUagM
 6BgD56KyKA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFUTCCAzmgAwIBAgIIAPtxJlitmeUwDQYJKoZIhvcNAQELBQAwNjEWMBQGA1UE
+AwwNQ0FFRElDT00gUm9vdDEPMA0GA1UECgwGRURJQ09NMQswCQYDVQQGEwJFUzAe
+Fw0xNDA1MjExMTA2MzVaFw0zNDA1MjExMDIwMDBaMDYxFjAUBgNVBAMMDUNBRURJ
+Q09NIFJvb3QxDzANBgNVBAoMBkVESUNPTTELMAkGA1UEBhMCRVMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQDbgMroSXTH0zgu8cUjYvw2jC8efjkL6Qb0
+VZulmCmU7YZHMoPzxZJ6BdcpAj4Wwyh/NWQpenm7oeIeYRSN5wDQ3KJUZYrfablx
+R384OBZGp2kxETVM4Sp//21PlT3jXUhNGVMIWmsh1RIwaZeQry3B9X9BX0k2j024
+HhqVX9oPb1wVNcQRvF+Fm72tO1Veu9/Ou69cmWDdH2kaSUgh+QkKz3Kn8PLe5XgZ
+vhLdzYd5Qc4vRdcLkRARBB4SnfI4A18Waa6gCtrA+eugDRgPeV6RneQfFJw0ExkC
+RLpRw+55smAUo6+8SC0oOGgBQ2TKDoaDYtCKGaYn8St7SykhW5rMaEIQyEtPDyOy
+iHzEXG4XcMV3r5XAJaQiCtN8+dhyyNAtvafo0i2LTKFuCvy0QDO7mmv8pOrJ/uA0
+iEPMxrw/ddKlqa/6l7k+t85UoE3AXS7BKNhjVHK4rFr1OvsgYQY69KArOKvMgwxJ
+1G4+bQ8+cy825vNPs8AA0UVJW4z2o5gdhH+ZCsPqCjzD0yR4SGf1GzsOHQ5DsQR1
+waA5dov22QKlHeGeWwe7NldKIU35iWm0bA/Xr6AVJJnn+NdTlOwSv6Sl1+3ujjV3
+d9ymfyBUktZj1nKeTSq2j3PzGaHEsB/mNKMLAD6XSSdhqqoEQTM4tVBRzDYV2x//
+vcpIg0inswIDAQABo2MwYTAdBgNVHQ4EFgQUFM0qWXhjq2EZ6Lg9oeBawHXn+csw
+DwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBQUzSpZeGOrYRnouD2h4FrAdef5
+yzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAD0JGQC2kQJs7A73
+4eJisL8zDf1VEvQImvcrLa73nEfYHwYBE7WO57KCCz2EWUPUB9grXBB6JCzKjejV
+ozmcMczr4Drh1b/Px4d7YP9HOdejRNYIJlvPWlTsiNOOD3k8yKNPpsKOJ/DeEq5e
+Ga3nIlaKWDLg+QbQqSq0NZsMhiZRAJRHUPylxCVh+VjwRXAuSXZ/EdZvtfkpBeEN
+w05YH68d7DfQSvkGBoHT26CWuA6RMHnmUN+IuAupXNQH9MmozH2Pk2MJZAAFKmhm
+Q7uiu/6VrvnEpQqIYkh4JXwqPxFkptMiIEedMtby48ikYXTngsJEuqDRXV+88UQO
+g08cUIXE6eds/Oa4VeGiGoC3kESnhCKXRyLeqzg3z7XyHD5CcLt1tmUoa8t/gjWq
+9vMgeChzB5YwcKUqcVyheaQWuUY9XrQASYWJ0w7fga5YjVjW4cVEeC4cILuiR5e/
+dhQ7qSiPnwt10qE87SvHjpCheqKZMGL8hR01czvztVkiG80IsQyddWrbhTsOh58y
+T5IAAQFMSWiCgEFs+f1xvYv0eApgo56xUh3AiuOexb8rGWqYp7HeFVCfqpQlj6mA
+gqdyuklkCSdhK268IygzXZ5u8Lm9IDKM3aALmbu0hAQkdSmW96elF7hRBet0rVF5
+lvy7+98JLQiSRM7A0rMYxxQivyHx
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUA
+MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy
+dHBsdXMgUm9vdCBDQSBHMTAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBa
+MD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2Vy
+dHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+ANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHNr49a
+iZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt
+6kuJPKNxQv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP
+0FG7Yn2ksYyy/yARujVjBYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f
+6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTvLRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDE
+EW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2z4QTd28n6v+WZxcIbekN
+1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc4nBvCGrc
+h2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCT
+mehd4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV
+4EJQeIQEQWGw9CEjjy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPO
+WftwenMGE9nTdDckQQoRb5fc5+R+ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1Ud
+DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSowcCbkahDFXxd
+Bie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHYlwuBsTANBgkq
+hkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh
+66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7
+/SMNkPX0XtPGYX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BS
+S7CTKtQ+FjPlnsZlFT5kOwQ/2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j
+2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F6ALEUz65noe8zDUa3qHpimOHZR4R
+Kttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilXCNQ314cnrUlZp5Gr
+RHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWetUNy
+6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEV
+V/xuZDDCVRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5
+g4VCXA9DO2pJNdWY9BW/+mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl
+++O/QmueD6i9a5jc2NvLi6Td11n0bt3+qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUA
+MEAxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9w
+ZW5UcnVzdCBSb290IENBIEcyMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAw
+MFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwU
+T3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+Ntmh
+/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78e
+CbY2albz4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/6
+1UWY0jUJ9gNDlP7ZvyCVeYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fE
+FY8ElggGQgT4hNYdvJGmQr5J1WqIP7wtUdGejeBSzFfdNTVY27SPJIjki9/ca1TS
+gSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz3GIZ38i1MH/1PCZ1Eb3X
+G7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj3CzMpSZy
+YhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaH
+vGOz9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4
+t/bQWVyJ98LVtZR00dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/
+gh7PU3+06yzbXfZqfUAkBXKJOAGTy3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAO
+BgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUajn6QiL3
+5okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59M4PLuG53hq8w
+DQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz
+Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0
+nXGEL8pZ0keImUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qT
+RmTFAHneIWv2V6CG1wZy7HBGS4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpT
+wm+bREx50B1ws9efAvSyB7DH5fitIw6mVskpEndI2S9G/Tvw/HRwkqWOOAgfZDC2
+t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ6e18CL13zSdkzJTa
+TkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97krgCf2
+o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU
+3jg9CcCoSmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eA
+iN1nE28daCSLT7d0geX0YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14f
+WKGVyasvc0rQLW6aWQ9VGHgtPFGml4vmu7JwqkwR3v98KzfUetF3NI/n+UL3PIEM
+S1IK
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4x
+CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs
+dXMgUm9vdCBDQSBHMjAeFw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4x
+CzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBs
+dXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABM0PW1aC3/BFGtat
+93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uNAm8x
+Ik0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0P
+AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwj
+FNiPwyCrKGBZMB8GA1UdIwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqG
+SM49BAMDA2gAMGUCMHD+sAvZ94OX7PNVHdTcswYO/jOYnYs5kGuUIe22113WTNch
+p+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjlvPl5adytRSv3tjFzzAal
+U5ORGpOucGpnutee5WEaXw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAx
+CzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5U
+cnVzdCBSb290IENBIEczMB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFow
+QDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9wZW5UcnVzdDEdMBsGA1UEAwwUT3Bl
+blRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARK7liuTcpm
+3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5Bta1d
+oYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4G
+A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5
+DMlv4VBN0BBY3JWIbTAfBgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAK
+BggqhkjOPQQDAwNpADBmAjEAj6jcnboMBBf6Fek9LykBl7+BFjNAk2z8+e2AcG+q
+j9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta3U1fJAuwACEl74+nBCZx
+4nxp5V2a+EEfOzmTk51V6s2N8fvB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDWjCCAkKgAwIBAgIBMTANBgkqhkiG9w0BAQsFADA+MQswCQYDVQQGEwJKUDEO
+MAwGA1UEChMFTEdQS0kxHzAdBgNVBAMTFkFwcGxpY2F0aW9uIENBIEczIFJvb3Qw
+HhcNMTQwNjAzMTUwMDAwWhcNMzQwNjAzMTQ1OTU5WjA+MQswCQYDVQQGEwJKUDEO
+MAwGA1UEChMFTEdQS0kxHzAdBgNVBAMTFkFwcGxpY2F0aW9uIENBIEczIFJvb3Qw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNRT730ZYiXJEvPgoAA8y2
+92xU/Cg31AQY7K2Yya/Tpbnn2b9O5qOZPJluoSAeRhvidVW80uz2iBrsNEVLg53T
+subdB4nBCNn4O4uSZHJdmjvMrTeJx9xgeQjgcKz3K+2fA0kfjj6DqG7iklxU0Xnf
+7Bg6fbhtj9ajJU2tH0CmX9SqTrFwGFmZ8gtUaT55KESI93GXzX8F3MrcdkqQTGtg
+6PomMdi1+Of8bYskarbvQtcjVMUaY4o7x/yqbTyPy2zaILDyvGUcAUwilQ0cIx+s
+1fnOdVvqML1MASQfddRhScMbmWWOCFw5OM0pwzhFzWR5t5tNR+pYMvqm9pLwwbdf
+AgMBAAGjYzBhMB0GA1UdDgQWBBSpNSpIviw37YbbfFWHACa+GC1cLjAOBgNVHQ8B
+Af8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBSpNSpIviw37Ybb
+fFWHACa+GC1cLjANBgkqhkiG9w0BAQsFAAOCAQEAtoK9xUbQcYulkT1+LVr5nIR9
+ByeVHedNyHzs5pPoVhp6MEg7DPpO9Qmyr4itlOz9sq0v5gV0IRuEizgqw+3vRmi1
+3VL6cMJ1T/+jQS48F5RMCSK0jsF/xKas7YNoz2Ve7Hq9xWbu0KN/8lexCMJ5cOty
+f0FZCXl18byxIf6Ds0Q9iaO+sXrYncMf5sRU4Y3l2FDc5FY3e74oAPMsd9ojf2CY
+PQUW8nhprZnDOnRsPpqylO2PqvZTa+fIt+g8jPvHfE8ZXaRmFel/h6DQ1a0gpEYJ
+RazlyGWHuwbf/NdoVkNzogCZMpLCDqAcDpG9lVi8k5+EwqVm52XNKeJi8gWSYA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDNTCCAh2gAwIBAgIBATANBgkqhkiG9w0BAQsFADA8MQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNQ2lzY28gU3lzdGVtczEVMBMGA1UEAxMMQ2lzY28gUlhDLVIyMB4X
+DTE0MDcwOTIxNDY1NloXDTM0MDcwOTIxNDY1NlowPDELMAkGA1UEBhMCVVMxFjAU
+BgNVBAoTDUNpc2NvIFN5c3RlbXMxFTATBgNVBAMTDENpc2NvIFJYQy1SMjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtCMXsK05wqTce60mQGZLAIL8wT
+6i02PnfuPth2FAGDwUtPL4jLHBJW8uVJJEBLom3pyhPpc/jaqd1g6dddKxwK4Y2L
+vHW/c1j86IMqjXLeE9//u58xND+hiOhBx1QQpO+BFe4jpQW6NRKYqWlz7G5aPO+M
+fk3zDWEnEWRpoisf2jNOnNYVqRQdEY4+xZ9NHTsATS3NbAGFADRi7Vx0C6dSieI+
+CtNsTRG6dMU8x8/IX40VzREyPtIqMSWtGwuz0xk6KayB1ADYuBW8mH5jfufIOLn1
+/XSgVz7flasyfJ8iKbW1eoIgpGNyXJGBI39iPWTYZswh+Ok7swZskj0mPzECAwEA
+AaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE
+FJByBGD93fqE7I5aBFj3z/vDcgkWMA0GCSqGSIb3DQEBCwUAA4IBAQCBDfRhZWOb
+blcaSjp0A8tREiYjHaDW9oR6Pk3xd5SMYE2axpy45nFjbfXCr9HTBz+mi8SrunUw
+P4lzgv+P+EyyT/Kmt6KRrm2z+CPr6JUaexYgsennNi/TRmiqdWRXY4gyrYSsCgJB
+jw3A7srAUvZSma6JEiP2E4skx3KVHmliwyBaK04KSkKKwY4b+oQIZVq2cgySm2bB
+1q2+SMI5jMk9pRUh0anImbDyZPCARsIQuhUD5MOSYh+GiG7oTurvsf70H1RxuZrQ
+/RwhDKseClSVWzBiLtiDW3LOAo5UNjqyQAZgZcS1yhAsGcsPXB7eel783IZDbq7Q
+kK4RSUNGApEO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFmTCCA4GgAwIBAgIIcYwvOXxAdEAwDQYJKoZIhvcNAQELBQAwWjELMAkGA1UE
+BhMCR1IxGzAZBgNVBAoMEkJZVEUgQ29tcHV0ZXIgUy5BLjEuMCwGA1UEAwwlQllU
+RSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IDAwMTAeFw0xNDA5MTAyMjAx
+NTRaFw0zOTA5MTAyMjAxNTRaMFoxCzAJBgNVBAYTAkdSMRswGQYDVQQKDBJCWVRF
+IENvbXB1dGVyIFMuQS4xLjAsBgNVBAMMJUJZVEUgUm9vdCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eSAwMDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDt
+Ei4Xc55v9POZ6J4IVwk0JBFAH4whfhuvOMPRx+YU5fobul5m9SVp9+3NboJwr7pC
+8LEZXCv8RYQYLHoXT2GFRhl8zsGNn1SedyVmD+D2+JLKKc4nVxUqbII4bSfmvk1z
+DnOv43E9vAlCD9UNoe19a673wfBszcKXoVj9NRWWF0yfv/XxOUtwt+dKbBw/wXBb
+z9aL6+9vMOhfyEZ3IWIWXsZURTn1dLpnJGilcVs+wfsJk+simfjS9XsCbI9Y4qvv
+3XQh5CRplEDWwQQYDthC8P3XigXAXxuK6y7ADQcGcwGFjh/BwIqhWKZRuViRQg9u
+4bwK6LsogxV15Q3+STApKULCwjb/pDx9Lvfa8qIvFrxhqJlYGKRJxmoHEusbfLTO
+5/shgCtwpsjOrVUeHx2E0P1UakxWY8jdfqD5OdvvfFr3jDWlbipW+v7jX5NUcg5o
+40krk001IpcUlWZPp3c6LiVM9gmLEhtxxXKnm7m86xygpclUg2HcV1WttebaeCt2
+p/742/6MM6SKo0ZcrbIKEg6K5FCe8LjLmVNMZCFrijgq4IiGANQXrGay574tOynl
++KeU24xY+NJLMJ/yxGJlUEdygM+kcEC2vUT+2b8oKy43x7NRDoIptbFvrX4sk8Cp
+f5H6xx818LuXyU9hKJCEQeh9IUDFyYY87ZqthZyiUwIDAQABo2MwYTAdBgNVHQ4E
+FgQUtE1mt9OzyJl8ATLQkTr31qgSMd4wDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSME
+GDAWgBS0TWa307PImXwBMtCROvfWqBIx3jAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI
+hvcNAQELBQADggIBABwa6wauVb07PzYsYZ7qx1P8cKoyb+RCquu9hewbilrylZYp
+oQQGks4kV/9AI3hOyfgwTUJVRE43on1rjmj+Dv5/37CfY1Hz4cWllJ+KIyhI80GL
+0v547dnQCA9tfdWdlazV/hJmGuS+dVTz0U2cThPUnnA0bai6CjOIja0FN/5LeX99
+A0F5Ew2fPfc4nDVaRE8+PKLlgcV/X3ZPGztub5ptt+0PyzIfiLRFDJwR0vgEWhM3
+WZiBzkz05ZQoBMS1U8lUjXA/aAHbzBMK5CWjbJntELN6IKlJvAX0+Bto1rogHYJn
+ZuCwn1zKNdJFrtWIGdt6BpuMoDeHUSO+Rdpcs39rz8aoHDOKex2R+p687H07RRVP
+G6c7NbR581uCUOCcp+0WddtjgGKh2hgCaoDegqpETUQ4KKpu+hhjOWD3QylJWrok
+wL+zCpcdZ0laIrJnBJxYqfgMNFxAlrSHtUVhGeWO7wbekRXAuIrKlMkKdX1xO1iB
+M8j3B0FVmClDtcuaQ+ly+s/wizG85++5auNBnSE+DRWohb0bToeOR7IQ/jcYaoTl
+iRwUY+i5g6m1u+hjmnoZjMt09/gXCPGLGdi07B5uSXM/XCDdNSqWd+lGbxY7y6nv
+mwohEcjDpMkjRW0/YpWd0yjHnQ+z/jeNHUiyUOYluU4zYTbWFhzKMjcgdhws
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGAzCCA+ugAwIBAgIQL9Z6QyKTMpBF6VM0PuJ0ZjANBgkqhkiG9w0BAQsFADCB
+kzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl
+ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjE9MDsGA1UEAxM0
+TWljcm9zb2Z0IFRpbWUgU3RhbXAgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkg
+MjAxNDAeFw0xNDEwMjIyMjA4NTdaFw0zOTEwMjIyMjE1MTlaMIGTMQswCQYDVQQG
+EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG
+A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMT0wOwYDVQQDEzRNaWNyb3NvZnQg
+VGltZSBTdGFtcCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDE0MIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArgHUXaBYyu3ozOE3RkYQW3rEUrgL
+WI8FPV2prVHiA4ngBhL4AnhrXgRQz7bWBAxUHnk3IDzjfmMdRXeYFB2+diLcWqo/
+5G9AYiRjyDzATIcoPWt4a5g5lRpBf3NR/gf8FHzzj4QJ4fjCL6FOvTl9zGNniQyA
+BM2wgskAiz4JhwOdwnlCxFwhkSuVGmw1R2zIvzwKTur2hXDVxV/BnkfbXMIyYVoI
+1nGdLIGffri+baHYZkNpCuTzcvCRSyhgqNXj3YSuKGVVn4QrSnXtJKYsdTHUhXd0
+8oBVAmNB8nAI9MjCU5HbFAdlIAmB5orXmw/KDNcbX/3R5XSFXBD7msmmK55Dlsxb
+cnPQD1WZhxgbPfgpeLBv0XS85SC6Q4sUOGlkoXMPwRYpeU+bhSlosT6ZKo+y3EcG
+zd/Q6yLcHlccflmQJaMDgr6Myx2buY0quKEQ5/qtFv7s5VPGrcCXfESbgfN6pvn/
+rvqsF6mmYL1nPHlshQtVrzHEw1mQDqHVfEg5i63juw7k5frf/dqdnltvGzIOpjfT
+qqosBBdl08ZORyStglCZQSvWs+cmWrE1m+ZxVeHIb6JEHchchPz5eAF2wT53k/Ki
+lOHacDDsZAquoqEdP4NDc0DS4IlwWa+NLtTUIQphpPT3I4ZDgCiyHEMMRdr8Bvgl
+QAd1aXjjphOD15cCAwEAAaNRME8wCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMB
+Af8wHQYDVR0OBBYEFMvR8s5I/QGf6laqV9F+mVj4P//gMBAGCSsGAQQBgjcVAQQD
+AgEAMA0GCSqGSIb3DQEBCwUAA4ICAQAT2NPko9gmzv07R++AvvujloXafZWcKQBi
+Rr5ICsoU7B1Osh71zkavWQEQOP3iZQu/+A/mddncM8qD764gV30n+shcID4Lhiy8
+EnYDXNMhU6DPPvdFGSIPbiE3xmiHxJwpVaOQ6KkevrNB549H6R00xWQkW0wy7Laa
+DLhW4AbkQIvyEAf6jo5mIOYcS+Slo7suBulFe57J/5SKV8Fpo11lWN20wmNKpt1j
+MRiv7RYY2sFqPx/Sqpa2YW/Vgym0eWbBwVADHNDqLsa6z8aYbdYbxs4QsMnxQxor
+1/8VNIY72Uo8bT4juwI9zlTDSiXvRjx5W46zwiqCEkVSlsIJ1Ep4nt1vn/mfcEqa
+o03vLfqqlvq0fdY2l87w2HzSL1ZUCgBg0DyOaOLNKao9LiCDy7JVRqDfuJF5KJJB
+Dv4mOEN103el3YdS8U2dv9yjLfIeD0kspRGwijYTObD1G5J3tIPdmJ4Fr6CjCdDf
+HXaYQkQBc7CyqTtS5bZvq4zy1Rcpf2/45aM0625FkkhNAlW2N6ECsTTfx7KSPQK9
+NxoG4aGAjpIlMc72geeu5ZIXrFnEkqzfyCwnUkIeJh14h7lOi/dHescBcNWhyQui
+Igg4/MqowjtT3As2O+Gjyq33tgjDE1WvAzpptOmk0S3NZ9TDQspjX56ApOxjbHLE
+WOUH+pb4jQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFiDCCA3CgAwIBAgIIfQmX/vBH6nowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA1MTMxNVoXDTQwMTIzMTE1NTk1OVowYjELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMR8w
+HQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA2aMW8Mh0dHeb7zMNOwZ+Vfy1YI92hhJCfVZmPoiC7XJj
+Dp6L3TQsAlFRwxn9WVSEyfFrs0yw6ehGXTjGoqcuEVe6ghWinI9tsJlKCvLriXBj
+TnnEt1u9ol2x8kECK62pOqPseQrsXzrj/e+APK00mxqriCZ7VqKChh/rNYmDf1+u
+KU49tm7srsHwJ5uu4/Ts765/94Y9cnrrpftZTqfrlYwiOXnhLQiPzLyRuEH3FMEj
+qcOtmkVEs7LXLM3GKeJQEK5cy4KOFxg2fZfmiJqwTTQJ9Cy5WmYqsBebnh52nUpm
+MUHfP/vFBu8btn4aRjb3ZGM74zkYI+dndRTVdVeSN72+ahsmUPI2JgaQxXABZG12
+ZuGR224HwGGALrIuL4xwp9E7PLOR5G62xDtw8mySlwnNR30YwPO7ng/Wi64HtloP
+zgsMR6flPri9fcebNaBhlzpBdRfMK5Z3KpIhHtmVdiBnaM8Nvd/WHwlqmuLMc3Gk
+L30SgLdTMEZeS1SZD2fJpcjyIMGC7J0R38IC+xo70e0gmu9lZJIQDSri3nDxGGeC
+jGHeuLzRL5z7D9Ar7Rt2ueQ5Vfj4oR24qoAATILnsn8JuLwwoC8N9VKejveSswoA
+HQBUlwbgsQfZxw9cZX08bVlX5O2ljelAU58VS6Bx9hoh49pwBiFYFIeFd3mqgnkC
+AwEAAaNCMEAwHQYDVR0OBBYEFOLJQJ9NzuiaoXzPDj9lxSmIahlRMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDRSVfg
+p8xoWLoBDysZzY2wYUWsEe1jUGn4H3++Fo/9nesLqjJHdtJnJO29fDMylyrHBYZm
+DRd9FBUb1Ov9H5r2XpdptxolpAqzkT9fNqyL7FeoPueBihhXOYV0GkLH6VsTX4/5
+COmSdI31R9KrO9b7eGZONn356ZLpBN79SWP8bfsUcZNnL0dKt7n/HipzcEYwv1ry
+L3ml4Y0M2fmyYzeMN2WFcGpcWwlyua1jPLHd+PwyvzeG5LuOmCd+uh8W4XAR8gPf
+JWIyJyYYMoSf/wA6E7qaTfRPuBRwIrHKK5DOKcFw9C+df/KQHtZa37dG/OaG+svg
+IHZ6uqbL9XzeYqWxi+7egmaKTjowHz+Ay60nugxe19CxVsp3cbK1daFQqUBDF8Io
+2c9Si1vIY9RCPqAzekYu9wogRlR+ak8x8YF+QnQ4ZXMn7sZ8uI7XpTrXmKGcjBBV
+09tL7ECQ8s1uV9JiDnxXk7Gnbc2dg7sq5+W2O3FYrf3RRbxake5TFW/TRQl1brqQ
+XR4EzzffHqhmsYzmIGrv/EhOdJhCrylvLmrH+33RZjEizIYAfmaDDEL0vTSSwxrq
+T8p+ck0LcIymSLumoRT2+1hEmRSuqguTaaApJUqlyyvdimYHFngVV3Eb7PVHhPOe
+MTd61X8kreS8/f3MboPoDKi3QWwH3b08hpcv0g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBt
+MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
+Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i
+YWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAwMzJaFw0zOTEyMDExNTEwMzFaMG0x
+CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBG
+b3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2Jh
+bCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3
+HEokKtaXscriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGx
+WuR51jIjK+FTzJlFXHtPrby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX
+1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNk
+u7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4oQnc/nSMbsrY9gBQHTC5P
+99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvgGUpuuy9r
+M2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUB
+BAMCAQAwDQYJKoZIhvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrgh
+cViXfa43FK8+5/ea4n32cZiZBKpDdHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5
+gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0VQreUGdNZtGn//3ZwLWoo4rO
+ZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEuiHZeeevJuQHHf
+aPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic
+Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFgzCCA2ugAwIBAgIORea7A4Mzw4VlSOb/RVEwDQYJKoZIhvcNAQEMBQAwTDEg
+MB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjYxEzARBgNVBAoTCkdsb2Jh
+bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTQxMjEwMDAwMDAwWhcNMzQx
+MjEwMDAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjET
+MBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJUH6HPKZvnsFMp7PPcNCPG0RQssgrRI
+xutbPK6DuEGSMxSkb3/pKszGsIhrxbaJ0cay/xTOURQh7ErdG1rG1ofuTToVBu1k
+ZguSgMpE3nOUTvOniX9PeGMIyBJQbUJmL025eShNUhqKGoC3GYEOfsSKvGRMIRxD
+aNc9PIrFsmbVkJq3MQbFvuJtMgamHvm566qjuL++gmNQ0PAYid/kD3n16qIfKtJw
+LnvnvJO7bVPiSHyMEAc4/2ayd2F+4OqMPKq0pPbzlUoSB239jLKJz9CgYXfIWHSw
+1CM69106yqLbnQneXUQtkPGBzVeS+n68UARjNN9rkxi+azayOeSsJDa38O+2HBNX
+k7besvjihbdzorg1qkXy4J02oW9UivFyVm4uiMVRQkQVlO6jxTiWm05OWgtH8wY2
+SXcwvHE35absIQh1/OZhFj931dmRl4QKbNQCTXTAFO39OfuD8l4UoQSwC+n+7o/h
+bguyCLNhZglqsQY6ZZZZwPA1/cnaKI0aEYdwgQqomnUdnjqGBQCe24DWJfncBZ4n
+WUx2OVvq+aWh2IMP0f/fMBH5hc8zSPXKbWQULHpYT9NLCEnFlWQaYw55PfWzjMpY
+rZxCRXluDocZXFSxZba/jJvcE+kNb7gu3GduyYsRtYQUigAZcIN5kZeR1Bonvzce
+MgfYFGM8KEyvAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBSubAWjkxPioufi1xzWx/B/yGdToDAfBgNVHSMEGDAWgBSu
+bAWjkxPioufi1xzWx/B/yGdToDANBgkqhkiG9w0BAQwFAAOCAgEAgyXt6NH9lVLN
+nsAEoJFp5lzQhN7craJP6Ed41mWYqVuoPId8AorRbrcWc+ZfwFSY1XS+wc3iEZGt
+Ixg93eFyRJa0lV7Ae46ZeBZDE1ZXs6KzO7V33EByrKPrmzU+sQghoefEQzd5Mr61
+55wsTLxDKZmOMNOsIeDjHfrYBzN2VAAiKrlNIC5waNrlU/yDXNOd8v9EDERm8tLj
+vUYAGm0CuiVdjaExUd1URhxN25mW7xocBFymFe944Hn+Xds+qkxV/ZoVqW/hpvvf
+cDDpw+5CRu3CkwWJ+n1jez/QcYF8AOiYrg54NMMl+68KnyBr3TsTjxKM4kEaSHpz
+oHdpx7Zcf4LIHv5YGygrqGytXm3ABdJ7t+uA/iU3/gKbaKxCXcPu9czc8FB10jZp
+nOZ7BN9uBmm23goJSFmH63sUYHpkqmlD75HHTOwY3WzvUy2MmeFe8nI+z1TIvWfs
+pA9MRf/TuTAjB0yPEL+GltmZWrSZVxykzLsViVO6LAUP5MSeGbEYNNVMnbrt9x+v
+JJUEeKgDu+6B5dpffItKoZB0JaezPkvILFa9x8jvOOJckvB595yEunQtYQEgfn7R
+8k8HWV+LLUNS60YMlOH1Zkd5d9VUWx+tJDfLRVpOoERIyNiwmcUVhAn21klJwGW4
+5hpxbqCo8YLoRT5s1gLXCmeDBVrJpBA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFrjCCA5agAwIBAgIEVJGosDANBgkqhkiG9w0BAQsFADBSMQswCQYDVQQGEwJD
+QTEVMBMGA1UEChMMTm90YXJpdXMgSW5jMSwwKgYDVQQDEyNOb3Rhcml1cyBSb290
+IENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNDEyMTcxNTMwNTFaFw0zNDEyMTcx
+NjAwNTFaMFIxCzAJBgNVBAYTAkNBMRUwEwYDVQQKEwxOb3Rhcml1cyBJbmMxLDAq
+BgNVBAMTI05vdGFyaXVzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIICIjAN
+BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArVK5kig4XFE/X2tRUy/8uc3z573P
+aPUWc28qWqN+IsxfJjK/0x/HXuexkOvGIvXpXhkSohLzvCL5iNX3O2HFGcjiY2uM
+8ds/IqD73Fn6ZvB+dMZKsQ3JUh2Lt05M3ZbLmOYOQPu9Oh6kLJBe3oTWYednACoz
+DjOD8jeivk6oqkZtGEhGdyY0v2aBbyCT/PEy8WDyFi2fTkQdnes4LW2lWE0B++Jd
+xB6K/9VC3AwFp/bkhONn7NGpT5nen8YLlB/lMLcHqHnwYOqzoZzCZTea6LnBPFms
+YAvmBu04B1gBTKV+15zzbDNPIDZrVcpOVm/4OO7PlGXlSC9NPlDMqU45tv6KCBF1
+xv17Srqj95O0nXjkoYuo7HeCKPebkSQe8fzPkUR76AZeKm/Kd4mAXRBgubZxolux
+Zifq92R8d+gKCi+PSFPitC+oNB/y5Mn1S74bcxH2HJlbsRHRRd6uGuGxxUN4Ob3J
+6sDcg/sL4sLVyT9KQcWdPuHwJgKaU223hg9yTwxDC67EVGA2SoNOyVCmbQf68A/E
+9AXz1WYd6+S/HKX9uOcYNzq7BBobhw3Sknt0joirijo+14CjSFeQKM/UQ1yUNy6L
+rxISTqo4pg21iRz5eWRtZfcRlD6h3D4ix4MpqWbEmY/NGk35xyWszPer86vmuP3j
+6e3PKzkoir8wFJMCAwEAAaOBizCBiDArBgNVHRAEJDAigA8yMDE0MTIxNzE1MzA1
+MVqBDzIwMzQxMjE3MTYwMDUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUmckQ
+Sn14uolWMU717DVzPaQb7W4wHQYDVR0OBBYEFJnJEEp9eLqJVjFO9ew1cz2kG+1u
+MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggIBAII/6ndKCHTpbRuOrXnd
+2bEQ8Z13TBfrLRjoL5TGU2ZeoKWRUrKs/MhQlA7FeaoNJs0VRr2bs7y1eIDfUM1b
+3lk/+6a6APlysUPloJvbZJGpvgXXYvrbEr06hvB6YzX82lA0POZvtEIGKoErUh0e
+T/e1srxsYJrUpyjOpG4Ef+/eRStyMl3mzw1Sjy9AuNPfyYbMCQ5TYAfATzrK9iYG
+Xkacvw2+HVphJzp9YZO1p1QT3rGgm0lmm7M3vaC6SmXIIuDE7/CVzuifACmk+TIS
+nHA8ENfrpjx/VVDVQjH7uwnqhErNa3PWjKWUb4Q1mmVaeAgDAvxHs3q+jD4zZy3U
+AKpqnzgb9U540IvFby8qPYI+W1CAcEG1qGDA/vtYabnYwgwXoBhOBhr/P3KxN+6J
+b3rcpy+cyVfIgwtLgfHXNi8e7Pe4IGT6iwrmUbgFrFR77DIK484SHVFy+N59201K
+f5qEsAq4EHHYc3oWrvzF1G3kx58KF2tz4wExbfg6/BySZKXA2KSQwOP5jhkxrTZ2
+7Lf7ZTz04PiUm+cYlB8qAnhxnkJdCm29O3vKcEr2xOedos5LmOKW87HWrcAhOKJ5
+RkDH30jAB64volYYepq5wxhQFh+j40zDnmAuYC/pDOFZoRszKSuREjx9hTaieBIR
+4sBFY8WLdJMuwrRbEWjHccjm
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWjCCA0KgAwIBAgIQT9Irj/VkyDOeTzRYZiNwYDANBgkqhkiG9w0BAQsFADBH
+MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxJTAjBgNVBAMMHFVDQSBF
+eHRlbmRlZCBWYWxpZGF0aW9uIFJvb3QwHhcNMTUwMzEzMDAwMDAwWhcNMzgxMjMx
+MDAwMDAwWjBHMQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxJTAjBgNV
+BAMMHFVDQSBFeHRlbmRlZCBWYWxpZGF0aW9uIFJvb3QwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCpCQcoEwKwmeBkqh5DFnpzsZGgdT6o+uM4AHrsiWog
+D4vFsJszA1qGxliG1cGFu0/GnEBNyr7uaZa4rYEwmnySBesFK5pI0Lh2PpbIILvS
+sPGP2KxFRv+qZ2C0d35qHzwaUnoEPQc8hQ2E0B92CvdqFN9y4zR8V05WAT558aop
+O2z6+I9tTcg1367r3CTueUWnhbYFiN6IXSV8l2RnCdm/WhUFhvMJHuxYMjMR83dk
+sHYf5BA1FxvyDrFspCqjc/wJHx4yGVMR59mzLC52LqGj3n5qiAno8geK+LLNEOfi
+c0CTuwjRP+H8C5SzJe98ptfRr5//lpr1kXuYC3fUfugH0mK1lTnj8/FtDw5lhIpj
+VMWAtuCeS31HJqcBCF3RiJ7XwzJE+oJKCmhUfzhTA8ykADNkUVkLo4KRel7sFsLz
+KuZi2irbWWIQJUoqgQtHB0MGcIfS+pMRKXpITeuUx3BNr2fVUbGAIAEBtHoIppB/
+TuDvB0GHr2qlXov7z1CymlSvw4m6WC31MJixNnI5fkkE/SmnTHnkBVfblLkWU41G
+sx2VYVdWf6/wFlthWG82UBEL2KwrlRYaDh8IzTY0ZRBiZtWAXxQgXy0MoHgKaNYs
+1+lvK9JKBZP8nm9rZ/+I8U6laUpSNwXqxhaN0sSZ0YIrO7o1dfdRUVjzyAfd5LQD
+fwIDAQABo0IwQDAdBgNVHQ4EFgQU2XQ65DA9DfcS3H5aBZ8eNJr34RQwDwYDVR0T
+AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBADaN
+l8xCFWQpN5smLNb7rhVpLGsaGvdftvkHTFnq88nIua7Mui563MD1sC3AO6+fcAUR
+ap8lTwEpcOPlDOHqWnzcSbvBHiqB9RZLcpHIojG5qtr8nR/zXUACE/xOHAbKsxSQ
+VBcZEhrxH9cMaVr2cXj0lH2RC47skFSOvG+hTKv8dGT9cZr4QQehzZHkPJrgmzI5
+c6sq1WnIeJEmMX3ixzDx/BR4dxIOE/TdFpS/S2d7cFOFyrC78zhNLJA5wA3CXWvp
+4uXViI3WLL+rG761KIcSF3Ru/H38j9CHJrAb+7lsq+KePRXBOy5nAliRn+/4Qh8s
+t2j1da3Ptfb/EX3C8CSlrdP6oDyp+l3cpaDvRKS+1ujl5BOWF3sGPjLtx7dCvHaj
+2GU4Kzg1USEODm8uNBNA4StnDG1KQTAYI1oyVZnJF+A83vbsea0rWBmirSwiGpWO
+vpaQXUJXxPkUAzUrHC1RVwinOt4/5Mi0A3PCwSaAuwtCH60NryZy2sy+s6ODWA2C
+xR9GUeOcGMyNm43sSet1UNWMKFnKdDTajAshqx7qG+XH/RU+wBeq+yNuJkbL+vmx
+cmtpzyKEC2IPrNkZAJSidjzULZrtBJ4tBmIQN1IchXIbJ+XMxjHsN+xjWZsLHXbM
+fjKaiJUINlK73nZfdklJrX+9ZSCyycErdhh2n1ax
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvDCCA6SgAwIBAgIQIWYVBQUnBQW8irAdrwq+xDANBgkqhkiG9w0BAQsFADB4
+MQswCQYDVQQGEwJUTjE5MDcGA1UEAxMwVHVuaXNpYW4gUm9vdCBDZXJ0aWZpY2F0
+ZSBBdXRob3JpdHkgLSBUdW5Sb290Q0EyMS4wLAYDVQQKEyVOYXRpb25hbCBEaWdp
+dGFsIENlcnRpZmljYXRpb24gQWdlbmN5MB4XDTE1MDUwNTA4NTcwMVoXDTI3MDUw
+NTA4NTcwMVoweDELMAkGA1UEBhMCVE4xOTA3BgNVBAMTMFR1bmlzaWFuIFJvb3Qg
+Q2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gVHVuUm9vdENBMjEuMCwGA1UEChMlTmF0
+aW9uYWwgRGlnaXRhbCBDZXJ0aWZpY2F0aW9uIEFnZW5jeTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBALAH52L70A1Vzme3V41uDKknVB7rqSSrZ4+PnGEP
+2ygyLzv4LGWSLa66M5LAK57yH15tI12zWB+NocBtdYUKsBNOW1ZGizm9C4K7OkOb
+CLpG7vkX683I1+N1E96uUUgKziCVRp8C7FWMdKpa/PzqCTM1bqNHBsfdfoRoDscS
+ypTD7eZsAm3eAok1swTLRfh8R6TTH9/lXCPi8yJ7uUui/Rc1XUjpv/WzJWOL53jr
+/HUnvYhcpoU/Qd+VfN16Ro/+Htqxq9jTjs0GjMnYUkIRUqKDj1yDe+Qnto8foF49
+0nV9eVOTBpfjA8eWLNoBPHnFO1DosNOhpOLTg31E+BDPoBoq8mWAvXfBmGV2rhIh
+Yso6vr61mcNbxNG/m8AKylgeFabXIV6xTQrlcHiaaOZ0ZjIUKh4Rvoj3BvZVo8Mf
+bheQVdGKQIlWQ9VP5qLJiGQABVE/V7Q8tr5qkXFA8aJc8dftnLZX9lnUKhHl1OW/
+ux7RyNdfRAWbu4k6radDd34VYHyIXZvspVzSRq0Mi1RF1JRRVUVSqlzYEaz4ViJs
+2dIU6bdOQoVURvgBxj0mBnfosjUb8J1CyX/+gCcBUMt/xaxU+mttloxBpKHS57WR
+SG93HIvCK3T+PFzEXZTOq/EglmvBDFpf+eU1uWyjEGfvkapIDu9It3ZYYtm+nkKz
+pL01AgMBAAGjQjBAMB0GA1UdDgQWBBTMc8Wjaikxl6eNoNhUwQp1tiM/pjAPBgNV
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEA
+LvKHSO2Znp8BDDzJCnhTfBg13rblbPQAgOGbi9n6+6r7ZbfSyfXXp8t+ybGicVht
+WTfW4DMQyrXZcttOJTeqpt0dGL31yYqceojuHwLELZJUfVfiXBkYIwJ6XEmVtpjn
+wmBBZUC77Fq3cZxQ8nN2+18N7zXPtGmNhehMkBcDC8mzLiA3YxFipk/jNOD7eVXn
+xsKuQv6wNGxJIw5yB3tmBVVI+xIPoMD6TtH7Pcz+/RZLVlDNESynm/exCs+m6+/d
+jriuQgh8pIyU6obHQ+P3PIrfR9IwQMgtU/VvEUnMIYyWQ08QoEehVo0fHFvYVlvr
+NHbhNTpx1MwhL541KPJa3p7k7kdqEOg4vUq0fQR/Ba5ICrQDvy6zChufy63dTdCH
+IbdHdoKDLcdXvpoVoxswGGyjOnFvZEcoktsRYSCad2Ut+axWE2xLo1//m6To7+dY
+6HueO39qp745ChOUyUhOZmTYU0zsQWv9/DYu1w7fYQt7tUCs3UJJbZ6Av2CV8OnA
+P3u7GOk4tVZOp36KYu+YHvh4QKm72OnltLT542ec7FPPuEK0L5OBNaBs9rogimg9
+923/f9NM93qUaAN3Qzs1UapTEj5HExQ5rNZlj6hG/zwh9NK/0EikfqdRm5cS9Zk0
+FyNWhBNjyzTKH8q6qAcp80MkCkl//Q7UkPCrQyFinI8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCzCCA/OgAwIBAgIQVBIVn6uKdZNElMp3QFYu7zANBgkqhkiG9w0BAQsFADBm
+MQswCQYDVQQGEwJTRTEoMCYGA1UEChMfU3dlZGlzaCBTb2NpYWwgSW5zdXJhbmNl
+IEFnZW5jeTEtMCsGA1UEAxMkU3dlZGlzaCBHb3Zlcm5tZW50IFJvb3QgQXV0aG9y
+aXR5IHYyMB4XDTE1MDUwNTExMTUyM1oXDTQwMDUwNTExMjQxOVowZjELMAkGA1UE
+BhMCU0UxKDAmBgNVBAoTH1N3ZWRpc2ggU29jaWFsIEluc3VyYW5jZSBBZ2VuY3kx
+LTArBgNVBAMTJFN3ZWRpc2ggR292ZXJubWVudCBSb290IEF1dGhvcml0eSB2MjCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMiutUO8QkVLNWM/AkvF/9s2
+1yfFwq5FZqNxhxZNiU9hlOBWRrjQRBPmc5DwYXhBiuAafjesAim+6P8CJsYafAqx
+j2QpotoHitUkhWgZkjLfnylgWG0qhYARNsm2wtOehAy6URHMVOmrBjASjyB3BcDG
+jZqbWci2hehwBwKxHv/Xac8WRothL0LNUqbYDnovhy3GLzwiQ7GTfsMWdtnM14vs
+ERvQyXEUwolJfvGkEKo1PKgbu//sMkDlvSrzpgETyIyXGZDOY/mwa333+YrObuCF
+59uU1XogJaA18Kn3r1ooWgzI83Q5izE7IsxJJclvuFx6LiyW4y+jPsp5d2mRWvjw
+xVM3TlNtSSdWYsrl+XNgqRc7W6Ilry17ybfbzxkROjNxOVlaA+nnLAz/bZxyY2OA
+BVhThtwodRbC5fATWaGB/wUMmai2PGwuxQ4AmIHpg3dmQztajoVFTLLPuT3knDaT
+QHpTFSnUEZC6oWCKnav0Skpq3Yeqwe0F2p5bVuGITyprlSiGZlCh79pKspAKNjdJ
+hZdCeAdn5psgoQxsyc/P/neVhFp6Oxew70z3LZGqzxlvxvkSKOceCqaWzSGwA2JQ
+gwYg5uje30MWFrmBoPCBNFvLwYn28+giuM64Uj5RHrEFuLcDKwusdHVTJOF2uE8l
+dl3v0Zrzbkq4fEv4isAZAgMBAAGjgbQwgbEwDgYDVR0PAQH/BAQDAgEGMBIGA1Ud
+EwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYEFGNrQmBTVxG7yCSJJQJmRHShDSVuMBAG
+CSsGAQQBgjcVAQQDAgEAMBEGA1UdIAQKMAgwBgYEVR0gADBHBgNVHSUEQDA+Bggr
+BgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMBggrBgEFBQcD
+AwYIKwYBBQUHAwgwDQYJKoZIhvcNAQELBQADggIBACMuqoWXS6RcEK/a+D29k1gv
+ePsZdwM5FkdJclXMh+i9pH/SqySs59RQ7p3Yg8aZIPsWL4jGFzfKix6r0OJsB1i4
+ZJGhEKFpN3Ve/tpzFOaKa77CYCEvwPmjBEg2Wze+2mz96ZaOnvFTfI9lRKdVfQuU
+TlT2/zK9L32cpV5CxEwp4xBkL+bPWjs0VShh0ScSu25Um4FYrNVenVcDoE3R/zd0
+po3z+ZX9Kol1enk3/SZ5Lydzf6kZIOXQX5jolgWPmHnpeRBBKQFD9Wk3zFAQaLXY
+RE4O8pnjJyxqjl+7fbtrcUsGit0q2Ao/W8hyLlhhCg+BaB5Hx+ktuu+N3A6jI8Oy
+LbVHsYu0PidI59wIYgxU/kPXlUq/By9KQH4GpVGHJokF3TzKT/4cJ+nbiB7Asv7j
+7x9+sehZlaBPqwqJAOBzsuccwRdQgIdM0kMZWZXSWxRbClvAfIlxerUKwIpFL+7E
+wP5ULeeVJHcFLu50xqCQsXPcQtagdclYWQWi3hG/WekNpybCbsBGisYe0/XqD309
+cs0ZlUy64GiXjVjAau9597JoarhyNsMkDOgy7b3xn8jv3nXS23aplCc49AFhv2Y4
+j2o93ABbs/xE3wNL+fF2JTX/Uh8IHdClFOmLBit4gyxxXE+Rh2PWDA4FiDyUoLFa
+VBbf3VHDqDYuLIJ8uZqw
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5
+MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
+Um9vdCBDQSAzMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG
+A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg
+Q0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG8lKl
+ui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjrZt6j
+QjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSr
+ttvXBp43rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkr
+BqWTrBqYaGFy+uGh0PsceGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteM
+YyRIHN8wfdVoOw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwF
+ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
+b24gUm9vdCBDQSAyMB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
+b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK
+gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ
+W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg
+1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K
+8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r
+2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me
+z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR
+8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj
+mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz
+7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6
++XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI
+0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMB
+Af8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSwDPBMMPQFWAJI/TPlUq9LhONm
+UjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oAA7CXDpO8Wqj2
+LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY
++gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kS
+k5Nrp+gvU5LEYFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl
+7uxMMne0nxrpS10gxdr9HIcWxkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygm
+btmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQgj9sAq+uEjonljYE1x2igGOpm/Hl
+urR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbWaQbLU8uz/mtBzUF+
+fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoVYh63
+n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE
+76KlXIx3KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H
+9jVlpNMKVv/1F2Rs76giJUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT
+4PsJYGw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
+ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
+b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
+b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
+ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
+9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
+IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
+VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
+93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
+jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
+A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
+U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
+N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
+o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
+5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
+rqXRfboQnoZsG4q5WTP468SQvvG5
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5
+MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
+Um9vdCBDQSA0MB4XDTE1MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkG
+A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJvb3Qg
+Q0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZLY7Bi
+9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri83Bk
+M6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB
+/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WB
+MAoGCCqGSM49BAMDA2gAMGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlw
+CkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1AE47xDqUEpHJWEadIRNyp4iciuRMStuW
+1KyLa2tJElMzrdfkviT8tQp21KW8EA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGSzCCBDOgAwIBAgIRANm1Q3+vqTkPAAAAAFVlrVgwDQYJKoZIhvcNAQELBQAw
+gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
+Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
+MjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw
+BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0
+MB4XDTE1MDUyNzExMTExNloXDTM3MTIyNzExNDExNlowgb4xCzAJBgNVBAYTAlVT
+MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1
+c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNSBFbnRydXN0LCBJ
+bmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAwBgNVBAMTKUVudHJ1c3Qg
+Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0MIICIjANBgkqhkiG9w0B
+AQEFAAOCAg8AMIICCgKCAgEAsewsQu7i0TD/pZJH4i3DumSXbcr3DbVZwbPLqGgZ
+2K+EbTBwXX7zLtJTmeH+H17ZSK9dE43b/2MzTdMAArzE+NEGCJR5WIoV3imz/f3E
+T+iq4qA7ec2/a0My3dl0ELn39GjUu9CH1apLiipvKgS1sqbHoHrmSKvS0VnM1n4j
+5pds8ELl3FFLFUHtSUrJ3hCX1nbB76W1NhSXNdh4IjVS70O92yfbYVaCNNzLiGAM
+C1rlLAHGVK/XqsEQe9IFWrhAnoanw5CGAlZSCXqc0ieCU0plUmr1POeo8pyvi73T
+DtTUXm6Hnmo9RR3RXRv06QqsYJn7ibT/mCzPfB3pAqoEmh643IhuJbNsZvc8kPNX
+wbMv9W3y+8qh+CmdRouzavbmZwe+LGcKKh9asj5XxNMhIWNlUpEbsZmOeX7m640A
+2Vqq6nPopIICR5b+W45UYaPrL0swsIsjdXJ8ITzI9vF01Bx7owVV7rtNOzK+mndm
+nqxpkCIHH2E6lr7lmk/MBTwoWdPBDFSoWWG9yHJM6Nyfh3+9nEg2XpWjDrk4JFX8
+dWbrAuMINClKxuMrLzOg2qOGpRKX/YAr2hRC45K9PvJdXmd0LhyIRyk0X+IyqJwl
+N4y6mACXi0mWHv0liqzc2thddG5msP9E36EYxr5ILzeUePiVSj9/E15dWf10hkNj
+c0kCAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0OBBYEFJ84xFYjwznooHFs6FRM5Og6sb9nMA0GCSqGSIb3DQEBCwUAA4ICAQAS
+5UKme4sPDORGpbZgQIeMJX6tuGguW8ZAdjwD+MlZ9POrYs4QjbRaZIxowLByQzTS
+Gwv2LFPSypBLhmb8qoMi9IsabyZIrHZ3CL/FmFz0Jomee8O5ZDIBf9PD3Vht7LGr
+hFV0d4QEJ1JrhkzO3bll/9bGXp+aEJlLdWr+aumXIOTkdnrG0CSqkM0gkLpHZPt/
+B7NTeLUKYvJzQ85BK4FqLoUWlFPUa19yIqtRLULVAJyZv967lDtX/Zr1hstWO1uI
+AeV8KEsD+UmDfLJ/fOPtjqF/YFOOVZ1QNBIPt5d7bIdKROf1beyAN/BYGW5KaHbw
+H5Lk6rWS02FREAutp9lfx1/cH6NcjKF+m7ee01ZvZl4HliDtC3T7Zk6LERXpgUl+
+b7DUUH8i119lAg2m9IUe2K4GS0qn0jFmwvjO5QimpAKWRGhXxNUzzxkvFMSUHHuk
+2fCfDrGA4tGeEWSpiBE6doLlYsKA2KSD7ZPvfC+QsDJMlhVoSFLUmQjAJOgc47Ol
+IQ6SwJAfzyBfyjs4x7dtOvPmRLgOMWuIjnDrnBdSqEGULoe256YSxXXfW8AKbnuk
+5F6G+TaU33fD6Q3AOfF5u0aOq0NZJ7cguyPpVkAh7DE9ZapD8j3fcEThuk0mEDuY
+n/PIjhs4ViFqUZPTkcpG2om3PVODLAgfi49T3f+sHw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGfjCCBGagAwIBAgIEBfXhADANBgkqhkiG9w0BAQ0FADBwMQswCQYDVQQGEwJD
+WjEtMCsGA1UECgwkUHJ2bsOtIGNlcnRpZmlrYcSNbsOtIGF1dG9yaXRhLCBhLnMu
+MRkwFwYDVQQDDBBJLkNBIFJvb3QgQ0EvUlNBMRcwFQYDVQQFEw5OVFJDWi0yNjQz
+OTM5NTAeFw0xNTA1MjcxMjIwMDBaFw00MDA1MjcxMjIwMDBaMHAxCzAJBgNVBAYT
+AkNaMS0wKwYDVQQKDCRQcnZuw60gY2VydGlmaWthxI1uw60gYXV0b3JpdGEsIGEu
+cy4xGTAXBgNVBAMMEEkuQ0EgUm9vdCBDQS9SU0ExFzAVBgNVBAUTDk5UUkNaLTI2
+NDM5Mzk1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqj9VtYmvdhQG
+KmQmlDgPX/bcBG8xRfUK/Tt/m3Jv+EB8/l39NJkFOJRJurHwvfiZXMBR+qoN++Zx
+FYVjESp3BpGSBoiz/BThmUa0KYKuhIPutSaHbviLVUSdQNj/Klqq6H/SZeEUR8J8
+Mf11YQobjIBKnrTiLhRHMe68BVGupn7PEbjFSL0FVMKE5Kdoa/i4+n4oybnP5CFP
+ZcmIaKA42XWlETtMHG5LHtSGbMGtBUfTLJQNzIctGi3D1szehP7sa8DhIxOh05wY
+fuBy11xVvEyzQDEbnEDNmuuADnGu12JuWhZPH/ZlRdGfeoVBGcJ6Os4hkuSUcEy7
+qEHGxLs1zfU6nmOpjaBq0SBEqiq2SKVyw86e5FhIRwl/AkHzDRxtCXjw1xTRoFX8
+EdZaGgB55TvmCMtSnqQJq2vnbJwqLyJ9+7lQst5Q0y8McrnWs7ezCObre6z0tMX2
+wTIfpxkh9dxeN6rHH1ObQz7mnp/aDddWog9TaS1Vv+uGeBG/ptdaTfMOk3Pq/w7Q
+54/xyLPw2BhzbKVyiPFwTEdUtpta0bwmN40Y35trLtsLJbOKsuOtBlxtu30XAwcB
+ijCXiXRtSpR3Luvuz7Aetep29LUUOJXX1dkvP7KkJsxNo1yNCfNeDIUyzlZsAgjx
+S6Orv8hUoAWFdOR1HXq8nDtgPWr9GZECAwEAAaOCAR4wggEaMA4GA1UdDwEB/wQE
+AwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR2uQNI+9UYoaE3oO3MaIJM
+UjQ2DTCB1wYDVR0gBIHPMIHMMIHJBgRVHSAAMIHAMIG9BggrBgEFBQcCAjCBsBqB
+rVRlbnRvIGt2YWxpZmlrb3Zhbnkgc3lzdGVtb3Z5IGNlcnRpZmlrYXQgYnlsIHZ5
+ZGFuIHBvZGxlIHpha29uYSAyMjcvMjAwMCBTYi4gdiBwbGF0bmVtIHpuZW5pL1Ro
+aXMgcXVhbGlmaWVkIHN5c3RlbSBjZXJ0aWZpY2F0ZSB3YXMgaXNzdWVkIGFjY29y
+ZGluZyB0byBBY3QgTm8uIDIyNy8yMDAwIENvbGwuMA0GCSqGSIb3DQEBDQUAA4IC
+AQAZVAIlg9silosdlZ6Z2zTOk9AfLntcYCRqDNeFRHgfHEnyFPiDVBmmnTJmuCOm
+O4Yqnzb8F/xQD2DGN/0kqPd5p46/2AcVVF5SDL74ptjIQUTx9hPcgxlbr91k9zMW
+hw8VWvFkvNTnVT8yOIma88xIxWwxcZKaJhfCfEcCbTUnn/Ma4aodDXQRqZN8Qahv
+u46cxQHkc/a6UC7mENS8bxOaOLlpRqUG1vJMbDerPPjbGsZV8Mj4HSFuLwBqseJt
+WgQtfd0JT/bvFC/AEuoJGSsayqBxm7E6Mrz/QxjzfS/1LojpUbbxSZBM/ybHw1nd
+dF/BUF04XJ1oVWlqtEB3yV8yKUhUk8GzISN2oVUwaSM/MUnEoc07dlmVWoK0rXG1
+vqaRzIAVSi/OlK4YVUl1IES48wGbwXgsjhBMp2StrTrrTB1WLn+U1B7QCtXJVIEO
+Hv73lPlhOj817tNgyftIsm7C2b56bpgFcACj0RfHxjSvbPVNj11SDN2Am3pt55jj
+OYVcP4vMRKJANjKTElaQAp4+WWgCH1aIHq/B/g97VY2X2bumk0e6fPhHtjnXjPJA
+bIecDP4t3dxx/A6RCKRDPYpX3d0H66eXUdC6hJmti3n+yQSQgxMr6ZcNZYnyES03
+jku4u9J6OSrF3NBdDd0EJ5ifWP2OhrsFf/DtN5KQ3Zy9/A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
+WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
+ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
+MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
+h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
+0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
+A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
+T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
+B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
+B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
+KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
+OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
+jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
+qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
+rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
+hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
+ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
+3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
+NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
+ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
+TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
+jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
+oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
+4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
+mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
+emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDDCCA/SgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBlzELMAkGA1UEBhMCQVQx
+DTALBgNVBAgTBFdpZW4xDTALBgNVBAcTBFdpZW4xIzAhBgNVBAoTGmUtY29tbWVy
+Y2UgbW9uaXRvcmluZyBHbWJIMSowKAYDVQQLEyFHTE9CQUxUUlVTVCBDZXJ0aWZp
+Y2F0aW9uIFNlcnZpY2UxGTAXBgNVBAMTEEdMT0JBTFRSVVNUIDIwMTUwHhcNMTUw
+NjExMDAwMDAwWhcNNDAwNjEwMDAwMDAwWjCBlzELMAkGA1UEBhMCQVQxDTALBgNV
+BAgTBFdpZW4xDTALBgNVBAcTBFdpZW4xIzAhBgNVBAoTGmUtY29tbWVyY2UgbW9u
+aXRvcmluZyBHbWJIMSowKAYDVQQLEyFHTE9CQUxUUlVTVCBDZXJ0aWZpY2F0aW9u
+IFNlcnZpY2UxGTAXBgNVBAMTEEdMT0JBTFRSVVNUIDIwMTUwggIgMA0GCSqGSIb3
+DQEBAQUAA4ICDQAwggIIAoICAQDUppeo8vSQEUOttIJGQfEvkW9jos0NINy9DDiK
+ZUoKKzqodKl3oYuO8i+B94QYza3rYraSfeBB5U5UODeC78vg7c+7ysyjS/db/rh8
+pwhty0PETCIUZuOdA7l3IatEayFHI8gg+irLkXYddWz4m+kPJulDL5ogBWgYx46Z
+hS1BB6ZkjljhjZWApE1f9QLYgXnb1effoiL9FKdnFuzZWEzKqd3qGo6pCGRPUSG2
+cqJO/1BxvTtl5L1/UxGu3xA5e132R3AX90ORA3phJV8s/PiJETzsOVQWScQhmnHg
+eYt2HXY9B1m4B7GM3MfNTuH7rUNNP0DvIWIvMUROacdvIsurVEvowvoRaKzIbg7e
+bMUnlglRAk0Btle/MijVCUOW98SItflU/ho6arcstSRk+0p4csP82U/ITiO5KdgN
+oUhBkwJtvxKFm8bFYC3wkfyZ/SCUnnFjq9VJq5DshzmFf42FzAvo20s7DvzCdn1G
+5zkmnt9V3x6E+UE2JmwCWSuO+7zpHyckYgRnhOE/2J0YTpagJe7KKANPAlHP9zU3
+aaS01tbVHhlDJxYfR1HuSglMEVq2Wz1h6DsQvtZG5vQc/bhFvXz6dVrs4VIjDY4f
+hpdTkVybmyjWjuVuJ60gjKfBQamXN4ss6m4YBZf2zgNS8b15NJtAxyOSdPNv7aPp
+WfBVSwIBA6NjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0OBBYEFMuw3T2MPN9iLCtmPJ486RVtcbTXMB8GA1UdIwQYMBaAFMuw3T2MPN9i
+LCtmPJ486RVtcbTXMA0GCSqGSIb3DQEBCwUAA4ICAQCifVUEZu4WFLyCgYclGTli
+9P47H+HAcwBxynWp4nPxxQ1Bo12OwS3ZZVvZieLwjsWgfb3LzEZTH1/tILYCKtYT
+8p19UUpAVXGtnux26kUgjqr6ekOacGd+E96Y6MuN3R+sNNKhte3+uOcWz/jRODCN
+NInSzn2B0h7/URhTNpPcCcsIFrgI11owkIoK+S+1z8TNVHIqxr0B51gLbgZAtAnO
+tI6zmumJkZSselTh++OELIOgT/7r6MH067Ym0zjELa2sRYA0bSE9XYU64nv+VLfd
+6IVUy6TxqylQeNcktaMvnq8RZq4YuP1dKM9A11XgLOtSMWhDZgWXkrvF8SEs/RJk
+MZlDb4udS2D+FF5SsyOo4Zh67hTJoeLMP3YhYv1rDdm0SpXmblt6JMPTxtYfous3
+a06j32Lr6w5KCL/rGIj7RxqtwlHD1Xz3HyuzyEpQDmlYIGIBSlvKY5YmIq726ZxA
+rGcDnZ1pFcLA+F2nJLEnPL8F4quiysmwLX6jwTEgRiFlkt3K3t+TG7xtL1+pFqRX
+hyxymlqCZ9FE4j0JCoGMHhD9xjRo7P93YXZ/Jvfb/BJGEqrA0fh5haICzIuqpK1s
+FMC9/GiuRH0i+QpFXewE5vrjpMXm+bIZw9mMqJN7OoppO1ITPB0zAk6WQJ+5lf2T
+FzPByQv2/b1pEPWtKfvj2g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFoTCCA4mgAwIBAgIQLHA+VOkP2ZggzMbZ9UY/NTANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5MRkwFwYDVQQDDBBDRkNBIElkZW50aXR5IENBMB4XDTE1
+MDYzMDAxMjExMloXDTQwMDYzMDAxMjExMlowWjELMAkGA1UEBhMCQ04xMDAuBgNV
+BAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEZMBcG
+A1UEAwwQQ0ZDQSBJZGVudGl0eSBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
+AgoCggIBAOFRJSx4u/rui1XDTiVkGS2UQqTm3oQPITUo3DKJPvs0c3tX6awSKUoM
+mCzOyb+kT6VtDs7CzhgJMRBwcg0ia5798whuktLAJc+1s+thfxeE/HVrtaxXF0EZ
+DDTVL1Fu1fdRa3FvMrHi066g1jsUUEgZdPztr7UgqJLgP64H0VC81d2v1tD5zs6S
+uMaBjMX5OY2+9hsumjhkv7fNcuf/7YlauKR1WuH+rzIMbSJukzWoYuLArgqX0bCq
+PvY6UB6bUCoH25eVYAM/o6RdGVUhJzpJnsvI7CzMmxdI0wgQsqlvIQH0WmHd096J
+XbUK8+AV1wZ3C17YaFjfoHe+XxQKRL0tHxo+8aosXQyFDOej24s4BqVbd0zUyt1X
+leSj6LJkd9k0r2gdKm0/MkcmmTOfCmBoEVZb1gLxhyrYadhRKZej3vchJozd8yyM
+BY+ZNkqQsVhpOf2U0xfWpinDUAvVu6MhQE+xBxwAZFfjUVRz4+sZdAKIdw/RflWD
+AszZzHSlAWyvlbC52RindZoeTo9rXkNHKjGEA6yIETDos7F4x0PhrQWHnGhLI597
+ND/M/e+cQsvxNhELNdqaeqGvhU4uWmwneQtFgSV2ZG9k52jKluUEMQVYnqi0j/h9
+VsTtKDHNbYnikHh78ZAalERJ04PvGCPHamW+n+q0e7VjBONc4Xf7AgMBAAGjYzBh
+MB8GA1UdIwQYMBaAFMCsdqLTXf/2zRYAWzinf1V9hVlsMA8GA1UdEwEB/wQFMAMB
+Af8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTArHai013/9s0WAFs4p39VfYVZ
+bDANBgkqhkiG9w0BAQsFAAOCAgEAfNPmbXRLuY9du1uVIvxlr0psXoETrLoUCE2v
+8Hnx0iVCwPjZZCoCNcHhKg86fWoaOhZhG0FGqHVDv9881e1MO0O8LJA5/kyOeetQ
+vsDNWFihMB46a5GR4TRxlSEUoCASy4MqzIGuRuAebbIMytOCiPpua3i2XK28QSva
+fkMLgjP9MqwF/KmKfE5YrTcWCfRgdMVT3JNtZYC9cSCF8RCFOGQj0yGCgeu3bSZl
+TqvQ1hB1huroHTWf6HdWsZO6qfl3BdQeIg1LuIflM58K4QG8kSQurL+hAzASN06V
+3rziYz6cM+bYWP5twY+2cwrBGkrB4IsqxzdCZfbFyHXe+UxlqDb/2+ldPczGY/A2
+C3sCT89pvcLvpZ4hTl616jBEo4MtMYYJJKRWwYTz63w2czJtF6HnpTCT01q6h2aM
+BmjJbhNI75kpUd3FBDdj3lY7jKX3XIVAHPDULuM43ojnpoiKkmo7gSehjl/9LIJY
+lq/asEdwPg4kUwymUeqCo8ttc66xcAeNM4A2P6ywPl8eBrtuVfYZK+xq/ZuaMnqR
+ortgZGH57BRmxsE3vrrcsNSvGhpdd66EVqGxzGO8kzfDRDi0hDFjuKX4wrGIoNnm
+RdlHESm7na7pbEGyTl2VwHLlAnbv0NtBPu/gL/ukgvx60RunN4pJo8d/DG9CNhx9
+gMl9JH4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1Ix
+DzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5k
+IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMT
+N0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9v
+dENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAxMTIxWjCBpjELMAkG
+A1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNh
+ZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkx
+QDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1
+dGlvbnMgUm9vdENBIDIwMTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQDC+Kk/G4n8PDwEXT2QNrCROnk8ZlrvbTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA
+4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+ehiGsxr/CL0BgzuNtFajT0
+AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+6PAQZe10
+4S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06C
+ojXdFPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV
+9Cz82XBST3i4vTwri5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrD
+gfgXy5I2XdGj2HUb4Ysn6npIQf1FGQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6
+Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2fu/Z8VFRfS0myGlZYeCsargq
+NhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9muiNX6hME6wGko
+LfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc
+Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNV
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVd
+ctA4GGqd83EkVAswDQYJKoZIhvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0I
+XtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+D1hYc2Ryx+hFjtyp8iY/xnmMsVMI
+M4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrMd/K4kPFox/la/vot
+9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+yd+2V
+Z5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/ea
+j8GsGsVn82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnh
+X9izjFk0WaSrT2y7HxjbdavYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQ
+l033DlZdwJVqwjbDG2jJ9SrcR5q+ss7FJej6A7na+RZukYT1HCjI/CbM1xyQVqdf
+bzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVtJ94Cj8rDtSvK6evIIVM4
+pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGaJI7ZjnHK
+e7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0
+vm9qp/UsQu0yrbYhnr68
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzAN
+BgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJl
+c2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hl
+bGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgRUNDIFJv
+b3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEwMzcxMlowgaoxCzAJ
+BgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFj
+YWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5
+MUQwQgYDVQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0
+dXRpb25zIEVDQyBSb290Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKg
+QehLgoRc4vgxEZmGZE4JJS+dQS8KrjVPdJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJa
+jq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoKVlp8aQuqgAkkbH7BRqNC
+MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLQi
+C4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaep
+lSTAGiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7Sof
+TUwJCA3sS61kFyjndc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzzCCA7egAwIBAgIUaKX9ptAcXj/P5PmZ33psbzmpf/wwDQYJKoZIhvcNAQEL
+BQAwbzELMAkGA1UEBhMCSEsxEjAQBgNVBAgTCUhvbmcgS29uZzESMBAGA1UEBxMJ
+SG9uZyBLb25nMRYwFAYDVQQKEw1Ib25na29uZyBQb3N0MSAwHgYDVQQDExdIb25n
+a29uZyBQb3N0IFJvb3QgQ0EgMjAeFw0xNTA5MDUwMjM0MzZaFw00MDA5MDUwMjM0
+MzZaMG8xCzAJBgNVBAYTAkhLMRIwEAYDVQQIEwlIb25nIEtvbmcxEjAQBgNVBAcT
+CUhvbmcgS29uZzEWMBQGA1UEChMNSG9uZ2tvbmcgUG9zdDEgMB4GA1UEAxMXSG9u
+Z2tvbmcgUG9zdCBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQDicuzwRxAiw0TKBXlbWdg6KyQhJOqviPh9WgVlwxhIAQTBfloDNXlKw8Fi
+W9JegvcM+7n+0iEdXIe8JuPEpnuZU5cE2N8SSj5lRefOG2WpcDmWFmKBzOngG4K7
+7ajgQmvpuskbS0j9nUYSQOUo00xH+mKIZ4QNV0wPcamFf1blFuijQrpHtt3o42r3
+Cmnl8xTjXFXdh/9+PFxN+ckbDptO7n6s7E3ToiO3iJt5oIpjRx50V73Hrv2Urh1K
+RcPH9qVTB9Vp+HPlZje2pTB3qsy68AnFKFeD8KIZ8n5FtGzrSSK6jjojHB2Jso9p
+RBMoumJVEYKOWX58TbqHt+4z3s3ZwvGULVM7pNAWVA8RIQp+WMOugsHE1SV3D3bb
+DV73YjO1p/zKHvOGilOI3cIyHz523p+PDIpKUC3IUFEGBUFXm6R20BzGbhZIJs8y
+R1kWk0tK1J+6fu0f8wV3Q8ctYvFg1Ywo8f4WI4LPWmufbmn81KhJV/c+kglEwl0o
+vSpUM4ianpdNLK+9C31KO1NEvcLBLdU0zwKgFAlRSorCqgARbprRHdc82fHBftgZ
+UBLEkSthBW37Mo+HrHrAlbaNB/Uo7r1oi+/+TQZDzRcloP7iVCa05fiQ+w3Yogwx
+c5RNe/tSFKtlUQoD2vJmA5LffEWXG049exBRp+mDjbk/tJLRHwIDAQABo2MwYTAP
+BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBxjAfBgNVHSMEGDAWgBRhteBC
+3ravpyDq9iTIp52FoFhT2DAdBgNVHQ4EFgQUYbXgQt62r6cg6vYkyKedhaBYU9gw
+DQYJKoZIhvcNAQELBQADggIBAHqni9ztZvbdyRDfUPHRkDI9j9qRssdTrnH5p+zE
+aOIO+o4aXyqS44PR/Nry5XrIrKQXLea43ewqF1GidWkoObpYPx9Qs+3DGbcW9cao
+Wj2g0Hc/UQdFrG+flMu/bC4PiQmSNBk57XqyWWWwdu0nRh1Dz9Q2vGiKm9Tbwis/
+zl1UmcoiwXmEmP+6QVi/RUmZuwkblo5YTPrISEKUG4nJ+VJmy51txA3pvF831boI
+Yf/VS4xj6P734NwZE+lSaraBLBhkbN7YMFf/ixnHv7dyXlauw/YZ0v2u6balMbgy
+Tsm8OhspH4lhsPvH+4gGKcNWpk1iEPCrUbdk9CRTkIM6p66pEQLgglQjvQS+NLTO
+2ao+VJpIAoshGBL4mOCqqvmrriu/tWuDnyLQWFgFFqfdx5Ppe4Qo4tXuqDX5zM62
+8CdQUTOHMtRkcojYNUC3rZvuWhSpfoCYPV3Rd3TK+JGG10Lp3KDvMCWfyDpgaA8t
+UfjxlrBF9ICotJGHKUMpkTmDNWJtuOn8+P6aTihkfg2QaQPyq00+TtGOJwNEl2Da
+eIpljRZ1/A4scpt4imdisa4sRgWQEThX13YpI6jAfQnfh6vaWx96EzOBsvf+HO/C
+nmVf5Bnpcq/INRy++9P43eTYwzlO2UNgq3U2VxvLBVrYQ/w3JVcaPbVW6/Lv2yYw
+saDu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFqjCCA5KgAwIBAgIQMmmiv0BrjbRHg2Q8iw3JQzANBgkqhkiG9w0BAQsFADBm
+MQswCQYDVQQGEwJTRTEoMCYGA1UEChMfU3dlZGlzaCBTb2NpYWwgSW5zdXJhbmNl
+IEFnZW5jeTEtMCsGA1UEAxMkU3dlZGlzaCBHb3Zlcm5tZW50IFJvb3QgQXV0aG9y
+aXR5IHYzMB4XDTE1MDkyOTExMzIzMloXDTQwMDkyOTExNDIwOVowZjELMAkGA1UE
+BhMCU0UxKDAmBgNVBAoTH1N3ZWRpc2ggU29jaWFsIEluc3VyYW5jZSBBZ2VuY3kx
+LTArBgNVBAMTJFN3ZWRpc2ggR292ZXJubWVudCBSb290IEF1dGhvcml0eSB2MzCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALoeomkbaE9cj7r0I8deZgV4
+hTZYo6J/Z++iDBaSpEqL4KCSh1U3C8TRxNBAQ5cyUE/slUe3P69DBeWElwnvVlTn
+QzNH/a3xOpuYpOHkUaO5rIwL7iUGCfLTujVnYYzCvSbL12PM14Mz2Uzi7/kbn6jL
+DXYBLXLJIrtokd6QDzs9tEK9GX2fhFw8fkI3hrFgwkiHUk5cV/7Okq7KPla3s56V
+mpT4L6HQoi7CVFpszMzWrUtH0C6HgjOoe1A5pyossVsnCp+t9RTr/I1TsnMrVCP0
+jJeZl/s13My1+jMUJo11pySm6BQuLaaAKIOaP7jKO8f1GOD97I55+6pCbEpLFn7z
+ggNuuucRBqWfhCvSYG3pRu5BWpa5FP0cP4YS8VQmJv1ngC/lqC0oLkO3ZMLv5Ld+
+ltyEiyfZdj2YgVMU3EJFoVRn+doYZpAKtEeQPAHlK6Nm72/7MoPxM30yIWylRRU/
+L/NVkUiTnyXPLTw5O1INGq/H36tvgNiQy55xcmpCaZPqkgA9SQTZo1y6RfsCEP+t
+aXRSpThjmmaIBLIRuhOqOdWDX+1lW1PInVyyhaB4cDVNXCQQpPYxKpJVQdnzF2yZ
+E1j63SjQbBO9W4eNk4OtWClWFbRYJ0qbEWygpmdFOs7Q2M7/kDPsWjFND1IS+632
+YV/kL28NZjDloE/Pz/1fAgMBAAGjVDBSMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB
+Af8EBTADAQH/MB0GA1UdDgQWBBScvAHnq2Q19TGbjbX7F5mIAsub8jAQBgkrBgEE
+AYI3FQEEAwIBADANBgkqhkiG9w0BAQsFAAOCAgEAh6tq5OdrJFI99iKDT1MERTKc
+YVoWXJxEtaPRltBA/s9mFV5+QAAgFf2nqmTap2FmaMLdUnEloGq53cDNzoYI1Dw1
+ES999G/S2gyXA2WXg7Q+OssJdI3rBcp66YCwt1EtIpPjmhnu7ZcIIYOtxwqRX8TK
+216vuOeMujpJ0lUDNRkZUErihqe7eD2V/bEfRvJPZvL7v4VktgojGJIJnklFMbbW
+FFee/IlFdH85zMBqaMjPR9DhHsfTLy35LCQ7/Gq6lBPezHLyoh3LH5/Vg3cmXn6b
+oK9pn3jbpcFucVxIQk4r2Hi41Q+lP2zLj5DNR9iQGUmF1mz84quqQr/LE5e/aUR1
+YzUt2qDH/WH3ykE9VJz0NsDkbiFIn11xYoHT8iXmWYxZQSZIp+PrZ2rT7DS3mPfM
+yqM2BpXnyDBZ9//JodHkebzfEx8u2bN10QS3IwkhzB0hHCecDiv6wYcYyfr5SYOM
+Ehb7xRLOOw9C+vAFZX6ox+tSSvmYXnGjrBLHKHEaWnXPh8ofNygcFJ2QUG/Gv0rM
+xyXPMd1bkU52qBHVdmbZv4BzYrDsw/5EvM1ZEwsMLdihzKpiTVRFXqRSo4xXPBQx
+k1TOpRZUXi1Cs+5lqbadP2zOYdlWy97qoFbebYYD+reBaozS2PPXtsCsKYRZIw6b
+l2rmoM7VKlQY71CYeSA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQEL
+BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6
+ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkw
+NzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L
+cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYDVQQDDA9TWkFGSVIg
+Uk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5QqEvN
+QLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT
+3PSQ1hNKDJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw
+3gAeqDRHu5rr/gsUvTaE2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr6
+3fE9biCloBK0TXC5ztdyO4mTp4CEHCdJckm1/zuVnsHMyAHs6A6KCpbns6aH5db5
+BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwiieDhZNRnvDF5YTy7ykHN
+XGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
+AgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsF
+AAOCAQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw
+8PRBEew/R40/cof5O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOG
+nXkZ7/e7DDWQw4rtTw/1zBLZpD67oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCP
+oky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul4+vJhaAlIDf7js4MNIThPIGy
+d05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6+/NNIxuZMzSg
+LvWpCz/UXeHPhJ/iGcJfitYgHuNztw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFkzCCA3ugAwIBAgIRANaWLsEKFZMSr49jvNREyVswDQYJKoZIhvcNAQELBQAw
+YzELMAkGA1UEBhMCVFcxIzAhBgNVBAoMGkNodW5naHdhIFRlbGVjb20gQ28uLCBM
+dGQuMS8wLQYDVQQDDCZlUEtJIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMjAeFw0xNTExMTcwODIzNDJaFw0zNzEyMzExNTU5NTlaMGMxCzAJBgNVBAYT
+AlRXMSMwIQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEvMC0GA1UE
+AwwmZVBLSSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCkWR+gL9++4Pvp3LWJ/lqXA8k6d6eO
+XK/y4xg59ardD0bSaA9XnKdjYNNYzjXCp/aIwk9/Gyjp0KcAxBdNbeIPxQ4mIyCr
+9zoookwKC8yOzuYAmlpADdRQGpvRDZyU+dvuXNDxigfNmitALEmkXWJfp2vf7lYI
+UPNCGGwxsF7lnHOSvA7SDH3FOFe8u1jbJhkC7eNDhIpOVmvbraEx2cwiZ5Z4/3ed
+zGTFMiBq704w1SQl/Yh5r3Ea/tVLGxWIvBhwqr2tOApmMEbliYXVdiSpqbPmWWAP
+tKlTwjqdRRrWruN3XsRiNjMvMMS/lfEtOKV16NFqky5Fh0tKot+/WCeaymIZql7U
+sYBJlt0r7F+Pm+Cdl4j1hAOjr7Olcy1BuuUHt29rcff3yVqvaZmzL8hPQutsa3Fn
+eN8KrE/XSoUARhrVzbif6pWdD3zRxgWF5gjeiBeB9tW1buqhHNdhquNZQomcWX6x
+fGQ03WEjKjm1EKv8hqlTGsXrauKATlmRwDiJ/rNd1vuR6dewfdl4CMz1K8wr4aHW
+lHPB/lH0jH0KtZqKufXa4Mmz2I+qgoONaVMt/QAEGEqg2lTheYyJ63/1gueguXdN
+rvm6AjuIdut8XbNaE9t8KRZrmdEd5Eghog1eAYjovvGYTT7HFlccX+EIbxxMWENW
+94BljHEOogRnTwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRy
+W7qqcjjuJZAktZQi+gmIyosK+zAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEL
+BQADggIBAAaj8bZzVcZnZiHlnVvWlC5KImDyVAGQof21v8CVvxhfLPZrNQ78Mcjt
+RA6Sl9yv3VbPtR+6cpwwyJuxkcB2d9QPGpUa6U0UiKHPawKmautkRU1kjd7862zy
+UwmhhVEV0E+eYvoRuc7IJA5yZIh1NCMwKj+8PDnMzN0LNru9BoKPEgHFcQXRJKGZ
+bMrk96rtitenCq2v8OCAu6GyP1qHZHCGM3sNHtcAhoNDl3X1O8FI/bYOQ6gCbrg+
+f49O4l20fZ4wNC+o8esnh2gNWgpNAdvJFFiV8ppNFqpz2/QliBc4t69ZCQm0Hy0P
+q/W4J1XuRTAzuO0bjryIbK/4Wipr4KyxBSShCfyjD/OwLXuWuraUBxVFjincWA6p
+Bdg7OqB7zYrHZoKXz9Yz4Gf8pttALwXlxYt6KnrwsDabDBj2N+lBof2xKPlva73r
+H0xjcXtQ3Sny/+73x0Vf6DYK6GxbIsPowOcm3OOolYDluToT2wBLGv2uM0d+eJTj
+sV0rtVa1QoufgcX8k0wQtboKvH434/pUbfUExXCzqQTSUdeFzX1vQ49ZaOUxVhFx
++WQpCRP+0B+8iwA4stDKNFZ2EDlWc2bD0UnZvldPPxZ9ani3qIK4W86uhYoKQgwD
+0RfEGPfYV4jGgrgHuT79pOku3G+6kJLuZbBQNNMH2gGXD7znc4J7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIClDCCAhmgAwIBAgIQeThLtBkajXQizP+FMvLkujAKBggqhkjOPQQDAzCBijEL
+MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkZMMRUwEwYDVQQHEwxKYWNrc29udmlsbGUx
+ITAfBgNVBAoTGE5ldHdvcmsgU29sdXRpb25zIEwuTC5DLjE0MDIGA1UEAxMrTmV0
+d29yayBTb2x1dGlvbnMgRUNDIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNTEx
+MTgwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIGKMQswCQYDVQQGEwJVUzELMAkGA1UE
+CBMCRkwxFTATBgNVBAcTDEphY2tzb252aWxsZTEhMB8GA1UEChMYTmV0d29yayBT
+b2x1dGlvbnMgTC5MLkMuMTQwMgYDVQQDEytOZXR3b3JrIFNvbHV0aW9ucyBFQ0Mg
+Q2VydGlmaWNhdGUgQXV0aG9yaXR5MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEFOED
+C2VvrVnWHu7Jv7RMxcZcLzDHn1LbaGHAaRDiknoaw7+SqIk5ivvnoLtxpKDD33fW
+lDcTX35TXVC640wIx2XiQbDmWfKc+MCyd8EKkSZ38mm2u9BBPCqIGpSRFsY+o0Iw
+QDAdBgNVHQ4EFgQUm3vryP+D8lKYRzAKVvg4vuPrAM4wDgYDVR0PAQH/BAQDAgGG
+MA8GA1UdEwEB/wQFMAMBAf8wCgYIKoZIzj0EAwMDaQAwZgIxAKlkWPecuRNmIkl/
+stEC6RP8HPukNJLkygcNt7FSeCg0y/IhVpGGhsiKC68yhFRliQIxAOx5DZ2J8AwY
+6ntXUq0L5tR5W8ub4gZFdRi90Pyn3cfhxyK240EkXSPmqJ8AalAyJQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4jCCA8qgAwIBAgIQTANLrGcYTH+vRAhNgpbHsjANBgkqhkiG9w0BAQwFADCB
+ijELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkZMMRUwEwYDVQQHEwxKYWNrc29udmls
+bGUxITAfBgNVBAoTGE5ldHdvcmsgU29sdXRpb25zIEwuTC5DLjE0MDIGA1UEAxMr
+TmV0d29yayBTb2x1dGlvbnMgUlNBIENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0x
+NTExMTgwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIGKMQswCQYDVQQGEwJVUzELMAkG
+A1UECBMCRkwxFTATBgNVBAcTDEphY2tzb252aWxsZTEhMB8GA1UEChMYTmV0d29y
+ayBTb2x1dGlvbnMgTC5MLkMuMTQwMgYDVQQDEytOZXR3b3JrIFNvbHV0aW9ucyBS
+U0EgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEAhN+opqOMC3geyE0Zld0pkJIgNZAqlI2CMy1wElilCIqewQjzk9Zo
+wC8Uvnmk/H3M1bw+j+2cSgJhWT2qw290ANL4GjTUVJ5qdEeaL+DS9w/3w90/pb/B
++n1CaWAAgOw85ruBN6QeBhQ9V4+QpDVKNHOHthrDXZDvBk1wdjY8gontz2QZgyVD
+Thzi8WpShv5R5H443xWNTGxgQUpPsEBVRjl1yYE5AHOKYuoPZbePT5dAzs/uwWoo
+oHGpmSfRPck1c3qAmfh9hrmdeTrt0yr6fqa4/1cqc7Kmv9qJugYb2mWg5r5glIj2
+32bhJ2ob/tBeqY0giwrEH36IQS+ywdDztmjtyDvx76oH3n7XIuCB9qXqexb0QlSd
+ln72YhZTzf0Kq7JCoU4qiEJ1g72M5U165x3jTLje46tgOC1nKf7kX67CqOi/rmz5
+67NS8X/p7MIv2Z3KF55C+jtYwT6IYk9fk8GXbWaPHCLzmsH07blrGn42hMgxuPBe
+K36V5HnPdUzC2AS/OI4os91btthPI26S6DeVroOu1vw5KkYGH/GEdSHWuE6mKpdY
+ZfWaGAHX9cN/KckQ7nNKQ3Z70aYwUf/WKx0eYoS++b5pl5nHDed8JFB1F/2kIOc1
+aANglKfZDcYaLOXiTtXMDsB6MFbvYJK+2S71x/DoRc/ahq7v2HepEicCAwEAAaNC
+MEAwHQYDVR0OBBYEFA/xSkp1dAURDB3YW5nrv/6qfV7XMA4GA1UdDwEB/wQEAwIB
+hjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBDAUAA4ICAQA9y9JGePX2Ohfo
+w3tk0cW7kHiN9U+5xC2X+wvmxbjxturoWEs0rXd5LDUfcn0CPu610BaKBjeWte9D
+0AkQLJdmx4EfHuYnxYKRWF7zyFtBaICDkbmcgfgn+kXf7nnyXG1wAlTuwFPYQ+sF
+esz0Ud2p1CJ9ajvy/ojUUkk6hZJkU/hqU2CIj/Jb1K4rUuDq/1R+oeTvhhungwsG
+Zl4wgIxVoEcz/2seREhLYaoePuhMZMfYbX0Orjw8Qj3KJBpw8WEUnDoY1fAGKZEi
+sjo6oRZUYxr5M5VEnySjIWQECOKb1d4IUhxiHFMWRzVCJsenDP3zWxN3Aoxc4hbw
+GB/ZffXfAiSIevNe/xcOs2JnoauxF449Okaw9UaMq4TY9Q6hIOvC8Jl0PY6zA9gk
+xWzrawxTv2Bp3YwoxW/Pu9KBdyvGfLHESmwVEDcpXa74sREFxBSN7BOjRP1Ni2i4
+wf+d1TcuSPgofNz5c1PZtgF1Qnq/C99RULhTsuHudJDLvKrQcYOiq07JELY9HO9A
+109DkDO5AZZUXSrVBluShrgGEIEGyJHbKSCyU73zS1tM22kfiW5UP9eJXee1zQy+
+P314OAHStmemz1hIlBpF/ZBzScq1Q6AhYo1JBCaq+B8uP/IuofKr9AYesC3EwXBC
+Pf3DUUmIAA7Kgg2beQLiwC6T3+Ty8Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcDCCA1igAwIBAgINAJgzyagAAAAAVlS8bjANBgkqhkiG9w0BAQsFADBDMQsw
+CQYDVQQGEwJIUjEdMBsGA1UEChMURmluYW5jaWpza2EgYWdlbmNpamExFTATBgNV
+BAMTDEZpbmEgUm9vdCBDQTAeFw0xNTExMjQxOTA3MzBaFw0zNTExMjQxOTM3MzBa
+MEMxCzAJBgNVBAYTAkhSMR0wGwYDVQQKExRGaW5hbmNpanNrYSBhZ2VuY2lqYTEV
+MBMGA1UEAxMMRmluYSBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAtHPS1mXTAu9YOvSCgtOn4Ipgsjr1sWU4pyQOIWt96aCdM6J0za6RupS1
+zMaAtXHfSHHKdUunv/8m64T+uXIWyMJ+htS/r+5jNbnA5NoFT7hIniIo/1UFI2uB
+TrMXESwqJR/k4d9hyDzyVmnQVX2WELKoe1aQW6ZeU4tB48eHxzG9NDnsGSHZgMTo
+DdvaAwwA9Kq1ggYlDMXZGmKd/QpJBfwcvpNG/M6Jkf/NzF9IX9w40HVv0i2rzCIS
+eIgSH+DVTne8LIlNdnqIm10H2rNnmNE5znpGq8/2fVclE/qExANwrwx2DNJAJHxZ
+33c3WVCxJUZOQh0IIglyVcRC6m9vZVnUTuA9o6twfOYJMFV2Yonzb9IKprNuGT2W
+hnpmlM3yzHrwBwizaa4b/xxxGKJE+dvWDYQQgXRJYWLXEPABpkXAtdBS9FGGPeL3
+Fila+kqeJ0uORvFyPqf1pAzgCxeaIv/5fqs1jgGE1XWTf+Z1qHpk3mI6AkcaoCPE
+TD/Q3E4z52y7+vYYECs0MF/HM1CZAumxWUZVZaa6pIMYi83h8coY4tkg5reEhx8L
+VnxNMVQm8plWyKZZ1oUz8pDMKFrIbKTLpkdGxJpVOYRkjXfnCj3D0BL3dqjMHLMf
+WIU6xDaN7JrsDuccyZ9P+9B6BwzGBbCrjbpyXU4j2W8MXPimctECAwEAAaNjMGEw
+DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU/hGi
+bBDu3uIDuFWCTiI8huQ+a1QwHQYDVR0OBBYEFP4RomwQ7t7iA7hVgk4iPIbkPmtU
+MA0GCSqGSIb3DQEBCwUAA4ICAQCkgIYu56adjf+CV2Ny5xpg36uyubIBEmc4QOZA
+fFi8zEhxWwGXnHkcHnHSO6PY6KLiGAGlRajj9O+ru4p4/MeIffIFYJrbcMN41av4
+LTOMa6L2yQPAijxm3Z3o7qdOJQ8U3/gPFi4eF6dYyNkF05iivGRCU/4kyXWqJu5u
+MjMIYaA2fcq7nbu1cV4GgWr/Z+6miD+2P9MXTM4EzrMLdTnRwOOcs5qiGVYoi5ak
+s58WSdyEICLt73JMXxCqHwkBO1XIxmyvp9Iunu2wzJFtZMPsGL46akuuAS4/ec00
+HDiuuQ1hBHP3nik7p7aQOrgsIzTDuAwGUcI+IZmfPBSQyqkm9UDjIul9zgMX7P+8
+0ZkuxGSPPyxZYCQ8sNvDlQiqAHWynQsgGbT3bqmjvWDwMw/iZr1H9giKkDV9RYZK
+yZ7Ez1/fcd7MyW45iE25Ss8DdAdZK+386+7V0tU5bXcN2NF/L353vmGYjSxScTCE
+vqDmsLAHCMW0dLeLsti62ADyGcf4oSIKZkSoFgh1XllESEU0NQhK8HslC6ZLUX93
+zQ0zOKsAkWZMiMFOKtQ6wLSG3oSAylBvgPlNZYAJFXUtIlbltZEjne4l2BgwKHLb
+f8MxTo7YvkP6246aBZn999yUiad42J1r6f71JMe60ulED4NLXZ//JBif0dWE6CFJ
+t9sg5w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEMDCCAxigAwIBAgIJANqb7HHzA7AZMA0GCSqGSIb3DQEBCwUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTIzMjE2WhcNMjkxMjMxMTcyMzE2WjCB
+pDELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEUMBIGA1UEBwwLUGFuYW1h
+IENpdHkxJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4gZGUgUi5MLjEnMCUG
+A1UECwweVHJ1c3RDb3IgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MR8wHQYDVQQDDBZU
+cnVzdENvciBSb290Q2VydCBDQS0xMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAv463leLCJhJrMxnHQFgKq1mqjQCj/IDHUHuO1CAmujIS2CNUSSUQIpid
+RtLByZ5OGy4sDjjzGiVoHKZaBeYei0i/mJZ0PmnK6bV4pQa81QBeCQryJ3pS/C3V
+seq0iWEk8xoT26nPUu0MJLq5nux+AHT6k61sKZKuUbS701e/s/OojZz0JEsq1pme
+9J7+wH5COucLlVPat2gOkEz7cD+PSiyU8ybdY2mplNgQTsVHCJCZGxdNuWxu72CV
+EY4hgLW9oHPY0LJ3xEXqWib7ZnZ2+AYfYW0PVcWDtxBWcgYHpfOxGgMFZA6dWorW
+hnAbJN7+KIor0Gqw/Hqi3LJ5DotlDwIDAQABo2MwYTAdBgNVHQ4EFgQU7mtJPHo/
+DeOxCbeKyKsZn3MzUOcwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggEBACUY1JGPE+6PHh0RU9otRCkZoB5rMZ5NDp6tPVxBb5UrJKF5mDo4Nvu7Zp5I
+/5CQ7z3UuJu0h3U/IJvOcs+hVcFNZKIZBqEHMwwLKeXx6quj7LUKdJDHfXLy11yf
+ke+Ri7fc7Waiz45mO7yfOgLgJ90WmMCV1Aqk5IGadZQ1nJBfiDcGrVmVCrDRZ9MZ
+yonnMlo2HD6CqFqTvsbQZJG2z9m2GM/bftJlo6bEjhcxwft+dtvTheNYsnd6djts
+L1Ac59v2Z3kf9YKVmgenFK+P3CghZwnS1k1aHBkcjndcw5QkPTJrS37UeJSDvjdN
+zl/HHk484IkzlQsPpTLWPFp5LBk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIIJaHfyjPLWQIwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig
+Um9vdENlcnQgQ0EtMjAeFw0xNjAyMDQxMjMyMjNaFw0zNDEyMzExNzI2MzlaMIGk
+MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEg
+Q2l0eTEkMCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYD
+VQQLDB5UcnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRy
+dXN0Q29yIFJvb3RDZXJ0IENBLTIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCnIG7CKqJiJJWQdsg4foDSq8GbZQWU9MEKENUCrO2fk8eHyLAnK0IMPQo+
+QVqedd2NyuCb7GgypGmSaIwLgQ5WoD4a3SwlFIIvl9NkRvRUqdw6VC0xK5mC8tkq
+1+9xALgxpL56JAfDQiDyitSSBBtlVkxs1Pu2YVpHI7TYabS3OtB0PAx1oYxOdqHp
+2yqlO/rOsP9+aij9JxzIsekp8VduZLTQwRVtDr4uDkbIXvRR/u8OYzo7cbrPb1nK
+DOObXUm4TOJXsZiKQlecdu/vvdFoqNL0Cbt3Nb4lggjEFixEIFapRBF37120Hape
+az6LMvYHL1cEksr1/p3C6eizjkxLAjHZ5DxIgif3GIJ2SDpxsROhOdUuxTTCHWKF
+3wP+TfSvPd9cW436cOGlfifHhi5qjxLGhF5DUVCcGZt45vz27Ud+ez1m7xMTiF88
+oWP7+ayHNZ/zgp6kPwqcMWmLmaSISo5uZk3vFsQPeSghYA2FFn3XVDjxklb9tTNM
+g9zXEJ9L/cb4Qr26fHMC4P99zVvh1Kxhe1fVSntb1IVYJ12/+CtgrKAmrhQhJ8Z3
+mjOAPF5GP/fDsaOGM8boXg25NSyqRsGFAnWAoOsk+xWq5Gd/bnc/9ASKL3x74xdh
+8N0JqSDIvgmk0H5Ew7IwSjiqqewYmgeCK9u4nBit2uBGF6zPXQIDAQABo2MwYTAd
+BgNVHQ4EFgQU2f4hQG6UnrybPZx9mCAZ5YwwYrIwHwYDVR0jBBgwFoAU2f4hQG6U
+nrybPZx9mCAZ5YwwYrIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAJ5Fngw7tu/hOsh80QA9z+LqBrWyOrsGS2h60COX
+dKcs8AjYeVrXWoSK2BKaG9l9XE1wxaX5q+WjiYndAfrs3fnpkpfbsEZC89NiqpX+
+MWcUaViQCqoL7jcjx1BRtPV+nuN79+TMQjItSQzL/0kMmx40/W5ulop5A7Zv2wnL
+/V9lFDfhOPXzYRZY5LVtDQsEGz9QLX+zx3oaFoBg+Iof6Rsqxvm6ARppv9JYx1RX
+CI/hOWB3S6xZhBqI8d3LT3jX5+EzLfzuQfogsL7L9ziUwOHQhQ+77Sxzq+3+knYa
+ZH9bDTMJBzN7Bj8RpFxwPIXAz+OQqIN3+tvmxYxoZxBnpVIt8MSZj3+/0WvitUfW
+2dCFmU2Umw9Lje4AWkcdEQOsQRivh7dvDDqPys/cA8GiCcjl/YBeyGBCARsaU1q7
+N6a3vLqE6R5sGtRk2tRD/pOLS/IseRYQ1JMLiI+h2IYURpFHmygk71dSTlxCnKr3
+Sewn6EAes6aJInKc9Q0ztFijMDvd1GpUk74aTfOTlPf8hAs/hCBcNANExdqtvArB
+As8e5ZTZ845b2EzwnexhF7sUMlQMAimTHpKG9n/v55IFDlndmQguLvqcAFLTxWYp
+5KeXRKQOKIETNcX2b2TmQcTVL8w0RSXPQQCWPUouwpaYT05KnJe32x+SMsj/D1Fu
+1uwJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEIDCCAwigAwIBAgIJAISCLF8cYtBAMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y
+IEVDQS0xMB4XDTE2MDIwNDEyMzIzM1oXDTI5MTIzMTE3MjgwN1owgZwxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEXMBUGA1UEAwwOVHJ1c3RDb3Ig
+RUNBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPj+ARtZ+odnbb
+3w9U73NjKYKtR8aja+3+XzP4Q1HpGjORMRegdMTUpwHmspI+ap3tDvl0mEDTPwOA
+BoJA6LHip1GnHYMma6ve+heRK9jGrB6xnhkB1Zem6g23xFUfJ3zSCNV2HykVh0A5
+3ThFEXXQmqc04L/NyFIduUd+Dbi7xgz2c1cWWn5DkR9VOsZtRASqnKmcp0yJF4Ou
+owReUoCLHhIlERnXDH19MURB6tuvsBzvgdAsxZohmz3tQjtQJvLsznFhBmIhVE5/
+wZ0+fyCMgMsq2JdiyIMzkX2woloPV+g7zPIlstR8L+xNxqE6FXrntl019fZISjZF
+ZtS6mFjBAgMBAAGjYzBhMB0GA1UdDgQWBBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAf
+BgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjAPBgNVHRMBAf8EBTADAQH/
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEABT41XBVwm8nHc2Fv
+civUwo/yQ10CzsSUuZQRg2dd4mdsdXa/uwyqNsatR5Nj3B5+1t4u/ukZMjgDfxT2
+AHMsWbEhBuH7rBiVDKP/mZb3Kyeb1STMHd3BOuCYRLDE5D53sXOpZCz2HAF8P11F
+hcCF5yWPldwX8zyfGm6wyuMdKulMY/okYWLW2n62HGz1Ah3UKt1VkOsqEUc8Ll50
+soIipX1TH0XsJ5F95yIW6MBoNtjG8U+ARDL54dHRHareqKucBK+tIA5kmE2la8BI
+WJZpTdwHjFGTot+fDz2LYLSCjaoITmJF4PkL0uDgPFveXHEnJcLmA4GLEFPjx1Wi
+tJ/X5g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIIeyyb0xaAMpkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTczOTM5WhcNNDEwMjEyMTcz
+OTM5WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAPkP3aMrfcvQKv7sZ4Wm5y4bunfh4/WvpOz6Sl2R
+xFdHaxh3a3by/ZPkPQ/CFp4LZsNWlJ4Xg4XOVu/yFv0AYvUiCVToZRdOQbngT0aX
+qhvIuG5iXmmxX9sqAn78bMrzQdjt0Oj8P2FI7bADFB0QDksZ4LtO7IZl/zbzXmcC
+C52GVWH9ejjt/uIZALdvoVBidXQ8oPrIJZK0bnoix/geoeOy3ZExqysdBP+lSgQ3
+6YWkMyv94tZVNHwZpEpox7Ko07fKoZOI68GXvIz5HdkihCR0xwQ9aqkpk8zruFvh
+/l8lqjRYyMEjVJ0bmBHDOJx+PYZspQ9AhnwC9FwCTyjLrnGfDzrIM/4RJTXq/LrF
+YD3ZfBjVsqnTdXgDciLKOsMf7yzlLqn6niy2UUb9rwPW6mBo6oUWNmuF6R7As93E
+JNyAKoFBbZQ+yODJgUEAnl6/f8UImKIYLEJAs/lvOCdLToD0PYFH4Ih86hzOtXVc
+US4cK38acijnALXRdMbX5J+tB5O2UzU1/Dfkw/ZdFr4hc96SCvigY2q8lpJqPvi8
+ZVWb3vUNiSYE/CUapiVpy8JtynziWV+XrOvvLsi81xtZPCvM8hnIk2snYxnP/Okm
++Mpxm3+T/jRnhE6Z6/yzeAkzcLpmpnbtG3PrGqUNxCITIJRWCk4sbE6x/c+cCbqi
+M+2HAgMBAAGjYzBhMB0GA1UdDgQWBBTdBAkHovV6fVJTEpKV7jiAJQ2mWTAPBgNV
+HRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAIBgRlCn7Jp0cHh5wYfGV
+cpNxJK1ok1iOMq8bs3AD/CUrdIWQPXhq9LmLpZc7tRiRux6n+UBbkflVma8eEdBc
+Hadm47GUBwwyOabqG7B52B2ccETjit3E+ZUfijhDPwGFpUenPUayvOUiaPd7nNgs
+PgohyC0zrL/FgZkxdMF1ccW+sfAjRfSda/wZY52jvATGGAslu1OJD7OAUN5F7kR/
+q5R4ZJjT9ijdh9hwZXT7DrkT66cPYakylszeu+1jTBi7qUD3oFRuIIhxdRjqerQ0
+cuAjJ3dctpDqhiVAq+8zD8ufgr6iIPv2tS0a5sKFsXQP+8hlAqRSAUfdSSLBv9jr
+a6x+3uxjMxW3IwiPxg+NQVrdjsW5j+VFP3jbutIbQLH+cU0/4IGiul607BXgk90I
+H37hVZkLId6Tngr75qNJvTYw/ud3sqB1l7UtgYgXZSD32pAAn8lSzDLKNXz1PQ/Y
+K9f1JmzJBjSWFupwWRoyeXkLtoh/D1JIPb9s2KJELtFOt3JY04kTlf5Eq/jXixtu
+nLwsoFvVagCvXzfh1foQC5ichucmj87w7G6KVwuA406ywKBjYZC6VWg3dGq2ktuf
+oYYitmUnDuy2n0Jg5GfCtdpBC8TTi2EbvPofkSvXRAdeuims2cXp71NIWuuA8ShY
+Ic2wBlX7Jz9TkHCpBB5XJ7k=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICjTCCAhSgAwIBAgIIdebfy8FoW6gwCgYIKoZIzj0EAwIwfDELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNDAzWhcNNDEwMjEyMTgxNDAz
+WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0
+b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBS
+b290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllirLZXI
+7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/qCPg
+CemB+vNH06NjMGEwHQYDVR0OBBYEFILRhXMw5zUE044CkvvlpNHEIejNMA8GA1Ud
+EwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUgtGFczDnNQTTjgKS++Wk0cQh6M0wDgYD
+VR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2cAMGQCMG/n61kRpGDPYbCWe+0F+S8T
+kdzt5fxQaxFGRrMcIQBiu77D5+jNB5n5DQtdcj7EqgIwH7y6C+IwJPt8bYBVCpk+
+gA0z5Wajs6O7pdWLjwkspl1+4vAHCGht0nxpbl/f5Wpl
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIClDCCAhqgAwIBAgIILCmcWxbtBZUwCgYIKoZIzj0EAwIwfzELMAkGA1UEBhMC
+VVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9T
+U0wgQ29ycG9yYXRpb24xNDAyBgNVBAMMK1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBFQ0MwHhcNMTYwMjEyMTgxNTIzWhcNNDEwMjEyMTgx
+NTIzWjB/MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNv
+bSBFViBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABKoSR5CYG/vvw0AHgyBO8TCCogbR8pKGYfL2IWjKAMTH6kMA
+VIbc/R/fALhBYlzccBYy3h+Z1MzFB8gIH2EWB1E9fVwHU+M1OIzfzZ/ZLg1Kthku
+WnBaBu2+8KGwytAJKaNjMGEwHQYDVR0OBBYEFFvKXuXe0oGqzagtZFG22XKbl+ZP
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUW8pe5d7SgarNqC1kUbbZcpuX
+5k8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQCK5kCJN+vp1RPZ
+ytRrJPOwPYdGWBrssd9v+1a6cGvHOMzosYxPD/fxZ3YOg9AeUY8CMD32IygmTMZg
+h5Mmm7I1HrrW9zzRHM76JTymGoEVW/MSD2zuZYrJh6j5B+BimoxcSg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGoTCCBImgAwIBAgIBATANBgkqhkiG9w0BAQ0FADCBlzELMAkGA1UEBhMCQlIx
+EzARBgNVBAoMCklDUC1CcmFzaWwxPTA7BgNVBAsMNEluc3RpdHV0byBOYWNpb25h
+bCBkZSBUZWNub2xvZ2lhIGRhIEluZm9ybWFjYW8gLSBJVEkxNDAyBgNVBAMMK0F1
+dG9yaWRhZGUgQ2VydGlmaWNhZG9yYSBSYWl6IEJyYXNpbGVpcmEgdjUwHhcNMTYw
+MzAyMTMwMTM4WhcNMjkwMzAyMjM1OTM4WjCBlzELMAkGA1UEBhMCQlIxEzARBgNV
+BAoMCklDUC1CcmFzaWwxPTA7BgNVBAsMNEluc3RpdHV0byBOYWNpb25hbCBkZSBU
+ZWNub2xvZ2lhIGRhIEluZm9ybWFjYW8gLSBJVEkxNDAyBgNVBAMMK0F1dG9yaWRh
+ZGUgQ2VydGlmaWNhZG9yYSBSYWl6IEJyYXNpbGVpcmEgdjUwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQD3LXgabUWsF+gUXw/6YODeF2XkqEyfk3VehdsI
+x+3/ERgdjCS/ouxYR0Epi2hdoMUVJDNf3XQfjAWXJyCoTneHYAl2McMdvoqtLB2i
+leQlJiis0fTtYTJayee9BAIdIrCor1Lc0vozXCpDtq5nTwhjIocaZtcuFsdrkl+n
+bfYxl5m7vjTkTMS6j8ffjmFzbNPDlJuV3Vy7AzapPVJrMl6UHPXCHMYMzl0KxR/4
+7S5XGgmLYkYt8bNCHA3fg07y+Gtvgu+SNhMPwWKIgwhYw+9vErOnavRhOimYo4M2
+AwNpNK0OKLI7Im5V094jFp4Ty+mlmfQH00k8nkSUEN+1TGGkhv16c2hukbx9iCfb
+mk7im2hGKjQA8eH64VPYoS2qdKbPbd3xDDHN2croYKpy2U2oQTVBSf9hC3o6fKo3
+zp0U3dNiw7ZgWKS9UwP31Q0gwgB1orZgLuF+LIppHYwxcTG/AovNWa4sTPukMiX2
+L+p7uIHExTZJJU4YoDacQh/mfbPIz3261He4YFmQ35sfw3eKHQSOLyiVfev/n0l/
+r308PijEd+d+Hz5RmqIzS8jYXZIeJxym4mEjE1fKpeP56Ea52LlIJ8ZqsJ3xzHWu
+3WkAVz4hMqrX6BPMGW2IxOuEUQyIaCBg1lI6QLiPMHvo2/J7gu4YfqRcH6i27W3H
+yzamEQIDAQABo4H1MIHyME4GA1UdIARHMEUwQwYFYEwBAQAwOjA4BggrBgEFBQcC
+ARYsaHR0cDovL2FjcmFpei5pY3BicmFzaWwuZ292LmJyL0RQQ2FjcmFpei5wZGYw
+PwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2FjcmFpei5pY3BicmFzaWwuZ292LmJy
+L0xDUmFjcmFpenY1LmNybDAfBgNVHSMEGDAWgBRpqL512cTvbOcTReRhbuVo+LZA
+XjAdBgNVHQ4EFgQUaai+ddnE72znE0XkYW7laPi2QF4wDwYDVR0TAQH/BAUwAwEB
+/zAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQADggIBABRt2/JiWapef7o/
+plhR4PxymlMIp/JeZ5F0BZ1XafmYpl5g6pRokFrIRMFXLyEhlgo51I05InyCc9Td
+6UXjlsOASTc/LRavyjB/8NcQjlRYDh6xf7OdP05mFcT/0+6bYRtNgsnUbr10pfsK
+/UzyUvQWbumGS57hCZrAZOyd9MzukiF/azAa6JfoZk2nDkEudKOY8tRyTpMmDzN5
+fufPSC3v7tSJUqTqo5z7roN/FmckRzGAYyz5XulbOc5/UsAT/tk+KP/clbbqd/hh
+evmmdJclLr9qWZZcOgzuFU2YsgProtVu0fFNXGr6KK9fu44pOHajmMsTXK3X7r/P
+wh19kFRow5F3RQMUZC6Re0YLfXh+ypnUSCzA+uL4JPtHIGyvkbWiulkustpOKUSV
+wBPzvA2sQUOvqdbAR7C8jcHYFJMuK2HZFji7pxcWWab/NKsFcJ3sluDjmhizpQax
+bYTfAVXu3q8yd0su/BHHhBpteyHvYyyz0Eb9LUysR2cMtWvfPU6vnoPgYvOGO1Cz
+iyGEsgKULkCH4o2Vgl1gQuKWO4V68rFW8a/jvq28sbY+y/Ao0I5ohpnBcQOAawiF
+bz6yJtObajYMuztDDP8oY656EuuJXBJhuKAJPI/7WDtgfV8ffOh/iQGQATVMtgDN
+0gv8bn5NdUX8UMNX1sHhU3H1UpoW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFRjCCAy6gAwIBAgIQXd+x2lqj7V2+WmUgZQOQ7zANBgkqhkiG9w0BAQsFADA9
+MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxGzAZBgNVBAMMElVDQSBH
+bG9iYWwgRzIgUm9vdDAeFw0xNjAzMTEwMDAwMDBaFw00MDEyMzEwMDAwMDBaMD0x
+CzAJBgNVBAYTAkNOMREwDwYDVQQKDAhVbmlUcnVzdDEbMBkGA1UEAwwSVUNBIEds
+b2JhbCBHMiBSb290MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxeYr
+b3zvJgUno4Ek2m/LAfmZmqkywiKHYUGRO8vDaBsGxUypK8FnFyIdK+35KYmToni9
+kmugow2ifsqTs6bRjDXVdfkX9s9FxeV67HeToI8jrg4aA3++1NDtLnurRiNb/yzm
+VHqUwCoV8MmNsHo7JOHXaOIxPAYzRrZUEaalLyJUKlgNAQLx+hVRZ2zA+te2G3/R
+VogvGjqNO7uCEeBHANBSh6v7hn4PJGtAnTRnvI3HLYZveT6OqTwXS3+wmeOwcWDc
+C/Vkw85DvG1xudLeJ1uK6NjGruFZfc8oLTW4lVYa8bJYS7cSN8h8s+1LgOGN+jIj
+tm+3SJUIsUROhYw6AlQgL9+/V087OpAh18EmNVQg7Mc/R+zvWr9LesGtOxdQXGLY
+D0tK3Cv6brxzks3sx1DoQZbXqX5t2Okdj4q1uViSukqSKwxW/YDrCPBeKW4bHAyv
+j5OJrdu9o54hyokZ7N+1wxrrFv54NkzWbtA+FxyQF2smuvt6L78RHBgOLXMDj6Dl
+NaBa4kx1HXHhOThTeEDMg5PXCp6dW4+K5OXgSORIskfNTip1KnvyIvbJvgmRlld6
+iIis7nCs+dwp4wwcOxJORNanTrAmyPPZGpeRaOrvjUYG0lZFWJo8DA+DuAUlwznP
+O6Q0ibd5Ei9Hxeepl2n8pndntd978XplFeRhVmUCAwEAAaNCMEAwDgYDVR0PAQH/
+BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFIHEjMz15DD/pQwIX4wV
+ZyF0Ad/fMA0GCSqGSIb3DQEBCwUAA4ICAQATZSL1jiutROTL/7lo5sOASD0Ee/oj
+L3rtNtqyzm325p7lX1iPyzcyochltq44PTUbPrw7tgTQvPlJ9Zv3hcU2tsu8+Mg5
+1eRfB70VVJd0ysrtT7q6ZHafgbiERUlMjW+i67HM0cOU2kTC5uLqGOiiHycFutfl
+1qnN3e92mI0ADs0b+gO3joBYDic/UvuUospeZcnWhNq5NXHzJsBPd+aBJ9J3O5oU
+b3n09tDh05S60FdRvScFDcH9yBIw7m+NESsIndTUv4BFFJqIRNow6rSn4+7vW4LV
+PtateJLbXDzz2K36uGt/xDYotgIVilQsnLAXc47QN6MUPJiVAAwpBVueSUmxX8fj
+y88nZY41F7dXyDDZQVu5FLbowg+UMaeUmMxq67XhJ/UQqAHojhJi6IjMtX9Gl8Cb
+EGY4GjZGXyJoPd/JxhMnq1MGrKI8hgZlb7F+sSlEmqO6SWkoaY/X5V+tBIZkbxqg
+DMUIYs6Ao9Dz7GjevjPHF1t/gMRMTLGmhIrDO7gJzRSBuhjjVFc2/tsvfEehOjPI
++Vg7RE+xygKJBJYoaMVLuCaJu9YzL1DV/pqJuhgyklTGW+Cd+V7lDSKb9triyCGy
+YiGqhkCyLmTTX8jjfhFnRR8F/uOi77Oos/N9j/gMHyIfLXC0uAE0djAA5SN4p1bX
+UB+K+wb1whnw0A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFPzCCAyegAwIBAgICPs8wDQYJKoZIhvcNAQEMBQAwSDELMAkGA1UEBhMCR1Ix
+HjAcBgNVBAoTFUFUSEVOUyBTVE9DSyBFWENIQU5HRTEZMBcGA1UEAxMQQVRIRVgg
+Um9vdCBDQSBHMjAeFw0xNjAzMTUxMTE0MzJaFw0zNjAzMTQyMjAwMDBaMEgxCzAJ
+BgNVBAYTAkdSMR4wHAYDVQQKExVBVEhFTlMgU1RPQ0sgRVhDSEFOR0UxGTAXBgNV
+BAMTEEFUSEVYIFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCv8F+SyvwcsJAt1CaLvyqZeTbHdIwB76G9cvg0hMwtTdfrk5HLCYO2+tRl
+M12cmBtew+bgQENlZ2OlcKvlqxZgtqsUezqjbvUZbyrEdKBZdJT2ntf8Mn8M+a8U
+UbiPWrjVdg6n/XEKPgv8EFJL78LEH1Kh8eXpsRAyrKluW68rt4DJUStKA+w//fBT
+LO++WqbEAfCcBO3g+n1GvxE36w+BrDoZhwed+F5YqP9jvHB1puCrMdGzgoY2aaOx
+atU2RdWf8IWKCkUOC0GxEZqx7MAmbUuIN1/sFIOF570+ZZ1K0geHbYaDWLplGcww
+ldusUvq2zH5uHbmwgFV5U1wNCFZTUrfkl4NjarnSH7xqIREiVhzoPRmEzlmGKtEG
+JxLbRyukp7DD+B68/qw/sp7csCLFT3Bh0/4o4RUZLHg8P8N9mWA2eW5byThmoaXp
+LYHGUqyezxteyybZ7dQF7VcmdqQC4zbkTkV+NGcY//wUKPX2vANOvIjLegkorQHj
+cOi5O1WNEMiUJAduG5pyxAsY+21rZXlv6L2MFaDkoBUU6TvJXfph4nnDCzNKBQ9B
+UQm8YoB3V+C0uxiSBe2OVCHd9YcYHGqosgJqQoxD1R4fZ+HV3QBjj+ALf0GUYQaW
+fACPoN9TGUe8VDLZGwu+jp89TNygUzyV2FHZp7idkbyDyPHkgQIDAQABozMwMTAP
+BgNVHRMBAf8EBTADAQH/MBEGA1UdDgQKBAhHo6YEnS2W5TALBgNVHQ8EBAMCAQYw
+DQYJKoZIhvcNAQEMBQADggIBAIbX9Rko9qewUKpuPSM+Bu/nNHusyYUusKmiwn0k
+RT+tyNaTJ7XKjyygBDiD2ZrP7lcs7LEJE7LOfCQbZ+BEgszipWRLSzVsZ0Jvc7w4
+uX7ARMh1/AVxp/udBcLlJdkssXVntDH3uiUMjp3JfGxK/HUFYKTNz7ufjl+dsiBA
+S2tuHacQHu+/YA/LN/1MI/pi431dgM2ubMfmp6STGHcfU9Z9qf914yTgT8uiYedm
+PtS0Ch0MFY46hQbG72xy/dRD0/2MqEOBWTjBhnwgh46oJIpGxAWtbaDVWBBTmZTy
+rIosVqZSSkw3OVW8wviueay5NoVuYVI+/TTqYWhlgYFM2xT5YI0EdQ8Q30PTJcdA
+X5vk0DB92gZB9O1m/jgRcyBZ2YB7FeFC1zqebGVfMXahE2XaJzuwEuisSLaZEQd+
+LspikapRYfRnyit50o8hWl8WcI5UmJ/281kBba61pBJzn4KfF5/a7YOPI/1izjbe
+A8HRMKbTou+rXXV699ccLPfZ6WY6l5QpUNv8AgNf8jDXUTKcxC+dStkx8TUPfoOq
+HeK1xlFBa1ctIhmPO6cjuwN1nrv8+SCHzHBfjiBwLzo+Yg1f0uE2nUbWVbKYCi6c
+wFXS+x56a0p2KSYS9q+kp7ztMqFw0/mNiweBpX0GwI3xNb62YLJvHiOikcr5YI3m
+6JPv
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG4DCCBMigAwIBAgIINJotoYIGsrMwDQYJKoZIhvcNAQELBQAwggEMMQswCQYD
+VQQGEwJFUzEPMA0GA1UECAwGTUFEUklEMQ8wDQYDVQQHDAZNQURSSUQxOjA4BgNV
+BAsMMXNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2Fk
+ZHJlc3MxKTAnBgNVBAsMIENIQU1CRVJTIE9GIENPTU1FUkNFIFJPT1QgLSAyMDE2
+MRIwEAYDVQQFEwlBODI3NDMyODcxGDAWBgNVBGEMD1ZBVEVTLUE4Mjc0MzI4NzEb
+MBkGA1UECgwSQUMgQ0FNRVJGSVJNQSBTLkEuMSkwJwYDVQQDDCBDSEFNQkVSUyBP
+RiBDT01NRVJDRSBST09UIC0gMjAxNjAeFw0xNjA0MTQwNzM1NDhaFw00MDA0MDgw
+NzM1NDhaMIIBDDELMAkGA1UEBhMCRVMxDzANBgNVBAgMBk1BRFJJRDEPMA0GA1UE
+BwwGTUFEUklEMTowOAYDVQQLDDFzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5j
+YW1lcmZpcm1hLmNvbS9hZGRyZXNzMSkwJwYDVQQLDCBDSEFNQkVSUyBPRiBDT01N
+RVJDRSBST09UIC0gMjAxNjESMBAGA1UEBRMJQTgyNzQzMjg3MRgwFgYDVQRhDA9W
+QVRFUy1BODI3NDMyODcxGzAZBgNVBAoMEkFDIENBTUVSRklSTUEgUy5BLjEpMCcG
+A1UEAwwgQ0hBTUJFUlMgT0YgQ09NTUVSQ0UgUk9PVCAtIDIwMTYwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQDqxqSh1K2Zlsmf9bxQAPQsz/J46PIsAifW
+g4wEq9MOe1cgydSvZfSH3TAI185Bo3YK24pG5Kb97QjOcD/6EGB5TGuBVIBV5Od6
+IbZ1mtxe9g6Z/PjC30GOL6vHW20cUFnA7eisgkL+ua8vDEFRnL0AbmRRsjvlNquV
+kRL7McdzrBzYZXY7zhtMTrAfIAb7ULT7m6F5jhaV45/rGEuEqzmTzTeD0Ol8CyeP
+7UII6YZGMqyaJmlwYS0YvT9Q8J72aFBOaZVwwe2TqZdOKaK63cKfbkkIK6P6I/Ep
+XrB9MVmb7YzNpm74+PfYGOjaVulI8kB0fp7NIK8UJFnudzWFv0qZSql13bMm4wbO
+fW9LZKN2NBk+FG+FVDjiiy1AtWRmH1czHHDNw7QoWhQjXPy4vbP+OxJf9rmMHciU
+Clbbcn7vJwcNALS/fZk/TUWzm/cdGdBPBPrHc5SIfYsUKpng6ZmSCcbWAWu38NtD
+V2Ibx0RS4pdjus/qzmDmCuUYaC0zgHWgMAdo9tX3Eyw6sJ7oWFVujFZETUMXQQLM
+d9xfRQVZz81g07/S9uL01dyHcTMHGvVvtH89l/tfZPRODgBECenr7D5xGQQXOUhg
+uEv/XshlmSumMvJbhqid6CN0EHjvyyedMbpgi04GUOJQHQdgwkGMFbRbNxwK5QkZ
+cgSKPOMB2wIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSeLmVP
+Plf1q32WxovfszVtSuieizAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQAD
+ggIBAAVpKoWXJlC6QjkckyzST1vRXUQm2m9pK7V7ntD0Si5Ix+x/n8pZerlE9z69
+91BrUZ90/5AaQNCTeZIPiiNei6+BC9CLrWbgKtyaKb012GxAFElCPYkvupsrOLwa
+owu3iNetxhQM7nxJrK7s8j0YT4xtFF0Oqrffd6s7j2JOiwxlxhmOzcAMoXeqtN16
+pxMF5jkYx5VkfgO2i5DB5V8AI5jmc9oR0hD/HlMiJ8fTAckvxTsybvDDOMoSZ7y6
+Iym7xJVJWgbd1FqQ1BNt59XCfOJYBMDsxL2iPH7GI4F1fKtwXzSElfez1UeWT3HK
+eDIIILRCpEJr1SWcsifrwQ5HRAnhKw/QIzZuHLm6TqzM8AyUzkEPa90P1cjgF4ve
+Ol1Svul1JR26BQfaVhk8jdHX8VE22ZLvonhRBVi9UswKXm+v2tDlDNtswSPvOTF3
+FwcAjPa6D3D5vL7h5H3hzER6pCHsRz+o1hWl7AGpyHDomGcdvVlUfqFXFTUHxXLJ
+Prcpho2f2jJ5MtzbqOUJ/+9WKv6TsY4qE+2toitrLwTezS+SktY+YLV4AZUHCKls
+4xza++WbI1YgW+nQXMZKJDu847YiFiqEkv+o/pe/o53bYV7uGSos1+sNdlY4dX5J
+AJNXyfwjWvz08d8qnbCMafQQo1WdcDwi/wfWK7aZwJfQ9Cqg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG2DCCBMCgAwIBAgIILdIuUDCmXhMwDQYJKoZIhvcNAQELBQAwggEIMQswCQYD
+VQQGEwJFUzEPMA0GA1UECAwGTUFEUklEMQ8wDQYDVQQHDAZNQURSSUQxOjA4BgNV
+BAsMMXNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2Fk
+ZHJlc3MxJzAlBgNVBAsMHkdMT0JBTCBDSEFNQkVSU0lHTiBST09UIC0gMjAxNjES
+MBAGA1UEBRMJQTgyNzQzMjg3MRgwFgYDVQRhDA9WQVRFUy1BODI3NDMyODcxGzAZ
+BgNVBAoMEkFDIENBTUVSRklSTUEgUy5BLjEnMCUGA1UEAwweR0xPQkFMIENIQU1C
+RVJTSUdOIFJPT1QgLSAyMDE2MB4XDTE2MDQxNDA3NTAwNloXDTQwMDQwODA3NTAw
+NlowggEIMQswCQYDVQQGEwJFUzEPMA0GA1UECAwGTUFEUklEMQ8wDQYDVQQHDAZN
+QURSSUQxOjA4BgNVBAsMMXNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVy
+ZmlybWEuY29tL2FkZHJlc3MxJzAlBgNVBAsMHkdMT0JBTCBDSEFNQkVSU0lHTiBS
+T09UIC0gMjAxNjESMBAGA1UEBRMJQTgyNzQzMjg3MRgwFgYDVQRhDA9WQVRFUy1B
+ODI3NDMyODcxGzAZBgNVBAoMEkFDIENBTUVSRklSTUEgUy5BLjEnMCUGA1UEAwwe
+R0xPQkFMIENIQU1CRVJTSUdOIFJPT1QgLSAyMDE2MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA0GvnniIrU3YVVa9MSsBta/v5hEQFoX1gzgXsnphz+luE
+BzH3/z1rx35WBmKlXJaW0/FeWX7rMRy/d1cwVO8exczEsurb5orQ9CiEyLBILSyW
+bfsiqDWOvt5wFRD5ZkFGFqBDZD+NSvOAMc+TgH6a26Wvj2ws/Q7vHHncD6JuhFwi
+iQ5ELkiolHPsOTKRHOIUvX1l5nL+W+dUdS99DuLGymkuXqIO1eiF3j9rf6WCsEZ9
+XZ5xuhS06+3HwhRkDFhuT5U2YTZFYDZmGEuVGj5YrIsmHiXm+pUA+60SnvoSYb4a
+3qZ86av/15SJckL8u0UR7D9w/BnEmuqXbqzkOAQ74T8BKHGj4q5DZHgWmQJav9fE
+77W31cNYgUGG5LKMAKWImJjrCedYMWgx3u3iSTXz0rNX3MRCn/0879D1KzluYa56
+4cd6PW0XMGwCrInWWoScKcCeEI64IDYzyoAraH82dWUV+MPa/3Gi/O2bd9wZ+vHI
+tgX05XCSqcjduLAaVVuR3LjlmrUDwK22rvGZe0u1iQ7eZAtkflTup8OKmBnF/DwT
+CEU+35/7x32xoII2FD3AYwABZsTk8Jk7HlF4XbkXPFiTFa+o9SUgGY0jPRI8Qusv
+XUKO8jCoJVrm+vdPbb4mWPWPf/eK+LNuwxvyMYU2cY79O9bmMDXLJY1liVeoM5UC
+AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU6JvNfoZim3pNjACX
+OYXPHHiQcDowDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQB7/SrD
+yxspAhAJresusytt2Uug2zWY9Y8Cp9NCC0Org7V3R4hGhd3Rth59mBuMcb6qyPDv
+xmotVphS6JaJ+9XqAN/+5iLKp7k+ZUR1w4q/i3eJw2pX+rzI4RDe8dqFJ/HtB//V
+wkLUomEv34hx4zTmZ2SbxnoZ6znv8+oEqHRpTIC1/K29DQj0yO8oJ4LK3ejzuldn
+ouopwZnhdmb59nhdnD7w9s+hGTTT8TwzocyCMrZI44M+D79nlcGimXhCQ/cDTRNX
+b91x3Rbz+3k4G2KapM1eUN4RIJCKIpir2kZ6TDTRSN3ZZmViVAXZdJlndFexOi4Y
+sK6snz8u6x+ynM2O+Nt4jtQGz6OTMWt/7VJyt4vPKG/J+VRPAdQ6hugu+uHQJYTj
+FvyMjSTjZMwqjLJgU59ZkkUJlFuoEIUyy3fyjpWKRHLPbhfeRL0Krv0mtj15Zj1N
+vH4yQ13b4GW1KGm6fJ4ySo/qerA9Fl39PvobBPgQNXjM7cHZLb9r0u/pn8Bbj+q+
+etEx5wY9rYSr7DvxEsd/8fhGLwl4l8AnPbE/cSOLGqdc5hYlDiZNuQ5Wp1KkOAmv
+SQX+f84/wvzm5EqUJ+VTxIg06wJXvM6OK613U3JAu4UWVRkvg3aVo3Y5qLL0faTb
+AEJ6oHuOGQbkl81bPTq0XMBpHzJmvwifhJsiZQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEijCCAvKgAwIBAgINAJCud3YAAAAAVx3QbzANBgkqhkiG9w0BAQsFADBcMQsw
+CQYDVQQGEwJTSTEcMBoGA1UEChMTUmVwdWJsaWthIFNsb3ZlbmlqYTEXMBUGA1UE
+YRMOVkFUU0ktMTc2NTk5NTcxFjAUBgNVBAMTDVNJLVRSVVNUIFJvb3QwHhcNMTYw
+NDI1MDczODE3WhcNMzcxMjI1MDgwODE3WjBcMQswCQYDVQQGEwJTSTEcMBoGA1UE
+ChMTUmVwdWJsaWthIFNsb3ZlbmlqYTEXMBUGA1UEYRMOVkFUU0ktMTc2NTk5NTcx
+FjAUBgNVBAMTDVNJLVRSVVNUIFJvb3QwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw
+ggGKAoIBgQDTy5wtwuAwQ2UxJP9LsDjZqVPXNdHbt0uTtHKN8cuV0lMrdJsymqQv
+PgIG3a9wFaGqzxGHimZ7y8wdcERcj6zK5sNbJ7SNo44Qv25UdAhwiiPoysd0xGaR
+IN1L6KWEdaWYlYKLG+EgJAdGqwxlNkBni3XuqdmRKRvtby1FwtbiYAGx8045Kztv
+P4W+CPZTK3uiyUWhRIGAZppgOhvEvgzMMBB/ETY4SuaboZZTnJTMEcYETKJVS/+A
+4a+MHDX8uZM33/ldPdzrDSdsRMlZZitWb/8EG/f1acNdwxj+vafZZC+in2DZcmw9
+PHXyJSeYLjq4yd1Ndb2rsCJhWAE3KKYgnS5gXPuQvEZDuP5t2MBmIiRrNHgi5bni
+WOlIOO5MvQF7bj5A6tHCCkKTZ8MmLz8HW8+v4x3oOuJl4YSRP/VmAP2qM0ZC7BY+
+0hNlLw4JU/bkKnUUnBkzFppF4dtXz8841Kf37VhD5A6YXMTgMT+UpG9LSqLVSo0m
+qR1kJQg1DecCAwEAAaNLMEkwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AQYwEwYDVR0jBAwwCoAITKPDaF4IAmMwEQYDVR0OBAoECEyjw2heCAJjMA0GCSqG
+SIb3DQEBCwUAA4IBgQAmI4W7XUEZbpKDiu4BiwQ1GX+rj9zWM8H5eZZeI/Xwzt3q
+22E7Wq/dWOlCiUDv+dlnEX9N8e3pEXuxQQ/tpNIWtu/B/Yv2ESss7/wHBkYMzwIL
+7Tvejwm5M6smgFREQmXX56/NUA7KyIihEpwqlTs+VDxIc/Z8eNSb/5P3ReQphGP8
++n4a51zgclewL3gdMMYT/YhfsWWI2l6XE4F7/h7Pe79XMMFwkkOmmfBVn5jFI0K9
+dBwxjhKl2UVqKlrIWM291t0+NQsZfwMczgcPh0WTFaFrvTQc4N711LjlkRxLBbUn
+JrzP0QmYFsbh8VVLOntt3sZntsE3LZ+ojlnHt6bF798W4u3esrfzojakKDI6CpTL
+P17+blntujayk9bGwxn+9Zl460dH5a1Ceuy8e8kuQU5NDwQOikszh9zxdnxaGIyc
+ChLXorPChYeubTFQYjIhoGgWX5Q1dFUp0nGBCErh112qVAGzG3xZrr6sDMq4QGRn
+W53qBgYR1tAwcx7jvCs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF7DCCA9SgAwIBAgIIAlQaqVDXzh8wDQYJKoZIhvcNAQELBQAwYTELMAkGA1UE
+BhMCQkUxJDAiBgNVBAoMG1pFVEVTIFNBIChWQVRCRS0wNDA4NDI1NjI2KTEMMAoG
+A1UEBRMDMDAxMR4wHAYDVQQDDBVaRVRFUyBUU1AgUk9PVCBDQSAwMDEwHhcNMTYw
+NTIwMTMyMzM4WhcNMzYwNTIwMTMyMzM4WjBhMQswCQYDVQQGEwJCRTEkMCIGA1UE
+CgwbWkVURVMgU0EgKFZBVEJFLTA0MDg0MjU2MjYpMQwwCgYDVQQFEwMwMDExHjAc
+BgNVBAMMFVpFVEVTIFRTUCBST09UIENBIDAwMTCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBAKv5lg6EKHY1gSpWPwLt1fFwkQ5AlyJcu5bmmh4OPCuZPC9r
+NGGrB8xKJhVlngsozAA4D1v2rEZMxVwiiI4j1lYoXnXixE9S4zkEczk55k/386my
+IOoMJ9LH9HRzO+wkzmFsGpXb3FVCsRaUMfmmfIwU+DiifaC1OZzX1l+VL4VzUb+s
+qYgcHMkybDgAw6KwK9aPsobKujk4bGeDykeHV4udVqR/dk1IFRazwJeKwgz6ZLAg
+Q1aMaofDLSEXPl7gCKoat6qEPVYjK4Mx49MC2RIDBcI5r29TVhcDqyMcevC8CheV
+lyaB73ggPebf9Nq+jl9f0R79mXz3IW1ctwSWYsPTbh3K9++mRZNT3yZ75NRE121/
+sFSZfrYn4sO+SmdCBa5qSvLulwZdZ56Bvl/oAFpUSrZM2RUuCPZCGiUZPiuBe1rc
+GfRqJwLdj5QCl+zilge0VubkLu/dLBaFCPoc9wCWfg7koPopgJC2RFN9O3UV71lG
+4crc2JcbkElDly5YBXK0XTEGfTnhdP8aTE2VMuiNpa/0PHv/IBzL8LD3MvPmEsWh
+1+SSGelJZ8A8f5u4gt4E8RVX1rAJHjk6a6bi+KafIXCZqLBZeRK6SEbm9XLMzNQP
+s7dMw6PfLpd4yF97KyEitT6yHNlrQ1GL2yBJjtpqEzQLO071a46HG07GSgArAgMB
+AAGjgacwgaQwHQYDVR0OBBYEFDi8XDBU3OK7IO/ub0GgMW5c/Yt1MA8GA1UdEwEB
+/wQFMAMBAf8wHwYDVR0jBBgwFoAUOLxcMFTc4rsg7+5vQaAxblz9i3UwQQYDVR0g
+BDowODA2BgRVHSAAMC4wLAYIKwYBBQUHAgEWIGh0dHBzOi8vcmVwb3NpdG9yeS50
+c3AuemV0ZXMuY29tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEA
+nDEKHd7KpKBSsJYq4Pws5aF23BQ4ZYazLtWll/NzYK5GaHWHsTPIEo3ZKaPqH71u
+/ronUIHhcWzOqzCcJppRcXBnH9FEpxQ0zUbdK+MOZb3GTkNoU7K4sT3wZD0Hh7H5
+hzIEepbkQrswKMeaXStrx1AKIbaGIvYSrS4V8LtTqTDKLesCoZRnYxHYt+bzpwsG
+H5J5ofKrU3s/o0gITPtEAAP/yQDCbMJKxYbEs+pZXA595T+2qU+S4xEEXbd3xjXD
+sjFz2nfXP38QGa0AIt1DyOASfkSYOFHSOMi2QxpMUV2cOovIPHm43LAe693l5p5E
+m+lQPcsRvFX+x3RlZQgNpKp3PRwTtpyfFSr5TuE0gnA2c9I0GYRV8w3AT43/Vhaa
+W2US8DJBnBtYv72vMhB21y0PxTdx5hr9Mea0Nhhs+0v1qjWwbFAt51siSuD6nTkg
+QcYuACXkkd+bONMFm5z9BGiRuA6CXNg192LcyWAFi5XMP3zrj8b9mp+pbzIBVJpk
+pN3lxUVe6lXt4UPLreIebgqejjLk4668AdBTBA6dQk02+5nlGukH1FPwRQdCE8dr
+IT6Et/fFiVdTH/jzTlFb/mcyw1n2kRmIDYBs4d5FCkaZej/MPvAgbPi8z653LPtu
+9QsRdouZzq6OM5F4CqUMJLNTD2sR6bOwHWQBLpQdIdU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGbzCCBFegAwIBAgIQQxwoxnQP7SVXRJ/y/Q5eFDANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+U29jaWVkYWQgQ2FtZXJhbCBkZSBDZXJ0
+aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJhIFMuQS4xIzAhBgNVBAMM
+GkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMB4XDTE2MDUyNDE4Mzk0NloXDTMx
+MDUyNDE4Mzk0NlowezELMAkGA1UEBhMCQ08xRzBFBgNVBAoMPlNvY2llZGFkIENh
+bWVyYWwgZGUgQ2VydGlmaWNhY2nDs24gRGlnaXRhbCAtIENlcnRpY8OhbWFyYSBT
+LkEuMSMwIQYDVQQDDBpBQyBSYcOteiBDZXJ0aWPDoW1hcmEgUy5BLjCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAKtriaNTzEgjCPvDz1GWCC64CHptPJAX
+hqnp7S4TNEey0HDcyTzQjcruSxer0IWwpyMEy6ii/OV120DKYomPUJ4BPSZbGIQc
+y3w3t33s039zGbBqstiIii1FdKj3s7jA1NrNIol0TVoVOXMYdE+165mnwR6ItMKT
+kGOX86enErIJIgcz2ZHNDpwfDiDH7rszjY/C0linX/1lN+KIwtiPhnVe+S2nhzPy
+eDcvi7wdhjc5sZTy2LxKnIMYWgb889TUuowVCSXw+baNBH4XEjNrV0hMT9smHuvM
+kOeL+Wh8cA+jKtA6ON83l+Jb3oBh04DYkYNCWkwEiWgRPKxfaIBBzGBCzg1aKgwP
+mzDApvCG26tJ15dtSIv5A8BSZ5sS98LyLphlQtnWmuPQGTEMrYfVVwJ6MOiGJvuP
+I4pUh+S/PO7rw3VIXx45b4FibMUtxBdUGbc3jZw3kcj2C9XqY2+DrDjC8z/emvvh
+I2HwyCbLNsih8zCPpKOiod1Ts97wmjIfg5F5MMGpH1ObU6IVUz/dnbMQO0h9iQ/8
+7QP1+yVkdQ4XGQ2PABZneXpA/C1ZB9mQ+pqtPdyAiuZcNaJnTBFrsfiAZAAtbyJh
+xaxLJuVaEIKbpIN7NPeeiZEgl463Qsdmw9DppNb1II3Ew5WsRAqdW3M8Jj0vSr6n
+yacQHvufUGnzAgMBAAGjge4wgeswHQYDVR0OBBYEFNEJ0OnXznl0VPk6MLP0bSwD
+AxtoMIGoBgNVHSAEgaAwgZ0wgZoGBFUdIAAwgZEwMwYIKwYBBQUHAgEWJ2h0dHBz
+Oi8vd2ViLmNlcnRpY2FtYXJhLmNvbS9tYXJjby1sZWdhbDBaBggrBgEFBQcCAjBO
+GkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW507WFzIGRlIGVzdGUgY2VydGlmaWNhZG8g
+c2UgcHVlZGVuIGVuY29udHJhciBlbiBsYSBEUEMuMA8GA1UdEwEB/wQFMAMBAf8w
+DgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQBRG5A+g1oa6Gpwpa1w
+/hCCYTCtjMO1xtjTMRLJH3lTFeJDx+EO8T1IzmgLFXlt4XaHf3Bm7fUPgqS8ce+x
+K8yxuusqqWAfQ4C+knJCLp+h/xgIsV5d9WzOKNvAbJrNh16W6cjvNZe6ZKq3fkVA
+ibBDg0574bT0dglLzFY+IUmyxp9j293wtg8X9bpMcI3VJwDJQ1QPZqq6rrHZdu4D
+ke2YtxobopZQblV/zV4Y0Gcbv/T6ctm72vvemqpRLgW6ztpqbRhoJmiChTTtTXna
+mnYN9PHUw/uxKnTskFLjDV31SVhUJwAwl6AjAWyJvx0A8f38GayfOymow4HNknH4
+1+Wx2hs6F49T2qauAc6ynhrNCWLPddTXZ1Cin1n2hPPHJzGeqh4mS7oOiqzp9eNc
+HaEqNzm7NG4zltVxpUM+NjSH/5Kiq+kl4NlRd1Sqe0E0hljxquU+kt7INBCThD8m
+Rb1Sxjx29yEcruDhxaNT8gmffROeqfOyWYIUlE7fdqqD6SjaiohU+xRxqlA7viT9
+xD5E+Jhk82qPYnWwrEdl9psiOiHhtVdBVsUk1hmSd3CwrBf0LpUQThIwmahURWEv
+N2/6iVdGMvRb6ZvtCSkvla6U4oeqHmpx6W8bOe38fNQNpk4jIjb5Zc9C8ByxM500
+1YkkaeYXaKOZ73pcL/0gvXeZYA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFyDCCA7CgAwIBAgIQR0ORJD/Oww1XSChr7oBdqzANBgkqhkiG9w0BAQsFADBd
+MQswCQYDVQQGEwJFUzESMBAGA1UEBRMJUTI4NjMwMDZJMScwJQYDVQQKDB5DT05T
+RUpPIEdFTkVSQUwgREUgTEEgQUJPR0FDSUExETAPBgNVBAMMCEFDQSBST09UMB4X
+DTE2MDUyNzEwNTg1MVoXDTQxMDUyNzEwNTg1MVowXTELMAkGA1UEBhMCRVMxEjAQ
+BgNVBAUTCVEyODYzMDA2STEnMCUGA1UECgweQ09OU0VKTyBHRU5FUkFMIERFIExB
+IEFCT0dBQ0lBMREwDwYDVQQDDAhBQ0EgUk9PVDCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBALkrXvU+uokenfXRE8+7o1666d85cmSYUodppbbe4b+URb7F
++KRTZxVQ3FJPKnYsLo0gaozmXbnZaL6RG7ppAxitGE42oqxGqyD4A2qqrXnV3x3B
+7kVvIXT5TbGxPZA7PDKA7f8Vz1HK16SHLqrlDrbRelrHufhRu9mU3T7Ghk4K/juJ
+8vhuJM6RA1gFEkrdUKtBes7tqR8RUx6lE9th8PWqgN50eR2k4ynW++D8l9qiuKsi
+PmWwIcTlxRBEh7Lj4CqCLn3m9LikEyXzd2BfY1OuLrGdimt2ezpxvZKBNrCcgvH3
+xYkoXf+8QgazCGpPYc2kLZDTObh3/8jHo3m7A7mRAwE0Etgwi7aMAsrkSOw4KjJM
+bcp2KFqGCrrUII6voF8gLWKciPnxFW1bvbEDUMA/NteuP1HRyuNYZkTmo5t3LjH6
+2X8ixAVM63QbXGN6pgKTfkMOdhQPTW8ylYiAklKXFPU8/JQH02wpBZVGD+Rx4X/4
+bRQSgpK181M+mRGXR3ZKCXLu1MOWCaza//FLS7bXJc8eTJcmCzS7tpTxLGRxX4ny
+FTs3pwLkDU9IiTOjjGh4MVFnChnbtOJ0Lz1683cAn3ESY/9zKmRpVOysOq7a8lhj
+NH74PF7AQjql27Oo1FrBTli4abasgmLb0fsaQyEi/B31nE9OO+WN/3ZaI15bAgMB
+AAGjgYMwgYAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O
+BBYEFBpV5BUx4jGbEdSIcXoAPXAoBb/NMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkG
+CCsGAQUFBwIBFh1odHRwOi8vd3d3LmFjYWJvZ2FjaWEub3JnL2RvYzANBgkqhkiG
+9w0BAQsFAAOCAgEAezDKVYbTr+4a17iVmOz5O92QE6OckkWgkolpoXGRvHGFh6At
+MAnkwlM99Km3aC1Nmc2kz547kJ2aCikNKkLBPVtrQILFixOxQWePvqR34MB25PO2
+KVYs73FPwmTx2rQLytA5X1OygwH7sn3Zg3R6NdDBXY+b917nUt/uqjeTq9k9fR7x
+vRzb6HXduFtM4xaj9nWIDo88wwts22BZ5AWrKEb3Zmkld97KSjPYWF57j5rPUo49
+bf3Rsr0+eVeGHkQcB030whCqeMvzURcNdj2NbmhJ6e8HSdG4Fsl5ncyuCwVHev2Y
+rDGhkFqHYvn4q2Ja4CF20GhC6By+coHwxmd9fnQ81VVvj6VolhHxytMwF71GtjGv
+cOmkhDdXugk8LtkLE1YHPpXEtXAvk8Kur4FdRhQw+67F85r3QXqx3ksW2UV1RwJ8
+FB7VsTugLEG1m0t7o4PwuczOHpS3Xi4jBpWRHDhHHO3EeA6kD/wbfNbya9CKW+qW
+8zHUXmrElLgwn5XhB4m4iNInhaRhdOWoRDF6IHXo+Njrs0+q/1M/lu3qu/xRQKYr
+7CSh+/lEjSPnppcAD8ukar9QoMpxomyub9/Zg4Jm3FNdr/pU94P/qz+Jlae0bfMP
+Cg1IMy+BKcdLBcTGV3SEw5g2/++FMqtinBPRIoexvpjbdJqP6sLWk3lFIMM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDgDCCAmigAwIBAgIDDN+bMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNVBAYTAlNJ
+MRQwEgYDVQQKEwtIYWxjb20gZC5kLjEXMBUGA1UEYRMOVkFUU0ktNDMzNTMxMjYx
+KjAoBgNVBAMTIUhhbGNvbSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0x
+NjA2MTAwNzA3NTBaFw0zNjA2MTAwNzA3NTBaMGgxCzAJBgNVBAYTAlNJMRQwEgYD
+VQQKEwtIYWxjb20gZC5kLjEXMBUGA1UEYRMOVkFUU0ktNDMzNTMxMjYxKjAoBgNV
+BAMTIUhhbGNvbSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAOlSpsYa72O7rYH0kLJajw3VFjO0HBj7y4kq
+MLtlgcTh+wKplAd25dcV5HpkEIDqPNCzoq2uHB/qu4FhmNT5jWmVxEUuAwnKhvpc
+WhEXQDA+8MZjCcnxjUGlVg0FZGlLWKwqKZa7QDMWNEtnbNfxtEal6lmoQ2gPjDgq
+qjz2RAOG+IrbRSErKR4St/qlZUHeBghYcJU+9EzZ6w8pqZGKnq3KEvXlleY42Rqm
+i5xPpkgTEKV5RL1qOyn1FndAy36bXN++i+vnoBlvnxU/J54psfUN/F9HojzdLgsC
++/SN6uwMsfm0Baz5j6k9biwdOZ/QTp9OyGqegANh3M/4bZTLD88CAwEAAaMzMDEw
+DwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIQq6mQ8eYKLAwCwYDVR0PBAQDAgEG
+MA0GCSqGSIb3DQEBCwUAA4IBAQBSuXnQ22P+GYH7DPnB5VBZyp2y+1wz0Dioq7Ua
+TlMldSLTSb/Kgc/T4XujkUZ1yhrr2fVdvHuGNf2Bl5yE1yaYIvyxNdCplbZ8/+SX
+tEB+SV1oyOLUOXUnTwORsjFXv4bXbcpxACI30DtYJFCgnIyaiY71KEZs5xbtsIGr
+9EYmr6boGkV3cBaSsntxcdz330lnwDMIDi5TwXerx0qRTBLv5w4J5XUxIK5u/FqK
+gJwQsNuoSszzK9w2NKb3qQtnnZDLPSafdc1MyR0GCnWLUsCB8NEmrMySphScXDwW
+QvuTzAKoE/PargrDuBX0sNDU4BYgT6xQmHgmlB5o65Ry/veL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICODCCAb6gAwIBAgIJANZdm7N4gS7rMAoGCCqGSM49BAMDMGExCzAJBgNVBAYT
+AkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMSswKQYD
+VQQDEyJTZWN1cml0eSBDb21tdW5pY2F0aW9uIEVDQyBSb290Q0ExMB4XDTE2MDYx
+NjA1MTUyOFoXDTM4MDExODA1MTUyOFowYTELMAkGA1UEBhMCSlAxJTAjBgNVBAoT
+HFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKzApBgNVBAMTIlNlY3VyaXR5
+IENvbW11bmljYXRpb24gRUNDIFJvb3RDQTEwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AASkpW9gAwPDvTH00xecK4R1rOX9PVdu12O/5gSJko6BnOPpR27KkBLIE+Cnnfdl
+dB9sELLo5OnvbYUymUSxXv3MdhDYW72ixvnWQuRXdtyQwjWpS4g8EkdtXP9JTxpK
+ULGjQjBAMB0GA1UdDgQWBBSGHOf+LaVKiwj+KBH6vqNm+GBZLzAOBgNVHQ8BAf8E
+BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjAVXUI9/Lbu
+9zuxNuie9sRGKEkz0FhDKmMpzE2xtHqiuQ04pV1IKv3LsnNdo4gIxwwCMQDAqy0O
+be0YottT6SXbVQjgUMzfRGEWgqtJsLKB7HOHeLRMsmIbEvoWTSVLY70eN9k=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFfzCCA2egAwIBAgIJAOF8N0D9G/5nMA0GCSqGSIb3DQEBDAUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQDEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTMwHhcNMTYwNjE2
+MDYxNzE2WhcNMzgwMTE4MDYxNzE2WjBdMQswCQYDVQQGEwJKUDElMCMGA1UEChMc
+U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UEAxMeU2VjdXJpdHkg
+Q29tbXVuaWNhdGlvbiBSb290Q0EzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEA48lySfcw3gl8qUCBWNO0Ot26YQ+TUG5pPDXC7ltzkBtnTCHsXzW7OT4r
+CmDvu20rhvtxosis5FaU+cmvsXLUIKx00rgVrVH+hXShuRD+BYD5UpOzQD11EKzA
+lrenfna84xtSGc4RHwsENPXY9Wk8d/Nk9A2qhd7gCVAEF5aEt8iKvE1y/By7z/MG
+TfmfZPd+pmaGNXHIEYBMwXFAWB6+oHP2/D5Q4eAvJj1+XCO1eXDe+uDRpdYMQXF7
+9+qMHIjH7Iv10S9VlkZ8WjtYO/u62C21Jdp6Ts9EriGmnpjKIG58u4iFW/vAEGK7
+8vknR+/RiTlDxN/e4UG/VHMgly1s2vPUB6PmudhvrvyMGS7TZ2crldtYXLVqAvO4
+g160a75BflcJdURQVc1aEWEhCmHCqYj9E7wtiS/NYeCVvsq1e+F7NGcLH7YMx3we
+GVPKp7FKFSBWFHA9K4IsD50VHUeAR/94mQ4xr28+j+2GaR57GIgUssL8gjMunEst
++3A7caoreyYn8xrC3PsXuKHqy6C0rtOUfnrQq8PsOC0RLoi/1D+tEjtCrI8Cbn3M
+0V9hvqG8OmpI6iZVIhZdXw3/JzOfGAN0iltSIEdrRU0id4xVJ/CvHozJgyJUt5rQ
+T9nO/NkuHJYosQLTA70lUhw0Zk8jq/R3gpYd0VcwCBEF/VfR2ccCAwEAAaNCMEAw
+HQYDVR0OBBYEFGQUfPxYchamCik0FW8qy7z8r6irMA4GA1UdDwEB/wQEAwIBBjAP
+BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBDAUAA4ICAQDcAiMI4u8hOscNtybS
+YpOnpSNyByCCYN8Y11StaSWSntkUz5m5UoHPrmyKO1o5yGwBQ8IibQLwYs1OY0PA
+FNr0Y/Dq9HHuTofjcan0yVflLl8cebsjqodEV+m9NU1Bu0soo5iyG9kLFwfl9+qd
+9XbXv8S2gVj/yP9kaWJ5rW4OH3/uHWnlt3Jxs/6lATWUVCvAUm2PVcTJ0rjLyjQI
+UYWg9by0F1jqClx6vWPGOi//lkkZhOpn2ASxYfQAW0q3nHE3GYV5v4GwxxMOdnE+
+OoAGrgYWp421wsTL/0ClXI2lyTrtcoHKXJg80jQDdwj98ClZXSEIx2C/pHF7uNke
+gr4Jr2VvKKu/S7XuPghHJ6APbw+LP6yVGPO5DtxnVW5inkYO0QR4ynKudtml+LLf
+iAlhi+8kTtFZP1rUPcmTPCtk9YENFpb3ksP+MW/oKjJ0DvRMmEoYDjBU1cXrvMUV
+nuiZIesnKwkK2/HmcBhWuwzkvvnoEKQTkrgc4NtnHVMDpCKn3F2SEDzq//wbEBrD
+2NCcnWXL0CsnMQMeNuE9dnUM/0Umud1RvCPHX9jYhxBAEg09ODfnRDwYwFMJZI//
+1ZqmfHAuc1Uh6N//g7kdPjIe1qZ9LPFm6Vwdp6POXiUyK+OVrCoHzrQoeIY8Laad
+TdJ0MN1kURXbg4NR16/9M51NZg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWjCCA0KgAwIBAgIQbkepxUtHDA3sM9CJuRz04TANBgkqhkiG9w0BAQwFADBH
+MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM
+QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy
+MDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl
+cnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaM
+f/vo27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vX
+mX7wCl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7
+zUjwTcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0P
+fyblqAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtc
+vfaHszVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4
+Zor8Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUsp
+zBmkMiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOO
+Rc92wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYW
+k70paDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+
+DVrNVjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgF
+lQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
+HQ4EFgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBADiW
+Cu49tJYeX++dnAsznyvgyv3SjgofQXSlfKqE1OXyHuY3UjKcC9FhHb8owbZEKTV1
+d5iyfNm9dKyKaOOpMQkpAWBz40d8U6iQSifvS9efk+eCNs6aaAyC58/UEBZvXw6Z
+XPYfcX3v73svfuo21pdwCxXu11xWajOl40k4DLh9+42FpLFZXvRq4d2h9mREruZR
+gyFmxhE+885H7pwoHyXa/6xmld01D1zvICxi/ZG6qcz8WpyTgYMpl0p8WnK0OdC3
+d8t5/Wk6kjftbjhlRn7pYL15iJdfOBL07q9bgsiG1eGZbYwE8na6SfZu6W0eX6Dv
+J4J2QPim01hcDyxC2kLGe4g0x8HYRZvBPsVhHdljUEn2NIVq4BjFbkerQUIpm/Zg
+DdIx02OYI5NaAIFItO/Nis3Jz5nu2Z6qNuFoS3FJFDYoOj0dzpqPJeaAcWErtXvM
++SUWgeExX6GjfhaknBZqlxi9dnKlC54dNuYvoS++cJEPqOba+MSSQGwlfnuzCdyy
+F62ARPBopY+Udf90WuioAnwMCeKpSwughQtiue+hMZL77/ZRBIls6Kl0obsXs7X9
+SQ98POyDGCBDTtWTurQ0sR8WNh8M5mQ5Fkzc4P4dyKliPUDqysU0ArSuiYgzNdws
+E3PYJ/HQcu51OyLemGhmW/HGY0dVHLqlCFF1pkgl
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICCjCCAZGgAwIBAgIQbkepyIuUtui7OyrYorLBmTAKBggqhkjOPQQDAzBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjQwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw
+MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAATzdHOnaItgrkO4NcWBMHtLSZ37wWHO5t5GvWvVYRg1rkDdc/eJkTBa6zzu
+hXyiQHY7qca4R9gq55KRanPpsXI5nymfopjTX15YhmUPoYRlBtHci8nHc8iMai/l
+xKvRHYqjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
+DgQWBBSATNbrdP9JNqPV2Py1PsVq8JQdjDAKBggqhkjOPQQDAwNnADBkAjBqUFJ0
+CMRw3J5QdCHojXohw0+WbhXRIjVhLfoIN+4Zba3bssx9BzT1YBkstTTZbyACMANx
+sbqjYAuG7ZoIapVon+Kz4ZNkfF6Tpt95LY2F45TPI11xzPKwTdb+mciUqXWi4w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWjCCA0KgAwIBAgIQbkepxlqz5yDFMJo/aFLybzANBgkqhkiG9w0BAQwFADBH
+MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM
+QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIy
+MDAwMDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNl
+cnZpY2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDO3v2m++zsFDQ8BwZabFn3GTXd98GdVarTzTukk3Lv
+CvptnfbwhYBboUhSnznFt+4orO/LdmgUud+tAWyZH8QiHZ/+cnfgLFuv5AS/T3Kg
+GjSY6Dlo7JUle3ah5mm5hRm9iYz+re026nO8/4Piy33B0s5Ks40FnotJk9/BW9Bu
+XvAuMC6C/Pq8tBcKSOWIm8Wba96wyrQD8Nr0kLhlZPdcTK3ofmZemde4wj7I0BOd
+re7kRXuJVfeKH2JShBKzwkCX44ofR5GmdFrS+LFjKBC4swm4VndAoiaYecb+3yXu
+PuWgf9RhD1FLPD+M2uFwdNjCaKH5wQzpoeJ/u1U8dgbuak7MkogwTZq9TwtImoS1
+mKPV+3PBV2HdKFZ1E66HjucMUQkQdYhMvI35ezzUIkgfKtzra7tEscszcTJGr61K
+8YzodDqs5xoic4DSMPclQsciOzsSrZYuxsN2B6ogtzVJV+mSSeh2FnIxZyuWfoqj
+x5RWIr9qS34BIbIjMt/kmkRtWVtd9QCgHJvGeJeNkP+byKq0rxFROV7Z+2et1VsR
+nTKaG73VululycslaVNVJ1zgyjbLiGH7HrfQy+4W+9OmTN6SpdTi3/UGVN4unUu0
+kzCqgc7dGtxRcw1PcOnlthYhGXmy5okLdWTK1au8CcEYof/UVKGFPP0UJAOyh9Ok
+twIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
+HQ4EFgQUu//KjiOfT5nK2+JopqUVJxce2Q4wDQYJKoZIhvcNAQEMBQADggIBALZp
+8KZ3/p7uC4Gt4cCpx/k1HUCCq+YEtN/L9x0Pg/B+E02NjO7jMyLDOfxA325BS0JT
+vhaI8dI4XsRomRyYUpOM52jtG2pzegVATX9lO9ZY8c6DR2Dj/5epnGB3GFW1fgiT
+z9D2PGcDFWEJ+YF59exTpJ/JjwGLc8R3dtyDovUMSRqodt6Sm2T4syzFJ9MHwAiA
+pJiS4wGWAqoC7o87xdFtCjMwc3i5T1QWvwsHoaRc5svJXISPD+AVdyx+Jn7axEvb
+pxZ3B7DNdehyQtaVhJ2Gg/LkkM0JR9SLA3DaWsYDQvTtN6LwG1BUSw7YhN4ZKJmB
+R64JGz9I0cNv4rBgF/XuIwKl2gBbbZCr7qLpGzvpx0QnRY5rn/WkhLx3+WuXrD5R
+RaIRpsyF7gpo8j5QOHokYh4XIDdtak23CZvJ/KRY9bb7nE4Yu5UC56GtmwfuNmsk
+0jmGwZODUNKBRqhfYlcsu2xkiAhu7xNUX90txGdj08+JN7+dIPT7eoOboB6BAFDC
+5AwiWVIQ7UNWhwD4FFKnHYuTjKJNRn8nxnGbJN7k2oaLDX5rIMHAnuFl2GqjpuiF
+izoHCBy69Y9Vmhh1fuXsgWbRIXOhNUQLgD1bnF5vKheW0YMjiGZt5obicDIvUiLn
+yOd/xCxgXS/Dr55FBcOEArf9LAhST4Ldo/DUhgkC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICDDCCAZGgAwIBAgIQbkepx2ypcyRAiQ8DVd2NHTAKBggqhkjOPQQDAzBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjMwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw
+MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjMwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAAQfTzOHMymKoYTey8chWEGJ6ladK0uFxh1MJ7x/JlFyb+Kf1qPKzEUURout
+736GjOyxfi//qXGdGIRFBEFVbivqJn+7kAHjSxm65FSWRQmx1WyRRK2EE46ajA2A
+DDL24CejQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
+DgQWBBTB8Sa6oC2uhYHP0/EqEr24Cmf9vDAKBggqhkjOPQQDAwNpADBmAjEAgFuk
+fCPAlaUs3L6JbyO5o91lAFJekazInXJ0glMLfalAvWhgxeG4VDvBNhcl2MG9AjEA
+njWSdIUlUfUk7GRSJFClH9voy8l27OyCbvWFGFPouOOaKaqW04MjyaR7YbPMAuhd
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4zCCA8ugAwIBAgIEV8fs9DANBgkqhkiG9w0BAQsFADBrMQswCQYDVQQGEwJT
+RzEYMBYGA1UEChMPTmV0cnVzdCBQdGUgTHRkMSYwJAYDVQQLEx1OZXRydXN0IENl
+cnRpZmljYXRlIEF1dGhvcml0eTEaMBgGA1UEAxMRTmV0cnVzdCBSb290IENBIDIw
+HhcNMTYwOTAxMDgyNTE3WhcNNDEwOTAxMDg1NTE3WjBrMQswCQYDVQQGEwJTRzEY
+MBYGA1UEChMPTmV0cnVzdCBQdGUgTHRkMSYwJAYDVQQLEx1OZXRydXN0IENlcnRp
+ZmljYXRlIEF1dGhvcml0eTEaMBgGA1UEAxMRTmV0cnVzdCBSb290IENBIDIwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDV39ONmRdqmz3gsGnbtAXMvqUg
++E8NB7MZPJeDPey8uVwMrKIDZKN/DHcT5siHq1IYTzDv6g7dgveVDzCKwBlQvGBl
+odwRxn8W8RuY5CJXUUKMynCWXG4NuY9naloFm98ePzjjqiVGwZwrkn/0grEjPN1s
+Z2ABVPLkqhD9o4p3JyGe1j3dRlwFPxgIFgplyAxNT2Y9XhZfFw8O/8EXC+cid18a
+C3hpp8oGj17F30CzDvjg12g+cUHJn41h60uZ4K8zAHetxBZZZgg2p0rkUixZP3t8
+OEPkC6PT5Yl4U+ZrvPUnMOggNg6xDI4OFMhUNwd6rujTtsBGTMe1MS51/FHyqmz4
+GKsmhWC/ELnDQRNf9HnBCfaRrPeOxY9INakW3R7gX4XzGrM/gVvRfkLu5BtnRGy5
+wen7kHQ/lE6TybTpfUJLHfCnlptIfaKQXLQUcCCpCASL0nyy0glMI2ypMZPWKYFF
+LsPkqqbvvZvxy64Ct2RdgD1BTYlLi5qct4FvX9xoU4aKcXTSVxcyg77V9Hrbmu4N
+CtVjq9QR5cxdbT7Bj/SPTl0SJkTPLX1XekED2c0eOC8Q1JShNXI6Yd7uQ4tIKdJ2
+4S1RLtS+vIDb/02LXw0wraMwpTDr1SRnljz6gW249RiBzMW2QgfzvITmHF6D1Gka
+uELq29THck1NpZm/owIDAQABo4GOMIGLMA8GA1UdEwEB/wQFMAMBAf8wKwYDVR0Q
+BCQwIoAPMjAxNjA5MDEwODI1MTdagQ8yMDQxMDkwMTA4NTUxN1owCwYDVR0PBAQD
+AgEGMB8GA1UdIwQYMBaAFDofR9lvhhjpKfr+Oc7L7YrJVlUrMB0GA1UdDgQWBBQ6
+H0fZb4YY6Sn6/jnOy+2KyVZVKzANBgkqhkiG9w0BAQsFAAOCAgEARbJm3IEyIRyA
+mmkJ9aaUVVkB93asquqINx6sVfVKH26JV6OiBuudmCkasa0EVtruWDtoKm7j+QSP
+KlKbW+wQ/kwors+qFCzeFgJAU/3XXGAZ5UWWkuzjHhDf+RtK1aS/opcp20BBb9qu
+7AmBukLwJDN+wFVssEd2Yo1Y6oG5FpkTBxou/xUqrWW7u9JNjCNVuxYo9SkZnsn8
+avw+o+4XAgwTNJkvreeu4kA8dgxKsYQ5Ke3DPbiox5ZA/rK8t3LsoU++Pnf4fY7o
+Dqa5IsPkt5FkD/2RjaWoL4POYf1Z3mNpo4YwbsXubM+272ZcXvZ1Uf2YSCM4yb/p
+dQb9cWwhf/zJGceoAMYqXACd+vLkc0i1eIteq+l07Cvjph38Kdbhd1GXikEwzNHM
+k+rJT8V+caOm2Whsbn9Duxa9RbwBQp4O5x/Zn9q+GDfH1COy7jIMy2/owbhGasW4
+BzI5zUq+w757LqLd8qtL2qbOkF49c35RlNLeL8dxFDaRV/VdpMvtxgIxaML7RfVa
+c/p7oT+o+W3NN9/APyjxvZKAuaCZo5JXcuXrsgXOzEYbobD3w4j1CCR1ZIc/K9MB
+Z1KPSTADjsdBUW2EmR4blEU+HkRHxSnM+gZp+Usn3GSkFkFrZuPN+c1+9a8nLZ3P
+7naLqfk3x/LtOfB6wiMDtoXZPJRBvNM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEIjCCAwqgAwIBAgIUKeuSM0ZPMkH/gxkAqa3E2fjj4n8wDQYJKoZIhvcNAQEL
+BQAwcTELMAkGA1UEBhMCQVUxDDAKBgNVBAoTA0dPVjEMMAoGA1UECxMDRG9EMQww
+CgYDVQQLEwNQS0kxDDAKBgNVBAsTA0NBczEqMCgGA1UEAxMhQXVzdHJhbGlhbiBE
+ZWZlbmNlIFB1YmxpYyBSb290IENBMB4XDTE2MTEyODIyMjUyOFoXDTM2MTEyODIy
+MTM0OFowcTELMAkGA1UEBhMCQVUxDDAKBgNVBAoTA0dPVjEMMAoGA1UECxMDRG9E
+MQwwCgYDVQQLEwNQS0kxDDAKBgNVBAsTA0NBczEqMCgGA1UEAxMhQXVzdHJhbGlh
+biBEZWZlbmNlIFB1YmxpYyBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEA005UBBvQ9JuduCOH4CDHnpixcXoGkC7irUj+kwVs7Ia/KECFs0x5
+70dTmBAeVO59eLgYEwxEUv3QgaqTCCM5vl8Pa90ll/MBQt/UgQDEUL56iS0Zr3NK
+P8w6wL+iqMUV9z58QXSCay53ZuJqpZGIbgYxp68L5lrgrn1ary9H0PL7hHOcRqEe
+hERRxF8u2pACX4HfEQ7S+7s6F3Oj8o1jqk//cnplYoNaKjzyzSwjjc/rIR+/1ANX
+9TcWDF7lVxHCqPr/bDnyPVLmtXnAW+Ky6mMgDA6lKl4S4eavX4t8oK05NTWYX/Gv
+ONAm0029Ynd1Pa9rFIZ7WvYhj9bq4qcOrQIDAQABo4GxMIGuMA8GA1UdEwEB/wQF
+MAMBAf8wSwYDVR0gBEQwQjAGBgRVHSAAMDgGCSokAYJOAQEBBzArMCkGCCsGAQUF
+BwIBFh1odHRwOi8vY3JsLmRlZmVuY2UuZ292LmF1L3BraTAOBgNVHQ8BAf8EBAMC
+AcYwHwYDVR0jBBgwFoAUrJnhAi/oXEtBtzS4HumbgzYNlLQwHQYDVR0OBBYEFKyZ
+4QIv6FxLQbc0uB7pm4M2DZS0MA0GCSqGSIb3DQEBCwUAA4IBAQB4vIFK2DpXu70m
+v+oqKPCIivJQTJBn2kv1uBQIutt/cqiaWbzxHImo9DoDEFQTel3G2ro+D4jVatMb
+ly1iYTpv+QCvcgZz7BDAYR7MXE8ZMkY4wd0/0jcapY6GoPAJzDXWGQJ8zTn89/kf
+55R5Tj23+JdOO0RqzZSwufd+4uP5mX/F06ZQtEn7Fn5OQSzPPsd5QLqBGCYI+cWd
+49jxbxxoP2pbdxdSowbeGcJLbqKV/NUIvyy1aTVR4+PfTxopbYN4PTgkygI/VBDh
+s2Th1Zre8zf2MxC1drOr18kfUzqtVUEcSMk2nof/ddxp0K/ZelfGyrFD/DmB/Nx6
+o5qlmFBU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICvjCCAiCgAwIBAgIEBfXhATAKBggqhkjOPQQDBDB4MQswCQYDVQQGEwJDWjEt
+MCsGA1UECgwkUHJ2bsOtIGNlcnRpZmlrYcSNbsOtIGF1dG9yaXRhLCBhLnMuMRcw
+FQYDVQRhDA5OVFJDWi0yNjQzOTM5NTEhMB8GA1UEAwwYSS5DQSBSb290IENBL0VD
+QyAxMi8yMDE2MB4XDTE2MTIwNzExMDAwMFoXDTQxMTIwNzExMDAwMFoweDELMAkG
+A1UEBhMCQ1oxLTArBgNVBAoMJFBydm7DrSBjZXJ0aWZpa2HEjW7DrSBhdXRvcml0
+YSwgYS5zLjEXMBUGA1UEYQwOTlRSQ1otMjY0MzkzOTUxITAfBgNVBAMMGEkuQ0Eg
+Um9vdCBDQS9FQ0MgMTIvMjAxNjCBmzAQBgcqhkjOPQIBBgUrgQQAIwOBhgAEAftR
+Bb2dghxXs6Ux+c+wN9n65c7jLZWUzLty376ONIGEtyRBKRZ6cJRb0nPN7MahIa1r
+p+62J9aNMH5pabDyMw/aAagmk+jmrpgBSfOx97Rn4Ykjru9oJMYpeC2IoDlPQ9vB
+3/JU/EF6lzO/10wdL1vKoOR1BmkYFu6f6wziidk9tmfQo1UwUzAOBgNVHQ8BAf8E
+BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUddg3MwTzndDrHQqP5+Ym
+zNBNKyowEQYDVR0gBAowCDAGBgRVHSAAMAoGCCqGSM49BAMEA4GLADCBhwJBGieo
+oGlHxjtDibWSwrV99tHrZTmU4EsvGb4vctlUlmnhRwEBp4tsf8PF8Ra2TbowhgS0
+y/N0XUH9Dn0I7ein2l0CQgGGuyiX8t/fYzue3h+GvevqS0lw2n4E8ea5yLUKNM0A
+B2eYVTxHkwWvbgOgl8nwCtsTSq1HleJIspSWOPt9F3Mf0g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFRzCCAy+gAwIBAgIJEQA0tk7GNi02MA0GCSqGSIb3DQEBCwUAMEExCzAJBgNV
+BAYTAlJPMRQwEgYDVQQKEwtDRVJUU0lHTiBTQTEcMBoGA1UECxMTY2VydFNJR04g
+Uk9PVCBDQSBHMjAeFw0xNzAyMDYwOTI3MzVaFw00MjAyMDYwOTI3MzVaMEExCzAJ
+BgNVBAYTAlJPMRQwEgYDVQQKEwtDRVJUU0lHTiBTQTEcMBoGA1UECxMTY2VydFNJ
+R04gUk9PVCBDQSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDF
+dRmRfUR0dIf+DjuW3NgBFszuY5HnC2/OOwppGnzC46+CjobXXo9X69MhWf05N0Iw
+vlDqtg+piNguLWkh59E3GE59kdUWX2tbAMI5Qw02hVK5U2UPHULlj88F0+7cDBrZ
+uIt4ImfkabBoxTzkbFpG583H+u/E7Eu9aqSs/cwoUe+StCmrqzWaTOTECMYmzPhp
+n+Sc8CnTXPnGFiWeI8MgwT0PPzhAsP6CRDiqWhqKa2NYOLQV07YRaXseVO6MGiKs
+cpc/I1mbySKEwQdPzH/iV8oScLumZfNpdWO9lfsbl83kqK/20U6o2YpxJM02PbyW
+xPFsqa7lzw1uKA2wDrXKUXt4FMMgL3/7FFXhEZn91QqhngLjYl/rNUssuHLoPj1P
+rCy7Lobio3aP5ZMqz6WryFyNSwb/EkaseMsUBzXgqd+L6a8VTxaJW732jcZZroiF
+DsGJ6x9nxUWO/203Nit4ZoORUSs9/1F3dmKh7Gc+PoGD4FapUB8fepmrY7+EF3fx
+DTvf95xhszWYijqy7DwaNz9+j5LP2RIUZNoQAhVB/0/E6xyjyfqZ90bp4RjZsbgy
+LcsUDFDYg2WD7rlcz8sFWkz6GZdr1l0T08JcVLwyc6B49fFtHsufpaafItzRUZ6C
+eWRgKRM+o/1Pcmqr4tTluCRVLERLiohEnMqE0yo7AgMBAAGjQjBAMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSCIS1mxteg4BXrzkwJ
+d8RgnlRuAzANBgkqhkiG9w0BAQsFAAOCAgEAYN4auOfyYILVAzOBywaK8SJJ6ejq
+kX/GM15oGQOGO0MBzwdw5AgeZYWR5hEit/UCI46uuR59H35s5r0l1ZUa8gWmr4UC
+b6741jH/JclKyMeKqdmfS0mbEVeZkkMR3rYzpMzXjWR91M08KCy0mpbqTfXERMQl
+qiCA2ClV9+BB/AYm/7k29UMUA2Z44RGx2iBfRgB4ACGlHgAoYXhvqAEBj500mv/0
+OJD7uNGzcgbJceaBxXntC6Z58hMLnPddDnskk7RI24Zf3lCGeOdA5jGokHZwYa+c
+NywRtYK3qq4kNFtyDGkNzVmf9nGvnAvRCjj5BiKDUyUM/FHE5r7iOZULJK2v0ZXk
+ltd0ZGtxTgI8qoXzIKNDOXZbbFD+mpwUHmUUihW9o4JFWklWatKcsWMy5WHgUyIO
+pwpJ6st+H6jiYoD2EEVSmAYY3qXNL3+q1Ok+CHLsIwMCPKaq2LxndD0UF/tUSxfj
+03k9bWtJySgOLnRQvwzZRjoQhsmnP+mg7H/rpXdYaXHmgwo38oZJar55CJD2AhZk
+PuXaTH4MNMn5X7azKFGnpyuqSfqNZSlO42sTp5SjLVFteAxEy9/eCG/Oo2Sr05WE
+1LlSVHJ7liXMvGnjSG4N0MedJ5qq+BOS3R7fY581qRY27Iy4g/Q9iY/NtBde17MX
+QRBdJ3NghVdJIgc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDZDCCAkygAwIBAgILMaXzypDqI6zSnr0wDQYJKoZIhvcNAQELBQAwPjELMAkG
+A1UEBhMCSlAxDjAMBgNVBAoTBUxHUEtJMR8wHQYDVQQDExZBcHBsaWNhdGlvbiBD
+QSBHNCBSb290MB4XDTE3MDIxNTE1MDAwMFoXDTM3MDIxNTE0NTk1OVowPjELMAkG
+A1UEBhMCSlAxDjAMBgNVBAoTBUxHUEtJMR8wHQYDVQQDExZBcHBsaWNhdGlvbiBD
+QSBHNCBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6vH5Yym
+WJ4v1gXJkXcwvt4a1A5jYtHMLbHRhjiNHYVmU5+qQWXgWNLlKb6UqJWTPF9qxZuf
+NOhtwcbTp+VDoBIwwDk0YAyL9Gj1SN/pjhyuSKe7qj14t+JJu8EjBFobkAHFfatK
+AaHCk2rShbO253bra2846yBSMJUI9fks7sjAdbkB7cE3VjBcnX9kwspAILmVhbyl
+B30Mvi6h3cYm6SopbJ8omClR6HYTG+8uCzdaM57AJWeqDy2o1JImOAGn0GIYLiI4
+OHgLulKZoXwmArHixeLezooCRISio+mLiGMxyS84AOnEAk0eIycSSNwRsfDS4g4w
+Ga8DoQezNZQipQIDAQABo2MwYTAdBgNVHQ4EFgQUbtwKNR8gwuih030FTk9MYOWk
+xGcwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU
+btwKNR8gwuih030FTk9MYOWkxGcwDQYJKoZIhvcNAQELBQADggEBAFUz1UC3Gn5P
+3HSDDkS6P71SlciTliPyAbkU68oSdM1hiDSvTV70WYqrHtjjWcEe+DC1QMa7uK/R
+7T9sqnOYguSYNK6SQQ5ZNhq6UBwW9Bc6LBvil2+yr9Ha3hRS34A8x089h566lb14
+vFU8ifYuJtUV5dBAEsWzcT9sZh+j/Eu1TuJu3IAHw/koFHv3XhZqQ6eukQEfT2Wp
+SLPObhoGIaTTMYiIpUkRgmvruZ1g/p/+xff4f6s37q/nWEa6CeRdOadLBNgDAslg
+Kl5VaRELYHiBevRx9Y9Gro8EqJccgIkjY9v+66YXDlm2LrmG619ebN2B56swgSOQ
+J7H3K5A5C7g=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICaTCCAe+gAwIBAgIQISpWDK7aDKtARb8roi066jAKBggqhkjOPQQDAzBtMQsw
+CQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUgRm91
+bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwg
+Um9vdCBHQyBDQTAeFw0xNzA1MDkwOTQ4MzRaFw00MjA1MDkwOTU4MzNaMG0xCzAJ
+BgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYDVQQLExlPSVNURSBGb3Vu
+ZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEdsb2JhbCBS
+b290IEdDIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAETOlQwMYPchi82PG6s4ni
+eUqjFqdrVCTbUf/q9Akkwwsin8tqJ4KBDdLArzHkdIJuyiXZjHWd8dvQmqJLIX4W
+p2OQ0jnUsYd4XxiWD1AbNTcPasbc2RNNpI6QN+a9WzGRo1QwUjAOBgNVHQ8BAf8E
+BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUSIcUrOPDnpBgOtfKie7T
+rYy0UGYwEAYJKwYBBAGCNxUBBAMCAQAwCgYIKoZIzj0EAwMDaAAwZQIwJsdpW9zV
+57LnyAyMjMPdeYwbY9XJUpROTYJKcx6ygISpJcBMWm1JKWB4E+J+SOtkAjEA2zQg
+Mgj/mkkCtojeFK9dbJlxjRo/i9fgojaGHAeCOnZT/cKi7e97sIBPWA9LUzm9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF6zCCA9OgAwIBAgIIVrYpzTS8ePYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV
+BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE
+CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDUzMTE4MTQzN1oXDTQy
+MDUzMDE4MTQzN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD
+DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq
+M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf
+OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa
+4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9
+HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR
+aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA
+b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ
+Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV
+PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO
+pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu
+UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY
+MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4
+9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBW
+s47LCp1Jjr+kxJG7ZhcFUZh1++VQLHqe8RT6q9OKPv+RKY9ji9i0qVQBDb6Thi/5
+Sm3HXvVX+cpVHBK+Rw82xd9qt9t1wkclf7nxY/hoLVUE0fKNsKTPvDxeH3jnpaAg
+cLAExbf3cqfeIg29MyVGjGSSJuM+LmOW2puMPfgYCdcDzH2GguDKBAdRUNf/ktUM
+79qGn5nX67evaOI5JpS6aLe/g9Pqemc9YmeuJeVy6OLk7K4S9ksrPJ/psEDzOFSz
+/bdoyNrGj1E8svuR3Bznm53htw1yj+KkxKl4+esUrMZDBcJlOSgYAsOCsp0FvmXt
+ll9ldDz7CTUue5wT/RsPXcdtgTpWD8w74a8CLyKsRspGPKAcTNZEtF4uXBVmCeEm
+Kf7GUmG6sXP/wwyc5WxqlD8UykAWlYTzWamsX0xhk23RO8yilQwipmdnRC652dKK
+QbNmC1r7fSOl8hqw/96bg5Qu0T/fkreRrwU7ZcegbLHNYhLDkBvjJc40vG93drEQ
+w/cFGsDWr3RiSBd3kmmQYRzelYB0VI8YHMPzA9C/pEN1hlMYegouCRw2n5H9gooi
+S9EOUCXdywMMF8mDAAhONU2Ki+3wApRmLER/y5UnlhetCTCstnEXbosX9hwJ1C07
+mKVx01QT2WDz9UtmT/rx7iASjbSsV7FFY6GsdqnC+w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzzCCA7egAwIBAgIUCBZfikyl7ADJk0DfxMauI7gcWqQwDQYJKoZIhvcNAQEL
+BQAwbzELMAkGA1UEBhMCSEsxEjAQBgNVBAgTCUhvbmcgS29uZzESMBAGA1UEBxMJ
+SG9uZyBLb25nMRYwFAYDVQQKEw1Ib25na29uZyBQb3N0MSAwHgYDVQQDExdIb25n
+a29uZyBQb3N0IFJvb3QgQ0EgMzAeFw0xNzA2MDMwMjI5NDZaFw00MjA2MDMwMjI5
+NDZaMG8xCzAJBgNVBAYTAkhLMRIwEAYDVQQIEwlIb25nIEtvbmcxEjAQBgNVBAcT
+CUhvbmcgS29uZzEWMBQGA1UEChMNSG9uZ2tvbmcgUG9zdDEgMB4GA1UEAxMXSG9u
+Z2tvbmcgUG9zdCBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCziNfqzg8gTr7m1gNt7ln8wlffKWihgw4+aMdoWJwcYEuJQwy51BWy7sFO
+dem1p+/l6TWZ5Mwc50tfjTMwIDNT2aa71T4Tjukfh0mtUC1Qyhi+AViiE3CWu4mI
+VoBc+L0sPOFMV4i707mV78vH9toxdCim5lSJ9UExyuUmGs2C4HDaOym71QP1mbpV
+9WTRYA6ziUm4ii8F0oRFKHyPaFASePwLtVPLwpgchKOesL4jpNrcyCse2m5FHomY
+2vkALgbpDDtw1VAliJnLzXNg99X/NWfFobxeq81KuEXryGgeDQ0URhLj0mRiikKY
+vLTGCAj4/ahMZJx2Ab0vqWwzD9g/KLg8aQFChn5pwckGyuV6RmXpwtZQQS4/t+Tt
+bNe/JgERohYpSms0BpDsE9K2+2p20jzt8NYt3eEV7KObLyzJPivkaTv/ciWxNoZb
+x39ri1UbSsUgYT2uy1DhCDq+sI9jQVMwCFk8mB13umOResoQUGC/8Ne8lYePl8X+
+l2oBlKN8W4UdKjk60FSh0Tlxnf0h+bV78OLgAo9uliQlLKAeLKjEiafv7ZkGL7YK
+TE/bosw3Gq9HhS2KX8Q0NEwA/RiTZxPRN+ZItIsGxVd7GYYKecsAyVKvQv83j+Gj
+Hno9UKtjBucVtT+2RTeUN7F+8kjDf8V1/peNRY8apxpyKBpADwIDAQABo2MwYTAP
+BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBQXnc0e
+i9Y5K3DTXNSguB+wAPzFYTAdBgNVHQ4EFgQUF53NHovWOStw01zUoLgfsAD8xWEw
+DQYJKoZIhvcNAQELBQADggIBAFbVe27mIgHSQpsY1Q7XZiNc4/6gx5LS6ZStS6LG
+7BJ8dNVI0lkUmcDrudHr9EgwW62nV3OZqdPlt9EuWSRY3GguLmLYauRwCy0gUCCk
+MpXRAJi70/33MvJJrsZ64Ee+bs7Lo3I6LWldy8joRTnU+kLBEUx3XZL7av9YROXr
+gZ6voJmtvqkBZss4HTzfQx/0TW60uhdG/H39h4F5ag0zD/ov+BS5gLNdTaqX4fnk
+GMX41TiMJjz98iji7lpJiCzfeT2OnpA8vUFKOt1b9pq0zj8lMH8yfaIDlNDceqFS
+3m6TjRgm/VWsvY+b0s+v54Ysyx8Jb6NvqYTUc79NoXQbTiNg8swOqn+knEwlqLJm
+Ozj/2ZQw9nKEvmhVEA/GcywWaZMH/rFF7buiVWqw2rVKAiUnhde3t4ZEFolsgCs+
+l6mc1X5VTMbeRRAc6uk7nwNT7u56AQIWeNTowr5GdogTPyK7SBIdUgC0An4hGh6c
+JfTzPV4e0hz5sy229zdcxsshTrD3mUcYhcErulWuBurQB7Lcq9CClnXO0lD+mefP
+L5/ndtFhKvshuzHQqp9HpLIiyhY6UFfEW0NnxWViA0kB60PZ2Pierc+xYw5F9KBa
+LJstxabArahH9CdMOA0uG0k7UvToiIMrVCjU8jVStDKDYmlkDJGcn5fqdBb9HxEG
+mpv0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFojCCA4qgAwIBAgIUAZQwHqIL3fXFMyqxQ0Rx+NZQTQ0wDQYJKoZIhvcNAQEM
+BQAwaTELMAkGA1UEBhMCS1IxJjAkBgNVBAoMHU5BVkVSIEJVU0lORVNTIFBMQVRG
+T1JNIENvcnAuMTIwMAYDVQQDDClOQVZFUiBHbG9iYWwgUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eTAeFw0xNzA4MTgwODU4NDJaFw0zNzA4MTgyMzU5NTlaMGkx
+CzAJBgNVBAYTAktSMSYwJAYDVQQKDB1OQVZFUiBCVVNJTkVTUyBQTEFURk9STSBD
+b3JwLjEyMDAGA1UEAwwpTkFWRVIgR2xvYmFsIFJvb3QgQ2VydGlmaWNhdGlvbiBB
+dXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC21PGTXLVA
+iQqrDZBbUGOukJR0F0Vy1ntlWilLp1agS7gvQnXp2XskWjFlqxcX0TM62RHcQDaH
+38dq6SZeWYp34+hInDEW+j6RscrJo+KfziFTowI2MMtSAuXaMl3Dxeb57hHHi8lE
+HoSTGEq0n+USZGnQJoViAbbJAh2+g1G7XNr4rRVqmfeSVPc0W+m/6imBEtRTkZaz
+kVrd/pBzKPswRrXKCAfHcXLJZtM0l/aM9BhK4dA9WkW2aacp+yPOiNgSnABIqKYP
+szuSjXEOdMWLyEz59JuOuDxp7W87UC9Y7cSw0BwbagzivESq2M0UXZR4Yb8Obtoq
+vC8MC3GmsxY/nOb5zJ9TNeIDoKAYv7vxvvTWjIcNQvcGufFt7QSUqP620wbGQGHf
+nZ3zVHbOUzoBppJB7ASjjw2i1QnK1sua8e9DXcCrpUHPXFNwcMmIpi3Ua2FzUCaG
+YQ5fG8Ir4ozVu53BA0K6lNpfqbDKzE0K70dpAy8i+/Eozr9dUGWokG2zdLAIx6yo
+0es+nPxdGoMuK8u180SdOqcXYZaicdNwlhVNt0xz7hlcxVs+Qf6sdWA7G2POAN3a
+CJBitOUt7kinaxeZVL6HSuOpXgRM6xBtVNbv8ejyYhbLgGvtPe31HzClrkvJE+2K
+AQHJuFFYwGY6sWZLxNUxAmLpdIQM201GLQIDAQABo0IwQDAdBgNVHQ4EFgQU0p+I
+36HNLL3s9TsBAZMzJ7LrYEswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMB
+Af8wDQYJKoZIhvcNAQEMBQADggIBADLKgLOdPVQG3dLSLvCkASELZ0jKbY7gyKoN
+qo0hV4/GPnrK21HUUrPUloSlWGB/5QuOH/XcChWB5Tu2tyIvCZwTFrFsDDUIbatj
+cu3cvuzHV+YwIHHW1xDBE1UBjCpD5EHxzzp6U5LOogMFDTjfArsQLtk70pt6wKGm
++LUx5vR1yblTmXVHIloUFcd4G7ad6Qz4G3bxhYTeodoS76TiEJd6eN4MUZeoIUCL
+hr0N8F5OSza7OyAfikJW4Qsav3vQIkMsRIz75Sq0bBwcupTgE34h5prCy8VCZLQe
+lHsIJchxzIdFV4XTnyliIoNRlwAYl3dqmJLJfGBs32x9SuRwTMKeuB330DTHD8z7
+p/8Dvq1wkNoL3chtl1+afwkyQf3NosxabUzyqkn+Zvjp2DXrDige7kgvOtB5CTh8
+piKCk5XQA76+AqAF3SAi428diDRgxuYKuQl1C/AH6GmWNcf7I4GOODm4RStDeKLR
+LBT/DShycpWbXgnbiUSYqqFJu3FS8r/2/yehNq+4tneI3TqkbZs0kNwUXTC/t+sX
+5Ie3cdCh13cV1ELX8vMxmV2b3RZtP+oGI/hGoiLtk/bdmuYqh7GYVPEi92tF4+KO
+dh2ajcQGjTa3FPOdVGm3jjzVpG2Tgbet9r1ke8LJaDmgkpzNNIaRkPpkUZ3+/uul
+9XXeifdy
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICQDCCAeWgAwIBAgIMAVRI7yH9l1kN9QQKMAoGCCqGSM49BAMCMHExCzAJBgNV
+BAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMgTHRk
+LjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxHjAcBgNVBAMMFWUtU3ppZ25vIFJv
+b3QgQ0EgMjAxNzAeFw0xNzA4MjIxMjA3MDZaFw00MjA4MjIxMjA3MDZaMHExCzAJ
+BgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEWMBQGA1UECgwNTWljcm9zZWMg
+THRkLjEXMBUGA1UEYQwOVkFUSFUtMjM1ODQ0OTcxHjAcBgNVBAMMFWUtU3ppZ25v
+IFJvb3QgQ0EgMjAxNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJbcPYrYsHtv
+xie+RJCxs1YVe45DJH0ahFnuY2iyxl6H0BVIHqiQrb1TotreOpCmYF9oMrWGQd+H
+Wyx7xf58etqjYzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G
+A1UdDgQWBBSHERUI0arBeAyxr87GyZDvvzAEwDAfBgNVHSMEGDAWgBSHERUI0arB
+eAyxr87GyZDvvzAEwDAKBggqhkjOPQQDAgNJADBGAiEAtVfd14pVCzbhhkT61Nlo
+jbjcI4qKDdQvfepz7L9NbKgCIQDLpbQS+ue16M9+k/zzNY9vTlp8tLxOsvxyqltZ
++efcMQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2jCCA8KgAwIBAgIMBfcOhtpJ80Y1LrqyMA0GCSqGSIb3DQEBCwUAMIGIMQsw
+CQYDVQQGEwJVUzERMA8GA1UECAwISWxsaW5vaXMxEDAOBgNVBAcMB0NoaWNhZ28x
+ITAfBgNVBAoMGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjExMC8GA1UEAwwoVHJ1
+c3R3YXZlIEdsb2JhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNzA4MjMx
+OTM0MTJaFw00MjA4MjMxOTM0MTJaMIGIMQswCQYDVQQGEwJVUzERMA8GA1UECAwI
+SWxsaW5vaXMxEDAOBgNVBAcMB0NoaWNhZ28xITAfBgNVBAoMGFRydXN0d2F2ZSBI
+b2xkaW5ncywgSW5jLjExMC8GA1UEAwwoVHJ1c3R3YXZlIEdsb2JhbCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+ALldUShLPDeS0YLOvR29zd24q88KPuFd5dyqCblXAj7mY2Hf8g+CY66j96xz0Xzn
+swuvCAAJWX/NKSqIk4cXGIDtiLK0thAfLdZfVaITXdHG6wZWiYj+rDKd/VzDBcdu
+7oaJuogDnXIhhpCujwOl3J+IKMujkkkP7NAP4m1ET4BqstTnoApTAbqOl5F2brz8
+1Ws25kCI1nsvXwXoLG0R8+eyvpJETNKXpP7ScoFDB5zpET71ixpZfR9oWN0EACyW
+80OzfpgZdNmcc9kYvkHHNHnZ9GLCQ7mzJ7Aiy/k9UscwR7PJPrhq4ufogXBeQotP
+JqX+OsIgbrv4Fo7NDKm0G2x2EOFYeUY+VM6AqFcJNykbmROPDMjWLBz7BegIlT1l
+RtzuzWniTY+HKE40Cz7PFNm73bZQmq131BnW2hqIyE4bJ3XYsgjxroMwuREOzYfw
+hI0Vcnyh78zyiGG69Gm7DIwLdVcEuE4qFC49DxweMqZiNu5m4iK4BUBjECLzMx10
+coos9TkpoNPnG4CELcU9402x/RpvumUHO1jsQkUm+9jaJXLE9gCxInm943xZYkqc
+BW89zubWR2OZxiRvchLIrH+QtAuRcOi35hYQcRfO3gZPSEF9NUqjifLJS3tBEW1n
+twiYTOURGa5CgNz7kAXU+FDKvuStx8KU1xad5hePrzb7AgMBAAGjQjBAMA8GA1Ud
+EwEB/wQFMAMBAf8wHQYDVR0OBBYEFJngGWcNYtt2s9o9uFvo/ULSMQ6HMA4GA1Ud
+DwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAmHNw4rDT7TnsTGDZqRKGFx6W
+0OhUKDtkLSGm+J1WE2pIPU/HPinbbViDVD2HfSMF1OQc3Og4ZYbFdada2zUFvXfe
+uyk3QAUHw5RSn8pk3fEbK9xGChACMf1KaA0HZJDmHvUqoai7PF35owgLEQzxPy0Q
+lG/+4jSHg9bP5Rs1bdID4bANqKCqRieCNqcVtgimQlRXtpla4gt5kNdXElE1GYhB
+aCXUNxeEFfsBctyV3lImIJgm4nb1J2/6ADtKYdkNy1GTKv0WBpanI5ojSP5RvbbE
+sLFUzt5sQa0WZ37b/TjNuThOssFgy50X31ieemKyJo90lZvkWx3SD92YHJtZuSPT
+MaCm/zjdzyBP6VhWOmfD0faZmZ26NraAL4hHT4a/RDqA5Dccprrql5gR0IRiR2Qe
+qu5AvzSxnI9O4fKSTx+O856X3vOmeWqJcU9LJxdI/uz0UA9PSX3MReO9ekDFQdxh
+VicGaeVyQYHTtgGJoC86cnn+OjC/QezHYj6RS8fZMXZC+fc8Y+wmjHMMfRod6qh8
+h6jCJ3zhM0EPz8/8AKAigJ5Kp28AsEFFtyLKaEjFQqKu3R3y4G5OBVixwJAWKqQ9
+EEC+j2Jjg6mcgn0tAumDMHzLJ8n9HmYAsC7TIS+OMxZsmO0QqAfWzJPP29FpHOTK
+yeC2nOnOcXHebD8WpHk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICYDCCAgegAwIBAgIMDWpfCD8oXD5Rld9dMAoGCCqGSM49BAMCMIGRMQswCQYD
+VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAf
+BgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3
+YXZlIEdsb2JhbCBFQ0MgUDI1NiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0x
+NzA4MjMxOTM1MTBaFw00MjA4MjMxOTM1MTBaMIGRMQswCQYDVQQGEwJVUzERMA8G
+A1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0
+d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBF
+Q0MgUDI1NiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTBZMBMGByqGSM49AgEGCCqG
+SM49AwEHA0IABH77bOYj43MyCMpg5lOcunSNGLB4kFKA3TjASh3RqMyTpJcGOMoN
+FWLGjgEqZZ2q3zSRLoHB5DOSMcT9CTqmP62jQzBBMA8GA1UdEwEB/wQFMAMBAf8w
+DwYDVR0PAQH/BAUDAwcGADAdBgNVHQ4EFgQUo0EGrJBt0UrrdaVKEJmzsaGLSvcw
+CgYIKoZIzj0EAwIDRwAwRAIgB+ZU2g6gWrKuEZ+Hxbb/ad4lvvigtwjzRM4q3wgh
+DDcCIC0mA6AFvWvR9lz4ZcyGbbOcNEhjhAnFjXca4syc4XR7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICnTCCAiSgAwIBAgIMCL2Fl2yZJ6SAaEc7MAoGCCqGSM49BAMDMIGRMQswCQYD
+VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAf
+BgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3
+YXZlIEdsb2JhbCBFQ0MgUDM4NCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0x
+NzA4MjMxOTM2NDNaFw00MjA4MjMxOTM2NDNaMIGRMQswCQYDVQQGEwJVUzERMA8G
+A1UECBMISWxsaW5vaXMxEDAOBgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0
+d2F2ZSBIb2xkaW5ncywgSW5jLjE6MDgGA1UEAxMxVHJ1c3R3YXZlIEdsb2JhbCBF
+Q0MgUDM4NCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABGvaDXU1CDFHBa5FmVXxERMuSvgQMSOjfoPTfygIOiYaOs+Xgh+AtycJ
+j9GOMMQKmw6sWASr9zZ9lCOkmwqKi6vr/TklZvFe/oyujUF5nQlgziip04pt89ZF
+1PKYhDhloKNDMEEwDwYDVR0TAQH/BAUwAwEB/zAPBgNVHQ8BAf8EBQMDBwYAMB0G
+A1UdDgQWBBRVqYSJ0sEyvRjLbKYHTsjnnb6CkDAKBggqhkjOPQQDAwNnADBkAjA3
+AZKXRRJ+oPM+rRk6ct30UJMDEr5E0k9BpIycnR+j9sKS50gU/k6bpZFXrsY3crsC
+MGclCrEMXu6pY5Jv5ZAL/mYiykf9ijH3g/56vxC+GCsej/YpHpRZ744hN8tRmKVu
+Sw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGUTCCBDmgAwIBAgIQaF3MJjngI2bkSp1k044ENTANBgkqhkiG9w0BAQsFADCB
+sTELMAkGA1UEBhMCWkExEDAOBgNVBAgMB0dhdXRlbmcxFTATBgNVBAcMDEpvaGFu
+bmVzYnVyZzEdMBsGA1UECgwUVHJ1c3RGYWN0b3J5KFB0eSlMdGQxJDAiBgNVBAsM
+G1RydXN0RmFjdG9yeSBQS0kgT3BlcmF0aW9uczE0MDIGA1UEAwwrVHJ1c3RGYWN0
+b3J5IFNTTCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNzEyMDUxMDU5
+MjlaFw00NzExMjgxMDU5MjlaMIGxMQswCQYDVQQGEwJaQTEQMA4GA1UECAwHR2F1
+dGVuZzEVMBMGA1UEBwwMSm9oYW5uZXNidXJnMR0wGwYDVQQKDBRUcnVzdEZhY3Rv
+cnkoUHR5KUx0ZDEkMCIGA1UECwwbVHJ1c3RGYWN0b3J5IFBLSSBPcGVyYXRpb25z
+MTQwMgYDVQQDDCtUcnVzdEZhY3RvcnkgU1NMIFJvb3QgQ2VydGlmaWNhdGUgQXV0
+aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAldFHKO7wVLzr
+vdWrBn4lpAOq/WB6zje5adopeXdsPX+CNMJd/kKkDUFaANKDpGptweXIUWL6a9XG
+R9w4bhGQjGgVz+m6WOaai4WBEC3P51NJ6aM3Igy8dLK2JVIRz6IhPImg16QdIxBr
+HVk7N/RdNjhAtXVCry0aB7yNYxTYSvgime/AWklvq5I/S+ykahg/US7TIOdPLoMG
+Ol5/FYvP+jUuU7lqGs+n+Dy5yXMXOv2tDVjNknXqP/+5hvP+1aD1Zepj1vqGEbR0
+1bVYhKotXUoXvuymJNegvbcYOBZnbhGFW19gUovRz+VC0Jxe9Y6FvfKGbKhV3Osd
+ev2sKPDE0sepB9ddPhdWlEbum8rEsIwaatfPm86mTC2A+J3xI0CaQCs4VR41A911
+2zHUToonb5eOnMx2mR1WrjJMF9kZr6ikzAvKAnUBTj28FPSqO5vQT7fn/lrEztYM
+czOsqc0six0NIflh5qF24q7wdEkB/DnfqBOSyGOJXrUQ8R0h9tMY+3dMaeJqzOB5
+rE6bZM/o4vMiooeenhskDHFm5el25GRUm80N9lF9u58AWh50tNCrjR2rCO8rwtu9
+g2HXyWS8D24XxjLfDPOmXu7sIAwqz3pFUHsY1vsSduGvWR+B2jSCNkW/kslVpdZ1
+BlmHm6SD3q14eWw8qI+d7lzsPOOJoisCAwEAAaNjMGEwHQYDVR0OBBYEFEI6XjZa
+3Buq0KLq9fFEf3Qlc+m9MB8GA1UdIwQYMBaAFEI6XjZa3Buq0KLq9fFEf3Qlc+m9
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUA
+A4ICAQAGOiJqHPwbet1ov9VKqL4LYthqZ0k0YBxbs+0lvjYOIFd1A4foZnesd9V3
+YZRt6HRxVGv0/Lbyi4pnXx0ECD/+gSDtjzzXR3ZYQtFqxzF0fjRNpntFUXAT+EZE
+R88N2pYUxoJWPoUa6LKln3/ND2yDguIYB9xmXIrKXaiEL1SMg/DFPEAgMuJP6Fbr
+lcLkxlD+IuivAVIrla6GVpWnex7GN+419vf7NtDgKt0wMsNtFCXHVdJrI2+QKgpj
+lnpm6N2Asnn/k2htD7EUU+XOe0zQwSMLOoPkzI773C7ZdFLgUL26Sfh2NBYfaSv0
+KIYdTDQVF9p0qHCWXT/CHccEh1Wia7Gy9TVWYru79UfsgrRmahNIeFRjz1+A7JhG
+xEnJ9KQrlSXHwKPbVly9qva5N+LaROUNS4d5naadH60P/c7pZq3xBJRVSNerJ5Zh
+Vfk23TXfiFY19mqxk1hYZSq0pd0PTYsHGb2CqnW0QsxVWd6nciiBfqyrG+yAHJhX
+EhnftyYpMdL6kA1cHjAvKoYuRWPVnuV8cH8CZS4Z9AFG3ty4V52+eT5Ufy6DTnLF
+zVlhPfegtpOUa10JMCZzOFb8V3iH7+04wg1WMISJmxaOegi1fyYSw1D1Gyqyb5A4
+NuA1EUzZHh774biMRaxg4fm1uey/wQl6KSXD6SHL0O+DrCI8aA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWDCCBECgAwIBAgIRAI5ZQFi3WJ+9F4SSs8w6x5MwDQYJKoZIhvcNAQELBQAw
+gbQxCzAJBgNVBAYTAlpBMRAwDgYDVQQIDAdHYXV0ZW5nMRUwEwYDVQQHDAxKb2hh
+bm5lc2J1cmcxHTAbBgNVBAoMFFRydXN0RmFjdG9yeShQdHkpTHRkMSQwIgYDVQQL
+DBtUcnVzdEZhY3RvcnkgUEtJIE9wZXJhdGlvbnMxNzA1BgNVBAMMLlRydXN0RmFj
+dG9yeSBDbGllbnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMTcxMjA1
+MTE0ODM2WhcNNDcxMTI4MTE0ODM2WjCBtDELMAkGA1UEBhMCWkExEDAOBgNVBAgM
+B0dhdXRlbmcxFTATBgNVBAcMDEpvaGFubmVzYnVyZzEdMBsGA1UECgwUVHJ1c3RG
+YWN0b3J5KFB0eSlMdGQxJDAiBgNVBAsMG1RydXN0RmFjdG9yeSBQS0kgT3BlcmF0
+aW9uczE3MDUGA1UEAwwuVHJ1c3RGYWN0b3J5IENsaWVudCBSb290IENlcnRpZmlj
+YXRlIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOrA
+ZChzgke2wM6tiNzS4e5IUvMQ504IhuAv7zgmShfwe0MbqlFNIjIHU3YKt2Cxqj9H
+Gkv+mMrz1KhbeN6Tnvw0JXSQ6BbmnWNVPn9Vc6YSb/eoc82WkjGutMQBSF0Rf/Z9
+gr5dDemjK+sxLjnmWkqe3AZsKJj2cfzwWkL2u8BBJub5z0Gg+H5swZPF42Pn9pRC
+JNhrZ9HndRsAjgoEJ8fgGze7XuAuyaUEcw369dY4pKTWBpYWK4AQd9D3afFpkqmq
+/MMhtv0TMQk4/8P1b+NHsyHo9mXUuNNbLnzdCk+6Sd9qj7BCbLZHaa6zaWuYKGLz
+/Hf3H3Y0Rji3Ixe51C3aVxgDCaVVnaHyDAC8JTlih9FAB8AOy87UC3pQke+QJw7Y
+VwCIkuIXyWnBNR6kb8CphjQ3RFK8Q7J9iY+lo1nA0DiMp8tW/RlbwZW15UC9+YLE
+ySLUMp2Fo+9KdKcVBj5wIkgrDCOs0GJcuXz3hdmN+MXTl49e6vAM0LGaCE+ZBoHk
+Gil8pPoWJ5tzUanFJPYlGKizMtdK59Na2ZvCMjsEho1Yc1WQLmhISVQ6O+4loJni
+XANmU8xu1A0RHXmq1PFlC4/NT1QBEAw/XY0AZDQfBiDsodaSC8m+tmKHVAn8/hpz
+eSERZVye1bOQxaSWviOrfYFZ8TqbV69dgW760UuxAgMBAAGjYzBhMB0GA1UdDgQW
+BBQ8tpw4Wuy11CILQL5jDwiLKO4MGTAfBgNVHSMEGDAWgBQ8tpw4Wuy11CILQL5j
+DwiLKO4MGTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG
+9w0BAQsFAAOCAgEABTcWLooTAcR8JmnoMwVS/QhaghKNzwoTWXg3usVEFzriFT/z
+j8zcVy0Toz7leLsrkZ0+4UJsVXVuaCyUP5uCN/w8L34cZvFVyYPSiMCbrJP+2WAv
+OlMkv7UvVV9hs1NPBNtuNqsdLyjD1SK7GKQnHiun0XxRfoIrd/91dZuJgefQwdvz
+Gb9LbAcSBA7iBgspSGY6NSbUveEFdCGK9cbPFlArFMVk6hb8TSFVjCjvHMzqEJtN
+GKqOTdwBxkVN8cdu+0eApzDHJ/ytCoGb91ZV2rsflfdfEHgji6OgZVAEY/M+QXOH
+FNxagyc40CMPpegsjhYmmevld5V+6Y+Fj0EUkP88icflXIrXYwxpc6U4HW2pYxyV
+f/filBDQ7VagR6FAJR+5sry6as1eNoAOslWLPEvmgcHKJ2nfsy44/L+zqh2ybSBS
+3Iw/G4N6rBt506ToKTAU73iM6T5Y4tnP9XvTYbkcATaw7DCIW5+zGDpG+hbly4S4
+OQSXTiQAR10g84zxpG8yA+BKZeWMuhXUVFi8sVB6cC6sQwoN5qbwIi5fShoAbHGT
+2xpk7hlxfQW2mIzfgN2KqDooNUMU/vMEOo8hOA9OE4OO39v72drg5fdGPO/a6G5M
+ngH6MmW7UhMgaTubG3+TzzAzjrOKI/wH02lgEvdEvQMvqPBHFXcn2GG3kLU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDjCCA/agAwIBAgIDAw1AMA0GCSqGSIb3DQEBDQUAMIGWMQswCQYDVQQGEwJG
+STEhMB8GA1UECgwYVmFlc3RvcmVraXN0ZXJpa2Vza3VzIENBMSkwJwYDVQQLDCBD
+ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBTZXJ2aWNlczEZMBcGA1UECwwQVmFybWVu
+bmVwYWx2ZWx1dDEeMBwGA1UEAwwVVlJLIEdvdi4gUm9vdCBDQSAtIEcyMB4XDTE3
+MTIxNDA4NTAzMVoXDTM4MTIxMzA4NTAzMVowgZYxCzAJBgNVBAYTAkZJMSEwHwYD
+VQQKDBhWYWVzdG9yZWtpc3RlcmlrZXNrdXMgQ0ExKTAnBgNVBAsMIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5IFNlcnZpY2VzMRkwFwYDVQQLDBBWYXJtZW5uZXBhbHZl
+bHV0MR4wHAYDVQQDDBVWUksgR292LiBSb290IENBIC0gRzIwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQC/1gBKiQ4vIztyf3MgZaBfFsV7XlwG+WZzIIL1
+YpYXlFH+mzXo8g5ffyGVHGLA5PmCeFzvVcDH/A1587ZMgjYKsEv8LWGmC4i4T7kF
+rgbMCdN7Sg1oiRNFAKOdXOZ+pR7nBi/wa0WkotSbh8qYZWDrWsyileyTW0qldn1f
+ddItlUd6abFziKxlJHkgf4iGRWQS6BTHOJCXHPFB97jgN/+2tcwxWswo/4SoU1ZY
+ct1jwDtHHYxWQ95UxwjMP3rowgPKNLyFlefD0SDS9Eor8envfXpbtQRgUgR4nejn
+KUNuOwEA2CrMBiYCaoQ/8wiqPhT99/eOuYAwQqUFfM3zoYQieBFBCdWMgAtOWI2Y
+1HM9FfdtmT3khPNHPC9rmRSEITucVmVS9Y+rDaljgsw5UrHqp1njo8APeT7olT5G
+rLnduFeF9pf/nrMI5jdW3vymMziNvw1rlqaL6XBKt2dEqIkukOaXi+5vnKxzRftp
+OP1W+AXroxHMyPLyxLD41xn4BuaWYH3U5Lbz1JsZX98xg8644HWWKW08L+hZwEqf
+uuz6k/aRby0kFJIrvq2dCFg14WEqE9/Y0HzxVvNrdC3E4+6AYSyrCl1VSUthr5VO
+sbdS1pnT7yTQHAZImhvCF5yy5ov9LXKxlzwYSVFWfFXkEr5QiR1pKBlIw9oigang
+4AWqvQIDAQABo2MwYTAfBgNVHSMEGDAWgBTRpwgWB57pvU7T1yBTllkGJ9eITTAd
+BgNVHQ4EFgQU0acIFgee6b1O09cgU5ZZBifXiE0wDgYDVR0PAQH/BAQDAgEGMA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQENBQADggIBAC1Qj8Fm74llE8N41MzM
+Wpdv7I9gVN5zZLcN6OE7pazPhbaWOUxEpDtZNwyAQBYzcnRI4IQloxstDQDhM2DC
+wV92D7OiS3DFJkDNEPpY9IFTj67cJ0iFlaaizkpCGb+VNSBk30JqZnUNVltLdZY1
+U4McUKDlx5Sdy9ayPZNKy5SQcchvb2GbbvHQiOvEbz6DNEBUmEf9TMzKHI2D4DFt
+MDWz3yTEjTbdwNT8WYaso/BQvhhKQHhXoI3cDZK1yZZspzldPryuK9pxVj3RJ1Sq
+tAZ82MA8bcWd8jxVvvFhDtgc0ah9b9izF0K31RJlJs77lIXGbG1a5W58gD07m84v
+o/i98pIiXG4NeggKPlzd0//2F9YlZ8H7hnxUV2pzUr0HpUkF2RGLlUby3GIGiqyB
+BFfJuFRGGInEaB8VHpUCWKrEYZ8uD0TbTAGCaJX7Mf/QwgROfUex95nN5Q7CjBcS
+RJaCPZGYGpe2Z0Fw0o680WIgdoAS7Q65+Z8miUzXT2upbqXB+rsEE11mR46JqCqx
+9l8XFtz9WRJuJ23dvej9xxF98vVWz6p+0P8TIoVi+UfqaO0Pk9hYYcrPdeMUZSfg
+En8jHtbtDz69AVvmFCYjXeAER3QlrMGVM6gzYCmdnYZj9dC9LxYRJtOZKY+Clnpc
+r/xS7vOO+Qq8VUHSmfQbp31m
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDczCCAlugAwIBAgILAK7PALrEzzL4Q7IwDQYJKoZIhvcNAQELBQAwVjELMAkG
+A1UEBhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEg
+SW5jMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEMxMB4XDTE4MDIxODE4MzAw
+MFoXDTQzMDIxODE4MzAwMFowVjELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln
+biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMRwwGgYDVQQDExNlbVNpZ24gUm9v
+dCBDQSAtIEMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+upufGZ
+BczYKCFK83M0UYRWEPWgTywS4/oTmifQz/l5GnRfHXk5/Fv4cI7gklL35CX5VIPZ
+HdPIWoU/Xse2B+4+wM6ar6xWQio5JXDWv7V7Nq2s9nPczdcdioOl+yuQFTdrHCZH
+3DspVpNqs8FqOp099cGXOFgFixwR4+S0uF2FHYP+eF8LRWgYSKVGczQ7/g/IdrvH
+GPMF0Ybzhe3nudkyrVWIzqa2kbBPrH4VI5b2P/AgNBbeCsbEBEV5f6f9vtKppa+c
+xSMq9zwhbL2vj07FOrLzNBL834AaSaTUqZX3noleoomslMuoaJuvimUnzYnu3Yy1
+aylwQ6BpC+S5DwIDAQABo0IwQDAdBgNVHQ4EFgQU/qHgcB4qAzlSWkK+XJGFehiq
+TbUwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEL
+BQADggEBAMJKVvoVIXsoounlHfv4LcQ5lkFMOycsxGwYFYDGrK9HWS8mC+M2sO87
+/kOXSTKZEhVb3xEp/6tT+LvBeA+snFOvV71ojD1pM/CjoCNjO2RnIkSt1XHLVip4
+kqNPEjE2NuLe/gDEo2APJ62gsIq1NnpSob0n9CAnYuhNlCQT5AoE6TyrLshDCUrG
+YQTlSTR+08TI9Q/Aqum6VF7zYytPT1DU/rl7mYw9wC68AivTxEDkigcxHpvOJpkT
++xHqmiIMERnHXhuBUDDIlhJu58tBf5E7oke3VIAb3ADMmpDqw8NQBmIMMMAVSKeo
+WXzhriKi4gp6D/piq1JM4fHfyr6DDUI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFlTCCA32gAwIBAgILAIZNvw/jXtd9jtgwDQYJKoZIhvcNAQEMBQAwZzELMAkG
+A1UEBhMCSU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEg
+VGVjaG5vbG9naWVzIExpbWl0ZWQxHDAaBgNVBAMTE2VtU2lnbiBSb290IENBIC0g
+RzIwHhcNMTgwMjE4MTgzMDAwWhcNNDMwMjE4MTgzMDAwWjBnMQswCQYDVQQGEwJJ
+TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s
+b2dpZXMgTGltaXRlZDEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBHMjCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMNwGIWW2kHfHK+sXTNwxF07K+IV
+ySTuyFM2r1v002wUfcdT+zs5OM5QbMYFFnedXQI6gCFLsjKrcaej48Zt37OyEb3i
+aPs7CsP4kAyTwzKH9aZe6gXYHrJq40/ZVMNcQVI2PcIp40B/SAN2gUZ+ZaUtIOvV
+jEx26/ebNaXRIsthlkOG/caB+QRwDw1tl7338Zlv0M2oTBUy4B3e7dGP5pgXH71M
+jqHPCoNo+xv9f0NTBT+hUDa8h8wUtcGQq9CDeJTpjWcD2bP2AMdVG6oVpMAUeUzo
+cCyglvtFdUMjggxBbw4qhau1HXPG8Ot9hwL7ZMi8tkTzrvUIxxb8G9LF/7kKeCE7
+tGZaVzDTnXuifl3msR4ErHsQ4P7lVu2AIjIAhrAXoedDidb7pMcf7TABdrYUT1Jo
+G/AiK+J9jO6GTjeADD4LMDSBZhHMuBK/PJ/g0kGBt+/C1L+/HURzQhJkMlRnM6Rv
+XoCtfKopSlns5trZmTi971Wjbn88QXP61lGpBCUPwCjs7rpOYvSUJtI+lcbF+37q
+kIqOXYkVT3cupDSpw+H89kFtj5GKY+Xny4LxY+3IvDIRiyd6ky1DPj713DI0yqve
+EpsIr3A0PdwuyUI7CS1jg0NnGFT6Xxyr0xB+VDt83FJYW8v16k2pbaQ4kVxA3aXd
+X9dZYyVR1S59KM75AgMBAAGjQjBAMB0GA1UdDgQWBBTt7E1FYRgo57MjKBEcTaUn
+DV7s9DAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0B
+AQwFAAOCAgEACFC/ilQg8KTCVBxFJW/sazomkS0kNYbEIZg4B3obqwsJ7SX98z8Z
+gfzBpz0nYClwwJjWbFN1R2zY8pCEot6/dgmA8Vbq0GxhwPM5YN/SZquNyRIxO3cU
+dlAcwf+vSezdVCf9wOzvSAF3q0a5ljvbdbNJNpfScQVp7UUd5sBsZk8jXO1KQ/go
+/Vf/GDPnrIFmxpAIGE3sgnO8lAv9FzUaAeuv7HWe47xN9J7+bQzF93yHuIXACPTL
+pQHhg2zMv5C7BAbuDHfbj1Cu294Z832yhSfBcziWGskOvl3es2EcHytbS9c9P+0z
+Mpka7zGC1FHrvLb/FoduH86TeZt0QjZ6pcplNzoaxDnDvzTJ6CC2Eny+qH/APFCu
+VUv5/wjwF+HPm8Pup2ARj9cEp92+0qcerfHacNq5hMeGZdbA/dzdUR/5z5zXdxAk
+nl8mcfGb0eMNSTXQmmB/i4AecNnr72uYjzlaXUGYN7Nrb6XouG0pnh0/BBtWWp0U
+ShIPpWEAqs7RJBj6+1ZUYXZ4ObrCw962DxhN2p19Hxw9LtuUUcLqqTPrFXYvwO4t
+ouj7KJnAkaTUfXGdEaFVtFig1EA30WzJY2X1vAQ7hVnniCjgaXAGqjsU6sklNM9n
+xDx5rFCCCEtj9Kh8UHjGK2QqgP5kwgttjOApQMaCoezMfK4KD7WpOXU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICKzCCAbGgAwIBAgIKe3G2gla4EnycqDAKBggqhkjOPQQDAzBaMQswCQYDVQQG
+EwJVUzETMBEGA1UECxMKZW1TaWduIFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJbmMx
+IDAeBgNVBAMTF2VtU2lnbiBFQ0MgUm9vdCBDQSAtIEMzMB4XDTE4MDIxODE4MzAw
+MFoXDTQzMDIxODE4MzAwMFowWjELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln
+biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMSAwHgYDVQQDExdlbVNpZ24gRUND
+IFJvb3QgQ0EgLSBDMzB2MBAGByqGSM49AgEGBSuBBAAiA2IABP2lYa57JhAd6bci
+MK4G9IGzsUJxlTm801Ljr6/58pc1kjZGDoeVjbk5Wum739D+yAdBPLtVb4Ojavti
+sIGJAnB9SMVK4+kiVCJNk7tCDK93nCOmfddhEc5lx/h//vXyqaNCMEAwHQYDVR0O
+BBYEFPtaSNCAIEDyqOkAB2kZd6fmw/TPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMB
+Af8EBTADAQH/MAoGCCqGSM49BAMDA2gAMGUCMQC02C8Cif22TGK6Q04ThHK1rt0c
+3ta13FaPWEBaLd4gTCKDypOofu4SQMfWh0/434UCMBwUZOR8loMRnLDRWmFLpg9J
+0wD8ofzkpf9/rdcw0Md3f76BB1UwUCAU9Vc4CqgxUQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDlDCCAnygAwIBAgIKMfXkYgxsWO3W2DANBgkqhkiG9w0BAQsFADBnMQswCQYD
+VQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBU
+ZWNobm9sb2dpZXMgTGltaXRlZDEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBH
+MTAeFw0xODAyMTgxODMwMDBaFw00MzAyMTgxODMwMDBaMGcxCzAJBgNVBAYTAklO
+MRMwEQYDVQQLEwplbVNpZ24gUEtJMSUwIwYDVQQKExxlTXVkaHJhIFRlY2hub2xv
+Z2llcyBMaW1pdGVkMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEcxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0u76WaK7p1b1TST0Bsew+eeuGQz
+f2N4aLTNLnF115sgxk0pvLZoYIr3IZpWNVrzdr3YzZr/k1ZLpVkGoZM0Kd0WNHVO
+8oG0x5ZOrRkVUkr+PHB1cM2vK6sVmjM8qrOLqs1D/fXqcP/tzxE7lM5OMhbTI0Aq
+d7OvPAEsbO2ZLIvZTmmYsvePQbAyeGHWDV/D+qJAkh1cF+ZwPjXnorfCYuKrpDhM
+tTk1b+oDafo6VGiFbdbyL0NVHpENDtjVaqSW0RM8LHhQ6DqS0hdW5TUaQBw+jSzt
+Od9C4INBdN+jzcKGYEho42kLVACL5HZpIQ15TjQIXhTCzLG3rdd8cIrHhQIDAQAB
+o0IwQDAdBgNVHQ4EFgQU++8Nhp6w492pufEhF38+/PB3KxowDgYDVR0PAQH/BAQD
+AgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAFn/8oz1h31x
+PaOfG1vR2vjTnGs2vZupYeveFix0PZ7mddrXuqe8QhfnPZHr5X3dPpzxz5KsbEjM
+wiI/aTvFthUvozXGaCocV685743QNcMYDHsAVhzNixl03r4PEuDQqqE/AjSxcM6d
+GNYIAwlG7mDgfrbESQRRfXBgvKqy/3lyeqYdPV8q+Mri/Tm3R7nrft8EI6/6nAYH
+6ftjk4BAtcZsCjEozgyfz7MjNYBBjWzEN3uBL4ChQEKF6dk4jeihU80Bv2noWgby
+RQuQ+q7hv53yrlc8pa6yVvSLZUDp/TGBLPQ5Cdjua6e0ph0VpZj3AYHYhX3zUVxx
+iN66zB+Afko=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICTjCCAdOgAwIBAgIKPPYHqWhwDtqLhDAKBggqhkjOPQQDAzBrMQswCQYDVQQG
+EwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNo
+bm9sb2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0g
+RzMwHhcNMTgwMjE4MTgzMDAwWhcNNDMwMjE4MTgzMDAwWjBrMQswCQYDVQQGEwJJ
+TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s
+b2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0gRzMw
+djAQBgcqhkjOPQIBBgUrgQQAIgNiAAQjpQy4LRL1KPOxst3iAhKAnjlfSU2fySU0
+WXTsuwYc58Byr+iuL+FBVIcUqEqy6HyC5ltqtdyzdc6LBtCGI79G1Y4PPwT01xyS
+fvalY8L1X44uT6EYGQIrMgqCZH0Wk9GjQjBAMB0GA1UdDgQWBBR8XQKEE9TMipuB
+zhccLikenEhjQjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggq
+hkjOPQQDAwNpADBmAjEAvvNhzwIQHWSVB7gYboiFBS+DCBeQyh+KTOgNG3qxrdWB
+CUfvO6wIBHxcmbHtRwfSAjEAnbpV/KlK6O3t5nYBQnvI+GDZjVGLVTv7jHvrZQnD
++JbNR6iC8hZVdyR+EhCVBCyj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcjCCA1qgAwIBAgIKLwq3aw3LSq8nWDANBgkqhkiG9w0BAQwFADBWMQswCQYD
+VQQGEwJVUzETMBEGA1UECxMKZW1TaWduIFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJ
+bmMxHDAaBgNVBAMTE2VtU2lnbiBSb290IENBIC0gQzIwHhcNMTgwMjE4MTgzMDAw
+WhcNNDMwMjE4MTgzMDAwWjBWMQswCQYDVQQGEwJVUzETMBEGA1UECxMKZW1TaWdu
+IFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJbmMxHDAaBgNVBAMTE2VtU2lnbiBSb290
+IENBIC0gQzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCMfX1lA+Tb
+mh9YInmRgOW97IVx4LUJf2DRZfs837Jrml+py64aVnYgWO4t6C78fgjfS7jX+c4T
+inIzEquWcI+zi0fd4Sc8NDf7JONp27VWX0qwUYqzLDRCt+s7zpLcfx1ky0zVIJj6
+L06uPyK3kIr9+YAsrVj+39utm6e2MBQsRNstSI3fCQYAGvoQTQ8fULauTqNWaYAk
+NYFe6HUHHQPp2u1Ua00odMXiD5oRFxLcDnGAcE1I/9E9mLCdkggXijYUmico7+Xw
+ZeFoPhva6eIJ5p03Lt3Du5W3EcHR0cJmmY1pyeA36JaXKWRNM9IRjYMVNCcp4jhB
+2tIYiZ+LVk8bwQ9/1c23txmv3u97taZlV22NF4ttS1qq3J+MOp0oGULBzpKfRx0q
+GVqbPukQNGAjOLIN8KDNQNzbR1iAl2d8H+MSoicBo4Aid8TjLWcNv48oCWL53ZrF
+BMTDjaIA6frG1t4IpbnHadA7qCJJe2qpJN6n2eQKAUn6UiQDHPsSqNBlcUhQ4Y/0
+Y0mU5rghm2OB9rXQS1Fb1JRCfJMNnJIm5AUB2+2RWzq5Tgz7SbSho8NsZk0UbQnF
+xciqQ9uoVTAsK14Sk9oG8Q3zfsM08cdPoRb0WlIZklR6mKD7L8nH/zfGu8PIJv94
+GGB9RZ9U4A69r3ePmy8MvrzfNxHKtH6svwIDAQABo0IwQDAdBgNVHQ4EFgQUs/eK
+pNYPiABZ6FEXT9V+7IYigZ0wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMB
+Af8wDQYJKoZIhvcNAQEMBQADggIBADQlpiWM0cv2nZ0H5jVsBq0x2q62Q0LwqATs
+CFvyub7gxNCytRuoA8stmPOEu/lg8Igxj4FIjoyhIrWUVxyiLU7No4P+WjEUOwUT
+xIpkEOtvGUQ9fiOlcGHtIZDNBlZq7WpktXAxeV55RPPsor26p2FNAMRFfZQh0sLX
+hKgk8iulSSggqx8ezgPye63FaiYEi4c/dzRj3HOCnsZiwZZU02df5YpNFjxSwZvE
+41cjGpsrpWMfQFI2s53RbeXp47lSAxYE4NzjBFMe+EwFuEveBCJBEAH5rvYu3pi2
+orsJ424TqWEQV1tCsCkQz+Yq/Okal7yHAkKDeOXcP7oN4A+TdXc2pdqxuVCnBO0R
+mWz2JpGSSeJjiTk/OPwRsPNWtwG/KXL04o2ta3jiPpJuICVtWDAc9R3auBEgJl5r
+ShRmBdszG0LmzsHuZPCFSYC15RBDCOBsa8bDRJ8pBFU2Wi/CVXCACEuavgoveA4F
+a5bt38o0PWxsBP+MpocCdVtDMqzQhxy9IohKuXWAGresoIvKDg3xFk6rBOrjfVwJ
+elwi/xAisojHPJVQv9W1zVIoHp+EQg/4MQC21NbIX2RoioB+V3hK439b/w7deU8x
+2M8cl1OG0nPfbnARl5GPM7vJgi470jto4SeMg6HMAW3Egb56tQcNLwI9U8mZnNvR
+gUMrkAgL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIzCCAqigAwIBAgIQFJgmZtx8zY9AU2d7uZnshTAKBggqhkjOPQQDAzCBlDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v
+bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjE+MDwGA1UEAxM1TWlj
+cm9zb2Z0IEVDQyBQcm9kdWN0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIw
+MTgwHhcNMTgwMjI3MjA0MjA4WhcNNDMwMjI3MjA1MDQ2WjCBlDELMAkGA1UEBhMC
+VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV
+BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjE+MDwGA1UEAxM1TWljcm9zb2Z0IEVD
+QyBQcm9kdWN0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTgwdjAQBgcq
+hkjOPQIBBgUrgQQAIgNiAATHERYqdh1Wjr65YmXUw8608MMw7I9t1245vMhJq6u4
+40N41YEGXe/HfZ/O1rOQdd4MsJDeI7rI0T5n4BmpG4YxHl80Le4X/RX7fieKMqHq
+yY/JfhjLLzssSHp9pvQBB6yjgbwwgbkwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB
+/wQFMAMBAf8wHQYDVR0OBBYEFEPvcIe4nb/siBncxsRrdQ11NDMIMBAGCSsGAQQB
+gjcVAQQDAgEAMGUGA1UdIAReMFwwBgYEVR0gADBSBgwrBgEEAYI3TIN9AQEwQjBA
+BggrBgEFBQcCARY0aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9Eb2Nz
+L1JlcG9zaXRvcnkuaHRtADAKBggqhkjOPQQDAwNpADBmAjEAocBJRF0yVSfMPpBu
+JSKdJFubUTXHkUlJKqP5b08czd2c4bVXyZ7CIkWbBhVwHEW/AjEAxdMo63LHPrCs
+Jwl/Yj1geeWS8UUquaUC5GC7/nornGCntZkU8rC+8LsFllZWj8Fo
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDFzCCAp6gAwIBAgIQFTh14WR+0bBHtO+vQRKCRTAKBggqhkjOPQQDAzCBjzEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v
+bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjE5MDcGA1UEAxMwTWlj
+cm9zb2Z0IEVDQyBUUyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAyMDE4MB4X
+DTE4MDIyNzIwNTEzNFoXDTQzMDIyNzIxMDAxMlowgY8xCzAJBgNVBAYTAlVTMRMw
+EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN
+aWNyb3NvZnQgQ29ycG9yYXRpb24xOTA3BgNVBAMTME1pY3Jvc29mdCBFQ0MgVFMg
+Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxODB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABN7Nu3Ag8SUgtJTo17Q7D26H3ausz01AL4Eza1kJGNaHDSYjnLSNlZ12
+n6W5BkLmrTayxLOuejwI1cudOl5FIWwL4yD1m8LdRDPjQrnq8ihCkqr+DAfKihOZ
+O2IA7drzNaOBvDCBuTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAd
+BgNVHQ4EFgQU6EfIQpqwna5vCyg7mBWP47HogLIwEAYJKwYBBAGCNxUBBAMCAQAw
+ZQYDVR0gBF4wXDAGBgRVHSAAMFIGDCsGAQQBgjdMg30BATBCMEAGCCsGAQUFBwIB
+FjRodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9y
+eS5odG0AMAoGCCqGSM49BAMDA2cAMGQCMBSGUMAmGuvqoRR3OlvfYzmlM8dQQNVr
+NWsPtN99VrnhpZ14GYKhQ24a11ijVQNC2wIwGJS0HjqNZPoMJxuHE0rStzoAlMby
+5WO/r+P63JPV50aaa4FpPgLfUQ2PKHFBiZEv
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwDCCA6igAwIBAgIQHr9ZULjJgDdMBvfrVU+17TANBgkqhkiG9w0BAQ0FADB6
+MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEu
+MScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxHzAdBgNV
+BAMTFkNlcnR1bSBUcnVzdGVkIFJvb3QgQ0EwHhcNMTgwMzE2MTIxMDEzWhcNNDMw
+MzE2MTIxMDEzWjB6MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEg
+U3lzdGVtcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHkxHzAdBgNVBAMTFkNlcnR1bSBUcnVzdGVkIFJvb3QgQ0EwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQDRLY67tzbqbTeRn06TpwXkKQMlzhyC93yZ
+n0EGze2jusDbCSzBfN8pfktlL5On1AFrAygYo9idBcEq2EXxkd7fO9CAAozPOA/q
+p1x4EaTByIVcJdPTsuclzxFUl6s1wB52HO8AU5853BSlLCIls3Jy/I2z5T4IHhQq
+NwuIPMqw9MjCoa68wb4pZ1Xi/K1ZXP69VyywkI3C7Te2fJmItdUDmj0VDT06qKhF
+8JVOJVkdzZhpu9PMMsmN74H+rX2Ju7pgE8pllWeg8xn2A1bUatMn4qGtg/BKEiJ3
+HAVz4hlxQsDsdUaakFjgao4rpUYwBI4Zshfjvqm6f1bxJAPXsiEodg42MEx51UGa
+mqi4NboMOvJEGyCI98Ul1z3G4z5D3Yf+xOr1Uz5MZf87Sst4WmsXXw3Hw09Omiqi
+7VdNIuJGmj8PkTQkfVXjjJU30xrwCSss0smNtA0Aq2cpKNgB9RkEth2+dv5yXMSF
+ytKAQd8FqKPVhJBPC/PgP5sZ0jeJP/J7UhyM9uH3PAeXjA6iWYEMspA90+NZRu0P
+qafegGtaqge2Gcu8V/OXIXoMsSt0Puvap2ctTMSYnjYJdmZm/Bo/6khUHL4wvYBQ
+v3y1zgD2DGHZ5yQD4OMBgQ692IU0iL2yNqh7XAjlRICMb/gv1SHKHRzQ+8S1h9E6
+Tsd2tTVItQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSM+xx1
+vALTn04uSNn5YFSqxLNP+jAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQENBQAD
+ggIBAEii1QALLtA/vBzVtVRJHlpr9OTy4EA34MwUe7nJ+jW1dReTagVphZzNTxl4
+WxmB82M+w85bj/UvXgF2Ez8sALnNllI5SW0ETsXpD4YN4fqzX4IS8TrOZgYkNCvo
+zMrnadyHncI013nR03e4qllY/p0m+jiGPp2Kh2RX5Rc64vmNueMzeMGQ2Ljdt4NR
+5MTMI9UGfOZR0800McD2RrsLrfw9EAUqO0qRJe6M1ISHgCq8CYyqOhNf6DR5UMEQ
+GfnTKB7U0VEwKbOukGfWHwpjscWpxkIxYxeU72nLL/qMFH3EQxiJ2fAyQOaA4kZf
+5ePBAFmo+eggvIksDkc0C+pXwlM2/KfUrzHN/gLldfq5Jwn58/U7yn2fqSLLiMmq
+0Uc9NneoWWRrJ8/vJ8HjJLWG965+Mk2weWjROeiQWMODvA8s1pfrzgzhIMfatz7D
+P78v3DSk+yshzWePS/Tj6tQ/50+6uaWTRRxmHyH6ZF5v4HaUMst19W7l9o/HuKTM
+qJZ9ZPskWkoDbGs4xugDQ5r3V7mzKWmTOPQD8rv7gmsHINFSH5pkAnuYZttcTVoP
+0ISVoDwUQwbKytu4QTbaakRnh6+v40URFWkIsr4WOZckbxJF0WddCajJFdr60qZf
+E2Efv4WstK2tBZQIgx51F9NxO5NQI1mg7TyRVJ12AMXDuDjb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICZTCCAeugAwIBAgIQeI8nXIESUiClBNAt3bpz9DAKBggqhkjOPQQDAzB0MQsw
+CQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBTLkEuMScw
+JQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGTAXBgNVBAMT
+EENlcnR1bSBFQy0zODQgQ0EwHhcNMTgwMzI2MDcyNDU0WhcNNDMwMzI2MDcyNDU0
+WjB0MQswCQYDVQQGEwJQTDEhMB8GA1UEChMYQXNzZWNvIERhdGEgU3lzdGVtcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGTAX
+BgNVBAMTEENlcnR1bSBFQy0zODQgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATE
+KI6rGFtqvm5kN2PkzeyrOvfMobgOgknXhimfoZTy42B4mIF4Bk3y7JoOV2CDn7Tm
+Fy8as10CW4kjPMIRBSqniBMY81CE1700LCeJVf/OTOffph8oxPBUw7l8t1Ot68Kj
+QjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFI0GZnQkdjrzife81r1HfS+8
+EF9LMA4GA1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNoADBlAjADVS2m5hjEfO/J
+UG7BJw+ch69u1RsIGL2SKcHvlJF40jocVYli5RsJHrpka/F2tNQCMQC0QoSZ/6vn
+nvuRlydd3LBbMHHOXjgaatkl5+r3YZJW+OraNsKHZZYuciUvf9/DE8k=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFajCCA1KgAwIBAgIQEoG5GPN5OkKTzpFYYeTtXDANBgkqhkiG9w0BAQsFADBP
+MSUwIwYDVQQDDBxEaWdpZGVudGl0eSBTZXJ2aWNlcyBSb290IENBMRkwFwYDVQQK
+DBBEaWdpZGVudGl0eSBCLlYuMQswCQYDVQQGEwJOTDAeFw0xODA3MTAxMDA1NDJa
+Fw00MzA3MDQxMDA1NDJaME8xJTAjBgNVBAMMHERpZ2lkZW50aXR5IFNlcnZpY2Vz
+IFJvb3QgQ0ExGTAXBgNVBAoMEERpZ2lkZW50aXR5IEIuVi4xCzAJBgNVBAYTAk5M
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkgc7BfM91cHK5ubHBvp5
+qD9oZ0R3M2TDH13YclmDY8+TzKWTEwFBxAoPps9nGjI0oLpAnEe+QqzeGwdcSCMz
+Up0p87dcxjVCaoZ0Z8jJmhNVk1BfRi9AKfCmnnx7WlTaiiryAZtKje7PbBBF9fAg
+ETq9jlh6mEKXkwNiDzx8YSia2lVNJMB8zwvL2R3ZzWm6i82ONMX0dVdGK4KNbjzl
+CJV6b0qLfeOEf35CKtmxIaAm4po4F7Gq3TLkTKar+cQmB14GlbnPrZ/J/8sj0jno
+JEiIErHVz7TE7D2L/nVvxxFyEui62prSfXFrXtmMfjGG31jdLJlKrLAtzcrcYC9r
+MKJaizzLGzD8ETNJSdlW1ugh3rS6PHrXGCUegPaL5gWXddR0aIVDCnSLHLEtuZ8E
+2KGX1KY0UsyNMoStie3m+EWMc5wdNeYO562Y90nJCpmWUKIujX/uqRoeqawntsxZ
+y0qS6PLXjqeNXU7VdQeg1Hgj2bUfWuOxQBqg8X5taMR8OVq+StI1k/VmNNb9C5Sq
+mK6iLS5AcsCrrgBzijeIevxCmoXderIy/t3EhjSEf3saacC3PrST3Aax4Bjifoey
+KMXVaU7xy8PTUjwFIZzZZawZq/+xZSw4emoEM6esnyguzsJMk5jwwgGqkBhH07or
+MKnNaVXYH2M8NzM8Ze/v5x0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
+HQ4EFgQUwnhnF2uPPk6xWJaOekLaZz/EF10wDgYDVR0PAQH/BAQDAgEGMA0GCSqG
+SIb3DQEBCwUAA4ICAQAeojNQBng8utKsHlJ2xUc7zr06qqTAr7Vcp3Us4yBks7WF
+VwnfPpPPlgYyHtZOMxc/6KIIuV2qgC6d71JeFw/gB3yJ40EY7YxUrlayfECIFit8
+xUWuwuZPNvhz/bQOmUBJha8hvhKT0/5mQPzRU6Alf512EWBIMEydrInciCS/olMz
+sYrL4t5hQ3h/euHtJI58CL80zjOUdXNu9M8oMt+9IhjNIbykHN6wpP+OGiPHX3RT
+ebYAe2wyf1ztO3GwGgTiDuOjb39TvWZ/tbkfG6xz05NSo1kDOK1bZ2hiGifJ9r1/
+Ha2dMHYUWDvzMKpCeUcQs3/ZOsrZmUpHnFuEEp9l+MeAtfQ/HNBeWfx4RIGniT6I
+XZKWsXRipuzpYnVbzelCESyLFCKaB4wG5IOoyleSWQZosjk6mlEIReIGA+U2T4he
+lL0UPK9V+DJ1M1/LUbsSGUZlAXNBZgWMvxhL/zk5j27g4lnW8Jy8DD46eIFPJFna
+RErXT7avmuxE9Xeb28MjkPZGGL2/L9F+KEAUMX26IAV4pHbdFg4KeqxpRv7wAe5q
+0m0OjjsVLnwjj3fh5X38GAOU3iGUJttGiVT4I7NYK/4v9vSWG5NlrXkDLMTfITh0
+5Jod9kVHOXLVcV37vghtFtWot2FjKqcowAemtd6V7ZKqbPvNXE1ZWuZdIJuGlw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHMDCCBRigAwIBAgICD6AwDQYJKoZIhvcNAQENBQAwZTELMAkGA1UEBhMCQ1ox
+FzAVBgNVBGETDk5UUkNaLTQ3MTE0OTgzMR0wGwYDVQQKDBTEjGVza8OhIHBvxaF0
+YSwgcy5wLjEeMBwGA1UEAxMVUG9zdFNpZ251bSBSb290IFFDQSA0MB4XDTE4MDcy
+NjA5NTYwOFoXDTM4MDcyNjA5NTYwOFowZTELMAkGA1UEBhMCQ1oxFzAVBgNVBGET
+Dk5UUkNaLTQ3MTE0OTgzMR0wGwYDVQQKDBTEjGVza8OhIHBvxaF0YSwgcy5wLjEe
+MBwGA1UEAxMVUG9zdFNpZ251bSBSb290IFFDQSA0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAxmaNgqB+vosiJXgQwAiLmhl/1a0AFA5k3t4hcB3IYUL6
+VRyLnjvonYJHfLuOAn6dS9zi++i3PZkRqB1xHkfCJNFClXxk4tfbmhDeTJ6mQjx+
+fu2wywPtxrtd/Dn0xO6Kc7Mb/ffwaFSSh6f0bZt61RLov4JPNKOvhq9qjOQgjGZy
+rBGIle60IppJm8bl0A5bmRL4FQygNwIascskyl0Vy69LHx4CNUIwtgN7b1s++leV
+NpETeLFpCtPdLoxEswg/kJuMRf8XaBZmGJIYSArCKIVYyC/gO7PRUmiwv2yLYdm7
+9xvCd1xoIXHqPd23bqQs4vr5O0QzmYjU6kZbuLV8GIBuVFOH35tjtOUxMrZ+2Dja
+yuNcNc7OGnAoofqXvD5dfp5snqP+ZZYlVPXi9Y+N5e4PLt0rdud+uiLDW27ekSXR
+hvJMBxJxSb8XFgKPUbMnatCNTmtFaD9nfv5Uhlx7kfn2XzO61rnzuf2CcgSlNiT7
+TQSXepGBIPjg+5QYJlhacazdL7JHdUTjJqYVbnA/Zje68lzDMfL1wDSMExh2HWGL
+VGJZj6inVKBZB+4suo7FtdqyzT9AmVW9a1ekPlk7g/s93freyoA/EIwHy/Hvosk7
+VivLdYwU8IdUbX8JMA1QaxVgkMe6F7A7EKvFujf1L/nAnPt5CC0A2niFS+XBMikC
+AwEAAaOCAegwggHkMIGlBgNVHR8EgZ0wgZowMaAvoC2GK2h0dHA6Ly9jcmwucG9z
+dHNpZ251bS5jei9jcmwvcHNyb290cWNhNC5jcmwwMqAwoC6GLGh0dHA6Ly9jcmwy
+LnBvc3RzaWdudW0uY3ovY3JsL3Bzcm9vdHFjYTQuY3JsMDGgL6AthitodHRwOi8v
+Y3JsLnBvc3RzaWdudW0uZXUvY3JsL3Bzcm9vdHFjYTQuY3JsMIHVBgNVHSAEgc0w
+gcowgccGBFUdIAAwgb4wgbsGCCsGAQUFBwICMIGuGoGrVGVudG8gY2VydGlmaWth
+dCBwcm8gZWxla3Ryb25pY2tvdSBwZWNldCBieWwgdnlkYW4gdiBzb3VsYWR1IHMg
+bmFyaXplbmltIEVVIGMuIDkxMC8yMDE0LlRoaXMgaXMgYSBjZXJ0aWZpY2F0ZSBm
+b3IgZWxlY3Ryb25pYyBzZWFsIGFjY29yZGluZyB0byBSZWd1bGF0aW9uIChFVSkg
+Tm8gOTEwLzIwMTQuMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEG
+MB8GA1UdIwQYMBaAFJMYNh+paXBRNapPP6yNUH4mBSkKMB0GA1UdDgQWBBSTGDYf
+qWlwUTWqTz+sjVB+JgUpCjANBgkqhkiG9w0BAQ0FAAOCAgEAO01Radk3mUuojS9G
++JksIhH6qWebQZg0UpN2v5H22JEI+HfBat2ept+TMmB9o9D51rhRoC8Y85yS0WB9
+JJCMauZcF77PjF2LTT4pO/bvEgI3ahrjf63iJiTNHFNztqyzKuOBGNAqQ2S0bV9a
+GNcAqvSbF7gJbyDE/74EFz9Qq0BHnmQJH4xQN3uzGJPM8XkRvxRgj+SD/tXnqGGI
+PWurj4J6GGBsIfr6ecYReq9B2syPC9E4uB8qFfvEQunA9NJ2mLLoCqtTICU3/t95
+IvUVOBl1o6q+QmYEfmUg2qJuIBbtXb5WhQ5hkRfIBFlQ8upyZQZaXXqlmJmjZJzk
+dNk7hstyRP7BhVdgyCyHZtBTX2p+cEO644M0fzw58ORo0s1zvG/tooRm9tWg+5ry
+hLmG2Xcrll4V+QxjFgmG8wFakq2AqNq4W7PxDHiAl/xqnh/kNgwkI+7VoTHrdqrz
+CSbyAwzjDd9T2kgRxQG8U6vfuEt84iNtySCdmp6pWPNPkfjNOGCQEv7GamcUlHw4
+11SfvD70YnW5nxgNdmqxcDcUtxzGngcXtFa/qAjxWR7TS25ESNkzzKAZELQs9ORy
+DLQkgzbYhCLdvDolc33xA0+Ge1bjzpH6PbpGDZxmWKTFM2ZJQQYNvWH7P55T3pbE
+53TUes0DYl+ICmA+jPmN4YzcGrI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdDCCA1ygAwIBAgIPAWdfJ9b+euPkrL4JWwWeMA0GCSqGSIb3DQEBCwUAMEQx
+CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE
+AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0xODExMjkxMTU1NTRaFw00MzExMjkxMTU1
+NTRaMEQxCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZ
+MBcGA1UEAwwQVGVsaWEgUm9vdCBDQSB2MjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBALLQPwe84nvQa5n44ndp586dpAO8gm2h/oFlH0wnrI4AuhZ76zBq
+AMCzdGh+sq/H1WKzej9Qyow2RCRj0jbpDIX2Q3bVTKFgcmfiKDOlyzG4OiIjNLh9
+vVYiQJ3q9HsDrWj8soFPmNB06o3lfc1jw6P23pLCWBnglrvFxKk9pXSW/q/5iaq9
+lRdU2HhE8Qx3FZLgmEKnpNaqIJLNwaCzlrI6hEKNfdWV5Nbb6WLEWLN5xYzTNTOD
+n3WhUidhOPFZPY5Q4L15POdslv5e2QJltI5c0BE0312/UqeBAMN/mUWZFdUXyApT
+7GPzmX3MaRKGwhfwAZ6/hLzRUssbkmbOpFPlob/E2wnW5olWK8jjfN7j/4nlNW4o
+6GwLI1GpJQXrSPjdscr6bAhR77cYbETKJuFzxokGgeWKrLDiKca5JLNrRBH0pUPC
+TEPlcDaMtjNXepUugqD0XBCzYYP2AgWGLnwtbNwDRm41k9V6lS/eINhbfpSQBGq6
+WT0EBXWdN6IOLj3rwaRSg/7Qa9RmjtzG6RJOHSpXqhC8fF6CfaamyfItufUXJ63R
+DolUK5X6wK0dmBR4M0KGCqlztft0DbcbMBnEWg4cJ7faGND/isgFuvGqHKI3t+ZI
+pEYslOqodmJHixBTB0hXbOKSTbauBcvcwUpej6w9GU7C7WB1K9vBykLVAgMBAAGj
+YzBhMB8GA1UdIwQYMBaAFHKs5DN5qkWH9v2sHZ7Wxy+G2CQ5MB0GA1UdDgQWBBRy
+rOQzeapFh/b9rB2e1scvhtgkOTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw
+AwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAoDtZpwmUPjaE0n4vOaWWl/oRrfxn83EJ
+8rKJhGdEr7nv7ZbsnGTbMjBvZ5qsfl+yqwE2foH65IRe0qw24GtixX1LDoJt0nZi
+0f6X+J8wfBj5tFJ3gh1229MdqfDBmgC9bXXYfef6xzijnHDoRnkDry5023X4blMM
+A8iZGok1GTzTyVR8qPAs5m4HeW9q4ebqkYJpCh3DflminmtGFZhb069GHWLIzoBS
+SRE/yQQSwxN8PzuKlts8oB4KtItUsiRnDe+Cy748fdHif64W1lZYudogsYMVoe+K
+TTJvQS8TUoKU1xrBeKJR3Stwbbca+few4GeXVtt8YVMJAygCQMez2P2ccGrGKMOF
+6eLtGpOg3kuYooQ+BXcBlj37tCAPnHICehIv1aO6UXivKitEZU61/Qrowc15h2Er
+3oBXRb9n8ZuRXqWk7FlIEA04x7D6w0RtBPV4UBySllva9bguulvP5fBqnUsvWHMt
+Ty3EHD70sz+rFQ47GUGKpMFXEmZxTPpT41frYpUJnlTd0cI8Vzy9OK2YZLe4A5pT
+VmBds9hCG1xLEooc6+t9xnppxyd/pPiL8uSUZodL6ZQHCRJ5irLrdATczvREWeAW
+ysUsWNc8e89ihmpQfTU2Zqf7N+cox9jQraVplI/owd8k+BsHMYeB2F326CjYSlKA
+rBPuUBQemMc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICbjCCAfOgAwIBAgIQYvYybOXE42hcG2LdnC6dlTAKBggqhkjOPQQDAzB4MQsw
+CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNlcmVzMRgw
+FgYDVQRhDA9WQVRFUy1RMjgyNjAwNEoxLDAqBgNVBAMMI0FDIFJBSVogRk5NVC1S
+Q00gU0VSVklET1JFUyBTRUdVUk9TMB4XDTE4MTIyMDA5MzczM1oXDTQzMTIyMDA5
+MzczM1oweDELMAkGA1UEBhMCRVMxETAPBgNVBAoMCEZOTVQtUkNNMQ4wDAYDVQQL
+DAVDZXJlczEYMBYGA1UEYQwPVkFURVMtUTI4MjYwMDRKMSwwKgYDVQQDDCNBQyBS
+QUlaIEZOTVQtUkNNIFNFUlZJRE9SRVMgU0VHVVJPUzB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABPa6V1PIyqvfNkpSIeSX0oNnnvBlUdBeh8dHsVnyV0ebAAKTRBdp20LH
+sbI6GA60XYyzZl2hNPk2LEnb80b8s0RpRBNm/dfF/a82Tc4DTQdxz69qBdKiQ1oK
+Um8BA06Oi6NCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0OBBYEFAG5L++/EYZg8k/QQW6rcx/n0m5JMAoGCCqGSM49BAMDA2kAMGYCMQCu
+SuMrQMN0EfKVrRYj3k4MGuZdpSRea0R7/DjiT8ucRRcRTBQnJlU5dUoDzBOQn5IC
+MQD6SmxgiHPz7riYYqnOK8LZiqZwMR2vsJRM60/G49HzYqc8/5MuB1xJAWdpEgJy
+v+c=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFajCCA1KgAwIBAgIQLd2szmKXlKFD6LDNdmpeYDANBgkqhkiG9w0BAQsFADBP
+MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
+ZC4xGzAZBgNVBAMMEkhpUEtJIFJvb3QgQ0EgLSBHMTAeFw0xOTAyMjIwOTQ2MDRa
+Fw0zNzEyMzExNTU5NTlaME8xCzAJBgNVBAYTAlRXMSMwIQYDVQQKDBpDaHVuZ2h3
+YSBUZWxlY29tIENvLiwgTHRkLjEbMBkGA1UEAwwSSGlQS0kgUm9vdCBDQSAtIEcx
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9B5/UnMyDHPkvRN0o9Qw
+qNCuS9i233VHZvR85zkEHmpwINJaR3JnVfSl6J3VHiGh8Ge6zCFovkRTv4354twv
+Vcg3Px+kwJyz5HdcoEb+d/oaoDjq7Zpy3iu9lFc6uux55199QmQ5eiY29yTw1S+6
+lZgRZq2XNdZ1AYDgr/SEYYwNHl98h5ZeQa/rh+r4XfEuiAU+TCK72h8q3VJGZDnz
+Qs7ZngyzsHeXZJzA9KMuH5UHsBffMNsAGJZMoYFL3QRtU6M9/Aes1MU3guvklQgZ
+KILSQjqj2FPseYlgSGDIcpJQ3AOPgz+yQlda22rpEZfdhSi8MEyr48KxRURHH+CK
+FgeW0iEPU8DtqX7UTuybCeyvQqww1r/REEXgphaypcXTT3OUM3ECoWqj1jOXTyFj
+HluP2cFeRXF3D4FdXyGarYPM+l7WjSNfGz1BryB1ZlpK9p/7qxj3ccC2HTHsOyDr
+y+K49a6SsvfhhEvyovKTmiKe0xRvNlS9H15ZFblzqMF8b3ti6RZsR1pl8w4Rm0bZ
+/W3c1pzAtH2lsN0/Vm+h+fbkEkj9Bn8SV7apI09bA8PgcSojt/ewsTu8mL3WmKgM
+a/aOEmem8rJY5AIJEzypuxC00jBF8ez3ABHfZfjcK0NVvxaXxA/VLGGEqnKG/uY6
+fsI/fe78LxQ+5oXdUG+3Se0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
+HQ4EFgQU8ncX+l6o/vY9cdVouslGDDjYr7AwDgYDVR0PAQH/BAQDAgGGMA0GCSqG
+SIb3DQEBCwUAA4ICAQBQUfB13HAE4/+qddRxosuej6ip0691x1TPOhwEmSKsxBHi
+7zNKpiMdDg1H2DfHb680f0+BazVP6XKlMeJ45/dOlBhbQH3PayFUhuaVevvGyuqc
+SE5XCV0vrPSltJczWNWseanMX/mF+lLFjfiRFOs6DRfQUsJ748JzjkZ4Bjgs6Fza
+ZsT0pPBWGTMpWmWSBUdGSquEwx4noR8RkpkndZMPvDY7l1ePJlsMu5wP1G4wB9Tc
+XzZoZjmDlicmisjEOf6aIW/Vcobpf2Lll07QJNBAsNB1CI69aO4I1258EHBGG3zg
+iLKecoaZAeO/n0kZtCW+VmWuF2PlHt/o/0elv+EmBYTksMCv5wiZqAxeJoBF1Pho
+L5aPruJKHJwWDBNvOIf2u8g0X5IDUXlwpt/L9ZlNec1OvFefQ05rLisY+GpzjLrF
+Ne85akEez3GoorKGB1s6yeHvP2UEgEcyRHCVTjFnanRbEEV16rCf0OY1/k6fi8wr
+kkVbbiVghUbN0aqwdmaTd5a+g744tiROJgvM7XpWGuDpWsZkrUx6AEhEL7lAuxM+
+vhV4nYWBSipX3tUZQ9rbyltHhoMLP7YNdnhzeSJesYAfz77RP1YQmCuVh6EfnWQU
+YDksswBVLuT1sw5XxJFBAJw/6KXf6vb/yPCtbVKoF6ubYfwSUTXkJf2vqmqGOQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWjCCA0KgAwIBAgISEdK7udcjGJ5AXwqdLdDfJWfRMA0GCSqGSIb3DQEBDAUA
+MEYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYD
+VQQDExNHbG9iYWxTaWduIFJvb3QgUjQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMy
+MDAwMDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYt
+c2ExHDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBSNDYwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCsrHQy6LNl5brtQyYdpokNRbopiLKkHWPd08EsCVeJ
+OaFV6Wc0dwxu5FUdUiXSE2te4R2pt32JMl8Nnp8semNgQB+msLZ4j5lUlghYruQG
+vGIFAha/r6gjA7aUD7xubMLL1aa7DOn2wQL7Id5m3RerdELv8HQvJfTqa1VbkNud
+316HCkD7rRlr+/fKYIje2sGP1q7Vf9Q8g+7XFkyDRTNrJ9CG0Bwta/OrffGFqfUo
+0q3v84RLHIf8E6M6cqJaESvWJ3En7YEtbWaBkoe0G1h6zD8K+kZPTXhc+CtI4wSE
+y132tGqzZfxCnlEmIyDLPRT5ge1lFgBPGmSXZgjPjHvjK8Cd+RTyG/FWaha/LIWF
+zXg4mutCagI0GIMXTpRW+LaCtfOW3T3zvn8gdz57GSNrLNRyc0NXfeD412lPFzYE
++cCQYDdF3uYM2HSNrpyibXRdQr4G9dlkbgIQrImwTDsHTUB+JMWKmIJ5jqSngiCN
+I/onccnfxkF0oE32kRbcRoxfKWMxWXEM2G/CtjJ9++ZdU6Z+Ffy7dXxd7Pj2Fxzs
+x2sZy/N78CsHpdlseVR2bJ0cpm4O6XkMqCNqo98bMDGfsVR7/mrLZqrcZdCinkqa
+ByFrgY/bxFn63iLABJzjqls2k+g9vXqhnQt2sQvHnf3PmKgGwvgqo6GDoLclcqUC
+4wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNV
+HQ4EFgQUA1yrc4GHqMywptWU4jaWSf8FmSwwDQYJKoZIhvcNAQEMBQADggIBAHx4
+7PYCLLtbfpIrXTncvtgdokIzTfnvpCo7RGkerNlFo048p9gkUbJUHJNOxO97k4Vg
+JuoJSOD1u8fpaNK7ajFxzHmuEajwmf3lH7wvqMxX63bEIaZHU1VNaL8FpO7XJqti
+2kM3S+LGteWygxk6x9PbTZ4IevPuzz5i+6zoYMzRx6Fcg0XERczzF2sUyQQCPtIk
+pnnpHs6i58FZFZ8d4kuaPp92CC1r2LpXFNqD6v6MVenQTqnMdzGxRBF6XLE+0xRF
+FRhiJBPSy03OXIPBNvIQtQ6IbbjhVp+J3pZmOUdkLG5NrmJ7v2B0GbhWrJKsFjLt
+rWhV/pi60zTe9Mlhww6G9kuEYO4Ne7UyWHmRVSyBQ7N0H3qqJZ4d16GLuc1CLgSk
+ZoNNiTW2bKg2SnkheCLQQrzRQDGQob4Ez8pn7fXwgNNgyYMqIgXQBztSvwyeqiv5
+u+YfjyW6hY0XHgL+XVAEV8/+LbzvXMAaq7afJMbfc2hIkCwU9D9SGuTSyxTDYWnP
+4vkYxboznxSjBF25cfe1lNj2M8FawTSLfJvdkzrnE6JwYZ+vj+vYxXX4M2bUdGc6
+N3ec592kD3ZDZopD8p/7DEJ4Y9HiD2971KE9dJeFt0g5QdYg/NA6s/rob8SKunE3
+vouXsXgxT7PntgMTzlSdriVZzH81Xwj3QEUxeCp6
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICCzCCAZGgAwIBAgISEdK7ujNu1LzmJGjFDYQdmOhDMAoGCCqGSM49BAMDMEYx
+CzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRwwGgYDVQQD
+ExNHbG9iYWxTaWduIFJvb3QgRTQ2MB4XDTE5MDMyMDAwMDAwMFoXDTQ2MDMyMDAw
+MDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2Ex
+HDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBFNDYwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAAScDrHPt+ieUnd1NPqlRqetMhkytAepJ8qUuwzSChDH2omwlwxwEwkBjtjq
+R+q+soArzfwoDdusvKSGN+1wCAB16pMLey5SnCNoIwZD7JIvU4Tb+0cUB+hflGdd
+yXqBPCCjQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
+DgQWBBQxCpCPtsad0kRLgLWi5h+xEk8blTAKBggqhkjOPQQDAwNoADBlAjEA31SQ
+7Zvvi5QCkxeCmb6zniz2C5GMn0oUsfZkvLtoURMMA/cVi4RguYv/Uo7njLwcAjA8
++RHUjE7AwWHCFUyqqx0LMV87HOIAl0Qx5v5zli/altP+CAezNIm8BZ/3Hobui3A=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFszCCA5ugAwIBAgIUEwLV4kBMkkaGFmddtLu7sms+/BMwDQYJKoZIhvcNAQEL
+BQAwYTELMAkGA1UEBhMCVE4xNzA1BgNVBAoMLkFnZW5jZSBOYXRpb25hbGUgZGUg
+Q2VydGlmaWNhdGlvbiBFbGVjdHJvbmlxdWUxGTAXBgNVBAMMEFR1blRydXN0IFJv
+b3QgQ0EwHhcNMTkwNDI2MDg1NzU2WhcNNDQwNDI2MDg1NzU2WjBhMQswCQYDVQQG
+EwJUTjE3MDUGA1UECgwuQWdlbmNlIE5hdGlvbmFsZSBkZSBDZXJ0aWZpY2F0aW9u
+IEVsZWN0cm9uaXF1ZTEZMBcGA1UEAwwQVHVuVHJ1c3QgUm9vdCBDQTCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMPN0/y9BFPdDCA61YguBUtB9YOCfvdZ
+n56eY+hz2vYGqU8ftPkLHzmMmiDQfgbU7DTZhrx1W4eI8NLZ1KMKsmwb60ksPqxd
+2JQDoOw05TDENX37Jk0bbjBU2PWARZw5rZzJJQRNmpA+TkBuimvNKWfGzC3gdOgF
+VwpIUPp6Q9p+7FuaDmJ2/uqdHYVy7BG7NegfJ7/Boce7SBbdVtfMTqDhuazb1YMZ
+GoXRlJfXyqNlC/M4+QKu3fZnz8k/9YosRxqZbwUN/dAdgjH8KcwAWJeRTIAAHDOF
+li/LQcKLEITDCSSJH7UP2dl3RxiSlGBcx5kDPP73lad9UKGAwqmDrViWVSHbhlnU
+r8a83YFuB9tgYv7sEG7aaAH0gxupPqJbI9dkxt/con3YS7qC0lH4Zr8GRuR5KiY2
+eY8fTpkdso8MDhz/yV3A/ZAQprE38806JG60hZC/gLkMjNWb1sjxVj8agIl6qeIb
+MlEsPvLfe/ZdeikZjuXIvTZxi11Mwh0/rViizz1wTaZQmCXcI/m4WEEIcb9PuISg
+jwBUFfyRbVinljvrS5YnzWuioYasDXxU5mZMZl+QviGaAkYt5IPCgLnPSz7ofzwB
+7I9ezX/SKEIBlYrilz0QIX32nRzFNKHsLA4KUiwSVXAkPcvCFDVDXSdOvsC9qnyW
+5/yeYa1E0wCXAgMBAAGjYzBhMB0GA1UdDgQWBBQGmpsfU33x9aTI04Y+oXNZtPdE
+ITAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFAaamx9TffH1pMjThj6hc1m0
+90QhMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAqgVutt0Vyb+z
+xiD2BkewhpMl0425yAA/l/VSJ4hxyXT968pk21vvHl26v9Hr7lxpuhbI87mP0zYu
+QEkHDVneixCwSQXi/5E/S7fdAo74gShczNxtr18UnH1YeA32gAm56Q6XKRm4t+v4
+FstVEuTGfbvE7Pi1HE4+Z7/FXxttbUcoqgRYYdZ2vyJ/0Adqp2RT8JeNnYA/u8EH
+22Wv5psymsNUk8QcCMNE+3tjEUPRahphanltkE8pjkcFwRJpadbGNjHh/PqAulxP
+xOu3Mqz4dWEX1xAZufHSCe96Qp1bWgvUxpVOKs7/B9dPfhgGiPEZtdmYu65xxBzn
+dFlY7wyJz4sfdZMaBBSSSFCp61cpABbjNhzI+L/wM9VBD8TMPN3pM0MBkRArHtG5
+Xc0yGYuPjCB31yLEQtyEFpslbei0VXF/sHyz03FJuc9SpAQ/3D2gu68zngowYI7b
+nV2UqL1g52KAdoGDDIzMMEZJ4gzSqK/rYXHv5yJiqfdcZGyfFoxnNidF9Ql7v/YQ
+CvGwjVRDjAS6oz/v4jXH+XTgbzRB0L9zZVcg+ZtnemZoJE6AZb0QmQZZ8mWvuMZH
+u/2QeItBcy6vVR/cO5JyboTT0GFMDcx2V+IthSIVNg3rAZ3r2OvEhJn7wAzMMujj
+d9qDRIueVSjAi1jTkD5OGwDxFa2DK5o=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGrDCCBJSgAwIBAgIJANLVi0S/gZNCMA0GCSqGSIb3DQEBDQUAMIGYMQswCQYD
+VQQGEwJCUjETMBEGA1UECgwKSUNQLUJyYXNpbDE9MDsGA1UECww0SW5zdGl0dXRv
+IE5hY2lvbmFsIGRlIFRlY25vbG9naWEgZGEgSW5mb3JtYWNhbyAtIElUSTE1MDMG
+A1UEAwwsQXV0b3JpZGFkZSBDZXJ0aWZpY2Fkb3JhIFJhaXogQnJhc2lsZWlyYSB2
+MTAwHhcNMTkwNzAxMTkxNTU5WhcNMzIwNzAxMTIwMDU5WjCBmDELMAkGA1UEBhMC
+QlIxEzARBgNVBAoMCklDUC1CcmFzaWwxPTA7BgNVBAsMNEluc3RpdHV0byBOYWNp
+b25hbCBkZSBUZWNub2xvZ2lhIGRhIEluZm9ybWFjYW8gLSBJVEkxNTAzBgNVBAMM
+LEF1dG9yaWRhZGUgQ2VydGlmaWNhZG9yYSBSYWl6IEJyYXNpbGVpcmEgdjEwMIIC
+IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAk3AxKl1ZtP0pNyjChqO7qNkn
++/sClZeqiV/Kd7KnnbkDbI2y3VWcUG7feCE/deIxot6GH6JXncRG794UZl+4doD0
+D0/cEwBd4DvrDSZm0RT40xhmYYOTxZDJxv+coTHdmsT5aNmSkktfjzYX4HQHh/7M
+em+kTOpT/3E4K6B7KVs9HkOT7nXx5yU1qYbVWqI0qpJM9mOTSFx8C9HiKcHvLCvt
+1ioXKPAmFuHPkayOcXP2MXeb+VRNjWKU4E+L2t5uZPKVx1M/9i1DztlLb4K8OfYg
+GaPDUSF1sxnoGk5qZHLleO6KjCpmuQepmgsBvxi2YNO7X2YUwQQx1AXNSolgtkAR
+5gt+1WzxhbFUhItQqlhqxgWHefLmiT5T/Ctz/P2v+zSO4efkkIzsi1iwD+ypZvM2
+lnIvB24RcSN6jzmCahLPX4CwjwIK6JsSoMVxIhpZHCguUP4LXqP8IWUZ6WgS/4zB
+7B9E0EICl2rM1PRy+6ulv+ZOW256e8a0pijUB+hXM1msUq9L92476FAAX8va3sP7
++Uut94+bGHmubcTLImWUPrxNT7QyrvE3FyHicfiHioeFL2oV4cXTLZrEq2wS8R4P
+KPdSzNn5Z9e2uMEGYQaSNO+OwvVycpIhOBOqrm12wJ9ZhWKtM5UOo34/o37r5ZBI
+TYXAGbhqQDB9mWXwH+0CAwEAAaOB9jCB8zBOBgNVHSAERzBFMEMGBWBMAQEAMDow
+OAYIKwYBBQUHAgEWLGh0dHA6Ly9hY3JhaXouaWNwYnJhc2lsLmdvdi5ici9EUENh
+Y3JhaXoucGRmMEAGA1UdHwQ5MDcwNaAzoDGGL2h0dHA6Ly9hY3JhaXouaWNwYnJh
+c2lsLmdvdi5ici9MQ1JhY3JhaXp2MTAuY3JsMB8GA1UdIwQYMBaAFHTzfv/8n1N6
+8Xzrqz6kptoYukVjMB0GA1UdDgQWBBR0837//J9TevF866s+pKbaGLpFYzAPBgNV
+HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQ0FAAOCAgEA
+eCNhBSuy/Ih/T+1VOtAJju85SrtoE3vET1qXASpmjQllDHG/ph7VFNRAkC+gha+B
+CbjoA5oJ/8wwl+Qdp1KGz6nXXFTLx3osU+kjm0srmBf9nyXHPqvFyvBeB0A7sYb7
+TmII9GKD20oCxsdkccR/oE/JuTaNnGq0GYZ2aDb5v62uLi21Y6P9UBiTxZqQ4ojW
+ET6kXNjlK238jpXv17FR8Sg3VusCvX7Q8eJkavvHHZDeWck2fSA+ycAc2JeL2Z0B
+MSxGWpH32WM9J8+6XqCJUXHiWEV0zCE8wDYiYC+047pTxQI/gB/FcU7jvylh98DJ
+kQPHd/Tp6Og3ynlDA9n9uBbxYHVRZs9vsZ/7xTFaxRe+zk8dhgKgZ/3RrcMFB570
+2t8LFbyuUE/kQVY6rZ0QJ9qMWQ7VPLRwRhiMeU3k8WDJb/tBbOXHBqldTbWyQ+mp
+MEDWhbrzE/IED82wAuO23Tb05cYk2xC7+Izef8fSc3XdJDuPSbcDpWukzyCDtSEH
+isLiGEtIbYRiPsF3czlQPsnIEVoTTCWxHCH1zYR6zScSv18Qh69qVe2J40K5jZoP
+GEOhq/oKhVJQAdvAFW5Odp7mF3Tk9nivjjsctJSxY26LFiV5GRV+07SSse4ti0aO
+jO5PLg5SWjfcOtBG2rz02EIvQAmLcb0kGBtfdj0lW/w=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFrjCCA5agAwIBAgIQTU0GyxRpCYdFVPhZfRsTHzANBgkqhkiG9w0BAQwFADBo
+MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTkw
+NwYDVQQDEzBNaWNyb3NvZnQgRVYgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9y
+aXR5IDIwMTcwHhcNMTkxMjE4MjE1OTU1WhcNNDIwNzE4MjIwOTA5WjBoMQswCQYD
+VQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTkwNwYDVQQD
+EzBNaWNyb3NvZnQgRVYgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIw
+MTcwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnBEElv+W+kRZBP974
+tJEqQz+ojQ/+yJoYdk5gKLn2wHFl1ZWUJ0tNbWz3UyDWoejCgDZgsk00WGAn31g0
+n//s3oer16r86HNpME/ETik0DX1EnUrTdW7nwiH9Wt2HpytMyvZ4pIYmAquN3YlA
+a3bp9rXaYRWHQ121o5OCR7FSoeqXusIF3iHhkHsnnDc1Asv/6xcAh5ZsRDT+57hQ
+u/lGT5oxj9hUX0bwXsolRDXkVfyUZElNLf4SJvd+chZnmP6SpQM/cFksZF1qY52R
+vyM7SlWascEkJY1OsB/1Mcgblc5QzEvRLGQYlNEoZ4sKpNkbGJuvqkfGJp4KMTVa
+xjmjLN2bQ4/69I31I8cHT4lpmtYDbdNjWSDoM5lZsFAp3InvUVRaqNjuLH2q2YmS
+Ybj/qksMvFP7JkbdUZ08XGAJwAFrWa2DVltT+6CrJq3M2f8+eC47a/NFwQPowpNc
+/pULklyLnLSz3DpGrAC4JwkKPjXuQwbvGpQIKeZR8eMu+kTjJc2LF/vGywr6DLIe
+9G4OC4A76V8CiYu3NL4kjrw961XJsZ0rJTHK/Pct5msBdo7smgDXboc+vBK4JcvJ
+YQ+FGBGrJ4NMSS4s/Fexx+nCB87rt7XD3ZbvBxLQ3v6EwOeOd/PReLA2XuSALf7a
+7VIFAql1sYNS4JfynxdCP+7aawIDAQABo1QwUjAOBgNVHQ8BAf8EBAMCAYYwDwYD
+VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUQcr/FrIJTtwkyEvkXBYlmfgm7zswEAYJ
+KwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEMBQADggIBAC1YTkfwguUdJ8YbuW3t
+X1mCYhL6dtmBHxLZnLeD3FXZqByzi1fFOfDYilOsAfQCwSmQ/6Nq+Hednq2lqa6v
+nYI9DZieatYYmzsZ8UFERMg2J+b46a4L+todIk0EQgw0VOA/KWxA+NAfDIZYaA/E
+rhnSj9y7a20ineb2OhYNAfiIyx5OnH51GsV1+xbhGMZ7QqF+EnlVyj7bWYoz6kSi
+W44lq0p9cGFu+pVe4AkvSKUpav7u6ZpRw7wgKvQio0YtiRKNX4TklUIQTcIXpN9L
+5ictFU1zwIgmsva2FLC5hyygu8NwG7csQNNrR944iyIv9Z2we3w/7A+IB8mdU4qp
+OR+ZiPuuzZa65vPnJzsJaeo5EwkWkQl+rK7c1687JNZMvajZcEinTT8QKkEcIbUO
+lHz/lRH0SqWFwJL2phWkjg5z56jkjLfT+11nZvR9JiQcwDI/VxmaE1Guvb8Ni5ov
+NJyhw1pxlqBJIEnMJQiyZ0NK7PAMZoHJMk5i/hadIXsfKeTKhZ1PdJUog1wGjrok
+MJB+eh6bMEolGD5LS/WTb5sIBBC8Lc7tHXfb8MenfbVDoqCjAImo4NBPff0RZlHn
+4/fCQT2Aj65qhHRld+35vpsCJvhkhEzfWHlrsGaE1q3UuwZIc8gpnSVNAuPf2sDm
+QJ6n4aMj2Bwn9Q/eyd3Sp9+5
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICYDCCAeWgAwIBAgIQIq9OUsJgV5tEnB3eAcjjGTAKBggqhkjOPQQDAzBoMQsw
+CQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTkwNwYD
+VQQDEzBNaWNyb3NvZnQgRVYgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
+IDIwMTcwHhcNMTkxMjE4MjIyMjE2WhcNNDIwNzE4MjIzMTQzWjBoMQswCQYDVQQG
+EwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTkwNwYDVQQDEzBN
+aWNyb3NvZnQgRVYgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTcw
+djAQBgcqhkjOPQIBBgUrgQQAIgNiAAQ03fnXAKvhJipfmjaLsLzJwAVzzNXWIcv2
+V/zPtYu95jSvILE9SarFZ1WC4e0w3WvtRct8LaGsrpcfP3ZgUX+syov/pZtB5dNK
+8iXVAdv9+2xOyZaj3fdTNCt3HjFWwr+jVDBSMA4GA1UdDwEB/wQEAwIBhjAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRj5/TgIgrMsBbPtD8G9YPw3/lbkTAQBgkr
+BgEEAYI3FQEEAwIBADAKBggqhkjOPQQDAwNpADBmAjEA3TGYWPADxBwh+2rbOUzD
+Anq/uihpq4VbMUHY1MPLetkIGBcb+TU8qn4nCY74Y0fdAjEA/KDz7stlJkG4kFf+
+U7+zxDvxU2jguTkFYMMbg+BWru/2RuJCYMC7U17GrFLHX4rt
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFqDCCA5CgAwIBAgIQHtOXCV/YtLNHcB6qvn9FszANBgkqhkiG9w0BAQwFADBl
+MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYw
+NAYDVQQDEy1NaWNyb3NvZnQgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
+IDIwMTcwHhcNMTkxMjE4MjI1MTIyWhcNNDIwNzE4MjMwMDIzWjBlMQswCQYDVQQG
+EwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYDVQQDEy1N
+aWNyb3NvZnQgUlNBIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTcwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKW76UM4wplZEWCpW9R2LBifOZ
+Nt9GkMml7Xhqb0eRaPgnZ1AzHaGm++DlQ6OEAlcBXZxIQIJTELy/xztokLaCLeX0
+ZdDMbRnMlfl7rEqUrQ7eS0MdhweSE5CAg2Q1OQT85elss7YfUJQ4ZVBcF0a5toW1
+HLUX6NZFndiyJrDKxHBKrmCk3bPZ7Pw71VdyvD/IybLeS2v4I2wDwAW9lcfNcztm
+gGTjGqwu+UcF8ga2m3P1eDNbx6H7JyqhtJqRjJHTOoI+dkC0zVJhUXAoP8XFWvLJ
+jEm7FFtNyP9nTUwSlq31/niol4fX/V4ggNyhSyL71Imtus5Hl0dVe49FyGcohJUc
+aDDv70ngNXtk55iwlNpNhTs+VcQor1fznhPbRiefHqJeRIOkpcrVE7NLP8TjwuaG
+YaRSMLl6IE9vDzhTyzMMEyuP1pq9KsgtsRx9S1HKR9FIJ3Jdh+vVReZIZZ2vUpC6
+W6IYZVcSn2i51BVrlMRpIpj0M+Dt+VGOQVDJNE92kKz8OMHY4Xu54+OU4UZpyw4K
+UGsTuqwPN1q3ErWQgR5WrlcihtnJ0tHXUeOrO8ZV/R4O03QK0dqq6mm4lyiPSMQH
++FJDOvTKVTUssKZqwJz58oHhEmrARdlns87/I6KJClTUFLkqqNfs+avNJVgyeY+Q
+W5g5xAgGwax/Dj0ApQIDAQABo1QwUjAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/
+BAUwAwEB/zAdBgNVHQ4EFgQUCctZf4aycI8awznjwNnpv7tNsiMwEAYJKwYBBAGC
+NxUBBAMCAQAwDQYJKoZIhvcNAQEMBQADggIBAKyvPl3CEZaJjqPnktaXFbgToqZC
+LgLNFgVZJ8og6Lq46BrsTaiXVq5lQ7GPAJtSzVXNUzltYkyLDVt8LkS/gxCP81OC
+gMNPOsduET/m4xaRhPtthH80dK2Jp86519efhGSSvpWhrQlTM93uCupKUY5vVau6
+tZRGrox/2KJQJWVggEbbMwSubLWYdFQl3JPk+ONVFT24bcMKpBLBaYVu32TxU5nh
+SnUgnZUP5NbcA/FZGOhHibJXWpS2qdgXKxdJ5XbLwVaZOjex/2kskZGT4d9Mozd2
+TaGf+G0eHdP67Pv0RR0Tbc/3WeUiJ3IrhvNXuzDtJE3cfVa7o7P4NHmJweDyAmH3
+pvwPuxwXC65B2Xy9J6P9LjrRk5Sxcx0ki69bIImtt2dmefU6xqaWM/5TkshGsRGR
+xpl/j8nWZjEgQRCHLQzWwa80mMpkg/sTV9HB8Dx6jKXB/ZUhoHHBk2dxEuqPiApp
+GWSZI1b7rCoucL5mxAyE7+WL85MB+GqQk2dLsmijtWKP6T+MejteD+eMuMZ87zf9
+dOLITzNy4ZQ5bb0Sr74MTnB8G2+NszKTc0QWbej09+CVgI+WXTik9KveCjCHk9hN
+AHFiRSdLOkKEW39lt2c0Ui2cFmuqqNh7o0JMcccMyj6D5KbvtwEwXlGjefVwaaZB
+RA+GsCyRxj3qrg+E
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICWTCCAd+gAwIBAgIQZvI9r4fei7FK6gxXMQHC7DAKBggqhkjOPQQDAzBlMQsw
+CQYDVQQGEwJVUzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYD
+VQQDEy1NaWNyb3NvZnQgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIw
+MTcwHhcNMTkxMjE4MjMwNjQ1WhcNNDIwNzE4MjMxNjA0WjBlMQswCQYDVQQGEwJV
+UzEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTYwNAYDVQQDEy1NaWNy
+b3NvZnQgRUNDIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTcwdjAQBgcq
+hkjOPQIBBgUrgQQAIgNiAATUvD0CQnVBEyPNgASGAlEvaqiBYgtlzPbKnR5vSmZR
+ogPZnZH6thaxjG7efM3beaYvzrvOcS/lpaso7GMEZpn4+vKTEAXhgShC48Zo9OYb
+hGBKia/teQ87zvH2RPUBeMCjVDBSMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBTIy5lycFIM+Oa+sgRXKSrPQhDtNTAQBgkrBgEEAYI3
+FQEEAwIBADAKBggqhkjOPQQDAwNoADBlAjBY8k3qDPlfXu5gKcs68tvWMoQZP3zV
+L8KxzJOuULsJMsbG7X7JNpQS5GiFBqIb0C8CMQCZ6Ra0DvpWSNSkMBaReNtUjGUB
+iudQZsIxtzm6uBoiB078a1QWIP8rtedMDE2mT3M=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFgjCCA2qgAwIBAgILWku9WvtPilv6ZeUwDQYJKoZIhvcNAQELBQAwTTELMAkG
+A1UEBhMCQVQxIzAhBgNVBAoTGmUtY29tbWVyY2UgbW9uaXRvcmluZyBHbWJIMRkw
+FwYDVQQDExBHTE9CQUxUUlVTVCAyMDIwMB4XDTIwMDIxMDAwMDAwMFoXDTQwMDYx
+MDAwMDAwMFowTTELMAkGA1UEBhMCQVQxIzAhBgNVBAoTGmUtY29tbWVyY2UgbW9u
+aXRvcmluZyBHbWJIMRkwFwYDVQQDExBHTE9CQUxUUlVTVCAyMDIwMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAri5WrRsc7/aVj6B3GyvTY4+ETUWiD59b
+RatZe1E0+eyLinjF3WuvvcTfk0Uev5E4C64OFudBc/jbu9G4UeDLgztzOG53ig9Z
+YybNpyrOVPu44sB8R85gfD+yc/LAGbaKkoc1DZAoouQVBGM+uq/ufF7MpotQsjj3
+QWPKzv9pj2gOlTblzLmMCcpL3TGQlsjMH/1WljTbjhzqLL6FLmPdqqmV0/0plRPw
+yJiT2S0WR5ARg6I6IqIoV6Lr/sCMKKCmfecqQjuCgGOlYx8ZzHyyZqjC0203b+J+
+BlHZRYQfEs4kUmSFC0iAToexIiIwquuuvuAC4EDosEKAA1GqtH6qRNdDYfOiaxaJ
+SaSjpCuKAsR49GiKweR6NrFvG5Ybd0mN1MkGco/PU+PcF4UgStyYJ9ORJitHHmkH
+r96i5OTUawuzXnzUJIBHKWk7buis/UDr2O1xcSvy6Fgd60GXIsUf1DnQJ4+H4xj0
+4KlGDfV0OoIu0G4skaMxXDtG6nsEEFZegB31pWXogvziB4xiRfUg3kZwhqG8k9Me
+dKZssCz3AwyIDMvUclOGvGBG85hqwvG/Q/lwIHfKN0F5VVJjjVsSn8VoxIidrPIw
+q7ejMZdnrY8XD2zHc+0klGvIg5rQmjdJBKuxFshsSUktq6HQjJLyQUp5ISXbY9e2
+nKd+Qmn7OmMCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
+AQYwHQYDVR0OBBYEFNwuH9FhN3nkq9XVsxJxaD1qaJwiMB8GA1UdIwQYMBaAFNwu
+H9FhN3nkq9XVsxJxaD1qaJwiMA0GCSqGSIb3DQEBCwUAA4ICAQCR8EICaEDuw2jA
+VC/f7GLDw56KoDEoqoOOpFaWEhCGVrqXctJUMHytGdUdaG/7FELYjQ7ztdGl4wJC
+XtzoRlgHNQIw4Lx0SsFDKv/bGtCwr2zD/cuz9X9tAy5ZVp0tLTWMstZDFyySCstd
+6IwPS3BD0IL/qMy/pJTAvoe9iuOTe8aPmxadJ2W8esVCgmxcB9CpwYhgROmYhRZf
++I/KARDOJcP5YBugxZfD0yyIMaK9MOzQ0MAS8cE54+X1+NZK3TTN+2/BT+MAi1bi
+kvcoskJ3ciNnxz8RFbLEAwW+uxF7Cr+obuf/WEPPm2eggAe2HcqtbepBEX4tdJP7
+wry+UUTF72glJ4DjyKDUEuzZpTcdN3y0kcra1LGWge9oXHYQSa9+pTeAsRxSvTOB
+TI/53WXZFM2KJVj04sWDpQmQ1GwUY7VA3+vA/MRYfg0UFodUJ25W5HCEuGwyEn6C
+MUO+1918oa2u1qsgEu8KwxCMSZY13At1XrFP1U80DhEgB3VDRemjEdqso5nCtnkn
+4rnvyOL2NSl6dPrFf4IFYqYK6miyeUcGbvJXqBUzxvd4Sj1Ce2t+/vdG6tHrju+I
+aFvowdlxfv1k7/9nR4hYJS8+hge9+6jlgqispdNpQ80xiEmEU5LAsTkbOYMBMMTy
+qfrQA71yN2BWHzZ8vTmR9W0Nv3vXkg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFhDCCA2ygAwIBAgIQdlP+ufXH2+qLpHjUPj1r9jANBgkqhkiG9w0BAQwFADBc
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEyMDAGA1UE
+AxMpR2xvYmFsU2lnbiBDbGllbnQgQXV0aGVudGljYXRpb24gUm9vdCBSNDUwHhcN
+MjAwMzE4MDAwMDAwWhcNNDUwMzE4MDAwMDAwWjBcMQswCQYDVQQGEwJCRTEZMBcG
+A1UEChMQR2xvYmFsU2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBDbGll
+bnQgQXV0aGVudGljYXRpb24gUm9vdCBSNDUwggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQC+PrPi5LejQfhLmafaJmRr7a5Jg1F9bGDgnwvvOzrGtOhJO81t
+pD4a1cpj6oN3AOJavVZsfIHB8NvmWtGbfW0ilijsmuO6t122ET7kesa4Gs8FIeko
+N2X05Mmt5l0kL0iGPt9vFc4qsqVe3JUEkuV4JvjfXDXhv4ZTZZPLGJjj2ewyDcoK
+8P9VeTgfXcyd7c4VtlifTlrgsdNJFBisCGDmz8N9Io5vJnlDcWbmR4+ENqZsAFJ2
+tERfGu8ixAY2guMcVpo9UvdTBFEoINGzdC0tYjcpw2S45fqp9UCl/msU4f1zGZoh
+I7HnzIajHCRItWw8IX8XU+lkriUXLPa7RJ44Z+9Ju1ty0xXdNRMfVUajRkmagvXP
+fNHseYLOSCvdVvoZrSW4i7Zw14Kj5z2vbkGmPWDOeU9qxMkmOUS9Aa8dYXH29fE1
+RiceAxngMXlscVHfw3ZlIpUe02tpvBBZGJFX4p9i6QuOtoeP4b+DzUpYshDd7uP8
+DxwBYH72OGpccrl5Hd3XQ0cd7u3v/Mis+1Ihf4OGa7zu6XZ+VQt8nt5kREQUrqrn
+JSowNhrxJ0Pwrf6jRddHyYF2IlzOjv3qDkEjuPjE9s1ljMt2mjytaoHEUb6tlA2M
+F5EoASwechJUUUKk6ywPlFQsJTuTwzGGZIahbEjmvVBWzFCnashetvqFrwIDAQAB
+o0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU
+dYKqG7azjRmP/Kl5zD8CmvRPy9kwDQYJKoZIhvcNAQEMBQADggIBAAFMXi+4f3I1
+vLUYMIB9N3yRb3r0PK0gVhu4qTP3/qhcVFg5VTwz0Hq5NPyNVg3uAaYnG3EvtZp3
+RYcE2I9bA3IDOSQdD3iQxcb1+H/6kKkiGw1nxrZSUPSdqOmgxHV6k9qxpWrtDEfO
+oE6qcrTE5593kWX2awznDQdhCoevRhDV1ACrtbruRdFn5vd4n/l6wsennGwLXQ7F
+yz/6I9G7n+o1Asg3NUEfmt0cRLqASoDZTgmV0j6yMJI0nO2dID8TDec2vQpRDMNq
+V4rp2V2votwv1Za8xwjov6IV61QzYeVtzz31iZDiTY+cQL8Ug/KkNnol3njRCY2e
+hQevcgRUIV0n7eVCEcs61mOs79L7fWrKhIHjCjJbkMDEjZKsCEsK39dW3NtmjHJe
+PchOl6vLAaC2mLNXgDHvEU5AgmILem7K9SV7Wf/jvp/+/OpA6RogYKyGS6DBqUqx
+qtTyM/4TObvvrhf5NssQ+3e64ulbA4fxaNzHlhVZ8jhUB0//AtQ48HBooCemDmQR
+Kom2nr2CykmaRxG8u5h200NwxYhZ/M7nyxAhelShHb3N9+FOsxct6yTGx0pc2pgj
+i7Jl0l/HfPkqK6VeDVBy1a7c+0iLhWcyQIF+CvIJTXicyU1ozvrhsfzZQf7mCfEi
+ksRCXNTngVc4/6oai4r3z4f34t95em4E
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICIjCCAamgAwIBAgIQdlP+rhgmQ29p9RzCdxbyXjAKBggqhkjOPQQDAzBTMQsw
+CQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEpMCcGA1UEAxMg
+R2xvYmFsU2lnbiBDb2RlIFNpZ25pbmcgUm9vdCBFNDUwHhcNMjAwMzE4MDAwMDAw
+WhcNNDUwMzE4MDAwMDAwWjBTMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFs
+U2lnbiBudi1zYTEpMCcGA1UEAxMgR2xvYmFsU2lnbiBDb2RlIFNpZ25pbmcgUm9v
+dCBFNDUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAR2GW0DtfWEI6syai5h3YQlL+/o
+eSeJg8ODdfO2eGoIbaKtISoCkAbsmkCceoaRuViFyCiaLgv34nap37K9qcPpKRl5
+CLJQ0MLFnQphDONdNwZKXP6EvcCAhPpLVSPg4j6jQjBAMA4GA1UdDwEB/wQEAwIB
+hjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSnn93TVM3b+Gy/JmwO5Ndbb4DM
+QjAKBggqhkjOPQQDAwNnADBkAjBsjFa2xTeuLZAreO2xHkYI0sNKKO94GQiOJDRG
+T4dxYV+pEUpvMqsc0VJ7qjrq5ZoCMFUrdy/O+D+baEra16hLRQ1+smv2bNqxFeK8
+SBl3i1fBXRTXQQDMJlLQILgZT5bnmg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcjCCA1qgAwIBAgIQdlP+uT3Z5+kmMqzWCr6sODANBgkqhkiG9w0BAQwFADBT
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEpMCcGA1UE
+AxMgR2xvYmFsU2lnbiBUaW1lc3RhbXBpbmcgUm9vdCBSNDUwHhcNMjAwMzE4MDAw
+MDAwWhcNNDUwMzE4MDAwMDAwWjBTMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xv
+YmFsU2lnbiBudi1zYTEpMCcGA1UEAxMgR2xvYmFsU2lnbiBUaW1lc3RhbXBpbmcg
+Um9vdCBSNDUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC6dDPsJ9wS
+OCEbxdNhKNZavE/fi8yRhEMkV7xkIbw7HB89T4ytB7fzxdcC6REUgpqqtJRyO3EN
+Gu9oa4V5jq9m6liYDbrBfHnS/82zbzFF0AV0BAByaid+uDc/Oojtl4P1qzVND59Z
+O/Uv31nFfKUydmCWyO3u+AR+GVFyqL9EQXq8ex47AJu8uuCWv5D+jZvDcosAEvgg
+OmA498HMhYr7h3kuoSsg5sughZEjtsQoB1Qo3uwQMU+K8s0UHx7dVRzqKDFM+SFq
+qM3zlmf6AUGbzQ8LaH+73vFD6hflsNxwIrNpNll0a8bliSp85QuBXas/j7jRdnLz
+fKKp4pdBv8yMRf5hyfZsBwsABOgVI0+CKi3278P6ETZIodH9ejk6NF2jLA6bd1Ag
+NEDdsQMxrV/pYodzlgNh95Sw2VxsT+cUxeHxew0jnM1wjB1q3kotiyq720IUBQeq
++xTcMdP2H2zLvmhmRHBNbRf5cesFc46RknXraFwe9kRhGCli3RdmiOwouklv2z53
+/rkxH3UcGKKmR73Y7kiFO/2z4g8/KpjGmvqCb7GlpYYdWjr6pGx0D3dSYWp/hyne
+OZuL7rNFYDAklxUSKoUwkyaslqYt6HBtC6kyrSybKAp2QvJVYVGYlN7t9sUXbzwV
+ELAOrbDexRb0ZdHML1pWCM+ZxPBVkcIseQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC
+AYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQURrIcd+F7FfClOaFw3tHELupt
+st4wDQYJKoZIhvcNAQEMBQADggIBABZ8CmdKAzyTKj4cT0ZVsJqeiOHrU/1MVXmE
++Wy2n6kKtomrVAcUFkpJWvS4LoYUxH4ZifmHiLzsstKVjOAM+fKUZqaYVxuh39Fx
+fYy1+HEC3RO2vvqwMcMsZ+saGA4aTdwszzFcYSipneNqLK5QSw460Gn7ijRE335L
+jhqQCdox2sovpff0Nyw1DRpizTx7PFZ3ZZVclHNwn2EvaWQjHUx5B8IXfDrtqm1x
+AxRiRcy3PlTYUXFC6juSQqUvVIGjsAxWWFa75JjuZscR+ahFF+JlKore4qjOxS32
+9c6t8OMKCd1Te2ypbIZ+od42NQAPX4D9RbtxZkPURCzQuwFOmZ4+TeFeVh8FeoId
+ssstpTO5OeXEt9pC4b3QlEKA+hiUO5NDqMiUOm1+nfxPoMLT5aWqECZvBiJb4AHi
+Sr8Z5USesK2rGdLN60fEYoHs8MJ6jUz9wiW3vCxwjqqtUvQUPKp4HQTTydUlgqda
+y4x8H1cCO4cbyNf5VBodyhpLJ7HiSu/nmkAUT6U8n9WjvpQ1nMLXPyjupBcrQ71k
+p9ev6VPnp3cexRIbMeJLxn+eHO6jOpRQXaZQBlJeRQMrtADgwe3YDcGuu0kJgYJa
+QkOvmWO4FNE8i93V8FTtcmfC9so+NYSHgA1SlVBB1rINGUAvthNN97Fg1HbFVzlu
+WqJeCnnc
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcDCCA1igAwIBAgIQdlP+qExQq5+NMrUdA49X3DANBgkqhkiG9w0BAQwFADBS
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEoMCYGA1UE
+AxMfR2xvYmFsU2lnbiBTZWN1cmUgTWFpbCBSb290IFI0NTAeFw0yMDAzMTgwMDAw
+MDBaFw00NTAzMTgwMDAwMDBaMFIxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMSgwJgYDVQQDEx9HbG9iYWxTaWduIFNlY3VyZSBNYWlsIFJv
+b3QgUjQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3HnMbQb5bbvg
+VgRsf+B1zC0FSehL3FTsW3eVcr9/Yp2FqYokUF9T5dt0b6QpWxMqCa2axS/C93Y7
+oUVGqkPmJP4rsG8ycBlGWnkmL/w9fV9ky1fMYWGo2ZVu45Wgbn9HEhjW7wPJ+4r6
+mr2CFalVd0sRT1nga8Nx8wzYVNWBaD4TuRUuh4o8RCc2YiRu+CwFcjBhvUKRI8Sd
+JafZVJoUozGtgHkMp2NsmKOsV0czH2WW4dDSNdr5cfehpiW1QV3fPmDY0fafpfK4
+zBOqj/mybuGDLZPdPoUa3eixXCYBy0mF/PzS1H+FYoZ0+cvsNSKiDDCPO6t561by
++kLz7fkfRYlAKa3qknTqUv1WtCvaou11wm6rzlKQS/be8EmPmkjUiBltRebMjLnd
+ZGBgAkD4uc+8WOs9hbnGCtOcB2aPxxg5I0bhPB6jL1Bhkgs9K2zxo0c4V5GrDY/G
+nU0E0iZSXOWl/SotFioBaeepfeE2t7Eqxdmxjb25i87Mi6E+C0jNUJU0xNgIWdhr
+JvS+9dQiFwBXya6bBDAznwv731aiyW5Udtqxl2InWQ8RiiIbZJY/qPG3JEqNPFN8
+bYN2PbImSHP1RBYBLQkqjhaWUNBzBl27IkiCTApGWj+A/1zy8pqsLAjg1urwEjiB
+T6YQ7UarzBacC89kppkChURnRq39TecCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgGG
+MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFKCTFShu7o8IsjXGnmJ5dKexDit7
+MA0GCSqGSIb3DQEBDAUAA4ICAQBFCvjRXKxigdAE17b/V1GJCwzL3iRlN/urnu1m
+9OoMGWmJuBmxMFa02fb3vsaul8tF9hGMOjBkTMGfWcBGQggGR2QXeOCVBwbWjKKs
+qdk/03tWT/zEhyjftisWI8CfH1vj1kReIk8jBIw1FrV5B4ZcL5fi9ghkptzbqIrj
+pHt3DdEpkyggtFOjS05f3sH2dSP8Hzx4T3AxeC+iNVRxBKzIxG3D9pGx/s3uRG6B
+9kDFPioBv6tMsQM/DRHkD9Ik4yKIm59fRz1RSeAJN34XITF2t2dxSChLJdcQ6J9h
+WRbFPjJOHwzOo8wP5McRByIvOAjdW5frQmxZmpruetCd38XbCUMuCqoZPWvoajB6
+V+a/s2o5qY/j8U9laLa9nyiPoRZaCVA6Mi4dL0QRQqYA5jGY/y2hD+akYFbPedey
+Ttew+m4MVyPHzh+lsUxtGUmeDn9wj3E/WCifdd1h4Dq3Obbul9Q1UfuLSWDIPGau
+l+6NJllXu3jwelAwCbBgqp9O3Mk+HjrcYpMzsDpUdG8sMUXRaxEyamh29j32ahNe
+JJjn6h2az3iCB2D3TRDTgZpFjZ6vm9yAx0OylWikww7oCkcVv1Qz3AHn1aYec9h6
+sr8vreNVMJ7fDkG84BH1oQyoIuHjAKNOcHyS4wTRekKKdZBZ45vRTKJkvXN5m2/y
+s8H2PA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFejCCA2KgAwIBAgIQdlP+sEyg1XHyFLOOLH8XQTANBgkqhkiG9w0BAQwFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEtMCsGA1UE
+AxMkR2xvYmFsU2lnbiBEb2N1bWVudCBTaWduaW5nIFJvb3QgUjQ1MB4XDTIwMDMx
+ODAwMDAwMFoXDTQ1MDMxODAwMDAwMFowVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoT
+EEdsb2JhbFNpZ24gbnYtc2ExLTArBgNVBAMTJEdsb2JhbFNpZ24gRG9jdW1lbnQg
+U2lnbmluZyBSb290IFI0NTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AKPQGKqmJaBoxSoYFVYt/dBLfaEecm4xsZ0STDc8LAzKutUukiBLkultAJxEbzgX
+7xlg8skghJR6OwgNa0hl/NAeJPXU3NpHUphO342nitTllKh8siw4i+XSLZwAGTM3
+irhsZWIblOjjm6R1ay2AGh0b5i+n7HHq6wQPsanAk1JhIC29UptoWDRLa0tbPm1y
+1jjYlUGTTnn9T9W1/MiApVkIN+iyet62eQxB4PFg1i7y5KFN2BOrz45kW3zc5jEp
+Hg2Qtjjo0PY6TTDHePklFWfhz3/3k5B/3kD6aYt9oENfRfnCS5d/UWEuC2LOYNoN
+X3bMlJwd2IXs70V+vuoq0D8UjWkgfgxW/epp9KlEweatJ/9Ycah9LzufHn/ZcgXo
+kSSAGtQheY4uWvr5j7AQKDCNquDyk9s9cVGrs553LgaAN4oLTg+YejcboM1JpUEQ
+hMOfUG0vKI4u88+2x1SBbiychxEN7eP1hIsr/hSQu0ooVDRMZ/viKnN2JpFfx9o/
+Np/aJy8nDcDHOf7b4/k2aYKAvfXB8aAz7od2H4gJft3oQbS+DxCkBuXt4Qh7JfdH
+B7wqJQ8xOpGoqhMzkK8Op2DWgn1nTTQW4We7eeuCMEa0APhZuw78sxCRRSPY8TFC
+BLFgZ6hjg7KsP5/3GBiETFGFZpoqHNLbKbmbG0Ma6jPtAgMBAAGjQjBAMA4GA1Ud
+DwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQHQVdLz+EcFlPV
+veuDbMyLKSGEvzANBgkqhkiG9w0BAQwFAAOCAgEAJJwyIaZykDsC3f64SqaO8Dew
+W/8uP7Enbtl+nvSPX36/u4OFcMSKj0ZdxgpRKQLIxqBD/cICE/I6IZLdRpXDdLg8
+VyIBhGhns1Beem4spPSj9QsM+VoNR4VFGk+bTNGokfOJqj5JqvWEsRe0S+ZeaRT9
+RBsK/yDOCP70ZXKtxSJc3PKljMXcHWzb95anN2oaMLxrWTDjDUjxuGS5F5XG5J+D
+prLujbvhniXMwFaoAQeRa6Qu6hPr2/FJb+U7OpYn/kRQ4Qw0qxgQwaZwieJSyB2/
+YtY0guX+x5gAYRCAdyd8rF1yQrgiD3Ig9wpH0FUGVU/vZG2z/DrgoVZPZ8lFVMQT
+IfurtfoxGlsGaU463x4gvCB/sCt0MtaodrM6PgseIETeh6b3UgsLjxT4MQOq6hHJ
+2ZVGwIS72OsrLwpQxDgjf2+zv8Mnt/VMhwFzSQflwIyt7MeBQo/bXWsO2yHystfX
+kieXNu3GS19zR7kMuA3cSUtFsr8xjuFVhCfpWBoxwg4m01/Ri70gXXHfl2Hd35XJ
+4Msv20ScC3QKfRuKtE+MKJZM6CnLilxY8bg9bsLd2myyB6mr6NHR0niwPtPFaY13
+54Rk+LFW8fsZ0Yhmbz0bZcglRTwfdDseHDjr8aMsUsG/6CH0Lo4yg58V6vQNo5RH
+Rn7JhIJYRobXTF+4bZk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICITCCAaegAwIBAgIQdlP+qicdlUZd1vGe5biQCjAKBggqhkjOPQQDAzBSMQsw
+CQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEoMCYGA1UEAxMf
+R2xvYmFsU2lnbiBTZWN1cmUgTWFpbCBSb290IEU0NTAeFw0yMDAzMTgwMDAwMDBa
+Fw00NTAzMTgwMDAwMDBaMFIxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxT
+aWduIG52LXNhMSgwJgYDVQQDEx9HbG9iYWxTaWduIFNlY3VyZSBNYWlsIFJvb3Qg
+RTQ1MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE+XmLgUc3iZY/RUlQfxomC5Myfi7A
+wKcImsNuj5s+CyLsN1O3b4qwvCc3S22pRjvZH/+loUS7LXO/nkEHXFObUQg6Wrtv
+OMcWkXjCShNpHYLfWi8AiJaiLhx0+Z1+ZjeKo0IwQDAOBgNVHQ8BAf8EBAMCAYYw
+DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU3xNei1/CQAL9VreUTLYe1aaxFJYw
+CgYIKoZIzj0EAwMDaAAwZQIwE7C+13EgPuSrnM42En1fTB8qtWlFM1/TLVqy5IjH
+3go2QjJ5naZruuH5RCp7isMSAjEAoGYcToedh8ntmUwbCu4tYMM3xx3NtXKw2cbv
+vPL/P/BS3QjnqmR5w+RpV5EvpMt8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcjCCA1qgAwIBAgIQdlP+rHVGSJP15ddKSDpO+DANBgkqhkiG9w0BAQwFADBT
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEpMCcGA1UE
+AxMgR2xvYmFsU2lnbiBDb2RlIFNpZ25pbmcgUm9vdCBSNDUwHhcNMjAwMzE4MDAw
+MDAwWhcNNDUwMzE4MDAwMDAwWjBTMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xv
+YmFsU2lnbiBudi1zYTEpMCcGA1UEAxMgR2xvYmFsU2lnbiBDb2RlIFNpZ25pbmcg
+Um9vdCBSNDUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2LcUw3Xro
+q5A9A3KwOkuZFmGy5f+lZx03HOV+7JODqoT1o0ObmEWKuGNXXZsAiAQl6fhokkuC
+2EvJSgPzqH9qj4phJ72hRND99T8iwqNPkY2zBbIogpFd+1mIBQuXBsKY+CynMyTu
+UDpBzPCgsHsdTdKoWDiW6d/5G5G7ixAs0sdDHaIJdKGAr3vmMwoMWWuOvPSrWpd7
+f65V+4TwgP6ETNfiur3EdaFvvWEQdESymAfidKv/aNxsJj7pH+XgBIetMNMMjQN8
+VbgWcFwkeCAl62dniKu6TjSYa3AR3jjK1L6hwJzh3x4CAdg74WdDhLbP/HS3L4Sj
+v7oJNz1nbLFFXBlhq0GD9awd63cNRkdzzr+9lZXtnSuIEP76WOinV+Gzz6ha6Qcl
+mxLEnoByPZPcjJTfO0TmJoD80sMD8IwM0kXWLuePmJ7mBO5Cbmd+QhZxYucE+WDG
+ZKG2nIEhTivGbWiUhsaZdHNnMXqR8tSMeW58prt+Rm9NxYUSK8+aIkQIqIU3zgdh
+VwYXEiTAxDFzoZg1V0d+EDpF2S2kUZCYqaAHN8RlGqocaxZ396eX7D8ZMJlvMfvq
+QLLn0sT6ydDwUHZ0WfqNbRcyvvjpfgP054d1mtRKkSyFAxMCK0KA8olqNs/ITKDO
+nvjLja0Wp9Pe1ZsYp8aSOvGCY/EuDiRk3wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC
+AYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUHwC/RoAK/Hg5t6W0Q9lWULvO
+ljswDQYJKoZIhvcNAQEMBQADggIBAF4runSXNERfdkgoQIST7gFu6aGz1oAl5nvk
+vAmRPQ/8dq3X1DAgu49g0JHWHPKc73gaK5QyAsEkllJSAtDz0fzymzlumeEfjkNB
+fZoeW8ldmoT8JuaH83RyJq2kG9k9O2pSoDwJHi8ee7MztEXH96yxr5NgrXauuLIV
+eOuDauv/20arJOXuAvqQH1nAL13Wt12kXBC3clP4QU7M+ngaJUrK/oViQ2HDtDeq
+gdL01joPvY1ZfjBH3itr5yFQM1/UZ5vUuGefPCeZA/+FQ45zEsogzehh1bFm3BfW
+OW0P288jN6GCiU4caz/WoM2qB50+Qiaq1wzu+ke/GlJ+0XWB08mKYhdtT4igIaAm
+Pq9t2WIwH+mYKK5ujdWOTHJmk4CNKuNVx2BnkEJWXCJRD7PcTjnuTd3ZHXgQVDtu
+0JdvA7UesiNzxhKymmTQ/JWFJKj/36Gw3JFArt8JM6u53ZK38cyRdDtp62eXG5C/
+58egb3G7V7+3j1rtekBqFs2AhC0v4QLUJJRDsxX8DCsb/XFv/Mu8dRc6XoPSybMv
+G9WcjX9U/n5+5Fajh6ed4VlSlEGPbVu+hpWa/xp23UDSUUpwtB8zYyN3P+wnHlnk
+CIftNIJKDz/+oB3B9WdzRYZ49Kop6SeHxhnbxhMUwzlJh02gl+BlE/Wdd1bp2rNY
+xzrywM2C
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICNDCCAbugAwIBAgIQdlP+urId2CfpaRai64G+WDAKBggqhkjOPQQDAzBcMQsw
+CQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEyMDAGA1UEAxMp
+R2xvYmFsU2lnbiBDbGllbnQgQXV0aGVudGljYXRpb24gUm9vdCBFNDUwHhcNMjAw
+MzE4MDAwMDAwWhcNNDUwMzE4MDAwMDAwWjBcMQswCQYDVQQGEwJCRTEZMBcGA1UE
+ChMQR2xvYmFsU2lnbiBudi1zYTEyMDAGA1UEAxMpR2xvYmFsU2lnbiBDbGllbnQg
+QXV0aGVudGljYXRpb24gUm9vdCBFNDUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATM
+zLQ6uxpN+J2RxHeB7RZ/AxF/uOlwhEiWQQmDYF30JJMqMh5eB/tHpIcqJNhXjFzZ
+qN8ReH+2RNXdr9UB2SY0X30xyMHu49a5/o+TAnCib2A7GXO1i3QKe51CF7wtPqej
+QjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS1
+g9ZwBorGnYaCd9WpBWU2E/HGSDAKBggqhkjOPQQDAwNnADBkAjBmpdF/fTQJFg4O
+++53h4FKndiAh6BkaMtftnRYrMuymOKSEoktHT2xVGj4kvGNTkoCMBRVMnt2ZnSR
+ayTUWpTi5WqA9np9zULzWHhjwekCe1TdHAEVncu/BBhVQCT6IvLZXg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICLDCCAbGgAwIBAgIQdlP+sK9LdZCiGuSi1fJ2tTAKBggqhkjOPQQDAzBXMQsw
+CQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEtMCsGA1UEAxMk
+R2xvYmFsU2lnbiBEb2N1bWVudCBTaWduaW5nIFJvb3QgRTQ1MB4XDTIwMDMxODAw
+MDAwMFoXDTQ1MDMxODAwMDAwMFowVzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEds
+b2JhbFNpZ24gbnYtc2ExLTArBgNVBAMTJEdsb2JhbFNpZ24gRG9jdW1lbnQgU2ln
+bmluZyBSb290IEU0NTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIblQ9C7AGVe1koK
+Y4WeRQ+GIzJQVUljapzO96/0fiD5gDJbbrDv8sekLPtqWZAGdrcXjA51RDqAfMjc
+Aj3yzqGes0tyy8aM/cLJqoyuM1zqeUvcachWpDwoQXB0jmoaSKNCMEAwDgYDVR0P
+AQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFGGZArQQ/xA823ra
+bDpwJANg8eeOMAoGCCqGSM49BAMDA2kAMGYCMQCP9ck/sU7z99GdtLoPPQqXJxCT
+8lB8IonajNTKqWMkJiqLY4JjVMc08NGeehgLp+oCMQCxNY9K8vsmBsHTDY9i0bDE
+oF3pk9ZhxOGhuVyo9fFnXqIpN8JLxmdy/oyQ+SSAd7c=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICGzCCAaGgAwIBAgIQQdKd0XLq7qeAwSxs6S+HUjAKBggqhkjOPQQDAzBPMQsw
+CQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2gg
+R3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMjAeFw0yMDA5MDQwMDAwMDBaFw00
+MDA5MTcxNjAwMDBaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5ldCBT
+ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgyMHYw
+EAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0HttwW
++1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7AlF9
+ItgKbppbd9/w+kHsOdx1ymgHDB/qo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0T
+AQH/BAUwAwEB/zAdBgNVHQ4EFgQUfEKWrt5LSDv6kviejM9ti6lyN5UwCgYIKoZI
+zj0EAwMDaAAwZQIwe3lORlCEwkSHRhtFcP9Ymd70/aTSVaYgLXTWNLxBo1BfASdW
+tL4ndQavEi51mI38AjEAi/V3bNTIZargCyzuFJ0nN6T5U6VR5CmD1/iQMVtCnwr1
+/q4AaOeMSQ+2b1tbFfLn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICOjCCAcCgAwIBAgIQFAP1q/s3ixdAW+JDsqXRxDAKBggqhkjOPQQDAzBOMQsw
+CQYDVQQGEwJVUzEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMSUwIwYDVQQDDBxT
+U0wuY29tIFRMUyBFQ0MgUm9vdCBDQSAyMDIyMB4XDTIyMDgyNTE2MzM0OFoXDTQ2
+MDgxOTE2MzM0N1owTjELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjElMCMGA1UEAwwcU1NMLmNvbSBUTFMgRUNDIFJvb3QgQ0EgMjAyMjB2MBAG
+ByqGSM49AgEGBSuBBAAiA2IABEUpNXP6wrgjzhR9qLFNoFs27iosU8NgCTWyJGYm
+acCzldZdkkAZDsalE3D07xJRKF3nzL35PIXBz5SQySvOkkJYWWf9lCcQZIxPBLFN
+SeR7T5v15wj4A4j3p8OSSxlUgaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSME
+GDAWgBSJjy+j6CugFFR781a4Jl9nOAuc0DAdBgNVHQ4EFgQUiY8vo+groBRUe/NW
+uCZfZzgLnNAwDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMDA2gAMGUCMFXjIlbp
+15IkWE8elDIPDAI2wv2sdDJO4fscgIijzPvX6yv/N33w7deedWo1dlJF4AIxAMeN
+b0Igj762TVntd00pxCAgRWSGOlDGxK0tk/UYfXLtqc/ErFc2KAhl3zx5Zn6g6g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFiTCCA3GgAwIBAgIQb77arXO9CEDii02+1PdbkTANBgkqhkiG9w0BAQsFADBO
+MQswCQYDVQQGEwJVUzEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMSUwIwYDVQQD
+DBxTU0wuY29tIFRMUyBSU0EgUm9vdCBDQSAyMDIyMB4XDTIyMDgyNTE2MzQyMloX
+DTQ2MDgxOTE2MzQyMVowTjELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jw
+b3JhdGlvbjElMCMGA1UEAwwcU1NMLmNvbSBUTFMgUlNBIFJvb3QgQ0EgMjAyMjCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANCkCXJPQIgSYT41I57u9nTP
+L3tYPc48DRAokC+X94xI2KDYJbFMsBFMF3NQ0CJKY7uB0ylu1bUJPiYYf7ISf5OY
+t6/wNr/y7hienDtSxUcZXXTzZGbVXcdotL8bHAajvI9AI7YexoS9UcQbOcGV0ins
+S657Lb85/bRi3pZ7QcacoOAGcvvwB5cJOYF0r/c0WRFXCsJbwST0MXMwgsadugL3
+PnxEX4MN8/HdIGkWCVDi1FW24IBydm5MR7d1VVm0U3TZlMZBrViKMWYPHqIbKUBO
+L9975hYsLfy/7PO0+r4Y9ptJ1O4Fbtk085zx7AGL0SDGD6C1vBdOSHtRwvzpXGk3
+R2azaPgVKPC506QVzFpPulJwoxJF3ca6TvvC0PeoUidtbnm1jPx7jMEWTO6Af77w
+dr5BUxIzrlo4QqvXDz5BjXYHMtWrifZOZ9mxQnUjbvPNQrL8VfVThxc7wDNY8VLS
++YCk8OjwO4s4zKTGkH8PnP2L0aPP2oOnaclQNtVcBdIKQXTbYxE3waWglksejBYS
+d66UNHsef8JmAOSqg+qKkK3ONkRN0VHpvB/zagX9wHQfJRlAUW7qglFA35u5CCoG
+AtUjHBPW6dvbxrB6y3snm/vg1UYk7RBLY0ulBY+6uB0rpvqR4pJSvezrZ5dtmi2f
+gTIFZzL7SAg/2SW4BCUvAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0j
+BBgwFoAU+y437uOEeicuzRk1sTN8/9REQrkwHQYDVR0OBBYEFPsuN+7jhHonLs0Z
+NbEzfP/UREK5MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAjYlt
+hEUY8U+zoO9opMAdrDC8Z2awms22qyIZZtM7QbUQnRC6cm4pJCAcAZli05bg4vsM
+QtfhWsSWTVTNj8pDU/0quOr4ZcoBwq1gaAafORpR2eCNJvkLTqVTJXojpBzOCBvf
+R4iyrT7gJ4eLSYwfqUdYe5byiB0YrrPRpgqU+tvT5TgKa3kSM/tKWTcWQA673vWJ
+DPFs0/dRa1419dvAJuoSc06pkZCmF8NsLzjUo3KUQyxi4U5cMj29TH0ZR6LDSeeW
+P4+a0zvkEdiLA9z2tmBVGKaBUfPhqBVq6+AL8BQx1rmMRTqoENjwuSfr98t67wVy
+lrXEj5ZzxOhWc5y8aVFjvO9nHEMaX3cZHxj4HCUp+UmZKbaSPaKDN7EgkaibMOlq
+bLQjk2UEqxHzDh1TJElTHaE/nUiSEeJ9DU/1172iWD54nR4fK/4huxoTtrEoZP2w
+AgDHbICivRZQIA9ygV/MlP+7mea6kMvq+cYMwq7FGc4zoWtcu358NFcXrfA/rs3q
+r5nsLFR+jM4uElZI7xc7P0peYNLcdDa8pUNjyw9bowJWCZ4kLOGGgYz+qxcs+sji
+Mho6/4UIyYOf8kpIEFR3N+2ivEC+5BB09+Rbu7nzifmPQdjH5FCQNYA+HLhNkNPU
+98OwoX6EyneSMSy4kLGCenROmxMmtNVQZlR4rmA=
 -----END CERTIFICATE-----
\ No newline at end of file
diff --git a/bundler/testdata/ca.pem b/bundler/testdata/ca.pem
index b03e14bd6..ffe3b4556 100644
--- a/bundler/testdata/ca.pem
+++ b/bundler/testdata/ca.pem
@@ -1,17 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIICyDCCAjGgAwIBAgIJAPCgd7rafQZGMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp
-c2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQLDAtERVZfVEVTVElORzEW
-MBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTAeFw0xNDA0MTExNjQyMjBaFw0yNDA0MDgx
-NjQyMjBaMH0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYD
-VQQHDA1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQL
-DAtERVZfVEVTVElORzEWMBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTCBnzANBgkqhkiG
-9w0BAQEFAAOBjQAwgYkCgYEAm6f+jkP2t5q/vM0YAUZZkhq/EAYD+L1CMS59jJOL
-omfDnKUWOGKi/k7URBg1HNL3vm7/ESDazZWFy9l/nibWxNkSUPkQIrvrGsNivkRU
-zXkwgNX8IN8LOYAQ3BWxAqitXTpLjf4FeCTB6G59v9eYlAX3kicXRdY+cqhEvLFb
-u3MCAwEAAaNQME4wHQYDVR0OBBYEFLhe765nULfW8wflar5Vs2c6DZI+MB8GA1Ud
-IwQYMBaAFLhe765nULfW8wflar5Vs2c6DZI+MAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADgYEABYqqOUq3ZrtMYaTAoeA7Cr/OBMjBV+/TiOe8fRNoPZ7+aKSg
-E1baohCGqougm+/XOtBXeLv5tVQihz/2iKdwHmX4HjkxzevAXyazjxeW4IDA21Jl
-fKd7xUJHM0Du/opoDkXWr/vRVztOB33ndlAK7ruSLfTR3E9HoUe3aRH7ceQ=
+MIIC1jCCAj+gAwIBAgIUJhxh1ENJRZoFuCN+XB0xlP1zgeYwDQYJKoZIhvcNAQEL
+BQAwfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxhcmUxFDASBgNVBAsMC0RF
+Vl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NBMB4XDTI1MDIwODIwMTYy
+N1oXDTM1MDIwNjIwMTYyN1owfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlm
+b3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxh
+cmUxFDASBgNVBAsMC0RFVl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NB
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbp/6OQ/a3mr+8zRgBRlmSGr8Q
+BgP4vUIxLn2Mk4uiZ8OcpRY4YqL+TtREGDUc0ve+bv8RINrNlYXL2X+eJtbE2RJQ
++RAiu+saw2K+RFTNeTCA1fwg3ws5gBDcFbECqK1dOkuN/gV4JMHobn2/15iUBfeS
+JxdF1j5yqES8sVu7cwIDAQABo1MwUTAdBgNVHQ4EFgQUuF7vrmdQt9bzB+VqvlWz
+ZzoNkj4wHwYDVR0jBBgwFoAUuF7vrmdQt9bzB+VqvlWzZzoNkj4wDwYDVR0TAQH/
+BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQALmrNPUPlCyhabvgC8RsMZPhJjtxr9
+TotLuoa49zsHH18djRZLrm8mNzBwUVVNJ1hgwSpRnyrc7T4HQTTvjpCnyXEVRil/
+9HQbpVPBSw5W6oK3koLG0rFnZXHocqK+Qri4FkbwsTK5qlea35OJWkODiUY/ykVM
+E4sm6QDE79e0Iw==
 -----END CERTIFICATE-----
diff --git a/bundler/testdata/client-auth/int.pem b/bundler/testdata/client-auth/int.pem
index 21d69b7b0..ed0117737 100644
--- a/bundler/testdata/client-auth/int.pem
+++ b/bundler/testdata/client-auth/int.pem
@@ -1,12 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIBsTCCAVegAwIBAgIUQxXBCiEUgebQLq9QwfZFROgThZEwCgYIKoZIzj0EAwIw
+MIIBsDCCAVegAwIBAgIUQ+SzyUX7rjP3Na9pqW9WjfZ++mgwCgYIKoZIzj0EAwIw
 TDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh
-biBGcmFuY2lzY28xEDAOBgNVBAoTB1Jvb3QgQ0EwHhcNMTYwOTIwMjAwNjAwWhcN
-MjEwOTIxMDIwNjAwWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEQHLu5R2/
-OfkmWIP50R+hjcsWDn1XoM4StX+hKgrldr1e4z59xwcszuLZCYXiknsQinV7V6Mh
-9Yh74WYb8CtLuqNjMGEwDgYDVR0PAQH/BAQDAgIEMA8GA1UdEwEB/wQFMAMBAf8w
-HQYDVR0OBBYEFC+V4h0RNrcwIohJiXoX2LN2NCnWMB8GA1UdIwQYMBaAFP+0An2G
-CK5DG6ebj3vxje4qLXQWMAoGCCqGSM49BAMCA0gAMEUCIQCtItVx1iZp0qCv6vtf
-dvOX1Ulu/6esR/eJuXpABzckLAIgagv7PtQJ7q02IlU2Ohc+bqa2UYo/IIxZY/Un
-EHCapPE=
+biBGcmFuY2lzY28xEDAOBgNVBAoTB1Jvb3QgQ0EwHhcNMjUwMjA4MjE1MTAwWhcN
+MzAwMjA5MDM1MTAwWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEJ1aTpusR
+LupK5Fz1Z3zameCiHaBkmQj7W0RXzr6Z79K56Rpvw26TwLOrBn7TXtxDuWGLMsNo
+OZkrSrMMEVhKSaNjMGEwDgYDVR0PAQH/BAQDAgIEMA8GA1UdEwEB/wQFMAMBAf8w
+HQYDVR0OBBYEFEUmFK1ZjWprR7uasbTkKJkRbopDMB8GA1UdIwQYMBaAFH+WjwVZ
+HowLuyc+wkl/DmRpQNsJMAoGCCqGSM49BAMCA0cAMEQCIBf7y7WJq8Ok5BlmSwuo
+HfMI99OGo0Yx3o9OgOOGjN+SAiBqZtkw/M457iU0xPq93Ao0sOxQug0hix2B8Hel
+b65f8w==
 -----END CERTIFICATE-----
diff --git a/bundler/testdata/client-auth/leaf-client.pem b/bundler/testdata/client-auth/leaf-client.pem
index 658c5dade..b0035ce01 100644
--- a/bundler/testdata/client-auth/leaf-client.pem
+++ b/bundler/testdata/client-auth/leaf-client.pem
@@ -1,10 +1,9 @@
 -----BEGIN CERTIFICATE-----
-MIIBZzCCAQ2gAwIBAgIUR+Iy1GDYkmd7XyemJk6xD0GkMbEwCgYIKoZIzj0EAwIw
-ADAeFw0xNjA5MjAyMDA2MDBaFw0yMTA5MjEwMjA2MDBaMAAwWTATBgcqhkjOPQIB
-BggqhkjOPQMBBwNCAAT0mh4zicT2uzJBsWsV8KyDbjjMK0AWT91jQamQWO+XGIXC
-rOn6TJ2CZQvyjToLDGFkhI3qKF74M2HRVOmvgLv9o2UwYzATBgNVHSUEDDAKBggr
-BgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBRNs+5zUXreKyFAg+BKpBld
-3LHlcjAfBgNVHSMEGDAWgBQvleIdETa3MCKISYl6F9izdjQp1jAKBggqhkjOPQQD
-AgNIADBFAiEA4TRhEdBeYHE38DQUCfWTaekqdckRkmPcp5CdwEO48D8CICA/0SeH
-udr6Q32nXiB1t/XMa3BU3HcbXaZGA1QrLuw9
+MIIBRTCB7KADAgECAhQkohme3ew65nA12dLsCP0HbB10dTAKBggqhkjOPQQDAjAA
+MB4XDTI1MDIwODIxNTEwMFoXDTMwMDIwOTAzNTEwMFowADBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABFSTiC6rAR2mPgwHOaE0tWA4VfVFzfEOou2NYsTohznuf38Q
+yf+EUB8aUtXzpkVyKTA+YMxnb/Dqd/Wwk3FpZlOjRDBCMBMGA1UdJQQMMAoGCCsG
+AQUFBwMCMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFAADwiVPrql46XbO5RGejGmw
+YjrpMAoGCCqGSM49BAMCA0gAMEUCIF8rB8803j76yJgKnxiu8r7k+/FIzXgukxjE
+HOhwtGVrAiEAzaL/hZTHmUPzc4t3K8fL8IDDlNK2PMf34/wx++zQv9E=
 -----END CERTIFICATE-----
diff --git a/bundler/testdata/client-auth/leaf-server.pem b/bundler/testdata/client-auth/leaf-server.pem
index 5334d25f7..f84bc1ceb 100644
--- a/bundler/testdata/client-auth/leaf-server.pem
+++ b/bundler/testdata/client-auth/leaf-server.pem
@@ -1,10 +1,9 @@
 -----BEGIN CERTIFICATE-----
-MIIBaDCCAQ2gAwIBAgIUKcsmS7GpJrARpBa53k3++gfbfs0wCgYIKoZIzj0EAwIw
-ADAeFw0xNjA5MjAyMDA2MDBaFw0yMTA5MjEwMjA2MDBaMAAwWTATBgcqhkjOPQIB
-BggqhkjOPQMBBwNCAATc3bbO7Xd3ncTBUCWRzEGlI3b6aj0GKcQpLk6flvg9rok+
-ae3/gUYqtXv+fCqg6cQKJ9Z7m7mpY6id22V6dZiAo2UwYzATBgNVHSUEDDAKBggr
-BgEFBQcDATAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBQqcROYx+P7UtjPRYj98mZQ
-g3pw9TAfBgNVHSMEGDAWgBQvleIdETa3MCKISYl6F9izdjQp1jAKBggqhkjOPQQD
-AgNJADBGAiEA3uKNJas+nr50/VnkGgkceM1kieg2xkaK/o2WgdbwvzgCIQCaptUU
-zbcvVnRAHlvxL0tvqSs0uFc8UmiYzcRNEugV4A==
+MIIBRDCB7KADAgECAhQodna3/WiA0mgCI09unScTMUF5sDAKBggqhkjOPQQDAjAA
+MB4XDTI1MDIwODIxNTEwMFoXDTMwMDIwOTAzNTEwMFowADBZMBMGByqGSM49AgEG
+CCqGSM49AwEHA0IABNLlARthGNIzbvAOpbg0VK0kvv0s1H3ouq0TbkVHfNounVBk
+NhuyJPY6g0FhYOXYUGAe3c/wGzQ9Y8N7oKgznLWjRDBCMBMGA1UdJQQMMAoGCCsG
+AQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFFcK5HrSaocNvQd8qPj1PhUT
+N3uoMAoGCCqGSM49BAMCA0cAMEQCICety0pRXbTu47qx+ZXY670lXmKnxWvZDD4b
+ctUrPi0cAiAgxI6Z8CZsG7DybwMISScDqqIbgBZgr4RUIFOZ4SYP+A==
 -----END CERTIFICATE-----
diff --git a/bundler/testdata/client-auth/root.pem b/bundler/testdata/client-auth/root.pem
index 88d71b759..2fdf5525f 100644
--- a/bundler/testdata/client-auth/root.pem
+++ b/bundler/testdata/client-auth/root.pem
@@ -1,13 +1,12 @@
 -----BEGIN CERTIFICATE-----
-MIIB/DCCAaOgAwIBAgIUYZHCBUWv8DNuD/IwMYDE7W2GIJAwCgYIKoZIzj0EAwIw
+MIIB3DCCAYKgAwIBAgIUe9lCrcENqlcuEIfCjz5sYf6G55swCgYIKoZIzj0EAwIw
 TDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNh
-biBGcmFuY2lzY28xEDAOBgNVBAoTB1Jvb3QgQ0EwHhcNMTYwOTIwMjAwNjAwWhcN
-MjEwOTE5MjAwNjAwWjBMMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p
+biBGcmFuY2lzY28xEDAOBgNVBAoTB1Jvb3QgQ0EwHhcNMjUwMjA4MjE1MTAwWhcN
+MzAwMjA3MjE1MTAwWjBMMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5p
 YTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEQMA4GA1UEChMHUm9vdCBDQTBZMBMG
-ByqGSM49AgEGCCqGSM49AwEHA0IABBERmxD/UH/sULRH2donxT0aKKvZwL5ODUXI
-yMcFqVL2joxB30LdLK8/EDRt2mmTfT+y6Kf8T3k0C8f7va98t/ujYzBhMA4GA1Ud
-DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBT/tAJ9hgiuQxun
-m4978Y3uKi10FjAfBgNVHSMEGDAWgBT/tAJ9hgiuQxunm4978Y3uKi10FjAKBggq
-hkjOPQQDAgNHADBEAiA2vadw57jIX+99vDhAZnWrvnlRIJ1vFobFOPHTuLeNfwIg
-XimQowME/vV96iXHjMwToA63IFBj5wfQ5eMkQFiQgmk=
+ByqGSM49AgEGCCqGSM49AwEHA0IABHIGkTTSQv2h0/BShHPKSHgmiCWYwZN/ZcTU
+yOXEpVaWI8LRKkILBn3x9rOo+1+/svphVb0p+pCDRjMcbt/kL7qjQjBAMA4GA1Ud
+DwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR/lo8FWR6MC7sn
+PsJJfw5kaUDbCTAKBggqhkjOPQQDAgNIADBFAiAiY3W19EHWVz5wHLkR8PlyqF7h
+a610mibj/x4L3zS3hwIhAMU7W0TWc2KEEvOdWMiqx08cqstq5LZp5C/zlP945XHA
 -----END CERTIFICATE-----
diff --git a/bundler/testdata/int-bundle.pem b/bundler/testdata/int-bundle.pem
index f906f5c99..24a5aa235 100644
--- a/bundler/testdata/int-bundle.pem
+++ b/bundler/testdata/int-bundle.pem
@@ -1,66 +1,44 @@
 -----BEGIN CERTIFICATE-----
-MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
-TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz
-MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw
-IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR
-dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp
-li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D
-rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ
-WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug
-F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU
-xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC
-Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv
-dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw
-ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl
-IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh
-c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy
-ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh
-Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI
-KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T
-KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq
-y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
-dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD
-VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL
-MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk
-fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
-7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R
-cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
-mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
-xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
-SnQ2+Q==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFJTCCAw2gAwIBAgIRAP+94tm8qUrtFSYcQfB4flUwDQYJKoZIhvcNAQEFBQAw
-PzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dvdmVybm1lbnQgUm9vdCBDZXJ0aWZp
-Y2F0aW9uIEF1dGhvcml0eTAeFw0wMzAzMDMwNjUxMjNaFw0yMzAzMDMwNjUxMjNa
-MEQxCzAJBgNVBAYTAlRXMRIwEAYDVQQKDAnooYzmlL/pmaIxITAfBgNVBAsMGOaU
-v+W6nOaGkeitieeuoeeQhuS4reW/gzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
-AQoCggEBAJXm+CDDPby1h9VhQFkpeEceeJcodEfbO8og0FgZj/cwtbnJbFgpl1KD
-GvbBO+GvpxLI18c/T4bMEpDlpugcvlF8tIXT5M35lVTByx7NtT5myohevmppbsnK
-1wRC1WwYxWHG3tIRZQdX/mKV0tE1LMDHylTeJWbA+fTPmapiTy7vopSFSmx7zEAI
-9x+6p3bWfZ+A/MQh4SC0gUM6sZhlNH13z3VCaK670xHoTryQi5Yv+SuHJz8tIt31
-xty/nwrpS8eM2lzonL0zDrHf/wkTIpy+ZU+J3J9gi1l1DTUyEL1thj5udyAnAYBy
-aDqT5t3Af7X1DNthPknckzOHz3bOH+0CAwEAAaOCARUwggERMB8GA1UdIwQYMBaA
-FMzM78wpYKQ7sZK2PPoyYo+sJRU7MB0GA1UdDgQWBBTk3BdvIqrO+MghGtKrzlOO
-TtoYfDAOBgNVHQ8BAf8EBAMCAQYwFAYDVR0gBA0wCzAJBgdghnZlAAMDMBIGA1Ud
-EwEB/wQIMAYBAf8CAQAwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2dyY2EubmF0
-Lmdvdi50dy9yZXBvc2l0b3J5L0NSTC9DQS5jcmwwVgYIKwYBBQUHAQEESjBIMEYG
-CCsGAQUFBzAChjpodHRwOi8vZ3JjYS5uYXQuZ292LnR3L3JlcG9zaXRvcnkvQ2Vy
-dHMvSXNzdWVkVG9UaGlzQ0EucDdiMA0GCSqGSIb3DQEBBQUAA4ICAQBrJPxFGTC3
-I2z8AR23BfDjfrQ0Tr8D5ggx5GaPXSe2Re3nHW/mj3TEnpBFMDulZVo8PY8nPx7I
-OibTWRAYVkEk33HrAph+FoCAfLnv5BGIwa9KH2FyguebNv6djFnzJf0E6uBOWtN/
-Tkl1NOh+Q1PuJ3gGoWt8YVr5UVu+Y84LD6lLf294Y6j76sAlsa4z0HDbVx28qiTP
-aPrDkWYIEb5hSW174uazQjiU4yFZMCzwUyGNCAjCoPVPqZ3FIdHdn21KbXJ0Oq87
-7bCKtMy/SRUBCeVhDr7DbmELdDgHPjSXqLknMPnrI605jryzpw2nNPxOT/uO9e7n
-Cxg1S6wtfVtYUx491RGni1FjARZPh3xGizY+O6UxojdEP3jId4A+LJgn/SrijKTw
-m2kiQ3Q7ovMuMKGJdLHeiIOIcyVs7F+Fld2kkfKl7ztQ3mCanuQhvSLaaRSyAiMm
-Cfvc6LJHttAQv/8nFQgTvDAWSkGmba7PgBMeACkQE/5e3qd8Hr20gs7df0O1UCgD
-ST3oZmF0B2MwtBU4IDNRMmrDlx+ZvfE50guQd1jPSSeNrHyycgILnzLMjwMIEaRf
-P34C7KkB1WrJ+IUNL7Wsp4WxEaL8whKzJnaBNMPCDHz4tUuanBtDSuSu2oWYLTNx
-58KYKSxTbOGbBt1cRf10CCR1/3YGE9C7rg==
+MIIHaDCCBlCgAwIBAgIQIL094GkEPSU+HAucglL0IjANBgkqhkiG9w0BAQUFADCB
+8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
+dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1
+YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3
+dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh
+IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD
+LUFDQzAeFw0wMzAxMDgxMTI5MzJaFw0yNzAxMDcyMjU5NTlaMIHpMQswCQYDVQQG
+EwJFUzE7MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g
+KE5JRiBRLTA4MDExNzYtSSkxLjAsBgNVBAsTJVNlcnZlaXMgUHVibGljcyBkZSBD
+ZXJ0aWZpY2FjaW8gRUNWLTExNjA0BgNVBAsTLVZlZ2V1IGh0dHBzOi8vd3d3LmNh
+dGNlcnQubmV0L3ZlckNJQy0xICAoYykwMzEhMB8GA1UECxMYR2VuZXJhbGl0YXQg
+ZGUgQ2F0YWx1bnlhMRIwEAYDVQQDEwlFQy1HRU5DQVQwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDfskLh9womX5uXcd8X/lkEJSFSN05O8RDoyGrKH9H8
+qADjvjZKmKY+4wJrlZpMwZ42UkHfa4qpcBK0x1lH5x3gr6qSpW1XC9PjJLCkUQI4
+Uy+CCbINZ2dwwskeLHZJngYm0KlcRLTlzmppjW4YDimLkpRsjP8WDp/l0zaUP2cz
+fOrIwsor2c6PPQVJ/Oxmi+fcS9rbWTGRf1EzKKGTG1TxoFNvb6bWiYfYj1ILJC+L
+j39gVDi1JRCbPd+Vl5RCwVXieouKbyWQXc5kW5HUeWAhfnDcHlI4SDLI3u60GpfZ
+SCwIFKhsvgSJ26EhfJO0bzdyDDBTfVR6NgFMcXZ0f/7jAgMBAAGjggL+MIIC+jAd
+BgNVHRIEFjAUgRJlY19hY2NAY2F0Y2VydC5uZXQwIAYDVR0RBBkwF4EVZWNfZ2Vu
+Y2F0QGNhdGNlcnQubmV0MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MB0GA1UdDgQWBBQxalwKRk43r0LjsGArDA8tL5PfFDCCATEGA1UdIwSCASgwggEk
+gBSgw4tEqjelRb+XgFrR8Xiim+ldjaGB+aSB9jCB8zELMAkGA1UEBhMCRVMxOzA5
+BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2VydGlmaWNhY2lvIChOSUYgUS0w
+ODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1YmxpY3MgZGUgQ2VydGlmaWNh
+Y2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJh
+cnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlhIEVudGl0YXRzIGRlIENlcnRp
+ZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVDLUFDQ4IQ7is969Qh3hSoYqwE
+893EATCB3QYDVR0gBIHVMIHSMIHPBgsrBgEEAfV4AQMBCzCBvzAsBggrBgEFBQcC
+ARYgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTEwgY4GCCsGAQUFBwIC
+MIGBGn9BcXVlc3QgY2VydGlmaWNhdCDpcyBlbehzIPpuaWNhIGkgZXhjbHVzaXZh
+bWVudCBhIEVudGl0YXRzIGRlIENlcnRpZmljYWNp8yBkZSBDbGFzc2UgMS4gVmVn
+ZXUgaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyQ0lDLTEgMGIGA1UdHwRbMFkw
+V6BVoFOGJ2h0dHA6Ly9lcHNjZC5jYXRjZXJ0Lm5ldC9jcmwvZWMtYWNjLmNybIYo
+aHR0cDovL2Vwc2NkMi5jYXRjZXJ0Lm5ldC9jcmwvZWMtYWNjLmNybDANBgkqhkiG
+9w0BAQUFAAOCAQEAluCecOaIW+usV6L6Sy1E1kaIbO4Lk9tKRL+cXLj4CuhZTlaB
+CPCd83y3s49Um8yWnrxmx1Vuc7WVDvuPAxW3FZ/T0kPX0dsdnYa3uNM2VSna+7kt
+TxvMijJXVLr1Q9843o5fIU/rM0864gsrZxmaShOCGaIKP+EgcVvxQDQTEGzePq69
+IFT6fhO7o3qTdYLEO0SgMG6XE1RiFO8AdEG3G2a2C5lfvZWZtw1TLoXoRr8TSiD5
+u0E9wD59y9zN7h04i/qWH/CFEU38MDtpZfiHI4vdiA2N5onLWX3oLJcifnJzqWPz
+F5WbOKP2XcxBOBspQKYM7uRmx6Nn3GNY4CH/+Q==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
@@ -91,6 +69,39 @@ eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1erfu
 tGWaIZDgqtCYvDi1czyL+Nw=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIFnTCCBIWgAwIBAgIBAjANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEn
+MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
+ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENo
+YW1iZXJzaWduIFJvb3QwHhcNMDMxMTE0MTM0OTA4WhcNMzMxMTE0MTM0OTA4WjCB
+xjELMAkGA1UEBhMCRVMxKzApBgkqhkiG9w0BCQEWHGFjX2NhbWVyZmlybWFAY2Ft
+ZXJmaXJtYS5jb20xEjAQBgNVBAUTCUE4Mjc0MzI4NzFDMEEGA1UEBxM6TWFkcmlk
+IChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRy
+ZXNzKTEZMBcGA1UEChMQQUMgQ2FtZXJmaXJtYSBTQTEWMBQGA1UEAxMNQUMgQ2Ft
+ZXJmaXJtYTCCAR8wDQYJKoZIhvcNAQEBBQADggEMADCCAQcCggEAcYlZO6/h24nT
+orYU6BTdGuIYtxRc6TdV3SAClsN/rZFFVkTjXgfNmnFXZEuSVqAihLOrbtMaCG6l
+Km5S6bnAckqonY3n9qhbkY4pzqMkltgBL86BhrZehbr+gGWN6mx8RcAXpvj3Vr8h
+SpWfts0F+5rmJocAC/gEekSYiIvstRErXUke1plsmzpo5i++4YJTI4EQZ8cMwQjt
+wbHTqe0FR8jcnSU001c031EmXvMje8XtnrfAiSoD4nVq9V0pSZW2kFeDT4JihjZm
+ly3ec0j8MkcqcY5KBHv+0nuGYRYQSHDl3f2Zu7AnPGbkWhGaBn+SeVbpuCbxk8vy
+Vp4IptTxFwIBA6OCAd8wggHbMBIGA1UdEwEB/wQIMAYBAf8CAQswPAYDVR0fBDUw
+MzAxoC+gLYYraHR0cDovL2NybC5jYW1lcmZpcm1hLmNvbS9hY19jYW1lcmZpcm1h
+LmNybDAdBgNVHQ4EFgQUcMGV+l2lFr5i6KR949RkX8ThPp0wgagGA1UdIwSBoDCB
+nYAUQ5w2n7CeME3Gzl+tEKvlA6X6qRShgYGkfzB9MQswCQYDVQQGEwJFVTEnMCUG
+A1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpo
+dHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENoYW1i
+ZXJzaWduIFJvb3SCAQAwDgYDVR0PAQH/BAQDAgGGMCcGA1UdEQQgMB6BHGFjX2Nh
+bWVyZmlybWFAY2FtZXJmaXJtYS5jb20wKgYDVR0SBCMwIYEfY2hhbWJlcnNpZ25y
+b290QGNoYW1iZXJzaWduLm9yZzBYBgNVHSAEUTBPME0GCysGAQQBgYcuCgQBMD4w
+PAYIKwYBBQUHAgEWMGh0dHA6Ly9jcHMuY2FtZXJmaXJtYS5jb20vY3BzL2FjX2Nh
+bWVyZmlybWEuaHRtbDANBgkqhkiG9w0BAQUFAAOCAQEAP9WJ1qa16NtY9/a3dTmC
+QAVbr6XR2tFA6rleKf/Aa9DMLPAoIOA2rEN80jbT0ajC4LKmCt3lOyCYWg8Tekq8
+xj/gANyOD2BKmGsuhLhY/rxuzKUEhxWqqmPmJmDXOGrghHOKhztN/ean5gl+haoO
+b7XIpxw70vbdYX+b1L19w8An5bqJZfsaQ9u10aolVFWEGDPbRB6Nc7zxILc/Dl4O
+rjLBmA9ppOcTyiBWhpw607UOt4YVnns1YwlPAoNmMeEVOoDDUAm7Gx53DwSFCs3N
+4xTxu3qGLwTVWAxrv/ZjS3fOKzbg1X7ytL4KFdwcftfRexHgfWi9JBb9Uh/495q7
+bg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIFfjCCBGagAwIBAgIQZ970PvF72uJP9ZQGBtLAhDANBgkqhkiG9w0BAQwFADB7
 MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
 VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
@@ -146,29 +157,66 @@ b2uQlNzRYBFWgodwJX8Kx7rSAPJHX3LgVsZtL7a+bOzRKQCoeRmtRo9V9jNJH8HJ
 MppQ/qXxmyYQTzbZCA3K17HKM8w=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEQTCCA6qgAwIBAgICAQQwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1Zh
-bGlDZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIElu
-Yy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24g
-QXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAe
-BgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTA0MDExNDIxMDUyMVoX
-DTI0MDEwOTIxMDUyMVowgewxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25h
-MRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5v
-bG9naWVzLCBJbmMuMTAwLgYDVQQLEydodHRwOi8vd3d3LnN0YXJmaWVsZHRlY2gu
-Y29tL3JlcG9zaXRvcnkxMTAvBgNVBAMTKFN0YXJmaWVsZCBTZWN1cmUgQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkxKjAoBgkqhkiG9w0BCQEWG3ByYWN0aWNlc0BzdGFy
-ZmllbGR0ZWNoLmNvbTCBnTANBgkqhkiG9w0BAQEFAAOBiwAwgYcCgYEA2xFDa9zR
-aXhZSehudBQIdBFsfrcqqCLYQjx6z59QskaupmcaIyK+D7M0+6yskKpbKMJw9raK
-gCrgm5xS4JGocqAW4cROfREJs5651POyUMRtSAi9vCqXDG2jimo8ms9KNNwe3upa
-JsChooKpSvuGIhKQOrKC1JKRn6lFn8Ok2/sCAQOjggEhMIIBHTAMBgNVHRMEBTAD
-AQH/MAsGA1UdDwQEAwIBBjBKBgNVHR8EQzBBMD+gPaA7hjlodHRwOi8vY2VydGlm
-aWNhdGVzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvcm9vdC5jcmwwTwYD
-VR0gBEgwRjBEBgtghkgBhvhFAQcXAzA1MDMGCCsGAQUFBwIBFidodHRwOi8vd3d3
-LnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkwOQYIKwYBBQUHAQEELTArMCkG
-CCsGAQUFBzABhh1odHRwOi8vb2NzcC5zdGFyZmllbGR0ZWNoLmNvbTAdBgNVHQ4E
-FgQUrFXet+oT6/yYaOJTYB7xJT6M7ucwCQYDVR0jBAIwADANBgkqhkiG9w0BAQUF
-AAOBgQB+HJi+rQONJYXufJCIIiv+J/RCsux/tfxyaAWkfZHvKNF9IDk7eQg3aBhS
-1Y8D0olPHhHR6aV0S/xfZ2WEcYR4WbfWydfXkzXmE6uUPI6TQImMwNfy5wdS0XCP
-mIzroG3RNlOQoI8WMB7ew79/RqWVKvnI3jvbd/TyMrEzYaIwNQ==
+MIIE3TCCA8WgAwIBAgIQcZL75hlfrE0ShXRxNKIYpzANBgkqhkiG9w0BAQUFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowga4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UE
+BxMOU2FsdCBMYWtlIENpdHkxHjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29y
+azEhMB8GA1UECxMYaHR0cDovL3d3dy51c2VydHJ1c3QuY29tMTYwNAYDVQQDEy1V
+VE4tVVNFUkZpcnN0LUNsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgRW1haWwwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyOYWk8n2rQTtiRjeuzcFgdbw5
+ZflKGkeiucxIzGqY1U01GbmkQuXOSeKKLx580jEHx060g2SdLinVomTEhb2FUTV5
+pE5okHsceqSSqBfymBXyk8zJpDKVuwxPML2YoAuL5W4bokb6eLyib6tZXqUvz8ra
+baov66yhs2qqty5nNYt54R5piOLmRs2gpeq+C852OnoOm+r82idbPXMfIuZIYcZM
+82mxqC4bttQxICy8goqOpA6l14lD/BZarx1x1xFZ2rqHDa/68+HC8KTFZ4zW1lQ6
+3gqkugN3s2XI/R7TdGKqGMpokx6hhX71R2XL+E1XKHTSNP8wtu72YjAUjCzrAgMB
+AAGjggEnMIIBIzAfBgNVHSMEGDAWgBSgEQojPpbxB+zirynvgqV/0DCktDAdBgNV
+HQ4EFgQUiYJnfcSdJnAAS7RQSHzePa4Ebn0wDgYDVR0PAQH/BAQDAgEGMA8GA1Ud
+EwEB/wQFMAMBAf8wHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBEGA1Ud
+IAQKMAgwBgYEVR0gADB7BgNVHR8EdDByMDigNqA0hjJodHRwOi8vY3JsLmNvbW9k
+b2NhLmNvbS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA2oDSgMoYwaHR0cDov
+L2NybC5jb21vZG8ubmV0L0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMBEGCWCG
+SAGG+EIBAQQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAnZXLPLh+pQnEHr8Lwsd2
+jjk8lMYQqk8MyeCrhF2JVOBlO/NtHHw3LCVUX5Yh/DeEkZ0V3BRPgc9UHWtsRWDH
+LfmXUUz5Zso8oIKMpsjw4unUSvnsP1bJ3XaMw4IBT2wA8x4aYXQERwOpxkBXkbxl
+IsUnZ09X22Ra2Y0fuoYv9AaunGnt6fTPKRfY4EqfGiAvl0xRu0YHxIo3TiDjCTFo
+x57Ei53ofhG8MmgQlhGYRNgqUWBNiOt0Ot9DBjLIOVaMOhFS00GkQwP07e8zJ9s5
+4BROJsnY9TniibiTXbcpJkHqs5uug/x3dcroyrX+4mVKYz5ExNDDXodzqZgcr38V
+fw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwDCCBKigAwIBAgIBBTANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
+MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
+ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
+b2YgQ29tbWVyY2UgUm9vdDAeFw0wNDAyMDkxNTQyNDdaFw0zNDAyMDkxNTQyNDda
+MIHgMQswCQYDVQQGEwJFUzEuMCwGCSqGSIb3DQEJARYfYWNfY2FtZXJmaXJtYV9j
+Y0BjYW1lcmZpcm1hLmNvbTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBh
+ZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJ
+QTgyNzQzMjg3MRkwFwYDVQQKExBBQyBDYW1lcmZpcm1hIFNBMS0wKwYDVQQDEyRB
+QyBDYW1lcmZpcm1hIENlcnRpZmljYWRvcyBDYW1lcmFsZXMwggEgMA0GCSqGSIb3
+DQEBAQUAA4IBDQAwggEIAoIBAQCjxnvvj01f36lgGhihRYVf1fAPEXsTJKrY4aLQ
+cEUSh5szZE7VTtGiyMTMc2uCmnaXafjYHK8Lgmy6T9xxGEZ5OS4x6rgtuPyy13AP
+tu3X3Y2kPVLu7ZMw5HoQC64wBj6YcnxTnBwmVW05DjzRXp6OyBIEKEaAB9vv2qEl
+fh/Y234FG6Wd/ut1s0ScRZAo+6CSMNQxaY+ryXKD11uWkzWXJa9UZOasG7z4uPqc
+Gr4/Hz2/CTLDTgp0xkMJYuzOztpUvOACrxlkS2utKUwVlAikJnboNwf/en94RbHN
+zkKc5t0SAbzCf57ueawbzxSdPa+SAC25FNur64FKkfdq5PPjAgEDo4IB5TCCAeEw
+EgYDVR0TAQH/BAgwBgEB/wIBCzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vY3Js
+LmNoYW1iZXJzaWduLm9yZy9jaGFtYmVyc3Jvb3QuY3JsMB0GA1UdDgQWBBS2H06d
+HGiRLjdyYOFGj1qlKjExuTCBqwYDVR0jBIGjMIGggBTjlPWxTenboSlbV4tNdgZ2
+4dGiiqGBhKSBgTB/MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJt
+YSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJz
+aWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdIIBADAO
+BgNVHQ8BAf8EBAMCAYYwKgYDVR0RBCMwIYEfYWNfY2FtZXJmaXJtYV9jY0BjYW1l
+cmZpcm1hLmNvbTAnBgNVHRIEIDAegRxjaGFtYmVyc3Jvb3RAY2hhbWJlcnNpZ24u
+b3JnMFsGA1UdIARUMFIwUAYLKwYBBAGBhy4KCQEwQTA/BggrBgEFBQcCARYzaHR0
+cDovL2Nwcy5jYW1lcmZpcm1hLmNvbS9jcHMvYWNfY2FtZXJmaXJtYV9jYy5odG1s
+MA0GCSqGSIb3DQEBBQUAA4IBAQBl8KoPBYL//EBonqQWS0N+hLfxImP1eQ6nac+v
+R5QfF/0w+VCTkShfKwHaa6V/W1dPlVwXSECuvXHkX6DYrtxFGGFB6qxuP1rkIpRs
+sTkAlpvOx3REiFjIkhsijKd/ijvqxjbMbuYU+EFACK/jQIRoj+LEEZ+haiqbALZB
+Iqq/26HTqX0itDosBj6M94YWcIpbTDefQNWCGsSnZcw2+k+az/wAOZT6xAxlnEim
+HpDDlgRsmaLrHpDPDoIRYOih0gbJTnn4mKex9Wgr0sZ+XFl03j+bvcXL1tiuQnwb
+9dMRDe/OdXABT35W4ZzLbpost65ZW3Tx+oi/bLbmu6pbKCgs
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIFIjCCBAqgAwIBAgIBCDANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
@@ -201,152 +249,6 @@ Rh5STyaMLRHkjabYM//udQicSgMrEvj+WBX2GmSmlbk5abVoYUtjDUB7gQ38UMJn
 cARUSjsyS35DKvZot0YRNcVaGXz+bg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIE+zCCBGSgAwIBAgICAQ0wDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1Zh
-bGlDZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIElu
-Yy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24g
-QXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAe
-BgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTA0MDYyOTE3MDYyMFoX
-DTI0MDYyOTE3MDYyMFowYzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBE
-YWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28gRGFkZHkgQ2xhc3MgMiBDZXJ0
-aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgC
-ggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv
-2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+q
-N1j3hybX2C32qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiO
-r18SPaAIBQi2XKVlOARFmR6jYGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lN
-f4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmYvLEHZ6IVDd2gWMZEewo+YihfukEH
-U1jPEX44dMX4/7VpkI+EdOqXG68CAQOjggHhMIIB3TAdBgNVHQ4EFgQU0sSw0pHU
-TBFxs2HLPaH+3ahq1OMwgdIGA1UdIwSByjCBx6GBwaSBvjCBuzEkMCIGA1UEBxMb
-VmFsaUNlcnQgVmFsaWRhdGlvbiBOZXR3b3JrMRcwFQYDVQQKEw5WYWxpQ2VydCwg
-SW5jLjE1MDMGA1UECxMsVmFsaUNlcnQgQ2xhc3MgMiBQb2xpY3kgVmFsaWRhdGlv
-biBBdXRob3JpdHkxITAfBgNVBAMTGGh0dHA6Ly93d3cudmFsaWNlcnQuY29tLzEg
-MB4GCSqGSIb3DQEJARYRaW5mb0B2YWxpY2VydC5jb22CAQEwDwYDVR0TAQH/BAUw
-AwEB/zAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmdv
-ZGFkZHkuY29tMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jZXJ0aWZpY2F0ZXMu
-Z29kYWRkeS5jb20vcmVwb3NpdG9yeS9yb290LmNybDBLBgNVHSAERDBCMEAGBFUd
-IAAwODA2BggrBgEFBQcCARYqaHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNv
-bS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOBgQC1
-QPmnHfbq/qQaQlpE9xXUhUaJwL6e4+PrxeNYiY+Sn1eocSxI0YGyeR+sBjUZsE4O
-WBsUs5iB0QQeyAfJg594RAoYC5jcdnplDQ1tgMQLARzLrUc+cb53S8wGd9D0Vmsf
-SxOaFIqII6hR8INMqzW/Rn453HWkrugp++85j09VZw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFEjCCBHugAwIBAgICAQwwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1Zh
-bGlDZXJ0IFZhbGlkYXRpb24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIElu
-Yy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIgUG9saWN5IFZhbGlkYXRpb24g
-QXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0LmNvbS8xIDAe
-BgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTA0MDYyOTE3MzkxNloX
-DTI0MDYyOTE3MzkxNlowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVs
-ZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAy
-IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0A
-MIIBCAKCAQEAtzLI/ulxpgSFrQwRZN/OTe/IAxiHP6Gr+zymn/DDodrU2G4rU5D7
-JKQ+hPCe6F/s5SdE9SimP3ve4CrwyK9TL57KBQGTHo9mHDmnTfpatnMEJWbrd3/n
-WcZKmSUUVOsmx/N/GdUwcI+vsEYq/63rKe3Xn6oEh6PU+YmlNF/bQ5GCNtlmPLG4
-uYL9nDo+EMg77wZlZnqbGRg9/3FRPDAuX749d3OyXQZswyNWmiuFJpIcpwKz5D8N
-rwh5grg2Peqc0zWzvGnK9cyd6P1kjReAM25eSl2ZyR6HtJ0awNVuEzUjXt+bXz3v
-1vd2wuo+u3gNHEJnawTY+Nbab4vyRKABqwIBA6OCAfMwggHvMB0GA1UdDgQWBBS/
-X7fRzt0fhvRbVazc1xDCDqmI5zCB0gYDVR0jBIHKMIHHoYHBpIG+MIG7MSQwIgYD
-VQQHExtWYWxpQ2VydCBWYWxpZGF0aW9uIE5ldHdvcmsxFzAVBgNVBAoTDlZhbGlD
-ZXJ0LCBJbmMuMTUwMwYDVQQLEyxWYWxpQ2VydCBDbGFzcyAyIFBvbGljeSBWYWxp
-ZGF0aW9uIEF1dGhvcml0eTEhMB8GA1UEAxMYaHR0cDovL3d3dy52YWxpY2VydC5j
-b20vMSAwHgYJKoZIhvcNAQkBFhFpbmZvQHZhbGljZXJ0LmNvbYIBATAPBgNVHRMB
-Af8EBTADAQH/MDkGCCsGAQUFBwEBBC0wKzApBggrBgEFBQcwAYYdaHR0cDovL29j
-c3Auc3RhcmZpZWxkdGVjaC5jb20wSgYDVR0fBEMwQTA/oD2gO4Y5aHR0cDovL2Nl
-cnRpZmljYXRlcy5zdGFyZmllbGR0ZWNoLmNvbS9yZXBvc2l0b3J5L3Jvb3QuY3Js
-MFEGA1UdIARKMEgwRgYEVR0gADA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY2VydGlm
-aWNhdGVzLnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkwDgYDVR0PAQH/BAQD
-AgEGMA0GCSqGSIb3DQEBBQUAA4GBAKVi8afCXSWlcD284ipxs33kDTcdVWptobCr
-mADkhWBKIMuh8D1195TaQ39oXCUIuNJ9MxB73HZn8bjhU3zhxoNbKXuNSm8uf0So
-GkVrMgfHeMpkksK0hAzc3S1fTbvdiuo43NlmouxBulVtWmQ9twPMHOKRUJ7jCUSV
-FxdzPcwl
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIKYZHboQAAAAAAAjANBgkqhkiG9w0BAQUFADCBijELMAkG
-A1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAo
-YykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYG
-A1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0wNTEyMTEx
-NzUwNDdaFw0yMDEyMTExODAwNDdaMIGKMQswCQYDVQQGEwJDSDEQMA4GA1UEChMH
-V0lTZUtleTEmMCQGA1UECxMdQ29weXJpZ2h0IChjKSAyMDA1IFdJU2VLZXkgU0Ex
-FjAUBgNVBAsTDUludGVybmF0aW9uYWwxKTAnBgNVBAMTIFdJU2VLZXkgQ2VydGlm
-eUlEIEFkdmFuY2VkIEcxIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAvjFPW0iOdxkPZfvL/imJKKaE+AxfR4SP8Q6YUCoMBtoTINg5FOwnWOkQiUPn
-RUdVana4DtRFhvPUtYNhkp/8QUZXqBMQfEugqLvpsZC1epqj6ybVJLQtCGQq7jkP
-GNeaVOQUMmLMls8PC1kQLIc7o/mcj8RwYA/tdiIw8FXG9v09Udff7WwxgtSlEuwC
-6jsveo0m+FDlyx/TJYI9aqcrN/6kIln9aSApJGycRFw8Bij11Xeo70BtD5MAGTgY
-N6YfGpsm/AbfQubTSH2/45R4FBbCpycJGbG8DdbRR1MUwTia3Av33Xm+CWlyG7Ys
-bqfRCkqzc/uBinPUIG4w8XcjXwIDAQABo4IBYzCCAV8wDwYDVR0TAQH/BAUwAwEB
-/zAdBgNVHQ4EFgQUUB8wwJOSjXEjODRcuQr20yvrgUUwCwYDVR0PBAQDAgGGMBAG
-CSsGAQQBgjcVAQQDAgEAME0GA1UdIARGMEQwOgYHYIV0BQ4EAzAvMC0GCCsGAQUF
-BwIBFiFodHRwOi8vd3d3Lndpc2VrZXkuY29tL3JlcG9zaXRvcnkwBgYEVR0gADAZ
-BgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBSzA36uNrywedHc
-lCa2Eb4hsmmGlDA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vcHVibGljLndpc2Vr
-ZXkuY29tL2NybC9vd2dyZ2FjYS5jcmwwRgYIKwYBBQUHAQEEOjA4MDYGCCsGAQUF
-BzAChipodHRwOi8vcHVibGljLndpc2VrZXkuY29tL2NydC9vd2dyZ2FjYS5jcnQw
-DQYJKoZIhvcNAQEFBQADggEBAIJ/R6zUlxiTpTbxlavfvZCnJcx8JbNG75ap/62B
-KvrKeTcyc49PT5NcT68WXpjRHZWyeM5h7CwmwyQ4hItTBvqY3O1L2UZH4Hohrdvq
-6OKBJk1V78FZrC7L1VgYrTn0HpAWSfMVdw/09WFlu+a+AIuu4m7taW8A4lUrt4a9
-graRL/eMup96YYvwBhnlXNatJJhplvBufgXc7vm80iGUfpJ66qu1vh4ogR/4fKKO
-gR2mXBBmnKbycN6u1MflFaT+74xZOeYrcKrRNlgBIJNYu+U48V2I8Q6LVVfgoO7x
-M5+PM0VjekuTZKrwnW9hLCCniZLfCMjv+E0Ga3v8fLFfiUk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFAjCCA+qgAwIBAgIKYQ2XdAAAAAAAAzANBgkqhkiG9w0BAQUFADCBijELMAkG
-A1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAo
-YykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYG
-A1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0wNTEyMjMx
-MDQ1MzJaFw0yMDEyMjMxMDU1MzJaMIGKMQswCQYDVQQGEwJDSDEQMA4GA1UEChMH
-V0lTZUtleTEmMCQGA1UECxMdQ29weXJpZ2h0IChjKSAyMDA1IFdJU2VLZXkgU0Ex
-FjAUBgNVBAsTDUludGVybmF0aW9uYWwxKTAnBgNVBAMTIFdJU2VLZXkgQ2VydGlm
-eUlEIFN0YW5kYXJkIEcxIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEA2mZTaoqsf83L8eOAGoRmxdokNKHhO/hKilN+yqd3STzGO9Nohod0AIsE7iuc
-F09QflSNCHitV1IjS96xG+tFZnXOsLChNymtOoCE3LlQhBRouhlB+bzO2/ZhWTVP
-0uCN4QQnxlOtlWNirPBA1OX1+9Sa12i3fYdFURvLL0M/M8gOS9OaKxS0e7zvSIFU
-dj2Rik+RtFyQT7YI+Ts/Dz3i3gZLgoDRjt02MNYFc/PSQpppYrOlEmyhfO2gyUxD
-rbfyUVeHGJb+qDCk8MQvcqtpAmWPUWXh9EVm+MtPWkuVl7KE0t7L7Fo1PfW8Z0nj
-bbItC8IsYP/5DPpZNn+b0i4HlQIDAQABo4IBZjCCAWIwEgYDVR0TAQH/BAgwBgEB
-/wIBATAdBgNVHQ4EFgQU+thxMjzc6tI1fl/YZOLx/xxmq20wCwYDVR0PBAQDAgGG
-MBAGCSsGAQQBgjcVAQQDAgEAME0GA1UdIARGMEQwOgYHYIV0BQ4EAjAvMC0GCCsG
-AQUFBwIBFiFodHRwOi8vd3d3Lndpc2VrZXkuY29tL3JlcG9zaXRvcnkwBgYEVR0g
-ADAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAfBgNVHSMEGDAWgBSzA36uNryw
-edHclCa2Eb4hsmmGlDA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vcHVibGljLndp
-c2VrZXkuY29tL2NybC9vd2dyZ2FjYS5jcmwwRgYIKwYBBQUHAQEEOjA4MDYGCCsG
-AQUFBzAChipodHRwOi8vcHVibGljLndpc2VrZXkuY29tL2NydC9vd2dyZ2FjYS5j
-cnQwDQYJKoZIhvcNAQEFBQADggEBAF+vdwQbbzXBAKeD1wJN9Hi6GFioVn31+3JE
-Y+C/IfMpj7WgUxgFDn8Y1wgJGmYqBVqibJgSISzX641ToJb/dqCMz3a96HYCe50h
-oBR7ofAeW2+ygwjP+hZ3tgYEPOgHSa3XxWWy89EsipbK9FCGa8m//Mqep9zQWay1
-N01BLX8/nh32Rc++tJfCayDARN68goiHeeAxgMqW6qsTBCJgyHNQz8FowXbny7uQ
-eORA7035VWA1ZrF30sxkUy+EX/URuwLoKWkap6CTmjLj7O7RI4l+OF8GWX1tqT7d
-CbZ9BQX1xQcVdTOOC0b2v8q3Xap++4XsaVH6i97i19iQmarCTAk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFADCCA+igAwIBAgIKYQbgdgAAAAAABDANBgkqhkiG9w0BAQUFADCBijELMAkG
-A1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAo
-YykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYG
-A1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0wNjEwMTcx
-NTQ4MDVaFw0yMTEwMTcxNTU4MDVaMIGLMQswCQYDVQQGEwJDSDEQMA4GA1UEChMH
-V0lTZUtleTEmMCQGA1UECxMdQ29weXJpZ2h0IChjKSAyMDA2IFdJU2VLZXkgU0Ex
-FjAUBgNVBAsTDUludGVybmF0aW9uYWwxKjAoBgNVBAMTIVdJU2VLZXkgQ2VydGlm
-eUlEIFF1YWxpZmllZCBHMSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBANAtpgKSVVk9rEe65Y+IqJDmEdkNQNxkv+gl5tHyGyuVb/PuZjAvb36BAOMn
-hwfumnDBExlfC/GmKIF3IdoK4H2VFQOm+RsQ3u6+RuG+4KpFCL81owAhdOosACSH
-yO92qXAM2phW3FSTsf1xOK8+I5juaieP9AUa9UiJoFHJgbMHmzbPrNtsJmXePiTM
-aPlDbaEWri4ONC1RI5md4X7cj5LNumlQ1/sWhFSSlTaHKVgbX+JYtA3F3ZGkxMWe
-nenzDSC+nopMIBRxlB2Ny5PCNQl70czIEX9vDsLHiHc7wFaJLI/MURJI0XxyIGAi
-wCIqRe11DPziA4h+fD05haHfhhcCAwEAAaOCAWMwggFfMA8GA1UdEwEB/wQFMAMB
-Af8wHQYDVR0OBBYEFLi1+FPScj1z9rtkZ6flZOsS6nNiMAsGA1UdDwQEAwIBhjAQ
-BgkrBgEEAYI3FQEEAwIBADBNBgNVHSAERjBEMDoGB2CFdAUOBAQwLzAtBggrBgEF
-BQcCARYhaHR0cDovL3d3dy53aXNla2V5LmNvbS9yZXBvc2l0b3J5MAYGBFUdIAAw
-GQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwHwYDVR0jBBgwFoAUswN+rja8sHnR
-3JQmthG+IbJphpQwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL3B1YmxpYy53aXNl
-a2V5LmNvbS9jcmwvb3dncmdhY2EuY3JsMEYGCCsGAQUFBwEBBDowODA2BggrBgEF
-BQcwAoYqaHR0cDovL3B1YmxpYy53aXNla2V5LmNvbS9jcnQvb3dncmdhY2EuY3J0
-MA0GCSqGSIb3DQEBBQUAA4IBAQCA8ghBKDyQIW6eANg68qBfEF3TTfWRsfarjgCD
-MPPtssBK4DUz5zpmppcKLpFwsuOZ/CQ9h+/GS1M6P7ZW7lt8Q+/uwfAF9AJMxD0o
-DlsqlP14294GmV2lqqj5eN6NYi11xzVu/Ox6Db0+yRtPk8hVywGmUGfoiOw37YoW
-c9p8JBB8yX6LiRYvH8cJhhrslwC1uFERwo7RtibyuyLme/k315GvJg9GcPn37eQL
-cqFEjhTRM0GjWAWbZs5y09wlsjm3aEEQHYM2Zsji9zLuab2FalnYZdpc8ElGtU/y
-n3i+kupJyYxPTCyMzIVep/AtqDNaMNQFmhXpLeAy+YSBg5sM
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
 BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
 biBHb2xkIENBIC0gRzIwHhcNMDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBF
@@ -380,139 +282,6 @@ ZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6LqjviOvrv1vA+ACOzB2+htt
 Qc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIE0DCCBDmgAwIBAgIQJQzo4DBhLp8rifcFTXz4/TANBgkqhkiG9w0BAQUFADBf
-MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT
-LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
-HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx
-FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz
-dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv
-ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz
-IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8
-RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb
-ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR
-TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/
-Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH
-iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB
-AAGjggGbMIIBlzAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0
-dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjA9
-BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy
-aXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwbQYI
-KwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQU
-j+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29t
-L3ZzbG9nby5naWYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v
-b2NzcC52ZXJpc2lnbi5jb20wPgYDVR0lBDcwNQYIKwYBBQUHAwEGCCsGAQUFBwMC
-BggrBgEFBQcDAwYJYIZIAYb4QgQBBgpghkgBhvhFAQgBMA0GCSqGSIb3DQEBBQUA
-A4GBABMC3fjohgDyWvj4IAxZiGIHzs73Tvm7WaGY5eE43U68ZhjTresY8g3JbT5K
-lCDDPLq9ZVTGr0SzEK0saz6r1we2uIFjxfleLuUqZ87NMwwq14lWAyMfs77oOghZ
-tOxFNfeKW/9mz1Cvxm1XjRl4t7mi0VfqH5pLr7rJjhJ+xr3/
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIExjCCBC+gAwIBAgIQNZcxh/OHOgcyfs5YDJt+2jANBgkqhkiG9w0BAQUFADBf
-MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT
-LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
-HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx
-FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz
-dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv
-ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz
-IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8
-RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb
-ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR
-TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/
-Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH
-iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB
-AAGjggGRMIIBjTAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0
-dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjA9
-BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy
-aXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwNAYD
-VR0lBC0wKwYJYIZIAYb4QgQBBgpghkgBhvhFAQgBBggrBgEFBQcDAQYIKwYBBQUH
-AwIwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUr
-DgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNp
-Z24uY29tL3ZzbG9nby5naWYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhho
-dHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEADyWuSO0b
-M4VMDLXC1/5N1oMoTEFlYAALd0hxgv5/21oOIMzS6ke8ZEJhRDR0MIGBJopK90Rd
-fjSAqLiD4gnXbSPdie0oCL1jWhFXCMSe2uJoKK/dUDzsgiHYAMJVRFBwQa2DF3m6
-CPMr3u00HUSe0gST9MsFFy0JLS1j7/YmC3s=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGzTCCBbWgAwIBAgIQBv35A5YDreoACus/J7u6GzANBgkqhkiG9w0BAQUFADBl
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
-b3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMjExMTEwMDAwMDAwWjBiMQswCQYDVQQG
-EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
-cnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBBc3N1cmVkIElEIENBLTEwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDogi2Z+crCQpWlgHNAcNKeVlRcqcTS
-QQaPyTP8TUWRXIGf7Syc+BZZ3561JBXCmLm0d0ncicQK2q/LXmvtrbBxMevPOkAM
-Rk2T7It6NggDqww0/hhJgv7HxzFIgHweog+SDlDJxofrNj/YMMP/pvf7os1vcyP+
-rFYFkPAyIRaJxnCI+QWXfaPHQ90C6Ds97bFBo+0/vtuVSMTuHrPyvAwrmdDGXRJC
-geGDboJzPyZLFJCuWWYKxI2+0s4Grq2Eb0iEm09AufFM8q+Y+/bOQF1c9qjxL6/s
-iSLyaxhlscFzrdfx2M8eCnRcQrhofrfVdwonVnwPYqQ/MhRglf0HBKIJAgMBAAGj
-ggN6MIIDdjAOBgNVHQ8BAf8EBAMCAYYwOwYDVR0lBDQwMgYIKwYBBQUHAwEGCCsG
-AQUFBwMCBggrBgEFBQcDAwYIKwYBBQUHAwQGCCsGAQUFBwMIMIIB0gYDVR0gBIIB
-yTCCAcUwggG0BgpghkgBhv1sAAEEMIIBpDA6BggrBgEFBQcCARYuaHR0cDovL3d3
-dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsGAQUF
-BwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABDAGUA
-cgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABhAGMA
-YwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQByAHQA
-IABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBnACAA
-UABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABsAGkA
-bQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABpAG4A
-YwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBlAGYA
-ZQByAGUAbgBjAGUALjALBglghkgBhv1sAxUwEgYDVR0TAQH/BAgwBgEB/wIBADB5
-BggrBgEFBQcBAQRtMGswJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
-LmNvbTBDBggrBgEFBQcwAoY3aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0Rp
-Z2lDZXJ0QXNzdXJlZElEUm9vdENBLmNydDCBgQYDVR0fBHoweDA6oDigNoY0aHR0
-cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNy
-bDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJl
-ZElEUm9vdENBLmNybDAdBgNVHQ4EFgQUFQASKxOYspkH7R7for5XDStnAs0wHwYD
-VR0jBBgwFoAUReuir/SSy4IxLVGLp6chnfNtyA8wDQYJKoZIhvcNAQEFBQADggEB
-AEZQPsm3KCSnOB22WymvUs9S6TFHq1Zce9UNC0Gz7+x1H3Q48rJcYaKclcNQ5IK5
-I9G6OoZyrTh4rHVdFxc0ckeFlFbR67s2hHfMJKXzBBlVqefj56tizfuLLZDCwNK1
-lL1eT7EF0g49GqkUW6aGMWKoqDPkmzmnxPXOHXh2lCVz5Cqrz5x2S+1fwksW5Etw
-TACJHvzFebxMElf+X+EevAJdqP77BzhPDcZdkbkPZ0XN1oPt55INjbFpjE/7WeAj
-D9KqrgB87pxCDs+R1ye3Fu4Pw718CqDuLAhVhSK46xgaTfwqIa1JMYNHlXdx3LEb
-S0scEJx3FMGdTy9alQgpECY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGsDCCBZigAwIBAgIQAWXPzBkXS2mHJkFZyuDHnjANBgkqhkiG9w0BAQUFADBh
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
-QTAeFw0wNjExMTAwMDAwMDBaFw0yMTExMTAwMDAwMDBaMF4xCzAJBgNVBAYTAlVT
-MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
-b20xHTAbBgNVBAMTFERpZ2lDZXJ0IEdsb2JhbCBDQS0xMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEA8iUcMWe3U+uoT6X95s8wUq8QNQIMbMT/9Dyiihlz
-ABTaK2rBaDBL/xs21MjdJm4skBZxaj6PZ7CSlqyL3iiXo/uwpSzizKeLy7kYUard
-Bn+bj/ZsjL4EDHebWVB7UA4FXCWclX45hwkPQ04OULdvJ27EmQ30M0APd87mSlSe
-fYw808HAS7S7IU76egrvne2EF4oopd44LovUYo4vZa/shcpsqQvAXkHrprm6eTFY
-CVMc+d2hhFMx2xnmEZ4HdLEHjhyeRY13nEpY84mNP2Jg+mOi5s7gOu/lP5VJf5th
-/XbfwH1Q19hbU+MP7lYVh3wkYjtpxAJNeLYZHu7g6YPkGQIDAQABo4IDZTCCA2Ew
-DgYDVR0PAQH/BAQDAgGGMDsGA1UdJQQ0MDIGCCsGAQUFBwMBBggrBgEFBQcDAgYI
-KwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDCDCCAcYGA1UdIASCAb0wggG5MIIB
-tQYLYIZIAYb9bAEDAAMwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3LmRpZ2lj
-ZXJ0LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUHAgIwggFW
-HoIBUgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQByAHQAaQBm
-AGkAYwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0
-AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAv
-AEMAUABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0
-AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBtAGkAdAAg
-AGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBjAG8AcgBw
-AG8AcgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBlAHIAZQBu
-AGMAZQAuMA8GA1UdEwEB/wQFMAMBAf8wegYIKwYBBQUHAQEEbjBsMCQGCCsGAQUF
-BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRAYIKwYBBQUHMAKGOGh0dHA6
-Ly93d3cuZGlnaWNlcnQuY29tL0NBQ2VydHMvRGlnaUNlcnRHbG9iYWxSb290Q0Eu
-Y3J0MHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9E
-aWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2lj
-ZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwHQYDVR0OBBYEFB4ciBWq
-8kbQBdrpHtwivaiX3g+yMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFV
-MA0GCSqGSIb3DQEBBQUAA4IBAQBk1w8VqkRIKlsRXm3WQ1/gbIyvFNedW/5PD+ui
-lCEGg3O9fwV40ZBuMwzI7Hf63Qg1TBJr/RIFZuXFDmQwTs65A36ewdtDp2D+fjpT
-b83ll+fUBZSxO181Csc7A0T63c61g/lPur+yZ2xXN9c9qxhRxmoUUD6VDDUSdTVC
-lWN2pvb2OSt4HiFgETeic3LASnhvlkQSYmw49+rT33QRGy5Vo8e7jnwsWKQ8ei8s
-wxkDzu+8VmuBr0oAqxBTQ04X/K54YC5nALAGN7ca/IXZVixfbeWwfUbC2iYqCkV7
-s0syyocZCitvxTqpotAMITETFJW2+jzn4GJhbm23uzxUtZaI
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIFBzCCA++gAwIBAgICAgEwDQYJKoZIhvcNAQEFBQAwaDELMAkGA1UEBhMCVVMx
 JTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsT
 KVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2
@@ -571,62 +340,6 @@ qDTMBqLdElrRhjZkAzVvb3du6/KFUJheqwNTrZEjYx8WnM25sgVjOuH0aBsXBTWV
 U+4=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIERTCCA66gAwIBAgIQM2VQCHmtc+IwueAdDX+skTANBgkqhkiG9w0BAQUFADCB
-zjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
-Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE
-CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhh
-d3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNl
-cnZlckB0aGF3dGUuY29tMB4XDTA2MTExNzAwMDAwMFoXDTIwMTIzMDIzNTk1OVow
-gakxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xKDAmBgNVBAsT
-H0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xODA2BgNVBAsTLyhjKSAy
-MDA2IHRoYXd0ZSwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYD
-VQQDExZ0aGF3dGUgUHJpbWFyeSBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEArKDw+4BZ1JzHpM+doVlzCRBFDA0sbmjxbFtIaElZN/wLMxnC
-d3/MEC2VNBzm600JpxzSuMmXNgK3idQkXwbAzESUlI0CYm/rWt0RjSiaXISQEHoN
-vXRmL2o4oOLVVETrHQefB7pv7un9Tgsp9T6EoAHxnKv4HH6JpOih2HFlDaNRe+68
-0iJgDblbnd+6/FFbC6+Ysuku6QToYofeK8jXTsFMZB7dz4dYukpPymgHHRydSsbV
-L5HMfHFyHMXAZ+sy/cmSXJTahcCbv1N9Kwn0jJ2RH5dqUsveCTakd9h7h1BE1T5u
-KWn7OUkmHgmlgHtALevoJ4XJ/mH9fuZ8lx3VnQIDAQABo4HCMIG/MA8GA1UdEwEB
-/wQFMAMBAf8wOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHBz
-Oi8vd3d3LnRoYXd0ZS5jb20vY3BzMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU
-e1tFz6/Oy3r9MZIaarbzRutXSFAwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2Ny
-bC50aGF3dGUuY29tL1RoYXd0ZVByZW1pdW1TZXJ2ZXJDQS5jcmwwDQYJKoZIhvcN
-AQEFBQADgYEAhKhMyT4qvJrizI8LsiV3xGGJiWNa1KMVQNT7Xj+0Q+pjFytrmXSe
-Cajd1FYVLnp5MV9jllMbNNkV6k9tcMq+9oKp7dqFd8x2HGqBCiHYQZl/Xi6Cweiq
-95OBBaqStB+3msAHF/XLxrRMDtdW3HEgdDjWdMbWj2uvi42gbCkLYeA=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFUTCCBLqgAwIBAgIQX6a+gLaGxi8B7QyrsZahBTANBgkqhkiG9w0BAQUFADCB
-zjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
-Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE
-CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhh
-d3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNl
-cnZlckB0aGF3dGUuY29tMB4XDTA2MTExNzAwMDAwMFoXDTIwMTIzMDIzNTk1OVow
-gakxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xKDAmBgNVBAsT
-H0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xODA2BgNVBAsTLyhjKSAy
-MDA2IHRoYXd0ZSwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYD
-VQQDExZ0aGF3dGUgUHJpbWFyeSBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEArKDw+4BZ1JzHpM+doVlzCRBFDA0sbmjxbFtIaElZN/wLMxnC
-d3/MEC2VNBzm600JpxzSuMmXNgK3idQkXwbAzESUlI0CYm/rWt0RjSiaXISQEHoN
-vXRmL2o4oOLVVETrHQefB7pv7un9Tgsp9T6EoAHxnKv4HH6JpOih2HFlDaNRe+68
-0iJgDblbnd+6/FFbC6+Ysuku6QToYofeK8jXTsFMZB7dz4dYukpPymgHHRydSsbV
-L5HMfHFyHMXAZ+sy/cmSXJTahcCbv1N9Kwn0jJ2RH5dqUsveCTakd9h7h1BE1T5u
-KWn7OUkmHgmlgHtALevoJ4XJ/mH9fuZ8lx3VnQIDAQABo4IBzTCCAckwDwYDVR0T
-AQH/BAUwAwEB/zA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0
-cHM6Ly93d3cudGhhd3RlLmNvbS9jcHMwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQW
-BBR7W0XPr87Lev0xkhpqtvNG61dIUDBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8v
-Y3JsLnRoYXd0ZS5jb20vVGhhd3RlUHJlbWl1bVNlcnZlckNBLmNybDAgBgNVHSUE
-GTAXBglghkgBhvhCBAEGCmCGSAGG+EUBCAEwgeUGA1UdIwSB3TCB2qGB1KSB0TCB
-zjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
-Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE
-CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhh
-d3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNl
-cnZlckB0aGF3dGUuY29tggEBMA0GCSqGSIb3DQEBBQUAA4GBACvKEsnd18xjHJsx
-NUrd5Lf2ndGk+x74R/muB44NWBL72u21zDPll2hHYULVZqluHke/hdt9WNF3WsyQ
-YZiaKfWdsc+43PN7gEdI0X30aIzEQcu06f3wI+Cxm3YqbShWo4zN6ewhAHHwX91Q
-pWlCG4MRXYQo0yeu7CqrL2BCxcR4
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIETDCCAzSgAwIBAgILBAAAAAABL07hSVIwDQYJKoZIhvcNAQEFBQAwVzELMAkG
 A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
 b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0wNjEyMTUwODAw
@@ -683,255 +396,70 @@ wGXo/Xpw1mP1oNJCbC/AlfI+Gkfnch/k+SQ5z9Jmwf3ELoY0fE2BxzD49hHDQ+Ah
 Eeyg+X04q/lrynYbxNJoBBQugIiv0GDzzzuNh4FAMWfEAeKf/xck3ABAgNLb
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIHFxU9nqs/vzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
-EwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERp
-Z2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2Vy
-dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDcxMDE0MjA1NDE3WhcNMjIxMDE0MjA1
-NDE3WjCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzAp
-BgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNV
-BAMTL1N0YXJ0Q29tIENsYXNzIDEgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVy
-IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtonGrO8JUngHrJJj
-0PREGBiEgFYfka7hh/oyULTTRwbw5gdfcA4Q9x3AzhA2NIVaD5Ksg8asWFI/ujjo
-/OenJOJApgh2wJJuniptTT9uYSAK21ne0n1jsz5G/vohURjXzTCm7QduO3CHtPn6
-6+6CPAVvkvek3AowHpNz/gfK11+AnSJYUq4G2ouHI2mw5CrY6oPSvfNx23BaKA+v
-WjhwRRI/ME3NO68X5Q/LoKldSKqxYVDLNM08XMML6BDAjJvwAwNi/rJsPnIO7hxD
-KslIDlc5xDEhyBDBLIf+VJVSH1I8MRKbf+fAoKVZ1eKPPvDVqOHXcDGpxLPPr21T
-Lwb0pwIDAQABo4IBTDCCAUgwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E
-BAMCAQYwHQYDVR0OBBYEFOtCNNCYsKuf9BtrCPfMZC7vDixFMB8GA1UdIwQYMBaA
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGkGCCsGAQUFBwEBBF0wWzAnBggrBgEFBQcw
-AYYbaHR0cDovL29jc3Auc3RhcnRzc2wuY29tL2NhMDAGCCsGAQUFBzAChiRodHRw
-Oi8vYWlhLnN0YXJ0c3NsLmNvbS9jZXJ0cy9jYS5jcnQwMgYDVR0fBCswKTAnoCWg
-I4YhaHR0cDovL2NybC5zdGFydHNzbC5jb20vc2ZzY2EuY3JsMEMGA1UdIAQ8MDow
-OAYEVR0gADAwMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9w
-b2xpY3kucGRmMA0GCSqGSIb3DQEBCwUAA4ICAQCBnsOw7dxamNbdJb/ydkh4Qb6E
-qgEU+G9hCCIGXwhWRZMYczNJMrpVvyLq5mNOmrFPC7bJrqYV+vEOYHNXrzthLyOG
-FFOVQe2cxbmQecFOvbkWVlYAIaTG42sHKVi+RFsG2jRNZcFhHnsFnLPMyE6148lZ
-wVdZGsxZvpeHReNUpW0jh7uq90sShFzHs4f7wJ5XmiHOL7fZbnFV6uE/OoFnBWif
-CRnd9+RE3uCospESPCRPdbG+Q4GQ+MBS1moXDTRB6DcNoHvqC6eU3r8/Fn/DeA9w
-9JHPXUfrAhZYKyOQUIqcfE5bvssaY+oODVxji6BMk8VSVHsJ4FSC1/7Pkt/UPoQp
-FVh38wIJnvEUeNVmVl3HHFYTd50irdKYPBC63qi2V/YYI6bJKmbrjfP9Vhyt9uNr
-y3Kh4W22ktDuCCvWC7n/gqerdq+VlTRfNt7D/mB0irnaKjEVNCXBXm9V/978J+Ez
-8aplGZccQ9jnc9kiPtUp5dj45E3V8vKqzp9srSSI5Xapdg+ZcPY+6HNuVB+MadRp
-ZW2One/Qnzg9B4GnVX7MOETImdoP4kXpostFuxoY/5LxCU1LJAIENV4txvT50lX2
-GBXCkxllRLWOgdyll11ift/4IO1aCOGDijGIfh498YisM1LGxytmGcxvbJERVri+
-gGpWAZ5J6dvtf0s+bA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIHHKs2Ry2cUTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
-EwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERp
-Z2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2Vy
-dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDcxMDE0MjA1NzA5WhcNMjIxMDE0MjA1
-NzA5WjCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzAp
-BgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNV
-BAMTL1N0YXJ0Q29tIENsYXNzIDIgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVy
-IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4k85L6GMmoWtCA4I
-PlfyiAEhG5SpbOK426oZGEY6UqH1D/RujOqWjJaHeRNAUS8i8gyLhw9l33F0NENV
-sTUJm9m8H/rrQtCXQHK3Q5Y9upadXVACHJuRjZzArNe7LxfXyz6CnXPrB0KSss1k
-s3RVG7RLhiEs93iHMuAW5Nq9TJXqpAp+tgoNLorPVavD5d1Bik7mb2VsskDPF125
-w2oLJxGEd2H2wnztwI14FBiZgZl1Y7foU9O6YekO+qIw80aiuckfbIBaQKwn7UhH
-M7BUxkYa8zVhwQIpkFR+ZE3EMFICgtffziFuGJHXuKuMJxe18KMBL47SLoc6PbQp
-Z4rEAwIDAQABo4IBTDCCAUgwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E
-BAMCAQYwHQYDVR0OBBYEFBHbI0X9VMxqcW+EigPXvvcBLyaGMB8GA1UdIwQYMBaA
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGkGCCsGAQUFBwEBBF0wWzAnBggrBgEFBQcw
-AYYbaHR0cDovL29jc3Auc3RhcnRzc2wuY29tL2NhMDAGCCsGAQUFBzAChiRodHRw
-Oi8vYWlhLnN0YXJ0c3NsLmNvbS9jZXJ0cy9jYS5jcnQwMgYDVR0fBCswKTAnoCWg
-I4YhaHR0cDovL2NybC5zdGFydHNzbC5jb20vc2ZzY2EuY3JsMEMGA1UdIAQ8MDow
-OAYEVR0gADAwMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9w
-b2xpY3kucGRmMA0GCSqGSIb3DQEBCwUAA4ICAQBSyb3zvcv566LEMsqGcvzPv6cw
-tf2R99WB4SEErQBM/+mLJ9r/8iTN/B8Pf9LR5YGSI3gW7msDLp0ASE+ugmUuh2/u
-agdfS1Zu95ZGQebd/kW5Yiqainbprb3Wc7O8MSvQLNVsa7xqOiWHqailDdeF8Wxs
-BQ70wWjLuyqBWKU+mcSf9x+EjqB60U3buAGcDYE0yoL+I2JNP22kUsBMXvJpSLHy
-36xEZGmwRinHrfDywJ1oI4qoZ3EiF77OiXp2vlRsk1yL8Bpuru2OrsIFrhNX5rnn
-cMgzuJ79SjDjmNQTa+5Ouebs387qoJ52apeq6t80RUL12k3Wh3Zt/85phnqBX9uy
-T86w4GdgOUSwRRCFZZcSed/Ul9h4IQyEmM67T2sPGdqFaZFBbBccxrn2FK7yoYB6
-4umV7yKKzP842/whVuyA/W2ihZEpA+qrA70sYESCADXnFGx2O0CDVdVc38coo1nV
-iXg+D+AG/dVXiiQcp2I4HYWTS/mTf/NE+mOYnu0miZ32/vhDbCX/B/kSPJ4RsNOA
-7uyrOwykcgOSFDbpvuaKOpGLrQwGqLODgm+p9TY5giMMjur9XH7TS1wz02dIz07u
-y2NwYWdV67vcnAt6QxRISap5RbaPviyQZxz4nFaSlTAwHoPaW1yuVS11tmsROMlR
-RNvbaAxIU4U67YaZSw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF2TCCA8GgAwIBAgIHFahbcRCtzzANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQG
-EwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERp
-Z2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2Vy
-dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDcxMDE0MjA1ODI0WhcNMjIxMDE0MjA1
-ODI0WjCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIEx0ZC4xKzAp
-BgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNV
-BAMTL1N0YXJ0Q29tIENsYXNzIDMgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVy
-IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtTlmqySw6jNfvAT
-GV+1Z3tzCryzboJMuKv++wEh3XwM+fi1gAH9j8X6ORJYdCJcqWOA/D+E4Sh37S7x
-JR9JDCfpPo+6yS9G0D/pOuQjUZVCdBfGym0DOFrHfgaAtN+wy/rvVULObi1AYw7c
-F/a59olLMt5B41FNcbMCmJEBzmhc6iqttRqI0lGX72VDfcdEvOLw7rdEetvTl6hx
-/s/2B58j/NxVY5M3J/oeqY0sPOSc3RMrH1mWZ1xgS96FgeblRRxdNfRbDn1/qdrE
-Vxxc2jWHRyUUbpdevcgeTynGfBLcLsW9QUREZP2wGbeJL1TkbkMfxb/MKdQQzheL
-/9Gc2QIDAQABo4IBTDCCAUgwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E
-BAMCAQYwHQYDVR0OBBYEFIn4QqYcYurH8TIJK0E+e6JcrsVLMB8GA1UdIwQYMBaA
-FE4L7xqkQFulF2mHMMo0aEPQQa7yMGkGCCsGAQUFBwEBBF0wWzAnBggrBgEFBQcw
-AYYbaHR0cDovL29jc3Auc3RhcnRzc2wuY29tL2NhMDAGCCsGAQUFBzAChiRodHRw
-Oi8vYWlhLnN0YXJ0c3NsLmNvbS9jZXJ0cy9jYS5jcnQwMgYDVR0fBCswKTAnoCWg
-I4YhaHR0cDovL2NybC5zdGFydHNzbC5jb20vc2ZzY2EuY3JsMEMGA1UdIAQ8MDow
-OAYEVR0gADAwMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LnN0YXJ0c3NsLmNvbS9w
-b2xpY3kucGRmMA0GCSqGSIb3DQEBCwUAA4ICAQAthLawLWmq9RJIhpczAyq3ep7T
-ccmBd50ifXNehjyJ5d90C/uflhRHe/tzGQKHGhgb/3jhW8k0HDfdqsGTZI6jkC+a
-Rld1X0cQMj/1NAXnOuMqhDXc5kANit9TdvtGlWZHVFvEk75JPYDD0D7ZXTQ3ccRn
-1CzQM9pX5uxp3eiVHh8zHVwbrVyxBi3zXTSD1sUP/Ze/aXPP/OYZl8y3Iy8cQpiq
-ie7OiiB1gOqp42Vb9lWnoH6jBLVpmtmkpcbH2wgClEmjgGTxmlILhD8BlrKF31vX
-j6KdlRwn+jA0Uz6DCD+1IWMaADMOzeG9P41upK5uESwvVUXImboBR/OXBMc8Jyg8
-WmPTG5rEwqkhGfsedq05kxg7MXmI7M2aaxXYwedkIGzhqrv6h3tLH/o8X9Ff7d0B
-SLK8wwGstLZ7vNv6K7q2bMv4g5mKaesPNg/hoTri4yJEbYVBL9xgvTLhvNGp46IY
-UEzn3vnFE6gnhne4jFQWqV4zjA9JveC8LtMqoAE8Z4HJbSNurfokLEm1MS3qIVHN
-po3bgKCaTKJhsOcWY3a38jb8GalRiqKJE5lKqvKvZ/gPWZVOl78qROiDfdWvBT00
-7p6y48YVkRW8Q1+M45w8cRaXfoRXbMJVCD9KvDrL2kDobaTvtIZxK0PUbKCXubPw
-0N8NcSQMxAONGPkXWw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIG5jCCBc6gAwIBAgIQAze5KDR8YKauxa2xIX84YDANBgkqhkiG9w0BAQUFADBs
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
-ZSBFViBSb290IENBMB4XDTA3MTEwOTEyMDAwMFoXDTIxMTExMDAwMDAwMFowaTEL
-MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
-LmRpZ2ljZXJ0LmNvbTEoMCYGA1UEAxMfRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
-RVYgQ0EtMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPOWYth1bhn/
-PzR8SU8xfg0ETpmB4rOFVZEwscCvcLssqOcYqj9495BoUoYBiJfiOwZlkKq9ZXbC
-7L4QWzd4g2B1Rca9dKq2n6Q6AVAXxDlpufFP74LByvNK28yeUE9NQKM6kOeGZrzw
-PnYoTNF1gJ5qNRQ1A57bDIzCKK1Qss72kaPDpQpYSfZ1RGy6+c7pqzoC4E3zrOJ6
-4GAiBTyC01Li85xH+DvYskuTVkq/cKs+6WjIHY9YHSpNXic9rQpZL1oRIEDZaARo
-LfTAhAsKG3jf7RpY3PtBWm1r8u0c7lwytlzs16YDMqbo3rcoJ1mIgP97rYlY1R4U
-pPKwcNSgPqcCAwEAAaOCA4UwggOBMA4GA1UdDwEB/wQEAwIBhjA7BgNVHSUENDAy
-BggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMDBggrBgEFBQcDBAYIKwYBBQUH
-AwgwggHEBgNVHSAEggG7MIIBtzCCAbMGCWCGSAGG/WwCATCCAaQwOgYIKwYBBQUH
-AgEWLmh0dHA6Ly93d3cuZGlnaWNlcnQuY29tL3NzbC1jcHMtcmVwb3NpdG9yeS5o
-dG0wggFkBggrBgEFBQcCAjCCAVYeggFSAEEAbgB5ACAAdQBzAGUAIABvAGYAIAB0
-AGgAaQBzACAAQwBlAHIAdABpAGYAaQBjAGEAdABlACAAYwBvAG4AcwB0AGkAdAB1
-AHQAZQBzACAAYQBjAGMAZQBwAHQAYQBuAGMAZQAgAG8AZgAgAHQAaABlACAARABp
-AGcAaQBDAGUAcgB0ACAARQBWACAAQwBQAFMAIABhAG4AZAAgAHQAaABlACAAUgBl
-AGwAeQBpAG4AZwAgAFAAYQByAHQAeQAgAEEAZwByAGUAZQBtAGUAbgB0ACAAdwBo
-AGkAYwBoACAAbABpAG0AaQB0ACAAbABpAGEAYgBpAGwAaQB0AHkAIABhAG4AZAAg
-AGEAcgBlACAAaQBuAGMAbwByAHAAbwByAGEAdABlAGQAIABoAGUAcgBlAGkAbgAg
-AGIAeQAgAHIAZQBmAGUAcgBlAG4AYwBlAC4wEgYDVR0TAQH/BAgwBgEB/wIBADCB
-gwYIKwYBBQUHAQEEdzB1MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
-dC5jb20wTQYIKwYBBQUHMAKGQWh0dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NBQ2Vy
-dHMvRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3J0MIGPBgNVHR8EgYcw
-gYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hB
-c3N1cmFuY2VFVlJvb3RDQS5jcmwwQKA+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0
-LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwHQYDVR0OBBYE
-FExYyyXwQU9S9CjIgUObpqig5pLlMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoI
-Au9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQBMeheHKF0XvLIyc7/NLvVYMR3wsXFU
-nNabZ5PbLwM+Fm8eA8lThKNWYB54lBuiqG+jpItSkdfdXJW777UWSemlQk808kf/
-roF/E1S3IMRwFcuBCoHLdFfcnN8kpCkMGPAc5K4HM+zxST5Vz25PDVR708noFUjU
-xbvcNRx3RQdIRYW9135TuMAW2ZXNi419yWBP0aKb49Aw1rRzNubS+QOy46T15bg+
-BEkAui6mSnKDcp33C4ypieez12Qf1uNgywPE3IjpnSUBAHHLA7QpYCWP+UbRe3Gu
-zVMSW4SOwg/H7ZMZ2cn6j1g0djIvruFQFGHUqFijyDATI+/GJYw2jxyA
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGWDCCBUCgAwIBAgIQCl8RTQNbF5EX0u/UA4w/OzANBgkqhkiG9w0BAQUFADBs
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
-ZSBFViBSb290IENBMB4XDTA4MDQwMjEyMDAwMFoXDTIyMDQwMzAwMDAwMFowZjEL
-MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
-LmRpZ2ljZXJ0LmNvbTElMCMGA1UEAxMcRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
-Q0EtMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL9hCikQH17+NDdR
-CPge+yLtYb4LDXBMUGMmdRW5QYiXtvCgFbsIYOBC6AUpEIc2iihlqO8xB3RtNpcv
-KEZmBMcqeSZ6mdWOw21PoF6tvD2Rwll7XjZswFPPAAgyPhBkWBATaccM7pxCUQD5
-BUTuJM56H+2MEb0SqPMV9Bx6MWkBG6fmXcCabH4JnudSREoQOiPkm7YDr6ictFuf
-1EutkozOtREqqjcYjbTCuNhcBoz4/yO9NV7UfD5+gw6RlgWYw7If48hl66l7XaAs
-zPw82W3tzPpLQ4zJ1LilYRyyQLYoEt+5+F/+07LJ7z20Hkt8HEyZNp496+ynaF4d
-32duXvsCAwEAAaOCAvowggL2MA4GA1UdDwEB/wQEAwIBhjCCAcYGA1UdIASCAb0w
-ggG5MIIBtQYLYIZIAYb9bAEDAAIwggGkMDoGCCsGAQUFBwIBFi5odHRwOi8vd3d3
-LmRpZ2ljZXJ0LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRtMIIBZAYIKwYBBQUH
-AgIwggFWHoIBUgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABoAGkAcwAgAEMAZQBy
-AHQAaQBmAGkAYwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0AGUAcwAgAGEAYwBj
-AGUAcAB0AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBnAGkAQwBlAHIAdAAg
-AEMAUAAvAEMAUABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBsAHkAaQBuAGcAIABQ
-AGEAcgB0AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABpAGMAaAAgAGwAaQBt
-AGkAdAAgAGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABhAHIAZQAgAGkAbgBj
-AG8AcgBwAG8AcgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABiAHkAIAByAGUAZgBl
-AHIAZQBuAGMAZQAuMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAm
-MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgY8GA1UdHwSB
-hzCBhDBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGln
-aEFzc3VyYW5jZUVWUm9vdENBLmNybDBAoD6gPIY6aHR0cDovL2NybDQuZGlnaWNl
-cnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDAfBgNVHSME
-GDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAdBgNVHQ4EFgQUUOpzidsp+xCPnuUB
-INTeeZlIg/cwDQYJKoZIhvcNAQEFBQADggEBAB7ipUiebNtTOA/vphoqrOIDQ+2a
-vD6OdRvw/S4iWawTwGHi5/rpmc2HCXVUKL9GYNy+USyS8xuRfDEIcOI3ucFbqL2j
-CwD7GhX9A61YasXHJJlIR0YxHpLvtF9ONMeQvzHB+LGEhtCcAarfilYGzjrpDq6X
-dF3XcZpCdF/ejUN83ulV7WkAywXgemFhM9EZTfkI7qA5xSU1tyvED7Ld8aW3DiTE
-JiiNeXf1L/BXunwH1OH8zVowV36GEEfdMR/X/KLCvzB8XSSq6PmuX2p0ws5rs0bY
-Ib4p1I5eFdZCSucyb6Sxa1GDWL4/bcf72gMhy2oWGU4K8K2Eyl2Us1p292E=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGXjCCBEagAwIBAgIIXsz6acAzJ+8wDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UE
-BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEfMB0GA1UEAxMWU3dpc3NTaWdu
-IEdvbGQgQ0EgLSBHMjAeFw0wODA3MDcxNzA2MDNaFw0yMzA3MDcxNzA2MDNaMFEx
-CzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxKzApBgNVBAMTIlN3
-aXNzU2lnbiBTZXJ2ZXIgR29sZCBDQSAyMDA4IC0gRzIwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDNMradteMVxVvR6t+pOooZejP8r1lY85el0PB7C118
-iKYv1Apfq3mZ0wt7ZdpCyd2DzKE338Ki04Qn9IidLCkKDLOSNtlQlw4Yvg12W2bU
-/WVaVAeUN0Tn3VeCkdWbSRIbvTGU63X9dp5lbgEm8XyjpLAK3SKABn7dWivfWuBo
-oUCy64hJ+fSWljJmqG772Qmc9p3GxfN7/L227JH4SMaOwVcJd0rkvMTi1bWa1XFp
-Q3lIlxW91JBEKqBKsru1h7wOq81VwIa3a2pdFgWY8F45G7M2Om9bLL5TiJ3Emkbl
-gKIFRX+GztmnQdKdY8c8rpknh/jWr6YiqYm+jV6+crGhAgMBAAGjggJEMIICQDAO
-BgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUl3be
-CjTlEJpAxOvYnVpTeyHMRz4wHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn
-8O4wgf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lzc3NpZ24ubmV0
-LzVCMjU3Qjk2QTQ2NTUxN0VCODM5RjNDMDc4NjY1RUU4M0FFN0YwRUUwgaiggaWg
-gaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049NUIyNTdCOTZB
-NDY1NTE3RUI4MzlGM0MwNzg2NjVFRTgzQUU3RjBFRSUyQ089U3dpc3NTaWduJTJD
-Qz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9
-Y1JMRGlzdHJpYnV0aW9uUG9pbnQwYgYDVR0gBFswWTBXBglghXQBWQECAQMwSjBI
-BggrBgEFBQcCARY8aHR0cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lz
-c1NpZ24tR29sZC1DUC1DUFMtUjMucGRmMHQGCCsGAQUFBwEBBGgwZjBkBggrBgEF
-BQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93
-bmxvYWQvNUIyNTdCOTZBNDY1NTE3RUI4MzlGM0MwNzg2NjVFRTgzQUU3RjBFRTAN
-BgkqhkiG9w0BAQUFAAOCAgEAPuJBwXDS9McQwt5Gp0xHGpeiTCr4qmBwIKM33x8J
-U3xjHQ/ynptuwkI5sqQsUcfuHe6uipqA3lIJoBM8u6M65jg/tZTsLoExFE+DtOf5
-pHDvUXMFwhsjv9AbkhL6X1LBZAZEMkOpnuRdR2FD0wy1Kh4Hbel9LwmmaYJdfH5a
-tkKVlHsN0b6stJ6zEX0dIgi/7M4FYaAZgoxBS1OijPxFCSl0sFT6UYf0GYXcr6M+
-URLc1NBofDHo/lIrTygFNfk7PIvOrBoREiOqNtE5RnuGyJa+tt2y2P3QyGBE6Ppi
-e/VCCMJagmH8yel0WhuyDUJE35bpNEL34w+pJKr7ApQ1sT0yh607jGEbl53Y+vFC
-Uuwo39MMqzx26notCbj0izccf+nDuW05jFQWmRc6OCI2L9Yw34r+1PQTmQe1TKx6
-FqnW3WP66ZwbXfGXwwfqmjcK+42695kQYSLsDfNaxxkCBTkt+MauYgXWiOfzAnYz
-R2nMQ/LHTDsTpTMkJ+eA/bHcrUJVkBHNWDiolD5C03oSFY0fPRlSnfXHRpgcOkq8
-yI/OYArKo4tvQpAYPnG7ELI/j2grgRx6xutuVMYVmzhr/JnqFto5Eg32hKjA5H5+
-c4Ssw1ZaGGMMb9aMFlnJi4SYoXB8MfL+SU/u1K54dM1mV/oFK6e2dtGgaYDdV86v
-0qo=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGZTCCBE2gAwIBAgIJAJ0VTjBqi6DOMA0GCSqGSIb3DQEBBQUAMEcxCzAJBgNV
-BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxITAfBgNVBAMTGFN3aXNzU2ln
-biBTaWx2ZXIgQ0EgLSBHMjAeFw0wODA3MDcxNzA3MTZaFw0yMzA3MDcxNzA3MTZa
-MFMxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxLTArBgNVBAMT
-JFN3aXNzU2lnbiBTZXJ2ZXIgU2lsdmVyIENBIDIwMDggLSBHMjCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAMq4hxLA/tjBd1A2k+amKTz/nY7Tshcy85zW
-l9Ylvm04Lbn4PeUj4Gu2hgQo6ykD1vHN5343CNpfNtT+VxuZCfQeFUxSN4gaFZ9H
-hT2yUvzZrGMF40DDsZpO/ZYhLGBCfNCSpFcP9CRBjlGAhXOeXcgmwx+PI/cCTsFL
-DfmU/kqOEat0XEwYhrtNSXSWcUEiTRuDXDXZHlSEVoo8kJBxvlMDKYPcD0NDDUC+
-fP6XjEAM/8dYnmAI7mjUYPpQPVHr+Eo9h7qw519xC7+4HS28l8u7f0ULPuiPiF5t
-3eqX0kqw2eF9Re/I2ZuoJuF/8qQcu6iX3crx2iuURfQtaMac1rsCAwEAAaOCAkYw
-ggJCMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQW
-BBTTRG/Z/nr83qwceqIhDWT6ZbDXgjAfBgNVHSMEGDAWgBQXoM3B5EG2Ols7y0Wd
-vRzCmPqGWDCB/wYDVR0fBIH3MIH0MEegRaBDhkFodHRwOi8vY3JsLnN3aXNzc2ln
-bi5uZXQvMTdBMENEQzFFNDQxQjYzQTVCM0JDQjQ1OURCRDFDQzI5OEZBODY1ODCB
-qKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rvcnkuc3dpc3NzaWduLm5ldC9DTj0xN0Ew
-Q0RDMUU0NDFCNjNBNUIzQkNCNDU5REJEMUNDMjk4RkE4NjU4JTJDTz1Td2lzc1Np
-Z24lMkNDPUNIP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RD
-bGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDBkBgNVHSAEXTBbMFkGCWCFdAFZAQMB
-AzBMMEoGCCsGAQUFBwIBFj5odHRwOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24uY29t
-L1N3aXNzU2lnbi1TaWx2ZXItQ1AtQ1BTLVIzLnBkZjB0BggrBgEFBQcBAQRoMGYw
-ZAYIKwYBBQUHMAKGWGh0dHA6Ly9zd2lzc3NpZ24ubmV0L2NnaS1iaW4vYXV0aG9y
-aXR5L2Rvd25sb2FkLzE3QTBDREMxRTQ0MUI2M0E1QjNCQ0I0NTlEQkQxQ0MyOThG
-QTg2NTgwDQYJKoZIhvcNAQEFBQADggIBADTAL5iWnjrU/Jv2lhTXlvsJzoSgzsas
-J08YdNtjHvUUf4eTZaQze2sEbsTdjI+0AYXMr9nHT2SBIW6xUx4/4NSROjaQQtiw
-5R43ThcGAbr/AozshGNa2GnMfGyDIqrlMRphG8+ABqktgzAfKCPFZLHADLCTebsU
-lCOAMgDwQNkvERws/8SE6quXTpspzZ2s/bDbEl8Q3OSDuzGfth9/uamUZjyA8mda
-kOOw90kcIMPKLvh40CqIFNqsgnHRI7H5lAHfjw1dKcEs21zwSbUolEjRX1CXQI+6
-QkX6zsLFkd5kxDcKiNHFj3C7gGbQt+CzBuB0LufvozoKkhWxv07IkD3qIpM3vOCJ
-I5sOWQy0qlRFSGJVGYl/swMKSZNbURp5IzvtJa3RBQLIPK6n8AICNAKpmETYecJW
-B12PF7yso4cVXObmLYW39W1t+HRYsjXxsQQ9Zribt6jMXLSvDVbbpRSY0qc5/vNs
-TOhnxwHWd1avHPBIKAza6eA4ztMVmCY8ySenaWdJBa8x/bRPixmRaE3vCH/ycpI3
-qtBQQwFcKiSBj93JSPHwgLlcKB9Sbk+tkcoPp/OqKYuvztNf6XTbj+a7YOJK12oS
-i/Iyt6Ypox1gK87DRWvliOiGCQhw3r5b1utOx+c/1XHR9AyrUyJ6yI13SYu+w6E2
-rgBsd+HYy+e2
+MIIF5jCCA86gAwIBAgIRAJc8yU1Ez+mi4U9S6aWUoVowDQYJKoZIhvcNAQEFBQAw
+XjELMAkGA1UEBhMCVFcxIzAhBgNVBAoMGkNodW5naHdhIFRlbGVjb20gQ28uLCBM
+dGQuMSowKAYDVQQLDCFlUEtJIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
+HhcNMDcwNTE2MTAxMzU1WhcNMjcwNTE2MTAxMzU1WjBbMQswCQYDVQQGEwJUVzEj
+MCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0ZC4xJzAlBgNVBAsMHlB1
+YmxpYyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAJbEUbRogBe+Unld424LbzivM4pQdCnV/uNe7S2287+9fqCx
+njtKfxni/HzwTiShxGlaWcz9oXnnBVgizU1IkGn3U1vbJMaMgOX1CbCYNdj0atYf
+KuxRmtQfPAP6BmUVF74w5znjDJhzWO0wm15xsx+fhb89HzqUDV9gC9aK1LKgoAFh
+Ii8nbGxrKEhZchZlzIHNMxQGgdcAJLUCI5EToKh3/xHWv/KCRJVXOD11AtLmwMdB
+HxGNhIeOUpax0sHRmescUi76tqGp3PDsKz53C2ysLsBf4FykiQSrfKEqyLg+Rxk6
+6ultf41cQLAm4+WwXIvxwqtGEGuoEWNWXdylREsCAwEAAaOCAaAwggGcMB8GA1Ud
+IwQYMBaAFB4M97Zn8uGSJglFwFU5Lnc/QkqiMB0GA1UdDgQWBBRxs1AxoBtbe7Km
+WXz9EIw8rTo9ejAOBgNVHQ8BAf8EBAMCAQYwOwYDVR0fBDQwMjAwoC6gLIYqaHR0
+cDovL2VjYS5oaW5ldC5uZXQvcmVwb3NpdG9yeS9DUkwvQ0EuY3JsMIGLBggrBgEF
+BQcBAQR/MH0wRAYIKwYBBQUHMAKGOGh0dHA6Ly9lY2EuaGluZXQubmV0L3JlcG9z
+aXRvcnkvQ2VydHMvSXNzdWVkVG9UaGlzQ0EucDdiMDUGCCsGAQUFBzABhilodHRw
+Oi8vb2NzcC5lY2EuaGluZXQubmV0L09DU1Avb2NzcEcxc2hhMTASBgNVHRMBAf8E
+CDAGAQH/AgEAMGsGA1UdIARkMGIwDQYLKwYBBAGBtyNkAAEwDQYLKwYBBAGBtyNk
+AAIwDQYLKwYBBAGBtyNkAAMwCQYHYIZ2AWQAATAJBgdghnYBZAACMAkGB2CGdgFk
+AAMwCAYGZ4EMAQIBMAgGBmeBDAECAjANBgkqhkiG9w0BAQUFAAOCAgEAoV0YeNQX
+hgLU24kqlKbLL1e7+mHtwqJYIh2linRcDHvorEvqRttalL/cNRmjMUhFHLTTa+tO
+8hh4NRMT4fYOrVdGN0yeKeABNRWORzF5JH+ToxyQYRYvjPNt0JqKCDC4aGWcPjRG
+msEwlBpFDJgqQouyYSHuneqIw8UzrJD5+UIfCjcdQqbwNVeQ/obRYPftcS+agCuD
+vI082dfjqM4RAZBW2W34861Bu3VAGL3BFIblMAirIfwXjtR93L8RkYRZla8gIvSN
+/0pWRhbO5Jmhpww8Q/aqXcm6c/sf3SldjlFAorIp5HHVLmfFsvbsEYcg4SLRl2SC
+HmI6MX33CBAJKSXR3vGkEp65mDZlf80yLUGST82ClTuwQc9DuBCmb++mTBSQ0N/a
+SEmXCA3vy/KckgjOO8fFKyV4uHJVWdPiPmpjxzWFmHXBul6KfT5yuSD/xNBVdGQF
+eJ1+3kEl2oKa3thfFIsSoarfeQiTn3gDl4x+i/chw/iKq0kAs4PeMpn3qYQ03K7e
+SrsDXWyK586O396tnW2DRJjMNTGcMl/cSN7n6D2ONCriKM4dG7hrfV9kw0CsSqec
+am2dqEbzre40c64wG2lngTJ2LjpuG4IqpW418IM5Gc4lZnwZHZGhjSBZNIrFeOs1
+OzuP1OHS+DCN3s8HfhNNENyew6mywFicjVk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFljCCBH6gAwIBAgIBDTANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEn
+MCUGA1UEChMeQUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQL
+ExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMg
+b2YgQ29tbWVyY2UgUm9vdDAeFw0wNzExMTUxMzM5NTlaFw0zMjExMDgxMzM5NTla
+MIHZMQswCQYDVQQGEwJFUzElMCMGCSqGSIb3DQEJARYWY21mZWNzMkBjYW1lcmZp
+cm1hLmNvbTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
+IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
+MRkwFwYDVQQKExBBQyBDYW1lcmZpcm1hIFNBMS8wLQYDVQQDEyZBQyBDYW1lcmZp
+cm1hIEV4cHJlc3MgQ29ycG9yYXRlIFNlcnZlcjCCASAwDQYJKoZIhvcNAQEBBQAD
+ggENADCCAQgCggEBAIg1c+SE9a2pYYPrVGr9c+aEjvoUncE2WhlZhuKzfxwF5YSV
+1UfGmPupAgy1yILQcTUd2M2bqCzInVZ0aLJQ5MmmG0dfzq4EFh/apTyTMcNrfoN9
+ocafuEwCYxLAyhh9JHqRyOzkjWLpyI2Xw1w5vTWESGVNDVcAm5eEMIGSnWsLqjOJ
+aXd4QwXvy4CQi//jFRIZD2nP6xyJlLHdYxpbfETAqyea4loU+E0oy5PxJQlB9xE7
+BqmmpviV2SHFTPd/VnX9/AAJPOM0bEvVCauDojwLCqp+8N+rEEaAnO8U2c4N3lZV
+uRXkc9ykg7hSkABhcMDOyMdfS8aeGNdNG7lMzFECAQOjggHCMIIBvjASBgNVHRMB
+Af8ECDAGAQH/AgELMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9jcmwuY2hhbWJl
+cnNpZ24ub3JnL2NoYW1iZXJzcm9vdC5jcmwwHQYDVR0OBBYEFApKwMqYEu+XWd33
+pK+wFKQ5rq5KMIGrBgNVHSMEgaMwgaCAFOOU9bFN6duhKVtXi012Bnbh0aKKoYGE
+pIGBMH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZpcm1hIFNBIENJ
+RiBBODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3Jn
+MSIwIAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290ggEAMA4GA1UdDwEB
+/wQEAwIBhjAhBgNVHREEGjAYgRZjbWZlY3MyQGNhbWVyZmlybWEuY29tMCcGA1Ud
+EgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwQQYDVR0gBDowODA2
+BgsrBgEEAYGHLgoLATAnMCUGCCsGAQUFBwIBFhlodHRwOi8vY3BzLmNhbWVyZmly
+bWEuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQAWYPvxz3Jbda4wVMSSHFCln6cWFOjY
+/FpDnZGOxP8u6fMAmZwx77WyPdioz6gLZfuzZMqiY9uTceJ7P8bmR+H23d4NbHWS
+A3bJo0b++cDKYnVFdQc0fpeyry0z+cQKMl1DVlIptM4jqZ7t42+ghlHr/nMh+3pK
+dY7AHFhh/PElvckxgiNTvufvi7fi/J9QFAq+ZZEVJUTCSp9m6GXEk6pjVRknxxEK
+ZxjS0WjzyFUz+vqf93gbwsDBbTD/s4wrTA6y29Qiy4N2ny6c59RTbEm3RC2ldxC1
+uZExb8cAa3mcc0H4UqrYCGsZQxjXvh5CQvYU6t1qsq18Cdt3zo+cYRr4
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIFUzCCBLygAwIBAgIOVY8AAQAC0YZ/+kYzFBIwDQYJKoZIhvcNAQEFBQAwgbwx
@@ -1054,40 +582,64 @@ TjksygtbYvBNWFA0meaaLNKQ1wmB1sCqXs7+0vehukvZ1oaOGR+mBkdCcuBWCgAc
 eLmNzJkEN0k=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIGVTCCBD2gAwIBAgIIMsKCw6ASAH4wDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UE
-BhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEfMB0GA1UEAxMWU3dpc3NTaWdu
-IEdvbGQgQ0EgLSBHMjAeFw0wODExMTMxNDI0MTVaFw0yMzExMTMxNDI0MTVaME0x
-CzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxJzAlBgNVBAMTHlN3
-aXNzU2lnbiBFViBHb2xkIENBIDIwMDggLSBHMjCCASIwDQYJKoZIhvcNAQEBBQAD
-ggEPADCCAQoCggEBALnxABbTU1nL+VCKqmYvYL/7IFRek94m6p3qe8rW9VKxkIKm
-XKhlhXlHVsnx81O+PZhmQClwgnaEinqZaw6PGbCsLHftVc6NhJ3Tgxz1XRdbqzoq
-l9+oMWvuopSKr+ANgvFFYT1Fgfzki9s0RfBpbr/yUO8sfjs/pK9FM1PsVh7CnlJT
-JNVzg7tdJZzcJhwvQ3BeO2kW8qxOvgSLOUvLbiNC387gEki5uQ9K8JHjFAvZYKpV
-Fk0ZGN4enM9v+1cdkgx4dy0Sq0E+0NcJsG+lL0MSNf+fh6k0e8f/pUGxvwQDGIMW
-8LfZWM9uip/6ME9AS7mlGbuS8UutZJDjN48piTsCAwEAAaOCAj8wggI7MA4GA1Ud
-DwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSILdHsZkMQ
-BMdUSyvtEm3/mnndUTAfBgNVHSMEGDAWgBRbJXuWpGVRfrg588B4Zl7oOufw7jCB
-/wYDVR0fBIH3MIH0MEegRaBDhkFodHRwOi8vY3JsLnN3aXNzc2lnbi5uZXQvNUIy
-NTdCOTZBNDY1NTE3RUI4MzlGM0MwNzg2NjVFRTgzQUU3RjBFRTCBqKCBpaCBooaB
-n2xkYXA6Ly9kaXJlY3Rvcnkuc3dpc3NzaWduLm5ldC9DTj01QjI1N0I5NkE0NjU1
-MTdFQjgzOUYzQzA3ODY2NUVFODNBRTdGMEVFJTJDTz1Td2lzc1NpZ24lMkNDPUNI
-P2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9vYmplY3RDbGFzcz1jUkxE
-aXN0cmlidXRpb25Qb2ludDBdBgNVHSAEVjBUMFIGBFUdIAAwSjBIBggrBgEFBQcC
-ARY8aHR0cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ24tR29s
-ZC1DUC1DUFMtUjQucGRmMHQGCCsGAQUFBwEBBGgwZjBkBggrBgEFBQcwAoZYaHR0
-cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvNUIy
-NTdCOTZBNDY1NTE3RUI4MzlGM0MwNzg2NjVFRTgzQUU3RjBFRTANBgkqhkiG9w0B
-AQUFAAOCAgEAYLOgvMJStd5sXT8ry8FlAORLtg9E9Z5RSqFnFyOR4jQqT/6PQaEP
-V36fBMDX17vTypuuaVU6jp0164HlxicW4bKJ+GFdR8f2JEGbi5cwws9CjTiY7yEe
-dk50ejBccmEllvb9V1W9XdfxM2byNdPq2R56ipanljJZyhpeTHU0yXbqWWlJuJuc
-/sHHJV43KK4MRhtFwt0/ykGeFSBtZ4UHNx7XjcNdEJwvTJ5g557d76pw98i/iuEZ
-SZfB4/1yuq+RRUYz3BXlL8AVmresXxD6d1DvbcJFd3lNKQVQ2eAQYdlrKdTgD+71
-oDszMcP8KDuRFXh00ajfU+A+I50yvirH6aMz0qUUUzvO65CuGgHm6HorWzcp1ygH
-En+WZY6IeXmuYTOkDlvFOWasV7Hyz6aYlMOkuh19FdU4oZ42RNbsbe0HJD/VAcXD
-ifPY2TDYsxZ98Xhh0Q/LKtEqfQOX3Q91eCdw1BGA60Vk0hAEUJAxw8oQNzh7cmPt
-Lpk/8hR/VZqFCBpiC8gJZVW8gJASHTaNhZmWtXlnxiBaNNfqf+CWNk1x24cnMsXz
-kL/cCjeO6xgT63dZTllW/MDP17ydrd2AkHuDgshEerlRhFU8FKQrmqg77SmTdGOs
-uyWMPG+2c360UEvIG+3v5iCRNDVfKrt57v0KH25rq/cl2MfNPFPam5c=
+MIIEuDCCA6CgAwIBAgIQI+gpDXGVBBjACFl+QvdIGzANBgkqhkiG9w0BAQUFADA+
+MQswCQYDVQQGEwJQTDEbMBkGA1UEChMSVW5pemV0byBTcC4geiBvLm8uMRIwEAYD
+VQQDEwlDZXJ0dW0gQ0EwIhgPMjAwODEwMjIxMjA3MzdaGA8yMDI1MTIzMDIzNTk1
+OVowfjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVz
+IFMuQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEi
+MCAGA1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAOP7faNyusLwyRSH9WsBTuFuQAe6bSddf/dbLbNa
+x1Ffq6QypmGHtm4PhtIwApf412lXoRg5XWpkecYBWaw8MUo4fNIE0kso6CBfOwei
+zE1z2/OuT8dW1Vqnlon686to1COGWSfPCSe8rG5ygxwwct/gounS4XR1Gb0qnnsV
+VAQb10M5rVUoxeIau/TA5K44STPMdoWfOUXSpJ7yEoxR+HzkLX/1rF/rFp+xLdG6
+zJFCd0wlyZA4b9vwzPuOHpdZPtVgTuYFKO1JeRNLukjbL/ly0znK/h/YNHL1tEDP
+MQHD7N4RLRddH7hQ0V4Zp2neBzMoylCV+adUy1SGUEWp+UkCAwEAAaOCAWwwggFo
+MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFAh2zcsH/yT2xc3tu5C84oQ3RnX3
+MFIGA1UdIwRLMEmhQqRAMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQKExJVbml6ZXRv
+IFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBDQYIDAQAgMA4GA1UdDwEB/wQE
+AwIBBjAsBgNVHR8EJTAjMCGgH6AdhhtodHRwOi8vY3JsLmNlcnR1bS5wbC9jYS5j
+cmwwaAYIKwYBBQUHAQEEXDBaMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2Nz
+cC1jZXJ0dW0uY29tMC4GCCsGAQUFBzAChiJodHRwOi8vcmVwb3NpdG9yeS5jZXJ0
+dW0ucGwvY2EuY2VyMDoGA1UdIAQzMDEwLwYEVR0gADAnMCUGCCsGAQUFBwIBFhlo
+dHRwczovL3d3dy5jZXJ0dW0ucGwvQ1BTMA0GCSqGSIb3DQEBBQUAA4IBAQBRIGBe
+Zq1Fsbn2DNEa8X4lqAp6dMtsZdHXlGLBWyKMHtnO8xjJyWxhVe5O2cbo8h67s5b2
+XG2q9ikXlPzuyoAlN/jA35DS+Qo9wPbw07O2vvtdgAG19POKOS2AKTtWPfu8UPSV
+scnBz7GHvBOCkCxGFb3v/AMZnjgExPgtCoIwMlcFFAHCRzUcTT+z9l2zc9aBp2gG
+35rI1cW3RlIk7orNZl6awHIV1gFalXHZ+3olO6IRpWClXFTYdnTKxBL8Wq5WLr+l
+6Z+V4cIL/T0+BY019U8zYayYZDXb85FQlULTvPcOO3YTaUdwHiCHCiiRKl7pqqky
+xLYz+f1feWUhrGop
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFgzCCA2ugAwIBAgIPDhzYzUUyWkcAUQyqwtseMA0GCSqGSIb3DQEBDQUAMDsx
+CzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJ
+WiBGTk1ULVJDTTAeFw0wODEwMjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJ
+BgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBG
+Tk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALpxgHpMhm5/
+yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcfqQgf
+BBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAz
+WHFctPVrbtQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxF
+tBDXaEAUwED653cXeuYLj2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z
+374jNUUeAlz+taibmSXaXvMiwzn15Cou08YfxGyqxRxqAQVKL9LFwag0Jl1mpdIC
+IfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mwWsXmo8RZZUc1g16p6DUL
+mbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnTtOmlcYF7
+wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peS
+MKGJ47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2
+ZSysV4999AeU14ECll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMet
+UqIJ5G+GR4of6ygnXYMgrwTJbFaai0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUw
+AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFPd9xf3E6Jobd2Sn9R2gzL+H
+YJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3
+LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQ0FAAOCAgEAA6kGfD2AupaI
+v2NYWHer7JvK92qJbn9UhdwED4wvjJ4AfBiGXys7JAP4dfjxUjCHo+siH5mNPrvq
+gZBF/fxLngMO8D2wQKS2M4N4IzaML4u8nR0fA97caXfR4kD+NzQr5KgKfGR4AJiQ
+fHPgDPttGmpyPST21rdoJHo4rx78uFVkAoAnPuCfU9IWDoCMp7i0gNtD90C1dRsj
+nHgiv3U1Lsga9lAaYuDRefPgdppm1oVyrNyjyxQtDNnERdpV4xTYuzW21gSPrGrH
+1hEvd9dKQN1ZAqnaZ+GwIeV+l3+J0vPv5mED0VwMUAHwg4euAS7dMO9GhciRvN0z
+C9wjX1//IerBy4TqALVSfv17PHk5d+WtuImsyZvX0ZjhC9VGk/pGQDn+XVkizcpe
+/ZAbzpBQj7jY+D7N7rpwxmOswwXSz8g9v0agQ+hvBRqF/zuMkMJB8Z9kB/pSuMQG
+BEOl7zbbA+PtutS8+Zb+A4uDNmKx2AJqflBwySzpskpK6lvX503hJbcct6BQfBLE
+zHMKWPxBag4AKlqB4N+hIV7/UuCfm6WssH/JWFsfvSJg30r5mGVJ1LeQ1TquDrMA
+hJoeio0BGz+Ph/knnebw5ojiXF9ZaVu659DKpUGzwZbkbTskdZMJM01YNFwzqk+m
+gC3AQfs2sTc9RSk4TP2sxl83jmWuBt0=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEajCCA1KgAwIBAgIER4af5TANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQGEwJV
@@ -1116,145 +668,212 @@ NmGrJH6f+C0/kiljvssQ2w1ANgKg1BeijX9+fJmvRVpAzaJrXL4O89OH/KEQyqoz
 t7pLwD2kIYwXnM/Yv+ZX/s3r+jAa1f7oJZepvjvq
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIENTCCAx2gAwIBAgIDBHpSMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTAeFw0wOTAzMDMxMjUzMThaFw0yNDAzMDMxMjUzMThaMHcxCzAJBgNVBAYTAlBM
-MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
-ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGzAZBgNVBAMTEkNlcnR1bSBM
-ZXZlbCBJSSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOCxNCMc
-PIeS6Xq/bR1bWZFiLo8WLD1YFGQAXmWYELCk3SY2hlT+uAf6IhFeR3dwMUamme3U
-UbH+D4Pz0kv9ph0UEP0h91wAm6wx5rnA72ILVP1qGcqfXej11T2OI+yebf+drPhG
-2Q+bMErkCxo2fYsIPbF19yXSfU8vgd8/NKImo6StAcKgMa3F9w3pBDpJ4+y5ADiu
-orkCiPOURI+CFW/ZA+yiiFnSEhm3y+BM4f0z+dXtC/1oUye5R2x20cxXz1P6It0M
-rebRHsazynvujfia3o3W+WGuzXt7Srow1OypWzvnZ6cxR+1R5ATyXECe0FK6az2q
-lbFYNySdT106lZ8CAwEAAaOCAQEwgf4wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B
-Af8EBAMCAQYwHQYDVR0OBBYEFIBiEd7Aa6cQ4QjwVbQwg7/6jwhgMFIGA1UdIwRL
-MEmhQqRAMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8u
-by4xEjAQBgNVBAMTCUNlcnR1bSBDQYIDAQAgMCwGA1UdHwQlMCMwIaAfoB2GG2h0
-dHA6Ly9jcmwuY2VydHVtLnBsL2NhLmNybDA6BgNVHSAEMzAxMC8GBFUdIAAwJzAl
-BggrBgEFBQcCARYZaHR0cHM6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0B
-AQUFAAOCAQEAsNjXnyR8Fw+yTKdUAQlhhK+kioXhh06Nxn7mrFWDHBZwFjDvp1up
-CXpLp+4a5J8nXK5ULMLiipBq+gCOTw/JBG9HOEhdCO802JxGDTL67lHAxECAVkGV
-IJ2++3p96m/iomkc3ZZDqVYG7BWT1YzsHOWjNxmDwI0bRIcHqNwwdju/RHjP822w
-QWhR1N4jFg8UcjUjSpinAT9kTn7aVADeqhuhdztaW4yTYppRNsxySwShk/c0NC2p
-0siT0H1k+muyUirojTGXFsc2FUcr8MQtFuV2PeiP7Qs++4aOB6acu5ROf4bnKWpW
-z5sMktU2b849oYkS3RbEhar/71/cMkYbrA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIENjCCAx6gAwIBAgIDBHpTMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTAeFw0wOTAzMDMxMjUzNTZaFw0yNDAzMDMxMjUzNTZaMHgxCzAJBgNVBAYTAlBM
-MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
-ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxHDAaBgNVBAMTE0NlcnR1bSBM
-ZXZlbCBJSUkgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfUZZc
-S3wuSUcINT8L7UkdKmpeWGhNCNc/eJdyMUTcYZT1lOnTzZ0drfHk+QeR+f6kCZz7
-x54x4xsD3Pz1xUsiqa26p+GVZWOsK+KA/WF2Z+jEpDz+dOh2eB5JpRR53HSmn7YS
-iq4NWfxagCWYwEic28sPd+eG9bLH1k67h1AGTnb1t4wof1/i2uowieREhu5V95V5
-7wyIyn//XyUS7ymkw9/IUZ6LEJVX+urdN71Kpl9qlUXXvPOVUrMU8w6JOhO7gEA8
-y6D6jtKmRHLcN/4Ug+0Ag/GQEfwO8UPsbfBzA8sMfteClhw3zufuKGSrtW8GWqAE
-SrYNe1Wce2sYwlrHAgMBAAGjggEBMIH+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
-AQH/BAQDAgEGMB0GA1UdDgQWBBQEydqa3EpJd68wAwRmLsfO8vgXfTBSBgNVHSME
-SzBJoUKkQDA+MQswCQYDVQQGEwJQTDEbMBkGA1UEChMSVW5pemV0byBTcC4geiBv
-Lm8uMRIwEAYDVQQDEwlDZXJ0dW0gQ0GCAwEAIDAsBgNVHR8EJTAjMCGgH6Adhhto
-dHRwOi8vY3JsLmNlcnR1bS5wbC9jYS5jcmwwOgYDVR0gBDMwMTAvBgRVHSAAMCcw
-JQYIKwYBBQUHAgEWGWh0dHBzOi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcN
-AQEFBQADggEBAIvCzDjOR2ApbA5IvG47OAoN4BefeTwRspwdkMm9vwOiWfKwVOI7
-kh+pb2MiF5xYpEEdYeuZJCjwcMcqzOgZ4CiQXOQ0kdFQaPxuxX9kijCPhm0sWVRi
-mGGiXSs7KLBx/vRcaFjm/NNhlwQ6z+yx3XIfc26Zc8hqpF993Z2ei4x76sXsd/dk
-Du3u5a1GzBplTq9EHW5nZENquQxv1gQfX+Ua4Dmp9a/9tchmbDMPc+VDIaT99SO1
-cfHS7OyzUX0Ew7mZfEyeRo3N9GP8To60q8eCyJNuBEySttNcHmGKKiM2bjjSPqSv
-HnXaJTMwWP7o0/krJu183xKbIVOaDLEafn4=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIENTCCAx2gAwIBAgIDBHpUMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBM
-MRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBD
-QTAeFw0wOTAzMDMxMjU0MjVaFw0yNDAzMDMxMjU0MjVaMHcxCzAJBgNVBAYTAlBM
-MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
-ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGzAZBgNVBAMTEkNlcnR1bSBM
-ZXZlbCBJViBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOYSRB6k
-ZWCQ5KIsqK5msC+Qfjqyy5wJbnce0YLTFKhWWd+mG0zP3qX+xkH3T3BX/cUuZkZg
-rh6TFv0Bj1AOaTPa6pTTRcVR2+iXoUG7J3hu+C4d+AgC0jzw1ZsFrFi1TKfpqixW
-GcTC5MovT7+8msZua81TmSOAqOUKlWnus1Ns+dfKJ+tw+LfNpWQSvY+XXJUxT/MV
-HBHBnPEv8ch89ZCXgqKAQLqH5U3cpMjFx1kXsqcfiAKqMFqm9jK6yRnSlT0B70wQ
-teFsmGnyna+6Dp4I+fFycS7k3xEetEyqFgk0UjmgjEvYV0pzgZU5w/fDwhZ6FLhK
-1Q9zow3Uk3/+oQsCAwEAAaOCAQEwgf4wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B
-Af8EBAMCAQYwHQYDVR0OBBYEFM1KRsoDZZDmMRAagsalHF7RUM8fMFIGA1UdIwRL
-MEmhQqRAMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8u
-by4xEjAQBgNVBAMTCUNlcnR1bSBDQYIDAQAgMCwGA1UdHwQlMCMwIaAfoB2GG2h0
-dHA6Ly9jcmwuY2VydHVtLnBsL2NhLmNybDA6BgNVHSAEMzAxMC8GBFUdIAAwJzAl
-BggrBgEFBQcCARYZaHR0cHM6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0B
-AQUFAAOCAQEASSlE/tEhmPIAHkEeseWn6iJzB7QFMtxJQO4vzsDXZNWqaNYv7NL0
-G2py17bYmrDR2gGUx9VeNAm9A8L/n4PrfTLVx9Ob8u/IgjCjo6szdxxYk2Jh258w
-JsLb+yJZ0AIjyvQMN1zx+EMF65vrW0QbMdDgmeHf4NNW7SRZZNoAtf+2uI/zJaKU
-RdHV9NUwUFkhop67yBrtWK1YXj9Z9QwEakvq4MeGSqY/Hgx0QToSgrxFaKPmgOoG
-eAHwmnQj9WgR2Z69/e0pMrUgFc1JjQMjsvUHureXSEvlL8kEA7e6K33qFwrBHUNq
-c8dbng5hi1e5YGCfREE4G3fKAsvLAJ5Xww==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEuTCCA6GgAwIBAgIRAMU8GL+PP5zHcwapxqE+hOcwDQYJKoZIhvcNAQEFBQAw
-PjELMAkGA1UEBhMCUEwxGzAZBgNVBAoTElVuaXpldG8gU3AuIHogby5vLjESMBAG
-A1UEAxMJQ2VydHVtIENBMCIYDzIwMDkwMzAzMTMwNjEyWhgPMjAyNDAzMDMxMzA2
-MTJaMH4xCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2ll
-cyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkx
-IjAgBgNVBAMTGUNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EwggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQC2WbjWcRnHoJcjIywSItrmuvILxCLKm1VuPTFB
-I0275U7w2wFKlVlfuAuHHI+2cILXVzUjIu8CObDDAmiEax1S/BVe2n9s2+CZVX+A
-buj6N6aDl05QAc52lXjXpKjK+9Fdx8vV+yD6Y273p2XnlxsibXzgKxYphWp9Lw25
-3imjPts7emJ3VFyCujZAEppCQb2yNyEHiCsRpPO0x5a4YtZ4Hi9gP03q6girACza
-MFWF5qe0UILRVm8k565nFSV1dZwXpOTogA1wQZrzHd8czfaQGqFAuao/H05FpQGF
-bngkqChwqQ8XjsTyri1mJhyezqvdK9O15PzI/zIEl4GPT4XzAgMBAAGjggFsMIIB
-aDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRFxbKGTszdKZfk3RTEbq5NuMF3
-+DBSBgNVHSMESzBJoUKkQDA+MQswCQYDVQQGEwJQTDEbMBkGA1UEChMSVW5pemV0
-byBTcC4geiBvLm8uMRIwEAYDVQQDEwlDZXJ0dW0gQ0GCAwEAIDAOBgNVHQ8BAf8E
-BAMCAQYwLAYDVR0fBCUwIzAhoB+gHYYbaHR0cDovL2NybC5jZXJ0dW0ucGwvY2Eu
-Y3JsMGgGCCsGAQUFBwEBBFwwWjAoBggrBgEFBQcwAYYcaHR0cDovL3N1YmNhLm9j
-c3AtY2VydHVtLmNvbTAuBggrBgEFBQcwAoYiaHR0cDovL3JlcG9zaXRvcnkuY2Vy
-dHVtLnBsL2NhLmNlcjA6BgNVHSAEMzAxMC8GBFUdIAAwJzAlBggrBgEFBQcCARYZ
-aHR0cHM6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQUFAAOCAQEAdkAS
-JUhem+q0pqo1NwySqtBsF3zHbnjHJSg0XgWeFIQ29r+C7OXsmvo5xGyVC9P367ZA
-OIee86xq8nZ+cyanadrTixrL3A5D2nAdyi9NBiaVzqKoIKSiYGlOdB4p29Ij72sQ
-I1+/5oHpvxPLf8ZKp2pAWvE+zyD3EUmTadyT/Jq0tmhfZQ3O6ZjHpjaU68Mh+mSY
-eTayqMQMlBjg9E9whZqGDtAFtrBM+SFE1WGf9OsOsiLJx/dlhSeUWLKbzqMlvGry
-lvIDrZJueSPZss+njbuL4ov9IghC0QbbM/DWcAFnp0EneYpQHO+/dNs4HVW1M0iX
-U/r5z3rVPH9ZcaWOkg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGqTCCBJGgAwIBAgIJAPeSt8SBjARYMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
-BAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2ln
-biBHb2xkIENBIC0gRzIwHhcNMDkwNjEwMDkyOTM5WhcNMjQwNjA2MDkyOTM5WjBN
-MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMScwJQYDVQQDEx5T
-d2lzc1NpZ24gRVYgR29sZCBDQSAyMDA5IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQDQnYs8uZZJHHloM5ucf7q7XcRN1Bl8QMoZiruC8oPmghom
-gZyb1qF0nAU/qx13UhcGWrV0goF/2Z8nMUGHjSeHuU65AS6rxm83XvnyI7rLKEcg
-4XXgibW3+bKldwjYfgPujGrZXC8gwx3jA+uF35VMIYpkWayAbl6kmoIsN7s7ZOVw
-T9gRIyZ+GVhFGgmeYGlUYEY1dQ66nMhwQQtTfVcMIiJPbBnppxU+5D0LM7vOwRX8
-tsEOVZyojP3bDqtHo/iWkeMPYSazOEdq4BB0QSc1mXVnu9Vh/NjBm00d0Agd/KsQ
-Nn/pR+tbgUYkiBhnu3oJ+XFNBsyFrOxGLJkg9P6fAgMBAAGjggKSMIICjjAOBgNV
-HQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUiHRGbcd8
-tfpycRnevydeDWjg9ycwHwYDVR0jBBgwFoAUWyV7lqRlUX64OfPAeGZe6Drn8O4w
-gf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lzc3NpZ24ubmV0LzVC
-MjU3Qjk2QTQ2NTUxN0VCODM5RjNDMDc4NjY1RUU4M0FFN0YwRUUwgaiggaWggaKG
-gZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049NUIyNTdCOTZBNDY1
-NTE3RUI4MzlGM0MwNzg2NjVFRTgzQUU3RjBFRSUyQ089U3dpc3NTaWduJTJDQz1D
-SD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JM
-RGlzdHJpYnV0aW9uUG9pbnQwXQYDVR0gBFYwVDBSBgRVHSAAMEowSAYIKwYBBQUH
-AgEWPGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduLUdv
-bGQtQ1AtQ1BTLVI0LnBkZjCBxgYIKwYBBQUHAQEEgbkwgbYwZAYIKwYBBQUHMAKG
-WGh0dHA6Ly9zd2lzc3NpZ24ubmV0L2NnaS1iaW4vYXV0aG9yaXR5L2Rvd25sb2Fk
-LzVCMjU3Qjk2QTQ2NTUxN0VCODM5RjNDMDc4NjY1RUU4M0FFN0YwRUUwTgYIKwYB
-BQUHMAGGQmh0dHA6Ly9vY3NwLnN3aXNzc2lnbi5uZXQvNUIyNTdCOTZBNDY1NTE3
-RUI4MzlGM0MwNzg2NjVFRTgzQUU3RjBFRTANBgkqhkiG9w0BAQUFAAOCAgEARJJo
-SpTCFSg5U+D4W8Cdc7vxEr83McOZY+D1fX490SAv3sDJ7XcbdXODL5m4UeK4s4bg
-UR1ZgCFiK8A4GRFpIvD4qse8E+Z20PGbQmtlSUIJztL3y3y4hLcM2Vt+mZz7M+aN
-xVlFbIrje+3PwgnvDTrIOLNt+LtV/uonA4A9SpAxlUCroFfSpfA71a3SJll/C4OG
-uvPZjHuX1ResF91+JJoyCiHcdi9h6w0yEf29zXdzKkUsaOZ0CikPTKdCZQ4MbIGX
-D5qMY65PK0mpT7uAt93ZIITXfQs93RWJWZtF7HrHGjIeloeKkXofsylmqP3JfgeV
-/mjuYz/9HS5MAxVE5+Wcb08tMGaoqSRxYhnv2Tmx2s8mPHyCXocgxMhXJtCN++Ba
-oO7JQRXeoiUZzIMac67dWb3rScOtEdF4lkIWB0yyts6LUPJtXXbRog3EI3i65ofc
-nW3ZdQijbE5t3F03yY/qRoHO8I/Be3qe1zk+7FCpjx7B8VLB1+lajfvLml0sgvCY
-O/O9/RRmqFhdhfDnsPj/pWkM6nKu8KjXX6WZmW6FTuC57yG81dI2AYqoO3qlzDdt
-IgVXouBar3TAgWRIka5FsxudaWOUK+Mj9TiKSQBYglHWhkdlEUpjOZfZhHKkMht4
-Y5mbkvu5+9xcWGhKNBLBq/isdBPkyfLVeVWxxkQ=
+MIIEUjCCAzqgAwIBAgIJAOiEljmrZhBaMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G
+CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTAzMDYxMzI5NDNaFw0z
+ODAxMTgxMzI5NDNaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx
+FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp
+Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o
+dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP
+kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc
+cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U
+fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7
+N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC
+xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1
++rUCAwEAAaOByDCBxTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTLD8bfQkPM
+Pcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAO
+BgNVHQ8BAf8EBAMCAQYwGwYDVR0RBBQwEoEQaW5mb0BlLXN6aWduby5odTBFBgNV
+HSAEPjA8MDoGDisGAQQBgagYAgEBAQUAMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j
+cC5lLXN6aWduby5odS9xY3BzMA0GCSqGSIb3DQEBCwUAA4IBAQBuIO2Pc5wi0aEM
+ZEFoV+InAwjcwb4u5Bt3gA8BBpk2uRBveX+E5Iu0dNWjcrOQZuSAqndnH5q/OFoW
+J6uAvbf5YyAdZOGAHPl0RemduOyMG0ex2bpLEv6DqggOzHPI9r2tC0vHYpjdPJw8
+w/kNaD6Fgp7J2fKMutUX6zky8beFyRQOTld6UUXQgVfq3PSvf857c3I2xj0Gfkcd
+fuNLJy3cok3slorMyaLzjtEchP9dGWeovJg5heIl77KWH4LlfZcOQFMoo92zH9k2
+suDnM1LNowI/5I1sk6YAevotGgi1uZ0qqDfL5Ygrqr5rYqCmqgImSr0ChKWMe85D
+1fmQ39jR
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIPzCCBiegAwIBAgIBAjANBgkqhkiG9w0BAQUFADCBrDELMAkGA1UEBhMCRVUx
+QzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2Ft
+ZXJmaXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UE
+ChMSQUMgQ2FtZXJmaXJtYSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNp
+Z24gUm9vdCAtIDIwMDgwHhcNMDkwMzE2MTcxNjI1WhcNMjkwMzExMTcxNjI1WjCB
+qjELMAkGA1UEBhMCRVMxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjESMBAG
+A1UEBRMJQTgyNzQzMjg3MUswSQYDVQQHE0JNYWRyaWQgKHNlZSBjdXJyZW50IGFk
+ZHJlc3MgYXQgaHR0cHM6Ly93d3cuY2FtZXJmaXJtYS5jb20vYWRkcmVzcykxHTAb
+BgNVBAMTFEFDIENhbWVyZmlybWEgLSAyMDA5MIICIjANBgkqhkiG9w0BAQEFAAOC
+Ag8AMIICCgKCAgEAmbHxFEYTJmMdPcYiPlWUGZu2+tQo4voohYi3dwCwoVuGdHSp
+kyoqs1B3YGx4u5KT4n0A7+Bb8YQ/QzbNy7UQ4JXAK+rT8JpNeKIvfN4lHnQJaChE
+4fdn0KpvHWymaNq2k+EbQClquZB6OsTLvsivwSuSnyLcUw5rbajj53wq77fwB12y
+phMjwz2AnD1BvHZd3vLOaH1jRQP3zzNmyjT/Oj6+jdux7SBKlJWgQEaKflwcvYyc
+DPFPhGM4KPwEGX61PCrS+l8Lw0Kdy6K4lE+GrfgJrXM5m1Ey1R0c9McYQQPAtYcm
+cOnHHgkJdEAFVDa76T9C+lcMP6DNckbJIyc/ENrmM2v4rq/JnsJKEEx0VLyLizQx
+cGU3gp4ckg0ImQ9hV3H/DLWEqfrPuD++zaV81gpstnc9+pLg0Jibvwg3qvIr7nS5
+acc//qqxH0iJGYoStHW5J5HoM9HcBvhACq5rjzjrNLPYSJqbPJwBHKcql/uUjQ6S
+SVWe3/CeJp6/vGuY1aRXAk9c/8oO0ZDrLKE8LsUgZesTLnWGd1LQcyQf6UMG1nb9
+5C3eZRkCVpKma6Hl/SUQNukerlbLOU9InFGNPdeEVq1Jo62XeEi8KMbTPdXou6Yl
+rpe99dFnOUjVOdY7gfBGSgIVJjORqf/V70jwsxcYz7j6PKl0XulJs06vpSECAwEA
+AaOCAmowggJmMBIGA1UdEwEB/wQIMAYBAf8CAQIwHQYDVR0OBBYEFMgAD/zGUvyf
+2ztkLjK5bi5x82V5MIHhBgNVHSMEgdkwgdaAFLkJypwe29NsOmuu7VTxW5MGNS5e
+oYGypIGvMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy
+cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG
+A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl
+BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwOIIJAMnN0+nVfSPO
+MH0GCCsGAQUFBwEBBHEwbzBFBggrBgEFBQcwAoY5aHR0cDovL3d3dy5jYW1lcmZp
+cm1hLmNvbS9jZXJ0cy9yb290X2NoYW1iZXJzaWduLTIwMDguY3J0MCYGCCsGAQUF
+BzABhhpodHRwOi8vb2NzcC5jYW1lcmZpcm1hLmNvbTAOBgNVHQ8BAf8EBAMCAQYw
+PgYDVR0gBDcwNTAzBgRVHSAAMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vcG9saWN5
+LmNhbWVyZmlybWEuY29tMH4GA1UdHwR3MHUwOKA2oDSGMmh0dHA6Ly9jcmwuY2Ft
+ZXJmaXJtYS5jb20vY2hhbWJlcnNpZ25yb290LTIwMDguY3JsMDmgN6A1hjNodHRw
+Oi8vY3JsMS5jYW1lcmZpcm1hLmNvbS9jaGFtYmVyc2lnbnJvb3QtMjAwOC5jcmww
+DQYJKoZIhvcNAQEFBQADggIBABNYG4jBwoI7e8pCuUyDc6rwpE9H6AgrUdL7O1xK
+TgTjDGBrMOBK+ZPS4Si8J3yZngvSrL694a1HmiiblJ+CmCdNGli2nBBM+OPK3tQB
+4TW6hgkIe3vSNg/9o9y6+MAJcm8Kn0nPCBkSRME87NwvpehtekuF1G2ng1KDVwAn
+F+eCXfNanEwY++vWbJAuPE69Z/0+rCgNyH1PzihiNu6vrUlSlLWKaG34O1DEttX+
+SsWTpEbpH9w5y9Vmw6WQ/B5nfhPM551HaMbiGgSxT9jHmf8APYQ3iT8EktcdTAdw
+m1miiyxfKG+WjPT7P/x8Np1spJZw+sNIDTLdZ0T1XQ6obVkBTFUDSULKW8949HDu
+VSwdl9Hu9lkDzzh9tyVYwwjEWVFZOiD/4TPVLfphf4ZEiyHt5YpNd9kZJIGGDxdc
+CdtzPm2dQODFpv72LnPQHbuBQPJ71zkoAmyeM/1Qj0DlrFsPcYnbRasck1VmYgDc
+Xc0+is0wcgCd7Gpx1zpEeVqwMD96am2xZPzd6nsbXvo+6TzsKLRMJo6nOERwrzuI
+F+/eq3WXxYMt2UenJsHqwSgPJRMdl3SFz0+SZN0viHeLuwb7qaHN74qC6GP8yHGp
+2xe6Z11mJDPLDSrQQ2dOceSJ1LurJgLP7amYmFlWwVnmM7LnfShhMWMV+MDrICnL
+2ksL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIETDCCAzSgAwIBAgILBAAAAAABL07hS5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0wOTAzMTgxMDAw
+MDBaFw0yODAxMjgxMjAwMDBaMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBD
+QSAtIFIzMRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCV2kHkGeCIW9cCDtoTK
+KJ79BXYRxa2IcvxGAkPHsoqdBF8kyy5L4WCCRuFSqwyBR3Bs3WTR6/Usow+CPQwr
+rpfXthSGEHm7OxOAd4wI4UnSamIvH176lmjfiSeVOJ8G1z7JyyZZDXPesMjpJg6D
+FcbvW4vSBGDKSaYo9mk79svIKJHlnYphVzesdBTcdOA67nIvLpz70Lu/9T0A4QYz
+6IIrrlOmOhZzjN1BDiA6wLSnoemyT5AuMmDpV8u5BJJoaOU4JmB1sp93/5EU764g
+SfytQBVI0QIxYRleuJfvrXe3ZJp6v1/BE++bYvsNbOBUaRapA9pu6YOTcXbGaYWC
+FwIDAQABo4IBIjCCAR4wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w
+HQYDVR0OBBYEFI/wS3+oLkUkrk1Q+mOai97i3Ru8MEcGA1UdIARAMD4wPAYEVR0g
+ADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBv
+c2l0b3J5LzAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmdsb2JhbHNpZ24u
+bmV0L3Jvb3QuY3JsMD0GCCsGAQUFBwEBBDEwLzAtBggrBgEFBQcwAYYhaHR0cDov
+L29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIxMB8GA1UdIwQYMBaAFGB7ZhpFDZfK
+iVAvfQTNNKj//P1LMA0GCSqGSIb3DQEBBQUAA4IBAQCEoC43NawzW3zon4NAFHyN
+pYt78OCtkg54Svim/MYJvY8eKFoLqOlXq1Vfgq8X9R8EGPdPZgQEAlaSeI0Kq3tD
+kDPTszDB/LCPEHQ8YfdD0U79gW/i+qEIxVgWjEI8fkicCoYZ53t+tBA2coWHolAp
+oVGPjzExxRjr38amGTUASjzUW0Od5S+36Vshf6UF6EkPYhxFR6tDvPOA+l3Xoplu
+Cpf7CvC062JRhygAcgZLFHDsyleOhej7GfJMo4+H6yZZfWxjXUZPD5ZBF4+dIPG+
+04crOgCISIiXUQa5Xs1DaGQKOw+V7sqCTLXWOcndRhi9jFUaqrJWxHWrFdezCwju
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGjCCAwKgAwIBAgILBAAAAAABIBnBkGYwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
+b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0wOTAzMTgxMTAw
+MDBaFw0yODAxMjgxMjAwMDBaMFQxGDAWBgNVBAsTD1RpbWVzdGFtcGluZyBDQTET
+MBEGA1UEChMKR2xvYmFsU2lnbjEjMCEGA1UEAxMaR2xvYmFsU2lnbiBUaW1lc3Rh
+bXBpbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDDLcSDU1o
+ijPeNgXwPLr12s0OU3tGn4LyYhPXwXetu4E3fk8ek4HBBiLaHVCExpeVkqmTtj2r
+hnkZVH0OFgRMxIiXLMahqF8VOtJkK8w+DHropFaxHrvPhM6NNTo0nGwtwHe1MKkf
+Z+Y6CUQ6Q3JBopHDRpoftrmnD68cdRtkJecIbBRH9Uca3o7qomOVffWorVWiZJty
+b7kCcz85ijlcxP6P+xGcvRAZSWPQQyKL1quSmXQUzzAHvk+9/YqPnlrfbTzMWplQ
+kLmtwpdDwl/tzTM9h8zBoFupYjt4fWSjrE0fK9cDEWxxVIqwq7Ec1n0j20AHNybb
+UK84PaYHdW+XAgMBAAGjgekwgeYwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0OBBYEFOjC8cQy3DM1N7xldvWcFy4XRSz+MEsGA1UdIARE
+MEIwQAYJKwYBBAGgMgEeMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2xvYmFs
+c2lnbi5uZXQvcmVwb3NpdG9yeS8wMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2Ny
+bC5nbG9iYWxzaWduLm5ldC9yb290LmNybDAfBgNVHSMEGDAWgBRge2YaRQ2XyolQ
+L30EzTSo//z9SzANBgkqhkiG9w0BAQUFAAOCAQEAXfbLKw0BQISfhXpDcGrgxeeq
+BgDXZxPJCJExZU8UqKkF3DieaqAwCr2Nx4Ao7kJFypTz3lhFqYAyBPVZXGpwADkn
+lE31tEY06BxTMbKzVBbpzEKr1dlZMBz7RicluIcjseh1iCSDHsh2N3sBSUVIpO3i
+XdJ8nKLcLboQWhJiZauuAMcQNDvLcr0UJAzcw3YntKf+4Vgp8g4Wn5E5HYmm5g8c
+h4ziWKySfiQ+quwU5zozNIvGO6yDqw8UYnq6Gi1NSxvFMPALknl9PHjg+ObSFZZZ
+mTkrMGHouPjAoekiFBF4fcTcib7Au5Thcq7rtUBAT+8XHlhe0KiJlqySKOm6vw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEUjCCAzqgAwIBAgIJAMJ+QwRORz8YMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0G
+CSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0wOTA2MTYxMTMwMThaFw0y
+OTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3Qx
+FjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3pp
+Z25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o
+dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvP
+kd6mJviZpWNwrZuuyjNAfW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tc
+cbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG0IMZfcChEhyVbUr02MelTTMuhTlAdX4U
+fIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKApxn1ntxVUwOXewdI/5n7
+N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm1HxdrtbC
+xkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1
++rUCAwEAAaOByDCBxTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTLD8bfQkPM
+Pcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAO
+BgNVHQ8BAf8EBAMCAQYwGwYDVR0RBBQwEoEQaW5mb0BlLXN6aWduby5odTBFBgNV
+HSAEPjA8MDoGDisGAQQBgagYAgEBAQUBMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9j
+cC5lLXN6aWduby5odS9xY3BzMA0GCSqGSIb3DQEBCwUAA4IBAQAHRNyl0iqLjWf/
+d5WkviojWWucrZVtnhAwzvJTVRZ4ZrQSsh4Uu6/0zr+cOSlX3N32UMm1N9Utyf5N
+eWy17Ze4o2xfRJEwycDaySaRR3AsBY0NaZsnHsneRvFLYny3qh0azV/6+DfNG2tq
+9zY7zc9o6S9hbfoNxdpjffdFsuVqxVmk2TjGa7lZnMJga3JMDxFG4tdRoGhmS68z
+HDglRrcYPi5zlZeebRyLcTa1J5fc0rkPUYfldnjGyxMc6yBdeTyqU0bbgJvjmJEU
+ChOvPJUiHUmO8oz7Gb7SkHrhk4apyYClA9rRuxTxXbFPgOnomN/zVIs8zvDLINUW
+G1jzE3Nh
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3DCCA8SgAwIBAgIIUzAV4JqeuGYwDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UE
+BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
+cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0wOTA4MjUxMDA1NTRaFw0zMDA2
+MTYxMDA1NTRaMIIBFjELMAkGA1UEBhMCRVMxJzAlBgkqhkiG9w0BCQEWGGNhMUBm
+aXJtYXByb2Zlc2lvbmFsLmNvbTEiMCAGA1UEBxMZQy8gTXVudGFuZXIgMjQ0IEJh
+cmNlbG9uYTExMC8GA1UECxMoQ29uc3VsdGUgaHR0cDovL3d3dy5maXJtYXByb2Zl
+c2lvbmFsLmNvbTE0MDIGA1UECxMrSmVyYXJxdWlhIGRlIENlcnRpZmljYWNpb24g
+RmlybWFwcm9mZXNpb25hbDEtMCsGA1UEChMkRmlybWFwcm9mZXNpb25hbCBTLkEu
+IE5JRiBBLTYyNjM0MDY4MSIwIAYDVQQDExlBQyBGaXJtYXByb2Zlc2lvbmFsIC0g
+Q0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6ueMJNjb6i6tdxq
+8ak6BWbjlZ23jEFapQyGdYLolQAY94yiPaX/i3XEJEqanwqlfG63okc/PWRl/le8
+Q6QhJVTNR4yOaVxbGFvF9nIk9T7425YChgqoru0T/o8iU6ItZJ8byZSHiuZnycOw
+EFVZ6eQX9CyvJ/vNhCMW1iXTuQKLckU3CSSAPHKYEE0m1FMhbArWazbI0eFk8/9V
+HFf9/ZyyyaThZEyE+OFs2i8r7fADsd7wzeFxSjajVouFOnOtu0YUV6vpl4hCcNqs
+N4A5TupRCftPx9l5r4dOguCJLNBq6JEPejb73sFU3HFviXTcVpVhXUxpLQzOf6xN
+ZD0bUwIDAQABo4HwMIHtMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU
+Zc3rqzUeAD5+1XTAHLRzRw4aZC8wOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2Ny
+bC5maXJtYXByb2Zlc2lvbmFsLmNvbS9mcHJvb3QuY3JsMA4GA1UdDwEB/wQEAwIB
+BjAdBgNVHQ4EFgQUi1BXWsG9kgCmt+WFXcPdtrWGkNIwSgYDVR0gBEMwQTA/Bgor
+BgEEAYphCgoBMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuZmlybWFwcm9mZXNp
+b25hbC5jb20vY3BzMA0GCSqGSIb3DQEBBQUAA4ICAQBVflkYOaplyB9sBjEEfyUz
+pFFUdI3xVJTBPLLBPz9t/OwfK7Xzfanm/QLQTID5gcOUpPaSUFrh98al+RUSLDHC
+wKwzniwjQpZs2ggp+n8XNSVeX+oSS+okj4ovOT7JbY0IY9XVt3rhffCvppptEqqP
+aSqbo6Cq08vZ+lgGRXmekdvT3L44NUQtgfjnF9lUoXoZXiCMPjM0rHzZTFBv0Itw
+Xjhn6TdZoOUHZJN9LROctr0FuRzOjVfIvInuq+zIqXfzqsLXM8i3ONva+nlmDC/a
+2sqkCi2oyAa4OvRAaS4YO6c1PPe2A+JHDuIRjT1u7IDZBQqS1vWsu4r1SnOsjkCt
+nRzw3ISZXCcP27JpNqyJVti6JwQ0DFetMtalhXDeqRvuTyIdHes3VWDpBw6SRTcc
+mI6Yz2ZiL2k27fjo4EwoyihMkSXtFkBiTQWym0FoWBZFh436GQlygn5BczHlTHRl
+vKZ0fx4NcIzr2pYVFqnTSzKFA6a6R30sv7Q2U05GlIsYOpnoraKSahZOIKP0uIG/
+e/6JF0j7kyVDl1SvwnSNXY/LM3slsR+c2s+kacIXXO/szON8aszjT5h67sRrl/Su
+T4SfpWh6pJMD9OLmvtXftJcXEzTMM4b/TyKqPBkzgJd5HPgsVlTJt33u4LYOvS0r
+b/RBIGXsRG3pC4ihftt6OQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEdTCCA12gAwIBAgIJANjJM0P+XTkpMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
+BAYTAlVTMSUwIwYDVQQKExxTdGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTIw
+MAYDVQQLEylTdGFyZmllbGQgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eTAeFw0wOTA4MzAwMDAwMDBaFw0zNDA2MjgxODAwMDBaMIGYMQswCQYDVQQGEwJV
+UzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTElMCMGA1UE
+ChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjE7MDkGA1UEAxMyU3RhcmZp
+ZWxkIFNlcnZpY2VzIFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVDDrEKvlO4vW+GZdfjohTsR8/
+y8+fIBNtKTrID30892t2OGPZNmCom15cAICyL1l/9of5JUOG52kbUpqQ4XHj2C0N
+Tm/2yEnZtvMaVq4rtnQU68/7JuMauh2WLmo7WJSJR1b/JaCTcFOD2oR0FMNnngRo
+Ot+OQFodSk7PQ5E751bWAHDLUu57fa4657wx+UX2wmDPE1kCK4DMNEffud6QZW0C
+zyyRpqbn3oUYSXxmTqM6bam17jQuug0DuDPfR+uxa40l2ZvOgdFFRjKWcIfeAg5J
+Q4W2bHO7ZOphQazJ1FTfhy/HIrImzJ9ZVGif/L4qL8RVHHVAYBeFAlU5i38FAgMB
+AAGjgfAwge0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0O
+BBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMB8GA1UdIwQYMBaAFL9ft9HO3R+G9FtV
+rNzXEMIOqYjnME8GCCsGAQUFBwEBBEMwQTAcBggrBgEFBQcwAYYQaHR0cDovL28u
+c3MyLnVzLzAhBggrBgEFBQcwAoYVaHR0cDovL3guc3MyLnVzL3guY2VyMCYGA1Ud
+HwQfMB0wG6AZoBeGFWh0dHA6Ly9zLnNzMi51cy9yLmNybDARBgNVHSAECjAIMAYG
+BFUdIAAwDQYJKoZIhvcNAQELBQADggEBAFg2BzSkeJ19IPlQijzXPYRZEQnTjtFF
+a5d5aSZCk6JTcsq9dtgat6bQKkpDz7RETHpz9B7n1LJeLMOAcQuVjF65CCavDmp0
+aw17VmC63u7Z4tNWupeSPSuKCGkIwofgBhBC7PsZrszaKHO1TkAcWDGWHnjVTMht
+4sfv66jepOqUBClYXmRsCdxXqlKCjJHUptov3ho4ANG9RZXTn13p36AU1tyZ1iFi
+WghNWnoXQ8UdcIZiX5y7D6HMZ6CcCt59vSLRMsYX8Bw/jWV8M+N4mr+F5ydmSq5J
+BkV9W9BzwNXiOxwWcLbidb1N28HhoMlQhihpxsUpIgD2WtsQgeaNjUA=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMx
@@ -1307,71 +926,687 @@ l08YuW3e95ORCLp+QCztweq7dp4zBncdDQh/U90bZKuCJ/Fp1U1ervShw3WnWEQt
 VsyuLAOQ1xk4meTKCRlb/weWsKh/NEnfVqn3sF/tM+2MR7cwA130A4w=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEmDCCA4CgAwIBAgIDBtbuMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBM
-MSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5D
-ZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBU
-cnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDkxMjAzMTIzMDUxWhcNMjQxMjAzMTIzMDUx
-WjCBgjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVz
-IFMuQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEm
-MCQGA1UEAxMdQ2VydHVtIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EwggEiMA0GCSqG
-SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3W3lk/RUZrr5J8tMKvkb5MN3al48ovTYC
-Dg6rsd2BTM0oJcNVIkmvx2mgxHu/4S2Rtbkv+vNbhUyT1vAo7gdsy+PyWo0oPuFZ
-PN05eX65Sj3HntuO0dvs0RMrpb/BbAwBBa1xyJLL/53spkD4bDaPPE7mL0FLENNA
-jtJOJFxhnK7It4Pp+DgDycucGznoeSERcrGLouodjn7rJBMv8wlqmoAiRtdsSYsz
-V2QP+zWTgPJNxZYrQyqAbSOZ4QxFkirLgvfgUWNFEmOlprcyv3shn+HS9S8y/FQ8
-uENQuhFdVh4yM7t3PAmJeWXncU1qaoGxb6VPJWT0atvuH0n2BFedAgMBAAGjggEY
-MIIBFDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4E
-FgQUwDsK+g/Z/g9OAphlFAyKHi4AjAMwHwYDVR0jBBgwFoAUCHbNywf/JPbFze27
-kLzihDdGdfcwQQYIKwYBBQUHAQEENTAzMDEGCCsGAQUFBzAChiVodHRwOi8vcmVw
-b3NpdG9yeS5jZXJ0dW0ucGwvY3RuY2EuY2VyMC8GA1UdHwQoMCYwJKAioCCGHmh0
-dHA6Ly9jcmwuY2VydHVtLnBsL2N0bmNhLmNybDA6BgNVHSAEMzAxMC8GBFUdIAAw
-JzAlBggrBgEFBQcCARYZaHR0cHM6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG
-9w0BAQUFAAOCAQEA0uI98v8hovXCAcAqGqmG1xw8veonr3Ao2stIYif3ohUKv3Q9
-LcqLpcDcFb0FpiZuqP3JOFNy0JnGzZ7G2W4dX8SeWiACgl7m8LqKiyUHGOJ/4jK+
-tINRYtCJmIvIOrN2K1Knm7UZ8jymwSnSYeLeR2H/jitJQ6Ijciy54TB3LM4/H5/o
-XDJbNfGm8OmX2J1c4CsjISRqfZtPcE6obdXJ6WqokuFWS5wsIKTwUoOLtZCsjRzG
-B87WdFmObLm5m2mdCgD5da20GxfsgovX8sbe/o1R6eT1Ux8t/mlVut5fpTvn0xK0
-XSJQerQ4UoAPGI1BSK67+yhul3ADUkIvyp4PXw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIHFjCCBQCgAwIBAgIQbXHiW3u2tjZMvqhI46SpgTALBgkqhkiG9w0BAQswODEL
+MIIFMjCCBBqgAwIBAgIDCZBjMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBD
+bGFzcyAzIENBIDIgMjAwOTAeFw0wOTExMTIxMjQ2NTVaFw0yOTExMDUwODM1NTha
+MEwxCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxJjAkBgNVBAMM
+HUQtVFJVU1QgU1NMIENsYXNzIDMgQ0EgMSAyMDA5MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAoal0SyLSijE0JkuhHJmOCbmQznyxuSY7DaEwhUsdUpI+
+2llkDLz6s9BWQe1zCVXDhrt3qz5U5H4h6jxm5Ec+ZbFiU3Gv2yxpI5cRPrqj9mJU
+1CGgy1+29khuUnoopzSq66HPuGZGh06I7bJkXTQ7AQ92z1MdL2wATj1UWdNid3sQ
+NiWIm+69nURHY6tmCNenNcG6aV4qjHMUPsjpCRabNY9nUO12rsmiDW2mbAC3gcxQ
+lqLgLYur9HvB8cW0xu2JZ/B3PXmNphVuWskp3Y1u0SvIYzuEsE7lWDbBmtWZtabB
+hzThkDQvd+3keQ1sU/beq1NeXfgKzQ5G+4Ql2PUY/wIDAQABo4ICGjCCAhYwHwYD
+VR0jBBgwFoAU/doUxJ8w3iG9HkI5/KtjI0ng8YQwRAYIKwYBBQUHAQEEODA2MDQG
+CCsGAQUFBzABhihodHRwOi8vcm9vdC1jMy1jYTItMjAwOS5vY3NwLmQtdHJ1c3Qu
+bmV0MF8GA1UdIARYMFYwVAYEVR0gADBMMEoGCCsGAQUFBwIBFj5odHRwOi8vd3d3
+LmQtdHJ1c3QubmV0L2ludGVybmV0L2ZpbGVzL0QtVFJVU1RfUm9vdF9QS0lfQ1BT
+LnBkZjAzBgNVHREELDAqgRBpbmZvQGQtdHJ1c3QubmV0hhZodHRwOi8vd3d3LmQt
+dHJ1c3QubmV0MIHTBgNVHR8EgcswgcgwgYCgfqB8hnpsZGFwOi8vZGlyZWN0b3J5
+LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xhc3MlMjAzJTIwQ0El
+MjAyJTIwMjAwOSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZv
+Y2F0aW9ubGlzdDBDoEGgP4Y9aHR0cDovL3d3dy5kLXRydXN0Lm5ldC9jcmwvZC10
+cnVzdF9yb290X2NsYXNzXzNfY2FfMl8yMDA5LmNybDAdBgNVHQ4EFgQUUBkylJrE
+tQRNVtDAgyHVNVWwsXowDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwDQYJKoZIhvcNAQELBQADggEBABM5QRHX/yInsmZLWVlvmWmKb3c4IB3hAIVR
+sAGhkvQJ/RD1GZjZUBBYMWkD1P37fTQxlqTOe3NecVvElkYZuCq7HSM6o7awzb3m
+yLn1kN+hDCsxX0EYbVSNjEjkW3QEkqJH9owH4qeMDxf7tfXB7BVKO+rarYPa2PR8
+Wz2KhjFDmAeFg2J89YcpeJJEEJXoweAkgJEEwwEIfJ2yLjYo78RD0Rvij/+zkfj9
++dSvTiZTuqicyo37qNoYHgchuqXnKodhWkW89oo2NKhfeNHHbqvXEJmx0PbI6YyQ
+50GnYECZRHNKhgbPEtNy/QetU53aWlTlvu4NIwLW5XVsrxlQ2Zw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFRTCCBC2gAwIBAgIDCZBkMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD
+bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0wOTExMTIxMjUyNDNaFw0yOTExMDUwODUw
+NDZaME8xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKTAnBgNV
+BAMMIEQtVFJVU1QgU1NMIENsYXNzIDMgQ0EgMSBFViAyMDA5MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygp+ZziakFyPq80fk1QIT9UCcPy0R3UIyq56
+hXA6lhgfs1l9R9wRM9/DIVX2olb0gHCXdpnHRm+jwzeL3dHJO8Im5Om/c24ZfSVE
+zBcgKxS5X7X5e7oCYb9tozd9xs04WqYd5kWrvCJsSQf5gtv5gAeJt+QiU7dtXs3A
+YDflWv4g9eEaDExxM0VQmceEAo5qc7I7dk5ry356G14zQmr29cxie6YS0kH+7qn5
+g+c21M01sENle0tBPxIfkv+nV95Ih3JkpHSPm/wgFKfCtwRtG+5VehUoMEpgfi0X
+fmVkag558aQpaaeQCtYZnXuq6g1D1LAcjIqMpOP4wNRp1ldLzQIDAQABo4ICJzCC
+AiMwHwYDVR0jBBgwFoAU05SKTGITKhkuzK9yin0215oc3GcwRwYIKwYBBQUHAQEE
+OzA5MDcGCCsGAQUFBzABhitodHRwOi8vcm9vdC1jMy1jYTItZXYtMjAwOS5vY3Nw
+LmQtdHJ1c3QubmV0MF8GA1UdIARYMFYwVAYEVR0gADBMMEoGCCsGAQUFBwIBFj5o
+dHRwOi8vd3d3LmQtdHJ1c3QubmV0L2ludGVybmV0L2ZpbGVzL0QtVFJVU1RfUm9v
+dF9QS0lfQ1BTLnBkZjAzBgNVHREELDAqgRBpbmZvQGQtdHJ1c3QubmV0hhZodHRw
+Oi8vd3d3LmQtdHJ1c3QubmV0MIHdBgNVHR8EgdUwgdIwgYeggYSggYGGf2xkYXA6
+Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQvQ049RC1UUlVTVCUyMFJvb3QlMjBDbGFz
+cyUyMDMlMjBDQSUyMDIlMjBFViUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURF
+P2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwRqBEoEKGQGh0dHA6Ly93d3cuZC10
+cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfZXZfMjAwOS5j
+cmwwHQYDVR0OBBYEFKztpZ16orZD8RiKJWpsscyo8lrUMA4GA1UdDwEB/wQEAwIB
+BjASBgNVHRMBAf8ECDAGAQH/AgEAMA0GCSqGSIb3DQEBCwUAA4IBAQA6I3sGyvb4
+MdTyEZFBBWBN/5Kx1SVkkPsll8DvgosJiuuK4I7mD6FFKDjKgogr407EoDSS2t1+
+pSmQCb0rNXoJT3YIlpZGqPYU2rcwrelabJQZWAfoRnbkDx2aqofhp5u45dyQpM2t
+R93/oA36iuHYc9Ewq8CaLGolrpT138RD7i4nN7sZFuFH0IseNz0+EZm88NHi9WeJ
+UyshWFKBKARi+589Y4P/G2XnbckxFKUxa7uEroZcMwvKBy469K0Au0zVTxs1zNtf
+Ol3QkNgPwzOPeHhOnpzcenyPgNEm+HQ0FPTnB4HeKBqTeLpkM7h4gq5MZ2TPmfuX
+KDz3AHrWLLdH
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE7TCCA9WgAwIBAgIBGTANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3NlYyBMdGQuMScwJQYD
+VQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkxHzAdBgkqhkiG9w0B
+CQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMDkxMjAyMTYwMDAwWhcNMjkxMjI5MTYw
+MDAwWjCBhTELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQK
+DA1NaWNyb3NlYyBMdGQuMSowKAYDVQQDDCFBZHZhbmNlZCBDbGFzcyAzIGUtU3pp
+Z25vIENBIDIwMDkxHzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXfl3YP3Zl5+AG6LZuE2CBicT5
+07Cj1q3LlzUc7YIykix/h2k/5E+1dDSO2SPINrfttUvcxp4sbzW7mjXpY+64sdjg
+DLhEQGbH0oCjDBxcqKtI4zSNrF2uwOx06tkRT5GvZzbBN9aRFj20+HmYdUS+XDRu
+MKgWXzx/9uvyDNHstyGEQGS280UKjZnuM8TWX53a6aKoVJIHERmK3uqc9BcM0nuA
+y/tFD8joBtemKZYH4yfnpTteGIRK8Uu0EoPt6kjM6YrgFZ765gsOFU2gZ5QmTmGH
+HcpM2hX702eRS/pfpqHwsiXdQpRcpfVaBDlzkI1n4IfPMeiXuYcO3UTzgmP/AgMB
+AAGjggFnMIIBYzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA7BgNV
+HSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL2NwLmUtc3ppZ25v
+Lmh1L3FjcHMwHQYDVR0OBBYEFCa3GAGsnHjvwKWHwA0/PJryi0WBMB8GA1UdIwQY
+MBaAFMsPxt9CQ8w9y7VII6EaeqYquzRoMBsGA1UdEQQUMBKBEGluZm9AZS1zemln
+bm8uaHUwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5lLXN6aWduby5odS9y
+b290Y2EyMDA5LmNybDBuBggrBgEFBQcBAQRiMGAwKwYIKwYBBQUHMAGGH2h0dHA6
+Ly9yb290b2NzcDIwMDkuZS1zemlnbm8uaHUwMQYIKwYBBQUHMAKGJWh0dHA6Ly93
+d3cuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcnQwDQYJKoZIhvcNAQELBQADggEB
+AAgx8vZl/lgms9yJjqaixckqCnrXbo2IiY+ZgD0dcu/hHpKGiafdSKYE+jXtpbyT
+7pbqHKfuC87qK6tbUSo4UViyhBmpITlOfvghyNzHIT5Vbb1rSzPNd4tYBQRI8kZ6
+gCZFZ22VR3YZ+yclip6g1a1DY2NSW/asx9mqVWn0D9lMvm6dUMLhmW8lR52KqDWf
+mROe+APmuxhC78qqOP0tI7HwjvOaYeGzQknJrgj4f2DWLTm8r8zH7CmgmMr1tDWQ
+BY6nMCPK3lWhxtFwJP48RoZFIX9SmP6oH9gIDNe4WjzZICnhraW0B3t/0D8ZqY+m
+Y0V57A+i2iwOA/lQBHS2rPw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE5TCCA82gAwIBAgIBFjANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3NlYyBMdGQuMScwJQYD
+VQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkxHzAdBgkqhkiG9w0B
+CQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMDkxMjAyMTYwMDAwWhcNMjkxMjI5MTYw
+MDAwWjB+MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoM
+DU1pY3Jvc2VjIEx0ZC4xIzAhBgNVBAMMGlF1YWxpZmllZCBlLVN6aWdubyBDQSAy
+MDA5MR8wHQYJKoZIhvcNAQkBFhBpbmZvQGUtc3ppZ25vLmh1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJqmBGY9xZ51zoea/outpBPnSoI/vo/yR+DO
+m7H846WTrGzry2dCR0rb2wqGY7Sw2UnLOVUANofd/lH1msxRi8NaiJDC7mKOz4MF
+oXtDQzyC8BedK8sEJgQRe5r7zpujqZ389uab/loufLn06V3/LVP7jbUxf/gX6ovO
+dvNtG9LEE2V+YuRm46NZbEFytiPls//8eMv+/52noHwrbr+xvHOr4aN7+63FFVRs
+1yz2mdEcd74qVAYDylZo0xI042cxkBNdj3ImjgNHhg+vVLiYKbHikAMwxTBzv7ht
+RmoPMDJID3V9aahTSeCtz3EB3+n+1gDWojmj+RfqNCD1B5J7GQIDAQABo4IBZzCC
+AWMwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwOwYDVR0gBDQwMjAw
+BgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcC5lLXN6aWduby5odS9xY3Bz
+MB0GA1UdDgQWBBTRimP+ywj96UoXaAGtPA7V3Zf3BDAfBgNVHSMEGDAWgBTLD8bf
+QkPMPcu1SCOhGnqmKrs0aDAbBgNVHREEFDASgRBpbmZvQGUtc3ppZ25vLmh1MDYG
+A1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZS1zemlnbm8uaHUvcm9vdGNhMjAw
+OS5jcmwwbgYIKwYBBQUHAQEEYjBgMCsGCCsGAQUFBzABhh9odHRwOi8vcm9vdG9j
+c3AyMDA5LmUtc3ppZ25vLmh1MDEGCCsGAQUFBzAChiVodHRwOi8vd3d3LmUtc3pp
+Z25vLmh1L3Jvb3RjYTIwMDkuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQB8he+K09wl
+6wEpphQvsko9HkVEP3ghRrLV+idNcly83q+ipEtuSUGmnVhDM1K0h+xiLHZuJ694
+lj/xwy2n5G36WXP2gG4A3Xciq0FuqV4w/AYRVzkTiwaJhdG2i8SamBgpu4mhwBRm
+XCRYXzNwTw+/oL43CB2/+0l3LVmhe9DXt30MJ4svN9UKho1h/d11QBCi8WCkdE0W
+aYYxUXTS3dUBjOFgVwH/Pa6Q+RBVaXhr21YgaFS38ykxF5+KFWxgzqhHTI75lWVi
+FPDHJJJ0hCClol0cVMai7iQArnSG7ZN7WznPrVU2o2VhQObHu7ANtPNfT5d2EQeQ
+KJWSNciRog7R
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE7TCCA9WgAwIBAgIBGDANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3NlYyBMdGQuMScwJQYD
+VQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkxHzAdBgkqhkiG9w0B
+CQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMDkxMjAyMTYwMDAwWhcNMjkxMjI5MTYw
+MDAwWjCBhTELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQK
+DA1NaWNyb3NlYyBMdGQuMSowKAYDVQQDDCFBZHZhbmNlZCBDbGFzcyAyIGUtU3pp
+Z25vIENBIDIwMDkxHzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0T/4LGUJd2jJH4e+s0fdMK9r4
+DWRFFCKARQwE+PoeTmNHisCjsXjz7vjgB1ogvoNa4UxycfEKQhXe1MrwC7/17dRG
+QjLaATTqznUvkb+jZ250ONnu3Q0ble960l5wHS5qOlJOaIa+3eDsYkwxJUy0cYFZ
+qbVB9Y8FiJTDGnXFi96xz1Hf/JjA8y58tQzlbwAdJR2dszYR2W0wnJ35V4K/PdsB
+C8XLKZmv8F04it9t4MIJ3YGrDfeam0l0ThBlwEuoihBXB9rKwrtdZubyuXvYAGO9
+a94/wYMhd9eflO1B0pWuhDZCY4Fu/+6CHybYT4/fhXXp4Bcl6zbns9I9BTDfAgMB
+AAGjggFnMIIBYzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA7BgNV
+HSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL2NwLmUtc3ppZ25v
+Lmh1L3FjcHMwHQYDVR0OBBYEFD617fKjJSjkAjerFsO1/ZyAv1M4MB8GA1UdIwQY
+MBaAFMsPxt9CQ8w9y7VII6EaeqYquzRoMBsGA1UdEQQUMBKBEGluZm9AZS1zemln
+bm8uaHUwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5lLXN6aWduby5odS9y
+b290Y2EyMDA5LmNybDBuBggrBgEFBQcBAQRiMGAwKwYIKwYBBQUHMAGGH2h0dHA6
+Ly9yb290b2NzcDIwMDkuZS1zemlnbm8uaHUwMQYIKwYBBQUHMAKGJWh0dHA6Ly93
+d3cuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcnQwDQYJKoZIhvcNAQELBQADggEB
+AMsiD8NEXtuKGTdw+aZ2fZrc2PKArjTZyqiaUax+4VFl9G+L2gvNNNQVxf3HZBLi
+S90lDNGvV+zVpZDWKWvhnzqmYaqiTwCaaiOgJTDtffUvGzW9VmKZaEPUfYvP4s+I
+rlHkT0hwD9nsg+N2PaDLcHzGZUNvDqLxbaKuUqzFVqVAm1upuiX4ZifNNkFZ2faA
+RNyUVsEWMTMy3k6JKDMix0Qd/xdE2zfNRzI/i8klUJgcJq/VrOpw6nZYKn7n/XFG
+sGF/Ef2e7kGKeADjjS1yH/3r0Y4wmEZvCaYaOptD6vY3EMiDiFN8VFFe/f+zreR2
+WyW2W6T+SGVDfAkacwhekTY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8jCCA9qgAwIBAgIBGjANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3NlYyBMdGQuMScwJQYD
+VQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkxHzAdBgkqhkiG9w0B
+CQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMDkxMjAyMTYwMDAwWhcNMjkxMjI5MTYw
+MDAwWjCBijELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQK
+DA1NaWNyb3NlYyBMdGQuMS8wLQYDVQQDDCZBZHZhbmNlZCBQc2V1ZG9ueW1vdXMg
+ZS1Temlnbm8gQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o
+dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBz0mD8QmA6LJt+YOZY
+NmD6QwPqdA+VFPdj9kPT+N+fmCTOt0rfOyaEsE8QyglwHCw3ZOop9ftKu18ojHOa
+RrJSa2klzQv2sHSMhOdC0DMtw8DBjst0q9nNNGFo6dKo8E+7BYb/iCNWjGxncQ67
+PUSPuh8bKrk9OnDch70VUk92k/jOS9qXBD0KLwkbUqexZcTF20ZVF1fZuxKvxWZ+
+UnxZeUZLJv/C6yv5n8lXUN3uQZkon6oRa8ctZ7xAqdSsmUT2qCbE7/hg9RYbIH+7
+lbMqi/wEREzOyHUJfeBVZg47byl1GThtgmRPejcjZMamybbTuti0v5fXN3jz+G3M
+lNcCAwEAAaOCAWcwggFjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3AuZS1z
+emlnbm8uaHUvcWNwczAdBgNVHQ4EFgQUo4UxjmMYhi2v2BfNoTfEnOsBHfcwHwYD
+VR0jBBgwFoAUyw/G30JDzD3LtUgjoRp6piq7NGgwGwYDVR0RBBQwEoEQaW5mb0Bl
+LXN6aWduby5odTA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmUtc3ppZ25v
+Lmh1L3Jvb3RjYTIwMDkuY3JsMG4GCCsGAQUFBwEBBGIwYDArBggrBgEFBQcwAYYf
+aHR0cDovL3Jvb3RvY3NwMjAwOS5lLXN6aWduby5odTAxBggrBgEFBQcwAoYlaHR0
+cDovL3d3dy5lLXN6aWduby5odS9yb290Y2EyMDA5LmNydDANBgkqhkiG9w0BAQsF
+AAOCAQEAQjlh1SGe4j5Iyr9HrwqqI+tgaerQETPhy1cRaDCeCnPT/RveEgyDVhKA
+mpwZhKAdl+2fRUk+xSI3QFHibUPVoDl3CUNvL9LAMeM2SjsGO9oQDVbjFLzXQ0zL
+wFDwE4SXzLHZWNCHrIOVzXxAxYogVu4uB0tBQ7TpIO6y1JGkqX0R2coNX0zdPDWF
+Xerjqe1PT021ju0a41VMFmFX0PNMhr5CfYnSbsRjnM4Ztrk1nMK8VydfXy9CnJ0W
+wPhb+hFr0XnuKuWEttwg5+STRlpVRhAxmlPUUPplAlw99wv/QCQMDdhniIaYXil+
+hpMs7M6BLq0N/u/H9ut/xedcjYCDFA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8zCCA9ugAwIBAgIBFzANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCSFUx
+ETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3NlYyBMdGQuMScwJQYD
+VQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkxHzAdBgkqhkiG9w0B
+CQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMDkxMjAyMTYwMDAwWhcNMjkxMjI5MTYw
+MDAwWjCBizELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQK
+DA1NaWNyb3NlYyBMdGQuMTAwLgYDVQQDDCdRdWFsaWZpZWQgUHNldWRvbnltb3Vz
+IGUtU3ppZ25vIENBIDIwMDkxHzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8u
+aHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCShR63uLI4AbVP1dmo
+v12v94KDhTo6BT1sPHTu+qeCmYuu5mcX4YezH4KGy04rimZ24O4g7fGnQUa+Ngq/
+ul8J4QgL9v7c9J67I7iFpUA/Jft7ueTpJzgK2+J40qmkkb6gBq3v3zwJz9NZeNMk
+vpaNHYRFzp8qxHGz5CsJcij8PAYE0bv4ulXm+y2Hxq/9aClJ3CXWDPl+wBYpuUn8
+kcEU+pDhVHvXX8CP6PO/AcR5Jpna+pem95CqvjWRO6a4ta7Y4ZdNTvDi5Zqnm2jL
+DRlKjOL6OrSWDIABmJUnKxlW5sQeYxreoOfk+9lRc6k8/C60f24qO1prH42QzaLp
+a3jZAgMBAAGjggFnMIIBYzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIB
+BjA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL2NwLmUt
+c3ppZ25vLmh1L3FjcHMwHQYDVR0OBBYEFJJ9tkVQDu+WMGe06dDTRHlITyDLMB8G
+A1UdIwQYMBaAFMsPxt9CQ8w9y7VII6EaeqYquzRoMBsGA1UdEQQUMBKBEGluZm9A
+ZS1zemlnbm8uaHUwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5lLXN6aWdu
+by5odS9yb290Y2EyMDA5LmNybDBuBggrBgEFBQcBAQRiMGAwKwYIKwYBBQUHMAGG
+H2h0dHA6Ly9yb290b2NzcDIwMDkuZS1zemlnbm8uaHUwMQYIKwYBBQUHMAKGJWh0
+dHA6Ly93d3cuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcnQwDQYJKoZIhvcNAQEL
+BQADggEBAHupcutAk0J2U6+1hPGIPiXdolZdJ9lGkVsDivOxuNzKh0Dj61XaVjQr
+iidBrd+ipNNOCYwUF0nGEPS65Fz3AjIDFg5iADqdmTK4SWe7QvuzW4KNwT7XWmBH
+MetID0y8Bi7wO7aCh7TQ408U9gSqrw3CCN6kXx/zqqW2CwiO2c+o7ZmREGMxXNHi
+qNXy2bRd1twSU3VSIcdZ1CSRU+VWxfIg2dmOJJcgHGkLfhVCnLn4k8aA+kxVGEy/
+pVD9PSZSj4siECm6gsNLDWD/f0iviVpIL0Pcq15v1n1+uy9tveMjxbSUdxthDNP0
+CCmCPJDb1OaJZsrW7ESow42DMZd5Sxo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGbzCCBFegAwIBAgIQANXLicKTAJvtvQFL3BCWAjANBgkqhkiG9w0BAQUFADBJ
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQDExpT
+d2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjAeFw0xMDAzMDgxNDA1MDRaFw0yNTAz
+MDQxNDA1MDRaMFcxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcx
+MTAvBgNVBAMTKFN3aXNzU2lnbiBTdWlzc2VJRCBQbGF0aW51bSBDQSAyMDEwIC0g
+RzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhxIQRcjI0MdxZiPdC
+tU7/k4F+shRorhq74URxIV7gy9D3/BXen0MZJN/y+WNyAc08hijiIdiHzElWfscr
+s8brJL4mehCyXlzwMjtQTllb+SN8ePjlb6sObKGe1CobsWM9lCg9Z2ULaUaRXY0S
+16dT5TSNd/Y2lDDcuI+0XcKOWJevwF26wmS9SbQi19olpsXj7KAVr2oCb1gsZhow
+1yTXsKgqwJW0N1oUqMGbcKiVl4HkYARlPB0HAWcc2n19e+f5C43CETnAxlPjqlVc
+1smUKucR1uWaJYSF6L2MHnfzWFKwpqL/MtqV1VD9pK7XRZiDkoqRR9JZVVJxP6Po
++0zZAgMBAAGjggJDMIICPzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQU6USGgJLqTlB3yeeSCELXX8DCJUIwHwYDVR0jBBgwFoAU
+UK/MB4cVR284xbRl0d6VqunfnMwwgf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDov
+L2NybC5zd2lzc3NpZ24ubmV0LzUwQUZDQzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5
+NUFBRTlERjlDQ0MwgaiggaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2ln
+bi5uZXQvQ049NTBBRkNDMDc4NzE1NDc2RjM4QzVCNDY1RDFERTk1QUFFOURGOUND
+QyUyQ089U3dpc3NTaWduJTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0
+P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwYQYDVR0gBFow
+WDBWBgRVHSAAME4wTAYIKwYBBQUHAgEWQGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNz
+c2lnbi5jb20vU3dpc3NTaWduLVBsYXRpbnVtLUNQLUNQUy1SMy5wZGYwdAYIKwYB
+BQUHAQEEaDBmMGQGCCsGAQUFBzAChlhodHRwOi8vc3dpc3NzaWduLm5ldC9jZ2kt
+YmluL2F1dGhvcml0eS9kb3dubG9hZC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVE
+MURFOTVBQUU5REY5Q0NDMA0GCSqGSIb3DQEBBQUAA4ICAQA6hj4f0Cef1KmpWwcF
+7five23ZyhWfnfzoXRSIfUiFpY0xVmirT+wqNe5an6RmuQ0CpbCG+TiqCGWXG2eA
+jsNIbj7X/1Iael7wNO+eBEd6wDNWRsd8Kg2qUoYGeMKnqL5x2bM5veimPQwJ3mRC
+Q+SzDdhOQFckOI1pTjdhFFdvW4QCBBuLMqQGDFkamMNrgVKzmvL5iratd5pSU9aY
+JH3BlLmRnVqfJ/DJFKYVAr9s8yKQLD3JJ7bwO3P2cw3BmYc0a+EZhQX4XRAcxv6x
+1sbHpMPjrl+p1h7kzv9ikSVG9LqMo49JypRmirTHGsFqRzhc9CA04KsJG7Q8qBE5
+Z5Qa/fNnDy5jlfLkMmh7sXtqfEQmBPD0DjVLRYOHvkjCOv2X3VL0jN6IZHeDpLqG
+t6T3w9aN0eYB8ij0UcYJJdskV9r3nyHzZAqfJ1TLv16dfBFw9u+XDUWhOQFaBzS5
+x4jHeNUyVTs3IT7Q8KIwhYz9gFufQHQqZNhvaF117xgManYz6ptbbBC/WCML2+2b
+QSezVt6Y3caB5ZDFBcwBhcMlZv50XLWw4jC+HOnfV6LTrHgLcS6JBcg3ORB2A4v/
+tvl7mvbczjFZ0hK/0gQfA9zgi5cnY0GsHzOT1GZlFxA6N4d3AMzuf6LcWU+Mvb9K
+1Xbyoi4+LDNiNCHNA4FAz7vF3g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHXjCCBUagAwIBAgIQAKsyzbybWZQjBPpthOQNvTANBgkqhkiG9w0BAQsFADBJ
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQDExpT
+d2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjAeFw0xMDA0MDYxNDAzMzRaFw0yNTA0
+MDIxNDAzMzRaMFgxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcx
+MjAwBgNVBAMTKVN3aXNzU2lnbiBRdWFsaWZpZWQgUGxhdGludW0gQ0EgMjAxMCAt
+IEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/Nq1vxVCDLq5FQg
++qcam1UZ7venCbHcS92nS1V2uCNfyGed5RNaBYy5fW6SDMUClMcfNGHlMBf2xkje
+61jUjkeVghpwbzSiXJHpogZjBbrv5Kfy7J0cuiOT1iNY6XOAXSTXq56S2ySUs6s9
+c2D6Sg8AtG0zLgHvBs2zZ8dL934FGN/1cG/8m+QMhvlDHvaAnUTIEi1zUfsWTNO+
+vPWONxCFf3Nt59hLCGWf6KsRSj8x89AzZSv8Ih5dTiJLQyvej9f0JRMiPPa9tL0C
+vYzNK2tgu5DQJcS+NZOODSSB0iDvXI+NyR5CyYpJriXvDrCI6T3nTFyz/QpZ1XfT
+/S9ONQIDAQABo4IDMTCCAy0wRQYDVR0SBD4wPKQ6MDgxCzAJBgNVBAYUAkNIMSkw
+JwYDVQQKFCBaZXJ0RVMgUmVjb2duaXRpb24gQm9keTogS1BNRyBBRzAOBgNVHQ8B
+Af8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUclHgqp37fjhE
+6gJvQMifzii/HHcwHwYDVR0jBBgwFoAUUK/MB4cVR284xbRl0d6VqunfnMwwgf8G
+A1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lzc3NpZ24ubmV0LzUwQUZD
+QzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5NUFBRTlERjlDQ0MwgaiggaWggaKGgZ9s
+ZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049NTBBRkNDMDc4NzE1NDc2
+RjM4QzVCNDY1RDFERTk1QUFFOURGOUNDQyUyQ089U3dpc3NTaWduJTJDQz1DSD9j
+ZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlz
+dHJpYnV0aW9uUG9pbnQwgeMGA1UdIASB2zCB2DCB1QYEVR0gADCBzDBMBggrBgEF
+BQcCARZAaHR0cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS9Td2lzc1NpZ24t
+UGxhdGludW0tQ1AtQ1BTLVIzLnBkZjB8BggrBgEFBQcCAjBwGm5UaGlzIGlzIGEg
+Y2VydGlmaWNhdGlvbiBhdXRob3JpdHkgdGhhdCBpc3N1ZXMgcXVhbGlmaWVkIGNl
+cnRpZmljYXRlcyBhY2NvcmRpbmcgdG8gU3dpc3MgZGlnaXRhbCBzaWduYXR1cmUg
+bGF3LjB0BggrBgEFBQcBAQRoMGYwZAYIKwYBBQUHMAKGWGh0dHA6Ly9zd2lzc3Np
+Z24ubmV0L2NnaS1iaW4vYXV0aG9yaXR5L2Rvd25sb2FkLzUwQUZDQzA3ODcxNTQ3
+NkYzOEM1QjQ2NUQxREU5NUFBRTlERjlDQ0MwIgYIKwYBBQUHAQMEFjAUMAgGBgQA
+jkYBATAIBgYEAI5GAQQwDQYJKoZIhvcNAQELBQADggIBAHIHWE9BG6AGAhFngTAT
+KHLed0Hk1+nUUplgpdDB/Ysj5eKyd6i0M3eAEtd5hFjuCBAzZwV5JQEfUQ0Cdqpf
+nEwG0IzlOeUkmbaBHRtGQalgJZlqYFcr6Wqr5VYF1d3SlaW6o5T3OJUDm6dG2o2J
+93OK5aYH930ied4kAebt5Z1U5RZUBS/DANks3A6MHNfbYKanasGeTX5IRA2TpST9
+/swvHAihYWFZuRe74d8UuF7ASXf/ierF+/aaCY5htZ3Pqi+tTjUKP5QnO0S5c5b+
+R1AUCh02d+XXBMrAtI8BOkLYkmi9LwV4dgXsYZdPsuRHDe3flbJlepxO2t8mQ09m
+Vo4BOSG6TxwyGOxtsKo/oShFo1FsJwDO7h7s80ueRXG4dCpXl7Kl/LUxz79iWitp
+QkEwPJp0aOyghqqLS31YvBUBuMqsgRM3T/FUk2zE3VHlXyKFWKjhed4MFeGLqgh9
+sjqSv4BNQar+ovgVCEbhtqh1bsNmpFljmYSGTKvjzr+KCHY27xvPCHNvbFAleY+u
+1TTj7RHeroLu5vAUd3kanCsSYmDADAu6mOoTSNcN9JfqLbBjE8pQlUOz0imwKTIh
+zlTU94oHxlorNgvE1ojqnivGtRMYHFw6T6GRb6hoFJxMBsfEaib6rjSHZEANsaKs
+LTVhkFps6f299VNAZTDZDgs8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEFzCCAv+gAwIBAgILBAAAAAABJ/vSI2QwDQYJKoZIhvcNAQELBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTAwNDE0MTEwMDAwWhcNMjkwMzEw
+MTEwMDAwWjBZMRgwFgYDVQQLEw9UaW1lc3RhbXBpbmcgQ0ExEzARBgNVBAoTCkds
+b2JhbFNpZ24xKDAmBgNVBAMTH0dsb2JhbFNpZ24gVGltZXN0YW1waW5nIENBIC0g
+UjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD8k6EclXGMvwf0+Qj1
+5+ZwJ3O900E7S49V6pX7d665Noa5LSFbENPI1YDUilCR052Z+xkIaZYkU/Bd46NO
+kaEomDzFgBmC/AFdiuRrcDqWNjKuvwFixNajso0VQNLdxf3XPrUxCuxT73FvXucr
+P20ZYKtMqJhKK4y8ZUQvoGrf0C6d+dmTPrxLf3taXXMIr75RsZoRwgj4FsUz+2a8
+z/262c2zQC1waMrS/Nc8K468iDchEJ65UEX3LtCkHI6M7W6N4adCtTTPaOFhS12d
+f9J9e9eC7hjEJEcKN1l1ynTF/DGeA4u7DGULrYDGMq/T+FGr/Kd/GZzSg7f3E9pY
+Tm39AgMBAAGjgewwgekwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0OBBYEFIxaYiyqWtLT8genoZZca4v+n7NlMEsGA1UdIAREMEIwQAYJ
+KwYBBAGgMgEeMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5j
+b20vcmVwb3NpdG9yeS8wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9i
+YWxzaWduLm5ldC9yb290LXIzLmNybDAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpj
+move4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEAKQHfm4Vd3LNlJDsiD41E1M93XoAQ
+W+SPvs04Kfj8HHBjXPpICm7kcy3laqzOeQNWn+gCeQ2xJ4TquhlLRsfZWX/MjJ/5
+SRYFe+JbPMvLj+ewJFRX8bk+eR6jZPkkMLs72sTpOfqB8h+Cr5jyZpiSCnBjY5ib
+a/gTRidSkwkSZPJfJn1Ph0Emcqzg0wkGdWR9f9xccCkQm7XnCIs7Bn+jks4J0cyo
+MXMfnuQ77WlJi4TYky9HPE3m85frRZWbZS1LcY+QMLy7giEPvGMiNCiIKJq5X6f1
+/D385PMbJTDR6VrpES3q4asOHcU72qgkNf9e3xvoeTtBOV63hjlLjwQ5NA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEZDCCA0ygAwIBAgIIKSY1fqXKEz4wDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBDb21tZXJjaWFsMB4XDTEwMDQyMjAyMDgwM1oXDTMwMTIzMTE0MDYwNlowgYox
+CzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEtMCsGA1UECwwkaHR0
+cDovL3d3dy5hZmZpcm10cnVzdC5jb20vcmVzb3VyY2VzMTYwNAYDVQQDDC1BZmZp
+cm1UcnVzdCBDb21tZXJjaWFsIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkMcRZDNB2BlxC7SlYaCkiA3eTcQRh
+Lbri5nbZZZCtm+jJtbBkyv/JjszLZrf6hBtJK0Q8Xx4UDAY1SeW72x/DaLCqnrg2
+WG8kKO51ksSZ4/261CXicikFUolHafc6nsMuOLCfsmY0koB2yWd1S2m/ZmswQh0S
+RxnT/y3zijCrlMXIqNcDWDr3VMD4FcUKfxcQW3kUL4soFDAVB9TnmZiRIAZ/duRX
+Oqwslo5t3hu3MgKAcLw/r3dvJKrE+GLvVUcn/s0TuZEu07Ae7g/lQ6Qvrosg0f0Q
+Yej3ajaxhD0EylFgaY4/xz6Pmm1WLqej7WlINr0PmFFt9B75Yst53/jVAgMBAAGj
+ggERMIIBDTAdBgNVHQ4EFgQUpqEXuOwGuj4hWo64KEDhUS1EJtwwDwYDVR0TAQH/
+BAUwAwEB/zAfBgNVHSMEGDAWgBSdk8ZTi17Krz+fHg/lmZW8JPaUjzBdBgNVHSAE
+VjBUMAwGCisGAQQBgo8JAgEwRAYKKwYBBAGCjwkBATA2MDQGCCsGAQUFBwIBFiho
+dHRwOi8vd3d3LmFmZmlybXRydXN0LmNvbS9yZXNvdXJjZXMvY3BzMEsGA1UdHwRE
+MEIwQKA+oDyGOmh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1U
+cnVzdENvbW1lcmNpYWxDQS5jcmwwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB
+CwUAA4IBAQBflRDNkvlBqqBeuz162g7ZCP7rRFTIvHCHAEp5XNmxk9gF6ESZPFrD
+sXUK2XiDSBT6sxUqL0+NqdFPO56zsLXFbbHH5wePFwTFnirj7pipnjUhWHsxhnjY
+pOjtCr92aJugW9LC50tK3quty3hBaKQcWQRz1aJYdpoVXwzQcD+uwZTOPZ/Z0qFm
+qDTNKGsoa0cgYhEbSkzA+2JRQhqzoGmMyGiNjoJZCmyZwqEl38/zgY4Fzp7q/DkF
+mDwF7T224Ha+ciKhsSMOAiuOIZtdlZqNowNVeDyy7I9K0g/jerIZ0vM19FOZgXES
++779pDAlZh2PHOXxsUrq56T7iA8DQuza
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIIYxv5DIqwLIEwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBDb21tZXJjaWFsMB4XDTEwMDUxODAxMzY0NVoXDTMwMTIzMTE0MDYwNlowgYox
+CzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEtMCsGA1UECwwkaHR0
+cDovL3d3dy5hZmZpcm10cnVzdC5jb20vcmVzb3VyY2VzMTYwNAYDVQQDDC1BZmZp
+cm1UcnVzdCBDb21tZXJjaWFsIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkMcRZDNB2BlxC7SlYaCkiA3eTcQRh
+Lbri5nbZZZCtm+jJtbBkyv/JjszLZrf6hBtJK0Q8Xx4UDAY1SeW72x/DaLCqnrg2
+WG8kKO51ksSZ4/261CXicikFUolHafc6nsMuOLCfsmY0koB2yWd1S2m/ZmswQh0S
+RxnT/y3zijCrlMXIqNcDWDr3VMD4FcUKfxcQW3kUL4soFDAVB9TnmZiRIAZ/duRX
+Oqwslo5t3hu3MgKAcLw/r3dvJKrE+GLvVUcn/s0TuZEu07Ae7g/lQ6Qvrosg0f0Q
+Yej3ajaxhD0EylFgaY4/xz6Pmm1WLqej7WlINr0PmFFt9B75Yst53/jVAgMBAAGj
+ggEPMIIBCzAdBgNVHQ4EFgQUpqEXuOwGuj4hWo64KEDhUS1EJtwwDwYDVR0TAQH/
+BAUwAwEB/zAfBgNVHSMEGDAWgBSdk8ZTi17Krz+fHg/lmZW8JPaUjzBdBgNVHSAE
+VjBUMAwGCisGAQQBgo8JAgEwRAYKKwYBBAGCjwkBATA2MDQGCCsGAQUFBwIBFiho
+dHRwOi8vd3d3LmFmZmlybXRydXN0LmNvbS9yZXNvdXJjZXMvY3BzMEkGA1UdHwRC
+MEAwPqA8oDqGOGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1U
+cnVzdENvbW1lcmNpYWwuY3JsMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF
+AAOCAQEAW76fwA8wBjh0wBk6KcxkZPPh3jbzi2OT9KqisljK0ZOpUQI+sgHydjy7
+ecnNwdVtFp7acdOdcIPnREVVP6q7LggsdReN9/SYZAxQgTaBQGhTXJn1e0ZrklZ6
+tTpWn8IzfUkYz0PJYtiZJ9okjENaIYQ3xK9Iz+n3wJaYs853+nql6ONXaJu6Db84
+6aWZB8abJyeo1gfYr3W/0iSV/UjXFXmjaGzPmWgEWxSXsEtOOvSe+oknn/Z/L9B+
+3xcOSPAJ116rknMiK/vag3aD54JzxVdjmwDKjsnYeQ6JGO1WVDyPzRYbEXFtkaFq
+3cG6zepDXVFb2Yzu4cd+io0d4qPU+w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIII5AVx/Z4gEYwDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBOZXR3b3JraW5nMB4XDTEwMDUxODAxMzkyNFoXDTMwMTIzMTE0MDgyNFowgYox
+CzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEtMCsGA1UECwwkaHR0
+cDovL3d3dy5hZmZpcm10cnVzdC5jb20vcmVzb3VyY2VzMTYwNAYDVQQDDC1BZmZp
+cm1UcnVzdCBOZXR3b3JraW5nIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/c8jCGiQh9gbKEungIHBYD6CzguTV
+o10soL09wMKO10oeYbh3c/J1Gt6R48WBxosjPBp22jAfLW4xofy6rUtqTVhH6CjV
+O8mhBsKWwkZ67G+85SrYgHAbcYHJRGm6ietIvZfirwyxpap4DIiSQCxD571X9zaI
+hY7y7V5eTDbkkUSLKOdBrrCnCJ3bPwsgQe8UR3OZeDTTkm5eErhf6F2Vo+y764Kr
+HL+21xT7f0Lkt30kBCoBFzBAOjtbN3yfZsjNQgYleVv6dOtz4ssju8I234M/9qiv
+n1Ebxom3up5uSAhL2bL/2ddPfeMWlK+sTX/VcsTkztZkD6C71RrexZiZAgMBAAGj
+ggEPMIIBCzAdBgNVHQ4EFgQUffiyTFQlCF1tJ8mrKwHDNXB5gGQwDwYDVR0TAQH/
+BAUwAwEB/zAfBgNVHSMEGDAWgBQHH9LnnNrCbqJAtLB6UBBQdMTIvTBdBgNVHSAE
+VjBUMAwGCisGAQQBgo8JAgIwRAYKKwYBBAGCjwkBATA2MDQGCCsGAQUFBwIBFiho
+dHRwOi8vd3d3LmFmZmlybXRydXN0LmNvbS9yZXNvdXJjZXMvY3BzMEkGA1UdHwRC
+MEAwPqA8oDqGOGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1U
+cnVzdE5ldHdvcmtpbmcuY3JsMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUF
+AAOCAQEAAEDMyUi9docIPn2K2htcTCFRShOwzyB+xP65pMDqn1o9jx1Hl9eqgfhl
+9wp/LRoAh+mH+xyELI0jy7Cm5A/Thuwgl6200SMW8UW55ab8FErksIj/gVYF+FBq
+c46J7N3TS/1Ml7YmnlhZXB579/IeGtJjwXGdD09SQ5Ha+LNLpPsXspaY8Kdi8iBe
+csfCmgK5ahfSh800qnUQXNFfsrzlGG2DdIxzHsNCt8IaiFa5I0eIEuxKi+6wGh3O
+61kzf2GAN9RlTNKXaNskxVL/TP23FsKw1kkm7pVsIUl4Y+g8VOaM/OJPjkB3s1/+
+kKS+QvtvB4lgd9zC4b2mf48fPcEXqQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWTCCBEGgAwIBAgIIC8/PN1nC9YYwDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz
+dCBQcmVtaXVtMB4XDTEwMDUxODAxNDAzM1oXDTQwMTIzMTE0MTAzNlowgYcxCzAJ
+BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEtMCsGA1UECwwkaHR0cDov
+L3d3dy5hZmZpcm10cnVzdC5jb20vcmVzb3VyY2VzMTMwMQYDVQQDDCpBZmZpcm1U
+cnVzdCBQcmVtaXVtIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQDIJKKCLrO1P8lH9elhDSFnhkVZBtV9stJEkM6M
+S4RQfyGJSYZW0r8tzUAoUaLhI2P60R8Y2Dpofzm78QfvDVcleGSCcfaPf7BElECA
+eb7bNg5ER6erP99pwDXyKs8nh1gCZrvTQhqZY2Ezi9g/SpuE0NhhudBFrGssaRQU
+tyHijlx5oHgq1yGhZ7cP0Zr6ulGIV8sGvq423NJUsjmt7iNFVEwyBKsmBGMnw3fV
+371mfxbZQkmNpOY93qOzRzr+3yRnwV9tqh6ZwJ7g7naBqMKpZnSIwd+1CxkrZmYA
+GW6tLoIUzz57JA/LVEZb/5NFCQvodE+/6SeTfgl+v8XWXFoK2p57/D90gv2cMjVX
+QW7b9DD1INaNg+NLXxqWiozzxWte9S3IjJA7Cf7D7uLqFPMyBD8RqGN1u2h/DUnK
+UQL1dFy++Yovl9chQ67Ga6Ma3x1TVSuCf/gElTGBPzEFenbRUirlgK3n5/XxWe9G
+BA9ZjQiAkE37+6U+smEossQyEyy/qbBQuwZ9qy6fXbxYJLK5zm2HbxBONOWmWS8n
+F6aeUUI9D+WU0M0L42xAqdnSm60N2KKAdykGuDjZsIgQ1bxEJdGOYdw3seVuB21G
+6arJZfhnbtwptgfTmtxH0yLgKQDf+t0RWuIw2S79uhOYBqQ3oDypzFiWa14HD3c8
+BdQjfwIDAQABo4IBDDCCAQgwHQYDVR0OBBYEFLzdRrvkokL9idHmeR/XHkGpR/tQ
+MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUncBnpgwi2Sb1RaumZVIRJ9hF
+rGMwXQYDVR0gBFYwVDAMBgorBgEEAYKPCQIDMEQGCisGAQQBgo8JAQEwNjA0Bggr
+BgEFBQcCARYoaHR0cDovL3d3dy5hZmZpcm10cnVzdC5jb20vcmVzb3VyY2VzL2Nw
+czBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3JsLmFmZmlybXRydXN0LmNvbS9j
+cmwvQWZmaXJtVHJ1c3RQcmVtaXVtLmNybDAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI
+hvcNAQEMBQADggIBAGaBPQsQqKcobhd3QAn23t9MBfZyFhWXW9bhZNSiqESK7lGw
+pLT7tb+o7dXJjNMgr3kZTGL1MyTXMPjp6a1S2ZdCkKBrdw/LHGkkFFvJQKDwYtmw
+HlJHXnvSvo+pHlCXeUsnnvGGN1uO8vN9rP59LEyITlbWP0sdSJ1MJkRk7aRVcIWn
+g1/EYcTnOu5PQx0PSh33666iNSMixmUf+auyF5hF3kzu9o8KLbSb1wsR7ThzhsoV
+NIpStx6rEtlFFOpR4oLa7neZPv2DqH1DNLstKs7KsOLMrgxN6vCO4L+I+EpwUphG
+lveh+/5GXNZnEpK4doWLA0zDvyHo84ktk1p4zqOt3MXtRjNWz0HXHVQ0Acgxg6G0
+NTGooZ36WUwXuTpmhcpXDdF2fSQCSqitIPZpkyj02s3DEEtMf1yiDDd0Q62XAMb7
+yAdT2fksZ93iO71NWhjhgJwXvf0X/RrjFc7XnfDuS0pZKb8MAQilJGtDS8Yp92fZ
+YUEPdojmR74Nz2MS9QRNUivdJdFnC4eiOYrRo1IhyONDe3EAo8XkAMi9I/ctcF8m
+9jz3BKiLFDnVYi6S/3GORGXzjzPItz8YGAei8cIZckK1mVUUBHdynZ7Z5dbk7oHA
+Md/n6P40Xc0dTJuNbchtXb/3vzz3wc/CxZsM0/56vxX9F+yh1AU/XY56z3Io
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDFTCCApugAwIBAgIIEHyqEuzWjFQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC
+VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ
+cmVtaXVtIEVDQzAeFw0xMDA1MTgwMTQ4MTRaFw00MDEyMzExNDIwMjRaMIGLMQsw
+CQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxLTArBgNVBAsMJGh0dHA6
+Ly93d3cuYWZmaXJtdHJ1c3QuY29tL3Jlc291cmNlczE3MDUGA1UEAwwuQWZmaXJt
+VHJ1c3QgUHJlbWl1bSBFQ0MgRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQTB2MBAGByqG
+SM49AgEGBSuBBAAiA2IABMG7lpQW6KCRa0F08QvCChRc+0tN9z9QbOFDq3X7/2hS
+4oCHzgAa2TAGTAb/yysYV3AIZwxcN19DmfLueos35w3XHxshgH6HadrmPmAgF5it
+/izFoUJpCsesqECqTiutuaOCAQ8wggELMB0GA1UdDgQWBBQBBy+KEywCDqBYBkui
+pr4IIn8mrTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFJqvKXrAETU1JlEw
+AMNq/kDVrtY8MF0GA1UdIARWMFQwDAYKKwYBBAGCjwkCBDBEBgorBgEEAYKPCQEB
+MDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuYWZmaXJtdHJ1c3QuY29tL3Jlc291
+cmNlcy9jcHMwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5hZmZpcm10cnVz
+dC5jb20vY3JsL0FmZmlybVRydXN0UHJlbWl1bUVDQy5jcmwwDgYDVR0PAQH/BAQD
+AgEGMAoGCCqGSM49BAMDA2gAMGUCMDUYefycOkhRsHyEzock1Azmya7m+kzA+Hfw
+At7oMsYdOwnNx3sWY7BIm3Z/ZgSxdgIxANDKKBAEejiRfvdjaVa842m5ufhj97oY
+592o+UBODYMQ7AE3YnFxDfW7OEh2g83eow==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGbzCCBFegAwIBAgIQAKZAQ5cBE2dWe8qWBnpU7TANBgkqhkiG9w0BAQUFADBJ
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQDExpT
+d2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjAeFw0xMDA3MDUxMjEzMzVaFw0yNTA3
+MDExMjEzMzVaMFcxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcx
+MTAvBgNVBAMTKFN3aXNzU2lnbiBQZXJzb25hbCBQbGF0aW51bSBDQSAyMDEwIC0g
+RzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPWbTxjDlowAYuwPYj
+IVxIyxypG3ub1VcX/9H4235YhTFEURY7r/qjL6vwrm1LvZjdRhGn7VKXRuaSQDCx
+trFfNb1/gh2pgxcWzNyWK9l6SUdLwlK7FjKANGu3TSNOlJ/Z/tRbM3Fe2HZ6B6FS
+Bp8V2Y+G7VZ/TkMXpuxJLe4tIayBWwf4d37uTaXmvvjNLEfEZW79fa1Qg9h+fytr
+PPME5MbEXpjCqkgC3oKR5MsZaMV0mfsdsr5xFFXxbXssicwOwS/fLgEe4EglvL+v
+iU7sjAkSbwV9Bb0J97UJvl3Lkn1jIlmGHYzWbx9JOwVRAjlPubcXj0xPsPPhPIlE
+7wYtAgMBAAGjggJDMIICPzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUStQ7hu8QU46v5Ex3WUeC/QARdogwHwYDVR0jBBgwFoAU
+UK/MB4cVR284xbRl0d6VqunfnMwwgf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDov
+L2NybC5zd2lzc3NpZ24ubmV0LzUwQUZDQzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5
+NUFBRTlERjlDQ0MwgaiggaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2ln
+bi5uZXQvQ049NTBBRkNDMDc4NzE1NDc2RjM4QzVCNDY1RDFERTk1QUFFOURGOUND
+QyUyQ089U3dpc3NTaWduJTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0
+P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwYQYDVR0gBFow
+WDBWBgRVHSAAME4wTAYIKwYBBQUHAgEWQGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNz
+c2lnbi5jb20vU3dpc3NTaWduLVBsYXRpbnVtLUNQLUNQUy1SMy5wZGYwdAYIKwYB
+BQUHAQEEaDBmMGQGCCsGAQUFBzAChlhodHRwOi8vc3dpc3NzaWduLm5ldC9jZ2kt
+YmluL2F1dGhvcml0eS9kb3dubG9hZC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVE
+MURFOTVBQUU5REY5Q0NDMA0GCSqGSIb3DQEBBQUAA4ICAQBZiJ342eaawsEV3jtv
+keLC59c779N81fN78DAmepdcXjwGaHn6Zo5QCCIdJZ7dqfGiRUnfVT1cvV5ISinx
+kkJPHMBschmJpNCUVmXuSDVHDMblcqpt4SgkMx9wR3NbFqi2+NggudCLHP5tK7sc
+sglQn0+uC6acAUlcJUGfe9q1YydcLHq5SLvKNPX2L2aaAIEdHOfmWq2AwlEKEiSq
+M30aM5ZOs5pdoRV+laHv5vlBLoo2iT+X4x7AkZW+I+M6VqTTF1XAsrhmeg0sIl72
+isDv27cbcQRR7BCVq1n0yvSqx0gIO29FT3U+CoUSJlDKLZbOidjkmhCGNx7SUE/r
+FgykHhNiVRE9yolFopyhywKCB/5NjeG4CjCiZx57JDvPLb4maxQi3mGPeTB8x0DX
+4jGH2/V0G+BYqBYyGH9JWXcFOoF5VG6zKFHjwJEHoDIGpxasjhnXZSQ9lFeZ5FlI
+kiD5H0DvrvJZP5W+5Q/gBjSbC8BE7LtxBB9A62qFSMC/3jwWjl4o53x6mOgrZ5gb
+z35mW0WmU3kKRYYa5XzR4kwqwO248ZuQPf8wm/7V3pSkv4b2YDoDFbgA026LHycc
+X7Pw/V+aKpYNuG0MZrn8fw8wNMsTXhyObOH3EU/+lBqoUNSiy10GAabhwD4dCU6r
+nxY8lNMfBYFnBfKPhDjtlL6jpA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHQTCCBSugAwIBAgIQIUXI2bEFUA5MvqVCVTrywzALBgkqhkiG9w0BAQswODEL
 MAkGA1UEBhMCRVMxFDASBgNVBAoMC0laRU5QRSBTLkEuMRMwEQYDVQQDDApJemVu
-cGUuY29tMB4XDTEwMTAyMDA4Mjg1NloXDTIwMTAyMDA4Mjg1NlowgYExCzAJBgNV
-BAYTAkVTMRQwEgYDVQQKDAtJWkVOUEUgUy5BLjE4MDYGA1UECwwvQlogWml1cnRh
-Z2lyaSBwdWJsaWtvYSAtIENlcnRpZmljYWRvIHB1YmxpY28gRVYxIjAgBgNVBAMM
-GUNBIGRlIENlcnRpZmljYWRvcyBTU0wgRVYwggIiMA0GCSqGSIb3DQEBAQUAA4IC
-DwAwggIKAoICAQDrsp1NSv8Un9VoFovUEmCabq7yhqgSWTR6x3N6h/vSywo491fK
-+t09Y9FB0js/j8S/azt/TKd7SOU0mlvTDTV2hSIBp6ah2VShUuYHy9OBbMDHtp5N
-GBHMx+di4TV/dsH4x9FtwH9FddFDXtuVXaUpQpQVtusYwgkn6zUx5OH7KBgNoo7G
-C7Vt+MAcLrNxIkMuKjKVkQfZagX+zcJBstVXwVvJrOGPidnrG523Iu4QN9KvdNCO
-AUtON4F1U1eS6CdGeuDUrQuibCYTPWk7en+wk57Yqjikig2DYXWj19k8WTXj9AxA
-izXpZgXgv7F/RyDI+Yt+DqsPFVH76HD529wU9zQ2zY+cky49eGG/HAGghXFerKUo
-EJ0M54N9tnCUDFSIAh67T0iAf0sVdyougUhtPxeDfj6mPlr23/icHpJMcRrfPfY1
-K4uV266hkt9fgEhEbU3/DbMQ6OkJ8xoloDMbLMHBKBy8kj1tTFBt6Ca1dGH+7+ng
-JKIsM50pIWbzZu814I2YoVgEtNJcvCmWdY8AvIULDO6IoGs0j4IdLQmphY/R/7VK
-Fda/S8Xg52NY67N+IQdPTbmpNxYqcJMM4tC/OnODWv+FSdBFo8gbzJIV3pdFOKCe
-YEX1QopHiBQucaBajFtzN4gmj7YZ6fLQw6WV0JBDr5hQDDzvctHYUjP2xQIDAQAB
-o4IB1DCCAdAwgccGA1UdEQSBvzCBvIYVaHR0cDovL3d3dy5pemVucGUuY29tgQ9p
-bmZvQGl6ZW5wZS5jb22kgZEwgY4xRzBFBgNVBAoMPklaRU5QRSBTLkEuIC0gQ0lG
-IEEwMTMzNzI2MC1STWVyYy5WaXRvcmlhLUdhc3RlaXogVDEwNTUgRjYyIFM4MUMw
-QQYDVQQJDDpBdmRhIGRlbCBNZWRpdGVycmFuZW8gRXRvcmJpZGVhIDE0IC0gMDEw
-MTAgVml0b3JpYS1HYXN0ZWl6MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
-AgEGMB0GA1UdDgQWBBSmzmlpLqYhNTs6zwrxLj8VrBmQJzAfBgNVHSMEGDAWgBQd
-HGUOqPIle7SRz+Sxsea9VXRsBTA6BgNVHSAEMzAxMC8GBFUdIAAwJzAlBggrBgEF
-BQcCARYZaHR0cDovL3d3dy5pemVucGUuY29tL2NwczAyBggrBgEFBQcBAQQmMCQw
-IgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLml6ZW5wZS5jb20wMwYDVR0fBCwwKjAo
-oCagJIYiaHR0cDovL2NybC5pemVucGUuY29tL2NnaS1iaW4vYXJsMjALBgkqhkiG
-9w0BAQsDggIBAFZbnUynMHy160SmlSeI7e9v53+gjivC9szYB+TrCQmFRccjhP8d
-sj7T7ymqOEJJajFEIJkmybyVwgfaqZvwr+Sc4owsuTkNtlh8tzTO6VYUbTWqPBEF
-kA0FeiG94N+36b7iUj4OrJK7W9vsGBZq7KIELy0ExQVGd5wTi4mV42LRNQyL4qw1
-sZ+aDVPNVqYpFkWKv1iULQfNwEcWXsg3sn/AmwQeEiRfcSqho5Ab+zh2TQQngxv0
-/jH/w1jz1LwzMgR326b7uYwQmvsdkGzfF730xOjBrd8pqUfnnUuUGwbzhpLXaTUI
-OiChz34iHkN2k77X/Jb/Iw0EeZ8JdzbOrd4XniVkgznAhmxPuHV0LisgdE4gMtby
-3GZObqSOpOpodKIIBU13Adw6jwGHylcI10nd0tG04BW0L7Pu8zuPndCp6yEVQDvX
-XdaECVGaSmVcyb816U4hgwvLeAcC+jNmQPbgVWVqM5dzrLZPMIawdLwPWeon5pV7
-7s10Rcjs+H1ycfgMzmIkZFKvvYRYGBIwH+WjLOb66Vmh2SH414mCbF3itfFXZ82l
-Jwsr95cbv87G2hx+2pl0AL8M5I7gpVWk3PIm5pYZua4pnbhWHPX1JiKlwFu7iHz5
-+DLrLExocXSogjO+EcR4Gc6j9tl9vDV8MK7uVw0Lp/OG/Zy/+g1XDaqd
+cGUuY29tMB4XDTEwMTAyMDA4MTYwMloXDTM3MTIxMjIzMDAwMFowgacxCzAJBgNV
+BAYTAkVTMRQwEgYDVQQKDAtJWkVOUEUgUy5BLjE6MDgGA1UECwwxTlpaIFppdXJ0
+YWdpcmkgcHVibGlrb2EgLSBDZXJ0aWZpY2FkbyBwdWJsaWNvIFNDSTFGMEQGA1UE
+Aww9SGVycml0YXIgZXRhIEVyYWt1bmRlZW4gQ0EgLSBDQSBkZSBDaXVkYWRhbm9z
+IHkgRW50aWRhZGVzICg0KTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AN+nfomB85viwoOjLpT8shBiWUJWJhRoGzHd6yz/6O0ZK9bHrbRdScXLclUA/TnI
+d2tK8D2WX4LacNQxFap+ZNlXVyORDE6lqDY/3WQg6I2yPGjeCtnJUo3gGUqe6JLg
+HqDPTemdbtzu3ICYfgYQ43SFM/NNQRbeBuJn68rkITxsj/x60lPsFwCYLDg+TqjB
+ZSdVTOvjO1rO8+JnVsdnjW9rrpSiubY1Dber/dnWntCg/CWSZg8BXhdAW8N/etZ8
+suOTwnKbOTBNOIu2lWDr7JsqtQxViDkBlZCIRnfffn8oQzNLPpOUNbQM1HiwnoEu
+T8i9xK1XNoJV/W9FKl7xSNJXyrOPgstGd6swXcnsMCufnncXUlBcLP/5XNeFX1sz
+Yl9bXPOjhFLhRAQUzXjGY72wCMUV8p63g5z0pTHpNCVmJFDR6ionKEtU0zvqAfZn
+dLuoA+wzaUJGss0n08It4B7E02EVjl/j4/9llooFu/rGIkjk200cZq8V3vFsUbEi
+vbs/s4quEXMBePOFkOS0mcKM8b+dcinF/2B5/38Xfz2Zry2w91HzK5F7CovDeVQP
+r3mOiVH3tfzd+QMZg8qw3pVHub47BjqgujPy74C6BiCEaijtr9vgvsePaC3sG1Zy
+ZK0ISBbWZkvglvXcyQoCxNAT2GuBU4rGyM6eXDJXDo85AgMBAAGjggHZMIIB1TCB
+xwYDVR0RBIG/MIG8hhVodHRwOi8vd3d3Lml6ZW5wZS5jb22BD2luZm9AaXplbnBl
+LmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBDSUYgQTAxMzM3MjYw
+LVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBBBgNVBAkMOkF2
+ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAxMCBWaXRvcmlh
+LUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O
+BBYEFKQXHU5l1++HlS5/jrh1ywWL04x9MB8GA1UdIwQYMBaAFB0cZQ6o8iV7tJHP
+5LGx5r1VdGwFMDoGA1UdIAQzMDEwLwYEVR0gADAnMCUGCCsGAQUFBwIBFhlodHRw
+Oi8vd3d3Lml6ZW5wZS5jb20vY3BzMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcw
+AYYbaHR0cDovL29jc3AuaXplbnBlLmNvbTo4MDk0MDMGA1UdHwQsMCowKKAmoCSG
+Imh0dHA6Ly9jcmwuaXplbnBlLmNvbS9jZ2ktYmluL2FybDIwCwYJKoZIhvcNAQEL
+A4ICAQA3qh2Msr3tOt6jPt1QYuv8ecbxkHCuxvqnFQSDbp+dRnd5GKJN45emgOkU
+GKQ6Aq68VSO7060r6PuE0EZKksH9ryRu8x9hSEVSPvgelC95ITxstkM7M39xc1QH
+tBxkqyHtooDIY3vySOcbFy0AAo/HfSr8HoJJjlDm/Q5MROKvpTBtOhoqLkTHe1uf
+DtrzZsaCiaozmakGgMDSpipCqI9dLNzdvaXyEbt1gIDIiiAjGv4p/ihJyYxJz0Li
+D/4OODQ4tqpdvtt6a1lL6BHwoahjaF+5N+/gUlNYVcSDrMOCKBIvg2hmj0lt/UaL
+nxoL63+D0yAQexCBal3me3/sYHL7WgWrgpKNmqYh+eak5Vnbm4YMcGtkbhwL1v/U
+zUe4gykBTgKerzAlGCIMN42HIvvJELCZiCrNPkuUnGwM1gEfkBC5jE9LZizS33OO
+uDhCyrDMRUjnz20BmGwJZ4btNLr5D6/IENsOYWhzfxVIC6t6RgZK9vvBQLqTKVdu
+H8u9Lz0p3IcrKRSTfxRrVUeTJ5rytX24OkijIMplPohqvjpOZ5QiOoY1GPPgumxO
+yFHB+7lbc48S5PB/YtoDSHEqpuYJlz5IPbXURkJkyn1YSdrw2lrB3OORqoOKzYdz
+FArY7jwExjJRvqXTJUlxJ1HpeCZap+lh1m1pH4kd7hxS/bdhiw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHQTCCBSugAwIBAgIQcusrrX2LZeNMvqW/nyrD2TALBgkqhkiG9w0BAQswODEL
+MAkGA1UEBhMCRVMxFDASBgNVBAoMC0laRU5QRSBTLkEuMRMwEQYDVQQDDApJemVu
+cGUuY29tMB4XDTEwMTAyMDA4MTgwN1oXDTM3MTIxMjIzMDAwMFowgacxCzAJBgNV
+BAYTAkVTMRQwEgYDVQQKEwtJWkVOUEUgUy5BLjE6MDgGA1UECxMxTlpaIFppdXJ0
+YWdpcmkgcHVibGlrb2EgLSBDZXJ0aWZpY2FkbyBwdWJsaWNvIFNDSTFGMEQGA1UE
+AxM9SGVycml0YXIgZXRhIEVyYWt1bmRlZW4gQ0EgLSBDQSBkZSBDaXVkYWRhbm9z
+IHkgRW50aWRhZGVzICgzKTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+ALjXOOxJmjkG1L0lIomLiTkQMn+WxJmZ/31IFb6jQkIsa7RwwGPTCkplczdtfwPM
+h285cOMU1A3fotDs1VxqgUmGHoJiBSmDjY1VbLFJ/N9XCywKJfEFmFp2xcaIqtMM
+lu7ObemLsooyBINRO9Kqeuid7SwAEqgICpNtcJioy6Jr508EM5H3gqr1F9LPZGLQ
+bwbZBHsggcW96B0hIstPuWvBqB9IyP3Lg1k6Bzj0CfHLw/8cLwA5tpW1JY7JGZ1F
+bClyv9/MXhKRXpfYlnviMjh/KOGcWhGJpWqnWVR6VW61LYKrE8GHdTc2EykaLhx8
+nLq7X2g1GQlOMoBQ26kpy3VX7LYtJvij4PwljAoDddylgaidkxdtbKIHj57qxZ5x
+GLNvT++85jvnfJSTpaJKR+p5cS6NQzOqZdMye++BXbaaxhZRK3GClaXZde3GoPZk
+bsCQNVJ2/joV+at9jpjoJ+dUAZosJ5Gs9ung+g0vCCFxGPa+F6gC3+Bo8TJ66rd9
+WtUZPiAvjjER8iR2mIZF1LaT/YqKYjA73a6ZbOrZLN+wVL19Od7Ml/WX7YtvWFYP
+mFp6cxZ8yhCxxNZ5qsq8XhySMhzf03PYfVvZmmUjjNyMAVXRnGNtf/hhPrnyCJQ4
+fVKVb3bwuEitaLhW5pzUiqXiGtnj29S443FuvfCLWLFZAgMBAAGjggHZMIIB1TCB
+xwYDVR0RBIG/MIG8hhVodHRwOi8vd3d3Lml6ZW5wZS5jb22BD2luZm9AaXplbnBl
+LmNvbaSBkTCBjjFHMEUGA1UEChM+SVpFTlBFIFMuQS4gLSBDSUYgQTAxMzM3MjYw
+LVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgxQzBBBgNVBAkTOkF2
+ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAxMCBWaXRvcmlh
+LUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O
+BBYEFOyyBPaRvYtSOAaz9AB/sTfbvFGXMB8GA1UdIwQYMBaAFB0cZQ6o8iV7tJHP
+5LGx5r1VdGwFMDoGA1UdIAQzMDEwLwYEVR0gADAnMCUGCCsGAQUFBwIBFhlodHRw
+Oi8vd3d3Lml6ZW5wZS5jb20vY3BzMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcw
+AYYbaHR0cDovL29jc3AuaXplbnBlLmNvbTo4MDk0MDMGA1UdHwQsMCowKKAmoCSG
+Imh0dHA6Ly9jcmwuaXplbnBlLmNvbS9jZ2ktYmluL2FybDIwCwYJKoZIhvcNAQEL
+A4ICAQCXEEinKwcz6xbNrUXfecjMeko7p+taEj1dwTfURUFTQmzwn/oaBWK05AdK
+pJJdCDgmEtYJEz9HV1oaH5s8Ur07O+qbl19AGX+LGWZ6hRYQ17J/c4hsq7abYhGz
+XVHslI6cVQb2If3lMsZkKU34DAndyS0A0yvQMDwX5f1NDUwrPnyj1xDZOW3QbKwu
+BU+N1/kEbu5ldJGSylNud90QfFeUEJ9YhQf/zQe84YtZ6PZo7yG0CkFislN33zEE
+DuNODzGSng27sSa39HcEX8R5YdoAdNfL6zBJD6J7bnqKl2rBXLhM8lRh7Az9DMAa
+SaJZaXx6NyC5Zwym5zXlAOkkgfDGrDUkux9EzcPnXPRQEzvphsizxwXROq27wSTU
+0TM1xqU6oShqeqj39DC0dZWx1XgbPc+87iHQftxIfYI9dgoLYhqvSHg3nSezcpdk
+WSxkyHZYj2eBVSjNf1BmNC+g6QgJ5lAODmD3tlCFe7WssIiSRKaZVYesj8wmF6db
+ux4i8RryZR1jAEiLOgGu0s0r37OfMBQOPOqbDiQqyNa4fF3LzGrhjuI/R0XLVn6T
+rV1RBOnLOZTqrCBRcAT8mx0vPe5GkxBHjdw0S5NNaYUM+wWcdRp7eFM6gOFfjbsK
+SDZDdY4JZgXHxUFeQzNuRt/OBQKy79h+TECcVHzS/i3drHsG7A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHPzCCBSmgAwIBAgIQaTqWZ4PiO99MvqbQ2VQ/1zALBgkqhkiG9w0BAQswODEL
+MAkGA1UEBhMCRVMxFDASBgNVBAoMC0laRU5QRSBTLkEuMRMwEQYDVQQDDApJemVu
+cGUuY29tMB4XDTEwMTAyMDA4MjI0MFoXDTM3MTIxMjIzMDAwMFowgaUxCzAJBgNV
+BAYTAkVTMRQwEgYDVQQKDAtJWkVOUEUgUy5BLjE6MDgGA1UECwwxQVpaIFppdXJ0
+YWdpcmkgcHVibGlrb2EgLSBDZXJ0aWZpY2FkbyBwdWJsaWNvIFNDQTFEMEIGA1UE
+Aww7RUFFa28gSEFldGFrbyBsYW5naWxlZW4gQ0EgLSBDQSBwZXJzb25hbCBkZSBB
+QVBQIHZhc2NhcyAoMikwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDV
+8HtuuCAU8strFZHCqPk7F2zZbjpzHhdTJjoQ+VHAINei19bWmTmM90ehlzjQKsy2
+vGgLT5Z6feJpx687p6aNYvMW/gvtrkvgyTd0TQJn/xO69VYcUwrCriA+zT4QZdRK
+fS7op9cO/tn1Smph3IvlLxyf5MYcDHXyix5PYaxDf8j4QJ8AeAx5lQNUMn6rhq5t
+C8Qx44IDvX6PIhqxPk0tXjJWbVFWXpewRDNhLYnnzQI4keDWq+BwUwAin0jx8Pkl
+Iru5t9pDTraMVuqzfwt8hp19YOo/Lz0vf55E+BH4DESdeiTDkX3QGHcj946XqJ/8
+3UZIAHyMcBBSIRu+RaWGU/uYz/CnM7cyS2espqh355VL8nARms8UODLn8YTrfnJl
+dcXHK2PYzRi9MibuI0YHO+MyggX86OJmToZT3jim2jrrO1+qSqrlW3hb3eSoNfYs
+tISKGALyoMo03ZH5U1lK2a5LAPHdOCd88GNFg08cOQpyi3S3TEm6wO7lvM91zXDQ
+wjHH8EYoQjaXyl8AaP0PrBI2HzJBGNnvaRgOI4kzJ675sLIry6hAF0ExVjJP9qKG
+ISZnwpwynAxlrAFb5NlK6h2IUO7DPO8pWT1c8CxEu9VOp5m4dCUUkoDfguRfA6hk
+UmzU5Vu9j1VPpAN2X7wGB/4CffyrqcEFe8HuaY6BLwIDAQABo4IB2TCCAdUwgccG
+A1UdEQSBvzCBvIYVaHR0cDovL3d3dy5pemVucGUuY29tgQ9pbmZvQGl6ZW5wZS5j
+b22kgZEwgY4xRzBFBgNVBAoMPklaRU5QRSBTLkEuIC0gQ0lGIEEwMTMzNzI2MC1S
+TWVyYy5WaXRvcmlhLUdhc3RlaXogVDEwNTUgRjYyIFM4MUMwQQYDVQQJDDpBdmRh
+IGRlbCBNZWRpdGVycmFuZW8gRXRvcmJpZGVhIDE0IC0gMDEwMTAgVml0b3JpYS1H
+YXN0ZWl6MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQW
+BBTGr5ZoUL5voeUU3Lmdlz2Nc+d+mjAfBgNVHSMEGDAWgBQdHGUOqPIle7SRz+Sx
+sea9VXRsBTA6BgNVHSAEMzAxMC8GBFUdIAAwJzAlBggrBgEFBQcCARYZaHR0cDov
+L3d3dy5pemVucGUuY29tL2NwczA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGG
+G2h0dHA6Ly9vY3NwLml6ZW5wZS5jb206ODA5NDAzBgNVHR8ELDAqMCigJqAkhiJo
+dHRwOi8vY3JsLml6ZW5wZS5jb20vY2dpLWJpbi9hcmwyMAsGCSqGSIb3DQEBCwOC
+AgEAkx3edUCTBGZHCSn9QcOxTT2OvNLgmf/7NThbrPJnQ4FvoowzZ0pf0crubbWl
+lyEKDAPUnEfa9w9JCCj9OYoOdG75TEw588qs1CacrNTZJR3YGzH2JRT63IBrhe5h
+jKyAgWl0YoG0theqQr8ry12sACPe+VJw6MA1/34SZTb3KW/t1Qw8TXSM64ldDp3s
+pfomG51SkE7mh/DYAxr795PZEDvorEox7/TYd2w3rBx1iXmk4CsuCfYnhitbePBM
+JMPuKfQj9Onqvi7cYByM64W9R8dkgCY7604S8C7ZSXDtNHvCvQmMvRPpsuOW7AuL
+GAk7zh2Wz8MtOMMMfBNm/Ff2UUZxirt2JdL9UkmwhDSdeebdH21OJria9tmK/AMF
+ms0YCh+MD+ILaWAudyj9AwDjM5wvzYDCIg2UV2DOEpMq+kylA20s8WmjhsiQ9+Qq
+BETYKtbJ7pGgcFc5R8faSugeM+AsGOhm4I6mUTaqUmdxVze8Swl2Tx/hqm1k77+I
+yowzr274KEMEADm2NHQvubuR8UZPzT4VADcIp6qqeiys7a2+FQCw6E5eX2Y4qbzE
+FN6vnBSzwtOjl5WF/6JdQZj/oPafJ61YkAytx+WLL87xlIvtqYsmpsly5w8iZTz0
+rm5dr147DuTSL2xZwemFBuhEMPh5DW+fzunqqCzxYCyjpVM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHNzCCBSGgAwIBAgIQJMXIqlZvjuhMvqcFXOFkpDALBgkqhkiG9w0BAQswODEL
+MAkGA1UEBhMCRVMxFDASBgNVBAoMC0laRU5QRSBTLkEuMRMwEQYDVQQDDApJemVu
+cGUuY29tMB4XDTEwMTAyMDA4MjMzM1oXDTM3MTIxMjIzMDAwMFowgZ0xCzAJBgNV
+BAYTAkVTMRQwEgYDVQQKDAtJWkVOUEUgUy5BLjE6MDgGA1UECwwxQVpaIFppdXJ0
+YWdpcmkgcHVibGlrb2EgLSBDZXJ0aWZpY2FkbyBwdWJsaWNvIFNDQTE8MDoGA1UE
+AwwzRUFFa28gSGVycmkgQWRtaW5pc3RyYXppb2VuIENBIC0gQ0EgQUFQUCBWYXNj
+YXMgKDIpMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAoIM7nEdI0N1h
+rR5T4xuV/usKDoMIasaiKvfLhbwxaNtTt+a7W/6wV5bv3svQFIy3sUXjjdzV1nG2
+To2wo/YSPQiOt8exWvOapvL21ogiof+kelWnXFjWaKJI/vThHYLgIYEMj/y4HdtU
+ojI646rZwqsb4YGAopwgmkDfUh5jOhV2IcYE3TgJAYWVkj6jku9PLaIsHiarAHjD
+PY8dig8a4SRv0gm5Yk7FXLmW1d14oxQBDeHZ7zOEXfpafxdEDO2SNaRJjpkh8XRr
+PGqkg2y1Q3gT6b4537jz+StyDIJ3omylmlJsGCwqT7p8mEqjGJ5kC5I2VnjXKuNn
+soShc72khWZVUJiJo5SGuAkNE2ZXqltBVm5Jv6QweQKsX6bkcMc4IZok4a+hx8FM
+8IBpGf/I94pU6HzGXqCyc1d46drJgDY9mXa+6YDAJFl3xeXOOW2iGCfwXqhiCrKL
+MYvyMZzqF3QH5q4nb3ZnehYvraeMFXJXDn+Utqp8vd2r7ShfQJz01KtM4hgKdgSg
+jtW+shkVVN5ng/fPN85ovfAH2BHXFfHmQn4zKsYnLitpwYM/7S1HxlT61cdQ7Nnk
+3LZTYEgAoOmEmdheklT40WAYakksXGM5VrzG7x9S7s1Tm+Vb5LSThdHC8bxxwyTb
+KsDRDNJ84N9fPDO6qHnzaL2upQ43PycCAwEAAaOCAdkwggHVMIHHBgNVHREEgb8w
+gbyGFWh0dHA6Ly93d3cuaXplbnBlLmNvbYEPaW5mb0BpemVucGUuY29tpIGRMIGO
+MUcwRQYDVQQKDD5JWkVOUEUgUy5BLiAtIENJRiBBMDEzMzcyNjAtUk1lcmMuVml0
+b3JpYS1HYXN0ZWl6IFQxMDU1IEY2MiBTODFDMEEGA1UECQw6QXZkYSBkZWwgTWVk
+aXRlcnJhbmVvIEV0b3JiaWRlYSAxNCAtIDAxMDEwIFZpdG9yaWEtR2FzdGVpejAP
+BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUwKlK90cl
+h/+8taaJzoLSRqiJ66MwHwYDVR0jBBgwFoAUHRxlDqjyJXu0kc/ksbHmvVV0bAUw
+OgYDVR0gBDMwMTAvBgRVHSAAMCcwJQYIKwYBBQUHAgEWGWh0dHA6Ly93d3cuaXpl
+bnBlLmNvbS9jcHMwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8v
+b2NzcC5pemVucGUuY29tOjgwOTQwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2Ny
+bC5pemVucGUuY29tL2NnaS1iaW4vYXJsMjALBgkqhkiG9w0BAQsDggIBAMbjc3HM
+3DG9ubWPkzsF0QsktukpujbTTcGk4h20G7SPRy1DiiTxrRzdAMWGjZioOP3/fKCS
+M539qH0M+gsySNie+iKlbSZJUyE635T1tKw+G7bDUapjlH1xyv55NC5I6wCXGC6E
+3TEP5B/E7dZD0s9E4lS511ubVZivFgOzMYo1DO96diny/N/V1enaTCpRl1qH1OyL
+xUYTijV4ph2gL6exwuG7pxfRcVNHYlrRaXWfTz3F6NBKyULxrI3P/y6JAtN1GqT4
+VF/+vMygx22n0DufGepBwTQz6/rr1ulSZ+eMnuJiTXgh/BzQnkUsXTb8mHII25iR
+0oYF2qAsk6ecWbLiDpkHKIDHmML21MZE13MS8NSvTHoqJO4LyAmDe6SaeNHtrPlK
+b6mzE1BN2ug+ZaX8wLA5IMPFaf0jKhb/Cxu8INsxjt00brsErCc9ip1VNaH0M4bi
+1tGxfiew2436FaeyUxW7Pl6G5GgkNbuUc7QIoRy06DdU/U38BxW3uyJMY60zwHvS
+FlKAn0OvYp4niKhAJwaBVN3kowmJuOU5Rid+TUnfyxbJ9cttSgzaF3hP/N4zgMEM
+5tikXUskeckt8LUK96EH0QyssavAMECUEb/xrupyRdYWwjQGvNLq6T5+fViDGyOw
+k+lzD44wofy8paAy9uC9Owae0zMEzhcsyRm7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHHDCCBQagAwIBAgIQT9hLGWcHRO9Mvqdq4AgNdzALBgkqhkiG9w0BAQswODEL
+MAkGA1UEBhMCRVMxFDASBgNVBAoMC0laRU5QRSBTLkEuMRMwEQYDVQQDDApJemVu
+cGUuY29tMB4XDTEwMTAyMDA4MjUxNFoXDTM3MTIxMjIzMDAwMFowgYIxCzAJBgNV
+BAYTAkVTMRQwEgYDVQQKDAtJWkVOUEUgUy5BLjE6MDgGA1UECwwxQVpaIFppdXJ0
+YWdpcmkgcHVibGlrb2EgLSBDZXJ0aWZpY2FkbyBwdWJsaWNvIFNDQTEhMB8GA1UE
+AwwYQ0EgVGVrbmlrb2EgLSBDQSBUZWNuaWNhMIICIjANBgkqhkiG9w0BAQEFAAOC
+Ag8AMIICCgKCAgEA1dfQ3DEQllKWjQdltruTFccQzHMYzlpvYQJxfWvC7T7cU/jD
+r56iWo+MZLybgynQah0RWMMkqyFIp9HNxSXiDSQiIaiWWxliuccQUWfEviWHyIye
+DcnUMpuyBO1wQib3B4JtGpujX2O/PLXzj9uyL9LyN18bvjcxzR7/+8mZiJW3MJ4N
+K6CecD+rt7FMPc/lSrejkcG60v+sYrQUxZg4nPKswjOJ2NrZ/L/m9uUa9+BPSZCq
+dBTeeiRoiNBDmLwtdDllMtY2qqxHPrm5amX1T8j0HFouNBRlzAcyjeFSDVHWj3d0
+zt80H8TQwPpREKd9adEE7EWWBAmNXV2YdQ+jH10YCFr3buWCAih0PD/ZriUlYY+o
+nTEkgq17PSxJPqL9HroepaM/G5KVU2FHtq96Hf7opWoBy3aoowHcabUeHkultnXX
+aTfJRNEGj7zpgjdL7TnfyfF6Kq13VnqpmLqpTKOvOLHESIKI7qPsst++K1NGXtQK
+FzsYrlqvkCIFvmDcpdrmqfbIfFSPODVJg19CgrRAahQT3cfX7jEcVBvhzVwG8A4P
+ezbYc+4IcUsiEFv6xyFrdBikhLE7XAzrn9a4EoKBS9tBqPSKEmmtJ0+hFoGH2khH
+YukKx4U0CGVbrChHCwHCV74p4ytfspkMr6Ht/HXlQIJjPwTGQspNssH0rtcCAwEA
+AaOCAdkwggHVMIHHBgNVHREEgb8wgbyGFWh0dHA6Ly93d3cuaXplbnBlLmNvbYEP
+aW5mb0BpemVucGUuY29tpIGRMIGOMUcwRQYDVQQKDD5JWkVOUEUgUy5BLiAtIENJ
+RiBBMDEzMzcyNjAtUk1lcmMuVml0b3JpYS1HYXN0ZWl6IFQxMDU1IEY2MiBTODFD
+MEEGA1UECQw6QXZkYSBkZWwgTWVkaXRlcnJhbmVvIEV0b3JiaWRlYSAxNCAtIDAx
+MDEwIFZpdG9yaWEtR2FzdGVpejAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjAdBgNVHQ4EFgQU1PGqyBSzeD2NtfUdjIajNnl2R+MwHwYDVR0jBBgwFoAU
+HRxlDqjyJXu0kc/ksbHmvVV0bAUwOgYDVR0gBDMwMTAvBgRVHSAAMCcwJQYIKwYB
+BQUHAgEWGWh0dHA6Ly93d3cuaXplbnBlLmNvbS9jcHMwNwYIKwYBBQUHAQEEKzAp
+MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5pemVucGUuY29tOjgwOTQwMwYDVR0f
+BCwwKjAooCagJIYiaHR0cDovL2NybC5pemVucGUuY29tL2NnaS1iaW4vYXJsMjAL
+BgkqhkiG9w0BAQsDggIBADP5qmdcjmwNN7aOxvwVvCxJXvGnfBNNizlHTD81AqgX
+QTQ4hvF14VWjy3mnoXLVy2/403vwek8CawSiUKbJm+RwuPqcO/gPrWjEvBQXusRK
+agi2oW8aF+yqSYsxcbaYjmyRjQ3BIke38oLiv6+GRSJI6beRBoYe61/lxxn7AhKj
+sdqvpiE2w9bWWUNezCfSqi+d74Pk6Q+Or/66o5tXIwOIYmxh6H1nvOtHEhEdqtWb
+iHMu11+a2qJs4zTfw1kSBuKNhkTucUtpo6aqxhFCWqPNkuM/Y5KBbHg4z2yIPTKu
+XBP4DbxAJIDJm3ybKJt93jQGmpA4tvkfzeTvUaDoI4VOkl1ko9OKCb0nLG0lNaHI
+Oij+JgHzKXJC8YvQXVs+NUtqQ741R7Oz0Bw6VCdlU7VM8wp3t1LfuPe00dAubNNI
+qBTbvCN9KaijCpEC5D60Pa4Yx9uiw/rWfuT5t5JCxlLr79AAjJ7q29xVRZWE2LOn
+YqvD4mFYLVUsXXvaX/tt7e3rPAm/KIaj1o71k4m+oXYkdybju9KMCkW71UQqoKR6
+7XnLTN8n99RXlf9klno/eg6QJMuaz0tQ4njdf0dDGtKjwmPEPAtT3eDvAXKacs8t
+etTOeBCj7Bb33fei7IVjxfkmgoxO/OQLu/FpSTBax9p8j4q39e+s+d8O/39JyMvk
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIFCzCCAvOgAwIBAgIBGDANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
@@ -1403,33 +1638,74 @@ AG9sdT/bsH7HDQwodTon/HvMmxt4EiU/1Sjco4Fok9VmSE2UVjIghajbbTSKR3LV
 UuU19x12fKp+htO8L+wVlGgxXb9WvDBNHCe6RmR4jqavmvrAyCPtrx3cXwqGmXA=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFCTCCA/GgAwIBAgIKNBgY9wAAAAAAGjANBgkqhkiG9w0BAQUFADCBijELMAkG
-A1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxJjAkBgNVBAsTHUNvcHlyaWdodCAo
-YykgMjAwNSBXSVNlS2V5IFNBMRYwFAYDVQQLEw1JbnRlcm5hdGlvbmFsMSkwJwYD
-VQQDEyBXSVNlS2V5IENlcnRpZnlJRCBBZHZhbmNlZCBHMSBDQTAeFw0xMTAyMDkx
-NTM3MzJaFw0yMDEyMTExODAwNDdaMIGOMQswCQYDVQQGEwJDSDEQMA4GA1UEChMH
-V0lTZUtleTEiMCAGA1UECxMZQ29weXJpZ2h0IDIwMTEgV0lTZUtleSBTQTEWMBQG
-A1UECxMNSW50ZXJuYXRpb25hbDExMC8GA1UEAxMoV0lTZUtleSBDZXJ0aWZ5SUQg
-QWR2YW5jZWQgU2VydmljZXMgQ0EgMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
-AQoCggEBAMBm3QJR+dIYJ/RKHG5W1vmQKyihHp6dcClZ26FjcNTx/gArnGaJFb3/
-JbC6wbT1pcD5eyeVAgp8Xss0OCOXr6EAhfE+M47JLgNRessR31PVDSEaalBIuMS5
-ZlfcJEZ/AhTwtZ+KtJdp59F1OPL9uYcZSsIFB5eLJy5TlK6rJM6cCD8QBeDW98rH
-2gOY0QXiJkGAn2LRV1TrOOPAkZ5l1fLQ8y9Eb7XaWRC4ycywjkB0Tw184ODQH8bQ
-ToIE3+U62bsUSFg4pkIAouxhyozNyBKHvPXz0MKiB+/QVpBwykEIrE/Mb7C/rATw
-VsMqNKQFdQW1bAfxKFNUz7eJSX/873sCAwEAAaOCAWkwggFlMBIGA1UdEwEB/wQI
-MAYBAf8CAQAwHQYDVR0OBBYEFNcvL/MJ8VYhUx3nTC5IRErahv2YMAsGA1UdDwQE
-AwIBhjAQBgkrBgEEAYI3FQEEAwIBADBOBgNVHSAERzBFMDsGCGCFdAUOBAMBMC8w
-LQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cud2lzZWtleS5jb20vcmVwb3NpdG9yeTAG
-BgRVHSAAMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMB8GA1UdIwQYMBaAFFAf
-MMCTko1xIzg0XLkK9tMr64FFMDwGA1UdHwQ1MDMwMaAvoC2GK2h0dHA6Ly9wdWJs
-aWMud2lzZWtleS5jb20vY3JsL3djaWRhZzFjYS5jcmwwRwYIKwYBBQUHAQEEOzA5
-MDcGCCsGAQUFBzAChitodHRwOi8vcHVibGljLndpc2VrZXkuY29tL2NydC93Y2lk
-YWcxY2EuY3J0MA0GCSqGSIb3DQEBBQUAA4IBAQCUQdq6oMkqXFLyCsBR414TqBzm
-wwIm+3mhKtuqqF35tWwYGgu563j4BsudghXH9sVszMEU1nVs3AxDuC6pezd9MhBO
-2NPjLIv3SbEs8EgHjfuCWskc5ykeXNZZWRkAZDUBGmVeo79d75gZPjljCG8qFloU
-bTC3YKSMA0nhGfgQIGATjAN8fLOA1tF611twFJJX1gdioDougp5cpSPwRJhg4j1Q
-gU7SKYPmBOzSUVtXMRPyv8ZiEO28FONrUWIJZpnphS+tUQdcr8qjnlqnhN7FpEFO
-LaoayrFrWVM0aMgcEjW1Gy7AbAdmkSxi7ejnG6fw1KX9viU2Q2oE1poldDsK
+MIIGIDCCBQigAwIBAgIGSUEs5AAZMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTAxMjI3MTUyNDM5WhcNMjYwMzEzMTUyNDM5WjCB
+qjELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
+b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlcykxODA2BgNVBAMML05ldExvY2sgRXhwcmVzc3ogKENs
+YXNzIEMpIFRhbsO6c8OtdHbDoW55a2lhZMOzMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA8N6/DQoQeT9JT4cyHdV8GAZVUJ5GGDfMMTu9kxSH+Y96eu0U
+6MnytHS2byF2Scsd6L9ARaYvPiHRUBIQY7EcMpO/mQ5W3KykyQoXAlXCslowdAsP
+SfsYk+6Rr5sRvHnVxK5GhLq+n+Ub0ioAiiwucSa4MEreVMgJWu6XFySev553L8kc
+GzYLI3aI5EGIEUcf4cRmY0DoRZM/D5+j8T2gkYA75Qrxp2gVAxZySCH/tKYiwSLk
+syNB5SM/o/xIUaeAJk6JIx1Mfs7m+6nUpT+uGV23QLcU5dCtZlRiuD1brAoZm7kj
+jbpLqwSF7tXHaSFBAfMTKWm2X/Onxrgp8bz0aQIDAKzTo4ICSzCCAkcwEgYDVR0T
+AQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUzPpnk/C2
+uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFEm/IUDzU702KyJlqCYS/+TfcfbKMIIB
+PgYIKwYBBQUHAQEEggEwMIIBLDAsBggrBgEFBQcwAYYgaHR0cDovL29jc3AxLm5l
+dGxvY2suaHUvZ29sZC5jZ2kwLAYIKwYBBQUHMAGGIGh0dHA6Ly9vY3NwMi5uZXRs
+b2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRwOi8vb2NzcDMubmV0bG9j
+ay5odS9nb2xkLmNnaTA0BggrBgEFBQcwAoYoaHR0cDovL2FpYTEubmV0bG9jay5o
+dS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEFBQcwAoYoaHR0cDovL2FpYTIubmV0
+bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEFBQcwAoYoaHR0cDovL2Fp
+YTMubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDCBngYDVR0fBIGWMIGTMC+g
+LaArhilodHRwOi8vY3JsMS5uZXRsb2NrLmh1L2luZGV4LmNnaT9jcmw9Z29sZDAv
+oC2gK4YpaHR0cDovL2NybDIubmV0bG9jay5odS9pbmRleC5jZ2k/Y3JsPWdvbGQw
+L6AtoCuGKWh0dHA6Ly9jcmwzLm5ldGxvY2suaHUvaW5kZXguY2dpP2NybD1nb2xk
+MA0GCSqGSIb3DQEBCwUAA4IBAQBa2rS+9NJ/UUzJbwOSqPYoyRk+L61V/Wd5jWjY
+MGtoS42gaCy/NTiFnySQhi9Pp9+jSBRmhkRzdwj/+KxwC2r6uZHBu3Agco9dlL5T
+9ZGfX3+KW66T5kENW0QL2jpu1nEEb4AL0WdahRyKg8pUBc1sH+lghA6ZMJh5IBXp
+qfcL7dykIvWpJOmn7Fb8teUeoqTdyzkQgi1mBDYDFrr3vhss8TqO0U+f0lFIT/ws
+DlnessbD+NeR5IHI47kbuJo5abqP+CNkd5URmtI2q0fCrL6giu55LwJccj/asWzM
+17j3ynVWWto+KwhLtVh4Vq4UNMiZo4gwJFO6UzKoYZ4lpwAT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGKzCCBROgAwIBAgIGSUEs5AAaMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTAxMjI3MTUyNTExWhcNMjYwMzEzMTUyNTExWjCB
+tTELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
+b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlcykxQzBBBgNVBAMMOk5ldExvY2sgRXhwcmVzc3ogRWF0
+LiAoQ2xhc3MgQyBMZWdhbCkgVGFuw7pzw610dsOhbnlraWFkw7MwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQNEll2RNMz/OAwjKRc2seboOp8qMsnM5A
+7nB+kks4JmTSwddHdv1+D5ivJGVzLfLsCPeap5m2nar9YqrKXlNCjBxgblUcjlAW
++vhQN4AoGRNmPQuHT+6VugdxzzAWmos2V05jYkNVNXHpiVRCj2ObeLbRuN+Kr1JC
+bbpobr2REfhM/b9RPJe++M63vCOUxQMgBKvLPlcROubIhCscFSa2b9cl3fkdb+QU
+NmQUM2Mfs9ZB8X3J307xOactlXmAc652C8oJwZlbPbcEMWOc4KVV8nSeLjweFDcO
+JClHdl2TUN7nxFbhDeq2oLu6E3Cug+lgN7SAATHcDVPiPoUMT00pAgMA0PGjggJL
+MIICRzASBgNVHRMBAf8ECDAGAQH/AgEEMA4GA1UdDwEB/wQEAwIBBjAfBgNVHSME
+GDAWgBTM+meT8La40KXAHvNT/YxT34PXljAdBgNVHQ4EFgQUcUlugYfRCK3xKASh
+87//Rm9/tdowggE+BggrBgEFBQcBAQSCATAwggEsMCwGCCsGAQUFBzABhiBodHRw
+Oi8vb2NzcDEubmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYgaHR0cDov
+L29jc3AyLm5ldGxvY2suaHUvZ29sZC5jZ2kwLAYIKwYBBQUHMAGGIGh0dHA6Ly9v
+Y3NwMy5uZXRsb2NrLmh1L2dvbGQuY2dpMDQGCCsGAQUFBzAChihodHRwOi8vYWlh
+MS5uZXRsb2NrLmh1L2luZGV4LmNnaT9jYT1nb2xkMDQGCCsGAQUFBzAChihodHRw
+Oi8vYWlhMi5uZXRsb2NrLmh1L2luZGV4LmNnaT9jYT1nb2xkMDQGCCsGAQUFBzAC
+hihodHRwOi8vYWlhMy5uZXRsb2NrLmh1L2luZGV4LmNnaT9jYT1nb2xkMIGeBgNV
+HR8EgZYwgZMwL6AtoCuGKWh0dHA6Ly9jcmwxLm5ldGxvY2suaHUvaW5kZXguY2dp
+P2NybD1nb2xkMC+gLaArhilodHRwOi8vY3JsMi5uZXRsb2NrLmh1L2luZGV4LmNn
+aT9jcmw9Z29sZDAvoC2gK4YpaHR0cDovL2NybDMubmV0bG9jay5odS9pbmRleC5j
+Z2k/Y3JsPWdvbGQwDQYJKoZIhvcNAQELBQADggEBAEK8hJUFkVC5Xo9hcdk+XI4l
+qTXetRatFgppxKjZRRNFaZGkGBD4ucfN7H04Ao+aVwAEupJNzhmT8Z68GR9QbboY
+sHbUIHwlHiN/mS4isn+TVLRjm4Z9vOFostBSMS+uB6WD7sudbm6rl6xl62Pcvo7m
+pK7JKIYkoreXAhaDoQAb3diWiqwIvvmTX2nUqN5Gq6JAs+p4GUvh3pIKVA0azJJE
+6xE7XSK8RTIpFKvlDrl6EaRcjHHF/IkAX/3upcY33R8bwdb++Rx/gpbY6ByxlxK7
+KC/dpX3K7jB8i886Slm+NqsyLj0oIu8icY0yjHfj5DXqFOxf5V5DPuge5UbkuhI=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIGozCCBYugAwIBAgIQD6hJBhXXAKC+IXb9xextvTANBgkqhkiG9w0BAQUFADBl
@@ -1509,135 +1785,28 @@ XAWtkxDGLA1rwJ7qeOXSd9a42pqYf7pMkiudvaSIsd2vw0zSl5sDxq5fG0QPMzcV
 dYzKC4jn
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIELzCCAxegAwIBAgILBAAAAAABL07hNwIwDQYJKoZIhvcNAQEFBQAwVzELMAkG
-A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
-b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xMTA0MTMxMDAw
-MDBaFw0yMjA0MTMxMDAwMDBaMC4xETAPBgNVBAoTCEFscGhhU1NMMRkwFwYDVQQD
-ExBBbHBoYVNTTCBDQSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAw/BliN8b3caChy/JC7pUxmM/RnWsSxQfmHKLHBD/CalSbi9l32WEP1+Bstjx
-T9fwWrvJr9Ax3SZGKpme2KmjtrgHxMlx95WE79LqH1Sg5b7kQSFWMRBkfR5jjpxx
-XDygLt5n3MiaIPB1yLC2J4Hrlw3uIkWlwi80J+zgWRJRsx4F5Tgg0mlZelkXvhpL
-OQgSeTObZGj+WIHdiAxqulm0ryRPYeDK/Bda0jxyq6dMt7nqLeP0P5miTcgdWPh/
-UzWO1yKIt2F2CBMTaWawV1kTMQpwgiuT1/biQBXQHQFyxxNYalrsGYkWPODIjYYq
-+jfwNTLd7OX+gI73BWe0i0J1NQIDAQABo4IBIzCCAR8wDgYDVR0PAQH/BAQDAgEG
-MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFBTqGVXwDg0yxh90M7eOZhpM
-EjEeMEUGA1UdIAQ+MDwwOgYEVR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3
-dy5hbHBoYXNzbC5jb20vcmVwb3NpdG9yeS8wMwYDVR0fBCwwKjAooCagJIYiaHR0
-cDovL2NybC5nbG9iYWxzaWduLm5ldC9yb290LmNybDA9BggrBgEFBQcBAQQxMC8w
-LQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMTAf
-BgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUFAAOC
-AQEABjBCm89JAn6J6fWDWj0C87yyRt5KUO65mpBz2qBcJsqCrA6ts5T6KC6y5kk/
-UHcOlS9o82U8nxTyaGCStvwEDfakGKFpYA3jnWhbvJ4LOFmNIdoj+pmKCbkfpy61
-VWxH50Hs5uJ/r1VEOeCsdO5l0/qrUUgw8T53be3kD0CY7kd/jbZYJ82Sb2AjzAKb
-WSh4olGd0Eqc5ZNemI/L7z/K/uCvpMlbbkBYpZItvV1lVcW/fARB2aS1gOmUYAIQ
-OGoICNdTHC2Tr8kTe9RsxDrE+4CsuzpOVHrNTrM+7fH8EU6f9fMUvLmxMc72qi+l
-+MPpZqmyIJ3E+LgDYqeF0RhjWw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEhTCCA22gAwIBAgILBAAAAAABL07hPxEwDQYJKoZIhvcNAQEFBQAwVzELMAkG
-A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
-b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xMTA0MTMxMDAw
-MDBaFw0yMjA0MTMxMDAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
-YWxTaWduIG52LXNhMS0wKwYDVQQDEyRHbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0
-aW9uIENBIC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxo83A
-3zNAJuveWteUZtQBY8wzRIng4rjCRw2PrWmGHKhzQgvxcvstrLURcoMi9lbnLsVn
-cZ0AHDK84+0uCEWp5vrdyIyDBcFvS9AmSgv2G0XATX6TvA0nhO0wo+nGJibdLR/Y
-i8POGdBb/Aif5NjiNeSgaKb2DaN0YEKyl4IkjkGk8i5eto6nbtlsfw07JDVq0Ktb
-aveXAgA/UaanbnPKdw12fJu2MBoanPcfKHsOi0cf538FjMbJyLvP6dx6QS6hhtrU
-ObLiE0CmqDr6D1MeT+xumAkbypp3s1WFhekuFrWdXlTxSnpsObpuFwY0s7JC4ffz
-nJoLEUTeaniOsRNPAgMBAAGjggFQMIIBTDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0T
-AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUlq36sFu5g2QqdsIcimnaQtz+/SgwRwYD
-VR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2Jh
-bHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9j
-cmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEEMTAvMC0GCCsG
-AQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjEwKQYDVR0l
-BCIwIAYIKwYBBQUHAwEGCCsGAQUFBwMCBgorBgEEAYI3CgMDMB8GA1UdIwQYMBaA
-FGB7ZhpFDZfKiVAvfQTNNKj//P1LMA0GCSqGSIb3DQEBBQUAA4IBAQB+mhM5cWmg
-/Iw1rK+01t5k6jNvlVOSca1MwPvQa7qADsIK5jf60iWjIveJn1ISQy+7xPxszuSq
-nfadV3vMKqx1SRtUZs+n6bmwwnxwI/uclwDyJaTZoQpdhQYdGof1LVTFZCGOrKrs
-GT6b/8Bnpy4A4/GBQABbg+Kop+81UIPA9JuIKompqZwvgrkYnvrrRyRuE+6yjPBC
-N17mj5G8pV9RK667jHYxTlMReewRTjhz5RpmcPSC93sQVfi7pcMd5dP2vPootjEQ
-1f6RI6QhP7pMkY+Hx4KrOMIBc4lIGvkMkbmV+20hXwPIv3t073txebU+cyPRWtym
-DOEtZGWRvsK5
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEWzCCA0OgAwIBAgILBAAAAAABL07hW2MwDQYJKoZIhvcNAQEFBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwNDEzMTAwMDAwWhcNMjIwNDEz
-MTAwMDAwWjBZMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
-YTEvMC0GA1UEAxMmR2xvYmFsU2lnbiBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0g
-RzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNoUbMUpq4pbR/WNnN
-2EugcgyXW6aIIMO5PUbc0FxSMPb6WU+FX7DbiLSpXysjSKyr9ZJ4FLYyD/tcaoVb
-AJDgu2X1WvlPZ37HbCnsk8ArysRe2LDb1r4/mwvAj6ldrvcAAqT8umYROHf+IyAl
-VRDFvYK5TLFoxuJwe4NcE2fBofN8C6iZmtDimyUxyCuNQPZSY7GgrVou9Xk2bTUs
-Dt0F5NDiB0i3KF4r1VjVbNAMoQFGAVqPxq9kx1UBXeHRxmxQJaAFrQCrDI1la93r
-wnJUyQ88ABeHIu/buYZ4FlGud9mmKE3zWI2DZ7k0JZscUYBR84OSaqOuR5rW5Isb
-wO2xAgMBAAGjggEvMIIBKzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB
-/wIBADAdBgNVHQ4EFgQUsLBK/Rx1KPgcYaoT9vrBkD1rFqMwRwYDVR0gBEAwPjA8
-BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29t
-L3JlcG9zaXRvcnkvMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs
-c2lnbi5uZXQvcm9vdC1yMi5jcmwwRAYIKwYBBQUHAQEEODA2MDQGCCsGAQUFBzAB
-hihodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9FeHRlbmRlZFNTTENBMB8GA1Ud
-IwQYMBaAFJviB1dnHB7AagbeWbSaLd/cGYYuMA0GCSqGSIb3DQEBBQUAA4IBAQBf
-KJAMLekgsjB8iKtABfqxnVwik9WdyjUx+izqHZNZGcSgDfsJQDHaZFbNUr7nGGbo
-bQmbstuUPu42RR4kVLYgBZO1MRq4ZFfm0ywBTDmWef63BJgS77cuWnf+R/N5mELd
-Fr5baSvJJsgpaHfmrPZOkBMoZwTsciUf16cKUH84DnIYsSm4/66h1FS4Zk2g1c/T
-76kyKsWXYtKEzLCg2JipyjjkzEQ1b2EmsC6Ycvk4Mg20oWIKIWIV3rttkxA2UztK
-IXvC9b4u9gIT6a5McOkq9h/Di+Wf4I0qKOgZLLNl3ffxb5c1ntuSNWOB1yfkK2Kq
-+mKhcZKMCha3PbVKZVsC
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEizCCA3OgAwIBAgILBAAAAAABL07hQvkwDQYJKoZIhvcNAQEFBQAwVzELMAkG
-A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
-b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xMTA0MTMxMDAw
-MDBaFw0yMjA0MTMxMDAwMDBaMF0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
-YWxTaWduIG52LXNhMTMwMQYDVQQDEypHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBW
-YWxpZGF0aW9uIENBIC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDdNR3yIFQmGtDvpW+Bdllw3Of01AMkHyQOnSKf1Ccyeit87ovjYWI4F6+0S3qf
-ZyEcLZVUunm6tsTyDSF0F2d04rFkCJlgePtnwkv3J41vNnbPMYzl8QbX3FcOW6zu
-zi2rqqlwLwKGyLHQCAeV6irs0Z7kNlw7pja1Q4ur944+ABv/hVlrYgGNguhKujiz
-4MP0bRmn6gXdhGfCZsckAnNate6kGdn8AM62pI3ffr1fsjqdhDFPyGMM5NgNUqN+
-ARvUZ6UYKOsBp4I82Y4d5UcNuotZFKMfH0vq4idGhs6dOcRmQafiFSNrVkfB7cVT
-5NSAH2v6gEaYsgmmD5W+ZoiTAgMBAAGjggFQMIIBTDAOBgNVHQ8BAf8EBAMCAQYw
-EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUXUayjcRLdBy77fVztjq3OI91
-nn4wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3
-Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSGImh0
-dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEEMTAv
-MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjEw
-KQYDVR0lBCIwIAYIKwYBBQUHAwEGCCsGAQUFBwMCBgorBgEEAYI3CgMDMB8GA1Ud
-IwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMA0GCSqGSIb3DQEBBQUAA4IBAQBz
-euwBLBcikZrKsWcYorrIBYmSJN4fuKtEn/dAVWXy4PQux96wP5kVH5VwgumbSmQk
-IBbwdhfSG/6s+ga0d8+Y2CrsVxXYXk7di5bhUzMZkdWEbiXvD8utv9tLa1bMtdRA
-PiZetln0xZDJCcSE37wmfYLp6/Rb/MgV3gkYRYazi03HazUnm2D2pFoqWEmx2DVD
-xjK7XjvESiHBoDtewSOpztvVuv5dbf0AfvrxlDdhuQA5ZpapnLQeEe9V2LTYsMSl
-rjIKL/gt9KKn/zbTXmOLThL3tSiAde6UL3CgVnc5qjmXF/wA889m56JxkqsFm3Mu
-eufnIVkJjTChrFzKGXr4
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEYDCCA0igAwIBAgILBAAAAAABL07hRQwwDQYJKoZIhvcNAQEFBQAwVzELMAkG
+MIIEFDCCAvygAwIBAgILBAAAAAABL07hUtcwDQYJKoZIhvcNAQEFBQAwVzELMAkG
 A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
 b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xMTA0MTMxMDAw
-MDBaFw0yMjA0MTMxMDAwMDBaMF0xCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
-YWxTaWduIG52LXNhMTMwMQYDVQQDEypHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBW
-YWxpZGF0aW9uIENBIC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDdNR3yIFQmGtDvpW+Bdllw3Of01AMkHyQOnSKf1Ccyeit87ovjYWI4F6+0S3qf
-ZyEcLZVUunm6tsTyDSF0F2d04rFkCJlgePtnwkv3J41vNnbPMYzl8QbX3FcOW6zu
-zi2rqqlwLwKGyLHQCAeV6irs0Z7kNlw7pja1Q4ur944+ABv/hVlrYgGNguhKujiz
-4MP0bRmn6gXdhGfCZsckAnNate6kGdn8AM62pI3ffr1fsjqdhDFPyGMM5NgNUqN+
-ARvUZ6UYKOsBp4I82Y4d5UcNuotZFKMfH0vq4idGhs6dOcRmQafiFSNrVkfB7cVT
-5NSAH2v6gEaYsgmmD5W+ZoiTAgMBAAGjggElMIIBITAOBgNVHQ8BAf8EBAMCAQYw
-EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUXUayjcRLdBy77fVztjq3OI91
-nn4wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3
-Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSGImh0
-dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEEMTAv
-MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjEw
-HwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQEFBQAD
-ggEBABvgiADHBREc/6stSEJSzSBo53xBjcEnxSxZZ6CaNduzUKcbYumlO/q2IQen
-fPMOK25+Lk2TnLryhj5jiBDYW2FQEtuHrhm70t8ylgCoXtwtI7yw07VKoI5lkS/Z
-9oL2dLLffCbvGSuXL+Ch7rkXIkg/pfcNYNUNUUflWP63n41edTzGQfDPgVRJEcYX
-pOBWYdw9P91nbHZF2krqrhqkYE/Ho9aqp9nNgSvBZnWygI/1h01fwlr1kMbawb30
-hag8IyrhFHvBN91i0ZJsumB9iOQct+R2UTjEqUdOqCsukNK1OFHrwZyKarXMsh3o
-wFZUTKiL8IkyhtyTMr5NGvo1dbU=
+MDBaFw0yODAxMjgxMjAwMDBaMFIxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMSgwJgYDVQQDEx9HbG9iYWxTaWduIFRpbWVzdGFtcGluZyBD
+QSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlO9l+LVXn6BT
+DTQG6wkft0cYasvwW+T/J6U00feJGr+esc0SQW5m1IGghYtkWkYvmaCNd7HivFzd
+ItdqZ9C76Mp03otPDbBS5ZBb60cO8eefnAuQZT4XljBFcm05oRc2yrmgjBtPCBn2
+gTGtYRakYua0QJ7D/PuV9vu1LpWBmODvxevYAll4d/eq41JrUJEpxfz3zZNl0mBh
+IvIG+zLdFlH6Dv2KMPAXCae78wSuq5DnbN96qfTvxGInX2+ZbTh0qhGL2t/HFEzp
+hbLswn1KJo/nVrqm4M+SU4B09APsaLJgvIQgAIMboe60dAXBKY5i0Eex+vBTzBj5
+Ljv5cH60JQIDAQABo4HlMIHiMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAG
+AQH/AgEAMB0GA1UdDgQWBBRG2D7/3OO+/4Pm9IWbsN1q1hSpwTBHBgNVHSAEQDA+
+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5j
+b20vcmVwb3NpdG9yeS8wMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nbG9i
+YWxzaWduLm5ldC9yb290LmNybDAfBgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo
+//z9SzANBgkqhkiG9w0BAQUFAAOCAQEATl5WkB5GtNlJMfO7FzkoG8IW3f1B3AkF
+BJtvsqKa1pkuQJkAVbXqP6UgdtOGNNQXzFU6x4Lu76i6vNgGnxVQ380We1I6AtcZ
+Gv2v8Hhc4EvFGN86JB7arLipWAQCBzDbsBJe/jG+8ARI9PBw+DpeVoPPPfsNvPTF
+7ZedudTbpSeE4zibi6c1hkQgpDttpGoLoYP9KOva7yj2zIhd+wo7AKvgIeviLzVs
+D440RZfroveZMzV+y5qKu0VN5z+fwtmK+mWybsd+Zf/okuEsMaL3sCc2SI8mbzvu
+TXYfecPlf5Y1vC0OzAGwjn//UYCAp5LUs0RGZIyHTxZjBzFLY7Df8w==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIE0DCCA7igAwIBAgIBBzANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMx
@@ -1724,144 +1893,503 @@ sPTIFwwKlhR8Cbds4cLYVdQYoKpBaXAko7nv6VrcPuuUSvC33l8Odvr7+2kDRUBQ
 7nIMpBKGgc0T0U7EPMpODdIm8QC3tKai4W56gf0wrHofx1l7
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEXDCCA0SgAwIBAgILBAAAAAABMYnGQlgwDQYJKoZIhvcNAQELBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwODAyMTAwMDAwWhcNMjIwODAy
-MTAwMDAwWjBgMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
-YTE2MDQGA1UEAxMtR2xvYmFsU2lnbiBEb21haW4gVmFsaWRhdGlvbiBDQSAtIFNI
-QTI1NiAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqd3MDrPi
-MjndSSKoE2mTh4jhDO5xfb2Qh5ZdWfLMs9JYV1f5Ru9sJtg2Qo5+MLMvmj5Tex9u
-tqJMRR880xWTHIntPPRX3sq97AaaaiqgGVJ/UdF0OQifq+vXhhMVl642w1RmDlry
-oHOFMeOyZBRq/6WijiS7vYVSFaJ57vC17j249H2AvNmQNWW4F6mts5ifoH59bvs/
-rXzCG1k2lto3MktLXTUCY47bp89i7swu1I3JvTxqkXKiIqdyLSDR+so32hiY5hYk
-cSVLxOV7iVIJAv1ZKwRuygeB1LPa2tvjzICoVgcGfJYIN53bOLZiNJFiB3QBONhy
-MOLrkHEmYsBX8wIDAQABo4IBKTCCASUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB
-/wQIMAYBAf8CAQAwHQYDVR0OBBYEFOpOfNSALeUVgYYmjIJtwJikz5cPMEcGA1Ud
-IARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxz
-aWduLmNvbS9yZXBvc2l0b3J5LzA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3Js
-Lmdsb2JhbHNpZ24ubmV0L3Jvb3QtcjMuY3JsMD4GCCsGAQUFBwEBBDIwMDAuBggr
-BgEFBQcwAYYiaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzAfBgNV
-HSMEGDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEA
-asQTEbudYOYIgMIwjjpyB5oIB0XIrKrD85MGzbyWwKt7IzfBYFPvJPpKhbGSET9Y
-Z3RAFBWwLNQme7DAeGM3MedBUDL/h2VtRi9mFsJ3cjffjB2ynXz79WmNDEGDBeXD
-CDhdCaUwUQzemQAYJFATZ9U956HDXbA92Ho3wqPeCzxXJmuY/hfAUdEL8BdEK71i
-gPIuTWgRjCLvlHt4p7WbguowPW2xYzOsZvok9lOdICfAXHRETYzo2yBAhQDmbSaf
-dzhT8XdnuiJ3yEW84eLFJqSi6NDOgmdMyXg/4ntqs5XUwfpSfUQaAuXxScCedcp3
-IAITFUgbBl1wm7duUhuklQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEYjCCA0qgAwIBAgILBAAAAAABMYnGRMkwDQYJKoZIhvcNAQELBQAwTDEgMB4G
+MIIE1TCCA72gAwIBAgICIAYwDQYJKoZIhvcNAQELBQAwaDELMAkGA1UEBhMCVVMx
+JTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4xMjAwBgNVBAsT
+KVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEx
+MDUwMzA3MDAwMFoXDTMxMDUwMzA3MDAwMFowgcUxCzAJBgNVBAYTAlVTMRAwDgYD
+VQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFy
+ZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTQwMgYDVQQLEytodHRwczovL2NlcnRz
+LnN0YXJmaWVsZHRlY2guY29tL3JlcG9zaXRvcnkvMTIwMAYDVQQDEylTdGFyZmll
+bGQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAL3twQP89o/8ArFvW59I2Z154qK3A2FWGMNHttfK
+PTUuiUP3oWmb3ooa/RMgnLRJdzIpVv257IzdIvpy3Cdhl+72WoTsbhm5iSzchFvV
+dPtrX8WJpRBSiUZV9Lh1HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNk
+N3mSwOxGXn/hbVNMYq/NHwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uL
+icFZ8WJ/X7NfZTD4p7dNdloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzR
+mZTRouNjWwl2tVZi4Ut0HZbUJtQIBFnQmA4O5t78w+wfkPECAwEAAaOCASkwggEl
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR8DDIf
+p9kwf8R9aKNiqKHOqwdbJzAfBgNVHSMEGDAWgBS/X7fRzt0fhvRbVazc1xDCDqmI
+5zA6BggrBgEFBQcBAQQuMCwwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnN0YXJm
+aWVsZHRlY2guY29tLzA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLnN0YXJm
+aWVsZHRlY2guY29tL3Nmcm9vdC5jcmwwTAYDVR0gBEUwQzBBBgRVHSAAMDkwNwYI
+KwYBBQUHAgEWK2h0dHBzOi8vY2VydHMuc3RhcmZpZWxkdGVjaC5jb20vcmVwb3Np
+dG9yeS8wDQYJKoZIhvcNAQELBQADggEBADUEaGoCgUXuLmhWo/tWlCpw3vzkSyII
+u49k7oA7aU2jwDyUZtNW+UTReKEUXwmEIoU27hK7BMLQenYlg9LufrbQHkIxzYGB
+1zalW8FoKmzcsFKYtvQpkVWvUmL3bspsCxijyPnhH2SeG3NhoT5UCASj1NGTDSxw
+TQesNn9DJfQQGgaxf6lRtQAtBoDg/DfjA8hJ4ZLYqkhoshILf57moxztofrLdA4d
+1apBUsVAeptzIMVdhH6YaLlH+ulDAkO7umzmQ+0L6QK9blir+2Qj2dFJgkmYQ0xY
+38Vq6MNXJZqDN4FtQFdKrozmsdx/o48fJlxID8ZsdLRP3W7lCOZE6gc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAv2gAwIBAgILBAAAAAABMYnGUAQwDQYJKoZIhvcNAQELBQAwTDEgMB4G
 A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwODAyMTAwMDAwWhcNMjIwODAy
-MTAwMDAwWjBmMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
-YTE8MDoGA1UEAxMzR2xvYmFsU2lnbiBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBD
-QSAtIFNIQTI1NiAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-xw5sPyOTf8xwpZ0gww5TP37ATsKYScpH1SPvAzSFdMijAi5GXAt9yYidT4vw+Jxs
-jFU127/ys+r741bnSkbZEyLKNtWbwajjlkOT8gy85vnm6JnIY0h4f1c2aRoZHVrR
-1H3CnNR/4YASrnrqiOpX2MoKCjoSSaJiGXoNJPc367RzknsFI5sStc7rKd+kFAK5
-AaXUppxDZIje+H7+4/Ue5f7co6jkZjHZTCXpGLmJWQmu6Z0cbTcPSh41ICjir9Qh
-iwHERa1uK2OrkmthCk0g7XO6fM7+FrXbn4Dw1ots2Qh5Sk94ZdqSvL41+bPE+SeA
-Tv+WUuYCIOEHc+ldK72y8QIDAQABo4IBKTCCASUwDgYDVR0PAQH/BAQDAgEGMBIG
-A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJbeYfG9HBYpUxzAzH07gwBA5hp8
-MEcGA1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5n
-bG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzA2BgNVHR8ELzAtMCugKaAnhiVodHRw
-Oi8vY3JsLmdsb2JhbHNpZ24ubmV0L3Jvb3QtcjMuY3JsMD4GCCsGAQUFBwEBBDIw
-MDAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3Ry
-MzAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDANBgkqhkiG9w0BAQsF
-AAOCAQEAugYpwLQZjCERwJQRnrs91NVDQPafuyULI2i1Gvf6VGTMKxP5IfBEreHo
-FVjb7v3bok3MGI8Nmm3DawGhMfCNvABAzDlfh2FRbfSV6uoVNT5AhcBi1aE0/niq
-qLJaOfM3Qfuc6D5xSlvr+GlYoeDGk3fpumeS62VYkHBzQn2v9CMmeReq+qS7meVE
-b2WB58rrVcj0ticRIXSUvGu3dGIpxM2uR/LmQlt4hgVhy5CqeYnfBH6xJnBLjUAf
-hHvA+wfmyLdOkfQ1A+3o60EQF0m0YsinLPLhTI8DLPMWN11n8aQ5eUmjwF3MVfkh
-gA/7zuIpalhQ6abX6xwyNrVip8H65g==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFDTCCA/WgAwIBAgIETA7JGDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMC
-VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
-Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
-KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl
-cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTExMTExMTE0NTcyMloXDTIxMTExMjA4
-MTIzMVowgbExCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkw
-NwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvcnBhIGlzIGluY29ycG9yYXRlZCBieSBy
-ZWZlcmVuY2UxHzAdBgNVBAsTFihjKSAyMDA5IEVudHJ1c3QsIEluYy4xLjAsBgNV
-BAMTJUVudHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUUwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2WwRUd90OJGbcKqHbgMxdx1/9UhZY
-2l+UBqm4trljDEcgguzHlU6LuHdSaj21h6nW4cx05abIwNRWT40u1gg+DExDPvBB
-k15G7znn2WUqDHZQJ71bDTMzB+D3oqmc4REzrWb80ix6qqNzFr6ThXUP1zeM+iO3
-ZPjjTG7tswW94jbbfN52RNqCcna2bv+UodCG9xDNSlqLsHWMZlKATkhMSYOmQNd3
-gRNNXnJ+SEYiqg/iPmWUOOFycf5KcQm6NX9ViT2B1bgoARB3NloQhdK9YIQrSWGU
-DN5MQGoqxHlghCSCMmlKmEviVhC6A0VRINPP2o5UG0W2erqXmlrYxtFfAgMBAAGj
-ggEqMIIBJjAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAzBggr
-BgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0
-MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvcm9vdGNh
-MS5jcmwwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93
-d3cuZW50cnVzdC5uZXQvQ1BTMB0GA1UdDgQWBBRbQYqyxEPBvb/IVEFVneCWrf+5
-oTAfBgNVHSMEGDAWgBRokORnpKZTgMeGZqTx90tD+4S9bTAZBgkqhkiG9n0HQQAE
-DDAKGwRWOC4xAwIAgTANBgkqhkiG9w0BAQUFAAOCAQEAofGoEOjmKbkibGFbKj88
-AceCIQvoTg/Eyca8mZ3271vHabLZnqxSQumKuDHEE5YDj2WTBmn+KLam/a2HjNXM
-puf5GjfvMi0FLR5OudXV0Q+bfyROuJDs5mm/nyo8YwLhaaNuoDRyyFBQttqOki64
-Syj+9JLwBLbWnT0HZhF1bYVxXjLy1wzbMCEV4XS3tetr+XPqCkmtSPYjI4xgRyxR
-lrHMI3fNlsXGzbVMLJX3IkX4tq2EDAjKE7ConTVvi0jYX7Yrp6gnRMMMjqYN42Qm
-YZKXE16AMQy3npAghwvQqgoGBCc8hmogDZ27zn1XyVmTogM7jLNvQv2k1ZvKAaoE
-DA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE9TCCA92gAwIBAgIETA6MHTANBgkqhkiG9w0BAQsFADCBtDEUMBIGA1UEChML
-RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
-bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
-IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMTExMTExNTI2MjJaFw0yMTEx
-MTExNzQ1MDlaMIGxMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5j
-LjE5MDcGA1UECxMwd3d3LmVudHJ1c3QubmV0L3JwYSBpcyBpbmNvcnBvcmF0ZWQg
-YnkgcmVmZXJlbmNlMR8wHQYDVQQLExYoYykgMjAwOSBFbnRydXN0LCBJbmMuMS4w
-LAYDVQQDEyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gTDFDMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6MtPJ7eBdoTwhGNnY7jf8dL
-flqfs/9iq3PIKGu6EGSChxPNVxj/KM7A5g4GkVApg9Hywyrb2NtOBMwA64u2lty8
-qvpSdwTB2xnkrpz9PIsD7028GgNl+cGxP3KG8jiqGa4QiHgo2nXDPQKCApy5wWV3
-diRMmPdtMTj72/7bNwJ2oRiXpszeIAlJNiRpQvbkN2LxWW2pPO00nKOO29w61/cK
-b+8u2NWTWnrtCElo4kHjWpDBhlX8UUOd4LLEZ7TLMjEl8FSfS9Fv29Td/K9ebHiQ
-ld7KOki5eTybGdZ1BaD5iNfB6KUJ5BoV3IcjqrJ1jGMlh9j4PabCzGb/pWZoVQID
-AQABo4IBDjCCAQowDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
-MwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0
-Lm5ldDAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLmVudHJ1c3QubmV0LzIw
-NDhjYS5jcmwwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6
-Ly93d3cuZW50cnVzdC5uZXQvcnBhMB0GA1UdDgQWBBQe8auJBvhJDwEzd+4Ueu4Z
-fJMoTTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDANBgkqhkiG9w0B
-AQsFAAOCAQEAiPT6lVpW0mbUJbc+ZbrdxJI1Cc1VuCGbt6lA93MxhEMofetAYDuG
-h6ZCiwj2u+LqzVuxdxWzLCEMhJVbzMdY0eyhYnbTKn6janJzbYzzXVLRp5fzGJ6v
-apr6tQ4BMWYMbXhkUHXimzuqAhaqWWkD9yFfe6QwPZUk+Pm/BiB1RKCQX4nFYXjD
-RnQBIyJ/G5Tdn9Tuk+Etdy7VrAgdtTHdwHMdicb+qtFgliHI5We4Kp5aUO1Z280a
-9YwHNFcCojtNWGjlI1jZnvcuW1nm3Gu85nLNMSNYrB0VUMpEn8hNUtDb0BS0zqcJ
-S2TXKd9etQ+Bbr8efYI5IK1ah4W/+T0fAg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE9TCCA92gAwIBAgIETA6MOTANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChML
-RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
-bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
-IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xMTExMTExNTQwNDBaFw0yMTEx
-MTIwMjUxMTdaMIGxMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5j
-LjE5MDcGA1UECxMwd3d3LmVudHJ1c3QubmV0L3JwYSBpcyBpbmNvcnBvcmF0ZWQg
-YnkgcmVmZXJlbmNlMR8wHQYDVQQLExYoYykgMjAwOSBFbnRydXN0LCBJbmMuMS4w
-LAYDVQQDEyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gTDFDMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6MtPJ7eBdoTwhGNnY7jf8dL
-flqfs/9iq3PIKGu6EGSChxPNVxj/KM7A5g4GkVApg9Hywyrb2NtOBMwA64u2lty8
-qvpSdwTB2xnkrpz9PIsD7028GgNl+cGxP3KG8jiqGa4QiHgo2nXDPQKCApy5wWV3
-diRMmPdtMTj72/7bNwJ2oRiXpszeIAlJNiRpQvbkN2LxWW2pPO00nKOO29w61/cK
-b+8u2NWTWnrtCElo4kHjWpDBhlX8UUOd4LLEZ7TLMjEl8FSfS9Fv29Td/K9ebHiQ
-ld7KOki5eTybGdZ1BaD5iNfB6KUJ5BoV3IcjqrJ1jGMlh9j4PabCzGb/pWZoVQID
-AQABo4IBDjCCAQowDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
-MwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0
-Lm5ldDAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLmVudHJ1c3QubmV0LzIw
-NDhjYS5jcmwwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6
-Ly93d3cuZW50cnVzdC5uZXQvcnBhMB0GA1UdDgQWBBQe8auJBvhJDwEzd+4Ueu4Z
-fJMoTTAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDANBgkqhkiG9w0B
-AQUFAAOCAQEAQJqHfojUzCanS/p4SiDV+aI2IbvuW6BPRI3PqvmXF5aEqchnm7vm
-EN551lZqpHgUSdl87TBeaeptJEZaiDQ9JifPaUGEHATaGTgu24lBOX5lH51aOszh
-DEw3oc5gk6i1jMo/uitdTBuBiXrKNjCc/4Tj/jrx93lxybXTMwPKd86wuinSNF1z
-/6T98iW4NUV5eh+Xrsm+CmiEmXQ5qE56JvXN3iXiN4VlB6fKxQW3EzgNLfBtGc7e
-mWEn7kVuxzn/9sWL4Mt8ih7VegcxKlJcOlAZOKlE+jyoz+95nWrZ5S6hjyko1+yq
-wfsm5p9GJKaxB825DOgNghYAHZaS/KYIoA==
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTEwODAyMTAwMDAwWhcNMjkwMzI5
+MTAwMDAwWjBbMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
+YTExMC8GA1UEAxMoR2xvYmFsU2lnbiBUaW1lc3RhbXBpbmcgQ0EgLSBTSEEyNTYg
+LSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqbjsOrEVElAbaW
+lOJP2MEI9kYj2UXFlZdbqxq/0mxXyTMGH6APxjx+U0h6v52Hnq/uw4xH4ULs4+Oh
+SmwMF8SmwbnNW/EeRImO/gveIVgT7k3IxWcLHLKz8TR2kaLLB203xaBHJgIVpJCR
+qXme1+tXnSt8ItgU1/EHHngiNmt3ea+v+X+OTuG1CDH96u1LcWKMI/EDOY9EebZ2
+A1eerS8IRtzSjLz0jnTOyGhpUXYRiw9dJFsZVD0mzECNgicbWSB9WfaTgI74Kjj9
+a6BAZR9XdsxbjgRPLKjbhFATT8bci7n43WlMiOucezAm/HpYu1m8FHKSgVe3dsnY
+gAqAbgkCAwEAAaOB6DCB5TAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUkiGnSpVdZLCbtB7mADdH5p1BK0wwRwYDVR0gBEAwPjA8
+BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29t
+L3JlcG9zaXRvcnkvMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs
+c2lnbi5uZXQvcm9vdC1yMy5jcmwwHwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL
+3uLdG7wwDQYJKoZIhvcNAQELBQADggEBAARWgkp80M7JvzZm0b41npNsl+gGzjEY
+WflsQV+ALsBCJbgYx/zUsTfEaKDPKGoDdEtjl4V3YTvXL+P1vTOikn0RH56KbO8s
+sPRijTZz0RY28bxe7LSAmHj80nZ56OEhlOAfxKLhqmfbs5xz5UAizznO2+Z3lae7
+ssv2GYadn8jUmAWycW9Oda7xPWRqO15ORqYqXQiS8aPzHXS/Yg0jjFwqOJXSwNXN
+z4jaHyi1uoFpZCq1pqLVc6/cRtsErpHXbsWYutRHxFZ0gEd4WIy+7yv97Gy/0ZT3
+v1Dge+CQ/SAYeBgiXQgujBygl/MdmX2jnZHTBkROBG56HCDjNvC2ULk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIECDCCAvCgAwIBAgIILu17PatkWxAwDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBOZXR3b3JraW5nMB4XDTExMTAwNDE4MjQyOVoXDTMwMTIzMTE0MDgyNFowQDEL
+MAkGA1UEBhMCVVMxGDAWBgNVBAoMD1RyZW5kIE1pY3JvIEluYzEXMBUGA1UEAwwO
+VHJlbmQgTWljcm8gQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC
+tz7qUBb61DHFYDbRj69nikk/4sbQ53NnPSrOBJEX3E59MAPoEO/biYzoMF4A3UdB
+LzZsRp4SYJZ0WybyvaExs9FHECfpcXohOCPkG7u1RC4EtUgMjw3lNvu3gDvyi5ut
+cdKI4uOwIkhD8objKuzSlU4IaUjsTaeIROKQHttkDMw7d8HhORy3QnTSIClZ3hgW
+DJZZHOyE2xhGhdyG/KfNlw/uXtJ9A5/YUPHp4dDfrQV2PUr+dTgs3BIh9r7dRngl
+a4BqbvNaH8Yw3fFJ8DqY118JH5GSQ3RQwHpz2f34n0y2PTSMLQlMUC2iRBOd8dhW
+Je5RGbKfveHXDfBgqdBBAgMBAAGjggEAMIH9MB0GA1UdDgQWBBStMcf6As5n92Uc
++7pfwLvFUExnyDAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFAcf0uec2sJu
+okC0sHpQEFB0xMi9ME8GA1UdIARIMEYwRAYKKwYBBAGCjwkBATA2MDQGCCsGAQUF
+BwIBFihodHRwOi8vd3d3LmFmZmlybXRydXN0LmNvbS9yZXNvdXJjZXMvY3BzMEkG
+A1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9B
+ZmZpcm1UcnVzdE5ldHdvcmtpbmcuY3JsMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG
+9w0BAQUFAAOCAQEAUFU4RiDe7NdWtQKNH7j8tmOp8myZ91s6p7m1WXj0g6Ja25QB
+mv8XLVQVpUKd8Oq501DjCaU64E9Ba6K/ltTN/G8jzF/U8uYCFT6DpTDvTUedABjS
+H0gR74vHsIwz9ibAoTTh45K1T0+8M4PTI6OLTHkbCeg8Udpn9kCpLfqKEgmrf7YF
+5v/081M3NzJcg0do9I37rn3OdFxC3/+b1p8bWHbrNYHvQ8CnNugQmyN4+EE8CUMI
+KbL7otky1Gn1ro/ya3L8gN5jzT7pNmB7N+EUgjr+bIJ4VxVKhVmgEaIT7EYMXvog
+OFm9oAww5XJiDz+dG0mEsnqRIawxKq0Lg0ZrHQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0zCCA7ugAwIBAgIVALhZFHE/V9+PMcAzPdLWGXojF7TrMA0GCSqGSIb3DQEB
+DQUAMIGAMQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dp
+ZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBIDIwHhcNMTExMDA2
+MDgzOTU2WhcNNDYxMDA2MDgzOTU2WjCBgDELMAkGA1UEBhMCUEwxIjAgBgNVBAoT
+GVVuaXpldG8gVGVjaG5vbG9naWVzIFMuQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIGA1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0
+d29yayBDQSAyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvfl4+ObV
+gAxknYYblmRnPyI6HnUBfe/7XGeMycxca6mR5rlC5SBLm9qbe7mZXdmbgEvXhEAr
+J9PoujC7Pgkap0mV7ytAJMKXx6fumyXvqAoAl4Vaqp3cKcniNQfrcE1K1sGzVrih
+QTib0fsxf4/gX+GxPw+OFklg1waNGPmqJhCrKtPQ0WeNG0a+RzDVLnLRxWPa52N5
+RH5LYySJhi40PylMUosqp8DikSiJucBb+R3Z5yet/5oCl8HGUJKbAiy9qbk0WQq/
+hEr/3/6zn+vZnuCYI+yma3cWKtvMrTscpIfcRnNeGWJoRVfkkIJCu0LW8GHgwaM9
+ZqNd9BjuiMmNF0UpmTJ1AjHuKSbIawLmtWJFfzcVWiNoidQ+3k4nsPBADLxNF8tN
+orMe0AZa3faTz1d1mfX6hhpneLO/lv403L3nUlbls+V1e9dBkQXcXWnjlQ1DufyD
+ljmVe2yAWk8TcsbXfSl6RLpSpCrVQUYJIP4ioLZbMI28iQzV13D4h1L92u+sUS4H
+s07+0AnacO+Y+lbmbdu1V0vc5SwlFcieLnhO+NqcnoYsylfzGuXIkosagpZ6w7xQ
+EmnYDlpGizrrJvojybawgb5CAKT41v4wLsfSRvbljnX98sy50IdbzAYQYLuDNbde
+Z95H7JlI8aShFf6tjGKOOVVPORa5sWOd/7cCAwEAAaNCMEAwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUtqFUOQLDoD+Oirz61PgcptE6Dv0wDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBDQUAA4ICAQCdU8KBJdw1LK4K3VqbRjBWu9S0bEuG5gql
+0pKKmo3cj7TudvQDy+ubAXirKmu1uiNOMXy1LN0taWczbmNdORgS+KAoU0SHq2rE
+kpYfKqIcup3dJ/tSTbCPWujtjcNo45KgJgyHkLAD6mplKAjERnjgW7oO8DPcJ7Z+
+iD29kqSWfkGogAh71jYSvBAVmyS8q619EYkvMe340s9Tjuu0U6fnBMovpiLEEdzr
+mMkiXUFq3ApSBFu8LqB9x7aSuySg8zfRK0OozPFoeBp+b2OQe590yGvZC1X2eQM9
+g8dBQJL7dgs3JRc8rz76PFwbhvlKDD+KxF4OmPGt7s/g/SE1xzNhzKI3GEN8M+mu
+doKCB0VIO8lnbq2jheiWVs+8u/qry7dXJ40aL5nzIzM0jspTY9NXNFBPz0nBBbrF
+qId744aP+0OiEumsUewEdkzw+o+5MRPpCLckCfmgtwc2WFfPxLt+SWaVNQS2dzW4
+qVMpX5KF+FLEWk79BmE5+33QdkeSzOwrvYRu5ptFwX1isVMtnnWg58koUNflvKiq
+B3hquXS0YPOEjQPcrpHadEQNe0Kpd9YrfKHGbBNTIqkSmqX5TyhFNbCXT0ZlhcX0
+/WKiomr8NDAGft8M4HOBlslEKt4fguxscletKWSk8cYpjjVgU85r2QK+OTB14Pdc
+Y2rwQMEsjQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHeTCCBWGgAwIBAgIIINxlRne/yBUwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
+AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
+CQYDVQQGEwJFUzAeFw0xMTEwMTMxMTIyMDRaFw0yNjEyMzEyMzU5MDBaMEMxEzAR
+BgNVBAMMCkFDQ1ZDQS0xMTAxEDAOBgNVBAsMB1BLSUFDQ1YxDTALBgNVBAoMBEFD
+Q1YxCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+oHVLyy+miC29v/sQZfjQLLkr3gEHI1cA7Ev0mJkOjx5jkpk7xp7NbROz/EM5VVxZ
+Vi+mo8Wtkpc8Qzrgm4XQNaJ0IaI4LC8f4boix0mLND0zCnIGNxti15nP4HiqZ7k9
+u+YkylL5MX5VNbWl/TgMjxUHzaORYKPbSMRlAQSd1b7OU0PNa7p+WoF2XqbUzMdR
+0qw03tsyBvvRXgTFkIKijzHDA5cemDfxdZNP7t6LOxu0JxKDIqgvMFH88FqdeJd8
+uYVWpBpohIlZ0Gt7r3K9b6jNzuVAtWlkl4cByw1n5wmMSgxPxX6BtQrFUrvilrgd
+zDc/8b4IBqFzINjX/P9nErJdd4aQsn62uEomZ8PUwnQ6xhkMSqFjKDqqKUKjl5Cv
++PQoBA60WwIhgoxkwC1IYi5V0uciAFams8YJi3U0/ZNttR4g+JUlPjn7Vboi8OW5
+YKyxentQ+kDRN6gCQc8Oysx8NJ0wZnyt8MFzb/4OlzsO3vjSl8QEk9F0QF9+3ycm
+Fz6dBLYQgsZDDyK28DkJbIvwtDevB0S2QrabM3sxyKBImG7rNMm7ZyxpvX9vPXz1
+eGgxhJ/pTCZMBe2/ygFRLjoHEJhkSJCiooCFluUcctYlPq1PugwVeIzpZZOVZvwP
+V0SKAlV+TddvZVW0jF7zi8EoVJpW9z7BiD3GumxZSckCAwEAAaOCAnAwggJsMC8G
+CCsGAQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDovL29jc3AuYWNjdi5lczAd
+BgNVHQ4EFgQUklKuRm1bvb6FwbNhR6j/t9mTwA4wDwYDVR0TAQH/BAUwAwEB/zAf
+BgNVHSMEGDAWgBTSh7Tj3zcnk1X2VuqB5TbMjB4/vTCCAX8GA1UdIASCAXYwggFy
+MIIBbgYEVR0gADCCAWQwggEuBggrBgEFBQcCAjCCASAeggEcAEEAdQB0AG8AcgBp
+AGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAEkAbgB0
+AGUAcgBtAGUAZABpAGEAIABkAGUAIABsAGEAIABBAEMAQwBWACAAKABBAGcAZQBu
+AGMAaQBhACAAZABlACAAVABlAGMAbgBvAGwAbwBnAO0AYQAgAHkAIABDAGUAcgB0
+AGkAZgBpAGMAYQBjAGkA8wBuACAARQBsAGUAYwB0AHIA8wBuAGkAYwBhACwAIABD
+AEkARgAgAFEANAA2ADAAMQAxADUANgBFACkALgAgAEMAUABTACAAZQBuACAAaAB0
+AHQAcAA6AC8ALwB3AHcAdwAuAGEAYwBjAHYALgBlAHMwMAYIKwYBBQUHAgEWJGh0
+dHA6Ly93d3cuYWNjdi5lcy9sZWdpc2xhY2lvbl9jLmh0bTBVBgNVHR8ETjBMMEqg
+SKBGhkRodHRwOi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRp
+ZmljYWRvcy9yYWl6YWNjdjFfZGVyLmNybDAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI
+hvcNAQEFBQADggIBAFCFt2jwiV487rm4tE+VWNX5E6jwD32AXdEw6aDm1A2P4HYN
+MaQeaB8s7EyL4t2W1mLl+B6ObrwmvD1zbija852KPQ92IUo00cBH0k1agonUUE72
+c4pHAHu36qZCYiGyhvAI8A3wlm5l+ow23zkLjL/qfdAFA0Lrh16Sw3PTmMC9LW69
+CnzU14XBWtcmaqqqT1aJvoWUufk4703FJOZ+u6l+6l+VsR5IbFIbMOufhxTSVKye
+It7tpMFMAEK/mkbD8SmWuLGymTtQUqj5pmBPmyZM1d0AvY4Dn9Fw6SOCw+YdkjnA
+xx5B9SnXBfphA3yMVob26WuWQxd0Oz+ZuyLN4t5jcjl1UdH3wqjuS/UBBnTywVTy
+jixYB7HYT78yk0zTCNnCBmRkxL/fKzN2yRAr4/NUSilrtejMVQ6fOsfSdalbwK16
+myWlxAKZgPi9ZkhZ2hxnFC3EPvp9P9dLA/O+F+iVt4/1vmMfQavJtudM4vUA7ul/
+KOYzfLmbnRoj8seiPGJrfLgvs4kXJXL65YMp9F0N/HH+lMZR9SgzyrRPb6V+eUYI
+u4r9Cn+cC384CCugUgH4iKEKhW8Qe569eJzpjeQYE6qvCDFGfw8BCRN6Yq10W3zh
+2zbZ0mVtkRfQFX5aGAvZUMKRJ1PUDOd2apAeux4NhyH+FPbX0qlJ4r7yfR8j
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHkjCCBXqgAwIBAgIIZILEq2VLAKYwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
+AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
+CQYDVQQGEwJFUzAeFw0xMTEwMTMxNDU1MDRaFw0yNjEyMzEyMzU5MDBaMEMxEzAR
+BgNVBAMMCkFDQ1ZDQS0xMjAxEDAOBgNVBAsMB1BLSUFDQ1YxDTALBgNVBAoMBEFD
+Q1YxCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+mwYjFx7SZmarLj0+7DqdJn6qt5EwPpgXxnEzzFfOSQrSm6ylglABjVTEznl9a5m/
+ydNAxggVGKNA+hNMFCagFS5P6nJ8bZ4SZbILpZ6egUoXDV/+Iy0FgW7sJLPPh323
+2OtevxSiwGE8ipjJBVZVP+qYMFEpedkLRI2HzF0XVrmS9YfWOzK7yh2+d4CqPCfX
+1W0aGeBK21skABXEXeRgZDr1U5kmLRZAoG5NZB6XPcVdudBvle3zO2nFPlYeDMsR
+SOBFwQp0L7tcEZ1dQ2u/uhq3UfJGesWtshn///sQDC8K7TX9whlRkw6Qx5V8TcO5
+xQNJaxBQnsNBw41TBX4sglwzF50wfA2Xn0PS4GhT0ms/ijeqIh1ZP7eBKc4psMNJ
+ZtzhjdUCeK+WbZRDqK78Gv9K995oxFEDmR9Kyb5jDHgGV8qRdiup5g0ianMSg2iU
+5RxGzjvdGULDgAmvJ/fBuCMv15rLsz8c4zYxNDbNHRfET6TlxEZtLK1wGL3lrXgX
+ANXLFWSQzTw5EgBwueCWMZDIlvi4x16oeX5G7QcrKrQS8DCdWhGlhDMVJOcBkkLJ
+tlRjKitmYiTIoRiFaRt4S4+L+004rHlcbr9Ec76HbSmBYsmuIfrk8nSPDGnv0LOo
+rMhaXdcn6c5RZpH008lv6fN5wpLeEkQuzGjATLTFbo8CAwEAAaOCAokwggKFMC8G
+CCsGAQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDovL29jc3AuYWNjdi5lczAd
+BgNVHQ4EFgQU6ECbjvtmP8FE2KHf1EqBQggXy+UwDwYDVR0TAQH/BAUwAwEB/zAf
+BgNVHSMEGDAWgBTSh7Tj3zcnk1X2VuqB5TbMjB4/vTCCAX8GA1UdIASCAXYwggFy
+MIIBbgYEVR0gADCCAWQwggEuBggrBgEFBQcCAjCCASAeggEcAEEAdQB0AG8AcgBp
+AGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAEkAbgB0
+AGUAcgBtAGUAZABpAGEAIABkAGUAIABsAGEAIABBAEMAQwBWACAAKABBAGcAZQBu
+AGMAaQBhACAAZABlACAAVABlAGMAbgBvAGwAbwBnAO0AYQAgAHkAIABDAGUAcgB0
+AGkAZgBpAGMAYQBjAGkA8wBuACAARQBsAGUAYwB0AHIA8wBuAGkAYwBhACwAIABD
+AEkARgAgAFEANAA2ADAAMQAxADUANgBFACkALgAgAEMAUABTACAAZQBuACAAaAB0
+AHQAcAA6AC8ALwB3AHcAdwAuAGEAYwBjAHYALgBlAHMwMAYIKwYBBQUHAgEWJGh0
+dHA6Ly93d3cuYWNjdi5lcy9sZWdpc2xhY2lvbl9jLmh0bTBVBgNVHR8ETjBMMEqg
+SKBGhkRodHRwOi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRp
+ZmljYWRvcy9yYWl6YWNjdjFfZGVyLmNybDAOBgNVHQ8BAf8EBAMCAQYwFwYDVR0R
+BBAwDoEMYWNjdkBhY2N2LmVzMA0GCSqGSIb3DQEBBQUAA4ICAQA+fFVGYa3zf/b1
+GQ1MTdYUHsSbAlA5esf2htyAzcea/OHu2CRgGXajCbJN7cC2pFuhsiWYXrihjuc/
+crzztYYYjzRsO8iQn7+/hg56wzRCQvxMy0lLrwlVPXxtdg8mU1M8Gq13T+Nthkq5
+uotXXZgxiJu3Zhvtl9kK2wDVwxfLlp/McQpRcl1VSCSgvGg1teIi7+NQ2wBQPhyj
+GanigxFI7LDkgjo0sI2K6qV4q43pYpGq3YidDE/ssEBLSkT2IIHLgq2L9An5gVoe
+r6vCK58XJx9FGCpVtksUQYnm+cAkNxzV/cAfWIZroQwiF+vUSy8bjuPRslpszoWF
+AFJwg50OHaigUkfT7KMA/2RtpmxaGKB0thURRrczdGB/k1IpKjG8N3zjw2StkWqd
+GXFnlxdfxv9wrUuIrA7QPT62kWDPY959ZVCOoGxuIz9ExH2NS2twbzHRhQqI8/Vp
+eSkepE28fjMkq6oU7UxyLCDZ3CqvlbXXsGlW4hvWiV76ttN6b7fEo8NxSkz0FzyA
+tD/Hf2pdd/RkTL0LSLjTFalowiP6svMeFgxJoecmEt6TrUGfFgQggyLiPdEaIB0z
+Sbs2m0ErwLbkKkQY1bh+vAoK0bHa35KOFYySijGXbu93Jmz+LaKsARIBqQ/ZPP2e
+OZ2FWP+k5weZYyxNpeL0dtz7svdTlw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHkjCCBXqgAwIBAgIIUXd8prk4rwYwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UE
+AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
+CQYDVQQGEwJFUzAeFw0xMTEwMTQxMDA3MjhaFw0yNjEyMzEyMzU5MDBaMEMxEzAR
+BgNVBAMMCkFDQ1ZDQS0xMzAxEDAOBgNVBAsMB1BLSUFDQ1YxDTALBgNVBAoMBEFD
+Q1YxCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+o5KJruh7JPEBxpdC8Pf3qN8vfPR98dCWZynbjLBXv6MTjwAiehTq1X8OzEQNpqWq
+pNpygo6/YNgf8FMgYWhCsPSDvEmg5Um1xBnLjHBJMSIP7VClMVS9KidVu+nF8PpZ
+no8hecsfF4yJzLp/MD/lwIsjkh5Zp9e6cVBJsSkRJDY4gWlTWRYO/0e1ZQSmu+2+
+YKy2ZRpOPo6k4eGlIsFGz9yIzVii0hasDf43Lv19F515tNGXFIYmNnLjMFlf/LKu
+Al87jblGqRn5yhMGuJNsP05gH5D/F5YkLqg6A83KmygsIsgYzN72YWiFYNzB6ZzF
+0HPM9GX3PuSkKKXyFpUxYL0nHWH7B3Se4F5m+mmFk9GMvJVuoUvktOO2ysFPE3pY
+tl1iJjrVGBk5cmZHKQbqBw5ZooSEJNbmvtzshUxVEFTDRg+8avleaZFNvl5hilSQ
+4c7YlvSnu80AMfhJ/pD6bwA+7BG91elQdcoMuedHyvE3lGqYxuh25a3u//K97joz
++qq10hZH5eNrExjWV20DlF6kgZqo6C/2p0zm5eTfbaZ16oVZrpmTeG95dabQzgHD
+dXP6B4el67G275jQNok2Wu5wT9oKAM6xomNp6zsr0uYI9kQBqMP8BTPliB98rwg9
+xmQH4Ss/r1zZK3xt+mYypBo1OR5VvKEEqs1bnVf3LjMCAwEAAaOCAokwggKFMC8G
+CCsGAQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDovL29jc3AuYWNjdi5lczAd
+BgNVHQ4EFgQU5Sf9DFi3YMFTV4Yt+1YDi/6fxbIwDwYDVR0TAQH/BAUwAwEB/zAf
+BgNVHSMEGDAWgBTSh7Tj3zcnk1X2VuqB5TbMjB4/vTCCAX8GA1UdIASCAXYwggFy
+MIIBbgYEVR0gADCCAWQwggEuBggrBgEFBQcCAjCCASAeggEcAEEAdQB0AG8AcgBp
+AGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAEkAbgB0
+AGUAcgBtAGUAZABpAGEAIABkAGUAIABsAGEAIABBAEMAQwBWACAAKABBAGcAZQBu
+AGMAaQBhACAAZABlACAAVABlAGMAbgBvAGwAbwBnAO0AYQAgAHkAIABDAGUAcgB0
+AGkAZgBpAGMAYQBjAGkA8wBuACAARQBsAGUAYwB0AHIA8wBuAGkAYwBhACwAIABD
+AEkARgAgAFEANAA2ADAAMQAxADUANgBFACkALgAgAEMAUABTACAAZQBuACAAaAB0
+AHQAcAA6AC8ALwB3AHcAdwAuAGEAYwBjAHYALgBlAHMwMAYIKwYBBQUHAgEWJGh0
+dHA6Ly93d3cuYWNjdi5lcy9sZWdpc2xhY2lvbl9jLmh0bTBVBgNVHR8ETjBMMEqg
+SKBGhkRodHRwOi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRp
+ZmljYWRvcy9yYWl6YWNjdjFfZGVyLmNybDAOBgNVHQ8BAf8EBAMCAQYwFwYDVR0R
+BBAwDoEMYWNjdkBhY2N2LmVzMA0GCSqGSIb3DQEBBQUAA4ICAQBFS2ILc8ssZCyE
+XDHjioc2dKd/TbDhwexsPtXmC0MwIEmUl5siPcsZaP+dtYxsxkDk2e2Ikb10Itaw
+ObpeXRt2v+qJHOs2vQoNszLffviWRo51s+FYHtgT0EieV+VhlQE8MdRS4vBx7VaK
+vWz9u1LZDoVQaASbeb04IfDTMBMwhxAyN2X6PzcsP0zKPYf3Vt/+g93Wnuuk54uZ
+BySnbzOL5f29ckED1sfdUzSynSQgxuQH8lQ7V6Scr62X9eFM0i3oZTVLFdMkoiIm
+YJuZG4zkpdr0qnvB/TOo4MsvvP4GcfU93Q8aQUIkp2NuN84Wrjr49ud4/d/IwWiF
+Q1iMIMVh8Ij2bIYexzZV5WuD7+MMRBbFO8JB4o4D0XwygRMwiLzEqR2GfV5WjfgV
+bkqqc5aLnN5EvZPKq2Ic0Ws+pIxcp1ZEeWTx5vS41BTgoYjxQRDAPEloOx9lbHTb
+uTLYxDG/s4TB4DHDL9WrCCpgWenWFgj6575RwC9Qykk6pNU9FRv+9OztFj0lUEnQ
+YhptIAptGg813ZN7mNMRGG5y7zPgOItvmGhxnWEZpQsRI28ZwtsG4sKtjcoV5HHl
+qyzWzhs1TKMaqD+ZDr417oaGKx/kHlG/wMIq4hUjtfyafe5l4648hcY9wkbIzC/1
+7UaySDOmW43JJmrOMi15wd6FNxld9A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEATCCAumgAwIBAgIIWvgOmMFTClgwDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBOZXR3b3JraW5nMB4XDTExMTAyMjE5MTQ0MloXDTMwMTIzMTE0MDgyNFowQDEL
+MAkGA1UEBhMCVVMxGDAWBgNVBAoMD1RyZW5kIE1pY3JvIEluYzEXMBUGA1UEAwwO
+VHJlbmQgTWljcm8gQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC
+tz7qUBb61DHFYDbRj69nikk/4sbQ53NnPSrOBJEX3E59MAPoEO/biYzoMF4A3UdB
+LzZsRp4SYJZ0WybyvaExs9FHECfpcXohOCPkG7u1RC4EtUgMjw3lNvu3gDvyi5ut
+cdKI4uOwIkhD8objKuzSlU4IaUjsTaeIROKQHttkDMw7d8HhORy3QnTSIClZ3hgW
+DJZZHOyE2xhGhdyG/KfNlw/uXtJ9A5/YUPHp4dDfrQV2PUr+dTgs3BIh9r7dRngl
+a4BqbvNaH8Yw3fFJ8DqY118JH5GSQ3RQwHpz2f34n0y2PTSMLQlMUC2iRBOd8dhW
+Je5RGbKfveHXDfBgqdBBAgMBAAGjgfowgfcwHQYDVR0OBBYEFK0xx/oCzmf3ZRz7
+ul/Au8VQTGfIMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUBx/S55zawm6i
+QLSwelAQUHTEyL0wSQYDVR0gBEIwQDA+BgRVHSAAMDYwNAYIKwYBBQUHAgEWKGh0
+dHA6Ly93d3cuYWZmaXJtdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwSQYDVR0fBEIw
+QDA+oDygOoY4aHR0cDovL2NybC5hZmZpcm10cnVzdC5jb20vY3JsL0FmZmlybVRy
+dXN0TmV0d29ya2luZy5jcmwwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUA
+A4IBAQCz8LF8s4ueoaZov0/fhVPJlm8flyIa/zxKxR7PK26LXJbV7Z4CL/7Xtp0z
+VtzAeFhuD11YSkG6BOvBDvozt4rHlLuOj/R+II10sBG4R3Z1iUUeXVLI5e4L0RL8
+vb1PNBghUWF7+3W4Ge/CfHjno1V5I293k85otpjgq0MgJsr16oe9vjjOkXSZaG1+
+NXshwaqFbDFI70ORCP0HmKADPAGm++sl6hVis1I9fWo9consiYRTHs2ac0f/bAu5
+lyDf3OSEtcaYmvMuzwI4BZ7xTmPbx0pFN+dkpS8V2VO1bITrkKBkW6LqlVyDY8al
+7Q4eay8hSFJbRBNzyPj+oarZ69Hf
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHTzCCBTegAwIBAgIJANkIP7upZ8oaMA0GCSqGSIb3DQEBCwUAMIGuMQswCQYD
+VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
+IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
+MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xKTAnBgNVBAMTIENoYW1iZXJz
+IG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTExMTIwNzExMjgwN1oXDTM4MDcz
+MTExMjgwN1owga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBj
+dXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIw
+EAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEp
+MCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW9
+28sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKAXuFixrYp4YFs8r/lfTJq
+VKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorjh40G072Q
+DuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR
+5gN/ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfL
+ZEFHcpOrUMPrCXZkNNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05a
+Sd+pZgvMPMZ4fKecHePOjlO+Bd5gD2vlGts/4+EhySnB8esHnFIbAURRPHsl18Tl
+UlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331lubKgdaX8ZSD6e2wsWsSaR6s
++12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ0wlf2eOKNcx5
+Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj
+ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAx
+hduub+84Mxh2EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNV
+HQ4EFgQU+SSsD7K1+HnA+mCIG8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1
++HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpN
+YWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29t
+L2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVy
+ZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAt
+IDIwMDiCCQDZCD+7qWfKGjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV
+HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20w
+DQYJKoZIhvcNAQELBQADggIBAJq8HIZ0d6Pxdaa59IM1hE9MfO37ttdRJUnEggep
+0q9GS8qauGtDckmS10t27SwZ0zEGSsNLZvsiG0oW5MGWcW4wA6Z9RajAFMTLvY+w
+pcZPEtE9Kze6Nc6WvBuwrLhw4DePSYr+G7fAdfgbsDVF1y04eZ0e+Tc9WiO5rqKj
+bN72NqPEc0ahrtSC3cbXf1XZwiy+vs2uz3uknLl4q08OBrvNHV53R1yH2mBXmr7B
+tFlWRsgEaZ74r7jHq6rX0wST5xVglaemGi+xjuIBaGt6ZyBNGCZwFrL+PMfgZZz2
+caupQxRPSOMhMLSpzA/Xm8blQDP/Uzukv4hgrgZOQmiMaBWprSq9BfmHCUVlG17U
+JcUNP1L6WLUmjLu35Yh5UYYznoUozlNxix59iyUHoviYRFfJYEstMfvVbJERL7PP
+60uqww6G1/mWocfoO/4CwC2b1cFkuRZw8JbFBfQHCWhhb6t4n+Ul4vE5n1+sDSou
+kxJbZ91DxGokaqGMpI9GWPMUZBDdPQGyZODEPevhlvMzDkGW/kyzBWhU1ObB068Y
+YZgwB5rer36/EwYN1tEl5lSiDp5nIdOpsQGVwSJ7h+UJZ1tN52IbMmakoa0rdkiA
+wQXg99ysYHwGWA7rlMJIMvUqBIt6QrCL2B+AKY/7KWvJiC5GeFxkBGdKRg3Pedf5
+LZh1
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHSTCCBTGgAwIBAgIJAK6CGQU/XoJxMA0GCSqGSIb3DQEBCwUAMIGsMQswCQYD
+VQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
+IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3
+MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD
+aGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0xMTEyMDcxMTI5MjFaFw0zODA3MzEx
+MTI5MjFaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3Vy
+cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAG
+A1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAl
+BgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBAMDfVtPkOpt2RbQT2//BthmLN0EYlVJH6xed
+KYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXfXjaOcNFccUMd2drvXNL7
+G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0ZJJ0YPP2
+zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4
+ddPB/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyG
+HoiMvvKRhI9lNNgATH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2
+Id3UwD2ln58fQ1DJu7xsepeY7s2MH/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3V
+yJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfeOx2YItaswTXbo6Al/3K1dh3e
+beksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSFHTynyQbehP9r
+6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh
+wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsog
+zCtLkykPAgMBAAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQW
+BBS5CcqcHtvTbDprru1U8VuTBjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDpr
+ru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp
+ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk
+cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt
+YSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiC
+CQCughkFP16CcTAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCow
+KAYIKwYBBQUHAgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZI
+hvcNAQELBQADggIBAAVYdowzN5EdX8oP0EeXv12Qid5aht15LIKdyjwkzo05bJAr
+FPMI3f09Xegl9XJjSLUPlwFcAUlAbUUE4tHNRtCGJZhqA/m7xr7u0PNhz5j5j+38
+5hUKNYoooZBm1xzJmjYj7mwg1q2XUVUqsFYojn9K5gde1cr4XvMRpIwTSvLN8LW3
+ZmNBUAIMLEdurDgAfYxgqIp+liejt/G9Ez0q7wPYcPvdZCvox1yvDJwgi2zQJkCS
+/vQJh3JTvvZt6Rj1diS4ahfn4z3YptuQfGHYT5NBCPNlytfeq5MKujvtX6Xcyhh8
+rwL4yuB7HHzvnsmTMBruSBx5+FB3qWyeXfxrBt6Tmssk94CdVdJ4zdlmD1mBy6yi
+N8qRyqxXzY2BA6u8H82S/qWU3dbnaqxd3CX+K0952XI6IIwUqMRyMFgIm1MWcaa4
+8fK8n7/560NhsyxounDkawhTFYQPQBJUJJkQkjqTxIIdiq60iIlFLu93rMAKByk7
+j8stKWFFBw469gThKr/PE3tLeqNsIxpmsSgK4dH/1SvIRlSBF0vh5xBnpYu6LEHH
+N6IJ8aWHKe6Hl2qpsk6oqJ9hDao0xB94Q5WZ18O9ynd2UtwQDHyVJdgFxYQwVdp4
+TOJrEfC8w0IMfJnbMGDUduUUVZlW5kFLNFx6SEltBWn5MXEH1lqShVA0dGh0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGgjCCBWqgAwIBAgIQBxVWH+V/ML4XiYkjwzpEUDANBgkqhkiG9w0BAQUFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTExMjA3MTIwMDAwWhcNMjYxMjA3MTIwMDAwWjBhMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNRGlnaUNlcnQgR3JpZDEZMBcGA1UECxMQd3d3LmRpZ2lj
+ZXJ0LmNvbTEfMB0GA1UEAxMWRGlnaUNlcnQgR3JpZCBUcnVzdCBDQTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAO65BA1JPUZvUOjZf2SNLymSrF3vhYGP
+XyfUHmsZcgUSZFuwJXhWJMiDkwk1NfQrk0Hy9CyfFAD1z7EiQgOMWWuWQdweBJxw
+IzK/HQS0nTEwxEqF8O5cAWH478iZbY5sbTn9m5ZmFVRwPp1nh2k0c2mQ50QR078C
+sAnuzpbzA9nA3uZAX8+txpfBQ9bFsTociALeIYR0FhvHh/RlvLtfHFnxpg6Q/n0r
+AL9HKEYD+qBaBXtval0ziqRdr0B0yJ/d+inclJVKc/uNxrEjew9nbNMFnaoZ0Nt9
+5uzn3qanjLxNmFRwBtvrA6iuJBlZlTjB1RpPu58l3TJ/LniIGPiRGHECAwEAAaOC
+AzAwggMsMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHkGCCsG
+AQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t
+MEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl
+cnRBc3N1cmVkSURSb290Q0EucDdjMIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8v
+Y3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3JsMDqg
+OKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURS
+b290Q0EuY3JsMIIBxQYDVR0gBIIBvDCCAbgwggG0BgpghkgBhv1sAAIEMIIBpDA6
+BggrBgEFBQcCARYuaHR0cDovL3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBv
+c2l0b3J5Lmh0bTCCAWQGCCsGAQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAg
+AG8AZgAgAHQAaABpAHMAIABDAGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBz
+AHQAaQB0AHUAdABlAHMAIABhAGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABo
+AGUAIABEAGkAZwBpAEMAZQByAHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABo
+AGUAIABSAGUAbAB5AGkAbgBnACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBu
+AHQAIAB3AGgAaQBjAGgAIABsAGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAg
+AGEAbgBkACAAYQByAGUAIABpAG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQBy
+AGUAaQBuACAAYgB5ACAAcgBlAGYAZQByAGUAbgBjAGUALjAdBgNVHQ4EFgQUYZek
+mymYAZta/4fmdO8wg8xotMgwHwYDVR0jBBgwFoAUReuir/SSy4IxLVGLp6chnfNt
+yA8wDQYJKoZIhvcNAQEFBQADggEBAJtEamzsGt7a292/ds4LkJjwyRZ77QcYBns4
+yXLuacEmMURsVXABhXcPGLtiy8h3slNSyB7V+mMrpXC1iPRGTSdOlHrkanyqXfDS
+pjOX1Jn0OtDvLRbHybsI08XIoZCI1SRskt/COlRTfVw7HFOXcsxtN4EvYRtbK/dN
+Z1zA8uqKPCXGVVhLEzlvoo8OZVVfKGPwqsaWi4SBjZNKWQklB8Pdezh0hOpLwUs8
+Mi2YeJSxpfDTiJ5VDAAf9IIMnPouRQcx9KSNQqPAU2/jBt+9k6QpdVqIeC7ZP8Hp
+7RdacX/aLOhgTNEwj3Aqgk6RYF8n+xUQe+AOylpgO+zovEWsBWQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG4DCCBcigAwIBAgIQBJs5bzwFPCdTNiFgnspdPzANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTExMTIwNzEyMDAwMFoXDTI2MTIwNzEyMDAwMFoweDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTE3MDUGA1UEAxMuRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2Ug
+SW50ZXJtZWRpYXRlIENBIChTSEEyKTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAPV3cVm0AV6S+NNNeEAWTXr2L/bPxehYyaqT+qJXWgg11KqFHYwakBAy
++r+GDD43kaQ/9sDXzG460l97g9FubatBdl0rOKBeXcDK62I/yPwSt3O0hUUe7Ryg
+wAzhOHYy0SYNJklXH40MwHWV3I3IKm3ApvhSpcAXoDztawEa1/xjT1gpruL/vwdI
+MCptGmzE10f1KjEPxyB/8l1fNy6fHTLBBgWOsZ49X9PryU7LArzwEdT6/AfHUvYp
+vRPJRJEXcZDA6cjevzEsQ/ZcayAdkd9nViY+vDOlqAhRzaGN5xRO/cdVjmNY5hZO
+Bg9e/L27YkcLWMRnksSHETq0ZqxYULkCAwEAAaOCA3AwggNsMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw
+LmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDovL2NhY2VydHMuZGlnaWNl
+cnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNydDCBjwYDVR0f
+BIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRI
+aWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMECgPqA8hjpodHRwOi8vY3JsNC5kaWdp
+Y2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMIIB0gYD
+VR0gBIIByTCCAcUwggG0BgpghkgBhv1sAAIEMIIBpDA6BggrBgEFBQcCARYuaHR0
+cDovL3d3dy5kaWdpY2VydC5jb20vc3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQG
+CCsGAQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMA
+IABDAGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMA
+IABhAGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMA
+ZQByAHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkA
+bgBnACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgA
+IABsAGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUA
+IABpAG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAA
+cgBlAGYAZQByAGUAbgBjAGUALjALBglghkgBhv1sAQEwHQYDVR0OBBYEFLJPiVmK
+Jf/LxZ6wPaWfJNWGmLInMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9jZCvD
+MA0GCSqGSIb3DQEBCwUAA4IBAQCIkWB39quTd1vAFRPdrxV6sQvJ/nG/sySB594b
+oSo/MHP4H1s6E7aEsqVdF1c7nxlfRPUQZEqA6xg5pJO1BQhon6t9PJmq4DcZgbbb
+n+Dp2tf2QZcyHhDBS0z2XnZ9kVJmoPm3BHUb+DsV2G63UHxSXRXb3OVUr4gPFk/M
+QpqYwct49DQgv0VJt+CRbrFkVCnQ3eSapaSjlCBOGGJavzRMDvOA1IyuZgHSVDJA
+dE51dDhXthAkpGlBNb1dET244UWfLgvriDSpUcMDXflLJoogfdIVCyZP1q2s61P2
+M6pQqSiXJ4SJ8dSrTsvRKjO4f8PXghmlAsOMIPDUgJ3qPaU4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG5TCCBc2gAwIBAgIQBDg2SqweGZEe3TK+yl8pgzANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTExMTIwNzEyMDAwMFoXDTI2MTIwNzEyMDAwMFowfTEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTE8MDoGA1UEAxMzRGlnaUNlcnQgRXh0ZW5kZWQgVmFsaWRh
+dGlvbiBJbnRlcm1lZGlhdGUgQ0EgKFNIQTIpMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA0wR3ZUFwVvqAMwSmruMs9Uox15uVX1umQ4riFohwlP67Ji5j
+U/pHezGliChqkkbw9X3NGA7TuaaET0U0vRov1FlD1sc1McgybOCoINx+T/Rp/OXh
+4vCIIfPycD8nk+bpT9JL7Yw4yBzEk5lep0Dio50ugTgxUz461TtM7QKm7emasHyh
+LZxhszCkkQVro85DViEWCO4u4XfXiDyELsi2tN3CTqE0elq7pRgg5eA09W7zlxDz
+6enVytBeTWOBNsCQ6jhMIH2lFQy6x/4Uisbps4skhSiNt8OO1UwBGqjNpLMWXIyR
+EaNgSCTyaQmN29i0wxmmjYg4kpxXDWCKyEsSZQIDAQABo4IDcDCCA2wwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMH8GCCsGAQUFBwEBBHMwcTAkBggrBgEFBQcwAYYYaHR0cDov
+L29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1odHRwOi8vY2FjZXJ0cy5k
+aWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3J0MIGP
+BgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdp
+Q2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwQKA+oDyGOmh0dHA6Ly9jcmw0
+LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmww
+ggHSBgNVHSAEggHJMIIBxTCCAbQGCmCGSAGG/WwAAgQwggGkMDoGCCsGAQUFBwIB
+Fi5odHRwOi8vd3d3LmRpZ2ljZXJ0LmNvbS9zc2wtY3BzLXJlcG9zaXRvcnkuaHRt
+MIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4AeQAgAHUAcwBlACAAbwBmACAAdABo
+AGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQAZQAgAGMAbwBuAHMAdABpAHQAdQB0
+AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAgAEQAaQBn
+AGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAAYQBuAGQAIAB0AGgAZQAgAFIAZQBs
+AHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAgAHcAaABp
+AGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBuAGQAIABh
+AHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQAZQBkACAAaABlAHIAZQBpAG4AIABi
+AHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMAsGCWCGSAGG/WwCATAdBgNVHQ4EFgQU
+F0HMBW+uBFMqTKVexlNg1CPltbQwHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC
+72NkK8MwDQYJKoZIhvcNAQELBQADggEBAFqM0L0QQWl6Vl5IkVgezOLHYkpf941d
+on+lbD7qgn4z9DAhvVBZ84/spUi5Oa0FxXsgRYd5Peq8c5auw8Fxl3I3zGnTmzBF
+Cst+x9/m2O82jZcH3WdolEuY2z553F3B6YgaA0hhSO8ahQ4rn+m37xLRQ+vwW5WL
++NUZM7qn+Fs0iVNOVOT/A/fyV51oUOOOvIa6T58Uf6EEdghvycFVDEaZR/da+f3t
+xExZgDlSfS9dZ+RuII1BTrq+LHFcdgfZMhNyTaxfcpxqiJ0iYAqn89AFI55hTMci
+gdyNItWHp+NzugB7IqH2E3i354m4+V2xh9ExeSddCcKQoH7hn9QElpw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGyzCCBbOgAwIBAgIQDFWl6NPPT7NZ8Asrci/u+TANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTExMjA3MTIwMDAwWhcNMjYxMjA3MTIwMDAwWjB0MQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMTMwMQYDVQQDEypEaWdpQ2VydCBBc3N1cmVkIElEIEludGVybWVkaWF0
+ZSBDQSAoU0hBMikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1Pfaw
+mfyykGMCYkrzuTq8YyAQRK+0Z3gL/ZgBB61UCuJKTiVk37A/fk6hspBMocyK5vAC
+Y8qSvRDqWMLwaKgwBFiaZ0L/lXcB5sLfmGhYJ0erdpxkxeeKFKrW9ejuallqtB2P
+f6cGsF4EuhodC9T/+9qCf12UZxslBKrhJs4GNWrHJF3sPNaa7ya5I6AovvowhQLh
+VlSBaUk0EgNayCW5XbpY81d8lVZJoDMTHhKCZwF0bHKLrp5bVRPGrYnJXw8gdO1x
+qIr2L6jVnqL1yx0qj5UpWBr025HsM3ORuJCKkTj9Aj6ufxKZjGEA+iZVR7wrK6x1
+e1A21UaG8X+QK8ixAgMBAAGjggNmMIIDYjASBgNVHRMBAf8ECDAGAQH/AgEAMA4G
+A1UdDwEB/wQEAwIBhjAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsG
+AQUFBwMEMHkGCCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
+ZGlnaWNlcnQuY29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2Vy
+dC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3J0MIGBBgNVHR8EejB4MDqg
+OKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURS
+b290Q0EuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNl
+cnRBc3N1cmVkSURSb290Q0EuY3JsMIIB0gYDVR0gBIIByTCCAcUwggG0BgpghkgB
+hv1sAAIEMIIBpDA6BggrBgEFBQcCARYuaHR0cDovL3d3dy5kaWdpY2VydC5jb20v
+c3NsLWNwcy1yZXBvc2l0b3J5Lmh0bTCCAWQGCCsGAQUFBwICMIIBVh6CAVIAQQBu
+AHkAIAB1AHMAZQAgAG8AZgAgAHQAaABpAHMAIABDAGUAcgB0AGkAZgBpAGMAYQB0
+AGUAIABjAG8AbgBzAHQAaQB0AHUAdABlAHMAIABhAGMAYwBlAHAAdABhAG4AYwBl
+ACAAbwBmACAAdABoAGUAIABEAGkAZwBpAEMAZQByAHQAIABDAFAALwBDAFAAUwAg
+AGEAbgBkACAAdABoAGUAIABSAGUAbAB5AGkAbgBnACAAUABhAHIAdAB5ACAAQQBn
+AHIAZQBlAG0AZQBuAHQAIAB3AGgAaQBjAGgAIABsAGkAbQBpAHQAIABsAGkAYQBi
+AGkAbABpAHQAeQAgAGEAbgBkACAAYQByAGUAIABpAG4AYwBvAHIAcABvAHIAYQB0
+AGUAZAAgAGgAZQByAGUAaQBuACAAYgB5ACAAcgBlAGYAZQByAGUAbgBjAGUALjAL
+BglghkgBhv1sAxUwHQYDVR0OBBYEFHZlxioFq42GeSV8dFfqsb5artRsMB8GA1Ud
+IwQYMBaAFEXroq/0ksuCMS1Ri6enIZ3zbcgPMA0GCSqGSIb3DQEBCwUAA4IBAQAF
+JsDacbiTq4/viEvl0MZiFvaT0SvqFj3InYEd1aCCcSja8QccOb6kcv6NR+6NlCBY
+I/AZAEkwgAMJt1LwrFCKjIHn/K0j39J9MbOPSVqA5CWUx9BdCWNq9mitaBQXcmiB
+XQDbMVAMftB43hGMkcyL84AwTC3HrAzqvbpsZRLks1oTvArEYaN4vcUyJDIFTpTI
+oTaTDg002st7JWhcH03rIEVwC0bpWY+eFEUAkkdosrkdjjjMUlPuDusyRnYHx4s6
+XG4ueoHKTnPW6BUGFjUlHz6bq6t2uNIkCI5D8I3RuGpsHfW6MquIstjGDc4dJvdy
+KmbyMb4zizt9jv3AH4FD
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIGDjCCA/agAwIBAgIQBqdDgNTr/tQ1taP34Wq92DANBgkqhkiG9w0BAQwFADCB
@@ -1899,84 +2427,333 @@ jwLI5jqmBNFI+8NKAnb9L9K8E7bobTQk+p0pisehKxTxlgBzuRPpwLk6R1YCcYAn
 pLwltum95OmYdBbxN4SBB7SC
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEgzCCA2ugAwIBAgIQRlOxph66LcejLvk5Wk74jDANBgkqhkiG9w0BAQUFADB+
-MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B
-LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD
-VQQDExlDZXJ0dW0gR2xvYmFsIFNlcnZpY2VzIENBMB4XDTEyMDcwNjEwMzE0MFoX
-DTIyMDcwNDEwMzE0MFowYzELMAkGA1UEBhMCUEwxJzAlBgNVBAoMHk5ldEFydCBT
-cMOzxYJrYSBBa2N5am5hIFMuSy5BLjEYMBYGA1UECwwPaHR0cDovL25hendhLnBs
-MREwDwYDVQQDDAhuYXp3YVNTTDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAMyR9fcBCU91yAnHFI/kGpl4IJlAWW8QL//+0BD/BqM5PcTxSwfPIjkggENQ
-wa+0AXGgozARUtPSmNnCaffjANkZPz2zO1J149MMq/9XATqDXPUCuyj+kDiOooTP
-YUjnmeByJLYRWEoYVw00GF41yLOsBF+NOC+iz9LcdNhBAuzg2wxUgaR6xTTVGYa2
-HmX3PPay3Tq1t5FhGP2BLIpo19aoM7dHuPlIrTXuEZP5wqn6lI5Pu9Eep2R0tPkP
-iKcRpzMawrEUDBKoa4JEeE7VeY9cYClHTDY1UsetbMAgOZPxyLM72cbs3SJFJ6JQ
-Egf4/jh5JIm5997gxulk4/QL+scCAwEAAaOCARYwggESMBIGA1UdEwEB/wQIMAYB
-Af8CAQAwLgYDVR0fBCcwJTAjoCGgH4YdaHR0cDovL2NybC5jZXJ0dW0ucGwvZ3Nj
-YS5jcmwwQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzAChiRodHRwOi8vcmVwb3Np
-dG9yeS5jZXJ0dW0ucGwvZ3NjYS5jZXIwHwYDVR0jBBgwFoAURcWyhk7M3SmX5N0U
-xG6uTbjBd/gwHQYDVR0OBBYEFJ3O8Fq0yyXPNqWCXY/3f5hGGTcuMA4GA1UdDwEB
-/wQEAwIBBjA6BgNVHSAEMzAxMC8GBFUdIAAwJzAlBggrBgEFBQcCARYZaHR0cHM6
-Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQUFAAOCAQEAUwHHh62s11Iy
-H3ldh/ABiI6ZPwfY5LyECo1f1dViwpt5M0b5itmylu01iik7Xzh6anAdi4Qao5CB
-9y5gd3jw0ISj6Yo874o0a7Gc6OF29IceezwYb5hwLCqKIvW6llJ+JmKLlgMyIvmA
-1/HdnsJ5tBcNQP9Qaihv6G8Rivm0ZStShjFQx03m877eatGJkCdhbBx9kB+a7QLU
-ASJeiwvJmTTxHQT01tBxfI8MMaMvIK01yNO0Czh0iaXTVXLpr7C4nwLJhWkB2H4A
-RCWRLF5bn+1SqLtdlCD0xII13uXTBTwU1QiA5HRH4/r3jHNAqC3qH5bI4wMsYgjM
-RAJGpYHCCg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEmjCCA4KgAwIBAgIQCx2xqRnyTDxO/LV6ak5svzANBgkqhkiG9w0BAQUFADBY
-MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
-R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMjA4
-MjMwMDAwMDBaFw0yMjA4MjIyMzU5NTlaMFgxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
-Ew1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBFeHRlbmRlZCBWYWxp
-ZGF0aW9uIFNTTCBDQSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAnsYhzS490LsqTaR7H6gawgOm/0NiW7+R0WZSqYGQaDGGFrsdhVipfpFqHkwx
-yiHEvnAbn4zkBS2c7RF5rY+cJYZMuvLlYnmOIl+FfCI1OCONgDyszC38WPI1v2Zb
-68Ek+HCAdDL5Rt4yGYCMt+caoapkmI3Kzg7ca/fikApsHKX0kDJS5fEAQjGRSEKJ
-qF1/Y40xstZIXEVFIsnFWRKrQZTq/pxGTZq8nODixkaz5n/c9Q+jE0WGbXl4/OFQ
-zwmG5Z+/yzrU4LHU/6g/fWIfwG14SMPXo6UjYcU+NU2y5fj9lEu8c1Ov45ppVb7L
-Z6vhvu8bwk2syylcvO24Yp0Q6QIDAQABo4IBXjCCAVowPQYIKwYBBQUHAQEEMTAv
-MC0GCCsGAQUFBzABhiFodHRwOi8vRVZTZWN1cmUtb2NzcC5nZW90cnVzdC5jb20w
-EgYDVR0TAQH/BAgwBgEB/wIBADBGBgNVHSAEPzA9MDsGBFUdIAAwMzAxBggrBgEF
-BQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL2NwczBBBgNV
-HR8EOjA4MDagNKAyhjBodHRwOi8vRVZTZWN1cmUtY3JsLmdlb3RydXN0LmNvbS9H
-ZW9UcnVzdFBDQS5jcmwwDgYDVR0PAQH/BAQDAgEGMCoGA1UdEQQjMCGkHzAdMRsw
-GQYDVQQDExJWZXJpU2lnbk1QS0ktMi0yNTMwHQYDVR0OBBYEFG8mVtlc5/fJBCD4
-Hrp8kScvjPoHMB8GA1UdIwQYMBaAFCzVUEGXFYvwjzZhW0r7a9mZyTOSMA0GCSqG
-SIb3DQEBBQUAA4IBAQCSd+lXyevERW/JTG59ABJxpeM5/hOESWznSXH1LMfANsII
-WPODdcVy2I149GXqjNXjpQ6prevjoSOuk7fYdXVKWcvynttAv06J/pVCKTR79N1q
-DXRfxxETLt0RbsbjW7PPpo3l92d7urOzaXAUsMKZtNJ2WzgXOUUbgvFTuD1VOQt/
-/5itbpaatmpMel69sYYSnXwsYrsJk18/2LWKw0koDwv5OSIa/l3T6BhfnV+0wCDG
-qUkNVXNqCXr/opm/2LuR3DA5rihL9sV3JOjWxqegTvKmmXXN3VfdCkeSy7u3SPoh
-8Gkh/+UMqgyx6t0FHBmO0Sp5aAJezDjmKcR39Rkc
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEWTCCA0GgAwIBAgIDAjpjMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMTIwODI3MjA0MDQwWhcNMjIwNTIwMjA0MDQwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-U1NMIENBIC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5J/lP
-2Pa3FT+Pzc7WjRxr/X/aVCFOA9jK0HJSFbjJgltYeYT/JHJv8ml/vJbZmnrDPqnP
-UCITDoYZ2+hJ74vm1kfy/XNFCK6PrF62+J589xD/kkNm7xzU7qFGiBGJSXl6Jc5L
-avDXHHYaKTzJ5P0ehdzgMWUFRxasCgdLLnBeawanazpsrwUSxLIRJdY+lynwg2xX
-HNil78zs/dYS8T/bQLSuDxjTxa9Akl0HXk7+Yhc3iemLdCai7bgK52wVWzWQct3Y
-TSHUQCNcj+6AMRaraFX0DjtU6QRN8MxOgV7pb1JpTr6mFm1C9VH/4AtWPJhPc48O
-bxoj8cnI2d+87FLXAgMBAAGjggFUMIIBUDAfBgNVHSMEGDAWgBTAephojYn7qwVk
-DBF9qn1luMrMTjAdBgNVHQ4EFgQUEUrQcznVW2kIXLo9v2SaqIscVbwwEgYDVR0T
-AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwOgYDVR0fBDMwMTAvoC2gK4Yp
-aHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9ndGdsb2JhbC5jcmwwNAYIKwYB
-BQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nZW90cnVzdC5jb20w
-TAYDVR0gBEUwQzBBBgpghkgBhvhFAQc2MDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93
-d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwKgYDVR0RBCMwIaQfMB0xGzAZ
-BgNVBAMTElZlcmlTaWduTVBLSS0yLTI1NDANBgkqhkiG9w0BAQUFAAOCAQEAPOU9
-WhuiNyrjRs82lhg8e/GExVeGd0CdNfAS8HgY+yKk3phLeIHmTYbjkQ9C47ncoNb/
-qfixeZeZ0cNsQqWSlOBdDDMYJckrlVPg5akMfUf+f1ExRF73Kh41opQy98nuwLbG
-mqzemSFqI6A4ZO6jxIhzMjtQzr+t03UepvTp+UJrYLLdRf1dVwjOLVDmEjIWE4ry
-lKKbR6iGf9mY5ffldnRk2JG8hBYo2CVEMH6C2Kyx5MDkFWzbtiQnAioBEoW6MYhY
-R3TjuNJkpsMyWS4pS0XxW4lJLoKaxhgVRNAuZAEVaDj59vlmAwxVG52/AECu8Egn
-TOCAXi25KhV6vGb4NQ==
+MIIE9TCCA92gAwIBAgIMLuujs6+RGksxvbEKMA0GCSqGSIb3DQEBCwUAMIGCMQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEf
+MB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0xMjAzMzAxMjAwMDBa
+Fw0yOTEyMjkxMjAwMDBaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
+c3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHlF1YWxpZmllZCBl
+LVN6aWdubyBRQ1AgQ0EgMjAxMjEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWdu
+by5odTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANdZaWRow9po+j0m
+A658maAb6LaU8VYvjXOAxkph0zBNehDWmMjtKufqYULB8NBZ0cwrAW3T/ImzudYI
+sneP5xV4Ma0frUcdmJn8el4DFgu9/8SN30WKpXvFJH1tYvas/hMtXvc67P/c6ehe
+3u8Uhot2v7qT3isGoemXuS3I8E/Z3uEKvvc80zkLHcOjChM8gndJ1M3a4x8d0Hbj
+EN8HBxys8NgOzFf1DGWGlMZgO4duuoHwFeLBz96WthepVZXqJm0hza38FYYlKLPN
+TwrXK8NYprSfYwGgxJOkoyUQ9EIgWe0O84DafrTCo54B5pY/HW45HrdjWgrI8h6s
+9MdytqsCAwEAAaOCAWcwggFjMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQD
+AgEGMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8vY3Au
+ZS1zemlnbm8uaHUvcWNwczAdBgNVHQ4EFgQUzD1G6GUAu+rDvc+3iOGV/1N5o7Qw
+HwYDVR0jBBgwFoAUyw/G30JDzD3LtUgjoRp6piq7NGgwGwYDVR0RBBQwEoEQaW5m
+b0BlLXN6aWduby5odTA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmUtc3pp
+Z25vLmh1L3Jvb3RjYTIwMDkuY3JsMG4GCCsGAQUFBwEBBGIwYDArBggrBgEFBQcw
+AYYfaHR0cDovL3Jvb3RvY3NwMjAwOS5lLXN6aWduby5odTAxBggrBgEFBQcwAoYl
+aHR0cDovL3d3dy5lLXN6aWduby5odS9yb290Y2EyMDA5LmNydDANBgkqhkiG9w0B
+AQsFAAOCAQEAgaJ7B9CTqKP0UwqUYz0ALi29Xu4n0ls5qhu2/bvmb90/7WLwNLxA
+PQLkINtaB4HCdhv1WVavZnJznhNaajseJtZ6J4x3GInhBBxspyAQmUdC2nLu0NGM
+uIS5KbyXo7CdiLyiY+plt1seqVfMlDs9WtXEqg5kvu2DCbwEQ9v0vr5a5SCgqHik
+Q/uEMyUSAKCYzsd7F8nMaay4r6O5D6Tnzq18i4Hb5jfy3JVYMfzPJxc5ZQrQ4M5t
+/fb6IJLWhLESze3o47Vag3WjOPXQe97kGOLTQh86hjGbSqj8C0/2isTORVL/vQWX
+GAGEbZckkjtKwJpSurhpozWCucCQwK7FFg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFUTCCBDmgAwIBAgIQUkslvRLtjP5PjTe7wpuofzANBgkqhkiG9w0BAQsFADCB
+8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoMMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
+dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLDB9TZXJ2ZWlzIFB1
+YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLDCxWZWdldSBodHRwczovL3d3
+dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECwwsSmVyYXJxdWlh
+IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMMBkVD
+LUFDQzAgFw0xMjA0MTcwOTI4MjdaGA8yMDMxMDEwNzIyNTk1OVowgfMxCzAJBgNV
+BAYTAkVTMTswOQYDVQQKDDJBZ2VuY2lhIENhdGFsYW5hIGRlIENlcnRpZmljYWNp
+byAoTklGIFEtMDgwMTE3Ni1JKTEoMCYGA1UECwwfU2VydmVpcyBQdWJsaWNzIGRl
+IENlcnRpZmljYWNpbzE1MDMGA1UECwwsVmVnZXUgaHR0cHM6Ly93d3cuY2F0Y2Vy
+dC5uZXQvdmVyYXJyZWwgKGMpMDMxNTAzBgNVBAsMLEplcmFycXVpYSBFbnRpdGF0
+cyBkZSBDZXJ0aWZpY2FjaW8gQ2F0YWxhbmVzMQ8wDQYDVQQDDAZFQy1BQ0MwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzIsdP4pdClYhHg0D2HRfzg3Mk
+HlHzmIrDkrj/QJAFcIdgyQCptZRlGSIVF8JDbGZEmg0EPjlvpUt6qmO3ikSd2WOR
+hGbgKA+6QuNujvcUJ5Np7pEOo18OsetmonJPEhOGZXo+208H9KcJYNo6QpnHsn+z
+FpUcx/k0tZSF1ZleoEigfucXZbiidbge8+VCfa/t84pIZF2CFJPYwOT/s1By8nb2
+s11CUHnQlD5rDAC+2GsOTirsPtLMgqIYZTMTd56aXRoT2MPbPciXeu5w7afmfNtx
+zy2UYt9t1vU4vj+lhQoZuKjYCXVCcMTq78sOyDSoEiKYDLgTlLZL7PDQkOcnAgMB
+AAGjgdwwgdkwHQYDVR0RBBYwFIESZWNfYWNjQGNhdGNlcnQubmV0MB0GA1UdDgQW
+BBSgw4tEqjelRb+XgFrR8Xiim+ldjTB4BgNVHSAEcTBvMG0GBFUdIAAwZTAtBggr
+BgEFBQcCARYhaHR0cHM6Ly93d3cuY2F0Y2VydC5uZXQvdmVyYXJyZWwgMDQGCCsG
+AQUFBwICMCgMJlZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQubmV0L3ZlcmFycmVs
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUA
+A4IBAQCuCj5s6vy9ssW48Scaqw7OHy0y2j9mOr789BscMkVIcILiu0DORgTi9rh6
+UyFkBv+nq0eDW6KMFy+yZ/N4ni0QNr15bM3BYJtIXU8QfAo/GzEmqzzxHN15FKBi
+j+rnUpNKOoMSWXMTQedoTGfFv0oZDCALOxAOK+DSMV5HO3chfoIWVzy66DvmwtfX
+NOz3Gdx7UvqiRYj4UqR4rAmmdzF58nYbUgZLE1cbmr3nS3zSuOfOFh6euoaDEDFY
+rn/1xSXkW4z456p1FWhSb9jxsnXxTcI6wzjzROLdhJ3cr68qXj0aEimYicyF8Sdm
+1TYR6egIdfqyT6q8gx0Eac8DeniY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGUTCCBTmgAwIBAgIQIqW4gO46S81PjTpHBA7mUTANBgkqhkiG9w0BAQsFADCB
+8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoMMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
+dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLDB9TZXJ2ZWlzIFB1
+YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLDCxWZWdldSBodHRwczovL3d3
+dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECwwsSmVyYXJxdWlh
+IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMMBkVD
+LUFDQzAeFw0xMjA0MTcwOTM5MThaFw0yNzAxMDcyMjU5NTlaMIHpMQswCQYDVQQG
+EwJFUzE7MDkGA1UECgwyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8g
+KE5JRiBRLTA4MDExNzYtSSkxLjAsBgNVBAsMJVNlcnZlaXMgUHVibGljcyBkZSBD
+ZXJ0aWZpY2FjaW8gRUNWLTExNjA0BgNVBAsMLVZlZ2V1IGh0dHBzOi8vd3d3LmNh
+dGNlcnQubmV0L3ZlckNJQy0xICAoYykwMzEhMB8GA1UECwwYR2VuZXJhbGl0YXQg
+ZGUgQ2F0YWx1bnlhMRIwEAYDVQQDDAlFQy1HRU5DQVQwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDfskLh9womX5uXcd8X/lkEJSFSN05O8RDoyGrKH9H8
+qADjvjZKmKY+4wJrlZpMwZ42UkHfa4qpcBK0x1lH5x3gr6qSpW1XC9PjJLCkUQI4
+Uy+CCbINZ2dwwskeLHZJngYm0KlcRLTlzmppjW4YDimLkpRsjP8WDp/l0zaUP2cz
+fOrIwsor2c6PPQVJ/Oxmi+fcS9rbWTGRf1EzKKGTG1TxoFNvb6bWiYfYj1ILJC+L
+j39gVDi1JRCbPd+Vl5RCwVXieouKbyWQXc5kW5HUeWAhfnDcHlI4SDLI3u60GpfZ
+SCwIFKhsvgSJ26EhfJO0bzdyDDBTfVR6NgFMcXZ0f/7jAgMBAAGjggHnMIIB4zAd
+BgNVHRIEFjAUgRJlY19hY2NAY2F0Y2VydC5uZXQwIAYDVR0RBBkwF4EVZWNfZ2Vu
+Y2F0QGNhdGNlcnQubmV0MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MB0GA1UdDgQWBBQxalwKRk43r0LjsGArDA8tL5PfFDAfBgNVHSMEGDAWgBSgw4tE
+qjelRb+XgFrR8Xiim+ldjTCB2gYDVR0gBIHSMIHPMIHMBgRVHSAAMIHDMCwGCCsG
+AQUFBwIBFiBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJDSUMtMTCBkgYIKwYB
+BQUHAgIwgYUMgYJBcXVlc3QgY2VydGlmaWNhdCDDqXMgZW3DqHMgw7puaWNhIGkg
+ZXhjbHVzaXZhbWVudCBhIEVudGl0YXRzIGRlIENlcnRpZmljYWNpw7MgZGUgQ2xh
+c3NlIDEuIFZlZ2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQubmV0L3ZlckNJQy0xMGIG
+A1UdHwRbMFkwV6BVoFOGJ2h0dHA6Ly9lcHNjZC5jYXRjZXJ0Lm5ldC9jcmwvZWMt
+YWNjLmNybIYoaHR0cDovL2Vwc2NkMi5jYXRjZXJ0Lm5ldC9jcmwvZWMtYWNjLmNy
+bDANBgkqhkiG9w0BAQsFAAOCAQEARl4OqmtANC7EilelFfFP9P6VigiBnaSLwR0o
+KBPKEn79OFDGC5v1d2naoEeU+ftwoLZWl+yBfPztS6FdUWp6ZQDxTKgLKFG2ASj6
+0CELWF9NHDZHcEqokBpFXHxIiAZnlsN/PdhSQ8U6Z2fVLa2GwiVm8U9FMnxjtjjN
+aC7Cp8aHGj8dXtvYM5y0zGE/pzMrBUywDiSpLIsbvkS8aCQIUQJiS1Y9/qIwZlco
+myg6lGMPegoEZJFyU5uV8AfnmtH6UvF+FIyAjx0/IkX4AyjbnF63kK0BMCEynNnV
+MZqqGTEkSvWqJDIHbYgfxjBGM95qLVY6D5qNag/Hn89Pd1rfgQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGJDCCBQygAwIBAgIGSUEs5AAkMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTIwODA3MTUxNDQ4WhcNMjcxMDIzMTUxNDQ4WjCB
+rjELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
+b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlcykxPDA6BgNVBAMMM05ldExvY2sgS8O2emplZ3l6xZFp
+IChDbGFzcyBBKSBUYW7DunPDrXR2w6FueWtpYWTDszCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMN+2w/Zz+1elBNAxiA55+rnStTtvsWXgD8iAjr/nzpN
+wU//XGOvlfmVuBc8FD64Eq4msk1Ooc6pHKbROwWjMf0jI2hL42T4uWHLbF2uqbYS
++VxqLPkng4aRxQawOEdR2oQnPoMZEqeYUnwSF2ws3mY5OuTevPl7OYHFlBroZ1/m
+R+rWkTn7FdCyADE4yHVpRdaj4eRqEfO8D01+nvbOOcRA/I6Y32phgaeNsK+T9BMw
+Ug9DE4DXja1D6Nhopjvw/KaVn0BJdfi/xJMJIXTltOXgkqxLDWb92YOrUjNkIlZJ
+epQm3RQhSPBUe3u2DSnbpN3s3KK+uWkG2PuBO71cHT0CAwDlLaOCAkswggJHMBIG
+A1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFMz6
+Z5PwtrjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBSIaNg7dzegKUss1glot4CJi1fU
+6jCCAT4GCCsGAQUFBwEBBIIBMDCCASwwLAYIKwYBBQUHMAGGIGh0dHA6Ly9vY3Nw
+MS5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRwOi8vb2NzcDIu
+bmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYgaHR0cDovL29jc3AzLm5l
+dGxvY2suaHUvZ29sZC5jZ2kwNAYIKwYBBQUHMAKGKGh0dHA6Ly9haWExLm5ldGxv
+Y2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0dHA6Ly9haWEy
+Lm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0dHA6
+Ly9haWEzLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwgZ4GA1UdHwSBljCB
+kzAvoC2gK4YpaHR0cDovL2NybDEubmV0bG9jay5odS9pbmRleC5jZ2k/Y3JsPWdv
+bGQwL6AtoCuGKWh0dHA6Ly9jcmwyLm5ldGxvY2suaHUvaW5kZXguY2dpP2NybD1n
+b2xkMC+gLaArhilodHRwOi8vY3JsMy5uZXRsb2NrLmh1L2luZGV4LmNnaT9jcmw9
+Z29sZDANBgkqhkiG9w0BAQsFAAOCAQEAAJi2V4A3lP1g4+aCEn8frKrhS4fhqmPf
+SCcFoj605cYEAD3/Z594FICYWE9Ij4JefsvGHFotzueSpCVgrwEWFTmbVZJmd4yM
++1AnZtvRxLmcolDWOQQngjHi+A+a3BGR4BV2Yyht07yJhVyzBC33nT1KO1K8aaCe
+ED5KU2chvHruVAIFQlxuujqkL4oHQ3nPNio7hhE2rmxUdnxnGZ9XLzxcLm32saAg
+XN68PUGsD9uH57nwPhokt/tpu8jhRSsbhPfB817tatL8F2vYx4wh6hQpS0SfbYJb
+9Qj/kjLzCNjKasB9OibwkeEdgtFI0qGtMbwcBXedoMaszxAYU5lnvA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBRegAwIBAgIGSUEs5AAlMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTIwODA3MTUxNjU5WhcNMjcxMDIzMTUxNjU5WjCB
+uTELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
+b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlcykxRzBFBgNVBAMMPk5ldExvY2sgS8O2emplZ3l6xZFp
+IEVhdC4gKENsYXNzIEEgTGVnYWwpIFRhbsO6c8OtdHbDoW55a2lhZMOzMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGgUSEOm5EPaVrTNl/OuWfgmNHAV
+th/QCdtdCHC2LYgSS+1U5waxj2eM+Kc/1rWzed9uHPCg4RIcKqA4jwWRU2/v4jvP
+mv94M/n3vZrSkOy8Zvn0TmYmoggtbTZGpti7r6XOfQzWXPudiryrFeifPswsftTU
+yROo+XIb+OkuQQ1ZMcUzBIQzoYokgTW3PGVKEbGtZzqSSUJlN0OU/bI4UpFvIF6D
+jec4Ci4I8o0xnoXA2mVaeUEYO694my76nNhY7VqCc7Gp1iixD84AwAfQapByMX4z
+mH352LCG6y/1Zl0DQA7M9Pti6by8ikSZK9ugKTcWIRnrcScM//oyrjs/qwIDAOQB
+o4ICSzCCAkcwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwHwYD
+VR0jBBgwFoAUzPpnk/C2uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFAxQWx5h6/aP
+n48rTeWio31HWE8nMIIBPgYIKwYBBQUHAQEEggEwMIIBLDAsBggrBgEFBQcwAYYg
+aHR0cDovL29jc3AxLm5ldGxvY2suaHUvZ29sZC5jZ2kwLAYIKwYBBQUHMAGGIGh0
+dHA6Ly9vY3NwMi5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRw
+Oi8vb2NzcDMubmV0bG9jay5odS9nb2xkLmNnaTA0BggrBgEFBQcwAoYoaHR0cDov
+L2FpYTEubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEFBQcwAoYo
+aHR0cDovL2FpYTIubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEF
+BQcwAoYoaHR0cDovL2FpYTMubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDCB
+ngYDVR0fBIGWMIGTMC+gLaArhilodHRwOi8vY3JsMS5uZXRsb2NrLmh1L2luZGV4
+LmNnaT9jcmw9Z29sZDAvoC2gK4YpaHR0cDovL2NybDIubmV0bG9jay5odS9pbmRl
+eC5jZ2k/Y3JsPWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwzLm5ldGxvY2suaHUvaW5k
+ZXguY2dpP2NybD1nb2xkMA0GCSqGSIb3DQEBCwUAA4IBAQA1wvArJrUDXY5wXOvV
+mFbw2PAaRfJicuMJw2NMHk3WJgYBI77YG3BHIaV5h1RKmP/VKyfBKU15UjBG+gpw
+dYQODgNPFWupU+DzdxBStDVMWzoZISAA3nvqoJteqXBmZmyAPXk+KDyLJmUIarWj
+kLvVmnofnwTyIIRkX5oqoClN+w3naAQ+wOIH1qmAVUbsGaOWi+i8Nqu8ktV4+Rq4
+m5g7Or/ZArZZ8hhiwyntsISsXXbFsPMPgJuIwCYf7MV/qBP6ZjHxtGEULQAezxyZ
+rGTMWvJ1LMWw/7WblPgV739EuMnTsNFtShcZOlL70XbR3eYUIu99Py6lrpr6pniG
+wc43
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGLTCCBRWgAwIBAgIGSUEs5AAmMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTIwODA3MTUxNzQ4WhcNMjcxMDIzMTUxNzQ4WjCB
+tzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
+b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlcykxRTBDBgNVBAMMPE5ldExvY2sgTWluxZFzw610ZXR0
+IEVhdC4gU3BlYy4gKENsYXNzIFEgTGVnYWwgU3BlYy4pIEtpYWTDszCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOYZUAp5mC9slm3LcctPL8BYsbSxB8T3
+Emcl6vDRwIbrZEuNjGOhucK/46K5Xs6xcWFewiyJ5Hg+0PjTYh2bQvOmU6F47qrl
+EfGdfYBrrI3A5LFj0nISSmlSq2H7Rv17pJPgXAGXAhkM2Xf3zVfA6gAk5yS85Qlz
+ub9AuisNVRliyzAYUyQQFjlwlsfLmoPDAj7GT5r9XMildLZXv47ZfB2h4Yu68vM8
+EgHiS6oi6og6oV329Q4sdkTbm/ojydMEZZeI1msrAxh/wTRIj+S/vgQ1zGCc1Vu1
+a/tGqhhi4Bo+fkosx37QrN8fIpeqtCNhoVqa3h8N9cd8cDJJOeq29/ECAwCxZ6OC
+AkswggJHMBIGA1UdEwEB/wQIMAYBAf8CAQQwDgYDVR0PAQH/BAQDAgEGMB8GA1Ud
+IwQYMBaAFMz6Z5PwtrjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBQlanRbVSu6f2+r
+Hoso2OjoW76twjCCAT4GCCsGAQUFBwEBBIIBMDCCASwwLAYIKwYBBQUHMAGGIGh0
+dHA6Ly9vY3NwMS5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRw
+Oi8vb2NzcDIubmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYgaHR0cDov
+L29jc3AzLm5ldGxvY2suaHUvZ29sZC5jZ2kwNAYIKwYBBQUHMAKGKGh0dHA6Ly9h
+aWExLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0
+dHA6Ly9haWEyLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUH
+MAKGKGh0dHA6Ly9haWEzLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwgZ4G
+A1UdHwSBljCBkzAvoC2gK4YpaHR0cDovL2NybDEubmV0bG9jay5odS9pbmRleC5j
+Z2k/Y3JsPWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwyLm5ldGxvY2suaHUvaW5kZXgu
+Y2dpP2NybD1nb2xkMC+gLaArhilodHRwOi8vY3JsMy5uZXRsb2NrLmh1L2luZGV4
+LmNnaT9jcmw9Z29sZDANBgkqhkiG9w0BAQsFAAOCAQEAgk0055TzV0LLTjbYUgY+
+iNPubfJI06LNsbXWWpfiRrg04lb4QpQ/zBelr+F8/MFyhqpmg2U9piKbjSuGSGFF
+5Ecx9kEEFovsXnpaqwTCuPtjyMyPVSE9q93Wcm/r+gCYIi7eyaEAnZSBRFOOpCKY
+92Qn6CLdvQXCUUFiAWKsf7oO4sGWadETaUbd8CEHIxU0wa0p/sPnBXHouhG1ro/+
+iVdpyhA9aDhIN+QKYn31bTgfBZKw717aFhNY7DFQDKSDZuCH6gsVW0CaS0yW9rww
+GnRf1DnMVceB1YuOoc8/0QlCOdJcY0jpcS7I0Wms2gUbwfxBOssyn/3CI/tVeDUr
+yg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGJjCCBQ6gAwIBAgIGSUEs5AAnMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTIwODA3MTUxOTA2WhcNMjcxMDIzMTUxOTA2WjCB
+sDELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxOZXRM
+b2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlcykxPjA8BgNVBAMMNU5ldExvY2sgT25saW5lU1NMIChD
+bGFzcyBPbmxpbmUpIFRhbsO6c8OtdHbDoW55a2lhZMOzMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA2EBEPugzYpwttDtnOJ+MgN0r+RvJUG9EWFHoEfCN
+M6z/7C2Iv93dq/wFj38spdjEQvqIZXSoKjN9zPrwDoKtcNTo4/fU+TcbQ9suVqhv
+f5a5rDDFmrsqnKtS6NGrn3iMcYDa8CN0JOEpZab2Hjge/Z+YhCimOMWqYKWuntsL
+qmYRsP2W0wf25rhIAR1JIbxzUvhGHhb/USNuM4sfqDFpoTIRQr451FEnxU/Ba5Kf
+tvQcanSSuIyRx2w4rZNWxdSQ4diLjyOX8Bt1sI5WWk7adG0t4UzyM3KLH//l6+x1
+DedWz88LxQCZH9NQMs0yFblxmlIaXBbkKtfyjnHWIPkYZQIDAJOTo4ICSzCCAkcw
+EgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAU
+zPpnk/C2uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFJsVmOqyTPnqzIFXc8LaUel5
+jO79MIIBPgYIKwYBBQUHAQEEggEwMIIBLDAsBggrBgEFBQcwAYYgaHR0cDovL29j
+c3AxLm5ldGxvY2suaHUvZ29sZC5jZ2kwLAYIKwYBBQUHMAGGIGh0dHA6Ly9vY3Nw
+Mi5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRwOi8vb2NzcDMu
+bmV0bG9jay5odS9nb2xkLmNnaTA0BggrBgEFBQcwAoYoaHR0cDovL2FpYTEubmV0
+bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEFBQcwAoYoaHR0cDovL2Fp
+YTIubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEFBQcwAoYoaHR0
+cDovL2FpYTMubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDCBngYDVR0fBIGW
+MIGTMC+gLaArhilodHRwOi8vY3JsMS5uZXRsb2NrLmh1L2luZGV4LmNnaT9jcmw9
+Z29sZDAvoC2gK4YpaHR0cDovL2NybDIubmV0bG9jay5odS9pbmRleC5jZ2k/Y3Js
+PWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwzLm5ldGxvY2suaHUvaW5kZXguY2dpP2Ny
+bD1nb2xkMA0GCSqGSIb3DQEBCwUAA4IBAQATklNgusGMNdhxjqKKmHFFpbMMFq6z
++sDCc/flLvX659Z/+JXpIJVjpfqHUR+d44L5HgaPdHcI0dhlvOvlIUKz2MzhVNiK
+ajJIdJ1Wd9Mf4BV3B3UzphFq1sGkhL0uSqsQ8JTEXi4aekr0Co4VTF2KtEb/wozI
+GWilyfl4rrXbRMug/AzEjN7qcmRchZKPzsu0AodMEOziRYou+/sfM3IjBa3uXj4u
+IUKMr+92CI51yMEtyiYinHxsPnnRDOXTpeNyM+FbwxujjQFO2WbbYShrR33zOwld
+PhDsKH22azkJFcOONZy29ggpabJ+Rf6opJz2ks17jJLQQeEBY7vPNyqb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFTjCCAzagAwIBAgIGALTPlDJmMA0GCSqGSIb3DQEBCwUAMFYxCzAJBgNVBAYT
+AkNOMTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHkxFTATBgNVBAMMDENGQ0EgRVYgUk9PVDAeFw0xMjA4MDgwNjA2MzFaFw0y
+OTEyMjkwNjA2MzFaMFUxCzAJBgNVBAYTAkNOMTAwLgYDVQQKDCdDaGluYSBGaW5h
+bmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFDASBgNVBAMMC0NGQ0EgRVYg
+T0NBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02OMsGFxFQIPMKVP
+oRaO9rHNX41xbq8jhnbdK0MDVbxfGa3b8QTKxMcmxlRlULfsaie0cIlaRl0AUcJP
+QH9ftekzh4T287xqsEAydYQHf77arWQ5nY3fR9RcoBq9pTCQbqw49S6/jHA5oPQa
+EoKbF0G8zfVKp5PrcKSufHMQyKo/Ez2UYT+gut36j4GYpAABuV6PbusPpjufsN9B
+r9+xqgyz8ubSp1Wl1qSlvQUQBhAJAH+a3NMhD0illaGfTdWbF485a5NilMFGqJBa
+/kLVEYwG4aoKdV9vG/NFS0LKz3QVnB7bkrLjTkuGN/zQJP0daJ3CGAzmN+Cr2ujt
+XOfAYwIDAQABo4IBITCCAR0wOAYIKwYBBQUHAQEELDAqMCgGCCsGAQUFBzABhhxo
+dHRwOi8vb2NzcC5jZmNhLmNvbS5jbi9vY3NwMB8GA1UdIwQYMBaAFOP+Lf0o0Au1
+uraixL8GqgWMk/svMA8GA1UdEwEB/wQFMAMBAf8wRAYDVR0gBD0wOzA5BgRVHSAA
+MDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuY2ZjYS5jb20uY24vdXMvdXMtMTIu
+aHRtMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuY2ZjYS5jb20uY24vZXZy
+Y2EvUlNBL2NybDEuY3JsMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUVQji3MyV
+bR9d3rNH6OkWxsBFd8QwDQYJKoZIhvcNAQELBQADggIBAMmFEIoCE9UNmb2BYYhT
+RV12kNVucP6t683BaFTgJizIJw/ebvvTdWNTycyP5MQFlHKrIYwjvFO9Rfw8+yIs
+sT3JFYiqsLBswvaMr3AIuA2mTnmasvZFe6P19qitzTRkz+TL6TFailrtnzudsvn2
+SeVbRiX+6CsyNNMoPsRHTeZAEpkB7J3vh+ZAiv3gsIXtjtz5Y1iWWRZipemJ/qEf
+W2hDONB+T6lGcEXHDi9dIkWcC/jFT4XPM64pagAz9gEGZg1PzFBE8QMxiwaDAOea
+G0l0e/HW4wJlo4ZzOELqZGJLlYhQ8AkBYR95NEtR9j5bWK98Lznykldk2MDLBD2m
+rIfMkVjMwEj4A8ElMXsLnWXXg41NN6gjUm2/IudKOaGqniPs5SZrN36O4B3NzsaZ
+dLznHH5H0+aksurjgme8RAG0A2OAnRG3VXBWrxud7t0KDINLs+mxY7IR+xVZ2cw6
+Cer8HnAVfKPJrbdq7vyJJkIpCll+mLHaGgvv3IqiU4rrrllE3NYjKG4Fk2MiYvZg
+10KXA8tlYsLt8I/RcNmC2TvjZHYVE3tanbGw53TRGFk2Vq68XOkvooOardihwRkg
+qcOgUvouORuvSqTlkQizTFH6FTUt3xuuED4dnn5N/1ijcDt0N3l5ovoyHOVcYiO4
+drCN96LHiUoiSfYODmpXG2tl
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdzCCA1+gAwIBAgIQQAEzBPcAAAAAAAAMwELNbTANBgkqhkiG9w0BAQsFADBR
+MQswCQYDVQQGEwJUVzESMBAGA1UEChMJVEFJV0FOLUNBMRAwDgYDVQQLEwdSb290
+IENBMRwwGgYDVQQDExNUV0NBIEdsb2JhbCBSb290IENBMB4XDTEyMDgyMzA5NTMz
+MFoXDTMwMDgyMzE1NTk1OVowczELMAkGA1UEBhMCVFcxEjAQBgNVBAoTCVRBSVdB
+Ti1DQTEcMBoGA1UECxMTR2xvYmFsIEVWU1NMIFN1Yi1DQTEyMDAGA1UEAxMpVFdD
+QSBHbG9iYWwgRVZTU0wgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7MIaeq4wMnTjA5C2LsR6HJUj6rZbs8Nmq
+sSqFoqu6LwjrMbzkAg274EL6913MQ6eOy6VUDRzqAfgBEYcwFofe/w8nC7Q6Nrzz
+xTkl9lovXLJIm0CI44Qk2IhiCkoYaPlIoqexqnm3Fc2QRdRNeLk2pU/s86DpGrwT
+BqRRRkziBlhcgo7K5Z9ihf+c82DT31iIUIi2nr0ES1eaRR7zpKrzJPZ8foNxRPwT
+2D0tJWQJ4hNzbFGSKsSzshdwQ/p4JP9AEjK2eeXXbEePt0/JarwBjO2Lwign38/g
+0ZiP3uE47bItxZhgXlnR5L/0bhJitE6U1xgVFbbrQnG2B2kZxVKxAgMBAAGjggEn
+MIIBIzAfBgNVHSMEGDAWgBRI283ejulJclqI6LHYPQezuWtmUDAdBgNVHQ4EFgQU
+br2hK87kwtUodFy92YxvBHIqBt4wDgYDVR0PAQH/BAQDAgEGMDgGA1UdIAQxMC8w
+LQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwOi8vd3d3LnR3Y2EuY29tLnR3LzBJ
+BgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vUm9vdENBLnR3Y2EuY29tLnR3L1RXQ0FS
+Q0EvZ2xvYmFsX3Jldm9rZV80MDk2LmNybDASBgNVHRMBAf8ECDAGAQH/AgEAMDgG
+CCsGAQUFBwEBBCwwKjAoBggrBgEFBQcwAYYcaHR0cDovL1Jvb3RPY3NwLnR3Y2Eu
+Y29tLnR3LzANBgkqhkiG9w0BAQsFAAOCAgEAaOmLaZ2+WN2EtB6feuSV5KnL88ck
+I9jsUTB4YtKsv0ViORkeBMCQur5OoAgRE9VYdRVlWHN0zJAX232fdoZmnajl8gtj
+u0AOOyDDJ7Vlh38rDMRlX/u+MS2DFcsq5Vd3EMwJsWWFR9D3Dcey+Tu9uEmEdqeB
++Erd4YjCeV9PyOW3SzPQ47RdW6XYmHArPh65/LcmSxTn/lxQy/NEBGGWqhm6s6n1
+49mPq4MtQcMLo/NBI+8jv7BVjnThbbEh2edHHxMNiAd5kLZFDCyJuFkoezjWL4AH
+ratXdoHtqvqtPoy97LyGrLrJeh+0hkO9u8QOt2gF7BEhNfid7o5dnsPRk+8l77Hn
+T1dvBs++M0r0QG4AWMSMj9uUn6rhl4FGTvAsyB1fA8p/xCLoIEetIpKRP3BD+ve2
+eYjWPorR/0W77iMTeoQEeuxDIxi2J/U9QLKKvzzqBy1TYrqqPe5YxqHLNAcfHZvo
+BTPPbtP0WAiXrJiELTYcqFXETvQcGw0XjoUZNvJE8RD7vssSNT17RKU8iBRX7CbL
+AB3T8gYykPMJTUqQSmdgEdVRBcqRMMdU+XRAEoU/Mz5oHAkm3ZNTDNwsEp2Dg1/b
+qzfPMhg4/3/YyWzGrzNeCSWZkjYImAzLCvN0D5rbdVHEmFIrEJt+igocGozroq5x
+DT5KhixlrqexzWE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEyzCCArOgAwIBAgIBHjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEd
+MBsGA1UECgwUQnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3Mg
+Q2xhc3MgMyBSb290IENBMB4XDTEyMDkyNTA4MDUxOVoXDTMyMDkyNTA4MDUxOVow
+SzELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBhc3MgQVMtOTgzMTYzMzI3MR0w
+GwYDVQQDDBRCdXlwYXNzIENsYXNzIDMgQ0EgMzCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAON6Gk4TsoAn39gyUXBUfjcLNaq1FLlq2mSqt7l4EUALQfwf
+w//3jcKPb70rGYD1Mw46shRoL2gFJP3mD5FYe+5pAKqJ1VRdFb/qO/HnYPPBx2vz
+bEJgOafCuBX6wEMJc0O8cTsv/MqLvW8K88S+ziZcTSXMo95XkYGcYyaQiS5PR1mz
+ATTvA/Xm811oCI8jZD2ZjSQ8KhB8ePaRNJTiOK/xYhqSvU9Un7i83NDSAeliZYW6
+asJ7g2DUcFWDytHvRJQtvd6tTxn+PUThC+IlgDJc6riJaIhYBqENID6LsBLdkSGI
+KsxVDsjDOZ3568D1XaRH9Wlo6Hj0792Ncu7AqZUCAwEAAaOBtjCBszAPBgNVHRMB
+Af8EBTADAQH/MB8GA1UdIwQYMBaAFEe4zf/lb+74suwvTg75JbCOPGvDMB0GA1Ud
+DgQWBBTMw/gHt5xtek71pysdBfmzRxyR0TAOBgNVHQ8BAf8EBAMCAQYwEQYDVR0g
+BAowCDAGBgRVHSAAMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwuYnV5cGFz
+cy5uby9jcmwvQlBDbGFzczNSb290Q0EuY3JsMA0GCSqGSIb3DQEBCwUAA4ICAQAJ
+EHvXHhjk5VKHDDvh5R3eaNjLNXwK9FQ65TIjkeciZcO53wHqumFBJX0fI7bYOthY
+1RZQElyefhn9SQlNDiPYrGwfbv94A1RQq8WHFpafUHoGjgmorgHoCRm/JKAjuFvE
+5NYc1EW2h8rAtg2apNRXe+TrTfLHH4gNYD6+Rd9L7zI6RQRgO11lmaWmC5C6VdBJ
+fOtX/gCjpjOwhb9RXwKdGXlbCgpLlv5dhMcSjgxz7NJW3sjyWIhelt5vr7iK+3Xq
+e1mTA869l8rb7eDXHpavH/fOQYlHNWDSJQBkA6nbPpYwTy0FWOEdSTrrsb0NLyiF
+6snEzMyoMIfezj1yZJO+ATnZXeIsnrIRW5kL2BmHG0FJ7Up/zq89trNh8eYFE2wP
+YKhAM3UZNT0jzLLpabJQEFCqoX3XEPYyAIYJzGbvnCYAPesy88MY9gZBVTCfNuyJ
+r1qrFn2B+fCwwD1ZCOcg3FHr0K601z+v4KWB19T1ui81cNWdadchU3UxH3i5ZJIi
+8z8abzj8E8l4sl5SD8iyUW58OF+bScx+P+RG2+DPw7uHbqItCYlpl/+YXhKCeGbZ
+/mI4xHipWuuamnYzZcD1TJ2g+0J9aqLavrBrnhtR0tWS2gmds5G4yNxROB1uQLZP
+Fswq7WjfCUK3A8RrnNGcGPaCOf4BAou0GAiGo8kWwg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEqTCCA5GgAwIBAgIER/j2qDANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQGEwJV
@@ -2006,256 +2783,141 @@ ImFmA2iOtUU4he3Zvm56wVNmiQHgyR8CyUlMsDUS3ol0ifPoKAgf4Ah0zv/RU8fJ
 hVBkZWH/eONhLYokvWB1RjyQ7YLZU60FPPuevBBQ5Knvr0Hj1Gf4DMZLrFZ+
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIGFzCCA/+gAwIBAgIUftbnnMmtgcTIGT75XUQodw40ExcwDQYJKoZIhvcNAQEL
-BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
-BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0xMjExMDYxNDUwMThaFw0y
-MjExMDYxNDUwMThaME0xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM
-aW1pdGVkMSMwIQYDVQQDExpRdW9WYWRpcyBHbG9iYWwgU1NMIElDQSBHMzCCAiIw
-DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANf8Od17be6c6lTGJDhEXpmkTs4y
-Q39Rr5VJyBeWCg06nSS71s6xF3sZvKcV0MbXlXCYM2ZX7cNTbJ81gs7uDsKFp+vK
-EymiKyEiI2SImOtECNnSg+RVR4np/xz/UlC0yFUisH75cZsJ8T1pkGMfiEouR0EM
-7O0uFgoboRfUP582TTWy0F7ynSA6YfGKnKj0OFwZJmGHVkLs1VevWjhj3R1fsPan
-H05P5moePFnpQdj1FofoSxUHZ0c7VB+sUimboHm/uHNY1LOsk77qiSuVC5/yrdg3
-2EEfP/mxJYT4r/5UiD7VahySzeZHzZ2OibQm2AfgfMN3l57lCM3/WPQBhMAPS1jz
-kE+7MjajM2f0aZctimW4Hasrj8AQnfAdHqZehbhtXaAlffNEzCdpNK584oCTVR7N
-UR9iZFx83ruTqpo+GcLP/iSYqhM4g7fy45sNhU+IS+ca03zbxTl3TTlkofXunI5B
-xxE30eGSQpDZ5+iUJcEOAuVKrlYocFbB3KF45hwcbzPWQ1DcO2jFAapOtQzeS+MZ
-yZzT2YseJ8hQHKu8YrXZWwKaNfyl8kFkHUBDICowNEoZvBwRCQp8sgqL6YRZy0uD
-JGxmnC2e0BVKSjcIvmq/CRWH7yiTk9eWm73xrsg9iIyD/kwJEnLyIk8tR5V8p/hc
-1H2AjDrZH12PsZ45AgMBAAGjgfMwgfAwEgYDVR0TAQH/BAgwBgEB/wIBATARBgNV
-HSAECjAIMAYGBFUdIAAwOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRw
-Oi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20wDgYDVR0PAQH/BAQDAgEGMB8GA1Ud
-IwQYMBaAFO3nb3Zav2DsSVvGpXe7chZxm8Q9MDsGA1UdHwQ0MDIwMKAuoCyGKmh0
-dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMmczLmNybDAdBgNVHQ4E
-FgQUsxKJtalLNbwVAPCA6dh4h/ETfHYwDQYJKoZIhvcNAQELBQADggIBAFGm1Fqp
-RMiKr7a6h707M+km36PVXZnX1NZocCn36MrfRvphotbOCDm+GmRkar9ZMGhc8c/A
-Vn7JSCjwF9jNOFIOUyNLq0w4luk+Pt2YFDbgF8IDdx53xIo8Gv05e9xpTvQYaIto
-qeHbQjGXfSGc91olfX6JUwZlxxbhdJH+rxTFAg0jcbqToJoScWTfXSr1QRcNbSTs
-Y4CPG6oULsnhVvrzgldGSK+DxFi2OKcDsOKkV7W4IGg8Do2L/M588AfBnV8ERzpl
-qgMBBQxC2+0N6RdFHbmZt0HQE/NIg1s0xcjGx1XW3YTOfje31rmAXKHOehm4Bu48
-gr8gePq5cdQ2W9tA0Dnytb9wzH2SyPPIXRI7yNxaX9H8wYeDeeiKSSmQtfh1v5cV
-7RXvm8F6hLJkkco/HOW3dAUwZFcKsUH+1eUJKLN18eDGwB8yGawjHvOKqcfg5Lf/
-TvC7hgcx7pDYaCCaqHaekgUwXbB2Enzqr1fdwoU1c01W5YuQAtAx5wk1bf34Yq/J
-ph7wNXGvo88N0/EfP9AdVGmJzy7VuRXeVAOyjKAIeADMlwpjBRhcbs9m3dkqvoMb
-SXKJxv/hFmNgEOvOlaFsXX1dbKg1v+C1AzKAFdiuAIa62JzASiEhigqNSdqdTsOh
-8W8hdONuKKpe9zKedhBFAvuxhDgKmnySglYc
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIID4zCCA2qgAwIBAgIQTZVdIK+FxJ9pJfurfGZfiTAKBggqhkjOPQQDAzCByjEL
-MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
-ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2ln
-biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
-U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
-aXR5IC0gRzQwHhcNMTIxMjIwMDAwMDAwWhcNMjIxMjE5MjM1OTU5WjCBizELMAkG
-A1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8wHQYDVQQL
-ExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMTwwOgYDVQQDEzNTeW1hbnRlYyBDbGFz
-cyAzIEVDQyAyNTYgYml0IEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EwWTATBgcqhkjO
-PQIBBggqhkjOPQMBBwNCAATdBD2y8pCTl8bpu7yR21Hwo4bt+8bThZMyBUngBINh
-llH/VyGuC9oO5wShf9sqHL3KmDXFcXNAzehqq1SEQybio4IBbTCCAWkwEgYDVR0T
-AQH/BAgwBgEB/wIBADA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLndzLnN5
-bWFudGVjLmNvbS9wY2EzLWc0LmNybDAOBgNVHQ8BAf8EBAMCAQYwNwYIKwYBBQUH
-AQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC53cy5zeW1hbnRlYy5jb20w
-ZQYDVR0gBF4wXDBaBgRVHSAAMFIwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3lt
-YXV0aC5jb20vY3BzMCgGCCsGAQUFBwICMBwaGmh0dHA6Ly93d3cuc3ltYXV0aC5j
-b20vcnBhMCoGA1UdEQQjMCGkHzAdMRswGQYDVQQDExJTWU1DLUVDQy1DQS1wMjU2
-LTMwHQYDVR0OBBYEFEgTZReU7J4WKip0XOhTLbT7g+uOMB8GA1UdIwQYMBaAFLMW
-kf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMDA2cAMGQCMFyb7oOjdk2MLQVM
-gjS6s77Oj+jDNIH7QHfoNGxbFys7rdWno9LzZsJPsrDIdpiPvwIwT8IvzpLFqb3O
-fU7UGztmJOpOzYKvVEqI7+O/OpNjVCF9EjDSMs2ryYGwpxFDe0Vm
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIDrDCCApSgAwIBAgIQCssoukZe5TkIdnRw883GEjANBgkqhkiG9w0BAQwFADBh
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
-QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEwxCzAJBgNVBAYTAlVT
-MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IEVDQyBT
-ZWN1cmUgU2VydmVyIENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE4ghC6nfYJN6g
-LGSkE85AnCNyqQIKDjc/ITa4jVMU9tWRlUvzlgKNcR7E2Munn17voOZ/WpIRllNv
-68DLP679Wz9HJOeaBy6Wvqgvu1cYr3GkvXg6HuhbPGtkESvMNCuMo4IBITCCAR0w
-EgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEE
-KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0f
-BDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xv
-YmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc
-aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUo53mH/naOU/A
-buiRy5Wl2jHiCp8wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJ
-KoZIhvcNAQEMBQADggEBAMeKoENL7HTJxavVHzA1Nm6YVntIrAVjrnuaVyRXzG/6
-3qttnMe2uuzO58pzZNvfBDcKAEmzP58mrZGMIOgfiA4q+2Y3yDDo0sIkp0VILeoB
-UEoxlBPfjV/aKrtJPGHzecicZpIalir0ezZYoyxBEHQa0+1IttK7igZFcTMQMHp6
-mCHdJLnsnLWSB62DxsRq+HfmNb4TDydkskO/g+l3VtsIh5RHFPVfKK+jaEyDj2D3
-loB5hWp2Jp2VDCADjT7ueihlZGak2YPqmXTNbk19HOuNssWvFhtOyPNV6og4ETQd
-Ea8/B6hPatJ0ES8q/HO3X8IVQwVs1n3aAr0im0/T+Xc=
+MIIB3DCCAYOgAwIBAgINAgPlfvU/k/2lCSGypjAKBggqhkjOPQQDAjBQMSQwIgYD
+VQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjQxEzARBgNVBAoTCkdsb2Jh
+bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTIxMTEzMDAwMDAwWhcNMzgw
+MTE5MDMxNDA3WjBQMSQwIgYDVQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0g
+UjQxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wWTAT
+BgcqhkjOPQIBBggqhkjOPQMBBwNCAAS4xnnTj2wlDp8uORkcA6SumuU5BwkWymOx
+uYb4ilfBV85C+nOh92VC/x7BALJucw7/xyHlGKSq2XE/qNS5zowdo0IwQDAOBgNV
+HQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVLB7rUW44kB/
++wpu+74zyTyjhNUwCgYIKoZIzj0EAwIDRwAwRAIgIk90crlgr/HmnKAWBVBfw147
+bmF0774BxL4YSFlhgjICICadVGNA3jdgUM/I2O2dgq43mLyjj0xMqTQrbO/7lZsm
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEjzCCA3egAwIBAgIQBp4dt3/PHfupevXlyaJANzANBgkqhkiG9w0BAQUFADBh
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
-QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaMEgxCzAJBgNVBAYTAlVT
-MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxIjAgBgNVBAMTGURpZ2lDZXJ0IFNlY3Vy
-ZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7V+Qh
-qdWbYDd+jqFhf4HiGsJ1ZNmRUAvkNkQkbjDSm3on+sJqrmpwCTi5IArIZRBKiKwx
-8tyS8mOhXYBjWYCSIxzm73ZKUDXJ2HE4ue3w5kKu0zgmeTD5IpTG26Y/QXiQ2N5c
-fml9+JAVOtChoL76srIZodgr0c6/a91Jq6OS/rWryME+7gEA2KlEuEJziMNh9atK
-gygK0tRJ+mqxzd9XLJTl4sqDX7e6YlwvaKXwwLn9K9HpH9gaYhW9/z2m98vv5ttl
-LyU47PvmIGZYljQZ0hXOIdMkzNkUb9j+Vcfnb7YPGoxJvinyulqagSY3JG/XSBJs
-Lln1nBi72fZo4t9FAgMBAAGjggFaMIIBVjASBgNVHRMBAf8ECDAGAQH/AgEAMA4G
-A1UdDwEB/wQEAwIBhjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6
-Ly9vY3NwLmRpZ2ljZXJ0LmNvbTB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3Js
-My5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDegNaAzhjFo
-dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3Js
-MD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k
-aWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBSQcds363PI79zVHhK2NLorWqCmkjAf
-BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTANBgkqhkiG9w0BAQUFAAOC
-AQEAMM7RlVEArgYLoQ4CwBestn+PIPZAdXQczHixpE/q9NDEnaLegQcmH0CIUfAf
-z7dMQJnQ9DxxmHOIlywZ126Ej6QfnFog41FcsMWemWpPyGn3EP9OrRnZyVizM64M
-2ZYpnnGycGOjtpkWQh1l8/egHn3F1GUUsmKE1GxcCAzYbJMrtHZZitF//wPYwl24
-LyLWOPD2nGt9RuuZdPfrSg6ppgTre87wXGuYMVqYQOtpxAX0IKjKCDplbDgV9Vws
-slXkLGtB8L5cRspKKaBIXiDSRf8F3jSvcEuBOeLKB1d8tjHcISnivpcOd5AUUUDh
-v+PMGxmcJcqnBrJT3yOyzxIZow==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIElDCCA3ygAwIBAgIQAf2j627KdciIQ4tyS8+8kTANBgkqhkiG9w0BAQsFADBh
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
-QTAeFw0xMzAzMDgxMjAwMDBaFw0yMzAzMDgxMjAwMDBaME0xCzAJBgNVBAYTAlVT
-MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg
-U2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-ANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83
-nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd
-KpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f
-/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX
-kujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0
-/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8C
-AQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY
-aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6
-Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwN6A1
-oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD
-QS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8v
-d3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFA+AYRyCMWHVLyjnjUY4tCzh
-xtniMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA0GCSqGSIb3DQEB
-CwUAA4IBAQAjPt9L0jFCpbZ+QlwaRMxp0Wi0XUvgBCFsS+JtzLHgl4+mUwnNqipl
-5TlPHoOlblyYoiQm5vuh7ZPHLgLGTUq/sELfeNqzqPlt/yGFUzZgTHbO7Djc1lGA
-8MXW5dRNJ2Srm8c+cftIl7gzbckTB+6WohsYFfZcTEDts8Ls/3HB40f/1LkAtDdC
-2iDJ6m6K7hQGrn2iWZiIqBtvLfTyyRRfJs8sjX7tN8Cp1Tm5gr8ZDOo0rwAhaPit
-c+LJMto4JQtV05od8GiG7S5BNO98pVAdvzr508EIDObtHopYJeS4d60tbvVS3bR0
-j6tJLp07kzQoH3jOlOrHvdPJbRzeXDLz
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE1jCCA76gAwIBAgIQVBigKtC/Vxnd9yM2sUfwujANBgkqhkiG9w0BAQsFADCB
-mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
-MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
-eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv
-cml0eSAtIEczMB4XDTEzMDQwOTAwMDAwMFoXDTIzMDQwODIzNTk1OVowWjELMAkG
-A1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xMzAxBgNVBAMTKkdlb1Ry
-dXN0IEV4dGVuZGVkIFZhbGlkYXRpb24gU0hBMjU2IFNTTCBDQTCCASIwDQYJKoZI
-hvcNAQEBBQADggEPADCCAQoCggEBAMyTtRz0xgdcgBRXASeOv/9MLaY63wmj1AtU
-qgN1I/EwdcyRNWPhCok/Y8h+xOy/SKMdfDEIvWx5BabA4sEQ+ZByI2Kkrir6gJ9O
-YTaC/puD4GwIWXZeY4FLKaCJqEhRXYsCUQBupY6ur6qIz2EDugz+/NvorDkBhm+4
-FhZbr9GK7XaS+yLp+rH5RAE5VBDJ/QpIC8wONyoI1s/JIs+/0QOV3iNP5aT5Nc3O
-KnCbKP9jxWAi06N+Kohc8+ZHEs1mOWRYOkxtkx6fa/uFTwYLrjIPsQroBA/ei0kA
-Wf5crs+I3w+MSCeekhLbxEONCvLZiuurKCJp6qFIgb0823q51fkCAwEAAaOCAVcw
-ggFTMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMEcGA1UdIARA
-MD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nZW90cnVzdC5j
-b20vcmVzb3VyY2VzL2NwczA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLmdl
-b3RydXN0LmNvbS9HZW9UcnVzdFBDQS1HMy5jcmwwOwYIKwYBBQUHAQEELzAtMCsG
-CCsGAQUFBzABhh9odHRwOi8vcGNhLWczLW9jc3AuZ2VvdHJ1c3QuY29tMCoGA1Ud
-EQQjMCGkHzAdMRswGQYDVQQDExJWZXJpU2lnbk1QS0ktMi0zNzUwHQYDVR0OBBYE
-FBe43KqxUyIZQZV7PIHqiJtJw6KLMB8GA1UdIwQYMBaAFMR5yo6hTgMdHNxr2zFb
-lD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IBAQAQTwBTUY/eNNrhqBOxJG1kAe76zOpw
-pmYnXFoXmlww27wgPDLeLV4gdLoH37hBek9xmdaTmGx4rUOjWwo3PCQc2uAAQAbU
-lMexbDS3jRe7tLUhnrOHpsYT+jCxBihNlxnMQaFbWqb7dkORAq83gQUoUQQXp8Ce
-6A6Gn69mpWG1HF3gnV0kN+tyl50WcSTxozpg5cvQj4XeicVGLcfwTHDcH+otkgLk
-Y/zY8CiAVREHOr6GtrODu1A8rp6DNEUxT1IUWoiBm/CzU3nokWlJq+88NdPPAQVA
-SmH8MWdlDFttkLDmEdINTBUuaHj6jcjaihtzGUpCDzxlUEFLyozGWBj0
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFSTCCBDGgAwIBAgIQCbdJ/X8LSRbKBVZWz/bZgjANBgkqhkiG9w0BAQsFADCB
-vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W
-ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
-Fw0xMzA0MDkwMDAwMDBaFw0yMzA0MDgyMzU5NTlaMIGKMQswCQYDVQQGEwJVUzEd
-MBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVj
-IFRydXN0IE5ldHdvcmsxOzA5BgNVBAMTMlN5bWFudGVjIENsYXNzIDMgRXh0ZW5k
-ZWQgVmFsaWRhdGlvbiBTSEEyNTYgU1NMIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAwUo5gP1SVSC5FK9OwhPfSgNKsGXFaGaKJJxyi63peok7gyXs
-LFcSKSb3qHD0Y+AGVTyD8cPxY0sypzk9D/exa/G+Xxua5KoXZUbBpue3YXWKmCYZ
-HqcPo8eypoUnOQR0G8YHFiqSqOjpm8RaIIoby0YJUeSi5CGDM9UnyXvbqOF2hljp
-4b0TV2vgGq9xA7MV8EQB5WFk9fIRmVLs7ej1PRNrISfCxgPA8g/VWH/17yql/yjq
-jeWOdt8sZmSbNb9j/Z9KSJ8whT7VsvH+yESoWC6gnWC9Cs7BJQgcTfK0w+tcOLfY
-1JslzuMzFs/JL8wocPpjdNXExxEVpZnyKSLABQIDAQABo4IBdDCCAXAwNwYIKwYB
-BQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC53cy5zeW1hbnRlYy5j
-b20wEgYDVR0TAQH/BAgwBgEB/wIBADBlBgNVHSAEXjBcMFoGBFUdIAAwUjAmBggr
-BgEFBQcCARYaaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYIKwYBBQUHAgIw
-HBoaaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9ycGEwPgYDVR0fBDcwNTAzoDGgL4Yt
-aHR0cDovL2NybC53cy5zeW1hbnRlYy5jb20vdW5pdmVyc2FsLXJvb3QuY3JsMA4G
-A1UdDwEB/wQEAwIBBjAqBgNVHREEIzAhpB8wHTEbMBkGA1UEAxMSVmVyaVNpZ25N
-UEtJLTItMzcyMB0GA1UdDgQWBBSybePkFA+MPHNCplqZGtMUdbaG2zAfBgNVHSME
-GDAWgBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEAdJ3d
-mGjc+GgcDYkNvwlH3cWvtjX7EqazxfQGSbmJcnB0fKn1cxQh6wAW9VOsKBq0salx
-V6wBS/SYJMULRSKRRtL+1rYIRPMbgwUcFMBo34qHylbm72/zlBO0W4VPrVe68Ow7
-gOeiAV+7ZYUARJc0uNiuIW+Xva9zHMVw3Mb3x2sgh6oEYmnI9sPzpHSPG1VPKrsH
-NUZlCdqof2NXVfDrn0kVlVeqf8tER1EAWVaDHUCRLdgd0l9x7ibBbkUNxU0SP7+R
-5TYnB2qysmYrhf8nQaKSs8pOAY371fbh5FTWa8ySae7kOY6dNM4Us/CAauNW7mW0
-zB9UpGiJBN2YLL3Pow==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFSTCCBDGgAwIBAgIQaYeUGdnjYnB0nbvlncZoXjANBgkqhkiG9w0BAQsFADCB
-vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W
-ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
-Fw0xMzA0MDkwMDAwMDBaFw0yMzA0MDgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEd
-MBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVj
-IFRydXN0IE5ldHdvcmsxNTAzBgNVBAMTLFN5bWFudGVjIENsYXNzIDMgU2VjdXJl
-IFNlcnZlciBTSEEyNTYgU1NMIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEAvjgWUYuA2+oOTezoP1zEfKJd7TuvpdaeEDUs48XlqN6Mhhcm5t4LUUos
-0PvRFFpy98nduIMcxkaMMSWRDlkXo9ATjJLBr4FUTrxiAp6qpxpX2MqmmXpwVk+Y
-By5LltBMOVO5YS87dnyOBZ6ZRNEDVHcpK1YqqmHkhC8SFTy914roCR5W8bUUrIqE
-zq54omAKU34TTBpAcA5SWf9aaC5MRhM7OQmCeAI1SSAIgrOxbIkPbh41JbAsJIPj
-xVAsukaQRYcNcv9dETjFkXbFLPsFKoKVoVlj49AmWM1nVjq633zS0jvY3hp6d+QM
-jAvrK8IisL1Vutm5VdEiesYCTj/DNQIDAQABo4IBejCCAXYwEgYDVR0TAQH/BAgw
-BgEB/wIBADA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsLndzLnN5bWFudGVj
-LmNvbS91bml2ZXJzYWwtcm9vdC5jcmwwDgYDVR0PAQH/BAQDAgEGMDcGCCsGAQUF
-BwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Aud3Muc3ltYW50ZWMuY29t
-MGsGA1UdIARkMGIwYAYKYIZIAYb4RQEHNjBSMCYGCCsGAQUFBwIBFhpodHRwOi8v
-d3d3LnN5bWF1dGguY29tL2NwczAoBggrBgEFBQcCAjAcGhpodHRwOi8vd3d3LnN5
-bWF1dGguY29tL3JwYTAqBgNVHREEIzAhpB8wHTEbMBkGA1UEAxMSVmVyaVNpZ25N
-UEtJLTItMzczMB0GA1UdDgQWBBTbYiD7fQKJfNI7b8fkMmwFUh2tsTAfBgNVHSME
-GDAWgBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEAGcyV
-4i97SdBIkFP0B7EgRDVwFNVENzHv73DRLUzpLbBTkQFMVOd9m9o6/7fLFK0wD2ka
-KvC8zTXrSNy5h/3PsVr2Bdo8ZOYr5txzXprYDJvSl7Po+oeVU+GZrYjo+rwJTaLE
-ahsoOy3DIRXuFPqdmBDrnz7mJCRfehwFu5oxI1h5TOxtGBlNUR8IYb2RBQxanCb8
-C6UgJb9qGyv3AglyaYMyFMNgW379mjL6tJUOGvk7CaRUR5oMzjKv0SHMf9IG72AO
-Ym9vgRoXncjLKMziX24serTLR3x0aHtIcQKcIwnzWq5fQi5fK1ktUojljQuzqGH5
-S5tV1tqxkju/w5v5LA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE0DCCA7igAwIBAgIQCkieiFN+iqZFTW4sSyrrIDANBgkqhkiG9w0BAQsFADCB
-rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV
-BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0xMzA0MDkwMDAwMDBa
-Fw0yMzA0MDgyMzU5NTlaMFcxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUs
-IEluYy4xMTAvBgNVBAMTKHRoYXd0ZSBFeHRlbmRlZCBWYWxpZGF0aW9uIFNIQTI1
-NiBTU0wgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyxLx06CX2
-AGIo40zouN8Tn4sHN+9iSvFXCfaC6HXwCqknz5M77DaJpW4d1lTzuASXcrRpJczR
-Qg5b1Rx/omBusVIa25MvuwsNZFMWyxwJJJUpIrSKGACJ/vcfcsjoXC8aG6IYuO8Y
-XMu12zpO2w+u38R54x6qXKOk5axhmzeFj0h1G7nVaJbpJ3lwVyMau2yTkMdF1xfS
-Nyp2s82CqU/AA3vhPXp+W7iF8vUV+3CpvfVQZRad47ZrYW6hep7oDRz3Ko5pfkMw
-jnjO7mUeO5uHHkkc+DJGXShGeSpOJ10XWKg3/qgTqWkV3zYiiXW6ygFALu2d1wyq
-Mc4nrlfV0lH7AgMBAAGjggE+MIIBOjASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1Ud
-DwEB/wQEAwIBBjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9v
-Y3NwLnRoYXd0ZS5jb20wOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEW
-Gmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMDcGA1UdHwQwMC4wLKAqoCiGJmh0
-dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQQ0EtRzMuY3JsMCoGA1UdEQQjMCGk
-HzAdMRswGQYDVQQDExJWZXJpU2lnbk1QS0ktMi0zNzQwHQYDVR0OBBYEFDskyDGg
-t1rQarjSygd0zB4k1MTcMB8GA1UdIwQYMBaAFK1sqpRgnO3k//o+CnQrYwP3tlm/
-MA0GCSqGSIb3DQEBCwUAA4IBAQBomCaq1DPJunVw1J9JrdbBVNzuqlYfeKfwoaTu
-C/kSr9+muO7DyzUTalkq+MnpTC+8sbwrwgIw4cO+wvCBjJl3iVgAo8x/owJMU7Ju
-Nk/+34d2sz/sWmJQtgBFWPKHrHfm0CBQY8XksnAVGJAFe3uvK0a+a04fU/yEJ66D
-0o1HU6cOH2O1utsW2GoJJVV9jz1KwYP5s7mnBFrI8xEEkVMw2VKHyzkAnOxTwwIJ
-fqc2jnIhLyO7TMZHpaHuZ8QvXDpHOGHiwx43kp7IL2v679LDzSmNmPhSF+21Uzzf
-r8kbYq3fAu5dNPZBS8vDVa+xy9qcc9UCqC2nrPzh5QfQUeg1
+MIIG1jCCBL6gAwIBAgIRAPGHNNSDlYYqDDr25LknOBowDQYJKoZIhvcNAQENBQAw
+gYAxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJDAi
+BgNVBAMTG0NlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0EgMjAiGA8yMDEzMDEyNDEx
+MzY1NVoYDzIwMjgwMTI0MTEzNjU1WjCBgjELMAkGA1UEBhMCUEwxIjAgBgNVBAoT
+GVVuaXpldG8gVGVjaG5vbG9naWVzIFMuQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTEmMCQGA1UEAxMdQ2VydHVtIEV4dGVuZGVkIFZh
+bGlkYXRpb24gQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDI5kOI
+DcunMEVG9qscOcSDPnkoBkkXNyPWO4T9LkQpw0aUIyxmjXYINJrYOs2jLtuq9pai
+P4pdGbQL7PgSRIMuVo0L7tTDqOQbzIVAD578zoFjrWzwQrutjLhKPeuXJQ5q08YL
+TX68+HyU3fYkhW4S05XL397/NHUXIC1n/G5DC/dmkMr7fdDnSdBf2ckLILq4xX72
+hfbC/soDJ+cpUveswpIlq9eGydCosTWmKYa7kNu4a78qGBVSZUQZmjgxDD90vRu1
+DOfByOvSK0eyZuWxhjUAX8hhn6Hh8a+fWUUTXmKCrYz22LRKU1NWeqOQonXQFr1s
+dhJ8YFAp1eplVLdNID0opjnxJqOIpuMmuRfF9EL0s+WuwL7tHDABcf9Q3XleWVMw
+jMQPTl8ku/VMmDrMGxBPAiNpZ7WP581QRHIExwHXE17XSGXYZHeq/3DolTYd5EpL
+d0KAvtrzcfpVtfTLJCZEC25gIc1GQkhO17Cy1ab8UnMU+nmgg/5L8+xyL43YaiWo
+g+bEPm/wLRp0LsS9NTD9lpKYBC/v3aNtD7OkKzJf0f2k66A3Fhfi9wbirqj6uEhP
+3cg0StecW7H3A4I+fEsq6ZJ7jbBM5PmO9WmZjjhYHUpnQVRuYShVWtTdFEQZ3zlk
+PwrlPtL4awJD7vuIy0wEwJdJWhDOnjpDaMBMWQIDAQABo4IBQTCCAT0wDwYDVR0T
+AQH/BAUwAwEB/zAdBgNVHQ4EFgQU33bJ6BrC9SdrlIg+4HU2wkRuX2cwHwYDVR0j
+BBgwFoAUtqFUOQLDoD+Oirz61PgcptE6Dv0wDgYDVR0PAQH/BAQDAgEGMDAGA1Ud
+HwQpMCcwJaAjoCGGH2h0dHA6Ly9jcmwuY2VydHVtLnBsL2N0bmNhMi5jcmwwbAYI
+KwYBBQUHAQEEYDBeMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0
+dW0uY29tMDIGCCsGAQUFBzAChiZodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwv
+Y3RuY2EyLmNlcjA6BgNVHSAEMzAxMC8GBFUdIAAwJzAlBggrBgEFBQcCARYZaHR0
+cHM6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQ0FAAOCAgEAfo41crfS
+GIpP+CQuqIGJB1/cMwmgSBORO7Y8FT/5eGYTqO3MMm0/N2xXZpSRkVD9QnY23Zg5
+a2RaQoFZTZkBcgC+KUpj8BNCo8SwlgXhunKX8sgkpJanC2Ct9tPjzE0TOuQW3TH8
+3hUSf6yltd9CoC3nhqy93LCyQryBMwHb2WnARLl7RKnwYXlE9RY3Q6WXi6nj/JaW
+JYpMCPGDEJZn4H84tZ1Vco7KjoWiboEgJ6O7pQQQPu0CKQo4kUO4AVBKiL9eraqy
+EgL2xtqi2X8cOzYSetFW4ramoaW1CmQ6YN4Lu1RKRNpaK12h2zTWg/3AT3WQunrj
+I00fceBv/iMUmr/8AeDpHCSkAltQbjKeLlPX8dMFSq+nYjGTywc+JvMiMLnxHAu0
+k3matX5T44/hyxs5h1a57ezm0SwnayT2I12IGGAt+cKvh6rcMGqzurF3Icd01sUT
+Jdz3YImhkyiF4lz7yr7HycuhccXcxPoupKNaEqZ3bJli3kD1iEVWLMHrnf46UP8v
+NiXNg7Nqi5g1ZmMmOOHGU4+DSTEYHWA51Zk9CTJyPXg+HET/O8iJ/Fact8dRk/gT
+DMwJNyqqub/U9lQ6fpmILe4jZKYPmlMGiBu3BP26TtsLaxyIj3rI5U+hIChmunWz
+rnBzdw6d3QkzYcVO/U3+U+eXvESn4yx7ltY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGyTCCBLGgAwIBAgIRALR96AuHRYVcbpxOa7GJq7QwDQYJKoZIhvcNAQENBQAw
+gYAxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJDAi
+BgNVBAMTG0NlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0EgMjAiGA8yMDEzMDEyNDEx
+Mzg1NloYDzIwMjgwMTI0MTEzODU2WjB2MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZ
+VW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5MRowGAYDVQQDExFDZXJ0dW0gQ2xhc3MgSSBDQTCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOIcYr0dj2GD1VvlM9ANcpGe
+eQINXySeBkZvrPHcLlrIMAr0sYXT4osetvQC4jkDlMWV7n/OVoyeGsYoHqiU7HiR
+MBe517YFzLDJ6OpdgScSYmTE6lZcfKBtUuFc7l0ppt/CJOr9CgEbMFvwD8VSmvEE
+nWXmnnAY6iurPd+0oSd0V3jyX81+s+Y2nMVSaZC5Wt0J/ZDIbknQPzluG45amzWm
+HhVjR7Pf/OYqkNW8u4+9j2DGcEGug5dQc7j3ngbf7gxLlRqwuA1Oh57iT3t8ZrNi
+Sfqnhbi5ObPwmFFjCGGvI8Hr8bd4VaBZgVmj6VYELViCJSvld/TIPF+t+6iJlquZ
+P77wjU6v4hkQzB/b6hRmnhNJqU4yALrZc8bAkv3MgjzYXe5zYMM59HZZWFGjZxum
+9NJFjC5pyNTHYkSEXcAM3LJdhTYkeaT2dpVSL+4dOeSC/v8Ec8APfurlh4MroIYq
+kiA29mKiT9rFYroMtNozowPpdGyHO3R1uy6ryV/U8oVSk2npgzbW2rHFJgXU9NXG
+Zi6zmBUtIweq4Vrk6jafD+CSezjtEuqpqojQMACdNycDwN3UOGi9DlvHrSFJlc5r
+WuK9Zyx7PZqNvwOrKTSdXR+mYnweTTRQxG+ny1A9fPgA31ZgMHmjeRSjQRSj/RsT
+Tt7WqVamjhYSPIzHqCrJAgMBAAGjggFBMIIBPTAPBgNVHRMBAf8EBTADAQH/MB0G
+A1UdDgQWBBTg84a5Bwh+pRwBM271dL8qX2bYIzAfBgNVHSMEGDAWgBS2oVQ5AsOg
+P46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMCAQYwMAYDVR0fBCkwJzAloCOgIYYf
+aHR0cDovL2NybC5jZXJ0dW0ucGwvY3RuY2EyLmNybDBsBggrBgEFBQcBAQRgMF4w
+KAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5jb20wMgYIKwYB
+BQUHMAKGJmh0dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9jdG5jYTIuY2VyMDoG
+A1UdIAQzMDEwLwYEVR0gADAnMCUGCCsGAQUFBwIBFhlodHRwczovL3d3dy5jZXJ0
+dW0ucGwvQ1BTMA0GCSqGSIb3DQEBDQUAA4ICAQAZO7ZOVF6EqxmkvQP4tTdFHYLR
+Mj4ZFg8q810ZIOP8D/kjW/stXvIGq2vtmWRrha2NEfUk4dfPEAEQektjfKHEy2I6
+rMnjMyOGDcLzKAYdgTqMNz9L4Qvuq85cnU1SaJHq9TO7z3SrxxN86iVXVqJW+dKb
+k4aznBdO42jiH+gG6AG0QtRgga0gDdFq0HIF1f8pbndEZA3AHIs4JpsaQ+2ZFuET
+vTCveJwMDI7xwwtTwvHPK0afA8XeroPF+N4HfqOG0jLZWsgthyIHVERJ9j27gUll
+d6CLrvSiYecuG1HovSpFZt6NTLagXrFyWkjjpnZo9+QD460XtpjWxYfHGpRQ/Kxe
+tsXtQTZR9TPqGApZuiB2g6kapXMKoWxpV1HQVvE/rcYbIj0QEnu6e9tJmfD/l7Tg
+LNlpDFLgHC/QwwVzLBFpchtZDN2eSf0fqmqfr4AX0V1OAGi6v+XCLL2XgvNM+YcC
+4RPm6PI7Lr4qw83jth5z+WY6qfhZW4wkb48ndLc7BxdlBXzFg/gaPClw+xAzFk9L
+YfnrIYsdbnEkArGepbqfjD2/U9LiLuWQpNXqx86L5sHWk3toa+LbeHOjDD4dz6Ex
+lp/2Cw+lURi3H5aZJzZ9x+M/6ybsKRL6lOlpYSlaDdu3W8PA0fCZcWX7P1C+G4AD
+82UVg+nfb2Xv/DwRuQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIQjCCBiqgAwIBAgIII202XeOanEUwDQYJKoZIhvcNAQEFBQAwga4xCzAJBgNV
+BAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQg
+d3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcx
+GzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMg
+b2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwHhcNMTMwMjI1MTAzOTQ1WhcNMzcwMjE5
+MTAzOTQ1WjCBqzELMAkGA1UEBhMCRVMxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEg
+Uy5BLjESMBAGA1UEBRMJQTgyNzQzMjg3MUswSQYDVQQHE0JNYWRyaWQgKHNlZSBj
+dXJyZW50IGFkZHJlc3MgYXQgaHR0cHM6Ly93d3cuY2FtZXJmaXJtYS5jb20vYWRk
+cmVzcykxHjAcBgNVBAMTFUNhbWVyZmlybWEgVFNBIC0gMjAxMzCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBALpvXZdoh0F//9zTPJF5htYt7dqo+Wf/rHwo
+JGcov3BPZ/jhukWxzHpriHG8I6w6WAn2Zr6Y1kDvVS/B+i6hhod8zkZg9gWixdEf
+10Vm/+YUOsSpWep3ywd9aw0/fRdO2UZmz3LECwG80aoAGPN0dAM57TzkDl3qP2SN
+jR2EYHmjHWXr9vwCwixMYRBEiWY2E8PGUYoqK1gPZbN6oqSLYl7CS3k5QLR8+ksO
+i8UpJcLJLXvqmh+c4sBL8NLV60y4Xa+dgQdxpfnk/tPWbHhBsKvy95C634g086Nr
+9qnFO0pxGbhKO6XYG0GKXOQJ7TcVGK1z9wHHRfvIvTmcp9gopk99xmed1al+Efzk
+Mju7lmzCocz4JZ3VyCD3BD3qRx7R6MaPtTLk3XXCbx9QBIjBPIQM654rfYQM/nGZ
+di+M2wlXWnebxAmF2ubx+hJdGFCjggnHjqg0oG5wrKvCN25iDtCoRaXc7kQ1Vnod
+PT37XMQkW7bMAWvX6cnfL7UQm3w7eWDFRVlViFsVkxczyCviD9p7wxNe/08506HP
+pSirrzftgnLvugV7RZQkD1fn9W7FQkLEhX8/qpMdF6ZKJsD+dizGLoqPCWqyo7u9
+UZ1PSWAhAf5Q+XDsgIo+0t73r8kaiCcXl+R4BQtiDijdja5qcwZziedCeE1Yy3Cn
+r+YVJMlFAgMBAAGjggJjMIICXzASBgNVHRMBAf8ECDAGAQH/AgECMB0GA1UdDgQW
+BBQOMU1d6eHCXFu89SsFuq9HDRar3DCB4wYDVR0jBIHbMIHYgBT5JKwPsrX4ecD6
+YIgbxNlNAp4XGaGBtKSBsTCBrjELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJp
+ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk
+cmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJt
+YSBTLkEuMSkwJwYDVQQDEyBDaGFtYmVycyBvZiBDb21tZXJjZSBSb290IC0gMjAw
+OIIJAKPaQn6ksa7aMHoGCCsGAQUFBwEBBG4wbDBCBggrBgEFBQcwAoY2aHR0cDov
+L3d3dy5jYW1lcmZpcm1hLmNvbS9jZXJ0cy9yb290X2NoYW1iZXJzLTIwMDguY3J0
+MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC5jYW1lcmZpcm1hLmNvbTAOBgNVHQ8B
+Af8EBAMCAQYwPgYDVR0gBDcwNTAzBgRVHSAAMCswKQYIKwYBBQUHAgEWHWh0dHBz
+Oi8vcG9saWN5LmNhbWVyZmlybWEuY29tMHgGA1UdHwRxMG8wNaAzoDGGL2h0dHA6
+Ly9jcmwuY2FtZXJmaXJtYS5jb20vY2hhbWJlcnNyb290LTIwMDguY3JsMDagNKAy
+hjBodHRwOi8vY3JsMS5jYW1lcmZpcm1hLmNvbS9jaGFtYmVyc3Jvb3QtMjAwOC5j
+cmwwDQYJKoZIhvcNAQEFBQADggIBADAL5qPHF+WF8tWNTaqDMNl/Av4dipoH+gNF
+FTQfY6OGPEFsKYqBBU6HKsOkVnBT0hSAdQTk8fOOifSP39bbs582t6axg+aoPCER
+y8tL26R8myLwicPjXss3kqW11qJ75jZK1WI3NHD8zyhxlTT5Kfa/xOvSajq0HjCX
+IIKw+nxrgvmFsphvToVn+rFQzOXmYGT2JZeEVKemMlkeTrQeu674Pk93ueh6F0sD
+/9IklgTZ5qUSlmec1ilyrE5QEBJrWls8bmymU7oExhiNd0ANjBmcTojYhzpb+1pO
+JaZcAdb1sTrDgbxtPLOdAZzRxOS5Nlzl1i6i8BLSdrEwk+mUSrpbik6JrvFlFzQ/
+oAEGaeHpn7d5rx/7nc8pW+YsAZT70iuUHOSE7hv0pcWYrjgGoDXGA52lGwP8KqMG
+s/vywoyuFovbZYsHO1TR+XpxAEQ9sTKNW6Ex4en27ClRWBqXGw7uI5wfVkF+dWyi
+K6P8F49n+Veo7VrLBoe5WATzmkdhFbjKOZZdzdnBRnT3Ehd4ZS4fAXSDP0tmk6oR
+R0CB3bcVgEm7heIuFI7M1IOutntNHpLGxNPmdGrlBW91qS5M4WEtGpPHX18gIcj1
+3+PdH9gDu959oqdH5ukhIJvNy7WFhp7mSdUz5f3gYDDWgRccCPeZ8IjdcA+UKJtQ
+T09tRmr6
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIDojCCAyigAwIBAgIQBh1GQ7QStdjXFUmdhVOqAzAKBggqhkjOPQQDAzCBhTEL
@@ -2280,91 +2942,271 @@ lCqvSvXXjK0QvZSrOB7cj9RavGgCMG2xJNG+SvlTWEYpmK7eXSgmRUgoBDeQ0yDK
 lnxmeeOBnnCaDIxAcA3aCj2Gtdt3sA==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIExzCCA6+gAwIBAgIQQYISfRLZxrMhOUMSVmQAuDANBgkqhkiG9w0BAQsFADCB
-mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
-MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
-eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv
-cml0eSAtIEczMB4XDTEzMDUyMzAwMDAwMFoXDTIzMDUyMjIzNTk1OVowRjELMAkG
-A1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHzAdBgNVBAMTFkdlb1Ry
-dXN0IFNIQTI1NiBTU0wgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDGqQtdF6V9xs8q78Zm0UIeX4N4aJGv5qeL8B1EAQoZypzUix3hoZCjwVu011tq
-i/wOSR7CYin+gBU5i4EqJ7X7EqgFIgvFLPXZmN0WLztm52KiQzKsj7WFyFIGLFzA
-d/pn94PoXgWNyKuhFjKK0kDshjocI6mNtQDecr2FVf4GAWBdrbPgZXOlkhSelFZv
-k+6vqTowJUqOCYTvt9LV15tJzenAXmdxIqxQkEMgXaGjFYP9/Kc5vGtlSBJg/90j
-szqq9J+cN1NBokeTgTMJ5SLGyBxJoW6NzIOzms3qQ/IZ0yTLqCmuUsz0CCewhOrO
-J7XhNBNzklyHhirGsGg2rcsJAgMBAAGjggFcMIIBWDA7BggrBgEFBQcBAQQvMC0w
-KwYIKwYBBQUHMAGGH2h0dHA6Ly9wY2EtZzMtb2NzcC5nZW90cnVzdC5jb20wEgYD
-VR0TAQH/BAgwBgEB/wIBADBMBgNVHSAERTBDMEEGCmCGSAGG+EUBBzYwMzAxBggr
-BgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL2NwczA7
-BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9HZW9UcnVz
-dFBDQS1HMy5jcmwwDgYDVR0PAQH/BAQDAgEGMCoGA1UdEQQjMCGkHzAdMRswGQYD
-VQQDExJWZXJpU2lnbk1QS0ktMi00MTYwHQYDVR0OBBYEFBRnju2DT9YenUAEDARG
-oXA0sg9yMB8GA1UdIwQYMBaAFMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3
-DQEBCwUAA4IBAQAQEOryENYIRuLBjz42WcgrD/5N7OP4tlYxeCXUdvII3e8/zYsc
-fqp//AuoI2RRs4fWCfoi+scKUejOuPYDcOAbWrmxspMREPmXBQcpbG1XJVTo+Wab
-Dvvbn+6Wb2XLH9hVzjH6zwL00H9QZv8veZulwt/Wz8gVg5aEmLJG1F8TqD6nNJwF
-ONrP1mmVqSaHdgHXslEPgWlGJhyZtoNY4ztYj9y0ccC5v0KcHAOe5Eao6rnBzfZb
-qTyW+3mkM3Onnni5cNxydMQyyAAbye9I0/s6m/r+eppAaRzI2ig3C9OjuX6WzCso
-w1Zsb+nbUrH6mvvnr7WXpiLDxaiTsQDJB7J9
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEwjCCA6qgAwIBAgIQNjSeGMmcJmm2Vi5s5a1xMjANBgkqhkiG9w0BAQsFADCB
-rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV
-BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0xMzA1MjMwMDAwMDBa
-Fw0yMzA1MjIyMzU5NTlaMEMxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUs
-IEluYy4xHTAbBgNVBAMTFHRoYXd0ZSBTSEEyNTYgU1NMIENBMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Mr1LpdOK6wz7lMON8gffErR3Edi2jzVvmc
-2qrlhCbepXEwvPMxI53oO4DIZld1tlcO25P1Jo5wumRSZooqiFxEGE2oony9VmEy
-kBL5NYdIYLBukGdEAY3nyQ1jaHJyq2M8hrgffa2IJadqiCn7WcZ4cV8suonm04D9
-V+y5UV9DMy5+JTukBNFgjLNEM5MMrSq2RKIZO6/EkG97BYeGmyxqnStsd8kAn8nP
-rO0+G/fD89n4bNSgV8T7KDKqM/Dmupjf5cJOnHS/ikjC8hvwd0BBBwSyOtVMxCmp
-EUA/AkbwkdXSgYOGE7Mx7UarqId2qZl9vM0xUPSltdylMrOLiwIDAQABo4IBRDCC
-AUAwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC50aGF3
-dGUuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwQQYDVR0gBDowODA2BgpghkgBhvhF
-AQc2MCgwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMDcG
-A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQQ0Et
-RzMuY3JsMA4GA1UdDwEB/wQEAwIBBjAqBgNVHREEIzAhpB8wHTEbMBkGA1UEAxMS
-VmVyaVNpZ25NUEtJLTItNDE1MB0GA1UdDgQWBBQrmjWuARg4MOFwegXgEXajzr2Q
-FDAfBgNVHSMEGDAWgBStbKqUYJzt5P/6Pgp0K2MD97ZZvzANBgkqhkiG9w0BAQsF
-AAOCAQEAdKZW6K+Tlhn7JvkNsESlzel6SAN0AWwTcbfggpCZYiPj1pmv8McenqgY
-Idu0lD80VhuZVS+O8EUzMrdywRNbNNP1YOUuGNFcxWrBqodQDBydZCv/G9zVLmEL
-57m2kVOG2QMq0T17StorB74p8mBCqZEaDi480X2lExQC+u6LjbbIuD5WgVchJD9l
-w7TJzlyNRqxT8/lVdMgr/dJ4cPX4EeX0p60g9Z3x7HD2E6zmjI3bP8byeQ6rUvLM
-G3knzxaz1vPGNoBD7MWU8N2QjfjGUkZW63RHvqbzGa5xTMDh59TP7dQGKCoRPLrZ
-QW4A54E3k+TaYsYdZ29jtBSG2aZi8A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFTDCCAzSgAwIBAgIUSJgt4qkssznhyPkzNYJ10+T4glUwDQYJKoZIhvcNAQEL
-BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
-BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0xMzA2MDExMzM1MDVaFw0yMzA2
-MDExMzM1MDVaME0xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
-dGVkMSMwIQYDVQQDExpRdW9WYWRpcyBHbG9iYWwgU1NMIElDQSBHMjCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOHhhWmUwI9X+jT+wbho5JmQqYh6zle3
-0OS1VMIYfdDDGeipY4D3t9zSGaNasGDZdrQdMlY18WyjnEKhi4ojNZdBewVphCiO
-zh5Ni2Ak8bSI/sBQ9sKPrpd0+UCqbvaGs6Tpx190ZRT0Pdy+TqOYZF/jBmzBj7Yf
-XJmWxlfCy62UiQ6tvv+4C6W2OPu1R4HUD8oJ8Qo7Eg0cD+GFsBM2w8soffyl+Dc6
-pKtARmOClUC7EqyWP0V9953lA34kuJZlYxxdgghBTn9rWoaQw/Lr5Fn0Xgd7fYS3
-/zGhmXYvVsuAxIn8Gk+YaeoLZ8H9tUvnDD3lEHzvIsMPxqtd7IgcVaMCAwEAAaOC
-ASowggEmMBIGA1UdEwEB/wQIMAYBAf8CAQAwEQYDVR0gBAowCDAGBgRVHSAAMHIG
-CCsGAQUFBwEBBGYwZDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNn
-bG9iYWwuY29tMDYGCCsGAQUFBzAChipodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9i
-YWwuY29tL3F2cmNhMi5jcnQwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFBqE
-YrxITDMlBNTu0PYDxBlG0ZRrMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwu
-cXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMi5jcmwwHQYDVR0OBBYEFJEZYq1bF6cw
-+/DeOSWxvYy5uFEnMA0GCSqGSIb3DQEBCwUAA4ICAQB8CmCCAEG1Lcw55fTba84A
-ipwMieZydFO5bcIh5UyXWgWZ6OP4jb/6LaifEMLjRCC0mU14G6PrPU+iZQiIae7X
-5EavhmETEA8JbLICjiD4c9Y6+bgMt4szEPiZ2SALOQj10Br4HKQfy/OvbedRbLax
-p9qlDG4qJgSt3uikDIJSarx6mpgEQXu00UZNkiEYUfeO8hXGXrZbtDnkuaiVDtM6
-s9yYpcoyFxFOrORrEgViaI7P3EJaDYmI6IDUIPaSBM6GrVMiaINYEMBL1v2jZi8r
-XDY0yVsZ/0DAIQiCBNNvT1NjQ5Sn1E+O+ZBiqDD+rBvBoPsI6ydfdKtJur5YL+Oo
-kJK2eLrce8287awIcd8FMRDcZw/NX1bc8uKye5OCtwpQ0d4jL4emuXwFv8TqUbZh
-2xJShyy57cqw3qWoBOs/WWza29/Hun8PXkQoZepwY/xc+9nI1NaKM8NqhSqJNTJl
-vXj7zb3mdpbe3YR9BkSXProlN7l5KOx54gJ7kJ7r6qJYJux03HyPM11Kp4wfdn1R
-sC2UQ5awC6fg/3XE2HZVkyqJjKwqh4nFaiK5EMV7DHQ4oJx9ckmDw6pBvDaoPokX
-yzdfJ72n+1JfHGP+workciKNldgqYX6J4jPrCIEIBrtDta4QxP10Tyd9RFu13XmE
-8SYi/VXvrf3nriQfAZ/nSA==
+MIIG1jCCBL6gAwIBAgIQNMarBE42mRJRyCULbJTWwDANBgkqhkiG9w0BAQsFADA7
+MQswCQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xGTAXBgNVBAsMEEFDIFJB
+SVogRk5NVC1SQ00wHhcNMTMwNjI0MTA1MjU5WhcNMjgwNjI0MTA1MjU5WjBHMQsw
+CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xJTAjBgNVBAsMHEFDIENvbXBv
+bmVudGVzIEluZm9ybcOhdGljb3MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCXVx8rdbF7/xY44CaSqzzGo5BhvzA8knxC/3KJYVzTf+CkOvMxMUDub8b0
+h38MDujm/RKZhBNOWbKhxF3U61ZVhcR9xOCciuS/soT80m3BByxAKcZsNka0jCA4
+XRkglDaAFxCHEZ06MOnvXsSOZDfPYahbQ3VFCVycJuhlHdAwSpmceQwcRYkR6YgX
+wTiyzCNGivMKAmRS3dItqDOmDW/nxiDFq/Jd8VWY7GFkwbbAeqYId8FjN8zfvafu
+nsB9SLFkUjPPMeqfmC7Bdh7HMxLpaOXROwH201cmlebiPkn0xSFxXFqwhhr6yN8U
+QYZ3O/+xdHLrS6DS9+CJUF6d09ijAgMBAAGjggLIMIICxDASBgNVHRMBAf8ECDAG
+AQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUGfhYLxTWpsybBJgIDUzX
+qwCng2UwgZgGCCsGAQUFBwEBBIGLMIGIMEkGCCsGAQUFBzABhj1odHRwOi8vb2Nz
+cGZubXRyY21jYS5jZXJ0LmZubXQuZXMvb2NzcGZubXRyY21jYS9PY3NwUmVzcG9u
+ZGVyMDsGCCsGAQUFBzAChi9odHRwOi8vd3d3LmNlcnQuZm5tdC5lcy9jZXJ0cy9B
+Q1JBSVpGTk1UUkNNLmNydDAfBgNVHSMEGDAWgBT3fcX9xOiaG3dkp/UdoMy/h2Ca
+bTCB6wYDVR0gBIHjMIHgMIHdBgRVHSAAMIHUMCkGCCsGAQUFBwIBFh1odHRwOi8v
+d3d3LmNlcnQuZm5tdC5lcy9kcGNzLzCBpgYIKwYBBQUHAgIwgZkMgZZTdWpldG8g
+YSBsYXMgY29uZGljaW9uZXMgZGUgdXNvIGV4cHVlc3RhcyBlbiBsYSBEZWNsYXJh
+Y2nDs24gZGUgUHLDoWN0aWNhcyBkZSBDZXJ0aWZpY2FjacOzbiBkZSBsYSBGTk1U
+LVJDTSAoIEMvIEpvcmdlIEp1YW4sIDEwNi0yODAwOS1NYWRyaWQtRXNwYcOxYSkw
+gdQGA1UdHwSBzDCByTCBxqCBw6CBwIaBkGxkYXA6Ly9sZGFwZm5tdC5jZXJ0LmZu
+bXQuZXMvQ049Q1JMLE9VPUFDJTIwUkFJWiUyMEZOTVQtUkNNLE89Rk5NVC1SQ00s
+Qz1FUz9hdXRob3JpdHlSZXZvY2F0aW9uTGlzdDtiaW5hcnk/YmFzZT9vYmplY3Rj
+bGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIYraHR0cDovL3d3dy5jZXJ0LmZubXQu
+ZXMvY3Jscy9BUkxGTk1UUkNNLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAo2bsQ2xL
+Dcyodieqjd+uy/lfxDw/MbrAq/ZaNFkIlcypUYamOM4vrm5rz8oLjPCoLkJ48P+n
+P08Gkcl5Q6q6VFcZLia+U3gfHXrkyqToQlrtViGCGH3xA4u56XtMHGXSdk9vQ0yD
+nW5f7bUEkp+uvcKewrOvNcpbIAgD4eU7gdOS0w7BagcFRBgTKBw2s3z73fRZtouJ
+g/atmWYtXbBsfNjph+pCh+h5sbSyZUVzO5AemyjpYYYNMWDQrTXq+7O8zIPuPaNE
+SjEexuzn+VjHG90RlUK1LygARi+Ir0opD2w6erb/hK8Eea7MFdKQ2ASqNBGJggNo
+5vfPVvjHiL+Antmh7mQSKL+4YwFU64d4KK9k0C1mbJethDQFKcjTK1vMvnXFiups
+IuyTqwKauo7u2zMKzY4r3VYOW9TpMyLPFIY8pII5GyNzXlL0F4nscOvduTEPEYqx
+eNJfpDDPY/DO8WfxgdRTy2W3D/UoAulb+Y+nuzGGCtFQrsSMQX487R+aY0nWot/h
+ajef6BcPuxhDfQrg5IafrISVmcJAplb3tXhh0sz7RbYz6jf1bke4eU5fnrTMtGlV
+teUL2vjrfUPHW07kBJuaQ7sxORNV3bpHisOnHj+AriQzCn5vINpSHW6hTm7IfRkb
+ltu/aQrsMuUhP7HE/v+uXe5CuboV5ubZhHU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFjjCCA3agAwIBAgIIOyEC3pZbHakwDQYJKoZIhvcNAQEFBQAwKDELMAkGA1UE
+BhMCQkUxGTAXBgNVBAMTEEJlbGdpdW0gUm9vdCBDQTMwHhcNMTMwNjI2MTIwMDAw
+WhcNMjgwMTI4MTIwMDAwWjAoMQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1
+bSBSb290IENBMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKjyAZ2L
+g8kHoIX7JLc3BeZ1Tzy9MEv7Bnr59xcJezc/xJJdO4V3bwMltKFfNvqsQ5H/GQAD
+FJ0GmTLLPDI5AoeUjBubRZ9hwruUuQ11+vhtoVhuEuZUxofEIU2yJtiSOONwpo/G
+Ib9C4YZ5h+7ltDpC3MvsFyyordpzgwqSHvFwTCmls5SpU05UbF7ZVPcfVf24A5Ig
+HLpZTgQfAvnzPlm++eJY+sNoNzTBoe6iZphmPbxuPNcJ6slV8qMQQk50/g+KmoPp
+HX4AvoTr4/7TMTvuK8jS1dEn+fdVKdx9qo9ZZRHFW/TXEn5SrNUu99xhzlE/WBur
+rVwFoKCWCjmO0CnekJlw0NTr3HBTG5D4AiDjNFUYaIcGJk/ha9rzHzY+WpGdoFZx
+hbP83ZGeoqkgBr8UzfOFCY8cyUN2db6hpIaK6Nuoho6QWnn+TSNh5Hjui5miqpGx
+S73gYlT2Qww16h8gFTJQ49fiS+QHlwRw5cqFuqfFLE3nFFF9KIamS4TSe7T4dNGY
+2VbHzpaGVT4wy+fl7gWsfaUkvhM4b00DzgDiJ9BHiKytNLmzoa3Sneij/CKur0dJ
+5OdMiAqUpSd0Oe8pdIbmQm1oP5cjckiQjxx7+vSxWtacpGowWK8+7oEsYc+7fLt3
+GD6q/O5Xi440Pd/sFJmfqRf3C1PPMdBqXcwjAgMBAAGjgbswgbgwDgYDVR0PAQH/
+BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wQgYDVR0gBDswOTA3BgVgOAoBATAuMCwG
+CCsGAQUFBwIBFiBodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZTAdBgNV
+HQ4EFgQUuLxsAI9bGYWdJQGc8BncQI7QOCswEQYJYIZIAYb4QgEBBAQDAgAHMB8G
+A1UdIwQYMBaAFLi8bACPWxmFnSUBnPAZ3ECO0DgrMA0GCSqGSIb3DQEBBQUAA4IC
+AQBFYjv/mKX+VcyxEacckgx4L8XvFkIFPXzjEnDnAtCCkROU/k5n1jjVK+ODOn+Q
+4kJg6Nd7K47+zTXcrSe1tB2gVMsyaCN9scy4phLX1qT48sThCjUtooxfIoRycpdl
+f14HcUPCYlASTCapZU0MnAbzfpzxm49Ik/A2JWxAhxXVRHwOu3TMGiQ4W/VyVawx
+jwQMO8TneBDombmkXsI9bI0OxWUh2A5dKlqu0sYvE0dz8xDxr9ZkmZqYcPIKizCZ
+laP1ZsSlCi5S31gn3EUP+fd21q6ZXgU+50/qgoh/0UUaHRpedPQBES/FYc2IQZ2X
+jhmeTwM+9Lk7tnzHeHp3dgCoOfceyPUaVkWiXMWcNAvvkDVELvXfJpRxwcRfS5Ks
+5oafOfj81RzGUbmpwl2usOeCRwdWE8gPvbfWNQQC8MJquDl5HdeuzUesTXUqXeEk
+yAOo6YnF3g0qGcLI9NXusji1egRUZ7B4XCvG52lTB7Wgd/wVFzS3f4mAmYTGJXH+
+N/lrBBGKuTJ5XncJaliFUKxGP6VmNyaaLUF5IlTqC9CGHPLSXOgDokt2G9pNwFm2
+t7AcpwAmegkMNpgcgTd+qk2yljEaT8wf953jUAFedbpN3tX/3i+uvHOOmWjQOxJg
+2lVKkC+bkWa2FrTBDdrlEWVaLrY+M+xeIctrC0WnP7u4xg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG1jCCBL6gAwIBAgIQPnz9VM3l4W1RzEmOGx7NSDANBgkqhkiG9w0BAQUFADA7
+MQswCQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xGTAXBgNVBAsMEEFDIFJB
+SVogRk5NVC1SQ00wHhcNMTMwNjI3MTQxNzUwWhcNMjgwNjI3MTQxNzUwWjBHMQsw
+CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xJTAjBgNVBAsMHEFDIENvbXBv
+bmVudGVzIEluZm9ybcOhdGljb3MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCXVx8rdbF7/xY44CaSqzzGo5BhvzA8knxC/3KJYVzTf+CkOvMxMUDub8b0
+h38MDujm/RKZhBNOWbKhxF3U61ZVhcR9xOCciuS/soT80m3BByxAKcZsNka0jCA4
+XRkglDaAFxCHEZ06MOnvXsSOZDfPYahbQ3VFCVycJuhlHdAwSpmceQwcRYkR6YgX
+wTiyzCNGivMKAmRS3dItqDOmDW/nxiDFq/Jd8VWY7GFkwbbAeqYId8FjN8zfvafu
+nsB9SLFkUjPPMeqfmC7Bdh7HMxLpaOXROwH201cmlebiPkn0xSFxXFqwhhr6yN8U
+QYZ3O/+xdHLrS6DS9+CJUF6d09ijAgMBAAGjggLIMIICxDASBgNVHRMBAf8ECDAG
+AQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUGfhYLxTWpsybBJgIDUzX
+qwCng2UwgZgGCCsGAQUFBwEBBIGLMIGIMEkGCCsGAQUFBzABhj1odHRwOi8vb2Nz
+cGZubXRyY21jYS5jZXJ0LmZubXQuZXMvb2NzcGZubXRyY21jYS9PY3NwUmVzcG9u
+ZGVyMDsGCCsGAQUFBzAChi9odHRwOi8vd3d3LmNlcnQuZm5tdC5lcy9jZXJ0cy9B
+Q1JBSVpGTk1UUkNNLmNydDAfBgNVHSMEGDAWgBT3fcX9xOiaG3dkp/UdoMy/h2Ca
+bTCB6wYDVR0gBIHjMIHgMIHdBgRVHSAAMIHUMCkGCCsGAQUFBwIBFh1odHRwOi8v
+d3d3LmNlcnQuZm5tdC5lcy9kcGNzLzCBpgYIKwYBBQUHAgIwgZkMgZZTdWpldG8g
+YSBsYXMgY29uZGljaW9uZXMgZGUgdXNvIGV4cHVlc3RhcyBlbiBsYSBEZWNsYXJh
+Y2nDs24gZGUgUHLDoWN0aWNhcyBkZSBDZXJ0aWZpY2FjacOzbiBkZSBsYSBGTk1U
+LVJDTSAoIEMvIEpvcmdlIEp1YW4sIDEwNi0yODAwOS1NYWRyaWQtRXNwYcOxYSkw
+gdQGA1UdHwSBzDCByTCBxqCBw6CBwIaBkGxkYXA6Ly9sZGFwZm5tdC5jZXJ0LmZu
+bXQuZXMvQ049Q1JMLE9VPUFDJTIwUkFJWiUyMEZOTVQtUkNNLE89Rk5NVC1SQ00s
+Qz1FUz9hdXRob3JpdHlSZXZvY2F0aW9uTGlzdDtiaW5hcnk/YmFzZT9vYmplY3Rj
+bGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIYraHR0cDovL3d3dy5jZXJ0LmZubXQu
+ZXMvY3Jscy9BUkxGTk1UUkNNLmNybDANBgkqhkiG9w0BAQUFAAOCAgEAq8INCAuB
+6nx0nnAePRUcqEW8v0QN0kCWvk3+UcrXmL3xMA5Bl19dO46dS37urKzpowoiYST/
+w7o0S+V9gVHuAtWJa+8fZUOto7zp2rDZ/H0xYR9ZlG/sKn+c2c5S6vepEUm2lqKy
+eEvdFA28Qb81p/L3xPwxa4Xh7LnxZMQuMTFYhoXJmfQ6/tDyTjn+fkAH1ivXk7V9
+NcQjmkKpFnGew/14hKauJ/GjNte6/DCgyE9aD0Nwf7hugHjxK+e0SrX/5ZjitXzQ
+a3SAQfFT4aaFIiG7p91C3yQvLW4mnsUEs1cLrlgQJB2rSKPDskO5duRKB9xBd+rj
+5dHDPCjvJf1GSC9eojv+wgeBaDieLYKp2ZwpS3A5FlinoP+WRCEM0aD8i7H/jo9L
+xozHJxIMkTuVVucOvSoLDZTiy+0fmpjJB15uLU/KEy3orgHRTtHJgT+dAZSNJOh/
+R9FrxqCP2gGghumL4o4KLcDr+D11D1ZKuO1ocNI3eAbnZdPyZPBAf5P9tzW1AXOm
+bvRmRWAb3gL9BKilqdSoc8SWFS8zxWujPrkUv9ZGyHVjw2mA7032W9WynLzFJfqf
+UPA82lHlM1hC2lGBtDYGa2o9jWtyBU7bO2nO3QOfDVLpNRvF00RoJ0uOAacNkp03
+TfA6Q8xxD/CQy9SxwOeD5ufRZKg0HsEl+zg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDDTCCApSgAwIBAgIQAQXa4lWqspVKDbLJ5rUyLDAKBggqhkjOPQQDAzBlMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg
+RzMwHhcNMTMwODAxMTIwMDAwWhcNMjgwODAxMTIwMDAwWjBIMQswCQYDVQQGEwJV
+UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSIwIAYDVQQDExlEaWdpQ2VydCBBc3N1
+cmVkIElEIENBIEczMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEVubeDDY2iYfznJDE
+01D32EdUZD3UjbHGK7V2Tfev3Rqw3U1lT4BEYBfMTxn0nVzFkR0cWePcwQ+al31z
+pC3zOCg9l+hs2l2/6+Mf5T/r5TKouzBQ0MiNtYQm9DQZwp9do4IBJDCCASAwEgYD
+VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAm
+MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRQYDVR0fBD4w
+PDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJl
+ZElEUm9vdEczLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc
+aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUA0a+t1tJcUhP
+eqKMgehiqcCCb00wHwYDVR0jBBgwFoAUy9C9qeGYBVGhTTeig3nOjR0q5IQwCgYI
+KoZIzj0EAwMDZwAwZAIwbEDtzp72rHfEHWQSzkOywcS6EdjhwVTx/RQrMnJ7XzRJ
+utV3ELbyG57vQ8kOmWubAjAEvQWMTmAXaQYSZuPOIDrP3xqBFVts537MnfPbF05n
+7wJyFcX8eno5jbCsk9Jp+wM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGXDCCBESgAwIBAgIQA2N+U4z9huFgNSfW8rgP9DANBgkqhkiG9w0BAQwFADBi
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
+RzQwHhcNMTMwODAxMTIwMDAwWhcNMjgwODAxMTIwMDAwWjBMMQswCQYDVQQGEwJV
+UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSYwJAYDVQQDEx1EaWdpQ2VydCBUcnVz
+dGVkIFNlcnZlciBDQSBHNDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+ANLHpRlDBxJKtjyOW2ivRldYdpvV7yeibGXtTe7sUEYRHsEhzNgcq65r4zqZlCxQ
+LR4xd3a8FkSgzAOQjH3thUvmxyqrDmNmS5/A/qg0VGoNYK8dD8PemtQD59OdDlmQ
+i+Istby0u7/+4GRwJU5xjXVKsaflVRnSN9Wq28Q1DqrTX0wt33wX1wTXodlOq9eD
+p6Vf/pPhgHuSJkFX6SaWcCL5//U5V4drbNlYCAh8ClCKa4Gi26NFEg/chnOfE8/u
+6HZqiz0+XnFkdJfmgpFvh1zALh2Lga7D15ubkSWaLhtNX6GtixEhYUqpSTeIOG/0
+R5qDnJHxy49ct/J6zVIL6qHiNaLM7RSITuuHPLm48axhnM+0UIv9PJi5nNCd6O3W
+CrkEd3FRfzgR2rnHmv+s17dJanp0a5aae8p2wz5K3g5N6XB04WCXyJldNkbmeC7T
+dT9fiOtpb2zxIITRwAA75Fd7zrKdPor0Cqmte3bdBI6pMSklgp3Afe3mcfq0iAE2
+wX1YNOCB4blGgm+A7/VkdcfhS9hJxrUCzCIt8lkUzvzmVWHQxLauuyvj3ZqID25w
++7ztdxtm2tVs50m/Zkqe2eLqFCPBx+cIdxwg29kyKQN1jNRYXVWSjNGAsKo9q7fZ
+HHaWZm5eFUrUqE2Tzuwj5hnHUdSVwlj0x9az+BgqMZoBAgMBAAGjggEiMIIBHjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjA0BggrBgEFBQcBAQQo
+MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBDBgNVHR8E
+PDA6MDigNqA0hjJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVz
+dGVkUm9vdEc0LmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc
+aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUNtCononygrxr
+4lm2o8b3NEaMtC8wHwYDVR0jBBgwFoAU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJ
+KoZIhvcNAQEMBQADggIBAEv9/ne9aGqxhJyIhxHWQjAz8g+PKsut3EI7+4qLHTOD
+bqBpVcY4vDYe8H9MSvtAKCuLzntr/DsP9MM2cvOMZitB7YoFiPYk7Rkq+Pk611VV
+2CVehhMIgxq/Y2uU2e3m3TE6Jq1qOaVlZywgqD9E1mU2FVutqqg6Zs6TF+y3n+Sc
+SaZ1Vnht6VN9seuFvkJKe9ZL+KqBnrLmSArk0200F6CPOppCgiDxlQulJ6/2WK1q
+6HZuAwwqeTiUi2T4pzG2CBY7KrfQLW7JUqvKId8G7Lc7PMIVZLvLWjNi1tfSGotl
+w+cCXuk/Z9XuqQT/z0p2RQqVr+eD98ySiURX+vB9tLOljpgrF2Pfxr156bicysyL
+sudKyKag1NfDmU8sd1F3SFdiYvSwnoLrH7thapJviH0F6jCAT6t4i2D96OhWFVPG
+ON57Dpr5wMdNHTdDZsLC93rojKt4uks940Si71SX918F0GgvoVVTgdWg5dRTfOwk
+XFkJGfdxh7BnvOAk1PoAWAW5UcIEhPRJmvfD6Tg/V6o4wZFZX1yStE9qzenDq7Xj
+2jvT17AVA/uANWOHZSJUhDnDc5EyEoLJnan2t6LY8VJEs9dBRkj2/Umr2FwCFpXM
+8aiL18pv09XZpGGTVtRnr0Mlgswu5PEUKEBSDHK9JN/NwUW/qH1JJCmEBxsmLJB/
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEizCCA3OgAwIBAgIQDI7gyQ1qiRWIBAYe4kH5rzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0xMzA4MDExMjAwMDBaFw0yODA4MDExMjAwMDBaMEQxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEdsb2Jh
+bCBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANNIfL7zBYZd
+W9UvhU5L4IatFaxhz1uvPmoKR/uadpFgC4przc/cV35gmAvkVNlW7SHMArZagV+X
+au4CLyMnuG3UsOcGAngLH1ypmTb+u6wbBfpXzYEQQGfWMItYNdSWYb7QjHqXnxr5
+IuYUL6nG6AEfq/gmD6yOTSwyOR2Bm40cZbIc22GoiS9g5+vCShjEbyrpEJIJ7RfR
+ACvmfe8EiRROM6GyD5eHn7OgzS+8LOy4g2gxPR/VSpAQGQuBldYpdlH5NnbQtwl6
+OErXb4y/E3w57bqukPyV93t4CTZedJMeJfD/1K2uaGvG/w/VNfFVbkhJ+Pi474j4
+8V4Rd6rfArMCAwEAAaOCAVowggFWMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0P
+AQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29j
+c3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmw0LmRp
+Z2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwN6A1oDOGMWh0dHA6
+Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwPQYD
+VR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj
+ZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFCRuKy3QapJRUSVpAaqaR6aJ50AgMB8GA1Ud
+IwQYMBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA0GCSqGSIb3DQEBCwUAA4IBAQAL
+OYSR+ZfrqoGvhOlaOJL84mxZvzbIRacxAxHhBsCsMsdaVSnaT0AC9aHesO3ewPj2
+dZ12uYf+QYB6z13jAMZbAuabeGLJ3LhimnftiQjXS8X9Q9ViIyfEBFltcT8jW+rZ
+8uckJ2/0lYDblizkVIvP6hnZf1WZUXoOLRg9eFhSvGNoVwvdRLNXSmDmyHBwW4co
+atc7TlJFGa8kBpJIERqLrqwYElesA8u49L3KJg6nwd3jM+/AVTANlVlOnAM2BvjA
+jxSZnE0qnsHhfTuvcqdFuhOWKU4Z0BqYBvQ3lBetoxi6PrABDJXWKTUgNX31EGDk
+92hiHuwZ4STyhxGs6QiA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEmjCCA4KgAwIBAgIQD1/M/Ksg89+ObaPYR2fCkzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMjgwODAxMTIwMDAwWjBIMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSIwIAYDVQQDExlEaWdpQ2VydCBB
+c3N1cmVkIElEIENBIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+tFLF3hmmiyDchhlz2ZMtsf4L23l6z+g5odzcrNDI8QcZTBUm9xV9w5YZ6bRXU7jw
+ZlKaaVtxrqugWHNdlNfKL27RzC4kn1aKvwdt5Gj9j+UMzc/BMx3ksvGiHwQMBMGF
+zPAVG9aUpVXCXdUt0vSOLZxzI3x2Oqz2jL9pxc2l/bmgf9uhE4v2noPxViUQ4DF2
+h/cDRzV5qyZUq8FPw9y1JUi8Pl6HHAzFei/4OvhAQogerd8lvl8chlkT5h9UNeS0
+zdv5uDrNs5C/hJqXidKZU7nZTqh08B/RD8vsu9f66HavmbyrKXa2CveC0uqZvfQZ
+0SBCj4ykeElnxyveHfOvUQIDAQABo4IBYTCCAV0wEgYDVR0TAQH/BAgwBgEB/wIB
+ADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhho
+dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6
+Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmww
+OqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJ
+RFJvb3RHMi5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0
+dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFLHP9qHl5oHFZkeN
+eIR3e/mBy0qmMB8GA1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWXNqfWMA0GCSqG
+SIb3DQEBCwUAA4IBAQA/C7UkzAlgi5mvLq7ukp0JS9Vg+rMNyx3XVkBF84vz9exk
+74Y0vPnniZoy/pAgOaFFGbsVBI7SNf/iGI5x5UG5PKWo+K0AP0fwkZFnfEAN0wJy
+Dezr2oLi95s2XCoqThxhtJe6t1A8Lh6klGQGkgREdyF7Y6obGQq+7hDz4VRR4MCM
+m5QHcPcYJzh0pQueTxadgp6AbksehUf/g9eGzwzHqdkkAIQ9mzpRRxjoqkaPTtSd
+kpPl/ZZcDqPzDzWXhzKfJs90lSuYy1z1fQEgFZP/X1DGT8SGzAlfv83e+FC3ja7w
+JZJ4ZTqw8UTUUpI52U2HVCMXKNtEFEyMYLeRJe+j
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAzCCAomgAwIBAgIQBYjADIzAxXdmfmTLqIurSTAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0xMzA4MDExMjAwMDBaFw0yODA4MDExMjAwMDBaMEQxCzAJBgNVBAYTAlVTMRUw
+EwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEdsb2JhbCBD
+QSBHMzB2MBAGByqGSM49AgEGBSuBBAAiA2IABGY9nqbRBXwQO+2i5tz0bMPnXF/p
+aT+G2x/Cfk22Ga8rAP8LlrJaUK8Wguo1B5cq/eQY83hwiTsQgCFz+uSjKbU9TrVt
+nD+hAsQdmWUlMpzpd1ZwPnCR1+mg4jTsONHa8KOCASEwggEdMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEF
+BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEIGA1UdHwQ7MDkwN6A1oDOG
+MWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMy5j
+cmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3
+LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFBsAey6NpdNhIQxdVjUDP9LNcZgK
+MB8GA1UdIwQYMBaAFLPbSKT5ocXYrjZBzBFjaWIpvEvGMAoGCCqGSM49BAMDA2gA
+MGUCMQDuo99HhMCfVcynjSsjBZR9FDFHzMxl/wEZSg2vdjHyiKYBa52Ok9LWR2WG
+Ss3h4jkCME8wZqBwYpkfJh9ziZrgEkbUmpsLg6E2DLlOyLfeS/znes2wDjQYaTyh
+EbyxjtCg/w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE9DCCA9ygAwIBAgIDD+D2MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD
+QSAzIDIwMTMwHhcNMTMwOTI3MDczMDQwWhcNMjgwOTIwMDgyNTUxWjBbMQswCQYD
+VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMTUwMwYDVQQDDCxELVRSVVNU
+IEFwcGxpY2F0aW9uIENlcnRpZmljYXRlcyBDQSAzLTEgMjAxMzCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALC/1NRhaNYd26CrWiM6xDD2RxiOBSiyi5I1
+iWWIdQkmuFEV/I+dnYjbtbZnE6cCjjIr9N2sGtpRBJb66lRIaTBzsSuNqu1hu3OH
+dJZHO3fnE63sXmZRgGfKyLF3AErbSH9NdOj5M4x3JSmayeojddU6FpI6TwbBPUxy
+if9msLURw1UE6uTnXu59Whmst/5zSHjH9QC3uEPd18doJXF1NGYCz37UUCiReapf
+NNBIFlj3vrRwKzQVsz4fjYaDMyn4IZ0fpD8lIhR3fmc1PhVNVwL66sN1AMz4aeL0
+ylV0viIKhPW0WVuQswZ18mTxRbW7gN1CRz8Cp0tGxza8Og8SI68CAwEAAaOCAdUw
+ggHRMB8GA1UdIwQYMBaAFD+QyH3HFW/zJI+pwy9Log8hsi/nMEIGCCsGAQUFBwEB
+BDYwNDAyBggrBgEFBQcwAYYmaHR0cDovL3Jvb3QtY2EtMy0yMDEzLm9jc3AuZC10
+cnVzdC5uZXQwZgYDVR0gBF8wXTBbBgsrBgEEAaU0AoFIATBMMEoGCCsGAQUFBwIB
+Fj5odHRwOi8vd3d3LmQtdHJ1c3QubmV0L2ludGVybmV0L2ZpbGVzL0QtVFJVU1Rf
+Um9vdF9QS0lfQ1BTLnBkZjCBvgYDVR0fBIG2MIGzMHSgcqBwhm5sZGFwOi8vZGly
+ZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ0ElMjAzJTIw
+MjAxMyxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdDA7oDmgN4Y1aHR0cDovL2NybC5kLXRydXN0Lm5ldC9jcmwvZC10cnVzdF9y
+b290X2NhXzNfMjAxMy5jcmwwHQYDVR0OBBYEFBkDqtkiRccaYqnnXJmwnd7t1Li1
+MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMA0GCSqGSIb3DQEB
+CwUAA4IBAQAQjlD4qWkDZE7oZaTTkJPJQwp3TtGPZ7jfPmPfZv6HX3VAzdjJjoNC
+Aj1VjcoPWyB38crUZDZRcwq3OwfSpszwAIru1MDl5d3Z0axSaZbhnAG5wxka9UrI
+L29hw5mcJVNiu06TDrel2shZInn8eauFguuwW1XCDw9SGdrXtB0XZnYe84SM9h8N
+fm37s80jX/PyUWKIyMsHhqvbg7nuOcoVQ5fOjtxiWjqYYw1ZuXO5k3VoNcWyduOD
+4ZqUB94dbPpHw++q4OJsACEGt0JH19gajBHPQEolptS/YjQNGeJ4PbYrlZuCySj1
+QNpWaace/irZlZr9P5b/vHhisD78NR5V
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEtjCCA56gAwIBAgIQDHmpRLCMEZUgkmFf4msdgzANBgkqhkiG9w0BAQsFADBs
@@ -2423,230 +3265,416 @@ xICaEnL6VpPX/78whQYwvwt/Tv9XBZ0k7YXDK/umdaisLRbvfXknsuvCnQsH6qqF
 cPUeybQ=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEbjCCA1agAwIBAgIQboqQ68/wRIpyDQgF0IKlRDANBgkqhkiG9w0BAQsFADBY
-MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMo
-R2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xMzEw
-MzEwMDAwMDBaFw0yMzEwMzAyMzU5NTlaMEcxCzAJBgNVBAYTAlVTMRYwFAYDVQQK
-Ew1HZW9UcnVzdCBJbmMuMSAwHgYDVQQDExdHZW9UcnVzdCBFViBTU0wgQ0EgLSBH
-NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANm0BfI4Zw8J53z1Yyrl
-uV6oEa51cdlMhGetiV38KD0qsKXV1OYwCoTU5BjLhTfFRnHrHHtp22VpjDAFPgfh
-bzzBC2HmOET8vIwvTnVX9ZaZfD6HHw+QS3DDPzlFOzpry7t7QFTRi0uhctIE6eBy
-GpMRei/xq52cmFiuLOp3Xy8uh6+4a+Pi4j/WPeCWRN8RVWNSL/QmeMQPIE0KwGhw
-FYY47rd2iKsYj081HtSMydt+PUTUNozBN7VZW4f56fHUxSi9HdzMlnLReqGnILW4
-r/hupWB7K40f7vQr1mnNr8qAWCnoTAAgikkKbo6MqNEAEoS2xeKVosA7pGvwgtCW
-XSUCAwEAAaOCAUMwggE/MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQD
-AgEGMC8GCCsGAQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDovL2cyLnN5bWNi
-LmNvbTBHBgNVHSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93
-d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwNAYDVR0fBC0wKzApoCegJYYj
-aHR0cDovL2cxLnN5bWNiLmNvbS9HZW9UcnVzdFBDQS5jcmwwKQYDVR0RBCIwIKQe
-MBwxGjAYBgNVBAMTEVN5bWFudGVjUEtJLTEtNTM4MB0GA1UdDgQWBBTez1xQt64C
-HxUXqhboDbUonWpa8zAfBgNVHSMEGDAWgBQs1VBBlxWL8I82YVtK+2vZmckzkjAN
-BgkqhkiG9w0BAQsFAAOCAQEAtI69B7mahew7Z70HYGHmhNHU7+sbuguCS5VktmZT
-I723hN3ke40J2s+y9fHDv4eEvk6mqMLnEjkoNOCkVkRADJ+IoxXT6NNe4xwEYPtp
-Nk9qfgwqKMHzqlgObM4dB8NKwJyNw3SxroLwGuH5Tim9Rt63Hfl929kPhMuSRcwc
-sxj2oM9xbwwum9Its5mTg0SsFaqbLmfsT4hpBVZ7i7JDqTpsHBMzJRv9qMhXAvsc
-4NG9O1ZEZcNj9Rvv7DDZ424uE+k5CCoMcvOazPYnKYTT70zHhBFlH8bjgQPbh8x4
-97Wdlj5qf7wRhXp15kF9Dc/55YVpJY/HjQct+GkPy0FTAA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFKzCCBBOgAwIBAgIQfuFKb2/v8tN/P61lTTratDANBgkqhkiG9w0BAQsFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB3MQsw
-CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
-BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVjIENs
-YXNzIDMgRVYgU1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQDYoWV0I+grZOIy1zM3PY71NBZI3U9/hxz4RCMTjvsR2ERaGHGOYBYmkpv9
-FwvhcXBC/r/6HMCqo6e1cej/GIP23xAKE2LIPZyn3i4/DNkd5y77Ks7Imn+Hv9hM
-BBUyydHMlXGgTihPhNk1++OGb5RT5nKKY2cuvmn2926OnGAE6yn6xEdC0niY4+wL
-pZLct5q9gGQrOHw4CVtm9i2VeoayNC6FnpAOX7ddpFFyRnATv2fytqdNFB5suVPu
-IxpOjUhVQ0GxiXVqQCjFfd3SbtICGS97JJRL6/EaqZvjI5rq+jOrCiy39GAI3Z8c
-zd0tAWaAr7MvKR0juIrhoXAHDDQPAgMBAAGjggFdMIIBWTAvBggrBgEFBQcBAQQj
-MCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wEgYDVR0TAQH/BAgw
-BgEB/wIBADBlBgNVHSAEXjBcMFoGBFUdIAAwUjAmBggrBgEFBQcCARYaaHR0cDov
-L3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYIKwYBBQUHAgIwHBoaaHR0cDovL3d3dy5z
-eW1hdXRoLmNvbS9ycGEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3MxLnN5bWNi
-LmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwx
-GjAYBgNVBAMTEVN5bWFudGVjUEtJLTEtNTMzMB0GA1UdDgQWBBQBWavn3ToLWaZk
-Y9bPIAdX1ZHnajAfBgNVHSMEGDAWgBR/02Wnwt3su/AwCfNDOfoCrzMxMzANBgkq
-hkiG9w0BAQsFAAOCAQEAQgFVe9AWGl1Y6LubqE3X89frE5SG1n8hC0e8V5uSXU8F
-nzikEHzPg74GQ0aNCLxq1xCm+quvL2GoY/Jl339MiBKIT7Np2f8nwAqXkY9W+4nE
-qLuSLRtzsMarNvSWbCAI7woeZiRFT2cAQMgHVHQzO6atuyOfZu2iRHA0+w7qAf3P
-eHTfp61Vt19N9tY/4IbOJMdCqRMURDVLtt/JYKwMf9mTIUvunORJApjTYHtcvNUw
-LwfORELEC5n+5p/8sHiGUW3RLJ3GlvuFgrsEL/digO9i2n/2DqyQuFa9eT/ygG6j
-2bkPXToHHZGThkspTOHcteHgM52zyzaRS/6htO7w+Q==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFKzCCBBOgAwIBAgIQNmWFB3qIZ6tY9KCU+BA3MzANBgkqhkiG9w0BAQUFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB3MQsw
-CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
-BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxKDAmBgNVBAMTH1N5bWFudGVjIENs
-YXNzIDMgRVYgU1NMIENBIC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQDa7MVqNhGG2yAho+xMIf0PxVw6vuyibpgOgplrenrrbvIlyS1gIF3WK+bd
-mdnxVFx2mwv5J0IkfOrU5jwqziOf+3jJFUT0VixVzla3MPBJif4N2G4BfGHTRJlm
-XpZIGIcJyMNJ6TXsu0x6FZFV7WCAlQvXGPOnS+bodAwua0X0F/nLv1RW7jbUTubP
-rR9NfY+zVTXdYtJuVIWeRVN67mCWIn+4Gq9voA6mjhO2haHMXIyerR1xuAiU5s68
-ONDR6T9xQ/uXI6hs9DHcAjveKVXyoL4eIWyvGlzfajdkAprQUXGlf7ppxSyJZ3A7
-EwVy7SEjECsjKhquOglkI3onYhLRAgMBAAGjggFdMIIBWTAvBggrBgEFBQcBAQQj
-MCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wEgYDVR0TAQH/BAgw
-BgEB/wIBADBlBgNVHSAEXjBcMFoGBFUdIAAwUjAmBggrBgEFBQcCARYaaHR0cDov
-L3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYIKwYBBQUHAgIwHBoaaHR0cDovL3d3dy5z
-eW1hdXRoLmNvbS9ycGEwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3MxLnN5bWNi
-LmNvbS9wY2EzLWc1LmNybDAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0RBCIwIKQeMBwx
-GjAYBgNVBAMTEVN5bWFudGVjUEtJLTEtNTMyMB0GA1UdDgQWBBRL+i3k7jMy4t8N
-AaGG06A7OrmsrjAfBgNVHSMEGDAWgBR/02Wnwt3su/AwCfNDOfoCrzMxMzANBgkq
-hkiG9w0BAQUFAAOCAQEARqb1s+ikVsm4NPD3/vMsLmORYyzp1RR/E5P2TN5NgpnM
-a8l4YfsSLUgPcOonb3jo9wM+yrg7usnfsDri3iLQMS1m2m4RJUL1eyTC3ksSd81W
-2PuGgLoKU27lAQgb0cmydZ2rBics8lKPWb2uHXT648b8RE1bSmzJuDnZ91qE+aAD
-wjhOizKlQNrCdfS8yvlX+YYHdVvudjUwhQdz0lxG7Q965X9sPTfBveaFSWC6jfnv
-2qxKMeFk9nlnvz9v4pVS3k+NydQ9/L07uDHw9dn1QQRU4CafmYP5BTYlccTLwSse
-g1CoewuMVg6qXabpL6Fn/jcgxT6d/J2sIP17u5y4IA==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFODCCBCCgAwIBAgIQUT+5dDhwtzRAQY0wkwaZ/zANBgkqhkiG9w0BAQsFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB+MQsw
-CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
-BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVjIENs
-YXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAstgFyhx0LbUXVjnFSlIJluhL2AzxaJ+aQihiw6UwU35VEYJb
-A3oNL+F5BMm0lncZgQGUWfm893qZJ4Itt4PdWid/sgN6nFMl6UgfRk/InSn4vnlW
-9vf92Tpo2otLgjNBEsPIPMzWlnqEIRoiBAMnF4scaGGTDw5RgDMdtLXO637QYqzu
-s3sBdO9pNevK1T2p7peYyo2qRA4lmUoVlqTObQJUHypqJuIGOmNIrLRM0XWTUP8T
-L9ba4cYY9Z/JJV3zADreJk20KQnNDz0jbxZKgRb78oMQw7jW2FUyPfG9D72MUpVK
-Fpd6UiFjdS8W+cRmvvW1Cdj/JwDNRHxvSz+w9wIDAQABo4IBYzCCAV8wEgYDVR0T
-AQH/BAgwBgEB/wIBADAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vczEuc3ltY2Iu
-Y29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB/wQEAwIBBjAvBggrBgEFBQcBAQQjMCEw
-HwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wawYDVR0gBGQwYjBgBgpg
-hkgBhvhFAQc2MFIwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20v
-Y3BzMCgGCCsGAQUFBwICMBwaGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20vcnBhMCkG
-A1UdEQQiMCCkHjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0xLTUzNDAdBgNVHQ4E
-FgQUX2DPYZBV34RDFIpgKrL1evRDGO8wHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnz
-Qzn6Aq8zMTMwDQYJKoZIhvcNAQELBQADggEBAF6UVkndji1l9cE2UbYD49qecxny
-H1mrWH5sJgUs+oHXXCMXIiw3k/eG7IXmsKP9H+IyqEVv4dn7ua/ScKAyQmW/hP4W
-Ko8/xabWo5N9Q+l0IZE1KPRj6S7t9/Vcf0uatSDpCr3gRRAMFJSaXaXjS5HoJJtG
-QGX0InLNmfiIEfXzf+YzguaoxX7+0AjiJVgIcWjmzaLmFN5OUiQt/eV5E1PnXi8t
-TRttQBVSK/eHiXgSgW7ZTaoteNTCLD0IX4eRnh8OsN4wUmSGiaqdZpwOdgyA8nTY
-Kvi4Os7X1g8RvmurFPW9QaAiY4nxug9vKWNmLT+sjHLF+8fk1A/yO0+MKcc=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIErzCCA5egAwIBAgIQXXL7M3Yg9kxygNvpEoH/ajANBgkqhkiG9w0BAQsFADCB
-qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
-BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTMxMDMxMDAwMDAwWhcNMjMx
-MDMwMjM1OTU5WjBEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
-MR4wHAYDVQQDExV0aGF3dGUgRVYgU1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQDE3dqUHjKyLqCDwKZ9X2Ut/Se4cw74C6nUViZpmGc1
-OWRYzoJvmJTRj+CQ1u1VS5hL1xBZNAIb51ExUcQ4wrzbA1zK4XzcT1mX6gd/D4U+
-kuqqp9m+AUHkYlZHNr1XkeYh0/hBC9i66O2BrXDAi27ziW4nnqamc1m7cQDUT0tI
-6dXJJzacfBwCqqy9O9FTg2of5ghHM6exnwK+m0ftMwTcHIAn0UozoIzrAUehMpBk
-e8TghMky6d00H4poZ/OtEGPr7oqasSobJnShKrCP/lKYRpfPo1Ycb26Zl40mDqns
-wlNw/HqlGUm9tReCVd6X4F1ihIHwcKg0U08U/T1dPW+5AgMBAAGjggE1MIIBMTAS
-BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAvBggrBgEFBQcBAQQj
-MCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly90Mi5zeW1jYi5jb20wOwYDVR0gBDQwMjAw
-BgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3Bz
-MDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly90MS5zeW1jYi5jb20vVGhhd3RlUENB
-LmNybDApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRU3ltYW50ZWNQS0ktMS01MzYw
-HQYDVR0OBBYEFPBwUdrTKpFPUnfXhnd0D85xGmwiMB8GA1UdIwQYMBaAFHtbRc+v
-zst6/TGSGmq280brV0hQMA0GCSqGSIb3DQEBCwUAA4IBAQChLpQ+mxb0WBpvwfrB
-fkOTssP3iesTYl3dzGETKx1OiHkRYhQ3MEb/iWIQhSqHHvjir/6TApPK8ulGA2uh
-GqzV8IAbmG+4OlD4VHEGA+eEzI5h0l9NDJcCZbWMJrwFmPTcxq/kV3/j3KHXJ0cq
-4Cw/CXTcWuW1fPqCmhX6dCuELmus7zWmMPpHSqo2RPZakQfT5E6XP6ZT2CkzMm+L
-PbWlDeXkiuj1wPqv2DcoJ8PtNDHZfKavTRJP0CuSnGmV8iim/qjG4CxNNusRNNbh
-gZmdQfLnxVcFDhnKr0I5H6cnXuAKF7iuR6uS8YoE3zDgu0+K+RuITwO0JXp43i59
-KdEx
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIErzCCA5egAwIBAgIQBSNxUOZ73TjzPvU80hExPzANBgkqhkiG9w0BAQUFADCB
-qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
-BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTMxMDMxMDAwMDAwWhcNMjMx
-MDMwMjM1OTU5WjBEMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
-MR4wHAYDVQQDExV0aGF3dGUgRVYgU1NMIENBIC0gRzIwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQC0OdfRaYVQLcLryGKXMjAXBPTxgJ42N0UuRJhZvWjc
-ZaHMo4Q2+bopTFkef3zLozYK1Da8nWbuDeC0SeGgtuL2P4xph3HNNCR84gl7QH0X
-Tx07r+2Inhz7AcoWJjoZxFp7MmTscPt2jMmiXx4vEo3SAAtnF/vcQXefw8rTLEQp
-dA0SVB4BqvsEhI4jxALF9R1x+99EwUkfiYL23J9SQlfKDiRv+f3guiGXNRp3vF1k
-CNkTDLpHe3PcZ9tqWNTboFpYsPStSGX+dJqPzWtfS04oQGSYZpKxz3LYxXYL3LzZ
-Dr06D7ygFnKLjKOxAwKW9ilCkOrBwwtNvsJ9lFx5x/EhAgMBAAGjggE1MIIBMTAS
-BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAvBggrBgEFBQcBAQQj
-MCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly90Mi5zeW1jYi5jb20wOwYDVR0gBDQwMjAw
-BgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3Bz
-MDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly90MS5zeW1jYi5jb20vVGhhd3RlUENB
-LmNybDApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRU3ltYW50ZWNQS0ktMS01MzUw
-HQYDVR0OBBYEFC40Iw1fwXqy30AvXuVWMOSapGyEMB8GA1UdIwQYMBaAFHtbRc+v
-zst6/TGSGmq280brV0hQMA0GCSqGSIb3DQEBBQUAA4IBAQCQB3H7nhipCm+K4gcT
-7XNGnYDGt4FNKRPF4SenZuZsnu9TcJRaQJOJdYZk5tuDLK7CF8t3nCJof7hdP9vW
-IyYJ/xYTSA+qQaGIP8DdyG0Ch/ysJ+LAK4Y6djQxXQS6rrqL2twRCw0SLz/tWoaH
-wlE2gkoMSeirqHgYBXEBJeoM4aljXLClHbM+GOJBqhSVgBnq0Kgfx1HAp/E3WZu8
-H+r0LaHtfmO+bHOotBGlRlTigl2WMPb0dKe2pr2a8Cb8YwbnHBqhpAztRr7G/QKo
-aQKQ+m00ioV0ZuS8l3COYKYdDMTmqBOVQxrqFOE0nGr65yTPPJ7jBtE5YEoesvKU
-i4Ah
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEsjCCA5qgAwIBAgIQFofWiG3iMAaFIz2/Eb9llzANBgkqhkiG9w0BAQsFADCB
-qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
-BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTMxMDMxMDAwMDAwWhcNMjMx
-MDMwMjM1OTU5WjBBMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
-MRswGQYDVQQDExJ0aGF3dGUgU1NMIENBIC0gRzIwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQCy/Ab7BJPS6lkgO0SFl1I55xDweuCwlEDaRvgMKLu5zmA4
-P9LYEUIbka1J7o/H3mzeN2/9iyA8bed009zVJIhBgInuNr7E1b6NUxOq5KW4kwq+
-7NrNPNQyVu/QTqC4l7s5UB5uZcP9ss7gWalICcb+vq78PjuBIJeLj0bfYGQHdbsb
-hjifR3s0zqHRl6122J+3Jtt5gDZI8sU3+NkyrnykU4HHmaFUOC9PdaC7WqW7zawC
-WxkC1RMYp86sdFUSBYubopVGZHI4zVobOhanvnGZjFQDuJZsAdM+Bpg/IYE7An4A
-R1MBHg5GQ/tLLdwLGugvmPh+0ZmrE2ykF95v9hX1AgMBAAGjggE7MIIBNzASBgNV
-HRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAyBgNVHR8EKzApMCegJaAj
-hiFodHRwOi8vdDEuc3ltY2IuY29tL1RoYXd0ZVBDQS5jcmwwLwYIKwYBBQUHAQEE
-IzAhMB8GCCsGAQUFBzABhhNodHRwOi8vdDIuc3ltY2IuY29tMEEGA1UdIAQ6MDgw
-NgYKYIZIAYb4RQEHNjAoMCYGCCsGAQUFBwIBFhpodHRwczovL3d3dy50aGF3dGUu
-Y29tL2NwczApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRU3ltYW50ZWNQS0ktMS01
-MzcwHQYDVR0OBBYEFMJPSFf80U+awF04fQ4F29kutVJgMB8GA1UdIwQYMBaAFHtb
-Rc+vzst6/TGSGmq280brV0hQMA0GCSqGSIb3DQEBCwUAA4IBAQCNBt5DyXYCytkj
-l17zY9d9RMIPawr1B+WLuPrgo/prgJK1AyzFN+DC5ZW1knAYKEKU7kt3agEPiyPs
-Vk30AGnlhMji6t5bPvY8BzqUymwnscyDGmBxJ9K/AvUeRNNI1abTdiEAnPqYZOsX
-Nj/rGzw+prHZWAYOctlovvGnINdS5KR3H3FwnVU1hTfhHU2UwnB/lUBuS32ytCkq
-A3nIuUxnYQSgiyf/WQDrVX/GtzM1LV5OrLjqEsXo97mrvnSSLLfZTcqELxzC8HJ8
-sjFuz4DliAc2UXu6Ya9tjSNbNKOVvKIxf/L157fo78S1JzLp955pxyvovrsMqufq
-YBLqJop4
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIETzCCAzegAwIBAgIDAjpvMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMTMxMTA1MjEzNjUwWhcNMjIwNTIwMjEzNjUwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-U1NMIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjvn4K
-hqPPa209K6GXrUkkTdd3uTR5CKWeop7eRxKSPX7qGYax6E89X/fQp3eaWx8KA7UZ
-U9ulIZRpY51qTJEMEEe+EfpshiW3qwRoQjgJZfAU2hme+msLq2LvjafvY3AjqK+B
-89FuiGdT7BKkKXWKp/JXPaKDmJfyCn3U50NuMHhiIllZuHEnRaoPZsZVP/oyFysx
-j0ag+mkUfJ2fWuLrM04QprPtd2PYw5703d95mnrU7t7dmszDt6ldzBE6B7tvl6QB
-I0eVH6N3+liSxsfQvc+TGEK3fveeZerVO8rtrMVwof7UEJrwEgRErBpbeFBFV0xv
-vYDLgVwts7x2oR5lAgMBAAGjggFKMIIBRjAfBgNVHSMEGDAWgBTAephojYn7qwVk
-DBF9qn1luMrMTjAdBgNVHQ4EFgQU0m/3lvSFP3I8MH0j2oV4m6N8WnwwEgYDVR0T
-AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNgYDVR0fBC8wLTAroCmgJ4Yl
-aHR0cDovL2cxLnN5bWNiLmNvbS9jcmxzL2d0Z2xvYmFsLmNybDAvBggrBgEFBQcB
-AQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9nMi5zeW1jYi5jb20wTAYDVR0gBEUw
-QzBBBgpghkgBhvhFAQc2MDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1
-c3QuY29tL3Jlc291cmNlcy9jcHMwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVN5
-bWFudGVjUEtJLTEtNTM5MA0GCSqGSIb3DQEBCwUAA4IBAQCg1Pcs+3QLf2TxzUNq
-n2JTHAJ8mJCi7k9o1CAacxI+d7NQ63K87oi+fxfqd4+DYZVPhKHLMk9sIb7SaZZ9
-Y73cK6gf0BOEcP72NZWJ+aZ3sEbIu7cT9clgadZM/tKO79NgwYCA4ef7i28heUrg
-3Kkbwbf7w0lZXLV3B0TUl/xJAIlvBk4BcBmsLxHA4uYPL4ZLjXvDuacu9PGsFj45
-SVGeF0tPEDpbpaiSb/361gsDTUdWVxnzy2v189bPsPX1oxHSIFMTNDcFLENaY9+N
-QNaFHlHpURceA1bJ8TCt55sRornQMYGbaLHZ6PPmlH7HrhMvh+3QJbBo+d4IWvMp
-zNSS
+MIIF4DCCA8igAwIBAgIQa5bmR6QeMhCn0Zuj/APCsDANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDUxCzAJBgNVBAYTAkJFMRUwEwYDVQQD
+EwxGb3JlaWduZXIgQ0ExDzANBgNVBAUTBjIwMTQwNDCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAKyRpr99eRHsEFh+Q2cJKFIIerDMQDQ2l4D+zFuXjveu
+tkYKIZ7fDrQebL7nS7e34ZtWwMz0jzYtkoZ/ABce1iICIS8MBEEDZLA2BDULlT0Z
+q6H/pv+ZEUsmh30qjjMPPb+V+syHCSidSxRO04r+pkbC8b2fQH6sZ4oMCo/pqReP
+7r8oLYu+iez5ZaHd+RLtXLNAv0R8rWnNl5EP7QsT7DRKidS4uACzxO/k41ktZjDN
+jbXpYD40H8HnU39knELKbWP0gvNIYTH+JNVkExqzeXuvl05/rxOybdwq86wpvx15
+XGSuS8ABmsl/L10CnK1xsTk5qtkiAc9H5AwgLV7cTaRA8gROKMWi+Fx2g8xEeM0D
+X5LTLt4/JAiF/oRAGNZeSqJ98itQ6eH9KBjvLitVWjhbkUqaef3sLTX6Li7CypZD
+jtHQ2dhk01eehqAtJf5G2rFqkKcqhN11am2uZY/0grRjCHooLBU1otTEP6hKrHtl
+Y7YPil5PVwfAnfrMziQlSlUwong2C8VXKcme0jwZvcBlhygRjCiIh7nkQg/PTpig
+Gw5rkaq8q6I6Fun252baUkDr+yzCBtgGIIE/mNjbm69Pak+IT7JfPaPODfBfiOgG
+eEr4PXWPvGt1it1WfI7uHFcNo6lG0aOpsHKUhb4GgFGIDRL7cJ/k/0Ih/XTquYLb
+AgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+QwYDVR0gBDwwOjA4BgZgOAoBAQcwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9z
+aXRvcnkuZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFO0vBYESmvhU2mkwIMFS42Zb
+KTVcMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUv
+YmVsZ2l1bTMuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBS4vGwA
+j1sZhZ0lAZzwGdxAjtA4KzANBgkqhkiG9w0BAQUFAAOCAgEAgrAjpNP/oh8Gqkp4
+O0LXNc+dKdpmht9TA9RUxqSVpzGuXOrU4xxXjsCkZVqlDDk6/lrit2s2yPOV97Z1
+RgyERR2jdr1oK0WRitHevScpyH6BBQKnbxLab4ITW9QqRgUFF4q/rt5DGv0c7Um8
+3rIk2lZa8HQ+UO4Fk5v4OYyLMWf8aVeaQaJ6H9sLmiKz7TU2Ok8R7vPZxOJRbIef
+g/NJpnV9P9qDJOc/syXy2QsDg8TSh+2Fcxl704qPrVSXa1r8EPnLi2vUS6GTiOYQ
+1xI+HXTcjHnxVSPn+CLhszHf0Zs7ebzQNjDUE/WPrtoMDnN4zkIiY6PUJmTuZ5xY
+F/4sLy1xyBNHNFUO3Wfb6mnjlEb+EDznhge1pGT8B6Nu1rMQxf6lcyofBbP/Vknc
+KMxtaI1w1nF+dQzxJxl3gdP0QvFFpKBADxJC1YcewzF0WdCtNzEc396Lte8Si88z
+TPMO4gEk0iPVLCnUKhCAv+KGQVVMB1aakx/GOKm1WJkhvRSEmBC3/NscYkz0bcnD
+vMT2c3fikfaoFyXRdKuaBv5I7gV6rc40VL1OUpkOFvGL3KLo+eSJi1bvlcjHL8LI
+t6mkPyGLORavHiiinlPhCc2mx8rCQjyo0oH7RBbWT1A+uF6G8h1+mi1T7sJokHHO
+b2DZO5vU+HdJ2bZv7e4HwjJitmY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQSYScnKm3Zu3F9tFkKeBnDTANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE0MDcwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCuwpLG2lDe5G83hrXO8YEzkOS8BUK5lDZA7QnTUXYzPebu
+OS5yxSVyIvK+pids0l9hmgwCurxMaXQ+DiofKlwG4nfEowkh5wBLCwLzHUAaKV9x
+Km25S4qgC6lN8COCVhlJLV4n+yJqwCb5HhAaI/JQqvQRKK4AvkFXgKz7irYQnkc8
+bAanc3I1qxb0GF3WEaIej41IybU0PxK4ZnUntqAiAJAedymuYjfitLmRjf78gFDD
+2MlCmvZJx8AEaPMp1PBCdqtkzXunuclC23MXmOsgfflGicgmr1DSujqoyUtL5Y6N
+Z10ObFvvPojQIliZOh8ksN/ta3jsfasIQwtpaevfLnbKoQrvKuoBSuDGWkB+rOWt
+T2vYS6qzSc35X7ZZCbzxz9b/8ePgW0B31DV0vFgTi+Bl84H10FVSGefcO4jGmtlw
+bNCXoseklA7Be/s0Kn3Gv7X+D8rPM8gXGHrgpKKU7tYLPuqDx6w2Xa/TIEmjqExU
+dc+6agzeTbg5tNa6MU1OcxwEC5N5zMqpPe3Gnvg/mx/yVfdDmKpAy0j+XRkv0/yL
+LrvS5i56c6Ar6qp01dgClj/rZtfFEQerZrVZYUQjC5SVjbFrAYe5/Dx4fbwcg7bH
+gjd/k24KY8GupoUQGTq939tGxlz1HpJWZcphbdnkC5QySDELoOOkzJuRpKidQwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBTEEwdBAicDk2fduz9rPYrXSsGO
+qTA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAHjZ1fqgC4XwouhTZeAF
+CEphLaytfIlGtRQeczl/8gmZqS31Ikwsb45HL7BJlhyoOuoRdSeaqV5RKP6/d0em
+r9uTPo1bUYYu3PVwn33OLzMiRH4u0BfuuAK9j1ZLlDXQp+Zz3otKXU29euuNjxwh
+QGFt+f35WcCYwAJDS8jDpSuaK/fvKO5FFQFk/Pti2PaqONOa1x4AADNNGDeSRbAr
+roHUT2dZkIPQvO5ke1S7noUGPr49/bV7qgERxpHeHRG7BBJ14koG8owXHN0Yzl1Q
+KpBWjKM3FFnBKymSUJe1MEtsPZXemNq36ikXsRxDvvBnsIMw5nIrj9+uduLJ4/Fz
+ech9UNNMZo6XA5BArjlbSi+WrFlETmpDNdim/nJhCYtiek5/xvrDcQjiedE6W71U
+qTufATliln6zzjAsNLY5InDzX/ixNhjII+mpKtXBtK6lnadwxmvWdBC127jgzb7a
+BvczCsWuZ1R043KU75XyaemL2rbSqnOhm8QK8EcY/OZBs26CH7sKqU+W0E3taSA9
+rGnylGoP9tPJC+Ptky3ixIw3Cadfuv+hgfIRMsitdkSzdIVdDiQBTYbN/mLi3E/2
+5adArWxq+WpeULBTl2/5849Qq/jatUpDLTcaJ6KYtAGgkbaTD/atXARmdwq1M2RJ
+WVJ1vb3CnHlDuMVDjJjbASU+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQW+ZZeXELLNhcQDLl8PaaFTANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE0MDMwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQC24qA8lmT04/1JqfGR+vxX5VZybG9PWcP8iPN0Aa4WnK3G
+cpSL35nv208z9yKdNKWk4HnycpVq01kOMRK1QBmjiWN4NJAuW35rP9ZLzmUQA4gc
+Rkpy3aMJArOfaIYd6R3xe9bksN58ja/O/xGxU/PiJweHmn/zrnVOPqoDD8Vs5G/h
+LL2svl3z+YfDhb4Winnir0P1g722oxlclmtJJQIamyzIPCJ3kiqbwsbcXyP9PSSj
+bR9Za6vR+hgNyNT1sBQIuLGBHunQHkLs7+E172S5pNIqCRGdhs0pS+4qTrkCla3A
+q9J0r4eykbkJ9h+7/JXdUff48vaP6Dsyrf8KnYrRYIoTCmU5Vc5YMo+A/Qn2Hjfd
+3J99CD+XQTi9eiDwKOjxDyqBfz3x27o5m1yW/W7xmlBP+nNe5f9QPIfKhX8k4BVu
+GIjhA/tHVZ5qY6KQtxcYrzRDGgerDD4vZDlnELsrIG3KqhfryXlli9d1L/ePU0dj
+SpdPTrmi3QN55MGugxtomq1I+WTw6cqjk0PrJ/2wQ6CRwJtFARxyaplVzfXb/9TL
+gktekV8BWciwEc73Vk7XPr3gCpvVehbLHgCa0G2ZKYX9qKt1EcRhQxKzxiah0hz1
+qesAt01ZDLPyDq7wkt3XpU2R1V8oMMhWAIAYjbMG5BhsakYtiiFzem7uNFKoOQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBTKZejD+gM/CCEWwdFy3mHolPL+
+5TA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAGf7kwWmtFo7Ow3PZyj/
+g+5hfPm78w/Px5d0tx/gNb4WVl7BLv+f7vvPeaWDoZ09e2UUOPxsbsI3RIUdZMTM
+IuLba+67ozsF2WGHdS/nNN2Sw+FvRHlTt2CJ14+iwWHTxR5Ws43uugtdb+Gvns/b
+BwSb25aGuENZ//Sj9El1c1iQ0P34LEY8LdWFX08w+h52RBD40nkxyQxpRB7/Ez1P
+YWJ+pME+LPFCfqNAQQvyA5AiWXiDWFvRCYaA+g28lTT040wlGrXzEx9YOYEdBVvm
+FuU6gMCxMYQnbVr5/hEVolcpPhqX2cMcNCZsOtio0qEQERYbVv62pb9YQG9ThmvU
+Q9kgE5GhwVsemuTXqbIZOtoW25vM3hZ+l4A3PeVe1aWqY0m0UmQ03ntakbK+d6+x
+hc7ufCE5d17DG7pWx0H+P3DCNg0a0HeWTd9FH5+jXoQXrHl30+PIrJqnnD/Jftpm
+cVhp6wrlUReWGJJm1NqGC1o+u+8CIze5nhCfsZ4FrA3eq3ob62cgiZMNahjxkIDV
+2RPeWjUZhCwIAocgzLNHTrFxs0Y8pzBXIdJnziAV+6LCxiFN5TmpywgRv4Dq5twq
+jFNMspHDAIUbeBjRxY6BJPX6ZJyExk6nyTGp+Ol0BBN9KZT9PveeND8Ekh5qgcsP
+UxcD2Sw7mtw40IuGIaGFRNOM
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQdFqxbPxVc4lsJl+10LS2njANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE0MDUwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDvdw5MyQjeBT3fPmXSlmbnd+ngXi8nWiWl2IV+4xh15vPv
+/TWgoiqnzF0ERuFHCeEKJez4AUJEDjSGB81ryIxLtIBmKy8L2tOk6u1ure4/U15R
+MwYcOlm/yv2PJ/AwdVkXIpj/64FJ19ONLP+yd2nHvfOkF7GiSTcseHAySegicExl
+MrvTWfVKSuttkgiiG9LyQspFPLhTHB9SoGjjaU6Z84mCqO36Zw1T/M5i2wtB5djd
++kO+kMRU23TyU2ziq0qNsVtRSv/DA2oGhyoDZxrGr8TFWE2ftJHLKs7wwICX5tbA
+HbhdUxGbra52s6KZ/NDbtIFlMIoPZ7vd7XcHHrOdq7rEdtciXCx3oifsEztsEB34
+szCBZA2TAzMR65ct5aAh9Yyn2P+slXPFGncGkHyRgoyFmFS6g05nnRjSdbo44HbC
+epDREGYHSpWSf5AIUscGijnrz+teKNHUrXanNcrJSW4UqmTntv7Zl6b+893sm+r0
+0Hxw/nyU6hf8FKuzMLvGtsSeS7Bin/s7QklXFyxaun2u4uw+gpqxH/riLpe3dJEO
+0OefO6qkuBpZpEwLwZrmOMiLGWMRa/lt1gNnrxvHxsgebUE6rILO2syYRCZQOtj+
+T5XKje05c5solo92W1aJQbW4w/jWrW6nALUpgFVXhQnmtcmn6ZCVh03WY850ZQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBSrBLd4QmRecYL2p2RCe+UgDgyh
+FDA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAIND7bsynMuw+BDdDVpm
+l0qtYMdc2iODlnHET28v5a2M0cmumJj8132efmEqv/j06/H5XbnBgAVR48X5lveG
+7guXDL3gC5NucfnRJFaSA3VLc4R5fyGYTZClcxfxhhsmquviCBZ5C20jb3/Q8K5c
+/x6eNuzVENw/XzSdWbHN559qD0iuf8jNIRd3mPzq54luMDMSTqGyUXvm/qReTP/y
+bHRVYXrygxwqYBrr9DnX68ZB/oyFX/0ixgl0f08n1lmJyokHfevFhN0D4nxJX2YH
+JUCZ86JcXGGrBbhhnSlAVWJvWp2VhCkyUQDP6i8H2e9H6PUaSrCXFxs81yNBcCJu
+ir8NOcTxnYj/tOkPZ7VPR8KMMG8xdfAsVgz2YnZONp/Ayni76AJwdG7gZA1RAtKt
+CesGIAdN4XyMwoNEMoW2P7ayAUtXDKj3jPw1vcz57ooyaIklmCK1lWZq+BiVwOV5
+6yjoSNG395gsCmkBACataZg3fbP1czVShbhkBy378tpelEPfkzB8uf+VSwQzueDs
+9jh6bCGdQaC9F4TSytlS+3i0cVC5YrPuP7hgdx14kZDkqNwDteb609Rf4AH8xNtX
+VJfTHeF4sQsBqxSeJUsBb7ow79pY9DseoUIMTg4dpyDXsHsAj20PlWDNxUx5oxI6
+qYILQ9Hz/ojenK3Z7mshMRKn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQRarSSc3nGVuzkLWNSlzc5jANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE0MDYwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDweLXIdoGN58Y1ZXVlGdecmnGTO4GvgZNvhC5la3UKo3ck
+eWDSNnfEoDkVdq1qufxssi8UlyQhSmbWUZ9pIgJF+TthztguFDcSTi3TsNavzNn1
+GDPc2G0OV6A9Gm3qTrdBSBJQZOaSqNgF/Px2vAou4PxFjpuo0Ut5yg2bX+s7G6IH
+eRrW26jx/hz3rgxJ1BuZnfRgKktDN+IUQZRTMoINWo4uK/+kHPETWN9dlzmnQJxA
+fiEZKVCJKysop7MVeGUj87NmTLAaRlOH+cKK8WgNvNSXRzC6ENyG5lFPCiT2Cy7Y
+5yw2wzObivtbTl+QBXbxV4JCacbl1oW0Fh9Gu2V4PKUOESN7PN9Oq8p0eqFE7ARx
+1ju8HxrEKjo+18zMC0yIC+3zFNsZV3H8WqqTOUI/uTJroGSeYEBuvJieXW9xitgv
+fVvygQlzH0p+ph96K/SaL5m+sOyKKN5xZHd3ctH0KRvGFAk5ggP1eAmVxmYgbfMF
+X8at9kXvcVITzE/bXdO5SXWE6Mkgd2QFTI5wuhWLwTohFTqn8SVF6CpQPNFxn9U5
+Ef0V5RSM/n7FjCN+L41uX3vMFLBwUtvnGetiSThLfAnGM6SjFNMfJi3c4ZOtwOKK
+2dCCjF8iC1eY8rNQiDWc37thb6S12m/aqREm/GDl9J2nWkvyo8fnb1IrGUOQ/wID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBRK2tOzK/icPgDBLnZLa197ulvj
+wTA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAHwgFmJQLP0a5r95ZTHh
+LRtTW23HzSBXDAFg85i86tp+Ts80L/wuTj4/bU2YAilsnifQhZBT/AiTOTZcdBhl
+UAYilBmc6R7XQ9c9sGVnDsLRyC+rMUlkHX+FZZy/3Lf9868ZQUyrULguxYCSX0w6
+Owj9zOSjG/Wd49qCL5Zt6fLGOukKrHrmn2hjRRRGysOGOJiZa8IXm7N7kt9qQ1gu
+/iaT93/gPh5+mZOJUN99mTd55XG9HCJsyizRSfAI+HOiudCOeZM4mXNdidiBPsHn
+iRzK2n9ZNw5aEPEbFTl5yuU4OdL1CKwQeCdokTCsV2SrMes9FUU96yAFFIIm2OVh
+KOECg8frQTVvu9drHqq33O6por7e2BBLQTMW2GoSNxuoxnEjXD167ObPhslN+C2h
+97b3xTBLZqPPhFHpfaL0q1g2peq8M64XrJhhz58+Yd2hDhYqclRyNfPMMgroLHPc
+FAFd2IsGDHE1S1IyokAkA+aegKiba0U8mqLIATCtpzZmYszk1qYdEKW+51YdIq/J
+iC8NJyA6yYz/BwjZgcyoZYayzMojOD3k1a3WU+w/Q3eJfjczQUmUmctXhJUd5UW4
+9AH46xRQNdls0mOctd5PY/nF9C8JFTIolUlzDmRFit4x0vYnqzWWkvzk6RuCj5K7
+mmaHVzHc92WR4ZH9hWMCcKIz
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQTY6hgcyOjJHurnso/ASPMTANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE0MDQwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDbks9YvCgav/w+EljODPiIGUkRmlalsRjXt/WTH46dBdY/
+TQRm2jKoABwOVkb93uvUhtnVjCBAiunAIOuYF9MM/oQw9OrB2T92oldc0lEmFWBs
+Qz0LZFI16OVp0DFVaqP40yFIkS2bh4/sgOgIC3sZfueQFhseFXjm7Walex3mk5AQ
+XmpSfn2JfhWL1pt35PVLGFRewOryz2G9eDlBw4kEn6jchXH0dDZFyIyonPHH3LUX
+BzrAkzVmgXxq9gj/OpY95AMvCABJuBgj/waJAGyjDVv2pImBrSCF2KUiWe86g7q3
+Xh7oTCfWNjB5IUdJpRyeX6ltuEC9rkbK5gj+dt9MnP89Zo0LpjxKiorVP2hsrcyr
+W9sVL11iqfKOktVm6mtFkciiljFmJGe7BbgVWh3/Iv6WZleF53CsS+OzSBgq/FeB
+ghydAfgGdcuRY86cRnRdxckU51njtXNaU4oLMC18w5Nmm3jwzbmM4tHNbIYvDEhs
+XRqF6rIHOj+Q0Or3kP+WJrWPggL2K45s0bSyMOqQZmEalYpo55QlVeCEFBP5ijhT
+xceTj3K1fMWJDU+/O0wSQpwnC1uIVW0LVEgz21ldR6TqVTejG6FTVBV1FrkhSmza
+5Wmlm6paqLt9ZOZQvecEJkSxRDKT4Sc/d79mtBpEC/W4Z6PkuWaDZzcfgibfQQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBREpAjstLMlSCv8loDTbhUpavZY
+9jA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAHGeCu41eyTVAYDctZj4
+h/gkv0ncVvlomJAJG/EnVM7kS5Nhvt8fWB6MPcffqmgNhzRxcE6vTeYEtV27Bm8E
+hSzsp+tXTh23DL4fh0GDOEx9sKJp+YY9cT0cTEgm36Ild/InzMFJk3Vf+uVklQus
+YuH1VY8LJZ/ilFhUSOBnNvaHuDLPv++RP6ZH838QNC7yddXaGqpcCcjdjIHle0So
+k4oY/JNJOHlOt1TCzXJbzmdlZzYb4+Vx2MXT0FdQ1i8xujCUM9PWSbpCweKr82zU
+qJZNjgPWXN1Bq3KqTNH4p5vBIc4xywUt31Hru2o9WQadpZRtTrp4tRwS3uG28ZX+
+zR/Ymbnt9pcWZSjcc4YmcOIOJWYciHDwfmz/eeWUiTaf4npwNmZtc7y1zYEP1lM3
+fM9Z7o7j75Am8Z3ASv0unUoUR7vByEPsqS1WrGtunatV1WQExC8yadK31EmkGdxA
+3go9rR+lGeCM5Sgwe7J6IBNJPJXKge2uDSFsZ/tWSGh9fIMXWPOPdmqnAJS4CTR0
+YvXkU0QmNX6mGSC25Kcc/FyCMABP4lzYlgj8TPbzpLwsQNhf5gQ77W+L+pU7hL9t
+xAHVtOypyOPZwYeemGMSdfXfTHQuOi2YEtsdaoyHE3O1Jn+EnlG0cp0UEV9eWbzT
+pqwE+N1BqBgNNMgKBeNou4B0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQI3hOeydgmxsa/PfPuiXXLDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE0MjAwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDbHHrbAFYKHPBTsdLdOkl+f0rN0/myCfiW7J2ypUkwShS+
+P/1SP+vjWRs7A8miCndvOBKioU/64ZbYIxcG9wiZv/SJ+QNjxAq/hoWPguMsWUED
+y3lec+1vOmOoagmOrm6Ek3Cdq1Qt01y/4Lq04jTIa8dFsDxi7+E+PjuJymDeto4b
+Rr9NFEBfnyDLYsHiXl3IiHMeJ3sWvrEHyuAqcz9zXGGBZCJ54zumaSRqj7F79yGM
+rxyWZdZ07mW1WSgQHYzC7HKCNcgneyjTiTKWmUy4mSjh3UoDzlu0y2X9jepAGpzu
+Oms/XVCV/sNRWI1L9ofRg5bNXK0hTrJDG0zjTSfpx1H+kqzX8PkfFAXeXrTy3nY1
+ghNrBZ/9b9P2tysUk8lsZ1ynvtXICjdK4KVCnZPxx5014TDAz1Qo7kAhlPlzXL9N
+0uu8BxLRp50AxvVNkQBvbxGOpJ2K4BEqqS6x4ApRl/DSdf9fBtaRXnMmxChKPnhv
+TK87h4JOVeeN0v5vWNMbASOPOucRUmAxY0sZjymNxO+n13AgD+Q2DMVSY6uN5u8E
+eTz981PkRsbBaZSkTS0YmZGGv6kzyMUKeSbTwmUz5vrqlf9vjDkP8RixDst3//KN
+XoeW21F+GK/SfeLUYK0k6tU4RnfPIk14pgYj5sjuInkjmwb4AE/UbXNli3ftcwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBQoSkKR1P6vNwCO54tK+URVUa1j
+8jA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW00LmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUZ+jxTk+z
+tfMHbwicDIPZetlb50kwDQYJKoZIhvcNAQELBQADggIBAArbW86BMRywggDIKNtz
+lQh1MwHfJQBSMslGFZc0JrWxkG1owvEe/cjiwjVaYPHCpQJLS2uo/Je3eUa2QOjI
+AwrArbuAEhRneNJOCpWMoGn5W+Dt/wcxsGIMgUuWbp04ER8bsjrFMtZBtSRYz6f6
+G+wZufjKxbLgh+mEKxY1IEwkhGBPZEzp8FCv1Wxn+dDEzV8PPvOk6XTHWFFw6aNp
+1IcTkD/VlaHAxZureLGy7K48zN3vBFuZlzNKzVDDfG7hbb7NYMQvkRr7PIVUPd0T
+AjJ/nERwoq3VzEu5CnKHDlj8TwH6k3zRzKKALsYb5c4xBKV/iAA9y/i7UFpyOg32
+R0IM2uHL9Qk+9JqPp2xsHIZXGOnsZ72yOsmweNPCs3DGakpe9WnSV9whtjWk4mTy
+CzQWsS119CprAC0X0itUOZmUr631DmeevKrxMGhRSEGgPlRVYPBYk9CulyAhyhg3
+n5Ctq0qF1We4RzXR47n4cK+PQ4d7i9sVtcdtoulhcX8ZKu84v2X4M4ZzAvn/84r/
+rNsAILr+SjTGzEJkjKiH8Ws6piDjxEUx5KnBIZOI/sZSLksF610nqhASZA4ebj08
+Sd3YbkNtGQCWNmBNnTdhUQxN4NIuO08dTQtiDSViDYnRqWFhFRgNeTqPJlHnnome
+HTWgo4Zp64FBcZHe603tTP1t
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQC7seFj6kM/ExwjLmQ+XIbDANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE0MDkwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDEzstOpvRPr2D7TyYt26x0BC94f7KFDzNcqTt0JVpbOAnk
+oQFcea53x1ak711tUgbS1hjonoWI18tifIg7UYEn4lRmm1lqtJzbLiYqwbhX/5tg
+DCFGDMZsL+JdVXZ3WMWX6VcqISoIRkkawo2wj2iYn4t81MDo7RNjxWTHqqJ7ZQHY
+xPdiie113PPcwZeDnG/cuIr1L5cnYtBsWVs8M5woYoBqzVmfaunc9LuTVkKCo+UY
+Ock4cTSl1PrKbA8pH2938TivBTArg+8DDptd0yPEvmNcEEH67lGlxFTK+ZIuP/Ac
+z6cZbxcRAoJMYs2AAeYESlSvxlN1gqXeLMkS7pq5cmBvzTq9U0LaLhDZZlETCRgg
+mcc54s01nkz8dTsk22CjCvs4Hd+E/LnRDITX/MLqtPy9YLl5TwoeSlRVtJDcDHL0
+sK7w3fWcqEROtmKe9eSy5pKfD5Xg0wSC4KwT649TiadW/A3S34Anm1xc8nntR9l1
+3Nk6nemRJtz6ykooCDMNvWogvR6hbWW48jz7/RfK5pdF15baGTp48BJ40KF8wKE0
+gUU8duySg020hWBAGwjTfssBVbJQ0osNHK0hg/7AK0CmLIvDV1Pw70tgf3sW8Jrt
+4CsKyEe19Ra1vUt4T1CAf4yt3qd+06wnaxT2z3HQ3ZZZFrkWJbsAmqNX8MyTMwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBQv5uiWPTfxGRSWeIDUEt42BhH6
+6DA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAFl1l63t5gqtR+h2jSHA
+fohjy+GJin19MuJEc2224IEnsbLu99AkhIVS4NU6H9Ag88Yr2vzi1ikizvOUDMRp
+uf2KtLxJzKNqWYWGRcNnWufq6WPt+eE5lE3Swwz99xkWFx2UTpz4ZmRsYZvZZ6Ik
+lmO5D3adB8m18M2QC1IDwHfICbYzIPzcyUZxRHiGPjCHZjT3I+bAiSUL+zd8HiVU
+aYjOUq8JSjOk54NMMsvqMBzWjRqOgQuiQlIJEctKi5pnhONWMnrCuezrUSKWODiM
+7EeTB4rs1T5VpRyKP8aKNhiPQ6owghONOUNTX9/CqndU6GnXeGRMRgje1py5kX7I
+vz89K3fPYtbjyZhW6FsMfTVojpzdT7bI4hs0XriVOrXDGJ/xQSp69hKonPKYdabX
+p7zPQgNNKjea04xqpgggzNwbkXxGjh27pD9gtBqCbB6Ix6KoY2T9Hy8NvwesIHNb
+8ZLW7mVd2/0fX87Y0zjKqXivxq50vgluoUF9ecT5dnCfqH6a8hzSSG9ECMfwZMYJ
+XiAzBcY5xcmUk/wnLK8mR769VYk4F0fhVs0zABVZvq+nx17ii3EV95AQ1NxYiCwJ
+t4q/rnFvq11RGD58axa/e2p+qJ97Mlc+XzIhKdMCp1+u4xyvZJMI8N42IoT7jpX3
+bk/Mx3ap6NJyWwROxVwvHWAU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQTsmYk45ApNn0l9c9npjfCDANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE0MDgwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCuDOkheTQ7LbBOZr4O4TX2llKeOklDeRjgTsZ75R0Eu9rT
+run9OzboBXvEaw+Vo0CG4erlsUCL2mXEoJPWnS/3Y6SAiKSi1usIkBppDqEt3HAe
+tCWqmeszuPIj3fxNOiE5jT6q8P1j3H/+w295pc4Zvxt/KwE80h08gvzpARPobzRA
+yuC0MHT92o7KrWbnpW9xugm3me7kreF9RypMAdEPbKldVN9cSq9PFQcg1TbmpoSz
++F2BAiR+rV3kjEAOe9QxTxONipP+B0b5rlwrx0zVvoyWjaKTo0N3D2K7GDxFfvoo
+VBsrsjNrfiLNqryC7N1tmq6fYtAz+ONUm1A8qPv+oUkfY7e+Dm86uvdm1h9onvkd
+XCzTP7/NHNj5aSa7ylFK+sAMhBOie4Z1FrdQjJMoyp9Wic/INWKyCJyzIZkpd07s
+l4hME1FBi8wU28M+sjyRjLna7vZPWK98u5yR77j92ux8T3GE4u74R/kyLglTd1DS
+AtdnFiC0/GKXBxvmSQUF1qnGNspK/NhT5dNUkmB+VzJBTo/Xnc5/uDn5nU8uD+PA
+pUW6KwQ5bwwsl33e8z52P2IrIbnuaiRypuDirW/rv55c0pB9wA9Y98xbJ4KKFNS3
+snFWWSLJ3FsIVusWyY9H3Q60REgCsD/RzP5CO+MwmJysj5KNJRZ/lUwUjNbaEQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBSp3th9XFQ1UFAXQn54rta4MAVl
+GDA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAJp3OMYNr/HRbqiO4c5x
+qwi6rH/SSKtGd4ag9DgzRku1RLu9jsvYPfFIy8L9ctbCs30fmLwiaiB3xpTRt+lT
+UWqql+JxDcJhv8s6uHY4OC/JUhEdfRYE+8lMC0ClPmRd/570Op16RtMVqds1aHDb
+Fmrc5p7RYb4RnSI2Nr1vGVDiZffzsx9o2dIz6HX35LPzzQ0acbO/y+jfprbvhEr9
+/2sI52SzN2xURqb4+s1vLX/PX7Hz7rYhsr8iVqzPFye85phH2qYeQ5YBZaTFBbm0
+oXCVC2ABmOZl5TUilu8RTmt+c5y4MKX+6xaeSakeUaQL738Nk/mNXH7/8jdkKfS9
+ksOrDL/ihIaciUlCn4RsOS27oCTAbDfRhQORcKnqDZiI8Cem7j0r3mGpFoQ4j2w9
+FO/21/MLJP4ib5vW691ce4RG2uyzDnDqPHGG8Fvp07NWlwU9OQtVNJlxVmQv4rHT
+u6CwCZ+Pw4G8EUYc02YoSRL8Z/mcErXpob9SIVv694nqERFkFp4376RXurzD0EuG
+Nh7VfV76taQAuFv7V6I94dwXjcJYPh5wCWS4b7K6oxFWxEokmGtyacsxPCCW6/OD
+xHwxw9kCfF7sbYZzLE9rtjkK0hqaVsyMNscWoafADjXbCZIMd5UsnfubkZCxsRGP
+HnIKfJpHN4ZvmxHyAZzJBsI7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQWvhO1x07aQqjuyq4/vwAeTANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xMzEw
+MjMxMTAwMDBaFw0yNTA2MjMxMTAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE0MTAwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDbHQVtE6o0ACm+FVUz0D7/KIFdkpZi9U3XPv/r/eKc3VhH
+f1H70VZoFt3aQ2J8vU4JrcPGVtBJiz/kL7JSYYb4mr9XWWdLAiiLcNVjTbFeNIxi
+VbzP230r2KWQPKEzIM1FpJA58CTar80Wjb0GF0O40Sp31Wnl9r9W+fYFH5jAyvZg
+Byu9EUUgOjBFom171IiY1pSAfR2CZezy4pykMZlraloKSrHlH2o13uizGslnsH99
+UJAea86h4LC+zaXAetgez/yMQBon80aCkY59mwFnM6ehv87+m1GOxeiYOry7PZ0r
+H3DI4lA+p7y70ZdZGNm++VByuSsygEAiw6e7ehL0WI4Z/u6pRc3dRRG5xWVHrfiU
+Q4s4btcO/KUobGIJiPI9lz3nt+Um3tMDS5MSIZIRBGZMWI+6tN9m3dl6l4+1SytT
+K+8W6zJWP6YWKdUF4DvyQ6sXAEtlMLgOyHMgpbIB+8pZPPE2xZ7fBsFxSU3/6Qyu
+345Dolrx8v4DzC3wX5kO9k253H/Am9RQnJcK/kDuLV1meo9gX8/UZhkZ0RkOsxpW
+sveyUTnM+keElSLUTFtBEqqDCrr39utxmp1kjdWj+vH+/G4VBhKw792ovPGp9Tnj
+mXXCKA093HbFBCreEr1MDjG0TtGCFJmPt6fOVsQF3/W/6fgSePG/KhKmp6CjcwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBQQUQLsZOO2xSS2l5L8MZVeNA81
+7DA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBABK+XaDidb2eLjtwL4Qc
+PHjmCMhiB6glSDWY7acaSsOTF+vfgRAQHaZlzjYch7g5B8/jYTibwFB0x1H+/p52
+y0xtYqOAKisul/NvYnyQ8TDZBz9FdZ6XLKk0D2AZR1Y3ZUHj8rbylXc8sWGtvpDA
+XULN1cp1NJ/eDFQpatjPBL/o+JulBL3wb2YGxvKewUSbGF/qL7jevsKtBSMBI+Hv
+ToMCqpvuY/zHRAUMUwnMSFx7LUWG1seGvG/AMRgn49fkLnaIfqUvZzCsITmcDr/Z
+x/1kfkBcunEB6i6D54bqNQy9Y2WgMp/FMHv7lrqStFtUZ+/R6uaSomt+hQBU+AzQ
+xgI6TWkNCCVizf12mg+igrA+8WExHpTDPpT1G+h6iW4Ejh9Kqng3O4M+k8Bf5wIU
+1gtDI2HTQUNiW8yLB5PCLylsxfRvxEaAV8vDme67JPLUKo2PGUtVGl409H9NIeGh
+jullXP3PQvlIQRxTmPXE7pH4KSJfmasQNZ+jcw70kMJtVafyvCRwOV30YUCfpxoQ
+sduRAMaslc65/pta9V9VXJhD0tFoEAyF8ct9YvS6fwJAGPRZ/eRIuqv0w5CGIwyt
+cZKjeXvtfSqcHtJDxuWdYE5hEoLT6xumoGNdJgQTeCSJg9LBjy9UI4OsAStt9ZJD
+/dpsbpBdSqUMiwzO/HTa76wW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGTjCCBTagAwIBAgIQBK55YGZmkBq5xX+mbFvczTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTMxMTA1MTIwMDAwWhcNMjgxMTA1MTIwMDAwWjBlMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBTSEEyIEFzc3VyZWQgSUQgQ0EwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc+BEjP2q178AneRstBYeiEEMx
+3w7UFRtPd6Qizj6McPC+B47dJyq8AR22LArK3WlYH0HtagUf2mN4WR4iLCv4un7J
+NTtW8R98Qn4lsCMZxkU41z1E+SB8YK4csFoYBL6PO/ep8JSapgxjSbZBF1NAMr1P
+5lB6UB8lRejxia/N/17/UPPwFxH/vcWJ9b1iudj7jkUEhW2ZzcVITf0mqwI2Reo2
+119q4hqCQQrc6dn1kReOxiGtODwT5h5/ZpzVTdlG2vbPUqd9OyTDtMFRNcab69Tv
+fuR7A+FEvXoLN+BPy4KKDXEY5KbgiSwb87JzPMGwkp4Yfb2rfcV9CKEswp9zAgMB
+AAGjggL4MIIC9DASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjA0
+BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0
+LmNvbTCBgQYDVR0fBHoweDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29t
+L0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNybDA6oDigNoY0aHR0cDovL2NybDMu
+ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNybDAdBgNVHSUE
+FjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwggGzBgNVHSAEggGqMIIBpjCCAaIGCmCG
+SAGG/WwAAgQwggGSMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
+b20vQ1BTMIIBZAYIKwYBBQUHAgIwggFWHoIBUgBBAG4AeQAgAHUAcwBlACAAbwBm
+ACAAdABoAGkAcwAgAEMAZQByAHQAaQBmAGkAYwBhAHQAZQAgAGMAbwBuAHMAdABp
+AHQAdQB0AGUAcwAgAGEAYwBjAGUAcAB0AGEAbgBjAGUAIABvAGYAIAB0AGgAZQAg
+AEQAaQBnAGkAQwBlAHIAdAAgAEMAUAAvAEMAUABTACAAYQBuAGQAIAB0AGgAZQAg
+AFIAZQBsAHkAaQBuAGcAIABQAGEAcgB0AHkAIABBAGcAcgBlAGUAbQBlAG4AdAAg
+AHcAaABpAGMAaAAgAGwAaQBtAGkAdAAgAGwAaQBhAGIAaQBsAGkAdAB5ACAAYQBu
+AGQAIABhAHIAZQAgAGkAbgBjAG8AcgBwAG8AcgBhAHQAZQBkACAAaABlAHIAZQBp
+AG4AIABiAHkAIAByAGUAZgBlAHIAZQBuAGMAZQAuMB0GA1UdDgQWBBTnAiOAAE/Y
+17yUC9k/dDlJMjyKeTAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzAN
+BgkqhkiG9w0BAQsFAAOCAQEATtSJJ7n9HYd3fg8oBZDxCi/JOz69k5yQxq/6kVGH
+MlRr6MrBcVFcmY61+uBiGZmmB5p8Eyfb5QKihBLZFfYKRFfENI9tcx861qABPd7j
+guRFa7LrJf2AXh05kL5bQvbOkWDj+aBWDEgQzjNoe82Tq/Bqy09YD7l7XRsEgZ6n
+IuJXSSfukpMIvmkIUwI6Ll3IGfRQgE4C2bBdkbSTh/mWloFVQI5m7YLYuyhf7Uxh
+7QZYKBlTEUS8RyApsgRs2IlUmTt122d4LB6SeMZVPVgSETJuvUMMTTTbe8ZC2+y+
+q5thTAaS447fISpQVwTAYKI11SSeZjcJSc/V+GWz4OJuwg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGXDCCBUSgAwIBAgIQCce327J4JDeRGV5qsTOHEDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTMxMTA1MTIwMDAwWhcNMjgxMTA1MTIwMDAwWjBmMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSUwIwYDVQQDExxEaWdpQ2VydCBEb2N1bWVudCBTaWduaW5nIENBMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylEWOneZ9RYkqbXk5t6VejEN
+Sp1qy30lfKSbnIT6CDRo9QkmPjFFsCFITNWZlYafGp139rtnD6VanKUP+5vl0hgq
+68ZUDGKII2KrYZZuTxdiHoGs6RDmw525tvbl4ezGrkstm0iHY7wdn2ClFo/9kutx
+NMhexhXYikr8EzYwqg02HC3QDk+1MeRZTvQLMrlibHVl+HqJs5NbNEiw+Ev1IFaD
+pUj1jZRjTAMnqTBVZ5UVGylAI520qMcNZQCzEegiT29EmOT+cnXiuqwxTV3hD6aU
+LKDIKN2oRgU4jhAUmqo/hBbiTlqSX4WzRs1BFG/+yvqvva01Ci2BLJ+2/M0O0wID
+AQABo4IDBTCCAwEwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYw
+NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
+dC5jb20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNv
+bS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcmwwOqA4oDaGNGh0dHA6Ly9jcmwz
+LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcmwwHQYDVR0l
+BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMIIBwAYDVR0gBIIBtzCCAbMwggGiBgpg
+hkgBhv1sAAIEMIIBkjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQu
+Y29tL0NQUzCCAWQGCCsGAQUFBwICMIIBVh6CAVIAQQBuAHkAIAB1AHMAZQAgAG8A
+ZgAgAHQAaABpAHMAIABDAGUAcgB0AGkAZgBpAGMAYQB0AGUAIABjAG8AbgBzAHQA
+aQB0AHUAdABlAHMAIABhAGMAYwBlAHAAdABhAG4AYwBlACAAbwBmACAAdABoAGUA
+IABEAGkAZwBpAEMAZQByAHQAIABDAFAALwBDAFAAUwAgAGEAbgBkACAAdABoAGUA
+IABSAGUAbAB5AGkAbgBnACAAUABhAHIAdAB5ACAAQQBnAHIAZQBlAG0AZQBuAHQA
+IAB3AGgAaQBjAGgAIABsAGkAbQBpAHQAIABsAGkAYQBiAGkAbABpAHQAeQAgAGEA
+bgBkACAAYQByAGUAIABpAG4AYwBvAHIAcABvAHIAYQB0AGUAZAAgAGgAZQByAGUA
+aQBuACAAYgB5ACAAcgBlAGYAZQByAGUAbgBjAGUALjALBglghkgBhv1sAxUwHQYD
+VR0OBBYEFO/ONZPO9obF+IT1DOdab9kvS+NkMB8GA1UdIwQYMBaAFEXroq/0ksuC
+MS1Ri6enIZ3zbcgPMA0GCSqGSIb3DQEBCwUAA4IBAQBZcM33MOO0+lPLfAGE8hQG
+CcL7ZEtlXqJe+QxUvd1mrVyE+N+Pemp3s+gskg9FmXKh9nU4kiUphbJuQWsF3f/6
+4Z62HMQoXCF/o+fRoTHmBoqfUouM40z6Ier1rc8f2FWN3NQrsXfngxCpt1zCMTmY
+mAp5dyH199lwXcVmAhGblcDLrYk2CsCD6wqBnb3duPDTB1ESi5ttyu5Eswj0kXn+
+9eBiEfL3eWn7nZnJx68B506D7b4dzBCAxW82zzVU0YtHi3ZZwAwJyWqxZMst90/p
+O6c2IEnk9xfwew8hT0fTjtKQpGltT9IU4sdl0jqMsU+VFB+ccTNJ9lWsvqCwEeqA
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIGiDCCBHCgAwIBAgIEAJiiPDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
@@ -2686,100 +3714,288 @@ qHfgR3Fvq3VT7tGVhw/yCAtnHq6pe2uarGHFkik8rCbqlGQktVcdQthJGV1GqBm7
 aow+p8lTbpUo3/5HAL8fjVLmsiSsyCviPXDHX/ElBvwxDzu9c1MZJaS1b18=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFWTCCBEGgAwIBAgIQPXjX+XZJYLJhffTwHsqGKjANBgkqhkiG9w0BAQsFADCB
-yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
-ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
-U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
-ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IC0gRzUwHhcNMTMxMjEwMDAwMDAwWhcNMjMxMjA5MjM1OTU5WjB/MQsw
-CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV
-BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxMDAuBgNVBAMTJ1N5bWFudGVjIENs
-YXNzIDMgU0hBMjU2IENvZGUgU2lnbmluZyBDQTCCASIwDQYJKoZIhvcNAQEBBQAD
-ggEPADCCAQoCggEBAJeDHgAWryyx0gjE12iTUWAecfbiR7TbWE0jYmq0v1obUfej
-DRh3aLvYNqsvIVDanvPnXydOC8KXyAlwk6naXA1OpA2RoLTsFM6RclQuzqPbROlS
-Gz9BPMpK5KrA6DmrU8wh0MzPf5vmwsxYaoIV7j02zxzFlwckjvF7vjEtPW7ctZlC
-n0thlV8ccO4XfduL5WGJeMdoG68ReBqYrsRVR1PZszLWoQ5GQMWXkorRU6eZW4U1
-V9Pqk2JhIArHMHckEU1ig7a6e2iCMe5lyt/51Y2yNdyMK29qclxghJzyDJRewFZS
-AEjM0/ilfd4v1xPkOKiE1Ua4E4bCG53qWjjdm9sCAwEAAaOCAYMwggF/MC8GCCsG
-AQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDovL3MyLnN5bWNiLmNvbTASBgNV
-HRMBAf8ECDAGAQH/AgEAMGwGA1UdIARlMGMwYQYLYIZIAYb4RQEHFwMwUjAmBggr
-BgEFBQcCARYaaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9jcHMwKAYIKwYBBQUHAgIw
-HBoaaHR0cDovL3d3dy5zeW1hdXRoLmNvbS9ycGEwMAYDVR0fBCkwJzAloCOgIYYf
-aHR0cDovL3MxLnN5bWNiLmNvbS9wY2EzLWc1LmNybDAdBgNVHSUEFjAUBggrBgEF
-BQcDAgYIKwYBBQUHAwMwDgYDVR0PAQH/BAQDAgEGMCkGA1UdEQQiMCCkHjAcMRow
-GAYDVQQDExFTeW1hbnRlY1BLSS0xLTU2NzAdBgNVHQ4EFgQUljtT8Hkzl699g+8u
-K8zKt4YecmYwHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwDQYJKoZI
-hvcNAQELBQADggEBABOFGh5pqTf3oL2kr34dYVP+nYxeDKZ1HngXI9397BoDVTn7
-cZXHZVqnjjDSRFph23Bv2iEFwi5zuknx0ZP+XcnNXgPgiZ4/dB7X9ziLqdbPuzUv
-M1ioklbRyE07guZ5hBb8KLCxR/Mdoj7uh9mmf6RWpT+thC4p3ny8qKqjPQQB6rqT
-og5QIikXTIfkOhFf1qQliZsFay+0yQFMJ3sLrBkFIqBgFT/ayftNTI/7cmd3/SeU
-x7o1DohJ/o39KK9KEr0Ns5cF3kQMFfo2KwPcwVAB8aERXRTl4r0nS1S+K4ReD6bD
-dAUK75fDiSKxH3fzvc1D1PFMqT+1i4SvZPLQFCE=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIETTCCAzWgAwIBAgIDAjpxMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMTMxMjExMjM0NTUxWhcNMjIwNTIwMjM0NTUxWjBCMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSUmFwaWRTU0wg
-U0hBMjU2IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1jBEgEu
-l9h9GKrIwuWF4hdsYC7JjTEFORoGmFbdVNcRjFlbPbFUrkshhTIWX1SG5tmx2GCJ
-a1i+ctqgAEJ2sSdZTM3jutRc2aZ/uyt11UZEvexAXFm33Vmf8Wr3BvzWLxmKlRK6
-msrVMNI4/Bk7WxU7NtBDTdFlodSLwWBBs9ZwF8w5wJwMoD23ESJOztmpetIqYpyg
-C04q18NhWoXdXBC5VD0tA/hJ8LySt7ecMcfpuKqCCwW5Mc0IW7siC/acjopVHHZD
-dvDibvDfqCl158ikh4tq8bsIyTYYZe5QQ7hdctUoOeFTPiUs2itP3YqeUFDgb5rE
-1RkmiQF1cwmbOwIDAQABo4IBSjCCAUYwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwR
-fap9ZbjKzE4wHQYDVR0OBBYEFJfCJ1CewsnsDIgyyHyt4qYBT9pvMBIGA1UdEwEB
-/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMDYGA1UdHwQvMC0wK6ApoCeGJWh0
-dHA6Ly9nMS5zeW1jYi5jb20vY3Jscy9ndGdsb2JhbC5jcmwwLwYIKwYBBQUHAQEE
-IzAhMB8GCCsGAQUFBzABhhNodHRwOi8vZzIuc3ltY2IuY29tMEwGA1UdIARFMEMw
-QQYKYIZIAYb4RQEHNjAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdlb3RydXN0
-LmNvbS9yZXNvdXJjZXMvY3BzMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFTeW1h
-bnRlY1BLSS0xLTU2OTANBgkqhkiG9w0BAQsFAAOCAQEANevhiyBWlLp6vXmp9uP+
-bji0MsGj21hWID59xzqxZ2nVeRQb9vrsYPJ5zQoMYIp0TKOTKqDwUX/N6fmS/Zar
-RfViPT9gRlATPSATGC6URq7VIf5Dockj/lPEvxrYrDrK3maXI67T30pNcx9vMaJR
-BBZqAOv5jUOB8FChH6bKOvMoPF9RrNcKRXdLDlJiG9g4UaCSLT+Qbsh+QJ8gRhVd
-4FB84XavXu0R0y8TubglpK9YCa81tGJUheNI3rzSkHp6pIQNo0LyUcDUrVNlXWz4
-Px8G8k/Ll6BKWcZ40egDuYVtLLrhX7atKz4lecWLVtXjCYDqwSfC2Q7sRwrp0Mr8
-2A==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGxDCCBKygAwIBAgIUdRcWd4PQQ361VsNXlG5FY7jr06wwDQYJKoZIhvcNAQEL
-BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
-BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0xMzEyMTcxNDI1MTBaFw0yMzEy
-MTcxNDI1MTBaMF4xCzAJBgNVBAYTAlVTMTAwLgYDVQQKEydIeWRyYW50SUQgKEF2
-YWxhbmNoZSBDbG91ZCBDb3Jwb3JhdGlvbikxHTAbBgNVBAMTFEh5ZHJhbnRJRCBT
-U0wgSUNBIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA9p1ZOA9+
-H+tgdln+STF7bdOxvnOERYyjo8ZbKumzigNePSwbQYVWuso76GI843yjaX2rhn0+
-Jt0NVJM41jVctf9qwacVduR7CEi0qJgpAUJyZUuB9IpFWF1Kz14O3Leh6URuRZ43
-RzHaRmNtzkxttGBuOtAg+ilOuwiGAo9VQLgdONlqQFcrbp97/fO8ZIqiPrbhLxCZ
-fXkYi3mktZVRFKXG62FHAuH1sLDXCKba3avDcUR7ykG4ZXcmp6kl14UKa8JHOHPE
-NYyr0R6oHELOGZMox1nQcFwuYMX9sJdAUU/9SQVXyA6u6YtxlpZiC8qhXM1IE00T
-Q9+q5ppffSUDMC4V/5If5A6snKVP78M8qd/RMVswcjMUMEnov+wykwCbDLD+IReM
-A57XX+HojN+8XFTL9Jwge3z3ZlMwL7E54W3cI7f6cxO5DVwoKxkdk2jRIg37oqSl
-SU3z/bA9UXjHcTl/6BoLho2p9rWm6oljANPeQuLHyGJ3hc19N8nDo2IATp70klGP
-kd1qhIgrdkki7gBpanMOK98hKMpdQgs+NY4DkaMJqfrHzWR/CYkdyUCivFaepaFS
-K78+jVu1oCMOFOnucPXL2fQa3VQn+69+7mA324frjwZj9NzrHjd0a5UP7waPpd9W
-2jZoj4b+g+l+XU1SQ+9DWiuZtvfDW++k0BMCAwEAAaOCAZEwggGNMBIGA1UdEwEB
-/wQIMAYBAf8CAQAweAYDVR0gBHEwbzAIBgZngQwBAgEwCAYGZ4EMAQICMA4GDCsG
-AQQBvlgAAmQBAjBJBgwrBgEEAb5YAAOHBAAwOTA3BggrBgEFBQcCARYraHR0cDov
-L3d3dy5oeWRyYW50aWQuY29tL3N1cHBvcnQvcmVwb3NpdG9yeTByBggrBgEFBQcB
-AQRmMGQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNv
-bTA2BggrBgEFBQcwAoYqaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9x
-dnJjYTIuY3J0MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBQahGK8SEwzJQTU
-7tD2A8QZRtGUazA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnF1b3ZhZGlz
-Z2xvYmFsLmNvbS9xdnJjYTIuY3JsMB0GA1UdDgQWBBSYarYtLr+nqp/299YJr9WL
-V/mKtzANBgkqhkiG9w0BAQsFAAOCAgEAlraik8EDDUkpAnIOajO9/r4dpj/Zry76
-6SH1oYPo7eTGzpDanPMeGMuSmwdjUkFUPALuWwkaDERfz9xdyFL3N8CRg9mQhdtT
-3aWQUv/iyXULXT87EgL3b8zzf8fhTS7r654m9WM2W7pFqfimx9qAlFe9XcVlZrUu
-9hph+/MfWMrUju+VPL5U7hZvUpg66mS3BaN15rsXv2+Vw6kQsQC/82iJLHvtYVL/
-LwbNio18CsinDeyRE0J9wlYDqzcg5rhD0rtX4JEmBzq8yBRvHIB/023o/vIO5oxh
-83Hic/2Xgwksf1DKS3/z5nTzhsUIpCpwkN6nHp6gmA8JBXoUlKQz4eYHJCq/ZyC+
-BuY2vHpNx6101J5dmy7ps7J7d6mZXzguP3DQN84hjtfwJPqdf+/9RgLriXeFTqwe
-snxbk2FsPhwxhiNOH98GSZVvG02v10uHLVaf9B+puYpoUiEqgm1WG5mWW1PxHstu
-Ew9jBMcJ6wjQc8He9rSUmrhBr0HyhckdC99RgEvpcZpV2XL4nPPrTI2ki/c9xQb9
-kmhVGonSXy5aP+hDC+Ht+bxmc4wN5x+vB02hak8Hh8jIUStRxOsRfJozU0R9ysyP
-EZAHFZ3Zivg2BaD4tOISO8/T2FDjG7PNUv0tgPAOKw2t94B+1evrSUhqJDU0Wf9c
-9vkaKoPvX4w=
+MIIGSDCCBDCgAwIBAgIEAJiiRjANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDE1MDkzN1oX
+DTI4MTExMjIzMDAwMFowaTELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl
+ciBOZWRlcmxhbmRlbjE6MDgGA1UEAwwxU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9y
+Z2FuaXNhdGllIFBlcnNvb24gQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAL5i6Bk6ei6+96HCdS3EBJGBcN9Zn3vNRRex4IRjbwAWeAVI6SR3
+9R6YNiL/lOeTQkvnWsRb1cpWSFCCLExY65UzjwxWUD/Qw55Yx/6uxoJ4bYjI33Ud
+QZuUyx1vbf97d4KadXLpixkwbswLMuF6o+P4vd8Kl0ZEfoFI7Ky3Lt6Z1V1s3C2D
+0sIH+EvxA143s6imwkRFz1ffKEl34D2QAFBcIUt4hRIW88emy0QCDY/rQjOJvfGu
+BrnSQXDLVDQGh/vAM2nLz9hr9pz7sK+KxJOa4PYqSpwgyPV1O25IQNU8M22OPask
+Q5DhaW7wahXZVjoBhJJqIwl5CVWTidOh9/N4J9gkfdLj8Um99BApfyTLSZdXzHm9
+FOvJB2boXJLsOonpNwWtqd69CDlGqaXVnApUKwWNvA8pul++6J6ErorHlISuSlLD
+ULlDyAk6K2zdqK9OjYInUY2BkJFkygzTkOjg0oa63ksln1NekN/tyXDFFvFZB1IQ
+Q24RrXMYqXN8dX/wWuxDDCj+lmQyMjf0j+QzcVJIGmgm1eZLA/9wQWRypzlpbyyh
+Yp1ShPzzs4CyQB9DqpzAohm39TR0EwN63AaTNlyO7c4z7aIVu2c7bYgJdd30J6MC
+gW0d6e3d7+jtGtyf4jhOCVK0F+2Vl5HreZIGxTYFDA+FKspOBse7xd6nAgMBAAGj
+ggEFMIIBATAPBgNVHRMBAf8EBTADAQH/MF0GA1UdIARWMFQwDAYKYIQQAYdrAQIF
+ATAMBgpghBABh2sBAgUCMDYGCmCEEAGHawECBQMwKDAmBggrBgEFBQcCARYaaHR0
+cHM6Ly9jcHMucGtpb3ZlcmhlaWQubmwwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQY
+MBaAFFSt+seSV67KNZwuEvvkul0g3JRXMD8GA1UdHwQ4MDYwNKAyoDCGLmh0dHA6
+Ly9jcmwucGtpb3ZlcmhlaWQubmwvUm9vdExhdGVzdENSTC1HMy5jcmwwHQYDVR0O
+BBYEFO6sbUDq1QRqhyxVe/U/Ldru26ziMA0GCSqGSIb3DQEBCwUAA4ICAQAc0SFs
+KlBFkqBzLK5lYqEK2QLsFRL8LUs/M0lgPagWV6s821nXdpsizZN5ogXzHwspo+vw
+wHh0q88CNZ8tsm2pwVNz36eQsPRL2sPlz82VVVZf59gYsfoTcH2ID7n5mtT0YeHT
+k5ESYIJhQfxv9JGa24QMN3EXPetPNpJYdW0yQUbejwpsE4eSV95FPweb7DqfsEfW
+1kNgsZ2lF2CJQ3KvKOlJmuQHRCiS9FC278ysBHQZHUK4WcabDKg2/C3B1JH2QeaI
++S1Vdy3hldxgfrhj2jiUGbddDvLah3vxWeu0FuymAfyz1xmPSOsllKqms6aevdF4
+JW8kBBUaNI5d8X+9TpRFMrV79udP7amHxpreX3XRBrF4mG1EK4zCVUDxSm+4BjvZ
+y2cfMdTV6PpAzHI2I2ljqy7eofDphlILUSvKBD/OUmaFvvGmj8/nXWj4lo6Zj8Yw
+huM3/B/ivITuqgyJkAXsFc4r5135VT+h6UVFk6G9rrMBaqBCO5nSwt8woXs9e85T
+v7kLA1lSezbKCeJ6QPoKLQbSJL/aVNyv6BAR/1ySUH5jsTeXHg/yEI42KfszLaM6
+ckD1Q+nXlqscn0toycwkA93mt7pfHxote8UGv+qyIky8MW1+lDXLjhqfHt7Hkdlv
+nRbsryYG+8XwaaUqYyo74oTC45c56ey4gAGgBQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGOzCCBCOgAwIBAgIEAJiiRzANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNDE2MDgxMloX
+DTI4MTExMjIzMDAwMFowXDELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl
+ciBOZWRlcmxhbmRlbjEtMCsGA1UEAwwkU3RhYXQgZGVyIE5lZGVybGFuZGVuIEJ1
+cmdlciBDQSAtIEczMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1mSv
+ha9/607di6OCl05lITaHZo97HY3n/MfkOPZU7N6cnNrqdTqoGBGF5IDvz/BeQ2fh
+qYpLyLWp0ihNEqJpAgBo3ZesO5cSx7plAIz3/TNUGgIe1QMs3yFhA1/jmzwFrVds
+R+aaEyAd6a5sx5d/BlejrxulZx/TzlUdpDXguldgeZbIY5N2+YaYF6Dugp2oA1fX
+jTFJpKkHksb+lawhQbg0i4qz5pAxJBDV96kI5Rhyw/jj8aECFlz8rtnxMWzu1dZU
+JpwCMFhBgtW8jZB9avkLl478aZXA3lPLJ3d8iqaoa3uwEi2gYIk2Wss2YaWqSH+3
+jGe8IQ1g3N84RhFbp6u/oFKCQhdw6Ep+KJVRiVtAJ+f+WysaarUZUnLjSZ7RmisO
+lKVOjHcM5SAhH1h+CO2TJMb/n5CeJWqsvWzYF8oHkp0CTwGXYwv9AaEIHrLeOsQa
+O2fQGR3ve2xmTrZ/RsbF3l/4AAxD3zKJR7ZK6Wq//cyfk2eLXte8038GIOuR32yw
+zq0WaAHiHdSOUwJ9A4ESali8LVkWFb1gB02q48m0etNUS2iLWMpUoNkDPmQDf+zs
+l41P4hGOGhQHUPaSC8C2ng0ApusCdHRBFfQ5VCxApqVyqtv7qjS0MaO0ZJ/011tz
+N4wBIUuAimcqHK4aFnqVjXZ/f+b+D3kzAfR81IcCAwEAAaOCAQUwggEBMA8GA1Ud
+EwEB/wQFMAMBAf8wXQYDVR0gBFYwVDAMBgpghBABh2sBAgMBMAwGCmCEEAGHawEC
+AwIwNgYKYIQQAYdrAQIDAzAoMCYGCCsGAQUFBwIBFhpodHRwczovL2Nwcy5wa2lv
+dmVyaGVpZC5ubDAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUVK36x5JXrso1
+nC4S++S6XSDclFcwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NybC5wa2lvdmVy
+aGVpZC5ubC9Sb290TGF0ZXN0Q1JMLUczLmNybDAdBgNVHQ4EFgQU/2h1Qn36b8da
+kzifNUTQqi0AsokwDQYJKoZIhvcNAQELBQADggIBADrRjY3nfuEF6GBlbd+hphQ7
+kegKoO9SRtfBmimpMgK+uDdqHAmCC4IXsph2pGhGKSvblVh6jKGKwE964Q0XbHgK
+dWJZ34M77Wf8uoiZm6h+qVIC6uRM4QpkJzqwMC6hPB95WRqe4V12aCZbUDEUFGwN
+Rd6TsW4wyV7KIFy46TV+8EeFka+lwEVkt3y8lZ2KBgj6IfUACOOCN/uxNMxAg+f2
+nfLzE57JBXkqCb5wNOuccaiqpij/ZDHhmcRfiyQRl0H4XSDR/4JqfSwY8z30oVJg
+B/QOF8ZSXtdHJIiaSq8Tmp+3vlIi1OpG6/Gc7bd2G2CIDhyb5Hg5wKJVzMpRmMUQ
+Xn4kQ+CgnNICdFHmda+LPp/8gGwE04a979CV5oBjKL2SBiFZ3KA81F1QKpjjAj0M
+W65obVOvL1Gq3JezkWK184dMPpxpQBHJyGq8vVpl1e9OzJHT30Vidp+7y6llZ/aV
+69w287sr7iDEKlL+RdrXzdXoMlRYm4O6/2KBOingxcDq5XZSecAOTj2eUXSeqUu8
+LCRvgWBV/EQlviqbk5d3AG0HxaSCfc3FYmGob8hMWtovvkBddnRSrcSTvqBYbDUN
+XTqoG0R4MKrzDF387d5Shk7rq78kU0ZRnvgS6ow1bHUtG98piNN4e/zNRxCgnka5
+Af4jQMeoZwscW7mBgf2l
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGRzCCBC+gAwIBAgIEAJiioDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJO
+TDEeMBwGA1UECgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFh
+dCBkZXIgTmVkZXJsYW5kZW4gUm9vdCBDQSAtIEczMB4XDTEzMTExNTA5MDQ1OVoX
+DTI4MTExMjIzMDAwMFowaDELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRl
+ciBOZWRlcmxhbmRlbjE5MDcGA1UEAwwwU3RhYXQgZGVyIE5lZGVybGFuZGVuIEF1
+dG9ub21lIEFwcGFyYXRlbiBDQSAtIEczMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEAmZ7UyhfSvaAe3Tto1leGvIYl7Uotkg9yy8y0gev/IxOSKx9sLbkj
+4vXs7VJBKcqvsyC58lCeVnIHYoNx1k8oChL0vbKfDtzL3Um50t5ZAKz7z0JEfKLN
+y8q94nU91G58kCB+s2sAZ7YNIjXp8O/0tr117nQhsBp4pEu0A+2ykRkprn588lo3
+rxVXZu9Y0yQw1oD5UOsLyMklV+0tQtFB0xpWsvZJoCUR6uGnlMV17rvPa2PN2PgF
+qs5uEdsbhOhA13TS96nM2WE+e8q75My3mAn5X6rT76wWE5P0SIE9UBQKCtpiHCas
+9Ud+e9BGFmIr/dPMxEPxhRN/QHVW4cl7dF9tojuo2Ac6t30jiDQWQyrY6sUoAsOy
+pOn1LfKhROV999zSZ2hVEHd5ww+vyNed/5/GvKF74+eVX0Ovu2SrXpNyPkwQSwNQ
+/ShBrnyy2oX10beFUiqaoFOxmnCgfDulA9keE5swDQDkhQzEbLGKU4UB//5rylCB
+03vuD6RFHykztglq4xMfHUhiOgO9pcD8zKGdnhCmi9vLaG5aRDsPX4bO4NbOHj1Y
+LKW3Rem2gEsswYBt20mVoFGNq2B3foJIPWERQWbFm/IXpuJUk3M17RN6TW7KGCbj
+Trvv921ZRw8kwl0h+OFiioWPopDI8Sh5a8j6hLhcIVONl1miJCgGVJ0CAwEAAaOC
+AQUwggEBMA8GA1UdEwEB/wQFMAMBAf8wXQYDVR0gBFYwVDAMBgpghBABh2sBAgYB
+MAwGCmCEEAGHawECBgIwNgYKYIQQAYdrAQIGAzAoMCYGCCsGAQUFBwIBFhpodHRw
+czovL2Nwcy5wa2lvdmVyaGVpZC5ubDAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgw
+FoAUVK36x5JXrso1nC4S++S6XSDclFcwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDov
+L2NybC5wa2lvdmVyaGVpZC5ubC9Sb290TGF0ZXN0Q1JMLUczLmNybDAdBgNVHQ4E
+FgQUbRslAl3gSPRuE3XiV4SdUPMwFEMwDQYJKoZIhvcNAQELBQADggIBACiGmS3h
+H32JNER6NkU9vcDxuLkp6aiJuAIIZll9LbMl5mVOU9I706yCj5Wypnf/y6nxuZm9
+lNh9ic8fvSr1Jn3Pb1zpe+wXPO0XGy8OFjvsgXySFLDPPOF1PZSUptG/7jaGotfa
+M1uFHuBBw/0K1GwPJimCI1MAXR+E4SVS6z5WWHAZr/A7xi5qR9HQih7xK6h1+g8f
+WC4Jdj3QO+kzHt61kEiZn4wE5F6ckLCTYPl6vTXWBsK8/B66R8M0zsANKco6M+D8
+dES9DOL/N9h4rExgHXQ1RPZ6Cm0zEHEGlQvHTzZPS3mhBHO1OuAFlUu4J+R5c/cM
+yZeWb2GbblxYqF4MOXv1NQpnrjvPy7nJFfFRHSITh5QZHQeNyS9c0RZAJxE1ol+T
+vLaEhnwNqmcJNHJq8c7HC1OK/zIelvvyBmofC+ke3a8DAAWiPeLElbBqQbWsPb4s
+dryHRNUN+A4pb9vlsT94Fc1VOdU5gHHoMDNM1PwEqg0pxM/k7H53X4J/MoNEx1zg
+mP9i4WbpfPwJYrHkf5MlvUEXNNS6Km5nIOur5dJ/EnRmuLODTjYOHniHKWv/rhLS
+CCB9XzOdh1QFAOhJgYqHoAh/epcgaZb7IyYLJv4uSTt+quc40eHH3dagVOHCI+zV
+jIbY/z8GlY+Rlh67XW2a7PcjDMRmwsilXZ5j
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGMDCCBRigAwIBAgIDD+Q7MA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD
+QSAzIDIwMTMwHhcNMTMxMjE3MTI0OTEwWhcNMjgwOTIwMDgyNTUxWjBDMQswCQYD
+VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR0wGwYDVQQDDBRFLk9OIEdy
+b3VwIENBIDIgMjAxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM8N
+l0zs0ovThYiSC3PfdeQ02NXu1IypCXOISSmcfU+XFF7bcfmDVECUcBpBpjCU8SCy
+xCzZnoke095+94T1l5wXaIjVTtx55grkQ5lIzdsEVb9zunDZfPMPRCZDETrcaHkB
+aMFuu4wamrS0tvBOCoBlHKD0ddJF+m6YDn1odGwAnfFcbMQfs66C8ma5GyZFU4kR
+IbdTCR5SCjJ9SuV+bFqZzTfgfRqtOLuvdNrOZO2G7LQRie98wh0jcdFyaPEITyr6
++C91zlpBTsesOJGaEPo3wdZ9gZkj0POBR0fMQQzug8W6AQSBYkHYsJuzgD8fchcz
+DcsR/+fFULu0DL5Br/sCAwEAAaOCAykwggMlMB8GA1UdIwQYMBaAFD+QyH3HFW/z
+JI+pwy9Log8hsi/nMIIBTgYIKwYBBQUHAQEEggFAMIIBPDAyBggrBgEFBQcwAYYm
+aHR0cDovL3Jvb3QtY2EtMy0yMDEzLm9jc3AuZC10cnVzdC5uZXQwSgYIKwYBBQUH
+MAKGPmh0dHA6Ly9wa2kuaW50cmFuZXQuZW9uLmNvbS9jYWNlcnRzL0QtVFJVU1Rf
+Um9vdF9DQV8zXzIwMTMuY3J0MEUGCCsGAQUFBzAChjlodHRwOi8vd3d3LmQtdHJ1
+c3QubmV0L2NnaS1iaW4vRC1UUlVTVF9Sb290X0NBXzNfMjAxMy5jcnQwcwYIKwYB
+BQUHMAKGZ2xkYXA6Ly9jZHAtbGRhcC5pbnRyYW5ldC5lb24uY29tL2NuPUQtVFJV
+U1QlMjBSb290JTIwQ0ElMjAzJTIwMjAxMyxvdT1jYSxvPWVvbixjPWRlP2NBQ2Vy
+dGlmaWNhdGU/YmFzZT8wZgYDVR0gBF8wXTBbBgsrBgEEAaU0AoFIATBMMEoGCCsG
+AQUFBwIBFj5odHRwOi8vd3d3LmQtdHJ1c3QubmV0L2ludGVybmV0L2ZpbGVzL0Qt
+VFJVU1RfUm9vdF9QS0lfQ1BTLnBkZjCCAQYGA1UdHwSB/jCB+zBBoD+gPYY7aHR0
+cDovL3BraS5pbnRyYW5ldC5lb24uY29tL2NybHMvRC1UUlVTVF9Sb290X0NBXzNf
+MjAxMy5jcmwwO6A5oDeGNWh0dHA6Ly9jcmwuZC10cnVzdC5uZXQvY3JsL2QtdHJ1
+c3Rfcm9vdF9jYV8zXzIwMTMuY3JsMHmgd6B1hnNsZGFwOi8vY2RwLWxkYXAuaW50
+cmFuZXQuZW9uLmNvbS9jbj1ELVRSVVNUJTIwUm9vdCUyMENBJTIwMyUyMDIwMTMs
+b3U9Y2Esbz1lb24sYz1kZT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/
+MB0GA1UdDgQWBBQu7h/x28HWct1C1TXtzy5RumGyZTAOBgNVHQ8BAf8EBAMCAQYw
+DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAM5zTymCq3p7Qp/2p
+E37bRNY3XusXxcAMMpebMUARBVVhkrXqYIzlWkaQDwRP67cYOxf53RyHLbGsFwxF
+FjqLd7u9BRNxJ7ax5bi3Pwkey3Xw+64bAy4nJ59paWtHBS/OtpgPcZS1t7MaB309
+kH/qm0oJgO7+jl77OIrtf6QYPwOidhpSQBCzqqmcRfYu6ch77R7eTwjwNfjxr1dJ
+N8ZCm+yzVUcmXssPZv6kzogRcN+Z9KOhm2wfSwjr4dQPbeyB96sMUeRMjQYku0C5
+36w6ygPI58CkgweCpr+Qx+0q13ftIIDuzKOvg4c2HUuEGTayb3fIFak7bjP+DZOU
+Afxyjg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGAzCCBOugAwIBAgIDEBymMA0GCSqGSIb3DQEBCwUAMEMxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHTAbBgNVBAMMFEUuT04gR3JvdXAgQ0Eg
+MiAyMDEzMB4XDTEzMTIxNzEzMDcwOVoXDTI4MDkyMDA4MjU1MVowSTELMAkGA1UE
+BhMCREUxEDAOBgNVBAoMB0UuT04gU0UxCzAJBgNVBAsMAkNBMRswGQYDVQQDDBJF
+Lk9OIENBIDIgMjAxMyBYWEkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCi0FomtqedrDB17XvBOLHFcmJDv5C+1Is+hVx59CxkYbI7uQ0otPCbwa8BTPSt
+N8lhFspsak8kA9Iv6ccXSrYF6fL0bG2IryyYQDQEKrbtv9HbBzqCKHtR20B4bXF5
+rq5YQof872enbKplBg+9lHaRZWsvJlXwuRIEsdy8cgnIXMLsUclGXaKVvjJVUnq3
+S+fNCJzo10etlAzpbGP8iJnumR2+2F7hTaTzNInlJ4HqRV/bSCMK1Fi/TpzuldoN
+yVBC/V6OgzKurNEIsnW8G9uBEYETEBdbOBWCpozO4m0HOXxBlYLLpuAN2ioKWs4S
+Abgu2MFAK9BoZz94QwYv9xYZAgMBAAGjggL4MIIC9DAfBgNVHSMEGDAWgBQu7h/x
+28HWct1C1TXtzy5RumGyZTCCAUsGCCsGAQUFBwEBBIIBPTCCATkwNwYIKwYBBQUH
+MAGGK2h0dHA6Ly9lb24tZ3JvdXAtY2EtMi0yMDEzLm9jc3AuZC10cnVzdC5uZXQw
+RwYIKwYBBQUHMAKGO2h0dHA6Ly9wa2kuaW50cmFuZXQuZW9uLmNvbS9jYWNlcnRz
+L0VPTl9Hcm91cF9DQV8yXzIwMTMuY3J0MEIGCCsGAQUFBzAChjZodHRwOi8vd3d3
+LmQtdHJ1c3QubmV0L2NnaS1iaW4vRU9OX0dyb3VwX0NBXzJfMjAxMy5jcnQwcQYI
+KwYBBQUHMAKGZWxkYXA6Ly9jZHAtbGRhcC5pbnRyYW5ldC5lb24uY29tL2NuPUUu
+T04lMjBHcm91cCUyMENBJTIwMiUyMDIwMTMsb3U9Y2Esbz1lb24sYz1kZT9jQUNl
+cnRpZmljYXRlP2Jhc2U/MD4GA1UdIAQ3MDUwMwYLKwYBBAGlNAKBUgEwJDAiBggr
+BgEFBQcCARYWaHR0cDovL3d3dy5lb24uY29tL3BraTCB/gYDVR0fBIH2MIHzMD6g
+PKA6hjhodHRwOi8vcGtpLmludHJhbmV0LmVvbi5jb20vY3Jscy9FT05fR3JvdXBf
+Q0FfMl8yMDEzLmNybDA4oDagNIYyaHR0cDovL2NybC5kLXRydXN0Lm5ldC9jcmwv
+ZW9uX2dyb3VwX2NhXzJfMjAxMy5jcmwwd6B1oHOGcWxkYXA6Ly9jZHAtbGRhcC5p
+bnRyYW5ldC5lb24uY29tL2NuPUUuT04lMjBHcm91cCUyMENBJTIwMiUyMDIwMTMs
+b3U9Y2Esbz1lb24sYz1kZT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/
+MB0GA1UdDgQWBBQda9hLMVeT0Hntfjoe4WEzGo8zJzAOBgNVHQ8BAf8EBAMCAQYw
+EgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAhgOnaizY6byc
+WhAbTZc8CONbIp/iVK04Z0YqSfdHddYIj8XvLqU17p83z2PEJBivggEGs5IgikvM
+MiAvV+vzPRRW02sU0K/9qCqexWlLtrQ8NXIxPD2o/EmxB9vfkefRaxE3GZYLXpwu
+yvrmeznzxdOxI1vxNeBO7rtIqhM6cmIkpKgPluBMn4PsOi/Lo/inIEuPHtVYCIfy
+AvoilwxN8EJR37pvilCL2mwtZRVS3bWdKEjOkbK2MH57yWFFc6EA3+eBwu85u8S7
+C4nsEgAb5P0zjc6/ln9qSomiXE0E0BZMaWOErpH5gMBKNk+xz6sGcPcMRFKt5Tg1
+C1v/93N0kg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGBDCCBOygAwIBAgIDEByqMA0GCSqGSIb3DQEBCwUAMEMxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHTAbBgNVBAMMFEUuT04gR3JvdXAgQ0Eg
+MiAyMDEzMB4XDTEzMTIxNzEzMTUwOVoXDTI4MDkyMDA4MjU1MVowSjELMAkGA1UE
+BhMCREUxEDAOBgNVBAoMB0UuT04gU0UxCzAJBgNVBAsMAkNBMRwwGgYDVQQDDBNF
+Lk9OIENBIDIgMjAxMyBYWElJMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAxlRFecAGoA9BktESwWToETHSwgEI18ZDW6KUpkg3fSdupCMU9lDdotCOWZyj
+Eq7rI04A5hcezFhRSu792Tj/adgFyxgqTr94Ree7wEkBPPrCKz0h+FL8YkCoyvsf
+7pre0C5dd1w3y3X7TwhOXt+l//AiXSLxg23qDfZY59R6P2l3SFXP48X2pOHTy5PA
+wj2qVBp2a2+IKM/9ZLa8XQz8P0gOBjnfW02nPAh2xWlRpQynOaI3YkpulCBRuqJ0
+zZ0DARqwJuY1OgbHxZDBvRwmkr2EIpIzMgDtaqEcZCwu4pg/4GhZ4eY0wMR5HPAO
+VFKjDV5CjGhtzhZwcgrb4R+dvwIDAQABo4IC+DCCAvQwHwYDVR0jBBgwFoAULu4f
+8dvB1nLdQtU17c8uUbphsmUwggFLBggrBgEFBQcBAQSCAT0wggE5MDcGCCsGAQUF
+BzABhitodHRwOi8vZW9uLWdyb3VwLWNhLTItMjAxMy5vY3NwLmQtdHJ1c3QubmV0
+MEcGCCsGAQUFBzAChjtodHRwOi8vcGtpLmludHJhbmV0LmVvbi5jb20vY2FjZXJ0
+cy9FT05fR3JvdXBfQ0FfMl8yMDEzLmNydDBCBggrBgEFBQcwAoY2aHR0cDovL3d3
+dy5kLXRydXN0Lm5ldC9jZ2ktYmluL0VPTl9Hcm91cF9DQV8yXzIwMTMuY3J0MHEG
+CCsGAQUFBzAChmVsZGFwOi8vY2RwLWxkYXAuaW50cmFuZXQuZW9uLmNvbS9jbj1F
+Lk9OJTIwR3JvdXAlMjBDQSUyMDIlMjAyMDEzLG91PWNhLG89ZW9uLGM9ZGU/Y0FD
+ZXJ0aWZpY2F0ZT9iYXNlPzA+BgNVHSAENzA1MDMGCysGAQQBpTQCgVIBMCQwIgYI
+KwYBBQUHAgEWFmh0dHA6Ly93d3cuZW9uLmNvbS9wa2kwgf4GA1UdHwSB9jCB8zA+
+oDygOoY4aHR0cDovL3BraS5pbnRyYW5ldC5lb24uY29tL2NybHMvRU9OX0dyb3Vw
+X0NBXzJfMjAxMy5jcmwwOKA2oDSGMmh0dHA6Ly9jcmwuZC10cnVzdC5uZXQvY3Js
+L2Vvbl9ncm91cF9jYV8yXzIwMTMuY3JsMHegdaBzhnFsZGFwOi8vY2RwLWxkYXAu
+aW50cmFuZXQuZW9uLmNvbS9jbj1FLk9OJTIwR3JvdXAlMjBDQSUyMDIlMjAyMDEz
+LG91PWNhLG89ZW9uLGM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNl
+PzAdBgNVHQ4EFgQUdOjKi6wNCmhF5NcNc8tJk15CA6wwDgYDVR0PAQH/BAQDAgEG
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDQYJKoZIhvcNAQELBQADggEBAC/2l5Rt3Ato
+IT5r6wRUQfSnkty30SP5dvQ8AI8K1N1a7Yi2VfAnfrHKf3QMouNGINmcZwCswLoU
+0WI80MnE3ey2xMARCgBCwV64anT/P4oK44iKK8o3tpoom2BNTxO4JW3ob0u3Py8Y
+H0oD6GEkhwk1AGRKfW55sgs5gZgyE0jCDha2Lp1/X6RqEFECxeRRd7WO1O50EjXu
+7MPbV/VjeTH7ySx6WAleTMFEa1i3HdwnGTDBmdOJtfd88Je7SdNcGJsBaLKmjk5m
+hNR3HDZRpxPFHg6URsZAxK7MVJ0Sj7xM4H7yuvGIbF4nMKyAgO5EbTwFjYpqVSgH
+xbELV69WYxw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGBTCCBO2gAwIBAgIDEByrMA0GCSqGSIb3DQEBCwUAMEMxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHTAbBgNVBAMMFEUuT04gR3JvdXAgQ0Eg
+MiAyMDEzMB4XDTEzMTIxNzEzMzUwOVoXDTI4MDkyMDA4MjU1MVowSzELMAkGA1UE
+BhMCREUxEDAOBgNVBAoMB0UuT04gU0UxCzAJBgNVBAsMAkNBMR0wGwYDVQQDDBRF
+Lk9OIENBIDIgMjAxMyBYWElJSTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAL1l5NYcgaMN4vJ0OUL+JcPQiW5i4BfZPNn7Amdty6qUnWargDmi8EJRzqFV
+aeyTPlRD+Ci6WgECwFYJ0nTACGbWW2Dtu2m4UwzpjG2UUtZ7DSfgQBInZkdPNfdZ
+SigAdr/KXWiwJnxvhOajGZSQvuSspPvQtWIO4xKVSyMkdur9cHKHAiY+kdpoZpk7
+mi7L9ZPpUEVMBL1C/COWsHJIrdwsfRyFrWwB9Vxo3sgphAaySVLZO3/wslK8rFz5
+cdajwfxIzhpZ1O7FmJKWSb4rWYvF0EVPqBkd1s7fPLuCp/8malZYZm1YChZTz0/Z
+dYUws6LHhDLf+XQuKo0+mT8dhpECAwEAAaOCAvgwggL0MB8GA1UdIwQYMBaAFC7u
+H/HbwdZy3ULVNe3PLlG6YbJlMIIBSwYIKwYBBQUHAQEEggE9MIIBOTA3BggrBgEF
+BQcwAYYraHR0cDovL2Vvbi1ncm91cC1jYS0yLTIwMTMub2NzcC5kLXRydXN0Lm5l
+dDBHBggrBgEFBQcwAoY7aHR0cDovL3BraS5pbnRyYW5ldC5lb24uY29tL2NhY2Vy
+dHMvRU9OX0dyb3VwX0NBXzJfMjAxMy5jcnQwQgYIKwYBBQUHMAKGNmh0dHA6Ly93
+d3cuZC10cnVzdC5uZXQvY2dpLWJpbi9FT05fR3JvdXBfQ0FfMl8yMDEzLmNydDBx
+BggrBgEFBQcwAoZlbGRhcDovL2NkcC1sZGFwLmludHJhbmV0LmVvbi5jb20vY249
+RS5PTiUyMEdyb3VwJTIwQ0ElMjAyJTIwMjAxMyxvdT1jYSxvPWVvbixjPWRlP2NB
+Q2VydGlmaWNhdGU/YmFzZT8wPgYDVR0gBDcwNTAzBgsrBgEEAaU0AoFSATAkMCIG
+CCsGAQUFBwIBFhZodHRwOi8vd3d3LmVvbi5jb20vcGtpMIH+BgNVHR8EgfYwgfMw
+PqA8oDqGOGh0dHA6Ly9wa2kuaW50cmFuZXQuZW9uLmNvbS9jcmxzL0VPTl9Hcm91
+cF9DQV8yXzIwMTMuY3JsMDigNqA0hjJodHRwOi8vY3JsLmQtdHJ1c3QubmV0L2Ny
+bC9lb25fZ3JvdXBfY2FfMl8yMDEzLmNybDB3oHWgc4ZxbGRhcDovL2NkcC1sZGFw
+LmludHJhbmV0LmVvbi5jb20vY249RS5PTiUyMEdyb3VwJTIwQ0ElMjAyJTIwMjAx
+MyxvdT1jYSxvPWVvbixjPWRlP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFz
+ZT8wHQYDVR0OBBYEFEenCwas1XolknL1kBafZG0PW2IzMA4GA1UdDwEB/wQEAwIB
+BjASBgNVHRMBAf8ECDAGAQH/AgEAMA0GCSqGSIb3DQEBCwUAA4IBAQBpsLNEbnDn
+cXsAJvieLktWP8OejDLhOIgJDnAPUJmAg/L43JPeCZUNh4moofRAcWdCXbBaD3xV
+pDPg5EAe2cT1gg7oKOs4vPjuJT+lISMcV7OgMmrGnGsl5bwFzyxHR07RlrlWSJmB
+u28t7b3e67UpNgfwH/flUMOR21hRHY617btTqezEmHw9yuLzX6U4wHaWwk5eW2Wz
+ir78FOCLpJHrvYtEsGEM/H1IuwKg9H6tkm6oxjuT8CLPuq/Lrc8dYDU1JLnJ5QTi
+MPKCxLFud3RD06MRmIO2h56VDkCI3RJPSZ670fj3Gl1NxVj/cwIKV/fdNpB9lnMO
+L/oxcsQtZRuC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDDCCBPSgAwIBAgIDEBysMA0GCSqGSIb3DQEBCwUAMEMxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHTAbBgNVBAMMFEUuT04gR3JvdXAgQ0Eg
+MiAyMDEzMB4XDTEzMTIxNzEzNDUwOVoXDTI4MDkyMDA4MjU1MVowUjELMAkGA1UE
+BhMCREUxFTATBgNVBAoMDEQtVHJ1c3QgR21iSDELMAkGA1UECwwCQ0ExHzAdBgNV
+BAMMFlBhcnRuZXIgQ0EgMiAyMDEzIFhYSVYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDICdXUL8G3wBug1oq2biTWFg3Hb8a9P93tdS5tDpU6h2FMulIQ
+ykNQRQa0YrBePQUVvg/K6+mhR3FtRFwgK3g40F3kiE6JmHlfJupl5P8n2WCsRMOI
+0ehVQ6WzTqGnW9S1rGNYljxU8mLH6QMixKX7MtTLpC8c2MTUVWGY3ixBy95V+hSM
+7L6OR/YS0XMl1vDrfwkaLarWmQ718cHkiFUpAkOuY28f+onjtqPnCN1Z6iUjZtv9
+lZjguCLwyuIDqcYA2OuDN3cOylsEQBi9KUEelMefNxWBYCiJ7NrQaYSnulMGSloJ
+kQm9i7dpLW1R4/IqwBrfAZRBXp/YS+S4fHmhAgMBAAGjggL4MIIC9DAfBgNVHSME
+GDAWgBQu7h/x28HWct1C1TXtzy5RumGyZTCCAUsGCCsGAQUFBwEBBIIBPTCCATkw
+NwYIKwYBBQUHMAGGK2h0dHA6Ly9lb24tZ3JvdXAtY2EtMi0yMDEzLm9jc3AuZC10
+cnVzdC5uZXQwRwYIKwYBBQUHMAKGO2h0dHA6Ly9wa2kuaW50cmFuZXQuZW9uLmNv
+bS9jYWNlcnRzL0VPTl9Hcm91cF9DQV8yXzIwMTMuY3J0MEIGCCsGAQUFBzAChjZo
+dHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NnaS1iaW4vRU9OX0dyb3VwX0NBXzJfMjAx
+My5jcnQwcQYIKwYBBQUHMAKGZWxkYXA6Ly9jZHAtbGRhcC5pbnRyYW5ldC5lb24u
+Y29tL2NuPUUuT04lMjBHcm91cCUyMENBJTIwMiUyMDIwMTMsb3U9Y2Esbz1lb24s
+Yz1kZT9jQUNlcnRpZmljYXRlP2Jhc2U/MD4GA1UdIAQ3MDUwMwYLKwYBBAGlNAKB
+UgEwJDAiBggrBgEFBQcCARYWaHR0cDovL3d3dy5lb24uY29tL3BraTCB/gYDVR0f
+BIH2MIHzMD6gPKA6hjhodHRwOi8vcGtpLmludHJhbmV0LmVvbi5jb20vY3Jscy9F
+T05fR3JvdXBfQ0FfMl8yMDEzLmNybDA4oDagNIYyaHR0cDovL2NybC5kLXRydXN0
+Lm5ldC9jcmwvZW9uX2dyb3VwX2NhXzJfMjAxMy5jcmwwd6B1oHOGcWxkYXA6Ly9j
+ZHAtbGRhcC5pbnRyYW5ldC5lb24uY29tL2NuPUUuT04lMjBHcm91cCUyMENBJTIw
+MiUyMDIwMTMsb3U9Y2Esbz1lb24sYz1kZT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25M
+aXN0P2Jhc2U/MB0GA1UdDgQWBBTqhGqOyLfWOtXM6Rx98fYPg0W3gDAOBgNVHQ8B
+Af8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEA
+uCNRZdU8gUYxgcfgzf6vnJ4cwVwfKGprt3YuBDoq1oMFa3rXHUK7CQkY73GZsIxB
+FmoZ5RStZGEjGSnMp3lHhmnKw58BXLJZtAx6kQtziiKXDMFKroxTzDAiqpJrE9UX
+wEq6w66qvmE6V897/au9QcnkGyro34GrqvCkg+iv0KUiSq/b4xEYoZt5T1RkzyXS
+DN0xjwlGgs0BBdablWwFGO/KpuhqyjX1Wyqh3EW0ybD/G4howcfQ0bIttTgGsdOj
+QvhrVq6LJUqttffj2f8Smf6wsvpzSLhFBMCNiaGu/IAF1/VQCKy1BUaD6b76jn/a
+Naj57srK4yJUi42mdnbU2Q==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEfTCCA2WgAwIBAgIDG+cVMA0GCSqGSIb3DQEBCwUAMGMxCzAJBgNVBAYTAlVT
@@ -2836,6 +4052,57 @@ jGBrTAF+ZVALT7iVmppuNP1zOjPxkdXzTi106O/TkDXxBmhk1NAT/VLTxm3BOoox
 iawXqMzVN3cWxYC5DI9XAlWZhXtJ8C5boMJXU12i6KY3wwH6
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIDoTCCAomgAwIBAgILBAAAAAABQ3KVa6cwDQYJKoZIhvcNAQELBQAwOzEYMBYG
+A1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2Jh
+bCBSb290MB4XDTE0MDEwODA4MDAwMFoXDTMwMTIxNTA4MDAwMFowOzEYMBYGA1UE
+ChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBS
+b290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+Mi8vRRQZhP/8NN5
+7CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW0ozS
+J8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2y
+HLtgwEZLAfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iP
+t3sMpTjr3kfb1V05/Iin89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNz
+FtApD0mpSPCzqrdsxacwOUBdrsTiXSZT8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAY
+XSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/
+MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2MDSgMqAw
+hi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3Js
+MB8GA1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBCwUA
+A4IBAQAq7HRKrzf2QHfa4gILa5Bdq8t6e2+FmbAQkXSE+YhCJ41rzBHdK8kxdQtn
+xEgi2gzro5s3iZWfW63CRZCkg75ugM1gpYQTn5Q56irogzhG7Vw1hj6mxrS85GKR
+IYWAI4gXxWqYCd8+mAsd2Z2j2I3rMVGsTPmw7e17nFU9kMYH4zGZltsfXWIb1cM3
+CVjxy1/aQXrP0jMum8Qnv3ROPMZhiZUYhM+rg56Eom8JIWwuMCX59RV2P0jTiBbu
+8FxsRE8o1h0c1plytUGww3t27m3n5FbnH0XLEfQCuzCX518UBQIVzgVL76f+H+mL
+VUI6CnXk2kwcttxRDpnXeWW6Uvxx
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFATCCA+mgAwIBAgIQDglHG7EZWmErtKS1sO1WCTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTQwMTA4MTIwMDAwWhcNMjkwMTA4MTIwMDAwWjBkMQswCQYDVQQG
+EwJVUzEWMBQGA1UEChMNRGlnaUNlcnQgR3JpZDEZMBcGA1UECxMQd3d3LmRpZ2lj
+ZXJ0LmNvbTEiMCAGA1UEAxMZRGlnaUNlcnQgR3JpZCBUcnVzdCBDQSBHMjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMsBrEAAXJEFhz/RP7bYE8g8OdVe
+EOwjrxmg7pXark39WKA7kS10ZPGYaE8W5/mv05ztMgA0J9vym+ZUtfOadVy/JNiH
+jKZyiauxkh3TCjQhLfb+5fLQ3/XW8YylNzwcTAlQ2/eEaU0KXJmveXYh9+txcrWI
+m/aIeHo5r8bpgi31jLRWFKeTdmoMQ3JX8sR5Zn9wuaYjokf3tiufCpF6h1lAH27F
+xTkW5zkZ1RvdcKPnYQPPwquNIT/zIHb3QPNOOB0K0SDc1dPlWjWKeRgm/V7SBFvy
+TFcj/zxHP8m5mh8D75jsW1AAKh8tnALFZxva5rr9RiHmwmd+mDsEYAt/eVkCAwEA
+AaOCAawwggGoMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHkG
+CCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
+Y29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGln
+aUNlcnRBc3N1cmVkSURSb290Q0EucDdjMIGBBgNVHR8EejB4MDqgOKA2hjRodHRw
+Oi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3Js
+MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVk
+SURSb290Q0EuY3JsMEMGA1UdIAQ8MDowOAYKYIZIAYb9bAACBDAqMCgGCCsGAQUF
+BwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBThZRoC
+A5F+15ZtOIiLnhaRaxFsnjAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823I
+DzANBgkqhkiG9w0BAQsFAAOCAQEAKHBUklU69o1g8x7KNsso5ujW+S6Fw/AXLCCr
+1aqkUTQ32hyJjVB0/AOnTIi1lCDKPYXdUDj2TIL9fxsSuj2GxGFEWTz6kW+gyKae
+MvDJifY4TXmx22Mja4DwBjKgUggzvO5Vmf1gz3IZjv67D9SU0TLOhjbcYWKYu19/
++IDLmwV637KkjUgM1asqqtkutfT/d1+j4COTDWSD48OEOk8BiB9Rh+c17Af3yvRV
+f90aa9NEStSVevR2h9i9rDrleeGNiKqCInvDa3szREdsT78+l4nITWH6os/iZnI+
+4int+r0ifHJjNfL1b5NAxey8kIfNCESo/RnqktuXNptd7reo9A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
 hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
 A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
@@ -2906,144 +4173,30 @@ DntE/9Q2toN2I1iLFGy4XfdhbTl27d0SPWuHiJeRvsBGAh52HN22r1xP9QDWnE2p
 cC6JmnkJiYEt7Fx4b4GH8fxV
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIGTTCCBDWgAwIBAgIIdB1YSnL8BrwwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
-BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
-MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290
-IENBMB4XDTE0MDIxMzE1MDIyM1oXDTI0MDIxMzE1MDIyM1owezELMAkGA1UEBhMC
-SVQxDzANBgNVBAgMBk1pbGFubzEPMA0GA1UEBwwGTWlsYW5vMSMwIQYDVQQKDBpB
-Y3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzElMCMGA1UEAwwcQWN0YWxpcyBBdXRo
-ZW50aWNhdGlvbiBDQSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AMzhDjmhNDym6ze3PegbIKmiavXpAjgVCZ344k1DOtdSCV6k3h3rqfHqFn3mrayA
-btmJ0NeC886WxUUsJwHJ3bOnNBQZIHxLV+1RVD/6TQqb6/bPJu4rDwEfhbJSmErc
-29wUJWqxXMhSAWTHi3Pq0vrkx59e5KTEyfB2kHo6InlR72sCCRdtCL9aDuDm8nYK
-pTSAJr36ultwME5NyCNSyN2JIK0wYbEi7MVNbp5KN9MusTp3cOMDoVBreYulmnEu
-TNazmoAv0K8oLS7iX7c9x+zGjUUAucFEuSlRn3sL6hFAiKjy4PDClvnyqQHBBdZr
-/3JOxAcgXv7aZ4/STeXeDXsCAwEAAaOCAeMwggHfMEEGCCsGAQUFBwEBBDUwMzAx
-BggrBgEFBQcwAYYlaHR0cDovL3BvcnRhbC5hY3RhbGlzLml0L1ZBL0FVVEgtUk9P
-VDAdBgNVHQ4EFgQUqqr9yowdTfEug+EG/PqO6g4jrj0wDwYDVR0TAQH/BAUwAwEB
-/zAfBgNVHSMEGDAWgBRS2Ig6yJ94Zu2J83s4cJTJAgI20DBUBgNVHSAETTBLMEkG
-BFUdIAAwQTA/BggrBgEFBQcCARYzaHR0cHM6Ly9wb3J0YWwuYWN0YWxpcy5pdC9S
-ZXBvc2l0b3J5L1BvbGljeS9TU0wvQ1BTMIHiBgNVHR8EgdowgdcwgZSggZGggY6G
-gYtsZGFwOi8vbGRhcC5hY3RhbGlzLml0L2NuJTNkQWN0YWxpcyUyMEF1dGhlbnRp
-Y2F0aW9uJTIwUm9vdCUyMENBLG8lM2RBY3RhbGlzJTIwUy5wLkEuJTJmMDMzNTg1
-MjA5NjcsYyUzZElUP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q7YmluYXJ5MD6g
-PKA6hjhodHRwOi8vcG9ydGFsLmFjdGFsaXMuaXQvUmVwb3NpdG9yeS9BVVRILVJP
-T1QvZ2V0TGFzdENSTDAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIB
-ABP93l+9QBgzHF0Clf3gMAelGqwXT25DwZVFIkBw6YyqOPcaqzw1XKHJJEMQ8xOp
-8uuiPLP/ObxEXBBvH7ofNW7nRUIzGsuLPhzdfJhdzilCVAvz4WRsX44nWOQS4Qu0
-npo7dbq/KxFUCUO9yNEJp6YxNloy8XFIlazkHFTKGJqoUpsGoc7B9YmPchhE2FPb
-OZiOCg4Y2Qp43UJfnENgZ3gJFh16juQE1uS8Q/JJI7ZzJfJ/W0uQoDnCprOPUpLF
-G03e0asFxwQqhL84Jvf7rJZaWvwydHP4hH47nzpHWEGXwfJLXXoO7LHgqVB7K9Ar
-Zf3pY0S/3Fs+AN/PrEY3Z3rb7ypQLRiot1oJLl8matiGEF4aFL5DDkr9wfRAZ8S8
-WT69vN68ENGgEwyeZSlQxn+4g6quHRav0fmF2fGnLaq7tteSPVocT7XaMEpkHqNs
-x1q/PJbr39s/1QVZtS9CrdoCr0QAnBaX//PPB6ansSLFcvEqM9QcV9xQZex88ToX
-nk3TcHtA0ezWJlCkg626MhdQZrhHbkauHfIGSOmCkn3zHp0BZQ6Vo7UOdRMT7QS7
-y7AkET9Qmapwh2CFUdCJSXklVRd+06XhhOB37NQU0pGJQJ3xjEPrILZ8kLhW3Tyq
-Iv30LW7MXZ4yQn/JHEZbuiOOb4R45hsPZxe6gOq/e+sf
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIETTCCAzWgAwIBAgILBAAAAAABRE7wNjEwDQYJKoZIhvcNAQELBQAwVzELMAkG
-A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
-b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAw
-MDBaFw0yNDAyMjAxMDAwMDBaMEwxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
-YWxTaWduIG52LXNhMSIwIAYDVQQDExlBbHBoYVNTTCBDQSAtIFNIQTI1NiAtIEcy
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gHs5OxzYPt+j2q3xhfj
-kmQy1KwA2aIPue3ua4qGypJn2XTXXUcCPI9A1p5tFM3D2ik5pw8FCmiiZhoexLKL
-dljlq10dj0CzOYvvHoN9ItDjqQAu7FPPYhmFRChMwCfLew7sEGQAEKQFzKByvkFs
-MVtI5LHsuSPrVU3QfWJKpbSlpFmFxSWRpv6mCZ8GEG2PgQxkQF5zAJrgLmWYVBAA
-cJjI4e00X9icxw3A1iNZRfz+VXqG7pRgIvGu0eZVRvaZxRsIdF+ssGSEj4k4HKGn
-kCFPAm694GFn1PhChw8K98kEbSqpL+9Cpd/do1PbmB6B+Zpye1reTz5/olig4het
-ZwIDAQABo4IBIzCCAR8wDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
-AQAwHQYDVR0OBBYEFPXN1TwIUPlqTzq3l9pWg+Zp0mj3MEUGA1UdIAQ+MDwwOgYE
-VR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hbHBoYXNzbC5jb20vcmVw
-b3NpdG9yeS8wMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nbG9iYWxzaWdu
-Lm5ldC9yb290LmNybDA9BggrBgEFBQcBAQQxMC8wLQYIKwYBBQUHMAGGIWh0dHA6
-Ly9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMTAfBgNVHSMEGDAWgBRge2YaRQ2X
-yolQL30EzTSo//z9SzANBgkqhkiG9w0BAQsFAAOCAQEAYEBoFkfnFo3bXKFWKsv0
-XJuwHqJL9csCP/gLofKnQtS3TOvjZoDzJUN4LhsXVgdSGMvRqOzm+3M+pGKMgLTS
-xRJzo9P6Aji+Yz2EuJnB8br3n8NA0VgYU8Fi3a8YQn80TsVD1XGwMADH45CuP1eG
-l87qDBKOInDjZqdUfy4oy9RU0LMeYmcI+Sfhy+NmuCQbiWqJRGXy2UzSWByMTsCV
-odTvZy84IOgu/5ZR8LrYPZJwR2UcnnNytGAMXOLRc3bgr07i5TelRS+KIz6HxzDm
-MTh89N1SyvNTBCVXVmaU6Avu5gMUTu79bZRknl7OedSyps9AsUSoPocZXun4IRZZ
-Uw==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEYzCCA0ugAwIBAgILBAAAAAABRE7wPiAwDQYJKoZIhvcNAQELBQAwVzELMAkG
-A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
-b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAw
-MDBaFw0yNDAyMjAxMDAwMDBaMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
-YWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxpZGF0
-aW9uIENBIC0gU0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQCp3cwOs+IyOd1JIqgTaZOHiOEM7nF9vZCHll1Z8syz0lhXV/lG72wm2DZC
-jn4wsy+aPlN7H262okxFHzzTFZMcie089Ffeyr3sBppqKqAZUn9R0XQ5CJ+r69eG
-ExWXrjbDVGYOWvKgc4Ux47JkFGr/paKOJLu9hVIVonnu8LXuPbj0fYC82ZA1ZbgX
-qa2zmJ+gfn1u+z+tfMIbWTaW2jcyS0tdNQJjjtunz2LuzC7Ujcm9PGqRcqIip3It
-INH6yjfaGJjmFiRxJUvE5XuJUgkC/VkrBG7KB4HUs9ra2+PMgKhWBwZ8lgg3nds4
-tmI0kWIHdAE42HIw4uuQcSZiwFfzAgMBAAGjggElMIIBITAOBgNVHQ8BAf8EBAMC
-AQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU6k581IAt5RWBhiaMgm3A
-mKTPlw8wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
-d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSG
-Imh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYBBQUHAQEE
-MTAvMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290
-cjEwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZIhvcNAQEL
-BQADggEBANdFnqDc4ONhWgt9d4QXLWVagpqNoycqhffJ7+mG/dRHzQFSlsVDvTex
-4bjyqdKKEYRxkRWJ3AKdC8tsM4U0KJ4gsrGX3G0LEME8zV/qXdeYMcU0mVwAYVXE
-GwJbxeOJyLS4bx448lYm6UHvPc2smU9ZSlctS32ux4j71pg79eXw6ImJuYsDy1oj
-H6T9uOr7Lp2uanMJvPzVoLVEgqtEkS5QLlfBQ9iRBIvpES5ftD953x77PzAAi1Pj
-tywdO02L3ORkHQRYM68bVeerDL8wBHTk8w4vMDmNSwSMHnVmZkngvkA0x1xaUZK6
-EjxS1QSCVS1npd+3lXzuP8MIugS+wEY=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEXTCCA0WgAwIBAgILBAAAAAABRE7wSlUwDQYJKoZIhvcNAQELBQAwTDEgMB4G
-A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNp
-Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTQwMjIwMTAwMDAwWhcNMjExMjE1
-MDgwMDAwWjBiMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
-YTE4MDYGA1UEAxMvR2xvYmFsU2lnbiBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0g
-U0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj6qHS
-w0nl9xxdr8OSQq+KPNzvTOYvXwwrn4pQMGbvTshPIUr25/JOG4xTV7CeyFv3uEZV
-sxrtwmr+9BvsSEYOj+D74JEZ35kYby5Rr9r2mspkb5lUEHTqPMiqgE1DN/vIpH8F
-nTeSvZgANVqvu1t0FQ68vMbpt4bn7q5NSwRMK6C0ZUi4wzrNdbs3yUrAARHZvz8V
-hmAZazQgRvWGZg8k9Mxin5+eHf0QpJle8EHrsJT/LLM21usdpxdf385qd8eaxDJj
-pwat8xIbnTByWQvrcusq0nd7kXfbAPzYb/Uv2HrFDDqge16Q852EWcgB2ZE3VuU6
-U5OtYEknJdnh2oLXAgMBAAGjggEoMIIBJDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0T
-AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU2kB3Q2Uc+P6n4/Rkgj5NQxMiMQIwRwYD
-VR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2Jh
-bHNpZ24uY29tL3JlcG9zaXRvcnkvMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9j
-cmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC1yMi5jcmwwPQYIKwYBBQUHAQEEMTAvMC0G
-CCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjIwHwYD
-VR0jBBgwFoAUm+IHV2ccHsBqBt5ZtJot39wZhi4wDQYJKoZIhvcNAQELBQADggEB
-AEDvEpCDdJaK+Tq6m1lKM9PvTBMrtZHLyZbtbvVsZPHGhLJGWVpYglLxNKBUQWQg
-q9hXO9QUdHEYNswTwcdwwPVFZg5xroevkpTrcUAJ9Mx39xuThYpKrjOF5nSu9RCm
-PslZg8P5XJb5KPc0e+k4xpE8T3FYdf7hVnV2zUDEFUA5qUH9ZBAPl4UH6Hlk0FtN
-TJsnl9NzXpJ+H0jiyrkFl07vLBxrTYpfeFOVzQI5wi/maU/2cdGZtX9tIN5Dj9sA
-G6M7N97RP23ztpB2Haydb4RPJJQJduCdqE33TTePpC9fS0HkSRaXzHtsrxHKllQJ
-iyRRrl3tovG7UxBNl/oadwM=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEaTCCA1GgAwIBAgILBAAAAAABRE7wQkcwDQYJKoZIhvcNAQELBQAwVzELMAkG
-A1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jv
-b3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNDAyMjAxMDAw
-MDBaFw0yNDAyMjAxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
-YWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBW
-YWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQDHDmw/I5N/zHClnSDDDlM/fsBOwphJykfVI+8DNIV0yKMCLkZc
-C33JiJ1Pi/D4nGyMVTXbv/Kz6vvjVudKRtkTIso21ZvBqOOWQ5PyDLzm+ebomchj
-SHh/VzZpGhkdWtHUfcKc1H/hgBKueuqI6lfYygoKOhJJomIZeg0k9zfrtHOSewUj
-mxK1zusp36QUArkBpdSmnENkiN74fv7j9R7l/tyjqORmMdlMJekYuYlZCa7pnRxt
-Nw9KHjUgKOKv1CGLAcRFrW4rY6uSa2EKTSDtc7p8zv4WtdufgPDWi2zZCHlKT3hl
-2pK8vjX5s8T5J4BO/5ZS5gIg4Qdz6V0rvbLxAgMBAAGjggElMIIBITAOBgNVHQ8B
-Af8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUlt5h8b0cFilT
-HMDMfTuDAEDmGnwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0
-dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCow
-KKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYB
-BQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNv
-bS9yb290cjEwHwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswDQYJKoZI
-hvcNAQELBQADggEBAEYq7l69rgFgNzERhnF0tkZJyBAW/i9iIxerH4f4gu3K3w4s
-32R1juUYcqeMOovJrKV3UPfvnqTgoI8UV6MqX+x+bRDmuo2wCId2Dkyy2VG7EQLy
-XN0cvfNVlg/UBsD84iOKJHDTu/B5GqdhcIOKrwbFINihY9Bsrk8y1658GEV1BSl3
-30JAZGSGvip2CTFvHST0mdCF/vIhCPnG9vHQWe3WVjwIKANnuvD58ZAWR65n5ryA
-SOlCdjSXVWkkDoPWoC209fN5ikkodBpBocLTJIg1MGCUF7ThBCIxPTsvFwayuJ2G
-K1pp74P1S8SqtCr4fKGxhZSM9AyHDPSsQPhZSZg=
+MIIEUzCCAzugAwIBAgILBAAAAAABRE8CNrYwDQYJKoZIhvcNAQELBQAwTDEgMB4G
+A1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNp
+Z24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTQwMjIwMTAwMDAwWhcNMjkwMzE4
+MTAwMDAwWjBXMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1z
+YTEtMCsGA1UEAxMkR2xvYmFsU2lnbiBDQSBmb3IgQUFUTCAtIFNIQTI1NiAtIEcy
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+fyemGPTDsow6Pqr0IMY
+U1E/ko3DG3UPXQOlFMclMbsdM9CpueFB6zg+oUXvNXwtW/CtqOSL4+RfKyzleEuH
+MoHVFlCTuJbCagyB7VcBhIa5AKM4B5rIRVzAylbcFI6z2pdhqrWZIyKVvnDWEdmD
+gq6vycUrSwxqzWJWKihhz2SLxe5X2j8Mbi1uMTGXfFSd9hJhTeh3qOgCcyCmTBXo
+8SPuhoZSq4O5UjrH562bQB+iGBdT//9vDXT7xdzRalcI3GeB16gsuKO24VSr88X7
+5EEhBAbLtG35Q8LZRUyUU8alKO/D3g/a9+o4XCa9VCrq4GC/WJ8sLGBspEB+Ok0Z
+QQIDAQABo4IBKTCCASUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQEwHQYDVR0OBBYEFGDC8VI+rYwT3NvKDvoK5iosmUvYMEcGA1UdIARAMD4wPAYE
+VR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9y
+ZXBvc2l0b3J5LzA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNp
+Z24ubmV0L3Jvb3QtcjMuY3JsMD4GCCsGAQUFBwEBBDIwMDAuBggrBgEFBQcwAYYi
+aHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzAfBgNVHSMEGDAWgBSP
+8Et/qC5FJK5NUPpjmove4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEAE6KprnJzWxFf
+N0fQ//QEguT88TZdsk2nE4eU5D7ac+wnfqihu3oSQSOeNhjdImJWUp0cffOWGCWX
+EuAu8/hKQjuhHoIc53Pkc3euQCNGII0Q+4061809EC1f8yLaUPsx79dyxFDTlIkA
+YNreAp2oXpw5eeuyCDzE26wres1h+O78vSC/cZRdCnqZ2nmoPQ6XAT0APD85p2Mf
+o69P7W8HHX87d8rQQ6ygKUktBCk2wrlEf+ezqfeE1gk/ey6HleO9t/73lovFHEWu
+DC4phYMwUA86QdtFfU80QH5QzxKieGEWHzc8/lFn4w3WuxRQ85wHQiy9f32QDHDo
+XBNcWyODBg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEeDCCA2CgAwIBAgIIW0aZkOx1nTQwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
@@ -3116,269 +4269,177 @@ mshlbIFDYLrJfcS0mGPEwk0Fm5kCMCrbRm5ONLS18G0NfDYnuGp7ex7i0GUezn5T
 /QKTj/C/89U3cSp0L2qvkeMN9nsU4w==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFHzCCBAegAwIBAgIEByemYTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJJ
-RTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYD
-VQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE0MDQwOTE2MDMwNloX
-DTIxMDQwOTE2MDIxMFowgY0xCzAJBgNVBAYTAk5MMRIwEAYDVQQHEwlBbXN0ZXJk
-YW0xJTAjBgNVBAoTHFZlcml6b24gRW50ZXJwcmlzZSBTb2x1dGlvbnMxEzARBgNV
-BAsTCkN5YmVydHJ1c3QxLjAsBgNVBAMTJVZlcml6b24gUHVibGljIFN1cmVTZXJ2
-ZXIgQ0EgRzE0LVNIQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo
-OwWImO3Kdhcb8lmJVOROdTidMxYJasOStOvLgnHWmzyn6VbeP1xeZbS8mIyHxY0m
-916FlYdsWd3sKV+wnXFBZCnYJEvLTABe1dT3Tob4acjGEonr9RKiDbeBb6LcRA3Y
-YHMmdnRAfzHtOAPj7CqVcSFdcib7HuTTf2Ot+xEzJkRyh7dPs+OcXvo0mBp8Oyga
-TBTZiMg3d5t2UVZQbNf+3O2BMBVhnixXTA7JDEYf0RfLPdbbKjYxE9yez4ICwURL
-JwSQUv/9Ylrb65NAVWpfmmceOU7LH0XvHy+6KHIZtnIxP53/w/X3Ui+X4o2R30jt
-iDdq3McycOlB/Bv2zqAhAgMBAAGjggG3MIIBszASBgNVHRMBAf8ECDAGAQH/AgEA
-MEwGA1UdIARFMEMwQQYJKwYBBAGxPgEyMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
-c2VjdXJlLm9tbmlyb290LmNvbS9yZXBvc2l0b3J5MIG6BggrBgEFBQcBAQSBrTCB
-qjAyBggrBgEFBQcwAYYmaHR0cDovL29jc3Aub21uaXJvb3QuY29tL2JhbHRpbW9y
-ZXJvb3QwOQYIKwYBBQUHMAKGLWh0dHBzOi8vY2FjZXJ0Lm9tbmlyb290LmNvbS9i
-YWx0aW1vcmVyb290LmNydDA5BggrBgEFBQcwAoYtaHR0cHM6Ly9jYWNlcnQub21u
-aXJvb3QuY29tL2JhbHRpbW9yZXJvb3QuZGVyMA4GA1UdDwEB/wQEAwIBxjAfBgNV
-HSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DBCBgNVHR8EOzA5MDegNaAzhjFo
-dHRwOi8vY2RwMS5wdWJsaWMtdHJ1c3QuY29tL0NSTC9PbW5pcm9vdDIwMjUuY3Js
-MB0GA1UdDgQWBBTkLbuRAWUmH7R6P6MVJaTOjEQzOzANBgkqhkiG9w0BAQsFAAOC
-AQEAdA8XA5Qvi4LTuB/IeCu44Bv/dFrvuhtUYUmrm1ZxQcbJ0Z8Vqyl54AT0tN8d
-PmvBQk+ORWF2Ncoa7dvVX3UBT0Hnu2lITWEpq7ul6qFp6QWwnev2T8JlKJ6oeCCW
-qmu71/Eo7YfYsxmhdwyPMZpwjYhyGXBdBhooEuoJLg9S2hUiyPdxG52Pr1pZJti5
-A9dEYJfZ5etyfQyd+aO51rA8jpe3rpMS8blSBkfid8GrSawwSDvUTGFC18om4K70
-vPHTStzKNAciUKSdAEY6VNzxkJOu6IkR5H3f6Sw/Mq9EOK9jg6t0qGWwu24WunkO
-9KlgK++DdBLm13arqkkvSebisQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEoDCCA4igAwIBAgIQGtcftbtaHVldSXX089Qs0jANBgkqhkiG9w0BAQUFADB+
-MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B
-LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD
-VQQDExlDZXJ0dW0gR2xvYmFsIFNlcnZpY2VzIENBMCIYDzIwMTQwNTA2MTIwMDAw
-WhgPMjAyMjA3MDQxMDMxNDBaMFIxCzAJBgNVBAYTAlBMMRYwFAYDVQQKEw1uYXp3
-YS5wbCBTLkEuMRgwFgYDVQQLEw9odHRwOi8vbmF6d2EucGwxETAPBgNVBAMTCG5h
-endhU1NMMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJH19wEJT3XI
-CccUj+QamXggmUBZbxAv//7QEP8Gozk9xPFLB88iOSCAQ1DBr7QBcaCjMBFS09KY
-2cJp9+MA2Rk/PbM7UnXj0wyr/1cBOoNc9QK7KP6QOI6ihM9hSOeZ4HIkthFYShhX
-DTQYXjXIs6wEX404L6LP0tx02EEC7ODbDFSBpHrFNNUZhrYeZfc89rLdOrW3kWEY
-/YEsimjX1qgzt0e4+UitNe4Rk/nCqfqUjk+70R6nZHS0+Q+IpxGnMxrCsRQMEqhr
-gkR4TtV5j1xgKUdMNjVSx61swCA5k/HIszvZxuzdIkUnolASB/j+OHkkibn33uDG
-6WTj9Av6xwIDAQABo4IBQDCCATwwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
-FgQUnc7wWrTLJc82pYJdj/d/mEYZNy4wHwYDVR0jBBgwFoAURcWyhk7M3SmX5N0U
-xG6uTbjBd/gwDgYDVR0PAQH/BAQDAgEGMC4GA1UdHwQnMCUwI6AhoB+GHWh0dHA6
-Ly9jcmwuY2VydHVtLnBsL2dzY2EuY3JsMGoGCCsGAQUFBwEBBF4wXDAoBggrBgEF
-BQcwAYYcaHR0cDovL3N1YmNhLm9jc3AtY2VydHVtLmNvbTAwBggrBgEFBQcwAoYk
-aHR0cDovL3JlcG9zaXRvcnkuY2VydHVtLnBsL2dzY2EuY2VyMDoGA1UdIAQzMDEw
-LwYEVR0gADAnMCUGCCsGAQUFBwIBFhlodHRwczovL3d3dy5jZXJ0dW0ucGwvQ1BT
-MA0GCSqGSIb3DQEBBQUAA4IBAQCGClqg2Im3VUaxtLnvPJN/c9HFJm0j/oAb5WFp
-2CUMtrVvZSyr/I7B3C7uKaLsc5GjZcCDnGuVM0NCWvd/XlrreGpgADHjWzSdYzuB
-dLrAk7tgeqrR6gkP1zSgxi/11u1Alkgy8/MYW75AVmbsuz/YGISa3Sp1I2shTNka
-XJNSmRF1D0eKg5uVP1m/M8KxVFL67HdKIlDbQN1ho/GTVikR8/b4HQD94i6vkRUw
-snhxkL9vHIFl0AwyaZHaJuioiYKLWRxwrXJfVCNFo3/Ty0tdXD2D11kQuhxHYBCa
-TqCLv91pzrss+o/BRJGmeP/+UMqECwvPU9V5/kiuZmnvY5sP
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE1jCCA76gAwIBAgIQXmMWQN0ZZjK0k6MwB5DXVjANBgkqhkiG9w0BAQsFADCB
-mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
-MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
-eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv
-cml0eSAtIEczMB4XDTE0MDYxMDAwMDAwMFoXDTI0MDYwOTIzNTk1OVowaDELMAkG
-A1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xHTAbBgNVBAsTFERvbWFp
-biBWYWxpZGF0ZWQgU1NMMSIwIAYDVQQDExlHZW9UcnVzdCBEViBTU0wgU0hBMjU2
-IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwslPk4vuoPynEQwX
-sa8gZUFVSSzV/yq8rSEWTqLP+Ml8e7MPsmyNy7aCWCvHH2CtlD/qx6KjT8St0MHq
-J70NqjEyaLGfw+Vvc3Dy+JEodiKtOEsgfvVz+WNonfbUd1Gu+fjObzuSTucRPXo0
-a59MvsZ7OT0BTfoQSigt8uGgcSvzn5DJg6ScLgWCXsNBRrp3PJMG+jxMnAl7xorX
-xkLPFkuQ3X3zpt1VoAdcKuBtlOBA+XmIM31oTnRtiOoZ7n+LwoTOeODccVJnRQuW
-tlP8tvdfXAknHZt//ygIXy7u4BJS7UNFjNX7JtqXlGhGA92qZDqTz2/po8lNPhgs
-u5GX/wIDAQABo4IBSTCCAUUwLgYIKwYBBQUHAQEEIjAgMB4GCCsGAQUFBzABhhJo
-dHRwOi8vZy5zeW1jZC5jb20wEgYDVR0TAQH/BAgwBgEB/wIBADBMBgNVHSAERTBD
-MEEGCmCGSAGG+EUBBzYwMzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVz
-dC5jb20vcmVzb3VyY2VzL2NwczA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vZy5z
-eW1jYi5jb20vR2VvVHJ1c3RQQ0EtRzMuY3JsMA4GA1UdDwEB/wQEAwIBBjApBgNV
-HREEIjAgpB4wHDEaMBgGA1UEAxMRU3ltYW50ZWNQS0ktMS02OTYwHQYDVR0OBBYE
-FEnsp8ip98W7LKok5/RDs7E86FT4MB8GA1UdIwQYMBaAFMR5yo6hTgMdHNxr2zFb
-lD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IBAQC8fTpScyqmULJKTmRvnuWInRutfmBp
-FbHPKzCER/I0+r+9l1xqjTLCbLnq3TICebSFgUlRwskq+OS0C5Rs4i8AH1/+XfTP
-cgaEIb8K5IUnlpP+Bc46zDqWjTMBeV0fVza7qgSbnaklPnpejX7jENqJH31r3KDg
-23JZxYPl01eOD54GPKjIN1yq5dru7DtVESZ+Yn+HJMCT3d6wBwXwYzsL4yUna1DF
-4ua3h7lr7J9EdLdWna6aZX9xXmOIvF+dQ+4NmMxJxA7cqI4S81QFqGz/jgpwHiyZ
-B0L6tg+JnPfY5v7sbQthTFKQhiPF8ac0g1U/9OW/tn4jF3JAh0Tdh+eX
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEtTCCA52gAwIBAgIQSOmUQNQ2SRy4uII9CUOUxzANBgkqhkiG9w0BAQsFADCB
-mDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsT
-MChjKSAyMDA4IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25s
-eTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhv
-cml0eSAtIEczMB4XDTE0MDYxMDAwMDAwMFoXDTI0MDYwOTIzNTk1OVowRzELMAkG
-A1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xIDAeBgNVBAMTF1JhcGlk
-U1NMIFNIQTI1NiBDQSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEAxJVjKNBOMEWvi5c0FEX4XFhK+jOObpxgq/OG/zR0siu+oYzVoqNgekC54fwi
-yme6YKrHmvkGf+73uoUFsAP/cq4VQUqYZNcXS1TvBcaYB5MnPk/cD8Z7i+fzBl6N
-6LSuKbQeHi0WkNPqqueMO22vNln/xQr6x0y9NotkxEr1zjP5B75/RZCoCBSw0KVP
-34KA2hvuwxOwmPUP+X52tea5XWi5XFCQiaQ2sXAW6rEQtWp23+G7/HjycpnPyaLU
-c1R3v8A5d+WuEsV4WhlF1EEZ03z1b5lr14u8LQmdSxBhwNpSw68iQ8brN35jdDAN
-anGO3l1bisjF15sp6K62JWGB6wIDAQABo4IBSTCCAUUwLgYIKwYBBQUHAQEEIjAg
-MB4GCCsGAQUFBzABhhJodHRwOi8vZy5zeW1jZC5jb20wEgYDVR0TAQH/BAgwBgEB
-/wIBADBMBgNVHSAERTBDMEEGCmCGSAGG+EUBBzYwMzAxBggrBgEFBQcCARYlaHR0
-cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2VzL2NwczA2BgNVHR8ELzAtMCug
-KaAnhiVodHRwOi8vZy5zeW1jYi5jb20vR2VvVHJ1c3RQQ0EtRzMuY3JsMA4GA1Ud
-DwEB/wQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRU3ltYW50ZWNQS0kt
-MS02OTcwHQYDVR0OBBYEFEz0v+g7vsIk8xtHO7VuSI4Wq68SMB8GA1UdIwQYMBaA
-FMR5yo6hTgMdHNxr2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IBAQB6U7Xetu9S
-o1+K9YnxQsxeRoiupQiHUd4PDwLrDIJ443N9cb1D6cqKP+AlkpszM3RJXgDZcxQc
-C0Z2HIoNTYxsfkv3YNiBeKB40CViqxDKIugcGd1Sg2QF5Ydmrud6pDs+2HB6dqJn
-OdTJ+uW3HkHiCTmIHBhVCsRBr7Lz8w9CFGF0gePah1qaTYvTyY+JZhMpEeT/4t+O
-lgxaoaprm/38AztVDaaiJUgXH0Ko2mx+aW6g32fSbfQOahJ59XzIpTIcxDGy5ruo
-a2qiimBpwFd9svIxDJhlMuwIWs7GmOkhlz8seSkD9faUK1Mx85NoV+HXTzrRYaFg
-zrmrmK41VGOL
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE0jCCA7qgAwIBAgIQLGnhL2pnC9md0g+RnvCeUTANBgkqhkiG9w0BAQsFADCB
-qTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNV
-BAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTQwNjEwMDAwMDAwWhcNMjQw
-NjA5MjM1OTU5WjBjMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMu
-MR0wGwYDVQQLExREb21haW4gVmFsaWRhdGVkIFNTTDEeMBwGA1UEAxMVdGhhd3Rl
-IERWIFNTTCBDQSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
-6pQHhchBLPaDEmySX6sfANSWb3TNLhHpbA85AblIkEA5TcSiyHlqpZq9kURld1St
-/yVf7kL7swIP6l163RpUntdzQpvMeV/FTfS3Cxg5IHrdUAFdNEVfTBEO9YcmJrSw
-835xoDFxUIloWmOKFGLljDoWVQ0+66qAHXF644cHq72idM3aCAGdG8wniIxH1Gkl
-Qta7UG2FUNBIgg0In+kj40LGPJi4u27FcBPfGR0B/dK1TuZi9Af6a30Rd8RiT0BO
-pXiXqyxNDKd8w8RQMp/QcJsP//91WTSFrUnVNe5PW9TUNpWgfujFoRy9E0597mNq
-lhmZyKcqAOZRjUbrMFjoLQIDAQABo4IBOTCCATUwEgYDVR0TAQH/BAgwBgEB/wIB
-ADBBBgNVHSAEOjA4MDYGCmCGSAGG+EUBBzYwKDAmBggrBgEFBQcCARYaaHR0cHM6
-Ly93d3cudGhhd3RlLmNvbS9jcHMwDgYDVR0PAQH/BAQDAgEGMC4GCCsGAQUFBwEB
-BCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Quc3ltY2QuY29tMDEGA1UdHwQqMCgw
-JqAkoCKGIGh0dHA6Ly90LnN5bWNiLmNvbS9UaGF3dGVQQ0EuY3JsMCkGA1UdEQQi
-MCCkHjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0xLTY5ODAdBgNVHQ4EFgQUn7jB
-qWzy9cAiKpTtXJms1OzXxgcwHwYDVR0jBBgwFoAUe1tFz6/Oy3r9MZIaarbzRutX
-SFAwDQYJKoZIhvcNAQELBQADggEBAFNU8keoAtfvqjV4vkoIDZAYS22eKlMr6VQX
-d3QpftA3BwW45Pq4tGOYRNzGT4EGjDq+xzBXxnD81pMZn8NV1z4fcoqdMFo1lzLL
-Y+TGct/7aMppL9vNUDg+K7urO4LH/UubvXxBmO8BU9g1jyXJAwbmnFfBUQ+e9n2T
-Tfh2yDpr9MSPMzJ/nSGENNmn+ZL6QZFhhAWdo3lGzmfngfJerEy8qKtqbRXinE5a
-2WOAvPdC65pExoxrBja0izKJ3sLxqCaqqaz/6nGm54xB+hc1u7OHMamTwshY4QpO
-lYOcue07pe8I4HT5wxvmB6PuB9dCInkhoKHUHSbT0NamXStBwHk=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE3DCCA8SgAwIBAgIQPiM0Wu0sClF7Jt7UgB0QqjANBgkqhkiG9w0BAQsFADCB
-rjELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMf
-Q2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIw
-MDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNV
-BAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0xNDA2MTAwMDAwMDBa
-Fw0yNDA2MDkyMzU5NTlaMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUs
-IEluYy4xHTAbBgNVBAsTFERvbWFpbiBWYWxpZGF0ZWQgU1NMMSAwHgYDVQQDExd0
-aGF3dGUgRFYgU1NMIFNIQTI1NiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
-AQoCggEBALOsDX+tuxNNlF9nQmrQiXGp7XQEkyTITVah8JGWhNmEas9SIeMasVRM
-5saenks4qZZUHfWz7ZIE0G5UkG4v6X2YtIotEqO0Qkcdf19A4fx/kaYB3FWkUHgq
-Yz+EfizIKyG2xg5evLix1BuYs8b44ego7TJEG8t/9+SxEevGCLBb7qjC7Eaqjynf
-ubekA6A1elg/iylHwdIi+izGx2zN0/dYMpOU0W+pKpwPCiiSqxQKtt/tQHpkB1TO
-6nWXMrmWoHXJdzECdK9Ud0+ZooFLeVm4kj/5B+pCdFcuNexVivxhPD5XcZI7q+TB
-4RcsZDYAhLV8Gn2wQTN8I/ZOd1oswUsCAwEAAaOCATwwggE4MC4GCCsGAQUFBwEB
-BCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL3Quc3ltY2QuY29tMBIGA1UdEwEB/wQI
-MAYBAf8CAQAwQQYDVR0gBDowODA2BgpghkgBhvhFAQc2MCgwJgYIKwYBBQUHAgEW
-Gmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMDQGA1UdHwQtMCswKaAnoCWGI2h0
-dHA6Ly90LnN5bWNiLmNvbS9UaGF3dGVQQ0EtRzMuY3JsMA4GA1UdDwEB/wQEAwIB
-BjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRU3ltYW50ZWNQS0ktMS02OTUwHQYD
-VR0OBBYEFH0pMS/BHm6uMQVqs+sczandroCaMB8GA1UdIwQYMBaAFK1sqpRgnO3k
-//o+CnQrYwP3tlm/MA0GCSqGSIb3DQEBCwUAA4IBAQA2/6LxHH65UXuU01p7SCXT
-N6KCKi1fOB6HZ+zJMavXkjO4vTXKsYBwBIJ8iMw3LhZ0bpNAY8qNe/8HKOb5M6vw
-YY09yoPFUNi9aTkfrry37hXFjQQGIDMoBJnFnBH1AQ9HXtiJmaXOwoD+Rvrvthuo
-kbKDs+JXDRrkltW8971tA/hifuv4Qgn+CWSkyVy40jkLeQKeFTkdwNnNHF9odo3z
-Hi36v6dJog2X9ZbC6WzUzUcLi4oBi9v6z5J1Lt4+p3O1/gNRp0LDx0JrqW++9iDh
-jr+fCY7lCOiSk3c+SUScf+l5nf9Lr+A4VzQNXxEyEpKpYYiBpR74oPBFWoZxIIWF
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEbzCCA1egAwIBAgIDAjpzMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMTQwNjExMjIwMjU5WhcNMjIwNTIwMjIwMjU5WjBmMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMURG9tYWluIFZh
-bGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBDQSAtIEczMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0Q6bLCuyxT5jBl0NFypaeOI
-U3elp/+90TwNJ+TerX+80ZBYk9am2jmcreEOVkbulZ4QaEycK/ZqOouAgYcGVyUa
-VlKU3ZDrZzve+q42aNNiafZsgiRET4dcmBGVZGvoDNHd5ieXrszikWpBErar5cxu
-zCO4Y4ofMZMtBsT36D1YzZcIRmx7dMD4/DE7p3/Xj7DJFWNQehJN9RIeo35V43W3
-6h7qMSwITtjLQ3SJJLzSDh7w2wUk9oq/ECeEQRr2GFPukdBUF9N9Pn6yfai/27kh
-KvCJuQhuWrNe6oK4ficLzFZzgQVP45YtcdV4p2DD1+yqORoFOYKB4BUsNdHuJQID
-AQABo4IBSDCCAUQwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4wHQYD
-VR0OBBYEFK1lIoWQ0DvjoUmLN/nxCx1fF6B3MBIGA1UdEwEB/wQIMAYBAf8CAQAw
-DgYDVR0PAQH/BAQDAgEGMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9nLnN5bWNi
-LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDAuBggrBgEFBQcBAQQiMCAwHgYIKwYBBQUH
-MAGGEmh0dHA6Ly9nLnN5bWNkLmNvbTBMBgNVHSAERTBDMEEGCmCGSAGG+EUBBzYw
-MzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2Vz
-L2NwczApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRU3ltYW50ZWNQS0ktMS02OTkw
-DQYJKoZIhvcNAQELBQADggEBAE4nuBrHO9xdu54aNSMeiFWQ0eyGnIi34B9nh+J8
-tUMDDrYC6OD/hoQZcenyS/WeLi5e26vWHE7EPrgseIZxEK6NxXC/pPmJ5rTt6Evt
-fAkqCQgGPtTh3oKSDDQwNQrBYHXKtlVrqgBCyz/7EOH7hcEhkHIrbsDondm1WlCO
-NB67OKc8Mb168kOL6xbKrZveax74T7ZeSikfehTukfSUT6S9m3Z6vPFRepaogQ6D
-hz+Lrl4ymzSesufbL+wCoOH9UVL+LNs2usHWXktYbd7G4eH6mgMsW6Lhs5v5NuzB
-c/ozEmaV42kQtteqM/r2nUFtliq6voMxQX8MCtJp1vw1TMM=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF5jCCA86gAwIBAgIQEQDFvydYwZlp/Gjtcp381zANBgkqhkiG9w0BAQwFADCB
-iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
-cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
-BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQw
-NzA0MDAwMDAwWhcNMjQwNzAzMjM1OTU5WjBNMQswCQYDVQQGEwJVUzEQMA4GA1UE
-ChMHU1NMLmNvbTEUMBIGA1UECxMLd3d3LnNzbC5jb20xFjAUBgNVBAMTDVNTTC5j
-b20gRFYgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAJEcVY7NR
-2qmRMLzC17tObKov3Jf1AQLOfZRfCi26JM4lYzJoW7uMO6RSwBJeP6pSBYthSWLc
-R+zd0bsQW5xKGITX51HYBH3daGWQEJIWVfL59cw3qhRsMQ5XP/IMZ15BOUxqGRVV
-7NnCBBVcrWVhrEqSZbM6o61lMBU3sQQlYep/Ie3Ce6ca8oWfX5h4hrWtxuRCiBB4
-EjxMB5KYOKJnQaOLEXaRhgr8cNHhzjl2KrKx/tCMtR/9pqy/+dOCKDiQWkg+hBoT
-D/hGc/B3x7KfHAbdLJTPrRdJrFnSwMWwPcrWGIrrud3w5VxzXBjPAzQn7Dg/hpGB
-NHEHBwKsLER3AgMBAAGjggGEMIIBgDAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dib
-wJ3ysgNmyzAdBgNVHQ4EFgQURpr9/FFefFRTUuKZ47My75Maf1YwDgYDVR0PAQH/
-BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
-CCsGAQUFBwMCMCEGA1UdIAQaMBgwDAYKKwYBBAGCqTABATAIBgZngQwBAgEwVQYD
-VR0fBE4wTDBKoEigRoZEaHR0cDovL2NybC50cnVzdC1wcm92aWRlci5jb20vVVNF
-UlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwgYAGCCsGAQUFBwEB
-BHQwcjBEBggrBgEFBQcwAoY4aHR0cDovL2NydC50cnVzdC1wcm92aWRlci5jb20v
-VVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9v
-Y3NwLnRydXN0LXByb3ZpZGVyLmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAB1RJZUdF
-d05ZN1SYdTZsDj9Rq9De097SCCWi0E97Ehc2MRQag98VqlZPrC2WM9q+C7Z5MvcM
-1njs15p55YRJbHjjECgiabKEPsx3xXH+oTb4kKzQjqMZV5CNC7K+5H4OaCtNcFEZ
-E2vWRI9hunFjTfTJ9VrKjGIwcYz30VtdB1vtk0Jaf0lnC4H1GOAdw3IwJgbygOeu
-ACY/1RH5U0ai2e9wWXsiADjBtHbiFPEzt5Cmu2wag9fPrX663Xs5TqjDNCPAgCLm
-ijzyrCQmlCaug332cwnYI5dA0Oa/eIV6lYZTev143bZWs+A6dQhXDJUQzfSvPsQS
-Pu/W3QAkw4vuZ97mVvgzK5LiDWps2N9Fw9b5Et4Op+cuy27I48fG3bRH0dROJwYs
-w+MrMc5Sy/TOl9a5UUmtq2jEJbEv7xU5x1bvhaFfBtxoF36sLLuPf19Aev4n2Y46
-Fou4Aup1eWVyS+XYKiaTGzxL5b4fbwhKItk8NptdrJ26YmdCl6cFNaabXHHak24W
-I0cF4+u8ATOxkdFkuLyWusWzfmfIMHX1ZHD3giYavooNnupzxnju58Tpc9AsCgyL
-rRxTbur5AscjOsHHfzeeTqflKtslTvJ9AvNkPLizR2cMk4+1h+6yDBHggsm0bZn0
-AeY5kXGfjIimFcd00xvjkVn41em3We1sghs=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGRDCCBCygAwIBAgIQPUAzplDVZ4/XrDyv8Aqq9TANBgkqhkiG9w0BAQwFADCB
-iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
-cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
-BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQw
-NzA0MDAwMDAwWhcNMjQwNzAzMjM1OTU5WjCBjDELMAkGA1UEBhMCVVMxEDAOBgNV
-BAoTB1NTTC5jb20xNTAzBgNVBAsTLENvbnRyb2xsZWQgYnkgQ09NT0RPIGV4Y2x1
-c2l2ZWx5IGZvciBTU0wuY29tMRQwEgYDVQQLEwt3d3cuc3NsLmNvbTEeMBwGA1UE
-AxMVU1NMLmNvbSBQcmVtaXVtIEVWIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEA+wB5R9swDZROqsIDCJGy9HwkDG1pLbBLPiJKRUSBYdqfHxtBfJ5K
-R87xqgOgV/XoB6pZYWYWXAwImTsLW3NihsYH8KGC0PYukcpyimW312ffYORzBSYp
-aae7go/P4a/0AfhzxW2kjm8I2BnS0pDBwubrUHqAoGU6kMvUyLnJnBPWypTGvmEt
-U1y+XUWs8C7+DweHX9GaBzZzBmel2Ze6Em8aMJjbgGd23UjeHC0fNTun4AnnIsF/
-2Mwl3h3JH7LR9DfxXB073X49Qu1m6bVr9Nh/t/psoJHCT0Qv9vPcD86sA6vX0yAm
-7cBGkFKIKSqUyCcxv3PfmJ/zIYootRVaOwIDAQABo4IBojCCAZ4wHwYDVR0jBBgw
-FoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFH1VBNH3NXwicT9L5lcS
-w4uapXRrMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
-JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA/BgNVHSAEODA2MDQGBFUdIAAwLDAq
-BggrBgEFBQcCARYeaHR0cHM6Ly9jcHMudHJ1c3QtcHJvdmlkZXIuY29tMFUGA1Ud
-HwROMEwwSqBIoEaGRGh0dHA6Ly9jcmwudHJ1c3QtcHJvdmlkZXIuY29tL1VTRVJU
-cnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMIGABggrBgEFBQcBAQR0
-MHIwRAYIKwYBBQUHMAKGOGh0dHA6Ly9jcnQudHJ1c3QtcHJvdmlkZXIuY29tL1VT
-RVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2Nz
-cC50cnVzdC1wcm92aWRlci5jb20wDQYJKoZIhvcNAQEMBQADggIBABIQ4AEb+qoD
-5g9du4+mqns+PFZHUCdcKBDtxEfSI9CcAGIDknuzUOQ6dOKfnfT3f/i6SDUFsB4A
-6wvdCGXUb4mCMP2GUpP3NiXaSjNMP5mnTcHwIGFFfM7iFKyG8ZheeDSw576AT6WQ
-QQ/xFLTGeKkY7/p/B0CvMA4oyQDrZVcFEBKzd5PjnrkmPw/uPKgsKZwYEpryg+fD
-TkntzlX9/BcxxtKwHEquxOs/gxssrMq1oWjDOVjaUv1+YKDwrwL9/gzXsNv3QHOo
-+RHoJsIocW8NBwhsXVnxaSZCtXMd/WASJGlg8NaGkRV0/w2efnLGNTwFkAKhSfR4
-m4u0lmKIad0dNObbAlcYkx+1i8Fg1njTPC29kqJurSPXt+9cfoPcjnRH56Vw9zDd
-QeM40+6c7RJCcmxfT9fhCdpyQlf7XpF4Qy+VR9ZAmD9W9E8uhBsfVLE1kjK1ZLyy
-VbLOIaqjh1+AY4eaHv+WvQd5H/Rl1lz/zwmihXfDVlql5RoIdgB2eoQ0KpsC3Y/e
-HEwRQ8mxE5RG7mNFaI/bi4hSZ2Sfg4TmzMcd2X9Db79ty9XpdV+a4bnct/NPr4Jt
-6f2lGeI8FfUYXN3sZ7+JFIbecs0GhiJGKuPxGi7wQ2fN9iNanpRCWmpF09Dqu9Uj
-D9SAl+/bdvOghSR/R7nrdLJFNlGWhral
+MIIE/jCCA+agAwIBAgIQCDZl3ED5ayay3q38bUvFbTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTQwNDIzMTIwMDAwWhcNMjkwNDIzMTIwMDAwWjBhMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBTZWN1cmUgQXV0aCBDQTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBANInLTMklu5GK6yK4LjHA9+yWlLkt3Hx
+O6eZ/N1FVZRW5BWx2PMI76IIXqDAigcEeJoF+xVhWe0BzEtDtBLnRVINsGpihJ+b
+ftFuu31KhtLKiyx4c5vjZbOoHBJfYphwqow+e/ILSBb30RBPjrazAZaMEa1Wz1S2
+FMHzqtBBSMEm8/EydoxwA7wrnIVNXrk1bd8g7EToBH8HuNy14ovgnD5RXPNGAeb2
+nJSFTIaM0Ikb4zzYvnsWlq2xkh6GFi1/TROjhq60cWqs4+8bKox6BKov6taYaaB6
+vshWAkBjfhZV0RZDbuC3D0mbp1LuC1Afp8Z5Ol4G+fyRUZNSQsT4gy0CAwEAAaOC
+AawwggGoMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHkGCCsG
+AQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t
+MEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl
+cnRBc3N1cmVkSURSb290Q0EuY3J0MIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8v
+Y3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3JsMDqg
+OKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURS
+b290Q0EuY3JsMEMGA1UdIAQ8MDowOAYKYIZIAYb9bAACBDAqMCgGCCsGAQUFBwIB
+FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBT2k9eyPc7O
+BLRmVQZEqdvR5e3qxjAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzAN
+BgkqhkiG9w0BAQsFAAOCAQEAEg2IQUfsC/n/rw1WrpOEOqGAfsrulSktrcRV8rMk
+pDaYwfGbiGVXk2w3RVphJf6BrctOSaDkj1o/UdFRX9MnxoCrmY7mPh6pRl7oOG3g
+yahSjX3k5FEmf5efSmTpzZQ2o4/Ca1/MT4M25tjIBGGylo49cTCZ6ll0FkL4juGL
+yCGk+HdL8fIjYE4FOmyizerTL7QXaOMM8ow09yuzQXR1Kr1AttNGVqe1B5X/VxHf
+xOsxaN53sv53DXyswrAsAWIVKlecpWQSnLhfyQ2wtn/+ZsTokeavELsIvFC8NmQg
+1080HqAT4IklRVZCERCk22WKyXHzzU40gSCqRJ/PS5UCMQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEdDCCA1ygAwIBAgIIPYR8G0q7MgIwDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBOZXR3b3JraW5nMB4XDTE0MDQyOTAyMjU1NVoXDTMwMTIzMTE0MDgyNFowQDEL
+MAkGA1UEBhMCVVMxGDAWBgNVBAoMD1RyZW5kIE1pY3JvIEluYzEXMBUGA1UEAwwO
+VHJlbmQgTWljcm8gQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC
+tz7qUBb61DHFYDbRj69nikk/4sbQ53NnPSrOBJEX3E59MAPoEO/biYzoMF4A3UdB
+LzZsRp4SYJZ0WybyvaExs9FHECfpcXohOCPkG7u1RC4EtUgMjw3lNvu3gDvyi5ut
+cdKI4uOwIkhD8objKuzSlU4IaUjsTaeIROKQHttkDMw7d8HhORy3QnTSIClZ3hgW
+DJZZHOyE2xhGhdyG/KfNlw/uXtJ9A5/YUPHp4dDfrQV2PUr+dTgs3BIh9r7dRngl
+a4BqbvNaH8Yw3fFJ8DqY118JH5GSQ3RQwHpz2f34n0y2PTSMLQlMUC2iRBOd8dhW
+Je5RGbKfveHXDfBgqdBBAgMBAAGjggFsMIIBaDBvBggrBgEFBQcBAQRjMGEwMgYI
+KwYBBQUHMAKGJmh0dHA6Ly9vY3NwLmFmZmlybXRydXN0LmNvbS9udHdrY2EuY3J0
+MCsGCCsGAQUFBzABhh9odHRwOi8vb2NzcC50cmVuZG1pY3JvLmNvbS9udHdrMB0G
+A1UdDgQWBBStMcf6As5n92Uc+7pfwLvFUExnyDAPBgNVHRMBAf8EBTADAQH/MB8G
+A1UdIwQYMBaAFAcf0uec2sJuokC0sHpQEFB0xMi9MEkGA1UdIARCMEAwPgYEVR0g
+ADA2MDQGCCsGAQUFBwIBFihodHRwOi8vd3d3LmFmZmlybXRydXN0LmNvbS9yZXNv
+dXJjZXMvY3BzMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuYWZmaXJtdHJ1
+c3QuY29tL2NybC9BZmZpcm1UcnVzdE5ldHdvcmtpbmcuY3JsMA4GA1UdDwEB/wQE
+AwIBBjANBgkqhkiG9w0BAQUFAAOCAQEADPu8ViwJnfsv1a+JcSPldgbVTnWObm8p
+26PDohmr3zJOEvz3RRGVz7NWukJw798lIfljV98ev08i+ygs7XbxgO9qqJPQ8ZFN
+ehMEqlL6IQk8EGa1WSaPN2SW0cY4zvYevE/8Qrl4F6x+QPe+CmsrVLwTdjIGK5pw
+fwcXx5KrGy1SYXuW2vg5MXzjjABPyN+c3rpYOBAlay2C0A/+uxz+Og9wiTIU3Ywn
+h2s/NWCNGQ+lqqVXCLZeBZ+zo+FtWizAqzkUIi+3DST5BhLnPUZZb5mFQbwoC61A
+UXy1sa5T68oU4+2fAw+lF8dVEffcA5mSQUJw/7RRxuOS1Qs9gJ3HpQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGXjCCBUagAwIBAgIMU1zSo6wT2dxKS4MKMA0GCSqGSIb3DQEBCwUAMIGCMQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEf
+MB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTAeFw0xNDA3MDgxNDM1MjFa
+Fw0yOTEyMjkxNDM1MjFaMHgxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVz
+dDEWMBQGA1UECgwNTWljcm9zZWMgTHRkLjEdMBsGA1UEAwwUZS1Temlnbm8gU1NM
+IENBIDIwMTQxHzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/z1KGU12pZR5il1tkzC8F9itEF/A5
+u3FQnzLdPqurZo4o7YTOKdkV/bzRnGf5xphe6LZHhENDZJ78LkSxUNs7jLMnMjp1
+UDoW0cREg5nstWDX7heSMD59HBrm1W8sHMvmfwch+wwGaSUhzglff2WzdzCADqaB
+YkVTgm3XoEpGaoBMYAoyTnVbs2QX40AfGbzcQUDRxm4zcTU5ovfM6c3obQkCp4+s
+1K5nsmTzO/MnH1t+eE+0mt58aMwrqTe3vjabnppgDmMN2nXDEErjb9HrD/pv9Yeq
+XmWPzKTfJ0veEi/xndoeSkQOXETDB0u8vQlu/bmTgBUs3skzWp2X0vLbAgMBAAGj
+ggLbMIIC1zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA7BgNVHSAE
+NDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL2NwLmUtc3ppZ25vLmh1
+L2FjcHMwHQYDVR0OBBYEFN5qsE5DqghBR3S/pYqBVEwgxXUoMB8GA1UdIwQYMBaA
+FMsPxt9CQ8w9y7VII6EaeqYquzRoMBsGA1UdEQQUMBKBEGluZm9AZS1zemlnbm8u
+aHUwgbYGA1UdHwSBrjCBqzA3oDWgM4YxaHR0cDovL3Jvb3RjYTIwMDktY3JsMS5l
+LXN6aWduby5odS9yb290Y2EyMDA5LmNybDA3oDWgM4YxaHR0cDovL3Jvb3RjYTIw
+MDktY3JsMi5lLXN6aWduby5odS9yb290Y2EyMDA5LmNybDA3oDWgM4YxaHR0cDov
+L3Jvb3RjYTIwMDktY3JsMy5lLXN6aWduby5odS9yb290Y2EyMDA5LmNybDCCAV8G
+CCsGAQUFBwEBBIIBUTCCAU0wLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDA5
+LW9jc3AxLmUtc3ppZ25vLmh1MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAw
+OS1vY3NwMi5lLXN6aWduby5odTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIw
+MDktb2NzcDMuZS1zemlnbm8uaHUwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2Ey
+MDA5LWNhMS5lLXN6aWduby5odS9yb290Y2EyMDA5LmNydDA8BggrBgEFBQcwAoYw
+aHR0cDovL3Jvb3RjYTIwMDktY2EyLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3J0
+MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAwOS1jYTMuZS1zemlnbm8uaHUv
+cm9vdGNhMjAwOS5jcnQwDQYJKoZIhvcNAQELBQADggEBALEgpxbV/mGh1vWAO8dx
+ONwv+aP7Nb5dXTP0YjtrIE6a5zV+IpXK+inu+OJftAHV0an32ovpzpta2EvR5ci/
+C7o9h8eyforkTxMDndPwZ97ey/5qaz48t7wdz6w6YXCs5LpMzU4BmG+ubTdGNZQv
+w6cwlxRl3p2KZTZbyJj7t3fM5JcrKVwn8844bfFTKSQni90xzxiO8bz5LjFoDMii
+vCKKMZXHpZMEi4QsyEKT6sqT+RXp8dsRrdJ/klSu8kUQu4xyWTTTMVs9cCG7ZxzR
+VyNLg3Rc7vMcYCe5KOiP+H1y0pR9FRSGqMS7Rwa0A4J5nMlGKogQ5R/pp715cMbK
+mpQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEazCCA1OgAwIBAgIQA9+F79E56kT/uLNjC5PDgTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE0MDczMDEyMDAwMFoXDTI5MDczMDEyMDAwMFowSTEL
+MAkGA1UEBhMCVVMxEjAQBgNVBAoTCU5DQyBHcm91cDEmMCQGA1UEAxMdTkNDIEdy
+b3VwIFNlY3VyZSBTZXJ2ZXIgQ0EgRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC2uZSgRGV3p6PtPGcS0gMV4XWvwL26DDDr7ZxCRg7fztUXmzCnSf7E
+WfqmH/ocyuuM1lHN1osMq5anqG01JKWGRojF1tVYkkovhS8BuHxOMnogGYfkuJ/b
+/K4+zbt7/x9VNgfALrNRXYooW6vmtC9KbNBkbqdvbk+AIfBBJifqi62zwzGKZDo6
+EuN+EH1PDKKQ5lvqwYxByqUyIB5vuEt1o0rirzhADt9+onZf/xHYniRTLHgzymCu
+aE1G3zmN2FHvZ0bUsZ7W+jhLGfNpXUlsmF9jSqRBXpbIXstPH0OTFUkQKaSEO+bL
+r6Ts/hfp8QMvhv8NZ/5YIL6MdMmkUKmzAgMBAAGjggEqMIIBJjASBgNVHRMBAf8E
+CDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjA0BggrBgEFBQcBAQQoMCYwJAYIKwYB
+BQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8
+hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNl
+RVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxo
+dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBQ87IfvMZCBDgP/
+KweutFOlFaf4AjAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkq
+hkiG9w0BAQsFAAOCAQEAFCulovpoxglyMzjOuGhhX6ocwXQO8Bt9B4/0i6JYAFxQ
+3ODGGgZXvROKcvokQ1Hqu8iyFFhSd1Utn4p0xIXvZ3NadKPg5KGoLZ+SK/B/9ON6
+m1JGNW7j2KvTC3hTi+c9uLY1EhaLFmhLYJRCbmsH2x3DnuSqxgZzOktEYiMF89Y+
+jTmv0xQDTBeCvowcYH2EIESYqKJZWQv5Zw1YL05gAOsKa5BEzw02mJaBwOnOzmSn
+I0zCgEq6nt5QvIdQprKmeDymrNyNe2xXtCOUveRBqYJJAcvYTIT+nQE0QLwXyJZb
+aZCufjoISZ8W32A94SV46772j2OADEsMie1itDOfmw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDCDCCAo6gAwIBAgIQBisUooxA/doqHLuQyWZxhTAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0xNDA3MzAxMjAwMDBaFw0yOTA3MzAxMjAwMDBaMEkxCzAJBgNVBAYTAlVTMRIw
+EAYDVQQKEwlOQ0MgR3JvdXAxJjAkBgNVBAMTHU5DQyBHcm91cCBTZWN1cmUgU2Vy
+dmVyIENBIEczMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE3HjL+h7dpWOWRrjmvW+W
+EyQkquhBEkJiwwg4fuQHWKc/u9CnyfOD1vEnZXTe9TcUJHFjgc8yDhi5iOhJSzEx
+NtsmQMAdIWGAw983ZR2jENXX8qyz3e/TgLe+VsFcMQrUo4IBITCCAR0wEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAmMCQG
+CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3
+oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9v
+dEczLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6
+Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUlr8KhkPeF3L2R/GS3vdz
+FU6Y/qEwHwYDVR0jBBgwFoAUs9tIpPmhxdiuNkHMEWNpYim8S8YwCgYIKoZIzj0E
+AwMDaAAwZQIxALPzIzcJdz/2iM3p2/A190jXXlzbylmhR00uPTsC9bfKgvuAVZYL
+GZZUbATzxV0NCwIwNEpccZ6ZoBgQk/GauEtmSMCTME4bq/Y4Al8LEygff72v+C43
+S6wbDy3oYxEK3+hY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWTCCBEGgAwIBAgIQBN0cbUmTeTXHxmJCjRk89jANBgkqhkiG9w0BAQwFADBi
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
+RzQwHhcNMTQwNzMwMTIwMDAwWhcNMjkwNzMwMTIwMDAwWjBJMQswCQYDVQQGEwJV
+UzESMBAGA1UEChMJTkNDIEdyb3VwMSYwJAYDVQQDEx1OQ0MgR3JvdXAgU2VjdXJl
+IFNlcnZlciBDQSBHNDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOLZ
+zAPj2homzi7F4RrdJ6JWg2hooY1vy6r1Ew69ZNana3aVTKyd9KmjJrd37qtdaAyf
+t+FBytiPtKmcB69U/PqWyHobxcidynU8arUI+2zBrDg0BkcMfoRS6gcY+NC2odHM
+YiocIpIsEevhyzj5hEv/ZfMBvV855J5PQq/d5v05QukRoxHfXlnogivQFky0tCN/
+H65K1unCSXdNNxLcR2OKpUnbXQkS99YMk8z9dcl+AEMPusK8IuINFq/pteaTLxMY
++bO/tcrepu084UjEHTLQ8XbBStaWwVV7Ah6+aUFyqMmtPvB85El+qK50IkmtmG7+
+m33abIam95LIfx7KZuhJzX9uCQGch4i0MOQuJVmOZ48FKdhOwRbS/QHeN03PYLNB
+ewspdcnQXqGILhQKZJRQqyqqO3ENcCHbf7eojjpZX9nqEvSHPSs6WL40HYDyYDn+
+44k+mHDlCudxjws5ZaTzFn0xPAtslQBJgdJ8iQbsgb57AjcGD+GYUombYpOiP6Qk
+8xE2D+FYqmg9BSS11AmsdAGivK1+lS7U9MlE80GeVBos8xYMnC0sfVJ8+eDVeBLr
+9ldm4RKT91Slks9jGBOwPQSoHcigMEf07tCdSYyu3eyqckPpIs5PVgYLfiHEmb2+
+XxxIYjG5NCijtQxlOypUd+Snfhckar3DhWgpAnRdAgMBAAGjggEiMIIBHjASBgNV
+HRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjA0BggrBgEFBQcBAQQoMCYw
+JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBDBgNVHR8EPDA6
+MDigNqA0hjJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVk
+Um9vdEc0LmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0
+cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUqGIOJHClHiRaeqmZ
++RSCXHR7IJcwHwYDVR0jBBgwFoAU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZI
+hvcNAQEMBQADggIBAFMYiPo5TmPsWU2JM4Wi7BNQA+UvoPSP4ic5fQzZcNW7d2xa
+mjXgUSxsrdXRQFUEVBlzVYolBfWobjU172cETVkyP+hETDzurgBppGRLOlvMahY9
+g9+2ljFjZoVt8dAZjjqPeBCYMBfK7in1coysOYZ1hcFyS9ZpiX1CQ/Xid6XI3S32
+oTgsYSkgCpdtt+JVFyNoCReiGL1cnY+BumVE30zW/BiuFia/bChHv2/rcdM6MmFa
+XfrvHFxSL4WenjujbQbSmxafs0ny/OvEhSwgYkfngwf1QbuzNXeyeG6HWtLBaCNv
+/AGZGeDFAD1UF9RZhSuZm+mSuoLXnjgOqZUBwhY//Zlr8NLL262a5WGhZBMAsDC4
+H4NwB2k3xB6Csqm4GCk48cV51wk/VqgpJcO91ulNJGhv20UXoHL+Zhh5QsGfbiJF
+wWVEPe6wnQBkf2Zwy12ID+bq5LLYNBnbUb9XBUdUUiV9SQK3DEKjyI8Cgm08ayDW
+teo1j/EH223H6J4DjIE8SH3pLludwvaKsezLtFH0WNK2hS/6LsyVcMTScZ1CT+/5
+nIoY4lj/SW3JQ3uqlsFlL7OLg/r56/kgmdfLvkdkB4tfuCnyXdNuol+7qbWrzWnu
+5eVnU93nqwmCppBy6F4TlXXPiAUPA2gFuAjItgATSC5BqprpD4lC7ft3XocO
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIGFzCCA/+gAwIBAgIQckB41CE86gO/FOVeP1YCNzANBgkqhkiG9w0BAQwFADCB
@@ -3451,223 +4512,6 @@ f4IBVKdueeVTJml/Ixzf5k8bZ0zKfhJZ4IuUVKxV+jpIX28r9WBYG1ebg7zmv6OG
 eihe0bB0IaOytrl1dSpUmqHaqPjhM2CJd3sC8rZPZ8rQ
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEJTCCAw2gAwIBAgIDAjp3MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMTQwODI5MjEzOTMyWhcNMjIwNTIwMjEzOTMyWjBHMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXUmFwaWRTU0wg
-U0hBMjU2IENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv
-VJvZWF0eLFbG1eh/9H0WA//Qi1rkjqfdVC7UBMBdmJyNkA+8EGVf2prWRHzAn7Xp
-SowLBkMEu/SW4ib2YQGRZjEiwzQ0Xz8/kS9EX9zHFLYDn4ZLDqP/oIACg8PTH2lS
-1p1kD8mD5xvEcKyU58Okaiy9uJ5p2L4KjxZjWmhxgHsw3hUEv8zTvz5IBVV6s9cQ
-DAP8m/0Ip4yM26eO8R5j3LMBL3+vV8M8SKeDaCGnL+enP/C1DPz1hNFTvA5yT2AM
-QriYrRmIV9cE7Ie/fodOoyH5U/02mEiN1vi7SPIpyGTRzFRIU4uvt2UevykzKdkp
-YEj4/5G8V1jlNS67abZZAgMBAAGjggEdMIIBGTAfBgNVHSMEGDAWgBTAephojYn7
-qwVkDBF9qn1luMrMTjAdBgNVHQ4EFgQUw5zz/NNGCDS7zkZ/oHxb8+IIy1kwEgYD
-VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNQYDVR0fBC4wLDAqoCig
-JoYkaHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9iYWwuY3JsMC4GCCsGAQUF
-BwEBBCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL2cuc3ltY2QuY29tMEwGA1UdIARF
-MEMwQQYKYIZIAYb4RQEHNjAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdlb3Ry
-dXN0LmNvbS9yZXNvdXJjZXMvY3BzMA0GCSqGSIb3DQEBCwUAA4IBAQCjWB7GQzKs
-rC+TeLfqrlRARy1+eI1Q9vhmrNZPc9ZE768LzFvB9E+aj0l+YK/CJ8cW8fuTgZCp
-fO9vfm5FlBaEvexJ8cQO9K8EWYOHDyw7l8NaEpt7BDV7o5UzCHuTcSJCs6nZb0+B
-kvwHtnm8hEqddwnxxYny8LScVKoSew26T++TGezvfU5ho452nFnPjJSxhJf3GrkH
-uLLGTxN5279PURt/aQ1RKsHWFf83UTRlUfQevjhq7A6rvz17OQV79PP7GqHQyH5O
-ZI3NjGFVkP46yl0lD/gdo0p0Vk8aVUBwdSWmMy66S6VdU5oNMOGNX2Esr8zvsJmh
-gP8L8mJMcCaY
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIERDCCAyygAwIBAgIDAjp4MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMTQwODI5MjIyNDU4WhcNMjIwNTIwMjIyNDU4WjBmMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UECxMURG9tYWluIFZh
-bGlkYXRlZCBTU0wxIDAeBgNVBAMTF0dlb1RydXN0IERWIFNTTCBDQSAtIEc0MIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30GUetr35DFDtuoBG1zOY+r6
-baPZau4tmnX51ZxbvTTf2BzJbdgEiNputbe18DCuQNZd+sRTwdQinQROEaaV1UV8
-QQVY4Ezd+e5VvV9G3K0TCJ0s5PeC5gcrng6MNKHOxKHggXCGAAY/Lep8myiuGyiL
-OQnT5/BFpLG6EWeQVXuP3u04XKHh44PEw3KRT5juHMKAqmSlPoNiHMzgnvhawBMS
-faKni6PnnyrXm8rL7ZcBnCiEUQRQQby0/HjpG88U6h8P/C4BMo22NcsKGDvsWj48
-G9OZQx4v973zWxK5B17tPtGph8x3cifU2XWiY0uTNr3lXNe/X3kNszKnC7JjIwID
-AQABo4IBHTCCARkwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwRfap9ZbjKzE4wHQYD
-VR0OBBYEFAtQ7HfvKpv/7AOhCv+txuQqGMc+MBIGA1UdEwEB/wQIMAYBAf8CAQAw
-DgYDVR0PAQH/BAQDAgEGMDUGA1UdHwQuMCwwKqAooCaGJGh0dHA6Ly9nLnN5bWNi
-LmNvbS9jcmxzL2d0Z2xvYmFsLmNybDAuBggrBgEFBQcBAQQiMCAwHgYIKwYBBQUH
-MAGGEmh0dHA6Ly9nLnN5bWNkLmNvbTBMBgNVHSAERTBDMEEGCmCGSAGG+EUBBzYw
-MzAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90cnVzdC5jb20vcmVzb3VyY2Vz
-L2NwczANBgkqhkiG9w0BAQsFAAOCAQEAMyTVkKopDDW5L8PHQpPAxhBLAwh2hBCi
-4OdTEifyCtp/Otz9XHlajxd0Q1Ox1dFdWbmmhGTK8ToKWZYQv6mBV4tch9x/4+S7
-BXqgMgkTThCBKB+cA2K89AG1KYNGB7nnuF3I6dHdrTv4NNvB0ZWpkRjtPCw3EU3M
-/lM+UEP5w1ZBrFObbAWymuLgWVcwMrYmThMlzfpIcA91VWAR9TvVXlo8i1sPD2JC
-SGGFixD0wYi/f1+KwtfNK5RcHzRKCK/rromoSHVVlR27wJoBufQDIj7U5lIwDWe5
-wJH9LUwwjr2MpQSRu6Srfw/Yb/BmAMmjXPWwj4PmnFrmtrnFvL7kAg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEIjCCAwqgAwIBAgIDAjp5MA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT
-MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i
-YWwgQ0EwHhcNMTQwOTA4MjA0MTEwWhcNMjIwNTIwMjA0MTEwWjBEMQswCQYDVQQG
-EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3Qg
-U1NMIENBIC0gRzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCafZho
-EUDBX3LsVbOxY/MyInKRxhYFuwiCMbT27tQYOREvLtpH/lExblvyqQrrL7v1YVll
-VwLNgP/HcDJUif3brply1E8MJrkuYzB93hRbatdSeCH5v7xQ1VQSWdi1NtkhR7g/
-algdjHLhl5XT4UWo8Vrlvv7jU3yl8FLgzzmUDBlx8sAlB0h9HObxOSUvmHlD6Bhy
-9GWGmFoABEfaS1gefIaxSzWmIAAczRs7Il3RkygzEiOUCKrDOvXRxox+mdMYoK2d
-GM9JrRAD95kzJoZGmi+gumxuyIgCt276ep6YSu6aMX0ZFGAM7I8gIzzalya26oBs
-ileeIO5vFyVKMq01AgMBAAGjggEdMIIBGTAfBgNVHSMEGDAWgBTAephojYn7qwVk
-DBF9qn1luMrMTjAdBgNVHQ4EFgQUrDLtWsng3jCckFhVJmP2cqZUX+MwEgYDVR0T
-AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwNQYDVR0fBC4wLDAqoCigJoYk
-aHR0cDovL2cuc3ltY2IuY29tL2NybHMvZ3RnbG9iYWwuY3JsMC4GCCsGAQUFBwEB
-BCIwIDAeBggrBgEFBQcwAYYSaHR0cDovL2cuc3ltY2QuY29tMEwGA1UdIARFMEMw
-QQYKYIZIAYb4RQEHNjAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdlb3RydXN0
-LmNvbS9yZXNvdXJjZXMvY3BzMA0GCSqGSIb3DQEBCwUAA4IBAQBhQK0hDwO7ldyJ
-/KPLBXHpHFmXNcL6awWkFsZWRjd0GxvxPizoNxm3lNIPDsW/FAcrNM1btI3HVp0Z
-/AK0npAx+qRExnXd3R8lVKMwTKzb/sSI9zEmGEeuTCAZGseuPpgKFj3SwqZdDS4p
-fbKdx0EyF8qdrjm/kZje50TilZyUXGxCG1nJe2gTqJYJdO5AFKTV18l7M6MPWmmc
-GvpvEkcc3x5McE5t3f4ch7Wd4VQHCYrNvqqoRnhuFvLnkQ7Dr9p2ANHYokYkA6Ua
-hYFWg2MnupCO+WIRuqd8kKkaZrTFvI8pQavrjZmmzJFkutzGpkyztCMmUXJW+fN0
-VZ8ldU8r
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGETCCA/mgAwIBAgIQOnMhY/ZQ3WfkOxW0SClJ+DANBgkqhkiG9w0BAQwFADCB
-iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
-cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
-BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQw
-OTA5MDAwMDAwWhcNMjQwOTA4MjM1OTU5WjCBhjELMAkGA1UEBhMCQlIxCzAJBgNV
-BAgTAlNQMRMwEQYDVQQHDApTw6NvIFBhdWxvMRswGQYDVQQKExJTaXRlIEJsaW5k
-YWRvIFMuQS4xHzAdBgNVBAsMFkNlcnRpZmljYcOnw6NvIERpZ2l0YWwxFzAVBgNV
-BAMTDlNTTCBCbGluZGFkbyAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
-AQEA27gLObR5F+fz/FriSBjuUoehzhhxN0pleMDOCfWYxfOypJQoK1bKMqrv68b0
-fTaTJsW5UIkUPjTw0BqlWaF9pHSwpiDp8D7VfE4q1gYvHovjhhqtyf9/9x5wDBgW
-P/Gz8FxpOyEf0cxcgYi0Dx9/YmdWMpMHv22bH9xZ7q6Swj6AlaG8xnli8C9772RZ
-TIDLSW1OU1vwIGmvZqQF02LmZejFvJVMnwvMopBCzi005p5Q4BlZkerFNHkI0+Gt
-sPL9wbzqluQhBqHdutcd5TIqxUarofq6VzcujabzbKhPotTSHFbZam7rAfI5ZMIG
-6u3hEJzknZuypkpwQooU+60LKQIDAQABo4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/
-WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFCEW+q4Y55ZzxZTyfyqWoBmAwBBv
-MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQG
-CCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgIoMAgG
-BmeBDAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5j
-b20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYB
-BQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20v
-VVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
-Y3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAH+ADUvWUlP7ah2r
-2mSROQAPa4YKz602/H5WGhLK9kQd7wKGCAPiAhHQOOQu/cb2KGp/8O4qkctoaTvR
-fXI+f8Q4HRwdqWqdnWhcY2T0qvnyji7iYdVPSNcGnlcqQM8QlUODN9nyC4t8IhxH
-sgcqCzLix3SUM/TH5BKlpsuETp7emHOcnhwIqx6O3ydph0iSySa2NopYSlur7J9u
-w1WP/clHoXVMvXAlGoERVBFoWbzRQD6WIBkM3jFj5nG1pYQkifdhhv6DLFk9h7Mo
-ag9VrDQMmIBga0pqGQ32MzLXHniOJyHlx3iChCbHFmMoDWO/2LPLhbbpb44tm6YS
-iWuTNatN3DcfSgzrg1LhnSKxfaCqxuUBvdKDdr6vI4SnQo78277zcsQQCzWbAPua
-h98PO5mDoe4Os6+q1WCydSHVyivSgFSK67+0a0hheMvBBXSUAkKczPdl0yBur42q
-PwdF1oGfrtNwHnvXHhk3Hm18SUGbIFwxSE2836iFu0cHJ5K4VZ2i7bWiI2P/y4Wq
-mY0RoKeDWkHWQ4rcOmwyiLbXhGIwK7dxWd9+aQRxRIEPCLwdlEF0T1IjUPG7j+ne
-KipXDFY5ErMh5F11QTJLCy8YUm+bZb4ylVHYbdzty6CK/GVT/p9pm11SwP92ALyH
-fPh7/vlyVklVg+ojIkngjHP06Wo5
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGZjCCBE6gAwIBAgIQXhAp2qwb65erD/cwcoNKizANBgkqhkiG9w0BAQwFADCB
-hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
-A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
-BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwOTA5
-MDAwMDAwWhcNMjQwOTA4MjM1OTU5WjCByzELMAkGA1UEBhMCQlIxCzAJBgNVBAgT
-AlNQMRMwEQYDVQQHDApTw6NvIFBhdWxvMRswGQYDVQQKExJTaXRlIEJsaW5kYWRv
-IFMuQS4xQDA+BgNVBAsTN0NvbnRyb2xsZWQgYnkgQ09NT0RPIGV4Y2x1c2l2ZWx5
-IGZvciBTaXRlIEJsaW5kYWRvIFMuQS4xHzAdBgNVBAsMFkNlcnRpZmljYcOnw6Nv
-IERpZ2l0YWwxGjAYBgNVBAMTEVNTTCBCbGluZGFkbyBFViAyMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsAwuQngySVT2wWgmNPFjQmbPEv3kxt0b+vIR
-8qTUkdTx7bS9+yBpdWQdGfgl8bmh8jC7b8TFA5vkvQTmwegymj4uJdpDgvfv/jX7
-qspNyGKjRgV0l3dgWa0K4gKSgcc9ewMc3edrQsGGq//T6eCHB3NKUSFKtKzZJA+T
-a7+olEQdUtFjEUOoJXWrqXpPMyugzCAjpXkVPCRw6Zr/rUuxNVug8kWZPisOdn37
-IK3uqMtyTrcZfrTIjO9NdlCjxiNE+/V7HRkmGtcYOKWzhyKOH4Hl4f4bMvaMSZlL
-JIRg7t5K1SzwVbHyuSnWbieY3dU9xm6N210Nm2X4i712bujKJQIDAQABo4IBiDCC
-AYQwHwYDVR0jBBgwFoAUu69+Aj36pvE8hI6t7jiY7NkyMtQwHQYDVR0OBBYEFAM1
-3g55AZ2hMUGG+PJt60nIs8aFMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAG
-AQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA+BgNVHSAENzA1
-MDMGBFUdIAAwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNv
-bS9DUFMwTAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL2NybC5jb21vZG9jYS5jb20v
-Q09NT0RPUlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEE
-ZTBjMDsGCCsGAQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9S
-U0FBZGRUcnVzdENBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2Rv
-Y2EuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAQm8wapory7w6ITi/aRGoiso7iApXY
-sH00q08BQLyt9Y3b163EDWBJJZSlwnwOskJBFgm2U/qq+BwSMq4HD4hzSztfGaV0
-lLlnXa7Kv3AByS0TYWpQKzi1fshkZlMAyhXYjNQtMb+EnJ2DvRCIf5acs07hKAdY
-zWGW8StZwQWYTgrPw2n7SORrGXFyEr3tSFvPdabbQiZaJ8N+B/NBjQ8lQQcFaNNO
-eMAe/axkatz6XFZHXqJR/Fl2LU61wnuYv0TEwkqThSRDGoSzt/f+vfFFoZljr/Gz
-fEK6Rj1jMTih0GHHk2HYyLERCD47jtaOk540/HC9WhhQfLTemnNoXrhpCureLpnN
-H3nvkpcALqntlDTx8bvx6ZgVPz1g4oi6siHsb/kCHt9AQrNg1VUsEuK5fCUILxIU
-M2y/xLB+XzpXDpNdkM7tQUpDe3kgA4cmA9BCXgyRuBrrRxbcxDmh+iq7ken7tmPk
-WcIwtyeqMLKspSYlecSK4xBTmAH2U+GZkl89ZnJjE5MMaId3bnZZ97Agj01csquI
-GVvztu0+Lm+6ZVrXNiuzCxjeJtVLqJ7raDyeUX1UI3lm6YlUhBRanv8Ox5OzYOPC
-ElNdfP+5fmM9ydpXhnG/h/jWkWCH76FwmN79tFjSQSBGaxUqUZLQYG2p3AAgATaQ
-35R6Egl4TpUq9g==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGBzCCA++gAwIBAgIQDaZOQ/28zMt/YzwTjy9AtTANBgkqhkiG9w0BAQwFADCB
-iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
-cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
-BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQw
-OTEwMDAwMDAwWhcNMjQwOTA5MjM1OTU5WjB9MQswCQYDVQQGEwJVUzELMAkGA1UE
-CBMCREUxEzARBgNVBAcTCldpbG1pbmd0b24xHDAaBgNVBAoTE0dsb2JlIEhvc3Rp
-bmcsIEluYy4xLjAsBgNVBAMTJUdsb2JlU1NMIERWIENlcnRpZmljYXRpb24gQXV0
-aG9yaXR5IDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSEe/0TFcs
-tqrDFxNXhHncTLRkMTg71GveKpJ3OiqHuLyrevK1Zg1YWKB3mm3t0BpYjRYXRpLg
-UBPU2fy5pu6bHaNZPw8t/Lcq/Mwqtp3eEN/kSAuIqznVY5IWrpFZvB+E4EknWQCg
-FldExf1mKMDdHsJofLuZSwK1ywXzIaPvdoxfCU1hxnMm7huA1NzFh8VaKN85SNQ2
-4+5wx+NF74kPomBYcbSn436f1VLLmN0P2eFY88BP1H2Ovb4u7P9YzflSOA6KqeO0
-pNG7agyFMsKIhgG1YmJZLcXIeTtdcfId3aCDraorvN9bL5CABChiGeWcvksh34xf
-4Y7CPg0lCvQhAgMBAAGjggF1MIIBcTAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dib
-wJ3ysgNmyzAdBgNVHQ4EFgQUxqw3y5GvyqS3LzYP8MthVPdxN+0wDgYDVR0PAQH/
-BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
-CCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAhswCAYGZ4EMAQIBMFAG
-A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1
-c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgw
-PwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS
-U0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
-dXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEACJUXr10ifJpphFWptiQaZcO9u08+
-nWSnS3+laMVY25O04YNhjWchyo/qH34gACA1+kNiLCicr2t+C8CPThli2qOpPVGu
-rpqxC3roRDWfP9On03TDOVkXrNHLhdimkhAE7j22zEWbmSLhRif4s2bLx6ZhoOJM
-Dlyzb44KezOFESYVTbmB/6yPHehQSxiCvx6ZfU389oNG9/iiS2gIIpmSQjRUwTcB
-Q33IpTMUaLF3H+TAFWKJItOsyURYv1LCnz/hbB346l5dMVoCUh2wUTCBk55XZ0+v
-PU8ucyu5hGnVumfBese0AgDS85z+iK90mxAFmAuVvlTof+wJaCmShtdpKSjPgVlO
-RNmFLD9zoedEVDgSM2EVSTYdnlQhbxyYx/juMXegHIcx+VK9SfAtnnN4nccoXxPt
-2l9zV/yPIkNhS+NHRvWiBVlxHny3iGOv4atWhqw2Lt2GkWKgbRAjiC6p1LVa7dCK
-bY9Ep8OHHS6XXIcS2ubwvsKDWu0rnLCTFPCTbt2AoMH5heXk8mexD1pqexBatjcS
-edBM02cHghlsbX6ioCU0V5882LN19si2nR+ifG9hmEreaF3VnuvIxja9Ss4HqhLt
-ryx56iZ5uPtmTgxMkNkwkQLakJXbZpUVnLUTmL5VO3KdcN8OvP+VqqQ/bGIzPFgD
-REUBSn6b6BJ50ds=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGEjCCA/qgAwIBAgIRAPeCIneztajhC2LD+k4K+RwwDQYJKoZIhvcNAQEMBQAw
-gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
-ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
-VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE0
-MDkxMDAwMDAwMFoXDTI0MDkwOTIzNTk1OVowgYYxCzAJBgNVBAYTAlVTMQswCQYD
-VQQIEwJERTETMBEGA1UEBxMKV2lsbWluZ3RvbjEkMCIGA1UEChMbQ29ycG9yYXRp
-b24gU2VydmljZSBDb21wYW55MS8wLQYDVQQDEyZUcnVzdGVkIFNlY3VyZSBDZXJ0
-aWZpY2F0ZSBBdXRob3JpdHkgNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
-ggEBAI0GNgsj2QI1JOdYk8aNg/0JtkcQDJ8oVyVm1qosht+fd7UJuxnE+cfbrEiV
-heNHkCTUSAgHNYPAtMvTRpTW5SoXp5ywE9vstT+QEyTCh9hXe/Ix+9rHKaYiRV+H
-vfJapC9UmXHFP0V/eQPMRcS6kFjY/kLgGkpy/NmBblvAfw+BIqW7u1l+lxkJ9qOu
-SzcetveuGLsuekM9cc0bzChx5W3lc0kAbX/1KKiaByk/oMf3qHFkDf9q2KfrpY9A
-/KE4hgLdTC5hKrQrehazl7b+Epmx8G2MvsK28Vl7m1QD35vxtKHHiuDNOQdF5Ct4
-JtXfi2Kuzi1Q6bEVQymayy1DjwcCAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5
-v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTyu1Xu/I/P0D8UaBqVfnkOqxcw
-9DAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAU
-BggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICCDAI
-BgZngQwBAgIwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3Qu
-Y29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsG
-AQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29t
-L1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8v
-b2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAGsUdhGf+feSte
-4SOKj+2XtTfw4uo5t21lm1kXoRPM/ObB8yzzuVscvwnZ8Dn8PXjQXlP3ycqtc91X
-g4i63y48TUjsrK1/d6IvWAuzMN7tkEzVbBVFWlZz9jxYMmeGhrZ5HFOIjYJRRduQ
-4jTYZFjX+cm5b8baZuS43nRqsYGARFYlsxIzUGSOITM6W0QZ7s15p6Nh7nRMGR/g
-m2qShUIzj2RDEz2XXDDTsVT9NnN7b2WhbBMmsXRxY7ERL/oZ6sZLzz7g0tdP/fOx
-geY+CWp891EqIxQLd5HYdIyGXesILMu8EaX9zMY76kbahJ0HKL//f0+S2SKDaYe7
-6APSyu1jqjfEUeaBSlPlvP5pXbygHjr/gQDVPyFzre6+Di+qZSIvcWuqo/jV2jJk
-Ixd1rieFcsdkepYyAPC5GxNzHg0eWG9N669bnSxpvVDvmEl6ztbp7gxM3ciisBQz
-OLApig0V1N+0+YUXUq5f/0lenGZ9cqN3cs0/8ClTp1p3o84ErzFhjWQCIaBTODTS
-hYvB1+z6Hf2ljqD50KHs/80KO4mQBsPZjod8rQQa2KP0W3yvCBR6Z7ZUKTGGB0FV
-Q29vl2FmGkHV80dWIIgWzkU6ajnQXygkTr46jKxNXqT+G5+FaY79d0Vpf9XNg+m1
-Kw/4P1yG/5xtH6HrU2uqz3qOmM4yWg==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIEzjCCA7agAwIBAgIQJt3SK0bJxE1aaU05gH5yrTANBgkqhkiG9w0BAQsFADB+
 MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B
 LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD
@@ -3780,72 +4624,111 @@ BFUNKdQQrInpvGFqiQ8uwOde6gp58IpH1e1h8DIoc/vNa9v/7lZ5s48Q172lFkug
 v4FHHMdGV2C1grGQtXyS876ZGk9D5b9Q+SerjBC80hlfGAOt96PK+j0=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIF5DCCA8ygAwIBAgIQPva+24qlPXTOCVI4eVN8uDANBgkqhkiG9w0BAQwFADCB
-iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
-cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
-BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQw
-OTEyMDAwMDAwWhcNMjQwOTExMjM1OTU5WjBaMQswCQYDVQQGEwJGUjEOMAwGA1UE
-CBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4wDAYDVQQKEwVHYW5kaTEbMBkGA1UE
-AxMSR2FuZGkgUHJvIFNTTCBDQSAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEAg7ufqS/yyAR8lQNk2omRMFBQj8vCrtvpDCDVeKjyMo48noBrVN6nt76O
-n2/6cB5kmUVZaJefmnxxUxRkQmrA3UbYNOZ1ljSQnRvMb8ylBOy06baMYMly1Nvn
-ASWXsMUTbqxlvHbV0pbfDNCar7yqmkBPYFKprUn3UXPZl18+JnL41Co0Ji8gLb5z
-1abwKavmi0A1xu0I7md3ngln8soB0CuXukmHGnGXXQxyHBx149UbWA/na6qrg0o0
-cVKCB7fZK9ZhAnZndzZ+RK500zKXofN4BDeHGdfNoPYspLTvBZN48F/vHPHKlXpl
-b4ZPEV6N7+MocvupxYdwDzcyL0N8TQIDAQABo4IBdTCCAXEwHwYDVR0jBBgwFoAU
-U3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFIDNSWy0U4QE4sr2jbFI2tgN
-lUtOMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQW
-MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgIa
-MAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVz
-dC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYI
-KwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5j
-b20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
-Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAE0luokv7q6m
-R5cUofblxv4iji34eHqk/PqNb58KYJRTb9+totbM2jCGVpj6nWVk3xxqft9Tipux
-QfXJ0de6AjYvPfFkLHJydyuoPKETqISZ3P4lkEgOJz8Uttm2+5FbhYv51450kR/D
-18qhsWGwfOtxfcE6oUOBnGHMgpz1D8gN3DPAUemCYiNjNm67YABsPUMijKMue5Im
-JcCNryiDJPDsy+3P15Doke7J53e+kwTgt8fVfj50r4bsGBtEtqh4cD6G6RxYwBdX
-MDHFdlV4nZ2foYVCWsS9EYzOEHHqLnwEraNkKXaysDBAwbqbsl9veHaZ+PimJzc0
-TdQEeHzfwGym1iolG6qayd2SdhaqcZHRUiU6RVNzBTbNUaUKf9KH0O60MXs5euN9
-gWy+tnlZDHpl2LQ9uBCFXZRec67TdjMLZA8cWcj67pVql/FvjsXoqR8a1L5OY40v
-nUdBtqyWdzjQzuHRtKDe05cF/QCPODq1B3XKHV5Ztq84ZjqBo4vOxnNEfU/E5Yif
-j8Swhd804gOsvkcTBPjIxO77EpOZ8SrDkHQrwYoGuI3j7r21NKr5z/JECkIKZCgo
-kt7UQof/iYrClWX/xF6RR+eyZvM3JMEkw400htIgBgEI5mu9yHbn+0++cg+4fYdE
-Z2L5NVFf7hf+mwdkGeqJt+vt8IIKySz4
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF6TCCA9GgAwIBAgIQBeTcO5Q4qzuFl8umoZhQ4zANBgkqhkiG9w0BAQwFADCB
-iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
-cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
-BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQw
-OTEyMDAwMDAwWhcNMjQwOTExMjM1OTU5WjBfMQswCQYDVQQGEwJGUjEOMAwGA1UE
-CBMFUGFyaXMxDjAMBgNVBAcTBVBhcmlzMQ4wDAYDVQQKEwVHYW5kaTEgMB4GA1UE
-AxMXR2FuZGkgU3RhbmRhcmQgU1NMIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCUBC2meZV0/9UAPPWu2JSxKXzAjwsLibmCg5duNyj1ohrP0pIL
-m6jTh5RzhBCf3DXLwi2SrCG5yzv8QMHBgyHwv/j2nPqcghDA0I5O5Q1MsJFckLSk
-QFEW2uSEEi0FXKEfFxkkUap66uEHG4aNAXLy59SDIzme4OFMH2sio7QQZrDtgpbX
-bmq08j+1QvzdirWrui0dOnWbMdw+naxb00ENbLAb9Tr1eeohovj0M1JLJC0epJmx
-bUi8uBL+cnB89/sCdfSN3tbawKAyGlLfOGsuRTg/PwSWAP2h9KK71RfWJ3wbWFmV
-XooS/ZyrgT5SKEhRhWvzkbKGPym1bgNi7tYFAgMBAAGjggF1MIIBcTAfBgNVHSME
-GDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUs5Cn2MmvTs1hPJ98
-rV1/Qf1pMOowDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
-VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGy
-MQECAhowCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl
-cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy
-bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy
-dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ
-aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAWGf9
-crJq13xhlhl+2UNG0SZ9yFP6ZrBrLafTqlb3OojQO3LJUP33WbKqaPWMcwO7lWUX
-zi8c3ZgTopHJ7qFAbjyY1lzzsiI8Le4bpOHeICQW8owRc5E69vrOJAKHypPstLbI
-FhfFcvwnQPYT/pOmnVHvPCvYd1ebjGU6NSU2t7WKY28HJ5OxYI2A25bUeo8tqxyI
-yW5+1mUfr13KFj8oRtygNeX56eXVlogMT8a3d2dIhCe2H7Bo26y/d7CQuKLJHDJd
-ArolQ4FCR7vY4Y8MDEZf7kYzawMUgtN+zY+vkNaOJH1AQrRqahfGlZfh8jjNp+20
-J0CT33KpuMZmYzc4ZCIwojvxuch7yPspOqsactIGEk72gtQjbz7Dk+XYtsDe3CMW
-1hMwt6CaDixVBgBwAc/qOR2A24j3pSC4W/0xJmmPLQphgzpHphNULB7j7UTKvGof
-KA5R2d4On3XNDgOVyvnFqSot/kGkoUeuDcL5OWYzSlvhhChZbH2UF3bkRYKtcCD9
-0m9jqNf6oDP6N8v3smWe2lBvP+Sn845dWDKXcCMu5/3EFZucJ48y7RetWIExKREa
-m9T8bJUox04FB6b9HbwZ4ui3uRGKLXASUoWNjDNKD/yZkuBjcNqllEdjB+dYxzFf
-BT02Vf6Dsuimrdfp5gJ0iHRc2jTbkNJtUQoj1iM=
+MIIExDCCA6ygAwIBAgIRANFHqimwQon39cZCRwCf0zkwDQYJKoZIhvcNAQELBQAw
+fjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAG
+A1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAeFw0xNDA5MTExMjAwMDBa
+Fw0yNzA2MDkxMDQ2MzlaMHsxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRv
+IFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkxHzAdBgNVBAMTFkNlcnR1bSBDbGFzcyBJIENBIFNIQTIwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx18bqyCv0SPWXB4CZgm8QQhAY
+8uZiBGDik71soZjQrkqtojt2OshK4D15j5mzJI9fQqvaVfDT/0i7GKtzlnShM/+6
+g1nDzw9ZGmqcoItQJKFZRuU7L0W4PsoykHlbWMMTYTUAOsUlQbZutUhb4Kq6ldvX
+ktzxRaaUntDHuBQKRsp2KLciMfOCMA7p0NFBjGCNovTL7r0Z27S8ROwouCsWeRF9
+ZoJp2y5VbGHXtwwuvZD00l6ATOTU80RqEbQ9noNW51yf/HLTKA0VeFkkTXAX/7jF
+HjYkj94UdQZ53zPjBJ0ZBNmVVsTh4aH/6r+dojKTCFjmv4/KEAM3waQ65fYVAgMB
+AAGjggE+MIIBOjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRNy7TZu7LjQZge
+cJtnnyxd9jmcYTAfBgNVHSMEGDAWgBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNV
+HQ8BAf8EBAMCAQYwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDovL2NybC5jZXJ0dW0u
+cGwvY3RuY2EuY3JsMGsGCCsGAQUFBwEBBF8wXTAoBggrBgEFBQcwAYYcaHR0cDov
+L3N1YmNhLm9jc3AtY2VydHVtLmNvbTAxBggrBgEFBQcwAoYlaHR0cDovL3JlcG9z
+aXRvcnkuY2VydHVtLnBsL2N0bmNhLmNlcjA5BgNVHSAEMjAwMC4GBFUdIAAwJjAk
+BggrBgEFBQcCARYYaHR0cDovL3d3dy5jZXJ0dW0ucGwvQ1BTMA0GCSqGSIb3DQEB
+CwUAA4IBAQCyyIgCHYt2uN9cgDvx0z7TUveOs8ecBZbbMqDuIGqlBLk3YsRvYgKd
+uJHL7LDHGDUb9XPHApFgm5RDDwgeIaMvj1H9tDJv/S8BoPgzYCTP53gudUX4v24M
+qC7DmrmaqNAn7QMPs9GrphIoO/zmQZoHltliweeTHfqu5uc40V04tyrQ0mGNvLTx
+xrAlSouf2Bya8wpLzyfPee1iyEtejMSkDy4J1deJZZcVOH62hvI1NWeL8ZCp/zoW
+vl2UDNDK8hEJn+QlaQl2dTGWKur/N45emoJKaIkZDFlfeV4pifb/vT/7zGgycgB1
+Znr1eU5120hCg+lFD6Y3qDjBTBQX+9il
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFTCCA/2gAwIBAgIRAN9DSK67bcikyUhi80iQC+cwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE0
+MDkxMjAwMDAwMFoXDTI5MDkxMTIzNTk1OVowgZoxCzAJBgNVBAYTAlVTMRMwEQYD
+VQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMV
+VGhlIFVTRVJUUlVTVCBOZXR3b3JrMUAwPgYDVQQDEzdVU0VSVHJ1c3QgUlNBIENs
+aWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdC/hwGVueai+SgFnfi81c7VkUi8/moU
+z9XqVjJmVujaVO9O60pTVwpsRCgzpnPK5nfzkMi6J78TpRoJqVoXn+KppKoUo2Dj
+b58Hhp39eV0jdQXDOPa+KMSHp1UjiKqFlDGjF9nkEqx5ghCmEEEfKPbezQM0vf7q
+zPOkpuYwZpa9qMng3c8UOriJfVxhBcnUqfm1mxrur+VjvzvhUhNDAne9miMIE0JA
+mMAUxXK2vl0Cn+/EjWrSD4V5pYHgp4Mcam7m9t8UU7x0E3clRPDTtcks/3xlLVMm
+EtWKNsJQRTOTTlEZQo7betsJpXUBJDl6y60qDnme7X+9FRWbBxqdBwIDAQABo4IB
+ZDCCAWAwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYE
+FNHcPiACNgYyUdTArYomkyAL4KXWMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAE
+CjAIMAYGBFUdIAAwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1
+c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYG
+CCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu
+Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
+Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBrUYWWWBuT
+r/95mXaVA9tJe1HHTwhq9yCDah88KjXxsXCye5cOjRGjLbzrUF+BJdpWkdqzLnoy
+0FHSldr81AN0rl6h86C8bT9A0NbN8jieAm9N8v/t9/ntybXmQDE+2OK9KVm8RjqA
+J4DlF8/VdcQaiD/HRKzTv46lEyGcY1+6dZp4UMxgmGDzHUmT8MtcIygTwADl9xio
+YinqE+zMwcA4JKCal70ZAs2IZMCd4Xdxagsht+M2hML/0EsmMoqk01ZS21rlgLgl
+clrNhmmT8srCILv8s541jmefMbWkdIR2PBDVP0/YGCr6PMcf8Ra0OCxeT2hvym1U
+0p7pEVEg0GoECwRXiT+IpEmfMogr0CTTwjlYrt5q/Q4I1t6lZCxsEp6hQG2gAU0f
+tsnJSw1zT5MhxS0wJfUpVyp8q7HVgurdcRHw7B9yj3CvuplmfwkkwaScgMigYpPL
+s19e0tCZYg2ZC2mCoRgqW4mATB5nALLog3VKw4Vb8iVz7Ncjc0YWqCGe5p6qkMhR
+ziyrQQTmCQt8+GsUmupucH5FJVV0UmjpyqZVkRM2yO7kIxFNnPcABUDv9Bv2MtXr
+RYwsUHbXHsjklM4IwrzsFHfo8DAF6a/PID3T/m8bzK+4gfmWIA1+ZzLKFsPy9ECH
+fB3m4iByAmYtX3LcSXLWNcmTYUEYyux45Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDqTCCAy6gAwIBAgIQHky+giOEiULGBstThAny0DAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwOTEy
+MDAwMDAwWhcNMjkwOTExMjM1OTU5WjCBmjELMAkGA1UEBhMCVVMxEzARBgNVBAgT
+Ck5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUg
+VVNFUlRSVVNUIE5ldHdvcmsxQDA+BgNVBAMTN1VTRVJUcnVzdCBFQ0MgQ2xpZW50
+IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EwWTATBgcqhkjOPQIB
+BggqhkjOPQMBBwNCAAQq0y9I3LaaLYihiepvuNnhhTblevh1oocoXZbC5IBFzF7G
+8N8/hFdQn4OU2V3kXZJTp/pUy+orhKOq6U6e6gONo4IBZDCCAWAwHwYDVR0jBBgw
+FoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFIpUVZi84hUR3cMZi2IV
+xLsCAdvJMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwUAYD
+VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
+BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVD
+Q0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMAoGCCqGSM49BAMDA2kAMGYCMQDWod+sgJPP5tpKrp9li9RKH9hKmEDD
+Tsav1P2emh9NRhVIIejSnNrv30XsrntdvpsCMQD5kjoZRGixq8SnW/mTTppeHJZ7
+PuQj0NqM3/eCXi9CkBYK6fejMtW5IF8b1P9mrJk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDmDCCAx+gAwIBAgIQNJSlovoVpFdNsrSitHYjbzAKBggqhkjOPQQDAzCBhTEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
+IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwOTEyMDAw
+MDAwWhcNMjkwOTExMjM1OTU5WjCBlzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
+ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N
+T0RPIENBIExpbWl0ZWQxPTA7BgNVBAMTNENPTU9ETyBFQ0MgQ2xpZW50IEF1dGhl
+bnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EwWTATBgcqhkjOPQIBBggqhkjO
+PQMBBwNCAAR+YWqwbDcJWOGL2KtH77iPpL+aiyqA1ZaCYxAlQADyzluaM94hGP7k
+16DPKego5xlOMfhDt/j4+FQa2p1VtQWho4IBWzCCAVcwHwYDVR0jBBgwFoAUdXGn
+GUgZvJ2d6kFH35TESHeZ03kwHQYDVR0OBBYEFNt7aY3yTA5yV0t+h2auhpayFCLb
+MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwTAYDVR0fBEUw
+QzBBoD+gPYY7aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPRUNDQ2VydGlm
+aWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsGAQUFBzAC
+hi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9FQ0NBZGRUcnVzdENBLmNy
+dDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMAoGCCqGSM49
+BAMDA2cAMGQCMBzcd1ZG7oblHyoTthXDJL7Rv+2+5UNDlhf9Zd7u8yI5/gebPCDR
+JokYOAXK0bt1mwIwVLYvS/EQX4fWo3v3/j/sdDUq1GOV7Z1wjEtrqZ1kFQ3RpXkO
+JWyGTyrIfpE3Tlet
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIGuTCCBKGgAwIBAgIQAIEIODzAB3XEDG1za+MwizANBgkqhkiG9w0BAQsFADBF
@@ -3886,6 +4769,301 @@ qVzGTL6yfW8+SRdxVFQa6K9hekBr2kZyAKBCqz+jpQq1EPCcvn4HiNx81Na++iqe
 K+d2mfZxdEuAwFoZIcyk1aTWHHT1Cqzys00wlukvSmnXUBbGU5Vpwzjlj3N4
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQAMebmQCSGkI6sdFbXfchpDANBgkqhkiG9w0BAQsFADBJ
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQDExpT
+d2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjAeFw0xNDA5MTUxNjIxMTZaFw0yOTA5
+MTExNjIxMTZaMFgxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcx
+MjAwBgNVBAMTKVN3aXNzU2lnbiBQZXJzb25hbCBQbGF0aW51bSBDQSAyMDE0IC0g
+RzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtA1UE9m8aLuB413
+sMuiIvxI1yEgzUZrUFQOVx5m4I5WtZ0pl+mjzCzZjzxHW8MMjE6uZaGawJxKNU66
+7V0QLRIgMaf5V0RcDLa+bki8rI6Z4v+dlwMBowlPbHsqUpw5JZuvGcdOMasNsDl7
+8jwODgqQM45uaLzCT1om+4qE4ffZdSTYq//omfZKi3rgZtRCXX2n0zM6+6RMEI2l
+vZeDkrdV7zSU0mXMNW2/EUHd3eAQt3ElLvLGu7sAp7U7lgXTQZpvjHXvUzZz+sRa
+9OsuqGvoBGrM0Lv2jXE2lX8OKDv+l6FnZnixivOD774GyaWO99L0mkE8XCVxIC3Y
+u5eoXQIDAQABo4ICkzCCAo8wDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFFmw2b89wTe23AYUp+GZ40IY2pZBMB8GA1UdIwQYMBaA
+FFCvzAeHFUdvOMW0ZdHelarp35zMMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6
+Ly9jcmwuc3dpc3NzaWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURF
+OTVBQUU5REY5Q0NDMIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3Np
+Z24ubmV0L0NOPTUwQUZDQzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5NUFBRTlERjlD
+Q0MlMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlz
+dD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MF4GA1UdIARX
+MFUwUwYEVR0gADBLMEkGCCsGAQUFBwIBFj1odHRwOi8vcmVwb3NpdG9yeS5zd2lz
+c3NpZ24uY29tL1N3aXNzU2lnbi1QbGF0aW51bS1DUC1DUFMucGRmMIHGBggrBgEF
+BQcBAQSBuTCBtjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dp
+LWJpbi9hdXRob3JpdHkvZG93bmxvYWQvNTBBRkNDMDc4NzE1NDc2RjM4QzVCNDY1
+RDFERTk1QUFFOURGOUNDQzBOBggrBgEFBQcwAYZCaHR0cDovL29jc3Auc3dpc3Nz
+aWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURFOTVBQUU5REY5Q0ND
+MA0GCSqGSIb3DQEBCwUAA4ICAQDJExIoZpzxBQgj+rXSsd0Pmp40RBlxtpVFsnZ1
+EgXsrsWM4RNbGN1j4e4Gvm+vQ6wnyZkHhR4lJxLbeWyo8l//zcBjJxs+R69qYxPX
+j5a+ZgJ07lYFyE4YTJ95Niq5qcy0sJRqSBohxhxcsCQ8SyMJtU/Rw6ZRZLmpOMDM
+4sN8YyIhlzTfK+Dy7X+sA3I6Y3EfoHBJT2L6Fww1f+65vYRyQjg7cWLJZ7LvTe2X
+iLGEgy4t9UK04uecDR0E8kY+ctBqhgkRODQ0vI8ZAeYl3mda0eECbmuu4zAWcv78
+DY9EjM4mfIjOMw5EJzId7IjcoFPAncEuBy5C3hptdqWrSqHBOYUwW854KUoysHJj
+067beDjs3PAv9bKq+EJlh5n/X/OfeKVtE8ALTIjZyYnzem+TIaNPpp44R0YQERCn
+r6CDvoL9k76rpVedTyrOu3gN+nhBmAqwx1FwgT1s1tfUuCO32qe19+QqL/pX/57A
+I6RJCZsIn4GGuynHL9LpfNI/bM1SpGO66Nh/q7wESlqfGopMRngAl1Ozfu4zmulR
+p6aV4gOfqGS4vrTpeeOBmzoaPBsy59qsnuGgEgKtE+CuI1voINaEyHcXERLb+ZuI
+4Dp7+zCmcZSoXoSxTILmVbySTSc3zrOm11aDeZbbIVYUd+hIsb2FV+RJeN0JJ6Sg
+iuAaqQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQAOKjZ925iBlAqEheVUGp/TANBgkqhkiG9w0BAQsFADBJ
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQDExpT
+d2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjAeFw0xNDA5MTUxNjIzMzZaFw0yOTA5
+MTExNjIzMzZaMFgxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcx
+MjAwBgNVBAMTKVN3aXNzU2lnbiBTdWlzc2VJRCBQbGF0aW51bSBDQSAyMDE0IC0g
+RzIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgky7tyv+w2JirbD
+l30lH5v4JrHDKwU76slAffIE7gy5FiX6EB08/FSAiWkULdkoacAAj8+9ZXOhUJAv
+id+EVKqS5ccNAlZFTF8r2964fLgiia1MCauqQkyV5pzRAP8s5UzNcfeFw0WfSP6U
+RirIHEHFqM6G7Up2Nv67WjzmRfSSN/x8womdSsXvSaXweYBt/PX4/Sl893f9UW9j
+SPz0uUd7m5aW8/z/+vuJAOdSXVBWLi4hN2T9Dvgbuy0n5O0xc6wVnNvZB2fxbEaF
+LBtJIWu6OcpLpNWFsfyTNiZ9SGklftD5pLWCgyeERuzurdnspdf09GtlSYh0VyZe
+nOMDqQIDAQABo4ICkzCCAo8wDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFPCQTIvh8ALeAAFrmOfu3FGN20CuMB8GA1UdIwQYMBaA
+FFCvzAeHFUdvOMW0ZdHelarp35zMMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6
+Ly9jcmwuc3dpc3NzaWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURF
+OTVBQUU5REY5Q0NDMIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3Np
+Z24ubmV0L0NOPTUwQUZDQzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5NUFBRTlERjlD
+Q0MlMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlz
+dD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MF4GA1UdIARX
+MFUwUwYEVR0gADBLMEkGCCsGAQUFBwIBFj1odHRwOi8vcmVwb3NpdG9yeS5zd2lz
+c3NpZ24uY29tL1N3aXNzU2lnbi1QbGF0aW51bS1DUC1DUFMucGRmMIHGBggrBgEF
+BQcBAQSBuTCBtjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dp
+LWJpbi9hdXRob3JpdHkvZG93bmxvYWQvNTBBRkNDMDc4NzE1NDc2RjM4QzVCNDY1
+RDFERTk1QUFFOURGOUNDQzBOBggrBgEFBQcwAYZCaHR0cDovL29jc3Auc3dpc3Nz
+aWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURFOTVBQUU5REY5Q0ND
+MA0GCSqGSIb3DQEBCwUAA4ICAQAwt+R/QMYqzRIatBxAcIQQpCkL18rYBfbFpPWA
+X62JohEKCrhAVrrP3BFVG0qxtNSe2zgBBh5k48LQ1/FAhsZrw0+HTB9dvtyoTlJ7
+IfO0EpiDy8g7i1sjCRNXVJM+sg4t5auyQ0UxdADHBJ4BXI/ie5JmwRicIyb18/ET
+7+mr8jPbhvnqcumZndzhrxXiYznw9ZaXldB+BTRAaWnn2hURTVDJZhRRjazax8gX
+U5FDbYPZizZbZVFY9zPr5FSaMEDo4T1NrXn/Y5J+Yj3J09qs4zdGvVJ8GiYFwBnD
+CbrqzmQ+rZ+Aw6HjsmljVW/d0yMTwbLhr1QAfZQEYGzKPSU4WAbxMi4YFL6DbiWr
+BuuJ38YjD+gnUcjb4bx6N6gOVxvm7ECiWsUdfS9+Ojtg1U5ijBOz8jgS2OhtR6Ax
+FEDk5x3yw1IwwsMpY10Fng+7ugKiTMRTSkgxSWk143qpBGmSdulwqZTUA/YnENo4
+1j/CX8W6TakZS0UoFq/dKmRqCYD+egF1AKy41TCotBOc2NV/Xr4W+uNEvYCD8yDV
+qLghY1G4FHphXVrSEdmEeBqg6jAiRjOHgioCpZIrBSdwNH8qFUUvHtlMH4sJctnG
+WZrqNoa5nl1wimrx4gjDRiKce2osH57v1BHHou2Cod4Bhqe7D6rqQcdjAnLen3O+
+6NuVmg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4TCCBMmgAwIBAgIQc+6uFePfrahUGpXs8lhiTzANBgkqhkiG9w0BAQsFADCB
+8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
+dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1
+YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3
+dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh
+IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD
+LUFDQzAeFw0xNDA5MTgwODIxMDBaFw0zMDA5MTgwODIxMDBaMIGGMQswCQYDVQQG
+EwJFUzEzMDEGA1UECgwqQ09OU09SQ0kgQURNSU5JU1RSQUNJTyBPQkVSVEEgREUg
+Q0FUQUxVTllBMSowKAYDVQQLDCFTZXJ2ZWlzIFDDumJsaWNzIGRlIENlcnRpZmlj
+YWNpw7MxFjAUBgNVBAMMDUVDLUNpdXRhZGFuaWEwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDFkHPRZPZlXTWZ5psJhbS/Gx+bxcTpGrlVQHHtIkgGz77y
+TA7UZUFb2EQMncfbOhR0OkvQQn1aMvhObFJSR6nI+caf2D+h/m/InMl1MyH3S0Ak
+YGZZsthnyC6KxqK2A/NApncrOreh70ULkQs45aOKsi1kR1W0zE+iFN+/P19P7AkL
+Rl3bXBCVd8w+DLhcwRrkf1FCDw6cEqaFm3cGgf5cbBDMaVYAweWTxwBZAq2RbQAW
+jE7mledcYghcZa4U6bUmCBPuLOnO8KMFAvH+aRzaf3ws5/ZoOVmryyLLJVZ54peZ
+OwnP9EL4OuWzmXCjBifXR2IAblxs5JYj57tls45nAgMBAAGjggHaMIIB1jASBgNV
+HRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUC2hZPofI
+oxUa4ECCIl+fHbLFNxUwHwYDVR0jBBgwFoAUoMOLRKo3pUW/l4Ba0fF4opvpXY0w
+gdYGA1UdIASBzjCByzCByAYEVR0gADCBvzAxBggrBgEFBQcCARYlaHR0cHM6Ly93
+d3cuYW9jLmNhdC9DQVRDZXJ0L1JlZ3VsYWNpbzCBiQYIKwYBBQUHAgIwfQx7QXF1
+ZXN0IGNlcnRpZmljYXQgw6lzIGVtw6hzIMO6bmljYSBpIGV4Y2x1c2l2YW1lbnQg
+YSBFbnRpdGF0cyBkZSBDZXJ0aWZpY2FjacOzLiBWZWdldSBodHRwczovL3d3dy5h
+b2MuY2F0L0NBVENlcnQvUmVndWxhY2lvMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEF
+BQcwAYYXaHR0cDovL29jc3AuY2F0Y2VydC5jYXQwYgYDVR0fBFswWTBXoFWgU4Yn
+aHR0cDovL2Vwc2NkLmNhdGNlcnQubmV0L2NybC9lYy1hY2MuY3JshihodHRwOi8v
+ZXBzY2QyLmNhdGNlcnQubmV0L2NybC9lYy1hY2MuY3JsMA0GCSqGSIb3DQEBCwUA
+A4IBAQChqFTjlAH5PyIhLjLgEs68CyNNC1+vDuZXRhy22TI83JcvGmQrZosPvVIL
+PsUXx+C06Pfqmh48Q9S89X9K8w1SdJxP/rZeGEoRiKpwvQzM4ArD9QxyC8jirxex
+3Umg9Ai/sXQ+1lBf6xw4HfUUr1WIp7pNHj0ZWLo106urqktcdeAFWme+/klis5fu
+labCSVPuT/QpwakPrtqOhRms8vgpKiXa/eLtL9ZiA28X/Mker0zlAeTA7Z7uAnp6
+oPJTlZu1Gg1ZDJueTWWsLlO+P+Wzm3MRRIbcgdRzm4mdO7ubu26SzX/aQXDhuih+
+eVxXDTCfs7GUlxnjOp5j559X/N0A
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4TCCBMmgAwIBAgIQVBy0L8eIKnVUGpY97OXrkzANBgkqhkiG9w0BAQUFADCB
+8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
+dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1
+YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3
+dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh
+IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD
+LUFDQzAeFw0xNDA5MTgwODIyMjFaFw0zMDA5MTgwODIyMjFaMIGGMQswCQYDVQQG
+EwJFUzEzMDEGA1UECgwqQ09OU09SQ0kgQURNSU5JU1RSQUNJTyBPQkVSVEEgREUg
+Q0FUQUxVTllBMSowKAYDVQQLDCFTZXJ2ZWlzIFDDumJsaWNzIGRlIENlcnRpZmlj
+YWNpw7MxFjAUBgNVBAMMDUVDLUNpdXRhZGFuaWEwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDFkHPRZPZlXTWZ5psJhbS/Gx+bxcTpGrlVQHHtIkgGz77y
+TA7UZUFb2EQMncfbOhR0OkvQQn1aMvhObFJSR6nI+caf2D+h/m/InMl1MyH3S0Ak
+YGZZsthnyC6KxqK2A/NApncrOreh70ULkQs45aOKsi1kR1W0zE+iFN+/P19P7AkL
+Rl3bXBCVd8w+DLhcwRrkf1FCDw6cEqaFm3cGgf5cbBDMaVYAweWTxwBZAq2RbQAW
+jE7mledcYghcZa4U6bUmCBPuLOnO8KMFAvH+aRzaf3ws5/ZoOVmryyLLJVZ54peZ
+OwnP9EL4OuWzmXCjBifXR2IAblxs5JYj57tls45nAgMBAAGjggHaMIIB1jASBgNV
+HRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUC2hZPofI
+oxUa4ECCIl+fHbLFNxUwHwYDVR0jBBgwFoAUoMOLRKo3pUW/l4Ba0fF4opvpXY0w
+gdYGA1UdIASBzjCByzCByAYEVR0gADCBvzAxBggrBgEFBQcCARYlaHR0cHM6Ly93
+d3cuYW9jLmNhdC9DQVRDZXJ0L1JlZ3VsYWNpbzCBiQYIKwYBBQUHAgIwfQx7QXF1
+ZXN0IGNlcnRpZmljYXQgw6lzIGVtw6hzIMO6bmljYSBpIGV4Y2x1c2l2YW1lbnQg
+YSBFbnRpdGF0cyBkZSBDZXJ0aWZpY2FjacOzLiBWZWdldSBodHRwczovL3d3dy5h
+b2MuY2F0L0NBVENlcnQvUmVndWxhY2lvMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEF
+BQcwAYYXaHR0cDovL29jc3AuY2F0Y2VydC5jYXQwYgYDVR0fBFswWTBXoFWgU4Yn
+aHR0cDovL2Vwc2NkLmNhdGNlcnQubmV0L2NybC9lYy1hY2MuY3JshihodHRwOi8v
+ZXBzY2QyLmNhdGNlcnQubmV0L2NybC9lYy1hY2MuY3JsMA0GCSqGSIb3DQEBBQUA
+A4IBAQADuey1NBT9MWWzpxQwwNUN4XZ8nWgd7IZB6Se7TqgcUeO7g1D982bXa8Vr
+YRFqIx4KuNLDYhq6pKtD8mVIXvpj3WRvwFvv5pHWDSburNcu/Id/q2nkHDlj48QH
+QqJEjwuuTEdFAHP4c6OsPXTPbDHp3G02+GvJGb2LV959fycwe6YBAF/s+qT8HoZK
+IHlvHXqd9DALQtjx089Qu4VBHdnPIH3OWlrvUgqAujnvIj1PpYdtFJERSqb8cgLw
+6GZ2yN2yHpZtIfpe6YnZVoDA1pn7iWFge6hs6yYgNkR0tGw/FC/r2EhcIZuj6nag
+wYyJ2hkwawVG6ZjLRevOH1tDEbI3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4zCCBMugAwIBAgIQcbBlOXyOB9JUGpZ/dVk3kjANBgkqhkiG9w0BAQsFADCB
+8zELMAkGA1UEBhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2Vy
+dGlmaWNhY2lvIChOSUYgUS0wODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1
+YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYDVQQLEyxWZWdldSBodHRwczovL3d3
+dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UECxMsSmVyYXJxdWlh
+IEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMTBkVD
+LUFDQzAeFw0xNDA5MTgwODIzMjdaFw0zMDA5MTgwODIzMjdaMIGIMQswCQYDVQQG
+EwJFUzEzMDEGA1UECgwqQ09OU09SQ0kgQURNSU5JU1RSQUNJTyBPQkVSVEEgREUg
+Q0FUQUxVTllBMSowKAYDVQQLDCFTZXJ2ZWlzIFDDumJsaWNzIGRlIENlcnRpZmlj
+YWNpw7MxGDAWBgNVBAMMD0VDLVNlY3RvclB1YmxpYzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMuuTjExvPHbEfGJ3MU9RznScEIL86TETwZTO1GZsF1v
+RrGAJBV3QcXSXp9/r5h7cyq19DKLTiqRtKmnwSDfQCHbtv4mIJWc8mbEZCRwQ2fp
+1TRV1YGFnUZghLh32PjSrjlcZcTH5rAaS8uGXdITf4Amms9wa+Ax705XFCd52sji
+B4qUJtp6hMC7ECCHjWbLw0Akp4vPiPfbhLAxg400869eaMyEdkQsQYxgzyrEE9mo
+NFRV66y3iB8env1QmN/NkMqdKlgy86HP22PrSed4fONGSB2mz/Ti4qfGY1eoroPn
+m5Q8IiWtvfDaBKi/DW5j+ogUJ7+2w6fMAbVZUsHWo8MCAwEAAaOCAdowggHWMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRHPN4U
+d7tqT0eRqQL/1Abhc9zi2TAfBgNVHSMEGDAWgBSgw4tEqjelRb+XgFrR8Xiim+ld
+jTCB1gYDVR0gBIHOMIHLMIHIBgRVHSAAMIG/MDEGCCsGAQUFBwIBFiVodHRwczov
+L3d3dy5hb2MuY2F0L0NBVENlcnQvUmVndWxhY2lvMIGJBggrBgEFBQcCAjB9DHtB
+cXVlc3QgY2VydGlmaWNhdCDDqXMgZW3DqHMgw7puaWNhIGkgZXhjbHVzaXZhbWVu
+dCBhIEVudGl0YXRzIGRlIENlcnRpZmljYWNpw7MuIFZlZ2V1IGh0dHBzOi8vd3d3
+LmFvYy5jYXQvQ0FUQ2VydC9SZWd1bGFjaW8wMwYIKwYBBQUHAQEEJzAlMCMGCCsG
+AQUFBzABhhdodHRwOi8vb2NzcC5jYXRjZXJ0LmNhdDBiBgNVHR8EWzBZMFegVaBT
+hidodHRwOi8vZXBzY2QuY2F0Y2VydC5uZXQvY3JsL2VjLWFjYy5jcmyGKGh0dHA6
+Ly9lcHNjZDIuY2F0Y2VydC5uZXQvY3JsL2VjLWFjYy5jcmwwDQYJKoZIhvcNAQEL
+BQADggEBADMRO0eqGiqUdIFFbxqwKXh+K6rXGJAnfgYI4bABMbbIAZaDklfwXj23
+BO8JxLPMzgIilTXgswBSZTbTVEujYQfP+lrUjP1ZG2XFPM+vKzsyF4K3s3FyfjdR
+mj0chun0Flao+gd9nl6j7ySzHspZb1u/i0LSz4/48mY+pTxT1HCVw4zvzm9E9X26
+uKxn/UikI9B5EECHGChxw5Cx1RSF7THvhEBXfCQ6wsY632uvhi/H4QAkzmOZkh1P
+VzzehlsK2telJGfAt+xIxLHYvRUOTC5MRpSt2EzqvTjdsC8gKzGvgqYEhZBqrq7V
+PnbUX9LuF9aeJlZXPsfNRaIkAJW8smo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGyDCCBLCgAwIBAgIIDQNmRV5uKdQwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UE
+BhMCRVMxQjBABgNVBAMTOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
+cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0xNDA5MTgxMDAwNTRaFw0zMDEy
+MzEwNDAyNTVaMIGSMQswCQYDVQQGEwJFUzEeMBwGA1UEChMVRmlybWFwcm9mZXNp
+b25hbCBTLkEuMSIwIAYDVQQLExlDZXJ0aWZpY2Fkb3MgQ3VhbGlmaWNhZG9zMRIw
+EAYDVQQFEwlBNjI2MzQwNjgxKzApBgNVBAMTIkFDIEZpcm1hcHJvZmVzaW9uYWwg
+LSBDVUFMSUZJQ0FET1MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6
+cIlUCaCe12gMnFsVFePe9Z52zvebP/J30UrhNH0H4vny6VS7oVOd+aMQvvqW9JmT
+rYIA1i72jp8TnWNHq0RNlQMzjd+uQkeVSIOrohSHMejah0yx+yUusoWDSXOdhKV+
+CCjN+nvcCDUxJW+jmiN/UVZkHzQRK3M0cbQRGRNADeKPsrUrB0028OhBgyPOxM6S
+x3BIxXz8r2mXXtlFkkgtVYOtU8zyT4OM+c6mPEmnWL+uHpuL4MlzvZ/1RrO+ynyu
+a54hGkh4iijt1a3PecgdY7269FfhlsIWMSnXvKOeY6u6+F+CkkxwqiRO4xvCEVXY
+1ObIHPgXON3VYWIzLxvlAgMBAAGjggJgMIICXDB0BggrBgEFBQcBAQRoMGYwNgYI
+KwYBBQUHMAKGKmh0dHA6Ly9jcmwuZmlybWFwcm9mZXNpb25hbC5jb20vY2Fyb290
+LmNydDAsBggrBgEFBQcwAYYgaHR0cDovL29jc3AuZmlybWFwcm9mZXNpb25hbC5j
+b20wHQYDVR0OBBYEFIxxzJMHb9HVhmh9gjpB2UwC+JZdMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHwYDVR0jBBgwFoAUZc3rqzUeAD5+1XTAHLRzRw4aZC8wggFBBgNVHSAE
+ggE4MIIBNDCCATAGBFUdIAAwggEmMIHyBggrBgEFBQcCAjCB5R6B4gBDAGUAcgB0
+AGkAZgBpAGMAYQBkAG8AIABkAGUAIABBAHUAdABvAHIAaQBkAGEAZAAgAGQAZQAg
+AEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4ALgAgAEMAbwBuAHMAdQBsAHQAZQAg
+AGwAYQBzACAAYwBvAG4AZABpAGMAaQBvAG4AZQBzACAAZABlACAAdQBzAG8AIABl
+AG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AZgBpAHIAbQBhAHAAcgBvAGYAZQBz
+AGkAbwBuAGEAbAAuAGMAbwBtAC8AYwBwAHMwLwYIKwYBBQUHAgEWI2h0dHA6Ly93
+d3cuZmlybWFwcm9mZXNpb25hbC5jb20vY3BzMDsGA1UdHwQ0MDIwMKAuoCyGKmh0
+dHA6Ly9jcmwuZmlybWFwcm9mZXNpb25hbC5jb20vZnByb290LmNybDAOBgNVHQ8B
+Af8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAApS6836yufcnOXxNmxxa80WO3iN
+TO/xiF1sQH3GfUhNKK9x7QAl2MLTM0FvZ8ZZ23RlLkCnSrYCVI5AJCBvAoE3fxqd
+V7Q0a45DH7/DNyzTvOEnyUGHsdWCzCSM/XQdi1+fquLny+Dt7q9YkqzHNczOVIGg
+9DOPvXHXUWsSc+06I3hM7YNDsJD4hlvo68NEYPVlo4+uN4k+3edfEA9yRCGoDhNl
+zh1FLQBHZ3Wis9OVH+9xl6oYhYGNzESGYOIewpxLflbF6LdyACipm8ywAZg+NRgd
+DU4ty/+ddP+oBuiRnuzLZZI9zfylC0DQYElcC69LKQ5jc32oAN/k0m5V35VKqdEc
+2JULn0zlTDznp1anr/ulTu6sOLChb7LOhGZjI1BawkMAmZR+2dr1hdVRNJ/hnBhl
+mspb/o7wI9rzoBYlMpqGIxHBzpVVJhhO5g1YXqq3X12oSL27xY6LS1/8fqwfYLov
+VOzeegr2SgBNDk7MoIjTJJxoCNG39d+htjTHVeeEzp3z+Oc8HlU0Gf98+OnfjO9T
+zGAz1PijqXa77m3Iu982gsaJH8qK5DyxGFyMN5CaNq23p/5g/ATzFrTOf++jp85+
+MBaQeDT/zC0rq44ewVc2TcxCN6GbieepMDk67nS1HSKCZJE/e29hKuGJp3kd1PO1
+WHlC29XOaKRjmyDC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGtzCCBJ+gAwIBAgIQAPodqurJs6X6V5gLmXTaMTANBgkqhkiG9w0BAQsFADBF
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMR8wHQYDVQQDExZT
+d2lzc1NpZ24gR29sZCBDQSAtIEcyMB4XDTE0MDkxOTE0MDkxMloXDTI5MDkxNTE0
+MDkxMlowUjELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEsMCoG
+A1UEAxMjU3dpc3NTaWduIFNlcnZlciBHb2xkIENBIDIwMTQgLSBHMjIwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQzxIi30mNQL6Fa6afsl9Fs7it1XQS
+fLb+T3omoxS2IJiUNVCoyMeBEVSFB2a0tEUnyOjfcSn++++pWoAOkU5wWp7bbNo4
+yq/T5LBg1HcuPm+wH94V4IwAFFatfZIIrmaTfVRzrZ26CrEM2vISb/1u2SVzAnmP
+WoY3JVGbDOXw5HEpI6W/zLnd6cetY/ZPwp/9UICzCQxD5PmPiSP18dhTnm8LP4G/
+go5VK5JQu52NvH9iStYs9VVXvHiq7+1RdkQa72CmB9wx6MmXqv3MAde/tt03L9o5
+uB6VPx2uJQ6G0S+gpyqwKbeUBhJxBZNRRftXyXnZxg48ZBYb26tiPfTVAgMBAAGj
+ggKUMIICkDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
+HQ4EFgQU5/Hn/S5TrRHlgRpXpHOPEn2YyK4wHwYDVR0jBBgwFoAUWyV7lqRlUX64
+OfPAeGZe6Drn8O4wgf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lz
+c3NpZ24ubmV0LzVCMjU3Qjk2QTQ2NTUxN0VCODM5RjNDMDc4NjY1RUU4M0FFN0Yw
+RUUwgaiggaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049
+NUIyNTdCOTZBNDY1NTE3RUI4MzlGM0MwNzg2NjVFRTgzQUU3RjBFRSUyQ089U3dp
+c3NTaWduJTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2Jq
+ZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwXwYDVR0gBFgwVjBUBglghXQB
+WQECAQYwRzBFBggrBgEFBQcCARY5aHR0cDovL3JlcG9zaXRvcnkuc3dpc3NzaWdu
+LmNvbS9Td2lzc1NpZ24tR29sZC1DUC1DUFMucGRmMIHGBggrBgEFBQcBAQSBuTCB
+tjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9hdXRo
+b3JpdHkvZG93bmxvYWQvNUIyNTdCOTZBNDY1NTE3RUI4MzlGM0MwNzg2NjVFRTgz
+QUU3RjBFRTBOBggrBgEFBQcwAYZCaHR0cDovL29jc3Auc3dpc3NzaWduLm5ldC81
+QjI1N0I5NkE0NjU1MTdFQjgzOUYzQzA3ODY2NUVFODNBRTdGMEVFMA0GCSqGSIb3
+DQEBCwUAA4ICAQCOLN7o1oxUHESHOxMtyaF0+Mehvb5xp+4BL9kuUI7GQdY9HiGZ
+YLSVhQ+gzKK0/TpxZksZ3klVUpyjqmBZruaTWhd5p0K4hTECK6g3zNG7zDkAR9ZZ
+S+O991u0FlqASfWNWKc1n6J4Lu/wyGv72NuqNA/SbGscP4+fOX8yelJ2KFONxQNI
+jftNyHX8lmlUj2YAh49yiWkPY1tsFfKKzqNJlTEIEFkJkOIM7wVRIPgRu23jhlpa
+jCIayCarJ41gn/UHXVgo4oDmrIA1aE9F2prtHWn+Yd8vtQkixPwJroq1Y0na76WS
+j7xnQxSEr7/aXUjPn498Pw3iD+76Vub8nislsEFYjn21pXOWGjr5PciCqdivV5kf
+HWo+p6isSu5hW6lkEzKa9bEKZsiUF4NzZeobDegyer8TYXkEDP91oD1iDum0i87k
+sljy3pKPKr4Aa5HEDof4Kn2ZWckemrbJwVVxHddoQ3LU004zZUjSAfmmhwcPymCk
+CnSXAtLkS8Fz40wHvB1HgpBLLu/ds9gmupv3o4ZPlgbYfQelIKes4Vtg8x/23scU
+bv4vuScmpyzbjYrqhAmGafUoCbamKTv/1KfIcTHJrWV8eakrrqI8aSkmcY5jBSyg
+IZ+muisznpeXBNZI4fJM/jFJF9W4jqLysCU9w9aDacEsRSLeSVUkc1TN7g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGuDCCBKCgAwIBAgIPGReV3CJ0GxId21RMXMvcMA0GCSqGSIb3DQEBCwUAMEUx
+CzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3
+aXNzU2lnbiBHb2xkIENBIC0gRzIwHhcNMTQwOTE5MTQxMDI1WhcNMjkwOTE1MTQx
+MDI1WjBUMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMS4wLAYD
+VQQDEyVTd2lzc1NpZ24gUGVyc29uYWwgR29sZCBDQSAyMDE0IC0gRzIyMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrf0T2JFsx4NPb+TUBInPgv9nUyF
+9dMJh7sQL66HybrB2devqNc1+Gq+fFT4tfBa9hbI+xqRRqCO0LoQOJ3v3XMlOzQ3
+zTL+b3wgDvs/d8tZ7LWGOSYF480/rL1aaBIQFlrE62GDQvcmkH/C8QxsSS+T+ga2
+FQhC/Br/btveNcP6cz87WyshF8IU/7sOKYqh3o5mbxI641R1u3+zaiGq8A9620pS
+oW3b9P1Mf5t4z51ifqb+/QsYtDt60dw+mVES6sk8cl9VRLejcuiXFyVJaj7YyITi
+or33buzheHvzZdxaQSgeq0mIrvmXqtplZoqXQ12irR7xhuf/w9UtFBbqCwIDAQAB
+o4IClDCCApAwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
+VR0OBBYEFNoy+Un4UcyYcWYM2c6225I/CUvvMB8GA1UdIwQYMBaAFFsle5akZVF+
+uDnzwHhmXug65/DuMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dp
+c3NzaWduLm5ldC81QjI1N0I5NkE0NjU1MTdFQjgzOUYzQzA3ODY2NUVFODNBRTdG
+MEVFMIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NO
+PTVCMjU3Qjk2QTQ2NTUxN0VCODM5RjNDMDc4NjY1RUU4M0FFN0YwRUUlMkNPPVN3
+aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29i
+amVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MF8GA1UdIARYMFYwVAYJYIV0
+AVkBAgEGMEcwRQYIKwYBBQUHAgEWOWh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2ln
+bi5jb20vU3dpc3NTaWduLUdvbGQtQ1AtQ1BTLnBkZjCBxgYIKwYBBQUHAQEEgbkw
+gbYwZAYIKwYBBQUHMAKGWGh0dHA6Ly9zd2lzc3NpZ24ubmV0L2NnaS1iaW4vYXV0
+aG9yaXR5L2Rvd25sb2FkLzVCMjU3Qjk2QTQ2NTUxN0VCODM5RjNDMDc4NjY1RUU4
+M0FFN0YwRUUwTgYIKwYBBQUHMAGGQmh0dHA6Ly9vY3NwLnN3aXNzc2lnbi5uZXQv
+NUIyNTdCOTZBNDY1NTE3RUI4MzlGM0MwNzg2NjVFRTgzQUU3RjBFRTANBgkqhkiG
+9w0BAQsFAAOCAgEArevbqCOPH6va0x4oEb4UviyXJzIokl5MjRADlGMDFXaKm52m
+U+IZlJ9PjcqBiEXhjjD1oR8uV5aVRWXH+auI6JgQZz5L+u2a309bDu3bcineP45v
+Z+nAuoDvulmx2nqjloCOturaks727w/nHCoz723eYH46fg//q/a5QnOoBe+WIiZW
+T71TcycX4hiVcPwVqB53tL9IM2qe2balnCpZKorZWVHQXYWSO5MIBaw/iMOwCCpf
+lDRU75TruHPjfE4Bu4U9Nm3NBt3zcc5ykcQ8ZbJzkWLnSi2LY8r71Ulc3jxqyWOZ
+QbgS14x/BzVQj4Rk9+X8KovGpooAFVIBR/bdU/z2IdZlENgoPNpJokuEH5OS6UZS
+yNmhhXjI2QGXn91G+QV4++kreVz6heVOhDPgOoOfRXLYG9O/9wqPMthmUQgcTrym
+p57bPpM0zIYpHxcKfxhoYprQdO3LuU1F2xkZE2vFLWVB9ugHzXd1ADIKrrGgJXPf
+MluXT9wK8BzTcI5cOqhESt4Awq5q9fmiW3OUAROL0Ca0Z/sRQcvvJ/ewlZvLdsym
+cfjV6JtN7/IBgIJ4D/Js4DRWCwAv1jhBiEGsRAlhiJmep//U1HEaT9oredt9PYS1
+iKbkcMuDEtPuYXrQ+8OQmMEwMbOFboZMMTOVNOenLH+EiG6BUnowTwqqjtA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIGvDCCBKSgAwIBAgIPa8MYySrNF2PrQchvr0f3MA0GCSqGSIb3DQEBCwUAMEcx
 CzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxITAfBgNVBAMTGFN3
 aXNzU2lnbiBTaWx2ZXIgQ0EgLSBHMjAeFw0xNDA5MTkyMDM2NDNaFw0yOTA5MTUy
@@ -3924,68 +5102,78 @@ vTy3FMK1j4toytXiaafI+Caus+GbmDMCtsEQiwxsNS4HZCVXZXGr84lsfK55CNg8
 84npHRtOijniyemc9gsTkT50zf8MkhmSdXo2MJuP2rX7A/WuV2FikJw+O4jRYWeI
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIE/zCCA+egAwIBAgIEUdNARDANBgkqhkiG9w0BAQsFADCBsDELMAkGA1UEBhMC
-VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0
-Lm5ldC9DUFMgaXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMW
-KGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsGA1UEAxMkRW50cnVzdCBSb290IENl
-cnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE0MDkyMjE3MTQ1N1oXDTI0MDkyMzAx
-MzE1M1owgb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgw
-JgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQL
-EzAoYykgMjAwOSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9u
-bHkxMjAwBgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
-eSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoS2ctueDGvi
-mekwAad26jK4lUEaydphTlhyz/72gnm/c2EGCqUn2LNf00VOHHLWTjLycooP94MZ
-0GqAgABFHrDH55q/ElcnHKNoLwqHvWprDl5l8xx31dSFjXAhtLMy54ui1YY5ArG4
-0kfO5MlJxDun3vtUfVe+8OhuwnmyOgtV4lCYFjITXC94VsHClLPyWuQnmp8k18bs
-0JslguPMwsRFxYyXegZrKhGfqQpuSDtv29QRGUL3jwe/9VNfnD70FyzmaaxOMkxi
-d+q36OW7NLwZi66cUee3frVTsTMi5W3PcDwa+uKbZ7aD9I2lr2JMTeBYrGQ0EgP4
-to2UYySkcQIDAQABo4IBDzCCAQswDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQI
-MAYBAf8CAQEwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz
-cC5lbnRydXN0Lm5ldDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1
-c3QubmV0L3Jvb3RjYTEuY3JsMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsGAQUF
-BwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NQUzAdBgNVHQ4EFgQUanImetAe
-733nO2lR1GyNn5ASZqswHwYDVR0jBBgwFoAUaJDkZ6SmU4DHhmak8fdLQ/uEvW0w
-DQYJKoZIhvcNAQELBQADggEBAGkzg/woem99751V68U+ep11s8zDODbZNKIoaBjq
-HmnTvefQd9q4AINOSs9v0fHBIj905PeYSZ6btp7h25h3LVY0sag82f3Azce/BQPU
-AsXx5cbaCKUTx2IjEdFhMB1ghEXveajGJpOkt800uGnFE/aRs8lFc3a2kvZ2Clvh
-A0e36SlMkTIjN0qcNdh4/R0f5IOJJICtt/nP5F2l1HHEhVtwH9s/HAHrGkUmMRTM
-Zb9n3srMM2XlQZHXN75BGpad5oqXnafOrE6aPb0BoGrZTyIAi0TVaWJ7LuvMuueS
-fWlnPfy4fN5Bh9Bp6roKGHoalUOzeXEodm2h+1dK7E3IDhA=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGBjCCA+6gAwIBAgIRAMgiUvqdae1J6bdj2DOKybMwDQYJKoZIhvcNAQEMBQAw
-gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
-ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
-VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE0
-MDkyNDAwMDAwMFoXDTI0MDkyMzIzNTk1OVowejELMAkGA1UEBhMCVVMxCzAJBgNV
-BAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMSEwHwYDVQQKExhOZXR3b3JrIFNvbHV0
-aW9ucyBMLkwuQy4xKTAnBgNVBAMTIE5ldHdvcmsgU29sdXRpb25zIERWIFNlcnZl
-ciBDQSAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrUi2amP0fHK
-EyC4wy62uF1opLhOSB0ovTgFqo93neEWfhGLXDAeetGQ9+G51CkD2kjsN97c7YHz
-WahaNhlVxSV/vW0zEi6FCpqBqLn1OYnpiVRpk4F33nQmdIY+eACIsp2IEM/J4uJU
-KeWcNgUPNBL6bvHF2jrWVQ15FQVz7d2fTQaZVwQHr2LYOHUlVsJ02TLaEXcPiYuP
-CiVa4HnSHGbpc2G0Zxxf4L7pbprxiAWh7hcMa2sQZPO3ETwWU/vbsDS5xX8L+5Zk
-Rgv3MNfX5GojAjKMNI521KS3nGsCr4bzWHlwtfXAqwoMvUtMjy14DvAwGDrrWNTi
-5Z+WNtdAxwIDAQABo4IBdjCCAXIwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd
-8rIDZsswHQYDVR0OBBYEFFHO31QdtyxXq2hhSAIa07KF7ECqMA4GA1UdDwEB/wQE
-AwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
-BgEFBQcDAjAjBgNVHSAEHDAaMA4GDCsGAQQBhg4BAgEJATAIBgZngQwBAgEwUAYD
-VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
-dFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
-BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT
-QUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
-c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAupphveaoSi4ebI525TIdpuQaZatf4
-wJY5tqTooTP3vSyYqIHE8KXAvS/xfoEpKwiVJwrIzC2OJ4Z2iWN0CG73YHEH3Ilr
-vQrWD4dEyAhA67skx1grS2Xz5ORHepfFveLMFLNFZw6pNnL4EnjQYwoONfGXWx3h
-UxNhsCf+cW1FA8W7psOJU/G8iwUWATth0yb0I+KMr73A2WqUWooyB9u1v4oio35Q
-1bhGHHBVZJyuRSP1Loh5g0UMlBeF89vyxHqCZPvjW7SguZN5N0sBHU74EpMQ+/J/
-yBY0iirdk4ll30RcV7/Tm3FS0kVn/XzIShDtE9zhE8ZkL0tE443h2qp3gjzNAfik
-AKI6nplE/YudETkhT5xVb3GzLnajgCuOnHlMTRvtbPl/onssUwQDlwvmfQ1JSpmD
-Ndd3OnEg0Ztcw0g3i8GCYigKFhgZOoKQJFjikFTD7IuKm7xPNDQja25/k9bGzPfg
-7wmzwcPbWYYMZqfXYPFqpHsxP8F5IlNUMCMMqmyhNOH/044xLihLCebISho/16TU
-vmoAPhkz+5mjVpOTeJH/jwuExlCDt+x6sqH2GfZtHdBUzgTki/emr3xv40zj7io/
-yafXxUKA2Vz5bi97Pf0vyfaAzlbiSyu6UnfYCMzeyb6CvbjR7rvcrmaGebT9msj/
-AL0WcnXkdqgLgw==
+MIIGvjCCBKagAwIBAgIPBUTWTq0e0zbVMkBdALk2MA0GCSqGSIb3DQEBCwUAMEcx
+CzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxITAfBgNVBAMTGFN3
+aXNzU2lnbiBTaWx2ZXIgQ0EgLSBHMjAeFw0xNDA5MTkyMDM2NDlaFw0yOTA5MTUy
+MDM2NDlaMFYxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxMDAu
+BgNVBAMTJ1N3aXNzU2lnbiBQZXJzb25hbCBTaWx2ZXIgQ0EgMjAxNCAtIEcyMjCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMs5sTmF/vrJobzDg6kOSi2E
+ch7/aMWnxB3sD9eoixMes9EWi0DcD1NvAT3s6GS1l9uDvKiowIQ4WF4DFCvmyjDv
+ALLrEzkZkkcqIQDlcs3CMWIOzFYq/3fEY4yYwm9417W2zOl9HzOmkQUq/tFS1vTs
+nP5NTGpS4YV2Yru5aOZSY/zBIZGSXRnY3IDRGeNJFlcCDhlEhaspyS/6xm1rCqH2
+9/9rYTUVJpSUAmklXWn3vV5rgtmQDAb5QwUiSes20CBaYxDjOCHVfxYrQYpGevJn
+6KTQuh5/JCd1mJRJLVbEVDORnWL51V/eW6kVmJyUU8GA6QkXFbQbgCkyodCvE6cC
+AwEAAaOCApYwggKSMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MB0GA1UdDgQWBBTwx6MykbXryrVYdxWnTr4aXWFDJTAfBgNVHSMEGDAWgBQXoM3B
+5EG2Ols7y0WdvRzCmPqGWDCB/wYDVR0fBIH3MIH0MEegRaBDhkFodHRwOi8vY3Js
+LnN3aXNzc2lnbi5uZXQvMTdBMENEQzFFNDQxQjYzQTVCM0JDQjQ1OURCRDFDQzI5
+OEZBODY1ODCBqKCBpaCBooaBn2xkYXA6Ly9kaXJlY3Rvcnkuc3dpc3NzaWduLm5l
+dC9DTj0xN0EwQ0RDMUU0NDFCNjNBNUIzQkNCNDU5REJEMUNDMjk4RkE4NjU4JTJD
+Tz1Td2lzc1NpZ24lMkNDPUNIP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFz
+ZT9vYmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDBhBgNVHSAEWjBYMFYG
+CWCFdAFZAQMBBjBJMEcGCCsGAQUFBwIBFjtodHRwOi8vcmVwb3NpdG9yeS5zd2lz
+c3NpZ24uY29tL1N3aXNzU2lnbi1TaWx2ZXItQ1AtQ1BTLnBkZjCBxgYIKwYBBQUH
+AQEEgbkwgbYwZAYIKwYBBQUHMAKGWGh0dHA6Ly9zd2lzc3NpZ24ubmV0L2NnaS1i
+aW4vYXV0aG9yaXR5L2Rvd25sb2FkLzE3QTBDREMxRTQ0MUI2M0E1QjNCQ0I0NTlE
+QkQxQ0MyOThGQTg2NTgwTgYIKwYBBQUHMAGGQmh0dHA6Ly9vY3NwLnN3aXNzc2ln
+bi5uZXQvMTdBMENEQzFFNDQxQjYzQTVCM0JDQjQ1OURCRDFDQzI5OEZBODY1ODAN
+BgkqhkiG9w0BAQsFAAOCAgEAw3mnV7d7rVFo9USMQZUoAXx01jtqvG3vp9dNOZkd
+aI3KCNnQcbEZNZNvgsYcSbhR7kz5bApv2KX7/vswXgDSlKvEElG6qoqrat0Z1ytK
+9xaya1HPdFsponPel/7YTyAhfWkMsFDljViMgC7lFxzdY3qq7wX5w2me5IxxYlxC
+7jryzeAS74tc6c5TKDLslQsZVKIhjfp/UKdPvBl7smuMKT93Psojx2laQZ19ZjFv
+enF52qllOut/1xDVC19UGXzONyUkhFDQr0A0wl+S4nqR8y9CRxufPEL72V+lvHBF
+ju+gOZD1oXhs18BnWRnhAN5c/HjoT927rJEucov86kdvQyi8u7mOlL76UN1QkxtM
+GLZ2/8NHClm0zW1V2Gq2X8kvwZQ2Pr6uQDUGIO3gAkwtNEUOQ6+i9NiQFeXQwJtE
+QK48j5NRvJloc2l7dViZt9QET9/xgnERHXv8Ex13ZVVj11JyfN0xR4anldisJnE9
+I+YSO/R/mpaG/ivqoPMmDXXGFowxIOcRR6HnqWqwpbKBHtw90KHjbtXwZqYcfdeS
+iE0ABwtx53Pnc+RUZWn8N43xHm9w7qdss1JFZ1nWBUixIemXKNnZ9LSmoGcjNrxg
+Rw5cKH9dk4oxuo0xNhTHekKdbyDBbCr4Fg9q2QCUMrs9VbHFw6ENsXl3VB3gM4J+
+7uo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFDCCA/ygAwIBAgIIG3Dp0v+ubHEwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UE
+BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
+cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0xNDA5MjMxNTIyMDdaFw0zNjA1
+MDUxNTIyMDdaMFExCzAJBgNVBAYTAkVTMUIwQAYDVQQDDDlBdXRvcmlkYWQgZGUg
+Q2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBBNjI2MzQwNjgwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDDUtd9
+thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQM
+cas9UX4PB99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefG
+L9ItWY16Ck6WaVICqjaY7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15i
+NA9wBj4gGFrO93IbJWyTdBSTo3OxDqqHECNZXyAFGUftaI6SEspd/NYrspI8IM/h
+X68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyIplD9amML9ZMWGxmPsu2b
+m8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctXMbScyJCy
+Z/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirja
+EbsXLZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/T
+KI8xWVvTyQKmtFLKbpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF
+6NkBiDkal4ZkQdU7hwxu+g/GvUgUvzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVh
+OSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMB0GA1UdDgQWBBRlzeurNR4APn7VdMAc
+tHNHDhpkLzASBgNVHRMBAf8ECDAGAQH/AgEBMIGmBgNVHSAEgZ4wgZswgZgGBFUd
+IAAwgY8wLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuZmlybWFwcm9mZXNpb25hbC5j
+b20vY3BzMFwGCCsGAQUFBwICMFAeTgBQAGEAcwBlAG8AIABkAGUAIABsAGEAIABC
+AG8AbgBhAG4AbwB2AGEAIAA0ADcAIABCAGEAcgBjAGUAbABvAG4AYQAgADAAOAAw
+ADEANzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAHSHKAIrdx9m
+iWTtj3QuRhy7qPj4Cx2Dtjqn6EWKB7fgPiDL4QjbEwj4KKE1soCzC1HA01aajTNF
+Sa9J8OA9B3pFE1r/yJfY0xgsfZb43aJlQ3CTkBW6kN/oGbDbLIpgD7dvlAceHabJ
+hfa9NPhAeGIQcDq+fUs5gakQ1JZBu/hfHAsdCPKxsIl68veg4MSPi3i1O1ilI45P
+Vf42O+AMt8oqMEEgtIDNrvx2ZnOorm7hfNoD6JQg5iKj0B+QXSBTFCZX2lSX3xZE
+EAEeiGaPcjiT3SC3NL7X8e5jjkd5KAb881lFJWAiMxujX6i6KtoaPc1A6ozuBRWV
+1aUsIC+nmCjuRfzxuIgALI9C2lHVnOUTaHFFQ4ueCyE8S1wF3BqfmI7avSKecs2t
+CsvMo2ebKHTEm9caPARYpoKdrcd7b/+Alun4jWq9GJAd/0kakFI3ky88Al2CdgtR
+5xbHV/g4+afNmyJU72OwFW1TZQNKXkqgsqeOSQBZONXH9IBk9W6VULgRfhVwOEqw
+f9DEMnDAGf/JOC0ULGb0QkTmVXYbgBVX/8Cnp6o5qtjTcNAuuuuUavpfNIbnYrX9
+ivAwhZTJryQCL2/W3Wf+47BVTwSYT6RBVuKT0Gro1vP7ZeDOdcQxWQzugsgMYDNK
+GbqEZycPvEJdvSRUDewdcAZfpLz6IHxV
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIFMDCCBBigAwIBAgIQVI57oMAwxl2+UxycNi8vbDANBgkqhkiG9w0BAQwFADBi
@@ -4018,41 +5206,6 @@ hnIM19CS79484wN6K5/zO0nwvabWbQWazzY7kCToyiNay4kadJ95RryTQQ3uhtI2
 IpOnYE4BOnawVyDCBmqL32vHIzFlY8cJJyhbKbUjMTea2DkB
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIGBjCCA+6gAwIBAgIRAMPe33bP14a+oa+L7++k3TgwDQYJKoZIhvcNAQEMBQAw
-gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
-ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
-VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE0
-MDkyNDAwMDAwMFoXDTI0MDkyMzIzNTk1OVowejELMAkGA1UEBhMCVVMxCzAJBgNV
-BAgTAlZBMRAwDgYDVQQHEwdIZXJuZG9uMSEwHwYDVQQKExhOZXR3b3JrIFNvbHV0
-aW9ucyBMLkwuQy4xKTAnBgNVBAMTIE5ldHdvcmsgU29sdXRpb25zIE9WIFNlcnZl
-ciBDQSAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMEY20u06eQH
-i9Bk1mdkoZzwMzzodh2U4tUYRyi3Ezrk8ylwlRu5JWi2fBd9dE7z4JMrYlE2pNlY
-EfNzqHw2C8g8paL9EYvcEa7MVltx2/qYTZ+WXDt7IeS/rKLEmpnyjSjPjeOQn9rH
-86wtGQOEfn2yrw+LwshvK7memBk8woCJxmyEXqi2MxfXjdHSF8fyF6N/j12iUMeS
-rU93QKecdOx5Bv5y8R17GDorK6F5gvDXGsA55zgjpouIiNnd/fue8yMv4nOnN/C4
-78sSniJ+mmgHOqX6ZfyMS08+CqHMp+D7/m3n9eYHcBX9mFltwGHQh4CUHSaXBGsY
-sb54MHdVeQIDAQABo4IBdjCCAXIwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd
-8rIDZsswHQYDVR0OBBYEFCAzzbdh9qWGT9zJ13NqvApRZZjsMA4GA1UdDwEB/wQE
-AwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
-BgEFBQcDAjAjBgNVHSAEHDAaMA4GDCsGAQQBhg4BAgEDATAIBgZngQwBAgIwUAYD
-VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
-dFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
-BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT
-QUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
-c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAipDA3APqXT3n3SWLtMk4GrCEm5TH7
-oIlIaaPVJ/TBuKFM45rOUyKmsLta0Lc5M6hfo2Hs/YRuNFgxA9QAiJUsBtFEOtIK
-BTK7rMvwgxwtlVKHKUZ3l91EO2dwPmENmLH5krb6uOuKzlBC7RHh2sjXDDBLjyok
-uHOm34TJpI4vjB0zxf752Z3H5OxGR2tUpBo0T3+7mz0d4Ve4Hp60cJTLhRpitOUS
-CpK2rEcWnGzx+WXucSk9REVugbucdA6UrAqBp0TQ5Z0j4dSMGLa6e7U1mbJz+zDF
-oPbUjwh7rNKm385hH5ahuX01nQk+PplCTTXsR5B3LjiKY0QP6x93SGVvdh2azrsw
-/FQI1n7M9k3fPzrHFuYYct/YYqJGkLCPzpzn3a6pkKvtJWfG7SY2CgcepPR8gn2v
-I8GIM3tDmZ2ZDSyI8qulT9/Vey2gL3CL895SWseWCii5TMR6Ox7LeBCZj0iZhLXH
-aaJprqX/B8t72NYrL3NZSiMbHBfzwIQiVSMw4hMHdL68VC+bASpgcfBtMPW/fpwN
-T2BuSzxVuMpjq3b124i5wd2cGDqWDJ4N8nauG8mawekrazr7OakVUY3O4Own76Pd
-M9ubyuCZUE+bR5eFhpx3/x/FBB5QWFv3fYq5nyyaxnG2hVSZqtp4RTNrGKVWG5+D
-blKbMUlAzl8aVQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
 MIIDnzCCAyWgAwIBAgIQWyXOaQfEJlVm0zkMmalUrTAKBggqhkjOPQQDAzCBhTEL
 MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
 BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
@@ -4110,271 +5263,893 @@ VSWsErokodPYflsJTHKqRxY3lGqroH0bakT2GdD8REw8IN4D3CJ5JaqpAYVWgc+9
 7O7lc82QVOgklrnwCqD3
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEbjCCA1agAwIBAgIQUooUzakaS0WlY3wDZH9CwTANBgkqhkiG9w0BAQsFADCB
-gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
-QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
-A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE0MDkzMDEx
-NTQxOFoXDTI0MDkyNzExNTQxOFowUjELMAkGA1UEBhMCUEwxFjAUBgNVBAoMDW5h
-endhLnBsIFMuQS4xGDAWBgNVBAsMD2h0dHA6Ly9uYXp3YS5wbDERMA8GA1UEAwwI
-bmF6d2FTU0wwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjAfhBk7mv
-Z5MlDV34icf8DwkugIYgm6bKBI4aZKa+SoL7tb64OymtOhZxLX2XRMhKqj84GcUE
-jg0yQ0vkG/CS/ssJLqo1t56mZJXi5wFCP8eWYcIJoVvGG1QIe1oG1Umtm1dUeDT+
-ORHoejbp5XQsubD4bAw3f/vAaBztEKRxB2fGRa07ruY20z4Tm1cKKXASwexzftzQ
-g0F/mGm4bAiIm5nodphpWVdqaMxZDXhe7ix90ziUR33P/gbxFpZDGMhQIk8bcZbN
-1Cvq9URgKZ7jLkZdbQIBJGN2vMMOaPMb/nt2cyvNZcyRMZoP4u+p6x88SEul9zlw
-ufjsV2Qdbk3PAgMBAAGjggEMMIIBCDASBgNVHRMBAf8ECDAGAQH/AgEAMDIGA1Ud
-HwQrMCkwJ6AloCOGIWh0dHA6Ly9jcmwuY2VydHVtLnBsL2dzY2FzaGEyLmNybDBu
-BggrBgEFBQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNl
-cnR1bS5jb20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5w
-bC9nc2Nhc2hhMi5jZXIwHwYDVR0jBBgwFoAUVJndm//opw6jGZ1bvkJX3zD8jzIw
-HQYDVR0OBBYEFLJhdoKVWgE3F5fCdyG17Yv8KfdnMA4GA1UdDwEB/wQEAwIBBjAN
-BgkqhkiG9w0BAQsFAAOCAQEAHnOtSeZgWlG3Ly/I0QrG7T0eviYdjtHNbmddiuPR
-k9UVLoQtDU53MjKl5YvoMWVfUe3ROymD0gvPfh44luLRFzdZ+IO21z90DGEq4utz
-uU4DLKI5uzYffuUOAY3k5839ZnEs/1h0yZ4VHcF95IY0IcQ91W0rc3cm0/1WEj++
-bcMm4CZzKkbX61+7pnjIw3eAKotNQ3b6QDOnAgNhZSVBTzBJtnoBL4BsoVubYmbP
-wOq/vvWmKj901NYI2Iawm6W58hJrI+xEn/vG4vq2Hpku3YE9CKDq8kqjILNxn9n/
-d7w1te4vPp7cUhW+2DVfpjPbYWHbbPhDvEgOYG+lsQVb4w==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEjjCCA3agAwIBAgIQPV3/8esxRPyAjPpGv4zBezANBgkqhkiG9w0BAQsFADCB
-gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
-QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
-A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE0MDkzMDEx
-NTUyMVoXDTI0MDkyNzExNTUyMVowcjELMAkGA1UEBhMCUEwxIjAgBgNVBAoMGVVu
-aXpldG8gVGVjaG5vbG9naWVzIFMuQS4xKTAnBgNVBAsMIFNwYWNlU1NMIENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5MRQwEgYDVQQDDAtTcGFjZVNTTCBDQTCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzqT+FHDT1w5H6MnkmrJinSBQHMoJfs
-EV+rbHDK8sFUotHBW8BsG3VcBLxnA7XeI56hpaQB8jcuFtZXWGBPYS/Ks4mYxTlZ
-IAwyPNmhL1jbNVRxcBnfz3g7zQU75KvpIPG2BvwB6mNSu58O1S/3YBeW60DnFZeX
-QgdDXbJ3evFVBCOWc1Bjf+hZJ7wTwGwoAIpaafAbl/Qta5cq4PUEwTDSq9XpYC36
-e1XIYjuLIrCwEDmlzca2PcjW3by0bDB0pCnNGU2mBR9HPRbOKzPioKnDliM7vmL3
-L9CMrdQNT4KHiulg6/NiLmaYzRMndXZLG3FcEi3117o7F8NtGyCrRM0CAwEAAaOC
-AQwwggEIMBIGA1UdEwEB/wQIMAYBAf8CAQAwMgYDVR0fBCswKTAnoCWgI4YhaHR0
-cDovL2NybC5jZXJ0dW0ucGwvZ3NjYXNoYTIuY3JsMG4GCCsGAQUFBwEBBGIwYDAo
-BggrBgEFBQcwAYYcaHR0cDovL3N1YmNhLm9jc3AtY2VydHVtLmNvbTA0BggrBgEF
-BQcwAoYoaHR0cDovL3JlcG9zaXRvcnkuY2VydHVtLnBsL2dzY2FzaGEyLmNlcjAf
-BgNVHSMEGDAWgBRUmd2b/+inDqMZnVu+QlffMPyPMjAdBgNVHQ4EFgQUm9IC2JIW
-IsJo3GWK4du0fctLzdAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IB
-AQCDwXQg06ACo+NY0m4n/pyuGjL53tg4BKp1vUrmLvLfAsmLq28UkI0i//8LTZ1i
-tV8bl+/9AnDUHHzCZf7UGmCtwH4onPOWkjbByEzrcfr7IEPwnei/dp8/pGPUvHGg
-1nv0IuwYaKV67nbL0opou9bADzeDkl7CqvAt17oEoFkyMMOw7Xoi9qJmR+9Kgnce
-MSgJf5LZnZ/zcfMTOuYUnL9trTqvpqsSiCxwqO1VAQyC9cH+o3Tpd6Y6Jn1+cPXw
-cMCoY9YT10m0l9gTFjnJDgBx1F0V6jwUiShakc+ZRTWgF2jZ/omi+quVpNYEVKT3
-4g4QCP+tyUR0AWVd8QUvIgSF
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE7jCCA9agAwIBAgIRAN3t9vZCmEkOaUw276QiyI8wDQYJKoZIhvcNAQELBQAw
-SDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9u
-MRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTAeFw0xNDEwMDExOTIyMzJaFw0yNDA5
-MjgxOTIyMzJaMIGvMQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAO
-BgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5j
-LjE3MDUGA1UEAxMuVHJ1c3R3YXZlIERvbWFpbiBWYWxpZGF0aW9uIFNIQTI1NiBD
-QSwgTGV2ZWwgMTEfMB0GCSqGSIb3DQEJARYQY2FAdHJ1c3R3YXZlLmNvbTCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNr4Z91k7AKM+Pz5XXWTIuVeMts
-PU2W/pI4WdEHG9Zab1EOWPLbthB6fzUJLLLBBk1wy2OM9yG1HywB/CwfGHcoKS8Z
-/efGV+ZKTzEpIestriUWx7wUnzxKzGML48Xv7sNuY1Crru5Hgce1Ax5uOfP7OB6t
-orbMunvKQC10WcSrqFg6LapZ0UhgGmQzdjYguOBF6WZJR3QLghQaNrSUZuA6neXR
-cUsBgmzrxiEVHyzt+lmnYFMFvKVwGOyIZ2RU2LAFthS6UDDrSLGsJysxc1MK1Sti
-/VP8e8wj9rJdmiWNfA+lz6hDAPzRbv+WVJNoHEGbIx8rai+rVMiLy2HIbPsCAwEA
-AaOCAWkwggFlMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFPQc4jqvtqTk
-2emd/u8cd6VjPe+IMA4GA1UdDwEB/wQEAwIBhjBIBgNVHSAEQTA/MD0GDysGAQQB
-ge0YAwMDAwQFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3NzbC50cnVzdHdhdmUu
-Y29tL0NBMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jcmwudHJ1c3R3YXZlLmNv
-bS9TVENBLmNybDBsBggrBgEFBQcBAQRgMF4wJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
-Y3NwLnRydXN0d2F2ZS5jb20wNQYIKwYBBQUHMAKGKWh0dHA6Ly9zc2wudHJ1c3R3
-YXZlLmNvbS9pc3N1ZXJzL1NUQ0EuY3J0MBMGA1UdJQQMMAoGCCsGAQUFBwMBMB8G
-A1UdIwQYMBaAFEIythb6BP3+XUt6w/33TEAdWkOvMA0GCSqGSIb3DQEBCwUAA4IB
-AQAjoDrTysopn7t+onDZ6rZSQW8rYlWZQpSiNHrq9xAAcMExrhcN0bQC9OQ+VRci
-oMDascvwum7hVkyh2w2Ad7lC3Ir9gIuA8HycjqQJ4t1eSF3geYyf8lp259ztZ/TO
-xSAwJ9W0Szc8fslOA0SWlyA3lnRVcYVu54Idc1dPXXBxwlQ1NUCYgcsXZs+6QjLL
-YhYL85DhuitQSddoYemGpfVJnaYH9tBiWmwtzwc4qsVqTsKEJ/1zYAy2GrEAv8sB
-FKSfMNMopBmmDA8/aCIW/tH6KTD2DC15QQwL6yAUbSa5mhzFSA9O8zmF881YwBVG
-n+z3isMPClgpNw/eWSbaSLZ+
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE/TCCA+WgAwIBAgIQSyxmRvQ0d1tn3zSgTdUE5jANBgkqhkiG9w0BAQsFADBI
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
-FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTE0MTAwMTE5MjIzNloXDTI0MDky
-ODE5MjIzNlowgbUxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhJbGxpbm9pczEQMA4G
-A1UEBxMHQ2hpY2FnbzEhMB8GA1UEChMYVHJ1c3R3YXZlIEhvbGRpbmdzLCBJbmMu
-MT0wOwYDVQQDEzRUcnVzdHdhdmUgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU0hB
-MjU2IENBLCBMZXZlbCAxMR8wHQYJKoZIhvcNAQkBFhBjYUB0cnVzdHdhdmUuY29t
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49OohlJHBJ/juiQTmibO
-S28pHvCCp1bPOc6elQ62DCYE/A14JXUtI8yaUc9nFjh6dNzR7KjFPEq/qDplQl7f
-1Tvh5ifBNNP2wQ6e820TWlPO4HhR/5g4+3iFmJ1N7kFrxDp1/P8e3+9lcJsXckXC
-tfFkQ9slogJqnaCsipgdrH4gQhicFAL5YqHw2AKfctZLSPpxhI3xISMV/lIQwZPW
-I2221v9ALckokh5pW6dTK8x8yNUUye1zt5msWzqunfBjVYVUj5/LXu46hS99Mfxu
-80ARJRyHsXIuHbMzwVXGqKVPZfKAdHBl5e3ElCjNwNy+Hgi09vS7PoAUhjCf/wbO
-nQIDAQABo4IBczCCAW8wEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUys4d
-GAN3HhzzfFiymnCoCIAW9K4wDgYDVR0PAQH/BAQDAgGGMEgGA1UdIARBMD8wPQYP
-KwYBBAGB7RgDAwMDBAQDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vc3NsLnRydXN0
-d2F2ZS5jb20vQ0EwMgYDVR0fBCswKTAnoCWgI4YhaHR0cDovL2NybC50cnVzdHdh
-dmUuY29tL1NUQ0EuY3JsMGwGCCsGAQUFBwEBBGAwXjAlBggrBgEFBQcwAYYZaHR0
-cDovL29jc3AudHJ1c3R3YXZlLmNvbTA1BggrBgEFBQcwAoYpaHR0cDovL3NzbC50
-cnVzdHdhdmUuY29tL2lzc3VlcnMvU1RDQS5jcnQwHQYDVR0lBBYwFAYIKwYBBQUH
-AwIGCCsGAQUFBwMBMB8GA1UdIwQYMBaAFEIythb6BP3+XUt6w/33TEAdWkOvMA0G
-CSqGSIb3DQEBCwUAA4IBAQBN/Qb6x5VSQHIt/FqvXAkjfCI7jwXGzRoxThavUqv0
-pJr1azXKv2L2ye9Sl4OCqiDHZ8ZJZ/Z19Ae1yvGTpG++0O5dWTHZ8qy/JSj17Mg1
-vWiefVpJKtkYflzhC9B9/eB3QuKVTRKDqm1ZC9kbm3MWOwtnEOw4WURWS1X2v4Hv
-2AJaXe11ZRqjx7/c6U50tYp3eVpRDCw7bOIXRffLG0oibhjHiEu8dgq7KkTSrx9m
-QFS6T2x9GLiJKhj2mEfPuGr73TfBPyKsRBymOpG67LThKVnwoUfH3pghA6VkZp5Z
-1Vm6AcDm+eelf5XPvZtNve4evLVPYueA3TmGyxXh1m2d
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF+TCCA+GgAwIBAgIQRyDQ+oVGGn4XoWQCkYRjdDANBgkqhkiG9w0BAQwFADCB
-iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
-cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
-BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQx
-MDA2MDAwMDAwWhcNMjQxMDA1MjM1OTU5WjB2MQswCQYDVQQGEwJVUzELMAkGA1UE
-CBMCTUkxEjAQBgNVBAcTCUFubiBBcmJvcjESMBAGA1UEChMJSW50ZXJuZXQyMREw
-DwYDVQQLEwhJbkNvbW1vbjEfMB0GA1UEAxMWSW5Db21tb24gUlNBIFNlcnZlciBD
-QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJwb8bsvf2MYFVFRVA+e
-xU5NEFj6MJsXKZDmMwysE1N8VJG06thum4ltuzM+j9INpun5uukNDBqeso7JcC7v
-HgV9lestjaKpTbOc5/MZNrun8XzmCB5hJ0R6lvSoNNviQsil2zfVtefkQnI/tBPP
-iwckRR6MkYNGuQmm/BijBgLsNI0yZpUn6uGX6Ns1oytW61fo8BBZ321wDGZq0GTl
-qKOYMa0dYtX6kuOaQ80tNfvZnjNbRX3EhigsZhLI2w8ZMA0/6fDqSl5AB8f2IHpT
-eIFken5FahZv9JNYyWL7KSd9oX8hzudPR9aKVuDjZvjs3YncJowZaDuNi+L7RyML
-fzcCAwEAAaOCAW4wggFqMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bL
-MB0GA1UdDgQWBBQeBaN3j2yW4luHS6a0hqxxAAznODAOBgNVHQ8BAf8EBAMCAYYw
-EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
-AwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BB
-hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
-dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
-dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
-cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
-hvcNAQEMBQADggIBAC0RBjjW29dYaK+qOGcXjeIT16MUJNkGE+vrkS/fT2ctyNMU
-11ZlUp5uH5gIjppIG8GLWZqjV5vbhvhZQPwZsHURKsISNrqOcooGTie3jVgU0W+0
-+Wj8mN2knCVANt69F2YrA394gbGAdJ5fOrQmL2pIhDY0jqco74fzYefbZ/VS29fR
-5jBxu4uj1P+5ZImem4Gbj1e4ZEzVBhmO55GFfBjRidj26h1oFBHZ7heDH1Bjzw72
-hipu47Gkyfr2NEx3KoCGMLCj3Btx7ASn5Ji8FoU+hCazwOU1VX55mKPU1I2250Lo
-RCASN18JyfsD5PVldJbtyrmz9gn/TKbRXTr80U2q5JhyvjhLf4lOJo/UzL5WCXED
-Smyj4jWG3R7Z8TED9xNNCxGBMXnMete+3PvzdhssvbORDwBZByogQ9xL2LUZFI/i
-eoQp0UM/L8zfP527vWjEzuDN5xwxMnhi+vCToh7J159o5ah29mP+aJnvujbXEnGa
-nrNxHzu+AGOePV8hwrGGG7hOIcPDQwkuYwzN/xT29iLp/cqf9ZhEtkGcQcIImH3b
-oJ8ifsCnSbu0GB9L06Yqh7lcyvKDTEADslIaeSEINxhO2Y1fmcYFX/Fqrrp1WnhH
-OjplXuXE0OPa0utaKC25Aplgom88L2Z8mEWcyfoB7zKOfD759AN7JKZWCYwk
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIF+TCCA+GgAwIBAgIRALD/zzodgkSYFWKdZIhqQWUwDQYJKoZIhvcNAQEMBQAw
-gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
-ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
-VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE0
-MTAwOTAwMDAwMFoXDTI0MTAwODIzNTk1OVowZDELMAkGA1UEBhMCTkwxFjAUBgNV
-BAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFtc3RlcmRhbTEPMA0GA1UEChMG
-VEVSRU5BMRgwFgYDVQQDEw9URVJFTkEgU1NMIENBIDIwggEiMA0GCSqGSIb3DQEB
-AQUAA4IBDwAwggEKAoIBAQCwOm1/qbgAnvOFOghkLPlEDCC0sxVNBi2m8JPJSL73
-ZK2kjhWzMYEUF/xu4osZdYs2Es8HbXZ4Jl4nvywWukL73R5Qj2SvdZsKOoKpMSVR
-jn/EQt0fXJORu5T6cFf65/24uGjKm2oZJFQ3/jJhifciwY9j1dFpfklNvNfQ20zW
-9g+9wYhCk9aR+Z+WmRHqbnLngCFs8U6O7GO4Pa9lOdCFkip5Og7W6K2bJYmi1C5y
-a3Oh0uLfzlhw/8BUAXdd+XadL0PaoibdHUKaTTixVv46tMtrbPJqnz+zrjun0BU+
-rCd/G/RZYFBWfp11JZ4/xna//5nM2PGpaolf3ucHzY2LAgMBAAGjggF/MIIBezAf
-BgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUW9CKHJoy
-W+C13ZZUG+GGKLD9tr0wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8C
-AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCwGA1UdIAQlMCMwDQYL
-KwYBBAGyMQECAh0wCAYGZ4EMAQIBMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BB
-hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
-dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
-dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
-cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
-hvcNAQEMBQADggIBAH2QaWZWVBxrPK5/JQgT6btkbPVniC+9wVEKrtNj9i3bcDEJ
-AH4di9rkMyGY4CGT28COJY5VBswqZeMD6FlyJ643mph8wvQTWhJxLW2r3zJpgacG
-oosgHaiQ0iiqYdT2/6W/hoCOZ5EqIn4dlC0aYbsgIZCJ6NUKEQr2CLpeG8tsKIU+
-xRYPZf230bFhwaYl2Ia/Dvqb+tH1IqdnuBUu+Qitt3UCOfQpYfm/wKoX60LeJo+d
-ZWQyB95sPTLTA+xH1XRpIDp+uHDvqaIqnFVCtuM+i9j/Jlr7fCZsiIWG15M+UPhE
-h9RQ0R1DMDK60rqNIQjK9+7Gbs6SWQgcU3N0j5z4160avk1G7qzEuYHrp1DMHWb8
-Dg1+Bh24DtN+u5qHrgu2m4QEzsGgexbfArIYQ62ruSYJq6oEHVA37iq9IkGKALXc
-n8MF1OaCTGfaKwL1ZaxZKbt6DE5Ut9I7fQM7IGTGxehQKpKwX6BHl3JYX8EKb5/1
-PQnV5whodZLi1biej76NGztDjPNO1VSrdu3MUH8ume20tUn643V9ixFoDdU6+l1Q
-sCuBA3gstNuPv0xAW5KjohoKQV2sV/puV070B1XrYwgykwAkSl2dwsFSKJPByCQa
-ppP7zX0/pnO8z2ideWMu5yUrQjg2sQtWwopf965KMdnfagbNL6OYCbwFgBPH
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIE/jCCA+agAwIBAgIEUc4A/jANBgkqhkiG9w0BAQsFADCBtDEUMBIGA1UEChML
-RW50cnVzdC5uZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBp
-bmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5
-IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xNDEwMTAxNTIzMTdaFw0yNDEw
-MTEwNjIyNDdaMIG6MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5j
-LjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcG
-A1UECxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVz
-ZSBvbmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
-IC0gTDFLMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2j+W0E25L0Tn
-2zlem1DuXKVh2kFnUwmqAJqOV38pa9vH4SEkqjrQjUcj0u1yFvCRIdJdt7hLqIOP
-t5EyaM/OJZMssn2XyP7BtBe6CZ4DkJN7fEmDImiKm95HwzGYei59QAvS7z7Tsoyq
-j0ip/wDoKVgG97aTWpRzJiatWA7lQrjV6nN5ZGhTJbiEz5R6rgZFDKNrTdDGvuoY
-pDbwkrK6HIiPOlJ/915tgxyd8B/lw9bdpXiSPbBtLOrJz5RBGXFEaLpHPATpXbo+
-8DX3Fbae8i4VHj9HyMg4p3NFXU2wO7GOFyk36t0FASK7lDYqjVs1/lMZLwhGwSqz
-GmIdTivZGwIDAQABo4IBDjCCAQowDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQI
-MAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz
-cC5lbnRydXN0Lm5ldDAyBgNVHR8EKzApMCegJaAjhiFodHRwOi8vY3JsLmVudHJ1
-c3QubmV0LzIwNDhjYS5jcmwwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUH
-AgEWGmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMB0GA1UdDgQWBBSConB03bxT
-P8971PfNf6dgxgpMvzAfBgNVHSMEGDAWgBRV5IHREYC+2Im5CKMx+aEkCRa5cDAN
-BgkqhkiG9w0BAQsFAAOCAQEAWEJxwT4pFm51WHe1ZU2eKfWuCxwY+aMIQ3XvfW3x
-kur+zmhc4h++pa8aTKqDO1+iR0b3fJ7Bg8R6JLDpzOmimgcJ6B4dd1ZJ/FNzqEfM
-yS1aYDSnGgvlK7jf74JK3XBeEBgIO13cioQ9aNgAtMSeQ3hLXvBiaoyQZlOKrMV9
-WP9Oqa3XpMoSRynl8yIhQDJg2jr+klQeQ6ENqVI3YL+HxKHHeNWHHuV3419b3HFt
-ukSHMQWAWAvF3nQogYMIhNDIRlr+isa9qQ47ZHhtJtw8TPeBXDwRfyU6k2Klo5EF
-JSNztM3OzDmkA3gwZkZeqXWwtGcDqbGfV/DTds/hk+iAog==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFGDCCBACgAwIBAgIRAMG9J7ODlY0Ni8peTwjQCdkwDQYJKoZIhvcNAQELBQAw
-SDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9u
-MRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTAeFw0xNDEwMTMxODE3MzlaFw0yNDEw
-MTAxODE3MzlaMIGxMQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAO
-BgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5j
-LjE5MDcGA1UEAxMwVHJ1c3R3YXZlIEV4dGVuZGVkIFZhbGlkYXRpb24gU0hBMjU2
-IENBLCBMZXZlbCAxMR8wHQYJKoZIhvcNAQkBFhBjYUB0cnVzdHdhdmUuY29tMIIB
-IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre9mHLqiv689FWIk7PaeQLuW
-os8ldRX4rNLHeD7/X7JrTfaXuIQaLfrUODtyRaZs0LtJsEHgpr7dUonDIH69PjBP
-rHg+hBLu7ob4udEx3J03NQSdnR/fqPY0ZMH2NP7e9TFSKKctZ/SmzA8jGclVmdiT
-Gg1bTx6xgWuPWq9OprIQSgkP5NRe1GeTQ7U/E1zxLqaw6PeQWjESHPGeilyw0jr6
-qVyHM5ack9ps60sN3CKNGushyaQe3w2bYxRJ9RRH/sILCAmmTbjc/cXrGQMGdaYt
-aiGnXbc45r39cqfbynZ71hPPNEtFbOdqk3C7I8vrhIHiKaAtFkTMRSWmHHk4HwID
-AQABo4IBkTCCAY0wEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU5eQkWRUy
-J8kgs0ICbLDvMt6bIFowDgYDVR0PAQH/BAQDAgGGMGYGA1UdIARfMF0wDAYKKwYB
-BAGB7RgDADAOBgxghkgBhv1kAQECBAEwPQYPKwYBBAGB7RgDAwMDBAMDMCowKAYI
-KwYBBQUHAgEWHGh0dHBzOi8vc3NsLnRydXN0d2F2ZS5jb20vQ0EwMgYDVR0fBCsw
-KTAnoCWgI4YhaHR0cDovL2NybC50cnVzdHdhdmUuY29tL1NUQ0EuY3JsMGwGCCsG
-AQUFBwEBBGAwXjAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudHJ1c3R3YXZlLmNv
-bTA1BggrBgEFBQcwAoYpaHR0cDovL3NzbC50cnVzdHdhdmUuY29tL2lzc3VlcnMv
-U1RDQS5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB8GA1UdIwQY
-MBaAFEIythb6BP3+XUt6w/33TEAdWkOvMA0GCSqGSIb3DQEBCwUAA4IBAQCly1p1
-rvcOlRS+ODBLb2kYHd4q+cXDl65X+IQ7hOlXg9dpa7CzSAGNNpzhyYMbE48mB/RE
-BXxbZkMzEhWPFj+4jdGNsmX0zjEWatJWsnNVxpA7hDR0iZssezu86oDQ/sbVoaXj
-0a5jB2cZsnMS5287CNDk5i+ImruhbMAYV9sadliXoDy3y01Sv+FLMx39C5UhYhWU
-gvoT9igbSCoc/DPOukEDqsnKMmDqTf3JzuFI1CbJcR6M8R1hAda4mZrxIdGcbT8R
-Xp8JQ8Vuv/+plPMcAiZ2Bzed0hPVr5A1Mz8K8w9OyORGlRwjWS65jsr26bjMCcfj
-pvuAANrc0Alu4nJC
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFAzCCA+ugAwIBAgIEUdNg7jANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMC
-VVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50
-cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3Qs
-IEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAGA1UEAxMpRW50cnVz
-dCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwHhcNMTQxMDIyMTcw
-NTE0WhcNMjQxMDIzMDczMzIyWjCBujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVu
-dHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwt
-dGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0
-aG9yaXplZCB1c2Ugb25seTEuMCwGA1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9u
-IEF1dGhvcml0eSAtIEwxSzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-ANo/ltBNuS9E59s5XptQ7lylYdpBZ1MJqgCajld/KWvbx+EhJKo60I1HI9Ltchbw
-kSHSXbe4S6iDj7eRMmjPziWTLLJ9l8j+wbQXugmeA5CTe3xJgyJoipveR8MxmHou
-fUAL0u8+07KMqo9Iqf8A6ClYBve2k1qUcyYmrVgO5UK41epzeWRoUyW4hM+Ueq4G
-RQyja03Qxr7qGKQ28JKyuhyIjzpSf/debYMcnfAf5cPW3aV4kj2wbSzqyc+UQRlx
-RGi6RzwE6V26PvA19xW2nvIuFR4/R8jIOKdzRV1NsDuxjhcpN+rdBQEiu5Q2Ko1b
-Nf5TGS8IRsEqsxpiHU4r2RsCAwEAAaOCAQkwggEFMA4GA1UdDwEB/wQEAwIBBjAP
-BgNVHRMECDAGAQH/AgEAMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0
-cDovL29jc3AuZW50cnVzdC5uZXQwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL2Ny
-bC5lbnRydXN0Lm5ldC9nMmNhLmNybDA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggr
-BgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwHQYDVR0OBBYEFIKi
-cHTdvFM/z3vU981/p2DGCky/MB8GA1UdIwQYMBaAFGpyJnrQHu995ztpUdRsjZ+Q
-EmarMA0GCSqGSIb3DQEBCwUAA4IBAQA/HBpb/0AiHY81DC2qmSerwBEycNc2KGml
-jbEnmUK+xJPrSFdDcSPE5U6trkNvknbFGe/KvG9CTBaahqkEOMdl8PUM4ErfovrO
-GhGonGkvG9/q4jLzzky8RgzAiYDRh2uiz2vUf/31YFJnV6Bt0WRBFG00Yu0GbCTy
-BrwoAq8DLcIzBfvLqhboZRBD9Wlc44FYmc1r07jHexlVyUDOeVW4c4npXEBmQxJ/
-B7hlVtWNw6f1sbZlnsCDNn8WRTx0S5OKPPEr9TVwc3vnggSxGJgO1JxvGvz8pzOl
-u7sY82t6XTKH920l5OJ2hiEeEUbNdg5vT6QhcQqEpy02qUgiUX6C
+MIIGAjCCA+qgAwIBAgIRCBeSUjZo9chQAAAAAAAAAAMwDQYJKoZIhvcNAQELBQAw
+UjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRp
+c2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIwHhcNMTQxMDAyMTIx
+OTA2WhcNMjkwOTI4MTIxOTA2WjBlMQswCQYDVQQGEwJTSzETMBEGA1UEBwwKQnJh
+dGlzbGF2YTETMBEGA1UECgwKRGlzaWcgYS5zLjEsMCoGA1UEAwwjQ0EgRGlzaWcg
+UjJJMiBDZXJ0aWZpY2F0aW9uIFNlcnZpY2UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCyUskVGBrkooW8zWUYsR8WKNA5baWkD6PKuMXL3mi9lt/u0W1J
+5b2FIjtWJt6PBZlMGcnzCQSEC8Ao/9HZQQwwAttLgmcdBSwyIenDMuxiM1WbnZ+5
+kmUnKjHs+LaROq3vBCIzdGDQGoJACEFsJuFpDGQXrVDtlzhhRlmM0bsyJRJwp6iL
+31OCnGBz/sj5/rugnWFB9XNwUSFcafzTLwlo8OI/gIhhXQSdk8WjrFvQdG1TiqkI
+ojm9Mz5a6pzfN9NncZbGV4Xa1cV/oMG4fZAqu7+X7tlVPPDF3/7UKzSRGydrShWc
+4tPOORPevcT6/XQnpqGrB89sxvtkm2lCsvrDAgMBAAGjggG+MIIBujCBgwYIKwYB
+BQUHAQEEdzB1MDcGCCsGAQUFBzABhitodHRwOi8vcm9vdGNhcjItb2NzcC5kaXNp
+Zy5zay9vY3NwL3Jvb3RjYXIyMDoGCCsGAQUFBzAChi5odHRwOi8vd3d3LmRpc2ln
+LnNrL3Jvb3RjYXIyL2NlcnQvcm9vdGNhcjIuZGVyMB0GA1UdDgQWBBQkpbw6KGIV
+QjL5MFrJ8T7koQmosTAfBgNVHSMEGDAWgBS1mfivsJT14yDWCq3OTlakLm5C7TAS
+BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjB1BgNVHR8EbjBsMDSg
+MqAwhi5odHRwOi8vY2RwMS5kaXNpZy5zay9yb290Y2FyMi9jcmwvcm9vdGNhcjIu
+Y3JsMDSgMqAwhi5odHRwOi8vY2RwMi5kaXNpZy5zay9yb290Y2FyMi9jcmwvcm9v
+dGNhcjIuY3JsMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRw
+Oi8vd3d3LmRpc2lnLnNrL2Nwcy8wHAYDVR0RBBUwE4ERc3ByYXZhY2FAZGlzaWcu
+c2swDQYJKoZIhvcNAQELBQADggIBAEoFQYsKbtRjEdbWeqZHhJF8cRcg66HUY0zD
+OksWZpGzTOL7K7PGaJVRrMxIiIiG3hFU/CYWQlVk3NjiUo1T3m02TgkWfcXsyEZ2
+MVXpImSl5fgsDfI/5/INCGh39YkN5Y91yE0bDrJUa/uTadpS3fd4vKzmhy5qRsl2
+QFt29QDu7p/NUi5rojns1fCqzPserZyvciAG/hYS8t4C3GIOK2rwn09nZK+du5Gq
+uSX89KaVKM6UySqT+jIXzyhTwnXbEabFGSMVlmW/fKlGGLhET6jYPUnGje/b0qPv
+GmuvYpNC7ztCHcnNdfGLpB4L6Puxtn5xcYTswh1D8raQvArDFoqPwOQr2XggqU+t
+0ktu6IKIfInhB4WjGgAMr3aGyoNqKSv9Qzbh8vkdIe7+lwIBievK/+04q+Fsi5JB
+zTAUumLQZhS9eXd+065GF/0O90D5fS0Y5Wc7naMQ7/o9T+9hIxC4BIm+2g0KtL43
+SPF+jdqrLjUfe7/mWyZIvEKqlk6X6CUjRx9fVc01uO5gUyLHMSoWAtIyGBtmDUVC
+7exu4q8BHUDMQdrZyhJOJ9TbN2Xi+z8BhpqosGPe7UTtRB3/UmMsbEgbfIIb5mMw
+nx6TtnF5r+FLiew8BeQcD7+7768rw0+LaddwiKlmGBjYvNy+e1cSlJl1ZBXtHzlj
+57JOD9u0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGAjCCA+qgAwIBAgIRCKI5W6cDr/2sAAAAAAAAAAQwDQYJKoZIhvcNAQELBQAw
+UjELMAkGA1UEBhMCU0sxEzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRp
+c2lnIGEucy4xGTAXBgNVBAMTEENBIERpc2lnIFJvb3QgUjIwHhcNMTQxMDAyMTIy
+NTE5WhcNMjkwOTI4MTIyNTE5WjBlMQswCQYDVQQGEwJTSzETMBEGA1UEBwwKQnJh
+dGlzbGF2YTETMBEGA1UECgwKRGlzaWcgYS5zLjEsMCoGA1UEAwwjQ0EgRGlzaWcg
+UjJJMyBDZXJ0aWZpY2F0aW9uIFNlcnZpY2UwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQC2c8BJaaP1Qhlr6ohEe73Ji8HuJwuHFNZUESykJhsbUeZF6fMB
+8V8Q/3YOo/fLpSt1NlYf2o4F8XhZ5bTDEwmk4d+uoskZBSEqf3O57fOuLXXu/DY2
+bTM9cGSDhlFdVHdvfoN7b7H/aGtmc/EgyChZdBAmYIPGN2WOSOlasKF2R+SKjH7E
+b9iX7MdXgXYUKc/peFoz+4Ba+Z/34w9ks1yqTMqsaUee6NATS4rjlGRrAVP06iat
+1fgd06ebmdZUbRQ6WdVGyN5muypx+nmpzqHcAnY3efR+1nmWW4mvgu8m7f6YPGek
+Svh6qHbMQcSOWlgxJAjJZWA02OYh7pPDCKLrAgMBAAGjggG+MIIBujCBgwYIKwYB
+BQUHAQEEdzB1MDcGCCsGAQUFBzABhitodHRwOi8vcm9vdGNhcjItb2NzcC5kaXNp
+Zy5zay9vY3NwL3Jvb3RjYXIyMDoGCCsGAQUFBzAChi5odHRwOi8vd3d3LmRpc2ln
+LnNrL3Jvb3RjYXIyL2NlcnQvcm9vdGNhcjIuZGVyMB0GA1UdDgQWBBSMURytxo/S
+7d4sVEDpSslyA8/otjAfBgNVHSMEGDAWgBS1mfivsJT14yDWCq3OTlakLm5C7TAS
+BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjB1BgNVHR8EbjBsMDSg
+MqAwhi5odHRwOi8vY2RwMS5kaXNpZy5zay9yb290Y2FyMi9jcmwvcm9vdGNhcjIu
+Y3JsMDSgMqAwhi5odHRwOi8vY2RwMi5kaXNpZy5zay9yb290Y2FyMi9jcmwvcm9v
+dGNhcjIuY3JsMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRw
+Oi8vd3d3LmRpc2lnLnNrL2Nwcy8wHAYDVR0RBBUwE4ERc3ByYXZhY2FAZGlzaWcu
+c2swDQYJKoZIhvcNAQELBQADggIBAIisFys6Vr64MtyHl4o70cS41eOEPdZa/6vo
+ZCn3K2zdMX9ccBw5be9DswNVbL5aTrZOfVYEyA24QTrauM10E2MhjHuceeqXU8Sm
+GFesgmzbqFGLXkysvru3g4tK+DomogKSiGYbl2dEJRQCenNJ1zrT2artrsCp9JjQ
+NdzY5FV0RltVqHxdOkL4J290m1qxMatKM3jLkMEzrWFgvNq46lifc5Jzw9eAIMvG
+v6NhH0lPlhOw+C+rnUK93F9V5wtVyfHv1BSYjE2ZU9zUdcdQDQWDf1b4cJ3r79AH
+27BUSsfJhaUuuGnYFWS5o05bbchMfGTw5fGyFsES8Jrl6YWm3jbLqd8WeC4QHu5e
+zg+10r/C+wxopZe7QBLh/m8t70wbQqSGn/afju1pGxfNEaME+jod7f597ghZPixm
+99FoRXWkKejz1XwxfkN6fC7lnpYzH37YHD20eLctBMYe9+7n0VehzfSVO29IfC1J
+fJll3g4Q79b1igb0s4R8Z8WC/qnO3zdWFR6pMw4aCvlo4M0aGUtculLqa2KCSRGc
++2kr3b4CAQKtDc1C2t4L8UZNRAp0WQmgluAvDxd1b0umHYqaLRgmumr1WlGtO+yR
+9SQkcFow0MU6vHVw4HmcyCn67NdBqPRUwGs9/u3U2OYYOL4XvBl9ly9ynp+5SIev
+93IJtVKu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHHjCCBQagAwIBAgIQTEYq9tv794BPhMF8/qlytjANBgkqhkiG9w0BAQsFADA3
+MRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9v
+dCBDQSB2MTAeFw0xNDEwMTYwODA5NTdaFw0zMjEwMTYwNTA0MDBaMEYxCzAJBgNV
+BAYTAkZJMRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEhMB8GA1UEAwwYVGVsaWFTb25l
+cmEgU2VydmVyIENBIHYyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+rwQN5rfRLbVAiYWLJF9SI4YLm8oqrtf8OjGybgoLyiMIo8nhY/atuGRFWCQNOnUK
+caZn29C360PlC5yYrsrSHuouROisqHSJcgA7HvV+37Rcry7daeDj6rfyx4yI5dmj
+LwHkK0j1NzhX1JxFDgPeLNuebgzv/j8OfRhYK/BttpystC4Zgm3gZheKDjYsDS5D
+gjffuOysP3vewrcuw0EIZFx+HawuwNBLq4tMf4VSitYDHJSLIM2TeXZGGY5slTbT
+yLnrU5mIzG9WKqxyy7qHuFw1JtlAXkCLmUEVaF9M+dRPiGIjlDrpBgbDD9mT2CSk
+V/XG1696/voY5xB8KNIC1cOSmSO7kdJyR5tWiDIJiwMXrTwG+kZiqlbcKDsZeJ9p
+5bZxXO0pEpde3wgEYRvFr5Cx4vcz4h5pom9coJOCW9tqXU43KcueTrt4Ks9f92q1
+ehjyEnCh0BCdrjUOXsUtFosm9qxJnDwVlThYhS9EHuCTNBgj1Yxj6A+8fwwJP9DN
+CbWQx5afT+h+9FNDNRC/nEcesP1Yh9s15Se270pQW0CejUNziYG7Dft7T+PVH/fU
+zaWU8g0tJjtuQgiCWVqw4WkUmYY2S0R89zAotcpz2mvNO8ma2iJbubHi3c0ULfHH
+nkWKsdpzZmK4N0Wi6/V5yWdmL5RFkFecL8r7+9OtCB0CAwEAAaOCAhUwggIRMIGK
+BggrBgEFBQcBAQR+MHwwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLnRydXN0LnRl
+bGlhc29uZXJhLmNvbTBLBggrBgEFBQcwAoY/aHR0cDovL3JlcG9zaXRvcnkudHJ1
+c3QudGVsaWFzb25lcmEuY29tL3RlbGlhc29uZXJhcm9vdGNhdjEuY2VyMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwVQYDVR0gBE4wTDBKBgwrBgEEAYIPAgMBAQIwOjA4Bggr
+BgEFBQcCARYsaHR0cHM6Ly9yZXBvc2l0b3J5LnRydXN0LnRlbGlhc29uZXJhLmNv
+bS9DUFMwDgYDVR0PAQH/BAQDAgEGMIHGBgNVHR8Egb4wgbswQKA+oDyGOmh0dHA6
+Ly9jcmwtMy50cnVzdC50ZWxpYXNvbmVyYS5jb20vdGVsaWFzb25lcmFyb290Y2F2
+MS5jcmwwd6B1oHOGcWxkYXA6Ly9jcmwtMS50cnVzdC50ZWxpYXNvbmVyYS5jb20v
+Y249VGVsaWFTb25lcmElMjBSb290JTIwQ0ElMjB2MSxvPVRlbGlhU29uZXJhP2Nl
+cnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q7YmluYXJ5MB0GA1UdDgQWBBQvSTwpT9cH
+JfnGjNVk9WY9EoMilTAfBgNVHSMEGDAWgBTwj1k4ALP1j5qWDNXr+nuqF+gTEjAN
+BgkqhkiG9w0BAQsFAAOCAgEAg9EVFW6ioZ2ctrX8KqvW9XPYZR01yNgqlO7pwBWf
+HzuBCbUdyVzumfQnU24Sce92oMtEfyuxIOmhvoXU7LpnYlH3Q29UGP5dL0D3edGz
+HeU6Tf8bkcOEHtnTrkd+y+rfFSDWYl9r1y993NAcrBHhroQCE53mlrO7TjXa3zDq
+6LGR8T8VgvGw0IBz6mzAks0wMYB0b4uREPmWXi+m+RqG3lnpl+eBzz6YVLkxIYMq
+QIXJIBsu4/ybmadsfdql6E8Lo3dKVD4UG10mtd+iPbJiBiW/a9VbEe3NVKIv4H2y
+HqYcxDXAeUI66E3K2cjCmKoQaa0Ywt02ikZFd0v1OWNPS7YWbEJWkVR1PcPMESK9
+6HKI4xhG2tJesmXjQ8q8aSx2u79Zts3ewjKqTmurf6FXW3u9TpSCUe6Drr/3X7Ve
+nBy4M0sLwCecD/L9gjTa+EItQTYzCkpxiMO49tQdX/BpwgWju4Kg3qkaBNTzvSlk
+gdnRJqCUkVuzwK4yBqUoyRz3prlhvvRGdZJKf6IXRDhncpey5pm0PQYQ4cArx7Go
+AaAKz0ZTHOKjnM2KIdUhBJQybL7oPklSfkeMWoUoYED6R4YMTt/JXX4ixEb5DgDJ
+0F+bNcF7qGrJTkTx0Ccy4BuuY05hJckd72E7WdmjN7DDeosghgWZNV/6D7N5tfxo
+nlU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHIDCCBQigAwIBAgIRAIY8dWQRlYVPtDE4oKDPiqMwDQYJKoZIhvcNAQELBQAw
+NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
+b3QgQ0EgdjEwHhcNMTQxMDE2MDgyMTIyWhcNMzIxMDE2MDUwNDAwWjBHMQswCQYD
+VQQGEwJGSTEUMBIGA1UECgwLVGVsaWFTb25lcmExIjAgBgNVBAMMGVRlbGlhU29u
+ZXJhIEdhdGV3YXkgQ0EgdjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQCO+fR8ddbObpVeG/1EgFacy3i/libBYpl3V1UK1yDv8Hhyz1NEODpxTi1nniuf
+qGQp0bkg0dh8BpyJpJx6xkq67Zuz19UcQTbiEWD/PcOLZBVNyL/aOYHk9E76fcdw
+UObXqlnBEZcgFwMnG2G1QUxiz1NQE0110d9VvV2ai4f5O1ECHXIuyCtcZUlj0agE
+bGEUZ4R25OfX9ZoCXvj/X55XZzYhkGdaN8Tj8pweBXwEck+GG3HNuCtQOS/nnDDy
+9POBjhMagAR1SjxCB4j9IB1uatofSa+g4jOeGd4KWxuGpVH7VL+Ngn/q6MrFaOyx
+dfYuYVfzaOkhFUJrickK1Ckt3D+x7OTAlio1TK3+WpZtLZz7G3wdVmjd2v3Ph3Fc
+JIh4R2l7caPcD3xswwUVGSyniuUPfmOwRfV15Qd5MXkd/CZ+2RjErptqbhRjy8PD
+xdNVuc2RhsdPCy8zXLdCvTk6s7OYXBoJmaR7yYy/6mLfARGeLWt7i8s4EIsVZSkE
+OqOuSF8eUOrygZEcV3INvWf1/h8g+0skySQzmfosXpe9BTWiXV19E7GFvuMQoHXB
+4sb2oSqt2nFHJDm9qJMNmmFKrJeZqnfaChdwSbe5AvT0y7kcesUwgyRcdf5LnW3J
+U9q7EXW0+FQcxnuAH5SqmZJ08MR8hkiaZ5pfcRHvN7IYFQIDAQABo4ICFTCCAhEw
+gYoGCCsGAQUFBwEBBH4wfDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AudHJ1c3Qu
+dGVsaWFzb25lcmEuY29tMEsGCCsGAQUFBzAChj9odHRwOi8vcmVwb3NpdG9yeS50
+cnVzdC50ZWxpYXNvbmVyYS5jb20vdGVsaWFzb25lcmFyb290Y2F2MS5jZXIwEgYD
+VR0TAQH/BAgwBgEB/wIBADBVBgNVHSAETjBMMEoGDCsGAQQBgg8CAwEBAjA6MDgG
+CCsGAQUFBwIBFixodHRwczovL3JlcG9zaXRvcnkudHJ1c3QudGVsaWFzb25lcmEu
+Y29tL0NQUzAOBgNVHQ8BAf8EBAMCAQYwgcYGA1UdHwSBvjCBuzBAoD6gPIY6aHR0
+cDovL2NybC0zLnRydXN0LnRlbGlhc29uZXJhLmNvbS90ZWxpYXNvbmVyYXJvb3Rj
+YXYxLmNybDB3oHWgc4ZxbGRhcDovL2NybC0xLnRydXN0LnRlbGlhc29uZXJhLmNv
+bS9jbj1UZWxpYVNvbmVyYSUyMFJvb3QlMjBDQSUyMHYxLG89VGVsaWFTb25lcmE/
+Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlzdDtiaW5hcnkwHQYDVR0OBBYEFIeq4xMS
+nxGLymjNHi3EKaj6EBrLMB8GA1UdIwQYMBaAFPCPWTgAs/WPmpYM1ev6e6oX6BMS
+MA0GCSqGSIb3DQEBCwUAA4ICAQBOoK2AoSnrz9zfD0WYiPIdv9PB1kLhcLQO1wia
+1BNvmaLtWKuPa47aXu7T5dkQzBBg1j55H0WkJ/LIMy1/TIfG1Hn0FWUoR82jiiLv
+L9bBBl2acNbR/4tjWc9g7vshbyyZFgSa0CFzMlyfgnE0ZllJGIjeY7i53WBMF5Gx
+XAgKsZCpTQ07K815v7ziwEN4NxY5pP8mxfbm/M3LRTh5tDcw9phsupPQzMllh8Tq
+3i8zh3BnficnplY5Es1p/X45wPMF0bZpo/7Y2JGZ9n7fmk2WqqhKrvKOB/cHO0rC
+AO1AfiBx7mb3wOKvA7BxtPFy3AHhj3g1V9P6BDBJEUwW+pjMMpvRl9aJwDe701X2
+5bkIOYA8yNcrNn7We5s3SBMy/LEgdhTFmwBlvEPBcdXfH+6Mfwu3q0EPRrsVehsO
+107XtO+kG+4xEuKtRCgHB8IT0rf54PgHm3kvuTHDR+4sCFqAa6TuJEJwdvuyWe3Z
+L3VpeiSxrLBxdchHk/bZXLMpDCh2cTCMnfOhnmbaLlYzw0QaLFC6zpbyUAA0H+q2
+lHDZBwqug1pgoulRfsV8pheBZpnm+/eyfAfsz3Chwms2f98r3t54yh66CwCPzjRH
+W4DM8tiliF7XFI8L3pFAc1xJZT5w0HG+E5JDPp9GiQeWna+Bzu/wFETztyVyFWjB
+5F4U/A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHIDCCBQigAwIBAgIRAP1B3X/Rnz7p+F2eQ3Ez1NswDQYJKoZIhvcNAQELBQAw
+NzEUMBIGA1UECgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJv
+b3QgQ0EgdjEwHhcNMTQxMDE2MDgzMTUzWhcNMzIxMDE2MDUwNDAwWjBHMQswCQYD
+VQQGEwJGSTEUMBIGA1UECgwLVGVsaWFTb25lcmExIjAgBgNVBAMMGVRlbGlhU29u
+ZXJhIENsYXNzIDEgQ0EgdjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQC3rPcJedHv9uiDCJCKtQL6QPRS6Cqxi9N8vM5WIHNxL5jf8JkdIiPrEg6VS0OQ
+ThGzbfc3TaiX4MC8FU+Bi3MHLnYIZ6xqAQP76QdXLAdCDF2gopIUyhhTmYWdjW61
+8dpX5wv2X/LYkHz9qArjw7rXTOXHWg4OWCefyfCYP/ATlFGe4fFR8PRHgiDZ/utt
+7GRUAcIIuALB35k0RkOkkht786rxix/7fAJyB49ISmUgXCvfH+YmPtjzc3VjXoZc
+AgjEld7W+hLlBGVOQMN0PhDjkyCPEzvNcZFAupWs+64WwBm3cQdmzgwXGBKXSXep
+J76/ydGfPA85n4aT7d2eACSxNM3c5lSdntFq8QiZJxlPfsZhdgshANFIsEaKdil/
+v7yQlVes3iBuabYwNzXgusYOpCFpkf02ixecB2x2qNpcAneSDtIJ7f89+Ilx3N03
+IOcu5xZuGd37kmMNhEKlZiQ/uDl92IGq62RLQJc9+cEIYPCMObiDxuhY/4CGgXdS
+VawzJTtotQacIrnQCG5iezpH0VcZ+Up3EBSQvdLewxomHganQYXAkW+82v1xDnr7
+u2MQTEegWTNOcT3jGYXKaJvs9rOq5fKmN/Ag861HUg8B8xCVLutY6ZpYWN92iJ0H
+HFRM9kDY2qLbwLFnDzO73oi2bjNYhXjZ1TScMQTMXt4+LwIDAQABo4ICFTCCAhEw
+gYoGCCsGAQUFBwEBBH4wfDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AudHJ1c3Qu
+dGVsaWFzb25lcmEuY29tMEsGCCsGAQUFBzAChj9odHRwOi8vcmVwb3NpdG9yeS50
+cnVzdC50ZWxpYXNvbmVyYS5jb20vdGVsaWFzb25lcmFyb290Y2F2MS5jZXIwEgYD
+VR0TAQH/BAgwBgEB/wIBADBVBgNVHSAETjBMMEoGDCsGAQQBgg8CAwEBAjA6MDgG
+CCsGAQUFBwIBFixodHRwczovL3JlcG9zaXRvcnkudHJ1c3QudGVsaWFzb25lcmEu
+Y29tL0NQUzAOBgNVHQ8BAf8EBAMCAQYwgcYGA1UdHwSBvjCBuzBAoD6gPIY6aHR0
+cDovL2NybC0zLnRydXN0LnRlbGlhc29uZXJhLmNvbS90ZWxpYXNvbmVyYXJvb3Rj
+YXYxLmNybDB3oHWgc4ZxbGRhcDovL2NybC0xLnRydXN0LnRlbGlhc29uZXJhLmNv
+bS9jbj1UZWxpYVNvbmVyYSUyMFJvb3QlMjBDQSUyMHYxLG89VGVsaWFTb25lcmE/
+Y2VydGlmaWNhdGVyZXZvY2F0aW9ubGlzdDtiaW5hcnkwHQYDVR0OBBYEFNFHIo/L
+qF0a/iZBRm7LgktlfYrkMB8GA1UdIwQYMBaAFPCPWTgAs/WPmpYM1ev6e6oX6BMS
+MA0GCSqGSIb3DQEBCwUAA4ICAQAsYb1oYOoqo04vMV0zHx07oqInbWo6c2fuIXWt
+ONnwOUPPTkLK+JHdcLPQrSntdrZwyYhVWNR11PDc7Egq1ho4shR5HLGh6Bxz4Arw
+ZHJRs9G2pzCkKv0ARtavsh/D6YFFSqCZ06aAb/ZsRSEbDHang5b5+EVZ46PW4FZj
+QBx6MmKqGt7on3j1Oay/RA717/GDCWMrsjslezLc67j/9QiauOqgnATU8FKNJC3F
+No0sGrcjTAsKsd1qt+duwAo0bHKqur35K685Ucz8ICzEJnsGNiZecuKeKYbYz4PZ
+u32rsqeRi/TqfwgJL8ctnVpGzuF9xaOSdhwCYVIqyjksX0gzgDNzSAVEiJS9Cmp0
+4W1dCeSdToot8+3xVIDkjgWO+SBoITNZoQN+NrwXSL+xMIXUxiVuugwbc4geQeC5
+Z5/YWSw63fsQd2sp+jTHBWStnN4L7GYwdbErPakxDazqxZngUz0gqToTAwV+K3DQ
+62v7wY//jCISIbiRG0BiIabGbJjkzd2dOagmfEAH7r+XL0FQ1wJMm/vT7As2iAMG
+6/64jm0Eh4Bxg/L97QCodXxH87HEFrquhznnMMypYiMK1xhiS1OshfKdImta1lB8
+Fsusu0T/osFbm7PRGlR1hncxTo6Z6XoA2x72NGDV4we+1V56gsuuac3XuycJgV3s
+Ulduxg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHHzCCBQegAwIBAgIQY3wL14WlvynaYC18TXpwsTANBgkqhkiG9w0BAQsFADA3
+MRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9v
+dCBDQSB2MTAeFw0xNDEwMTYwODM5MzBaFw0zMjEwMTYwNTA0MDBaMEcxCzAJBgNV
+BAYTAlNFMRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEiMCAGA1UEAwwZVGVsaWFTb25l
+cmEgQ2xhc3MgMiBDQSB2MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+ALQ+lbapxYadK2p9rkOOtSLv0rPZLJJSUnWSIRDU938tZuewTAVg+o4nAB/pm0QO
+1D/1nVWRU1DoyQP76R6qTvrjzHRgA2AzKImxatt3RMo45u2Vd0mlvmp6wnmc4B1V
+4vfPqWCuRnH5+xR9NX6UtEZGHb5FbNlOM8C8qi1jecDBcIe3Ajm/cUq5HXRon34I
+Q6RrTYpJTMaNwZnAyTaKjQPEsQt/WA9G+oT3GafiKhcuqmW6jNvgWj17DJ259MtB
+zf8jre49CHwGUs88gbNZviIEOrbNtaVvHQqUf9SVRnt+POno3pwCpnY2cNoI6ech
+F9Rh41cUbz9qIF4U6kR4SlyWvlBTCv0csovVCLJC1z/BbxpxAWgq4aLybKIByHuT
+tLSuZTmBPTmN745PNaE5rDuCYN2d1hjWaOQ+TOlD6HHJ+fBSwCK1Sr2PSKYU4vEp
+YsfhA1vK4Mgy8PJ7PMlbMzLdc8EuItIf0IEtVAdGhD5ZbzEPiuea9C2gZkzvaiDa
+I1/j8kIcvUAliFC1pGNiCbeuG8A/QeFJUAFnlocznbKUkcLcnBTK4WbxL0DZ99j2
+tRN98wtaYMKdfRAA/1sqvr4AKiCbgMFSPd+1ih0jZMPoXz5WNIW4LMYM+4KMr59D
+ZzfCrOLAWX42CgYj1WBzrHn7ShwqSJAAhgVpDdLIaYjpAgMBAAGjggIVMIICETCB
+igYIKwYBBQUHAQEEfjB8MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC50cnVzdC50
+ZWxpYXNvbmVyYS5jb20wSwYIKwYBBQUHMAKGP2h0dHA6Ly9yZXBvc2l0b3J5LnRy
+dXN0LnRlbGlhc29uZXJhLmNvbS90ZWxpYXNvbmVyYXJvb3RjYXYxLmNlcjASBgNV
+HRMBAf8ECDAGAQH/AgEAMFUGA1UdIAROMEwwSgYMKwYBBAGCDwIDAQECMDowOAYI
+KwYBBQUHAgEWLGh0dHBzOi8vcmVwb3NpdG9yeS50cnVzdC50ZWxpYXNvbmVyYS5j
+b20vQ1BTMA4GA1UdDwEB/wQEAwIBBjCBxgYDVR0fBIG+MIG7MECgPqA8hjpodHRw
+Oi8vY3JsLTMudHJ1c3QudGVsaWFzb25lcmEuY29tL3RlbGlhc29uZXJhcm9vdGNh
+djEuY3JsMHegdaBzhnFsZGFwOi8vY3JsLTEudHJ1c3QudGVsaWFzb25lcmEuY29t
+L2NuPVRlbGlhU29uZXJhJTIwUm9vdCUyMENBJTIwdjEsbz1UZWxpYVNvbmVyYT9j
+ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0O2JpbmFyeTAdBgNVHQ4EFgQUnhn/5Q06
+/gCXFT9p8dxaPKoMlIMwHwYDVR0jBBgwFoAU8I9ZOACz9Y+algzV6/p7qhfoExIw
+DQYJKoZIhvcNAQELBQADggIBAHnC5kU1dHmSj1y7s9ykjIfzFqgZ+mKY/YZODupW
+4v3YP+J0iWOmoyb3dYL2aAv9TLoMTGgXzFIu6stqJqOhT5UbplaDQXs/UBcBE23R
+GlYjlKmHEFBgzbvnVLy8L/baTxWL6qlBUhESpA9VcIgQftTp4Jj2ARXN2r2XXI+g
+jyfQPZrxXoYK/RFWSYilrXqs1gO1PDiPcdrnr9RrfcLep5mHV0h+RpTaHgIYd3YS
+be/kssywSHx2pR4b3IhwJT7xFSANqE3FYx4wbHOuHCTxYFXrF6hCnbSntxIdtJvI
+clRELWf6dWuB2HyFvDpY6AWE0Dm0I8NnShIX64d+P5uKhkTcCVh1wSockD0D2w7n
+wXj9CD/Kn2hi5PRmkpviGbN6oNe+TkpEU18eWFO3fmL6qZqz3AHXUxdth3lbCoSF
+kfodY7kftcok/uiXGYQLRbc4qWkpp+rWI+wE3nJxF9StcWyzQDHq+kKrRcDcth4+
+lDjiE5T6quRHUzRrsSjf77dOk/hxX4VmI7hplhnfJl+1JEfBakaIMF1Y51MpHYYm
+LtnP87FpyubCYzVn5ZyKCV1sbx/cgyc4srhfS5eOFV4AeuG621C4zyL7hM1eCxlu
+Z8Qo0NAhA87+VtpywYdYUH9TbLpJdUSRmzbEhyJEDSJk1O/uZsgvxJmZ/nCluMMJ
+geIK
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHHTCCBQWgAwIBAgIQUuug2LdLRuuFV81toqPd3TANBgkqhkiG9w0BAQsFADA3
+MRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9v
+dCBDQSB2MTAeFw0xNDEwMTYwODQ3NDNaFw0zMjEwMTYwNTA0MDBaMEUxCzAJBgNV
+BAYTAlNFMRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEgMB4GA1UEAwwXVGVsaWFTb25l
+cmEgRW1haWwgQ0EgdjQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDk
+FAH1Ng3v+uTKEL33mmY5wcUS9OolNT6w/dwvv99E2nin3ZNXhIZ5Eo+CzSMP3cmc
+/59MMeUtvIPPbhfRdZQ9en/NG2KB69qzADGE9eSGOnatmKQpZFmqnUeLFYEB/q/c
+Ukcti1d7/ZpjF05h4wRuxAUtwCEq1E6KZzRrof+K1KmjcGYBBdjRzEkDdKTdGlCd
+whyNteCcZfi7lxfvT0wo28sTjZq7yWz+FRHPf46xoHbRlhIm6lf1gUHPBCT10V7r
+6m90+KkBMqSBUXXmSVSm0Xhv7X2Z63U/XvKABpxnLy7EdHnQeQi2Sw6kyTVKRcO0
+Bbs2vdXJnP3eqRwVwOfRZxup+wmY2GrlGxMKn00R+bjXS0nV8jE+td6WkfVrEROo
+TZ1tPcApWkm9blj+CIvQYht1G8hzhJSOjO33RW1b8HNpsv+X0ZnKxjj/jLS9LYps
+AsIOssD9RR3bUczDZ/miSB3PJxKGkBxbG2r3so9NWEdkmHHv4UWD2M7irKU/guLP
+tJOL0q8Wq0orSmXwHzn26rizTSwo8cv9I7ZZ98EuaFREzyHBhk3Dy7QhAPOCxRQQ
+z2D7X1yZ2WhXcVlTeW6g9lgVE8IvjbjSjhWMgTl/AFeddpZFB8SOT3TGxoQvGUV3
+WbP0zpE7f6prp4aVAtHZS47jlQleeSSzXwrD6KRT5QIDAQABo4ICFTCCAhEwgYoG
+CCsGAQUFBwEBBH4wfDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AudHJ1c3QudGVs
+aWFzb25lcmEuY29tMEsGCCsGAQUFBzAChj9odHRwOi8vcmVwb3NpdG9yeS50cnVz
+dC50ZWxpYXNvbmVyYS5jb20vdGVsaWFzb25lcmFyb290Y2F2MS5jZXIwEgYDVR0T
+AQH/BAgwBgEB/wIBADBVBgNVHSAETjBMMEoGDCsGAQQBgg8CAwEBAjA6MDgGCCsG
+AQUFBwIBFixodHRwczovL3JlcG9zaXRvcnkudHJ1c3QudGVsaWFzb25lcmEuY29t
+L0NQUzAOBgNVHQ8BAf8EBAMCAQYwgcYGA1UdHwSBvjCBuzBAoD6gPIY6aHR0cDov
+L2NybC0zLnRydXN0LnRlbGlhc29uZXJhLmNvbS90ZWxpYXNvbmVyYXJvb3RjYXYx
+LmNybDB3oHWgc4ZxbGRhcDovL2NybC0xLnRydXN0LnRlbGlhc29uZXJhLmNvbS9j
+bj1UZWxpYVNvbmVyYSUyMFJvb3QlMjBDQSUyMHYxLG89VGVsaWFTb25lcmE/Y2Vy
+dGlmaWNhdGVyZXZvY2F0aW9ubGlzdDtiaW5hcnkwHQYDVR0OBBYEFImGKoLRePrw
+pilUNYeVb9N3YBnwMB8GA1UdIwQYMBaAFPCPWTgAs/WPmpYM1ev6e6oX6BMSMA0G
+CSqGSIb3DQEBCwUAA4ICAQC+9cmGCHeuehFZiaYrJnqVBecr7t3oxbHASYfnCVgv
+aRKJVfPdImtofjdg5gFapHNTCj8oV5whc5zgd4PQsHYKyk4xMi0q3enZerKjFfD2
+4IQMhrk595q/f1ShTuVocjvG6lh252idPD0AL2B/8ohGd1WP6cXlDsLtw/yKDY1A
+uDKaq94TAb7UD/7zEKLO9cj9DMUIlQ3e3aV542KAJ/6eTvp2HemMVhA+ftOmWENC
+7GnHHE9wpXicfE5sHUhF1qFOaiYXOkOiGjkBQqFDFwXnLMQn+JTnZ+pG+DTwe9OZ
+48AK9Esik8gTgIpowYZPaI0ajh9PMCZlxy4zDT4jJHP1yYOAoSo88oKCwJPPg6WM
+MaY/HmAA6T+1oLmFzShz1WdHA7gNIneEomWp1nvjJDNpKMZrUV1RoxJb66grrQUZ
+IldixBtuY+wENdmvd1f2XcvoFoHE2DA5JKMvclu+9OZl20qC5exPrTODC5iAbmmR
+rqqN1Gsw3D2NVMvcHxyVt9QNkip1uKb2qT34TbJkVeWC3clmFZSMUvwHcT4+I3ac
+n0jhzMbF6lLPD3gsZGkT7jujVP7BT46LUso7oXrxmdomgbxLktSuGEIUsNlkx67P
+N1TrA7iXbTMmEQAgYnOJT5omfuBFAjl8fvlKZmrH2makms8OLPBCCF2HLiOa9CLb
+Eg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQLNHFB/2gwfM5sg3NNT8PaDANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MDEwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDWilKXKoYcdxyUB3tP8Vibt0PKQdvkrb3iYvvS8RNovOtU
+cc7NaBuXo112h5rEr1wb/Zn0idWHkvlhbXaq6akMwM5YV8zkXfjmEOWLUte/Yb5Q
+9xpiUV2CTEYoRp/xh1OCOVkMFFm6eYNqEjKyD0ud1qnsFRRcGlMqysEkPMsZTMvL
+VCb6bxQmNVkv+w1ihj5EAZDP806se96hu/jpAAYdLC0bwzn9AuTQkBW/usPB58Zw
+ugZhFILqeFJtXbtkNLsgq+GXHaO+dycDNGS5OoEcgwLs7weSEXopJ38KduOas4/9
+yY87ZopCGbS//h+wdwVrqpyzlq/jdzto8DEWzsUtQkNKhXhPmTtOJETI2CE9tv0K
+eQNaRtZ1eP32ylwMa695AxNNeo53T1T5wLmV1QqsuxJis7UYcTdQmic+anXsxpMl
+O1eJiXgo92hbmtwMsVBpnMfbwqUfYRTDZM6zxSZxQjtXhDaQgFUQWwSRlyPeJuQS
+kMJ5CjscTAiSBsSUlDHHBPB+GxqX/nqTqVXyXejzUrKcfQAEXoLAcJFzKGcoJ2ch
+xq5bg5l/mhQseLfJY5NunwOdq0lrlCgTdYYMHceFgdegtqTEG3l77jm/EgswVprA
+AXxzd63JQW+mRsdtnML4cpftrrAmmrT86rengKfv/9BWZnU4Meyj2WlNytkh0QID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBTmMuxJ6k3Gfi0Kg5E4Wt91ZSWU
+tzA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAFvF1VPFb4HfQn8cZSan
+Ivr+5cNHkL6Eq/+wWoQBJUp3YpOxHhef+cDBeiW9ExBNp/bvoB9bJhuzHME6txR8
+uY0zJwcqSsnZPYzgENS9xGkDY6Zwgj+lkiha4U8D6qPHvS9XfGnVCZi28lJR8IB7
+R77zCLjumtxrv2XfNbHF6z8FghlwfByv2zY09Dii9++XvBqJijsyehmBBbFXvZMj
+EGDJBwrw72lnfA5nHwM4mrVhzdcoOnQiz+9ZZAcML6EEVLT541737wGCTHj18HvP
+BHd+HWR1szYIEkRazVk9agr0KImA8UaYvJnED4kWa1+L+tmFdm6gPa3EAUinh2aP
+AgxTzCO0QUyvDX5+GVyW2fT98yOreNgSg7eqR5PpJEjRQdve8LrZZlIqVj0Nal0v
+qcXQfqVIdyF4w83F5Mb7xQgZ7mI8EiuQPp3vKk+UAp3b4c5EFy57dzsLMzgfzaki
+yyLujset0Sygwuwk8XHAekuVTcVFsKR3+Q0uS80/FOtRRy8vQg0+kjFQwVO3RoeS
+mC6E5W/f3JDJMcn/9U9uiSCQXVzjoGdO4nAv+5wxh6KoCtysAM/FqdAjzNSNkVBb
+HOoTyarcSK4HbQCrLDni/zCZz5bAhyGvUk5CRBwPeTnW/+/puWnJiq1sdZHXegIe
+2I8H0rGWcyFDKFQnn8HtOXQk
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQPGKA+pGaksbCjBqfsWtM+zANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MDQwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQC4rhek4Y4p7Wei29+exomReAEaWdipWw1YnJWyYSepPMuG
+0aTjkUqhwFfhin72o/6XPLkWoTk2ikQJRlitJ1J4Tm2QPXGc7sromAR++u+V7j4t
+cIKnQMncXLsiV6LrNBWF6ieuzcQxJUKCNXAiiy2vDLfVGDcaMx1cjn6Ql28SJ/Ca
+gD8EKPAvtMMGhPBoKtkvUrM6Yc3D1FzxnMtP+dmGLdUYMpEjiQB9UNeLrzcvGGdZ
+SZmkKRrj4U8X5af/SV7N5OqiOAOfLFxacY0uy0VzjqylPqc2YCQpmf25q0CRvE+s
+7Qh5LCBBfnsB+/2IaPHXB51BlR3zE9vdqZScOHbLvhr7fiAyQpNQBr/44Y9wb9/c
+iEdDm9Xq92wMWFDpBm6s+WH2otsNaVAvbWxHvzyRo2HEgq7ZxguxHOcgfXkqT/Hk
+jJJme95GS1idIDrlh2cdTrp3eMMgf6JeH5t1yuaQvA4WmkN+vOdW3x5B0Klo/sBP
+QMRDajH6EzPyjUn2Obvg7KBCQGQE69Hyxp9BMz7PA1vbeWMPU5LCFHtjQG5Xoifs
+rvHkQLqgZRxaw4Di/0Xzxje1DfACLh/d8WFhb/mtdk8Gs7c6Kzr26qwGn8KFuBm4
+xZUu35FOzu0ogVdRNf/xbX2KLMTwb973SnOPATAY/bI40NRllGhLtmWAmgBLgwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBSyGpKAG6aTvunnvljgwa/ZMN9O
+uTA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAGhQ11orB7DVzN8D7wzO
+9njDvqsjV9262QG2IzvbCaWrdPkeF3nHqhgYTC2HkJg/inxcHfWKJEYTQ+gjgwJ3
+u/5OTBYg/EeKElzUgQ9S03tu+uVOzrgaEoorlhaoCVLoVrmLGBTbi2eE5AEb4BHl
+dRAetX73ZGiMjx2SQnBZRdBxRFB3NDSMk4I3MBBOc4iRPEwBxD+8XsB5Z5KT34w9
+ed+d+7q2Lq79zr9vCE1CNQVtL4VZlh07M4rBstvCcwDKJa2VxiGwAIUy32zKOZKo
+m37zdQzUwAxfbubjabAQNdTfQA291jHXvPrclZvD3X4YwU0ovLwJM8fHqJTS5k79
+SbsbLmWMRc41ixfWLZT91XIjj5Q+TrQ140OY8/x5RlEW2g8cUUR7PgmoN1Ht4UGR
+/YKObG1i3sS3C0cp2LAq+ovp8mvu4EjeaUCoc4vJcg73dW7N8tEMnEG6eXiU1hT8
+Wj9+z2lPULS0nzi9WgenDf3aI/tS4iU76vvEklPTMoYJ2kK/mgrgbCFsIligC/5A
++Xyw71zqmexKOjvdgyDUA7ELKLVAbWLf4Uwx4Zm2nDh4nlXGfwMDh3ElKz0PA+G3
+D7WsSPe06iMX1OyuX6sMP29BMg/RJhRwlCZMzNGtsgIBe1QaYtdEbyYGDvW3a2Li
+4W79B6fLZPq2W3Y1Hzi5aOnK
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQfF3RC6q+IYZzE5qHlej3AjANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MDkwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCyBxsscg7W11cIw5Noa1zMuWWxlOOabPsHFAS7PB58Yhgy
+ibRE3nuTIwaX7WO49ihi6TjnNOybJs2/AV1qFHsJoNRhzaB3W/P+4Tk9xmlqQAwc
+atltbvyXHq90vJilW4N0n7HDntc4vATM0wDBlT5xEYIuTT3T/jUEG1L82IOtB5cv
+BMQXcAVWqojZ7ItcBVQH1noZqKHTvByHotcQBgufJn3I/zYU4V1M6lhQzdGe5sTc
+pVIVo0Kl1EEJVem8EidED0zikFont6hcTnGrryAtVWGxgm6umbY6ex/++ZKGlPK+
+1G+UePz4FZF8OwZYn4jM9bcho6/+Hq2YPEUrkPkJuqURFDNqMiJESIJ7gj4OgWaX
+0NPCsW4WTsxBmPKxOwpLkwa4ZgGFOQZk5Vvs1kf2ZJhoFGwV2yyN+HS+DfrvHZEY
+jtOYw0J4rUVyVQe+iPHW/8+d4I60XINPyby2J/KZeGOCOfFBS8eijTgTXudejc8J
+6pZHg/qe/Oa4b0fnklCm1Rut16D6BLDMeGON0XH+Tpd3W3UT4VHL3wuI+0kK1RFU
+jFxbctvFefrk/Em5GTLB6uwTcKfMUhpx+bLmqPzmVhZf5MdGyzI/rMhgYFqJ6Kki
+wotLF09x5eKUoql7Y0sEbOVQ9WuhNVfMrWycuInQPQ6Or+zksE2m4eziftJcXwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBT9X0sVjn/8a4VEJFV4wGGbgll1
+kDA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAF2Vfnqtam6PVvI/jT7z
+pI3iDGYDFp9tqP+GSJoB4fCxt6bCTNDRiVDO5YpaPNMstfPJCF7F3U+3wYPLWX4g
+SJl/YaCMqPlol0hqJ3+s492L8KIv+7dDqcj8L3LJQoECgVTetrz8v4beN9vS2tG6
+6l58Dho32amtavFRpi/UFADa3NEoMX1CKwbFGp2kMTARqx1xCK3CXKJ1T7PkQM2n
+VyrGzfPwAMw7huvyfRGDMBYeyJh7K056Z7OSRmLLpnjb4xrh+QuiaM4aRZAUZsnI
+WvOvDu/NSY4ggmK2y3PIvF1uOUicSRjcNqwf2yT81lsvjrSNeVEzxTtVq0bZTMcS
+rjmYAYHJ+4ffXzELu5X04d0XojCywnc14zdIjLRJDRiZZ/M10qm3MpelYrItokiu
+Hk7p4Lq0Q8+Zup7UxSMZy6+c+IO19nInPdLyoahh7UZ/gC10xKbULHA3wkJdcT/8
+AmTuDGEDl2RbE09svvo9lZjzPu4dgY+sN2Kok4SsDX0sBvKhikWS0/WDOmHkRkKG
+Dm869qVTh2pqCKj/ZNRjvdERDqSd74HraHsGDIbXFLDEDBHCtVRSGHf5C5AZK9Wm
+LTD7wwzJ1nFmRp9HphkNhxAdJvFc6vyz4yLqDF6r8aPR9Ho3DfvaZXZMEV7xYcLB
+4I0MJfdDbibWkqmWmbY259/N
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCA8igAwIBAgIQSl6PVisF3L8+zkCSF3xKXDANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDUxCzAJBgNVBAYTAkJFMRUwEwYDVQQD
+EwxGb3JlaWduZXIgQ0ExDzANBgNVBAUTBjIwMTUwMTCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAK4514Boq2hpmGaQJ/fdcuDcn50b5x3WZX0W54OtoISZ
+crnefeeFwKz/3JNMXO5wPUaFAPbnGjNBRh37BpPlzJRU0pFlDT4DzksntjDNUlD+
+xg6dZRPLJLHjxGCgT67P2Exivd/0HNNKBCDl3dSPAETekrMRmRoiiYF4FNhnmrZ8
+Hn1DlbrXnU+S2vlJfmvkkvpZdizddkviY5HNrgaLgUpGwXEcTDMQcptlQSKHUeDT
+YCGuNAhP+gCzAoJlcrOnE/kV3jygAtwJEPIeUNNkV+TYKtxo+W3V52dFOotEUEIE
+PZ1i5B653w4gy/9ou1RIFBFFbc6sffT+JnL6gAxEnzDeWxfWZsJ+AcM5E6xNnews
+bD6ZWbJNQyiLhpUJjVrxyjv4nFXINCwMj0FsZPd430LsXS7baYwZ/kT5ADLU3x54
+YIj9PXsRP1HMA7idsp9k7WLN4uczzBFU8+Heu2IAwASE1RT0NOXF6T7TPWLNkKtn
+Tfo7Zs0YMgKJYLs5mrMXyP5SJ5M/gmpoOtZGPpat5UU4kaPsq8iwWcW7y8nLI2V4
+mhNIrJ9VYHbcm6TQ6ACqB+l5Goewo+2/CF4asiZLtJSUlq1sT+vFwrOw9ye5OyZR
+Wyrsl68zAv2LgwYJ8WI39XBNszV9r52VgC5vHWjPy4tmIM/TVIXwtV+P1hZnNxQx
+AgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+QwYDVR0gBDwwOjA4BgZgOAoBAQcwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9z
+aXRvcnkuZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFAK/hk0KWAn3qTZBL/hdCfyO
+fif1MDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUv
+YmVsZ2l1bTMuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBS4vGwA
+j1sZhZ0lAZzwGdxAjtA4KzANBgkqhkiG9w0BAQUFAAOCAgEAV645zZWXOK/fpnV7
+oC0SnnAZajIMjc1pu7K9ycg8MgipLP7oi8qMuOICAoE60VZ35IxUa0PM1BbZmPDG
+gRS53YhDQRrGgfo4Zwt7FghNnnHzfYHdol/FPsyzBtkpXfwZsUI7FGqv5XXFPQ1j
+QTA8p8gsdTHcA2Sr79Zugvw8V4YK0kWuNcSYADyzDK5vMtrFCwhFX0qG/kjWw/B9
+jbcirQvxah3ev/6Kqc6HKYjBTY/LklY+CvkaoLp/2gMAJE6Pcl58iKcq/uD+02Dm
+ZbfLV/yCjONpaollcnqeY6g/RLHtsVnAY2GtItGC+P70zf1d4UaJYl77D778D8+D
+Sc5kiij7afV4RUkTV/me8wgSJ5fLBJKzt3SUgvCwFp1cph+sJvyj7QLfW8acpgdn
+mJIrFN75Xn8T4dR7sGzJn7a2N49rEkiOkOVtfDe3zrcU89S13hgqmCoGRAzutHMa
+HjJqDYARREP6YVtOfPOXdMUXWBC0x1/LXAnhOAFdo+eQxEWbIUyedllnbUu2yqwZ
+AKA0aIh5xYxmpMeWOHceqpxi7MAFAmv50/TkI/1cur/QuBQ0j971dM2Zn35xdkEI
+qPeCyhsVcqrvsvCEHANzc2T5r/5aTVKt9f7aZgLH/03wf+ANJ+wpVD5Mjnv7DbXJ
+D1VkF/cI6eq4Qvhs50P02nz+tew=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQT8AIHISto9VjXMe6kre86zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MjAwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDW2i6TT2G3DN9scQCmgEllN4c5X3jLMLILNLsrfXTl5Oyl
+GB7aMxeQ+A7mQayZXqSDYPAdbeMabzjojxp0HKbis6l6RPf8M/37h/UcwNkAlzXR
+FYgxR/ig6G/DKJz8HVYRx7p8+uV0FpggUCvgG1mzr1Atx5gj1t/2u+QGuPivGJVG
+qbbxOn/CKOKdGJblMJHEnVnbFz4QGOk+RJqn0jRvKE0hM6L1m+36OJH541F/7XjE
+nh7fddTEaf7nwPwSJ5xtWH3LEfdTA9VfMSc6zKZ9Mnb9OAdUt6S9BI/HJFXkKTLd
+Q6eboj5kB1XDN0THCgiSij0TtFwjin+Ego8AEwPcbzWCga7R/ybzcHBxg1iflZVH
+Zndyb/FncDXO9/66DXXJDRpO5LSOG4RTDPbQHvrjy3Qs0NIdhIhzaooVq+dn82Nb
+XVmqs2NuH472JBthxaKpy2ySF45HjhLvGbxt1JFqE8uNMKkyRAfbzxYYeavCNv9h
+KhNfvTkawyr6ZRu6CxZ3JxZa0gelIuZ/jfYcK7GMXdSY30SUSOZ9wvbsxPk94cKT
+0mxM8aqOhn/MWh6hTSkf5ats14qVmkuXRVzFRMGvCIx4P+9frnGsj8oRBwwv/j29
+BzsMmnKAmEjWwwX2CCWx4b9DhXj4UCh48j3IT49JLTF1diHALfONW+whWGCj1QID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBTHxuTDkE1uTtYKwM6tZ1Ni++id
+kTA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW00LmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUZ+jxTk+z
+tfMHbwicDIPZetlb50kwDQYJKoZIhvcNAQELBQADggIBAJXP/dImyGFovB1NKP4s
+BHQ8DiPANpsQ69seCqX2tmjV9fEUsNGMnQuP05gPJ+8UZJqV/21vbXoTYJ72qYOW
+SW+d5t5fF/R67hr98yNhaFOUaxX9S6IZxriihVSO1XZmZQ8OLiwlAZaYD2z8qB2P
+QZzN6ZUz+BGKA6aLC3WtGEqK6WA7HF2+N6MmkJ3m9sJAQxkUec3MAxOaBz+0MWV9
+sbm9Hc75QBlvb7yml6m3h97SSpOcNKHtXaOUfT7Gt/AZ3VRvjUImG/YDUuxD3p4V
+EAjj1UCGuqTxkF23ldacaAxUPrAngIgaTZMcWooYEY1BAm7Sy1MaEYMat4P9S332
+54nA3tNyCkN+IJffpE9ZDR/5tOXamVsvc0wRKpbgTq6ieK2ViBjvhclCxuRnWgWx
+6lwvT2X7d3dbOVrxkgWfKIb4yxv8xKkjbO4TUQGQnQGQNFovrIlwxZuOqR7HuTOl
+rOUBQfIRBWS9ZvFtPy3n9jQ2qETe1HH71b0PQIdj/KmnJ5fgeZDpRJjJOT51SfHf
+GndmhqYv5A8rdc6zMrHibNyRl8KMZMRDYJwgZV6TcbkPwTjoSwxIEYQ4P3JkbQFV
+6EU7ugwCbSvUAoH+uKqCjWQW7iJzu0qALKCeldRVqbAjlkXWASqIPYqU2NquCMtu
+x9x0DDXNmULgmWoGCUhACZOe
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQcEazjitCUmQZjhyQxV79zzANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MDgwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCwHfAbDp32j+JxPznA9bvnJr5/JNvx/zG+fMec8umrN3TW
+o2SXcaEQraly/2TJoXNrhG8IOVARYL5dPVdTzUTbGpr7H5tbv/XsiR8ijIF1ihpv
+nH4Z++MsZr5vzxLfvJM+NNZN2y2c8UHhKdMCHebgCYLUy4xFgAhALlI9SK0dU2vQ
+9kfbHng9ELRViwM6RxS6Q3dgZVCBws3iGLQ2jApDornB4mER0ZNnJs1sYB5O4REq
+gBSlQade+LmJqX6UD4vJ5me8WESxAEyGL9R0IAiRb63vgEY51/TDZhk6hEkzw2Hm
+y0QYLvX0fZykpjz7w5VkMHY2321SYZUh+C7srvZ9CW5owNoLUewBnT7xz3990bpp
+ILVu2M+Dg5mRqvYz+5Rwj4dE9Lc3w+2eFeVZ2BjZJKfBxapvQtftj1ypPgONk+bE
+piz0caGv8QMRYP4H/AzFPq5OFBxhjwLBimcikfRWxMX3dIQLnbnCD8m6yvyz46yq
+9owU2bPkojuGTHmxFC+KnDNspglA0P4LvtG57mCjxUi2qi8g9zspTp8SPE8m9Fp3
+ZE+wrCWv5gTz4VVA1DRvdbHOMAwip7BcsfHvN4No69m5LChT4G8SByTZ1/mjaJJT
+UUfMISdsNMKQyV/veJsjjmMP6/SRJY6NJT7TCU7FPFIMqp+QBW7pXRClhT9/0QID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBRqb1HlzCddZQnuqBsSlAPwQKAI
+8jA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAFyye8CDNtXBu11p3E9+
+PfxlLtrzFcYTzPgtGyFhyZIhbVNnNniigd8v4y9bYYfXUns/hqNvEiSA7g8IFPMk
+BCobRAuJnuDWbf0t/q3GacobDnXS2kG9sceJ2patDme9LDgDpes5/v1DlEq1lHpd
+DF+bfiY5zjcJVn0s9agnStoMoWmNbop8pdQQI82WL2zd4/7YUlf/ppSIT+wC5trI
+r0afhs6DDKiEHAdU8TWGWSXpu8zzlFtNR4VOk3a3NZwTI19q/0esAqTAj3oqmMUN
+Wme97zq9eb2RnnAvbr+QnEI6lppE1ap4g00mPlcayRS8uzg9FeMOZ5A5rfdHZziM
+e8tm+LWkzNUJgHTQyjcHIGOV/pQodYZFLZA/EBPqyrqqWCz64HiKlW+nIM63INPl
+r0+Y8K+wXjMOqfi/nDixqGRhCKtWW40QA3QaLMQAIdLHQpbvlMwZfWdTiGRhm62A
+ktNCYUOWtuUfeIlCTyi1eiO/ShxOkAwJLDQUcjPlgyHVhnIRifWwyv+eQDgE9Vpp
+EkTpr7jDmeQZdBAHs3wIImuygZFKGHPdCuKf3hl1cdvNNIMuYCaLZp5d/QSQz6ZI
+CoruIGleO2L64J0tze2OWlHJO66/foX2UNi4CpyUKCzhj3X3txWOfuQcW3++jurG
+QkNnFJ6f/oZyC/SkjIjJVgoV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQabpVXJwRG267/llIMNH13DANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MTIwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQC1L2ICs73/PzNcxEvLVkVwWUCY3F1p48uFcQZgRsScVZWC
+R+ghFO1SsSCREaTFsijS2jmBoKBrTdBMudUizp7GQSozC096Si1q+xlR56NQPgf0
+sr4zRn2Vr8RhnoQgDT2RGmiLV+lo1JRDymtRC86rDyo5TkDWaHt+jKD+j9LONkNa
+PIqbzUUfOKBu6sg1ViniGU//6wQkg6pNJZf6x8IkbsWUF8QHkMLPkCJaPi+sSNAx
+K8O0xYelIeGZvULUP0yEhWyjPKingegb9vr0jeaK89jYEqpIXQ0pkCvd/K3t+DHt
+cvG84uR4f+BRRh7dFE2NGc2OYyU0wJi5kgwnGZ10oc2/XX25tcGD368kbkG3uGuQ
+Y4v4HWwP+KCW9ixJy/wOAbvo9dMbVMqADODg/Ov8E/2oG+tlfTICgdM4vOo6OveF
+RIAq/8RA6933OsLU6OOHL98Dema2hmFdTu0zXeBPASQY6EnJnbSlc2YFeqWi0CoQ
+y+ymYXrUkxNl5hfvy8fmGBxj8y75aviL7xUlzDC/z06WcWr30T54lg/ayjzdyRMY
+ZACcxKOIKnP6MBphmE7k6bvoGFjMaQaWuIAS/3BFSygdEGg4oBw6/Uv9FLG1pjP8
+LOqtaL3iojNqdvsuM7o0ziMcpjeHd7+ZAK7wm+KiFDeBQRSjvoZPr1btKqKXowID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBS+L+agZPZMOV2BVbKnr1ycmuze
+yDA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAFuOxRiBDz9nqtLLfeHp
+yRUOgZljT83nZ5IkKYFR8Eu4LABXLJsv7B32Qw5T2jRlRa92zF3Q+3ZgS/bOWOv3
+a9c/tBEl9JsNLD2fHPfLzJsMAaMMQm7Cg5CeCscNPaCgKeh3bNJQB0thKYrIz5K9
+I9yCBdc/zpYftvNaRKgc7r57eEaLpNf+Lpf/VzP4D4+rDMCXJul8yl5h5tnk0+Jb
+g/hhouIwXwjqPcYpNq+mIz3Ac2P6ApIX2lyeYH6/CBIMgXkupGrSExMDWVdQqY4u
+myasWPFyXzk+jSvdxKAgUpxK4O3pOqDNQgBlg/9odXwVIZx/PkY24DOC2Q0sjNMi
+JDSqJlnn4gJVR19rA+2bwdGqUKoGoQWb/raNLOZxjDhSsm5VG7ZeH5JOHWHlTR14
+SuULelEGmodEBCpp5Hj8ik2T2C0I1TBASit+t7buiqPNWVOcoG6S4b9bgBU4apQq
+3rPNTWcPMfiG+hnUy9ZcaICCZnDVjQrCRgBCD+anj7TaTYB4xf1X153cbdlUiOhB
+WWWdEmVGs6jwdbHuI/cpMIXUfJm7MoSWsuxQ8DAwSvS4sGYWkjXi5hduKc0ibO3Q
+t70demUX3LzZKuI5E524YvdO+5gD7w4YEZ+gkD7CKI2hbBMVsGc+dK9SZWjFoojs
+FfLU4kMkZ8whCdNiGgzXyU64
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQUq+0G8AvOny0pome6aLgrjANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MTAwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDBe4Wh4bEY0S55IXuu28t7KqHnZqtLhGvAOkg8BNASBHz0
+sIEIhCT4OG6nbHHZpyvafrzkyK0pPmDM034Zln3LDsFp5dV3vgPOxAuZ/zQSGWR5
+NLHf7jS1MQ3agJXNqbP9dPt1dBdxWRdlXGkx/WEx9QhjgAoSkArS2WMHuMtCrtBa
+o+vKLdJGK9X3ERw0E+QFNOD9rwWpmvYL79eSSqJkvJDiT8L3+MPJ4BBoLReEBjBC
+mUdWS4GKBTCeBm2gTTBoQs54xRDqHJsYli8RZYJGcbuF9IrhP0+73SIXEtyX17D2
+vncZWq57lzpWFtk5cmdIyGAp2QG/Fe5bNRyOAXLYljZ0QoRymEG5JdPFnG2WI5Py
+C8tOfOC24Dxm4su/trgUagwKSxsG7jpViDpttOaVnoZIzWAqA75wb/6HG/QvFM2b
+6KcKxg2dq7PpLJMeq9GPLrBOGMlFVms26Se2b16Wu2sWoNIS16FW87/sY6EDsCZk
+mG2cFR4S/uYAiyjtJrzaG7tSwnL1ERH2oQzFvvgt9ML6EvALp6TnPKE1PD1/ZQ8P
+5HSOBnO8pkJ+SqTFWWWE8W0aIklikDdWzaANHIPhROls9sTPk5ddI3d6LM54FiLO
+R6B5vsO5Q/F4ZOXXeYEWATZv8aiJLAr70qGVmxBack4K0kUZs8DcE0sX2fXe+QID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBT5SW8MYJrgjAcXrRJtxDFzTZaO
+AjA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBACvcYRRFxHtc/oUYaKpQ
+dFS/XGWh1EKwOc6NjyM17h4lcMTBkPZ75+N3wph29x7A7+FE2jDLaKPHS9kMqBCr
+A09K0gcRVNRTumnlrNG1/RlJe4YweJ7bXG37+C7+c4JV6jq9BMMQhdUGLqXXVMLL
+f/PWlqGlnI7yCdhTLzslxqPJ5hTLgkcZbJdDswo4NGwLrKJBs8sStPONn5jPIzkE
+0CGPnnmeTf8F8UdQN3ioI4KPIO8H+z7jfat3SdNqQvgm0nQUrK5pofIOJLWIbmiS
+nk4xQHtaDVGd5M7fngPLVY11EP/u4qaslpstIFTbyzn+2HxG6I6dgmlVgsD18CP8
+mriz2RyQoF/vBHiGWmDz3o6pisA1Lqly48BbiFZt+iDgXCGRZexd1HWH43jBmRUp
+tqdhuzO70cza0miLplUZt9d9Y/rSHBC/20B7XDWFRJMzNPxWkjaZPTYPes4KL/dr
+ROTfVJoiWfCQvqN0/SS8xIYqOvEDo2sdCpQPEM15zapLvbDtrVm5ArVTJJzJVWpn
+LBv60j4wvvnH1SX/Xr55DcmMfFUlnYjPnHF2lOFnXB3WWEHyqHy4mwELVuthzkK8
+UUJAl2w9L49t+XYFiNrhrVrsqKHQCpZ9ZUrOsHUj7Gb5m75HeIq1FrSok3TSaeZR
+0Txz7sFzNBQqvdvOY5WuLZUW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCA8igAwIBAgIQHsM+sBInuXgjUfT2VmnheDANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDUxCzAJBgNVBAYTAkJFMRUwEwYDVQQD
+EwxGb3JlaWduZXIgQ0ExDzANBgNVBAUTBjIwMTUwMzCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAI+/Ex1N/pqQrM9JOSgV2yH6InTWSLCF8NtMZOSEXKzY
++/9bjnhH84vRJ1QnDJHEzgm45kBI5jYJTn0HTX57wy5eN9XcqrUa2HE5NUb3XIFF
+pNMt8+BNRZDl7FYW92QJQvzD+AtKzjX1ynoJ2m7EGJVgcmCAhLRG9qNXonubjr9q
+cKxb7PoIsYKnq3PQxXZx6T7CoGJ+QvthK3NrAdl7HV3ojsRe5+PTBrIAKhU6ki8E
+L2AkL5FleQaDS+QVrdt7EktaOqRiWebiyUdDgDp9eYdRYh+IWrEx8BUMn5ck4OD6
++N45y/jLmySiBMZU0ocdq//1yHtRnA6yqg4dAz+KxChOllG+9ZUe9EdJcpbHwDdT
+UJkTAX1F4eZ5912LXy2FxZS4epe/3Kx/Z4p7ZZHbHrp/fNV2488B01qq/js+tv+B
+1UQVv/vSWl6z3Nd/rUJY0FgkZ87xbIWhgY0lgdlqZPwjQF6GnCBfCADzabBGDor8
+tRKu4xeZ3nFMJeISG7c376J2ntVwd+YN+Oule/Qn5EiGUiCW2fgf66uZhmF5pLsR
+KZRKwoBf692IU+zxgNwhxo5W3Ubh06oytkGnM5Me/Ki4FAqCxZasu6TjTgvaAurr
+hVkZMoqQgcDow3AhuK8PTRLRqSOBuycAsi09pW9pO3fgSpWRKkQUFwRiWn8TZ1uT
+AgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+QwYDVR0gBDwwOjA4BgZgOAoBAQcwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9z
+aXRvcnkuZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFGk28Kog3QPPCMKtxkxbkdvQ
+4DV/MDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUv
+YmVsZ2l1bTMuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBS4vGwA
+j1sZhZ0lAZzwGdxAjtA4KzANBgkqhkiG9w0BAQUFAAOCAgEAGitVEnoyewaIfQGI
+Y82/Tz8HLb/KLZYNHix4dj3aXNEivoDSd6bH3IaeQ24vPttFJu3XOyH+NZULRGmF
+NpYUGcb6vpQupKQR/07Sl8W+s9blVRpqzyzNH5jUUQ2KK5llezaO+5M4Zrq9wRQ7
+4ccXwj0LMyVUah7jbnPqtMKEHQi6U8uMW3+w6h9s+aa0Bbm4oSBJOFagCBcNQG11
+NjSeSPJSetZdNTM4PdpSISsE/hrj81VvpqYw1+G0cgkzoGOIPUSHlq38CL7vgk8q
+K5EtZfDCK6FlSlkklDfdgKiIJk+uRupiApFx1oJgoagVeC45zDyveMwayWgryRlK
+vbgvjxXtNVyoj3MGzD7x2ijbH/2D/x/jbSo8LTj6nWpzn5Z26bwelh2GEwAQ++gp
+8ivQgTEGfjtuGC+tIRF0My2Zy1HRO9WKKfxlZycsTQctxPW/+NymbPBtFstIn841
+rYu1luGibykM6Lde082hp1WHc4fOgrV9U1lZAiC3BO2EvefrTIC8oHe0lQ+05krl
+TxezpumL1ItVTw1gsFnwhUJ3GdjEMYkQUXMK1l766Dr87T2RU+nLRLtYtCOHOAm1
+ndjCs1cYCdnwNmTz2bjP4RhlEmY24nh47rqMZsNGyHeblmALNrxCKhyf2CswRAy6
+ZWGtyP7GSnlgpfF6ejZZQ/P0+Xc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQJENKZKC7fvL3aFAH9lPOyzANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MDMwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDh6JbaKZB6GhDmuM8PHiyHm6zKRfp95ATiY3PQBHsgt4Zh
++N5vuNjWdWANP68VKfCl41iGm4td47TA3MitcVvG1qAvSnWemifa/UVmg7fKqC3b
+XZThmowlR2ZUPS1gnLR9nX0LoO//hmaoJpxQHfwcG3XGWvODBexwOiIMmnIxwSqF
+E9scBNOU06YMezQMc7y5itZuHsv23dHg+x7zsqG7iH1DRCjtfydElHzikxuqYxa9
+3E09mhYRyFQchSaAc3skWNe9XbDJxOWV0E4uEuolIXmB6Jsl5kd8DD2o9NSHrOU6
+yK2DD3RpAIo+R7V4v2/PZCERCpoJ0W5mfNvEhptEvvE47dPSU/VEtJCwcKmar0ig
+LXnrcTLoiI7iE28zidv+9v6/3ax0uXtgMo21XEvQwpKNzPoG/t7tjm+l70kH1ANR
+4ReNIJhEvxFls2jOeicgl4QTGB48FUY4Ty6qt3xH5xAomkAMtdb8JVl6tcJOtwED
+oX83qo4j0B8VEo8lkOBfMl8mV+nR/sKfvD9wHroEfXNFQ7HET+x1rxG9PVbWfZFd
+EaFnxQ8YFW2LXJ3wW2EnRYx8n+/6jRj2HHnFD0ycyHX0yN8NSoH/gRlwbi5rAgXW
+kMgCkOE7eMZcMf96tjOxtzifv8ey9fZ3qxoSFT4lIJYyjkrs3Dt2+EWukcquvQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBRb6rZjNOjhQyNBJdXY5Rqu4cSw
+zzA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAJSUkvG3rC8MGVqzxTJL
+6YWf85tnn4mMMnU692x5pcKQ5DqA0A4+OAwC24b8dwR5R2r7z5HTngWVR2B45Z9q
+xLxhN7XVEdb/Qtlizxsjp1hdjSUBFPZd7dfQSRbXK4/MJDzhNoIj3YJ8HdzmFkb4
+Hx0eUg4JNCZijfgsXBAJvaerkUqUSz4ARgT87LumXIwbChGo7r5wbXfAqmoNf1RQ
+FgkJNaeceLgRUWSkusmBnvmZlJ1NAeDygC1lbRDfhDLKIlc06qv7FrW8w8AlgzNb
+RSHKeA5FrPb0PGMrN7azigkg8JVDCbZlJ5K0ITOBJ9Quv03WMowtYZbjdjxvhDyG
+MBBk7WzzkWD8xfoVIvbQFi47YhOsDyHdCtSAwb5MGZv5YWn4EMMNIfvuAwu+sgpa
+aFyuhSAP7Gu44L7sW0+5tKmVSis/U80TvKm+OEWulviV/1prUShz/8mSR4jzlC6Z
+HUP0Ikrf3t2T2dVYtAWh3QhDBVx9O7i6drzzehNnB3iG6SikOAfnYGyEh7F6xLU+
+yQNXjkmolgRxPHuFVDE6GeOOmKHXO3LC2L+Spv2lf8TVHVUlqEuzuqpQjOunDyZy
+zI3CHLUhGd4w16AVFJWQejbxCXTZIp7jfs3jYnUEUwWyPLXso+sO8Cb1y/O6DAGe
+Og6WgY4yngYWaTAl9/ixjJUO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQNrAdjvlNHSTwwERy+IS97TANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MTEwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDKXGu1AWVkxHg3eAWrQDfq3nO3NtJ9e1GBoQg/7ZiYfC5H
+JUDhUdnag7hLvGxqYbElvYWAAa5bQ6C7YwTZQEEzCdgOa1HAUEqat+YEkr1TjNAl
+hpXOlslOExc2hVQSj9fwKxeId5b4SA/TPUXPUgavWwerpS3A+VzYAQq4h5zIN7Or
+hCxSsuVIiusMkMod/o9zNiIgzKMMCrXg5ZNXhkDSf8nALUH4rlvimKDc52XhyEsV
+CXqhrWo/JQeNXPkBSSg+MjBVW1qJ1r08D7cHHolNkGvCFgA3LkFGehJevTZS4oui
+fIiCTAg1QwQjykObOo2wMDRy4WoBFwDxMfzTjNak6yLPj6YTnQrrcomrqzY7LEx+
+zfCJZ2M7dh/1+9n5ibPY2bg2PduoxeDEiuBxqJDj1yQ1R5BES6q18jPXmb/8SHcl
+QBixWAbVQmROelM2P326UaJbM5/SOkl56Pp3f+8nank5vEbJ8pgC9XnBjfE7F/Fd
+cR2ziSRotEJoX8DgsWP5DRXRONWHNIazq/png+I0wTiYuTq1cTKFv1b1Xe3MdrGk
+a2lN+GfNOqPFYUL1CpZl07zWHL/5uNhgv57A6JtWNpAQyYHr1VIeMqUMkr0e7c0V
+2Ruo9Y+Wy5y3YmDZllem6zU0cz0gZJsHqgagrXJvK3YZWsHGkunuISSaZ5kigQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBR5NogwlLwgKDoAVAFrQvXbtmg4
+CzA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAJOEpWaWoeSlAgCNIZ+X
+JQNLKipLrc/PK+aABF357otx/fwGJS2A1ew2hTrcITzmto9+6WwvAEJzAjPja2t5
+CBbvAOXpluDkqPkVoWEO+KoEwJMOMKmUsk+0fDangjmt9gIJqRMrryYRmwC9DFeL
+tfvCWeX9poqZzI6B93WnuBbhJR7YsOOJ4pJ0woy49paQTsPfVLLz1Y8HXsr1gCkP
+VRLxt62aONI/eNVRQR3IzcYKZsD1Rxv3mi7Sday8OztRvh9uELtSbZwa/kTO58qC
+ZFrieRMNGvoIzFW9OQUM4gyGGhpGurxn9azeYFE2oBt2weIRLrgD8wZ0LtzTEKhp
+o+Y+uZuBoqsAKZ2Npq5QR6u2L6rO2Yjp/63GizML3IPJIQQJ9cljjHdi0MCEU0zd
+W+VquxgKnkUdtBmcIrL2s8pu8sYCs/AS/JsFTW7Knlvu8IjdumIY56HSCK9GQaG6
+MAkdngHdiE/dMoZAslpyR3iJio14WzAvsHwzOotS832zbK7Xym0VLSpdND7yQ8zZ
+FtQN5xuGcOjQTHnmxkavRnddrbQPCHAjr2MPCcVGO68O8m2VG4yLDs/KaTLPrnGI
+k3FlleR+5LDJR38mxrFyfDTLBCbybHQZJQdj5rDeJBQSHKHOfjQR1vKBobA1S79S
+lQNMu7yGgyfdeyiSb2NeYOxp
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQYbAROEzLB00BRBmrIfZ11TANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MDYwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDXzraGdpMpPH1F0kLXffCka8r9kp1oTwrKr2/63O+4yCKb
+DMvWGEfHPM08VJbxGQqy8lndhoq9OkTfahxAcVrVuTErK2lzuaFKckY55zywfyOL
+BQKsYOw6Bkb0XIm2YqULe9BjSTssMo6yVUaeYTvfT62K5wSP+WEF7gdbKfiwAAmN
+NNVsibwL1BJgxTLMcjpLcnReORhFouodpqHizfkIgxuooKi7a/WMoJ1iTLPyTpTv
+PHKmSvsmOtiCFgMn+lu4TARi8o5WGcFW/RsuGxW8Z/hV7WfaxzfgXD2EBL2fdjXw
+wApARyhs8QUnxFT5OilrQYsFY9Ldx89cG8w0cWcxk/07WO7MkHYCPujUZRFcCX0F
+BUrBylpe1NC7nu4X+t55SbYmv648adjKAJkZArhyObKdiBBZH9CGFWd8fHpoG81k
+ZfROEVrzwXmch7Qa9yA9tuR5wEA4hlLT5HzOVmnEzyskGlQaHaCnXkvawaOkUvBs
+kFPYz/4wxnyh+6kPQ79n5cIo30D1JepYcnJP92+qPIBvssndusC70zOQwQyJaqYi
+Z0Tt5toxsIVt1vE4ILcjRjAaVRPxZuZyXqrRojWeEpEpTbg7ZGr6q+QTrA7ajpFQ
+PPBqqb1nRDv9OQ6TMv3MfC7zMX9k9TcLPy6+Gi+l1HLuKoPRkzGyn9A16fHD5QID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBRS4yh7ifIFxXVT8N571ZBp0+fX
+RDA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBADEVLfVWW80dHhjYlKDT
+G5OfPVzzriVLGG5Ryi7ZrkLNnGYoYrL2JG+TO4wwy3+FigH0cHgPDFT+wpD4jddD
+YBfnzh9Na80WWdZKU7V0dwxPuyt9tP4qNylkuIiV7rNIH9A/FdiymMoM9YzRCYI0
+8V3HnTsFfw3hNsMkxhlwMb+WwGmTD3PFteUjSuJNwH/xCZkqYAvxT3PpPZwEalzu
+C628U3or26KPclZLPqeSChlzFksl1naPwabkIX4IkHHHQdeuJZ4HyTKrLWHwkLR/
+Uc4VgVz2MX3ogwnKsfI2L4sLC7jFQxoh69gKitEh6BtUjmdRug6IGV7GWIaKWD59
+fjby+9lW3GxRe08OS8B2wJhCtPLG6yQ24t7jyHsWaMkabAXJQjEoU1ZqvcoPV7P4
+PVEnyMezFe0UvWmj4Dh6QJscycBT7TpVRA61zLJGxWXDuMuQ7SE0nuwrQdt2NNya
+toGRFjgI+r9GY1+GWMninGxJaMkq0sz8+4GR5iH4Qhzw51sQpHVTyhW413M6WELa
+2IQ4P/9FZC+VOhOWqy4RNITWSjiZvapIrQyv6F9lRrRDZ2Eovr1U1+DEE0HvJyuJ
+iS0mTNonuI3U0BW1s6I+drNxVZl+zwgo8czGoIxxQPCOGjo9tj3N5eAeSDijfobg
+SydzS4Yb/iDYebb5Hi591/kE
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCA8igAwIBAgIQYF9k4MIhMdHybb9ZYTvJcTANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDUxCzAJBgNVBAYTAkJFMRUwEwYDVQQD
+EwxGb3JlaWduZXIgQ0ExDzANBgNVBAUTBjIwMTUwMjCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAJ44r0SzJzBms1wdV8O4Q+PoYggvhTbXZmKz34soiE2Q
+r5gkrJ8fusyIqoBZ76NVcJkwrpND2KO7+e4wwV1nwlosBODksGx5vGC246f8McBf
+ivGNmNKbHNahjYBpFa3sjSLe14VeMrMVpYUIQcI+81svQIZiJAzGReUinafEHQIV
+RazwcNWwWpw4GBOxIRNs/3LRbF6N6Dd7cdg4+kQsDV22GOOiD+RSEjZbx144aPl0
+dl7Gt7bKYXMAmgIta39hlzoCUln9YCeczjlcivie3vccmLbv/ZY5YPLH73rDzRLz
+cUeTmr3nPZe6P7OkuystwZOxRCaGeqSOB0gZh1/grEbUfmwlFj3K8gKX9IhZUwFv
+fa7jVMZ34TCMPe5Z745qvnG5MAh4VvfxezbnHQm/9g2yHbVYa5yn1KhLteCfBl/A
+2sEcl7mFaltZ+EmA6tzblEOeNvtiYGd790cz+0Gr9PsPPuwH2nwlOWDM86qBdVvC
+Gd46uqx1TvT6nFUv9zHsXsIgTbTA6wpESyXmorVAQARjCiKbXzpqYyFXz2CVwER/
+v/iMQ8spZqD1dU1uC7YsfWWmQrJOw9+t+LGpPgZ+iYaXSeMxhzsSleaeRiFPL6ku
+vKF0QKbNvPlhBeiXZ7NgEcfuXXkiaSuY2f/y4VTqtaKZjHzBycJmTR/Rz0kLBA5R
+AgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+QwYDVR0gBDwwOjA4BgZgOAoBAQcwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9z
+aXRvcnkuZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFAOOEPaEWaeiQMgT0pzmFFwx
+Iqf1MDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUv
+YmVsZ2l1bTMuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBS4vGwA
+j1sZhZ0lAZzwGdxAjtA4KzANBgkqhkiG9w0BAQUFAAOCAgEAXDiI0OOoHx9EGh/1
+HOaKcoiwaUqLv8NGNiG6Rd03/Pg8YA5riOgUC+5mzu1thNlEegEC1UsoZyAYN1mU
+dm58vHD+tsxCFAfJJmDDgoNe/dlMnSsVJXki5GzNEBEQ5kaWw0PIRaItcMlr6ygn
+mFwDbGCoXoTRkVKYLcD5GCIN/wH6DwUmpvfvjXRRsWsjT5A5r0u9zv8bVfbNdMJ6
+Dx2IPyyhxMp/DyzCsnTre50f1qG2QW+qrj6c4tl+6Zw5mJJsYK08+bfFsxzOHMMx
+t8dDcMm6RIocnFczLKNM7Go5jrys0rNCUnDzvSLKoATRMDU31nEF/C7ORFrakOiR
+dTJsdh29pMeLvlHuyu9hslS0L/YwR0DUNcsH6fxvOpgDpImkjUd54o8LRrK5fDEW
+3P3yEll3CsV7k9Z5hbsdr3C5HeIZoaPlRcrPj9BMsvSZ4jRVgQmiiPdgne+IBs/C
+Mw8CkHylx9tZJ6tJlVrbmRMYCOsH1AFcqRY+qMwjn6Sdj55tSO8sgql+zU0OAdzX
+DbWJBo+1ew4/4KMBILCWnb2Okd6pVYBLxokBK1Uc6F0pqJLZKolYgXhXyU7/oV/2
+e9xhEhpiVXrNW+ckLz4IWh9t4ObaB7nMGQWW2CYDe3zZbFteZSbr3ZIt138plG62
+i8PpyKKZLi08zIh2ybvI/JDO/gU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQRF/Q5jYX06pX6wO8nwrUaTANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MDUwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDDaOCwbA64iE8wXEiQr3IaNlewwp1bHndFiL/tm5CtPnmh
+at39AQTQitksfJS/ZxwVBXkk1RqJgh59DpbdWcG85/XHNJV5lolf9p03CFT3kEjW
+5+h95VpMz8jCBAat1qvOumES1dx8s322x28IRJYxXxQUru6+jgOhSuYVLh/lMuol
+WseSPEGmmkwlb28rp3o1Jek+l/CGuFjAkgKFQvdoXv0KID6Tk2SrZmcojFq3G/1W
+eW9/4XHR74l7LlXO12TXT52PPV0jta4+JfeflHQh6BSWw3Ogi9EOCxcCjuC4t0Em
+ZxkNZdeHR0pydn1r1KOiH/sN3aCnBqGKYKjfrdvu2Y1D4PpPXRCy6jvkLecAWTso
+EBVo8XrM3xxVAkopzSV4YjuBXCBqYbdgC/q5yJMJRJGOc0L9+ALWIMaz6eAQb9K8
+zMAZQy+xIfY3qUQPgBInIFXQr02eDiztcC1/aPziQW1hsTstO5pP2GgSs1Iswfqq
+QjVlwFU23yHDw6w7U634vsc1U8tMJ1JfyiuDIfYvQLQkiPQ8v9av5b2qB2eQFglA
+XbXLSOOGCGEbcyKuS67OitMrEntx4ePXLV236FXdofMhCQ3vEv3MqqxHFTANyqTi
+rWcLM/o1//Zwk7rfj6qrOFzyBdNrgRqRkEN9a4Wote0Wy9DvStaicVtiDP4HRQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBRarJPyVxjsRwLKodgw/s+LKia2
+PTA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAHCcY3k4R01ASGtQ74xU
+wEW7c8LVGzcDNhDQnbxAW/zgof7iu5tOEOQvomh4St/4vA9OkHelvVzDiYOmHUMT
+EgBbMQOEhbiv/bMAZ+zpEV4TzL88GqayJVLAymhfLqf02xHPSJpY2VNGE2e8TOt6
+NZjv7vqBsyd1O0BzI3ro+gA2fCMdHXM+xlhlLZtmoC/GwTMjfquy2dowJ0F39k61
+i8cGaL2VAXFumCa7noV7B4Zt+MK2p2etjXWgykQ7tR0HQJstEFWMKHS2hfF0vRgH
+XHLQYekmPEdX9Dz2vsWUwN3HvEw232JGXKKmxfJHfBksg/eKstmGWYhdyhcld1T3
+XFhHDs+QAGlbXy0UjUVpaSaii6VXop4dQU5geuEV7LHYEyympfb3v8I2nqYMZ5X4
+SOz/gjTRv10QfvH3on12U3mzWOiBqO3SXnt7Wr2ICvclFtu8m7EBsWmBD4O4IhcX
+Sg8WoawO2R32X43zfq5EGj+ZByeBc4lH30Nn2blbKNCclby1pSqfIKV4dfIc9pZl
+jcLPUseL3zHG8QCSquP6pcDtNkUzSfQxPnVbJnPYzIEUXmHbpqH9a06QP7Bt2UDy
+xdqgoh4kJr7O4hNzo0pF5KHEwdBO9br42VKZ1v2An/xzd+1nq/Gdt9V86cj194IE
+iQlCRnL8bobByhhPXxYRW7KN
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQIoSQxDlWaRqFL2VdcntHZzANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MDIwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCy+Eiq3L1pkmUaj9kPHq40URFQAmEVz/DnBwo86jfatpIS
+KNcDAu8hNI7PdwHPJRiDMIa0hklSVP2AWg0dk30NUxPQDTpCw7J1+UGbAQGDIggL
+UIR6rbNxJoyX1KV4SspSys2vP81eBP3CZvhFoGtUd1vqyq8Arus5bhgBhCHohpFj
+946PBK4r4NBhBCTsoJ45BACaG4ho470dMiJgGhFFT6vjm5GDW8tVFYtDymGAgz00
+E3Enio7GdwVvButr1q6w8LH6H6UJMRExu7b5rsDL5xkmJ1zxJkmNCZg6zpCpyrFw
+Lgs9Nam2qk5c0AfTVgLBesrvY93HrX/oBbDPhDO9GEMPbkWbWj3duqy+oPFSfeNg
+RAaFWXvsBGQXu8ED3RtrFGbNzqS92cKU/L2SqUR4U/nqMvLXX7EDdzNMfrxWanmX
+meNLx8aCz0gDJvlX3WmUl5YTvob8jnXbr1ebvOCoi/qfdTChFiPpzKFsbZXxR/mg
+TGzY1vHA41gEX3RCEqEkHStTbiqQhodobsv5wntjilAm+aGFOUuksz4CgDpl75oA
+Ps+kIPthmDDqYK+Bt6u7ve80z381/39QWmaNjFVr2HguP7wK38g5g1sr+T24aY99
+vvHXvzCs1/hTEnfWkZkhrfeKk1r2xSPPHwIWLnVlE4Ahd+1GYQDDLWRX0yg71wID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBT7sDL8o7VjKDMS0+6fB/XUsaCL
+vzA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBADsHbIm15FG9zvbvNkyE
+R/68VI3sa3IWYgrB9gSirsMGuoF+GVnM9RZOR/nAsI3ZRxwZsJUqiJFEHVDh+9AL
+wX78oTiMamiu4L775oqliL0wSQz03N31RkrNlIJ/gIuv0hEYcV+fFc7E0iaJczLY
+5c8q/DNy4XUziXy/kKbnOQOxL7JUi1vmd7XkMpCHGm14XqBcEdMXQKFWsxsbwy/r
+lmok2EWGfj+vehfz3o0I/uFPfa/f/osUBodr9QePLapW1e4NB1RwmLb3wYTyR6wa
+NjXaaeA74b1Vq/ERwky5u/2iYo6VNCHUIZNWtHD0Ug/A7n5SF1qkqG5zdbYnEBEb
+rKh3vA0MElPGi7Opj2QRJH5Vu6yTZgE3LnDnZr7VYSJrJHVvSzrnoM232zl7raN2
+lqr3cXUDx8Gndtmb4G6lB686/rX2fo2+G231w0MrQE6L2iuAxgfV9S484hgLiAqr
+uAsta/bS4xbDjEDd1lt/2M3ET9gn/cDSB8kBhYfH/F4Jp3sLdOAQvGGFYPGlYvt9
+KjnAiKXMevHmI0+PYZntAFaf5ol09M6fL6OOxPD6iEbDLwbKzjs7dux4TcBZeAxY
+AOwpbKfAzpbP0/xnGkRcBYdN72tJRgVC3Dr//Vv4XjGrf+PRGj5oG3EJtKPSjyf5
+n3xMTlZ+3kEGTMIB3suZvBUm
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQJaNRew3USXMZW3SBQsGgzjANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNDEw
+MjQxMDAwMDBaFw0yNjA2MjQxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE1MDcwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQC21x/pEGGdgZg7aKAhwz2n+3Jwbxdgt06hLWWq6K9UMz1M
+/aY3N/kqGK0N5nxie/3Fi4w+4L7EZEnH/3jtiQQHHpStAru+UzHpRxpqTh5x9iiz
+uogBpXpxX8L+Ee5Z6eV5EZbLWH0hjiNQFaPPwSOitJJxN0wSrsEDu8/XdYRsLMTI
+wK8RNtRrwfYigU2HBLY7Ad235ax2dD/A70TDjzr1H8gm+pzqBgkYkXZLZxP4BCfW
+9+9kkXPmGQcITaLVkWkmiQ3rUlbKP3ljZ7SAbQEtMf75DyxIYHvIR0qIrMiOAEL3
+4jBGQXu0tRrStH/7jv5z0G/dX+GNOTpRwCD2Dba0YjKbHoQ8piCAk6k77XQK0TUG
+/pGpAXalAzx2oUHi48rQys2yedkStJSjVQ/ISb6sonu6Ja4zsZUb1iXAG1n9im1P
+cbmwHJ72TlMeWXFSjQc1WvU8HM8/4IYvVwc8STl4amf2WHe+J/dG4MY6GkWQ5TJA
+SxSnRkfs0VuB41gTiRwemTQ2CbgbXxO3AhZUeTMtOQA73JgJgZwNnTCnbl6fCHQA
+7+nUxRUS63uOQdaS7GsOBC9jN3m4KPN12qwyThv0vhb/KCLE9YQvtOvgeDQl1n/e
+6hRMUJNO/h7lfrFPDTR95GhqaPuWYEDETi+X2D9W8a6Dm/dzPUhT+bshO9p38QID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBTcB4Xzi/U/WtzeIiCVFqhY2+0Q
+HjA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAHi5rGd8jF9JKvR2JDVj
+3woraMC69RF8Gf2t5WfEu0802XvNR+uJOjWi1fy196+t9YAhW+sFJdKt7hO4cUoQ
+mKQ/3xButaCvBUxA+E19VDl19estHH20ONiOjD6rKQ8p6as+W6FFxzS3tT7KBFWD
+GhXgYoUdl6RIdHem29EErtVyVUpJ4+Qf5/0hbMOW18Kko/8jrbhqKgON+7R9hjk1
+wS7+k52nwH0jeALhacOrmn5VGzvv1W/5ylvTdw3nMB9Bb8rpO3CydhjanRIvkbhx
+VgmJdmIrdr7tVGcarJWWSNFW8Eay/05EFZM9uNDift7URLd1mZW6DnHvc0EQsNFX
+HpxlGClYvfN4pMOn9S70Mo2wAR0IBXeXd8silo4I4caNXV+/7SRUhNN68FsO1l4v
+PFJ+MxEQPNMp1GfFtt1eMApU+g47IZqTD+LbkKutd3ODXebS43Cp9j1s3avRR9Q8
+ZpUDw2mzn9Kwiz0sQCnSNAq2TFe7trLKkcVqLvdiKVAwktq5l/G06Neb6VG4o+l0
+0ddye45XD/lSYAOG+tICwRx6P7yiDylVUMDfedE9SgI/7+aymdbET8KwveZijlj/
+Yd1Qm1/gbnCgkq7hgYu/BuONFgMn+R3osSEVAWp3exw7MzL1sm0hK0sVPbbPg8Qf
+VV+IM+HHyTwCHwhD92Ms4CjZ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWTCCBEGgAwIBAgIQQAEzU+QAAAAAAAAMyl0baTANBgkqhkiG9w0BAQsFADBf
+MQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290
+IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
+HhcNMTQxMDI4MDczODMxWhcNMzAxMDI4MTU1OTU5WjBRMQswCQYDVQQGEwJUVzES
+MBAGA1UEChMJVEFJV0FOLUNBMRAwDgYDVQQLEwdSb290IENBMRwwGgYDVQQDExNU
+V0NBIEdsb2JhbCBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEAsAXbyOuMxG6KIe+OTZxxCh9ScO1tgpyXxddMTkVJy0BCtRI0bBnCdKQxX4UC
+l+xDMwpT0pyMjre4edsr1WryjmbE7isBB5LUs9AC31D2Va9mDsvgR2AvKzI5NVI6
+KIP4exbGGLhi1kclkc7wGRJNrWP10z91XynwoTAcKqCYphW97v0ZNvDikUOP+srW
+ECdJTO/dwfGFcJvK6qhaQ/xthm9z6TdFqfA2x8yIdR67bAb/m2s+F+xhqnF8xh2i
+90npFbU81qFh9RH3BW8d/RG+0DAHwimwCU4m3OOiqJFqH8KRRYhc5Zi4caUVGcl8
+dRHMcHRPLZsdkUT9Viig/ruGasj6XAtY3MZLdsirItlzD6X0WgKJP0+eIoLuonRT
+Kj1TJ2kdbI4yLGQAJmNhNk6jRrc/fbMtrG2QopWizs/agucHNBmW6bghqil+pji+
+jilKIWZ5H7PDtQln3tbUB0bzKtrmIjdgy4G2D6AP6ciVf79VkQV6zz0VwG/eCZQB
+g9c0G8xApfC4m2fVmJE7p4R4lSakWgj4K3S0AAQ837gUjujfqY1sZ5IzHcC30uyS
+yL4JvywpBW8Ca57vvL8qvFvAUI9BcHGHsk23BKmEozKvru5rF4uysf5s4ZCMiKiX
+SM7ITcvzBs9fagpCsR4edy+OoOaSDgb8BSLSJuExUX0y3A8CAwEAAaOCAR0wggEZ
+MB8GA1UdIwQYMBaAFGo4WyaN3ota8k96VIMZGOMINaa6MB0GA1UdDgQWBBRI283e
+julJclqI6LHYPQezuWtmUDAOBgNVHQ8BAf8EBAMCAQYwOAYDVR0gBDEwLzAtBgRV
+HSAAMCUwIwYIKwYBBQUHAgEWF2h0dHA6Ly93d3cudHdjYS5jb20udHcvMEIGA1Ud
+HwQ7MDkwN6A1oDOGMWh0dHA6Ly9Sb290Q0EudHdjYS5jb20udHcvVFdDQVJDQS9y
+ZXZva2VfMjA0OC5jcmwwDwYDVR0TAQH/BAUwAwEB/zA4BggrBgEFBQcBAQQsMCow
+KAYIKwYBBQUHMAGGHGh0dHA6Ly9yb290b2NzcC50d2NhLmNvbS50dy8wDQYJKoZI
+hvcNAQELBQADggEBACkLbsSU3GJZk3paTF3cmT6OqPv5oI8b2SdwbfguXkhpYRdA
+EImqA7gcy9+8bChUH8Uh9UuWv/xMR8oLd8PMZntvuTYIafnBke2P1p6iIuiCt4nI
+qtAg50qsIysvT/ZPFGvxekWhh8hx56ekuYBryc7NiiWczdMJpTL6JNFRfzwxmUfq
+H6dvboTNrtiuNWrWy+C+E8GiMcvuH+km37cGxg1FCuerRVcetwGbMfXyBUBFhtgC
+G9BLIdsgguMi6U/jXSvEORIXKMa5Z7F94bJ8duU2hNp0Xqw4tmv47qEDxLDEXBJM
+bwbaOkRltjaXDBh50EaXMx+rUqjO3le0KBM4t6w=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG2jCCBMKgAwIBAgIQRV864VwhzbpUT4KqR1Hr2zANBgkqhkiG9w0BAQsFADA7
+MQswCQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xGTAXBgNVBAsMEEFDIFJB
+SVogRk5NVC1SQ00wHhcNMTQxMDI4MTE0ODU4WhcNMjkxMDI4MTE0ODU4WjBLMQsw
+CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNlcmVzMRkw
+FwYDVQQDDBBBQyBGTk1UIFVzdWFyaW9zMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAnSAEJi37LWkwy9mTf6XlrtRwcu+UvkVr5Y+yC/m6M4Ylr4bxwNjb
+tj++8b6JBab9wyHhktVSIBa+diYhfsHsWVWgkOlSzNIPqTPKOmjYtL3UJuoW3Abp
+DNZJEVFgEolkCg51wXKMjO7O5CfJwIA3iV2fbeeR4YAOms/1mqm0LSkrWiwwlYF9
+Vn8aqr/eAnT/d8KdYC5Z/9Mc1azWHWN7zJ6MTduZ9PcVjMm70iviHaohgEUu979b
+y23acx69q7qLPjHkYoGhf2ft1tQqYmjs9icgwPhrzLyy1zzXYy0HoeFns4bi2N+M
+BTmpf/i8HZOK6By3MS2UlCsjXhHhzamwRwIDAQABo4ICyDCCAsQwEgYDVR0TAQH/
+BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFLHUT8QjefpEBQnG
+6znP6DWwuCBkMIGYBggrBgEFBQcBAQSBizCBiDBJBggrBgEFBQcwAYY9aHR0cDov
+L29jc3Bmbm10cmNtY2EuY2VydC5mbm10LmVzL29jc3Bmbm10cmNtY2EvT2NzcFJl
+c3BvbmRlcjA7BggrBgEFBQcwAoYvaHR0cDovL3d3dy5jZXJ0LmZubXQuZXMvY2Vy
+dHMvQUNSQUlaRk5NVFJDTS5jcnQwHwYDVR0jBBgwFoAU933F/cTomht3ZKf1HaDM
+v4dgmm0wgesGA1UdIASB4zCB4DCB3QYEVR0gADCB1DApBggrBgEFBQcCARYdaHR0
+cDovL3d3dy5jZXJ0LmZubXQuZXMvZHBjcy8wgaYGCCsGAQUFBwICMIGZDIGWU3Vq
+ZXRvIGEgbGFzIGNvbmRpY2lvbmVzIGRlIHVzbyBleHB1ZXN0YXMgZW4gbGEgRGVj
+bGFyYWNpw7NuIGRlIFByw6FjdGljYXMgZGUgQ2VydGlmaWNhY2nDs24gZGUgbGEg
+Rk5NVC1SQ00gKCBDLyBKb3JnZSBKdWFuLCAxMDYtMjgwMDktTWFkcmlkLUVzcGHD
+sWEpMIHUBgNVHR8EgcwwgckwgcaggcOggcCGgZBsZGFwOi8vbGRhcGZubXQuY2Vy
+dC5mbm10LmVzL0NOPUNSTCxPVT1BQyUyMFJBSVolMjBGTk1ULVJDTSxPPUZOTVQt
+UkNNLEM9RVM/YXV0aG9yaXR5UmV2b2NhdGlvbkxpc3Q7YmluYXJ5P2Jhc2U/b2Jq
+ZWN0Y2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnSGK2h0dHA6Ly93d3cuY2VydC5m
+bm10LmVzL2NybHMvQVJMRk5NVFJDTS5jcmwwDQYJKoZIhvcNAQELBQADggIBAIw9
+KLTgfg3zblzaXHc9gGQeTukSuMnmsv8rgKB4PYRMLGWLL9zxYyvn3VJB26/8FwuM
+moTyCdRdVqKe+YJmwIVenF7qg+d8Ro5+X+Zj7ati70ZOJ2GVgb1NAj2pNA+Z+eZr
+VpUDn31L+3ziThLvpAtEtTx6ATFbJmEgkpR1AnbWzvuswwUIMUBspR02niCIzqCJ
+Vm2u2Uy9kHw+diBJRuwVYppBZavgn7ECNO+vKeIAKZme+WMd0ZQThkDRYIxFFwYh
+WFoc1TE+Lf0nVbEa5j/v6oVcauP+2dyLjH/rTdVhh4LnI/DKPGKHduQ8qXuhbxgb
+Iiu8jBT/0n3dWQPFB3ou9+sHllT9uSUVGrtK+KyjgGLH5oe8i4GObH7GJUthkUwE
+YzGijg/WmKvm+jg0gnlWT7HiU0K4fEWldIBl9nNah12ySPVN63q/8kCXS3JR8cM8
+2ZeszLVntPs64itV2WKrkrNA+Ltu4Z/UTY4luH+IRevo9reT6790MQvYrCwjSsuN
+D4fXI86/mGESGvhbwECmphe8L/jV0uZ01yI5mmghedBr5WqKv64EmIXNFVZ23+mh
+8RFCgqPZsatVaVoBQq1FevOhPMjEvxiMgzPXve2A3gSmng/UKDcKGzFbyL+veSZh
+dP854mPk3IPECYZENqAYWXjBltm8UDRmUBt1wpgR
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIFlDCCA3ygAwIBAgIQAViMOjUHs/iXIxx2t++F3TANBgkqhkiG9w0BAQsFADBG
@@ -4475,97 +6250,273 @@ z4UpWMiVDwTdFqEPtyEbF4dKsSz6/w9wYrOEW/b7rdgtFpFqkkoZFgNI4PeJxcsK
 Ah9qz1oHfg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIE+zCCA+OgAwIBAgIQCHC8xa8/25Wakctq7u/kZTANBgkqhkiG9w0BAQsFADBl
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
-b3QgQ0EwHhcNMTQxMTE4MTIwMDAwWhcNMjQxMTE4MTIwMDAwWjBkMQswCQYDVQQG
-EwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDESMBAGA1UEBxMJQW1zdGVyZGFt
-MQ8wDQYDVQQKEwZURVJFTkExGDAWBgNVBAMTD1RFUkVOQSBTU0wgQ0EgMzCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMV2Dw/ZQyk7bG3RR63eEL8jwnio
-Snc18SNb4EweQefCMQC9iDdFdd25AhCAHo/tZCMERaegOTuBTc9jP8JJ/yKeiLDS
-lrlcinQfkioq8hLIt2hUtVhBgUBoBhpPhSn7tU08D08/QJYbzqjMXjX/ZJj1dd10
-VAWgNhEEEiRVY++Udy538RV27tOkWUUhn6i+0SftCuirOMo/h9Ha8Y+5Cx9E5+Ct
-85XCFk3shKM6ktTPxn3mvcsaQE+zVLHzj28NHuO+SaNW5Ae8jafOHbBbV1bRxBz8
-mGXRzUYvkZS/RYVJ+G1ShxwCVgEnFqtyLvRx5GG1IKD6JmlqCvGrn223zyUCAwEA
-AaOCAaYwggGiMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHkG
-CCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
-Y29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGln
-aUNlcnRBc3N1cmVkSURSb290Q0EuY3J0MIGBBgNVHR8EejB4MDqgOKA2hjRodHRw
-Oi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3Js
-MDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVk
-SURSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxo
-dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBRn/YggFCeYxwnS
-JRm76VERY3VQYjAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkq
-hkiG9w0BAQsFAAOCAQEAqSg1esR71tonHqyYzyc2TxEydHTmQN0dzfJodzWvs4xd
-xgS/FfQjZ4u5b5cE60adws3J0aSugS7JurHogNAcyTnBVnZZbJx946nw09E02DxJ
-WYsamM6/xvLYMDX/6W9doK867mZTrqqMaci+mqege9iCSzMTyAfzd9fzZM2eY/lC
-J1OuEDOJcjcV8b73HjWizsMt8tey5gvHacDlH198aZt+ziYaM0TDuncFO7pdP0GJ
-+hY77gRuW6xWS++McPJKe1e9GW6LNgdUJi2GCZQfXzer8CM/jyxflp5HcahE3qm5
-hS+1NGClXwmgmkMd1L8tRNaN2v11y18WoA5hwnA9Ng==
+MIIF9zCCA9+gAwIBAgIQa4Pjthqb7yqHlguFkB5a4TANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQxMTI2
+MDAwMDAwWhcNMjkxMTI1MjM1OTU5WjB+MQswCQYDVQQGEwJHQjEbMBkGA1UECBMS
+R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFD
+T01PRE8gQ0EgTGltaXRlZDEkMCIGA1UEAxMbQ09NT0RPL0hQIFNlY3VyZSBFbWFp
+bCBDQSAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzb6lp/a8qlWW
+/L3U7HrZ9SgdQH0YXJpaIxj4VhR00Puv/lH6lW6Gp8Bapu/yVTupSnKZW2eJJNVf
+6iubWKXVKH0eSOsLxuoEW1SxB53cOhc6rH8CyjZa8O9RDixvRXbPw+XB66G0GjWy
+mhVQPRLBNkbTrHbC17k8g4xoGujoAT4TnZUPNsgy2p5m/+s28twGA7sUq8SDGVo8
+vqq0MwG7JOXwnX20oajta3kCB6vf6aujmQW0WhofeLKN4wtaT4j7OwCwXBzHTGGj
+Vk5LPt5dZXPMYnzxiEhKNboHV/ohf4+l33KZCLVg0UXQty/wyg2vml3R+ekpgWR0
+VE3q/moRvQIDAQABo4IBZzCCAWMwHwYDVR0jBBgwFoAUu69+Aj36pvE8hI6t7jiY
+7NkyMtQwHQYDVR0OBBYEFASBo7b91XUS6Bv1UIBLvRyINGLTMA4GA1UdDwEB/wQE
+AwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMCkGA1UdJQQiMCAGCCsGAQUFBwMCBggr
+BgEFBQcDBAYKKwYBBAGB5gwBATARBgNVHSAECjAIMAYGBFUdIAAwTAYDVR0fBEUw
+QzBBoD+gPYY7aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2VydGlm
+aWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsGAQUFBzAC
+hi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FBZGRUcnVzdENBLmNy
+dDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3
+DQEBDAUAA4ICAQAvN/rkC9lJG+TYxrqYx+3PVZhh7XDg7LtK2zQIFh4RN1hOWq8o
+BUteWtYDcyNSqN2qEMGYsKnq8NpmAT5wNqwRCQitMwI6rxcEUt5zwrpKoSVhEv0W
+hECrSj9wX1CdaKsE+/IjPevnUT1dXf4PgUHOPyb+zP1A8bhXUhBQrijQ0y6shOtm
+wKOSPMxng2t+mu32D722Td+WDuaEybUHyGOhcZczrLBNF3CJ6QL6sXuxKWIZ5l8g
+gtD0GCWLKCZ7e/0jMtoMv1gd3ZY/InG39dPhSaXtTQySyMl270uVwbdFM8XMTlgZ
+wOCkqbQcHTAeVwPc587dd/iy/eTnxg0GzpLOgcXhBJXtN0OOm7soisG34Wigbswq
+zUKnB+Q2+N2z6EToaaG7y/h8ApkW2TSfuXqQfG02fKEG4v7pgkTR+9rruepGxivf
+kTQKG6MyoJnsFtZm4dtxkk3re7zpR7f2ZE8GRPr21jLWsrDdjIm/PYeTtRS+81We
+8uN95uh/Z7iCsQ5TtWzDDP83XnFJGrUhBmH0+k6pLFik9qocgqtVeu47jlBsBFqc
+Svs9dbpWHyZ/4BTkwia0Re2y18fk/EwZA3DzpUrNdDzBdymVZBK5Cm5XoCWwJAu+
+J1pGz52EfGlRLXaI3frHrl+Fy2H2+RYCBY2MV804pLbXurQeWmwisZCKog==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIE4DCCA8igAwIBAgIQC1w0NWdbJGfA1zI3+Q1flDANBgkqhkiG9w0BAQsFADBs
-MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
-d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
-ZSBFViBSb290IENBMB4XDTE0MTExODEyMDAwMFoXDTI0MTExODEyMDAwMFowczEL
-MAkGA1UEBhMCTkwxFjAUBgNVBAgTDU5vb3JkLUhvbGxhbmQxEjAQBgNVBAcTCUFt
-c3RlcmRhbTEPMA0GA1UEChMGVEVSRU5BMScwJQYDVQQDEx5URVJFTkEgU1NMIEhp
-Z2ggQXNzdXJhbmNlIENBIDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQChNsmK4gfxr6c9j2OMBRo3gOA7z5keoaPHiX4rUX+1fF1Brmvf7Uo83sRiXRYQ
-RJrD79hzJrulDtdihxgS5HgvIQHqGrp3NRRDUlq/4bItLTp9QCHzLhRQSrSYaFkI
-zztYezwb3ABzNiVciqQFk7WR9ebh9ZaCxaXfebcg7LodgQQ4XDvkW2Aknkb1J8NV
-nlbKen6PLlNSL4+MLV+uF1e87aTgOxbM9sxZ1/1LRqrOu28z9WA8qUZn2Av+hcP2
-TQIBoMPMQ8dT+6Yx/0Y+2J702OU//dS0pi8gMe7FtYVcZrlcSy/C40I7EFYHEjTm
-zH4EGvG6t9wZua2atFKvP/7HAgMBAAGjggF1MIIBcTASBgNVHRMBAf8ECDAGAQH/
-AgEAMA4GA1UdDwEB/wQEAwIBhjB/BggrBgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGG
-GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0cDovL2Nh
-Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENB
-LmNydDBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v
-RGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYE
-VR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
-MB0GA1UdDgQWBBTCuIXX4bkTvdFIvP1e3H2QQnqKqTAfBgNVHSMEGDAWgBSxPsNp
-A/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAsCq7NTey6NjZHqT4
-kjZBNU3sItnD+RYAMWx4ZyaELcy7XhndQzX88TYSCYxl/YWB6lCjxx0dL3wTZUbX
-r+WRDzz5xX+98kdYrwNCT7fmT4eenv6cCS1sC9hc4sIl5dkb1pguY3ViV5D8/yEB
-hadOpw3TwI8xkqe2j/H5fp4Oaf9cFdpf9C85mQgZJwsvtvmmDTQTPcGPRFTgdGtY
-2xbWxDah6HjKpX6iI4BTBQhhpX6TJl6/GEaYK07s2Kr8BFPhrgmep9vrepWv61x7
-dnnqz5SeAs6cbSm551qG7Dj8+6f/8e33oqLC5Ldnbt0Ou6PjtZ4O02dN9cnicemR
-1B0/YQ==
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIGCTCCA/GgAwIBAgIRAPU2lIjQ1i9wpV8pmPEagpcwDQYJKoZIhvcNAQEMBQAw
-gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
-ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
-VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE0
-MTIwMjAwMDAwMFoXDTI0MTIwMTIzNTk1OVowgYQxCzAJBgNVBAYTAlBMMRUwEwYD
-VQQIDAxNYcWCb3BvbHNraWUxEDAOBgNVBAcMB0tyYWvDs3cxHDAaBgNVBAoTE0RP
-TUVOWS5QTCBzcC4geiBvLm8xLjAsBgNVBAMTJURPTUVOWSBTU0wgRFYgQ2VydGlm
-aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQC1tVhIdZ3PBSv7K1nqiubxWpgt1QPtfBoinH7qM0+pftrY8Zk0YuNPEx7U4vVR
-96THm/oQIIUTHz1Fb++yEYOlozD4rd9yagL9BBOBx4czugegBUX1PjB5fwFo5ucF
-x3xjzd6hgLHy+hxAARG6Bv9q0j9KFWMno22Zx+t97mLSpxWVQ/16nTJ83GnASGLQ
-JxR4WGJ6WcFOhddxbEc79TXVWESTKiQT3QtazAwAtGwJbkJkRBO8RNt/7hYOdsU0
-FqAvkMB0Lipi1U5INchwmkAWmXpWNT3m7NHlv2ZWK/Bp9N0TePCsQvTgyZ9gxdFK
-+lYNcU3Kl2v2mhm3l7h5ATpHAgMBAAGjggFuMIIBajAfBgNVHSMEGDAWgBRTeb9a
-qitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUVjQFv0RyVj2WKdP/MXvvnUVJOakw
-DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYI
-KwYBBQUHAwEGCCsGAQUFBwMCMBsGA1UdIAQUMBIwBgYEVR0gADAIBgZngQwBAgEw
-UAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJU
-cnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGow
-aDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
-dFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2Vy
-dHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBtk0TwGOFQ95Hphul6hSNPPiZw
-vPGtbuLlNDQQ6tqE0Z03skU3Ec/U9/MmLvHGGt7h4mSbCQ5EszHL2BbSnj6REfn0
-8M5IsyJCyhpQosgyK4h+RU6dbZZp8evQCEfNhGc52GK4rVAkw0f16dakW4fARJUe
-1khn8JprEoP/ir5mi7Qlvnk6B2IUNTdSWc7QqiUgkYlWyUypuvTsSshtgINeIXkR
-seeHucuRZVmBYC2NlGeCD8Nho4f+AH9oZr//+HmcF7C8qGSCN23u1fQWZzFpn8qu
-hoDiKlzOki20y6JT6CEroWtkmx+d4fLLChOxzh/tkI9XqWR7qysK+nv0hnOYdKl5
-qA3icUh6RSdX74VobbMy2C4iM2mt8QcMEs/PqZrosigqwZILJ1Fd+5UPudMY5eb+
-kTiMFg8uPbsLiE3Y+DylCvTEoneRr4LHrIDklFjn1cBYO25HVkCn16J0QZyiBJXU
-cnhbkaHlJuEcKK0Fzlq78qHyNVZdVcplwcHZZ02VwfrsdWELkC+r2bgrvq+43uo7
-NgMVsrokbo7Of2ih1SzfpgU6q4SpbmAGNRzeVV0aZoRVR93K9uVtdZQQYMlh5emW
-AmFlgttlgDK3vwGj7fFOcNVwD49tJG65bZy2LQZMQS7fNsG0nGpUyYKJOnUbmSg6
-InpRnOhcq7sctB+0zQ==
+MIIF3TCCA8WgAwIBAgIINY+ChlzmLbEwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA5NDUyNVoXDTMwMTIzMDE2MDAwMFoweDELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMTUw
+MwYDVQQDDCxHRENBIFRydXN0QVVUSCBSNCBFeHRlbmRlZCBWYWxpZGF0aW9uIFNT
+TCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMcA1Hwmgr2biKZ0
+a46bkeXyOruAorQZx779CY9Yq7kUDwW4nPdiTXK1k/xkIJJuwA6xzJOmrCuMzr15
+J17LviwOIW6rDBSSOKjR6VoPS2kkVHLigD7n6mpJU22Evjo6gP/NC5maYchbOsoH
+TA05Yt58qA9qsMpDq9fS/AzYKAVWXBmWXh4xlBOXmGUpjYv3NXAtEznScauk9mgi
+NzMMyu09iDq8G7c1q5oFd5auRKnbAk1BxvgkdoSjg8w2Q2wem0cbbGgfU8QGAy/+
+o/wopiGvmcL+p7b7bgYUaxI9H1mrfhB5ScNK+cEFB8kkW7K/0PpXBd4lRHHWTLkE
+Z9ieC4ECAwEAAaOCAX8wggF7MIGFBggrBgEFBQcBAQR5MHcwQgYIKwYBBQUHMAKG
+Nmh0dHA6Ly93d3cuZ2RjYS5jb20uY24vY2VydC9HRENBX1RydXN0QVVUSF9SNV9S
+T09ULmRlcjAxBggrBgEFBQcwAYYlaHR0cDovL3d3dy5nZGNhLmNvbS5jbi9UcnVz
+dEFVVEgvb2NzcDAdBgNVHQ4EFgQUHmrq3vUvv6jTbMfGP9tsZGDc40EwDwYDVR0T
+AQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTiyUCfTc7omqF8zw4/ZcUpiGoZUTBIBgNV
+HSAEQTA/MD0GCiqBHIbvLwEBBgEwLzAtBggrBgEFBQcCARYhaHR0cDovL3d3dy5n
+ZGNhLmNvbS5jbi9jcHMvZXYtY3BzMEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly93
+d3cuZ2RjYS5jb20uY24vY3JsL0dEQ0FfVHJ1c3RBVVRIX1I1X1JPT1QuY3JsMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAJ+QTFR1oac6PljrKm58L
+gIdCKwkybREfAj+QTnDTONNMiapn6mZeuSLHhbZB1oyetddz1OMM8iJyU+ktJIHY
+mlM3opIt3IuTWBbJobyDZYD+doed6H7gLcp0M1lbDVraXPVCNRTVM70Tfved9oB3
+E8BisBTAKV/MPo1tFWBDWK2NV8jHItE650zOMXI+sF9EK0oQwzBBhx3vG1WpeMdY
+Hpu7z7xdZdYb0MT8Iub+iPh4vVMshXLKohejXByEpWEyVr+L8dE0mdaZzSku/VQm
+ZQyDfNrHfUm2hH/XhC6IlNMA8/oeW99J/yfc/TNiCpImqHk0XBNeZeqK2HPBKj39
+oMGOq5/kMT43jvTpjvjIX3tNnD+nrLcS48IogZ/X2qyGGh7FHkntLC2DBj/ipmHh
+4CJt/dxAX0DH/Z/rwhGVciR3zAXaLbZ1tIS+AhUVmcwIrzJC1kI6gU2dcUCkjo5M
+1VfTjjyrWxpK7aE1kJpdmL7fcBmUWsJKnzV6H5YETONK2YXSxDjDqrUn1S67qbIB
+XAYQnEc/MYoispbeYRKsVciKV1D1Dehl/gGQQ80nCwsxj7gUTewVWgON3h/HP/+z
+W8fh7J1c5YfbjS5zWLOGEEAomWosc0Ba1KHxVR+1yVfn/yxGYpKd4tA+7vRc3GWd
+blVRfCZEmVBCWTd0BC5ZGxM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF5jCCA86gAwIBAgIIIb1iJz+4AagwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA5NDYwNloXDTMwMTIzMDE2MDAwMFowgYAxCzAJBgNVBAYTAkNOMTIwMAYD
+VQQKDClHVUFORyBET05HIENFUlRJRklDQVRFIEFVVEhPUklUWSBDTy4sTFRELjE9
+MDsGA1UEAww0R0RDQSBUcnVzdEFVVEggUjQgRXh0ZW5kZWQgVmFsaWRhdGlvbiBD
+b2RlU2lnbmluZyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM2U
+MasdiWuALHqFFOcafNr2K5PJ5n6YVU3WyzQShkgpo+aKt6Muc0+U6LoYy1yGJNHG
+jcNt4LoBwPJ9oQtQs75n85Kl/NiJPYvDEj4eMKgLjL1D8urea+LhmKgJWzHSHj4r
+6o+/keWsKsFJNqqkeIJygHfRDB2+XrhsQIztyfAKLy4Rl9LzoMj8WAVRF97pHFgO
+3Fxa5WrJne6xewBiZTc6q+SOJAOoUD2wvGRZBap/QGI+sQsUVpwXkKDZcAyJ2mif
+ZwgRdAyuqvkmdXNd7kz585iu70vq3l2tLTaS09JbpPC8tfTa+B4Ftes1QCxNI8Oz
+8ldMxFk0XpK1VCAoMJkCAwEAAaOCAX8wggF7MIGFBggrBgEFBQcBAQR5MHcwQgYI
+KwYBBQUHMAKGNmh0dHA6Ly93d3cuZ2RjYS5jb20uY24vY2VydC9HRENBX1RydXN0
+QVVUSF9SNV9ST09ULmRlcjAxBggrBgEFBQcwAYYlaHR0cDovL3d3dy5nZGNhLmNv
+bS5jbi9UcnVzdEFVVEgvb2NzcDAdBgNVHQ4EFgQUaGIj06nfxSLRVWVNZHYliaq2
+0HQwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTiyUCfTc7omqF8zw4/ZcUp
+iGoZUTBIBgNVHSAEQTA/MD0GCiqBHIbvLwEBBwEwLzAtBggrBgEFBQcCARYhaHR0
+cDovL3d3dy5nZGNhLmNvbS5jbi9jcHMvZXYtY3BzMEYGA1UdHwQ/MD0wO6A5oDeG
+NWh0dHA6Ly93d3cuZ2RjYS5jb20uY24vY3JsL0dEQ0FfVHJ1c3RBVVRIX1I1X1JP
+T1QuY3JsMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAhplqmCZC
+TbWu5oQk0KErZzp399Yj9MyTkkO479dOs7WaJJbeNeI5MprnDjgDloLzKa7d5HyT
+M5ZCGD4x0SaWr2Utz01bPasfOWoTi8MwEJ2SB9yPoNGrJFPYckQe0x3reFgU3a0s
+PenORb+/pt1TuB0rOgDPvEkMth4KG1LIKVDD+OfJO8vOspTzffa5HkoyB1vqbUEW
+0/hGxCnIsnawAenLr7Tbz5fV4MhYEEe/fKP0h72XMe6NiZJT7yv4hNVyd3EfMGM0
+SNAxZNTtyMy1wkSE04QMGRvdP2pMv1i7XJe0YABqBLJy99yN5+sSA8NkhijFIZfv
+1y3AS8m0HDo5ZvMYeMstCmpsHFtEZX3pX+fjJS8ZeLpmpU2y3OfRroIkjrUMycRY
+HdI7oVDldF5ZnrmSgFhEbjRrUn/+0CTPBXXX54ujUJTbMMBrCi92LPzD0V30QNay
+YSCwU5HvvGlvE7W5OyZhWUr3YSWmEWHDavRqZrd1FpJV0aR9Z5nXINnjwvyiZBEX
+XeI0OXnFOtVH6uNw2CmLnc0ECEQQ57tvHcqPe7uCXj6VXteZ0dMcDO805DpPRLWB
+Pe/jBLP7gk6x3lxU0HkbkT7oB0UAbVnYPA4bgh4ezxIS/VWVbNUxdVMgI43zzbwK
+d2VNzMbyH6OVBOA2I3lnOR3hQBvyFLdQeUE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwDCCA6igAwIBAgIIZAw7M94HPGEwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA5NTIwMFoXDTMwMTIzMDE2MDAwMFowZDELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMSEw
+HwYDVQQDDBhHRENBIFRydXN0QVVUSCBSNCBTU0wgQ0EwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDiiP9kEUe+aly0yS3YvDOQVZee4tH1XRykdZFbMS5T
+UOZ+UHm50VwQYlbqZMJ/J+sU/oLim82nddlI7eEHuAaUDpKLQhkX+Te42qbLx3SM
+ynj7g26biM3teX5G86f3VwBPNZRuuFyiuA9/SonU2O3g5YMZPce5rEfTnDxyrQ5s
+QNwcRhOM99GPQyQfMKP+kBHgnyCnh5Qb3bkWXSs2vj7QVLnw1x4tIUd4HN2UXqkQ
+K5ARfnc4//zer14enJ/ugV3/8YtzCGwZ221VihvWlslLcRAUj4DxmuLi5U90FNIR
+hzvJf60iKo0LhNb/3GzbZPSu2XSyuH8C9iHMyDKc6QYrAgMBAAGjggF2MIIBcjCB
+hQYIKwYBBQUHAQEEeTB3MEIGCCsGAQUFBzAChjZodHRwOi8vd3d3LmdkY2EuY29t
+LmNuL2NlcnQvR0RDQV9UcnVzdEFVVEhfUjVfUk9PVC5kZXIwMQYIKwYBBQUHMAGG
+JWh0dHA6Ly93d3cuZ2RjYS5jb20uY24vVHJ1c3RBVVRIL29jc3AwHQYDVR0OBBYE
+FMD2elu+fAjGrQS7SGFFsPViV6CzMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgw
+FoAU4slAn03O6JqhfM8OP2XFKYhqGVEwPwYDVR0gBDgwNjA0BgRVHSAAMCwwKgYI
+KwYBBQUHAgEWHmh0dHA6Ly93d3cuZ2RjYS5jb20uY24vY3BzL2NwczBGBgNVHR8E
+PzA9MDugOaA3hjVodHRwOi8vd3d3LmdkY2EuY29tLmNuL2NybC9HRENBX1RydXN0
+QVVUSF9SNV9ST09ULmNybDAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggIBAFC7amLza5axPRcvdwpiEVI8D5C+11XGp8IZunCE1FwyfXWHa2wDPceLV8K2
+XZFHEDDp8LuVGnJVFP+1rFlh6tQzpxcH0kSG0Z0jGI5DkairkVkeUp32iP/1pbVT
+wUaCotcJVLS7bL0i9K+WSLzuZdnNA+TMD6u53+eYWIWJpYhV0F+eNRzcyVH2Wast
+vsnGyKcejMPWLf0YTHvnbVJ9xEq87nKFkKorTtjWo66zTjNeIKmdgGWEBSSlo1yJ
+j1HFkCNB+v3sLwN8w4Rb16cjhPxxr8dyPi+uohkrzto0RB3MmlXWbNBpMnwqmYmM
+A1SUY3nT9XoGbrenACXkoWZKvUSxBycarGy9ukf8QZ3UmCpvuCoCkMwIQbin3sSu
+VI/h42gQxzF8a/jBC8d7EvYU9QiXVKGgIQudEOFJcHjHYHprGxTu3YSp+NqPakwK
+/tmSY9iodGqlA/MDAMWzO0/98V6GoX3H99UlViqKjaMXFLhM6p5+Jt2GLf8u0k2i
+FF+2R0ayHk1J0UogU7xKLA8ML3WVYyn3Q6mNyDb8rvF4P1/171AHb7IraaAZc6RF
+m0aLs7/5n954TlsieJTOi75JZ99czHZiuy26CfwirXaC4U18OiIjnJfcCDMCrf/M
+dDjjl9AIteXCarVW14bJfC56KcBUiwWeCsRbNro0dSqlsRs3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFxDCCA6ygAwIBAgIIcSKYO7T4aWIwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA5NTMwMFoXDTMwMTIzMDE2MDAwMFowaDELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMSUw
+IwYDVQQDDBxHRENBIFRydXN0QVVUSCBSNCBHZW5lcmljIENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtju9uNmiLU9Ml/m96XBPIQ9wMVaoZakOC28Y
+Z6LQtn7+HlGw4llKByEbhqIjAS/jvN7rlUYrh9KMEdusbyjQoajCCFI13VHtq7G9
+DKV5PgrvrSYZv2u7o+qmbNeYIknJt+rj7wnePzCl7q61QNKdT4qbHfe6bGMkiDOz
+qCu8c6uBkt6OT4AYRfjVuY1KjAJHykbedMY5udecJRXVfl83PIEb/P+KZzFeacPx
+UrkVOk+BB3XtOeM2ShN9tdWzo+yFJAkLqgPieVEBNd3FHi8ePpEgs6Sq6NLXwUJI
+rF+CAxTLxsdOZUTPrW5hU16jPwzrFaVmxNwOoCjjqU93lzg5dwIDAQABo4IBdjCC
+AXIwgYUGCCsGAQUFBwEBBHkwdzBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5nZGNh
+LmNvbS5jbi9jZXJ0L0dEQ0FfVHJ1c3RBVVRIX1I1X1JPT1QuZGVyMDEGCCsGAQUF
+BzABhiVodHRwOi8vd3d3LmdkY2EuY29tLmNuL1RydXN0QVVUSC9vY3NwMB0GA1Ud
+DgQWBBTT/u5hgMCZkFlt1iRV8v/A6ycX7DAPBgNVHRMBAf8EBTADAQH/MB8GA1Ud
+IwQYMBaAFOLJQJ9NzuiaoXzPDj9lxSmIahlRMD8GA1UdIAQ4MDYwNAYEVR0gADAs
+MCoGCCsGAQUFBwIBFh5odHRwOi8vd3d3LmdkY2EuY29tLmNuL2Nwcy9jcHMwRgYD
+VR0fBD8wPTA7oDmgN4Y1aHR0cDovL3d3dy5nZGNhLmNvbS5jbi9jcmwvR0RDQV9U
+cnVzdEFVVEhfUjVfUk9PVC5jcmwwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB
+CwUAA4ICAQCnRJIWmfxLFEVBq6tet+FhU3iu0++RFzjmaVPFFKpcpYI9u1A36OJN
+F/F9e3oqSPtH2PNM67p7x/0xQiresZ49NJg1rNIcVolamcmOipv9jqczrzCpx6mn
+dxA9zI8LzMHSm2hSCFxsgsKJyLRQq++PfCAOsOKjE4TL7Ai/qsDdVD1B0vT8JxL9
+C1ciQgD47zMjwsjBeAh76Cbldf2jF74SEbzxkxTj6NOLvV/Sf94hKMcxqtquSUdO
+b/r7xxaC3SqBxCTX/r+nHuCPqsES9YFRhI5ta0egpkRWa7YMsOh3CBTWxcSh4Fq6
+RY5tWIkAw93QNZ3hBZ+i3rLL7+6VwRoVgpVJDQESCZNKbua4nCgfsI6EJ3EchYHe
+PBmR3Ezv3XPdNQ8IUBqPDvkwcMCQV4sfII7jLD7qbiO2Qmynj/y/8T9iPGe5+Aao
+x1OaHprm7l7NwAJe6XUc4v+XNN4cOVpxBEUJeREEBdd3ZLQP2I+zISlQBhV0QVy4
+NejrpMowTPHWBa8JaNDO1XZS+XI1uaii4rMPk/PI1Hu7oKzc9VqtatpHNpmhZ8GZ
+J+1ldPwuOwOmqRqitAdWWZfDVNl1SB6WLRwLqa7hbETGuzLMVtHL8bqMmzxgObmm
+OAv1FH3tdcaEW7+RIHpfixFAAbOWbMTpZehkxY2VIyLvMPtbuN3ByA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFyDCCA7CgAwIBAgIIJofc/+DvJnowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE0
+MTEyNjA5NTQzNVoXDTMwMTIzMDE2MDAwMFowbDELMAkGA1UEBhMCQ04xMjAwBgNV
+BAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZIENPLixMVEQuMSkw
+JwYDVQQDDCBHRENBIFRydXN0QVVUSCBSNCBDb2RlU2lnbmluZyBDQTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKoB4W5bLrIBtdxTGykwm/1iVganSwLm
+eyKBHVR4c+L21i3vAx1c2c9EFddopBQF2aUaSYo5K9rie4RRHRbF/fR6Fq/GhDb7
+w6f8CZ/AYcSBUUxAng8riWOuyZQJpEMzt92irg3zYGl5HzAZVWM7yOk0HVFrHc80
+aj52tbvMQDHr0MQpnbHGjo9TPcd12Ny05F3Gb58vYCotBthDxwqs7SYOClS23yIk
+cJYHUmAPBATSpWtYlW1xYorTz7icrNZQOktp4wsDD3o7YcXGAYC7g7BswOIFZbWT
+2eH4eWQQ3gE+NWm3zED2uT4O4+YX+TNm7ATjm4yn982n1ZT0DFcXhHMCAwEAAaOC
+AXYwggFyMIGFBggrBgEFBQcBAQR5MHcwQgYIKwYBBQUHMAKGNmh0dHA6Ly93d3cu
+Z2RjYS5jb20uY24vY2VydC9HRENBX1RydXN0QVVUSF9SNV9ST09ULmRlcjAxBggr
+BgEFBQcwAYYlaHR0cDovL3d3dy5nZGNhLmNvbS5jbi9UcnVzdEFVVEgvb2NzcDAd
+BgNVHQ4EFgQUSf2eGi1zljZyfV0etuKBI2nPaOQwDwYDVR0TAQH/BAUwAwEB/zAf
+BgNVHSMEGDAWgBTiyUCfTc7omqF8zw4/ZcUpiGoZUTA/BgNVHSAEODA2MDQGBFUd
+IAAwLDAqBggrBgEFBQcCARYeaHR0cDovL3d3dy5nZGNhLmNvbS5jbi9jcHMvY3Bz
+MEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly93d3cuZ2RjYS5jb20uY24vY3JsL0dE
+Q0FfVHJ1c3RBVVRIX1I1X1JPT1QuY3JsMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG
+9w0BAQsFAAOCAgEAxegRcNnjg6RLFuc4np1MsD+ZFh8arDkMlwT9cyNHVWo4eleZ
+6uiAKr06F4cVJvllToaEWjq+vHaFZTpnuhAXN66qsDeMx1dBiLStGzOIOH2l1lLl
+GcZut5Vv+gjrlm/4lVP1T94txJJY7GQr4mb4mUvYODryoK1sOu7Mck6h94M61nxd
+wyNmY/+7gBHO/Ji03TqKSQK+9V81f3W4s5KtzBoCnEb8sQG8PrIgw2PqSRDfBU8b
+5EU81pkNSN/UaYn0DwWJxJF12tSvn5Q9SPY6VK17SVv1rDq5/0XG2c24FMw8sIQX
+Ff3K/ZnW599w37+lXkS5W3NyrBDzXK/zAdcW30fYuKtAnfSQu/olQpVZxZoNYXRJ
+CZ7J0r40ENahDEhN8ntmWXz4DGAvoAH3W1URutXaWhsm0aCMbKvZVrhd1skARfLR
+TBzdM3omrzyqbvU0x7tTQO/fVlmixyKARt42X+USvr0W++Lw9SoSOwZ81Id2JRV8
+Z5t+3fU3x9ESxHL/5v0pBV/jfp6HagCEG1D2h1Mn7f9igwu6yvcJ+GvF3yA+nrk9
+7BB5zu1Hmn4w1PGUV/ZsC6wWRtmAylU6JjjxrcRCJRDW+kiwauPaS32IO1vQOVqQ
+55CICC21ruKRficCTCfHyY3JHouWTAgo6/tAj0Qq8i9uMZ2i0geRHB+9E/A=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF8DCCA9igAwIBAgIRAMQj0iGRho+sTuL85KAR0acwDQYJKoZIhvcNAQELBQAw
+XjELMAkGA1UEBhMCVFcxIzAhBgNVBAoMGkNodW5naHdhIFRlbGVjb20gQ28uLCBM
+dGQuMSowKAYDVQQLDCFlUEtJIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
+HhcNMTQxMjExMDg1MTU5WhcNMzQxMjExMDg1MTU5WjBgMQswCQYDVQQGEwJUVzEj
+MCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0ZC4xLDAqBgNVBAsMI1B1
+YmxpYyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA6GW/UWo7X8suYIMHqHozBGkyigC12vLP0jv5OjWh
+9m+eYM90gTGs8llp/K11J3Zv/7dByYmxP5lic21CoZjMbaDjwi+aBk3ZMSrDRHCK
+oEp1ECIXOB0bk31XCzUu+jGBOh6S5Q8xl+QX1aiHX83vmP09jJu8Qb7cbuPEkvaa
+Fe/QbD+8O4SFAKO4CwYZ6LzSymihXIv256JNuEf7p+zyh+R9VJYQr4bEsrjLzAi+
+6ZHmp9AmDvrnEyGewqG87s6RrYbcZbfa0kfV6cxymex0q/vw8/4vlBunkOaaRbPo
+DyEEGQCgblrQjcClvuihHyfpCM+GKiT/2FaS3htEVee4OQIDAQABo4IBpTCCAaEw
+HwYDVR0jBBgwFoAUHgz3tmfy4ZImCUXAVTkudz9CSqIwHQYDVR0OBBYEFMuDfWUV
+r6nJ86ip9GR8eVIFdEBhMA4GA1UdDwEB/wQEAwIBBjBABgNVHR8EOTA3MDWgM6Ax
+hi9odHRwOi8vZWNhLmhpbmV0Lm5ldC9yZXBvc2l0b3J5L0NSTF9TSEEyL0NBLmNy
+bDCBiwYIKwYBBQUHAQEEfzB9MEQGCCsGAQUFBzAChjhodHRwOi8vZWNhLmhpbmV0
+Lm5ldC9yZXBvc2l0b3J5L0NlcnRzL0lzc3VlZFRvVGhpc0NBLnA3YjA1BggrBgEF
+BQcwAYYpaHR0cDovL29jc3AuZWNhLmhpbmV0Lm5ldC9PQ1NQL29jc3BHMXNoYTIw
+EgYDVR0TAQH/BAgwBgEB/wIBADBrBgNVHSAEZDBiMA0GCysGAQQBgbcjZAABMA0G
+CysGAQQBgbcjZAACMA0GCysGAQQBgbcjZAADMAkGB2CGdgFkAAEwCQYHYIZ2AWQA
+AjAJBgdghnYBZAADMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcNAQELBQAD
+ggIBAG+egEUMXXGhkQKIkBk0B/byxk8eyJJwwhJIh+KlPSnQU6CCOMtlp/nikEWD
+hDvVBzdW78XtPeUHIFHaBSPCN1Q8eF26HU/tgs4SQAssLkQvG/EGw1azsaQAvHfm
+Z7l+Gm6i8YNREPYsov+kYGVG2ekD32Bna9iYPx6LAGRZLUR7IUxG78qN78kkcmLv
+4NfJcMs1kIJ4SluLh7bT8yl9bcJP/0o++2J7tNLrYIVLMK/v84/mm4VqcLwggLC1
+qUSTz5ftSf+TXjUw2GH3uMtZ940nj/5z/l/23XOVyu4fKmvaJM1a3yQmrLaLxsxU
+RkS15+agpC/jQjZ4XouirwhiUIBAGrs2Q+/W2Z4OY+cKHrNnqlFX5kivRhKNdwRv
+sw/ODZxvsnSVxgZawEZHE3cDQYS3bUYh+UHTFBpKf8mKCyHXL6WJ6cqeYPY0xMLy
+AkP0Dbuw0j7x1deYEeFy1kpzWBtiEQeWsXt2ijtF0Ig//B+04OBF9ySdGEOC4ALI
+OEQkNdNPeUigZNIYKc9B8+8rsxe1W+Cv6Qx+M3NDchXjXP1W39le4n9hzAJ9iHGg
+gunVc1CgRmKhY/3Du6z21xDK1Xez4A+s+DGzN5rCjWkfxu9eWNsIjzTtCs9TKF7R
+S+ehk1McUDqNkkD57i6QPiKMTv5A1i2UXyFuJCG43FWLwmIA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+TCCA+GgAwIBAgIQFDWW8kQacWeYP/yVl0GbUzANBgkqhkiG9w0BAQsFADBe
+MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
+ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0xNDEyMTEwODUxNTlaFw0zNDEyMTEwODUxNTlaMGAxCzAJBgNVBAYTAlRXMSMw
+IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEsMCoGA1UECwwjUHVi
+bGljIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDoZb9Rajtfyy5ggweoejMEaTKKALXa8s/SO/k6NaH2
+b55gz3SBMazyWWn8rXUndm//t0HJibE/mWJzbUKhmMxtoOPCL5oGTdkxKsNEcIqg
+SnUQIhc4HRuTfVcLNS76MYE6HpLlDzGX5BfVqIdfze+Y/T2Mm7xBvtxu48SS9poV
+79BsP7w7hIUAo7gLBhnovNLKaKFci/bnok24R/un7PKH5H1UlhCvhsSyuMvMCL7p
+kean0CYO+ucTIZ7CobzuzpGthtxlt9rSR9XpzHKZ7HSr+/Dz/i+UG6eQ5ppFs+gP
+IQQZAKBuWtCNwKW+6KEfJ+kIz4YqJP/YVpLeG0RV57g5AgMBAAGjggGvMIIBqzAf
+BgNVHSMEGDAWgBQeDPe2Z/LhkiYJRcBVOS53P0JKojAdBgNVHQ4EFgQUy4N9ZRWv
+qcnzqKn0ZHx5UgV0QGEwDgYDVR0PAQH/BAQDAgEGMEAGA1UdHwQ5MDcwNaAzoDGG
+L2h0dHA6Ly9lY2EuaGluZXQubmV0L3JlcG9zaXRvcnkvQ1JMX1NIQTIvQ0EuY3Js
+MIGLBggrBgEFBQcBAQR/MH0wRAYIKwYBBQUHMAKGOGh0dHA6Ly9lY2EuaGluZXQu
+bmV0L3JlcG9zaXRvcnkvQ2VydHMvSXNzdWVkVG9UaGlzQ0EucDdiMDUGCCsGAQUF
+BzABhilodHRwOi8vb2NzcC5lY2EuaGluZXQubmV0L09DU1Avb2NzcEcxc2hhMjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMHUGA1UdIARuMGwwDQYLKwYBBAGBtyNkAAEwDQYL
+KwYBBAGBtyNkAAIwDQYLKwYBBAGBtyNkAAMwCQYHYIZ2AWQAATAJBgdghnYBZAAC
+MAkGB2CGdgFkAAMwCAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZI
+hvcNAQELBQADggIBAIfkDpU4Yj1QLp4CTeI1b5Q5xKYsUdaBx1V/VD+F+KV6flV5
+mNbiHQ3KA337GC4vQqJBBHM15eaaaPCgci0YnNhi68wWrdetQ9E1zCFZw/HCsnJr
+dKNgAWjCPe/4tK/AcJyztnMVeU3I+A3ApYVysfu9HhA6V7uAh1AVyrv6Ivlui2tZ
+amgOgpMd3qirzm4s3LCPTttJ0Q5oAIrxdw+lxPm8/Ef/yR2Dkq2dcrbPO6HdO3Lw
+bn0/WtZMeWlfU+WuoixM59yCPg72Y/RqAGI2neC3Na3QM+0g08OcBQGtSjQfdyGs
+a8egWnsDNRunYmTZ13RwVRWKXXeCWFjI+URbErttSTO8sf4mXbIoyCz1JfVfZzVa
+ZMBN7y0td5JWz1M+L9FMu/cWnuqWPiGc20C11LGjNfG5ejqc15TE7WOeWDPTR1Mo
+pXM35I4NZKVlxfSR53g87DD1kvjtwxjAGOoqZzpXOoe1GakMRUA2tBd6FG6GttbE
+l2QZK1w/t/zMlCfpdlTyG7zOcz/lKbn4GEPGwx5FPUPWVpVIZgeeFn5MWru7ts2n
+vuFULQzP3Cfl94o9IkNHlXEfX0P/vXYjQnsOt3tr70+4ww9yOx3zBcvUNpYnYXDw
+RLVTe4UDo++xEwimY7U7uEg3ukwCK+mlnsnabQYKflkSTf/EqonpTlEbhZve
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIFLTCCBBWgAwIBAgIMYaHn0gAAAABR02amMA0GCSqGSIb3DQEBCwUAMIG+MQsw
@@ -4598,75 +6549,52 @@ Jnz8/DVRZZgeO2x28JkPxLkJ1YXYJKd/KsLak0tkuHB8VCnTglTVz6WUwzOeTTRn
 1QzX1CA778n4wI+nQc1XRG5sZ2L+hN/nYNjvv9QiHg3n
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIG3DCCBMSgAwIBAgIUW/3RuxUtEGuqbW0X5zxWHw3ZyMowDQYJKoZIhvcNAQEL
-BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
-BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0xNTAxMTMxNTU5MDhaFw0yNTAx
-MTMxNTU5MDhaMGExCzAJBgNVBAYTAlVTMTAwLgYDVQQKEydIeWRyYW50SUQgKEF2
-YWxhbmNoZSBDbG91ZCBDb3Jwb3JhdGlvbikxIDAeBgNVBAMTF0h5ZHJhbnRJRCBF
-ViBTU0wgSUNBIEcxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApL5K
-RkgMCrBv8z4N///kNqqIN5GUBRzlh9w0KLy+FNmucRQWbXkEeIBXA3kvwY7fcCxr
-fM+ShAH6dmFermC3a9plJbHvbWV+yYVtbPDOUz5Wy1d7x4F46tYpUavTy0FknqV/
-pS3AopIGQjV8iBTms2kKeyhLeXbSOOapEbrnqPurUkP0tHPf9M/2WTpoV0dxcm/i
-m1dYxabkRGJLua5p2oDxNpWJS1vMQw94xAjBi2/z+znYZHpO7Ar2Gx31w1+ligGh
-cPnWr0a47mjbGhR5Y9acGkZ5FUnyjEK9IzTO1pFh9MwN4pnwLcpMDfjE8BW8M9XM
-807U/XA0HWMjG+2MxogRgmZWn2ikKfnZp2YPgZhdC07tc22LpT8Dr7Y4+9gZ8AoT
-Sjh0SO3QjVsvbo+2/ctKxdWvNfEOBPYUYfm7qo85foFGD3FQUGalLxeBeh/BTE70
-m0SDgHPkhfBrh8piD6Vc9WRLGxWmuxvJViWSPL6Nq9M2QYl6TvbP2DFga/j2ufyU
-R/wKfYFt3ZNJwwgYwNHhUK3fFEE7yQ+r14P83puIT9PmucapRo4QMasRDj8jORoy
-MR5C6y7b8lBjQ60FzoUVx6C0ysaJoWwRJhgE8LT+Uj9ALxpoZlLc8LvROjrtlKx/
-GjarbmaU3WOBt3JAP4Bt6Nv2DosvBNbPk66cFPcCAwEAAaOCAaYwggGiMBIGA1Ud
-EwEB/wQIMAYBAf8CAQAwZAYDVR0gBF0wWzAOBgwrBgEEAb5YAAJkAQIwSQYMKwYB
-BAG+WAADhwQAMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly93d3cuaHlkcmFudGlkLmNv
-bS9zdXBwb3J0L3JlcG9zaXRvcnkwcgYIKwYBBQUHAQEEZjBkMCoGCCsGAQUFBzAB
-hh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20wNgYIKwYBBQUHMAKGKmh0
-dHA6Ly90cnVzdC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EyLmNydDAOBgNVHQ8B
-Af8EBAMCAQYwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcD
-CTAfBgNVHSMEGDAWgBQahGK8SEwzJQTU7tD2A8QZRtGUazA5BgNVHR8EMjAwMC6g
-LKAqhihodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTIuY3JsMB0G
-A1UdDgQWBBRUdT4z0X0ULktwCcSsXUrRgzl4tTANBgkqhkiG9w0BAQsFAAOCAgEA
-PSf0qJCZCmDLnDoYXdEZTl7z3RPK6CP9xCoohkk8Shv/CW9LEXt5YOH4ql2M2nu1
-wx7zkVPjM5dl1Y0ilmjzA7lwKjHSVh5W8ACGBheI2wGkwLcnxJ9I/sRzD6o8v7qi
-MhDYWjNPkDnyy3ZMwrNvMy33HnkARpeRzzXzHkRTJAmKGM82M1k4FOjpGb7v8vV4
-mCxeZcu3Bb8frPTueUHYa6CYLhyAbSCIjm2YSKEM1rJUrzQdjiYd3aOK7qd31Z8E
-s3GX9LnId0VbHu//QFGdt9Y4hvsZzaYMM3n82iVZ7GeXDe9ppAxAMHyvlHkmFpNM
-MUcyuDWV10JZpME6xgiz1D23USrHCYG+s7wyPYrpYtTZ3evF4dpeMnfA2Wgv21DN
-0xbePknVTp+9mhWAcxeRCphXgxnovpES/UdBfRqXbtBIVmvQRGgSEUseQvtu+kel
-FQA5XQehsCvzHGizmcsbQzct0t26cBxATfnF1jYBNOFQUQZBNurTBAOhvgmaPjdv
-qM9MaEGXmfu3MGMFrPUiOAvQ2GWGnJCIl1vmotQbAKRa2hG8GMrzLArfpErY4m+2
-UkYD7pwq2VSRRNlLijtNPBLt+cUmIi/z27AOSmAibAL7g2xOKa6/36QLWgGYYDPq
-1hzkH+EQznExD490UvdMnQqyccFG9tssS7N4aA5ckX8=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFeTCCA2GgAwIBAgIUc9pa+iPZP7qELgog9AHJ2G4k/F0wDQYJKoZIhvcNAQEL
-BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
-BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0xNTAxMTMxNjQyMTVaFw0yNTAx
-MTMxNjQyMTVaMEkxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
-dGVkMR8wHQYDVQQDExZRdW9WYWRpcyBFViBTU0wgSUNBIEcxMIIBIjANBgkqhkiG
-9w0BAQEFAAOCAQ8AMIIBCgKCAQEAws73Q2pp5IiTIXZiGAXAtvH/EEkhGTK3NytG
-LsznSUkfe3GYyQ1TFuYmrw/ZWcDRzjp/b5PrSLMG0noHgPWw71BifhOjaFraoEVr
-pIC5lzYi0epvBBXL3HW/SERp99HvCDH/3m686anfUxAxBsqIgHAd0cLkkb3MKd0/
-CnYt8+AKd/mhO2ru0u4gzZf3i/71LHzSAeZZl6cuhWJ0qzuUaXhChTB0zzyTe6n6
-ml5zcGi+y6U7euToSCku+ymDBEMOzdxPeUmPaBDD2O2KrqvGTg8jHllSjIhmfOmY
-RpfXlZ7dzfqvkB6qvZfVFb/H2k/PdsnNMAYd0AQCAItAAPy3YwIDAQABo4IBWzCC
-AVcwEgYDVR0TAQH/BAgwBgEB/wIBADAZBgNVHSAEEjAQMA4GDCsGAQQBvlgAAmQB
-AjByBggrBgEFBQcBAQRmMGQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3Zh
-ZGlzZ2xvYmFsLmNvbTA2BggrBgEFBQcwAoYqaHR0cDovL3RydXN0LnF1b3ZhZGlz
-Z2xvYmFsLmNvbS9xdnJjYTIuY3J0MA4GA1UdDwEB/wQEAwIBBjAnBgNVHSUEIDAe
-BggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMJMB8GA1UdIwQYMBaAFBqEYrxI
-TDMlBNTu0PYDxBlG0ZRrMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwucXVv
-dmFkaXNnbG9iYWwuY29tL3F2cmNhMi5jcmwwHQYDVR0OBBYEFFVYhs66fHZOmROp
-D9Nsn8L10zzjMA0GCSqGSIb3DQEBCwUAA4ICAQBLAcQz+wCq4P4IFsY11E+i0wAW
-ljwqQX84wCqx24XJtH2E5iY40glnkTltno77/+FKk64/8FSGh+HOHZ8/QW7z+3Gz
-s2RNCLHJ/f7oUk7eUrSzYK/4rLU/1vyBnujT2JQAhts+pkUghQYFjSNY7CoYIp+i
-zGGPJfKRgZJVe9c0Fx9Eb0tH6vOWbrcpIoEop4A2R8h8KeehLOdipQCZ67/Olgsa
-uvwgDas9hSICnlIKmCpbzFn6duAduLnd9nQ0SGVbI0Iil59Cs58H8BXPvvd6VcmA
-Fywmsi+0EtPPEWqFztl4yiRlQwaRPUu2L/d8QGSqrrvB8+9Y8KoMVS7ky2wp7i5V
-VjNfRmdy7cRri8PpEigHnzEy0EqrXd77QTio7QjvMW8FBNXVZ0bVq4YJFIkK7HT4
-Aq6rkin7oRMQWXNS+wHV15P+MKl0x2b5LMY1wASSkklaQKSkrp1sR/l0tnFWtxHZ
-OUKBHeWRPmCuv59UkTZXA/LT/tHt2JC6htu2pYislARuJGsnq4Bgrw76c0AS3UF8
-80dYnDtu1CObhU3bjALGJ9Z/V17sj6ZCKNVe8/iZScP8zCNsj27woqVnogLDT5o0
-0f6O8NHSMl1HIys7SH5oieJj1dfoUbCXFQPqKYQMugUU3aokoEpqaxFUd7moXFeY
-wxZChJIYvI+fVDAKwQ==
+MIIIhzCCBm+gAwIBAgIIFUjQVLioQrowDQYJKoZIhvcNAQELBQAwga4xCzAJBgNV
+BAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQg
+d3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcx
+GzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMg
+b2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwHhcNMTQxMjE2MTE1OTAxWhcNMzcxMjE1
+MTE1OTAxWjCBxzELMAkGA1UEBhMCRVMxFjAUBgNVBAsMDUFDIENBTUVSRklSTUEx
+GzAZBgNVBAoMEkFDIENhbWVyZmlybWEgUy5BLjESMBAGA1UEBRMJQTgyNzQzMjg3
+MUswSQYDVQQHDEJNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgaHR0cHM6
+Ly93d3cuY2FtZXJmaXJtYS5jb20vYWRkcmVzcykxIjAgBgNVBAMMGUNhbWVyZmly
+bWEgQUFQUCBJSSAtIDIwMTQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQDF+2P268Q6Gbrsf+dNK9AZI7nvEHs6MSs0gbPcQt4i/psW1rahzNwdfsjuJzY7
+n6kRe0d2DkXgo854sNt+G0b0Zyy6gx++NqptRwEDwg/CR2142d9TVplWZA0KhDDB
+RuOEdDzU3/5vhtLtO8cx+aYt+WJ5pNUaNMdYe7MK1CaJKFCWbX69JdNPUa0saZiE
+YSijD0l9JCU09hN2cVidW/ZsDVR5+Znz6z+iQFXfzSwRebT2uEFDc1SNiB4jZ09n
+83CALULZPWm1JfUGYcei+nQA2ZKZZSZgmmrqsHTUVqC2JzVxkCbxY8vWFyAiE7wk
+V1S31PBE8AjDYOqi0fRPwWOfd+G8qp0Wo9ofMEBZvw/DEkOBz1vLzo69lOKlxQyP
+bdbRUvkfvOQoiM0phssbH3H/gqYhs7XrMDTeZKXNX1AsBgf922KWRWbPQ1n4SHUW
+TmxYf5KCSAVpBOjI9yxu5zRqlM0+/5AeIBwIqIxdseZZUWNIYbXmciHmEzhYzeD2
+WILmMjuJQiGXz0cNlIkqXxqCHhtR+hjniptEcdOFhVHB5h/SnfAvN7zARl6yZeQ5
+bwoQG7s8DPhXCwNJAD91FTCq2sovjpeoMQhACBvTJNy9uhkxIxw7eEHJzSbPr12i
+zAtcJr3QbGiwfZaJBk4MRh/HOSs2feE58PcukvPz7utd9wIDAQABo4ICjDCCAogw
+EgYDVR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUXaFVpNxKrIMR+ao45fdoSv4V
+FUwwgeMGA1UdIwSB2zCB2IAU+SSsD7K1+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4x
+CzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJl
+c3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3
+NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hh
+bWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDiCCQCj2kJ+pLGu2jB6BggrBgEF
+BQcBAQRuMGwwQgYIKwYBBQUHMAKGNmh0dHA6Ly93d3cuY2FtZXJmaXJtYS5jb20v
+Y2VydHMvcm9vdF9jaGFtYmVycy0yMDA4LmNydDAmBggrBgEFBQcwAYYaaHR0cDov
+L29jc3AuY2FtZXJmaXJtYS5jb20wDgYDVR0PAQH/BAQDAgEGMCcGA1UdJQQgMB4G
+CCsGAQUFBwMEBggrBgEFBQcDAgYIKwYBBQUHAwEwPgYDVR0gBDcwNTAzBgRVHSAA
+MCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vcG9saWN5LmNhbWVyZmlybWEuY29tMHgG
+A1UdHwRxMG8wNaAzoDGGL2h0dHA6Ly9jcmwuY2FtZXJmaXJtYS5jb20vY2hhbWJl
+cnNyb290LTIwMDguY3JsMDagNKAyhjBodHRwOi8vY3JsMS5jYW1lcmZpcm1hLmNv
+bS9jaGFtYmVyc3Jvb3QtMjAwOC5jcmwwDQYJKoZIhvcNAQELBQADggIBACVw1zHg
+pXxOlY2c9OTKHwhrzkM1b1hQB+ZXgmjcxnCy0MmCWfK2hs1ydBXzMp/CGXEXGK/p
+cp8VZO5DA+k9yJnRZzU/0PRcHbQVwUI1D923GmKyi7cjVlts7OImGY2cg7Zod8dJ
+lXiTB1Yy2mmaePovehyzxwQJx7d4V0b/eHHcJ3lm4YMUiY/3ot+uopPBi7PuJ/FE
+iCb6j9un5jpXIF5HpaVGpQCv1l+jnx8n2gxcGGbHLYdyrBnLWS96g1IQkRgXXES5
+pTy8YUXJM4fNdIP36pAMjXidwPQcXj/IshdG7mHnxqYBtiYiNOgdxOnZRqILOhN9
+ObVfKANUUkQeNh1Q2B3PNLHYRgkay7oQn2q6MY7xW0PNY5vlhTb2h71Y06dekLSb
+z82/8hqZU/JswlPQF00njIcJObxq7GxMEgTEAtvmdXVeVNsVzFux6UPtXYkWXb0c
+Ou+eTpKq6vMvSbp7U/OxPfpWjniIhIOjHK0LKD+cBlUrjvGwdTTpJ9r9oW/83z+6
+c1DGVpsZ+GiiemLqfpqUhsIn0teb51yDH8RNVY18UXkSv13Cea3BLdh/y5rPobu1
+GkRJwV+lyt3mSOkE1pRDqCyx14PnZdsBtHlw/KmqqRdONOjmkaxgcp+uvs/z4SJP
+n6GrY21iwU5qXxCaqaE4ysZEp8L0t9xGbbIB
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIIkzCCBnugAwIBAgIIYh/zHEiboTYwDQYJKoZIhvcNAQELBQAwga4xCzAJBgNV
@@ -4717,40 +6645,909 @@ WU+O2WIY1F0aO9zp3E7qwfmYT4MJ38NF9R7FSlxRlgVc1uUHu/iyUU4N1O6F3VdX
 P2Y+tgLFZLYV4kApfXk5l9h94dgKyfVcIpvS6yVpLfONPnlCNOxy
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIGWDCCBECgAwIBAgIQC5cxE68zwsnRDfWE1f0TIzANBgkqhkiG9w0BAQwFADCB
+MIIHkjCCBXqgAwIBAgIIU5TkF0ZRnpYwDQYJKoZIhvcNAQELBQAwQjESMBAGA1UE
+AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
+CQYDVQQGEwJFUzAeFw0xNTAxMTUxMDIzMjRaFw0yNjEyMzEyMzU5MDBaMEMxEzAR
+BgNVBAMMCkFDQ1ZDQS0xMzAxEDAOBgNVBAsMB1BLSUFDQ1YxDTALBgNVBAoMBEFD
+Q1YxCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+o5KJruh7JPEBxpdC8Pf3qN8vfPR98dCWZynbjLBXv6MTjwAiehTq1X8OzEQNpqWq
+pNpygo6/YNgf8FMgYWhCsPSDvEmg5Um1xBnLjHBJMSIP7VClMVS9KidVu+nF8PpZ
+no8hecsfF4yJzLp/MD/lwIsjkh5Zp9e6cVBJsSkRJDY4gWlTWRYO/0e1ZQSmu+2+
+YKy2ZRpOPo6k4eGlIsFGz9yIzVii0hasDf43Lv19F515tNGXFIYmNnLjMFlf/LKu
+Al87jblGqRn5yhMGuJNsP05gH5D/F5YkLqg6A83KmygsIsgYzN72YWiFYNzB6ZzF
+0HPM9GX3PuSkKKXyFpUxYL0nHWH7B3Se4F5m+mmFk9GMvJVuoUvktOO2ysFPE3pY
+tl1iJjrVGBk5cmZHKQbqBw5ZooSEJNbmvtzshUxVEFTDRg+8avleaZFNvl5hilSQ
+4c7YlvSnu80AMfhJ/pD6bwA+7BG91elQdcoMuedHyvE3lGqYxuh25a3u//K97joz
++qq10hZH5eNrExjWV20DlF6kgZqo6C/2p0zm5eTfbaZ16oVZrpmTeG95dabQzgHD
+dXP6B4el67G275jQNok2Wu5wT9oKAM6xomNp6zsr0uYI9kQBqMP8BTPliB98rwg9
+xmQH4Ss/r1zZK3xt+mYypBo1OR5VvKEEqs1bnVf3LjMCAwEAAaOCAokwggKFMC8G
+CCsGAQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDovL29jc3AuYWNjdi5lczAd
+BgNVHQ4EFgQU5Sf9DFi3YMFTV4Yt+1YDi/6fxbIwDwYDVR0TAQH/BAUwAwEB/zAf
+BgNVHSMEGDAWgBTSh7Tj3zcnk1X2VuqB5TbMjB4/vTCCAX8GA1UdIASCAXYwggFy
+MIIBbgYEVR0gADCCAWQwggEuBggrBgEFBQcCAjCCASAeggEcAEEAdQB0AG8AcgBp
+AGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAEkAbgB0
+AGUAcgBtAGUAZABpAGEAIABkAGUAIABsAGEAIABBAEMAQwBWACAAKABBAGcAZQBu
+AGMAaQBhACAAZABlACAAVABlAGMAbgBvAGwAbwBnAO0AYQAgAHkAIABDAGUAcgB0
+AGkAZgBpAGMAYQBjAGkA8wBuACAARQBsAGUAYwB0AHIA8wBuAGkAYwBhACwAIABD
+AEkARgAgAFEANAA2ADAAMQAxADUANgBFACkALgAgAEMAUABTACAAZQBuACAAaAB0
+AHQAcAA6AC8ALwB3AHcAdwAuAGEAYwBjAHYALgBlAHMwMAYIKwYBBQUHAgEWJGh0
+dHA6Ly93d3cuYWNjdi5lcy9sZWdpc2xhY2lvbl9jLmh0bTBVBgNVHR8ETjBMMEqg
+SKBGhkRodHRwOi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRp
+ZmljYWRvcy9yYWl6YWNjdjFfZGVyLmNybDAOBgNVHQ8BAf8EBAMCAQYwFwYDVR0R
+BBAwDoEMYWNjdkBhY2N2LmVzMA0GCSqGSIb3DQEBCwUAA4ICAQAs1zQb+upsV3E5
+Xb2heesc2RLziFGzxBqyRiGgzl7aZBtg4fAwbl6TvjwEtZHhGkW+DxYzJ4EvgI+U
+8Cbbwm9GVGUNA5e0l1byywJYgd/y2v8gGX+zM7X8mowih1zPIN6Z5odc2abCNXyl
+IftLWeGKnOLjizYJ+Jxtv6bWu7Z29ZrUr2+vSSbOwj4SUaEn1zN+OkqzKvTBk4O8
+xcgB5c/qRJ9XZFWsoHX+wQpZhUZuIZxYvm4FLXbb+1cHE2rNwkbrBbBM0MNGxP8D
+FIH8IfEkVDrJgk2sW8drvcbU01D9IwlcP9YVY4Rsq4Qesu8psHyr1HyLr+Ioyqsd
+KLjUQ4o67o7lTWHhI04mW9wz0kREn/siqR+chY2zRpIO7hGwI64TfBYulWxdOavq
+DKMeHjLKJVOsYsWK4X9fjnP+5+wFSAM+0zINDbezBAlM1p0sd5DV9KrQZ9TE9PxT
+1G0dvWnJRbp6PRVruvvr+iVsZGBLjWY5r8PaKsseAKtjFUi52si2Bf4L10+UMO+q
+LWVohAyGygNYkv5eVSW3XLri3NzgVb5QZrHs7IalcpHUPayMW1YkN0l+egCXVgTN
+VFGkJup4TJel2gw1sYi4z7FadKTi9c9JZSuYN4Zb+qtM8ysaB1bg7UfU+dAry8nF
+xuHeo4MhiF6cx7HxobOy2p7riigccw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHkjCCBXqgAwIBAgIIQfac0r2AwLcwDQYJKoZIhvcNAQELBQAwQjESMBAGA1UE
+AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
+CQYDVQQGEwJFUzAeFw0xNTAxMjcxNDA2NDJaFw0yNjEyMzEyMzU5MDBaMEMxEzAR
+BgNVBAMMCkFDQ1ZDQS0xMjAxEDAOBgNVBAsMB1BLSUFDQ1YxDTALBgNVBAoMBEFD
+Q1YxCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+mwYjFx7SZmarLj0+7DqdJn6qt5EwPpgXxnEzzFfOSQrSm6ylglABjVTEznl9a5m/
+ydNAxggVGKNA+hNMFCagFS5P6nJ8bZ4SZbILpZ6egUoXDV/+Iy0FgW7sJLPPh323
+2OtevxSiwGE8ipjJBVZVP+qYMFEpedkLRI2HzF0XVrmS9YfWOzK7yh2+d4CqPCfX
+1W0aGeBK21skABXEXeRgZDr1U5kmLRZAoG5NZB6XPcVdudBvle3zO2nFPlYeDMsR
+SOBFwQp0L7tcEZ1dQ2u/uhq3UfJGesWtshn///sQDC8K7TX9whlRkw6Qx5V8TcO5
+xQNJaxBQnsNBw41TBX4sglwzF50wfA2Xn0PS4GhT0ms/ijeqIh1ZP7eBKc4psMNJ
+ZtzhjdUCeK+WbZRDqK78Gv9K995oxFEDmR9Kyb5jDHgGV8qRdiup5g0ianMSg2iU
+5RxGzjvdGULDgAmvJ/fBuCMv15rLsz8c4zYxNDbNHRfET6TlxEZtLK1wGL3lrXgX
+ANXLFWSQzTw5EgBwueCWMZDIlvi4x16oeX5G7QcrKrQS8DCdWhGlhDMVJOcBkkLJ
+tlRjKitmYiTIoRiFaRt4S4+L+004rHlcbr9Ec76HbSmBYsmuIfrk8nSPDGnv0LOo
+rMhaXdcn6c5RZpH008lv6fN5wpLeEkQuzGjATLTFbo8CAwEAAaOCAokwggKFMC8G
+CCsGAQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDovL29jc3AuYWNjdi5lczAd
+BgNVHQ4EFgQU6ECbjvtmP8FE2KHf1EqBQggXy+UwDwYDVR0TAQH/BAUwAwEB/zAf
+BgNVHSMEGDAWgBTSh7Tj3zcnk1X2VuqB5TbMjB4/vTCCAX8GA1UdIASCAXYwggFy
+MIIBbgYEVR0gADCCAWQwggEuBggrBgEFBQcCAjCCASAeggEcAEEAdQB0AG8AcgBp
+AGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAEkAbgB0
+AGUAcgBtAGUAZABpAGEAIABkAGUAIABsAGEAIABBAEMAQwBWACAAKABBAGcAZQBu
+AGMAaQBhACAAZABlACAAVABlAGMAbgBvAGwAbwBnAO0AYQAgAHkAIABDAGUAcgB0
+AGkAZgBpAGMAYQBjAGkA8wBuACAARQBsAGUAYwB0AHIA8wBuAGkAYwBhACwAIABD
+AEkARgAgAFEANAA2ADAAMQAxADUANgBFACkALgAgAEMAUABTACAAZQBuACAAaAB0
+AHQAcAA6AC8ALwB3AHcAdwAuAGEAYwBjAHYALgBlAHMwMAYIKwYBBQUHAgEWJGh0
+dHA6Ly93d3cuYWNjdi5lcy9sZWdpc2xhY2lvbl9jLmh0bTBVBgNVHR8ETjBMMEqg
+SKBGhkRodHRwOi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRp
+ZmljYWRvcy9yYWl6YWNjdjFfZGVyLmNybDAOBgNVHQ8BAf8EBAMCAQYwFwYDVR0R
+BBAwDoEMYWNjdkBhY2N2LmVzMA0GCSqGSIb3DQEBCwUAA4ICAQAcsICqv3AJB2/Q
+NQLL2mkFaf0Q/X9uUidWzhEQYHOf+Eh9eojMea/o+6rzgnrXEHOPIyoEOX7vKzAs
+Qca/w7xM/ldWB4Q3yN6Bv07OyA7EKkTLpLt8X0VSJV2XgxDRpAsvJ+hqPPPIo4DW
+7AAk8rZF2+j92OG2WkHEWiEHXA68MsxCzxpcwAYHdRuCsl46CD+dRmODCzCRc9Ns
+anhiLOX3JPzRhc4itMAR1YK4uHCqj/VwFLd+oT84cAksXpNd2qBsICXgfVV0B1w+
+Efj7aaDCw9gY0IbtPMvpadiwjq1mYATBW8+jLb3i2YfRx5fr0YXcv68HjvbSzDex
+gMdbkqxHjPvmsfkFmzYDRzxZkYhqcMHLxzZlKD7F1Sa2GYM/kuG7n7zHGuodg3sW
+tZLN16jbaHbupjJT7G6Ll4xVqQVW56wct9zaDD38rI0Nn/u5ch5Koib1IOB2FOmJ
+H2kA0YMRpPjkvDyZ8QZLVG9SM8GBBVQa97BdY7b3RQr4nYSMLNXgbZPhjuULMg5q
+OZNuLhrS09nWcyeAYp6pA4KmNgJtLnRBw6+j5b6+RMQpdoxY8AQm301OjK3KsVB+
+lktHpcv7aDcwWWup9ZF7SAbgmy0dig0n8+AofQQnYbi0jgcdjguxsvYznwgf+SsI
+IF+BTEMSGWi5MDbppe3b+TbqsRDXGA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGdzCCBV+gAwIBAgIQDAOugIb7rN3dNa34GPCXnDANBgkqhkiG9w0BAQsFADCB
+ijELMAkGA1UEBhMCVVMxGjAYBgNVBAoTEU9yaW9uIEhlYWx0aCBJbmMuMS0wKwYD
+VQQLEyRPcmlvbiBIZWFsdGggRGlyZWN0IFNlY3VyZSBNZXNzYWdpbmcxMDAuBgNV
+BAMTJ09yaW9uIEhlYWx0aCBEaXJlY3QgU2VjdXJlIE1lc3NhZ2luZyBDQTAeFw0x
+NTAyMTYxMjAwMDBaFw0yNTAyMTYxMjAwMDBaMIGJMQswCQYDVQQGEwJVUzEkMCIG
+A1UEChMbSmF4IEhlYWx0aCBSZWNvcmRzIC0gU1YgSElFMS0wKwYDVQQLEyRPcmlv
+biBIZWFsdGggRGlyZWN0IFNlY3VyZSBNZXNzYWdpbmcxJTAjBgNVBAMTHEpheCBI
+UiBTYWludCBWaW5jZW50cyBISUUgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC/S1eNdLE/AnpiNJkKxHx2Qz3fyvWIQ73xiyJDcYx+JIl9j4aAaaGX
+MreT04Or8A3aYgMyiLsQWjiW/MOuv0dtrhUj1Lwk2N2qnnTVa26IO7xDLlrWbewt
+RCOaZuhiTNY9XPqnsJu4K5BoyQRqxedJJNKFtq4OKJqagWW15BmOSsmjb+4pN7c2
++UGdMFrhDtIHn//zQStEO46gaJbrUVeeo1EA6ErA19ckjlNDWb46PofIbS/bz0gA
+u48AdaoleXHn2ZXWFZW+XTLoY2z0cNLyt3lVN2ZdD0Ejoof6KHz4cytJVXsOM7eD
+BGE8MrV+EbF6kTFMezm/h8wmuTrmJAVzAgMBAAGjggLWMIIC0jASBgNVHRMBAf8E
+CDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjB6BggrBgEFBQcBAQRuMGwwJAYIKwYB
+BQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBEBggrBgEFBQcwAoY4aHR0
+cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL2FpYU9yaW9uSGVhbHRoSXNzdWluZ0NB
+cy5wN2MwgZkGA1UdHwSBkTCBjjBFoEOgQYY/aHR0cDovL2NybDQuZGlnaWNlcnQu
+Y29tL09yaW9uSGVhbHRoRGlyZWN0U2VjdXJlTWVzc2FnaW5nQ0EuY3JsMEWgQ6BB
+hj9odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vT3Jpb25IZWFsdGhEaXJlY3RTZWN1
+cmVNZXNzYWdpbmdDQS5jcmwwggFSBgNVHSAEggFJMIIBRTA4BgpghkgBhv1sAAIE
+MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDAYK
+YIZIAYb9bAQBATAMBgpghkgBhv1sBAECMAsGCWCGSAGG/WwEAjAMBgpghkgBhv1s
+BAMCMAwGCmCGSAGG/WwEBAIwDgYMYIZIAYb5WwOKIQABMAwGCisGAQQBgsFbAAEw
+DAYKKwYBBAGCwVsBATAMBgorBgEEAYLBWwECMAwGCisGAQQBgsFbAQMwDAYKKwYB
+BAGCwVsBBDAMBgorBgEEAYLBWwIBMAwGCisGAQQBgsFbAgIwDAYKKwYBBAGCwVsC
+AzAMBgorBgEEAYLBWwIEMAwGCisGAQQBgsFbAwEwDAYKKwYBBAGCwVsDAjAMBgor
+BgEEAYLBWwMDMAwGCisGAQQBgsFbAwQwHQYDVR0OBBYEFA5+DmL5+LcvT8b0eD6s
+h9IXkM4AMB8GA1UdIwQYMBaAFKVuIv85aToj+4kkF8ZglAAa2o6eMA0GCSqGSIb3
+DQEBCwUAA4IBAQAjOFGsWeQiLRjSCEycULjwiExi4enzYS4y8xLlsrkLqZqdXHBq
+PLbKPd6KG/0mNgIPcqbdq1kb87Ci4fg1yqpJj/YAOqpiXEpC+u0lbYDHVgK52gVD
+6OpEnbdkSZChsO5Xq1kMoMo1rUlOnMWDbnN7nnRAaB23lHIIOYegOXPPwFzUHZHc
+ftKYe1aIJXcvniZYAHRI6F8+UuEyIlEBi4rJiuvrD0D5VsaA6sLA5DKxjvNcCnPN
+NxPyJD+KM5/cHp7Qyx8OMCdnm1DK69Fx45NtEMnDORq0LrdyHZBaoNoNVWsSIG9q
+e22KqtFUINaUYiR/JVgBAUhcBrZjprgUqyVC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGiTCCBXGgAwIBAgIQBHk6qjUaYa5/J1al5SSwFDANBgkqhkiG9w0BAQsFADCB
+ijELMAkGA1UEBhMCVVMxGjAYBgNVBAoTEU9yaW9uIEhlYWx0aCBJbmMuMS0wKwYD
+VQQLEyRPcmlvbiBIZWFsdGggRGlyZWN0IFNlY3VyZSBNZXNzYWdpbmcxMDAuBgNV
+BAMTJ09yaW9uIEhlYWx0aCBEaXJlY3QgU2VjdXJlIE1lc3NhZ2luZyBDQTAeFw0x
+NTAyMTYxMjAwMDBaFw0yNTAyMTYxMjAwMDBaMIGbMQswCQYDVQQGEwJVUzEsMCoG
+A1UEChMjT2tsYWhvbWEgU3RhdGUgRGVwYXJ0bWVudCBvZiBIZWFsdGgxLTArBgNV
+BAsTJE9yaW9uIEhlYWx0aCBEaXJlY3QgU2VjdXJlIE1lc3NhZ2luZzEvMC0GA1UE
+AxMmT2tsYWhvbWEgU3RhdGUgRGVwYXJ0bWVudCBvZiBIZWFsdGggQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLcRnyaNyzuM1sx6fEkyZd1xIHoimK
+HSLnciLhDUOHfrc2amu/RkvKscLiUVKyildckzevlHt+XLUXrp6JrJ+28/9NOcLq
+Jg7Qop7r29BFE4IQKtYdzucE1KhlLEyeRX++nGpYPgarIck6T2ZwhdRaNTpbhJTH
+Kk3vTw5z3A6o7Wf22vIbuGpVMuPAAmDKt5fH1PWTyvl6cmtM4HpoZ8EF3vN7igXZ
+ieOh1fZx07VGG/Oy0h8LJZgxvau3cHRNCyApnK+ak1bPFDETytcAKMt39K7M2Lhr
+LpHpj61uWisqBKIY0d8SGwd2CNyHyV7XHRKcw6bg6L221Xv0lFHTvFyPAgMBAAGj
+ggLWMIIC0jASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjB6Bggr
+BgEFBQcBAQRuMGwwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNv
+bTBEBggrBgEFBQcwAoY4aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL2FpYU9y
+aW9uSGVhbHRoSXNzdWluZ0NBcy5wN2MwgZkGA1UdHwSBkTCBjjBFoEOgQYY/aHR0
+cDovL2NybDQuZGlnaWNlcnQuY29tL09yaW9uSGVhbHRoRGlyZWN0U2VjdXJlTWVz
+c2FnaW5nQ0EuY3JsMEWgQ6BBhj9odHRwOi8vY3JsMy5kaWdpY2VydC5jb20vT3Jp
+b25IZWFsdGhEaXJlY3RTZWN1cmVNZXNzYWdpbmdDQS5jcmwwggFSBgNVHSAEggFJ
+MIIBRTA4BgpghkgBhv1sAAIEMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRp
+Z2ljZXJ0LmNvbS9DUFMwDAYKYIZIAYb9bAQBATAMBgpghkgBhv1sBAECMAsGCWCG
+SAGG/WwEAjAMBgpghkgBhv1sBAMCMAwGCmCGSAGG/WwEBAIwDgYMYIZIAYb5WwOK
+IQABMAwGCisGAQQBgsFbAAEwDAYKKwYBBAGCwVsBATAMBgorBgEEAYLBWwECMAwG
+CisGAQQBgsFbAQMwDAYKKwYBBAGCwVsBBDAMBgorBgEEAYLBWwIBMAwGCisGAQQB
+gsFbAgIwDAYKKwYBBAGCwVsCAzAMBgorBgEEAYLBWwIEMAwGCisGAQQBgsFbAwEw
+DAYKKwYBBAGCwVsDAjAMBgorBgEEAYLBWwMDMAwGCisGAQQBgsFbAwQwHQYDVR0O
+BBYEFAly92V/xm81P7TPE4I4lb4dgKmGMB8GA1UdIwQYMBaAFKVuIv85aToj+4kk
+F8ZglAAa2o6eMA0GCSqGSIb3DQEBCwUAA4IBAQCVrY18uUZTog5HTu3VEJT6gVaz
+mO/FdFBsrTqzxhvD3zDHesaerTXaq+zgbDzS+bqwgIqtDgQMNY76ejhNQcrySVra
+sXEgN+/GoIotHTTYcFSFZmQRWaq2iKerhLkGVOi9B1l/8KsAL3+uoY93oSPEA17Y
+b+5wbB7BoYkgvmreVBiimHSi5APciBikYYsE7ZP3B6XFKwNbzSnGOc8+lyiUCuKj
+D036Mgxbck0gpnGyb+SfQxE1Pz11eSNy7uG14b6D1fYnQ2p8jwkYWwT6/Q2JuVHY
+uPwkv2JK4vhyGN3VHwrRUcRz6cR2kDql17ywXufG8rW8kMQCefC1LcQN6QZp
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGozCCBIugAwIBAgIRAIicQfC+tDE/Mw+eLtuCcewwDQYJKoZIhvcNAQELBQAw
+WjELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczEcMBoGA1UECwwTMDAw
+MiA0ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQQ2VydGlnbmEgUm9vdCBDQTAeFw0x
+NTAyMjAxMDI0NDVaFw0zMzAyMTUxMDI0NDVaME4xCzAJBgNVBAYTAkZSMRIwEAYD
+VQQKDAlESElNWU9USVMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgxMDAwMzYxDTAL
+BgNVBAMMBEZSMDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCzw8qa
+aXe2F9gVE4zdG386nSqjKdj8g8Jtm2cgNjA/UhAgGyAcx+Dz35QPy6hmonP62oQR
+Sr7RSNjnTkWpKZ0M6ESK14E4yqx9+I31r88wf4g33dM0TqFuJTojA0qlx0A20WF7
+Sbc6/ZXvep9K78SXWYCv2cf0NAdaxYD0A4Ua6CIvimF3OYukU4U6Q0C3zDP3oAZO
+rDaLweqcpwmTaonwfE5Y5ZHchfeMnNqTHbtOehgUkLual1B6d8wiCHHmj+aKL43Q
+rLl7YxKYMzlixGGvOx+p9DjfkPVaCSrx2xuoklf398SRvQS4HDx/rOMYq9FAUY1b
+q8aB8DaERdB14D1tdFkSR3ZdHYq3u762eK+rzBNOlQo1CEkdT2rWNo5miDtezki1
+HT+6G6lltXFvDckeGf8aRZG3wf4muc4e5IYFR2K4vEn27zJZ63mKTAVriobeIaFr
+EiyvmdAII5e8Y6vrYssgJQVBa5wHwdI374OfpnafNfQi1QoU4pLlwV4Mq/CT+fPH
+DHbAvSAlxYyu1hCKD2+fiESK6ufIYdnYVsGlHo1536aZ8vxl42hz6cgDMTdCBnd0
+p9ZI9p+P8327cpmUifBbaElBOrfq/9lQVXhMtlm4kZXv3rZClM2UAK3uutAEdnsX
+f0peoRB8qtE8KzgYIvWDtfouhjQIXbwpVYJLRwIDAQABo4IBbjCCAWowEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFE2DhFDQfaPe
+4AKWRiil90ahrSh6MB8GA1UdIwQYMBaAFBiHVuBud+4kNTxOc5of1uHieX4rMEkG
+A1UdIARCMEAwPgYKKoF6AYExAgABATAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3
+dy5jZXJ0aWduYS5mci9hdXRvcml0ZXMvMEoGCCsGAQUFBwEBBD4wPDA6BggrBgEF
+BQcwAoYuaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL2NlcnRpZ25hcm9vdGNh
+LmNydDBtBgNVHR8EZjBkMC+gLaArhilodHRwOi8vY3JsLmNlcnRpZ25hLmZyL2Nl
+cnRpZ25hcm9vdGNhLmNybDAxoC+gLYYraHR0cDovL2NybC5kaGlteW90aXMuY29t
+L2NlcnRpZ25hcm9vdGNhLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAIAxs7y5+qDc8
+7JlW9Lckyrs+qN98Ni8q4cJYRYVzWyfzu+dpMZWvy/bbmUFE0CBQSIiNnBU9iYF2
+2IhdnfjWiOcev2xpqNXM7WurBx/KZzTQBpoLY5ZidqgXvMG7FGZnE1vBtJoywLjt
+ID44PnRq7fFjgDZEuRao2eU5kS0IAnl0DN++qgVX52Z2tyZarlZ/BNSu/Z9ge0dP
+PTnXjOlrNrJGOFcN5j0iXioFKDnDsBDg6NQJtguz0uMo9nnHirY/l+LrMUzLkl6k
+BorMDGhL7OII4ccj0RkXUzcnaoQXvoFW6S7bf/yg7FLDuhWSC69a1D8OFtd/xB5o
+bLxVMH5t7oA3zSSV4gSqp88WU4mzz0bwzLgdg98mJTuNFVC3g/OGBNIdKnvT2qwb
+GrJ1QxRRdUQDt/yCibPPSXvLyJiW46y5SYYyCcZf1wYZ0FbF21mvdl/sqKMEt71y
+hrqOOP68aO03vZKZokDbTM+KvdgKT0HPXFi0r/uPNUUancDMFJHc11Ebm7STbebe
+h7dr/d+Z+M3aLpiePaBcadhCOJcHcJS2VhDUVPF7lLnVilVBWCpQzyyzTOBwERPF
+w3rLYbfDs/1vtVFI3h5/p4jkfCIPGnP/p0qNcu7XAxGwoipmmPBdOQ9UbsFTYAY1
+3wYGeTfR46DBPi7uSpOlMpPla7YawYU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGPDCCBCSgAwIBAgIRAKCjlENSXD0eCU0TsB5PX7MwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE1
+MDIyNzAwMDAwMFoXDTI1MDIyNjIzNTk1OVowgbkxCzAJBgNVBAYTAlVTMQswCQYD
+VQQIEwJUWDEQMA4GA1UEBxMHSG91c3RvbjFBMD8GA1UEChM4VGhlIFVuaXZlcnNp
+dHkgb2YgVGV4YXMgSGVhbHRoIFNjaWVuY2UgQ2VudGVyIGF0IEhvdXN0b24xSDBG
+BgNVBAMTP1RoZSBVbml2ZXJzaXR5IG9mIFRleGFzIEhlYWx0aCBTY2llbmNlIENl
+bnRlciBhdCBIb3VzdG9uIFJTQSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALuLDiYNEgbW3w61b4lo2tSn1HUIwuccBn+lngjsCQBajrLpDrAi9PO4
+7RNdif1Q5+LjOi89HJW/Ecyhpzu1+yjABxLKLWQyKlOWfNdkGjypu4PD16ZMawLE
+NNPr+kfJy9nlLlc4nst7Jb1g6DAmStkirVUdsYd0xbjDlMIu1ekynvexau3q7BON
+z46BTeqOl9aU3KiGbVIqNep/JS2g8pzqaRoeiyQtqkQE1HCWk9KMMzclY/Mg05O+
+NTakVSh1PflvfAAqvLdDdzCcoPSKGBtj7oQBdv/tCcTYUgEvvT3lQnh6th08gfsw
+SS5FfpsGq7+kDB6+dDynQEKPM/aBSDsCAwEAAaOCAWwwggFoMB8GA1UdIwQYMBaA
+FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBS9TdQc254HxFkJHRpoyTrW
+H6X/wjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
+FjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwGQYDVR0gBBIwEDAOBgwrBgEEAbIxAQIC
+JAUwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VT
+RVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEB
+BGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJU
+cnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51
+c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBMlWncFVBDIz7xzEI5siQj
+s4HaighdeQONvAYsrZ1v9qAzhHE0lj8+GkGzpYnsScqm2Yvfv27ul0iGTsalw027
+dFM0DFIQnwBmdgmjeqxQ2wr8OAKuE9qJwq2sjCs4ka9ykp5TsLyi8adm3UF6gDGR
+vJ4mUuz/+enH49z40pVZpeE5q+S/rqxP0cySA8VYn1qeTAjxG7IIToLQdwrgc7U2
+1RhSQqYpiilAyk5T80RCxRZNt1oaWJ8FhvkzQAB8NarQErgveIf8EWwrfiLGSQ4L
+IDQ2eHUFsWPCAHSnSk/uSnltE6CAWTouzWk/uBM48ZbYmdv0aoNvAzJ8g+y/E5QU
++TIHDZNskswpuO2Ff3rfVNw4/vwMSos5Z0VSm5+9fAd7zRGdrTPLxA2Uqg+QyNau
+PSudnzuZDMf16NhNex2Ba1CFUmmfb6+V0nSHzkSKF9PZGTa1YmKYrrJ7t4INdEfH
+snTqULg9iDHnkPdYf75U4Ynn4ehilpGBaUr/mJX1wuxPbIhwOIe6mifST1nB/iy7
+b2hAhQhNLdG3Hl/OmuVPfryq3cErrsd1yBqmdkzxxTXP6dKcwjmuWGdJDYYVM9AO
+OhBc3Bl8TlqvrFWBQ9aKP1QcWQyPmlRbyQV/nAS8/b22vuq/wkwigppMfvxxMEqR
+BdP5I9qP8jcXQ0nmFcU2BQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFjCCA/6gAwIBAgIRAIriSb1sbY2ZYpQC0sJkYWMwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE1
+MDIyNzAwMDAwMFoXDTI1MDIyNjIzNTk1OVowgZMxCzAJBgNVBAYTAlVTMQswCQYD
+VQQIEwJUWDESMBAGA1UEBxMJQXJsaW5ndG9uMS0wKwYDVQQKEyRUaGUgVW5pdmVy
+c2l0eSBvZiBUZXhhcyBhdCBBcmxpbmd0b24xNDAyBgNVBAMTK1RoZSBVbml2ZXJz
+aXR5IG9mIFRleGFzIGF0IEFybGluZ3RvbiBSU0EgQ0EwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC1DSeZocjHmyVJTZWz588/PJ126SRMpJb2sbHC4Nit
+4BoMNR52ONz7/tLvFNHLghUZDL9DqZhDjVfU6b2ImoTchp6UhEjvUUuY7/4FgnxZ
+q3T+VUaklegBN/3khFQby6QeLwEezqZF4GbUH6c2QLRx+a4Zog8lZCouca5YpJfy
+7oZZ2vdEouWPoeASoYdcOVh1IrilEOIgQt82fc+yQoNoWp+bfJ2vzxY+R2fYpdp4
+9k2HYCWRhj3LvEnwnOPKWjerc1yt3hOgE5n3XTG9tw/YG3dWaiv1SubRve6zAW3G
+KOELeJFOQJD5N2GHDHB1RXbdigQV/t7MNWwph1Fh2EDzAgMBAAGjggFsMIIBaDAf
+BgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUT2xNfX9E
+0g1uPpiRYAZ5+IefesMwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBkGA1UdIAQSMBAwDgYM
+KwYBBAGyMQECAiQGMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2
+BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0
+cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAJrtn7bh9
+fxEMd5JnRz1SpuV8FHMGL+gBjgcTesFqmYRPvRLJTkUNz2FEM68tMWlicvBD7G7i
+L8g3Sx8IVBYvgQRWCxteoCAUqcyd+BgzxxP3+e0ywoWNFl/BugQoDisVzvpQLVU4
+pLYwsbjYc1pUFHBrN3lABnaf22N4dYEl+PfZfSscHiQHnBGCGefOiK7b+GpkbnKT
+zAgI/WKhZVLa0r0sbJzc5n7MVR+86M0GJ3vwaTvBhen6wBnxz1bEcHlveQ5Y27j3
+IxhwdhhAFpXdjOHSCRXJlajXXKSZfwIBNfFo+3nzmQe6V2W18JhpPXyxpxy00P6E
+y4ZCPW2fb4I4tmMGowxC63gEmGjUv6eI3QD0xGcc4T33dunSk+8mE50RA0jaU5ug
+5CYRmD+q1D1GKQbAAOBBLqrwZ+qqUIC/Irnxduaa54s0ZGa+SK8Iv01hZ2bTU5Vx
+KSYEYSGcAccSSYJ6UOUIGiLdEtOvIOqy0TcMY6x3HisoUeTfJxNX8VfyKeEbTQrg
+cWxPpdawSyq2CQ4XjJpNHDiRds0RElzT2OdqGodqmE2JbHn3vfs3LOLshxNRFXTD
+M3TuBbue5K20OLIg6mlLKQivs1mB4N+6MRHjhILlcTwp/RTXZQLVjyTuaiEGSouf
+/lT1j38eKQu2Qyyy4gnLOwTqSXolzhYtSTM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGQzCCBCugAwIBAgIQSpKN7CX53HrgDnGVn30M/zANBgkqhkiG9w0BAQwFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
 cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
 BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTUw
-MTIxMDAwMDAwWhcNMjUwMTIwMjM1OTU5WjCBzTELMAkGA1UEBhMCUlUxDzANBgNV
-BAgTBk1vc2NvdzEPMA0GA1UEBxMGTW9zY293MWswaQYDVQQKDGJSVS1DZW50ZXIg
-KNCX0JDQniDQoNC10LPQuNC+0L3QsNC70YzQvdGL0Lkg0KHQtdGC0LXQstC+0Lkg
-0JjQvdGE0L7RgNC80LDRhtC40L7QvdC90YvQuSDQptC10L3RgtGAKTEvMC0GA1UE
-AxMmUlUtQ0VOVEVSIEhpZ2ggQXNzdXJhbmNlIFNlcnZpY2VzIENBIDIwggEiMA0G
-CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDFqrrqMXLFg3JXv+96joUUqXsWiwB
-H/T30BrHtpOvmiNS3OT5fdV65lCf3KvVLgJn/JXdlb2zsBZJ5pmMSIj6fCqKFZQi
-L+XJm6gACK/WWm/Y0qhmzlCbms6/xMnaH7dWy08uDBpy4tdqd/YEyZftz3HBO+PD
-eEMf4XwNKRuTXev9PqRV2WIL/+PzYwL5HPp2mzfDmFntCKj4AxJ0pU5qETiKyu/c
-bI+s+3jpm9yKTi9AAVmHcDpzkmi5zcJv00oRtQHoFEL5fg92LvCMn32KjUNLBmPP
-Zv46Ldop21KJx4QVIraeXAIAEBjScGnVboNN/3sJQ96NaGPfXOaDTbdfAgMBAAGj
-ggF1MIIBcTAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4E
-FgQUWqzC4Z+ORBScCaqn9ruU9+CH30UwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
-/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1Ud
-IAQbMBkwDQYLKwYBBAGyMQECAhAwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGG
-P2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0
-aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0
-dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNy
-dDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG
-9w0BAQwFAAOCAgEAT4oyUpecGhb4F9lSyeCkhMEuiBcvjhT1rt+4ZW/mBL+Dzlix
-oGKBBXFhggiPSgc99iR6D+91kuTgePkwy0RFkJR0JXDsQBbdea+GhlBEBngtQgDr
-KsVd7Bk2FKO8Mx9oyqqdFCImajTkmtKdLr/5kopiO4Jc0ELNhIkBstKZspqEQhG2
-XAdnI2yY6SudQyUX+CdbNwAWc8bBvaK7gyNTSTv/PXm0qvJTWU46vHemgIBmnn8l
-8G6dnTsY2gdPUOu/R6a7QExch8dfJvjremFf+QcuKBiutrsIKc2T6r89nQ6+bXq2
-FjauvCuRKj3MXCTHvMM28f35Xj927dbXZv3izLuKV3cimJkTbnOlKvBRT7X6FGzd
-Iq58QI2SV/LLB3H/BoQWhGHgvQpXrTFDAV404cyFqYhEb+017hla/DjLGaqo3VsZ
-FPzJCwoI80LmmDIrYh4yYREaKTMJrLNSqgmZ1N56df+mNZnXWt11rUTfQ1jpy9lG
-9Z6LE6xIlD8nrMpY6tdmOw7TXhy/SJLBADCbdgNPjW4xVT+89lhXtIH1dRHfJyzW
-M1sCcZrbFuoTxwy1tn1EpM9l7YjMCVQAP6NE79vC+nLURZbbIYSbosmdvAd/+PUz
-p2wmoFf+gA5JQwKaRcbkEMlsxXaxqwLOyv7YhHbEAW0DscFfuFTsb02wGps=
+MjI3MDAwMDAwWhcNMjUwMjI2MjM1OTU5WjCBwTELMAkGA1UEBhMCVVMxCzAJBgNV
+BAgTAlRYMRQwEgYDVQQHEwtTYW4gQW50b25pbzFFMEMGA1UEChM8VGhlIFVuaXZl
+cnNpdHkgb2YgVGV4YXMgSGVhbHRoIFNjaWVuY2UgQ2VudGVyIGF0IFNhbiBBbnRv
+bmlvMUgwRgYDVQQDEz9Vbml2ZXJzaXR5IG9mIFRleGFzIEhlYWx0aCBTY2llbmNl
+IENlbnRlciBhdCBTYW4gQW50b25pbyBSU0EgQ0EwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC1PK3pEQ3d4b4VKPPYk+18Cs7b4uwFsu9EG3K14/GfUjBO
+5ZGYG5KrQWkOTNT2acgVWRe0iAUNxf14+ut/x5fdG0O18EEbNwSmoTa+9FanYI72
+avtNoZh1S+cNXGm8GWmdIcKn6kSS87SSmZK38PJO4yGxrqJezJ69dTA+il8y1/s7
+Nrqx/R3P2EOAgQTPbu8ABkR7uJaVdl9ELBgw+XvCNWuNGSDENd70AEL2Fk6zDKJ9
+fPoqJGn++d5ovQcQcbNrswFl/t9sb9P6sIAFyv/yiG6/ihAfqscPjy0Jq89gGj/M
++s3hk4IXUw+1fPuyTbfcgAGcWkidCcFY4HDvakirAgMBAAGjggFsMIIBaDAfBgNV
+HSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUNGcFa9QC3aIg
+Z3IH4p+tXAep/F4wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBkGA1UdIAQSMBAwDgYMKwYB
+BAGyMQECAiQEMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2Bggr
+BgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNv
+bS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
+L29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAI8f8h2sgYJNw
+8JBLF0VJu6oZwywySjzRoZLIt+W3KIirptQkj64I02UHOUv2Tp4aSgzIVx6tA/qK
+EUDQAcDmPpDcdI8dCo85eL/ZLeoWpA9olk8hltzAcbOxQr8JQtwIk67Yd9JWCkib
+uaPovIQzgccgfF5fAxTE5Gf/pa/D1sp+RjXupjgxfwxJZHcVPDJ1QSMPUVyJfd9p
+0ChriTf3e5EeDTqqZvMh57NcV4q+AxJ3Wzg+AWIaYsCtkjDqsNFQ1eZ/XdB52xgA
+smSrd43e4AiIQf1Rzy5nixTfQJq04EgS6sdyOWB28ZpyKVQtZgfUEDdIrer3+ZBC
+idDSJvdUZ20zh8eN0Y4A78jKrGU+foQJSZ0kDCVhX9UuvsoBs+3lUP/LHrQQ87a4
+03fXH+3rdsjWvGON6NdIa0K6QCM1NYFCzRK9RfwTaG/cW4sSlunPcD9VSw/0lprZ
+SR9Zw6ZCpBoLrJcfUittS5yxq/Oza3RjsU0vNQ+dAEMYblHKeLHoVok/dUMR0iCv
+0tk4J8/QnG0GqA9HCrHjfoVEJlECuWmaY6sU/YDzNHuxzIfrweb2tcCFLQazLIcu
+8nIlpwCQkpAMp3ObYRAhLOHvyH/38mvZNmfb+gk7OJgRpU09PBaUQcFi6nD6IRCy
+Mn11DHl9kFzOdSylgN8ToVimK6FUwZU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGNTCCBB2gAwIBAgIQMEZ284NFzpnxDzDmX2PYITANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTUw
+MjI3MDAwMDAwWhcNMjUwMjI2MjM1OTU5WjCBszELMAkGA1UEBhMCVVMxCzAJBgNV
+BAgTAlRYMREwDwYDVQQHEwhFZGluYnVyZzEtMCsGA1UEChMkVGhlIFVuaXZlcnNp
+dHkgb2YgVGV4YXMtUGFuIEFtZXJpY2FuMR8wHQYDVQQLExZJbmZvcm1hdGlvbiBU
+ZWNobm9sb2d5MTQwMgYDVQQDEytUaGUgVW5pdmVyc2l0eSBvZiBUZXhhcy1QYW4g
+QW1lcmljYW4gUlNBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+nf3k67v7yjRT0bxGk8uzl4LDOt9LLYXbTQBBArjKtW2oWRcWWT6wVr0D/caTmGAs
+bIx13Jneefn07E0kAWHiEKrCIVAl0ts4zROem/0DSKe26YTcpwt32TyfvnH4F5Id
+2Zq3oA23dzdIWV1tCsm3OviXfBf+puvXUa4dCNORmHunlVLxyJfN+45pqIq8x+u4
+ssiYJjfbKs1fHaGJnPQ/wBkCU9naKhYCfyA65mvAHtQS7Bi5BtGeAIPBwDeSgjXU
+flUhyLgcw/Q1e0KgZdoUkvxL8RHyXM327Za1UJ6jy0+YwhW8t0ndGdgZG4ETqEQP
+PSfY3Qjc92/IbIuWQqsa1QIDAQABo4IBbDCCAWgwHwYDVR0jBBgwFoAUU3m/Wqor
+Ss9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFBRrmx2ff9V4vs0JBjtELTC8AbNpMA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMCBggrBgEFBQcDBDAZBgNVHSAEEjAQMA4GDCsGAQQBsjEBAgIkBDBQBgNV
+HR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0
+UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8G
+CCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNB
+QWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVz
+dC5jb20wDQYJKoZIhvcNAQEMBQADggIBAA6EY1xkej7fhLGMo4Cw/PgBjIne/NLq
+6QKzCJBGWE061eXsPuUK+8+DfC8isgqzTur+m9OkbF2gU80kGY95BkXWQVzGlTSp
+MAPnjAWfb/NzD+30vcZZItTU6Pns2qOgIwycIsFP9vFGSZm5yK0mDMLTEWYwR2Qc
+wc/Hnlp8LEUJ1WbFwOe3LIfwsykRzsxOh+l15GXiI73L72B3pLwODvbMZScQpvpL
+L1F1eocC7hrnYYzmb1Drgpa+80wOib7V4myV5qDkorg2t4gMjjBPaikv0NpAWjhi
+OZGAaimypY1LSjYzC3Xosdrhp4S4UDmZ7p29IbTOAT9FZJJSghDyTbaPBjpgBRTH
+GeOvMw+bs9gKfix2oBfpEA7KamrinO3h3HwewMLJAGlYkk8iRUWuvojD6wUBRN3F
+asBk2IlbOHCOG1qPsg23Pj+YZzeFFsGRZTPIRMPPqo6ZL2d572gWeWrvwAjaBd18
+fI1juQMDKd2o6uf2p4Kgg9vug86cg/SnOenNdVVrV9OZQbec5bFg5ajwnrNkWC9R
+m6db/7TzOqaPe8dA0JL7oM1WruxaFAfLy1Yanj7ML++dLhhOEKsVwajWS4LkVaPe
+07gvoQClQBRHG/XNtXBa51pPJiYSJZVWR7ho7e/FLuwFVNLR+F8+d5wSpQWCyfDl
+XBIg6OTxrx5R
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF9zCCA9+gAwIBAgIRALS3J9L4T5h+/sALa+OCnCgwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE1
+MDIyNzAwMDAwMFoXDTI1MDIyNjIzNTk1OVowdjELMAkGA1UEBhMCSlAxDjAMBgNV
+BAgTBU9TQUtBMQ4wDAYDVQQHEwVPU0FLQTETMBEGA1UEChMKU2VjdXJlQ29yZTEy
+MDAGA1UEAxMpU2VjdXJlQ29yZSBSU0EgU2VjdXJlIENsaWVudCBhbmQgRW1haWwg
+Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY8TFOtQuJ6eKqmt36
+q4wbnsO9IKTcnBvTO2J9VBf/ryY4LFcqOIy83C52/N4IDVahcJDuKdtkin4Rdsot
+/6YT7Hb0W+MxrOStZiGhptWYQbmgZ6dYyIndVpVruH72GVwJtqM7//d5WMRTnq9l
+MCCczkb/wOJdOBPHF+LovY59wMCtzKumvbuNnpaVUt7AIwgEa+AKEPEFFUtXZZ8b
+M/aGef72eQbWLgXRdd/NmK9/ubKUjcxCv2UJzjZLWcyU+aTBMNiGkX7zTC/Nf0e3
+iJGo3affpkt2rhw4vwvlsPjgg9Jsj3bIn+v7U5blOyc369PXoj74xdt4LxuN7s+n
+PetvAgMBAAGjggFrMIIBZzAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNm
+yzAdBgNVHQ4EFgQUcgMRe1RGljH3KEDiL09sZ8AsjukwDgYDVR0PAQH/BAQDAgGG
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF
+BwMEMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAjIwUAYDVR0fBEkwRzBFoEOgQYY/
+aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRp
+b25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0
+cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0
+MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3
+DQEBDAUAA4ICAQBlaFMUEl/6RJk7PgGnow8YwAG/vXFbmHDYyn/rh35m2iHhInzd
+28HM9tRSWqfi/EM/BVQHJvAg1od4T6gCGxis/hu5kafEOMb5KGTAZn0qeJXNHhyn
+5TIbPKaQ+MbuLWsctaoWXedLUmfJ6p6M8yVaqMcq4mnbwGC1WDbAhGAC5FL20xUG
+6Je/LEuwyCtK+A/fxwBies5sLmkl3TL7vR0FTiudfg61DpGTBst/O1hEk6xCVGFf
+fSMu9Qc3zAfwAVsIppaf9fw4EtOXqyVgS3JpaE8SvwWkSXnjZz2ePe6if+6gMwFl
+f39OUu6ooAqAJNF+APSoUZx86Z97rL2v/CHHWkDmrJaJ281fwMKejpvMa3TiAdH5
+4nycxb1dp3JllqaE6LZHXgcA2P4hruIF+dkwmo8Ir0LdYvU6uT4eqf+36Xvjx311
+qDydON5VdcQnN1ILCxOQvNzNWpwjm2gQETwE3PeRqNrUb9Hd0hG4oevlKP3V70WA
+JhsKqOTISo+/WuIPCEkwX/aAa3Yl+F6bLsh5GIm4U6ZG7YmepjUPF8km7DTWPohi
+tHyXU8SaD1mnhnawjUOq0uZYAbHU5B6SWYzp0j0NXb3E6ddQIb7zj8UO6hIQWqIV
+8cMtV0ZwnM6h4e1tUqhHZ4BYUOnw+2VuSfOe2uGfhJvCn3RTIc8KjEVihw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGNzCCBB+gAwIBAgIRANXQCMzVcduZP+838Isw61kwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE1
+MDIyNzAwMDAwMFoXDTI1MDIyNjIzNTk1OVowgbQxCzAJBgNVBAYTAlVTMQswCQYD
+VQQIEwJUWDETMBEGA1UEBxMKUmljaGFyZHNvbjEqMCgGA1UEChMhVGhlIFVuaXZl
+cnNpdHkgb2YgVGV4YXMgYXQgRGFsbGFzMSQwIgYDVQQLExtJbmZvcm1hdGlvbiBT
+ZWN1cml0eSBPZmZpY2UxMTAvBgNVBAMTKFRoZSBVbml2ZXJzaXR5IG9mIFRleGFz
+IGF0IERhbGxhcyBSU0EgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDXlkSdnMkj8ZmmIetdWChi3JIr6sK3i1sLYfqi1rZLdHYxQt4Lgknp6kMdRM0q
+plOXzAaHaJBY0xZ2MODOEeOos21NBa3OF77TTnYxhlNmT23/0jKldJ9HVGY3R+WM
+djyO01cU+Zoyb9D/dbdatouboiamSrrbgFlu05iu6hRkEfnOe2noypqJRw0kYKNJ
+A2zGFNZKrIQ1GXXC0TLI44QKtnfVoSJ5OXGioScbJHI2hGB24a1ZS9hw3+MwSuNa
+zgV1TWQKso1zu/nH2jKJLrblzoP3Ftx7NXwmF4wVcevvlwpMz5s9q8EiEiNhSwOF
+Cixfd4bJhOpRHWCuCegE/qQRAgMBAAGjggFsMIIBaDAfBgNVHSMEGDAWgBRTeb9a
+qitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUbc0kvWZkjj/QX5mBwbGNocaZhJEw
+DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwIGCCsGAQUFBwMEMBkGA1UdIAQSMBAwDgYMKwYBBAGyMQECAiQDMFAG
+A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1
+c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgw
+PwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS
+U0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
+dXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEANMdPPnFJvqa6vj7yze21Aoxcj2mp
+bzzpT2yIszZKlokGxp4CU3sB4kaO3yx1Lhwkviab8XUM3hwu3eO4Z7KIse//RgIF
+gPcS3v9KBOhfJanMBS/f3r1TKSeJzqiZNpGIXSdU41++Fwpbd8efxOJMM27s14Z9
+PeUJFpLhSjp0Vak39HdrxBnTwbk+H4ZrO7KyH3V//sZc/0YvJrgEzhR66l+yZXib
+ekJaeD+2Amhy7jAN3oYuUD4nN+guDBooaM5Kx/sssMIVtZUA98epo0rD+T27WCxW
+mXnC4TK7JyqQN8zm3HgPGb2LMfOX79DO4n6FM1H/1ykpCxdOD+Tsvw/zcVivKS8x
+oRLces/yOAgc5cvymbVL8lD1H9nWnnOB+wk/ZpTJ2u2lkHOiZtwY11M2tO4H7oCt
+OlNFREUMRgs2OHaR8+LvTHrs/d5OCEuMW93hsq+XdIuR9vNnDBgRFt4je+sVbXbL
+D11TILZxwHIVzn9jvNB2bXRbzuTzee7WTW7CRM52yO7F38wxkeUr0sKJprpT8oVx
+Pdb1PFbuxPUUi/BE+dht7fq+N20Frtqrsn5l31EFtSzXazdc2eMjrvfsOK47kxyx
+fg+95sAMc2mDZCWIglNM1O5FjxEAPVnZGk++8PVci8NDtzRlFBxve2jXofAiZI7t
+mvF8vLmPScb7edE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGMjCCBBqgAwIBAgIQc2R6LY9G4kG32+hHKqs+TzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTUw
+MjI3MDAwMDAwWhcNMjUwMjI2MjM1OTU5WjCBsDELMAkGA1UEBhMCVVMxCzAJBgNV
+BAgTAlRYMQ8wDQYDVQQHEwZBdXN0aW4xKjAoBgNVBAoTIVRoZSBVbml2ZXJzaXR5
+IG9mIFRleGFzIGF0IEF1c3RpbjEkMCIGA1UECxMbSW5mb3JtYXRpb24gU2VjdXJp
+dHkgT2ZmaWNlMTEwLwYDVQQDEyhUaGUgVW5pdmVyc2l0eSBvZiBUZXhhcyBhdCBB
+dXN0aW4gUlNBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmYW
+KZAM+7UiKzyVLsLC/xPw4o0V8t7zgNctGjz3bHz4oSzj/Nwy36wnC5rMoPHAoUdF
+6iHhcwkiyFJSHlLf3Hg9ribcsjv0d90vXlKO1XjnLkJb+yrrdn7zZaY/r7Yfb/es
+eH6saBSRTMfoV93qkpxbQPgUfZbZ9wPY0s9wcJfPEJUPc+q2KC7HU1h6HTdI2+Y+
+8JwtFI6NY2poe78HmGT0GVvbR3OPooEP5hGz1FRMWV7QbxCPI8b5/nRNWzWqZzva
+WY64CtRqnRtiwWGr1HZpU4uhbftulAvSOBrpr0GqvVYyyZQc/v4qiyT7UYkwdgDB
+gCvYwCUugQ975+UYPwIDAQABo4IBbDCCAWgwHwYDVR0jBBgwFoAUU3m/WqorSs9U
+gOHYm8Cd8rIDZsswHQYDVR0OBBYEFCqrXi6ZyKt1wLy5rIhZeWQwKHWHMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMCBggrBgEFBQcDBDAZBgNVHSAEEjAQMA4GDCsGAQQBsjEBAgIkAjBQBgNVHR8E
+STBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNB
+Q2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsG
+AQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRk
+VHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5j
+b20wDQYJKoZIhvcNAQEMBQADggIBADKTaDfpDaLMo5bYjlknhM4nxsxI1ulTEi1o
+QUrRhr1XltaG4va59E7OYz8zmxecm5f/FIYeVaUkM1rQsyLBrXJYyYTLtrBlR6YM
+ju+er3/9LygDkydFFX8103DHGl1s3g6PWkFFAXw5MkkPBtqnkN2WXd49mVPN9HEX
+psa2Rhbc4mjQjo8QOY5Cw9C54BbOyeyDG5KAbXg5LdzB+VoOtVO17SfjCHMlHJiu
+LgL6RPkoEAzoSUrDL291QlB8+sdklj/Xk+OtKH1lRqEFw4Ot4b+Y7jtoJMHyOJsg
+V9XDm4Mh5mu9mvxGkBedjrnHWn6a0ncvOKvGXHfjHhGI3Ew3XajPFNvlQJkKI4Hl
+4nkHNJwhe52gDuNPzpzyI5mVO+vjYMmTt1TQol66u2NEGvchhSvWGQxy26/Czhmp
+EYa9oUuj6JwyJVFcZXrpsS5iR4rttZBkI9MvE0/zveg66BoX6AWNFmTUsdXWxM5E
+a5N8aIcOh5VFMLQtxgoaQKQke0N/5j49+IY05H2ID2Nriyr0Y6A//xWb5sUdsShZ
+9i24Es4mnRoZfjGhLI0fpah3EnxLCXgiZeVrYhfDoyKE6dJBci4YgNiirEtBiHfh
+z3JS/eLqpZ9+WiME/OyEmOw+ieAQS5sKFs+Ot2I3By5STiRBWtLXm0cFsguBq2RC
+FRgSM0bQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+zCCA+OgAwIBAgIRAOEwioIQre9PnXY/ZTsGCqcwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE1
+MDMxMTAwMDAwMFoXDTI1MDMxMDIzNTk1OVowejELMAkGA1UEBhMCQ04xETAPBgNV
+BAgTCFNoYW5naGFpMSUwIwYDVQQKExxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJ
+bmMuMTEwLwYDVQQDEyhUcnVzdEFzaWEgUlNBIFNlY3VyZSBDbGllbnQgYW5kIEVt
+YWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BAvUoQ548Oq
+4koHxfTdd2M5XZwLzc9QYFDW+dzXRdQf4ntTiJ3D8jp03gS83soco+aCDqdLOmbX
+PqP+CTOeCYNfXutAbHeFo5xOFJFZPANihBg8k/EqAiboMvT27JKqtj58azuSTuP5
+zzSTJZhfn3XxAluw1n5b+5HmpH0Anl2TKtFrc91oJ3+nr9Wy8+oakLhfp6ZRpY6S
+9uGwmiF/TciC282d8+/nfhhEfs+CPL2ZnPgDwIF6dFIFABUL2vISEdbMlseV8qQ1
+SkRZpFBDjLq6dsdHZbb5sjrw8ZnZCsc/fdgEQT8a1RccM7Sq6uDlZgJEXrL8tWg0
+epYGeTzYHQIDAQABo4IBazCCAWcwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd
+8rIDZsswHQYDVR0OBBYEFMiYBV/L5UMt1ykx43jj9Ta5uaxbMA4GA1UdDwEB/wQE
+AwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
+BgEFBQcDBDAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIxMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZp
+Y2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKG
+M2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENB
+LmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkq
+hkiG9w0BAQwFAAOCAgEAAS5MxWOL1eqreOXw17it2o+TOdxJfhJwaV3gjYdfZUcm
+EmtCs84ZOPg80RoqWE8Nv4Kkf2A7VkNyY7AbbDfN9LG3vO1VZZFrspkZM/N5d/WB
+ZMCkgaOvTksbNoirEIxrmpYMy/GHATi1crx/3EaPqNzZvU6LAvdHbySjBESaPNNA
+4xealCrJiO4pDrmjD4d+/s/Lp9zYAo8ZTMqsoy0clJ1/tw+d6RoPHGrYpU7wlDcb
+hAxXMJZbH9NWLJrpAN7CEtpD5HqmmcbTVAOaIbQ9v2l7yMtxtNP4oFOWqPhoLRvF
+mqbX8PvCPfq4WDkzrAFNBopOVY5Az42JYggaixTr3cK/B0SOPRz6QkjSdiAF1Y8c
+b7psWFCVWE3+fxwqQQzMmEWeUNlttbRczkdXfJKk2c8OJbVPaMpLqVl6brjHydKe
+aNDZwWeHQAc1laRQsaGt6powngOeH2xeA6gKBlOGOBjDV7jHDUXgq1S9Q4Oo84mt
+5udL8GjE3d6A0tt786B/KZzQa97XnEYDeVLZVU6mb/lk8j6iojaBpQaKx0KzyiLN
+EdykVUiNLNb5Ox+MXiFgzJvH0kobm0Pj0fk6Ar02p3P/KGx4hovu7n6Csy9wAeYX
+DWM9/BxpqPn85REvFuPeFUIUuK5kyMhZaWUmzss+Xy1l24fh9PRr+6Xxg+SeExU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFejCCA2KgAwIBAgIQTYuntN+eEVPhyA3uPm9AmjANBgkqhkiG9w0BAQsFADBH
+MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxJTAjBgNVBAMMHFVDQSBF
+eHRlbmRlZCBWYWxpZGF0aW9uIFJvb3QwHhcNMTUwMzEzMDAwMDAwWhcNMzAxMjMx
+MDAwMDAwWjBLMQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxKTAnBgNV
+BAMMIFNIRUNBIEV4dGVuZGVkIFZhbGlkYXRpb24gU1NMIENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KfgzN6/p5CKNhnzSO1KlnRUgKIMKJsydtjN
+aphH6UsOfjxMhtt19YSOFUDdBFMn/7I/8jFGBW4xm3waZDxGRmO2giLzDcHr6lui
+xI7oQd0VyBXek0I6cwLDLRRxBBQ3hViwiHW/KaEEbiEruG0EMsA7cPHg8iiP+hfg
+o16nWc7BSmVIU6/yRZJDLaFZGdexS6YWYQC1mvU2WY9q+HVGmqtdkcscSTb/amow
+VNGECN0VrK4gxNIAziuCxd8TL50vdmTZzc9VNL1OPW0EkCeDs/bB7SoXbZoZK2QI
+NVlfs9gSj0o9LEpu3qZSSB8X3szVMNA1gUR55/XGn2cmq0+G5wIDAQABo4IBXDCC
+AVgwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly93d3cu
+c2hlY2EuY29tL3BvbGljeS8weAYIKwYBBQUHAQEEbDBqMDEGCCsGAQUFBzABhiVo
+dHRwOi8vb2NzcDMuc2hlY2EuY29tL2V2cm9vdC9ldi5vY3NwMDUGCCsGAQUFBzAC
+hilodHRwOi8vbGRhcDIuc2hlY2EuY29tL3Jvb3QvdWNhZXZyb290LmRlcjASBgNV
+HRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTRQN6mtV
+nAym4bt76GqWbRdefLUwHwYDVR0jBBgwFoAU2XQ65DA9DfcS3H5aBZ8eNJr34RQw
+OQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2xkYXAyLnNoZWNhLmNvbS9yb290L3Vj
+YWV2c3ViLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAWjqPHv1C83253pheuaQFiXpr
+mHMqPDu/XpzqAC+lsYOnikPPpG2XvUp2JgmmTpLcTtE10hSU60lD/3/c9qkA3nOU
+izG7r5kO6Hkw+XqimV1CacJMhNCLw3/APlPdbtTprwYrLAEG/3OUyqTXrep5ffKY
+JamDc2Rs61e/3ZMWS/yx3mkSNQKMtt9YkeSWLoRT9OEw1esaeMq3OMt+13n7hpP4
+jLcKX+K7ZWcU9FuXnKply/iLIfw7dR6QvDYNm3kBmKwFVVAh/8HqQz75CgeCeP2a
+t+Iz4+7vnpFr/axmI8dWAfOqgd6TATTGgZr8/u36cCE6BQUPvJD0HPjT5KgsXRGS
+hAnFAddLb9OzMp5SooY6n2oKt3UAu9zVOGCeI54Gotq4YUFlMWg66EO0McXm8sFl
+QS7o7IKH0yk4O+lezREoPxqCopmWCdV+2b1GcsAKyhuQgQ6Bn/8HXCW943nXaY1/
+nBZX4VPwXEpHDrjBgpXsAfxjc3218UW3jBfORkH4qMdt+YGg50L/cBjyb3BPRfOQ
+k+ytjIh/hRtZRQQmOtb//wDrz+S8mbR2nUzWF6xpnAGJRttWl9Ct6a/aOU2zNaT5
+2c2zJkckYxacZ57+MQ8zp6N5JAfgflTvVtceMOcpVcRH1igbEAJulqT7xCEKZ280
+v95+eZJ5esOnWSEUGQo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFfDCCA2SgAwIBAgILAPnfat/1ZL6mi4IwDQYJKoZIhvcNAQELBQAwVjELMAkG
+A1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTEVMBMGA1UEAwwMQ0ZDQSBFViBST09UMB4XDTE1MDMyNTAyMDI1
+NloXDTI5MTIyNTAyMDI1NlowVTELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5h
+IEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEUMBIGA1UEAwwLQ0ZD
+QSBPViBPQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDn14xTy0bH
+zkaeyACeq6ryfxxG5zZT1fCL4lmw7sk6SVmOKNfE60Gf7W6orksrFVIbIMK+VrYp
++aYyhScq8EJT9xXBgXK2HqtpaDGOeclspJvcs+rXn9tlT789NBp3i5U+nLE9M1bR
+CHSx3Hzu8p7Aeqllou+8nZ2egaVbWFL1zC1JENupSSI9Yjbefhb06y/TVxQ0x4Zt
+zwPwLcd8NUtSruldolxPbhQeCZNJMPq1GKMxhd5pDwY4mCKxDeraqhTNXui9Aef3
+qyi2Ic9EXmdNPARkZJU2XTJ9FJ+DE+ChaIvfJ/VwQfM0eGlBn/SAaav54jBmRnec
+PeD6YfpuiJ8vAgMBAAGjggFKMIIBRjA4BggrBgEFBQcBAQQsMCowKAYIKwYBBQUH
+MAGGHGh0dHA6Ly9vY3NwLmNmY2EuY29tLmNuL29jc3AwHwYDVR0jBBgwFoAU4/4t
+/SjQC7W6tqLEvwaqBYyT+y8wDwYDVR0TAQH/BAUwAwEB/zBEBgNVHSAEPTA7MDkG
+BFUdIAAwMTAvBggrBgEFBQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91
+cy0xMi5odG0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5jZmNhLmNvbS5j
+bi9ldnJjYS9SU0EvY3JsMS5jcmwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRm
+s+/7VJWH6aylllau5n3tOtBD0TAnBgNVHSUEIDAeBggrBgEFBQcDAgYIKwYBBQUH
+AwQGCCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4ICAQDKER8qcBmZGOG8GOJ670VW
+OSg3UovOoc7/xz2mE+enyEcSwn/0QrL8C5DSA6nMvBMrCWEytYPofGQUXTwtlu78
+GLxYNn3A/RtzczJ+/BXIhoe3aOT4tQ+2s9vrFRfIXs4CkmqHhfYSvArokdayYmBd
+78psIwS5LCUzGKSn7y8UmAgoxiy7RtrVt5c1wvJyeuYk1Z1l8MN1szPrmAb4HS/D
+qnB+0qdhFGvfOyv7lg6/wlIAkN84cHlKNC3JvyFHaCIAyhTPgjUayUvBKFK7XwN9
+utIXl2L3IZX7zfxGS/J9+ZeNwyblQKmd/MKydJu9Ak6+ZMLLgjlCFkihJIn9Ur8M
+2KQigz7YPDVIJjOtS7ljOQVGh88LPUnQ1fBY7RwagficS/xclIOnaXhoyWzg7EcQ
+/T1/O4FkpMqKuOreaI5NExjAT8cKizyY2wcOOXKIYri3Ewnbm+00IaYYaiQRGUR6
+pzFFKxdFMbStCtI4ObN+A9tB7cnBCW4vz3sAJd/OgmLF38XTa+/km3c1nQOfhCGs
+6kx2heN/DgFAc+P7ldObo/kgGQtR6tr02gyXCFWnLMtT0+CoNOY0o3T+LbEqYeKL
+W7p29G9sgHgoqLFibWNMSKG1QvevkhjUMOD/g48f/nMSYsbU++yEaLvjvRHbb5ON
+IPkcE28TRhQQKmDKI+DRIg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIIXwrMtlpr+AAwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBOZXR3b3JraW5nMB4XDTE1MDQxOTIyMDkyOVoXDTMwMTIzMTE0MDgyNFowgYox
+CzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEtMCsGA1UECwwkaHR0
+cDovL3d3dy5hZmZpcm10cnVzdC5jb20vcmVzb3VyY2VzMTYwNAYDVQQDDC1BZmZp
+cm1UcnVzdCBOZXR3b3JraW5nIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/c8jCGiQh9gbKEungIHBYD6CzguTV
+o10soL09wMKO10oeYbh3c/J1Gt6R48WBxosjPBp22jAfLW4xofy6rUtqTVhH6CjV
+O8mhBsKWwkZ67G+85SrYgHAbcYHJRGm6ietIvZfirwyxpap4DIiSQCxD571X9zaI
+hY7y7V5eTDbkkUSLKOdBrrCnCJ3bPwsgQe8UR3OZeDTTkm5eErhf6F2Vo+y764Kr
+HL+21xT7f0Lkt30kBCoBFzBAOjtbN3yfZsjNQgYleVv6dOtz4ssju8I234M/9qiv
+n1Ebxom3up5uSAhL2bL/2ddPfeMWlK+sTX/VcsTkztZkD6C71RrexZiZAgMBAAGj
+ggEPMIIBCzAdBgNVHQ4EFgQUffiyTFQlCF1tJ8mrKwHDNXB5gGQwDwYDVR0TAQH/
+BAUwAwEB/zAfBgNVHSMEGDAWgBQHH9LnnNrCbqJAtLB6UBBQdMTIvTBdBgNVHSAE
+VjBUMAwGCisGAQQBgo8JAgIwRAYKKwYBBAGCjwkBATA2MDQGCCsGAQUFBwIBFiho
+dHRwOi8vd3d3LmFmZmlybXRydXN0LmNvbS9yZXNvdXJjZXMvY3BzMEkGA1UdHwRC
+MEAwPqA8oDqGOGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1U
+cnVzdE5ldHdvcmtpbmcuY3JsMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF
+AAOCAQEAMwRQ3PEqHiajCRbfzHvTnuXCd8PTwb6/jBUocmJym8lk4TaAUdAh7NVu
+EKYKzw/v53tH6EnF5ckYum/KFhcZqZtMHhtPlCNobPAxCPwdC2kh+Y1uP8aQypVT
+rKBIfO8MWQBhpONvikqgdiPBXMfuBs8+0Hz32DVqxs2xGicEmVgsQZU9+Z4im07X
+8QdHuj31CfCzBlnvvdA73rES8gysg/XEi3EAW8oBuBg+I5BwvRN0RmWKA2ASbgcG
+KrcnNWDj92g1aRaea0jIAuXI8U+jZzj31yTsf0vTDlc8ZLM8Jx5JzTAsLTr77LMb
+Qlgtpo36K/WdRXNiPz7au7rtV2fdOA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE0zCCA7ugAwIBAgIQZtrvA9uEYZFrJbqD+xdOEzANBgkqhkiG9w0BAQsFADB+
+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B
+LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD
+VQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTE1MDQyMTEyNDUyNloX
+DTI3MDYwOTEyNDUyNlowgYoxCzAJBgNVBAYTAlBMMSIwIAYDVQQKDBlVbml6ZXRv
+IFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLDB5DZXJ0dW0gQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkxLjAsBgNVBAMMJUNlcnR1bSBEaWdpdGFsIElkZW50aWZpY2F0
+aW9uIENBIFNIQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF4Fa7
+/gmX4yjanJ5OU71Dp98+qODk8eMgOQVrtwqoFu5hHs+FpRbj3QlU7Ib2ftvGJeZZ
+md7/+OCfgwiN/51a++9vc2rnCSOFLCVT2JqfuXSX8uDZq2hiq4YXuxksSDxSYoXs
+TSLSRZd+sI959Rs4IJPNf4ui40+5bA7zon4rgT8Roi+EMTsS+p0JVZsnRzcnasfI
+QPJ9hkw8SM2ehEUFnDS8SYBwrvgbRDD/i+e5/DRI1W1v9id6VCK0vBLJtq5ZGDxR
+emiTjeszlr57UNvmnpydMQoqe2Psb7C++PnlXpwCkQVUzMzC3ryGhO/ffuxpH28G
+Il/Y/xkKKzB0s6NlAgMBAAGjggE+MIIBOjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud
+DgQWBBQ/yljq8ckJfm4zwSOtTq0+PWxFpzAfBgNVHSMEGDAWgBQIds3LB/8k9sXN
+7buQvOKEN0Z19zAOBgNVHQ8BAf8EBAMCAQYwLwYDVR0fBCgwJjAkoCKgIIYeaHR0
+cDovL2NybC5jZXJ0dW0ucGwvY3RuY2EuY3JsMGsGCCsGAQUFBwEBBF8wXTAoBggr
+BgEFBQcwAYYcaHR0cDovL3N1YmNhLm9jc3AtY2VydHVtLmNvbTAxBggrBgEFBQcw
+AoYlaHR0cDovL3JlcG9zaXRvcnkuY2VydHVtLnBsL2N0bmNhLmNlcjA5BgNVHSAE
+MjAwMC4GBFUdIAAwJjAkBggrBgEFBQcCARYYaHR0cDovL3d3dy5jZXJ0dW0ucGwv
+Q1BTMA0GCSqGSIb3DQEBCwUAA4IBAQALvQnBCZbfwf52SNX18YXpKKzjSEw2+z/d
+3BZiu5IGdt/Yi0/NYvNgtIIz3rAkDi+y3o51Zj92zNjUi8GDIlKfqVIG5cigv+Z1
+mkQWmpMi/pH2yKXeM5mlR1CvmTIU3JeNBegoBi5rF5R4i6rGwlRKhtWfsD6dyceG
+jticsmLt3kWW1dxWqQfY1EyhdmDxlNXR207RzT7EisqRxHB4rrm+WDY6kntveHlL
+qVUEePsBB3sM+DgjYxXM7ydRFI/Zer9BKZfKW/v1f0GQNth2DfsV5MUs8Kyzw6Aq
+DCRx7HuwAOd9ya7EYbOreMi8Hb2955pmo6Vhaq2KPvjPYoC3KSpl
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFATCCA+mgAwIBAgIQAbdO1+G6tU7h4n6cWay1tjANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTUwNDI4MTIwMDAwWhcNMjUwNDI4MTIwMDAwWjBpMQswCQYDVQQG
+EwJVUzESMBAGA1UECBMJTWlubmVzb3RhMRQwEgYDVQQHEwtNaW5uZWFwb2xpczEO
+MAwGA1UEChMFT3B0dW0xIDAeBgNVBAMTF09wdHVtIFB1YmxpYyBUcnVzdCBDQSAx
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxY5lFZFS3GbWVO7aq02
+sXy/ujWN0SeXITx2NAVzVroAT9EG+ZUq6zr7V4X+T/+YLbWpDDNraWxvyHFu1hTZ
+mSHr1KXwXOgp9A5bAj/U/Jcn6tGK6pbTKIrPXXOxpJVz9K97KfJ4W3NZ4fubSNee
+7jy+r31B9l0I/LtSAXD/F4O/IWiXFjmZN//sAG9xilUE1YkFbcuzvbC3kd9kpons
+CyB6OxW4nDqTXpqRgQNR0DBa7tAn1/pbbQAuYjV6bxWIDG7KKOI2JMzMQGNoBwRx
+r+yVpzwIkbbGyZxWuA6QGOs5cbxUIdkQPNK/6zYg5vEnxCPvfkNIgzRWph72m1If
+3wIDAQABo4IBpzCCAaMwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMC
+AYYweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
+Y2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv
+bS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcnQwgYIGA1UdHwR7MHkwOqA4oDaG
+NGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RD
+QS5jcmwwO6A5oDeGNSBodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRB
+c3N1cmVkSURSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUF
+BwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBT+RWDB
+/PdHZvA9fuvdEPfiw3cl9zAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823I
+DzANBgkqhkiG9w0BAQsFAAOCAQEAKjTjm+Nj5mVJUgjKmtfCarN4ZTllitQiixSn
+smLL2BAxEs2PD3OOci3s34v3qsptTp1rntui9u4jGrJmp6J4Ndl4KxrTuL57hlmO
+HAZMVbpQUaZeSTKGcycT4rIqzEZZX5wLe7tOu1z/bVvYCR6vGiRZ7p4MRR7DIJV9
+SQp2wRq7/beXYsonJkbDp76IshN6k/nuJyvryrTeDs0SC0/YxV9oVtqwsT/WCXaf
+Sxa1TGCJZmk7T+O8qDKwjw2MKgBY+wKDHBCayIe8Sl10KDCCSyawO7J4xY2vijE+
+XChP186VyLElwa+fIvopQM2MEyXdGLZsoPLktd87PSSTipUxvw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGMzCCBRugAwIBAgIQD/zrpkT4Wq//HEW8st10wjANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBGZWRlcmF0ZWQgVHJ1
+c3QgQ0EwHhcNMTUwNDI4MTIwMDAwWhcNMjUwNDI4MTIwMDAwWjB4MQswCQYDVQQG
+EwJVUzEXMBUGA1UEChMOTWVkaWNhU29mdCBMTEMxJDAiBgNVBAsTG01lZGljYVNv
+ZnQgRGlyZWN0IE1lc3NhZ2luZzEqMCgGA1UEAxMhTWVkaWNhU29mdCBEaXJlY3Qg
+SW50ZXJtZWRpYXRlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+tgnBVgPykG/UmHUN0ijRKJ8SckwKFcRWk1GS/kOQeHtJpnCsz9+hAqVN/JXB17yn
+rqQeCyktiU2HWSwTfJA7PNoh5gOvq42HOE/wRvtn8NBZ8Pj/IPBRZo6z6qyB8erL
+d31gyW3mSLZzB63GNRfR796Anu9lUzd/WKScg9qTrvN0WKlLk/J5ojFzcfhYj+Ju
+MLsFtnL77c95SrmQ7RiAgfTgIcPfNMPuT0gnlQjGqkKmyPYRdN2Lj390EG2Cxv0Q
+A2yzy+dHCotOc4q5NoRHp9hszNPw2hMOTSj9M9aorGCsin4A1xy3s3XI4lFn4NNI
+wwGjNbUqgsPAM4Fz/MdAlQIDAQABo4ICyjCCAsYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAOBgNVHQ8BAf8EBAMCAYYwgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYY
+aHR0cDovL29jc3AuZGlnaWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2Fj
+ZXJ0cy5kaWdpY2VydC5jb20vYWlhTWVkaWNhU29mdERpcmVjdEludGVybWVkaWF0
+ZUNBLnA3YzCBgwYDVR0fBHwwejA7oDmgN4Y1aHR0cDovL2NybDQuZGlnaWNlcnQu
+Y29tL0RpZ2lDZXJ0RmVkZXJhdGVkVHJ1c3RDQS5jcmwwO6A5oDeGNWh0dHA6Ly9j
+cmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEZlZGVyYXRlZFRydXN0Q0EuY3JsMIIB
+UgYDVR0gBIIBSTCCAUUwOAYKYIZIAYb9bAACBDAqMCgGCCsGAQUFBwIBFhxodHRw
+czovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAwGCmCGSAGG/WwEAQEwDAYKYIZIAYb9
+bAQBAjALBglghkgBhv1sBAIwDAYKYIZIAYb9bAQDAjAMBgpghkgBhv1sBAQCMA4G
+DGCGSAGG+VsDiiEAATAMBgorBgEEAYLBWwABMAwGCisGAQQBgsFbAQEwDAYKKwYB
+BAGCwVsBAjAMBgorBgEEAYLBWwEDMAwGCisGAQQBgsFbAQQwDAYKKwYBBAGCwVsC
+ATAMBgorBgEEAYLBWwICMAwGCisGAQQBgsFbAgMwDAYKKwYBBAGCwVsCBDAMBgor
+BgEEAYLBWwMBMAwGCisGAQQBgsFbAwIwDAYKKwYBBAGCwVsDAzAMBgorBgEEAYLB
+WwMEMB0GA1UdDgQWBBQ9scQOTn6Xe6VvhZLgyJaMQqsIljAfBgNVHSMEGDAWgBRG
+CDhaqY4guwyvXjG6ibMov6yMNjANBgkqhkiG9w0BAQsFAAOCAQEAVEh7vNl5c5av
+zMqjGrJfinK/mngfrhsK1vERdkqbRJAlc3HcyRvWR1zegQ2eQgPIZhDq1E7eG++M
+gg/hFjgW7eZRAkFip3qCMPD9oNS7AkBKWVpXfgDpWyMX57OwomjkJWg1kteZ142d
+UZYONtdHZMfil3Ayti0WHz/m5G7uSKyiASbrEvQYqGA19fMRhASz8XEM1xQcy6w0
+GXZuwqlSMau5nflcjS3yUpW1/MMenuVOhkYJBmix2I/dWHD/IR5nWdoHt9Ly6p66
+W2SWNSpefMt7ari4UYWvehipwvQo6WBupOHiq91tkKi5bQveelhvxKRffvV8DyqR
+JdSwxHu/VQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEjTCCA3WgAwIBAgIPIAYFFnADDVRdyGE89xrFMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xNTA0MjkxMzE0MzBaFw0yNTA0MjkxMzE0MzBaMHgxCzAJ
+BgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEqMCgGA1UECxMhY2VydFNJR04g
+RW50ZXJwcmlzZSBDQSBDbGFzcyAzIEcyMSowKAYDVQQDEyFjZXJ0U0lHTiBFbnRl
+cnByaXNlIENBIENsYXNzIDMgRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDkl9cUvyMctGByG+oj7CFqZmRvPkhxqrI6MH+hse38EoOApnsX10mrihyI
+D3bEvsCMcZiwkNFUI3SeOhXtcmV2vvhpNz1tJ+N2Qbm5FlOFAedv39djCHbBUJrA
+6FMx3z0HafQgeA8RpwmaNUyUVIlGwvo6A5Jj3YJfPFbQhE0Ys+rxUc7ix2AM9h0I
+ry5rD8vrCZoZ7pkwQ7YQxXdextIHLVdtLQz32u0pg3l5TpDgJoO2JDNutJAm0KYi
+7HPp1xh3EPqLWLnfnBPHORKpe/11EuQCBf/ObvLYgVMDioPPg5WlPEsiwmkQHIZB
+eEGmxtpteuUMGQnBdXFHLVcPCcylAgMBAAGjggFPMIIBSzBoBggrBgEFBQcBAQRc
+MFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmNlcnRzaWduLnJvMDMGCCsGAQUF
+BzAChidodHRwOi8vd3d3LmNlcnRzaWduLnJvL2NlcnRjcmwvcm9vdC5jcnQwEgYD
+VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwHwYDVR0jBBgwFoAU4Iyb
+2yVJs/F8htayQocL0Gug2eQwHQYDVR0OBBYEFPbrmJ5AaatIYJ1GFv+ewDsDupv9
+MEkGA1UdIARCMEAwPgYLKwYBBAGBwzkBAQMwLzAtBggrBgEFBQcCARYhaHR0cDov
+L3d3dy5jZXJ0c2lnbi5yby9yZXBvc2l0b3J5MDAGA1UdHwQpMCcwJaAjoCGGH2h0
+dHA6Ly9jcmwuY2VydHNpZ24ucm8vcm9vdC5jcmwwDQYJKoZIhvcNAQELBQADggEB
+AErvoDlwbU4qC0R+erXB1n6A2X8EAcUD1xyBTKK+4mArU5KY+SMQ+oV+kZZjcf/t
+4fVVUYu/bh898jVBksGK/tro1etw75qM4giRxELVjrNzsaRT269dAwdj5Yw/1yyU
+4INjhKp1Hsh3KIMZEDy1Dyvj+YpXPylumqA/YNSjhKuHW6ZeAfyQHJ/R+SHkVanA
+qLn6xmlQenElytmOKtr/doXj6S9RD8J7hVvQ8G1ZjKWj96CQ7Gh+RPNV4h7Sry7+
+E3vKzhDAn/Tulg2J9ldLBlmAvosOm6WzutekNRbR7PlnX7iUlDAyt376j6/zHdsE
+XX3DBwU6knIS5W1eJi2KLZg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEnTCCA4WgAwIBAgIPIAYFFnADDvTSdlPHAaILMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xNTA0MjkxNDMzMzZaFw0yNTA0MjkxNDMzMzZaMIGFMQsw
+CQYDVQQGEwJSTzERMA8GA1UEChMIY2VydFNJR04xLDAqBgNVBAsTI0NlcnRpZmlj
+YXQgZGUgdGVzdCBUZXN0IGNlcnRpZmljYXRlMTUwMwYDVQQDEyxDRVJUU0lHTiBG
+T1IgQkFOS0lORyBRVUFMSUZJRUQgRFMgVEVTVCBDQSBWMzCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALkXqJ/YuagxpqyrISFIqGgQTClNgVdaQCmCQxv+
+19vZViJ77lqV+oICjfuDEsWLBq5dshSv8L31BYRJ7fYiRKuLgoF5ORA1LupWUp50
+HwHBVTlyEZWsB8eL9aIMEXIMOU1nizVJ8m1ph7KmJ3dj9Ef0yQ4EZ68EVTpO036h
+pqZiEiyl1Oaqo/ah19k0dk6Wyh1ysH9OwyDLMSYQu4Pz+BNYudQqEa0byvCWBGM0
+0lsO0a09fhYqQIbnfi1nJEtLVVuc4fEE6zBsfdf9d2JldzAx2N2OYm7kNzJb2Sxk
+3BurAggHAiO3zfHKV0YdIm2Jum/7/v/TbwlCmpD/ZfOuPeMCAwEAAaOCAVEwggFN
+MGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2VydHNp
+Z24ucm8wMwYIKwYBBQUHMAKGJ2h0dHA6Ly93d3cuY2VydHNpZ24ucm8vY2VydGNy
+bC9yb290LmNydDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAf
+BgNVHSMEGDAWgBTgjJvbJUmz8XyG1rJChwvQa6DZ5DAdBgNVHQ4EFgQUQMQAHiUz
+vWlgXiHb2IQ95A7FxrgwSwYDVR0gBEQwQjBABg0rBgEEAYHDOQEBAgECMC8wLQYI
+KwYBBQUHAgEWIWh0dHA6Ly93d3cuY2VydHNpZ24ucm8vcmVwb3NpdG9yeTAwBgNV
+HR8EKTAnMCWgI6Ahhh9odHRwOi8vY3JsLmNlcnRzaWduLnJvL3Jvb3QuY3JsMA0G
+CSqGSIb3DQEBCwUAA4IBAQBJxi+FfpdsgZ4QAYRUk2rrGJB65KMJolhoO2JJoE/L
+B3u3Q9BPcfewohC9xpYYi6bCDP85gshmbbVz3U0zXlRoMqOR2252a5CGsL/vjhfc
+AuoM73CClD5E6TgPGpCzUCGzict6ACfdKuxbhNXMuj9rJ7W+laPe+P2uBQ5JbraA
+wBene/0MYsuH5C7x+BrYtAeG7tFY0+2gSFAoJZdJ30wr5VvwD9jMz7DSFbx4muk8
+1J4b/MyZ+wtdVDDebpeHcWCl+HZO65CQmxXV8iPB1k3oOS9uP2tCV10VP9hbO+Iw
+FvRWGnIKMk7M+QBHQvQFf5JDkcwvdhb6XsofWNJ7MOLn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEmzCCA4OgAwIBAgIPIAYFFnADDwi9Lh4BpHPHMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xNTA0MjkxNDQ1MjRaFw0yNTA0MjkxNDQ1MjRaMIGDMQsw
+CQYDVQQGEwJSTzERMA8GA1UEChMIY2VydFNJR04xLDAqBgNVBAsTI0NlcnRpZmlj
+YXQgZGUgdGVzdCBUZXN0IGNlcnRpZmljYXRlMTMwMQYDVQQDEypDRVJUU0lHTiBG
+T1IgQkFOS0lORyBTSU1QTEUgU1NMIFRFU1QgQ0EgVjMwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC8KiielH9zrUJmYn0+w0BYjRZURtPK+5bvVbEqu6Qz
+EjyPwCyiNhwUFUfEn9JRJ3xzEzcYPehBb+xUcjd+bU+ZR+aEDsi5hhzekmxVo74U
+ZCs82okdS9meoxum/m9sU2nq3zSnmVujRDIgUGoa64CRX+AW0FsjR/lv40Rm7SXW
+UfLSgqBzDC/hAujl4vkeVMvlCbPyGtnwsdpRXX8fh7YlZ4Zv7DaaCx5TV+vNn3L6
+6oR0zbR7kpLoZ2atudcESjmkg6jisCCr9lnmg3KU0Sv810CZc4HAwL7A9cuf8niE
+hFOfNezIMh25BulSDVAivdWENieLUNoSzxnpshk6QrZHAgMBAAGjggFRMIIBTTBo
+BggrBgEFBQcBAQRcMFowIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmNlcnRzaWdu
+LnJvMDMGCCsGAQUFBzAChidodHRwOi8vd3d3LmNlcnRzaWduLnJvL2NlcnRjcmwv
+cm9vdC5jcnQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwHwYD
+VR0jBBgwFoAU4Iyb2yVJs/F8htayQocL0Gug2eQwHQYDVR0OBBYEFFd4ux45/Cds
+phEWX1L6hgqPPwJjMEsGA1UdIAREMEIwQAYNKwYBBAGBwzkBAQIBAzAvMC0GCCsG
+AQUFBwIBFiFodHRwOi8vd3d3LmNlcnRzaWduLnJvL3JlcG9zaXRvcnkwMAYDVR0f
+BCkwJzAloCOgIYYfaHR0cDovL2NybC5jZXJ0c2lnbi5yby9yb290LmNybDANBgkq
+hkiG9w0BAQsFAAOCAQEAfHl0bjGwLSq06kQBHLPpX6ODilE0FxojBbgl7ZTpXIh7
+Lkey2ZsLTpNNG0L7uxRyZU2QIlOD+EWAt4QrKckcaoZ8WfboILBWxw2OgdbiBRY7
+Uo+zYaPapS/4ysJOc64N0N3RaDahSD3/a6hUGrOZomgLhCc6SJGlPW//4zJrIfOM
+S0vDYfy9CbB9UTJD0gCvY16a2QuojsvPciNqK2LbMqcfJKuG+fxMmlI9CETqCLpr
+NTBUFiDyQNeYrwYBg0bmYsVIxI3hjT/H9jWcms+5Q9PnjzMkUPoLyesRy5hU5hoW
+E+vDNBlelTHL0mmDV4NGTmN0YMUGKdJr2eSJUIrCEA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDJjCCAqygAwIBAgIORnQ3eBYmHQ562+LMtfwwCgYIKoZIzj0EAwMwUDEkMCIG
+A1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9i
+YWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTE1MDQzMDAwMDAwMFoXDTI1
+MDQzMDAwMDAwMFowUzELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24g
+bnYtc2ExKTAnBgNVBAMTIEdsb2JhbFNpZ24gRUNDMzg0IEVWIFNTTCBDQSAtIEcz
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEtoR/hAHSDbEH2xfQvCh+we3rFz0vDGZ6
+q9WVISPKrhq/RKDz7qbylwu9Dfq+MCT5Jro1xP1cLetNItxUbrfm8ohInpvMXHfH
+FOrTJwk3KTiUpapxxN3xRtnDwsfFzAbzo4IBSDCCAUQwDgYDVR0PAQH/BAQDAgEG
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdDgQWBBQ8ePXOXBqHv6/xVOzwq26o3y6x6jAfBgNVHSMEGDAWgBQ9
+5ilIm+oHyiFESibebt7Sg9CfWTA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGG
+Imh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjUwNgYDVR0fBC8wLTAr
+oCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXI1LmNybDBHBgNV
+HSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFs
+c2lnbi5jb20vcmVwb3NpdG9yeS8wCgYIKoZIzj0EAwMDaAAwZQIwCE1ZFOKqFe6t
+e4Z94aB86sC1F+6CTHVP6nfdJv1LI6OBhOSI+0SMb2ZkFM/tByVCAjEAwEBhgFkv
+gUdO4GHgjZGBVd1Tlf/bCPSYTH6/bjdk35WcA5oIWVY00rOzbMo0vVeY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEjjCCA3agAwIBAgIORnQ3c1m3p0qL2FCUxcswDQYJKoZIhvcNAQELBQAwVzEL
+MAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsT
+B1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNTA0MzAw
+MDAwMDBaFw0yNTA0MzAwMDAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBH
+bG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRHbG9iYWxTaWduIENsb3VkU1NMIENB
+IC0gU0hBMjU2IC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj
+wHXhMpjl2a6EfI3oI19GlVtMoiVw15AEhYDJtfSKZU2Sy6XEQqC2eSUx7fGFIM0T
+UT1nrJdNaJszhlyzey2q33egYdH1PPua/NPVlMrJHoAbkJDIrI32YBecMbjFYaLi
+blclCG8kmZnPlL/Hi2uwH8oU+hibbBB8mSvaSmPlsk7C/T4QC0j0dwsv8JZLOu69
+Nd6FjdoTDs4BxHHT03fFCKZgOSWnJ2lcg9FvdnjuxURbRb0pO+LGCQ+ivivc41za
+Wm+O58kHa36hwFOVgongeFxyqGy+Z2ur5zPZh/L4XCf09io7h+/awkfav6zrJ2R7
+TFPrNOEvmyBNVBJrfSi9AgMBAAGjggFWMIIBUjAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0OBBYEFKkrh+HOJEc7G7/PhTcCVZ0NlFjmMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMD4GCCsGAQUFBwEBBDIwMDAuBggrBgEFBQcwAYYiaHR0
+cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3RyMTAzBgNVHR8ELDAqMCigJqAk
+hiJodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QuY3JsMFgGA1UdIARRME8w
+DQYJKwYBBAGgMgEUMAAwPgYGZ4EMAQICMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
+d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IB
+AQCiJj79nckuXwTF3mZwglD4tpRVOIyjT2E8r5zR+e2wS4RonlTFhDsmC8+2pMAr
+7f0CROm4zV1SoOnmEnvQngohyp5faxWOpZ3qVHyU+E24AzcIXmY88+pIMVTW6UgS
+hBGP3O4YK5jq6R9iV93C2SIMjcpU3z4v+s059NYF8ONHjduERW191KRjWAoaC1ve
+k8aAP0CIqbp1GxkAMNjbXeCNZ71jw7DNvI/YDpcS3MEwE0hOu5PrREs6Fcw33ymn
+3PbyutPXP5Mcg/3UBQqNhG+3H4bvpB8pC0EwfFB4ISCwOrYubvIETuLi7EPYIVnE
+o3WH27OlZEKVZQw+QOvSOWv0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIjCCAqmgAwIBAgIORnQ3d5IJc/pIL+KNlGIwCgYIKoZIzj0EAwMwUDEkMCIG
+A1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9i
+YWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTE1MDQzMDAwMDAwMFoXDTI1
+MDQzMDAwMDAwMFowUDELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24g
+bnYtc2ExJjAkBgNVBAMTHUdsb2JhbFNpZ24gRUNDMzg0IFNTTCBDQSAtIEczMHYw
+EAYHKoZIzj0CAQYFK4EEACIDYgAEZ83aiKJFxKmhUAp2JBSibN0Zfll9j+i4f3qM
+yEmMkeHycjRlKijTYVLLzKt42boui5fj5gSiR5CJn2ktgXtA0GJzAGSu2xAo6Suw
+UtjpVGuK7HPMcU295Xmqlbg6FrCno4IBSDCCAUQwDgYDVR0PAQH/BAQDAgEGMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEA
+MB0GA1UdDgQWBBT/u8i9ydRX8A3/UKZKRkOvE84CaDAfBgNVHSMEGDAWgBQ95ilI
+m+oHyiFESibebt7Sg9CfWTA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0
+dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjUwNgYDVR0fBC8wLTAroCmg
+J4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXI1LmNybDBHBgNVHSAE
+QDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2ln
+bi5jb20vcmVwb3NpdG9yeS8wCgYIKoZIzj0EAwMDZwAwZAIwPSPgOBjVY4qGtaOF
+Pz9McX06iFdhUf+A/tZx89y2Xy1eQ9Nh1sj5SM0hfbCTV2nGAjAnYsuqWiLwEzx0
+yqrw5nMhvfQ4eszkm7o5TSWvBBg0O8QFrI7l9z4V8CwLeHdjcdo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHkjCCBXqgAwIBAgIIM3VF0i2obk4wDQYJKoZIhvcNAQELBQAwQjESMBAGA1UE
+AwwJQUNDVlJBSVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQsw
+CQYDVQQGEwJFUzAeFw0xNTA1MDcxMjI1MzlaFw0yNjEyMzEyMzU5MDBaMEMxEzAR
+BgNVBAMMCkFDQ1ZDQS0xMTAxEDAOBgNVBAsMB1BLSUFDQ1YxDTALBgNVBAoMBEFD
+Q1YxCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+oHVLyy+miC29v/sQZfjQLLkr3gEHI1cA7Ev0mJkOjx5jkpk7xp7NbROz/EM5VVxZ
+Vi+mo8Wtkpc8Qzrgm4XQNaJ0IaI4LC8f4boix0mLND0zCnIGNxti15nP4HiqZ7k9
+u+YkylL5MX5VNbWl/TgMjxUHzaORYKPbSMRlAQSd1b7OU0PNa7p+WoF2XqbUzMdR
+0qw03tsyBvvRXgTFkIKijzHDA5cemDfxdZNP7t6LOxu0JxKDIqgvMFH88FqdeJd8
+uYVWpBpohIlZ0Gt7r3K9b6jNzuVAtWlkl4cByw1n5wmMSgxPxX6BtQrFUrvilrgd
+zDc/8b4IBqFzINjX/P9nErJdd4aQsn62uEomZ8PUwnQ6xhkMSqFjKDqqKUKjl5Cv
++PQoBA60WwIhgoxkwC1IYi5V0uciAFams8YJi3U0/ZNttR4g+JUlPjn7Vboi8OW5
+YKyxentQ+kDRN6gCQc8Oysx8NJ0wZnyt8MFzb/4OlzsO3vjSl8QEk9F0QF9+3ycm
+Fz6dBLYQgsZDDyK28DkJbIvwtDevB0S2QrabM3sxyKBImG7rNMm7ZyxpvX9vPXz1
+eGgxhJ/pTCZMBe2/ygFRLjoHEJhkSJCiooCFluUcctYlPq1PugwVeIzpZZOVZvwP
+V0SKAlV+TddvZVW0jF7zi8EoVJpW9z7BiD3GumxZSckCAwEAAaOCAokwggKFMC8G
+CCsGAQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDovL29jc3AuYWNjdi5lczAd
+BgNVHQ4EFgQUklKuRm1bvb6FwbNhR6j/t9mTwA4wDwYDVR0TAQH/BAUwAwEB/zAf
+BgNVHSMEGDAWgBTSh7Tj3zcnk1X2VuqB5TbMjB4/vTCCAX8GA1UdIASCAXYwggFy
+MIIBbgYEVR0gADCCAWQwggEuBggrBgEFBQcCAjCCASAeggEcAEEAdQB0AG8AcgBp
+AGQAYQBkACAAZABlACAAQwBlAHIAdABpAGYAaQBjAGEAYwBpAPMAbgAgAEkAbgB0
+AGUAcgBtAGUAZABpAGEAIABkAGUAIABsAGEAIABBAEMAQwBWACAAKABBAGcAZQBu
+AGMAaQBhACAAZABlACAAVABlAGMAbgBvAGwAbwBnAO0AYQAgAHkAIABDAGUAcgB0
+AGkAZgBpAGMAYQBjAGkA8wBuACAARQBsAGUAYwB0AHIA8wBuAGkAYwBhACwAIABD
+AEkARgAgAFEANAA2ADAAMQAxADUANgBFACkALgAgAEMAUABTACAAZQBuACAAaAB0
+AHQAcAA6AC8ALwB3AHcAdwAuAGEAYwBjAHYALgBlAHMwMAYIKwYBBQUHAgEWJGh0
+dHA6Ly93d3cuYWNjdi5lcy9sZWdpc2xhY2lvbl9jLmh0bTBVBgNVHR8ETjBMMEqg
+SKBGhkRodHRwOi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRp
+ZmljYWRvcy9yYWl6YWNjdjFfZGVyLmNybDAOBgNVHQ8BAf8EBAMCAQYwFwYDVR0R
+BBAwDoEMYWNjdkBhY2N2LmVzMA0GCSqGSIb3DQEBCwUAA4ICAQA8URqZ+fk3fX/4
+/gkAdB7/XmRJ+la14fKe9GPflvVVLThvCNrqkn3faW6I2VOBG72XsFstH34VoVs6
+vQH+Qu/JCNhpjllxWRV6Do1Fr1o1ogKy2LK6TYUCmHuidw99FnnFfTULk/qCrqeR
+OeAiRA89X1aAOgRmETA8KqTN5xf08Vns7WOFLlDmCdikh+758TfqUKEfjytaKp41
+C3+0hEmQ/GYvzXV793N/Irwb4w6GMIIyr6YPiMRo9QzX604Ap0Tl0RjxLXomnyNO
+z5jJWtxsxtbmsRrEcG/RT9iOn/KYeYAiZQAV9oem+8hMzo9gwbSsxNXu7vQtBD9u
+iVwxc7GJflNuQ0y9iTIS2r/0xxUoBJXD+X7V7848f7Y/iQ429a6AjB1PgLuESG/9
+t+WDU4KYGYkuhberIsYCDaVC90JCD9c2Bzq2SkPCx0lWdpS6rUq0shU2049yY5yM
+prjTua0FAflsv4H6fcam1pIZQLHmO4q5IZKfenCCNjgPnYWh8gYPCWZdhDuGfnLo
+BTRhhQqNkV0KC8lsF+nkYGrt+9jWLMhhcZJSTLvYhQguZa69j/cu4/JhbnoyCXiK
+iyocXD1mZYKXwshHNga5f5XhDAWUEP72+DVNjSz/zc8dreVDSwc4m2/zBpPzvy4U
+B2uotlnJjpdeauVu/w46y9nneQXxRQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEYjCCA0qgAwIBAgIIX65cxWM8aoswDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
+AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
+EwJERTAeFw0xNTA1MDcxMzQ1MDRaFw0yNTA1MDQxMzQ1MDRaMFUxNzA1BgNVBAMM
+LkF0b3MgVHJ1c3RlZFJvb3QgSXNzdWluZyBDQSBmb3IgUHJpbWV0YWxzIDIwMTUx
+DTALBgNVBAoMBEF0b3MxCzAJBgNVBAYTAkRFMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAqBF1eOdBw7S7CI3RyyIHsL2Mt/TTfg7rnmnrxaD4fxO84wXg
+WokglmSGoEI8gPjZ4AoD7mMhYVjmtLh+rhT/DfU6b/43FzEbFlwI1l1DEuMQMWB1
+By5GAvHP6wqX+RbQ6WjGcEMTyQQv3ZbwzSgkZ1V8h+xhSSRU4aJAU8/aqtuKjChK
+fVMqbIsXotW88euv7s5ZZDeNL6K3Ah7fTe04kKTz5GvYfDrDuY2Hr5+ypj8e7vsC
+aKMziN8VhpHZxsXC6IcdjDhjjNTq8ukC/XxJ/CMlZKhWey2sTagawkfYl1NOavC6
+bYJsPQGXexUgT+6H98kpSRlNEucqajpZKbEgGQIDAQABo4IBTTCCAUkwHQYDVR0O
+BBYEFKsG6X8510gnrHoVXxlaGWOAyCKJMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0j
+BBgwFoAUp6UGsSymCWDu0ZfpcK68Oxls2yEwGAYDVR0gBBEwDzANBgsrBgEEAbAt
+BQEBATCBywYDVR0fBIHDMIHAMD6gPKA6hjhodHRwOi8vcGtpLWNybC5hdG9zLm5l
+dC9jcmwvQXRvc19UcnVzdGVkUm9vdF9DQV8yMDExLmNybDB+oHygeoZ4bGRhcDov
+L3BraS1sZGFwLmF0b3MubmV0L2NuPUF0b3MlMjBUcnVzdGVkUm9vdCUyMDIwMTEs
+b3U9Q0Esb3U9QXRvcyUyMFRDLG89QXRvcyxkYz1hdG9zLGRjPW5ldD9jZXJ0aWZp
+Y2F0ZVJldm9jYXRpb25MaXN0MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF
+AAOCAQEAJ87LpXbDfkkm1ccKdQ8rzjYluTO+YVW10FCQXJFAXz3/WhQj8FjSVHoS
+HFHgXxHgeqEW8gMYNHIsCqW6UeTcfQTArQGU7wagS7XmH1S15zRCoykMlNl/4brb
+VJ+jqub1XDLOAjynKq+CPWs7uUViKkuJ0if8yVP2DKOqJEpC4BpHjhW2uwsPfmi8
+Nd7sQPwfglM6yvEgJXenMND4m8qO5Z49j0mxOR3dl9E+aapoms8oS6E7ju0PGmLe
+lZjdIkHdCKM1mDAQy5K/93RrugNlmbl6P4zCgFHzDaoRo8sVzyWz8gBhK+mgu1np
+xagt9d2dmk4LYExvSOw2lXO3ZORaHQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEXDCCA0SgAwIBAgIIY7ZXliUSllwwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
+AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
+EwJERTAeFw0xNTA1MDcxNDEyMjRaFw0yNTA1MDQxNDEyMjRaME8xMTAvBgNVBAMM
+KEF0b3MgVHJ1c3RlZFJvb3QgSXNzdWluZyBDQSBmb3IgV1dFIDIwMTUxDTALBgNV
+BAoMBEF0b3MxCzAJBgNVBAYTAkRFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEA5yD8eiYuILo6nqF8hSENi9XkfyFKnh4vrfF0f9q9tQJ9yvb5N1yAr1PY
+a7WMsp2ieXjbOOhoEgV68HvIX1rqgzzYSK4oSkqmonE8MkZLb8kFPWDVal/1kvvL
+IGaBWVsH0BpuQXLqVTxDn/t677YLurKUEY6QA3fVFC6vom/QrkRWNzNwNfWY2etg
+XhqXTK58xEWDZvoTd5zEWVrRx4mH3GM0plXFjZgX5Irf8jUnMEg51qAmauxuEkW7
+Fykxb0lHwSIpvfKzPvVlaDl8biNFAgGRRgg4tQXBaRy4lRqe98MI62aA30qKBXhZ
+v56U7NJzIf4j0blvNXiSrE2e+cvl3wIDAQABo4IBTTCCAUkwHQYDVR0OBBYEFDUp
+gZ+4qKGkqqO4uL7WzkRxhOLhMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU
+p6UGsSymCWDu0ZfpcK68Oxls2yEwGAYDVR0gBBEwDzANBgsrBgEEAbAtBQEBATCB
+ywYDVR0fBIHDMIHAMD6gPKA6hjhodHRwOi8vcGtpLWNybC5hdG9zLm5ldC9jcmwv
+QXRvc19UcnVzdGVkUm9vdF9DQV8yMDExLmNybDB+oHygeoZ4bGRhcDovL3BraS1s
+ZGFwLmF0b3MubmV0L2NuPUF0b3MlMjBUcnVzdGVkUm9vdCUyMDIwMTEsb3U9Q0Es
+b3U9QXRvcyUyMFRDLG89QXRvcyxkYz1hdG9zLGRjPW5ldD9jZXJ0aWZpY2F0ZVJl
+dm9jYXRpb25MaXN0MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEA
+I8fQ/4v3IovJs4MOM02b4RfRZY/rk8CknUv9IZ+uDO5fbnP5ato0kw35NWuYjuCT
+AsQcsoD7BSNR7c8j0cGDZjCiGQKdghXsTEE56JmmnxfM2QjjBDAG8mpBL4ckMysY
+ODo25k1UhMCDqJYzAZ4HGQE5ATp1kkhgkDKrqrnjhGm0LfH8QNYk9UsdNllOvVl9
+ZPx79FgooDQMpz+6qK5AbUc0QVQPfkLjjzH4n3oOnEwN7eXP0WBC/tPxq+u3AA6Q
+bIcOm64Wb9ggYEq/4gnwse+6Y39JkeHRZijqJdzo4q8M2CxbYJVwGwLVy24Xko5y
+brgxo8AmLTPyLYyWf7OUBg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEYjCCA0qgAwIBAgIQcSI8pSIYXqxEzxdw0aiqXTANBgkqhkiG9w0BAQsFADCB
@@ -4779,6 +7576,115 @@ ufpCh8h4dkv/pqkWH3sArdavhoK/NURrDkzPa+EwbIDVooWWBbLCBQ8LGbCyOeKp
 Gov7Dys9bWC8vFML1cH+QDRfDwymdA==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIGTDCCBDSgAwIBAgIIMtYr/GdQGsswDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
+BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
+MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290
+IENBMB4XDTE1MDUxNDA3MDAzOFoXDTMwMDUxNDA3MDAzOFowgYcxCzAJBgNVBAYT
+AklUMQ8wDQYDVQQIDAZNaWxhbm8xDzANBgNVBAcMBk1pbGFubzEjMCEGA1UECgwa
+QWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxMTAvBgNVBAMMKEFjdGFsaXMgRXh0
+ZW5kZWQgVmFsaWRhdGlvbiBTZXJ2ZXIgQ0EgRzEwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQD1Ygc1CwmqXqjd3dTEKMLUwGdb/3+00ytg0uBb4RB+89/O
+4K/STFZcGUjcCq6Job5cmxZBGyRRBYfCEn4vg8onedFztkO0NvD04z4wLFyxjSRT
+bcMm2d+/Xci5XLA3Q9wG8TGzHTVQKmdvFpQ7b7EsmOc0uXA7w3UGhLjb2EYpu/Id
+uZ1LUTyEOHc3XHXI3a3udkRBDs/bObTcbte80DPbNetRFB+jHbIw5sH171IeBFGN
+PB92Iebp01yE8g3X9RqPXrrV7ririEtwFMYp+KgA8BRHxsoNV3xZmhdzJm0AMzC2
+waLM3H562xPM0UntAYh2pRrAUUtgURRizCT1kr6tAgMBAAGjggHVMIIB0TBBBggr
+BgEFBQcBAQQ1MDMwMQYIKwYBBQUHMAGGJWh0dHA6Ly9vY3NwMDUuYWN0YWxpcy5p
+dC9WQS9BVVRILVJPT1QwHQYDVR0OBBYEFGHB5IYeTW10dLzZlzsxcXjLP5/cMA8G
+A1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbtifN7OHCUyQICNtAw
+RQYDVR0gBD4wPDA6BgRVHSAAMDIwMAYIKwYBBQUHAgEWJGh0dHBzOi8vd3d3LmFj
+dGFsaXMuaXQvYXJlYS1kb3dubG9hZDCB4wYDVR0fBIHbMIHYMIGWoIGToIGQhoGN
+bGRhcDovL2xkYXAwNS5hY3RhbGlzLml0L2NuJTNkQWN0YWxpcyUyMEF1dGhlbnRp
+Y2F0aW9uJTIwUm9vdCUyMENBLG8lM2RBY3RhbGlzJTIwUy5wLkEuJTJmMDMzNTg1
+MjA5NjcsYyUzZElUP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q7YmluYXJ5MD2g
+O6A5hjdodHRwOi8vY3JsMDUuYWN0YWxpcy5pdC9SZXBvc2l0b3J5L0FVVEgtUk9P
+VC9nZXRMYXN0Q1JMMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEA
+OD8D2Z2fw76+GIu+mDEgygH/y7F9K4I6rZOc3LqGBecO3C0fGcIuuG7APtxGGk7Y
+nk97Qt+3pDoek9EP65/1u128pRncZcjEAeMgKb7UuJxwoR6Sj5zhOadotKcCQqmF
+Si99ExNo6dTq5Eyp1KrqepLmezbO9owx4Q44mtNpfKLMgzDqOn/dwNMo/pGYbMfP
+DjhxEnta1HXgcEcgCk1Au16xkdzapwY4sXpKuwB24phfWF+cveKAQ0Rncmvrm34i
+9B6leZUkSHDe4mRkbO5nObhKHYRmVSr0Q/wvGCmTgGTKuw/Gj8+RFb5MEkOKEcJn
+I32CPohpiW/jlpeLaFBIgJnXuZTxmfTX55sqtXDlKxRxFwq1W3kML4UfGZsgjx1l
+hX5fQ1QlEZeO9CyPpgGO5Py2KXXKhUxCtF7tawAYimWwslxvPCjHDND/WhM1Fz9e
+2yqwHcSQAOUVv5mk9uYc6/NSLwLb5in3R728GNEpHHhbx5QZhtdqR8mb56uJUDKI
+AwnnZckcR+SLGL2Agx7hY7YCMOQhSsO6PA81M/mGW2hGCiZw3GULJe9ejL/vdS0I
+PWrp7YLnXUa6mtXVSBKGrVrlbpJaN10+fB4Yrlk4O2sF4WNUAHMBn9T+zOXaBAhj
+vNlMU7+elLkTcKIB7qJJuSZChxzoevM2ciO3BpGuRxg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGRzCCBC+gAwIBAgIILNSK07EeD4kwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
+BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
+MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290
+IENBMB4XDTE1MDUxNDA3MTQxNVoXDTMwMDUxNDA3MTQxNVowgYIxCzAJBgNVBAYT
+AklUMQ8wDQYDVQQIDAZNaWxhbm8xDzANBgNVBAcMBk1pbGFubzEjMCEGA1UECgwa
+QWN0YWxpcyBTLnAuQS4vMDMzNTg1MjA5NjcxLDAqBgNVBAMMI0FjdGFsaXMgQ2xp
+ZW50IEF1dGhlbnRpY2F0aW9uIENBIEcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAwPzBiVbZiOL0BGW/zQk1qygpMP4MyvcnqxwR7oY9XeT1bES2DFcz
+lZfeiIqNLanbkyqTxydXZ+kxoS9071qWsZ6zS+pxSqXLs+RTvndEaWx5hdHZcKNW
+Gzhy5FiO4GZvGlFInFEiaY+dOEpjjWvSeXpvcDpnYw6M9AXuHo4JhjC3P/OK//5Q
+FXnztTa4iU66RpLteOTgCtiRCwZNKx8EFeqqfTpYvfEb4H91E7n+Y61jm0d2E8fJ
+2wGTaSSwjc8nTI2ApXujoczukb2kHqwaGP3q5UuedWcnRZc65XUhK/Z6K32KvrQu
+NP32F/5MxkvEDnJpUnnt9iMExvEzn31zDQIDAQABo4IB1TCCAdEwQQYIKwYBBQUH
+AQEENTAzMDEGCCsGAQUFBzABhiVodHRwOi8vb2NzcDA1LmFjdGFsaXMuaXQvVkEv
+QVVUSC1ST09UMB0GA1UdDgQWBBR+YPz4bKc9Pdeuk6F5Ao+zdCk79TAPBgNVHRMB
+Af8EBTADAQH/MB8GA1UdIwQYMBaAFFLYiDrIn3hm7YnzezhwlMkCAjbQMEUGA1Ud
+IAQ+MDwwOgYEVR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hY3RhbGlz
+Lml0L2FyZWEtZG93bmxvYWQwgeMGA1UdHwSB2zCB2DCBlqCBk6CBkIaBjWxkYXA6
+Ly9sZGFwMDUuYWN0YWxpcy5pdC9jbiUzZEFjdGFsaXMlMjBBdXRoZW50aWNhdGlv
+biUyMFJvb3QlMjBDQSxvJTNkQWN0YWxpcyUyMFMucC5BLiUyZjAzMzU4NTIwOTY3
+LGMlM2RJVD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0O2JpbmFyeTA9oDugOYY3
+aHR0cDovL2NybDA1LmFjdGFsaXMuaXQvUmVwb3NpdG9yeS9BVVRILVJPT1QvZ2V0
+TGFzdENSTDAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAE2TztUk
+vkEbShZYc19lifLZej5YjLzLxA/lWxZnssFLpDPySfzMmndz3F06S51ltwDe+blT
+wcpdzUl3M2alKH3bOr855ku9Rr6uedya+HGQUT0OhqDo2K2CAE9nBcfANxifjfT8
+XzCoC3ctf9ux3og1WuE8WTcLZKgCMuNRBmJte9C4Ug0w3iXqPzq8KuRRobNKqddP
+jk3EiK+QA+EFCCka1xOLh/7cPGTJMNta1/0u5oLiXaOAHeALt/nqeZ2kZ+lizK8o
+Tv4in5avIf3ela3oL6vrwpTca7TZxTX90e805dZQN4qRVPdPbrBlWtNozH7SdLeL
+rcoN8l2EXO6190GAJYdynTc2E6EyrLVGcDKUX91VmCSRrqEppZ7W05TbWRLi6+wP
+jAzmTq2XSmKfajq7juTKgkkw7FFJByixa0NdSZosdQb3VkLqG8EOYOamZLqH+v7u
+a0+ulg7FOviFbeZ7YR9eRO81O8FC1uLgutlyGD2+GLjgQnsvneDsbNAWfkory+qq
+AxvVzX5PSaQp2pJ52AaIH1MN1i2/geRSP83TRMrFkwuIMzDhXxKFQvpspNc19vcT
+ryzjtwP4xq0WNS4YWPS4U+9mW+U0Cgnsgx9fMiJNbLflf5qSb53j3AGHnjK/qJzP
+a39wFTXLXB648F3w1Qf9R7eZeTRJfCQY/fJU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGcjCCBVqgAwIBAgIBKTANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIx
+GDAWBgNVBAcTD0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxp
+bXNlbCB2ZSBUZWtub2xvamlrIEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0w
+KwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24gTWVya2V6aSAtIEthbXUgU00xNjA0
+BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRpZmlrYXNpIC0gU3Vy
+dW0gMTAeFw0xNTA1MTQxMzMyMjdaFw0yNTA1MTExMzMyMjdaMIHfMQswCQYDVQQG
+EwJUUjEYMBYGA1UEBwwPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKDDlUdXJraXll
+IEJpbGltc2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklU
+QUsxLTArBgNVBAsMJEthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBT
+TTFDMEEGA1UEAww6VFVCSVRBSyBLYW11IFNNIFNTTCBTZXJ0aWZpa2EgSGl6bWV0
+IFNhZ2xheWljaXNpIC0gU3VydW0gMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAL2/oOCsOs5RrqU5xA8qZuHMy2hujUGeLeY4qcoICE+KuS5bLvexKrmt
+kZS/wCrWxqOeOriNlC1F7lia4yHMJp39vG8v6zgaixeyyCxeiIt3AFHziOx7xfOI
+qLS5Ygbm+FyEwSXOLA+wjg7FHoJ50INzm/Y+IeN96jYBA//1H9b76KFIsGtWn1Cp
+MzglSPqKusmoir4l3NzQEDYf68xmFzB/VDbYPd90j6bzx5T/8Y9RR0CW/m7e6DCf
+MtBCjCQkum6E9ReSfgGizcDzSGbQQFxVBBYXi/hgBsP6RySuZNB9Pgru6hSxskBp
+MPoppgeVBBb/+EdSDTbRqth5fVsElEMCAwEAAaOCAkIwggI+MB8GA1UdIwQYMBaA
+FGU/x4qGxjzdPFRcNfg67VIMR1fIMB0GA1UdDgQWBBT2NTUXri77t333dheKZWTr
+Z3pAqzAOBgNVHQ8BAf8EBAMCAQYwggEbBgNVHSAEggESMIIBDjCCAQoGBFUdIAAw
+ggEAMCsGCCsGAQUFBwIBFh9odHRwOi8vZGVwby5rYW11c20uZ292LnRyL2lsa2Uv
+MIHQBggrBgEFBQcCAjCBwx6BwABCAHUAIABzAGUAcgB0AGkAZgBpAGsAYQAgAGkA
+bABlACAAaQBsAGcAaQBsAGkAIABTAGUAcgB0AGkAZgBpAGsAYQAgAEkAbABrAGUA
+bABlAHIAaQBuAGkAIABvAGsAdQBtAGEAawAgAGkA5wBpAG4AIABiAGUAbABpAHIA
+dABpAGwAZQBuACAAdwBlAGIAIABzAGkAdABlAHMAaQBuAGkAIAB6AGkAeQBhAHIA
+ZQB0ACAAZQBkAGkAbgBpAHoALjASBgNVHRMBAf8ECDAGAQH/AgEAMD8GA1UdHwQ4
+MDYwNKAyoDCGLmh0dHA6Ly9kZXBvLmthbXVzbS5nb3YudHIvc3NsL1NTTEtPS1NJ
+TC5TMS5jcmwweAYIKwYBBQUHAQEEbDBqMDkGCCsGAQUFBzAChi1odHRwOi8vZGVw
+by5rYW11c20uZ292LnRyL3NzbC9TU0xLT0tTTS5TMS5jZXIwLQYIKwYBBQUHMAGG
+IWh0dHA6Ly9vY3Nwc3Nsa29rczEua2FtdXNtLmdvdi50cjANBgkqhkiG9w0BAQsF
+AAOCAQEArDB3/x+K/9STX/RcVKRPO5mv03Uli+7tiZk51ipo5ItpPpSUbjHrXy4E
+wtc0Rra/zFFHH7AEFxAUU3SL1M3sZcmTMSvSfVhbNW6kZUE1VRY0ZhnBZe0pY1eA
+OXxj03FTqEGrushFywTqgrFZdLuQ/4SfY8/8afyI5StH6nAOiMgyDNppl93XIS0U
+6zz1iCOwb6ToBYTAIK+BFP04PMA2wqc7ulgQH0uu8pPPzkdRostMaxwtSreedA+c
+CGExK5OyA/BX0VtjlEUxJcmmoY3fXO6z1q0/G2PWtvlsBZB1kQkWpUgaTcoiWUO/
+8qMZRgLmY+jlCktjqp7mkrwusrzEHg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIF8TCCA9mgAwIBAgIRAPAdS+57fKN7PAVmrAWXJFgwDQYJKoZIhvcNAQEMBQAw
 gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
 BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
@@ -4813,6 +7719,92 @@ bpdYW3hkpO1itAA7Bn55uFhfboTWQ7xP2zmqKPDBiQnF++MYRLflsotdlfkjWgty
 92k61leL4en0YL7EUSsRrP5Is3JzyhNQcw0EdsoB4ULC1yHP+Q==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIEtzCCA5+gAwIBAgIQC/SnriLlEJ2vk5gjHMPbPDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTUwNTE5MTIwMDAwWhcNMjUwNTE5MTIwMDAwWjBdMQswCQYDVQQG
+EwJVUzEZMBcGA1UEChMQU29uYXZhdGlvbiwgSW5jLjEXMBUGA1UECxMOc29uYXZh
+dGlvbi5jb20xGjAYBgNVBAMTEVNvbmF2YXRpb24gSW9UIENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUzPBidPFEfnr+t8ITuxpwjK2FkxG4QnlPOI
++K4Tt5IkVABpqp9G0CpgEHh5DSp8b8L5fzWLVQqT9b+UUqGT6KXi4cichYfUnMTl
+/ehlemhUobdA1RnnIb9b8u50D4EaqwdjPISuvm0uDtJpvMO25gyKS376G6CZoFAW
+u3faZwEBwXHioqwpwGtZVBRc0Ckf9NGDZQrKaNqzmOV8mlewsVixomGV/yTNdkrZ
+xpmiUzTM8kkmAiCk8V41TwdUHbSm+SEOnTh4E+BXOiVrW/4Bc2H20qmqHh0w7JZQ
+E2VFqI7p8CDLxrZIxOhXMl+18HrIGntpq6DjoKQH8Fipe2l8JQIDAQABo4IBaTCC
+AWUwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYweQYIKwYBBQUH
+AQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQwYI
+KwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFz
+c3VyZWRJRFJvb3RDQS5jcnQwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL2NybDQu
+ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNybDA9BgNVHSAE
+NjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQu
+Y29tL0NQUzAdBgNVHQ4EFgQUOjNgKWFClk3CDEFMlkaPw0quWNAwHwYDVR0jBBgw
+FoAUReuir/SSy4IxLVGLp6chnfNtyA8wDQYJKoZIhvcNAQELBQADggEBACBbQH66
++1bUUKMA8SBDjZzlPJJIGt3+wyqPf9FVJ4xbkcgAVWKQwvPR35wjsDvUWqKuMbKm
+CWJeqt2fEIEf14pvOpjNPUqxQ88AzmrH54L+j+SaVehGKcVxQYOzaFpqfMcwZE9i
++qzv4Zz26aKaL9x/VNHKjcYFDCruE1CXtbn92InKGqbzn1N6WYXKmjuG/7AzsOIs
+T8K2taxWGaOV/k1RVYkYi6HWDuq39AZbeG94SYiqFfgYQxUCMFUguW2bYjzGSO35
+EAENF/SL5aN4fleteWZNk7S2QiWVEthSBgm9Lh+WeNA5LCxK0FuPpd3Vh0G7B5zl
+Xlkgq/EWxjhyQ1A=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuTCCA6GgAwIBAgIQDaN4TTAzd/C1C8vO3KqjOjANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE1MDUxOTEyMDAwMFoXDTI1MDUxOTEyMDAwMFowTDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAoTClBsZXgsIEluYy4xKDAmBgNVBAMTH1BsZXgg
+RGV2aWNlcyBIaWdoIEFzc3VyYW5jZSBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCpA+uFY2Ff43/ksnI8+y8NQT1If8XnlRxAcXHt1LB4RGe2mota
+8wvJcXsZpfoZ8+f1xrmeJFxi9j1fpfUtma/OWuY6HT0ajgfKzKYX/4qdgclLFZfB
+TWw6YHy7Qit/zCi96y2A0wl1z70q4/41QRtT11fUErEQ6wlsJg/DYJ5uevtosnpW
+fsBSE3ZNQDVtp1CNkrUfaxl2izYT/rWWZnBkfD41tC1UbdiqqHnidE0Q90AkaDc0
+L3v9LumsJnAX3GqjpWnUq+v+JcKGQpI5hd0sn5f+QA1m2efq1s/ggl8LLX89Wkkj
+byB1zronfOx+lWsq7c1M6FSAAZhOdsvs0JkLAgMBAAGjggF1MIIBcTASBgNVHRMB
+Af8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjB/BggrBgEFBQcBAQRzMHEwJAYI
+KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9
+aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5j
+ZUVWUm9vdENBLmNydDBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsNC5kaWdp
+Y2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1Ud
+IAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2Vy
+dC5jb20vQ1BTMB0GA1UdDgQWBBSUi4n3SHKJ8lFK2Yh75WG1qpzVATAfBgNVHSME
+GDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzANBgkqhkiG9w0BAQsFAAOCAQEAapWH
+tA4Y6l0SUav52bZT6hf53MbTXR3v12UmbkRIXmhz3EEs+UqCF2YvBQfYtWh1oABp
+wM/EVzWyPqf1jFUsRVXJZCfaqgRDMRvw3+ez9Tz7Hmj/ojLHVnMhaO7u733KzCcp
+Hnt4EepFFow2VtEDlNX+TfJKVAglIdrHg44VJ08q0h6gw80apzh6g5+MHn7gSTJn
+Uz8QbAnJu5QRc5r6rypp73gvz/YCC8ZJ1eAGYfHvxa6kMAgxVNHk7VSwnxtEmdWm
+H69U1G1qCmz3ap8693qQG8dfxiOtr3tRIcbQDTYBmWQknOQm0YRsxjyOYnB1bJb2
+J9dzoLR/bM/X0BDzvA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFGDCCBACgAwIBAgIMYT04vwAAAABR03GQMA0GCSqGSIb3DQEBCwUAMIG+MQsw
+CQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2Vl
+IHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMDkg
+RW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MTIwMAYDVQQD
+EylFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjAeFw0x
+NTA1MjAxNTM3NTdaFw0yNTA1MjAxNjA3NTdaMDsxCzAJBgNVBAYTAlpBMREwDwYD
+VQQKEwhMQVd0cnVzdDEZMBcGA1UEAxMQTEFXdHJ1c3QyMDQ4IENBMjCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAM1vwX9RcVaK4nphvMkAeA3/oEnkCR7l
+fTiEWipx0m6XjL6P5Vh+A6KmWleps9+NjCP7WXLQn5WX4hJUf06uAKaQK4I4gMUM
+W12dvDLCeSqYn3zeRWcmQnhbD9LSnElTMc9zXeRn8NT1vSic8zO6lk77Kfp334I9
+Qr5wEXk3aD3qLHfwCGpmWwuYwccBPS/se58BeZfp9V7PB4XzIfCX/WsMJF/mVxCS
+UwuI/WoKoZfnFAG5dVdZGsuqg4inzVvWfhGB9F6KPQkGY0sjJVFMU0tuf0YognU9
+NHCD7Ji6iGsF++uVJs50PjvNtY8RQSWNpgp5NL/1ME84bg4Ehl9lVuECAwEAAaOC
+AZYwggGSMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMIGEBgNV
+HSAEfTB7MDYGCmCGSAGG+mwKAQgwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5l
+bnRydXN0Lm5ldC9jcHMwQQYKYIZIAYb6bAoCATAzMDEGCCsGAQUFBwIBFiVodHRw
+czovL3d3dy5sYXd0cnVzdC5jby56YS9yZXBvc2l0b3J5MDMGCCsGAQUFBwEBBCcw
+JTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMAYDVR0fBCkw
+JzAloCOgIYYfaHR0cDovL2NybC5lbnRydXN0Lm5ldC9nMmNhLmNybDA+BgNVHSUE
+NzA1BggrBgEFBQcDBAYIKwYBBQUHAwIGCWCGSAGG+msoAwYIYIZIhvprKAQGCisG
+AQQBgjcUAgIwHwYDVR0jBBgwFoAUanImetAe733nO2lR1GyNn5ASZqswHQYDVR0O
+BBYEFHPcFW2rROaifurp9vC8yPA2FrtLMA0GCSqGSIb3DQEBCwUAA4IBAQByfI1i
+WRY871GT1nhU9IIkqvL3XpltrlfoymEzahD7iey32yofOH8aPud55eQ27/2EUUUr
+/6e1isjVjTwAnoVL6HAkjpg9zoKs42ivKxv4FXrzm8DdGzbWBsBRie+nY0osrd+B
+ofheQeKpoGIO4NnJZNdVhSH3HM2IqtI+INoMlMGRwj21bLBDKTIHg1ZlsVP76w2c
+2ckxG6iLL0LQHkKdTsY+TfyKnMjeXAryP3Hvmrrlv8uZIGJqwUmYdEtBrKAtvUEn
+BhfBN0WAH/k5lW96h7ZXusOFhIKcb1qTfpLph7qzmfsqSx9g1PUc0ArFYyc/Dfep
+O9/OqIfspIts6Zhn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIEkjCCA3qgAwIBAgITBn+USionzfP6wq4rAfkI7rnExjANBgkqhkiG9w0BAQsF
 ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj
 b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x
@@ -4840,34 +7832,198 @@ bRRYh5TmOTFffHPLkIhqhBGWJ6bt2YFGpn6jcgAKUj6DiAdjd4lpFw85hdKrCEVN
 akcjMS9cmvqtmg5iUaQqqcT5NJ0hGA==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFKjCCBBKgAwIBAgIQChm34x8ah3BVcFedls2c2jANBgkqhkiG9w0BAQwFADB1
-MQswCQYDVQQGEwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1
-czEoMCYGA1UEAwwfRUUgQ2VydGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYG
-CSqGSIb3DQEJARYJcGtpQHNrLmVlMB4XDTE1MDYwNDEzNTAyMVoXDTI0MDMxNzIy
-MDAwMFowbTELMAkGA1UEBhMCRUUxIjAgBgNVBAoTGUFTIFNlcnRpZml0c2Vlcmlt
-aXNrZXNrdXMxITAfBgNVBAsTGFNlcnRpZml0c2VlcmltaXN0ZWVudXNlZDEXMBUG
-A1UEAxMOS0xBU1MzLVNLIDIwMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
-AoIBAQCrlaYRX2v89k8Hd0ADaOfnUcIn7iM6aOXkAR+jp5827ZhDqDyNddF9ZUoB
-gPghGNIrkHbH7qwex39YnI0ka24lCjcwEMvQMPbyPnX/a4RyJ+wEZttmjBl++Ffr
-ZK54L+vD7Dyy4YYB0Og9ktB4qptsDBj+giiv/MGPeGeNs3TacJdNb7+3splTPtPK
-lDfrufvq4H6jNOv9S9bC+j2VVY9uCFXUro8AA3hoOEKJdSjlpYCa51N8KGLVJYRu
-c/K81xqi054Jz+Cy/HY/AcXkk2JkxlpJoEXmcuTkxjO/QE/Xbd+mRJHnq6+HurOi
-KcxKwZCPAa+d+dvRPkbyq9ohMXH9AgMBAAGjggG8MIIBuDASBgNVHRMBAf8ECDAG
-AQH/AgEAMA4GA1UdDwEB/wQEAwIBxjCBlAYDVR0gBIGMMIGJMIGGBgsrBgEEAc4f
-ZAEBATB3MCEGCCsGAQUFBwIBFhVodHRwczovL3d3dy5zay5lZS9jcHMwUgYIKwYB
-BQUHAgIwRh5EAEEAcwB1AHQAdQBzAGUAIABzAGUAcgB0AGkAZgBpAGsAYQBhAHQA
-LgAgAEMAbwByAHAAbwByAGEAdABlACAASQBEAC4wHQYDVR0OBBYEFF11FBGM9KWO
-Qo97skBEo+7WejtyMB8GA1UdIwQYMBaAFBLyWj7qVhy/zQas8fElyalL1BSZMHwG
-CCsGAQUFBwEBBHAwbjAgBggrBgEFBQcwAYYUaHR0cDovL29jc3Auc2suZWUvQ0Ew
-SgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cuc2suZWUvY2VydHMvRUVfQ2VydGlmaWNh
-dGlvbl9DZW50cmVfUm9vdF9DQS5kZXIuY3J0MD0GA1UdHwQ2MDQwMqAwoC6GLGh0
-dHA6Ly93d3cuc2suZWUvcmVwb3NpdG9yeS9jcmxzL2VlY2NyY2EuY3JsMA0GCSqG
-SIb3DQEBDAUAA4IBAQB4/0TLXdtMTnzl8Z810lR3pESCq6ueQRvGPPl2isGe3ldA
-9PhKZ7j6323ifI2ldOdMeU12gd4pzuHXieFC1YhswqXCR1huLNu1KA8PRhgxdOBQ
-1etRSkZTIftMhBgpxot2Tu4G2xKQ7wfetdqnrUQ/u++BuAhuHA2xsma236eQ7z3i
-zoxCOSc+FMpQT/SY9NvKtZlmFEPycxZxu0uWCQtBbx+b/MAYKgq2/vMvLO4lyRqk
-eSRuLMZT4AA42HgggUwL7hWiwedyEqvwq0Sg3e92F2wBff+Xah/WeZBioxul1TRt
-zFcge6BTfF2S0RdbaaOWeXsbNaA/azZ4WrNj1CTv
+MIIDxzCCAq+gAwIBAgITBn+USjDPzE90tfUwblTTt74KwzANBgkqhkiG9w0BAQsF
+ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj
+b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x
+OzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1
+dGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
+b3QgQ0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZBf8ANm+gBG1bG
+8lKlui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjr
+Zt6jggExMIIBLTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNV
+HQ4EFgQUq7bb1waeN6wwhgeRcMecxBmxeMAwHwYDVR0jBBgwFoAUnF8A36oB1zAr
+OIiiuG1KnPIRkYMweAYIKwYBBQUHAQEEbDBqMC4GCCsGAQUFBzABhiJodHRwOi8v
+b2NzcC5yb290ZzIuYW1hem9udHJ1c3QuY29tMDgGCCsGAQUFBzAChixodHRwOi8v
+Y3J0LnJvb3RnMi5hbWF6b250cnVzdC5jb20vcm9vdGcyLmNlcjA9BgNVHR8ENjA0
+MDKgMKAuhixodHRwOi8vY3JsLnJvb3RnMi5hbWF6b250cnVzdC5jb20vcm9vdGcy
+LmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQELBQADggEBAG5Z+hfC
+ycAuzqKJ4ClKK5VZUqjH4jYSzu3UVOLvHzoYk0rIVqFjjBJwa/L5MreP219CIdIX
+di3s9at8ZZR+tKsD4T02ZqO/43FQqnSkzF/G+OxYo3malxhuT9j7bNiA9WkCuqVV
+bUncQt79aEjDKht7viKQnoybiHB6dtWAXMNObcCviQMqTcoV+sQOpKJMvQanxUk+
+fKQLGKlkpu9zKNr2kWdx874JVpYhDCUzW2RX9TtQ04VT6J0xTEew55OJj02jNxHu
+Gijg0YLZtWLNWEXkNDkVpZozXbhuTM6GJKhwLn2rmgRgtFTWUDbeq3YE/7NHu+3a
+LOL51JEnEI+4hac=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5DCCAsygAwIBAgITBn+USnERqsPqc7pMrAdXJpbfizANBgkqhkiG9w0BAQsF
+ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj
+b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x
+OzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1
+dGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
+b3QgQ0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN/sGKe0uoe0ZL
+Y7Bi9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri
+83BkM6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKOCATEwggEtMA8GA1UdEwEB
+/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTT7Mc6ZW7M4dp2mlb7
+nPOGbVflgTAfBgNVHSMEGDAWgBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEF
+BQcBAQRsMGowLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250
+cnVzdC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jcnQucm9vdGcyLmFtYXpvbnRy
+dXN0LmNvbS9yb290ZzIuY2VyMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwu
+cm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYE
+VR0gADANBgkqhkiG9w0BAQsFAAOCAQEAeyHnnDOGsjKqSrdQibquHlGrrtMjqGnK
+/m7dZLQCB/VZxYEp2OhR4I/Lf8s9B9WcaGKvyscPiovgVKhwSr5NzEfhqXQE7YT/
+bbfVBWqRyfTEZ8x44095xFCPErRpQOddBWmPW4byBwnmUeOlS8tFEdYi9PXD38b5
+OY7/j2YRsShyvzKre7+C/8aQBOrt1Q0sfJYDxq4Chx6YWpf1YqikV7DL/AKi2zxm
++Vq+Vx7yntdcKzEDKluFweG0OHAHXy6VoVNeifx0gRks5harEpgtibf8dxDWVuRs
+mWYARW/NX/vSzAG25AaCKROgcXR7gvL9xmDslFGwaO4bgc/Q9IrcUg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFkjCCBHqgAwIBAgITBn+USi+ZU51QWu3y3j7YVwHmyjANBgkqhkiG9w0BAQsF
+ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj
+b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x
+OzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1
+dGhvcml0eSAtIEcyMB4XDTE1MDUyNTEyMDAwMFoXDTM3MTIzMTAxMDAwMFowOTEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
+b3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK2Wny2cSkxK
+gXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4kHbZ
+W0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg
+1dKmSYXpN+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K
+8nu+NQWpEjTj82R0Yiw9AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r
+2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvdfLC6HM783k81ds8P+HgfajZRRidhW+me
+z/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAExkv8LV/SasrlX6avvDXbR
+8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSSbtqDT6Zj
+mUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz
+7Mt0Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6
++XUyo05f7O0oYtlNc/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI
+0u1ufm8/0i2BWSlmy5A5lREedCf+3euvAgMBAAGjggExMIIBLTAPBgNVHRMBAf8E
+BTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUsAzwTDD0BVgCSP0z5VKv
+S4TjZlIwHwYDVR0jBBgwFoAUnF8A36oB1zArOIiiuG1KnPIRkYMweAYIKwYBBQUH
+AQEEbDBqMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5yb290ZzIuYW1hem9udHJ1
+c3QuY29tMDgGCCsGAQUFBzAChixodHRwOi8vY3J0LnJvb3RnMi5hbWF6b250cnVz
+dC5jb20vcm9vdGcyLmNlcjA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnJv
+b3RnMi5hbWF6b250cnVzdC5jb20vcm9vdGcyLmNybDARBgNVHSAECjAIMAYGBFUd
+IAAwDQYJKoZIhvcNAQELBQADggEBAEAYjKahC5+1WtSuad6bxr0iozuII35V12r0
+0D59cm/zWGLHSsoOcn5NK1vM+0zpUo2npQAG5OvmsBKtBQAZVqIhUdDFW06CQhr/
+PERxcFwiNa3FzjJ0eS136pv0GMLKDmMXdpjWNUAcRFMbgHlNNBjoSxTN9SdbD+kr
+WWjAw1wsDfp8B9lZFfOGX4Op9F1WmY80o+K4gTjXFEqyCDfrvrH3+P6dI2to/LTB
+dAezXg033EtLUw69atCLtd8r8TIMAE2IGFt5rHg4sEG6NYPXkOrQqs6JLaFxibKq
+669TfBlcloGLc80dG96ryjpNIzEUtT5Eyc6KIl1Z/I09iBxEWQM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGLTCCBRWgAwIBAgIQC2lX32EvUZClkNylRLd1oTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBGZWRlcmF0ZWQgVHJ1
+c3QgQ0EwHhcNMTUwNTI4MTIwMDAwWhcNMjUwNTI4MTIwMDAwWjB5MQswCQYDVQQG
+EwJVUzEkMCIGA1UEChMbQW5uZSBBcnVuZGVsIE1lZGljYWwgQ2VudGVyMR4wHAYD
+VQQLExVBQU1DIERpcmVjdCBNZXNzYWdpbmcxJDAiBgNVBAMTG0FBTUMgRGlyZWN0
+IEludGVybWVkaWF0ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AMoshHlbl4BvDMuJxkJK7dYBX+XRHRhvsUp+GIGir2tYzlZmbTkZWc8tRxJ/SjBw
+eLO+lMvpbtd+u0rq68c8IRnyYNootzodiG82Rj3/GHgWLCu2HON8RGB/mRlcTlOR
+C5TlNIM4sMb8yovBCCLjFnvXUeF+rdyQk+StrxFhn8628r0gnr8EPTxuQN3U1gUP
+f6v3/OScHtjUeVV8qQdKurCkTRN2+FmuIp/mgQXK/M1iFZ6l0fT0zGVfbTPK9XPo
+MpWwE6jnX8rrJoPljmGbn40NZZjh+pmw+gLnrjSWGbb/ZDOqITWsSorBxQpt379y
+fzjGZOMT+Oi96CRh4v+M0hECAwEAAaOCAsMwggK/MBIGA1UdEwEB/wQIMAYBAf8C
+AQAwDgYDVR0PAQH/BAQDAgGGMH0GCCsGAQUFBwEBBHEwbzAkBggrBgEFBQcwAYYY
+aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEcGCCsGAQUFBzAChjtodHRwOi8vY2Fj
+ZXJ0cy5kaWdpY2VydC5jb20vYWlhQUFNQ0RpcmVjdEludGVybWVkaWF0ZUNBLnA3
+YzCBgwYDVR0fBHwwejA7oDmgN4Y1aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0Rp
+Z2lDZXJ0RmVkZXJhdGVkVHJ1c3RDQS5jcmwwO6A5oDeGNWh0dHA6Ly9jcmwzLmRp
+Z2ljZXJ0LmNvbS9EaWdpQ2VydEZlZGVyYXRlZFRydXN0Q0EuY3JsMIIBUgYDVR0g
+BIIBSTCCAUUwOAYKYIZIAYb9bAACBDAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3
+dy5kaWdpY2VydC5jb20vQ1BTMAwGCmCGSAGG/WwEAQEwDAYKYIZIAYb9bAQBAjAL
+BglghkgBhv1sBAIwDAYKYIZIAYb9bAQDAjAMBgpghkgBhv1sBAQCMA4GDGCGSAGG
++VsDiiEAATAMBgorBgEEAYLBWwABMAwGCisGAQQBgsFbAQEwDAYKKwYBBAGCwVsB
+AjAMBgorBgEEAYLBWwEDMAwGCisGAQQBgsFbAQQwDAYKKwYBBAGCwVsCATAMBgor
+BgEEAYLBWwICMAwGCisGAQQBgsFbAgMwDAYKKwYBBAGCwVsCBDAMBgorBgEEAYLB
+WwMBMAwGCisGAQQBgsFbAwIwDAYKKwYBBAGCwVsDAzAMBgorBgEEAYLBWwMEMB0G
+A1UdDgQWBBRLMi6n/ZVnJtWc2K4lDAwEKE1xrTAfBgNVHSMEGDAWgBRGCDhaqY4g
+uwyvXjG6ibMov6yMNjANBgkqhkiG9w0BAQsFAAOCAQEAlaoM5Wie2apx2JGQbbK6
+TGzGoRJZdMEDdlgOkh+kmPUNjil25kjOoo61RLmCi37OgPuNcoeTmxCO9RSRQBoQ
+KRFREhAcyfXMl7ZFjPLTQ1XqUBSp3P6CCwHIIhqIsS6WCmgbEdy6Feab5YDs4ydR
+uBerQmVebmukeC659zsV4b4J5T6jD8L2q/f8iEO9OMm8Do50RI05EAZ2ImRaAc7J
+8bjZaQC6wscxiVR1twIlHBn2EFlW+lBc2K7pXhBwZOHXKArGPuAA9VN1jCPAjhnB
+Fsi9ossVjOUnoPOXPf1TZHkMXJIyXJ+M+Jq543NxcDsubtkVb8LvMxZ+rxd/88B+
+Uw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEdzCCA1+gAwIBAgIPIAYFFnADEO88nsbcTPkNMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xNTA2MTAxMzMzNTNaFw0yNTA2MTAxMzMzNTNaMGIxCzAJ
+BgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEfMB0GA1UECxMWY2VydFNJR04g
+Q0EgQ2xhc3MgMiBHMjEfMB0GA1UEAxMWY2VydFNJR04gQ0EgQ2xhc3MgMiBHMjCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOLCbShzd+XMXNZfT5ydhBz8
+YfRgPE2Dnd0tQ2VmiFIcZmAwZXY8WRdHoYbgZ+lYzlb06vSQWdXW6Q8rhAz6xY1T
+ONAln1vozA/DLGjMSt81uVVpo8Y/uj+vg7atmKm/wA9bCbmFw4ZqNha83VsZNlDh
+sAPlbjURW3XfPMNTaKVgkMR2RkN1bnFry0Si8hj8X4s0wx+nCve421qWg3weeLeJ
+PwO140kb8m6vEKjkkGYtl00Memw3461f1twjIBBVyMvnSkbQq6w4msK0CUf+2Jy1
+8rScT4HJH7v6Zg0Et5QTzjceyyisAMu1HvUiXiBJzXrNBbEUecdRdjjQWi/+RcsC
+AwEAAaOCAU8wggFLMGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDov
+L29jc3AuY2VydHNpZ24ucm8wMwYIKwYBBQUHMAKGJ2h0dHA6Ly93d3cuY2VydHNp
+Z24ucm8vY2VydGNybC9yb290LmNydDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1Ud
+DwEB/wQEAwIBhjAfBgNVHSMEGDAWgBTgjJvbJUmz8XyG1rJChwvQa6DZ5DAdBgNV
+HQ4EFgQURURbBiGqKAiGKa4Jz51Cf1JCexkwSQYDVR0gBEIwQDA+BgsrBgEEAYHD
+OQEBAjAvMC0GCCsGAQUFBwIBFiFodHRwOi8vd3d3LmNlcnRzaWduLnJvL3JlcG9z
+aXRvcnkwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL2NybC5jZXJ0c2lnbi5yby9y
+b290LmNybDANBgkqhkiG9w0BAQsFAAOCAQEAqf73ZzINq9uEZb47X22nGI3JumQM
+MZUqmxaNPvCfUBSDwiviZywwFk6gF8BEARUKcekYoQ4u5Jya3xL4ucAhBOZnWRNI
+CvR8alte5sWEh5mnATep/ygl91qOZUlECLaombvWXL0K/Aq9NDOJ8ruU988PjqEY
+6oEps8aATtX3HivuQyfbOIwJeSQuXJxVe9orEmAhASnNe10QjN1QGL2NjAN6/uog
+ZIGnb20ubapsIoSDxihBAEn94xSKmsLJDUWHtXc9JEVCQ0IUPKnDpXyimELu6CQl
+vtLJsMRGEAJet7mbvobBNqNcinURml5/AogW958bDPfmP7us7bgYxQvxjQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEizCCA3OgAwIBAgIPIAYFFnADEVSazYKcRyS3MA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xNTA2MTAxMzQ1MDdaFw0yNTA2MTAxMzQ1MDdaMHYxCzAJ
+BgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEpMCcGA1UECxMgY2VydFNJR04g
+UXVhbGlmaWVkIENBIENsYXNzIDMgRzIxKTAnBgNVBAMTIGNlcnRTSUdOIFF1YWxp
+ZmllZCBDQSBDbGFzcyAzIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAwvDg3+dNAm3aON+edf/2+mNhSHBAskfPoIn+6qeYO5S5D5xGXgnSzwwNszBl
+v0wbb5SEFQ3Ndv0FFf10b7EGTwXbpUPnni0s4eJ9neDY+c8IysxhESSnp9mIzkq3
+T9gktKLU3pZpxxHzre5bO49fjsBV7pebUpVJPRz3k6cso0ZqrhgWavCR+WdeQqte
+13IeVtKHcheIr3RL1mdki2uU30LSabELAn37ToQFGhBBBccfQ5QDs4tXIfBGHhKa
+8aNoKn0yHG010ss+nYZixuSDcXDzVxwGQeGPecAm+1kLoUVKcUcPn6R9U7bE7ldW
+5rqfeqp76mUToF9Fz9HyukHnxwIDAQABo4IBTzCCAUswaAYIKwYBBQUHAQEEXDBa
+MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5jZXJ0c2lnbi5ybzAzBggrBgEFBQcw
+AoYnaHR0cDovL3d3dy5jZXJ0c2lnbi5yby9jZXJ0Y3JsL3Jvb3QuY3J0MBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFOCMm9sl
+SbPxfIbWskKHC9BroNnkMB0GA1UdDgQWBBRQNJ5Tdrlt0rcMHpCDdVruy3QYijBJ
+BgNVHSAEQjBAMD4GCysGAQQBgcM5AQEDMC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93
+d3cuY2VydHNpZ24ucm8vcmVwb3NpdG9yeTAwBgNVHR8EKTAnMCWgI6Ahhh9odHRw
+Oi8vY3JsLmNlcnRzaWduLnJvL3Jvb3QuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAG
+1HhtiaZUmm1jERljbfTEr74U6BblpQA44Mg/XVs8OXt/xBcpu1uVb887MRgi+8V7
++Ja8BSaEwFGBadKk7/61e4JBOfOYn6L5uhBwDCa8zuwWazoUfL5gwQSi3IjTcDoj
+0D97mb4p+qEDTzNy9UpfsrAxzcWdqmKTyQ9nku22qO09ZlCE+OXFOKN+NhKv3Ecd
+CozxdDVBCOP7j4JiUzTJGbrs4NPBK4s969VqWrRG58qUnsU8qvKb+Ce3MOMtVCdQ
+GLfDgVEKCP14V2VqBA3aSnpwGAhwVUvoi1v8QYg6chNkytH7NQAt/9YoyXF1v8oG
+H/3oT4zo5p5Ncb+TE2Tm
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEmDCCA4CgAwIBAgIPIAYFFnADEkP3bl2oXqzzMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xNTA2MTAxMzU0NDJaFw0yNTA2MTAxMzU0NDJaMIGCMQsw
+CQYDVQQGEwJSTzERMA8GA1UEChMIY2VydFNJR04xLzAtBgNVBAsTJmNlcnRTSUdO
+IE5vbi1SZXB1ZGlhdGlvbiBDQSBDbGFzcyA0IEcyMS8wLQYDVQQDEyZjZXJ0U0lH
+TiBOb24tUmVwdWRpYXRpb24gQ0EgQ2xhc3MgNCBHMjCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAL2MtzscYFdc+pReRBwdrw2BkEjasFEOBFsPUTV5ELhi
+0fCi063qHS182aw9xF7cbyBYWoPZnzXD6CKDXl/Evd0RwF3HSXwqKfE4sAhOEglw
+tO6YpnXuoRUaPeJ1wz0HJQoxWWZXvy09y8LzxzqfVe2y/dlytZxGvTxc8N/XBUVZ
+xc96ey2+URlG0ZFzqK6OIZSEPlyi1ZnILTH17xA3DY0l7cbCaqjz0DvTIWOxLZvm
+VL2coSyZjLskHHVQQWqM8A47HtVGVpE2nba/m13NEth51wu6fLsvOaU0SKo0voEy
+RWPPwKXsZHQpPUXhS/YzFUYHKSBqSzCzHwJ3Kp815gsCAwEAAaOCAU8wggFLMGgG
+CCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuY2VydHNpZ24u
+cm8wMwYIKwYBBQUHMAKGJ2h0dHA6Ly93d3cuY2VydHNpZ24ucm8vY2VydGNybC9y
+b290LmNydDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAfBgNV
+HSMEGDAWgBTgjJvbJUmz8XyG1rJChwvQa6DZ5DAdBgNVHQ4EFgQUP8E0mzn2Zd6G
+MX2rNegZc5Xe8FUwSQYDVR0gBEIwQDA+BgsrBgEEAYHDOQEBBDAvMC0GCCsGAQUF
+BwIBFiFodHRwOi8vd3d3LmNlcnRzaWduLnJvL3JlcG9zaXRvcnkwMAYDVR0fBCkw
+JzAloCOgIYYfaHR0cDovL2NybC5jZXJ0c2lnbi5yby9yb290LmNybDANBgkqhkiG
+9w0BAQsFAAOCAQEAsedon8cBLcUaYMgy/tvwCGM54zvNSZ4U7IQ699Do3sbMx5MJ
+hBA72eUp4qEAFhUMHJ6NcydHbvCnAJjmYtyVM0RSzyzspRavsO+Rj9GDqBN8DEDZ
+qjUKvSnXAeJNCeFQaeOmWkcGlmIZXwKRl+4Q2MgoZTKVBmKpASreKrooXCS5709c
+1CxWAeIdQaRHVok19odFKAtX5iInfCk2/eXqstDGSTFVx8otnRnDf6C9MTA8hMnL
+10KXCYaS3UKky3RWW8tWEy9FZq03lSxuLoskkhG3MBZKW07Cm4zRoTa1+cbuSbgR
+lbr7/mlaYcMYumcIsujI2xR2oG1cZ8TVj2M34g==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEzDCCA7SgAwIBAgIQESfqNkHGNiMyR3PVI3KyAjANBgkqhkiG9w0BAQsFADCB
@@ -4925,44 +8081,748 @@ TqY3Cp6TXodb6ZDWqLZlCI1hSeuDIKldGxZgYmsvVPtaAg16J+JL4QUUwuTp+XDA
 nPvdJAq9WZFKQgM4EnEyiHagjny7Mu+IKhvUam9QuVJni6sw+h/94ySa
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIE2zCCA8OgAwIBAgICBQUwDQYJKoZIhvcNAQELBQAwRzELMAkGA1UEBhMCSEsx
-FjAUBgNVBAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3Qg
-Um9vdCBDQSAxMB4XDTE1MDcwNDAyNTM0OFoXDTIzMDUxNTA0NTIyOVowdjELMAkG
-A1UEBhMCSEsxEjAQBgNVBAgTCUhvbmcgS29uZzESMBAGA1UEBxMJSG9uZyBLb25n
-MRYwFAYDVQQKEw1Ib25na29uZyBQb3N0MScwJQYDVQQDEx5Ib25na29uZyBQb3N0
-IGUtQ2VydCBDQSAxIC0gMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDZg1SLDPcrEPCNofZXrcUExEVs+zUacwDQz10y21V1vUdYrxdGT7uHd+R4op+T
-LvHdO5XN2ZOrRToJGJm6eZ9NatySMIro+qk7+D1m5eWckWKff4yelYiRjEzp61nx
-A0zNMrSc2ZGISNAA5azMk3qGTOFh/3VWMq3PuavOTaEsN26rUeqXK5XhCI4UOxul
-tUFSTqBYDNL/L57R/Txaj1expbJRttCwN2uK3Nw4lnPF3D4uznJrmkFP/YhhjIU/
-KhSJueYUCvZaucrAxrf1aQj6+XDGCbo1iJ+1xsKH1kwtQqWHH/23t44tabr6YLT1
-NREv+pcGk0S1yQ4EDmVQaxYtAgMBAAGjggGgMIIBnDASBgNVHRMBAf8ECDAGAQH/
-AgEAMHwGCCsGAQUFBwEBBHAwbjA+BggrBgEFBQcwAoYyaHR0cDovL3d3dzEuaG9u
-Z2tvbmdwb3N0Lmdvdi5oay9yb290L3Jvb3RfY2FfMS5jcnQwLAYIKwYBBQUHMAGG
-IGh0dHA6Ly9vY3NwMS5ob25na29uZ3Bvc3QuZ292LmhrMDgGA1UdIAQxMC8wLQYE
-VR0gADAlMCMGCCsGAQUFBwIBFhd3d3cuaG9uZ2tvbmdwb3N0Lmdvdi5oazAOBgNV
-HQ8BAf8EBAMCAcYwWgYDVR0jBFMwUaFLpEkwRzELMAkGA1UEBhMCSEsxFjAUBgNV
-BAoTDUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBD
-QSAxggID6DBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsMS5ob25na29uZ3Bv
-c3QuZ292LmhrL2NybC9Sb290Q0ExQVJMLmNybDAdBgNVHQ4EFgQUTO93rSNK1kVI
-KNeYLP4hGmX0Sh0wDQYJKoZIhvcNAQELBQADggEBAG/nEjQMPvW/Vyzp6/ETG20H
-Ks8J/G0hdgstQDNEoF7bNuT4P4E83xWqhvBmGBZiMSs7/XGUGlAO2hYqiR8B71bj
-+Db9NjCybYcbKO7bn2PzQU08cdp/UpruIAbpLTJMf92fjZn+LskCujCULNWN7y16
-gqR16pBYIfsa151eo2sDC+OU/d3xqldsVWZGKnAJNVWsjI1fIexA7ICkezfberZh
-j0XyoDMjgTl9vAe18kz28dED8PJcs2SVECO3DEBUWdEJdPzb7cl3ipSXqlJqsWbu
-0GNdXkQ4bZtsimLO37yMmvJ8CZBDgBFjmXJ2M/daFnC9FuwkNd+FyMvwJLokF8A=
+MIIG3DCCBMSgAwIBAgIQYcLU1PaprndVkma5ja/WITANBgkqhkiG9w0BAQsFADA7
+MQswCQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xGTAXBgNVBAsMEEFDIFJB
+SVogRk5NVC1SQ00wHhcNMTUwNjMwMDk1MTUzWhcNMjkxMjMxMTA1MTUzWjBNMQsw
+CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNFUkVTMRsw
+GQYDVQQDDBJBQyBSZXByZXNlbnRhY2nDs24wggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDCO7E+oUYbuTJaWkEQtIFgcRHD/kHavy+XBFdfCdUzDh9w7Yq4
+kYckBPW/YU1QRa4v35HbajEMCs4cyLnoJy8Wyzq7qrSwmNHhMYDjtGywJXbCo5SZ
+VbIwyagWig8Nb/x9Y5WGWIY76E9agPAoEYOxOG8h1J6ipNoBbq0R+4N4ODaq57AB
+Y7mUSXb4WgjoVg4WxxZw0GGLuc8R1idoX1G/VqxvNymeCZ7o1bEwbs7X3NhRsK21
+w3ju8pkUNZXN6Pkflh9qIslOLiokKbiDwwAZE4nvU//B8Q8FLYk1sgTQTLET2EQZ
+308FlECRp3i6Ay4iezc0Yd3FKIDmOxCdDUcDAgMBAAGjggLIMIICxDASBgNVHRMB
+Af8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU3FCWn9cxickR
+5O+WX/ZfglJGYlMwgZgGCCsGAQUFBwEBBIGLMIGIMEkGCCsGAQUFBzABhj1odHRw
+Oi8vb2NzcGZubXRyY21jYS5jZXJ0LmZubXQuZXMvb2NzcGZubXRyY21jYS9PY3Nw
+UmVzcG9uZGVyMDsGCCsGAQUFBzAChi9odHRwOi8vd3d3LmNlcnQuZm5tdC5lcy9j
+ZXJ0cy9BQ1JBSVpGTk1UUkNNLmNydDAfBgNVHSMEGDAWgBT3fcX9xOiaG3dkp/Ud
+oMy/h2CabTCB6wYDVR0gBIHjMIHgMIHdBgRVHSAAMIHUMCkGCCsGAQUFBwIBFh1o
+dHRwOi8vd3d3LmNlcnQuZm5tdC5lcy9kcGNzLzCBpgYIKwYBBQUHAgIwgZkMgZZT
+dWpldG8gYSBsYXMgY29uZGljaW9uZXMgZGUgdXNvIGV4cHVlc3RhcyBlbiBsYSBE
+ZWNsYXJhY2nDs24gZGUgUHLDoWN0aWNhcyBkZSBDZXJ0aWZpY2FjacOzbiBkZSBs
+YSBGTk1ULVJDTSAoIEMvIEpvcmdlIEp1YW4sIDEwNi0yODAwOS1NYWRyaWQtRXNw
+YcOxYSkwgdQGA1UdHwSBzDCByTCBxqCBw6CBwIaBkGxkYXA6Ly9sZGFwZm5tdC5j
+ZXJ0LmZubXQuZXMvQ049Q1JMLE9VPUFDJTIwUkFJWiUyMEZOTVQtUkNNLE89Rk5N
+VC1SQ00sQz1FUz9hdXRob3JpdHlSZXZvY2F0aW9uTGlzdDtiaW5hcnk/YmFzZT9v
+YmplY3RjbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludIYraHR0cDovL3d3dy5jZXJ0
+LmZubXQuZXMvY3Jscy9BUkxGTk1UUkNNLmNybDANBgkqhkiG9w0BAQsFAAOCAgEA
+pS/HpvFq3S42VmjXtoNVxdh+m1/NdjoWVY6M2o9c+UZofrZWbaiQ+aNOn6/+Qf/L
+Zk41jD+nEa/O1GkPyAineYtjyW6Ae7ltVPIVIWQa3fALcgyN7s/U31qPooU7Zv7a
+5mghpxapWHvtL9yxpLjrtGsZD32qysIJ2pjDqJa5WeWVKF2RS1zy6Bm/9JzlxzTC
+H03kivP5ltp+cHik/KzJZ+HgPv6BLwO+OYrJ19vGbPuDGgOj7uJTG3XQIlZchTlt
+gCmNRPKs/HOGOyDmWxm07FmrADQ1NWag3gjoH8xcfAlp9aBnm/UXFJuAkGOq8ASr
++A5dpJeDP/rlKphDdxJpG5YKRwRSb7PnAccstmGxynL+K/0ofxAhbWqC6z7KeGyZ
+BTeVIilPhp+xZzJnvFVBjN6s2j7W3+esQkiT4SdY9RN+c3tBuWF54UNc7YVe6KVT
+jzkpev9szp6vUNQ+A45i2KGXRLN6/16nA9fujzITRWmX4tOGABo0aL/wBrf3Po89
+gvZwZRaVQ9Bw/KfEF8eZDhA1MgQKSPJLSXSl58elHGFLUR2CQMGl+mgfPB0qZUUk
+RG/RYpZLocczAz6pfkxA3Mt3DfIyVtA/YJ0O4ZYpdbH9zdJZI1RQEWmFrMOrEAWm
+GIG0SmNpARqOPJsTQJomUcvd3EvA7so2LzLJ+Sjj2So=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFDjCCA/agAwIBAgIMDulMwwAAAABR03eFMA0GCSqGSIb3DQEBCwUAMIG+MQsw
-CQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2Vl
-IHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMDkg
-RW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MTIwMAYDVQQD
-EylFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjAeFw0x
-NTEwMDUxOTEzNTZaFw0zMDEyMDUxOTQzNTZaMIG6MQswCQYDVQQGEwJVUzEWMBQG
-A1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5l
-dC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAt
-IGZvciBhdXRob3JpemVkIHVzZSBvbmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRp
-ZmljYXRpb24gQXV0aG9yaXR5IC0gTDFLMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIEjTCCA3WgAwIBAgIORsdODEh3IULjetdRFS8wDQYJKoZIhvcNAQELBQAwVzEL
+MAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsT
+B1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNTA3MDkw
+MDAwMDBaFw0yNTA3MDkwMDAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBH
+bG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRHbG9iYWxTaWduIENsb3VkU1NMIENB
+IC0gU0hBMjU2IC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj
+wHXhMpjl2a6EfI3oI19GlVtMoiVw15AEhYDJtfSKZU2Sy6XEQqC2eSUx7fGFIM0T
+UT1nrJdNaJszhlyzey2q33egYdH1PPua/NPVlMrJHoAbkJDIrI32YBecMbjFYaLi
+blclCG8kmZnPlL/Hi2uwH8oU+hibbBB8mSvaSmPlsk7C/T4QC0j0dwsv8JZLOu69
+Nd6FjdoTDs4BxHHT03fFCKZgOSWnJ2lcg9FvdnjuxURbRb0pO+LGCQ+ivivc41za
+Wm+O58kHa36hwFOVgongeFxyqGy+Z2ur5zPZh/L4XCf09io7h+/awkfav6zrJ2R7
+TFPrNOEvmyBNVBJrfSi9AgMBAAGjggFVMIIBUTAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0OBBYEFKkrh+HOJEc7G7/PhTcCVZ0NlFjmMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMD0GCCsGAQUFBwEBBDEwLzAtBggrBgEFBQcwAYYhaHR0
+cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIxMDMGA1UdHwQsMCowKKAmoCSG
+Imh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC5jcmwwWAYDVR0gBFEwTzAN
+BgkrBgEEAaAyARQwADA+BgZngQwBAgIwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93
+d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEB
+AFKs5a+Ip4BlvENQ6LeK7b20Y3QyVEvopj8DPN6g/qEQBbQLcsK+MoELOV1C2sEW
+9e1Dzx2QE41Lpy/njl981Uo+t+I4PtjLJ2HfMXndu1n7dHjUzpFfZZTMXY63lIp0
+7Bq3C9wM2Skr2bhTgWDdQIIFGfR4XM/GZW8AFL6leE0v0B2LDQYRbVoBJwEYI403
+p+6Vq1L6jKEpctjwZWAllFvaJPNBwC3m4fDtEOV1zSBXvAzzLnR/6dcqU8Gv09mm
+9+xq8dFOAhDXK8Z+LvxJBs2oQ+YPmdh4n7LE2xreHjd+BiZ4f4ligqhv4rEccVTS
+k9PO2ofNurNPMjJ4NcNnPb8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGAzCCA+ugAwIBAgIQcIhUNIlA7DKW9cdlJelVRDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTUw
+NzE3MDAwMDAwWhcNMjUwNzE2MjM1OTU5WjCBgjELMAkGA1UEBhMCVVMxCzAJBgNV
+BAgTAkNPMQ8wDQYDVQQHEwZEZW52ZXIxGDAWBgNVBAoTD0JsYWNrQ2VydCwgSW5j
+LjE7MDkGA1UEAxMyQmxhY2tDZXJ0LCBJbmMuIFJTQSBDbGllbnQgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY
+RCwJsBjVUn0hhlywkan0YTZHCG4UGEPYAmWeckD4l3yUeR9RQA3t81aOKqI6uWDC
+0LcbRVHRikMEjdYLTS1H1esCLORWgLA1in8U3p9w46Hu48Dwmvrqqw/+pPwYREYy
+4+K+giT3mJZ4yqVu4/Jj/1uuc9cLuHU52EbFdavZwCGiN1j8g2dbnRNx0QE8aU4g
+IE5BDCG1XobodGHmL6dKfbIKJaiiAITNyNQxKY/O5bQ+T5ACuImLbnQ1CuEsmYmm
+aWN6GeKDQ7nCXqxc/dD5O4X6Od94icKVcUd24KuhEfoA7yiim+rEh+Va3BZq37Nt
+4Wyvlhou7rcOY0clA3+/AgMBAAGjggFrMIIBZzAfBgNVHSMEGDAWgBRTeb9aqitK
+z1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQU3wYPY/tUXkbNRf7jjLtERgp0WUMwDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwIGCCsGAQUFBwMEMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAjUwUAYDVR0f
+BEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT
+QUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/Bggr
+BgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFk
+ZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu
+Y29tMA0GCSqGSIb3DQEBDAUAA4ICAQBuTsgQ6Rhs9rW/Ax7LeBxVHz7aYkqoPv7A
+U1VR2vs6dnAZva/EuruLmWr/6E1AdyD0jkZeVLgD5Xe2HDbTpXX1oLvMWlxMpgW7
+0pZd8kLhzSvcx5y7na1Qfie5gDzVWG3xCkTSiCc2mtMrIKDF0MTq29tfutDH3bCH
++VaMR43+WCbcqOnOzzoObP/HSXtSJ4B77bSh9Al19UaXv/vEOJKgJGZNgypJEQFV
+2p6YIFyzyrlMc8rxWdtEYZzDvMxmtfBsO84noEcWYNrIfDiE1fcqpYRvZy/B1/Nq
+Z4XN0ezr6TfKysk96N46Jf9iFsorG7Rgo+ZxAA7aiN3GwWLxghvKYsEpd3IVomBv
++EfUUGXhG8D6JKMPMfAK1lDu+873k7bthgGm4/k4hsL//7ZTxqQwrOzgJx+pQLvx
+iHGGhvciDDSP7qMMEvPihHGZ3+TKOIKsKGD3F5gVMwq2oSMjrrXleMVY23EDgsxA
+RDsHl9MkX4yiQve/1COLiKxKfy7aQnY67HjmpY7MOILcE8XZVtZ9fY69bVAEp5wc
+FLL1ASrKLCgLa8tKcwZuv9cyBdIYZfIXj3d3dtcJyI6ibK9f1ijYeW4TH0LSI59R
+sCGk8SHOAyypyYevmx98LUPQfUicLc2L8/ZdNe6aLrFTlyaDCSAI6R9vxk+T3Q9L
+VVZN9Y3+Qw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFqDCCA5CgAwIBAgIQTWEN67iDALBpE6dVpBtLRDANBgkqhkiG9w0BAQwFADBu
+MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDEWMBQGA1UEBxMN
+SGVlcmh1Z293YWFyZDEVMBMGA1UEChMMRW5zdXJlZCBCLlYuMRgwFgYDVQQDEw9F
+bnN1cmVkIFJvb3QgQ0EwHhcNMTUwNzIzMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjBu
+MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDEWMBQGA1UEBxMN
+SGVlcmh1Z293YWFyZDEVMBMGA1UEChMMRW5zdXJlZCBCLlYuMRgwFgYDVQQDEw9F
+bnN1cmVkIFJvb3QgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCI
+30D/tpNGe4BRbDR3GTKVPlKCEwrp8l9AT59ZjF33CaKxKJAlxNnZvw0YzrNdeI0C
+vWpJW0z5eGsekROZBI+VEABdMIEwkM5877Mo0CCvCrNlQOg2B3XVBIC0pgcVscsq
+dpgtsOmTkes01/sxNU8rmP/Lixx6WRqyRVpcpbyG0QJEgmS18laFLD0ScXgZrN5x
+i3KJ2lxwbml3MH0fvKYaBRJE9DOvFBxy4IHIecm2ZGeHBdt8B7+CLXwRrvBCgZgi
+CV61arPyRInvgRTY4gTDPs94UeAL5+hRM4VyBZbZgpwQnz+nZjQ9do9eKJccs+jn
+D+IkBNJb1GeOxQtHPOMjb3U67unElM6oVC2DMe6EyvWHlqFWkAUl13tLsglg/4EZ
+Xrfg4kSSWBEGfH4kX6rpGvpFG9nFiOnGT1/qBfZqoscWRPxLFOW34UQjNBvexDeq
+PgEdHijdOzE1RiGpCGLN2zL3//BZ0OXvPGocCV+Kj78QqhzM7I8kzfDSaaRhrCQv
+B8pLDFxiiy/eUNUS5R42AuVIHYVUBOMsgAX9ex7lPMhGzkzI/s+P5muHVF93OUdS
+nNrZPpzfcgKT3RGcEJArCAGYsaxGd5f5l07TXIuv2EVWS+tD9+0eZfjEVOkodC7/
+56F8iigrN8lwVnoexUGTlSDKT2XXAm0U518gfafO/QIDAQABo0IwQDAdBgNVHQ4E
+FgQUiNSY6vpmUPiThd9gS5f+L6kw3VAwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB
+/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBADceZHoy8e5bbwkRFr8XtCloGg40
+k4mmsVAtIQ9RdWeUWdGx5zdocwxlM88Ve5btEX31hNCLVijXyPVt3G0453XVkZze
+/xxEi9+ZnmAIa4gVZDvlpJJ89e9L2hr5Lti4xJ3EocVJRYaM1bSSEdtgrKpLOLo2
+aVJMbjQxcdurCAMfB5b8VrE3XucrtO5oprCu+ow8l2nssLiKgmG3QX/INjV6DpW9
+Aa8ILVUeXrDJN2GmTIYgPXPC/Gx1OSPUMpj00pnzZBPxOhbIYQ0bmghUirXA0G2X
+BJpGFAmPH5wpa8gU9T5Qal8X0UrcFu1bhmtnxkWbo3ATy5jNktmlfbjlmwyxtnl0
+jdnXtrwREdfRjdHbdI30X1XKk9Opaam8xkjkrXN8qlR61Gutwg4zdgAAmOZq24Bq
+r7tr0FPXBDpMvWNF5nd1PotaM3Lh6PaLwvPWTcUvIMFoFq0v7h3kULqIqi4gud8L
+xO9A5aKZZuv4mwl8JPSJj1KcF6Ptz6BjVOzCkJJodQTA1YTC6wyLVm0jiROvrNsg
+XtWb2ZTemYR78ymE3xd5rq/oDTLs+SXCItNZKGkZ6g6zf4D0XSwPDG55L5IHChX3
+9RXnzeprzmkMF71xKEJxuEQhvAS3KbMbGHhQvVVagOQo4bHC69i6pPLN+ApX/zPP
+aHLMvBaQwsVTWox4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgIQAZ7Bxr0/WXuyDDM45VHYdzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNTA4MDQxMjAwMDBaFw0zMDA4MDQxMjAwMDBaMEsxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJTAjBgNVBAMTHERpZ2lDZXJ0IENsb3Vk
+IFNlcnZpY2VzIENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR
+rfaHFHlUJ1fHLwVoPJs8zWfsRRAshPKkR8TZU0JFCbvk/jPB17xGL9GL5re1Z3h8
+anC+/bjltlTPTF6suCJ0c1UpCHPIZPfQlQkOeYNQv1/11MybQmGOgAS5QarOThKZ
+m6zWxb5bAnO1FqSrcWLUmOpAOYWm9rsv6OeHwov2nDLN7Pg+v4nndCOCS9rqv3Om
+JTz9v6nlaP/4MKJgxzsuo/PFfzs7/Q8xoXx0D9C/FMS9aPGl52un35sAfkYlTubo
+E/P2BsfUbwsnIEJdYbw/YNJ8lnLJfLCL//lIBVME+iKvt81RXW3dkHQD8DNP9MfA
+PlZGR69zIIvcej6j8l3/AgMBAAGjggFaMIIBVjASBgNVHRMBAf8ECDAGAQH/AgEA
+MA4GA1UdDwEB/wQEAwIBhjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0
+dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8v
+Y3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDegNaAz
+hjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0Eu
+Y3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3
+dy5kaWdpY2VydC5jb20vQ1BTMB0GA1UdDgQWBBTdUdCiMXOpc66PtAF+XYxXy5/w
+9zAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTANBgkqhkiG9w0BAQsF
+AAOCAQEACCnEyKb+tDgo96MZZ4zqBTsOS0BiYh48FMYF3DanTzJxRgVegB1ca/Bt
+bdkhdgu9RsS5ZpdN/4AUeodphLLW/8kWcL6jzIshre5cjSStwo+Z4MyeigkDuA+a
+tVuQKyr316UvSmWoxOTFx3GplkZPq21LKhbL8ak79h8hObTrrWAEgpsSv96r0kYd
+DA07dgL5C9XOU4VCeylNRtGLzWTsIRZPLwFDWNFl7Vyl+0Sg0lDo3mbEtjGehzMD
+sMnGSxLnWzWU2UbOMeu/uPaeC4SFgiJWxCOEVOdSMwwlyxrsRFUPY5Zys80ZXn4O
+J4XVpOqw4qXcBiklkOjOLOnp0Hzvzg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuDCCA6CgAwIBAgIJIrmw4dJJbVfEMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTUwODEy
+MDQ0ODI5WhcNMjUwODEyMDQ0ODI5WjCBjDELMAkGA1UEBhMCSlAxJTAjBgNVBAoT
+HFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNFQ09NIFBh
+c3Nwb3J0IGZvciBNZW1iZXIgMi4wIFBVQjEqMCgGA1UEAxMhU0VDT00gUGFzc3Bv
+cnQgZm9yIE1lbWJlciBQVUIgQ0E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEA1wdiK3zK1kAesoeWXMKKbNwI+XUgENS5nLKgJJuLcwCp38AGQjikW1ab
+jHOl/JFk9qgHTBAjpJRwWJ6oGqVd+v2/0g9xRKNU0PlUoC4z6gh6nkmmYSdloKzt
+ViGy7y9Y3IRiprjhHKi39SK/SgHKloZv5Wg6cRv7XozDJGKtv+OJnN1PsmDMXkmN
+BQoD+wuIj/4hXdzZutebEUzHxxku4nJ3pPgE5d8ReMkCpTDCNC+eRTkYWdaMJMLh
+5O3vcgttWWUPJqIvP5HGDkMqIBLJXSTq7zH5W4tp6TmqQEHUlDAM8DQE0+OSpdRT
+QpVu/jc0jg+5Vb1hFhWW9nbm0AOLcwIDAQABo4IBSTCCAUUwHQYDVR0OBBYEFIk5
+QWSR6UakFlkH8iuvUn99S9qSMB8GA1UdIwQYMBaAFAqFqXdlBZh8QIH4D5csOPEK
+7DzPMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMEkGA1UdHwRC
+MEAwPqA8oDqGOGh0dHA6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJv
+b3QyL1NDUm9vdDJDUkwuY3JsMFIGA1UdIARLMEkwRwYKKoMIjJsbZIcFBDA5MDcG
+CCsGAQUFBwIBFitodHRwczovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0Mt
+Um9vdDIvMEAGCCsGAQUFBwEBBDQwMjAwBggrBgEFBQcwAYYkaHR0cDovL3Njcm9v
+dGNhMi5vY3NwLnNlY29tdHJ1c3QubmV0MA0GCSqGSIb3DQEBCwUAA4IBAQBeIizP
+GGZp+keyHfEcQZXL+wbKNOoUASTIJ+bMrI6WyXLqC48fVL/b9pVTXr3ntqxuZ0W+
+JvcLFk+5wQKjKCaTR8nP8LPMcglWcJZuuqAfQ6d/Evbd09ZvZbJfVVwfOPMuEFya
+53pcsLUKbiHjfZCQp26LWxE1KDSJ3rww5Eoa2uUEYoZcTTK/4JKWOaGtHRSD9l7x
+kYWpnned8c6fIJz1q10jmbymS7GhHB8k2Q/vTdNKhhlCdNi8bsrPz0NuNEcNbBqK
+i85pLszzo9na1fK3miQniu+ck8tF75g0ACp7wF8qrKCZrWRzHueOADfEU1+HPiEJ
+/PlWJYKd19uTpg84
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE+DCCA+CgAwIBAgIRAPb2HOSjY1uwyoqs7vyy0PAwDQYJKoZIhvcNAQELBQAw
+SjELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9u
+MRkwFwYDVQQDExBTZWN1cmUgR2xvYmFsIENBMB4XDTE1MDgxMjIwMTcyOVoXDTI1
+MDgwOTIwMTcyOVowgbgxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhJbGxpbm9pczEQ
+MA4GA1UEBxMHQ2hpY2FnbzEhMB8GA1UEChMYVHJ1c3R3YXZlIEhvbGRpbmdzLCBJ
+bmMuMUAwPgYDVQQDEzdUcnVzdHdhdmUgU2VjdXJlIEdsb2JhbCBFeHRlbmRlZCBW
+YWxpZGF0aW9uIENBLCBMZXZlbCAxMR8wHQYJKoZIhvcNAQkBFhBjYUB0cnVzdHdh
+dmUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6D45slgLGq8
+2G/NPFnuFscv7UM1eRoQyx3h0DdSTfoRvHkkNv4Gf6OudZDOXqwV86v/SjcNEP87
+njMOEqQ7dKQPtiYzEkK0MOrjbRySFC5dvCTI9T8tnBgFpYA9YXwbpUqXxEi0Ayoq
+hA7UQhS7Q+YGrVwZaJ6LiWrQw+x8ACPLqEvPmMZhrxagKwrsKbylMsAQ1ljk8X74
+J76TSxi/AZpxos7tHD0XbO8elXFZexfsgPLDRpMs6jREVeQj1jVCWLtg9twiXzcI
+aUCchBsTSc92WGkKwBnH70dlL2N8kT/BNe3tAsXuBpZRILANY59jLrLnHEJNfado
+t6ZpougolQIDAQABo4IBaDCCAWQwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4E
+FgQUx33qXRmrVNT6P+ZKc956sjwdbC4wDgYDVR0PAQH/BAQDAgGGMD0GA1UdIAQ2
+MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3NzbC50cnVzdHdhdmUu
+Y29tL0NBMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jcmwudHJ1c3R3YXZlLmNv
+bS9TR0NBLmNybDBsBggrBgEFBQcBAQRgMF4wJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
+Y3NwLnRydXN0d2F2ZS5jb20wNQYIKwYBBQUHMAKGKWh0dHA6Ly9zc2wudHJ1c3R3
+YXZlLmNvbS9pc3N1ZXJzL1NHQ0EuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
+BgEFBQcDATAfBgNVHSMEGDAWgBSvRATCQX5Ig9tOOQLs7IR65s7JpDANBgkqhkiG
+9w0BAQsFAAOCAQEAkn/4wKQRLo41fDRkZtfF+3o8JtUmfQXf2zoo9Ll29hhCiz8k
+BOpIek9MrFd/cdNgUw1nckIi+J3udyFrbO5p64JBvtc0K4kAOPFSKpHssFcnRLPx
+FXgGxXq6ohD4Py+xaEApslYFfMy89N6DKs/v/10/+/xD831RFEUMUoQxBimsmmNf
++cLoMwF5bpoSz9JcWqCmSlK0Nla1dPphaoA/MObLN2iQPpeM3yF5dTUm1tPxe39W
+Olr6nLU1xO+yRDrlGLXrVDP1l1/qGVuwi+xufIAcdFycLLBjSSNX7LOIK3tbva7A
+WctLUs+qhIlUrbPyFERm7YOY4SttWdozeYFNfg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFMDCCBBigAwIBAgIRANPVGcKy61xwQPZMvJV7vSwwDQYJKoZIhvcNAQELBQAw
+gYIxCzAJBgNVBAYTAlVTMR4wHAYDVQQLExV3d3cueHJhbXBzZWN1cml0eS5jb20x
+JDAiBgNVBAoTG1hSYW1wIFNlY3VyaXR5IFNlcnZpY2VzIEluYzEtMCsGA1UEAxMk
+WFJhbXAgR2xvYmFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE1MDgxMjIw
+MTczMVoXDTI1MDgwOTIwMTczMVowgbcxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhJ
+bGxpbm9pczEQMA4GA1UEBxMHQ2hpY2FnbzEhMB8GA1UEChMYVHJ1c3R3YXZlIEhv
+bGRpbmdzLCBJbmMuMT8wPQYDVQQDEzZUcnVzdHdhdmUgWFJhbXAgR2xvYmFsIEV4
+dGVuZGVkIFZhbGlkYXRpb24gQ0EsIExldmVsIDExHzAdBgkqhkiG9w0BCQEWEGNh
+QHRydXN0d2F2ZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9
+AAbj9SknrNJT9pDatGvlR386KRi0SkqIOGr+C5W91+8E8PqydEHwjrnrWt/MTLGO
++2kfEO3TEJlWxQQqbHy8SdhjCANefLzOT1cfTfjroWBIS9yiHpBIQytAaz/td95Y
++JKrRBVCnIR/wB5qMMQ982RWwqggD763XLma0c1AIndsZL+dXp1zET4KBreoxn3q
+RYzMIsZIL2mAJoiCOTYuOGrOMVuaQn0HSu3K7bU+CpkdLQ/j+ikcQiI10IL9oOcO
+U9Gnt/hRyUX66Gk91RIpYXhla2tIYrg7ezrAnFoZIZCb891JjFtbSEOvAAK9F5d6
+fkkjPx0432o/v1c5GRFPAgMBAAGjggFoMIIBZDASBgNVHRMBAf8ECDAGAQH/AgEA
+MB0GA1UdDgQWBBTFzrk7QkXAzQnlaOhIOoNdbI6rGDAOBgNVHQ8BAf8EBAMCAYYw
+PQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vc3NsLnRy
+dXN0d2F2ZS5jb20vQ0EwMgYDVR0fBCswKTAnoCWgI4YhaHR0cDovL2NybC50cnVz
+dHdhdmUuY29tL1hHQ0EuY3JsMGwGCCsGAQUFBwEBBGAwXjAlBggrBgEFBQcwAYYZ
+aHR0cDovL29jc3AudHJ1c3R3YXZlLmNvbTA1BggrBgEFBQcwAoYpaHR0cDovL3Nz
+bC50cnVzdHdhdmUuY29tL2lzc3VlcnMvWEdDQS5jcnQwHQYDVR0lBBYwFAYIKwYB
+BQUHAwIGCCsGAQUFBwMBMB8GA1UdIwQYMBaAFMZPoj0GY4QJnM5i5ASsjVy16bYb
+MA0GCSqGSIb3DQEBCwUAA4IBAQCA2N/WVTGYRGNTuvF2qKWPrQUx0/6pKmGqELl6
+NXs1bwRXCci98SkeNjiaa2dHEwcGR43/M1Y0nekXP8QCEFVqGOwaY0pnTb8wL+CI
+/HTp1zfmoCYNvtzt1fIq/+9ynLYEjX8rsrf51HIEjJJK8K3k/Ub3cFT+yJKNN2YN
+JS0IvJYlbpqS6VbcInwLcW7WvJmXUuL7t0Vtt0d2q1h5UdnJQP+skiOmN/B0zPut
+bRC4v5pNGJJmwbk58UlOSeviH2qzDGutamOJ6dFNWqQFoZorAT7fUsr3WDA4HKtx
+eraYdCIRJX7weW9xpdMNsVO7Wy/Ma7Fz9fzKnOH5mnInBOof
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCBEigAwIBAgIQAsGuxj2AxcWkuCHrNM0t/zANBgkqhkiG9w0BAQsFADCB
+yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMTk5OSBWZXJp
+U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
+ZXJpU2lnbiBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5IC0gRzMwHhcNMTUwODE4MDAwMDAwWhcNMjUwODE3MjM1OTU5WjBcMRYw
+FAYDVQQKEw1DZXJ0aVN1ciBTLkEuMR8wHQYDVQQLExZTeW1hbnRlYyBUcnVzdCBO
+ZXR3b3JrMSEwHwYDVQQDExhDZXJ0aVN1ciBDbGFzcyAyIENBIC0gRzMwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe8BidNYO+DWekeA2MkRizK5f49n2O
+MGhNJmrs+UGA+rSb9uMj+kfneGoOQW1/D0MyGK2eJaf0FSWx9ToxKaj49ZD0aZF1
+9IFmbV5OZONiCASPbDx530xUBwBXoizRXpKAtGxgjeW0Y9ELnFNyLwXNpUks5vgU
+Hk0ZYf2yJtDqEHh++KJKKBLgh1aZlSohgFxzFjqlj0etqOVkLV1/RwnaW/g5s0m7
+hEvcBVDSmOjRpSrVtd5U7XeKxoUFx7m9zR3feDots37b0dXRH+PxTqqXn5tNYhHo
+MX0PX3jEtmVIHfx5XOToB251IKAfPHjMs9xtrG/QJY2wRRqeqpqQXxqhAgMBAAGj
+ggGtMIIBqTAPBgNVHRMBAf8EBTADAQH/MBgGA1UdIAQRMA8wDQYLYIZIAYb4RQEH
+FwIwLwYDVR0fBCgwJjAkoCKgIIYeaHR0cDovL3Muc3ltY2IuY29tL3BjYTItZzMu
+Y3JsMA4GA1UdDwEB/wQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRQWZm
+U0NDMi0yMDQ4LTEtNzEwHQYDVR0OBBYEFOYB4Us3dtaiDnbznXLMlvfLHajOMIHw
+BgNVHSMEgegwgeWhgdCkgc0wgcoxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJp
+U2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE6MDgG
+A1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1
+c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFy
+eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczghBhcMtJjF+YRSnnsKbZUFt6
+MA0GCSqGSIb3DQEBCwUAA4IBAQBzd4BRctJGfaHTdauoZKGqna8jQeH0A2YPRWjW
+V/Rzhyw+KzDNfSA2g9BJOrx1EmoeefFlqSeFq10GZlDKUgTEH3CCio9oVIpGf0mO
+iQqcV9QSpqs7QHzGOwrW9r9xYQSps31vuiR13YSjochnEKomBREN0bC07OztErdu
+QR0oPN93ZWddCYFOem6M3mem9DZ5rTsCVwLJNAk2dbC9RFb2nCpg9P6G7S40I07Z
+wnPGZ/84eUkLM0bmrUCjDrj2Uw9dA42L4MgpjjkxB6Hci9um22B/TIPPajKTwoQB
+DHLPraSq9CD4iqPl0FzaI69uDLOqYyGI480QVf7zZl0xhr5K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEizCCA3OgAwIBAgIORvCM288sVGbvMwHdXzQwDQYJKoZIhvcNAQELBQAwVzEL
+MAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsT
+B1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNTA4MTkw
+MDAwMDBaFw0yNTA4MTkwMDAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBH
+bG9iYWxTaWduIG52LXNhMS0wKwYDVQQDEyRHbG9iYWxTaWduIENsb3VkU1NMIENB
+IC0gU0hBMjU2IC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj
+wHXhMpjl2a6EfI3oI19GlVtMoiVw15AEhYDJtfSKZU2Sy6XEQqC2eSUx7fGFIM0T
+UT1nrJdNaJszhlyzey2q33egYdH1PPua/NPVlMrJHoAbkJDIrI32YBecMbjFYaLi
+blclCG8kmZnPlL/Hi2uwH8oU+hibbBB8mSvaSmPlsk7C/T4QC0j0dwsv8JZLOu69
+Nd6FjdoTDs4BxHHT03fFCKZgOSWnJ2lcg9FvdnjuxURbRb0pO+LGCQ+ivivc41za
+Wm+O58kHa36hwFOVgongeFxyqGy+Z2ur5zPZh/L4XCf09io7h+/awkfav6zrJ2R7
+TFPrNOEvmyBNVBJrfSi9AgMBAAGjggFTMIIBTzAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0OBBYEFKkrh+HOJEc7G7/PhTcCVZ0NlFjmMB8GA1UdIwQYMBaAFGB7ZhpF
+DZfKiVAvfQTNNKj//P1LMD0GCCsGAQUFBwEBBDEwLzAtBggrBgEFBQcwAYYhaHR0
+cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIxMDMGA1UdHwQsMCowKKAmoCSG
+Imh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC5jcmwwVgYDVR0gBE8wTTAL
+BgkrBgEEAaAyARQwPgYGZ4EMAQICMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3
+Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQCi
+HWmKCo7EFIMqKhJNOSeQTvCNrNKWYkc2XpLR+sWTtTcHZSnS9FNQa8n0/jT13bgd
++vzcFKxWlCecQqoETbftWNmZ0knmIC/Tp3e4Koka76fPhi3WU+kLk5xOq9lF7qSE
+hf805A7Au6XOX5WJhXCqwV3szyvT2YPfA8qBpwIyt3dhECVO2XTz2XmCtSZwtFK8
+jzPXiq4Z0PySrS+6PKBIWEde/SBWlSDBch2rZpmk1Xg3SBufskw3Z3r9QtLTVp7T
+HY7EDGiWtkdREPd76xUJZPX58GMWLT3fI0I6k2PMq69PVwbH/hRVYs4nERnh9ELt
+IjBrNRpKBYCkZd/My2/Q
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGNTCCBR2gAwIBAgIQDhF/NeaFyDd8ln/gbIzQ2TANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBGZWRlcmF0ZWQgVHJ1
+c3QgQ0EwHhcNMTUwODI1MTIwMDAwWhcNMjUwODI1MTIwMDAwWjB9MQswCQYDVQQG
+EwJVUzEiMCAGA1UEChMZUXVlc3QgRGlhZ25vc3RpY3MgQ2FyZTM2MDEhMB8GA1UE
+CxMYQ2FyZTM2MCBEaXJlY3QgTWVzc2FnaW5nMScwJQYDVQQDEx5DYXJlMzYwIERp
+cmVjdCBJbnRlcm1lZGlhdGUgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDYtxBfW+5AsCKKqrpsObrlimrBWGpORJztpwwoHJTsxlLTLxWfAD0m6yHh
+XwlnqjGqjXXwR9LyV+ZjjxWh7hxfTv1WPMnDQDAkz1bDRq8Tt//CYiFfdeczxPGq
+a/uNZJXFihHC6IMzfClc3pQLCvAH4t2oMhp5+Supklbv5vlFZIMTXhHWEXd1++NX
+YR+/6plXOPBkCxxCFp0jPufPAMawgvY0CwXH3/W/lNc24LOJIhi58JQHjj3qu0re
+LM+lXQhpqmhJyOJxpwNfFNyUQie+m5xELL8IA4PtbovJi+QHRFwFdtyKC5sfMrFX
+4b1nt3+0bh+1Zdz8E4Yv9fZVXy05AgMBAAGjggLHMIICwzASBgNVHRMBAf8ECDAG
+AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjCBgAYIKwYBBQUHAQEEdDByMCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSgYIKwYBBQUHMAKGPmh0dHA6
+Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9haWFDYXJlMzYwRGlyZWN0SW50ZXJtZWRp
+YXRlQ0EucDdjMIGDBgNVHR8EfDB6MDugOaA3hjVodHRwOi8vY3JsNC5kaWdpY2Vy
+dC5jb20vRGlnaUNlcnRGZWRlcmF0ZWRUcnVzdENBLmNybDA7oDmgN4Y1aHR0cDov
+L2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RmVkZXJhdGVkVHJ1c3RDQS5jcmww
+ggFSBgNVHSAEggFJMIIBRTA4BgpghkgBhv1sAAIEMCowKAYIKwYBBQUHAgEWHGh0
+dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDAYKYIZIAYb9bAQBATAMBgpghkgB
+hv1sBAECMAsGCWCGSAGG/WwEAjAMBgpghkgBhv1sBAMCMAwGCmCGSAGG/WwEBAIw
+DgYMYIZIAYb5WwOKIQABMAwGCisGAQQBgsFbAAEwDAYKKwYBBAGCwVsBATAMBgor
+BgEEAYLBWwECMAwGCisGAQQBgsFbAQMwDAYKKwYBBAGCwVsBBDAMBgorBgEEAYLB
+WwIBMAwGCisGAQQBgsFbAgIwDAYKKwYBBAGCwVsCAzAMBgorBgEEAYLBWwIEMAwG
+CisGAQQBgsFbAwEwDAYKKwYBBAGCwVsDAjAMBgorBgEEAYLBWwMDMAwGCisGAQQB
+gsFbAwQwHQYDVR0OBBYEFFaQGmv59EKaZKYHLxUk7owoDipjMB8GA1UdIwQYMBaA
+FEYIOFqpjiC7DK9eMbqJsyi/rIw2MA0GCSqGSIb3DQEBCwUAA4IBAQBpx8Sb6qgF
+Q68Zkgs1ZCH7rtPwkCctN3JyjFObh/HlBgHOUT/ypz7s8wGmngGkzUJtNbLHsPMr
+HBg26Og3GknkFpExhpLNFICHlaQwvofn2R9JFthwK/tXnJdWizOxbXMMbIXErJtC
+mCeoyjesFv4f0fvaYpnyQmgMGVTM8PV35YVuvFgxAUnXfLBMguVSGQ7G91uqhGDG
+16dd4Ze7aLAmXDPfSS2rKB9dKePsvpb+q1/TwrVIO1TMXqNK1iiSpLVEY0D9aet9
+2UvvdT1/JgXILu+O35aE9FEmNtJrYB24/o0qkEnpgF+klDWlCxOcbS1P6mdB4mkr
+H6BqsyQ0XO+M
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuDCCA6CgAwIBAgIQC9E5g/AsZUQf/kndVg5eLDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTUwODI1MTIwMDAwWhcNMjUwODI1MTIwMDAwWjBeMQswCQYDVQQG
+EwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFTATBgNV
+BAoTDEdvb2dsZSwgSW5jLjETMBEGA1UEAxMKR29vZ2xlIENBMTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALqWMezVPbG3lsUiEggEQRlDY/2CplKaBcZz
+PnBcFPfEJt01pPkJJG4Fje0nAagRyh6sB7ejmb5IQhG1dw+wtog5JzPK4iXUeOX/
+Zg8x1IjtdgB8samqOeD60hryLpAQsVNATvFFfM4P2QxVKETy+uD5PcVpXfU4c5cL
+bOgYugpI2ehzORIhYoiHDkr8fLRiB3NP53AQY7KKf3HkSuuNeUXlyqchRxBKh+Nj
++uF6xnQ2ElZYtI2YVA0KBwgo2cSKQGoC2DOaa8lb3VgRk7x+J9I9LszyDPK4gvl2
+Mhyp6VvyYGq4FwAwULyEcETcBLr3701WuCSJT4QmMDKOKi84cb0CAwEAAaOCAWkw
+ggFlMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHkGCCsGAQUF
+BwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEMG
+CCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRB
+c3N1cmVkSURSb290Q0EuY3J0MEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmw0
+LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcmwwPQYDVR0g
+BDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0
+LmNvbS9DUFMwHQYDVR0OBBYEFBV/772J7ryuGhmJxSredhbMJsZuMB8GA1UdIwQY
+MBaAFEXroq/0ksuCMS1Ri6enIZ3zbcgPMA0GCSqGSIb3DQEBCwUAA4IBAQBFZSzB
+naSkqUajv9RZ2J8kfmzf3BOAZRjeJCBmcQhU14Spat+Q7bFHoTQZWF07VKPEBdj1
+egZxdWF4Y/AAYrmX91N2F7AS+h9iI3gQdKVyJLDGxL09QPqaulVtt+ltXPU0KtQy
+B5czZGzvwKfmD/UCI/aen2VQnRy83weQzgDfxv+zVMb/75sUguaVxXiLaH73Fs7F
+qUK6uyhnkKFf+b5xZ0dvN3tYSDE7UH1KQHd1nf3iY1l7mz8oTQPRz0pXAF3KCilo
+cPgNuFf41ExruL+sX7fwWok2rlzrIzHxqnYYiMZnDw1abrGKDw15ohTG+cZCjpJf
+l4NzPnfo6QDWgin+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE3jCCA8agAwIBAgIQDot1JBtVD+9YhruupOzhwDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTUwODI1MTIwMDAwWhcNMjUwODI1MTIwMDAwWjCBgzELMAkGA1UE
+BhMCVVMxGjAYBgNVBAoTEUZyZXNlbml1cyBLYWJpIEFHMRswGQYDVQQLExJGcmVz
+ZW5pdXMgS2FiaSBVU0ExOzA5BgNVBAMTMkRhdGEgTWFuYWdlbWVudCBJbnRlcm1l
+ZGlhdGUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAsTa9wSQ/MxPgpqAWbDCeyYohY8vHnyZ9e2kJQ92/AlPp3tM9
+mWL4mvRUzju36KjQD3ROy4mSzmsaQB6uE40YBFTrWIamsPdzHWVcqgN6PX2vo7F6
+/VULuVENy1sjvzrcN382M4bsfX6R/mFtl9obz27/t4cWI6OEefGRMx40hshEKOgO
+SPf7maZHiGrxYMQOpWDO8b5ykXK7bWn8bCb1HqPQBRCzUhcYoRmAA37q/EeduHRo
+qbST+Yd5xMQy8saer4tKECNOdRyXhclllXi0HrpW5+6gM8tDWRqlRiCEyQh3FlsR
+NfeonYJ/bCrI2POAKKASeDOnDVYmz/8i8tZ2QQIDAQABo4IBaTCCAWUwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYweQYIKwYBBQUHAQEEbTBrMCQG
+CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQwYIKwYBBQUHMAKG
+N2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJv
+b3RDQS5jcnQwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQu
+Y29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUd
+IAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAd
+BgNVHQ4EFgQU19+Smg5KuLe5cAm9dmcyd1fJLx8wHwYDVR0jBBgwFoAUReuir/SS
+y4IxLVGLp6chnfNtyA8wDQYJKoZIhvcNAQELBQADggEBAArt1LlZs57P3ANdV14L
+7GtYIoTp+17Bny9bGetmAe6fAdRmz/bFc7klhouqCyO9lbHH9BlsPUUPbeiGlj8l
+VgZBSRb0BfrMUNMbHPpd3X2k6HHONv7UENrwpgQqu4p4dF+2Dt659B+52HLsWKSS
+MyGfOrnbd4ZoU7iWYg2UthBjNGmc5f+XycTgUi2i9Az0oSIX+nuwTEvvbdAVOitR
+ZltfawJoXfnXeJ2AhXho1b/fHFBfSSMurYH9dOXn/1mBghWe0jvBBlxbfOD1HvwZ
+Dw7OMg5JVKYKcgyCtrPkYjkDXtavY6AsOV0Are3cdWqcdrfTSaDTQ5nrYxtTx3AZ
+tWk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFtTCCA52gAwIBAgIQfgr3g+MTaN10FgQg4sbqcDANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
+VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTUwODI4MTYxNjE5WhcNMjUw
+ODI4MTYxNjE5WjBaMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MRAw
+DgYDVQQLEwdUcnVzdElEMSUwIwYDVQQDExxCb296IEFsbGVuIEhhbWlsdG9uIEJB
+IENBIDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8XLrPqbKqC4Z
+4F7FV3zZF5hB2UiVXjLqRT2u4bR5JZ2AliajNwjyQRc3/6McRgM68+W3ML78opun
+5QXyv1c91Vxgova50IxIRE3Whc78EcbQ7PvXZVVq3LmCtA/RuG4D+NpAopl1wNql
+UG42zjsuqXO6T8NECBI7MnA8kCFhFPv/wRj/jloEtfXH02x6Tksqn2QYf8IXcpCK
+QFHnYpAucwnwaJimsjD3j9joFv2/Gg0aNO1Bia1gBQuU2ZT0uMBNu7ggb5ET+CZK
+hPft87ivigWczSeWII/RtlzKAHwQbZyjHAMBaYE+OdqujRmixDXOmo9ymmbKr5jw
+nqtvv3QsbQIDAQABo4IBhTCCAYEwgYkGCCsGAQUFBwEBBH0wezAwBggrBgEFBQcw
+AYYkaHR0cDovL2NvbW1lcmNpYWwub2NzcC5pZGVudHJ1c3QuY29tMEcGCCsGAQUF
+BzAChjtodHRwOi8vdmFsaWRhdGlvbi5pZGVudHJ1c3QuY29tL3Jvb3RzL2NvbW1l
+cmNpYWxyb290Y2ExLnA3YzAfBgNVHSMEGDAWgBTtRBnA0/AGi+6ke75C5yZUyI42
+djASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdIAQ8MDowDAYKYIZIAYb5LwAGATAM
+BgpghkgBhvkvAAYCMA0GC2CGSAGG+S8ABgoCMA0GC2CGSAGG+S8ABgpkMEoGA1Ud
+HwRDMEEwP6A9oDuGOWh0dHA6Ly92YWxpZGF0aW9uLmlkZW50cnVzdC5jb20vY3Js
+L2NvbW1lcmNpYWxyb290Y2ExLmNybDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYE
+FIw9VAnEgAqhSyeJsjnYHPPXyhWVMA0GCSqGSIb3DQEBCwUAA4ICAQBZV3e+iiSw
+mwvtypFv/zHoZpfDt+psnNIU8SivDTTgzVoZmRnhVrDN0ow9h0A68Up/SvLZYXMf
+lFepyvpkBmk0bzLedG671LwPSQn0F2FVlbg2dpCR7lkSL7aXfrpoeUAfJwe4GvU3
+kF4yTApNxC/xHkRtMmlzb5J4A+unx7ov1xuDyWenZ6ZIRp4rogDvmOwrmb7IBxJb
+/aNvS11wjiGJBHmXrJTReNracU8A0XWZCeMxjins5tt8Yxf/zOC58GH43dTf+tED
+gN+TpoCNek4XMKL+PqJzfoxzRBkjk3CegHq66qVchDtEJ60UHOhLt2mv0Ky1ex8I
+6ztPr5ePzmPEEWUM9iavVjKsva4EN4lIgCQ0MDJYbS1gb6mIDKlIiC1Z6Q3D0dBG
+p+P6zutWiNzzjmFjFt04pz/GZ9HOfBhRw1o8nxx9c9u8aG6OVyKjyStKOk/3Zpa7
+ZVIoWvJQo2dBr50FuhY3DHQ7okm34ShAJK2xWCuT/QuaeyYW0CKo4nrXgfW5d0sB
+Iwavec/sg+dR1xUmeIxXaGcBd2b25TTzDdj1HKVs/LSFL5toakS8ALEPvmGMkX07
+fbWBz9dG/IhO7duTZ6B1bSu6DX3U3SOf47HyUH4GW+gQtGgF931KNmoXz6YWNq3k
+pHO7W0CJqRlTvW0qosYXft2SZAIQLf86HQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF/jCCA+agAwIBAgIQZ1HpbrpcDjMNkiFvPDVxBDANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTUwOTAx
+MDAwMDAwWhcNMjUwODMxMjM1OTU5WjCBiTELMAkGA1UEBhMCVVMxCzAJBgNVBAgT
+AkdBMREwDwYDVQQHEwhEdW53b29keTEkMCIGA1UEChMbU2l4IENvbnRpbmVudHMg
+SG90ZWxzLCBJbmMuMTQwMgYDVQQDEytJbnRlckNvbnRpbmVudGFsIEhvdGVscyBH
+cm91cCBSU0EgQ2xpZW50IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAg3cP5LUjYtfpRUPZkZl4k6E1uQ5MlpHHg3Wr+zjzfs2TBg78hOOsv3CasnBd
+5YHT2a27nd/474NAWQo8lxWKwaIIhaswWLWNkQm7QhjKv0BUeAf5iwOs+t03Quaj
+aZ4lzN6jMT4Bt3mg23FtxSf2mpLoq2ewLuvF9sIaY80tzt0H5rRMLWrNdahw792z
+ZLGBUxm6bYDMEdS8vC/asXhjXR3TherhMoAGtaGObrQPfsq0G2dKrtDQQUp6+7S3
+fDAvDvlKI9OaAgsaYa2zRdbWT0Oe6Zy9zShVlGMWZ+03GID+hC/DvsY02U2BmZmN
+0qeoj9FwUA0Hk+mvpnlAFr8otQIDAQABo4IBYjCCAV4wHwYDVR0jBBgwFoAUu69+
+Aj36pvE8hI6t7jiY7NkyMtQwHQYDVR0OBBYEFKm2lXUEATbSlI+M8+pDJMVnVEDL
+MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMCBggrBgEFBQcDBDAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgI3MEwG
+A1UdHwRFMEMwQaA/oD2GO2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JT
+QUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA7Bggr
+BgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQWRkVHJ1
+c3RDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAN
+BgkqhkiG9w0BAQwFAAOCAgEAL2G/JPA/ZiwoZD3MAmfKFkv1H/qtxRn4AZkkVycD
+tyx3u/a+MdKMd7qDqRnvKEQpP+Z7XSzK6UNgl+SVwggd0USDWZnhEi9ZvzuTIFKT
+r6uV06+UqDFoc7iNLDo+RFBZxw7uwJLZqfOE7wIvGhUi6xi/3ipy29iEAOLY7YFi
+VavW3DHZdbS5Ywz+jFBj0wjS6rpk+wvfz6LH+YRbb+62Y2HI1FLk9QGCTge1b5I4
+2Ljfro1tIzCaRukC2pPcv3ktEPtT9wbvGiZY3GOWbBsZpTRYyxUUeOLZSpXWQ9zB
+4mnXUUBURAtTCWFZnWxme12/k8svYLu7Ja5+NppSJA5hTcigUodKTzNKprpZsKSx
++VyKQsBae2U/ykiSUD2Npz4yTTWCG6PWm7qQW6kp6mKFAJxvBRCGmatfua3MX7lF
+kPLvJI5rVuo2kTT3UR4ku08w6A2/iXDLqoI/KgN8/JfsgDCSwYYdbGp0R0O9BdWp
+XRfudseoUrxb9Jd9MUpT8VD7wy0FscjKf3dMfNRpaRNYo8soSl14BYxcAABK3FB4
+NMhyYIbW/F6QNMqTQHj8BqRiE1Z+aG43tJLMao8rSgzsu3p+ojp4VprUvDuQvYpN
+ZYSOrhu+7381SCtKe66wbbdKABIa570SvOqqwCfTHVWGSlvd1WFk1EE8GraXZy4S
+tvg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEWzCCA0OgAwIBAgIIdGzXjVnp0YAwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UE
+AwwVQXRvcyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQG
+EwJERTAeFw0xNTA5MDIwNzUzMzdaFw0yNTA4MzAwNzUzMzdaME4xMDAuBgNVBAMM
+J0F0b3MgVHJ1c3RlZFJvb3QgQ2xpZW50IElzc3VpbmcgQ0EgMjAxNTENMAsGA1UE
+CgwEQXRvczELMAkGA1UEBhMCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDJi30L3rFjK1bnqJ480EB/hCFXOFwXpagBJ+Y9ip4CfzXwoyAuXHfZkQYp
+MAR+cV50g1uYN6ansIczodOg103SOe2jnk+rrjSVnYNwxgN8Z3NGDveprOvgNu8a
+WDb2GxQWjVhNUYMWsnp4fJw7vPIExgB80ogp3s72R6rLCZfSMN5tL+JjTKqmhpli
+brBFdoSTh1M7GfXEqSSLZv1RgmcmgYeR7LSEPzzKcM/ardyQptLmR7JR7Vuy17O2
+rEMBkQZWSiA4gx4nSygEkJabf03fsb1I6RlmSYnfOTxulD4+kgyVJF3+oJghzJ9j
+p7pL85KN6MY8fvaBs7cWc0d1ip1DAgMBAAGjggFNMIIBSTAdBgNVHQ4EFgQU2M1w
+2wYiB/y5E2t5Oe893Vx11/wwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBSn
+pQaxLKYJYO7Rl+lwrrw7GWzbITAYBgNVHSAEETAPMA0GCysGAQQBsC0FAQEBMIHL
+BgNVHR8EgcMwgcAwPqA8oDqGOGh0dHA6Ly9wa2ktY3JsLmF0b3MubmV0L2NybC9B
+dG9zX1RydXN0ZWRSb290X0NBXzIwMTEuY3JsMH6gfKB6hnhsZGFwOi8vcGtpLWxk
+YXAuYXRvcy5uZXQvY249QXRvcyUyMFRydXN0ZWRSb290JTIwMjAxMSxvdT1DQSxv
+dT1BdG9zJTIwVEMsbz1BdG9zLGRjPWF0b3MsZGM9bmV0P2NlcnRpZmljYXRlUmV2
+b2NhdGlvbkxpc3QwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQBr
++Rf4GAApAH/Rn1UijJtisayl2UHV4TaVURQcNBWrR1hx8yY2xOE8DbxZ7cv96DC/
+5xrXVP8l7vWrM7bsyxHCieDyBt/d30KmiMgBCqLvli6qyST30Stvna154OxTb8e6
+TjgwJ8t+q8QNesXdEQ61Zrp9zSJjfL9AsedQl86BxtBQxQJykT0wDqw689M94S1M
+uowDLCe4sWU+AetHFYSU+xRZKc6cFM+nEBrcUatW+6dWy6BkRYsGl+CCyF9E/ax2
+ysb2Es6Vq/VYgk6zeKI4d56CYs2kG3UXLvILITKB97somRCdHHSQ7+MoQDIijcvl
+DCY/uf9P5D4Yrk5hLyh9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEhTCCA22gAwIBAgIORwexAPQYIkNOwFuMe38wDQYJKoZIhvcNAQELBQAwVzEL
+MAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsT
+B1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNTA5MDQw
+MDAwMDBaFw0yNTA5MDQwMDAwMDBaMGAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBH
+bG9iYWxTaWduIG52LXNhMTYwNAYDVQQDEy1HbG9iYWxTaWduIERvbWFpbiBWYWxp
+ZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDiUIz8j3FQnCTMQDJdH3nQlA180FEmDPeU2dbN4kjIbdTbc+foy1GA
+legvc46R/8tlh5yAIIpGoW368BeaUv9pY95mhXPOBzVp2IbqN4139fOtDlM1UqPo
+rLDi0SLaDrdF3bmdw0NU8cEYpROCXu5Er3fN7HDt2f5QBpF1ZHO+WgjNAuRZl7H+
++572vb5NKtxheC+C8DZR4MRtImvPjQrhCWamkmOV0F1A3nuW/wgm0WIKiCeZ9iob
+l1+kbn54y9jIioSZMNg43Qj7z5EbMVEjyhXBLP3IjKni+SWH7oLPK7XlqOxSGmkc
+Dz3h+mhGySsFvQ4Cph0pQIHKvQtDBbnzAgMBAAGjggFEMIIBQDAOBgNVHQ8BAf8E
+BAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0OBBYEFD2AgnnFSIKjwxLu35kPVzVIntDLMB8GA1UdIwQY
+MBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMD0GCCsGAQUFBwEBBDEwLzAtBggrBgEF
+BQcwAYYhaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIxMDMGA1UdHwQs
+MCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC5jcmwwRwYD
+VR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2Jh
+bHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAar9p9zzVq
+dFGRIMbEu0FYLpsML3Z78O81dJlpYv2bh6X1+q/62MiUHsNUef/Byf+o7P1KG/3Z
+vI6ZIr3B3aop7uUqb9gPG616tbQce3/I1ukYPHKQ4b0p9hOXP913kQi6YH+oMtfv
+IPjEcsSQ2dFbiKRlJCb/emPGngAH+9dNn6iADHco+EbJ5VfJX9tAzEU377mVpLhT
+z3aPBMnnDSgAp/I7b5YXo0bYM8fzdbG0aKL4Ilfpis8AzUiamco+f4NtwZlGYaim
+2HPen8hyjP15cQ2Skv1k0PFzc7n5R0guScAySHneog5HvRsUY+tXbUSzmpnLLzHm
+90QIeZiDU9Am
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEizCCA3OgAwIBAgIORwexAZoMV605s+F9qfkwDQYJKoZIhvcNAQELBQAwVzEL
+MAkGA1UEBhMCQkUxGTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsT
+B1Jvb3QgQ0ExGzAZBgNVBAMTEkdsb2JhbFNpZ24gUm9vdCBDQTAeFw0xNTA5MDQw
+MDAwMDBaFw0yNTA5MDQwMDAwMDBaMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBH
+bG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlv
+biBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzMwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDJhqIFPux3TXlCgfLFRqnCm/lXqUjdPDviFkeDFQw2iGGz
+yLnVIJe2/gcwAZ4BOvlQh6BPYMyQ9t0fpsdVAGxUMV8Cmvd/B5rSIlMFzZ/Hu3tZ
+O4qyk3gNQwKSdqUp+HydXDqi+FJyIkWR/ZASKE115N2qeVhobyp+e+/Rnn9S3Msc
+SOI+TVxHerTxzv/ZYCt30WIiLalaBhbuN2pRz46l0W5wSvDYY2BqclXX8Zk4hkRn
+GOBxjsFAbYXaS90xc7wyzG+Oe7mNS4DaucfGJINeMvuH6YthZ6KZdtulqrTobEGf
+Xyqz1X3XksgnS+wf2gVtiHOPBrI4PQOi4YeGPMahAgMBAAGjggFEMIIBQDAOBgNV
+HQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFGiGuH162W1Ja4cvGIsVNGzXtHoOMB8G
+A1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMD0GCCsGAQUFBwEBBDEwLzAt
+BggrBgEFBQcwAYYhaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIxMDMG
+A1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC5j
+cmwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3
+Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQCa
+uYIc3YODi5LAxO0BrYT8Tu5tnB0B+lIU29jCEGOfazmaxxw8oKrjGTr8ZEYq7zUm
+A/YFZ/pudOFG+0DYb64tOSF0hp8ABRo/L5Nb1KRFvD0MKRda0/topg/gAGh5sEyx
+RYvIhYxnDox9VPiwdc4KrB3Xa0Ss/hvUppghCT6iSzO6uksSqGtXJ536lIC0aEx3
+YP/XKVo4Pc4tSwhWn2nLe9jiNvk3acXONpccug0/FbNloOx0Er2zrejenqHs07+p
+4KWRbYNZElYvE6Z+eXOho4nV4aWMzi2sis9iFmXN2e6otkAItXxQ+TeCeqQLNGbs
+6ZdXH4pnPoG8OzXTKkgM
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIErjCCA5agAwIBAgIPIAYFFnADE4mV+0+/hYvPMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xNTA5MTAxMjMyMThaFw0yNTA5MTAxMjMyMThaMIGWMQsw
+CQYDVQQGEwJSTzERMA8GA1UECgwIY2VydFNJR04xNzA1BgNVBAsMLkNlcnRpZmlj
+YXQgZGUgcHJvZHVjdGllIFByb2R1Y3Rpb24gY2VydGlmaWNhdGUxOzA5BgNVBAMM
+MkNFUlRTSUdOIEZPUiBCQU5LSU5HIFFVQUxJRklFRCBEUyBQUk9EVUNUSU9OIENB
+IFYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCrq4I0dsB4iNj4K
+YW7qYKkBcmc3+Hk/qONyDj1dTbBszzlbnzvPWnRgNGL3cBorJ3tQhQJV7JPMK9jM
+XyeAkTfKcjL+CPyS/AaMjRa9BPk5LqLUdqxe33EnOlHLu2jVXv6gFyj4L18Gw9YK
+miZQjGj4MXbIO89NQUX4fby24eGiH1P//RZdyIqBF/HUD3f8pTnE6w2TFIVgO5Jq
+CmAoH3c1XftwCSZGjtzMUflrBTswRD1bAf966x0JDxAwaSulO5Ensyxz8fXE78Pg
+9wIU4+CP/Esc6aKSknOmRdUwnjhgJSxQbHGiFbOIjwGStSwt2Jg5zDKHZaHjLXbJ
+qXA1SQIDAQABo4IBUTCCAU0waAYIKwYBBQUHAQEEXDBaMCMGCCsGAQUFBzABhhdo
+dHRwOi8vb2NzcC5jZXJ0c2lnbi5ybzAzBggrBgEFBQcwAoYnaHR0cDovL3d3dy5j
+ZXJ0c2lnbi5yby9jZXJ0Y3JsL3Jvb3QuY3J0MBIGA1UdEwEB/wQIMAYBAf8CAQAw
+DgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFOCMm9slSbPxfIbWskKHC9BroNnk
+MB0GA1UdDgQWBBSpB0gRuLKVoNVy8S9VK5h87C0pnjBLBgNVHSAERDBCMEAGDSsG
+AQQBgcM5AQEDAQEwLzAtBggrBgEFBQcCARYhaHR0cDovL3d3dy5jZXJ0c2lnbi5y
+by9yZXBvc2l0b3J5MDAGA1UdHwQpMCcwJaAjoCGGH2h0dHA6Ly9jcmwuY2VydHNp
+Z24ucm8vcm9vdC5jcmwwDQYJKoZIhvcNAQELBQADggEBAGNlAeOVSzJ2GkfaAAVO
+OLKS1zoE5D+PSzmpvcTk8/rrQWWeijqbxGzSudCmLviNUEsyvcyf3orqqZUfhnZE
+S3oUl7rUI6NfFgzLyMSBoCE8RkxbxrUWAalisacrDGhhLiuBt/+Cs5wiEQle2A15
+1id6dZYunAgmuDuzFMl/1nxsGZ6Ti5sW1sTirnDxFFe7PSg89Sqd4E5Ltn3MRG2X
+bxVAz5CSg6pDD3WvTAzDW2zi+YQI1nkM6HJvFszefs0s/77fd4K6q4ApOEPg2FpZ
+m6pWKgpyfcXPCxa7YFAYVWEOlqnz9I9rHyGJKyAwISG8UqnF0K/NYMJzvhTeu0Rw
+VZ4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIErDCCA5SgAwIBAgIPIAYFFnADFMy2p09D7N+NMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xNTA5MTAxMjQ4MjRaFw0yNTA5MTAxMjQ4MjRaMIGUMQsw
+CQYDVQQGEwJSTzERMA8GA1UECgwIY2VydFNJR04xNzA1BgNVBAsMLkNlcnRpZmlj
+YXQgZGUgcHJvZHVjdGllIFByb2R1Y3Rpb24gY2VydGlmaWNhdGUxOTA3BgNVBAMM
+MENFUlRTSUdOIEZPUiBCQU5LSU5HIFNJTVBMRSBTU0wgUFJPRFVDVElPTiBDQSBW
+MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANU799+R4U9BdR7FhqSV
+Isb2HOVR9JZBx6l/7oUqYSYf4GA01A6oeHCO47cZBvicpI7wTAQfOByPjjj3+Q3D
+80sCHOPAVAPKlgKDYdd/0qz+6g9XZOLXPeNWbpIvfE7/J+uXFOF5iShqwh2kzKEs
+Jl0ZN5YN+ZqslxGxkXKmRdVq7FiPKZMqgFm/i5Yp3R6xQ55N+NGFQLLFzWnepsCT
+1OcIcUEvEnx0aJy4o6sps85bPZOLAHwd5PxNJ8zM1jEOklT48xW2RXLs6ZjN8Q7/
+sqN2YCU3wS8N8fSQFfp28+/AS4gC3gNw5uIUP8LA4qqu0S12aDeNnMjH2c2xb3Us
+VGMCAwEAAaOCAVEwggFNMGgGCCsGAQUFBwEBBFwwWjAjBggrBgEFBQcwAYYXaHR0
+cDovL29jc3AuY2VydHNpZ24ucm8wMwYIKwYBBQUHMAKGJ2h0dHA6Ly93d3cuY2Vy
+dHNpZ24ucm8vY2VydGNybC9yb290LmNydDASBgNVHRMBAf8ECDAGAQH/AgEAMA4G
+A1UdDwEB/wQEAwIBhjAfBgNVHSMEGDAWgBTgjJvbJUmz8XyG1rJChwvQa6DZ5DAd
+BgNVHQ4EFgQUICETMsplqUpbZfhBTh3j+7Vbf2AwSwYDVR0gBEQwQjBABg0rBgEE
+AYHDOQEBAgEBMC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cuY2VydHNpZ24ucm8v
+cmVwb3NpdG9yeTAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vY3JsLmNlcnRzaWdu
+LnJvL3Jvb3QuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBCDjzDgC2NmOP2sslopI50
+a+vItiu5cijDyZLa4z1hmllfwC6gd6GF6j9BmegmX6uiYvqJY91fMz5jCxLyz0fd
+u4IEWZe0Bc+YlNORIRl1+TFqFoU//NV6/bfnPSaXOwu/oHx7ubCZXQ8i9fa5kyfb
+UKfDARuoEEVO0NyIJniIy3ERKr/v6ILZRXM8zafAhOGrPqRJ9pekAuetnNrZLz1X
+PQUFKMDLneOO9Bj+WvXIZX/kB3IC+ls/Up1P1eKGQfCPWvxLcgXEHYvSfBTsPBrT
+9KYN0gb2Oe63fdZk+OdvrRbAB78SN+6zUW94fG1tM+T+V2SdjNR/0EzsQ2rpOUdD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhzCCAw2gAwIBAgIIK0T3E98XDBYwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC
+VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ
+cmVtaXVtIEVDQzAeFw0xNTA5MTYwMjQ5MDNaFw00MDEyMzExMTU5NTlaMIGLMQsw
+CQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxLTArBgNVBAsMJGh0dHA6
+Ly93d3cuYWZmaXJtdHJ1c3QuY29tL3Jlc291cmNlczE3MDUGA1UEAwwuQWZmaXJt
+VHJ1c3QgUHJlbWl1bSBFQ0MgRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQTB2MBAGByqG
+SM49AgEGBSuBBAAiA2IABMG7lpQW6KCRa0F08QvCChRc+0tN9z9QbOFDq3X7/2hS
+4oCHzgAa2TAGTAb/yysYV3AIZwxcN19DmfLueos35w3XHxshgH6HadrmPmAgF5it
+/izFoUJpCsesqECqTiutuaOCAYEwggF9MHAGCCsGAQUFBwEBBGQwYjAyBggrBgEF
+BQcwAoYmaHR0cDovL29jc3AuYWZmaXJtdHJ1c3QuY29tL3BlY2NjYS5jcnQwLAYI
+KwYBBQUHMAGGIGh0dHA6Ly9vY3NwLmFmZmlybXRydXN0LmNvbS9wZWNjMB0GA1Ud
+DgQWBBQBBy+KEywCDqBYBkuipr4IIn8mrTAPBgNVHRMBAf8EBTADAQH/MB8GA1Ud
+IwQYMBaAFJqvKXrAETU1JlEwAMNq/kDVrtY8MF0GA1UdIARWMFQwDAYKKwYBBAGC
+jwkCBDBEBgorBgEEAYKPCQEBMDYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuYWZm
+aXJtdHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwSQYDVR0fBEIwQDA+oDygOoY4aHR0
+cDovL2NybC5hZmZpcm10cnVzdC5jb20vY3JsL0FmZmlybVRydXN0UHJlbWl1bUVD
+Qy5jcmwwDgYDVR0PAQH/BAQDAgEGMAoGCCqGSM49BAMDA2gAMGUCMQDNDZhBT4EN
+OmFc2+3DQtlzH9riHkeHzOROSuQzH/CgK6WpWDXjou/Hq6j4aAD+FsQCMHE2AOME
+jvXgg10peS0mXiNUK6U7mPcnV1Vc5cEPL1mY0+e8XGQzcyNxzt8I4s0Z0A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGyzCCBLOgAwIBAgIIXVRFCaDWCqcwDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVz
+dCBQcmVtaXVtMB4XDTE1MDkxNjAyNTAwNFoXDTQwMTIzMTExNTk1OVowgYcxCzAJ
+BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEtMCsGA1UECwwkaHR0cDov
+L3d3dy5hZmZpcm10cnVzdC5jb20vcmVzb3VyY2VzMTMwMQYDVQQDDCpBZmZpcm1U
+cnVzdCBQcmVtaXVtIEV4dGVuZGVkIFZhbGlkYXRpb24gQ0EwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQDIJKKCLrO1P8lH9elhDSFnhkVZBtV9stJEkM6M
+S4RQfyGJSYZW0r8tzUAoUaLhI2P60R8Y2Dpofzm78QfvDVcleGSCcfaPf7BElECA
+eb7bNg5ER6erP99pwDXyKs8nh1gCZrvTQhqZY2Ezi9g/SpuE0NhhudBFrGssaRQU
+tyHijlx5oHgq1yGhZ7cP0Zr6ulGIV8sGvq423NJUsjmt7iNFVEwyBKsmBGMnw3fV
+371mfxbZQkmNpOY93qOzRzr+3yRnwV9tqh6ZwJ7g7naBqMKpZnSIwd+1CxkrZmYA
+GW6tLoIUzz57JA/LVEZb/5NFCQvodE+/6SeTfgl+v8XWXFoK2p57/D90gv2cMjVX
+QW7b9DD1INaNg+NLXxqWiozzxWte9S3IjJA7Cf7D7uLqFPMyBD8RqGN1u2h/DUnK
+UQL1dFy++Yovl9chQ67Ga6Ma3x1TVSuCf/gElTGBPzEFenbRUirlgK3n5/XxWe9G
+BA9ZjQiAkE37+6U+smEossQyEyy/qbBQuwZ9qy6fXbxYJLK5zm2HbxBONOWmWS8n
+F6aeUUI9D+WU0M0L42xAqdnSm60N2KKAdykGuDjZsIgQ1bxEJdGOYdw3seVuB21G
+6arJZfhnbtwptgfTmtxH0yLgKQDf+t0RWuIw2S79uhOYBqQ3oDypzFiWa14HD3c8
+BdQjfwIDAQABo4IBfjCCAXowcAYIKwYBBQUHAQEEZDBiMDIGCCsGAQUFBzAChiZo
+dHRwOi8vb2NzcC5hZmZpcm10cnVzdC5jb20vcHJlbWNhLmNydDAsBggrBgEFBQcw
+AYYgaHR0cDovL29jc3AuYWZmaXJtdHJ1c3QuY29tL3ByZW0wHQYDVR0OBBYEFLzd
+RrvkokL9idHmeR/XHkGpR/tQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU
+ncBnpgwi2Sb1RaumZVIRJ9hFrGMwXQYDVR0gBFYwVDAMBgorBgEEAYKPCQIDMEQG
+CisGAQQBgo8JAQEwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5hZmZpcm10cnVz
+dC5jb20vcmVzb3VyY2VzL2NwczBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3Js
+LmFmZmlybXRydXN0LmNvbS9jcmwvQWZmaXJtVHJ1c3RQcmVtaXVtLmNybDAOBgNV
+HQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQEMBQADggIBAHWP+I0+dxmR0G/haN7/+pwY
+8W+TM+ao/KCf3sRYWZ0N1cSyRhy2sQJpGcGzDcVEgEd9n4zGDp18FdhZZvAqv8xY
+xmOBZ4IyNErBFgzxMOX8uG49XvzX+2fUaOyGdCJbI57rwJXLFFzOs4N2VSugHOST
+xvfz/h4KEN9WAjAvK6KzsXW38d8gkWa6NS+hGlz6na6WDLszGJyjGarMfmYlpjbm
+8wukDLFoJkBtay5Ud80MI94OvJHWeYxtp121SH++KLacI4DnLWtidaQNe5ST/oii
+4w5+Jh00tyVdEiGQh9+QlXmhYXLMFZYOSAtIPHEeDNwaLf/y/hrpA4gVU2a2hLVD
+DewLfe9tHl2dvVt3+JQPjPcI6TYTGcta/IC4XImKaXUiLfF/7l3IuYWoOCIoiHwb
+O+YQqJIoAJkByUywEtLcDuVIttVy3mY02FbbhsTl3AX6h8f8MnmVhFYpPAe5CDfQ
+2ZEjadqzZADxYzmkLOTqeVfI6XpKcPpAxoo1UX3xdew9GaRyAHHJJDSo+JUIByoF
+koqMi/NsHG3rbH4fITXI9/xX5vPVTuuZxjLLOu23Rm1jQEn33zFH0VwGtkMXGd+o
+/dkkcIhhoqqYsL30CS8ctkZvFCXYZTnXh0CmEQLIrcpIRn37r5o0JzFQVXmihzA+
+8xT6qz7h5DGg4jP7Wyo4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGSjCCBTKgAwIBAgIQBaQqKlSjSO+LEKr8/e27czANBgkqhkiG9w0BAQsFADCB
+ijELMAkGA1UEBhMCVVMxGjAYBgNVBAoTEU9yaW9uIEhlYWx0aCBJbmMuMS0wKwYD
+VQQLEyRPcmlvbiBIZWFsdGggRGlyZWN0IFNlY3VyZSBNZXNzYWdpbmcxMDAuBgNV
+BAMTJ09yaW9uIEhlYWx0aCBEaXJlY3QgU2VjdXJlIE1lc3NhZ2luZyBDQTAeFw0x
+NTA5MjUxMjAwMDBaFw0yNTA5MjUxMjAwMDBaMIGUMQswCQYDVQQGEwJVUzE+MDwG
+A1UEChM1TWFzc2FjaHVzZXR0cyBIZWFsdGggSW5mb3JtYXRpb24gSGlnaHdheSAo
+TWFzcyBISXdheSkxLTArBgNVBAsTJE9yaW9uIEhlYWx0aCBEaXJlY3QgU2VjdXJl
+IE1lc3NhZ2luZzEWMBQGA1UEAxMNTWFzcyBISXdheSBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANOfdetY49oziDBfhSUoS/MFnruSfg+ZjpzToUKJ
+lfY6HZxUxqErlMxTco85zI6EljPekZkTkIXG+qB70+8dU8FfeAssquSM+eHyGjKe
+BMgX0nZ0f2xGh/fWiCgNpgH3sl9S41vox4Ud3CTbF5Ec7W76xF81ehtYO2YXtdt0
+jG8MgVIZn2v16NLyvF62iCCrJlchjOgzATA01zSbBDSZEQV0yYG6wELPx2igdklm
+tcAOKMmXbJxQ5TwZRtSVkZgcfSBdB+SRH3maB5gJKdeom1+Jf4j+F2mix0vb7kpL
+mXt+ZgwB/MFHH5zU9LDGDy6D5H+9lZstx/osL4ib8CE3Hs8CAwEAAaOCAp4wggKa
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHoGCCsGAQUFBwEB
+BG4wbDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEQGCCsG
+AQUFBzAChjhodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vYWlhT3Jpb25IZWFs
+dGhJc3N1aW5nQ0FzLnA3YzCBmQYDVR0fBIGRMIGOMEWgQ6BBhj9odHRwOi8vY3Js
+NC5kaWdpY2VydC5jb20vT3Jpb25IZWFsdGhEaXJlY3RTZWN1cmVNZXNzYWdpbmdD
+QS5jcmwwRaBDoEGGP2h0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9PcmlvbkhlYWx0
+aERpcmVjdFNlY3VyZU1lc3NhZ2luZ0NBLmNybDCCARoGA1UdIASCAREwggENMDgG
+CmCGSAGG/WwAAgQwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQu
+Y29tL0NQUzAMBgpghkgBhv1sBAEBMAwGCmCGSAGG/WwEAQIwCwYJYIZIAYb9bAQC
+MAwGCmCGSAGG/WwEAwIwDAYKYIZIAYb9bAQEAjAOBgxghkgBhvlbA4ohAAEwDAYK
+KwYBBAGCwVsAATAMBgorBgEEAYLBWwEBMAwGCisGAQQBgsFbAQIwDAYKKwYBBAGC
+wVsBAzAMBgorBgEEAYLBWwEEMAwGCisGAQQBgsFbAgEwDAYKKwYBBAGCwVsCAjAM
+BgorBgEEAYLBWwIDMAwGCisGAQQBgsFbAgQwHQYDVR0OBBYEFEH0hvKcQ8WqnFJa
+ejx+8YQxvGG6MB8GA1UdIwQYMBaAFKVuIv85aToj+4kkF8ZglAAa2o6eMA0GCSqG
+SIb3DQEBCwUAA4IBAQAusAW9ek8QKCS6fbXf2C/1oGP/jtBWffE+bHhtq0ZN1rmi
+/uSZ1k8PF8rP640/GBiqpI3EV5w6bidgOXP+XKXN9eMiLLSbXAKWmpP7SEnGDpSP
+OA2zq4zo3mKkfcgRXVJ8srqz58x7RhbShoelg26G+GKJQlZwz4IkP/46bgH6ZsCX
+lgE5Uwe9nQKyEFpUubdChRyzCHSt3ydQbYUOQgywJtQAvpj6Swxvr31/dsaR4Z28
+nBdyLlqLgJEjj+E0EWvK3mgpXStPYF59x2p0Uw8kIfPe+H6OU/lfEt3AYOSw4haW
+mHXux215tZG8GEy+cCRAMszFVwg3Y5nyJkkg1FMU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF6jCCBNKgAwIBAgIQCRasQhL5QBnnNPBjDb8JXzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBGZWRlcmF0ZWQgVHJ1
+c3QgQ0EwHhcNMTUwOTI1MTIwMDAwWhcNMjUwOTI1MTIwMDAwWjBpMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSgwJgYDVQQDEx9EaWdpQ2VydCBHb3Zlcm5tZW50YWwgRGlyZWN0IENB
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLqqXLLxNsN92M7tMY+R
+NTnF0Fz191GCva7n9FbBbPHckzTzd7pxgDGQwDPvHGs2ysRBao88lOLfLPgh53XN
+sQfhBrNdqSiFEpkzHYEzAUwzN123HsjvgrAY84/j+AYN+ZoAt/HO4ikvLuQUvOwO
+viPc7ACUDo8ZbpzLWhScJ9wY8dzliJyu46LAtvYk4+PCDAHGBMG7rcrHGqK8+yVk
+UiT255zHgoD5TFv5JajoUXKGL6C+aWS/ilkeRan1CohYnLhOkEA7NMHzZttVVkEw
+z2TgryhBxQNwrR3FhZrrT8Xl6jHYRvLKM0tLvHcLZPaqergMrKFI66ri1NHQUuNc
+CQIDAQABo4ICkDCCAowwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMC
+AYYwgYEGCCsGAQUFBwEBBHUwczAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln
+aWNlcnQuY29tMEsGCCsGAQUFBzAChj9odHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j
+b20vYWlhRGlnaUNlcnRHb3Zlcm5tZW50YWxEaXJlY3RDQS5wN2MwgYMGA1UdHwR8
+MHowO6A5oDeGNWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEZlZGVy
+YXRlZFRydXN0Q0EuY3JsMDugOaA3hjVodHRwOi8vY3JsMy5kaWdpY2VydC5jb20v
+RGlnaUNlcnRGZWRlcmF0ZWRUcnVzdENBLmNybDCCARoGA1UdIASCAREwggENMDgG
+CmCGSAGG/WwAAgQwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQu
+Y29tL0NQUzAMBgpghkgBhv1sBAEBMAwGCmCGSAGG/WwEAQIwCwYJYIZIAYb9bAQC
+MAwGCmCGSAGG/WwEAwIwDAYKYIZIAYb9bAQEAjAOBgxghkgBhvlbA4ohAAEwDAYK
+KwYBBAGCwVsAATAMBgorBgEEAYLBWwEBMAwGCisGAQQBgsFbAQIwDAYKKwYBBAGC
+wVsBAzAMBgorBgEEAYLBWwEEMAwGCisGAQQBgsFbAgEwDAYKKwYBBAGCwVsCAjAM
+BgorBgEEAYLBWwIDMAwGCisGAQQBgsFbAgQwHQYDVR0OBBYEFHAtS6mEARqEdfd4
+qQlJ7DBL+W/rMB8GA1UdIwQYMBaAFEYIOFqpjiC7DK9eMbqJsyi/rIw2MA0GCSqG
+SIb3DQEBCwUAA4IBAQCu1sc2zU2hkzv2aI2LwPjuU1NsyWyoZYf/5HZv5hTBG7ph
+TGTGQQpr1yaxyPUAE5iZ2TdqPpC6NFhsqzRgKuA/PgyE+Kb5uonhOeOi2QGAyv8k
+Ozxki5yLvzikjZPpPwoodXiam7fGoJsdEMUewuDObX49ZlghTZMUr66EPcK/AtTX
+a55dXJ+OAFDIc/oZIdxabZPuO895GsWxAnSy4IyoqQ4IFCiUEzjxE3XrKeT6ccGB
+Dc/VMSHPScHNOmgqcs0qfkNYzXQOknbsy6D2HgWEKV8JAR8Eq0tSKHnKCbc1aYaJ
+F2RDlO0O9tquXZPNt3Ng0fbvPxNbHMNSsNEeDDo4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFDjCCA/agAwIBAgIMDulMwwAAAABR03eFMA0GCSqGSIb3DQEBCwUAMIG+MQsw
+CQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2Vl
+IHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMDkg
+RW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MTIwMAYDVQQD
+EylFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjAeFw0x
+NTEwMDUxOTEzNTZaFw0zMDEyMDUxOTQzNTZaMIG6MQswCQYDVQQGEwJVUzEWMBQG
+A1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5l
+dC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAt
+IGZvciBhdXRob3JpemVkIHVzZSBvbmx5MS4wLAYDVQQDEyVFbnRydXN0IENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5IC0gTDFLMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
 MIIBCgKCAQEA2j+W0E25L0Tn2zlem1DuXKVh2kFnUwmqAJqOV38pa9vH4SEkqjrQ
 jUcj0u1yFvCRIdJdt7hLqIOPt5EyaM/OJZMssn2XyP7BtBe6CZ4DkJN7fEmDImiK
 m95HwzGYei59QAvS7z7Tsoyqj0ip/wDoKVgG97aTWpRzJiatWA7lQrjV6nN5ZGhT
@@ -4983,31 +8843,160 @@ exCdtTix9qrKgWRs6PLigVWXUX/hwidQosk8WwBD9lu51aX8/wdQQGcHsFXwt35u
 Lcw=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEqDCCA5CgAwIBAgIRAJgT9HUT5XULQ+dDHpceRL0wDQYJKoZIhvcNAQELBQAw
-PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
-Ew5EU1QgUm9vdCBDQSBYMzAeFw0xNTEwMTkyMjMzMzZaFw0yMDEwMTkyMjMzMzZa
-MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
-ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMTCCASIwDQYJKoZIhvcNAQEBBQAD
-ggEPADCCAQoCggEBAJzTDPBa5S5Ht3JdN4OzaGMw6tc1Jhkl4b2+NfFwki+3uEtB
-BaupnjUIWOyxKsRohwuj43Xk5vOnYnG6eYFgH9eRmp/z0HhncchpDpWRz/7mmelg
-PEjMfspNdxIknUcbWuu57B43ABycrHunBerOSuu9QeU2mLnL/W08lmjfIypCkAyG
-dGfIf6WauFJhFBM/ZemCh8vb+g5W9oaJ84U/l4avsNwa72sNlRZ9xCugZbKZBDZ1
-gGusSvMbkEl4L6KWTyogJSkExnTA0DHNjzE4lRa6qDO4Q/GxH8Mwf6J5MRM9LTb4
-4/zyM2q5OTHFr8SNDR1kFjOq+oQpttQLwNh9w5MCAwEAAaOCAZIwggGOMBIGA1Ud
-EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMH8GCCsGAQUFBwEBBHMwcTAy
-BggrBgEFBQcwAYYmaHR0cDovL2lzcmcudHJ1c3RpZC5vY3NwLmlkZW50cnVzdC5j
-b20wOwYIKwYBBQUHMAKGL2h0dHA6Ly9hcHBzLmlkZW50cnVzdC5jb20vcm9vdHMv
-ZHN0cm9vdGNheDMucDdjMB8GA1UdIwQYMBaAFMSnsaR7LHH62+FLkHX/xBVghYkQ
-MFQGA1UdIARNMEswCAYGZ4EMAQIBMD8GCysGAQQBgt8TAQEBMDAwLgYIKwYBBQUH
-AgEWImh0dHA6Ly9jcHMucm9vdC14MS5sZXRzZW5jcnlwdC5vcmcwPAYDVR0fBDUw
-MzAxoC+gLYYraHR0cDovL2NybC5pZGVudHJ1c3QuY29tL0RTVFJPT1RDQVgzQ1JM
-LmNybDATBgNVHR4EDDAKoQgwBoIELm1pbDAdBgNVHQ4EFgQUqEpqYwR93brm0Tm3
-pkVl7/Oo7KEwDQYJKoZIhvcNAQELBQADggEBANHIIkus7+MJiZZQsY14cCoBG1hd
-v0J20/FyWo5ppnfjL78S2k4s2GLRJ7iD9ZDKErndvbNFGcsW+9kKK/TnY21hp4Dd
-ITv8S9ZYQ7oaoqs7HwhEMY9sibED4aXw09xrJZTC9zK1uIfW6t5dHQjuOWv+HHoW
-ZnupyxpsEUlEaFb+/SCI4KCSBdAsYxAcsHYI5xxEI4LutHp6s3OT2FuO90WfdsIk
-6q78OMSdn875bNjdBYAqxUp2/LEIHfDBkLoQz0hFJmwAbYahqKaLn73PAAm1X2kj
-f1w8DdnkabOLGeOVcj9LQ+s67vBykx4anTjURkbqZslUEUsn2k5xeua2zUk=
+MIIEYzCCA0ugAwIBAgIQBdoN7Kc1obxcNtUe1erXujANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE1
+MTAxNDEyMDAwMFoXDTI1MDUxMDEyMDAwMFowZDELMAkGA1UEBhMCVVMxFTATBgNV
+BAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEjMCEG
+A1UEAxMaRGlnaUNlcnQgQmFsdGltb3JlIENBLTEgRzIwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCcFjx6VK459CTGcFIwL7rt08Qb5VFYmcXUAC/qOayu
+iOvQzrxOW4xLyNfZLWkJZZgwvupmUeYG8Ao66qi0opqEqWXtGG5eIw99wE0Tg48+
+phTB5pP3FgCXiN2RO73R8e6RAAb0thbErY9AKdFesatWCd1M3p1ZWdjvjIthUxe4
+mufcPsazFi96oDinM/ORTLeOECAQmXgsXRde2faVEwCU+OqlVTQWng1jfa3cztQ7
+aC0fpeDqvEhAuJ6qCM7acZElejJKkkeN0rGb7UOMs7B8dMn8lwPxtKm3efcyXAn3
+lybgoOA4so6E1co5LGcQt1QQp2WzxaytwsqUwOCGNgm9AgMBAAGjggEZMIIBFTAS
+BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjA0BggrBgEFBQcBAQQo
+MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA6BgNVHR8E
+MzAxMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vT21uaXJvb3QyMDI1
+LmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93
+d3cuZGlnaWNlcnQuY29tL0NQUzAdBgNVHQ4EFgQUtvlIUEhv85/rvlO6J4lOdZq0
+vWcwHwYDVR0jBBgwFoAU5Z1ZMIJHWMys+ghUNoZ7OrUETfAwDQYJKoZIhvcNAQEL
+BQADggEBAIvMSJv4auzcgy1g2K7t52O931Z3tlb4rVUJNk69wo1dJqEKeVWfr2UP
+aacS9oBZYATgxjtEHmu8cHBGv6Bex4siT9+UrGdzCnKYtYwas9ZIWkH1EAe53h1k
+as/t4gQTl/JZNxK8omdUBSd0z/egR8Zlzshg3ySdVd/rcaZWEFa8rRQvAwfoNLoH
+psecZXmFwFAkmu5odsvdfyXEImGo1gFeLyUOAKJjSMz9zsSXBxVj6j/YglPRsFuV
+98a6sKE5Y07vRRWWC/KHFgckqU6hHmk7DpXaIsVsl2UU65W6LdyZ8cDf1DKlOrKq
+g16c0LkLttQNOnS9jgWJJoJjN0m4eS4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEYTCCA0mgAwIBAgIQCczcn5k0S1LTezBTdtbCxTANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE1
+MTAxNDEyMDAwMFoXDTI1MDUxMDEyMDAwMFowYjELMAkGA1UEBhMCVVMxFTATBgNV
+BAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEhMB8G
+A1UEAxMYRGlnaUNlcnQgQmFsdGltb3JlIEVWIENBMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAtnSaCvMG9TXrCtbBTUnfoXDA1nxkxYNP5lSxqMwbqxx/
+fHivQGfoG6S4yE8xYpFszud0OplTaD1tfDsWJgTgu5k64mZuZ17IVCMVTgBF+bdL
+DlRV80N4HCw0sNrjgTYDyvBlnrhsqZEtPZfOFstm+6TxV6dG1nTdCiGyC8lQkZ5D
+3kV3WVFDgAB2Xrz4gTdQ2NLGqLmmQQvj9snmQ5jsaenX+uYJBpJILEVY4US0YhTL
+GwynXzkt1c0gblihuYVWC3O7MhMaiJQM08WmLS0rzzm1wggiuLG9TwLm9OJh8dVA
+X5QNAzPotYEXh0Sm8uMJu6kuuvBafivc0ai97h2v8QIDAQABo4IBGTCCARUwEgYD
+VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAm
+MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMw
+MTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5j
+cmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3
+LmRpZ2ljZXJ0LmNvbS9DUFMwHQYDVR0OBBYEFBYAcJjh6EVnw5usVJcbzrEqNh55
+MB8GA1UdIwQYMBaAFOWdWTCCR1jMrPoIVDaGezq1BE3wMA0GCSqGSIb3DQEBCwUA
+A4IBAQCbL16pTZZS/LD1hJssG9VpUvlfpoIWpF1vp2uDRL0A5fsBV+1FxcJLO0y1
+InK89VNGpPt7GoKF+UQuqa1IWMLjAavrrpyPHxOo17eHLlmpHn4qJSA/pL4V8JFL
+o9nVXMOEUP+uHIB4282uElsJ7AJWJYKq+QkKnFaeOwhfNq502DnagUDM8ybHGE3k
+cvmbL+suy0XsRo9ny+tRuoUATscnVI//3r+cCRVQa34Dlksl/yj+2h80saHcSEjp
+n+YAnvp1YhI+wc1EvvAah+7VN1UFAIRIyQ91hHp0gzZppjmsJYmPfuw6CYzK1LqN
+FxIihbFnfU8LRCgfrSAmqLs+rFdf
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkjCCA3qgAwIBAgITBntQSu8k7aSeV/dHSEVj9OKhWDANBgkqhkiG9w0BAQsF
+ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj
+b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x
+OzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1
+dGhvcml0eSAtIEcyMB4XDTE1MTAyMTIyMjA0NVoXDTM3MTIzMTAwMDAwMFowOTEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
+b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
+ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
+9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
+IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
+VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
+93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
+jgSubJrIqg0CAwEAAaOCATEwggEtMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdDgQWBBSEGMyFNOy8DJSULghZnMeyEE4KCDAfBgNVHSMEGDAW
+gBScXwDfqgHXMCs4iKK4bUqc8hGRgzB4BggrBgEFBQcBAQRsMGowLgYIKwYBBQUH
+MAGGImh0dHA6Ly9vY3NwLnJvb3RnMi5hbWF6b250cnVzdC5jb20wOAYIKwYBBQUH
+MAKGLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0LmNvbS9yb290ZzIuY2Vy
+MD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucm9vdGcyLmFtYXpvbnRydXN0
+LmNvbS9yb290ZzIuY3JsMBEGA1UdIAQKMAgwBgYEVR0gADANBgkqhkiG9w0BAQsF
+AAOCAQEAY7ItFmzGZlk1ae7URE8CTUg2qZlmSCFugdXGuQZ+/tFHLxolCdmw2Jfn
+PX367cbcElUhFvLFRtLwW99VYVqKLA1ypmrs5uuMGOXUUmPA6hU+2dovhh5KuClm
+58gz2fH7Gw+V9ko2CRt0XXDmXMJzXxRW1CgcNC05RXnD8J92iMyrok1KnB4+emMU
+kNBrcaE+XuqRuAc7lJ9qv4t+JYtEszz3k+Q68TlOOIp0W5k5Xvsx0Q+/r6qCOECs
+JP9dLmsuIA/SrhyqW5qTvul/X7nJLlffGWYsbOdmrUzA6fZR9NeL/Ljlx98/ouE3
+4dmgCQgWbRp4XTnGnL3XLbVPUAReEQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEojCCA4qgAwIBAgITBntQUp3WX1ga1fXFWlp5GKFvkzANBgkqhkiG9w0BAQsF
+ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj
+b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x
+OzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1
+dGhvcml0eSAtIEcyMB4XDTE1MTAyMTIyMjIyN1oXDTQwMTAyMTIyMjIyN1owRjEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB
+IDBBMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQChhTHcMX+WcSKio/2VJ8N0cCpdrUf4oB9V+fx2dFxU+XgRvszhgePcNKv5
+d7a0qOWF9uLmYix0BP34xYujNe0TTGBjOdjCWmTLi9mb5gO8Qxe3eaPZFHX2JbA+
+GeqyLkv3/Dt4SkggAZX1PvoaPlCytHCW7qDdo+ycuqwrrfl0fYfJrEA+O5x8v+uH
+UmC5APF5vYE8XdGhGra5JRot2TY3P+Kh1AfuJWPLBRgmmbPscv81zVdl+LzZdGFP
+dCnCwE9OKd4stKNkO2vTwdJykLgovcF889LQdbPfCx7UaDeHdAcJLyNcS0i5FrHD
+7hNfwzfpOORF0+1wF6HdE/GBUJBJAgMBAAGjggE0MIIBMDASBgNVHRMBAf8ECDAG
+AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUl+rEItIGGO2FBP/cUsJu
+2w4G4T8wHwYDVR0jBBgwFoAUnF8A36oB1zArOIiiuG1KnPIRkYMweAYIKwYBBQUH
+AQEEbDBqMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5yb290ZzIuYW1hem9udHJ1
+c3QuY29tMDgGCCsGAQUFBzAChixodHRwOi8vY3JsLnJvb3RnMi5hbWF6b250cnVz
+dC5jb20vcm9vdGcyLmNlcjA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnJv
+b3RnMi5hbWF6b250cnVzdC5jb20vcm9vdGcyLmNybDARBgNVHSAECjAIMAYGBFUd
+IAAwDQYJKoZIhvcNAQELBQADggEBAGUFWQnstW12HJoKhJv5R2BqmRMdCrlDmUdc
+0LyKXrE5lb8FJVCJcoebwtXhBedaIQxxaDZHXbNOPyMFWhE2j2pLEDTKGY4MQRb/
+KAUAR6jncl3MQCmVBvRmA4tzwZtNbqWYhb70YUn4KjP+3O8IV86WwYrLBxIh6sh/
+jfWIenw2ipRJJEHk64wBpQIKCpTPgloB8n8u2TbVqbrDefBanajPWWstOPw51YdW
+2GSYqbRhIxQnin7WYztBlboIaRxehsftLeShWGokb0yOW5+4pqrw7w7vxv2d/uSl
+fZx3MqHAesyqNGtcwOuf2tYr/NJZAaXawY3LfNJ4r49K/NwPTlI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIERzCCAy+gAwIBAgITBntQWB5VRYI8C6YvYwneX8pJTDANBgkqhkiG9w0BAQsF
+ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
+b24gUm9vdCBDQSAxMB4XDTE1MTAyMTIyMjM0MFoXDTQwMTAyMTIyMjM0MFowRjEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB
+IDFBMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCeQM3XCsIZunv8bSJxOqkc/ed87uL76FDB7teBNThDRB+1J7aITuadbNfH
+5ZfZykrdZ1qQLKxP6DwHOmJr9u2b4IxjUX9qUMuq4B02ghD2g6yU3YivEosZ7fpo
+srD2TBN29JpgPGrOrpOE+ArZuIpBjdKFinemu6fTDD0NCeQlfyHXd1NOYyfYRLTa
+xlpDqr/2M41BgSkWQfSPHHyRWNQgWBiGsIQaS8TK0g8OWi1ov78+2K9DWT+AHgXW
+AanjZK91GfygPXJYSlAGxSiBAwH/KhAMifhaoFYAbH0Yuohmd85B45G2xVsop4TM
+Dsl007U7qnS7sdJ4jYGzEvva/a95AgMBAAGjggE5MIIBNTASBgNVHRMBAf8ECDAG
+AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUYtRCXoZwdWqQvMa40k1g
+wjS6UTowHwYDVR0jBBgwFoAUhBjMhTTsvAyUlC4IWZzHshBOCggwewYIKwYBBQUH
+AQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5yb290Y2ExLmFtYXpvbnRy
+dXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NybC5yb290Y2ExLmFtYXpvbnRy
+dXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3Js
+LnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTEuY3JsMBEGA1UdIAQKMAgw
+BgYEVR0gADANBgkqhkiG9w0BAQsFAAOCAQEAfO6dSZbEgjuEREF/cAS09ZJBmd+3
+lH2lkjpULqhxMMSPwe2NxheHJO46hyp2205IcM/+/zlxUIIViissPDXyrEN6WlQa
+7Qhu/UcfCsOdCi1zjbG9Oe1Z2UQhQhHhy8zAE0/SsZaxDkQpdgnyI+oI6sEzLXoQ
+JLgiwoM0F6QzB+n18CJPihdmzqCS2Q57gATLED7umyLD0ULvmr6JRa0HyxNAFOIn
+YsYBnS9X8mkiVg+1iXsM3GjmownXvCvxG8Wf5DHFhOx9/WaA6C0k+K4tLsO3geYy
+W/LI5QFZwJMW6+ieFTjhyI6EzEolo7Z6PWaNB4X26611NpZ1IrWn56hFCw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIESTCCAzGgAwIBAgITBntQXCplJ7wevi2i0ZmY7bibLDANBgkqhkiG9w0BAQsF
+ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
+b24gUm9vdCBDQSAxMB4XDTE1MTAyMTIyMjQzNFoXDTQwMTAyMTIyMjQzNFowRjEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB
+IDFCMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDCThZn3c68asg3Wuw6MLAd5tES6BIoSMzoKcG5blPVo+sDORrMd4f2AbnZ
+cMzPa43j4wNxhplty6aUKk4T1qe9BOwKFjwK6zmxxLVYo7bHViXsPlJ6qOMpFge5
+blDP+18x+B26A0piiQOuPkfyDyeR4xQghfj66Yo19V+emU3nazfvpFA+ROz6WoVm
+B5x+F2pV8xeKNR7u6azDdU5YVX1TawprmxRC1+WsAYmz6qP+z8ArDITC2FMVy2fw
+0IjKOtEXc/VfmtTFch5+AfGYMGMqqvJ6LcXiAhqG5TI+Dr0RtM88k+8XUBCeQ8IG
+KuANaL7TiItKZYxK1MMuTJtV9IblAgMBAAGjggE7MIIBNzASBgNVHRMBAf8ECDAG
+AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUWaRmBlKge5WSPKOUByeW
+dFv5PdAwHwYDVR0jBBgwFoAUhBjMhTTsvAyUlC4IWZzHshBOCggwewYIKwYBBQUH
+AQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5yb290Y2ExLmFtYXpvbnRy
+dXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NybC5yb290Y2ExLmFtYXpvbnRy
+dXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3Js
+LnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTEuY3JsMBMGA1UdIAQMMAow
+CAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IBAQAfsaEKwn17DjAbi/Die0etn+PE
+gfY/I6s8NLWkxGAOUfW2o+vVowNARRVjaIGdrhAfeWHkZI6q2pI0x/IJYmymmcWa
+ZaW/2R7DvQDtxCkFkVaxUeHvENm6IyqVhf6Q5oN12kDSrJozzx7I7tHjhBK7V5Xo
+TyS4NU4EhSyzGgj2x6axDd1hHRjblEpJ80LoiXlmUDzputBXyO5mkcrplcVvlIJi
+WmKjrDn2zzKxDX5nwvkskpIjYlJcrQu4iCX1/YwZ1yNqF9LryjlilphHCACiHbhI
+RnGfN8j8KLDVmWyTYMk8V+6j0LI4+4zFh2upqGMQHL3VFVFWBek6vCDWhB/b
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIESTCCAzGgAwIBAgITBn+UV4WH6Kx33rJTMlu8mYtWDTANBgkqhkiG9w0BAQsF
@@ -5035,6 +9024,198 @@ upRyzQ7qDn1X8nn8N8V7YJ6y68AtkHcNSRAnpTitxBKjtKPISLMVCx7i4hncxHZS
 yLyKQXhw2W2Xs0qLeC1etA+jTGDK4UfLeC0SF7FSi8o5LL21L8IzApar2pR/
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIICuzCCAmGgAwIBAgITBn+UV1j+VbnuP3WDHUfwfSJsijAKBggqhkjOPQQDAjA5
+MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
+Um9vdCBDQSAzMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjELMAkG
+A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENBIDNB
+MQ8wDQYDVQQDEwZBbWF6b24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATYcYsK
+mYdR0Gj8Xz45E/lfcTTnXhg2EtAIYBIHyXv/ZQyyyCas1aptX/I5T1coT6XK181g
+nB8hADuKfWlNoIYRo4IBOTCCATUwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8B
+Af8EBAMCAYYwHQYDVR0OBBYEFATc4JXl6LlrlKHvjFsxHhN+VZfaMB8GA1UdIwQY
+MBaAFKu229cGnjesMIYHkXDHnMQZsXjAMHsGCCsGAQUFBwEBBG8wbTAvBggrBgEF
+BQcwAYYjaHR0cDovL29jc3Aucm9vdGNhMy5hbWF6b250cnVzdC5jb20wOgYIKwYB
+BQUHMAKGLmh0dHA6Ly9jcnQucm9vdGNhMy5hbWF6b250cnVzdC5jb20vcm9vdGNh
+My5jZXIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NybC5yb290Y2EzLmFtYXpv
+bnRydXN0LmNvbS9yb290Y2EzLmNybDARBgNVHSAECjAIMAYGBFUdIAAwCgYIKoZI
+zj0EAwIDSAAwRQIgOl/vux0qfxNm05W3eofa9lKwz6oKvdu6g6Sc0UlwgRcCIQCS
+WSQ6F6JHLoeOWLyFFF658eNKEKbkEGMHz34gLX/N3g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIERzCCAy+gAwIBAgITBn+UV1CMZIwJymUucXkYMOclkjANBgkqhkiG9w0BAQsF
+ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
+b24gUm9vdCBDQSAxMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB
+IDFBMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCeQM3XCsIZunv8bSJxOqkc/ed87uL76FDB7teBNThDRB+1J7aITuadbNfH
+5ZfZykrdZ1qQLKxP6DwHOmJr9u2b4IxjUX9qUMuq4B02ghD2g6yU3YivEosZ7fpo
+srD2TBN29JpgPGrOrpOE+ArZuIpBjdKFinemu6fTDD0NCeQlfyHXd1NOYyfYRLTa
+xlpDqr/2M41BgSkWQfSPHHyRWNQgWBiGsIQaS8TK0g8OWi1ov78+2K9DWT+AHgXW
+AanjZK91GfygPXJYSlAGxSiBAwH/KhAMifhaoFYAbH0Yuohmd85B45G2xVsop4TM
+Dsl007U7qnS7sdJ4jYGzEvva/a95AgMBAAGjggE5MIIBNTASBgNVHRMBAf8ECDAG
+AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUYtRCXoZwdWqQvMa40k1g
+wjS6UTowHwYDVR0jBBgwFoAUhBjMhTTsvAyUlC4IWZzHshBOCggwewYIKwYBBQUH
+AQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5yb290Y2ExLmFtYXpvbnRy
+dXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5yb290Y2ExLmFtYXpvbnRy
+dXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3Js
+LnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTEuY3JsMBEGA1UdIAQKMAgw
+BgYEVR0gADANBgkqhkiG9w0BAQsFAAOCAQEAMHbSWHRFMzGNIE0qhN6gnRahTrTU
+CDPwe7l9/q0IA+QBlrpUHnlAreetYeH1jB8uF3qXXzy22gpBU7NqulTkqSPByT1J
+xOhpT2FpO5R3VAdMPdWfSEgtrED0jkmyUQrR1T+/A+nBLdJZeQcl+OqLgeY790JM
+JJTsJnnI6FBWeTGhcDI4Y+n3KS3QCVePeWI7jx1dhrHcXH+QDX8Ywe31hV7YENdr
+HDpUXrjK6eHN8gazy8G6pndXHFwHp4auiZbJbYAk/q1peOTRagD2JojcLkm+i3cD
+843t4By6YT/PVlePU2PCWejkrJQnKQAPOov7IA8kuO2RDWuzE/zF6Hotdg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGRzCCBC+gAwIBAgITBn+UV1Xxh6kfgWPz5iRiAXf/ODANBgkqhkiG9w0BAQwF
+ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
+b24gUm9vdCBDQSAyMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB
+IDJBMQ8wDQYDVQQDEwZBbWF6b24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQC0P8hSLewmrZ41CCPBQytZs5NBFMq5ztbnMf+kZUp9S25LPfjNW3zgC/6E
+qCTWNVMMHhq7ez9IQJk48qbfBTLlZkuKnUWbA9vowrDfcxUN0mRE4B/TJbveXyTf
+vE91iDlqDrERecE9D8sdjzURrtHTp27lZdRkXFvfEVCq4hl3sHkzjodisaQthLp1
+gLsiA7vKt+8zcL4Aeq52UyYb8r4/jdZ3KaQp8O/T4VwDCRKm8ey3kttpJWaflci7
+eRzNjY7gE3NMANVXCeQwOBfH2GjINFCObmPsqiBuoAnsv2k5aQLNoU1OZk08ClXm
+mEZ2rI5qZUTX1HuefBJnpMkPugFCw8afaHnB13SkLE7wxX8SZRdDIe5WiwyDL1tR
+2+8lpz4JsMoFopHmD3GaHyjbN+hkOqHgLltwewOsiyM0u3CZphypN2KeD+1FLjnY
+TgdIAd1FRgK2ZXDDrEdjnsSEfShKf0l4mFPSBs9E3U6sLmubDRXKLLLpa/dF4eKu
+LEKS1bXYT28iM6D5gSCnzho5G4d18jQD/slmc5XmRo5Pig0RyBwDaLuxeIZuiJ0A
+J6YFhffbrLYF5dEQl0cU+t3VBK5u/o1WkWXsZawU038lWn/AXerodT/pAcrtWA4E
+NQEN09WEKMhZVPhqdwhF/Gusr04mQtKt7T2v6UMQvtVglv5E7wIDAQABo4IBOTCC
+ATUwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYE
+FNpDStD8AcBLv1gnjHbNCoHzlC70MB8GA1UdIwQYMBaAFLAM8Eww9AVYAkj9M+VS
+r0uE42ZSMHsGCCsGAQUFBwEBBG8wbTAvBggrBgEFBQcwAYYjaHR0cDovL29jc3Au
+cm9vdGNhMi5hbWF6b250cnVzdC5jb20wOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQu
+cm9vdGNhMi5hbWF6b250cnVzdC5jb20vcm9vdGNhMi5jZXIwPwYDVR0fBDgwNjA0
+oDKgMIYuaHR0cDovL2NybC5yb290Y2EyLmFtYXpvbnRydXN0LmNvbS9yb290Y2Ey
+LmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQEMBQADggIBAEO5W+iF
+yChjDyyrmiwFupVWQ0Xy2ReFNQiZq7XKVHvsLQe01moSLnxcBxioOPBKt1KkZO7w
+Gcbmke0+7AxLaG/F5NPnzRtK1/pRhXQ0XdU8pVh/1/h4GoqRlZ/eN0JDarUhZPkV
+kSr96LUYDTxcsAidF7zkzWfmtcJg/Aw8mi14xKVEa6aVyKu54c8kKkdlt0WaigOv
+Z/xYhxp24AfoFKaIraDNdsD8q2N7eDYeN4WGLzNSlil+iFjzflI9mq1hTuI/ZNjV
+rbvob6FUQ8Cc524gMjbpZCNuZ1gfXzwwhGp0AnQF6CJsWF9uwPpZEVFnnnfiWH3M
+oup41EvBhqaAqOlny0sm5pI82nRUCAE3DLkJ1+eAtdQaYblZQkQrRyTuPmJEm+5y
+QwdDVw6uHc5OsSj/tyhh8zJ2Xq3zgh3dMONGjJEysxGaCoIb+61PWwMy2dIarVwI
+r+c+AY+3PrhgBspNdWZ87JzNHii7ksdjUSVGTTy1vGXgPYrv0lp0IMnKaZP58xiw
+rDx7uTlQuPVWNOZvCaT3ZcoxTsNKNscIUe+WJjWx5hdzpv/oksDPY5ltZ0j3hlDS
+D+Itk95/cNJVRM/0HpxI1SX9MTZtOSJoEDdUtOpVaOuBAvEK4gvTzdt0r5L+fuI6
+o5LAuRo/LO1xVRH49KFRoaznzU3Ch9+kbPb3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAn6gAwIBAgITBn+UV1qIYqkHLjI5w3zroSdOGDAKBggqhkjOPQQDAzA5
+MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
+Um9vdCBDQSA0MB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjELMAkG
+A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENBIDRB
+MQ8wDQYDVQQDEwZBbWF6b24wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASRP0kIW0Ha
+7+ORvEVhIS5gIgkH66X5W9vBRTX14oG/1elIyI6LbFZ+E5KAufL0XoWJGI1WbPRm
+HW246FKSzF0wOEZZyxEROz6tuaVsnXRHRE76roS/Wr064uJpKH+Lv+SjggE5MIIB
+NTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQU
+pSHN2+tTIZmqytlnQpQlsnv0wuMwHwYDVR0jBBgwFoAU0+zHOmVuzOHadppW+5zz
+hm1X5YEwewYIKwYBBQUHAQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5y
+b290Y2E0LmFtYXpvbnRydXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5y
+b290Y2E0LmFtYXpvbnRydXN0LmNvbS9yb290Y2E0LmNlcjA/BgNVHR8EODA2MDSg
+MqAwhi5odHRwOi8vY3JsLnJvb3RjYTQuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTQu
+Y3JsMBEGA1UdIAQKMAgwBgYEVR0gADAKBggqhkjOPQQDAwNpADBmAjEA59RAOBaj
+uh0rT/OOTWPEv6TBnb9XEadburBaXb8SSrR8il+NdkfS9WXRAzbwrG7LAjEA3ukD
+1HrQq+WXHBM5sIuViJI/Zh7MOjsc159Q+dn36PBqLRq03AXqE/lRjnv8C5nj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEojCCA4qgAwIBAgITBn+UV0u3B10+SJZceDIkqnVP7TANBgkqhkiG9w0BAQsF
+ADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNj
+b3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9sb2dpZXMsIEluYy4x
+OzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRlIEF1
+dGhvcml0eSAtIEcyMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjEL
+MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB
+IDBBMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQChhTHcMX+WcSKio/2VJ8N0cCpdrUf4oB9V+fx2dFxU+XgRvszhgePcNKv5
+d7a0qOWF9uLmYix0BP34xYujNe0TTGBjOdjCWmTLi9mb5gO8Qxe3eaPZFHX2JbA+
+GeqyLkv3/Dt4SkggAZX1PvoaPlCytHCW7qDdo+ycuqwrrfl0fYfJrEA+O5x8v+uH
+UmC5APF5vYE8XdGhGra5JRot2TY3P+Kh1AfuJWPLBRgmmbPscv81zVdl+LzZdGFP
+dCnCwE9OKd4stKNkO2vTwdJykLgovcF889LQdbPfCx7UaDeHdAcJLyNcS0i5FrHD
+7hNfwzfpOORF0+1wF6HdE/GBUJBJAgMBAAGjggE0MIIBMDASBgNVHRMBAf8ECDAG
+AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUl+rEItIGGO2FBP/cUsJu
+2w4G4T8wHwYDVR0jBBgwFoAUnF8A36oB1zArOIiiuG1KnPIRkYMweAYIKwYBBQUH
+AQEEbDBqMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5yb290ZzIuYW1hem9udHJ1
+c3QuY29tMDgGCCsGAQUFBzAChixodHRwOi8vY3J0LnJvb3RnMi5hbWF6b250cnVz
+dC5jb20vcm9vdGcyLmNlcjA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnJv
+b3RnMi5hbWF6b250cnVzdC5jb20vcm9vdGcyLmNybDARBgNVHSAECjAIMAYGBFUd
+IAAwDQYJKoZIhvcNAQELBQADggEBAK/GJ9NNlVof/45Jo9qouxV79fiyONjw5Kym
+nZpko27O2TQwnSN4xguhR9qPCLJFfzxpybjZK52+bpNpXbWOoZKEsXIFxShocXmx
+xY3jpQRDijIqyB1wEEYV/0S4J6dGtdx9xb/t1L6/53ogFPa17v+dFhJQ0WwIzfTW
+R/Vox5ZrJ/sgBIgylEJWsEUX0hc+QwryeGU9Ylv2XIcmANzoH2tQnHs1v8GG3FYY
+RZ4FeoPETzXfKd98y0l9v6lx2guQ4hNA3vCYDMF+w/2TcVW6YPVMjEkuRN2hypcY
+uNmaqaMA0K0ZD7nQOedXceNRfr+GruHRduh2EZI0gMxfOpwfn98=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFjCCA/6gAwIBAgIUd1lPuyJwOPtSCX5horf4hQVMT3swDQYJKoZIhvcNAQEL
+BQAwUTELMAkGA1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6
+ZW5pb3dhIFMuQS4xGDAWBgNVBAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMjYx
+MzExMjBaFw0yNTEwMjYxMzExMjBaMFQxCzAJBgNVBAYTAlBMMSgwJgYDVQQKDB9L
+cmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRswGQYDVQQDDBJTWkFGSVIg
+VHJ1c3RlZCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRPDG3
+TdHUJWZi/x+ncAOe378KXBAsSasFxlqzntuB2EcvzqcuEzuwgftT/JH5vAaz2V57
+Q3OW3qc2CCBdIbUQkIu6Rk2Wzjb55tlw4SugjmK3eSwid3e/61P7H3ygvRrDTUfg
+svUP+h3JYfm31en7+lJrzanLTDmQRgmzscZ1y4LpCq0OUtzUpnpMsXnHBYcbJ2y2
+3NCNbYkuoRM1Wt7eHReKMzOlMr4QAIJxVBZDxOhz/HgqVRqX7TqchnhVR2AOm+GZ
+Kb4CWx2R4GJBTBrxX/4/7o/nGlto9NfrUz/UvptkJ1boCBJvKAsjQlpCmjAKQYXf
+nb8wc7+wEi+rDMg7AgMBAAGjggHhMIIB3TAPBgNVHRMBAf8EBTADAQH/MHoGCCsG
+AQUFBwEBBG4wbDAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AuZWxla3Ryb25pY3pu
+eXBvZHBpcy5wbDA6BggrBgEFBQcwAoYuaHR0cDovL2NkcC5lbGVrdHJvbmljem55
+cG9kcGlzLnBsL3Jvb3RfY2EyLmNydDBmBgNVHSAEXzBdMFsGCyqEaAGG9yMBAgEB
+MEwwSgYIKwYBBQUHAgEWPmh0dHA6Ly93d3cuZWxla3Ryb25pY3pueXBvZHBpcy5w
+bC9pbmZvcm1hY2plL2Rva3VtZW50eS1pLXVtb3d5MA4GA1UdDwEB/wQEAwIBBjB2
+BgNVHSMEbzBtoVWkUzBRMQswCQYDVQQGEwJQTDEoMCYGA1UECgwfS3Jham93YSBJ
+emJhIFJvemxpY3plbmlvd2EgUy5BLjEYMBYGA1UEAwwPU1pBRklSIFJPT1QgQ0Ey
+ghQ+il0H7FXSMtW347ZfAest3OTW5DA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8v
+Y2RwLmVsZWt0cm9uaWN6bnlwb2RwaXMucGwvcm9vdF9jYTIuY3JsMB0GA1UdDgQW
+BBQedbwzox9qzH7P3QU+27vafLzpRDANBgkqhkiG9w0BAQsFAAOCAQEAM2lRxreI
+lUtwqyOrnuCbUrffRsu5+EAXmsb6FZFo8nXlRVIQINCCEhNh/tn8HgWLdUISwb+k
+dkjCFdEoC5upvHqINxGAPp6wvQjV4Pmccs/H2miFgQXphw1Pc3P1JDZ3QasftuoF
+ITWGphhCPc8Yf3h5QeG+O8lGaZCOol8FJoucVPlQnU+wHyc+wwo2h4aYtMapd1br
+vIyyIG4zI+LFEY7ffaU9hlnhKir/xobW2YvCbqRePMEIxQVvkEIAFZzLdBv33NhJ
+5arusk8OcI9ge17maKWWr7C+/oCXXjTWj+ODfJyTvkfHmXylyxK9ZhSU78ccJdaI
+PI+Mqg6IG8PRAA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwjCCBKqgAwIBAgIQU7h+g+GcmSiTsJtJHOy46zANBgkqhkiG9w0BAQsFADA3
+MRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwWVGVsaWFTb25lcmEgUm9v
+dCBDQSB2MTAeFw0xNTEwMjcxMjE2NDZaFw0yNTEwMjcxMjE2NDZaMEcxCzAJBgNV
+BAYTAlNFMREwDwYDVQQKDAhFcmljc3NvbjElMCMGA1UEAwwcRXJpY3Nzb24gTkwg
+SW5kaXZpZHVhbCBDQSB2MzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AOzy3wAAuFDyp7vYVLfGk/fjwao71MNGNLSzzl5DtjQtMtl2ZLPZyX6ViqzTN9JO
+b7uZ6KxuGSpReQvt8XOh7iIhkKH9W5hRpbjTsJmUMJd6zifhOpNK6iSU3q44+Fjs
+QL1lVtcguUuFG6aZN0N3GFVbgt6jRrASF8t/3wy9bHPAIfMyPybpg6Y2PH5/1Nwk
+TepoDSmK69LGV+lV2IK6U9OWayZXZFIFIDCoGyFlhFxAEgN+qZ2+Rqg/0TM0oCHv
+KO2ELSGmAdnJkwizR42ji/Y9SYTSuG75mzSe6OfCGWM8Db/xvy/20aLEPXNu1PvO
+gzY63WZ6cmkWnjMlVJ90pWC2haqDm3Yf8TRdjUvAl7Pz1bTuexwShzIGakL7MkCY
+rEqHMRaojI/VStloQgW76E76zQ2byw5QxrhOUbisBSKRzlTlOZQgYFFAbG6ViF8D
+OpJh/ygtQwuTLUM5r15G7eynQV1AMTNCWcX+HUvgArUw6RfW9L58uA68GjktFTV8
+s9RlDsUqsNcLqeXaV28S2WMday0YGaq/bloS8AD7KuumUKH+Ri9IGO9mJvP05tvD
+HjKpLvv80c3WLJnJU/aznYHYEt2+jjKHOTqdGTxL/zMdpRSQFSuu+KM8NoYrkU1V
+JqKga+QLsgqKghMp99gu1P1e6KsqseWHdXORrMbjqkBXAgMBAAGjggG4MIIBtDCB
+igYIKwYBBQUHAQEEfjB8MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC50cnVzdC50
+ZWxpYXNvbmVyYS5jb20wSwYIKwYBBQUHMAKGP2h0dHA6Ly9yZXBvc2l0b3J5LnRy
+dXN0LnRlbGlhc29uZXJhLmNvbS90ZWxpYXNvbmVyYXJvb3RjYXYxLmNlcjASBgNV
+HRMBAf8ECDAGAQH/AgEAMFUGA1UdIAROMEwwSgYMKwYBBAGCDwIDAQECMDowOAYI
+KwYBBQUHAgEWLGh0dHBzOi8vcmVwb3NpdG9yeS50cnVzdC50ZWxpYXNvbmVyYS5j
+b20vQ1BTMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwtMy50cnVzdC50ZWxp
+YXNvbmVyYS5jb20vdGVsaWFzb25lcmFyb290Y2F2MS5jcmwwHQYDVR0lBBYwFAYI
+KwYBBQUHAwIGCCsGAQUFBwMEMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUHHsZ
+npecdqwgPdjc45Fq49stplMwHwYDVR0jBBgwFoAU8I9ZOACz9Y+algzV6/p7qhfo
+ExIwDQYJKoZIhvcNAQELBQADggIBAFBYa/HVjDu0LqtXQ8iMp8PLFpqchf41ksQY
+6R1AsoZbaBUu0NQlAQ9GzlC1pmI5s0cJnuaZI0xV6TiWS3/R2p9UgW61XD9CTIUb
+AL31mY3BdJf3P46gzKgQEca/DlFjq9GVmuPS4q90BLNgvgoxoHubc3C6s0OaY1sb
+nay5EhnvrAE4Q511FlxmJPLnRmQGpieeXa3cPegFfY1kJDKyyFRypF1RuRLXcdMI
+gKEy5NX1bS3M9dQ4mgmUmVT2d33UiKSEYQ6s/B+LFaaz4LywXSv2o3W4kbHoQs86
+IWst821ww0wxsCpEfClIvF7fBw2QkbG/1PwuzAuLVStEhDzkAqOrMGctKyNEaBsy
+An7Eq2eCa8QDXnkmagp9QPsNFs/oqnXj9j1cVtH9a4OPzhtg0pd7gd0NzU/5Qxib
+XqbYvouQgihGXHQDmaL4ruN7C4arMUqRo82YnREsKL7h3j/jtmzcMLc9Q07F04QQ
+d/iSR1Y5pIi6PdNBiE2/4uyAXS6KOIGZrPbNQUNrZtwiQpqQNl8AUzgegfPwrYFl
+FocpaF3d1m5r+2VKKqiRQVfYPGYeZnWfkcz06JoAhc/9mjbHXSP9hvWYzeLRuoZq
+HGUdjOX9DIQb926OneV7C5WMIjSY8ORkamG/HKqngmjypL3gSc6oG/E6B+1i6Ds5
+j0Qpj5aQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIDKjCCArGgAwIBAgIQBKKQ483uTcbgQukrrTp0djAKBggqhkjOPQQDAzBhMQsw
 CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
 ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
@@ -5054,6 +9235,1374 @@ GDAWgBSz20ik+aHF2K42QcwRY2liKbxLxjAKBggqhkjOPQQDAwNnADBkAjAXpd16
 k9EL9+hQB5Ex18DrxgLJEXfMGH9KjPXSvdZLDWDRUS/ZnYmOIarXlAWRRgvqAg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIGMjCCBRqgAwIBAgIDD+RMMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD
+QSAzIDIwMTMwHhcNMTUxMTEyMTY1MjU5WhcNMjgwOTIwMDgyNTUxWjBFMQswCQYD
+VQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR8wHQYDVQQDDBZVbmlwZXIg
+R3JvdXAgQ0EgMiAyMDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+3x/rk3C8aIDKI4vPR8wiLGtn5Syx6b9xSNvkLfSvdaTcu85qgFb49bu342Npck9Z
+FnfCa7LmBhvCBhgrDZArZkTBoTjbBozW75jAuxsTutQ0UMr4a+6JaZgjLPXg1kP0
+trvtHx7ftwn08z3MUOeczwHHYHo0whUJvyW6+0hlrYlhhPXmNs30vx9D7sGv4EZ+
+PtFaRYUWHW47Em6RTpCns2oYG9+mRls41K4kmaeLKQpY67yyHXeTSvOsukMxCTwu
+2SLBJXqUTDc06/crZMiys21Iw4c8hEUy/sWW4uIN0XbB29G8IDUXnmmhwjqp1kHb
+yr5b5fvQzgqHt1SaWADhYQIDAQABo4IDKTCCAyUwHwYDVR0jBBgwFoAUP5DIfccV
+b/Mkj6nDL0uiDyGyL+cwggFdBggrBgEFBQcBAQSCAU8wggFLMDIGCCsGAQUFBzAB
+hiZodHRwOi8vcm9vdC1jYS0zLTIwMTMub2NzcC5kLXRydXN0Lm5ldDBQBggrBgEF
+BQcwAoZEaHR0cDovL3BraS5pbnRyYW5ldC51bmlwZXIuZW5lcmd5L2NhY2VydHMv
+RC1UUlVTVF9Sb290X0NBXzNfMjAxMy5jcnQwRQYIKwYBBQUHMAKGOWh0dHA6Ly93
+d3cuZC10cnVzdC5uZXQvY2dpLWJpbi9ELVRSVVNUX1Jvb3RfQ0FfM18yMDEzLmNy
+dDB8BggrBgEFBQcwAoZwbGRhcDovL2NkcC1sZGFwLmludHJhbmV0LnVuaXBlci5l
+bmVyZ3kvY249RC1UUlVTVCUyMFJvb3QlMjBDQSUyMDMlMjAyMDEzLG91PWNhLG89
+dW5pcGVyLGM9ZGU/Y0FDZXJ0aWZpY2F0ZT9iYXNlPzBEBgNVHSAEPTA7MDkGCysG
+AQQBpTQCgVQBMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly93d3cudW5pcGVyLmVuZXJn
+eS9wa2kwggEZBgNVHR8EggEQMIIBDDBHoEWgQ4ZBaHR0cDovL3BraS5pbnRyYW5l
+dC51bmlwZXIuZW5lcmd5L2NybHMvRC1UUlVTVF9Sb290X0NBXzNfMjAxMy5jcmww
+O6A5oDeGNWh0dHA6Ly9jcmwuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9j
+YV8zXzIwMTMuY3JsMIGDoIGAoH6GfGxkYXA6Ly9jZHAtbGRhcC5pbnRyYW5ldC51
+bmlwZXIuZW5lcmd5L2NuPUQtVFJVU1QlMjBSb290JTIwQ0ElMjAzJTIwMjAxMyxv
+dT1jYSxvPXVuaXBlcixjPWRlP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFz
+ZT8wHQYDVR0OBBYEFBmN32A20Az5vkfbwLupgOyKBw+QMA4GA1UdDwEB/wQEAwIB
+BjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBNbcutvBX3SW1O
+o2HT/RcxmsOoDSnCcn6nX2jrC3aGBYNX1lThK7p9mXcx7e3Vugnu3RJS0YHk2hvI
+1OA3PcyAzRELS4dtAPIvCLnvNd09ml7NcTaI1fcf6QpvF9eFOsWdbEF7dN8wH92a
+IT5IwLCd+J6b7C8TdCovdKwtq0mkUwRBex26riMOUdqBPD611JOdQx8ca1pHFRKa
+G8GJdv0vbVrPaEDp4UJNF9/HdG9CIw/nFAS2Sro13BoHGk85RpZttlaTTQm6fCUD
+OdBRgZDOnQqLbQb7uq2RA8jOUY6aJ+POgOAwEXnnhOHZ0+tzUPOmL1uP6JEB+ptS
+gk1sj7jy
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGUDCCBTigAwIBAgIDFppbMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFlVuaXBlciBHcm91cCBD
+QSAyIDIwMTUwHhcNMTUxMTEyMTc0NjM3WhcNMjgwOTIwMDgyNTUxWjBYMQswCQYD
+VQQGEwJERTEcMBoGA1UECgwTVW5pcGVyIEhvbGRpbmcgR21iSDELMAkGA1UECwwC
+Q0ExHjAcBgNVBAMMFVVuaXBlciBDQSAyIDIwMTUgWFhYSTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANM/pdg3q0vc1ZLhLW4rNX15rBnM+O6XNPmYBDBc
+eIZ/7X2+eJU1Rj2RK1PI8/NHlmj4Pjr5m3fFQI1vO9y6btGIjxSqY7a1NBU0xLGM
+1Kzkc+tEtS8oUAWNX6odk1EeaRY/QlLhW3HgX3ocv/JjPUh2Cm/VflWRmrqnK0yc
+qZbvEr0uQhHHMRBgopeBKiqMPgleJ2apY9tGZIU47Y8uI3Nwx283Gvo2ux6AJHJl
+WnOiqEM8UxZs17/C9ARagnDXa+rPRIGFncrCqqYLufMsUCY+4079xjBEUdDtmCJP
++hPLGvd9vKBVEydkdwdG+xCtFXGYAr3L1to+tHnf3INXhMkCAwEAAaOCAzQwggMw
+MB8GA1UdIwQYMBaAFBmN32A20Az5vkfbwLupgOyKBw+QMIIBZQYIKwYBBQUHAQEE
+ggFXMIIBUzA6BggrBgEFBQcwAYYuaHR0cDovL3VuaXBlci1ncm91cC1jYS0yLTIw
+MTUub2NzcC5kLXRydXN0Lm5ldDBQBggrBgEFBQcwAoZEaHR0cDovL3BraS5pbnRy
+YW5ldC51bmlwZXIuZW5lcmd5L2NhY2VydHMvVW5pcGVyX0dyb3VwX0NBXzJfMjAx
+NS5jcnQwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY2dpLWJp
+bi9VbmlwZXJfR3JvdXBfQ0FfMl8yMDE1LmNydDB8BggrBgEFBQcwAoZwbGRhcDov
+L2NkcC1sZGFwLmludHJhbmV0LnVuaXBlci5lbmVyZ3kvY249VW5pcGVyJTIwR3Jv
+dXAlMjBDQSUyMDIlMjAyMDE1LG91PWNhLG89dW5pcGVyLGM9ZGU/Y0FDZXJ0aWZp
+Y2F0ZT9iYXNlPzBEBgNVHSAEPTA7MDkGCysGAQQBpTQCgVQBMCowKAYIKwYBBQUH
+AgEWHGh0dHA6Ly93d3cudW5pcGVyLmVuZXJneS9wa2kwggEZBgNVHR8EggEQMIIB
+DDBHoEWgQ4ZBaHR0cDovL3BraS5pbnRyYW5ldC51bmlwZXIuZW5lcmd5L2NybHMv
+VW5pcGVyX0dyb3VwX0NBXzJfMjAxNS5jcmwwO6A5oDeGNWh0dHA6Ly9jcmwuZC10
+cnVzdC5uZXQvY3JsL3VuaXBlcl9ncm91cF9jYV8yXzIwMTUuY3JsMIGDoIGAoH6G
+fGxkYXA6Ly9jZHAtbGRhcC5pbnRyYW5ldC51bmlwZXIuZW5lcmd5L2NuPVVuaXBl
+ciUyMEdyb3VwJTIwQ0ElMjAyJTIwMjAxNSxvdT1jYSxvPXVuaXBlcixjPWRlP2Nl
+cnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT8wHQYDVR0OBBYEFNjDBA5VlnVj
+TCAOlF8sGtRDJzYDMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MA0GCSqGSIb3DQEBCwUAA4IBAQC98WbK/MkD67Nn+pFimzS8TrY/8tNQduCBrJa5
+lPCy5E7v9Iuw/0BFMLuTPpJwQIhy/98sHqF/iwWcG5jL+SLouKowQyVRZA3+JKiL
+0xH7eSuf1FFcOr9j30R/GpmLIAiF8ZFXEAo+mSGG6cYysSL4EFDJAaJ3e8IG/hrK
+7ck2a+5Cku4+xPY+vLBTHvBNojrohJp+/kv6Q0FbXgScsjvBldJzcwJO1JTKSK+v
+zcalE0zhdpVnwWkY8br/kWqJEcKCInxyxGyQT8C1osVSwzuE8nKemBFzDQh4HTuM
+gQ4XH/L2km5wPw4kxrkhdzJj1OiDrKusJiUOiVwJ+hpehxBG
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGUTCCBTmgAwIBAgIDFppfMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFlVuaXBlciBHcm91cCBD
+QSAyIDIwMTUwHhcNMTUxMTEyMTc1NjM3WhcNMjgwOTIwMDgyNTUxWjBZMQswCQYD
+VQQGEwJERTEcMBoGA1UECgwTVW5pcGVyIEhvbGRpbmcgR21iSDELMAkGA1UECwwC
+Q0ExHzAdBgNVBAMMFlVuaXBlciBDQSAyIDIwMTUgWFhYSUkwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDMaS2j5UDOxX1uDOVb/1MBRTRl5tbmanlq8H3B
+/rNoapTxUKNaTrN+sxVQN7tsyo1g4c3C7215X1jy6IJxB9R4ckLDobNI2UeplXp5
+S3K7RUB7CtG0EzsqzZe2uGchRZ4wr+c3nzALvX24KHIqMI8Ji+quB1kzov9DZgAT
+uOqcEsXHNJc4QMSp4eQzaiVjSBot1228x8y9nswAIm74QYq66Hsr0VkUyK95uL1n
+1PjRRxa8nvQ3W2Gx/r4msKuwKQ3I7EuMLsynbDTBkyOqrTXjG2xU3lDeMdg6Lgly
+pP6u3kyhqbzo3/x4L2kZKKbzQM6LRkiTK0DBiISXMIpZOr4pAgMBAAGjggM0MIID
+MDAfBgNVHSMEGDAWgBQZjd9gNtAM+b5H28C7qYDsigcPkDCCAWUGCCsGAQUFBwEB
+BIIBVzCCAVMwOgYIKwYBBQUHMAGGLmh0dHA6Ly91bmlwZXItZ3JvdXAtY2EtMi0y
+MDE1Lm9jc3AuZC10cnVzdC5uZXQwUAYIKwYBBQUHMAKGRGh0dHA6Ly9wa2kuaW50
+cmFuZXQudW5pcGVyLmVuZXJneS9jYWNlcnRzL1VuaXBlcl9Hcm91cF9DQV8yXzIw
+MTUuY3J0MEUGCCsGAQUFBzAChjlodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NnaS1i
+aW4vVW5pcGVyX0dyb3VwX0NBXzJfMjAxNS5jcnQwfAYIKwYBBQUHMAKGcGxkYXA6
+Ly9jZHAtbGRhcC5pbnRyYW5ldC51bmlwZXIuZW5lcmd5L2NuPVVuaXBlciUyMEdy
+b3VwJTIwQ0ElMjAyJTIwMjAxNSxvdT1jYSxvPXVuaXBlcixjPWRlP2NBQ2VydGlm
+aWNhdGU/YmFzZT8wRAYDVR0gBD0wOzA5BgsrBgEEAaU0AoFUATAqMCgGCCsGAQUF
+BwIBFhxodHRwOi8vd3d3LnVuaXBlci5lbmVyZ3kvcGtpMIIBGQYDVR0fBIIBEDCC
+AQwwR6BFoEOGQWh0dHA6Ly9wa2kuaW50cmFuZXQudW5pcGVyLmVuZXJneS9jcmxz
+L1VuaXBlcl9Hcm91cF9DQV8yXzIwMTUuY3JsMDugOaA3hjVodHRwOi8vY3JsLmQt
+dHJ1c3QubmV0L2NybC91bmlwZXJfZ3JvdXBfY2FfMl8yMDE1LmNybDCBg6CBgKB+
+hnxsZGFwOi8vY2RwLWxkYXAuaW50cmFuZXQudW5pcGVyLmVuZXJneS9jbj1Vbmlw
+ZXIlMjBHcm91cCUyMENBJTIwMiUyMDIwMTUsb3U9Y2Esbz11bmlwZXIsYz1kZT9j
+ZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/MB0GA1UdDgQWBBQL8w02B7li
+MhAwqXZThnZga0N4TDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADANBgkqhkiG9w0BAQsFAAOCAQEAaQOxk1UmKg5Zl2J1czo8zWxPNly1w9pyOlOA
+Kvz0Y74TkaXYi5CF6mW+YdiPyLDopXo5W/1MSa7C4MbPuR9yjW0w9j9E4zi5R13M
+Urxi7Qx2mo11JzP6UPDUdvm3Wadd6jUgmg8rbDPfXE3ZofuI63c60W2lpjuf+Oon
+fWeh2hfdErDUPt/iUgaHfezB5VriJ38F76vcJnx1a+7RrV4jnZnprrG/gY60dOBt
+jzxoXENzmeLF9yP4siMTJ/Ow6m3CoMWLS8i4dxkFMA6YUiTyT1GSMD6tW3taoThM
+dC+WlqX4IlEzkJZlq7E3PqIfv4VswSKMzmUIWLwKqvP0+WXgZw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGUjCCBTqgAwIBAgIDFppgMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFlVuaXBlciBHcm91cCBD
+QSAyIDIwMTUwHhcNMTUxMTEyMTgwOTUwWhcNMjgwOTIwMDgyNTUxWjBaMQswCQYD
+VQQGEwJERTEcMBoGA1UECgwTVW5pcGVyIEhvbGRpbmcgR21iSDELMAkGA1UECwwC
+Q0ExIDAeBgNVBAMMF1VuaXBlciBDQSAyIDIwMTUgWFhYSUlJMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraOZsN9tejelVAXchoAtODelndVWV5kl5rJV
+RhFJOORamd5kK3VoinCitp3OCy1uoboLtF5s4L31UOb6b3cVCsS5nhy7Y/ApHO2N
+o6En4GlVFhpKel1A3N9znM0MyCmtzYY0bZgUSCXd3ajJfRJrX0QzHhhLqLZVTNZ8
+s5zU047m4zYoYi6M/ZVWxph1j9XB6rexSKaHBjzpMk1Tk+WJacpucpgQrMsewxlR
+/9Fvoh+ZImnKKN4l0vilR87cKMLbUb66uf6YPsAv0ZFfMkZE2iaPd8WCmbD7rSho
+pr68Nywa0/yKhYnacPcDqgbo5s+RkR46lFASIznw4A3GRFnFfQIDAQABo4IDNDCC
+AzAwHwYDVR0jBBgwFoAUGY3fYDbQDPm+R9vAu6mA7IoHD5AwggFlBggrBgEFBQcB
+AQSCAVcwggFTMDoGCCsGAQUFBzABhi5odHRwOi8vdW5pcGVyLWdyb3VwLWNhLTIt
+MjAxNS5vY3NwLmQtdHJ1c3QubmV0MFAGCCsGAQUFBzAChkRodHRwOi8vcGtpLmlu
+dHJhbmV0LnVuaXBlci5lbmVyZ3kvY2FjZXJ0cy9VbmlwZXJfR3JvdXBfQ0FfMl8y
+MDE1LmNydDBFBggrBgEFBQcwAoY5aHR0cDovL3d3dy5kLXRydXN0Lm5ldC9jZ2kt
+YmluL1VuaXBlcl9Hcm91cF9DQV8yXzIwMTUuY3J0MHwGCCsGAQUFBzAChnBsZGFw
+Oi8vY2RwLWxkYXAuaW50cmFuZXQudW5pcGVyLmVuZXJneS9jbj1VbmlwZXIlMjBH
+cm91cCUyMENBJTIwMiUyMDIwMTUsb3U9Y2Esbz11bmlwZXIsYz1kZT9jQUNlcnRp
+ZmljYXRlP2Jhc2U/MEQGA1UdIAQ9MDswOQYLKwYBBAGlNAKBVAEwKjAoBggrBgEF
+BQcCARYcaHR0cDovL3d3dy51bmlwZXIuZW5lcmd5L3BraTCCARkGA1UdHwSCARAw
+ggEMMEegRaBDhkFodHRwOi8vcGtpLmludHJhbmV0LnVuaXBlci5lbmVyZ3kvY3Js
+cy9VbmlwZXJfR3JvdXBfQ0FfMl8yMDE1LmNybDA7oDmgN4Y1aHR0cDovL2NybC5k
+LXRydXN0Lm5ldC9jcmwvdW5pcGVyX2dyb3VwX2NhXzJfMjAxNS5jcmwwgYOggYCg
+foZ8bGRhcDovL2NkcC1sZGFwLmludHJhbmV0LnVuaXBlci5lbmVyZ3kvY249VW5p
+cGVyJTIwR3JvdXAlMjBDQSUyMDIlMjAyMDE1LG91PWNhLG89dW5pcGVyLGM9ZGU/
+Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlPzAdBgNVHQ4EFgQU+af6WbQn
+kHY0LSPsrZCoE0qgowowDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwDQYJKoZIhvcNAQELBQADggEBAJCh5Cq7BMoZlQejtrFZUGL2yrktA50IMAwU
+G9Toks/nxw0p1rCltQMpyAKB5/CVXdobzgRtzcIYHqjugCd4A0GfEuPBgYsdHyJ4
+nyFtUEss/ZwgzK6njIRIEoid/QF0geQjWiWF/V6bEtt3yfkDoqHQ5i5rgLx7FTbO
+he2y095dyv1yv+hI6ro1AVeMbUMHtrqSY5F15ydZdPqTvrsfkEWd8QPIrhyECItO
+fEoIXppf8vB10x3mNeBW4L+KFVPATupuTQarDILbbpVObH8RtXk6nis3+G1yDn5i
+nNKFefD+IxxpmvL+aPWgT+IpfdSnWTsviER93t9Z+XTtKie9vSs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHNTCCBR2gAwIBAgIQBVQjPBnG8p6lFfhbaJfb7DANBgkqhkiG9w0BAQsFADBj
+MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
+ZC4xLzAtBgNVBAMMJmVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt
+IEcyMB4XDTE1MTExNzA4MzE0MVoXDTM0MTIyMDAyMzEyN1owXjELMAkGA1UEBhMC
+VFcxIzAhBgNVBAoMGkNodW5naHdhIFRlbGVjb20gQ28uLCBMdGQuMSowKAYDVQQL
+DCFlUEtJIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQDhJQ/ujduIM3Vnza0ffTpObZ3TLxTzY3TLASFq
+N+qEUAdLJlsJQ2whnmrI1QP1YGmPzPAi5B/n92oiMbcsFfLg/gBqQ/+HZca1GsGn
+TG0icCGKMfKXdIkJEiYcnsrZEqKVPNrpZ78IoGTj1kK3Re+X9Pb117VKFQJYfZhY
+S2C8zdcNmhMzU9Fh+XrV13izmjP3AIbOHU2UOK+o7HhRcIpcEINRIfcRPTSGXuVI
+zZeBgjVMGexl9mvFBaHuRxPWsyEnlBAK2SQ7ur5EE0YwP5c82NfXau47OOMr1JcO
+uRvnB0l/Nyr5d3jPVO1bRp2jgA6RQ8HWW18Uup+mjSRHQFm/cjiyNmw3/5nRXQ5Z
+Cqtp98CyBEV6VACuvlP2tefh+DyjMdKp/iFSZMWmZ/B1BwaUFIFVxifkAY8XwWpx
+175L+5RYfX4RM7FC92JsGNbPCWg+f2z2Ho9iraVj2wmnHyJCQR5vmYo+1/k/QHp5
+sKUBktKdPQgVpRABLbMydqiVDbN6mvsHEHgRb+GPx7oPJRp0KuUcmEGZ3yGH6JUG
+agqzakd2ZfY6z49iFxl7CijNGtKDHiHHLL++/2Fot2cbu3hNjc5n5eTBjrcjZuKd
+kHU0mKk2K4qalLmd7MyKsfgliVxati+MH215JKdSaMOENeJmjWMOJU3VGbLmeTen
+Ip1UMQIDAQABo4IB6DCCAeQwHwYDVR0jBBgwFoAUclu6qnI47iWQJLWUIvoJiMqL
+CvswHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/QkqiMA4GA1UdDwEB/wQEAwIB
+BjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vZWNhLmhpbmV0Lm5ldC9yZXBvc2l0
+b3J5L0NSTDIvQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wRAYIKwYBBQUHMAKGOGh0
+dHA6Ly9lY2EuaGluZXQubmV0L3JlcG9zaXRvcnkvQ2VydHMvSXNzdWVkVG9UaGlz
+Q0EucDdiMDUGCCsGAQUFBzABhilodHRwOi8vb2NzcC5lY2EuaGluZXQubmV0L09D
+U1Avb2NzcEcyc2hhMjAPBgNVHRMBAf8EBTADAQH/MIG0BgNVHSAEgawwgakwDQYL
+KwYBBAGBtyNkAAEwDQYLKwYBBAGBtyNkAAIwDQYLKwYBBAGBtyNkAAMwDQYLKwYB
+BAGBtyNkAAQwDQYLKwYBBAGBtyNkAAAwCQYHYIZ2AWQAATAJBgdghnYBZAACMAkG
+B2CGdgFkAAMwCQYHYIZ2AWQABDAJBgdghnYBZAAAMAgGBmeBDAECATAIBgZngQwB
+AgIwCAYGZ4EMAQIDMAcGBWeBDAEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFQwADfZ99
+HtG9yxM4ll7ky9eZOoLuH+IpuC/F1trdc5oWCR087nOHPkDNRlbQbkZljYTg7qG3
+5LgtugFBXc0LPuwAPlKDngdRJguL9vfMDSnisW7JXFsv3ArG5zeyVn+vqK1+cqPa
+Pd/LdfpL0YFTWHEXyPnOUm7x97Dy9wU9dtE/h1G6L2AQmIkYK+fpIeXEN7uz4vio
+pcPvxEykO8QkAR74vLrLj87lKJABY6BvRbzkR+mFTvC1u1DOKeyUdSWYnOgVgcpV
+RXE5IyleB35EcyYSBLw6PAyV9+E4G6Gl3p8AQtD1QpIvMuKKLWqNHIF7fISv3VSj
+829LyyqRvPTwBywgYXMYOM2OmiGZYbooBDDsxOefyEPVKfw4vk84JQOoyKV/LtSJ
+4KAv1WFWefdoAfSzfK9EgH7q0f4+H0xx1lv4y47gyXyxVBIt0FdXrgsUs0MdCLTe
+CfB7BIWbofJ6241+ugEa0/JtJM1tUjIL0BeTAws+WFBIr46SeXPitJgQUfvVp7zA
+5Pgjmb8robprTMIAv1Hmlz4krE77hydE/APsZGH68gq/n//2CxHrj9qhADleYjNA
+oZEmf1C9NsaEya7pUzBUwcf/BQidnnAxz+pODwNBUIKC+cwPF+8uFx82AMujEfWz
+6WQ3FGbvbR5swAxI2gqIrtbfAmVRxMFvCw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHdTCCBV2gAwIBAgIRAMrh9z78rFuxnIjBxy9vey8wDQYJKoZIhvcNAQELBQAw
+YzELMAkGA1UEBhMCVFcxIzAhBgNVBAoMGkNodW5naHdhIFRlbGVjb20gQ28uLCBM
+dGQuMS8wLQYDVQQDDCZlUEtJIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg
+LSBHMjAeFw0xNTExMTcwODMxNDFaFw0zNDEyMjAwMjMxMjdaMF4xCzAJBgNVBAYT
+AlRXMSMwIQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEqMCgGA1UE
+CwwhZVBLSSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEh
+ajfqhFAHSyZbCUNsIZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrB
+p0xtInAhijHyl3SJCRImHJ7K2RKilTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2Y
+WEtgvM3XDZoTM1PRYfl61dd4s5oz9wCGzh1NlDivqOx4UXCKXBCDUSH3ET00hl7l
+SM2XgYI1TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX12ruOzjjK9SX
+Drkb5wdJfzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0O
+WQqraffAsgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fq
+cde+S/uUWH1+ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6
+ebClAZLSnT0IFaUQAS2zMnaolQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iV
+BmoKs2pHdmX2Os+PYhcZewoozRrSgx4hxyy/vv9haLdnG7t4TY3OZ+XkwY63I2bi
+nZB1NJipNiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXiZo1jDiVN1Rmy5nk3
+pyKdVDECAwEAAaOCAicwggIjMB8GA1UdIwQYMBaAFHJbuqpyOO4lkCS1lCL6CYjK
+iwr7MB0GA1UdDgQWBBQeDPe2Z/LhkiYJRcBVOS53P0JKojAOBgNVHQ8BAf8EBAMC
+AQYwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2VjYS5oaW5ldC5uZXQvcmVwb3Np
+dG9yeS9DUkwyL0NBLmNybDCBiwYIKwYBBQUHAQEEfzB9MEQGCCsGAQUFBzAChjho
+dHRwOi8vZWNhLmhpbmV0Lm5ldC9yZXBvc2l0b3J5L0NlcnRzL0lzc3VlZFRvVGhp
+c0NBLnA3YjA1BggrBgEFBQcwAYYpaHR0cDovL29jc3AuZWNhLmhpbmV0Lm5ldC9P
+Q1NQL29jc3BHMnNoYTIwDwYDVR0TAQH/BAUwAwEB/zCB8wYDVR0gBIHrMIHoMA0G
+CysGAQQBgbcjZAABMA0GCysGAQQBgbcjZAACMA0GCysGAQQBgbcjZAADMA0GCysG
+AQQBgbcjZAAEMA0GCysGAQQBgbcjZAAJMA0GCysGAQQBgbcjZAAAMAkGB2CGdgFk
+AAEwCQYHYIZ2AWQAAjAJBgdghnYBZAADMAkGB2CGdgFkAAQwCQYHYIZ2AWQAADAI
+BgZngQwBAgEwCAYGZ4EMAQICMAgGBmeBDAECAzA3BgVngQwBATAuMCwGCCsGAQUF
+BwIBFiBodHRwczovL2VjYS5oaW5ldC5uZXQvcmVwb3NpdG9yeTANBgkqhkiG9w0B
+AQsFAAOCAgEAbvb5/9P544BlP4nZKjoQ/tzh5CZ/WUg+JAQgMblhtRa1Zmhpl2HD
+R1rzt/jRjxOhZMqtO1ogNI6KvESAt0pBBMZv9CTBvZv47p4HnuLxCxgFBk1s73vo
+uFc13OfAeV3EVAdzSrCZLfJHHfnuvPExW4SlmEzKp3seetbjH4DUSO6ZlwKUCTme
+p4DzbP82kDnwC7igowL0w+PKZYGiNvyjZr6/V1HLOn6Z6eBqVUeIgoJRxe49PbLc
+FFKXQdoMzAeElONPUpkv7/AX7CxflnbMWNwOCFrcT6pF3kLErgz8cA0PkW6gObjU
+zYs9Uk4dGI8AU4DSvamYe6abqPEBDjFec2EbycftofsqfGNF9T8HAZDAT7HnvKnT
+lRnQU66+IJo4Hw9LNjP/NwH+ZZJaRmyE870f+Lp+I6r/aS3yDARIqK6ZVrXh9VU4
+wWNoLRWpvuUIFbVpXl8cNTHgp7QEq6oUTgCDwy9LrinBiV44PGtEHC/2U1zrbuwk
+uIRo3Dgf+lMYOLbTAYiWm807/P0kJ/fzBO+/0cReN1n1blmMrl1WFJaPRehqL1YU
+2BAcJ3TM+E5yQJzQqHPXywTHPnRJO7Nn4iJmR3bSeW1w5GhVdeP69+IO0CM0Au1c
+U9jG7d32NlY1QTMUJo22nmCCAEJKAEomOyJJ+l7BFmnnYG/UQUWuKGs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHZDCCBUygAwIBAgIRAK/NjWQsYtZFBn3IV/2o8V0wDQYJKoZIhvcNAQELBQAw
+XjELMAkGA1UEBhMCVFcxIzAhBgNVBAoMGkNodW5naHdhIFRlbGVjb20gQ28uLCBM
+dGQuMSowKAYDVQQLDCFlUEtJIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
+HhcNMTUxMTE3MDg1MTM1WhcNMzQxMjIwMDIzMTI3WjBjMQswCQYDVQQGEwJUVzEj
+MCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0ZC4xLzAtBgNVBAMMJmVQ
+S0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEApFkfoC/fvuD76dy1if5alwPJOnenjlyv8uMY
+OfWq3Q9G0mgPV5ynY2DTWM41wqf2iMJPfxso6dCnAMQXTW3iD8UOJiMgq/c6KKJM
+CgvMjs7mAJpaQA3UUBqb0Q2clPnb7lzQ8YoHzZorQCxJpF1iX6dr3+5WCFDzQhhs
+MbBe5ZxzkrwO0gx9xThXvLtY2yYZAu3jQ4SKTlZr262hMdnMImeWeP93ncxkxTIg
+au9OMNUkJf2Iea9xGv7VSxsViLwYcKq9rTgKZjBG5YmF1XYkqamz5llgD7SpU8I6
+nUUa1q7jd17EYjYzLzDEv5XxLTildejRapMuRYdLSqLfv1gnmspiGape1LGASZbd
+K+xfj5vgnZeI9YQDo6+zpXMtQbrlB7dva3H398lar2mZsy/IT0LrbGtxZ3jfCqxP
+10qFAEYa1c24n+qVnQ980cYFheYI3ogXgfbVtW7qoRzXYarjWUKJnFl+sXxkNN1h
+Iyo5tRCr/IapUxrF62rigE5ZkcA4if6zXdb7kenXsH3ZeAjM9SvMK+Gh1pRzwf5R
+9Ix9CrWairn12uDJs9iPqoKDjWlTLf0ABBhKoNpU4XmMiet/9YLnoLl3Ta75ugI7
+iHbrfF2zWhPbfCkWa5nRHeRIIaINXgGI6L7xmE0+xxZXHF/hCG8cTFhDVveAZYxx
+DqIEZ08CAwEAAaOCAhYwggISMB8GA1UdIwQYMBaAFB4M97Zn8uGSJglFwFU5Lnc/
+QkqiMB0GA1UdDgQWBBRyW7qqcjjuJZAktZQi+gmIyosK+zAOBgNVHQ8BAf8EBAMC
+AQYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2VjYS5oaW5ldC5uZXQvcmVwb3Np
+dG9yeS9DUkxfU0hBMi9DQS5jcmwwgYIGCCsGAQUFBwEBBHYwdDA7BggrBgEFBQcw
+AoYvaHR0cDovL2VjYS5oaW5ldC5uZXQvcmVwb3NpdG9yeS9DZXJ0cy9lQ0FHMS5j
+cnQwNQYIKwYBBQUHMAGGKWh0dHA6Ly9vY3NwLmVjYS5oaW5ldC5uZXQvT0NTUC9v
+Y3NwRzFzaGEyMA8GA1UdEwEB/wQFMAMBAf8wgecGA1UdIASB3zCB3DANBgsrBgEE
+AYG3I2QAATANBgsrBgEEAYG3I2QAAjANBgsrBgEEAYG3I2QAAzANBgsrBgEEAYG3
+I2QABDANBgsrBgEEAYG3I2QACTANBgsrBgEEAYG3I2QAADANBgsrBgEEAYG3I2QE
+ATANBgsrBgEEAYG3I2QEAjANBgsrBgEEAYG3I2QEAzAJBgdghnYBZAABMAkGB2CG
+dgFkAAIwCQYHYIZ2AWQAAzAJBgdghnYBZAAEMAkGB2CGdgFkAAAwCAYGZ4EMAQIB
+MAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggIBALwy4mxatKA6
+X+UM2IDpnWajNmek00EM4qh5E7eiQY0yZV5Eit9D/8q9h0hD77NjVaYPwsOWqWAi
+VtDAro+nWDHfkAG14ptRNBoGjJjzZi/+OeI2WTc8ZER6C8rAjQ7b/RxMzwxfDjRt
+gCbT2qq01rPiJ+qDgyUniDstbyQj08bSo3GJWp6ZsSNDAP26ygODpSgL0Ja806By
+k2b4npQevdkmQ0k43S9IU0MeSlWT8hxzluyFlPRl4yuev5le91outdEdpV98KvYc
+gLAWwW5UcFOM6SRsYTBS2dfSRgKreDnMNdbUHmbAVsb3wLD6WqLoe6LyRNOeXctK
+PA6+e5i/JN6NZnqejcMopuS+pyWyrNiHlRShGUfTiXrcbT8fbyOswAT8JsX4fWyZ
+Yub0kKfFG8hEKQsIxNiyKH4cw6HBih31EYaYS9IEj19NxfHl0KbPm22cpBJoGwkZ
+Wgg//PflFFHNTdKSalDxPHMKdyZbTBugLtqFVkV+vu1y6WRoGfHwzpa9aQsMWAwL
+YRnBZnSYzfN9QFZsoHCSDJJVt30Oi6fURJy34+dtvs+sQihiN886uYTJ0Cex1R+O
+b9HXCKFrGTumgwD+nitt7hwlB74K9lqrKQrtfgfBFFMG9Tu/E/OI6JoST2j8KmSN
+1rpcxoMH3tamxqm3+xpLM9HekbBoJ0V2
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHOTCCBSGgAwIBAgIQCFE9WpEE7UIP80unUKjpiDANBgkqhkiG9w0BAQsFADBe
+MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
+ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0xNTExMTcwODUxMzVaFw0zNDEyMjAwMjMxMjdaMGMxCzAJBgNVBAYTAlRXMSMw
+IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEvMC0GA1UEAwwmZVBL
+SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQCkWR+gL9++4Pvp3LWJ/lqXA8k6d6eOXK/y4xg5
+9ardD0bSaA9XnKdjYNNYzjXCp/aIwk9/Gyjp0KcAxBdNbeIPxQ4mIyCr9zoookwK
+C8yOzuYAmlpADdRQGpvRDZyU+dvuXNDxigfNmitALEmkXWJfp2vf7lYIUPNCGGwx
+sF7lnHOSvA7SDH3FOFe8u1jbJhkC7eNDhIpOVmvbraEx2cwiZ5Z4/3edzGTFMiBq
+704w1SQl/Yh5r3Ea/tVLGxWIvBhwqr2tOApmMEbliYXVdiSpqbPmWWAPtKlTwjqd
+RRrWruN3XsRiNjMvMMS/lfEtOKV16NFqky5Fh0tKot+/WCeaymIZql7UsYBJlt0r
+7F+Pm+Cdl4j1hAOjr7Olcy1BuuUHt29rcff3yVqvaZmzL8hPQutsa3FneN8KrE/X
+SoUARhrVzbif6pWdD3zRxgWF5gjeiBeB9tW1buqhHNdhquNZQomcWX6xfGQ03WEj
+Kjm1EKv8hqlTGsXrauKATlmRwDiJ/rNd1vuR6dewfdl4CMz1K8wr4aHWlHPB/lH0
+jH0KtZqKufXa4Mmz2I+qgoONaVMt/QAEGEqg2lTheYyJ63/1gueguXdNrvm6AjuI
+dut8XbNaE9t8KRZrmdEd5Eghog1eAYjovvGYTT7HFlccX+EIbxxMWENW94BljHEO
+ogRnTwIDAQABo4IB7DCCAegwHwYDVR0jBBgwFoAUHgz3tmfy4ZImCUXAVTkudz9C
+SqIwHQYDVR0OBBYEFHJbuqpyOO4lkCS1lCL6CYjKiwr7MA4GA1UdDwEB/wQEAwIB
+BjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vZWNhLmhpbmV0Lm5ldC9yZXBvc2l0
+b3J5L0NSTF9TSEEyL0NBLmNybDCBiwYIKwYBBQUHAQEEfzB9MEQGCCsGAQUFBzAC
+hjhodHRwOi8vZWNhLmhpbmV0Lm5ldC9yZXBvc2l0b3J5L0NlcnRzL0lzc3VlZFRv
+VGhpc0NBLnA3YjA1BggrBgEFBQcwAYYpaHR0cDovL29jc3AuZWNhLmhpbmV0Lm5l
+dC9PQ1NQL29jc3BHMXNoYTIwDwYDVR0TAQH/BAUwAwEB/zCBtAYDVR0gBIGsMIGp
+MA0GCysGAQQBgbcjZAABMA0GCysGAQQBgbcjZAACMA0GCysGAQQBgbcjZAADMA0G
+CysGAQQBgbcjZAAEMA0GCysGAQQBgbcjZAAAMAkGB2CGdgFkAAEwCQYHYIZ2AWQA
+AjAJBgdghnYBZAADMAkGB2CGdgFkAAQwCQYHYIZ2AWQAADAIBgZngQwBAgEwCAYG
+Z4EMAQICMAgGBmeBDAECAzAHBgVngQwBATANBgkqhkiG9w0BAQsFAAOCAgEAkSUX
+zwsdegsqsfgqXDSr0MQVv4MtQs5Nydg/NQ+Ed6bQvpdtSNkCtpGq+WsewlSDmt+K
+3cpCgX11V5M8j920etgfjQOxl2Q0a7sQXcBQo+15JFnxQF3DYqcpOWwy+deUIYPn
+7MlOeMbtnR76F0DJTOKTqKNHUK+F0ZV1Ezi87/qW47OcZzDmP0X+DYxEXUNzCU1v
+91vTB5xOd6fXYQ9bfGuBLOcJhMqJfrp4c8LHFaO52ifBeLeIj8CzhT+xOqRV1au7
+1sZ16NMQqrdHC39c6kt6wHzHTt8simwdrjtxskLud55TwmHuDw9VJpABqkF7Kg/S
+DMbtobxp1QJsRM1TDXqDEelGJtEKsKp6tjc5qny4NcdF4CDO3P+C75T4jsFCx66a
+6AUNKQlsVhf4osvXuGyRi0uaYAXFZuKnwWv0rqyW5RPHhxn+D/aeETrbGEVkGxaD
+zcttfNluK/P05jWFjZQLzU/+tNpki2RsfIArCpG9q1A4jWgO9PNDLn4m8aZkEyIf
+0Tqo2WWCKfEHFAJnrMHB0+Ky0PaE7SYnQJFndYSJKc0//+Nhh4YpgvXrZmUxvqd1
+dq5yguGVIaAq9MOID9n8nRwEmipyPSK42UsnINbsrTALYD8mrMBCRP2cpJSCnqm8
+mzE0NJn8kYXnqgYoQxzOZZCkt2mbh/HjzvrwcVY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHeDCCBWCgAwIBAgIQO+7gkY6Ihq1GD+iukQycujANBgkqhkiG9w0BAQsFADBe
+MQswCQYDVQQGEwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0
+ZC4xKjAoBgNVBAsMIWVQS0kgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0xNTExMTcwODUxMzVaFw0zNDEyMjAwMjMxMjdaMGMxCzAJBgNVBAYTAlRXMSMw
+IQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEvMC0GA1UEAwwmZVBL
+SSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQCkWR+gL9++4Pvp3LWJ/lqXA8k6d6eOXK/y4xg5
+9ardD0bSaA9XnKdjYNNYzjXCp/aIwk9/Gyjp0KcAxBdNbeIPxQ4mIyCr9zoookwK
+C8yOzuYAmlpADdRQGpvRDZyU+dvuXNDxigfNmitALEmkXWJfp2vf7lYIUPNCGGwx
+sF7lnHOSvA7SDH3FOFe8u1jbJhkC7eNDhIpOVmvbraEx2cwiZ5Z4/3edzGTFMiBq
+704w1SQl/Yh5r3Ea/tVLGxWIvBhwqr2tOApmMEbliYXVdiSpqbPmWWAPtKlTwjqd
+RRrWruN3XsRiNjMvMMS/lfEtOKV16NFqky5Fh0tKot+/WCeaymIZql7UsYBJlt0r
+7F+Pm+Cdl4j1hAOjr7Olcy1BuuUHt29rcff3yVqvaZmzL8hPQutsa3FneN8KrE/X
+SoUARhrVzbif6pWdD3zRxgWF5gjeiBeB9tW1buqhHNdhquNZQomcWX6xfGQ03WEj
+Kjm1EKv8hqlTGsXrauKATlmRwDiJ/rNd1vuR6dewfdl4CMz1K8wr4aHWlHPB/lH0
+jH0KtZqKufXa4Mmz2I+qgoONaVMt/QAEGEqg2lTheYyJ63/1gueguXdNrvm6AjuI
+dut8XbNaE9t8KRZrmdEd5Eghog1eAYjovvGYTT7HFlccX+EIbxxMWENW94BljHEO
+ogRnTwIDAQABo4ICKzCCAicwHwYDVR0jBBgwFoAUHgz3tmfy4ZImCUXAVTkudz9C
+SqIwHQYDVR0OBBYEFHJbuqpyOO4lkCS1lCL6CYjKiwr7MA4GA1UdDwEB/wQEAwIB
+BjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vZWNhLmhpbmV0Lm5ldC9yZXBvc2l0
+b3J5L0NSTF9TSEEyL0NBLmNybDCBiwYIKwYBBQUHAQEEfzB9MEQGCCsGAQUFBzAC
+hjhodHRwOi8vZWNhLmhpbmV0Lm5ldC9yZXBvc2l0b3J5L0NlcnRzL0lzc3VlZFRv
+VGhpc0NBLnA3YjA1BggrBgEFBQcwAYYpaHR0cDovL29jc3AuZWNhLmhpbmV0Lm5l
+dC9PQ1NQL29jc3BHMXNoYTIwDwYDVR0TAQH/BAUwAwEB/zCB8wYDVR0gBIHrMIHo
+MA0GCysGAQQBgbcjZAABMA0GCysGAQQBgbcjZAACMA0GCysGAQQBgbcjZAADMA0G
+CysGAQQBgbcjZAAEMA0GCysGAQQBgbcjZAAJMA0GCysGAQQBgbcjZAAAMAkGB2CG
+dgFkAAEwCQYHYIZ2AWQAAjAJBgdghnYBZAADMAkGB2CGdgFkAAQwCQYHYIZ2AWQA
+ADAIBgZngQwBAgEwCAYGZ4EMAQICMAgGBmeBDAECAzA3BgVngQwBATAuMCwGCCsG
+AQUFBwIBFiBodHRwczovL2VjYS5oaW5ldC5uZXQvcmVwb3NpdG9yeTANBgkqhkiG
+9w0BAQsFAAOCAgEAKoxjhLg2AmSPebJThQ8d25w0xTAYN3iI4ZA7YjaazonVuF+/
+tPz3oZIMCIcYacVXIoAYOZBigkwlWHgYety17DSplY4DSBAct2V6YhnBmLYUfsdf
+YXJQRjbYNaNMrz2bORikq0VH5PyPZd3nQpXL7O+mqYsmakrjbCej2oL7Ma6lLxdw
+Ty3kdCOuaaUBCT2f7uFGr6wMSZUD82ZUJ0enY8oAfRw94kA/TUtkuNNbxCwsr7Dy
++nlWI328n1VgnjcwFGUAbCRcmdufhHqe05Lvv1HABw5lsu6lHAfmiB1xc2akdA/e
+hDd5BdcpUiZpFF9Cx1JhR7yvTGoYKFsmL2GSxG9DBr0jFjn+nXy8pg7abPJDk8n7
+/RjPvmPr/G9PLrQctIb7Jgs5PODpR5okfXdZ93udP24X2IDMDCUme9S9YeoLL1+5
+3LANfxwC83QVZubLbcbdhnqkIbu/wwmuZQc3/jsQ4uEbVy9XX9ufi3Eg9hHSGOeK
+v9hAoqaw+xgdrG2+h0UUa4cTo1EuQ3/m/MUfz/g0JCLgAtn/n0f3WGuO+eQWB/Tf
+o4++0BY0PhpFBcUj9LqMsVffYY4sPQVJFRHBhuAUgi9B8jsT2cNYNfTTzGSRpNs9
+UigmFl5yxI7NSIZXftM2mdbT3pr5nB6sLkYxeqmQFArAKhm0SzNm8ClmgFg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIRzCCBi+gAwIBAgIIBHlvYTIsFqIwDQYJKoZIhvcNAQELBQAwgawxCzAJBgNV
+BAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQg
+d3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcx
+GzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEnMCUGA1UEAxMeR2xvYmFsIENo
+YW1iZXJzaWduIFJvb3QgLSAyMDA4MB4XDTE1MTExNzA5MjU1NloXDTM3MTEyMTA5
+MjU1NlowgasxCzAJBgNVBAYTAkVTMRswGQYDVQQKDBJBQyBDYW1lcmZpcm1hIFMu
+QS4xEjAQBgNVBAUTCUE4Mjc0MzI4NzFDMEEGA1UEBww6TWFkcmlkIChzZWUgY3Vy
+cmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTEmMCQG
+A1UEAwwdQUMgQ2FtZXJmaXJtYSBQb3J0dWdhbCAtIDIwMTUwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQDaKgpFvqOOjala5PnTmVey0q3lyi8RfWnFJUFi
+TOwlxo1YhkBXaEwp8LGRTCNnc/2r0pzZomF4XmWlg9YSsJ4ASY+Lr29w8m/UHIuf
+vk3u16Y+SUOwkMoGk+sbZBQ2kCyUWTrUu4sjKpQ+1sgJa4n5QObAP6ZCv31UNdCo
+/W7e3FDo1Ps5EqHetlUxTYGV4fuosSURI4zVytilJfjTZ3e00Gr5ONREwPvIqU8L
+16geZETpMv2AC0Q7I/9zTtRDw0LEZCu6vG9D+ayOHLLPE/QC+euyE5vtYljerR/3
+HGu1itmh1tZs1nUmCntAGrfIvByMIBXg4x7cqIqyk8LKa/RWxFUu8vtN0ue+AZZF
+vm6J7CywyYvLQ24txS7PS4N1/63ZdRUT0WLOAgn5IQLMRPB8DbtbZnIz7Ef5gXiZ
+R2AjULcrxPV5aqPVziKODScvDVuvJhLvdDF8KiJ+txRWe05MWGOOjVDfhhXgbzE3
+j68cnqbKN87RwHIHwtGJE7TpAzj4ZvGQDMoMXBui6lh8Fa81N+BcePk4vmOjxCaR
+9rWvPaaGvblA0XlBdxFK7+nGOHFg1jPvK9TK+piEhcPcP10wRnB5O8q+4Iw99uTM
+UY+uPq4vaN9rMHCvAjO5qIRIyLkJlyxnwykPnGPoOMmajckx4OP/b2zKW8OrT4Pu
+GRpiXQIDAQABo4ICajCCAmYwEgYDVR0TAQH/BAgwBgEB/wIBAzAdBgNVHQ4EFgQU
+IGmabGRRm+JMYMrj6FjCheckDXowgeEGA1UdIwSB2TCB1oAUuQnKnB7b02w6a67t
+VPFbkwY1Ll6hgbKkga8wgawxCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQg
+KHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJl
+c3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEg
+Uy5BLjEnMCUGA1UEAxMeR2xvYmFsIENoYW1iZXJzaWduIFJvb3QgLSAyMDA4ggkA
+yc3T6dV9I84wfQYIKwYBBQUHAQEEcTBvMEUGCCsGAQUFBzAChjlodHRwOi8vd3d3
+LmNhbWVyZmlybWEuY29tL2NlcnRzL3Jvb3RfY2hhbWJlcnNpZ24tMjAwOC5jcnQw
+JgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLmNhbWVyZmlybWEuY29tMA4GA1UdDwEB
+/wQEAwIBBjA+BgNVHSAENzA1MDMGBFUdIAAwKzApBggrBgEFBQcCARYdaHR0cHM6
+Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wfgYDVR0fBHcwdTA4oDagNIYyaHR0cDov
+L2NybC5jYW1lcmZpcm1hLmNvbS9jaGFtYmVyc2lnbnJvb3QtMjAwOC5jcmwwOaA3
+oDWGM2h0dHA6Ly9jcmwxLmNhbWVyZmlybWEuY29tL2NoYW1iZXJzaWducm9vdC0y
+MDA4LmNybDANBgkqhkiG9w0BAQsFAAOCAgEAu0GATqbLQ+Q/QL/XwDlvZ6BOitu8
+vFlkA6NtWuX4TiTLcxHWqk17s2j0ud5Qx4rcOatVsgcTPtevSz/XrI8gTDkLTo2z
+lTQpKQFUaqG0Rw6R0EwLoPUjeKKJiU1FDr5/pZ3sIL+DWux4CjYiyzq7XIlvDHUe
+Mc4PXKPavRjox+IrOJgeL3Y3iSscKb5MrmcZGsU6bCaKOxkeTUFoHIChWZVLtEvi
+XbKGexu/qj7unexLIdj2uHfQyiWJlpzEfPrzkDZEvZ+nVb89I27vbY/SY6vau0l+
+dyZ3hovkramxYSbCKmWSR+ksbYclObEv8jLugGTXnny9bogudHlqK/OvDyy6iXEA
+xtY6qAok679dwa252e5DBUTnuO1yF56csZzibfFCsCA4beel7ii8umKdENzTbd69
+s94eFm4sUnUoNoeNzq864vDcT2ODmxzhsIHWF1m9YNDkn1NfU7wpFEjGw6LrmtYJ
+QbSd6IDqJ0CpR/rctjBic+iLdo03qaZevQFjhZZ7V72VX+REkVawoJP5bb+QAYIf
+ERjQIlsz4Ejto3x2UfmnPqWyBNjPd/po2NddI5YQ55Jb7lzSNTx8qErEDPzutTWp
+PRF8gtsTIQoMYNUaiKMqLz02vIa883WK6NahlBI4Uy/FE5DHmWkcZU56CYA4rqrv
+XZJt2zyxCI5FPKw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIajCCBlKgAwIBAgIIBLwHIkVpZ5QwDQYJKoZIhvcNAQENBQAwgasxCzAJBgNV
+BAYTAkVTMRswGQYDVQQKDBJBQyBDYW1lcmZpcm1hIFMuQS4xEjAQBgNVBAUTCUE4
+Mjc0MzI4NzFDMEEGA1UEBww6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0
+IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTEmMCQGA1UEAwwdQUMgQ2FtZXJm
+aXJtYSBQb3J0dWdhbCAtIDIwMTUwHhcNMTUxMTI1MDkwNzQ0WhcNMzcxMTA5MDkw
+NzQ0WjCBsDELMAkGA1UEBhMCUFQxKjAoBgNVBAoMIURpZ2l0YWxTaWduIENlcnRp
+ZmljYWRvcmEgRGlnaXRhbDEUMBIGA1UEBRMLUFQ1MDcwMTU4NTExPjA8BgNVBAcM
+NUd1aW1hcmFlcyAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuZGlnaXRhbHNp
+Z24ucHQpMR8wHQYDVQQDDBZEaWdpdGFsU2lnbiBQcmltYXJ5IENBMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyOJ6Caq/UPeIAOnHYjy8itVreO1n/VRi
+qOnuTmlYfkpG8oqTr7WBkwOO9x+WhHh1n2tGrXeLg3NdAkmjg6/aYUzd5/ZYfwiQ
+r9dsCMqh5Uz6wk9e7sBQ1GqrLzM8zJwaLMVB24wITZt/kJnq0+6Q8UMGlLSZhcG6
+fhLR7MKHMIzwMGsv0vnvF7o4BRdtfi1iwV2X/E8cm10UGkKgQw85RvGXQWPArsFl
+C2mHcKRiNRzjo1d358zfcOnH06SXMxVvxkkHOm7nF7tPz9nbNatPHgjnPqvmVro8
+uAfb6aUyscK2qqMQeUwF0XdLaPDoK+v54mUa+u1bialItnVuJf0Thext3N1D6I4P
+4Yob//gXLh5RLsuLYAvUmaAlOGiYkpNyF/4xbmF2XKgWmPXsyT9YUKpaLvFywIi4
+7Kxh5x3Y2ZD9Ot9S3U+bIOMKP723GecvvWTnuoGFHS3tSNUiyb925BAZQgpI8dA5
+J8z7j9aDUltU/7p2JnFuknH4VEuIsLXM//JlOhSfhVhVNa04xYS84+YHveUXVYke
+KDaqUhNo4v0kuWY+jc+6NpRFsYaigEkIU9qkiXl7Va9Wsii1lF5egm/igNe50bVx
+NyYM/08rzi1bXOcAlKg6+KRLqVLlNEQYCDqMaNK0OCUyi6FtWNkzWuuwmPmbm6s8
+bad1wyDpUJkCAwEAAaOCAokwggKFMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0O
+BBYEFKhV8DPDTiLMaByhGazRKhM9JWBhMIHgBgNVHSMEgdgwgdWAFCBpmmxkUZvi
+TGDK4+hYwoXnJA16oYGypIGvMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFk
+cmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9h
+ZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZp
+cm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAw
+OIIIBHlvYTIsFqIwgYMGCCsGAQUFBwEBBHcwdTBLBggrBgEFBQcwAoY/aHR0cDov
+L3d3dy5jYW1lcmZpcm1hLmNvbS9jZXJ0cy9hY19jYW1lcmZpcm1hX3BvcnR1Z2Fs
+LTIwMTUuY3J0MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC5jYW1lcmZpcm1hLmNv
+bTAOBgNVHQ8BAf8EBAMCAQYwRgYDVR0gBD8wPTA7BgRVHSAAMDMwMQYIKwYBBQUH
+AgEWJWh0dHBzOi8vd3d3LmRpZ2l0YWxzaWduLnB0L3JlcG9zaXRvcnkwgY4GA1Ud
+HwSBhjCBgzA/oD2gO4Y5aHR0cDovL2NybC5jYW1lcmZpcm1hLmNvbS9hY19jYW1l
+cmZpcm1hX3BvcnR1Z2FsLTIwMTUuY3JsMECgPqA8hjpodHRwOi8vY3JsMS5jYW1l
+cmZpcm1hLmNvbS9hY19jYW1lcmZpcm1hX3BvcnR1Z2FsLTIwMTUuY3JsMA0GCSqG
+SIb3DQEBDQUAA4ICAQCULBt1/fEgh+u64isYs56a8Pw3sp4CRh2K04tXzOPRkkAZ
+CChOaETS4as1dwxpNE/acnQ1Ie2DddJ8MGIza5YNdCrLLxGmkWTNy3Oi3+9ENWqY
+h87OcLN8enbhJZ60kyEAb7FiXszIxx36AxWA3/cdTNeroZoIkak5cD2Y2UwZuCTW
+7//PBcbgElAP4kX+dwlA1//LdHWtAbbbq0fCS7RQk1I3fU2K8LDHg4CAmNAffNqB
+tlSVfrT4vLDLJCE9vpGLXJpEec2jKiGTCuZgCUW8LHMRmaUKDD7k0dB2dcqg1v+U
+1KXxGfO/glnSdWZZ/fkyOu32JA0yNmh0JFLp093m3/helmCgO+AKmgIMzAMKrNRf
+jvBKUhc/c/r8vDWmia6h5DvHdcSJpXdfWqDOf0EPRQ2VyLloJkN5fnu++P8DOz/a
+yU/3aKwybcxrgWZ5W/FdiGXbIcGSSJxBBve3Cpn6VDgiRQhWp/trZuuoZ3n/hJsK
+Cs7U2pdUAF1kJMWbYxdKwjI+6JLOKB+JX8bNwRYskt6AUP4am9VywpHx9Pvk0zpq
+9qzTmnofJ8srJXcDcyRAk7Icr6GrvaGiH8HR9zbxh9NU8W+vXIGELyb6CCLIdKPf
+7SVA4Wn7AA1viANwmGSp9n8aOec1bsp3V4m+WicJQIGbZwahawSwq95aGBiYVA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGHDCCBQSgAwIBAgIQLxPa8YcM1DOPGNv8N2uyezANBgkqhkiG9w0BAQsFADA0
+MQswCQYDVQQGEwJGUjESMBAGA1UECgwJRGhpbXlvdGlzMREwDwYDVQQDDAhDZXJ0
+aWduYTAeFw0xNTExMjUwOTIzMjVaFw0yNTExMjIwOTIzMjVaMIGCMQswCQYDVQQG
+EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4
+MTAwMDM2MR0wGwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEiMCAGA1UEAwwZ
+Q2VydGlnbmEgSWRlbnRpdHkgUGx1cyBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAMfolTzFjsvedPYwvO3ph5U+t8tmXWjPCSg7pRdR7Ip5dhBqmdEN
+IQ2THhBQKzjEX9fdwHQr9EUxUtZMWF93HAlj03o2ZgNtLUblObru+LwA/DObWQVn
+dKMGmd6NKFUA23YcaLwe2/nNUdjV7caK0o95Ret5UZ4nVoeP9JBgTtwiPHu09x3n
+psSJ3mlOB754RKbKJdbDkJOFAiJOxfBiGuLsztrwHtPDWHP3JkAg87gNMl9WyWGd
+nOnrexcbqUgG10Gufh5L7WuKmKogU6UEK2Fsu6pUbc8M90x6Ft26UeRPgbC3cI0q
+uO66dm/zi06zXsefWcjee7QfwLbSALJBBXO3IfbRnhknphhMhHR4IsHZYiUMzvrn
+35iOGawPv82fBHJj9IlXH42IwMALW82559r4nXT/mGg3yR7NFqJ9JUwvJVSKZIgD
+QXBM2i5qjw0vq6qu9w3+2nWZ9XmGEYDuqPswy8C9LGCN27teASRFuL2J6+yJDmvX
+sXjl3AWibJG9Q4xEYu+H2N4fh1XEFfctgPNnOGcs85t3PAO6zJOxPeESljc/8sFx
+Z3N1LSzUOJYQphDNevIB91WGF27v1siGHlEJB+lwfuumx9I2/+YF8M8S1UFhHpJi
+/nz9mvkeFKz/Y01tr7Xyn/JL/i3rRX9oqdDwgzZqMF2KneQAzxf6CtstAgMBAAGj
+ggHZMIIB1TASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNV
+HQ4EFgQUZjjzwlqN3683rWHZPBodPhdnB3UwZAYDVR0jBF0wW4AUGu3+QTmQtCRZ
+vgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlEaGlteW90
+aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzjAQ/JSP8wSQYDVR0gBEIwQDA+Bgoq
+gXoBgTEBAAECMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmNlcnRpZ25hLmZy
+L2F1dG9yaXRlcy8wfAYIKwYBBQUHAQEEcDBuMDQGCCsGAQUFBzAChihodHRwOi8v
+YXV0b3JpdGUuY2VydGlnbmEuZnIvY2VydGlnbmEuZGVyMDYGCCsGAQUFBzAChipo
+dHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5kZXIwYQYDVR0f
+BFowWDApoCegJYYjaHR0cDovL2NybC5jZXJ0aWduYS5mci9jZXJ0aWduYS5jcmww
+K6ApoCeGJWh0dHA6Ly9jcmwuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5jcmwwDQYJ
+KoZIhvcNAQELBQADggEBAK05XoyuwD1xY8gkIri3eb/mk0rVyRp6Pa9VA8hDNiZq
+z2ZaVAOKZYP3tvRXTz/vOMlDVO9i66MBqADiG9smLFB2dWQVojALSbX52V5gyKPg
+lfqY99YPLwuihlrOYSDsuooEc6qZ3RKgK3HnbLAlhTNRljgcOkKFYmnMXggsUA5Z
+hL0fntu+b89FCSbtth3nhoL1gVYZg54ZtyzMi8VmJTMUDk/2nXuzIan6dZByWdcU
+fwHj5iGyAnXs09+iQA0q+EyqxKG/7ovWpOndOJIZ576bEy3+WcnxWAdYiBV8tA1S
+njit91RkThbjIz+nzuVJOvYwQwJdBp9lBJoFK2zKHy4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHFzCCBP+gAwIBAgIRAMZSQoyDlJwTf12f6/JxZE0wDQYJKoZIhvcNAQELBQAw
+WjELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczEcMBoGA1UECwwTMDAw
+MiA0ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQQ2VydGlnbmEgUm9vdCBDQTAeFw0x
+NTExMjUwOTMwNTFaFw0zMzA2MDMwOTMwNTFaMIGCMQswCQYDVQQGEwJGUjESMBAG
+A1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4MTAwMDM2MR0w
+GwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEiMCAGA1UEAwwZQ2VydGlnbmEg
+SWRlbnRpdHkgUGx1cyBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AMfolTzFjsvedPYwvO3ph5U+t8tmXWjPCSg7pRdR7Ip5dhBqmdENIQ2THhBQKzjE
+X9fdwHQr9EUxUtZMWF93HAlj03o2ZgNtLUblObru+LwA/DObWQVndKMGmd6NKFUA
+23YcaLwe2/nNUdjV7caK0o95Ret5UZ4nVoeP9JBgTtwiPHu09x3npsSJ3mlOB754
+RKbKJdbDkJOFAiJOxfBiGuLsztrwHtPDWHP3JkAg87gNMl9WyWGdnOnrexcbqUgG
+10Gufh5L7WuKmKogU6UEK2Fsu6pUbc8M90x6Ft26UeRPgbC3cI0quO66dm/zi06z
+XsefWcjee7QfwLbSALJBBXO3IfbRnhknphhMhHR4IsHZYiUMzvrn35iOGawPv82f
+BHJj9IlXH42IwMALW82559r4nXT/mGg3yR7NFqJ9JUwvJVSKZIgDQXBM2i5qjw0v
+q6qu9w3+2nWZ9XmGEYDuqPswy8C9LGCN27teASRFuL2J6+yJDmvXsXjl3AWibJG9
+Q4xEYu+H2N4fh1XEFfctgPNnOGcs85t3PAO6zJOxPeESljc/8sFxZ3N1LSzUOJYQ
+phDNevIB91WGF27v1siGHlEJB+lwfuumx9I2/+YF8M8S1UFhHpJi/nz9mvkeFKz/
+Y01tr7Xyn/JL/i3rRX9oqdDwgzZqMF2KneQAzxf6CtstAgMBAAGjggGtMIIBqTAS
+BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUZjjz
+wlqN3683rWHZPBodPhdnB3UwHwYDVR0jBBgwFoAUGIdW4G537iQ1PE5zmh/W4eJ5
+fiswSQYDVR0gBEIwQDA+BgoqgXoBgTECAAEBMDAwLgYIKwYBBQUHAgEWImh0dHBz
+Oi8vd3d3LmNlcnRpZ25hLmZyL2F1dG9yaXRlcy8wgYgGCCsGAQUFBwEBBHwwejA6
+BggrBgEFBQcwAoYuaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL2NlcnRpZ25h
+cm9vdGNhLmRlcjA8BggrBgEFBQcwAoYwaHR0cDovL2F1dG9yaXRlLmRoaW15b3Rp
+cy5jb20vY2VydGlnbmFyb290Y2EuZGVyMG0GA1UdHwRmMGQwL6AtoCuGKWh0dHA6
+Ly9jcmwuY2VydGlnbmEuZnIvY2VydGlnbmFyb290Y2EuY3JsMDGgL6AthitodHRw
+Oi8vY3JsLmRoaW15b3Rpcy5jb20vY2VydGlnbmFyb290Y2EuY3JsMA0GCSqGSIb3
+DQEBCwUAA4ICAQC75ZUBBzkUGAgcPanEMIYXFQaMMbdkRqW2jnGZTCKn7ahguFGl
+4/VwDN7oT9Yw7LqFLNZumbKFR+QUOlFi4DiqWUqFbYle8ir3gZBLMiGpD8fO4qbh
+DfMRLJytJ1UWZN0zHov5KC6w14SQVoyUH6tbq7FYX99KqQ5Twjq2Z8+pVQGiz7ca
+y107Hod/86gl9SAEq+YIdKlgfax+GKi6wo18m1Z6NuGQp1SYfVnO1eWdPyNRAIv9
+Y4N/vZkxV6ct9KuNAv1DB4CSjuYJVyO1UIk2LNqYTZUQPEXUpdgXFoiLKqWgvysg
+xh0nr+IrzblClUusEpOOIPVCRTlkLQNKLXh6rTglItjeqIF16ksYjag0Km7qSP4d
+LK9+vQ6y38YfTE3ZPjH6inK5o9jU+3bgch7sY8whZzm57768SZXSndRS4DSaMlUi
+eZV4flCAKQ0I85Bu7tSAIPtdT0XO5gquusAW1fTclq2Z7JBOBdlMjsRG9ZIq9cZ9
+tCt1Pty43D6I/GGQXAP/hri47oquz2pSqDwOqt7tGvPP+pSYDEgRFJ5WcrwAAl/j
+9kIBteCSveZMaRo5esXgFbzafIXDPh0pPpUGdp8Q2opiWv4OpIBXPnQZXI1iMnOF
+BLQyzO+oYV1u3Gbjul8Y3xlst/mB/3KXXEVWUaKp9OXNa2MZkHqEkHinHQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIczCCBlugAwIBAgIIA5gfUeLWjjIwDQYJKoZIhvcNAQENBQAwgbAxCzAJBgNV
+BAYTAlBUMSowKAYDVQQKDCFEaWdpdGFsU2lnbiBDZXJ0aWZpY2Fkb3JhIERpZ2l0
+YWwxFDASBgNVBAUTC1BUNTA3MDE1ODUxMT4wPAYDVQQHDDVHdWltYXJhZXMgKHNl
+ZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmRpZ2l0YWxzaWduLnB0KTEfMB0GA1UE
+AwwWRGlnaXRhbFNpZ24gUHJpbWFyeSBDQTAeFw0xNTExMjUwOTM3MThaFw0zNzEw
+MzAwOTM3MThaMIGoMRQwEgYDVQQFEwtQVDUwNzAxNTg1MTELMAkGA1UEBhMCUFQx
+PjA8BgNVBAcTNUd1aW1hcmFlcyAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cu
+ZGlnaXRhbHNpZ24ucHQpMSowKAYDVQQKEyFEaWdpdGFsU2lnbiBDZXJ0aWZpY2Fk
+b3JhIERpZ2l0YWwxFzAVBgNVBAMTDkRpZ2l0YWxTaWduIENBMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAwIyfzHgjHAySoIsQMItLlEXb8bKeKGT46cmC
+IlhtWstWqTDro67oBz2so9EqO7nIryY05dE2UJEDO03lFM4KFPZCtojxqi/8KMHn
+dmW+NJO3wiikIaRtg/AZfuOXf6rVwp0fCA6ROgOFvideXRFpH+bvV5LOm3uH7gp/
+KSkktrWRYUKZwD60XJmAWvVEmtR4ydakTdoEpmZ7x6VaxCA+Jm7NlbpnxBCM+MXs
+rmFB9At7uEO5t0M/cAcgijyvIbZMwiklEXw+FJlt+8O67nZ0M53i0W77gdL11M18
+XNqVil9qjRTE+DpnoUAwE1e65uGaAcytbo2Aafp8w4CaS3CV8hSgqDlYdR+iD8GC
+ouicpl8INZjQzd67y++4p3K2AS4h1uuuzC4Sg6Deg5KTNOa47l0UI60hFB1KxD5I
+Uk/V58glRUEuUhpDu8BX/JorqesaHXLaUHpeS+cZXp+kiD8NqU7suNTwEGRgtutf
+Mi4rfLfGlDxO6/U6NPbYM4RKhepTYglAn3bkGFZzRHsBdulIQ82ZhAB9gJ1K2Q32
+z5mkucnXOncGTaQ+/9T2MgfbH8P/plHsruKbLRl4NgAjN5xpvdx9S5rqvGv1SIGx
+b7v5D6IwU5Op2tMPceww1LezJBWa515c09/D/roI7d7XQG7KhIg9WCHQWCfW4s6P
+myb5pdsCAwEAAaOCApUwggKRMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE
+FHKWHH7TrTRo2085TJM2McOZZ616MIHfBgNVHSMEgdcwgdSAFKhV8DPDTiLMaByh
+GazRKhM9JWBhoYGxpIGuMIGrMQswCQYDVQQGEwJFUzEbMBkGA1UECgwSQUMgQ2Ft
+ZXJmaXJtYSBTLkEuMRIwEAYDVQQFEwlBODI3NDMyODcxQzBBBgNVBAcMOk1hZHJp
+ZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRk
+cmVzcykxJjAkBgNVBAMMHUFDIENhbWVyZmlybWEgUG9ydHVnYWwgLSAyMDE1gggE
+vAciRWlnlDB+BggrBgEFBQcBAQRyMHAwRgYIKwYBBQUHMAKGOmh0dHA6Ly93d3cu
+Y2FtZXJmaXJtYS5jb20vY2VydHMvZGlnaXRhbHNpZ25fcHJpbWFyeV9jYS5jcnQw
+JgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLmNhbWVyZmlybWEuY29tMA4GA1UdDwEB
+/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDBAYIKwYBBQUHAwIwRgYDVR0gBD8w
+PTA7BgRVHSAAMDMwMQYIKwYBBQUHAgEWJWh0dHBzOi8vd3d3LmRpZ2l0YWxzaWdu
+LnB0L3JlcG9zaXRvcnkwgYIGA1UdHwR7MHkwOqA4oDaGNGh0dHA6Ly9jcmwuY2Ft
+ZXJmaXJtYS5jb20vZGlnaXRhbHNpZ25fcHJpbWFyeV9jYS5jcmwwO6A5oDeGNWh0
+dHA6Ly9jcmwxLmNhbWVyZmlybWEuY29tL2RpZ2l0YWxzaWduX3ByaW1hcnlfY2Eu
+Y3JsMA0GCSqGSIb3DQEBDQUAA4ICAQAN4INvwXXElWPJW4qJjoToMV1jg93i407+
+0tfeZt0o74miysPGMAj9WDswwfAiIVe/76/z3bmb+Nlk0aDIO1erpa+N5Y+zm9by
+7VtGm17ARP0CIdhY31gAkeysxHpowEdg0Xk3NULFT7NrS3b5FCp4LFH14p6xqp1Q
+mJD8GIx77qy2AMFLm7pg9f7i2w00JbPWnYbAncEoYF2MFnhGMA8Q1xMsSkAbYauM
+lrzau0YfefnWXmkyyqnVoS/F6SMyclsSbVj2uNDpTI3B9N4ruCzO7PChO3uFKaiO
+O9fnUo85orYSMG4Cjz5U/ntSx2oIHLMICFFbZ2V/QHcW4/bP857vIvE1UAQoThNB
+DIE/Xkz45FUfIfPFlpCHkcVOSa4mjvwB7irndszQsAIDhiLZ46TQhL5bUCpuk6xQ
++OZKx/Sy0L6sm/LclKgjLTJC4Fdlpyz2THCuxVnrIpQWpixRxHTRHQevM9LULLxb
+xmTeZKGKpx78PlE1m35rFNRAKgMbsdFwOKVih0SL3/ASQ6/dmXsmu5I67RFO+1F5
+vBncCgT6jUMUqP1HLm7G855l8i5KxUbHTytgkxpWModeyYzL5HP04S0/F55yV3pB
+Gk1itzEeDdfIy6oPCx4xDxy4Pt1+e/6PYFZ/QZ4dWyKqDWu0bFzNn05x9AGS3XpN
+nsAYudtUwg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQNltLwL1YIjH3ZS7td6XSADANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MDUwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCivukyg8lINO7BT6xOk1ShSc9m3j65VmVghSckGTSSgIqt
+YOxu4OaQSbT5CeulIPoDaIB11LynN2xpZznUczhYYrw6/wuPTDqHo2+rxWZVi4ru
+XpkdknecE+97RhpuiyoB/eWjR1uvfkstJIVS9qTn1E65sVd/YKOz3caECfc/Yu91
+GWgoJzRDYKY9wBQwEeST16GGQedw7pdF2+LUDc0Km9bqVxmv5f875t1CwUjrP1GS
+bA+EA00JRiy7e9nRfkBtB7p6Hy1iPWQM7BTqhwErPuDnnv7Lrq181d3CkEXAZFnF
+w0Z+NCl5ANTQXPUF/txn0DpNkA/wV9zQLwrVeloEWyTSGPfQQHYKRMS8/G5KaSwx
+4c64Q5f69oRyH6aTKXIZDTsMaiEaLPH7oDgGfNtDEiv8MMv4EWcjF4UhX9h1zby1
+/Gyd1EMg+QorXCvhUlORxhc2TPtTRtSWDLUmFXpGccNyiOr3RlqhrOtfrjb3eALt
+Ajbo9b3xcybs+rKCGPRJWFMqP4eRDEBYCBJKqYV+nAJNHAYyf9OYDvuzHHlzaTqC
+1VejYkaIQljCoJzkIsnRu4cGLgDqgOVZ8kG36DCpwEzYwI7tX8G/6dX6U8UQRZCr
++4pFB7JetnsEuDWmpIPJa2gRQuptWHwONXChitFuq0Ww1fSjljGjzWSkzATvnwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBRuBdrvOYTWzjNZTlnb08pNsUh/
+iDA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAAsugrI3LaOko8wnakZe
+v/umF6DOLxbTLrg+bF6QbcGicET8euJje2cSmCa5P81ID+N9RV/kLO5GT1zY9nBw
+pqQOxG8bO9OCB6ElXV7ftjhxwQf9tRVAhAo78xMaCZMKJgdoYB5tsodhOWAaXbsL
+LxMiOOWVBqCQpQbpbV9FP2d+XvJmycpy0ZqAJYfD3e9gBkODXNf2QC1mH89q6tBg
+N+fKTCfpodHsFVNsDgobv1jCozJY8nEclxfvsKU/LQp+dRGgyFq3wSDEbdteKYG0
+4ynozuesVkJIKn7DuEFtAT3C6R9Dt/d5VYgx4EGgVnKrZlAV/Sxl27OWRWsbuqZy
+iCCDcYAMCp+w7oTjqgjPWACQjxEFNqfcH6ZaWU6ggZTT2LvnQhp6hn4fc5/nBG/O
+/H/BQwcHxAqA5IqjgRSjd/43gjAtd7HknCY3wHiP+XJnzc7pdFZm+i6IvDyGQxUG
+CVxUpPYR+5tocJJzsG4FUw6APLewxv1ZySXAIkApmRMlCS+IJZKAZHeOz5A9pzzr
+OKCJdbaDSjBRFVserNyb8g3+FNAboY0BQParFRnWIQB8tM2Cvs/shGlKtMvoq+p8
+ndM4Ns2ojoEStFpYQmHTLJ6fWvRpamp1UGDhUlPfZECgq5rJOR+fs/xqaOR+C9op
+N2Chz8h1nXQltUW7PlfIOawR
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQahh6hwIzogPw64yM/Mj8vzANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MDgwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCys/lpJ3OHjyAWbqY9yfCC3UooHpcc1b4ZowVPZIwwYyyE
+tzuM5Ka71KhbNeKLtvmZ7/bplR7o1f9PAHHBJlid9w7NQQVY3tn38SqZA2yrANZ0
+cLMcF48N2hZEDkH0D9GiHx/vVu/QyoHYRckD/aO2NOsKEHDD3HfZ74BxBd2aQ5Zi
+S4h01JXKoBQdCjJ7uakADIym+nKNWoylvxvDCbOUEuQNf1y7OPbxj9n86HMYNCd/
+Bf0mqo6IcuCVoDgrksTubEPnpTlbjKuRFQhdF5AOyq+T9f25Jo4F3qxIpOdOBb7W
+4E/P8HVvAjgUACnVQtq4WODhm36H1Voctyq+mvnV3ZYtdhlKT28fW8RWBBOEA/qg
+JP8kjLFeb/zsUkrjIhLR6cbbLeFaTP3Xw0tj4hq1BtgzeWcp1UulAsJNKgqR9N75
+I6H9QN3Y0Ch2waKUrYvfQV0ea8/iAj/ewi455Kg+ah1QQstEbBbw9N39PexhPlBk
+E+2ICbBRypzUh7xnWhho9LsiQT4RwNfJlijMObSKjuNK4WuSZcr9FVRM3IX71Afi
+6jSoFGRDa4umoB7Gjq8k/zTKKDtvhvAk1qwVjmnCzdvVswNYDL5SKd6eneuN9IRW
+iLfAl1PL1OW7qqbQMv7NJ7sCOY4MBurUSV7p+4z+LTWB89mEBrtBkUz2fQfJ+wID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBST8KOBktl5Lj97ipAk406e5tAU
+JDA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBABxPYaBt8xE3g59Tagp2
+QqdXG1T0TZT+atmR+ZJdyZ5nKY3TWE/EMWkzVuxJxlxqDjj/E4+k4Zcd0dP/Fs9F
+fboOQolsLfrtE9qFVU/OljCnO8NNnUK85bM3rqnvoJ0+bmTxO9QU2bNiK6WclVKS
+rkuuvptuibGkC5dGGvTPsMhkyw71yuS3w16uD1Xj0P4IqGRTT7gT6KZa3U/QA+xx
+QQjA1nFXbXOKoDQcHZkbfxbPrKhuXv21fw55QTXIWtDAxawNkBpZiEbFxOKloJPv
+dnk4OYiGQkXtFV/hlbnpBkVLtivzCqLRzXGB1ia9OkDGJ3xtd1AhMJlNB8PVOiwv
+GL2SyUK/oZnj8zY8TKNYc6dq0x0xDsm9VdR1ku/22CEMQOZj0hfgHJ6sgNYw4Xyq
+vdJRHsGeUcttQ7L+5wlB769KzvgZgN4Wx12V0omCrc3tMcUfPMEJQJX7XMvWAs3e
+lKYI6nMuprOGuXSPvM1A67jal8+DitD8IcUdrRy/r2Migkm0lgMZtQRS6qT36CvK
+JnP3HTULCdAyA/DcpDNOijTr9YdQgQ8T+MwMp5tJ4T6f1CAhufy5aGd1LrKlTSO9
+RdpXNHhu/B3Uk3gmD8IHgmDuWMcQbbpts6SKbWVnJK67G2Srk2h+pCfoulmAe5qy
+UCjkeDr50Li4tEbCHc5L0+U/
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCA8igAwIBAgIQUgxs76R+AW4hFw/sdbn2eDANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDUxCzAJBgNVBAYTAkJFMRUwEwYDVQQD
+EwxGb3JlaWduZXIgQ0ExDzANBgNVBAUTBjIwMTYwMTCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAKIaeJces26JUCHmo1KPXCXJPbwc3IR2AiAHT/FdNB8m
+BRshfj738CT2wBnqapU2jUg1P7hvWzfdV8B5e+KMHN1T4AHxu5jqwok/AQo9CbFI
+YDuWZ/zxnL4NkQjYufaIUYfBEoUugCZE9qkQmvKMryodAfNfSvrzndxdEQsqCAYy
+B+WHcHGeA80gE+s8xM2eLnKerX/1lxRZC7q3D0Pb/v/zwnE2AujL906xa2+louCh
+pRTILuKn0yPhf3NcrlB43AZtMIKf5jDPM7+VuF1rZhbSC+N41R7Ei7LJeM5q1IJI
+0PHU4ta7CzsGito5BjqWUKwEoZNqT7Qr1JW9wKvw41it8ZvVRLxg9NaFhcD8yNre
+WWJEYY00/u4c0nHSys5MfBLSNHgh5fT4xR007jvBkPaxMI1jks7yMcLDjxNaFsdn
+vabalm+en9CQVYz4VvXLTvG6COdphxx5SxtllT//U4+W6NtvsptwHmXLcM9o6tQy
+kGf96HKZng+ucWf7DT5JbTIXrrO3/lgHZAeGTh8XoO5M01NTJVSsjjSzxCoFjPm1
+N7E54/qALFiRmujeQdo3/wf2U/5Zgf6cl1lq8BXdeNw74NzAcCMh7iwbNJEAP8fM
+bjJ+EoIAxY21wExKz4pFmgZTLuz+sQRjH+C/5HV8MxtKP7qe7wUbz3ROiEw/00XL
+AgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+QwYDVR0gBDwwOjA4BgZgOAoBAQcwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9z
+aXRvcnkuZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFGdPtklOsTLfKmmJYdcjHja8
+PpZQMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUv
+YmVsZ2l1bTMuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBS4vGwA
+j1sZhZ0lAZzwGdxAjtA4KzANBgkqhkiG9w0BAQUFAAOCAgEAed6oj1TKUvU9m8E9
+KGogIYj1mdjrtuCnkFbWi+yl3Vqdpp8+Fujip/VliWFamDuYJ4lr3eNYWU8SMwE4
+6ykieiCq/mz1ggfIptpitAxU1kB7oJNDdpmDyMBxnAt+OrkzbrqoKBg7fC2B6Z4G
+ycQxw/MLYoLC/8vQOPnXcsj26gNqU5ByEvUO9S0m+cr99TirXsacna7cZQxHGvB0
+TDFmvvQPcnEpO7tAMF8DrcH8j1mF+3/7GWOz3e8NH3skXhpBkdmg+j4ftG5miNY/
+ShjkIeOZKLKW+Tu0ka2sqvuqbqhh+6wYd2d6vRNz69t17jPSXsLkxz2IyXBHMrZt
+lQzmu2zEUM0/jCAhnkoH/14k+tnBT7orfonL8mMZy7C3ZGw4TxEY5uHNL7xquZpL
+MRD3Bc1rbXYwWKwKP0dwU0ua/S3re8uoHEY4HAMS5LB+qohxBPkUkct/41FmsB/6
+XRgDOjH3fJtLaEDj3pb5Qa6wt3vjyZtPdIK2NvHfszL5cEHEinlQ/OMuKopbWPSP
+Kz5/l2JgpvnTKG52qawNTf5Xcid5YNRThvJj8S6w+gGDyy+zFYimjKCgQv5XYabI
+cNn/iJkfSvYKUFEYLxENtbV3MuSO+iVMD82/VEK/s0u5zT9M8u/EKDrEP4elYWks
+xY7ui5mkF7yn4wegOpAw6IFv53E=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCA8igAwIBAgIQesd2natGXpyCFkq8vakoeDANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDUxCzAJBgNVBAYTAkJFMRUwEwYDVQQD
+EwxGb3JlaWduZXIgQ0ExDzANBgNVBAUTBjIwMTYwMjCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAKJHqls+7+STbQ+Hnn4vIeXFMgTyn29YztzDJ3AkPWBF
+b6yfwkvpZIQ4px7VAf5+W2hUKmH/pjB7GioR7Dfl6y27IV+nE+VwZeHNsOalIl9s
+WzU97rR2DjdWgJQJ/wqGt/z2W7bE+Rih0UJMcrqvzPaNDpOFAkQO28Q4WIAWRAZC
+7g5w84hD/4KMJEbObWcX6U5Hinn7lkq1fqLzO9RIgRsyHnXHZBEode+EKDln+QyM
+i/jPKM/HxmVKDTTPvEWrEl6KG9z1eb1/7lMhIuhaUTExzYbmwmUn9YqKNoKDwBqM
+8vzBE6+SzqrH56iIb7zNd0YBfPp9NtlMY2czvI9peUIfy4D1K2JjvgM7VLGZ7T43
+6ndjy2mH7YG0tha64LgSQi6ZzHePMnvn3UlGpTxghXP4AoHZ2W5GHVKqVR8HgjZY
+R/j0sZpa36AfmrJHxugQmdE5xc9rrW32oaACzXjl06Zkgm9Hk3iwAu7I6ipueoRv
+yqqGnzeUwY8Klt6GxZ4ZinOaolAHH0TTN3TVfg9Vcbu4rD7hnbucdQsnnprwcmSd
+KTGHm+3DKZB/bK1m5IMMi6p/dmtPWJ9UlZ9AXbULquU3DIVM+KgEq4PTGX34PeZH
+KtoowzV2mM/F4cUbHGoDQloC4ESHnGia0HUbCqTdMy/nQGfD5cSTRJqwPk57HncH
+AgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+QwYDVR0gBDwwOjA4BgZgOAoBAQcwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9z
+aXRvcnkuZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFPpX1r6j0y8C5vPMujm0FAq1
+eJ3gMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUv
+YmVsZ2l1bTMuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBS4vGwA
+j1sZhZ0lAZzwGdxAjtA4KzANBgkqhkiG9w0BAQUFAAOCAgEAlg1M+7T3LGYUyCJX
+OYOTRzuaNdP7cU5ARsGmvtbDLNsJvU8/zPvIDdY/Zor99yP7W3+BY1XRC0A39akD
+8M0rcB+7fbW9G+/fe7PxiMCnXnhEXm65nHdmGk9EBnVcd2sAAon9Q+LfQgAwxNez
+C9il0LJXkSa3pIeTEmxbEbj6MP7kE67j2B4kG7MZJdhdf+WEs7b47wrqiahXFUk4
+5PDb5f3atXDMQAwwUgOu1/Xh5YwzD2eAgftN01SwyDnETstjGWbjbfXQXbGu1pU/
+4nzBxDwtCpbPkULAXi+oyhweLOOEzblTihh9vVA58mlWcnlFPzgwFKGvcXMsRcfH
+CLLOIOIJvFF+QTrCtsivU4Z9ZRjTWESKgPhzoAtF8is6wJMXuO4/WWrtBlJ5tV6T
+tgXBOPCJL0jcYz98gE+WEYOXYZlCWmp6L6VHLATGGT9Aut86scybtqHJAGiAJIla
+b3kIzj4ykRiglyMjQe1DQ95kWwEimE/ZH0VrePSzw/9nu+2Z7YdQhyGEzfaqr98r
+nf98M/rJK2z7lQgwverGB1ALgVoJzsJ/7jfWsQdjY8pxQTM6wFmTldQQbtxg/icd
+6r9BzZ1H0BpRfMRd3PNootcz3SLkqiINTsJ1MF1PykaCl0u7wYmfDPbuUto4Rbzw
+3wMlnTAXgqe2toFyncoi47RAqgo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQYFlylQbZNl3qzjpiRoJHBjANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MDQwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDBAWds3m1bHw+QQNNNzlewCpJS29L+7AOcz+AAlATA9vb5
+MTAo0RXt+dGiJtCaj2Aw42OQNxcoiWprPLta3cV58tXONTfjSlMoYxoRH0SS+MBS
++FGF6q0Ue7ulbkwVbejnJc+Ls+ieO5gwKJRpMmno2/ikXMZOHN+QVqzY+ss28mgZ
+2qcTuwGmkX1oHzpIi4tUflxnesPfiDQP33gSzBw2mlBlvrLq9tshYAJE9NMdxcwX
+7LzOD7lN1rSTlTt0enHPvfoViXDs1cQHAIKXLziz77L9oL4FDyd2aGSksdHVVnEF
+4ixWPrqRPFoNOjBcwHvCbTrOLJb3Zm0ASoUdWfLhpxeUXeZZqQ0MK7OEYwuKlQ3i
+MELo8mW15Fc7SxNHmkbAtuRTeUliedtWSY7AfqIHdZOocXYGKTtHjDBLraYd2Nv7
+cCtwj8Hi6abv6UCPoKzw1tkOH22pTB56WJ0U+c2taNggL9YjvZFgUXxHt1yEfqUv
+bk7+Hx0KC0o4ftfgNeJfEL7BnDVFLETmcHSafGs3ieGFzZMk1LSq/3sJTm7mpPdW
+XsyQSSAxOnWJmJJJdnAfPW0KbmP5nsCZ3CW53lwaEF6fG1OlPSyOsBc3JTAduTdj
+VVCTJM4ul4udnXXBxpEGD8bzQftd68ntC4dcJrUHEhciJqh9i9bCQYUN/XuA/QID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBSvAHYgqxuc9NMDNogzvLoLhmxv
+ZzA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAFCy7Zv5oIjyzB+jobjA
+/NHiqL00HPF6vFmlCrAMwoKR5O+eCmBuJZnq4jKwRDg5yp9pC67q+h5kO7rEOO1o
+cMMY1H4k9XYr881lamtplMC+v8ZxYPP2n61kRLUycFaoUhHojzXj9QPmWcq7WKLx
+pS1+O5RORtOue+aJd/k/eb4BwHIv27fZTJYCxIUXJlam0O91gcF1MA/19Bd9FAfb
+afhiRKQ7htZjQIx7sGeZF12dRNdSc9RmaRlKcMJsGK2RI5G1VEXMzzj7w70v/jTg
+bunbrQTypz9N1pk0CMUWBAAT7lHSccYYk5FUffeZA/GsAoXNB+TB9qodLJOLLO2b
+vP3MzqBqQ4R+7kW3OqnXPx+WvBL6KXoCQAQQIzjMZk3leyKrhJGCwS+k7+sXWcB0
+Rzc9U7PamBtX+he4pzzjwhhKECdMikweeeiF4uCoH+c7I2aal+e7+TZ9EANAxsd6
+1FV64HlAOob8pRckDuTDCI3EKG76wn14H1w/0PZxQ61zhQjlkRYXkNCiO1vKqb/Q
+1hugW/Mr2WXYr0Ogv/jxz0YAqnhHzEnrTQYIvNatLBwix19S+9q2U/rsmg2Mwx0d
+exgJOK3LJBt/jllb3Ubutu25UByzUUblO0lctMiCztMwPCJflb5A/3xUwCTBBJHZ
+rmdOGKLlAPXoaEjcnQQzJ7PJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQT48BYZKuQrZih6HCZTX19zANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MDkwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDAhtAKVTzvrAjszwmGxisT/S/rX7xGQflsEypGxqjqR8mU
+XLzlwgl4Kpqr5UILVnOm6l5UO7crTw7THie7G2qOiRqKXbexRWPcc2V0i2FcYBq2
+HKttpV+Bwd56DorKHbKg1dxsiQXjtIU5DIgX/N4DGz2IM3AcJk9n4uKZrScKnkcW
+/JmP9YfvUQoNx36dK/ol21WuO8NvJz+PieILfkE9fwoxu13yUrT7AAv5/serZArN
+QnQhMwctQCKoLUXTuWTr9MstHIg6Mq39rl3hjL1q1FpKEOpRBGLoB5HCtd8hvDl+
+t8NdFdjUEnxPL+KVohv2/ufo8RnJC0GK1Z+hMhMGVx1YLNyzcdkcSIF9Z1Q5S4T7
+Y4s/BeAsCp+KBoGcI9IGX+NfSgVrHFYoGF7sNk5nAWj/AODtaB4+r1syu3dFs1Ef
+y2uUoBUCzP4wC878ZO8mQjcd1qlzyGeZgc/I10pA3R/TJUal7Ydf5Vp4U7jbiql1
+rQLznmNq6dV8mzGBljjFLryQkVMHNfBSaWTkAouITBKkYYGJPD2qgipNUEsOMpZz
+SuAQwY8SpyQcgZyYdPSeA1UHwzYQPo8n8HbTMrsG38+IwojERt1Q0F2/uw2LHHSq
+o4jc4QhT0U4ScGplPC64KdTQ8aNX0TTZXbRsda7A2crcPBWAWqumqMfzho3UEQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBSRn4m6YgWiu4GZvoP2UHU7ZsgS
+jjA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAEfvuGAZjs/tTA7n+Dgn
+HBRgS7606Fzv6x2QhqnDmbTL87CePDcIWoRiaE42deaI9gV6f0aJLMP1k3SlJq74
+oP3eS29fYwQO+JzBDhnjudMnJnVYaslmIJ6G71Cwv4LNMsiBIAGzpvNp8lfInXfP
+PF7mPCdt+D4rMAt3066zv+QtYYbNF9eMLS8Cs4eYEhxStzWl/ZDv5FuR1kFe/6Vy
+Yx73KMV4TN4qk74E/sIHSvRIcIRG41s/t+Ow7jtHvYW+NiMK/w8bDovN9WqKmArS
+zCMAUXpdahPNlhUPel1kYg7/3qWY0CXKfwXJ9ElzoYsm9y3LrA0ypi8Frr+cEdww
+adDCXaBlDWgeoBPQiljy0aN9wrUTL1fm13027BrBr2d88tIv+iycQiX7WgbzEnAX
+JS2e+Z5b5trDq3PHtb5fesZBCsDGlpTptQkqFuDzUt1Y3svrnsIQ5VFC7fMPkL1j
+ygDDY8xNaJY/pf+Y+Gk5sx19H/dF9JPjWjmSGjvdw/kLT8aIdFXBLjRpQ25ZGTWT
+eSgZLZFoySxI3FyhGAc+tIIvrpvYFhejzaPloVquPkjAEdgJpccoqxLbUr59XtzJ
+3rZyj6w+euJwSfLabHLE3uqMHJ4XCNTMOrNfcE690HJwDjPjzlNemBvAwSqV4yu0
+iEEo2tV3QeE44zPo40v5BpWs
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQevZAn/ZUHrMNEK8TNdA3zTANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MDYwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCy0FolXWtdYazuIAlL9/qGTPGpYaKydPSgQZERv5P1W8xk
+qnBxeaqgigmQxvCsImLZTMOz9pt5vZsiaT1lkpXUbWClzqo++fH+cxULNGI9Hd0j
+wvXAAffMynVUZoHwAF66inbQ39NDkhY688y0aJGx5IzNXknl+s9dtD/+4TpAzCCd
+qsznvivJVv6wvoT96JrjtqoZvEyFhe+JqdPtT0/r0xHAW1QPXKid5YDlqUy6rjrl
+uBLSkK79KLImCRsnyku3VDYptEFK0pxGqpm8Tv8HBSYNmaHuAPsRBpEESHOfzmXK
+WDMnkKi4YcAOKaPNLGXOLC+zZrLXIboc/y8scEpJAijPJ4RD59pkedkemjNOx3aO
+7gagWCy4GKyiQAn0A8SXQ2LJCYLileU64VsjIsgHlobIw8e2TDgc9CCVV8YuhfuL
+kKmZQJX8kXcgsF05yP4Yc4vXh6Cl0tmqPAv47Xxc9Vv6pUhfKf1lTdTtQdwVUCR8
+ZXW1tk4mGpMb7T8xjqdE+g96CPMWr1nbnB8Yn1UIF7pkG68bIwNv4qdbn4Bc/bSp
+JoW7eIdLNfJIIuuqZ8TpoU4SJgBOhqRqj/RGGc21BfYdLNyHbiWvRD8YmiQ+WO3/
+vR6VHyWTrftP/WgBRxpSwFGU5rruumQ9sVZ4geTG1GuXQTlmlfqGrV1TVCm6XQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBTN8J8fmnuKG6nDxlaYT8pmAji3
+WzA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAB9wa97cfqOP43jFFGhs
+cGzB7EvDOVMAuY2rwbnlaR5vskeolQ6KzwO6DjL++D7FIdt4+UUemZH3BhKrDx+9
+NZPQoZxthGmhr7+jY89/A8RuASINBQIPqZpPAa3++A5fFPkD/O75LoFrNlWdW1pG
+kFHJPC3xrz1//N4rW2aYmqFX9dipo602vP6UnC5tBx03qyRM3PdGOkMw4/w+KPD3
+Z9sXfpj+LFmUzApZWOtnZ5VQdaQvtss39ZRctWM8Z+5UR7kL4wK4Q+XFsO3rpDsa
+ax6SM6hspSVX4g1WzqA5b684cHQWHjubcx58XJC2Z5XRQPq96iQrrqlcPRte/n2O
+OUymo9cv0/ataLezUvrfbxk2BM2bIAWN06rGqNxb79ocqr/7f8/3nEiXhYxPxksc
+TJgsW2V2Qioy1aMkM8NUFwM2+j3gOdXiesYR3M5NlYyng+5i6WwK1AsdRynlEYqN
+lmDErACsjLct+LbZ8nLd3cLvS5gDLul6VU4/lWz1huzblfwBynd1NA/DR3fs1gk3
+htRh8CzWdyLmv/mA5SyZNLOa9gkaHzLdFf1k48rYlach+Ml9Bkc4/wvbnKSrw1Wv
+EHJ3Qif5sBW0z4vgaE2zni4vOGMumJ3sGQcykdLFBYnCDwkdmed2ExaeabIsWlfy
+SbovYPCYOBOnXjDEF0TZxT7E
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQMJPXXlwBrWoB2Iy4yTyagTANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MTAwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDFOLceZ3G7F0HRPd5wGxLxdjDNlTSFkexNG499+JujliH+
+jh8bMea8zUM4bu8cq7y3kMNiJ197ooMlG7oWWkbVvj1TEtTI/ePE1kpHh6/EHdSQ
+LxmeT2P4A3j6XnIbJWk6KOMUwOxw41OF4pCL23cGYSK4BcnJ2LKt43XkwfBHZyM0
+0u1S307LJtJfOdpldOl1afKuEiZbDzP3XoPTTO/ANzqhmEaBQZiFw5ytY1pVBzOM
+WxKUG/zp29C7OSjcAZSNyRbF+8l73J5C+BDiEe35Ov6RYMVxLRvdqRNO37VgJ1G3
+53uyIExFj/PyzFrN86GNpdoY4RKOvwm2jr4B2pkI4hLwBjqQbgL9Y+pX1+rh0YQ9
+zyQHFy9KjJCJ0/AKx8Yd89jLhaUxT0TwcqmNYDVebzP/2OhBs4hAbwlqu+MB5LZI
+jJWvcQI+PRMgXzT7ZPkDxqONxrCotUgOnxUN/QMjxw4ZSxca4p9HVsh7Mij38KPz
+fambCkltKm1GMVJ21GxAnsiljoeDrBUeZumJTBUeWx4ETY6MYhtpXE7uNYdLNdci
+b6mQc/JrldbFc4aYYjTM7k937ZDOwti5V3FyoSmSnjorb2AJTLmcKgD5ObdPdiM3
+hv/cJnCKQInN0zhbp/cC6w1OSfFLi1fivrmZyLUSeqpQVI7tBOJyBwFME+UNBwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBTHrnqvQbtL60AQR+SplHiWWV/E
+7zA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAHUiltQfdiOFEJFZNPOP
+9h5gZL4ejeD8epagmsBLvR8rPYAUU+JcbaCf88j1ndz/9S4lOBzijmfb1Slbduyz
+LTVJpKfrrPvfzWn9VdTuzp2calejVu2m0+Sm9jnNYf+dn6jNfKSaK9x9pf2uYPV3
++SdzOCnRoQ7xxqZ0NeIlDoL61+IVMhCl/wignAsOY6+j2RXVQGO7MeM1GsfS4oA0
+YmWAn04vd/iIE4ZEjFMEW0JEUH+TC0CsdpVNaUIo/S+5bCi+N/MOonuB+YCV6ivB
+GARbgRhlS9rB8vmKuHlyUJQf+A5noNr0eXC+4W4h2u0NnCRRWM7ZO0LFd5EuJe92
+AOdTR7aX7zHyqtKItv+2zjVGbKyzkDCfSn8n7QNqEfHcFbk8eyLL1/xE6RPGxIbZ
+rH2F5cvZ4fGGLkXAoqz/ygF2g88DxAlWrgBRQqbTUVJRgo54clNViKVeMG9osXgG
+DtwxBG/F6eBNVaYwFmb3pusK4VFD2Or8DUpwvqUFtF7FA6/+hScfVSfJ2ypeB4+h
+0EK6abIdryoNLpOlUq9a/vNXtsQiDFijZSq1191xvqlZJpAQb/zTZyzrr+Jaun2d
+Gw68y738e1/BE+eoUej4RPokJGOggYS1xliZlEBRoFFU/0eti7VdmPk0Ia4iAlJU
+OOUqLcBDG703dip44geF1LmU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCA8igAwIBAgIQQwlYfi2LQn+k7fBD8x8fujANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDUxCzAJBgNVBAYTAkJFMRUwEwYDVQQD
+EwxGb3JlaWduZXIgQ0ExDzANBgNVBAUTBjIwMTYwMzCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAIjjuy21rUbvTGKdgWkqkPWFJkpa5ChLV4Zi7KMkElzI
+izgSgk1/iLZrw25faRMWG3hIpvDhAnUwFb/sTq0AI2mb9qIWFB0NqPu0vKY5dfM0
+lu9uzOVxaCe360c9ncR8rKoJAiGRv+HUmqsl0qgFfkX2obit/r2W2glrNN87QE3M
+WOWLj9cn/C1Uofpuzz+ItPZBkk9l0clAx5P8wg8kUHN9EkITOOWljzJ2prnrhOlF
+BEzfcanoBqDwXYHMWQyyMMP8/R6G1bGSfFkHEaVxsoIFaoSoDHCcwE962wVU82mQ
+qghQWh+J1VcxRFWFsV7HJrb4A/xcC465hGcnl1iQ2Ncg/UAF153b84En/KL/ezVt
++J/oMc56ewjm8seoT6BX2XTCJZRFgx9LCEWIn9rl4LM0ezW5y/0pmHk8uKznb1lV
+H4W4DfuZkwNOG7pZnJv/73pldEqvDe7gjCOYm/PMOVL1G/+95NHYNfN83x3JoHYR
+b0xcPqk53g942ZLzwjiU/wflyLlMMADCFrpDtrzbDig+IAW5kmklZtRTSq53R2ZQ
+cPhb9ZrXmWE09SOB33Ylpuk0TPGF2w0Q2i+8klA62AnkFoB/pZa2pkQvtQTVCc8x
+TanJG7Wd6aGCXYOpRSOVUUISVmE1PaCW2aRI7lO6tnnFiOKXgXujgLOhaXGULTkh
+AgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+QwYDVR0gBDwwOjA4BgZgOAoBAQcwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9z
+aXRvcnkuZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFO/YANFtla1hXeOL5IT+P3dY
+Cm8nMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUv
+YmVsZ2l1bTMuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBS4vGwA
+j1sZhZ0lAZzwGdxAjtA4KzANBgkqhkiG9w0BAQUFAAOCAgEANaTTqnUIKl8cltzo
+DnEJfXzq5N8CbT5hy3mqa7XK2SwjoFACMfFcLjJao9ybYLhmADSpNT8N5I5pqew1
+C+V6K7U99ycEA+ghYgI7Kqxd8Gu+XrR8rCXL6a1v3Brbqf4thIEEKivtIAO9j2xe
+SiRC7HRLIoUEzeSeMCJLhfpWQ/mWg814T7quwkNmthz9n6uJkCom4ZiD3bVt3+wm
+iVRELMqhrMpA+IFQXqFfCbRwK4esfghXYAn7y/1pS+4Q2tpHkBiychnyvK9u9ukm
+VnBWHPgLQFBZ5vdnVUOA+/nSB6OEfZFczSV0ChX0b6qE5o/Jv7QgCuct0EQtducN
+K/aJm0o8BITYgLZQNa5B84eMwpQWE4MycvI1/W1FRXUdDhfIJFJ8A5wAFLkDveVK
+bVyAGyDV8YXIcvhudQjLICpeyHALJQpmObHool8FLJPl7Te4N+OjNuDESF9CeBrn
+ff8MIwRl3k5gEEOPom199Pl+Kp+yc1p7XY9mUDp1kQ5GrhGUIwfPeUCL8YpMHrAx
+uD9bFxradTExpsOH9PHJtKUPvK6VqRL2KtiTW00iBUnInFUu5mSNHMabjEG26wVP
+NzQraaQLrI9Tn53jfHEsyWppHp+S693GllD5XK9pXEtQQ2nasdE4yI73i0kn3gqV
+2rvcg6zvsc5CqSGWqBlA0gfqnwk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQXiJEkYkR59wVC9/jJhcOpjANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MDMwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCIwEF6bWkkuKmXtnRqC72xqDcYF76rvS2HXqBOi1y7rzLj
+Io7pLjacCWnPVEkNtnSfGFh3US3kdJnt01OaczCqp6QTAHOae12E/5uQezYBMVWM
+z2OCkykYJowmJdAURy5Zip+RN7A+GAKtzYIdsDpCvPwFnkPlmFSdePQO602JQXLM
+6BCFXNaHM3Z8Qdk9XRp2n4bPqUo/Wp9RGRkGoKZVJ97Ci2jP4SePcEQk2JG1ZaQt
+LwvSuNHPQ4QL9UDI0M+H6zxElhQLdsZWwsSinxw9M5D1ouErFjWpDAKBPFCP6sbd
+gVn5pIhHowYNtbxYmFoBc6a4cKrMoe/lE1Lq6YLlrPfsDUWrLta4V6PYs17MejlW
+Z7fIp+UAdntbjeYPxyoZ4WtPUm07ZaYb0YZK88Kdj0gfWJDCbcYhzsfX3yKy+/yU
+0f2Q3EjSpTEkCNZKxfKPAv2JR2/acWARX65lqF16CSEZ3V+U55H3T1aLCgc34Y+4
+BHfvk10V4EzRp2CcXlBWu6H04rsml0Zugv2MQa8Erj/oii9fK/S9Zt5keXYhOX7v
+JMc4npIVT6/H6PJRVlozvXGkORBSVaEsK36Pdf65zfpuTvOHeMEM6Oete1zUAQLB
+wPICKBpRq7AaAFFEnr//WbRwDfAGehVfOK8wnyGON6/T3fnVpwTvmWlRQqb4iwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBQWX+CW5TUe8v2depOjqnbVYyip
+qTA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBADKLODFWsLNeAfkV+JEd
+bIk2LzaQfa8WVYPCU4k5wfi0QCy8oQnHlmPcFBPgJIVu+iHDdcU4iY/4GVQRL2jN
+7vA0dP/sNPm/3vNKV+ScZ92Jv4TRSQiyg8/LlJ3amATuRMyAhW6/RwcBmUJgIqIQ
+dJyxgH044LAWrZgbLLEW72G6U/Heh/p8ynVy/uvugXkYq6zSL8KbAOXeitUQU2fZ
+r3lw9i57qLUbTQ6VvXycr9o2FEQZh88JfApG6RIzLDrXtG7dl5UkN7/zJWWWYMUr
+OuCWKMYmvQU+bgBz+951F1o07TBh2OHMQXlxYkdlXhEc/Ouf2w9PFeFctBPlraCo
+SkbE+98jF84sw0hs59nB91+ZroTjxO9p44u3XPtTGqv+8dL+hoFOy1+TrS1M4Ebz
+PG92x5doV0fg+/yfCj7Coq4gpEeOCYVw3koQiafOaqzbjViJ1W9kfm+wHT5y0jFL
+yfQWnB2vpiT8NeLRpzeYP/VCjmkq4BIyXgyFB1hcnOyObW4KyRKsTViH6zJduMcA
+2lYxRiUduHkxeIVZBV6T28ekf222hgYBAD8dj+bzdZiOTpEOKIzJdvbrmG1+LOB9
+QhcePpbJOs8WcNdXUriMQWHXazj3mMtnVoPazR72Oz4SFoK2AdintK9aA7zCZ6a5
+OC510Qd91F+fA3pQRcp9tEUz
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQF28JJOwI7p/WsFllzAW53TANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MDcwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQCNKlh3nj6C82utJM4HlBey45QT3E+TCzajxzfgxjsHN1ac
+wP11YAGvRgJ8nGdi81zLU8z+7Qi+kdlpo4SL5Bh3+OO3eR/S57CufRXf/WkXiP7S
+6Y1G+FMk/np0m/L3sV3S5qSt7ec0WanqtM+Z6E5p6kf1+s0/DV26hxN1+cE+k51A
+wS4f7MTk4QOZC3Fdf41WsZiOSFzRpQavKqq7DN3KB377zdoXUhY0q5+1Kc/jA0xu
+R0TlsKY2k5N5ZUKgUr6Q4CMcUZwV6PQveJraALGKnpbRI3uEygSt3UuJ82xA9U5A
+Fvo/IuZFWugB887Ue50FlVisllo1e/pSjRx9yKbJqop0Nr39fRK8aMhuR5aevIOw
+QgOk1dSsU0lMSB0DVeL+gJIj+D0EjzdoDRdaZGseKbVvukGZVfTVpnx6D+n+IuHD
+TrRqMTQZBQMkEdXOOqAQiGmTgJLlJoYEWsfsn+UCeLH/2+w8kIuMIMU+TLFXqThY
+tWkBfPR9e4PZXlGvfHggar2Y77c69lQdHA8JFcYcPbdY7rls9kvzdwI/MvsAIl6D
+P7+NEzCxwR1cwV/iW+yrg5KCHcznYqqhIRmWWa2C+G3qdydiAYs8zJ0MzUMLnkR4
+xE1PLhPWHF/aAWOkpZGE2Y3tyaTwmHSspRHtGJ7GCKReerT8urreNm1FiRr+SwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBSMg++gD//8qW/zMIFjMxpb0VWz
+qzA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAAVaA+rNxWO+hgB6ukBM
+5cKqnQ84aQaFk9tpAP6E/77tBuA4UeqpY6NktGKZaPa04PPmcz6f3cnyM1ydGLtJ
+ozMc2ABFJHswU0T4gN/sMNNqhAt9A+lCFFpwxH4LIoOV3S68mTIcoONwqY9zRC3r
+qGqno/zEw3xfVWgRAIQy7daTt9yBY0+TCytKWZkVYdQD2PHUbdxbk7n1yx+u5fQ4
+YBItY8Aw08u9gDqcLUm8teI2SkeBXXirSnBePtU5szNsaZDI1bB9fsGpIovkFjrL
+AY6ltLqbtI07181kOgxYARJvv73ig9qsPKi1uYCtYbG5MCnPFFc5sDFPLWfUX4vh
+cJGNW8HJdZqE+y/uhw6WX3NdLB/PzXJQ9CPGUiq7M8+pghihIEBtgEjn2ZTQqxPY
+1ZqrXtaJEAmk5rwwLV5BQQ6ZwFJLyq6zxBfX9tEUIGaU5TRz9jHTM1ckjtf+U3HC
+4YxwhIxSEE/gylePaPTDcTAiDNu6vCx6zQSD9GQQvUKL8mHZJRzk2wSuR34bXV2I
+v533SIo8pkCaWka5Lb9CBvxAmshLXJQWOUBPVG7Nsx1HZuHT8v6s3z082B87x2lT
+49J6RItwaCvkN6Z1jC6FWWWyHtu2v1SXaIwXWS2sITFvYNfamfhU0a12WfWuvIfW
+Zf4NPU7ZHaZq3x1B79mapuE2
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQRz2maXwXx5KSQZSUoOrCKjANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MDIwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDHGC4Cpvlt3sbAmTf2gEn6wYXCaBTwmGytrIpFlz9kucAI
+ajU1wtlWXdhDdchtgjwxUmNq1sWknOuSAyS6iecOkAS2WPWuwaFy1ByaDZ+9o5Cw
+2diUQq1WgC1oPbvr4ipD2otPhDBlcU0+povo+1Q5McYtjW/Lf1z2B+2hL4WaSsrl
+7QrUOCXCeFgQRA+Zmyco+llYonN9I2pGg2KTrie/yysO/Ay/0XJ9DBR+g6tKFn66
+uZiUTsopmGy2UjsKBD4uzx5RgotIptw8V0Zcps5i3TkU+BSnHLZoS73m2McJdwFO
+kXgoj/8bOM6PCiV1M5ImYybRp+0axnfQKnMgCNA8xtaIIqk5TLmwtmqZUMVpjfik
+ztpOun0QzC2rJFFqdkoI5rq8RT4hxzgAmv+9gGoj+OueMJUrlXUeE87jB2903hab
+WzSj5oIy+zOohrqAToJaE5IWQwLsomeVRWhSN52OtQdz5H9jUf3T7V4jXUbFEEAX
+rd/qyvdzDxidOrrXYw1oaA1q9OVN47Yhi8kcjvmAK+RIX3ygDn9eW6Y+h4001Diq
++uIt95T4YH/f09Vgh5bppmbQeRob5ZCx5Ry1desYpoFlCQwH3Q+TWkrXiTyWlQIp
+d47/xwtoj+6rHE9cxKU5DiHNLVkxJ7NflpcjbCqo825v21eNgI3m26ULohYMCwID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBRhneFJhmLJtfaYaVsXhapRNOQQ
+ITA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBACU9AYG84FY+Risl+7hv
+hm/unaL1VLxu01wc2qyCRhYij1YO53rVVk/vRYVZ2Z6to30CRdP4rpIjNdn/udxp
+Foq6sSu/hqKouHqyNlU/J3xjWI8TtCNwXMzHXPshnTbHCf+lrIvGIEXGttHYNi/r
+J5cT0FrY2OxgFCFVRG9HMGopL1UWl2GcjF4vNlDPfrMIHrOeI7u0Oe/O3m9i4ZQ9
+UmbhuyHnq1W3U2B5ctJalVLOb+iplVT6lZub5p8IHdHHBOnzmR4F+8YIDwu3TaVR
+VtIIixCDq4reG/Ve4P94HtH0IAAUsP884Ny5/qLDJnqhjtCU/tvcnz0UbduYdXBw
+RhMe+t+eV1PJq6IeOMKrFofXgFKYRIRO8flE0iioH7eG/+aqmv7ajxK6q54HiHgs
+cLclIoYh3Mz1XFijaQ+vKLEWYS6iE6bGFhBtCNtq7q7EYEr5skWdbZm+GxUdd82r
+wobxtVoQjahsBVyVh9SGGvYSGel/cqxOWkU8MSSmdtwp3pXYK7kDD73IzNAEVmmi
+ApeUO8i8cb+2bn/GPY8dJA7nEtoICR5WXjNz5y4qCfEzTIcqbUr+rYjCH22sxo0m
+Yj5Tc8xedUrxHRdniUDwjVSkuf8TzgSnE1EQPNyZO3usdlo6ePlSiygZx78v+LQb
+m38/YzhLY3QMxPXOrcmiUb5n
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQepvq/VwAqUhlX1z0GIblPjANBgkqhkiG9w0BAQUFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBMzAeFw0xNTEx
+MjUxMDAwMDBaFw0yNzA3MjUxMDAwMDBaMDMxCzAJBgNVBAYTAkJFMRMwEQYDVQQD
+EwpDaXRpemVuIENBMQ8wDQYDVQQFEwYyMDE2MDEwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQChrIe6Jm5Q76czOTG4QMTzpo5yi17ZDQelWqH2OuH4yC/z
++SXXD+IZxn0F1HPbHaHlpkgEsAz9/1XvArXJVEkv6qo8vXqQuSUZ85pH2NYkYfJN
+NiBLFhdEQeftudIE473Y7JWzNcknW6auP4wQCDyJca6jjNUWB9nU1NjwcLRRtFsW
+rtOHiluD6ONaGACLrB+25yxsf5vowgvAYACp+NGxF/u5+mME8jBSuRwpyAN0HV1m
+rc0pK6P/mZ3npVm7aHSh9nqfeWI4IRWKTEO72Xodl2cD3nhupNQ3YRYJ7NC6LeZh
+lUMdt4jkMRY6B/ahhRE7EUjko1Mr58Q54ghOQfXQxZi38QWH6S72lgkaR5zeEWEN
+JS/KAujWP1u/epCRiUZIcX92UaOxhKecV0y0w8vXg7xNyIDOKLSu97PbJul42ufv
+d0vZ1wZYGnmxYZ2G1H3wGXLgruVVQSgn07Y8YysRjzcysBX57Y82YnjVd1m6QfPW
+HejxqBBXflmpwmQru9XeAF27YMF4Kqw3x0FmyWJa3X8z/wulY3wOWv7xfyaDskQf
+VfAjCN4DuTmXQTf62bBs6uOv6zBvTxyRlgq1ZfNPhMRa6sKEg7dzRbMIuwwXkSl7
+zz5k4uWuONycSmzGyFbmvCEgVvEorgq/d80iWmHDXaXzCpSpz1DP85w9pNZPZQID
+AQABo4H4MIH1MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMEMG
+A1UdIAQ8MDowOAYGYDgKAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9yZXBvc2l0
+b3J5LmVpZC5iZWxnaXVtLmJlMB0GA1UdDgQWBBQIawhY4uLXdDbFQEpysTq8mXOe
+8DA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLmVpZC5iZWxnaXVtLmJlL2Jl
+bGdpdW0zLmNybDARBglghkgBhvhCAQEEBAMCAAcwHwYDVR0jBBgwFoAUuLxsAI9b
+GYWdJQGc8BncQI7QOCswDQYJKoZIhvcNAQEFBQADggIBAKQBjZoHYc8f1VY50EUt
+WA89h0t4Z0dZZsbSXYFof+2kSjVirA14GN+4cijJXaF/n/lOJlDWH9Zxlv8b/4Zp
+IqxGaVtW0gqCUEO5N/PINe5HGlMSOIveiOWvR2NbsM1Okn2nnExbkseF8CCwoWYE
+PgPZgbhJuSAHNhlIi0N7iswu+DjJH4xNFCltv8hK5fGA+27lJ4cuP9tbZbiNNuMM
+K/1QY/2YfdYpxXOdNfUCmxgeZf6qwk5WoattZ7PGgtHimBfez0dwUTzxo+kZym3s
+iuhBsmmoxhQArWqhL9oFWtJOSFTe7klJSqdwRjq+LiZCBD0SKEkozqktPfGLFHT8
+docerbsJSNABAAGVT4/nVGNEk8hDGINRdugKcYOybzMkzb8/428zT6IW3CnyqlX4
+YvRkM7c8WPRoNoIqLXhVenowlWO+/NLvJvonXHSiSxxZjdYkhKwnrPhEs8qpYdNE
+ZoEQk059K2aqIP6UCEWHC2FC8bNeOAH2Zdvl/kNvaWp5wt2MaLeAKfNR0t49+yu4
+8h3CkCmETqF2he2tW3tmFD0znypjNT2aQbnj0wZbdDTseEf7Q1rlPFdmBCc6LNSn
+7p1W3sP+iczoXSgwBUMdMwZOY/Y++ZqdQxzpLdDiEOis7byuyw0HudNqApKaCl9X
+YHT5d1GDGtkrGx0b+63N8WSG
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFTCCBP2gAwIBAgIRAPlPiLTzBzmpCdNvjtZMWaYwDQYJKoZIhvcNAQELBQAw
+NDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2Vy
+dGlnbmEwHhcNMTUxMTI1MTAyNDA3WhcNMjUxMTIyMTAyNDA3WjB7MQswCQYDVQQG
+EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4
+MTAwMDM2MR0wGwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEbMBkGA1UEAwwS
+Q2VydGlnbmEgRW50aXR5IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEA0lTrAwYaOJpvbeSPdj8l4DVUCP2td5ZpJ6YBETkj0DEyairmzh+QdoqJusE0
+bPu7DeivGYLaIfZP53fVi+OM8/TfiQK61B53kgwI1tL1nEhdLd7G8G7SrKs0HGSo
+fk6KMWqn4t2kVkkvotuH5RzxW/TrYyF9kUrBvqcAqUigpPtNv2w6JRmEN3QpYYDj
+G4Bwz4J3RMRMtq5z6T1F55hX1hFP7FcavN+q4GiJ6m7LMhwiwh7nHU71lmLhUrYH
+AIrygN/eQobCnV8HiSxBm0eFtnJDXWUd7KdkdJ02E67aclV625Vwzw+0OKH20XBq
+O4tO8Yy0TuJnZQGfA/tSxdfp7hxNWlXFHvkaRGTfj9y6tv9WVZrgcNbaXR4c3gjE
+/GuhGDCqt32ogTKu37cHMBxCRXCgMWEAyz4tBDVT8/UZzDbyFJOe63aroZdoohI4
+XkEj50fYT6+AoEl0UoctswbPzq1PdIzXb+u8ki4FZK/2sTwCKJxifplzj9eFcv0m
+cEVyYozVPAPzAo1aksK1/KWSCdHB2Odo5dhLlyiG/AmVcdA7NlQEPg6fSkJcbZV5
+kNnmkI9bgQv0iVFO9y0s1AlzfFcIrFCLS/A1UsL6+59H1ifSubehmD4ms8At83/N
+jyAjEJCs7UvIGkSFe54ifSnIdB03KZaz6cnFIwPy7ThPU4kCAwEAAaOCAdkwggHV
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSl
+Px4kTGz4i9IbcphGUMrohlW52DBkBgNVHSMEXTBbgBQa7f5BOZC0JFm+AfJS1UX2
+WjncEaE4pDYwNDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8G
+A1UEAwwIQ2VydGlnbmGCCQD+3OMBD8lI/zBJBgNVHSAEQjBAMD4GCiqBegGBMQEA
+AQIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuY2VydGlnbmEuZnIvYXV0b3Jp
+dGVzLzB8BggrBgEFBQcBAQRwMG4wNAYIKwYBBQUHMAKGKGh0dHA6Ly9hdXRvcml0
+ZS5jZXJ0aWduYS5mci9jZXJ0aWduYS5kZXIwNgYIKwYBBQUHMAKGKmh0dHA6Ly9h
+dXRvcml0ZS5kaGlteW90aXMuY29tL2NlcnRpZ25hLmRlcjBhBgNVHR8EWjBYMCmg
+J6AlhiNodHRwOi8vY3JsLmNlcnRpZ25hLmZyL2NlcnRpZ25hLmNybDAroCmgJ4Yl
+aHR0cDovL2NybC5kaGlteW90aXMuY29tL2NlcnRpZ25hLmNybDANBgkqhkiG9w0B
+AQsFAAOCAQEAq05OtV0WmCyLpzxxcw98xPV8OiY56TQch4KEGotY1Dfw7H0nM7la
+p/6kAZkUwfI4WJt4piRedJHgasQOj+aJbpxCYX7Hv7vCnGDKZFC6c/vY3B/stbQR
+GTl//7+iKB2fgB/FoQOohrZqO77C0tqp1KuTfCSq/XAyZNtXoVn+YDaILMUHp2vs
+lSHh131XPGjkloeXTMLf/+RcVVimMyAUjwdfcIUQEGU4Z5suQNWiwCU89l1UY7qa
+WC9As/GqWo3vqQG9ALG+HBFBr1HSPnUjW88J6CYUVxOcTDfAj3eJtvUF/3dFjPl6
+jM4rAJNeg+LqU6kQ+z/50yhrdgJ/A8cZiQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHDzCCBPegAwIBAgIRAJVIG2zmMiFC/oSZgw58WuUwDQYJKoZIhvcNAQELBQAw
+WjELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczEcMBoGA1UECwwTMDAw
+MiA0ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQQ2VydGlnbmEgUm9vdCBDQTAeFw0x
+NTExMjUxMDI3NTRaFw0zMzA2MDMxMDI3NTRaMHsxCzAJBgNVBAYTAkZSMRIwEAYD
+VQQKDAlESElNWU9USVMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgxMDAwMzYxHTAb
+BgNVBGEMFE5UUkZSLTQ4MTQ2MzA4MTAwMDM2MRswGQYDVQQDDBJDZXJ0aWduYSBF
+bnRpdHkgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDSVOsDBho4
+mm9t5I92PyXgNVQI/a13lmknpgEROSPQMTJqKubOH5B2iom6wTRs+7sN6K8Zgtoh
+9k/nd9WL44zz9N+JArrUHneSDAjW0vWcSF0t3sbwbtKsqzQcZKh+Tooxaqfi3aRW
+SS+i24flHPFb9OtjIX2RSsG+pwCpSKCk+02/bDolGYQ3dClhgOMbgHDPgndExEy2
+rnPpPUXnmFfWEU/sVxq836rgaInqbssyHCLCHucdTvWWYuFStgcAivKA395ChsKd
+XweJLEGbR4W2ckNdZR3sp2R0nTYTrtpyVXrblXDPD7Q4ofbRcGo7i07xjLRO4mdl
+AZ8D+1LF1+nuHE1aVcUe+RpEZN+P3Lq2/1ZVmuBw1tpdHhzeCMT8a6EYMKq3faiB
+Mq7ftwcwHEJFcKAxYQDLPi0ENVPz9RnMNvIUk57rdquhl2iiEjheQSPnR9hPr4Cg
+SXRShy2zBs/OrU90jNdv67ySLgVkr/axPAIonGJ+mXOP14Vy/SZwRXJijNU8A/MC
+jVqSwrX8pZIJ0cHY52jl2EuXKIb8CZVx0Ds2VAQ+Dp9KQlxtlXmQ2eaQj1uBC/SJ
+UU73LSzUCXN8VwisUItL8DVSwvr7n0fWJ9K5t6GYPiazwC3zf82PICMQkKztS8ga
+RIV7niJ9Kch0HTcplrPpycUjA/LtOE9TiQIDAQABo4IBrTCCAakwEgYDVR0TAQH/
+BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFKU/HiRMbPiL0hty
+mEZQyuiGVbnYMB8GA1UdIwQYMBaAFBiHVuBud+4kNTxOc5of1uHieX4rMEkGA1Ud
+IARCMEAwPgYKKoF6AYExAgABATAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5j
+ZXJ0aWduYS5mci9hdXRvcml0ZXMvMIGIBggrBgEFBQcBAQR8MHowOgYIKwYBBQUH
+MAKGLmh0dHA6Ly9hdXRvcml0ZS5jZXJ0aWduYS5mci9jZXJ0aWduYXJvb3RjYS5k
+ZXIwPAYIKwYBBQUHMAKGMGh0dHA6Ly9hdXRvcml0ZS5kaGlteW90aXMuY29tL2Nl
+cnRpZ25hcm9vdGNhLmRlcjBtBgNVHR8EZjBkMC+gLaArhilodHRwOi8vY3JsLmNl
+cnRpZ25hLmZyL2NlcnRpZ25hcm9vdGNhLmNybDAxoC+gLYYraHR0cDovL2NybC5k
+aGlteW90aXMuY29tL2NlcnRpZ25hcm9vdGNhLmNybDANBgkqhkiG9w0BAQsFAAOC
+AgEArfWJJUSj21DuIP7q021HUkYV6dXH1FN9sEaOD5156JHV7M4FqkyubCjgfswL
+6NwW0UO2xanxFdcKPfx14M+H6JgwqilzW3InAwevKIx8+UivCpV47rDQe4/Yd//x
+bG0sd7+dMCvCAj7gOtlap/h1VJhwip6YVkaCp+q0nBbOhEx+azqdc9Urh7eyj3no
+/4uJogc79vhrZ3QYm0AfAqosjH0IekZblyNOrqKR6NiMqGGNuWRJlg8rpkEEakeT
+wIofh2lByrvlKIGcXRdl/oFhxDiC7Q3sCCpwq2VEmNAxg+ZWh4OnJxLx2uC8tDgN
+6IIH+4TztUyO+KUG1Xnw1Mlg2dQKqt1B5/xvVKPOG2LNcUCeNAt7QmgkIvefsuxr
+HcFI2qZ7I9spo89wje2BCY1ey0lkePGyzX8jy2CLTrFvfGhtw/S28L9oryrW5XS8
+J5ebAS+w+G2lda4rowb8EOjhXDVYpA93yAB5SWjwWLzjcVn2WcJGOhEp9iZsVUDn
+i/0b/JL7ovqtcPlY7Z9RtAg1SXY0SUc/CEVCbQM25EPcoNryEj7RivjYSZeJdwZ9
+/UoKq/be9dHqssrr1PusyLptEmUjV9a4d91NHiRwbHboyX77LJXj9M0jc0WCwSbA
+yViEXJZx1jLAjakWnh5bTrmipLf7Mc8Fk3xw61zpX9ow1gc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGEzCCBPugAwIBAgIRAKsHje7d2scjBfXtjFCE+JUwDQYJKoZIhvcNAQELBQAw
+NDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwIQ2Vy
+dGlnbmEwHhcNMTUxMTI1MTEwNjM1WhcNMjUxMTIyMTEwNjM1WjB5MQswCQYDVQQG
+EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4
+MTAwMDM2MR0wGwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQ
+Q2VydGlnbmEgV2lsZCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB
+AMKObo8+zKbR8c72LGVWbQkbBefXUKiFNfBqfAiXvq8sI1DA5eVfbtPyoZUng34X
+P2I4kAfOe4aHkWnN9vNZUwUlYTnJa8qK9bBGdz63j1MOV7WCf4jRRhnRmx6NHH2M
+e7xzmbYitcg0rKmhz9CnDSBWqhtgHkgjtFFiUteSCMB1hb3f+dfdGFl464HCwxff
+nJaKC3Htm/j320eopRPO8BvzRo1DnC9u28l51wI9qAC2FZD5tQ5uAqZImj7o4HdL
+EqA5ziEyYLHa7nNwM6jmGrhp6D7uGVAhQxereOCH7U3Ge1I+iBjGqw4sMtPduCc+
+1ikDXnod8M4t4bvg5YykFmzkNKL9XcohRv5DsV4ce9Z+aGlC9c8cREHd13I2epK7
+XmIAA93NhOHQ88p+FRFWhOEvRZGejs+KYkq1/usNE+EqJQ1TJZ9SeeRGSV3Ytbw1
+Xn7IqqpwMpJCmAcHLyXL/9Z2hFXDiKI6wnn7eaKWELNRIHoIaviLpQKOPn9V73Qr
+vk/ywMIGQlzkU9kemgVneG6fW8FRp7Hmi7NM4D9OJDBMun1K2W+KTpwTHX6W5iA3
+4yiPsFTHIreipI8GXx1enz8PYxreaMANEC55uMRJE689jYRRg0dM2ixuLRhsiS8X
+6hZWEfl3If4MAA4N9VyJSAGQMlZyxWszCcSPRlrDLSEXAgMBAAGjggHZMIIB1TAS
+BgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUjnwX
+t7z3w7SY1rY1mSIqxMOeJGcwZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo5
+3BGhOKQ2MDQxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNV
+BAMMCENlcnRpZ25hggkA/tzjAQ/JSP8wSQYDVR0gBEIwQDA+BgoqgXoBgTEBAAEC
+MDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmNlcnRpZ25hLmZyL2F1dG9yaXRl
+cy8wfAYIKwYBBQUHAQEEcDBuMDQGCCsGAQUFBzAChihodHRwOi8vYXV0b3JpdGUu
+Y2VydGlnbmEuZnIvY2VydGlnbmEuZGVyMDYGCCsGAQUFBzAChipodHRwOi8vYXV0
+b3JpdGUuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5kZXIwYQYDVR0fBFowWDApoCeg
+JYYjaHR0cDovL2NybC5jZXJ0aWduYS5mci9jZXJ0aWduYS5jcmwwK6ApoCeGJWh0
+dHA6Ly9jcmwuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5jcmwwDQYJKoZIhvcNAQEL
+BQADggEBAAl2DvdTzWlpYnL+s6vfAgpnRFL0mLIXpIP692SVPznffIyWyEhdGg/x
+NCylrNjouJK+aMZKCMVP22GOtQnGo7ANQHd5TWeulrose/XYSqCKNnhybEuclivO
+SzahUacthq10KqLGGvookK+vSVNu7bfsrQK+1aLcd3tA+tmRPTqx7IYoyMr3Syv6
+MCLWO1tuwa4UEWyDZxzqSxaf8zmz+l5iURjcIn5Qthgu/PC+tA/LjioQ8+okV6qC
+4CRLkW4wgUH3Ss09tkCBrpr+PJo02Ktrj1VsJd42CKElsFlXoHxwye05K8mMm8Wt
+E/GOkOnWICpBAaQT0na2YmgUXrmyjdo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHDTCCBPWgAwIBAgIRAONy6RsZtvwn4cQxjMaNCeswDQYJKoZIhvcNAQELBQAw
+WjELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczEcMBoGA1UECwwTMDAw
+MiA0ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQQ2VydGlnbmEgUm9vdCBDQTAeFw0x
+NTExMjUxMTEwMDBaFw0zMzA2MDMxMTEwMDBaMHkxCzAJBgNVBAYTAkZSMRIwEAYD
+VQQKDAlESElNWU9USVMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgxMDAwMzYxHTAb
+BgNVBGEMFE5UUkZSLTQ4MTQ2MzA4MTAwMDM2MRkwFwYDVQQDDBBDZXJ0aWduYSBX
+aWxkIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwo5ujz7MptHx
+zvYsZVZtCRsF59dQqIU18Gp8CJe+rywjUMDl5V9u0/KhlSeDfhc/YjiQB857hoeR
+ac3281lTBSVhOclryor1sEZ3PrePUw5XtYJ/iNFGGdGbHo0cfYx7vHOZtiK1yDSs
+qaHP0KcNIFaqG2AeSCO0UWJS15IIwHWFvd/5190YWXjrgcLDF9+clooLce2b+Pfb
+R6ilE87wG/NGjUOcL27byXnXAj2oALYVkPm1Dm4CpkiaPujgd0sSoDnOITJgsdru
+c3AzqOYauGnoPu4ZUCFDF6t44IftTcZ7Uj6IGMarDiwy0924Jz7WKQNeeh3wzi3h
+u+DljKQWbOQ0ov1dyiFG/kOxXhx71n5oaUL1zxxEQd3XcjZ6krteYgAD3c2E4dDz
+yn4VEVaE4S9FkZ6Oz4piSrX+6w0T4SolDVMln1J55EZJXdi1vDVefsiqqnAykkKY
+BwcvJcv/1naEVcOIojrCeft5opYQs1Egeghq+IulAo4+f1XvdCu+T/LAwgZCXORT
+2R6aBWd4bp9bwVGnseaLs0zgP04kMEy6fUrZb4pOnBMdfpbmIDfjKI+wVMcit6Kk
+jwZfHV6fPw9jGt5owA0QLnm4xEkTrz2NhFGDR0zaLG4tGGyJLxfqFlYR+Xch/gwA
+Dg31XIlIAZAyVnLFazMJxI9GWsMtIRcCAwEAAaOCAa0wggGpMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSOfBe3vPfDtJjWtjWZ
+IirEw54kZzAfBgNVHSMEGDAWgBQYh1bgbnfuJDU8TnOaH9bh4nl+KzBJBgNVHSAE
+QjBAMD4GCiqBegGBMQIAAQEwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuY2Vy
+dGlnbmEuZnIvYXV0b3JpdGVzLzCBiAYIKwYBBQUHAQEEfDB6MDoGCCsGAQUFBzAC
+hi5odHRwOi8vYXV0b3JpdGUuY2VydGlnbmEuZnIvY2VydGlnbmFyb290Y2EuZGVy
+MDwGCCsGAQUFBzAChjBodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9jZXJ0
+aWduYXJvb3RjYS5kZXIwbQYDVR0fBGYwZDAvoC2gK4YpaHR0cDovL2NybC5jZXJ0
+aWduYS5mci9jZXJ0aWduYXJvb3RjYS5jcmwwMaAvoC2GK2h0dHA6Ly9jcmwuZGhp
+bXlvdGlzLmNvbS9jZXJ0aWduYXJvb3RjYS5jcmwwDQYJKoZIhvcNAQELBQADggIB
+AJ2q+ozadUwF/b3DvAUsSI71ztZiyZIQq25MpNbj9mtFHq9IByAXj1XTEBDSVmnZ
+qQcFFKyDcSlrwyTUaNyC2Up1OAA/S13ssTuLwW7vW4SmEIj1nAKenm1BwbRj4ksB
+9ZizAYE0CVMdIDzFqtYFGUyqTO/QF4oiDPoZ4g4yI+6TnFwXqfl5lPBgYCZ/FvoL
+9NfysZaBpFPHgwUJeoq9sRrLIQ97rg+e1Ro5eNpyNg+tjI7QCwoVOIItGgW+0oxE
+aTlf8BEqU4+49e/mqjrvB+SI4pR/gRMjCkAmsO/tQnxN6EG9tMMUPOVckfRLA4kE
+tVeUjyG2P+c3RhfBcZLwNYIV3JynXPbncfM+3OYjkluDInekepy1dMUs5fgWodc0
+HIp7l7ebdEIoxAXXuBroJF/i1U1SsJ4oSKeiRcBG1iZI2LHa5oOkK4RJqjlLMqH+
+OgfKP1i78GNESodWYe+yude8QuA3ema/RlbKYCxdkzHr1jSDUP/xWluV9/if44fs
+W/f34OIHcJH2zSBbPfqhhLO0rQbYxBIbyvEjnkAV5kaybC+fOiVjAbh2x+ofb8WP
+m9/3TZ9K5Xpg61tgOHcu6/DEgTDn4AwzomJ0NnKGjqmkYG+mZjeedGq5l4mQNUvK
+REJrdo9jxImhbHZW/GWHkUSHWHIhKbvBk2JHz8O+r328
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFjCCBP6gAwIBAgIQb4L6KKzW94S7WxILqHNnrTANBgkqhkiG9w0BAQsFADA0
+MQswCQYDVQQGEwJGUjESMBAGA1UECgwJRGhpbXlvdGlzMREwDwYDVQQDDAhDZXJ0
+aWduYTAeFw0xNTExMjUxMTMzNTJaFw0yNTExMjIxMTMzNTJaMH0xCzAJBgNVBAYT
+AkZSMRIwEAYDVQQKDAlESElNWU9USVMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgx
+MDAwMzYxHTAbBgNVBGEMFE5UUkZSLTQ4MTQ2MzA4MTAwMDM2MR0wGwYDVQQDDBRD
+ZXJ0aWduYSBTZXJ2aWNlcyBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBALPM+7LpWBz9wFcPaTc3xnB+5g0XrnptB0EPPfrR04vO52Ykm4ky1d4ZLd10
+tbM1fa1RqNSOVWWg93O4pL7zCFKlz6JV74ZZVhHpEAwzBwv2oPnxvVbxtSN67xsS
+Y66ahUYxjzs8+3FhmsiRxqwnTYvK2u70uglUvRisOKyTL/M6JnrC4y8tlmoz7OSa
+5BmBMVplJFQtvmON6N9aHLvYMz+EyJPCbXL6pELxeHjFT5QmIaRamsr2DOTaCjtB
+ZKI1Wnh3X7lnbjM8MESJiV2t7E9tIQNG0Z/HI3tO4aaUMum3KysY5sC8v3vi7rry
+GidgzHQhrtP0ZXWW5UH/k7umLS/P/XXWnCFpc2Lxa1uDGfc2im7xibRoPP+JNZsz
+N76euFlls6jyEXAiwnVr14tVVTewLK0OWs5SJHpEKp8PGMZRDj59EmMvokWwzL6Q
+zNZ6vVAp00oOm05sbspNY9+MFqGKKUsKvhFGEa4XmRNxDe6KswLcjPZB+NKHZ0QW
+Fd4ip5C5XmEK/8qIPjwVr9dah9+oiHGGO8Wx7gJAMF5DTmkvW7GhqCKj1LmHnabj
+zc8av6kxWVQZi/C7HCm9i/W4wio+JA2EAFLqNL3GPNbK9kau4yPhQt/c7zxzo0OH
+nlsV4THCG7oOCd3cfCiyfQcb3FBt6OSpaKRZxjCLBwP00r0fAgMBAAGjggHZMIIB
+1TASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU
+rOyGj0s3HLh/FxsZ0K7oTuM0XBIwZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF
+9lo53BGhOKQ2MDQxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAP
+BgNVBAMMCENlcnRpZ25hggkA/tzjAQ/JSP8wSQYDVR0gBEIwQDA+BgoqgXoBgTEB
+AAECMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmNlcnRpZ25hLmZyL2F1dG9y
+aXRlcy8wfAYIKwYBBQUHAQEEcDBuMDQGCCsGAQUFBzAChihodHRwOi8vYXV0b3Jp
+dGUuY2VydGlnbmEuZnIvY2VydGlnbmEuZGVyMDYGCCsGAQUFBzAChipodHRwOi8v
+YXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5kZXIwYQYDVR0fBFowWDAp
+oCegJYYjaHR0cDovL2NybC5jZXJ0aWduYS5mci9jZXJ0aWduYS5jcmwwK6ApoCeG
+JWh0dHA6Ly9jcmwuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5jcmwwDQYJKoZIhvcN
+AQELBQADggEBAGLft7gIuGPZVfg0cTM+HT2xAZFPDb/2+siH06x+dH044zMKbBIN
+bRzhKipwB1A3MW8FQjveE9tyrfyuqZE/X+o2SlGcdNV44ybYkxo4f6kcLEavV/IW
++oFEnojZlhpksYcxrvQoEyqkAwshe8IS2KtZHKVACrt+XSs0lwvy7ALGmHaF7A4b
+y6cZWItA7Lhj8XWp+8tBJDj7HocRbWtxzEODdBuyMgJzFrNjc+97J0vH/K0+3yjm
+kczpKshMA0tM+MF9XDMN/MuwrPmUWGO/fHiqHgUp8yqeWtl1n44ZxkkK1t9GRwhn
+DWLv73/xhTmdhWYQ/reo0GbgBoLiltKmIJQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHETCCBPmgAwIBAgIRAP0wzwQ0T8ON2QxOcHU9BiMwDQYJKoZIhvcNAQELBQAw
+WjELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczEcMBoGA1UECwwTMDAw
+MiA0ODE0NjMwODEwMDAzNjEZMBcGA1UEAwwQQ2VydGlnbmEgUm9vdCBDQTAeFw0x
+NTExMjUxMTM3MjFaFw0zMzA2MDMxMTM3MjFaMH0xCzAJBgNVBAYTAkZSMRIwEAYD
+VQQKDAlESElNWU9USVMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgxMDAwMzYxHTAb
+BgNVBGEMFE5UUkZSLTQ4MTQ2MzA4MTAwMDM2MR0wGwYDVQQDDBRDZXJ0aWduYSBT
+ZXJ2aWNlcyBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALPM+7Lp
+WBz9wFcPaTc3xnB+5g0XrnptB0EPPfrR04vO52Ykm4ky1d4ZLd10tbM1fa1RqNSO
+VWWg93O4pL7zCFKlz6JV74ZZVhHpEAwzBwv2oPnxvVbxtSN67xsSY66ahUYxjzs8
++3FhmsiRxqwnTYvK2u70uglUvRisOKyTL/M6JnrC4y8tlmoz7OSa5BmBMVplJFQt
+vmON6N9aHLvYMz+EyJPCbXL6pELxeHjFT5QmIaRamsr2DOTaCjtBZKI1Wnh3X7ln
+bjM8MESJiV2t7E9tIQNG0Z/HI3tO4aaUMum3KysY5sC8v3vi7rryGidgzHQhrtP0
+ZXWW5UH/k7umLS/P/XXWnCFpc2Lxa1uDGfc2im7xibRoPP+JNZszN76euFlls6jy
+EXAiwnVr14tVVTewLK0OWs5SJHpEKp8PGMZRDj59EmMvokWwzL6QzNZ6vVAp00oO
+m05sbspNY9+MFqGKKUsKvhFGEa4XmRNxDe6KswLcjPZB+NKHZ0QWFd4ip5C5XmEK
+/8qIPjwVr9dah9+oiHGGO8Wx7gJAMF5DTmkvW7GhqCKj1LmHnabjzc8av6kxWVQZ
+i/C7HCm9i/W4wio+JA2EAFLqNL3GPNbK9kau4yPhQt/c7zxzo0OHnlsV4THCG7oO
+Cd3cfCiyfQcb3FBt6OSpaKRZxjCLBwP00r0fAgMBAAGjggGtMIIBqTASBgNVHRMB
+Af8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUrOyGj0s3HLh/
+FxsZ0K7oTuM0XBIwHwYDVR0jBBgwFoAUGIdW4G537iQ1PE5zmh/W4eJ5fiswSQYD
+VR0gBEIwQDA+BgoqgXoBgTECAAEBMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3
+LmNlcnRpZ25hLmZyL2F1dG9yaXRlcy8wgYgGCCsGAQUFBwEBBHwwejA6BggrBgEF
+BQcwAoYuaHR0cDovL2F1dG9yaXRlLmNlcnRpZ25hLmZyL2NlcnRpZ25hcm9vdGNh
+LmRlcjA8BggrBgEFBQcwAoYwaHR0cDovL2F1dG9yaXRlLmRoaW15b3Rpcy5jb20v
+Y2VydGlnbmFyb290Y2EuZGVyMG0GA1UdHwRmMGQwL6AtoCuGKWh0dHA6Ly9jcmwu
+Y2VydGlnbmEuZnIvY2VydGlnbmFyb290Y2EuY3JsMDGgL6AthitodHRwOi8vY3Js
+LmRoaW15b3Rpcy5jb20vY2VydGlnbmFyb290Y2EuY3JsMA0GCSqGSIb3DQEBCwUA
+A4ICAQCI5QbprXJ93L+JWHYpUTinXAMSvXMx2dmNm4mIiJRAbGnBOoEYx7M61fbL
+L5EJIYZhw8jLmeYVFuMao5OJLwda+RMmVzE7lyTGsY64IDKdwogByNCqbKzrlhnU
+8myyMNB0BDs2jgwQe2Dj9v+MddeHr7sDqvs7R1tSS5hoASLtdQhO7oxUzr3m7M8q
++lh4jszli+cjfiPUVS2ADFu4ccQIh4OsIX6SWdU+8R+c/fn0FV6ip4SAVbNyCToz
+0ZbZKO8YTJgORxRmvrop9dPyuLWjaRrZ0LMx4a3EM3sQDPDqmsG0lHtfFj2PiJvq
+4lEYA+gDiLKODI+3DJMqo559m3QSS52DsShomHX/Txd0lJoZwepCE6X4KkG9FHjV
+WXyLgYFwCOcn+hkLhdpblms0wtjeSPITGOioSkefzhleJnDgJ9X4M3svd0HLTpJi
+lC1DmDZgdrXWITVdOoCogr2LFKNiGd0tbpKG533eKpfBALlm+afc6j73p1KhJEAn
+AfydDZqBRqv6+HHYplNDn/K2I1CZdkwaGrx3HOR/voGUi1sUI+hYbsPAFu8ZxrhD
+9UiysmLCfEUhqkbojony+L2mKsoLqyd24emQzn7GgMa7emlWX2jQUTwrD4SliZ2u
+OetVaZX5RLyqJWs4Igo/xye0xtMQN8INJ4hSZvnMQ1qFtuSRcQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF6DCCBNCgAwIBAgIGSUEs5AA6MA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTUxMTI2MTU0OTAzWhcNMjgxMDA4MTU0OTAzWjB2
+MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExv
+Y2sgTHRkLjEfMB0GA1UECwwWQ2VydGlmaWNhdGlvbiBTZXJ2aWNlczEcMBoGA1UE
+AwwTTmV0TG9jayBDb2RlU2lnbiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAOvWqIh0tUVnMOi/GJNc7WkuuDZLXJidt/Ub5R8FQ5o7fS1t+/rTIYRb
+fMmz9Gm6hW46E5BWeWUKzuG+1Z/a/G86QQByrBdbRCnhTaGQb3YPH2VaN+EOM5aK
+VD9iVVpnX5l0gUJfk2jQZCReP2vItR8Qyzjee4uy//VhVE3cJkn5/wf2zIqD27nn
+OLdrTbspJCeV5myerhbo69LlOS2Z7wmnxEfbjdtYYGz51J/3TVTfcMYUJxH7XuWP
+lGsoj5uB2B5Kb9q3X5ZdKJOby4+0u5Tt0u3Lk7PVZl19FQFV0bJSL2Pj9u9Fvjd2
+1nAtSMHkRHVvQn9+Z0/1Khfxgc6n4f0CAwDp3aOCAkgwggJEMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFMz6Z5PwtrjQpcAe81P9
+jFPfg9eWMB0GA1UdDgQWBBQ3msee456wtKHDYDYyNkejxYwG6TCCAT4GCCsGAQUF
+BwEBBIIBMDCCASwwLAYIKwYBBQUHMAGGIGh0dHA6Ly9vY3NwMS5uZXRsb2NrLmh1
+L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRwOi8vb2NzcDIubmV0bG9jay5odS9n
+b2xkLmNnaTAsBggrBgEFBQcwAYYgaHR0cDovL29jc3AzLm5ldGxvY2suaHUvZ29s
+ZC5jZ2kwNAYIKwYBBQUHMAKGKGh0dHA6Ly9haWExLm5ldGxvY2suaHUvaW5kZXgu
+Y2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0dHA6Ly9haWEyLm5ldGxvY2suaHUv
+aW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0dHA6Ly9haWEzLm5ldGxv
+Y2suaHUvaW5kZXguY2dpP2NhPWdvbGQwgZ4GA1UdHwSBljCBkzAvoC2gK4YpaHR0
+cDovL2NybDEubmV0bG9jay5odS9pbmRleC5jZ2k/Y3JsPWdvbGQwL6AtoCuGKWh0
+dHA6Ly9jcmwyLm5ldGxvY2suaHUvaW5kZXguY2dpP2NybD1nb2xkMC+gLaArhilo
+dHRwOi8vY3JsMy5uZXRsb2NrLmh1L2luZGV4LmNnaT9jcmw9Z29sZDANBgkqhkiG
+9w0BAQsFAAOCAQEAZH0bdaARPA7+CsdYan33MQTrXOjcxLKfBGp7VU9mUB/kDyDU
+aKhhy6jtz6Zai7jSnZjp35oWyYbq0+o8k3lxdKxEgCJ/Rs3gH4fVQvGm79g1TcQ/
+bvbMIcPJg9bomLh/RwSg18ntEgIdE4ZJzgVs8zAWqzeBkZFw3/ofa3DQEVuUmldO
+/uWxCEilaTvJW9ZZj3KodeZrbTq3Dc7iAXT2YKBRsM/Lx+mJqAwpmzwnB5Lx5Lmq
+JdlhS7FxY2quK0jXPe9w3AGIDdK09RbAGOGMVuo7zCyLMATfE+72KwOKa/+PjfkQ
+KYmRklLOjd21u6BmmGIhhZJxwo9x7zqjS+Za7A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEYzCCA0ugAwIBAgIQAYL4CY6i5ia5GjsnhB+5rzANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE1
+MTIwODEyMDUwN1oXDTI1MDUxMDEyMDAwMFowZDELMAkGA1UEBhMCVVMxFTATBgNV
+BAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEjMCEG
+A1UEAxMaRGlnaUNlcnQgQmFsdGltb3JlIENBLTIgRzIwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC75wD+AAFz75uI8FwIdfBccHMf/7V6H40II/3HwRM/
+sSEGvU3M2y24hxkx3tprDcFd0lHVsF5y1PBm1ITykRhBtQkmsgOWBGmVU/oHTz6+
+hjpDK7JZtavRuvRZQHJaZ7bN5lX8CSukmLK/zKkf1L+Hj4Il/UWAqeydjPl0kM8c
++GVQr834RavIL42ONh3e6onNslLZ5QnNNnEr2sbQm8b2pFtbObYfAB8ZpPvTvgzm
++4/dDoDmpOdaxMAvcu6R84Nnyc3KzkqwIIH95HKvCRjnT0LsTSdCTQeg3dUNdfc2
+YMwmVJihiDfwg/etKVkgz7sl4dWe5vOuwQHrtQaJ4gqPAgMBAAGjggEZMIIBFTAd
+BgNVHQ4EFgQUwBKyKHRoRmfpcCV0GgBFWwZ9XEQwHwYDVR0jBBgwFoAU5Z1ZMIJH
+WMys+ghUNoZ7OrUETfAwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMC
+AYYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
+Y2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQu
+Y29tL09tbmlyb290MjAyNS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQEL
+BQADggEBAC/iN2bDGs+RVe4pFPpQEL6ZjeIo8XQWB2k7RDA99blJ9Wg2/rcwjang
+B0lCY0ZStWnGm0nyGg9Xxva3vqt1jQ2iqzPkYoVDVKtjlAyjU6DqHeSmpqyVDmV4
+7DOMvpQ+2HCr6sfheM4zlbv7LFjgikCmbUHY2Nmz+S8CxRtwa+I6hXsdGLDRS5rB
+bxcQKegOw+FUllSlkZUIII1pLJ4vP1C0LuVXH6+kc9KhJLsNkP5FEx2noSnYZgvD
+0WyzT7QrhExHkOyL4kGJE7YHRndC/bseF/r/JUuOUFfrjsxOFT+xJd1BDKCcYm1v
+upcHi9nzBhDFKdT3uhaQqNBU4UtJx5g=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGQDCCBSigAwIBAgIQCi9olhzfWnIFzIIK0hK/ITANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBGZWRlcmF0ZWQgVHJ1
+c3QgQ0EwHhcNMTUxMjA4MTIwNTUyWhcNMjUxMjA4MTIwNTUyWjB/MQswCQYDVQQG
+EwJVUzEdMBsGA1UEChMUQWxsaW5hIEhlYWx0aCBTeXN0ZW0xHTAbBgNVBAsTFElu
+Zm9ybWF0aW9uIFNlcnZpY2VzMTIwMAYDVQQDEylBbGxpbmEgSGVhbHRoIENvbm5l
+Y3QgSElFIEludGVybWVkaWF0ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALLxi7jT48441GdGYh3Ur5QccpDyJc7b3Mmf29mYtLTBfmAGlwON1YRW
+6kI/a4OppEV1AEO0Sl63N1500Wc1Z2qj0YicgFS/YwZQRi+05ULgDM6IjTHlTXuf
+cxZrEtKQJtO8Kkm5ZVu6BYZP/qgUbVTjCtYlhawLsQF+sUqhBveAWE764sTHr1Xb
+QmcnjWzTRY1+bEAwetIdofKPg9pGc1FZH2hnCTsEpXnIry4OJTnYsNDh++R4xtoE
+cLyEZNHFU4kJKWEIMnlO6PBHmhHMh446SZ/cUOZ3nzStuIh0wZuWUPaBpNyv68bR
+pwOSr0kqUvQokChaLsBYlAouv9F4+10CAwEAAaOCAtAwggLMMB0GA1UdDgQWBBSw
+Ufl9VeS4cp/ROmgK0IXa2oUPkDAfBgNVHSMEGDAWgBRGCDhaqY4guwyvXjG6ibMo
+v6yMNjASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjCBiQYIKwYB
+BQUHAQEEfTB7MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w
+UwYIKwYBBQUHMAKGR2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9haWFBbGxp
+bmFIZWFsdGhDb25uZWN0SElFSW50ZXJtZWRpYXRlQ0EucDdjMIGDBgNVHR8EfDB6
+MDugOaA3hjVodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRGZWRlcmF0
+ZWRUcnVzdENBLmNybDA7oDmgN4Y1aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0Rp
+Z2lDZXJ0RmVkZXJhdGVkVHJ1c3RDQS5jcmwwggFSBgNVHSAEggFJMIIBRTA4Bgpg
+hkgBhv1sAAIEMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNv
+bS9DUFMwDAYKYIZIAYb9bAQBATAMBgpghkgBhv1sBAECMAsGCWCGSAGG/WwEAjAM
+BgpghkgBhv1sBAMCMAwGCmCGSAGG/WwEBAIwDgYMYIZIAYb5WwOKIQABMAwGCisG
+AQQBgsFbAAEwDAYKKwYBBAGCwVsBATAMBgorBgEEAYLBWwECMAwGCisGAQQBgsFb
+AQMwDAYKKwYBBAGCwVsBBDAMBgorBgEEAYLBWwIBMAwGCisGAQQBgsFbAgIwDAYK
+KwYBBAGCwVsCAzAMBgorBgEEAYLBWwIEMAwGCisGAQQBgsFbAwEwDAYKKwYBBAGC
+wVsDAjAMBgorBgEEAYLBWwMDMAwGCisGAQQBgsFbAwQwDQYJKoZIhvcNAQELBQAD
+ggEBAHYz4XCrGd8wt3Q+kTjQhFUk9/7JgZQyZHYhiz7yge0jTV/QAfbfM7rGkiKT
+q096ZMKcG1T/8cUeZ4lKoFVGlvVamxLXgsjdQDO2hK+gAMWnKJ8n2/NH/O22Cp3V
+bjQUIYfRksS+Jxs1m2AvZvkoV8TkhmXn+G5KFiEqVK+cYrbQ1hAe8oDk+EHRtHyq
+QQ0UG0X5vo1piJqQs4Q1HfvuKRS/x793TqTYISPTQp82N55bjEhDMih2kXNFWGfq
+2QXoV/xuqvviIpRwLGEF9GvnHcHVZ63FcweKaSk4UKJrczIT7IblVhqvez5shVbe
+EOm/S5R5oUPBK/sUG0l2xFsz1tM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGMTCCBRmgAwIBAgIQCJiDDe0ZV6cqsF8oNjJB1TANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBGZWRlcmF0ZWQgVHJ1
+c3QgQ0EwHhcNMTUxMjA4MTIwNTU3WhcNMjUxMjA4MTIwNTU3WjBvMQswCQYDVQQG
+EwJVUzEgMB4GA1UEChMXQ29tcHVncm91cCBNZWRpY2FsLCBJbmMxCzAJBgNVBAsT
+AklUMTEwLwYDVQQDEyhDb21wdUdyb3VwIE1lZGljYWwgQ2VydGlmaWNhdGUgQXV0
+aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/O6rzwG1/Q8
+odPVQocNF9yn49y6jJKBg7DnXJLaGlncQaoIrwStU5t4o/u0myv/rTTT85zYNMHZ
+TdL1AH5TcuZv186KY7OpFdyZc00G36dJAdwjWkSXlHHbvIG6LDxQvvjopLfLSBfF
+V47sGuVamIOu+pEQ2oyjAd6Yk4MRI7031CYLZ3tnlK7uFMRUBjt2ki40CKoGk8Bn
+A2bmLYnvfEZbAzm4ptpoczrZeJ91Q2uKUkMUxBOJMeD/VhJXp48wHdlO7aOZRJM7
+PDI5nPYTvPA9VuSOhhT9KONKN5uIGL17xXtVZQxAaoMSQZZzOEjpTu9+gWkxAL5k
+iqAUH3wEZQIDAQABo4IC0TCCAs0wHQYDVR0OBBYEFA0Xf0pYbrQPFdGq89Hkhnhs
+Z+I2MB8GA1UdIwQYMBaAFEYIOFqpjiC7DK9eMbqJsyi/rIw2MBIGA1UdEwEB/wQI
+MAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMIGKBggrBgEFBQcBAQR+MHwwJAYIKwYB
+BQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBUBggrBgEFBQcwAoZIaHR0
+cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL2FpYUNvbXB1R3JvdXBNZWRpY2FsQ2Vy
+dGlmaWNhdGVBdXRob3JpdHkucDdjMIGDBgNVHR8EfDB6MDugOaA3hjVodHRwOi8v
+Y3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRGZWRlcmF0ZWRUcnVzdENBLmNybDA7
+oDmgN4Y1aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0RmVkZXJhdGVk
+VHJ1c3RDQS5jcmwwggFSBgNVHSAEggFJMIIBRTA4BgpghkgBhv1sAAIEMCowKAYI
+KwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDAYKYIZIAYb9
+bAQBATAMBgpghkgBhv1sBAECMAsGCWCGSAGG/WwEAjAMBgpghkgBhv1sBAMCMAwG
+CmCGSAGG/WwEBAIwDgYMYIZIAYb5WwOKIQABMAwGCisGAQQBgsFbAAEwDAYKKwYB
+BAGCwVsBATAMBgorBgEEAYLBWwECMAwGCisGAQQBgsFbAQMwDAYKKwYBBAGCwVsB
+BDAMBgorBgEEAYLBWwIBMAwGCisGAQQBgsFbAgIwDAYKKwYBBAGCwVsCAzAMBgor
+BgEEAYLBWwIEMAwGCisGAQQBgsFbAwEwDAYKKwYBBAGCwVsDAjAMBgorBgEEAYLB
+WwMDMAwGCisGAQQBgsFbAwQwDQYJKoZIhvcNAQELBQADggEBAIG2zPh5A6lzr9UZ
+ZN19o9iAnNMuy3+uk/xY/HiTf4fkksg0CuXVL83VLqzXjEgc1z5eFEnDjUSfCf5X
+Gkc49KzrUn+fQM23M/mM49gUEWoAnVz/q7uCtVQDDg7K4ErhrqYvxRGKWJAsC4EI
+eLUBsNx3HrSusK2u0VMB24O9BBlSzpqVU/T+GGIQkYhenUUvcjBQkrtyUiMPe8Jc
+Wy3d2LNpvGElZHBBuWwp8HQ38MKEl+wCnnhTprJG9HidEbzumG47aVFXK0n3cH29
+dOdrtWBmgXV8hGMjtK9RYAGJKSEHQ/hT73O8u2ez1n4u/HDQYZAI1jMY7/9Hatza
+41fg2EY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIEyDCCA7CgAwIBAgIQYu9jivsE8WLzpAPYtf8baDANBgkqhkiG9w0BAQsFADBY
 MQswCQYDVQQGEwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNV
 BAMTJENlcnRpZmljYXRpb24gQXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNTEy
@@ -5244,74 +10793,659 @@ UVepiuxfOVfl2GK83gNhW7Xbf2fxZ4sRujhVTZk+VHbX2RS1nTxRCTQRd4YiFyFR
 8b57tMZj64p+UI2S6bmTQYk2jqLHE7yJj3PdRA9bsDIFlGqcjDEcMg==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIEkTCCA3mgAwIBAgIQDL0FAAzqeadFvWvsl9xaiDANBgkqhkiG9w0BAQsFADBa
-MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
-clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE2
-MDMwMTEyNDMzOFoXDTIxMDMwMTEyNDMzOFowgZExCzAJBgNVBAYTAkRFMRAwDgYD
-VQQKDAdTaWVtZW5zMREwDwYDVQQFEwhaWlpaWlpWMDE6MDgGA1UECwwxQ29weXJp
-Z2h0IChDKSBTaWVtZW5zIEFHIDIwMTEgQWxsIFJpZ2h0cyBSZXNlcnZlZDEhMB8G
-A1UEAwwYU2llbWVucyBJbnRlcm5ldCBDQSBWMS4wMIIBIjANBgkqhkiG9w0BAQEF
-AAOCAQ8AMIIBCgKCAQEAtOKu51fv/rScjbH0r0Uol/O96u8qGrtBQ+thN0A0ryzw
-sgcU4QAp8nPYt6cRSI+29ysibk4xevVNfWCKOTquYntPOSXmyhXaPOKgJ588zr+1
-F1//yODojIn+yDIRDR9mix/Znwa1K6ECXismikPP4GtqHv7Pj9T6QVonMHfntCFB
-6fO8NN0akVJBZoS9ejtueypkKrYTAtzrA7R102kcp30UDPtrwtDXCFIvjfVmJmp3
-0e2QX2kVhIYx7PtX+qLCVPOMujT3wJQ8tnLCTnRAv6MIgz7Ufp7AFF0TdUvVlHQ0
-w6XqQJMgvlY4libFBZgW4hZ146STgsD+uRO1YODa8QIDAQABo4IBGTCCARUwHQYD
-VR0OBBYEFBGqTpwKTU4XVhuUVzgB8rc1pEllMB8GA1UdIwQYMBaAFOWdWTCCR1jM
-rPoIVDaGezq1BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgGG
-MDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl
-cnQuY29tMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv
-bS9PbW5pcm9vdDIwMjUuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUF
-BwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUA
-A4IBAQA2D2N0Cnpk+cXutX6rfjebXl9C/rmOpxjHBEOJcUf4In/wZ8KO2ZaHlKdO
-l6Hr8Ui4pZe6N/6lItx3aPhTBEd8buo+ApGtwDJIwB5ExsfDmCq9w7xo6ICb/TRP
-Z867M411fhkh0pPqecVLSeqx5To0HM1Pixl7q8BmL4kyN4Oz0J/Uuy/UGuFCL7BF
-nIkzUPL8oMdlwnUrWMPeHSOqgVinx3DEc4ysZBQ8lSYcAQj2xGLH+8Bict24VGV3
-RsdJ2yCtXbg2H6Vj4R2Gtm4GdyK/kFgjd1aLYSxWD82G9IJPv4EvZsQyOtJqfhPn
-Wp3ujLiX4hL9XpsnfGjDqzoU4y1K
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
-MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
-DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
-SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
-GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
-AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
-q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
-SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
-Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
-a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
-/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
-AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
-CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
-bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
-c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
-VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
-ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
-MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
-Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
-AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
-uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
-wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
-X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
-PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
-KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
+MIIGHDCCBQSgAwIBAgIQQRINIAAuS2+fR9NVc+eKdzANBgkqhkiG9w0BAQsFADA0
+MQswCQYDVQQGEwJGUjESMBAGA1UECgwJRGhpbXlvdGlzMREwDwYDVQQDDAhDZXJ0
+aWduYTAeFw0xNTEyMzExMDQyMzZaFw0yNTEyMjgxMDQyMzZaMIGCMQswCQYDVQQG
+EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4
+MTAwMDM2MSIwIAYDVQRhDBlOVFJGUi0wMDAyIDQ4MTQ2MzA4MTAwMDM2MR0wGwYD
+VQQDDBRDZXJ0aWduYSBJZGVudGl0eSBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAJx9cXGt5mJyMYRwIoNl0Hxn0PH8WRehC4ZQyDA0LyEqaNGjE8Po
+Jkc1yEz12yQ6B2VWjoXpxNRJlBUiabhPrmAO6fyJpyuielSFPVhDPff6HQCe3pgO
+txpFcEmLCaISZlE6hPes+64Lhplhxmz1zxXvH4b87MVmCzT30iTv0e6DCZWjavzO
+/7wuJubV1GUGoBQGEND1Il8cUF+/w1UcNdrj7L4LbIhYdSSqnKfMd+WR49B9qoBZ
+O7s2S+q/3ITOjmIu5IaUCcxdDoiIf6PLgIjBXIdK773yyws41ePZ6GEnOXy0McGN
+l2PlUmeIEn3PNzLjQIoh03jaM6vsLt7iJiv4ZJo3JotwzLeA4DCo8/v+H3YTS0IP
+rqgsdN4opR4GnN+8CZih9LuIBPMnZexzZWsfz0VeyxbbdyNsjtABQL0ahMrtZAHD
+Si6KSHo/mszE5HANA1ztGSvSHOmY3aTKQ4fdDYXXCmq5K0T6NCyjmn5Y8u4yuLrF
+7eBgvXp/X/i+3WdfXsMnK2UhxcsKLZT1MB99OCWoFeGsYwiWtru89fLoIfgCYDMJ
+AV/WS7aW7Gj9wS97WfyYQnJS4Xo30foEmlEHsGjdFTlGM+bX4SIjXnMPwpFC0tAv
+Sv+BoJlu3Va8XgB2s0QRS/9pAZWQOq+ARBdgeKZorC3wm9gVEYBSKC/XAgMBAAGj
+ggHZMIIB1TASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNV
+HQ4EFgQUwzn8Z2iusxHWGYB2s9W6CF4ZxdQwZAYDVR0jBF0wW4AUGu3+QTmQtCRZ
+vgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlEaGlteW90
+aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzjAQ/JSP8wSQYDVR0gBEIwQDA+Bgoq
+gXoBgTEBAAECMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmNlcnRpZ25hLmZy
+L2F1dG9yaXRlcy8wfAYIKwYBBQUHAQEEcDBuMDQGCCsGAQUFBzAChihodHRwOi8v
+YXV0b3JpdGUuY2VydGlnbmEuZnIvY2VydGlnbmEuZGVyMDYGCCsGAQUFBzAChipo
+dHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5kZXIwYQYDVR0f
+BFowWDApoCegJYYjaHR0cDovL2NybC5jZXJ0aWduYS5mci9jZXJ0aWduYS5jcmww
+K6ApoCeGJWh0dHA6Ly9jcmwuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5jcmwwDQYJ
+KoZIhvcNAQELBQADggEBACtN6si8Dg8rt0+vHdpsBVD64h23iKcBipbw+j7MSrFJ
+GPxMixckWfzalg/sj7jMSY4Pm7pMAJo/3DKda8Boewz7Vfxg0jBZ8t/zlaH5x1zK
+e6SYxp/CcOqeotgg0B0s4su2A6SuUU0BFUd9ydF2PMH46xYvHqskWycBVlIhdCS7
+h3Q1X16vS+wrWYjvj2+UzBiiB1CBJgHX/RZeOj9uDvBDPiUSMae0dUsAQ/czP8jg
+4A4gBKkobuHibVFUHfStsnnCB4WUIIX2FCPxFOIA6yz5YTletvrkQ3oyzGdzemo4
+Oy6W/IIjibmuU37EK0p9c2OPhtbLsn+mgaRUtjUnwEM=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIF+TCCA+GgAwIBAgIRALEh69i9ODvCDLdUvBhDX/swDQYJKoZIhvcNAQEMBQAw
-gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
-BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
-VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MDMy
-OTAwMDAwMFoXDTMxMDMyOTIzNTk1OVowgYAxCzAJBgNVBAYTAkdCMRswGQYDVQQI
-ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoT
-EUNPTU9ETyBDQSBMaW1pdGVkMSYwJAYDVQQDDB1VYmlxdWlUTFPihKIgRFYgUlNB
-IFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL23CxiN
-bAfZclMlGi9tHpl6dCSxT4yRM79i/h3u/HbErdS+3jiq9oPZfCqgbJ0PVIOBelGb
-EhvBBbkW/wPlDq3vEEt9nP/P3cRVGu+i0X/puXA51E5TgrEn5/jdorBANmhItrG4
-uZietPJmFx6awA3ANC2MVnvmT1s5qS0cnrdFh2rLRwfANm4S0UbJNpHSItFinh0J
-XtQFyc/QE+fGAH1sC8aW34Rt+qQ1+msY7hvNpXKZLR8Fy5AVi089iv5cK8bqzVaQ
-F8kJTiukJ9vQ/e9CC7x9/TxX/oYn5bIejxsaoGPi1BgeRkS7J42MeNpYmh7kUFN6
-ZZm5Yh8OB571L30CAwEAAaOCAWUwggFhMB8GA1UdIwQYMBaAFLuvfgI9+qbxPISO
+MIIHFjCCBP6gAwIBAgIQWUTLLb5q3qUTTpoyGUEMrjANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJGUjESMBAGA1UECgwJRGhpbXlvdGlzMRwwGgYDVQQLDBMwMDAy
+IDQ4MTQ2MzA4MTAwMDM2MRkwFwYDVQQDDBBDZXJ0aWduYSBSb290IENBMB4XDTE1
+MTIzMTEwNDYwNVoXDTMzMDcwOTEwNDYwNVowgYIxCzAJBgNVBAYTAkZSMRIwEAYD
+VQQKDAlESElNWU9USVMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgxMDAwMzYxIjAg
+BgNVBGEMGU5UUkZSLTAwMDIgNDgxNDYzMDgxMDAwMzYxHTAbBgNVBAMMFENlcnRp
+Z25hIElkZW50aXR5IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+nH1xca3mYnIxhHAig2XQfGfQ8fxZF6ELhlDIMDQvISpo0aMTw+gmRzXITPXbJDoH
+ZVaOhenE1EmUFSJpuE+uYA7p/ImnK6J6VIU9WEM99/odAJ7emA63GkVwSYsJohJm
+UTqE96z7rguGmWHGbPXPFe8fhvzsxWYLNPfSJO/R7oMJlaNq/M7/vC4m5tXUZQag
+FAYQ0PUiXxxQX7/DVRw12uPsvgtsiFh1JKqcp8x35ZHj0H2qgFk7uzZL6r/chM6O
+Yi7khpQJzF0OiIh/o8uAiMFch0rvvfLLCzjV49noYSc5fLQxwY2XY+VSZ4gSfc83
+MuNAiiHTeNozq+wu3uImK/hkmjcmi3DMt4DgMKjz+/4fdhNLQg+uqCx03iilHgac
+37wJmKH0u4gE8ydl7HNlax/PRV7LFtt3I2yO0AFAvRqEyu1kAcNKLopIej+azMTk
+cA0DXO0ZK9Ic6ZjdpMpDh90NhdcKarkrRPo0LKOafljy7jK4usXt4GC9en9f+L7d
+Z19ewycrZSHFywotlPUwH304JagV4axjCJa2u7z18ugh+AJgMwkBX9ZLtpbsaP3B
+L3tZ/JhCclLhejfR+gSaUQewaN0VOUYz5tfhIiNecw/CkULS0C9K/4GgmW7dVrxe
+AHazRBFL/2kBlZA6r4BEF2B4pmisLfCb2BURgFIoL9cCAwEAAaOCAa0wggGpMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTDOfxn
+aK6zEdYZgHaz1boIXhnF1DAfBgNVHSMEGDAWgBQYh1bgbnfuJDU8TnOaH9bh4nl+
+KzBJBgNVHSAEQjBAMD4GCiqBegGBMQIAAQEwMDAuBggrBgEFBQcCARYiaHR0cHM6
+Ly93d3cuY2VydGlnbmEuZnIvYXV0b3JpdGVzLzCBiAYIKwYBBQUHAQEEfDB6MDoG
+CCsGAQUFBzAChi5odHRwOi8vYXV0b3JpdGUuY2VydGlnbmEuZnIvY2VydGlnbmFy
+b290Y2EuZGVyMDwGCCsGAQUFBzAChjBodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlz
+LmNvbS9jZXJ0aWduYXJvb3RjYS5kZXIwbQYDVR0fBGYwZDAvoC2gK4YpaHR0cDov
+L2NybC5jZXJ0aWduYS5mci9jZXJ0aWduYXJvb3RjYS5jcmwwMaAvoC2GK2h0dHA6
+Ly9jcmwuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYXJvb3RjYS5jcmwwDQYJKoZIhvcN
+AQELBQADggIBAA5JR+3YJHDCciJERONFIywpLaDAWVJ9RefkH/89HieRApLpfSaf
+rsKn3JFGbBVgKQgPbvdEBTAGj4KrDFAExBjiZqvZboCTAAqJplDoOxCJVk1I0LTT
+Amw1bVLk1JiR/PYMXbU2hW8UJneeaEQdI9wDbVgOVtf/lrAFVv7Gc2ypsZIIRBgZ
+AcJt9JxkrjSSnjlcR2LTzr8RFUeYeDA5x96E5Ze9lg9BAc48pIQTedZBqC4tHeT5
+j3s7zqnQDgPLGOaOP0yw0QWBnZE0zTVqO6y/jzwt2sV9kXBPfNaw0A0D6lenU7Wd
+OL+e3Nd9Godeb215eGdvEblpOzlMoSXgQaSLf3Vy/mlwigi3WlKD9JEz7vvg+aZS
+ZODMyftfvohmPaVsZG9YhrDa1zSF1i180CGrAQ5c+MdcszXB1lTMH4IfIjVUvjx4
+hFsQvyD1slzLla+enYOVT6oE5s07YxGPB2o267cX71JLQvgGhO7tH4gwOF4ub0Hn
+X1UiXw3VM7aP9m0mjjbSnqY1fswzb7YZKQ2GBZgojBU6fPyaCZ6+QwGt9huG7SCq
+gVA3BGAfbjl4qC+Tm8C0GTJNyZKHWCZ+nz/70xLmljlHFeDwpBVgIFTZl47tMg63
+4GlcAg89JJRqyKRcvplTJKWeBOo8nZXs4F3YCdjyF05fotJfSsPMf7WJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEzTCCA7WgAwIBAgIPIAYFFnADFaURrma5fvkVMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xNjAxMjYxMzA4MDhaFw0yNjAxMjYxMzA4MDhaMHwxCzAJ
+BgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEsMCoGA1UECxMjY2VydFNJR04g
+Q29kZSBTaWduaW5nIENBIENsYXNzIDMgRzIxLDAqBgNVBAMTI2NlcnRTSUdOIENv
+ZGUgU2lnbmluZyBDQSBDbGFzcyAzIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAgkaLuPUX9i8MwmQukn7Yr55busmNx5sA90+WJUCw66aTDh7LocvU
+8gstVKeVQuiF5mYQxvrtXGK48W28NustQ+7/d9dmTfyC5lMzlXR6sfoHs+oBee6l
+GdvCOVKmaTOHlwPIL85hiz7alwZg4ioEilVlbABomoNzBx7c0PpfMBpH8TYG7EJL
+cw0Ha90M/Fic4eT858yV5nEI7uXGhKcWADsu2tx05z/VwPmM2GjWHg0jkA3oDgPw
+6WA6XFfmZtA5xatg8bKHdffzWkUzPqGKNQwhgmaMBueVwlu/uB4q2mPS1pOAvj9X
+cbD0/1V0aGbtOn9k6pbSPYsqVkYa5XQmmQIDAQABo4IBizCCAYcwaAYIKwYBBQUH
+AQEEXDBaMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5jZXJ0c2lnbi5ybzAzBggr
+BgEFBQcwAoYnaHR0cDovL3d3dy5jZXJ0c2lnbi5yby9jZXJ0Y3JsL3Jvb3QuY3J0
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaA
+FOCMm9slSbPxfIbWskKHC9BroNnkMB0GA1UdDgQWBBS7pk52a6qEcBPCp+hoRx1o
+w34+bzCBhAYDVR0gBH0wezA+BgsrBgEEAYHDOQEBAzAvMC0GCCsGAQUFBwIBFiFo
+dHRwOi8vd3d3LmNlcnRzaWduLnJvL3JlcG9zaXRvcnkwOQYGZ4EMAQQBMC8wLQYI
+KwYBBQUHAgEWIWh0dHA6Ly93d3cuY2VydHNpZ24ucm8vcmVwb3NpdG9yeTAwBgNV
+HR8EKTAnMCWgI6Ahhh9odHRwOi8vY3JsLmNlcnRzaWduLnJvL3Jvb3QuY3JsMA0G
+CSqGSIb3DQEBCwUAA4IBAQBEvh9hw2G7De0tPq34G94Iz3iexKrDbcch1/MTS8JH
+Fbn3EA/S0vFyUFcFx/hlolA0Nb9+UoAQyztg9rjBMlOdQcwwpGEXQr4CKWAwgo8B
+KqIgu0W1XHjo3Qs2h2dQk6jU7EE7xB86znYGjcS5xfM5JKXYA8AsQYnYs7v5XMaX
+Cp4Hs7IyMMMnac2S2FxTKPZ9bbwTOSpFX6J/Jv6KivwoAhf16UbPIv9KVUzbM6uc
+iZg43S0Jolh5iasz7kdfFXDQpj8xm9/nQ8pYcpoIzqF65lgZ+Q/H9fD6/H/k1WxX
+w0VJyGSkFMe8P8l/CR/XKPjeuqaeuIyrh/jNDU1zFDt4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHHDCCBQSgAwIBAgIQHTLS1yBHGnaRVupojsVS4DANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJGUjESMBAGA1UECgwJRGhpbXlvdGlzMRwwGgYDVQQLDBMwMDAy
+IDQ4MTQ2MzA4MTAwMDM2MRkwFwYDVQQDDBBDZXJ0aWduYSBSb290IENBMB4XDTE2
+MDIwNDExMTA1MFoXDTMzMDgxMzExMTA1MFowgYgxCzAJBgNVBAYTAkZSMRIwEAYD
+VQQKDAlESElNWU9USVMxHDAaBgNVBAsMEzAwMDIgNDgxNDYzMDgxMDAwMzYxHTAb
+BgNVBGEMFE5UUkZSLTQ4MTQ2MzA4MTAwMDM2MSgwJgYDVQQDDB9DZXJ0aWduYSBF
+bnRpdHkgQ29kZSBTaWduaW5nIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC
+CgKCAgEAw5yYR0QpkhFkNlq6J0LVJt38Ylrq2bTZjPpGkQSzgLuyzjrh6IeBmiPT
+YYnP2Yy2QMFeVdlPD/nEq5j11lz1R3CFfP9Cg9jQFhgYdEoVCcQBw9iTao4bCN1x
+owXwn/dNjagVQxMULCjV6PelU9pu/bsJGbdAMujD2Ihu/zhvXhgdc8s80XuHACOO
+7Sz4MdiN1MhDI3rPYQfV83q0R68JtMLPb+shAsqttjbjkU1i9q2LGfmkFyv/k8GC
+x4wQwohWTaU5ALbRxjpr/TCt75KoVA2R4Zb69qOsA//S27oeqwoHPoyETeQ7y721
+gTFMtm0oOJlBe2XKiL5Yg8aRfDA1Dg3g6BVJDYXr//Hui0kuIEvqficqrl9HUEuU
+gI//Flug5bwqQ1z9SeCOSvgxnAYoOUM40jLkKK5nN59M7aDENXV4Lpq7TIwQsyOM
+MAdnhp/gVYQ2eaInD7JFURTZ13sZyVS+QNfOorWZOr90UhucqAz6NYA0Mb1domXn
+lz4OLKag9vCNBmdJtjYUzXVPXJqxb89Zngle8MPlXE2vjcAp8AXCdFtYaJw6Ae9r
+R3OhUhWppyq+wzy3Lu8v3913NsU8oo1YhXw0oK9t3prpUfk19FUNuaXfiKs6P971
+DJUwoSsx4q2zrsBcWUfZc02pvkjDbPOPRiO5A1CziUcXYG87jG8CAwEAAaOCAa0w
+ggGpMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQW
+BBRxkMWZyggSyUDzmNOmsw/J/arH1jAfBgNVHSMEGDAWgBQYh1bgbnfuJDU8TnOa
+H9bh4nl+KzBJBgNVHSAEQjBAMD4GCiqBegGBMQIAAQEwMDAuBggrBgEFBQcCARYi
+aHR0cHM6Ly93d3cuY2VydGlnbmEuZnIvYXV0b3JpdGVzLzCBiAYIKwYBBQUHAQEE
+fDB6MDoGCCsGAQUFBzAChi5odHRwOi8vYXV0b3JpdGUuY2VydGlnbmEuZnIvY2Vy
+dGlnbmFyb290Y2EuZGVyMDwGCCsGAQUFBzAChjBodHRwOi8vYXV0b3JpdGUuZGhp
+bXlvdGlzLmNvbS9jZXJ0aWduYXJvb3RjYS5kZXIwbQYDVR0fBGYwZDAvoC2gK4Yp
+aHR0cDovL2NybC5jZXJ0aWduYS5mci9jZXJ0aWduYXJvb3RjYS5jcmwwMaAvoC2G
+K2h0dHA6Ly9jcmwuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYXJvb3RjYS5jcmwwDQYJ
+KoZIhvcNAQELBQADggIBAK1sWN4vvkkxUBYlSl+sVxuF0uPkx3/pHngQXF+fYSub
+GQ0Z7JPOpWZ8/nWyjE8jV/Ps6qam3UZ13G/8EqU1mDvKo9eb76TxxUtJF74mmkZT
+JDGa6c6MP0fHlcDuZsvCKoZbHOLutItRs7JMz/8WxB9T5oIZs4Ejv3MNuFrnG2Td
+VtMc3P/NVMMNrMJ6oYhjS49XVWOVPqgrPx6oAmErulVhVR4JoPpYFRP2MpHsOfBW
+2MRJMDa7ZCd5WQfKvbBkb9v107B2htlywYsmZGTo/brwxcU3IUs660xHglnlitaF
+nZR0EPDjWAyHFm5qamwrukWqFYYu1MwgmuMvSqGBQZfCCMFsUdvAspnCiCeXkygo
+YVbWPqoQX7XVquGhrC1Or8h6ZnysMfHniilKvgwM9mxocTZbg8iK5G7yCEzz6Fw8
+ZEES3LLcOQV6nYpNnxhbgklEKgJIpZkdeURL7h6MZsGv2kE+t1Jqpfch3ij6P46A
+4tCdnPkuSHWSV06Uy8V//s5kf7FmhcvOAQHRciHBJXSWVFoxPMboPoPtXnp390UU
+M1FLpW9inQAtcDnTYqB0M/HzAiv36cCuY6TEdvaUHT+RYlzIDMvz0jEBgcH4kII9
+pwLbmT0WulrsOhZFwa1xXg014Ga2Htu2W4MPeO9JXTKQClk5IePocjogvR5OgSDK
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGIjCCBQqgAwIBAgIQde9eZ3B27Q+W+pWi7G7w1zANBgkqhkiG9w0BAQsFADA0
+MQswCQYDVQQGEwJGUjESMBAGA1UECgwJRGhpbXlvdGlzMREwDwYDVQQDDAhDZXJ0
+aWduYTAeFw0xNjAyMDQxMTEzMzNaFw0yNTEyMTMxMTEzMzNaMIGIMQswCQYDVQQG
+EwJGUjESMBAGA1UECgwJREhJTVlPVElTMRwwGgYDVQQLDBMwMDAyIDQ4MTQ2MzA4
+MTAwMDM2MR0wGwYDVQRhDBROVFJGUi00ODE0NjMwODEwMDAzNjEoMCYGA1UEAwwf
+Q2VydGlnbmEgRW50aXR5IENvZGUgU2lnbmluZyBDQTCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAMOcmEdEKZIRZDZauidC1Sbd/GJa6tm02Yz6RpEEs4C7
+ss464eiHgZoj02GJz9mMtkDBXlXZTw/5xKuY9dZc9UdwhXz/QoPY0BYYGHRKFQnE
+AcPYk2qOGwjdcaMF8J/3TY2oFUMTFCwo1ej3pVPabv27CRm3QDLow9iIbv84b14Y
+HXPLPNF7hwAjju0s+DHYjdTIQyN6z2EH1fN6tEevCbTCz2/rIQLKrbY245FNYvat
+ixn5pBcr/5PBgseMEMKIVk2lOQC20cY6a/0wre+SqFQNkeGW+vajrAP/0tu6HqsK
+Bz6MhE3kO8u9tYExTLZtKDiZQXtlyoi+WIPGkXwwNQ4N4OgVSQ2F6//x7otJLiBL
+6n4nKq5fR1BLlICP/xZboOW8KkNc/Ungjkr4MZwGKDlDONIy5CiuZzefTO2gxDV1
+eC6au0yMELMjjDAHZ4af4FWENnmiJw+yRVEU2dd7GclUvkDXzqK1mTq/dFIbnKgM
++jWANDG9XaJl55c+DiymoPbwjQZnSbY2FM11T1yasW/PWZ4JXvDD5VxNr43AKfAF
+wnRbWGicOgHva0dzoVIVqacqvsM8ty7vL9/ddzbFPKKNWIV8NKCvbd6a6VH5NfRV
+Dbml34irOj/e9QyVMKErMeKts67AXFlH2XNNqb5Iw2zzj0YjuQNQs4lHF2BvO4xv
+AgMBAAGjggHZMIIB1TASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIB
+BjAdBgNVHQ4EFgQUcZDFmcoIEslA85jTprMPyf2qx9YwZAYDVR0jBF0wW4AUGu3+
+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJBgNVBAYTAkZSMRIwEAYDVQQKDAlE
+aGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzjAQ/JSP8wSQYDVR0gBEIw
+QDA+BgoqgXoBgTEBAAECMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmNlcnRp
+Z25hLmZyL2F1dG9yaXRlcy8wfAYIKwYBBQUHAQEEcDBuMDQGCCsGAQUFBzAChiho
+dHRwOi8vYXV0b3JpdGUuY2VydGlnbmEuZnIvY2VydGlnbmEuZGVyMDYGCCsGAQUF
+BzAChipodHRwOi8vYXV0b3JpdGUuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5kZXIw
+YQYDVR0fBFowWDApoCegJYYjaHR0cDovL2NybC5jZXJ0aWduYS5mci9jZXJ0aWdu
+YS5jcmwwK6ApoCeGJWh0dHA6Ly9jcmwuZGhpbXlvdGlzLmNvbS9jZXJ0aWduYS5j
+cmwwDQYJKoZIhvcNAQELBQADggEBAGYlp9+MguDNmi4/pkAWtjRMYYT95Gwq73YS
+9SCckEaUDvVwyURgdvuW3Nf3Tv5v54H2ZNNPRWlVrCyL9dyFZEN+g4DdAAEDUhQw
+9GzqiELKw0HmqN7XG9Q3YbMZ8sHXu/FWK425pFDBfZJUpn5MZkiqsDlxCsuunb13
+6TbFU5S3ESsNf6CQlgQUFx/AGYY5DduS92UfaBZMnPKvr6tDK/jsIBS0otB0nMK6
+U+wje3M9WkS30r/uFJoTcaVLayk6eWUZxQLvZSCiBQx2rykhds4Ew1vlHgHnKn9R
+FnPSu2VwXWTFWBwRCuIYK/66wOo97Snq79/RTkEeVDCFMd62FHI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGNTCCBR2gAwIBAgIJAP8EO59nfNxJMA0GCSqGSIb3DQEBDQUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTEwHhcNMTYwMjA0MTMwNTIxWhcNMjkxMjMwMTYyMDEwWjCB
+ijELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEkMCIGA1UECgwbVHJ1c3RD
+b3IgU3lzdGVtcyBTLiBkZSBSLkwuMRkwFwYDVQQLDBBUcnVzdENvciBOZXR3b3Jr
+MSkwJwYDVQQDDCBUcnVzdENvciBCYXNpYyBTZWN1cmUgU2l0ZSAoQ0ExKTCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAP2LqguM36LmFQpiSNxsIiYi07Xq
+gJk9iNS115KGWuPjGLlrAshx01oLy+q93RQ0gG7Bi+KXeej0B7NCIzFQKGS9St5/
+FZPF4GH9ji9MioO8SKZyiLOwJrZyfV1J71ov5sLU/b01/jHnVKAXCTx6QD6EpuMw
+nMSs4ZSa+LlztQviYK3obgte19ciTq75QlM/a2VnBSjPmgnOc/0yObyu3tvqIA9c
+EHnoCzDJDZMKg7wnL2yJa5ckjzEiOCczJXealKj2YaW4zDFJ8uBpaGDrFQr5FNs6
+T197ptikG4rG4Wl9YM6lmtjyqNTns04C4GX7uARdeheNp8FXLoDedCptSg65UnDd
+Gi9hqIB0FDvHy7dzHfdRrWMLozrRIjPkV87veA4HdFsG63jZQMDn6kv90h0aZx3K
+xefewicoD6O9VO374+SIBS7m7seMWaLZa++muX0rEOem9UhSpwt2UwYJDCp77AWQ
+A/7AQ+l+USs/tzO5kpNQT7wTRs12gmzwyUmCTLw+LuzW/lUReiVPFbADjc7X73Qn
+NBtCZnsJaOenY/yZwIyuv2ORQRMIoC7ay54myj8GZrcqXsmtnyP5spdt6fpTwwmL
+l332CUsGrYYQUiLspF7rSNhJ5a9SbdHQQTUeBl/j9az39F0ZdhxDfoiUy+WcoQJs
+j1Q5iKCL89T13jWDAgMBAAGjggGAMIIBfDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBhjAdBgNVHQ4EFgQUtzinmZLXxqpO+z7THE69Gcjpkk0wHwYDVR0j
+BBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcwWAYDVR0gBFEwTzBNBgsrBgEEAYLX
+fwEBATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vd3d3LnRydXN0Y29yc3lzdGVtcy5j
+b20vcmVzb3VyY2VzL2Nwcy5wZGYwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2Ny
+bC50cnVzdGNvci5jYS9yb290L2NhMS5jcmwwgYgGCCsGAQUFBwEBBHwwejAsBggr
+BgEFBQcwAYYgaHR0cDovL29jc3AudHJ1c3Rjb3IuY2Evcm9vdC9jYTEwSgYIKwYB
+BQUHMAKGPmh0dHA6Ly93d3cudHJ1c3Rjb3JzeXN0ZW1zLmNvbS9jZXJ0cy9UcnVz
+dENvcl9Sb290Q2VydF9DQTEucGVtMA0GCSqGSIb3DQEBDQUAA4IBAQCidSqv6qQ4
+5cbef/GbMcLxw6r+7V2StOLwXpJoeEopsuaWMMWtV5FhfWhXK74Vfuq94nXif6CR
+3TLUGRQ29dQA50XjTVcs/9IPb8HasbAAKsAPfBAL+Xd6TVVXdR1s1sJlEmX+Vak0
+d6TUyFXLCubPsZ1yLZ97ZMPNrNq7va0Fctg1CdqFK95v3fIxyf4B0xWvy+kwE3pA
+yY/ogkM2sATvaNZQ9kDEtyzS1QhaklIN624pGisD4KP7m9MTov2jHgzwZ+H4Io7V
+0owgMbTTs7n7/GSAsqYT0bcocGjbCA5O6/fJcUOlksL2j8m9jZUlJ8ZOpR8T/kfg
+B1IC08vuANAh
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFOTCCBCGgAwIBAgIIYLmmFnDdSPkwDQYJKoZIhvcNAQELBQAwgaQxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1BhbmFtYSBDaXR5MSQw
+IgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xJzAlBgNVBAsMHlRy
+dXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UEAwwWVHJ1c3RDb3Ig
+Um9vdENlcnQgQ0EtMTAeFw0xNjAyMDUxMTQ3NTlaFw0yOTEyMzAxNjIwMTBaMIGP
+MQswCQYDVQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMSQwIgYDVQQKDBtUcnVzdENv
+ciBTeXN0ZW1zIFMuIGRlIFIuTC4xGTAXBgNVBAsMEFRydXN0Q29yIE5ldHdvcmsx
+LjAsBgNVBAMMJVRydXN0Q29yIEJhc2ljIFNlY3VyZSBTaXRlIDIwNDggKENBMSkw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDObYRhPlcMtsEa8jXfpkHs
+8dhidUskXFe2jDOfAyvusLBTJSrOxnAL6i9+qYIcyZHyP3dx2x3cwxugwMdIjM8U
+w8lfpgUry0NjidocMZ6YaiJVTarC9LJO4Gy/bwsn039EFaIozAc57ctW8I+ECbdg
+YMvdOSS0dkSOgQWSbNdEzAr+VTcI8lnIkCSFbAXfhj0OaUT3nriwywHQA1RDiJ8S
+FUvN5E3rWYkHggAuHt6j59f3gYvy+IVFhdXf5DSZm9EoNj3Bu8jU/YxZBEbM8XSo
+kJ/dzSRN9JDnhEwnM7F2D+/3VTC1YwfJsskvQXJK8fMUzO/JLCcbh4ZPnTGS0wLR
+AgMBAAGjggGAMIIBfDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAd
+BgNVHQ4EFgQUcIknZtQTu+4DVx2JUpSJCRl7bRcwHwYDVR0jBBgwFoAU7mtJPHo/
+DeOxCbeKyKsZn3MzUOcwWAYDVR0gBFEwTzBNBgsrBgEEAYLXfwEBATA+MDwGCCsG
+AQUFBwIBFjBodHRwOi8vd3d3LnRydXN0Y29yc3lzdGVtcy5jb20vcmVzb3VyY2Vz
+L2Nwcy5wZGYwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2NybC50cnVzdGNvci5j
+YS9yb290L2NhMS5jcmwwgYgGCCsGAQUFBwEBBHwwejAsBggrBgEFBQcwAYYgaHR0
+cDovL29jc3AudHJ1c3Rjb3IuY2Evcm9vdC9jYTEwSgYIKwYBBQUHMAKGPmh0dHA6
+Ly93d3cudHJ1c3Rjb3JzeXN0ZW1zLmNvbS9jZXJ0cy9UcnVzdENvcl9Sb290Q2Vy
+dF9DQTEucGVtMA0GCSqGSIb3DQEBCwUAA4IBAQBxVQ/eZPp1x4iqmfgU77tY2K87
+g3wwpz8yFtTbn1Au6h7ElcngjRdHqjIBbRm0BZJ7lIRpOO0JjOp+OqWAh5F7TxQ0
+oGo4RBM9zVkgSkFzk+0TxM34gdWtgW6C0e2Ix8G91X35UoZgzEWGdTTETce2OWcm
+vHBPrY5LQWrs+6V031SbgOSfWNGJwbYZ4uz45UbsoFAHWhEWC2W7Tz7UQ9RUGkq7
+mz7phE9NqzpfyoIW8qo7mO7lovBd8MMX1ie1fPq4D+d1neo12u1s3/pOEtP3qAC1
+JeeGKcTyLJSlu7xa2Cktd3c6J0zPEiENmurFYjud7zKEo+WLWFj41EuXa4hl
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHODCCBSCgAwIBAgIJAJZr5ZC7I+8qMA0GCSqGSIb3DQEBDQUAMIGkMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxHzAdBgNVBAMMFlRydXN0Q29y
+IFJvb3RDZXJ0IENBLTIwHhcNMTYwMjA1MTIwNDA1WhcNMjkxMjMwMTYyMDEwWjCB
+jTELMAkGA1UEBhMCUEExDzANBgNVBAgMBlBhbmFtYTEkMCIGA1UECgwbVHJ1c3RD
+b3IgU3lzdGVtcyBTLiBkZSBSLkwuMRkwFwYDVQQLDBBUcnVzdENvciBOZXR3b3Jr
+MSwwKgYDVQQDDCNUcnVzdENvciBFbmhhbmNlZCBTZWN1cmUgU2l0ZSAoQ0EyKTCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANdOQOhmRcvwK1pV5N+3zowr
+TqPuak2/9cTRMnN/Nh7tiRf6XralicXrNXP+CaLPdYT577pDmxD8GSS1VZf0Fvu/
+ynh3WOgf8GQEfs/0hwtQA8gzUidN+BWFE7NPoRJJzezZgUsmK9jNeCCHKc/Cj6uK
+drWmc0nayLKgq01Rp9JwDfO1Kc1wDsAGbYzDBZGBlgN0oMinxhg0SXkDdoajUeHD
+ZOnmqeQeLKfwCisXMEcxxgwaB1BEHguprb3h6J9mkMz01n9qzrn/uuxcb1Zihh+J
+gySSh7qGjqmPzVKHr+HAlfgj9sKKW5E48iqX7dw71QSKfdICckdVlXHJiJq5r8cK
+8HcLWL2i0AB3V+Hafx+USynO5hkyeqFJulUz9xWvt4fgQ36YOQIv0HTPgl0RK/my
+hVko+kloI1ytu3QDtHr2cnC4WpQC2cZoLIDaCOWURWppmry00jJ3EXxYiLF19QBu
+L9wctL92TXcGEszHBM5rnYKgwnuHOGs6IGDyOJd21KVyDUrv5MuwarDVBo+lSEd7
+M2CIUtvoVYNUCZJ4k8oNzdERQ2gk0rHJCXzPn8mpOIbvWjky0CeTQWaZrL2p4ZEs
+eFVS1S1QbZZq6owX4cIa1xp9Z0JpHR+XyXcqa7IN/xlllbnPnO2np8hfVc5AC+Vg
+MRTCp5OWs7gPssxaW5aLAgMBAAGjggGAMIIBfDAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUkffx/I4Kdr765gAFr9cCoiTNWp4wHwYD
+VR0jBBgwFoAU2f4hQG6UnrybPZx9mCAZ5YwwYrIwWAYDVR0gBFEwTzBNBgsrBgEE
+AYLXfwEBATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vd3d3LnRydXN0Y29yc3lzdGVt
+cy5jb20vcmVzb3VyY2VzL2Nwcy5wZGYwNAYDVR0fBC0wKzApoCegJYYjaHR0cDov
+L2NybC50cnVzdGNvci5jYS9yb290L2NhMi5jcmwwgYgGCCsGAQUFBwEBBHwwejAs
+BggrBgEFBQcwAYYgaHR0cDovL29jc3AudHJ1c3Rjb3IuY2Evcm9vdC9jYTIwSgYI
+KwYBBQUHMAKGPmh0dHA6Ly93d3cudHJ1c3Rjb3JzeXN0ZW1zLmNvbS9jZXJ0cy9U
+cnVzdENvcl9Sb290Q2VydF9DQTIucGVtMA0GCSqGSIb3DQEBDQUAA4ICAQCYOSRa
+V6reKei9mI3C6gdtGQuWzr8dDbzP1zfhAi/Eb0jSvcFcpUT24OhjWdSLdIMjAO8X
+45TUr7W3/UhSsmRFO1ziv93X0aP63nto3H0b3YCioCoshDLzyCegUyUxRUaZh4U3
+/SLYu0dLnEX22Ezup/ORZW5w2Os1PjU/F4s4HDqVTs74nFn7kb71z7kAsAshWXQn
+YiRam0Qo8+F0tFdURT0yVMsmFnfiZphDklT+Y+AV6x78czLYtsJFiGk2GJoTqWYr
+Hsy9aZiOTJI5bKJpR4kMmb6p5ZZZSEMXoE+syo00sCJvH6JCiJeP+71mN3p4ISUt
+4jdx5OO4v3vHOVXqdVUccuENpx2yreAXFUbZyjtcc31Z9DRmhj7jDdoyhZJxMdfK
++MQZWWsIiq9Vv6UV7adciGfxZ6NlLgple5b50jI5nWLHWvGGt6wQQKCIVgUi3FlJ
+F+QdgT5LyoSx+vuWarFJb3m45WLX90XSqCpNFEmYReitJV1OBrrQ3U1FcqGqD0wE
+TFfSxr14AEEHZqSqLGk8S+C2TAblKeBzX0zFuMWgjh0WCguKpeFJwWKXxtGGwsQb
+xwJpSPvH0/5yavkoNuxyweBbOKZf4pDUZtE7hWrgGDkU1U7ZVsmVXT4z1r3eXs1/
+NCFo5pXxvhAPwTMtdquQEVjDSqJjd2fuJsmH2w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFIzCCBAugAwIBAgIJAIIlXQS/ZP6dMA0GCSqGSIb3DQEBCwUAMIGcMQswCQYD
+VQQGEwJQQTEPMA0GA1UECAwGUGFuYW1hMRQwEgYDVQQHDAtQYW5hbWEgQ2l0eTEk
+MCIGA1UECgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMScwJQYDVQQLDB5U
+cnVzdENvciBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxFzAVBgNVBAMMDlRydXN0Q29y
+IEVDQS0xMB4XDTE2MDIwNTEyMTA0NloXDTI5MTIzMDE2MjAxMFowgYYxCzAJBgNV
+BAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExJDAiBgNVBAoMG1RydXN0Q29yIFN5c3Rl
+bXMgUy4gZGUgUi5MLjEZMBcGA1UECwwQVHJ1c3RDb3IgTmV0d29yazElMCMGA1UE
+AwwcVHJ1c3RDb3IgRXh0ZXJuYWwgUEtJIChFQ0ExKTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAL3Pyqh0dJY3wkNodP5XxI0ue6Vzq7Gswyv/EYADedt0
+9Cv+vwhUU3p6CcUF8V/Or6vLKkTIEInLKdmFbIW6WW1/jbTFNPBzY0LBREpO/cSy
+B9kI+8rPZ41/Hu2+TtXyo6CXVoESRC9hDAseuCTIC6eZFJi+0cWVTCwD/9fhlfBZ
+9ryj6Zqn2H27XGFHZ16LpVPgXhmxxqMcvLIqAKfVq0NsVdq0C5Rv6/mer+/K4yCR
+LL3z9PvEvcPASl7OuxFO3XVI6KbAEyOjZVAoO0xKFIhL6mOFRAQZ3z4iGihf21Fc
+fJDHO6uzrSjEKcr4tlN8GZ52wBl8qtOjJiNcgjh6FcMCAwEAAaOCAXowggF2MA8G
+A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBRmydJEzK2l
+1pbTBBLfHcWID1yNujAfBgNVHSMEGDAWgBREnkj1zG1I1KBLf/5ZJC+Dl5mahjBY
+BgNVHSAEUTBPME0GCysGAQQBgtd/AQEBMD4wPAYIKwYBBQUHAgEWMGh0dHA6Ly93
+d3cudHJ1c3Rjb3JzeXN0ZW1zLmNvbS9yZXNvdXJjZXMvY3BzLnBkZjA1BgNVHR8E
+LjAsMCqgKKAmhiRodHRwOi8vY3JsLnRydXN0Y29yLmNhL3Jvb3QvZWNhMS5jcmww
+gYEGCCsGAQUFBwEBBHUwczAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AudHJ1c3Rj
+b3IuY2Evcm9vdC9lY2ExMEIGCCsGAQUFBzAChjZodHRwOi8vd3d3LnRydXN0Y29y
+c3lzdGVtcy5jb20vY2VydHMvVHJ1c3RDb3JfRUNBMS5wZW0wDQYJKoZIhvcNAQEL
+BQADggEBAF8LomkYI0Qu3F6UBZQ+FepuO0fm2r2D74ehw+XKkyCawO3KLBPdSyZL
+qg3kFll7FnSkFpev3dCT/MAQmRvjmxQ9wRYV2y7vUpjARV2PJAG8P1cQwu1KYrRU
+JU/hplOKwfSxaiL0t2Ye+2Og2A9B6ccpBvIgk0tbITNsXtOKyDMBtj1i1G8HmOey
+8Zw+JUrsj0r2jxi2gqguLAcY0PqDYRlv0UQCKOEI3BVwmDGF+4RL1L9Ns+Blh8+S
+/f/CDSjwJGhb2q5K3pwNv2Qulh1LoqQVmfcaCOBHDVVYTmgBLahNEo1rJWJBgz27
+n/gi9zWmPJgUf+zWvTSBX6Cn54HHwr8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFNDCCBBygAwIBAgIKOfs4FwAAAAAADTANBgkqhkiG9w0BAQsFADCBijELMAkG
+A1UEBhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAo
+YykgMjAwNTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYG
+A1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQSBDQTAeFw0xNjAyMTAx
+NjUzMjRaFw0zNzEyMTExNjA5NTFaMIGSMQswCQYDVQQGEwJDSDEQMA4GA1UEChMH
+V0lTZUtleTEmMCQGA1UECxMdQ29weXJpZ2h0IChjKSAyMDE2IFdJU2VLZXkgU0Ex
+FjAUBgNVBAsTDUludGVybmF0aW9uYWwxMTAvBgNVBAMTKFdJU2VLZXkgQ2VydGlm
+eUlEIEFkdmFuY2VkIFNlcnZpY2VzIENBIDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQC2L9X7Ban4aQ6ilphaaAFk5SCf+bnLfsdJdjzOYGexsY7ZIdiU
+SyU6bx8u7AZ9InzYm/0AQ2+UfxhtO+hRpMMyF60zbIEEz8jF7+RFiZauM8Tu6GR+
+t2+MEDVFzCRCiBVm6iCLusHQ6oBjbtzgNWeezKpXBW5f8e0GWmf05HtLw0m6050I
+mk7I6+XYhRUruVWS1U8kQom1qXp86OoSS+eRqZAFiXB2h10A94wdrosHwl3vClBX
+RF7pa+gK5j7bB5F9w4bWVX/a41J+Y8WihanlVASRkzhnt5Jf+cRBCOhppjt57uBv
+OnpX9IHdv6KpWiB27ycmYQrXDJTEab6FFWwJAgMBAAGjggGQMIIBjDAOBgNVHQ8B
+Af8EBAMCAQYwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFPTkm1fSrsKeiE0A
+uiuvZcljqYebME4GA1UdIARHMEUwOwYIYIV0BQ4EAwEwLzAtBggrBgEFBQcCARYh
+aHR0cDovL3d3dy53aXNla2V5LmNvbS9yZXBvc2l0b3J5MAYGBFUdIAAwGQYJKwYB
+BAGCNxQCBAweCgBTAHUAYgBDAEEwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSME
+GDAWgBSzA36uNrywedHclCa2Eb4hsmmGlDA7BgNVHR8ENDAyMDCgLqAshipodHRw
+Oi8vcHVibGljLndpc2VrZXkuY29tL2NybC9vd2dyZ2FjYS5jcmwwbAYIKwYBBQUH
+AQEEYDBeMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC53aXNla2V5LmNvbS8wNgYI
+KwYBBQUHMAKGKmh0dHA6Ly9wdWJsaWMud2lzZWtleS5jb20vY3J0L293Z3JnYWNh
+LmNydDANBgkqhkiG9w0BAQsFAAOCAQEAZcx6VSBW+3JeiwtMNKtmzzHomn8jW5xm
+TxydkPzpxbhLqxl4bc3pbT7oxQOZSYRQbClpuUO7i3id9yy/fuFFTP8jYnLU3GA2
+jKiDISQ30lVnIdMxstUz/nWzzH4M9iW6pZ7qN+RWB5ypLQTrvCFyuSNg5P1vWTMP
+34Ri1yvW8xVvDr3o5FjOm+pNeJgx9+iuWQbPvp7gKYVURLDKp/+qTrcLWtRHxO1y
+HP7B+0QyKcZ+0BBKgHFt+3LtJb0SaQzZa3+mNJdD0dEQauUfwuHQOM8D5ytxQ7OY
+ISHgrJwe50m1deYYpK6lif6C3dTzp0nhZtDBsrEGxbDJvquSYYPU2g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGbzCCBFegAwIBAgIICZftEJ0fB/wwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTYwMjEyMTg0ODUyWhcNMzEwMjEyMTg0
+ODUyWjBpMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjEeMBwGA1UEAwwVU1NMLmNv
+bSBSU0EgU1NMIHN1YkNBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+hPYpOunhcxiF6xNzl6Tsm/Q89rnu2jVTXTBOZPaBkSD1Ic4lm7qkYwlZ/UgV5nn1
+5ohhceYDC2AlR9RvGbP+26qrNcuE0XOdHJOB4SoY4d6OqLAQ6ZB0LdERK1Saa5lp
+QlqHE8936dpr3hGWyqMb2LsdUuhQIzwNkLU/n9HO35irKCbKgS3FeejqkdqK5l6B
+b11693o4bz9UZCUdBcQ/Xz06tA5cfnHvYkmmjxhj1lLTKwkQhWuIDrpbwWLO0QVO
+c29s9ieomRKm8sYMyiBG4QqRQ/+bXwp48cF0qAByGWD6b8/gG4Xq1IBgO5p+aWFS
+0mszkk5rsh4b3XbTHohP3oWQIOV20WWdtVWXiQuBB8RocAl0Ga//b+epiGgME5JX
+LWXD1aDg/xHy8MUsaMlh6jDfVIFepkPnkwXDpR/n36hpgKa9dErMkgbYeEaPanLH
+Yd0kv4xQ36PlMMs9WhoDErGcEG9KxAXN4Axr5wl6PTDn/lXcUFvQoIq/5CSP+Kt5
+jq9tK/gRrAc4AWqRugDvQPYUm00Rqzj5Oxm5NVQYDzbyoA66CD68LETuVrfa9GuW
+9MAZRO6CDzonAezIdNHsslDb1H8VN/k0zMxjI+0ub4IAmc3I5GfZtvYcpjtMj8L4
+2TDS34/COov/Pf2HZ/XXGlzjZ7WPmLl4fdB6hhjs2BsCAwEAAaOCAQYwggECMDAG
+CCsGAQUFBwEBBCQwIjAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20w
+HQYDVR0OBBYEFCYUfuDc16b34tQEJ99h8cLs5zLKMA8GA1UdEwEB/wQFMAMBAf8w
+HwYDVR0jBBgwFoAU3QQJB6L1en1SUxKSle44gCUNplkwEQYDVR0gBAowCDAGBgRV
+HSAAMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmxzLnNzbC5jb20vc3NsLmNv
+bS1yc2EtUm9vdENBLmNybDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4ICAQAi6e/iSV5DEqDO6XjQ
+SIIzXgc255yv6Oc2sqZnvRyVBHtHvo62jMoHY3Xunc/EofbeS4aHdYBvgkn6CNTj
+VkCU+psWwcT3Pg83uP4k4Thu7bXvrClfS+XBlbJiCF/PSJxLrKnxRn+XIGiYl62H
+glBhq9K8/fZrI2Qh1mZJmWE0FlxEDCb4i8SBNi8lmDogaFi8/yl32Z9ahmhxcLit
+DU/XyKA0yOqvIrOGKH95v+/l8fQkzE1VEFvj+iyv4TXd7mRZDOsfqfIDZhrpou02
+kXH/hcXlrR++t8kjj9wt8HHQ+FkryWI6bU3KPRJR6N8EH2EHi23Rp8/kyMs+gwaz
+zMqnkNPbMME723rXk6/85sjOUaZCmhmRIx9rgqIWQesU962J0FruGOOasLT7WbZi
+FsmSblmpjUAo49sIRi7X493qegyCEAa412ynybhQ7LVsTLEPxVbdmGVih3jVTif/
+Nztr2Isaaz4LpMEo4mGCiGxec5mKr1w8AE9n6D91CvxR5/zL1VU1JCVC7sAtkdki
+vnN1/6jEKFJvlUr5/FX04JXeomIjXTI8ciruZ6HIkbtJup1n9Zxvmr9JQcFTsP2c
+bRbjaT7JD6MBidAWRCJWClR/5etTZwWwWrRCrzvIHC7WO6rCzwu69a+l7ofCKlWs
+y702dmPTKEdEfwhgLx0LxJr/Aw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFIDCCBAigAwIBAgIOR8MP/NQCAYElup+26MkwDQYJKoZIhvcNAQELBQAwYzEL
+MAkGA1UEBhMCQkUxFTATBgNVBAsTDFRydXN0ZWQgUm9vdDEZMBcGA1UEChMQR2xv
+YmFsU2lnbiBudi1zYTEiMCAGA1UEAxMZVHJ1c3RlZCBSb290IENBIFNIQTI1NiBH
+MjAeFw0xNjAyMjQwMDAwMDBaFw0yNjAyMjQwMDAwMDBaMIGDMQswCQYDVQQGEwJC
+UjEPMA0GA1UECAwGR29pw6FzMREwDwYDVQQHDAhHb2nDom5pYTE3MDUGA1UEChMu
+U09MVVRJIC0gU09MVUNPRVMgRU0gTkVHT0NJT1MgSU5URUxJR0VOVEVTIFMvQTEX
+MBUGA1UEAxMOU29sdXRpIENBIC0gRFYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDfSHqaA6r8TlKODVnmmc0FmtGbOikRqwkjm5ILI5uyI3tAyKCQR0ED
+7liWcDdHCwaGjFIpJcFVCYXkMMvlm81y5iuKWnI04ocrgePKc+Ar4HtAPqYst8ut
+GH0qoeEogTHI2u6bO1lkv5P6A/GAwG9xLsR+31vuCXXidDM6+A0DS0NsDJelHOGd
+obdlp88Yr4cz692zZ2ZmU1CP7wAadzVuYZWhky9xfVoa32vU/OrYmpGIY3Ye8poE
+oDFbYR9V/9xgj+HmCkJZV6WR4RQd6nqctkCn+nVLhzdCb2XCNZWoH6Cvvarla8pD
+UICTLVEvlgK0vN5oUpqGUiAVBnOpZ8/NAgMBAAGjggGvMIIBqzAOBgNVHQ8BAf8E
+BAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0OBBYEFIfhAyBlC/oDSaT2czPJoGa/14dSMB8GA1UdIwQY
+MBaAFMhjmwhpVMKYyNnN4zO3UF74yQGbMIGNBggrBgEFBQcBAQSBgDB+MDcGCCsG
+AQUFBzABhitodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290c2hh
+MmcyMEMGCCsGAQUFBzAChjdodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2Nh
+Y2VydC90cnVzdHJvb3RzaGEyZzIuY3J0MD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6
+Ly9jcmwuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290c2hhMmcyLmNybDBWBgNVHSAE
+TzBNMEEGCSsGAQQBoDIBCjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9i
+YWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwDQYJKoZIhvcNAQELBQAD
+ggEBAF7Op6aMHPlVRz2dJxX0XLPHo+Ws1prelFH9KbLSK/HkEy6SubdAKIKI837/
+kLyFC/t9FfnGDp3iFf4yMbP1XWMfS5EhkRvqwnqgUGWH1pV1evObyMEIzaWp+r5b
+LFMMza5xujqqce1ynLwngDqluLm9UJRewKXJeRPc6szFNianCxmkiTQn/nBeopBx
+wxSqA6Ts+OQC3U8+rsUOYueLdoaStnVa1kIjgwj0vfQhaMsf/K66GDz0UNIOu5bH
+/iTKSrNgIj6NNeC/q0xIm3Ktg+/GtRQY4Usqw2vAHGPvjkMGeuer6Jds5Qsty1Y+
+stxbttVBDzR1ObV9X3ZsLcE9+lU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFHzCCBAegAwIBAgIOR8MP/enKcGhLiHpXDd8wDQYJKoZIhvcNAQELBQAwYzEL
+MAkGA1UEBhMCQkUxFTATBgNVBAsTDFRydXN0ZWQgUm9vdDEZMBcGA1UEChMQR2xv
+YmFsU2lnbiBudi1zYTEiMCAGA1UEAxMZVHJ1c3RlZCBSb290IENBIFNIQTI1NiBH
+MjAeFw0xNjAyMjQwMDAwMDBaFw0yNjAyMjQwMDAwMDBaMIGDMQswCQYDVQQGEwJC
+UjEPMA0GA1UECAwGR29pw6FzMREwDwYDVQQHDAhHb2nDom5pYTE3MDUGA1UEChMu
+U09MVVRJIC0gU09MVUNPRVMgRU0gTkVHT0NJT1MgSU5URUxJR0VOVEVTIFMvQTEX
+MBUGA1UEAxMOU29sdXRpIENBIC0gRVYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDRrAkXiaEMqbWuTbA14L9TBdVppjMF9fKPfMs1sd7mUgL7Bbrf2rs1
+oeXVM6UyjvsNxe4BfLp+z3fkHEXiyRYu22P4iyT23suaGMp47BErHGh4bBn4cBIM
+XrAW7wrhzhBLUEVuMfkhU2sZyK9Ci6PLnHH4jE1Phu1Ql+HZkswE4cn4bUImSb+9
+L9449gg9Jvyok4xvEcnKg9RCtlWxXCG34Cz3o/417Ud0cWMK289AA9SPZbf7s5Eb
+fJBe39XVvCwEhZM6i7FyYOQ31V/PjZ2bVM18UuHC6qdtNBV30TC9G0ZNga9bNTUs
+GQqgv3vNScm0Afg7hh21jAMBU40z0UFnAgMBAAGjggGuMIIBqjAOBgNVHQ8BAf8E
+BAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0OBBYEFCQIvAqAXDm6uBZ3fpKRSjLyuskqMB8GA1UdIwQY
+MBaAFMhjmwhpVMKYyNnN4zO3UF74yQGbMIGNBggrBgEFBQcBAQSBgDB+MDcGCCsG
+AQUFBzABhitodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290c2hh
+MmcyMEMGCCsGAQUFBzAChjdodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2Nh
+Y2VydC90cnVzdHJvb3RzaGEyZzIuY3J0MD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6
+Ly9jcmwuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290c2hhMmcyLmNybDBVBgNVHSAE
+TjBMMEEGCSsGAQQBoDIBATA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9i
+YWxzaWduLmNvbS9yZXBvc2l0b3J5LzAHBgVngQwBATANBgkqhkiG9w0BAQsFAAOC
+AQEAA6cXqLoUNtT7pkG4MUoxDEtJozQpnSSHAcylSxDz5K9WeJjSQ/Wije8uKDW4
+FJEIjsBq5hHJMcDe9QU7dymUVnQvgUcrUrCO99V4hKPVCGprWU31bG5ifSJ9UjU5
+tp9qoUYVHISmHkKVfy4v2hkqXpeFRpfC9QC4zdvgslpWKsDHJgsjuCXHS4EnNeDH
+UY16BsqQXxRJKmtnRz9B17GU3yp3yC7Z1/50bUa9NOhpsAdl1TtIxcBmN8HLaFax
+e6Whd8yqm+vQkJvAdoR+5N6o+EbBC1DLgdvbzSBsB1LiPaY9PJCzR1eolCyxcK4N
+maySrGARfLUDiu2+arpMILDf5A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFIDCCBAigAwIBAgIOR8MP/VnSdoH2bvnFoHUwDQYJKoZIhvcNAQELBQAwYzEL
+MAkGA1UEBhMCQkUxFTATBgNVBAsTDFRydXN0ZWQgUm9vdDEZMBcGA1UEChMQR2xv
+YmFsU2lnbiBudi1zYTEiMCAGA1UEAxMZVHJ1c3RlZCBSb290IENBIFNIQTI1NiBH
+MjAeFw0xNjAyMjQwMDAwMDBaFw0yNjAyMjQwMDAwMDBaMIGDMQswCQYDVQQGEwJC
+UjEPMA0GA1UECAwGR29pw6FzMREwDwYDVQQHDAhHb2nDom5pYTE3MDUGA1UEChMu
+U09MVVRJIC0gU09MVUNPRVMgRU0gTkVHT0NJT1MgSU5URUxJR0VOVEVTIFMvQTEX
+MBUGA1UEAxMOU29sdXRpIENBIC0gT1YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDeVNxdmst2nKvut2N5tLzCGgcCVLEm3S6Qja9jC5N3XmwBjdu53tDR
+FplNeI1P3Di6682foY9VmP2pkGGCONV6QvLiX290N9DPnPesEE+GAClYrT1NdkB4
+XfniD3H4XZt8nJVarvnfD7/MwWklTutbFhLyVg38ttJ1GLJz6riyYaShwlZRKJuU
+zx5qlUd+hHdMvYg6oI3UpW2UPHi4ge41Bqv2apntVI1cxNR4pH/CDhDGYZXitqpn
+CukcwB9J2EtdDe4EprjS8tlKsHMIgaKWFsgoF90WdWgZk0Sa64b2N6TfFZCncXaa
+oMikntyPgi7xjlhP+8Wr7QTmYuhBn0FvAgMBAAGjggGvMIIBqzAOBgNVHQ8BAf8E
+BAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0OBBYEFIl0C7uxUXURk+5LSyDvYW64oQfmMB8GA1UdIwQY
+MBaAFMhjmwhpVMKYyNnN4zO3UF74yQGbMIGNBggrBgEFBQcBAQSBgDB+MDcGCCsG
+AQUFBzABhitodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290c2hh
+MmcyMEMGCCsGAQUFBzAChjdodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2Nh
+Y2VydC90cnVzdHJvb3RzaGEyZzIuY3J0MD4GA1UdHwQ3MDUwM6AxoC+GLWh0dHA6
+Ly9jcmwuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290c2hhMmcyLmNybDBWBgNVHSAE
+TzBNMEEGCSsGAQQBoDIBFDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9i
+YWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgIwDQYJKoZIhvcNAQELBQAD
+ggEBAFTUYjeQTMXmxSYyyK8Bju+3wlk11QWE+v+vR7eUSYicJ4mfsh6w33CDhZcG
+BdY9Lc9ejNEDT/HIP4yx9p6GdxFaadPfg7IkxcvybrMNUs7FW7XeqtI9cDqPUbqn
+3dxdL+vZdLK7LTLHi4eYK8aA5YeF7j01sHLxBX7EXucZOYwxL8B8QaY73NzpfjKK
+IrjsySNsO1MKAis/RfIAqXfQ9qmTIhi3CsU8vi0p4NKhnHcDAyv1XNWB46pWxP4S
+AgZkrt6gkcU5tDUEZ/h/HkfBQrPA15WRqB+P144zF59aSMHXZHX4O+h1ql1APplX
+WhXfPgbDsUxceymgUTRnqLmsbxA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFOTCCBCGgAwIBAgIMVRYVFQAAAABRzhYOMA0GCSqGSIb3DQEBCwUAMIG0MRQw
+EgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3d3d3LmVudHJ1c3QubmV0L0NQ
+U18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMc
+KGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5u
+ZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMB4XDTE2MDIyNTE4MDgx
+NloXDTI5MDYyNTE4MzgxNlowgbcxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRy
+dXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRl
+cm1zMTkwNwYDVQQLEzAoYykgMjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhv
+cml6ZWQgdXNlIG9ubHkxKzApBgNVBAMTIkVudHJ1c3QgQ2xhc3MgMyBDbGllbnQg
+Q0EgLSBTSEEyNTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGnEvB
+T0qd2X3TO1eRq83pdhUtwCAvLDGGxQk9sB+RhJhDlS7UnqraVeLgYOi7B+/Lg+0u
+Xxny0CjtOmQ/y64wYCHmZqtYTmJndk5SjNx7mEQODi2QULUh+42xza8hByWXz7oP
+GEcZTnHLabj6I20aBhE1wVa6n2Ih8bDxAY9ez/EiosFCDvXNMugrJ/SSbwsVXvz6
+aVKwjn6ky3W5RYS1kwMLcitAs25DQqETGRhkRNSmIAlFsDpkD1b95IUojrjUOCPH
+LuKw+5r7GjiBkzLnLR+ujjcXzvzCFD993yTsseygqo4jBIEce68pztTn1OFm6W5k
+6eEFsiqRmHBY2PILAgMBAAGjggFEMIIBQDAOBgNVHQ8BAf8EBAMCAQYwNAYDVR0l
+BC0wKwYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMBglghkgBhvprKAsw
+OwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuZW50
+cnVzdC5uZXQvcnBhMBIGA1UdEwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAl
+MCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAyBgNVHR8EKzAp
+MCegJaAjhiFodHRwOi8vY3JsLmVudHJ1c3QubmV0LzIwNDhjYS5jcmwwHQYDVR0O
+BBYEFAafb06iKU4PDK4Xv7aYRu+tuDtyMB8GA1UdIwQYMBaAFFXkgdERgL7YibkI
+ozH5oSQJFrlwMA0GCSqGSIb3DQEBCwUAA4IBAQB8eBvEzfG7ciGMiBdPtSqio/2d
+h+DXHDyC2Z6Vkzd305spuLwA0olAKJKZgKFM804XffTDY4zCTvY3sX9gMvHUk1ut
+lt2Kt8KPDfFLrfxL21sNyj79WG99p7vrzVlsO+8AFZU2AdTLPLVjz9/Tmqr5RRKy
+q4IPZg0uaAM4+m6VIOceWnYEI2A9S+XpEHWqF9vbCevuF0iLnZalaqPdTBkfYkAu
+D/T6AOZabkbolo2bjssLzYsHOZExFCFu37kJZTw/JaDlC7o6A0r0QaZojaXqYM0j
+SfppwIWH58keRNVFyBIApO0GmIpBSieh8hZlo1X6K0yukH+M53cikOr4IS/F
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF/DCCA+SgAwIBAgIRAMsDASzttFrEDbmOhA+2mf8wDQYJKoZIhvcNAQEMBQAw
+gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
+VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MDIy
+NjAwMDAwMFoXDTI2MDIyNTIzNTk1OVowgYYxCzAJBgNVBAYTAlVTMQswCQYDVQQI
+EwJHQTEQMA4GA1UEBxMHQXRsYW50YTEkMCIGA1UEChMbVW5pdGVkIFBhcmNlbCBT
+ZXJ2aWNlLCBJbmMuMTIwMAYDVQQDEylVbml0ZWQgUGFyY2VsIFNlcnZpY2UsIElu
+Yy4gUlNBIENsaWVudCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AKpd1Pa2WtdW/kTnGMnhCKROf/rJhzXdC/d6z+s2bYDeeB452YFKrwZ0u4ILhBYA
+uXvcJAdXFFv4qGNZljrAME1D+8XmmOCbUT3XW2D7D0oiXAaGvtyfk7geO7Ngq7sQ
+taOfchSRPLtwBkzpkhOjRXgRJ8xdNkiIbSFFTVnJw5ORsTbiPz+VZA1u0ULTrUHS
+y4zB1EJk4CbeT2Iev4RPF00X4LGdHW68c1LmPB890avuOTjJc8/vMq0iHmmUWvTg
+bVzUb3bpWVa4Dr5sewMyDRrPA5Yd9wxL7ZUC+eDt7BmHO+UZXvaBtE7xmGJ37tMH
+CNKwthmuMDI5yEuBUC1lCX0CAwEAAaOCAWIwggFeMB8GA1UdIwQYMBaAFLuvfgI9
++qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBRM2cUxk9ZG55upTTCODLR2gx4/XjAO
+BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr
+BgEFBQcDAgYIKwYBBQUHAwQwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQICODBMBgNV
+HR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FD
+ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOwYIKwYB
+BQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUFkZFRydXN0
+Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJ
+KoZIhvcNAQEMBQADggIBAIxU5qb0sw6nQn5Gv+gQMxe2/KoyHAVEI5KN8VEHKdxH
+zI7V2bJHJ78QQc2i5ZzHwpOaA76RNqiTCDQejSnPo2Y1VY+P9Pd0rJDjJNDRCKAf
+luG22rCFqQxJw5JTFlS+kMQPo/cd5SabCODZr/YO+ydBfS3JLhvIbzk+powJ1Qa9
+rATOPllhgxtTCEjc3FBRoy7J4uGubMbVLhMuCib5nQoquuNRh8F02V2ACHr12nWW
+AjVKOyrZ6kzQXN1Dhkxtkx7o20qxrSEE95NAUSG+jYyEVKntIxgk9xmr/7VQaYLw
+TkMtA3+NS0J+TJ6DLfCSBh3wKSd9K3klX8KFO2pAHCMYVa58lDBPbmREt8UlAAhX
+j6x+uF+e37Vik7EJ8hGmNuYQTIpHTpTELbx8+XWIMOXG7y4sEku4q2P7ZXI4DbXM
+BzXCmOtbPmwLGJiwCHUIKXb1OKMkH4UcFxMV9X4WPKXkyGUhF7WJdaOzjQSpZgKG
+cIhz83jYNvPJ1XCpVPS5AXJInDLNVoHTqVszlMqiUZFn8Q7ADfvYrXGCjPS/Qf1q
+rTvD9dFenvFINMl0LkBfl0KW0HrJt0x11529lKbFvHpHDGQlcGZLXe/O9rl7BhX1
+SJam725pCcQtipGfRn43tVh/KZbpe+E/zTznjWv04I7c09SQMzs5JrkicPcqhvrd
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGVjCCBT6gAwIBAgIQB08tBK3r/BmIT0IP/53yzzANBgkqhkiG9w0BAQsFADCB
+ijELMAkGA1UEBhMCVVMxGjAYBgNVBAoTEU9yaW9uIEhlYWx0aCBJbmMuMS0wKwYD
+VQQLEyRPcmlvbiBIZWFsdGggRGlyZWN0IFNlY3VyZSBNZXNzYWdpbmcxMDAuBgNV
+BAMTJ09yaW9uIEhlYWx0aCBEaXJlY3QgU2VjdXJlIE1lc3NhZ2luZyBDQTAeFw0x
+NjAzMDExMjM0MDVaFw0yNjAzMDExMjM0MDVaMGkxCzAJBgNVBAYTAlVTMRMwEQYD
+VQQKEwpPcHRpb25jYXJlMS0wKwYDVQQLEyRPcmlvbiBIZWFsdGggRGlyZWN0IFNl
+Y3VyZSBNZXNzYWdpbmcxFjAUBgNVBAMTDU9wdGlvbmNhcmUgQ0EwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbC/sJMYCq40V/18U8EOBG6ulx+4QLeUuw
+WbFrNb8wZ/hznX7AJJ2xWysQrmdd1cX0mlS8qU24/J3l+YZZxyfwc6vvJQIU6YMK
+h3jbhnQuJbg5Ze8QoQpBKf17A6K4SNMd8XDVUs1BPPNRuzloJpgzbY77m2Gg5zti
+lzfzIlGyR8wI53+iEiDRGevD3hKNeKT33IL8YjfyV8nvbrPfNk/3tI8PHaVZLWfx
+aomBnPfpPU47xkGJ0jRBU88kUKX0rppF961eEd+ZJ+fSwG8SGYArcmXqZ1gMqAyM
+8zrs2QOwIAXBuFCB56OaBTTeGLOLVUCWcgVRJkYHAgINgz/F3s/tAgMBAAGjggLW
+MIIC0jAdBgNVHQ4EFgQUrXWO+6UVi1FWUZVFDRpxS+xPPmMwHwYDVR0jBBgwFoAU
+pW4i/zlpOiP7iSQXxmCUABrajp4wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8B
+Af8EBAMCAYYwegYIKwYBBQUHAQEEbjBsMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
+cC5kaWdpY2VydC5jb20wRAYIKwYBBQUHMAKGOGh0dHA6Ly9jYWNlcnRzLmRpZ2lj
+ZXJ0LmNvbS9haWFPcmlvbkhlYWx0aElzc3VpbmdDQXMucDdjMIGZBgNVHR8EgZEw
+gY4wRaBDoEGGP2h0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9PcmlvbkhlYWx0aERp
+cmVjdFNlY3VyZU1lc3NhZ2luZ0NBLmNybDBFoEOgQYY/aHR0cDovL2NybDMuZGln
+aWNlcnQuY29tL09yaW9uSGVhbHRoRGlyZWN0U2VjdXJlTWVzc2FnaW5nQ0EuY3Js
+MIIBUgYDVR0gBIIBSTCCAUUwOAYKYIZIAYb9bAACBDAqMCgGCCsGAQUFBwIBFhxo
+dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAwGCmCGSAGG/WwEAQEwDAYKYIZI
+AYb9bAQBAjALBglghkgBhv1sBAIwDAYKYIZIAYb9bAQDAjAMBgpghkgBhv1sBAQC
+MA4GDGCGSAGG+VsDiiEAATAMBgorBgEEAYLBWwABMAwGCisGAQQBgsFbAQEwDAYK
+KwYBBAGCwVsBAjAMBgorBgEEAYLBWwEDMAwGCisGAQQBgsFbAQQwDAYKKwYBBAGC
+wVsCATAMBgorBgEEAYLBWwICMAwGCisGAQQBgsFbAgMwDAYKKwYBBAGCwVsCBDAM
+BgorBgEEAYLBWwMBMAwGCisGAQQBgsFbAwIwDAYKKwYBBAGCwVsDAzAMBgorBgEE
+AYLBWwMEMA0GCSqGSIb3DQEBCwUAA4IBAQANXpIq2tvvveTSeyFqxsGOwJLxxcXS
+nP3cJFlHcLj6Xzx2Vri2tXLdnPrDSn6OHz1TAm0q4Fy47LUCJjx7Us5hewck3z5S
+1krALEY8QpFSBBMy/KUw0pfBSWullzYujbF+2cXV3rf/KI7xkJCJkpO2aQX0uXW6
+xZazM+DItJGEhS0bS3DKC8bvjsV9pppz+frXVGMs/PHqj8E57gskkiIS521icQbi
+IVMkmaGnWNptfC2SgEDN9NS+/z4jcwS9l6kWGBEV6iOsGhokn8OroOaujaJdKagR
+/etkoDdEwd1StUBIHSCh2nqnUnACJqxWgmo866oLkfbG15wGN75SDkNa
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFmDCCA4CgAwIBAgIQVHq45lkYorm/2hSmjcWOsjANBgkqhkiG9w0BAQsFADA9
+MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxGzAZBgNVBAMMElVDQSBH
+bG9iYWwgRzIgUm9vdDAeFw0xNjAzMTEwMDAwMDBaFw0zMDEyMzEwMDAwMDBaMFEx
+CzAJBgNVBAYTAkNOMREwDwYDVQQIDAhTaGFuZ2hhaTERMA8GA1UECgwIVW5pVHJ1
+c3QxHDAaBgNVBAMME1NIRUNBIEdsb2JhbCBHMyBTU0wwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDNNXHvq6LbIgVNrbtvR1nxRMdDwsNyqnFpyEJzJ5le
+rDU3oxldM+v3qOyUcvFNLTdAX8uW7lQCL7BMXpkXYhcaK3E2oEhOpmiDrdWH6N/A
+Akb5zyOEipHV61dJ806K1Hv0onR99Zat4aWxuyQplVDE8cECj8njUJiU3/1hHjxc
+pj9Rr+moHfHI/Wqt5lw+rFXZ78H8babQTvZYjFhqRi8Ilynt4+UFX6W2iknkkNot
+bt4+0A7nF//F9bBw0auLnIhUjv6y9yqtMymgc3umWju2ytrCuhiJ0cST85Jjj46i
+nVfmIm+quRVMpYJfRkKpulTpOxGmaD4jFH92Bm6d+JPRAgMBAAGjggF+MIIBejA9
+BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cDovL3d3dy5zaGVj
+YS5jb20vcG9saWN5LzCBlgYIKwYBBQUHAQEEgYkwgYYwRwYIKwYBBQUHMAGGO2h0
+dHA6Ly9vY3NwMy5zaGVjYS5jb20vdWNhZ2xvYmFsZzJyb290L3VjYWdsb2JhbGcy
+cm9vdC5vY3NwMDsGCCsGAQUFBzAChi9odHRwOi8vbGRhcDIuc2hlY2EuY29tL3Jv
+b3QvdWNhZ2xvYmFsZzJyb290LmRlcjAdBgNVHQ4EFgQUmCDw8dlCpt6DP5kQGQA9
+aGjSAYEwHwYDVR0jBBgwFoAUgcSMzPXkMP+lDAhfjBVnIXQB398wPAYDVR0fBDUw
+MzAxoC+gLYYraHR0cDovL2xkYXAyLnNoZWNhLmNvbS9yb290L3VjYWdsb2JhbGcy
+LmNybDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG
+9w0BAQsFAAOCAgEAvs4b2dHa0pfkuWpkTDvwwQbSPdeeR+ju0SajEmvaBeCEvKx6
+8n3Tq0RSkbni1LUJfphDRDy3Hsv8H6GqJmQWO7ej6oGRy40Oy+EW5tuHZ7berh/6
+NXCR3oOV/2gm+IWDHKrU8ROtBliz1rCuFidLOrNKe7hRUHxWlPjUT4WJED+pjkOg
+VSXHlyguxmy1MQULA0AqAJtiArbBd8TjGkvP250tksI1p4x0Ay9MB3FiKItGZjGH
+PkCqXojPKQmGSvObyxbDr/qr+6sWu+69DJbpkR22zNwV6PvgkIfG+iA9FaPjtdLl
+s2hpqJqmiw8S9JVgRg9n6Gj3q09juOIR08n/EzBqoh4WtWLEK9oaJ3fOzyht5GBq
+/5P0v8QRjq81RBqgfUJ/ASoZ/pd/952r9Nu+jY7Akh+iP6sjLnVdEr8W1OzjTNgU
+tKSkJfJcCVBGnqrGiO7bIrj9cnbsUBk2Ca+BpJLyZT/KFcJc/vJaO9I/KySzYNTV
+cREYDeac08wbR0u85HEMBfJQ/unGdcKq/dcqUsilHa2PTrbxNgDuL3N980m0teeV
+ZXGyLsTxNC4TEs2pecGVcqi5DtT6OFs+q7B1sPcSCzzCK4NxeNCI0mSre+5ApEHX
+rYsx1I2utRbDvSO9NlfVifY67u548epDDNnbkgo92kl2+h6sOiZU73CgZj4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGGjCCBAKgAwIBAgIQO2AJMwhEWunXUblxcXybuTANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTYwMzIz
+MDAwMDAwWhcNMjYwMzIzMjM1OTU5WjCBpDELMAkGA1UEBhMCVVMxDzANBgNVBAgT
+Bk9yZWdvbjEOMAwGA1UEBxMFU2FsZW0xHjAcBgNVBAoTFU9yZWdvbiBTdGF0ZSBU
+cmVhc3VyeTEmMCQGA1UECxMdT2ZmaWNlIG9mIHRoZSBTdGF0ZSBUcmVhc3VyZXIx
+LDAqBgNVBAMTI09yZWdvbiBTdGF0ZSBUcmVhc3VyeSBSU0EgQ2xpZW50IENBMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmATDxWciBKT7gx0UoiDAsaJ
+9NWwrLsILNTq7efm5U80jFFeESg+1B0zoOABH7uN1hSx43HyebQTHDxB0l/SkkV9
+MGaAzZGHg40dWWXiAOLSoTwBQWp4l8juGPlZN2T0pt95sqc7AebAKh6B6K1E1Wep
+hx6pl8wBcgzCJYDsCrAPyB3wi4T3gOpWaigccb9K141b1g8M3zZh0kIyHzkwWcWW
+WMGYs9V1ZzM60dAPTxQPqfrv2SEvuBPIbkt1w7am+oag6OhbWu4V3cfTUW2MgZOk
+FJV1zP3mo64neDpM8mYbrtkM9oIWzixXKPprDHXEhQDSatYjnrV5OR8VaS1qzwID
+AQABo4IBYzCCAV8wHwYDVR0jBBgwFoAUu69+Aj36pvE8hI6t7jiY7NkyMtQwHQYD
+VR0OBBYEFDTjVWvMm2CYPrH/FzY8OHItJuJFMA4GA1UdDwEB/wQEAwIBhjASBgNV
+HRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAZ
+BgNVHSAEEjAQMA4GDCsGAQQBsjEBAgIXATBMBgNVHR8ERTBDMEGgP6A9hjtodHRw
+Oi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9y
+aXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQu
+Y29tb2RvY2EuY29tL0NPTU9ET1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzAB
+hhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAHOO
+x6054rJUBuixZD5TopNmdF22bf3/sTY6T+0rYUgKaP/vziOFrQcdYC3n//p2k3Aq
+AXRYIP8V9Bs4su638vs6WpxULLEtEcAv3S4ANOBslUypIYGylxSeLZJvoJ6D3KBi
+Cvnq4G/MzqpOaSOVynT9WZ2u3HSHGrqNkhx7NKTcAW792Qj0kuo607WwZdPRRnOS
+FpKwKGUnsggqTSG9pC0mnXzdB73qShXDuKlQ6UrTnkG7Gce9U4jUR1sypLC/wCda
+N1YFyts/ImETOZz/r96ag8g4SU7LuEmLMC7zcBfm6UwsWRbNvraVpDbPb0DHqoNC
+JYgobpnd2IDGjcs1f+ECR4Hecwr7jE1LoO528/3Tgu5fSYvd4mlb7vEPSPSr1j6Y
+O4pjwFyKV5Mr1qOqU2/yUot5tF/UlC+Sf3wxCUW8/hOCZRmMDS8mwmARy4AR3i7S
+flODxkZxiUK2gAQmTGXQlsfkPEtOCYYDEoF/hgfhCqoW9jX7IT3vB1OaE7Tz4j3V
+hcVjst9n7PGDUYGrG48JJns8ru+9ZFoDyb90LLY3IT3sUz56irrq85MsIXGPo3YV
+3QBMTId8fOZyj7s1NKjQYFN2mAiVvO0DKmIN4U+2P39GAiRiwkga8P/QtFZ8YzDa
+MAT+mPb1K86NBM0KByjuzJOJDSK8ep5i93tnl2vO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+TCCA+GgAwIBAgIRALEh69i9ODvCDLdUvBhDX/swDQYJKoZIhvcNAQEMBQAw
+gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
+VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MDMy
+OTAwMDAwMFoXDTMxMDMyOTIzNTk1OVowgYAxCzAJBgNVBAYTAkdCMRswGQYDVQQI
+ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoT
+EUNPTU9ETyBDQSBMaW1pdGVkMSYwJAYDVQQDDB1VYmlxdWlUTFPihKIgRFYgUlNB
+IFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL23CxiN
+bAfZclMlGi9tHpl6dCSxT4yRM79i/h3u/HbErdS+3jiq9oPZfCqgbJ0PVIOBelGb
+EhvBBbkW/wPlDq3vEEt9nP/P3cRVGu+i0X/puXA51E5TgrEn5/jdorBANmhItrG4
+uZietPJmFx6awA3ANC2MVnvmT1s5qS0cnrdFh2rLRwfANm4S0UbJNpHSItFinh0J
+XtQFyc/QE+fGAH1sC8aW34Rt+qQ1+msY7hvNpXKZLR8Fy5AVi089iv5cK8bqzVaQ
+F8kJTiukJ9vQ/e9CC7x9/TxX/oYn5bIejxsaoGPi1BgeRkS7J42MeNpYmh7kUFN6
+ZZm5Yh8OB571L30CAwEAAaOCAWUwggFhMB8GA1UdIwQYMBaAFLuvfgI9+qbxPISO
 re44mOzZMjLUMB0GA1UdDgQWBBQ4EsZ5AmY4AuM3JOWLD/9FlWnmMTAOBgNVHQ8B
 Af8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcD
 AQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECATBMBgNVHR8E
@@ -5332,6 +11466,417 @@ jVXvr24Pv15WVEt/GKqm+VkvusRTVMVQm9fDH8rBIxBmpzt0uBTcg8IWY8HtGfEt
 5R+qkfsm6EWtj4APtivR5qC2mzEDxbZSlduxifzG194rAGGbcn2KeOA0QwNE
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIFvzCCA6egAwIBAgIIdjnjgJxiHiYwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE2
+MDMzMTAzMjQyNFoXDTMwMTIzMDE2MDAwMFowbjELMAkGA1UEBhMCQ04xOTA3BgNV
+BAoMMEdsb2JhbCBEaWdpdGFsIEN5YmVyc2VjdXJpdHkgQXV0aG9yaXR5IENvLiwg
+THRkLjEkMCIGA1UEAwwbR0RDQSBUcnVzdEFVVEggUjQgRFYgU1NMIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVOKUxZ0oo2zfYVU8orGMMOdENvt
+1HLjdCYMmSyhNIwFHrER/R84+028lbE9rOlOm2Dur91sqJwOYXajnH5Tmuay6E6I
+iED2M4W6tDp4/8dAVPoeTjf314wMpi+dLseyvstGDbRhJDCRDsDNCi9SHjtit1XO
+qk8imiLJEvbF4QG6PAb3S3eCWTSKFo5zsJGJZsOVns3whqbkJsxzbfqTWPqL/J7s
+PPs+LN+t4U5UwztItH6YFay3LtMXefTuysCB89H4xkCPo90EyhAzHfx6nQ7mTbOo
+Crw+FsRmiFrcRL72ysADQm1KMB87r2lZ8aOhdN1SuDGGBfsA8iMVWg0R9QIDAQAB
+o4IBazCCAWcwewYIKwYBBQUHAQEEbzBtMEIGCCsGAQUFBzAChjZodHRwOi8vd3d3
+LmdkY2EuY29tLmNuL2NlcnQvR0RDQV9UcnVzdEFVVEhfUjVfUk9PVC5kZXIwJwYI
+KwYBBQUHMAGGG2h0dHA6Ly9vY3NwNi5nZGNhLmNvbS5jbi9kdjAdBgNVHQ4EFgQU
+cxPOg8YMKqAmkq4/e0B0tTALNZUwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAW
+gBTiyUCfTc7omqF8zw4/ZcUpiGoZUTA/BgNVHSAEODA2MDQGBFUdIAAwLDAqBggr
+BgEFBQcCARYeaHR0cDovL3d3dy5nZGNhLmNvbS5jbi9jcHMvY3BzMEYGA1UdHwQ/
+MD0wO6A5oDeGNWh0dHA6Ly9jcmwuZ2RjYS5jb20uY24vY3JsL0dEQ0FfVHJ1c3RB
+VVRIX1I1X1JPT1QuY3JsMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOC
+AgEAPupT0bWAb8gV8z6meQ8WFnuxlPnlgqSIUN2Fa+/acx1bmxZ93iJDfQ/lmB5Z
+Q1VtNVkmRXMktBagpCenbFxb8+Dt1ZXDt57lUBZdjX32EYkA5rw2oeUIAKJqxqI2
+sWEwS0fQsB6Yqyzdz8gF/PmuXWf77d5YtRb0U9lt5XRFHkf4mi606uHJtiJ0w9R5
+zwXURLibLMDAlnWdWHvVKppWECD2HJ0kpwqVGGdhSCQiAGgJ6VfTBiXsQgtVA4KR
+eMSElRy0n7M2LYZ8uG/Tf2l76FkavjmPzODV9Hb9TPbMBa9mnKcVt478+/76goNL
+nh/VeUWWn9FXF8moCGsKq1u52cjk5KD1sj1yCiCcE+qpepXGdCLk2cgvdFABQOE2
+TzXjjruOrMhMUQlA/s23BXhWhyC9o3jnelVTzpVSxwt9htvwN1MR6ZUBJ/EPuRsG
+2drpTEwsQ0NgODGnfvcVCUqSihXiJzl//B5jLa5YoonLNAExu/oqQ3WbHFxuT/g7
+CCmCq3PAF/wFAjKQI5RWALuG9xxAgp1BoP+Z/DKNNfKoxT1iqN8nY0ofE5b0FlTM
+IqO6IeXLWkjsaeA0wA8+PnpO9k0GsxJWtZ5fjz0UJ1TyeBE8cKmA0CWrymbyjb1z
+s4LazxgYMJ/i3djAEC9cfS/OvOWvvqKGv4czH00Pr93BOVA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvzCCA6egAwIBAgIIKDRS9HM/JqYwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE2
+MDMzMTA3MTUwM1oXDTMwMTIzMDE2MDAwMFowbjELMAkGA1UEBhMCQ04xOTA3BgNV
+BAoMMEdsb2JhbCBEaWdpdGFsIEN5YmVyc2VjdXJpdHkgQXV0aG9yaXR5IENvLiwg
+THRkLjEkMCIGA1UEAwwbR0RDQSBUcnVzdEFVVEggUjQgSVYgU1NMIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO0vwYGFXVZaBmTU5NinuGMY+myY
+ERMw4jjZAp7vMwxme1e51tC6Bw2+kSeNOiGy7/UTEKOb0Ynw1SoP6KkiFCrqejlx
+M687HFbiZlCFj3aSxBJ5H6ibpB4CnQm/rnOFK7bF1y/cRMA1xSwxZZRV3wO3iqOt
+B+6DvftUCxshIrULp2tP+F2aGvGemBH5R8lK4LuOYPRfPcRZKVDccyUhSnDvGtK9
+UIRFCaVuhOcUluLAiWH5KhtOfSMHj961KP/1J1P23UGHypCbvpsBb4ZR1BkRBWwC
+j8JmWRfCePde+6b3MX3JpQIlYCONf3OdWnx+PGiZOJXHlJ7T3oo3NKCZeQIDAQAB
+o4IBazCCAWcwewYIKwYBBQUHAQEEbzBtMEIGCCsGAQUFBzAChjZodHRwOi8vd3d3
+LmdkY2EuY29tLmNuL2NlcnQvR0RDQV9UcnVzdEFVVEhfUjVfUk9PVC5kZXIwJwYI
+KwYBBQUHMAGGG2h0dHA6Ly9vY3NwNS5nZGNhLmNvbS5jbi9pdjAdBgNVHQ4EFgQU
+VQOujgc1qBdj28nWHj5jnd3GF9AwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAW
+gBTiyUCfTc7omqF8zw4/ZcUpiGoZUTA/BgNVHSAEODA2MDQGBFUdIAAwLDAqBggr
+BgEFBQcCARYeaHR0cDovL3d3dy5nZGNhLmNvbS5jbi9jcHMvY3BzMEYGA1UdHwQ/
+MD0wO6A5oDeGNWh0dHA6Ly9jcmwuZ2RjYS5jb20uY24vY3JsL0dEQ0FfVHJ1c3RB
+VVRIX1I1X1JPT1QuY3JsMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOC
+AgEAhUXqHJC9kuRt5zwUB9AE/5GBI0MmHrNAmseRMv754c4hiDPABuZf0gl5GYsA
+v0T7T3+TlHmdbUoUCMOiWOxQrxk+8qeOJwg8WV9rUhWlYY/i7GFRWK+6S+EsFARG
+f31zqTInM1GbjvdcBz3mgqNe8QslfCjiD9XmZwoHNwSVZ+olb6ywT9JQBA2AS1rN
+tHN/gfNZHdwO0Qbg/YQGMaa2HnvGImfHeVxlZEMe2MSC2lvJOsf6RejeKtzm0lE8
+lPysb/ftitc/vI8kOfAm7xiZ7ay2lT02lSPuZhZMOy/BtFidm4SToshPhhEFNFZH
++Rv1rhwgVT7/wkx7LwEp1gH0r7aMS/KQIMbFhJYDTAf14pFixtxwF7HO6Tk4fD/f
+uPEnwvwyHysZjxpkSsDsxSTd5NzhAS296Iq/dhzXRBXxhag8OFKW4ajdFqIPkDPh
+ZO5QECj1CUYHVy8QyJw8Z2O1pMxqhJpXcjt9LgnDUMe5q8IK6TkX4qVaM4C5aFAN
+60e9x/+ujZ5uDyTi3XuZK/lHjlTQf+6gI/z86VLEBA2orlOKxNOS93BBlnuR7MoM
+kgZdB6OUJbIKh/VwSQg/+lhu4iSy2YLjS6LopT+rvxPXe3AJYSnbDH9PWfX6q7PG
+A09nXiC4C/ez9dSbMStwGVlGEUm77bR7C+EYS9NiVFQCIm8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwTCCA6mgAwIBAgIIeqchX4m3GQIwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE2
+MDMzMTA3MTkyMloXDTMwMTIzMDE2MDAwMFowbjELMAkGA1UEBhMCQ04xOTA3BgNV
+BAoMMEdsb2JhbCBEaWdpdGFsIEN5YmVyc2VjdXJpdHkgQXV0aG9yaXR5IENvLiwg
+THRkLjEkMCIGA1UEAwwbR0RDQSBUcnVzdEFVVEggUjQgUHJpbWVyIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TIlk/hFDTpazhQb0t4o5m9tILf0
+93S1NJ4ckyU70dbwIqM8BtezbcAMWo06puZS8fovheBbw6efUS6IHL2+dODs/SA7
+qjLMfrrBhuJNU+tiYTOGnIZ+mI5kru5owjgxOz+7HqTe9lbsJfKWnvoeSKjumCzj
+AMQde+pv0J4URj/lMBixgZr5z5nxubDSzLwjJSYXAkFnrNmnGSj2ABIbaATBsMvu
+eyqL48KiM+Upa7eW6deKpv23FucskW/Y7i07+nAOoN0z2pY4qj114Bn1Zc16EsYu
+nudSTp9fII41a9SAn4ZKaviCFbvmUDuXTIaYNwDymhzwrKDAx+jqKQR3AwIDAQAB
+o4IBbTCCAWkwfQYIKwYBBQUHAQEEcTBvMEIGCCsGAQUFBzAChjZodHRwOi8vd3d3
+LmdkY2EuY29tLmNuL2NlcnQvR0RDQV9UcnVzdEFVVEhfUjVfUk9PVC5kZXIwKQYI
+KwYBBQUHMAGGHWh0dHA6Ly9vY3NwMi5nZGNhLmNvbS5jbi9vY3NwMB0GA1UdDgQW
+BBQRZJKuoEFiHCCEt9OIgdHNgHLHfzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQY
+MBaAFOLJQJ9NzuiaoXzPDj9lxSmIahlRMD8GA1UdIAQ4MDYwNAYEVR0gADAsMCoG
+CCsGAQUFBwIBFh5odHRwOi8vd3d3LmdkY2EuY29tLmNuL2Nwcy9jcHMwRgYDVR0f
+BD8wPTA7oDmgN4Y1aHR0cDovL2NybC5nZGNhLmNvbS5jbi9jcmwvR0RDQV9UcnVz
+dEFVVEhfUjVfUk9PVC5jcmwwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUA
+A4ICAQCPLqmgzsr8t/yqXKsQocpswQ15OovqF4HpSVkGbC6ds/lJx5IonuGhJ8ux
+WR+S1lDF+dMHuI6Z1N0pn1EgAVIyhabzeO7k9bW2cuV7dp5JwQhUqYJcrIwryTFf
+itWO/8a7AxyRvn09RklsETfDn4zPl9tUkpV6H27qy5CpLfMzpFdkrWuhabeX4ZZS
++SMh0iXr+6z9BERKZAHIPRvEc7KxmeNZdv7l0cPk/JxWd9YsAEzXHTtftIndwYIE
+odIvm8owS9hugFtr6dZaxddNHYP+zNHUFvRX7GvlbJCkVCpdUkQ7eYQ0K0PwnhCw
+fJhWvPbu26S92OSERV3sJqbp9TyBKi+LlxawbQDyGYHjSaYCLX9IYIOyZDk4EqR/
+5SMwRSHYRA+MjDzzsGGXcW01XwrtYWYpLWJJ2VJM5Q2kRses+G+wCikfCyif/C8P
+caQQqfhHMg//UJitNKiGrAXlbnpv9MLCpuC0ES43LYxTDM0Yq2tVIdjE8XvWz83A
+6wJEayhUrZrK0a44zmZfnzIsIo7WEDz0sZfYt7ClBJ3B95whxRJQUjKHlfyYtod6
+T6Bn/SVdO4n/6KI3VtPjh0Og6cW3QUl3V62ljp77hQJ+rS+VYfsO2yc3qcvThOWD
+Hui5dpmRvkJRtlsrkG4sO0H6tPuZvAhUUpp3DGXqE58fXosRLg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvzCCA6egAwIBAgIIOcB3/B7WFeMwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE2
+MDQwNTA5MzYyMFoXDTMwMTIzMDE2MDAwMFowbjELMAkGA1UEBhMCQ04xOTA3BgNV
+BAoMMEdsb2JhbCBEaWdpdGFsIEN5YmVyc2VjdXJpdHkgQXV0aG9yaXR5IENvLiwg
+THRkLjEkMCIGA1UEAwwbR0RDQSBUcnVzdEFVVEggUjQgT1YgU1NMIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4oj/ZBFHvmpctMkt2LwzkFWXnuLR
+9V0cpHWRWzEuU1DmflB5udFcEGJW6mTCfyfrFP6C4pvNp3XZSO3hB7gGlA6Si0IZ
+F/k3uNqmy8d0jMp4+4Num4jN7Xl+RvOn91cATzWUbrhcorgPf0qJ1Njt4OWDGT3H
+uaxH05w8cq0ObEDcHEYTjPfRj0MkHzCj/pAR4J8gp4eUG925Fl0rNr4+0FS58Nce
+LSFHeBzdlF6pECuQEX53OP/83q9eHpyf7oFd//GLcwhsGdttVYob1pbJS3EQFI+A
+8Zri4uVPdBTSEYc7yX+tIiqNC4TW/9xs22T0rtl0srh/AvYhzMgynOkGKwIDAQAB
+o4IBazCCAWcwewYIKwYBBQUHAQEEbzBtMEIGCCsGAQUFBzAChjZodHRwOi8vd3d3
+LmdkY2EuY29tLmNuL2NlcnQvR0RDQV9UcnVzdEFVVEhfUjVfUk9PVC5kZXIwJwYI
+KwYBBQUHMAGGG2h0dHA6Ly9vY3NwNC5nZGNhLmNvbS5jbi9vdjAdBgNVHQ4EFgQU
+wPZ6W758CMatBLtIYUWw9WJXoLMwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAW
+gBTiyUCfTc7omqF8zw4/ZcUpiGoZUTA/BgNVHSAEODA2MDQGBFUdIAAwLDAqBggr
+BgEFBQcCARYeaHR0cDovL3d3dy5nZGNhLmNvbS5jbi9jcHMvY3BzMEYGA1UdHwQ/
+MD0wO6A5oDeGNWh0dHA6Ly9jcmwuZ2RjYS5jb20uY24vY3JsL0dEQ0FfVHJ1c3RB
+VVRIX1I1X1JPT1QuY3JsMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOC
+AgEAhWNOGhhEtGDEd2mjNC9qqPG8Nce/iOUTVHHpXJq2jiw7D0QON8FKvRv38Ey+
+nNFGAN19EYwJ9TP6G0RDTVEFwmAp1SvAZw2Z4gnub7jVdeQo4UORt1s/dRP448XB
+ujDbP3QLIAqkegBrEwDvnyTjY15yjUG9sx3WAxfnWihhf0IaNVRmQxYXVs0YR8jw
+Nx8iJcghFjpZ0Dc1aFpDx8cyVqyYMme8jHWK9w5WAhv/4Kh9x/XFgAu//iKy71Aq
+8J/a3u/Jzgj/Yod3KPRciGTs1/bJhlta/1gc8aCeIWwN2iC5QD94cveuqVDLmnde
+Ja6fUSsZzJzM3Cpx7Dbq2R4+zsvwAr2u+GRu+XfZQOp4Vuu0plIVr3c2+S2PvaZ4
+cn3+2K5HLwnws9rEjxeN/SIYDkzib1bslevTYzNjTTULjnKpqQ1ekkOLzbdJE6Cw
+x9Az3u+OzU20Z5ArvlRTUhr3IMBfue8LvdKaXIG2vXRrBxDu5mkdN3Aryd3tn1En
+Ih5Mts7MN9CIqOlkQ2HONHzuXv0uo+9mCFTcHCOdhWM+jD1ACUsI0XtqzLpDIVQT
+Eimin1irVeb2KKVD09n7zUIwY/RU7rEY/++LD4mBCCPSuogFigazw8XMLh49/9He
+cdFjQi2D4YvF1P/s6h4W7EPX/2Cje62fPlMtJQ0fzyq2dNw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5jCCA22gAwIBAgIRALYBkT2FU7r6AAAAAFHUwfYwCgYIKoZIzj0EAwMwgb8x
+CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9T
+ZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAx
+MiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMzAxBgNV
+BAMTKkVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEVDMTAe
+Fw0xNjA0MDUyMDE3MjlaFw0zNzEwMDUyMDQ3MjlaMIG6MQswCQYDVQQGEwJVUzEW
+MBQGA1UEChMNRW50cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0
+Lm5ldC9sZWdhbC10ZXJtczE5MDcGA1UECxMwKGMpIDIwMTYgRW50cnVzdCwgSW5j
+LiAtIGZvciBhdXRob3JpemVkIHVzZSBvbmx5MS4wLAYDVQQDEyVFbnRydXN0IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5IC0gTDFGMHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAERH30xyio+YKd0SQEqsKhKlWeAkNYBUGrBS2kSJ8xh9aeiNANaAmPRCcBzvpi
+szqLh63Bt6WleEb7bJztcykgabYQxFavAPggWgeGzVxq2f07t5daKVoV6dZnHqag
+1+eCo4IBLjCCASowDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+MwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0
+Lm5ldDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2Vj
+MXJvb3QuY3JsMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpodHRw
+Oi8vd3d3LmVudHJ1c3QubmV0L3JwYTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
+BQUHAwIwHQYDVR0OBBYEFC5i8BTuh82zNQM97+S5nv07uKPJMB8GA1UdIwQYMBaA
+FLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMFIliTW5jfYd
++emGKAyib9/O/zMtzg4PPBwu5IzN9qY/P+8TfxlCkFq+Dn/+1JcoQgIwGSCyqHM9
+X8q5V9bLbhjZg5GoAFPgdhvIlxCaq4IqV6MkxjfTKD5sKsRqHtgwYFzr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5zCCA2ygAwIBAgIQCoPUgD5+n1EAAAAAUdTB9zAKBggqhkjOPQQDAzCBvzEL
+MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1Nl
+ZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEy
+IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEzMDEGA1UE
+AxMqRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRUMxMB4X
+DTE2MDQwNTIwMTk1NFoXDTM3MTAwNTIwNDk1NFowgboxCzAJBgNVBAYTAlVTMRYw
+FAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3Qu
+bmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNiBFbnRydXN0LCBJbmMu
+IC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMUowdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AAT14eFXmpQX/dEf7NAxrMH13n0btz1KKvH2S1rROGPAKex2CY8yxznbffK/MbCk
+F7ByYXGs1+8kL5xmTysU/c+YmjOZx2mMSAk2DPw30fijJ3tRrwChZ+TBpgtB6+A5
+MsCjggEuMIIBKjAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAz
+BggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3Qu
+bmV0MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvZWMx
+cm9vdC5jcmwwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6
+Ly93d3cuZW50cnVzdC5uZXQvcnBhMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjAdBgNVHQ4EFgQUw/lFA77I+Qs8RTXz63Ls5+jrlJswHwYDVR0jBBgwFoAU
+t2PnGt2N6QimVYOk4GpQQWURQkkwCgYIKoZIzj0EAwMDaQAwZgIxAPnVAOqxKDd7
+v37EBmpPqWCCWBFPKW6HpRx3GUWc9caeQIw8rO2HXYgf92pb/TsJYAIxAJhI0MpR
+z5L42xF1R9UIPfQxCMwgsnWBqIqcfMrMO+2DxQy6GIP3cFFj9gRyxguKWw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwjCCA6qgAwIBAgIIApIzJGvGMUswDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE2
+MDQwNjAzMzUwOVoXDTMwMTIzMDE2MDAwMFowbjELMAkGA1UEBhMCQ04xOTA3BgNV
+BAoMMEdsb2JhbCBEaWdpdGFsIEN5YmVyc2VjdXJpdHkgQXV0aG9yaXR5IENvLiwg
+THRkLjEkMCIGA1UEAwwbR0RDQSBUcnVzdEFVVEggUjQgRVYgU1NMIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwDUfCaCvZuIpnRrjpuR5fI6u4Ci
+tBnHvv0Jj1iruRQPBbic92JNcrWT/GQgkm7ADrHMk6asK4zOvXknXsu+LA4hbqsM
+FJI4qNHpWg9LaSRUcuKAPufqaklTbYS+OjqA/80LmZphyFs6ygdMDTli3nyoD2qw
+ykOr19L8DNgoBVZcGZZeHjGUE5eYZSmNi/c1cC0TOdJxq6T2aCI3MwzK7T2IOrwb
+tzWrmgV3lq5EqdsCTUHG+CR2hKODzDZDbB6bRxtsaB9TxAYDL/6j/CimIa+Zwv6n
+tvtuBhRrEj0fWat+EHlJw0r5wQUHySRbsr/Q+lcF3iVEcdZMuQRn2J4LgQIDAQAB
+o4IBbjCCAWowewYIKwYBBQUHAQEEbzBtMEIGCCsGAQUFBzAChjZodHRwOi8vd3d3
+LmdkY2EuY29tLmNuL2NlcnQvR0RDQV9UcnVzdEFVVEhfUjVfUk9PVC5kZXIwJwYI
+KwYBBQUHMAGGG2h0dHA6Ly9vY3NwMy5nZGNhLmNvbS5jbi9ldjAdBgNVHQ4EFgQU
+Hmrq3vUvv6jTbMfGP9tsZGDc40EwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAW
+gBTiyUCfTc7omqF8zw4/ZcUpiGoZUTBCBgNVHSAEOzA5MDcGBFUdIAAwLzAtBggr
+BgEFBQcCARYhaHR0cDovL3d3dy5nZGNhLmNvbS5jbi9jcHMvZXYtY3BzMEYGA1Ud
+HwQ/MD0wO6A5oDeGNWh0dHA6Ly9jcmwuZ2RjYS5jb20uY24vY3JsL0dEQ0FfVHJ1
+c3RBVVRIX1I1X1JPT1QuY3JsMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF
+AAOCAgEArUQN5juKmBKonTeSMNnDDEnbgUb5c8UMEdpBgL4rn1vDCYXbReZQdEI3
+CyBChDpDfggWwG8Za/kAEThnsTEDxBMbWVuDYmJW5OWOVpBHsGboYiQ6veKD53MQ
+Vm/UTWwUOficJUDZmsn7khKxqC6jrlygapvqwbxpeXXcxMmytcafcWDqVuyb28dQ
+vk0U5JxDBTiMlGxSkzqpUuk49hh90mTE5o2+fS/paqqYOhCSu2Yn+ewekJJbJpMz
+KpIgje3EePUcnoYzUjzEZgujYpSfXy44Mx9JlMvWVTR1cFbofPoQfiRX4kb4R2HC
+JAsR5k6XZsAGLR13h9ttpwHRZUficCj0aE52CNJU08WJXpmWLVVLXJ7b7RgbEGsz
+00z8d5Szivnypj1IraNMM4XTpArhflyku2h/1ku06u8FPn137xuHDfboFH2aU+og
+0cj5LsiHoDDyeAa9+fz6ycv4/cbMQvM9IXv2xJKwkf0mzW488gSCIQXLSgAF+t/B
+0eP+KxZsoXQfwqlkw0zql6YBduX+vmMXfWzMVHQYmSY6QdLWObpd9zXyzug6mbc1
+3p6vw+MB5rzDkZV3R2Uy03OBuM5UK7uRtgCVxMvn9GDcDDbv4LJRdmawHiZAoyVL
+0BI7sFfapY4G2MiqHBnJAghuSnyV1u/hNUznRgXLfAhEiNRC8lI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzDCCA7SgAwIBAgIIY1SwpvX/WSowDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE2
+MDQwNzA5MzI1MVoXDTMwMTIzMDE2MDAwMFowdjELMAkGA1UEBhMCQ04xOTA3BgNV
+BAoMMEdsb2JhbCBEaWdpdGFsIEN5YmVyc2VjdXJpdHkgQXV0aG9yaXR5IENvLiwg
+THRkLjEsMCoGA1UEAwwjR0RDQSBUcnVzdEFVVEggUjQgRVYgQ29kZVNpZ25pbmcg
+Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNlDGrHYlrgCx6hRTn
+Gnza9iuTyeZ+mFVN1ss0EoZIKaPmirejLnNPlOi6GMtchiTRxo3DbeC6AcDyfaEL
+ULO+Z/OSpfzYiT2LwxI+HjCoC4y9Q/Lq3mvi4ZioCVsx0h4+K+qPv5HlrCrBSTaq
+pHiCcoB30Qwdvl64bECM7cnwCi8uEZfS86DI/FgFURfe6RxYDtxcWuVqyZ3usXsA
+YmU3OqvkjiQDqFA9sLxkWQWqf0BiPrELFFacF5Cg2XAMidpon2cIEXQMrqr5JnVz
+Xe5M+fOYru9L6t5drS02ktPSW6TwvLX02vgeBbXrNUAsTSPDs/JXTMRZNF6StVQg
+KDCZAgMBAAGjggFwMIIBbDB9BggrBgEFBQcBAQRxMG8wQgYIKwYBBQUHMAKGNmh0
+dHA6Ly93d3cuZ2RjYS5jb20uY24vY2VydC9HRENBX1RydXN0QVVUSF9SNV9ST09U
+LmRlcjApBggrBgEFBQcwAYYdaHR0cDovL29jc3AyLmdkY2EuY29tLmNuL29jc3Aw
+HQYDVR0OBBYEFGhiI9Op38Ui0VVlTWR2JYmqttB0MA8GA1UdEwEB/wQFMAMBAf8w
+HwYDVR0jBBgwFoAU4slAn03O6JqhfM8OP2XFKYhqGVEwQgYDVR0gBDswOTA3BgRV
+HSAAMC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cuZ2RjYS5jb20uY24vY3BzL2V2
+LWNwczBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3JsLmdkY2EuY29tLmNuL2Ny
+bC9HRENBX1RydXN0QVVUSF9SNV9ST09ULmNybDAOBgNVHQ8BAf8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggIBABd5x6mQ1k7xhTfpaGAwIqomgeDrh/5S4eoGfz9Y/oa1
+EmYump3bs2b4neJoLiYATq3n5WlyffJq/Z1XmpaD6Negm+Q6J3N7iRugDeP8qKlv
+fQornkpsi3Z7RKG/JqevHULaEmHb2NX0juK9mMvqiO2/pJu3znTGK6LSxO+FsN+v
+6OG1juPlrJdPQ/oAMhxqNjmo25Y5DZs7Co2YLMktUUrt6bwr5HCnIWjEEFdB0QG0
++PN1FaBvTJZGQMJefg3ksVhYrzZDY0Lk76KtQPfZv79Ph5gr0Fr/RpVhcbGsyKuS
+LY2gVCMuYq1eZdX13uGT8LeoO95FmkUSa4L9M0SNUcUe5E6IGQz8jk4+jotMgRak
+bM42+DBhwTe0z5OnWiksXT90t41kniiV3iHD1ccg9AV9oufbTyzMOvVWYcszWoz8
+tJy3VCWw4daiIrXyRUIN/Bbj98AF/5z/CpnLpGhC3nhv8G/UUGFjmNsKy86SyBNy
+8mI/B63mOtQUHt3foQAccbGWrLo7Q5hIVftxxkmi5reHw3O+K4wReWxhWmm1ZE7R
+sEz2wBVpVcZwUJ9BXZGdYOxzFRtiN1Xk2jVl/nFogrxv13aCBLi8T+B8Ec5am5jH
+05RH4ajd1dzNHaJ1QzGQggPREnNFotHnvLuZihItqnfzmyBW+jutdk6+yZ4F3r16
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFxjCCA66gAwIBAgIIF7Ot0kCjuSAwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE2
+MDQwNzA5NTAwNVoXDTMwMTIzMDE2MDAwMFowczELMAkGA1UEBhMCQ04xOTA3BgNV
+BAoMMEdsb2JhbCBEaWdpdGFsIEN5YmVyc2VjdXJpdHkgQXV0aG9yaXR5IENvLiwg
+THRkLjEpMCcGA1UEAwwgR0RDQSBUcnVzdEFVVEggUjQgQ29kZVNpZ25pbmcgQ0Ew
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqAeFuWy6yAbXcUxspMJv9
+YlYGp0sC5nsigR1UeHPi9tYt7wMdXNnPRBXXaKQUBdmlGkmKOSva4nuEUR0Wxf30
+ehavxoQ2+8On/AmfwGHEgVFMQJ4PK4ljrsmUCaRDM7fdoq4N82BpeR8wGVVjO8jp
+NB1Rax3PNGo+drW7zEAx69DEKZ2xxo6PUz3HddjctORdxm+fL2AqLQbYQ8cKrO0m
+DgpUtt8iJHCWB1JgDwQE0qVrWJVtcWKK08+4nKzWUDpLaeMLAw96O2HFxgGAu4Ow
+bMDiBWW1k9nh+HlkEN4BPjVpt8xA9rk+DuPmF/kzZuwE45uMp/fNp9WU9AxXF4Rz
+AgMBAAGjggFtMIIBaTB9BggrBgEFBQcBAQRxMG8wQgYIKwYBBQUHMAKGNmh0dHA6
+Ly93d3cuZ2RjYS5jb20uY24vY2VydC9HRENBX1RydXN0QVVUSF9SNV9ST09ULmRl
+cjApBggrBgEFBQcwAYYdaHR0cDovL29jc3AyLmdkY2EuY29tLmNuL29jc3AwHQYD
+VR0OBBYEFEn9nhotc5Y2cn1dHrbigSNpz2jkMA8GA1UdEwEB/wQFMAMBAf8wHwYD
+VR0jBBgwFoAU4slAn03O6JqhfM8OP2XFKYhqGVEwPwYDVR0gBDgwNjA0BgRVHSAA
+MCwwKgYIKwYBBQUHAgEWHmh0dHA6Ly93d3cuZ2RjYS5jb20uY24vY3BzL2NwczBG
+BgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3JsLmdkY2EuY29tLmNuL2NybC9HRENB
+X1RydXN0QVVUSF9SNV9ST09ULmNybDAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcN
+AQELBQADggIBAAbHQTdTEqWeRI3Iy0Nu8i1/+9Vu0UvKBvAP5oSyxScaR4IsE9JV
+xAQTc9/pEIHHkNDOAaRDu4Obyq+bpvDp9c7mVV51oLKHWQ94UP587Wuwk2aIvnfH
+n9ZbnsLHdSyir6PZYuJEo/t/1Z8MbMnNaSy7gOq9wfrX+PC143kGtRFs6Dyw8TIt
+2HS1uYmuGBY73bATyjjPK5FY+1l041ZJmbTHQaDI3ezXvtwA4t4Dpb0e8O1WmeZu
+RnUyQVEDh1V13kKgjp3T3GcFJHuV2LhWxy9ac4NCJwqSpNeoVHOHQO1Y9wcfFfyO
+CKH9uKKqRPqivDdI+M7sZTM8wo6FlvHnLqU01dVAvizZ9Qxoc7mshJNCblA28DDk
+qofeYJfXrwKO2mz01P/7VkrhOZCUL+N+AGcZ2vFlHes067jkOk5VcKKF7XOU8+9N
+v2MCjSEbYgNkjuVWeeUArSWIGOpkIpuIHudYo1lJkpmYWlMqHaQD95WQ3E0KxFLR
+hYY9u4KyGCRvOU2hQbNcdBhF1VedmCjl9VazmHbuENO1AhE3wHVQqrnbtAWU4Q2b
+c++ZVXKvM+bMuD7gLGOxNKr02s3S4T5rVvlgG6W1Dl6L6IF9rCcGkVlwM9efy3AC
+5/tpog/BL9IBrYdRyvshGkjlq8DT3gZrIbD7+AfY0n/1OTrDsVtsqdt3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwjCCA6qgAwIBAgIIKDVqnHC0VXgwDQYJKoZIhvcNAQELBQAwYjELMAkGA1UE
+BhMCQ04xMjAwBgNVBAoMKUdVQU5HIERPTkcgQ0VSVElGSUNBVEUgQVVUSE9SSVRZ
+IENPLixMVEQuMR8wHQYDVQQDDBZHRENBIFRydXN0QVVUSCBSNSBST09UMB4XDTE2
+MDQwNzA5NTg0NFoXDTMwMTIzMDE2MDAwMFowbzELMAkGA1UEBhMCQ04xOTA3BgNV
+BAoMMEdsb2JhbCBEaWdpdGFsIEN5YmVyc2VjdXJpdHkgQXV0aG9yaXR5IENvLiwg
+THRkLjElMCMGA1UEAwwcR0RDQSBUcnVzdEFVVEggUjQgR2VuZXJpYyBDQTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALY7vbjZoi1PTJf5velwTyEPcDFW
+qGWpDgtvGGei0LZ+/h5RsOJZSgchG4aiIwEv47ze65VGK4fSjBHbrG8o0KGowghS
+Nd1R7auxvQyleT4K760mGb9ru6PqpmzXmCJJybfq4+8J3j8wpe6utUDSnU+Kmx33
+umxjJIgzs6grvHOrgZLejk+AGEX41bmNSowCR8pG3nTGObnXnCUV1X5fNzyBG/z/
+imcxXmnD8VK5FTpPgQd17TnjNkoTfbXVs6PshSQJC6oD4nlRATXdxR4vHj6RILOk
+qujS18FCSKxfggMUy8bHTmVEz61uYVNeoz8M6xWlZsTcDqAo46lPd5c4OXcCAwEA
+AaOCAW0wggFpMH0GCCsGAQUFBwEBBHEwbzBCBggrBgEFBQcwAoY2aHR0cDovL3d3
+dy5nZGNhLmNvbS5jbi9jZXJ0L0dEQ0FfVHJ1c3RBVVRIX1I1X1JPT1QuZGVyMCkG
+CCsGAQUFBzABhh1odHRwOi8vb2NzcDIuZ2RjYS5jb20uY24vb2NzcDAdBgNVHQ4E
+FgQU0/7uYYDAmZBZbdYkVfL/wOsnF+wwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSME
+GDAWgBTiyUCfTc7omqF8zw4/ZcUpiGoZUTA/BgNVHSAEODA2MDQGBFUdIAAwLDAq
+BggrBgEFBQcCARYeaHR0cDovL3d3dy5nZGNhLmNvbS5jbi9jcHMvY3BzMEYGA1Ud
+HwQ/MD0wO6A5oDeGNWh0dHA6Ly9jcmwuZ2RjYS5jb20uY24vY3JsL0dEQ0FfVHJ1
+c3RBVVRIX1I1X1JPT1QuY3JsMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF
+AAOCAgEAmAoh0jabJLR7Bh/mVv4H7Vf3ypdeFbovRLtY291zRHc+oG4dBc/7kSie
+OvJJs3EKRw9KQB6+W3pShshm/Tl1HjcWaLHEnewCakTujTJwQ9OwgtRMokBec/TH
+Kp576T3NMIg0OgrCC98mhGWxbhLz8IU06978hZ1JOIBOdqTACMDvCDOdRvaHuFBv
+fJ6rTIQwYhSZdZ1Bmo4x3WOHiiogwiOlkqMjiyLE3Bloj47Xefl1hmJazoI9sa5h
+kCvimshfZOo/Zkxipr7p1KUFliLsOMsWBU+YCvZtdDnFaPkPvj+OnUBAs5wESHM+
+m0LiDUuRXZhqoQax21zpQcEN0cPQJbLZp9wak21puxVdiu1OpW6Y/w8sZhtPdu3u
+Q5BiY4wzBRCwR07qN+L79zhI3Gh3Ev38vRLqa15WAnumrZJQWY947yTA+47Zj8bO
+DHLIWDe9sJ86li1V4m4P5nn4u5CRKcuQ2jscCiGssYh91yFt/E7VZbXNnfjIGKiH
+rAmTvEKaBfzNqPGrJQDITiADpuIAG6gXav9deW1WiKCbAgXt04K16l8r1958m1NS
+t74qZBMkSnRSKgU6MG3woZCWGbQVuzDSuNiFsEDK+HoC4305X/OT73rtoa2akopJ
+j0mpUKPklUF03P5UBtDZbdSY6+w8V0ER921AeC0LPrjiKl+OhJo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFxDCCBKygAwIBAgIGSUEs5AA8MA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTYwNDE0MTQwNzU5WhcNMjgxMTE3MTQwNzU5WjBS
+MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
+Q0sgTHRkLjEZMBcGA1UEAwwQTkVUTE9DSyBUcnVzdCBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANbJDh2dpmc3KZryFQ5r+2vpd1OdMarHD5VOOL/t
+aCpus9rkiE+fxLMfl/hXfTwMNwPig3q2af01eimKDCmnLCSBtGDjywPcq5FpHkm8
+1tTGyCi8FxW96q3cObiN2fFfSgxGvRUXzo7Tivunx/N9ve3OsT31MKlRDrc/BSDX
+alRYuHOewlWsYD7XFrrkxBN7gAXhl3UNBZi4vOFglZG3Q1zQ+xMZfomXu9OA8uuE
+1l5NdgUTFIXyKFkey/5BiNnfR2OkjdTo5+9cBehSmz+d2XUHXaf8w7ZC0uH5HICa
+cgoqV3L7UBvSyC43R/P7QnI1V1G2G/Lr5bJK1SR3rUiHTzkCAwC2R6OCAkgwggJE
+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFMz6
+Z5PwtrjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBRTuaqqduIBINrHUUU8VumWXtpc
+5TCCAT4GCCsGAQUFBwEBBIIBMDCCASwwLAYIKwYBBQUHMAGGIGh0dHA6Ly9vY3Nw
+MS5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRwOi8vb2NzcDIu
+bmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYgaHR0cDovL29jc3AzLm5l
+dGxvY2suaHUvZ29sZC5jZ2kwNAYIKwYBBQUHMAKGKGh0dHA6Ly9haWExLm5ldGxv
+Y2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0dHA6Ly9haWEy
+Lm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0dHA6
+Ly9haWEzLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwgZ4GA1UdHwSBljCB
+kzAvoC2gK4YpaHR0cDovL2NybDEubmV0bG9jay5odS9pbmRleC5jZ2k/Y3JsPWdv
+bGQwL6AtoCuGKWh0dHA6Ly9jcmwyLm5ldGxvY2suaHUvaW5kZXguY2dpP2NybD1n
+b2xkMC+gLaArhilodHRwOi8vY3JsMy5uZXRsb2NrLmh1L2luZGV4LmNnaT9jcmw9
+Z29sZDANBgkqhkiG9w0BAQsFAAOCAQEATdoIdLEMX7yC897m0MY9t72XS4LlVRq/
+z5GgViKPCG/KgXaTNepAlvKC+KyssqO+qGr7iKyCLsduvaOvmSpztqkn0ZMh0Yce
+OI7iV9YVqFJDI7rOWpxAvBP3iXu1hslV6vhNmTkYJu1wD51e78mLenMcX+n3d17T
+gZ5gsYRmqplyLgEO4DtXEv2e8bnYZ/ngDCCewUxFdiMZyepNYDIbSei3uEqGmMl5
+208b2FyLYnSmG5R0j77VTxGIeRcpDY/qrx/3wQ4NuWFXq6hQ9nhPcKKgVn5yUgn0
+h123m3VcoYpob5OKpPoRm2mxkPHUkNZ2e+iimh5nZN/mZee+fIr6/w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzTCCBLWgAwIBAgIGSUEs5AA9MA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTYwNDE0MTQxMDQ4WhcNMjgxMTE3MTQxMDQ4WjBb
+MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
+Q0sgTHRkLjEiMCAGA1UEAwwZTkVUTE9DSyBUcnVzdCBBZHZhbmNlZCBDQTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOPIo9P4wlXm+to+T5+Et2aSkGZm
+PnzWEt18o5ZbivdvnmdBjqcVbgpd/ACzsZQuC1EK/YPa7+j1JXKoZUhX2EtWoN7T
+Sl9Y2BunbCK4zYX1nPp0AJ4XYBKtarHBkDEnTNgKg8FihxwZZeDm6uzKQNg5Y4w2
+l2RSJj9+dgJIy3nuOQWIUMvCPoWQLjk1cssLE4obDJmYU+/Xl7dgXHfSPiZWXY1f
+RKmH2SvH7ejzTDglIqInEICsBWmVK0wl/bletfyM0nXryOypnTNp0XiQ+caO7acj
+nJapMi0C1Y0XbcmMknj8mU4+9Vo1ik3arj+NU+YgPqMpZkQkZrVASbgP/JUCAwCf
+P6OCAkgwggJEMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB8GA1Ud
+IwQYMBaAFMz6Z5PwtrjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBRqnQv4imTIeg4l
+ZL+wPmG4G/+8gDCCAT4GCCsGAQUFBwEBBIIBMDCCASwwLAYIKwYBBQUHMAGGIGh0
+dHA6Ly9vY3NwMS5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRw
+Oi8vb2NzcDIubmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYgaHR0cDov
+L29jc3AzLm5ldGxvY2suaHUvZ29sZC5jZ2kwNAYIKwYBBQUHMAKGKGh0dHA6Ly9h
+aWExLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0
+dHA6Ly9haWEyLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUH
+MAKGKGh0dHA6Ly9haWEzLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwgZ4G
+A1UdHwSBljCBkzAvoC2gK4YpaHR0cDovL2NybDEubmV0bG9jay5odS9pbmRleC5j
+Z2k/Y3JsPWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwyLm5ldGxvY2suaHUvaW5kZXgu
+Y2dpP2NybD1nb2xkMC+gLaArhilodHRwOi8vY3JsMy5uZXRsb2NrLmh1L2luZGV4
+LmNnaT9jcmw9Z29sZDANBgkqhkiG9w0BAQsFAAOCAQEAu/WWlFq6e/Tjqs8NmHbZ
+TsPAYhOCCAnP/G4p5rElF4qCktg/Pudw17odnvrcFLr+ZqSI7KQcNfSlh915nU9Q
+UBv4lSLE/yP1fr1QRihxM/MWnA39s754cVW5gCc/DoHu9ZkOw+KkYz+BSDHsGj6o
+7D4YSjRt9jv4ETz26QkPQ1MjVEUOLbSWh3B7qYCIvdg9sB1d8RfcE9JM5eXeVkkr
+TWUneN01WAKCY7tVIP0NW+QayIcV5a7btpjRshyZFI4l+008ld38o/nUwhIz6f+t
+F+jGCaHo3v7u7gjHiRyPA70vcfOsfQBU/UaK4bz1rBX+D0GwLYJwREya7uzOLf7o
+Uw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0jCCBLqgAwIBAgIGSUEs5AA+MA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTYwNDE0MTQxMTMzWhcNMjgxMTE3MTQxMTMzWjBg
+MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
+Q0sgTHRkLjEnMCUGA1UEAwweTkVUTE9DSyBUcnVzdCBBZHZhbmNlZCBQbHVzIENB
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9wEDOSDa1yQem8gwquI
+CkhDuJrHf2R1X2lzMGGWavhAM0fJNEG0E90v+Y5cLq30pNXC5I/ISXXdGM/s8/85
+2JKH0206rR3yFsXJ15yVTGforVOjzVr6bATbDNBFRoj8JMO9YS1NPB7BlMl+X//6
+wvnxgHtw66ORfD59W4PSfz1wMjxoQJ503mkm2JbBbHlrvJS5xdImHfVAFDgOhUAZ
+PfFjD0nPf032LCtWOw4APCWC8Js09u3B7KIdmAXOviJGD1VPRtPKonej53WTMsuC
+tPHJKGnL3UySRVaVhfky+p76AHy2HsvxDi2UHEMliQmFBaAZc4f086D2j4a/xoWn
+wwIDAN0To4ICSDCCAkQwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
+HwYDVR0jBBgwFoAUzPpnk/C2uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFNkF9UWo
+xMOT5IKYtwl58vct6rz3MIIBPgYIKwYBBQUHAQEEggEwMIIBLDAsBggrBgEFBQcw
+AYYgaHR0cDovL29jc3AxLm5ldGxvY2suaHUvZ29sZC5jZ2kwLAYIKwYBBQUHMAGG
+IGh0dHA6Ly9vY3NwMi5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBo
+dHRwOi8vb2NzcDMubmV0bG9jay5odS9nb2xkLmNnaTA0BggrBgEFBQcwAoYoaHR0
+cDovL2FpYTEubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEFBQcw
+AoYoaHR0cDovL2FpYTIubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0Bggr
+BgEFBQcwAoYoaHR0cDovL2FpYTMubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29s
+ZDCBngYDVR0fBIGWMIGTMC+gLaArhilodHRwOi8vY3JsMS5uZXRsb2NrLmh1L2lu
+ZGV4LmNnaT9jcmw9Z29sZDAvoC2gK4YpaHR0cDovL2NybDIubmV0bG9jay5odS9p
+bmRleC5jZ2k/Y3JsPWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwzLm5ldGxvY2suaHUv
+aW5kZXguY2dpP2NybD1nb2xkMA0GCSqGSIb3DQEBCwUAA4IBAQBmR21cDtqRhEN+
+SEYA3QGJDNZBIE3JkbDe5vUUsCqRUyniWSkATg78PaUtT7+J9AZPljoh3L7wLAli
+2Et3Hwi8P2krt9l3Kw7enU8XQlBOyn0nbDI8Kw9gC5lNgRga1N4g83EIP5N45cjp
+GAthkpZDkLGE5bck3aw+6uljySlvPDtvuRDJFehWiHT0DX4re4DRyF/8G8a/o/tk
+n5Va672SZ/5Hs1nBMdU565TS/HO8DXoLynbFvgonIOgMH9MrOLKS0mabV4Lh9psc
+MDPINWPWB2rK12xOhinQ1gc6HWdD3aGAibq1dr14EutnOIVOVyvtHBxpVMDUQRrT
+W+9QnVk5
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIEjjCCA3agAwIBAgIUbQuQ8uGIeft/zUwWey2FwrvgrRIwDQYJKoZIhvcNAQEL
 BQAwgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQw
 MgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9y
@@ -5397,6 +11942,82 @@ vHXwLnE22twvirWXO6FW5OAZijIX/asy2iyWNFXYffrl3LcTBXlXwxWvmBMiAq66
 aeRG
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIUDCFjpEkk/7f822dazcrucgjMqVowDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xNjA2MDYxNDQzNTlaFw0z
+MTA2MDYxNDQzNTlaMFQxCzAJBgNVBAYTAkJNMRkwFwYDVQQKDBBRdW9WYWRpcyBM
+aW1pdGVkMSowKAYDVQQDDCFRdW9WYWRpcyBFbnRlcnByaXNlIFRydXN0IENBIDMg
+RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCg0K/WvJDU6qlk20m/
+wAaKwqlLSj2TlQp53Tn2WDJaRp88Dc4mqsjPMIy5HDsU+8VXzqS6mCDGSbN4zyoT
+R+pj3PDWE8Bk5CAHJ+ub/t00eYtGepbUvQk2Mh0GChlOwYEHFFKhIRbNmgLvYGkH
+DtkauqXOgBtdXSmBgFC1s4lHU3XDHrHzTdqzijBgIiWVrhpPJLqGb0WiFK/O7qMd
+cdUmUjYpx73/AgYFd+XfLNPIxVvNMT/9wJHS0g0fq0KXeE1A3okihMsc3Si6n6g3
+NU6LQ+dh42r9W79qj1nc+oL/6Ze2G/RWzXK7wUTFM0Fs9AROldnIeQneoRvy6Evr
+Anxe+IszXZrp9E+DVAL48k6dC+DozmirKuefEMl0BLEKAm0y5JeQXDi+aiTiZqdV
+hO5HBQRBexp1R7dX2wmH0SscMpHNChrG99fu4c8EUh4b4WNZHPkuKV+rxChtUVUG
+az5SNIaNXKwb9DrLqaJzvKM+TMvAqD1m+2TYG3iXADy7sYOyx9u+WlPABoKyDUi2
+R7vUzhECrEPmYt40yWGsWi/UO74Uopzr8gmonzMrMEmDUiWdSwC36vaVJxJz5vHM
+1qo2QkD5+15OKTg9/2hYfOLl/3V9G0+15Dgk3gIbFTiuvJJmTltJVB+ITFMUwGbA
+aNZ0dLgxETBSxWKI+cXF/fjhKwIDAQABo4IBYzCCAV8wDwYDVR0TAQH/BAUwAwEB
+/zBJBgNVHSAEQjBAMD4GBFUdIAAwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5x
+dW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTB0BggrBgEFBQcBAQRoMGYwKgYI
+KwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNvbTA4BggrBgEF
+BQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTNnMy5j
+cnQwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFMYX0Lyo6gJD8hsGmV0rkCC5
+15zkMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwu
+Y29tL3F2cmNhM2czLmNybDAdBgNVHQ4EFgQU8BZgIpg1iS+G/M3ZhxwNY1VtOkcw
+DQYJKoZIhvcNAQELBQADggIBACdwumyuq9gROaXXpgSImSL2ydweQUJxqvcKHzUm
+lbyhgA+aTp7uNMHcc172rVlssuq2O9pQt8Eq2IE21zYcGivhREjs3ZoSLHs04gSP
+8mNB77i7EMhmHgCYjeb7gNffXc9RCskdNCDbBFl5huybGhmnJ7t5e1VzPZ+sNjWg
+mNXcXp9z8NUJBoPZkm3f8C7ntJkN94EHSScq/hbOScMn9laDJtouS7W+AzD91r3R
+4qU0g6PYPOnTQaKwZRR7S4C1HgVMm/CJPZ1aiLnf6TxdfLuor03kYptZSj487XCs
+G2sFxYHG4kg3J+Krw7euLFaZipozgtQGV9M2DXeY9mBz/Jt+eYnWv8yDDGnFxZZm
+e0AqE4UFyZ+95/DeMn+NFSxo/YoiR5eTDzGqNQjsocUmcdttK1umyPeL4jxiZjPj
+VsDle3h/Duzz37m7Vn2LTJGC4JZHlHEkkZ5r8O0vDaWsUgEwL8Utw67wWNkRSkLO
+8gNZxoU+Ck59JfIQYjgXLhN0CvubHslqOsR8H2DfXGChuI98MFgsLkl8s4Jyriph
+3CeROeyaMlosLOkDSP4pY/02i3Aktpd9hmDhIJxTNdhhxBLGpbZeIh9PrF49T4na
+P0nSYaTMAhhSvRy4qpzsw9ds5GTruEZfpz1hqaoS96F7xkyHur4BEVskLCcDFWKQ
+RwpJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIUCthvozW5PvSMjjv3fUxjFDZDrbkwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xNjA2MDYxNDU0MjdaFw0z
+MTA2MDYxNDU0MjdaMFQxCzAJBgNVBAYTAkJNMRkwFwYDVQQKDBBRdW9WYWRpcyBM
+aW1pdGVkMSowKAYDVQQDDCFRdW9WYWRpcyBFbnRlcnByaXNlIFRydXN0IENBIDEg
+RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDqL3pDpaiJseEm9psn
+mngjKR/pfNjNNggII9br+6xSPuqg/Lik/ai1KG5ECbVbuFr98WzdiJ3D4qF9SDGC
+zFPl3FmIVn27u3kzXCbgLnG5Key9tk+oRhFvGqu6+LRBfpUXaM/NUH2YvuX1ZP8E
+zPCNmoH8TFjh9sken2pUxjje/wU2rsJvwa7D5rwHKipZM5a6+vsrYXA0DHnL8Jr+
+tSGZxwMtMXSy1Kn60E83TJnY/kxiSUuKj+Gw1qq5Eq7S3mQngUaSoRnBVDcAYYv6
+lj9JR7/NO74Kq5Aaa86FPqFfC2EiVvTTXh8WXzssNYVsVszX9M/3VMq+68W5RCLW
+YpH+hgFjw0B9dPJRtOfKzvGdDtmMnyCLbuXC/nfcv35TJO/YnoIBYqQHeUVngUue
+munp6q32U3mVHbYvGSmvhOEqCa59xfPq2jC+ZRJ2UWkP+iVLrY4lmfwbslRJXYzV
+Dk2HoWxPVX/HNY8EGbooaB2loVTeK1HCKCuRQVGQpqtn47Ny8ZU/3AfCK4KoXBKn
+ZjKoW/+RxcHwJuM8ee4zia441VA3w+fIBYQjvfwDUI9M5d6QNzdUOZknDpMlTDst
+h5epvtLUteY0MPvJkHeh4s/8oYVDzdJjIlo+mntlxqXFAJASpSjHeH+GDSM24Qif
+MEKmwruyNU0YVzQMRKMX1yeVswIDAQABo4IBYzCCAV8wDwYDVR0TAQH/BAUwAwEB
+/zBJBgNVHSAEQjBAMD4GBFUdIAAwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5x
+dW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTB0BggrBgEFBQcBAQRoMGYwKgYI
+KwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNvbTA4BggrBgEF
+BQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTFnMy5j
+cnQwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFKOX1vNeohDhq0WfPBdkPO4B
+cJzMMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwu
+Y29tL3F2cmNhMWczLmNybDAdBgNVHQ4EFgQUbCa9YFUpKU5mMgeg/2OLg1pLNMYw
+DQYJKoZIhvcNAQELBQADggIBAGzIGsi4MPWp48gM6raw58xey8JfbjenYVggC3Nv
+xOJYKVrJTK+oERQHXDSDyjBt8uV91JKb5FsD3vtJc8nkNT1BTVObR8wvoqj9JEui
+vxkE8klxG/2mG6A2ZkoM6GH8V3Bad1TOZ4fz1vTnUtU5qNmLgb+ngoSAsl2J3fKa
+aXdMS+OpNCuDgPG6BX9yJ4jziqR4FtDsfgshVrhjee34Si2xdQVc6zaMuP/ZweEC
+Bfxju6D2hCN3iTf6HJtj8JfavHerUuzZr2Ibvk/rpy9UbHehmQ1SfxSh5xr6XzW6
+83JzOUqpkD17+WezKqH0XOyN3xzq8GB2Tg8NYLyd3zsSfABR/MeOBVfZEZDFRIV3
+cH8c+J+T7TlObLNxzsBCG5UKJKpVvEmHbZ2gFQAEODK1fAAa/hN+60Jc69AHZvZw
+uRj+Tak/yOjer/B4kbHXElRYfmBUuzqEJE49t2Zskf2L6UI1FoUKOG6ZnSoTpVcl
+TnmuZeuJWorzG/hHaVydd4rYicj2U3AozYrTghSiBMVYaJhhv4J/8JPa5Xa0giko
+llgVigCTRYWpu200/N1IZNpIomYzei9g7RaXGBSiju7KNyWC385fvM/yi3tx1JDr
+dokV+D24qm4YVpVlxkXRY8WOZAqTP+M1Md7COG7fEkPavaPqCa+KvkoX8QiFuqZM
+wdjq
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIFYjCCBEqgAwIBAgIQTEzYoPxP6q4VVKh/CQ7ahzANBgkqhkiG9w0BAQsFADCB
 yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
 ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
@@ -5428,6 +12049,72 @@ WMbvh/J6sBOHMq0Vn5G8Tp6iUwsRlY1z7LaQKAlnlOiiZVhhe+1gvzJBHC0t+Hr2
 2YHwaoKDLhSB0F/gGkziNQ+py1hFne4MEOuvzOxJpjn0+wRIbBk=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIFXDCCBESgAwIBAgIQGHf2ZWingrup+0La5E4z1zANBgkqhkiG9w0BAQsFADCB
+vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp
+U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W
+ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0xNjA2MDcwMDAwMDBaFw0yNjA2MDYyMzU5NTlaMIGUMQswCQYDVQQGEwJVUzEd
+MBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVj
+IFRydXN0IE5ldHdvcmsxHTAbBgNVBAsTFERvbWFpbiBWYWxpZGF0ZWQgU1NMMSYw
+JAYDVQQDEx1TeW1hbnRlYyBCYXNpYyBEViBTU0wgQ0EgLSBHMjCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALBoKGatE+oJe9ZT5t7YXUWn15vacpx+XFcf
+xIhQRX75qaio8fgcsmQkY2zNyWRickmM5laehuW7rE2uZzeaKEeYEiCsNGhtTk8X
+d3subeM1AINYEregPSuFlDpn+h7Cyw8au/pH6z/lGRRAA7LCsgDjMMreDrq0WKqt
+xtoZ6Q9DExdztytlCMFhEWOS/AixMmI/4Gu7S/wGD0dg86i8J0DRjdPq+NDbzk/+
+vQsBEh0hGbsTKYi0owy23REgytHWMsZi+s6JXAW3eI0fgZ2bynaALE4GVu0tj8hk
+wEqD0KWQ1Ay4M2z/3Jv17lZumTtv+qEH2aq8ayPIpqJ0qcdctrECAwEAAaOCAX0w
+ggF5MBIGA1UdEwEB/wQIMAYBAf8CAQAwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDov
+L3Muc3ltY2IuY29tL3VuaXZlcnNhbC1yb290LmNybDAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgEGMC4GCCsGAQUFBwEBBCIwIDAe
+BggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMGEGA1UdIARaMFgwVgYGZ4EM
+AQIBMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUGCCsG
+AQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCkGA1UdEQQiMCCkHjAc
+MRowGAYDVQQDExFTeW1hbnRlY1BLSS0yLTU1NjAdBgNVHQ4EFgQUyqxd4ZAv8e+M
+1J81AeEBO6DOwXcwHwYDVR0jBBgwFoAUtnf6aUhHn1MS1cLqBzJ2B9GXBxkwDQYJ
+KoZIhvcNAQELBQADggEBAJRdaWPJpyEdGNMxyRkR93sap0nmeN3WoBUOJlb6lCbu
+EX/5zhB1Yu9RNqdIFlVYUX/gEURpNDqKQb90xJq3jdfg3z/bQ90beLuohBLREcCm
+nz78sfnyp7Z6gfXxyOYfy/MTA7866NFN5GEcQiGEBWdcitUhBPLuxzFUUGuGhiR7
+f0cUVPq6ADcCDpqOwnFbFFuJ7c+RGz/HG0pqxC0dPiHo1NIF7XK23l12nurVXOmc
+FJ31PEqFT0Rcd2fs+vkuVfpN+EBI+SY/gHiCOx/BvsgWiE4VXHTYIL36PUKecCQ+
++y9RlQ60UOqmSTQEQkkAUAn7w/0LjXEnfwfMhPABUcU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGEjCCBPqgAwIBAgIQBeIff+l1JPJbhO/CkYj+uDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBGZWRlcmF0ZWQgVHJ1
+c3QgQ0EwHhcNMTYwNjA3MTIyNjU0WhcNMjYwNjA3MTIyNjU0WjBoMQswCQYDVQQG
+EwJVUzELMAkGA1UECBMCU0MxDzANBgNVBAoTBlNDSElFeDEgMB4GA1UECxMXU0NI
+SUV4IERpcmVjdCBNZXNzYWdpbmcxGTAXBgNVBAMTEFNDSElFeCBEaXJlY3QgQ0Ew
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0anB2c2gTBvvvgrkI0diV
+xnwGNMMYqrlnCpoB/h3+fhfz/C4FbWLXJPEFYRoRdtKgmjHkUk+VIMN8QhB32b6Y
+cT+o80mF7ngiluK8xulLAoGPcXnqpqFjWhKt7Zj9/n+j6EGtovL+Kl0stdWr12XZ
+VM/ON6ap9k6d5x/wAaehPJImOL4FEz+1z755u/Bxh2+hG06wxLeJtaQSvykfAjXr
+61j0Sb6SJYn1U7+Fa2Sr62fIMWhjO1n/XD6kv/t2IRtRMEZLA60jAAm4r6HNbanE
+/+VV3IA14BtQh4tCV9DeXDTJBTBxnmZMUaaYDaJ7hpK3vPNqUusu5Z1pVnegqd3n
+AgMBAAGjggK5MIICtTAdBgNVHQ4EFgQUzukCNH2qBjhBbQTVz7ry8DqkQ1wwHwYD
+VR0jBBgwFoAURgg4WqmOILsMr14xuomzKL+sjDYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAOBgNVHQ8BAf8EBAMCAYYwcwYIKwYBBQUHAQEEZzBlMCQGCCsGAQUFBzABhhho
+dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wPQYIKwYBBQUHMAKGMWh0dHA6Ly9jYWNl
+cnRzLmRpZ2ljZXJ0LmNvbS9haWFTQ0hJRXhEaXJlY3RDQS5wN2MwgYMGA1UdHwR8
+MHowO6A5oDeGNWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEZlZGVy
+YXRlZFRydXN0Q0EuY3JsMDugOaA3hjVodHRwOi8vY3JsMy5kaWdpY2VydC5jb20v
+RGlnaUNlcnRGZWRlcmF0ZWRUcnVzdENBLmNybDCCAVIGA1UdIASCAUkwggFFMDgG
+CmCGSAGG/WwAAgQwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQu
+Y29tL0NQUzAMBgpghkgBhv1sBAEBMAwGCmCGSAGG/WwEAQIwCwYJYIZIAYb9bAQC
+MAwGCmCGSAGG/WwEAwIwDAYKYIZIAYb9bAQEAjAOBgxghkgBhvlbA4ohAAEwDAYK
+KwYBBAGCwVsAATAMBgorBgEEAYLBWwEBMAwGCisGAQQBgsFbAQIwDAYKKwYBBAGC
+wVsBAzAMBgorBgEEAYLBWwEEMAwGCisGAQQBgsFbAgEwDAYKKwYBBAGCwVsCAjAM
+BgorBgEEAYLBWwIDMAwGCisGAQQBgsFbAgQwDAYKKwYBBAGCwVsDATAMBgorBgEE
+AYLBWwMCMAwGCisGAQQBgsFbAwMwDAYKKwYBBAGCwVsDBDANBgkqhkiG9w0BAQsF
+AAOCAQEAAdJq9Bgqa3r/WqAAIj+DGU9uS96aac5V/+g7JR8s5r0vNGTHgSy/j4M1
+S8DPpaiUQAnu65/M+A88XE4nhLfk94q+F9xOmbbsG8LAPJDVvfSdoNy4Yy7TG9yE
+nGZdFFBhYwj6Aeh3mH1NKPvop+HNTBlojGwD10wWhQa7BSsJzOeKdeVfJIrnzGEK
+f9NeMMszypLRXh0/m4dBnX2IRcRbOXdj6gIOEpYzJmRvA7tPIqAD+ox9MYCT1xGC
+RF3LfadgoIO4aM7CaDFM3mpP7pQYQnUflVk/9KYvu1tvyMkMtuQ219ifBC5rQLge
+xO1gXHZsyLik21PZsDZb+tB84WDiqw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIEWDCCA0CgAwIBAgIPMR1+3eSSAgi72F73Jiu6MA0GCSqGSIb3DQEBCwUAMIGD
 MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B
 LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MScwJQYD
@@ -5454,6 +12141,121 @@ dg0GZufYhBeYxQNXpdhWxDRIzAT890wqp77PXKTFMZaS0QaZz7k4o/K/VGJVWWkY
 1xuL4Zl8WvEcVWEK
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIDVDCCAtugAwIBAgIQE1Iuv8HdXOEe8nZAdR/n3zAKBggqhkjOPQQDAzCBmDEL
+MAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChj
+KSAyMDA3IEdlb1RydXN0IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2
+MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eSAtIEcyMB4XDTE2MDYwOTAwMDAwMFoXDTMxMDYwODIzNTk1OVowYjEcMBoGA1UE
+AwwTQXBwbGUgSVNUIENBIDggLSBHMTEgMB4GA1UECwwXQ2VydGlmaWNhdGlvbiBB
+dXRob3JpdHkxEzARBgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMFkwEwYH
+KoZIzj0CAQYIKoZIzj0DAQcDQgAELVSOaLAQE+/0LdvYCbJD6J1lmW40uNSXyY7J
+1qgiNzLIcWDusPHyxWT2ukdf/OYHeDIt9sqAIMn9cPhykyGIRaOCATowggE2MBIG
+A1UdEwEB/wQIMAYBAf8CAQAwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2cuc3lt
+Y2IuY29tL0dlb1RydXN0UENBLUcyLmNybDAOBgNVHQ8BAf8EBAMCAQYwLgYIKwYB
+BQUHAQEEIjAgMB4GCCsGAQUFBzABhhJodHRwOi8vZy5zeW1jZC5jb20wSQYDVR0g
+BEIwQDA+BgZngQwBAgIwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2VvdHJ1
+c3QuY29tL3Jlc291cmNlcy9jcHMwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMB0GA1UdDgQWBBTDxKRYBWPXgwa6lo3cso8y9ru3QTAfBgNVHSMEGDAWgBQV
+XzVXUVX7JbKtA2n8AaP6vhFV1TAKBggqhkjOPQQDAwNnADBkAjBH2jMNybjCk3Ts
+OidXxJX9YDPMd5S3KDCv8vyTdJGhtoly7fQJRNv5rnVz+6YGfsMCMEp6wyheL7NK
+mqavsduix2R+j1B3wRjelzJYgXzgM3nwhQKKlJWxpF7IGHuva1taxg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEXzCCA0egAwIBAgIRAIARGW3mE9sWAAAAAFHTV14wDQYJKoZIhvcNAQELBQAw
+gbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkwNwYDVQQL
+EzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVu
+Y2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNVBAMTJEVu
+dHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjA2MTAxNDU4
+NTVaFw0yNjExMTAxNTI4NTVaMIG/MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50
+cnVzdCwgSW5jLjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10
+ZXJtczE5MDcGA1UECxMwKGMpIDIwMTIgRW50cnVzdCwgSW5jLiAtIGZvciBhdXRo
+b3JpemVkIHVzZSBvbmx5MTMwMQYDVQQDEypFbnRydXN0IFJvb3QgQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHkgLSBFQzEwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASEE8nQ
+um1Be+Js0OtVX2YCGiT0W4lpR+O4wn3x8gLFn6D2W9WLBhmGT1MQbQckJ6Gg+NVH
+GWFMfcqTJ+p0DO9vlgn+Y+xwXTatZ3euyZ18VUQ6omNRH/XjYtSpRwc+zCCjggEP
+MIIBCzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAzBggrBgEF
+BQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDMG
+A1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvcm9vdGNhMS5j
+cmwwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cu
+ZW50cnVzdC5uZXQvcnBhMB0GA1UdDgQWBBS3Y+ca3Y3pCKZVg6TgalBBZRFCSTAf
+BgNVHSMEGDAWgBRokORnpKZTgMeGZqTx90tD+4S9bTANBgkqhkiG9w0BAQsFAAOC
+AQEAByx83MyDCRFVriDsLb8T4nBITSzMsZ7NPz3qNZ9YsPA5ZSijRZW5V9/zFhaV
+PAy0qAQdaatPfGtJXaykRfZYiPBZr90bdsofJ1in3osPpUn2yu32Vj0slz/qQ724
+ao6jmaLemPYedVJRhVDmJyddva2LSbpyGRP3cO/c/Sh9UOHo4F+pv/vwEZhYL9GY
+7EusxyHM7KhgrHMKNe34qF995Uibs4aaWURNACi/wxwWe/SrWJ0W8riguH4ihqnd
+6MGCMmMuKdFn9lnKYZyAH0L9ZJbTNDPixcC78M0dVzXV/83Ao5hliMQkfaYFbqGh
+jwwKBwiKwfUHHDANKk0txicHhg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFfzCCBGegAwIBAgIMG4CdusjxlOvdXSeoMA0GCSqGSIb3DQEBCwUAMIGVMQsw
+CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
+IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t
+UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IDIwHhcNMTYwNjE1MDkzMDE4WhcNMzEwMjIyMjM1OTU5WjBcMQswCQYDVQQGEwJE
+RTEpMCcGA1UECgwgVGVjaG5pc2NoZSBVbml2ZXJzaXRhZXQgRG9ydG11bmQxIjAg
+BgNVBAMMGVRVIERvcnRtdW5kIENoaXBjYXJkIENBIDIwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDbHdQiPJe51+lEgl4cwznHMv+wr+NiDewvx9IbqOIo
+aS5vxQz/fur6M6jyoj9lUP92UbKpxvFPrHyT8aePQ/fZbsMw2eLgEIMdJRDzSFjC
+Id1ufksGLYw1NOcbl2cfnMu6nl4Y5m5Fq9uc70KPQRim4C66G2ZW1KoCgJ6Pd19l
+S3IA85hu+g9Wmm1NRHhccgb+tYYMmM77wW0OZiJT02t/lAYH6982v+/RJ0NKCEFf
+aTfwFegzFNdzLMGzYkpWejmM8+t1dJPRJBAaPPujd2E7qEbnqhjERBsEFzGs2LHn
+SaWlGnraJoSRffECQ6pGkZ478zuUxlQebRSFv7OHmSdnAgMBAAGjggIFMIICATAS
+BgNVHRMBAf8ECDAGAQH/AgEBMA4GA1UdDwEB/wQEAwIBBjApBgNVHSAEIjAgMA0G
+CysGAQQBga0hgiweMA8GDSsGAQQBga0hgiwBAQQwHQYDVR0OBBYEFCdxRlRpU29i
+JvzdVa2f8Ppa78f1MB8GA1UdIwQYMBaAFJPj2DIm2tXxSqWRSuDqS+KiDM/hMIGP
+BgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZ2xvYmFs
+LXJvb3QtZzItY2EvcHViL2NybC9jYWNybC5jcmwwQKA+oDyGOmh0dHA6Ly9jZHAy
+LnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NybC9jYWNybC5jcmww
+gd0GCCsGAQUFBwEBBIHQMIHNMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5wY2Eu
+ZGZuLmRlL09DU1AtU2VydmVyL09DU1AwSgYIKwYBBQUHMAKGPmh0dHA6Ly9jZHAx
+LnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NhY2VydC9jYWNlcnQu
+Y3J0MEoGCCsGAQUFBzAChj5odHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2JhbC1y
+b290LWcyLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDANBgkqhkiG9w0BAQsFAAOC
+AQEAecguhuIR4nh/Ff+UwdW++MEjYeoQkHTKqzalUxJZwuILhgBdX4BC8yf17bSA
+vpi9oPzEBm10aCynR/RRIZahfRH5IRR798V2egPbKtkFzHJmsivccPpsaYBanJP5
+uBQmNSfmiDK7jwbTmZSPDmRz0fXrxdi1W101ShJdmLxTQkuzYWRtrYhJ6YgTcjvK
+i7W07uFuzKUZWZApgcydXbI0wAXw4/BgcfQzvIvm08uEVQaTUrI7VrxEOoVfQ4Ci
+x/YAQ9QIC3I5pIQZqshqNEH1QwEtW0+iy/g2jq4w4AzXzDpGkP4OgFYSfbwBHoHO
+FXsHRyRwzmPejMZxo53WGt/TXw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGZTCCBU2gAwIBAgIQAbxreRRHzakKihToIElX/TANBgkqhkiG9w0BAQsFADCB
+ijELMAkGA1UEBhMCVVMxGjAYBgNVBAoTEU9yaW9uIEhlYWx0aCBJbmMuMS0wKwYD
+VQQLEyRPcmlvbiBIZWFsdGggRGlyZWN0IFNlY3VyZSBNZXNzYWdpbmcxMDAuBgNV
+BAMTJ09yaW9uIEhlYWx0aCBEaXJlY3QgU2VjdXJlIE1lc3NhZ2luZyBDQTAeFw0x
+NjA2MjExMjUzNTRaFw0yNjA2MjExMjUzNTRaMHgxCzAJBgNVBAYTAlVTMR0wGwYD
+VQQKExRUaGUgS29ibGUgR3JvdXAsIExMQzEtMCsGA1UECxMkT3Jpb24gSGVhbHRo
+IERpcmVjdCBTZWN1cmUgTWVzc2FnaW5nMRswGQYDVQQDExJUaGUgS29ibGUgR3Jv
+dXAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHhI202lbZFrj/
+bJbjNqiCydU8oQyIpgb0glqhhDgxWqgi5w8bckCeVHLlUqSV078xKeKp1lFpUmdO
+RmR7No5LK7SfdF7kCDQ3cLwzz0ENqRxhdK/6Hxpk+IBWuSEbqdsvAftDdnl5p4Ck
+SdKho/ZIk3WRvVt32vHH4cOsmkbRHPK2j14q8PR/pOVuhKukFliqXASm3TTkOrj/
+HQSs87DsxWfbCaYRkNHfI7C+iSaDap50rRxY5IJj0PChEgC/BCUkdXXkXE8yt+kV
+eBF7Lz7f8TKrfnSSImq3Azk+Ruv3MbLYiBeraSRexYdLTllAZl7wqnW+jIl4UwlD
+B5qjLhknAgMBAAGjggLWMIIC0jAdBgNVHQ4EFgQUz2BKxu29xQTZyWoXmjT80/nU
+3nkwHwYDVR0jBBgwFoAUpW4i/zlpOiP7iSQXxmCUABrajp4wEgYDVR0TAQH/BAgw
+BgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwegYIKwYBBQUHAQEEbjBsMCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRAYIKwYBBQUHMAKGOGh0dHA6
+Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9haWFPcmlvbkhlYWx0aElzc3VpbmdDQXMu
+cDdjMIGZBgNVHR8EgZEwgY4wRaBDoEGGP2h0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNv
+bS9PcmlvbkhlYWx0aERpcmVjdFNlY3VyZU1lc3NhZ2luZ0NBLmNybDBFoEOgQYY/
+aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09yaW9uSGVhbHRoRGlyZWN0U2VjdXJl
+TWVzc2FnaW5nQ0EuY3JsMIIBUgYDVR0gBIIBSTCCAUUwOAYKYIZIAYb9bAACBDAq
+MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAwGCmCG
+SAGG/WwEAQEwDAYKYIZIAYb9bAQBAjALBglghkgBhv1sBAIwDAYKYIZIAYb9bAQD
+AjAMBgpghkgBhv1sBAQCMA4GDGCGSAGG+VsDiiEAATAMBgorBgEEAYLBWwABMAwG
+CisGAQQBgsFbAQEwDAYKKwYBBAGCwVsBAjAMBgorBgEEAYLBWwEDMAwGCisGAQQB
+gsFbAQQwDAYKKwYBBAGCwVsCATAMBgorBgEEAYLBWwICMAwGCisGAQQBgsFbAgMw
+DAYKKwYBBAGCwVsCBDAMBgorBgEEAYLBWwMBMAwGCisGAQQBgsFbAwIwDAYKKwYB
+BAGCwVsDAzAMBgorBgEEAYLBWwMEMA0GCSqGSIb3DQEBCwUAA4IBAQBI9pPEUfME
+Li1zMi/91touHZPZbCw+E5KYxthwzG1CCKr5aLEVTwXewNKZRD58ESy8V4nHdoR9
+ESrg8CefmMEmJkNDNGEym2sQEm7r58MPqp0qYecCeghof4cd8FbSqjqcxa0AGhYK
+HkNrCzfe3FkBk2xqJkI5t5YTum8zO12isqSqcMNqLegSqwOpikaleTvv0iW3aWZ/
+Gipaz137e4TkzlYWFvNoyWPslItrn5Y9MNGYQYJz3DoWKFHZwU9x7FfPIsyRVUhY
+O2hAQvZA2En+c9Yd+fMbqnF1/C2xqQc5jFhd23HSpW0HT8eQjAKC1UHfESXO/9GV
+LfK5WXTtPEkp
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIID6DCCAtCgAwIBAgIQApcHVgzUqeu/4nLx4JbYgjANBgkqhkiG9w0BAQwFADBs
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
 d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
@@ -5477,46 +12279,331 @@ TMbH9pR4k/TuJARSDvjfdw7ASRnaEOOZl6Qc2L2Jp9sZGCCoxTtI0DCbwdTZze46
 pu84/0KdHzY3cLcmAJL4tXqHNeExugHCPaRAQO41oiE+ZCOEFcwvl+NPrdI=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIHdzCCBV+gAwIBAgIUbqapwACCtKhVagTl7cEP7KFbM0EwDQYJKoZIhvcNAQEL
-BQAwVDELMAkGA1UEBhMCQk0xGTAXBgNVBAoMEFF1b1ZhZGlzIExpbWl0ZWQxKjAo
-BgNVBAMMIVF1b1ZhZGlzIEVudGVycHJpc2UgVHJ1c3QgQ0EgMiBHMzAeFw0xNjA4
-MDUwNjEwNDJaFw0yMjA4MDUwNjEwNDJaMIGnMQswCQYDVQQGEwJERTEPMA0GA1UE
-CAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjEQMA4GA1UECgwHU2llbWVuczER
-MA8GA1UEBRMIWlpaWlpaQTkxHTAbBgNVBAsMFFNpZW1lbnMgVHJ1c3QgQ2VudGVy
-MTAwLgYDVQQDDCdTaWVtZW5zIElzc3VpbmcgQ0EgSW50ZXJuZXQgU2VydmVyIDIw
-MTYwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5EBDiqw08o+8GjxiR
-f+Jdy0IRL9xPVOAl3lDws1r6cMMWXMS91QGV1+iHWcWPNfXwiqntnmH01M3C+eZ+
-wHObdrlzvh0sactoH6csuzkp34xxoybGNeqBWdQ0z4IeY5c+045pr4F/vtinYryB
-N1uAlRIxdxWfAHOR1yY7PPfiitb+bh7Eu/6ORr3HgCpBVOj8b9PdVPEUOaOuLGQ+
-P3KlN3SXEc3u2xbhG5V8p2QlTI3H08XluUhZ4CzDUK2bvTENFdWcLtVR0GVJYG2N
-QblXnEahXRr6eN6Z5umwM6ivToKwfIrrv6QMMB4pa6zCAaxAvX6abkNtKfufMRGv
-+0y3k878DceUnEVMAa6xnAMtxO3RFJBYVPSVITIdn6ioRC1CLQrTZUVWFMi7f0tA
-kp7ke8Dv9uY56Lgd2Ja5KYHQ1GBnN6+/m2HXolUNpkkZQ/K3Xf/JYYBeIpp5y+qN
-daVwPWcjStvjeMPhMKWKR4wfcCS7hqdgYgdCtH7AClTfC1s63x0kizXg8A1FTvP5
-C435xAlOv2Ro0t+gTwbzx2CgMXFVkYNOQKW5gmayvgSoQFucyJG++N2q5u6yho8c
-H5C7qiRTC2yNE5SWzInpkAvvs3mYRT1w1b1uhxBJxqMJuEK/UaAxRq5mE/RlpSRV
-uB8qwxdv804WISKHevyJ7W7CoQIDAQABo4IB6zCCAecwgYEGCCsGAQUFBwEBBHUw
-czA6BggrBgEFBQcwAoYuaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9x
-dmVudGNhMmczLmNydDA1BggrBgEFBQcwAYYpaHR0cDovL3F2ZW50Y2EyZzMub2Nz
-cC5xdW92YWRpc2dsb2JhbC5jb20wHQYDVR0OBBYEFOhhXNQEZc2VugoV150XXPoN
-CH/cMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUZOMFiya+8zX1nzES
-CPjkFpwqqGIwgZQGA1UdIASBjDCBiTBGBgwrBgEEAb5YAAKOCAAwNjA0BggrBgEF
-BQcCARYoaHR0cDovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAI
-BgZngQwBAgIwNQYIKwYBBAGhaQcwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5z
-aWVtZW5zLmNvbS9wa2kvMD0GA1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucXVv
-dmFkaXNnbG9iYWwuY29tL3F2ZW50Y2EyZzMuY3JsMA4GA1UdDwEB/wQEAwIBBjAn
-BgNVHSUEIDAeBggrBgEFBQcDAgYIKwYBBQUHAwkGCCsGAQUFBwMBMA0GCSqGSIb3
-DQEBCwUAA4ICAQAX0wEn1Ns3pr2ROwlCJ5HhbqRjKhm8c/gwS0MOG7gnE4oVCPyO
-iK8a0WrVLJnXimZym5ma3VQzdPblByVZxqyeUGFtf43HQCGOWIjvBOseKmjhWYqA
-iBH534cBs45I7+OdQrCxgJFgvcbhG/ISvEHKocM1a0DKLTC9YeJlLH4l+9Ub98/I
-BtZocNhleKRMQ0sv0gpHk/PH8RMZtzuMp9zfT8RhirM+Fvj/yvyLMH0j9Jsv6afN
-QpKC+bQlXAOI4it2/xsZapAgUxDxHWfpCIDLwHS+UcjafrmQUDlYTd2KGKxxdmcx
-h5ld34i5MFK0y5Jyvt/eSEiVcSHRn2tHWGiSJEsc1WXnQYqmCjkOi0svZ4+zUyVw
-YiNfceKD0IPjbOb/BvRAt5v38R3i0jdfEMk1MeXag/It8pn9EpFHKiyYFP/h86sE
-OwH0+BR1JI94sexQHuRcKQs7zozlKgzuymddKV5d39ZcL9htm7QafYG5NHDt8+gw
-6+oVn9gh7WTG6oxfZDSetMjToxYdK8W82+NZ7CF/ovOLaW1s2DxtyPaTvpmFe1v1
-W2vsqazNFu37NHXtV0ugR9WDrJusYUV2iBIMAnTKwk/ntQxPGxmxeIQhjrBLwiBV
-dOA+JAFxKMZz/qRWjAJf0s6E/3lfnZMUIg/KiM00Vqul+NGT9ZEmwZYxQA==
+MIICCTCCAY6gAwIBAgINAgPlwGjvYxqccpBQUjAKBggqhkjOPQQDAzBHMQswCQYD
+VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG
+A1UEAxMLR1RTIFJvb3QgUjQwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAw
+WjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz
+IExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjQwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AATzdHOnaItgrkO4NcWBMHtLSZ37wWHO5t5GvWvVYRg1rkDdc/eJkTBa6zzuhXyi
+QHY7qca4R9gq55KRanPpsXI5nymfopjTX15YhmUPoYRlBtHci8nHc8iMai/lxKvR
+HYqjQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW
+BBSATNbrdP9JNqPV2Py1PsVq8JQdjDAKBggqhkjOPQQDAwNpADBmAjEA6ED/g94D
+9J+uHXqnLrmvT/aDHQ4thQEd0dlq7A/Cr8deVl5c1RxYIigL9zC2L7F8AjEA8GE8
+p/SgguMh1YQdc4acLa/KNJvxn7kjNuK8YAOdgLOaVsjh4rsUecrNIdSUtUlD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICCTCCAY6gAwIBAgINAgPluILrIPglJ209ZjAKBggqhkjOPQQDAzBHMQswCQYD
+VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG
+A1UEAxMLR1RTIFJvb3QgUjMwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAwMDAw
+WjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz
+IExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjMwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AAQfTzOHMymKoYTey8chWEGJ6ladK0uFxh1MJ7x/JlFyb+Kf1qPKzEUURout736G
+jOyxfi//qXGdGIRFBEFVbivqJn+7kAHjSxm65FSWRQmx1WyRRK2EE46ajA2ADDL2
+4CejQjBAMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQW
+BBTB8Sa6oC2uhYHP0/EqEr24Cmf9vDAKBggqhkjOPQQDAwNpADBmAjEA9uEglRR7
+VKOQFhG/hMjqb2sXnh5GmCCbn9MN2azTL818+FsuVbu/3ZL3pAzcMeGiAjEA/Jdm
+ZuVDFhOD3cffL74UOO0BzrEXGhF16b0DjyZ+hOXJYKaV11RZt+cRLInUue4X
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFVzCCAz+gAwIBAgINAgPlrsWNBCUaqxElqjANBgkqhkiG9w0BAQwFADBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjIwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw
+MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQDO3v2m++zsFDQ8BwZabFn3GTXd98GdVarTzTukk3LvCvpt
+nfbwhYBboUhSnznFt+4orO/LdmgUud+tAWyZH8QiHZ/+cnfgLFuv5AS/T3KgGjSY
+6Dlo7JUle3ah5mm5hRm9iYz+re026nO8/4Piy33B0s5Ks40FnotJk9/BW9BuXvAu
+MC6C/Pq8tBcKSOWIm8Wba96wyrQD8Nr0kLhlZPdcTK3ofmZemde4wj7I0BOdre7k
+RXuJVfeKH2JShBKzwkCX44ofR5GmdFrS+LFjKBC4swm4VndAoiaYecb+3yXuPuWg
+f9RhD1FLPD+M2uFwdNjCaKH5wQzpoeJ/u1U8dgbuak7MkogwTZq9TwtImoS1mKPV
++3PBV2HdKFZ1E66HjucMUQkQdYhMvI35ezzUIkgfKtzra7tEscszcTJGr61K8Yzo
+dDqs5xoic4DSMPclQsciOzsSrZYuxsN2B6ogtzVJV+mSSeh2FnIxZyuWfoqjx5RW
+Ir9qS34BIbIjMt/kmkRtWVtd9QCgHJvGeJeNkP+byKq0rxFROV7Z+2et1VsRnTKa
+G73VululycslaVNVJ1zgyjbLiGH7HrfQy+4W+9OmTN6SpdTi3/UGVN4unUu0kzCq
+gc7dGtxRcw1PcOnlthYhGXmy5okLdWTK1au8CcEYof/UVKGFPP0UJAOyh9OktwID
+AQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
+FgQUu//KjiOfT5nK2+JopqUVJxce2Q4wDQYJKoZIhvcNAQEMBQADggIBAB/Kzt3H
+vqGf2SdMC9wXmBFqiN495nFWcrKeGk6c1SuYJF2ba3uwM4IJvd8lRuqYnrYb/oM8
+0mJhwQTtzuDFycgTE1XnqGOtjHsB/ncw4c5omwX4Eu55MaBBRTUoCnGkJE+M3DyC
+B19m3H0Q/gxhswWV7uGugQ+o+MePTagjAiZrHYNSVc61LwDKgEDg4XSsYPWHgJ2u
+NmSRXbBoGOqKYcl3qJfEycel/FVL8/B/uWU9J2jQzGv6U53hkRrJXRqWbTKH7QMg
+yALOWr7Z6v2yTcQvG99fevX4i8buMTolUVVnjWQye+mew4K6Ki3pHrTgSAai/Gev
+HyICc/sgCq+dVEuhzf9gR7A/Xe8bVr2XIZYtCtFenTgCR2y59PYjJbigapordwj6
+xLEokCZYCDzifqrXPW+6MYgKBesntaFJ7qBFVHvmJ2WZICGoo7z7GJa7Um8M7YNR
+TOlZ4iBgxcJlkoKM8xAfDoqXvneCbT+PHV28SSe9zE8P4c52hgQjxcCMElv924Sg
+JPFI/2R80L5cFtHvma3AH/vLrrw4IgYmZNralw4/KBVEqE8AyvCazM90arQ+POuV
+7LXTWtiBmelDGDfrs7vRWGJB82bSj6p4lVQgw1oudCvV0b4YacCs1aTPObpRhANl
+6WLAYv7YTVWW4tAR+kg0Eeye7QUd5MjWHYbL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFVzCCAz+gAwIBAgINAgPlk28xsBNJiGuiFzANBgkqhkiG9w0BAQwFADBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTYwNjIyMDAwMDAwWhcNMzYwNjIyMDAw
+MDAwWjBHMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzIExMQzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQC2EQKLHuOhd5s73L+UPreVp0A8of2C+X0yBoJx9vaMf/vo
+27xqLpeXo4xL+Sv2sfnOhB2x+cWX3u+58qPpvBKJXqeqUqv4IyfLpLGcY9vXmX7w
+Cl7raKb0xlpHDU0QM+NOsROjyBhsS+z8CZDfnWQpJSMHobTSPS5g4M/SCYe7zUjw
+TcLCeoiKu7rPWRnWr4+wB7CeMfGCwcDfLqZtbBkOtdh+JhpFAz2weaSUKK0Pfybl
+qAj+lug8aJRT7oM6iCsVlgmy4HqMLnXWnOunVmSPlk9orj2XwoSPwLxAwAtcvfaH
+szVsrBhQf4TgTM2S0yDpM7xSma8ytSmzJSq0SPly4cpk9+aCEI3oncKKiPo4Zor8
+Y/kB+Xj9e1x3+naH+uzfsQ55lVe0vSbv1gHR6xYKu44LtcXFilWr06zqkUspzBmk
+MiVOKvFlRNACzqrOSbTqn3yDsEB750Orp2yjj32JgfpMpf/VjsPOS+C12LOORc92
+wO1AK/1TD7Cn1TsNsYqiA94xrcx36m97PtbfkSIS5r762DL8EGMUUXLeXdYWk70p
+aDPvOmbsB4om3xPXV2V4J95eSRQAogB/mqghtqmxlbCluQ0WEdrHbEg8QOB+DVrN
+VjzRlwW5y0vtOUucxD/SVRNuJLDWcfr0wbrM7Rv1/oFB2ACYPTrIrnqYNxgFlQID
+AQABo0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E
+FgQU5K8rJnEaK0gnhS9SZizv8IkTcT4wDQYJKoZIhvcNAQEMBQADggIBAJ+qQibb
+C5u+/x6Wki4+omVKapi6Ist9wTrYggoGxval3sBOh2Z5ofmmWJyq+bXmYOfg6LEe
+QkEzCzc9zolwFcq1JKjPa7XSQCGYzyI0zzvFIoTgxQ6KfF2I5DUkzps+GlQebtuy
+h6f88/qBVRRiClmpIgUxPoLW7ttXNLwzldMXG+gnoot7TiYaelpkttGsN/H9oPM4
+7HLwEXWdyzRSjeZ2axfG34arJ45JK3VmgRAhpuo+9K4l/3wV3s6MJT/KYnAK9y8J
+ZgfIPxz88NtFMN9iiMG1D53Dn0reWVlHxYciNuaCp+0KueIHoI17eko8cdLiA6Ef
+MgfdG+RCzgwARWGAtQsgWSl4vflVy2PFPEz0tv/bal8xa5meLMFrUKTX5hgUvYU/
+Z6tGn6D/Qqc6f1zLXbBwHSs09dR2CQzreExZBfMzQsNhFRAbd03OIozUhfJFfbdT
+6u9AWpQKXCBfTkBdYiJ23//OYb2MI3jSNwLgjt7RETeJ9r/tSQdirpLsQBqvFAnZ
+0E6yove+7u7Y/9waLd64NnHi/Hm3lCXRSHNboTXns5lndcEZOitHTtNCjv0xyBZm
+2tIMPNuzjsmhDYAPexZ3FL//2wmUspO8IFgV6dtxQ/PeEMMA3KgqlbbC1j+Qa3bb
+bP6MvPJwNQzcmRk13NfIRmPVNnGuV/u3gm3c
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHWTCCBkGgAwIBAgINAIxV2GZScC7xGzOuCjANBgkqhkiG9w0BAQsFADCBgjEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMScwJQYDVQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkx
+HzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMTYwNjIyMTAwMDAw
+WhcNMjkxMjI5MjAwMDAwWjCBjjELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFw
+ZXN0MRYwFAYDVQQKDA1NaWNyb3NlYyBMdGQuMRwwGgYDVQRhDBNWQVRIVS0yMzU4
+NDQ5Ny0yLTQxMTYwNAYDVQQDDC1BZHZhbmNlZCBDb2RlIFNpZ25pbmcgQ2xhc3Mz
+IGUtU3ppZ25vIENBIDIwMTYwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQDMbS8Y4YyYZVdUexAFgwX7qN1tKTURIe4VnDQfctsUO0+QI5y6m5XeMGIHnfeY
+dPS3keA674GXrwII6h61FtVWlSXL48IPsSXoZIxA3ikxV393ptAPxK8bejbTf9Te
+aBr8OCkB4yNt/n3r89Ky3Artl2MB+nbeuGLfY1UGQ6uwOUoyOuBg6dE06w+elgH7
+WSwl3983j5NQr0I+z2nJ9XoIB8wiwjTtHg2nRGDWyzKslkSdAweW+srX8MnStLtp
+szWeOKrt8B342sFjluP6iSi4A/rgix7AHg4qDvp74nBQj6pfmPazmcsXN0NG6MK4
+uBlNXe17xtVARVCCv8b9DRkCXfot7CGuZNUNITzcmpwxUOtLjUThcWS8O7+rS+L7
+lREl8NNJ2zt43AHCeSh67fJPYxbURIr8O/vjfd26+2qEswhbT+0v1Jy29P+S94BA
+7p3+fGXyyTZ3CPC+WdpzfGY7rccc8Qfe2cJL+DFNxSi19qxznFC6KI6r3zIhOlcw
+ueUECkcTFxBDJaquhlSxeKqh+u9d/CUc1XQmY3obs3NnHTI99euCnzRj8oQg4n/0
+Lh4KrcaD6oy4sqPVVGs97+1uehjAxYA1KPQRLk9MuxhxRnjqq4wg3utIu37D9lji
+mv9k4rqYrcrsjfRjATy0DiSqanNI5Vi2ASIxTcV8WmC9TwIDAQABo4ICvjCCArow
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwOwYDVR0gBDQwMjAwBgRV
+HSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcC5lLXN6aWduby5odS9hY3BzMB0G
+A1UdDgQWBBROSlPE2OB/EfyGBHnoKErjOSuGfzAfBgNVHSMEGDAWgBTLD8bfQkPM
+Pcu1SCOhGnqmKrs0aDCBtgYDVR0fBIGuMIGrMDegNaAzhjFodHRwOi8vcm9vdGNh
+MjAwOS1jcmwxLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3JsMDegNaAzhjFodHRw
+Oi8vcm9vdGNhMjAwOS1jcmwyLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3JsMDeg
+NaAzhjFodHRwOi8vcm9vdGNhMjAwOS1jcmwzLmUtc3ppZ25vLmh1L3Jvb3RjYTIw
+MDkuY3JsMIIBXwYIKwYBBQUHAQEEggFRMIIBTTAvBggrBgEFBQcwAYYjaHR0cDov
+L3Jvb3RjYTIwMDktb2NzcDEuZS1zemlnbm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6
+Ly9yb290Y2EyMDA5LW9jc3AyLmUtc3ppZ25vLmh1MC8GCCsGAQUFBzABhiNodHRw
+Oi8vcm9vdGNhMjAwOS1vY3NwMy5lLXN6aWduby5odTA8BggrBgEFBQcwAoYwaHR0
+cDovL3Jvb3RjYTIwMDktY2ExLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3J0MDwG
+CCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAwOS1jYTIuZS1zemlnbm8uaHUvcm9v
+dGNhMjAwOS5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2EyMDA5LWNhMy5l
+LXN6aWduby5odS9yb290Y2EyMDA5LmNydDANBgkqhkiG9w0BAQsFAAOCAQEAlch1
+fWW2UPpLfYqNDAUutHLXIgNa0e3Za4UDnQ9MovQ5NCHsx6CpokicZ9VnRvv0ASvg
+dK6PcgTyRrkY1ZUo/1hVwxIIX+5Z3TAAMUX8C852g9dOPS9peeelR4oRJ0uB36+c
+c9/SsgM5dV3aJSBR8/+Oiz7o6Ri7GMkJ9JuIFKzxAjk0ZU8vQRbX6TmTi8E57rRh
+eamA6GMeAHtps4M49YrInenou1hDisBNXbUncesK3iEOX8iv9Z0RSuUdMA4HLPU5
+PeXWAci69fghVfDJIC+0CfGuP4A0cZuoP7LCwEECp8Vi0mQdYkaOWw8UKnGsXBM5
+pUcfm4LxKgdNS9dZJg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHUjCCBjqgAwIBAgINAIsoit2Yr3kbAiB/CjANBgkqhkiG9w0BAQsFADCBgjEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMScwJQYDVQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkx
+HzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMTYwNjIyMTAwMDAw
+WhcNMjkxMjI5MjAwMDAwWjCBhzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFw
+ZXN0MRYwFAYDVQQKDA1NaWNyb3NlYyBMdGQuMRwwGgYDVQRhDBNWQVRIVS0yMzU4
+NDQ5Ny0yLTQxMS8wLQYDVQQDDCZBZHZhbmNlZCBlSURBUyBDbGFzczIgZS1Temln
+bm8gQ0EgMjAxNjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIZXPNOf
+mYYattCLCu6LAQ04Tvwep6v4WsoAUC7VxiiTartm9qBDL7L5gJYv1D5djc/5ze1E
+j+z+djom0mCBEYAlHAXMMwmdeHpSWdcJaGZv/3LTsp0Ot2fnTxrJ9GKTfk04A6X/
+o5K+wHBfJa+YKdOCmQ6ZXue/UurEd//pBanFPgWIK99gqzR0WhiBO6R014hfnoob
+8zd2vfA6dMW3MZ7KLMchwOQY2fSGhgaXL5yrWYBAr3s3WWXvQF75vY8oH4YmVtr/
+12GWyrbl1dFD8X68yjTKD9I6z3+i88xyuHTmLQlj0xyKp3RLjnXCHNlABx4L3hif
+CoiWeDChzDBbhBn83/GHu4p5XlnNsnT948dmvXwT/mNglV/eOw95clTSjn8Guc2+
+smNfA2LEsyBoH25a75Pu7XqQBw0J/XJiOYjdRzo8g3t0LPrdx8IiIFgoI7AfSeZN
+rzRgq2m+BPt2CvsFwJZAkgoEXSMke31am1Eo+EQ/cRPd3aMGX9KU8/ScseghFIbo
+M7OEYnne/k12oY3rBNncE2dlZKwDzvt5pvk+kWD4F1bX5AOCNGCJF/XxzgKnNNPP
+E7hBv86kPv5DsrAqx0a4sz4Z71sN4yUKqqMaAN2R5rue+/VO0MqW1PKARlk5IVhD
+L6wXSYpEhCweHWvNV0SoXbF9ubqGQAgEFZo/AgMBAAGjggK+MIICujAPBgNVHRMB
+Af8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA7BgNVHSAENDAyMDAGBFUdIAAwKDAm
+BggrBgEFBQcCARYaaHR0cDovL2NwLmUtc3ppZ25vLmh1L2FjcHMwHQYDVR0OBBYE
+FG5nLVHi2b4xD+Sv2/yVjABlrg3BMB8GA1UdIwQYMBaAFMsPxt9CQ8w9y7VII6Ea
+eqYquzRoMIG2BgNVHR8Ega4wgaswN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNy
+bDEuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmwwN6A1oDOGMWh0dHA6Ly9yb290
+Y2EyMDA5LWNybDIuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmwwN6A1oDOGMWh0
+dHA6Ly9yb290Y2EyMDA5LWNybDMuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmww
+ggFfBggrBgEFBQcBAQSCAVEwggFNMC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNh
+MjAwOS1vY3NwMS5lLXN6aWduby5odTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3Rj
+YTIwMDktb2NzcDIuZS1zemlnbm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290
+Y2EyMDA5LW9jc3AzLmUtc3ppZ25vLmh1MDwGCCsGAQUFBzAChjBodHRwOi8vcm9v
+dGNhMjAwOS1jYTEuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcnQwPAYIKwYBBQUH
+MAKGMGh0dHA6Ly9yb290Y2EyMDA5LWNhMi5lLXN6aWduby5odS9yb290Y2EyMDA5
+LmNydDA8BggrBgEFBQcwAoYwaHR0cDovL3Jvb3RjYTIwMDktY2EzLmUtc3ppZ25v
+Lmh1L3Jvb3RjYTIwMDkuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQCcSRwLtW2Jlqfd
+g0T4ex1xkOFAh8AHy6JkpAHD9bZjxuXurZRbdLk9A/1PRTkHL8ycQI5WCZPKVLjd
+eO8I/uiu77Q2c3cDaFw4gDPfToKm+4upOcsyJK+7i4GsskpcegnqHfdtAeL4SZN3
+F/ITYN3qd2au6kzodvFKCpmRFS6t1bLVWQgl/falx0lUSSXJj0TYz5m0QtQ9tQJb
+UGNeuRZrRL/W3ui26WvbTWAtRMn3qNxO7X+EryIOB2kwerg8/O70p0233/YUhdT8
+kQR0wkimOAj+UKKFmiKvcx35Qy+9l5UeNIY8zBUFLEGC8SqsF3COCNWR38fJJxFo
+jeIMdvoN
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdTCCBF2gAwIBAgIMG53NioT2UXtHWMz0MA0GCSqGSIb3DQEBCwUAMIGVMQsw
+CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
+IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t
+UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IDIwHhcNMTYwNzA3MTI1MDAyWhcNMzEwMjIyMjM1OTU5WjBSMQswCQYDVQQGEwJE
+RTEoMCYGA1UECgwfVGVjaG5pc2NoZSBVbml2ZXJzaXRhZXQgSWxtZW5hdTEZMBcG
+A1UEAwwQVFUgSWxtZW5hdSBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAOcUMAABmqyHKHNeaKsx1PjhhY915G7vkJFHhN5aOl02fYAdClHgY5C5
+TW63HG7n8sRPqgnh+vlpIJRvmBN2C5z2MNzuqqZoVor/HtnQROYuxQFLW5UE6Pij
+VRQnxBd6VCyb0MkmaPgXd8PYHU+Qp/qeIoAaMkbDlilLahkI2ZjCfISBsL73MYGw
+Fh1hBw8B+GUU/HAObB0GOe8U8OqjKKhOEFjKw6u3eMoLXC4ZXb0n0DPKckij8/mv
+mVTOzpMpJrbwMr0MB+cUPzbzgHm6KZdGTA/mpznPWs/46ZRCwdCC9zxkh3yLCcLk
+eBwCoL6N3LnwfcnAeqBOit8CdnI/ysECAwEAAaOCAgUwggIBMBIGA1UdEwEB/wQI
+MAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMCkGA1UdIAQiMCAwDQYLKwYBBAGBrSGC
+LB4wDwYNKwYBBAGBrSGCLAEBBDAdBgNVHQ4EFgQUZNFiW2re410Zk3uia6chNOkG
+3yEwHwYDVR0jBBgwFoAUk+PYMiba1fFKpZFK4OpL4qIMz+EwgY8GA1UdHwSBhzCB
+hDBAoD6gPIY6aHR0cDovL2NkcDEucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1j
+YS9wdWIvY3JsL2NhY3JsLmNybDBAoD6gPIY6aHR0cDovL2NkcDIucGNhLmRmbi5k
+ZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY3JsL2NhY3JsLmNybDCB3QYIKwYBBQUH
+AQEEgdAwgc0wMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NT
+UC1TZXJ2ZXIvT0NTUDBKBggrBgEFBQcwAoY+aHR0cDovL2NkcDEucGNhLmRmbi5k
+ZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwSgYIKwYB
+BQUHMAKGPmh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2Ev
+cHViL2NhY2VydC9jYWNlcnQuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQCZXmIQVpPh
+oY0ObBsAcwdsT6gKzQ1jCf0b2liPdUzjcn/KK72RE2NCUkIADEjBXl8KC2yiNvWN
+RN1H4ZZQRTOUPXHSDrh9xSqtWzaxxJF6xyMR+CE23obt/FDS2J1TKbBRFullXEn8
+PzL1SattopnVyQyxHTc+vAFLIl0YASiMFhuqB3ntZe4gBIbBpApNBq/MDJPTNlMA
+HUCL5F8ukLl8GZ1IQTyVHZ+P4qmNiEoTElx/rlDA7CQQPxKcyW/ZiAdZZZxjuSeG
+TJ/gVP0aAeH7TWiKxXd4YnT1am1mPKrKill2tCA/S1iKf524flYq7pSF+uIMRRN7
+2by6ZbF/aVyu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFcDCCBFigAwIBAgIMG53NoKG7INzWWM//MA0GCSqGSIb3DQEBCwUAMIGVMQsw
+CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
+IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t
+UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IDIwHhcNMTYwNzA3MTI1MDI0WhcNMzEwMjIyMjM1OTU5WjBNMQswCQYDVQQGEwJE
+RTEhMB8GA1UECgwYUnVoci1Vbml2ZXJzaXRhZXQgQm9jaHVtMRswGQYDVQQDDBJS
+VUItQ2hpcGNhcmQgQ0EgRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDq7tdaUsUTPZzHRMMAuzUqMp2LuvfmYG0PRMnMEPFnBXWJq6XiXM6M0YOWqad4
+Csw6KtiN/BDQ9wEvQihRSqyhqyJn7GO49oKkUHWX5kGzvDpHJ4+6auXTlqvWKv2j
+muTz4fEqodQ90Jmqo0pNLlIZjXZ9RtXCko+VXzk+vpjrME4/xVNfVkhYzLhYWd+Z
+8aQ4yRWCvqqnz2VqHQp01lNSiYfVLV9jzQOnVB/cJ/kQab0jwDW3oMuyoiUziHwL
+dvE0RtJu/TJ8XXgMM23I+VvOhQoqgp+SHx7Syus9Ztezw/0QUqGVAmNsrAiuKjTn
+bJwdDFhHhOzY34ksyWrl5UDtAgMBAAGjggIFMIICATASBgNVHRMBAf8ECDAGAQH/
+AgEBMA4GA1UdDwEB/wQEAwIBBjApBgNVHSAEIjAgMA0GCysGAQQBga0hgiweMA8G
+DSsGAQQBga0hgiwBAQQwHQYDVR0OBBYEFOnXJ6Mspcahk2fNOtVQdkg0wsBmMB8G
+A1UdIwQYMBaAFJPj2DIm2tXxSqWRSuDqS+KiDM/hMIGPBgNVHR8EgYcwgYQwQKA+
+oDyGOmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHVi
+L2NybC9jYWNybC5jcmwwQKA+oDyGOmh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZ2xv
+YmFsLXJvb3QtZzItY2EvcHViL2NybC9jYWNybC5jcmwwgd0GCCsGAQUFBwEBBIHQ
+MIHNMDMGCCsGAQUFBzABhidodHRwOi8vb2NzcC5wY2EuZGZuLmRlL09DU1AtU2Vy
+dmVyL09DU1AwSgYIKwYBBQUHMAKGPmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZ2xv
+YmFsLXJvb3QtZzItY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0MEoGCCsGAQUFBzAC
+hj5odHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWcyLWNhL3B1Yi9j
+YWNlcnQvY2FjZXJ0LmNydDANBgkqhkiG9w0BAQsFAAOCAQEAKdi4J+Hk39theEHM
+Ye1zWcYoNk4JNIr7HDxMwA8w1sYxETxhbCzOYG/aNpgqaEBjaroHbQgyWlbrTx8e
+DAtSX5HwqfvPS+sCiBLqvXeAXIewQMM86UynG0GvPPOGOc/bMx2toZYYP/2/SGd4
+C/TCtTlGAV/AINXFKzvv/hwePqc3wML+R1LF7dO0U2uxsZ/yhykRAXKPiv3nES9Y
+ZEu3rJsjrs9Y4m093+sF0MKqUbiZdOpQzIfDQXI2djSucblxBinuA5lHVjnMgPc/
+g4jQLSaRsdHJSc1ZH0PL9Xzz31MQwBQQtWU5i/Km2X5GwVIhoiGJ/2WTAvHDXxS3
+CDCTmQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpjCCA46gAwIBAgIQCxOqaybbtZYT5zagRFO4KDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNjA3MTIxMjI4MDhaFw0yNjA3MTIxMjI4MDhaMF8xCzAJBgNVBAYTAlVT
+MSEwHwYDVQQKExhBYmJvdHQgTGFib3JhdG9yaWVzIEluYy4xLTArBgNVBAMTJEFi
+Ym90dCBMYWJvcmF0b3JpZXMgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAOsYZNkCD3YspXjsl5BXaPGtVFtI7T3XDuQ5Z0Fb
+Mxy2bI+UN2FsRpCV9zs6AwMos/LfZidFbL+kDWlUEsji+kcs3vgsoUpFeYB+9/1z
+XzkmWYYpzl+869xevpoKGYBcma5FWrjWCQXJmtJ9BHg+qafzGppOuxi7F5lH7+wk
+Il5mz2MfxY8XTk69xEtwB/WGcAeSXfG6c+qq0wOfIHYYwB72owUALgB7GOrfEu2k
+di3qhzLbJZ2mF4eVza20txyLlblt4C/QNS8PkATm6QqbY8UR7r094Wr/9ZcnIkv0
+Mf7hSiiqI6OfNG1iWJen0px/0rpq0J4Zs1Gftw4wXNt83MECAwEAAaOCAVowggFW
+MB0GA1UdDgQWBBSgJWm6Mhw8j+ChXo2r5NqwrTIlOzAfBgNVHSMEGDAWgBQD3lA1
+VtFMu2bwo+IbG8OXsj3RVTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQE
+AwIBhjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
+Z2ljZXJ0LmNvbTB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2Vy
+dC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDegNaAzhjFodHRwOi8vY3Js
+NC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMD0GA1UdIAQ2
+MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
+b20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQDb6jnKvBVLvBxAtWLDjfeC4XmRj1wF
+yuCwLxjZ8AYBurQnShWYYaDQuDx3JJAu0PXqLxIVntIaKNszVNOzqGOt/MuGxSS/
+iDXTBMwDBPhVcVKaClOQXTAxKNIxMuS43gupyBsynGpOJ9W28PgCCVlJgI6fOlKR
+s8sWqiO7FEPc8TRCGie9HghDEHXr8pZxvPqABtaT0jE3uea9I5yXJ37ghwbdDKaD
+Z+uNzEApHNALtj2vDYIjybeOQJl0FhGOtTseD4pePjVoJVbBZmOSpYqc4gU1K0FA
+jjcorQXolJqnIlrbNdVbchETS/S7yXIiKl2N5n30Dxo9fUFNgstSc+CZ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEjDCCA3SgAwIBAgIQCaW/BJJxwqNC7pChvyBVbjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNjA3MTIxMjI4MjhaFw0yNjA3MTIxMjI4MjhaMEUxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNDaXNjbyBTeXN0ZW1zLCBJbmMuMRgwFgYDVQQDEw9DaXNjbyBN
+ZXJha2kgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5zj/Lmt79
+uZVU+7h4bQMbAdKfKogEwYIVTqgsJbvVKRsUv66DqSW8Yi4E42gKw7gCAsO7XVrw
+YmS8P2Cu8rnyKNF+MnF6Mp0b0+bPWvxE2C9uVpToIhb8ro2i84DO27B8OYE7MRtf
+J5gooqV5seJtNpCTujWcU8emxHWQIYxkIcwQwajngEEAkrjQRyb45HRTWnNto2KO
+QCKbjaKAjkiJ99oFulujtNmLLSsYr04iCCMN3lCah564jlj9YcmM2L12I0a2cbgz
++XfOTNM2kKcH146xZfnMrQLSi3cP8IYSKmg5NIIdG+DyJVoQvg0og/G98FG99I79
+mMZoEjOJ1kz3AgMBAAGjggFaMIIBVjAdBgNVHQ4EFgQUY2GVVXb0FBalNOOwPXMQ
+N/zKg40wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwEgYDVR0TAQH/
+BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwNAYIKwYBBQUHAQEEKDAmMCQGCCsG
+AQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3oDWg
+M4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENB
+LmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xv
+YmFsUm9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYc
+aHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEA
+kw+KKqwWKJXLD/SDaElw8neXB2sdB41k+TlUw9f0AGpP41C7fqLpAaf1rBOtnhnu
+gd2kPeIQPRGc2VNBSwTsJ6GkydGiEh6ULhhiSsiQ00+iUjyRigCXpkchPyeaeMCp
+Sx+IKOm/W7z4rBgdZY+kxN53Fj0k6cI7nTtFRXsiNdo6iAjwbaRM0x02DXwct79z
+cdz//q87XL2O4rvlByaWyIgSJiavbG4bZv3mP0HQY+B7cDi3l+/6yvOFTK1CTp98
+3RYh+rV+TAaAkT9bkql0yIIXlHcVI+pxaMu/6Plm6Izhe+ABgh/ANq8vmqVHbx7c
+82QEPYp4t5pNu/7WkJ060w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGdTCCBV2gAwIBAgIQBOmcO+o168nJMRW7WHP3aTANBgkqhkiG9w0BAQsFADCB
+ijELMAkGA1UEBhMCVVMxGjAYBgNVBAoTEU9yaW9uIEhlYWx0aCBJbmMuMS0wKwYD
+VQQLEyRPcmlvbiBIZWFsdGggRGlyZWN0IFNlY3VyZSBNZXNzYWdpbmcxMDAuBgNV
+BAMTJ09yaW9uIEhlYWx0aCBEaXJlY3QgU2VjdXJlIE1lc3NhZ2luZyBDQTAeFw0x
+NjA3MTIxMjI4MzdaFw0yNjA3MTIxMjI4MzdaMIGHMQswCQYDVQQGEwJVUzEyMDAG
+A1UEChMpQ2FsaWZvcm5pYSBJbnRlZ3JhdGVkIERhdGEgRXhjaGFuZ2UsIEluYy4x
+LTArBgNVBAsTJE9yaW9uIEhlYWx0aCBEaXJlY3QgU2VjdXJlIE1lc3NhZ2luZzEV
+MBMGA1UEAxMMQ2FsIElOREVYIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAyPJ/Sb3ZIQ5jTvsNpkE4I8x1rHilh/qzuKGvJrKkzf/60LtUfj294zXk
+iF7wkf9YUzlUueB1Ow3HBkMfyVxI5mEnD3niLBCMtoYNu/BZH0qLb3AIy9yP1U0I
+ZiTX8fKpAio3mk9v6XqhRfNR4YQM5MNS+jwLnY/f2iE6IebZ6fG47avU5t8b3Fpn
+zQ6j64wIbs06pJdySswqRabGPPA3pqbCzpHcDy9AwP5mWCQf57/4cvnU1yKhJ2TS
+5zyrwXm2/Bpc2pQkPG1xCmzgueMxeXqiAC1u60FMr4sAGqBOh1kjK1zLVe2bRzlu
+T931pBNx5gyesVvaTOoTOgUTz+ZnxQIDAQABo4IC1jCCAtIwHQYDVR0OBBYEFIpx
+MDDBlQfnMxiH0RdWVkh4lOYIMB8GA1UdIwQYMBaAFKVuIv85aToj+4kkF8ZglAAa
+2o6eMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMHoGCCsGAQUF
+BwEBBG4wbDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEQG
+CCsGAQUFBzAChjhodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vYWlhT3Jpb25I
+ZWFsdGhJc3N1aW5nQ0FzLnA3YzCBmQYDVR0fBIGRMIGOMEWgQ6BBhj9odHRwOi8v
+Y3JsNC5kaWdpY2VydC5jb20vT3Jpb25IZWFsdGhEaXJlY3RTZWN1cmVNZXNzYWdp
+bmdDQS5jcmwwRaBDoEGGP2h0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9Pcmlvbkhl
+YWx0aERpcmVjdFNlY3VyZU1lc3NhZ2luZ0NBLmNybDCCAVIGA1UdIASCAUkwggFF
+MDgGCmCGSAGG/WwAAgQwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl
+cnQuY29tL0NQUzAMBgpghkgBhv1sBAEBMAwGCmCGSAGG/WwEAQIwCwYJYIZIAYb9
+bAQCMAwGCmCGSAGG/WwEAwIwDAYKYIZIAYb9bAQEAjAOBgxghkgBhvlbA4ohAAEw
+DAYKKwYBBAGCwVsAATAMBgorBgEEAYLBWwEBMAwGCisGAQQBgsFbAQIwDAYKKwYB
+BAGCwVsBAzAMBgorBgEEAYLBWwEEMAwGCisGAQQBgsFbAgEwDAYKKwYBBAGCwVsC
+AjAMBgorBgEEAYLBWwIDMAwGCisGAQQBgsFbAgQwDAYKKwYBBAGCwVsDATAMBgor
+BgEEAYLBWwMCMAwGCisGAQQBgsFbAwMwDAYKKwYBBAGCwVsDBDANBgkqhkiG9w0B
+AQsFAAOCAQEAqakDhBps4qi1PVvcxDW/ord53ouieZwBiyiRvQTAv855uIaTIuMm
+gFwpomCawvBPUDKxM2q0w675VZ4lPPG682WlKCIX6yK8XUAIAkBTfP3cGxrHfV5w
+0shrzJ/scc2Hhn2SY77LSI1jKqSgoXu5Qb5b/6ehGm9gmmS2wYQCD0RFHKFBZzoU
+5xJTrewS0q9Ip39l4oF+bEvcazWTQwYLdYFv9f0jZzNte52fc2J71vfCBH0/FqdL
+QK5VL7a8GBFxF8zKybb50q1c5X+nyZDpculqUPcE2YdJPTieIuBE6j617oQw4Vdz
+3mYUu4rlnAqddyronHRmLVgcb6KPdjn5kw==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIFZTCCBE2gAwIBAgIQOhAOfxCeGsWcxf/2QNXkQjANBgkqhkiG9w0BAQsFADCB
@@ -5550,63 +12637,330 @@ Zs6cMxhrra062ZCpDCbxyEaFNGAtYQMqNz55Z/14XgSUONZ/cJTns6QKhpcgTOwB
 fnNzRnk+aWreP7osKhXlz4zs+llP7goBDKFOMMtoEXx3YjJCKgpqmBU=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIFCzCCA/OgAwIBAgIQNZYvMFxaC+xADU6Yd1KMZTANBgkqhkiG9w0BAQsFADBI
-MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24x
-FzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTE2MDkwMTE0MzUzNFoXDTI0MDky
-OTE0MzUzNFowgbExCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhJbGxpbm9pczEQMA4G
-A1UEBxMHQ2hpY2FnbzEhMB8GA1UEChMYVHJ1c3R3YXZlIEhvbGRpbmdzLCBJbmMu
-MTkwNwYDVQQDEzBUcnVzdHdhdmUgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTSEEyNTYg
-Q0EsIExldmVsIDExHzAdBgkqhkiG9w0BCQEWEGNhQHRydXN0d2F2ZS5jb20wggEi
-MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt72YcuqK/rz0VYiTs9p5Au5ai
-zyV1Ffis0sd4Pv9fsmtN9pe4hBot+tQ4O3JFpmzQu0mwQeCmvt1SicMgfr0+ME+s
-eD6EEu7uhvi50THcnTc1BJ2dH9+o9jRkwfY0/t71MVIopy1n9KbMDyMZyVWZ2JMa
-DVtPHrGBa49ar06mshBKCQ/k1F7UZ5NDtT8TXPEuprDo95BaMRIc8Z6KXLDSOvqp
-XIczlpyT2mzrSw3cIo0a6yHJpB7fDZtjFEn1FEf+wgsICaZNuNz9xesZAwZ1pi1q
-Iaddtzjmvf1yp9vKdnvWE880S0Vs52qTcLsjy+uEgeIpoC0WRMxFJaYceTgfAgMB
-AAGjggGFMIIBgTASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTl5CRZFTIn
-ySCzQgJssO8y3psgWjAOBgNVHQ8BAf8EBAMCAYYwMgYDVR0fBCswKTAnoCWgI4Yh
-aHR0cDovL2NybC50cnVzdHdhdmUuY29tL1NUQ0EuY3JsMD0GA1UdIAQ2MDQwMgYE
-VR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3NzbC50cnVzdHdhdmUuY29tL0NB
-MGwGCCsGAQUFBwEBBGAwXjAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudHJ1c3R3
-YXZlLmNvbTA1BggrBgEFBQcwAoYpaHR0cDovL3NzbC50cnVzdHdhdmUuY29tL2lz
-c3VlcnMvU1RDQS5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB8G
-A1UdIwQYMBaAFEIythb6BP3+XUt6w/33TEAdWkOvMBsGA1UdEQQUMBKBEGNhQHRy
-dXN0d2F2ZS5jb20wDQYJKoZIhvcNAQELBQADggEBAGUMIDkrvlMJ0wHLuP3lkneC
-wGU6mZ3g17jyU2RJwhRinYctraryG7Jh20DQ9/ppTHoxTIADw2JDsC5ByplabteQ
-nLghrl17K1b6PO+rzWA/NFKVwo6u8Gh7Lz0iUuit7ZBD4eKcRedxRZcPQlnD9KTR
-Is94SRpootsuCv/Y5b+1FMPV1KrYtbco9yEVlaNEWLpmiEsqvLjxiWEmt71rzz+0
-S59OtA/ihnbGP9Xrnhe7wf1ybCNOO5gZQMKr/OszfLZ7oVKACGOPLlcSZRRW98gA
-szE+1ZvlHkdjamfTSs4yMvUorYn9NhXnjAWl28NuD9m3FPiE2O50ezEDnHTiaOQ=
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-MIIFEDCCA/igAwIBAgIRAJK4dE9xztDibHKj2NXZJbIwDQYJKoZIhvcNAQELBQAw
-SDELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9u
-MRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTAeFw0xNjA5MDExNDM1MzVaFw0yNDA5
-MjkxNDM1MzVaMIG1MQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxEDAO
-BgNVBAcTB0NoaWNhZ28xITAfBgNVBAoTGFRydXN0d2F2ZSBIb2xkaW5ncywgSW5j
-LjE9MDsGA1UEAxM0VHJ1c3R3YXZlIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNI
-QTI1NiBDQSwgTGV2ZWwgMTEfMB0GCSqGSIb3DQEJARYQY2FAdHJ1c3R3YXZlLmNv
-bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOPTqIZSRwSf47okE5om
-zktvKR7wgqdWzznOnpUOtgwmBPwNeCV1LSPMmlHPZxY4enTc0eyoxTxKv6g6ZUJe
-39U74eYnwTTT9sEOnvNtE1pTzuB4Uf+YOPt4hZidTe5Ba8Q6dfz/Ht/vZXCbF3JF
-wrXxZEPbJaICap2grIqYHax+IEIYnBQC+WKh8NgCn3LWS0j6cYSN8SEjFf5SEMGT
-1iNtttb/QC3JKJIeaVunUyvMfMjVFMntc7eZrFs6rp3wY1WFVI+fy17uOoUvfTH8
-bvNAESUch7FyLh2zM8FVxqilT2XygHRwZeXtxJQozcDcvh4ItPb0uz6AFIYwn/8G
-zp0CAwEAAaOCAYUwggGBMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFMrO
-HRgDdx4c83xYsppwqAiAFvSuMA4GA1UdDwEB/wQEAwIBhjAyBgNVHR8EKzApMCeg
-JaAjhiFodHRwOi8vY3JsLnRydXN0d2F2ZS5jb20vU1RDQS5jcmwwPQYDVR0gBDYw
-NDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vc3NsLnRydXN0d2F2ZS5j
-b20vQ0EwbAYIKwYBBQUHAQEEYDBeMCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC50
-cnVzdHdhdmUuY29tMDUGCCsGAQUFBzAChilodHRwOi8vc3NsLnRydXN0d2F2ZS5j
-b20vaXNzdWVycy9TVENBLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
-AwEwHwYDVR0jBBgwFoAUQjK2FvoE/f5dS3rD/fdMQB1aQ68wGwYDVR0RBBQwEoEQ
-Y2FAdHJ1c3R3YXZlLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAC0OvN7/UJBcRDXch
-A4b2qJo7mBD05+XR96N7vucMaanz26CnUxs1o8DcBckpqyEXCxdOanIr+/UJNbBL
-XLJCzNLJEJcgV9TjbVu33eQR23yMuXD+cZsqLMF+L5IIM47W8dlwKJvMy0xs7Jb1
-S3NOIhcoVu+XPzRsgKv8Yi2B6l278RfzegiCx4vYJv0pBjFzizEiFH9bWTYIOlIJ
-JSM57hoICgjCTS8BoEgndwWIyc/nEmlYaUwmCo9QynY+UmW1WPWmVITEJPMdMK6A
-ZqvvaWmuHJ6/vURaz+Hoc5D3z0yJDDCkv52bXV04ZoF6cbcWry7JvNA+djvay/4B
-RR4SZQ==
+MIIFXzCCBEegAwIBAgIQFcILcawsNlJ6B2Z9hxvG2DANBgkqhkiG9w0BAQsFADCB
+vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp
+U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W
+ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0xNjA4MTEwMDAwMDBaFw0yNjA4MTAyMzU5NTlaMIGXMQswCQYDVQQGEwJDTjEl
+MCMGA1UEChMcVHJ1c3RBc2lhIFRlY2hub2xvZ2llcywgSW5jLjEfMB0GA1UECxMW
+U3ltYW50ZWMgVHJ1c3QgTmV0d29yazEdMBsGA1UECxMURG9tYWluIFZhbGlkYXRl
+ZCBTU0wxITAfBgNVBAMTGFRydXN0QXNpYSBEViBTU0wgQ0EgLSBHNjCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6PcUG/2YcVEtzwDU9yj/F5Ed4M5LBW
+8ln6HwMRuXuDgKIz6t6OBeF7tqaZPwZ8NRgwwhtEcnyeuDPjS/HYvQqEZZWQpnut
+njNGniplXkOngD48f0Bhdo5Rwtqv13UiV59gfP/PSy81atddMqgtt5WeITaseddh
+4sVZV0bj2b37lJ0w/2TRm+gzIp12lzliIkZr9OdgAKRWpITs0TtU0jJq6gXR5fe7
+aut4GOVov5SZHJorXJSTkhdEIyoYWgUxNAIu83Ykw91/bjeXKFVvq8+tZZN3ct5F
+I7qbHRgcrLqRdZQPkKjQWC9hXFrQVZUSwRMjRN2O3TXvmtprFr4od+0CAwEAAaOC
+AX0wggF5MBIGA1UdEwEB/wQIMAYBAf8CAQAwNgYDVR0fBC8wLTAroCmgJ4YlaHR0
+cDovL3Muc3ltY2IuY29tL3VuaXZlcnNhbC1yb290LmNybDAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgEGMC4GCCsGAQUFBwEBBCIw
+IDAeBggrBgEFBQcwAYYSaHR0cDovL3Muc3ltY2QuY29tMGEGA1UdIARaMFgwVgYG
+Z4EMAQIBMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3BzMCUG
+CCsGAQUFBwICMBkaF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMCkGA1UdEQQiMCCk
+HjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0yLTYwMjAdBgNVHQ4EFgQU3qQwrOQ/
+9ScrMXyvkGcdriKe7GQwHwYDVR0jBBgwFoAUtnf6aUhHn1MS1cLqBzJ2B9GXBxkw
+DQYJKoZIhvcNAQELBQADggEBAMS+q79V8jm2p5T8pdMCS8XuYjCVpsJuXh4QqegO
+Ors1D4nVEE0Thm7V6fy60UgOxsjXayauQonRoCdApv6bziW9USmUK2qQ5xFsgBBD
+LzwJnQd7FDUW9ngDNCo/377J2CLqiVsYFqNnpuVzbbWF/6UR+AxGwFzzAgx9QOLP
+Qucpx6kV+d0Ht2cm/+mwGlzmdr/RwcT5iLW0oAQZkcfzbi+s9bBaIprMOCiyvO/F
+Gf1YDO4KQHMfda+GO6HpmPl8nDFgP17Bi3QgRjr1kjpZ9WvnPQha1wZLel+VGm/e
+xOXNrbei6P5U58U0Hy3GsO5r/IxRE5k55tR5o5E2EB0ilSg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFBDCCA+ygAwIBAgIOSETc1VvQKA4Lb2oRaIEwDQYJKoZIhvcNAQELBQAwYzEL
+MAkGA1UEBhMCQkUxFTATBgNVBAsTDFRydXN0ZWQgUm9vdDEZMBcGA1UEChMQR2xv
+YmFsU2lnbiBudi1zYTEiMCAGA1UEAxMZVHJ1c3RlZCBSb290IENBIFNIQTI1NiBH
+MjAeFw0xNjA4MTcwMDAwMDBaFw0yNjA4MTcwMDAwMDBaMGgxCzAJBgNVBAYTAklM
+MREwDwYDVQQIEwhUZWwgQXZpdjEXMBUGA1UEBxMOVGVsIEF2aXYtSmFmZmExFTAT
+BgNVBAoTDEJlYW1lLmlvIEx0ZDEWMBQGA1UEAxMNQmVhbWUuaW8gQ0EgMjCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANYxDx4s9D2TDkzyOF8y1FqRTt3u
+owDUXAzbxvpAfcYK5+QEdkit0VRhHIHvvbd+tuU8B0fQ55J/jvkS0q0E2xoZI2Qd
+RuJpTYVomRmyVlvjjJVF2uFiQCTLO7YPXdVx1SQpPd87b51SWP8pGHxj3JiIzB9V
+A1MV/EI/QruuIUl6a47FCaRXOxTqCVVGcK1yVNZ0kVzkWgK7m7FZBXUX8i+nB3Eu
+rUGSkwK7a93BW5Pdia0VEkvIumZaagikVPhHIYpvvpnV8gaSTC7Z1FGz+TAtcbuZ
+a8QwSPpTtS9shVyEyaGAvC/fWANpjNsjEP8FMmLgzgFH1akSX+DbH1lPkh0CAwEA
+AaOCAa8wggGrMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUjtzM1mWQfqg4
+X+TeAz0HG8wV8IUwHwYDVR0jBBgwFoAUyGObCGlUwpjI2c3jM7dQXvjJAZswgY0G
+CCsGAQUFBwEBBIGAMH4wNwYIKwYBBQUHMAGGK2h0dHA6Ly9vY3NwMi5nbG9iYWxz
+aWduLmNvbS90cnVzdHJvb3RzaGEyZzIwQwYIKwYBBQUHMAKGN2h0dHA6Ly9zZWN1
+cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L3RydXN0cm9vdHNoYTJnMi5jcnQwPgYD
+VR0fBDcwNTAzoDGgL4YtaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS90cnVzdHJv
+b3RzaGEyZzIuY3JsMFYGA1UdIARPME0wCAYGZ4EMAQICMEEGCSsGAQQBoDIBFDA0
+MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0
+b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAVghgTClfJqshfcCa7nFZfcZcHLa4U6Fy
+tOnsoIuKINuSP02oTSqHcy3nw6+QNS2pIuUIQF6Ok3qiN8YJsH9u/UaICD3LHsMg
+WG5na32LBnHaOJeir2dzz78cAUwYukOyUyYEY1WpbfkZO3rEuW05j9uD7S/bwAz0
+Tlm7GYdDCcdmLJWnhDbHb5WoOHMEahbPG3S9GPP08E3gTRDJVe5iEoeGQIc1RK8E
+EhW2PzYGu6knCIUHerDdgN2vUOx2fD9HPAiKlnqnHwezZqefIH3N/yTweohAuMnG
+ODVdAh2Qun2nqlnCv4LQgcfVxchfTstivEpiOaBquiz+r+g1W7joVQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8DCCA9igAwIBAgIQCkWP1jUP2kJIgVpgCrPMnDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNjA4MjMxMjQ5MzhaFw0yNjA4MjMxMjQ5MzhaMGcxCzAJBgNVBAYTAlVT
+MSEwHwYDVQQKExhBYmJvdHQgTGFib3JhdG9yaWVzIEluYy4xNTAzBgNVBAMTLEFi
+Ym90dCBMYWJvcmF0b3JpZXMgU2VjdXJlIEF1dGhlbnRpY2F0aW9uIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwz0g98P3Yadw20QCWIp9MTLdsQBD
+1AB6ClyR70MTA/MVve5Jv62CN6EH7MbfnXjgl+daO95waXFgQb3leiUnnAh1ouiW
+pOmFrvuipifneOp+1Te3IpnS1sW5fX9H59Y6Ebslko4kNxBivS1MgRa6sEtzEjIG
+F5P6ZO49E2A7VaiVfen5J10ZYnb0sttAKdp0CBOX7yqrD75eiVFXUIVJvp3YUEH4
+TK50roqHCfb9Sex04Em/tNv00mVMSO1Wc4wrF61MrEPcOaBTBvysF2QFxWdKT9v8
+EbbWmAsyvm1dXEPNUyaMfenKtVIQI50YB0N8d3arDjPExrT+8GItNlNAPwIDAQAB
+o4IBnDCCAZgwHQYDVR0OBBYEFFwViJBtJSLzzxItbmEhzgeWskAGMB8GA1UdIwQY
+MBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYD
+VR0PAQH/BAQDAgGGMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDov
+L29jc3AuZGlnaWNlcnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5k
+aWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3J0MHsGA1UdHwR0MHIw
+N6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJv
+b3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy
+dEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUH
+AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQELBQAD
+ggEBAHywyzOoZ7TD5HzcZbUkSAjSeFPaUDE1SXE8cfjN6bS3Uc4OulRQh05Lzaml
+PuHfOT43B5rhDbhHpZzDJGIRuhaLCdLSW1PmObrSSjLZUq4LYw34HT198K0WibJJ
+j8SHdw1LfDXZOMLTI6LY78es6NbgkAqMLq91uzoV/TCzkktuFSeM+vf5Riw4aog0
+cK5GUja2+petzhwALsW/6MSbU2EH/PfwM8zJEBiBJar+O7N33jEygoEDNyjVHJ/I
+VL/5UKVXum20rD6AbjYNzcA5LsaRM6UQZycCfsA3KeEh9ko//AfSbC2Bmx7+qCUs
+7wCUJTqOaZDjUukXXhYpsJtRt/o=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHRjCCBi6gAwIBAgINAI+BbtVRyZJO14+xCjANBgkqhkiG9w0BAQsFADCBgjEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMScwJQYDVQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkx
+HzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMTYwODI5MDIwMDAw
+WhcNMjkxMjI5MjAwMDAwWjB8MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
+c3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xHDAaBgNVBGEME1ZBVEhVLTIzNTg0
+NDk3LTItNDExJDAiBgNVBAMMG09ubGluZSBlLVN6aWdubyBTU0wgQ0EgMjAxNjCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIhNFrNXAnBScDoQE0hY/e/a
+tUt3FMpH/rQp/nJMSJNGjYZlCbTyhF7R1SPx0gOtwXSp2nFKiALLkkI/G0i2LZ7J
+3d0bGBI6ZcPbPm3NGgOanuol63Mp//gzIT1ZuNKVW4csWKEg5yMEMIdYzy1iD53U
+r//66Xhk55He6FIgXYqNqA43rolqfmbaWKCsKFopWysNQWXExy4uRNV6T7gTY0t8
+fnGd2mUXKAascoNCD9vONaAlhf3C4Wz0oC1aD5PqKH3S2pQJLuke7TdSQYHxFmBF
+jVHZbguuJkq7wMlJSm9RKeeF7oH3VL/Gu4HcDIx2DtgJSwwzB3TsZO560aAtcoQx
+3LOcuRo4sMt3VrcIr/HPWuScOyKcCN0MqEUgfsl+NfGMNm32wk5+mSEgtw93EG9T
+VM+SJI9UuRuRd5r3dWY7Iee3Nr8S+jmoHQVMXFeffgIfmHxdyW4XxCuNT1LRO6o2
+aCRsDo6DHjNLSNTA03NcKTJvp1C+O7iq2B1jhIWS+DFdh48xH6DKonjEqdi94qjv
+qLcz/O4mhqByqv/EB3PXUMJ5TmQFY4bXMfXfhE0bOtlpsAJvlb6g+LKD0lT4lhjH
+1FIaYIAm2Adzr25pxf7lo0jswu8tmGV50m9morYZJ4G5+5bZoOOuum91CC/vLjOu
+mjzUCwpHckCG2wsUOB91AgMBAAGjggK+MIICujAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBBjA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYa
+aHR0cDovL2NwLmUtc3ppZ25vLmh1L2FjcHMwHQYDVR0OBBYEFJNwk5Vj/7E0Aq92
+mxAaFNjv4tv8MB8GA1UdIwQYMBaAFMsPxt9CQ8w9y7VII6EaeqYquzRoMIG2BgNV
+HR8Ega4wgaswN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDEuZS1zemlnbm8u
+aHUvcm9vdGNhMjAwOS5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDIu
+ZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2Ey
+MDA5LWNybDMuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmwwggFfBggrBgEFBQcB
+AQSCAVEwggFNMC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAwOS1vY3NwMS5l
+LXN6aWduby5odTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMDktb2NzcDIu
+ZS1zemlnbm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDA5LW9jc3Az
+LmUtc3ppZ25vLmh1MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAwOS1jYTEu
+ZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9y
+b290Y2EyMDA5LWNhMi5lLXN6aWduby5odS9yb290Y2EyMDA5LmNydDA8BggrBgEF
+BQcwAoYwaHR0cDovL3Jvb3RjYTIwMDktY2EzLmUtc3ppZ25vLmh1L3Jvb3RjYTIw
+MDkuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQBUP2Z9eLSODxVVS7j89wOxJBOwe3f/
+9iqhmnWCQbQ7ktEX87Me9PT8MQgrAS57TBDdnc37hdCpXcbT+SvhaxVFoCxTxa6S
+3WK2xBWsLQqVzjLaPPjaHTOC8lBguUZaBA4Gx3XMQWGiKhedNXkdSRd5o7QnQ6Cc
+33VnxmKj7qHkJDoKqPUJqprFYxogyFJ7HVwyPxxU9WZZX5fdLeXeZNTOAVnxnb2x
+9U8I4u+O+Y5K2B/6oAy2+G9IwpuDjxcqV65jSGFxyZs9mmUxyTrD0IXdkfl+hayQ
+BqCXgDhsAl47JGi3EcfjBLwbkZ82jREllH8XGla9jYhcErbLiltP/Zl/
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHRjCCBi6gAwIBAgINAI5fRu8exOEPyggWCjANBgkqhkiG9w0BAQsFADCBgjEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMScwJQYDVQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkx
+HzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMTYwODI5MDIwMDAw
+WhcNMjkxMjI5MjAwMDAwWjB8MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
+c3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xHDAaBgNVBGEME1ZBVEhVLTIzNTg0
+NDk3LTItNDExJDAiBgNVBAMMG0NsYXNzMiBlLVN6aWdubyBTU0wgQ0EgMjAxNjCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK02eJ7dzwuDzRpqee7eEFOi
+r6UH89xkXEb/n38YGAYpXYMLezDUmkoWEWOuJdOO5ThYEb3miVAdbm6wWKSLKJSo
+6JwX3FS7r5WLkkFDKCUGMmVqzHfLQ0CnmH2SW4F1j5SeFIzpUV2SjlLXSnSr+ddi
+2vyCYm08QFj8MMjeSIA92mMPrQBIF9CJuBVpzeq7HMO9CxzHgzCTKgI6qb/DbFBf
+KPBV4LWRxLiyzvirDKszCufLf36dLTm4Dje/Qs2/MvI4UsvZB662RYIeQggC6aIx
+jt6NooL20/b2TotRE0lC44P6V4H0njmHVhKJ6dB06w6n6qLmNv6+S6EATzaBNVl8
+rCkFOAwvNU0uNDamt+hi3nXS7kxNv1Li3gi+MNF13+UtwVudxZlkmHb/vUvpLNJ8
+TfB9Doe2XpoUrevt7wsszs178+XTv4c6Gyg4tgwOb9QNuzKWNXTlF7B6/jotGoL2
+tD/8SRj1selkJAiIHdHX6M0D6MYMtjGI4te4gL+NjhG2gAykR7ycpy4eS+DquEn2
+6HTy6VfsTgFoThHIlWGjOI3tO7q3wCKFa0X/u1a4nty+dPooJBvEsrhdvGjoWY0x
+bRm80ZXFRwbNGYXn3SK2BlQEkR3Q3Xq1fiyyZEVWgqOIQY5GxUh+/NtcH3cHcvD6
+oLR9Ao7BbmhXnf5RVBLzAgMBAAGjggK+MIICujAPBgNVHRMBAf8EBTADAQH/MA4G
+A1UdDwEB/wQEAwIBBjA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYa
+aHR0cDovL2NwLmUtc3ppZ25vLmh1L2FjcHMwHQYDVR0OBBYEFGbBftlD0CJCtL6W
+eJacTkR2FFtMMB8GA1UdIwQYMBaAFMsPxt9CQ8w9y7VII6EaeqYquzRoMIG2BgNV
+HR8Ega4wgaswN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDEuZS1zemlnbm8u
+aHUvcm9vdGNhMjAwOS5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDIu
+ZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2Ey
+MDA5LWNybDMuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmwwggFfBggrBgEFBQcB
+AQSCAVEwggFNMC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAwOS1vY3NwMS5l
+LXN6aWduby5odTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMDktb2NzcDIu
+ZS1zemlnbm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDA5LW9jc3Az
+LmUtc3ppZ25vLmh1MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAwOS1jYTEu
+ZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9y
+b290Y2EyMDA5LWNhMi5lLXN6aWduby5odS9yb290Y2EyMDA5LmNydDA8BggrBgEF
+BQcwAoYwaHR0cDovL3Jvb3RjYTIwMDktY2EzLmUtc3ppZ25vLmh1L3Jvb3RjYTIw
+MDkuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQBTeghijPntCnam9WIq3IqUXw3zEcqj
+dxl9yK+J/HxlGm8VmMytaKULR4uF4mQdv4adqYXyun8mUZdWOJh+I2S9dzAAU6cf
+gKw+oM5yPWnSNsbCICI1/uyEF/fodir3aLsfqycPJXXWKSjymq+lij9/xObwd+Oh
+BZoP5PWp9FaxdLQ1BhmhN6C9m7IWkcPGWo46L6Dmk5pRMDqU9lqxCMvA+qvZXnuP
++r1m0hpeJlDyccoJMevjEWdb/xympIjpLZbj+FxRnxFFYB2dRlNYcG2/tPOi9LQ3
+bifXaHTjqmOtid/5yB+RCW8HYAEfQhSmRlHtAytAQXH7o3qhXJsdobJE
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHUzCCBjugAwIBAgINAJAnSYTL8NLZr6/zCjANBgkqhkiG9w0BAQsFADCBgjEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMScwJQYDVQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkx
+HzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMTYwODI5MDIwMDAw
+WhcNMjkxMjI5MjAwMDAwWjCBiDELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFw
+ZXN0MRYwFAYDVQQKDA1NaWNyb3NlYyBMdGQuMRwwGgYDVQRhDBNWQVRIVS0yMzU4
+NDQ5Ny0yLTQxMTAwLgYDVQQDDCdRdWFsaWZpZWQgZS1Temlnbm8gT3JnYW5pemF0
+aW9uIENBIDIwMTYwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDnYM62
+VkK02hmttEVk8BTm2zaUKuD5TGUyNtmunoj9SNRHaHWfDIE0voHnOfVKImEz4ks4
+l20fUP73OwgwIHnjPkYKi8sXExuH1wLD3d/hVM+KmBbS5cpTeB7f0YyJxw02Cj3N
+ApgI3320lzFZNrYg0+m7zCKarMMCY4eL+llS4MLiNnH00Bqe/IvpKzt5T6wlqP5U
+C3ttVRpkFzjX/Ao93x1m6+iOxntnXsFtTGiLN/ZtJTqThWuupYFuaFc2qAZfytXG
+SrBCUpZTrqgE7KvHyXGn7mQGoGVWtTCSdOxqOy3eLWJzHZ/6rzalRwyD1rUq5yIY
+SrUqwpnD8l4z/4WYq2j2zk6hRQP7FgLLakx8xcdLMb4zpCzyt2vy4k+8Jo7QghE/
+d45o5lcEChIvHKimu30IgePzcwaC23Zjd2pI/5oZRtybio1+ZWIyWFseRPNLQh0H
+TJa3+jsOhAbBc91qwLPo7x0dv61GgPilrc3F+KCeduBplt983T750f3VYMqcOW6n
+LNdds5mM208i/ODmTBvaHVWotJdTQxQ7OI94A2e9T0S2pwDr4O0w7cfNsXVw2NLb
+fmc0As4Bufjua01mKPDitcJDktM88FI1pbUrSmm2z6vwli1StZUtQ75b+2friKzn
+ftsPfRv5EqC5r2Wr8BxwlmrT5UL7djfZ1rBIJwIDAQABo4ICvjCCArowDwYDVR0T
+AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwOwYDVR0gBDQwMjAwBgRVHSAAMCgw
+JgYIKwYBBQUHAgEWGmh0dHA6Ly9jcC5lLXN6aWduby5odS9hY3BzMB0GA1UdDgQW
+BBSxGI+yuTjSnmc3e3gVWTuv+gAXsjAfBgNVHSMEGDAWgBTLD8bfQkPMPcu1SCOh
+GnqmKrs0aDCBtgYDVR0fBIGuMIGrMDegNaAzhjFodHRwOi8vcm9vdGNhMjAwOS1j
+cmwxLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3JsMDegNaAzhjFodHRwOi8vcm9v
+dGNhMjAwOS1jcmwyLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3JsMDegNaAzhjFo
+dHRwOi8vcm9vdGNhMjAwOS1jcmwzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3Js
+MIIBXwYIKwYBBQUHAQEEggFRMIIBTTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3Rj
+YTIwMDktb2NzcDEuZS1zemlnbm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290
+Y2EyMDA5LW9jc3AyLmUtc3ppZ25vLmh1MC8GCCsGAQUFBzABhiNodHRwOi8vcm9v
+dGNhMjAwOS1vY3NwMy5lLXN6aWduby5odTA8BggrBgEFBQcwAoYwaHR0cDovL3Jv
+b3RjYTIwMDktY2ExLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3J0MDwGCCsGAQUF
+BzAChjBodHRwOi8vcm9vdGNhMjAwOS1jYTIuZS1zemlnbm8uaHUvcm9vdGNhMjAw
+OS5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2EyMDA5LWNhMy5lLXN6aWdu
+by5odS9yb290Y2EyMDA5LmNydDANBgkqhkiG9w0BAQsFAAOCAQEAxqY1rcxnTkQF
+U/sgEh4TE2rjdIHUS0hmVylcXiArtfS0RPlx+09BlRWHGB3kxb8sTcHqjnVyDyQE
+h31NLE7O8dfDKZ85vxZRRzd6eSNKRhm0vyxo7JSW0HfbCcliuq2a4DkxhaczAc1x
+C23j58U983V5gw9uIRKe/XISRD7JzRjriPg1V6ywgHVdSI6RJ0djrwO49m1c51lm
+EPVb9U0ibH6HZc+oTX3XloUMLkHKOkqnrAhD8R+OmlMJ+c+hKUfUUY1lb9RJYSHJ
+/hqiqyHM3uE4Ek1Bc12lApR5e+LbMrSqxnSdfNaPjn9BuFcnlkI04N7PnKftuf5T
+8Ow2sbss1A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHWTCCBkGgAwIBAgINAI2N0iHu0lNbhD4eCjANBgkqhkiG9w0BAQsFADCBgjEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMScwJQYDVQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkx
+HzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMTYwODI5MDIwMDAw
+WhcNMjkxMjI5MjAwMDAwWjCBjjELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFw
+ZXN0MRYwFAYDVQQKDA1NaWNyb3NlYyBMdGQuMRwwGgYDVQRhDBNWQVRIVS0yMzU4
+NDQ5Ny0yLTQxMTYwNAYDVQQDDC1BZHZhbmNlZCBDb2RlIFNpZ25pbmcgQ2xhc3My
+IGUtU3ppZ25vIENBIDIwMTYwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQDP0wXIoXMFKapJoP+KpEbAZLe+YcHB5OS+kJovgjFXHzKAUYILvCZlHQ6ZpgEE
+MRj/x4KD407kgZytnG7Ni8Bp9YxWRlFGlz7fRWMW4wWYyIhJmXAXeyTPSdcmI8/Z
+2rgB+ZNyds31ODpg5Wem5SyEpbvVv+GoTx1Gjn2FQ1mhMkI9J1eReOcfZOqGZV1Z
+0okXjaw3eCnt6o+U/7KlSCK5OLRwnm53WOXw1iqayjGDiBD8GmBKI0Hb4pk04EWE
+wVs4pXTI2c4qqims52FFQa6JhuvlyR3sGQXzx7tNGLsYBAaB5XPtmI2RpidYHgHz
+FDfKZiM5+GSaEHKEnlaI0R2IEkjzsh/QIndCaPQaryaP/Lxn/r3Yd9mMkTyww9kZ
+qFWYpyBotJTknfzsgW5ZhRaUuBwy3Q++QVdaf2CglHMUPwoG/AXWeu4zRf0NXj8h
+zTGZPwi4cfN6pVUjGwXNfRXPoyP2MLLI5+6I/lv23TBMBCtlajdiKEPIghb5QgUT
+ziprBwUDDHLVKlmRFyYCJJV2PyFotfTe0GVeWnkFLPRHMS+9YVK0cU5FminPCPyk
+K3UmIuv5nxgF2VOpljavX11nwAGKo2adV0izay1xvccRTf6grPkx/s03Suv4oFDB
+IENdYMlgqLeMI0gzt1vlD34h3hTk6LajjGqA/Kihn9k/9wIDAQABo4ICvjCCArow
+DwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwOwYDVR0gBDQwMjAwBgRV
+HSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6Ly9jcC5lLXN6aWduby5odS9hY3BzMB0G
+A1UdDgQWBBTICZq+B0E4pSZo1jLAgg5K/+ZedDAfBgNVHSMEGDAWgBTLD8bfQkPM
+Pcu1SCOhGnqmKrs0aDCBtgYDVR0fBIGuMIGrMDegNaAzhjFodHRwOi8vcm9vdGNh
+MjAwOS1jcmwxLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3JsMDegNaAzhjFodHRw
+Oi8vcm9vdGNhMjAwOS1jcmwyLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3JsMDeg
+NaAzhjFodHRwOi8vcm9vdGNhMjAwOS1jcmwzLmUtc3ppZ25vLmh1L3Jvb3RjYTIw
+MDkuY3JsMIIBXwYIKwYBBQUHAQEEggFRMIIBTTAvBggrBgEFBQcwAYYjaHR0cDov
+L3Jvb3RjYTIwMDktb2NzcDEuZS1zemlnbm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6
+Ly9yb290Y2EyMDA5LW9jc3AyLmUtc3ppZ25vLmh1MC8GCCsGAQUFBzABhiNodHRw
+Oi8vcm9vdGNhMjAwOS1vY3NwMy5lLXN6aWduby5odTA8BggrBgEFBQcwAoYwaHR0
+cDovL3Jvb3RjYTIwMDktY2ExLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3J0MDwG
+CCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAwOS1jYTIuZS1zemlnbm8uaHUvcm9v
+dGNhMjAwOS5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2EyMDA5LWNhMy5l
+LXN6aWduby5odS9yb290Y2EyMDA5LmNydDANBgkqhkiG9w0BAQsFAAOCAQEAvLnM
+FIqdEbM2J1zfO/XaXJxjY7Uzg1QPfXdazoaOnDvx9rSc/QTALWDunn0ONN+E1gFA
+TfOlf437efEcYxY/kncwuXH5NrfhFAS7xRIjJ2lHJGa0VO7v1R7bDyA6pIOnnCdt
+fUCzcTaZ5g0tTFjZMaLhUgk/VsilspMDmPVFtfNlwCiIprmMfit7M2mcTpW9MB3H
+KJgpCwtYDtCkhr22UIqBPw2w5ykapFOuk+KYUXpMbfREvCjMEag/fi5lWVyGBcK6
+1M7iTYBs2JUbygkI+JprYOIhIZjcHUeSxo7Bp2GFv1vUUuCYA8eTfN9C0Dux5oXB
+vnFB3RZCsrE6epGuKQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHuDCCBaCgAwIBAgIPWyQANk6dlfPocBGKvX0JMA0GCSqGSIb3DQEBCwUAMEkx
+CzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxIzAhBgNVBAMTGlN3
+aXNzU2lnbiBQbGF0aW51bSBDQSAtIEcyMB4XDTE2MDkxMzA4NTE0MloXDTMxMDkx
+MDA4NTE0MlowVzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEx
+MC8GA1UEAxMoU3dpc3NTaWduIFF1YWxpZmllZCBQbGF0aW51bSBDQSBHMjIgMTYt
+MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKSt5TJWWDUKMIDdWaDS
+oATM+McP6v6FJ7UdtgZjdRCXRnQ8X7WxA66WIeHCn4Wiysf/Nbx7EYVwVKHchmlR
+xDqjfWkDtMWNb+pGV+FEgVZMTHejaMmJlzlLbvE1F7eIcTDhvSwaJAnfIfp95cLp
+IEZ6AYt6EKuvt9PaT5W+8vKZHNwHMA5kJ+N9O4QZgLqXho+pWtQx1n+D+ka2lDop
+eOpOxw/lCO+K3egVkeQ8xzAC9gmcCH7YHfd02nrYNqY6kp/k641rkFGnhAx7jz+y
+1M14Drs8YP7GTgTG7r3D+5oZnSX/qOyK/aQ4wBaenIfgC1bjvSV8NStFpYM76SiP
+xRECAwEAAaOCA40wggOJMEUGA1UdEgQ+MDykOjA4MQswCQYDVQQGEwJDSDEpMCcG
+A1UEChMgWmVydEVTIFJlY29nbml0aW9uIEJvZHk6IEtQTUcgQUcwDgYDVR0PAQH/
+BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFF0z8lExm+OK0Fjr
+t6nSi0sUAV8EMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0ZdHelarp35zMMIH/BgNV
+HR8EgfcwgfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dpc3NzaWduLm5ldC81MEFGQ0Mw
+Nzg3MTU0NzZGMzhDNUI0NjVEMURFOTVBQUU5REY5Q0NDMIGooIGloIGihoGfbGRh
+cDovL2RpcmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NOPTUwQUZDQzA3ODcxNTQ3NkYz
+OEM1QjQ2NUQxREU5NUFBRTlERjlDQ0MlMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2Vy
+dGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3Ry
+aWJ1dGlvblBvaW50MIHgBgNVHSAEgdgwgdUwgdIGBFUdIAAwgckwSQYIKwYBBQUH
+AgEWPWh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vU3dpc3NTaWduLVBs
+YXRpbnVtLUNQLUNQUy5wZGYwfAYIKwYBBQUHAgIwcBpuVGhpcyBpcyBhIGNlcnRp
+ZmljYXRpb24gYXV0aG9yaXR5IHRoYXQgaXNzdWVzIHF1YWxpZmllZCBjZXJ0aWZp
+Y2F0ZXMgYWNjb3JkaW5nIHRvIFN3aXNzIGRpZ2l0YWwgc2lnbmF0dXJlIGxhdy4w
+gdIGCCsGAQUFBwEBBIHFMIHCMGQGCCsGAQUFBzAChlhodHRwOi8vc3dpc3NzaWdu
+Lm5ldC9jZ2ktYmluL2F1dGhvcml0eS9kb3dubG9hZC81MEFGQ0MwNzg3MTU0NzZG
+MzhDNUI0NjVEMURFOTVBQUU5REY5Q0NDMFoGCCsGAQUFBzABhk5odHRwOi8vcGxh
+dGludW0tZzIub2NzcC5zd2lzc3NpZ24ubmV0LzUwQUZDQzA3ODcxNTQ3NkYzOEM1
+QjQ2NUQxREU5NUFBRTlERjlDQ0MwIgYIKwYBBQUHAQMEFjAUMAgGBgQAjkYBATAI
+BgYEAI5GAQQwDQYJKoZIhvcNAQELBQADggIBAJ3CXiaHty0ED3Qod7ELia8RSkGK
++Z59rcZLI0eNLjJ1AJriZkQJDByq0BaIiwgXLSBWEQoBEZppP3E99suJqLnSU4Bl
+9Zzhb66NwudQImPxPZYEfmHT4WGqU8kMENH0X5KaHZ1RlmxRZto4TnVl5O2BaOAJ
+Jpy2zOZTkEa5i01gWJ1ypfhSidcXUNeIyVNyqAbYN9dXoEtBGJdGp1E4qaGk1lsA
+CVTSBsnI1qLKyZhElMMcBSeJ7GHR91Yz2Exi2QF9Z/cAmkuOSVuXtybSmMqFBTj4
+w+LbeZndaQYL3hXM/57Th89KLhJXUM3hiBoDltPrv612TJ6iyzs/vB4eP/5m6d9y
+2+3RrrpK0NNmpYXARWSjBKmMn8JEH5ZInhzfwZdhYE/4rXjhzql2eRTCBz3J4QHP
+2V9D3MAZTpPgaTC52P0VIgqfyzo4kw2Fn8cq9b4dWGrBxsIj2HEGUkeFNrnjeIL2
+9bMEyXbng0SQerMn3BWWLisdMK4b2ElvU+uHEELld2ks4dk1mlBv5AbQRs0neu65
+ixo01Wg/3/6zRfJ0ald12oDuxtv/FLLVnFiFPun64iK6bb5wp5W40tf7lRfVEzRB
+t6++DTATVizjPtXR2Y3DnsAX6NvL92de+xTdkVHKI0AH2+avHsnK2YObwXNn8aKZ
+fw2GiyZrmnswI4+i
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqTCCA5GgAwIBAgIQA3lT8810fj7nG3NAfz6FVTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNjA5MjAxMjA4MDJaFw0yNjA5MjAxMjA4MDJaMGIxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xITAfBgNVBAMTGERpZ2lDZXJ0IFNIQS0yIFJBRElVUyBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBANHdTmgMpxz5oYGoSO5gEC2m/ThfHFaNTxhj
+wTk0m1Ykr+3Pi+rB8IpHuQFRc7/BetUXi5vvWjcoTzEYm8++WQbl5flsLVrxQpZO
+f09E3VPhlc6Lwfq+8znkCyktPUCRdIhVPjcYWHPafFMTQXyiJQ/du1dIF4qceK4F
+cI3R0L7Q+JEuuqHScL0LCst3TcPJ7Ul5AEBduGyY2ZUMkHg7j1Niy80j8gKL2jc9
+SeFuxl0Yw1Yl89KkFy8Mag9V4/ZNZ6k4KK+Yne+k2nUyn1C57osF3E9g2ZlTtZV5
+l+Rrdx3EYOko5OLbovpQr1qJWl5hQ7sMp0Dnp/s28WuQvllRp6sCAwEAAaOCAVow
+ggFWMB0GA1UdDgQWBBRM/LeIQVn0ZsmFwVPbYAP/syZtqjAfBgNVHSMEGDAWgBQD
+3lA1VtFMu2bwo+IbG8OXsj3RVTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB
+/wQEAwIBhjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw
+LmRpZ2ljZXJ0LmNvbTB7BgNVHR8EdDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdp
+Y2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMDegNaAzhjFodHRwOi8v
+Y3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMD0GA1Ud
+IAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2Vy
+dC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQCBgljwkhevsU7wZ5JdPSiZJ0iw
+bSGgYu6Kl+gp4qf8ZSIpqpTBpksrAW440eHGtYWvI5fat+/UgGVhM4NkUlSJC80x
+KkJIcV2xVtl/75ecVc7PDWWhR95dGZaOVcMbHuK2U8X0YSuHBsnV1LnVkWQ3RoFQ
+da2XM/bkjrlP3ZJBAR/nYMHXesFFThMt2ijR616xBPj+ZEQSj3Xa9YsOtHaZ3zaI
+lBoQalgK4h+hyL70sAQGHChyhd0wfRE0qoa5FN5ZuEbTNNyTyFbyNElOHKFdHWG1
+98l++MBrH+koUffNMOl3D6NvlA4u24GkPb141+qRBykLfueB4px8jpm+fpSa
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIEYTCCA0mgAwIBAgIOSKQC3SeSDaIINJ3RmXswDQYJKoZIhvcNAQELBQAwTDEg
@@ -5635,29 +12989,292 @@ L2xk4DmjA4K6iPI+1+qMhyrkUM/2ZEdA8ldqwl8nQDkKS7vq6sUZ5LPVdfpxJZZu
 abvp10ZlOtfu8hL5gCXcxnwGxzSb
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
-MIIESzCCAzOgAwIBAgIOSMqBefg+ikLz9c3isT8wDQYJKoZIhvcNAQELBQAwTDEg
+MIIFzjCCBLagAwIBAgIGSUEs5ABFMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTYwOTI4MTcyODMzWhcNMjgwNzA3MTcyODMzWjBc
+MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
+Q0sgTHRkLjEjMCEGA1UEAwwaTkVUTE9DSyBUcnVzdCBRdWFsaWZpZWQgQ0EwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo0wKRbbCHmWOD64vZj7wvwlmI
++6KwJNmA8xDjdgVbvlPzj/paQLT46a+x4tQ/ZvbQn7zqdtim7Q7cxoAPEAX2kVra
+Y4HKiLhi0FA03AuAFeSUkK6Lg6sESpPnfcZ6LTMoRyKYodpFcQqkbUDFFfLoV701
+ICy+cjXKnWpb8J3vYaOw5LJ1UOPTybd3vlDXQzQPhrpV1+Or+NEuJ/yaLegPeqoJ
+4nK7zE5/Ln1wk+wfqiyzrPaWmUh+stKRqxW4hiHk1BX9M8yeHLAzOVtzvg0GfHYR
+wWF+pa3FtyGHGJ/ookvZn/cN3e92RLHXFoQU7f1dCswLZv83QQAmomQgKfhHAgMA
+8wGjggJIMIICRDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAfBgNV
+HSMEGDAWgBTM+meT8La40KXAHvNT/YxT34PXljAdBgNVHQ4EFgQUUjpVthlqi3Ny
+xV08C2CHlFDwbOcwggE+BggrBgEFBQcBAQSCATAwggEsMCwGCCsGAQUFBzABhiBo
+dHRwOi8vb2NzcDEubmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYgaHR0
+cDovL29jc3AyLm5ldGxvY2suaHUvZ29sZC5jZ2kwLAYIKwYBBQUHMAGGIGh0dHA6
+Ly9vY3NwMy5uZXRsb2NrLmh1L2dvbGQuY2dpMDQGCCsGAQUFBzAChihodHRwOi8v
+YWlhMS5uZXRsb2NrLmh1L2luZGV4LmNnaT9jYT1nb2xkMDQGCCsGAQUFBzAChiho
+dHRwOi8vYWlhMi5uZXRsb2NrLmh1L2luZGV4LmNnaT9jYT1nb2xkMDQGCCsGAQUF
+BzAChihodHRwOi8vYWlhMy5uZXRsb2NrLmh1L2luZGV4LmNnaT9jYT1nb2xkMIGe
+BgNVHR8EgZYwgZMwL6AtoCuGKWh0dHA6Ly9jcmwxLm5ldGxvY2suaHUvaW5kZXgu
+Y2dpP2NybD1nb2xkMC+gLaArhilodHRwOi8vY3JsMi5uZXRsb2NrLmh1L2luZGV4
+LmNnaT9jcmw9Z29sZDAvoC2gK4YpaHR0cDovL2NybDMubmV0bG9jay5odS9pbmRl
+eC5jZ2k/Y3JsPWdvbGQwDQYJKoZIhvcNAQELBQADggEBAAZKg60kuK/y8TGXo/gk
+ZAwVIQFPhD+3TLmXjKtde3y5VwloBilf9OuA+pUznUHj2pZ23w7HyRiPp8FNOX7Z
+VBq+4S9me0kaZ+JWEOmStJDa5HuwqitVFUFAcR+HJvMncFccEFIVYzSzNLJWADKn
+ibmou3xO8C7b+6cmvYg/osVWLx1uVI2XPm/ij/Ndp5PaV2kqLkb09f7WMgsIat34
+ISb9DchEZ7k2tYVoS+fpz2+8pvlDn6LM3mRfI0wxg9wikqzERsx5GOYRyfyUdU1q
+0Axh0CRC++6mSmjIOomBK235tdHBtHh3+3J8A1OFLruRoNZA2atJZADy/1yURQRK
+S/8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0zCCBLugAwIBAgIGSUEs5ABHMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTYwOTI4MTczMDE3WhcNMjgwNzA3MTczMDE3WjBh
+MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
+Q0sgTHRkLjEoMCYGA1UEAwwfTkVUTE9DSyBUcnVzdCBRdWFsaWZpZWQgUVNDRCBD
+QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANIrMYoNSqTKcqIoE0iv
+jTOCCiX1LLubuqbcVUpof19DWJOFitkBC6AWaPT3aiEkvuytUxT83hDlEKKIsPqQ
+nWAouzIY4XoWYrWfXpYoE1j+Dh2LsyCrGZN4bh7f+SI3sL0s3lOMNZ6VDTrGLl4e
+SW0U8aPUStbs2l5n/ixl8pIXDCsbU2lxkpWNdHMTHsk0HFtJeWm2BB0DyAQxd6c/
+bkfoMx0Jh79hdN05sJknI/ACn+AKlYWpyUIGlTn6wmN0SmDjSrW+4+UM7EblWoHn
+IqoEaynRoKYRCoLMShTGB4BcWM584IKipz+zKsxtGLXrNV5/CjKw1YlmXQmA1CDb
+fOsCAwCVcaOCAkgwggJEMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG
+MB8GA1UdIwQYMBaAFMz6Z5PwtrjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBRFmGyZ
+hpWmCCttZah4YKY+iMLkgTCCAT4GCCsGAQUFBwEBBIIBMDCCASwwLAYIKwYBBQUH
+MAGGIGh0dHA6Ly9vY3NwMS5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzAB
+hiBodHRwOi8vb2NzcDIubmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYg
+aHR0cDovL29jc3AzLm5ldGxvY2suaHUvZ29sZC5jZ2kwNAYIKwYBBQUHMAKGKGh0
+dHA6Ly9haWExLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUH
+MAKGKGh0dHA6Ly9haWEyLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYI
+KwYBBQUHMAKGKGh0dHA6Ly9haWEzLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdv
+bGQwgZ4GA1UdHwSBljCBkzAvoC2gK4YpaHR0cDovL2NybDEubmV0bG9jay5odS9p
+bmRleC5jZ2k/Y3JsPWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwyLm5ldGxvY2suaHUv
+aW5kZXguY2dpP2NybD1nb2xkMC+gLaArhilodHRwOi8vY3JsMy5uZXRsb2NrLmh1
+L2luZGV4LmNnaT9jcmw9Z29sZDANBgkqhkiG9w0BAQsFAAOCAQEAKYfSeD3HDwyt
+TqaQgWGeF1NFoQ1UI2+AN8oeI7bppkTjD/pbstOhmGtfpfi12BViMVRPNGqtp68E
+VX56GLvnQPj9n3+ofP2EJVP87HczLgx6FLn4AjwJjjilOBkJYaFqfbvbQzodQ3dh
+2hK6GOg032D2nxQXZHFBr9F0As4Ot3O1DVeu1x/MF7b1wmj5KjWw0F0oZfJs3GCH
+VWIc4RZ6QjH08aTjl4o5ci27G06iqmrahdli8f/PU9+49lLXH/VmwjY8wUmemXnf
+VzI2xN3LaC+fOljD3yKCy3u+NkDQ0YNY1U+FGfMTsJL4xyUF4YT6jy8RM15SAkbH
+qXkpkdoOkg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0jCCBLqgAwIBAgIGSUEs5ABJMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQG
+EwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3
+MDUGA1UECwwuVGFuw7pzw610dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBBcmFueSAoQ2xhc3MgR29sZCkgRsWR
+dGFuw7pzw610dsOhbnkwHhcNMTYwOTI4MTczNzM0WhcNMjgwNzA3MTczNzM0WjBg
+MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5FVExP
+Q0sgTHRkLjEnMCUGA1UEAwweTkVUTE9DSyBUcnVzdCBRdWFsaWZpZWQgU0NEIENB
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznScZXd2hQbasNu4mNuW
+NQebFapwA05KYkVrZUzqN9rpnFc4BkYkQQ54dhuWAry4fLP91GP7CZ4u98VJZBv3
+MRDshew1iXZ7XvOYA/MUqO8rory+2akWY4pVJgzyNEH1vW1Bw5g6dCS8hNzEUfDe
+EE+AjbQdK92+6B076Nax0PZVXrw+5Cuw6uZC5mAdUCyEvih07alv3ZDPC6RYnZlz
+X343VhV6BYPKTWcTCRHvl8QAxkLv8wlMnGLB6ghMnh/Bv658ls2RKmywtKv1BX0c
+EqAkKr9zxr/q8vaVGyXKggnYqMU7CmUp230BxzeuvrSrR75Em/rGaj9nYJ/XM7cD
+4wIDAK4No4ICSDCCAkQwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYw
+HwYDVR0jBBgwFoAUzPpnk/C2uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFFR+7KQe
+GFu717N5g/T712e7KZX8MIIBPgYIKwYBBQUHAQEEggEwMIIBLDAsBggrBgEFBQcw
+AYYgaHR0cDovL29jc3AxLm5ldGxvY2suaHUvZ29sZC5jZ2kwLAYIKwYBBQUHMAGG
+IGh0dHA6Ly9vY3NwMi5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBo
+dHRwOi8vb2NzcDMubmV0bG9jay5odS9nb2xkLmNnaTA0BggrBgEFBQcwAoYoaHR0
+cDovL2FpYTEubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEFBQcw
+AoYoaHR0cDovL2FpYTIubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0Bggr
+BgEFBQcwAoYoaHR0cDovL2FpYTMubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29s
+ZDCBngYDVR0fBIGWMIGTMC+gLaArhilodHRwOi8vY3JsMS5uZXRsb2NrLmh1L2lu
+ZGV4LmNnaT9jcmw9Z29sZDAvoC2gK4YpaHR0cDovL2NybDIubmV0bG9jay5odS9p
+bmRleC5jZ2k/Y3JsPWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwzLm5ldGxvY2suaHUv
+aW5kZXguY2dpP2NybD1nb2xkMA0GCSqGSIb3DQEBCwUAA4IBAQC14xxjVyoKWGUZ
+PfdVrmeCOpc4INeN5NeIahHmYXTYUWbkWIN4LNUiEQXtTcUhRZddSifG4MGJHCMl
+m2YTaL879IMsj2NOouwEDO+CKKh/6/UrbLxmzWeBHVMn/GJaKpv9rQgMyj1pG9iH
+1iy34BZG5TZ2zE/qSgG2SQ8IT6UtYLFCg4PpH6MOiGX/XSWI3K2wH5Kvuvyewt4e
+E7Y9qbhQM2X5KdLlGIh43hw/unao2kdKAcfLYzXCPbKSwgqeh7kXNTtaaYg4Uk8E
+zGfoYEy7dLypUTjItRr6nJoaB9ZGgKx3I6lNym1oNffxhXXdIq+dRE4k+IRUvYLM
+eY02/X1L
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGVTCCBD2gAwIBAgIIW0naHidw4rowDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
+BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
+MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290
+IENBMB4XDTE2MTAwNjA3NTUyOVoXDTMwMDkyMjExMjIwMlowgZAxCzAJBgNVBAYT
+AklUMRAwDgYDVQQIDAdCZXJnYW1vMRkwFwYDVQQHDBBQb250ZSBTYW4gUGlldHJv
+MSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEvMC0GA1UEAwwm
+QWN0YWxpcyBEb21haW4gVmFsaWRhdGlvbiBTZXJ2ZXIgQ0EgRzEwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlkElR2SqCmSVd56Wxsbd5JpuuZa/kBlHK
+gFHUYgrW2s+2STvJbGrlZ+mu4TxkBsgYBOWHOfRf0UzGItofDhknUR/mxLQBEIYx
+9GM0lCQrddJ7eOHsg4tu/2u8RajzSArGgHm4OYKvIrZv0aXpHE2LD8xl+UC0SODI
+DxHxkKLTztZECnPJ/IW02r1fAkxtZREARILMnbq3/PUorCA38pZMMp2oX3K/hNT+
+y6KR1bWakSh39hLefJtFs+w8mhHNynO7Gqsvk77j10aNAEeXz8UCvj5ytGRV2kIu
+sjItkmbvbLi7e7PA7Q9eSvgIwKj2wN0KXrwMHbJ1ujfLB+M2bG9zAgMBAAGjggHV
+MIIB0TBBBggrBgEFBQcBAQQ1MDMwMQYIKwYBBQUHMAGGJWh0dHA6Ly9vY3NwMDUu
+YWN0YWxpcy5pdC9WQS9BVVRILVJPT1QwHQYDVR0OBBYEFBtCf1xFfv9+Hh5BnPOt
+rjXGZevFMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbtifN7
+OHCUyQICNtAwRQYDVR0gBD4wPDA6BgRVHSAAMDIwMAYIKwYBBQUHAgEWJGh0dHBz
+Oi8vd3d3LmFjdGFsaXMuaXQvYXJlYS1kb3dubG9hZDCB4wYDVR0fBIHbMIHYMIGW
+oIGToIGQhoGNbGRhcDovL2xkYXAwNS5hY3RhbGlzLml0L2NuJTNkQWN0YWxpcyUy
+MEF1dGhlbnRpY2F0aW9uJTIwUm9vdCUyMENBLG8lM2RBY3RhbGlzJTIwUy5wLkEu
+JTJmMDMzNTg1MjA5NjcsYyUzZElUP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q7
+YmluYXJ5MD2gO6A5hjdodHRwOi8vY3JsMDUuYWN0YWxpcy5pdC9SZXBvc2l0b3J5
+L0FVVEgtUk9PVC9nZXRMYXN0Q1JMMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0B
+AQsFAAOCAgEAUx5FiRZr/apzRYJXmvDAg3R8+m3kZsA+uw6YVfc3ecAg6yxCpOiE
+GDY4nsVLaWkU/3tjB/JZzBvA4b3e+yskqcawGWpumK47MIJWPiE5PvWSYBpAcyJ2
+wn9R8sGo9dmiemq3PVH8YRBYiWXmcF4hX/qtRgCY5AAXN/CCKYeeWnRDRS7w1csv
+K4viW9ZH2gEqhZ9AHrwXlGUh3dVOeLu81ac70kqfjnl7dn0bFQaKWhj2s+PItoBs
+S9f+FeS+eivTL4J70hLIyg5hCF7/OLAQc+k1re+WpnLtJ+p1S8CnqBm9IYZmOFlE
+zLUYj3JV+zzdmwdZZhV+VS+cjlsoHgscwpX59xXs64NsXicmGDHxEgKp+S7SXMrP
+MVk69msokKAhC/x9VYosmyqogG3SKm6n4lK5Xtvy/Za0gME8uyBGcxGpCo/Q3YSK
+eN9YwwajGn9F5n+djPLV/Lcq16K0FvGsPPK2REFxDD9jraX8dis2iEW/iNoVeJWC
+XeY8gSgqWXbW1aEhlWIiaF8KYnOaxiZ0oYS5sT/isDRKVx+h82GyvcXMR+HxP6AD
+94Zsn0w3YbapRJFtErsJ094QEN0QgkJR+edyPgUeMyKtUY7XfsF2lAvQFNPOrQ5E
+pzdCnp1mL3I1P6Ct17Nxxe84l2mo62EU5BYpAwQa9Yk2RcuO4gNkOSY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEhDCCA2ygAwIBAgIOSMqBesbcf1a2gLtDNiUwDQYJKoZIhvcNAQELBQAwTDEg
 MB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2Jh
-bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTYxMDE0MDAwMDAwWhcNMjQw
-MjIwMTAwMDAwWjBMMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
-di1zYTEiMCAGA1UEAxMZQWxwaGFTU0wgQ0EgLSBTSEEyNTYgLSBHMjCCASIwDQYJ
-KoZIhvcNAQEBBQADggEPADCCAQoCggEBANoB7OTsc2D7fo9qt8YX45JkMtSsANmi
-D7nt7muKhsqSZ9l0111HAjyPQNaebRTNw9opOacPBQpoomYaHsSyi3ZY5atdHY9A
-szmL7x6DfSLQ46kALuxTz2IZhUQoTMAny3sO7BBkABCkBcygcr5BbDFbSOSx7Lkj
-61VN0H1iSqW0paRZhcUlkab+pgmfBhBtj4EMZEBecwCa4C5lmFQQAHCYyOHtNF/Y
-nMcNwNYjWUX8/lV6hu6UYCLxrtHmVUb2mcUbCHRfrLBkhI+JOByhp5AhTwJuveBh
-Z9T4QocPCvfJBG0qqS/vQqXf3aNT25gegfmacnta3k8+f6JYoOIXrWcCAwEAAaOC
-ASkwggElMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
-DgQWBBT1zdU8CFD5ak86t5faVoPmadJo9zAfBgNVHSMEGDAWgBSP8Et/qC5FJK5N
-UPpjmove4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0dHA6Ly9v
-Y3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjMwNgYDVR0fBC8wLTAroCmgJ4YlaHR0
-cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBHBgNVHSAEQDA+MDwG
-BFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20v
-cmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAFsnfA30jsQHf3U8XxeJUHhV
-EpESFSNyt7yf/zboXTvy7RG7hgFugyWfcS4WIhHIy9yYoTfSuFCj73Clc6x62EP7
-5ros/YN38Q7zjaJKdSdJJ5+9Kq4fFQ5itED807y5maAzrMG4indOACzP9swinQ7C
-daRO4z00bN2CKgJd4S0wQ6hQYqodPYLoRVZI2yqAxNGBI0DozuwiIQpYLPMk/Rza
-vArdFMtyyKsWVCgQnRBCIS7AXUHHQcCasd5fg3WhZSLJRInEXALy4k5bGxjtNeby
-CV/akHyNQxN+Lw3E4hxAT4wK0emK+UOQP3RbzWnljGbrVy56GKcQupSlAkclrDo=
+bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTYxMDE0MDAwMDAwWhcNMjUw
+ODE5MDAwMDAwWjBXMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEtMCsGA1UEAxMkR2xvYmFsU2lnbiBDbG91ZFNTTCBDQSAtIFNIQTI1NiAt
+IEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8B14TKY5dmuhHyN
+6CNfRpVbTKIlcNeQBIWAybX0imVNksulxEKgtnklMe3xhSDNE1E9Z6yXTWibM4Zc
+s3stqt93oGHR9Tz7mvzT1ZTKyR6AG5CQyKyN9mAXnDG4xWGi4m5XJQhvJJmZz5S/
+x4trsB/KFPoYm2wQfJkr2kpj5bJOwv0+EAtI9HcLL/CWSzruvTXehY3aEw7OAcRx
+09N3xQimYDklpydpXIPRb3Z47sVEW0W9KTvixgkPor4r3ONc2lpvjufJB2t+ocBT
+lYKJ4Hhccqhsvmdrq+cz2Yfy+Fwn9PYqO4fv2sJH2r+s6ydke0xT6zThL5sgTVQS
+a30ovQIDAQABo4IBVzCCAVMwDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSp
+K4fhziRHOxu/z4U3AlWdDZRY5jAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove
+4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5n
+bG9iYWxzaWduLmNvbS9yb290cjMwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2Ny
+bC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBWBgNVHSAETzBNMAsGCSsGAQQB
+oDIBFDA+BgZngQwBAgIwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFs
+c2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAEfBQv988oIO
+c41SQdlhXTaW7haaTzLrypxvjCKXc+m5Vwp6LzbZTrqYxf5aJkbOKtetCOv9H4JG
+AGkfaluwtI5zQC28JMVxHG/XtUDxaIT7ACyGloa6begkWi59pavkjI4ZSUmq1Uqq
+YImx3YX+jGdwtdR0QcopvKzto7Ywcu7m7SgYmJQzrRZoZepKzG2uBURya9WqCxfg
+U53N/sXVM1L7p8SoLESDtAnFbg+fEqQnCzFDPoozoEtNiM5GF8W/mx0pVy6JUPk1
+CItc+0EnTdPoJQX6nq4wIrrgFYlXGeGxuC0VNoTdIiAILA3LulfBhhKDUzGj2BJf
+jRml/QCDUB0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGxzCCBK+gAwIBAgIQfcTKHu/M2eXO+lUrqJeIezANBgkqhkiG9w0BAQwFADBu
+MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDEWMBQGA1UEBxMN
+SGVlcmh1Z293YWFyZDEVMBMGA1UEChMMRW5zdXJlZCBCLlYuMRgwFgYDVQQDEw9F
+bnN1cmVkIFJvb3QgQ0EwHhcNMTYxMDI1MDAwMDAwWhcNMzExMDI0MjM1OTU5WjB6
+MQswCQYDVQQGEwJOTDEWMBQGA1UECBMNTm9vcmQtSG9sbGFuZDEWMBQGA1UEBxMN
+SGVlcmh1Z293YWFyZDEVMBMGA1UEChMMRW5zdXJlZCBCLlYuMSQwIgYDVQQDExtF
+bnN1cmVkIERvY3VtZW50IFNpZ25pbmcgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQDhcstW78TigQeMEoIeJiCO9i/5FBnCIvbmhXnFZHq4swmEEX/U
+ZumJCR7gzGiX3fTZcrgEp9sKSjEh07uqUoQLwQerfWEsA6yTx8sjd5Vh090DaAB6
+/0Mp5FLHXs9IUVaxt4KNUc5JY/YGOGRKivnotyJGWe/WM2sgHuVBZVXQgBzNKhiF
+5030Hf5VH/zDHeriNKqA8fVnU5jBsyGwb7hgo0hsQ7ZTMsuXc8L3jbHx6r2FifOt
+DeMOUWFF0C2ejfpKiXAxKratrgxy2jsL3HMcAcOAgE1dUjmQC2YLTp9BCCTPI1gm
+n2m8Szqxtex8m+b4EZx+cG7rSe9hs7qoJvpMDzFhZlHr2NZCLwlzCqsfVecVLMld
+8TARV0UoQOdcktPKlH9dhqbedQWgVR0hNBfKCYrVq5kTQcIntgSQ83/p1pGGjf7v
+4JOz8l1FX08g9uYusKWUP2SSTcVshv4XyFNQsUD4XnJTgBMDvaDS4asDFu/ub2Lc
+AfljZ7iW6fm8WjiMKFHBMGtM/YJHLub3LMKdjtO3V8v77KcLws6AYk1/Q7yfOSkZ
+fi3isDJBZhbLTTnvoKR4OL+oTGc+KjKKVeID3Spy2YbnIDTL8d/8uObvUfus7ubR
+DsaDyq1kQlQBvtNbN3O0DrmfM1olNVWbXnz+uxyn2IFYqq2BVD1rP3y+cwIDAQAB
+o4IBUzCCAU8wHwYDVR0jBBgwFoAUiNSY6vpmUPiThd9gS5f+L6kw3VAwHQYDVR0O
+BBYEFMoJHMMqhSWNWr8uD5aAfUz9zB9SMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMCAGA1UdJQQZMBcGCSqGSIb3LwEBBQYKKwYBBAGCNwoDDDAX
+BgNVHSAEEDAOMAwGCisGAQQBgt0mAgEwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDov
+L2NybC5lbnN1cmVkY2EuY29tL0Vuc3VyZWRSb290Q0FfMi5jcmwwbwYIKwYBBQUH
+AQEEYzBhMDgGCCsGAQUFBzAChixodHRwOi8vY3J0LmVuc3VyZWRjYS5jb20vRW5z
+dXJlZFJvb3RDQV8zLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AuZW5zdXJl
+ZGNhLmNvbTANBgkqhkiG9w0BAQwFAAOCAgEATasrJezt7zsSfykKLX7B/cBRBgDs
+4jMD7qY8ZzbBW5V3ZGZpoRvyEqQvu5sJ4IZpzRITHS4pvmj1a2j5cfJ9z0p0izzl
+WorQQIzMQYHYDkdtT/BVVD22Dyr8pVz2VAqb/5bBOvr2ydLiTX1Ut6DVjtZ0Snib
+M+uk1Xl8vVUYsur4BMYHn6//1JODaPItpznBipI0SmOGrgJyVlN5KLB3Lf9k8P1+
+RhjJ/Wd7WqplfON2nyoJmhkb+6+gS4yOz76HNtf4aXIhy7FG2oHQy95CbnYZYL4f
+GNfYiRpeO5BMeFbD2SVHBCCixfS0DAXRCRW/Y0X7xOoY/kz4VNdFLdnxEoieYlne
+COegOBbrskw4UXWNc2Xu/oHOnQcA+iQyiJ96q3htYesy1cD6rmRGciP/lKwxXc7y
+wq6W1LQvVPn303GwWUeehw2JJlMsW4CoXZo1/VYpg4UuVyEi/Nt95A01bGGPVJc/
+N6tCTs2jT8CamXuNuoVi8lygoPgwGvWYJoA4XmKjc7coZuHGOAo/L0fsBow1SfH/
+YhlDez+QahiUF8+52shUSwlkCZA/4/cIeSu5710hh9n1hlCRIPPgRLcV38QOoJA3
+U6X4g2kHJBDE6UWLwC8kauk9IrvuCPkDTRStVTT17y8H6UWSeKvpIWVuUA14DZwJ
+M+6F9F69PMpdeAs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHSTCCBTGgAwIBAgIIJKeitiD5A+MwDQYJKoZIhvcNAQELBQAwaTELMAkGA1UE
+BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE6MDgGA1UEAwwx
+U3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFBlcnNvb24gQ0EgLSBH
+MzAeFw0xNjExMDMxMjM5NDFaFw0yODExMTIwMDAwMDBaMIGDMQswCQYDVQQGEwJO
+TDEgMB4GA1UECgwXUXVvVmFkaXMgVHJ1c3RsaW5rIEIuVi4xFzAVBgNVBGEMDk5U
+Uk5MLTMwMjM3NDU5MTkwNwYDVQQDDDBRdW9WYWRpcyBQS0lvdmVyaGVpZCBPcmdh
+bmlzYXRpZSBQZXJzb29uIENBIC0gRzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
+ggIKAoICAQC/WmIMjjnDP86Vbq0B8wyr4/EfZZETCUlGEbo8b898pUDjEplrNN89
+vkv6iFfywtmojbN18D+oXC/uiSSdQzczBgMDsTv5w5oI/uKuaSR45m6r35tsDRQt
+JEqRyYAG+kvOrKxbjLdZiVgSm2QEKsAXXzuFQph/SWB/t57mBqrZEPyd0/Rm27vq
+YUPskzJlYT0fyI2W1gbLXTluHu3/BrkZlzIoWr1+msqcTJLcrYiFtMRnoObzGgNz
+6noM4JzU/wP+3jztu+2RTOXR8QXUmFBIDqyuDkhnt5ZwiApnslEBTZcGeX9rHZs6
+fDIo4MxjeuoNtrde4hGbOx4F8tBPeFmhrH0GZtNCAFprsRDHFRYd3XDrCOdLXLab
+fovNwDtkHtbvxNboBQb4kU/29floR5Q4Jm/k+T/ZX8O6PYAkjBnLxCoP2aM8c4/E
+kAO/ao6323MVKe5KOEXcYzxHg6gCXzoWDkK7wpAJ4hMSj0GaTmBmbrvhtrcJLmRu
+72EUqSzPM1cOO+ujq2xJPMuj7ppXGBDZXVuXWaUxnHvuxb7OHDz6jk7yTYlTu1zj
+WK5itTu9DCPzz3Xh1mHOfIdYfY/I/dN2lZPif+yfWhUvU8Kxi1otQW7eG+rT2CBx
+6RZT7BQ4S2O+ooQy7U7E8PZltj9m60taBA6iijDbwoaZWkE0i94YpwIDAQABo4IB
+2DCCAdQwVQYIKwYBBQUHAQEESTBHMEUGCCsGAQUFBzAChjlodHRwOi8vY2VydC5w
+a2lvdmVyaGVpZC5ubC9Eb21PcmdhbmlzYXRpZVBlcnNvb25DQS1HMy5jZXIwHQYD
+VR0OBBYEFFGoa/eCJJToi6O2KTuOtrKdKPmLMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HwYDVR0jBBgwFoAU7qxtQOrVBGqHLFV79T8t2u7brOIwJQYIKwYBBQUHAQMEGTAX
+MBUGCCsGAQUFBwsCMAkGBwQAi+xJAQIwXQYDVR0gBFYwVDAMBgpghBABh2sBAgUB
+MAwGCmCEEAGHawECBQIwNgYKYIQQAYdrAQIFAzAoMCYGCCsGAQUFBwIBFhpodHRw
+czovL2Nwcy5wa2lvdmVyaGVpZC5ubDBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8v
+Y3JsLnBraW92ZXJoZWlkLm5sL0RvbU9yZ2FuaXNhdGllUGVyc29vbkxhdGVzdENS
+TC1HMy5jcmwwDgYDVR0PAQH/BAQDAgEGMD8GA1UdJQQ4MDYGCCsGAQUFBwMCBggr
+BgEFBQcDBAYKKwYBBAGCNwoDDAYKKwYBBAGCNwoDBAYIKwYBBQUHAwkwDQYJKoZI
+hvcNAQELBQADggIBAJSe1OBYX+B28BEY5FIBufwGhbIuBBpKl5DL2WufIlWWqcQE
+651unVsEWaWpcSEtbBGYOssjFtSfAg92lLnBk5xUk6QzxWQTz81vHepmieOVW2Kg
+tr7ZfQxszIyM27ow2WBcP3tWQKpJHf1/YPshM7j3ioTYRO3pPTF2f7uhT8Tr2jAI
+rkpg0PG0WZKexZ6tJrwDDYJCfLY7LGYiNjjpi6S4w+SB8mwUETrqVvjbwRREPN2V
+IG7ZS6+YAN9WV7nJfJ+NQI8vM0gxjf9+/2sd+bfG6Kv/a6eiSqGaSuITx1EVW3/6
+zPHuV9Rh9kXBdewE0T+pzT6XSKlHV9SZt1Oh9YQLg8qkp70gs3spBKzO5cPHdiqc
+eGEzyY+gff3QBM9Q4QZ9gFtMaKS+i7gpTbJJlk0sFdh92NK7LkmW28L6qGlGbI+p
+6KyIuTnl9ZSLiAEmHqlM7xO/uSRYHkvbdA7CpEC1CIuhUbDTGUsiS7s1Q/bQJKh7
+LmkV9WlcInuqHsTluERw1JobwoSTMq6p1xDEKAS1DqNFwYnybE+GT1RYy6W9ph+7
++auARKh32+bdmZAsmAreUhqvuUVOVZbgbEW++zZNegAolozyezYU46D/t8jODY8F
+UoGLZfctZZ9+BqskLhI7314Otqa/t8kNCTFrMMsqeT7Ce9MDaGI4GuJxFLLk
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHkTCCBXmgAwIBAgIISyLfJHCSd+kwDQYJKoZIhvcNAQELBQAwajELMAkGA1UE
+BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE7MDkGA1UEAwwy
+U3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFNlcnZpY2VzIENBIC0g
+RzMwHhcNMTYxMTAzMTQwMzI2WhcNMjgxMTEyMDAwMDAwWjCBhDELMAkGA1UEBhMC
+TkwxIDAeBgNVBAoMF1F1b1ZhZGlzIFRydXN0bGluayBCLlYuMRcwFQYDVQRhDA5O
+VFJOTC0zMDIzNzQ1OTE6MDgGA1UEAwwxUXVvVmFkaXMgUEtJb3ZlcmhlaWQgT3Jn
+YW5pc2F0aWUgU2VydmljZXMgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBALlzUulTS5bMKKM1zNn8n98qxKnLQdU/DU4HR3ugqxN9gnne3rE8
+NawxVqLEfYwE5c9ovWRes5MJTNj6wpU4lvvkH8/jyKk0ZgioROviu4T/Nah8Qz3c
+TWauMEtRaLTcemhdAHu8UTAy8sVeyx/NpnmfHVRKHjdF8U3uDCYMsqTymj4n/rYp
+tAa5N7JLH3hAwrx3UTIGI2UpVLhSUvzMNa1hu2ChITUG/DSpGul6LTzaH00nkrRO
+iYq1wrvO9119aAlzmorOFzNmo7pZ+sxfOg7b0OecmisFYO/7qBK5f3gFn6FLW6+U
+57f3iIraOETCGPfzFTC0mhTKQ2XjqOnC1/Jvg8okbQlCptutgpFuVqh5Xgm0w8Sm
+2NQpE7OcHk6l0ZnMiCs9ooMgg1sO10Pdm5jD3rV5sSKhEQ8K5cS9xgVKHgSHnC3e
+fCv/7tH/Dw1JZJ2yIbeae9COhrmCGLclObJQ1BNb2mfIXcG/IaHMpAsB84Io5Rb4
+aLg8JxM8FA3DaK21X3ff+5s2sBxiWJXfDYDIlKWx3reMT3BVa3V73tclPO21AsXW
+y7dGURo1zGDY6ZcsJVwFFlbPWwRn0dqwfr1JwvXWdgTBUPujOOSmgockxSQaqA23
+OAMQJMpayBoL4CwsfIzW1AFSQ8xDM0kH1rkjGW8mNNn26ChnNga3hV8lAgMBAAGj
+ggIeMIICGjCBmQYIKwYBBQUHAQEEgYwwgYkwRgYIKwYBBQUHMAKGOmh0dHA6Ly9j
+ZXJ0LnBraW92ZXJoZWlkLm5sL0RvbU9yZ2FuaXNhdGllU2VydmljZXNDQS1HMy5j
+ZXIwPwYIKwYBBQUHMAGGM2h0dHA6Ly9kb21vcmdhbmlzYXRpZXNlcnZpY2Vzb2Nz
+cC1nMy5wa2lvdmVyaGVpZC5ubDAdBgNVHQ4EFgQUyuIr7JU+WqFIjMfkvNJUbMbr
+ZS8wEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRD600A05WTzqZ8QA1t
+Eb450TKu4jAlBggrBgEFBQcBAwQZMBcwFQYIKwYBBQUHCwIwCQYHBACL7EkBAjBd
+BgNVHSAEVjBUMAwGCmCEEAGHawECBQQwNgYKYIQQAYdrAQIFBTAoMCYGCCsGAQUF
+BwIBFhpodHRwczovL2Nwcy5wa2lvdmVyaGVpZC5ubDAMBgpghBABh2sBAgUHMFEG
+A1UdHwRKMEgwRqBEoEKGQGh0dHA6Ly9jcmwucGtpb3ZlcmhlaWQubmwvRG9tT3Jn
+YW5pc2F0aWVTZXJ2aWNlc0xhdGVzdENSTC1HMy5jcmwwDgYDVR0PAQH/BAQDAgEG
+MD8GA1UdJQQ4MDYGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDAYKKwYB
+BAGCNwoDBAYIKwYBBQUHAwkwDQYJKoZIhvcNAQELBQADggIBAFhySKzrcYym+x4R
+OIForpbq9bSkzrxl7za2251FG3uRkF2GCBIJO50WB4arC+C+rbo8zJ3F09bJbXOL
+yhWvb7gdUD/nt98qntiQ01hu+vXysg5T58cKco7oz4pMfdO1YE63kZsioVuwC/y7
+FLwjpHwbct/pzhtUNdZrnycFSCVYh9fpwD9wyW2PXKpRD/8dLm4+zKmeU1L5qm66
+SLOvhffTwRWStgOaKIFXRAcy4OtJQdrr94C8dMqMT8LrXpCdHsRFzYW/U8QSPxwT
+RSnwSWDdttz4uInvT5Rcv+3W7KGdDfbrUjCtuC89GCbxVofzVDmiDN495tSmTUQr
+LEelJqwBf2quOTCaicpYn9U2FBOG9aKVJQzHSUKZWoNu5u203PS8UgcFTN4fMPk+
+jSLzArtmDDJfk682/Gq3aqQO6GMpeKjcFvi5dhdPh+80FOHK4AnC20/+fSoD8odT
+24CPafZM+o2xBUFjPJm36gCgBHteSmxw/O18RNPGwsru9WimCe9XlGiu9uTpjo5p
+X5M2LtAVcOeeXKYHR/RnOwksDV3GgdC/oigw2enxJYe86hNjkOLNZ0UoZ37gieDi
+asLoADPsXixHUAFwsxtGqfe0w3xo5o3E1mhDBZXg2lCBSbGUPltvcwuCa5KxfYbn
+ilCoKYBjQblxUa+v2+SQD/d+S3cO
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIHWzCCBUOgAwIBAgIINBHa3VUceEkwDQYJKoZIhvcNAQELBQAwajELMAkGA1UE
@@ -5702,6 +13319,843 @@ HbOwC/lygnBm5K0bmGiLop1xMgfscVSzRIIB7Xodi6q8MlFUtK9851SeY1yyz0wI
 SFfzGre9T6yBL4I+6nxG
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIFjTCCBHWgAwIBAgIMHDrUUIR+7vNY+I53MA0GCSqGSIb3DQEBCwUAMIGVMQsw
+CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
+IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t
+UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IDIwHhcNMTYxMTAzMTUyNDQ4WhcNMzEwMjIyMjM1OTU5WjBqMQswCQYDVQQGEwJE
+RTEPMA0GA1UECAwGQmF5ZXJuMREwDwYDVQQHDAhNdWVuY2hlbjEgMB4GA1UECgwX
+TWF4LVBsYW5jay1HZXNlbGxzY2hhZnQxFTATBgNVBAMMDE1QRyBDQSAtIEcwMjCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ4ceOfS4eFqoDrPzHdOF8VN
+shbXzNeWbiVdD2T+wZqkiSiyz8qpjqwA3zXSeTyBgbaNiQYbUUQR3RtBkTjr00R4
+8zoGveVjk3rq2u/U9tRVsMAMGtvThZw92aZULOh4HcEK2VjYtVhzScZ/+JgNfazR
+AVHObq0iKWT72YuV5pRd79yRzpcdylle5lLXgeKcBBHxk4OJ6TwCW6dqO2q8UHaC
+Kvj7tjrL6oQ+0ZOEHml/hDNUEuJandaLVuIRO9Ifzgz8tcX34G2YrqLVkCwupyMG
+uuUL+m8qpSF9KmbrvfVbLvq97FmLC+UgZIHnDSO3zCebXx646MX6ypfxK0wLfBkC
+AwEAAaOCAgUwggIBMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEG
+MCkGA1UdIAQiMCAwDQYLKwYBBAGBrSGCLB4wDwYNKwYBBAGBrSGCLAEBBDAdBgNV
+HQ4EFgQUxIilB+64e6oME7/aKXRjUhtJcBYwHwYDVR0jBBgwFoAUk+PYMiba1fFK
+pZFK4OpL4qIMz+EwgY8GA1UdHwSBhzCBhDBAoD6gPIY6aHR0cDovL2NkcDEucGNh
+LmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY3JsL2NhY3JsLmNybDBAoD6g
+PIY6aHR0cDovL2NkcDIucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIv
+Y3JsL2NhY3JsLmNybDCB3QYIKwYBBQUHAQEEgdAwgc0wMwYIKwYBBQUHMAGGJ2h0
+dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NTUC1TZXJ2ZXIvT0NTUDBKBggrBgEFBQcw
+AoY+aHR0cDovL2NkcDEucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIv
+Y2FjZXJ0L2NhY2VydC5jcnQwSgYIKwYBBQUHMAKGPmh0dHA6Ly9jZHAyLnBjYS5k
+Zm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0MA0G
+CSqGSIb3DQEBCwUAA4IBAQAS6Xg+RcoM6jo4/v5QDsttFEDhlpcdETLj3COJ7shU
+/EhpivZQ+0AoPx6GiZX1P6+/HsfkhInXt9unr5RQKCVyBY1cszZbQ4aTCqzyA7od
+jdds8p9RLWoKjy+obuKVUc3AaZfxdhwr7ZjMeSuFjdS9X5h1i3EmqXYVy7wGfURv
+wd66slCy0jTfMR12F6ZrbxtFRiQJ3WfpY/gR+7r3d5x1p1xBwtqu4kJQ1KoNGsCK
+liYHS5cdUPA4P7KHb9JvizdJDsxr1Q0QpqMAXVhoYbrA/nbileuqQZfqoQvuC4qW
+q4lmjKiuaaTEETgE42HjUb8CPpw3BF69rw2ipnW8YA1c
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFlzCCBH+gAwIBAgIMHDrUb+yCwCXK21qNMA0GCSqGSIb3DQEBCwUAMIGVMQsw
+CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
+IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t
+UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IDIwHhcNMTYxMTAzMTUyNTE5WhcNMzEwMjIyMjM1OTU5WjB0MQswCQYDVQQGEwJE
+RTEPMA0GA1UECAwGQmVybGluMQ8wDQYDVQQHDAZCZXJsaW4xHDAaBgNVBAoME0Rl
+dXRzY2hlciBCdW5kZXN0YWcxJTAjBgNVBAMMHERldXRzY2hlciBCdW5kZXN0YWcg
+Q0EgLSBHMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOO74lqz6X
+/fpFYCX0bIJw3Uqb26QLIYx5aLS/jQsoFGwm0KpHrFIEERg0HCiF0KqB8XmzbhXE
+jzhFcfWq5vu7Tr75zownBGllkMzSIGbGH0vyPRppYpVYtt+LWZgJqmf180Ut8i9f
+BnJigE2KhDKe7AAJw3w1D8qvtnKJnO7bO7GBg1U5YudQ1auTEnxvWoR8mY7DwcVl
+J7AtTeEbo11gO9+9XCYOZoEqXPLtZGaCNbZ2D35xi7Fnw9Ooi0n15mTEe8KDQQLV
+0r856WXU1ACTDYpolXkQkyhhfZgA8gHe705DPDNYSE4dMv7WKVOXQvUpdPSNLAFe
+Ithun+5Sa8g/AgMBAAGjggIFMIICATASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1Ud
+DwEB/wQEAwIBBjApBgNVHSAEIjAgMA0GCysGAQQBga0hgiweMA8GDSsGAQQBga0h
+giwBAQQwHQYDVR0OBBYEFDWtxMz/TyDqnDre+5zd+T3EfbqPMB8GA1UdIwQYMBaA
+FJPj2DIm2tXxSqWRSuDqS+KiDM/hMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6
+Ly9jZHAxLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NybC9jYWNy
+bC5jcmwwQKA+oDyGOmh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3Qt
+ZzItY2EvcHViL2NybC9jYWNybC5jcmwwgd0GCCsGAQUFBwEBBIHQMIHNMDMGCCsG
+AQUFBzABhidodHRwOi8vb2NzcC5wY2EuZGZuLmRlL09DU1AtU2VydmVyL09DU1Aw
+SgYIKwYBBQUHMAKGPmh0dHA6Ly9jZHAxLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3Qt
+ZzItY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0MEoGCCsGAQUFBzAChj5odHRwOi8v
+Y2RwMi5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWcyLWNhL3B1Yi9jYWNlcnQvY2Fj
+ZXJ0LmNydDANBgkqhkiG9w0BAQsFAAOCAQEAETxNcbMk6rbnrLzRQT6qj4iDJTM5
+n8EjeLPDeZli3rronlGBkDzcAdttMA3cdRCnDDvE8tjpIG/mnwe/gQvNqpy4vS5S
+KdD08F3/6Yo/uqt8gcGkLlKvPVmGlPGwdNQiV2At1JcGRYDcJ6t+1c7Yw1OgqaTW
+mtJlf8r7RunOpNW+ry0JIWye5ByikkNxITJSBHn4qPP7iY2L2WIoIxGWCNzFo//Y
+wOz4agGc4A2aI9s95F+vENuZwqWp4ttlrgrKLYM1/sV6OQcESQeIeX9bke06MCLJ
+VvRD2PhV4e/4vZzL/UliBUyvskK2lEFwmmmRK45h/yEcM8+KzFyEdIXXqQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFnjCCBIagAwIBAgIMHDrUjCTtki6w9JCuMA0GCSqGSIb3DQEBCwUAMIGVMQsw
+CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
+IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t
+UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IDIwHhcNMTYxMTAzMTUyNTQ4WhcNMzEwMjIyMjM1OTU5WjB7MQswCQYDVQQGEwJE
+RTEbMBkGA1UECAwSQmFkZW4tV3VlcnR0ZW1iZXJnMRIwEAYDVQQHDAlLYXJsc3J1
+aGUxKjAoBgNVBAoMIUthcmxzcnVoZSBJbnN0aXR1dGUgb2YgVGVjaG5vbG9neTEP
+MA0GA1UEAwwGS0lULUNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+1cwA90GCGWXXCQ+V4MkCc9CaPcYU0hrUc0mTyvbQ3DuOMey+w5aFI8JkmAD5CHsj
+jDWe/uuANc6OR828xLoN6EV4AsNMhD9HMelYZrGuBS2nsOVlGzIIf8t+RX7pDVQg
+Dc/UvczziO45HmLCoYeUDcqn9Qho8Jnuh4nXJdPCRB4UvcwtRCpYkgCeC+Llxfe4
+IpdnvABTX1kwYR4TVmnAg3Mel5tLoV+WcxTdwJMpsbjFz8P11qMta53Nactef4gx
+BWMSEpDlnGL+swzkUfd1s+3NQkFKBbAZ6ehZivOZc4ah4iRxB1T/5v2Tza+Hyao0
+4f5SbkkD2Y1p0Z5vdMVEPwIDAQABo4ICBTCCAgEwEgYDVR0TAQH/BAgwBgEB/wIB
+ATAOBgNVHQ8BAf8EBAMCAQYwKQYDVR0gBCIwIDANBgsrBgEEAYGtIYIsHjAPBg0r
+BgEEAYGtIYIsAQEEMB0GA1UdDgQWBBQEGr8ck5E909k9sN4TI+WacPQuCDAfBgNV
+HSMEGDAWgBST49gyJtrV8UqlkUrg6kviogzP4TCBjwYDVR0fBIGHMIGEMECgPqA8
+hjpodHRwOi8vY2RwMS5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWcyLWNhL3B1Yi9j
+cmwvY2FjcmwuY3JsMECgPqA8hjpodHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2Jh
+bC1yb290LWcyLWNhL3B1Yi9jcmwvY2FjcmwuY3JsMIHdBggrBgEFBQcBAQSB0DCB
+zTAzBggrBgEFBQcwAYYnaHR0cDovL29jc3AucGNhLmRmbi5kZS9PQ1NQLVNlcnZl
+ci9PQ1NQMEoGCCsGAQUFBzAChj5odHRwOi8vY2RwMS5wY2EuZGZuLmRlL2dsb2Jh
+bC1yb290LWcyLWNhL3B1Yi9jYWNlcnQvY2FjZXJ0LmNydDBKBggrBgEFBQcwAoY+
+aHR0cDovL2NkcDIucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY2Fj
+ZXJ0L2NhY2VydC5jcnQwDQYJKoZIhvcNAQELBQADggEBAH+/QKluUYGThHAZeh5I
+erhZdIN9B488jjjexsfs1p0IHjKAElUaxHdjTfHc2zENqfPtc+EKRJL04MOUWJj7
+8BSR2MOWu8WrOVXYmIZAJAzH1L1eFNR6cem3d1nsnjqtqw21EQ+/O/kXb9lIK/sv
+YDwudINFcdWE5UmOic9ZHSwFPb4oEeM97tG18WQkiVzKF1cM6nzLHWp78uRLwD1Q
+ek1y7eX5gc8iQSvv33wTlh0ppmbDqfaMTR/X/ED7SFfd5S9CF07EXj/XWlv7ps2g
+afR793FaPrPloGvghtC7pKT8uOMNBXC02Xq6drN6JlU+5k+bbSRcAd40Bqn6vyYA
+RKQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtTCCA52gAwIBAgIRAO8FGnQaHZQJ/KXkZA+NPJswDQYJKoZIhvcNAQELBQAw
+fjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAG
+A1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAeFw0xNjExMDkwODMzNDRa
+Fw0yNjExMDkwODMzNDRaMEQxCzAJBgNVBAYTAkNOMRowGAYDVQQKDBFXb1NpZ24g
+Q0EgTGltaXRlZDEZMBcGA1UEAwwQV29TaWduIE9WIFNTTCBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAKRzU7QtbSdi6uUiqewzx81eEdrg0RROHTs1
+eXndSwxxUAVDC+FPYvpgWc+bYMVjUJQEIP+SNzsIGvB/YoabRoN7cLBDzPTgYnW8
+Pl/wYWXuGNyr1E7bV9Fec37HlvhE39Ntwp31gjMFwTOZ7Zw0QzS7w9PjO4A4anwb
+maBJgrRa3GFSgoJ+WIr5brQ6hEgm7rKRNPx6L9Sj2aSl/EWRPPv73j5xeWGcgOPp
+U+8eZmqpX+XfCl34o5OQJWi/F7bACetVhvFtWGuLNcZ0eYwU13jOEx3NNsILzIYP
+oWJztxd3aPkQOX6cNbJGTvLRcfmGDM0ASq3/BsCrR0o/ruCcd6cCAwEAAaOCAWYw
+ggFiMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFKETVNxWcywngsrIhO/u
+vwD9X6tWMB8GA1UdIwQYMBaAFAh2zcsH/yT2xc3tu5C84oQ3RnX3MA4GA1UdDwEB
+/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNQYDVR0fBC4w
+LDAqoCigJoYkaHR0cDovL3N1YmNhLmNybC5jZXJ0dW0ucGwvY3RuY2EuY3JsMGsG
+CCsGAQUFBwEBBF8wXTAoBggrBgEFBQcwAYYcaHR0cDovL3N1YmNhLm9jc3AtY2Vy
+dHVtLmNvbTAxBggrBgEFBQcwAoYlaHR0cDovL3JlcG9zaXRvcnkuY2VydHVtLnBs
+L2N0bmNhLmNlcjA5BgNVHSAEMjAwMC4GBFUdIAAwJjAkBggrBgEFBQcCARYYaHR0
+cDovL3d3dy5jZXJ0dW0ucGwvQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQCLBeq0MMgd
+qULSuAua1YwHNgbFAAnMXd9iiSxbIKoSfYKsrFggNCFX73ex4b64iIhQ2BBr82/B
+MNpC4rEvnr1x0oFv8DBO1GYimQaq8E9hjnO1UYYEPelVsykOpnDLklTsBZ4vhhq/
+hq1mbs+6G+vsAjO9jVnuxP6toOTNBqvURRumMF0P165MoFdh0kzSjUts+1d8Llnb
+DJaZht0O19k1ZdBBmPD3cwbTI+tChOELAVt4Nb5dDGPWqSxc5Nl2j95T3aK1KL2d
+2vV16DSVShJIz04QHatcJlNZLJDbSu70c5fPU8YiJdRpfkubANAmwcDB+uNhtYz+
+zEji0KnE2oNA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtDCCA5ygAwIBAgIQUgo6Rp0UayApev0BXmSr9TANBgkqhkiG9w0BAQsFADB+
+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B
+LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD
+VQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTE2MTExMDExMDMxOVoX
+DTI2MTExMDExMDMxOVowRDELMAkGA1UEBhMCQ04xGjAYBgNVBAoMEVdvU2lnbiBD
+QSBMaW1pdGVkMRkwFwYDVQQDDBBXb1NpZ24gRVYgU1NMIENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0jH2RyFdaiFSKRvlSrJJOGxqPtsSYQnc9KQ
+p28ze/jEndY0bBrpbigBwVgykS9V1letXCmBhERn6JvIoQcS+SWTe7M8T57nOtqF
+cvcsI97qsO9j9sfYGh0vKrPDBKHbQVc1UtSiltwEKj50QzU5wHoKtw9YOXU4sYPJ
+Tnnlu26Z9YjwFLa8kTpRk/2tpAZzDkwRM9wEdd+nnK2hZckhTNr2sEI1VFmtz/zp
+2Z5V2FROCAsSma8g3SPWthltbW/9uMIhMVzjYdD0BW6hiXKvfBHyEbKWohM6vf76
+727YhrCGviVTtZ4W4jut3zFD+ys26/Rk/GpexXt10VKPjHDsOwIDAQABo4IBZjCC
+AWIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU3pcIWb+UaR0laNzsdtAm
+ekyX+xowHwYDVR0jBBgwFoAUCHbNywf/JPbFze27kLzihDdGdfcwDgYDVR0PAQH/
+BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA1BgNVHR8ELjAs
+MCqgKKAmhiRodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9jdG5jYS5jcmwwawYI
+KwYBBQUHAQEEXzBdMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0
+dW0uY29tMDEGCCsGAQUFBzAChiVodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwv
+Y3RuY2EuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRw
+Oi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEBAA1z75lQZ9Gt
+53l0lPctrZpL0wL8NcMCGywDBZmd7PzWw91EaQWfPO+wY5sA3fHuysru7GEgOJ44
+6rIgw0gLZvEdoWHQOUEQNdL/ewdV8ahf94wZ+TsECEhRUH8Ow0VB09xCt8lXjO3g
+Gy4822dx1W8dPcX3R43xrxVkpxjhnW1YjfieMsl6dHGnm4MpdsyQaOdf83ah8Txg
+HI0sez3RGijUw42yqR1wKD6RNpl09quMamutReK3X6FRMb23eNtg2wthP161xWiP
+X5IqKQP63RKT8C93qGOk412uKl2KGrg10hV2ssPitaDlxMnEzPSmaUEAJ8tds4yS
+pgd9Eo38RbE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEWjCCA0KgAwIBAgIQBUNA0KLEzIER+qg3fUbgbzANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE2
+MTExNTEyMDMzMVoXDTI1MDUxMDEyMDAwMFowWjELMAkGA1UEBhMCSlAxIzAhBgNV
+BAoTGkN5YmVydHJ1c3QgSmFwYW4gQ28uLCBMdGQuMSYwJAYDVQQDEx1DeWJlcnRy
+dXN0IEphcGFuIFB1YmxpYyBDQSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAJRWo0VEVKpgZL+4V59O29R5aF8TBfQ/zSXdPF5Ydxyd5p/jMknvAjo0
+U41S5eM5Zh/nM2G2J8YkVVAnAmXwsIxBjTBeR1uCb8ecoyhDbVh7yBWYTiVvy3Yn
+WwssLLWYI+eLfP13GsRSul0Z7nghTSGa2RJ8MxVrGsmB6traV7fVL84fS/y0M+Cg
+yZQnuydAtpDbrJ51phErSRktw8JDBwm7PW6Io+OKxdKG9mVbNMOfTALlCbosxnZm
+69F2JfQwE/tYYKhY41FvSwgEYY2sqTAvUkGjIsEzWat7WfmTZ0vJiXVS7ylJNJMc
+nJNznBnOXBjNTAknwT/1Sez04t9Lr48CAwEAAaOCARowggEWMB0GA1UdDgQWBBRz
+qAhTKbgV+5mA5cU32Pg5e6QTBjAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6
+tQRN8DASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjA0BggrBgEF
+BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA6
+BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vT21uaXJv
+b3QyMDI1LmNybDA+BgNVHSAENzA1MDMGBWeBDAECMCowKAYIKwYBBQUHAgEWHGh0
+dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQELBQADggEBABqR
+cPGWxhjLeEP8gzZ29OHVpL8EFWNvpnEbpnAWa1uYmFNf0fsSoibP04UCB0Ye21KA
+jPNuTE2OWpgxlTVvl99sIJFKhXCIn6OWCLQpbjFMu8Ro5rdzg4ekedsihWN9NMwU
++K8DqO+oukIYjF2zPnnwcSykKaUhdi0BqUtmzJhHkFjoslJllOXiJ4DQkbpjiQpR
+yjPfliI1wzAcOM3xxswHAxOq8BVHKErKYUqHkHgHFZ6Ycts+sShKqVf+Zdx9zYJV
+pItiSs0DDCCFapxWACouIVY+xPYG8EMUWXz0gK8SAwNHXLRxBtjNWhCGOiSN+ihp
+277L8LbKp8eA8OlOMiU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2TCCBMGgAwIBAgIDD+SMMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxHzAdBgNVBAMMFkQtVFJVU1QgUm9vdCBD
+QSAzIDIwMTMwHhcNMTYxMTE2MDg1NDI2WhcNMjgwOTIwMDgyNTUxWjB0MQswCQYD
+VQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMTUwMwYDVQQDEyxELVRSVVNU
+IEFwcGxpY2F0aW9uIENlcnRpZmljYXRlcyBDQSAzLTIgMjAxNjEXMBUGA1UEYRMO
+TlRSREUtSFJCNzQzNDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf
+rxSj1ErmVWKj29MkGAfv0bcJ+DqtjWUK8++lCS91uPbnwhIFrGlHLLI5u8lKBAnh
+j7FlCUbLAlF15pCxRn78XhOhhRcaiBOvbKflsAZSgjncNhSQwCzsIO3QuEaKZ6FY
+UZwRFuvuISpzwvIovVsIn/fzyNHs91TfrL61AFjY5saIM7Kep5AqGwJ3oW+mXVci
+XqIdqmdeBjJxyEMlQa0cFeovvwu85l5DQN7T8xdDjnS2dqL9Wh8i7CpkHt7CkmIS
+nv1nGzDLZpDIfxPiLCUtcTea/QiFl+EHElqBhHyaxxJPXwflqFZuYAYSMt0Rk6xa
+Wb2uXtA1k9Db7wsZBr/HAgMBAAGjggKhMIICnTAfBgNVHSMEGDAWgBQ/kMh9xxVv
+8ySPqcMvS6IPIbIv5zCCAQEGCCsGAQUFBwEBBIH0MIHxMDIGCCsGAQUFBzABhiZo
+dHRwOi8vcm9vdC1jYS0zLTIwMTMub2NzcC5kLXRydXN0Lm5ldDBFBggrBgEFBQcw
+AoY5aHR0cDovL3d3dy5kLXRydXN0Lm5ldC9jZ2ktYmluL0QtVFJVU1RfUm9vdF9D
+QV8zXzIwMTMuY3J0MHQGCCsGAQUFBzAChmhsZGFwOi8vZGlyZWN0b3J5LmQtdHJ1
+c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ0ElMjAzJTIwMjAxMyxPPUQtVHJ1
+c3QlMjBHbWJILEM9REU/Y0FDZXJ0aWZpY2F0ZT9iYXNlPzBxBgNVHSAEajBoMAgG
+BgQAj3oBAzBcBgsrBgEEAaU0AoFIAjBNMEsGCCsGAQUFBwIBFj9odHRwOi8vd3d3
+LmQtdHJ1c3QubmV0L2ludGVybmV0L2ZpbGVzL0QtVFJVU1RfQ2xvdWRfUEtJX0NQ
+Uy5wZGYwgb4GA1UdHwSBtjCBszB0oHKgcIZubGRhcDovL2RpcmVjdG9yeS5kLXRy
+dXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENBJTIwMyUyMDIwMTMsTz1ELVRy
+dXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwO6A5oDeG
+NWh0dHA6Ly9jcmwuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9jYV8zXzIw
+MTMuY3JsMB0GA1UdDgQWBBRqF8nR4bDH7A1PXpoQhikz6YXRRzAOBgNVHQ8BAf8E
+BAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEARCPc
+wLJ2JMlAhkBNmpKJptGYMMldD3OXLsZ/sxsQrvJPEvVlPon6ylJJmHTW66FQYBQe
+eMDtbQFZMO7+F9HmepB5VmOwX8KzBX3gqf8VJQlFB1c5iOPl8Z7nUOEG0ivogfaT
+UFfWnXPKc7usKhqQZETqk7oX4HBdP+w1YQ4royLTi5J4EBhD+CTL6pRbneb6m2pN
+ep4gvahyQXuhz4TfBseuwbmOC+SmY3TSpS6AMVJHqomhFCf3wkuxyCj3LJY/XRfL
+nFoglWxOa4iyKUl7ESqHkKp3DPRKzM7QRKGFQeW9jM1R+ROvBL49YoHFQ3rhj3Y6
+eKIik0cnkIAEyplgiA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGHzCCBQegAwIBAgIDD+SOMA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRF
+MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBD
+bGFzcyAzIENBIDIgRVYgMjAwOTAeFw0xNjExMTYwOTQ2MTlaFw0yOTExMDUwODUw
+NDZaMF4xCzAJBgNVBAYTAkRFMRUwEwYDVQQKEwxELVRydXN0IEdtYkgxHzAdBgNV
+BAMTFkQtVFJVU1QgQ0EgMi0yIEVWIDIwMTYxFzAVBgNVBGETDk5UUkRFLUhSQjc0
+MzQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4PbGGVT4nCH+CzaZ
+kZDWqXWiXbBu3UEpSPBmAKDepwkoc7b13vVlRrvehBm11yUNzaN7thsqB+VXEyF4
+OuxkCJkZRCJUfrS1zdnZXptf361oahCX+ch2E4Hdedeet45mypwKsD7FqSdz01KY
+o6wFQMnnZsRQtamilglAgT03iTUf+Yn8a5msV7fscpfkLUGCtjeM2eWgfZ2I0pqi
+m3DYrQU5/8in6DtZLrIAgZpnQsgJiB3glx0YcBXs5YZR9bfhOP71nLvM+9vkxNR4
+V90SOnwEzCbj5VforuNgP0sptC2TSPiqNG9sgdySBobz9aO5ryqG21GXMcfFp0vC
+z2kxrwIDAQABo4IC8jCCAu4wHwYDVR0jBBgwFoAU05SKTGITKhkuzK9yin0215oc
+3GcwggElBggrBgEFBQcBAQSCARcwggETMDcGCCsGAQUFBzABhitodHRwOi8vcm9v
+dC1jMy1jYTItZXYtMjAwOS5vY3NwLmQtdHJ1c3QubmV0MFAGCCsGAQUFBzAChkRo
+dHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NnaS1iaW4vRC1UUlVTVF9Sb290X0NsYXNz
+XzNfQ0FfMl9FVl8yMDA5LmNydDCBhQYIKwYBBQUHMAKGeWxkYXA6Ly9kaXJlY3Rv
+cnkuZC10cnVzdC5uZXQvQ049RC1UUlVTVCUyMFJvb3QlMjBDbGFzcyUyMDMlMjBD
+QSUyMDIlMjBFViUyMDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NBQ2VydGlm
+aWNhdGU/YmFzZT8wfwYDVR0gBHgwdjAJBgcEAIvsQAEEMA0GCysGAQQBpTQCgRYE
+MFoGCysGAQQBpTQCgUoBMEswSQYIKwYBBQUHAgEWPWh0dHA6Ly93d3cuZC10cnVz
+dC5uZXQvaW50ZXJuZXQvZmlsZXMvRC1UUlVTVF9DU01fUEtJX0NQUy5wZGYwgd0G
+A1UdHwSB1TCB0jCBh6CBhKCBgYZ/bGRhcDovL2RpcmVjdG9yeS5kLXRydXN0Lm5l
+dC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUyMENBJTIwMiUyMEVWJTIw
+MjAwOSxPPUQtVHJ1c3QlMjBHbWJILEM9REU/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdDBGoESgQoZAaHR0cDovL2NybC5kLXRydXN0Lm5ldC9jcmwvZC10cnVzdF9y
+b290X2NsYXNzXzNfY2FfMl9ldl8yMDA5LmNybDAdBgNVHQ4EFgQUIa9qJphx6SYK
+1duhjPfbpp2lJVwwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+DQYJKoZIhvcNAQELBQADggEBAEITrEZFU4bOy+274S2THOe9lewgYy+5OYh/Wr7Q
+WzRi/bMU6GRtag9fCnIsXon3+2wKGL22JgjI+WnZa5TRiazUOdtOjCEuwxXXMYH/
+PaBBb/BXmfGlEHGHL/ljNQauOrsfIQXXDYTfZk9jwLQgPmF54Ulm6oLsUrvYp1nq
+4jSAyWOY+mcxFlGgZPt5jdL1DSkzdLtdWfGs+1USqmx/IBZLfCwavdk0Dm5fwQSG
+iI+av54kU0E4ziDEOJ25rfiOBGqjh+4NFegAaQlTeVp1zOCjtKCf9YWDS8BgJT+O
+Ri2UKV/O8WaWZ3qRLuVavpng14sx4oa8FLM9sKBWvI+H5XU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQHcbTUEroVK5ze23iskO63TANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcwMjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBALfxK9W6qwb/MnEzDMxVqC/4pLUfPJDXY3un1BGP+X4RlK558rs/
+DxOgLjCB91lu4wEtElhj2ii/GKn28csza070I3hy3ZSR4lscSc1iiqm6kGHcg8AY
+B8IewLgpBtW9MuFqkxQwtMIz15iGdA0Burw88faAfocbibWvl9NJB4kO73oiJmWS
+r5SFu+3sSjIsys4cTLJ4zxbqmXaiPUO56HOUAjCkQb5wMh0tVCSaX64j+j5KvHT6
+m1KbqwkL04aPFa7CqVUm4UyQOAWjthBb4QKwDsU8U8yn5XrtiEkmLvep9+jlcLCN
+y2sTeBrHpL3yWmqm826qUiK/XvIt5AWzZ4LLGDh67WuZpowE3u6o0kSpmw+gtoBx
+51WXHEUBMZgOV5frzD1AciL2/sFiNK8zi7pTyiFXQOj0/p7Jn/WvSmdO26ppQ4Tg
+KQ3G8S+xLgW8hTnUzF7a5aQC/xat1MLDFRqVhDHBLMXw4mpJfChBlS+5AgKMEQmM
+AyFEYNETD8LtHigvt8q1jykSybt1Uo3vjhTc20yyAslj10c7busbZMdSoItOk9Qn
+z9o1WqVt8DUnSXp+4p4u8+czcXD6Nz/gB7sIl35A7pvduuqktRj89FxnrzCt9/j8
+wgdEljQKZbaeyO04NYACENmOclTHe64k70Um218wMkLMVSDd/qbBIyipAgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFJ4x6xXiksWm1L4xIucLguKdIWNNMDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAF2ej7deYgM+jJvZ+7GuCyN7U
+DJ+N7EcEEx1yqiXHG3wRfGoy/j8/SL1awLD84JQfTNQYJm6WrfsWPH6O3A1Wm2Xe
+/D4ss+GUIPStOpxZFzhRMdI/RTjH7YwGiqRDSG2bkS36zlpwk+NlrFNutN/Y3JFa
+N6nj3gIf4lDfmCiLO9F2A2xZ5Kbo/gU0WXbShcBKw21rfhuY2lKCespOCES1JzUy
+Br3s09feUwXW5hjhlci2YqVRbvIjN1iZkfsf8TTYlu2o56EH72/6nlkGqXqYbF6o
+YsWNIfAqbJ54optZAPnEdnZd+cQAL67FtUgV/pla8O+DT28zQTHt0/yK4nQAKR1N
+ReZfNRCOt7McO4iTU+3Epq+VRr/c4eSYdwWIc/zp73mtLSnhI3sJ/7km5DOqftPz
+C7/ND26oUmt+Q6odrglTCsutTxid/Ym/n5By7IY8tnM6OUmRuJjJQyvHJ+8RyvlC
+tbT5LeONHhT4jtmGq7gw7ELCvOgcuo55sSaXbWxdpmGlA3Detq3rOdr3+jB0J84F
+uOvzbB7THfnxEIl+WHumvsEHLkU74bzL7EI2ujXitQz72xAiEVw3iuX0DDex5xPn
+fLoUmcxSWmMRjH80qvuEtEtzlEEBepg/vog79bszBxwAJ42rIVtNp0A1qS7G6c77
+9Ww4qws6H2KHOG/x5LU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQbMYMMd6xhhj11yWx/jbkSzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcwMTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAJYpniDx9+w8WkQdSF/GEyeaUUncmWB/AHMuKPahpmwsB8SyZca7
+/in9X7mgheUbGCC9N8ETATYwuItqh1UdWNd7Oeh3z5TMRNFxv9Vga5BTO17PPNHS
+uiB5fvwePurWlHYr5/krraVTJppXep7JcQb5g3ka+n4i1h4NVuruJDOoMOLf7JJ6
+ZKYcVkPqFHmFvt0EbKg/yWAiPRl6OnnnEVTQjx7KGb8tnWYv2E1dq6OLzuoEtkxO
+vUoFvSLtt244m5o1sG3fKbBqQDcjGS7tb+2HeMu74n4Dkov+r7Ztux59XIDC3qnM
+XLCvNI+YV/T/idRDstMrpzY3nGZqGN8H4dLr5v9EGqhiUJaPQOi11dHSUBUof7lj
+1ju3LSVcowBcgonOnLkIO4xU+07TWg+VCGJbAgk4z3SczsJqfppLF1915PBEW1Yn
+DyX57nHdL1zgaHD2wSJPrVJBjEENPMx2kpum3xP9ffu4uZugNmX2dBN4CtG8fFXe
+sGob7EV6W3ENCu3e9ETAcQ3skgLb7FqvP/nIet3ICfVCrXSWtA/IPczdMK4ibc74
+oI3xJPSVb6Kxun/NCJrc1facLYDPEhpWOoSIOJR6VQnecVDZYaSJcquQ21ue9eUa
+hgGh4u3k3MWb2xtCF8/anaFGA4RXbwfajNLsmO0kb87X+IBFGH0jUHVVAgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFGUOeUxXjm2va1oJNDkQykeHSaTBMDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAOAmz/n/0u06/+F9n3/d2VYdg
+g2yo+JUpAtXdqTLaidz0e55o8uEygB0xe3CEWlIMOHE87+DoIPk9UQLh3Yeb69d+
+NZH+TNZiTVPsaHRn3hGTAVDJx/074eyOcBNz5bqI3T7mvrvk5nv3QMbMV1j3WipQ
+2jQzVEY/n+cSkhv4LofLuGWA9O4ZxZLU3b/xTtuXoOw5lIXjl69y2ivxprsxRflB
+1EsnBa4+SJBBiQ3y9Nww5b2lMD9f8pSCAvnOjDsOX1lvUvxMtBPKXru3jdvViBz6
+bnkh8lxUPrtISxUxZwWaR8BN2m3vIrPhzzrzLswRvfsy5CPFu3eD3MsI/JoJe433
+HOnCwbVqoZ5iMJIh2735P/bQucdSJl+1zvfjspLC2IlcHOgoJ/1Iq6RleILOJFq5
+ETw1kN5mT7e5xhHBYEgTkhSiJCCIin7dSPl94uZasrAGvQYPkVxu9UMhFnhzRpmS
+n+7athxaq5/QvHfw/PSdtha1nmT2ELTjzxFMHUHjHoRtPN/I1a3r7foCBNHy2zV8
+PHvOKDxXQVFX4KzePy/GeDo1c8/cZn8zgEcj1GLc9zXaVtIFekELIsfMSEOkvxBf
+ENehZKxg77vjJBheSOKC5BtTZxYuskMg3Ezdi6xLOm/wnTd0n1hFoKHcjBEEeuwo
+Ex5+zkeqll/YhFhujEw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQUGbyTAF/32p7j7+9Cl/RxDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcwOTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAL0Yz2w+hpbW5mB2fnun70+MeN+T8xUS2+8uy6BAD2aKg0UHweD1
+Eah4S9hfIqyAjijWm2FXn+gfJ6m0tFYXB6bJmU22nmmcLvRLpp0mSGv2CEu2DeAh
+tDU67RQIEMlXf8MZj58cRqO/W/PRfCri6mRX43qs97hlcQJmUaWGVLl5X8dLHbhX
+XwXtsXaKwKWfLMYH2qULP0L0we8uprQ9FhikRa6oslLS1x8CNheJEUUS3jI+qUah
+/4u9Q4vuWAkIuk5RVZ+cRFUtzk0c2wuY6rQm1pf46DPNgLd7t6wQpLSAkSIrrOvh
+chY8Ae6tXU8RVYZ1leUHTC4P2g6CD9hBR9hCf4JRTdTI8tp9yM0jkjxFs9nBdAyW
+hSGMHtcqzSKDPq891OF0bwVYSY1QYZRp3ViQGJyMnochrz91TpDSX8O5Af7u6ra+
+NB/Damvdogv+3S9ycCju99H3TKZ3nbJHGzFgRizN9TM5kgI68vGuA91UsRbA5b/g
+AcR0b3kjFvuNmjkrrKfTjWdP/lco1Bv1Tou5aBr4AaXcfqwlM0NkTKizFiKjrljk
+vtmnY21WkSaJ5IhHdE16ukr66F8e4xtVdbNmuxhyupqAuNh/5aOSdX4mxSXc/PkE
+5Hy4m19K7xMDthC3ZpASwvFIQmMYBVgoZqWlZY+0BbkFU6CdyH/EUNFVAgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFINimHCc2JjWG2gXqtkjIXHTD898MDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAkb/zHGCmO6G7oW3PflPgXFfh
+ggugQjzh15fMIyFJZZWpULpPcLoN/BIL4yZxbQU+knJujhMgV8VFL6t+aaW0Qdry
+jmED4KB8B9YaciEXaVmNppdGHmrqk7DH+c7e+/Sse3/AegJdeUQqgOolPNbvZcPn
+4CKtnlD+j1WRBgIyhXhQGjuEfQfr4l/ljlS4rA0KyMpFWWKce3mCEsJWpyFifWEN
+OS+oKxMEaFnYw0miSe40FTewSGbawFrazH6CNIgLaUUhC4ei8AG1rwmsRYfLopQj
+VqUShrk5SHVNI/dONFB93MIxVy/ZBHn9aDYHQMs5J1IbLJkBBlm46Mo5FuQZTf0b
+jhqzlKBi1qa0B+RJhkLq2mJ5lSadpxvxofzR+9QLvp9IeHnUcdNRXLtz0lQt9Q1D
+KHPh1ZqZnaDItTiwHPhhEkxZEg7Ri1GDGIivRchZoxnt5nxDa2GGXWHjZUzEgUbD
+Vuw4quJxPxColadLuNJ98AKpUz2u8MmsaAi3/imVBNzn6+t+DEUYg0kduVMqIy9C
+4AJ7YNac9DT19ORSUlABcs5L/HqC/A7+WY2TNCfI85OKRJ0Mef2te7CA4n7strdM
+lBwWqXcBqynb5/t6LVtfWLRDCQfC40U51ZFwoWHmDLDehtzWFzw7w87/kgJ5BCep
+tlmiYUPGZXsjwlx4ACQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQKQc4XqZ44yAMYQqZCbnP6zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcwNzCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAMdeB0IJn58nBmeeUAS7xHysk8OQySgOC3zxy7P7lKmG4phcDbhD
+drI2y3NPE8cSMdFFDbztCVM3eud3Sroq38AGfxPCQ3xteHTI392kxVXiIPjZyEh7
+YOPOhAVEtnZSmFQk8zoYIl6/nJihGmyFwTyyCeQHZoknjZZKBT9/TA8elRAJpwbt
+5Am+PQSdBs95GHVCP+kziMigo46l5UxiIHGr8/W7kJTpUuyo0o4/ruvoBpMIslz6
+IeWWOAjilm6z7Yq3eZvmZV3dEKnePGKBkJmoNJqYBI2LyTs7BdNQ0tK0J+PdEGp6
+v4B+FsJN713t4l93VaHIxIEc7P5Y9QX5dUjfELkqSFsY+wKPiDJWhLEMKbT+BG7Q
+17rl0YAFELk/CwrD4qbN/SVo5OugKQdEmbnBtGYbCoW8mDXJ1DHcuFWZh3tDTvuI
+n84OFDDqKHcDJKMDau7AqmedbK1rmRoUCR3+OC5xvlxF3Ukhgxs2eVcRAKVaWJPp
+eWl9aqOda1gN+Y0Uk7KRzoJ2heglzXZmtAdWBxpW8RMNGd0Z/tkEDvlEwN8wrTB9
+SSO2kn4Jis0RTJbyhbPaCEdn2P/MNXUI7V6yvNR3rvA3byimYi5WvswfGaU+FdRr
+hB1iRBiPOVGUu2S2ZsxFWbwDTThLeBEeRvSetXoSP/Tbx9DQwux9vke3AgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFKj0gpCDd3149nEe+9mJu2C8NQoWMDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAjJHyzcbo7r/ZTujHJsn7JJGV
+23qWk9pGUq7JTRFaiEJTyqa0kfPbIipwxMALiwlmIF0FOLhE7UjjzHpm8sgf5TIp
+XM4XYD/tISod/AAeuecGcWU9sO3I+f2QXXR4RifgXvdfezQKQ+S47vS8slQgckE4
+xib2nw1LQY1Psgvbe8KizT5UtNZPOz9p5XdyrLPcJQpmxW6uPYLbkuub2s0qDDYc
+YxLPJWZRtjr5uM13LyvhPcMh0c/LZ2f2Cc1PW4PltvEKr0hsidceFxBr9na4F0Yq
+UbhmhhphvaWyGJmes87F37a2mHX8S3B6Z3dTNaqRSZtkobYZxK1HOBSUsJPVgwSp
+JoHcV8gd+H9a+W4B7S0CMhakgP+fVY5pAvDcC8qTKOLTmeRyzb2EIWipSZ2GeRJH
+wUlDK2n5o7kLojO3bU6pBtiltJz6gFgNwuv5Pz2SaeUwULMtcdpB8sfYY9g4AelR
+GeEPlKsYRHOLjQhCnSxBH732snLGt1RDVibTao4Gj9EJ/MIJ7IvfH31d3ghje3pT
+Hb3byOLjxBWzXn9F4wXmuA51glbzCcvhdTszcQeXQ/gBT4RZ7uHue5eCoiQUjqoV
+o2NM76XbXbFkKlbe3YqcVem1Gkk8Tk2yrN8LCTU4C6YR+NzgNCA1l8bzsrrV1PKr
+ihsFFBS8B8uob7uSPs0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQD4STyoyv03d0x67bvHQ9tjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcwNDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAOo2n/TtqHItz07Yml6/wDDdDQbSVspRxysCkZsIMBfUO1RuHgiB
+RU5gpJZMlRDvcEoicJQfeHOo0CntlsbTqwi0NbMEr+erCCwvxor3aIHcGm9ox0DL
+qEAt0KbjAPemXKGRLG6vreyiSx+ozGhG1TkzYE4tDISox90vB0fYMcndRACvkfiV
+wQnxm/UCRD5H8Woi7CM/m+Jc3e+epNrAxI3S9sEQPkbezESnec/AHukWETypRE10
+ONo2qkIQsF+wZksYHZRlFIeor+kq0YIC769hdK0etlrMMnw3FxFKy8w3f+VWRzWf
+5+0fWIhF+J9qkSKyl4TFaZiS3xuSch2uft9ddduVIQk3Vd87XlEzioJAXRei8kY0
+zAbvd+vLl1ljifefgJ4JOMKkQdo5ZO1fuuap3dL0+srcByCLINJSFTeTw8Lb0JdU
+Szw9W5va2DUsBJb1AeUn5NY046CVOPN45saISKeMLEzcjTLjq1cmrDs4cfGr11qG
+GYc7IhMovbtMN/zalAZBRWDxoJ9OwFBQ2VKAPW2S1P/cqVfY4FqjgAfNtlLbmfJa
+uEQW//JhJZJdsPwkW1+WeZ0rdZ+SbJTgqveOQLmUvAVMP2bKDm9HwhHxeK6+BlvL
+rJ2XCcmqlE+8wp9zZEm+kuA0SLA0cWCl18OKD1U129eabO2MJwuJOAyTAgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFJ0eVZjapHeEVJK0EAE0yQh9kkgcMDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAKqagIHWXGthtNzIxnPawG06T
+LKLhi4xOmCONAuVvkRrbaNejOxwe+N7o94GSr5EYwkQOLTtmKSopGxWNwBMeFgFg
+0tA98tmmRgLDcnlwZBgutRviZb3n4h2d7Bt6QAlf+mzdkCPPi33JLvEeEeVFhVZO
+ZnLzFS8Vd34jZMRywRkH/CdZm7m15ixLy0vDszHQl5IxQPzhoKz8EcPQAVG+SzkN
+f05g3R2o4klsRZpXxbHJzLJBZMWNgu188jlq3cT1Gcp4STYKZ6+cnRI5ThD45KdK
+PHtlVyLOOckadNd1Vm7teM4VplN3HDqyXpFe0xUogJ7h+GG1OwOIjRT9opVQAQVb
+z8vvL2X8UR0kkb3Np9oKkjFpc+cIobwBKRToWOWZV0Ifjgk9RTYQGrEQ3n6XpbIg
+mQScTrik8CXSGsDPvxrfktI/1EVbH536FAnDMFWmsm7JNFZOxR0T7oUxfCArZLcM
+Xw+ygStFVwpGgTmV3Pk/EyZdIjKHO0vhZCLHrTgVo9ICJvUZCGMLh28l5CPzkDba
+h+RBAmK2R3EAtu7sYKPw5CECz50WFcRB0OcswdxSFT5yBV3UXwePaL9p6N9164GT
+wVCdieMwOC9lOR5N8g95R19oFDRZITu3f8MNdlwkRUMfZnyVccsihZT4DPfynFKg
+bZlKM2gBLxHLRI383go=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQE685K8QdXAR185WZ5mGXpDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcwNjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAK0AmSph3ppg4B4pfk1iea1XNZEsjBhy5J5DHTVyz+878PpeFuax
+QQjaPl8NyyeTCPhChb9H66xKFODkfbr5OOfC7pCmQ0ehoLOCfATJhfExo3sFcABI
+/pNTPgPnrmZq10S7mD/o5mMmRvBHw/G53zZ7P7TEdumLKebLmmL+2VKXw3TN3BoS
+woD0czdn5LCKpQVVqfUtAzctBPwbmwrZ5NV3tvvMlSWh+3+HbcwORLFZ8eq+4tNY
+Njd7lVeORVFpOIazhosSRjpPfaC52Abf/Em0qvOZgN4lDLez6mBVAYSD8LI+7/Ef
+8Ekm5AEHlGqx8KAEoCEixyr6U+ZfBQWZTpuu/bCFvuLeEbNNZn7N2HBytmiatODq
+NVLLVoO7xNz51LZqNDnH55HA+jK2nmRBn8RQglJWFy2VLbEVVhQKek+huhKW+1F5
+F2alcTofeS7NyxkKnHx3QT8dKCuJSnd4zVvQ2zO21OKGszq5qkit3h/JOz9CHUgF
+RFMgMOLN0geqbsG6kQHvyYRaZyjZaUE6ncNM58vkC/Dy8o1yMJxEPWrtMEU6BUj9
+N3Um4WHEXqxaGdgpg4URrPN/mCO5UAww3i+Ym/zNouLf6g1V+7cVT6fzRuzE1FmU
+i5l4YDGKFd4Cuyh9nOQSYbqgtrhUkMcRKO6Y03P76P0SIWsd7WmeqNorAgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFFOSKl19WAIl5g9npDGSgwb8BSC/MDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAaQMdraDZGlH9NCrfW1Hh9ezh
+SDMJwRbNoSdjqAP8DwCRciumOywcXhnzTkyNcvRJSsiPK8P72ifSMKMMzfkyyYcN
+8BlyAikUHHJtiirkUYU1WWxFr8jqNGbmbR9kqzgRPXAq04WqlsgrGaCeBOgWPjvv
++SLDqOu7hrbLs8BzuxEOeDscI+UxAygAV+SgQp+hmQszpsq1wvFAm8azwjvcMJad
+WqqN5hX1ms4gFwU2TDPb/YfTs3nH3dvRngCjGkzlXgDLByJhSxiEQz1iY2A6D2+i
+w0jQE7aLDlPdGpnVaJ7ch2ATbLriaFMCwq2ddVcCjMtF2Y+vshurtTwOMsJtZ4UT
+xp5ywEBWpzCLRRV/6XHJsd5QwKxQPSnKr8riwkVDNQBewnqQI3EmI7I92Uji3FmM
+Fl4sigVZDhZhUnR2VAqJLfQl4w4Uz2cJEXYIRgmfaFBwIXIIYBkyy+yKKPuN4Im/
+o3Q5E8qjw7zC4u3iliYC+JpFNXf158hqAgNKvNJb84SX4xDL1EPLx/+GOu0Opu3i
+Gh68hftxb65SfU901rf6AfygZifLEaCi2SmQAEPHKpHOlCZvwlXStT8W3w24rfFl
+GbLWGBzju05CZ9vLRYdf/fUwfePfdVy9T/vOyFWmfSjAyDrgu/ZkGbhQ8GY4ROk0
+YZkeycS76Wfia/IwSjA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQOQc4XqZ44yAMYQqZCbnP6zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcwNTCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBALWLE/VMuLUvtU7JicRn0l5tnc2Ur7c2K9BmE3i1Ffa4BtXvHgge
+jtX6qFMvCLt1V13Q2NBg+1eZiLLLk2FnO9fA2Xz/wlFoWgR2cbdRUcc2C0iDA3zV
+iy49lqae+OQKseGJHyJo+Ot6pQXJCNtl/eIkya9x2bG/xn2tbSGmdhnBs8hUk5LQ
+LbJGQQDqxWBTsfdbqb8Kv5LyGNPiAzOHfxRfyG8pWcLDh0w1v5mJPMVdFZgdPjIK
+aEKNDgDMsjr6lvElaXkEo+mr0nDIyT69PgPpr+f8Y4j9oyjGHH8szUrinTtw8K02
+QZqVXTkgEJrOCN5JVUjhIuAE0T+43MGEHCuilc1pOyOcuR2kP6kLyDYYQxevpHlB
+lcsi/shf6qQgNHpBPS/rVz8l4z+QCyZ/ktNVxnf3SX4ZUTeHSN5jVxi+sJdcqiZD
+G7psLdAKhGD/l1J8IVTYxKbmKSvQbsZW/GtYx35XmTBlNMk/o3O1mOwgZmM8U0Bu
+sjgkRfjvlCwQYF3aKfa+J3Qiif0pGsT5fxTtbwEd4epgIruTrfJtruGX+HA43P8G
+SbpNWMy1fR23S6qDCavc0yaSkyq4p1d9DSGFGQ7s8x5jBAsH9mpXwuaedBNh49bz
+XRwS9xrG6L7YESXiKx7bjcwfXufuiBjG3dcnngD5DV5kD3DcWQr7HaAnAgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFP83jncpdjiVAQHsjfwoDTAjusFNMDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAQB1BcrT9sPdpS3UyfW964gIJ
+RpGdfIv+ON/cEgqu/bLpDcncJAILWCsC3IXAt5y1GVyRPZ73b6H28ienSYtYdx6p
+CuP0Y5yOvoDl8MWwKscbivBzN/TGQ1COaMuBo6ZtX/EE/F98jPfSu04pGLfn87nA
+evxOSUtnSOS6/1w8V6XI46D9ONauvzpMifWZ9c0ZBkBsvAILjG0mY1R0kEGKIYVw
+3uBtx1GpbDDtrHiai1Yj1WvamDCg5X8lAMX73vm/zxWkvCvzZUn3Iy0/CU/ZhefP
+0Byr4GJYaTPvki0+X9vG2PvAfevaBeHOe4hJQp+NfqnU2qlxNN+NYzmnbSwR9P4P
+FTqShB5KX0sTWJaA2DxpJ2941OkdBNqtP3EGiysBIjHP7HZdVgqxdAsqgURJM0lx
+UK1o4euKCkMs1ZAJDpKFeW4mvDO5Uh2SIsb84JAnkg8UbBT4QvsA8y9bMzPRjFsT
+kVTJwAE53lOBYnFfAX2Cpc7UW61VlwZP5SIAcesb1aVQJE8L85lYojcnbuU5F0Xa
+uxtcU0dbIfBu+CCV1cuDfBLOF1rMRijc5/On/UIAM5EyiW+pyCU1+4qJYqCgTt8m
+Lx4mZQz5T9nb1xcNPMUiUb2SwxGpyr8liJG5NgK7tSXoXF9c/Mj4nw0RMkg346Am
+aju3NbwjyG26u5AHX0o=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQTCLOWPWydrJeCTp85e6DDTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcwMzCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBANMJ5YuHRrBM5KHt9RvZv0fylEK22/jT/WB51s2Zd34aYh3MGMHD
+qrXKZfwM38Vs98a52237aq2jH9O8bXJoqIMuqsRHG2n91INxYdc5wTuPNKrY5Wgu
+L7vv2JDQTMmYHbLyOxBR5DPbrWiTnV9/iYRIc1ZRSDibfhswyg5UULif8J3HczQ3
+0OjtK2bIBTZJ50f2xyUhQydK2yUgVQTQLjyz11/01Neal/OhMmsrGqBb3LP0JRXC
+JpufhV052TnP+tfZe92YWRJHUi3qV+fsCp61QhTTRyGRSJrOkHBup3QEtFqZjunP
+iCWdSMQL1l/F6359qRVMMMR2L3gCT6q7AyfQflQs+pX/8VvzAFA+zpie2JcgQ9tL
+Wp2r38pE4vR4LEXQMKQZoy6//yPsRgovNG8iRdtb163ijkr9zOWfSzmtWuoiC5tJ
+Ux3yORe0U3ZneJQ9+bIgrPF5RPaB3dQv6m0fdnbdRRye1X6GkU9i7x/xoubm2sNa
+Iu00IASapLWXCZ071GgqOnZz2p7lxmscP8uS2GyCt4WdH44LoEYHwguicZgyG6Ec
+p1g9KXSiEJTdlLBZsVxGd+VhjeJeKsCBdlATMCzq5SND5y4HqyikiqRehHGUDd32
+4LoVBrMUCtYDez9cfMu7oYy/bVzra2GYdD/CFjmhl2sAajQw+madkOv5AgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFNiImzxV700/+6mOq1HnamfeBk9zMDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAOQmnKI7lgZtjKfCodLlHtnRe
+g3+Quu194RKimPNJohUDdnVAr5II3S4WJItASnTtBCsPP8gJcsX1x1g3CpHHtvTl
+WLCf3irxsFD2djtL5EI5vmAfmE3dq3S6laam0gKEqGEjil3t3QCQ1hlX6Cl6DAFB
+eb6Peajn6xWh7aKDFc5UW+dllnacQQkfEDZdhrUrawRk9zNcpTFOdG9QDT0n0pfW
+2kVMmp4XvCI+RJ6jsWPon2kyKy4wDI8ENDePM67vYHD0eEsAxGZuyuc+3casLDQN
+lvn9wwuLmQ+tf2RT5C74lzK8MuXCDZAwTa1PdgPv5O8YxzxFS+aKHtxUq3PSVjIT
+IA6MXCrepJZpkDnH7o/vHZRl/r+7QAsQ3/Qh3D5rJbYWwoZVELid4SqdaqxmQMYZ
+GjIL2tzzW/ohusdZsy+Rhzlok8vHoTB6pRS2TClFxX1E49MgiBAHLXCZ6biN3kpt
+uoO9n+KQJ+vc78CazR/a4IpyAi7R3vWv/9WfISbabdBAbfWMcg8GvMiF8aEmYytn
+9ren7qWvBQsE36bMyGoEn1xEYTvKmFMXvh+TZWxR2hHgru6BQOv1r3FWy8V01kK8
+6LHjxbGwbijkQERIYTF5YKbuis1htVng+4E6Aq6N7+UWy0piaT/QY34zQOwpStVu
+1lA0O21DxBaYAviwoV8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQFs1LNXWijD8GRkg7oPN6QTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcxMDCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAJ4IHbaLsIunjjh7RLh2DE7BYGiShiFUVeuSc9ksuWhzXVkvwpRx
+qVl7cgNVjaQ4W1XRBcZE8gXhU/sesDhSWL8wG2QsVm9tNoIIdpw1/0LqNDU3T/7E
+c/oyCg55DpHs7WleJ1mhFRwJyo/IJnFrWaFMbYGICg+xMT5j+I/7jIeMcXyh4O01
+i5zxzPm769IzZldaQMnGz2T3L6573iX1MM7NgARaz5JmJVO5+jFFzov2ldkaEMeH
+Xubw46Z8FS7kTjhwjH+rfnXSeUKspP0ExKTWl5W1Yr7OEWMt54xhftlsQTHem1b/
+F3IOYEhgxpQyGVWsExRcaRK25oh9tY71V4u+ji7r7RDBNFT0q3WfxSkxGk85bCUf
+rxa5LsNYujYQ5jfOgf1iFnn+HBo3nvQylztksmaicc9WOg2EJpYsYkcilnaBMhSk
+NSaBuYDMOZVPBxlMrzfg/yDAa14xlRugglbahfk2ESw+ecBdUKG4wwvABohaHIZC
+RfMCGAZjvaEz+wH4hxfZTI0m5U70xnXQKHD9etBEl9+lEpAttJMbd3Nh/HhpF1Da
+Fyr20TDHy6cTdmxaHEiP+NIukC5APUFFOvRv2GF+S29NPr/kkjxXrnwv6e4SwyuI
+BlXIWIeLXssVtfKkVKcT9Vl+t6+OA+8/X/SoFJDrAWLHldhF7WxarbiRAgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFEJrg9QF0ZRpHWvlJMWKaHCe7+RpMDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAeiA+ouaHL7bUJKc33C5jVhte
+nCvWvYTnFciug4wbC3CVK86TSZaI+V/9eIauYfX7y6trcyZ9BaUbdgBjHYb89rZn
+D04kkM1tSeg/DS8PZ0rNY6couxkQt+kJ7ajxeJV36p8WNB5pkMXNf486ly1w7Pyt
+FRo5WtNnrLoMi+osPbIBISacsjdnXEGZn2pSEDyM5MYpiWVr5PLwzlnUkwNIxoAA
+ugs9nH27X8gumgRAT2cVxgZwdC/qFkyesIx6LgHZdGhXJTicnm4y3pmHOkgPXdzS
+bDBIqlKFmQvZD8k5fBhzEnkA79UBvgJD1epxMAoYaixowapT34Dtx+p1Gi1T39P0
+U4CYzKJdvXhIu/4MGnU1ayXHX74qTCyo+2ZSmeFG0dEvFgRPUGtkTEK/RGAtAPt1
+CsutzFvdqO59hSmj/WHFh2nfv5iYIXE6dnnK1cmgfdVFAY9YfOLeQCwlg63f/yp7
+wWhpYvBihjO6wRXZkA5m18qusU9mjwb4B8iy5+9cyX627CUPBhJ+szW6Tez9gDcx
+i7X98cLIWwitV3Rse3MJhRhmfL35cq59SDTOz/TBGTmuF7ySMBlhS18waxBkAOjn
+/7Uf2u9n+KYXdxNPlquPRrsMqI3Z7svgmSzhlxc4v1XcDcgmtT4/2L4XS65chrM7
+ZkOFk0kEkYw6DhJG9Qw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDDCCA/SgAwIBAgIQHfjlMOQz6C6i/PNzJhy0rjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGExCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xFTATBgNVBAMTDEZv
+cmVpZ25lciBDQTEPMA0GA1UEBRMGMjAxNzAyMIICIjANBgkqhkiG9w0BAQEFAAOC
+Ag8AMIICCgKCAgEAm91a05fw/BWKbWHsp89rFqJFw2S1cET9ghrZlDIyadFKtW/i
+G6OEr61QQ/OLF9uxX6Fxat8OdGxCEVBVrpM0Lo/etNNywhiPNjpYcLteuTDaGGSY
+8een4FMDEHVrt0RDcaQlzBou20NTLcabNrZMYaXuCxzIsJrKMxkCRdWaaP8KFjxO
+S3F7skx1SfI59xZXx45bcUe3YYEVrEe3j0VPx0jFGyMRFMug9pDK9eEddMEztarn
++sjT8R7Z3hupGtn1e00q+mFRNUDzWoRlhF9DDS5D67zESWcnXEL2D/lT3BzNty+j
+43orIVXMSSwjzRym+Qx3aDm7sR4TyW1cAoU2RduvNpejvafmKjcUpMjmDBjd2Qh7
+Fdr3144+4EO/2ibUirOCVg7xC6XaSsS0c/mPhx6v8nP9UmcBfyUDA5cR+TILFeTB
+5hlOoZKli3gJdtwD8vNF6i7sVh3AXd6ceUfYF/E8cNBLKgIwwLaCR61+cySZ/Z3L
+3jxL6MbWoIC5Dq1fupNkSyTwtvwMf2WjgiAGCChezsH5UNyVsSLNsTGNVaTL5/a/
+VUiQw52aCiaOvcPR/Imo4hJRowBWVOQPMbAvyeg2foCILKxOtd6QI1Lrpw7Mpngq
+bluT/K+twsYCnGoNLqze7rtuAvdTGOZEV7jgQmCPOe6RZZtzfFO29bieYT0CAwEA
+AaOB+DCB9TAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNV
+HSAEPDA6MDgGBmA4DAEBBzAuMCwGCCsGAQUFBwIBFiBodHRwOi8vcmVwb3NpdG9y
+eS5laWQuYmVsZ2l1bS5iZTAdBgNVHQ4EFgQUfUSMBomNifGem/jYGu+SlU0faXIw
+NwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxn
+aXVtNC5jcmwwEQYJYIZIAYb4QgEBBAQDAgAHMB8GA1UdIwQYMBaAFGfo8U5Ps7Xz
+B28InAyD2XrZW+dJMA0GCSqGSIb3DQEBCwUAA4ICAQBAHJFIRMmY4loynDB5GtXj
+NTM8atHJafyBAcNcD+ZLT940FeXpQts1R8L3vEKktCAHWvtse+CesTtgAsX93hkJ
+k81gMMzcxFKk2jOnV/wg3nuHeP7Px7ITaCwBkvHcPfG2QUyFEm4bIkPlLBriTbBY
+Bmw833A62n1kfcPFhXpBWO3LnA4NimlUR8k7EaGgO+IFGYriKtpdsOMxgWfaUSId
+dDJ4hUAUJ4tfRdR6EfzhcPKVQNNJPva48C4WGRXZWt5+Ep/lhdPoc35Jd0ftknNo
++z624RxDyrqO99HIv4KWuej/EVKVeEzOHw3eItazp1EfCyQoFgmmjnnUIVhkRIW+
+3JXHP9drdvC/Rj+nmiK/B6d+XqR+g6awLGpG1LE3F/5Bl8TAsCxSXJb7kpl9fWPR
+3hL51RJ28l1fXOKyRLeLD3B9PXVCRDh45v9dZxyd6SaM13Z4HxiPmW2OL3qcYRED
+eOQ+KAvZzjzJSKwTD1uZae0Drf3fPjeb5ITNzQZDzfIl4Q1X3wBDHOhW2daNnnuW
+oPlIM81oS+IGZo3XzKcg9OPbvOmPUE5CTNo42m5CwgSVVZhH15D6lDMC1GxBAJCg
+gWpd2aOWXRZ1N5qmxZqqW+8AU1dCblNBoz4cyWewnh3tjxajY2IaNBU6SDIfFiD/
+8G5XG8RgdvK96mpDm9ckEw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDDCCA/SgAwIBAgIQZg3asK4FaFPE65YagOSFJDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGExCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xFTATBgNVBAMTDEZv
+cmVpZ25lciBDQTEPMA0GA1UEBRMGMjAxNzAxMIICIjANBgkqhkiG9w0BAQEFAAOC
+Ag8AMIICCgKCAgEAs233fH4flZIGF/odJHTydTPi4EVQnVUqCOhf3U1PWHgXljMw
+S/bLsUxdAT1JwwrYDz4yfPzv1/pGMKRrOxOF7pNzLDei3S0FBzQoHqcVL5Fd0J6a
+q2cBtT4cQXl8UUKENkyOsmAHagvdvXE01DW1/BeXYCzQ8GzQesO1/PTL66VEppTQ
+3tyOkXyyPwoCcuIJ+C1lel3CURB94fdvz2qjPNjJc3fUHyQ4zxCjPayRhrnFH3Sn
+Ph7ZWrVdl3R4a6/Tt8iLC6d2uAfPhCqxkxUCdhpeA+qRpMEdzD0hcXMT6o3Ekj3E
+9obrw4nUIBMrNXZeSjEJjQ1OEF8vP3Y5Y41LHy7iB6ZLeGtm3B9NHzi2K1qpUYTB
+4Ul+bUsZG3jSNifS60efvp0SemgJ1e1nCRCspZcOTdKHWCFxXIkswKgrYGY0xT2M
+XhfpQZBjPuBYCZILTM4TY1EQXf+ZVh/+9mlaEBr657IutGGC9lxLDkxSRtr/oiaT
+bnEylOUBK4okS5lpQCUCtc1+uIFkdNmWLoeimu3D4ifgAQF2LjTAvjEOZV2nHa3l
+msZtY73CoiPQ6s3lcB/ft2ugnzlkpwfQ9adRFZPkq+eU6qA4Oy8z7SckF+0ky5qW
+f7qQvgwBZR3d529DVcPEgt3wkFx+S4HGGpspUIWqRODe/uoiiQ5JTGCJvYUCAwEA
+AaOB+DCB9TAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNV
+HSAEPDA6MDgGBmA4DAEBBzAuMCwGCCsGAQUFBwIBFiBodHRwOi8vcmVwb3NpdG9y
+eS5laWQuYmVsZ2l1bS5iZTAdBgNVHQ4EFgQUcBUSN5jvwUkF2bv1DL//ZJGPw54w
+NwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxn
+aXVtNC5jcmwwEQYJYIZIAYb4QgEBBAQDAgAHMB8GA1UdIwQYMBaAFGfo8U5Ps7Xz
+B28InAyD2XrZW+dJMA0GCSqGSIb3DQEBCwUAA4ICAQA58+uc4WhT0sMzLz2lbYfr
+ISgjVN2AZkPgDlTAXoQUXgSHrRR1w4+9RF+9K/itF58KKvaZ892GJ6YdgjBndWhm
+NUwhNAIkCAUrQNZo3DeGHNoSCbuSZEzab3bA/MxwA2TN1AYaf65+WM2Q+32q4fo6
+coykCOhjL8Wgy2i7RC3JGX0JMm/axcetf4xacini0VPci10vzJf4F0o5S5MQqI8+
+hw+IGtgXn1TfcaZiXfxyEaLRnVvWlYAzv5My/mRK3hjpl67DASQvB+17z2wph9jb
+r/mak5xJKTVCFjDX/eLhPFbpP72l2rQAtheNYN6cBAxG9eAhTCfW9OpT9PYsrsbU
+xfYzwKg+dK9TGWxlmQgile/LAtcbaJyanu+VBLgokObjJ14dath9LqS0mHNxq65R
+OnFNHr8X4lgwWQ2R7pLVOaNcZKUpm00H5hdEanjD+G9X8Gf/90UWHmdUCLmO4vIP
+6oLK7Mwo2uQP8aTFQep7TzR6luqSPNATSGcuR2H2GKXaovbeFUkTKFzcCTi5r5Qa
+nA6C+0Sv5rtzRS+x2L1O0cr+OFwrUUrs7JrkUKB7J3UaWyh+KO/ojz7XuAVddoqB
+yMKL5Hx6bcVsIhkLQQXm92DJA4Uinpd5/YuEPGSRrtVVm687zXCoOOnfTv3UMpuB
+ANaigWj/QHuJkdQclGJESw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDDCCA/SgAwIBAgIQcmIHngajtSyDvskdVtL58jANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGExCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xFTATBgNVBAMTDEZv
+cmVpZ25lciBDQTEPMA0GA1UEBRMGMjAxNzAzMIICIjANBgkqhkiG9w0BAQEFAAOC
+Ag8AMIICCgKCAgEA4aiFnDtIh8RpFk1PbzOJoFFJ9AueQwesAGYFaJRz3oFTny+m
+TWYsC+ki+56e7xERBcrBznhhZgKPxHLiRsu8tzQExXqm8ibWj/TUNBRkJTc5Mz7t
+o3OCwCJZSYTsraJDLTZORXgcE+lI4eLnSuAJ4zdaVeHXUiDB/r37GNZL6Fwuy2ev
+hTGYq5tVdRAR5dUmANpy7Oz55gNcl8Nms5xLsHbJuRuOtW9bQ5bOcsdfQDwgsyJn
+o1JzORIA6WR1QTdeey5y1lBMP3pv5Gb19KdG6NYyRKNlEoIKLruA95MG93wogBZT
+gWFDg/5ZkTiHad928h+kek7Xcj1/jjOvTCaOv16ZUXrZ3dgeMruTv0IMb8AuA9SD
+HrhYmR4TCboI6gJ+BRx6CTuJMgB6Inus288PEALochuYKUdaP2gAUahawkE7z08u
+aJzPGQk68QmCKS7BJH55XoEVFOfdGIFgm0aCakbLp+qLiLZOaEjzWw5m8YEgXMjH
+x87ylqiG2AzjNTNPdMBcSVpVDEtU3yUHnmzWzyup303iwRX+j5DqNWUSOD5QXgNc
++tnYywnM+UFXBbCcloe5dm8FtaIxXzhcPMGonHvTWV4klEKn27MMW+VIA9tZttu9
+PkomcRlioRbjfHzG3J7eL7M2i2fHrWbon9je8fp4c3z+/EVEjjHBYbr7uhkCAwEA
+AaOB+DCB9TAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNV
+HSAEPDA6MDgGBmA4DAEBBzAuMCwGCCsGAQUFBwIBFiBodHRwOi8vcmVwb3NpdG9y
+eS5laWQuYmVsZ2l1bS5iZTAdBgNVHQ4EFgQUYHS/c8MHzU+be56rF3vD0BCjmjQw
+NwYDVR0fBDAwLjAsoCqgKIYmaHR0cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxn
+aXVtNC5jcmwwEQYJYIZIAYb4QgEBBAQDAgAHMB8GA1UdIwQYMBaAFGfo8U5Ps7Xz
+B28InAyD2XrZW+dJMA0GCSqGSIb3DQEBCwUAA4ICAQAeUzvjn1ro+ODPNRxjUsI9
+0H4arWJWn4Wg7wFRaV4o1BF19doPv6ejUSjXLuIUKViffNsE1ve/dvTDK3G2CGqm
+WDEMKJwo3gxCAr0SOneqfAex64H2g36y59BDWyDz9vDUk9cwpTYuCDDGhITBCWkg
+QMw1Et3NmIsrJdFhMgka1NP5VVFcbANag1G6iqD9hKa+MRSYJYfxMoV9L3mwQYm0
+RMHyDkFN4la+4Je3d54E1oCGr/lgJ95lhmSnqx9xI94bX+qj/LOjydhQIdjFR2xi
+1v2FymwcKH3Ty4iK1JTn10wyhte162eShi4fX/YMtI+g09R3XDWwNBh4CxQdo/V7
+GoPIb+dHSPKdaR4Q2A0ymQTyq/XBrf8Ek1XAE5CcLKpv5HPPeyWnuzE29d6BehEF
+P5c9+bfDvHeIuIY/I0c4NzI4LbbupTVeGzUdjAtI8V5CNoxUWIet04/Mc8L+5+w5
+3IstNk8NKF3i7eahTSwC0wdFHB96mfS0lX4s8+AAbF0jhamHTlmQekrEo6VkMr/L
+39KQwbwmUSoa991QJeItBsKFCadSLMSkneb/6PR+vnmDJv3aMrG+5uE1fWL3qEXt
+yKSpZ9S13X7eYNp/DwD4XJvkTBHEGmKhBBelRCOb/25ERWoLtm764eiFda85kBgm
+XyVSCmnenB8IVIlP7gG2kg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCjCCA/KgAwIBAgIQVfUdjEI2ajACaS79rkWRVzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNjEx
+MjgxMDAwMDBaFw0yODA3MjgxMDAwMDBaMF8xCzAJBgNVBAYTAkJFMSowKAYDVQQK
+EyFodHRwOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8xEzARBgNVBAMTCkNp
+dGl6ZW4gQ0ExDzANBgNVBAUTBjIwMTcwODCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAPDhDSQveqMheoZ3jJwYxQUu/XsSDspvpfMOIaKnK9Xg1Q2Sf1br
+jZ7WQnaRh75Uig9qpnj7FPG209h69Pp7xqvAiFWVxu9PfjeEzmUFozEOI8j1SuzW
+rkNMxRrZUlybqGgOG8/9On5G7pblOYaQz6obFcz2CZ704xt35jqXVLQ0/OZ1asd3
+O45xl9R0Us6Vp8O1ZU3dTXOXc0bI4aeIzcocGozTtWmETnBV/e9EKb3rfS0Eug8U
+gb999OBf2C0jMQ+OyxmaSl9e4vMOiKN65mGX9pElAUWoj0DuFsm2HUZt0kEEysM3
+An8wDgL8O5WVNmHHqvr3ZlEJVeeE4/MhJ2oJSyu+xQzQPOU92m2snwJB/P6SJIJK
+Ns2JSzZW9qHZobAAap7ua1Pw+lkG1KKa+CR+M5lEy/09q1Bj2cCJ2/0+6PYToNeA
+E7WSPUvXdo+WWEqfQO5X3L8aUn1YNmZGS8BGnUy838rJtQCrkdhFAy7ka+/c2Nvp
+/0FFXEZcpyvhf2jJWL6N3/Qb94bcj1T/W5DYQ9jXrShrnAyyDiVD7RLafP0AZkRb
+Y9N5SGcBA0Q42fbhbRdIUqac6aHlBPsmMgSLHXRDZ4IhWQZg8LOf8hwPbz4wfjs7
+kowiNPtNqvRzcVSlh85KS7PW/WJNwk63h8Y27ds9YUlFowoiTpZu2+1xAgMBAAGj
+gfgwgfUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0g
+BDwwOjA4BgZgOAwBAQIwLjAsBggrBgEFBQcCARYgaHR0cDovL3JlcG9zaXRvcnku
+ZWlkLmJlbGdpdW0uYmUwHQYDVR0OBBYEFErrkPgkeQ5eP4GzMj3syEYN2cuxMDcG
+A1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1
+bTQuY3JsMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRn6PFOT7O18wdv
+CJwMg9l62VvnSTANBgkqhkiG9w0BAQsFAAOCAgEAcOBkM5l4DnDjca+tLZEZZBlT
+hwUtA8/5GDat1oFiWjBXvyXhqpwVAOFTpwh3OhEm0tQFaqxmnXZ0n9lzNFCrzJG7
+Ne65cWWh8ZfmDruHPpwxiG7NJNkEzBALTzompabdo7oC4rjov96bmsqZvQdKtOvB
+ssp92P1CQooT9SBLbN1HJIbt3kRu3VKiTtaA1hBs4/cMMLwiWrYAaw1MujCOtEXt
+Lw44jorxn14oRiH4aSxquEHtmT2q68/hn9qPdHQJein8b0YonBzE4n+2OZx0A1nN
+Hk2Ipamz56lmgUahzjC11KE7Sj4eeAhAeeXgQW513DuxHpNRAbDnpaSIELCNGcD/
+Lbs9nAGU67lreYIjn+Uv9S8aB4FEOR0ZBERpTKXEUzZupcBsLj0SH00Nl5awm1oA
+rdPfy3bRDlfsWi95guMn7xSiN49D396RRDfNbz4qCCRjJUG1JOhsntqjf0eKxBF/
+7BZ/kvsouD+9mvme1iLl8ejCDs8FSAljTDOSjfELeGfWxoiJkFZcKjJfHl7Pkpnm
+D3IZ72391kpnt6rPNrt+QKt9uajdR3ayZsv087tPKTUcYxgQX32qf52efpyGr4m+
+gEEnu35AxWzML2qmj55qaZS/2hMiENOpSOfPYEcKnDbP4HCiqgpeqemW/qytdWY4
+h27X2kG5qdorWl5ANO4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEoDCCA4igAwIBAgIIQPC7qorgwJgwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBDb21tZXJjaWFsMB4XDTE2MTEyOTE2NDIxN1oXDTMwMTIwMjA0MDAwMFowgYMx
+CzAJBgNVBAYTAkNBMRQwEgYDVQQKEwtBZmZpcm1UcnVzdDErMCkGA1UECxMiU2Vl
+IHd3dy5hZmZpcm10cnVzdC5jb20vcmVwb3NpdG9yeTExMC8GA1UEAxMoQWZmaXJt
+VHJ1c3QgRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEVWMTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALjwTCGvVblyRgMNDB74nhnIjxQNdW/U+PWCe0/s
+1aaDDEDvrnlClR29pduqHgosCIVzEOS6rjlXMfq6H6Ls3Cl2N8Cg2cxyDpwJFPtt
+1HJ/93UR+2hyVC7Abn2avjb8IGEoCSRAyn6ryFf3OR4kcmdh/pwCOddENsQtFMYE
+gbLn3HEPhcJIOgQBg5U1674vMIu+VGhrnuo7/6nCi8m3lVK4KihOuHfaGvTxuf4P
+PUMEnbCEBHVUhcxbxaThvWISWyde+2YOgxgsVNJVsBa1ach/9r515Y4TEEnJ/FMc
+wiXQ4NxA6o4GldCR9sqC7oPkFWIFET7uQRG+brfbwHT+3C8CAwEAAaOCAVQwggFQ
+MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYWZmaXJt
+dHJ1c3QuY29tMB0GA1UdDgQWBBTb72U3C+VHyzXRkB8DwbyIx6fqgDASBgNVHRMB
+Af8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFJ2TxlOLXsqvP58eD+WZlbwk9pSPMEcG
+A1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5hZmZp
+cm10cnVzdC5jb20vcmVwb3NpdG9yeTBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8v
+Y3JsLmFmZmlybXRydXN0LmNvbS9jcmwvQWZmaXJtVHJ1c3RDb21tZXJjaWFsLmNy
+bDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MA0GCSqGSIb3DQEBCwUAA4IBAQAiGxxj79nQE1q9ks9a13qcObtYLrDij8LG7OnC
+M6K84OOi9qv3PMH5+6z9usoHO+vSsWmhREdBxh0CjP2JlG8V87YzmST+1XVcc4Vl
+RcsCHM2jwCkQksGDBPCk8tyF4ezxX6bEnLuKGoJxEZBiwpVUw/6zedLfoRtGjUof
+9kbDjRIm1pMzUmFbarLbwc+TgpqPAFSKNrF2z1qHsuLuO9lLlGMevxT7LitO7kY3
+9WK27jdSVuVF/SnQ97r4k99gn/NPzrLKnTesNdInVdTX/CJx4l6mWIBhlkp4A31D
+phEslDlncRRLsvVRRrCtTZgcw8I9QGF5jGPPsatB5UR6Zj/g
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEnzCCA4egAwIBAgIIGH5/O/ZvI80wDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBDb21tZXJjaWFsMB4XDTE2MTEyOTE2NDkyOFoXDTMwMTIwMjA0MDAwMFowgYIx
+CzAJBgNVBAYTAkNBMRQwEgYDVQQKEwtBZmZpcm1UcnVzdDErMCkGA1UECxMiU2Vl
+IHd3dy5hZmZpcm10cnVzdC5jb20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnQWZmaXJt
+VHJ1c3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gT1YxMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAwr3KOw3nm/6fLxr2vgIlw/mPgrtB4gOGqSeBkDTW
+y0hZEPT3aDb4xZQjx/YCFSX3NvCa7fO9XeCD4a8aMHst6mvhzxzJjaIsAHI18YrL
+Agauza2YJEl0TIYmuhbtzbxYBamTZe829Rk6QkopWIhyBP1v7R7W3JZ9W5yyJOwD
+MtmUthILJiclO8lW5hKPGNtH9wN1gyHGVc4zkBiW/HWMYXAbNTFsA3qIWrwYTAhY
+tiA13wWY2w9gegYqu/o2SbT6NOssg7Atn3i+f3pe89Q+oE1HKAgZU+WOsz57AQfd
+Fdb1R1U3qKXZ4T+LnHKlZZ+NCIAACrGt+XELLcamYSzYSQIDAQABo4IBVDCCAVAw
+NwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hZmZpcm10
+cnVzdC5jb20wHQYDVR0OBBYEFP5gww2kop0hT3p4TGLF2xT8OXjEMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUnZPGU4teyq8/nx4P5ZmVvCT2lI8wRwYD
+VR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3LmFmZmly
+bXRydXN0LmNvbS9yZXBvc2l0b3J5MEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9j
+cmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1UcnVzdENvbW1lcmNpYWwuY3Js
+MA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+DQYJKoZIhvcNAQELBQADggEBAM4spvJgKpvTy45G09Ktya08cgHfs5zuyKHr4bWL
+3ZpXjIPoAY85XUP+BBhL6+LuB8rbF8k49wyA9M5qWoqIdFDp7urMwMtWvN2Z00B6
+e44deKa/3tnqnVY5sIMoUg7rm5ZGn1mYGK2PBmAHjqxJhtbX4eohhYwHGSv7FkwE
+I4r9yhwTpCeuglpL2tPlqLIx5o64/aIkOsrTZxgR7qDgjNrnDYmyE1pQp5lYY6A1
+83OGQ3S0nIt6Tx4oBwPzVkxdh4olYkmQQDaZbltLPS6yXELvehMOcQMp91Z/xqCJ
+S7H91E9HzZOxWfV7EHFc81xRxMg8cDPUFxh9XbuFAUBzXgc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEazCCA1OgAwIBAgIQA7rR0/Vs8SGOje9X3EGVuzANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE2
+MTIwNzEyMTYzMloXDTI1MDUxMDEyMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNV
+BAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkG
+A1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFuY2UgRVYgUm9vdCBDQTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0tMqbf5YE/yc0lSbZx
+KsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMSOO7z
+SW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9
+vjo4UFt3MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu
+5l0cUyx+mM0aBhakaHPQNAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8
+J2a3iLd48soKqDirCmTCv2ZdlYTBoSUeh10aUAsgEsxBu24LUTi4S8sCAwEAAaOC
+ARkwggEVMB0GA1UdDgQWBBSxPsNpA/i/RwHUmCYaCALvY2QrwzAfBgNVHSMEGDAW
+gBTlnVkwgkdYzKz6CFQ2hns6tQRN8DASBgNVHRMBAf8ECDAGAQH/AgEBMA4GA1Ud
+DwEB/wQEAwIBhjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v
+Y3NwLmRpZ2ljZXJ0LmNvbTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsMy5k
+aWdpY2VydC5jb20vT21uaXJvb3QyMDI1LmNybDA9BgNVHSAENjA0MDIGBFUdIAAw
+KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzANBgkq
+hkiG9w0BAQsFAAOCAQEAY2QWVTXl9fY4q8BuACRml6gNXtOegB7tNUJvPU7b+rGf
+N0EeSfBUfR6y4VupnwLLFZ87c99d588GvyrRzdK8qR+MLjKSR0fuzcmzTz0TPoKe
+XJel6qMozcQHC1piAXP2+Ao6rb/H6EtRM7qep63m2HFyLgqvlQS1mcCF8vFwLPOU
+MhpsJ8LyZ4DQWaOWDVKQS7sESzot0gLE1lZPTxLTKKhCgS3X7h+ybG/aKKFsh2ZZ
+AD+MTmyBjFcGYbF4+CD2jb9me7Mxl3dgsveSJvrBRUjLTL0d8c0H4Zo88P2OVJnT
+BA/C+YbnrZNDXnagal7H+UILnayhivUvYoXapBqvTQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEYDCCA0igAwIBAgIQD1vDoXbLeJ4gIMeJPIFntDANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE2
+MTIwNzEyMTczNFoXDTI1MDUxMDEyMDAwMFowYTELMAkGA1UEBhMCVVMxFTATBgNV
+BAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTEgMB4G
+A1UEAxMXRGlnaUNlcnQgR2xvYmFsIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDiO+ERct6opNOjV6pQoo8Ld5DJoqXuEs6WWwEJIMwBk6dO
+MLdT90PEaQBXneKNIt2HBkAAgQnOzhuDv9/NO3FG4tZmxwWzdicWj3ueHpV97rdI
+owja1q96DDkGZX9KXR+8F/irvu4o13R/eniZWYVoblwjMku/TsDoWm3jcL93EL/8
+AfaF2ahEEFgyqXUY1dGivkfiJ2r0mjP4SQhgi9RftDqEv6GqSkx9Ps9PX2x2XqBL
+N5Ge3CLmbc4UGo5qy/7NsxRkF8dbKZ4yv/Lu+tMLQtSrt0Ey2gzU7/iB1buNWD+1
+G+hJKKJw2jEE3feyFvJMCk4HqO1KPV61f6OQw68nAgMBAAGjggEZMIIBFTAdBgNV
+HQ4EFgQUA95QNVbRTLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAU5Z1ZMIJHWMys
++ghUNoZ7OrUETfAwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAYYw
+NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
+dC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29t
+L09tbmlyb290MjAyNS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUH
+AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQELBQAD
+ggEBAJpjvIPfXiuDFKs7G+h76taX2ng1O+Xvso30ZOdkK3BxeQdlK0sEvgirezuU
+20S65oIsvWUwbDY0Um79fgqvCOig0TfuYmz/jwQ0T+BcccaGDUGZZLbHbx1nb3uj
+zvb/suLwN8tfwfSCvue+8aNoucVyDtpSS5ecbcaYYL/rjOQWeiMSj6bREEM2jz7q
+MgQTlIZcus2tqWuOMyXUI/ibz31TWGiMBGu9jkybdV5LYiKUWxCA7kxqiUDHeBH8
+dQt6sFgaFjiUki4bSNrRevngFmMSUYGMkLGELj//so6ofkw4av9cXBZYqIX/XcCj
++KgVQK8z7A0yUhkfMgnzZT6StIQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIExDCCA6ygAwIBAgIQDa1DJgJFuipAM/L/5Ra8pjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNjEyMDcxMjE4MjBaFw0zMTEyMDcxMjE4MjBaMF4xCzAJBgNVBAYTAkpQ
+MSMwIQYDVQQKExpDeWJlcnRydXN0IEphcGFuIENvLiwgTHRkLjEqMCgGA1UEAxMh
+Q3liZXJ0cnVzdCBKYXBhbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAxbd410u2vb6y/npnJauO6ZmfBL9MOpLnuRDgLPy0
+UbW3UR0eNZyzSJDP9DLZzkYJMOQMR1Xrp5y2/8E7KDZk/EzO8mUgO7YmVf4af9AE
+tg1/BiYM8sblPOMcqgiWBSHwNrBNeA9ccy0vPXt+SwGwoD+B6sQPGV+CcRX/MQmp
+PshByH743MuomhlieuHz5ZaYwztFPSNpRwDWN9jFSjNRJiFbIzMMJGEQyLUG5IZf
+G70h75LAV/3wvBIMUGSET/+RIbNlZYCSfhOjGpFLYxkdBzGuKPF8fdy+faZirui0
+ynme9BjPCwIAc7lhuSEj5zKevou5kyVSIiIR6ydZXEcSGwIDAQABo4IBeTCCAXUw
+HQYDVR0OBBYEFInuPx/KekyE3KCdbar57EcwXd1VMB8GA1UdIwQYMBaAFAPeUDVW
+0Uy7ZvCj4hsbw5eyPdFVMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQD
+AgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA0BggrBgEFBQcBAQQo
+MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTB7BgNVHR8E
+dDByMDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9i
+YWxSb290Q0EuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGln
+aUNlcnRHbG9iYWxSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsG
+AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEB
+CwUAA4IBAQBx1l92N4K1xtz3VhWMa6yme+Q0QKe/bipmkj1RMfqz/3FeYV+fMKu2
+JafvN0tNe2JgdIGF1M91vFtsirMNjW7lQUZjq94+k91oCtdAEOnBT8tyRswSk7mc
+YWVA6i4Vr5XQ3EMhAFIq0GAPLOz5MSqkRQJu22+G7NY0invFCjhjwYa4B/88c3TO
+SD5UFTVBaDQrIgxQaGs4MSTTeFfWLdEUDqhlhpAP5GkjaTr+tfIIPtEOyAX6N8oT
+IXF8hVcUu/3dYRErE6JHC2oaJEUXRv6OhtiF3HAUqFuB7JiSRT0REwFqOaxlE+1n
+fNIk4DLhBTrxA1nkENU3fMNyF/+tWnAb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIErDCCA5SgAwIBAgIQDsBAwuDdovF0dwI0fvY9mzANBgkqhkiG9w0BAQsFADBs
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
 d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
@@ -5729,6 +14183,49 @@ aZPVbhF9jpa+XT3cExYI9Uy83PDdy9GfUMYhUvPbu6iNLG5bkOL9m7wPa5WrENbS
 JFgw6oEhJ74hEofKxxfmnEytPjUT6/ExBwm77nJG77UrOBKnxH0M0UUi8X70vYNN
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIHfzCCBWegAwIBAgIIQ/BcvGDLYfEwDQYJKoZIhvcNAQELBQAwajELMAkGA1UE
+BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE7MDkGA1UEAwwy
+U3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFNlcnZpY2VzIENBIC0g
+RzMwHhcNMTYxMjA4MDk1MDEwWhcNMjgxMTEyMDAwMDAwWjBzMQswCQYDVQQGEwJO
+TDERMA8GA1UECgwIS1BOIEIuVi4xFzAVBgNVBGEMDk5UUk5MLTI3MTI0NzAxMTgw
+NgYDVQQDDC9LUE4gQlYgUEtJb3ZlcmhlaWQgT3JnYW5pc2F0aWUgU2VydmljZXMg
+Q0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANS9rKExVLXk
+7mQI2i3WNRLuCgkVlvjZnI6QyOTIaPgju9IUBm0q3f81Mw8pl40xsY2V9vZcOa8D
+pXT1QgLlBD89V1E9r2eTaFx4VK5Z0MSEjiQ2hlTf4KEu3jTNjvgNAWjpOgg14nHa
+0LoJA/EveRMTlbjJz+JSKgm+LutVfYJHY8I3eMcLwJVo5IYldyqSe4qpQijFiG74
+VTBiVU7UDqtQJEgKOqcLjSNfe1n2gN2mlrtsPbFMtxmoXa2U/nFitxgfSVJF8G/G
+4ocZnd1aN4kbGTAEAe8btIy8bUWds3Bu4gMC07NUifQftWP/RQ1MwhFfcWJs5gDV
+BnsW4VUvUVU8RvXfCASdDVQQj2wNoeRtNiCvjsU9pqHe8/7SwtFmw7zpnEZLJgiY
+j1gOe44ffMJWlh98QSiGpqLdbvsAhhqntq9rz/HlgFvemUNrzxdQBPdvlxRGDI4j
+Tp0juj+Ucq2NtHTprdHi9lEn4hCvmcWSI6wL+n+kYySLHSF4l3tFBVL4k/BDPYN2
+RWFwjB8lULKZT1i6j0p93/DCTRX9iwXnoODUyp7lsB648lRPCHb31O8y2yCb4B77
+r4o9o/pkuKq6ff3UFEU7k/3jlVQcijCCE7IcXCD0hvfd4Er36Zh52iyPCgonnNuA
+4tbLBfSd3XcD1YtcsLBEk62PVoeNkxxLAgMBAAGjggIeMIICGjCBmQYIKwYBBQUH
+AQEEgYwwgYkwRgYIKwYBBQUHMAKGOmh0dHA6Ly9jZXJ0LnBraW92ZXJoZWlkLm5s
+L0RvbU9yZ2FuaXNhdGllU2VydmljZXNDQS1HMy5jZXIwPwYIKwYBBQUHMAGGM2h0
+dHA6Ly9kb21vcmdhbmlzYXRpZXNlcnZpY2Vzb2NzcC1nMy5wa2lvdmVyaGVpZC5u
+bDAdBgNVHQ4EFgQUFAC4s29zDcGF6iYWKyXikQgVvbswEgYDVR0TAQH/BAgwBgEB
+/wIBADAfBgNVHSMEGDAWgBRD600A05WTzqZ8QA1tEb450TKu4jAlBggrBgEFBQcB
+AwQZMBcwFQYIKwYBBQUHCwIwCQYHBACL7EkBAjBdBgNVHSAEVjBUMAwGCmCEEAGH
+awECBQQwNgYKYIQQAYdrAQIFBTAoMCYGCCsGAQUFBwIBFhpodHRwczovL2Nwcy5w
+a2lvdmVyaGVpZC5ubDAMBgpghBABh2sBAgUHMFEGA1UdHwRKMEgwRqBEoEKGQGh0
+dHA6Ly9jcmwucGtpb3ZlcmhlaWQubmwvRG9tT3JnYW5pc2F0aWVTZXJ2aWNlc0xh
+dGVzdENSTC1HMy5jcmwwDgYDVR0PAQH/BAQDAgEGMD8GA1UdJQQ4MDYGCCsGAQUF
+BwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDAYKKwYBBAGCNwoDBAYIKwYBBQUHAwkw
+DQYJKoZIhvcNAQELBQADggIBAC37bRzZF82BciGTI344Sstv4NiT2/Jb4TTUfdVz
+o/sZX1Tynli8uaUAXVEKzJKjd1Sn8lBcJrDm8EkJQid9HzzAVBTMoccvCMJg3nel
+8SNkPKoIxi5R2aUlw9FLZKhzADarZcppHi9L5N5NK1wtyO7ySbs8l2IrhwY0xC7J
+PFO1gqfsBbVJ23DnYbrTQA9Q5PPeKpCfz+CmMOnKJXo9CwvtXt/HNhWuTIDJW+rM
+kcZGFE5VSCwS04D2EdDCV3FzGubjVa5FOOnWxKRsXygMeus/uAlBx8kKlO0vsAxl
+Ze59nExHGdgxxPXVm+yxrxh9QYLOLjwggtQFG+tIiUqdHOFWmjRNvsH67UJm9Nb0
+QOwSuhY/1mK8Orpg5OBOTgr0sdDAhtjRpnTBj/laSf6HoLwZUejl3yLV0a7WPans
+kxtddppAmBzNO4BcQkgItnVflK9a/d5BDb7fPRDbJsMENuk7J2HEgyJOzDpuQ3ZE
+VEC9Vl/tF75qnz9HFuX37Abd9Thehg/MuNSAvHdj2nytFjP4g8MfTYQu6rVcoW2j
++e0gtkyS93jdg9ta3k+ZnQ3lnpdPiy1mpTSTkDNXDQ99PnlmmqkoniV7deVzy0oT
+ptQgJiuT/Am/vOXbc1LCu7Sk8A3Np2k+uSxFOIjU/SvKRR+MXPXDrfdepqxJUVYR
+7Bp/
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIHSTCCBTGgAwIBAgIIYcUvWFWYUlwwDQYJKoZIhvcNAQELBQAwajELMAkGA1UE
 BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE7MDkGA1UEAwwy
 U3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFNlcnZpY2VzIENBIC0g
@@ -5770,6 +14267,196 @@ VVSxp/9HaJKk3g2OKblPeNOHjZU9VRLV5CAw4Ay1gwslhZw3QIfZ+BULIo9kVjtw
 f0WHvTVBdr1fN9Bcjrvgu6ekontYb2+vyPKmEDfPAexrL6ZXpUpeBC3ReOFk
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIHNzCCBR+gAwIBAgIIDwg4fdXfS5kwDQYJKoZIhvcNAQELBQAwaTELMAkGA1UE
+BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE6MDgGA1UEAwwx
+U3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFBlcnNvb24gQ0EgLSBH
+MzAeFw0xNjEyMDgxMDMyMTFaFw0yODExMTIwMDAwMDBaMHIxCzAJBgNVBAYTAk5M
+MREwDwYDVQQKDAhLUE4gQi5WLjEXMBUGA1UEYQwOTlRSTkwtMjcxMjQ3MDExNzA1
+BgNVBAMMLktQTiBCViBQS0lvdmVyaGVpZCBPcmdhbmlzYXRpZSBQZXJzb29uIENB
+IC0gRzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC7+jED2/e+e5rv
+1NELEgpO5frmkvro5jgFXXD4kow9aIKhFtC+Jjvn65SQGyeRcF8K9+NyPKweiP+t
+7LWTMB6d3RmKs3FD9xJj7Y1/Sl0DskUP6JUFZOEOwyoFAIfAp20V0WJ9FNMvmZr1
+ZYcEcA0PrvuuuQuqVq0Fk65ZSQf/4L9pUW11MWR++OTJaQPzmwBkopsXZAka+gxi
+g9V6p2cWEBYcYMbIntbZk+6wfU3XrhC9ZwGHs0F4RPnYVOjSScfQkNnuRTQUiyU0
+C5XmPEupjJcN8VXisTQfyylH3dtGMvxbVULxqFk73UMYS+G/BdwEmoCYkump3IK1
+Fs1AHiorS3kmjm2nl7DoUiWfbWALn3kDkpyM+FgolbezVq4fxJMJCbfP1qJsLRAo
+FaYToaj1K5cBU0QCqwUW61vS6rurM4GhvSNxyiUAe4mrzSmV3H31t8slObs95lBP
+5Ehty4P6ksj7jTx/EXK/dbid1/AwyXsx7/JiBP3Gqx6zKcvE7lTaQLa2DnLK590y
+rJCMlKU/OEjwdK0qcdUd4+YYJmic33rHZFR83CbLsrvaTTM3uCZPyeM2wYrgkPQ5
+o0TTLxcaRlTPA7tQ5irmbmKcHlaS+9Kw1d6S5jQ9TBO1Hd1FGVrC7X9k7AK1PJUp
+vEbL38okjZBUMhkqRDyaLJqxGSLFxwIDAQABo4IB2DCCAdQwVQYIKwYBBQUHAQEE
+STBHMEUGCCsGAQUFBzAChjlodHRwOi8vY2VydC5wa2lvdmVyaGVpZC5ubC9Eb21P
+cmdhbmlzYXRpZVBlcnNvb25DQS1HMy5jZXIwHQYDVR0OBBYEFHcXSO4bfW582lzc
+DJgwGOYNdtMwMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU7qxtQOrV
+BGqHLFV79T8t2u7brOIwJQYIKwYBBQUHAQMEGTAXMBUGCCsGAQUFBwsCMAkGBwQA
+i+xJAQIwXQYDVR0gBFYwVDAMBgpghBABh2sBAgUBMAwGCmCEEAGHawECBQIwNgYK
+YIQQAYdrAQIFAzAoMCYGCCsGAQUFBwIBFhpodHRwczovL2Nwcy5wa2lvdmVyaGVp
+ZC5ubDBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnBraW92ZXJoZWlkLm5s
+L0RvbU9yZ2FuaXNhdGllUGVyc29vbkxhdGVzdENSTC1HMy5jcmwwDgYDVR0PAQH/
+BAQDAgEGMD8GA1UdJQQ4MDYGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoD
+DAYKKwYBBAGCNwoDBAYIKwYBBQUHAwkwDQYJKoZIhvcNAQELBQADggIBAGDX7Dq/
+2P2TpdYmgv8NmkWbprraSsAsv2iloW8da0URjqBxXHLVmbCtqRe38S/qlCNwIduY
+QUlNAHH8nkvyuPDc8oLgHSfgA+ogg1Or/a5cOjq64a+jxET2l7oMmnkV4USGYOzK
+0ZhOjJvYy5ggvSnZV+H23Vu3e/jk4IIj+oxx7qOAfj8YpKuHXivaRLKAVHlReQoQ
+Ckz42gg7U050/raicazbF1R1u7qLcsud7dG/PqSxZnLHpM8Uit//xZnYV51UaB34
+rYU+AXO3ifSAZFtEvHuuOEoTOjNhTvE6JHgHvUWErrcPb/Pz34tMqqrSX+KVfJof
+iUEt9bLV5VmC5sInUZEFIUruhOaVanSISU46N8eYmLeZPztbClrU/U75HaeuFWx7
+UyeaSNRhYrasnFBjxpyxnTj7LVhS0UNj41tlgivQW/YAHT9CtybcAXLKVI4FjPzc
+p6viJo8UiHiqD5IoZdMrq7idf1FcOax0QOARdV+8EUvWQ/ltZ+RPSbl6ppBUIjyt
+sAxGOREqt7T4xWOCpPt/27+TfjLeVrKl3SZFo4bN009t3NzjbfYRr4q6rYmzl8xq
+WFHN112iNnOsXgTQYtlcrRj4S6KJOrVGBWlAknkl1GittgY2Wc9mgGrT5H/uI8Bx
+KfE0sEm4TAMt64tk1MMP4SLiOCJKZtm1JGYd
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFljCCBH6gAwIBAgIMHG40JD862CwbzJE1MA0GCSqGSIb3DQEBCwUAMIGVMQsw
+CQYDVQQGEwJERTFFMEMGA1UEChM8VmVyZWluIHp1ciBGb2VyZGVydW5nIGVpbmVz
+IERldXRzY2hlbiBGb3JzY2h1bmdzbmV0emVzIGUuIFYuMRAwDgYDVQQLEwdERk4t
+UEtJMS0wKwYDVQQDEyRERk4tVmVyZWluIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IDIwHhcNMTYxMjEyMTQzOTE2WhcNMzEwMjIyMjM1OTU5WjBzMQswCQYDVQQGEwJE
+RTEQMA4GA1UECAwHU2FjaHNlbjEQMA4GA1UEBwwHRHJlc2RlbjEoMCYGA1UECgwf
+VGVjaG5pc2NoZSBVbml2ZXJzaXRhZXQgRHJlc2RlbjEWMBQGA1UEAwwNVFUgRHJl
+c2RlbiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOfggnONmNft
+CebaQElj0mMf9D8ao/ez9Q3cwm04d18KaUbADLajcEvLE8YBzJmzQKJdfLdxKiJE
+x/4klxIXeXH+jksh7plW4L2U74zIf3O0d1RmYsKoppYZOP1CVfJ1T76y9uBrpA9e
+0bL/oi3uTLHuxyDCe3vXIgK3QgVeVupJP+TtuP2YbbSBLP9iN4vDE5RqAWnrDYJF
+Mv3EWgNIcNQQU6w23ytb4W8Vfwlm/nM8tBdDOVt9S06Bq17sKBa4YIJ+V/y6xV7w
+m/P/cPo0pPFsxrycOjJTxlx8Lk343+6Hov0tI+4h6uX8iB95RLOfDOJMMZS1Yr9q
+3NyiZE1+cZkCAwEAAaOCAgUwggIBMBIGA1UdEwEB/wQIMAYBAf8CAQEwDgYDVR0P
+AQH/BAQDAgEGMCkGA1UdIAQiMCAwDQYLKwYBBAGBrSGCLB4wDwYNKwYBBAGBrSGC
+LAEBBDAdBgNVHQ4EFgQUUv6+tyTCGwodRlKORCQq9EhAPQEwHwYDVR0jBBgwFoAU
+k+PYMiba1fFKpZFK4OpL4qIMz+EwgY8GA1UdHwSBhzCBhDBAoD6gPIY6aHR0cDov
+L2NkcDEucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1nMi1jYS9wdWIvY3JsL2NhY3Js
+LmNybDBAoD6gPIY6aHR0cDovL2NkcDIucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1n
+Mi1jYS9wdWIvY3JsL2NhY3JsLmNybDCB3QYIKwYBBQUHAQEEgdAwgc0wMwYIKwYB
+BQUHMAGGJ2h0dHA6Ly9vY3NwLnBjYS5kZm4uZGUvT0NTUC1TZXJ2ZXIvT0NTUDBK
+BggrBgEFBQcwAoY+aHR0cDovL2NkcDEucGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1n
+Mi1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwSgYIKwYBBQUHMAKGPmh0dHA6Ly9j
+ZHAyLnBjYS5kZm4uZGUvZ2xvYmFsLXJvb3QtZzItY2EvcHViL2NhY2VydC9jYWNl
+cnQuY3J0MA0GCSqGSIb3DQEBCwUAA4IBAQBM2ET8sDhpf8GfzHc9oCwzGzt/X+/o
+kHK1T0cv5W44y7ftG6LmovMU49SPTfluGToRsMOeYFzDTpwYiqLjg3TXGs08Vuvo
+JQOPuSvW8ZACrvZJfSdns6XDMNTzUxRXEtchvrYRkE7bsvt0t3yOlSH8YvkWsBa4
+vbAu9NdKkt0cDkoZobC5N4hI5Q0NfNM5Ac7HXr1h7dbLwC6arHPuw3B7j/jIGL5K
+MP9bsh6d78nkxPSu4XcXH18EUPSJHgqPcSyVHspLqLKq0zkDXuGMOIT4ayX0baMh
+/dkhanXmXp1XlOvq5Krnr+tV93z4vv8kqVDhslj3YIDeuW0PNRPJyxWF
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF/TCCA+WgAwIBAgIQF7RoshGLxBEfv5iK5HeZxjANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTYxMjEz
+MDAwMDAwWhcNMjYxMjEzMjM1OTU5WjB/MQswCQYDVQQGEwJVUzELMAkGA1UECBMC
+VFgxEDAOBgNVBAcTB0hvdXN0b24xFTATBgNVBAoTDGNQYW5lbCwgSW5jLjE6MDgG
+A1UEAxMxY1BhbmVsIEhpZ2ggQXNzdXJhbmNlIFJTQSBDZXJ0aWZpY2F0aW9uIEF1
+dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMMBCiDsVQqC
+ly94e00lj7lwnvMYwpjmmLNYIfwH8u3V/2fP6UL4xqRR0/APWu2PgJGXHqsbNJja
+dd3VWs6VWyB5nYrU5AkgpZzr00cUUy7yStVC/18hbeZjN7s19ICHOJTa+c4AltcN
+62sNfku8rk4B+PrkJq4kwDLk3Xw/Kc10ENOpCviHk27VQAkXk4l9OSOdzPgrk2M4
+tAj/G/sB2jciREVyzVOIuPElOLQGVgK+c1C0hT8EYD4l+2H1EKlxQ0n1GyBlAtN9
+QRtYhX2oJw6uC986sKSZuFzOgisuIxRvLA3i8hsRZMY47/nabE6EHsJFEVgT8Iqw
+AJc8tvXEl5sCAwEAAaOCAWwwggFoMB8GA1UdIwQYMBaAFLuvfgI9+qbxPISOre44
+mOzZMjLUMB0GA1UdDgQWBBQ9OEQQLwt/i1EDPp5z9wNPX+vcWzAOBgNVHQ8BAf8E
+BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICNDAIBgZngQwBAgIwTAYD
+VR0fBEUwQzBBoD+gPYY7aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNB
+Q2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsG
+AQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FBZGRUcnVz
+dENBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0G
+CSqGSIb3DQEBDAUAA4ICAQA3JHbJkI2LaVdeT9MxXz4iXR/NUhHpNDgM/Lx1Uxm6
+Tj26nCiiA2gVXih7ss+dhtNhCi3MK6v7/XX11L0ytTQl4jda+KXj7PIyrIIG/q04
+p4viJ9BNx6hG7EasqfHT43HsviJTPJPZfje2DXDgDCRRrkJ4kR6Iq0OWZJ+92au1
+S2PdkAsUIYNx/JAjEWJHNgfjebCSBUmTINAgFECTHlSKhaUOZGqz5LkKK8YOw19L
+xdUhKmcH+BEn+GhgZ0qPmAs22DWJLQ7Yxib+61mPy5/ZmHi2ECzK9L87ybDCJzNR
+GdCloDBw6t4o6ovCNohDJGpNYpqCM1i2DCg5bJhJIanQ2lAYFBFjBT7z5L0qx5sN
+uBcbHPQ1ba3XQLcMZng1Wd/MJyDJiIgyZaVMl/p9QKp5VzA7vI9UtKtFU1+2/cpy
+OZTcyEymj0hLxkGE4ApX7cJlTRk+MXQHR4NvkFN2oJIS4iNcbFP1/qcvW/059rOM
+ZTGS2uW+pklzDom1wqQb2bSfjw6Y5SJRiJX+2Wxdnqj2bFb2/o7MoZ58jyC/xzzx
+VHXHbmDQpMFILbJw5UI5q/FPFmTzyiQ7huMAeGN1kassKnCpPMhA+wsc3hfpfKUx
+S71GfvrjShWUOZCMbxmdnaBwsc3h5B5dHFzhcI6uiHdA7zGZVnm8jo+wS3/Xp2pS
+iA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWzCCBEOgAwIBAgIQE+GX0rScvXNx4EKWKvshGTANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTYxMjEz
+MDAwMDAwWhcNMjYxMjEzMjM1OTU5WjCBwDELMAkGA1UEBhMCVVMxCzAJBgNVBAgT
+AlRYMRAwDgYDVQQHEwdIb3VzdG9uMRUwEwYDVQQKEwxjUGFuZWwsIEluYy4xOjA4
+BgNVBAsTMUNvbnRyb2xsZWQgYnkgQ09NT0RPIGV4Y2x1c2l2ZWx5IGZvciBjUGFu
+ZWwsIEluYy4xPzA9BgNVBAMTNmNQYW5lbCBFeHRlbmRlZCBWYWxpZGF0aW9uIFJT
+QSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANfbFlJp4foFVwgOGEkglIEZG2RuvaGFxMPMD7WPRHMvZbAiwiMh
+r42mbBldzTj31/g78v3yNprXInOFOc7vAsCNNht2Bm/n2lH1FABrtKI83d+feZum
+N2GIcUyyFoIU7BotECeNdjUxgWUQBCSGR4Lfpk42y5HPePTESSbPUZT5bxX3Rkye
+gy7UZsceOZqIR00bb+LczTl+Vfyqg0hjmSrbcPMx7xYLHXjJOjWiHzmKo7XTyxvQ
+JyzlNPwXYIogXn14JWjAo/QdJCeIwTUNlV7kgYKJVggBgLpM8Y3vHAXyg7lDq5tL
+2UqreFeFnLtecQZBH2xjqKZ9tOMWlQnjyd0CAwEAAaOCAYgwggGEMB8GA1UdIwQY
+MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBQmVr2VcPIQ3RILLJ+p
+UeAaouEUrjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwPgYDVR0gBDcwNTAzBgRVHSAAMCsw
+KQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMEwGA1Ud
+HwRFMEMwQaA/oD2GO2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQUNl
+cnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA7BggrBgEF
+BQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQWRkVHJ1c3RD
+QS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkq
+hkiG9w0BAQwFAAOCAgEAdcbry9Igx7lW5ZHqj1Ux0kIXe/GO1jSJMW3uBGnREsdJ
+8yU37aqW2KmtjJPtp1qjSDaFxnEfwEYPtOY7Q+Hzv7PquB+MSUACmabGVhRsiUiZ
+EO+VGSoZhBU+oufLnyznpk1yEct8N33eXLfZDfIxjNcdL9b0rNlQ3JDzB/7/u1+e
+hRGAgxEdFC35nRwfFDTkkw3rFB2waulE6xnrR5Lso9flex8hsPQYfTsEQYzAFqEN
+A74SWsTnoDsXolBbWvp16x7DCs95kQaF7ikLh43qq/9WhlyERzKk/dYWy/6v6m2D
+KhHsrxE0fme3gLLtWppPzYFku0vxtMT7rO6txGZUgVo/IiNnKbxJoAdXtRes+hcQ
+3OYpXoRT2sGLcE2CRrEzX30E0Yokm+zwt3rb4ti5b+FuSoXhAo9NO2fUrqbz/Rz0
+GaSZDm/GckUrtSzBlRr3MkpfVMMgBLnBu7thjQhXRwdGadein2JmzW5BJxCV3mqj
+8sdviLlue0bRZv+ErRqeLA/xEhvv3EDeYdqi/qavjArr7M7rQQbeTnpVdPSVDLaL
+3SEPX9A3PAa3bM5yS71dlkM2UKfFZknb1PgFTCofMSfpwl2vID0dhDwhcl7ZBSiA
+sMz4mNgVbzErIFMwIinIKJoQFfw+goLRuFCgEEcvDCKHbD9hofTxT+onlR4trMI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID8DCCA3agAwIBAgIRAOZ079Ushn9VAOfDXPFFl2YwCgYIKoZIzj0EAwMwgYUx
+CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV
+BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYDVQQD
+EyJDT01PRE8gRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MTIxMzAw
+MDAwMFoXDTI2MTIxMzIzNTk1OVowgcAxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJU
+WDEQMA4GA1UEBxMHSG91c3RvbjEVMBMGA1UEChMMY1BhbmVsLCBJbmMuMTowOAYD
+VQQLEzFDb250cm9sbGVkIGJ5IENPTU9ETyBleGNsdXNpdmVseSBmb3IgY1BhbmVs
+LCBJbmMuMT8wPQYDVQQDEzZjUGFuZWwgRXh0ZW5kZWQgVmFsaWRhdGlvbiBFQ0Mg
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
+AATXjBeChjf07ykPL0Z4P/PCO5zuz/k/TC0by3F6bkE4TwVKKITTm+szhC+GFDbX
+J7tfK1pm6isuhD2kS2PLltLWo4IBiDCCAYQwHwYDVR0jBBgwFoAUdXGnGUgZvJ2d
+6kFH35TESHeZ03kwHQYDVR0OBBYEFL6KM8VMfhgRgCDzzHdGXyw75SFqMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjA+BgNVHSAENzA1MDMGBFUdIAAwKzApBggrBgEFBQcCARYd
+aHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwTAYDVR0fBEUwQzBBoD+gPYY7
+aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPRUNDQ2VydGlmaWNhdGlvbkF1
+dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsGCCsGAQUFBzAChi9odHRwOi8v
+Y3J0LmNvbW9kb2NhLmNvbS9DT01PRE9FQ0NBZGRUcnVzdENBLmNydDAkBggrBgEF
+BQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMAoGCCqGSM49BAMDA2gAMGUC
+MGDiACaq19vlLN+janVSYMAnHD0idorYTwb32WQJsyYqYEZKaod6eWZawrttWfwO
+dQIxALSzWZyyQgkSh/Wrz9a4zFXaaua4jlKcLkBiKh49P58jLbAL8QO9/JbHeDxv
+SV1OTQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkDCCAxegAwIBAgIQNAhsIM7ejUlvD4HVEhIoTTAKBggqhkjOPQQDAzCBhTEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
+IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTYxMjEzMDAw
+MDAwWhcNMjYxMjEzMjM1OTU5WjB/MQswCQYDVQQGEwJVUzELMAkGA1UECBMCVFgx
+EDAOBgNVBAcTB0hvdXN0b24xFTATBgNVBAoTDGNQYW5lbCwgSW5jLjE6MDgGA1UE
+AxMxY1BhbmVsIEhpZ2ggQXNzdXJhbmNlIEVDQyBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABAZOsqY68mNhxhR7yqa8qTmX
+/IBB11Ma9wVKeYdXwJsywJAzlipb8eJFrORij1UVo506qYMrRQWMB2w7vMhGr1qj
+ggFsMIIBaDAfBgNVHSMEGDAWgBR1cacZSBm8nZ3qQUfflMRId5nTeTAdBgNVHQ4E
+FgQUIGBIwE1djDdd+SS42xm9lICCml8wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1Ud
+IAQbMBkwDQYLKwYBBAGyMQECAjQwCAYGZ4EMAQICMEwGA1UdHwRFMEMwQaA/oD2G
+O2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET0VDQ0NlcnRpZmljYXRpb25B
+dXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA7BggrBgEFBQcwAoYvaHR0cDov
+L2NydC5jb21vZG9jYS5jb20vQ09NT0RPRUNDQWRkVHJ1c3RDQS5jcnQwJAYIKwYB
+BQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAKBggqhkjOPQQDAwNnADBk
+AjA8Yh8mBBP4Ny5op5m0iC6SUBHZlVd63OeDDwCwgM+X5vFBL9m0k2XmsfoliXE1
+tFoCMAmrAFxn4iaOL5kNZS7IA15p6SyZv+yBVbCZsu6aVZjHqXjeAZNmfI8ptuD8
+CHdyUw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIGEjCCA/qgAwIBAgIQUQ4MOS1WahdBnAAlNFXvsDANBgkqhkiG9w0BAQwFADCB
 iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
 cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
@@ -5805,6 +14492,2499 @@ m856MpR7Z5hssVPL6AqLouhX71JkbPzJgqBbFQL9heSn1f1HQnLJMDIXLv7xXtbK
 1I150U0DEaAMmD1HkrbeEYqhI1lJIA==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIDqzCCAzGgAwIBAgIRAIUk7fFt/bnLwmjJsvue2XowCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MTIy
+MDAwMDAwMFoXDTI2MTIyMDIzNTk1OVowgYsxCzAJBgNVBAYTAlVTMQswCQYDVQQI
+EwJERTETMBEGA1UEBxMKV2lsbWluZ3RvbjEkMCIGA1UEChMbQ29ycG9yYXRpb24g
+U2VydmljZSBDb21wYW55MTQwMgYDVQQDEytUcnVzdGVkIFNlY3VyZSBFQ0MgQ2Vy
+dGlmaWNhdGUgQXV0aG9yaXR5IERWMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+Bbnr5nLYjgKTUQG9uetBPuCxQoySjK51gblUDBRwjMGgeba/wVBDJw4Ur5xMlaar
+0k8P5qjtcidYynJloPFz2KOCAXUwggFxMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0
+SXbc4DXGY2OaMB0GA1UdDgQWBBRv7CzeZyiu3YJ3O3ZuFD/V9jsvpjAOBgNVHQ8B
+Af8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICCDAIBgZngQwBAgEw
+UAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJU
+cnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGow
+aDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2Vy
+dHJ1c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMQCWTJMBbSKUkmy8loWppEL58k56
+gWHDDC3Iq349jOsVv+Xsocck97EK9/VfT7/V18ICMHUvN0Jf/CP8hmd38t2qcl4H
+cALKGBAhHzY6+BYCorJPQGEJZdBPPE2yUuBkLZYOJg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDpzCCAy6gAwIBAgIRAI9j3zQJKTVSnUFrzlx38eMwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE2MTIy
+MDAwMDAwMFoXDTI2MTIyMDIzNTk1OVowgYgxCzAJBgNVBAYTAlVTMQswCQYDVQQI
+EwJERTETMBEGA1UEBxMKV2lsbWluZ3RvbjEkMCIGA1UEChMbQ29ycG9yYXRpb24g
+U2VydmljZSBDb21wYW55MTEwLwYDVQQDEyhUcnVzdGVkIFNlY3VyZSBFQ0MgQ2Vy
+dGlmaWNhdGUgQXV0aG9yaXR5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEjOdV
+PXG2HmsSJelWbv1sEaNOE233+XRaYdliCPJjib034Wvf9OUbCA7sIvVgYLnx6LXi
+ReRKZmJTInpDEPi4fKOCAXUwggFxMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc
+4DXGY2OaMB0GA1UdDgQWBBQdFqwlaQDIg0G2S/+XyA0zRsgVAjAOBgNVHQ8BAf8E
+BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICCDAIBgZngQwBAgIwUAYD
+VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
+BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVD
+Q0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMAoGCCqGSM49BAMDA2cAMGQCMFEmR5OU9rlIzKeBBXxshI5lzcS/GPeX
+odqHKlNnr/ui7Nq7KXQh+0oyzgbIpysahwIwK4+WPw2Xsyb2JUg5VgIUrtaVDVI0
+02e0e+qo9g9KCcEOuWKhUwbpiMnqeTcD83I0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFczCCA1ugAwIBAgIQCNLhLSSNdqQnILOHCbgh1DANBgkqhkiG9w0BAQwFADBi
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
+RzQwHhcNMTcwMTE3MTIyNzA0WhcNMzIwMTE3MTIyNzA0WjBjMQswCQYDVQQGEwJV
+UzEWMBQGA1UEChMNRGlnaUNlcnQgIEluYzEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0
+LmNvbTEhMB8GA1UEAxMYRGlnaUNlcnQgRVYgU2VydmVyIENBIEc0MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yoFqzAeuKh+QKRmYe9XEoRAyYUN20XF
+gnCJ4HcY1AxL5bSyvxDrp6EZC/U169o2/orr3nCmmV6S/MUMbUW26S19jag9KbjQ
+Tg+11UdeSdkq0Wx7Fi2eCOc4DGHsiSDWJ3vrt7ZMLMn4ZH/y+//TQvlqVoOSDg/+
+vy7TKrkn2y8yCpmWeBOC03lORpyNSRLK085Mm70qJlxjhvPQwNzoh9ltKkgwFulR
+K/kYfZ1vtA/gRoeZbcZMxx4po93t10wwMo4R4c5selG1o+/R66n5/aZ1D+JDbEEV
+YwxhedSx1svFmL+vXw0jl2dm4UD62/AT+owBHYdjvqq8Otfz+Qu4SwIDAQABo4IB
+IjCCAR4wHQYDVR0OBBYEFPAdooeeuF5by2AF9ySxau5tfPb1MB8GA1UdIwQYMBaA
+FOzX44LScV1kTN8uZz/nupiuHA9PMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0P
+AQH/BAQDAgGGMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29j
+c3AuZGlnaWNlcnQuY29tMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmw0LmRp
+Z2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRSb290RzQuY3JsMD0GA1UdIAQ2MDQw
+MgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20v
+Q1BTMA0GCSqGSIb3DQEBDAUAA4ICAQB5rbCHwHbK1fgtHoq2RuvLLRZ2C3zLdaCM
+9O4ja/r9Mx6vbSKxfJ+RGNT6XMLn4uGsnwSWHemi4GAIfi3wwt/IJxXVrOTTVAmN
+10YBA3D4Kic3i4AsyNROnfTe0aXjvEcVblbVmZ/moZtKr+A3H5zYn2IcH6xifwqU
+McFCyzUSvP6KsqJcU/72DZ589vdgcWHlUry48nyoAc+EHD37hiI1HcaQkHFimaTx
+Panjxs+KIA/vvgm1eVNp+QydKFUU3VxnNnzQf8r1Pmkeusb2ZEIpccK6O8eO7Ytm
+oqAM1+mtsXlZqbpad8Tw4qmNKZitIEFK66ZWSLs9jiMtXOTSsFel+97oTsoxg2MD
+LaG9qYX4KS1wABqNGOkBKaHqmJv5V84fhBcbdEyU6dKiVEwzAlqpGiAIGqRUxiVz
+lI7KlfD/jmJKSkfDXDCPXConlNJnq6EL6GdQPU8lIKLU0heVwNof3snk8ubWgv5L
+AhrNoXqMhUgqb/3BsjzOczAzHTXvT0JvxL0h9K/HHAGu2A+uSkDUe3t17ZB9xze1
+x+Txtaz3Nboji/o7eYE7yZr51OlzxsOXbe9Wsc5VuDEWNcfQ4S5+1x9wPyEbZzxr
+1fp6cGlqDjekb7w2GdNvUXqAiP4Ckc8yerdGB2DaVCNGOx/o8flF4ktJL9BWtsW0
+dT4BzapIpw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGfjCCBGagAwIBAgIKEAFmA0XdBoDjIjANBgkqhkiG9w0BAQsFADBBMQswCQYD
+VQQGEwJSTzEUMBIGA1UEChMLQ0VSVFNJR04gU0ExHDAaBgNVBAsTE2NlcnRTSUdO
+IFJPT1QgQ0EgRzIwHhcNMTcwMjA2MDk1MjQ5WhcNMjcwMjA2MDk1MjQ5WjBZMQsw
+CQYDVQQGEwJSTzEUMBIGA1UEChMLQ0VSVFNJR04gU0ExGzAZBgNVBAMTEmNlcnRT
+SUdOIFB1YmxpYyBDQTEXMBUGA1UEYRMOVkFUUk8tMTgyODgyNTAwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQC4SNnRN4MIUC5faRPsLPQ9ZBX+Nm3PNwrs
+2RumMczs//qH6tgRZnom62qtPuCwV0sZQ5lGFGWggbEAfF6iaiZvGsbxfBT0dERl
+LSALU0FEty+kKVQ3AsKyylhwysci1t9fB+zL4lTVRamiX8Dtrwlm78QAvFyCAmaI
+GNaPICXU5exzNGj+H/+DRv03Q1CvDJ9HdCVvIIHSeZxStIxWhdNK4bCK31g8DU88
++SR/DBa6HSmkjHFl6tOVebXP3/fgpSg7PiXo9SVEPW6uBeQrISkzktvmjvoMOATn
+OkZzHoLmrLlaa/tbpG5CT+oRsfpFtYBZyyOQfLHvexztoRvqafH9gi19wxYIr20P
+vFIsMo2eTa3DSv4BTgCTn8Csy9/oEfxANDaUh5xX+2yKm4jJCmZInRfNLjJRsaf4
+hLwowf5ogerSANzjuqm4JLQgx/uTUmxuflHHhshmW2QPTF9IAupj8EUc66xmD057
+y8I8rUHHE1L1PtNtSLTufM16rpOgyE+GDanOkVe6LUMtf/bKQUxZUlAvI2jBKfc3
+ACHao0zwJBjM0mIz/h4yMSr46toggkLSlaIZRKN1dNFhFaM2WqcCPoATbC6fTrI8
+rcDNINZ2T56PBrn+8V2GjGbGGnmoom9P27KSs8F605IO1DLqNXmtCcaKt6mrnUcc
+ku91bectJQIDAQABo4IBXjCCAVowcwYIKwYBBQUHAQEEZzBlMCMGCCsGAQUFBzAB
+hhdodHRwOi8vb2NzcC5jZXJ0c2lnbi5ybzA+BggrBgEFBQcwAoYyaHR0cDovL3d3
+dy5jZXJ0c2lnbi5yby9jZXJ0Y3JsL2NlcnRzaWduLXJvb3RnMi5jcnQwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUgiEtZsbX
+oOAV685MCXfEYJ5UbgMwHQYDVR0OBBYEFLOFnLCN9NBvVMCBCLr8/X5TX6mIMEIG
+A1UdIAQ7MDkwNwYEVR0gADAvMC0GCCsGAQUFBwIBFiFodHRwOi8vd3d3LmNlcnRz
+aWduLnJvL3JlcG9zaXRvcnkwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5j
+ZXJ0c2lnbi5yby9jZXJ0c2lnbi1yb290ZzIuY3JsMA0GCSqGSIb3DQEBCwUAA4IC
+AQCKAMoW4Fyy3C+iLMy6puE77QgSqKsaGlbMk9xguNcecwZmZH8HkNakvC/MBJO7
+Hp5/0wnJ0uxADw5tnliXo1yDuSmkGDaQ6C+itdmafe0yAKZu2A2wZ2KJkoFs1sMo
+suuqsl3Kdxb9oQpsrPSbY5xurhNlRXc/aAZlWbVfDN9VlESaz/oII1ErES77zD2Z
+oGZY14lkfblWr2QEqDVnpWsLr7hL9in65j3eQjQWFPcCwC8NvP29EbdzzSxLAO/O
+CLwuyr30BYUMEOOSQfu/Q75UC/G3yCRuHQG0nfHRakFHXDwJJ90oQfGJ/MtlMapf
+M9RqeVjuw4No7MeRyaoEVZ7teSyrGcrYIVJ0/ZYAUHqmTdU5eqOFd8WlEi/Y1t57
+FwYNH8MJVWvWEdD+jPOatWFII0FvmGmPxV7+VjF31RGpStsFTNWguGB68q4Ujc7v
+zdmAbMd2hGzNtNawaDoVMxB4kLjmw83mNOubZolG9dKg6Cy1cuGcdWneuHTV7gsW
+9eEiyD/YlbF11tdTLVzsXfZ7Lj9/K8PFNwpkEumlBvd0re74PfQ0uZVF3srpTnfV
+ojmkYJZLP40pYKKYZK69KxLZs04i082ui36v3rXBGeNR5+yl7a7JUS73JJKBSCf1
+jh1uzQMCXLutirDYLPbU4+P4XSMO8p/1wME6/etJ57zY4A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGgTCCBGmgAwIBAgIKEAKpgPtfRYXdCDANBgkqhkiG9w0BAQsFADBBMQswCQYD
+VQQGEwJSTzEUMBIGA1UEChMLQ0VSVFNJR04gU0ExHDAaBgNVBAsTE2NlcnRTSUdO
+IFJPT1QgQ0EgRzIwHhcNMTcwMjA2MTAwNjAzWhcNMjcwMjA2MTAwNjAzWjBcMQsw
+CQYDVQQGEwJSTzEUMBIGA1UEChMLQ0VSVFNJR04gU0ExHjAcBgNVBAMTFWNlcnRT
+SUdOIFF1YWxpZmllZCBDQTEXMBUGA1UEYRMOVkFUUk8tMTgyODgyNTAwggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCd9bJaGqh3+GST+b3neWPc0+BIPIV/
+bZm3NB0gYhacZlxHKTiiYsj5/e4GxPUrbYmEvVKnfP5lJ1kpr9rMskmBYaduzo0f
+c5Z3vWS8Uy2ZT4GZ0pvqgaHNM0mPD1tT0X6xDSy2CDkZ0jaWU1s+cWSwrgh2c9JO
+nQegn4jgQLDPFGmdDs+7fews2BfGShcqyRK3u9hoSABL4wJJWclXxVRHiY1Az0gh
+Z1LAPoc/+v+pel+ofdZZPiaMLk1N58A2ci6GesVASRPfUxDwoeOkVWMZt1r2JMYh
+06nSy/ww/9lMEqAqiseW2BKoDRmCY4e1+cPB4dOJ5UE0XRJLEy7t994P6BHrPI4v
+i9Hjer970pDZb8OwlHfZLSu/s5QJITrIjsRIaJBzV7cYgEkeXdyv3Ps1SbaxZWpv
+zRjmQSs/kdB+k5KfSqdPkweSSmDZP49Y5Mab4l/KclqdBnR9++IC4PE5B944dYhu
+x4Q9id2h+y8c9k9K9JYFFbNmyfduTajk3FpKsvskmvOIG56ShCIfVkUTat7o25nd
+HLEdgeOox1gUV7adf1NsVMgwNNxcu2Ltzkto+gjbe/Qt8LF26L1hkcCA+jIjL504
+HmRoGJ9t5VCxyvySOCb5PqjbLl9mx2+FAHF82CrO9D3XA2mtfyoZEWe12TVCfMbB
+iU6KyL4VL4lftQIDAQABo4IBXjCCAVowcwYIKwYBBQUHAQEEZzBlMCMGCCsGAQUF
+BzABhhdodHRwOi8vb2NzcC5jZXJ0c2lnbi5ybzA+BggrBgEFBQcwAoYyaHR0cDov
+L3d3dy5jZXJ0c2lnbi5yby9jZXJ0Y3JsL2NlcnRzaWduLXJvb3RnMi5jcnQwEgYD
+VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUgiEt
+ZsbXoOAV685MCXfEYJ5UbgMwHQYDVR0OBBYEFI9Nh1FeEX/hmcOR8WhMP6xZBLGL
+MEIGA1UdIAQ7MDkwNwYEVR0gADAvMC0GCCsGAQUFBwIBFiFodHRwOi8vd3d3LmNl
+cnRzaWduLnJvL3JlcG9zaXRvcnkwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2Ny
+bC5jZXJ0c2lnbi5yby9jZXJ0c2lnbi1yb290ZzIuY3JsMA0GCSqGSIb3DQEBCwUA
+A4ICAQC5Kle7JamsjB2fgwlH1em6ay5IldIjVbbIo5UrbRW7MR1YpULwmS3dEura
+Dp0JzFv4xwhpXMnlQCyfwBTzUpTIuRHU71AeNsip0G62kg8GoVXZOT8fFcQZnfQ4
+oN3FhMxgkUKhbkILqPJFgcCN+P3mQYZnIRk4LWS9dem6F6CoIdcTefVRmNM41FjY
+coPpV799oBxnbuxOOsi0PocF4ki+2uC+xUBgRfyrVL+OiXivssDA7phVdezK397w
+4CRxSM6GXSoYLa8rYuXBSkX4loSy9mLDLj/5aAO68gtunHCJxnxnAW7m2c3X9Qmf
+WHvwzKfxiLwxgX92k3cUnontQAvpi55cumxKqV/APOr44h6Fkpoh+qSkMAmTMgUU
+uIyD8s5Lr5bqkQI8R3DtRPku7a2xrJcqH6i4GyvS8yvljINgmxUxFFpu0s3+VR5D
+widLT71h+RL0HtQUXqpD/iHU/tEiK1Ku/T7vyabSkDdli3qxAqCb8pD8Nf0qZ5i0
+3SOES0mjIV+yLWtQnCHf8WUXsoqmCtyLuNg3wQfB2Qg6Bh8UdzJPFKSd31R6e6XD
+fr4ZvrOGEIdRqUTIo5TfREkYQ8vTo0WTW26Krt8PRt2T5hEuNUt6hcROVt9fKTtO
+k2UZW3jW2eRsyfpIM6umnP8lyuoj3kZ0eefZM5PmoLeVS8DX5g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGezCCBGOgAwIBAgIKEANLjmb1CSD2xTANBgkqhkiG9w0BAQsFADBBMQswCQYD
+VQQGEwJSTzEUMBIGA1UEChMLQ0VSVFNJR04gU0ExHDAaBgNVBAsTE2NlcnRTSUdO
+IFJPT1QgQ0EgRzIwHhcNMTcwMjA2MTAxODE2WhcNMjcwMjA2MTAxODE2WjBWMQsw
+CQYDVQQGEwJSTzEUMBIGA1UEChMLQ0VSVFNJR04gU0ExGDAWBgNVBAMTD2NlcnRT
+SUdOIFdlYiBDQTEXMBUGA1UEYRMOVkFUUk8tMTgyODgyNTAwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQDLA0KYYGdTEPoULlPB6njtxH5Yxp6yhuThQv2U
+8QATCAix3LChaZgNTqhYzhx3fndczjuRrBKbyLPZxwtRJtroXKEwOzDq2xKXSCVi
+5rEPTHcGlAhHqP57844r3TqQ3t08MJBxVgxhkhs54HZUIw0OfqJy2F2OSI/K3PVr
+4fOWcoQ7IljkxwjXj0t1Q4kn7zvHRv9rsXjqH/Qqe5Gkh48XWd/hEz4taQZNAQBj
+GibbctXIYqe4Qs4NjfQqs2Pv3MTfLl7P1UGRiIY5YoCyhOW1Is+L/iNPqxB1JXSv
+b6US44+AruNc8DI5l/7D95O2WEFcbwI1poGl0Aki87mVxcaxkW9KZARLZ1ASVTFU
+75R/wW94ICyoW6cLhQ8/8hLUXwNaTDRFp/G7qex6QNvKLCHBB++tQ8IW3UZU2QZh
+es+wu0tFYq/R7+vbJ08eVbPx0+xJdiH8oRK0C0+OZoRourYHN7GFEUArCe4ni8mq
+wZLxDd9gpEi9K4nfHRbX7NSbtuhYak0rhX7i5xLiJWP+hLsJUZN2mE4QRtzFa+g7
+I+Y84saYi1dZDjArMV1smt6r+tSdBfSGg9tnbnkjnYDeM5vvxUKZa0IUoEu/85xg
+ncoba0ABIGJ1yFhlY1w6ElcgC8gqzSDxl1aSiyrojaUKcuTr32MMyxPdCDFfpKUj
+AIvlHwIDAQABo4IBXjCCAVowcwYIKwYBBQUHAQEEZzBlMCMGCCsGAQUFBzABhhdo
+dHRwOi8vb2NzcC5jZXJ0c2lnbi5ybzA+BggrBgEFBQcwAoYyaHR0cDovL3d3dy5j
+ZXJ0c2lnbi5yby9jZXJ0Y3JsL2NlcnRzaWduLXJvb3RnMi5jcnQwEgYDVR0TAQH/
+BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAUgiEtZsbXoOAV
+685MCXfEYJ5UbgMwHQYDVR0OBBYEFGUpKxkrWkHTAWKbe0cA4hgIccNBMEIGA1Ud
+IAQ7MDkwNwYEVR0gADAvMC0GCCsGAQUFBwIBFiFodHRwOi8vd3d3LmNlcnRzaWdu
+LnJvL3JlcG9zaXRvcnkwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5jZXJ0
+c2lnbi5yby9jZXJ0c2lnbi1yb290ZzIuY3JsMA0GCSqGSIb3DQEBCwUAA4ICAQB4
++iAcmuf4p/KOwYKFa5USNZ8v7Q/mahjlpEmwZPtnNRYEmzxLeX2/KR6zlBtm20M+
+r47lB1YzRMBLmGP45SZveLSejN3QuYyLEkg9yPS/R9UQKPJH2fa/7bFCT0cEAhqq
+JQXp6S55beLKuggccBa8RINV7+iG9PpUy8zno15nREWc/81n6q3F4pYiys54nKF+
+EaydPNdz9I+mAbX4GwOOXxmu6g0PTUoRahxwO2OWG9ZHVVQfdDhvZ13sddp7d4YT
+Ed9bUdCa5DPA0yc77YDHbw2EGAy/GVHN6K+oAK/sBzv2b1724lZTeHbeV2vq0Mrt
+d1sKdOvEoxI+t/+qmGKJ0c3rmMIMyNTPWG4ODU56RUumosRxvPzIjcoqyAZMoZhu
+sXfP6GEQoAFyjYilSdC8pV5PND1St7/HrfPkHlya4r7js31eh+UQZFGULj6yBW/2
+L0/1lew3dxYpozckVIC6pJt+rWQR1CRjNKQDCjyQP8uZdm6Aoea2foI6B5SXrbGu
+YqvaQ6iPuqPQ4/a9qVkIKl6U5cmWO+jTZlQofQY0kPKi51mB6yltt2ksyqmJBU8a
+Hloc31nUZVvDv/1uda8zRKq7CJ8SyUqiI0WA3LjJmZiTOSfBKzw0qj8I9GF26gu0
+tAeYhZndeblh5f7xLKdoNOR3EX62fnt8izYJur0xaQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFejCCBGKgAwIBAgIOSPWzg48IYKQ5SX8AAQ0wDQYJKoZIhvcNAQELBQAwYzEL
+MAkGA1UEBhMCQkUxFTATBgNVBAsTDFRydXN0ZWQgUm9vdDEZMBcGA1UEChMQR2xv
+YmFsU2lnbiBudi1zYTEiMCAGA1UEAxMZVHJ1c3RlZCBSb290IENBIFNIQTI1NiBH
+MjAeFw0xNzAyMjIwMDAwMDBaFw0yNzAyMjIwMDAwMDBaMFwxCzAJBgNVBAYTAkpQ
+MQ8wDQYDVQQKEwZKSVBERUMxHTAbBgNVBAsTFEpDQU4gUHVibGljIENBMSAtIEc0
+MR0wGwYDVQQDExRKQ0FOIFB1YmxpYyBDQTEgLSBHNDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMrq3JgbD++QXP5p/hgPR0xz8mrqc/kEU6ELXKywMmwo
+/+urkQfJPpR0jmpZX20yqBvwnjW5EQK/Hyv3wl8ULLAAbVRIJYqU1SBhmagEvaow
+TxO5Gt6Y1vVJY++Z0XxZCN8hJhJMBvMPThAGjeysFOHRSg6zbJJXFSrj7ES2lSc8
+deyPpIbuE4xQeUSlG/ptQO38Hf+G7HQw8T7pIc3Bvuw+VHx5GB4vS7r17/CGCkDQ
+c38bzUmYiR76VeZK06kFCaoD3Z9i4Fa4h3e+qFfw5Ln1UkDeSWee8/mHXEYU/X4u
+5WmBL8hGYQyohOcsmu/xcCYVnqBidiHBwo0Vzp2jkO0CAwEAAaOCAjEwggItMA4G
+A1UdDwEB/wQEAwIBBjCBpwYDVR0lBIGfMIGcBggrBgEFBQcDBAYIKwYBBQUHAwIG
+CCsGAQUFBwMJBgorBgEEAYI3CgMEBgsrBgEEAYI3CgMEAQYKKwYBBAGCNwoDCwYK
+KwYBBAGCNxQCAQYKKwYBBAGCNxQCAgYJKwYBBAGCNxUTBgkrBgEEAYI3FQUGCSsG
+AQQBgjcVBgYKKwYBBAGCNwoDDAYIKwYBBQUHAwcGCCsGAQUFBwMOMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0OBBYEFLmOzfHsei6cuetvCxzE1KwZrqFUMB8GA1Ud
+IwQYMBaAFMhjmwhpVMKYyNnN4zO3UF74yQGbMIGNBggrBgEFBQcBAQSBgDB+MDcG
+CCsGAQUFBzABhitodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290
+c2hhMmcyMEMGCCsGAQUFBzAChjdodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29t
+L2NhY2VydC90cnVzdHJvb3RzaGEyZzIuY3J0MD4GA1UdHwQ3MDUwM6AxoC+GLWh0
+dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290c2hhMmcyLmNybDBNBgNV
+HSAERjBEMEIGCisGAQQBoDIBKBQwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu
+Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAKyc
+4WX95701EgfaSuH9UVrUheyYhoSwwgo5i7f1rqdEq1m0fIieynpj5RIcZWLTtr0d
+OmuzBaUvNojbx4jwokj+dR+GUNmoXA/MozukJE4iWAWT7j1xNZHgVHFbd7nFvBfo
+qnRJuY5xVAxSD7hdWEpsriIpBt4c8RCWEuAxWqxNm9a1YJd7pYiImrpMrs3zV5kE
+FR8rPtwFM35wgXHpNXp2Cws7O+6D2oH6gHFt4yQi3dFR+eb58TlyFlAV39lzcor2
+zUYuMAHXibsQh+jm+foI2+zuDeZFc06ZT+bget3Rpxb0S9s3RMiSvyyGRbbYWSaZ
+QB5sckV1ZhlVaaiqj5w=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG0zCCBbugAwIBAgIQc2gOvSe6bcTfHuL72QD1ZTANBgkqhkiG9w0BAQsFADCB
+lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
+HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl
+YyBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IC0gRzYwHhcNMTcwMzAyMDAwMDAwWhcNMjUwMzAxMjM1OTU5WjCB5zELMAkGA1UE
+BhMCRUwxFDASBgNVBAoTC0FEQUNPTSBTLkEuMR8wHQYDVQQLExZTeW1hbnRlYyBU
+cnVzdCBOZXR3b3JrMTUwMwYDVQQLEyxDbGFzcyAyIE1hbmFnZWQgUEtJIEluZGl2
+aWR1YWwgU3Vic2NyaWJlciBDQTEeMBwGA1UECxMVQWRhY29tIFRydXN0IFNlcnZp
+Y2VzMRgwFgYDVQRhEw9WQVRFTC0wOTk1NTQ0NzYxMDAuBgNVBAMTJ0FEQUNPTSBD
+QSBmb3IgRVUgUXVhbGlmaWVkIGUtU2lnbmF0dXJlczCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAKY8ErGgOX+mdyMGIqvDkIfzGh4eN4GzJfqnEnURUylY
+A1Fx2bdepctAbZZSxcOjFBonBhqqaM+1+MqJEBTu+dRi8P7EZaWIZuLPVZLSps1k
+GlhCG6z2uNg3mYUFEOjmigySIe2Md0IUwjwc7mqKm6Vd/Jttp8cbz/4AF4EU6pIw
+etLEbI0Qt8rgPOt4TC8zVyS9mAYkcxOSm/bPVg6XX/WSR6qUw0kzTb8/7koNID7P
+1W/W3KMy7kYii6eBSQBo3clFmVkfTXJbRJE12KxGiQDvPXlppePo4U0zaaWFEiUe
+Vr4TsDsGi03Fk9L8iASwIB9ixaKLIL9pfhRvW8x8BQw3rORWxNHs8FurQDxzQMU3
+5o1S2t7u98nGRx5ORy++Gq1589LDNwUdzYx6xn9XxfdC9iBGzF0BqUceOSIaPB9J
+9JBenFI6i0uTNQIeiUJ7I0KtGII2xzhzJgu95RMNqVQ7ic9KFlfwhC+7Cj9peBw2
+iJd+fqaJxZFzo8f+HP7GrDskpPFEc9dHVGnMw04otC1D0Exo9WhUu+Fr1ZA3Pl++
+npsxFOMOFDdXOmEIp7KIdCfm906DRICSPp9zOlLxKHVjn06OGgBVTChMgIUPrM0o
+moVLi9ThQqCkHKBZViqc4JscUsV2ZYpnxIFvCDUzPoOx9qrat9UDn7iYHgkTnO9h
+AgMBAAGjggHKMIIBxjASBgNVHRMBAf8ECDAGAQH/AgEAMIGBBgNVHSAEejB4MGEG
+C2CGSAGG+EUBBxcCMFIwJgYIKwYBBQUHAgEWGmh0dHBzOi8vcGtpLmFkYWNvbS5j
+b20vY3BzMCgGCCsGAQUFBwICMBwMGmh0dHBzOi8vcGtpLmFkYWNvbS5jb20vcnBh
+MAkGBwQAi+xAAQIwCAYGBACPegECMC8GA1UdHwQoMCYwJKAioCCGHmh0dHA6Ly9z
+LnN5bWNiLmNvbS9wY2EyLWc2LmNybDAOBgNVHQ8BAf8EBAMCAQYwIwYDVR0RBBww
+GqQYMBYxFDASBgNVBAMTC0MxQzItNDA5Ni0xMB0GA1UdDgQWBBSNnwb0uqjLlhlG
++a+tFL5TUMUCiDAfBgNVHSMEGDAWgBSHjCCVyJhK0daABkqQNETfHE2/sDBnBggr
+BgEFBQcBAQRbMFkwVwYIKwYBBQUHMAKGS2h0dHBzOi8vcGtpLmFkYWNvbS5jb20v
+cmVwb3NpdG9yeS9lbi9jZXJ0cy9wcm9kdWN0aW9uL2ZpbGVzL3BjYS0yLWc2LWVu
+LmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEL
+BQADggEBAAugEr5cuj5Wdf8MwUsaNM60OV7Hqz7xRwukM0jApZRua8rcTQ5eUHB+
+9r+O3PTWxcGQx1YCjhYtFTluNWv74tgwrGt/uXcCqeYsA7VsgQQwMagOt5HZ1Bcf
+pfuKrcX9XOW0e81Ah/EZPPcghiN4cN5mglQlnFMpsYPxQk24YRRrG/6rlT6WlRUm
+SAnEy+eBYmfDYUomnxBkp7tYo10T9hOw79oZP2WA1GqbFbbkIK/pGnHiGoMQ6RJI
+K4NQvzEvxPStObLPX3SExfv+/vwDBBmcmFzegR8/Y6OvkJGtu1oY/YjRnC3p2Jia
+WaykaLP7F3pLHV94Y/afC7WEZMq3jsU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGzjCCBbagAwIBAgIQCoC8dJ8/yPbFC94jGvcBpjANBgkqhkiG9w0BAQsFADCB
+lDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMR8w
+HQYDVQQLExZTeW1hbnRlYyBUcnVzdCBOZXR3b3JrMUUwQwYDVQQDEzxTeW1hbnRl
+YyBDbGFzcyAyIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IC0gRzYwHhcNMTcwMzAyMDAwMDAwWhcNMjUwMzAxMjM1OTU5WjCB4jELMAkGA1UE
+BhMCRUwxFDASBgNVBAoTC0FEQUNPTSBTLkEuMR8wHQYDVQQLExZTeW1hbnRlYyBU
+cnVzdCBOZXR3b3JrMTUwMwYDVQQLEyxDbGFzcyAyIE1hbmFnZWQgUEtJIEluZGl2
+aWR1YWwgU3Vic2NyaWJlciBDQTEeMBwGA1UECxMVQWRhY29tIFRydXN0IFNlcnZp
+Y2VzMRgwFgYDVQRhEw9WQVRFTC0wOTk1NTQ0NzYxKzApBgNVBAMTIkFEQUNPTSBD
+QSBmb3IgRVUgUXVhbGlmaWVkIGUtU2VhbHMwggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQCuoNs3GyqhKmdIkt7A837+N6BwCKvheLsEml7ULWyUjYz9RSem
+6I1mYhoyAsXqNDSm2SeMjrXUhyV4KpgoVAgp6xIR/TGHfRV3oIUakvQpw+12iZIy
+JChzesVheeganNjydYvjJ2PLfxdY2EFnxE/fQVD0kvLhotkxQGvTjk06A0lD22bo
+o6UYzW2Fyvld1UsQ9IcgMqB5suD5ztPZo/Y32i7Dyt8pAnxfYwjQJ/AxauRC9bUs
+3CgAX6NI27abdPKKPK7VPrU7MJogrMMNg5Q6JR5O3dZ81yQypP4qHYaMWzDqGW/c
+kihMg6y2AH3DipRa8E8Mc2zjp8vW90nWmVXIamGEtLMDsaWT5dwalqHErRaRWva5
+JGa1OsBu7nXs9AkuJkpHBjndArCZuZHpmO8ulHv9ybmcSjRIJ/upzvonvJPUlAQ4
+Hq8ZhrRi+DXBUxtK8h4LWSFXhh7Buz4CqKLAiIjfu9ZJxflCC8Qe+OnVCUKrxIKP
+4yW1rpELEBpoTH1SEYbDHkGmZI3hxZVgwPJ864/9QPrPij1f6Qv8mhS71CGpmWt7
+JDtHQK4jdJYC1cVmnQEW3xWH7qSnew4CYGvytbO27psEZo3yo9oAOrYVxnIW59Kw
+clgC7/3sjtpeoz5422Fl7ZeEOOzd8P6ZtQAD7bxvg8y3snmVzLhegQumSQIDAQAB
+o4IByjCCAcYwEgYDVR0TAQH/BAgwBgEB/wIBADAvBgNVHR8EKDAmMCSgIqAghh5o
+dHRwOi8vcy5zeW1jYi5jb20vcGNhMi1nNi5jcmwwDgYDVR0PAQH/BAQDAgEGMIGB
+BgNVHSAEejB4MGEGC2CGSAGG+EUBBxcCMFIwJgYIKwYBBQUHAgEWGmh0dHBzOi8v
+cGtpLmFkYWNvbS5jb20vY3BzMCgGCCsGAQUFBwICMBwMGmh0dHBzOi8vcGtpLmFk
+YWNvbS5jb20vcnBhMAkGBwQAi+xAAQMwCAYGBACPegECMCMGA1UdEQQcMBqkGDAW
+MRQwEgYDVQQDEwtDMUMyLTQwOTYtMjAdBgNVHQ4EFgQUbjP/zNWQjlu+XMsj0M8h
+PFHmtyAwHwYDVR0jBBgwFoAUh4wglciYStHWgAZKkDRE3xxNv7AwZwYIKwYBBQUH
+AQEEWzBZMFcGCCsGAQUFBzAChktodHRwczovL3BraS5hZGFjb20uY29tL3JlcG9z
+aXRvcnkvZW4vY2VydHMvcHJvZHVjdGlvbi9maWxlcy9wY2EtMi1nNi1lbi5jcnQw
+HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBCwUAA4IB
+AQCfv9lDDvcwrktxZUzLyNviqv/eC5KCBPeZSOVD12l/XmC9MknM65lQZpD2jg6d
+lq2agpBApKuXEwf01WREkt+ZDXcMhVscXD42DibVfa4214chXkpi9Wi82KfEIajp
+4RkMfif1/YBaNYk2VZNWxnBdPur7j6+0fzamK5U9GWkzdkiL1cVDvqObzCd8pNHN
+jL1+TGzM9fnmCML1RGmFq6k7Dk1hfO6JU9d58rSCEzuImCUk9vTAwB/MWOsgV054
+2ZKXPNm/q+S8d0rFEae5b4+LqxIHbnoVzmKJgDvgn2XYvdSwEa0TEHdwSGEicWqy
+0wfj0vCceedt2EtSo6unWvbo
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF6zCCA9OgAwIBAgIITvIyF22b6hQwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV
+BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE
+CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE3MDQwNjE2MzkwN1oXDTQy
+MDQwNTE2MzkwN1owgYIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQD
+DC5TU0wuY29tIEVWIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAjzZlQOHWTcDXtOlG2mvq
+M0fNTPl9fb69LT3w23jhhqXZuglXaO1XPqDQCEGD5yhBJB/jchXQARr7XnAjssuf
+OePPxU7Gkm0mxnu7s9onnQqG6YE3Bf7wcXHswxzpY6IXFJ3vG2fThVUCAtZJycxa
+4bH3bzKfydQ7iEGonL3Lq9ttewkfokxykNorCPzPPFTOZw+oz12WGQvE43LrrdF9
+HSfvkusQv1vrO6/PgN3B0pYEW3p+pKk8OHakYo6gOV7qd89dAFmPZiw+B6KjBSYR
+aZfqhbcPlgtLyEDhULouisv3D5oi53+aNxPN8k0TayHRwMwi8qFG9kRpnMphNQcA
+b9ZhCBHqurj26bNg5U257J8UZslXWNvNh2n4ioYSA0e/ZhN2rHd9NCSFg83XqpyQ
+Gp8hLH94t2S42Oim9HizVcuE0jLEeK6jj2HdzghTreyI/BXkmg3mnxp3zkyPuBQV
+PWKchjgGAGYS5Fl2WlPAApiiECtoRHuOec4zSnaqW4EWG7WK2NAAe15itAnWhmMO
+pgWVSbooi4iTsjQc2KRVbrcc0N6ZVTsj9CLg+SlmJuwgUHfbSguPvuUCYHBBXtSu
+UDkiFCbLsjtzdFVHB3mBOagwE0TlBIqulhMlQg+5U8Sb/M3kHN48+qvWBkofZ6aY
+MBzdLNvcGJVXZsb/XItW9XcCAwEAAaNjMGEwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjAdBgNVHQ4EFgQU+WC71OPVNPa4
+9QaAJadz20ZpqJ4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQCE
+bDsNKn8UqMQ4vI0B9pLrHrTAOhxpfGGypTl5Uexh23OJBgmsg/fArRqW0+rFf/j8
+aBAcn5dxYqK3469cZ8ILsVko7sCZpP9uaxSJmWZ/K+ObMqFoY+rl0t/XTYSO0AD9
+y47xhcjI8r5/CsPABTPhfSRI1v4gsX2ulvwY91TzQBAtrj/j4P/l4bTx6RuU/af+
+07X5/ISKaOvNMEbpeJMvUZs3T/M9hfdf00pkUB9Qyf1iDbqOBDJSWqnZQ0KBwlbB
+O1nIP6uBHqP3C/UCWgU9gEHLDfvwQ4mddFeYeVDiK0+oiaTjtqXzdVVrQqTPZGoW
+LA6ywP79lud6rvFwehjr9OawGMFrWEEVdwV7hncrwkYW7rIvW2xMvjVJO2noQiwR
+p61chGs5vigIm9INwSUb9F1kgdHsOg/4m3kknOtMgIbfOL9GalCFmL1X4PxL3zTg
+mVNc1te1s9j4kTshdfS/Q4M6XLDpZ7tx5cQeYBxzoDyrxs4JN0hF03vjI/v4YyYX
+v45KNhr3plQWDqkVg8Sx5HSsajIO59DbPWncyfLRcQAsFPkCCPBkp4gWiap1VAQJ
+JvnpGo+TyX/HIgZsE7t6iCPyJK7OjSYAvMSJKqMVrbbOu6b+eCUHYhNwvXv9DaaJ
+6NFjcxoVkAHbOQw7vTuo5CKZLA/D1wql4DOPDruPWA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEnzCCA4egAwIBAgIIWA4AsU6GzjUwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UE
+BhMCVVMxFDASBgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVz
+dCBDb21tZXJjaWFsMB4XDTE3MDQwNzE1MTA1NloXDTMwMTIwMjA0MDAwMFowgYIx
+CzAJBgNVBAYTAkNBMRQwEgYDVQQKEwtBZmZpcm1UcnVzdDErMCkGA1UECxMiU2Vl
+IHd3dy5hZmZpcm10cnVzdC5jb20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnQWZmaXJt
+VHJ1c3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRFYxMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA2S09g4nW7MJXvjg4CDx2/w15zGQ33aTqLVCG2BzI
+VtR4gIexpA9TIK0yNQMz+pY+gzE8YlVIuDfDivRCOF2XTIt7FquTqZAaFePZZp7k
+hfy4uXZ8mrNiLbgRZs6ohJMY+NxWrOtu6iFj8F+DB8gzfNeCueKZlP6IQIJRB+uu
+W/tQKw89b8RBKRREeiPC/3012ARrP8AiSFeV5wSl45Dpfei0f0Q1apPpFenPROP0
+4bOCFWHi4sxbpHu3zaImcr1kPh/7VCGVhqMqmdmQiF6TyjSOpLeaBSyV3x3Lu5Q0
+DOVMY1Zc1Q2yRXkw+Sxxw+1MJURAiWPBgt/XUNcJNSTihQIDAQABo4IBVDCCAVAw
+NwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hZmZpcm10
+cnVzdC5jb20wHQYDVR0OBBYEFDPfej4CeZbrtgzAY/p1v5IizZH6MBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUnZPGU4teyq8/nx4P5ZmVvCT2lI8wRwYD
+VR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3LmFmZmly
+bXRydXN0LmNvbS9yZXBvc2l0b3J5MEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9j
+cmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1UcnVzdENvbW1lcmNpYWwuY3Js
+MA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+DQYJKoZIhvcNAQELBQADggEBAEHyhz3o5NBAdMuE3xCOXmsoJjQE7u7qYtVALMkO
+PFG33/BT2TSCfWmZNDHdvdpUdaiQyD/RMQJEvbVQtmG0Faz+eAATKN1kc6ut/4A2
+BsQBQWuq7mhMtmV3JDsc1Bole0/AHzmjRfNwV9iuZ3rWQwit76hpdn6GbWPA+DPZ
+X61p+bAYfFLtQoENwdPgRwTMmz5Is6rY3lAbb2dHrcwCpmptI90cY3V/1wJtQ+U0
+jyMk/JY0JuWVDLcS6lURUBHQJ8VT8hPtugfWGxo0ATnXSxfrx6aNcXcI2pqa2eel
++g6rI8GpT0RzPCFHokoGR9aMbxG1k8nt0q0O7V9J65LCp14=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEhzCCA2+gAwIBAgIQfAh2rlH1LxJ6lTJHtINLYjANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE3MDQxODEw
+MDkzNloXDTI3MDQxNjEwMDkzNlowWDELMAkGA1UEBhMCUEwxGDAWBgNVBAoMDzNT
+Mk4gU3AuIHogby5vLjEYMBYGA1UECwwPM1MyTiBTcC4geiBvLm8uMRUwEwYDVQQD
+DAw0ZmFzdHNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg
+ymOpAywva4kCvaEMzpCB4hjrihUXs6M5uIBI+Yg9A/bDNe44JbtT/0T5VRkdykgG
+SQW23IvW4ZbJO+Zfw04EoMY2xeIlUqkoMvJn/L4mwwkh1IUFpoDaCgablsIag3Vl
+DL23NnXAkZ9sMEv1fsnsuArjKXqXOZYTrw+EzZu+AvfnwYNu3EIRnL2VEbA2ztSZ
+busiZLbF9eeK7W1zYO6NACcnayMwGVmtrgG8Fs5CynY7WA8sxYgp+6Uy5iJz1Cqi
+DqDPJ0NO+M5JcPFWUyfEBbW2pYqVP3jPjRVyyNvDl7ZSWiYDO92Miauerv9uONDp
+E4sihtcjj7WJRgKYf0hVAgMBAAGjggEfMIIBGzASBgNVHRMBAf8ECDAGAQH/AgEA
+MDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jcmwuY2VydHVtLnBsL2dzY2FzaGEy
+LmNybDBuBggrBgEFBQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5v
+Y3NwLWNlcnR1bS5jb20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0b3J5LmNl
+cnR1bS5wbC9nc2Nhc2hhMi5jZXIwHwYDVR0jBBgwFoAUVJndm//opw6jGZ1bvkJX
+3zD8jzIwHQYDVR0OBBYEFA6tVcqw205fK/8+cG/xbNfSc+VEMA4GA1UdDwEB/wQE
+AwIBBjARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQELBQADggEBAHypaB4Q
+uLNVqLAAQzeVQ6m1n8yOUnA8ACAG6A9KXIn+ptotPku5Qg4Gr8xHmFLXCRNWWPYI
+2/G94gcAsDgC9AHCQAOaMXRNqfd1h0+X2NvxNVaWF/BW/vhqnYy0EgKiNs3QNDUv
+XtGbJOySyDcggemJclWOwGSx3qtjMgy2dBH5iH4s/Yw2M72JLE6IFOU/WXdtbFOj
+xDXdpCnSasnBkaDzE/Y8LOyGnduZg+Zb+G13/VM+Iv4jGtiUIgjLzFy4o5o2aZyI
+FgHHgIIu1QWX5G8DSq/c2CJTfuib7S2+yBLyX/CFVSX7jRdzttzj8/E0lyu++J5z
+JLS4h8tbZUofhho=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHdjCCBV6gAwIBAgIIXOQFBbX8I1IwDQYJKoZIhvcNAQELBQAwajELMAkGA1UE
+BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE7MDkGA1UEAwwy
+U3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFNlcnZpY2VzIENBIC0g
+RzMwHhcNMTcwNTA5MDgyNjE5WhcNMjgxMTEyMDAwMDAwWjBqMQswCQYDVQQGEwJO
+TDENMAsGA1UECgwEQ0lCRzEXMBUGA1UEYQwOTlRSTkwtNTAwMDA1MzUxMzAxBgNV
+BAMMKlVaSS1yZWdpc3RlciBNZWRld2Vya2VyIG5pZXQgb3AgbmFhbSBDQSBHMzCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAO2QTjta47kdkgQdFCE75qNE
+PJDvB1xQ+PP9v7Hez8VmrOUW+r3Sjp1K4z9c0k4KTUNRZpeWo+Jkqrg8P5OzQ1V6
+a1vqIZEdCcERI+nR9/0ZRqpc6ZVUHQGZ1pm8wxTj2hbfbIEkbHfDaaXrlE8UWbMY
+qlD7/shhiiUhm03yEPI5VFhZXk1W8dT11fagYBJLWr5A0jXSAQ9OOBuGY+bv6hWp
+oON61ANgwoTDzN7a5/mYvYZ+ICV/iGaOXJAoDplaYW2ycrTLS/HlCIPHfqtqTbkP
+rqdY4/PN1RNYr/+JcoFVHkk75JrcIRZ1Afyyk8l9JX+DpIIbLS7LQVzFlzwQ3A94
+wJ8Q3hrfnEWQ32rvzE2+8aTBf+8adsTnnIUFWy2cHi/b1vUK7E2P06KHcbkRmD83
+7qwRkBDDCMQHO0ochfpxfen5eRFRT6JNmxskClk9A+JguJeYGxyNM+kRCqN2YLGb
+IoUmaVC3U/L14bkHzZtgNwRN4trB9yGkI1VfzBEpqxQyr9/F7uu9T1iFjhP1KWSK
+aTDUU5BafeCVbWaq/95/BubTGsQi2XNyoAPIE+0EhmgLpNdLlCfbI0F0Hj5Jchrz
+EoYJxk9ohi0ZuNDm5xmOR6OZpPM8iwf+M17VeP9lFb/7Tkw8O1e4UcYfjF/RuXUO
+PDh5GNH24iTSnjfjC3WhAgMBAAGjggIeMIICGjCBmQYIKwYBBQUHAQEEgYwwgYkw
+RgYIKwYBBQUHMAKGOmh0dHA6Ly9jZXJ0LnBraW92ZXJoZWlkLm5sL0RvbU9yZ2Fu
+aXNhdGllU2VydmljZXNDQS1HMy5jZXIwPwYIKwYBBQUHMAGGM2h0dHA6Ly9kb21v
+cmdhbmlzYXRpZXNlcnZpY2Vzb2NzcC1nMy5wa2lvdmVyaGVpZC5ubDAdBgNVHQ4E
+FgQUQ+41v2d0P5/MZRXi2cVXJdhBiNIwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNV
+HSMEGDAWgBRD600A05WTzqZ8QA1tEb450TKu4jAlBggrBgEFBQcBAwQZMBcwFQYI
+KwYBBQUHCwIwCQYHBACL7EkBAjBdBgNVHSAEVjBUMAwGCmCEEAGHawECBQQwNgYK
+YIQQAYdrAQIFBTAoMCYGCCsGAQUFBwIBFhpodHRwczovL2Nwcy5wa2lvdmVyaGVp
+ZC5ubDAMBgpghBABh2sBAgUHMFEGA1UdHwRKMEgwRqBEoEKGQGh0dHA6Ly9jcmwu
+cGtpb3ZlcmhlaWQubmwvRG9tT3JnYW5pc2F0aWVTZXJ2aWNlc0xhdGVzdENSTC1H
+My5jcmwwDgYDVR0PAQH/BAQDAgEGMD8GA1UdJQQ4MDYGCCsGAQUFBwMCBggrBgEF
+BQcDBAYKKwYBBAGCNwoDDAYKKwYBBAGCNwoDBAYIKwYBBQUHAwkwDQYJKoZIhvcN
+AQELBQADggIBAE0I9e5Jih8/6tGfQfIavZ/4quQh0StA+NsU6HT6fCQ3lVtwQOrw
+/0ZLuCKMC3/R4nCGXCF7UPjDvoHdLkUweNcwK/4QwO15dzTN8EEDy5nXWMkIxSZT
+TGS9zkRf2TQhBrhvbFZm0otWDRYFIPX1H2uJg9jAyiaWuPmydLCyH//Robb4wLk6
+OIfCqnu7UOjywVvLhbtnvntcf2hE034qX7SuxI5uGCrYMr0nzvyQYhnd6WKP6ro/
+zK5YPa0htjgSoXaZcXGPDzwSW85Whwk9l0iBEZVGNOwfEzYsL2ZYx0jcspcmL5BR
+16DywtqA6CirxgLFgHn11U7bWBYu1qRYqObZqtjvVMx5ix/pOIsL0Ft2s0+UNPRg
+7NcZZPaXDheqkooi3LBeuuykMEfOcEeCyy+BqtPzN4ZouBXL0undPfl0cGPC6/Az
+eSOuYBjHA52g1Gu66I0tvzAuufqsPQcpL3cNVpnVycQtkgctvasarvalF9JcUuqX
+zgmdMQLxZTVKnEtv0i9RsggXK6/cjO3eYzSPjoo2zljwbYW7GzKTdhBq6qKgzY2D
+qa3/GoNpcQXukIDvQc4q+cAeyBcUDbhIBcURaY3fEBwWx2KgMv2dDHYcDd8Y/7yz
++jsuj/YVuIQcPrsm1LXsi2MzEppR1seEx8UpCg6Hn6of94m24lDX2BW4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHKjCCBRKgAwIBAgIIHYV9nrmWIAswDQYJKoZIhvcNAQELBQAwaTELMAkGA1UE
+BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE6MDgGA1UEAwwx
+U3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFBlcnNvb24gQ0EgLSBH
+MzAeFw0xNzA1MDkwODQ3MDFaFw0yODExMTIwMDAwMDBaMGUxCzAJBgNVBAYTAk5M
+MQ0wCwYDVQQKDARDSUJHMRcwFQYDVQRhDA5OVFJOTC01MDAwMDUzNTEuMCwGA1UE
+AwwlVVpJLXJlZ2lzdGVyIE1lZGV3ZXJrZXIgb3AgbmFhbSBDQSBHMzCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBANEmRf9a6VvvUfEdQycq0IJzCoixl2o/
+BK5t4BsQfe/Gk3EMUFPoTI6MStZ0JtdE/D/90GMkX6BduLC5+eHGuYhCPQE06vKL
+txjwRg/n9s24nTRwgE0bcsyDaIQvK0CC8Mm+CY6uQXAIFr1S/Djm+RCl5AxJdUKO
+QyfCYO6mTtxRR+3/7rllCBCr1HehIASROlFE+C8SSSJd/tBIno6oRfS48KuekzIW
+y9uuUD7VyE/xLmOG40dEZLDi7jFE06VYny1MYxGzlpnllgYJCvqpUpEJLZi+Zj+4
+PfiXLIBCkyOJXX310N9Db+Zy5knYQyD/6X5U3poxuudHeHbBQJQUW1IzwnjBTKWf
+AO2TdXhmGAse4Cjmqw5HJBmflh0k6kJ96j+FurnFCyXLfEDLvDSaghtOBQeDG3yr
+W1mgu2Ts7aFmDUZ2SesdhdJ3HYGlKXiSbLl3Q/qBji6TXa84disSpnnLQBWJ8URq
+cD6P6oQfav8wmKxnmxObGQYVP/OPlpowoBJ0hw5e45nT4B2JKY+4ObW2Iu673MTo
+Oi/2jftxSixKf2ALOGLS/DWtcove9eMztdsDl1G0cNSm2JO0ui+HmDp1BFgY2EdI
+HlJBdhATMiXLSz61RBVd4M0J8dovRXi8qvt3LyQ2F9UkaOhckSFNAz9KvsC9LSTD
+AVFitjUPmXyfAgMBAAGjggHYMIIB1DBVBggrBgEFBQcBAQRJMEcwRQYIKwYBBQUH
+MAKGOWh0dHA6Ly9jZXJ0LnBraW92ZXJoZWlkLm5sL0RvbU9yZ2FuaXNhdGllUGVy
+c29vbkNBLUczLmNlcjAdBgNVHQ4EFgQUoNJNB+c0pkpaSwmr1Fgb7UkbgdQwEgYD
+VR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBTurG1A6tUEaocsVXv1Py3a7tus
+4jAlBggrBgEFBQcBAwQZMBcwFQYIKwYBBQUHCwIwCQYHBACL7EkBAjBdBgNVHSAE
+VjBUMAwGCmCEEAGHawECBQEwDAYKYIQQAYdrAQIFAjA2BgpghBABh2sBAgUDMCgw
+JgYIKwYBBQUHAgEWGmh0dHBzOi8vY3BzLnBraW92ZXJoZWlkLm5sMFAGA1UdHwRJ
+MEcwRaBDoEGGP2h0dHA6Ly9jcmwucGtpb3ZlcmhlaWQubmwvRG9tT3JnYW5pc2F0
+aWVQZXJzb29uTGF0ZXN0Q1JMLUczLmNybDAOBgNVHQ8BAf8EBAMCAQYwPwYDVR0l
+BDgwNgYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMBgorBgEEAYI3CgME
+BggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAgEATsbPEGnVr5GNNwKmxVATKScA
+vSi5HXqVS4VAQpHuJuUk+BfvRRcipkdtm9Uwsp3RvMImrCbzkTLlgHrNIaCfbhWS
+xj+fCDhPwXgVLIY55IGDmA1iuuULa4B6n9uvVPTKJG02ux8odD5082AWFEec5iBB
+EvGPiwFkVpWZwMotdJDteH4XloP9GGyDIoqO/4KwT+JWz3E7/vDzBPpugkHnqLQk
+4CvKgiWSsFW3+G5toMbHe23UZqx5JYRd0hpXkpKWsvfpbkc6nH46mKXEdInIkWgb
+xkUJpiyhW7rNOqOnGSpEZGDbkKUKmdaYBjH4qZY7c5KRFpnV/00Uhg6t2L9yMaBw
+Kf+2BVlS5fg9TouS8kY8Nqae4BJ/dpA7k6bQR0c4XB8JlTz35q+F6/Fx9I9GH5Ci
+DJyYLkDO9wAOC6+lQ70cRZ6uC3W0h3xKAQi46gFbkGVJyqgzgHNXgl7/P3XwJUb2
+/61pBbxoGM875gth7gO6zRoStUNbaQNYp8Ze1ZapwiqySim8dfZdHM9gtGCLGvE7
+RAXWHNp7D/Oq4TrkZ3CdehEqkrmjY8KpezAks/24KSvI0SMDojQhJ3+9ErNIKO7r
+Gf7VFnS3HwxFp9Cobebm2L6HZdx82N0lhPxAEWK1c0pHtVbJwpemR5EQX+ff+uIT
+y7PsFalycqZgcmu+8Jk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHJDCCBQygAwIBAgIIIiFqlCnqUjQwDQYJKoZIhvcNAQELBQAwaTELMAkGA1UE
+BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE6MDgGA1UEAwwx
+U3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFBlcnNvb24gQ0EgLSBH
+MzAeFw0xNzA1MDkwOTMyNTlaFw0yODExMTIwMDAwMDBaMF8xCzAJBgNVBAYTAk5M
+MQ0wCwYDVQQKDARDSUJHMRcwFQYDVQRhDA5OVFJOTC01MDAwMDUzNTEoMCYGA1UE
+AwwfVVpJLXJlZ2lzdGVyIFpvcmd2ZXJsZW5lciBDQSBHMzCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBANOTYjTlxWK4W34n65zmWrFli9i13cE1lXd7oLUQ
+hydE7Y+zZOe2KfXPMq4pGJfa0/EELppt4Flny7GBTnc/N+E5zcHV8Rawhi8qmoHS
+m+LY3J6cJzKWGYKnezV8CIOD3x7DxNBV3BxkyegXF+gwgdAkFeAO/1ddVTXq0BjW
+QvEOkfJuQ3Vo7bsG5+YmyBBjXroHN2xLGWtdWZJIjem7OvC6kYMJkdtz/AsfLFFq
+C4KoKYysSZ1VD3IxSjulc878vDpAuQZRLBTUyQL+blMggFDwWZp6MUsHFUaNeWWW
+0pNfS9VTfmBYdSUxEwRCewUm0EFBrKUxnSORkD18q5MhdVt7tB33zvw/SlQYpF8Q
+Zp/TR4uXc4EobYiRz912URkTmcD1v7cETFOHiSQyGrh9BU3ragEdzBh6CGQarLcL
+FhA9XOSxkN2xF8R9jBPdxIHDJBMv941XqK6wfrKn73WNAfSHo7pniPn242lmivqe
+lTBiSCicr68jYkHmTpSYWPoXCW6LMHM+cJKwSv86uzuFuIMjSkeVuyiiNB4nlvKW
+3EqgE1gxolOxQE8aglzpENXYgGSnyl4kSp80kpiiUakDH0dYLnbhMGL8vhr07ze9
+mU1H7vgpumBP/j+0idWURA9BpVNfuDZ1AenirsOuiYHcxfGpOZ/XnWndAi7YkQuN
+4tR/AgMBAAGjggHYMIIB1DBVBggrBgEFBQcBAQRJMEcwRQYIKwYBBQUHMAKGOWh0
+dHA6Ly9jZXJ0LnBraW92ZXJoZWlkLm5sL0RvbU9yZ2FuaXNhdGllUGVyc29vbkNB
+LUczLmNlcjAdBgNVHQ4EFgQUxPx31QhImBKHt/ZRE8XLrvs1g0owEgYDVR0TAQH/
+BAgwBgEB/wIBADAfBgNVHSMEGDAWgBTurG1A6tUEaocsVXv1Py3a7tus4jAlBggr
+BgEFBQcBAwQZMBcwFQYIKwYBBQUHCwIwCQYHBACL7EkBAjBdBgNVHSAEVjBUMAwG
+CmCEEAGHawECBQEwDAYKYIQQAYdrAQIFAjA2BgpghBABh2sBAgUDMCgwJgYIKwYB
+BQUHAgEWGmh0dHBzOi8vY3BzLnBraW92ZXJoZWlkLm5sMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwucGtpb3ZlcmhlaWQubmwvRG9tT3JnYW5pc2F0aWVQZXJz
+b29uTGF0ZXN0Q1JMLUczLmNybDAOBgNVHQ8BAf8EBAMCAQYwPwYDVR0lBDgwNgYI
+KwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMBgorBgEEAYI3CgMEBggrBgEF
+BQcDCTANBgkqhkiG9w0BAQsFAAOCAgEAZgzR8oMXotCK0GmqhCJLLUxKvXdFN55v
+7fWYx1yNM3VnzPhsr0ozlGI1qzv0wEOjYWrM0rUCKRExHRpCe9Z3If/v9fXtFXbx
+kxvOSRfD82WUaDwUKyBOMh08Upgn0g7r8En4k4FDX0oOXBt3tQOgaZXjHLbYcjrV
+ykXhur3fR5lME4Mm1xK+8VQLQxFE3wkCtzvJoa/K94c1K+Dp9vpqtbWTCZUx0Ort
+3dqWHdFGwivTfFf4pwkD/EWAx6HuwcidXibfCrduHPShHeK0EBTlNZiph9VnpHxu
+6+fNdzIXwzuU23r3FtwAf3yOhwnCEA8oLENOJtgf0sq9QKkwW1wlXlcaILkrDj4+
+RpkLfEz8N0mbGTHSQmBLrOaEhU0sAmdjxfzlzNcSXwdbJyKfHx6Ihm86gW6wPfkR
+GvTjc6x3U4m2vsHiS6Ox6GjTkQO83Ra+8MJNFDGfHzZ3Q0XYe1OwR56/ZvjQw5bC
+J9B41M/cY49udffmH1or2y/UjCVvbeqR8s3QZFWMX5IyAYAf53J5WzgQRsTTH1Sk
+ov+etZ1ThYIZU3z60ZDISlQ0YtSuDI6SDC97HI1PVARFtQm6meQbtyuLdxQUMDPO
+g6HXFo99W/cODZPf95Ekxlv7vk9jBGGMBPvx3vQuhL3AdMlgKmzJTV4oSEe6w1Za
+EnS7RNdtnmo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG0zCCBLugAwIBAgIUNbuSZPZgyb0J+MCzRhfcKxNB4FwwDQYJKoZIhvcNAQEL
+BQAwVDELMAkGA1UEBhMCQk0xGTAXBgNVBAoMEFF1b1ZhZGlzIExpbWl0ZWQxKjAo
+BgNVBAMMIVF1b1ZhZGlzIEVudGVycHJpc2UgVHJ1c3QgQ0EgMyBHMzAeFw0xNzA1
+MTIwNTQ4MjNaFw0yNzA1MTAwNTQ4MjNaMG4xCzAJBgNVBAYTAkNIMR4wHAYDVQRh
+DBVOVFJDSC1DSEUtMTAzLjQ4OS4yMTgxGzAZBgNVBAoMEkhlYWx0aCBJbmZvIE5l
+dCBBRzEiMCAGA1UEAwwZSElOIEhlYWx0aCBJbmZvIE5ldCBDQSBHMjCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAI6vtWZMlXxByjEA8SDws5Aobi/XbucU
+eM3obGC675b0LufqkhJYfa9RHRqjRejpwcxrTSNGWZWb6GEXLNqrCCe5aDpq4WVJ
+BKR0kV6jjKRKmiZCw3vNoHAM8kftMR+g9gvOA6gcVwu05NvGXhlGV5EPIx1enB9l
+UgyBcLM1hhHa+8DQi3FINduWKAFcr2nHfonpgX4KtR7aKkZl/rCitpVzZN9fpton
+XvG12Q198IuM9iiRAc/egElDHn46M0hFotB3/a0o5GHUvA+NmhsLlOfyTWWPkD4N
+5EiDxG6b1x+HQja6wj6qpq0kWCrGun4JBY04axMkczlzQWxHG6rHGnar5Tb8mx7q
+ddK6cyl07jq5Ps4HZPMr69c2DfXZLom+pMILFmtcUcsFZuYzT/N/gc8ZX9Ty0J6I
+1ld0BCXdY60Gv7dM4L5463mfugRBUw1hecigyAzTazveL6DUjKgk9bQvTzkxHudS
+WufbuYOSe0J+eedg1YfuFTuM0t5qoLj9AqRWQ9dGACpDB/zQ9i17H/eAs/cwaGV3
+a8ND4XLIrqeVExCzntpGA1cgHZiNoSJB+VXZQcWy92iFaSvjaH2PxUCDIqEsXGCv
+t6lWNeP77jSAbXGZejYCVQyKPGNiAZJq2JexuoZTStRZk/51I3jkDUTSrN1jqP3u
+Lko9MxBNgUhBAgMBAAGjggGBMIIBfTB2BggrBgEFBQcBAQRqMGgwOgYIKwYBBQUH
+MAKGLmh0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2JhbC5jb20vcXZlbnRjYTNnMy5j
+cnQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNvbTAd
+BgNVHQ4EFgQUaBHaB6dtobtArU2/Mq9wEKGLzxowEgYDVR0TAQH/BAgwBgEB/wIB
+ADAfBgNVHSMEGDAWgBTwFmAimDWJL4b8zdmHHA1jVW06RzBBBgNVHSAEOjA4MDYG
+DCsGAQQBvlgAA4YgADAmMCQGCCsGAQUFBwIBFhhodHRwOi8vd3d3Lmhpbi5jaC9k
+ZS9wa2kwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5xdW92YWRpc2dsb2Jh
+bC5jb20vcXZlbnRjYTNnMy5jcmwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQG
+CCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAgEAaq4zhzMgG7qP
+lwUogEy9QX29RZlVWx/LCQs99RKEFmgyVUBiez63KM4fm++T2o7vNu9QgAJ30bZR
+61BTQXks6XmtVuqezTmO01KARzZb39O5A+8Fx7RAKAQGIfbLtMlvXKG7qXENS7yL
+0vyBk0CYxDkV96mJUFokbwY6Y3PzSCMDx2SslVR9+1Jgsv7iM2oyZmN6RMOuuHNs
+RVKGFd11xTsKzmYt2kJGkDLk9lrwV6/eeOp1/j5BPk45ihU4oU+8JTEdGt1d37l2
+ywLFd0ZhClxoiLPRBuGDugSKZ0ztlv25rpnW0hMDoFPyJN1cTyqTebMs3IfA8hpz
+4cp2e9Drik88OWf9H70FYBM4i+5vPvq9KBb1eS7Ors99i8p6T5D4tmMeDJ8H1xlf
+w6FW3K3KVws94bsZfeJ438ndCMKjf7tIYK28lto/jRiYG9iu0y4IuyjmsS117W46
+QXNJV85iQqwfrW7/kjFxvPWQEVOGzrhPttpt1IqclyLpqwal/ZFvLmbNU8QDZfbj
+e4GWKJpLixvYaDZm2ElJuPEX+R1U+V2yq4fOIWp3rirlVtxPtHCDOSUKDY1ELr/Z
+Aks1kggV/p/yxlwnzr81GochPW0U7K7Wkg/K+T/csgnfNvFr0LZj8C9jJo6sv0is
+CikTAgWPbJ17Vk1DOhkQ6zsSuVj8qT8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQKc49w3zIKiovAW9Q5FKrdjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzI1MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAxxznx2P8VpQ98KUYtCnTJbSB6PeJV69ilPFWVkoWUAKv
+HPc/cU2Fw4zriIUl057yVYSVGNdb/l4nNyT2kNDjtD6p/85BjPm3d4CwUU20nYvR
+NDc0OZKLdQwAv+63gSy7Jz0JF2xDL8HeqOuVeQvXzzsFMWoBEXwaJgzvRqmkDdfd
+JWd+1fmtR2XHTnG4gjZsjOmMuWHTnPgm8Hdbhz5z2OkwmOyILaiOwW8W1BBnMnPc
+hSIhLWmHEqLL1CBfmOsxqFlIM6W6VjEC/gvy3ko40HAQG8R0Vul6JYnRp1MMUHOB
+JSyNurWKsVkP8CtguZYGaJALroRkwBH3Yo/NMjb0XOEi1+3rMox2CKjIZxI9QoBM
+FyZMiovVXf0rwgdI3yyxnietLYOgT1S4ZS1r8Ti90FW/MCgPQl5S89nj2kFv/uGH
+cTJ4m7jkzWj/AzLPgXi72kd4u9Nv14CItwLdpBeSj+92faU1fIMBVMlTiJ7jQHXA
+SEmvdnUNFX9Di3MeV27u9WU9xogMqmA8SV3Nqx98yP7dJr7oA9t5XkQrorfCUZtO
+YHMhvr1/3AlPzrEUpC0uGn9ms+WR/1D5nibRTQfXAb5sfNnoV8UikJ/7gRdNxYnS
+4iQ6D+DMJeUJPWPPCc7Eky4+I9N5GVG6FkxjK7RTwCggRfnow8swZqwNqrnVqzUC
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSVqcUc
+/Ey33ASMlPLBqvatLd1CYjBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQAWIkuCO+ik04ghdU0/6hhXUiQamaebPqWhsXgd
+Ad52S98bMytvMj/va2UAYQ3KDbti8OLv13V4eYKamP1JiqTlxbDZ3VDovwDNzA0n
+sH2/scexaG5fbu8wRlDPqlp/wuso0HzgkMo/lOovSbWe8P5WwCY1C4+p3LSjgwRQ
+Xsuh7zJKoVlKOvd4HVhXqOfPoYVM4KwYWBBimU4WwuFqHP7cFhCH0BDgVtClcSJG
+O7Of0BFdJZO5rj62dbWV7Tz3f954Gz0o/5rkPC8LgepPgCiinJpnojKHEDSHjwKn
+HdkTheMN9xmfgZciyaq6E4iqh3PxH2vGJco064qKe4OIYz58XiW3X6aLDuywpCLs
+BcW+yKV70nXmW+Q8gHzoymiRpKTao4HMuYVz4kHzDV257meoCeZWibeOAYs2ScaD
+V9SP70JHranxmxpgIaCBBXtiY6FPU6k3TIyzDRU71Fs+3iM/G/0Bxd151qlsSSbA
+9JEDvzLQwlnKcxSjyn95KvvLgmev7EQYloFW3AYBRNIEBPndshiPFzn3Ux35XzBe
+i3EMs+QbLwfGd/X80JQLzkYHxHzgv78Ipx4YgzR9n7w5PfyhQrr4bWni6+FIOpIq
+hD8kWFu8FtIMfTdTnoXCPSKaU3LMcgS2h3nphomo/Rws8CVMBuaSWj1Vqt+/mR5r
+W16Adg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQOSZ2s50Tgu2WiX9m10Y7XTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzI5MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAjyVfekvL+2mFwl9jqy43Dud8SGFu5wLqeBycBYM+63hQ
+9XhlLYMHtk2lyNjZjPQk6ixjtRvQITd/2cMF/A18xk2iYvNJXRy7bNlU2DC6ZRvl
+DObANfRce/C4f7jKV9x0TI3EJWB9epxuiJLNFgKFb3vuJU+QHS02pTX6LUnkTKng
+Cd1CLjiEjcomdLNAZ+Os+1g2nM1kqtwpZbUt1W0ST89jMNrsYiuWuASJeVZmtJLI
+bmkH9xeCYaprl3IhHP3kke4Sqrm6Tk4QVfvRbAgPF8xG5ewWnNBFkBjkjn9/8EoY
+5QTpIT7NWgIStoUdYbYa39lI2ff90PMxc07tnFtC1gf1RyR2uWF7PM68SeUm4q9x
+AcSQHAwhYNV5es7rb0PdCZIG2m6aw7YoLPpcKeGVJmnTEPVZQMwk1S1Uqu7bm4Wr
+qnD2Ov2JvLbMOB2c5SCznYCac01UJoRNLMOOMce8ytbWZfo+LTle39QYSIu1iBF9
+gt+hvRuq42ijA2d5SkABmHS+9mNUy6Gl1ucX6LxRSxrD8FASUs3C9dV+3Ov2Y+BV
+j4l+xhOulIsDzEfkjk9MzBv2XLVrPac3gbJvP3PqHNqAPhdjyEAmId/1g7gJsa/7
+7flgnYYwthro/MP8+YYKr54jYR5paGawirWGgRGUW5kT1snrQ1VCzU4HWZVpWH0C
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQoRMe3
+Nx1wrZcfKDKVZTd/VObskTBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQBmJcVG5Fqg+/b3lNuMmzZqHH/C6FMq7otR+EH4
+GJT7ALBrtpSV/HRS+WPqDxNX567brILNJ2bhNb1octlGXimNOb3v6+4TreNs/URD
+T2ODIMT6GchiHdrquJIPkyH1kUZeAlEu1YgCzdo+9MixvoHlQBli7gNRxAzEzM1I
+zuAP0bG+GmAmR+em6psvFaypqYX7LciRRLvkV8p93+NhJFJVsp3q4Kt1w4KSMD4k
+Qi5ry3BXh2ncpkz+kYXFKkT5QOP4x/UQai1AvM3t1Cien0NW+UyA19+d3/HujAja
+4aQy/y3o19Npx/np4oKvboV6XKgq3ger/iPs/UDLJtr6jM8kUub0RmkWy/2saG48
+rc8dMXsxnGNZSoPSZnNyN1ex7zG2pWHppGocdgxFK1N+Fj9TvoUJcqv/NevVRgBa
+QgawfaFsCHEZ7TQNfe9FTWs+49558Kfoc86EJzpGTsvzqb8mYRdeA/m2ddP2RiEe
+2o0BeVo3qOb82nL9QSDvrI0iCH8pQ6ZWKKlewh0Dk4jLmtlwCKEpJbeJETtid824
+Zl96/MjDi4GqK/7qjWCmoX9McaljHOjDij5AK8/KxFJcKWoD1OC/KEgiCpwprfqJ
+mquKrv3weNvcQVxripSyPws0wc+y2+Y2qaRo4sq357ROXUXfqVG5MznUifI8Hekf
+6XF12Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQGHXUFsKXJfCmQNYlMA3OPDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzIzMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAoSNxo6lftOMfH7pxyQHFqkpPAVi3tbnyhOxu7+MJQpMd
+PI8XzI4DKtBKD7NhCcP38hVBgtiiw/q29kVh3KxDCtHtVpE4YN7bD/iqDKm4rtfI
+DswPIpfp3tC/pFcoDI1RR7bQebNt/gi302Y/j9KXZiJf6zwJArDIKzSFK+/JfeOB
+JnPNWyCeHTcIo/ozV7tTYkITQyls9l8FNmoZqDI2/AzKvteHbN8970F2KvhFqvzW
+3gqGdN4+WKF28lr/bgDlLzxTgRUSb0Z9wC6DWz0FSUjDRbOCvvMd969Cb2Rwq/k0
+n181b6H3JPhyzyvJakr3MHbpNQmcoLmtiRuK2gdQRf7G9EMBc6vZdA9PRt32RFwh
+djHcjd2A1OCvyzFJHxWalfy6vVoaAUO18Wev0yDDmxwae3yM/dffqG07dEU/zbqR
+9YLD14KwACFhbM8weWFnGkLonCoaNxfwwL+0F5t90H01xTM4kGYB9Je4dNmp8JGW
+r3kBJWdIZwGe//WRq9EMURJAHWmlbNpblU7HPxQLjFkrjgqPDffCbeuWJxVtFzr1
+0TSWkYsiTLNU7U8hFYtZCf9six+nRelNwnc4WefFRLoh/Q0GbRnKPV1Ajxd7Z9TT
+67roUEPF9RQTzBDDrjHuMsNnNO1bvTIcfycOX6whDk5/iKlfsQvbPDhzko+nSkEC
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQqKbVH
+FFQk9TTz9wYbzufb9BiUbzBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQBVj+1ZJybYpqSe0iYajPGwm6kxgEGOz6z0CEYF
+snRh43rOQxwVaKWoPs0oEfK9gXYz2a1Ocqib7YedPmww/J26pfGMlxz+zobE84rG
+hbG/zhPNZqWsJ405EKocTgfxqKPBUwWu06Q6Hb5O/5WGB9goU2DoKSnI6+gGU7YY
+Ksveg++zFP2D+Mdmb7NpY66uZJpAFw0WeZChZqYkA/4ARPeAF8T9BWDBCTiUx/mT
+xaIZQiddkvKVutR1ZGfq2exVR6TuqlUd+5G2m3TDXjv0gCRnaehINKMAQusm5S/O
+5s08xVGtaS0EZc0NcES685ehzkZmgoUBV7BflclLbgNI+sw9pzEtuURzRzThQ3W8
+uN/oUb94oYxQflRQTnqiIq21/qd6CWzWXPxY7pjS6l8i6t5uIA9Qitswgj2v7bPF
+mA1bkv6C2xzTWH0Z3hRniKZOUlkRsoMvLtAX+F66v+BfGW3gmWDOv7f/XxXg99yr
+RBfAJW5UNFnafMJb+99et/Fn+J1pRsn3+wqW7yJwTQI1V+3oRfOErn4qPZi/nwf4
+JAR6Kp7rUGs7GzxyLUmZZdIgUWTA4LabUElX1l0+NxM+nQ+fP1D4UJEN2uMBSMPD
+gpc2TTk2Il+ZZNJM7sAG8KoLD8POEdnoCwxYS9MyrVSDsSbR2qhWJT68W6Vv6A0l
+Y8mlpA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwjCCBKqgAwIBAgIQPMOb/Sqs3NBD+BLR94zv0zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE3MjEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDGKsC2WqbdZxYIu+3aQZLqTYSWjGXmPsqji1apKmSR
+37r3mWK29NK76LBVf3/QyIUiGpPqWsXRhH2QRAPvo6QGWCEfLNeLqWV+sxxtRim8
+3DEGdavuRni7oD0qPF4TLtjxAIggjocGzdIihbdXIWNM8PDA4JkQYcxGA93lSfZJ
+0L1ewnvAPeV82KB8GCfa2RdSDh/CCzHOEBjmDWMrOJst4NGsPT3mhRK2pnSeoArw
+9SnRm4GVRaFiD6HMb2Pvamv9D0hljCnIFB8RywIz/pKwCcZL7q0D/fZp/ihR8oh0
+N27500bQBKgmZ9KrbronEDKffMWGcj8P6HDBqegzDEU4w669F3lBFBeDunGQX9OW
+qrSP0d8MTQLpC/LRNvrBfJ1ytA3knJ57byLDATb9gSRMXx6yaj9D6q5Mi3ArjK2H
+AKsLZ7gMXB60+6RVWhuA2PyTmbBTCjQJsTbIS+JxVmqTwf8vgBoRkXPJAM3t8bW0
+rv6NhYv8QkJh5RZxXGl7uFTAcCAvfhaUKKs5VCx27d0JVQCLZa6uPShi25fXw2jX
+P/4MysdBsip8X1NGJQBCDdT2E/v/x9Coi4XEzw4k0Cgy8oEv6EYme2zpMlYPPrJJ
+iOxrR+9MchdLVDZkJFy/GPeC+a7cl6SnYO40mDQ8aFtW3fmkcXIbSQpbzhuHVurS
+bwIDAQABo4IBqDCCAaQwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFAE8
+2F26WsHs2xXu538CuiRV1XOUME4GCCsGAQUFBwEDBEIwQDAIBgYEAI5GAQQwNAYG
+BACORgEFMCowKBYiaHR0cHM6Ly9yZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlLxMC
+ZW4wDQYJKoZIhvcNAQELBQADggIBAIcYYJOt6kcwHtIadibK+eaLQCqv+golFPYl
+T3OG4CNL/Jb1DUYOUWvkieFfyNYZN4c/TfBQQFbciKQ1nnGDSa60nFV4mLiXmFbH
+oje+696nEqiiu/gMVYq2X8jjAAarorgjgwt8E1ey9M1ZECc/kfvGrvIWOJVCFRxu
+tdLjKl9Q27BVrJKsCkAi4jgjEvyoyW80hOL4/ZCaMQqCPA++pPwBGot3f0qABpaZ
+llZBEZON2vDaqPeQD/Tp+KaX7K/1dpuQ4ZQ5TDd2I/lE/3uXPMXfiUyV7kytUQYg
+XqtC8geYSiKP8D7RRcoK23PoyDqsnBWaKKJPbmAtdM29kCCHMXrdJzr72XHyz/oH
+s2qEKw7HNBZad9Fl2ApxE4FLFG2yeKGG5RNMfoAcukUfFkh+Fc+LRUDYFsrDRR89
+vfwxud1qeNmKJYVh+CnYbMLT+nMGb7Dmrhw0zyOxQsACVarEHdIn+t6e4l3oXMDO
+48s5fFNTNA9cXBNzM3zBKxoLwNO+3rvcobMy0DhbhfSbgyNxAKkIYILVTHySBMNI
+7vp9MrIz6sTdmUnED++ZDdIVYmAROu0Tuz64/5tuETuwAaFagdg1fggHT+gEJHtF
+E4EwHim16Xj27rW1YJfFRQ2O0Is0IRfalb+9J2IUq/fTJH8FDU0LW5qxvrWkTYHQ
+BoG4PB4q
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQKbFezyeL2nKL0Do9P759aTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzIxMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAyOK2X7Qh4xTHZcQ8uYRFK96t3wuYGlyhtatAGgP6q/xQ
+a7j03R+fZjGiF8C336G/SQS46w+k49RhNwVrgNRRSC59686fYYBnBeoRsbXOVEt2
+zEriClySR2sCIKw5P4TauZs+iZbf3z9bQoM3cPKq7qDVsyyXlcM+wpKP1SmeliSH
+BphqCeCxAZGeezv7dp44yS3Rz0RZki1rtQO9aYRYOfe+uEM59cH9dyYMO/dgReZh
+yg2xKhPX5rQNr555AMmuKICQaWFFB9/uByzdLZfEGl8/kMDYOWjv6wEwaSljRtVV
+xM25H8fK/Q0YDvXiyp4CiHYyaMucfxhaWhPG5M0T8tCd1gaEGLYROH5RMaFO9yTn
+QkDXupLeey1bWY4/APaAhSbWcJ0DhX+qN5njUX/yP1BVV8QiRB6EsalkOilYiyMT
+7UK9pAg2RP8QO9dkoEVlnErf4cY1ZPovfvjU7rbXxaay2xvHf0/V3Y9HuWzzv+4U
+ZNx5Flz/rwZJXpUMFPr/sU5NFVWMk15rQcdV28gNJfalYw+8Jvx6hv0RVw9MpSpV
+2bXLSL2oy1W4vGEUZ2fxj6t3zEDQ94yfO553J7RBrpk4LRrorWZ+dIzpLsyClEn4
+upwNokMih9GeLdHOixhPFFkEMRtKZ2NTzjeiDIplmVwypRX4W25Xje0G21GOBT0C
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTkG+2q
+QRueVn3kXZ8RV3asKZSJNjBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQAD4K9ia0MJ+1rsN3SKprwOZaKZkYtRArM0Ql3b
+Ynpy4FFFi7trsFhTuD7AYt91SZNNK8ENf2Mt3OUBbarOCEOU0QmgVcpfRsiL9Gp5
+eU0AKVPOH+sUJ5i1Isjy93W4aViyfuN1HuAnGz8Ab+mg0Hyj5tIx2Q8ATA6vtr03
+ka8qhQUX0Pi7SsafFAlwQzkhyGzG7/uj/T2gH4VKYjm27J5tDgjTeO6PF0dzia9E
+Vd2pLMVyAwkkkyCbs2rOQvEN7AdO8Iq98oN7r0uZSHaOPd8QQ7KBpbIz5fdPpRyR
+O5qZjjsS5PzefpWvcGo/pXzd9LpNn9VF4Urx0Lju3QuzOmI0aFleWEY10UWOqgm8
+tubYTevJ/CeR70Yk4V17duyfrp6NzGS1k6UXQYNcz+XAdU3dLCT1n6Tx0WdACK8p
+ir26wEUOsPtkJIJCD0hl0olHrh69jO4VgbrctvI/9XgjvmRfMAeslD+8xSWD6ux7
+uU977Nl5G0twiplcJX6Ej23ZnekCt8y2ZHZXLBdTYKxk/EXU9r5DNL9QOCvG967T
+D/IgAiS4m3NxYSJljTg90StTLpcMssgfWSAcIAY27G/mkDUJjI8iTCmwvDj8vQQ5
+5eF/aPJPVFOGYWBGtB+MyJAhUDMIKyNvhSxWf+NqinfdyZbbUi+sE96HEkjq9L9W
+kOktBg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQbc2CUY8y8/vQDMjRliimKDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzMwMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAiuhLdvmwa9/nEv0aiwFCdzRcYtH3MUrdmDewzWXtlty6
+dvjUROQmVOdH1c+wWhA0tlek2I2CNl/krVNw9xYghN65sigIT5ddsTbvfV5xwyHg
+SIr/eZ8EvwB/MZj6jHFzfcSrFuvy3izwaXf62MrUv+OudwBJIiHjlCuLd5C6AX0e
+ETWFGRR2wiLjHHYeGlxZzPQ/BATioEyMSmmwKIjQpUCGrcmQaWJvESqwFwnIKJwH
+Lr2holp57+wEiwyBJ3Lmbm6KWRLGkFRooHtyxk06eZqHErWsa9pvZtokyUJCEHXH
+YFWvyOCX8aJgw+iwJOSUPDYfS17DQSzxDruddubc79NmPEMq4PIngYKlzF0U4mJj
+cnUzzXwVBZP0Qva2DxxkfDR+SPc63UmXmON5ISj/XYuHQ4l9pWJgf4eO7UYRXUB5
+nxM6v9oXd/H8UDYYj9Xg7eI2Ps1gBCK88Wno1py+Fc025Jk0U0R1y2zNyagJeY0f
+oofQPsTBKxLWzMHJUpb1iLgdmhxaAWSuFT1TV+XcPjIXfhuilVtvEP6+s7gwyfLZ
+KTeDRX3hYNBN8p5i0eJW8qeUyO9JYN0O0GwVXHQgltqX0tqi+m+2Y6Yz9RFwCgs/
+3hyPouxbCgYgghM1ncEjMDZsnMBHpZptdXTGUDFB9PYWCZD56mkfRm1E6FHoD8kC
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQGiOvW
+6MxbAR4glj+E1tTsPDf3kTBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQAoIuoRv5KJ2KFONuy+pibaV3w86ZnbNOkOnnCB
+16stVSnLxOeJisetwB+thWmCFg5E6PW20TXSLBV5NI3E5Hw+31XEnFdq7IhS58vp
+OUZWLhTkPQpV/7PL/cxy67kLhym98wgozr+ptSCaNW7WY0+hyaovbqbr6YusWBoj
+nSMvlKRI+ES5mPjke7fSmyEE9+BQH7++WBtHUe5Db04sPHuDH87Fu/LbbFJt3i+a
+7Jbl+Nk9rmWxKneGGYzjy/Vdny5nq7NAPjmnYIstyOT1lIk2fOyUSHHnzs0HzLPV
+/t5Fu8IIxth5kv2opd4MMTKPiALxnIEXYVpVf5/K8r8QNrzxH7W/g7/uteuIdrp+
+HwaLguMDQS6Euq3eQDo76cU5JB2oIRAbxErNPHFzG0K2r4/JOfB1Mn12FNiUZrZl
+S1PT8SKlOKXmViyAcobqHAStjIuUlM0Qy/KjgC0plmbEtc4PthLXI0g4VFNTNiBu
+9WgOvYM03y2cCRh1Bb13ep2jwEBEH9vX+bXLlQI3e75zPYGmbSPAkr3BrByZtQdT
+fQPpzdz6rejwOxL5wTaaRvEOXWsYFYVVZ7lL7sYdtUcakBagF7qSba9Lkn85MwnM
+VT+m2rGDfJ3yVFBkxnqbx5EIrZEz+vsnPu0+9DVwcjLbkTsUzBL0jBwE4JRfYtJq
+tzm9jg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQWdXPfohSKfZvzo1vv+16ADANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzI3MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAqUC1IgyS3LEv1UvOdc5RBkd3eo7IxK+hQ0dEvEaYn+rS
+Vll8dqoC7Mbkvz4MsRTm8JgNXWnAM/10VJf33M5tIrFoUPdslqPE+iiUPsdN0XSZ
+OqIwICBBg6NNW+ynE6Kp7Ulvp17UftwJeQL8O9QaBU2aiOTknIYFmyhS2tAB/eL5
+jhCkK0koMA3wcOHp1Y4Qd9X2hoEzOFau5oEpOA50ovvWDfB4NpQSEiDPy0ifRaRY
+A7FfC2pL8oYFDmQWKriLXNF8x7DRHKJt/wVVuEx6FoSJIYGN/aIkE1yLHf57O8q2
+6+GV6X+Pp906XWDyZ52EydHnXmJ+et72/t6kdPT//3xwxsgRiWWugMqNflyDSA9S
+zDOnfvXjp/xLPbhWC1B/wWBGMViKHMah7qsHZpJJrZYA/4pkwtqJS7pJRI49udJF
+XZJLMkppcQQCMO5bteNitPH1DoeNCLDnBa9lajuaEWL/A0rh77Y+tTJ7NNUQMyNs
+OYmhZmRbYsrl/A+3X7yZJ+O3hfm/sMzfkts902oWlEtqslj6WzKF/UxbPU1tq8Ze
+EwpgCy6m4rM9M7wKkboveT69efEMgVlwiiDfcTgToaTUq0/nd0Fp6Lvq8ZQ3+cQm
+QXgaMkrB15vz/xCqGOq+Dh+WrQJLosXbIadD6+Noi2fPTl593r7u4qTipikpRuEC
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRF9whg
+WkZ6QYsoyAU27EIuGQkMhTBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQBaKxErkBjewWslgD0iJiNYkrvWXy+jgo4aJkAp
+fi80Hu+tPwjlJib1YUbKQ+IWfzcwkGb6tEK0KkzSA2DyKfeimXWBPod1jxeLd2ZQ
+pfaABODlULDKc5j/0nfNDip9VXsQ6U+MmprTH0jfZqTH3mw7l3HeMYVheaM1apOK
+s+X77z+Y3Cw45PzG3ivhRvwDDKycbPx1xiZLbA7Sbh6HP9rp2m3cu3Cl3y7fehKZ
+S5XG2FclfJISvNAcSWPa5eTnO0EuZ4gIfCnMSQcjsVN5YsUHZCyDDeTPnwcq9roY
+zh47fksXgYNWBkdM6I5ZUyAKHSZ6s6a87vYpriZQpZZYLHf4gpJd3KQk0U/gMu32
+6N5IQZTQGcdiyNpDWbvJ/j42TibLeSDw4Cf4sVYrhC3HNeA/6iBrpHyt23Vo8EPl
+ko0jowi4hDa8KPmf3ZbW1xpJx4q+sO8squ3cHn8YJdi6UB5xcLHDQfGq7GX6ggsZ
+/IQYun5cMPDcjoYFglRlDqup7qtkg61a9dA3oX4wTxXoOOsM9KzWiIXHHOSAcBu6
+Fth+eUxhlH2Y0+Nq5WLRKMpuis+vcGuXLKJKIAyQhaVuntT5u6IiDJq0pw4sGfVX
+28eWh7fecQ2CxOQab+BrVrZIjBK5IJpUdsrdQiZtw8y3vm0SDYzZhLoNKzIskDCO
+Nk9tOA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQHbY6J4nSm228Isifiui/iTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzI2MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAlvksvFHQfD3YJ0k4yFhO9IAPk2RQpIUBIdVZG4A/cq7b
+97Fg9e8yftBP0Hcmgae8tMzCc65IPv7JfoNvxdZjxQclkREG38AFpbfOMrhuuFby
+OHLfNOM4vyVrJgqRUfcDzGxji620ufpyfK40Nb+mT/mgSNY2O0/Quh4CKkNmIUBg
+MCMfdbnnuoLcdEK5PT9Z1ZBxIQ40tB6WFciv9pARtS99Tb1u6Tp9UGRfc7j/et2J
+yWoeOzXSsuO1hMrWDQxvIAHs6iRRs3KVrr4CUpbcB8ZsE8ixRPUn/kAFrZte8CnL
+tHD4ESf4dW7EQ8ci8m1Pic7KKL7jiLTSxo6kBWiFyvYmqLX433BvI2OTtPKXHvUo
+Tjp3VQ3c305NygAmamkkGhSTYE5LqJyXBeRHMSWv4LKF1Nzl+sxalUNwcB+tVwyO
+t9E1UVBKox9HBlOqTNzYXuFO0SYHM6+JLJ9UNX7Txbh+Qnnng4Ker2a1qk+1sjQ5
+Jrpk/BAQGfOWd2CWIXYzRFBQkdyL1UiUwquWcBAKo2W3uYr0elfyZrdVy9fOOkU5
+MgxHe8l1NCIE/WSH0FmVt5oWoojk6A5kaTJrXXnuwy0NBg3TaRUB4FW7ass958YA
+QgNy8uF9T+mfkCtF2Ql0PEOKXGqICohIRqV9pu6bZi7JT/hTuQC1kkybkakrojcC
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTZFlmU
+KUTMQn00Cp2koNppEwantzBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQBKnwc5bGF6Axi4lpgysu44h3IHlzhlax+AuPkW
+bs2TXHv+zyzWHrimwU4R6n4WPIDdFnclFVlUHmYpBOoj6QfZ/XS3MenWUpZ7pSsa
+cccfv6wrs79xJFLhAp+f2+xjL01k1ww1t2idu7yhdCuVyUKwp8hL3TqtgR0OCYEj
+5sQRTW13748+i76hGMDZX4SQEv+N+PTeja+ZJdBGpA8tIfu29KRYaq8gKd0Dp26A
+lkaz9pmPUy9n7JonYBjn1XSYOfTdua+AGvQj8POacCFBfUPsCFaO0RZvs5reFpsl
+Jiqy2K4uNUYl4kkw9AX8HM9tkz4LblY5+LJlg9UdqF2HdjLOrWPOG9j+c31qi0A/
+Q0OOlxCSjcYsYYcaMPxEhCOGJeDeijMfnAaptB4SB+WjMR9rVp9fxa/erxSyJk1r
+yGvTiQcs28ZtCDwJwJX8AY5QdDHR0lsq7fo6e1DQdlDMf043pkLPhTFd9ARWZ9jv
+beEvE0K+eO4X5mfhRxYEy3LOoILdI4UWxE3LbYOGtoKZxIBgHEEkpXc2i7GzMzvA
+aP2rPC+vzFzhPwOu+PCy2H3azEZPbNnpS+nfH2z4B3cpo1NCRvT5o+0NI2UZCzmP
+dUZkc6JF2wxe3PmfupOu6zUkHNClRXczPFUaTbpYVVFqXgkE9+O5bT9umKu9YO1G
+qMrWhQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQNeR/PYxJ81eC5JqFp0bz9zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzI4MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA27L7orAnythfJ/oxpEbAg515JiqUFw8vTHKWxVjEm86W
+oy5BlbVGOdXy1O996qlChTqqKELXzV4x0+2ZT0ITmCghGn39CLMfm16JjfhzjzUo
+I4E/aZcXusj9r0O4tlS8aXu2IyivbXNysJsk7KIGzYriEIeNuRU41HhQGphBdsC+
+Jem57xvib91M57jRw65TNO/AOF+QgHjQCXgoqBMCaqzwkjoE3uHTj54Y4Zq6ZfBP
+fNBLsBkiAahQLXTjQXH9GhsKRZ/FQz1mj2ZZ08IvWXgJ3mSilC6krUGCmwIjzYYF
+tgiMI7oKklqP5bD4PXZqyrVkE/PkWiVuCDr/5b1JbaFATkwK4N7E0BwEKYHOa/bQ
+KXcd+wj0YxlURzJyu0C36P9pP0onEtSOPq1aMFQqApLTSj1U4t8TEpx9cyYbvvdB
+3I7bsAW2rVnAC61gl2x/RdhVSeyKgfW1GOpDRKrc9xqQE+i+EDZQHwTIuEcBPj01
+KF+Q75pCljN0mnRDMLOzsx6OLLHoclpcTKZa/AKOdYCgwUbgE4tJSgU0FKY+4o9O
+rt+XTpuPNZUZmfsHOoUzrpUOhyORMB1ZBUUk/w3I2AwD/65DtoilAp2uBhZ5EwPz
+iK/I10UFJBnr42vd9fizoektSCOAljt9qDwbhdHXbZ8yFo1B0ZFU7Poxt25tKbMC
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTKn5KU
+wxV1UUp88AYWhqKdGATBpjBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQBlv2HG50tiHZdR4d2Phc8NUsLlw0apDH/d6uGY
+vHUKPa1RTowp3YzlFYD4iPIjnZTNfmRKfGtKN0Nk8t2yHcEt9NvRsXelppr/cxw1
+2jcbv79th2ZreO2EDToHBpOBaCL3Po32T0ECKj+rNi8TlIVHV6G6kL8HjXqxhRL1
+owBfaKwll5dalq1qfCLJUQamxWNS3jpx0u/erZRbeITYF/pPe81OnJfx0nDJqKnI
+BnvhagIG2wvzijS4BtqeX2r3Ynbxh3Hopn+Kej6oumwklyM4f3d8eqf2koORWgnH
+/o0dgeG9SCWYcTikaSt3dLNdi0vn8sENNHPnZacgXqN6A+AQWUwjSlawBNwoLEBH
+lfK+PbUlAeljfGAGjdT7E1t3/QhT+klpFDw1FrBwOMNV7oqyW6D1Nrwy5PZaXajP
+fGpOQkUXYjoJktCCKnvn2T71j8eneT+OIgPmYSQWBTtIgoQ8EuUubW7WtIivrJyo
+3B7ANundbtnZywXTZdUe5hQNMxN5/EqYl6t4PpsYIq9nvkX3GXGdp/v5me54P1IG
+JPCgEBMhhG9r1+2uhAwTcx+c9fngO6D8L6duYImxZoEg2GqdHH8Lua3+8LYL90x4
+Mlg04HaUUbE2qCrRpHv6Zw0C6GmoQg6KWeWF0YWO88wu+WA1NNQM18xlVdCmbcXt
+90zH6g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQZN3AIQZueU8uSJhVj20XWzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzI0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAqX3RiYC/su9hJNanJWn7nLvN26rK6eorNcKQaAuAmhk6
+enGxzb6mn7i+k19ZcorpgOk0Qfm4p63FY2b/0CpLPAlApucDc6eUfMrJ89xzNUn3
+WvoQ4+2oo4BqEiAE8QX6Aq4vskC44/dNMatJJlWo6SXh+W01m9c95w0X7AfFeDkq
+5W0zUTKD02xQ54FD3ZF0DXZLZfmuVa4ro0nfXsCpQtwxkQTE6P9FElTJEcgDAzS/
+AppULoaVRr4LCNgwCBtbhoX2og93okVP1kPWK2XWIsbNgtxmYji3cxZ37KP+ou+A
+umzmB+bIID2zZmxrIG82YFWHcha7h6IT+p5O/U7MFRv5qHSx3w1Pylu8ZLY6htBo
+e6nL7vgUKYWrFraDXj1qGHhRHRa6jWeH7O/Z28Y2L7QCed2keKcNZtGNJZ/u2dKK
+k5tSgC88fbw5twqJN4BuanCIkqZasIdv/y1G9+csV7Ikg4Izi2vSprLsL2FwTew9
+HNN3qdvv1W+SWtSED5w8XIbXcnqUBewzC/h3DtGjvNE50RCvyLXC7aRUpfaPwfQO
+Ua4XA14e0Vuccwmz5/x+CA8hq2J/m0FINr3xyQKewXCw5StHLyYMXLzPv48FgQ68
+cxos0Y+JsDny5MFYx/9LfNV6F8BkH0x1BN7HhxHxA5ku5i0A5XOjLZY6UZCycokC
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQ7UjKn
+iZbydmMRHZFyHbAwHGj/5TBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQA1v3w26vqUZWS2q5MSmYs8vzvdTOpGNU8xiAsE
+K+o7qm0CocutRgEDhuI01/vXornU0/lOV26eqeKdtz+sL5/b5RNlFL3ydfZBJpbv
+ZnXpLS6uzWyvHltZJCKhEf9o9ZlykOZhsXDHSL6DNKgCspwb1tLlw+m2xsncab6m
+HV996N27xTQTENbkixFhRDgXbRJeNRGvbOMf7nvPx8iKqaMf7ufkpu7dXzmtokhE
+IcN/e0Jl3PJWsu7/uNw8bYoEJm7j9QHJchuNHPedAe4Vv1VGpN22TFKp7D6sHmvL
+fRcaDKCYIAm40ob3AXlZJZcUir7bEDFYW7MmMM3uONZeo5PVBiqLC+ae+04zZySL
+oIGW0NA1g6Gf8Cwh7Rf0WXjEKZ2b3TWyl3mxArf1/5VH/jFS/oqDRchFLJiPdSiM
+3U4Aq25zOVfZOtxYiB7uEGOcQC4v1umXRZ86ikf1KEidwNBkw7ooTXpXbzgDIoqL
+GaFqGw/2UMF5KGWGf4iGRVxIVbT9W3L2cAm+zCnB+hRi4esWSXiXfhO7B1zcQt/w
+7jYYPuqcbtdjb3gzB9RmwEsg4hkPBYxRikg7mBF4jhhZ6bJvPW8zEktAFsQnKMKw
+Ae/Ar9yVxguIHKbFm5xwOFVg9xy1W/v7EKZS8B8YzW5EXgaVrHO/lE8IwjsCzvp0
+V8HiMg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQFkV8MWb/GCVSTM0hAqj/ATANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxNzIyMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAqNNXhsg2winZykBEM5/lDH+Nr45GHEzWkiE5jLewHWgP
+NEQGcg7NejX4cFZ1aeVKsYc10EgJq3X9iUIw7YcglITlki9t6KpbxaWBAHhoHqGm
+OwA/2IirTYOEy21YJtL+ASvTD4nJn9hHWlLdl+CfK/raocjcqq9JW/wx91hbfFck
+uAY1cOgwbDVFVVhB+9wzBEnY+5bd2Rntbr+6HWUVbcu7Tilm4w29lFUaICkgwiTW
+UE3NWRLH+TfWp+SwjXFbji/Yk2RqTq7Ec2Am51NilNmZlDtIJYKzLHLlklUjW2bP
+qEUHC0B6PxjPXxZBS6uIIAxCmQzykRCA0Z/MWnfh3esU9IIU5I8eDUrT+TKobpTR
+t7H/UVvx68TCs9jFfGq5Ch3EyIHNl6ApYcHP77Tp2rym8bMjUnXpZfMXQ5h3emG3
+eND10Ppf5rvoXBmgFS6/jyGiD1SS0WniO4U8XBoBwJYIScGhfTJEU90e3/lqoWu8
+/o11LKZOuwQzIbMM405F9l2Hy4SUBEYBhjajxglJiLPyGhXaKMht4z2vk7CVwPuQ
+gJ7o9LxN+CC1cyBJzI92+BtePeKje+Fjv2mX5l8X1MN4LYODYMX+qTL7NaDLDEQt
+W7LeKpbzuOuwbsemcChd0hfJ+SBHC4+0YjHU18cnNui+pldE93h4WFmspJuWS70C
+AwEAAaOCAagwggGkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQ/K/7L
+9rbPG9V/bj4WQhb+jIGRazBOBggrBgEFBQcBAwRCMEAwCAYGBACORgEEMDQGBgQA
+jkYBBTAqMCgWImh0dHBzOi8vcmVwb3NpdG9yeS5laWQuYmVsZ2l1bS5iZS8TAmVu
+MA0GCSqGSIb3DQEBCwUAA4ICAQBA0Q7/jw3ltYitmfo2w78P08h0w4teJhO8J40H
+sM/kS6GLOebiIPBfKWz6z3/kwTBrXA2mkJAIYQhOhxkZmBUd96IjmA740k7LQCwD
+2pmmhJeKttXmk0vzG5wgAB84801sqCqajOkN323B1iLC+Sl3gicROMGFENtbb65q
+OrWBdDF0/HEGR4nzngvHIvfdLsdUqeluoyZwHhTWa4ecUFvQGiVvWWfX/GqybknQ
+mJNGVo7fXbyVUSTEBzLqftKam0pn2RZ3OPIzo2ne6TY4JaIDiyXHnUUfJGMctdoO
+ZGsxIvvds17vTf1Gq3tyav+ApPhAbee7vr0wYabpKUkbmerLnf7La++O0/tJmh4O
+PNaP3P4Xc/5XbVdEego1JpvPw903GBzLJlUG7A0FN2qD+tz3VCthF/58oU/Kxpux
+RlGfJlBMRfBCv3HEubfNIy74HjN8o3PXR9z43P3kfzZkOLYKySfA7tVQfizyo0+d
+O3+H+oSpY6JPYbyZ1fvPdxlgV5RM2pHHebKRD2CrrjJnoW2XLxCsdmQDmhBq2fD0
+lIRAc9YYzn3+r96vQg2vSY51VhQejaiTZgCJ/h3JOIUCWr+tY9k0IsfkZyeVznfh
+qYAxE6m7JXkFFfic6yXGvGqkVmQukV2eBSRN7kZqLrWDrYsnFo+7qNl6p0zldOfl
+lJ1kqQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwjCCBKqgAwIBAgIQOzyS79nOF2k3+jcPNIaCITANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzA1
+MTIxMDAwMDBaFw0yODA3MjgxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE3MjIwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCxbLB6dAAzLvbZUZUaJSAgAXdoOSzc3bcxdbnUScjF
+RCJPWjs7LOKmMd7XmEs9y8yNNxSxH5yqh+gFU9TVYcd0/q1UPqeVWzWAS65vFA/f
+7e4Alum/yFEm6ciXPOHtn+xGPkfI+eUS8oJ95ya4UPcsGYTUrD/VkhWMw4xWzeSP
+3iVC9+Ae26xIdfAB6eYqDfYEsvVKXBnJQ5YuUw5ebzZoqO8c0pim7EirPayRudE/
+MR0QYoB2DWK9fbB9+MosbAqXPKZTHE10+86mXf91KMr14hdcvPyHzVIsa07i+0Jf
+gKFFN6JkJwOQGMuuT+DeLTROaiejWO0k5FO+E8cnAdfo2FeXz0H27K3+lt2asWVm
+3lxnUQIgo0a+jElHGJOe7Zrl4QCvLJuC9sBkZnAxyl0NXu+OtKpsiTHROz7Md7rG
+XMpdvl/3ixzPZpVNsr0OgeINDFmgq3CpcQl0Zoea/JcI7/orAD8xhiuPDLmAEKiY
+wT31QprVJkQ7ne2K5k+JWqTkC+9pTvhZp/4N1XYZsYp7Nc2tMyNrTubFms+Hp3mf
+ZgLc1vER7NvDwhEPDUvHyC6Iyu6Pbe7Jpsirn0tAM+ZEjxk4+T91soEnGpCjEQ8V
+RS7HlnAhw61p8n/H+HHIgiOHOp5TTuqRQfYtz5bgZKWPa6YtmGnJYlO52FGd7mDT
+jQIDAQABo4IBqDCCAaQwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFPvj
+d03TRCPoJkPi+SD+Th4FuLU1ME4GCCsGAQUFBwEDBEIwQDAIBgYEAI5GAQQwNAYG
+BACORgEFMCowKBYiaHR0cHM6Ly9yZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlLxMC
+ZW4wDQYJKoZIhvcNAQELBQADggIBAGW4jfHxD4JtAF8x8cD6/ISEWb9sLsGn+PxY
+nk2JnJm+6fswR86aGcsZsNo/SuuPBu8PJETRVbY9xrrGsaz1misQ/vtQ71cSUK1p
+PIhxzchPXR1kT8/T/9+qrHt71pAoQayrC2qUULxsGkH3+bWjL11Fw8aGea3br+SY
+dJCO/386CqrvNMz8OaKPZrom1BOS7by5k9ZCEkAXSKv7bmgEzDhjY9MWWJpaz8w0
+IOB4q9r+zC4pz9sNKPfFWy92u6ZrCSiFhx18dwPyHfwkm4O63Mz6SM+vpy/Ti1RJ
+qVMK9umIVgf7jTavaqJWsQ+FlD7vztYzATn68a5Yhwffr8suhDft3wTOCOZUgBff
+7VX2/DL0bnKCGl+tOLdm4Vm+Lp89ZEMbm81WdRfy40s+2iNdq4alKNSuSXbMdikK
+obEIoJh81LSs0pyC7RzLzcFEzwQHn5++ajIW526m3ufAGcediPCQPn0UThmYkPjL
+tuTTmB2Dbt41dmGNRLEXnx24cQvyNEK4/qZE3hX5ybhF6SajLVd0zIgD2vbSVyQE
+JnOIS9l/yrd/UI6JGzsfLhdHmDg+Z1c8Fr50l5eOv0CwYHAp45UGyNUfCLtQ8LMq
+DK42oFvJ7w32JA0EAAkwzKI3AHdAtA/ysEX1rHCK8oEP6OtaqFLpJxqvz86WtDXp
+Hy5J8nuS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtTCCA52gAwIBAgIRAOIaIRqokeLTVFn/020nxCYwDQYJKoZIhvcNAQELBQAw
+fjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAG
+A1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAeFw0xNzA1MTgwNzQ2MTRa
+Fw0yNzA1MTgwNzQ2MTRaMEQxCzAJBgNVBAYTAkNOMRowGAYDVQQKDBFXb1NpZ24g
+Q0EgTGltaXRlZDEZMBcGA1UEAwwQV29TaWduIERWIFNTTCBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMhQeIUezKdIBlpnoWm0+HG5nu8859lksQEG
+OIeNiayAqhlxG5b4+wVEJ8DmCP77qDOoKVjW5owTIvZHc4F2MEqTOt6/XL3+P6an
+bKdPN5/nhKghN+45ywgFYn1AcI5kYdPFQmNfNYGC3jaHISHttC2xz8NQHyHRI3sy
+g3hkPdyNeLC+4rTOLs5SYZT+vHr3biOipBO5n68A0Ho86RQ6d0RmBRArAJskD+U/
+Qco3F2pl7T0CDOuCXZ/ld3Ga7Bvb1G/lAbM/cEr6endnaLaHmI+6gYWRZVqOELVi
+T9dkYnpspHxtcgsVUl1lFf3GSfWAX/Jvnd3IstCa9E3dmAWm8IUCAwEAAaOCAWYw
+ggFiMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFMqbjS5EUEKK2QJlMhqe
+gPOIBCq1MB8GA1UdIwQYMBaAFAh2zcsH/yT2xc3tu5C84oQ3RnX3MA4GA1UdDwEB
+/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNQYDVR0fBC4w
+LDAqoCigJoYkaHR0cDovL3N1YmNhLmNybC5jZXJ0dW0ucGwvY3RuY2EuY3JsMGsG
+CCsGAQUFBwEBBF8wXTAoBggrBgEFBQcwAYYcaHR0cDovL3N1YmNhLm9jc3AtY2Vy
+dHVtLmNvbTAxBggrBgEFBQcwAoYlaHR0cDovL3JlcG9zaXRvcnkuY2VydHVtLnBs
+L2N0bmNhLmNlcjA5BgNVHSAEMjAwMC4GBFUdIAAwJjAkBggrBgEFBQcCARYYaHR0
+cDovL3d3dy5jZXJ0dW0ucGwvQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQAAn17fM+SE
+dRJdtuP6BtLY4kfJu/xPVpFlTpl1Wq2GlzSOBWEIvqsrvSz141D5mmPZ1hqMIdbn
+4uq0sC48tAD3Mi18RLbfitm3o0tjYxsbI27tltVMbvyld/k3JOyj0wVljju9fDHc
+yIK6akmE/C6UDLtqvRAx0m7xc5z+YIJRabXi33x4AmV7HTyVs6Lm6AGb+KqaJzDd
+X9Qqj24EuP/noicvKYP9g9Uf6aGPB5TWliIoEpJWz6qD/PophMB4nuj3ccO0LMJ+
+k5QFRWs2hZmev1M8hpqBoMwpoG/jy5AOwntqRqRsSkbR+6tZ3aCWKU1hNnkZcfHJ
+11ozB0OSfC7K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEiTCCA3GgAwIBAgIQC3+VkOWE0G8LcWoF7Z/i/DANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE3MDUyMzEyMDQwN1oXDTI3MDUyMzEyMDQwN1owSDEL
+MAkGA1UEBhMCQ04xGjAYBgNVBAoTEVdvU2lnbiBDQSBMaW1pdGVkMR0wGwYDVQQD
+ExRXb1NpZ24gRVYgU1NMIFBybyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBANmDz1NN4EL1KzW0T6fOkR7IQSXAc28dqEHAJs67wM5LnI71rGWHJ4dY
+FvDW4RaQMwNq5Q7r6s6TIM+iH+dTPs6qFiEO8HqbrgVD0zHBfqtzhNUt2OTnNfe4
+npAH6U1zX+Oi6736U0CLawu6mz5BUGcH+0FoOe4suB9DTB/tZpmjPkg+2Cr7pmTG
+dBVhd4jG0a+kM79wykUvr08IOWBB25nUGc/12fLM7B3oItKZ3vaPuEnlGvA0Kp2u
+W+NcayG6wmJDA4FXQdWBnStKXJFvJsXu22mGKcLsxWYNTZcsa2Z/rOSRdVb1SJ3G
+wWqWcHDNmil9ySZohNXpAov0IFutpJ8CAwEAAaOCAUkwggFFMB0GA1UdDgQWBBSu
+D77DDWUUIl3SUSi2oAyMWfTjGzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALv
+Y2QrwzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6
+aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVW
+Um9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0
+cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEApREf
+v9/3Dv4T70+xHfRWXxF7VautSJxPNVUhr/vuvqRqQVXJs8WZ0eJWk01kiM7yfzrn
+BV1EMsc9E26A95X9/LzA+5xQfVD7Wh+Ww/ErE1mW5AEBu+ElYtrtyTKStTi+RUEB
+DzJ6q8PySaJpi6xad1LCBmribNvVK1t45lCPj2fnOVPybmWsblDR6WQmpFBuYIBi
+EwDHbqXbXRF/XiSeJLIU8FtqsPu+wGAefviaIoa+EAw34QF9oD5xQUznoIrZEJxC
+lE+nP+7K2GhtKQtSK5EdiopZy6xsERubQVabApgm1CVdrEl8IGdUlvheooz6I5/F
+9xYIvypgbmpLkt8IOw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEojCCA4qgAwIBAgIQD3n7xF3POv1XMKV6tQQxrzANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE3MDUyMzEyMDUwN1oXDTI3MDUyMzEyMDUwN1owSDEL
+MAkGA1UEBhMCQ04xGjAYBgNVBAoTEVdvU2lnbiBDQSBMaW1pdGVkMR0wGwYDVQQD
+ExRXb1NpZ24gT1YgU1NMIFBybyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALaf5hv57NOAg0yG6DUHknMGzfiI1lmO7g4JaGV7pSoAjyTyAbIdG17/
+1xSCafAqZjxVG7PU35idDpL3wzj7Q4bCZd6EtmT8F5yan02NzzylHirPh4iItIsy
+C5SL5NbRZcnZA0i8f5aMxMpyHHtizOnUQjQiMllsC60HLV3ujnCRTkfV176vdz/1
+uKyplWPDe8LC+bA8llzKj3A6tZl/Jf0X8PEgnr0rZwklWF5fPKT65j2PFzs9rxgK
+8EZqwxZtN5zf5pS2zN/Jzsug5h/mHjYZFfZTVrBW1H0aFTg4o1+nEzP/IDiViiCq
+zIbu1nU1fFQx5mA7uOTNyzMsMXaYvjECAwEAAaOCAWIwggFeMB0GA1UdDgQWBBQm
+QFoFw2DncxT2XOK+bF2MV4/eZDAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALv
+Y2QrwzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6
+aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVW
+Um9vdENBLmNybDBWBgNVHSAETzBNMAgGBmeBDAECAjAIBgZngQwBAgMwNwYJYIZI
+AYb9bAEBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D
+UFMwDQYJKoZIhvcNAQELBQADggEBACxqK4/6E0z4jjjrVovMW8V4uQLifYr9XRMA
+jPTSe38WYzYYEXriQrxSZF2k2mKq7S+YqFuv6BAvLaCLlVPa1uQpBhQFL/aFB2eF
+YGiHX46GRp9sUkXEZNt/eRtqKwOiVj8tdBhMjTB3rmX6kD+/nZZ2C4Z8C9jtHZu4
+Y2VR59TL2G85IUbsTOcUjqXEO7gQhW2CXBbJyO+2DMrFaRCWtDienWUsJzLIbI2N
+XdQ69dCh3zhNqn8GK8fRv9BU4LpRRBK8AGt1IUzZKJ8iAaAwU861QzAbvaY/ON2P
+0qDvdnacU5gw/3St648rQZuUlQOtuUok9HIjyPlToW4KCZxME/Y=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFjCCA/6gAwIBAgIJMvoIN2vyPCATMA0GCSqGSIb3DQEBCwUAME4xCzAJBgNV
+BAYTAk5PMR0wGwYDVQQKDBRCdXlwYXNzIEFTLTk4MzE2MzMyNzEgMB4GA1UEAwwX
+QnV5cGFzcyBDbGFzcyAyIFJvb3QgQ0EwHhcNMTcwNTIzMTI1NzM4WhcNMjcwNTIz
+MTI1NzM4WjBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMx
+NjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMiBDQSA1MIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAu5hBKP7+r8dtoZT14U1OKtTBSzI+U3nUC4p5
+ht3kD/DR9hWPB6/2Kljii7Ft4AXTSxS30YGwBpqEtIHzxjfgf/fuTb/eBx5wWhxz
+v0RWosEhUwyQqYX0lVEqHruRV6rjlkvtNYkhdEU2kmQs6j4T66p8AbgZLZSq42k+
+lEU3hGQ8NpDiKSvxX5aVorxsRel98AP0VaRVMZfeMYI5DkTcfWkTMrD+dDqGejOB
+S3V1+EstPV1Auf85LiUo0jbwy1ZOppVFftUczMyBwOENOrUwfjDyQnQrn4qhq+TD
+qAMua2/2+gX0jHZ/wwdP4mhSPjmlpNejMmzXbykDu74BJqWfBvz9fpG6C344M0Hv
+WZ4QLOTP5dKwMVTGF6S/QK3jJb8SdB0cDMCzsLBagC/F56+cLMntOXsv4DOvD3HG
+rmrEZKsjJB+0XWIVwdPif4ItQm6MJZq4rGkPymaKsaKAes7OpFflFj7ruQIuc380
+l7c98uVpIuszMTak3L8CaPN6nrpmIUGAaOT1fDdfANKnb5vVosSr6W/ETkF8gFsP
+Ljy09wzrUKH/Gnk7EdoBNwdy5zwP8z1F99j8QUjVVQwckBO/YsgJI6MOXoHqeHS3
+LVT18dZ66FJLYZTIXZQTtLDo3eQ6eL+vSNnakxMjO4nH90BQGy6l0CRPCIi0+a0A
+8HaUbA8CAwEAAaOB+TCB9jAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFMmA
+d+BikoL1RpzzuvdMw964o605MB0GA1UdDgQWBBQnUqRvLSqrQJOQ7NZpy/58YTt8
+QjAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0gBBgwFjAKBghghEIBGgECBzAIBgZngQwB
+AgEwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5idXlwYXNzLm5vL2NybC9C
+UENsYXNzMlJvb3RDQS5jcmwwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdo
+dHRwOi8vb2NzcC5idXlwYXNzLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEAvrrbRl50
+56kq5vOKuWUcazLEHuJlVyjr1QBpLoq1dZNjpmIFLjOmG7LLMv83Hs2d5Ww0H6Sg
+NlloNjp9JYo5PCruL+djEb5Ct787d0dD+sQ9wkEQNK/fgQ6hqef4Z/lYxmtNqCyR
+xxuK8LcgvMG5D3W9CLZYIqCyGgKZqAE0FtWyinPTzCdvxzCMRZz2dYJLN+2nejMs
+z1+FswjSnOyva0XegBZnjhrHNI3ZyB7nPILephet0AiYyXpXUuEvBXa6qVkeK8mf
+6uGgq+zTXqK52cKu2woOa9TV2/oyC1DzVNoZbfOgJ0Geh2TWeJn8rL+W4VrvxT6K
+w2+lk/YeyXgFd6km3FgEQk4pRnzuV3OtDErdQRW2lssR3gl9u2DF9IJYbzoRiVvy
+7wTHuchTygpG8n/K9ajaWDdEL7+jSvPjU5+HBcHwgcxDSYF3QSLNIsOaBS5O1Hob
+440ryhvw5lGgzqkVsToXJCaaSziOmqbzzNPHgQ0HM+vzvDTzC0Z6ikF0LGjkPSML
+a4qKpyJzIjLOjqPVnI51920yg/zZuN5nz1lQcH+0q7GVeoRaHE2iFyJnHXR+Ljl9
+2SHWMrw1jbhk7D5/u1XmtsS0r1oeHgbF7zi7ESOVLFs2Zcm5kewkPDljznSJTE94
+1YS4d5yABnRwkq6PSaKEvBRshdl84c/Fd7Y=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIPjCCBiagAwIBAgIIRIQedGGfUsswDQYJKoZIhvcNAQELBQAwgawxCzAJBgNV
+BAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQg
+d3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcx
+GzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEnMCUGA1UEAxMeR2xvYmFsIENo
+YW1iZXJzaWduIFJvb3QgLSAyMDA4MB4XDTE3MDUyNTE1NTE1OVoXDTM3MDUyMDE1
+NTE1OVowgaUxCzAJBgNVBAYTAkVTMUMwQQYDVQQHDDpNYWRyaWQgKHNlZSBjdXJy
+ZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRswGQYD
+VQQKDBJBQyBDYW1lcmZpcm1hIFMuQS4xEjAQBgNVBAUTCUE4Mjc0MzI4NzEgMB4G
+A1UEAwwXR0xPQkFMIENPUlBPUkFURSBTRVJWRVIwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQC9/oTZfflU1uAvn2PW3R17P4fo4d/Pb/ypfOchdNrYgp0o
+nTjvKsT0wucZwkQOIiS1MTE5BWcPdpm2aeUzOfJ8unRu5v0EDybh9xrN2Tp+pxP0
+6moaPagIRns06zfdkhLIV4HeL+NCr9N5lEtlNaUBpgyL3FzQEpOYkz9msqB8y3g9
++7PAcBr1EXxOxJhjcYn9oI+pIiM49m7XS9pKrHdJ0/FaTC763CLF1LlLxmGManpE
+CMO4VacQasEUVF7YtFAd9zNy4GHZLa2yf6cMjxfEWXWvCSx23LQzObTOWjQ0veeh
+NPvXv9VnXfumx9OxiC0KvWI4J4grzjWsVw6VWdGlfCCIe3JVEVSXLCub+hbwNAF2
+oRbw5cVSn6f2QEoLJdaZZPCy20ksNySB9BsUfk0M+06AKCUXMcybB6YMpMrA+xmV
+5i7ZmQKXEObgFt40Gh7NfoZdFgCXizIg8+/gTR9LtwUx1mjfDtl6jaNAUa7ZS4Hh
+h7ws6cT08mdtGCO+3lcxxz4IpWOwMq9YhFAHTWFboPqXFdDgM7tIwwZQ1TpI5lDT
+h7qBZRSGY+QfE9yXiSQBOzPTF2sMXTAv+cNWK/i9DcfgmTlH85dqK4U0iYTaXk2v
+FLx2p4zIp9Mm7USrfgtHgYVvo/5GE2MJEScry8Y7HhFRAmMykV07RsNg6J101wID
+AQABo4ICZzCCAmMwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUWxvuA3ui2+dG
+wMJUq6FQKV/xVtcwgeEGA1UdIwSB2TCB1oAUuQnKnB7b02w6a67tVPFbkwY1Ll6h
+gbKkga8wgawxCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJy
+ZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYD
+VQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEnMCUG
+A1UEAxMeR2xvYmFsIENoYW1iZXJzaWduIFJvb3QgLSAyMDA4ggkAyc3T6dV9I84w
+fQYIKwYBBQUHAQEEcTBvMEUGCCsGAQUFBzAChjlodHRwOi8vd3d3LmNhbWVyZmly
+bWEuY29tL2NlcnRzL3Jvb3RfY2hhbWJlcnNpZ24tMjAwOC5jcnQwJgYIKwYBBQUH
+MAGGGmh0dHA6Ly9vY3NwLmNhbWVyZmlybWEuY29tMA4GA1UdDwEB/wQEAwIBBjA+
+BgNVHSAENzA1MDMGBFUdIAAwKzApBggrBgEFBQcCARYdaHR0cHM6Ly9wb2xpY3ku
+Y2FtZXJmaXJtYS5jb20wfgYDVR0fBHcwdTA4oDagNIYyaHR0cDovL2NybC5jYW1l
+cmZpcm1hLmNvbS9jaGFtYmVyc2lnbnJvb3QtMjAwOC5jcmwwOaA3oDWGM2h0dHA6
+Ly9jcmwxLmNhbWVyZmlybWEuY29tL2NoYW1iZXJzaWducm9vdC0yMDA4LmNybDAN
+BgkqhkiG9w0BAQsFAAOCAgEAd5djb341DHmtupmToETVhwpmAw6TmHboPjpQ5FlV
+DFlKvjmdPhxph919a+aPgiAnGLJA89xfsIzihefLP0DdVI39SZ0bTawaIobxEzmp
+zK3JmQNy+ETHWnodJOaw5M8VdzKpa9ycjaZaX3lWWoweD+S6q1qZKUPfBH+MSUxc
+BkuYFR42Q45BOtwwR+AxN0LZTK2R5ohq89lxJ7GtS9Y929KndD++gwot6kaiMMws
+Glfu95BFwdpstF7wOX3fOnwjENmXt/gZjo6oTP1p7zMqKp6praE8mvm/KraxEKWH
+BXz3XH/Kf1LU65G/VeadUQ+eLXRTGNxnyTvHodZYSDEtkcPT3daiMSJ+5sfm92nf
+653iDsfGjbMfshMWvK65ACEnZIfEXuLUlelUbEjir6iV2HUCeb1Fz86vskkbrOOp
+XN+X1AsNcpKDWBKeExLpI0FGia6PhM1dbgozh5AxG6N7LvIPiLml1eJLPqMsA3xL
+5le46AIDV7wLUCR5aUWgNIiHeXsE2jqGpL4XCNbaALfxQh5vfrDiR5jp6NBWHe6m
+JRv51UXsklfUUXsejSom0YkpZ1+orlshq/UZCJ3N1X0Z22v8vIlKKYMSu+x0OxuN
+x/Hce43AdsgI6UTcF4p0B+7Ma2OxsOJPuPh0HOK1N/+ygBGASW+sNhyI/Lpueznm
+onY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIUY/4DvYu7lRKkCR7ZPF/tFMDhgdUwDQYJKoZIhvcNAQEL
+BQAwbzELMAkGA1UEBhMCSEsxEjAQBgNVBAgTCUhvbmcgS29uZzESMBAGA1UEBxMJ
+SG9uZyBLb25nMRYwFAYDVQQKEw1Ib25na29uZyBQb3N0MSAwHgYDVQQDExdIb25n
+a29uZyBQb3N0IFJvb3QgQ0EgMzAeFw0xNzA2MDMwNDA3NTBaFw0zMjA2MDMwNDA3
+NTBaMHoxCzAJBgNVBAYTAkhLMRIwEAYDVQQIEwlIb25nIEtvbmcxEjAQBgNVBAcT
+CUhvbmcgS29uZzEWMBQGA1UEChMNSG9uZ2tvbmcgUG9zdDErMCkGA1UEAxMiSG9u
+Z2tvbmcgUG9zdCBlLUNlcnQgU1NMIENBIDMgLSAxNzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAIagJaH0N6+HN+9jlWGSk8cajAmkcma40f97saznEfrH
+1H1boG6FWDSRZ4Gc0AbPVS3PWEW1nMX9DujF5fnhRYQZeuwviJGbIlEhTYuvF7N/
+TXPQN1SP+bq1eJIkn0kdhtaWOIajq5vGEHvQ6CFZEE/yEWlrKnH0FNXpRx2Yj7bN
++UKOTz5XkABuSV0QYqm6UDt5kRDFE9t/ChshTABxGsEM2vpe9LvKemsuOBtw0lee
+0I6MOsl0/kSN4kpoLjPeqqGHai3nUXCA+qWp+m+zwdR2OYTxl/TDBZp8wDLKhJTk
+/AFayjUwl1I+qTnU0WjppV5vwhc5vFBdZGM+RtrFPlkCAwEAAaOCAWUwggFhMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwfAYIKwYBBQUHAQEEcDBuMD4GCCsGAQUFBzAChjJo
+dHRwOi8vd3d3MS5ob25na29uZ3Bvc3QuZ292LmhrL3Jvb3Qvcm9vdF9jYV8zLmNy
+dDAsBggrBgEFBQcwAYYgaHR0cDovL29jc3AxLmhvbmdrb25ncG9zdC5nb3YuaGsw
+OAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF3d3dy5ob25na29uZ3Bv
+c3QuZ292LmhrMA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBQXnc0ei9Y5K3DT
+XNSguB+wAPzFYTBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsMS5ob25na29u
+Z3Bvc3QuZ292LmhrL2NybC9Sb290Q0EzQVJMLmNybDAdBgNVHQ4EFgQUkjewcJyO
+eduzGRO4m6UywLfWJ2IwDQYJKoZIhvcNAQELBQADggIBAIXSFgE04Z6AcMFFUWPz
+e4ZuBav4xr8tbAEDDSbaPRinQ2HZFpw0aIhAG4h4WaDD0dDrNs/w8XrWQY+YngTw
+6z/cta+ByVu4kGFKGRYLl9tWX8a1oWhETHcQ5uAUf+rT94gv4DWnSKDDNrT0AaGj
+bo//IF0UdQIBbCsZj0NQCgMouOgYC6zCUv4JO4tgwBwAVEXbFUyXH+rXtE1ZKSs1
+2XOnIeA8TCvPht5FJm8RPJNSu3QHYMdvle8ZJ7/Sa0uZMvpdMHT4OfQEO0UhP3MS
+flYUMfUhu6MIQqjSjwjHq9LyJvg0ehunFRot/d98LtApyRecd+sjNcLDf6EGqydE
+RAGub5g63McG9Lhz/85dSGTNIOjrD8qQyLxchmdvq2FQcsomTVlMXtlM8NXLDmPn
+Qjyue8q9Q+QO8BTDMSkmFYi5ss7ZzR8d3m4INx08g9TBY3J7iYTXppkputbu+6SF
+bR26v3uPz89u2L9bnnLBZglcJlDO7jpcGvCy07L5dQE015xsWq8txgC2Esf82HPt
+wludZKyEPpkqSwtOhpUy/4pnW9Nezj+BPLrgdkmkugwQtfsV/j6LPNdY43/10kz0
+OQVDufIavloNdaiv+8ATXEq1LXzSuOun4SPYmLNLqS590IGxjRuJe4DlRxeIJpEA
+HAiv/TLU/E8/SU/AWcwH0ZEz
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4TCCA8mgAwIBAgIUaO1J3aN5JZJXjDJRINoi6fHhC9QwDQYJKoZIhvcNAQEL
+BQAwbzELMAkGA1UEBhMCSEsxEjAQBgNVBAgTCUhvbmcgS29uZzESMBAGA1UEBxMJ
+SG9uZyBLb25nMRYwFAYDVQQKEw1Ib25na29uZyBQb3N0MSAwHgYDVQQDExdIb25n
+a29uZyBQb3N0IFJvb3QgQ0EgMzAeFw0xNzA2MDMwNDEwMjVaFw0zMjA2MDMwNDEw
+MjVaMH0xCzAJBgNVBAYTAkhLMRIwEAYDVQQIEwlIb25nIEtvbmcxEjAQBgNVBAcT
+CUhvbmcgS29uZzEWMBQGA1UEChMNSG9uZ2tvbmcgUG9zdDEuMCwGA1UEAxMlSG9u
+Z2tvbmcgUG9zdCBlLUNlcnQgRVYgU1NMIENBIDMgLSAxNzCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKp7LYoCH28yQ0mF1pjAbLQlH35nknzTCzHfv//y
+br2g+L5IKuAnGW2PJS4JsOTYTJzWg76lzBRTSBe0sj0wRIanDzbL8WxIXaGfPv6L
+VcnNnG+ZqvkBHyhnjdwNztKdaPKGkxX75APV5f1zrLW6OfKZ2AMUPYY4fRFPPpuE
+oQyOB6PspKtMI+BBRGlQr+CtFQ4Lntej1eyyUh70i5oaR8hi2dQmMY4Dg+AD4UoG
+bN4mW5iyfjo9zs0ywf+D2onX5kfVHHhBsAO/xD3NLynSJnJ8rCrxvmCRAoKMacQw
+ia40n8XgSDSkiwDwLzSvo7SGSVNd3a9MYyry+a2/3u9b3CUCAwEAAaOCAWUwggFh
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwfAYIKwYBBQUHAQEEcDBuMD4GCCsGAQUFBzAC
+hjJodHRwOi8vd3d3MS5ob25na29uZ3Bvc3QuZ292LmhrL3Jvb3Qvcm9vdF9jYV8z
+LmNydDAsBggrBgEFBQcwAYYgaHR0cDovL29jc3AxLmhvbmdrb25ncG9zdC5nb3Yu
+aGswOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF3d3dy5ob25na29u
+Z3Bvc3QuZ292LmhrMA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBQXnc0ei9Y5
+K3DTXNSguB+wAPzFYTBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsMS5ob25n
+a29uZ3Bvc3QuZ292LmhrL2NybC9Sb290Q0EzQVJMLmNybDAdBgNVHQ4EFgQUfzGN
+banFByJg+hkfhkDpB6/p4EEwDQYJKoZIhvcNAQELBQADggIBAHhcRfrSp2PLYo+5
+Vf81GatkgG01g/fAU3Ndz6VZ5xD6QXWX2lRSGtKpno9YJ9ZA9GHhIfTfUHvj6NaG
+G/94Hcchcfk0OW+SydtDQgQTVipweXEojzcjQZYySP1cquziI+fhfnBotqnIjWK+
+kQV/8ZGTpEJ/bICUMmgYmpQW1CiP62eCFlnyEz0x9pNBih4I2KwzdHRbUr96zhuk
+7FXb1pdcIDYqjkp9pE+2jh63N5ZaGj8eQYK8vjV6cVinV6mvwdI4/cG92hLjnuy1
+mcd+da6itN5V7Wwul4BJdQ4JOtrdvPbzcCSCMf2tT3prD2/dqPE71wpwnqrP/tbf
+hffR1baHcx0wFnvQyB97gslSrD8wwv4TfRDp6vQRmnikddRFPIcYpYUiIPTJxXwG
+2XCEqMMLwcf1fZoMBNZexAeLnPJSs2dSze/8mlRrhMX7DscJ8iZS/+Y60Q+dm3OF
+5TuLyHvy7j+iHvB2mgx2ifDKqghY1qWgv3DwuRGWYVb5BQBw9ZZTEKcdTiNN++X1
+cd22JuNuhK1+tvGS4oNFBrRRawDqA8DnWUVBF1tTRRq2aW6Cvu1Qmbjp6LuhPjsa
+8m2RqxQhpJHdKni+6jsRCwjVo9quvQDOWLR9N6xAv/0kHL7zTSVcowZK+r084CPI
+uX3C3WmSX8UXTHJRGpc3SrYaXXvZ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG2TCCBcGgAwIBAgIQNVQWJLE+V0a1YEDNhGhU2jANBgkqhkiG9w0BAQsFADCB
+lTELMAkGA1UEBhMCR1IxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBS
+ZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdI
+ZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RD
+QSAyMDExMB4XDTE3MDYwNjEyNDkwNloXDTI1MDYwNDEyNDkwNlowgZcxCzAJBgNV
+BAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRl
+bWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MTEw
+LwYDVQQDEyhIQVJJQ0EgUXVhbGlmaWVkIExlZ2FsIEVudGl0aWVzIFN1YkNBIFIx
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvjOPdN8BjJTj+2dZiDW/
+0v5zblNcCyBZQnBm1PT/ejatEAaV8cKhzWCD7PHwahve6Dm75QjLtDkUXOPqmhfA
+rdMx5Y6ur/2y2DtxJ0KAuz/4S8VzKeWa2JjjOCe7QlMrDPsCX18YcLuoOYT6nx/q
+0Xb6SPfh0A3jCLoS7SWw1V/y+2yMqPHDKdjXjbgrrx1GLzC1ddFnC1BVKJf1eUYa
+Ycow+4Ac9mKCUxwgrXDLUFuy+1tUANoGx4iqIl5V0Do0f3oQuYkne5FBvHftplDa
+6IDRAy9YcqqR4nJoKJdmFqbQLoxrZjbFiqynPgimRV6biGRwCYZKE0bqcOiv2MLE
+B5il7QJaw5axalBAhf0xTAW+rJqj2FVz+mo+q8oVw3S2nMeZdNjSECFagZzHmnsM
++H9ULiy+/bW1eN2gD7T1iLGHPP4DvSWZNV26Sa7lepejBlRfSpsqGHbCx67qybmT
+m5oUxm4mQydXoUoptBDiIp08DHqV8H6Oji4MbH7cPHfaZgTTVcw7jOhRYwqVDVrK
+iNGTAGgED6KMirqDcpX7cKeenXwrhn1wdSUjRnbZVm0JnB8b2QX/9y24YF30ZioB
+CU1001oNHmnarKlAfJ8lRqKkSp5kLboN8ZbK0IqB7j26h4lFNm/jq3w5QiOTK2yQ
+zkZOuaidGDFS9OqMkIpRSMkCAwEAAaOCAh8wggIbMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwDgYDVR0PAQH/BAQDAgGGMCkGA1UdJQQiMCAGCCsGAQUFBwMCBggrBgEFBQcD
+BAYKKwYBBAGCNwoDDDAdBgNVHQ4EFgQU5KXK5AFAXqwg5iqi87sxIUp8SHEwRgYD
+VR0fBD8wPTA7oDmgN4Y1aHR0cDovL2NybHYxLmhhcmljYS5nci9IYXJpY2FSb290
+Q0EyMDExL2NybHYxLmRlci5jcmwwHwYDVR0jBBgwFoAUppFC/RNhSiOeCKQp5dgT
+BCPuQSUwbgYIKwYBBQUHAQEEYjBgMCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5o
+YXJpY2EuZ3IwOwYIKwYBBQUHMAKGL2h0dHA6Ly93d3cuaGFyaWNhLmdyL2NlcnRz
+L0hhcmljYVJvb3RDQTIwMTEuY3J0MIGQBgNVHSAEgYgwgYUwgYIGBFUdIAAwejAy
+BggrBgEFBQcCARYmaHR0cDovL3d3dy5oYXJpY2EuZ3IvZG9jdW1lbnRzL0NQUy5w
+aHAwRAYIKwYBBQUHAgIwOBo2VGhpcyBjZXJ0aWZpY2F0ZSBpcyBzdWJqZWN0IHRv
+IEdyZWVrIGxhd3MgYW5kIG91ciBDUFMuMD8GA1UdHgQ4MDahNDACggAwCocIAAAA
+AAAAAAAwIocgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwDQYJKoZI
+hvcNAQELBQADggEBAH0QKQqKXsRFVwhRHXLW2FgBK99YnsWJeLudiBm2D15AJ26O
+INVkUOxSRZwuKBOz/wLDjNTNicYD0lvLf75v4VcCTgH9JzE1gTLESzk5TCZjMTUS
+/Do8p1Zl/81L+7pfa9jI9CX39cr06L2N0eFmfn/bhv8rTGoLcmyqM0OJzZq82hux
+6EMmOBEfm3CCKcp3ITdTahEZ9lN/YImGvzVwPGQemude7VZy8f0moLuFpaAGdJw3
+FupEMbtuotIdFtp9m/JHnNn2ksCZKb7dzmGPJWCKRMuXqAXpHKxaexAdczwhV1Zs
+omlOcVdLUMXyv582PnzbwShL29A4U6qklPoFjWc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG2zCCBcOgAwIBAgIQcTzUzhFn3QgaTa7SsgUa1TANBgkqhkiG9w0BAQsFADCB
+lTELMAkGA1UEBhMCR1IxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBS
+ZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAwPgYDVQQDEzdI
+ZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIFJvb3RD
+QSAyMDExMB4XDTE3MDYwNjEzMDMzOVoXDTI1MDYwNDEzMDMzOVowgZkxCzAJBgNV
+BAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRl
+bWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MTMw
+MQYDVQQDEypIQVJJQ0EgUXVhbGlmaWVkIE5hdHVyYWwgRW50aXRpZXMgU3ViQ0Eg
+UjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDbwABPipg5OXMq6Ofn
+uUMkd0+Ec8v3PqiO+FEYaCdCZ/e8YIHWEwT7/M5FxwA3aiWqRxTbFMabRMvQxXqx
+BAx62drH8BMU1Hp7w7AdX07l3gsjmi3toi1720tKIELUae1LjIuxYTgT6eIZ8X03
+hwexeVbRz3luz4O3rN0QjffA2n3L8dEHnDd1lru2qXUuqfKlwIrHy4Im6x0ZN6Um
+vZz/xblPXIljYg0qh0TcUycBYuOGTSGfnLa8xCy/hb1emSajKnXYjSPDh39vO7bW
+Q9GQkDBli1mN5Sp/IyzW+5v5nYSMkrjPrERGqPNGXfBSn5yXdV12/9TFZ6lbWFtc
+GN2AeOcDsvLTeISuoKtVzvdu1QVMQPIE4/x8SubzmxEn4mGtepaEbkWKKz8AKqnX
+0l0aDcrQlBH0wXtepMbBbbpD/ELwaZU/hYYBLu4liT5foocLUSo1pqrPVRYjIf6U
+Rmn2wbWC1XCnNwftzLYtYtDiPsLtQBoOqcvNEBcpTfICPhhlj1jpYQ5lDb/9Zk7R
+PjVJFkSH0bjqz+nXdR8Cp/wWThsdIo6EmvT7gBkdRjVhyKKWVEq0BbAR1zJNOwJX
+Ucb2CsIl6T83uFqJocoSu5hEZIn6tsC1Z/QUjhBGLhleAL/gPq3gIp4dR1VCevFU
+fxjoujXgrO3571eZm79moLUZpwIDAQABo4ICHzCCAhswEgYDVR0TAQH/BAgwBgEB
+/wIBADAOBgNVHQ8BAf8EBAMCAYYwKQYDVR0lBCIwIAYIKwYBBQUHAwIGCCsGAQUF
+BwMEBgorBgEEAYI3CgMMMB0GA1UdDgQWBBRzdapdJSbybcDrbNL0arXScim0CjBG
+BgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3JsdjEuaGFyaWNhLmdyL0hhcmljYVJv
+b3RDQTIwMTEvY3JsdjEuZGVyLmNybDAfBgNVHSMEGDAWgBSmkUL9E2FKI54IpCnl
+2BMEI+5BJTBuBggrBgEFBQcBAQRiMGAwIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3Nw
+LmhhcmljYS5ncjA7BggrBgEFBQcwAoYvaHR0cDovL3d3dy5oYXJpY2EuZ3IvY2Vy
+dHMvSGFyaWNhUm9vdENBMjAxMS5jcnQwgZAGA1UdIASBiDCBhTCBggYEVR0gADB6
+MDIGCCsGAQUFBwIBFiZodHRwOi8vd3d3LmhhcmljYS5nci9kb2N1bWVudHMvQ1BT
+LnBocDBEBggrBgEFBQcCAjA4GjZUaGlzIGNlcnRpZmljYXRlIGlzIHN1YmplY3Qg
+dG8gR3JlZWsgbGF3cyBhbmQgb3VyIENQUy4wPwYDVR0eBDgwNqE0MAKCADAKhwgA
+AAAAAAAAADAihyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADANBgkq
+hkiG9w0BAQsFAAOCAQEAd3Zvo63EybJGxlZGf2NDonU2rGl34HsFmAhSBb/l79+f
+3u4Mnk58axdbOA/E0SRLbFemth7/AK905MSlsX3Zq9S+TW5rB6g7LJUnh/tQqqJ4
+FrY0dwKsuppXpasbLyjYuuF87NJ5zOErkf2nIwcQYl2sewsisCHouy+y3XpDuXZL
+Mq7u+rv8JfeSJpTqrqhyblCwpXmq6/0g5QfAh4N8f/28f2zhZsBdsA33BfwtOiTL
+Yw3wFKGWO2BcnuWLttRCZrC+XUI7OaSPFEDcnxx+xVxhdThTQ88tUGwYPDgnYMze
+qC45lC/ZNL9HIDSRTSvVxV9zXCxmEspq8wcaNZ0IwA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEyDCCA7CgAwIBAgIRAIJ/R7U230nBEq0f/V7vYQwwDQYJKoZIhvcNAQELBQAw
+gYExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMScwJQYD
+VQQDEx5DT01PRE8gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTcwNjEzMDAw
+MDAwWhcNMzIwNjEyMjM1OTU5WjCBnTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdy
+ZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09N
+T0RPIENBIExpbWl0ZWQxQzBBBgNVBAMTOkNPTU9ETyBTSEEtMjU2IENsaWVudCBB
+dXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIENBIDIwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCddbPnFRa2XIrVQpAFRBZt7xa7ft6/5hl+fUDc
+k0lLegbg/nNWDlIHqAHNb5kQuvMs6m+TKb8N0PhWE6UMFd0i4yIsnutwLyUlaE6N
+3aiyniPPggzDXETueHwZV8OyfEkm2WENjmJc1nx/Wxiluo9nqgxx4/ix8bDXcPcy
++y+SVjUrGdyiQtONODAr4r7niZc5EYnDZmxbq5xvxYa9ssgKMbiCl9u7PrFmbu76
+4Fx6DORKftpCPeVlGrbgfurIlQ0oQIj0h2HkSnOoTABwT3gph/gq6ZnZ6jF7y6IG
+vDTtaAA7YQQQt6soXEBRFbsyf5PGkwdlufSPJvXgujMoooMFAgMBAAGjggEbMIIB
+FzAfBgNVHSMEGDAWgBQLWOWLxkwVN6RAqTCpIb5HNlpW/zAdBgNVHQ4EFgQUOPtT
+yu90tuiSd9guc4CfmYhjqMMwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBEGA1UdIAQKMAgw
+BgYEVR0gADBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmNvbW9kb2NhLmNv
+bS9DT01PRE9DZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDA0BggrBgEFBQcBAQQo
+MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG
+9w0BAQsFAAOCAQEAFDIKD54/ZDEckUUyIjFqLt03IHj8mU5vLR/krEBSAb5NWH9m
+FxXmfj52ln+wraZlSscV/2TAdKspFcW2caaDbKcZRM3QLrhb7EUmmnMie3KBs9JD
+koSAvfsosRXKO6Dgv6ptzwWdJxotCiEVf8idIgIXq5nUZ6c1xcMGpaS7lWCfqmWv
+4g4v/PdURNW85g35XD+D5Rxmvlveil6zQMbPQ+aj9Y9Gg7WIzwUzY4Tjn8Rue4ra
+lBsvsYpOgbQK6tNobNS5PrKxfeTbKqFnMGAjNaAlRylz7vd5va4nZ7ORiKihPK7p
++WaGDhIIBZaqeChvRatk1cY7lXSsc3nPeoJGbw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFDCCA/ygAwIBAgIQC2fJNaFyfIMAAAAAUc4XCDANBgkqhkiG9w0BAQsFADCB
+tDEUMBIGA1UEChMLRW50cnVzdC5uZXQxQDA+BgNVBAsMN3d3dy5lbnRydXN0Lm5l
+dC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxpbWl0cyBsaWFiLikxJTAjBgNV
+BAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNVBAMTKkVudHJ1
+c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw0xNzA2MjAy
+MDMwNTVaFw0yODEyMjAyMTAwNTVaMIGlMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN
+RW50cnVzdCwgSW5jLjE5MDcGA1UECxMwd3d3LmVudHJ1c3QubmV0L0NQUyBpcyBp
+bmNvcnBvcmF0ZWQgYnkgcmVmZXJlbmNlMR8wHQYDVQQLExYoYykgMjAxMCBFbnRy
+dXN0LCBJbmMuMSIwIAYDVQQDExlFbnRydXN0IENsYXNzIDEgQ2xpZW50IENBMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWD8gC5icJOM9hliS602WJcO
+Tv6djwAuP/5sgg1BhiMj1pPNg/6PQ+Hi620oGxG7AfrrgE5zXt5axao6M7GL3njS
+JPvRFL2UTZJfmDRZ/9iGNhx3uGFiVlj7gFUPAymEfejQs6bf9SK4JL/kA6x5LE1+
+WqgSDwH4zRCTzy0cs3Rrh9u+wrFnIw7o48cQxQM4t8gFRaCL7CQV3cscOF9mmQiz
+99eR3F+XB2LcQZyO0cY19lOnd65oFDWkZxM+SY1uvp8go5+odxm8OLtV02DOoP6v
+t9xMGZqTc+iXvgU/f3fyaaX3nV704PgOsCL7Pqg2Gm5ExI+katW2pYzcnPOwBwID
+AQABo4IBLTCCASkwDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwME
+BggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDMGCCsGAQUFBwEBBCcwJTAj
+BggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMgYDVR0fBCswKTAn
+oCWgI4YhaHR0cDovL2NybC5lbnRydXN0Lm5ldC8yMDQ4Y2EuY3JsMDsGA1UdIAQ0
+MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0
+L3JwYTAdBgNVHQ4EFgQUR5CkoQpDIL/QdFS4lPrEe7W2HAUwHwYDVR0jBBgwFoAU
+VeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJKoZIhvcNAQELBQADggEBAAZRHzVkV7eD
+yEBH/+nEAkzO8JCBAD36X+E1YFUUrxbKPwZhE+qAuQOHfK1hyh3YSF8u5yragUZ5
+nHFVOJMNxMyKQvqyso9LsYr3h7jF9jgQVDSyyvKGrisbp5dotcwjrE5ctdXtF/kt
+3BknDBburFn7VjPJLdw9YEakv4+ut8oEsO67XGjBgxh+awbKMBzPg6lHKUyh2I0Q
+71pkxxlcARAY/kWoK2abCzntedR7T3NW79200QLFQSqOI4jbn5BeJ8DRLLV125rl
+MNpDZf62iPhlvGByh1UcQiKow0/B1JP3IzYMxpV4fN8Q6qWE+FBzuPBQorzHqqmY
+q60WGPOKmZ8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFTCCA/2gAwIBAgIRALy02EMDW3WfAAAAAFHOFwkwDQYJKoZIhvcNAQELBQAw
+gbQxFDASBgNVBAoTC0VudHJ1c3QubmV0MUAwPgYDVQQLDDd3d3cuZW50cnVzdC5u
+ZXQvQ1BTXzIwNDggaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYD
+VQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVkMTMwMQYDVQQDEypFbnRy
+dXN0Lm5ldCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAoMjA0OCkwHhcNMTcwNjIw
+MjAzNDMzWhcNMjgxMjIwMjEwNDMzWjCBpTELMAkGA1UEBhMCVVMxFjAUBgNVBAoT
+DUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0Lm5ldC9DUFMgaXMg
+aW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMWKGMpIDIwMTAgRW50
+cnVzdCwgSW5jLjEiMCAGA1UEAxMZRW50cnVzdCBDbGFzcyAyIENsaWVudCBDQTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQyjULQnhmdW5BaEEy1EAAh
+uQdI3q5ugNb/FFAG6HWva0aO56VPrcOMsPp74BmR/fBjrXFJ86gcH6s0GSBOS1Tp
+AJO+cAgx3olTrFe8JO8qj0LU9+qVJV0UdtLNpxL6G7K0XGFAvV/dV5tEVdjFiRk8
+ZT256NSlLcIs0+qDMaIIPF5ZrhIuKgqMXvOzMa4KrX7ssEkJ/KcuIh5oZDSdFuOm
+PQMxQBb3lPZLGTTJl+YinEjeZKCDC1gFmMQiRokF/aO+9klMYQMWpPgKmRziwMZ+
+aQIyV5ADrwCUobnczq/v9HwYzjALyof41V8fWVHYiwu5OMZYwlN82ibU2/K9kM0C
+AwEAAaOCAS0wggEpMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcD
+BAYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAzBggrBgEFBQcBAQQnMCUw
+IwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDIGA1UdHwQrMCkw
+J6AloCOGIWh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvMjA0OGNhLmNybDA7BgNVHSAE
+NDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5l
+dC9ycGEwHQYDVR0OBBYEFAmRpbrp8i4qdd/Nfv53yvLea5skMB8GA1UdIwQYMBaA
+FFXkgdERgL7YibkIozH5oSQJFrlwMA0GCSqGSIb3DQEBCwUAA4IBAQCPZu3famx2
+OlWN4DOF2xAiuC5yViOf1O7AT3+8/osjR96zY7jC1gUxmOjFykGgkGoCleJlT0br
+40RCQ4g7ZvsUEclXojEowvQEQdnCuraZtZ7sCzvMupphNdYQy0YPlGZkZGr+texL
+0QMZvz2CTvt5U+LrpXIm7ZmHbWnjG0BT6GHTUNQrGZy4WoC6016m+1gQs21VMh/j
++h469twl+aLY8ReyI3yX11tT90VCGUjh1lcVdljc1nVMt4xelbbwVbslHil+/zQu
+dIPY+tKNG2dk0IDE/frAjLu/xMNClsAozoK1LkJ+FtjbWa6dzpEJ0cSzocuIIzDJ
+BJv0fKno1rgQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID2TCCAsGgAwIBAgINAeJyuF2IBXDU/b3DQzANBgkqhkiG9w0BAQwFADBMMSAw
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFs
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xNzA2MjEwMDAwMDBaFw0yNzA2
+MjEwMDAwMDBaMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52
+LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIEVDQyBDbG91ZFNTTCBDQSAtIFNIQTM4
+NCAtIEczMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE87ptRJaRgkxj4hA0gkfA0k2e
+Tx/9pM/Mk/5vGOC8gdMkJm9wo/nOI270X4GyZJkwE8HLkk1T2lTSUWfb8NCMXa9V
+JwkSHyJz1Jnla69Czc7lwbPC2RQ2WGo9eWmpKZz1o4IBVzCCAVMwDgYDVR0PAQH/
+BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdDgQWBBR3MiqDistg+LsbRqkoJ5cyD/zdXzAfBgNVHSME
+GDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYIKwYB
+BQUHMAGGImh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjMwNgYDVR0f
+BC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNy
+bDBWBgNVHSAETzBNMAsGCSsGAQQBoDIBFDA+BgZngQwBAgIwNDAyBggrBgEFBQcC
+ARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZI
+hvcNAQEMBQADggEBAIG7uZYDXvAgQaAOXuDQpaz8sH/NxDnxDbtsl4C8AkOG8SO8
+qjk2qoYkTPXdsv8Mni/SD02SeQYXOPDYKtAjazTx9bfNhz5qwbdnLHSYgJEw00rY
+jS3JQ9sn2PlHi/X/PZ+9T12G75w34WA/48YKoKTC7RZ7mYGzZrEybB7ENqItFnM3
+b0Wx8qJvMebkxAnnYMkRdSjzdi1EmtI0wzF7jAUv78ssRPgik1mXP+tPsX90fDhG
+nzYeJhMEqFGaDEmE3XXHP91t7aI5uWHUfv9BdI4hcZPSdxtgQwrAqFlpu9kf5ukK
+YbbKs1ktItGIBGiMCANYP24fC8iKwEGiX8wBcAw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuzCCA6OgAwIBAgIRAP6z1iISG5JGOEZiOKLjAIMwDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0xNzA3MDYwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMIGdMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBN
+YW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0Eg
+TGltaXRlZDFDMEEGA1UEAxM6Q09NT0RPIFNIQS0yNTYgQ2xpZW50IEF1dGhlbnRp
+Y2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EgMzCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAI73aWA/XLQXKBh/ahXYl49o1PN22uV/cd3LvZCGHeXfZsCM
+mUQyMhxQvTjjKPccuNOmdZtYNakTF3dxEyhkn8uFgG5E0FWLi8qZR6kj2NsmKOXS
+n9ZHhGOicLfJ/R9STkryKKTWnIPbbLm+mq63Lt2dCuKq4v5S4PTHZn++v97eay2r
+NTV8P/U/e46HDEv1/+j3jlZgJgtcuYwWFTrVHH7mviSzrZDnWIpBj69t1L4M4ZRD
+DO1uHq5k6StofU0llbOnhTYrbGdgw7eKDkFAugr7Fcuwz8xvOOy7CvJaGQeP9bQY
+YnIzM5eucE7PNv2eeVkyRJglV5vcLh6u1J3I03ECAwEAAaOCARUwggERMB8GA1Ud
+IwQYMBaAFKARCiM+lvEH7OKvKe+CpX/QMKS0MB0GA1UdDgQWBBRsl7WY9Re4+b1i
+bA9KTnlJzYK1ZzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAd
+BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAGBgRVHSAA
+MEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNl
+cnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcw
+AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBc
+rlbxm34isUwPGOLpQqNM3gWGObKert7GZG3Hj8/uQ8UicwrY0n20UysUTakrCYx9
+w2iLHfyz3mc9pAlo17Vh7R8AC/AXCs84BrPr0l6Lf2dkvxhlz/YkS0BpmU3ZXArr
+1PB2v1AmwtszL/GlgpVUcVFRXJnjvz1XhBm84lXhI1MmGhZUL0q1FZdgPm95xa9i
+capwW/NbYsJWkXtmJDf9BD6W8V5tAaWQqUELCAwORiN+j+zjJ8YK6ZHttr/oWUS6
+momqigO3ZroVjLp26/vODOH9lEMmnLNoFOwN+wcnJGrA5KGFs3a8w6y/kRceyFrm
+0+FO9zxlNMwGMmUM8f9K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIUDCCBjigAwIBAgIIAklSi/v/fd8wDQYJKoZIhvcNAQELBQAwgaUxCzAJBgNV
+BAYTAkVTMUMwQQYDVQQHDDpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQg
+d3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRswGQYDVQQKDBJBQyBDYW1lcmZp
+cm1hIFMuQS4xEjAQBgNVBAUTCUE4Mjc0MzI4NzEgMB4GA1UEAwwXR0xPQkFMIENP
+UlBPUkFURSBTRVJWRVIwHhcNMTcwNzA2MDg0NDU1WhcNMzUwNzAyMDg0NDU1WjCB
+kjELMAkGA1UEBhMCSVQxGDAWBgNVBAoMD0luZm9DZXJ0IFMucC5BLjEjMCEGA1UE
+CwwaV1NBIFRydXN0IFNlcnZpY2UgUHJvdmlkZXIxFDASBgNVBAUTCzA3OTQ1MjEx
+MDA2MS4wLAYDVQQDDCVJbmZvQ2VydCBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBD
+QSAzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAnReJEy7VPsENjXww
+eHiOaHiOnZyTKSO3siTMJ16K8Sj7e39JMr/dRUIIv2QNc3m3yZC9YYP6amtIEae9
+iiroOiU5mMNdVbFQHE6hCOg3sG/Jd47K4hvQXAhS0q5VQ+ZZtj3ULi+ETZEtJQPi
+wLdWrA6ce0doi/2v8VboNEOxU16kKQlnQrtHQmxYTlpipoOjlRc7XZbo0H3gK31Y
+yVwEtuDCBLLPLMx7m+YUKBSlmdqZq7dMVkpr2JcUW3H+/E2GiE1VORmyuPowpQVT
+LuK7NEB2v/pnkDOk3NqGoXJ8bQNHn94AfDJPfZm44iKmtEkXpj0AyrgMkAE1Fqe6
+55XmStsX3blinVA+t0AxI2VUAYtyTgvxCQmMJVnk37uVCE3QdyC/yn7S1akIVB7k
+PZBvILjwjEmijzzb6BlG2VLzAvH4RM/SQt8cT8wBuuGy6jQYJHCAxMW4FERZBJr6
+lhAZoGB6XqkU3jlWJnmt8R9xqn41yr3nnXzkC+5PR/5xUbWiis2iNOrnUyMMeGhj
+AFRBqR7jJj2u4m4oQ8TMYU035+3lD7kHN5Wjx4BsKmjiaDI0WPRM3dUkDpYJajwy
+RvitrYuJxEh3l8Iw3DWfUl2u9CCddV/xgak412I4SIAF4P9bTD7VHuWUEmrx+wTm
+Q8CHipGeKLJF51dROHIJq5ZKpPkCAwEAAaOCApMwggKPMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFF8Ou7nPR5IMJjRWBb/cnZ4YvcklMIHgBgNVHSMEgdgw
+gdWAFFsb7gN7otvnRsDCVKuhUClf8VbXoYGypIGvMIGsMQswCQYDVQQGEwJFVTFD
+MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1l
+cmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQK
+ExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2ln
+biBSb290IC0gMjAwOIIIRIQedGGfUsswfwYIKwYBBQUHAQEEczBxMEcGCCsGAQUF
+BzAChjtodHRwOi8vd3d3LmNhbWVyZmlybWEuY29tL2NlcnRzL0dMT0JBTF9DT1JQ
+T1JBVEVfU0VSVkVSLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AuY2FtZXJm
+aXJtYS5jb20wDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
+BgEFBQcDATBABgNVHSAEOTA3MDUGBmeBDAECAjArMCkGCCsGAQUFBwIBFh1odHRw
+czovL3BvbGljeS5jYW1lcmZpcm1hLmNvbTCBhAYDVR0fBH0wezA7oDmgN4Y1aHR0
+cDovL2NybC5jYW1lcmZpcm1hLmNvbS9HTE9CQUxfQ09SUE9SQVRFX1NFUlZFUi5j
+cmwwPKA6oDiGNmh0dHA6Ly9jcmwxLmNhbWVyZmlybWEuY29tL0dMT0JBTF9DT1JQ
+T1JBVEVfU0VSVkVSLmNybDANBgkqhkiG9w0BAQsFAAOCAgEADMydG0cvMs0XMhPl
+9MhFhfFzsAGk2ZpmEZj2Q1Z5WpbJRG6KpbuSpGZS7S1lSki1drgOoXIQyadc/6EC
+QsmDEMPHeGW+B4LuA4EkwwMa6RVq5o1tSZk1IVZfiAPNabDTvUzbD/d10fkV0rTd
+N5akiOZ05fWFSI/VedNfTLgwzUbIVYO2foaCxAWWjJNf8UzlFLA2UWJTWWiixiGf
+YCTaUU40Szjsj8FiGVK62PpBI2m7GGqKIWK9Eip9btn2MfU/PsfcvzIyulHGJlYu
+lBC1JO8EdERO00vE+mjmDjdNspuYVUYO3Ew6R0XVZUKe1ryeAEj4GG3ABLUzW9IY
+hsqC5Zr80/RHKVBkaT5mu1Dvms2D4wcYQPstShOCVXfMYQulB/yGrwxIR/oy+tRX
+mk1gf9Fru5QznslGkn/UifECrjJLD4eY72ZsTEP2jQINw5zf+mSUMhaEKlqmfheX
+wuWgvQCffWhMeK/4KHK9FFSnRu2IT6L06KXOE3cn00Uu2Aff+BD5vkUM9813e8GA
+bxeCdypfU4fxdUkl2syq8E46LUge+qGKfHAZ16lqi4kDxHIFWGiIiuB2UTPw+7eA
+QTi+8e0zPYhAzYvMueGETAM/8/J5xaedvRs6ZLUUBXl/d1ZF0G1FT9f6Zm1XtFsS
+Tkd3YwUT4mqCQn2Yu/PWKNVX4ME=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIXDCCBkSgAwIBAgIIB9mxhOTwQxAwDQYJKoZIhvcNAQELBQAwgaUxCzAJBgNV
+BAYTAkVTMUMwQQYDVQQHDDpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQg
+d3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRswGQYDVQQKDBJBQyBDYW1lcmZp
+cm1hIFMuQS4xEjAQBgNVBAUTCUE4Mjc0MzI4NzEgMB4GA1UEAwwXR0xPQkFMIENP
+UlBPUkFURSBTRVJWRVIwHhcNMTcwNzA2MDg1OTE3WhcNMzUwNzAyMDg1OTE3WjCB
+njELMAkGA1UEBhMCSVQxHzAdBgNVBAoMFkludGVzYSBTYW5wYW9sbyBTLnAuQS4x
+IzAhBgNVBAsMGldTQSBUcnVzdCBTZXJ2aWNlIFByb3ZpZGVyMRQwEgYDVQQFEwsx
+MDgxMDcwMDE1MjEzMDEGA1UEAwwqSW50ZXNhIFNhbnBhb2xvIE9yZ2FuaXphdGlv
+biBWYWxpZGF0aW9uIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+1vAv01w5OR5rrdjTYynPiyq6QHtYPyMrurxfWwGmJ+Xm8oUa0aUjC3E5+iDI6ZTz
+bWZ8d6bHFnPfmyEQelxypkviLN+37b49nRBYBqKdgSl5rrpEmPa1NgUC96sdpDoa
++sR67B1uGuwRK8G+1h6gHPxNsCSPyMGmxDLSFRqovJTV5HdZqQ6uqS9YayIw9sag
+/j9Qb6NdgJV+pxaIGbAN9eeus/EJ9odxqds+DXLB5/z6U5hBf+UX+rpzCXV2s2d2
+Q9VEeH1kOtuqQIxq7K4AcdISJQmTFoYrYXYsAJTWOw0GslpBqIYl8MScVWwDmH6c
+rdC6vOlOeYep4q6tupk0WQIhj+3v7rpRKIGaXEaMeT8Ki0M/t7qVzC4u+3ei9yYw
+Set3fYt3ihyWc+zZT777BwQynvFn+ku5N2y3S4ba06iOphjS9vpfPwShNvO70fQn
+BtNb3iye/Tkdtda6Z5WLwx5YEnvdHLUoDjsJafMB+6+jpQ6uHFa1986hH0t6WjD4
+xJMkNZJcNVzW6ozH2qx7Wp1fBb9/Y8hBHldFR6BMyxc6G6n4BVFhVd1F2t/SlV/R
+H+LNpLmoRuLBDoGrUHYUgz0F/i3uQoQTi3G9HeZTYjNypxO85uVFB4kUPnps4ov+
+7HHedvOGvsiCBjKkB1YFbhFJIV05mdGP60M+aXKgA2ECAwEAAaOCApMwggKPMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHGK8B1yEdc5AMKg+QFnp0UHDNND
+MIHgBgNVHSMEgdgwgdWAFFsb7gN7otvnRsDCVKuhUClf8VbXoYGypIGvMIGsMQsw
+CQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNz
+IGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQz
+Mjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2Jh
+bCBDaGFtYmVyc2lnbiBSb290IC0gMjAwOIIIRIQedGGfUsswfwYIKwYBBQUHAQEE
+czBxMEcGCCsGAQUFBzAChjtodHRwOi8vd3d3LmNhbWVyZmlybWEuY29tL2NlcnRz
+L0dMT0JBTF9DT1JQT1JBVEVfU0VSVkVSLmNydDAmBggrBgEFBQcwAYYaaHR0cDov
+L29jc3AuY2FtZXJmaXJtYS5jb20wDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQG
+CCsGAQUFBwMCBggrBgEFBQcDATBABgNVHSAEOTA3MDUGBmeBDAECAjArMCkGCCsG
+AQUFBwIBFh1odHRwczovL3BvbGljeS5jYW1lcmZpcm1hLmNvbTCBhAYDVR0fBH0w
+ezA7oDmgN4Y1aHR0cDovL2NybC5jYW1lcmZpcm1hLmNvbS9HTE9CQUxfQ09SUE9S
+QVRFX1NFUlZFUi5jcmwwPKA6oDiGNmh0dHA6Ly9jcmwxLmNhbWVyZmlybWEuY29t
+L0dMT0JBTF9DT1JQT1JBVEVfU0VSVkVSLmNybDANBgkqhkiG9w0BAQsFAAOCAgEA
+nBHB//Sjc5UsZbAH1yiYkDSGGNcbbWqPG7OgMPTCDjUBFU2/Wvk3zvrm97LdLWuk
+a1PG6BLV6BDVAsZHYjjC76Q79y1PNuHMj+bV4Nq8POwe+W3428tWjQqDSQLzbjb2
+enxhLUv/DrKPs1e734BLsRmvL6vjlpax94d1zmolPXQnrhU5HRerJo4Msg4NleRq
+Nl7CHxLXF7JhzMswwt7HSV+MSBXW2cmnRKaAEjLsrOXVG5F5aH92uUm+KOtbbCLi
+LAUBWucJZ8FoAtyw+/Dmbt/C4jtZj7k/wwVvnwnxoDvgNDZpsWe+x4tURUYu48iS
+iE/IhON3MW7EgMBrAT9OeqypKVBInwFpufYtk3S3slW5Nb01mfWavBf9YSpzU8RO
+GZ8b3kTpgteclIJPNYlLLF1O6Tk5pl4B1+h8DnNcOnZtfU0UcCfS+Fe2I9Xr28mi
+ssqMdzn8pFX0RC9XDPJ8M46ED3zIKIrWVlyQaJtzLCNvOF73mgkgHNggKBJVFpsw
+9jcT49B63KLiTyGylMpXN9DsuVa029TaOYCm2H3OL1+HZtxlHm7ORV1sh3RXSRA+
+E6mhxMCRoAkZl7ZfkPjiamY2A8J4nQVwAlDLF/R05IJkV14GU/mAud9wYTxwKxWn
+trB/oDD1QeUepMtchfjeqiAvY4IUSG/c2ow4Z0pogus=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzzCCA7egAwIBAgIQDirzLp49cVXaiArw3DQknjANBgkqhkiG9w0BAQwFADBi
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
+RzQwHhcNMTcwNzEzMTIxMDU3WhcNMjcwNzEzMTIxMDU3WjCBnzELMAkGA1UEBhMC
+VVMxLzAtBgNVBAoTJkdvdmVybm1lbnQgb2YgdGhlIERpc3RyaWN0IG9mIENvbHVt
+YmlhMS8wLQYDVQQLEyZPZmZpY2Ugb2YgdGhlIENoaWVmIFRlY2hub2xvZ3kgT2Zm
+aWNlcjEuMCwGA1UEAxMlREMgR292ZXJubWVudCBTSEEyIEVWIEludGVybWVkaWF0
+ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM1pKsPqL9jLqs1g
+JbBX1mahy4LBmZr3CEfaEfqiNKedzcfsVpB8v06SjtVjA6GHPcDY6x2j8hMBO9LS
+PaeTvrGJdI8RQzFcz/XAOeHyWkmN5sqwisgR7PzJ2/p7oAuFONeoRKO+xV2k9vIm
+vmtfywv57pSBXrfZLcV0Zz15z5X3KR0T7/KqfExGZGcgLkpCr4CeQ9JMfxBGLdvM
+oOv/6PzzRiomty6+Xrr7tY/UIVl8/s2uxCf+lwExEQb4+AJ5nivmdcKoXYJy09uD
+5M3xQb5AfnhdpqTENrrTjG2DiQEcZz4ZLuWJ2NZBgSu9umE40ptJLRcJr5L99oLG
+3NZlXQ0CAwEAAaOCAUEwggE9MB0GA1UdDgQWBBRQriizz/ztSwtG0YB+Ewn230vm
+kDAfBgNVHSMEGDAWgBTs1+OC0nFdZEzfLmc/57qYrhwPTzAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5k
+aWdpY2VydC5jb20wQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybDQuZGlnaWNl
+cnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5jcmwwPQYDVR0gBDYwNDAyBgRV
+HSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMw
+DQYJKoZIhvcNAQEMBQADggIBAJESYX/xMSCVhjZskRWaroVgxCKarUm+NIcpDgp5
+ElrbNiKCYfJLIveKdYbjbtlmdbV0tsTnZ0Qyd1cWXDiaJF8AsJOfUunxrj/k5Elr
+UhgCNyIfXgvsREPIoIlepHU/g2JJ0kd7qj2nYKixlxR+qrth0RMMhUS9lh2hAatD
+i9w+EalFXXD15XEheOjqmcYOUhlm83rW3M+ogV6VkDm8EjZWE/3YVMJqsH3J1Oh1
+e4XI77YQm+R84XwTgPMMf/HKKSTgvT3j+xAIrTgn6lXOl6lZ2xQtJ26DXUI1BaR9
+cX1BJ9pV3hzlhoHV3n47XQHYBFbJ7+KNLrCQ0X9dhO1UQR1k7Y6YZDcM+p/Uih5u
+pBMFzr8lxLhsqhJKANs9M0NJ+3CcX/tDO2PTcCv5gURrx2JplPP7UU8pEYjPJady
+2aupqT2Z5TBPzO+jiAVbVIYiSsIKjqA1RzrmZpB98sU2TDzVlUpdxf0tTp7zNINn
+CtkEi6x6CTtbOduK0gCJbbFg4H0uIggmdFU0KojOgu18yU4p8qPHGkOgt9BxgP8W
+C3EiNaJZGiT5R8+NfCh5P8Yh2Rc0PodLH0IgKeC2TNLr8Me10Sh9xSmDh2LdZ+wg
+PGjQVHlrU88jbE1b3EqfvM27yKlcRsVJwqkPnMqmxZA683+vmJIb5OG7klMVeT47
+h5w3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFajCCBFKgAwIBAgIQB0C2gzlz3cwpiBXDbAgxCzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTcwNzEzMTIxMTI5WhcNMjcwNzEzMTIxMTI5WjCBpzELMAkGA1UE
+BhMCVVMxLzAtBgNVBAoTJkdvdmVybm1lbnQgb2YgdGhlIERpc3RyaWN0IG9mIENv
+bHVtYmlhMS8wLQYDVQQLEyZPZmZpY2Ugb2YgdGhlIENoaWVmIFRlY2hub2xvZ3kg
+T2ZmaWNlcjE2MDQGA1UEAxMtREMgR292ZXJubWVudCBTSEEyIEFzc3VyZWQgSUQg
+SW50ZXJtZWRpYXRlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+rVjSP5CFAbatTwFRXPfNkPMQytXUY2cmxVRcWxDWJIWzC+GjMi+vDsPnV1pI39ZB
+irWCdbdFvy8wlGBoWedxCKZ8R0WLPhOAeAAMUByQVMF8EsnuHvQEv4bxku3IiYyZ
+lPPjv8btZ5n8mZknjemY6A2wqO5yhZn1iSrEH6hYcq0OHo1dOu7wbx2CZ/6+SY48
+myTbJc7m9iBc7Ayvkg00PVPuSefH7BPz7ZmQRwaVbdfBcfBsplyjJVHLFomMNEjr
+72XBfs841dE4OAMaayZJx4bsnlKuMAFD+pENxZndwJ3J7JIPJtoaetGyL67L8SVH
+Ro9lu4jvuedor8jkEOZvqQIDAQABo4IB0TCCAc0wHQYDVR0OBBYEFNO7OCm57iSC
+8WWb6sOzyMkmIlNoMB8GA1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWXNqfWMA4G
+A1UdDwEB/wQEAwIBhjApBgNVHSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisG
+AQQBgjcKAwwwEgYDVR0TAQH/BAgwBgEB/wIBADB5BggrBgEFBQcBAQRtMGswJAYI
+KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBDBggrBgEFBQcwAoY3
+aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9v
+dEcyLmNydDCBgQYDVR0fBHoweDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQu
+Y29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNybDA6oDigNoY0aHR0cDovL2Ny
+bDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNybDA9BgNV
+HSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl
+cnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAfRK3SzWx7tbwsly/JgYREJyq
+ZBjbCNGSgbId00i3ihXCYWzKft1XUw9vzE0izvwu64ZtpAEfn48UCIGf1dvK8UFi
+rH4EvuGXZYOiJHBWeVg5BIEBjtCVy3w/HJ6F8we13BFVDC7fJG4Vc/qSyQdZFp+v
+nUvmkRbYovtbYDmRmlX+U6ua4+oaTjzN5hgeARxd9Rc5O8LfnC4bgKTLugMt2NgC
+tM1OJQ1rMNekAKIWnhqne/PwrelbJTKWj64AcktNB3JeB9C+qRIbVhCZatAThEPh
+jgNgACUy6s9s3GEK3lKEPCfTsaqKxNrI3mJJ+rzX+LHvdKxIuWlfpaNmVSJMHA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDQDCCAsagAwIBAgIQBYyZnhdRmwe+ee1HtSJ55DAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0xNzA3MTMxMjExMzhaFw0zMjA3MTMxMjExMzhaMGIxCzAJBgNVBAYTAkpQMSMw
+IQYDVQQKExpDeWJlcnRydXN0IEphcGFuIENvLiwgTHRkLjEuMCwGA1UEAxMlQ3li
+ZXJ0cnVzdCBKYXBhbiBTZWN1cmUgU2VydmVyIEVDQyBDQTB2MBAGByqGSM49AgEG
+BSuBBAAiA2IABPe2wOV65TSl70whDiXdDnV4eDL596G/v+4wdmrIfo5NvsW5UHZQ
+du4PPfEPwItOwnRKMyQJgiHyrt6q5g5CqKx62n2A5VTGH18/0i7c06Z/pTaW4oBi
+fUpxdONLepuW5qOCAUAwggE8MB0GA1UdDgQWBBRt8TlJmXMOk6N2hxhWwe+/iusx
+NzAfBgNVHSMEGDAWgBSz20ik+aHF2K42QcwRY2liKbxLxjAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5k
+aWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNl
+cnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEczLmNybDA9BgNVHSAENjA0MDIGBFUd
+IAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAK
+BggqhkjOPQQDAwNoADBlAjEA+ds1/rgj0x7Lg5a+YMSI2spZJnaUONJ/2usyA/Y1
+hOpMk8mLhZSv3/No70llYB0mAjAYVivVa67crkk0z+OI7vgZCDVHnuwQLf6ERcoF
+zUmhqKNq85ZTuwZzpkNIknmdbpY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFkzCCA3ugAwIBAgIUBgRiM6WCVXakgnJpRxioAA8vAA0wDQYJKoZIhvcNAQEL
+BQAwaTELMAkGA1UEBhMCS1IxJjAkBgNVBAoMHU5BVkVSIEJVU0lORVNTIFBMQVRG
+T1JNIENvcnAuMTIwMAYDVQQDDClOQVZFUiBHbG9iYWwgUm9vdCBDZXJ0aWZpY2F0
+aW9uIEF1dGhvcml0eTAeFw0xNzA4MTgxMDA1NTVaFw0yNzA4MTgyMzU5NTlaMGYx
+CzAJBgNVBAYTAktSMSYwJAYDVQQKDB1OQVZFUiBCVVNJTkVTUyBQTEFURk9STSBD
+b3JwLjEvMC0GA1UEAwwmTkFWRVIgU2VjdXJlIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5IDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcoYfPwTh5jkAm
+85tcMFJJQNn+EP1REHQoSQoXe6bLjKSdU5mrShIU7qMAYXtTAvWO51RgeovgNPrB
+dMBhttI2Ia+E0Mi2Ii0WLOLVKn58UK7zKvCi1Ip+geTEWxHnLx74zCCq+TnKS5WA
+AH4XuTK29ZQT0i0ee+4KWOYJooUjS/vzfyXU2HvDm0qh8k/SDa+F5zTX1C7Uq7AQ
+edXKaRr6sYPDMNlz5i4IW5rjswQrjywp1OdwtvVn4n/ZWN2LbbCuCE/lEyj/K3Ds
+pikpKsqbSLhsSICu2063yXdcTMUCsS0aXSUlFnTt4HsxFtBefEMhUG63R7spiVQX
+/ME1rwEHAgMBAAGjggE0MIIBMDAfBgNVHSMEGDAWgBTSn4jfoc0svez1OwEBkzMn
+sutgSzAdBgNVHQ4EFgQU6fnrl74h8lTH6SY3Ajm6/LGbDOkwDgYDVR0PAQH/BAQD
+AgEGMBYGA1UdIAQPMA0wCwYJKoMajJsRAgEBMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+OQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL3JjYS5uYXZlcmNvcnAuY29tL2FybC9B
+cmwxRHAxLmNybDB3BggrBgEFBQcBAQRrMGkwLgYIKwYBBQUHMAGGImh0dHA6Ly9v
+Y3NwLXJjYS5uYXZlcmNvcnAuY29tL29jc3AwNwYIKwYBBQUHMAKGK2h0dHA6Ly9y
+Y2EubmF2ZXJjb3JwLmNvbS9jZXJ0L25hdmVycmNhMS5kZXIwDQYJKoZIhvcNAQEL
+BQADggIBAFIIaVQ8K1E2iYWnVX6jBrtXqBxKoBy2Vci1eaDjGJwWPoT/Yq7Rx+Jq
+Sxre6AG8rE7ddMn4duQh32LPHkMNjH7yuqN9RDn2Ig7yVNZzLLv3MKjcauPx6821
+r7mJO2ecRaNzZIN5Vt6l2hvn3x5LA0XycUDn5YtcaZMnR3Re2Cz+ohRvDk+eUG1H
+1rRrt31PNK1CX7wjtAUo2tH8HZqgQaNe2xGjHvLg5kR8fn+Md+PeEfvnmxUg7dHV
+lIE8FhAPIGjyQ5o/4iiTiI3sdCx7Ryi4fJpukkYDMc5xPbCFYRqZXjzeNA/JyrxN
+DfwWSAa26/Ou6FLR0BsrYUwK4Kx/TlMX88w6mGl6/POJ2zuxTSeccDiYobu6ocUo
+wcEW9Naxfu9H4CJMIjA++YC2XgnpBmakbjXgRkKOoM8oDaEdnajhc996f+HKkzd9
+EBgRFmkOyqLRhb7XpBqM7ssPB9yGEkr3vk6Au56Qv/HtU679OCSXDbp6kYlZM3PD
+BrlX48QAq2C4WgS58IHAOpvA/6g7/aI2cKknRZKhFfUoUx3c4ALEXjRImeR6QNZt
+GLxmuptkxPCEtcsdZn/sN0MryETnOldB5TdgizUpu6NrAgnb9k9ptEvwjewQlgty
+O4oY6CwLXPrnu3Vk60t8/koeBh3+Tmj/Yv3UqF9VgLJmVUsylyFd
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFmTCCBIGgAwIBAgIQZtLmSeR1il7Xk4ZiWfQOuTANBgkqhkiG9w0BAQsFADCB
+vTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJp
+U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MTgwNgYDVQQDEy9W
+ZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAe
+Fw0xNzA4MjIwMDAwMDBaFw0yNzA4MjEyMzU5NTlaMIHMMQswCQYDVQQGEwJVUzEd
+MBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNVBAsTFlN5bWFudGVj
+IFRydXN0IE5ldHdvcmsxPDA6BgNVBAsTM1VuaXZlcnNhbCBSb290IE1hbmFnZWQg
+UEtJIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQTE/MD0GA1UEAxM2U3ltYW50ZWMg
+U2hhcmVkIEluZGl2aWR1YWwgRW1haWwgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9xv1UNkZk37AyVjXVxbIhWf
++/eBhH9YHFhu0SWKexQlJzv6Zbowf8NZB6ty4uwLTPs93uP8J8MPVm8MEo+B5A3a
+unr43MXp7plnP/sCpctz9E1V7MH/pTii/mpgsOOJONX2F//h4eYd7QSWqTcm/2eC
+1Lc3nU0nmFoCfvTSmXHodS8edUe/1R2X/Ut3aCfbnNnorHjLqXaSX+4GPepx6swt
+0Y+aaJh7yjFf0Rhe1q+sxUifFuCILgsDFNpjLn+r3hKpvPSedC0tpPr6Z9UCK11K
+vwfOiaIksM9JiIU0nme3Hduwi3LMkyJYRtm7nGnKcGkLh1AybHmxhWQSmQXIAQID
+AQABo4IBgjCCAX4wLgYIKwYBBQUHAQEEIjAgMB4GCCsGAQUFBzABhhJodHRwOi8v
+cy5zeW1jZC5jb20wEgYDVR0TAQH/BAgwBgEB/wIBADBmBgNVHSAEXzBdMFsGC2CG
+SAGG+EUBBxcCMEwwIwYIKwYBBQUHAgEWF2h0dHBzOi8vZC5zeW1jYi5jb20vY3Bz
+MCUGCCsGAQUFBwICMBkMF2h0dHBzOi8vZC5zeW1jYi5jb20vcnBhMDYGA1UdHwQv
+MC0wK6ApoCeGJWh0dHA6Ly9zLnN5bWNiLmNvbS91bml2ZXJzYWwtcm9vdC5jcmww
+HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMA4GA1UdDwEB/wQEAwIBBjAp
+BgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRU3ltYW50ZWNQS0ktMi04MDAwHQYDVR0O
+BBYEFF2wre2AKUkPJ3XE5sov10eTBvneMB8GA1UdIwQYMBaAFLZ3+mlIR59TEtXC
+6gcydgfRlwcZMA0GCSqGSIb3DQEBCwUAA4IBAQBip8AB9eIHiYTfM7xJttmdVETo
+/Cl7cT6GF60A1peW3U6iDsNIFAd2gHsD2OSMHY5nmpqCvo15k4ZzlMMhvtCWhdn9
+Z5v1/QA1D8PJ5bzmnqbzMIhVX/mWZQRAML6z5hVrftTLy6jnPVqggQ5QrCLvPinF
+ppcBWhOZvbJvn3desmizI0v7RN45enAr7tOJHXsFmAIpUto4KRE8bxTL4kfIsoh5
+1W/HfN3dOdQdlClrUnGUWJQBnDA48KFDk/i6tbwWg5KjA9fLfXa4DbKxOGC0Xx95
+LrNnBswRv4Gr4SzbgjvGILQJKIChqQ4+4PEyO+b/qoujUOeeg5obZqM5ivc7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDJzCCAq6gAwIBAgINAeUosrp260WT1agwBTAKBggqhkjOPQQDAzBQMSQwIgYD
+VQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjUxEzARBgNVBAoTCkdsb2Jh
+bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTcwODIzMDAwMDAwWhcNMjcw
+ODIzMDAwMDAwWjBQMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEmMCQGA1UEAxMdR2xvYmFsU2lnbiBFQ0MgSFYgUy9NSU1FIENBIDEwdjAQ
+BgcqhkjOPQIBBgUrgQQAIgNiAARiwqNuJIv/39NfELib9OCeMck+4qKh9PmyRQLL
+SAUGBdOMfSJDcrTKP1rXF91LQgZBK/bCv8LiqzE+e/GVTU8kpycxnKC9whj48Gx8
+qBVV8QxU3y9GHeRtzmOhdboH0cqjggFOMIIBSjAOBgNVHQ8BAf8EBAMCAQYwHQYD
+VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0OBBYEFHBQdfkVLkVsaK7xUlvIvpxwm+U5MB8GA1UdIwQYMBaAFD3mKUib
+6gfKIURKJt5u3tKD0J9ZMD4GCCsGAQUFBwEBBDIwMDAuBggrBgEFBQcwAYYiaHR0
+cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3RyNTA2BgNVHR8ELzAtMCugKaAn
+hiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjUuY3JsME0GA1UdIARG
+MEQwQgYKKwYBBAGgMgEoCjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9i
+YWxzaWduLmNvbS9yZXBvc2l0b3J5LzAKBggqhkjOPQQDAwNnADBkAjA8mZfkofuf
+ROqbf4m3CMSfiaQymu3sWLyhftjsFfWhO6oagvcQ4meqwqT25bo5rCACMFdqikTd
++phL5EJ0hfjo6Y35jifL35DaoroXSRNsSUe7YXnla+GGYXV7FM84q2utsg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjTCCAxKgAwIBAgITHwAAAAfDD7xDFE07ggAAAAAABzAKBggqhkjOPQQDAzBt
+MQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUg
+Rm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9i
+YWwgUm9vdCBHQyBDQTAeFw0xNzA4MjMxNDEzNThaFw00MjA1MDkwOTU4MzNaMEwx
+CzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSswKQYDVQQDEyJXSVNlS2V5
+IENlcnRpZnlJRCBBZHZhbmNlZCBHQyBDQSAxMFkwEwYHKoZIzj0CAQYIKoZIzj0D
+AQcDQgAEU7Z9s3TGlT7UMM+zP5+ypsVKfh+jjlj0LkgJ7PJ1c4FnzbqERTMoBS7B
+srrRwAFsH5O8VEEKorF1DtpYMh+PhqOCAbAwggGsME4GA1UdIARHMEUwOwYIYIV0
+BQ4EAwEwLzAtBggrBgEFBQcCARYhaHR0cDovL3d3dy53aXNla2V5LmNvbS9yZXBv
+c2l0b3J5MAYGBFUdIAAwDgYDVR0PAQH/BAQDAgEGMBAGCSsGAQQBgjcVAQQDAgEB
+MCMGCSsGAQQBgjcVAgQWBBS7+baRi2PktBM2aQ/WkiE8GV85QDAdBgNVHQ4EFgQU
+OAxEX6pKi37GW+0PrKjRWE8xfsIwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEw
+EgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRIhxSs48OekGA618qJ7tOt
+jLRQZjA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vcHVibGljLndpc2VrZXkuY29t
+L2NybC9vd2dyZ2MuY3JsMGkGCCsGAQUFBwEBBF0wWzA0BggrBgEFBQcwAoYoaHR0
+cDovL3B1YmxpYy53aXNla2V5LmNvbS9jcnQvb3dncmdjLmNydDAjBggrBgEFBQcw
+AYYXaHR0cDovL29jc3Aud2lzZWtleS5jb20wCgYIKoZIzj0EAwMDaQAwZgIxAL+C
+2S0OPTLshBE70bdxEK6eR+OOW0v9N914tpQNOqX3cxDsuVDf6GABgXSLkUvRuAIx
+AP+vhaZRfCui4cbzYhyPsKdYfNuFpHSYy2jJOjOLc21azpK/I9lkdymep34o8rH2
+TQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIErjCCA5agAwIBAgIQBfLX79jGu+0toi7o3HSzDzANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE3
+MDgyNDEyNDEwN1oXDTI1MDUxMDEyMDAwMFowgY8xCzAJBgNVBAYTAklUMTEwLwYD
+VQQKEyhUZWxlY29tIEl0YWxpYSBUcnVzdCBUZWNobm9sb2dpZXMgUy5yLmwuMSYw
+JAYDVQQLEx1EaWdpdGFsIElkZW50aXR5IGFuZCBTZWN1cml0eTElMCMGA1UEAxMc
+VHJ1c3QgVGVjaG5vbG9naWVzIEdsb2JhbCBDQTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAODFNbSBS0Bd0ARG7HuVejfFdwHt5bxubDmerRXUlf7S6yeF
+2LNx1vY9q453W77ATTSwkk1xJdi2LYGALwLNOvlgUdcEtHe195M7Rf4Pjn3j+xcP
+hnWZfzHZ8oUJ39gDjzP/C3/O695xE1Y0R4jaZsHfBwySkMFxVNR2xFENt1uSfQvr
+vOX4/5HKTHoaWOBiHLmgexYuHpUphHPVbnrmgyIAlPhI6f0Q9oObDlG3FRz9NQqg
+6uY1URfBlkVvVQpQ6zmuFvGUPynhvCmbB/mokF6UmwWXa9IzOHtuzAzwwINBjjGr
+U1/doJEfgD6WIpxMGuszjGLeZOYMtglRE6wJlhUCAwEAAaOCATgwggE0MB0GA1Ud
+DgQWBBTGBwkSpTaGP3dZoWhXEKrYY9aHxDAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6
+CFQ2hns6tQRN8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQG
+CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAv
+oC2gK4YpaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmww
+PQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRp
+Z2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQELBQADggEBAEqQw886vk8aTSPskm9n
+5CXJqPCUIYMZKP++fYUBWuPbCDmCy3WjaThoUIL0MSuSKnyxgwZwYjYex/JhTSJG
+D7EOb+po12VrCkU0jGK6NEGCjl0irXcJ2x8aixXaxDegtzJ2zcpoXiSHi7VGfDxk
+aXw6IP5n6lKMDjGBjcB4jcNUH4c0ilM3tAh3r4Onyw7PkstpbTBp8OyQLiwdH0+V
+G//l/zeLwmzjMbnJ8TudwmgIAg1huArrOJc+dDke1uNsv6IY4o2LDwMEivjD6M76
+6Bb6qMIpWUWFVmUuLTe6eYjyKIH3l3Sv9p+dzlKOg9azlCgIbsZwHQjphWNtqtdD
+a28=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEwTCCA6mgAwIBAgIQAVxw2vIiOEPUONjwBNkAwjANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE3
+MDgyNDEyNDIwNloXDTI1MDUxMDEyMDAwMFowgZYxCzAJBgNVBAYTAklUMTEwLwYD
+VQQKEyhUZWxlY29tIEl0YWxpYSBUcnVzdCBUZWNobm9sb2dpZXMgUy5yLmwuMSYw
+JAYDVQQLEx1EaWdpdGFsIElkZW50aXR5IGFuZCBTZWN1cml0eTEsMCoGA1UEAxMj
+VHJ1c3QgVGVjaG5vbG9naWVzIEdsb2JhbCBDbGllbnQgQ0EwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDJko5r/DUplcUNDY1rK6tuLOSaiom5exxRDFKQ
+N4pZbGfLi86Fbel3NpjgyXLQ6J9xO4Fp6T47o6o8x8i46QUyIfCqYzO1oPKlcCXW
+58Wudp1m6QTDcViOuqxUEwqxTiG5OvMfCT++7Vvwo51JdOFd1B9y3bXr/tZ2MV97
+daV0BzunAhCee1m3w37u54RCUNN55ga9ww3Z37LvKZptPdNx3YzJWcBkfee6kmWe
+cW1n01albonzy8oQ19thfFxaAuQg56HOPc4qmrwuNL9gKNMqaHU8zQfQYyBn973A
+MHHH2bjsn879+VDJzt5cXAUZq+LUYM/H1F4p/BJoA3PE6M7HAgMBAAGjggFEMIIB
+QDAdBgNVHQ4EFgQU3N+jvg1kHjMuEqSAu2sCveU9BoYwHwYDVR0jBBgwFoAU5Z1Z
+MIJHWMys+ghUNoZ7OrUETfAwDgYDVR0PAQH/BAQDAgGGMCkGA1UdJQQiMCAGCCsG
+AQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDDASBgNVHRMBAf8ECDAGAQH/AgEA
+MDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl
+cnQuY29tMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv
+bS9PbW5pcm9vdDIwMjUuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUF
+BwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUA
+A4IBAQBdpmEsaqKx0NCpqAG1q9+xdM0KPcnaLgjtF8V4JG62ci6MONS1ROFz5Np4
+3YFkshCe8QzSM6PU3XHeeN2MgFKuKurxSoUWDcArqXAsf9fgtVgQJpCRWyLlEyl7
+5Xx2yRbQORCLjApGnmpojrJKgJZDL3R6s/CBzUNV28V4biIyz3orR6wfIELCxije
+Qvvn3NvrIP+DenLhv8PkNM1Lm1QVYJAh9hXraN31VG8AGIDjAQMoy8kFMvO6LNf7
+P60CfC7KSvS3VUSCJrf2FvrpWQia8s8K2FPLT+s9eAprLhcLZz8WXhH1falPWGGp
+ToPs0WY8IPKCcfUqiMPII8gCip89
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDNDCCArugAwIBAgIQDWqQjXwuiWFi22ChybOF+DAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0xNzA4MjQxMjQzMjhaFw0zMjA4MjQxMjQzMjhaMFcxCzAJBgNVBAYTAkpQMSMw
+IQYDVQQKExpDeWJlcnRydXN0IEphcGFuIENvLiwgTHRkLjEjMCEGA1UEAxMaQ3li
+ZXJ0cnVzdCBKYXBhbiBFQ0MgRVYgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASE
+b9AdJ59uU3/h/N+WS5RjbPvVQfWS503n1dOZB8l8tTbMecabudx/fNkd38dBKZJo
+bricDVPWvw5XkpK8xc5YEVCcmYIZLIudnZhKELpqpVB9NzZUmpInW//qTcvqis6j
+ggFAMIIBPDAdBgNVHQ4EFgQUo/c+oxu3V1NJEyu3M7Xz6znLkiIwHwYDVR0jBBgw
+FoAUs9tIpPmhxdiuNkHMEWNpYim8S8YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsG
+AQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t
+MEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdp
+Q2VydEdsb2JhbFJvb3RHMy5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCgYIKoZIzj0EAwMD
+ZwAwZAIwZk5Ef9BUU4vySOkCiqy1+oocw6leJ8nAbZShAvMGQx6iiz1Q0EBS9Dkq
+AOX8W2BSAjAgLRSWAIuJ9ncp8Fc1cJYq3InC0nUZMQh7wXAZyaLJM83eYdr0whmb
+76i9NnEWkbs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIfzCCBmegAwIBAgIIAcUjhpoeshEwDQYJKoZIhvcNAQENBQAwgbAxCzAJBgNV
+BAYTAlBUMSowKAYDVQQKDCFEaWdpdGFsU2lnbiBDZXJ0aWZpY2Fkb3JhIERpZ2l0
+YWwxFDASBgNVBAUTC1BUNTA3MDE1ODUxMT4wPAYDVQQHDDVHdWltYXJhZXMgKHNl
+ZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmRpZ2l0YWxzaWduLnB0KTEfMB0GA1UE
+AwwWRGlnaXRhbFNpZ24gUHJpbWFyeSBDQTAeFw0xNzA4MzAwODE4MTZaFw0zNzEw
+MzAwODE4MTZaMIGyMRQwEgYDVQQFEwtQVDUwNzAxNTg1MTELMAkGA1UEBhMCUFQx
+PjA8BgNVBAcTNUd1aW1hcmFlcyAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cu
+ZGlnaXRhbHNpZ24ucHQpMSowKAYDVQQKEyFEaWdpdGFsU2lnbiBDZXJ0aWZpY2Fk
+b3JhIERpZ2l0YWwxITAfBgNVBAMTGERJR0lUQUxTSUdOIFFVQUxJRklFRCBDQTCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAN4SHFBxmwJYClfYbD3+rqNp
+C6yuVdjbirnuJ2n8sPUcDEVxo5UGBC5pMMHdQExcGGjysTy5eowxpQ1+/H5KvSvX
+R9vYMx1vrCnq3ababyLrub+H+gUMk74qwsltHAmsLkaYIf4TFbpqjxsgxtccNN5x
+YRJ9pFkLZY2b+p7CYc447kE8pRTBrSCyZUhl0/667fsgSsD5+JtoIBvYn0lB7ivh
+Gu8Xco7/OiMhNrDkW6q0EzAPd/P49ww6OBmSqejLJR5fH3Ymr4KVEuPQDYs+IErJ
+uf5XT8B1RPw5ysxWxiymrpI4MQ3H2Ac0Z8vIDgSnjZVntHa7E55Wbp0o2mXQ29Cp
+WfbngdpwB+HMQc94cVXIkR8YpGJp9IBWLWuBZzjE3vmgpBtfgiZis4Gnjd1Cnic6
+dAyatVNCMbor3LgAHrD0B1Mb40me5yIpxf7qDyU/FkyK6E88vi/nRXFt0QM24+2x
+URGqV1qUsKIoJyJj4CFD2fDd3Ezdq0HpDkz7P0BWCNk411zCKufebnwk4sz23Vsb
+RfFp/cssG4xnA8V//0MEiUMD68iVb3X90EwPxyd3GzOHoCofwHm1Y7AMX3HfV0PE
+UilykMOBUVe7BD+phT6R2Un7K578yT4AwwnS8NLwm/Nt0YkVzMrdbAK8la2mlp+M
+9vt0SADkf7ksBsqq/PADAgMBAAGjggKXMIICkzASBgNVHRMBAf8ECDAGAQH/AgEA
+MB0GA1UdDgQWBBT/4cWxgifEQ5VMfJIBZ+xMVN7tjzCB3wYDVR0jBIHXMIHUgBSo
+VfAzw04izGgcoRms0SoTPSVgYaGBsaSBrjCBqzELMAkGA1UEBhMCRVMxGzAZBgNV
+BAoMEkFDIENhbWVyZmlybWEgUy5BLjESMBAGA1UEBRMJQTgyNzQzMjg3MUMwQQYD
+VQQHDDpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmly
+bWEuY29tL2FkZHJlc3MpMSYwJAYDVQQDDB1BQyBDYW1lcmZpcm1hIFBvcnR1Z2Fs
+IC0gMjAxNYIIBLwHIkVpZ5QwfgYIKwYBBQUHAQEEcjBwMEYGCCsGAQUFBzAChjpo
+dHRwOi8vd3d3LmNhbWVyZmlybWEuY29tL2NlcnRzL0RJR0lUQUxTSUdOX1BSSU1B
+UllfQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC5jYW1lcmZpcm1hLmNv
+bTAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMC
+MEgGA1UdIARBMD8wPQYGZ4EMAQICMDMwMQYIKwYBBQUHAgEWJWh0dHBzOi8vd3d3
+LmRpZ2l0YWxzaWduLnB0L3JlcG9zaXRvcnkwgYIGA1UdHwR7MHkwOqA4oDaGNGh0
+dHA6Ly9jcmwuY2FtZXJmaXJtYS5jb20vRElHSVRBTFNJR05fUFJJTUFSWV9DQS5j
+cmwwO6A5oDeGNWh0dHA6Ly9jcmwxLmNhbWVyZmlybWEuY29tL0RJR0lUQUxTSUdO
+X1BSSU1BUllfQ0EuY3JsMA0GCSqGSIb3DQEBDQUAA4ICAQA4rR8mBGjzcdXkJrpG
+1JHMOiH6LnQzJ7BJF1qHooe0cMVY29IN0GGAFqT0WS2qC9MbuObuGUPU/tgcsil9
+hkZyDV201Io0/L5vGT+ptHnP58K9YqFrjrtHbwIOPGgvQQRfW1W6IaoZtV1tbcqF
+B0wtKl+9RFUrTv2L+6TB3Ne3CLZc0jzacqUH4rrzw97M/u+2456UX67sWvUV+Kvp
+eGbpWGpSAJ2xnXU26zZW2q03MQ3wViu56NVye4YDPMzp/bYNwhpj7jinsUBQqC7l
+JJUysXhtuWqP7gVfO8S/VwFvckfPpVYi1wH6w6m4C842mXO6Eak2XAprPat097Nh
+mjr7rNyQ8sq1hJ0WDYzIyZ4C2RGZ3+8FJIChCGYjtmFWHGA/a2AHxhzISX2fNZ7p
+LJZuGse1K6VOIxlf9LNWBcKbjDH6AlNghvsnZ10J4amh/nXDF7B3T0qkVS1ZKsLb
+ZqLQQZYyVYRxD9tF9OHw4phAhCnREAYdKB7NlXzfgin/3jpd+6DqhPm7h8sLc35u
+e3+2H0klEsDFkgMBaDoe4xwq0takDu2VC338qcoHI8id5AvyKFjKlrP/3/8LzOax
+mdzd1e2WNM5sAeKIUz4maRe4Rkw50/RDhcF/fRMNOn30BglXHFgMl7xRjEvQrX5N
+N8UunfM5ds6vmg6RHuLh1Q5Q+w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF7TCCA9WgAwIBAgIRAMCmDN8jqjVlXjJpEDBR8PswDQYJKoZIhvcNAQEMBQAw
+gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
+VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE3MDkw
+ODAwMDAwMFoXDTI3MDkwODIzNTk1OVowbjELMAkGA1UEBhMCR0IxDzANBgNVBAgT
+BkxvbmRvbjEQMA4GA1UEBxMHQ3JveWRvbjEfMB0GA1UEChMWVGhlIFRydXN0aWNv
+IEdyb3VwIEx0ZDEbMBkGA1UEAxMSVHJ1c3RpY28gUlNBIERWIENBMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngzvmYftbW4/GMXiMEmP3igo6fXRKgtu
+0RV0NNnEv8RSxZ7dVc3drGEWsvJq65Gs9GCwZAn5sRUfbb+ECGfts4fK4zEN3AzA
+82xwrDM7xANYSgnM7ASC3Mgm4BlJsIRWt5UFVCECZtMWFURku5EXGra6v8RYx7mz
+DlHLLNItsmlJGd+TPgHA7PPbVkiHnZDHPARJIURMEN6WCOte9TWWU8Mn33sB4L7O
+/0KcN0EZXbr+KbVk9h1ECT3b6v96hHtJpkGebI5puiccQ/WPPoevY1XhNfAdGiPF
+YWpuvWNVLkR2+JJszeEjGMMFxeWqLSqBG3g7yCnH/SqIbWqYoi0bsQIDAQABo4IB
+bDCCAWgwHwYDVR0jBBgwFoAUu69+Aj36pvE8hI6t7jiY7NkyMtQwHQYDVR0OBBYE
+FF2K0SMIL+Gdgc7ZLHAoupcfrhg1MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAE
+GzAZMA0GCysGAQQBsjEBAgI6MAgGBmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjto
+dHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0
+aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9j
+cnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIB
+AGy1WTIYN/X9cVXJl11gC3mYfXZniNMq3u49K+/0+GJiAZB1PfXtP+kQhwQp3F5F
+YxN2OhPu7C8Db1ML8CTwzCGK8r/m5O3SwINSdLqCmX5/j2LUDrnCQQf3jcETdaZU
++HmFWpUdRL7DD6/hUDsGEVPNxgARdtFSz78WlsvdCd7K+XWhteoQAMNIw8EdXrcI
+YSfxo3rHh/t4BfEm/N1VWavip59qa7A5HvBuGTA4Xg08hSsTVQOEMSzKSe+cpNwV
+mzrTuiMuIzwAzbAJoTaYF4q3+l10OegBDJQvG0b4a43mRhiVyZ4B/AkTt+it3HpU
+0FGcK/WwvJKNH5EkZ4cJMo//+mqbeg8KeDpL38r1IlqSjWTsNnSwYlxhCNvcMCYB
+WtamCiKd401QZqD5uwzxslmj4n+aCETqF+0JUeda3pR44w7xwSavGLzlMlmIMQ/1
+fa2i7QA+a2N2sL2VHsF2KQ2eShBAccHAhMgQSAlWfz/fWIXFdZIk/i/05FTgGqc+
+xlPXLWR/Chch5Nrb8M0bTsYYqQUUDSYlg6Jm4VcV0tTZO+632ZlhPWnebQdFew5G
+Z7KbhTyF/NOkaz3b0n29XYDW2VQi/JV07AYmbTHgoIh9KvrxNauJTWpZ2WH69nNJ
+ufKYwKWgXcz1Gdj87G6isak26Skc/sH8u8GqhRBI51uP
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfzCCAwagAwIBAgIQDlqKcUcL09Vv7lj1gaoYIjAKBggqhkjOPQQDAzCBhTEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
+IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTcwOTA4MDAw
+MDAwWhcNMjcwOTA4MjM1OTU5WjBuMQswCQYDVQQGEwJHQjEPMA0GA1UECBMGTG9u
+ZG9uMRAwDgYDVQQHEwdDcm95ZG9uMR8wHQYDVQQKExZUaGUgVHJ1c3RpY28gR3Jv
+dXAgTHRkMRswGQYDVQQDExJUcnVzdGljbyBFQ0MgRFYgQ0EwWTATBgcqhkjOPQIB
+BggqhkjOPQMBBwNCAARnVFJNb8Yj/Ce4fjW/oc3/icpEozgeJMAkKwMq7LuVALmv
+l1rN5807sGQCS0TAkcNczcvzVjAXefMhx/1y7BUFo4IBbDCCAWgwHwYDVR0jBBgw
+FoAUdXGnGUgZvJ2d6kFH35TESHeZ03kwHQYDVR0OBBYEFJLYluI54EfoZENNm9/m
+0qgWKZdmMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEB
+AgI6MAgGBmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9k
+b2NhLmNvbS9DT01PRE9FQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggr
+BgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29t
+L0NPTU9ET0VDQ0FkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
+cC5jb21vZG9jYS5jb20wCgYIKoZIzj0EAwMDZwAwZAIwI/nutGtn+PaYTAwuN/V4
+Dvg3BvGv2B24N7dEsZSrgHytxLb4muS/SLILN6Yzke7DAjA/lr8DJMPlWBSfV+xT
+qJnNYjtX8vjQWpCmdoKK2/7kWNDNEoxZy4lRR9ERjhBOXes=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDgDCCAwagAwIBAgIQXlTSWnOAKPvsBNqtJQ5I6TAKBggqhkjOPQQDAzCBhTEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
+IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTcwOTA4MDAw
+MDAwWhcNMjcwOTA4MjM1OTU5WjBuMQswCQYDVQQGEwJHQjEPMA0GA1UECBMGTG9u
+ZG9uMRAwDgYDVQQHEwdDcm95ZG9uMR8wHQYDVQQKExZUaGUgVHJ1c3RpY28gR3Jv
+dXAgTHRkMRswGQYDVQQDExJUcnVzdGljbyBFQ0MgT1YgQ0EwWTATBgcqhkjOPQIB
+BggqhkjOPQMBBwNCAARDnsiaKW9/ceim9aM6lcVCjkIK9TNDIj4tIvXCVoOzpUyB
+EY6xG+bibsuNJd2jPtnWAMO1qtdp96r0a7aB4m8Io4IBbDCCAWgwHwYDVR0jBBgw
+FoAUdXGnGUgZvJ2d6kFH35TESHeZ03kwHQYDVR0OBBYEFFxeRTg3GahXbNEM2To6
+PK6m4Z9bMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEB
+AgI6MAgGBmeBDAECAjBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9k
+b2NhLmNvbS9DT01PRE9FQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggr
+BgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29t
+L0NPTU9ET0VDQ0FkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
+cC5jb21vZG9jYS5jb20wCgYIKoZIzj0EAwMDaAAwZQIwHio63VPvGQ5lXTUBiErC
+WEQHH9li8jnvRkdf7JNWb2/7JkL9Pp55JXAup3MlQ9+JAjEApswYaCf/exDD4/M4
+E222bB3z68KNU3+2Sb/H8sXt6rg+a4CesPjh0jOIWjncVUvW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID4zCCA2mgAwIBAgIQCH+r7PWwb7m2UcD3+HlbYTAKBggqhkjOPQQDAzCBhTEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
+IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTcwOTA4MDAw
+MDAwWhcNMjcwOTA4MjM1OTU5WjCBtDELMAkGA1UEBhMCR0IxDzANBgNVBAgTBkxv
+bmRvbjEQMA4GA1UEBxMHQ3JveWRvbjEfMB0GA1UEChMWVGhlIFRydXN0aWNvIEdy
+b3VwIEx0ZDFEMEIGA1UECxM7Q29udHJvbGxlZCBieSBDT01PRE8gZXhjbHVzaXZl
+bHkgZm9yIFRoZSBUcnVzdGljbyBHcm91cCBMdGQxGzAZBgNVBAMTElRydXN0aWNv
+IEVDQyBFViBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIwL7VzFJL7MY9wW
+3iMt0CgPaVa9Ocl1yATOiX5422ap0hR1a7B8Y+IcYkmqN2DA1HHtxA12pOyPKQdN
+BkfY2xijggGIMIIBhDAfBgNVHSMEGDAWgBR1cacZSBm8nZ3qQUfflMRId5nTeTAd
+BgNVHQ4EFgQUDS6MAXBc5OacMPoQyc63D4CyUDYwDgYDVR0PAQH/BAQDAgGGMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1odHRwczovL3NlY3Vy
+ZS5jb21vZG8uY29tL0NQUzBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNv
+bW9kb2NhLmNvbS9DT01PRE9FQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBx
+BggrBgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2Eu
+Y29tL0NPTU9ET0VDQ0FkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8v
+b2NzcC5jb21vZG9jYS5jb20wCgYIKoZIzj0EAwMDaAAwZQIxAImL3o2NuMAX50oW
+8yq4Fn60uEe/KdRYVKJ/WW+2xNhV33tctGWqqtg3SK8cs7eipAIwK7PhO09AtJlp
+EibGqRkZnNztdN1NHw1DlSjNPbKpwVRdHaNCSO7OvzDuGw5UmaJB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGTzCCBDegAwIBAgIQYa5ngpFKTlew0jj/wt6AlDANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTcwOTA4
+MDAwMDAwWhcNMjcwOTA4MjM1OTU5WjCBtDELMAkGA1UEBhMCR0IxDzANBgNVBAgT
+BkxvbmRvbjEQMA4GA1UEBxMHQ3JveWRvbjEfMB0GA1UEChMWVGhlIFRydXN0aWNv
+IEdyb3VwIEx0ZDFEMEIGA1UECxM7Q29udHJvbGxlZCBieSBDT01PRE8gZXhjbHVz
+aXZlbHkgZm9yIFRoZSBUcnVzdGljbyBHcm91cCBMdGQxGzAZBgNVBAMTElRydXN0
+aWNvIFJTQSBFViBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIYa
+qP3zl3whJ6IL6X1wjUDwTxc5TsGBuEZnNkY0RqRgJ5w0Rlls/N6x6ddY9Cq6bPx7
+5mBoJDmDyU+DkI1K82icElEa9Gv9JadGHD6cYPltIHToQjJuftyr5HH7Q+0ZlvXH
+REbC/7LFDNtRP0MILyZHJIO+AQOTE5U9sj3nxdhdfhmPFjG7QV4U1sD7w6w2+3DN
+DSmySyJa053d6bQARB0ZIdbsc9wFxBUT2X4jVeSj4cYUk1Yn1UUu8tvZW6B+Prms
+B5jRhbbdgTBDIyscxjrce/I61KOZC8pWPTORV5XkIiAz8+uzR2aKzVwOi7bRM965
+9O/cGzfW1Wct+KcR7P0CAwEAAaOCAYgwggGEMB8GA1UdIwQYMBaAFLuvfgI9+qbx
+PISOre44mOzZMjLUMB0GA1UdDgQWBBSJKwRxsCGiKFg1WPeVQtvFOBz4xTAOBgNV
+HQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwPgYDVR0gBDcwNTAzBgRVHSAAMCswKQYIKwYBBQUHAgEW
+HWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMEwGA1UdHwRFMEMwQaA/oD2G
+O2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQUNlcnRpZmljYXRpb25B
+dXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA7BggrBgEFBQcwAoYvaHR0cDov
+L2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQWRkVHJ1c3RDQS5jcnQwJAYIKwYB
+BQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG9w0BAQwFAAOC
+AgEAVWgP0O5hmT8laZJS4aeGwboEOOVgCP861lBDSPSItcKpOy95oZC6ZpWZTBO4
+AQJqLjnmArAu+3If8h5xXzXpsvqpDGAjKzXDnrF5erZQlQGTaQMjqRKERejun7vq
+jmZR9uQd/feuqPzrM4FusdxZoeT88igLqiIZ4KnPcCm848+O+/1U5iTUm62xZVyn
+4XD+ZIKKSXMl6O8m7TU151ZeFaHo27Q4dm19z4v2SXF3UmW91C0I6avqUeFn7UQg
+64N3vcktJFtCAUCCl2QAfw+3MPMTwhOWaS1o/A6Xo/ha5uahnhS8W9mTPhZvd7Y5
+tvi5vLwUA4EYqLXTcW/NF687/WZg71e6OpQPUg9yhNH7kpUGzkpMY87S3jaWyfB5
+xoatEHZLUUfURLFX34Ib3m+eC5V/Oj3bZ+zfU2QowdtW95ho5HJu23KV3HLok4XQ
+XBt9JvG67wM7Pbu44SoLyqN4CyyoLRCWfd0OkHe77ceFTGS1HdyQiFVyfMka/tWp
+hKS7qhx/KU2SqIbO2sZF8Wbi62ndrUv0dkCNYvfeETTmnnqazQjBPoslUIq0th1f
+O7SYJoQJYh4uyRHwbR8geB4x3scQOupESDrERoOkkONiO+HNQ3c6/c7wSZEZQxAF
+EaGdixQqtYgVRiwiz/RaSJcfgmkbU19fgzvmxNMUNVZlB1E=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF5zCCA8+gAwIBAgIRAMFUDtuhvh9VjdJmQznvHvAwDQYJKoZIhvcNAQEMBQAw
+gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
+VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE3MDkw
+ODAwMDAwMFoXDTI3MDkwODIzNTk1OVowcjELMAkGA1UEBhMCR0IxDzANBgNVBAgT
+BkxvbmRvbjEQMA4GA1UEBxMHQ3JveWRvbjEfMB0GA1UEChMWVGhlIFRydXN0aWNv
+IEdyb3VwIEx0ZDEfMB0GA1UEAxMWVHJ1c3RpY28gUlNBIENsaWVudCBDQTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPn7I66JPWuDjO5cUw14YolBNaLc
+UNj8qsjCghZI3ICQeaC46fdUCpVMVMYpa0t/dirr7+8zNJ0TLzx+ZvzhLDex72Eo
+s+TI7U5feLCR5vogYAFzHNAM2DzJoypk2+o2hnE6FdwBLcIq7/HYMQ7UZT8Il2R/
+t2Jsju/t6MHnQN6qcB3JgEQBcMvPrhI+gYbKtJSjAKk2k9btnhs6yFWM9Xsenxvb
+k3epvYPMSiBYdGrbBjQE4QI0T8Q99A1RcsfeJN+sSAxKeaDoAozMZC+RBB+RCBQw
+9kLQXI49oxDemNXF6jZbQO3xqApd0wVssBgF2tLQScyp8XlYjt4BFbq5ZakCAwEA
+AaOCAWIwggFeMB8GA1UdIwQYMBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1Ud
+DgQWBBTFTxKDkBX3DQhhjO1H6WPbTpe69TAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwGAYD
+VR0gBBEwDzANBgsrBgEEAbIxAQICOjBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8v
+Y3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5
+LmNybDBxBggrBgEFBQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29t
+b2RvY2EuY29tL0NPTU9ET1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhho
+dHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAEHYuGKv
+39+q0RyFajWrXEluASRpLmnoggqmFSeJbGbRIEpbUmJwmu4T7G1wzrsz1FXHwMSn
+VxJGkVcZsi567R309oLplpioYlRcsVhUuQg6gwgDdLeIKkmh46BFZ8lvOvK3jGSy
+RM0mCtWdLo4PN2829Y+QvH3BGZJkkL48QdW7xL08D+Ux/fqh21w+E+SKnCkR+Glx
+Yn+mWTv6ueiYMhRyTq0eV8W2FzfV8LRlHIHjpIme+M10xhg0VNXGI4pzVRrSFoxW
+RPVSQzBHLvcHIt42Cy35oWBoHuwhgkODlX04xKUX9OZtahXpIls0/Ft08EYYOWMv
+u/2Ela6f1V/umW43LgcLa1rQwn242bUY9v8uDn/E+xIZnmoAnmT534Rrz8MhdRi4
+VAn87Pze5ZrUsxLx1mXBnRCyrS/1QLk0kKoEYYju+tA7kLp5zekm1wmJJ9I6EpW5
+eRWf2+LHKRqKiueLEH8A3tse9+Ypbq6g8PgWrwz7Rf5dL9dXVLIliURyuirm3A/n
+jMNN0wKuv0kMdmqhlbCU/7+n9ycBleTx0hVO7O5KiT6grQkWZcDrIQV4efWGw+ca
+y6ckfHaFsxd1ReGZiMfcly4ILhZC3BoiWYyXioJhm5bnJvT6eIoPzLICZWBz0iwX
+PCsu/n69kuxkKVyHsCJLxPNcO/RvJARPSDJU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF7DCCA9SgAwIBAgIQeFyaRqCtyDXTuZngovv6QjANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTcwOTA4
+MDAwMDAwWhcNMjcwOTA4MjM1OTU5WjBuMQswCQYDVQQGEwJHQjEPMA0GA1UECBMG
+TG9uZG9uMRAwDgYDVQQHEwdDcm95ZG9uMR8wHQYDVQQKExZUaGUgVHJ1c3RpY28g
+R3JvdXAgTHRkMRswGQYDVQQDExJUcnVzdGljbyBSU0EgT1YgQ0EwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJujZ0PBovqARYCWjRtqej2Fq02KjOw/ro
+W52YJgxfpKkxHIV5QB9s72mCM7GZJlN8AlmFl5OmDFj9WLhiTVXG2blTM51k8zXC
+4L7i2xGjB/i3MOtCOfp2EQ0iN5lId5JtOaom8RVO/wSsZ9O+IS1opOCtaBr+q/K2
+77GZA67QHgjZuLcy6P+ksiGqJRPIxh+IvkD8jURYk3ZN9sXOwKFC2hFXT6/3FJJt
+NmFhWGupvHQDCRkIoV9YbEZIIwXsh5Eqpx/oKMmGcjlxhuQOpGmGTU46JQUpghr0
+Y2zHOloLUsiWZOqpq3mPNQ7DUMTUuqKZimn8OFaO4UZU5y3rRog7AgMBAAGjggFs
+MIIBaDAfBgNVHSMEGDAWgBS7r34CPfqm8TyEjq3uOJjs2TIy1DAdBgNVHQ4EFgQU
+mApc1MXlVCnAZQRHuiJW0dwwPDQwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQb
+MBkwDQYLKwYBBAGyMQECAjowCAYGZ4EMAQICMEwGA1UdHwRFMEMwQaA/oD2GO2h0
+dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQUNlcnRpZmljYXRpb25BdXRo
+b3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA7BggrBgEFBQcwAoYvaHR0cDovL2Ny
+dC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQWRkVHJ1c3RDQS5jcnQwJAYIKwYBBQUH
+MAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG9w0BAQwFAAOCAgEA
+cn00ZPrP4EfYBIwiA+sZKSgGlVbgodL3IyFVztKY+oi+AkV4Er6HR5rL3vHK4hzE
+PibvKwH2/03oHLjDFd6QL3WI/EfyPsnwEveFc8Ks0OUqzaYHTmPBLGUsPsDirrKX
+SGCA28dpEEaBQ0uyzsHPUsoUDF6Vt8M2WSCf7jZcv+HghUJfHGWz1eMOIILqZk3N
+1Iuw1MTXhg2CK8RjTh5vO9cj6CVRFmL37/9A4rk+K+ycxRvQsl6lMlZM94Pm6j8i
+eVuCTNgCzTXz9hTK4NIUiinL/BYCVXRk2l+wKsu05OX3ka34ZS2dN0m/8o8McG7W
+Y4SykDZXKaPifJdIkTKNh3HdfSKYMo+lXza7UU9zKYXgP/bd4wv4ikGFdrC8C5vY
+PDmiAMtR4V6nSa8cNA897JSnbUu5S3Gn6Io8KMG/ztrsVaFkL94834X2Bu2HwF56
+MYlwugBr462vQ7nAAh2LCmrvo6sJT4rpUqHaZWVTQHJAG9EMUqzKmKp3kGj+2l20
+oQKOKSFYAbFGlFv0DIP5sjSpejmDWVDGPXuZoe2iLw0V02dcsY7wgt/LSZjC7wt3
+YI3FphhLNZ8UybwZJnuEz04fZc2jQRifis9gXXOiaFrQOr77wVDCCJJO9NK93p7K
+UqUZuvWyFIqimH831D7pQD6AfXf6hIM7zsxjLgXTCMc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEsDCCBFagAwIBAgINAJ1tPv915g//LKEGCjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjCBgzEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMRcwFQYDVQRhDA5WQVRIVS0yMzU4NDQ5NzEwMC4GA1UEAwwnZS1Temln
+bm8gUXVhbGlmaWVkIE9yZ2FuaXphdGlvbiBDQSAyMDE3MFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAEIuIIRyz1yEaN+jDybgIydL8DJNHtFeL9g14X1F0JWBu+mGmt
+xxRTV4HIQ/gh0ciuIqM2LNe9wivgUM857jqkCaOCAr4wggK6MA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgEGMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsG
+AQUFBwIBFhpodHRwOi8vY3AuZS1zemlnbm8uaHUvYWNwczAdBgNVHQ4EFgQUg3kC
+uHEVeH8K3W+apTjWnno37qUwHwYDVR0jBBgwFoAUhxEVCNGqwXgMsa/OxsmQ778w
+BMAwgbYGA1UdHwSBrjCBqzA3oDWgM4YxaHR0cDovL3Jvb3RjYTIwMTctY3JsMS5l
+LXN6aWduby5odS9yb290Y2EyMDE3LmNybDA3oDWgM4YxaHR0cDovL3Jvb3RjYTIw
+MTctY3JsMi5lLXN6aWduby5odS9yb290Y2EyMDE3LmNybDA3oDWgM4YxaHR0cDov
+L3Jvb3RjYTIwMTctY3JsMy5lLXN6aWduby5odS9yb290Y2EyMDE3LmNybDCCAV8G
+CCsGAQUFBwEBBIIBUTCCAU0wLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3
+LW9jc3AxLmUtc3ppZ25vLmh1MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAx
+Ny1vY3NwMi5lLXN6aWduby5odTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIw
+MTctb2NzcDMuZS1zemlnbm8uaHUwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2Ey
+MDE3LWNhMS5lLXN6aWduby5odS9yb290Y2EyMDE3LmNydDA8BggrBgEFBQcwAoYw
+aHR0cDovL3Jvb3RjYTIwMTctY2EyLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3J0
+MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAxNy1jYTMuZS1zemlnbm8uaHUv
+cm9vdGNhMjAxNy5jcnQwCgYIKoZIzj0EAwIDSAAwRQIhAKYoloLSQEP4qVWWJpnM
+Cx/x7r3PmuRrFHt0gZz8aKz6AiAKTvab447X3TVaZHAOeM6zuMDu9I8f0zMLOXLK
+Hh3T1Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEsDCCBFagAwIBAgINAJ8dVmIgseQU+5E9CjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjCBgzEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMRcwFQYDVQRhDA5WQVRIVS0yMzU4NDQ5NzEwMC4GA1UEAwwnZS1Temln
+bm8gUXVhbGlmaWVkIFBzZXVkb255bW91cyBDQSAyMDE3MFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAELd33IkIm1fD5GcMIN2Mw+6hmxMzOMmok+t4NXyXHReqgs+Cv
+P+LBKqX8ppZ0N5FigJ8PIAm/pM/MWbyw8l4sSKOCAr4wggK6MA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgEGMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsG
+AQUFBwIBFhpodHRwOi8vY3AuZS1zemlnbm8uaHUvYWNwczAdBgNVHQ4EFgQUGdiP
+NUL0WS7kQ1SP7yP99Tmj6vEwHwYDVR0jBBgwFoAUhxEVCNGqwXgMsa/OxsmQ778w
+BMAwgbYGA1UdHwSBrjCBqzA3oDWgM4YxaHR0cDovL3Jvb3RjYTIwMTctY3JsMS5l
+LXN6aWduby5odS9yb290Y2EyMDE3LmNybDA3oDWgM4YxaHR0cDovL3Jvb3RjYTIw
+MTctY3JsMi5lLXN6aWduby5odS9yb290Y2EyMDE3LmNybDA3oDWgM4YxaHR0cDov
+L3Jvb3RjYTIwMTctY3JsMy5lLXN6aWduby5odS9yb290Y2EyMDE3LmNybDCCAV8G
+CCsGAQUFBwEBBIIBUTCCAU0wLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3
+LW9jc3AxLmUtc3ppZ25vLmh1MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAx
+Ny1vY3NwMi5lLXN6aWduby5odTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIw
+MTctb2NzcDMuZS1zemlnbm8uaHUwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2Ey
+MDE3LWNhMS5lLXN6aWduby5odS9yb290Y2EyMDE3LmNydDA8BggrBgEFBQcwAoYw
+aHR0cDovL3Jvb3RjYTIwMTctY2EyLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3J0
+MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAxNy1jYTMuZS1zemlnbm8uaHUv
+cm9vdGNhMjAxNy5jcnQwCgYIKoZIzj0EAwIDSAAwRQIhAPTj0/aBtD2vlslkkjWh
+zMbk3dER06+QXZuc5DVD3/yTAiApd5ZWWnePLWYo+fPHR+JNvYaSuzCU8ImldHZd
+pPmRtg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEojCCBEmgAwIBAgINAKbpTQSzvKLcGtadCjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjB3MQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MSQwIgYDVQQDDBtlLVN6aWdu
+byBDbGFzczIgU1NMIENBIDIwMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASe
+fnt2xrEmQD/M4zSDuT+IqoyC2hAAQGZpvORTxTNxmUg2UAZkygJuZbl0LmsAFL6R
+5Mx0z+Ac84riTTz+3W6co4ICvjCCArowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B
+Af8EBAMCAQYwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6
+Ly9jcC5lLXN6aWduby5odS9hY3BzMB0GA1UdDgQWBBTfOWgtjqTTNOXFLxoBeMTD
+FtslKzAfBgNVHSMEGDAWgBSHERUI0arBeAyxr87GyZDvvzAEwDCBtgYDVR0fBIGu
+MIGrMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwxLmUtc3ppZ25vLmh1L3Jv
+b3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwyLmUtc3pp
+Z25vLmh1L3Jvb3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1j
+cmwzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3JsMIIBXwYIKwYBBQUHAQEEggFR
+MIIBTTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMTctb2NzcDEuZS1zemln
+bm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3LW9jc3AyLmUtc3pp
+Z25vLmh1MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAxNy1vY3NwMy5lLXN6
+aWduby5odTA8BggrBgEFBQcwAoYwaHR0cDovL3Jvb3RjYTIwMTctY2ExLmUtc3pp
+Z25vLmh1L3Jvb3RjYTIwMTcuY3J0MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNh
+MjAxNy1jYTIuZS1zemlnbm8uaHUvcm9vdGNhMjAxNy5jcnQwPAYIKwYBBQUHMAKG
+MGh0dHA6Ly9yb290Y2EyMDE3LWNhMy5lLXN6aWduby5odS9yb290Y2EyMDE3LmNy
+dDAKBggqhkjOPQQDAgNHADBEAiBpTP2hrUdw6wUaFKam/nScFsNPR09o/3tpUaar
+pLoyhQIgTmEWFEUFD3iK6i9/7RWaHwGQooZ42Du59Co4jFKZ9AE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEnzCCBEWgAwIBAgINAKFaIuncA1vv6P2ZCjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjBzMQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MSAwHgYDVQQDDBdlLVN6aWdu
+byBDbGFzczIgQ0EgMjAxNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCAJGh/U
+Ss0co1ZUidrjWSGiCFq/fj4W5sPhiO5qhLgVG0/Aoyr51CG0d+JaIybhZmTvJp3p
+9Sp8crRV2e9KfoKjggK+MIICujAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nw
+LmUtc3ppZ25vLmh1L2FjcHMwHQYDVR0OBBYEFDP8BGn8ZbNpQ1LxF/6v0cREgHGI
+MB8GA1UdIwQYMBaAFIcRFQjRqsF4DLGvzsbJkO+/MATAMIG2BgNVHR8Ega4wgasw
+N6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDEuZS1zemlnbm8uaHUvcm9vdGNh
+MjAxNy5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDIuZS1zemlnbm8u
+aHUvcm9vdGNhMjAxNy5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDMu
+ZS1zemlnbm8uaHUvcm9vdGNhMjAxNy5jcmwwggFfBggrBgEFBQcBAQSCAVEwggFN
+MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAxNy1vY3NwMS5lLXN6aWduby5o
+dTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMTctb2NzcDIuZS1zemlnbm8u
+aHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3LW9jc3AzLmUtc3ppZ25v
+Lmh1MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAxNy1jYTEuZS1zemlnbm8u
+aHUvcm9vdGNhMjAxNy5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2EyMDE3
+LWNhMi5lLXN6aWduby5odS9yb290Y2EyMDE3LmNydDA8BggrBgEFBQcwAoYwaHR0
+cDovL3Jvb3RjYTIwMTctY2EzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3J0MAoG
+CCqGSM49BAMCA0gAMEUCIQCVLi6Lg6Ct9DmIj166E2QZO3gdNUYdH/6WBIxXNzNo
+OQIgZ6yV4Z3a4T44CCtr3pkuEOmshXhrxCVM8Rq8ds1Ij+0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEnzCCBEWgAwIBAgINAKKmkr+OWWtWAuqLCjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjBzMQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MSAwHgYDVQQDDBdlLVN6aWdu
+byBDbGFzczMgQ0EgMjAxNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDSXXF3C
+7MHWjHPbCW8TGODxajoiDPPhTi8/OSCivIYN7hEkV7ocLTcjUdvDNdNzNXYq62OK
+IyQbCz2/pwivkFGjggK+MIICujAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBBjA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL2Nw
+LmUtc3ppZ25vLmh1L2FjcHMwHQYDVR0OBBYEFKRrPOS+dzzFY+q2ownfK63QRQaI
+MB8GA1UdIwQYMBaAFIcRFQjRqsF4DLGvzsbJkO+/MATAMIG2BgNVHR8Ega4wgasw
+N6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDEuZS1zemlnbm8uaHUvcm9vdGNh
+MjAxNy5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDIuZS1zemlnbm8u
+aHUvcm9vdGNhMjAxNy5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDMu
+ZS1zemlnbm8uaHUvcm9vdGNhMjAxNy5jcmwwggFfBggrBgEFBQcBAQSCAVEwggFN
+MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAxNy1vY3NwMS5lLXN6aWduby5o
+dTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMTctb2NzcDIuZS1zemlnbm8u
+aHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3LW9jc3AzLmUtc3ppZ25v
+Lmh1MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAxNy1jYTEuZS1zemlnbm8u
+aHUvcm9vdGNhMjAxNy5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2EyMDE3
+LWNhMi5lLXN6aWduby5odS9yb290Y2EyMDE3LmNydDA8BggrBgEFBQcwAoYwaHR0
+cDovL3Jvb3RjYTIwMTctY2EzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3J0MAoG
+CCqGSM49BAMCA0gAMEUCIQC8MRsVpik+qzWhJ34e55wRcfkN+X9xsXNSSbpEftSu
+kwIgMoSvKh28gOHlgaKHwwnPG9MYRzhLWXlisAQ4B12Ij/4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEojCCBEigAwIBAgINAJxoCVhJ4IvqtEfvCjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjB2MQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MSMwIQYDVQQDDBplLVN6aWdu
+byBRdWFsaWZpZWQgQ0EgMjAxNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBt3
+AUl32FU6leFbtdsmqRhtnr5LSy+g92MgIEJ+lCsqotcfU5cZLMPldeSjgA8hJzeb
+jStBITy6MDIfeJZal0GjggK+MIICujAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB
+/wQEAwIBBjA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDov
+L2NwLmUtc3ppZ25vLmh1L2FjcHMwHQYDVR0OBBYEFMYT+zydtLauL8bef5VP8x6p
+08b5MB8GA1UdIwQYMBaAFIcRFQjRqsF4DLGvzsbJkO+/MATAMIG2BgNVHR8Ega4w
+gaswN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDEuZS1zemlnbm8uaHUvcm9v
+dGNhMjAxNy5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDIuZS1zemln
+bm8uaHUvcm9vdGNhMjAxNy5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNy
+bDMuZS1zemlnbm8uaHUvcm9vdGNhMjAxNy5jcmwwggFfBggrBgEFBQcBAQSCAVEw
+ggFNMC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAxNy1vY3NwMS5lLXN6aWdu
+by5odTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMTctb2NzcDIuZS1zemln
+bm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3LW9jc3AzLmUtc3pp
+Z25vLmh1MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAxNy1jYTEuZS1zemln
+bm8uaHUvcm9vdGNhMjAxNy5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2Ey
+MDE3LWNhMi5lLXN6aWduby5odS9yb290Y2EyMDE3LmNydDA8BggrBgEFBQcwAoYw
+aHR0cDovL3Jvb3RjYTIwMTctY2EzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3J0
+MAoGCCqGSM49BAMCA0gAMEUCIQCFadTwtoGjDi8TcT0wqbuSviFaE7oC3iMQKq2R
+E/fHkQIgNbsqwa96nrL3hElurUmULqMC5E2oXdaXrkdaXW+M944=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpzCCBEygAwIBAgINAJ4sXrlZ/XdM3YZqCjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjB6MQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MScwJQYDVQQDDB5lLVN6aWdu
+byBRdWFsaWZpZWQgUUNQIENBIDIwMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
+AASkLCREhsR4UUgppCQtg+HjcUjwsdK/j8s46Lq+vV80F5gmTxklJWLGA1ctRNFF
+SXpL+TWseaI7HJ6iRCnUz0qzo4ICvjCCArowDwYDVR0TAQH/BAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAQYwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0
+dHA6Ly9jcC5lLXN6aWduby5odS9hY3BzMB0GA1UdDgQWBBQH9izCA0NfdmcXt6SB
+h5rMRTB93jAfBgNVHSMEGDAWgBSHERUI0arBeAyxr87GyZDvvzAEwDCBtgYDVR0f
+BIGuMIGrMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwxLmUtc3ppZ25vLmh1
+L3Jvb3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwyLmUt
+c3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAx
+Ny1jcmwzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3JsMIIBXwYIKwYBBQUHAQEE
+ggFRMIIBTTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMTctb2NzcDEuZS1z
+emlnbm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3LW9jc3AyLmUt
+c3ppZ25vLmh1MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAxNy1vY3NwMy5l
+LXN6aWduby5odTA8BggrBgEFBQcwAoYwaHR0cDovL3Jvb3RjYTIwMTctY2ExLmUt
+c3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3J0MDwGCCsGAQUFBzAChjBodHRwOi8vcm9v
+dGNhMjAxNy1jYTIuZS1zemlnbm8uaHUvcm9vdGNhMjAxNy5jcnQwPAYIKwYBBQUH
+MAKGMGh0dHA6Ly9yb290Y2EyMDE3LWNhMy5lLXN6aWduby5odS9yb290Y2EyMDE3
+LmNydDAKBggqhkjOPQQDAgNJADBGAiEA3U9F2Hi0oY7uCbLoUv6RA9pQCiqEfz75
+ad2K33FAeKsCIQDF/7RMDBvY9IsXvPYJR9Bm/4wGFRE+cNElXL55j/uXnw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpDCCBEugAwIBAgINAKimIH4HXOeNkjr3CjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjB5MQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MSYwJAYDVQQDDB1lLVN6aWdu
+byBQc2V1ZG9ueW1vdXMgQ0EgMjAxNzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA
+BNxhGPPumC3jvmsBBM8Dbf1ebLPcksNdl0JSUCIePPdKNIKkTUeNhW0qSXAdnsTk
+DsTBLQrNDbJge5KOL0BIOwSjggK+MIICujAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud
+DwEB/wQEAwIBBjA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0
+cDovL2NwLmUtc3ppZ25vLmh1L2FjcHMwHQYDVR0OBBYEFI639mkaEMCaiEIxBDZQ
+TB8SbBQqMB8GA1UdIwQYMBaAFIcRFQjRqsF4DLGvzsbJkO+/MATAMIG2BgNVHR8E
+ga4wgaswN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDEuZS1zemlnbm8uaHUv
+cm9vdGNhMjAxNy5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3LWNybDIuZS1z
+emlnbm8uaHUvcm9vdGNhMjAxNy5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDE3
+LWNybDMuZS1zemlnbm8uaHUvcm9vdGNhMjAxNy5jcmwwggFfBggrBgEFBQcBAQSC
+AVEwggFNMC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAxNy1vY3NwMS5lLXN6
+aWduby5odTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMTctb2NzcDIuZS1z
+emlnbm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3LW9jc3AzLmUt
+c3ppZ25vLmh1MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNhMjAxNy1jYTEuZS1z
+emlnbm8uaHUvcm9vdGNhMjAxNy5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290
+Y2EyMDE3LWNhMi5lLXN6aWduby5odS9yb290Y2EyMDE3LmNydDA8BggrBgEFBQcw
+AoYwaHR0cDovL3Jvb3RjYTIwMTctY2EzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcu
+Y3J0MAoGCCqGSM49BAMCA0cAMEQCIF+gFmZF22F6Ml0mo3AlS4UkOSyedR1mswao
+wwf8YuJqAiAQOfYQcWlKsyGvIGAzCa53ukqQYs8wpUc8AzMsJVHRtw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEojCCBEmgAwIBAgINAKeZ6aG58ZBbm4zmCjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjB3MQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MSQwIgYDVQQDDBtlLVN6aWdu
+byBPbmxpbmUgU1NMIENBIDIwMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQJ
+1qga+lYlSy1gfiq/9HyOsioA+w7z88DQk/QKsrBHiEsT5eslU5Bl2e+3A9uxXVZs
+GlVMc6zz5V4O6PmSYgf4o4ICvjCCArowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B
+Af8EBAMCAQYwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6
+Ly9jcC5lLXN6aWduby5odS9hY3BzMB0GA1UdDgQWBBQVb5jhJ9vIuZCXHZJtm2If
+Yj2kOTAfBgNVHSMEGDAWgBSHERUI0arBeAyxr87GyZDvvzAEwDCBtgYDVR0fBIGu
+MIGrMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwxLmUtc3ppZ25vLmh1L3Jv
+b3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwyLmUtc3pp
+Z25vLmh1L3Jvb3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1j
+cmwzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3JsMIIBXwYIKwYBBQUHAQEEggFR
+MIIBTTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMTctb2NzcDEuZS1zemln
+bm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3LW9jc3AyLmUtc3pp
+Z25vLmh1MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAxNy1vY3NwMy5lLXN6
+aWduby5odTA8BggrBgEFBQcwAoYwaHR0cDovL3Jvb3RjYTIwMTctY2ExLmUtc3pp
+Z25vLmh1L3Jvb3RjYTIwMTcuY3J0MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNh
+MjAxNy1jYTIuZS1zemlnbm8uaHUvcm9vdGNhMjAxNy5jcnQwPAYIKwYBBQUHMAKG
+MGh0dHA6Ly9yb290Y2EyMDE3LWNhMy5lLXN6aWduby5odS9yb290Y2EyMDE3LmNy
+dDAKBggqhkjOPQQDAgNHADBEAiB6udqEIv8fhy8Lj17/RiRcTJurpx9He4ZqUuAr
+oRNY8gIgNWJ6shyKD2OPz4riZc99Xcs8uWDKdrJqCrpE/UA6xho=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpDCCBEmgAwIBAgINAKPxyZ1SVp2NmS5MCjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTcwOTE3MjEwMDAwWhcNNDIwODIyMDkwMDAwWjB3MQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MSQwIgYDVQQDDBtlLVN6aWdu
+byBDbGFzczMgU1NMIENBIDIwMTcwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASt
+b9h8yBr4lF4CCD1Xl8tlJEReTfLNHTQ/KfIwWxg2eX2XQOcU6urnTbo0U1lYtm6e
+WUkIGIGWLFNgPQc8jWf3o4ICvjCCArowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B
+Af8EBAMCAQYwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0dHA6
+Ly9jcC5lLXN6aWduby5odS9hY3BzMB0GA1UdDgQWBBSKpTW4ktWmvPnOgeqnlhx7
+3iDn4DAfBgNVHSMEGDAWgBSHERUI0arBeAyxr87GyZDvvzAEwDCBtgYDVR0fBIGu
+MIGrMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwxLmUtc3ppZ25vLmh1L3Jv
+b3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwyLmUtc3pp
+Z25vLmh1L3Jvb3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1j
+cmwzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3JsMIIBXwYIKwYBBQUHAQEEggFR
+MIIBTTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMTctb2NzcDEuZS1zemln
+bm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3LW9jc3AyLmUtc3pp
+Z25vLmh1MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAxNy1vY3NwMy5lLXN6
+aWduby5odTA8BggrBgEFBQcwAoYwaHR0cDovL3Jvb3RjYTIwMTctY2ExLmUtc3pp
+Z25vLmh1L3Jvb3RjYTIwMTcuY3J0MDwGCCsGAQUFBzAChjBodHRwOi8vcm9vdGNh
+MjAxNy1jYTIuZS1zemlnbm8uaHUvcm9vdGNhMjAxNy5jcnQwPAYIKwYBBQUHMAKG
+MGh0dHA6Ly9yb290Y2EyMDE3LWNhMy5lLXN6aWduby5odS9yb290Y2EyMDE3LmNy
+dDAKBggqhkjOPQQDAgNJADBGAiEAx/iA2F8RvKlWsXCy8cPV2WKs+wtMmzTYExMP
+JThwvVcCIQCAsH68XelsytoCfYrmGDIAmfK4jLSTsiFm7cCX4I4Lrw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFuDCCA6CgAwIBAgIQLZrQ4529La6DX0Rvu2T9KDANBgkqhkiG9w0BAQsFADB2
+MQswCQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAd
+BgNVBAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxJzAlBgNVBAMTHlN5bWFudGVj
+IFdlYiBQS0kgUlNBIFJvb3QgLSBHMTAeFw0xNzA5MjEwMDAwMDBaFw00MjA5MjAy
+MzU5NTlaMHYxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRTeW1hbnRlYyBDb3Jwb3Jh
+dGlvbjEfMB0GA1UECxMWU3ltYW50ZWMgVHJ1c3QgTmV0d29yazEnMCUGA1UEAxMe
+U3ltYW50ZWMgV2ViIFBLSSBSU0EgUm9vdCAtIEcxMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAxBgbleGJpbLe/M8836WNu0w2YTgGUk6bo9IP+7BNpXbA
+SqYwm/wvg/LMoy9dT1j7NFIq9gQ7WMoORvMI97FqhK2qxQmoZ0fRJMCPIYGNlD4/
+jaEzDDHHSZyytjlor0na0FVlKs4JbR7gIyVe+c0+ZC+Aw63Hi7I7cbo6lAZ5wUX4
+Fn2waaI7/eIT6L8QPvt4+h8OGyoRsHUSLagAhqiVZYkXegb6izLZSouDpy0O1/QB
++4jrQxFm6EGkkF3KOrD5YLROy85r8+yy95/WyzmM3TuuvFolW83sMiLoSFWA3udY
+ipDw8TBGLp9+O1JtgoDUZV2H5NsIZ781uWXsOiSfxOLZYcJGXOdqgG4QCVoAHC3F
+xnEnJ1tVYrIv0lNTq3Sc0fIbtUitXyykyM5Xd6wzYsInd9Mcvtuf/ukthB5bHZh0
+LZrcwpHZchJ0qihIwLGXkzzmKjeUf/QrI7MNfC1QcWR2sPV1+oNCvBrpMxrtzh2a
+X2yioUOfEi0pRVFK5q4Nb0YV9lMHX41eK49fFwu9wqPpy3lqEjD+o21u93ZINuVh
+3jt0W4DP5vZQn2WixtVUXMkBbEZ1OoUBOzetC0YaGfiJ/hbbfQideO6ZMS/EtD1J
+AsUAPMWf87fiRRppu3eB9rJSAa07gXs7TiyAJlcBRL3yoPuVTFFNMRIBRnsBRlcC
+AwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O
+BBYEFFykSk0SoSakEIUoYa4CEoHZ6nd7MA0GCSqGSIb3DQEBCwUAA4ICAQA8YcyA
+VniGkCIGcBlgNosktHgYlMlkKxaPoiGyqgj0r/6UIOkAblSZMnDY2g3rTjGCrahc
+n5qV+FxRfN9o2tPDJB8cV364vXXNiND0M50Utt4I39xP2+RSW/JhQOjxsHvGv2NN
+++6K6HfkaJk5yYHMO6K0gZIpgKhOlLDvVQOBXwKdOxRV0sSMaJ3n8cWlYshoafbJ
+9Osnocbnl0oorDnovy9FYCywa5PYuO52GBxURDHTDkh3nsXeWrs3I0PtUVYuKHcg
+mpuzRWY7rjkMbV+VHi0INp5ok4MvpHJUm+Y822AJ9X5iIJUVjt+zU8NnSnUaL1cS
+JmB6V/r/e/hfXOsmpUiHutHiHCO7+ir1SHscaR0Ks0sOBsM3wExczJt8aPDiL2LA
+e4k4Hc8mpJffMPepv+h78GitL9ms2cxtYN3KFCPpnT//uT5jQCmio9k07KB9Sy3u
+bDYnrqA1w47vUmMunZvUAhq8Twca+p5SMos68eLaUtGiR2LHSVIMJx/6XiFzPeXE
+DMTxCVqnMIsie5ea9mkB5XT7urIZRBMSDVe8VbLqeHBixv8n6LCYqfoHZ6qXn9wA
+fS03yuaCHBo73HxbI+nW9l7qG6Ca0+8T6I0kWTeekzB123S/KgZJ7t5U71OkBCRv
+XBmPp6b0QQ+l9ltr75G4XZarNBrtZPgZhZAZ3A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtDCCA5ygAwIBAgIRAPFcwJwtzGECCLgOowVyQ6kwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xNzEwMjMw
+NzE2NDRaFw0yNzA1MTQwNzE2NDRaMFYxCzAJBgNVBAYTAkNOMSQwIgYDVQQKDBtU
+cnVzdEFzaWEgVGVjaG5vbG9naWVzIEluYy4xITAfBgNVBAMMGFRydXN0QXNpYSBE
+ViBTU0wgQ0EgLSBDMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO6i
+OtJJcAdBTP8kqisZXwVvBbenSIOTSLcfpaeuWSD8aaAPJS26U2L8Boo2yQMq+bKI
+mue2rbRfdhKoB3N8UqkbUOKFYyH10ty6IcusOskqIpKanho+8+91YnXYkd997mkg
+tr9wkBKUWE1EIeVBFI2f335txIGl0rEL6ogL57mfMwS7sSyE0pk4WhDa1zLkhVgb
+4916MLb6v4eIamcv0xTdWS8sHGRIt8bjspuV+76+m+1lubvpzEJ9pmgtRYkHzL+b
+SpvPe96x4aW8TZE/v2+AHRaetiSmLA79ojgFkq62oHUMPIR/w+RuWrPY6+NWmMAR
+lAmVY3ztmGZxjkiJYc8CAwEAAaOCAU0wggFJMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0OBBYEFBHvA1BNJoEcesfb368b7cAmBNZIMB8GA1UdIwQYMBaAFFSZ3Zv/
+6KcOoxmdW75CV98w/I8yMA4GA1UdDwEB/wQEAwIBBjA4BgNVHR8EMTAvMC2gK6Ap
+hidodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9nc2Nhc2hhMi5jcmwwbgYIKwYB
+BQUHAQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0dW0u
+Y29tMDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwvZ3Nj
+YXNoYTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRw
+Oi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEBACNvgM8cibla
+jzBhUhlNRA2ozF6+ZIZklQQNMkCSf4TT2hkEdgBmbUofS/aKkA58v6JvF0kBHmzB
+47DGorMkgUISFsA3a3eHub9jKO1hQSVC8JTcPT6z7FgeocQyNPTrRKG+4m752aXT
+O1Mne70OUxcDTpgtkIgg9a6hTuA3Z9j283U7MQveq1tAUuf3nNrPL0I5CkVu/AHY
+ij/2Kf1zzHC5MfkeyWW9ff3BKD4+nWRbvmHdAlN7wKka5Efx5BoGfbySmTALPRs6
+OKL/R6ty0FC9kfEsIJ+/wWaOZcGY8RQCGXJXZpN3Pg2Ia2qxBmlKXSO6s/uegLrs
+T6PF3T2wvMw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEszCCA5ugAwIBAgIQMJ6XtszYZyhC+iBZWSkgqDANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE3MTAyMzA3
+MjAxNFoXDTI3MDUxNDA3MjAxNFowVjELMAkGA1UEBhMCQ04xJDAiBgNVBAoMG1Ry
+dXN0QXNpYSBUZWNobm9sb2dpZXMgSW5jLjEhMB8GA1UEAwwYVHJ1c3RBc2lhIE9W
+IFNTTCBDQSAtIEMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AHi
+qiuGv2g9YAJPiD8whhvGnF56uTPsYMREWjXveFFxFI74YAUzmyq+XvI9/7S7B8SI
+a3Sp/BcPB4r4AQVyLVwWTOM24nrVhIu5ZmUnHDbHRFD7qbuB/hYlu5AElGIK7rD0
+dZp9A2Q4Lzv1eoBJR6MDqGO2ocfhwA/XezbIO8wWs2YGVXc0+FMs/vR0laRyb0Cl
+S0lUJrG1gIZSx18aMOUFACSiB+4/9C2jkHG5L0hz0FaU+BFLQclCliVvTWHgFO2k
+/+b23HjR9pqvbyjv0GAcFArHqLED7dWAh3fEBehzCkrTz1HCl+xhmjj2TDnHKuBt
+1uCU8iUdYY0frDnuVQIDAQABo4IBTTCCAUkwEgYDVR0TAQH/BAgwBgEB/wIBADAd
+BgNVHQ4EFgQUhmenbIBkMiH1IFz9AgzX3h2HmGIwHwYDVR0jBBgwFoAUVJndm//o
+pw6jGZ1bvkJX3zD8jzIwDgYDVR0PAQH/BAQDAgEGMDgGA1UdHwQxMC8wLaAroCmG
+J2h0dHA6Ly9zdWJjYS5jcmwuY2VydHVtLnBsL2dzY2FzaGEyLmNybDBuBggrBgEF
+BQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5j
+b20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9nc2Nh
+c2hhMi5jZXIwOQYDVR0gBDIwMDAuBgRVHSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6
+Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEApBKZ1NcNEVmK
+zEJCbpMnQeU2DnoVcNrm5ORH47umuq45FhfJjF/siKhY+YEUF8GEYdE2ny2NWcP0
+WbOPV+QfpC7WJkNXJPUej3Kukr3i17YUo+inO7mD/i6sg1CLUB4AS30oB4FOIj7c
+I0aH9D2Jb2e0miXGBZa/BVZUujd6HIfY7Ga86FO+U4fzW+kBNsAZIVelw9X4K38N
+VmxNaxPXm4ThqxqHnSnw/zdMmvpPhSJo8761NJf8DQDFmLBz2sKlyCibRsX6hKAR
+0Sq7qMVWWingBILWrhbKiyLFdF7XoFXuosyLGcFq/ks28NPGzzi6jwHNxrJ46IqY
+wUy0NiasOQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEszCCA5ugAwIBAgIQF4ZmqFVKzL/nNFfmRRpobDANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE3MTAyMzA3
+MjIzNloXDTI3MDUxNDA3MjIzNlowVjELMAkGA1UEBhMCQ04xJDAiBgNVBAoMG1Ry
+dXN0QXNpYSBUZWNobm9sb2dpZXMgSW5jLjEhMB8GA1UEAwwYVHJ1c3RBc2lhIEVW
+IFNTTCBDQSAtIEMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8q0
+4UjkDDb3qdo6V3vFc+d01YpayZXQ+xgy0y6eToNUdesISCL/ueFhU1mYzH+27yy+
+pgYPL6tQXFNGjPnTF9MFOH0L4d+OJIx/DT8yWAGD2rAzryJc4ALOkM8iaGNYIiLZ
+Ntpt5IkpkKs+VOP9/HbHlBUeTKMct010VNMc0/Sf8tlULZxYveoOHxkgzqUvVB49
+Ad4Jfmy3QKn5x9+rPOMuhfg8+FhPVDaUtDOa/+jj9py6fmzxFAxBh9zVKiZvzYeN
+cOINr2Mp5/idTQf95H4gF+wBiz6wR40p7NZHGomzQ6mONVWUnOLSBoDobbOmo5jI
+VOKQL86W4V5cv1y+BwIDAQABo4IBTTCCAUkwEgYDVR0TAQH/BAgwBgEB/wIBADAd
+BgNVHQ4EFgQUYRZtmcVC9JMBmQfOkad+xqxM/DMwHwYDVR0jBBgwFoAUVJndm//o
+pw6jGZ1bvkJX3zD8jzIwDgYDVR0PAQH/BAQDAgEGMDgGA1UdHwQxMC8wLaAroCmG
+J2h0dHA6Ly9zdWJjYS5jcmwuY2VydHVtLnBsL2dzY2FzaGEyLmNybDBuBggrBgEF
+BQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5j
+b20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9nc2Nh
+c2hhMi5jZXIwOQYDVR0gBDIwMDAuBgRVHSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6
+Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAmliPPV5HexXt
+JjzfuBXFrH3SLG1/26Le2JKLk/cV6ASUmeBmJRb+paCPGKyF27wbzlOktyO1diWy
+1TcnksteVlxAfTHiqkhJSh0/zgOFuk7OZyhJfQNfNjlIMim7wGRrMRcEcPrieD39
+zyClkK5wANU/9FSjN4KXv5Nixqu/cdq0GwYowPN+JU9+SPht6XRyBxD+xh+d2Cmy
+2tKpkyISVwh60lJVvEYjMLOappPf5f7YOZw6dMNl65RcYl3pROWrE0LJSXvhYV1T
+DaOLsA3kn8IZA1qJ8iuadM1omfq5xI2B+gaN0RMn9htLYz6556X+pdxK28THsHcB
+LWvD5TnbgA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvDCCA6SgAwIBAgIQFQmzs1LWaJtacnLzcufgKDANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE3MTAyMzA3
+MjYwOFoXDTI3MDUxNDA3MjYwOFowXzELMAkGA1UEBhMCQ04xIzAhBgNVBAoMGlFp
+YW9LciBDb3Jwb3JhdGlvbiBMaW1pdGVkMSswKQYDVQQDDCJUcnVzdE9jZWFuIENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAuu7d+ATXwddHEVHoFcR2SjIvj2KjyfiRbTkMq5inhGgiBR3GfO6543XK
+GQHeOvRWZ6JkghFmxlkxBll6NBiEc4GeotdZELOu5TvaBKP8/A2VLqIGNr6knEeY
+hAYixWDuS/FpzlOKNKzk3iAxfx0C0a7sbJByih8KQC+7OJr+pQhbh0XamaAmSL5X
+ZIjEBaHG6HHIsZRavq+CGZ9XBizvUyq1jhBHsIHiZqFp5Ysc3TyAFXy0fmwOoLxS
+Tp5r2nSol8yiOtDDt/FDLmE3II9xmA3Hqs3gBBix6Z5o7zAwZMtexhU0Dt7lsBsj
+SZUMJVt9XFi6UfF3HxqrB1MK3tyxKwIDAQABo4IBTTCCAUkwEgYDVR0TAQH/BAgw
+BgEB/wIBADAdBgNVHQ4EFgQUQ+FMxzoCryvsJ/W1cIW0gqTQsZ8wHwYDVR0jBBgw
+FoAUVJndm//opw6jGZ1bvkJX3zD8jzIwDgYDVR0PAQH/BAQDAgEGMDgGA1UdHwQx
+MC8wLaAroCmGJ2h0dHA6Ly9zdWJjYS5jcmwuY2VydHVtLnBsL2dzY2FzaGEyLmNy
+bDBuBggrBgEFBQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3Nw
+LWNlcnR1bS5jb20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0b3J5LmNlcnR1
+bS5wbC9nc2Nhc2hhMi5jZXIwOQYDVR0gBDIwMDAuBgRVHSAAMCYwJAYIKwYBBQUH
+AgEWGGh0dHA6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEA
+vjmXSgFHk8JOk3qUAtuYnNztSMhyknaH/JesctUvwKeA06RfVufFuH8k99bHqjYp
+LrWdj9b2LvlOdl/DezY7PCzmWOLjA99oI6QusRx0VS2Ba4jcU3QsHuQKLqtyLYxA
+ErHBvkKHaizbW2P8I1eqjBkXF3BieL5XbHH7BEaIPamK6beNY4gBVV1NIFn2tIJr
+yZbOeTxe+bGE+BC/90JYEK9CtLkEIhuYmMgk+TbUSfCohTZfzdWDJorgc2BJeLuI
+RRLQYt2BmDdQw/+UlhfmGeUOGetgMs3CA+DsDgS4hmdeh5xcEEl53oUDX0ei3vME
+JySOSZQaut4nPSlkM9djHQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIEjTCCA3WgAwIBAgIQDQd4KhM/xvmlcpbhMf/ReTANBgkqhkiG9w0BAQsFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
 d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
@@ -5859,6 +17039,34 @@ L2x9f7ZbFIP2Ie0EcuVNgX6jFj7EKfKFHn8apJdtGhUJZq4mablNm+3ixPkdVr5f
 71aaFFvfKi824S12PbLs+k5iSr7uE3taQB2yE1umOs9OJ4X9Yvk=
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
+MIIEsTCCA5mgAwIBAgIQCKWiRs1LXIyD1wK0u6tTSTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNzExMDYxMjIzMzNaFw0yNzExMDYxMjIzMzNaMF4xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xHTAbBgNVBAMTFFJhcGlkU1NMIFJTQSBDQSAyMDE4MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA5S2oihEo9nnpezoziDtx4WWLLCll/e0t1EYemE5n
++MgP5viaHLy+VpHP+ndX5D18INIuuAV8wFq26KF5U0WNIZiQp6mLtIWjUeWDPA28
+OeyhTlj9TLk2beytbtFU6ypbpWUltmvY5V8ngspC7nFRNCjpfnDED2kRyJzO8yoK
+MFz4J4JE8N7NA1uJwUEFMUvHLs0scLoPZkKcewIRm1RV2AxmFQxJkdf7YN9Pckki
+f2Xgm3b48BZn0zf0qXsSeGu84ua9gwzjzI7tbTBjayTpT+/XpWuBVv6fvarI6bik
+KB859OSGQuw73XXgeuFwEPHTIRoUtkzu3/EQ+LtwznkkdQIDAQABo4IBZjCCAWIw
+HQYDVR0OBBYEFFPKF1n8a8ADIS8aruSqqByCVtp1MB8GA1UdIwQYMBaAFAPeUDVW
+0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQo
+MCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBCBgNVHR8E
+OzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9i
+YWxSb290Q0EuY3JsMGMGA1UdIARcMFowNwYJYIZIAYb9bAECMCowKAYIKwYBBQUH
+AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCwYJYIZIAYb9bAEBMAgG
+BmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcNAQELBQADggEBAH4jx/LKNW5ZklFc
+YWs8Ejbm0nyzKeZC2KOVYR7P8gevKyslWm4Xo4BSzKr235FsJ4aFt6yAiv1eY0tZ
+/ZN18bOGSGStoEc/JE4ocIzr8P5Mg11kRYHbmgYnr1Rxeki5mSeb39DGxTpJD4kG
+hs5lXNoo4conUiiJwKaqH7vh2baryd8pMISag83JUqyVGc2tWPpO0329/CWq2kry
+qv66OSMjwulUz0dXf4OHQasR7CNfIr+4KScc6ABlQ5RDF86PGeE6kdwSQkFiB/cQ
+ysNyq0jEDQTkfa2pjmuWtMCNbBnhFXBYejfubIhaUbEv2FOQB3dCav+FPg5eEveX
+TVyMnGo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
 MIIEizCCA3OgAwIBAgIQBUb+GCP34ZQdo5/OFMRhczANBgkqhkiG9w0BAQsFADBh
 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
 d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
@@ -5884,4 +17092,26460 @@ hdgUPk8MlD979RGoUWz7qGAwqJChi28uRds3thx+vRZZIbEyZ62No0tJPzsSGSz8
 nQ//jP8BIwrzBAUH5WcBAbmvgWfrKcuv+PyGPqRcc4T55TlzrBnzAzZ3oClo9fTv
 O9PuiHMKrC6V6mgi0s2sa/gbXlPCD9Z24XUMxJElwIVTDuKB0Q4YMMlnpN/QChJ4
 B0AFsQ+DU0NCO+f78Xf7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEiTCCA3GgAwIBAgIQAlqK7xlvfg1sIQSyGuZwKzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNzExMDYxMjIzNTJaFw0yNzExMDYxMjIzNTJaMFwxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xGzAZBgNVBAMTElRoYXd0ZSBSU0EgQ0EgMjAxODCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMoIXuVTipccHkMvtoqnVumLhEOorJ16VYJ6FEuGty+P
+Up8cyrEgW2+6It2mnC142ukGCE6+E6bry7s+uQUMPkrh8DIfE071BsVHc4k+gKOL
+8QEkm6OZZpJraK0NLbTNcqL0+ThaZaa0jFPBCBqE+P0u8xF1btxqMSmsDYfMk2B4
+3yW6JlmRxoNSNabKnLgoGs7XHO4Uv3ZcZas4HnnpfMxJIyaiUlBm0Flh/6D+mkwM
+n/nojt4Ji7gVwaQITCacewbb/Yp0W1h+zWOkkS9F8Ho8lAuKfLIFqWeTn2jllWNg
+2FiVX+BV75OnETt85pLYZkTgq72nj82khXhBJFTn2AMCAwEAAaOCAUAwggE8MB0G
+A1UdDgQWBBSjyF5lVOUweMEF6gcKalnMuf7eWjAfBgNVHSMEGDAWgBQD3lA1VtFM
+u2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAm
+MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDsw
+OTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFs
+Um9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0
+cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEARE2F
+5d0cgozhZNWokCLfdhhl6mXSOyU3SoPamYcWfLH1CzMwD8a1+pFvwHIQfvlwXFH8
+MrjB3C+jVobNbVWRrgqS3Jsa0ltRH/Ffs6ZTgP4WJYm1SNpUbgR7LWUD2F+PTvKB
+M/gf9eSyqP4OiJslYaa38NU1aVAxZI15o+4xX4RZMqKXIIBTG2V+oPBjQ1oPmHGA
+C/yWt2eThvb8/re7OpSpUdJyfGf97XeM4PiJAl6+4HQXhjwN7ZPZKrQv9Ay33Mgm
+YLVQA+x9HONZXx9vvy8pl9bu+NVYWKGxzGxBK0CBozmVUCeXQPJKPTZleYuNM18p
+U1P8Xh1CDguM+ZEoew==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5jCCAs6gAwIBAgIQDV4OHeIxocEKHPxpzeO3fDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNzExMDYxMjI0MDNaFw0yNzExMDYxMjI0MDNaMF4xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xHTAbBgNVBAMTFFJhcGlkU1NMIEVDQyBDQSAyMDE4MFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAE8vSkFSXxMMZzAR1H30FRmNzcc7/Nz9XPyJsq3ACnY4zchQwR
+ATY0q14ImfSpFXViI9R/rdJa/coxlAUUZ+CGg6OCAWYwggFiMB0GA1UdDgQWBBRC
+YLWzSU6610OoPWjn1ZokJflm0zAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OX
+sj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4Yx
+aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNy
+bDBjBgNVHSAEXDBaMDcGCWCGSAGG/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczov
+L3d3dy5kaWdpY2VydC5jb20vQ1BTMAsGCWCGSAGG/WwBATAIBgZngQwBAgEwCAYG
+Z4EMAQICMA0GCSqGSIb3DQEBCwUAA4IBAQDVzlWMtXWb43Saad6ZvqgQR6rINawx
+yTBtZgmA6s8p1F22fQknc50IWlS7fSVIXaDP13z+eCoL60yRbFXIKaM3UdhIurd1
+mtx+nwD+u9N7ePtZVhM0sjoEdLTZAkwwRN+LiiZnUR6g3xoBAwKbDpvXRDVdaR5p
+BFOmXQo85oFKbHk8YIpAbCX6mPViBw5DEKs7XJAkc9Bq4J5lpMMJB/9U70gHZpFI
+aw7PcOHiWc4UymczUtqsCm5SP0gFlPNT0hr9qcycVgE/c4Vw/CfgBKhmIcM9Hmt8
+MbhFyi0muQmuK4UPx9XDkg4uEasLyx1iRiNPIBFSJur/dRGjDHDnaQUu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDwDCCAqigAwIBAgIQDxwgJzseM0ItZzOBF4ndWjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNzExMDYxMjI0MDlaFw0yNzExMDYxMjI0MDlaMF4xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xHTAbBgNVBAMTFEdlb1RydXN0IEVDQyBDQSAyMDE4MFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAEvqMJfrdNSTVlTAIilcyon2KL2FEfNFcX9V7DHgnP5cCk2vFW
+F1koDlue9TxLALBDeD/MEObw9Xe8936amo/qVqOCAUAwggE8MB0GA1UdDgQWBBTu
+mi5G8MLaPFzHjNakdZjeqBkKZTAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OX
+sj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4Yx
+aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNy
+bDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cu
+ZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAb+kWfrVbdvLX/OQd
+m190NansWxYlaLC7X+mc4iX5XR0fojsJmCxCBdYGcvaLbBHEgkAMOhAHo/Vjq+qI
+91PKv9tHDY8lL9awRF6IU2eF0vTsR4vCo5KLAEBowDUWOYFI/BVCf80TF7AsLhgC
+6tFw9AcTa6t413fmAvy8wKWakauKaQI5aipGlAJ/xEZTnDaTETrmAB3feRX43tIY
+d+XPDNk1L9LIO/WNbVfS5bUA2hN3z5O1vkaEsmbgUB0VSlIlSeAmwjg/btCOljW2
+pWj7nw4k8q4N1inLJHOpaMGz7IdfYfF4tfVmTJsUgCIJs7TM3+x2ktBnlepvMLZh
+Q8qWaQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDvjCCAqagAwIBAgIQD2f48sica/VaGe9r5Cwz1zANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNzExMDYxMjI0MTVaFw0yNzExMDYxMjI0MTVaMFwxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xGzAZBgNVBAMTElRoYXd0ZSBFQ0MgQ0EgMjAxODBZMBMGByqGSM49AgEGCCqG
+SM49AwEHA0IABP+e+mF53FsjNP4frhLe//huaJSrDp8WansKmkyyzn/OqoIAqlkC
+hkpbBmUL9QOoO/CWvB7C5jab6COizIPdnYGjggFAMIIBPDAdBgNVHQ4EFgQUBK9P
+bgo2psIngg6c/rkCQkk79bkwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I9
+0VUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcw
+AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEIGA1UdHwQ7MDkwN6A1oDOGMWh0
+dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmww
+PQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRp
+Z2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQELBQADggEBAIXPfJVi7DCZ58wfJYlx
+rOWB4avmGI+b0H3nCFucVJkAFK5bcu+gpNqlbn1HDLJCOnpubLtFf8dD8jXSQI2c
+d3cec09HP3qi3zLUr1JpZjBmh/WEYPUSjbnRSiq+2DlJHTBcnGIFJKQ/YfcCLjGp
+8GXFH1e5wCD8UFCToFRgm1WCfTCe7Li9IJTBtUOmtj1hrslQxI99AvfmKGRFlIYb
+g5lsEChXK/VlOdWdiixUKbHjezE9g7SUv/OZpayY0AVTJzxxLi9akRCpXgndqZCD
+OY1xZ1Ut2k0Lt8y4Hwu6DX0KOYR4Qr5Dx4+vJ8bkAcIVF1GZwWoyUA1HESvRwx/g
+lh4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE0DCCA7igAwIBAgIQB2eo6PAkBD4mjnT5XupWKTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0xNzExMTUxMjMxNTJaFw0yNzExMTUxMjMxNTJaMIGTMQswCQYDVQQGEwJV
+UzEeMBwGA1UECgwVV2VsbHMgRmFyZ28gJiBDb21wYW55MSMwIQYDVQQLExpPcmdh
+bml6YXRpb24gVmFsaWRhdGVkIFRMUzE/MD0GA1UEAxM2V2VsbHMgRmFyZ28gUHVi
+bGljIFRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IDAxIEcyMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoN8m2F+5vays9Lek9yy/bQMXtygq8Ut
+JHik0kC1EAfbEZnAt2WXhv2mnpedIF9p7ECFQ7257DR/sH/tRBHeAkkhAzctyxHw
+bFtmfeGSNun/RUkyyypplop/rYr/IhVK5m2stDPlrkW80VXFdwNABQF4KEN+cMmC
+qfZUXNHeOTkod8ajAiOY0F3Shze3s0j4kXXddjqJkCiu2/9upACN1VmIEZ2Xl1M2
+kVGIO2e68ZJiXFpE8KgrcNpDVmpxS9DUXr17sdWWQe/wQ5aJpJQL69aLy8vcu7mj
+Z/fncAQg7qqOFdOoHsNArAt6tkbGgdLu3E7WAzaMh0jMtjHEmAfJWQIDAQABo4IB
+TzCCAUswHQYDVR0OBBYEFDkTnuFB0jpFCziAYK+1IUF8AYl9MB8GA1UdIwQYMBaA
+FE4iVCAYlebjbuYP+vq5Eu0GF485MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEF
+BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBC
+BgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNl
+cnRHbG9iYWxSb290RzIuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAEBMCowKAYI
+KwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQIC
+MA0GCSqGSIb3DQEBCwUAA4IBAQC6Ujs43uZubjQ93QW6tttg2VDG3ztlszR4XpQ2
+gWjAi+WsD3vazX27ts2XDrO/Be/+6jCfv8O+/TN4wWvmUc8Zek70GBs10IEeu4n5
+LL7OGUGvBRb3WOQYouVlKR5AZk7u86fXp7TvrtlvGuW2Ph7FIwWLHMDsPbwLrTvg
+1whjlB8nC6tGi7IB2jnkfYSfk8Y1FvS3ud6r2af7ThU2UlelaISZPaqNd6nGTVD0
+DDb6jmPaq/3Va4BJjBIP1GkkDSZ40BurcoMeE2D/RcHa88dPyjpBJ145otXcIOUK
+RyGmDsMQG1E6AWFl3HCHvwHcZtIA2f9bkUYK1HG9ek75m7KA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQIcvMOA2tLHYPX6t4Vqb7rzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODEzMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAzsw9/pnRrgbXKzxlHO7WA0w/djyY5xyJOAX9FQYRSeIK
+AHDlMM4C/YCVCGFHLQnms9ztE9dYUvDeovSNjx1FF9TA9NPahLzOJ3ptGVy/rTJS
+OEknippKdAuhjDHV6UO7g8QkdbOsNSIRznIhqyETBMeEGBZyA3TlCj/BaV05GFS1
+Y8T9NTpX6zuS/25wS8VRnaoKMaX6XmDZJ5gwJ6YifR1rlZLquuNYDwidS1BvFY2f
+wQkLklwWGUGugEMnzrfUoPa4PvdAMZ3Nt+m2bMTJG16pkd7JsG126zGLcvo19J+C
+MOB4kV8w5VPJY3/GOrij+0eccSqXCbPuGmKKOYYFmuRNMxBRyFAr+Ad+POMACo6d
+LI0P+U//QHsxu+06WEJtpoqtK7EVpkWErlTlYcZLiKjNnemXJp311og0msBGEQmL
+zlHIiWGN1Hj8E5bPrZNewHpMRpvVHTnR8dJEcW66GiqEX8dGjTZiscMhx24VP4a6
+Zkh6sFMw2m4HFtp1EYfvYkh7901FUk43gBXd5DYsORJVbYmExgscs6SbiC/WLCFO
+u4geiq1DHp7q8kjAjd+QWWBfdIO2iSyJ61xOVm3Fta4XYtRUrysUMSmNCqK6QQtZ
+xCGkEnXjOj8wqFTJsLYhBwndS2TMd/9u5UaChhrZMzRrHTYF6ZwaMtCTGu0SW8UC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQeqiod
+RuSAzIdIxuAFBGe9a7mIQTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAJd0odOH8xGi5GU3jqfte2M2wxN9L237aaSi2XUU
+mxtxsMdOPl7vnlNhrYmtvBQ9va+IXqDqmaJkgoxGFtCoiZFe8cIva67FaDgsCa7y
+mMaiR4NSU2rLvcCc97xQb6qj2oItoOrG8FAvHi1e4fWW8LuTakeOs5ysEnamhMU+
+zvVM/lEBq5N8dZcX9y6FFQhcvw3LixMO0fi3Y6dB2YT+xUSmlqX1bkiQD5aVMOVw
+gGhFhbntsTj7PM73Xz73S3Vauqahkgklvo9QsT6WMDAVylZRb++OsQ59S5BEL32T
+lf5wN072P4zl6vwGvcE9lGL4R8kq5XIi44cu+Mmmv0/dTl3wp2HhTbjJsy9Qmge+
+qOZ6WrocxzUgB0XJe3tpFESfIYbSFH14G8PpxVcAmS35sw8PVkT4zkKzst8XVBOP
+t3ioMeOw+KNgsK75IQYe18smmBcN1nOVEGjJ030NBqfX85IPlp7UDoG4Qd5vWqr0
+l9bajF6LOEdV2qonBQBYUugTlct9tn9C175Uoa/8a0rKb6Xo61SYMYL2CuKv3/5/
+BgwVmCfczQCg8q6eJapwJyJG4dBAXSmKNZSXdvdX76zsanJnoSjLTB91/USZF0T+
+3g6L7UZaTZc+Vzrv68c5+nLD2g7rKGoVg+A/S3/F8pvNcl/GE6L+2aVGyGRcKMoL
+MG/C
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQXh8tIPyKnFy/9o9+/M2RrTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODAzMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA3qHulx/7LvzTQKfLxLlHEcKco2n1Xfy47Z8Kqjt/ECvV
+FQxmFNa9X78O/EBttg2dLJgxKGhHOo0UtJAszF9872Z/SDQxV+DnfpLE0rew7Y65
+MDzCT6F0d2Yirett8TVIUVzuHDGmPeVixTvqrdK6xjsmJ98Hfe0kxfFEw8zh3gky
+7E7d4Sn9IF0sTbOlgFDmnGU/d5XxBdtlMYVTT2I22kYz5Q97Rm2Hx+GTf7fvNsg/
+eUpAlvNBIz9s8q+lK/MjN+gt8dA6Ec0S9bY/tocUwSEIf84vnPoS0u7HGt1gERvY
+Or5zoCC2TEcP++nHR+I8asriJA7/j/3Jza6qz/ioV7nCEHQ3jt9+jrwG1AnxQni6
+RHpRCL9KYx2Riwk4aAsjstuI2b501LONbEC8C1wBqi53sgbHS3xl5L8EA1iy78rE
+AW5bimF3HWYSa5U5deiUCcMZVKY3ts6lXGqiPBUqQG/Ug5gazIkDsijJ4On+oUoG
+5KFQ7UhDHj7AtP77iqlBtRB97VI7amRyOLoYbENFPqZOm/EHSRpo/C0dSBQDGg83
+iSge67Kn14Al5Zw7BefrSN6rUC6BsioxukDi+7WOztqiYme3UVpQl+WOeE7Z7g/y
+tcyZ+4Sl/TRqOa9YCS1S925kxq7+QXW2TozgqQOac06V+4H9Oi2c8okWqekJDWMC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTZNCE+
+OkIlbeG7v75HTPgCreMvVDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBADiZCmd+Gol1t9GxK+vf9eii1oiXDYqIOJAgCiXR
+9S+d5CN0KMwXGczlVySKEjCVyjkWPXAqj/pb1gbI9GDNNlD3lNadnwNwaIiJYVcN
+X9eip2V70JEzvJ6OQoQUjPtbsKgeYo/S8IjJ6YsSFYf+Bt6oWBa1getGAJNvaCHD
+M9mnmKyQNW6cu/qWPnRBAY1wwX7b3+OtP9wkOrqflUlCKmJ3SzxaPM3B/nft3Qso
+T6pvKekZxo+Bq1Ae2sAqC1IswqEunXVKKHllHz3HIKNLHVPPjKaMMVAGJj73A5BK
+mXRHwskccN8FxioY6Xav+putUVg/IialA7UBiQQZF3udm+vTBiIXQhwjNnbmI5k3
+naJH54R0tlxWMoV8gX6s7zZR4GKX+elTTBdvI+FRCsAOJ0ApVckDRcq0g+uAPwYQ
+9YvaSeBHr9DoYT/4MwkiOwgtdXe83EPQioNy4JntDxLh/9VbVJqDXJghmxDoOOtf
+5CwmkYMJCiET6+G61tBIRclo4CUy7GW56PYgS98V8ZEro33llB74ew9+EH6nw6Ef
+Ncf216PfVC6dDN905MWxWIPv4lYitLK2168nkIj2CXcGACt58bszr+kM6GEJv1qP
+HQ2zoR+nY7fJjNSB3JxBkKJ3HTlV9SzJ0UULUoLfW6iMN2r/pHAO/Nq32ajAFQyy
+SjpI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQWkzvBIEpUha5VwXHcwUb3zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE4MDIwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDCrRNoGIfRm79jnV5QX6m9xVU/14ajq7DySYSwDSOt
+hNerWelN3limhyA+ncgLmZE1bTvRMmS55Q5JnGsio5JvAgjh6XkLqM/tkkw6a2kT
+n2N3RNJn45mTp6IUVI+FxxWElryn/dahIrJi9dMiM3j/DwDZ1WcrXM9qD0HWZllQ
+2baPn5AoxDjPNI+qvgUmk+iaPjhs8+vUOp5KYSsdYajrzQ3G1WS+DHsy/ArjX0R2
+4wmHk/y6DF7LM3E5Utq6Go244B2DIf03u0spqdYpfwTgTeeLfCbhGU5bkJ6VhFT3
+2TuhRfsNQ52Tx8yWgy4JfzBJVMOqDFfIoiZT6H+pdzqBqoqolUDkDIi2yAwPYMtr
+6hAjTM4yiymyUSLxHS0ZPT09/s80HopfjL6+XmETuKHA0/nzjDfps8P48EUye2DH
++kbqY1RdrJ8oE212JjatMupruZelNRORVJdkfoCUIPr56tt81tZrzJBTbZjbU3O6
+bl5GY/0gKWTz46fNcVT0F/XiqmjH9d6qXUof0KyZJmBdFRQmydnouvPNLVAy3qt+
+y9enB2F3iovH8kNAK4akbq/rYAAuMwFyXknPqDSTxI8RKPcLVsFY02te6pU0gALr
+LJTbTSMh4kdwSyc6vsNCul04KTLyPtzuxcG0EJ5g730r2FMMeMQsjZS0qbeft0kL
+EwIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFNPd
+NkySavp90qA1Hz6VNibR2ImFMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAEAtBhYTnu4nUXntASw/4pDczbrl2kqNtnYtu
+HZvcWZlU/caVpizYWPdoxiUc8nGpEVU+2HZ9JoY9gWaiaBJXhcghDN5QX6HU+wf5
+sO2Z+kWQtaye1RqkxSmBOceCZsKNArdv6CBVPh9L2LIlCd3e2ZYD7ygIFw6Nmck8
+EBfqvFpw2L7RpVVVa+1KrrsDuDm3gyd89uyycCVtNA4PgWvcLmhstJ8hLdE4PDnC
+D6nL6ycs+Kcf0WltcXZBtQ5F+i0N6jsa1/v1G+QEU2hfeVaT/8wK1l2gasGjW69O
+aC2FxrGxyioIN71p9ZARSVGOoBvxgpXgSAQET3MIw9SX6XfmdxCWV8HlnI4PUPuI
+FfsEylQa/8aiLYuOwjIx6bTOYwR9MYszzSRbPdKUntlxGcC14yOZeGf1sLbakHzE
+Pmj/redxsr//sJeJGjbxsnaSq+/fnEcOPEryHy9LZbo2qd3JpMiNudkD1T03YrqA
+MKBHp0g4BZuv5H/f//Z845Gjt2MzSe1n3HRceMT1dTQveuqXBUia6n3eZn3gbFhE
+Up3b9++Kzl6BfNf3JETukYxCrcmUwSPFISgSVgVc5AHCeZJ5o0bI/u/QuE4wl0va
+2EVKevvHHLwjnDY3k/nNWmfnCQRnnIGfULjcY536xNCyVCgTQg6LYalm62rFH6SW
+pv29+qk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQKeFD5m32xRriux/5SSAksTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE4MDEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDTK2OzCutj6BKuHZtaOvH8fwnTe7MCD4w5a/wgYSPi
+dvvZZbkuUVEpTeNx/ksV++20IpqY6ObCxnS98iu8bC/CWYzI+MJvx2TvyivO+qEu
+lRYxPgSFr3OJpLi1dikSIqFji4dMA4QmQ9ualxuuvZ+bSrHOB+teq7KC2yDbb8jD
+ba06hbRPc9YIQw+sH4ATsN/x+cT2XN2JJPFeohConTkGIGDq2Y1Jg2rHLRof0k0y
+YRtbUlRBXEkeUl6D9HEWNyK8i+/YlXwTcFZX7KgRiyRdkiOJ86MVrlRUtyhKB4Fs
+BC7tAmloeuc6C4UusPJN+sTGQJVUigJnyIEboiSGrU0wI98kP9U0THh3a9cWIQND
+S8Y1R2kPYq1Afa58ZLXUmmnqvoAfrs0TbFRAoSbyxxnvrTy4jfQv8Zgs/9gRQ7zy
+TSq28ooFdXYPlU4SR8Duwh8nem6UYu2DzR7bvbPr/fdDy4PPcSUk6o58RWk8MFpI
+2KDJgvagQz4efhzYJ/reJZweRpbRMZn7YL8NsrMdATsEpD4adqMD20g9wCVQRr4d
+c9C/ElD/aZtIV41JyKP/35hg1flrW4aAmy3kzyYD+W7UL47K36mgODypipjXJgsa
+a0ZBv3+nlbF1ELjF4bnDZ7sc1CrI332Qi5wTfgoINaJ6S7VaQMZOY69B1515Yvhg
+dwIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFMkz
+WZUxGCe3QkXFX0pTOA5q5eJLMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAk5Pp3940sRyUuAxMu3kVf3UUt205f+g0/2fR
+ry/X6lMZ7/wv/ZctGYNhhLf2RrJmJEKxtJYR/oGkfW+h0TSu1inGky5WEnN7w7Oy
+E5Udf2Y+HTufOnzqCpOYywDm6NXfbZ2FYT+f+CulHT9dOnuUrxuK0zrJQWSJYIsO
+xlDFFHyzbFG6QMMohKcy0a7N9WQTEdgl4q/AfO+As6msvjsYh9ie0nVe2WG+lBJ8
+AX2Ewt8PNLg7O7YnnI01AIAoNi/pkedqJSTZCE5JpQy34QIa3aoBGpn6B4M0bcBU
+tAzdQ5J0+Uh+RWDYjPs55m+mCgNmTxI9M0r7m4xWaN+BIMcKB5sj4PQIDSv3MbPQ
+ciJl6tCG4QjLlMVRe9d8aAHmVS9URqzkmF4ooG5jbEjUVUSCp5hxdev7Y66aipnr
+eXdhQUamyGktKjQtheWT2gixs5eNeRZtoyFYZgSOi/9m3KY7xAwifyOHNFpJV9FE
+b5HIIOGvlhGGyQEiyie3B1umT931GxdcyF3+C0RhGyU2CGGhVNLPhIpIUtB2gBpZ
+kuiOTpyPVKMT76oIhDVhuxToG/gxBo450GGYgaJDx019mVgucp45rCHk6AnU5Rtt
+zT1z221SHCJPcpEqnp/z+t9GJ3SV3Zb0RnllFP5xXzJsqv5WVtYOvSjOQmlYlAYP
+CdUP/Cs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQZgVQaqJRfCqnRL7eNgMv4TANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODE4MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAmEuXGi6x0Su0O7ReL+o2lmnHZ9Z6f2cOqvSl8ed5/huu
+oL9g6Ci6RMYqjjsJKMaR8KfGe0PqLVaQppp+DEmg2y1TvAIdwtTbpFFZht/W57Kv
+WwajKPFV4i8HdM+0jSRUvuDNvxIN0PZLHRYMB7cJzRLZ4fNBJG/dkw+v5T/JWj/l
+L/+XyuJE9sU/lcy/l72gi/TxDVsCVlaHf5LL2XgfRgBPbow6Z8hQQQtpACOTnvJ2
+k8NU/BI4F7hW2SSzuj3HkLJJHC7L/o2VuY3k5NXIONC0OjRkKamet6f/PcT5q4c3
+5yXP9ylVCoFmYv+mfuKwj6tRjm3iGNRG7VQx/gjTmz+vLrZA5PW9YhluzMQ6wgaG
+Dh6beq+LTuWuXoWT0eKkE+DN2qE2Mq2WU1h3Bh1pXcj0tsd1JxbY+XE2tV44KlF2
+aUEWwYV2Rpuz2x03x85SljyCX3PrVFqB3K0WJWSaBXbqiSbnWbenJfadOFr+CHSd
+w4SUaGNMB8ZDXvrCi5hhI8mEX5rZWsSbhILF1sO+2lomtCsCy/qOc30+/6Wg9Djy
+TyhCngcmTE9jq78DlGNn9EeZcX7lGkM+g4VpOJJ9WVpaDrstpOrn95tEmfuFU3N0
+bUybCqrdYnBe9zamP+qeLdEHa3mWZ4OkhlLgUAv26qrdUzq/sDGoQH3aR1Ret8EC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQQoDjL
+Ql+/lzijUfrmvK5WwzuRnzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBABNRfMBV+MqzUir+vRnThYTIzJZic3fcm6UbH0kN
+/loVRopFTIGEfqKGCIPpmCv5chDoUs9InI9n0WRM0pvPGswpY2yTSj0xDcUGgvAj
+veD57bVqevDL/hY6eJbrZvbRTuNKqsuUhbN8fPU/nB+DEAO/TSjJtvh+yLnN1Op1
+XtSDqpfBK9LAv/rZNx4Cd79A0yfHPWtdalkU1bQCs54RK5RHwPXrDCueIo2eJxls
+lVOPxG2wxH+bx6thtdM0HBxFJJuPDWQ+N3qMdV8NwsGdRm8qKXJQ813fPfph3J9E
+jxYcfQaexUi6E9LqRHt0yGEsK0EPuGcr/NSnRjTMVV0hBhBxqwlX8EIHI4wW8K5D
+Fv8ZDlV45SMicNXShcAiHa+XiNKA4gQSqQi6DXbblOIrqeSvVMaTCei9Hza5COH1
+mfBvuKA1FbOEqsfbzhMp+5piA+g1Rjc3M9Omq616TIFbIbgGz2C/mH8GE2eXr/MF
+baRI7k4fIV3LPhtig4qJFlC0sB3Nkw5pWY/GarHi8tBi5Vu8arab+FsnSpVHX+Ul
+qjQgcJxIFCnYD9b/PbLprG9OnIRbGuR5mqcX5ZIwJbsmZVkvXGXbW01BHrRnE6aO
+fs+0rROIm++ATPZZ9mloVS36KUfSzCnctnIdBujtH7chwTTcrSZTSgO/2/1NJ2Tw
+3XTX
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQEuF0mA5fDp1x2/9AnIRP6zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODE0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAt1ugBv4VQAurYjlhUSCrroBZJXFpnutZES23CawtEQem
+iIGJSRVYlNbhIhSmd//79f564Xyv9uumJr4j2Q2u3qYTi2iUVmlN2Igyf12JgaF+
+QvdMVudJr4QsI00ZzMI0pd3wuNqlWjBtkkICGgZzv37hwfISqzmY7S+z/p2SuMQu
+VLs65YAPc1WZNrM/+iLSCEA3zjwBPVyux1tMyhyBtB8L+3eQDannMQk/qeyh26tu
+6y1t3zfQUNyoU8NGDpykmMBkPVjs+FlertGEpcO/Y+Et+7jJQBGWWS4coEMsOvOS
+mI36fgpXQBpQJwKzya7pw8+jqqOpwA+2oDSqtY0TOXbFost5uUUVD02UrpCNPugr
+WgysTE7u9YOkMZJtC41vHC/tpv4tsV2gJ7pRgNdfdRU34LN+BP7uFsY7C/YEr0XO
+YTilaVzv+3Y0n090g5lL2QhfgR3Cb6ffaM5vDoUjONNbmN+7PiqtQr1eoKd+Qy7O
+U/q2+Wd0cvkn+WBHzr9mN088wyQR8TsFEP9qf5odtCIwicV+KxaaswdIxk40kY/w
+7uWY7ixUthCWnMbnN9tLT5DzOINof6j4yxQ6DW6expBvh6mK37HC25Udhoc0ayWZ
+206K/Ubn2Vh2VHPf/4PL7JzoPUnTt0fk1Pr8Aftp2B5YZIx4ySOC8SxIZqRtPTkC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTM/kzu
+t85TqPsdR1kC+5avsht0QDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBABcbdEdhJFXUoknlaKuji+HkhMNEGgCegJMqQmtA
+C0X6tRiX0AcjRvO/8rpozmXlQWjMfe9pCuZ/CHyLqbBpIcyWIGQR6wSJhC537U/R
+2XqJyaHoXNr6r6C3kaStVebeY71ZiSAiRngQq0xOsqrOeByTpX0pgPnvhFgYOUbz
+oMeZMD5MjlTdJMbYGeUKgA9xliIrMeYtGwXYM5MxALxzNwdLOIE9K1/VG+J6CVqJ
+MTnEI3+HhQV4cMZ13acpayczrYOXhBVX0Ej7GgC8TjEPypQHRrRKkTzWNn+D9LZp
+9HoZFlswjPQ1iGU36V8QZVRC77Cl3uS2Tq4FJNTOoVkBD+ypg8o6s3YIwqsEMWRK
+QlC3FiSFIel4eLD8r8sxG4C/ay44IHkg9K/LKmV15dynPhHPC/Ngo3T8WMW2v/ym
+tZrcJgqCywy3plDZjiU4nhFSe/bdPNFCLHzuR7+sIIb1AqtzMlaYkxLMMRpeEFSp
+nr4/jfNARzWQ39/WL/KYANEu7Iw/Pigzbvg9a9zYMbiBXsw/mt9BGr7tQ0fisCJI
+XmhJ2lAT6wi6u/OcQqcwgUDDSPc+XhYe5t1vVOhsCLCLKY06EewsZ9ZWwW0FIrCV
+V0UMzV+HNAbatiJETiSwqRBniOrGds6h7ZL1dnxNXIIqnVVdW6XcHROr9OUCNH8U
+ewSc
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQbJf3i9Mme54iJBBBNS/k+TANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODEyMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA4W9BKB9m+h+Y4DJQRD86c7oIRyrnkkUPVtjlv55uZZtt
+PIudTEAIQqf4Ntr22baq+MjKeok8Rj9Taq0PbrVYKl0520qNgv4KrwMuMIAXH+FK
+VH8n41/OT62TRwRx/cOLgFrJjUokOOlKHJD9grt6IFKPGodMzrosRwvNth2Bgn3Q
+s0TdlBFcanyKS4S7vqEaSyv8+l7coUk7M45LFbuc4ePpR1SHbTmz4RmVJTUj80PJ
+LCRJKdgo1eYj4PN8KbIo82sEPpGW671LSQ7g0NZCV2gJLCktFYJx6c50mpwjPPcC
+Y2XiDlRm02xDZI8S87PMO7y9zAN+qGHqTBGX2FGzw2ovCqyiacGFiJcBBRc3YsGa
+l6H6+mdyfrw0jqUiFRYgwBacTi/IiT0vafrjlmGoxg3fpr+Ay/mVpPbLqqMqe38i
+cUxEmAvM1430IE8nlOhoSu4VBgHceA9kKF5jH5oGxIB4LLDMsSZRd6C+VVg2BjR1
+yUsDbp6i7a/kffrCSGLdvk1dT1HS3cjWF1GPDsTH8i5XJz2B3SWnwzCLAhOYgZEI
+3FhbylvMvzC+dc6GGAZPLuzDHfVh3j/4YWlp8OKHcCleNvSqDOKs5tWbxnJ2Tau/
+InaNeyzNSxcEQNZ3YPMOEB5Xt/FX2a1AwNFFcXEen9ZoNOz5r7svkUec/OHIarkC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBT9CGNX
+298ygHtkFZVj139XTk9LRDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAGVAY4iy+P3kNCrFB1uEw+w+z6rhkgv0TUHpBc2m
+rSYJBvcOKHiN8c00P1HNiH/lCo/R+4KHYaC1Cw3C6isBsH9ZQAg5gpY2EW4obMhf
+8Ly+EPzKZz0KZMzKek8hl/4WyLnyDmlLp0HDLKsyHSeew1C08PHg1W7fTLUeirk7
+N8bA0YayqDuXh1AG9FYUazsr+PqcTfLWD/waOx5kd9Lf6lUmsPMbYYrCZXKCyWGC
+zi/GkD/rZDcppxa0A7kEjl4lwvqFafPRY+qJbfxqjQq/NN1vkppw4GsWfeIcW6c5
+LboEv7lWe/FfIzafgzrCJ3VqCsfb6tC/qpXmxCC7pFkPip07UfTIx3xiYJynAGa2
+ULgqvFWF19HZpwjgzZLXcCejMkqcpx8wGGtEwfrcedIUTH+XpAyp+Oi7TMrLHejU
+RAxOexldxOuOBf3Tbh2G7Kk9h665GCC5hHldzHmaiY1ObliZMkACHK88dBiuCPVx
+qUUAOWsXoOSlrS5c/UQg9wM4JQM9wuJYIoJQCYlrRwuAZPJrQayXsVaOuN15afPE
+nMXpZbUtDD4DXIVCGY/Ezjati1WVspg6DLUxtpMIu9Rt0ZSuXco9sVTKZFIP/6o7
+gdbBJOgTedqX41avVg0WSPHjGcntZSDR7ya8g7eYaqqbFdouTZzIn9Y3irGJbOsX
+b6PT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQK2670Rm5dlkZ14ShQdiitTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE4MDUwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDLPgEI2vC4xN5AoK5nFnjtRjiPdbVIDc1SPpy6+JfN
+t1a4Q59W6k/9XKgmFoUVql6XmmaMJkuqdlUjC0asQln4ZuztHo74ggp5OSjvZrbW
+qVe+qSt+Minhj4JUwKF0rMJeGctdSrMXwxlRFQmycV6Op29KQUcFz636+PxnSaEv
+E2kSciz2CJYpuG5ceaFTDAxts5juLEEwhv2LBVr4W8rz1xEwTFZaMSdPN5aOtncY
+R6HaNZ0VkEkEU5d3JYU5z8al1HG5Ebaie42Rgu+ePzuvg1y1muNcVrBPLQFl5d5m
+ycUtjCJ9W1wz8wQEZGOMQ/9CJI2EZxtL+ChROD5WQ4hJ6mmmdf5yJyxL50vIV9a9
+sHN3J+dhTISNQj+tQ0M0usBUTA0HWpl52mJElnbetuOnvD1dINS9dxglA60hWck+
+Y234VtZBBL6iidXg0y0nyx2TW7euW2xVe49cj1Xx2iwkBvDFAwz/GvZAbd0tk+UC
+8QH0YxDzfT1KA5Xexh3Y7EwRrcrs7y7MyOIrMp8V7xiyV4376UQnh3bQryMgKudB
+TsxUUlYZHxy3eQV0gdFm8EHA+89zHiGnb9EWS30iIANy9h/mCqtEiB7gbVH3yvA1
+tmYbrM6ES5r/PKSVpyfSzFYLD9ZaYMUe2ILtxZP8ofVuJK5ax2TqioJ0CFXTOMT8
+qwIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFH8Z
+aiTZNdvxs2FduEAvEmYHwbpaMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAaa1fk6B5Zf5kr/JrRRa7W9ncsy5eSF9WUBXy
+uyGnptInvN1fUYtrISIAdEgc7DYWYBtDmXm4nqtHf3n56iEuDi4YXQ7EuD9fW7l7
+yECPO3VMK3RqZdIB9fDCXpMsta2YAmZKi6CWkuGTOEM0uByJOBRjNz93wRTibw8b
+9frGNYmw10abseccEEKNYW+IOGPrI6ncZkHQd464Q3KVgRZwqA+BtCp9PZT+5soX
+EiPBv8gcWuQ8mnEGWDLwH9foHMCT4NGZLc4ZSA7VDCTxXRiTJ2ihSwwbtlAlka7j
+JxwtwsbBlUzyupm22BqjiA3fjDk1ge2UITOPpRe0bxjYdrP+WbsaMqZwvWxqJLR/
+aTaVTM4s92bjl4V0Yck1dV2Dk8dKUfdJQPreQ1fjnmcgPa+IsWas8Fwpqc8/t+U6
+KDQwXWLl8VPzBylaNBYVxaNpTjFn8U234sNiO6vOsKzNJHOL0xeprFTIHtrhE8i9
+bLdFBzk47RrF/dQ8JQeXS8dpckwpMFd2yTSFFKqhEjHC9sN3SinssW45pg40nIqs
+T6fGLpjTll2f1sLTujB8wz24FkK+D/mjiWAKJbac0/v8pDhqBkAmyewAJnUTfLY1
+O8a4qPgTjzt/068OAhiZ1xtvZLMIgMuRXuB9ynDWhVBhxh33/wS4D4aVX24+4lq7
+AywdH4g=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQHj0ILv/2dUc3lvufVLta5TANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODA1MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEArT/8OMQYgVmEWcprYF16Y98VO7eGE2IF338YVTzlEpRP
+8RxGk60KkQCM1UOOEDjOAI22YA/B4khZTwCSJCIcG8qOzdvnsf9yt/+8MO6212rf
+WA2uyYQTPe2MXRTpLZ1icj9imPy/K/y4C2CGm80rs6XVwSyRRCNHIRIm12WIRkcd
+bWm2e/hnWoHQL8rBhJmdOXSCnZIAlqtmQlJYgGWJhysYIcUAj69aJKEglDM9GCHN
+2AeAbi0JEafa5kAza4wH6LnA8ZJ9DQYf93P0Fi8hBPft45HiXC0KBpNUFWzcUH5R
+HUN61XF3v0dqrlHaYcM9jBFMXxGioO9Mh4dpYjBtm1UKFJcpoe77XcGYE+q2n/gG
+/xejhMhKWywyM+sCZWYkfqZKZT7eKZ0TURTcFllUibgE9ooy/iwSNKTo+VXqtv87
+mnQCeKmkwiUXuHo4qFVtR3E0ln2i4a73MlFZup8dMxJ1THFEH8R66DWCnTe4ArGB
+hz6NVHy9HHaQloMuZUnrLK1YRe0W87ohaNjDImjiNO+vKMMWHQfdJLOXh/v9MsIq
+t1rus3gJbuBjgE0gPyqQI2ndruFLuzrvPV+311h4dnY44MvHEvgmgIrPlF/wDwic
+EEziWJNOoT0rCHeB8nLY3LeYeqOEbWXvLBzDo04dzfJY3kgB71o2NdCXs4SZWTcC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSkMAbb
+eRjKGSePRIW5DQb8loRvoTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBADy1IxGKAOGRGXjSJK3GLTmeZAS/y88RJHdae/DP
+/XVq82xT1aeW40r0N8RBwJrKCTcqN5zpznQJFJTrr31zMYzD+v3hjKDWjEM35jVh
+S7tMl8eafj0QwgmzFooFN2O0Ml2gkTuwV2nj5ad6yTpJGmwh5mXce+zrkVWdz9Iq
+OdXrJeHuxongnluN01x/CuAgt8dAZGGscyeczZT02Mk+fRuVqBzeObtgR9riAgyy
+jurEF617TusH+G1aHi98G4Hg2aJTFEvKT3HWItQxoVaMPotU4zbsF5Xb8yHFiORn
+bshQuIf6JVB0arLo2EVTOhuoiE2sTiobm71PEK9l6Vwz33n56B3NdACFVFQc3mc6
+U9LbytKjW58kS1VmnuhyfA9/OFaAW0mDd4b1qBJwMSTAGTs3bydmqydjMq6rttu7
+6ACx0vx3Alyc+cVV8VYlms+EB+ilfhJxuEf8qTQbjshqkpIkiLulT3UJssVTeUCA
+MHs1nf+HJhz594TGQzvsfwek8YcC8ZP5OkTElKcFI2P/FUpt7IVjFCElE2EptJWW
+ROSn51zMR7KxJ7GzvKSSm4Zq52Q50PgdaSR4LFAnNQQ7m86HU5PKuOqmamaQchOg
+keQnsLcU8WrKzLLU+iqKM8RN0FdHl/E41EKG4XKB//svKJDESOWVfhhs9RGj+CjF
+P8d6
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQYrKuQ7P1LD6Ws9Jfq+/F4DANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE4MDMwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDCogcNtGqome2CGDpnjJJdR3R/kLyzLNHD14it9q5p
+WmrnV0woXE0U9RkT8iqNsYa5bpLeFUPihoX3m/mHkc7e6eKWRmj9NJBGLj9X5r6/
+ZByu4jPVpsSTI4BMAVR+5Ohan2/B5i1VkRZNxHcpmmFTjFUEvhNybaIHfTPud5KT
+suHtYAmQOVNHx5yzEMwIP6pguyw98yILEbxNrbBIRTchZpwUTwROBzBivAj68bMe
+vlGV67eKJX1igt/wg4QC3jj7kWtB96v4NrP4NFFX8GBTGimlLhIi+tLZxWK8SZkd
+8/Bp170XqrsRo3sG9abXdXIhPUjMFM6rMduBhKDgoaqPuyYL4pd+XMJSg24hPQGX
+w6QGGmj07hLotTwK7d8oLwbI6z/VnYtluR+dqEMKv7rwVunXlVwqc8l34Cx5Tl2s
+JZFmg/6CMb2i2DJwFOAM0zdkamJFIAJpo41oQOEZPs5W3WJdVTkI0m/+voMN6TmA
+2Tj/N5fheAWsc6MzXCx9XtFbPWSR8JFqzg8g2a8/gBd3gQqhehode+uPJvm2CSrV
+vEKoZVfg8caWylIS5uwy2Qt4Agh/N/j5zobt+AfEp5s+w3nfCw/HOyjUZKheITk4
+7njQVZ53gYrEpXgCunuBVzrSdz2gaipl4DpODMe5gZVCi/MYU63CRmHX6K0z1b5W
+3QIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFMSM
+iqkg3RgLuzhkIeR+BgH0gzTDMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAS4PrnfM4i1PnbebpO2nZqDCmanO6AVjD9Ru8
+Nq/uiZ95k9iD8G2islqfgvAEbH7w8mVPNTqpZNhLTtpc/Uw3lMfZPiUbuDKssBXD
+Sl3D6y1mSP4ayUCLQcF3mnMhT7P4esyR5FZwy0G7UTijfnygV7FOEDKHXXkTljiJ
+Ak6zb6ilRB28hwIcC7wi1YnLuE/1RG5vnTFgbHcqG0tu0yAcsszdZNFLgvxn7C6T
+wTOPbcgUQJGQ9nMd4ZWa62FTcRKmzQ6JK3JAcDFPiYZFrs/oYK9mN0fS2VERTY2E
+lM4ulsLEJr7GJ4kLjOPVSsUx4JcQ0y4KRabs9HewgpegROUtjpxIlcaADQltwIZ8
+Sds984bL+zzAOL7j7MHFWUTeJIj2LzNYoSPGVvyOEBEQUBkylMpqJ0H4froKbiiR
+TdusDb0AIBtJ/MO5H1zDhl33IbxkBsLcReHX616fj+WSPcfZhzz2vEK8WXtP/26T
+eQx0l3PYAc/tV4Yt7/WQuzTcHIaLlkeTMFilCYtsIrXWIwf+m+wUSvh2LI8RVqX1
+dRGEhHE6kPHNzvkTlL3GStfdTkWSyMgNDN9YUf8mjvIrLI7FadjjNB284d+v3HDk
+K+Vk24rmvKGHpNXfoDGEFz2Ln1IW9KFroFAjCqdYd1GwXRznIQDWdzcLhYtdCLOZ
+7GZ1h8s=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQHQ4LD4nZG2JuzFTheUiKnDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE4MDQwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCnFoNtfg9rUzsG+Rem6MfZ8pvH37CoAZkHgfyGKKXP
+MbM29dqt40kLax8BZpVEhDLJe5vf/7UtmZ/CeTYXKuSSK51w8uxe84KYNedjEQk3
+2aJ7EaSu9zB7UOUe43TQ9n8HNNvoPEG6ZoueG9rFgJtu4kGyS30WThHy5xPEpGYv
+aviukA06ocIuJkOPV3Jdzm2UYd9gc2vFoLSnAKy7fWbWvE9IY/LQwwW+jzkqjf75
+VLe+yMUg1eMnxAfZsYQm+CeXx+5FgtUujBph2KmjIg85I4/Vwn6RfZ9WqU323h2V
+6TaWqO+UEOby5TUDaobQ3YWMLotfMXkMowZTnxGpQJx87lNndeG0fB8ihQf9bUwB
+Hp+frCoQpVtW6t/kUWX4HQcmPvW5p0hP4mnCp5VK7vhXVGuCToHRg5nfJi2ycdoW
+72qobLjnu2zruZhZJdOfqQRJBrk3aRRMHkDyFdrKskha+13jzMHLTuSf+p80ycOj
+jmYZOlV9xByMz6DrzQbLG8LoQfVlIaTNu2Hzui9sBfQyxwPV3oysBskWoTZ0JEvT
+XqMQRgMyuB8qLoKW++/vW1paAbxmkhY8rGJMZ50aVfHkrzQWIY3MMWfD9RfUPHpL
+dl8pvYDKGFo4MFrOAAyODwCbD+4db0lIS0J8z3AbJzno2oMQxSywSRs0lC2op7lX
+5QIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFIhu
+6wGZI/GW/l+PD/6w8NZtvzO6MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAbIxhiNgmFup1BFlrmkjGlTAQz7IqpvY2eaTg
+QyRWdosxYVhAFiibTFyod4Xe7tAP4+4uYZxUwbee0UUdQLs1Ed4WMMdZro6q1VPM
+P2FzQQyQnCqM/FHmFiKAqpgmg3IDYLjbzH0Gx14Cjugnxg1ln5U9JEPYOoKUJjjO
+ywaokuTuPP6DdG6Z3TAIS3PtbM/Rl8gsOchvVaWYtT+NqAjfDdQmXuObl/qIgWQ/
+FjTl09fNe+z9m29/c2swOPuOSA1DxzeXNyvkXncN52gdgmmvYHjCLqnE9W/S4iNQ
+xqFAP6mxs5DdYrv+D9+xh+Ri5e5dAJoGzK+YqACZijGqZEGqPrnWIUz/TTtNAGWO
+p7afIbRxzwa7z9VN+ymhvjJCaCbopJhDb/MPeHJp4+sDvPIY9qCQFlORW5I/I3bz
+4bXOx8auSODQ35Z2/4eQyJIMVxnADtjQdcPCLD0KZUXITknte9Bv7v1lQdSotnJ0
+1SVAWBA61lWlEmq31moDlxtYojQ879EQrZMQZVjKzCMg4iVLylVg3oUvOAdRDz+h
+um95huLQVF/aLzChsMtaBFibG5nwek5bu1+l3ox1/Ni1sNMb60UHB0nAnIR7uDES
+dtXdq7/rW4MBe0aSon/4ZEvuSMvTU13CXVi7vVVYEWt2sALtoFp7HceR/SRDqdiB
+dQLmVkY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQefPuFWnF7CRiIwiAJDIiwzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODA2MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAlaODjXXTB0UNJXDboTU0ARizbPGut94TEkWSsLBP7FYL
+tvyvhZkIr7j+i0x8q3gWFfG8WNH+aOYBwNMfg6+wxCy3xkPBrw1BygVFXvFuPQc0
+t2qeV44Y43YY++azJEB5oJQiEFomcca+iBs6FnXOJaabaPJPtzGiYaSbbelQ4hdZ
+B7Pa4C0dnAofp0ZE0dEKXhVz4xCS/KEf8Cxx69E18wNuTaqPUBGnEaUFlvMoIkT0
+o8tBPGWcCHc0RrgsxyjU6E9GRPIKbX0SAxFihW8DMfpLrkXTXZiQxiWmfXCo+i9s
+9AVex/DXVpp3lWiH4PqjV+HQsHhQh77X6VHLwr0qT13BPTMiQyLjNzW7+GPyJ1kB
+DIdRRmHUNKC2U4uwj8CwdW/n3kOPj1Iv+iVwOHE/rizOUUpH4nguvIPwxnqr5qWt
+GsrN5yta7AqWsBQollNPaTjREjQyD/HF7ndVllnMPFlujVWUQXG0SEYSuT25vu/t
+Yv53ccwb9Osv1kmgUvR/hKNP5VAzlw9uqa5xUCB8zXtvbEIVnaG2FWYLXJBFmPB5
+wP8GQbDDGIolYeZbl5Ipsgqm3lgDcPX5pAAq8R+IDyUdz3IZUOFeT/jXboKeh2Lm
+MeLG6dbqBqOfDoDZ1I31ZmGRcC8vKntimE0LH77jeWaNfEBnCX8PzSvz/E6hW1MC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQjxR5u
+jHvf+FI8VAHbfqMEjvL7ODAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAJXUx8I4DUavs7DiriC1Pp7/53APXLs+8YwBUS6q
+VomBBsD+YTGOOj0ryO/pjaUxY3fcl5L5mcYKE6CXEd7wQvnh5NuxxQJmbMtXTc3c
+td6tV5HNxJsFrfl50EzklJ24eW81mUHHVMgSA/NhESshukRo11pd4rdPOGv4lVj9
+nVD8mG45maejxwlx5adifMs4CdVAmD5Z2kTIMFcZPa57LQhur2hSpsofgtSrMiKv
+W1kksti4b7MbVbQTjkI79wD7+FP6IKUZQAluu3yk+9YYyVzkMC22izWHLue0JYfL
+C1eonL+YTcaC//xKRSW5FOrspKN6wZCiVOpfco3IH/U6e2E3xJ6GUTY46ASdP4ws
+tFDcybkvc8Q364xmJ4RAh5qfrwQ1dKsblWLKPQ6lmTPWD09J3hEM58C0UQ2lRPl8
+bkc8wY8yyaalQ5VSSZ0BjqN3aRQVQHCyjkgOilzqFf5kHsnCvgPuNG629xWroOkH
+4lXmfzFUeJDAP20v3yMAs03b/4Y6yHu5iQlLYnD8+KCgZ/RiDA4Bmwv4skNCJpfI
+yZTiC/dCXkgwKenoERLtHAqkII+tREOghmGzY8F2GtTfzfVm0YNGRlQUH0XOnD1n
+NAwVPdH5/aSfMrI5/0U6tDd3P2olVzu7ula7r5Oz/1WWIFhNemyh9I9AanPsdGxA
+pZQD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQESBuuxYRg/FlcLlC60CdajANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODEwMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA8nvtl7Deap3Z/Me5h56tLxJ83L61C0Q5kYYZYXvQoM/v
+HKX1bitzn/hinDgtrQ62pFYZfLocF5f49on76CFUWDMr8oxkWfZ/4T6gu8rGN5KY
+afVpL1qlxshxsTygCDFmazmrkJ08hqmLPwDED/eoNe6wfTsQBpmJGfq5pZthu+IZ
++B1zV2g2YY7XDxpnaO4G80pWELciDSXM+z3RbMzfCVUUzyJ3tzxJyr+q+dmvZIHL
+KavTEc4q7FG+kGCBl9TVCj+Mnrs3Nt36uzI71I/B2TRwYGiUaH584e+MgaRjRpau
+5ygGby0r5/b56IvFiM6RV9QEPtmHGYwVnYZXZ+yZMZDu3ZUkFyAIFJx9D8gQSR9I
+ustGRptXlc5jlIcHWS98BN4Pas3+nqvt7EsqQ2t8Rwt6Y/rgL75wVpcf2kgdpJ/k
+xCKMt9sVsSBz3DaD7NuLWZZ8vM2T+u9FB+U3bbUzPnEPonX5Rz3zF9/4cumOIzC1
+cnaYbBR2sm4AmKqnaBYkK3vRHo6aTWcRoxBFOFMIRssZBidWSAxQj+Nvq6pcHXGN
+d26nCfk1Z8OChb2fK9EYaqwaTy9RUU309Vdw92QzCxny6T6gQqPLa9zpX7H7HD23
+Bp4QAqeSQ5Jf0epNbHn98Up5BVTKvmCi2lqucEZdsjRURnsZZEmfh1XuzuNuAUUC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTu2Vb+
+EzOEDWHzOq4lDAGsj7PhxjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAAbAN96JQSUQgxs3oZVoJIo39fxfMmUw39ZqYUds
+BGGkVA+CVz+WgSHcKhljYHwvUP8ijvbWEbCSD+hjchY4vE15OMz2by77b3RaCljg
+QwAvywY99E/ZR3Z4TY0BOLAppqla4V2UnE8OfKjgaphuP6Bzq+4YliZzpeChcOC8
+0+5mxoNa17pkv3p4nevyXvBrfLQA04jHX+7WpuO8mIEYU4L4T+ZbKT9a9oiTWZbM
+X/CHrZTAQJyPO2gpWe9TFp2YQKE4XRtpjBHqQnbeKChefzLbXRijsT2jUE1ZN6be
+Tjzg8M/rqneeq8hrJ7F1U14yjBOFhIbrOXrXky9Vl9mjLL05dOWXX4MBzAUryMz4
+Ln35Slx49axpCGXE9ul1UJNm5Pl/79BIsJ36N6afDn6gN0PkVedxI1/AIBPFv+Ao
+C4FjuDbdl9uuKqeshEIXlMN2izQhZ3HhV4tJ0w+oXhHJQtRChyEuz/Y4CsYTycUD
+tdBMTvFLVUpNQnoOMxdEC7XsrXMjeVA5jsYRAS5GOd8Fh7jZzIFMTenmOOMWwvxv
+P4t6PqMiaqFhzA5rf2dmVV1mCMNAlZo5k09SQ07V1wdo46wCppsIhIHobW+qdoy0
+trpZ8mGJEKhHVdbtgj4aGU1H8VO1TCOQK0SDgfOZEpDXeAVRLG+OP7PQvvDOd8Uh
+UOXe
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQZaWki3nV2iKbGpAkhkanRDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODAyMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA6gJDsq9U589KcPUMhGAFTjNyT3ycskIHGuUYdvDM5wOq
+u0I18d5HasGci2HWq+NZexVz64cGef9Ha5DRz2RVabl/bOxv5ITzIhdbHt6vRyjK
+8IEFkp0uVrns8cQm6bn9D/ZF4URiiB18iR2XyvRsbhvOcOiaGy5vniMU4FE4rNPP
+AdJqzKRkwJvscrkPT6m0VPPS0oVSQvOXY9yu7VTc3j3GNQrNKL0UW26iuJnJ5O31
+8DXTRlX5Vd+CNW+aq2L971t5Sfp+nOg55fhfofOgLIj+kCH0bUwKD9rdMcJZVeXm
+86mNZyOW6ta96Oq2VL+PUKXyqMCqbNaNHsZmbdyFlxLQwBQNIcgxJ9ALOdplFWck
+o9tlnGszlC8qF7PyVTJmxbZNVTeCWr1hZUi2ZwcJ9FH6AZU74sC62tYH/NFl2Tzp
+/hkbv1S+0HdQ9QhcN9dXpvfEezooliaqZ8OuCvu7kw9DrdFe3NigcEK0AdY8scsW
+yIf5n8qvm9hS2Lv+BSslq2e67e3+jiCMP2KaLsmfp1K8kgp11sV2kaSZ5ls/drdK
+33hZ0P58vDZ6425erquzpaoW4VwYs51PWOKzFtPvc7xjSggt5+eUYu68YMCqpX/N
+CMej3RfIpkB/Q1uLvbUG+fRJVSQzDGM0w+wLyO3A+IiwPYr/NQvIVZQkc17/WVMC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRHUGRE
+5eDPiZwPi8Mttb61id29dDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAHU188B9yX1bnUE5TDhDzH5xPjteG9Y1o5xUpEIm
+Ki0921Z+6Xej57Ls64htwY7pqR81k9hiFfLJERgo37vb+T1Tjwg7IuyWVJjALv8/
+NkcwCR4cXsPa+q1Khozzm+Jl5nn1JS0QDMgMyXg48H2VnFrRUAJX1dsBrZZsvzmi
+ER3TDGAAxRxHigVXSPsn9mfwfMQ2tWmyLPDDw7yVbxLnjTLgmjzFUsuG2GxyEzjH
+3Ks2QhkM6NEHHY4Qqo0lN+1cCmnsqtG+2hAxgNgZQq3aFSyiboJS+ovJ4a099HU8
+jYyQrD1Dt0e6m0uh0F/SFdUNrYCCViOWsdb+yBJT3Iaqr+29Wp6+1wLgLDR7SqPW
+nZX125bsT2jDmtl85jjw3kGVY1BjLMnZ42UR3kvam1XAQIgtXKR29e0GdshFKemc
++A/MpsZB1h4KXcb7J9LDFQKSb6pwDlU3YOvgpib2cZ0CzMPl2SOadZ4+QJHakr2o
+zfOzRUUbuwwwDNoXtkliDjNQbzfohCFtg8yodUjU5Lm8utD9dfrx0TNu7/YsC9iR
+pO4t7dTydL9wGIfiMFVzFbSEy9u6bJQkFVZlqfPuAdA6p11PwkR0b+4I4alu6nQJ
+Z9Y6WYSt5Az5Lbawv8x55V1bG83UDkCKe9NQnA6ahhpifhC/KzBDAcdc4ZksDZFK
+zcTC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQY3cNEmBXWJa7Np1gL4vFYTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODE3MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAv37lGjz0wGMVsL5YqyKPDDzdYAsbXFVCz1Db6v/mhj3B
++naq1tvDzM5cd/wSie3aIj5W3DTiFPGNm537YQMWdRjf9i1CacdbBSM8LtTIJ75i
+4keSwj//jAxioFIOgBXBUFZg+cvAhrYbkUvw2qLHWNrIBZo7kn/RA7B7Sazw+q5e
+/qf+0vVuY4eqjwVVGfG/0/nW50rpD4t7vzrQs/6+Pb+vidXl/m5rvGvuvQgLWNrm
+ykBoonktifIWSckgCQHC1hwilNI9wtrWjZmrQvoCbZSqyJtNhDmiVV4a8nN97WNs
+wim3pqHfBolZ2vjpkDQgGMJDbWYIceA4IX2pfW61ZZxonZuQX3Cl9j9Sm598Z//Y
+C28EhSQrcGEBaCMr4OZmNowYGk8XrhnA4/HC9UpmeHZNQmLatHIM/JUY3YrYRypE
+bi1vP5/HdtoanSUXWqwVMu1NSFkGZrGHdEzLFgqCj/xYQ2433gf98SPXs949Bkw9
+rhdtp0/a73Q+cCFlWDePLDoiXvCgJrr2TxiX3VXwF4GGjj2Wm0Oq2/00ktw/nt1a
+tmw9XA09gQO54T6g5lUKAlcoMJj/Ejx2Rz8xv5vxu+S2N+O39Vv+cXV7AzlDhjAZ
+fx7BHvj0Pq/jqMNOWa38Za1VNfTYcAlbv6jQ0/re5tn1yqvPRMPC7X534Qp8bnsC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBR13Km0
+JMD3uLNl2ljM8dmQIjwOajAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBABubOaHQVOmZRsdgVUBLB1S5yn2QTRBxK9jB2az8
+x8r/fWZAtPxrATV+Aom8+NKoekxU9EKmkXMuqLAsByT8xp6YNB7mxwIqKT04DVFJ
+tnEP38um/K3Xp+WH76dr1GJpCf0cSYoJNhUdd6jiUWeCPQvUAz0n2E6FymbeN6fX
+EB04X2l+OBN73YY1zUI+28lcHX7SoUOO5LEPEgGaOuwfUr8YTOKCXdW8wkG7JdhS
+dsFaRtwXWDoAXYHrxN1S2lEUi8F0jfhQJGOjSu7XOJh18gbMjTlEd4f7RovuOkbq
+HOZHCeZOBNuihQqasaPui+YouwSelgqt1eLtW5uDvRXsY7bs6MhK5X6p1T3gw+mV
+Fg4Y2qATCarJsmyu1ZuKHeJj6fN/c7clFJEy1KKnEOmsBKuGRyG1osHPQRvj4kII
+Q3XmotqmBaHIth683+p0LdaEvW7lvD8TxcrDrz3y7VngGY2iGFyM+jXvaFLb7CKC
+OEcg+EulDwpxdMW7PGQ8hUglReaNdeeP8ESP1sMOidX3l2pqf5zvehFd5IyMYS9s
+ipUpA7iQG0SvOLCx6j8g8Z64/16u+njxTfe5tcXpGt2FuXinI0/BqX42v+t9Oldg
+nwqf6IKEVWnAhoZN9ij+auETL4PyBx3xc/3Z5ymfWUHfzb9kogK45L9YG7/Cp8AI
+qiv+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQByhegEIrjyhCRL87/UvuojANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODA3MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAtUYOqUJNoAPB93mKE4w9TQFvNzAFo1t0WgF3ReJ0QFuc
+9H0o2nDlDOLt4c1ajAj1TPe9/n1XBnHigbdaI043IwUKQYV0FpqywG5UNyBN0PKR
+rEgL+08ULPLJmBuA7I95Vlj41bPVAs9JghXolsNcmS94CkJLvFPWuhyPeCMiswUW
+Er80rlIOfbnvF7SfgZHp2TKzrDfmIEhAEOZnBWu3ZWK1xuUtbSq1YJ8qGkYuawkp
+aiUzw7ECMlLeGPDBVSJmZOHzIPpLlVFcThySrwpu9IBvhhY/TJ5nsnS59wpAkctN
+k2+ARDnSp05aX3hREwZgjj768W9fwtpDOdqGW3iyze1OXfIyIIbmE5ADBV1Dh9ht
+qCZu5lmFCsW0xLYiTY77uop/YJkMeeaV+UrXja5by1iOJ1xYUQEHC8T6fW3E8r50
+MWo6p11Ypq9xiG5hkCdUQdNkg0BsW2FHksXPyopdTUc3ao5BBGChCU0PYhPHFh5f
+RO0XESill9D464+ZDQNPgnOTWDjK1FN9hLUzdZHZQg8GF9qI/SvS125AWWKY4etT
+M0Gikj4oBzSVjrqwZ25nXH4F+cs9iH++45wBYVYtwUIEb1Dh1q6UjP9X7Jic7Pah
+kDFhYOSLjBjF9xwZNNsh4a6AaNrXmRzgnTSyacaS8gI9x3M5cge9EQRc4w+ES4cC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRpPVki
+0vJT2EG6tAh13r/fCK4nHTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAFpcqh0/E0QJRu+aTY/m3Jd9ryCOuKJ7JsE4CMcy
+97UCcBaek3d+4LRw6zRZxVdYz7KI9fgawXCRSFsPfEN2SaCe++fLB94S1WDg3oTn
+RHSx/lxU7LsKn8guVUcR8Kan4MgBuEOUry5+0OWxgi/+0pHHUbj5DouTT53YmlqS
+LbCdJlpY49Lv8LOqyQ4gd634fPIc9onur0Tt0APW8csP6jM4HrGystI/ys1ejSd4
+KSGAs1s1Nns4rn+k3TBiwnPeflbwtJGkUD6r+1PQ+9A+Y5/S5BZasQUPRhKD5UiD
+g/EFN114NliXqVBCDmzNF3ewlYG9Cxi8aykqys+3HPUZ+26wHGQ1L7o7yR+G5qQH
+VqOdf7dd+q+0zJ95iJD7JoZYFdvVWiAehBPtm7QAHYlQ3DguqbBGPsOkEI5FVHSK
+NKSxrBXhVJ3MhzIZNdzE6iqCIbk0a7wuLsINTOVtQKUzQRS8CNl/81E0odLayJdn
+AfvD9MBGcqVGk1xvn2DysQ0zTz2FbBz1OpT/WbDkL9XfWLRw+zpVLz3B0dn6XEdQ
+MTxdHah50DCqZmNc1yt5hvGkbGGdoA/j0U3AYh/9NGFvtxSLwzn9lmJxeAAMlCmD
+eJCKv9QAd2E255s3WmXVjF5pURMznTr5sZPedRpaZQk/HR5sY7oqXWnlPumIIVhI
+zQlb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQJAM72cHZ9aPMuVIUtrMyNDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODE1MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAiiFnoZ4KzK19mtN1zyvbEs++BPhNJoyIPPpXNHXgR9OR
+op0pggMV0GOdd0XWaK5bPbZxUQnz/OyDu6SnnM/87tjPD3H1ffFvV/ri10O80nFu
+s28GuslM/9Ne8XTHoXzuS4xF4WATUaVM8MFBDiSuqMdSvFe493iFTAuyZwseBN8P
+RFRboPvx8Uvt9oT/AMBpDDUozI6zkAUsvsOX+ia0K2b0ETwI/yOUKKycTltDPhVy
+QXbZxuz0dMN33x+DKW82dkb3OzFiAtmpGWv1YXosHpzlVjGBLN6C0tWXFKdnnxWP
+vQA226a5c7HAakoKRahgwpkubf6B6Pms+nDcRpy2Sm+bS9snrU8V5rojLSP5FJuG
+BiEnYolzRbxbdhivTgK5stkLtpwaOv0zoHA/S6LLUXKPuzGb6sMXEx8SQgEQozDS
+rDQ9XlOYs0o03Dj1NUTuN7V5H3Us5WnrWiK4mU/Qurrk+MkL5zWdNmJSFWfAMAkC
+VhUdAgqo5U4EJ4ebWBeM4nMu9lB6vPb8zdimZSaYuOqf2NtGOeAMkCUBDOqXTEYd
+oJN8Ng3Ca+uAY8UoUfB+D73E+HRG67Pk1pbw9t+Ex9cGQO7veZfw04KEvkA7R8lb
+LEJnYQ3YY6W807rig6xd39czU/28Odq01+yl9oWJl4RiyNbGrBAgXGZOEIwq2v8C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQ9Jnu6
+T3Ui+1ZC8J/Vp1BMRgzarjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAC7w7/vnH5yivDE1VKyX0tAsY0E3gGGC+ruQVwI7
+99dQA8A3sxuLODVn88C96qt0hNJUXmfe0Wu5/LdxoB3WiFmos9xDwltcgKKwwCYZ
+VPsRkfWk2MsOna1j6u0jr7eQ9EU3ALqy2IancokdqtL4+Ju/ul03eeOwxxhazvfP
+p+9lZh9jXRJIcoKdm2nbqualrXAThjtUtD//FoAx8uylDPEg9Ilk1ec4/371t5IM
+NA0zm/vangijAle0yOrhqRK73/RoJFgTf/rsAvU7y5I5+bgHtLL8o3yWhmT8949V
+3fR6Re6rvOes6Czee5pP6GEvbvD3VCjGZ2BfLCcCrZv/IWYNXNqVsYkgG5Cm1UHJ
+GEHEigJqOaPrGd8vaqu15l7qNMp+bwRL8uCV7oCiXUKpajCCfK0+T9pq0yBucedp
+fesKzqjqJjhfftn5Ju2yEpOu2QLM2J2DAqTbZuXUqpcxsUrRhI9Wv+CzWuZas1b4
+PpLD2vmaOVCHEgvFU5RR4X1xcO1AtEwUvdjZgGgpXRBMYlmNGh/d0DU/n626MJWH
+4udUAchUYDbL3bKs874L3IlU9N88PeXv0Qm1qY8MiSB5x1MC9xQkezpP6WoqiDOz
+k4pfdD0CbYI/iAw5RCoocvZ3PTz4WdEdHEP9oTD/+mZqbBPgZd5aYMKG75j1kjeq
+ETmz
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQNAfThzxbv8HvJT/MMGVKTDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODA0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAv/X1gJb7SA09We/eVAoE3V7v9wMvMKvDfWE8BtKDtogf
+hlEkZCXeKYGuqsT1duDwd2N891uR6MupnE2XFx/zmexbjkhDaR1tsNYDHU600o2W
+ebssOdIwXrGf8726IuDfknuQvXUuAAd6eRcAfdk40wSIfmmCkMCXYC9SfjqfEfJd
+KTPVSA39emnMsh5wo5W7AIk8oVRIF0ePxHmvBxl+UccDSxIjl0261Db2p1ul0+Yr
+UatUlWsGJwAoZgkxFHsmpLzuEVDW9ib/JlhqhreqQOwY0isJzql6XXyyRby9V9AW
+Pd0V0+jD5vbl8e8tzLhEE6gxjiHihSGHOmyxConWjd1CLQ6VS+GoukHBxNjf02wl
+d3uYH7+jSyaI2eBDu1iZalld/pS0i6LWpcmJYx7Csw4s35TWKD3WepyFtgfj5vgu
+2Rw+eESYceuwcELTjpwYkCkqn7K5uZ7/wGt0leIt15a+1ruPsS11eIAVeOHMYeMM
+McC2L0DrERG/Skj166MvBEuyO/PmlzcuMr1ZP5Yd7gyAP3/8VUxE5hp7YUyR/AML
+bstOLYPdDVdNfc2bDRFzxvK53G8vcE3VP+Z4P54mf1UYMBx29gNTponS2cOXg/ZN
+DCl2rYvNto0Um+ERIaSdDOqwROSrMgqNZ/Pkju0CAIj8JLEhj0tFa2e3/IS+5j0C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSQgA8l
+vIpORZ3HY/pP/Z4luOa42TAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAIcJjQ9r/c5/rooXNNqAgPA2ecyDz/K/mcb6XsTl
+ZisYm+JHb/xy4wEI/HfP8GtPnDqyHmkLbUWUKxeeL6DiDIfh8UP/Yy2T4qFxlaEo
+MlTtTLmYK9qY0dARX8F0VY+lL2r6jvURknQHlXoLb4Am0Y0NyQ0osxkM5yMt2hAY
++2rF1+yycS8/LPLZDbO5tCYXcYYs5hPpE+QnTkEgMD1NM25Jjs2gjfUeA1zsh4K1
+R4chM1to9cOqKH2EMIiIqJObPiX5r0/W3nZhrpONiydc29juNgn5XD9+m+IELL7G
+ByJCRyKrlOBCvMfG7sE/5uMJ5eWJsG7LOiYr2GqdXRD3z7vnJ1D2PwzKhgTB5jo/
+3m/JzmgteZSEO+dlgC2ONr0XXochuO8trsPEB84fpDjI8j2h0k/h/210anmJotr0
+0A85726nmU5VNX/JluZjGAExYjFN1x4f/1TNvH90OqpYWaaX/eSQZcEkP8U0fS5S
+xDAXLJ7Owve7p+3KvVtb5d19QUhgT9gKy71gtS7I7OIuDaWsl1NzwGF8raFtTqPd
+AxDYUF6EvQTtiEk5JOacV+eWJYdqAR3cM5Nkl/J35cN238zwmCG+goJdH+cRWoSq
+dHxLUPkE8YjqiFzYMuvXMnbkt+8Xdee7/9MvoCQezrlMTumzdykeCTTjzqoGlJxV
+pU3C
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQHuWj0XilBq3bgPmnKsr1KTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODAxMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEArGKKopMj5Gs+buliJvSjk704TTJWKTfgWjLwQqdfu60L
+Mb4gx3uZ2wHwIggRmdbLXVi9YLnp8GoUk6CnjqNLargL/hPY0Xxjw1G0B7Oetrdu
+p1PKvFfwIpQwmxI/w2mqhSM64nlvi8apYDB+MMDl0BFG+TwrDnlhORx0O+1sq52h
+syOnmSXuuLjCICLOI5uj5KxmlfonWSP0LaibqLW6ErOg4Bum+ldeUQykUykDDIgm
+Sr5bYclIwnvnUi7kkWFLCt3sCfaEshUQWq+fDr6nIW3vw/stkN1J+w4K7sxexk2C
+Ot2GRGZZtVHwMVJOL1LrMRL1jO8eZWA3cpdOMITUt2ztZcmg6+URu/wwwHV6tZcS
+wGN3IzYhryYSfMUsNdsAPPIvIavGCiYSQY0ruXC2Slo0Y+ClUAH9PmtgetcOE6zL
+0S0QuqHbgYQ5h10J7O4J3rG1abRwonDKB7W9LHoW7BD3ebwMpCqzRZpN9ky4ZVoZ
+yr+mO3HGViQN/nUaAFCud9ckxH4NchHz38G164G9JaheM9JuMKJRcpbqAmedugOS
+BkOdYDRaHNowwFZpS53eAZuzWNFDskxce3tTqlyFRlqA5duuxod3eW0WPhFRSdFS
+C7IGNSqRZvYbExRDMTJbOleZlW8Js6NAA7BKbMgw/CTju+EN3EU/RNJPdoYfl/EC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBT2fU2J
+PEMlnXAmDodKqpgqTJcYSzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBABrHDR1LPNA4WV3xB466FOR9zkG5lwr/UBSts7Ng
+gJUOH/WtQTkzmHDnkTG0blZRf13nqnVBmnvVHO5+ush0Tvw0CJu7bomUn6hCRCwY
+HnQ8i1uelLaCYa8Pn3Ye6xOsaPoxjOKQGz68qoR6zGKKbamHpobYdQmlsBIXaiYd
+IVNAxdx5zArw/akpzhfYUWzgds4A3cRue/YfRtUwyeUHJt9f9M5u1T0av1w8fSF0
+zTLeJLJUsnY1AJu1eBOo15Mm1Xu+2vnofzbyIEJ0KlDdciY1/i48v+dErNSvR5nB
+vW/9eOCPTa13K5Eir0VxAvew3xQrmf+ivLZ6JtUWVfpUixCM09zoE2Uq5KkC5aAZ
+3hSm+Kfk5dmbCiaClKufoC+oV/XtedCDkDvuU67rSXdif2nyG/Gijcct6Om6iHkr
+lQCBcga02Nci7Fj2IQ57jpAfswM53aCxh6HGfS8tMWRPi6ey3knC7uxh/yIkJnxw
+HOHbsgiZPAZ+mcva0S6r020NIBI/x+4ck6elqUKsJaHVPkOWZtwrbnpeM68PGk2Y
+qDdYqh7Nag7X1tusGId0e/hL8IUU8vwcers+QKaiS2LQwD5H5SP/p9laDd5D+XAf
+ics0yNd1MnTtrTHknTvKHdnM/BNSdZORzRLWD9Lb/gorp5lpHoWZ+pud1moBi9R9
+XVLt
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQIycfL8b+HEF1SLjJI6+anTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODE2MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAzjXL4nnTBkb3wq+A/Atk2C1/lJa10O1VxBil5VhMUVdT
+HkXFlZKyrzX9V5cx8PoJssmnegScexFhhAJIQukG8Bneq3CqLsEdQApcsEQEDFdA
+6PYSCt4ESi0oUVmrUxuGRId72VRMu3pyD1w+NG281OOyn/kbD+1W9tMxhH7hJUvu
+wX8MGlcSPH8FO+8WVPjrRuGAmj460fZV6cImTC5V6WqBJaxtGIC3JEqPquOxZI5s
+AxKcMKyCNOzTcWYfp9xqYW+knSYrQR52Kh2Jz5oVoER/h5a9cA+2kO4ZrQiNP80h
+cKeeHrVrDg+qUxOVsoOb3q6LRr7ii5MD2Mp7iUqveA9k4B/iIDsOL099VzHlPpvc
+RjGIuOgGYU/mWLj/u5HzL69yE7z4GdL9rPiRiUY+03QrDTEzpr0BMpR9rR4hLPMI
+/Q9nvQ+luYF17RQqHLOc+Rcm6aDHzsDXLrHH3xQv4fC10I34ql0HapzYFEzBFaya
+43wi6YYiboGJPZjfVeJuspfdltpcZxdzJ/2icShKntSLFheeE1y3qk3Tg8CPNpjN
+zAOZcs5NouK18Qcj73j/EXrugNiSNrR8Zy2vtB4vKdpBb48pUKODS5/WMNfktCBu
+iKzxZr2qIGS94UTbBOzdYQQY3vNaPHzyOrs53vEhYGANRF6L/6iInB1lMJe8ZD0C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTknypL
+78+cu4l+VE37fR36ofCSHTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAH9TvFhsjGvdBLEFlcevmiDpnWf/XjhGPJn2FqRF
+hdoKxnqY9SsdQ5fgdO//xtEGVjXS6QTyUaoUrirhpIMiZfHP3BjkuT6Wzk3YgZYB
+L9I01YrdKQrcEUZt3FTL3roVosaK5p1iE29Xcd1F8rED679QWbi9ASDCcDbTCFTo
+6n13ZSSpNofBzKsuDp6t8EbzK3rbwkS0c8CZTwDCG8h3Sd73evjFWes+SxbZyg7t
+7EVm1WMZzJgN6BEeiLdC3bcYhgxHHi1f++VVc9SVtnTF9ScpG5ot8f2sLQXAdPD0
+L8JlmWHC0wnqoY2qHK5spZvbZbtrisLq92j9RLCztZBee+HRE8BxYRcP+zYWq5pN
+nkH88epLuAod8YU8fxuqtJWABWWSLWzvQnoXnx8p8zTj1VCSgQPzKR1XaruFgaFL
+PQn4xRtNGGCBj3OTGj8J9CJdxLlElmZT6yeKlg+NylWHFygzp8xZGQ6rytPCcT8F
+/qgaBIj9DtVheCDM4XzEEwFdcobqQ4uetntZ4YKCpGxwQIWfYP3oTIVhNTsNg+/j
+1G8/PkB8YT84QlUFdx4kHHXpHAnisrdPppx80L8Pyy4EsQTrZzkFw7JU6LA4UXvI
+jSyjdLkkXWNAvs9DvG83/Sbxt3yHHqcneFxIoWJfLg8cZA9FO99KSJ1fnpPL63r5
+55Th
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQeOuFBnqXDtW5OVK5wPQmqTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODA4MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAzPPM0A3ZxQvPYcqkfj78cpdsbz2no3ZMIP/a869Exd4P
+FE3mfW48b3QFKALu1EcqnGqc0mW3uzVLKeHJk3Y3/kK4+I5ibyNsYcSwn0dDcPHK
+Y6cc9BcktqrhEquhivq6bLAcyxVPZPtq9Ao/dVfIfWYNGKll5N7UrywXXmhmAmji
+Mi+8f8hoUSWYMUNmrS4weWRk2PIwaj9gdCcGCr7AIqcDnAA2bAdvBkzkWm0x0AYo
+2QF13NGnIuOqMSEs03s56Kg7oXl0cF3+6zi/z1RoABroN9yB4J2/wm2ueyjyj+Q1
+Q1tZqZlt/9Qv7LZS6wZ9IaaLs6LWyqOCJvroMOOg0O2gRtK+7+o8ZtXX+6BBBoVp
+1e6EkL1d8AEl6WmmoHUe73Y6n0XM/aMC8PJufR+4y8mz5s30axtqOuElhZBDuo7Q
+2BfKnd7gs+wQyzQZJtYXR+7RJ/4MLgP887TZ+q4BVAcY6Bw2kK/4b20MuP3RpviW
+wm4YaONRoSEq7xXbpWB8LRupHi0RXa+sUHQfLr9PtARWsiX3ZWGo9RFaFcfugTEX
+6zx3WtVoR7Y2toBDnNGbCLESYadyxunQqoXEAnNdMYY9JTv49DZG1172H4qpbjGo
+UCUbjYeqSkmZ7QDzo1Sr8QGYboruEv44cw7de1gY9kKN0j1LIWQj922idqjNEmMC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQ9hSl3
+I1e6zV5endihqb35jfI+xTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAGReJEV/xrD9969lWq1b3VDmLq7ASZohAMZC6yav
+ZymfhpboPLi34z63xFw9IjWAuJ9tt1k6aBY+yv8Xyd/ZTCeBYzIPkm9CUj5KzzfM
+P4f0agiTTAa5GyX4ZIenvTw+qD+F5L5Tvvyw+fkzp+2Z8yHu9ACLS5+34y1TPvri
+SfJIntxQVN6ZJMcdCjjc9E2ejb0Dg7cPe3Z8Ca/PU0gVcu7K/YmQ9xKLjUKD2GM2
+dq668lsc91CJsd0JVP7y+MVkQPZaPMWsCpLsjkafivHq14sIQiOWyvTrPfeUXDqS
+TigMUjVgr+ydmUhBUX41jHEwjIFJaRCtWLZbcJnhzzeYxbakwm10o13eR/JfeoIN
+bGQXAtbuAOtDFax0bSrlb5ofvYSWCGCC1iP85D/xZaAZKvXFy/BCqBmDiM03H3vw
+h/xCesLbdgYMuCtnkjxm+pKxqT+R9bCux8iuzRT57M76GFQbFGiYFXuSF8Bcpluu
+tx30EjBx2eV6S+X1kK+Guozt0VNlU0EXfrmT3i4I5gFt9nMDGQ7l0aeA+2QgvPEp
+blUpImK+qrJdHsgP06FbqmntfG5oRqbHP33w2zaEHvgoJtYsCUWOjuhc35LvSlm1
+BsGq1V8YH9KvckodhY1JWT68uhlhcd+FXBx7QsOUrriGfcBbWfO3CFuIvA0EkK9R
+IfGi
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQXwbuxOe8lq6muQ5dlxroWTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODIwMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA8210KpmoSkcaB7e383UNN7+ia6IuHK4f5UkeKflv+jYq
+AaH9UhxBHyPZs6HhdDWPM79iDhmBzxmNj+RVFSN9kAN7qJnon09UWze7WE7MDeyt
+yFOWY4NgjxEHz0NwdRVE2k2eVKgCe/8jsOHCzUqU740WOE7FGmkwS7XlWy9qYT8i
+/bLRvG7GX3VBVzeWGZgM20D+W1Ht2+ZMDH0pEakhl2MX+l61uDEyaLmaQg6nhePo
+hd25VQio2qEKSnserVNGKfoEr7wqwVg4n3FC0Mp+8K2r1U2/ts6bld8HAEuHHG8p
+YYWu0DFZnjQdV42Itum1pWO4fGjByX/+Dr9JiFOmh4PLT3zs2ChP1To1qCZAuTqV
+hmGGc2BiQmKajnHPAILovl7LvZX4nUUyrkai3EXh3QQklXHW0vhLTENYdSAvMj7w
+KRopQKr8N2ZmnvAfGx5yBNq9pXPD7jo9464Dx6qteLWbk0yynqr2Z106XqyC395c
+uBAY4lJT9lzZDx6DDZQBGFxMbKzqusg9QgTCkQWh9hy8WLH13lPn2Bkp98f674qP
+ejIfGJ8JU+ercizg+AWyj9wvmAxEoAPFkg/hIIXxJuFjse/ZuTF+tUZEzqVcR2S/
+NTalE9Rvj4XcwIXMfFcPCQIdlrhn6m2INUuWPgyfETkdNJFLe4fb2Ai3nZPOHycC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQJ175F
+7oXQjoEiT1Hf+KdSGYPGkDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBABa06tb5jQKlfUb9A8TJRZpHpiSY213kcIByrhPs
+PNJ7WWc3m0Aq9NKhKNoDCuU5FzxNFWbLRUURXOBZ3fMxfP/G1Rm191FxoxOiGwls
+RMTpC5pleRPAj2t11Jwn6WfUICOxyWV2HAiLAusNY/g7Gp+nbwfwxzDMtQdPOVxK
+HFzo6ZQ2JMOHTImFWOpOD4Xh92kotsP95p259/Q/U+Yth/asrRcqWpPPubKsc1pM
+eIu9gVvKX9q4PwAxUS7yYtKmtvxzkZR08QS/kcWObUnchV8D1zHP8nQkZxuvgR0g
+Y0gUqrWniE8udYPgpzMFojqBm4Nuan6hbcpDWOJHlQ/vFLPX0IPsbEmpVvBHOqBk
+gVvXsZbKxe0GuUeputHSx3+eciQP8d2o7rmuvqYwMav7OxKqL/zWDGRajFm5He7W
+LUyBWSHlnqELQr+3Pkz0dtPUm6Revkooz53ny/vUsAWB/0WexAwH1idueAVFinNE
+l991KNW3nueIxpgdNmqwKZBuywHZwFEB+jH8PDUeYJyDHhsz691o9HGzflXyZT4r
+y5/pvWyu6FPysjJ7Yaxc0eq4/tATBbSc8FfaHeRQZodA54FTtc8klMj5TbvEUWcm
+KyKWagJ2qZfYbli8EhG9H2LmVUg+pPCSagoYSYtCPjmbJOE4KwNSTaKx6EKu7+/3
+irxW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQRNcwtUlD1ghwIBT9BIrPfDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODA5MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAzDv/vF44iZ2mD/oM/l38AvRyzu6xI/BikocuHcTfZaYc
+9TlePfH49mc1epV7Swmz0qbApDilmD7Ph4kIJoG6vzQyeq3q9XgQF3d4H4vitHRH
+JN+s5Ejm6Zk/ODJYNtUeBLueRudlLQkXws5iAEH4TSi0bLPIwASiacK7dMdYh0Ei
+PP0/99XGZO5zdN+GtbDH7DfnkicdN+RHhE6e/p+oecZgf3gEi0rTP5kXmecL6f/c
+jaZmeeM1UOFQDWlMSiFUqD/lkjjrZAofNpQL8SOqELBNZbnVJXduAzHBFnFzvFH0
+aT89pBnKh6q20rYjoqhELzdIHJUUyuYZR/AR3gAcpuhic5hQu8F4APyT3PHQS3cd
+nMhbVviHs4l7aCc/GVOi09LO/W8pb/5SNVr/YhPtyVBqRIS3JQjGXGoMBCIGRvDm
+YTkcB4bNHGyZCP8BE7kErSV5dmArtx6EHR2lmtrf6qs0j8lVRAPdm33bQT3uFTdR
+gKvnQuQ4DeNcs3HcetZ/q2d4CydUR5ycaND6nmBaj8+Tzebky61dInryFDo+5J+L
+Q2WkAZB14aV/w64vaY8l4letOpYfL+uQqUzP0lwfH9gCInrkZLfHslxxxUKms4DH
+3derrGzvx4aNe7CXs34mLKAIAXQPDv7ZM/LVxuRhd9otPIRo6xkPPUSqDhQVjnUC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQKzWG5
+6xh+eajKhxXNdMhQh9mzQTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBACXcItDF1xCjw2Ruqx3gIfDtqybPYzSJ1whIYYU1
+MGTkKZe4nS/4W6Isq0FdnMBFZGU9TnoSgbC/8IqlJCaQHcpZmtd2MBxqTLCa4EoC
+UCqUxHaBKjCi9Yw6BwVMYesXIvRxiw3Xr4mMkS3mUhaSccxqgpswn0SLUIWagGeV
+YfxXFGLz6ROEGNP80Nmysp8T1dMdfels6uvF3cc2cZ/U1Y7QUqca4c002JzO7Xvv
+2MWsm8gMONciX+/80WUGrglUzyeGT8mQFWTMeonsBH1NiS5imqRwL4e5ASoeXNXi
+zFfPo0P+fDyKJQxgtCDCWhwxzVRoKzh+TsNHFnSPSTsYG7T8Im6jKFCNqEPHqCi4
+jrnFqgsPV0fbPTIbOBdcW8IntWylX9toSiDVGeNdee5/LobIHFzPcYgLZF86Jijo
+kpvLiGFXHLsKe36fWNC1j+/RaaJn0PqAD/i9slaTR99C3Dc5m3riwV09eJauo3H3
+hwNf2yMySR6yDCfBIUa3iwJEoeDM4BlAN3GkVloN3pEDoKsKL2fewn9ERG44TSBc
+Q864HpI05xyK5Hpuy9EYTz6oNq7v317VIiasi/r5r3axxc9GNxOeV0Hzv8+oUYM8
+Cb/bhohlkXHkACEBruaEMbRsClPCWfVFx7isKHW7qEIvCkJQoGD59Vk+XE+tWbrZ
+xndJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQfwk3xCRS3WXiPkY2XUh7PDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODExMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAtV3OmY6FWo7tVyR9lzkapDniJBwNoVYdkMvJd4b820QC
+UMmbtYmrLLdDtAVMfDE2CHuxH4Pcx02lgO+lBBPFBg0+M5uYW4cNTP2hSXk8TY5d
+yIByNjZQssPVx1GUvM0ciVE5Ega9a42U8ZgP60o6gmQbZh8OH3f/r9A90N0vu3at
+fuM7YEsE/VnP5vYSdmpEOGbB39DDqWM6dlk7B+imUTalaSHxZJpaoj+kDVxjCD+O
+hwXQ5Si9g7nGPfY32TniG0HrFld72YVb0sVFmw8ZsBrSItxfyBy46asD/DqOqz3e
+zStN5BLEUq5pY7FAH5NNaMKNGRa0jgTsuO0xI2akzhWd/i9pi3iWU3fJ1lGtZUn4
+Q/zleMKv1g71g/y2x1nyGX0z5XRx1vs5TPRgS82N6MxnesuLBJUYcXnzWftAYZl4
+jCPgcYFibQJs9g4Rq0yMFbH00tpDmRZdckxxh78hM3GR3qr4yOqvDAssegQHdtwj
+weHNy5i3t6a3C3aeZdxyF9UB3FQDqBHXTgnX4PfdGzCo4nzfdWBFi75fCMOAcv7S
+qklB3thXaIGF3F0+6PNXTFYgAgsyhanpFvTXRCR7HX8uAm8ixwTfUO9hX/AW8DXy
+ix9Hc+MzO5xGG7qBraMpGKXU2Tjb5qOAHqNRitC+gqiQ25snAP5I5f9xd9+E7tEC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSm+TgG
+91DSzsKeUOBXqon5zpmLZDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBADUbj2lblbxKNEMNzZigLF7FL1wcYCoUXWNY4k2t
+vi4U4z7U4K7hChjT9Tqc0elUc1uezf5/t/GDdbzAQy7ffA6jDuELYghuLxp1bzBx
+0b7E1SlTY2XsERGlr3jHGp8OLkvURWCBltHoAfx1nmZ7g3eeUYXHlFcBilJ4Miu1
+fHN1DajMTkivD7KAc1XqGv80jYrMEH/Nr10akVQyoHVHlYRHgp579AeGrGIJG8+4
+zzIaD45/+e1JSySHF0P+/SYSNe9XZNcyEfC9bhaIWuPcnqaG9ZHLiMctJ1vwSAnQ
+JUL0EuSW611tB0AiLr85CneVA3PCuln0bvn/VtQRU5qqRCKfPtqfjdZ0CNuGR9UC
+KZR2sto05ZQpFVt2YmgjZ0lih++LfgPLnyfnWwcRvALm1naYA97QBF4uBeer+YPl
+beslY0bsiD+Vh85ugMeYETjSCe9WaotYRCPzo3QQNjci05a2VoWRQ5XR8rNZOMIL
+3VLnbCotBoS0B6QQbGKUT40+zVJaYi9tywbSOlnUoCLunLYeDLciIF90Nr4uHntd
+LJdkAa37GRkBCX7xa+Dgd3Fgz54OoHPt3jkz4tdokE+ORosxFhbuUthPFZspiWYE
+scgUnpOz6aUolYp+GD+hjLaoPb0uh5G7MbEJyCVozAXJib+uVhF/RmmBXeAwWVEO
+mBBg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQGIrwEQWKt4s8VlI92Z4EJjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xNzEx
+MTcxMDAwMDBaFw0yOTA3MTcxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxODE5MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA1pKzdjLJCeyTbDhaS4ToZBnmZ3SumUoZqjCe7cFLJO1A
+BB0ZL/rJjkzF2ayfVsHIjgt1iha+NX1yljLDLbSYMf7Qz/4Mq3yHls42I25jGooS
+klpwtNr/6w2S+/BuatEH+4ZtS59EnU1acEBeDvuqWgO1nwG4/iHMfoVXNTlbXaB5
+Ibh0yiiAqIdRS2Bx4Ys/vS7SfWqkb2tZgb1PN5ON0wlc4sw+kyKdxfGbAhV5hfM9
+3TGKzKLcgL+jMbDsI1HV1/Dlt+XddgGqDkXdHlUkAX0IcD5CLg9qYJJJ5x67jw03
+psTt2l9ciPbMCYcljiKaRlru/N7Ava4E6pK4OhoDyuuJi97MHaWNYs6rzYrHFZU/
+AnE12V8Woe5MShQuYtHqG5ba+UyknxirCh0zRA2Pa0WST6zTV3yhCPu/Nh9cOHOu
+G0ad1R18sRlsBGGLKJhJwG1GPlUAiGfiOxaNneqNarQn4TWsxsd8C4fsmi0TsInQ
+T9FrsMqRRPHzgXnkWge3ptw6GRz0ujW+dJhs2jQ66v7xwuHUC0GWjfOTlGXPJ6Pj
+hr2wZX+Ym7nVQMEWezbUrj38QKZuEq0PGk18ezmfxNmOj64YQsjIAbgOjpRK/zGc
+4ys2noW7g/sbrBjK+APPwdcNn4NxyTmPff0Tk0hFzqkl1bNWZsnAVeZ0avTCAKMC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQsVinu
+pC+OrDAaamSyBDCK5eVrHDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAICy0mX3KzhrECxLACOcMt7ffyuvuTm6mvfVeT4C
+1b0/7Ch2Pac1DrLhW79rAfw6BxdbPwPDTgbL76PwD7hOB9Elr1wubRY+40cB7BAE
+reqROB5WYQIzqrH6zUegdBosTEogM7Bs9tOCrZ+12SLYSVVzNpGcADtpToFv9Z0O
+0DxU9TKWplB8exvHloUbE/Fy/8XFDMXacG7z77da2Cc+YI8ad4ZPHEwDCd2cyTZT
+XMh3AMfHvqraHoW/AfYKPHFlx16BysdsXKd8FMJX+sGvELsTo7b0FNXvOgpuvzvH
+7Ava59+HthYoCju0i55HzzjXzq/sLjfvlkhachIXTE6NBTalxfVHcTTfzHY49lQi
+hwff3n3+2IHkDIcJePb8LsI8d9lWQDLem3PvVGmIFrbxW3tBx9sm2ep5mpHN7p1h
+fDGf6NF3wVxERbpbqELqOLj9ZUJQmKBz/Nx+FbQUqDUtece9QUDOP20tLCcGp7jD
+GJ8sEZwgB8iSapEawvmgwQJvYDBACIDoNn4C99Poav3w9v6PiYyyxNN6oPly6kQa
+d8kuhOxrLpjQ3pM2zGttsbwUu+IvQNSif9vRxr44eFK51TGhPCpL83OkfNh2vl0O
+D07t6WEFqngqx0we9ZwqpLhY8EZFBCoB0QIasDr3KMHlyj8a2RUzgwqsFj20aR8w
+EdqH
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGMjCCBBqgAwIBAgIRAKvsd/8bQQwHAAAAAFVl2AUwDQYJKoZIhvcNAQELBQAw
+gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
+Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
+MjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw
+BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0
+MB4XDTE3MTEyMjIwMDQyMFoXDTMwMTIyMjIwMzQyMFowgboxCzAJBgNVBAYTAlVT
+MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1
+c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxNCBFbnRydXN0LCBJ
+bmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLjAsBgNVBAMTJUVudHJ1c3Qg
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBMMU4wggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDcSG+caYQ4xcvf+dt8bgCEHorO0g5j0H1NOtQzRXgUoG8y
+QuRbJX9swyKqQZbsc18YvTV8OKA/uSNE46Jvq47TFPojWWTVLbNDqpM07e4EFYKs
+A9NFzAUngijnf3ivnXA6iNPAMXaEhXmhY/YFjk8NoM7Y1PFsA0oj5hamKQ06iO/j
+gvBScLmnQ1ju9Qj9IGIg18UL5AJNw0frspLUQBYVrLGaqAy5Nl2BUJKaZ4vnSLvP
+nk6YrB15mo1phHae10Ba4fx7R3z8IZ/hby4OXTy/KZpu107VEQPAwTuDK8ZXxB5y
+0DSzi4vaw27aLrUsq4aFqUo03gEfC31vWW76TNkFAgMBAAGjggErMIIBJzAOBgNV
+HQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEW
+Gmh0dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMDMGCCsGAQUFBwEBBCcwJTAjBggr
+BgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMAYDVR0fBCkwJzAloCOg
+IYYfaHR0cDovL2NybC5lbnRydXN0Lm5ldC9nNGNhLmNybDAdBgNVHQ4EFgQU7kfR
+hXHx/S23P7s+Y1h3F0lADpUwHwYDVR0jBBgwFoAUnzjEViPDOeigcWzoVEzk6Dqx
+v2cwDQYJKoZIhvcNAQELBQADggIBACMeFFgsWmC7h6D1v8DJUkOpm/m5UhVhO0hb
+pQMQKMhKkl744Y9SWG4WNmpQy743TTciEJPZFhc7ke2R6VmK8ZJUqro2awOw1RWZ
+OtHla59Btf1NQd41vOVdU+qFhs8lFfXg9sK7YHTrfxHtMXLoGnkkamK3xJgn7sXa
+/zUvUDBTpDCXcpO9SyHoKIQswmkIPpRyIdPF4biRdR3N+9MYmlfqN/Nk3OEZ73xZ
+AUZP6Gu+f9cEiHTA8NdYHCPLJWyFnIHWK+QuTFEnKYnOYxCeroLBNOO64e8JWZ39
+kZ22BBXhHzqOCCczS7JOJTRF+JgvWuxbFwRstj8qf3fE+JndWmq2FC4hTHtpuK5K
+ENuiRm5gdkXfsXmB+qB6y5gaajiTIMscGIcZIKTe2YdKrLoicvEz8k+loM7favik
+vzFioTNTDHYGx3mkfElBE7ycY8n+jZE3QBBv33k28MeQi7XNgEaMc4tYwoZIdE9A
+xVccXTzEQzka82dOkRB1dU0XZId9XAWv+CtNc2TjF6Wgx2seA/c6H8S0IfgQBIV2
+8iN2wZns2QFdawkdy3hMUqPnA++kuGhLW3GemsIY5dP/WxY8rd+OfLb/Ks9T1pCd
+28t7PQRcQsgkYmouzrOW9ASBvYqLLdhl4y+fFXff8RkPIKMNoYP06WJvRKmky9R/
+41/nXRas
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqjCCA5KgAwIBAgIQAnmsRYvBskWr+YBTzSybsTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNzExMjcxMjQ2MTBaFw0yNzExMjcxMjQ2MTBaMG4xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xLTArBgNVBAMTJEVuY3J5cHRpb24gRXZlcnl3aGVyZSBEViBUTFMgQ0EgLSBH
+MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALPeP6wkab41dyQh6mKc
+oHqt3jRIxW5MDvf9QyiOR7VfFwK656es0UFiIb74N9pRntzF1UgYzDGu3ppZVMdo
+lbxhm6dWS9OK/lFehKNT0OYI9aqk6F+U7cA6jxSC+iDBPXwdF4rs3KRyp3aQn6pj
+pp1yr7IB6Y4zv72Ee/PlZ/6rK6InC6WpK0nPVOYR7n9iDuPe1E4IxUMBH/T33+3h
+yuH3dvfgiWUOUkjdpMbyxX+XNle5uEIiyBsi4IvbcTCh8ruifCIi5mDXkZrnMT8n
+wfYCV6v6kDdXkbgGRLKsR4pucbJtbKqIkUGxuZI2t7pfewKRc5nWecvDBZf3+p1M
+pA8CAwEAAaOCAU8wggFLMB0GA1UdDgQWBBRVdE+yck/1YLpQ0dfmUVyaAYca1zAf
+BgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
+Y2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQu
+Y29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG
+/WwBAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BT
+MAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAQEAK3Gp6/aGq7aBZsxf/oQ+TD/B
+SwW3AU4ETK+GQf2kFzYZkby5SFrHdPomunx2HBzViUchGoofGgg7gHW0W3MlQAXW
+M0r5LUvStcr82QDWYNPaUy4taCQmyaJ+VB+6wxHstSigOlSNF2a6vg4rgexixeiV
+4YSB03Yqp2t3TeZHM9ESfkus74nQyW7pRGezj+TC44xCagCQQOzzNmzEAP2SnCrJ
+sNE2DpRVMnL8J6xBRdjmOsC3N6cQuKuRXbzByVBjCqAA8t1L0I+9wXJerLPyErjy
+rMKWaBFLmfK/AHNF4ZihwPGOc7w6UHczBZXH5RFzJNnww+WnKuTPI0HfnVH8lg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIErjCCA5agAwIBAgIQBYAmfwbylVM0jhwYWl7uLjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNzEyMDgxMjI4MjZaFw0yNzEyMDgxMjI4MjZaMHIxCzAJBgNVBAYTAkNO
+MSUwIwYDVQQKExxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMR0wGwYDVQQL
+ExREb21haW4gVmFsaWRhdGVkIFNTTDEdMBsGA1UEAxMUVHJ1c3RBc2lhIFRMUyBS
+U0EgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgWa9X+ph+wAm8
+Yh1Fk1MjKbQ5QwBOOKVaZR/OfCh+F6f93u7vZHGcUU/lvVGgUQnbzJhR1UV2epJa
+e+m7cxnXIKdD0/VS9btAgwJszGFvwoqXeaCqFoP71wPmXjjUwLT70+qvX4hdyYfO
+JcjeTz5QKtg8zQwxaK9x4JT9CoOmoVdVhEBAiD3DwR5fFgOHDwwGxdJWVBvktnoA
+zjdTLXDdbSVC5jZ0u8oq9BiTDv7jAlsB5F8aZgvSZDOQeFrwaOTbKWSEInEhnchK
+ZTD1dz6aBlk1xGEI5PZWAnVAba/ofH33ktymaTDsE6xRDnW97pDkimCRak6CEbfe
+3dXw6OV5AgMBAAGjggFPMIIBSzAdBgNVHQ4EFgQUf9OZ86BHDjEAVlYijrfMnt3K
+AYowHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQD
+AgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAG
+AQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
+ZGlnaWNlcnQuY29tMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2lj
+ZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwTAYDVR0gBEUwQzA3Bglg
+hkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t
+L0NQUzAIBgZngQwBAgEwDQYJKoZIhvcNAQELBQADggEBAK3dVOj5dlv4MzK2i233
+lDYvyJ3slFY2X2HKTYGte8nbK6i5/fsDImMYihAkp6VaNY/en8WZ5qcrQPVLuJrJ
+DSXT04NnMeZOQDUoj/NHAmdfCBB/h1bZ5OGK6Sf1h5Yx/5wR4f3TUoPgGlnU7EuP
+ISLNdMRiDrXntcImDAiRvkh5GJuH4YCVE6XEntqaNIgGkRwxKSgnU3Id3iuFbW9F
+UQ9Qqtb1GX91AJ7i4153TikGgYCdwYkBURD8gSVe8OAco6IfZOYt/TEwii1Ivi1C
+qnuUlWpsF1LdQNIdfbW3TSe0BhQa7ifbVIfvPWHYOu3rkg1ZeMo6XRU9B4n5VyJY
+RmE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEhTCCA22gAwIBAgIQCDURfR0sdaS2BlhIFGs/XjANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE3MTIwODEyMjg0OFoXDTI3MTIwODEyMjg0OFowRDEL
+MAkGA1UEBhMCVVMxEjAQBgNVBAoTCUFldG5hIEluYzEhMB8GA1UEAxMYQWV0bmEg
+SW5jLiBTZWN1cmUgRVYgQ0EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAvJSDKSNujcBjBxc7yeP1SmjOzg5+j9f3uA/JNc4McAMN9i3POwUfTaS6P5u6
+vtlAqJ75MmsFsWVDoLvfxvbAKQGdT1iN01Pwuo07fyQYEkHoxwx6oEo3QpcGYGJ5
+y86z9dfYr/bj0L2sjFeEQxntsTRj/fgeK2EIAq5pqsQsZE4DWPnaS+a2rpYbfBzw
+P+IYQ/6qVPstPp1FrBTnlDPI6IejBeuMg9sRVJNcNFv9FByltWW+8hBUVnTEsT8a
+QTVhmdn5zyxRG3VDQ6YACumLXVybAugEavug7qhJ6BFMntzDucXhzEMlegVwLkZn
+XdVJRHqd6wbZoScITy7TEjTSUQIDAQABo4IBSTCCAUUwHQYDVR0OBBYEFAaZSaf2
+Py2A9FXVzgkhHOVSXr9MMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9jZCvD
+MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+EgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGG
+GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRw
+Oi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290
+Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczov
+L3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQC6LCak90i8
+lsmNoZlJRFwEZwy08X19BvMtiyJXyGMH+HA9Mh4whEnFvzdYPA0vORjztYG86Wkk
+GP/1F5m16N552xxQHXV0Sh+n+63j59la9bIMJ1L7WiEYUHfh+vJ6Vj+Owvr97TaT
++U+A+doy4b3oES58Zb/jarUVXrxMOIAsIhI98PW+o+lyTrHBvlcQnxZagicKCWHk
+zvrBocfs0KZochHhIQ8fpycqN4T4PD0QHL2ig0RqB55ZRxL/nwI1l2ardGLtb/UG
+Dq2du6WRoE0GDBo6CBVn3hlw5DH4c3+J6+R1uRkajCLRiCdJ7sgoOIG4ue00hSti
+PQApp7+N9Ilr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID4zCCAsugAwIBAgIQBz/JpHsGAhj24Khq6fw+OzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xNzEyMDgxMjI4NTdaFw0yNzEyMDgxMjI4NTdaMHIxCzAJBgNVBAYTAkNO
+MSUwIwYDVQQKExxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMR0wGwYDVQQL
+ExREb21haW4gVmFsaWRhdGVkIFNTTDEdMBsGA1UEAxMUVHJ1c3RBc2lhIFRMUyBF
+Q0MgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASdQvDzv44jBee0APcvKOWs
+zZsRjc4j+L6DLlYOf9tSgvfOJplfMeDNDZzOQEcJbVPD+yekJQUmObCPOrgMhqMI
+o4IBTzCCAUswHQYDVR0OBBYEFBKGRGYmCFQmj2U3silOJiHgk77bMB8GA1UdIwQY
+MBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0Bggr
+BgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNv
+bTBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGln
+aUNlcnRHbG9iYWxSb290Q0EuY3JsMEwGA1UdIARFMEMwNwYJYIZIAYb9bAECMCow
+KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EM
+AQIBMA0GCSqGSIb3DQEBCwUAA4IBAQBZcGGhLE09CbQD5xP93NAuNC85G1BMa1OG
+2Q01TWvvgp7Qt1wNfRLAnhQT5pb7kRs+E7nM4IS894ufmuL452q8gYaq5HmvOmfh
+XMmL6K+eICfvyqjb/tSi8iy20ULO/TZhLhPor9tle52Yx811FG4i5vqwPIUEOEJ7
+pXe6RPVoBiwi4rbLspQGD/vYqrj9OJV4JctoIhhGq+y/sozU6nBXHfhVSD3x+hkO
+Ost6tyRq481IyUWQHcFtwda3gfMnaA3dsag2dtJz33RIJIUfxXmVK7w4YzHOHifn
+7TYk8iNrDDLtql6vS8FjiUx3kJnI6zge1C9lUHhZ/aD3RiTJrwWI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDpjCCAo6gAwIBAgIQAWMjSO/7fdqiydqdnkLg9jANBgkqhkiG9w0BAQsFADBt
+MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRGlnaUNlcnQsIEluYzEZMBcGA1UECxMQ
+d3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgVW5pdmVyc2FsIFRy
+YW5zaXRpb24gUm9vdDAeFw0xNzEyMDgxMjI5MDRaFw0zNzEyMDgxMjI5MDRaMG0x
+CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1EaWdpQ2VydCwgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBVbml2ZXJzYWwgVHJh
+bnNpdGlvbiBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD7Y
+RmMy30kfYW2u38l/K7FjoafmRjU0DtSlPRKvBGrV+LqnZZPsZsXK62gBJGkfr7Cj
+Wa88WzlEKWBui0GYSSHYGBPTQVX+qiJ+p1FKptAjX3OEopy0yxfQZSSH6YDLtzyh
+EPWXtQ2d7Pe6W6MLZesSdalGdA2A1wgTkyFXxjg9qEs7C28Y5bNM98LNGPlYLQMz
+G/wW3ZBOwh83nNZ7YZbxxSaHUuPipPgV5Uwi6QkrldGT+To5dnQqC4C+vg7TEAvi
+4UimJAVpPRf9xzchsrDjd0c5hwHgTtsj6Pk5nzZGZiMexyJRRD8zxfV2qfgGsHnM
+7kHccY4NUI6wPEir9QIDAQABo0IwQDAdBgNVHQ4EFgQUm134UlTQ5rEsvI8qc9lk
+PL5S/OIwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN
+AQELBQADggEBAKAHElE4ZmAdgru4N9fau79s6RIVRkWFGBOsB1+vixlz5dI5jWIW
+wJBURGUAQXyV9oZUEk4Si2OQGED4kByePlXfDl/GaGwcu5K9SP075E4M6xDG3ngD
+b0oPDMWV2YngQ95PbNmzotlMl3lSNmIo+2HjExD76CRx4fnD0ZuNn7Jd0X7Ff9UG
+XF4Ha4pxVynZUVYgvTSze/GCZBFI4nPXwOY01dQuRg43v1WjmaauqQALMusdi6IL
+S/WGxwg4Vamw3XW2szaYKllxYeadPhVu9qS5L+4qMPJXpcPtU6LUarTVOfZJOxAR
+dr0I4oj1vYJxA7k50nMo1qaevFqPOsh4FVI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIErDCCA5SgAwIBAgIQDTE8pDfmOGWiRNq3KgBFqDANBgkqhkiG9w0BAQsFADBt
+MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRGlnaUNlcnQsIEluYzEZMBcGA1UECxMQ
+d3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgVW5pdmVyc2FsIFRy
+YW5zaXRpb24gUm9vdDAeFw0xNzEyMDgxMjU0MDZaFw0yNzEyMDgxMjU0MDZaMGgx
+CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1EaWdpQ2VydCwgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSYwJAYDVQQDEx1EaWdpQ2VydCBVbml2ZXJzYWwgSXNz
+dWluZyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANrvr0Opo9Mv
+OxUJnPFMFbyjkENqUx+3eddhRouIYeledhTOv/rFVaEWJUuXfpWRFKSbtOONyOjj
+WcuUmRYvUSlwaB9L4UXQuztyE8dGXITQKLoy8J2zG2eUUMOq3bA07yuUZsQ6bBy+
+LgoDJcTSTpcK17FLgB7aAYcxl4FIln6MYRy7l2VXyGxw2q6QdtDD7pGs7y9/nw7O
+SqnA3R8SLDo4fyNPfgvQdsKaQz7x4P1+c75jbtHHs4mbn8YIWlUQ3Y+6s4krW9L9
+qOPgranY/uOcwTh1y6T6qa/UFw2+xwt3QanLi8torw32DcogalIfTjRixv7ic+xW
+WWr720jO9o0CAwEAAaOCAUswggFHMB0GA1UdDgQWBBQsICAvGHMr8TtLkgTIy336
+ycL0BTAfBgNVHSMEGDAWgBSbXfhSVNDmsSy8jypz2WQ8vlL84jAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
+cC5kaWdpY2VydC5jb20wTQYDVR0fBEYwRDBCoECgPoY8aHR0cDovL2NybDMuZGln
+aWNlcnQuY29tL0RpZ2lDZXJ0VW5pdmVyc2FsVHJhbnNpdGlvblJvb3QuY3JsMD0G
+A1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdp
+Y2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQButvojvf4fdcBTbarlLg1W
+4ipsBEw8aXVhNmU80gDB85qQlqgY09T9bwjSUWDFk+ouzGzGKcSgcJoyp1VRhJfr
+Sp3Clu8+tjPbT6V7HzP1N1ORRb+VGwzkWxY2p5RvF1ryfLBtz4iLph4Lmeswayt2
+HeECMPt7Te16sKvOrFxKL9PAJHyJWyR9RWSxwTV4CSW0jmOAkifpZmKj39eDJS+G
+8isFYmsZQoDyEdIp/YYMpBBnKqxPA2ecs75bZkDdxg8UCa1aItWw/9S/JaxnB3GO
+LN30AKOpEfkT5W2nyWNerUw8YCNcpf4IU28ikkxigW4MRlYD8NbUoIfYJ2QUHhNy
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG8jCCBNqgAwIBAgIPZFbPgPnHoDNUN/U3JQcFMA0GCSqGSIb3DQEBCwUAMEkx
+CzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcxIzAhBgNVBAMTGlN3
+aXNzU2lnbiBQbGF0aW51bSBDQSAtIEcyMB4XDTE3MTIxODA2MjUzNloXDTMyMTIx
+ODA2MjUzNloweTELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3aXNzU2lnbiBBRzEz
+MDEGA1UEAxMqU3dpc3NTaWduIENIIFBlcnNvbiBQbGF0aW51bSBDQSAyMDE3IC0g
+RzIyMR4wHAYDVQRhExVOVFJDSC1DSEUtMTA5LjM1Ny4wMTIwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDP4eh7M8UJfdm4LJGKXpmg7MiwOqa1+XVYi5um
+65UoGtikYXFDa9kIihcOOg3/nOxDJ8j02lf6vx2c/FfCVG0PT1hQfLiP3lRlVnhY
+ovx7k6o47iqDOUrW9173EmsduhoO1NmxlmBFxg6XdsKJwHK+atT4Un5DxSNuqTen
+Z49H5o1UFTT5YMz+F9DJR0EbuQ+Mfo3FBNdg2G3RQD75I65E6THdrG8rdGiFN817
+x1EhN269auMRUjnYlYC2IPFsOUFpxJmaomxPEo8vxFL3bWRh9NUk0eIkPL0RNTx+
+oEhuLy00LhAFSvlVjKXSKRCcq/iwPFjPY+PEyz7rVU4MqyijAgMBAAGjggKlMIIC
+oTAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU
+HsgEbftyYlFgonMkb77yX000kvwwHwYDVR0jBBgwFoAUUK/MB4cVR284xbRl0d6V
+qunfnMwwgf8GA1UdHwSB9zCB9DBHoEWgQ4ZBaHR0cDovL2NybC5zd2lzc3NpZ24u
+bmV0LzUwQUZDQzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5NUFBRTlERjlDQ0Mwgaig
+gaWggaKGgZ9sZGFwOi8vZGlyZWN0b3J5LnN3aXNzc2lnbi5uZXQvQ049NTBBRkND
+MDc4NzE1NDc2RjM4QzVCNDY1RDFERTk1QUFFOURGOUNDQyUyQ089U3dpc3NTaWdu
+JTJDQz1DSD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xh
+c3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwZAYDVR0gBF0wWzBZBgpghXQBWQEBAQEH
+MEswSQYIKwYBBQUHAgEWPWh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20v
+U3dpc3NTaWduLVBsYXRpbnVtLUNQLUNQUy5wZGYwgdIGCCsGAQUFBwEBBIHFMIHC
+MGQGCCsGAQUFBzAChlhodHRwOi8vc3dpc3NzaWduLm5ldC9jZ2ktYmluL2F1dGhv
+cml0eS9kb3dubG9hZC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURFOTVBQUU5
+REY5Q0NDMFoGCCsGAQUFBzABhk5odHRwOi8vcGxhdGludW0tZzIub2NzcC5zd2lz
+c3NpZ24ubmV0LzUwQUZDQzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5NUFBRTlERjlD
+Q0MwDQYJKoZIhvcNAQELBQADggIBAHPgWaDtoRXD/UeOCPeqbJNmHz2Y1IkuulXt
+UP1B9g/+9s9rw/E3DGa6Z7iLqzK0EEhfQKBZpJirEu6EDR023IQhzRh/lI7BcjMP
+OfEUM6E00rIS8UZrRW9SnymNrbYTWE8FS8jsfFd/pppY22NolKn3UlUH1RYupDOG
+Wj/TMxtMmMG7HMQeLj74sK8pEnQSt+VLHWUYabW7VnO/DcZrrw9FPMHUyJElxWgP
+wngl48Dm/tkTsXwOpnTiZ5XmEEwNC24yLG2y8+QMxCt3Nacrqv5s5PTbsr23BkTl
+Owy5BwN99ZfmeCcUI8egA4gH3EzAV1a5ONwaIvvODXr1RIwTWiV8WLLSWLywLP/2
+m+GUZYLpjMUmLq/qtBGT+KBHGbSjd0fwOysKIN9d2eA0xZwziXBCIhDT+1B4S2U0
+dwaZBje6OMo+toMeBPsDtBTuoKFdfq9O9KFTHsnMaHh4YeR3SYzhPoemRpaB4hvX
++evVKXQKvtOnATPAzFCQwv10qt3xlREhq8NJOgV0YvELz1LPD1n/VUQU1UW/IjC9
+/igroSCAPaZh4krhypMWTifbRl5pymP9njZZOlaTwMnZya9e5+tzuyZ4nBP3dYJf
+peTjabxa3mNOC1+pXX2LZLdlRyA5s0um58mOUKzTQKJnX1dv050EjBADTBh4P2FR
+Tlj5QwBS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG/DCCBOSgAwIBAgIQAPWIniGIYRfiVdZFgQVW+DANBgkqhkiG9w0BAQsFADBJ
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQDExpT
+d2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjAeFw0xNzEyMTgwNjI5NTVaFw0zMjEy
+MTgwNjI5NTVaMIGBMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFH
+MTswOQYDVQQDEzJTd2lzc1NpZ24gQ0ggUXVhbGlmaWVkIFBsYXRpbnVtIENBIDIw
+MTcgLSBHMjIgMTctMTEeMBwGA1UEYRMVTlRSQ0gtQ0hFLTEwOS4zNTcuMDEyMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJsL6WuEG97ZSgGAL/+zO5PL
+/hqpD5gDpuI7lGypmuI52v2/H9KDJ2DjHQjw5sk6vwdJ/mqFyHzuMTvywwCd2FQR
+C9Rhd7G3EbNAkj2AU2sIFhiLI6CaVmOXEwS5igw2Txb15xVXqjyHwOHaUdX007zy
+8i7rlSqFdrcDSFxZfVhHcyhE54vbDqgYzcd2D8kCQsjn0nuUXTYXUHGgvFoiLrX7
+ITTQPp7bWbsdGNOv7S6tgscdFony4u0JVHH525FbUUuf90+GQ78Imwt1KTa2Tlpv
+bHYxRUEmxWuqJw27zY8Lixdz3b/6/GvVf5n7k+av9AlHXQhifHUSO0SGZHZ2ZwID
+AQABo4ICpTCCAqEwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0OBBYEFP3+/Y6c9H4tKdEoYW2g3KdQduP+MB8GA1UdIwQYMBaAFFCvzAeH
+FUdvOMW0ZdHelarp35zMMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6Ly9jcmwu
+c3dpc3NzaWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURFOTVBQUU5
+REY5Q0NDMIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3NpZ24ubmV0
+L0NOPTUwQUZDQzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5NUFBRTlERjlDQ0MlMkNP
+PVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNl
+P29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MGQGA1UdIARdMFswWQYK
+YIV0AVkBAQEBBzBLMEkGCCsGAQUFBwIBFj1odHRwOi8vcmVwb3NpdG9yeS5zd2lz
+c3NpZ24uY29tL1N3aXNzU2lnbi1QbGF0aW51bS1DUC1DUFMucGRmMIHSBggrBgEF
+BQcBAQSBxTCBwjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dp
+LWJpbi9hdXRob3JpdHkvZG93bmxvYWQvNTBBRkNDMDc4NzE1NDc2RjM4QzVCNDY1
+RDFERTk1QUFFOURGOUNDQzBaBggrBgEFBQcwAYZOaHR0cDovL3BsYXRpbnVtLWcy
+Lm9jc3Auc3dpc3NzaWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURF
+OTVBQUU5REY5Q0NDMA0GCSqGSIb3DQEBCwUAA4ICAQAXV/Z7yw0Z0R7pZ3jQPbw5
+r7KKLka8XZBV6l3PAsqxPhaWOkpNf7VbQE9sbKMCpqV9TdZ0wPMjekXS1Ii9xRbU
+REz8sCKMlfQGtpiDzttKi88+ss79+1rulmIBWqBQN6ubf7b+LZjKroraLljv+Kp7
+Z6vZ34lLQKRSCzNo8xg04/VtQwKfd8c1tMavtc0Su0R276wF8ix9Ddi8rmPBwmKv
+jP/bCQwBVgFuVUGInFeUsn/S4svs5YjhCBTfz9Xsqx4riAyCDV+z+CigCTFk6GwP
+lxoshOfC686DlYAa4oJVSCJ8wtSUos+yY696mv8Zn05Cs+De8zfxTxsA+yJW6t7F
+uCh6vf3cULBh9PkmG2jGHu9PvMZ1JGp+gq3DqRUWhPYbsDUHT7vC7s9RYi5IPqTw
+Qhsf5YdM/Uq5lrlu67sXKqBhlU8TXS76ESU+76SKJ1Ub3l1nWv9IcJfetC/fnZnb
++Wz5rst/qsWONVcWkY7DczQy0D4UUSsLcV0HjbsqotZyhGa+mBKBOKKC2c8pYYvk
+lOIHTOiDpSMF+6S2UW0VVpdDqq4CKHRkOjEI8oySryww5Yf9A9Fkc+Ki6RZPwwoh
+pQATKSkgGFB21zTtCa7+G3AghNAmPzPLGW6Ivx/NFVJgdzp3b4Dz/JROWShVmjAf
+xrlvJs5aAyn240Dd8T7F0Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG9jCCBN6gAwIBAgIQALjfg3D6pU52wIhjWom9rjANBgkqhkiG9w0BAQsFADBJ
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQDExpT
+d2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjAeFw0xNzEyMTgwNjMxNTlaFw0zMjEy
+MTgwNjMxNTlaMHwxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcx
+NjA0BgNVBAMTLVN3aXNzU2lnbiBDSCBRdWFsaWZpZWQgUGxhdGludW0gQ0EgMjAx
+NyAtIEcyMjEeMBwGA1UEYRMVTlRSQ0gtQ0hFLTEwOS4zNTcuMDEyMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugv1YdAdGpjKgjiMSYTduGb+3XDhI2cm
+gTcm0EGEIOhR3YiEsJIQfG3e7GqTvbkkBEaxt5IBnehz2gcIkUlo4LYfi1shUzCu
+PLvy1T463uWbC8fIe23JzW4ck6wHPGOQm4sIKyLfZnmKdwoOiULUNY1dJxOr3GTZ
+1rK+Ef242kbSwNw0yXolVgfqjMOkatBPJkpofXpPGB/PNTokHNzN0I/9ljzcEoPs
+ArJh0+OzZZcdQt3hjxzpDg+WHcFViuZcssPuUpi/RADGis/k0ntnA8AAN3T0p8B0
+10Zmkpro5fBGT0VVKNzlcByBHIfj9x4iHZRI9UXTWdxzmoEVDd66fQIDAQABo4IC
+pTCCAqEwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0O
+BBYEFFTwW1IK0IwJ2wfltremwnXruLkFMB8GA1UdIwQYMBaAFFCvzAeHFUdvOMW0
+ZdHelarp35zMMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6Ly9jcmwuc3dpc3Nz
+aWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURFOTVBQUU5REY5Q0ND
+MIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3NpZ24ubmV0L0NOPTUw
+QUZDQzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5NUFBRTlERjlDQ0MlMkNPPVN3aXNz
+U2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVj
+dENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MGQGA1UdIARdMFswWQYKYIV0AVkB
+AQEBBzBLMEkGCCsGAQUFBwIBFj1odHRwOi8vcmVwb3NpdG9yeS5zd2lzc3NpZ24u
+Y29tL1N3aXNzU2lnbi1QbGF0aW51bS1DUC1DUFMucGRmMIHSBggrBgEFBQcBAQSB
+xTCBwjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5uZXQvY2dpLWJpbi9h
+dXRob3JpdHkvZG93bmxvYWQvNTBBRkNDMDc4NzE1NDc2RjM4QzVCNDY1RDFERTk1
+QUFFOURGOUNDQzBaBggrBgEFBQcwAYZOaHR0cDovL3BsYXRpbnVtLWcyLm9jc3Au
+c3dpc3NzaWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURFOTVBQUU5
+REY5Q0NDMA0GCSqGSIb3DQEBCwUAA4ICAQAZHgH/iFsDsxi3ug0fs/Ck3+s+WyA5
+jauQb6HEjsSTK9sCtfl6tVhtz6KWVg14DmHeORwKPxrsVcnJGhkr8eaxhMsR2XEl
+Y81gs68myFzp9iLFe0tUpC8L1EZtRjIx6tP2O8nq/2UI+2njp9PFdGEPpRGHNM2+
+rEJG4tScrxFqbGpgsf78btdNNX4zTyWGCmx8cXc++j0vcIV71fRO+gAZT7lg+TMh
+nUA5E1ikWUhrRIlFKYYQABOzfAbTLhu6gOTQk3G6cjAtvIqYhEd7pVmzZB9Xoo+S
+ggWM/gKNbF+pW+sVgDLw1WFnTKfhgoMYa+H5RDTATgi45RneqCHuvPuFJWRBPDft
+n3f3X2M8ao5oSavHQc2CHEB5Aijca8AtJojln0YKr3La0JU8NexigyXQ9eNxejWY
+98OUQCxNMx5PACHOSYTMZlThqag/qT4gltjFd3Dmpy0m/I3MjTQskkdfGdgBRaDF
+J/uSwCg+GKyNGePgRti91rVGNnzbp9LtncFF6/stRFxBKmxeL0TgNhBLsz0fyZGt
+yodxxwFJwrsnMJxaDxrdfcBbz6NCgRq1aJjAZIwD9LHV9qEus90d1UEwr0FeyKCA
+sAN2o9FlrPyKF2Cwz1Jm1cub17M0kjgHuPtPi/OrH+wlcIRlKeSle87ZtiDvtF9q
+D93wxpQiQGv+eg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuDCCA6CgAwIBAgIJIrmxKyiKBBiXMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTgwMTA5
+MDYwMTI5WhcNMjgwMTA5MDYwMTI5WjCBjDELMAkGA1UEBhMCSlAxJTAjBgNVBAoT
+HFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNFQ09NIFBh
+c3Nwb3J0IGZvciBNZW1iZXIgMi4wIFBVQjEqMCgGA1UEAxMhU0VDT00gUGFzc3Bv
+cnQgZm9yIE1lbWJlciBQVUIgQ0E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAsiqUtMxdh/F9QLu+PFoglmnAVs8CZiZIwPdnlgrJMrpzwLYSnxHDI7Xf
+ugTGnvIESjyiSgrEiVK9iMHKBkYXNKjrMsf+zgUJ/d3VwyPtTBwVU57q2B50Hkco
+uBnC+6SqsF8Os6ier2DPhDF5WbQzj64QzALBor8j+1ZtV62hGc5JQHUmdX6XoVc8
+WYDui+1/VtayTAfUHCahC6LYP/JYx9P1OjCCCz8k+yhwoS1CrDxKVU/5QhAoekW+
+THjjSVuveZTtvmcuGpPbVN5PMS+LGth84h8l23cNlUnp0O+OQMpobqh3ATk8xIqO
+kUnNbAh2Z3o6/EXhwXNOJTE4w2A/sQIDAQABo4IBSTCCAUUwHQYDVR0OBBYEFHYr
+2Y3MNTYyRQXfnoxqF9Ez3AMHMB8GA1UdIwQYMBaAFAqFqXdlBZh8QIH4D5csOPEK
+7DzPMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMEkGA1UdHwRC
+MEAwPqA8oDqGOGh0dHA6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJv
+b3QyL1NDUm9vdDJDUkwuY3JsMFIGA1UdIARLMEkwRwYKKoMIjJsbZIcFBDA5MDcG
+CCsGAQUFBwIBFitodHRwczovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0Mt
+Um9vdDIvMEAGCCsGAQUFBwEBBDQwMjAwBggrBgEFBQcwAYYkaHR0cDovL3Njcm9v
+dGNhMi5vY3NwLnNlY29tdHJ1c3QubmV0MA0GCSqGSIb3DQEBCwUAA4IBAQBriuNr
+L5Sm0k0lEW+36t6reGcrsHZo5pKjLCF4Dp5v8TRKBlM3vXPc4+ULhK3m9JHye44k
+oB3n3qTVxFncJOnBM5sj54waW50yg3pLDkyiI0heLuuTBBUlkEksuHmc+579XJJS
+qgribsqw6cSYL/x+v+VUqtTmSP+BRhiaF1E2n/bKRjoLSJW7+KbtSNw98XkfZen7
+JCq4asaAIP2xRpunJu9bpGBNbntQjf7n/M7sVFiPJHqpZ80ankQ/awW14cyV6Wyh
+unOomQZKtLrvbjrO69Tqz1lE8Fr1v9SG3HME88fNTC1qntNJBRuoR030f+aVYM78
+Hlv1/LRHrGB+iwfC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWjCCBEKgAwIBAgIIC1C7rAKtMNUwDQYJKoZIhvcNAQELBQAwazELMAkGA1UE
+BhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8w
+MzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290
+IENBMB4XDTE4MDExNzA4NDMyMloXDTMwMDkyMjExMjIwMlowgZUxCzAJBgNVBAYT
+AklUMRAwDgYDVQQIDAdCZXJnYW1vMRkwFwYDVQQHDBBQb250ZSBTYW4gUGlldHJv
+MSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzE0MDIGA1UEAwwr
+QWN0YWxpcyBPcmdhbml6YXRpb24gVmFsaWRhdGVkIFNlcnZlciBDQSBHMTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALlRIuDw2gAphmPncXt4pu+NFPBX
+8wpI1uCd+a8WXy9IXt+scnHZYwaX7geJ9AYAG59o+oW9IOeeYLvMSC9g/CNgZb3M
+d1QJuk4jzasBuBO3/Pq5MEM0eylrGgBiMjKBFeysJgxUy/dM2Zan4hecDxhJfkas
+Qqq3X3wNw914sgvAehfb2bWGlaYuDtA2sjK8piLR30qeMJS9ZTEHOnlX2fFHs3Yd
+JLFpGsou11c2OskWOnhHhtVtHWj/jzVo0/v5WCDTUzv7FvEPGSpMXvIbRJTRfhJN
+6p+YF58rsfrQwFmGUhgf4RHR9qG869JsGS16/2IfixVOwiLriKZJS+A2zD0CAwEA
+AaOCAdUwggHRMEEGCCsGAQUFBwEBBDUwMzAxBggrBgEFBQcwAYYlaHR0cDovL29j
+c3AwNS5hY3RhbGlzLml0L1ZBL0FVVEgtUk9PVDAdBgNVHQ4EFgQUI7TMjr4g+STV
+qZClCiY5jtWVBZYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRS2Ig6yJ94
+Zu2J83s4cJTJAgI20DBFBgNVHSAEPjA8MDoGBFUdIAAwMjAwBggrBgEFBQcCARYk
+aHR0cHM6Ly93d3cuYWN0YWxpcy5pdC9hcmVhLWRvd25sb2FkMIHjBgNVHR8Egdsw
+gdgwgZaggZOggZCGgY1sZGFwOi8vbGRhcDA1LmFjdGFsaXMuaXQvY24lM2RBY3Rh
+bGlzJTIwQXV0aGVudGljYXRpb24lMjBSb290JTIwQ0EsbyUzZEFjdGFsaXMlMjBT
+LnAuQS4lMmYwMzM1ODUyMDk2NyxjJTNkSVQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9u
+TGlzdDtiaW5hcnkwPaA7oDmGN2h0dHA6Ly9jcmwwNS5hY3RhbGlzLml0L1JlcG9z
+aXRvcnkvQVVUSC1ST09UL2dldExhc3RDUkwwDgYDVR0PAQH/BAQDAgEGMA0GCSqG
+SIb3DQEBCwUAA4ICAQBcH7Skuw1LBX3VYD2PCU8XOPYkdD6ydHs5HpzGg6YMji7L
+cFagKZpl+G28jXlrOMFwev9uxWXwx81LXYdS7bk2C+WqOra8/ztEKZ+ikUnqfn7b
+Ft3BWwdSZvo68eO4q2u2OR/pdHT9HDKishdJvsy3OlfwMubJ/e4F+XFldnZLlLcO
+WORPjpqPWmJJzMl4ZE5/xlU7oya1+TZEuzidiVcjOrMQNxD3y+YlLx4TQsdWgTMK
+AVLvqf6R1yeJwqaf3b50qX/phc2Jb0faQsQJzNMYEm6IwfO0WRcdNhwetVujAtrB
+/BMMVP99x27EUwN7qJu+mILHRJFFqMnKcrj1lmA//15cqR1Z3c7FA56Qi89CQ84P
+E0RX2xwgvyTH+vgS6ZK5R8DkdpgrYq8wGrmMCb1wDXY7YwrLpUUWBkA3dj4LLaIX
+bsvwtyEamx5gL8YJzjgeW/XjOwZnFsqRjVEequ8BzogpsU/J8pUEiJestK43QiAk
+g0Vnprp8ApJ8f25jtw1AMBpqmmckVrXYa4+HB/1+0uM3/7Bj1Bxkq4Cc+fb9QWOA
+VOFi1IR9VO757ZdhzdR7qEdCkAfpru4czq2RaKhIhSPY80puCYbm3SrKKeMI6I4W
+kddgKIGdlAa0H97YIZAL1a+w/UN0zF8LjtW7HidKKFyCtIimFuD7Lhr2EqoLcw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHFjCCBP6gAwIBAgIIXSPE7q6H9uIwDQYJKoZIhvcNAQELBQAwXDELMAkGA1UE
+BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjEtMCsGA1UEAwwk
+U3RhYXQgZGVyIE5lZGVybGFuZGVuIEJ1cmdlciBDQSAtIEczMB4XDTE4MDEyNTEw
+MDQzOFoXDTI4MTExMjAwMDAwMFowdjELMAkGA1UEBhMCTkwxGzAZBgNVBAoMEkNs
+ZXZlcmJhc2UgSUQgQi5WLjEXMBUGA1UEYQwOTlRSTkwtNjc0MTk5MjUxMTAvBgNV
+BAMMKENsZXZlcmJhc2UgSUQgUEtJb3ZlcmhlaWQgQnVyZ2VyIENBIC0gRzMwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC1eMhxwuN0wuOHZ4BKXo/1Jar/
+1cepiIFcOYt1Gs5s5KLyUDnM+dYABhUz0WIf7vauVvPcjxs8Nd++Zimfg7siGwu+
+1bImvRYGpIs2iFtGomnQK2n/mN3Wiuzwbc9KqVOBvkQPC7X/TaNrKzmIJetBsbQt
+mILsCgv91vObjRoQZlKul250jZiAaWAuycC4FcPYDd0tTk1yUx0q/1+uR1fNBVMR
+a9TeR+uovy2XHZmrxND0M1w4KZ2EoaTT/XP6bNxK9K3907LPytkdUQ8zCyOV6/mJ
+YLyoytLPTT4lUqtpY/ij7yvEN0DtQmeukmVSuwnaVLYPHETDKlpzbfZXy+Y1PT1x
+zz99Yi0LiX49uUZj+G3t9SrocL3NJIca2KoYxLM7JQOaqEkZeTWwD3ieHMp6OvEk
+j4w+7qUN0hTZ7zzkW6mSdO8gKRmSOfCvyC+0N3vGQcSgrgS8rOB+FuoLgqMWmrsw
+ZhxCxi3f+Vjt7u5kcjb/RTkpJf4RkBKMVeEB52EaBZcpUOhnIkeO8XZh+sywZV2b
+Wsc3mpuXAnk7fkg+UQLzXjLycQIpRWvj/M0PYMxenBWf7NAYCMsFkBsoz9QVguxA
+jFHONpue0Z9y+/8/Phtnb9w8XB9mEiemeS5wqorCViKfV999I3AgVZHxenrebsFs
+6cmZPEuSvEWfIhkytwIDAQABo4IBwDCCAbwwSQYIKwYBBQUHAQEEPTA7MDkGCCsG
+AQUFBzAChi1odHRwOi8vY2VydC5wa2lvdmVyaGVpZC5ubC9Eb21CdXJnZXJDQS1H
+My5jZXIwHQYDVR0OBBYEFPGOaY4+TmFUGs7WkpTSgoV9+rlAMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHwYDVR0jBBgwFoAU/2h1Qn36b8dakzifNUTQqi0AsokwJQYIKwYB
+BQUHAQMEGTAXMBUGCCsGAQUFBwsCMAkGBwQAi+xJAQIwXQYDVR0gBFYwVDAMBgpg
+hBABh2sBAgMBMAwGCmCEEAGHawECAwIwNgYKYIQQAYdrAQIDAzAoMCYGCCsGAQUF
+BwIBFhpodHRwczovL2Nwcy5wa2lvdmVyaGVpZC5ubDBEBgNVHR8EPTA7MDmgN6A1
+hjNodHRwOi8vY3JsLnBraW92ZXJoZWlkLm5sL0RvbUJ1cmdlckxhdGVzdENSTC1H
+My5jcmwwDgYDVR0PAQH/BAQDAgEGMD8GA1UdJQQ4MDYGCCsGAQUFBwMCBggrBgEF
+BQcDBAYKKwYBBAGCNwoDDAYKKwYBBAGCNwoDBAYIKwYBBQUHAwkwDQYJKoZIhvcN
+AQELBQADggIBABdi9GVB0mEyyIPp4zJ6HOx4pASw2ar7CJ72LhXcFB41TAnIIppH
+rjRLGLSpaG0gjMN1Sc+dYG2jtxjX1CXyw7Ubt+6DLKkDJxQBmFAx3/f5MGTigklT
+AwTEk8qw+YS0yiUaF11n0zeU00CfWskB5mPpE8jiVHkkPDB+g0SDyneW9Zxqp6Uv
+l+wxnSkFZUBKNru0WM6MDxZ/VsMgOlozsuK2oX4sVJB5ZVykQRfV8WdoyB02OADT
+5NLu9BAYeG5p9EuO7hS4Y/9iNUFwE7lMb4kEnlmoW6AIzLculLhNyXDRd26GK8v+
+Nq4ItHjxN/RxEfvBTPyUGi40DrdYDdJvnBlcPJLq64MHrF9hYdf85bpCJPWvJsfr
+7TsBmqRKNSVqSG1KGUWAlzotbj+lLwRllHXt+ztFXRBLI5FitLmLhXlkecMyRbm2
++MGVLgvoabMdCV84z55ZTjGOBIS8y/0zlNsALCLWbIQkUQeUZ8R2in2bp/L7YPMW
+uZmbBcrqqatQW9RzXFabjHKMYAoqplZ8MyKO8CoTmU6Hse60OARkoY1uUvdZKdfq
+dQg4rqIiOXkv1W0wXDP9yaFd+IJ0ADj4Z+Kg6Jui6YRw03MKK6y8o7dc9G1YESIT
+NAasDxIwJ6+M7cDxfIjnFEhvt+H+CuSJ5r4DlNMzDYFr4oanQVUVzZhj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE3zCCA8egAwIBAgIRALCiDACdpLXrpkTHnCKCcMUwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xODAxMjYw
+OTA1MTZaFw0yNzA1MjAwOTA1MTZaMIGAMQswCQYDVQQGEwJMVjEZMBcGA1UECgwQ
+RW5WZXJzIEdyb3VwIFNJQTEpMCcGA1UECwwgR29HZXRTU0wgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkxKzApBgNVBAMMIkdvR2V0U1NMIERvbWFpbiBWYWxpZGF0aW9u
+IENBIFNIQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChNYfMeoqz
+Yfk4VROgMsgwrPjg5JxBvFQW1JywczszE5CThoywHoPbcgbPWMRzLcHMWoc3YmNj
+7Tf/qtLoBRLwmCRo1XkioYc4HvAqlkgsYcS13rhaipbwaYuGRXcGMCFmrGrs41ix
+TWkdz/y05wp6GupSluOqyDLlI2w6KqEsOlnYPR1tOXT8N4YOZt0ARQvXavglRuVB
+OpyCBxoLYR53A8+k4oos44L+iXmZgANIljHEcK8bUQ7FLCW2mpnh7BKGmBVtLJEt
+gh1wH7/dqDsJNDaRGkaPuFR5aEvW4cWzXMwBUcnUP/FKa8FFacm0PurUijH7rQDH
+2MzNfhZLV9pHAgMBAAGjggFNMIIBSTASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+DgQWBBR4XZFct6cbR4Dm55xCqJTdWd9OpDAfBgNVHSMEGDAWgBRUmd2b/+inDqMZ
+nVu+QlffMPyPMjAOBgNVHQ8BAf8EBAMCAQYwOAYDVR0fBDEwLzAtoCugKYYnaHR0
+cDovL3N1YmNhLmNybC5jZXJ0dW0ucGwvZ3NjYXNoYTIuY3JsMG4GCCsGAQUFBwEB
+BGIwYDAoBggrBgEFBQcwAYYcaHR0cDovL3N1YmNhLm9jc3AtY2VydHVtLmNvbTA0
+BggrBgEFBQcwAoYoaHR0cDovL3JlcG9zaXRvcnkuY2VydHVtLnBsL2dzY2FzaGEy
+LmNlcjA5BgNVHSAEMjAwMC4GBFUdIAAwJjAkBggrBgEFBQcCARYYaHR0cDovL3d3
+dy5jZXJ0dW0ucGwvQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQAy2CwO+CxF2Dfe0g5y
+A4N1cbsvXdhg75TrAeqRinO0NFg1sD7L59fMgCadbJ4UWXlJob5gQ/rEr5d+MxMy
+tQh62LTPoYXivu2203H/fHaskjZ1YjAwdskl/myo/2GgYmfp4Kpw5ObRl5hzBCTI
+0c8HCb6F1RbJ+6YoZB9ePMtiG4TuDfi7IswNUtfTDuG1Bdn1rJyTL/sbHjlku1Uj
+NmKzezqQzxfy0iyy5Ts2YQeCD+ekjh9b0i0HgH4x4ZW4Edn0B/t2qhqkoVwjbhwR
+HbRqnbFbqBSJxYfwXKrFJDeH005tYK4ifGs60J1ByOfmiwAT59HI2peNOLNRumbs
+/VEO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4DCCA8igAwIBAgIQJ8bJgdPRXQ94N3Eh+CM+ADANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE4MDEyNjA5
+MDk0NVoXDTI3MDUyMDA5MDk0NVowgYIxCzAJBgNVBAYTAkxWMRkwFwYDVQQKDBBF
+blZlcnMgR3JvdXAgU0lBMSkwJwYDVQQLDCBHb0dldFNTTCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTEtMCsGA1UEAwwkR29HZXRTU0wgRXh0ZW5kZWQgVmFsaWRhdGlv
+biBDQSBTSEEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVnLdFqd
+FjZLYAyHaJmzIY02q8GO6lRuNDNd8CP8goZB6MVHinMZIW9aqAVM5vmISvIaCEYz
+c10nSRJ+/W3s1o1WJuw1E6BgDUczgilkUPz1F2h9LBI/0J1zYBNxwZCe6vPBlWj5
+qLgz4zNXq4yCVW+4996hwgsMq0aklmP1YUD1mp71kPO/IeZ4SffQVn66A+gA7aHG
+397Ub0d0v0zAP1+OEDM2eTba5KhDQI3ylGR7o//B9KSiYWilhQHDnp+cU9vsjp2C
+DLbgOxkofYa74ZZBBXEtaOxgJgOzH+lMI0UPpL/wTDdP+VOPRuBPz2Gn/gWDDvqx
+WVwWlxmIJANBVQIDAQABo4IBTTCCAUkwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
+HQ4EFgQUDGqlqb1t5zgV0p9yOK1sdimARZUwHwYDVR0jBBgwFoAUVJndm//opw6j
+GZ1bvkJX3zD8jzIwDgYDVR0PAQH/BAQDAgEGMDgGA1UdHwQxMC8wLaAroCmGJ2h0
+dHA6Ly9zdWJjYS5jcmwuY2VydHVtLnBsL2dzY2FzaGEyLmNybDBuBggrBgEFBQcB
+AQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5jb20w
+NAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9nc2Nhc2hh
+Mi5jZXIwOQYDVR0gBDIwMDAuBgRVHSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6Ly93
+d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAN4vdz1dJ+7Qu5L2Z
+dJs4J2SJn2SEjXGJYq2WQgoJ2G7EYjxDJU1KjsjJWzArn8Pjq4ZQmZ4zAq16O4TL
+FfYKhc2MjmBXq/qkyn8PkH1HymrMsGxZnRjnSusAPEBaaEfYWy2H6vCVVYtKmN13
+qXlENdru0k5KyxmXbJQfLk02fjmlFYiN3xtlF/ZVJpWjMCJ6spi/wsQXLidWO3my
+0scMWxHaeMTkhta7zNw72fjxu358zIYH6buGD7kUySM3ZVdY94cRwdn3fIddXvkD
+JsmsA2u9/9TcQ5pngkLzkVSuEM+Jf9QMc+gZV03HpofFVnCQHhY218CZFWky2M3I
+MOB5Jg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4TCCA8mgAwIBAgIRAMVX6sMefiH7Am8g4Ja2utQwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xODAxMjYw
+OTE1MTBaFw0yNzA1MjAwOTE1MTBaMIGCMQswCQYDVQQGEwJMVjEZMBcGA1UECgwQ
+RW5WZXJzIEdyb3VwIFNJQTEpMCcGA1UECwwgR29HZXRTU0wgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkxLTArBgNVBAMMJEdvR2V0U1NMIEJ1c2luZXNzIFZhbGlkYXRp
+b24gQ0EgU0hBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMm7v3EQ
++7OZa8dXKt662wIHQ6TX7XxCIbZ83jCBGUgZL3NO5Z0J+BtUwlidEFw/Wn2OKPqe
+qndHhHyJR5GG556gLdCxYqVj9IBSvJYTJfXdlqSlByE3RAp0tFn7bnfjW8MqUJm0
+p+P+GSWeH4mSNToP/xtnhW8h994TrJVnt4LQz3gLh3TG6ynLT00vlNeaGOAXnIii
+EGiZ33W3eiI4OMh/9M9twZ6SOUE47E+Y462xI0zWHw6AKytnHV0EbDz2iDJCjW7r
+IjK9yDf3e/jQj8+OqLUObhZol0FUwnCQEoqwqAj50030o2vwOlDEd4IekrpAmfeV
+f+lM9pCIaokGdvECAwEAAaOCAU0wggFJMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
+VR0OBBYEFDgtueEnJwEqmCoK8Mz5NswwS7CPMB8GA1UdIwQYMBaAFFSZ3Zv/6KcO
+oxmdW75CV98w/I8yMA4GA1UdDwEB/wQEAwIBBjA4BgNVHR8EMTAvMC2gK6Aphido
+dHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9nc2Nhc2hhMi5jcmwwbgYIKwYBBQUH
+AQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0dW0uY29t
+MDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwvZ3NjYXNo
+YTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRwOi8v
+d3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEBALDhLZHooMj/f7hv
+7HxQC1XVyBGflU4/cDT1wPYdb0PxKZFSR0UInCg0SKn38hvcuvJ4buUpb/jpaMjN
+LB7PoikICc/INwiNEEBZ2SR0I/MdujmQRgKnxPuklhpQLKlmE1ED5BsjEm5oMzim
+MN59j6I23EHQ1BE+M3Hd93NMkXtSl0rHY1RQUn8XP6nE9zU6BlGeDK0dvYf0Vome
+ZJhhsL3F97O6/pEEGltEX/HF6yVQsr7hQIIjQiww10rCFu/0jTL0rjZt7GbnKncU
+Thu5gjQxhp3EeeXfrZAnVUrhxFKyxi6tBvrSPTf6r7UxpPjGH5jnJ5azSL/LyRIK
+cMu0PIc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEzzCCA7egAwIBAgIRALDv0CqBvxzon3oYwpTkwzwwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xODAxMjYw
+OTIwMTRaFw0yNzA1MjAwOTIwMTRaMHExCzAJBgNVBAYTAkNOMTkwNwYDVQQKDDBH
+bG9iYWwgRGlnaXRhbCBDeWJlcnNlY3VyaXR5IEF1dGhvcml0eSBDby4sIEx0ZC4x
+JzAlBgNVBAMMHkdEQ0EgVHJ1c3RBVVRIIFI0IE9WIFNTTCBDQSBHMjCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJcB/96FVLcfbrXt1DCD8q2AL2W3ZYWp
+SVTAKQwYIDT3h1tDwC2amGQgtXImPMO2w2/1ALZsKrsQp34m9W7YQMrsh/OIiutG
+Hl5VuDSEfSEJfk4N9m6lj8OEiYW0rOHKidH+OOhKU/D2yzM9I2x0JCXAaKhot42F
+yHWKO1+TOOVXF4pgFVnLgmiSYmUP5D/dlgMuxaDs+JdVX4Yg5NTwztHA1eWmkIyV
+7hxW3sjsOtKkCE53N2S8fAZ7zmH1yQ3mMqsyAnPupa99dcMXWDrZrYFqp09SF+15
+FCWB7B7811aUkgMtAtH43kyqux2NdNdUFgFu67cljaImqj084I7SDNMCAwEAAaOC
+AU0wggFJMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFIf+cKksRTX/4Qo2
+HdJlyk31neeFMB8GA1UdIwQYMBaAFFSZ3Zv/6KcOoxmdW75CV98w/I8yMA4GA1Ud
+DwEB/wQEAwIBBjA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vc3ViY2EuY3JsLmNl
+cnR1bS5wbC9nc2Nhc2hhMi5jcmwwbgYIKwYBBQUHAQEEYjBgMCgGCCsGAQUFBzAB
+hhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0dW0uY29tMDQGCCsGAQUFBzAChihodHRw
+Oi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwvZ3NjYXNoYTIuY2VyMDkGA1UdIAQyMDAw
+LgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRwOi8vd3d3LmNlcnR1bS5wbC9DUFMw
+DQYJKoZIhvcNAQELBQADggEBAC6NUsN0v8zzs20WzQvQSH2O/ZgKb2iPJjQHYs4d
+PEDZCw/i8uXq3juDv223U85QMXbXq9Cz3lsmbhoyI1flABaOdeyAbaWuTcTC2e47
+HCJ9eRHe07HZjUHXoKKl7h3WN59C7CQF9ZO1WeSjKgGPYKNte2FBnwx0n+4xwsHf
+PDjs3GcWml0R6Ciw5zeycStQFe9Tthpe1NvoLGZwKd5Wq5/vh5fKfC/1+GYrSybK
+LUGZNMhjHfU2IQ2FV3xbfclEtkmI+03RvcfmnqJnPMX+dIWevODk71+8Myl6kQ17
+GgkxQCU+5yPgFGXCCG9jS2U4bsmr0ipftj4Tb1/XabrQHgo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEzzCCA7egAwIBAgIRAJ6ctpQmxFzEMG0+HMKnnvwwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xODAxMjYw
+OTIxMjlaFw0yNzA1MjAwOTIxMjlaMHExCzAJBgNVBAYTAkNOMTkwNwYDVQQKDDBH
+bG9iYWwgRGlnaXRhbCBDeWJlcnNlY3VyaXR5IEF1dGhvcml0eSBDby4sIEx0ZC4x
+JzAlBgNVBAMMHkdEQ0EgVHJ1c3RBVVRIIFI0IERWIFNTTCBDQSBHMjCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMDLbbV1dYvEftQMNfTaz2J+Vb7YW6eG
+h7vQoLFXmltElELtbNFxu+shcLWMiFLjSfcaXc0r8bGq3VW9kok0N3J/Apc90onm
+eUfbCBZBXAEyIUeu8LsU8naac6uAYSNQAL4eeXQ4fjoQCAU1dPyHx9OSS4ypuMe6
+QTXAlvGYq2cskHQE7W7JeakPl3zks8R8ZEjbZbM3PXneBjphV4eagOqTTg06fmjZ
+NN95oryp0gNiC3Z3vJ2cKSmbcbQnXpRLo5+h1E0llyP4FP4EuLG7k8u7WL0x/5P/
+8kKycx7zv2vR7oPLkfJQs4clpFxS/pV1gQ/N7ytaoNz0SCco52qFjk0CAwEAAaOC
+AU0wggFJMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFCJLk+U7Rq+pAesD
+28qag7hcrw3xMB8GA1UdIwQYMBaAFFSZ3Zv/6KcOoxmdW75CV98w/I8yMA4GA1Ud
+DwEB/wQEAwIBBjA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vc3ViY2EuY3JsLmNl
+cnR1bS5wbC9nc2Nhc2hhMi5jcmwwbgYIKwYBBQUHAQEEYjBgMCgGCCsGAQUFBzAB
+hhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0dW0uY29tMDQGCCsGAQUFBzAChihodHRw
+Oi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwvZ3NjYXNoYTIuY2VyMDkGA1UdIAQyMDAw
+LgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRwOi8vd3d3LmNlcnR1bS5wbC9DUFMw
+DQYJKoZIhvcNAQELBQADggEBAKLTpe4QKlf4Vi4Of9lC6UWcxuT5q9sh+7rzmLrK
+jIiHvfen2ecxvylGGBhfkUXDArCVrNfKfQsPrtGXPnJHy5h8TgItDWOrfcQlm60r
+yxK3mCaVHFQFZKZ3LIyV92VoMnA265QKISLonbeYtGwz47Tc0avHBbBMQB6C+pHQ
+cR8VpwghvgB8Lxnoa3+TQ1gpFNxr58h4V3nxlnHTZCoQo496Kk1OCO1I4vH3pamV
+oeMWCotR1lOI8wS1eLyDNJlVYDBhr4mVQxjgzNkeXeH9G5qTbOr+CrO9mBK6XQ++
+4fNdvEratxOMwiBsDgAm+qx+uSG3+nK7IZNgFMc6aCG2Vhw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEzzCCA7egAwIBAgIRANX4Po3a9nyIKeiQFreHfRMwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xODAxMjYw
+OTIxNThaFw0yNzA1MjAwOTIxNThaMHExCzAJBgNVBAYTAkNOMTkwNwYDVQQKDDBH
+bG9iYWwgRGlnaXRhbCBDeWJlcnNlY3VyaXR5IEF1dGhvcml0eSBDby4sIEx0ZC4x
+JzAlBgNVBAMMHkdEQ0EgVHJ1c3RBVVRIIFI0IEVWIFNTTCBDQSBHMjCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBALNPfXyROlIMdwEmVT0Nu3eQlWj6+Hty
+73vWjqUWUVOfWdGFWstQ8jvy6unc1G6b81v1+er9viceJLhVttPBxQ5l4ekWO+wT
+kATYKDRM1e529qFI+rEjOwCQz7lwYA7nLXhfpv6ml068tSarpgr+sLyY8UyhUT4q
+jtSRfR7U4Uq3afGgCFzDirPJI/0GjvBo1v9fqtyvBwAl5LddhmN0T5u2ufTRs3tN
+IAxcWFyWe618/s+ZNA5DTNo+onBJTZ1Dxb/a90moZzyfP7niQ2Q//2s+f4DlNDQ4
+moI0M/xg5vwQQ/CKW5ofxB86TDrNrvcHvo8yieWN1uTp/SvEnbEvXBkCAwEAAaOC
+AU0wggFJMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFLNjEYy6JTesOKDc
+N0TrbQ49PMiLMB8GA1UdIwQYMBaAFFSZ3Zv/6KcOoxmdW75CV98w/I8yMA4GA1Ud
+DwEB/wQEAwIBBjA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vc3ViY2EuY3JsLmNl
+cnR1bS5wbC9nc2Nhc2hhMi5jcmwwbgYIKwYBBQUHAQEEYjBgMCgGCCsGAQUFBzAB
+hhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0dW0uY29tMDQGCCsGAQUFBzAChihodHRw
+Oi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwvZ3NjYXNoYTIuY2VyMDkGA1UdIAQyMDAw
+LgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRwOi8vd3d3LmNlcnR1bS5wbC9DUFMw
+DQYJKoZIhvcNAQELBQADggEBAISNtyVOURlXscYXg5hahYysadf0abiUpMmREnu5
+rYx4asAdLMncnVyUGFgfn/2cQXoZROnWGcYmvtEJbLaAK9k/CcZZFLC+JTJpdLw1
+lxW0KFCqhEl6O1vu0YkzCaTpKw+9jm+AJvsxBHIJgk3v1h+aO7eAskM+PWjIMI86
+6M5wM7CAESLJ8E+gps9jX3uYeb/9O3HLTUucvgBxAxiRNu/FloX3bbc1VmB6q1pH
+wntPTTyqntFt30Kss0b2veA0JcPF0YMXotRYYeFRf9KeY629IBN/f30uYfN8XmaG
+nM7ukUvdQSMgrLQYuRR+FA20Z9DRqMl2IBo51/ddvYFHbAo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEhTCCA22gAwIBAgIPIAYFFnADF4h6C+DTSsOvMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xODAxMzAwOTQ0NDRaFw0yODAxMzAwOTQ0NDRaMHAxCzAJ
+BgNVBAYTAlJPMREwDwYDVQQKDAhjZXJ0U0lHTjEmMCQGA1UECwwdY2VydFNJR04g
+U1NMIERWIENBIENsYXNzIDMgRzIxJjAkBgNVBAMMHWNlcnRTSUdOIFNTTCBEViBD
+QSBDbGFzcyAzIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhdn
+ADWMXBV7FNWXbuDJb/ArPMpquqv+BIGQxjyylMz/zxJ79eMMQ7ZbkeYWBbuKE4Oy
+MlvIWjIFRhK2E5Q0RZ5sIlJAte/ERwEWX8RWwDFaMeXnPqKUxQzW4PHtuczrKxZ4
+XhPwmsXeDCQBi8lRfFvuJtPXMTOlFMcFshPbv1F9Tw658X2KYG/JJdDJgE4Tk6iK
+dbvzbdAZUthSj9H9ivu0VhfsXRIPgBMkoHtKc6M1Qb9f0t384WXO/0yh583Ro1Tw
+ZBh5uuZwhlM+Xedk9x2Y8lxQ5t1DdciByDuMcnqktM07/QLIM2o/6hLKQgVFSdHt
+ItdJQY0+x+XuQ2kpIQIDAQABo4IBTzCCAUswaAYIKwYBBQUHAQEEXDBaMCMGCCsG
+AQUFBzABhhdodHRwOi8vb2NzcC5jZXJ0c2lnbi5ybzAzBggrBgEFBQcwAoYnaHR0
+cDovL3d3dy5jZXJ0c2lnbi5yby9jZXJ0Y3JsL3Jvb3QuY3J0MBIGA1UdEwEB/wQI
+MAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFOCMm9slSbPxfIbW
+skKHC9BroNnkMB0GA1UdDgQWBBT13Lv7iR7KeIF0bLZKbCVNVIF+BjBJBgNVHSAE
+QjBAMD4GCysGAQQBgcM5AQEFMC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cuY2Vy
+dHNpZ24ucm8vcmVwb3NpdG9yeTAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vY3Js
+LmNlcnRzaWduLnJvL3Jvb3QuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQALeM3tQ0MW
+nhrYrVM60Qb3GQDNluO2jLatYyrIIhUHez8niUoYKgOHP0BPET1MTzN2GhcaJNTn
+hmaJMaNBvomyjp40uzpohzt0Id8jXMvMiJ7qlIxnBJVhraiJV7Bh2qG/nMplulO4
+7st8bAZQPyzS2krXyrKQZfIdwmzPVfbMPrlWEU0TTeIgU8vcrcrVotpjqyKG34Iq
+uPTsxCYYc7C3sNb6Kc3tuDmH0KrPKOK/rxU6QLB1G/eRPToBhpOsp7Z5bAvpBlR/
+OejWJ3UBGFMTg+KrnIm0T9gV+b35P7quMvj5UBPAU6ABrCQhZqsrljMaj86q1g8p
+wCmpQ97elXf1
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEhTCCA22gAwIBAgIPIAYFFnADGFeSYBrLdeEnMA0GCSqGSIb3DQEBCwUAMDsx
+CzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJ
+R04gUk9PVCBDQTAeFw0xODAxMzAwOTQ2NTVaFw0yODAxMzAwOTQ2NTVaMHAxCzAJ
+BgNVBAYTAlJPMREwDwYDVQQKDAhjZXJ0U0lHTjEmMCQGA1UECwwdY2VydFNJR04g
+U1NMIEVWIENBIENsYXNzIDMgRzIxJjAkBgNVBAMMHWNlcnRTSUdOIFNTTCBFViBD
+QSBDbGFzcyAzIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXLW
+SO9JeHURmd0Grn1Mf2zZFymVCmWxH/JykD09GZga6uDoc3A7xt3f1TxCng/YHVCu
+QCOOl+UbqKDtbNyCecaw6yU0F/6Fy7pcDGXuWiGwA3oi4LixbDfV7Sh3C7447GBK
+AzzlMXIfprTUI6Sb/Q1IU52TZq5U6bWS2QdZq2uYC02sbi24eCIjnvKTLvKuj+Fw
+3Nwvzkt1EswtKVEmNHAmY/bgZQMLxu6xJGb3cKd4SPrgNRJ9eriQwpg212EQyUXN
+wZy2sCwHKCE3X3HR1wGxzKBcNEAjdUrt2Hi7PANZslreXyrOspVqTiES2hr6Oje5
+mB+ZmXigcO+FXq0QYQIDAQABo4IBTzCCAUswaAYIKwYBBQUHAQEEXDBaMCMGCCsG
+AQUFBzABhhdodHRwOi8vb2NzcC5jZXJ0c2lnbi5ybzAzBggrBgEFBQcwAoYnaHR0
+cDovL3d3dy5jZXJ0c2lnbi5yby9jZXJ0Y3JsL3Jvb3QuY3J0MBIGA1UdEwEB/wQI
+MAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFOCMm9slSbPxfIbW
+skKHC9BroNnkMB0GA1UdDgQWBBQ2O6KeJYcqD/2aSjwn2sunecMMfzBJBgNVHSAE
+QjBAMD4GCysGAQQBgcM5AQEGMC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cuY2Vy
+dHNpZ24ucm8vcmVwb3NpdG9yeTAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vY3Js
+LmNlcnRzaWduLnJvL3Jvb3QuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAoNFaGOZjP
+60JD4jFr6tsb8zknLClE+jzOrehP6oCoIPr6vKsCxwUTKKoYlKBHGcn/OlsgIMFE
+kFs/qVSZFYwSMxnmk12PEYP8NzPCKk/Dvx7eAS6ZfrdbkkfKh8mABYx5QOwegFeV
+yvyxwPM5CirRrGoD/IvW+B62oaW30dKYxCudPTfrFTJP8/U/Ye5jVoq+sg8UcxZ7
+OEntwU5rcNaXgcElfx2cKbOl6PfbN8ojaZmRfuiODv2z33otg3rg+nbNDo1/lx/b
+U1nB8DvtkF+EXB0Sh4EZeTrbRO5KwDa+G7LLNdOORzOxZXlAdwXsNsbC+xFg3+q8
+5paQwSQvbyl1
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHFDCCBPygAwIBAgITBs6C2Z+zsYDCgQIDFKLRx2QAFzANBgkqhkiG9w0BAQsF
+ADCBiDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCElsbGlub2lzMRAwDgYDVQQHDAdD
+aGljYWdvMSEwHwYDVQQKDBhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xMTAvBgNV
+BAMMKFRydXN0d2F2ZSBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcN
+MTgwMjA2MTIyMTIwWhcNMjgwMjI0MDUwMTIwWjCBkDE5MDcGA1UEAxMwVHJ1c3R3
+YXZlIEdsb2JhbCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBLCBMZXZlbCAxMSEwHwYD
+VQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xEDAOBgNVBAcTB0NoaWNhZ28x
+ETAPBgNVBAgTCElsbGlub2lzMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAMRO7orfWjfmz6Y6qoAmDp2lqCJcdvbRQ8w18rl1JE3j
+f/1CScZLrnLg4RDm8JiRcvFuvoMXn/XNUWy5ICG57tjG2nO7jvBuXfvbdkGA+foN
+3yJKMTX/PmmGlN4qpzFtsB0kLrP14/0TRGeJB7qDfAFH0ReFk0ftQobLBGBOpEca
++bv+LhcTe40/uNUSK2yQ9GpIw200mcsD3B9c29Im4tSZFuA2o1vnEeizYW5M4sPX
+Hu7p5ZCxjJrXVNqWUPM38rShhMUNL5uaVYWoi7TG5JXbg0Lmt2nq1k5nnig9Yp/W
+lAFooWXjKQzHf/z+XZ57bqPe7SzLW5pzpZdSmY2VRybAwEmzMjCXgHiP2ru3TpAD
++giakPDoz3ZmbKjwYKZ5PmnOmXx0Z2GloO37MjamjPor/+fZohfyma7VAQE8znJt
+I9MVoRN3G3gW/tuT3jXfzYdFBlfGoO7OYyLN1LK5YBKH2qXrCHD8rG2DauBt7U+w
+fOvwfkp8FcdTnfQ92Xe65U3Xdu0eCgQJbChxZtWhhLnbY6xhmwAWyJ1my+Im72Kx
+GP/XcA8SH2sz6/k0782BjRckDuFpVVpTNYl9wqe/tuOrZhWPapOsRlfsDTuhgGu5
+2inM9sU3CAzmFE85zoRQFZQSof3kFN2rUZF20bmTak99cBNLli6/ja3+KntpZ08d
+AgMBAAGjggFrMIIBZzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFHM4IMZH
+babGL3tQ4EDe3sedR958MB8GA1UdIwQYMBaAFJngGWcNYtt2s9o9uFvo/ULSMQ6H
+MD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3NzbC50
+cnVzdHdhdmUuY29tL0NBMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwudHJ1
+c3R3YXZlLmNvbS9UV0dDQS5jcmwwbgYIKwYBBQUHAQEEYjBgMCYGCCsGAQUFBzAB
+hhpodHRwOi8vb2NzcC50cnVzdHdhdmUuY29tLzA2BggrBgEFBQcwAoYqaHR0cDov
+L3NzbC50cnVzdHdhdmUuY29tL2lzc3VlcnMvVFdHQ0EuY3J0MA0GCSqGSIb3DQEB
+CwUAA4ICAQBwnSHECaf+hfGrm3Cg+aRr57ytoOSzI1DjlTNcM7k4uSt6kJRPHJ4c
+ldIujMaETV52RgE6ykaMGkuIwQOIsLI6SXwjU1f5gXFUbDTS3KTWc/jwQeyLmdOe
+hvc+wBSFv8d10Sx/Qiti8mqsTqr0+N94Cx01+SkiWxWWoSZOAPkz8DMQGlD4yndK
+ceTMGtQ03cLnD/36Mv6tz/Ds9l/OExrJGGxHD0tmYwYwBZpPHm7BBY2ZzycVxLcg
++uuggcX1pg5MhJ1rDyod+7X+ilvTgH7ftHCmxvR7viMLwSUuytZ05zb2teRQgU+8
+iWnPEHO/ADm5VD1Zb5Rx0579/YEENBJtGUPPJzo+JEpiZIOIlwZ69ETWWNCLZr0V
+voi+SDl65cr+dgR9JreJ2I4W9FzS45ruxYEC8LGKEmV46sAk1YLbnIBmhehAKy9t
+P8RVz3QXYJ6rLOAuXF7R2eVV0SqfivW9bVzvBZTUTFsbdSMBAAF1BJjdRqYR63DI
+cQASY7CRoUiak1NTgPkzeV8VcNJmUt8c2eKJIifqBAjquH6+6UXs9Ol0aMPn6v0y
+B+TSuxhX2sSrpna9QcOh/QyoR5Hvcd81rZSbMc7yasKoUMXviotV1SfEqs3RU5Ts
+wnU4NHPn5ITRiuh5VMuvB/VnjnPC953u5uqAGtZ8BkC7X9cu5E0rMQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDpjCCA0ugAwIBAgITBs6C2aIKN5fNh46z2qQdCGgK9zAKBggqhkjOPQQDAjCB
+kTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdDaGlj
+YWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xOjA4BgNVBAMT
+MVRydXN0d2F2ZSBHbG9iYWwgRUNDIFAyNTYgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkwHhcNMTgwMjA2MTIyMTIwWhcNMjgwMjI0MDUwMTIwWjCBnDFFMEMGA1UEAxM8
+VHJ1c3R3YXZlIEdsb2JhbCBFQ0RTQSBQLTI1NiBFeHRlbmRlZCBWYWxpZGF0aW9u
+IENBLCBMZXZlbCAxMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4x
+EDAOBgNVBAcTB0NoaWNhZ28xETAPBgNVBAgTCElsbGlub2lzMQswCQYDVQQGEwJV
+UzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABKXHfFxFDVI6uYWZlWciFFKtYzuJ
++IBhot3PQGikE3sjU8d9dARkZCkInqmDyP/+XiLzgrYPMy7NS8lZcRsE5p2jggFz
+MIIBbzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUE
+FjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwHQYDVR0OBBYEFAwlVqqzYgakv+7gGxtX
+zC8s9g1QMB8GA1UdIwQYMBaAFKNBBqyQbdFK63WlShCZs7Ghi0r3MD0GA1UdIAQ2
+MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3NzbC50cnVzdHdhdmUu
+Y29tL0NBMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwudHJ1c3R3YXZlLmNv
+bS9UV0dQMjU2Q0EuY3JsMHIGCCsGAQUFBwEBBGYwZDAmBggrBgEFBQcwAYYaaHR0
+cDovL29jc3AudHJ1c3R3YXZlLmNvbS8wOgYIKwYBBQUHMAKGLmh0dHA6Ly9zc2wu
+dHJ1c3R3YXZlLmNvbS9pc3N1ZXJzL1RXR1AyNTZDQS5jcnQwCgYIKoZIzj0EAwID
+SQAwRgIhALahroq1NScrFeCvG5uMgMKH/bo190D+Mkh2ZIojrUOfAiEAosFXFE73
+0WLRPjX2uOkLhXuA4cQEb1R1oeGDH4MNVOo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID4zCCA2igAwIBAgITBs6C2aMxWUUwAGeBgpOH5A28tjAKBggqhkjOPQQDAzCB
+kTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdDaGlj
+YWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xOjA4BgNVBAMT
+MVRydXN0d2F2ZSBHbG9iYWwgRUNDIFAzODQgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkwHhcNMTgwMjA2MTIyMTIwWhcNMjgwMjI0MDUwMTIwWjCBnDFFMEMGA1UEAxM8
+VHJ1c3R3YXZlIEdsb2JhbCBFQ0RTQSBQLTM4NCBFeHRlbmRlZCBWYWxpZGF0aW9u
+IENBLCBMZXZlbCAxMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4x
+EDAOBgNVBAcTB0NoaWNhZ28xETAPBgNVBAgTCElsbGlub2lzMQswCQYDVQQGEwJV
+UzB2MBAGByqGSM49AgEGBSuBBAAiA2IABKcVGieqBjW3BuVza9VhkBlpGLHLZqQg
+I0GXaTpt5CogNWz6BmlZ1yAPjRnDUVfVwl57ATRtV7u+5TPFzKZ+RheFVc0iA8vl
+Q2JINGRz8XLDaivvuygQtFKSzCWn4e66cKOCAXMwggFvMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDATAdBgNVHQ4EFgQUMFfit09gayJACkNfT/oNzXO8JCcwHwYDVR0jBBgwFoAU
+VamEidLBMr0Yy2ymB07I552+gpAwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vc3NsLnRydXN0d2F2ZS5jb20vQ0EwNwYDVR0fBDAwLjAs
+oCqgKIYmaHR0cDovL2NybC50cnVzdHdhdmUuY29tL1RXR1AzODRDQS5jcmwwcgYI
+KwYBBQUHAQEEZjBkMCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50cnVzdHdhdmUu
+Y29tLzA6BggrBgEFBQcwAoYuaHR0cDovL3NzbC50cnVzdHdhdmUuY29tL2lzc3Vl
+cnMvVFdHUDM4NENBLmNydDAKBggqhkjOPQQDAwNpADBmAjEA6pScrGT+SruK7iON
+7iDJZfhQsjfQIhaq9sHiEXd89B8ibWOb57no/K265dPxeuALAjEA27NTMZM344eT
+X3df9B22dY5ZshsUMIiRcMo1K4B/GBO8SIA0jParkHS5g4WO5K7O
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHGDCCBQCgAwIBAgITBs6C2aaXA67+XTfRiFjHQCawBDANBgkqhkiG9w0BAQsF
+ADCBiDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCElsbGlub2lzMRAwDgYDVQQHDAdD
+aGljYWdvMSEwHwYDVQQKDBhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xMTAvBgNV
+BAMMKFRydXN0d2F2ZSBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcN
+MTgwMjA2MTIyMTIwWhcNMjgwMjI0MDUwMTIwWjCBlDE9MDsGA1UEAxM0VHJ1c3R3
+YXZlIEdsb2JhbCBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBDQSwgTGV2ZWwgMTEh
+MB8GA1UEChMYVHJ1c3R3YXZlIEhvbGRpbmdzLCBJbmMuMRAwDgYDVQQHEwdDaGlj
+YWdvMREwDwYDVQQIEwhJbGxpbm9pczELMAkGA1UEBhMCVVMwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQC8BzZtA3eWejFOGHc2DLgex6P471dLWIIHSlrF
+Y4a2BCtzAd/VlpQ3gslWnTgthOmK2/hCc+WSaOLPVZzZf3lGnxbb0+Y87Kx+nS1m
+IfJ/4OR6o8XLMLoCTAI1jsWxggiB4NBMqsW2xXQ5VAvBb66KEQYbshNlRpTbtBFq
+Eed4YIvCdjbnCUOy1zubgVHUVyCFHzN4XPjEQCtT5vZM576Lt10Je9COnqG0CtPU
+QNP2tjnSmOOYdWcVRZ0UqXUl2fMBfmSDHd8902foigjpP04AYYbq6AetqEgqdvQP
+xz5pVbZqzy8UrE/s/raJLFyTuIAYVt18M0whSgWzGgUWkq2xRqbfn7b1hd56dwRb
+R7pKc51FyTbeocnKlYLC+Dlzp7iKQ3Pb7WHRwLhaJB7u4CzwqhUxHc0xplMYsq92
+MbZ6WN5L5mI7hxY8gLMOR7vNX9CKz9XcYRS01iCDe5Y/9muW8bzGyNXLX1YaHAy4
++6ncksb3Y3RUKj3f0+T4nbiRISmGazravJKSssBLP3kPa9h5aX+Vd00eL+Q7sXrh
+FO7xz+oWtOL5rfVszyc87JQvjw1sDHA710nViqzUE1bJZNe61EXdCb/RV+Wsu+rO
+cAMSr5x2j/wW875sh+U3EJmTzdEBUBxHnBD2mDTyonT7wL47TRXTEO1IaS4mVbnv
+o0jWvQIDAQABo4IBazCCAWcwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBS3
+/VNzOCaKcKuTyoupCOrH07fj/TAfBgNVHSMEGDAWgBSZ4BlnDWLbdrPaPbhb6P1C
+0jEOhzA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9z
+c2wudHJ1c3R3YXZlLmNvbS9DQTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3Js
+LnRydXN0d2F2ZS5jb20vVFdHQ0EuY3JsMG4GCCsGAQUFBwEBBGIwYDAmBggrBgEF
+BQcwAYYaaHR0cDovL29jc3AudHJ1c3R3YXZlLmNvbS8wNgYIKwYBBQUHMAKGKmh0
+dHA6Ly9zc2wudHJ1c3R3YXZlLmNvbS9pc3N1ZXJzL1RXR0NBLmNydDANBgkqhkiG
+9w0BAQsFAAOCAgEAFXwfmELpEGKUguzVTMix79XbUnkfLa7IXcqBOrwOWEF1V8F1
+xGY6jLlUTtoEXRYZwCpqOK/i4m4nmWCYE45O7URR8nqeFffceTi62t4Yvh6LkC9g
+Unj3aChLiO/Zdxilq6vfsXO0mKafrGtZXwjyskS250Pj9DsANs57QqvYN4hqbplJ
+zc95p09OUvEhPiyRyx6FyY28U+3X6+mSNMJWd4Nhr+3HtvmItLIXP2JCLxuYtu/K
+6nKcpFCFFKeF8K3PWpjsAb0hfXL4vc3WfyCYsQnvJeisyAh7yEuge2iDwl1/xXIo
+EOAyyYAxvy5UnzcAa0Z2lwjptve+jZ4gQ+A1ioYUavR3pSfBNzuJW30nZCWFadKc
+NXOPoAPkK8JLxgRBH3JboeBCXG6xgy/pXrTjyhW7/SS+Z+7eKkp9jgdTVQ12yUtc
+CiYWUuM4l240D/z+s03WOEcLTluESwFkJhzs3D9i5crTL72uSkDDmlh8HXoPAyYO
+l3Mn9cGWhd8M8IeQRXmb6O7gvvQZDoSXDVDbjBKcW1lFpi0wBxIBzLaOi4CX4OhI
+JHJ/H3duOMaltuzXLSLkc26jwHzMeq8seQRSXraXJi1t5oBKlmEWFEgq6xlH7mLW
+3TOqS19cuiSWl/CsnlLGaW8MH5YHmk+MJxQE1BcLBs6ciapvHlhLEd9EUpU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDqDCCA0+gAwIBAgITBs6C2ai1fBBIQ5lNrNeeKGM+XzAKBggqhkjOPQQDAjCB
+kTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdDaGlj
+YWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xOjA4BgNVBAMT
+MVRydXN0d2F2ZSBHbG9iYWwgRUNDIFAyNTYgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkwHhcNMTgwMjA2MTIyMTIxWhcNMjgwMjI0MDUwMTIxWjCBoDFJMEcGA1UEAxNA
+VHJ1c3R3YXZlIEdsb2JhbCBFQ0RTQSBQLTI1NiBPcmdhbml6YXRpb24gVmFsaWRh
+dGlvbiBDQSwgTGV2ZWwgMTEhMB8GA1UEChMYVHJ1c3R3YXZlIEhvbGRpbmdzLCBJ
+bmMuMRAwDgYDVQQHEwdDaGljYWdvMREwDwYDVQQIEwhJbGxpbm9pczELMAkGA1UE
+BhMCVVMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQmHWo0mogvX1J61xysTqsn
+6qV06wxUH68/QJ2aDIka6beTrDoTZv3mIkyPxFTPy+9idjgSAERlBsDirgO2/NiY
+o4IBczCCAW8wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwHQYD
+VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBSv+Ju8XTSl3tA+
+FCldDY4lrbClhTAfBgNVHSMEGDAWgBSjQQaskG3RSut1pUoQmbOxoYtK9zA9BgNV
+HSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9zc2wudHJ1c3R3
+YXZlLmNvbS9DQTA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vY3JsLnRydXN0d2F2
+ZS5jb20vVFdHUDI1NkNBLmNybDByBggrBgEFBQcBAQRmMGQwJgYIKwYBBQUHMAGG
+Gmh0dHA6Ly9vY3NwLnRydXN0d2F2ZS5jb20vMDoGCCsGAQUFBzAChi5odHRwOi8v
+c3NsLnRydXN0d2F2ZS5jb20vaXNzdWVycy9UV0dQMjU2Q0EuY3J0MAoGCCqGSM49
+BAMCA0cAMEQCIGa3JyBYlXxRN5GIIulLaDxnANNRnY4j1Et166CCC5h+AiAVUlzJ
+IJTfUDBU7jnSTKSw/F+bLIPvaC6frMZv0h+RTA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHCDCCBPCgAwIBAgITBs6C2a0wRlzyJpfyRrEB7JKVOzANBgkqhkiG9w0BAQsF
+ADCBiDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCElsbGlub2lzMRAwDgYDVQQHDAdD
+aGljYWdvMSEwHwYDVQQKDBhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xMTAvBgNV
+BAMMKFRydXN0d2F2ZSBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcN
+MTgwMjA2MTIyMTIxWhcNMjgwMjI0MDUwMTIxWjCBjjE3MDUGA1UEAxMuVHJ1c3R3
+YXZlIEdsb2JhbCBEb21haW4gVmFsaWRhdGlvbiBDQSwgTGV2ZWwgMTEhMB8GA1UE
+ChMYVHJ1c3R3YXZlIEhvbGRpbmdzLCBJbmMuMRAwDgYDVQQHEwdDaGljYWdvMREw
+DwYDVQQIEwhJbGxpbm9pczELMAkGA1UEBhMCVVMwggIiMA0GCSqGSIb3DQEBAQUA
+A4ICDwAwggIKAoICAQChh5brvvk/kFUZwhlUhqdsUmsMCBjzYqBBLnTyNrKPr4nd
+S9s2h2JvA+9TY7NnJc/Mq1eN5V6zqvbn/LN3c8W06f76xrVvFEKs5SzCefUS/V3Z
+C18dgwXXFrP+RgfK2kqfTHGIPrWoRSnUiLn3iUNEBtJ06oXjAqAMnAyL5AzD+eHm
+ZzRK/yCw/gMPnVp2S7Dstka607fS4fW9Sl33mOMNwJRxEjQWHHR25PAb4muP6wjN
+vmoLMgiDMKseHSFVtC7SpmO89PsrUV6MahKJrZcAfquAyoO1zR2c2eGaCI/m8oSx
+3B7KiMZJ3NZims/siMp/5szemsutf36WJ31nmr7PqLJGJdVpoxbLckWIhZnNYSFm
+/pTutpNONqpyYC2gGSXdw5LuxU61913SbAPpk8DZiHi3WslHBo26ghXG++sgJUGj
+htKZhiYlp8uD21WTP6/60wngpXyCtt9cpHxW1lXmqcxwe2J4/2S3xjHz1dC6BKxb
+r61HCPVrbTD90CZUpMI8JPdsVbz5eegv+SIyybHxZe4S0D9Kv5pgWfqdXf0BAiJC
+TbGwYmFr4uisKhkfMThyOgWEH+CRBzQqdZREQ5lTIlVyzi3jGPuu9Q6brAS9U9Ue
+QhUwX8TtY8Igfo8HlhjugDpy6WvDYQ9i+tG3AC6v8sJLdOOU83Lr+2C1LEF5ZwID
+AQABo4IBYTCCAV0wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYw
+EwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFIaZQQzOP7aMcEnlkwfwhgcd
+LXqVMB8GA1UdIwQYMBaAFJngGWcNYtt2s9o9uFvo/ULSMQ6HMD0GA1UdIAQ2MDQw
+MgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3NzbC50cnVzdHdhdmUuY29t
+L0NBMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwudHJ1c3R3YXZlLmNvbS9U
+V0dDQS5jcmwwbgYIKwYBBQUHAQEEYjBgMCYGCCsGAQUFBzABhhpodHRwOi8vb2Nz
+cC50cnVzdHdhdmUuY29tLzA2BggrBgEFBQcwAoYqaHR0cDovL3NzbC50cnVzdHdh
+dmUuY29tL2lzc3VlcnMvVFdHQ0EuY3J0MA0GCSqGSIb3DQEBCwUAA4ICAQAmn0jp
++lNp188KxjKQZtpJ3mixLmuqGdH6SVpRs40BYQg/68xOPH3C6AJ17tqE6IwZMW9s
+lgiO4B7khR3ESA6Sct3zmkA8woR/KJVzzegjscHhtQUifQ+Eb9Gi0ORNnetGV+5g
+5vlrFZMptBRGUxXMo2xa+Z/NTyimpMopfXj7qCW/nQWQbzvkQGchK9IokyqV2wra
+tX68/P3zleG+LLwzoJd5AhHYSXWrIRJpClZHN+LQKkbI3MYW7+upo/1e9HEmFKxu
+5SFV3nuQm5wSOsz/ZtIL1AS8IoZYxcSe1Q/yuV9GjnxtL1jkPbzsBx4eBGxUrcIe
+sBat6SI8G58uHTpIPpqUxRYsg8w0FdjK3kNBB5QWDeXiDxzqIRzA0iE1kHeTXRZ3
+7qgGXUcce7ciW5KqeRApjQbD5BSZG2EKkQ7aaOhvxK0LiuxHZnjPW4/fdEcaCuku
+MT5qMDiF2U85V9BvanEy/xkYn4I2UeK4EdSXe7q6j+CIJz9WnoLQDbIS04GqIWe0
+VRQUlx3idUWYSJU/SG8KrEHhlJLmgSjshCwtT6qo4vHwT5WcWDLIbjMqgL1iQ6JS
+4gxXuOGia3d0I4/wec5x23EWwx9V8BtDJ8N7NDeRNmZ8RXOHSYJsVQYIQuFUEXE1
+v3WMSIxuyQMyR5FYSCG9xnKRFzNmiPngDil5IA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5jCCA2ygAwIBAgITBs6C2anY4pg375C+r1ncZVG+1jAKBggqhkjOPQQDAzCB
+kTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdDaGlj
+YWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xOjA4BgNVBAMT
+MVRydXN0d2F2ZSBHbG9iYWwgRUNDIFAzODQgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkwHhcNMTgwMjA2MTIyMTIxWhcNMjgwMjI0MDUwMTIxWjCBoDFJMEcGA1UEAxNA
+VHJ1c3R3YXZlIEdsb2JhbCBFQ0RTQSBQLTM4NCBPcmdhbml6YXRpb24gVmFsaWRh
+dGlvbiBDQSwgTGV2ZWwgMTEhMB8GA1UEChMYVHJ1c3R3YXZlIEhvbGRpbmdzLCBJ
+bmMuMRAwDgYDVQQHEwdDaGljYWdvMREwDwYDVQQIEwhJbGxpbm9pczELMAkGA1UE
+BhMCVVMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATvG09PrsO8UQZhH5Zw54rwgcUw
+KjC9D2V3myjD5WOa8uxdTL8PzdwPk4TCcSf6UUG1Tt74j/I+vBOi2tgMcDt68Zld
+vTj+jZT1BBYTQtYh6/dOUjmiapQU5XqoFMRNubGjggFzMIIBbzASBgNVHRMBAf8E
+CDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
+KwYBBQUHAwEwHQYDVR0OBBYEFDoXwH5iO1eguEDKzDRHzZZ+/AmIMB8GA1UdIwQY
+MBaAFFWphInSwTK9GMtspgdOyOedvoKQMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgG
+CCsGAQUFBwIBFhxodHRwczovL3NzbC50cnVzdHdhdmUuY29tL0NBMDcGA1UdHwQw
+MC4wLKAqoCiGJmh0dHA6Ly9jcmwudHJ1c3R3YXZlLmNvbS9UV0dQMzg0Q0EuY3Js
+MHIGCCsGAQUFBwEBBGYwZDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudHJ1c3R3
+YXZlLmNvbS8wOgYIKwYBBQUHMAKGLmh0dHA6Ly9zc2wudHJ1c3R3YXZlLmNvbS9p
+c3N1ZXJzL1RXR1AzODRDQS5jcnQwCgYIKoZIzj0EAwMDaAAwZQIwMyHlVCVMacxP
+O0fC+uc4M7Eq1F9woaWBmLSSNC6EWe3nShMqsR9HrNWrOHBHucNWAjEArwrzEM8g
+JkR4iZxbyYNIn2sNEkNZt2pxqJn4G2cDDDFfOarykKVzP1aJ9OMdYUvs
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID1TCCA1ygAwIBAgITBs6C2bB6F8xTdhV4EziaKTCkSjAKBggqhkjOPQQDAzCB
+kTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdDaGlj
+YWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xOjA4BgNVBAMT
+MVRydXN0d2F2ZSBHbG9iYWwgRUNDIFAzODQgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkwHhcNMTgwMjA2MTIyMTIxWhcNMjgwMjI0MDUwMTIxWjCBmjFDMEEGA1UEAxM6
+VHJ1c3R3YXZlIEdsb2JhbCBFQ0RTQSBQLTM4NCBEb21haW4gVmFsaWRhdGlvbiBD
+QSwgTGV2ZWwgMTEhMB8GA1UEChMYVHJ1c3R3YXZlIEhvbGRpbmdzLCBJbmMuMRAw
+DgYDVQQHEwdDaGljYWdvMREwDwYDVQQIEwhJbGxpbm9pczELMAkGA1UEBhMCVVMw
+djAQBgcqhkjOPQIBBgUrgQQAIgNiAASxlBEflNumTKsypgdOscM2x6ZRpQGSyB4B
+hJScRQI81UhZvzYSwxPWcxNZwFQoV457HfqR51pviJnHltRS8MJhJ9Q9Rf1sSmy4
+W6SPsM9qnBjwfBRxghByIsEIaTW/PKyjggFpMIIBZTASBgNVHRMBAf8ECDAGAQH/
+AgEAMA4GA1UdDwEB/wQEAwIBhjATBgNVHSUEDDAKBggrBgEFBQcDATAdBgNVHQ4E
+FgQUp6etGGS1u/oGGEfIwJ68Zf9pAWAwHwYDVR0jBBgwFoAUVamEidLBMr0Yy2ym
+B07I552+gpAwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBz
+Oi8vc3NsLnRydXN0d2F2ZS5jb20vQ0EwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDov
+L2NybC50cnVzdHdhdmUuY29tL1RXR1AzODRDQS5jcmwwcgYIKwYBBQUHAQEEZjBk
+MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50cnVzdHdhdmUuY29tLzA6BggrBgEF
+BQcwAoYuaHR0cDovL3NzbC50cnVzdHdhdmUuY29tL2lzc3VlcnMvVFdHUDM4NENB
+LmNydDAKBggqhkjOPQQDAwNnADBkAjA6fS1jRjt+DvnWSI58v4lX+8DCXbdEhDaB
+bBOS/rXwS/ntsFXqTf0B90GPv3AWlFMCMBbz6nXMwX0jKRkaFZOZx9tvwUapdq7M
+6jYpT/NnAzH68x1t3/7ysZ8lPuKIqAwdKQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDmDCCAz+gAwIBAgITBs6C2a9TFCOEe4X7Z3kyqvgFCDAKBggqhkjOPQQDAjCB
+kTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdDaGlj
+YWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xOjA4BgNVBAMT
+MVRydXN0d2F2ZSBHbG9iYWwgRUNDIFAyNTYgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkwHhcNMTgwMjA2MTIyMTIxWhcNMjgwMjI0MDUwMTIxWjCBmjFDMEEGA1UEAxM6
+VHJ1c3R3YXZlIEdsb2JhbCBFQ0RTQSBQLTI1NiBEb21haW4gVmFsaWRhdGlvbiBD
+QSwgTGV2ZWwgMTEhMB8GA1UEChMYVHJ1c3R3YXZlIEhvbGRpbmdzLCBJbmMuMRAw
+DgYDVQQHEwdDaGljYWdvMREwDwYDVQQIEwhJbGxpbm9pczELMAkGA1UEBhMCVVMw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATWpfTIQFPkZIoXXMDN9utRU+AbLGcg
+BmLA06x2qqdcpCMlYFoJhuRWzYCiqz1mKrAvNlQYkgoHfemk92sf8iaro4IBaTCC
+AWUwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0lBAww
+CgYIKwYBBQUHAwEwHQYDVR0OBBYEFA/DUGGZflb1xtmcOeiDWJAHuhq0MB8GA1Ud
+IwQYMBaAFKNBBqyQbdFK63WlShCZs7Ghi0r3MD0GA1UdIAQ2MDQwMgYEVR0gADAq
+MCgGCCsGAQUFBwIBFhxodHRwczovL3NzbC50cnVzdHdhdmUuY29tL0NBMDcGA1Ud
+HwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwudHJ1c3R3YXZlLmNvbS9UV0dQMjU2Q0Eu
+Y3JsMHIGCCsGAQUFBwEBBGYwZDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudHJ1
+c3R3YXZlLmNvbS8wOgYIKwYBBQUHMAKGLmh0dHA6Ly9zc2wudHJ1c3R3YXZlLmNv
+bS9pc3N1ZXJzL1RXR1AyNTZDQS5jcnQwCgYIKoZIzj0EAwIDRwAwRAIgICvA5ttD
+0oeUcd37iYvoQ7iMIpZINp4e1j5NrlI3UnYCIEZhimm9+1dUWAfx9ZkGmIu0HiHR
+zEZifAHbPM3SJbRu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE1DCCA7ygAwIBAgIQA1VnVdetA7HTEgPR8rdfYzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTgwMjA5MTIzMjA3WhcNMzAwMjA5MTIzMjA3WjBkMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSMwIQYDVQQDExpEaWdpQ2VydCBBc3N1cmVkIElEIFRMUyBDQTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANk0lpEHpyv4ILDp4VhfYBN2hTae
+Msg3ZlO+FkWUfTWSoSF7eP2WWvy9DzSXVtmDwRG0kint16jgmz0nZD1nWS//JnMr
+DXeVpDxzqGzJQO1lC2aQOlNFCDEPeuwZJbqOcIyKiaXSklJlQRsurKWOnzl227Zd
+bDArMg/+9+4Ada3ueOdrfi4XkqVOTv9D1ii+A4r2J3VTDkg8PiX0e6/mo9e5yBaj
+7ZIr2HuMwVQAmfMnp1nVBK29FTXA24bTauAdfGRG35DfbZniUZe/7r8+dMfgqZPN
+1JayEnEZLXRT6nVuxjTWiqEwLHusmVfkNr4KHd5lM79dcW687YWTInuhHOkCAwEA
+AaOCAX8wggF7MB0GA1UdDgQWBBQW0njk6IONw24BffnOO82DlQoE4DAfBgNVHSME
+GDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYI
+KwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j
+b20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9E
+aWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcmwwOqA4oDaGNGh0dHA6Ly9jcmw0LmRp
+Z2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcmwwPAYDVR0gBDUw
+MzAxBgRVHSAAMCkwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZGlnaWNlcnQuY29t
+L0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAEhMTW9GZhsiO66D+Doceu2BRamZpaFj/
+HiJbDcX224h2RVyfNn4WnLLKsXcKU5AatoXaDwTnrkoRdDiIPq23yk7Or6+54ikZ
+nrII/NqOImq//WL5yFytrm5pWcOxTjF5aIBFeJyZBZ4W+kFF5GVvUupJKnOFoMh+
+PyRtXgH3rwZ7BToOXPs7H69MgBjovfGJZXT3RWKC4nvw08I7T0E/bT6XYIJ/z5/l
+qu/LAp+IF1lTIc+XImQpKRSXVJUNsbZB19AjFaNzT51ZELpOq7Qqmy4Psc79F5+g
+IisW4BM41cu43RuqtvjZJ8KRkOGMc5xIpKZVGGTQG6xzNFkoxbHf0A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFJzCCBA+gAwIBAgIQBrytuehQBysrKDIQVF8fGzANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE4MDIwOTEyMzIyM1oXDTI4MDIwOTEyMzIyM1owSDEL
+MAkGA1UEBhMCQ04xGjAYBgNVBAoTEVdvVHJ1cyBDQSBMaW1pdGVkMR0wGwYDVQQD
+ExRXb1RydXMgRVYgU1NMIFBybyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALNu+EJh4IFRwb+NSkUA2PuSgGBJX7Dv0WHF1UnHGTaxvNrKypQ2Y4YM
+8UWBN6GtERHYnVPFREbMZm7rH57JfSqCRQh/fnZIW8YKQKye3LTQ9RDCe1tqUnr7
+q4dPHGhtJPc0ysDZOhxdvxf6bkDZWpejXwzDIVyPG89tGEgl6eISrg96MOOUDcln
+762bSBVzozcYRrCiaPWipEzo+38LbqnDhSDPAH1AnkTofeTJ+K45xVja4kovzOKh
+EaSNL79fUMsfN0A57Xdgoykl8EnoG5qFk2mSCGruZVRhvU3p9/hlI3s5yvnS32k+
+9Dun/Ns/lTmoOsZiGVw1e2/F3eAHweECAwEAAaOCAecwggHjMB0GA1UdDgQWBBTW
+kdAnx/cYVmiiUv1ydKSbO2eUyTAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALv
+Y2QrwzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwfwYIKwYBBQUHAQEEczBxMCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSQYIKwYBBQUHMAKGPWh0dHA6
+Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJv
+b3RDQS5jcnQwgY8GA1UdHwSBhzCBhDBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNl
+cnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDBAoD6gPIY6
+aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVW
+Um9vdENBLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIB
+FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMA0GCSqGSIb3
+DQEBCwUAA4IBAQC9xqN5M4SnTGzIEl2GKm7+3OLikAmlts8dinuT5KndrKq9sygQ
+T6MYUR1Giwd7jUl9zq5X8edd2z/p41GqWkWhKpMiqImqB9iua7MPmQKGMd/9czDU
+d4wIBpBUQVNWK+VXLxRuk7iDIKkSIUThDwijFRUjEsBEsLFDqkckTGofLPSjq6f8
+It/QpiwtuGwimXuzoNqRFaeGq8OW41I+sCXHxLLDBE9lPjvGIE6GlxVFtbfTBFLr
+qi7grcgwZKTxLncZzSxmJHseQKDrac/GQbBdd2c0OrRGiExvLfzg101q5U8qm0vk
+OCfj6hSHTRvUzHYXylh1Y1RB4J2IUiA0AsUn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFMjCCBBqgAwIBAgIQBR/neNfhzLm5bSsraBQBZDANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE4MDIwOTEyMzIzNFoXDTI4MDIwOTEyMzIzNFowSDEL
+MAkGA1UEBhMCQ04xGjAYBgNVBAoTEVdvVHJ1cyBDQSBMaW1pdGVkMR0wGwYDVQQD
+ExRXb1RydXMgT1YgU1NMIFBybyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBANxDU4l5cxvhArWAZ5ftOjc+q6/e4+BtBFQcW4mNMQntGmso7IZQSwIP
+Tq4ha/PizRaCq4D3OV7jIMYiUWqzECoKnVLPHP+ADmbyB/mhBcreIWqgbqnD+cji
+6SBtfOCHYRHMFqxCfsAWEUeJjdB/PvuojXGfgjDHx+/hiUQDBWMA7L64+K1yw5Rn
+xGcVIu2eb9wxWlApVpnLG9E3p05mZVvSyaFJt/RVnrpxp4cWD8hmFyJE9Hkcy9Bh
+3snRJd5Z4c5ZU33b+njh82zg4STj6rMxAb8ffpxM6s/iOOVd2I8tbjxo2YvqXwMN
+kn4hM4SxFmyTjLdfMvVhGAIkCviIeNMCAwEAAaOCAfIwggHuMB0GA1UdDgQWBBRM
+B1veei9nivmCjU0AD/r7xpcZRDAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALv
+Y2QrwzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwfwYIKwYBBQUHAQEEczBxMCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSQYIKwYBBQUHMAKGPWh0dHA6
+Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJv
+b3RDQS5jcnQwgY8GA1UdHwSBhzCBhDBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNl
+cnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDBAoD6gPIY6
+aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVW
+Um9vdENBLmNybDBWBgNVHSAETzBNMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIB
+FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECAjAIBgZngQwB
+AgMwDQYJKoZIhvcNAQELBQADggEBABPPQ71emxJtMWMKbpoKySHWp4rTQcUbEr9g
+oQoTq25fupbiWuK2Yth71ILk6HFSIKWNg02t0mGsE+en4CN9xtuq36zmvjr3O6Aj
+H8wYk2NKa2kZQ5FoPbNbAQlwzzQGIO1NUiHP/dzTvJlOnMDxfy+HU3BcDbvMdgfw
+zHyt33+zqx5pUeU1yt/fiIoqiZfdZCX8CYVpbkUoeGUmr9RTk0wIdpJnvOktla1D
+i9TtCbxDmcdjpA185SBJVYRIuXSdojabJ1WWR2JSDncJkEy0x1U02oTEkIivegOH
+EaR0EQCeJKv+jPaag/uX/h7pqiWz8WNv1DLIrqssOlZjVYAVQOM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEgjCCA2qgAwIBAgINAenYnwmFxcytZnCU3DANBgkqhkiG9w0BAQsFADBMMSAw
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFs
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xODAyMTMwMDAwMDBaFw0yODAy
+MTMwMDAwMDBaMGUxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52
+LXNhMTswOQYDVQQDEzJHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0ZWQg
+Q0EgLSBTSEEyNTYgLSBHNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+ANjgsiwRN8SjdU/Gq9Pbqk0xKH+dkNKPOcGWl13NWL1w2Tb+HYpyP/8qGpeyioM9
+i3/lnGqBaJRRhKkc8s0lyLH8SDOuJyk7TvjeqxpArPpfeNoF9dHjraHcrH44x9Kb
+s8oS0RVmNpvNOUj8r+I363Fnrdn+KRlI2jiQLjHnS8lVkHLMA2ofH+gnoamP6yD8
+prSoaIJ1BQvI6xpn5lK+BtufkgmfqR8Yyb6Lb8ZdgLiWutTQRIcJnePVl5/k7Ls9
+EeObjvdKRFiM1xINug9Y6iN8IFjBnjxIDpHRTbayKut312ZQkBBB2X+qYkPKnpgW
+sNdZdWHXk26C8d8JXPbVuuUCAwEAAaOCAUgwggFEMA4GA1UdDwEB/wQEAwIBBjAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAdBgNVHQ4EFgQUYRizXWjUntkv61FcA7cKQMbubbQwHwYDVR0jBBgwFoAUj/BL
+f6guRSSuTVD6Y5qL3uLdG7wwPgYIKwYBBQUHAQEEMjAwMC4GCCsGAQUFBzABhiJo
+dHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vcm9vdHIzMDYGA1UdHwQvMC0wK6Ap
+oCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC1yMy5jcmwwRwYDVR0g
+BEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNp
+Z24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQA68cucSH/1u6kx
+SA+5rEo20zkgeTVayLnmN1vV0/oXoBh36VE825+m9GdQHVLbmreJeXIrARZWYCuK
+A9JaS75LKO+GkeyXisP8e8I4tOSvWPV17dfBXbcBz4A09Ws91OUwfQlmOdzTa94l
+vD4PBhLNTYi087pmA5k0tP+VqIC4CJb3Yr+/qjL+VAs8M6v2v4VfHBt0uPSVlNHg
+cI/TcrId1tDKlRBFgFcWsvjFecYdish8Y92KxwfRzo3QBp3O/iFvz/47lvvQ7P8v
+kBIjgIMpSm/3TDrTJojBZm7BlWOaykr+3hbzWmwXgjzhOsLLRv9JGt1+rvnN+viS
++ArY2j8T
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID2DCCAsCgAwIBAgINAenYn0U21hXlJO2hXTANBgkqhkiG9w0BAQsFADBMMSAw
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFs
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xODAyMTMwMDAwMDBaFw0yODAy
+MTMwMDAwMDBaMGkxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52
+LXNhMT8wPQYDVQQDEzZHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0ZWQg
+RUNDIENBIC0gU0hBMjU2IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARapvEs
+/9/n+OTfWwcIBna/fuJNcy/3gSb6v4m40ZAAKHhn30gKKbR4NNk+2J1gOxpRCOWh
+iJhk0na0khPBJc45VPPGnvcyb9wGTT9eo6OUURvg9hU5JAkzJkjqhTotZ+ijggFI
+MIIBRDAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFDnMgof9nbH9PpxwcXMj
+LIMu7kUNMB8GA1UdIwQYMBaAFI/wS3+oLkUkrk1Q+mOai97i3Ru8MD4GCCsGAQUF
+BwEBBDIwMDAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29t
+L3Jvb3RyMzA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24u
+Y29tL3Jvb3QtcjMuY3JsMEcGA1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIB
+FiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG
+9w0BAQsFAAOCAQEAriBUq/ySmeZQnV3hoFMJWSNMpLYJYcaIwJq+qjCUxPUYTqsR
+gd51wL2NFfVMGvPRXejePtvd8vdRk0NceE+vSaWo4yU5/nmwqWWPBfUWY5tYCA0R
+LXqOSOfEh4qbceiueFaKg2h+r+QggYQLmVUuBL+pM7ZsAooDIGPz3wL301eHwcdt
+XYROdiREbxTu+GjttCxoAk3LTgsX/uqBUCN7lKOn4zsQn/2ngq3Og94wvpRzN7yE
+CZ3qg3zTouJQfqv3ZMn+Mp2UnFwroFmoZhfTnyCYpQSLCz5IrCi/IPDREsbWe6ZO
+vfRWM/0etBvDg4g1mt8zOqtwYVk9qcZSztn/4g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFzCCA/+gAwIBAgIRAP0Zx6ZI8jCFNBvJb8ngVsgwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MDIxNjAwMDAwMFoXDTI4MDIxNjIzNTk1OVowgYsxCzAJBgNVBAYTAkVTMRYwFAYD
+VQQIEw1JbGxlcyBCYWxlYXJzMRAwDgYDVQQHEwdNYW5hY29yMScwJQYDVQQKEx5T
+b2x1Y2lvbmVzIENvcnBvcmF0aXZhcyBJUCwgU0wxKTAnBgNVBAMTIERvbiBEb21p
+bmlvIC8gTXJEb21haW4gUlNBIERWIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAkHd28rhMbD0D9amcKwVe8zK6RC0cfLw53pibu9eUwe7Z0O2V90GZ
+EWd295IR8l7uIqkujFEQZC52B9ZaWIbGir5/y66kMe7Yr6axNoIjqWE71F8DOT8A
+iXggwo3bF/f2IvclHggIPsySH400bxqjuqPnuCUtAQK9OvwPdepWR0D/ADAbkgec
+VoGpWZFBjyRSsd8dK0/IK4qjFlE/zB+nHIr4HQj38eShpOrkXI2SsINDE2fUVVpX
+D0w556yNTvexU4dYQQqIw4zhZjN+9lBXweBsr3trxQIvVPuZ79KW5diVPqfCE1n7
+hOqFhOqk4VFrztBARtxiU6fZ1Sczt0DwUQIDAQABo4IBdTCCAXEwHwYDVR0jBBgw
+FoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFDoKjBx3WSnqFvaZP6MX
+s98pEZM6MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEB
+AgI7MAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0
+cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmww
+dgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVz
+dC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0
+dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAHho1J2s
+RsWr4DFlKERthYckzxE1m/HDlRIqiE8h+KnG8142rAT7hnjiqL39NkhrHF5swB3/
+BPw4TV67GAfCu4BUJH2bYAWSFaLz+hXjn/vVMnpdLlwFi5/Fg5qb9cjCXV36xW+Y
+uaehUdZg1DLasj28hoIdqD+jTE9seUQHZjU+HDCVKev0lcFzztcmGBIUSwZ4XF1R
+Ke2bPYw+QgFXWIEGQ8dBaBDGvunaP4U8P76YXvdjOhbMLQ0zHJH/5A8qM7wF3TRW
+Nm36+vrXuGCarsbO9fPj4s0rbhGQ7mGYrebIyLVIOy+Dnk7qWfxRbQAkFISik2hs
+1OhBSLWIkKDkwrFn8lv0rdTrux9NLqE4i9cbMnQsiuqDdumR/YNX/4fRVVRLgyvw
+Byz1t4vjkzfXkvpIzUTEKiHzyFFRB71uovzK7T7NMKsk/ytZi/Sv5PzUzhjERv+U
+I708qx1HwOvva5hcnft8oQDybHbO4Fz59pg29HMvw36YWJ8G9Elpc+SORCmgp1kd
+bVuKHo8JYvd9lfJ6BvVINkFfOR9duWjpFMicAmPwT+xzsg3T63JBSvQPqHniIrIG
+YMbj8AOzEJJHRDwZkyvOGx+wKXynIPn0WvB87SnDpJoj+G4xRDmuPnAnC4ZwB00W
+kfxEERJIT5jo3mcnz6GLAQGM4IMo879uBZ1+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFjCCA/6gAwIBAgIQXS2dry+yCFwjbe1PwA8HrzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgw
+MjE2MDAwMDAwWhcNMjgwMjE2MjM1OTU5WjCBizELMAkGA1UEBhMCRVMxFjAUBgNV
+BAgTDUlsbGVzIEJhbGVhcnMxEDAOBgNVBAcTB01hbmFjb3IxJzAlBgNVBAoTHlNv
+bHVjaW9uZXMgQ29ycG9yYXRpdmFzIElQLCBTTDEpMCcGA1UEAxMgRG9uIERvbWlu
+aW8gLyBNckRvbWFpbiBSU0EgT1YgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDDUkdMFy+NIrq+NSXmlGPU5+MQdAXlUi1pm+dWTLzEBcjlAO5NWdQB
+Zq5Z8lGsxNmhL93S3S48YdyyP3nPv4Wh3duxospUuNWIQNKL7mls2vz/sFVuVksx
+XOy8tkG1k/OXLTPHQbbuNZa1w0d+nOJmRdI2OaFNQ01nSJoIWWkACSM4C7lPiGX7
+Xjmr4dWNKQollkFTJFLw/IEsiqWzuCePBrYzWGC5h8gebSwnJe2d9/EYOYFv+jXX
+bbNs3JYDbrjF9JfzCW266c9mqD2FwxweObK5K7RZMxpTn0mqa3Z0fPRb5/Wr8z5i
+c0mVa5w8x6vCGbQ9MuBfS9nMdEESbf4BAgMBAAGjggF1MIIBcTAfBgNVHSMEGDAW
+gBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUPoqLDWUT7tNbvz7OJIbo
+TMFMZEswDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQEC
+AjswCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2
+BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0
+cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAGIDVmE06
+PrjvqtgQ799jmuYQPT/5FBevsxQiaC964eHHN3sUyqtIyjcmKJojZ8kkggH/jJDd
+7ZwF3FYZl4zjuD1D8tmsONpDZ1nv5Q75n/y1cMYWlc+KqEb11qRhuVZLAZI1lZzT
+lDQVv0u4EArS7Rl6MgNHX5modVVUVSs50subkR0wVyc5TvG1lDaVuq7btgmDxJI4
+pbFobA9le//um3rUQa+I1l+FL3zPNHc3HQwCRrZNsk6D9y9vEc4tr/xsxkGOBiKE
+UZRHJMpgeHBsyTnYNeAma0l78DY4YgNuzN71mpkQFDmX0nzmTbG/K6HgGEpPZI9N
+1OfV6WlRIHbMehqGYR3PB7NnDqtv2hhgk8WImVgS0Lx+iGMARhV0PZfNPfLSOZYT
+fwQSNm9dXV6EbYvsn5557Kg2MbQW7SYq8BXeV0hUenxVtLj4gyb6d4IPStyM+nzU
+a34CwrjcUp0KhPRqkM10y887I62liUbx0gpgT+3Hn7y+pLAqxUzo+xxdGUKy8XY7
+HXw/19ufVx1XCjt8wADovJDO8VfRpqf9zOkC//Dqazid+ew6QTkP5KfJNfzScRVm
+Aiz7F4Fnw3b9gy93T6qhR+NqBYL/rS75/BddhqLOAbb0G5DyId/QJsGt3yvL799f
+nl4pJGBcsP+yMR1vPwNS2MhimYNY2kyLjaI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGdDCCBFygAwIBAgIRAKOcGTKlQZcrOChuzHbElDAwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MDIxNjAwMDAwMFoXDTI4MDIxNjIzNTk1OVowgdAxCzAJBgNVBAYTAkVTMRYwFAYD
+VQQIEw1JbGxlcyBCYWxlYXJzMRAwDgYDVQQHEwdNYW5hY29yMScwJQYDVQQKEx5T
+b2x1Y2lvbmVzIENvcnBvcmF0aXZhcyBJUCwgU0wxQzBBBgNVBAsTOkNvbnRyb2xs
+ZWQgYnkgQ09NT0RPIENBIGZvciBTb2x1Y2lvbmVzIENvcnBvcmF0aXZhcyBJUCwg
+U0wxKTAnBgNVBAMTIERvbiBEb21pbmlvIC8gTXJEb21haW4gUlNBIEVWIENBMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYIuqCyfnye/8qNg3IefuP67
+MIBik4A/JUjoXfPrYUEhoDmaQHqHYXWcf6ptdcDY8cKWTxQRj6ao5ZDj1LE+6py6
+UqMWuEBBfzKljb/QxkG9HrnzinCPdf7hN3CZa12kr8eui5B8xm9BrjSRUeZmgMW5
+4ZfuQ8SuPLACrD9CQCqDzbPUCuhZ40CGnY9MALyTkAg1HYBAPAF4z+CBsb2U+jmO
+NbgIn/HQbhw9/YH+x21L4l2HbjDEnj16O1+JvzHIBRhyPXflQfRBSFMUX844aLdv
+rzszJcmVO4erDnJWr9fHCXlmj0d7mt+d32vZtSeUmTnixXbSJeUPFs6Z6MwXYwID
+AQABo4IBjTCCAYkwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYD
+VR0OBBYEFJcrjZVt9ruB862i7gggBV5EzRZ2MA4GA1UdDwEB/wQEAwIBhjASBgNV
+HRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA6
+BgNVHSAEMzAxMC8GBFUdIAAwJzAlBggrBgEFBQcCARYZaHR0cHM6Ly9jcHMudXNl
+cnRydXN0LmNvbTBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVz
+dC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYI
+KwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5j
+b20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
+Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAHRRGIP+DMgl
+5RDFWcJ8szeQa2jXIbbWotMjcK3QhipafesGsmhVka4HxTgIfTXbt5xTl63DJMBh
+JkXzsjiOSlXaOgCNE2mUPlNCJDwbWsiU4kiv5sBa0fH0ZYDZDjuLfiFGSm84owNK
+8C5v5QXRBBtIlLZocZf52X8K2PL5VaV/zE/kcBDVJpTDJqRpWiZGpCqjflfTSTrR
+UUhYMfM7kyQkYXzGoUw0+YLTQM5mpXEpyKH+MLf2v9U/+++xkhMoUgHKgz4QZWUT
+lrBlf7c3WzxyiCsS+rU4zljYOyRb0qoiL9R4/CGGLANZg5fBuLBvAugkWDcy9vQC
+mFc1xzq+5EdWxTmazm9VO32XF6shWmagt6aYY+IoRy8qKemUyjA7t/k3WZca3yCe
+K1GZuzLnmBuf9X7Kl0I8Nv16c9aa1aKZ6cYpgIYymxtlmtreZCnjr/aB1CcVW6JP
+0aqMJL37NH80AB36z4w2Ck623DYi71jJH0YM394D1rELopHoFjCb+z+20AnPmUx4
+R6/u+oAeQHW9GjeA6kMclfOQTjymjALrNmR/FKwgtft74JCbN96q4piSp2JXwJIH
+NkxpURrL6XNXQ4mYtO1VTq1/2B28YfSZkvbR1FJO4zi04U4OwHCxvN1kXf/YyXdD
+nRyJpafRMoslNFGXYVJBvi2OKIhA7Qk6
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGEDCCA/igAwIBAgIQUh4EnqMavUrWDXS4cpIcdjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgw
+MjE2MDAwMDAwWhcNMjgwMjE2MjM1OTU5WjCBjzELMAkGA1UEBhMCRVMxFjAUBgNV
+BAgTDUlsbGVzIEJhbGVhcnMxEDAOBgNVBAcTB01hbmFjb3IxJzAlBgNVBAoTHlNv
+bHVjaW9uZXMgQ29ycG9yYXRpdmFzIElQLCBTTDEtMCsGA1UEAxMkRG9uIERvbWlu
+aW8gLyBNckRvbWFpbiBSU0EgQ2xpZW50IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEApdRvn9I/mUYOaN0lrfIlJm+3EamPhecBExMMsLwr34NTwqlC
+VI7AS+i+MdGlRFy/zPZc8J1J3JR5+PzGumVKJ5DYKDpOOrYWNXoGbabqoRwiQ3Ws
+OByaDOgm7Enrt388+6jJmwfpvZc46VKIBtowyyYMUD8Bf6CWCaLrVYtR/g8ZDO3g
++mLjxa6PVxQQwX56SpTNPMJH9IL6S5uJdSpT3d14X9d6E5KZJAwu9PhXrMBx/nKP
+njze1XQopHAsi++zgemi9Dz1Ramovjv/UTL1/qaWeRftepXzKyFU1dx8+n6MpQoW
+bp/ccp5skwb+F33/3mzutlzzGIhA9sElXh9FHQIDAQABo4IBazCCAWcwHwYDVR0j
+BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFC1q35538vTPR3U7
+AE0jPwHuDgy8MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAYBgNVHSAEETAPMA0GCysGAQQB
+sjEBAgI7MFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNv
+bS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEF
+BQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29j
+c3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEANA7pYZNMWYwEM1/D
+CtwSmbpgtYCnKzSFUQc4+/xP36CZGhxtG3+wl95ZO8IMWX1+WOlsN5ruebJg1Jrd
+AymWWPPFLZZNqKYpqbpdBRn020ZyN61TMnCRvcIWXx50YTzkP6407ILhyL6S/cnm
+mYxF/wTfmtdFi1b2M/ARfoQHq5Zc2baNmgrkITK8ocfSgs/pXVCSuZ9PvUS75xVY
+CHbXtOB1oofshhSJaxr15p31IFjWNLTta81nN/wPd6JRwFgnXHdirVMoQcDIHXDi
+PfIh+JBVH3moLCc9F6IKZ9UvHNYb/hi59ROxnRezK92FUQXInnJu4VMcm4/zqknB
+X+g+px1YZ7Suhz5EQ8Ib+lyVJEEzsndZhrUD3N+HYXOE9ixH3h4wct6osbWM64ia
+LXNFKPmjUrDw83B9eOr8rxFGe2dqMvjEUEB3HG+ABwfPCfgul2+20C3ElN5uXkRh
+wymlvK+8ccyQgd5fVNLe+qtU1Ng403aSKnCYOl0ubPeJbiWbTdUoHgC1ilIc6Xp6
+C0+qf2ZWD0YNsGriQ6fK0XXHBBJ1yVfzkgooFzs2Dqa3xs5bZc2QS66iyLmcDk5u
+AALKxDoYKYYUeVJ48v9YxxKLJNCzlm/lxDXH26CyeASpobxFsm7HYM6yJFfBoGkQ
+beMgnDT8X9ST0EhbYTmviY3R20Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDPjCCAsSgAwIBAgIKAf4+bGjeu+wmPjAKBggqhkjOPQQDAzBrMQswCQYDVQQG
+EwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNo
+bm9sb2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0g
+RzMwHhcNMTgwMjE4MTgzMDAwWhcNMzMwMjE4MTgzMDAwWjBtMQswCQYDVQQGEwJJ
+TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s
+b2dpZXMgTGltaXRlZDEiMCAGA1UEAxMZZW1TaWduIEVDQyBFViBTU0wgQ0EgLSBH
+MzB2MBAGByqGSM49AgEGBSuBBAAiA2IABLZXoamhYa/WwWE0nrNCo2lczaM2A35u
+59TmOxsIbT3s4bb5KkXPt3x/5Aa79uxf+m3gc3fFPxbe3FjvZXY2eNvbNGW4CX/p
+QdNpbwVxpMg6/F+oF9OMHk9vq94KQ1+UYKOCAS8wggErMB8GA1UdIwQYMBaAFHxd
+AoQT1MyKm4HOFxwuKR6cSGNCMB0GA1UdDgQWBBTRqrTS0iWCTrPwk2AXSptjevkf
+DTAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcmVwb3Np
+dG9yeS5lbXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwMgYIKwYBBQUHAQEE
+JjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC5lbXNpZ24uY29tMDMGA1UdHwQs
+MCowKKAmoCSGImh0dHA6Ly9jcmwuZW1zaWduLmNvbT9Sb290Q0FHMy5jcmwwCgYI
+KoZIzj0EAwMDaAAwZQIxAPOSHbUT2M805KMjMEor2epuLoycKuwnsGmtixn+ozlv
+CuJS+sq+9onRDkgwtG3iqAIwAYlrF96JmhW7JN5JyYl/C8tK0d30N8s/Pk3Denh3
+KyPhSif7POMc82DvHqWLL+S0
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIERTCCAy2gAwIBAgIKGlyC3ty8ahUwMDANBgkqhkiG9w0BAQsFADBWMQswCQYD
+VQQGEwJVUzETMBEGA1UECxMKZW1TaWduIFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJ
+bmMxHDAaBgNVBAMTE2VtU2lnbiBSb290IENBIC0gQzEwHhcNMTgwMjE4MTgzMDAw
+WhcNMzMwMjE4MTgzMDAwWjBZMQswCQYDVQQGEwJVUzETMBEGA1UECxMKZW1TaWdu
+IFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJbmMxHzAdBgNVBAMTFmVtU2lnbiBDbGFz
+cyAyIENBIC0gQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnrOVb
+uDTs2A73pwkDb8H9Fa0WP7sHPAv2EiQrF824Yythyjstd3QPux41oK10Ef8C7ZG0
+ScM+kSIG2/oW2xY1nJQzSKUwE2sAi8S46q9rJFCn3Gvm3yyouBBkZTCEEHOvVTzR
+5e3bk4Ic6ImdrfVsXXS+uuzuEkQw5MxhBeFUzx9/ns6KBMH7l5k9xeh41bNwj2NA
+hpAB4dwTEZqq3T+G/gYuMBY1QmKbq7+XbbGqh867/DO3Fsn3UTzgYTrBdrsUFOZi
+j2k1ck5I1BAiwE/vNg/jqe+fpMdWE1kru0cE4jjIQglfl+oMa0r217f9MAt+BcR8
+kT2nqz2S4aYn8wtDAgMBAAGjggEQMIIBDDAfBgNVHSMEGDAWgBT+oeBwHioDOVJa
+Qr5ckYV6GKpNtTAdBgNVHQ4EFgQUJmjA8/xAHPfKEktPksOLFJRIO/0wDgYDVR0P
+AQH/BAQDAgEGMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw
+Oi8vcmVwb3NpdG9yeS5lbXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwMgYI
+KwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC5lbXNpZ24uY29t
+MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW1zaWduLmNvbT9Sb290Q0FD
+MS5jcmwwDQYJKoZIhvcNAQELBQADggEBAMcT849Ry1ywXIrZqLO522l9kj+6mVB4
+24tJr6QBOyTo99QBL+v0Ekddn4EQ2cXDEIVG8p9sDxLxg+dE3j+5NBIIfYTyk5ff
+kf9dTcnJNwY5dmvmy+YC036hVT3wJju2K7d+9bDXq6bAk61AxJGrdIJ5s2DIQjYv
+8lHF07oh+dCOxlfReVi/ksbCTLRnP2aQjVoFYklAQZaaWzVAH9EFmoS9vtIXvxcF
+fp6Hfdoh6a7dcdndq3PfC0wH8rBL7pUqFgFPZuKuqSicMDKbHizRnf1c7IB+j4B7
+HPO6mFktvKO/t4wGyidj5pAxy4z86910LA/rnhdysUch2LG/keSEoIs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIERTCCAy2gAwIBAgIKfgZTNsB1x5mLYzANBgkqhkiG9w0BAQsFADBWMQswCQYD
+VQQGEwJVUzETMBEGA1UECxMKZW1TaWduIFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJ
+bmMxHDAaBgNVBAMTE2VtU2lnbiBSb290IENBIC0gQzEwHhcNMTgwMjE4MTgzMDAw
+WhcNMzMwMjE4MTgzMDAwWjBZMQswCQYDVQQGEwJVUzETMBEGA1UECxMKZW1TaWdu
+IFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJbmMxHzAdBgNVBAMTFmVtU2lnbiBDbGFz
+cyAxIENBIC0gQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAvfte
+UE7HwR4RPxGoFruaQ6YKrb3cSVGrRs/lZtD8pWchBZvkiT7EYt/Vplrs3+4ctlVf
+mihqYzfckUrUexJa/D/L3Gm4mwAWPzh3xkbIB87NgeZ8ljWQXSzm1kcuVRE3kMMr
+rgiz01nQTJ0Dbde10wPfH+8Gl+2pJpeHDKXzuVwcwPUOSLp1XAtBOxKm9ggBdyd4
+JxmwvxGFwz/TSOaYisaOL211p30QK7b1+SRWgbSRN9NPYhlQeiPsMGnQJKfGq2RF
+7jSkEuKoUP4UBxRVcwFe2prkdbmdTbrpMr6KueGa5yf/pg6QaIA273JfZIRMWqLk
+hTSFA2tqCWu9BVNlAgMBAAGjggEQMIIBDDAfBgNVHSMEGDAWgBT+oeBwHioDOVJa
+Qr5ckYV6GKpNtTAdBgNVHQ4EFgQUOw7vKTsRSCksARXRjnt5aQV7yVIwDgYDVR0P
+AQH/BAQDAgEGMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw
+Oi8vcmVwb3NpdG9yeS5lbXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwMgYI
+KwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC5lbXNpZ24uY29t
+MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW1zaWduLmNvbT9Sb290Q0FD
+MS5jcmwwDQYJKoZIhvcNAQELBQADggEBAMJ2XCF9zHpkyniCfrwc541PjaeofwvT
+9fklKtciWNCYhgfEf9KEljVVPCyGnYN6iDcLcBFSbKIkIiEDXVdYdsZtEGBJLkDj
+g1FIijfaEaOBKKObTcazm0nhNn6NxmQ+VTfqaHYDSMN3HQjnMOX63U0YLny+0v+P
+4+0VqVMhlPqPQ7Xog3FuOvofVKTCy8vbp55FVoyCN48xa2I/MXOK9wPTNqNomKxa
+M2F9nxzuek1PM1t1hJBqbZoD7nj3kb2BJXPFpNqUO8IH4FITpSNteCb6te2fl++a
+D4ReS84rSCb7TIhjwayaCVNOnJvdr7GKQ3XQDUW/ZToiBwpMMptHsY8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC/jCCAoSgAwIBAgILANk2XxWEKh0GicMwCgYIKoZIzj0EAwMwWjELMAkGA1UE
+BhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5j
+MSAwHgYDVQQDExdlbVNpZ24gRUNDIFJvb3QgQ0EgLSBDMzAeFw0xODAyMTgxODMw
+MDBaFw0zMzAyMTgxODMwMDBaMFwxCzAJBgNVBAYTAlVTMRMwEQYDVQQLEwplbVNp
+Z24gUEtJMRQwEgYDVQQKEwtlTXVkaHJhIEluYzEiMCAGA1UEAxMZZW1TaWduIEVD
+QyBEZXZpY2UgQ0EgLSBDMzB2MBAGByqGSM49AgEGBSuBBAAiA2IABEZY+jc4QJlK
+GWGc1FqdAbUQcaFiR06wyL2JHEytm/PkgllFNIZ7uyD58iJY6wosJ1NC8TAkEqEg
+4JOC8AyYNNlyv0BGiBHz6EAKArUeS5idNucCuU3UexFxrKbVQt2ZZKOCARAwggEM
+MB8GA1UdIwQYMBaAFPtaSNCAIEDyqOkAB2kZd6fmw/TPMB0GA1UdDgQWBBQE9lSv
+LrTdp0QeyvBjnCQVQ1gvzzAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV
+HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9yZXBvc2l0b3J5LmVtc2lnbi5jb20w
+EgYDVR0TAQH/BAgwBgEB/wIBADAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGG
+Fmh0dHA6Ly9vY3NwLmVtc2lnbi5jb20wMwYDVR0fBCwwKjAooCagJIYiaHR0cDov
+L2NybC5lbXNpZ24uY29tP1Jvb3RDQUMzLmNybDAKBggqhkjOPQQDAwNoADBlAjEA
+1C2gncdHPhUIubMCSCf4KW1rr34jWRdiBGRFLoBDtL002fXfcuLLxpgPSAS8vwpE
+AjA9YEhR1Smk9APIglUMjAWxRX2vps4q7k6pJ/hKHkukINVikBlNxRy/GXP1Kzmu
+2qs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEaDCCA1CgAwIBAgILAKCIcIJaMmvtlhEwDQYJKoZIhvcNAQELBQAwZzELMAkG
+A1UEBhMCSU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEg
+VGVjaG5vbG9naWVzIExpbWl0ZWQxHDAaBgNVBAMTE2VtU2lnbiBSb290IENBIC0g
+RzEwHhcNMTgwMjE4MTgzMDAwWhcNMzMwMjE4MTgzMDAwWjBqMQswCQYDVQQGEwJJ
+TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s
+b2dpZXMgTGltaXRlZDEfMB0GA1UEAxMWZW1TaWduIENsYXNzIDMgQ0EgLSBHMTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANZ4SolaBS+w84RMOCt4ZKVg
+xMJyR7eykXtyP6Q4NNAnWMpKnUuk3bCY3l0hUvr8F8VZJuyPRQx7XyMhDc/KawCu
+lqnh9Cr1WKEFBoUsZlaejIBk8hB4PtwKITDa82q9rTxyzW+mt/16JI/cS35sIQJB
+TIxriSDa2tHmlkKmExizbmqUCf2NTGZ/KaUcL87IhM9coFVWzTLXqEhkXgFsXWj+
+AHk2aROD5lowKP/0rbIA3vVCm5jmREckFNYwEiAztLI6ZcsuTWY33BbduxZFETtG
+pFUvw6s8ulYlyo9IzVZoQrSngQwDMZ1B/Z7a9fXApZO1XlemzMeo55kvHglRV5MC
+AwEAAaOCARAwggEMMB8GA1UdIwQYMBaAFPvvDYaesOPdqbnxIRd/PvzwdysaMB0G
+A1UdDgQWBBRcpZxB725BYUZ5LN/YVUUF1acahjAOBgNVHQ8BAf8EBAMCAQYwPQYD
+VR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9yZXBvc2l0b3J5
+LmVtc2lnbi5jb20wEgYDVR0TAQH/BAgwBgEB/wIBADAyBggrBgEFBQcBAQQmMCQw
+IgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLmVtc2lnbi5jb20wMwYDVR0fBCwwKjAo
+oCagJIYiaHR0cDovL2NybC5lbXNpZ24uY29tP1Jvb3RDQUcxLmNybDANBgkqhkiG
+9w0BAQsFAAOCAQEAYctjwH3uHKgDKOlhyjwV5BU5BRyFI4dRhkClor/HcftlqmrM
+4tDAs4rjgoQyUUaeRHMZCLLpT+geNu6Q1CwBCpwtOehbmcB/rKLs4x0BeEkyCKWe
+DIV+B5EupDUtc2iy6Z/ayaZDbBkw271Gb4enscExgGordjgS+smpLR0WoQnRWRqZ
+DF+Xea5rX2Q21qkYGoqX48L1zslI3wQvVm+c9vhWaPmfmZMlxeKuf+hlvM57qGrt
+7bpCoLuzy+s2qj8ihN0bdU0MQ0sGh7vZwrVdtEBS5kKs/1i9M6R7lCIqNV2NSThY
+eRGVf81T5WPf9Rbtd363vkFck0JGIoT80JqSmQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEhTCCA22gAwIBAgIKYmy5KyN/+C4/UDANBgkqhkiG9w0BAQsFADBnMQswCQYD
+VQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBU
+ZWNobm9sb2dpZXMgTGltaXRlZDEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBH
+MTAeFw0xODAyMTgxODMwMDBaFw0zMzAyMTgxODMwMDBaMGkxCzAJBgNVBAYTAklO
+MRMwEQYDVQQLEwplbVNpZ24gUEtJMSUwIwYDVQQKExxlTXVkaHJhIFRlY2hub2xv
+Z2llcyBMaW1pdGVkMR4wHAYDVQQDExVlbVNpZ24gRVYgU1NMIENBIC0gRzEwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWF1wRluuWpE1fd8hS/hP6IeRs
+/pHB1dFbSzlWKMXxgfd5l71liosvLmJAXPxaky2dVfV3wa/5ObUOwk9mbg2eZvZo
+MAtoU5UguN/iotBHycy2Z4wg2p9JM6UKd4/W1Hgue091XhBpQOpgIHNC6VuLzP0G
+KWQirZQkZysfXwXbwfhPSbjkbCzQvI5la6px9vr6asPejkhN6rAco7/Z0GdpHOKD
+Ki86UlrZXKi46unqV+VtLaaQz0lI+Vk0FCevISrriH3CWCbzwD1U0/f0o/2L60+w
+HZ+9Busk8UTXkyEjkWOPN/8rHDXOO78fFtFL5nKTuiOInM7XlRQ/v2hv+pg7AgMB
+AAGjggEvMIIBKzAfBgNVHSMEGDAWgBT77w2GnrDj3am58SEXfz788HcrGjAdBgNV
+HQ4EFgQUsp3PQafpw+CFVkCYS/aPfFUp534wDgYDVR0PAQH/BAQDAgEGMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA9BgNVHSAENjA0MDIGBFUdIAAwKjAo
+BggrBgEFBQcCARYcaHR0cDovL3JlcG9zaXRvcnkuZW1zaWduLmNvbTASBgNVHRMB
+Af8ECDAGAQH/AgEAMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDov
+L29jc3AuZW1zaWduLmNvbTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVt
+c2lnbi5jb20/Um9vdENBRzEuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAk8oWFJ3nW
+TZ1ssW1PBGFYXjGLURdZ7/q+Zu8cQlbZE0fygEp4bYEwrr9gXekwE8qutiHEbQau
+71JuR2X/s7rAaLT0a3FZEg1h6+lpqy+WyJaEYgR0HLOkoynkm5ZgbxR/LgJMazOm
+fSGEgVFRxBU6Tj3/llL9c0dBJ9VeDfad4FlUMtx8Wz60lVuH953C1+MuiiS2MRgb
+W+zxJO/RZEq7uPNdXhlhERZiLJ4odAMNHrWItmOIgFafs+FCz2jCHRB6Bjt/DNBh
+7kh2Zh9M63/1sTtIAVN7ZCOEFUOXrJfQAQM4RJrZV8ufIGTPCosO9KcAlLUEasN5
+SNEuIgkDS1Pu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEgjCCA2qgAwIBAgIKIXrVixxxPAAgkTANBgkqhkiG9w0BAQsFADBnMQswCQYD
+VQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBU
+ZWNobm9sb2dpZXMgTGltaXRlZDEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBH
+MTAeFw0xODAyMTgxODMwMDBaFw0zMzAyMTgxODMwMDBaMGYxCzAJBgNVBAYTAklO
+MRMwEQYDVQQLEwplbVNpZ24gUEtJMSUwIwYDVQQKExxlTXVkaHJhIFRlY2hub2xv
+Z2llcyBMaW1pdGVkMRswGQYDVQQDExJlbVNpZ24gU1NMIENBIC0gRzEwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCU1fhvfUV6OJOhMHAzBZDvxxpa5bvT
+S1x6S4rVQmP/+125Wj2gpxvtII2RyqXQFlZd3qAKMLgqgHGzeJcyjw6CXbzJHmri
+liVGWmuLn/NUKjKJgP9zd6eGOHe6mT1WjB9ZZEFLsDYoXBthTwcHdLWK2quJrHgS
+3hZiJnpkX+hmaY7DX89oUMI1uvCQaPljgTvtiR9vtmeg/GgyePX8K5EUMozX8ElR
+DMWkzdFUYv0DVcSQcbN1R/IDhWW1vPHzU8kexAMO4B/E5sj6FGrAeMM36/uZ3AmF
+4mt/0Ia2BKPsW/K2T3hkaNSTr2BKlUm6bRccONcNAyzyN258xcUcX+RJAgMBAAGj
+ggEvMIIBKzAfBgNVHSMEGDAWgBT77w2GnrDj3am58SEXfz788HcrGjAdBgNVHQ4E
+FgQUNNH3OTJFQEqZK32JaldprZWv4zcwDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggr
+BgEFBQcCARYcaHR0cDovL3JlcG9zaXRvcnkuZW1zaWduLmNvbTASBgNVHRMBAf8E
+CDAGAQH/AgEAMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29j
+c3AuZW1zaWduLmNvbTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVtc2ln
+bi5jb20/Um9vdENBRzEuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQAaBDZfBK+cP9Zk
+lI7QN3mkpgD+mYfp/03P51cUNlfAFoYd1G/4lU468rg7JLTwqFXcDzcmrWt8lmdi
+AMflxwLGeNObNS9RkpdiMDCdRItCHq00IMbbzj5rz+HSzAn6WsbLn9efn9WhO1MO
+72d1SsEbVOTw/Z3sfPpWS8DSp91TRZuRKReVmD967QnsQGYNKUG6esTV73dOigHC
+ndwglIXCUkaxTroFn7wT6Sqt9pklaqxBkEx/yzp0HxpZtC8uK6aOFx624S9yF8nk
+6U7rbscn4kJYOF+0U9JshFkQ4+cx5kKd3cGNtmaTzemoZSGn+Aty6H6/oDPteLpE
+cUPckzSa
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEZjCCA06gAwIBAgIKBGWDUkc2SpBKjjANBgkqhkiG9w0BAQsFADBnMQswCQYD
+VQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBU
+ZWNobm9sb2dpZXMgTGltaXRlZDEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBH
+MTAeFw0xODAyMTgxODMwMDBaFw0zMzAyMTgxODMwMDBaMGkxCzAJBgNVBAYTAklO
+MRMwEQYDVQQLEwplbVNpZ24gUEtJMSUwIwYDVQQKExxlTXVkaHJhIFRlY2hub2xv
+Z2llcyBMaW1pdGVkMR4wHAYDVQQDExVlbVNpZ24gRGV2aWNlIENBIC0gRzEwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX9SkTbGs60ZpHTqRXWRHOOMUZ
+ZAINbzBhS3OdXHoaEQ2I/HOqurYQO3zE35X9uXJWKnHRWl6ZS/H22pPLVMfL4PrK
+da3UhoMkGGDnkCcaf0vGkfxAN0svDd4r4LH9h7lhoX+8tBCUdEEZ1daRS05dxP5w
+JNOBg7aEVlF9oiAnpRPe7/eP1q7rVUF2bN0GNSYrWumZDD68HpdctIg46ORbk3/C
+jGNMPAN5mdOX2WzhNx/z+gC+9mU0qOzgViptNnHLxs3Q3UcWAGMsuYMUOgCZh6dc
+OaQOURGoAPoiCvXj+ccINm+7tP0OWsWGFFKWhmbmX4LLI9Nbwaehz4lx9ja3AgMB
+AAGjggEQMIIBDDAfBgNVHSMEGDAWgBT77w2GnrDj3am58SEXfz788HcrGjAdBgNV
+HQ4EFgQUC5N44uA1B23fhnePjFGN4zV8qXcwDgYDVR0PAQH/BAQDAgEGMD0GA1Ud
+IAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcmVwb3NpdG9yeS5l
+bXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwMgYIKwYBBQUHAQEEJjAkMCIG
+CCsGAQUFBzABhhZodHRwOi8vb2NzcC5lbXNpZ24uY29tMDMGA1UdHwQsMCowKKAm
+oCSGImh0dHA6Ly9jcmwuZW1zaWduLmNvbT9Sb290Q0FHMS5jcmwwDQYJKoZIhvcN
+AQELBQADggEBAA2Wfa1hvlkem10OxKaGP5yo4Q+rSMYMgCvbWYIZDx5qefWK39h9
+aCOz2omM8KsCeYukVdjxCmTUHumcimb+zNCIariDfBfefLgvviPVqcy/KH+n2uBE
+CW3t2ZLp8FEOTgc00byFRWrkSOgYKeUDfJHXkX74pty5/36hYTyOhwQHozdHCCAj
+QTqxbzciMDRdfGJiaAIzTHb9OrKm/5MlfVUK2gH/Uy2RbLSvEDyTG/1RI/OkRuJG
+lnZt1P85Ey8Ney4vS/sCiwd2qzsnclJ3ZqHLjCpvUgvzeP3Z8st6dGnKByV1Q1Zd
+FqC7Bs43V6c+D62dSjTdXWBHJbqM71UJG6w=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAqagAwIBAgIKI+G6At/z6QDt3TAKBggqhkjOPQQDAzBrMQswCQYDVQQG
+EwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNo
+bm9sb2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0g
+RzMwHhcNMTgwMjE4MTgzMDAwWhcNMzMwMjE4MTgzMDAwWjBuMQswCQYDVQQGEwJJ
+TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s
+b2dpZXMgTGltaXRlZDEjMCEGA1UEAxMaZW1TaWduIEVDQyBDbGFzcyAyIENBIC0g
+RzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASt0tTBgfEcQDnhwd1qvjyypyFq4kKi
+3+Nw+UflaTgNrjD939y+XHaZMxGXJ8cMN28rfPl6x6TaScH7W8rQkRAWXN9xtTlb
+toTLlKqgEO4rNtq/qnk6BRwMIiTdj1TXAm2jggEQMIIBDDAfBgNVHSMEGDAWgBR8
+XQKEE9TMipuBzhccLikenEhjQjAdBgNVHQ4EFgQU4Bb+vcThZcalmUyJXnGO1F1n
+8f0wDgYDVR0PAQH/BAQDAgEGMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUF
+BwIBFhxodHRwOi8vcmVwb3NpdG9yeS5lbXNpZ24uY29tMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC5l
+bXNpZ24uY29tMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW1zaWduLmNv
+bT9Sb290Q0FHMy5jcmwwCgYIKoZIzj0EAwMDaAAwZQIwGzEuvlR0hO3AV5IsUNAL
+35TiHMHusf0lwxFIJv0XZQY5opx9f4FUFfUnRXEYXKxCAjEA6mo32Hc+R+Jgpcdd
+GtaU+sZM9yhSS+TSGEn7hKHbXk0Bd0ApOg5Yd3HnOAFdWJTx
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC/TCCAoSgAwIBAgIKPRKhz3gljVgIVDAKBggqhkjOPQQDAzBaMQswCQYDVQQG
+EwJVUzETMBEGA1UECxMKZW1TaWduIFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJbmMx
+IDAeBgNVBAMTF2VtU2lnbiBFQ0MgUm9vdCBDQSAtIEMzMB4XDTE4MDIxODE4MzAw
+MFoXDTMzMDIxODE4MzAwMFowXTELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln
+biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMSMwIQYDVQQDExplbVNpZ24gRUND
+IENsYXNzIDMgQ0EgLSBDMzB2MBAGByqGSM49AgEGBSuBBAAiA2IABKsVY5O2xPYp
+BqcOQKC8r71cXmv87bD5OgshY5S2ySOJP3Whdu25JJ2nEdh0VTPPBwCBc4zgVI7Y
+99+WuX+OxFYmrS5aGs0Bg9hrbL8EjZ6RtFHosppOWu9WxHPx/elObKOCARAwggEM
+MB8GA1UdIwQYMBaAFPtaSNCAIEDyqOkAB2kZd6fmw/TPMB0GA1UdDgQWBBTxZquW
+jKQN0iZiMy+aVQld2eZISjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRV
+HSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9yZXBvc2l0b3J5LmVtc2lnbi5jb20w
+EgYDVR0TAQH/BAgwBgEB/wIBADAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGG
+Fmh0dHA6Ly9vY3NwLmVtc2lnbi5jb20wMwYDVR0fBCwwKjAooCagJIYiaHR0cDov
+L2NybC5lbXNpZ24uY29tP1Jvb3RDQUMzLmNybDAKBggqhkjOPQQDAwNnADBkAjBs
+/jtoTdEKKX+0knGdkaWlpybcPr4zK4xGERFGBzsHzp2ICpjxbJVBPfntkazaBUoC
+MEh5c0r35dVtpp4Lp5MuVlYujIrCk9TcHMGip9i9QIIOHaQRkD5wFU5uZUtZeLRB
+Xg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEZzCCA0+gAwIBAgIKPFvaVcCiNqdEzTANBgkqhkiG9w0BAQsFADBnMQswCQYD
+VQQGEwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBU
+ZWNobm9sb2dpZXMgTGltaXRlZDEcMBoGA1UEAxMTZW1TaWduIFJvb3QgQ0EgLSBH
+MTAeFw0xODAyMTgxODMwMDBaFw0zMzAyMTgxODMwMDBaMGoxCzAJBgNVBAYTAklO
+MRMwEQYDVQQLEwplbVNpZ24gUEtJMSUwIwYDVQQKExxlTXVkaHJhIFRlY2hub2xv
+Z2llcyBMaW1pdGVkMR8wHQYDVQQDExZlbVNpZ24gQ2xhc3MgMiBDQSAtIEcxMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi1gZ1TdwRDB3ua++szG548V1
+ISoEPlKHXGRqFoL09ivQSzyzUXbwDJ8g0iskj8LroIJnTQFympUZZeaZAUV55Hdt
+R8347u3UqwozUZRRVmAZUVuPKLehAuVbcRtbil+4f+XbsABFuq6R4p4GIfLv6Ztr
+wcpJ8KaGqor+t2q4hWBbuJWVgNd3rE0wMYuw36Me8YP3v9ONhdJbcWRhzkfDelSu
+8MU8aCujsZ9g/OvYre8d8fhNmTq+mS99TNuqDsZ8ieW1OI4x/gGksCCgxEYdmPWa
+wFC0BMkzwA1p8FTF3y8S3iVq1sa04AQZHMxXuHnjahVyLnL7ibxXaDLjqCZX/QID
+AQABo4IBEDCCAQwwHwYDVR0jBBgwFoAU++8Nhp6w492pufEhF38+/PB3KxowHQYD
+VR0OBBYEFObdDbmb0hVAzyMILWwZuFxoMlIyMA4GA1UdDwEB/wQEAwIBBjA9BgNV
+HSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cDovL3JlcG9zaXRvcnku
+ZW1zaWduLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMDIGCCsGAQUFBwEBBCYwJDAi
+BggrBgEFBQcwAYYWaHR0cDovL29jc3AuZW1zaWduLmNvbTAzBgNVHR8ELDAqMCig
+JqAkhiJodHRwOi8vY3JsLmVtc2lnbi5jb20/Um9vdENBRzEuY3JsMA0GCSqGSIb3
+DQEBCwUAA4IBAQAfkiWA3dGojWbT9FskfUTekEgYp1i5g5/oBngPbug8JMgizH/e
+YeshF0+DVi+cxvXq/J6qoHL5ihe6K9Wc6wOXQAfq8g4aXC0OUhZN29QFNRzwWvSq
+4HtpDkIOb9SNGW7KMaHPRyN3juun/wElp5Chp8iejsbE4cf5YcBQYpzcGXW5IktT
+9k6tHS499J+SXu0BQGtMw78AUFdvqpSFpJr6MZWKQtHRz35gHMMqXGhFSVKbAYGW
+YoXa4udBcmpnQ86a9gYYLw9uA+XUayCar9bmu6XqjQ+RX9wXn4pn+BryHbbxSG0d
+HlrvB8UnCHx4bA2DLomVJyN+WoGfnkd2CT7K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIERjCCAy6gAwIBAgILALR09k2GOSGJSW4wDQYJKoZIhvcNAQELBQAwVjELMAkG
+A1UEBhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEg
+SW5jMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEMxMB4XDTE4MDIxODE4MzAw
+MFoXDTMzMDIxODE4MzAwMFowWTELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln
+biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMR8wHQYDVQQDExZlbVNpZ24gQ2xh
+c3MgMyBDQSAtIEMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzY6S
+gZflKotvv/PRuvsXsSmOGbTUCWcQk65ZNvKXPi30WgBjCmugQNx+9anV6TSTYm+s
+pLpPI5TEEw+JFROYDrylT5NQ1AQkBcD8lSl1oyydJLlVwiYIGHf+Dh/DNYHAvS1/
+VPieDtOdQ0ApoQdc9NB4ogURvBu60g0IlWTwGsAJlUIy9scXhXY/yDszE+uw+xcw
+oNAHUmShaQFndamaFCAeqb1XckI4TgMHIxB/F8zsj37S4LLZcm/vFJ5toKSfbHVo
+5Y+ys7WfFgYzQgKU1kdxlmuQ0WxL0qSMYpwHlT/rGzvvkKUAfB1d7xcRpKojucCc
+xUHGkYyDeUc6Oc2ULwIDAQABo4IBEDCCAQwwHwYDVR0jBBgwFoAU/qHgcB4qAzlS
+WkK+XJGFehiqTbUwHQYDVR0OBBYEFHuepsUnfmSXq4QBOuomlmuSTofhMA4GA1Ud
+DwEB/wQEAwIBBjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0
+cDovL3JlcG9zaXRvcnkuZW1zaWduLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMDIG
+CCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AuZW1zaWduLmNv
+bTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVtc2lnbi5jb20/Um9vdENB
+QzEuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQB4jFM8EfFdad4cWPuihvDqPsH1BWBJ
+TdNf9zIpBt9u8HQevk/OtlK/3AoIXudzlTH8GK6hkshupL/ccdBhrTRPzWZTxQUt
+WDWUc2Waa9SV/I7t8X3yhFAlPPhm5bCxegGAAV8icOwlMBZS3r3BvP6iOcfzNqpZ
+jJ6oDzjqJ7Gvbar6Ao0EtEhMQ8XnJCz7XWNwOLqE/laqZ4jb7dN9XXu9s1eNhLLQ
+EA1nHUWz8OyQu5nljCqmVT+fG4lvr3pJ6za+4vyNht+QdaX5rKzbtc6tZLv2MJ7t
+zEQFW0OfgKQYTZrNKxBYGhqOeu4Necdbyf5wvKqGV4Fm/+ZbBxzvFVGW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDPDCCAsGgAwIBAgIKct3H6dzpsNz/xzAKBggqhkjOPQQDAzBrMQswCQYDVQQG
+EwJJTjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNo
+bm9sb2dpZXMgTGltaXRlZDEgMB4GA1UEAxMXZW1TaWduIEVDQyBSb290IENBIC0g
+RzMwHhcNMTgwMjE4MTgzMDAwWhcNMzMwMjE4MTgzMDAwWjBqMQswCQYDVQQGEwJJ
+TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s
+b2dpZXMgTGltaXRlZDEfMB0GA1UEAxMWZW1TaWduIEVDQyBTU0wgQ0EgLSBHMzB2
+MBAGByqGSM49AgEGBSuBBAAiA2IABBWwpaaD8WGEIlx1uQ6G9FY35y+AJ0ewgoXe
+ZPXcz2OkkD6WNqITMSn+Nzl2489ITUU5GH0EpjWuujQv6stEYule7AVb7OolZsvz
+eMXdq/2g5DHXGlW1FGc10DYx+9xynqOCAS8wggErMB8GA1UdIwQYMBaAFHxdAoQT
+1MyKm4HOFxwuKR6cSGNCMB0GA1UdDgQWBBQTjUwomeFit9LgU+MY0WLcHMpm+jAO
+BgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMD0G
+A1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcmVwb3NpdG9y
+eS5lbXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwMgYIKwYBBQUHAQEEJjAk
+MCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC5lbXNpZ24uY29tMDMGA1UdHwQsMCow
+KKAmoCSGImh0dHA6Ly9jcmwuZW1zaWduLmNvbT9Sb290Q0FHMy5jcmwwCgYIKoZI
+zj0EAwMDaQAwZgIxAP0zh/Pwvs1KWlruB+iqwSXWXUXxJ5RcvNhoMoT5Hq164K8i
+4lb4tfVNV4Hb89HfugIxANXUFpJ5DvDugBmGsWIh3UDLY/MaIJr0LCyB3vebwqGw
+eYppriQcyxqeG4xCXYLOcg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIjCCAqegAwIBAgILALjrJYMk2wiswvUwCgYIKoZIzj0EAwMwazELMAkGA1UE
+BhMCSU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEgVGVj
+aG5vbG9naWVzIExpbWl0ZWQxIDAeBgNVBAMTF2VtU2lnbiBFQ0MgUm9vdCBDQSAt
+IEczMB4XDTE4MDIxODE4MzAwMFoXDTMzMDIxODE4MzAwMFowbjELMAkGA1UEBhMC
+SU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEgVGVjaG5v
+bG9naWVzIExpbWl0ZWQxIzAhBgNVBAMTGmVtU2lnbiBFQ0MgQ2xhc3MgMyBDQSAt
+IEczMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEt/kiu55eyuZ/oAxsR1UMkQ9ytN3x
+wX/7w2eOL1+R9TafuuD9YRcVK6oFadIw/ar5I0I22WAw9/Gwd9zI0DPTe/2Zho6m
+TMNIH3LFgdRX5g7+hTH1vBv8UHqXXqiR1ys2o4IBEDCCAQwwHwYDVR0jBBgwFoAU
+fF0ChBPUzIqbgc4XHC4pHpxIY0IwHQYDVR0OBBYEFCJiSrx+baEwtyrJlX4qI949
+J/ONMA4GA1UdDwEB/wQEAwIBBjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEF
+BQcCARYcaHR0cDovL3JlcG9zaXRvcnkuZW1zaWduLmNvbTASBgNVHRMBAf8ECDAG
+AQH/AgEAMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3Au
+ZW1zaWduLmNvbTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVtc2lnbi5j
+b20/Um9vdENBRzMuY3JsMAoGCCqGSM49BAMDA2kAMGYCMQCfcM3DXIEnxOkAE4co
+/IRvdClPVNvHbO1eSrrH7tYklqpCoPbFlm6wwuj5JTXPJvoCMQCzTp1mDKZnJwbr
+gDOCrI0PYxWGPWpI9g/YRh83rrsb8XmDdPrtOWZBRifZu4v0o+4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDIDCCAqagAwIBAgILAIdigqj9dYw5HsMwCgYIKoZIzj0EAwMwazELMAkGA1UE
+BhMCSU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEgVGVj
+aG5vbG9naWVzIExpbWl0ZWQxIDAeBgNVBAMTF2VtU2lnbiBFQ0MgUm9vdCBDQSAt
+IEczMB4XDTE4MDIxODE4MzAwMFoXDTMzMDIxODE4MzAwMFowbTELMAkGA1UEBhMC
+SU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEgVGVjaG5v
+bG9naWVzIExpbWl0ZWQxIjAgBgNVBAMTGWVtU2lnbiBFQ0MgRGV2aWNlIENBIC0g
+RzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQ5qPpBiN5BbQSUldNBlP6FO5jLtouf
+abBDLwXTXzcgFwakNh89uO5ug1m0M6QhLIZRkLOMxH4BMJ+rMb1lHnryjrp2i7la
+XdsPk2ZCGLzcUnp3QA8ZBzzJhfHYSo1m8eujggEQMIIBDDAfBgNVHSMEGDAWgBR8
+XQKEE9TMipuBzhccLikenEhjQjAdBgNVHQ4EFgQUpaz5H1oljhCwKdoZACaG6KHm
+6NkwDgYDVR0PAQH/BAQDAgEGMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUF
+BwIBFhxodHRwOi8vcmVwb3NpdG9yeS5lbXNpZ24uY29tMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC5l
+bXNpZ24uY29tMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW1zaWduLmNv
+bT9Sb290Q0FHMy5jcmwwCgYIKoZIzj0EAwMDaAAwZQIwF7tFSgQvVGC3YidTEIxu
+26OnAEvCij1ebFju9WG0Nc0eQG3pPqdnh0OgixpWv+cXAjEA9ksmCrk3ZASLdG7y
+WDeiPyvdwWWx0Xuj5hKEnm8U7GbtQ7BSFKMJ6kjRqlmb1GlX
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDGTCCAp+gAwIBAgIKW32bsf0zubwdhDAKBggqhkjOPQQDAzBaMQswCQYDVQQG
+EwJVUzETMBEGA1UECxMKZW1TaWduIFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJbmMx
+IDAeBgNVBAMTF2VtU2lnbiBFQ0MgUm9vdCBDQSAtIEMzMB4XDTE4MDIxODE4MzAw
+MFoXDTMzMDIxODE4MzAwMFowWTELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln
+biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMR8wHQYDVQQDExZlbVNpZ24gRUND
+IFNTTCBDQSAtIEMzMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEyEjAcnMq9drjRUIE
+hxpHjSAZxpZwTa3qXZ6THcyfjQIldowaWIyyKMxvAjWYZl3GC9XEJILaz5iUaXr1
+Gy0q1SsIE+gPg1LnGVLDXOcSU3MbBoBgZoL5yPiScUvSeGIgo4IBLzCCASswHwYD
+VR0jBBgwFoAU+1pI0IAgQPKo6QAHaRl3p+bD9M8wHQYDVR0OBBYEFOPolx6/xD06
+sNz3HZ0/XyyxbetsMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0
+dHA6Ly9yZXBvc2l0b3J5LmVtc2lnbi5jb20wEgYDVR0TAQH/BAgwBgEB/wIBADAy
+BggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLmVtc2lnbi5j
+b20wMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbXNpZ24uY29tP1Jvb3RD
+QUMzLmNybDAKBggqhkjOPQQDAwNoADBlAjEA/HGlD9A9u6B0MR2YaPa+6epy4Kou
+oK7En7a0p3ESe/DroYG48ys9SUGAZ3+gr4OnAjAIbqwFSaxsvNTrolD0mI99iDA7
+sranVo+LcI5dCGkaCSNzr7m1eJVLIUi/s7Su2PQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDITCCAqegAwIBAgILAPseIZgusbVcWSUwCgYIKoZIzj0EAwMwazELMAkGA1UE
+BhMCSU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEgVGVj
+aG5vbG9naWVzIExpbWl0ZWQxIDAeBgNVBAMTF2VtU2lnbiBFQ0MgUm9vdCBDQSAt
+IEczMB4XDTE4MDIxODE4MzAwMFoXDTMzMDIxODE4MzAwMFowbjELMAkGA1UEBhMC
+SU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEgVGVjaG5v
+bG9naWVzIExpbWl0ZWQxIzAhBgNVBAMTGmVtU2lnbiBFQ0MgQ2xhc3MgMSBDQSAt
+IEczMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEOReHn35H+3QHeBQoo2GaV/M5/wJ3
+/l+RYkEm6Asuf2xUlYCMZmokaSzC3Z05V2kf9LAevtB0dSecVMz8l3XGVoaIaaLO
+fxmAIPPlvVyMCJ3EgnCAGH+1ZONRf35995B5o4IBEDCCAQwwHwYDVR0jBBgwFoAU
+fF0ChBPUzIqbgc4XHC4pHpxIY0IwHQYDVR0OBBYEFEa+gMPIJ/7sm1grGmJdstXR
+AjhoMA4GA1UdDwEB/wQEAwIBBjA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEF
+BQcCARYcaHR0cDovL3JlcG9zaXRvcnkuZW1zaWduLmNvbTASBgNVHRMBAf8ECDAG
+AQH/AgEAMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3Au
+ZW1zaWduLmNvbTAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVtc2lnbi5j
+b20/Um9vdENBRzMuY3JsMAoGCCqGSM49BAMDA2gAMGUCMQC+j9TyTWudMq4HdKE/
+1ib6vzapfBmQ/8Vbu3PHCMWPdpfLCcBSwh24bUOxKeVlGx4CMHfW32Xd+90Z/5IB
+A6lkX+6E1Tl588OddGhKwsLq3T3CVjwcIZMBWhRh84fcqIAdaQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDHTCCAqKgAwIBAgIKG1BYH3M0swsnIzAKBggqhkjOPQQDAzBaMQswCQYDVQQG
+EwJVUzETMBEGA1UECxMKZW1TaWduIFBLSTEUMBIGA1UEChMLZU11ZGhyYSBJbmMx
+IDAeBgNVBAMTF2VtU2lnbiBFQ0MgUm9vdCBDQSAtIEMzMB4XDTE4MDIxODE4MzAw
+MFoXDTMzMDIxODE4MzAwMFowXDELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln
+biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMSIwIAYDVQQDExllbVNpZ24gRUND
+IEVWIFNTTCBDQSAtIEMzMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEDv1Ol3bDxlGB
+ala4t3g3KFCZ0xD+OutvrHBHwGpGbdAB1Xc9VvwVnL411pQ3BU3E6cqj0ZOzTetb
+8qW0rRWKl+hIo0Zq+nAV5S/M41t/N5t37cQkJv2tnSTwSnAUM/CQo4IBLzCCASsw
+HwYDVR0jBBgwFoAU+1pI0IAgQPKo6QAHaRl3p+bD9M8wHQYDVR0OBBYEFEi3aOg8
+suaxEkRMxNfTmgtv6VrGMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEW
+HGh0dHA6Ly9yZXBvc2l0b3J5LmVtc2lnbi5jb20wEgYDVR0TAQH/BAgwBgEB/wIB
+ADAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLmVtc2ln
+bi5jb20wMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbXNpZ24uY29tP1Jv
+b3RDQUMzLmNybDAKBggqhkjOPQQDAwNpADBmAjEA4rW0NYDpnpfRcmVfGS0SD5il
+apt0hqCSJeE1OctiXrn22WtIIjOERmOUD3AHXYPiAjEA1wNB4UxxrucJVDiGcRCi
+skqSL+BnLAoomcPYC9ETImRiChgpdGzelBT14bB0HKXT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEaDCCA1CgAwIBAgILANWbfJs2otRJIuowDQYJKoZIhvcNAQELBQAwZzELMAkG
+A1UEBhMCSU4xEzARBgNVBAsTCmVtU2lnbiBQS0kxJTAjBgNVBAoTHGVNdWRocmEg
+VGVjaG5vbG9naWVzIExpbWl0ZWQxHDAaBgNVBAMTE2VtU2lnbiBSb290IENBIC0g
+RzEwHhcNMTgwMjE4MTgzMDAwWhcNMzMwMjE4MTgzMDAwWjBqMQswCQYDVQQGEwJJ
+TjETMBEGA1UECxMKZW1TaWduIFBLSTElMCMGA1UEChMcZU11ZGhyYSBUZWNobm9s
+b2dpZXMgTGltaXRlZDEfMB0GA1UEAxMWZW1TaWduIENsYXNzIDEgQ0EgLSBHMTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxsGEyj1Ff+Jf3rXeVJfQQL
+xWijpNKSYaKfLwClLWuVgDMdL1vBVpMy3MCrcYKlLvGsET/6CFzYdqdamP7P5N6C
+D7BXQkYGVvzJimPtO/eaj46YdDSx91/FAxRkJQNVargAqbCQiYZVZrZe13x9FtIs
+Wc+wiAAIvyaDnfl5Uc7srAYRPpxbwUBvsKL0P5sX1vNKaCz/wxRARMRfg13OzuOw
++jrVkF/y/7bfhxie6K2/d0A/em3rmmfsrDzFUwge9rI4QohUnJngVST9zUMTGKbj
++QKSijdenYiJu/LFNm8bEg4Vn6tM19rgbb3LH8wwF9wS2IcDzX0Xz/KRJROXogUC
+AwEAAaOCARAwggEMMB8GA1UdIwQYMBaAFPvvDYaesOPdqbnxIRd/PvzwdysaMB0G
+A1UdDgQWBBTcYI8K3rGZhJuEQAPjdQMyA4AAkDAOBgNVHQ8BAf8EBAMCAQYwPQYD
+VR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHA6Ly9yZXBvc2l0b3J5
+LmVtc2lnbi5jb20wEgYDVR0TAQH/BAgwBgEB/wIBADAyBggrBgEFBQcBAQQmMCQw
+IgYIKwYBBQUHMAGGFmh0dHA6Ly9vY3NwLmVtc2lnbi5jb20wMwYDVR0fBCwwKjAo
+oCagJIYiaHR0cDovL2NybC5lbXNpZ24uY29tP1Jvb3RDQUcxLmNybDANBgkqhkiG
+9w0BAQsFAAOCAQEAMFYsJUg/auGHNrj+JJi+xv7f5etIB/NXArZLnBsi68WBx3hv
+3Vxng658w6WCEc8GeJesEZrP9pbClWMLSikhb7VHc0lVROdOE4VlZvgSiHzRvM6h
+m8RTiN9rRLTt06zC/PYAOgi5KavCRaWptPh95EUp+lcvlK040obb6BGimoYsX2gl
+hzOQcCgRBgApCNYwUbR2QLK5qGbt0Nyidwe5Iut7mwDat2ElFOeUQ3HWr20+vHfp
+PT+X7+DwPmIzRS9fuq1er42SwiJd+0BdUCjlecevaZG4wbVMTFxycLw72e7gcDss
+OagPoy4AoaUbnMY4VKvDSpVjRSZ23SRY8ZQOxg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIERTCCAy2gAwIBAgILALGb4wgeLZe1v8swDQYJKoZIhvcNAQELBQAwVjELMAkG
+A1UEBhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEg
+SW5jMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEMxMB4XDTE4MDIxODE4MzAw
+MFoXDTMzMDIxODE4MzAwMFowWDELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln
+biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMR4wHAYDVQQDExVlbVNpZ24gRGV2
+aWNlIENBIC0gQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCl9ip
+9fb81Ji5Q4IYdmGd7/W07NiBwVc88fio32d+fFhqy8RcdOQnuxNy4IPVaEkybu7T
+xIRFqsKkJeuOugeVSxHW901zor5tcB41M2Qoc9UHsLN0YccirTO7J5a9ZCX6f665
+wl8vwCrxkS9bYbCtzTPlzD3JZYviySklUvViqL5VIBgfhC1xip/8NsJr6UOVSxqN
+mP7C9RPRGGA+TXf2r7/lJmN0bGQZMQXkvTjXW3ByWiQ2IIbv3eo8YL8ZQa/F6ngc
+jl+8axlGwkjIQW59UJuT7J4g4Yq4oBIlPQGD9lZdGalXxQv9S0u0ObrTmNTHo8co
++69knHPdf/oafdWJAgMBAAGjggEQMIIBDDAfBgNVHSMEGDAWgBT+oeBwHioDOVJa
+Qr5ckYV6GKpNtTAdBgNVHQ4EFgQUksV8rWMg5Uwjz2kRz6eH+4H0kfgwDgYDVR0P
+AQH/BAQDAgEGMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw
+Oi8vcmVwb3NpdG9yeS5lbXNpZ24uY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwMgYI
+KwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC5lbXNpZ24uY29t
+MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW1zaWduLmNvbT9Sb290Q0FD
+MS5jcmwwDQYJKoZIhvcNAQELBQADggEBABdsR/hE2wna+7CC1mCXRJGQE9Rlreg/
+/hsyKY7Y0vf/BHZk57YYY725lRg9mCESnNaapHcW6vpHlMF8kNN/bpcP7AKPG93T
+ePGF4k8oy1ME4/L6hpy+HYku56Pp7EgMFOxAX+q7g12cQlZN0laQjlSv87CQuQ8Q
+Vy5bZkK4Zof4fc72WyBXC2RKldeCk7zZ4h8qlPqIxJZGDRIdL8NylKkuzKfEF7Hf
+FXQbjMofLOjJHp88FAuOVCcO/YHSqvfLzcZPtkAsdtTJsFXqp+ePAtyq20YufMVv
+/AndNbcn69bKGqCFyeZTTB4YG3sNG4Dj+QoAyJZ3L/67XmHE4vEXv/U=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC/zCCAoWgAwIBAgILANEUJ2Zpi/ze2gIwCgYIKoZIzj0EAwMwWjELMAkGA1UE
+BhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5j
+MSAwHgYDVQQDExdlbVNpZ24gRUNDIFJvb3QgQ0EgLSBDMzAeFw0xODAyMTgxODMw
+MDBaFw0zMzAyMTgxODMwMDBaMF0xCzAJBgNVBAYTAlVTMRMwEQYDVQQLEwplbVNp
+Z24gUEtJMRQwEgYDVQQKEwtlTXVkaHJhIEluYzEjMCEGA1UEAxMaZW1TaWduIEVD
+QyBDbGFzcyAyIENBIC0gQzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQX0DJDuDta
+mLJE7/IRFQFlTcXslMujGM5ctACM/HD9I1Tofl9Ln9qaUyxsttbv65dLd791Y410
+1h9g94JqhvlPBubcMCcY0+BjvVmO7P05KeEpwcmktfnYAXofOupFc4ijggEQMIIB
+DDAfBgNVHSMEGDAWgBT7WkjQgCBA8qjpAAdpGXen5sP0zzAdBgNVHQ4EFgQUVkyJ
+uCXImO698nxiLa5pOTq2FywwDgYDVR0PAQH/BAQDAgEGMD0GA1UdIAQ2MDQwMgYE
+VR0gADAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcmVwb3NpdG9yeS5lbXNpZ24uY29t
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAB
+hhZodHRwOi8vb2NzcC5lbXNpZ24uY29tMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6
+Ly9jcmwuZW1zaWduLmNvbT9Sb290Q0FDMy5jcmwwCgYIKoZIzj0EAwMDaAAwZQIx
+AMOYzD9ECUONHwtVYK4aLJUsxYhrks75+3XEPWDz2vIXnKMD7mgY+7zEo8fRSrYO
+eAIwATmREIgZsvhS85StHYHvw5GuYl6D5o1GQcAvcF5d6CcvYVJZKI6WigV08+36
+h6eA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEZDCCA0ygAwIBAgILALrf0ps/HmeMaWAwDQYJKoZIhvcNAQELBQAwVjELMAkG
+A1UEBhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEg
+SW5jMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEMxMB4XDTE4MDIxODE4MzAw
+MFoXDTMzMDIxODE4MzAwMFowWDELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln
+biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMR4wHAYDVQQDExVlbVNpZ24gRVYg
+U1NMIENBIC0gQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmkb1L
+x0+6eN56d3D9Afd0fc/Qp5U2YAv+58LT7MdksmffNOU0Eh5lD/87lnFH89Dfb0D9
+ru9P0cuvllMJoQIJzEGShiZ1K50XZKz/xTUwYsQHYL4KtAKCTHdZjy6WsKS8VAoi
+aqHJAxmlI1vEXGESsGzCmy6TQyjNpIXRrHHlSFMtNn6NUllARATWjmm1vXqeh4M4
+ru48RuFJ/AvKLQwXWHHTfUNBEI9gSwmLTfenUBKUeLHnSJFPR3mSuEgg/Q1+Y2bG
+HHpe1IBy1Qg9M0UZMMeQhiy7SLvRu18MTJ8NcvDmpaKnrfO6+QLmwMl65/wdnz4i
+u2bpYzFR8mQveFtLAgMBAAGjggEvMIIBKzAfBgNVHSMEGDAWgBT+oeBwHioDOVJa
+Qr5ckYV6GKpNtTAdBgNVHQ4EFgQUyXEWRUM7Fl5fRv3uNU1Ee32udQcwDgYDVR0P
+AQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA9BgNVHSAE
+NjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cDovL3JlcG9zaXRvcnkuZW1z
+aWduLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMDIGCCsGAQUFBwEBBCYwJDAiBggr
+BgEFBQcwAYYWaHR0cDovL29jc3AuZW1zaWduLmNvbTAzBgNVHR8ELDAqMCigJqAk
+hiJodHRwOi8vY3JsLmVtc2lnbi5jb20/Um9vdENBQzEuY3JsMA0GCSqGSIb3DQEB
+CwUAA4IBAQAzd2UxT3MCEOyLiutoG4mkAo6UGNooruBKvRMfAx0IWndWqt9rIIMv
+pOFvvuCWAxVILnEWihw1MCBka08EzEBVJq1SWffJZ51YmyZrlvuJhoipaA7KRGet
+DzFBdGF86BG4dFVRbgMtfAen8YkkHMMfvL1+mP75Vq3vMm4E+LkIgjUlPzy0h5Xb
+l31QmWBgz87v/MC2ICLBaWVi45/yNA60Rcu1+Xf5C6WBjPLRHgcDPEbXWm5QmCpG
+0Is6WQHHGux8m6d4/1OQ6eftBPSahqPBbFtWhBsac3mdPubbMd2QPOmIUv/BCU+z
+eRRgbcq+KBV0blu2NkktFW/LhsAlcl+E
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEYTCCA0mgAwIBAgILAIZ2a3+W32DEb4swDQYJKoZIhvcNAQELBQAwVjELMAkG
+A1UEBhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEg
+SW5jMRwwGgYDVQQDExNlbVNpZ24gUm9vdCBDQSAtIEMxMB4XDTE4MDIxODE4MzAw
+MFoXDTMzMDIxODE4MzAwMFowVTELMAkGA1UEBhMCVVMxEzARBgNVBAsTCmVtU2ln
+biBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5jMRswGQYDVQQDExJlbVNpZ24gU1NM
+IENBIC0gQzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCLGiQaEHp
+3ZpW+vTk4Jj6i2KGMMHtHtCBrarQ/A2xLQYKsk7/8Y8aA0X6KfHnHzD6AhUCIn2w
+KF9J08YVqFEtxqzHIR2v6zHNdeDlBi8XJk+5Ip/+G0Vs7d0pcF+bvBknvnDLBN3N
+EE2eP9NCQgHtP7Sa2VKTKQAGcytyi7J13nOsvYJTdrbNaxijt35FnWAjo5OBlMch
+FVgCFWZI0zowacJ7juV7ebzFZpSvbThBsDKlN6k0DTpatG/xhC8kSMnCnwqdwyXw
+o2Zj3iVrbSa0TLA7Q2B9pjKEmKXYWYwTQ+ZWFWDYR3bdHjksKJ7VZ3JhG4997LHE
+NIVX86JupgJPAgMBAAGjggEvMIIBKzAfBgNVHSMEGDAWgBT+oeBwHioDOVJaQr5c
+kYV6GKpNtTAdBgNVHQ4EFgQU/MUVQPGvTxOymPJxDmMVN9GUa3QwDgYDVR0PAQH/
+BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA9BgNVHSAENjA0
+MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cDovL3JlcG9zaXRvcnkuZW1zaWdu
+LmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEF
+BQcwAYYWaHR0cDovL29jc3AuZW1zaWduLmNvbTAzBgNVHR8ELDAqMCigJqAkhiJo
+dHRwOi8vY3JsLmVtc2lnbi5jb20/Um9vdENBQzEuY3JsMA0GCSqGSIb3DQEBCwUA
+A4IBAQBmHDB5OlNSjHXmRh7L/Z2Mpfdn9uFd6HsQPefkcNiTfI5Cn4P7UkS6qaxO
+znuuZUxKYlJQIhnFPgpndyBRDsTF+tJfH9KzdIKZMz12hsINphQ7I1XiqZtUusZ6
+Gg7mS6+P8d7m5BvwJVvTlLVv6eWacQdY5HCloh8I6QOZM0TMVqkM+aWtMyoqx0FR
+MUBN1vHFxYID2TRMPxkDAst0a3jeTAf3NfN49zcG7XFAkhiCZ7a/+Kzh4DD4VXkO
+KCaRsIMyAVG9gVmDDZGtXaOP84tYKau15V7mPSQ3LySNu7k/yfz+0PdiSkVyJqAr
+wxcLVB190uhSK8ZkIF/0Vd7rGSfN
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC/zCCAoWgAwIBAgILAL1qB5arP4lVUh4wCgYIKoZIzj0EAwMwWjELMAkGA1UE
+BhMCVVMxEzARBgNVBAsTCmVtU2lnbiBQS0kxFDASBgNVBAoTC2VNdWRocmEgSW5j
+MSAwHgYDVQQDExdlbVNpZ24gRUNDIFJvb3QgQ0EgLSBDMzAeFw0xODAyMTgxODMw
+MDBaFw0zMzAyMTgxODMwMDBaMF0xCzAJBgNVBAYTAlVTMRMwEQYDVQQLEwplbVNp
+Z24gUEtJMRQwEgYDVQQKEwtlTXVkaHJhIEluYzEjMCEGA1UEAxMaZW1TaWduIEVD
+QyBDbGFzcyAxIENBIC0gQzMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASoJc/giurH
+D7w9ijG388IiMnqoVAnpOyBrSXjcm45/m/T7ALE8Rg9/SqyNtzFbY+na42cTbydv
+b7AmTe+p1ExAuJ3Ny8VhXNOoKVidL3bbJuPhSrGFcEfZuJZ+m9CxkNCjggEQMIIB
+DDAfBgNVHSMEGDAWgBT7WkjQgCBA8qjpAAdpGXen5sP0zzAdBgNVHQ4EFgQUjNmf
+oCE1Pvy0OplsLvIKKW/w7JIwDgYDVR0PAQH/BAQDAgEGMD0GA1UdIAQ2MDQwMgYE
+VR0gADAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcmVwb3NpdG9yeS5lbXNpZ24uY29t
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAB
+hhZodHRwOi8vb2NzcC5lbXNpZ24uY29tMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6
+Ly9jcmwuZW1zaWduLmNvbT9Sb290Q0FDMy5jcmwwCgYIKoZIzj0EAwMDaAAwZQIx
+ANsPTeeAHls5YkdQsmtqCJaDb67/euMmVnZs3mX47ZkZwNEkR4mK3gZQXHDso6pD
+BQIwN2+5oFgzWnl40VFSJ+ERw0u+9Pe1peo/FRMMg/ofrNXfyjIYBOq63AdqSK/y
+3k73
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDTCCA/WgAwIBAgIQdD3vyniwkl6U207/6YfgmTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgw
+MzE2MDAwMDAwWhcNMjgwMzE1MjM1OTU5WjCBgjELMAkGA1UEBhMCSlAxDjAMBgNV
+BAgTBVRva3lvMRMwEQYDVQQHEwpDaGl5b2RhLWt1MRQwEgYDVQQKEwtHZWhpcm4g
+SW5jLjE4MDYGA1UEAxMvR2VoaXJuIE1hbmFnZWQgQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHkgLSBSU0EgRFYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc
+dVshOzy6xhF2FG2o/Pwt1ffvFz9YY/DKfyJSZFLOPSRmP7ZmoOgAvzTINNWQvzLM
+9iZRUwGGbr/c+OtMtb7KGqEnTmkP0fhLHXesLuUTmrCbmV6VzL5VijXDsfjlrn43
+xA/ymUcEdfBYNLX58FH6mzTgsmeh6QOITSv6rSFDSydMDIxfKbhaTszreIOZwsdp
+Af98tSKWPYC2yTrBuYyJgl1dUEvLqIu2Hl2fZvh3Gmsfl21raXDKdOe3X9pLnM3W
+n+P7F+maxBWMnl3Shr171aRUtUycDd0jOSKsR1/cGWBWBmHtnCh/DgUS1nG77Y32
+MZeU5NBXqf9Mb+HB++UzAgMBAAGjggF1MIIBcTAfBgNVHSMEGDAWgBRTeb9aqitK
+z1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUEuZqJYZx7cyOaQxZGcAHvByorUswDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAjwwCAYGZ4EM
+AQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcB
+AQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VS
+VHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3Au
+dXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEATR9krPFDiZuXi+hX78Ee
+815XzEkjohsaiBT88hkZ+7oz/7CQYRedRnm+/IixHj44KGWKTeltDhNcpW+h6iar
+gYo3HLrCYuYKFRZYZCNXM5aPe3qGHrhEkN81MA5a+YIZAgfGhvSWV7tMPLS3LRei
+vIeq/TyGrH+vYswmme1AMBJ5wV7zuUfO4kpHchTuyMROFd4nTTLbvuzBcybG94Sg
+tzlQgGoHxFXzGnP8ItH+O+GyN1HQLSCFeU1vb7SOj3dBWq1y9Rhx7EWPAUv/R6/u
+FEJleLjfLuH8a6na2hAV9w5ju/L+7eJDK4Jqg6mj6M0WVKQHoxgdtV7Uks2EHZHz
+EJ52qEr6GCCH+N2t6+lgX70QTPd3HTrBHq3+gt1Texkc5HcxNleMNTapdnYLAgbH
+lV/+dAzDdOstgJxuKUTTbHkQq9PsK9D3B6YSLE77uMB8CYIz4cMMXSyl6eYW/AcN
+w5nhdYaya9/qln8wsjwHpcIyMm6VDZ56YUO9+lYlTWckoYUbFfYycu1vjBGk3jwO
+lv25gzKLkCGB/U5lzjZiOFpdTWR2RWETaF1jj3WZ7eq5U85U1hKQcyjhhW17eztv
+JbSjfvEVpi43tDzWmuiV0AQwhsZDzQxiijlkxEGSzR/cr95iqTwYpJI514ebJYKM
+cy5eYlU0tPBtcpF1t46HmAk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID+DCCA32gAwIBAgIQWdjqmvmL2NcDgGC3KHivgjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgwMzE2
+MDAwMDAwWhcNMjgwMzE1MjM1OTU5WjCBwDELMAkGA1UEBhMCSlAxDjAMBgNVBAgT
+BVRva3lvMRMwEQYDVQQHEwpDaGl5b2RhLWt1MRQwEgYDVQQKEwtHZWhpcm4gSW5j
+LjE8MDoGA1UECxMzQ29udHJvbGxlZCBieSBDT01PRE8gQ0EgZXhjbHVzaXZlbHkg
+Zm9yIEdlaGlybiBJbmMuMTgwNgYDVQQDEy9HZWhpcm4gTWFuYWdlZCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSAtIEVDQyBFVjBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABGMD1olt9hRphcDEBFNLSznWEGNp396VDjIwKXFEHTefBb8XXufyJrG8iB3Q
+Lx9prjBdzVYm54VirqLrernwLX+jggGNMIIBiTAfBgNVHSMEGDAWgBQ64QmG1M8Z
+wpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUsfUQuAp/XwlKeIXBoMFX1IisKlAwDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMDoGA1UdIAQzMDEwLwYEVR0gADAnMCUGCCsGAQUFBwIB
+FhlodHRwczovL2Nwcy51c2VydHJ1c3QuY29tMFAGA1UdHwRJMEcwRaBDoEGGP2h0
+dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9u
+QXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6
+Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAl
+BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQD
+AwNpADBmAjEArVSob+U7lXhMJ50k644j6ozzVVmsKqrQ19m3ShK9mVrjUljo3pik
+UwzArP72JpR5AjEAocbFI1NxqReXrs+NwPZOmEkaa5JlcUutG30d9ilvMTirjRD4
+rsBrAjrEYh5vb6GB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDojCCAyegAwIBAgIQVcqTCol49JA5uqgS43fjJjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgwMzE2
+MDAwMDAwWhcNMjgwMzE1MjM1OTU5WjCBgjELMAkGA1UEBhMCSlAxDjAMBgNVBAgT
+BVRva3lvMRMwEQYDVQQHEwpDaGl5b2RhLWt1MRQwEgYDVQQKEwtHZWhpcm4gSW5j
+LjE4MDYGA1UEAxMvR2VoaXJuIE1hbmFnZWQgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkgLSBFQ0MgT1YwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQWaOsTMpJVnIu9
+sAg9gQ32Nh/7thi++Kl521U+IcnUSYs6jTPiGh3bV+Z35ydIsC/OsIpnHkK3kMe7
+/cI53v+Do4IBdTCCAXEwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5ow
+HQYDVR0OBBYEFI7U+CGHuP7kGXUSYs6J5qL6A+1+MA4GA1UdDwEB/wQEAwIBhjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgI8MAgGBmeBDAECAjBQBgNVHR8ESTBH
+MEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2Vy
+dGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUF
+BzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQWRkVHJ1
+c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20w
+CgYIKoZIzj0EAwMDaQAwZgIxAPsDjoxk6+DiC5m8OqOYv21U8FnXyoNvpM4d3xwS
+DZrIfnyd1Kfbu+UOSXY/3ZO1dQIxAImlru2i9AfI7yr/SG2B07yXB+yOFZRxomKk
+3FUVs/ZDIeCH7HpHvKDj0ItaSC/BXw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGYzCCBEugAwIBAgIQJ+vDeJVmhqHyso4U7nc2gzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgw
+MzE2MDAwMDAwWhcNMjgwMzE1MjM1OTU5WjCBwDELMAkGA1UEBhMCSlAxDjAMBgNV
+BAgTBVRva3lvMRMwEQYDVQQHEwpDaGl5b2RhLWt1MRQwEgYDVQQKEwtHZWhpcm4g
+SW5jLjE8MDoGA1UECxMzQ29udHJvbGxlZCBieSBDT01PRE8gQ0EgZXhjbHVzaXZl
+bHkgZm9yIEdlaGlybiBJbmMuMTgwNgYDVQQDEy9HZWhpcm4gTWFuYWdlZCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eSAtIFJTQSBFVjCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAOR14div88TwD7xKrgvxrp5JNl5YGeInbA4FFUF5tx5Y4btV
+Fpf3tzJzyhrYdDL17y6AxTCH5w50OF5GeUcAIz3duDZ9/7IsbV5Al3jO/SY7QEgj
+hs85bXKd2rR5NiOCGqYA6BFNIMrA+ZsJN65aTq5W3KkpZ+U3Kz1lAH0ka9rf6HhN
+MYkP7DaEXNfXoouC2HIq3zAG3gEhEjCb5ERJXgzZBHz0ug2gmTo3yFkqQa0qe4CA
+leaAEPQ3Rqh46o0BoH0FCC4zi60k3OR8CxpJfFb0u51k5+1rDmxeYqdkueXgDBBV
+sqPGNn1JTLUyx3ThszvYp9b2z2FvkzfYYxTKzFUCAwEAAaOCAY0wggGJMB8GA1Ud
+IwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBQWrDmdJ1Ix/DS/
+lhm7liH2TUBWCzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0gBDMwMTAvBgRVHSAA
+MCcwJQYIKwYBBQUHAgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wUAYDVR0f
+BEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT
+QUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/Bggr
+BgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFk
+ZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu
+Y29tMA0GCSqGSIb3DQEBDAUAA4ICAQA/oS5oI0iLE8FocdcGhMP4DkUYlNefQyjV
+O+0l7M9x997EwgfJUiBRU18dJVSNxwSqT4gNMv9KoBH3vS+ozbbh5i46wPf6Vx9A
+ihqGnv6OK4lgHuRrKwfIqJ74gWSj0mznGhcTEDbm2XDfJ9ok/+70WnJFKGssvA+t
+Y/Y8EuQGi8ue2lZZkvrnVraNAnWq0NgtHZMWmJi108BS9OYAp7Br2r10SpGM1noG
+uB0OgFv+OjxYt1uFArTY6k94h+c5QPfoYi1BeDbe6BLSd7/k6ekZHCHttb/wuP7u
+r56066ZiTT8yyMeDQiUFcdBUv/Kr57I5Tj6aRM7egEdzxYjIn6THEd9s7XwQZBy/
+e6V8kZzGk5NpR3L1n+VgUdUaRa0SjN8eTav98PE1CSO66xDXHgNBaXlrrDKnh5b0
+may6dKEZPLTymQXAZFZrKlq3+25akd3O3P6Wg39pWgNefCJZiRMYAKN9md3AHWpN
+VKRPr5mOj3oRH3DevRvRoZTNvG3kkArphpr957Taaqio8J/362+hG0T4KjrWMq/H
+UKhvDpxQQAqrwz0JTxPc+DsWS4TKgNtRxKSB8Qgj21J1skKNsOSFX3uJn1V6KiiH
+tALvG8wa2DovFMB/l7aoUvuXvqFSdklTvgG3dM1WtkiJVkrLX19Q6PtmyCctrhwL
+CvhVBCVzPQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDDCCA/SgAwIBAgIRAJO88SPcY1wBm065Y1j/9EcwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MDMxNjAwMDAwMFoXDTI4MDMxNTIzNTk1OVowgYoxCzAJBgNVBAYTAkpQMQ4wDAYD
+VQQIEwVUb2t5bzETMBEGA1UEBxMKQ2hpeW9kYS1rdTEUMBIGA1UEChMLR2VoaXJu
+IEluYy4xQDA+BgNVBAMTN0dlaGlybiBNYW5hZ2VkIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5IC0gUlNBIERpZ2l0YWwgSUQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQCJqfDP1RG1UldfC9g1tOO48ejxRfEYdd3p5l9IVWBDK/PykMGInHLO
+6BQCY7B4+aMHhZODrUrgRWHhpnX+BdUKS18twOuqt0/6ySZ5M2to8oHBM3637f7Y
+Qvc7zl004L6HFbV/K1981SugG8BGv5rjWeMkCzDHL3P9E5RwXh2htCzLlK823/bI
+tXlSZoWT92T24X6d6qta78/tqTdmYW5TxbyGw01Lh/LLVhBXetGmmLD9YU9MUiH4
+ikp6Sgjwf1Y9O2G7MRI0EKS8/I2dboP35e0AI3yu7AVDZNFaB+FeLSQKNfQDApfw
+uyTJv3VptXcZ7SzX6eJX7lcJbNTelretAgMBAAGjggFrMIIBZzAfBgNVHSMEGDAW
+gBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUK2048SABXiCO/JyjboZp
+Z9xQrcMwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQEC
+AjwwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VT
+RVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEB
+BGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJU
+cnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51
+c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQADsdND8yK3sGG5DfpdeBDR
+9NAo03bylItUruwVaDcAoOPv6oOH0c7dc/flB58IFzL/qFCOkaxw/1i3tB8+TgdA
+PG2qZb6RLHiytBuTgO6H37PcPh0ntg7oEejIMIR2TANTiZEhu4OQV2ay31K9+LkL
+EsWbnJa1yK0ut4l/sTT0WZk1wbfZvTzBpaQMHtxz/r7fK77CtOHL3zZm2lETpURT
+EVlR4FAKPXktYFz8oKY0F52SLfqqV1jIWD2RHSUwFp/8qnB5639YoXPCqtmJezC3
+IarLPUgCuTR8pvurYG8Dj3dTmOxHJ6qX/IKsk14CE7UHJ529GoU1w8OpG9dX2+t3
+vWmuux5WYwsysk7wDFxkz6vXOAmsQwl4mY/F6GQ+MD2t5k6kZdOUE5Qml758NtDl
+LqTCc8wprrYlpv6IM0ywxTjqJ7BprE9gDLui0AmlZLDYAO30OG1iPWQue7A1Z1RT
+UfIq/1CpJS48NrgQThfpQIvN4ruWdS+VXU3Bz1klTL12pCvM2IyGdGmzLYtWYCve
+PcanZm0YAxvq3hGjAfZKr2m1NgnnFM2w50qhSZTxoPHm0vUhaUSciStcqUcJPzLT
+3flR5NwDZwlz71sRKCUR3hQxFq4C7f8XC+Y+GKFzZlIj+QrMW1uUoA/cJJAQNVVo
+JOK1P2l8uSVau6OPwUGqNQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDjCCA/agAwIBAgIRAIqhu/+4JDcehmfy1fL4MLYwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MDMxNjAwMDAwMFoXDTI4MDMxNTIzNTk1OVowgYIxCzAJBgNVBAYTAkpQMQ4wDAYD
+VQQIEwVUb2t5bzETMBEGA1UEBxMKQ2hpeW9kYS1rdTEUMBIGA1UEChMLR2VoaXJu
+IEluYy4xODA2BgNVBAMTL0dlaGlybiBNYW5hZ2VkIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5IC0gUlNBIE9WMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+g8JgAdvuvU6oyP1QTla7SgHIA7AB1oMxKtpMSwJxte8p0oHmET9MwguZ3LTB3fE9
+Q23s4OIuLtCdR22IJyziDFJCV7arHZvKMuQzfcHyh/h9/u4uu/5LnO1uzTI/uDNN
+SAOD//ecQqCK0wR1ZpoSyTIHO1bW4Ptj+zz3Tc9ipyzbCkZW4vYh9IlJaqDLArgH
+dGIUt9OTLKw2Mxi/SAVhy1M+C6xPdtiwp+LJh7FTmAxFlCOmgRySg286l+pQJo0+
+aqUviExBJMINmNN56yQ45rG6mij5gXEoM0R5doEYVwMRLoHYcTBMrZpajYvXd5nZ
+rKozYdLXGjzuBFbEJQp7hQIDAQABo4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/Wqor
+Ss9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFGvX7LQGKtw/seXgX+uhorCLZIimMA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgI8MAgGBmeB
+DAECAjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20v
+VVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUH
+AQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3Nw
+LnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBACd4AZHxx4CFaviVeida
+HiA3fwMfTY3IKyrVWDB9BXMI1SCuVTtVe2QY+3QZgS/XRoKLANc6jc5RpxjFdMZi
+7NSgUN5sr9e0TZ3CO+jqlQoWDYmbThdWxif6mBlfnNWQBvBv8J7acnf7H90MIFXp
+eu/0++awDI7YNQmK+1VYizR3jattvj5sspx8ae6IlgRHfpGs7yT5dDcjGfE8RQ2Z
+J5AP0Iffkkc8SnejunPPjpM7qgl+wRDK1Lfp8MthSEn21zBzGDLIIc6R+CRvBvBw
+cHTIUXKt8FRPE28z1vCueIlbtmT1S2ITax1kkdwe/gg76IUvkovixUe/YGzuUk8c
+2O5KB3qlkfqZuj5kMS6IRQ56uG4BdWzG5PZdxnGu1fk63QjZU8qluyZoLhTT/OL3
+CITS2STxWTg/zpifL/lnQ1MFoFoP6TzSQO/UwdGcnlyHSsChJ3TGvJY8jTC34HpI
+fS1WaOqb08qIDOExTQ1bVbVmXs2rswarBvFGoGtNDfKjMa7zSzuAYxg3P1qRTdks
+oEQ+jqOmUMPdT4tzHhIxSbb01W4VTuhHRaK1R2ChHN516DTMeJk5TsQy/vEwhur8
+lmL1V1F8czhZnURtlce57ByDbnbVEVeTmlT6ka09Q0tJb/lwYZa24t5erJFgK26l
+7PPMRjdIg7fCdU4y8Gd9bBIu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDojCCAyigAwIBAgIRAJLbl17KKwqyzn31vkoa2DgwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDMx
+NjAwMDAwMFoXDTI4MDMxNTIzNTk1OVowgYIxCzAJBgNVBAYTAkpQMQ4wDAYDVQQI
+EwVUb2t5bzETMBEGA1UEBxMKQ2hpeW9kYS1rdTEUMBIGA1UEChMLR2VoaXJuIElu
+Yy4xODA2BgNVBAMTL0dlaGlybiBNYW5hZ2VkIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5IC0gRUNDIERWMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE5le9RFTiN4Qu
+aUJa6g5FK0eJR9vWQniDm1VHA/KhzxSSnNkFGLR7nOyg2Gi+VbgBkJu7GwF9HkdC
+nLDMZkadKKOCAXUwggFxMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2Oa
+MB0GA1UdDgQWBBQgjEj5wT+vkFXrTlj3NzjMSCyYJjAOBgNVHQ8BAf8EBAMCAYYw
+EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICPDAIBgZngQwBAgEwUAYDVR0fBEkw
+RzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0Nl
+cnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEF
+BQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRy
+dXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29t
+MAoGCCqGSM49BAMDA2gAMGUCMGF8B1NMSVXoOqC6ap0vUfi0DRC9fxuaoDZsFdLz
+XIPJ1K4HZShRLAI2KWmoCDT8SAIxALdUxWo4S29b2fdqM1DSR9QoDRqHzCv+a9cu
+Ov6QUJpUqc6szZsd+2jbxP+2vmQ6WQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEijCCA3KgAwIBAgIJIrmxL00F+e0TMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTgwMzE2
+MDU0OTEyWhcNMjgwMzE2MDU0OTEyWjBfMQswCQYDVQQGEwJKUDElMCMGA1UEChMc
+U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEpMCcGA1UEAxMgU0VDT00gUGFz
+c3BvcnQgZm9yIFdlYiBTUiAzLjAgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC/NKS4RcW1bUr4urkpXCbWvTCjbfonQSWl0osrF4KyQMPmhSwSIe5h
+VbkxjXJNIa+xyWT60rlU1w5rQWD2tTd9unXB1H3SgFwHqlgFLwkh28WSo8uKz/fr
+VP5sv3VCEkuJxUglSj8D11H3ZxImUYNyvL0FpxfBfqZLbZSg4/Lv0hytwoIwfR3V
+JyXbdi4dgCKuBar/ky8/JBPNVgsyxFLEVMD2o9rC0WhlHZZkDRlNtl0mJxoYKe3R
+ephuZmMbqS+eAMdNeKCBeOmJmoUe3qNPkY44+CdpxHLluwn3GP6lTyp7NhCJWK8q
+lRrvIR9i+TQ1envWX3t+fcgTUeLvHNg1AgMBAAGjggFJMIIBRTAdBgNVHQ4EFgQU
+y+8974N0oahC8DtANvptgpSpJzYwHwYDVR0jBBgwFoAUCoWpd2UFmHxAgfgPlyw4
+8QrsPM8wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwSQYDVR0f
+BEIwQDA+oDygOoY4aHR0cDovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0Mt
+Um9vdDIvU0NSb290MkNSTC5jcmwwUgYDVR0gBEswSTBHBgoqgwiMmxtkhwUEMDkw
+NwYIKwYBBQUHAgEWK2h0dHBzOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9T
+Qy1Sb290Mi8wQAYIKwYBBQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vc2Ny
+b290Y2EyLm9jc3Auc2Vjb210cnVzdC5uZXQwDQYJKoZIhvcNAQELBQADggEBACxo
+n3N8Hb+9TV54ifrP7lf/O9OPvFwjECLgwSo+dQ5q43MT0sqDgHMhMZnxlqXdSyx9
+jINinyLFDqS8DwpB/DxWVnNcpCKVDLyB8l0G5XICJys8qQv4D2wwcj9bDqchy+sJ
+gx3gigDgUQUCG0Jiw/42tbeNT0VrFbobujWosSYFvCeEdizS4IdbGf/gRBv21d4y
+s56hd9Sxw7DmU5cE8na6aNwWNgmyp2Wylbep+ZhCYVdRpSn8SzadqmNc2Yo6AkgT
+kLeeaUBYEjuZWa+tpvuQ4Zs/D4zXbaktVYjCIABvY/qVYMlXCsT8nl+mS8xwyt2s
+wf3q8ImxiBdrmEBYV6s=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEhjCCA26gAwIBAgIJIrmxMewN/wn+MA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTgwMzIy
+MDYzMzI5WhcNMjgwMzIyMDYzMzI5WjBbMQswCQYDVQQGEwJKUDEqMCgGA1UEChMh
+TmF0aW9uYWwgSW5zdGl0dXRlIG9mIEluZm9ybWF0aWNzMSAwHgYDVQQDExdOSUkg
+T3BlbiBEb21haW4gQ0EgLSBHNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMvHidrFR7CRsutS5ioQCQBe5mtBfm1o7d5Hu111so+QrOMzZqtXMFTppYAG
+qTWst4HW6nNIKgoFcbngQ2motJ44P57oTXu4kUHJO9qti/l9VVU+IIwPgb/xJk6R
+jp5OcJfg5OPmDc6f3qmzl9803mKO1OO3ldDBGqq430cb1e6EfAD4xw+Rpr7fq5g3
+PwW1v6cylM6ivOYxYwKhioPUFigzomVNSnCZMzZcsvIjsm+q0UkiCdJf9UcK8/uV
+tW/3RWLO4SmqAxe+IMnjMO54Bpx1vyLm3jzDC3s4ndtAadQ7+GIvan9RsalRIhjM
+e851BiXf1URA6BJAVW6bDVOS9ycCAwEAAaOCAUkwggFFMB0GA1UdDgQWBBRnOjrB
+a7ccpkFGOTCEyGkAWRFYwTAfBgNVHSMEGDAWgBQKhal3ZQWYfECB+A+XLDjxCuw8
+zzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjBJBgNVHR8EQjBA
+MD6gPKA6hjhodHRwOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290
+Mi9TQ1Jvb3QyQ1JMLmNybDBSBgNVHSAESzBJMEcGCiqDCIybG2SHBQQwOTA3Bggr
+BgEFBQcCARYraHR0cHM6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJv
+b3QyLzBABggrBgEFBQcBAQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9zY3Jvb3Rj
+YTIub2NzcC5zZWNvbXRydXN0Lm5ldDANBgkqhkiG9w0BAQsFAAOCAQEAVRMs/1m4
+BpEywQWRpNzsii76IdwI1b4h4a5Rb/n3UckdZYh+jWzADIGUWy0D4g2PY3Uz9SXR
+4f+T31hlDEfWEd7QZGCRe39/RRyxeRaLtBpldWNIDDci39ykURNcOSRDqou8+TaO
+vFzqqhqR7SZ6M3E4KmkTSfNlLtx0agUXxQoryGh2TtLf3yDaQpHCHE3qLEhXQMVS
+ij+wmoaB10kaXIB/m1KHWvxYNbehww2c3QAVyF7XWvk6rm4w2WzC6TaGaID8Yiei
+Cw+lIAx2cA/Rb1AdlJGclb9NIwJ7XBq+XGiBrWi7iwAp0CoNqLQQWote6rLpy9Bm
+wy6x003kcI6jZw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtDCCA5ygAwIBAgIQBe2I2AiNEevd1iOWPLrtQjANBgkqhkiG9w0BAQsFADB+
+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B
+LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD
+VQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTE4MDQxNzA4MTUwM1oX
+DTI3MDUxODA4MTUwM1owRDELMAkGA1UEBhMCQ04xGjAYBgNVBAoMEVdvVHJ1cyBD
+QSBMaW1pdGVkMRkwFwYDVQQDDBBXb1RydXMgT1YgU1NMIENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3bDSXQGHkyoG7eDKKPzHRoQ/Gz4Xd3g+v0T
+hYSF0Xzk9aJtZ3eW08OoRO4DWYdPfMlxeinBtNFnvk4vXNg5ozkipW3+PNGnY9cG
+ApDCkCtXp/OWHzSUZ+t4M5b7qLLNX6P/F+PGAu2YofVJRUjeeZunjfxpCUBiOZbP
+f/oW89VYk0mPyXDth2LBu06OZKb5gxbLOXTQTrc4CMoco+cjd1biGX6pOx+Q2oW4
+S0v1i8s01bKNdRzz8viCnSEQU4PumjmbRns3gp3a8sR0DSeQcNofXeQXG/6Ar+O6
+igpxPLWffKScbXwOliMS7VJlndGog/l006YZq2PntBjKPeNTzQIDAQABo4IBZjCC
+AWIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUasBJGVKf6gFeRQyx8A9+
+oF9tj+UwHwYDVR0jBBgwFoAUCHbNywf/JPbFze27kLzihDdGdfcwDgYDVR0PAQH/
+BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA1BgNVHR8ELjAs
+MCqgKKAmhiRodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9jdG5jYS5jcmwwawYI
+KwYBBQUHAQEEXzBdMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0
+dW0uY29tMDEGCCsGAQUFBzAChiVodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwv
+Y3RuY2EuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRw
+Oi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEBAA+GSfjo/dLY
+crpFOsGSFIp72D+pXBL4RHmPY19Aq5YTckBb8aGinUS0cUDduZRWALlzAM6JT2YB
+NWNngIDW+bXpVgl+9EU35OdsRQ1sTUQEVJz4IIllcguNVkURrGZ1g07crqm24Nlg
+Hz+O76TNGQCyl5iE0tm/6W8yIHYs0H7FYPfSsN6QQoCsfqKilM146Kg8IDVdw1hp
+8qc3gnyrxSf5/2HHrThm6jnZbvqVf7oe5COCFZOkbQvfUz1z/oCwIJcFqtZD66Ba
+09UpHIb+0bJ7dH/z6RXEtXLouOI2rwuMcIoPmt8sPm2EVlCi1DV9dFUe35AKz7f7
+N4mHRMuw44g=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtDCCA5ygAwIBAgIQB93tZ04qLAjJ3mZmyXFUHzANBgkqhkiG9w0BAQsFADB+
+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B
+LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD
+VQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTE4MDQxNzA4MTc0OFoX
+DTI3MDUxODA4MTc0OFowRDELMAkGA1UEBhMCQ04xGjAYBgNVBAoMEVdvVHJ1cyBD
+QSBMaW1pdGVkMRkwFwYDVQQDDBBXb1RydXMgRVYgU1NMIENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53L1DVH9SsTSZGmdR4B3J8Dd6Z68JGyPnoGm
+BWsgeYw5IhVeRxYjZ2TP9kUB5H/Iz2sqKzcX6pIb7eHuQeMmojas6gmmqm+ZZmR5
+LixWfK/JYdJHHAIglZWG4HfQfQnfl6QK3efRL39VFzwV/AyUKQhD9lT13nMSrj/t
+E7CiMxMY5ndxp5G0vS3T3R38KMCRSmuvvMm5yeYWEyNeRi3wVASlcF7/xIoPxDSC
+mOJKHXTth6oz7EJ+hEUG9rpXV+Hsuojyn44d82IK2qP6Fy0vLxPT1ncTvKC5bm9Y
+5GULoG8j+y5M510yXygmiWHjeVjozLXaOoLDT+eG0GMpEeXWRQIDAQABo4IBZjCC
+AWIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUN+0f31saT4cl4EnGbXMC
+OBJIFGMwHwYDVR0jBBgwFoAUCHbNywf/JPbFze27kLzihDdGdfcwDgYDVR0PAQH/
+BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA1BgNVHR8ELjAs
+MCqgKKAmhiRodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9jdG5jYS5jcmwwawYI
+KwYBBQUHAQEEXzBdMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0
+dW0uY29tMDEGCCsGAQUFBzAChiVodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwv
+Y3RuY2EuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRw
+Oi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEBAOHwsrFlEhMq
+bFyZ+lRLOBYwPOdZn9hin3ZC0qw4Qsllz1vUbf2N+v8xSSyw3NyzvpsXNbfld4PL
+u75Gj5WrVJ167usGhadnEa4fQKTkCIhCYff+y5NbYxq1QykPZtBSyXzK1vJ5LkRM
+BMeENIVt92xmY1G88gBHOpwMMMdBVAk60wNTC5lZ9Ltj95vwDI36PX2RNbVLUTIq
+5cWIrDbEMMmSb2s4ZZFBeFZnkNWJzYY++MYW/jlnFxK4Rib+e9cldnyXekQcETXh
+PJElZFjoVh+MJYKLzJS+aBPKrwNsYiXBR+UZeZZV48KiFeJr7CsiE3SoVH9543do
+AlzeB17MwSQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtDCCA5ygAwIBAgIQNJuxRK5WEemb9DRcf8mu/DANBgkqhkiG9w0BAQsFADB+
+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5B
+LjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSIwIAYD
+VQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMB4XDTE4MDQxNzA4MTg1NloX
+DTI3MDUxODA4MTg1NlowRDELMAkGA1UEBhMCQ04xGjAYBgNVBAoMEVdvVHJ1cyBD
+QSBMaW1pdGVkMRkwFwYDVQQDDBBXb1RydXMgRFYgU1NMIENBMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw67Kp7Ex6gJWNZ/TlTw0+LYZmXEkXsZCzUI4
+B8hvMvA1w1aomgWDJmKCAhbi7NXAgJNfNov3xBz8IcK5uR94m6D1RfdR+kWPMTxu
+2s4uOJ3ZnFrl+20UIOE5b+tfDssJXexBJI0VFY20TKi9Uu1UNHSPN52zJUm7dbai
+Hm31Jhhmepbua3PHH0juJBxuusxxH294pKc1R/Xfj8LyaHOwDTZs8LdF9qGPZMsb
+IhbxBC+y2bnOlWQqBsTNSSaJ8dcdBf1XnGMrrocxuKGOt/DMMuO1T+G0XSKbOTVn
+Tz8oXNZTKkaoDdk1OMPWWxFPp/8v0R0mbgNgqXNGda9Jy48R6QIDAQABo4IBZjCC
+AWIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUc6j4jqRUTYECchxOybKo
+xTSTE24wHwYDVR0jBBgwFoAUCHbNywf/JPbFze27kLzihDdGdfcwDgYDVR0PAQH/
+BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA1BgNVHR8ELjAs
+MCqgKKAmhiRodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9jdG5jYS5jcmwwawYI
+KwYBBQUHAQEEXzBdMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0
+dW0uY29tMDEGCCsGAQUFBzAChiVodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwv
+Y3RuY2EuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRw
+Oi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEBACEJ41laE9F4
+/w1eq0jyW88LZT4e3pWrUVSvlsfxqE6vfs3uR5Jgq50j2tnl61KQySo9djPU3+QP
+aFI3c8ktRJH2zZvfaBS+6osCUpU4nK9yeQTcylATzdufHu/vhTjmgr1JJhqm0Ckn
+77zctm1qjt6YIqZs6yyGKXoMJgGmL8b4lZvnTN0gqQMRahKinH+aB8647td3ufdt
+FLRYOF2HCdjmzVH6YIeFIS/o+JfQXO3FRQtUDWaMkbNUj6yY8/PtQYKsedm8bshx
+KKB9kTp5pMI9EsZ1awBbRdthH0LvZW88fBdTm2YyPyFvd1GlqSc1S8R4w4qqU85X
+lKP8UgR+amU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFqTCCA5GgAwIBAgINAenYpMwYI2wqWMGvjDANBgkqhkiG9w0BAQwFADBXMQsw
+CQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEtMCsGA1UEAxMk
+R2xvYmFsU2lnbiBDQSBmb3IgQUFUTCAtIFNIQTM4NCAtIEc0MB4XDTE4MDQxODAw
+MDAwMFoXDTI5MDUxODAwMDAwMFowTTELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEds
+b2JhbFNpZ24gbnYtc2ExIzAhBgNVBAMTGkdsb2JhbFNpZ24gVFNBIENBIGZvciBB
+QVRMMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm47K/WPMAJCbDPsC
+KjXoongnobvDIM5MZtWqqge2lJo6JGddSyoRv10p2ptJTP1x2bQkVTuLUS4Wt2ky
+0mRTic16jixUYJODUS3sidE4CswZspPsWGQ6qYfFKiUSwo9cDICTvj2Erua1iw/u
+aCVx9s4KEUgHOt6Z49IOJQWRhCtCqO5yp4Vd/qgRZ+cZ6iAjN0nWtphcOtrfX1oJ
+R5yIVH3NkT8vDyWizGeXC/iC4cCWTQyljzi1Y7m+1DE/LKCm4wmnULYXcqnBoEJC
+ocJvNoCIYtTdsAFUNXXKeIgKxDPFkozh6U4P7DBfscVZ6bpjiza4fBpelMUzgTL8
+vtb/iQIDAQABo4IBfDCCAXgwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFD6z7Q4zTgYe4JWyfRKfuApHgKenMB8GA1UdIwQYMBaA
+FInvdXF6X0cblyPckErL/8AmNgjVMIGIBggrBgEFBQcBAQR8MHowNgYIKwYBBQUH
+MAGGKmh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL2NhL2dzYWF0bHNoYTJnNDBA
+BggrBgEFBQcwAoY0aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQv
+Z3NhYXRsc2hhMmc0LmNydDA+BgNVHR8ENzA1MDOgMaAvhi1odHRwOi8vY3JsLmds
+b2JhbHNpZ24uY29tL2NhL2dzYWF0bHNoYTJnNC5jcmwwRwYDVR0gBEAwPjA8BgRV
+HSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl
+cG9zaXRvcnkvMA0GCSqGSIb3DQEBDAUAA4ICAQB4ODWDOTBktFTpBK0tttngAi9i
+qUto8Yet77L1lNmJtq7cywDPd1FAT1R3PDYryz3P/y46l2UMTBbq8NssO4Cyq6CK
+Bcfl4APHuiMSTGmo6LFa6vQTCsSBzJ4+ZuYonQh3mrjmgN7B01z7gb90uerbOTE5
+YyodkDseAiLAR3rBJIxY+0Es7Md5eTQUuSV/Ncd77fwVafg2WbMssBIiuU7ERpo8
+DSG37qLswNwSkYQ8KN0whjGo1EdFoEhRqSVLaJIeNqJnufIQFBUjzJ+O17yk484h
+lbMuJfrXKC5hB6oi9xn6R6JWMMeAoKEbYy5pNc0LH3rqRfm64ue8WvWcTdzVsmzY
+rMDJr/S07XDLEHcqsCbPiww4ObT7fPUD5lT83Z7ld2+URdFbYckO3HVSYEUz5Vte
+K7WPbflGgW7kwm4a+UtHZimscI61HO7gRNpVIBrIXyls1TZ66DoExI4siPx3hqt1
+eJo0l0S04IxHRdamWmAGZxAD+5SMcV39KJlo9V7b59ofrjOoqPxl8vIHDG94/Gk3
+P0B+v6h+5tq8mx4IO3daubAibLcih9PDqREE/t+sjnSxLk7Vb4TLSMRn0NwWzZKc
+/MZ5+hU9Tfb5uie411V/TW8qSrhA8Dz/6nAtGZUZwo4wNoCXlVuHOVJm+4nYpRL5
+/VZLVJQF/CqJcXodYA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGUjCCBDqgAwIBAgINAenYpKYtKygROYKpTTANBgkqhkiG9w0BAQwFADBMMSAw
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xvYmFs
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xODA0MTgwMDAwMDBaFw0zNDEy
+MTAwMDAwMDBaMFcxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52
+LXNhMS0wKwYDVQQDEyRHbG9iYWxTaWduIENBIGZvciBBQVRMIC0gU0hBMzg0IC0g
+RzQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCvcD3GkMoJwy76jKZW
+uyMoHz9kjGDbV5td/aJzH6qHqGwOTlD+cfYpd0HYP021757wOkwueD1yniqcsDY0
+8CqVDuUPOB9H5R5TLWQ0VKYLqjphqap+mKTRGmQyl50OKk46S+Y+76/cZGVnImX7
+zTmzODpJBC4xhjodNO01HboRS2M+cuLWnZTWmF0iGxp3Gj1AfkTUA4TV/vaBCuTO
++LrM6MjXy3D7/x+MQtnpniplgDWJvEX503rUIfqfXRxwe2dLHASiHOZI63INsxUN
+oa3dMHfmEmYXNIn2wxRJru6/ZHhS8aT9+4xJS7eukjz7PkcAgYT9TL104vDVOi3A
+1VeGkiZN5J1AG8F/zIHX4H6JAQUZG1sNCNXMC70Xg8CCoShWzLeojG/wkEEFLgbR
+aqpN0fs76HO6V7OUyPdCZw9/LRRy011w+GmkGdoe6F389oPtw+jDeOjJcCkJflhg
+QtgY+CjCD9uMDDzA7J1WM5kgZyxAcqB6DJ6NrSgaaMnLeGijZeOXUpw1SSXT17G4
+dUjQA1iYbHPEHv1LUz1ah6WwCBi8aE74zqE3gRKYV8ygPhFIpr/vJz4ZSUKcaHEx
+OukkfsDSKwySOyiGk+x3YFvMOrcV3AVf7+uSN5N6Zws4e6zX1anmx8XRin2KwvTE
+DD0oxZQYQPMbQKrlpu71PcNFKwIDAQABo4IBJjCCASIwDgYDVR0PAQH/BAQDAgGG
+MA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFInvdXF6X0cblyPckErL/8AmNgjV
+MB8GA1UdIwQYMBaAFK5sBaOTE+Ki5+LXHNbH8H/IZ1OgMD4GCCsGAQUFBwEBBDIw
+MDAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3Ry
+NjA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jv
+b3QtcjYuY3JsMEcGA1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRw
+czovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQwF
+AAOCAgEAPNOVRXNenNevDd11a4NdldtLhsOxP9Xn4GY8RuYhZw4Iae7l4C7hTjZS
+i8R3Cbci2DSFtKOjPUw9TJHH4WBIqJxnOXNDIqyEVK7ciLiMnKOGbZsVt9v/zAHB
+CFcOHyOTXebOdthV3iIi6twleNSlwh66izJ7CgKCk1YZRQx/TdHELW6a3rnYvLcj
+ggSxkoLzUYqYcKLj+cbByLDrIJDKrFjEYLSI44iy6UFLRuPuyH69GjS2ewtAKDHA
+0zKCUaOOmRHLqw9g9TZEYxyUdFUlVmWazqQQryQjyc7QDjNOMsDVn8k3tqhqJyLY
+QabNmD1QNyGXG5thHf3O/CPvzrEQstA+eL/2zxupiONvyw2uqBEMfcHAMqWgUbmY
+6xFTbH3x1NDeZ+/IyeLg7qxltC7iOZM7RimTRkeUiuAeNF5n2t9JSoPCLjGHgUOK
+leK6Loug6pFAgVlFyaWcmT0ur56CAoi0ia98OjeoRPS7bk8cwYTHyuV+54yJjC0o
+l4vmPGZvrShC55oABswRll3XOQU6wjzqZvdBAyP7XcURrm6plC5WDTfw2FuK11MF
+KyYzCbRFyWVt6ubvaaRvKhDBQUkJwasEHQQpYBYFjD1gpDqAEZq04FFK1fRATwjD
+RlgutBJ0TicBTMXBJXFLQxOZxh2ikhUkdAobtCtMAq9wy2GXcUE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEoTCCA4mgAwIBAgIQAW6T0Y/Xc0xSPNwz7ToIWTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xODA0MjcxMjQyNTFaFw0yODA0MjcxMjQyNTFaMFYxCzAJBgNVBAYTAkNO
+MSUwIwYDVQQKExxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMSAwHgYDVQQD
+ExdUcnVzdEFzaWEgT1YgVExTIFBybyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANi3V94eezo83efo/Dt5k4znCiM/hKssy0J3Ws4d3F8hM4z5OhtI
+Y8YBlKfl1gqmBmqOgd3HwyCmXbx2Reud3nT++GVp9T5diT6AKSnKTwpTBjipcJ6G
+RsCy4dqs2DOx6zBI4Dj2LlYhShW1pH8VzDmmtSfUEF5lOTV7iJ8PPiBws37TlPw7
+Bb36llnwtXGlYr5zVxrYI3WatYLJHXywPtixs4EgtG7a/OpsDWtGqmkDf3use13B
+twoBorvFtUdCPaPHGgiRX3seDm2KauZcH/ejITrl+8jEEghd01o3kPgiMud/wpGS
+qb+dGsRyX20h0+/jgFNPSCv/eqW3V1Nqo5UCAwEAAaOCAV4wggFaMB0GA1UdDgQW
+BBRPhfybWdPGU5ePvB6D8x6CJRS8eTAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+Ib
+G8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNwYIKwYBBQUHAQEEKzApMCcGCCsG
+AQUFBzABhhtodHRwOi8vb2NzcC5kaWdpY2VydC1jbi5jb20wRAYDVR0fBD0wOzA5
+oDegNYYzaHR0cDovL2NybC5kaWdpY2VydC1jbi5jb20vRGlnaUNlcnRHbG9iYWxS
+b290Q0EuY3JsMFYGA1UdIARPME0wNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEW
+HGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMAgGBmeBDAEC
+AzANBgkqhkiG9w0BAQsFAAOCAQEAaqLjCAyDjq4ZURIxxWXCP/TFtruMFbqJL8ol
+eQjhgjWNH4G/dFcNPwhGZUTf1qDEHMBJ9B8BhBzbXaEZ3YwP4MIFokWd8jcMvkTM
+4J9Twaz1SoWsjG8KaC3dqAaiEXXliNlOwmmO68Or2UqPVjLVlypLMZaIEP/KHORG
+qaMWX3JHIPVgsM7tOH9Wh38+9PLipj5uZbzQSTHUQePhFZX/pH3PtVogTHKhYqa0
+k8eDmEawtwiy4QiUMGadcS8aqwjeiACY03MkpZS4kinRdzry7MI2bCx5UDEGTloN
+z5boCQoCM0yhBl+ITHn6esJDDHrX0VTgI8rST8eyQCmSrfan7w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID9zCCAt+gAwIBAgIQC965p4OR4AKrGlsyW0XrDzANBgkqhkiG9w0BAQwFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xODA0MjcxMjQyNTlaFw0yODA0MjcxMjQyNTlaMFoxCzAJBgNVBAYTAkNO
+MSUwIwYDVQQKExxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMSQwIgYDVQQD
+ExtUcnVzdEFzaWEgRUNDIE9WIFRMUyBQcm8gQ0EwdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAAQPIUn75M5BCQLKoPsSU2KTr3mDMh13usnAQ38XfKOzjXiyQ+W0inA7meYR
+xS+XMQgvnbCigEsKj3ErPIzO68uC9V/KdqMaXWBJp85Ws9A4KL92NB4Okbn5dp6v
+Qzy08PajggFeMIIBWjAdBgNVHQ4EFgQULdRyBx6HyIH/+LOvuexyH5p/3PwwHwYD
+VR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGGMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEA
+MDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuZGlnaWNl
+cnQtY24uY29tMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuZGlnaWNlcnQt
+Y24uY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBWBgNVHSAETzBNMDcGCWCG
+SAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20v
+Q1BTMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQEMBQADggEBACVRufYd
+j81xUqngFCO+Pk8EYXie0pxHKsBZnOPygAyXKx+awUasKBAnHjmhoFPXaDGAP2oV
+OeZTWgwnURVr6wUCuTkz2/8Tgl1egC7OrVcHSa0fIIhaVo9/zRA/hr31xMG7LFBk
+GNd7jd06Up4f/UOGbcJsqJexc5QRcUeSwe1MiUDcTNiyCjZk74QCPdcfdFYM4xsa
+SlUpboB5vyT7jFePZ2v95CKjcr0EhiQ0gwxpdgoipZdfYTiMFGxCLsk6v8pUv7Tq
+PT/qadOGyC+PfLuZh1PtLp20mF06K+MzheCiv+w1NT5ofhmcObvukc68wvbvRFL6
+rRzZxAYN36q1SX8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID8jCCAtqgAwIBAgIQAg5+swR+u9EqPlzmK+DZjTANBgkqhkiG9w0BAQwFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE4MDQyNzEyNDMxMloXDTI4MDQyNzEyNDMxMlowWjEL
+MAkGA1UEBhMCQ04xJTAjBgNVBAoTHFRydXN0QXNpYSBUZWNobm9sb2dpZXMsIElu
+Yy4xJDAiBgNVBAMTG1RydXN0QXNpYSBFQ0MgRVYgVExTIFBybyBDQTB2MBAGByqG
+SM49AgEGBSuBBAAiA2IABDBUoetY1B0PqJGvAm4ABeWV7gkgmZmIZ7+X1e5z+/wP
+mfhuPhZYCyDuc531VEvjgx6OwE5RLW5zX/0Cij/TnrD+4tBZfkggdhkGGj30K/OT
+dGQCvu5YNBALcgF0Or9Eb6OCAU4wggFKMB0GA1UdDgQWBBT/FwTzA6I+lkDktTYm
+5wfrqfGZFzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAOBgNVHQ8B
+Af8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8v
+b2NzcC5kaWdpY2VydC1jbi5jb20wTQYDVR0fBEYwRDBCoECgPoY8aHR0cDovL2Ny
+bC5kaWdpY2VydC1jbi5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0Eu
+Y3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3
+dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBDAUAA4IBAQAlr3UbqMBq37fo
+UQFTYLLWbFcLDBv/QTe/WJRRgF44vTY8iGFSn0Z5WQSDKONa8E7MAxkDXIBgt3OE
+osTUSnnvIs3sfm8m2E4hc7azJclZT5oa5GU/Jw7m5dZ9kBJrozZNfOZ5uAE68RgA
+3NhYN+cuC8SpchaLXiXW9/cc/4urIrSSrYAX4UIM+I+4Bwc2bJ6h1Cfbur+8TodG
+PcMMdT4RB3Hy4DPo6UX5h7GxwltrDOLA3e+oMQgHj9P6HWPucwf7O3u8RZGuzMVX
+VGg55EUmYkg2JF5S0Asa9pRw4cqOouHYT/R26UEMbTgSoDsMTPqcdgRPSrzP1EQU
+k1qXXwno
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuTCCA6GgAwIBAgIQBbY2B01sW7EoRlgIyCy6mjANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTgwNDI3MTI0MzI4WhcNMjgwNDI3MTI0MzI4WjB0MQswCQYDVQQG
+EwJDTjElMCMGA1UEChMcVHJ1c3RBc2lhIFRlY2hub2xvZ2llcywgSW5jLjEaMBgG
+A1UECxMRd3d3LnRydXN0YXNpYS5jb20xIjAgBgNVBAMTGVRydXN0QXNpYSBTZWN1
+cmUgRW1haWwgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzpLTL
+wSAp4YH+3rRD22/DUfSsAqFuOGQUa/SQXdeVKe1Bu1apdZAAUpJek73o7gPY4yvp
++J2w8P5AVoLAuBMxdKvk4rT97kqezfmA+o2Tjoa8WNX/cjWI2S5VmaofBW0zg+L2
+GJFZelDezWmm9hX3e205+cepkAzU7YYZp/VyFf4mj4jsWdoFFpJfDWPEGTPUpbF/
+Vo38p6NM2SzupO1079L5CsPvDL7Lm2Q7wslLYWlUP8FQlHaBPsJIOrBwajRUodoT
+PLZTWrbb8GH7GUH7UK56/cnRalfmLm7DXuw+5IOMkIkD/mL67jYWesQBwvgAE6YO
+2Q9We/bJgEASNC5HAgMBAAGjggFUMIIBUDAdBgNVHQ4EFgQUtEr1/aqLeyHCJIIv
+tmgIZh8S9c8wHwYDVR0jBBgwFoAUReuir/SSy4IxLVGLp6chnfNtyA8wDgYDVR0P
+AQH/BAQDAgGGMCkGA1UdJQQiMCAGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGC
+NwoDDDASBgNVHRMBAf8ECDAGAQH/AgEAMDcGCCsGAQUFBwEBBCswKTAnBggrBgEF
+BQcwAYYbaHR0cDovL29jc3AuZGlnaWNlcnQtY24uY29tMEcGA1UdHwRAMD4wPKA6
+oDiGNmh0dHA6Ly9jcmwuZGlnaWNlcnQtY24uY29tL0RpZ2lDZXJ0QXNzdXJlZElE
+Um9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0
+cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAQG8d
+1Fntcg1TxRgpyW92I8j7v3mKJwnnkwUEnWoiYISHjy+OntmahIz5uz4YWdzJN1XT
+Wc5kS/8nf06UkQYjRimYp0i2tKCuKZTyLrM1JjWbHkAJug1REHIxiwoNC21YyT3C
+nqt63fPAlVDZk7hU/nbtTKjHU32L8gJz979fg1pK3vEl6ZTmb1g5klK5hEpHYYoc
+BRTYFTlBz+QASAyyIHzr/0eivGx4ioYbEkSuXtw24ysJfT0pnO1KpxredRy9rNSu
+BjC/iDXZac5xh9Ta25pJXOpPtNHV+BnhaAExl9rasKOG4GPvNdrOhdNb8VQ1KkzR
+wy/8e9o9AkLqde+A2A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIExDCCA6ygAwIBAgIQBgiAIQOaACR6WFGIcDvS+jANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTgwNDI3MTI0MzMzWhcNMjgwNDI3MTI0MzMzWjB/MQswCQYDVQQG
+EwJDTjElMCMGA1UEChMcVHJ1c3RBc2lhIFRlY2hub2xvZ2llcywgSW5jLjEaMBgG
+A1UECxMRd3d3LnRydXN0YXNpYS5jb20xLTArBgNVBAMTJFRydXN0QXNpYSBTZWN1
+cmUgRW50ZXJwcmlzZSBFbWFpbCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALdl7ckzzOBg4W/cdzAO7iOauzDGvo19uBN2wFbOOlyuWlrkBxaAt5iM
+5aWXMwXuO0Nu+k3TTFZ3zfxZ0eM7ujXnhKkH2rjOYv//d/AH0Isx15oenlWNPGS+
+WJqmzSCXuprKFogO0pC4KGuAK0V7GCXDpIw+a7Gw5PnXL7eqF/uG80okZcr3Ve9k
+ptlLOyFYBoXhIWVh6ADBhuNpfIPl5U/tlBv9dPGGZ5sQQRV3CDOHmkWxGLVMEgt8
+VdhEecx2EHC42vGSYkjih+WovYusx0SCtqf1C5gFgS1RNvy2lsC02/yheWLUGas9
+6zalrCce3kQhFQJoEIMntSaqvKvQRMUCAwEAAaOCAVQwggFQMB0GA1UdDgQWBBTj
+6WlG7Ng1+zOof2nqEYPYhDF3hzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd
+823IDzAOBgNVHQ8BAf8EBAMCAYYwKQYDVR0lBCIwIAYIKwYBBQUHAwIGCCsGAQUF
+BwMEBgorBgEEAYI3CgMMMBIGA1UdEwEB/wQIMAYBAf8CAQAwNwYIKwYBBQUHAQEE
+KzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5kaWdpY2VydC1jbi5jb20wRwYD
+VR0fBEAwPjA8oDqgOIY2aHR0cDovL2NybC5kaWdpY2VydC1jbi5jb20vRGlnaUNl
+cnRBc3N1cmVkSURSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsG
+AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEB
+CwUAA4IBAQBdfIiI9V+FON4X2xAZvuolXaJa2moeFNBCeY7tp1zrOjdR8chYX2R9
+LCEjnqvWjZQx76Bekpny6ikP0xuoOnKqt2neeSEUykhaJDzC0MszO+8ruN9emBH7
+58AY4ZJl1TzB+Yii7cdHT/0DTlsV5G9beMqCsbUOv9wEfpeNaZ5zMPKxxu8kwEps
+qfYbcvjHJ3UOZyXQR4RInM5fIGVsDFwvIlg6bg+ZU/1gvp9SJTIzb7OnI25KIwut
+SSKmEP8UmefwTpuUeZxfOXWPwn3D8Vyj+iLgIlYErSOLs6D4RV1R0B56/zrVyYnN
+sUf7hQSTkAyvundemyaPELC5mx035fLe
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpzCCA4+gAwIBAgIQCPQ5QYSAOE3LQgnl4IornTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xODA0MjcxMjQzNDZaFw0yODA0MjcxMjQzNDZaMFwxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xGzAZBgNVBAMTElNlY3VyZSBTaXRlIFBybyBDQTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJ/5VnZVJh4MqHMX9J60c7O4Gm16uxwK8OKj+o0phxSI
+gI++7rY1y6DOs3TCS7ZQMtsNHaHFcwywzhj/2ElWkW7rS9DTmI7TiyFdhejTWF8V
+IihNem1sv3faxeRbGpV7KDU+yjJ8FmYSD/6nPF5Juq0ei25yhzxNEsNS0/h5BqwZ
+GskmMSTworFkr6k8eSNvKXUw1mdpxcUAfIMn4YgyG+HKmgGJPWk4Y0Vchjv3RFvz
+sdktrNJOl2l86LQC/bhmL0petbpnDtSJADfb8xp0UThqMC1UhyJn7seERANw2Ss5
+c/wYrsr/xllMLnJLFQnQaz50r+Vie6S8gduxI4KusbsCAwEAAaOCAV4wggFaMB0G
+A1UdDgQWBBRFQeOTVHC46aW3lrwmsVh1Qpc+8zAfBgNVHSMEGDAWgBQD3lA1VtFM
+u2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNwYIKwYBBQUHAQEEKzAp
+MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5kaWdpY2VydC1jbi5jb20wRAYDVR0f
+BD0wOzA5oDegNYYzaHR0cDovL2NybC5kaWdpY2VydC1jbi5jb20vRGlnaUNlcnRH
+bG9iYWxSb290Q0EuY3JsMFYGA1UdIARPME0wNwYJYIZIAYb9bAEBMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCAYGZ4EMAQICMAgG
+BmeBDAECAzANBgkqhkiG9w0BAQsFAAOCAQEAI4JOgmYUHk+M75FR6Q1W+rc3c/YM
+p245VPwdzcPUcGbocwo8gfyGnuuw3o+HUetQDymSb+S6uFa3+mq02jj6Bi6FKFzA
+9LNJTFfbJlDCjcBARzHpsou3vIA0Aa0UBAh0jXe72mDCu+l0Om8YOaEeBJg5xVrL
+iKo4SQojUvgCwUQneuivJ0syEyWMe6mkp9TpaZhae5PkoO3g/RUdJ6sS1YF2koyn
+fILNBPvcTCt8zeRyy7yX9PX3HZUpSGvAIv/DXVDoA7VF4em3/alkctp/yOZs6O9q
+Q46+WiJO7T384bZZdq64WEp+hIE5aJtwD+pFCKzXRb//UX7i9+cfQk5GHA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID/TCCAuWgAwIBAgIQDiwRY99LBgGnLoRshQdnBjANBgkqhkiG9w0BAQwFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xODA0MjcxMjQzNTFaFw0yODA0MjcxMjQzNTFaMGAxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xHzAdBgNVBAMTFlNlY3VyZSBTaXRlIFBybyBFQ0MgQ0EwdjAQBgcqhkjOPQIB
+BgUrgQQAIgNiAATjgVwG2r/E7XruDPJZr65IdJwZX7zkNHGOx6esC+QC3iXHGOd2
+QPa9p/uGlEUcQWHdhuHwRfQk2cWxsk3Do/Tn/20UnksyX9VRGl9b6mpmvCIncd/L
+3R5GPIyJYfOsCt6jggFeMIIBWjAdBgNVHQ4EFgQUrIShsZvxSiwHrvhswdFxcNi2
+XrwwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQD
+AgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAG
+AQH/AgEAMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au
+ZGlnaWNlcnQtY24uY29tMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuZGln
+aWNlcnQtY24uY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDBWBgNVHSAETzBN
+MDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2Vy
+dC5jb20vQ1BTMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQEMBQADggEB
+AEer9dy35qp1bfN9ZdiWIb+d5/I29NfVJR0tj3+tdiwpdhLc6jjFJ6E+YL6EDY7A
+Vaec6zGghhgCIi5PPCjNhBoVJnn/6n1sewfHNX3h240cQgWxNKV0mYRJBeuF6hYH
+jK4yeq4Z5ofH8v5Y+jqte9yFzvST0O4blT+GdbZz6q2sWm9Y7MwGQ5xpBm78HjYv
+iGUZkV1FC4JF+A1VWp+EX1RnsxXeh7Chp08uBgL2YXG/X8a/xKSrktYj8f18DKFl
+oHPcHgS4Cn4BhhrD1ABqjYIjYANHkjrgf5POVZavmw8KlKoCdhByjIACD8EHqBuL
+sfk1cW3AuMNayRQQv1P2bYQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFnzCCA4egAwIBAgIQRbw6WjuXYmYHkr+VBZ3r0TANBgkqhkiG9w0BAQsFADA9
+MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxGzAZBgNVBAMMElVDQSBH
+bG9iYWwgRzIgUm9vdDAeFw0xODA0MjcxNjAwMDBaFw0zMzA0MjcxNTU5NTlaMFMx
+CzAJBgNVBAYTAkNOMREwDwYDVQQKDAhVbmlUcnVzdDExMC8GA1UEAwwoU0hFQ0Eg
+UlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlcnZlciBDQSBHMzCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAL3v2Jgp69IP3ZVPObX0lPeQrzYV+CotQALoC1gr
+Qb9xobQdXKpjm+bhOFd7hanKJ5OGk0kniV+jLu02FmFmZjVoQNUW2n2GvbnYhXI8
++WR/5GwbwIUVZl66sxbEmfFlhMv786NUrDZvHgCiNmG8aIv+Y6RbkKnfinYWvw37
+/EKULxFFijACtHpej0Rb/Z4HN/iFcsk/pNmYPpvnuJWgECL2xUi6DMDkkabDfb8h
+iKPph8cQqErbpE7Nl3P6JSmzfrfE3Ej0RKEsXDHKie/g+yEFql/5h3DmTrQZglvK
+AUW6loQ38T+R6MOk/DmSCd6DMJdiPFKb4gFiCkakrzEwigUCAwEAAaOCAYMwggF/
+MA4GA1UdDwEB/wQEAwIBBjBBBgNVHSAEOjA4MDYGBFUdIAAwLjAsBggrBgEFBQcC
+ARYgaHR0cHM6Ly93d3cuc2hlY2EuY29tL3JlcG9zaXRvcnkwEgYDVR0TAQH/BAgw
+BgEB/wIBADB5BggrBgEFBQcBAQRtMGswNgYIKwYBBQUHMAGGKmh0dHA6Ly9vY3Nw
+My5zaGVjYS5jb20vb2NzcC9yb290L3Jvb3Qub2NzcDAxBggrBgEFBQcwAoYlaHR0
+cDovL2NlcnRzLnNoZWNhLmNvbS9yL2dsb2JhbGcyLmNlcjAdBgNVHQ4EFgQUBXpN
+dW/9CoOxZxZ1dz4UxfU8VI4wHwYDVR0jBBgwFoAUgcSMzPXkMP+lDAhfjBVnIXQB
+398wIAYDVR0lAQEABBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDkGA1UdHwQyMDAw
+LqAsoCqGKGh0dHA6Ly9sZGFwMi5zaGVjYS5jb20vcm9vdC9nbG9iYWxnMi5jcmww
+DQYJKoZIhvcNAQELBQADggIBAKxEvE1IdNUzIYgIydX4B383TkQLNjiqVqOWlbSe
+VTVUfCAf27IuSlJpO+/hlVXTEpzswkH0xZ7hoO9ZcWJNOl3Jj9hfe/KjqtVvv81g
+Bf77KrV3dIlOTxArhHR6f8rjmrZphPSorUVSIxwnyibgd4iLisI6I85aOX+V6ntQ
+4U38OZNLADZU9SPLqyU/nEzU6WlLEwyru/4X2gLKnW2PPUkAH8kF0mv0dvpJJe7N
+WUT1tC3Rabbt0qyd+1vi7zzrYNcZDRLXvNS9i90B5fqdD5qFAGut6NarbzMCzrTa
+tVCepnkDqKCPhfGcZDd8afj8wBuH0cltdnZWlBAceeVDZ+xWxMbTW5t2wtunZrul
+hiLD6G5ZkGT+NatLHrTKEqvGWXOUz6vh7lfXAZ+/uEFOJ6G5cUcg48PBtUu+xTqF
+DSBzH8Uj7H22I7oSYo0/pRNBgvx5dx6Dd9DfJeczRMGBEK+C5wDUVEnLU9twMtK3
+oNVk8PlOcqsgU5FT+FBwxhaO3Z9U5k6j+pzwq3Efxv4y22YTp4MCWnnbrfLPmI87
+MyEkLUZOVde0saz9n7FXN0ZXbxMUjPMc6yyvnVzdhPbwUDjGyT1wKSi9R/Jt8IXR
+GmIMyw1Gj4dUVplhrG0JDrcVXSyTnCwnDn996HkDVDuu3DU36ULQViE+cd68OK6X
+Nw4k
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFpTCCA42gAwIBAgIQdGUXetoc8PMhu+yUKqxr+zANBgkqhkiG9w0BAQsFADA9
+MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxGzAZBgNVBAMMElVDQSBH
+bG9iYWwgRzIgUm9vdDAeFw0xODA0MjcxNjAwMDBaFw0zMzA0MjcxNTU5NTlaMFkx
+CzAJBgNVBAYTAkNOMREwDwYDVQQKDAhVbmlUcnVzdDE3MDUGA1UEAwwuU0hFQ0Eg
+UlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlcnZlciBDQSBHMzCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOSZCorBHU6Ff3LCRP6tpWb2z2UXU69P
+eQrks3FSD6aGk9dgO2UxxGgxG1TjLUzuyc3CKMk1//9zZagi2o+TNUNJbZPdu3mz
+lpfD4cjFupPq0B60iHkptaU565Oo8E2aX+Is/5i4T4u8QEFX0YhinLHAOhG/6OAZ
+4rR7AK0CYCgB8sJZFHRgsi/lj1sSQRU8nOgtZLzQ89RZ9cXcpWk43XPGbMLrB7XD
+kVfdpamnOPJocl7urJTyHrsG3GMKVzVgpA0R1rE75txhV4vXe/nwv+MlC+hIzSsm
+HCIRy2ff2NkQXgV1cqWX32kQ1zfsBkGjNon3tyV47xEL/+LmjeQlKTkCAwEAAaOC
+AYMwggF/MA4GA1UdDwEB/wQEAwIBBjBBBgNVHSAEOjA4MDYGBFUdIAAwLjAsBggr
+BgEFBQcCARYgaHR0cHM6Ly93d3cuc2hlY2EuY29tL3JlcG9zaXRvcnkwEgYDVR0T
+AQH/BAgwBgEB/wIBADB5BggrBgEFBQcBAQRtMGswNgYIKwYBBQUHMAGGKmh0dHA6
+Ly9vY3NwMy5zaGVjYS5jb20vb2NzcC9yb290L3Jvb3Qub2NzcDAxBggrBgEFBQcw
+AoYlaHR0cDovL2NlcnRzLnNoZWNhLmNvbS9yL2dsb2JhbGcyLmNlcjAdBgNVHQ4E
+FgQUMWBoCR4y+fbMwGIVqnuRr0wRnUAwHwYDVR0jBBgwFoAUgcSMzPXkMP+lDAhf
+jBVnIXQB398wIAYDVR0lAQEABBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDkGA1Ud
+HwQyMDAwLqAsoCqGKGh0dHA6Ly9sZGFwMi5zaGVjYS5jb20vcm9vdC9nbG9iYWxn
+Mi5jcmwwDQYJKoZIhvcNAQELBQADggIBAFhp4dOuGtRPb5NXVgZsgiK64Ebppg7m
+RrwP3/oPk0wMyx/xVL+ap0PtiOwbPdy0YIHpeWdL3QRiHZKHeJZE84rujYuzSOxY
+EgsO4sZ0KI6QMzDFBCkOhfQTcemUwpWo7gAVMXfBBMdfAQacvLtayh0pX+KeJBcG
+hK4noNN9A6qRnxMorU3RbTYvyAM1xSm0dHWpqSXHMyYmVnLsRaQt9sN2xhqKz/pC
+qdqaHCpXbzGRqTyegJ5xkG3hLBjodNHObrG5LSqsgwKeXS5Mmmgja7hJDYkULB1+
+TKbWD/MwfvIgd3RWigsG06sa3Jc42rTARBuBQq21jMF9QO6aefpEAlCujSUK43Rz
+2O0QkIhUPqC74ba7lrlQs5hAC7orCTNn3SUUS8eDk2qo0eX5RDFvVznfsVftYU15
+BF/D34nyXpD+DEkqGDPzJtMOwJ5ZNEGK4oG2zgJRXOi5HRIeyfYqgCLx4Jz/W2m/
+Th2N0KWXLxX80Kizw6SPQCMZ5/ZBs2ZKV9K+/rl+JyNv3Z7v0RXjhRKUCc36LW0N
+8Ot1PEMDy6B9Q4et9on833w2HIwWQY0bVSlTbUaRfy4llyZcPQ2bMgjhkBbe5VWo
+SDNdpJ4BBvpKhtPyJ7ubdFwP3egEiwauLw9HwnQiV0H6kl6O9uDMncNImrqPpu8p
+GBqTDyC3Ruak
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFoDCCA4igAwIBAgIQUuhDsZZ+VM6gWSw3oW+alDANBgkqhkiG9w0BAQsFADBH
+MQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxJTAjBgNVBAMMHFVDQSBF
+eHRlbmRlZCBWYWxpZGF0aW9uIFJvb3QwHhcNMTgwNDI3MTYwMDAwWhcNMzMwNDI3
+MTU1OTU5WjBSMQswCQYDVQQGEwJDTjERMA8GA1UECgwIVW5pVHJ1c3QxMDAuBgNV
+BAMMJ1NIRUNBIFJTQSBFeHRlbmRlZCBWYWxpZGF0aW9uIFNlcnZlciBDQTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALrO2TwT/q2v7fcZfa0lkJ9pE8IH
+qVZXzLayN6CMEucJ0pJUjsnpt8SOMYhefJ/gpwtZOKasfY7vc0EOwd7IZEPco5yn
+0ERh9y/o53G2RICEopGpWoOMKYtfw+YCkes5P4ucMCJfwlH3YRUb8bko5QCO84Y3
+kI6oIaHp7+gY9vwmwKXp2FH4bG/V2SxHhSCW9tUSoTzd0rxGAlq2Sd2GyzJnmWnh
+G4fWvgC+NZfwxc+REMy5OCJ3PxT+F98FlG2t9bpw00RVi8g7O03RYOqT0nzbSUvX
+tuKaQTiXYtfqayJuVa7MpOy0w2P1NP/aslHxdvsjiUEeOhhHLJplavB/+s0CAwEA
+AaOCAXswggF3MA4GA1UdDwEB/wQEAwIBBjBBBgNVHSAEOjA4MDYGBFUdIAAwLjAs
+BggrBgEFBQcCARYgaHR0cHM6Ly93d3cuc2hlY2EuY29tL3JlcG9zaXRvcnkwEgYD
+VR0TAQH/BAgwBgEB/wIBADB1BggrBgEFBQcBAQRpMGcwNgYIKwYBBQUHMAGGKmh0
+dHA6Ly9vY3NwMy5zaGVjYS5jb20vb2NzcC9yb290L3Jvb3Qub2NzcDAtBggrBgEF
+BQcwAoYhaHR0cDovL2NlcnRzLnNoZWNhLmNvbS9yL2V2ZzEuY2VyMB0GA1UdDgQW
+BBQ7SyUqdzcq/Ll/7ai9ryKZ/F3F9DAfBgNVHSMEGDAWgBTZdDrkMD0N9xLcfloF
+nx40mvfhFDAgBgNVHSUBAQAEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwNQYDVR0f
+BC4wLDAqoCigJoYkaHR0cDovL2xkYXAyLnNoZWNhLmNvbS9yb290L2V2ZzEuY3Js
+MA0GCSqGSIb3DQEBCwUAA4ICAQAceBs7lYtmgYahhFm+pZPEo3k2khX5NsQtA8rW
+vtkyQ54YNJaMCy72lW/FAwC4NnTxPiwOeVSH10kPyRVYBelHs7D6MR19ZV98i+Lz
+TgSYxyFh9wvGl4pML+anNZk0yjLlkYRcCiWAql9Q205FmUcgZ8KnzFN+J8li8Ia0
+C1jYKjMGVcGHD+/RoV9eLLpdeqj4Ez8XLzth09m7DFEe+F17yeXTZRmn3yO4ErKm
+cVApwQOpibIeqW/eht8bpesvfL4WbnJPchw5w7/ed4mQ498SYxtHvD4b+7U4WyVp
+Bev+RylreBxxxtThD/++PTGNb3pxzPM56Ff6uHHrTTzWdSt0u5tSdESkUfbJt0fR
+ggSD32YA8Oo3C179cYbYEgskYfXXyePe00Yr5drfKfujAlvrO7fD7Zf/U6xFFwWB
+sw7PRYd9HSlttOc1MdWzcn1BvB9+8lQ1Q1mUBxryROd5DgbJoAKa7e7dF4ONCVt4
+zvzIOpYMrflIoeoFM8YWC7xP9Bj/YyRbqm8WLJ8rQSavrORLqpBKp/FKmyQ9LzoS
+W9e3c57wydKsUKN+9ckPVMHA0lHg4E1Afm+AXKqcbtnFe8TVvT1hEm2Ht1QAFQBt
+GCfhREAyjEQwz04LLjzOsIKtqT/dp4PoKPVki71V2E1AgyrxhJi2DI2x6v2kl89z
+XbDMqg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHWjCCBUKgAwIBAgIIeGx8Wfx8oMAwDQYJKoZIhvcNAQELBQAwajELMAkGA1UE
+BhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjE7MDkGA1UEAwwy
+U3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFNlcnZpY2VzIENBIC0g
+RzMwHhcNMTgwNTE3MTAxMDU4WhcNMjgxMTEyMDAwMDAwWjCBgTELMAkGA1UEBhMC
+TkwxGTAXBgNVBAoMEERpZ2lkZW50aXR5IEIuVi4xFzAVBgNVBGEMDk5UUk5MLTI3
+MzIyNjMxMT4wPAYDVQQDDDVEaWdpZGVudGl0eSBCViBQS0lvdmVyaGVpZCBPcmdh
+bmlzYXRpZSBTZXJ2ZXIgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
+AgoCggIBAL+smIBJEbwtr7PT83fssJvDlLaYAOYxrIqTL1leDVliLiIJFCfFWwC1
+V5UiGFHckvIFir7bH7zcb8fmfRozrZriAoqWXns2NbNyBLolVml4R59aI5ojkPFw
+I/rrQiwuyRlfx8TRJnUsLCyyT6IZgfjCNjbdzLy6WyQdsnleiLNu+LiMFxOa9yVE
+LXK5uPx5yThzUfDN4yCadY+s0c76x+I9yp/aiIHoy585l3IG5DsRbwEL6LotGUR8
+fYR3ibu0Cw1nRp+FaCekeuRX/WYkQG8kAtP9z8600km8lT9o+i6rER0FffhXUxB7
+VkufhO1oj2HXPW11pubU9mWjCaQa4UTHTElv2fdUu4vPnpQBEYlxbV8c20oruytB
+qlOpu8n4muuC+LQO/La4Jg7l/rukk5Z0e50FhX+9QNQD46m2QSRiEEWyYAejdCZS
+fmEBpi6zJMH10luhiLBd7yOu1x3bkpqvAHCfwrAaawBV5LrL/ul20zRmxwbMMw+1
+46iNw1iEgr3u1CcGGDbovTbM2gXUnadRfQeWmQixXEdFMhcNvOYmSlSkE+4DJKLk
+Hj5DwUsATiECflOyTQlQVCo3KCiQUQ01DWo296ic2vnk58ot/jx1vFVvNskBGjez
+jo2c+q0YzGkO2qip+HF3Kare8DFKtPEiNqdjKEPOc2oVl3CD/Is5AgMBAAGjggHq
+MIIB5jCBmQYIKwYBBQUHAQEEgYwwgYkwRgYIKwYBBQUHMAKGOmh0dHA6Ly9jZXJ0
+LnBraW92ZXJoZWlkLm5sL0RvbU9yZ2FuaXNhdGllU2VydmljZXNDQS1HMy5jZXIw
+PwYIKwYBBQUHMAGGM2h0dHA6Ly9kb21vcmdhbmlzYXRpZXNlcnZpY2Vzb2NzcC1n
+My5wa2lvdmVyaGVpZC5ubDAdBgNVHQ4EFgQUFNpISXBRtDQSeOaKwBV72Br3H+ow
+EgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRD600A05WTzqZ8QA1tEb45
+0TKu4jAlBggrBgEFBQcBAwQZMBcwFQYIKwYBBQUHCwIwCQYHBACL7EkBAjBBBgNV
+HSAEOjA4MDYGCmCEEAGHawECBQYwKDAmBggrBgEFBQcCARYaaHR0cHM6Ly9jcHMu
+cGtpb3ZlcmhlaWQubmwwUQYDVR0fBEowSDBGoESgQoZAaHR0cDovL2NybC5wa2lv
+dmVyaGVpZC5ubC9Eb21PcmdhbmlzYXRpZVNlcnZpY2VzTGF0ZXN0Q1JMLUczLmNy
+bDAOBgNVHQ8BAf8EBAMCAQYwJwYDVR0lBCAwHgYIKwYBBQUHAwIGCCsGAQUFBwMJ
+BggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAgEAOXuKqcHtxMHAaXimWcRkrvBn
+limAgSrQFkTGuiLRYdh6Hkkqob2bs8UGmqH3wfjtFQ+FJ6knlWmc1nIgpOZUBNwj
+X/546ai1SvGhE9X1PJeP6KpAXtAbYsjWec7Yu9erC8XbraOWG8MpfYMtDQ1zp2Uv
+LRkHR6cekqHdFi57AegzYbvjNJme1qAkhayKizmGptBcLf7p5UJn7ARFBhocSL8X
+7mlSO6wfqMNbNqpDhEU1C2eyHMrSvG663oZ/WCPXrzVzLZfoMdybzVISMKjUU8WU
+giT6qpQPSDtVWJjq6HH1cyFP3VgsJcsLDPoDEMxQcjwi74U7wUSjRzY/Vp+HmTHt
+55yo1NldgYpYk2kowYXfu2PDCK9HEbVh8WJ8F8X919cOkY+cSrLwzJGqd2y4aGk8
+Pg/KDP+sjst6qF9mbdRA6USssFcN57PfpXq53pcVwK6BhbjG0CvuKGGFyadNAdHG
+ins8O+TXkxkH2NzBgrm/0ahaYF+RIffnXd5dmhnrVmIO0emfi1yG56QYH9FLiPHJ
+wGDBPht5H99SeH03WVkrkPa9c+1K8H0M1EpMfDSrFBqdRsMgWZlUFrHT+/5NLEds
+TQiqoiaQEte2WJPPXa9o5PHv1gPapWKw/wz5ldmsSQ5hFU8dTQkUM3tWLiPeWWWD
+AhDzPxAzH33NazHssMM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEozCCA4ugAwIBAgIQBdH8WS5y3RzQI80YGNqnHzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xODA1MTcxMjMwMTNaFw0zMDA1MTcxMjMwMTNaMFgxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xFzAVBgNVBAMTDlNlY3VyZSBTaXRlIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAx7s903fR6SgpA08UdhKEUIZHa2Ig7KPNkTtwMS1+08YS5QSE
+DM4DQxy48jP8dZkyyU9J/0WCm8Nlv5ga7HOAxhdJcv+CPP4oadx8EbdrmjAHrGOv
+64oHvt7Ina7uzLd3krqxd0doeuxRpTHvFAyjaUhxjSfZx0wh1f6W7prPm7V50VcT
+udj4rI+xtHXUcFAuFz4bcapTcru5aaZ1v6F2usMCMVM+xJxEZcsUM4uTxdIfW5FU
+TI0dbP8NyZkr/WVzL59aGwBE4ZU0JKBlgEmtkFpLPR7JCzYunafu7nMk5YY26WDO
+mezpWDjzDxJ8xakizykWYT5gdJYE3ULlUe31WQIDAQABo4IBXjCCAVowHQYDVR0O
+BBYEFMQRfohAhsJBv2XzGuG0U0Cjq+x9MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj
+4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA3BggrBgEFBQcBAQQrMCkwJwYI
+KwYBBQUHMAGGG2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LWNuLmNvbTBEBgNVHR8EPTA7
+MDmgN6A1hjNodHRwOi8vY3JsLmRpZ2ljZXJ0LWNuLmNvbS9EaWdpQ2VydEdsb2Jh
+bFJvb3RDQS5jcmwwVgYDVR0gBE8wTTA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcC
+ARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwCAYGZ4EM
+AQIDMA0GCSqGSIb3DQEBCwUAA4IBAQDIiGcy9AiAa0e41RwQxUUs9uukRK8H5ekg
+gREh38fJ4vAjYliu6t5VjNSI4+yzXVw0sy8JmaHzOs5A7AqqOsovIwJxP5/MMAh7
+U/K9QWeD5mqRpWUi9vluwqQPEtK4tgZt1s99RezAUK8Jtjfn5UmUxUh6ET4lxyDe
+0NhgxpfsWsgeYgwYEGrODa6fHQTpmxGTzyNvjUIR4de09NfRoCUWUumjNMLdaLqf
+Vv6kRihaDDZc2bjoANtTUJ2lyHZJqo0mAVs6gZJ4Jl7SgtdxfnkxHuzDrjWxwo98
+VueqqRBUewSmweO+btngjVd6Gj3E99EGIJq3k9k4HXPUaRJLQ3qY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEnTCCA4WgAwIBAgIQWTF/amkEEUMds1dG+OqyMTANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE4MDYxNDAwMDAwMFoXDTI4
+MDYxMzIzNTk1OVowcDELMAkGA1UEBhMCSlAxDjAMBgNVBAgTBVRva3lvMRMwEQYD
+VQQHEwpDaGl5b2RhLWt1MRswGQYDVQQKExJDb21vZG8gSmFwYW4sIEluYy4xHzAd
+BgNVBAMTFkNvbW9kbyBKYXBhbiBSU0EgRFYgQ0EwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCFZZ3ZKbX5tLhPBbotlpsf67GaL2Zavrm6d4iixF4HOjdW
+fGIef9usFDnQ/9LZfwFUvBR3Zftp9LODgEu2Y6AUasIy71P4sNpQtJopPc6WxvWN
+F17OC4fNDpexFS7cNJkmPCTSUaLsy8vUPm0Fliza+rbgT8VEFkq25QOIXbX7Sf2C
+Dr12g4Ov9PLqF/FvmBlD+Z8dtjcWSDafERsgSHaVLOH5DD13GOsPzzu6w73+Hfdg
+GvT+LgpJsAdt5l9diMS9nNfaYZN8UGoi8Sq07zDNpKM7EV+MqRomSwXbLTrcOIGx
+LCfjibr7gnGQj0GyaiNR2hawVHVUkqqgGXvJoSwJAgMBAAGjggEmMIIBIjAfBgNV
+HSMEGDAWgBSgEQojPpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQUIZEBzIgfs+Yu
+Q/R88TCJi0FsHUowDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYB
+BAGyMQECAj0wCAYGZ4EMAQIBMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwu
+Y29tb2RvY2EuY29tL0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsGAQUF
+BwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0G
+CSqGSIb3DQEBCwUAA4IBAQAEolN/OqKPWfzwfTRTdC1OIps5VQoJnVQD6hCOkcfR
+1nQGmQpe96CnQNxbfu5SszjGBaImtJOEt5L61kG24jJwQNvQyYAGWxAYHD6+CozB
+SXMn2q68j6fQxlD64om74TXnD3Z4skX7zuPbYchevQ/BHKFFAkh6vJJ91ppz/WfF
+SldW3aVWpLcB3CZqZCpmRiIpqK3dDW7Rue4kt/y/woJ1eiWkC17+bCepN9WiOj8P
+GFc1t8tyrAZzq8+2IXeIpZJMIGP8+6SWZdUBxRFyIuOxMyWhSlx+OFYDjOo+wQsd
+eF9tlPKYiqJ7/G4HVhad0mWlh10pn0IZjlWwhh6ESs2s
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWTCCBEGgAwIBAgINAewckkDe/S5AXXxHdDANBgkqhkiG9w0BAQwFADBMMSAw
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xvYmFs
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xODA2MjAwMDAwMDBaFw0zNDEy
+MTAwMDAwMDBaMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52
+LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIFRpbWVzdGFtcGluZyBDQSAtIFNIQTM4
+NCAtIEc0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA8ALiMCP64Bvh
+mnSzr3WDX6lHUsdhOmN8OSN5bXT8MeR0EhmW+s4nYluuB4on7lejxDXtszTHrMMM
+64BmbdEoSsEsu7lw8nKujPeZWl12rr9EqHxBJI6PusVP/zZBq6ct/XhOQ4j+kxkX
+2e4xz7yKO25qxIjw7pf23PMYoEuZHA6HpybhiMmg5ZninvScTD9dW+y279Jlz0UL
+VD2xVFMHi5luuFSZiqgxkjvyen38DljfgWrhsGweZYIq1CHHlP5CljvxC7F/f0aY
+Doc9emXr0VapLr37WD21hfpTmU1bdO1yS6INgjcZDNCr6lrB7w/Vmbk/9E818ZwP
+0zcTUtklNO2W7/hn6gi+j0l6/5Cx1PcpFdf5DV3Wh0MedMRwKLSAe70qm7uE4Q6s
+bw25tfZtVv6KHQk+JA5nJsf8sg2glLCylMx75mf+pliy1NhBEsFV/W6RxbuxTAhL
+ntRCBm8bGNU26mSuzv31BebiZtAOBSGssREGIxnk+wU0ROoIrp1JZxGLguWtWoan
+Zv0zAwHemSX5cW7pnF0CTGA8zwKPAf1y7pLxpxLeQhJN7Kkm5XcCrA5XDAnRYZ4m
+iPzIsk3bZPBFn7rBP1Sj2HYClWxqjcoiXPYMBOMp+kuwHNM3dITZHWarNHOPHn18
+XpbWPRmwl+qMUJFtr1eGfhA3HWsaFN8CAwEAAaOCASkwggElMA4GA1UdDwEB/wQE
+AwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTqFsZp5+PLV0U5M6Tw
+QL7Qw71lljAfBgNVHSMEGDAWgBSubAWjkxPioufi1xzWx/B/yGdToDA+BggrBgEF
+BQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNv
+bS9yb290cjYwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWdu
+LmNvbS9yb290LXI2LmNybDBHBgNVHSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcC
+ARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZI
+hvcNAQEMBQADggIBAH/iiNlXZytCX4GnCQu6xLsoGFbWTL/bGwdwxvsLCa0AOmAz
+HznGFmsZQEklCB7km/fWpA2PHpbyhqIX3kG/T+G8q83uwCOMxoX+SxUk+RhE7B/C
+pKzQss/swlZlHb1/9t6CyLefYdO1RkiYlwJnehaVSttixtCzAsw0SEVV3ezpSp9e
+FO1yEHF2cNIPlvPqN1eUkRiv3I2ZOBlYwqmhfqJuFSbqtPl/KufnSGRpL9KaoXL2
+9yRLdFp9coY1swJXH4uc/LusTN763lNMg/0SsbZJVU91naxvSsguarnKiMMSME6y
+CHOfXqHWmc7pfUuWLMwWaxjN5Fk3hgks4kXWss1ugnWl2o0et1sviC49ffHykTAF
+nM57fKDFrK9RBvARxx0wxVFWYOh8lT0i49UKJFMnl4D6SIknLHniPOWbHuOqhIKJ
+PsBK9SH+YhDtHTD89szqSCd8i3VCf2vL86VrlR8EWDQKie2CUOTRe6jJ5r5IqitV
+2Y23JSAOG1Gg1GOqg+pscmFKyfpDxMZXxZ22PLCLsLkcMe+97xTYFEBsIB3CLegL
+xo1tjLZx7VIh/j72n585Gq6s0i96ILH0rKod4i0UnfqWah3GPMrz2Ry/U02kR1l8
+lcRDQfkl4iwQfoH5DZSnffK1CfXYYHJAUJUg1ENEvvqglecgWbZ4xqRqqiKb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGKTCCBRGgAwIBAgIIWA60NaoYF7swDQYJKoZIhvcNAQELBQAwgZUxCzAJBgNV
+BAYTAkdSMUQwQgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2gg
+SW5zdGl0dXRpb25zIENlcnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMg
+QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTAe
+Fw0xODA2MjcwOTU5NThaFw0zMTEyMDExMzQ5NTJaMIGJMQswCQYDVQQGEwJHUjEP
+MA0GA1UEBwwGQXRoZW5zMUQwQgYDVQQKDDtIZWxsZW5pYyBBY2FkZW1pYyBhbmQg
+UmVzZWFyY2ggSW5zdGl0dXRpb25zIENlcnQuIEF1dGhvcml0eTEjMCEGA1UEAwwa
+SEFSSUNBIFMvTUlNRSBSU0EgU3ViQ0EgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQCIymFucfh2tIrX/DgYGH3MdDXEBjZEENYeEEHjCgexPps9tWz+
+oTudWpgcWjj0gCmpBUiwCemwE9xTrvcdr+6eQglHxmhfXnsxlLwHZhxpuP6+smnG
+T9rTRhP5bsHp5ohzzuA3IrIugElgetTXIt4VXznf42kBcEO4lQ1S1U/z49TSEbyy
+CanIoirjeyuk5Nn6KN9p9ytFwRQi0/umb8Drx65ds4gEe4B5+HizeH9SsegWPL4p
+N2yqwN4KkB93QG2u+IBBS4U9Ouz3gImStRORgzowZfvjQAAM7fFfmfyTV4JOiz8M
+OacDPmGX/kZL3V0pZLmklDcyi9da2kP3rJMOpvo4NhI2jDZM5pTGOMc8RuQeNtZB
+uQacJYgfPxIE/7dfF0JLhEIhUlAcoGrbw5Y0PC3UFiiLr16UQ5kjbx2kiUQZa1fi
+YTU+UzYbzpmYXiktduQhkKpmFLPDcmOQhAGU0cs82yanT4Ld5WFULWE2WoJF8rtS
+JdzzLLIF/DS4VopiMDozLjLJ9nfMHTkp7tuwSIu21Wa+qZ7YC7K5RxZ6h1rQi3WV
+TZk+ZMxOLhCFHlO13VMNtzvFDR61jQ7PRBtCOj9Nvm1rjyU53UH/1/SlOSbASk1j
+tRudbXWgjsnfNn6kpWbYdNm5bKjkibU5TQ/S6p+vmjus7MA2qNjje2wPpQIDAQAB
+o4IBhTCCAYEwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBSmkUL9E2FK
+I54IpCnl2BMEI+5BJTBvBggrBgEFBQcBAQRjMGEwPAYIKwYBBQUHMAKGMGh0dHA6
+Ly9yZXBvLmhhcmljYS5nci9jZXJ0cy9IYXJpY2FSb290Q0EyMDExLmNydDAhBggr
+BgEFBQcwAYYVaHR0cDovL29jc3AuaGFyaWNhLmdyMEMGA1UdIAQ8MDowOAYEVR0g
+ADAwMC4GCCsGAQUFBwIBFiJodHRwOi8vd3d3LmhhcmljYS5nci9kb2N1bWVudHMv
+Q1BTMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDBGBgNVHR8EPzA9MDug
+OaA3hjVodHRwOi8vY3JsdjEuaGFyaWNhLmdyL0hhcmljYVJvb3RDQTIwMTEvY3Js
+djEuZGVyLmNybDAdBgNVHQ4EFgQUWtM9TvoN+06dKIZSRWLElShB/tEwDgYDVR0P
+AQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IBAQBWEu9/OW3AO5vvTpd2lFzRGtmj
+DpQiOM1Lfu1zBkS1owRlqmQHciJy0LgOWt6hh1HSXARbIPdnd2YeL9Qw5CNvwBrl
+B6xd02nidsiDiaJGFwwq8/8nbHxKvxV94A84UYfDbzX1YuJF0r1Qs/Bz0xXj59fZ
+pyviH9TKeEa6SnzfXyaIxWaDjPMPGZ6dka2pjY4EWUx5Qs2Pl7eSz4MG+NNhcUDC
+7UJA5iLRuLidYMhzWW/ECOZJgzfNAZ0fj7pjDD9d9mdACtDK4tPvm7QvD2/eSwOm
+m7ab9h5oK4TcVWDJ0M8n9RsRQmpRoihmL4SLQPvB3U1EgGGXggPr9lj/K8rW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHOjCCBSKgAwIBAgIINbikuOiUIbswDQYJKoZIhvcNAQELBQAwgaYxCzAJBgNV
+BAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRl
+bWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAw
+PgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRp
+b25zIFJvb3RDQSAyMDE1MB4XDTE4MDYyNzEwMDQzMloXDTMzMDYyMzEwMDQzMlow
+gYkxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHDAZBdGhlbnMxRDBCBgNVBAoMO0hlbGxl
+bmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0
+aG9yaXR5MSMwIQYDVQQDDBpIQVJJQ0EgUy9NSU1FIFJTQSBTdWJDQSBSMjCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAI4SdW6h/TbHOmX/wxztizhbtHtC
+74urzSJVQTiK8pmhY2OdukR3/QBM0O+3+90ZF4zC3JQifHcXiICwwRk+1uI49ryz
+dj1xghGqRmt7wIKgnNrH4/39SaSQuhirwCxug0bstZFA5JvGXNMDbEEExUGK2M2O
+Rq2zNz0gvqmQ/PoANaPpb/Wh2mj3L2nlxoa+uI5U4PYwhjnd6XLJ9kmGKlIVopZW
+ZQGWgkvH5VDNUZOKISehGD5029bA/P3X5ozQxFPanePyzTKHTT06mIUS3ukCxfcy
+Oit+PADHBhS9w/QIZivr4wqzodY6UJ5DgxDCOQYUakmsXMqWPx1SS3YRZryj8Tz/
+DaaIqbPOMVsWK4c88BrbTUJ9lBob2kdDwd4psEFPxHwc1w9ReRJCDXid0FHj4iaz
+yjOcNRiDiEMD9CUptl3EZdyW4ILUPw2YwT+sqAIjbPBRJS/JHdwjnJ8E0kRuzHIj
+xgF7PWnDeDH6T5JYi5qcdlyrvepCEdSCK6cIUEhMri0m8pJ/h7T2Im3tbUjJQbah
+bbTNTlxds3js6RkoSC+Ia7EYm1gLQzxLjjsWkOTl/r0iW8hjAgoah+BJyaYFiiY1
+hXnM3azNwrk7xt9c/5wCSm6lL7JPaRkBHxhI456IgcD18pqzqxAQ1AKkA7V2QQsy
+s8PmF+HraIDjNQwTAgMBAAGjggGFMIIBgTASBgNVHRMBAf8ECDAGAQH/AgEAMB8G
+A1UdIwQYMBaAFHEVZ8jIyb11XXLQOBhqnfNxJFQLMG8GCCsGAQUFBwEBBGMwYTA8
+BggrBgEFBQcwAoYwaHR0cDovL3JlcG8uaGFyaWNhLmdyL2NlcnRzL0hhcmljYVJv
+b3RDQTIwMTUuY3J0MCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5oYXJpY2EuZ3Iw
+QwYDVR0gBDwwOjA4BgRVHSAAMDAwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuaGFy
+aWNhLmdyL2RvY3VtZW50cy9DUFMwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF
+BwMEMEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly9jcmx2MS5oYXJpY2EuZ3IvSGFy
+aWNhUm9vdENBMjAxNS9jcmx2MS5kZXIuY3JsMB0GA1UdDgQWBBRo3vC9e3o8ffDS
+j7LxZS8/PiEU8DAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAAD6
+wgZr9tD+KCSWMtPPN5IeQXo319qDekNzUWyEoYMcgfkSSGyBqDaPu80LjFFJvWBm
+XyBzis5tbuv5ynVhwval65yK+QEZYLVOiKIUQ1NPglux9a2VD+s5hUL3l7WEHTFY
+qIuNNAM/gV1PPOFXVErgEY+PS3u6Q2Pjp39kFebzuJiHGASFw1ajDdaihLhkJr2H
+bxXVyWjQfrqWJ0K6djKLmM/HHF4tYeVmfCjz1fn1EvUGrNKw+DP5VIaDOQlFm2Cz
+JpjBkaLsVlsoqNDgGeH3QkZpyC2nuhQCK7+28QIS2uy3Uk4veVnST0i0jkhogNvV
+5QM8wWwLrFrcX2JZQ3Jzg4pLL0FRoR4NIBMQvIGoccWHHWdUrI3d7cuZAd8x0XyR
+2+Nus2jKavInJQHcPDU3Az4P8T9fyw3v5LSoi0mXwSRg2xsFe+DIJhRjt3f/AGX3
+yMiKdqsGtM6ox1myLMwh9Xy0bK/G4ldnzUFmKmw/04j6dyQGBsCcEGt1rcyihzFR
+Q4x/pERC+BPsi9cZq2xDixn3sI//UIwYxgEjdx9fgYTpHqiQ6D7zLqp7k/LigNhY
+0f47uPkqOW9g4vEUSwuG1rdT/u21sFKK9yNCeTh5UshnxfOCaxQolvXJsYPsNX+U
+4IA+FR78WF5OM79Di3P5XviNqP4MosIWEYMSQJrG
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIZDCCBkygAwIBAgIIAaS3Z8WljY4wDQYJKoZIhvcNAQELBQAwgawxCzAJBgNV
+BAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQg
+d3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcx
+GzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEnMCUGA1UEAxMeR2xvYmFsIENo
+YW1iZXJzaWduIFJvb3QgLSAyMDA4MB4XDTE4MDcwMzEyMDExOFoXDTI1MDUyMDEy
+MDExOFowgacxCzAJBgNVBAYTAlBUMUIwQAYDVQQKDDlNVUxUSUNFUlQgLSBTZXJ2
+acOnb3MgZGUgQ2VydGlmaWNhw6fDo28gRWxlY3Ryw7NuaWNhIFMuQS4xIDAeBgNV
+BAsMF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5MTIwMAYDVQQDDClNVUxUSUNFUlQg
+U1NMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IDAwMTCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAOTX1Zh09z52UHsBb4itNN1nHE4jmbvw4QxQP6JzPBE2
+HYL0N3RDqIUc7jEiOgTMN90w2Z+2p40BUrpWS0+sIRcZl14McSrzIUjLAqHu6n6Z
+yDfRzAJtlhkoKXprimqVXI0zQkFRBGrO9SfPOqnciBytMv6CyRV19vwIjyS21+tv
+zhId401J5ab/weycKRi0V2ki4V1vPOIkW2ygqXSAz8XwLObvhTdyETHZCFEpge7v
+czc2HCTLQ90iJcTEy0DYmQU5j05KuYsHp7g0tc9UH0X+I/LEQqqSv9k4B8RYTgzP
+5QU7aG/85Lu8Jbb2Rce+Rf2uuKds2XVmqhKb/k4OQ057unOy9EKVRsqA012ofyEU
+IJSixdSaF/Bz8qtCxX6Qeyvjjk5a2k93xdr/DoDJdRv60YWwbkNVCk9gj6CttbF8
+m2YHuVaOxCjo79/pzTnsgBZf2/C0thKdctuzvkXy75Fa1Oa20BXDDVSHQGg4iuex
+cyEr98nraAGm1sFkzcaRprtwNCjyrYNdlehLehamzZOU9+y+0v4qZGfBLpRz8Ac0
+BJf7NdfUIUiZ8GhwJ3Ml9mhdG+ND0P+LhtAiI9m3MnAkNoAHS1VAQGgshp4TAew3
+vvuSKvZ9Eb7ct9vz5c5YPZ6Y70bE14wlqpu4ZlDbb+KaMZa2CNHAMuCFmuCjW9Cb
+AgMBAAGjggKLMIIChzASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSwAjlS
+Ck9zmsjZgUU2XRGdXyM5lzCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDprru1U8VuT
+BjUuXqGBsqSBrzCBrDELMAkGA1UEBhMCRVUxQzBBBgNVBAcTOk1hZHJpZCAoc2Vl
+IGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJmaXJtYS5jb20vYWRkcmVzcykx
+EjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJmaXJtYSBTLkEu
+MScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiCCQDJzdPp
+1X0jzjB9BggrBgEFBQcBAQRxMG8wRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuY2Ft
+ZXJmaXJtYS5jb20vY2VydHMvcm9vdF9jaGFtYmVyc2lnbi0yMDA4LmNydDAmBggr
+BgEFBQcwAYYaaHR0cDovL29jc3AuY2FtZXJmaXJtYS5jb20wDgYDVR0PAQH/BAQD
+AgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBABgNVHSAEOTA3MDUG
+BmeBDAECAjArMCkGCCsGAQUFBwIBFh1odHRwczovL3BvbGljeS5jYW1lcmZpcm1h
+LmNvbTB+BgNVHR8EdzB1MDigNqA0hjJodHRwOi8vY3JsLmNhbWVyZmlybWEuY29t
+L2NoYW1iZXJzaWducm9vdC0yMDA4LmNybDA5oDegNYYzaHR0cDovL2NybDEuY2Ft
+ZXJmaXJtYS5jb20vY2hhbWJlcnNpZ25yb290LTIwMDguY3JsMA0GCSqGSIb3DQEB
+CwUAA4ICAQC0NGt2BqbMpJ9r3xUvSdsbXOcLrhfLP0yx72gGKW17gJ64fpr+tglf
+hP476JMyvvmeU0gGG7543NdYO24dF7YGjH+GeRWidvmA0Ri4GIg6vi58ISeRJ+US
+aY+Po0yFRmaboZGi/Xtzr+g6QSMW+AC4qHNYJU/Yal2C3hT2xAyYbr8A/ty4ZKUD
+OCEDZ3N1MN7vrkgnBzTG5Z8XxHbcVLZ8Fpr6V8SBZeGCod1wq2WT48/vE5FxLrL7
+vVejQFmw3QkM0YcfLWEf3l380o+z4AyKoiSUGoPiwxVH6OKBAhxmye/6xeQ+uXPw
+OxUKcDSvuzGpdK9GA/I6kYEaYbMkZwi2H97BExwd1hsWoYpxilcGEXXQhmZ6pnjq
+C6jMRMDPrPBjcsB2XJr+Cz2EUooG6RuNjQTaceiHneFQrhykR21hw0TEobzqfpqN
+6WZf2sLHhcZ42uGwVyoGgC9EtHI/hspQEbtGQ+jXwnEzfzfu25XQ6rfwQxV1HF7I
+yl1pypk9b0tsttFDzdDrrpAOsG9YF0i09fQIrTf42E1H2JQheq2L1qnMszNUN3qw
+PObfqN3k0ZrImpDL5aBPpb0kgNZxr0D4bCi7kSWwlNnjWM+i8kdndg9W2BkzFV/A
+wKXoJijDteXrLxkLkWdN2k+W4/Jsvs/M4LmaBEruqTeUMa9FHlqJKA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHGjCCBQKgAwIBAgIQaH23FxdE2iNbP2Jac5P4pTANBgkqhkiG9w0BAQsFADA4
+MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6
+ZW5wZS5jb20wHhcNMTgwNzA2MTIzNjQxWhcNMjgwNzA2MTIzNjQxWjCBgTELMAkG
+A1UEBhMCRVMxFDASBgNVBAoMC0laRU5QRSBTLkEuMTgwNgYDVQQLDC9CWiBaaXVy
+dGFnaXJpIHB1Ymxpa29hIC0gQ2VydGlmaWNhZG8gcHVibGljbyBFVjEiMCAGA1UE
+AwwZQ0EgZGUgQ2VydGlmaWNhZG9zIFNTTCBFVjCCAiIwDQYJKoZIhvcNAQEBBQAD
+ggIPADCCAgoCggIBAN1INsruuFEV4Z9tcfhNC9neg6vTQYhJPNFJQmKGJVcELjn3
+Scf8kP0jJJOWlDKxYiP1dXjzV0FpK2colXDaV7gHXD912VoPVLmbRyK3UyV5YYTO
+TGd84ErKtIceYLa7Hv38zsZnIkL+rfS98QoivMcZhpjRoLY3IUZ9U7j+DX/MkkJ5
+u6cXRe1vB8x9FwdWSwTkkLK4+lOhFOW0o5LDnt99Hs8ddi48KEflIbS7qYZty/Wy
+SH6pvoi2ZqEAFL4eMIos4TMfV5Pdrd13HAB45Il/kdva0dq6GHfpy3absBZhsxVb
+mvdAc1f66Ytr/qoLKSwBxRM/cCpQurnbS74HVgA2xBPEHM75J/YBa5uMgI/yxTzo
+EiaGhExhTMUGG+9od8oqhXzDR1ecyxXqndVzf4RJB+zgd4LWnVXM3DJC0WBgmFES
+Ucn0fqoyb09RPN5vFtjY/HeAuzm39p1RDclejAWWnQaDAHJrKUsk62zWKpJjuR3m
+/WhLo9upz+oWO8hAofLIdxH7BOFPL+OOOsWJ8qqQPZpIZQZkwV02WBaxYufwMjgf
+t4anyPrfRgujyIxFmUJxxTl6faL5XngYkZK1f4Ns2hOfn1qKZEX2C9UlCpBrSVQi
+QMkM0Q3fnYOa7TBDB/f9yroxmrLmXUuG3VOCZ3rtN70DvcL7KbwiNlX0ld1RAgMB
+AAGjggHUMIIB0DCBxwYDVR0RBIG/MIG8hhVodHRwOi8vd3d3Lml6ZW5wZS5jb22B
+D2luZm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+SVpFTlBFIFMuQS4gLSBD
+SUYgQTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBGNjIgUzgx
+QzBBBgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAw
+MTAxMCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
+BAMCAQYwHQYDVR0OBBYEFMbt/nf7UVZN/KvV47EME6O/VOObMB8GA1UdIwQYMBaA
+FB0cZQ6o8iV7tJHP5LGx5r1VdGwFMDoGA1UdIAQzMDEwLwYEVR0gADAnMCUGCCsG
+AQUFBwIBFhlodHRwOi8vd3d3Lml6ZW5wZS5jb20vY3BzMDIGCCsGAQUFBwEBBCYw
+JDAiBggrBgEFBQcwAYYWaHR0cDovL29jc3AuaXplbnBlLmNvbTAzBgNVHR8ELDAq
+MCigJqAkhiJodHRwOi8vY3JsLml6ZW5wZS5jb20vY2dpLWJpbi9hcmwyMA0GCSqG
+SIb3DQEBCwUAA4ICAQBYRlfC3xiMdbPZfP7j+5iHtfH1sCFGWfUF8PdWR5CGQHXq
+9gybOYNDYBg8fQNIl3wKMZCI7WoXn+8e3eUUzKblhzU+009CNc2bPHIW4nCn8nak
+JAcy3ZvDFO9G9K00aiu/aTgLDXnvR71crRx1vTOu30K2Lq9sJNzc8DeJWKmXY4Vu
+J6C5AgwRsmtRlIBhudOyKTeXU72dRDEFejt8bGOt3gIuSEgrlPGEIP1LRnVVyAnR
+RWfMOvDjwS5DQQs1j9/YIKS/w9pGB40QsCzUBsHd3N6VCtTi59ZDXky0DrA1c1ae
+QtyXc90PfqYTwwEwYnQHsR6U0gk8SUB6xSn1nwUuWmHriJtmQGphGw4ax76sEJXN
+k7XUJeclyKFCUK8gX6fYMb/l0hu2O93sEyfGJF9uIcqvduqEjRWQY36F/xO4r/ZH
+ndVrI4vMlYN0Xiz/tPS61b3kkrWUVsknKfic8cuBiqGgop1ni0RNylpVk95UsROm
+3Cfdcf1fdwVA6poiiYQiINhWb6mF0P7+DcfccC3llMYvxsfrx+11jt8YCQYI8FF6
+5FxPCt+YEBO2hnOnPMK3cA8Yvu5ol1fkE/5tcpcjPeRrvuPy/l+at2pj8hv8f4FW
+MX6Gj8zt8+AoAprvXeQRaiEO4FL5alTv1Rqkv7i0HCGIpc+Ct2ApdcBtC4uSTA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF/TCCA+WgAwIBAgIRAOu6PYua4W17NhIwXdIU9iswDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MDcwOTAwMDAwMFoXDTI4MDcwODIzNTk1OVowcjELMAkGA1UEBhMCREUxDzANBgNV
+BAgTBkhlc3NlbjEQMA4GA1UEBxMHR2llc3NlbjEWMBQGA1UEChMNQ2VydENlbnRl
+ciBBRzEoMCYGA1UEAxMfQ2VydENlbnRlciBFbnRlcnByaXNlIFJTQSBPViBDQTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdxKIenpwImwr3dZ4p0zDSs
+tGBJ0s0js8Sx7XnUvCji9L9n6hM10hd/pNu12q/PPrqk50aFiJ93AW4zwQDGGtpc
+AyDJwBtCor3rOaVyWLnv0CARqKKmrPitp4Of1HhMqcG/yuR6kU0pbKQKQVSQ1cDk
+N9IxKadMFjcxUw6kvPDQBdOMHAMlLFeXC5SOMEmanPZrWlAMSLr73F+ogtNREGQM
+iPK3XmTsv58C3Be8iCWRbGW6Rp54O+zogiw3VwLHYZQDTiHdgzMw9OIW2rOwYUp9
+nxZHjdFR7ebX+KE7sxXiosk3MnV0vr/nb0MhkgSikwvhbRoPOTWO7l954HXYo/8C
+AwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0G
+A1UdDgQWBBRO/IF8baPlGobqqDhmbpwy7M8NlDAOBgNVHQ8BAf8EBAMCAYYwEgYD
+VR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+IgYDVR0gBBswGTANBgsrBgEEAbIxAQICPjAIBgZngQwBAgIwUAYDVR0fBEkwRzBF
+oEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRp
+ZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcw
+AoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0
+Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0G
+CSqGSIb3DQEBDAUAA4ICAQBxe5XWjfNN2hULvD6W2OBfvrgQIEVFMzQ36kZcxxvM
+f7u+eEn89JhraHwh9YTEKypptWnR3e7NfP0ZrrQF5nfrqmqWdA7fBczj7rkJBs5U
+aTxBlnZasUJqJj4p3il4ytcbebM6XE6zM/+NeNQ3R6jHaR6cJ9EMbUphaCPYCdEY
+VCxJZgvfLfQo4/2sCKVzGaZeT85F8/CIvEsqD7PlAvEkK1pPUMveKzOvVKSFlW54
+AH1SrLUq8yEKp04JzQ1bW9t88EM7Ll2PQKFJs+umxmCnurESpjl/dpJg4XrtJQqR
+jLasfuSxaXgPsYN/aNPNNJSluwxBdo+ql/tHB62+ApvuY4dHEaBQGY074PLo8CuR
++/2xbHGzXgm6ZMaO/OwMHJiGrgf8fYE0FNmUrU81W9ABoveBgAFpPeJgqvGs6M/c
+YnSOO7g9QXWraHhM2H73o89MxijkpEPM9q1vTk3jzaGLk6ISneuuh0d24IyAprKi
+20S5MGnzZtSvb4yI6lMfji3dZaGRzOWvhKYtUjPVX0Vk2phHmsVfdfutaXzCwHhF
+jYeu4Ej5IhHmzhYAecvIN77rzDUdROG5TsOQogwlchgbgC/1tN6RNNXOmxY1a2AN
+gsMnSR/56NbfXPIxVEpoEfrYQIDLBTIpGhkgWAMEi1DnzH2YLw8GB6cCe4dIioxf
+cA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkDCCAxagAwIBAgIQL9WP4x+8PVVyfGhYjrcrezAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgwNzA5
+MDAwMDAwWhcNMjgwNzA4MjM1OTU5WjByMQswCQYDVQQGEwJERTEPMA0GA1UECBMG
+SGVzc2VuMRAwDgYDVQQHEwdHaWVzc2VuMRYwFAYDVQQKEw1DZXJ0Q2VudGVyIEFH
+MSgwJgYDVQQDEx9DZXJ0Q2VudGVyIEVudGVycHJpc2UgRUNDIERWIENBMFkwEwYH
+KoZIzj0CAQYIKoZIzj0DAQcDQgAEFla5R1oeT9C4PJt5YyFkjYYP9uBxBKqaZcqH
+/QqxSvOFd5VfRrRkgr1aYJX3fdRDPLSqHCzUSMwVpAKC9QixcaOCAXUwggFxMB8G
+A1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBQFB4MrGHtx
+lpwlCXC1g80TVxlH0zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsr
+BgEEAbIxAQICPjAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2Ny
+bC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3Jp
+dHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51
+c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2gAMGUC
+MQC9GhsYrhaF1JVEq4gPwERT6ECmUS1xsS0Bg6Bwo4nEjcFWLx4BstBi9t5orojA
+eOgCMFSRlRXzyqJHXut6F0zATqxHrM17JvieLU+qSm0tpJ36SEIXElHB80MQDIs0
+rHvsLA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID6TCCA3CgAwIBAgIRAMpnPizyr+w2NfxlHraUhNQwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDcw
+OTAwMDAwMFoXDTI4MDcwODIzNTk1OVowgbIxCzAJBgNVBAYTAkRFMQ8wDQYDVQQI
+EwZIZXNzZW4xEDAOBgNVBAcTB0dpZXNzZW4xFjAUBgNVBAoTDUNlcnRDZW50ZXIg
+QUcxPjA8BgNVBAsTNUNvbnRyb2xsZWQgYnkgQ09NT0RPIENBIGV4Y2x1c2l2ZWx5
+IGZvciBDZXJ0Q2VudGVyIEFHMSgwJgYDVQQDEx9DZXJ0Q2VudGVyIEVudGVycHJp
+c2UgRUNDIEVWIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEO3tvqwqs5vmJ
+1xbnHhKDuek7V1xuRupZkparH9sYuS0tJqx5LeI8Ib/VLTuu+jy12fyXsxO2RgGK
+otk61wzd1aOCAY0wggGJMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2Oa
+MB0GA1UdDgQWBBTPBif3zAgPmGJIxedA9beT+DvQATAOBgNVHQ8BAf8EBAMCAYYw
+EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwOgYDVR0gBDMwMTAvBgRVHSAAMCcwJQYIKwYBBQUHAgEWGWh0dHBzOi8vY3Bz
+LnVzZXJ0cnVzdC5jb20wUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2Vy
+dHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3Js
+MHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1
+c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlo
+dHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2cAMGQCMA2nSJGm
+LYKaByydKTEvFTiEpQM50zh4EOx7Xot9iQpTStEZrZ8af5vwZGb9yeVyZgIwXU4a
+/QNZ/LHBkulYzOOwneK3miazSfg/xqA+KNXypHwXhP3hmshQolBUTO5YxK7Y
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF/DCCA+SgAwIBAgIQZxGIu5TD/7pzBUDRxUUqDDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgw
+NzA5MDAwMDAwWhcNMjgwNzA4MjM1OTU5WjByMQswCQYDVQQGEwJERTEPMA0GA1UE
+CBMGSGVzc2VuMRAwDgYDVQQHEwdHaWVzc2VuMRYwFAYDVQQKEw1DZXJ0Q2VudGVy
+IEFHMSgwJgYDVQQDEx9DZXJ0Q2VudGVyIEVudGVycHJpc2UgUlNBIERWIENBMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigxDNOEbVyOn2nyD9uu0FUbx
+99k6oMF20pBRnVD++qtJTx/6zalqqbCR0yrCUPEdEnYULJ3ukDOrEel4EW7mLgLC
+GAfLcG9/ffwOwdz8LD74WSKwiFE5T8m3jtsPM1XoRKee9Ay14Asvk+sJCqaFODVv
+glPRHT+Qnh0uunu0negtUstEQo4sAgp2I/qiG152J0kCEjHtnZ1RtKacC/BJlHMb
+igiIzTF8RjLGTHCxD1DwEj0ahzfasSzq44UkLLQWvPYN+mTWekRWFWelyq5sNkxw
+ssb5eO5iAWRC0U2ZQUxrWuJEuUyGaO1j3GNlZJIeMhcTj4+qQ7v1oPOfQYC1cQID
+AQABo4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYD
+VR0OBBYEFBEL8qqKfDptm/156w7Iw17ciOXPMA4GA1UdDwEB/wQEAwIBhjASBgNV
+HRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAi
+BgNVHSAEGzAZMA0GCysGAQQBsjEBAgI+MAgGBmeBDAECATBQBgNVHR8ESTBHMEWg
+Q6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlm
+aWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAC
+hjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RD
+QS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJ
+KoZIhvcNAQEMBQADggIBAFAN3pCaUsOcbpBp3bOY319JDc35duEEKJJ+M5e4oWdC
+jHLFdDxcPwcROUFEtjYwV2KGANhFwiWQ9hKbMi2jdCOHM5zxeTsybr+JRSZ0W1+f
+iootRWeE+wbGwCBCfy+XupqsQdUHzbgQKGSo67WgCLK77qwAfvvWr918WYH2BUgq
+yo90PKwY1yYeA2p8AlsmbGVrHFOVReDuCU1FVKAL/X11fb+zwfFq5BkZrSeCz5hp
+U8mlXU2OSdg9znuYxCJrhqx/FUYLiOk60UFGvyjT+u5C6LaPayRLkHErwuibTxxI
+JxSIsBN2t7J1h/ieZj06JPQd85KE0TCwk/bRaJR5++pCChr8Akqr3BzidjmNVIFD
+0tifoZN6R8krLFjrmkbV2FyERC9BkYJ2aub8alVZvzTRw28zF9R2P74muKNU40aF
+ze01/ucVTkbFXS+Om12WxQpgdhJF5wytucer94ql4A/CIsyPLBVgRhms7sI/p3zS
+ttHS7qDWCjXws+d1yfMC4e0urBQ9QxXyWry4dWaOmdN7XR7DGVtxtrjr5iVJseXL
+EHlrnV6AuHzuliDUUZfsDgmhMrgnE6fSBbu9FRjm3M8dHwt+wipOJOoBa7gvnuKi
+nxWEl8vpexf9yq/DPrjiHcupNeAq7NoTqoFvLF7qRzEMMdV2RrDw+yVV5wpVSH2x
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkDCCAxegAwIBAgIRAPEoorqEPeql1Nv2H3T00W0wCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDcw
+OTAwMDAwMFoXDTI4MDcwODIzNTk1OVowcjELMAkGA1UEBhMCREUxDzANBgNVBAgT
+Bkhlc3NlbjEQMA4GA1UEBxMHR2llc3NlbjEWMBQGA1UEChMNQ2VydENlbnRlciBB
+RzEoMCYGA1UEAxMfQ2VydENlbnRlciBFbnRlcnByaXNlIEVDQyBPViBDQTBZMBMG
+ByqGSM49AgEGCCqGSM49AwEHA0IABPRHe54fgBwEBJFs//MkH/dIP85pc6A3EGvT
+0PgNNtmhVUtDN4/WvU6/JmS2JRbovOM007gQA3zNCmFM4Pka/LajggF1MIIBcTAf
+BgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUUqPmqoyM
+j1iPV6rAt8liZO1hCvswDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYL
+KwYBBAGyMQECAj4wCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9j
+cmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9y
+aXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQu
+dXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEF
+BQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNnADBk
+AjBcAYXHETH6+G81Fnwl94RG9M5m0QBfR6IIl5osPhaD72LMUBKwRCw1BTI0NnId
+JuMCMDvkimAItow1CAh5AF4CXZUIA7BD8JpCR1fT4dAHAHscR9OwlFfVkRRGT03v
+ZFzevQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGVTCCBD2gAwIBAgIQNDS08r//1aRL0egoOt5KqTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgw
+NzA5MDAwMDAwWhcNMjgwNzA4MjM1OTU5WjCBsjELMAkGA1UEBhMCREUxDzANBgNV
+BAgTBkhlc3NlbjEQMA4GA1UEBxMHR2llc3NlbjEWMBQGA1UEChMNQ2VydENlbnRl
+ciBBRzE+MDwGA1UECxM1Q29udHJvbGxlZCBieSBDT01PRE8gQ0EgZXhjbHVzaXZl
+bHkgZm9yIENlcnRDZW50ZXIgQUcxKDAmBgNVBAMTH0NlcnRDZW50ZXIgRW50ZXJw
+cmlzZSBSU0EgRVYgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX
+EofkFhTXr8nq6xdBkQ0iOoMH2pVgUwC7OcLr4A5s8XCgEug9a5KxCLkSfzpvrMKK
+yD0vxv4NV4y82f3HCUsGlz3Q7VBCQAF+OaI5Vb0QNp3a7dzDkODDFzuULVAHWi3q
+IvwnCE5Iv5pwuxpLmQBAP4KjLYZuSxQDXSy6WkmnL3+ogDfdPy2iQSjScVzgRiCf
+NDGEtnYr6Dy8lf13C5qfVRRXq2WsAeplUZaTbRp0khE4M5IR90mf3KkuiRt+vV/T
+GtiyqyOzCwUSqs0AoKKx2QB2XZaVNdmWYCELjPd5pFrz3PjWBS+MqC0HB3quPbzw
+VlThFiWy/M/49W3QkyztAgMBAAGjggGNMIIBiTAfBgNVHSMEGDAWgBRTeb9aqitK
+z1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUevI4uxLmYzZAbyK+q9uy3L8291MwDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMDoGA1UdIAQzMDEwLwYEVR0gADAnMCUGCCsGAQUFBwIB
+FhlodHRwczovL2Nwcy51c2VydHJ1c3QuY29tMFAGA1UdHwRJMEcwRaBDoEGGP2h0
+dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9u
+QXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6
+Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAl
+BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0B
+AQwFAAOCAgEAdZE/AEpY35sc5dkSlI49p6aNNH1XbsF8YnqiUkw5FWER/eoBwc7L
+FMaVLMm4W2bqy/G+dNxKczYMWlPmzhg94sAJCxHkxXvQY6Su9io+Po5RyThIFV82
+CH8cZdIgT7Un8b95OezaVGYcFNrBAkUQrMDWvG2/IbpphALq45R8UwOVKzATBh7m
+6k8tCXNfuOv/um6BwplH/GC8jYpkXmFOnbZjvmL1dgux1H5vQMCvok/c1+LI9Yec
+qngOo8/QNV6kR8Gcf3wJwAluErxXFuiIH3y0hqvumTHolqAiSOe7/iv/gfcU1/AF
+l3ZMYbpZUAbvGjkMu8HlTHw9ND/Yf1ooaWdjZ3SykscKbUnOK9ddReKk5GY7S/04
+JKWVkMfDJUzRso4GMTdf0wjDZCjZHp0cgISReYS00+uatCJU5FHpQU6SW1u8sJ/s
+GiP+nmnqnnWwhvZ7roZiloudVl9hKANP8Ll0ze2KupJlI8WCr479uq2NH2iGu/3j
+HT2JWhKKVtwiSrVbtZO+gkYa1g/RBxBDaRdunrHkVm0XHQsgj+h4gw6Xj1OpCZMJ
+PC8KE5CVIdpb20rLnFB4PWFbl58O/8na+t6vkgzNXVfQb1lk4CEdlgjDpRknB2MH
+IsK3/7JSl/3pWBUrp41WhK4g/uN22tn9mukWMWvWK4wuAgQ7D927tUI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDwjCCA0igAwIBAgIQZVQgp61GpFI5YQ4bRYdLwTAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgwNzEz
+MDAwMDAwWhcNMjgwNzEyMjM1OTU5WjCBozELMAkGA1UEBhMCVVMxCzAJBgNVBAgT
+AkNPMQ8wDQYDVQQHEwZEZW52ZXIxGDAWBgNVBAoTD1RydXN0T2NlYW4gTHRkLjEz
+MDEGA1UECxMqRUNDIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgLSAy
+MDE4MScwJQYDVQQDEx5UcnVzdE9jZWFuIFNTTCBDQSAtIEVDQyAtIDIwMTgwWTAT
+BgcqhkjOPQIBBggqhkjOPQMBBwNCAARF0YSP/w2jEH3ADahYTXzbGIABuPVRGLZG
+nZ/WuFWUmxsFvu9iTgnNRO5Tq9S/fIzbWSFpKghb7icZguEpH9TGo4IBdTCCAXEw
+HwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFDiF49YK
+amxIk2wf+YG2R9vIJJ9lMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0G
+CysGAQQBsjEBAgI/MAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8v
+Y3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhv
+cml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0
+LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYB
+BQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaAAw
+ZQIxAMp8AR2DOFD1xNpOzP56gp+4bGHPA+gcFsvBn2dZxFCfcMVk3lRT3nrRT5iI
+iL5R2wIwLJsZq6wYKdQB0fO+umtqidZpX8qtREvAJssLg2aW7B0Gs52B3xhW2Dzy
+rVLsjomt
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIRAJBuE8344SrHVZEVqVicPc0wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MDcxMzAwMDAwMFoXDTI4MDcxMjIzNTk1OVowgaMxCzAJBgNVBAYTAlVTMQswCQYD
+VQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMRgwFgYDVQQKEw9UcnVzdE9jZWFuIEx0
+ZC4xMzAxBgNVBAsTKlJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVy
+IC0gMjAxODEnMCUGA1UEAxMeVHJ1c3RPY2VhbiBTU0wgQ0EgLSBSU0EgLSAyMDE4
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidnSmDX9ViPaK+aTornY
+FGuPKFRca4ThtXSCPkJ9gLnyVVCdjdfa7P6azfGv07r8YprWtQZt73A/MqFdT0op
+BawYVvD4tnVWEMtsjGAU/DXa+qrvnfWm4cNl2FMXV63IoMbHOsAsV9753oLnCnhm
+EdeD+BqtqucZxoovKA7kv7e9ir8kKv1alxkc5LI5GrjmhOSVXZPa4c26YH5H0ukz
+dBxDEqkqfFiVfJGqStmyYMyFg0jbgWRrPr8KmogSmvsyIFpEZEAAhP8CDDhNY8oQ
+Ml8AXig2qW7Kor1yDNc0oDTbzmYRZm7u9pqxaPT+mj2rnQu2bpn/OgSj3f5WUNIp
+fQIDAQABo4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZssw
+HQYDVR0OBBYEFCdzNv0y4t66f0o0cMoDQe6gVUo+MA4GA1UdDwEB/wQEAwIBhjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgI/MAgGBmeBDAECATBQBgNVHR8ESTBH
+MEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2Vy
+dGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUF
+BzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1
+c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20w
+DQYJKoZIhvcNAQEMBQADggIBAHBxOFnbGnH0BBoM2neWiPTjxSrDaxQasUsJaWRS
+/6feXQjyR9uz9sYWh5pIX0AYlNmBGBhEFtRdOaPadjNlR8eFMnehqKK9rZUPr3mX
+tKXCdeWoycmTqnrZ03RrXIuDBs+RIsMc6dvO+1CIaLGOGxmr2+ibyAXWW7KObtTj
+ONRt7tZkmwakXxA+2Z6ZFVZxnlb1JyNn6/gYd3Hj8GnfS3c987gWeoc53pa7adEf
+1MbEMg5fRudDbqvoVhBbc5UGbD0DmaaFo+o1K8tmqkX0Ythzp/tvvcXABvvSzwAq
+Pi1v8nS7XIxl7PVzc8e7j0/MTUFzgs5H/y5LrNCbiYlT+t4XWWgQbp4Qffg7QD1M
+0baDlssNGbpdPgveeMEIG9FTRvXMamvnt71Z9PzLdMkkaRMO4rnKkocblb65oaQQ
+gPO+FnT/00lRcOR7/GdPTmuRxc550hf6F2kaOh/LS68CCLoSiuwnrX58/Jln7nb8
+it9YX8jVJ4kB7cBZsT4JJkMXg18oKzszDxVEr1qvECNoun2bXB29pDkPvUXrapQt
+hT1i3CIQ+dmRpPgatlP3HJqKWLJ76OHp/d5+zng+XuGgrFEJ1JpCdH5Pv4VrhyyZ
+oMcORjMQKebHa2Os+9n9OAlZKfQxgLAjloHQsRVjVK77zP7Kg2GASbTEIkgAZ5LW
+RLLH
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICuzCCAmGgAwIBAgITBt5lU/RxKhgxLf2itIRtGzb3bjAKBggqhkjOPQQDAjA5
+MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24g
+Um9vdCBDQSAzMB4XDTE4MDcxNjIyMDYyN1oXDTI4MDcxNjIyMDYyN1owRjELMAkG
+A1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENBIDNC
+MQ8wDQYDVQQDEwZBbWF6b24wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAT54+5s
+DVFTJ1ViZmj4Q6YZNDtTW9XnMo7GuR23TEgWcUWnqchC1tJ2vUEMJU9SJH3yWWeN
+p8rxiiEaiURj27/vo4IBOTCCATUwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8B
+Af8EBAMCAYYwHQYDVR0OBBYEFK5cgP9Cl8nDoJtlCwTOnnF/Ps5aMB8GA1UdIwQY
+MBaAFKu229cGnjesMIYHkXDHnMQZsXjAMHsGCCsGAQUFBwEBBG8wbTAvBggrBgEF
+BQcwAYYjaHR0cDovL29jc3Aucm9vdGNhMy5hbWF6b250cnVzdC5jb20wOgYIKwYB
+BQUHMAKGLmh0dHA6Ly9jcnQucm9vdGNhMy5hbWF6b250cnVzdC5jb20vcm9vdGNh
+My5jZXIwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NybC5yb290Y2EzLmFtYXpv
+bnRydXN0LmNvbS9yb290Y2EzLmNybDARBgNVHSAECjAIMAYGBFUdIAAwCgYIKoZI
+zj0EAwIDSAAwRQIhALhzrminJQeFNEOGC9JLWzlynT+3uBd6flr+oC+GiB97AiAv
+2QsQjxOisNt7+i3DWrPWZ5qKcadzhUIpap5YnGmRcg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4zCCA8ugAwIBAgIQCZ3/J88vXtVVP0ejU2fCZTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE4MDcxODEyMjgyNVoXDTI4MDcxODEyMjgyNVowgaEx
+CzAJBgNVBAYTAkdCMRswGQYDVQQKExJUUlVTVENVQkVTIExJTUlURUQxFzAVBggr
+BgEEAYQHARMJMjIzMDEzNzAxMSMwIQYJKwYBBAGDmCoBExQ5ODQ1MDA1MDVGRTgw
+Q0QwTkU1ODEbMBkGA1UECxMSd3d3LnRydXN0Y3ViZXMuY29tMRowGAYDVQQDExFU
+cnVzdEN1YmVzIElDQSBHMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AJwT8sRVYG+nfQu0L+PyeFR5hYJP28CLNBQzVyrPPzHnKRtiNAxRjf+Ejs8cAviS
+74gCMjpH2svXsxcF9L1DOO8iMfP7LgsfXUpfxig6UQZsCLx0sW2xvSCqny5WO76L
+nZQ3vLeS89B68InDkMffxw3M1b7EUwE1/ZPn7pk+IVY6bSgGeAlszRSkXwqCG/0/
+k2H2i2Gc89VmXEU5hE/HxkiEIVzQ1RFD4WGtExrYuNSeu38uQ4yjBHI2opGcCOE1
+Jj/hQ5cmPLo+g2xqi6r0wLP2UZuB9CC1B3uIDrTMTnw4abWVN0dnTVmhNg/MZOuF
+qmjAMwmAEEXTVJbIPNb8A9MCAwEAAaOCAUkwggFFMB0GA1UdDgQWBBRgiIt5mXuz
+s2oO+9fvHVzSWwwymTAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAO
+BgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhho
+dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDov
+L2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENB
+LmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93
+d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAY0JcIPKhW5ag
+to8ztFVeKFkuZE1Ap7c+rNL0jEB7LLOU9LO5L8kBOHCgWdhhs4j3Q9cY4KWDpg6M
+0Cqt63+KfOEImWUtJrwE13ErBxpP4tf/QPRKq+LLW5TLN19G5Ccj/wd9pLQge95O
+W5YFlT+wnwP7/8fCvkUr+K9WStDetNQomDJCFdgZ/0lMNff54KDOHsWe8REv0CSt
+zT7e69f7OfuJCGFb0MkRPnaXOsZ9AiY9cf3yBodqh5YwmktHjRinGNM6MP/9+GI0
+Ib7t9hhNbPNISGF1bW+LoJgu7kr+bckOruzkzqNtngjcZJZMsJOnIviRO59qYlHz
+nuImxzQJdQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpTCCA42gAwIBAgIJIrmxTch2GE4MMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTgwNzMx
+MDU0NjEyWhcNMjgwNzMxMDU0NjEyWjBbMQswCQYDVQQGEwJKUDElMCMGA1UEChMc
+U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjElMCMGA1UEAxMcU0VDT00gUGFz
+c3BvcnQgZm9yIFdlYiBNSCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAJIsszOU98kNAabsm7SzAmC90Q1KrbaVVR2WDR51sfC0rNU7xlUgqdJVZH9x
+08j/ofCastt8/5zPsy73ysZz/L67nEAZXS0W0Ee60vvmPzsfM1qSGgygCr8qZDs9
+BxsPcSCA4mMUtmrhXhX0fDlkwqCHUg/3qgImW18+9r6FclGky0rw00/OhiLyPHOz
+9ezErDaRCOc/tajvsgtdFg/np+AguMKzKGlfQ7oTg4ETShBPcM6m1KegCpfQ4UdL
+T5/c6S9PlvZuAPXTmk7SwpsfuCJvVjTLty/YzXP20jGgjMHuuSeuqMzHy/AdwCXp
+C/sKWBvN7ygELzJaFpUwokECXAkCAwEAAaOCAWgwggFkMB0GA1UdDgQWBBQzlf2x
+cvHmUDItWVL7p1rxBQHJCjAfBgNVHSMEGDAWgBQKhal3ZQWYfECB+A+XLDjxCuw8
+zzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjBJBgNVHR8EQjBA
+MD6gPKA6hjhodHRwOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290
+Mi9TQ1Jvb3QyQ1JMLmNybDBSBgNVHSAESzBJMEcGCiqDCIybG2SHBQQwOTA3Bggr
+BgEFBQcCARYraHR0cHM6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJv
+b3QyLzBABggrBgEFBQcBAQQ0MDIwMAYIKwYBBQUHMAGGJGh0dHA6Ly9zY3Jvb3Rj
+YTIub2NzcC5zZWNvbXRydXN0Lm5ldDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
+BQUHAwIwDQYJKoZIhvcNAQELBQADggEBAL+dAKKSk/1VSLHXMOOujq/OeyaC5Fod
+pnszydO+GJ3rxfzAKcUuNo9aOZRYf6kxEDnlnPtkpdvT66CM8On73uj/5HQw9Cwh
+rZUKjbn3bgf9qIHY7mijTUBDK2FawhdYX4QWI3wryYKGCw0PmMtpQ6w8P3dexnRn
+3pkV+1QgE87yfEqbzLzfQIrl4bDAOVeKyuUgruffSHqgEyMFHUCA+iTw16A4O9dp
+QUXSq4B5It9NlEJ764VoRovD6ujmyyfNlSG5YPpI1TFEbSZMwIOE3diZik7DWaUP
+HUYpj+c/7LggHA5pK915Yw4td48n3FHAunCqlwTWc9aRol1FXGBqN/8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpzCCBEygAwIBAgINALfzPrd462McvnyACjAKBggqhkjOPQQDAjBxMQswCQYD
+VQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0
+ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MR4wHAYDVQQDDBVlLVN6aWdubyBS
+b290IENBIDIwMTcwHhcNMTgwNzMxMDkwMDAwWhcNNDIwODIyMDkwMDAwWjB6MQsw
+CQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2Vj
+IEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0NDk3MScwJQYDVQQDDB5lLVN6aWdu
+byBRdWFsaWZpZWQgVExTIENBIDIwMTgwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
+AASgco960wV76MEdWtug1L/YHhkrZqorU/aHRUrHy/bW+MwlYCE+SiUk3KK6r/V/
+YAwMz+zqGOLeq1iB9osx34aso4ICvjCCArowDwYDVR0TAQH/BAUwAwEB/zAOBgNV
+HQ8BAf8EBAMCAQYwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0
+dHA6Ly9jcC5lLXN6aWduby5odS9hY3BzMB0GA1UdDgQWBBTZjRi4rCO2O4wXyetu
+uRcAaQ2gjDAfBgNVHSMEGDAWgBSHERUI0arBeAyxr87GyZDvvzAEwDCBtgYDVR0f
+BIGuMIGrMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwxLmUtc3ppZ25vLmh1
+L3Jvb3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAxNy1jcmwyLmUt
+c3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3JsMDegNaAzhjFodHRwOi8vcm9vdGNhMjAx
+Ny1jcmwzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3JsMIIBXwYIKwYBBQUHAQEE
+ggFRMIIBTTAvBggrBgEFBQcwAYYjaHR0cDovL3Jvb3RjYTIwMTctb2NzcDEuZS1z
+emlnbm8uaHUwLwYIKwYBBQUHMAGGI2h0dHA6Ly9yb290Y2EyMDE3LW9jc3AyLmUt
+c3ppZ25vLmh1MC8GCCsGAQUFBzABhiNodHRwOi8vcm9vdGNhMjAxNy1vY3NwMy5l
+LXN6aWduby5odTA8BggrBgEFBQcwAoYwaHR0cDovL3Jvb3RjYTIwMTctY2ExLmUt
+c3ppZ25vLmh1L3Jvb3RjYTIwMTcuY3J0MDwGCCsGAQUFBzAChjBodHRwOi8vcm9v
+dGNhMjAxNy1jYTIuZS1zemlnbm8uaHUvcm9vdGNhMjAxNy5jcnQwPAYIKwYBBQUH
+MAKGMGh0dHA6Ly9yb290Y2EyMDE3LWNhMy5lLXN6aWduby5odS9yb290Y2EyMDE3
+LmNydDAKBggqhkjOPQQDAgNJADBGAiEAj8YMiPO+G04YDF/K4z0t6b+lZDH9kgBw
+JF5TWvQZoagCIQCy1mnuRaH3DnZw7SjejdGQKCIRuWB6o0gC8aPza8yhsg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGRDCCBSygAwIBAgINALhu3yfY9pZ8ZHBjCjANBgkqhkiG9w0BAQsFADCBgjEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMScwJQYDVQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkx
+HzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMTgwNzMxMDkwMDAw
+WhcNMjkxMjI5MDkwMDAwWjB6MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
+c3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0
+NDk3MScwJQYDVQQDDB5RdWFsaWZpZWQgZS1Temlnbm8gVExTIENBIDIwMTgwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUqWys07LtoLYGPI2CaftcqV04
+RnOKO/0VvI3xTidTpedvmwhk827c/Gks68y6ncC9chZGmvgN6G9lnD663kovauXC
+Y69+xHfTskdt5xUQDyKKBjIztZNwdWKM9sJZE6UDgrIjHrLJ11FQs1dK9XhrtHIQ
+O+XSOat8DYcXwAgpTqkpTe3RUDVQT7z+PleqJRe8tr6YCYuOiq4ZN2PTpd3LxB/B
+25LZkYfB1aK7aHv/aXbo6mxR6+wr052a608IRnfHfY5lPV0GEDfCHtoY7Nk7nkb7
+d8LKyBcFqAJ18EKjYDJHYhn9lVa/huF1ZwoQomwi+3XeHySmUjzbO1HVW9VPAgMB
+AAGjggK+MIICujAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA7BgNV
+HSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL2NwLmUtc3ppZ25v
+Lmh1L2FjcHMwHQYDVR0OBBYEFH2ETsLUa+rB1yKMaMPpoPTsmIocMB8GA1UdIwQY
+MBaAFMsPxt9CQ8w9y7VII6EaeqYquzRoMIG2BgNVHR8Ega4wgaswN6A1oDOGMWh0
+dHA6Ly9yb290Y2EyMDA5LWNybDEuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmww
+N6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDIuZS1zemlnbm8uaHUvcm9vdGNh
+MjAwOS5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDMuZS1zemlnbm8u
+aHUvcm9vdGNhMjAwOS5jcmwwggFfBggrBgEFBQcBAQSCAVEwggFNMC8GCCsGAQUF
+BzABhiNodHRwOi8vcm9vdGNhMjAwOS1vY3NwMS5lLXN6aWduby5odTAvBggrBgEF
+BQcwAYYjaHR0cDovL3Jvb3RjYTIwMDktb2NzcDIuZS1zemlnbm8uaHUwLwYIKwYB
+BQUHMAGGI2h0dHA6Ly9yb290Y2EyMDA5LW9jc3AzLmUtc3ppZ25vLmh1MDwGCCsG
+AQUFBzAChjBodHRwOi8vcm9vdGNhMjAwOS1jYTEuZS1zemlnbm8uaHUvcm9vdGNh
+MjAwOS5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2EyMDA5LWNhMi5lLXN6
+aWduby5odS9yb290Y2EyMDA5LmNydDA8BggrBgEFBQcwAoYwaHR0cDovL3Jvb3Rj
+YTIwMDktY2EzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3J0MA0GCSqGSIb3DQEB
+CwUAA4IBAQB/UW04hmlTDGlMwETB/pdfSi6eFSvWtDxBd5LsS+5cR17yT9u5Iqxg
+37Ov5SWS2gaJP+JQ2Llgpz3YbYnJYexiFTsWhPEmUQR3YoQfIJ6tYmmMK1EE2bJE
+fWmXMJDps3h4o2IAKsIsV5NjjTYdVtg6tAoxdKUEMJj7y1K4Z/DoMONz/Xd1Lmf1
+clzWuce4vzA+5VxdpWJsupDUfOS0uuvUjoZxrYXMIiSarYzn51XU0kM+kf/+cNu1
+E0NKnqshwv10EWG5IKFRsq0LYWjogihvzFlAmXftt3G12gXFAwndw2Hed8HXBfUj
+8WjjEBCliiD/N9P40C9JEZovvAkkL07h
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGYjCCBEqgAwIBAgINAe5fFX7QOMo4XX885zANBgkqhkiG9w0BAQwFADBMMSAw
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xvYmFs
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xODA4MTUwMDAwMDBaFw0zNDEy
+MTAwMDAwMDBaMGQxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52
+LXNhMTowOAYDVQQDEzFHbG9iYWxTaWduIFBhcnRuZXJzIFRpbWVzdGFtcGluZyBD
+QSAtIFNIQTM4NCAtIEc0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+nRPORkMYMKQxrfuvQUxlS1fpIZmTBTleITuxN1AjGldNqNC4+oYMPlLvyedsdSYE
+rJRW65BBg5hS6nUxbMg2RppbsjVoKgLQBB7glZB6ap9dA/MvQou3QuivzsWSE2ob
+UZ8mMPtJCQIQ21KAf5CpDXJjzmpCndmN3aqF8w6cBdcoCbS2ImZ27L/q3Ute7Qo2
+QN8H+H75tvWTDdduvvfh4EErNh80ne5aCak9iePrweyruIg6pnzztSJondLFG+rg
+7vfqeSwfqU75CBfKJuCCfg06LJupR3YT64ReldjuZsTBWoX0dVI+WRIr/3+j3ILn
+WsBJmh6Z5k+yAvlUMvnTjgJixhnScF0Kr1UlqlAOICq3iww3ftF81WKEeuo9j53G
+kgujK4hfAjB3CvDO5aLnBj9GWrk34xcivHCkggkLF8NWGhVSYg7t4Zs+I8q5l1VU
+Xk24uI5tUi/IzmDOteKxMQ9J4c2xdBgpcf3pR4MtDdIsUNoZlhaziVOwg6u0MlQQ
+dkClKiByV3y5waeR/kk6SpftEfStF1EFziEOyldrcckGMOzVDszOmz8UeECS67Ex
+JLuo018y7cajwBxxlR/PqCBgBjniDgvdjTrWfODmKob7hB4chV/oLM15z8Bsuz/k
+cZUSz9wnRpEoU16cI064Cv7ZaGi5AhcQlh/6leJIJfkCAwEAAaOCASkwggElMA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQjBGRa
+Jiu4UrUuU+/pWqqE2VGNfDAfBgNVHSMEGDAWgBSubAWjkxPioufi1xzWx/B/yGdT
+oDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5nbG9i
+YWxzaWduLmNvbS9yb290cjYwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5n
+bG9iYWxzaWduLmNvbS9yb290LXI2LmNybDBHBgNVHSAEQDA+MDwGBFUdIAAwNDAy
+BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y
+eS8wDQYJKoZIhvcNAQEMBQADggIBAAELAF7YtduG385+UdZ/iGvxOUMzVJg1D6Is
+jJxYC1vV3PBfuiMM/M+HE/vBCnRUZgtl5u6cG4O1tDFsEfG2Mgwrypn+9KTqsEPQ
+Hqq3rBH2I0WCsvzQ3T+fZ1ugrQXpc/pW6IFvJHo+dXYNUGxNCPKUth+1+i0VNB33
+CNTxwAQ/UvsRlAeC78hN3MHFUz4iI/VCNFany+jTvLIZhLRcy3HPLrITqX8rzZHS
+xHUATXNcdHbWZfDBxi5qAD32r/lIYMH1Tmg6YtT7CWqd003guT2stbB0Dx6+ctqD
+eDyeCmihL0B5wzf6Wy/HXPzbd8eGiuHuF9h8XKO8j8eB5Mck9fppE1U/i+XNvDcH
+wfN3RdEhuFKZcfUIQTNvmid+SyJ+Z/YX1PF1EIIgD7/zPe9vlIlzIL0a3nIaR0N0
+ISsZtrRlH2HM0/791zivlORcV1027QLK+LA0aU/FtP7C1J9wcfBr4F9cT8NH8O5B
+RwvCrQl8WhPDMegdlU8WbCn8FnWRvIhBQ9ciUk5MYGAU7QgP+FMBWFacNBn6velK
+7cmQg7ADPU2pVaUQCfPRyiMTUW9LNUkXP9+d95gGZR/7M9oS2Px9vEla/DhrnfOP
+9WKZX/Wi2f8zrwy7sGR9bO0ZLbHV1BM79uIYpM5v7lbTdDiiGIdl+DuZlYXxZRn1
+ZnFC8qPK
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFsjCCA5qgAwIBAgINAe5fFZoAV4HO31tqWTANBgkqhkiG9w0BAQwFADBXMQsw
+CQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEtMCsGA1UEAxMk
+R2xvYmFsU2lnbiBDQSBmb3IgQUFUTCAtIFNIQTM4NCAtIEc0MB4XDTE4MDgxNTAw
+MDAwMFoXDTM0MTIxMDAwMDAwMFowVjELMAkGA1UEBhMCQkUxGTAXBgNVBAoTEEds
+b2JhbFNpZ24gbnYtc2ExLDAqBgNVBAMTI0dsb2JhbFNpZ24gUGFydG5lcnMgVFNB
+IENBIGZvciBBQVRMMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlHr
+iXRbo0LWNFAjiugjNyrlj/8F6/GFAIlmEBEKhNjUZ5vNkaJAExkRQnXRTFHpg8AT
+19qmo0r8OYInLEyZhJ4qw2q18vz9BaPzzzaApnGIWn8jWN5ZoYhoNcOoLv/bRh2p
+d3hRix7xJ8FaQylGThhLEJ7wk8BKCc6uBLm3yz3RnNEE/CRhJxDGS54Kr0jugZJg
+qBVa/URiGEJauVcCI68XQec+XLNijKHlLmsyV0lcqP7BrF6VjQETUZv8/ShFqnKp
+1Vf2qh8TrIKl4R8yIZU+UxhOQ5p+MzVcsQrMuFkt5XIpvYUBg1Jn1awgVB9PKqUR
+lx5mKyIOAU2CS7Vn+wIDAQABo4IBfDCCAXgwDgYDVR0PAQH/BAQDAgGGMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJhLGDath1jpHbl5kJrVYL212cQsMB8G
+A1UdIwQYMBaAFInvdXF6X0cblyPckErL/8AmNgjVMIGIBggrBgEFBQcBAQR8MHow
+NgYIKwYBBQUHMAGGKmh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL2NhL2dzYWF0
+bHNoYTJnNDBABggrBgEFBQcwAoY0aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNv
+bS9jYWNlcnQvZ3NhYXRsc2hhMmc0LmNydDA+BgNVHR8ENzA1MDOgMaAvhi1odHRw
+Oi8vY3JsLmdsb2JhbHNpZ24uY29tL2NhL2dzYWF0bHNoYTJnNC5jcmwwRwYDVR0g
+BEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNp
+Z24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBDAUAA4ICAQAy8aLPppq7r8YC
+3EaY/dtgz5u+PTWHzgSKUwsuMHsR6dHOqlbPTE/7HRzEgCx54r565Wod+YNLZF+U
+EA0/IEuKBZOCpSG55m+AVmDKlwRiBRKMef1SWgH3ab0c07fSGsQCgrMoPbb6aeAR
+MAmknIZZuYD8vhsYSPaoIFxhzqVAf5/xMIgUtJJuUWbaoimVWzZ7ZzromAJZQHll
+WywWwd7jxP9Xn8t0C88xfywZtD3kqIlwkjW0PdVgv/cl/ctBV8yS2ERuWNYonwBH
+fqxmRKEEfzTns9LivbZ3MtKHL+XyQbbT/FZ8yt72cwOdXhWi3ZqLSSv0cgiPabpa
+04cdRY0ZafM2EVFOEQ50jZcadCeVYXBrSUb0ysNM80/IUJubpoHgxDJwGnYw4ELD
+vxyTJ64ggMeM/TFF611/tZlu9IYuR8Y+2hHYIyeuGOqdY51cw2AF6HafPPzxQ2ma
+MtFZ83dONYSgshxUmajg0WgP/wKTgPmbfqOgf0h6A5gvnroBkZNdmn74S+bMN710
++wC7PgzILlPjkdtM8MlmH3kfisrN18crnej4E8cvUyq2T168hrZmsLti2s0+krC8
+YweAUSnFfjjy0jEpydDJkGFZ3lp4+AiCvMYhJcum5HElbWA9GgbNYOxJLZN28qtR
+0hiOIuuXRkrf6btJCBiHJABGxWXLyQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEujCCA6KgAwIBAgIQEB1CIlXh/kGGZmDEgBd2ETANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE4MDgyMjA3
+MDk1MloXDTI3MDUwMjA3MDk1MlowXTELMAkGA1UEBhMCVVkxFDASBgNVBAoMC0Fi
+aXRhYiBTLkEuMRIwEAYDVQQLDAlJRGRpZ2l0YWwxJDAiBgNVBAMMG0FiaXRhYiBT
+U0wgRG9tYWluIFZhbGlkYXRlZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMPvaTRvcO1CAI0wFpjXVwe4nox1aeI0jU6KIzA/nHeqAdYPxB6ta+F0On1y
+taiptSMvPMXXOqC8bfvW1tOvJ5jsQ0xRr95vzCXopMzvxbXsaK309BOM65FEPH92
+f7SxNXItf+/RFy2CJCPPVeYLtf/Vuq0VA4yAWaX0ppjI6iJ7M0Ohfp5jJDASkdgJ
+cQAAwBO5DNQpFsgAum58CFnqjneo4LYKdcRmX5vtqcYFvIjx1DOGjvgGpUqO3s7K
+p93N3jKgKQx/qQbTrcoXpuG5b6+3tHzGQc/CadmJI7i3jPgA7uKzyLT5wR3/A61O
+8umCGY/lqfYDfDaqz58p+PZQXDMCAwEAAaOCAU0wggFJMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFG9AQhsv6QZraCJLC1KBNEodjrN2MB8GA1UdIwQYMBaA
+FFSZ3Zv/6KcOoxmdW75CV98w/I8yMA4GA1UdDwEB/wQEAwIBBjA4BgNVHR8EMTAv
+MC2gK6AphidodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9nc2Nhc2hhMi5jcmww
+bgYIKwYBBQUHAQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1j
+ZXJ0dW0uY29tMDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0u
+cGwvZ3NjYXNoYTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIB
+FhhodHRwOi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEBAIiV
+b6WfzIFb8MHGajFP1cSxSZVqcA9t2pgKxGUgRolu8vfanxOLsSJPKSfM+cIzSLv/
+GS3KDUVxjURP3tUQGpx5WbUIboN08F8VYw/6cmmjxmuZyKihYAv83LwGCS9CDfZ4
+mC4+PnoY8sYrUjxn1vZRSSZRrUO+2s33BGuLiYiXnULWeM3J8OCEOVNjvPy3yJbr
+ARp2lKHshD/T0RqlHAh904RF4+V8wF23igJEGL9rxviOIqQbSaaibmU026Ie9CHK
+fEakGKhu2VaL/ezUTI2eJYtuz+ZtIQY+wqISkGfcJ5mdXSR/9omIK89eo+vqPWqT
+awustbKQ2UaxlYhsG1I=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEwTCCA6mgAwIBAgIRAPDVlBXG3stPiI8oN+YGgQ8wDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xODA4MjIw
+NzEwNTlaFw0yNzA1MDIwNzEwNTlaMGMxCzAJBgNVBAYTAlVZMRQwEgYDVQQKDAtB
+Yml0YWIgUy5BLjESMBAGA1UECwwJSURkaWdpdGFsMSowKAYDVQQDDCFBYml0YWIg
+U1NMIE9yZ2FuaXphdGlvbiBWYWxpZGF0ZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDRHpKZ1x9MN92GPEzBHOreEaFKQ970cb0DwzwZ9BIFvL39UnNp
+CA88BKRI7xUsOso3IiNrikyYvXOdW8VOlYn4nR819ocdmFlDi4fsTUXhPy957jb7
+m5HK+AQI5V0G+VQE3Z1KbuUJD5NCpAsWB9917LIQ5+n296wZrGxvKDaJZftxNgBM
+UYlAWNnc88R/jFNVcKY3y4VJCEzLMx68K9p1fbV4mpCafXvEgzWzQlpW3/xkBicg
+DwoFoL/fkUq89q3kLfJy9IoJJdfD7DtZ+NTe/sOLU64xpyqIkmH/F7zBuGQZ76TQ
+rpCI0EWUOKzAk4RJINBE6xjLhdYS/XKTTiYZAgMBAAGjggFNMIIBSTASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdDgQWBBSGC3U4ncuDuHEGDR9d6I7U6J6QZjAfBgNV
+HSMEGDAWgBRUmd2b/+inDqMZnVu+QlffMPyPMjAOBgNVHQ8BAf8EBAMCAQYwOAYD
+VR0fBDEwLzAtoCugKYYnaHR0cDovL3N1YmNhLmNybC5jZXJ0dW0ucGwvZ3NjYXNo
+YTIuY3JsMG4GCCsGAQUFBwEBBGIwYDAoBggrBgEFBQcwAYYcaHR0cDovL3N1YmNh
+Lm9jc3AtY2VydHVtLmNvbTA0BggrBgEFBQcwAoYoaHR0cDovL3JlcG9zaXRvcnku
+Y2VydHVtLnBsL2dzY2FzaGEyLmNlcjA5BgNVHSAEMjAwMC4GBFUdIAAwJjAkBggr
+BgEFBQcCARYYaHR0cDovL3d3dy5jZXJ0dW0ucGwvQ1BTMA0GCSqGSIb3DQEBCwUA
+A4IBAQAiBThwLiKG2RvYPpph0ftYNFf7SaoVQJKWTmYGP7NkGpevtWQS9QkYKPtd
+HAm9cPzKA/Las/WrwXin3zXzUUGuPttSSxCI4D9sRTX2RHAUSRBLrFXV/BCjtjlS
+ehODXP2CXJsQtQ6SNvDaz4w8iSnrKhJyLgCIW/Q/u6dfkktQxEq+FJ4fWRC+Z8DY
+1llk6g6FWBMuLVclLnUzQ0BplhJKUBLA7pd86VsJZStGWcRtW9iaMwsn4QnnLZ0B
+h2wLKEzze5KwoLPuY2tm0SHWubPO11HJhoMJ6k+QgJG1XObTBLofuJC1/NpHy72z
+xrAnpFWbSDnEYkhrXDMGxTSDdkAv
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvTCCA6WgAwIBAgIQY+mzeg/qciMUhLZ+7Uup4zANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE4MDgyMjA3
+MTIyNVoXDTI3MDUwMjA3MTIyNVowYDELMAkGA1UEBhMCVVkxFDASBgNVBAoMC0Fi
+aXRhYiBTLkEuMRIwEAYDVQQLDAlJRGRpZ2l0YWwxJzAlBgNVBAMMHkFiaXRhYiBT
+U0wgRXh0ZW5kZWQgVmFsaWRhdGlvbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAJ7LhlpxF66KMydnGdMzf+5JKuPwBiVzliKPg0zb0DUz/gokUVuLsbV7
+wMqXn24X0k/ChTbTM0R4R0Qlsnbb8amWu3M/USA7bK1sng8i7BBkQbp1lrbWoF+e
+rNCdCsD2Kfo7eD+kLlrHrL6lHG2CtM5tpJOMH6UNS/Qp2R4XfV1v/OIDlErWEE4t
+eS3rPsNyK/AfCCwBRmL2paLfuauN3l/XFrJ1rRJEejAochTxG+mX0C8NemuJtBrx
+mCRUFu96A1hUgt3YUWVVJjN9Qh8jAZjWNVwqMgKjcZxKaGwC7FW/Kn/Jph9VESU/
+RSiR/6zZPWuPEENIqrcCSk39yG9rJiMCAwEAAaOCAU0wggFJMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0OBBYEFIQcE3cNNuj3bDovlgysxnc9Rqr1MB8GA1UdIwQY
+MBaAFFSZ3Zv/6KcOoxmdW75CV98w/I8yMA4GA1UdDwEB/wQEAwIBBjA4BgNVHR8E
+MTAvMC2gK6AphidodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9nc2Nhc2hhMi5j
+cmwwbgYIKwYBBQUHAQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2Nz
+cC1jZXJ0dW0uY29tMDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9yeS5jZXJ0
+dW0ucGwvZ3NjYXNoYTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUF
+BwIBFhhodHRwOi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEB
+ADOPoWjWG45dMNUmyTBKo1418MvWWrD8saQlvsm8a157bmM7QRr6sjMzj28Y8aZK
+QhV2m1Hb/izXHACMX0DrnQv1eOFwvqkIcQvzC61JnUnGCsaFTnhnXA3YbYjsxOFV
+msfYPU5m+LybFZ7GPjnImwttUXiH9uPU8b8rij/6/6Sc1wM5636pPBTmBlmsZejD
+dIqlq0TL71elOpYbMHqPGDKvQe+o8KzFnY6Z1psv+2fkbiQJxYycSomlkIgyW9Zh
+SLBMeGtHlijSgsRS2/96GrZFVcN+e4bLGvzF50Mqp1Xy6i5xT1GnQgrWKiJQFFqB
+4G6Ru3+xjtUSTyxlj5ZfIWE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4TCCA8mgAwIBAgIRANjwLnAC4vU/pTnqJTomTTowDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xODA4MjIw
+NzE0NDlaFw0yNzA1MDIwNzE0NDlaMIGCMQswCQYDVQQGEwJDTjE2MDQGA1UECgwt
+U3V6aG91IFFpZHVvIEluZm9ybWF0aW9uIFRlY2hub2xvZ3kgQ28uLCBMdGQuMR0w
+GwYDVQQLDBREb21haW4gVmFsaWRhdGVkIFNTTDEcMBoGA1UEAwwTUUlEVU9DQSAy
+MDE4IERWIFNTTDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBdxP6T
+UFfTpcvNj4oFAq4dF9rd/oduB+9HCmCyc9VjhtcGyWFddp9E7IwYmz+UzEWPk6lX
+EnWr5QHuDN9lSv9N6esgbCJaNrw9hWaUEi55KEvYN3yon+2wl0g4LP/69oJnM+5B
+sYHhGN51W2OjDKLKxVPug2uORlKvWARLNCm7nil4P5A283yeC/6jkmMUqu860wSI
+5LU0YfOl7/ttI1/3VJNDVo/3gWkbKIC+ans/5TuKlcxxDEVA1kdAWGLSBaOKX/Zx
+COmCApL2HqnyZW6a4AfhF7FD8RL35dp7ZHNut4CqsO3Henz+U8lImrSGFRHXtuXH
+GusZQAUUrPkyix8CAwEAAaOCAU0wggFJMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
+VR0OBBYEFCCjCDKu14YS+PPGPxPHaW3QiHHdMB8GA1UdIwQYMBaAFFSZ3Zv/6KcO
+oxmdW75CV98w/I8yMA4GA1UdDwEB/wQEAwIBBjA4BgNVHR8EMTAvMC2gK6Aphido
+dHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9nc2Nhc2hhMi5jcmwwbgYIKwYBBQUH
+AQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0dW0uY29t
+MDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwvZ3NjYXNo
+YTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRwOi8v
+d3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEBAB24//HgOg1NOxFU
+VoxnGgoV6Hglt0uCqBhlbV0XdF55UhhGnM08MJrosBTVovtBizvf98EoM2O5hMf5
+tdAa+w2GwPgpTSEU1frpW0IMxjQH7MDzpxOzO8LbCI73rS6duUKXASLE6iraHLe5
+TFP9Yj+mohgmfNnR5lj0U2yxXXL828J9+yft3Z5GkxIjkgg78dYnZ5BHeu139Iew
+g8y2P74f8fNIZ7X+CdnZ4idzyewTHAwmZaAeSE3dAaqCk1GFmMrXjzzFxREMwCH/
+r1dguJCNZZyyQyvGBWGBAue10zqu48hbaG2j9YesAO4NfYTKtu4bp/Qto0zD2HKw
+//ey/1g=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqTCCA5GgAwIBAgIJIrmxUe1MoejaMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTgwODIy
+MDcxNTIxWhcNMjgwODIyMDcxNTIxWjBpMQswCQYDVQQGEwJKUDElMCMGA1UEChMc
+U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEzMDEGA1UEAxMqRUlOUy9QS0kg
+UHVibGljIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFY0MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAtwiU6mdmwMgBSjTPa4DqspEnnSWMk7Z6Iel7vX9Y
+Y4X6xMhO8WvK4EJ7dM3Gm06sbVCpfk9qVub7Wgl/oD/ABEDdbV3ehJTYYjiSImgx
+yQh4f53cYf2sHgGrf/Gj7O6G6Hndj97KmXVXtzBkJ+WH/wvDx+yy6WVtdINzKUM+
+QEzJywzS1XCG28s80MnUvLlVDdfFpkH338zCG0A481gUHbKXZ6sRZHdUGz6YbEPv
+xbdpClwF3QXSdh3Yrn4v8MmgJtT+mWsYugbynnIn3Ohc74AS3WZ39R/LPdnqHKJM
+T1n6EEz7ZOMa+SOHhPprAasDDkOrKjtd2dHQ2WSZI2BufwIDAQABo4IBXjCCAVow
+HQYDVR0OBBYEFApC5rY0uS27/uC5lO0WaoIdPAwsMB8GA1UdIwQYMBaAFAqFqXdl
+BZh8QIH4D5csOPEK7DzPMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQD
+AgEGMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1
+c3QubmV0L1NDLVJvb3QyL1NDUm9vdDJDUkwuY3JsMFIGA1UdIARLMEkwRwYKKoMI
+jJsbZIcFBDA5MDcGCCsGAQUFBwIBFitodHRwczovL3JlcG9zaXRvcnkuc2Vjb210
+cnVzdC5uZXQvU0MtUm9vdDIvMEAGCCsGAQUFBwEBBDQwMjAwBggrBgEFBQcwAYYk
+aHR0cDovL3Njcm9vdGNhMi5vY3NwLnNlY29tdHJ1c3QubmV0MBMGA1UdJQQMMAoG
+CCsGAQUFBwMBMA0GCSqGSIb3DQEBCwUAA4IBAQAEjMcjf1u191u4rO5rr/3KHLob
+OsHpfVzO0ALIqV/sX+KsS4/8ZyUqq0pVmTpnj5Pqcz4ffYD52o0WrPx5+THrilH8
+TTeAitQx0uykr3QoUNmvXlz1ofCO3RckarY2MshWp5uzvR5oeIR7SPlHwRS+DDwt
+EmU1ldSQDPU+Ov0oxDeImiBV2yhnYIPLe1cipYV7aQsPiGaK5W0JoZ9+Xoi9aT3N
+YCCESN6KimTchBrJoX2O1QxXVonHXbYIbJEt+Yae5glvdjxAKH9lsgqNkvDwKy2S
+82PfEtv/CSR4a84Nou2SmhrNcdQ/1H2893tObrj9LDPSy1lVvcC1v2gatdmZ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkDCCA3igAwIBAgIJIrmxUmQ7WLARMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTgwODIy
+MDcyMzU4WhcNMjgwODIyMDcyMzU4WjBQMQswCQYDVQQGEwJKUDElMCMGA1UEChMc
+U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEaMBgGA1UEAxMRQ3Jvc3NUcnVz
+dCBPViBDQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLj3JGKsEc
+IyXJOjS5vsxijuumvhBvV8OVI11PWkfIbE1RStIT3IF1ZGJvuvyzgjPe2wJoPYy+
+NlBAjdOnGDNl3pSJDrmIn1H/TqF/Zl3bYBt52/uDgHyCFqHzuZ+gJeRZHuJu8+R3
+LcFjy/daPVf/BJgJN8F1di3EcP9+BVpqY9t+HfblLtpRUotjrSrJ3CaYreoGeRuB
+zYSWMS0MO/L7k6X0whOGOpkp8VuoGpZEB9tmAMoBEP8q7fcJUj5hsqw3IqT6NBmB
+JMp63lvJlc7h5NS6Fpc7eNHh7Z46RUOYmptb482Z3uknsM8wI2EMM6hyXzzBMvyv
++/xJ7l+UQ26pAgMBAAGjggFeMIIBWjAdBgNVHQ4EFgQUJLe0QdQyT8QZ/15iZDte
+aSdhF9wwHwYDVR0jBBgwFoAUCoWpd2UFmHxAgfgPlyw48QrsPM8wEgYDVR0TAQH/
+BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwSQYDVR0fBEIwQDA+oDygOoY4aHR0
+cDovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9vdDIvU0NSb290MkNS
+TC5jcmwwUgYDVR0gBEswSTBHBgoqgwiMmxtkhwUEMDkwNwYIKwYBBQUHAgEWK2h0
+dHBzOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290Mi8wQAYIKwYB
+BQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vc2Nyb290Y2EyLm9jc3Auc2Vj
+b210cnVzdC5uZXQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQAD
+ggEBAE7HMS+njC2n8MTA3yWz/UE45GSVE6s9Wbdcse9Ksp64bCUYISTcryUgK4nI
+8UXwHKAU1QtvTI57/f83L4KkkkM0ag2PKJDiM/v9BwYwaRf1AnLLMUcwUpdnszk9
+lMfXSRZEeOg4/ZDOjLESbACa5fpdbQ/D6XOVwyCcY5w+3sBw0ajzjom8jLJglluI
+eqxkHgkeWuLAYKV71xKwQ401XnmJrEutby46DgD6Q1nXtsdSyjmUq2wpCe63bACl
+iA3HpoHm36ClGklNM5Ydw245VUtu0jRnfQGsTukx2claA9I6uRT+uvm0trjyGWMm
+FLyxMOGHsLklZeTTCwSXiygKujQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkDCCA3igAwIBAgIJIrmxUyPlrv3NMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTgwODIy
+MDczMjI0WhcNMjgwODIyMDczMjI0WjBQMQswCQYDVQQGEwJKUDElMCMGA1UEChMc
+U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEaMBgGA1UEAxMRQ3Jvc3NUcnVz
+dCBEViBDQTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnTNi5Kgrt
+FL8qBuEmpL2gvLFY7f9MEgjzClvic/45ebM+DxZ2CMuqtMtImgf8XPIpLaFFbozx
+3VgqH41cmGHbpAoDRKpwfF1f53peHYhRxpOVgcnsiVCPZJPBPCUM9St+cuEjfo0d
+YGbr3aG5urdT2zeKIFyxKbggdkU0LVRHwvLFsIpXCn/YK/8Rmx87yW9VB80OXkzf
+IQoZop83+aebq1VwzjNCN3u4bWSFLYDyJGqE40WlZ53NZh+TwBsa6gld9YXPGQfx
+k8x38zkFXberlMQOYhX9KyuTOMdlFkbx6LfIUqVKJavpcr54+XPzVyeroNPpKxtZ
+mEqUYiFjAqUVAgMBAAGjggFeMIIBWjAdBgNVHQ4EFgQUT4twz6lAHJbllF13rNZv
+TS2b8ncwHwYDVR0jBBgwFoAUCoWpd2UFmHxAgfgPlyw48QrsPM8wEgYDVR0TAQH/
+BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwSQYDVR0fBEIwQDA+oDygOoY4aHR0
+cDovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9vdDIvU0NSb290MkNS
+TC5jcmwwUgYDVR0gBEswSTBHBgoqgwiMmxtkhwUEMDkwNwYIKwYBBQUHAgEWK2h0
+dHBzOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290Mi8wQAYIKwYB
+BQUHAQEENDAyMDAGCCsGAQUFBzABhiRodHRwOi8vc2Nyb290Y2EyLm9jc3Auc2Vj
+b210cnVzdC5uZXQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQAD
+ggEBABEDSrrhhR+Js5q45yih2Ne4cMLZmrH0AZwU3eM+7HZplzi1EhppgvcYk/2k
+LM9haQGWnAZ5wiixLqKu7WlWrHgblZbXyCxALmMBK1rqeP0omxXExqKVqWNHU8KZ
+t3jahH1wDYSzfetM7guWR+PAPpb9oQCtAx8DVyI/3Ocswvti/uWb517Bdo6Nd0+9
+mf0LiphNKcSzSFX0s1Cb47cJROYHGBe2J6NUSWR7wE0asPtKsznGyNO+NJCUR+0h
+OLN2cA2KJwPhZjYJt8UkucAF/EE7qC0Fc8B9Q/gttQ52en5BZxdkDrHCi4qnsSvi
+gueQme/RzYkEaQlNT1WCZ9AIgVE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpzCCA4+gAwIBAgIJIrmxVPM8Xl4AMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTgwODIy
+MDc0MTAyWhcNMjgwODIyMDc0MTAyWjBnMQswCQYDVQQGEwJKUDElMCMGA1UEChMc
+U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjExMC8GA1UEAxMoRnVqaVNTTCBQ
+dWJsaWMgVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMdXCsp4TeyYoKJfu/CkiULI5mWRf1hdjOXjHVcTuaZf
+RijjVh72ipGt5PfZOIz6oLmMnijHinoM6KtCSa35yAQ8uRoqlx9qmLAM/5UIdJl4
+ScGbGL21Rete0sJvBI55NgDalpPzcuVwA8DU6VDmxrlshiF2EHEWkPa9n5BeOelU
+LKo1T4d0EjcpPCiNHYJeTcy4Lxbkr5jgPWsWoRSx+SuPZt3gchneEdENke3LciD4
+jk9lJAkn1S8lWSOK2GLDui2ml53bGZEuOIJ7iQvmByEx0gIUiIrywgI7OXWu1MJA
+oLViTvRL0PCzwkpnbnmPKKybzBM10Vp7aqU3Ev4iL/ECAwEAAaOCAV4wggFaMB0G
+A1UdDgQWBBS869kR4FFkb//wdE8NWqtKTy14JzAfBgNVHSMEGDAWgBQKhal3ZQWY
+fECB+A+XLDjxCuw8zzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIB
+BjBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0
+Lm5ldC9TQy1Sb290Mi9TQ1Jvb3QyQ1JMLmNybDBSBgNVHSAESzBJMEcGCiqDCIyb
+G2SHBQQwOTA3BggrBgEFBQcCARYraHR0cHM6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1
+c3QubmV0L1NDLVJvb3QyLzBABggrBgEFBQcBAQQ0MDIwMAYIKwYBBQUHMAGGJGh0
+dHA6Ly9zY3Jvb3RjYTIub2NzcC5zZWNvbXRydXN0Lm5ldDATBgNVHSUEDDAKBggr
+BgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAQEAMDv5Rwc6XDgWZQdSdApBquE78dVP
+oysu8zN9XodyC+//9yMXx+SBTWxsTJNgnKT9FrwZQZRo5CTWsYF8WicsGjAyf8Fy
+GSaRzc2rKjfICygyOPMTLLUHec+lLgkPr9gv68Qbsyth1WjVrDrj77jGIaE362wb
+Df9g8bO5omU3ZmkxmcADzarwL8M3Z0XynpNakwKGFr7UVT6fxBN3dyhuBO8Lai6D
+g3tiJAlFIpfXXD4cArZo6ZlXJ26B4H7vk5GmyR6poDy/CRvC7VIz3xp6o2348W1j
+32S9pEuZhtxtMvPjnsHIWPNdz8pHv21x7bYwDnocwN2uk3QrrljxTQ9evg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjDCCBHSgAwIBAgIPAWWE40o42elj6+7SF0eEMA0GCSqGSIb3DQEBCwUAMDcx
+FDASBgNVBAoMC1RlbGlhU29uZXJhMR8wHQYDVQQDDBZUZWxpYVNvbmVyYSBSb290
+IENBIHYxMB4XDTE4MDgyOTA4NTE0MFoXDTMyMTAxODEyMDA1MFowUTELMAkGA1UE
+BhMCRkkxGjAYBgNVBAoMEVRlbGlhIEZpbmxhbmQgT3lqMSYwJAYDVQQDDB1UZWxp
+YSBEb21haW4gVmFsaWRhdGlvbiBDQSB2MjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBALvfr7q8p3BUGG99Z8QPKK3BeRtR3bvEvTd2NpJMKB5iDbhWTiyQ
+PqakD/UksKICujpvG1A4rCDX3q4wBxPD29OOaZSEufzsQMI9M3lcjTsIOinX+N05
+8/M6pPdocCGBz+/6pGHw9VWk381hFKNfdqcTJj0138udZwt1coxrVBZ2MJe1tnJR
+vak8aPUANEJBmzDXXeJEGuAyDrecnh2uZqn+yM7yKJnzkxj/AmnyMMPnnbTBfdjZ
+gfy04yLsBxZdQNf/t7+sni+FRPKgpgcdRG7Vz4W3LHEnbwvDSGuwi9XD5BIA1nLE
+B0x9fEhmJnCtVsN00FEYpr/2YZaEpBPnJLEKYFLASke0qV8kLT4y8c6YQZ90U6GG
+g0VS6X3TN/qpiai/VNnzIugT1hnHC+4GyeqPJhjpEbjOOPY9j7FjOI/P3JLi9Xvn
+9HveZKf3Cx6R17mR8HXdFT7he6yJbiunOq60YXcf8aVyKIejWGysMuvyUg9mF0Rk
+ma9vuOg/q9eFWBseeGV490HP0l//Q7+O530BjAmQm4JzI39i0Kas3oWiei1JoVa1
+NCrpWEGypXjeWmkVvTSS2hRSiCc09imY4xH8KJm77RfLte8yvYVnkTbAWDB2s1da
+z2wgh+D8t0ZVzgU0m7L4o6+mktuA1jM6GcUFqP1i7+7OQUCYJZGJ9AZTAgMBAAGj
+ggF5MIIBdTAfBgNVHSMEGDAWgBTwj1k4ALP1j5qWDNXr+nuqF+gTEjAdBgNVHQ4E
+FgQU7T10nCxTu3GTe0sR9riR4oL5ktswDgYDVR0PAQH/BAQDAgEGMD8GA1UdIAQ4
+MDYwNAYGZ4EMAQIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vY3BzLnRydXN0LnRl
+bGlhLmNvbS8wEgYDVR0TAQH/BAgwBgEB/wIBADBHBgNVHR8EQDA+MDygOqA4hjZo
+dHRwOi8vaHR0cGNybC50cnVzdC50ZWxpYS5jb20vdGVsaWFzb25lcmFyb290Y2F2
+MS5jcmwwgYQGCCsGAQUFBwEBBHgwdjAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au
+dHJ1c3QudGVsaWEuY29tMEsGCCsGAQUFBzAChj9odHRwOi8vcmVwb3NpdG9yeS50
+cnVzdC50ZWxpYXNvbmVyYS5jb20vdGVsaWFzb25lcmFyb290Y2F2MS5jZXIwDQYJ
+KoZIhvcNAQELBQADggIBAEX7NaPbTTbHchQrIU7orj0t9IzTHCNwQW7TtYSwyLVA
+fI98pVfB3JBjnskfLvDzVYY5gWfaFqX8PjR4Dt80pHQmOpX+VvcC8ZNkcEvN/TDt
+NXaMAtyHoGq2JLMakXf6NarTHD6Gvb0e9rP1pT5Wa4IsdMwmLct12fk2MVach/xT
+/mRoB2375f1dzSiwm7iEIPY6ebqr1LhdEj7sywJXCJ/a+hideRgdgQo+OMiG8PAU
+hfkDdigpJUXY1yDtTuI8jF2+gYSIxEj6Lh+9R3sfAHj5a5FL1afvBKEnVU2aaDIE
+PxIhnLYHfmS/n1CzeWPzvLbmkZJ9afyL0dWgxsAOSRQzgVqrHwYgYWPmEiFa5mRO
+BalPxdzC0O+Gfz0dyFu4pgYPe8QXxZTIAvL2hFvda2FAT4lqMRNJRwXH5BbuET20
+xPMHHeaAxJW//xiJEdwFAb/vSTYP3tudXpOp69X0f7A+wM83eUM+30mjXEkjWXnD
+ULcx0AjCwN8LwYkclLwFEFhhUkDeAd/UmjmzwQj9AneM4Dz8t8I/RbK4k5FnJG9a
+BGTdIQ8Yr7xpPsdYCEbH89C4Zh49NPCEqGG/snLQLWrjCq6oLEDbTNzRriMyqdrt
+v80G4TJoIXmTE4viSpUeTL2tqQ/5SXkoMCXUMXAZHi2jrGQKDmespX6H9VqFm+3K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDazCCAvGgAwIBAgIRAPFz8qqTtlllRGvVydIjmTYwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDkw
+NjAwMDAwMFoXDTI4MDkwNTIzNTk1OVowTDELMAkGA1UEBhMCTFYxDTALBgNVBAcT
+BFJpZ2ExETAPBgNVBAoTCEdvR2V0U1NMMRswGQYDVQQDExJHb0dldFNTTCBFQ0Mg
+T1YgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQoZ0E6ymikCMsUKaEP0slW
+tSi0dcOyKHXxkPCL7tIbbgttSxtZNYoA37jechi1HAWmEgkpSUu5g6uIJkkDdTpz
+o4IBdTCCAXEwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0O
+BBYEFPtauVO1mWA3ImgLSrJjByl6TIB7MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV
+HSAEGzAZMA0GCysGAQQBsjEBAgJAMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZI
+zj0EAwMDaAAwZQIxAPwptS9tfb0Rc7E80SetAP1fpYHCLw7F9Qm4eJ9S/5lkfV3y
+0W7mPkM+EeWUDxzDOQIwDyffARsOZHcy+u4QxMFD+j94kXJTirpNv1gZsTASiUT6
+2Bx91D6r91i1F1Ss5YjN
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0TCCA7mgAwIBAgIRAKQ8p33uR6RZrThpO0jdIAwwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MDkwNjAwMDAwMFoXDTI4MDkwNTIzNTk1OVowUDELMAkGA1UEBhMCTFYxDTALBgNV
+BAcTBFJpZ2ExETAPBgNVBAoTCEdvR2V0U1NMMR8wHQYDVQQDExZHb0dldFNTTCBS
+U0EgQ2xpZW50IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG8P
+tYc9Dg46Uo2UsmG00Wjdu1QINaepaG8MmhV1d5L95DqcKN2V+bfl+is+SMB3L0KD
+OvHKezuJHJl+H9zvRaM4F2i2QbCzz+LN1D0dqErCD/Ho+CZ6udO4zykVa2eBnF1O
+V2Y+5hjZG2zqUWgSUHZk9FwoKDuIb9CNehwiINLqDf8fEVulGGAtIAwm+HqecKl3
+1/JcdMPq3lVBZysP/K3vgZjNi0hc2ihV+2jHlsUrLKeD6d9jUJe5C/5KS+MIaKfq
+R+v0UvU9xcyrTPbdRlwUhSswqO/i/kL9UwLFaIDOBASR2FLOA8VMvbloJ/LepEnz
+D2tpZOga+QkHyJUuAwIDAQABo4IBazCCAWcwHwYDVR0jBBgwFoAUU3m/WqorSs9U
+gOHYm8Cd8rIDZsswHQYDVR0OBBYEFFkRFJxha0/M3Dkl28kWcd+hcdsiMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMCBggrBgEFBQcDBDAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgJAMFAGA1UdHwRJ
+MEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FD
+ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYB
+BQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRU
+cnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNv
+bTANBgkqhkiG9w0BAQwFAAOCAgEADDAa9SA7cRB6VcF156D+I8/YYaVCQAvWe6ni
+s78jGssFvQ9ib2XCp2yyXen55Ja3OvSlh+ALmcUGu2FO6WnW3mlPaIHQqrKJacSZ
+Y5uqGkgeci2RA1BL2WsdrlMNyoE3CgMEwcsypvQQKVjOs/F1+3vv0XbtExJT03ts
+g4RUqLfvhwwZJ0ohB4bDtcpOsVb/96Ipax9MdttpNvosu1Zn4uw+e6NRvhXTizHu
+QMFTxL1CQWPLb8rgemw1aqzG7LFRKlqdvW8Guo+Q7wy9EN9qlUyTYKxJkpksoRLX
+MP1bJu99vzbu08dXQBbuCDMjm883pqULpSLFIgy8Cd52mpoUKj1UqyrfT5wgd3+k
+lyR+sTdYQ4dOCzfA3zaz49SllfjubJMQZ0uG41dIJ7U+zIVm/cHTm5M/Wx0wUJQt
+y/yjpw67lI6x2l+pFWA499tRS2Rx2kqd2+PJ5FW/9waDJ3IeMUb67AH3d1w0L4WG
+Kh1mxit34TDeRB+5POf36J7UtkXv3zmLLXfIONAiw9WJj8wYyE7prlv5txDNupsA
+sqVKq2ZOahYf2P929kr2is2m14l/54gXzfm+LS7YXwv6imXF/B0GW8+CTPDnT8VO
+4ouP4SSz9WdowDJEpfc2/OPzBIw2jbJgr+3fATbHDhxBZi4L18Z/FGmWLDjns429
+iPLWJ0Y=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF1zCCA7+gAwIBAgIRAJOLsI5imHtPdfmMtqUEXJYwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MDkwNjAwMDAwMFoXDTI4MDkwNTIzNTk1OVowTDELMAkGA1UEBhMCTFYxDTALBgNV
+BAcTBFJpZ2ExETAPBgNVBAoTCEdvR2V0U1NMMRswGQYDVQQDExJHb0dldFNTTCBS
+U0EgRFYgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfwF4hD6E1
+kLglXs1n2fH5vMQukCGyyD4LqLsc3pSzeh8we7njU4TB85BH5YXqcfwiH1Sf78aB
+hk1FgXoAZ3EQrF49We8mnTtTPFRnMwEHLJRpY9I/+peKeAZNL0MJG5zM+9gmcSpI
+OTI6p7MPela72g0pBQjwcExYLqFFVsnroEPTRRlmfTBTRi9r7rYcXwIct2VUCRmj
+jR1GX13op370YjYwgGv/TeYqUWkNiEjWNskFDEfxSc0YfoBwwKdPNfp6t/5+RsFn
+lgQKstmFLQbbENsdUEpzWEvZUpDC4qPvRrxEKcF0uLoZhEnxhskwXSTC64BNtc+l
+VEk7/g/be8svAgMBAAGjggF1MIIBcTAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dib
+wJ3ysgNmyzAdBgNVHQ4EFgQU+ftQxItnu2dk/oMhpqnOP1WEk5kwDgYDVR0PAQH/
+BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAkAwCAYGZ4EMAQIBMFAG
+A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1
+c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgw
+PwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS
+U0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
+dXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAXXRDKHiA5DOhNKsztwayc8qtlK4q
+Vt2XNdlzXn4RyZIsC9+SBi0Xd4vGDhFx6XX4N/fnxlUjdzNN/BYY1gS1xK66Uy3p
+rw9qI8X12J4er9lNNhrsvOcjB8CT8FyvFu94j3Bs427uxcSukhYbERBAIN7MpWKl
+VWxT3q8GIqiEYVKa/tfWAvnOMDDSKgRwMUtggr/IE77hekQm20p7e1BuJODf1Q7c
+FPt7T74m3chg+qu0xheLI6HsUFuOxc7R5SQlkFvaVY5tmswfWpY+rwhyJW+FWNbT
+uNXkxR4v5KOQPWrY100/QN68/j17paKuSXNcsr56snuB/Dx+MACLBdsF35HxPadx
+78vkfQ37WcVmKZtHrHJQ/QUyjxdG8fezMsh0f+puUln/O+NlsFtipve8qYa9h/K5
+yD0oZN93ChWve78XrV4vCpjO75Nk5B8O9CWQqGTHbhkgvjyb9v/B+sYJqB22/NLl
+R4RPvbmqDJGeEI+4u6NJ5YiLIVVsX+dyfFP8zUbSsj6J34RyCYKBbQ4L+r7k8Srs
+LY51WUFP292wkFDPSDmV7XsUNTDOZoQcBh2Fycf7xFfxeA+6ERx2d8MpPPND7yS2
+1dkf+SY5SdpSbAKtYmbqb9q8cZUDEImNWJFUVHBLDOrnYhGwJudE3OBXRTxNhMDm
+IXnjEeWrFvAZQhk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDazCCAvCgAwIBAgIQcmppRZS5Qa5X164QDHTuOzAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgwOTA2
+MDAwMDAwWhcNMjgwOTA1MjM1OTU5WjBMMQswCQYDVQQGEwJMVjENMAsGA1UEBxME
+UmlnYTERMA8GA1UEChMIR29HZXRTU0wxGzAZBgNVBAMTEkdvR2V0U1NMIEVDQyBE
+ViBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABHdWp+7zKP8h6sI6zFfJ3ZXU
+4Vp7xbi6x8ehUEMIqWpYHr+7aOVqA0N6usZL1FaOJpAcOC2vUSfEqsPx7b3BTlCj
+ggF1MIIBcTAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4E
+FgQUTQpD/NcHYzUaKXchSG6iOPpiOOMwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1Ud
+IAQbMBkwDQYLKwYBBAGyMQECAkAwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGG
+P2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0
+aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0
+dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNy
+dDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjO
+PQQDAwNpADBmAjEA3rJX98bpCOopk+BfYDhTOxT9DIo3wYlrTEF1WfVQKvn8Byu+
+A+p02M7FjOxkJIVTAjEAs8jJKKwYQn1IogusMfbyAr82RigZR4yFLUKCQB2i/NmW
+5AjZovG+21WMmnCvcLCi
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGKzCCBBOgAwIBAgIRAKVuHozHz5MnF4qZxEffvXUwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MDkwNjAwMDAwMFoXDTI4MDkwNTIzNTk1OVowgYcxCzAJBgNVBAYTAkxWMQ0wCwYD
+VQQHEwRSaWdhMREwDwYDVQQKEwhHb0dldFNTTDE5MDcGA1UECxMwQ29udHJvbGxl
+ZCBieSBDT01PRE8gQ0EgZXhjbHVzaXZlbHkgZm9yIEdvR2V0U1NMMRswGQYDVQQD
+ExJHb0dldFNTTCBSU0EgRVYgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDLjrZgHYrWJlRBo1IhlTDlkP5BiVses7WQsH15KmhxUQumCpBx5wjT4mYJ
+UI793Yz3Jya/vy3LU4TWH8hQiiuz1ycBp+o6ks1d448xiltYXAZNQ4ahXurG66mK
+qgOjhaVhMKa8pU7Ns0UZU1kuUmQq1oyoUTAALOaWLgXfM4w4z+HpPcamHxC/7WBz
+CSf1W6d3FVilaxHfXBzCpgP9v31v1hOqMhkEP7qW+M4x/uKpwwpp3GhjePy3O1Lw
+pnPiMXbxuH5Qwz1F5yBlxHmPRCEq2x6mjwBajGBswpUgsjmf/x5bd105xDhVd3Dr
+T0+tCmhzXS4hsilBHPje3LAptf1vAgMBAAGjggGNMIIBiTAfBgNVHSMEGDAWgBRT
+eb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUzwc6XeGU5VUSI2PffRZBPOd6
+ap0wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMDoGA1UdIAQzMDEwLwYEVR0gADAnMCUGCCsG
+AQUFBwIBFhlodHRwczovL2Nwcy51c2VydHJ1c3QuY29tMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZp
+Y2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKG
+M2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENB
+LmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkq
+hkiG9w0BAQwFAAOCAgEAa3TW0iAyOQ+zb1bSpiOdDFv6+wdrHJed8UyCJUlNMP3h
+UetEM0WpnVSii9krwWwgAN9vddJRcZ2HTHijVoThIi+di68IPMRitwNl0iUbCZnC
+Af9AuJPlbhRT1yMHCHSWDCvoaetmuiBs0RZBGj9eIRMAD3RpFJN+tCp+fNNe1Gyz
+96GlJh4ZZYOJW38qLOv+/qxXax9RZ1aJASTON4EDuvB24QFTpuxrDlAnutXUtkn7
+QhD3fk5WZJKl/7FGnzbBsF0xhfwFrTLsNjI/AC879rqyciRxzztkyPEoXHtOUOKr
+Q3rlXsfHJwDZgBp8QiC5v3BoCSYDaHL8bnPLgZAf6ubNUjPhLv972v7nXkiXJ3Db
+r2jM3e36eOStV6RZGWC2lb8ujC15GvfgL18VwtoIp3IFMLIYomUMpQUU0+W9K/RV
++M7hdzoy/s9GOtNmrZnuBTtj8UMeYnI2FD3QDPB/mKBGpeXLk/K1Tb+PidoYR4yj
+y61vJ0nSRbzquiDZ1/bmlXQmVcQp4vpcKipyAcyOh312Qs8fMgwHXZT9zHTLRwJf
+yeJ+YsUXCb07um9X//pPJZYDMXBw7IKudAzrIOmlukxnYYn29Z3T4hiNQhWUQuKd
+gZtmbMMGTqn1IGUk/5hmkABb703KTpR9Nx/kDpvWPN8OQAeZbrZ6+HCOFnI88kw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDwDCCA0WgAwIBAgIRAIseFn/UY7OGr4IqVwzWsh0wCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MDkw
+NjAwMDAwMFoXDTI4MDkwNTIzNTk1OVowgYcxCzAJBgNVBAYTAkxWMQ0wCwYDVQQH
+EwRSaWdhMREwDwYDVQQKEwhHb0dldFNTTDE5MDcGA1UECxMwQ29udHJvbGxlZCBi
+eSBDT01PRE8gQ0EgZXhjbHVzaXZlbHkgZm9yIEdvR2V0U1NMMRswGQYDVQQDExJH
+b0dldFNTTCBFQ0MgRVYgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARny4ro
+N/2YypIH2TrNN562UPfcX4nmTXy2GCmUwecM2JrR4fxHmuXC351TrnCIPr9t6nrI
+djXWj3GFsSSwodc2o4IBjTCCAYkwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzg
+NcZjY5owHQYDVR0OBBYEFO50mYDkBTKo2xVdE7B3OIz9cqUHMA4GA1UdDwEB/wQE
+AwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjA6BgNVHSAEMzAxMC8GBFUdIAAwJzAlBggrBgEFBQcCARYZaHR0cHM6
+Ly9jcHMudXNlcnRydXN0LmNvbTBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3Js
+LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0
+eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVz
+ZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUH
+MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaQAwZgIx
+ANWiKZ2TjeTFIlr+nAeb9Sq9lkCUU3yfPwbpnp2L28oKWf83Uz0MI3xBV4LoO+fq
+vAIxAP9tDaUS1cueIaL11e+u2qFZGrFrW4zD7w8+63+hgzBQzAGYbctu2Aj/SXFH
+eiqO5g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF1jCCA76gAwIBAgIQcafv2JIF1zoexDKAxF21ijANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgw
+OTA2MDAwMDAwWhcNMjgwOTA1MjM1OTU5WjBMMQswCQYDVQQGEwJMVjENMAsGA1UE
+BxMEUmlnYTERMA8GA1UEChMIR29HZXRTU0wxGzAZBgNVBAMTEkdvR2V0U1NMIFJT
+QSBPViBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqRXfMokJtx
+bIC/GqpsPEFDd0QyBAzPPq/UyG2ZIZfiPSrMu/Fe7RYtdzFtVqPjUX/FG/lsx9Sy
+LOPamas2oX1elfwBsMnCFx5GqAkKIlFdbEb2lHx+wOgiZYgBygDjVw/CKP96vBtW
+eqfehKx4thmVQhTQXBrULTrZ61hLhBDel9gf85ND+1vmnVoBGHOyF90NDYack8Dl
+r80vjmZv6N8anddTc1v0whzuVOdsscs5NysgrCDdlMSNQvQ+ZyrfkKZji67d/A2L
+pc9UvF/1c19YW3WMMWsU42n/1azDMS3EmRImYYOgk/njal/UpcC5z4zCmutPMYMy
+p0V8HjyNRUUCAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvA
+nfKyA2bLMB0GA1UdDgQWBBQs5Po8O9mx8eIE1x8721u0/GkY5TAOBgNVHQ8BAf8E
+BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICQDAIBgZngQwBAgIwUAYD
+VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
+BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT
+QUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAXSyvITDnap0oOEk6ZtKuVvUbixS7l
+ajeDX1XixGBgTD2T1LIhCrOd6JfQfbBnpMr1nZE1kFiA5GID8qVGYRh1bEbrEKjJ
+SwaKfT3g6RFFoppp7K5fX+uJHBPGFlq1UkugRo7dGTYFwukJ9a2PcCn9CmhMQMhB
+uJiD78yTFGiBBw26rfCEqR+6pxgfQINiOQaPBfDhbDTsmPoseXHenJsppbH0g7ci
+GpXhBElxpv59doUV0+HeeOkI0d2cJMFmowUZXJP32iCZ1WJlfV/cNRRyf6cbHPKX
+mITI/DaNP+8ORyj7fJQvG/xlHFMlhz2M+DLBvbf/ClUjpORISSbhjjyPNYabHNyk
+40a0FhflgzEgRXXWbYSRRT2bV16H5ZOglt5mF3ptFVkpC2s7ay5H/Sgbfw4580V1
+DGe5CbdOhad8RjUPPgHZuDG55LHMEKk0vueePZbbm6zFhELtWX/FipsyUsMKtlYC
+hwmOhZxK7og2Rq3XKqtFWNphKoOvToBPJm30kSWnlkMU2UEy7xJHsqZWtFp0VHul
+kw2l7EpO7GNiM5eT6lytfEWda2fhdKJfuJfDvBcg1DnVfPi0wy3on8paRgp02mNO
+sftG8y3NT6VFE6AHFnBlL7Q/y5YH9+fJNnYj2MDBRmO+CQVFRzHjD2nR+9nuicwE
+VXf2yyOIoOuhWA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGQTCCBSmgAwIBAgINAL2sPTWYT0LlVg4iCjANBgkqhkiG9w0BAQsFADCBgjEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMScwJQYDVQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkx
+HzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMTgwOTA2MDkwMDAw
+WhcNMjkxMjI5MDkwMDAwWjB3MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
+c3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0
+NDk3MSQwIgYDVQQDDBtDbGFzczMgS0VUIGUtU3ppZ25vIENBIDIwMTgwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf5RYfEdhtBU6Mi79PDqO+WHWh8UpG
+nCh0V2L+LJXzZsRuxHPpAocEn7x+36oreSm5eeerKVIn3TKUBTW0B/GcpL70ysat
+QSle7+nZdsT39Ify2Hyet9NxeWXTp7UU/mrxjQGl5ty5/XL4CQ5XHBc3yvXi49lI
+QyNc9Yu525/uyjcUb3ClNNwU5z7+kjqIMFuyczz8ivMyGz0XOyaAl9yCIj72uepN
+RsPmhB7SYrSMErUc1y4RIfyqNvuQJ8N2RpxWDT8Jiau+SUatnHpDGcjlSBQX2De2
+jhqdAuJYgh8kM24pmLVQeThrobnekzPJAevShBB/C+oTd2sUQmCQjsszAgMBAAGj
+ggK+MIICujAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA7BgNVHSAE
+NDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL2NwLmUtc3ppZ25vLmh1
+L2FjcHMwHQYDVR0OBBYEFJZK+MZgjhbAnXOsIIWAGZ3XwBhtMB8GA1UdIwQYMBaA
+FMsPxt9CQ8w9y7VII6EaeqYquzRoMIG2BgNVHR8Ega4wgaswN6A1oDOGMWh0dHA6
+Ly9yb290Y2EyMDA5LWNybDEuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmwwN6A1
+oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDIuZS1zemlnbm8uaHUvcm9vdGNhMjAw
+OS5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDMuZS1zemlnbm8uaHUv
+cm9vdGNhMjAwOS5jcmwwggFfBggrBgEFBQcBAQSCAVEwggFNMC8GCCsGAQUFBzAB
+hiNodHRwOi8vcm9vdGNhMjAwOS1vY3NwMS5lLXN6aWduby5odTAvBggrBgEFBQcw
+AYYjaHR0cDovL3Jvb3RjYTIwMDktb2NzcDIuZS1zemlnbm8uaHUwLwYIKwYBBQUH
+MAGGI2h0dHA6Ly9yb290Y2EyMDA5LW9jc3AzLmUtc3ppZ25vLmh1MDwGCCsGAQUF
+BzAChjBodHRwOi8vcm9vdGNhMjAwOS1jYTEuZS1zemlnbm8uaHUvcm9vdGNhMjAw
+OS5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2EyMDA5LWNhMi5lLXN6aWdu
+by5odS9yb290Y2EyMDA5LmNydDA8BggrBgEFBQcwAoYwaHR0cDovL3Jvb3RjYTIw
+MDktY2EzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3J0MA0GCSqGSIb3DQEBCwUA
+A4IBAQAX8821EX6razm9TJske3qrTI4IWvRGAfQcq8TAd+Ew9Hj+feoWdaDPP+Lz
+Hd/9SJIUHuz+vpwnnVHcqFLsAIHHaLk6JO2xyS1qiFiDhk0QmX4kd/U6ccEftXWG
+rfYwO6FudOEnuaMc9+qiXqsStQUiIdqo+GdrTN6ydwzZn7mRS/0i5oX3wSqyGhRx
+DxpnjCWDjHreFJtOzQxpCga4I9WAsQ29LUo4goDSXsrC2ZgSHSxT/3nDXXLuZbAB
+I69bFQw9Tkpt+OhJVNRG6GPrRVuFSlAczXCxUcIRkqJ1zPKuQgpH9z5OrUzuoFiG
+AGWprNbrzcLASC1DvNMEa9vQIxD4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGRDCCBSygAwIBAgINALw9mlbUQaK7WYdiCjANBgkqhkiG9w0BAQsFADCBgjEL
+MAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRYwFAYDVQQKDA1NaWNyb3Nl
+YyBMdGQuMScwJQYDVQQDDB5NaWNyb3NlYyBlLVN6aWdubyBSb290IENBIDIwMDkx
+HzAdBgkqhkiG9w0BCQEWEGluZm9AZS1zemlnbm8uaHUwHhcNMTgwOTA2MDkwMDAw
+WhcNMjkxMjI5MDkwMDAwWjB6MQswCQYDVQQGEwJIVTERMA8GA1UEBwwIQnVkYXBl
+c3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xFzAVBgNVBGEMDlZBVEhVLTIzNTg0
+NDk3MScwJQYDVQQDDB5RdWFsaWZpZWQgS0VUIGUtU3ppZ25vIENBIDIwMTgwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsUi6HKiAGkFC2BAL+zB/EG/eV
+ynCr2PQVxlFotCZtIMXUbFhyHPzvPrrPdsBRkxx2F4RLJP38bKvUigQ5IHQfKwOR
+JfswAkJSak337+nl1jpo8wweVaoW8QK8y5zHULnxh/AyfFaa6iJGlsuzdKpD3THD
+d8l4zkJ94jzy5LnN/vib+aVYAJlRUBIGu/GtUfPF3fKC2hErGqL12kqeyNTP1krB
+SB+NFbYc4N14B2gyjvaHlwJJCpEyE5tWJ84dgzbP15s4qjkIFollOx6eJLtGuONk
+WKBlDCm6qF4SU0g9X6GlTH9RLQRz/cTVfEysl+fW2MPYtGbSOM1ufI/HnEnzAgMB
+AAGjggK+MIICujAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjA7BgNV
+HSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL2NwLmUtc3ppZ25v
+Lmh1L2FjcHMwHQYDVR0OBBYEFFVGDPnTmaPUbAbL/XjeR+d7Ph6VMB8GA1UdIwQY
+MBaAFMsPxt9CQ8w9y7VII6EaeqYquzRoMIG2BgNVHR8Ega4wgaswN6A1oDOGMWh0
+dHA6Ly9yb290Y2EyMDA5LWNybDEuZS1zemlnbm8uaHUvcm9vdGNhMjAwOS5jcmww
+N6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDIuZS1zemlnbm8uaHUvcm9vdGNh
+MjAwOS5jcmwwN6A1oDOGMWh0dHA6Ly9yb290Y2EyMDA5LWNybDMuZS1zemlnbm8u
+aHUvcm9vdGNhMjAwOS5jcmwwggFfBggrBgEFBQcBAQSCAVEwggFNMC8GCCsGAQUF
+BzABhiNodHRwOi8vcm9vdGNhMjAwOS1vY3NwMS5lLXN6aWduby5odTAvBggrBgEF
+BQcwAYYjaHR0cDovL3Jvb3RjYTIwMDktb2NzcDIuZS1zemlnbm8uaHUwLwYIKwYB
+BQUHMAGGI2h0dHA6Ly9yb290Y2EyMDA5LW9jc3AzLmUtc3ppZ25vLmh1MDwGCCsG
+AQUFBzAChjBodHRwOi8vcm9vdGNhMjAwOS1jYTEuZS1zemlnbm8uaHUvcm9vdGNh
+MjAwOS5jcnQwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yb290Y2EyMDA5LWNhMi5lLXN6
+aWduby5odS9yb290Y2EyMDA5LmNydDA8BggrBgEFBQcwAoYwaHR0cDovL3Jvb3Rj
+YTIwMDktY2EzLmUtc3ppZ25vLmh1L3Jvb3RjYTIwMDkuY3J0MA0GCSqGSIb3DQEB
+CwUAA4IBAQCsMKXj8a1+9g+Asjhq0ydrm8FojCmIpqV6lK8zOIOxp1TVel/Tz7qq
+EWq/GeQw1BTR1Pj2x03E6GclUvA4LcNHRd5RUnUQpgMUke47laGmJQD9UYj5KOXi
+cIBijhFgMr3EjL6KMhxbw8y7hNXGIwwMkHIhwtOV8aZqvAtIWTLYZewlDV3G+0Xt
+xlf7xB7REWHSRbPmNuJ35jtNnmroRejNkBjk2vzg4qK7nrcvX1Hq/eC/YdomxQMw
+V+hvP7lx0ax4dOHT7NhDJShZlz6EIRcvHoIKk9IyYcI4CJWFGbPVinQzeI7eEH9C
+VpvGgK/EUShve9Cqk2nE3hvpBZ2Fml6O
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIETjCCAzagAwIBAgINAe5fFp3/lzUrZGXWajANBgkqhkiG9w0BAQsFADBXMQsw
+CQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UECxMH
+Um9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTE4MDkxOTAw
+MDAwMFoXDTI4MDEyODEyMDAwMFowTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBSb290
+IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNp
+Z24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMJXaQeQZ4Ihb1wIO2
+hMoonv0FdhHFrYhy/EYCQ8eyip0EXyTLLkvhYIJG4VKrDIFHcGzdZNHr9SyjD4I9
+DCuul9e2FIYQebs7E4B3jAjhSdJqYi8fXvqWaN+JJ5U4nwbXPsnLJlkNc96wyOkm
+DoMVxu9bi9IEYMpJpij2aTv2y8gokeWdimFXN6x0FNx04Druci8unPvQu7/1PQDh
+BjPogiuuU6Y6FnOM3UEOIDrAtKeh6bJPkC4yYOlXy7kEkmho5TgmYHWyn3f/kRTv
+riBJ/K1AFUjRAjFhGV64l++td7dkmnq/X8ET75ti+w1s4FRpFqkD2m7pg5NxdsZp
+hYIXAgMBAAGjggEiMIIBHjAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQUj/BLf6guRSSuTVD6Y5qL3uLdG7wwHwYDVR0jBBgwFoAUYHtm
+GkUNl8qJUC99BM00qP/8/UswPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFo
+dHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjEwMwYDVR0fBCwwKjAooCag
+JIYiaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LmNybDBHBgNVHSAEQDA+
+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5j
+b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBACNw6c/ivvVZrpRCb8RD
+M6rNPzq5ZBfyYgZLSPFAiAYXof6r0V88xjPy847dHx0+zBpgmYILrMf8fpqHKqV9
+D6ZX7qw7aoXW3r1AY/itpsiIsBL89kHfDwmXHjjqU5++BfQ+6tOfUBJ2vgmLwgtI
+fR4uUfaNU9OrH0Abio7tfftPeVZwXwzTjhuzp3ANNyuXlava4BJrHEDOxcd+7cJi
+WOx37XMiwor1hkOIreoTbv3Y/kIvuX1erRjvlJDKPSerJpSZdcfL03v3ykzTr1Eh
+kluEfSufFT90y1HonoMOFm8b50bOI7355KKL0jlrqnkckSziYSQtjipIcJDEHsXo
+4HA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuDCCA6CgAwIBAgIJIrmxV1B1SHAJMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTgxMDA0
+MDUyODA5WhcNMjgxMDA0MDUyODA5WjCBjDELMAkGA1UEBhMCSlAxJTAjBgNVBAoT
+HFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNFQ09NIFBh
+c3Nwb3J0IGZvciBNZW1iZXIgMi4wIFBVQjEqMCgGA1UEAxMhU0VDT00gUGFzc3Bv
+cnQgZm9yIE1lbWJlciBQVUIgQ0E0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAx7lxTQux3E4gt1XVR/Woo8lPgGhYd7BkIxWxZvkDZXlfwW5q3GzQX+VP
+ra9TsIPJPzPZ6KnUbzvtvz95wu85GQD5MNlckDOINhea9bbAkvp8Wfy0RKe86TkM
+fn1BSa/bS1YG6KXGYX7YGKmJkhdnDgNAWEBBdlH09m9K7bizfxwIzIZu6UBqGFnb
+Z/WNRcS7cQVqnpGAdDnA+2AYPoXrLlvgVR+5TrwW67cOTdfYbVX4B1JaLEp9GwoL
++0+YgaQVXmBT/QAPTaIKx9eVY3eAghweNOouUrIIj6ZVuBlhlDXDVasg3s3jYKu0
+RJ7AabTrjCO7Oti/lPRSnWG2AfRT6wIDAQABo4IBSTCCAUUwHQYDVR0OBBYEFEiM
+ZXbSHqv1/zgktsQ22QqfoLyuMB8GA1UdIwQYMBaAFAqFqXdlBZh8QIH4D5csOPEK
+7DzPMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMEkGA1UdHwRC
+MEAwPqA8oDqGOGh0dHA6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJv
+b3QyL1NDUm9vdDJDUkwuY3JsMFIGA1UdIARLMEkwRwYKKoMIjJsbZIcFBDA5MDcG
+CCsGAQUFBwIBFitodHRwczovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0Mt
+Um9vdDIvMEAGCCsGAQUFBwEBBDQwMjAwBggrBgEFBQcwAYYkaHR0cDovL3Njcm9v
+dGNhMi5vY3NwLnNlY29tdHJ1c3QubmV0MA0GCSqGSIb3DQEBCwUAA4IBAQDKRUJp
+b99cV+ciYAurlQGywutTks67EBsA+LyGDL8I0EhaXG26+oBTgjS5OnldA8BIdkJ3
+krQmEQRDcOUD0Fn6ItFZdHC/lKDBRy32jwaAfieb+t7M+B2jnZP8pMWvamCGqjS8
+V7kz08jJwJUmEnuz3AAIiFgShV5Nk3qw+f7rGhGpxnz5cjxRHh20ftFxkhRVbDox
+jZTI+8RIXuif/Z1CzvyNq89R1N4f9mkW48IekCDbsyOjOU8GsC4FNKRc4BNH3HD5
+Aef9x4+JJfMA+WLwQ+Lpzy77K+lpXv4XuuznqJwLIFCCdm28lK6hi1lFwY7T/vmU
+SN1IEB+nlCfBLp43
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEoTCCA4mgAwIBAgIQQAEz8BQAAAAAAAAMz6481zANBgkqhkiG9w0BAQUFADBf
+MQswCQYDVQQGEwJUVzESMBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290
+IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
+HhcNMTgxMDEyMDMwMzU3WhcNMjgxMDEyMTU1OTU5WjBXMQswCQYDVQQGEwJUVzEX
+MBUGA1UEChMOVEFJV0FOLUNBIEluYy4xEDAOBgNVBAsTB1VzZXIgQ0ExHTAbBgNV
+BAMTFFRXQ0EgSW5mb1NlYyBVc2VyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAoTC7HNPpQs9j0mmLXC9ZWoXCSP5IbAcufJi8VhjVKDQqK0IZRMxe
+rISJ8JKT02epWCkj7Z6xYYlOr8tCtVpkmKLe+hqcQt0xqd4TdA5TRwA6Tn+ERlc9
+QFaCFX1bkym7CKzyiKXksoaQQHTUv3CwZ8tSD9NWZnw+38T6qnAV/tzxLwr1/Z3C
+1WKf3ZsYQYtz3ZpQMwgSDtEJ/Da62ddblavsw+8amTxSkOBwUBSIFoCsGmJcF4Da
+RARG22yqFlrALQ9T0IIECe9dSM9//adZTjQZ58Uf6LVHjgPc1uaHttAZ0qULzZ+a
+lq5jaQVmCk/y4b8Iff0nlDt1WCsiUJnQUwIDAQABo4IBXzCCAVswHwYDVR0jBBgw
+FoAUajhbJo3ei1ryT3pUgxkY4wg1prowHQYDVR0OBBYEFEZvFob0oFsRQb6TauwG
+UM6KVUZZMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
+BQUHAwQwgZEGA1UdIASBiTCBhjCBgwYLKwYBBAGCvyUBARcwdDAkBggrBgEFBQcC
+ARYYaHR0cHM6Ly93d3cudHdjYS5jb20udHcvMEwGCCsGAQUFBwICMEAaPlRoaXMg
+Y2VydGlmaWNhdGUgaXMgZm9yIHRoZSBzb2xlIHVzZSBvZiBUV0NBIGFuZCBpdHMg
+Y3VzdG9tZXJzMEIGA1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9Sb290Q0EudHdjYS5j
+b20udHcvVFdDQVJDQS9yZXZva2VfMjA0OC5jcmwwEgYDVR0TAQH/BAgwBgEB/wIB
+ADANBgkqhkiG9w0BAQUFAAOCAQEAJZ5cNW3mp1Q56L6VYc3lq8eVtaHqVd66I9rL
+/MMs467YMp8oD+rpced+HUQG0rHTag5UlskJH4QugI9+VgbToero4lwXwCZND+8Q
+ol/JDWiIHH43jKT2z3z8GM6z7ohIOZQ01wIcC766uV0ss9ICJKygq4qjxS2q+wSf
+up0au2GzCuJcYE1zh7rgDin6gGR5+eyu/IrkcHOA8jPsKJfLF6rIQgDRR6G9hem7
+RM7lkoIbwVcfITR6q4zM0GGVxQZlX1E5Z4uqJyrtsiJYyayOP2mWdUSqAE/FLcmr
+bqm82vldx50F/AAqrklUoBALhTch7v9aIAnOtP9U5WAPXphIxA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2jCCA8KgAwIBAgIQQAEz8BQAAAAAAAAMxwJBrzANBgkqhkiG9w0BAQsFADBR
+MQswCQYDVQQGEwJUVzESMBAGA1UEChMJVEFJV0FOLUNBMRAwDgYDVQQLEwdSb290
+IENBMRwwGgYDVQQDExNUV0NBIEdsb2JhbCBSb290IENBMB4XDTE4MTAxMjA4NDUy
+N1oXDTI4MTAxMjE1NTk1OVowVzELMAkGA1UEBhMCVFcxFzAVBgNVBAoTDlRBSVdB
+Ti1DQSBJbmMuMRAwDgYDVQQLEwdVc2VyIENBMR0wGwYDVQQDExRUV0NBIEluZm9T
+ZWMgVXNlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIbK36k6
+o+kGn/2Eq7F1f83dajinMMOC71bJxZemN5j6m4+B2jnx8bp4jrEi3COoPCYfz5qV
+Ye5tYRPrGT5EZM3M1YZyiXkV9vMS4Qgf+fEwbUcyoUeuFcXaM39aiF1lz+sjZI78
+9/sPpZGmVOV4lEBUGeYdTlgSFR8SsGs9ilBuzT/NMZIX7oqu9er49+RgWsU9pijW
+VSTutrVrsvj/6jCvsPDVTiJuHrY9z1kN1gEjERjALeIx5q29euDh3Iay0KV+2BBS
++wzbXYDND4YJEaQww6aYd4fA2VvZnPsLkN1Uo3113xHMM+yk432a5Wm0p4Jk9LMb
+cWTRo9nJa9HD+hcCAwEAAaOCAaYwggGiMB8GA1UdIwQYMBaAFEjbzd6O6UlyWojo
+sdg9B7O5a2ZQMB0GA1UdDgQWBBQafOXnah9hjkuqtvz79pCF7oQJ/jAOBgNVHQ8B
+Af8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMIHRBgNVHSAE
+gckwgcYwgcMGCysGAQQBgr8lAQEXMIGzMCQGCCsGAQUFBwIBFhhodHRwczovL3d3
+dy50d2NhLmNvbS50dy8wgYoGCCsGAQUFBwICMH4efABUAGgAaQBzACAAYwBlAHIA
+dABpAGYAaQBjAGEAdABlACAAaQBzACAAZgBvAHIAIAB0AGgAZQAgAHMAbwBsAGUA
+IAB1AHMAZQAgAG8AZgAgAFQAVwBDAEEAIABhAG4AZAAgAGkAdABzACAAYwB1AHMA
+dABvAG0AZQByAHMwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL1Jvb3RDQS50d2Nh
+LmNvbS50dy9UV0NBUkNBL2dsb2JhbF9yZXZva2VfNDA5Ni5jcmwwEgYDVR0TAQH/
+BAgwBgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAgEACjEGw0ouKFFxoQrsKBEdofjE
+VK+gTlIbGJ64SVOoUd78nliwVjq4CQ2sF9YcHTe4dNkSyxtfTXBx+Mz4Jo0Gz3lU
+tVc3aLZJTQXdl9kQgexnSvkij2/q4Qj12ztBAfxcZuzinK7ciVKUX9YTjf5CQ8oK
+LgXDhzGM88TZ3uroekYVVlHFbfe7Fb3hC1en7Bz9+DAtKUtn+ggDOQpxjJ9A7UtN
+88jLRlBQGkuHMc2gRB/d3royE/lTC2DR8BFkElSRWN1QaQqoC+0uMGpoBi4iSfrf
+2V91pcCus6P+g9XL96tBpYRC750lOvVrSM67QbLN8NeeYrrMVp+6Tpx3slvIYqg/
+IUBGtjKsZ2LofIuCIPSDVukDFjWD/ADMACZbvJT3PHjMdGLl3g+R5+D1yEd+4Z+Y
+Xx/UWJQkMGP3fqogcvXeCK11/i7Eordx+70OoRm35OXqir+eD+axh1q6tdFW2rMA
+4l9ucplQhBnUASdd5QY7+8XgdLSpLd2gETufG1Gs0Pi8trra5h0rEs07utgGJVlI
+T5ktsal5UnmHMWl/dxHKrKwWs0VAgXodk1zHUdDIO6CZnnDYYeVMBWdlilI+e1m9
+UacPYkJ0cRdPggporXDLhqR4IyxqA4ctiiVYUnEG8iIv6qLejLdiFPWjd24TKJPq
+i7xmF+pwri1jiK+Giuk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkjCCBHqgAwIBAgIRANYl7igApQggZMPzvraNfoIwDQYJKoZIhvcNAQELBQAw
+KDELMAkGA1UEBhMCQkUxGTAXBgNVBAMTEEJlbGdpdW0gUm9vdCBDQTQwHhcNMTgx
+MDIzMTAwMDAwWhcNMzAwNjIzMTAwMDAwWjBmMQswCQYDVQQGEwJCRTERMA8GA1UE
+BxMIQnJ1c3NlbHMxHDAaBgNVBAoTE0NlcnRpcG9zdCBOLlYuL1MuQS4xFTATBgNV
+BAMTDEZvcmVpZ25lciBDQTEPMA0GA1UEBRMGMjAxOTA1MIICIjANBgkqhkiG9w0B
+AQEFAAOCAg8AMIICCgKCAgEA2fPBp+iJQOYudXVNrC62hpj3X+1V9yJdXLPeJi4k
+IlPGiEUP4IHqxm4mCskF3IO0fCne3/19QczP3QJTF0LJXDF42YnKgi+4Y9vfhGwX
+PZBCH6Gg0xYwyXBp1bxgvzQKzelNHc7p27vQc3RIqbu++T/JKAeZijjpCegs4Ifj
+sTCBgvm3lRmRciN7to+bio5UhmbsXDx1k4W1x17zuFsZJtcUR2Ve/nar+hbkHMQl
+uATpRUsrxQR7EbWCBtFHt+oeARKoKnizZZTmnd8eRXi21PuHjBMehr8hWsOPVxjj
+T29PL4nFEyZ8QGl2/4GO1R0LyU/s2xK3PnbInlFDY414ga8RlT1BOC7iqDp5dapH
+Ox9+KP0ZgwoUVOGIl4EGKQpuYUq/BH9U6SeNLhI14iYQCEC0dfu8Dq0WfcFu0dbe
+6cxxUv8EGBXLSJCp9n2Zo1g0YbE7Ez88LVK/e/0HvjQhPa0c8d3WfksT7ab5dSvM
+wi7T2ihUkcKemdE6situIJd6csEtleeZ0SJbJpFaGFD5rAiwy8LrXUtn+izAFIhP
+qAnlOaDUQbz0BPRaMz4MfqawRUZU5uYHiYfKt6jtDptykZUb42Ci4DEp93AzlgOX
+CyoZFakFyfRtlPdz4fqGSBUFS9aFkw30QhAF2OxMrpLWHP/dzEyqEyfjojtpSkCc
+ktcCAwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/
+AgEAMHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVp
+ZC5iZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8v
+b2NzcC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD
+2XrZW+dJMEMGA1UdIAQ8MDowOAYGYDgMAQEHMC4wLAYIKwYBBQUHAgEWIGh0dHA6
+Ly9yZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0
+dHA6Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSe
+OtUBLLA61M9RpktzXtOdwjuKbjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwQwDQYJKoZIhvcNAQELBQADggIBABFmAdzLv7s5UMZsdebVbXazXJn1mzNwEhqR
+QwgV03S0+XXGztchUP2uILl4/WvPx2LAcPBgL20PS2u1B2KGVoHxYKJ61MlItjsM
+MmIhQUKApE7QPlkrWjlJi5RIIXe7XcP7bYTLPeezHNql4bC0ke6D+kS2nJachxe4
+f2c+BFGcXF3KuEeK3n4wHVBk68w6q12044ijFVIKjvhQOudRK37YbIl0sKQmD4FJ
+EcTQ9lRHlDDsM5NbMzzL+WER0qQiEiUSs1nLgdQcx6ZO+yH8OB6xLnV6hkkjy8Vf
+/yjlK0EeV67yx75aPFaIuPnWifUGggILyOyy/KQsAtshmCx1Rx27u1R/Ta0E/PKK
+EKDb1EpYb7Or7yuvrQJEfhzryAX15M3W327k8iJzqcVX8dTDpkUM9QAhcjaCOUpV
+xTE61CVHDUHsTrZALX8dx8+hpCnk509ZnFdIHfdhwQiRWCc/1WliXSDv26gOLtEu
+Jeq+AavpFhjlcOnLFMXjgALGHyJa53T56DdrfmjdFSXdLcjBMi0KWlfos2qI5Cpy
+R3xwxdTPu8sUuqfKo8HpylDJilDaval7fSp3N0D0iYXhF7Ls1dJUDd9UBwL27hhN
+9mW9Wv8cVcmfvkF39sVUrL5VM4xcNztc/R3MIuu9/eLQbPf6KJCIXlMVW7LKMviX
+G7E+c5Gw
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQGJPKaZFqxMMdswzp8It6ZDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTA5MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA3fC2VOtrF/FcFfmqq19XgtT2LInX98vEKuDpmUg4iMOX
+NxEi9fnIu4KV4LQRZ/Mh9tzq+xJCb0bDDwHP01/UJZc6DqfpMy/FiClHLFH0fMkJ
+fbJI9GpzZQIdQutBWyWxw+DlXG/oTPkDUQdja4QyU5Q7oyKw6/VnVSRGXH5Qv0cJ
+WLbx4AD4NRdzDLGHJJhxb1Zgs8DTFFl9PqS5oMVgR0ACc8SWk4jVtxerMrL7UXc3
+TP4qm+uZX30GQbQKKwlGNPYUO98C8OLwsbzWVK/cMav/omyQpolVLhdzDj6dE6Xf
+zDzVaiFtm5HaN7aupqsrv7NoGooPzNS+Us/3Sj28VVdCd9HXhwUjzt9Tu+37SLVq
+SKoWIP2qNYyCnMx008zS04Ru/Vve1Mt2Pd1JDTMvuBaM/NQsoXe/1AS0jxOH7O6w
+e6OICYM+tdyNEZl67pgrdKU5OLD1uFk0xDB2usYAA4L1jZwURcCLKOniB5cLErZc
+OiG2m4uw16ohn+5E+zVqNSBA5b0PnTfmfr+217QookQ/iAM/cIcBKii/0tbQdfBh
+7uemr0EHEEOGVDAnFqMLZeC28tY632UHudrtTAymD6yrIasI75eJiSJNdK0MuQ4b
+CLj9eXXodaV64TiDZYCCki9QWJJWj5e1lH4V339PSBaUQ6JqszZqTPLfQYJ7O8EC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQ0hQbY
+dh/8qohNB4LZjf36lQPFajAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAIcOIyfvE7dC0TQdckVseT1PG40uHRY4baq28m+8
+xKwiLp9MIJrRATA8SupF6oYJHiz/jHFK84NJWo9SKxo5bx80S4LVP8oVouoduaZL
+s2YKk3XuVu5I39WMLOO90RBaLTuyT2wd9korL/ShxJwaTleG0KDbL18j9RmR9dya
+EzcRgKJQ5x0r7R+/6eQ8iOj8rjBmowtIHNrIhRzvbtFaAGfkswq6FkesopDaO9JM
+v5frH65+WOjDt2Algg1amjvzeX6ApU7HOdmct81z/Ypdpq1IxpnnkRO6BqaTQ4tb
+kdM/DCi1yloakAGrGYSHdTDB2yms4oZETq9NPps162lwE80jWAi5CodgGHw0XIIS
+RYdp8qI5Qhw3+toXpZU0X3MCcLuyMCASU/iX13KiHUYPxOPNxFPV7cRceNJTfWc+
+e4/ZnEYjqie2TAOB6rq/fLCOn2uKkl3a6BAijS98dYYgS9wxNL4qp12q0mI/4yb7
+HkIDwkbCLEy0rNEuNLwgHfKVGIfIbTOtnQkUXYJyztJb1Aqus9uJ+rfr+WIEzLMl
+NJezwUzCI3q8zpt25HjlU/2rYarF/TaKRj9UE8tr6ArixkDJQzrB7pizJRzqAueU
+4lRyBL2ps+5NKeA+3LxFxsYkIvA2Ajl6NyFGN6pRN/xtgZ99kwhmXAPGedrRmkLT
+M+OJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQKhF3ZYyIMoPt1IWsUPW4ETANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTE1MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEApYemoCjdecP/qB3fgpglAsghpIJqOaMcRI6hpVgrLM+j
+SQvsoAPBy637byFDNTmA4AmnTOIVcIfW4QujfAUrhppOsWI8CowVLTxUR8803e/A
+NoL5cAbahnB5AYdzOtE3cFbLLT+DEIdsxqkjiXhkR6MQLqxKMPTaw4KiNQvs/lvI
+RvydfZAreH+1awfzWMz9MJEufAJ2QeUz7KZRcE2P16upJXOAQnaP8+/xBaOdSH3B
+3Z72+4gm0cNbjBZiH9Rsdsy0USIeEkNb0PQdvVy1z+TEE1YrgbxmOdPa+638bveG
+z8IKlj6iyhkdAIM/RTQgd9ZtGU0ig562FMu1VsXkZy9JGiLfraWE68g9xgtRlxxE
+7xaD0VwRri9RzEgbBLiiiVphk2jqsA4eI/xLTUKqTa2jdT+6zrjoh9DcsWNlU0Ms
+UfIM6rW0ivV/djYVmUoPiKZArfEw3bTJSs6scF4gACSkY1PcFBSZJqcHKDOeXiOR
+AWuU0YhifI1R4X8yfJ+ZbBM6fCDKoyb8jhiGzxnjf5QBkwZ22k0yJWRYz40DQJig
+Dd7hQ6M4TOunusJUP4l0hjicIISiYN8aubIzmeWoN3hlvz3W6/DS7NfpZF+zWfOw
+OL+6MVc0MILOx3KlzcjTqUv00cmDc+C3E1wbS1fMGYleOY1ElywqLU6qMujDtekC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTA7B/H
+YDQlHqWcAuNv9pQnatWT4jAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBACvDsQVrBE4lE1XoUNRgfo7I+362LiQMCVhq/pDD
+CbnPjqgXlIL24ZziPQ7y7qmAhhsFTMluJWRFVy+GreyuUMPhFJA++iAA8D5PMFD5
+QEsrfFIGR9ShtGdbQQcwBxK4E6Rhr7kCktcSAoe+p6VcinSiigAv0VrVHULjYOpv
+UdXIxdMHHt0HiT47dCwMRUym0sRzu6uP4e2HuVjq1GtttpJzhOtMDwdHZyRrxusA
+Lnlkog2g9F4fEjn5dG839HM/QrUBIqDdH8gh75IPlleHrQuiAG2fu+DLVu5JHoeW
+eh+ZQjQuWuRSNIPScILTMkSkoV8dsWYoLE2QHjpTTJ9k9eoaqACFq9ecedbnBuqj
+dUbfO2G8Hgf0BLDJqobeiveKjS8NlHG90VCOxsLTKnP5MHOxogkaNlNaK2WvIRIc
+FkCfa3+2VCfJOFCfEM+vGepOqKLj0rRYOm4G7u4iVagN7jZi8hwPMWwLrBUrNIsL
+7AkDYmpsi6ah4cl/TeDupwLm+RqN5C+E1Y/7+UW+JxpIgVK1Ih6jaORJOpRX6FNj
+l6LRLUkXZw236fbGTQESK8McQN1righET8YUYZopb7aD+Ec8egICjTRsjNqz77qW
+/7zWRjjt/x1zghvgNBOmXZTLlfQ+bIJNTXw/76JQW05/KBkJ7fX/5BI33MDUgeLP
+hwgE
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQD8te2hkL4ndXDrzFdHnbpTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTEyMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAlSc1S3/zP2YANMeaAYssxvV0Om3C0VenXc6XNQPBul/h
+BDzuxgjGkwteon6+W6PIDDBc/mGpMir/dzvTt8yaJUdXCINk5pyAjmSoDEScCWvR
+8HiAN/7GOVZWkxkPL6+b5fRRseSXTCxNzMUTmp4ZEV4PtnnBokbDxuhKTHgdW8sF
+hc8z0HBR/SjnwNGmIm60hJspOetiI3knW6dQn3RD0rETxQi1fIJlhsPADx82ALHP
+qqebsaqQUwukHIF+CUZ/RkTad1ZMeg08v3zNApp8Y5gDq5ISmMX7UO877ttBg05r
+3IaoFo20b5pjIXMQBekGTF5yP5SsJv/dS/0yPiB9q528Qihkz29EPDrq+Ks5+nSR
+dvgic697HVHkdKqUG7VWyWi7U5XGUID6XRfMPsWDQYI8CWnfPoszovWn4nlE1xVg
+kyVV/PpsmKD6g3vAngEGSGsMLpE1zRR7bo3DLXaQMkC0mcPP9t7udpaS38N/lA/l
+hkd/LUWL82xuEDLr0vn2iBTiu07eUeZdobO8NApk4BKv1CI1JU1iJhdzWiQbigqZ
+K0TflXF1/Cu0gVxoADPwNxhxvTELlL5w78WAsol3+keARKhYll+kvKVpK9Xy2cWj
+lp/eIegVM3BJarBEsPtyjjMrq0LxT4QUxno0kaqV07DXZ8qqnFfZfxolziEDgEsC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRP+O1M
+clLc6fXWnjrwrbDJOYY6qDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAGlaHa4Sh1ttEOziiebvsdM85A+QJXVb7yWzsPfd
+0BH/Xeac1oAT8fgD01SvxSANaz2nbaonRnfSn4Gvz9f5hpzhWtwV++RS/HyuJmVh
+Rbcc2eOsV9kivaz8eP97faaJnBKGNwh1WfGTwTuh/2+4CFpioP6CfPsw0Cy9peVE
+OLvDJBrmHLylPHquub/r88dG6ow0bWOy6IteGN5m/+sdQYFNOxkBc7ZUE9t+7NbM
+V2yuvIQbNMISHDo9m5XOjzPGnboWDKkfd3VS4iPG+ASZxDqsY0aMWQVYfhnyBZg+
+wiUSv2ATp3AUq2RsDms7L7ojZLUhe9MTRjwCL7cNySFlxXcpDDENjpilrPwSJ2Dl
+qiBnYNuBI6l51piWYV5Ay6juSStjQYdociswC6ps9Xww8qOmQC3hBH5aOUgWC3xh
+fEm5CnhPvMio6h9EZ3dlrvVRWQpSRBnE0NNEwwY20iWxlvgTO9jUnm6Dp3hFUJL8
+BDKq2DvSSK07aqic6VmkwZ0SxLrOHpyU03VpStaxhRNXku6Ww/2PCIP8Creh2RIn
+F3v23EytzGAE/i8Lw/pgAignyT5NwMsY1NrHoSp71ZN0tS8klZz9McC3theS652C
+jAf0cjtjif51MtEqJLUJV83MaMGTKdoExsYQx8n9mVrv4NNqRTb2JTvcY8/EArvB
+5heh
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQBrMqbIQW2Dce8MU65aOOfzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTE0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA8/hZmjLkmTXtCc67RGNMUDkwQ9r9YNj40IdUZL0yJWMc
+KT1RRGetEKRDBE/dYSCTyktnG4U6NRXezsDPbM6EAETf+uV8vWj9DzQapdtzwKZz
+ZHuNztgEkX/1ezb6QNikl0UG4HVXajNsQFTwbCVOVAVe2aHluD7HgXn2aZaRQZcR
+qfMVjsivgv7W4ByehDtZlcoaMiFbRvzD6P8qNZqmwopPTFQ7HrM8TpNLkRXYff+Y
+h7JqOHm9541iziRI4GH3PbP01MQPd29Zze0PRyG+xNynTN5WBZmKrJ11PRvyrEXx
+IMHmiMsUme2GpQgGeDcFXPsVigWvuBnXzprAv/LdlqfFCqlkARCUwsX5mPxUvIlE
+bUMp+YJx5/TrSJseHN9NWgQOV1xyIKKH5Ppuhr7Frl54nQKdb9EWBWZzRwBo6nnj
+pBuO3oHgJicbOIflReBukwmDM+33cBOx9mmrSVsVxAHBQV43AkavSSpHWauv703h
+wAReN71n++e6bsfRnYXEOwMi8X8PceKBG5eTOOdNlSn2LLycXwz7ckO1UGbeoQ1Q
+O5w+idY4M46wXxMy9tUO45rdZZueI1nlWwjAd+WqyqeIgjfImWUKJWtc7xj8Ua7D
+M9xer2+XuA/9y8tMo4uYuUsJ0r4ISXjergTa+Rwcm4BRAHWG/C4jDF6lSrFZeRcC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRt0Gyb
+ocuFubKq0BoiLopa858jZjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAAu3r7e+ZbDBkeNWly51A/KodrdbryW4JmbRmHbp
+slaEirWWiHYnqjwZhzZegOYJe2ZNa2OyvHNoetXJLhRjJ0bjxk168m8rOKfPsmEX
+vlDXUY0dgSSCrgmXqLWfuXeC1pxgx6DFSA6cJDZYbKiKKq8u04mpIIKHWC0M+EnX
+QVE4bHitOKMxhfZ0n47SKCruJLRbBA2KS9cy/1DaXZQUfv6xogTSyJ3IImZT7soj
+CpDGU/D7GMT+XdntQ7+hxCufw2oRwdHXEDeNZiDyg1/WEyremeGNciT6aRORbjNF
++rSXg2YY020z4f3XzUkTY0Gk7NYw86UEu9CcuD06IUIsRsswwE62b5eY+zclo8VG
+2h7aEhXyDT0gCwfXeKomKuQoCKpWoEYPIlEGctzcFhBNc4Xt+9r9alVGx8aXkMQw
+an3HdNW1SkRJ8bGG3btcH8VsJD55cNlujDv3yfxAKtBEaWHy8IK2T6GTS/YtJ+ts
+yRsDvC+67zxktXck+4K3itYi6ger4UfStlUl2GggEkPWwatVFYN4nq/Rp2AGllKu
+AyktU/p6OfbBirKkF10dIgvtuSwmSxnEFhmRIFuHoVs/kK3iZ/KLHTeDZbF1CipP
+iryLMhmY66+BwwwJWaTCBkj88SotzMNVdSkLtHT515GP3bZW/Y9nKZgQoGYGTahG
+9q7R
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQbTRg24cLDcki3ht67GWHWDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTE3MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAwDw2+hl9JF8cJ8DxzDARgpBCYsplEKYwWorVZUNrg+he
+vkwe5/vsUeTw9533Bl5vg0vJiPJQi7QJ4tmvuCCIOrPnKHgRPmL+LEoPEeTLCWy/
+kS6x8QVNWPAHFkmjgR2lOCRjZdI/YjMcGf4WmMPO2wzRBFqHxWvvNeBvhEfC5hm3
+/ZpiN2Zd48h9SADzlyXX45hXxKfvki4imoKsqbQy7MZ1unSjwYhshWqK8Be5AbXK
+JPpsQXjQpZSZLMxVq8JvFf38adjjZ3GxRshJyAcAtChSyLhQjiFk7V8426lNuiPl
+erv2unadnRIxYR0pQIQYOMu9OFiAxno55xMDP1R96J53OqdEe/vo2NLLA7HWA6yH
+ulnsDivXGg91M7QUdaiN19qKdU3io7ZvxjNRsWpxg3s2hXfUq2UYGt8fO6wremzy
+Hvk4neqF81fHikWG/yv7N5N//hEq84ATpWnqVlAtMrEPfX7cXNCD3oTPOnKi+Ain
+VqBTNtgAP9g1D9WghFA8n07ENFzZI67N2goz1rCjYyZxwkrQufiY63vmxY1D3FPS
+tvK7BucmJJsJKsJR2/s0i+gcc2xvzt7pR3b5bZ7vWJCLM1dxdE6zqzkozoAd5jHA
+qZLg2CN2+my2qGkX1ckFyXfjVM53BDVskohNJdXF2vM6I930I3hFyEz2O4KmH5UC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTipg68
+Qco3aoKAKYTEDwRs5BnphTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAHl2jPobJ+Z2BPDw1MZeA520Yca8ef13DsU/PQvt
+VKrzfwH5QE/DRni6QO4d930G3OwYCxI+pTf0R0pxt62WpT+CQ4QaDiWjTa0vV9yQ
+c0uc0GEvlqdkgszYWkjaa94xbGGiJEYQL7yPwFEhwHAU6TTdDej4feHBhsMeQF++
+uiQLYOTRZeJ83FgD96NhAfKnCc3zR3KE04DHasyHt3VrSxWNwDg/BlVV9zhwWPMp
++8CyDEhvYyBWkFu5DUbaXGNnQ8kQLHXysrbH4UnxKsbd0cGaph/P8zoeJIpeHOIj
+vDfwOJVcTwZIdNjawFB5NN4J7NBYtvJdKuujy2+P9rVPR/9sNZ30nclqwmbfWOOn
+Z8e70KINKQUxuiT8du+qFB3GHlH4w03xMNrxIypURzZ6G+DEwWwqxR8a9Q79Hrnp
+N8rUAHP33I3+CeLSQIrCYEHmfC3WtDuyUyUJahzILOs8eQV3OzxUEjX315fwOn60
+0tK4cFrwZP+RyAE/e1uobkChEIV6sV3wNcepqrJaBCVHWRpNkTXcmHaGJznu79K9
+iOu/1vjrNIk7FCUJgvd2sIF4PW82k9GZCo4u5+6HzINY57oHxylgu4dTlq+VgJ/j
+juhA4787uXpo2tetIrqWHB8dF/wyB3lCC/5gVZ3ATEc3+Si4Pm7FctDVOvVesDmG
+AJrr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQMFV+iSrFJamoR0XTMU+m7DANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE5MDMwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCSUTiPsvN5ATVbyVMKZ5PLswCx3PrL1yunE1U7y1EE
+7OryV+T7idKZS7Es3Tero6pbkzP7TrJdvSbzQYmSDVj/HmiVFtz1ETHA9uIp8F2t
+/eg/mbTX8bZ0WnDvE7p+wFDpRftyHF+Wa9mTy86R/jHXlrgez3A/2xoIWw/3IPZ/
+/oUCYQL7Ztskf9ST0AjgpfcYRmtMzZlE1Oj4MBKnF4jtpb4Zs33gsG2XfdkaEi4B
+qH8FbiRnpw+G3c1ydegzytQLQbXFpFUsNdiO6UxsFFK9MgAs7emtFneGxiX7bE7v
+FWcNHH9rDBVHyvLtboQKoa6OP6B50qZtiGQPppGh1kVzZQJgWwb2uouDvtqRQ5dT
+0R/Q1yIRDG9n+YrKNptNf0MJkkgeAD7ODkmKTBsvvERYsp1/YLQbwm9Js4hv0tiW
+XOhFsCW5QPnW7w4V+xa1oJojYk7ay1H8wugijf2oZjAukEQw3CF4EPEGZcA7waNc
+gs170ewsSuK5qIP6HBoMXJbAplJ8kw8O7WBAuNq+bN4wBBeJWvWnYRNLc9iI/zrf
+VLpYvLbCmnss09hJLg88eQ30z0v01pYqycXvw+7fZLHUs9MbMBoR6OVFSE42BHaz
+K0x1iI4Oz0xQywKNtSj+uY+LCOFtboWncuqJvq3JU9oYEk/aubsxNosdhxG8KfMs
+SQIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFFsN
+HS1pnLyVPrxrGCW8p2/3X5BoMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAbxnUPA2jHEw72MIgDgp1U3uw4pOBzyOr8Ydy
+qAAZ8WgtDKGBB46bKQBoAC66nPxz7QYl/EbnqOGo0J0k4t28GsFahVqO3crZjBiV
+Ne395tMnb9MrOQpsD7S48DMsSyR2n/JrVGSTn18KbqHwEhgNfHiRS+0pgQmX0k7N
+nXU/2IABrGcdUE9hzbnhFhEfE1/F5e5BpnYaJzHvoFfDVf4vA7w+Sn7LaGKXa+4n
+VwobBWq2JDlHhakGkLmZMeR8wXdfcgY5D6Uxp6DXsrTfyXqPqkC9wq+CGjV7dHWw
+DWxTOmEq4t2Ty3iL38j3I83Ocs6Qg69aRkg9WGX19X1jKAppFnuReELyUhbNrSMS
+WkDGP5F3bfYAFhyendgtf2d4MwhwSqhQy6vEuOu9cYoTMMHTFMdGLcSD7kwEcOwN
+ikHyACTlu0wnxaCt6BRKEgpb0L9l0zuwL85h3NuRSloExoJmeXHy5zVX6F+T4wZv
+zTL/hWi0okkfcMJDCwl5saeD6IdvDfJtqWvhpF+d42FGjrmKfWkxYbSNQH+KimfH
+RyVjqAuwFtDyN3OcX2FobImvqv+EXWch2fyRpTBgBetuMgIk+4xi64i4VzeTCdTW
+IvZf8waW0jheBzzuxCeijitX23vu2d2ULwfvjRnCb2xR/be4scP9B2nkOaUbh3Ze
+TKnCdKY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQJO0XoYvkxi1mz4Kv50zNqTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTEzMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAtT5nMTXDSpqHncYdefl/AJKcZuhRe8WQd17bwrrsr0B9
+tNbUzRIZfkIyRxwhKZOFg0m21uIa/3B/+Tt/qEC9dSzz79K/Fkbkiw/++zxGLBUW
+QeD/nC262ytf6bYsLWJokcjY0kAevABrSMXZJOgph5Yl4u3mk0P/6Eld1/gJvvSP
+xRiSAZIx+ZPHI8FAXQnDKZTzARQP+OpXfLDmNYckJH736HGlXN/NHRRWmony9DCN
+mzn/uspstOlc+teJu2HgeCo2dqWqJvFFz4efQ73Z+Esp+TWuKd8mg0YZUMOrvCll
+yJshEgS5CnKHh3/Juj99VLzu0Jupxz5rNH/wZdLb1/WDcsC+C4esvsDyrUjYKMAZ
+ia3cVuOyMbWM4PIB9P7ANTsnWOMaDKJ8v8wuw7QvFGs4mnGLOXqZ78bxD4DixI0q
+CspOdn2YJeNsvZ5fzosYaWhP6YBbJDRDPJMXIVMzC4v/7LDn4GqxPJAyTHRrl7Rh
+yqG9uk5s8hLkZ77i+pNXbXoVr++rpAM/z1+U5JEFv5xmA5HXHqYTprNfLbuWXEnS
+CE67GSY8UEvaEYGgDvljwYTln9dpUV1OfcPXZE++O/ZzKTxCCjMJbdmoC3ASrw5c
+ChwGaiNTVKMCzAeho2qqQMn32DN64+DGYmy6lz1RZ+q5Ttpwz3YveDlB9x6wIM0C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSXAjSI
+2gPgAv2J7m9MfOLlpJA4WTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAIQOFOOsCUKBhA++joQkz5oSMK/BcJAJCiu8AVsU
+G3FkApsNk38IyIKl+dEjaMUCs0PUeUvKgpbiXRsNhHxk1xNYhLWuqNBBTOyFqX8P
+0Tw5aAeiOwk9fWtmJhCqXIq8jp+/p4cC55GC+sRK+dVCRE2DkZD89uvcN/byLZgr
+/4s47N0BJ0D99H+pzKLFdWftxleGOXtqvb9nV9zHt+Jn8PVs5tigM97/VIVsGQsC
+vZKCHYrBQBFaV7N8LPZLwkL+7437tTZ88IuxMO/lId+Sb49wllEwt0oVC2/NOZ0F
+eV9LrgX2dOrMNmftrn2C36MGSi1lTPhWp4sPdMxBe/hTKKQPW7AsIDyduf+bWII5
+++i3aXVRsZ5L7yi2vNedIU2Uz6FJqf4iPuTCFIub4T/92F+OWkS9660AV9ha4Brt
+r5pCNy2hLF1Lo/vVMl4yKSXO/WehEEnpPmElkej8TaL+7xATGKhqXxPQLtThgxkQ
++6jZa63IpToED+vGRC6gfPPyAEpyl7pCkc17cDsCxBqWEnGr0Bdvmy6JU/htJY/l
+fQ17QZJmZunh8PM+P0BFkJ/z70e03nobwRSPgGnxUUzzEbgAt1Wd6jqjRZ7Eoel1
++vRp4letb/m9ELk8C8+Fnqf1VtLvFngF2ml26cXh1D6osbztMvxk7f2VNLPSnCSu
+2UGB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQRMOXlL1r+TYckTtdC8ZkszANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTIwMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAvux5vXrTfmXNGoWvMBVnKI8KDwBj2nT8/XR1j2d9zX9G
+eS8qJmUJ6WM8dW7og1tTcaV/IIkWPikp5voiz1o6+LKmh3GRXsT/gbLpkOvH349k
+o9OKt5qdpf94RvT9Hb5xF033wjd5xy4Ura2vmr3X2UUhW58FqpQO0oROIO3MAnVP
+w/xB+mJF+VqwYaL2M6sOcH50VpdqBE4NC6mXPO1AVOb1DSgn7+bwudzSVOBFyMfl
+YHMfnUrA3E4ItTfvCJtbjizaDZdCHVm70OJVASkRYsk3/NZrr7OSHfchLzoTh6Vi
+DMDJ55fLc2eeEVSjKMJG48o1QI2Iw688LjDpX1mf0Xl9+VPBaag1Jq6BvYMlOZTu
+xNX1TaM2kdD4PHsyAF2tuuc8U42udt8prMhp97Qmv6TfYAfGAoODatdOEL69mSTH
+6kvrMZIzpdr62Ryr6HyIvjemls0wauEYRQmqJrWwyH42s6FzHnx8fYDE2AI8Fnfz
+THxUxUue3GRUFJ1QmpLj3FjVWlyEw74O9h8IlsS0aZtiFiUMt/W8phRpOlnMJbN2
+YOXs/hJwaRdBDnBNK2IHHeP5WVGoX9GTd+lHa5+7b+Wg/7pN/xVi9Tp+mAekYKji
+tub8zYBwIlMHJMxmlTnowOL1650NR66VxfcXjFyYFqcEW1j5dE/DAGJkwp3flvEC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSZfL5a
+6ocB/87+BInrRcFM/jpeozAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAINyjiYiinHdwnpJNVJT0EW7jKGpGG6DnNfL7ct4
+3t2UHvV0LTWkt0DgTCk1JAGO5FR9Z6xaci7GM52zdKzpYdk07rucwrowA7rvkygy
+KTLizL+F2usWrrkLkpvMKWOpBorkleNEEDoEn83QsS/ybRyXb3iKYzeQfkDPAIWO
+fN0AlHZoDE/+3sRambnxo8e+6i+mAdPXOIQ8XS7z0Wa0gsZ4O9uuorgviDnCWFIw
+1gd8dh0U1zqSfo/lJHxjdihePXwlFcKQ7lGJj0rcjSZ4V19J/WnXxfik4gwX6DYh
+bezb2ottikDsdwqcrrjyhKMponbkvneHtfNVJh55nMXEXxI4gcEgdhvgwxkGVTvw
+5OrAlBlsxL+8rLrmDzkXwd8aA8YfUxcBNjQ01J+uK4Vhs270ztOfbQ0mmWFMzqb8
+ZFmscK9iT8K4MWvQ/mSThh0xjC9jwYZczEUCHRu21hl+iPC06kI6jmW1xh66ya1p
+uSsBfWGArEf/0Y6vPeF2PYgUsWqPCCN6XJ8pYV88XivVVR8AYokeOtthKW7vV4XE
+9gJp4xV3hx7wzL201HPPjT5WQeZJC3Jr08+/zg32Qf2zrV+VWKhipgu2ksiPMK9v
+3l8QhsH1lUVYUoxtiZ2lCQy+lz+ZFoY1NxxCrUZYLfjBHOEa1gRgKq9cuwNgMa2y
+FsHp
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQGWcTiz5eAiHBeD3nkDt07TANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE5MDEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDDznwn2cEpteFkMpxZZzYqwDHAOkkIjrAgR8SniEh7
+RurvmPA4juhsYiU2lcOuVlIUIdo9nlf1600IKdnouSopYp0/YNKhjhTWSxMgTlSx
+2IEGwOKwWUF/+pqWShcnD2ffpNGmVtVOcNXe2BRNMxCd3vL7201iIN6PEpHk+WJA
+5f2x0hmUbIQ1l9X7yxgtsOkJKMkOzSYrpXohPtD8VE3fNBoat+bEfks/F9vGBYO0
+QbSsRQFefSP9rotCkMZVnAGRTj1qShnYZ0y8OQ3dEjtLV/qkXll4D3Huqlc6+tRG
+nIN/qLZThvmQg5SjvOafnF7MTNwPfqd1CaTshwfO9CyLPE1JOubJBGfsmNgZlAG4
+VT2+zRASo5oX9pORUs4FFuLdQ3L9zxkU86VHFlaJIc2XrKAUdjsMN1rn2e4WL4VZ
+VkhSkyvyJ399Laq50hqSPyEQDzfdDWQCpMVp5SBQGhL2y24dixHUJqJq+/qzQW+H
+a79rV4SW4P+ZuXEKj7RPjY4skR3M3Nb/XWzXpgOUjrOuJANh2NrgGE9mf8ja5q+p
+EYQeAe4fvSDIXT3M2uqHOjNsIL0rv/wkHdU2Gwmc/hfO2btOlog2SJSh8Zll6NuQ
+s4pljoiDtCUiLbfkxuUahB0WetFZJU1N+KLHZV7pxGkx7BtxYolps1hs9EHYPYB9
+uwIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFKd7
+eEnyWdCYiDQeOfFK6VLzGsA2MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAX1UrUjKbk+uMNSY5wQXeMn/f8B4odA22CB3t
+2/3sGyE6moWzCmGrMOX2qjnjWGNmcTJEeiloZKA+X6xPb3qZly/hoeI287JxiaBx
+KCtlH7fQj96vk986PPsX5CbuOmnaD/bQNc+jUSgcoRyimgy4NlI17YkTd+9/Ai9s
+1Ifp9FbUeuZpVTZA0N2n/GoeQgkaOUxKlz1ilcu8zMPO9GfEVENUZMXx0nJgk90R
+7m5PJiSB5Zyf+osbUfsONBdYMuPLamC13NXAm++2JWaRZjeqEf6bmBorpdfU/2ZI
+3aSJyMK2nGGpOmvZ/J0je3JxBGxHUEmAmFYXXJOhevSjG8MMyNj6wliVxutIXisx
+zeVtOoHaV0VdprFh/LSGjtG5FHRlev83998mQdvfSG9NsyLaf2QDkQcXxZbbmKhe
+0DUM9+PGp7ghaUy1+uZSVuzN1PXSBUJtXRnHyWwVPMfduJDPz+CIsgUrwUG6SMF/
+lVgVSQoDzyrYKwZwi32eJRJmDmxZ10B1BSfHhPH4tdha40u0jWp+N/2XZYPwquLH
+aSmeeNgt32kPgvGss2H/HKvXY5BdiK8W3OscdoFHasCcIJRv3wAUu6huhgwLZskz
+Icvbl2U4iYg4Izemuaax0bEde5kT5ajB6axeWsHjjpDGqZpnFMBUelGGGrq5Xi+6
+JBaeITE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQJczt0Zmi9LYx4U11/B43KjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE5MDQwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCtIdV8jxBo3Hb652wSyxzsZxVwhNLw9jHb1gTowtgW
+ntrdWO5qA8NJIxxNB0evA3slEShTmW9nJpW+7eC5K05oAxvblXY/QWIjJ3ocpbZ+
+QV5aXlnVkAVpTj0vdIq2VINjnD6yM/q7Tb+kefUDUK8kHtdlv02An72yC8/5XF7Z
+bspS+lsV++s7Jf9qrQEF0zM8vMK8ocek2iykjwaPTFop8ok1d2CyQdhfxAV6YjLK
+/nS2NM6rqrhN0cZfQ87+K3QG97qHTlUg9a+N1xw0+mqBv0rXN0HbBNq/ZeC2ZvoY
+CnUERJUI5iM+MqB+FtdMzv4vHykyjGebuRHgct0ycsXNvHw8kWevacx67ezx4ec1
+Go/RjJ+FVWROnz0UMUYDGJK4WB0HgUAiaeZzeJX/k62UIZuAog+sbCh1XTN9WGaZ
+IRWpBmu97yBorqupI28HuNr4Vk/XOYnwPd6rWDIcyAxlomvVoVNxELA8ise6ncTO
+L90JBSlJESQUzEbPA/iQ0LWmuFKQWSzXLjbZ0UfqcxHw+vnvHCKyQhoDyWSzibQI
++tSw+EkuODEayniwJpTxkps43llyUv/M+S1/nTPsoRwZBjt7oCSBJGSJp1G9u9/8
+TpfJBIqCl8/C+UDi6j8PMZqNySfO0J2WS5Udn9Igfj2iPYAqecA3NKxoaAcqUKyW
+AQIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFIjh
+Ai6b9wdmYXaBx4r52x5sicIkMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEANegA+IoU76HInumkqmodyCFciYcQ/eOwjOzH
+Iv+kd589DY45gUL/LO80R7I+GM5E5Mbb/3XeTMo18ldQsGLXi9xjldF7bFsCeqEg
+TFs+PHad18w6w8xiOh4aoVJoTq1e0dudaRpMX0npKIHwjPdqudgU02KeFnE0CkJi
+k3IGMFUiCIM9CmhR17dxinG1uZr4HLmUcq8cHvH1QOWrItmUYOgH2g8SgCpvswmF
+bluTdTb6iTOW8r9sAWdUo29vRFMpou+3ehWAmkbOyo5VNHPSdn4v1Jdn3IaKuxXh
+vx8UClVu4xzzsbmQS1kR9mZ1DXMOuSKDsHCtlZb7KVM64n2r6slv2kCIbTOX5/s/
+Qk3FLz0CNnFj+o7kihFH9e1+jfJnTm6kSGbqMrgm4W8TMgRpmCeszwyflxnVhRsw
+FKHoWJkS/wPHd28WtUvLqKZLJkVqQD+3iL8CWG3FZ07/HBSBN8S99VY7H5mrfleB
+cZmp80rW9bozN0AwGiN39ELmdzLRk+BOLGNsPGhdFCusgR1k362YDu08Wn/zjkZ1
+N1wSP/TxClwV5zxrBA4W+8C83mMXkcQvDKo9xL2l/uJYjHt4ijwFd/XCfM+DqDC6
+I0u1i/yrse3zG1Yqu9ovFnAKE7+uESFsPN6InSYiBuCuPoabTJ3Gi7geq1QJWAkW
+9Li+0ok=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQaYeK5jbXVlnncPGg0VhjKzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTA0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA1weB5LSXPQMrWAfMMqrV7kf/QEQlYCYdH4WuFt/aW7Af
+l00d2VjrwUFwORCl2q/dcsZlX1A9HXupywri+s72J1uJehebh3E5/d1AKKU6We+V
+qh3EmEECXp78L0R1yXYLAUTapKu8AU+v+eqOUsSH8U08aClr46YVCZPNrIYPp/nO
+ns/MY2gU5eYKGv9jWohLjABXDQ1DNXzozUoHFZpwQDwBIYmwvhsCMD230j0D4Vlm
+Fy9rYW1oNrbA88T/zhcwARwwCJ+IBTMQvA1/dp5N1t7iiR/zWEVwPyfR31JVBxfP
+CizaoRlYieSiZ6k9WxtaYN8vLpotG2e4Ian+vS2GEE0h9dwbr9Zu/f2ZTTI+FnpB
+wRyTdYdmBfzVAyzoTO9p3a1tvS6cnyJkFLwtwjpvZjY/2eJFhmXhQItEqZsMIAeO
+HibrozCxGkNeW4axAtzYY6eNz67szpL2x9D/FajSKohUOp9o0R3NbBwzBTwN+Axd
+iPxNQktggeOZhfUX6Hr2R1bAiUJUYWRZ55C5IiRI1e043Mp4jCwP0lN/+GtFof1l
+7eZQyn1ynt/SGi0Zzhtotpn2qEVlxfOvvYk+zgFWzdapdIoxradiUaSif+thxwkF
+Ee8UZz+obvtIDsPql+9Be7A3pEWu98l9srPp3qTSg8PA3CYZBuV7o1zytrdKn9cC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBS3kDuh
+bsTb+riqeE5UVkhBpT424DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAAYOAp/et/SrXlulHq75lUocDXfspxLSUMtfrEJ3
+RiisyduoKu9Q9BQ9SWGjId7CyoPusfCAttuNEDo3r+Wv5G94yfiNfXo6g+DBi/w0
+uGYCRXGR6UVrn4Vr5A29Sy6TLpSYCUPANpU7P+KWo+8ohX2ToztxQFVCCd66QP/D
+syGHxpgtps7KkaEqZAwwxVRhFYDe+ihccou6hOM7suMviZJ6la+vpEcQV7iMV12M
+zZkMZA/jckEzvS8MYOhrmaSirXKRx2pE4KhcswtpBoSUx+pzIHjalF9uT5Z+pdDL
+qMizwNTzFb4NxHARcg8wnSCgkJ49C0yZ6owmc9o/OQ7U6R2Nj0mcgKZdpA7v3wne
+GGwArG4Z0475L7y+LwyrhT1ylZhgAOFimyhzIGM27gBSRd3UklC7hmm2D3wBfMVr
+gLtFJM0lQkHxz/aYmwLx6Ji+juw3qN68HCV4X6gATPEgMFHB9OTNwu5ii4vYURfE
+fJjTiJF6o027ZlkNS+yh+8R0U7shluvdXkW8v8TUk/uA80SULkSW6E5LtAqq8gFD
+zhSrBXLPIFom+P4yulyi1upvwLxH6yI9vFhPs+GygbHm0yLCPKJflj7EdVPJODHp
+vJnVM2Fu3pigKhnzQ+EKK2HCKBD6hLpHDEf4DO1dA4UoGzbjcbQ3iSK4CdloCBH2
+wxJQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQOcg/S7sBm/AxI3FQxYtk2zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTAyMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAsBx4dWk9Ku0al9kIATPOsBZ3My/P2w4Uqlww8JRzwKin
+nMyQGBswj2wMu/G6Bun98aXpW9CQnKZLsS76pJ55qsJX0sWvdYScS1dC9KsEdonj
+VmWGFKWY5/VABcSY3mQ30cFKK5OfbdmA2e1FXVi/lMmJqN9rf/VZT4H7iGA0YSwv
+qqJNjFIRM9z3+oMHdMaKVHngRED6ZPopgWCYHy/SDAqSAVZotSlSt41CjBdedni1
+4I7Slm1kq0Ha5raeeSdLWmKUlTU1zSyAgzlu7DDvJwLXtOKn8pxqzp7HseWlykSn
+2Of9ixnb0nLfDdH9gBJ+nbbjtM8t/ToPTkWMpsWeYcJOrG+RtuQAboTtfcFCr79L
+1lW82u1LI6ohSxXazF0/AHL0IuK8ovHfBcLrdbzl5EqT4ofz/hAKecrbnZEdJXXY
+zb3nXKlBSIHMwsLw3509R089XSns+YAREkHLLfpQvztTbqkdXtEVT9NNAepFpDTE
+T216L+vVUCXWbptegUuV0MqJQBymSE40H0J22crmcsyF5poHU7YSH+Rhh7oRzsPB
+1hyJIslpAeA2v2/VlCKtuP7nIuDRnMEKiXFMApgFioisOiWkxJCr9guAsBsdhZDJ
+n5aqwfQiURQ2XiDkPKMQ1TV2Uv1p1fCWL2GcjY0EG5dEydTy2XebBr2Q9S0ZZZUC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQA05Fn
+b+XvSz+FBK6P/ovQ5tkSkTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAJWAxdP6Zr75Y1O+h4CdjZHpvVOo2MRf6BiFeHBS
+pcyzUeXepr1ziNYVCZgnfj+4BOQF8tCUagCRs5d0MpJr+aF2wHDRHnVDWim/u0m8
+8TjZL3Ya7yiGPa2zBZjT2EYJ7eL+317r5ZOz+0gqI4i6IKlwreHXHVUw+d5RFvjo
+n4pJ0EyDqNKKTsZ7XsT4bxG93x+WGuVxeEscDQMIyp8yNVufW6/5FyOEz6l5sPv/
+QSL2oo+8ZV9K6tteo0aQL9sZXWmHQX0Xw+KUMoUu5sQ7QlP0iVop5NI9wy+7SBPw
+jKtpJF5lnsjdxm7vfVahhXnWiKrSNt9wuuGlaf9mLW7lR1BNmmpiB+n8wcmVgQUI
+Kh5fgoz6keDXYcoGymt8FyNHQXXtO2NxdjjyNe05nY/j8yiWqUUmlGHjnCHCuB9f
+rxKU80rj23Jfi9yC3fUXSNxR6s7iEWYSE+icr3eaYeXAHUO4W4oqGeMD0PWpgNhN
+CiW8bW+a/Vd7Pyy008Y7ugCHtfciCIsz+tUMvAzg6tvVJohEN25d/2qyyjnLy9FU
+ICxP2qJM69U+ezgr4ITLdq587NXIt3ivqQ+mYDrC39HBGQMBA5s+omBOW2213ymZ
+qUyGHRb+i99Pl18kYzBLLkmh1d2w3frPveDG3DfOHv8ijCdH6EWNGAP7aFgoEuzp
+uFsc
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQXpNR6VMXgxMYXZ/1yr4VbjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTE5MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAkJO8c7zx86dz4oxpHyDfitHzXZZ/1YfljfRul58tSu5s
+EeQZuyG9azy6/uR6jYUc1GyG7cqI+ZKasiSlgUOkZW6rnaOkR+g316Iu4jXBMYUW
+EphcdR4qM/dPrOOL4ax0zzQGliZXqbsrjUthYn07I++kd1u2s/EldB48ih2SZd1z
+wR5YwN3+J23E5ywZVo8Kflo5ki1JBrs0Uwm74XqO2tA+6A1fbCiyZ9ipy/zl4Wqd
+PXeScO26QovATtoeIf7bnl79rFJqwr0k4M3SCldS0nv8xQAnZV9ZwY3lAb2+q1Ai
+kMhnVHfIBC1DdFRjLIdFPH7KfHoWcpJTzrkrhOxIefE8tMM4TlMhAvMuaOh6c6Xc
+q7To3YDhig2r0s0XljaZ4h8Om4/okDeZb3uu3gzRDAJSTX/SNmKRQgP9DdwnwetN
+wprdPzVu46PIAfuyZ17RK8XiUfm5BZ8CXzhEF9nPo/pyg6Z34fMXTmg9fmkjFbzQ
+ghGu3MwhbCdeT1F/U8cqNxktYgz0qJXjqR+YSIDmLIsln63ozxreR3aMY5URsSuG
+AYT+wG3QCN5PyzyBT+kgSGyp7SoJFoV6xwUnV1GoIliqI3Cn9KaxihhGt/Zw3CrF
+7L7P+1bNrZOOF0SlTsrh9h17R1dhUUFrPAFnR7kEV0F1/MFv9VElYHIViJSLoWcC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRzqsPm
+IftWLOUiSuS9t5PyS/b4AjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAERqPKSdDIz4iioIUwkGJv6RUw/Ce3wc+syWPL5Q
++L7zSX1OQ9P80kwoeiGwGR2uefTOruNY+ZuNPWO7GnVtvYuEGlKGhyOSwmiU6BXe
+KpZ+kt9J14b89Fnf5lT2+7yl422q3VDEUdeiNxftfhlAh/5A4ggEfq1JG7ymIcSn
+HrKceerEPNfuoS1nXquwZtDzqIAg1VZbfW8lLeCEBJSpGbT61HyC22ky6vrWcNpg
+g3dGdv8RSYpOo/VpvwBIo+3XbU+ijmEb8sEQw0IBae/xsVcMb8CJPPYYjGhCjzww
+fF5gwfFLyQ4EeNr1J1msxuLKWnU/szRxHHyyERgYE+rr5YT8k6BFiLdHOh9IecFO
+jK/LVUW319/bg1ozm/E/y802R5IjODriX/Dddp447gpO0DSo/Q2xaVXosAn0V/SM
+s+v3sutrjY289wTQZlR5IqM1quR6YRY201j7LPB9t3QcUnNF9PT0r+numM6qRPJ/
+/8LMXTK7vX0oMMOGbM3B6BNkB60OJbydGwYggIhzaQyPAwLOeXk7Xp+Is05likSt
+HvT+KI6LdV7GJq98k9MLk4XU3AlawXKauUc1Y+FqoxwOiegMamo1xvroWn75kEPm
+mZGdCyPNhgn+xuPiNTodlHIOZolgPzU0IWmRa8EZzuCcqtALmeIfHL56/PSyX0oJ
+9qju
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQL/WkNaKtHylzOl3jzIVYQjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTE2MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA05tK0UzYl7PxbXiLGsl/gOjpqFyeYHGGPjWtEeTF1cVe
+U4BU5fCJlShjjEriRULTTjiEhZ4r8czO1wJVfoECFjPrcPMWCshiSq0jIapyqeAp
+XZpmvri74mhTKh2p6vqs/sZpRxcr6WkRz1YnWnc6p+bp73dktQbxCI08KliSzwOH
+QACWe54oKzofHihGeBsIaxxxrjppRjXPni1MuOsi+KJaRLgauAk+HtNtL6ATdgFw
+cv8gmT3tcp7lY7ZAj71d7pmEOeAKIIbJC+A9G3/gerwZSEBizGbtxPuWcu2foZ0O
+l1H+n7kDr7JWpCURqZx42tC6ogzpw3o/x3lRnlku+1ogeXAfwn7Z/rP3IF5U/Z3M
+D1ah1K5SoENif24TNVBg5jkWzOYFruQMhAnWHDS2L4TOqzlHwkUY4N4waDtlxIg7
++f+OiKolc6AyNYr+IYfibvP9n+HvNJwbynpcg5845WXpooUolmTsA4Fh/GdVLPdw
+FBi5jLCTAwbQnR+7lo7je+/k5EYFa7/XVHNBflgDiCGYj2Kh0LrUbZH/bRJd7kKD
+YrhpWI+iKPRfriOIGZha5hQ6S4U/e6vZMYiZd7GCijbB4EQkHsBa2ezUGt3tuepO
+9z9PSWwEkMCmsBohXS0qTb3enS/gbh042rZZe/XNVCugHybJTR4zcqc216WfIaMC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQDaGnp
+dRXfUFTXwbJHjMRisywV1TAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBACc9D9zDlaWyFQYBFh12ruAFuQL7PRWg511bbXl/
+BnANk93zeaGIG/TaKgNa67s3K7Sb4Avu+ghpqe8neOfg2FLl4wxk3QT+L1JfZsiY
+PK5RuFmEJs1RT/RmxIsfzhO4y71HJ6vqO/iTT01R9CVDC6aVNJiXo6kSHhRQCcyp
+4uX6twQVB7G0/3Oh76K85Un6qO2R18bx437lPjYtOP03XHL888kIWFfzO84elPAH
+V5gBd7xzcz+BuVctcNCSOxBi2neKBHfWEy3+ByhuA58UhsA0kgUeddWa8wGCI8ZN
+EfS3ATB5yLmyAER+Y1b1S8xtUACikscx3g/JHmx0oJ6NsYYbKXs2/FVeJP2oYDE8
+k06nOIckxaabfo7MaKZS5NKixpAHUlIzR9niQ+n4SnvwWj1N9CUxrjjDpYAsb8hI
+eZSY1lseTXyKpWkNK86eu59z+BTPITN6r5Z8RvZpOhygLfwJAITVv575VNDUaleq
+xNNPyzLVB6A4yPfbBi1I+U/WFBONFiZR89jIlfpL/Wlfo36ynqQWdCGRFMyjQb/X
+B3HzCxkjExpmTEBc4r8E5Wp+qsbtYJZVs1myC0W6pYUmLatLtbURHuPGL/G2J9pA
+Klby1SBwd0qGdFz7kTVXD7XjmTvx6V7fCqNl5FTl1cxpa6RPSwyr8RcgIfbBa+yP
+RBgx
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQVouINCv+bckpNdATkJcGYDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTE4MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA5aprU/hoXjei1pgCKIyTaY/CJW19SAAw9XziFpS8ZGZj
+aZw4968lDfwyjptKOWGLD6WsYoNI5wislUyBSXRe9S236zXbS9wkB7zv4fKhAMwK
+1j2UKGqHNjvMSEXSqxid1+e4p3c9XTjfrWqSIXZIf8tGk1PQ+Zjrf6bUhyC4R+mQ
+1hS3CBlI7Tpi6A8ZxWBSok6J7azQ5yqlCbcSQ1glv/8s52NkqqVojwTKynmcL4lA
+gSqf7YahUmjRgj5FDy8QW8v0qhe81qgjEM6Ot1T624e/LApQKqRPAAY5oU7h2kIl
+1C1ZmQMFDXISGUcwE0FcVcFztRFEOnHMv/gCEBoReD+iZYwcwLnyPbhZYKIurEpT
+scTyhjuQrYoS6CYydfBmuyyM9w/HLz0b8ynDKP4B2hyjDK8p9D/IeeN5iMIDw9Ms
+QyLOpruuxsEWSRaowuj4g8Sjy6ddBtrM7VbQUdYu2G/ezd/Drsk8TIFHn6Tp/wb5
+qwx/FyFxPjiYPwDzyET6juhgugffbuN0qP7BBRJbMt811dUpekbMxTkBpcNcozlF
+ZRIk6Heb+w+jMbxnIT4700Q8/fMJCs/cL7EL3m+GSA3T54hilCUrBAK+kwjeLOUZ
+3bnTE5wiBcEOH66yf+SAdUUqGjFQablWgRg/nR54nwCiCXIVerMPIkrsOjIhuF0C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTCxlG7
+DPhSqt3WcPyhq2SvEx/+YDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAJR2pERlOlVjvHdlDGYK3ZQginsLt5PwpZcWtUuM
+bRL/3zMpF/SRRiEckS15gVlxhrnTGWaPoDkrNwcC7Ty3UV/8Z4JbTvFWXZVvlM9T
+y8Yo3vBzG8ZVSZ9wXfNMEhMldQhcF1drlVT4p7m5ZmsG+R0kjL10o+A4JuD3jLiv
+zbfxfKAUENwv3iSemlsW3PG6GayuWJZDklj2hCK/c3VJ8HzKtTdv+BbGN6bFPjSM
+4n5V6AtQrgwWud6KJVtamjD5KVUGOqYzaIunpypt93J81mCqBy09WzD2+nDC49bm
+JChar4lgepdcCtliqmbFL82B6HeCxTSMpY650Xk4BLtqmJHg3rVv6h5UDaxJ/OGH
+70Mta57vhSGvyqmpZO73vNXyXQwaePZW5af4YZHQTBduF5DuYUNz/X9dGN6jEXfS
+kQzYLUHOyECKvNPHJSuNuYX4jZt9g61BlskpsnQW8AkOrQKMN1tdWpwNq2MWxX6D
+di5g7g0duamXzomhGiXeXtZIa07El4Yv+0vbX9oTQGap9X+TyPZh1gm41XR3cxQh
+mGr3TqXpqTzvca6bboC6e8YyJk2pYAPlweNhy4fxM8xoJJDhsSWCb8YDXVsZadsX
+jsANBCHyzzJ+1NYNU0RIltF/Qx6Khtp9arYdaq7KYHhF8B0RhDKJt2EIjnVu9b3z
+sezk
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQVXNoYFyEALaDXG7nB2AoQjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTAxMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA9SHoRMg+Dhd0w63ithVC8CVZZMTkHYryM+I7nqh/q9FZ
+zvc0tQtLwT0DelDJxzTm1zTu9wS1AGStgCShUoBuZRv6uB7KzZAld9135bs4+6vQ
+w56ToKVSA+v0+b1C7lzcVx+9gQa0nAjfzRERm2/LrN8fVX6RKglNnHRZbmY+Zm/9
+7J9AJR88jT76/KE6laWLiKSyc+4uF7FOSspyd5jDXkSfI7iXdxY8/J+8ti9MaxA6
+PqT6kOOsvXIGxa33W6HOKCQvvHJ86l7pig49modXaM/odktYNAVRlOJzKVqWYDzQ
+S0kx6iL9vE5kgoQ9q98YA747pyGkSOQMjS8Es/sA/WZCPloipJbsFmiLAFP9Fwic
+XNymNCAOgDjHTfLnCsW7xDN51InxMWnjpkJK90RHvTGXwztJZ25+dWiavi8RmqtK
+VRIYyXDpOoDnwMHsErv+UFxyXZyXR99+WAXTqnnRlGg3hAIPSRI9cqYWJ/sRBXHm
+Uo68tjnHHOxCEBhS/3uPSKao46ghZcwzSeHCZOxfIXn6w1H6FOOCtqhcJUImvkRr
+Y3moluXM1y248TPdh2ZIens2lFMTrPX2vULu8wfB9vlMfT3/4iTX8TtwVqeoan++
+uR4HNdMKbz0uH1WiN4hPjiP0xT6WIFifHl4dj/L6KZkSh2Uq05ZAmp3drU1sU4sC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQqDIiS
+u+3AuX9uuuWBQfvKy+XFuzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBACSsmmR6IXJdUbHjTfO5uCmfyuCz4xOdijYx/c/t
++rwAWy4c9wew3SPUQEdQcAWM1IOGYJ8IEhNvi6pajAntkQ0uYOIhFn31kMInLxUM
+aI0hmzspV+d0Ethm/MezKqusepGjHWaM8qU7xgQAmaUc3n8gos548xYhkdc6613i
+Bi4fx8M5hHvBhPlbNFR2IbKJH2k2nz9MekYyIHgq8u6dkNY64IUA255mGT3ax/By
+1XiyIBrONTZuR009mhkajZZYUA0/Dgm09tu5xcg0P8IVFyeCO1TwjToqsPPVXU/r
+skUF4UPD/IEcSVIVIEVTP1al/n1oCJk+xJiO8NHHALxJYi8lmhAJM+OGQZYCmskW
+EdLL0Fxp3wLouawmPvw3M0cysMR+WXn6OeUpQZZaAIJxeGbqvadV6MTpTVxxeXmk
+6XduNpZXy524fS/5KtfINzwIMZ7nDTPLQPE6ZyQtZYg1xHHcsayGHCoDM3gUYMV6
+VGPMnaaLhq4H8oE8w0KDPzBOmG/7IBOzTnSTHU/sVY9WgZ9CxaoEqI8oXRpFv5vy
+W+S69am8/KmuRXK7HpeiuiZlSM6BK3buqaTuhbylSI8sRbocwYAi4Iwgf4ID8178
+VpJoNN6KghIv8jXs1ONOqBVW8QCtggcTUGy9JIXkb9cBzpz6c2WIhnAiHbvZ41v1
+sVo8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQKf9zE4rgqqCFJYJw4aJQfjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTA4MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAhnaxumJ578Za1ADuvrTXdUpQHILtdkopzTkQs5Yq5YXt
+2BJCs7I5oZOIE2EN9KmTDgnjIG/54XZAke57i0WKFdK3Iw/8njsgmIxoZzPg3FMj
+tB0bYyE9UptQn0V4i7i40tJ3EczVH4zAXPXymxM1EDGg/h82Q5zGxLhQPUQsTujt
+DplqwousVOWox7UQuHPBzP0UAuL8GRyHeBjA5VOcWvZ2qNmqfzqnaAkrnNPwqJ5f
+c9Q9wiwy6xKnXjdv4/X8zNK1fTQdjX/GTge5mSJxm1SnBtkOrSdM2mdOrl0v44b3
+CgKzX/23UkK/Do2Q+whyutCnJNddXxl+WSIMVbXU0Gqk0FPKVlGMxMfmJ96H2ON0
+HqnCNd7Qed2OqfV5jGhgZ7v3M9SFMZSwxACOGMS40ywwYSCkPNc1WnvVSAmOQxWI
+pCMXR3NViZ698CkLqI0eTVbVYFZltMyueam5RKI1u63msDGulESZtRakk+fIIL8P
+T7KHFJH/0HJ74jEF5XRaN+WwPJwsbDmIZJLSQALci09Jt54emL/l6ZN5iXoi+BAD
+Dwa0ofCEe7S3WgOWkMftpLSl+tPL6+FN+JDT2f3yUQV+MTweDCu7JlLUcD/Yt5Ci
+AiRgRoKNX5nGO2DAm4RQCKC/QNk3oGLrkqEwA0ZcZOmKcxEpEuloySsoa3gVIiMC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSc5WFC
+cMjV2lxUJO5JDGXPeS1a4TAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAJCq8eVHmA1uM9T7aTWzIAScRwqrGy5Upbq6IxEN
+XYDUQgEA+tcfJKpHvfPY1+3IFlQ6T3ZUin9YC9HjRyWcX7mln9zqdq90RYn4JSum
+GJ9k4so3Qu0sFb9hNPnTdsPO6ZAxD3X1Gxno5qMADSY+FMez3picEsqIvuoNGsVE
+uOHZ/bZ7KpW4Fd6jF/OxgkUu+x//m6EPYE4C9hA1gFB5KL7l+u4JdrLiiA48vEZk
+N0nIZMHSGNGcy/XehrjQqhUBiSyixd8AsM/vZv5NJjPMGv3nBjKKq0M5Dn960HpX
+XoeURkkxdSKdr8gj/O/inLxzlWeEXTExLqpAdIjntR+vcHR8Vb7iRWFIU6IIicmp
+pY4d24aafxuGrE5De5Zf77x+jZ8o94Q/Tqy2UsEOQ7cfJmI9f+4Edqreij13kxJA
+FBHQEDZseF/9KqaIXfvDd2TtMvrd/Zh0wTH7roITvhbAQ4lduxEqU1RNpkqIIx+b
+YCkQIZw6ruaL6tXCYqfK2rtsZjGviJQ7DbdALGPKay71nwTUMpb3P34gu+v8dsMO
+lSNMIjnHSjCb2jUd50UHoIiaBJp8DJA/UFwwjPI7f2bfRatAsmLNnnznQGvZRXwR
+u2yUtqEhrTH0lb0oLIcambmqa132Ke+Dib2+oiRadIWfJG0+Mq9MW0BAraqZJMbz
+4fr2
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQXNMI0GJKJqwlT6JiQeVAPjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTA1MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAkryfXqmcvK/8jNYqdn+/k6/UJn6htjNdVuccORh+NAIi
+uiXLgA/BD/3Tpc5y/HJVwQYlrlrjx83WJhdaaAERGGmRs/PowJWYQK/gOY+5KrjX
+SjmkuXkRv269QjFqignNe5nl40y2jk86MgaoIVVcaOkBQOvPmhnU4At0O64SHW7t
+6D44/7oULeBwCLpKDofS8G/TVmnUGSYZUeUiG0ejmwRUbBRn4ZTjDroPQau+CDkp
+2txreS1POFdWBjYLvgr5hnjRRVpqNw/2RKBgGe7vnOiginzwkI6YATMWMm8WDhfG
+wIhkjHeagyfsdilh63KQ+nlUtQawcM4jBlY+ybAiTRuA4HAaQpyOB91OEOUaVDnP
+WA3TQdVczaukqFLUl20V0Ge9rWgab1Pl6wSCap++8nIi61r/1ihPTKLUtinIPetq
+iFVq89wLT0QSNvQMKbYFZm7M7Dq8aJKw1/i9LmVRfo+eEVoR2A1DtpK1ZjhFVYmU
+stPMoqU+5debfNpHGaMP4WF+ToElKNY+RwhpfaNdsBetGzgmqvMvCVFywMyl2TEJ
+6WzUI7CL5qYTTBWg56kJiYaOwpJPbHDaOzvu5FpeEli98MaFzJleekwUuljs49eS
+/npjLUTJgDvPKUWWnqJXwvFLaDB9L9una7RDoLsY6aSJr0dzoc/gb+BbxXp9uO0C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSgZmb0
++YCuc1eyHYUItB6MMr7+KzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAAKBLXFJ3CgVGA7oUXZwwTjlAzr5C2om6l6L/agh
+Vh9vCnWIJ7CJDcbhEGhGfbggZ2dKK9xGanTJHpAmiFssfJra4iKwohrXq48ApFjW
+OP4/LUWHAXJFABT4nbqSwpn+kNRmAJlUAO0pEx1zB44jv+UWq+7L2wFkVW+3FobP
+MYzFd1g/AaC2MDx/DQlXVz4rA2sDJ8V1vP8pS27IK4sin5m3UyObmySSVaqoRB+w
+7vhfpp2+bNKCy5JkmEL9//TlM7/R+1Im0nfI8aUVjiV06bEt4yH6wTQs8sMtgqEe
+wr28fZHmtQa1GSvwO5VvNqVGth96dLR5qpT23tjG136ycD2+gzzYFNKo7tV32nV9
+Eypslwt2G0CWQ+ZC6kSxXq3ZnB6cOTbNA9ad63uQJ9BDrG8f0VdurynKQfp5xbnN
+3jSoAddjM7P5+GAUlydOUgQXOu+FPYRHnIRzEGcOgG8ywBHaVQVck4idumaotFCV
+ktGwsc+8CrSK79FtDcEDitohQP7rmfu9WK8Zn67LgJ6fZkG9ifiltI3gnIcCUhgY
+2VqFA/tQk/xEH3YV5kZDa7j1H7nLwdDQrDpfS97K5FeFoai75y++JimOBzpSbXoD
+p1hvQXEotIh7jfiWogsvQdmMcSezSYBWYZqsdS6eYgKCjULujRPLbBPCM+AwLEA/
+TgX4
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQZc4W2t+DWVcveeiLPgwZAzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDE5MDIwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDjhfNTJVsyLcKTMXSV9F5fDG7chOB8Ibb6guoeBOEo
+5JKvjShJDQ9XkoU94sPLhi+IMdfbUjm5F8+X3pt5MGuau6Oc6bcdAOOktV6bWPkE
+vOgSBSP3YVTWN+L3UQaVcKlgLy/G1jNsrHHpx+iOdjCqUQtS2/Ml3HyHvTrKceMb
+1zgYflMRx7SayhK6B6E3cap8JQCgnF6YOQHw1kVJimEXOqkh0++Gy53cmZRMEhkG
+itNqz7UKfbTbrTcWT8tapkEzSWrbrjsxD849cQCPj5+im25qFH/LYGrK8e9zWK2c
+MCmy480t0qzAUO7NETmDMrS3R2O27lb39NIwlmZyHk1VIiIPwtdfhE2ZEn0G+dp8
+uTaqR/aX7FD7xTa3Pm0LBlsAPtvVzC7ATqNFc79l8z5ALn2kBoc1bD2vkDDF8xX6
+00GxMtRNQ13jXvrMynwtiIKrt1e9Vxg+ao2qzhDAF9shdnPy6+iRGI+qcu70d8L6
+lfjokQkqBA1uYPKz6OJRo42CGVKU+3jgzYRWppyE5R9MY5vGyuqFU2m6ij9UO/vW
+Y8MDusLlglW4htiYnmYz/bgRi2CwCgsQSWU4+uzYh8fGEjQSqj0cEDKfv2S0WumX
+bLgGxU01oXsPmv+AqU5FgBrETz4In+Oij9E5VAU6XtdeNKLtB5Org1ZukNDTrzAt
+gQIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFNJQ
+VFIK4y8onDwANny9/LcEbDimMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAMP/5nyHW5/q6GtHEy3cISdmh9+3Nnri079w3
+9jetdlRC0FF/X40BcnSPpPxx7338qrPm8+Cv6S1xVFqldkpxaY4Jb5k6dBkwhz2J
+5RTxnKLs5+PdC15yrNtQZuu2iDz9llB2jpknjHj8koihQZQO7Y58kHXtXQAhU9vB
+PPDg45EYuCNestXwJmmt6NEqxtNduwhLJCoKZGeFuj90xNlkZBK//+DcjE/HEC8T
+IJ/yLSAI26xsrsVXUsApjVz+0ShE+ewEpz+UWwE2CYLYsHIg1KyN5wlpxUvXK7Ez
++kaeuj73VMlan2qKl+CbuMVmmsi8U3thIRHFOUu4cVflDo7WO7gH2qlHGE7UAaDt
+8Or3z5O74srBPmXYfZWNkRwtOQTtDubbxhTT6kzkUeBfIuDOc8ZsZfOkyUN9mLZl
+C9Sv4XoDdXtAjShZmdeXrazdwY/rgCG8dC0nRSDl3jGjQQZRYxYIHHTgpu2ZAAiJ
+xbL9gW2fKyhKc1XmLz2uoiePuonmg/3jhz5IoYrB4sQQoOM+/zjUhN+gjIyf9B5U
+NhuYho3Wdn1fY0TJqgzA1DGIvQ2tWGOP6L49A41JcATdbUEnVUYnn90RBypUufpb
++xAeSGjHGiuPnCN8RB3IJtc0qoc5V+Dzu7jHHx4dph/ETwvWGY5l+pz64rgb5fEv
+oLZJ4d4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQU7a2cccpSRJ0GhYwprYbujANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTA2MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAoAe2NyLzCgFoKWtYXEScR+/tIDHfLKn/kmcjuc/544lr
+SbhQ3lNbDWDi2ZKHhQnsbEib2b5wrxeB9CXZQ4Hd3DeMxkXnsdlvbAdAtwsKoqlb
+ozgw55e4tlz2/ueyJ/QBNo+iQKR2GYHOxTfHOzvbglDLUkDOnrkyYZFsL0UHg/tw
+V0ZnrsQYeDDoKTbdRXE6xosLUVEc+Z80vrhXtqlDoV25yH02zoNQJeyvtnwBXESA
+MzQTteEsHdTPxjBarHL/8ESmW94tqWXD6axDUmECeKsonsyy6ME8PRrxSdji2dtK
+JB3Nvcj8yh5Q8srZxT/ul0iZAmPEG9sV8VSXPHLJwxDBLa/u7BfB8yP4FtKYz17z
+QXtnsj8j02BAykU5YgjgAbeOUT6lcqbtUxMS/mBS+Xx76MBo/8KogW+XXUb/Kx6b
+fR8U+Wxyb4+1gu9gQWFQgMfU0efBO/8n/CeHqTExWeCz3AWWg0CINl86NloRqBi1
+D/UtfmgJzx3PE7KM88HNDrrzimkuVrgUGk2L4jld1CK45ZiOcriiITHVKn5dsham
+e8W8BMfXwi64kbnKjx3ZZfC54YbsLqJ080X1Ojydjvf7VvtpQXBsDp2DBNgC08T2
+dBtlPDQRBir6JmYKAOauCBOmFa/yY+3C29l+A7Tjyn0ZLbc5z1Z/RVIA12Da4b8C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRClzrh
+1BAwDr/YRRyTHqgM1sYsZjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAFA5G8WfcvCWO7cTxsoa6ZUqqmgEJA0+yG1AQqU9
+wGDJGBuL7QtKrNxbXkB0sm7wb462XTM+ODBqOgAo7dZExeQzpsxX0ZRr6SEGbmlU
+ULGJNA5rLrF+lhaHBelvo8uvYAVdmFvlBKXLYesgUEyO0BPEVCVkCsj4Cj78kBVh
+TsqCn9l7FDsYWqhITk6iW9dn/+VwJAhgWsK5OuMsaIYFRJITLEf0yM2XQbXx+Wxc
+1VQuKNZzdRArmmsmopNGgAYWTKjldRbPfF583T4bYmfOP29vXrixc9K8EyoQo3gL
+e8YVpRLS+b9HBDdLRED5TNZLfh4PpuZS3m8G9Fsy2ZWCFyzR8TmT9xePT9K5dqsz
+fW/zW3QC9J2dIn7P2lqCycgiKXG+Joa8/+ykdPRM5BdMJEb1IPV6fMfOrHZfYABO
+I+LEpfaJoOwZ635xa8yl7CuCRhwJ56naoqOLwdGEcLzVEIBgfCqM5uoakByOHQ9A
+4oOgVPqJNJ+TFPJS+JagbQp4Vn5cVC5iWEDHhbJtBxiLVPAVzjP1ORPcB6fpQuHz
+Bbv7JAzdWu1YQMzv0JSU2fhdIMQkYzvvwprBsfdpyfy0FKXvV/m9PwWk2u7hmdR8
+s9JZBT46Ce8vTbvGQ+TQJGuYj8ZAF1EP00eSPLrvwcdInMXttvlJcghOiHGmukRe
+fhSV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQI3YVrWANBzUmxRgckHPmEzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTA3MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA1ZU+dyFkeqfwA5SXIlYAGA3IIf2QydMcBpTV/tC1dzSn
+kW4nQeM+4tvK0XCH2+etlcV7/vZpuwvT7GAX2265X8pvYbJSWidLX8x0JydOmpDV
+JdINIMYLlsedIalaJY9tDWf8g65tRU9tzDhCQkaIHzAXIDVI/shjC13LZBCIH1N9
+Lgt2USI1O605PuPG9KBwxk2yMwLJlDXJDuNdI+lXIoXlDIRsjN5fj7AwQF2QpkI+
+E7mS8eljz06JoYRhy78bhG+FDtFJQIUt8PCq3cAYRFvYn79uFM6AXiPQQv2mT5T5
+dJU2Ar3O8Z6xCYPn01/vRV48aVr3S5BSi7IeCABLVsrRLnsI75Ab2f+xE5SLRLZa
+nSdyT/8KfO/ShGV9SfZ9Btv+W5nll4B10mENynotXtF2/SqvkmwVNwOx1G6eb5R9
+VrOPZgkDPRhw3plhMoXhYvnSarMlfV+fIl9SgE8SeVmovb5NgRwKSs4EAPZOF0zN
+FTXdIi86v145KQH0yn3aWK5BIBp1NR646+J71fH/kw5853T/WxdkZA56xUI0xTUd
+v9wvLIZ/wHX0nCiT9cXYAbXCY0MLVM8QLusHUJDJg9qgEQNPFfv/f6hjNBNSJj6F
+xAAgNyUBgGdUyZLcpnwQQkOxFHnyOfUZdE/mvqasgcPUnoV5zpzRQ6Jc2ycajGMC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBR2dOVo
+wS8KmZd3OtYxsHo8HLBa/zAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAIbOjonhH8ddD7Iw9Qei2DYkDCqhw0erRfyljTG0
+L+OpIik/Zl/e55e5ld5gZ/fDPaDH3/4XdDOvGOYzIHIFKFrZDnIYmpPECYdoo6Ly
+8GcuhxjFlN+Ed2AjEgUBxKDQTneEoOAl5YCu5n2Bqq/dAtLDiu1IoruANc3xqzDz
+BWdZrBVQ7wEt2X9ZtkG12NWYOO8SrxmETkBIiHqmiZfgnulWiEBKHgVFhHGihrgk
+XXy1xHRIGr5FQ5Pl4LYbTNFiRjGy/zSwJ5f3kjycd9689SMPzQefOlGFFelg5t+s
+T1u4Pw0+/tUG+PcOF4Wp3PBViO2dQW0kr8cSRG/k6ZODgMwtebG0PxNA+HNhqnsI
+8+6jDQfd49lb2Z7YxftxaKzMUP4VfCn98XgO7XVNseR6EytL5mm4z5/KpqrhuggW
+/CLGrNKXBzNfXI8u7Zv9A+w7k7IYg/Q41H9G/bjiY78la9ePjV9pQwlPAyUHAfIZ
+SkK/ddDfj4Pzm6w9CWnpsvEUvp6kDvYbtgRldw2p/Rgr8WhOPnbUj02orZwky8eh
+OQ1ZWOVqp7SYwu0FyPbgRC4AOC19/ZKmzJA7iXrlBsyDupOD6NttX8YMzs01tpVL
+2PZiRdY7ULXZET6fTaJgzO/yGbDjeTR8gFY+eIwV0IoyuGvZAyLtB0PwzOzNTE1z
+mEeT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQRnFESGZDsblTmnu3Dy4UQzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTExMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAy9J6OSzGqXfY4a4c4c6YUXudC9XjEIwCKXOgODikoU9s
+O3I32tUosrTJsOQHLlCHaGl4rD1X2lMKeSAP3YhtJPl7zCq0ZBi31Hr5Wgiiegls
+7vQAMLXs2d+tLEdbU1HuWjx72YwxqJ297+jS3hk5yge0Ux4TxYv/5RnGgBkDrxRe
+p5fReWBv5z5YQIxWUFbCiMFBzuMeyzarot//ZstY3i1ILrxOHHmPn5Bm450O/qbs
+o2DM8Rwd8CpZTkPL9RYSqQ1gDnvm3cmCt1q4y4q8dg7e9URxzmosn8shKskbBNCi
+1eGilR67/oFYRzDsPfNy4BdyBYPQonElM1xCAvUfhHEXBHxBHkuNulkpd01hqie1
+Nv3DJesIH/M6okqxtwYkK0+5yt/IS2Sw5NUSr8+66PkEFvZhzaWubXRB1yCZxpHg
+b9zjTyI0+8cD82QX/y9m0EThmmvuW9hXZDmW5JfHcHGAjTH7QA2/qtQQyWwFFEN+
+rpjQqh051hSjqDCcSp7hsF8os7v4MbUSGSwuo7cdKWTfT35RiRjEOZIScRM/IJid
+B4sQolOoGt+tnY39GVOpodIInTslspY0ctbsSxbPxbSbqG/uMKhpXob+zo9YhCUQ
+8SPc2037z12VXLMkm3Gh+cu92qoTcESjR3ANhlti5PtmxGRRJ/c7ayGu7fBiG/MC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSohnKR
+7k/md8fBjIZYlT/GyViNRjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAJW+fAezZh2botN24JOKclQi7B4+rE+h+IAmePC6
+1jj6KY3e4QP4H4gp84t2HUwgfFGJoIBO9mc2jaxTtoB9N+PhdLGMyvxdlAsdAWrT
+fHyHqqbnzlxvZE3las+NuVpibvO8+gQailyhfzD8MpuVExY7Hiva/n6+F9Btpil6
+TX3nGNTWvGseLXyrXSJhj7vr44g+AsjA75xP6sUT/JYmgGnSNp/7u4LGqUUvq7Yi
+6sGgz5Zsl3GR/CQUuvi7sKm+VVLBUpBUhkXiQe02EZsEwXXxQc8dz5NKay1pFjZk
+I+PqsZBNMnAWoUaMxLj67GC71fpTU2dBUw5L+RBGLYlNscIoSPqEe4gfUjwfvSPl
+OdVMPqzYUWRhBCu0c0AokYircPy+LvB0UElW7XMB6gVerPd032ip4bRE0k2riCZO
+CH3J8IbHoqdU91Z6oXBCqAcnEMIqjudXxSpw9TaLFfhMD5GD8BC2tgrBCv58N+Ui
+m8pKNO8ZExTZsvkc81RTKSwrciQIq7uAwIS/NNpwUIP+kyCe/ql5iq7yK5vJ1r+s
+RqJjcKmEpVZ+IcHWoOhAErLIJ0BQzGraX99rPHA1OqRWdQG5iBsucyj3stPqin/z
+XyCS6NV4pURO5OdkdvqtrJ4lM5vAjNBnj7zdELBqxeKAkCRsLEusJ9WepFOXYMu6
+yjpy
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQNQy52niTwlxQD80GxG0ZQzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTEwMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAz3OfOo6qKs4qbsIPV9k4K3CoaPN/yrYOBbatMXsCuQJr
+yrDWWPl2zZCc7b+JE1fto3vN+8t02uyu4DodwjBogwsJ8iHgQJPD5DGjMvtcfYHS
+ku53f5eQC3hq2ae86Hn8IDSOh3C5m3TnUzqbf7jHGDG559bvpXgV1FGe4CL+yXVo
+ceVjJuiJEQl4eG6Ri3dGZ2l8GczpiZiVbJW1xqNM2MT9OgpPT/AdykJxwj0TVRI6
++h3dC6eKW+7T4VgnrXEYg/q42P+kJQ7P4hmog4Ripq3yarxPUBk8ix17u9QCV75F
++bNEFtFgyvWBwca9PBTyNsPvoTUCg+fGsgwLdzA66jTxsam7UWgs4SGcRDXvQe6N
+VkXx4oymeKsJkkqbw3jqizqLvW+SmQQ0ZBlC7/ro1Le3ibmd9GMelckr1G6/YTor
+Gn0tguYm6CNh8ou5aed2edXz5hy56pbjwHoUZcTh359wbShqKEMuKqDmeY2fe/Dr
+jm48wEyX+GGJcPPIvfQdUIsnAvH3AGcclV2k6dSC0DtAa36zWFrGPogrM/8KFlpu
+vjPmukTWJCdN+O3DjH4NXL59zrpWEijyKYA/jDfCY5tVVPwZez2xjD5DWFhRLP50
+EBlWDX7uoY+RHI8ZWiaiIaXvRV2HYIxsQhhSragr//RNf88k2lKeIMQDD0V7LAkC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTENYn6
+8l5fFWTA1ZWv3adyIryblzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAB87wMyYRfPDKBpSIkkD2M5F9rwBS5tc+glgacpd
+2VUiAs5ocNM76bH/Qeloa25xIzzA1tOJ7qOrZku+iyb2tB2JkDBL+Gntvn3Uq8P2
+e/n2qfRXSRrsEMUO/fHZ7+xTIHD5OopXpQateadqy2tH2NtPAwJDHHEc5E2ut98h
+bOb5WOE05AjPv12OZIRVikmoQwG9ObIl6wd21jiiSbaaMudZEa4eig8dvn5t4RTL
+3HGCctFq+7eqBU/GvaQPRnnfjJlgWyBtSHz+nfg6+v3Ib96neWjD3fr87r1QXH1b
+clYFgVTFV05/q5mBdiOGaxnKAVMhl6Vyxr0vP3RzLzrvy38mZJ5jOMXgK3Taqv5V
+4EkKC8xmdIm997JidaNcRBFdZCfN2TRc43EdxYlmtqwqIv821LIRxL3a3EkScWMf
+XsLubh56DRhLra4KssfSav4BkZA2JIW5XkEAi4LcsRPiwR/QjD0/n248IO5+PXKK
+NIFfk+WX5GKUhZOEflBr3OkMCxVYnwaGujho+6rnwmHser86eU9GPZLpfhXyRrUL
+C04neWokRMVtg7h9xy4au5k5wuqHs+ZIxGEewBQ5laTBb+DEeVChe4tBUq3UVgT7
+rToeN1/yAkOzfOHYQUHaaW3phaGgFBqzoVHNCZXsbblKCE+gIOKX32mEovhWW1ZU
+G7fP
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQPuDnSHhHTTqZoeTzshVQvjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xODEw
+MjMxMDAwMDBaFw0zMDA2MjMxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAxOTAzMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAuKEWWwBCN7fXRQsNfbJSP/vsviLS6ICHvdMDHWefm9pR
+wyJ/2mDqnUpQniFL0cskaeuC3UYeyana5VSWLWqrnWUxWZuDu2RtC9M/S8KSyPaT
+pN0XWL+OSCSajOe/YECj7w0PecorDkrpERlVxsCvL95G4Hk86nwCfdu/GY+PwDkR
+u7XiGRop924mN/rWe7kCDArofTnlU6UrPw7Hpwe8t3Y9AUTwZI+N5mJfYDlCpiLt
+DsV+H0h+vdRxLFoNH3rjqaXPIhwNVjY/k0crcpGr8BepA3KrpeMyr11apmB4VT3w
+CTFCOalXjr7KBJ04XHa1uOyjbKguRsz0NB4kQc67qn6CxrOOTD3KQn2Z/+r7IDel
+e4/fnYn/UUbJAhxKYcBzfms8tb3KZkhjLDJeJdaGavYrhlpEAvn16Xa7XdrkkXbe
+byBRdCo8btKXdJztk6N46jY7xkpQBRHHQ0FsXyk8Omd3ERw8zG8e/b5uBLg5P4nm
+SCeCTdvvqMj8ROkjnp2usnE5p6sIinjeRMY8wDPDlpIOiewkISkzURXRQuH7tbZN
+6vwOJq1sos7Te83KKpOuJ9GW1hAhSB+zc9MwCpFGE7ko2UnYLsz5RNwScoPHQBS9
+KYKDRUn4dsQXlcy/Ebs19aJJQ8AIgFUIj+Mpn6z94K2d4dop8Oz8VFZl3sEeQKMC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBR38Rda
+yse7/5jR/MLrYLrwH62sVTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAEvnIGD10thT/1Nz0WCrxPfJKsu7btqGbSmUSubU
+oWY30vQPZNLiyQIytXu+2KSoxfaMV9JRh0UAaf9d7wcc2nt2/Nj040yShfwqDHKP
+kZr69zQ4M9H4zBNvdk8l8j9CLYDtL/qOJbfSSFhLfBKWLE2+pW1o1+fkwp4+BEyO
+9DZYDl51PxqeMdcOVJ6tcekJYk+efI652aaY8Rm4yLFgz0HTbSMviOwU8XQ36qIx
+4NTkMqYMxxbUKi0zuET2AzzTJBnCTSlDR5osFptF5XP6AKZi6oQB/pNPUzoU3iZK
+/dsm4jBNE+49iwQznSImCt3JLcGUDUiBmHKSpruVqL7IMeXrKcggR7AP2QomnmXM
+EBw8CHlRhw0SQFAhdbw9H5Bx7qG/LPu91/cdUMpm4cdqfXHlg4exsRa766oOJmaq
+/DklDGm113ckC4GutTPsNjLVNxB6+yB4gy2G25LxcRtKcatidOXTvHAqeSkH39T0
+O74FEglw6UKO1ZHKGB8ubfi/XIXqaTlaA97np3N1dk0lGosd6+YotQWYTQJiPzUg
+tpVUg4wf5qqzv5nDYeEphASv2HzokUuTog6IwuPn7qCiRIMWtU5OUxng/RC3o0o5
+zpyF9MB72GwcGutC+uJcX5WEjOU+RNo1HeWxGkKBcCGfP5dnBQc4CQi8syDm5x2A
+Oltg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFUzCCAzugAwIBAgINAfD3nV54J/tAqRKzEDANBgkqhkiG9w0BAQsFADBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMTgxMTAxMDAwMDQyWhcNMjgxMTAxMDAw
+MDQyWjBCMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzIExMQzEPMA0GA1UEAxMGR1RTIFkxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAv72WKaCDZTTnN6KC5yhiaDZLawHdgu2zIhpeHogZBdpibue99PU8
+V26a17//FpbCHzCLBxq8IDnAcIGBtOkGJ+QfHcUow/iFccLDQrhN4YlHl4hhEAae
+jqXKBy3U+NN2De/rfdDB/QX+38MZnfrxcLudTgS8ItVbmA9kC/8wnGGrMbLvC7Kh
+Jk6aPspN8hXzmjfEHnz3Y9O64eu9QBou47trCZspr6bXqW/XZV/b/KiOlsprLR4p
+obkd4gOkrLSNMTsRcrTHh/4SCPYLR6QVoIZ1K2cmLhJHuxYTOy7ziG0sQmvku/Sh
++GeU2Pakm3wSPubxQFDofYs8AQ2dZYfwYQIDAQABo4IBQTCCAT0wDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdDgQWBBSGIhBdhWAl8joefQqvYSqzFRoKdzAfBgNVHSME
+GDAWgBTkrysmcRorSCeFL1JmLO/wiRNxPjBjBggrBgEFBQcBAQRXMFUwJgYIKwYB
+BQUHMAGGGmh0dHA6Ly9vY3NwLnBraS5nb29nL2d0c3IxMCsGCCsGAQUFBzAChh9o
+dHRwOi8vcGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3J0MDQGA1UdHwQtMCswKaAnoCWG
+I2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMB0GA1UdIAQWMBQw
+CAYGZ4EMAQIBMAgGBmeBDAECAjANBgkqhkiG9w0BAQsFAAOCAgEAGwepaWYDaga8
+oDkqj6wNomRJ5RlcSkoHOZ/UJelqY0ZpRhKI5b6ww+eKuV+N98EF1yw6eUzx4W08
+RaTQiT81ZlJih+ic85efKgSeis4vIxYZqUKvfDrb98h8IgLFydJ1ZRpeZPld62zg
+urd76TlpZh1CxIdVch7WSDDrYwcjmO5OgD46lXVem34ABfpPpLpxQhAtkfoUR1gK
+ZtR3PSF21/R4fG8AjIRUiWZXWgaHXAunJuXwkf2ckAQs7mz7scL14g/6+q8+pnhx
+ntuinZcLxxDuuoRl8nFsUp6ga8YHbqNYGTsD0ZZi2CIaXRcc/iEEusSIuyDmr70z
+nc2ce2Pr35RWb49s7dXASXNFfaOE2VSv3q9Bqspg8hdLSP6UjvvAdVxDjgrwKajC
+yugxbt2W1mekIciOfupvgL5GOOblsRz6KYr/PaN08Mxsgl6eHhSRQ6ZJNDbCATr8
+3IctSxiARHmXZ/Og0uMVX3cKMtJUBBFKeXo2ksWC6MAl/WN0sXqLb7U94r8uCSVL
+ie5nv24J3Rog0Doj7LLPnwMWZZcVi5zOUiXAhucASd27iX5Iq0eBoVVIJzoQEXti
+t/na1oW2LoE2xIabf+n2f8eMA/A6iWGxbUm7Uhe22gn2bFgJBRWg+oBKIodHVeth
+ZmdKC4kdqYN6aknIFoKS5dpxhOcA820=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFUzCCAzugAwIBAgINAfCcWw6iKTfPnuRBbDANBgkqhkiG9w0BAQsFADBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjIwHhcNMTgxMTAxMDAwMDQyWhcNMjgxMTAxMDAw
+MDQyWjBCMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzIExMQzEPMA0GA1UEAxMGR1RTIFkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAqB9XbHMq4soQmRpOVF9CsnIPC2uZ3ITR0QRReBLhOY3sWwjeBctq
+qMcocN0zg+30c4+UVAcOdAxHjEpVakbrtcqfF71wrhau8o6sn+y8MrdYAtrGrYzn
+s26KETX8NIzxJy/v31wJOQnW/WZEizes4JfO/1Mo3qWAiaoctsiHmL5PG8xQkdOh
+PNdHu6KcgO0IsJ9BCCufd9TpJMb0EnO1WK3WZLQdgmVny5FkEqp0Fz5TgQKekHya
+jnbujf1T09AGzTQgO0Btz15WL9pkMADMWKwYtbEurJaHrAgejMHWC7KjaqH3XlVm
+FMJs3rDDIQxyTRLBPqRLaiUkzxvBBnmrlwIDAQABo4IBQTCCAT0wDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdDgQWBBRtZaLX81CPCXhlsWKivjztu0Y6NTAfBgNVHSME
+GDAWgBS7/8qOI59Pmcrb4mimpRUnFx7ZDjBjBggrBgEFBQcBAQRXMFUwJgYIKwYB
+BQUHMAGGGmh0dHA6Ly9vY3NwLnBraS5nb29nL2d0c3IyMCsGCCsGAQUFBzAChh9o
+dHRwOi8vcGtpLmdvb2cvZ3RzcjIvZ3RzcjIuY3J0MDQGA1UdHwQtMCswKaAnoCWG
+I2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjIvZ3RzcjIuY3JsMB0GA1UdIAQWMBQw
+CAYGZ4EMAQIBMAgGBmeBDAECAjANBgkqhkiG9w0BAQsFAAOCAgEAEGHBHI52AjPZ
+aGwhI2S1aqD+BN3e4kK5ygYdX4esk2Fyt3C96VbWGuMaP5nbb8oc+6XlKBfyO2ia
+5Y2xpZKiJ1nbzDvFtxVNY72VDpEEdANBeObNovqFxnZg7G4n7rS9rF4UBcB3Ir+i
+Ji3G1pEiv1jJHUlAPtEPsNOODyKpm3qhw3zbYEfr8+mtCp9jzcTcB5NqLEUffY9g
+hiKJpQ4euRFUZBxlfdcNj1kvyQLaHAz2ygwdrd9OxMHeyup6fkXrleZnfCfU5YJj
+VxeL7kdO5AeyzVuABkrMBtwiYhxYBbDVT3Ar3emz2SPMV01TC8mXENyCCKeZjykI
+oZsjBkN71c30nHoLleflEznRyWvK6BpOkqpekg0I8PDuKg3GKAbvQ0SQdbDYwHHc
+12kE6fOwDxHn2ggO+7efLO0IeGva4ZpWx6T8XNFNFJ/2akwOI8St4zlNEmZr63DQ
+2VP5pQ9c4fTXi6s9k2U86yHmTqFk5UOGHp3W8VK491nZwMq4umbApZ/Khlo1W5kJ
+cx5O98FfnNGzJp8kdTCdGTQmCPsU+UEzjosNw6NJFhUjZlsI3rQwe6W+VwE09M6J
+bzQwa8yMvvdoy+bUnEC00MFnrj8ErJwcjuLnFTJuZVfUlZw+nrbuSjajR3XrH6/F
+xIDK4meJyr4o6ngs/nUaeRfeG9XSx5o=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICzTCCAnSgAwIBAgINAfCcV4rg6fwYVYZ8ZDAKBggqhkjOPQQDAjBQMSQwIgYD
+VQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjQxEzARBgNVBAoTCkdsb2Jh
+bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTgxMTAxMDAwMDQyWhcNMjgx
+MTAxMDAwMDQyWjBFMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0
+IFNlcnZpY2VzIExMQzESMBAGA1UEAxMJR0lBRzQgRUNDMFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAEWgDxDsTP7Od9rB8TPUltMacYCHYINthcDjlPu3wP0Csmy6Dr
+it3ghqaTqFecqcgks5RwcKQkT9rbY3e8lHuuA6OCATwwggE4MA4GA1UdDwEB/wQE
+AwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgw
+BgEB/wIBADAdBgNVHQ4EFgQUgIz8FgrI85nOXJO/Y+NKlsucmbQwHwYDVR0jBBgw
+FoAUVLB7rUW44kB/+wpu+74zyTyjhNUwYAYIKwYBBQUHAQEEVDBSMCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC5wa2kuZ29vZy9nc3I0MCkGCCsGAQUFBzAChh1odHRw
+Oi8vcGtpLmdvb2cvZ3NyNC9nc3I0LmNydDAyBgNVHR8EKzApMCegJaAjhiFodHRw
+Oi8vY3JsLnBraS5nb29nL2dzcjQvZ3NyNC5jcmwwHQYDVR0gBBYwFDAIBgZngQwB
+AgEwCAYGZ4EMAQICMAoGCCqGSM49BAMCA0cAMEQCIHefcgvUaglzgnTWmDYl1CWe
+X3GXf0bC9zKDpXDXQSv+AiB4uN8G0OaMfc6LQXcg3EBGX/3ER7kj6WdPct/JGbt3
+gw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDyTCCA0+gAwIBAgIRAID1YG06FisUOtwS++jCBm8wCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MTEw
+MjAwMDAwMFoXDTMwMTIzMTIzNTk1OVowgZExCzAJBgNVBAYTAkdCMRswGQYDVQQI
+ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoT
+D1NlY3RpZ28gTGltaXRlZDE5MDcGA1UEAxMwU2VjdGlnbyBFQ0MgRXh0ZW5kZWQg
+VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0D
+AQcDQgAEAyJ5Ca9JyXq8bO+krLVWysbtm7fdMSJ54uFD23t0x6JAC4IjxevfQJzW
+z4T6yY+FybTBqtOa++ijJFnkB5wKy6OCAY0wggGJMB8GA1UdIwQYMBaAFDrhCYbU
+zxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBTvwSqVDDLa+3Mw3IoT2BVL9xPo+DAO
+BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwOgYDVR0gBDMwMTAvBgRVHSAAMCcwJQYIKwYBBQUH
+AgEWGWh0dHBzOi8vY3BzLnVzZXJ0cnVzdC5jb20wUAYDVR0fBEkwRzBFoEOgQYY/
+aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRp
+b25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0
+cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0
+MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49
+BAMDA2gAMGUCMQCjHztBDL90GCRXHlGqm0H7kzP04hd0MxwakKjWzOmstXNFLONj
+RFa0JqI/iKUJMFcCMCbLgyzcFW7DihtY5XE0XCLCw+git0NjxiFB6FaOFIlyDdqT
+j+Th+DJ92JLvICVD/g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDrjCCAzOgAwIBAgIQNb50Y4yz6d4oBXC3l4CzZzAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMTAy
+MDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
+EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMP
+U2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIEVDQyBPcmdhbml6YXRp
+b24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAEnI5cCmFvoVij0NXO+vxE+f+6Bh57FhpyH0LTCrJmzfsPSXIhTSex
+r92HOlz+aHqoGE0vSe/CSwLFoWcZ8W1jOaOCAW4wggFqMB8GA1UdIwQYMBaAFDrh
+CYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBRNSu/ERrMSrU9OmrFZ4lGrCBB4
+CDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgGBmeBDAEC
+AjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEE
+ajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy
+dXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz
+ZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaQAwZgIxAOk//uo7i/MoeKdcyeqvjOXs
+BJFGLI+1i0d+Tty7zEnn2w4DNS21TK8wmY3Kjm3EmQIxAPI1qHM/I+OS+hx0OZhG
+fDoNifTe/GxgWZ1gOYQKzn6lwP0yGKlrP+7vrVC8IczJ4A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGNDCCBBygAwIBAgIQKE45wUs4bYiccpnljNBaVzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
+MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBkTELMAkGA1UEBhMCR0IxGzAZBgNV
+BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
+ChMPU2VjdGlnbyBMaW1pdGVkMTkwNwYDVQQDEzBTZWN0aWdvIFJTQSBFeHRlbmRl
+ZCBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCaoslYBiqFev0Yc4TXPa0s9oliMcn9VaENfTUK4GVT7niB
+QXxC6Mt8kTtvyr5lU92hDQDh2WDPQsZ7oibh75t2kowT3z1S+Sy1GsUDM4NbdOde
+orcmzFm/b4bwD4G/G+pB4EX1HSfjN9eT0Hje+AGvCrd2MmnxJ+Yymv9BH9OB65jK
+rUO9Na4iHr48XWBDFvzsPCJ11Uioof6dRBVp+Lauj88Z7k2X8d606HeXn43h6acp
+LLURWyqXM0CrzedVWBzuXKuBEaqD6w/1VpLJvSU+wl3ScvXSLFp82DSRJVJONXWl
+dp9gjJioPGRByeZw11k3galbbF5gFK9xSnbDx29LAgMBAAGjggGNMIIBiTAfBgNV
+HSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQULGn/gMmHkK40
+4bTnTJOFmUDpp7IwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDoGA1UdIAQzMDEwLwYEVR0g
+ADAnMCUGCCsGAQUFBwIBFhlodHRwczovL2Nwcy51c2VydHJ1c3QuY29tMFAGA1Ud
+HwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS
+U0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYI
+KwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FB
+ZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0
+LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAQ4AzPxVypLyy3IjUUmVl7FaxrHsXQq2z
+Zt2gKnHQShuA+5xpRPNndjvhHk4D08PZXUe6Im7E5knqxtyl5aYdldb+HI/7f+zd
+W/1ub2N4Vq4ZYUjcZ1ECOFK7Z2zoNicDmU+Fe/TreXPuPsDicTG/tMcWEVM558OQ
+TJkB2LK3ZhGukWM/RTMRcRdXaXOX8Lh0ylzRO1O0ObXytvOFpkkkD92HGsfS06i7
+NLDPJEeZXqzHE5Tqj7VSAj+2luwfaXaPLD8lQEVci8xmsPGOn0mXE1ZzsChEPhVq
+FYQUsbiRJRhidKauhd+G2CkRTcR5fpsuz+iStB9s5Fks9lKoXnn0hv78VYjvR78C
+Cvj5FW/ounHjWTWMb3il9S5ngbFGcelB1l/MQkR63+1ybdi2OpjNWJCftxOWUpkC
+xaRdnOnSj7GQY0NLn8Gtq9FcSZydtkVgXpouSFZkXNS/MYwbcCCcRKBbrk8ss0SI
+Xg1gTURjh9VP1OHm0OktYcUw9e90wHIDn7h0qA+bWOsZquSRzT4s2crF3ZSA3tuV
+/UJ33mjdVO8wBD8aI5y10QreSPJvZHHNDyCmoyjXvNhR+u3arXUoHWxO+MZBeXbi
+iF7Nwn/IEmQvWBW8l6D26CXIavcY1kAJcfyzHkrPbLo+fAOa/KFl3lIU+0biEVNk
+Q9zXE6hC6X4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDqDCCAy6gAwIBAgIRAPNkTmtuAFAjfglGvXvh9R0wCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MTEw
+MjAwMDAwMFoXDTMwMTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAkdCMRswGQYDVQQI
+ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoT
+D1NlY3RpZ28gTGltaXRlZDE3MDUGA1UEAxMuU2VjdGlnbyBFQ0MgRG9tYWluIFZh
+bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABHkYk8qfbZ5sVwAjBTcLXw9YWsTef1Wj6R7W2SUKiKAgSh16TwUwimNJE4xk
+IQeV/To14UrOkPAY9z2vaKb71EijggFuMIIBajAfBgNVHSMEGDAWgBQ64QmG1M8Z
+wpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQU9oUKOxGG4QR9DqoLLNLuzGR7e64wDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMBsGA1UdIAQUMBIwBgYEVR0gADAIBgZngQwBAgEwUAYD
+VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
+BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVD
+Q0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMEvnx3FcsVwJbZpCYF9z6fDWJtS1UVRs
+cS0chWBNKPFNpvDKdrdKRe+oAkr2jU+ubgIxAODheSr2XhcA7oz9HmedGdMhlrd9
+4ToKFbZl+/OnFFzqnvOhcjHvClECEQcKmc8fmA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGGTCCBAGgAwIBAgIQE31TnKp8MamkM3AZaIR6jTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
+MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBlTELMAkGA1UEBhMCR0IxGzAZBgNV
+BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
+ChMPU2VjdGlnbyBMaW1pdGVkMT0wOwYDVQQDEzRTZWN0aWdvIFJTQSBPcmdhbml6
+YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAnJMCRkVKUkiS/FeN+S3qU76zLNXYqKXsW2kDwB0Q
+9lkz3v4HSKjojHpnSvH1jcM3ZtAykffEnQRgxLVK4oOLp64m1F06XvjRFnG7ir1x
+on3IzqJgJLBSoDpFUd54k2xiYPHkVpy3O/c8Vdjf1XoxfDV/ElFw4Sy+BKzL+k/h
+fGVqwECn2XylY4QZ4ffK76q06Fha2ZnjJt+OErK43DOyNtoUHZZYQkBuCyKFHFEi
+rsTIBkVtkuZntxkj5Ng2a4XQf8dS48+wdQHgibSov4o2TqPgbOuEQc6lL0giE5dQ
+YkUeCaXMn2xXcEAG2yDoG9bzk4unMp63RBUJ16/9fAEc2wIDAQABo4IBbjCCAWow
+HwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFBfZ1iUn
+Z/kxwklD2TA2RIxsqU/rMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYG
+BFUdIAAwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy
+bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ
+aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAThNA
+lsnD5m5bwOO69Bfhrgkfyb/LDCUW8nNTs3Yat6tIBtbNAHwgRUNFbBZaGxNh10m6
+pAKkrOjOzi3JKnSj3N6uq9BoNviRrzwB93fVC8+Xq+uH5xWo+jBaYXEgscBDxLmP
+bYox6xU2JPti1Qucj+lmveZhUZeTth2HvbC1bP6mESkGYTQxMD0gJ3NR0N6Fg9N3
+OSBGltqnxloWJ4Wyz04PToxcvr44APhL+XJ71PJ616IphdAEutNCLFGIUi7RPSRn
+R+xVzBv0yjTqJsHe3cQhifa6ezIejpZehEU4z4CqN2mLYBd0FUiRnG3wTqN3yhsc
+SPr5z0noX0+FCuKPkBurcEya67emP7SsXaRfz+bYipaQ908mgWB2XQ8kd5GzKjGf
+FlqyXYwcKapInI5v03hAcNt37N3j0VcFcC3mSZiIBYRiBXBWdoY5TtMibx3+bfEO
+s2LEPMvAhblhHrrhFYBZlAyuBbuMf1a+HNJav5fyakywxnB2sJCNwQs2uRHY1ihc
+6k/+JLcYCpsM0MF8XPtpvcyiTcaQvKZN8rG61ppnW5YCUtCC+cQKXA0o4D/I+pWV
+idWkvklsQLI+qGu41SWyxP7x09fn1txDAXYw+zuLXfdKiXyaNb78yvBXAfCNP6CH
+MntHWpdLgtJmwsQt6j8k9Kf5qLnjatkYYaA7jBU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGEzCCA/ugAwIBAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
+MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBjzELMAkGA1UEBhMCR0IxGzAZBgNV
+BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
+ChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4g
+VmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA1nMz1tc8INAA0hdFuNY+B6I/x0HuMjDJsGz99J/LEpgPLT+N
+TQEMgg8Xf2Iu6bhIefsWg06t1zIlk7cHv7lQP6lMw0Aq6Tn/2YHKHxYyQdqAJrkj
+eocgHuP/IJo8lURvh3UGkEC0MpMWCRAIIz7S3YcPb11RFGoKacVPAXJpz9OTTG0E
+oKMbgn6xmrntxZ7FN3ifmgg0+1YuWMQJDgZkW7w33PGfKGioVrCSo1yfu4iYCBsk
+Haswha6vsC6eep3BwEIc4gLw6uBK0u+QDrTBQBbwb4VCSmT3pDCg/r8uoydajotY
+uK3DGReEY+1vVv2Dy2A0xHS+5p3b4eTlygxfFQIDAQABo4IBbjCCAWowHwYDVR0j
+BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFI2MXsRUrYrhd+mb
++ZsF4bgBjWHhMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAw
+CAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2Bggr
+BgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNv
+bS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
+L29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAMr9hvQ5Iw0/H
+ukdN+Jx4GQHcEx2Ab/zDcLRSmjEzmldS+zGea6TvVKqJjUAXaPgREHzSyrHxVYbH
+7rM2kYb2OVG/Rr8PoLq0935JxCo2F57kaDl6r5ROVm+yezu/Coa9zcV3HAO4OLGi
+H19+24rcRki2aArPsrW04jTkZ6k4Zgle0rj8nSg6F0AnwnJOKf0hPHzPE/uWLMUx
+RP0T7dWbqWlod3zu4f+k+TY4CFM5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLv
+xvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38
+sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyAL
+l6lFhd2zi+WJN44pDfwGF/Y4QA5C5BIG+3vzxhFoYt/jmPQT2BVPi7Fp2RBgvGQq
+6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhY
+LcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5
+yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K
+00u/I5sUKUErmgQfky3xxzlIPK1aEn8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDpjCCAyugAwIBAgIRAIgQfK/2XAW2FTReKHGJpvEwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MTEw
+MjAwMDAwMFoXDTMwMTIzMTIzNTk1OVowgZYxCzAJBgNVBAYTAkdCMRswGQYDVQQI
+ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoT
+D1NlY3RpZ28gTGltaXRlZDE+MDwGA1UEAxM1U2VjdGlnbyBFQ0MgQ2xpZW50IEF1
+dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EwWTATBgcqhkjOPQIBBggq
+hkjOPQMBBwNCAAS7oMoslfoAYkh/ZNv4XR1GejWc2JKwUrmIaBMiPD1yaAkCLrR3
+NL7tUSbCGq2ySZMTMRIoVyiXNiHpB86xs3iWo4IBZDCCAWAwHwYDVR0jBBgwFoAU
+OuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFLxzFsPwbS/aSglRBH6rjPXJ
+hyaMMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMCBggrBgEFBQcDBDARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0f
+BEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVD
+Q0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/Bggr
+BgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0Fk
+ZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu
+Y29tMAoGCCqGSM49BAMDA2kAMGYCMQDCD3nmeVCBqnqeExkwqKW4z43e5qarQnbF
+pqmcp/bsEbCSC9wBFMte4D1QhXKu6bYCMQCPnVdna/0sC6MMckqCloxhPYsIUlmM
+kmcdlxJqkRkatp1mQG03aiQ3jfZkkzKJ8Mc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGEDCCA/igAwIBAgIQTZQsENQ74JQJxYEtOisGTzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
+MTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBljELMAkGA1UEBhMCR0IxGzAZBgNV
+BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
+ChMPU2VjdGlnbyBMaW1pdGVkMT4wPAYDVQQDEzVTZWN0aWdvIFJTQSBDbGllbnQg
+QXV0aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMo87ZQKQf/e+Ua56NY75tqSvysQTqoavIK9viYc
+KSoq0s2cUIE/bZQu85eoZ9X140qOTKl1HyLTJbazGl6nBEibivHbSuejQkq6uIgy
+miqvTcTlxZql19szfBxxo0Nm9l79L9S+TZNTEDygNfcXlkHKRhBhVFHdJDfqB6Mf
+i/Wlda43zYgo92yZOpCWjj2mz4tudN55/yE1+XvFnz5xsOFbme/SoY9WAa39uJOR
+HtbC0x7C7aYivToxuIkEQXaumf05Vcf4RgHs+Yd+mwSTManRy6XcCFJE6k/LHt3n
+dD3sA3If/JBz6OX2ZebtQdHnKav7Azf+bAhudg7PkFOTuRMCAwEAAaOCAWQwggFg
+MB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBQJwPL8
+C9qU21/+K9+omULPyeCtADAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwEQYDVR0gBAowCDAG
+BgRVHSAAMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNv
+bS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEF
+BQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29j
+c3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAQUR1AKs5whX13o6V
+bTJxaIwA3RfXehwQOJDI47G9FzGR87bjgrShfsbMIYdhqpFuSUKzPM1ZVPgNlT+9
+istp5UQNRsJiD4KLu+E2f102qxxvM3TEoGg65FWM89YN5yFTvSB5PelcLGnCLwRf
+CX6iLPvGlh9j30lKzcT+mLO1NLGWMeK1w+vnKhav2VuQVHwpTf64ZNnXUF8p+5JJ
+pGtkUG/XfdJ5jR3YCq8H0OPZkNoVkDQ5CSSF8Co2AOlVEf32VBXglIrHQ3v9AAS0
+yPo4Xl1FdXqGFe5TcDQSqXh3TbjugGnG+d9yZX3lB8bwc/Tn2FlIl7tPbDAL4jNd
+UNA7jGee+tAnTtlZ6bFz+CsWmCIb6j6lDFqkXVsp+3KyLTZGXq6F2nnBtN4t5jO3
+ZIj2gpIKHAYNBAWLG2Q2fG7Bt2tPC8BLC9WIM90gbMhAmtMGquITn/2fORdsNmaV
+3z/sPKuIn8DvdEhmWVfh0fyYeqxGlTw0RfwhBlakdYYrkDmdWC+XszE19GUi8K8p
+lBNKcIvyg2omAdebrMIHiAHAOiczxX/aS5ABRVrNUDcjfvp4hYbDOO6qHcfzy/uY
+0fO5ssebmHQREJJA3PpSgdVnLernF6pthJrGkNDPeUI05svqw1o5A2HcNzLOpklh
+NwZ+4uWYLcAi14ACHuVvJsmzNic=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuzCCA6OgAwIBAgIQFMfOWTeODs3ocezWp4xhNTANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE4MTEwNjAwMDAwMFoXDTMw
+MTIzMTIzNTk1OVowgYgxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1h
+bmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGDAWBgNVBAoTD1NlY3RpZ28gTGlt
+aXRlZDEwMC4GA1UEAxMnU2VjdGlnbyBSU0EgUHJvIFNlcmllcyBTZWN1cmUgU2Vy
+dmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwx4YXoLwl2b4
+QhWnXxnYvFcjCGAewDI2iT39FXYvSaiK+1A05EBmxXGRttOnl8OLjB29ImQjWhMn
+P86Mh8sV/CfxBUnnpDJC40h4eqHEpX9otWLjLTNsKUXD4V94d52Wyjv53Dwv3U/W
+eNt4xgNbgPJkASioGUaO5t6sAUwWMYWA4an9AKupg3byc5SEOWH/B4qm4AAo5xGc
+zo4fJECPYvgIt9EKDWUp3tXKCKsxqxC2h4raKokTtrAnKCaCwaqyZJzLu9ZXLOjy
+HcQoXwrMMyOO9W5DH2aos6NJEjw5DMhy/I0TttHqFlKwXVdl5L4wMVZSpp/u0yCK
+QP+GS4LV0wIDAQABo4IBKzCCAScwHwYDVR0jBBgwFoAUoBEKIz6W8Qfs4q8p74Kl
+f9AwpLQwHQYDVR0OBBYEFIHFuh2zAn3Bv1bxaAzoB4aceoDGMA4GA1UdDwEB/wQE
+AwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMCkGA1UdJQQiMCAGCCsGAQUFBwMBBggr
+BgEFBQcDAgYKYIZIAYb4TQECAzAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIB
+MEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNl
+cnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcw
+AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAj
+8Y6ulwmqXyi3huINyFS5P16QGyauAJpQ0QRS7LE0rF6gk+qdKruOUUnztdAepg3S
+TxzyCZP4ewki4asVk4ZxXW/XQ4mQbvc5bGk60yAp8Dumx+l4X4awcUl0pN/L37mt
+QGpe5MAC0AmW3i+H+UXQtdtypfCOfgyC0a8j6b1NWFgsTQK1l/yEZcuAT2BDJcl2
+ehye7+u3UqfM15JueAcUByFBASokKYYbDVOuP10HDEfJB0OXx8ZQjMybB+wtPMTf
+hYUHNLNxezftAZk/INrtwLrU7OXAOR5tM5MHMroducCK+2VFK4mB+TTzFokdHQnf
+jv8WxygOnqiipIqhVvwB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIElDCCA3ygAwIBAgIQCmioyQeveH9jehvnbDs55jANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0xODExMjAxMjM5MzFaFw0yODExMjAxMjM5MzFaMGcxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xJjAkBgNVBAMTHURpZ2lDZXJ0IFNlY3VyZSBTaXRlIEtvcmVhIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLLsm9xltothSSjvNqxV3qBScyfD
+BGLgEKpr0AQpmybWvSpe3Cx9iZCmfKwxzTBF9h32i/GRjzUNFBazv2m98eO7hlkn
+YJg9UcTJj4yXurXt0L2835uIx3UKHe7rXhefTbo3aHu5z/A29MovRqX62jV8wszo
+sA6KOV3gXLnKmfxVM6eA4jVl9qYNIsyOY2jFiXvnqqbRHciAs8gD/FuB6U/Tm4qN
+E3E7xvchN7OUWg2XplLsRZ7suQODmPT+qz7u/hJF99MwSVbC5CzH4NFwMlMSIQGP
+OViY/NMYn84kTPcbRwO/T1vGQet+hIXPpukBHSiBx0vXeNhhCYrBKUamDwIDAQAB
+o4IBQDCCATwwHQYDVR0OBBYEFKISuti6MOlEvbzkuf8JxZMuQZ7aMB8GA1UdIwQY
+MBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0Bggr
+BgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNv
+bTBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGln
+aUNlcnRHbG9iYWxSb290RzIuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsG
+AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEB
+CwUAA4IBAQCn0tlfwJL5C+7nstYLdUcFXlaea8G7225DSWQfQh7H7DljMbh/cavB
+7Wv8dn6JmEhTiBHNgzmqVWiL92RJ1MVWlva6+NCmPx4cM20mkvKP6LxxxpWc4BUW
+iBP1pZFH754b+46p2UC8V24tSAHOgaHs8yhy+PwwCu5qj/qEOBYG1vV5vOmb0Oq5
+Ht2hjDkNZrra0ykHhJLQN4r9ILcmc0UXBDlTlYc/ooNs/GhHMg1deyQgIpPZVpeb
+Mr2udigGJfBQPYEIu+CErDBtPgfUlyH6zlyZJGdVDqvKJJCE6GtUVx6z5FLIOiZi
+y6s6uTDUy/jEkKwtNPbDgq+CfIcprc1P
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEnTCCA4WgAwIBAgIQCuPG8785fx4dEpgiz73xhjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0xODExMjAxMjM5MzZaFw0yODExMjAxMjM5MzZaMHAxCzAJBgNVBAYTAkpQ
+MRwwGgYDVQQKExNEaWdpQ2VydCBKYXBhbiBHLksuMRswGQYDVQQLExJ3d3cuZGln
+aWNlcnQuY28uanAxJjAkBgNVBAMTHURpZ2lDZXJ0IFNlY3VyZSBTaXRlIEphcGFu
+IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04jr0TNk5SzwmRgQ
++IxSqwTbRIC1d5O6rOintlLr8fCzyaGUbR6tanIIreGztCfwQQZSWDEACnJnE8lH
+zG8HPtzow7AQe3XHbQvXUGGMtnmuReRGhjwwse8DutKOCnuNFrfFkojl2K5+abV7
+bTDSI9+mCREpvDUmGsfXOhrwQr2RVx6BZ4MtuvOBng1/5CcNaIJ9fZk71s6oJQiw
+04Ogfa5w7kg78WQf+mqH9873jplhNrZoPzEb+ZqZzms75fYAKPHN2FWtfRj7tu0y
+bw5ORJOWY20G4ao/OTVrf3z0Di25dsUKqHtbgmJ++jnqM5k6b2tGk1TbDuYhXzdJ
+T2zMGQIDAQABo4IBQDCCATwwHQYDVR0OBBYEFMewKcGEykLLxtorblP5vAv7cx2Q
+MB8GA1UdIwQYMBaAFE4iVCAYlebjbuYP+vq5Eu0GF485MA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB
+/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
+Z2ljZXJ0LmNvbTBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2Vy
+dC5jb20vRGlnaUNlcnRHbG9iYWxSb290RzIuY3JsMD0GA1UdIAQ2MDQwMgYEVR0g
+ADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0G
+CSqGSIb3DQEBCwUAA4IBAQA96QGXTvT8oVPzjja7SQmgbruu71LoPC+mF/d89FMf
+Er05HRt3DsvIhaeWMON7DFs0w1huL6O2881xe5EqF95EsOyK/pEFiaxESsUbdfqk
+0b4vt0c9oWp/LiZx//kyKMUBL7aejwBo91YtxbsADH/hE/65EG6Q7rXGRwd7dZ/q
+n1EznnqUCk+rB8SegCSABrZNxBPlVJFMLw4uvBf79KF8rVRrG7N2+KzuzNzTSpu8
+/f25j6f0kpaaz9Tnq99S8SfLEr+FMTMrEH+ZjdiwP0eKeitX4lS9n2WhKyEsD7t+
+zC8YzcPk7ec2aDWdhwSwyE7hA2RWW3sAmu76/VbLm61m
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEiDCCA3CgAwIBAgIQB+xL3s3F6FxYGFofF6T+oTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0xODExMjAxMjM5NDFaFw0yODExMjAxMjM5NDFaMFsxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xGjAYBgNVBAMTEVRoYXd0ZSBQYXJ0bmVyIENBMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAyi5Il14p1jX7Gbay4U7qxzC1dqj55EmoP5wZGV/O7ica
+IFKZpTa0wNFjd1TCAzbHpvnkWNJqTVQlj43vlRAGuiVjhYd33VeWzIyREkHhxr+L
+LkKjIVd4xUEzO987o8nqAe2j16Yfuqn4KOQzIr9S1P5QpGJRTVH1VgzJcFObMMZt
+0QPRt2rKrF1ART3f/Q/SRdJzZtJguJt9E+k0F64JJQb/o74vhLVLRygip0vHZIjq
+rVOUOcXFwH10o/R9ANUMO/cqxW+oi6dHMBBwWAJ+YRXiCUNo1KisFVLoTZEasqf3
+AZfPd61tmR5DgfIFQ4VC2JqjXQDs0/BoATDdklN98QIDAQABo4IBQDCCATwwHQYD
+VR0OBBYEFG0vBxfZWDscb/qKDRRXSBFDZJr3MB8GA1UdIwQYMBaAFE4iVCAYlebj
+buYP+vq5Eu0GF485MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYw
+JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBCBgNVHR8EOzA5
+MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxS
+b290RzIuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRw
+czovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQBzojCB
+Wg9A4GeVXZg9/nP87nj/d8rIsWXK7Uma4vgnarTFifF/uZVV8q5ITm8FqYYt4kve
+MG3XK95CGPJKNQVLkljg4YMJMAc4z3UW7w7UYULDsi4336BKVWHq3dNCzh0Jhb3Z
+swieEzu8esTIAWtyy+Wj3v2SluMeonVKe7mlyJYK3JOFHN63Wi4e0wuanS/kw/e6
+gfl3FP2E2Gz4S69Dw32CcIA3Vc828Bui5tiExXhtnT1Z0TR9rCftud5TRO4SSqGk
+TXgRrGE8cref2xv6vLJszq7HyS/tD5pxsdP4sktkiGlw88Y83qrKm5L+QywhkJi1
+4HRViMWBwjy/Zjhe
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDnTCCAoWgAwIBAgINAe5fIj49NVuZK8gqtDANBgkqhkiG9w0BAQwFADBMMSAw
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFs
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xODExMjEwMDAwMDBaFw0yOTAz
+MTgxMDAwMDBaMFAxJDAiBgNVBAsTG0dsb2JhbFNpZ24gRUNDIFJvb3QgQ0EgLSBS
+NTETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjB2MBAG
+ByqGSM49AgEGBSuBBAAiA2IABEdFDpb7fV2/6TnRIfifC7bVex6SOkhZHPBiMS3A
+eij+Gqdcs7bMl+dF1Fj60XdtQ6LAh2U0Ch963es8M6HFnU2kb0GVOH/JHoTr0Z5J
+koeUhww6hUpmn51Zk02XYQaGSqOCASYwggEiMA4GA1UdDwEB/wQEAwIBBjAPBgNV
+HRMBAf8EBTADAQH/MB0GA1UdDgQWBBQ95ilIm+oHyiFESibebt7Sg9CfWTAfBgNV
+HSMEGDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYI
+KwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjMwNgYD
+VR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIz
+LmNybDBHBgNVHSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93
+d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEMBQADggEB
+AEr6e27WML3zFYJfjApU2aS3C2iAenE5n694Vu0v9wh33RkXK6ccDsLgj0qI2CaH
+VWCyIh7MHyS7vcK2yxJUnh84wQAV46tLByHG32btb2XGxOxt8C08/G2iZqL7Hmvo
+DKfxQ/yAxueM0odidxshAL33bzHj6zgj3PMkguCuXsZSIr5Y0r63qHIYmP8jXG0o
++S4qbyhM8G7eMb35iG+qrrpklUuOAez4RI6w6abSZSxaxxuwv9T/32jKbR0bEq5D
+pTtZAAKsZdPVb9tztaxp7y2GEOS2sbhI+VoOBiONdBoRyszsK3bUu18qDpvkiHkM
+MEaA47hRsmFqL16t4Ui72Ec=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAomgAwIBAgINAe5fIpVCSQX5AZGo3DAKBggqhkjOPQQDAzBQMSQwIgYD
+VQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjUxEzARBgNVBAoTCkdsb2Jh
+bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTgxMTIxMDAwMDAwWhcNMjgx
+MTIxMDAwMDAwWjBQMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEmMCQGA1UEAxMdR2xvYmFsU2lnbiBFQ0MgT1YgU1NMIENBIDIwMTgwdjAQ
+BgcqhkjOPQIBBgUrgQQAIgNiAATDoRGNZSPhluG7q6bQA11PTe0ZD/xx44QlFam1
+BM4eLeN+wfgwalsbkjzARCM9si/fnQeKNtKAlgNmNOHTmV3VfwGbocj6+22HVWZu
+VeX/VeIGoWh1u7Lja/NDE7RsXaCjggEpMIIBJTAOBgNVHQ8BAf8EBAMCAYYwEgYD
+VR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUWHuOdSr+YYCqkEABrtboB0ZuP0gw
+HwYDVR0jBBgwFoAUPeYpSJvqB8ohREom3m7e0oPQn1kwPgYIKwYBBQUHAQEEMjAw
+MC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vcm9vdHI1
+MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9v
+dC1yNS5jcmwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBz
+Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAoGCCqGSM49BAMDA2cA
+MGQCMC4lzZGQw5mpNZBmztq8huxKf9/tRUJ5yLI4q6YU+i2fjF2FRBNA64EBmljA
+7dkSOwIwL9qYB0APhsLmV0LhknrzHZVvtqzg7NQaIV18BEIDZQgK3gjxYzADjHSH
+5uk4mCdW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDAjCCAomgAwIBAgINAe5fIqUvfWwWGu1LsjAKBggqhkjOPQQDAzBQMSQwIgYD
+VQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjUxEzARBgNVBAoTCkdsb2Jh
+bFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTgxMTIxMDAwMDAwWhcNMjgx
+MTIxMDAwMDAwWjBQMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBu
+di1zYTEmMCQGA1UEAxMdR2xvYmFsU2lnbiBFQ0MgRVYgU1NMIENBIDIwMTgwdjAQ
+BgcqhkjOPQIBBgUrgQQAIgNiAAT6IB5AMcL86n43ZgyKS4VW3d6/Gjj4h8/KFiLr
+npBSpOj66qbLgW0I/+VUDHu+V86I3D5Rsovv3RA3viu2sQN5CnkbZJ7Q0rCVZd1V
+FoR9hPRn602aCA5no9ofW5p+HwajggEpMIIBJTAOBgNVHQ8BAf8EBAMCAYYwEgYD
+VR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU2+/d/JdC11UoDeL3MHh071KLbd0w
+HwYDVR0jBBgwFoAUPeYpSJvqB8ohREom3m7e0oPQn1kwPgYIKwYBBQUHAQEEMjAw
+MC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vcm9vdHI1
+MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9v
+dC1yNS5jcmwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBz
+Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAoGCCqGSM49BAMDA2cA
+MGQCME3jMkzOyNRNWTFXoeqLIZ9ZidYq+sHm+qxb6PvS8xMnqJ+o9saZrIIz45xU
+pfHcAgIwdgiRo9SYGrVNDOfHdJLtCAy2XiKDPwHpQ6Jc7MJEpwl7fnkjsZLgTtTG
+QgXZtk+o
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIETjCCAzagAwIBAgINAe5fIh38YjvUMzqFVzANBgkqhkiG9w0BAQsFADBMMSAw
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFs
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xODExMjEwMDAwMDBaFw0yODEx
+MjEwMDAwMDBaMFAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52
+LXNhMSYwJAYDVQQDEx1HbG9iYWxTaWduIFJTQSBPViBTU0wgQ0EgMjAxODCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKdaydUMGCEAI9WXD+uu3Vxoa2uP
+UGATeoHLl+6OimGUSyZ59gSnKvuk2la77qCk8HuKf1UfR5NhDW5xUTolJAgvjOH3
+idaSz6+zpz8w7bXfIa7+9UQX/dhj2S/TgVprX9NHsKzyqzskeU8fxy7quRU6fBhM
+abO1IFkJXinDY+YuRluqlJBJDrnw9UqhCS98NE3QvADFBlV5Bs6i0BDxSEPouVq1
+lVW9MdIbPYa+oewNEtssmSStR8JvA+Z6cLVwzM0nLKWMjsIYPJLJLnNvBhBWk0Cq
+o8VS++XFBdZpaFwGue5RieGKDkFNm5KQConpFmvv73W+eka440eKHRwup08CAwEA
+AaOCASkwggElMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
+A1UdDgQWBBT473/yzXhnqN5vjySNiPGHAwKz6zAfBgNVHSMEGDAWgBSP8Et/qC5F
+JK5NUPpjmove4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0dHA6
+Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjMwNgYDVR0fBC8wLTAroCmgJ4Yl
+aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBHBgNVHSAEQDA+
+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5j
+b20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAJmQyC1fQorUC2bbmANz
+EdSIhlIoU4r7rd/9c446ZwTbw1MUcBQJfMPg+NccmBqixD7b6QDjynCy8SIwIVbb
+0615XoFYC20UgDX1b10d65pHBf9ZjQCxQNqQmJYaumxtf4z1s4DfjGRzNpZ5eWl0
+6r/4ngGPoJVpjemEuunl1Ig423g7mNA2eymw0lIYkN5SQwCuaifIFJ6GlazhgDEw
+fpolu4usBCOmmQDo8dIm7A9+O4orkjgTHY+GzYZSR+Y0fFukAj6KYXwidlNalFMz
+hriSqHKvoflShx8xpfywgVcvzfTO3PYkz6fiNJBonf6q8amaEsybwMbDqKWwIX7e
+SPY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdDCCA1ygAwIBAgIPAWdfJ9b+euPkrL4JWwWeMA0GCSqGSIb3DQEBCwUAMEQx
+CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE
+AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0xODExMjkxMTU1NTRaFw00MzExMjkxMTU1
+NTRaMEQxCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZ
+MBcGA1UEAwwQVGVsaWEgUm9vdCBDQSB2MjCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBALLQPwe84nvQa5n44ndp586dpAO8gm2h/oFlH0wnrI4AuhZ76zBq
+AMCzdGh+sq/H1WKzej9Qyow2RCRj0jbpDIX2Q3bVTKFgcmfiKDOlyzG4OiIjNLh9
+vVYiQJ3q9HsDrWj8soFPmNB06o3lfc1jw6P23pLCWBnglrvFxKk9pXSW/q/5iaq9
+lRdU2HhE8Qx3FZLgmEKnpNaqIJLNwaCzlrI6hEKNfdWV5Nbb6WLEWLN5xYzTNTOD
+n3WhUidhOPFZPY5Q4L15POdslv5e2QJltI5c0BE0312/UqeBAMN/mUWZFdUXyApT
+7GPzmX3MaRKGwhfwAZ6/hLzRUssbkmbOpFPlob/E2wnW5olWK8jjfN7j/4nlNW4o
+6GwLI1GpJQXrSPjdscr6bAhR77cYbETKJuFzxokGgeWKrLDiKca5JLNrRBH0pUPC
+TEPlcDaMtjNXepUugqD0XBCzYYP2AgWGLnwtbNwDRm41k9V6lS/eINhbfpSQBGq6
+WT0EBXWdN6IOLj3rwaRSg/7Qa9RmjtzG6RJOHSpXqhC8fF6CfaamyfItufUXJ63R
+DolUK5X6wK0dmBR4M0KGCqlztft0DbcbMBnEWg4cJ7faGND/isgFuvGqHKI3t+ZI
+pEYslOqodmJHixBTB0hXbOKSTbauBcvcwUpej6w9GU7C7WB1K9vBykLVAgMBAAGj
+YzBhMB8GA1UdIwQYMBaAFHKs5DN5qkWH9v2sHZ7Wxy+G2CQ5MB0GA1UdDgQWBBRy
+rOQzeapFh/b9rB2e1scvhtgkOTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw
+AwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAoDtZpwmUPjaE0n4vOaWWl/oRrfxn83EJ
+8rKJhGdEr7nv7ZbsnGTbMjBvZ5qsfl+yqwE2foH65IRe0qw24GtixX1LDoJt0nZi
+0f6X+J8wfBj5tFJ3gh1229MdqfDBmgC9bXXYfef6xzijnHDoRnkDry5023X4blMM
+A8iZGok1GTzTyVR8qPAs5m4HeW9q4ebqkYJpCh3DflminmtGFZhb069GHWLIzoBS
+SRE/yQQSwxN8PzuKlts8oB4KtItUsiRnDe+Cy748fdHif64W1lZYudogsYMVoe+K
+TTJvQS8TUoKU1xrBeKJR3Stwbbca+few4GeXVtt8YVMJAygCQMez2P2ccGrGKMOF
+6eLtGpOg3kuYooQ+BXcBlj37tCAPnHICehIv1aO6UXivKitEZU61/Qrowc15h2Er
+3oBXRb9n8ZuRXqWk7FlIEA04x7D6w0RtBPV4UBySllva9bguulvP5fBqnUsvWHMt
+Ty3EHD70sz+rFQ47GUGKpMFXEmZxTPpT41frYpUJnlTd0cI8Vzy9OK2YZLe4A5pT
+VmBds9hCG1xLEooc6+t9xnppxyd/pPiL8uSUZodL6ZQHCRJ5irLrdATczvREWeAW
+ysUsWNc8e89ihmpQfTU2Zqf7N+cox9jQraVplI/owd8k+BsHMYeB2F326CjYSlKA
+rBPuUBQemMc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGazCCBFOgAwIBAgIPAWdfgr4AF96JVak3brH5MA0GCSqGSIb3DQEBCwUAMDcx
+FDASBgNVBAoMC1RlbGlhU29uZXJhMR8wHQYDVQQDDBZUZWxpYVNvbmVyYSBSb290
+IENBIHYxMB4XDTE4MTEyOTEyNDAxM1oXDTMyMTAxODEyMDA1MFowRDELMAkGA1UE
+BhMCRkkxGjAYBgNVBAoMEVRlbGlhIEZpbmxhbmQgT3lqMRkwFwYDVQQDDBBUZWxp
+YSBSb290IENBIHYyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAstA/
+B7zie9Brmfjid2nnzp2kA7yCbaH+gWUfTCesjgC6FnvrMGoAwLN0aH6yr8fVYrN6
+P1DKjDZEJGPSNukMhfZDdtVMoWByZ+IoM6XLMbg6IiM0uH29ViJAner0ewOtaPyy
+gU+Y0HTqjeV9zWPDo/beksJYGeCWu8XEqT2ldJb+r/mJqr2VF1TYeETxDHcVkuCY
+Qqek1qogks3BoLOWsjqEQo191ZXk1tvpYsRYs3nFjNM1M4OfdaFSJ2E48Vk9jlDg
+vXk852yW/l7ZAmW0jlzQETTfXb9Sp4EAw3+ZRZkV1RfIClPsY/OZfcxpEobCF/AB
+nr+EvNFSyxuSZs6kU+Whv8TbCdbmiVYryON83uP/ieU1bijobAsjUaklBetI+N2x
+yvpsCFHvtxhsRMom4XPGiQaB5YqssOIpxrkks2tEEfSlQ8JMQ+VwNoy2M1d6lS6C
+oPRcELNhg/YCBYYufC1s3ANGbjWT1XqVL94g2Ft+lJAEarpZPQQFdZ03og4uPevB
+pFKD/tBr1GaO3MbpEk4dKleqELx8XoJ9pqbJ8i259RcnrdEOiVQrlfrArR2YFHgz
+QoYKqXO1+3QNtxswGcRaDhwnt9oY0P+KyAW68aocoje35kikRiyU6qh2YkeLEFMH
+SFds4pJNtq4Fy9zBSl6PrD0ZTsLtYHUr28HKQtUCAwEAAaOCAWUwggFhMB8GA1Ud
+IwQYMBaAFPCPWTgAs/WPmpYM1ev6e6oX6BMSMB0GA1UdDgQWBBRyrOQzeapFh/b9
+rB2e1scvhtgkOTAOBgNVHQ8BAf8EBAMCAQYwPAYDVR0gBDUwMzAxBgRVHSAAMCkw
+JwYIKwYBBQUHAgEWG2h0dHBzOi8vY3BzLnRydXN0LnRlbGlhLmNvbTAPBgNVHRMB
+Af8EBTADAQH/MEcGA1UdHwRAMD4wPKA6oDiGNmh0dHA6Ly9odHRwY3JsLnRydXN0
+LnRlbGlhLmNvbS90ZWxpYXNvbmVyYXJvb3RjYXYxLmNybDB3BggrBgEFBQcBAQRr
+MGkwPgYIKwYBBQUHMAKGMmh0dHA6Ly9jcHMudHJ1c3QudGVsaWEuY29tL3RlbGlh
+c29uZXJhcm9vdGNhdjEuY2VyMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC50cnVz
+dC50ZWxpYS5jb20wDQYJKoZIhvcNAQELBQADggIBAIesRw+pLLljhtNfr+wtck0h
+9fJOPzxsDF0YuKvB5uzIFZv0p0J4d5kQhifNLAVG9cOjwVHaVkY72+Cqwv9j1wZi
+/DnWEFJ9EzQPUtF5Ob6Iur1CP0TlF6SFnM+ZMfEFQrXhS8ni2WC83Y2DjOTFpNKq
+9HklT5U+0rLmgfiwSzaMtyCYpU09CSvxraZt/wmL/ov2IHW4gtravMyxi6Dnc4LC
+1Qjndx09lgOuWBj3pD2fuFcN5DVVOxJE7Hl068CPxv3Q0kp5U4AQsTDk17LhLGUL
+VfP6zRThdzCWNKxvnzbjx7JKiutxOKLqAw/fCBBJP89kIv8EbMPc0gjXS8Y1nt1g
+xJo0xJeP8FpuTodW+1SABniEHYNy0T9C1BTsUdJa18ukOoR3l9uevvIUr652JSh/
+LLPbb7l1mlXhQw9qVjnqqBhjKpkzvctcQnoeadxdMKrakbQovWKmg5QLGyjORjbh
+aYmMv+hUcZp1ccbBxXlnpkgSME+vyMzicbyZFnaYOwZAIXDle9VW3oHZrBcXrSx9
+GrfB0I6Bru0elSbKSLLzaMJkf8+glt1mK5w0IaIWPnOrrxwkU2NIplhA+m+wACyA
+DksNn9GptR6KJsSoKwwwT5I5wuNeay96HMf9I6EAFIUl42l4lWK6NSfZ/LgSDaFl
+BIcaW5MU53XS4ddc3md2
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGnzCCBIegAwIBAgIPAWdfrHKZTHS/GmftwbOtMA0GCSqGSIb3DQEBCwUAMEQx
+CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE
+AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0xODExMjkxMzMwMzJaFw00MzExMjkxMTU1
+NTRaMFMxCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEo
+MCYGA1UEAwwfVGVsaWEgRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSB2MzCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAM5UUDh1YvHRzHKqO7BwDh1V4Wc3pCgR
+FnM02WJkGzi5HGzWEbQ3hK0Z7RDvVusdxiIG+C5pVaiI1sjgkFf58l90NPqh5KtS
+pQi2flDTZkdnDREvuibNu/kKowkuQ67F4eDiLSyo8qbyBWtKiov17RECFVFQH3eI
+hd8jn2CIgUaaIh23c4lzZcD2nItu7tRJpdAD5FAzFTr+WLKNovsbkwAsnX7v+KLk
+TBTQLlqUmJJ/VlRWMfYDRByGh/dQK2/YqCmdfKoGdibWruMH6rx78rUBjmwjOz1H
+4R5xxec98gLDJpd1BDC0esqqdw+A/Ui31szxwjG3WYKC2Ph7cJvUIjzx7DEMhQts
+t8M0S+QP7J/WgGVXQfmDNI6zW3Veh8MA+uTI9ET2OyEKqX12jfFYwmD/w//SKeO9
+4dMtwI9U6WHJIi6YdsLZcRjFeQ7WkF4wg0ilt+zZhzu9WXm9NARZ3DDOh0wA/qoW
+p+z9GLyagonZpg9ZG5nKOrGXra/t6GDLZaa0LWOxfZvYP62M3BdG7MLW17DwloL6
+mH0zwFMPNWwxQdvEOf8ZJqY4j+hA+LTPkM7lHNmFyhfbAYWrUrnQknU+WaUEDMfe
+4vDmG3kvNf4AsQ5z6qFMiBgZKrf9dWYRT7He/ZWPDXOQvQZPMnCPxDxTCDRyQhLV
+tmvSWSH8WEH1AgMBAAGjggF9MIIBeTAfBgNVHSMEGDAWgBRyrOQzeapFh/b9rB2e
+1scvhtgkOTAdBgNVHQ4EFgQU+zZwO10f8H2yIInA6S632ehYqDUwDgYDVR0PAQH/
+BAQDAgEGMD4GA1UdIAQ3MDUwMwYFZ4EMAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6
+Ly9jcHMudHJ1c3QudGVsaWEuY29tLzASBgNVHRMBAf8ECDAGAQH/AgEAMEEGA1Ud
+HwQ6MDgwNqA0oDKGMGh0dHA6Ly9odHRwY3JsLnRydXN0LnRlbGlhLmNvbS90ZWxp
+YXJvb3RjYXYyLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwcQYI
+KwYBBQUHAQEEZTBjMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC50cnVzdC50ZWxp
+YS5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly9jcHMudHJ1c3QudGVsaWEuY29tL3Rl
+bGlhcm9vdGNhdjIuY2VyMA0GCSqGSIb3DQEBCwUAA4ICAQA1uu3Sm3+UxXKdFqYB
+UQu/CGveKYVORHgbQ1czZ+UfZgvmUw4w8EP/OFHo6OR0pMqFiZEOBiFqNDksucOh
+R/fzqbf3JWgyQkPgImYdECK/j84HZCGySD7vQIbUqRaIGp8G8V9Wa80HVyntcWKz
+RCuLYLQ/liNDuNLc2ijwmsm5kZ+xiPvmiY0G8wBzgRSvgaZOj1IMxOSRsQARm5Hk
+QAdIgExmc3fsaQhCeXtZpcs1AwVB99Qx010IcK3mv8Zdy9OzR0QkPU2j8uK7Zj23
+cuYcp5uBsnOAUQB+ASV4pf06IJ6NbYC7AbqLs1kDpi7AqKk4lVftftlcX5rAo8/j
+4CI81DJRjjbiKWJIfpACSIHWObfPPw3jyJnDsZWKRbdOc8XMO9kqepu2GnKs8pmE
+mPjLadlbTt14ClYGCQpitYo6fgiBtWSeUjcXXLo3u5IcWFpMPvc56zp51Cq/E7K6
+UmAJ7rxcEpH3PvA2auToJl61ud/BaW8fJgxakM0x1KLdsYPAXe0ZVeniCTENJEFC
+x5UponfhpxxY4aMOWznysVXGaoIsY5II539pkAayycy2bPiN1Sg8h5GwwldDnRfP
+FbD1hdK+na9x7ZHc3rTmO94OYDkkEoAk/bYJ/FOE0z4YfENS0RHdXBMWsRRVzME/
+1XugcrXQSUhnmRXQhk8RYgSFbA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkzCCBHugAwIBAgIPAWdf548Q80klfxazcx96MA0GCSqGSIb3DQEBCwUAMEQx
+CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE
+AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0xODExMjkxNDM2MDVaFw00MzExMjkxMTU1
+NTRaMEYxCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEb
+MBkGA1UEAwwSVGVsaWEgU2VydmVyIENBIHYzMIICIjANBgkqhkiG9w0BAQEFAAOC
+Ag8AMIICCgKCAgEAvEOTCprOPJB1r/BikJEOi0F6J+/W2ZfRGzuBT0TYZpJ4DXbi
+/Y6W6KzcuUqQY4vH+h4rcF1aRSY+TBJs7GUoETp8YaWl+oLtceR7nW2M6AN0BSFc
+Uf3oz1iYT/RIoT+H6uW1JcS+zNUJeDhFbDV4yqDXmdOOmoG0LLWjhP1O8jPAIv3K
+trTnjBRSZ5bDY+z6hExAKNdIeaEd298LMbTSUaDXjvGKDmuVBj4DrwYmZDwWYIC6
+OtOnomYo4HKVcyEevPeH5OprriOR2wr88STfJE0lQuwwKRpea8kbrQ7RT263w5Dn
+MZ1w6IK0+XYc+ME0EwgNnLjIvM7mMCufMXqpg3/imbf6XIyxwbsdbZ+UzTe5LUR+
+a6y62mpLbIQ7ZPYGLchNOHVEbLSRkryNOaM7VOvYProEeOux8SkJLv38+awkHqJx
+uir3XkXOd80rmpgYV9EiSOe8UE9GldeenwT04lKaQoz1vBTAGXLuGbiG5M2BDkkM
+kwY0WBDQI8ihwLS8hHVmaFD2M1yPYOXlMRydVRHu9IQMXUzYfd+ezzqXotd0P5+X
+yYAcCFC4K0mcEEb39QRTAyb4+WCPXVVdluA7tnnGI+mfR4GRyi0FzuhlMxcwA31e
+iQ31Nx4jAhkY/0EBvdmH56cBnVar+46dK0uy84UNGg78SYrWdS57XSI64QcCAwEA
+AaOCAX4wggF6MB8GA1UdIwQYMBaAFHKs5DN5qkWH9v2sHZ7Wxy+G2CQ5MB0GA1Ud
+DgQWBBRGZo0OByMWsOpPBeuWWt6l7sl+pDAOBgNVHQ8BAf8EBAMCAQYwPwYDVR0g
+BDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly9jcHMudHJ1c3Qu
+dGVsaWEuY29tLzASBgNVHRMBAf8ECDAGAQH/AgEAMEEGA1UdHwQ6MDgwNqA0oDKG
+MGh0dHA6Ly9odHRwY3JsLnRydXN0LnRlbGlhLmNvbS90ZWxpYXJvb3RjYXYyLmNy
+bDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwcQYIKwYBBQUHAQEEZTBj
+MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC50cnVzdC50ZWxpYS5jb20wOAYIKwYB
+BQUHMAKGLGh0dHA6Ly9jcHMudHJ1c3QudGVsaWEuY29tL3RlbGlhcm9vdGNhdjIu
+Y2VyMA0GCSqGSIb3DQEBCwUAA4ICAQBEN/KA28R/Jzyds4FExxG9wrVdqrYoBbXW
+gZDXRt9y3lzXg6Y+Eos2yi7wqRLgzefpy5lGdWK2hejI/M618OWxfl8jE6LTneD2
+1gkCAkZzVC7tPUWl3UiaaN5x95VOgEnkHirenbwxDl8vAZiIxH//AUQcLgizq4fa
+piAUsGIWO98v5+kolIsrbSpumAp0wYGg2tsE61vc6ijeZ7cU62RRbclQmMriHnT8
+zLIdNxnQ/IqjG4AjCqa12bulYxwAfGOnLgTyTT3m40uLTlAD+yYAOfbDn1raWZIK
+IaTGpd36A9cIX5TcEDaEQqjAXZpb4AHjiifPAI2iR7I5iUNtt174NF6cBgEajs2u
+YrVBcMFfraLDQYfJjIw5jszQcwFbxVk6J5RsPzIgAY0BqBIDkuITyNZhe70x4cuQ
+mNxQp7MAU4f0kp1RhX2wzYu7BDy9z4qWbpCop4UNtlChcKvsqNybtrtWy1zGwosl
+DoQTHpWBH8Afy/Ql9/9C7+Z23wfwA3LX4BWtyT46NDD+XmIcyFgF7tzgcSSclGzP
+geCvWmSyIGBdNclb1GODzF8uZEoba7ooOxRrZktEcwTMc7rOdcBjqyi1aDf0cmFK
+QcypAX65ek2lVAQ+6H+U8dCGlfjSV43fEg8IYr+S5KNWTzmHV3xaLpxwNWpLuYJa
+fM15Si+DPA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGnjCCBIagAwIBAgIPAWdf/efkGBHizXawzbUKMA0GCSqGSIb3DQEBCwUAMEQx
+CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE
+AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0xODExMjkxNDU5MjJaFw00MzExMjkxMTU1
+NTRaMFExCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEm
+MCQGA1UEAwwdVGVsaWEgRG9tYWluIFZhbGlkYXRpb24gQ0EgdjMwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCnvURYG8OHvDXCxELPSflA0dIqNba5jPJ5
+T61JEOvez6QbaeDBn5CyveVO22vkPDBGzsmzshSXcIBAisFt3A0Oce+kWUikjxLU
+SpcYChdha0ryU5u19bkl9lGp2sK3h6l0e7OEE3uMledUZBNUM8rAcJzgPQNWgX8C
+hXnf4BCPXNytedAG0Dc26EjxnLz3FeIw8oY1sRkg5vsXTpLZWv2+GRDRmJ5+5qo/
+0EkaUzok5Ngwtt40sJn2XmloZ5xFHxC2QDXUw8iJwyZhR/0yzgLtTMikigSzQKVJ
+u15DJnbOhaXg9M8r64TZ7JmNs6NZq92f3k3DhbckWoNmiZCAnnyEiEsLOjYCNcWs
+lIXtW7qSN52PKHZI632ko3fqUKSPGgC58UNxUcgosW5xqEof0+FjdBSf5Ohggp6k
+5CspDkUVyFY/T1xhs1l0O4vjx7xaB22n8DhFsZlTqBn9rZZN7Jf/8gBAjPhSSe7w
+xGoBxKHJF/hDwguuQ1eXB8W6WInc38wdzYQnOvdBMrTg1GV/hS1nGyIuquVT9P51
+xrC1kri5a9jlm4N+ZSinSOzJeVF0oJDiXH2R+VWP9ivnJw4+HwquosoG6a4yMw+R
+owVGF2ay72YJEWu2403xobV5vJg45AbgOKIqnh56bAJTjTZk55GTpMU8DgLNzbg1
+krhwZTfhCwIDAQABo4IBfjCCAXowHwYDVR0jBBgwFoAUcqzkM3mqRYf2/awdntbH
+L4bYJDkwHQYDVR0OBBYEFFvx7imNMbI7OuAXy6QH6T+CQh+jMA4GA1UdDwEB/wQE
+AwIBBjA/BgNVHSAEODA2MDQGBmeBDAECATAqMCgGCCsGAQUFBwIBFhxodHRwczov
+L2Nwcy50cnVzdC50ZWxpYS5jb20vMBIGA1UdEwEB/wQIMAYBAf8CAQAwQQYDVR0f
+BDowODA2oDSgMoYwaHR0cDovL2h0dHBjcmwudHJ1c3QudGVsaWEuY29tL3RlbGlh
+cm9vdGNhdjIuY3JsMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBxBggr
+BgEFBQcBAQRlMGMwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnRydXN0LnRlbGlh
+LmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL2Nwcy50cnVzdC50ZWxpYS5jb20vdGVs
+aWFyb290Y2F2Mi5jZXIwDQYJKoZIhvcNAQELBQADggIBAFWj2sdjtFsGSuApNj8O
+Cm7RhHmDpHT/kttmdh39z1Cl5/yhnFg21f5+mbLHhPLsHSEFcnOLZZhsCrvTVG6n
+xclRneWgXMChLXJPfMTQ+7rsFxL9JtBYnfnak2nmZI+SupX3wSvvhDdhHvRfw0xY
+RpWUQfLApnXqqR0ffGf713uSLwPfHV4F0rTXnJBBGSEIMtavk/aK6Bxwo0foAux2
+MMPqAZhVLckZTHwWNK0SgPA8c9o50eB45u2wB/ksBgRUckj0n0MZqeFrsBk2ztYg
+fNrFtQuMmNN4NXwf/1jWY6KJVOSyGy2EfLfmClIeS8zMncRcRjFMpnit+HRKoWhs
+MxKewJtwsnmrRlZu/x8WjmzMscgWA6zyDB43uWh6bBG1jpZSwohU4mlgxoVPYxhu
+bq5siJ/GpA+v59LvazGSkdUQmr/TnASa1HV3iVEy60TjNWUQVo4p6dGUZb2gyrL7
+93PtLUJ7r4HbV92EG0HlmYakXc4ePLmJwEhH+NdTw9wPYh2NjHdQ2jQtGEs8c+5J
+1WYZ/NUFygOJqegcRO2APN2+QBnE4KzUhXWWTObIRnY0wgreJ8ghGYNhHwr0Mo8i
+gWR3D/K7Hn/XKqrPVzlmxnZZfs6riqF+7o+HCG254DPJc5LgcN6w6RcsF4lL5pr1
+gr6Cmg2/Tn6odHWrYEV1+wNC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDzzCCA1WgAwIBAgIRAMNKCkcZ4RnVPgmMFLxDiqgwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MTIw
+MzAwMDAwMFoXDTI4MTIwMjIzNTk1OVowgZkxCzAJBgNVBAYTAkZSMRAwDgYDVQQI
+EwdIZXJhdWx0MRQwEgYDVQQHEwtNb250cGVsbGllcjEOMAwGA1UEChMFWml3aXQx
+NDAyBgNVBAsTK0NvbnRyb2xsZWQgYnkgU2VjdGlnbyBleGNsdXNpdmVseSBmb3Ig
+Wml3aXQxHDAaBgNVBAMTE1RydXN0U2lnbiBFQ0MgRVYgQ0EwWTATBgcqhkjOPQIB
+BggqhkjOPQMBBwNCAAQYjGxoWlWfv/DZQuxH4zF+wVndGCJB7+2/iotumeTMnEEc
+nrIIAC0teZ7A0DZUpQlplI7asrWZDytiVlbOFv1co4IBizCCAYcwHwYDVR0jBBgw
+FoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFACKZAFfz/N/PPdzWZd7
+oxcLJEtAMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAj
+BggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkwRzBF
+oEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRp
+ZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcw
+AoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0
+Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoG
+CCqGSM49BAMDA2gAMGUCMA1iSMXnqRBEpfrRjHnoxYqQ7U5ovjk1b0al3iYjbH+Q
+CkvhkSAIaLHbb9JXmTUQ0wIxAMPMn+GoOYm5jDt8kwwPd9gNi5RJqQTZHg1idFaF
+n/4GHEXW0HvOBdL8xcb2mv8hJg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDgTCCAwegAwIBAgIQB2hvp2UyWRwhZ7FbEaiLyjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMjAz
+MDAwMDAwWhcNMjgxMjAyMjM1OTU5WjBjMQswCQYDVQQGEwJGUjEQMA4GA1UECBMH
+SGVyYXVsdDEUMBIGA1UEBxMLTW9udHBlbGxpZXIxDjAMBgNVBAoTBVppd2l0MRww
+GgYDVQQDExNUcnVzdFNpZ24gRUNDIERWIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0D
+AQcDQgAE9JcCjfYQKbthTBDaQRL6Acr122L+Tlbx8K3Ee4yZ4CmZHzoih6zJSzQn
+AitJPyriQdJDLfVVhH4HPXpFqUMZPKOCAXUwggFxMB8GA1UdIwQYMBaAFDrhCYbU
+zxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBT4dAO5kSQ5pZhncBB5qy+HL1qbKTAO
+BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICQTAIBgZn
+gQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29t
+L1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUF
+BwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VT
+RVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz
+cC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMQChEH8mmeb/Z5SQV3Fx
+KobD+ziZYW57HNR96wIvVnFY8+ODtLOmqW4KEskra2DCPJwCMGQuyQCUrlxJ0Rgj
+56TNlSLDYGPFUh437T9Kqa0gpXzpbqo9YBpyf/hj6Up/6bWqlA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF7jCCA9agAwIBAgIRAIM/ucF5gZOSbLyOUjsgzvUwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MTIwMzAwMDAwMFoXDTI4MTIwMjIzNTk1OVowYzELMAkGA1UEBhMCRlIxEDAOBgNV
+BAgTB0hlcmF1bHQxFDASBgNVBAcTC01vbnRwZWxsaWVyMQ4wDAYDVQQKEwVaaXdp
+dDEcMBoGA1UEAxMTVHJ1c3RTaWduIFJTQSBPViBDQTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJoZs/YLisLeLL9AmpqEWbYIxcVuwW5uSmchgsfXNhlp
+cUPxuW967DaLtg+8AGZv+/S8tp09o7t+QehX+ws7Q1oGkYeze1JuqXCeZX1RJ+DW
+NMB5T/hKSaHUHQ/r4oxRJoRXUz8wsFaxMffnDGxmnJzX9BuLJzckgE5I6vofxJf7
+5EFu637+65rzABT69cV6kFmX48sCJng5a/9gwOTaKtHyQna1zg/v9Pi+OIe3mVSH
+3iRoWo8oay+ONyCvXc15FIVxCpcCGvlBOaYELV2jZEOb44KdYsfHOUGnO0AEK7Kd
+5taoM6mRvJjLy9mZ/Frs9SjfggTHjRtwU3DHCTFzX4MCAwEAAaOCAXUwggFxMB8G
+A1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBQUvlIZLLPy
+aVKA9gwDG4C9pVCfHDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsr
+BgEEAbIxAQICQTAIBgZngQwBAgIwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2Ny
+bC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3Jp
+dHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51
+c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4IC
+AQAl/L/1El4lDetC403waWKNK1/GV+VHMExnaBxqFYSTDYQjtvECqws5p0R8dJRL
+BL++apTYH1xkRh1f7m3/cSIMepXx76kB6XTaZYc1RI/2fJ0VEfHP/MSlYhAiZyLr
+/S6IMf1kn1HVhXox60cLaEb63zhMkpuF9UJMRbl1Xn8jWhavViSVjJ5YoK4o/rvd
+9/CszLTVMmtKMsNohAgyZNzca887Wa+ObEesW8gC0ruPpLHIczURCQsRXfBL54Ny
+cZ/WVkQbp9fzQ66QwP+vEgfhI8IG3eFALFOsMDQsV9Io27LNl6Jgs4HHsBsqVEeo
+ZMgUkxKddQr5/I/0PeRY7ZDz7XgWMDd8c+yJWDrtcAEohDKi4SX0BjHyPLZc47DI
+qLSZ3jnpNC4s1OD/fqLoiTa5FsOxVXONr1PYPI4dT1J+lOWfpY2+VgS/EGIRQlNQ
+wpLMpuCKiuesea6J+156yRfHt8tIcNXMFEvZ47I/uN0idRfaJ6NA542cWnG6FKOX
+tH8QHu0cKAZQhIk/7fNOxzLAMIr8dceUuJrLsd7kAofU3q67SUGku33Z3ld1M1tb
+YdVfVu7jU09Vm0v1k7+RF7Ke0tyb9rXweWxRKJA8TfghmAbKJNGB9dxLo0UxWIOK
+2p7I3Ne//dQ3HXB7A/nSiyoWY8yI2/obbPRERUaLy/N89g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF/jCCA+agAwIBAgIQDn3fcKv1/W5CwIKpDut6DTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
+MjAzMDAwMDAwWhcNMjgxMjAyMjM1OTU5WjB0MQswCQYDVQQGEwJVUzELMAkGA1UE
+CBMCVFgxEDAOBgNVBAcTB0hvdXN0b24xFTATBgNVBAoTDGNQYW5lbCwgSW5jLjEv
+MC0GA1UEAxMmY1BhbmVsLCBJbmMuIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IDIw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQHA4QC1VFekcI9Wv60lK3
+TojsG20qBpM+lpq4+X9Qi5MviY90ktPjdZSRzaXbOL1lS97bI7E/TruVBzfc7DrU
+iJcFpW4EwGLUbUZTlqpYjjfmLO/lP3bQw50BctTT8jAnb6sy929Xf9uphuqkY0u1
+OYiFYAgFuHnfmykHYvzk79iAZTpRPbxIrjhai5rOQH2buquOsRy6L7PS9q5GwFlu
+oY4D4c73LFxR7NnMfYrmRp21FI1UsJgxmAsCzLpI/JybbECmc8p1pYp9l+lfVZyV
+iteIAdEkwBmPzZSNOe+6UjcjvyHW0mHcdiFcBxCKXluA/PMFIjFMh9O5Xc6C51rh
+AgMBAAGjggF1MIIBcTAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAd
+BgNVHQ4EFgQUSTyrvgKxgBGMhOKeFCHgp6tR370wDgYDVR0PAQH/BAQDAgGGMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAjQwCAYGZ4EMAQIBMFAGA1UdHwRJMEcw
+RaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0
+aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUH
+MAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVz
+dENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAN
+BgkqhkiG9w0BAQwFAAOCAgEAGoz5psnH3opfu0O5yAhU7Xj5h6FMKAukU42lecg/
+z00dU1U10X9Pro52BUBU1L0rd9xYVV8FtvmXmKbKrqqEXWe41kurSQLUSQXP+Wcv
+86+6M3PkboyRHDAtL7nGpZni3C/pq4jG5TsKxGHaDmftkoiyZfHuRW8dQTO+53tP
+jBSkfk8UW+vTgKxqn2UU6Ty/J9+HQQ4JS2ZvhIGx2M/StCiSkkB0U6sKX9jML8zm
+zgUNmuR/xWf9zphhSGiEjYiq1zuRfSg4DiJFHqM8/zo1FdOQRMwk0maCEQfQS7fN
+sL6E96/I6WgVr2MF17BB8H2ZR4FbyWv6X33968jFrV/abhStAwvqA1vM2nRApupO
+1Auug1EVtPvy1jP2307ZGokB2cQxjBLDh/ucnFZyrHFgczsUJ4KtrUvhLDEh97TR
+mZvPjdMH8cfc9BE4HUuvXC3kVw/vS/btEwEfnDK0zYABgcSesdUms5aaAxtkOUrv
+lcwDShCsquWr92Mg0q42LxpvNNVmwSSb/4po+fGnJ5jCYIVJq/78zRY9+ADWfoGx
+P+5H5HU3SDX4T68tKKqbnCEfWUuZ6KspiV9JRQkh5D9wkOUara9QvG960kLwfbyt
+iJTPQ793S++94c7Z18n32ujHB4xGaOmo72SsJdbAzRiULEWWB7Jg9cGPYR5GStpr
+r+M=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDgjCCAwigAwIBAgIRAPynkt6UMaw+405OnaJwREowCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4MTIw
+MzAwMDAwMFoXDTI4MTIwMjIzNTk1OVowYzELMAkGA1UEBhMCRlIxEDAOBgNVBAgT
+B0hlcmF1bHQxFDASBgNVBAcTC01vbnRwZWxsaWVyMQ4wDAYDVQQKEwVaaXdpdDEc
+MBoGA1UEAxMTVHJ1c3RTaWduIEVDQyBPViBDQTBZMBMGByqGSM49AgEGCCqGSM49
+AwEHA0IABGfMo3xOFetB2VnR7jSz6Y+moOE8R6QJLMvkjx2x+xWY51RFUKD4yL+Z
+9+uEpie3d/LGAW8ADyUqAxxd9hYG9HujggF1MIIBcTAfBgNVHSMEGDAWgBQ64QmG
+1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUc9ZfQt8gN7J7xFPs33wNXG1ePlIw
+DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAkEwCAYG
+Z4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNv
+bS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEF
+BQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29j
+c3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjAq4SJ2bQk/ogeIOulz
+dSEuEu6/YKJOPT3OPW2vncVLQ0MIbNpbTMvU8yQr3ZYG4EsCMQCxSM6y6MZ8qXSV
+dsO5AUK3+ZWz+X+ZWs3syxz1dxV/foP0c71f1qSVsAm9RSBqzPQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGOzCCBCOgAwIBAgIRANiAvRUTZg1auEbI7+YHZigwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE4
+MTIwMzAwMDAwMFoXDTI4MTIwMjIzNTk1OVowgZkxCzAJBgNVBAYTAkZSMRAwDgYD
+VQQIEwdIZXJhdWx0MRQwEgYDVQQHEwtNb250cGVsbGllcjEOMAwGA1UEChMFWml3
+aXQxNDAyBgNVBAsTK0NvbnRyb2xsZWQgYnkgU2VjdGlnbyBleGNsdXNpdmVseSBm
+b3IgWml3aXQxHDAaBgNVBAMTE1RydXN0U2lnbiBSU0EgRVYgQ0EwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCX0uTvGIMCGbPxykRA7R9wbUJBVXk0H5lv
+oiDff+6Q3XjpoYAfzgW78aT77mDqOQqvhT9TziQ+L4qqkbwMdfzmCWadkUUeR6ug
+QQznbY1HBzWYsHYqabwZ4j5PrKaAwFh3W9JgWhXtEclkwJKRRG3eWJqJoae4hnKG
+cSMWqsfhIzyaz7qRw0R63XC4K0Yv5gh2PibI9DFoUeBjJJ500guI3a8qt4l10ZFx
+1vDKUvK4Vd/pGgjSsWhFa8nAAogHHTCP1lvVNxIFjpOT8LbeT/XMQ2+qJFLKA4jx
+MG49bJaXALVDJ7NjBoZypXKSNtG7Fvn265RxBQ12ftDVdJdTGfQHAgMBAAGjggGL
+MIIBhzAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQU
+qyfeB13oAV6MVtAwo7dL3cUYSJ4wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQx
+MC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQ
+UzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEE
+ajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy
+dXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz
+ZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAHgFOR30at+yVaRAMiQyir/L
+yNL4jkPoiPr7MEbh7PaeRm+9ykfJr0KgFHadEcNxa4iCV1+FpJARTWhiqId7vpZ0
+Vo4o5r8JuRo6q9wHXoTsSohIWB/oeIlSWS8TjjAC23OtJ2I+ZKD+CEfiv2+984FP
+LMnVr8+CEiAkK3yXIwjPVO6B6/GgLUW20OsCXKWTA97WdLhE5T9fmbnfoENmyG1t
+p0DWy7FyRrrI6kfqENGOP+bfZvo3iFw/XuqElznbrz9E3geaaqYntVb1N8NYgz6t
+pxWraoLUtTnxuO4tyoo86Q+MBC3lQxINZGEW0dw8T8VzUcC5tRuZHkG1/hj67IPi
+z89fGO+3D6zHJtY8kxQAbjX5dWxFFwWBqj6F+5cd/0GH0P1OqFnXMTFMRBvC/mHm
+JjZ2aqq9W+NdaDW2McrDN53jEKQCGlAg7sZmnxmyl/keXQNTc+NkfQXTEXTEtm+H
+7V2nnJPUsfxCq/AahEvFmrmF1St5DSUOzsjg8LGBAB+DBMHenJFAz4Kz7p9HDcnd
+4DEraZSm5g7UJ3j3FIhNlKODLVYoaKwYZzHCEhDUdN5YjkdLrNiyJxutc4NPB+XC
+3RU9hcFCS9O1B4h5WXdm6iClGOHfYNXIJ/lM375uSdDsHTsaCGX3j/HjfHlGqo7L
+UqqphWxLwYCBEKNZ/dfx
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF7TCCA9WgAwIBAgIQVCdbLL+QkRoRwfXX5XPuczANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgx
+MjAzMDAwMDAwWhcNMjgxMjAyMjM1OTU5WjBjMQswCQYDVQQGEwJGUjEQMA4GA1UE
+CBMHSGVyYXVsdDEUMBIGA1UEBxMLTW9udHBlbGxpZXIxDjAMBgNVBAoTBVppd2l0
+MRwwGgYDVQQDExNUcnVzdFNpZ24gUlNBIERWIENBMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA1flZMTYv2I3K5APXG2qo5QiccqhmjX2H4V0+7WW86ROo
+w3RT+HR5GpTBu3GEHoh452yLSAJ05Zh0li5O3WZ1dd3HoY3GgS8covM7BQaCmMZH
+Yv2Zq6LJiScFSYwpQ6XSKi7++5L6EhDddZQlwiBW06YVmWnv3YIhBzFW/3a+YWF7
+ZbLIoODFqd3TYvPey3TpUeenoOIL47gyPYKGXwTk7iQxDGJqqGrauic+meoZx9XV
+7x2QV+lmARDQcNTBfJcosNICadhKJnPdhyfwoZOMQL6SiTWJj9/rR7X+1cywxyFX
+rDrSNQaldVYegrFCk0+pOK3AChJQrAQz5lqsgBojkQIDAQABo4IBdTCCAXEwHwYD
+VR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFFuGxTiFJTOM
+NepF2vVPeVx16r6HMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysG
+AQQBsjEBAgJBMAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3Js
+LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0
+eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVz
+ZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUH
+MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIB
+ADQFa4jTDpXStSJnRiJq5BFGMqDPiOILjRHqKdAJXqHAgwDN2ZWd7o2R3cUnuZl6
+caAsrdrwNkW44p/bUAdMoFtbwsrdpHpRv1R5BZc1fvaxG9dlw6XGLKeFD4QiRIP7
+oFTk+wIVaAF4rN5x0mSZ8lBBlR4SHDjoEN4urDJ0aB1IXiQ12fu1jW0DQGmAn+r1
+qVB3QMUncOT2ZNwQNJKNDKfYFKvmxADAEdeakEfPBeDReXNN+cjlalJy97nH2dZ8
+EfWaLNMG1zU4gnrUqSl0FupFScBFXvHjdqPI3La8EGSw++r60/IQQJIPzI2gdVav
+iE42Z7cVCashCF9+BT8nkPj/aQ9FoWyCXgMucjFbt5KDlk/wPxxl3dpO7tpcGKba
+sXaEGOrgjmfE2/PIzeZRVUiPFQ4S1d4liJYPoQhMiDzNel21FgHkXmGwYSdJItTG
+nlOXo9R8Crkvz+Dzk5IJC2L4PRVdmaRcCsx+xzquNW8bCI5uQoGjKU8TMk3Zbmih
+TsbdxzK8A/2WXtUD3HMQPeubt8tKC0e2xZSxcU6g5SeKazNpD/Wp7v+x6q6gRv6q
+V5jTW3OGiT1RaEteU+6jJisCRcNt31M9ckru7wFnSk4WsqUiE1pu2WDXQnGSR588
+R8k4YX2h+ggRjoXef6H76fMlrxrDWb31PgINZy9yiDIi
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDqTCCAy+gAwIBAgIQTYpKHavxJtrHJvxmP6tyqTAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMjAz
+MDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBkTELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
+EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMP
+U2VjdGlnbyBMaW1pdGVkMTkwNwYDVQQDEzBTZWN0aWdvIEVDQyBEb21haW4gVmFs
+aWRhdGlvbiBTZWN1cmUgU2VydmVyIENBIDIwWTATBgcqhkjOPQIBBggqhkjOPQMB
+BwNCAAQ8ZzvNH7DvLmHmPWKbPHfPxlphsNpA3vw7hhhTyE4zf3znIifMOTSQWdig
+Y4EfVtzleTpjsGhoS0XHyYFJtvRUo4IBbjCCAWowHwYDVR0jBBgwFoAUOuEJhtTP
+GcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFIi1LMsLfHTV41CcbEJFUnZzsGWjMA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIBMFAG
+A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1
+c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgw
+PwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RF
+Q0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
+dXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjAYu0YXnOI1w+A8U05QFhaSVJ3feHRP
+LTQ7vnSRH5LcutgLJRL1LK3D/e3EEGmJ3TgCMQDPEZm0gs7pmtwGUHW6+6h7GqHj
+U8P0sguy+fdkZVa/b7ar2BvYbsh9LpzF0jCp6tk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEbDCCA1SgAwIBAgIQDU5Vu7rfp4wUOY2Uq+0vvDANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE4
+MTIxMjEyMDAwMFoXDTI1MDUwNzEyMDAwMFowTjELMAkGA1UEBhMCVVMxEzARBgNV
+BAoTCkFwcGxlIEluYy4xKjAoBgNVBAMTIUFwcGxlIFB1YmxpYyBDbGllbnQgUlNB
+IENBIDIgLSBHMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKUnQDUn
+8HIHgWNSwhuZgu4Dk7kwZDDYbwVE7A9+/yBzfTDHlDhNtxtg2alHMrkOh4GRIsWd
+Rxg+CrltQgwT3kKZORofrpTOjNv1iR4Z+3i3sx1HOywblMbib+d+yKoDBr8brFAe
+u3/hWFemcqAwa93sqQ79VLHAwh0whuD6WMhQ2IW18s/vuK0d+LKho8qjp8AiMDCw
+1SVVydGYPPokKI30scKMhECqfF71wcYg3WDvzYrVVWUpgF0RJyaPI1YLcgWghvlL
+ToawrlBEb6PLXtLRQIvRVbOUVvmkEsVd9Heeywk9WCYXiCpo8RQ8qrOJaQDwxFao
+07OeDGz9883b6W8CAwEAAaOCATgwggE0MB0GA1UdDgQWBBQBnHZJxe4ad6SKU6DM
+A6onvixIxzAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8B
+Af8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v
+b2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMu
+ZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAA
+MCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJ
+KoZIhvcNAQELBQADggEBAJu5OWUDDbq8MDOKfbAY4vqQHWj41UwexIQilFMHibJy
+Kk4/9rx9B6K390O93Dxo0gSgecG9rG643F7/NHBAn8cCPcWWIylZaaweM0pYd2aF
+Va5tdmd5nDbspkdyqSqAkH+edZB52JKR9th8VbTwhNx183yxb9l7u/WXoYXdwcqc
+p2FfCX2Wzl1MknbgMuqHOx6M2PfWfZVzhaHgozWRnCPau6EMH1v1+NMHYgsssSHn
+A3uWSUabv7Un/xjmiGgwCh3i0EYBbE6UCy1G9XwHoXhV0zhW0XgTwElnEY/2W+f/
+DqHVOGvV3nYXTOq083lrS9KOp3aJNDhC83O2wsdC8vA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID0zCCArugAwIBAgIQCkjVfGX7Dmz3BKNkXxQY5DANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE4
+MTIxMjEyMDAwMFoXDTI1MDUwNzEyMDAwMFowYjEcMBoGA1UEAwwTQXBwbGUgSVNU
+IENBIDggLSBHMTEgMB4GA1UECwwXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzAR
+BgNVBAoMCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAELVSOaLAQE+/0LdvYCbJD6J1lmW40uNSXyY7J1qgiNzLIcWDusPHy
+xWT2ukdf/OYHeDIt9sqAIMn9cPhykyGIRaOCAVYwggFSMB0GA1UdDgQWBBTDxKRY
+BWPXgwa6lo3cso8y9ru3QTAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN
+8DAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAB
+hhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0
+cDovL2NybDMuZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwWwYDVR0gBFQw
+UjAMBgoqhkiG92NkBQsEMAgGBmeBDAECAjA4BgpghkgBhv1sAAIEMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQEL
+BQADggEBAF5Pz2WYaWVNfiw+bosevsIQxOc1oWPiYaOn1cgmAtLt9gYa3ur00j38
+9zI3pFcJCb3SopEDbHQpkJ5UFo+g3a0ygo3dAJdLqLBluOw1csi7PzYIWv2A7wgV
+B5P3uMOVigMLtfAcvkx4tf/ujaJR7Eg6QL/W2rTOxO2WdSApLlQ48SVuf81NXs7x
+/kbfnOFsZp8ZlufRYaFZEiRKkeGg9GmRTK0h9VBmKXSYMGGoPaGCtTO5GvV3r5w1
+zH4decUEkiWrqNCPic6S9Pc9IOQGmR7GDs32igCL3iy7b0jksrlctNtL4LVjrzB4
+2xC8K8hG2P7VuXXojnw91yKtH+e9Rec=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEnjCCA4agAwIBAgIQBVLH7/7sKSup8Th7B6+SnzANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE4
+MTIxMjEyMDAwMFoXDTI1MDUwNzEyMDAwMFowYjEcMBoGA1UEAxMTQXBwbGUgSVNU
+IENBIDIgLSBHMTEgMB4GA1UECxMXQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxEzAR
+BgNVBAoTCkFwcGxlIEluYy4xCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA0JOhHUdDIBayC2vrw9W06MeYzfPev+hN6eM2gAf8RRtq
+fEWGrlbTpAl/YQ1rXX5Sa320yDnE9Gc694POGW+GL35FfkccZ1LKlQVd4jZRhcDU
+Z4A1bxXdPv0d0v2PNFDY7HYqvuPT2uT9yOsoApYRlxdhHOnEWTtC3DLRCR3aptFD
+hv9esryMz2bbAYsCrpRI8ziP/eoyqAjshpdRlCQ+SUmWU+h5oUCB6QW7k5VR/OP9
+fBFL954IsxVJFQf50Tegm0sy9rXE3GrR/Art9uDFKaCoi3H+DZK8/lRwGAptx+0M
++8ktBsOMhfzLhlzWNo4Siwl/+xkaONXwlDB6D6aM8wIDAQABo4IBVjCCAVIwHQYD
+VR0OBBYEFNh6lER8kHCQFp7dF5wBRAOG1iopMB8GA1UdIwQYMBaAFOWdWTCCR1jM
+rPoIVDaGezq1BE3wMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYw
+JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTA6BgNVHR8EMzAx
+MC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vT21uaXJvb3QyMDI1LmNy
+bDBbBgNVHSAEVDBSMAwGCiqGSIb3Y2QFCwQwCAYGZ4EMAQICMDgGCmCGSAGG/WwA
+AgQwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAN
+BgkqhkiG9w0BAQsFAAOCAQEAWgDobaZ4Dq8zSOdyWvCa+Tad60OIwE9qkz2o33KF
+CcAM/CvxXrcXTTYo9VJHninE+G9SguIdukkDDAOHMT8WvsqomydMXknQJVbREOAX
+KUKgS5q0/9ou9N1FjJvkhPGFzAbuLnSJtLomfJPxHW4h3l6bdliQodVQXd3xUbXR
+qTKNUbF9bIh4601+KhyZL0u0B/eTppf/1O5S+qFAyRADr1lvfIeNHZv11iyf4u7e
+uLBsXjyT3vPwxrihpAwB5pu/DhJWh4iv70Q7pcvAaRRfiJgMj3A0fFgvqvGbW9jm
+t04+Cr/PjpWeMFt3KKj3DRh4jJKjJUGt+JxdGGJ4tCGyCw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDvzCCAqegAwIBAgIQBa7K06LSRtWH7JORcR0RFDANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE4
+MTIxMjEyMDAwMFoXDTI1MDUwNzEyMDAwMFowTjELMAkGA1UEBhMCVVMxEzARBgNV
+BAoTCkFwcGxlIEluYy4xKjAoBgNVBAMTIUFwcGxlIFB1YmxpYyBTZXJ2ZXIgRUND
+IENBIDIgLSBHMTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPVJMs3lGFIILq+f
+mImVAttsUiwFPXhyhxN/buSsMdbYg4ESogBaFlzg21sTLKBzwscwmnrv5i5NihD/
+genZ3VSjggFWMIIBUjAdBgNVHQ4EFgQUtWRvvBefyVBl2PU/hOmVCXp8X2YwHwYD
+VR0jBBgwFoAU5Z1ZMIJHWMys+ghUNoZ7OrUETfAwDgYDVR0PAQH/BAQDAgGGMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEA
+MDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl
+cnQuY29tMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNv
+bS9PbW5pcm9vdDIwMjUuY3JsMFsGA1UdIARUMFIwDAYKKoZIhvdjZAULBDAIBgZn
+gQwBAgIwOAYKYIZIAYb9bAACBDAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k
+aWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQBAoMZIDy0cZEb0qb38
+qExEaFOiRf6GT/oNn5BKXWEmCJeWCOcNHWiPtQPcBm37QFf3GwUw8xrd86jl8lps
+epaotPubM4F/H1vNd/RmZxRHy54YPMjocy/pB8f7AkpxfIsRgXK+nB88f0PSPtHN
+FhDw5CjSdhd75UI6JMh5tCxEfjDTTnXCIYnRg+Oj95vPpIyaENg2CEMvUO3AVjc6
+w1OySORrzxavJ1sZ/mjGLnAxz4iWyCrCeXIF7r8LUWBg5b7Wvul+6KyXWPAdzZTK
+cwktLIehiCGYyM1A6QQryu6bEXD79+1AZZ7Hu9BJTuaMraeIN0hrh/6qu9BQH2Xf
+Iuz8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEijCCA3KgAwIBAgIQC3ma73ud7StBi40+qjqPfDANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTE4
+MTIxMjEyMDAwMFoXDTI1MDUwNzEyMDAwMFowTjELMAkGA1UEBhMCVVMxEzARBgNV
+BAoTCkFwcGxlIEluYy4xKjAoBgNVBAMTIUFwcGxlIFB1YmxpYyBTZXJ2ZXIgUlNB
+IENBIDIgLSBHMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKl55u4y
+YQpkUgCD2lxvHawFepaeczR5K5PxO1+QA0CPug6amfkhDf4rnYg/eL6ISOo7FPbd
+IVvUpleQi+RHT51SfslZbU+bQAPshDCLdLuHo9Qhmw1lF/K003vYR5Regxvw6iuC
+NmVT2IGh8RMcZBFShkO8aZfMO4wFE8YcKDOli8gFZSXZohh/1DYoE6N6rkIvwlYT
+kEbLvhNi1kjlLZvF5fpd3P+YxSazekOQkK5hCFh1HP/AgKfAaTDI/nG+GU/vor1c
+L1+AgvKMXqyPNEzZT+DTTNaw+IkjGrF1v2R8RX1u4B3rkh7KxzppVULNOTqfQEuk
+9jRnSNr6E/mNaGkCAwEAAaOCAVYwggFSMB0GA1UdDgQWBBSQYfOj1wbO9Re2Vw7Z
+jKeVSxYyiTAfBgNVHSMEGDAWgBTlnVkwgkdYzKz6CFQ2hns6tQRN8DAOBgNVHQ8B
+Af8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v
+b2NzcC5kaWdpY2VydC5jb20wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybDMu
+ZGlnaWNlcnQuY29tL09tbmlyb290MjAyNS5jcmwwWwYDVR0gBFQwUjAMBgoqhkiG
+92NkBQsEMAgGBmeBDAECAjA4BgpghkgBhv1sAAIEMCowKAYIKwYBBQUHAgEWHGh0
+dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQELBQADggEBAFME
+3z7FkMJ7mCDw0wInQ02Nx0s05f5PddIXqvd6J3XQNRyUFkPVuL6jHL0SE81BRzYG
+WGpcmdjHAgZckekU4CywJo8HgJMjvb+viUECcuQtFmcG1q38/AcvCdf/cPpRMHws
+HKF3/Y2cE/Yc/2ynKC/DycXBtWKXi7JmEtGtrb7KC/5G2xDlsbCLMD0QNs8uDG1s
+XcKPAwb6u6uStOX5KGHqkbqox/zo5874lSy+Nqc9IRXhS2CDlgFDLZ4kjIEXws/a
+GGlNWLf/ctIvWbLDxHuK/fVyGpVniEpPCuPX2VTTVnDCg6CCpdclIfvQRj0bNrcs
+rZQfG6zUAF0a6uYMYSo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGUTCCBDmgAwIBAgIIfbaLomhQVzcwDQYJKoZIhvcNAQELBQAwUTELMAkGA1UE
+BhMCRVMxQjBABgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1h
+cHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODAeFw0xODEyMTQxMDEzMjNaFw0zMDEy
+MzEwNDAyMDBaMIGSMQswCQYDVQQGEwJFUzEeMBwGA1UEChMVRmlybWFwcm9mZXNp
+b25hbCBTLkEuMSIwIAYDVQQLExlDZXJ0aWZpY2Fkb3MgQ3VhbGlmaWNhZG9zMRIw
+EAYDVQQFEwlBNjI2MzQwNjgxKzApBgNVBAMTIkFDIEZpcm1hcHJvZmVzaW9uYWwg
+LSBDVUFMSUZJQ0FET1MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6
+cIlUCaCe12gMnFsVFePe9Z52zvebP/J30UrhNH0H4vny6VS7oVOd+aMQvvqW9JmT
+rYIA1i72jp8TnWNHq0RNlQMzjd+uQkeVSIOrohSHMejah0yx+yUusoWDSXOdhKV+
+CCjN+nvcCDUxJW+jmiN/UVZkHzQRK3M0cbQRGRNADeKPsrUrB0028OhBgyPOxM6S
+x3BIxXz8r2mXXtlFkkgtVYOtU8zyT4OM+c6mPEmnWL+uHpuL4MlzvZ/1RrO+ynyu
+a54hGkh4iijt1a3PecgdY7269FfhlsIWMSnXvKOeY6u6+F+CkkxwqiRO4xvCEVXY
+1ObIHPgXON3VYWIzLxvlAgMBAAGjggHpMIIB5TB0BggrBgEFBQcBAQRoMGYwNgYI
+KwYBBQUHMAKGKmh0dHA6Ly9jcmwuZmlybWFwcm9mZXNpb25hbC5jb20vY2Fyb290
+LmNydDAsBggrBgEFBQcwAYYgaHR0cDovL29jc3AuZmlybWFwcm9mZXNpb25hbC5j
+b20wHQYDVR0OBBYEFIxxzJMHb9HVhmh9gjpB2UwC+JZdMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHwYDVR0jBBgwFoAUZc3rqzUeAD5+1XTAHLRzRw4aZC8wgcsGA1UdIASB
+wzCBwDCBvQYEVR0gADCBtDCBgAYIKwYBBQUHAgIwdAxyQ2VydGlmaWNhZG8gZGUg
+QXV0b3JpZGFkIGRlIENlcnRpZmljYWNpw7NuLiBDb25zdWx0ZSBsYXMgY29uZGlj
+aW9uZXMgZGUgdXNvIGVuIGh0dHA6Ly93d3cuZmlybWFwcm9mZXNpb25hbC5jb20v
+Y3BzMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZpcm1hcHJvZmVzaW9uYWwuY29t
+L2NwczA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLmZpcm1hcHJvZmVzaW9u
+YWwuY29tL2Zwcm9vdC5jcmwwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUA
+A4ICAQA7REamLqwdXePyP5WI5kYGEKgtKRZCQGMKKdC0QLwhXIQLp06lgbEmd5kr
+insUqpp4F+mJS7vueWHx1T9ZI0tO0Te7hQz0SGGMRtFvj/JwrcSyZ1FYZVOOJIkl
+JBFpTCXXOMJqXD0YEITANx+Red3F5y4tcTgpWL2t4n7dNiVVwLRGs0MR2lS2a9kM
+Jw6ZE4c+CMXDR4Af9x3Qy8PyQtp772MP79LFUD++qJD7NpSVHGiCsgqJHP28+frO
+lBcNunrsCfJcQRGr1lFeB6tk2vj0y6cI2ZEAGrJw6tPRqKMS2jjf2zqefP8Ljnsn
+tJnDyjRNlJVp7YVLEhpJVeKKbGTJvUxmHs3mqgdqI374ODyiYLhkhDZp2oxk4bZ/
+XGm6rsW4LCRtZet5lV7a7WjW4pa+gMttgFVOweS6GkZa5CQokoUE4atKUyBDI74K
+2BzgKb2UNm6wMqc4g+PsXqoLKu6BpVD5Lp+cup2Ib0lLq3JIX3cvGNRq8EU3Ncv9
+Yu9MGy0kTMnJMfPTPECIFqVxU0rQn4/tEY3YYJjpIyKow6UjCmWhnRfZMBsEHoD8
+ukReqwacoJW7SbW/b80Vc5QZRLiz7hbQ4hSJ6pu0DNPEC3I5Gn/udfesHQg1aIHa
+cilXjuJlhE94KpdxPkBi8CHTM39rlRUkkSPxquBlcDUDUnx7Yg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG5zCCBM+gAwIBAgIIYoDwKcQG3rgwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTgxMjE3MTk0NDA0WhcNMzMxMjEzMTk0
+NDA0WjB+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xETAPBgNVBAoMCFNTTCBDb3JwMTowOAYDVQQDDDFTU0wuY29tIENsaWVu
+dCBDZXJ0aWZpY2F0ZSBJbnRlcm1lZGlhdGUgQ0EgUlNBIFIxMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAvvRuokjLk4U1eUEn1IpnXJH1Law2PnAh6L3+
+TjiSN2pjFdBar7P/qv2xO7Zi35pJcNles4YK76OfUVejRjUCC7jAl/ZoSXSupTuE
+fQYKB8GMm0os8o8BsE+X3m17ehhgLcZU56mGWWMBbCQVz98GGJFtp+PL9a8IQCwm
+XW2/5ljVVUGff8V8wS4du+LSXcRyGWZt/i44F23wjBsm4FBepBg7v6CvoKjVHnDZ
+YLhGTqYcqM9lI8qHN8BqMcz3RgpHGcQZlSaYjF9kv9KrpoNRbqflooujXn+X6kpb
+dPf5sE2mwzj0Jqnp4rhTU9TaAzUbqkUbe20+EA/IBPvxeHZbhAIOacuMxTk/cJsW
+e75e/br0PjRxEZCOlaJEfWHMjHWMK2/JlWgrU+3sv71iDKWJtApEs658EY+Qo+Gi
+IdVc6AaaQjL5rW5Rc8oddQ9Ia1+OGxroEqNOg8BRSShvKnoyyqJCnd1W32AyZUg8
+vdFDHRkZi9uUjjXxKXTqwBz6MuMlHFyZ/nu/ALLhp9RUjrJ5+WbntHq/lpZCfRnG
+Fyodp1KP9vxLjT/mlTcDzM67FWazkBujpeePl9XiMp+wUc7Acd9kTGvcGrdTdeid
++ArIlKPHlSRsyj8R/RJOTr8EqA4lLZ0AP/65h9VOs/qdMOepVl3hnUCBiS11e6BQ
+cNrtgpcCAwEAAaOCAWkwggFlMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgw
+FoAU3QQJB6L1en1SUxKSle44gCUNplkwgYMGCCsGAQUFBwEBBHcwdTBRBggrBgEF
+BQcwAoZFaHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tUm9vdENl
+cnRpZmljYXRpb25BdXRob3JpdHlSU0EuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8v
+b2NzcHMuc3NsLmNvbTARBgNVHSAECjAIMAYGBFUdIAAwKQYDVR0lBCIwIAYIKwYB
+BQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMMDsGA1UdHwQ0MDIwMKAuoCyGKmh0
+dHA6Ly9jcmxzLnNzbC5jb20vc3NsLmNvbS1yc2EtUm9vdENBLmNybDAdBgNVHQ4E
+FgQUvHYtg0mFmNNBolbW25dDeZCuKhcwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3
+DQEBCwUAA4ICAQDBnwHRIKOQpr3YqagExDDRVUpNIf8h/Gz2nhZ7VAcjQda8fOZE
+eYsmimuxY2meiGRWLMONISySOPtTvtlVBerAdGQY2vqgx6ZAYd9KW4eX7Ggsirny
+ve3ea/wZmFf+jI4fAm2rN2O+wvrLxHPHa0qrhJBL/6ADq43eJ/+Er9/MupLSIyIo
+zf/x88W5qQ72SB3k35oY4rsfVSmvK9IFBzaXRCaI8LlTiTKGn1dYd/R27P/OwfXe
+GAN0sdEL+ZNHUsUWqSrUZwlIcLJI+TDX5X7d1emV6c6fzkmMM5xdohF6uMWZN1Zi
+spNixlAhIyhYEAgLJuSRztT4LMTxdrLK483KiX8fuUeHozuCvQB03wjV26wbZnvg
+O40lLLI9duFNpUJuUIMwW5/As5FoeZaFAaMt/6IWRsTEAp5sbS8oshU++X+vDlG+
+pA64XUiYKrAurgbvUtWPYOMhV/21nz78lTOxFxMPk2ODdnOTZWKUi9qkM7edtUHJ
+ANUHrYM5LVgLjte/GGbMvguNUDnZqRSoohOzFoIM7X6iU5xWTtMx4xBVXnkI3wqR
+N96Dz6qyxQ1F9IXxPI/U9KKPMvAvAWcXTEYXTVXCHbWk3899G1zFWajbIPbf4eNj
+Edgno3CjHbD6NhZXEfsKq8LO0RMnUvSE+gK8ZNgxI3X2B4gPOEO5/skC7Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGzDCCBLSgAwIBAgIICeb35dyKEL4wDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTkwMTE2MjExMjQ4WhcNMjkwMTEzMjEx
+MjQ4WjBjMQswCQYDVQQGEwJTQzEgMB4GA1UECgwXSW50ZXJDbG91ZCBWZW50dXJl
+cyBJbmMxMjAwBgNVBAMMKUludGVyQ2xvdWQgVmVudHVyZXMgQ0EgZm9yIENsaWVu
+dENlcnQgUlNBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxoR5uQZ4
+tKdfDy/dOjBq4DEylB5r9Mpb4yC0JrBnOdS1WlK2s72Ts6C9cYQUDPy6t8huqTl8
+DSgWf3xAYviO8/o7eh05Yjy2t4w0v0ubYbBdMgm6zHFw/4q+wVKWiIAg0E+LXj7x
+8QbtFDB0351XvwmVfaJ4HaS3Afr5zFIwnsH4bw3CnLwIug8brXL+oqzr8mAZTLwv
+FCgPOj2F8rcjkpyRWsNMN4qKFHUZ5JWFQp7SAGy69cl8W+LGkEUEyQ9S/DXEEq/R
+689Bxw2r8p7I1YyGjvCxkYZbVe0bxYdsVROahrQknF/vm3SwFA3gQq+1oXBxNMuM
+1OMj6r7RgJs0TxiJRmnJ40mFCgYrB5VWQ0Rz/Yj/AG1O2TJAGn9lb+UOfA4yms27
+/hqbkE/Qo8og1ZT1/E3lIdP94/swofyKU6zycUeMz64Jm66Rn6o0fyRwraMw8yZc
+abz0SQVrZofIoO3Sk6kDqXFmPYyLxiDaCM/nO4GbTGWwvjD7pqIi5CnAXk2bWHJI
+TTfeukwnQ0J8AQmH3bnYoDJTOKVOcCAe1UmQdZqc8PSNfJQWVk1sTzEnlY8gtrnT
+z3Hrmj4g1kZjHZ7slI5xOf2nY0UnfgiivmU8a3X63opiI5FGG8N7YWFTWQCt62E9
+IRzxAUVfkkpgMdxyS10RabH30pVN2uf0YTMCAwEAAaOCAWkwggFlMBIGA1UdEwEB
+/wQIMAYBAf8CAQEwHwYDVR0jBBgwFoAU3QQJB6L1en1SUxKSle44gCUNplkwgYMG
+CCsGAQUFBwEBBHcwdTBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5zc2wuY29tL3Jl
+cG9zaXRvcnkvU1NMY29tUm9vdENlcnRpZmljYXRpb25BdXRob3JpdHlSU0EuY3J0
+MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTARBgNVHSAECjAIMAYG
+BFUdIAAwKQYDVR0lBCIwIAYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMM
+MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmxzLnNzbC5jb20vc3NsLmNvbS1y
+c2EtUm9vdENBLmNybDAdBgNVHQ4EFgQUeKHXWTipSGyK4VRsl4ANmGKooHYwDgYD
+VR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQCU0+/uzuxoM40qaAOvZ8xf
+VDucjxF6igRRCwRYrtqDQAN29c2Ps1/XCyFAmTeR03Y0zW/2FxI9SlYrZyP2dvmT
+e7tM6HFHwX/+W2crGBe0v+g8UsIEiHaInjOZrfhhsm/+oWe8UKboeHu8dEKsoflE
+bgZE7mD/KRHjODxUM6RTMAy9JE4wq0AjBj4G2ltqvJIp/NBohjo4Z9zHeAfc7Ajp
+lAeeIHEKcWRTIorJEhTOaxrD9KMf2gxBC166mHmh5znTLxQB64993c3OkrqS3fUy
+XM6h4js6C80QxUgw0qz9uMmcgTiOvoqT470+Fd/UG0Ng8xEE4SAVXVpy1UsWStW2
+KRdm2K0QWwL70OryRxpTHtbBesrokpiON8aoMrj44bbiqKD0l+ZznH2Tg7p9rMuL
+F5yTDK7ot6T6Ow6QKUAKoxGw03MYk0LBkIvGost3faW8yjEvwZCDaOzJb1eURRUs
+64fMGNoY7gDmb/fMff+9ImfmSYQRouBVyJ/Z8qcaxQrhu6d6oRixexKGzp6lngXU
+FZVhXy5Fukun4T22jyYTk/TgBJDI4jSNvhg3G7A1hpz2txTWoVO94TQooosla744
+pVnMRZLLNkFjdbga8iG4FoNZy55uOw271WlNAnJxE/isaYprq9n7QdJlICjFQHEP
+sr7jdZaEEW4zGsWLuNM0+Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGiTCCBHGgAwIBAgIQIyygpSElAUZRSSMeuADPTTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+MTI5MDAwMDAwWhcNMjkwMTI4MjM1OTU5WjCB6DELMAkGA1UEBhMCVVMxCzAJBgNV
+BAgTAkNPMQ8wDQYDVQQHEwZEZW52ZXIxGDAWBgNVBAoTD1RydXN0T2NlYW4gTHRk
+LjE+MDwGA1UECxM1Q29udHJvbGxlZCBieSBTZWN0aWdvIGV4Y2x1c2l2ZWx5IGZv
+ciBUcnVzdE9jZWFuIEx0ZC4xNTAzBgNVBAsTLFJTQSBFeHRlbmRlZCBWYWxpZGF0
+aW9uIFNlY3VyZSBTZXJ2ZXIgLSAyMDE5MSowKAYDVQQDEyFUcnVzdE9jZWFuIEVW
+IFNTTCBDQSAtIFJTQSAtIDIwMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCBPGHDVaj9n97ovPqbVzeCUylcoQdDR9C8BqtC5VdcVmEh+vbmRrSeaha7
+Ba3Mg9wBUY3IcAOFmgiEVJhoOi8dq4dRzRPQN3FtdW8la7BmWwnZrnmcO0C+1E7u
+uJjatDpK/rDajDkW3ebShtkgq1UMnBNRZJmXNbx9UWshV1Ery/Ydwf2jExFZ6EIH
+sMNP4zdidwJbTobK8dD5FfPA1FPIfj3UOcUI6/N7YvsdVg1vid1nPJ35XjHNyXaI
+5D78azWI9uogdM85oVqg8Sa0Swk8R5r87msxqFUS9Q7sicgQszTtYAxsB6FZYDI6
+IYTPUcB2o92LPvpvmV/KA/H0DlQhAgMBAAGjggGLMIIBhzAfBgNVHSMEGDAWgBRT
+eb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUElZ7UGXhJtE+Xpc1P110BfDW
+kVIwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsG
+AQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBABMmLiUVC/3pbe/rcx6twt13vVykTv4Y1wNLn6C99mgiP6ni
+ZDr+RWj0QvVGrqVu9Ib9uBLB5iAF0Qyua9lbeX5/lfoD7rfcCUJX9IFNhFp9nESy
+QPwc4dAnqY1sMXYN6To5L6Gf8HFPtNsuITW9JYV4vmB/ZOPUAfiaIGEm2M/Z6WI+
+G4lpELlH6vmZXqdDbQLd1Ci6g3WAVMgUqVx/7BG93X5s2ZyqgBFnHlT22r6co7vb
+QgcSvsBXl6H5wFU2EQkXoO8GC0fRvYlO1D+2wRxdZA6oOIsZ7RwoGqwksLTFBZno
+HNwDsSk97bLOBnbnjHm9Fh9bfzD0Yn4T+c9U5sXA9gsgfYQH+blIITguM3z6eD1h
+Qcujo2yKI59cJIvLswxGEGAk244ZxyRgDRs8mWZYP/NGhbeDsQE76luzRsk/0TLJ
+4yxDvp+mAIuzwljLmRdgy50/GUeSZ2kge7SJ0lU+am9E2rT0JDQ0borHvFEZD5ZC
+SfplI27V9NH+dKGqPL5s/Kf44Q9Tntuhv9VaCKmD0ISP0+QGtIx5vYx8DmiATUGq
+/kgkUjaJm2lZMZklCaQibNLEKVUcpFD4n0Obwd4l8pTK71T6AhbouHloffp4YpVh
+V4xmhknXY3f7tVjJZcRYVdF5DLXNy8z/4Bk8Z8NCEBzCDvgLlqsbanU5fHQc
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEHTCCA6SgAwIBAgIRAIyKF6j474AWe01PLn9A6I8wCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDEy
+OTAwMDAwMFoXDTI5MDEyODIzNTk1OVowgegxCzAJBgNVBAYTAlVTMQswCQYDVQQI
+EwJDTzEPMA0GA1UEBxMGRGVudmVyMRgwFgYDVQQKEw9UcnVzdE9jZWFuIEx0ZC4x
+PjA8BgNVBAsTNUNvbnRyb2xsZWQgYnkgU2VjdGlnbyBleGNsdXNpdmVseSBmb3Ig
+VHJ1c3RPY2VhbiBMdGQuMTUwMwYDVQQLEyxFQ0MgRXh0ZW5kZWQgVmFsaWRhdGlv
+biBTZWN1cmUgU2VydmVyIC0gMjAxOTEqMCgGA1UEAxMhVHJ1c3RPY2VhbiBFViBT
+U0wgQ0EgLSBFQ0MgLSAyMDE5MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE/l9w
+GSFVAUkSfYoRYZM5ozTekzO0vj0CK3bhjLfKXzVoFyQS7kP73zs9OtUtT42V1DKD
+GkiFtTN9hyP7d0/M+KOCAYswggGHMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc
+4DXGY2OaMB0GA1UdDgQWBBRL6Hej0fZqReZ423DkvLaJwR2KSTAOBgNVHQ8BAf8E
+BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBz
+Oi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwu
+dXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5
+LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcw
+AYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNnADBkAjBu
+b4EAfkbNWYQ/KUv/uy8PaI4/sXVrDkyQPIybtawwfEq1sULyfYI9IHCMx95iFyIC
+MDYLclo35A0UXSQtIcBctq9MKuGQ/OLnkTj1Wif3Vf4lizQ+sZiglwNQdeAKPUN/
+/Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkDCCA3igAwIBAgITBvHsAOWOmt03LIcdJYQ/2rhS2TANBgkqhkiG9w0BAQsF
+ADBIMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRp
+b24xFzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTE5MDEyOTEyNTk1OVoXDTI5
+MDEyOTEyNTk1OVowgYIxODA2BgNVBAMTL1NlY3VyZVRydXN0IE9yZ2FuaXphdGlv
+biBWYWxpZGF0aW9uIENBLCBMZXZlbCAxMRQwEgYDVQQKEwtTZWN1cmVUcnVzdDEQ
+MA4GA1UEBxMHQ2hpY2FnbzERMA8GA1UECBMISWxsaW5vaXMxCzAJBgNVBAYTAlVT
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QVBCdYToXFIfzd1SQfi
+TEgg1bwHXM2cE2VsyxwWK8NEFH8zMYdKy2hYOAjbfpm0xE6q4TQzS8KL2vAtCNyY
+VrwX7d3IvKR25H5s1LUDeQXSl1JBBZCtgJf2caJcwaYa6n2pZ0EKt3wBB+QteSFn
+57ENB37T13y7Nn8gCt9ZZaPYqRWxHcPaIWO3CVzQZ3tXjCLqzJMCV2KqhK85DZk3
+wo33Zb6cyYDkerDbWyric+10dJ/wdgE49dkfyZxVxEGpHg1SCSJdHjGb4z85Zx/u
+eBpxBS6g3dfrkDjjT3MUxyNS4EaRTZp7o/2EqVCYDWJDM1HcOZL64kyWyi0d9jqA
+7wIDAQABo4IBNjCCATIwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMB0GA1UdDgQWBBR/QuNI
+bljpLrlhyGp3tPcDuM1qWjAfBgNVHSMEGDAWgBRCMrYW+gT9/l1LesP990xAHVpD
+rzBBBgNVHSAEOjA4MDYGBFUdIAAwLjAsBggrBgEFBQcCARYgaHR0cHM6Ly9jZXJ0
+cy5zZWN1cmV0cnVzdC5jb20vQ0EwMgYDVR0fBCswKTAnoCWgI4YhaHR0cDovL2Ny
+bC50cnVzdHdhdmUuY29tL1NUQ0EuY3JsMDYGCCsGAQUFBwEBBCowKDAmBggrBgEF
+BQcwAYYaaHR0cDovL29jc3AudHJ1c3R3YXZlLmNvbS8wDQYJKoZIhvcNAQELBQAD
+ggEBAIwGM/ejz4Hbjf7Vc11gS8jzf+BwtZq9N4t1Nibj4rIDsW2G2jDE0S7fCN2m
+Mhq76xkfnwfXhBbXDEKz6rj/M0G2u1kHw4Y8ZtKSzYEyRtgpeBFm4qU6voCSREpD
+FJXsL+Go2/YLRSE6xkWVSocklxppx4hi5o/RVdMMQept6ooOSFzBpH5XZYUoblKi
+99Yj0FUe8egIa9qSts42TObTpH1YVRMDnH3k2MNX3rcgPf9v/QO9Cf8W6RQ2+X3R
+CaYMPdL5OIKh4RGYjxXe3LpgiTKBWik/ZWTFL5sZSjetrJFl50NONzTc8E+BJtrx
+VCHAI2OcWyloxrYd4zMipw0YjDw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEfzCCA2egAwIBAgITBvHsAOgLG6+YcKfEtsvkAaMtaDANBgkqhkiG9w0BAQsF
+ADBIMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRp
+b24xFzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTE5MDEyOTEyNTk1OVoXDTI5
+MDEyOTEyNTk1OVowfDEyMDAGA1UEAxMpU2VjdXJlVHJ1c3QgRG9tYWluIFZhbGlk
+YXRpb24gQ0EsIExldmVsIDExFDASBgNVBAoTC1NlY3VyZVRydXN0MRAwDgYDVQQH
+EwdDaGljYWdvMREwDwYDVQQIEwhJbGxpbm9pczELMAkGA1UEBhMCVVMwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjRHBw8iIivBBrfE6HqexQK0oMt2Y/
+x8jO3fN96KEazZwEoGidwloRBk2Q7VfVvZ0ZDk+qwJZGLZJLS1ntGaZLH4/Iel+r
+Pnp36IVF7J5MNDB+K81a/y9svEMfDu0p3FdlBUyhHvizZ/zFNP3tolmQfZ7T0mGL
+7lutlNAzFYoVTUlVeF5cSC8Yca906TEKyizYXuXcY8Diee+t+fQRHmSI5Hk5kyXD
+YFWcf2tXEfdkuFlDjJ7HPdFyfJzrNjD+cbqt8R5rZKnK1GNVP1dXm0cIYS+BMlMa
+CC1yF18oygbnOZLw5fDv9bxs4MOgF8E/Iypw0hLQHVkuD8wAvxVgPsqvAgMBAAGj
+ggEsMIIBKDASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjATBgNV
+HSUEDDAKBggrBgEFBQcDATAdBgNVHQ4EFgQUYt6tehfefLfDfCMXo7Em5UbXOvQw
+HwYDVR0jBBgwFoAUQjK2FvoE/f5dS3rD/fdMQB1aQ68wQQYDVR0gBDowODA2BgRV
+HSAAMC4wLAYIKwYBBQUHAgEWIGh0dHBzOi8vY2VydHMuc2VjdXJldHJ1c3QuY29t
+L0NBMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jcmwudHJ1c3R3YXZlLmNvbS9T
+VENBLmNybDA2BggrBgEFBQcBAQQqMCgwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3Nw
+LnRydXN0d2F2ZS5jb20vMA0GCSqGSIb3DQEBCwUAA4IBAQAHXPYhl+++o//di2Qm
+aWGmC1ijxbGbKA4jOSDRvQfxlWOVkqPF11Dpxz+V8Rxw7QFFVoJ5mHpfoXtQOijV
+tsCFknxTKgzQeArNkZrkXBNpYOJAcuc5v0eX0OllBWgVdIvZRl2TM5L/u1WFrlPr
+qwWdEYTkinQwgAHXVV/7WZi6c4StcqNnlw93mlvN6Vspzaf/mWtcYp+aqT9vrqHt
+yNR1k8Ri5eIRPIU0B8woiXTj3bifLg6/O217SY5cWwQKCMFsa6nGWoRVCJ0JJXa0
+Z+m3mPQD2OcW5YMrynhL2VWohyfZAjB8l/NZaeRT7M+vki56fxbx3Bk2lqy8Z1Zz
+Wd5m
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEizCCA3OgAwIBAgITBvHsAOMeRtNBsrJjPOSA2RX4HTANBgkqhkiG9w0BAQsF
+ADBIMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRp
+b24xFzAVBgNVBAMTDlNlY3VyZVRydXN0IENBMB4XDTE5MDEyOTEyNTk1OVoXDTI5
+MDEyOTEyNTk1OVowfjE0MDIGA1UEAxMrU2VjdXJlVHJ1c3QgRXh0ZW5kZWQgVmFs
+aWRhdGlvbiBDQSwgTGV2ZWwgMTEUMBIGA1UEChMLU2VjdXJlVHJ1c3QxEDAOBgNV
+BAcTB0NoaWNhZ28xETAPBgNVBAgTCElsbGlub2lzMQswCQYDVQQGEwJVUzCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANS6vRtFpCJBJ7zJODH07Y3k54Qn
+VIBhnQmmWoqFqzCVMX97GAyAfzjcQrhl/TNiJiRCrVQWPI4n0R8eUd91Ab1Qzfsr
+np+0NRbagVDa6+nF0KcNxbSZ6/iZQ7Ac3HyhCvJS2rH2CVYlzqdsrxDXcZk69jOO
+dPV8+w+7eNIn34BKpB/ZF7iXApDoAKG81kg1VtpGOxJhxTsKLuJmURT4pQjtZqF+
+F6rN64j5T2DOK0gOA4G7BLoTdOQuXkPS38LXKgZ43lKqEenjmiOaMF/XuLYzaHrW
+GYgCM2wJsykgdB9hCsTTEwsHRZzt2q9mLBDvYYWVhql1/kR4K/RN4JdESEECAwEA
+AaOCATYwggEyMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB0G
+A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAdBgNVHQ4EFgQUA6uAxlUKKpWh
+4Nf+GubAynjMsJYwHwYDVR0jBBgwFoAUQjK2FvoE/f5dS3rD/fdMQB1aQ68wQQYD
+VR0gBDowODA2BgRVHSAAMC4wLAYIKwYBBQUHAgEWIGh0dHBzOi8vY2VydHMuc2Vj
+dXJldHJ1c3QuY29tL0NBMDIGA1UdHwQrMCkwJ6AloCOGIWh0dHA6Ly9jcmwudHJ1
+c3R3YXZlLmNvbS9TVENBLmNybDA2BggrBgEFBQcBAQQqMCgwJgYIKwYBBQUHMAGG
+Gmh0dHA6Ly9vY3NwLnRydXN0d2F2ZS5jb20vMA0GCSqGSIb3DQEBCwUAA4IBAQB1
+fzAmGGmtbJyIvOfjq2McCpUoYkXAq6JTN51+nb9NDAihhDoTKMde+801bC1/l54h
+xPPm4HImM6GK6LFckDew/FGwbdRbEznUOJ7uVL5ploNBIjte23kTBUZa9fx3+aXK
+hUTAipSyPtNjnOwVVBVXzrMynfMhdsyRRe7gLXNFYCXIxtks3IkIpuYnc86NAuV9
+nBLFlZzgmbAsW+tMc5QsNvQJ9pQ539K8cqZaM+HFCScreDERxmNtHHbMw+hCa2yL
+Oj4ntekgWLO8KQbE0lPUNLIM17QK8aktJavj+GezBztKMmJJwhVYQy9nxS388ApX
+xcZsEgIzOCeH0SOWg4FA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE9TCCA92gAwIBAgIRAJBz12dMnLp7vhBwZZPdcjMwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xOTAyMDcw
+OTE0MDhaFw0yNzA1MjEwOTE0MDhaMHgxCzAJBgNVBAYTAkNOMTowOAYDVQQKDDFT
+aGFuZ2hhaSBQaW5nIEFuIENyZWRpdCBSZWZlcmVuY2UgQ29tcGFueSBMaW1pdGVk
+MS0wKwYDVQQDDCRTaHVpZGkgV2VidHJ1c3QgU1NMIERvbWFpbiBWYWxpZGF0ZWQw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4YexzKrFMgRgVCAruOrGe
+FjnWGNX6DDP3tbsEHUJLEgtB4Vz12kNVyVLXFpNC++MCjnVOv3lemoZ9KgDPYbFL
+gyB1d5nDRTvqsem4kWnCejc/RABCAV/kM/kLM1yzmislxwo4UtNeSecohqVlVBfF
+ac+CThX4LVqRRDPpma+3QdCXOFthqZ+ZSCCEJAHUx59maxhQNLALSJUxYHNLk6se
+EiwIu2esmw1iSf1PeRp5llQcc1e7QzGkyR+fS7tXeM0G0k9PepN/ch1HWZpZjlHF
+LwFhNMRYwrr5vByWOy1scwYtCdijIhAshFmApWlelqS4G1NTTiwrRwcR/Sns8xbB
+AgMBAAGjggFsMIIBaDASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQsbNED
+yG0a2Lhlw2y9Zu+SIZ9t2DAfBgNVHSMEGDAWgBRUmd2b/+inDqMZnVu+QlffMPyP
+MjAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9zdWJjYS5jcmwuY2VydHVtLnBsL2dz
+Y2FzaGEyLmNybDBuBggrBgEFBQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9z
+dWJjYS5vY3NwLWNlcnR1bS5jb20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0
+b3J5LmNlcnR1bS5wbC9nc2Nhc2hhMi5jZXIwOQYDVR0gBDIwMDAuBgRVHSAAMCYw
+JAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0B
+AQsFAAOCAQEAxym3Gby0vLg4tG+l5BS8P+cssXo3WlzCUt3MdX5Go01ZZUxQuKcH
+p9val6R3dqw2km5RQdYPNJQ60uNFSXQON5wGBPZklfH2jodWx2idtNKa1JE6Tvge
+evd/l6ROvOdLslNz5K3zrz/JZcP0Io091jMZTzZmOUuGU1xxmAht1Eu2TIx4Jm4G
+/9r8ELfvwS2xk5+c49So9eMpVI3pSRtKsaz6ZrHn+rYPL/a8byrVfILrFkb6Eb+g
+EOb9mXaA7PFzFTh7DtdWUb5AwZL62k2kcvSCi03nzkxe62A0WZ5y0BuT6xlRvalJ
+4bocr2ivrYkB+Ky8pM74qmIEUGm5zhmwQw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE+zCCA+OgAwIBAgIRALN4DITbDQQbHNZqQMuNlXMwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xOTAyMDcw
+OTE3MzRaFw0yNzA1MjEwOTE3MzRaMH4xCzAJBgNVBAYTAkNOMTowOAYDVQQKDDFT
+aGFuZ2hhaSBQaW5nIEFuIENyZWRpdCBSZWZlcmVuY2UgQ29tcGFueSBMaW1pdGVk
+MTMwMQYDVQQDDCpTaHVpZGkgV2VidHJ1c3QgU1NMIE9yZ2FuaXphdGlvbiBWYWxp
+ZGF0ZWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdHx//2UKRJSt+
+/zvSdx6wCFCGwsYKVjQQP30JLlqdwDNZvHBlSq46dNT9SlpH7eZVfjJRf7hgEE5P
+x9lnOM/ESMhp6oA7JHGwygD4NmYiOqmHFA35AQE82hrVbFjVDZhqMmmi1eVNJOLX
+PX+qWIdmS0Ciq1JYsHSp+mRwXdb1PwlXjPyp6MOKab7qaxQRDVgSakhlItA/MSGL
+w9kwmtTiRLHsTUwWyiTTw8FddPoPVumrgMvxxe/b+1rMklzbFVCI33ZC2/+A2/Pz
+e7TnfaF14oLBg8jGZ9y0tBUk0Hjwi/EvVfGM7z6h8DpKKBirKrbyb912kPu4TJz2
+4WuKJeI9AgMBAAGjggFsMIIBaDASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQW
+BBToRhDHcp4/KfHOdHrCVZZvICWoQjAfBgNVHSMEGDAWgBRUmd2b/+inDqMZnVu+
+QlffMPyPMjAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9zdWJjYS5jcmwuY2VydHVt
+LnBsL2dzY2FzaGEyLmNybDBuBggrBgEFBQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0
+dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5jb20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9y
+ZXBvc2l0b3J5LmNlcnR1bS5wbC9nc2Nhc2hhMi5jZXIwOQYDVR0gBDIwMDAuBgRV
+HSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkq
+hkiG9w0BAQsFAAOCAQEAb5gMOfFTwoQUuEboZC3yP3LIXiY3xoV9sm3eywZ0o82B
+CCFWwo+7BFayN81CZ9tUJCJ/D6zVyuaRiuRc86TBREnP51JA4DQtk7sHzzFb8iKJ
+NmC2xRg9g8+nZxY64i64sMyrU9mONsFoKLFYrgHU3WMejcD/YUTGz/Lp/G/nR2yw
+YKYYT/1+7E7T1dZPnsmNo2zfmsGA1R2mVUE1KlxnGc04eyU8kfbVAu9qKVpAx+ir
+h9Q1BKWUZx+fynprRC6LnuSQYWhdcbF//QSNaNZnnp9GhEmSHCqxmBlre7tpCYae
+zkt3EVSu4+FtUZt3xueJkD8zorgd3187CrwPWzx9TA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE9zCCA9+gAwIBAgIRAKUdNES83rHzMkAAG9WNITgwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xOTAyMDcw
+OTE4NDdaFw0yNzA1MjEwOTE4NDdaMHoxCzAJBgNVBAYTAkNOMTowOAYDVQQKDDFT
+aGFuZ2hhaSBQaW5nIEFuIENyZWRpdCBSZWZlcmVuY2UgQ29tcGFueSBMaW1pdGVk
+MS8wLQYDVQQDDCZTaHVpZGkgV2VidHJ1c3QgU1NMIEV4dGVuZGVkIFZhbGlkYXRl
+ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPEi9Buyt66nevUyqHKI
+JYwFWRicYo9pRsTqM7BsSXmrglxwUF8VppXJZ4Ha13+CFABi72Z8kF7hzLO46nvN
+BTGh9Lfkrw0D/d5nnMEpSNwl0qLcEDvo5XY/OeoTRh6KEaWaFTcSkpEoDfqEzjJb
+uxMRL0VrRJ/bsXT2fdFxI8BSLaqfT/4+n93LZOZr3HBt8gFx3I2MRhwxmSvvEm59
+8RNUzz+19DHBFxtZs/28hhwEMMizsfC9ObWdOp15youq5i0TUs/G8ce6TdWjut3I
+mMVAqXiRwztdftgrhWAJhHXKBnD+BvLJRLX8vaw3WR/3RunDtk5N+15dpZYV2gYZ
+haUCAwEAAaOCAWwwggFoMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFNW+
+hHZJRS+v+A8yjM6v14JCrARbMB8GA1UdIwQYMBaAFFSZ3Zv/6KcOoxmdW75CV98w
+/I8yMA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwOAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL3N1YmNhLmNybC5jZXJ0dW0ucGwv
+Z3NjYXNoYTIuY3JsMG4GCCsGAQUFBwEBBGIwYDAoBggrBgEFBQcwAYYcaHR0cDov
+L3N1YmNhLm9jc3AtY2VydHVtLmNvbTA0BggrBgEFBQcwAoYoaHR0cDovL3JlcG9z
+aXRvcnkuY2VydHVtLnBsL2dzY2FzaGEyLmNlcjA5BgNVHSAEMjAwMC4GBFUdIAAw
+JjAkBggrBgEFBQcCARYYaHR0cDovL3d3dy5jZXJ0dW0ucGwvQ1BTMA0GCSqGSIb3
+DQEBCwUAA4IBAQBIvW5JPAIUDNlN4R7nsamAJBewnUZSOV/uNC8WBZ/VJDl+U6s0
+FNcpJC5bYPAnNnIrbMFNFKtgk/g1hdD8i5ajgm8HeAKGFpAe6WWDkWuguWuQot9b
+Co5MpFx785yQGyswUTBX3F6q7UXq3rb/Gr/k9bzVM8C1zV161Ly/2JpGNZq25JIL
+tdxar/gvOjibJh0Nph9po/wHLso9JofXat57+WOjnnxgOwN8arnED+l6T+h84FVl
+R9BQk36Jw5DXYgtVMLUJvlsR/6f8VjiWb+T7OQi9wSPXjSV1HcmKL3HEo1UzC4Dn
+/ZJdAIojNpsv3V4shBorn3Ng07/Q7sTdDprj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG6zCCBNOgAwIBAgIIYIJC1GAilOkwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTkwMjE0MTc1MzQwWhcNMjkwMjExMTc1
+MzQwWjCBgTELMAkGA1UEBhMCU0MxDjAMBgNVBAgMBU1haMOpMREwDwYDVQQHDAhW
+aWN0b3JpYTEgMB4GA1UECgwXSW50ZXJDbG91ZCBWZW50dXJlcyBJbmMxLTArBgNV
+BAMMJEludGVyQ2xvdWQgQ2xpZW50IENlcnRpZmljYXRlIENBIFJTQTCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBANpmdN/JP9mh8dvaHtvuxFKRT5UOrUXB
+54TcSIqvhlMIm+JPXJygFjmSp3y+jX9MS5r5y9PtBf91HuttrAS++LMslPPJWyHP
+vZxhlO4uf2c7T/AD/5iaDwd3ik9koWUlctC7J8StZJmUA0eWu15dL9bCxkLDERNJ
+1DjXyai3rf88jM8PKUgMP0Dn22p3QvcO07fnkMUvJK6ACaz1JN5C1gflcbtteItV
+6xsyeVMx1nqI4zm89nGiJt9jk7ZUZU6VwtAcPO+iG7XQJDIRXY/NGKFA2Rplr8xR
+1BxVTTKkuAKVNAFC6ER5Bf0whODRnl/ZFyAA1Cgzj1ShYJkUT19jv0h0B2WswJ5s
+H7w2/s3QbpDLVHSWVrbHvIf5F89KgBgt8I0HTZH0E6lLsSTWV0OohYplkpiTYFAs
+lzD54ZGvrlSyfy0uhaERMfR6bLBzQuzO4JPIHwvqanXF92kdeLqb8gIqYzriC+l2
+KKPk33+HqiExHOpX+ELh334tt0vFklUYOYhtQdj/t0Yz5Uu4ca+kVJrzSNHZvy3U
+viIwNjLMafmvBVoLGcGtO1qAKVm0PmHnIQezUkiIbvhMAsHTgJd5VY0j/KsJQIXe
+9zG5PKkLZH50btmaBaWLbvPtHdMR1xdSefHUjIg54kcRdN9Fwb5kWa7LB9V5V7+a
++FXiHMTRnHMLAgMBAAGjggFpMIIBZTASBgNVHRMBAf8ECDAGAQH/AgEBMB8GA1Ud
+IwQYMBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMIGDBggrBgEFBQcBAQR3MHUwUQYI
+KwYBBQUHMAKGRWh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTGNvbVJv
+b3RDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5UlNBLmNydDAgBggrBgEFBQcwAYYUaHR0
+cDovL29jc3BzLnNzbC5jb20wEQYDVR0gBAowCDAGBgRVHSAAMCkGA1UdJQQiMCAG
+CCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDDA7BgNVHR8ENDAyMDCgLqAs
+hipodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5jb20tcnNhLVJvb3RDQS5jcmwwHQYD
+VR0OBBYEFIIuZPJH09er0spFewhmjPoLx+lCMA4GA1UdDwEB/wQEAwIBhjANBgkq
+hkiG9w0BAQsFAAOCAgEAfbuLb/9do4ADeUheEc9Oq6SeYqsCfQuaVZbl74E7XjnZ
+vgvC5EP2mFE+UI4WdCcIs1MXLg9US7RM8R+7X7Q2aAOCZbytha5wbGsX/XlJohjI
+dfHfJjmu2rU7X5Lr8K6nO1xNoH86cEztTW/o9IizBQqilMEbJCJXV+NJmjNMazy4
+T/X7R9dsnEP27lWz3DyXFmuuyoYJMFyOUlggvlkv0fxObo+tPZf7T+kJEvIArY4L
+hJBlSaEhFxco0j44lD1MfPIWP5Lb0qE6jgkdAyEGsA/9DiMpmJrBOuCBGmc/LFU6
+8kDCQJi79OhogHHB5ddBly+ld9kwMmByAQOVcphEaDbgSJviPoolhGmzjzpLreTi
+opCBKZHQ/hbpqHOw5yL93Dn9FELdGSEBylng9I3H4uHsCYignlGfRNtjgSuu6fxj
+5eqmsTGsrExuPLs+lpytJpZkzn+H3Xc/YhMswnxskmm9U4CtknNbS3zs2nuzAnUZ
+GHD++aujR1hsejpkyXj1P7i289gVF+u83iRFZ6Zwc3kA9638NHEhzgz2vQikDxYk
+swZVTQBOxCj1w+KGJP9DacAeR88WLiwjoiKN4QyCjYpJoFBPz//HJu4fpmwxrmz4
+xBdfU/BnNaoEtFKg1q9HfjEL1XjquclMQWMo6yAVTF2ZRHhh4dfrWCGSFw/DZeg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFCTCCAvGgAwIBAgIIPyxgjFz5YyEwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UE
+BhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9uMRgwFgYDVQQK
+DA9TU0wgQ29ycG9yYXRpb24xMTAvBgNVBAMMKFNTTC5jb20gUm9vdCBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eSBSU0EwHhcNMTkwMjE0MTgwNzA4WhcNMjcwMjEyMTgw
+NzA4WjB8MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hv
+dXN0b24xGDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNv
+bSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzB2MBAGByqGSM49AgEG
+BSuBBAAiA2IABEVuqVDEpiM2nl8ojRfLliJkP9x6jh3MCLOicSS6jkm5BBtHllir
+LZXI7Z4INcgn64mMU1jrYor+8FsPazFSY0E7ic3s7LaNGdM0B9y7xgZ/wkWV7Mt/
+qCPgCemB+vNH06OCATswggE3MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU
+3QQJB6L1en1SUxKSle44gCUNplkwgYMGCCsGAQUFBwEBBHcwdTBRBggrBgEFBQcw
+AoZFaHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tUm9vdENlcnRp
+ZmljYXRpb25BdXRob3JpdHlSU0EuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8vb2Nz
+cHMuc3NsLmNvbTARBgNVHSAECjAIMAYGBFUdIAAwOwYDVR0fBDQwMjAwoC6gLIYq
+aHR0cDovL2NybHMuc3NsLmNvbS9zc2wuY29tLXJzYS1Sb290Q0EuY3JsMB0GA1Ud
+DgQWBBSC0YVzMOc1BNOOApL75aTRxCHozTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZI
+hvcNAQELBQADggIBAPC4p7e2/AfR2M/1S1dX6tXCKBNJmezj60laF+VZgx6mWPUE
+IfVy5TPHGIjEQHucWLUrgvKpWhIqRqxAXAIYfLetsWMNHpZcbgvyMSc5ZnZgGJFp
+EMuaCGPpmTYNvg0KE+Sp3mExmC4jqeebN2kFQnaF99rGxCKGwXy7s9wvpVM0jHqU
+YU75uN2Wlr0SF/cdPk/RnQDSQf97KXlIqXVCUnwu9oobgOl8ULITcDLYqtvbXrQb
+1lFrkjYQ6jIU7wNi2URiMPuwJ9MhKWS6Bt2CMUisnIVp2PZ5LkX1lBQdmNWmBg6w
+bgg3Ya2g8hPIwwyq850O7u9qrhAsjYkFJJVxlb0Mzvz675nLzzGzdklLY0GADaDL
+K5yuVoMcuijaUnKNQHnwTXrDiMZOgtTa7+UNmBjA5VAwwN24wl5UgYw8plgnCIQy
+V4ltHNI0EyKX5NyOHtfT2MLelI4rqBsleMIF065b1A7IQb/sgrSpq0dlCRMa8YGG
+mafxhWKTFABz0ES2MrXm3falKY/fp48TKNTnYU6QIMO6evNNXbxtM2gGVN+a9zIh
+Ghfxg5Adv4gju/886VksL+4YrGZvTHB+EtHCD/jvKOslGAitujP0yQ3bCSgZbkyQ
+S2eC1h8SyRIbOcb+8WsL0vXJkpz0eK3FVsEGdd3ECjAFazn5T00wP02aJxfa
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFTCCAv2gAwIBAgIIf6MrKLHJq2wwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNV
+BAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UEBwwHSG91c3RvbjEYMBYGA1UE
+CgwPU1NMIENvcnBvcmF0aW9uMTcwNQYDVQQDDC5TU0wuY29tIEVWIFJvb3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgUlNBIFIyMB4XDTE5MDIxNDE4MDg1OFoXDTI3
+MDIxMjE4MDg1OFowfzELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYD
+VQQHDAdIb3VzdG9uMRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xNDAyBgNVBAMM
+K1NTTC5jb20gRVYgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBFQ0MwdjAQ
+BgcqhkjOPQIBBgUrgQQAIgNiAASqEkeQmBv778NAB4MgTvEwgqIG0fKShmHy9iFo
+ygDEx+pDAFSG3P0f3wC4QWJc3HAWMt4fmdTMxQfICB9hFgdRPX1cB1PjNTiM382f
+2S4NSrYZLlpwWgbtvvChsMrQCSmjggE9MIIBOTAPBgNVHRMBAf8EBTADAQH/MB8G
+A1UdIwQYMBaAFPlgu9Tj1TT2uPUGgCWnc9tGaaieMHwGCCsGAQUFBwEBBHAwbjBK
+BggrBgEFBQcwAoY+aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29t
+LVJvb3RDQS1FVi1SU0EtNDA5Ni1SMi5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9v
+Y3Nwcy5zc2wuY29tMBEGA1UdIAQKMAgwBgYEVR0gADBFBgNVHR8EPjA8MDqgOKA2
+hjRodHRwOi8vY3Jscy5zc2wuY29tL1NTTGNvbS1Sb290Q0EtRVYtUlNBLTQwOTYt
+UjIuY3JsMB0GA1UdDgQWBBRbyl7l3tKBqs2oLWRRttlym5fmTzAOBgNVHQ8BAf8E
+BAMCAYYwDQYJKoZIhvcNAQELBQADggIBAEtbzx2YtVSveXwjAgO1JRrPoxRpnjOU
+sxDIcy9Jcc9NeVv8poNXSmxb9M2giWJ1llgCJiLn7SIs+4FmE00bYIB3K/OnOPz4
+KjZQUVE1dP8Meds7rfRZiQxqDWMoIDGK1XI6Ug1gQx4Q82KxG0AVZW8m3AeD96OY
+Wj9VXYAb5zdwqw/28xaSYgsoqUSETjFNCLePGy+Is14Am3MF5kRp0/8TktUmoLta
+dY+F9MF9kG6e0IzjwxsUpJzBmQw+zLZUJW/dCs23dH4l+mMTu9udrewqHbJccXd4
+JpPSL4W+WcF9s9ymT8HJgQ+yNR7wlPiDJvksRZ0AAQYlcrViaaRnY7AfhmrS1Qp/
+VULhXQFxxOmQdAAcqSvXSACS8/gsYqKuETokm5Ws4FHOFyEtt0pDfIkbrD7opvaU
+ksX4JPJDkjnyks9/EfiLcdZ88/MgZJw7xK5CaSsntORqWShQFaqKukdhWu3AdGG5
+Jp0NbZ+J3ws1ft8WMDc3zBXMKG8S9i8Oh77nr6KcvJhJ/EtBBdkhJ1qJ/bVxLAnn
+jTMzwd8YqO1+UEmZFwtNLzCljpZ6tTWn1qY6ijn/CshHmL5HqnWzO8sFno4vgKpM
+JbBok9Ol99KWY+eFSVm/IDkCJOIyOVOt0t/xrfYG74VO4RL2hfK0qbO6KhW+GaoC
+l2Lxp74DbA3f
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDyTCCArGgAwIBAgIQC1v2W2un+9CLKQ2QRTfe4DANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTAyMTUxMjQ1MjRaFw0yOTAyMTUxMjQ1MjRaMGcxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xJjAkBgNVBAMTHURpZ2lDZXJ0IFNlY3VyZSBTaXRlIEVDQyBDQS0xMFkwEwYH
+KoZIzj0CAQYIKoZIzj0DAQcDQgAE5rt14WuvLvHn+zZK+KRSigbJRYTGRHg8A8Qk
+iFTl8S6JM3rPXQ45S7mZwHGqWnvKEM4w4PEPg9x0e8kZGb3fGqOCAUAwggE8MB0G
+A1UdDgQWBBTbNURdK+tTr54L9XE9o5lzrvtcUzAfBgNVHSMEGDAWgBQD3lA1VtFM
+u2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAm
+MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYDVR0fBDsw
+OTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFs
+Um9vdENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0
+cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAq/3I
+H6J/UvB/6Q9OECLSeul5xkW0PvhDzYJhcRJOZeWYWU575/+8ZnDJ/JhYx4wbEZ+P
+VCDLiVhiKU3//F8W7ZdsVLqhdVVrOoZJv+JZar3RZ1rgwhavgHB6Sq142nTSzG5J
+3O7+i2NZj4MJVM5uKPDUx659T2m2CsjzzXhFRnacQrN1QFh7+EUKXmxB1oFMcC8k
+4BSi4ZYvsAAvb8Xh0g4fHEq8fbAwffNSfEvY3JEbAjeRVA31J1ifBMwliRzPHGLf
+eyiYwvPQIUJ9ODieH5vDzLq9XvtdmFzBPXlFnHKI9LphN6sUVXdf4B+dao9drFZE
+ifuXbKlQ/2TRZPFeBg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFRzCCBC+gAwIBAgINAfJAQkDO/SLb6Wxx/DANBgkqhkiG9w0BAQwFADBMMSAw
+HgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFs
+U2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xOTAyMjAwMDAwMDBaFw0yOTAz
+MTgxMDAwMDBaMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9vdCBDQSAtIFI2MRMw
+EQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlQfoc8pm+ewUyns89w0I8bRFCyyCtEjG
+61s8roO4QZIzFKRvf+kqzMawiGvFtonRxrL/FM5RFCHsSt0bWsbWh+5NOhUG7WRm
+C5KAykTec5RO86eJf094YwjIElBtQmYvTbl5KE1SGooagLcZgQ5+xIq8ZEwhHENo
+1z08isWyZtWQmrcxBsW+4m0yBqYe+bnrqqO4v76CY1DQ8BiJ3+QPefXqoh8q0nAu
+e+e8k7ttU+JIfIwQBzj/ZrJ3YX7g6ow8qrSk9vOVShIHbf2MsonP0KBhd8hYdLDU
+Izr3XTrKotudCd5dRC2Q8YHNV5L6frxQBGM032uTGL5rNrI55KwkNrfw77YcE1eT
+tt6y+OKFt3OiuDWqRfLgnTahb1SK8XJWbi6IxVFCRBWU7qPFOJabTk5aC0fzBjZJ
+dzC8cTflpuwhCHX85mEWP3fV2ZGXhAps1AJNdMAU7f05+4PyXhShBLAL6f7uj+Fu
+C7IIs2FmCWqxBjplllnA8DX9ydoojRoRh3CBCqiadR2eOoYFAJ7bgNYl+dwFnidZ
+THY5W+r5paHYgw/R/98wEfmFzzNI9cptZBQselhP00sIScWVZBpjDnk99bOMylit
+nEJFeW4OhxlcVLFltr+Mm9wT6Q1vuC7cZ27JixG1hBSKABlwg3mRl5HUGie/Nx4y
+B9gUYzwoTK8CAwEAAaOCASYwggEiMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBSubAWjkxPioufi1xzWx/B/yGdToDAfBgNVHSMEGDAW
+gBSP8Et/qC5FJK5NUPpjmove4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUH
+MAGGImh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjMwNgYDVR0fBC8w
+LTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBH
+BgNVHSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xv
+YmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEMBQADggEBAEmsXsWD
+81rLYSpNl0oVKZ/kFJCqCfnEep81GIoKMxVtcociTkE/bQqeGK7b4l/8ldEsmBQ7
+jsHwNll5842Bz3T2GKTk4WjP739lWULpylU5vNPFJu5xOPrXIQMPt07ZW2BqQ7R9
+CdBgYd2q7QBeTjIe4LJsnjyywruY05B2ammtGtyoidpYT9LCizJKzlT7OOk7Bwt1
+ChHbC3wlJ/GsJs8RU+bcxuJhNTL0zt2D4xk668Joo3IAyCQ8TrhTPLEXq+Y1LPnT
+QinmX2ADrEJhprFXajNC3zUxhso+NyvaxNok9U4S8ra5t0fquyCtYRa3oDPjLYmn
+vLM8AX8jGoAJNOk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHVjCCBT6gAwIBAgIIOoGeCD+9uPUwDQYJKoZIhvcNAQELBQAwgaYxCzAJBgNV
+BAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRl
+bWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAw
+PgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRp
+b25zIFJvb3RDQSAyMDE1MB4XDTE5MDIyMDEwMjIwOFoXDTM0MDIxNjEwMjIwOFow
+gZcxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHDAZBdGhlbnMxRDBCBgNVBAoMO0hlbGxl
+bmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0
+aG9yaXR5MTEwLwYDVQQDDChIQVJJQ0EgUXVhbGlmaWVkIExlZ2FsIEVudGl0aWVz
+IFN1YkNBIFIyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAi1509ou7
+uBA+oO7qM9HWxzUC8x5cw/Uh/PIuqgBNoXgd3K3h8vNq8qIn+0T5kj/aR00vtUju
+JyhuS8ZakjG2DsXDUoD6PNOjTaxLWt7pDXgfM0lcgfOh2FX1HnP1jkSEUKfnODx8
+0SEtY6JN7vUj4dq/e2In5YdhBfEkXI8xEtV08Q9H/VK4ETtDUFsfpf7KJDea5/N0
+XL0+t33nbabIoCEPAo1ffJTRyBGZbybc00IdAu6yCAdxKo7ujexnb6oMY+ZP+ODL
+Lf9Vz7yzUVWPsYVSbzyuPzu0r/7KmfxAfnsYRkZWHZsjfXHk1uqTQZzYkNkFGgi3
+IS9EIXcXyCMl7OAMSQQ+ipWa/ale1xMjQWKLakkGxjvYHVYBQEaxPvgXdZq1ebjk
+FRxDTPvQVTndp5B/4aRDIOsHed7Zed/4QrXmAXiNOzFOCcdKyPyoaxHKdxogRvBu
+d9jNBidVDMTz3O/9+J0PPoOcPmkI5TRHobG02qgxJlMIHhtlrtaa+k3hhwv+O1RY
+1bgg8SzKeDb8M6hsgP/jmYf0vRA/2gqLfrtzII49IJ2py2ZcHNj5ozYNE4OtBLcA
+VdeOsNZKya20UjvLdDJqLMS8cK0WjXVrKCRA2ckX1EUgMA+PMjIPiEvh3RgicoZB
+qQM4JPeZrn8IZUANklLOLcZflFMdWJ83R2MCAwEAAaOCAZMwggGPMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUcRVnyMjJvXVdctA4GGqd83EkVAswbwYI
+KwYBBQUHAQEEYzBhMDwGCCsGAQUFBzAChjBodHRwOi8vcmVwby5oYXJpY2EuZ3Iv
+Y2VydHMvSGFyaWNhUm9vdENBMjAxNS5jcnQwIQYIKwYBBQUHMAGGFWh0dHA6Ly9v
+Y3NwLmhhcmljYS5ncjBFBgNVHSAEPjA8MDoGBFUdIAAwMjAwBggrBgEFBQcCARYk
+aHR0cHM6Ly9yZXBvLmhhcmljYS5nci9kb2N1bWVudHMvQ1BTMCkGA1UdJQQiMCAG
+CCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDDBGBgNVHR8EPzA9MDugOaA3
+hjVodHRwOi8vY3JsdjEuaGFyaWNhLmdyL0hhcmljYVJvb3RDQTIwMTUvY3JsdjEu
+ZGVyLmNybDAdBgNVHQ4EFgQUtQU9+hgqHcCDxXevoYHgKwyLRl0wDgYDVR0PAQH/
+BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQAmirOSsOWRu7hxWgVtQ9w2oFtRptVB
+fUcobi4d01doFHSAmB1tdhkHZFPxivWgSCHfZiwa0dcROXLIAv+rN9mQ68Y27Y8j
+eTntNgHbxIB6IIRznTz4ywc06BtjNI6sJHKNutq6vd66g2rTwjpiTLUDYuykeava
+SjdmG9ie1fJTKfxeUHZmIofZzT0h5x3Gvys80fM6WG/jazj4cROLkFC7XcVZEL76
+4VxQc3HP3biD1MJ0j6PgNyHNJGGvpmck8d9I2nSlLxajx57LxbFXPgICgTxAqu1g
+J/F9vgzUKFh/thdWu6kFIrp5zkJbqIetDDTMijVpEcy+o41USsJxNhANpmkNkGsC
+FBTkugs72CEdJb1svJU8rdmZsnq7p8FJP92WAcM7qRx3pd4xIB0rVWpeNcDZ907Y
+3h0TdvPDDhUaYhxF9t30u4or3NOsi3lniR3CLjVCTA4u0e8bzrT16YX4ev4imiK9
+Ts+hq5/YKIne5hP+omyw/3u6AmyJJkMcblCOzzW0XtGpoxXNzSfeZU5h+1LXxt5i
+WxjeBjOe6/ixjlAnQBFvuNl2p+PcZuyLhV5ZWYDw/8nbWnf8IdZ3PG+BwTmtjwwU
+8mEMGBaGmQPT5txq2kKbysNbY5Ep/ql+69G+i/RzxNN5/YIHbdORZ/aBrblfsZYC
+6gfIJ9UItipnng==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHWDCCBUCgAwIBAgIIElYS6jdtgCIwDQYJKoZIhvcNAQELBQAwgaYxCzAJBgNV
+BAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmljIEFjYWRl
+bWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUAw
+PgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRp
+b25zIFJvb3RDQSAyMDE1MB4XDTE5MDIyMDEwMjcwOVoXDTM0MDIxNjEwMjcwOVow
+gZkxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHDAZBdGhlbnMxRDBCBgNVBAoMO0hlbGxl
+bmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0
+aG9yaXR5MTMwMQYDVQQDDCpIQVJJQ0EgUXVhbGlmaWVkIE5hdHVyYWwgRW50aXRp
+ZXMgU3ViQ0EgUjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCcOtue
+Kes+i7jws4yVUoQUt6RTZ+J7kDS/wHiHbhdKpGcthEoWRoFkl9Q7bIrU7IYhKh/p
+YhwDkPHmOzEMuY/fK1w3bA7pE9Q1ShhYOu/jRO6b+MRPhmt5XYIQ9EOPwmcbe4X4
+vsa/IRY09SiV4sSa49a9ROQy90poPg4pzTWcOGW/btNp1fKx8liy2opbOx2qpGGj
+Eg1CrRfGawpZFCbY1vOvjN66IYP2D4kA/BY/npd1WIqMZRAyHwuNz3s5weWYuKuA
+r2D1VtpmhUL9oZfChKdZL6Libmz27H3GcrfPcaQmh1B8O3wVWc6qV6raoZ6NIpxb
+2QKyb4TNVgx93BwpSyIc0K0dRvwnkBV2oIOOQo0FV6Of9NoRNok6Fhktm3uU0h4A
+d4xlpKvBO4wgjyeG3Yg5amPxyTSaeAcdIj8EFW+vUGYjgkCK32TTFkYZjOwPWQ0n
+DtgLCUJ9pYDyNNtaq58m7YD+8WJiKz9MG/STPsyuCB+fRoWyLjLAukl339TTtH/T
+PljZs5FfGQwpDz2A+gpGzHl+VcIfS7VWYg4vVCqrUZWNkfnBB7B4wDDrQ8vbEaz7
+eIDzuPhvWiaQqXla1BudT17HW0o1edA9i6mk9CRY0t4XeWIbI07ToI8uh26WYUNE
+8ugc9d277vSvostxRLvKX4Fr6jl1D2EoWtuUnwIDAQABo4IBkzCCAY8wEgYDVR0T
+AQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRxFWfIyMm9dV1y0DgYap3zcSRUCzBv
+BggrBgEFBQcBAQRjMGEwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yZXBvLmhhcmljYS5n
+ci9jZXJ0cy9IYXJpY2FSb290Q0EyMDE1LmNydDAhBggrBgEFBQcwAYYVaHR0cDov
+L29jc3AuaGFyaWNhLmdyMEUGA1UdIAQ+MDwwOgYEVR0gADAyMDAGCCsGAQUFBwIB
+FiRodHRwczovL3JlcG8uaGFyaWNhLmdyL2RvY3VtZW50cy9DUFMwKQYDVR0lBCIw
+IAYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMMEYGA1UdHwQ/MD0wO6A5
+oDeGNWh0dHA6Ly9jcmx2MS5oYXJpY2EuZ3IvSGFyaWNhUm9vdENBMjAxNS9jcmx2
+MS5kZXIuY3JsMB0GA1UdDgQWBBTFKHCr1nDYpJHbVIwsmHc1SQ3Z8zAOBgNVHQ8B
+Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAL+Gt008e8vIvO9Z++8p0/409S+q
+J4GHlVjZo4aF6iUJhnPv5OHBbIHXexbSadzkFNYesGR7neK1WPwXaC8FSu8DfyN7
+U7GnkEWQZEft9c+zpO4ppwzd8vLKKLHCTAb0SoZgwz8WQVNyBkx42rnuQujQx6qE
+X8RNCBzaHzsvtAlQFEUN4hu2G3zXvFROLRSOWF6iaJeXkiuZzY2NNPJ6lHBapiMu
+xqnhP3Eq+64/mdzaNTqL7rvgxmVYu68ZKtwIagoaA7E48BR0VD6AagMwZ29nTqdn
++HZdkdUd2VctP/ieGCG+Inrd5L9XrqBBmbivnk2IoGr3CU7EDKcOb24zbDfGWnHT
+H3B8dOaDw4DDUwVjirvXaFh8dikeuSrTZmMcjZQgt6y6wpQkmb+6vRt1MLnfrfZ7
+rGH4aescPo+4QuKCOgkzDVFuedbvCQG1cy5AsvHGhJulkClX9ZEvW8TfgKMLJzaZ
+7s/HQDjaj34LGdZ5kad1I+jO/zMPvUGUlIoS5jxtYRZHyJv0D0v9zY5KG/bHr2ec
+4r/fj6Guo102ODZb21FweFxTG9H6vnQGH4i0EzuI2Vxkjj+htY71V8xXZxmfRq7z
++FH++wBgX3mTKC3lelh13LdbRRlFMQuKM3Z2d5bwYIbqFI67j3h78c6UcGUq02Sw
+eRTrMlMs3u73/w1A
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGLzCCBBegAwIBAgIQPBBPCb2cXuUyH0TF6Z2zBDANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwMjI3
+MDAwMDAwWhcNMjkwMjI2MjM1OTU5WjCBsDELMAkGA1UEBhMCQ04xEjAQBgNVBAgT
+CUd1YW5nZG9uZzERMA8GA1UEBxMIU2hlbnpoZW4xGjAYBgNVBAoTEVdvVHJ1cyBD
+QSBMaW1pdGVkMUAwPgYDVQQLEzdDb250cm9sbGVkIGJ5IFNlY3RpZ28gZXhjbHVz
+aXZlbHkgZm9yIFdvVHJ1cyBDQSBMaW1pdGVkMRwwGgYDVQQDExNXb1RydXMgRFYg
+U2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSg9yNme
+TnzMON+GPL+s9Rqv7NcqgCFWNhNdGWB71CNy64AiFiBWYrhg1Xzi/bK35kWH0V4F
+ZWmGEEmDc/yGsmOrWbPsSU5iZPjGnJEu35WutT7WaGkIaatoZlcpv5J5I+nPqkKq
+bVMXvUtEig1srIons0shw71oNzyo8Xda2f0Jk/EJbJ1e0irSxrmZEBjWJjpTL+Fp
+IHTgfU8nr/q7AyEBrEYIqBu20g/A69lGVJ8qi8B9sWAT/ac2SfabAkU82UsZWbPU
+74xuBb7kDGCGv7Z1PfNHSskxWtx5Subb30YSjqJDVsdOy9UQEKjTVIBLjxozmbbg
+2CuQaH8dTHRisQIDAQABo4IBbDCCAWgwHwYDVR0jBBgwFoAUu69+Aj36pvE8hI6t
+7jiY7NkyMtQwHQYDVR0OBBYEFA1JyQ8+sd8yA7WS2yWlbXTsWSLLMA4GA1UdDwEB
+/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgIWMAgGBmeBDAECATBM
+BgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9S
+U0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOwYI
+KwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQUFkZFRy
+dXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w
+DQYJKoZIhvcNAQEMBQADggIBAIidyLAuqn9Clxw5OepC+VqX6+yr/Zu24U4PyHXv
+HPYyxFlYaiVNHv5k2T5xQoNE25ERSWKsGzlkBCRttWnNT+Mhh9+NFUX3kBV2nXVs
+pA46YqSt6UrzNHwkYs7qM3+5Qx6x3b99UCr+6UjuF1iofagrt47uKUUrApgzRuCF
+szoLNjbeZ7MUrhecHQ9p2N01emFLRxz/CGeJnH+xG3qHwLSPRUL5gSoNLnVs/uFP
+2FEOFElfRF6BZzKo6LzTdYxEaHMVE0sjF3pSxp04WsPZKq/zQ8gqmQKgfm9Qw1Oz
+Harl8nxbx89HePhwe3tpiNhdFBaMZZSFATPzzeI+NAwQQMelsz737ka583vTpQCG
+2754nVq3yPC4BWdpyvNLBks1Tn+O10S+H+Er6i1xw6TE1+kJgP2f0H0KFCOa7cwJ
+jltuMeEmDm6axVxd2wEi5iYn7c/DkZK09wM+My/WLmSPjrbnSVPrlr5wivjv5jxg
+CmPbtlCQ7EdNgLXOOMIEhyMf3x/otrVXn3VETnKsHchZrBEqV9sUdj7y2Zb1J3te
+m/hvm8kZyzp2URWCtjhRRR6oQo56DIaGc4xaJwLqDOJmBBxn/BOUGCla5NviA2i5
+RNYx9wRewX5TaaClyjU5+5Rg1G8YiEGcOadfLr5ljpbUfnHvFy7nw8c6CMK/zf9q
+I/r9
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIGDCCBgCgAwIBAgIQQAFpNPSsHJapFG+s8a6JfDANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
+VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTkwMjI4MTYzNDAxWhcNMjYx
+MDEzMDgxNjQ5WjBLMQswCQYDVQQGEwJVUzENMAsGA1UEChMEU0FJQzEtMCsGA1UE
+AxMkVHJ1c3RJRCBTQUlDIFB1YmxpYyBFbWFpbCBJc3N1aW5nIENBMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt/6NG4BjDiPol4DapVRTq1CkoYStznIE
+/zzitTppuvi+N4Offzm0xHsltq9VmC0m3HVFv+Iy+wxo5xWowEDdqeoBVEw7JwZI
+CjTWb1NQ8ZHtjfvLSrRGtpUrScf67QmPsYuYLb+FFj+IjiKLFvxKMCXLq48wJLbR
+wzdZOLic0WIK/PwTZV3NOLD0t0Yku6MWSXf2kMrzp/4dbmyBRKqcNsSOdF85Dj1r
+OT+tJ55xd9Jo34lXAJUMMT+mN12aD3AJ8OSZQKSTd5u4l8IjoQQ1doVhK1gzycS+
+KmOXJqJ1FB1qBR2JZg21/znxzkergfrzno890ll3amLDqzKHlt2dBVYK9goEDGVv
+CvcfaUJLE0yE7B52XoBPdc9EF0ukn1ZTXvw2eFVKmGlabibVqYyGiz4DOEn9GYaQ
+JKNM3tiWQHyXb0iL/LljkRzObmGW6mVmcu5F/6lLVJlRM5cuVKGJP1PZx0DvGgMt
+9rmpr+ceaVeB7O/V4zKlpPT3EMtlmEWnnC65c9aLJjYRkFjP6gqwGmWwFeD8zyia
+C2CSVCfkMXTukR9QXKasAl5SD/4X3rS+f1L8RHEQ1h0djgePAr0S66IUhRjsBNtc
+LtNo8KMcWGxrlGz1FDc9yPu1qm2DPZ9nQnPq/ljhxsI/WRfdukfH5dJLuyWLMIkL
+pqtsvWjspLkCAwEAAaOCAvcwggLzMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0P
+AQH/BAQDAgGGMIGJBggrBgEFBQcBAQR9MHswMAYIKwYBBQUHMAGGJGh0dHA6Ly9j
+b21tZXJjaWFsLm9jc3AuaWRlbnRydXN0LmNvbTBHBggrBgEFBQcwAoY7aHR0cDov
+L3ZhbGlkYXRpb24uaWRlbnRydXN0LmNvbS9yb290cy9jb21tZXJjaWFscm9vdGNh
+MS5wN2MwHwYDVR0jBBgwFoAU7UQZwNPwBovupHu+QucmVMiONnYwggGUBgNVHSAE
+ggGLMIIBhzANBgtghkgBhvkvAAYBATANBgtghkgBhvkvAAYMATANBgtghkgBhvkv
+AAYKAjANBgtghkgBhvkvAAYKZDANBgtghkgBhvkvAAYCATANBgtghkgBhvkvAAYM
+AjANBgtghkgBhvkvAAYLATCCARoGC2CGSAGG+S8ABgsCMIIBCTBKBggrBgEFBQcC
+ARY+aHR0cHM6Ly9zZWN1cmUuaWRlbnRydXN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9s
+aWN5L3RzL2luZGV4Lmh0bWwwgboGCCsGAQUFBwICMIGtDIGqVGhpcyBUcnVzdElE
+IENlcnRpZmljYXRlIGhhcyBiZWVuIGlzc3VlZCBpbiBhY2NvcmRhbmNlIHdpdGgg
+SWRlblRydXN0J3MgVHJ1c3RJRCBDZXJ0aWZpY2F0ZSBQb2xpY3kgZm91bmQgYXQg
+aHR0cHM6Ly9zZWN1cmUuaWRlbnRydXN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5
+L3RzL2luZGV4Lmh0bWwwSgYDVR0fBEMwQTA/oD2gO4Y5aHR0cDovL3ZhbGlkYXRp
+b24uaWRlbnRydXN0LmNvbS9jcmwvY29tbWVyY2lhbHJvb3RjYTEuY3JsMB0GA1Ud
+DgQWBBTKkXQjS6MtAipCj7Xo6ehDUPJvTDAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
+KwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggIBADz8N+h06HUlcT0Eb7TthF+nc9vG
+xe6xfTn8rUuLFf+wPcG8fcJ9oxJJrxZSjSvS/nvQ1t39Xq3Om7wDCj4c3cnp7pZk
+EJ95UaiuEy+ew7aBPznWU1eDgSnyhu2CGrgwJWZFkicXiPj0qs3CY+Ys1ciN6Y7l
+C4RvMF308iLQfXxdHNGx/5N8RKAI2xkdSaQSlFTjVRoErS1Ag8tyJ1hECG4rlEUr
+RAtRaBYGvzlAumgOP/lqYZoPAVbrX6K1juIOzNTPo/AwuD8Qzuy4boXOg9FEUUie
+dwiRHTKadxtikrBFoMi0Ta4j7M6MqhXG/5EdC4v7yc5qBfF/Cw/QLg+B4p+TJWbg
+dlGWs1TyeAe2RjQj/4dRNdgSQ0yS/mIFrlnGSBCzIvgTOQNkF9pgylc2SHL/P9MX
+Gvk+R8tKJ0tdCSKcTIMBHI0nDX0quUnkPGix4Xd7HPKjXR3IFp1v69hcZ0FoVa7o
+mrfm5eUK6sWtG0hyaVjeFBr+zDfXsRHOUa8jC1VihSd9ccx1a9PXxbtKseg+YA7U
++WtZ0QErVCdvlKahPpGJpurfuiol2GLabW3hbHcKS8Icz0FyhqjAqWS7OThrTO0p
+IZIRGI5KGUGgRPA+cAD4K5YyADkNA1fNUDU7NLLRC2/EhO1wjR6RVBCjuVa2YNzS
+3ba1jZFxolwzy1PQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID6TCCA2+gAwIBAgIQffy9nCl1ZOODwKYEKfi+vDAKBggqhkjOPQQDAzCBqjEL
+MAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg
+QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3Jp
+dHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0
+aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTE5MDMwNjExMDE0NloXDTM0MDMw
+MjExMDE0NlowgZsxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHDAZBdGhlbnMxRDBCBgNV
+BAoMO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMg
+Q2VydC4gQXV0aG9yaXR5MTUwMwYDVQQDDCxIQVJJQ0EgUXVhbGlmaWVkIExlZ2Fs
+IEVudGl0aWVzIEVDQyBTdWJDQSBSMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABMwP
+WZFzDI+pZUc9FKUelQN54FLne9P/KD2Uiw93zTv7W/dpRixflicRW3/79jYqq7hZ
+DvyOcMUMFEpcSuyro3Wsn4s8ZH/BqR0ux4FBsyd8KBRiQkdvIN8c5DfDoWNm4aOC
+AWUwggFhMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUtCILgpkkAQ6c
+u+QO/b/7lyCTmSowcgYIKwYBBQUHAQEEZjBkMD8GCCsGAQUFBzAChjNodHRwOi8v
+cmVwby5oYXJpY2EuZ3IvY2VydHMvSGFyaWNhRUNDUm9vdENBMjAxNS5jcnQwIQYI
+KwYBBQUHMAGGFWh0dHA6Ly9vY3NwLmhhcmljYS5ncjARBgNVHSAECjAIMAYGBFUd
+IAAwKQYDVR0lBCIwIAYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMMEkG
+A1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmx2MS5oYXJpY2EuZ3IvSGFyaWNhRUND
+Um9vdENBMjAxNS9jcmx2MS5kZXIuY3JsMB0GA1UdDgQWBBTIhm/oD9Z5DgQJ/adR
+ZhHVQ0P4WzAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDaAAwZQIwcinRdZrB
+S+JSoSy9xLzvv8hUpaaYmhB7OaF6IF6kc54ASQEdRBdSitLjEarqNyJeAjEAvHou
+rv4tkBCKpYeybSsPmpmGC8Gv7pi6P1IFM5XfXsyAy4T+Mm5y/3xHkhr257mn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID7DCCA3GgAwIBAgIQK7nQzpC6ImIMsA42dCKAUDAKBggqhkjOPQQDAzCBqjEL
+MAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg
+QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3Jp
+dHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0
+aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTE5MDMwNjExMDQzMFoXDTM0MDMw
+MjExMDQzMFowgZ0xCzAJBgNVBAYTAkdSMQ8wDQYDVQQHDAZBdGhlbnMxRDBCBgNV
+BAoMO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMg
+Q2VydC4gQXV0aG9yaXR5MTcwNQYDVQQDDC5IQVJJQ0EgUXVhbGlmaWVkIE5hdHVy
+YWwgRW50aXRpZXMgRUNDIFN1YkNBIFIyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE
+Fg//sm58S6EeZKRKk2HY2ACeqXAMWMTAaWK3ZGygLEI2f5Cd3bc2DctwNw4zZvfp
+ulXI5pr5vYXZmG8Trnh1Zv0FVtQej7FLpa8ejwwUtD+pcz+tGpYFQOF6Cg4tzisQ
+o4IBZTCCAWEwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBS0IguCmSQB
+Dpy75A79v/uXIJOZKjByBggrBgEFBQcBAQRmMGQwPwYIKwYBBQUHMAKGM2h0dHA6
+Ly9yZXBvLmhhcmljYS5nci9jZXJ0cy9IYXJpY2FFQ0NSb290Q0EyMDE1LmNydDAh
+BggrBgEFBQcwAYYVaHR0cDovL29jc3AuaGFyaWNhLmdyMBEGA1UdIAQKMAgwBgYE
+VR0gADApBgNVHSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwww
+SQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybHYxLmhhcmljYS5nci9IYXJpY2FF
+Q0NSb290Q0EyMDE1L2NybHYxLmRlci5jcmwwHQYDVR0OBBYEFNeVKvrc6zs38YU4
+q5uBt/tfj7q0MA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAwNpADBmAjEApd2p
+9F0r/2KX4UA1NKsKkviSAPiFKk92BHZFCfPdrkvbnJzrCeHR+wTxe+/7qf7TAjEA
+1O4X/Fm2qOMUfvdp0xkTtvDDsgA4J7dsF1GKZvZQuzAUsQsTBu6M02///Z5z1bp7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID/TCCA4SgAwIBAgIQba5AQvxu0MMb6pEaAGgJIjAKBggqhkjOPQQDAzCBqjEL
+MAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg
+QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3Jp
+dHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0
+aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTE5MDMwNjExMDgzMloXDTM0MDMw
+MjExMDgzMlowgYkxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHDAZBdGhlbnMxRDBCBgNV
+BAoMO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMg
+Q2VydC4gQXV0aG9yaXR5MSMwIQYDVQQDDBpIQVJJQ0EgUy9NSU1FIEVDQyBTdWJD
+QSBSMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABLBx+MJqIwD14tLulD8/VDDqqGaj
+IkAKPuFLqb0gcC2dvsWS7HKZejzS98uH8lu7wEMpjatJntCH6iEVJ3/2VgOPT3MB
+kn/qOb7qsW7Da0QELTyQqpM18AwAQph5KLMwIaOCAYwwggGIMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHwYDVR0jBBgwFoAUtCILgpkkAQ6cu+QO/b/7lyCTmSowcgYIKwYB
+BQUHAQEEZjBkMD8GCCsGAQUFBzAChjNodHRwOi8vcmVwby5oYXJpY2EuZ3IvY2Vy
+dHMvSGFyaWNhRUNDUm9vdENBMjAxNS5jcnQwIQYIKwYBBQUHMAGGFWh0dHA6Ly9v
+Y3NwLmhhcmljYS5ncjBEBgNVHSAEPTA7MDkGBFUdIAAwMTAvBggrBgEFBQcCARYj
+aHR0cDovL3JlcG8uaGFyaWNhLmdyL2RvY3VtZW50cy9DUFMwHQYDVR0lBBYwFAYI
+KwYBBQUHAwIGCCsGAQUFBwMEMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmx2
+MS5oYXJpY2EuZ3IvSGFyaWNhRUNDUm9vdENBMjAxNS9jcmx2MS5kZXIuY3JsMB0G
+A1UdDgQWBBSYzLMwlmjm+zljcWk7uCM6Tug1XTAOBgNVHQ8BAf8EBAMCAYYwCgYI
+KoZIzj0EAwMDZwAwZAIwMkZb1PKLOqHPqCxtkR8mTIyJRN1LX/48LTJlv3O3eaZy
+tq5VQH/uzOMbhOS3Yth+AjBtwUe7Pd52vwLjUtQZlb0ikFOO2Tb82WJd1i0uzE8b
+hD6zRB0Bi5ilRr961t5cLdk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDxzCCA06gAwIBAgIQIgh8gcCEH5SGiQ21GCMGIDAKBggqhkjOPQQDAzCBqjEL
+MAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg
+QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3Jp
+dHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0
+aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTE5MDMwNjExMTE0OFoXDTM0MDMw
+MjExMTE0OFowgYYxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHDAZBdGhlbnMxRDBCBgNV
+BAoMO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMg
+Q2VydC4gQXV0aG9yaXR5MSAwHgYDVQQDDBdIQVJJQ0EgU1NMIEVDQyBTdWJDQSBS
+MjB2MBAGByqGSM49AgEGBSuBBAAiA2IABMG3VHSteQ2W8HiK+0VX3Bg2PVOaPc6q
+yl1H/MVnPC4ywcUe8nkv36Ks5Krw2jxAuphbTq9PB/KZzYDb81VC+VsbaD7j7GQP
+edXzObTsNZNRZCJaxQP5nPNL2fFTy/NW16OCAVkwggFVMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHwYDVR0jBBgwFoAUtCILgpkkAQ6cu+QO/b/7lyCTmSowcgYIKwYBBQUH
+AQEEZjBkMD8GCCsGAQUFBzAChjNodHRwOi8vcmVwby5oYXJpY2EuZ3IvY2VydHMv
+SGFyaWNhRUNDUm9vdENBMjAxNS5jcnQwIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3Nw
+LmhhcmljYS5ncjARBgNVHSAECjAIMAYGBFUdIAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwIGCCsGAQUFBwMBMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmx2MS5oYXJp
+Y2EuZ3IvSGFyaWNhRUNDUm9vdENBMjAxNS9jcmx2MS5kZXIuY3JsMB0GA1UdDgQW
+BBTi/nXgKf1vaUmjmlE+bM+FC+33qTAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0E
+AwMDZwAwZAIwZzLgz0pL0lLRIHaTlUIbGoRKJaQ8iAWMODPmLrCutMSQIj8pztbU
+fGlgOKW+vRBhAjAW/uTIjrv4UpBRSSdkEjMGdKgsI37RTZhJB74mcHwooxCZejZP
+oPZMA6waf3sgvwE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDnDCCAyGgAwIBAgIQYlOBhXWzkj7ltEnfyvmmKjAKBggqhkjOPQQDAzB8MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTAzMDcxOTI4NDZaFw0yOTAz
+MDQxOTI4NDZaMIGEMQswCQYDVQQGEwJTQzEOMAwGA1UECAwFTWFow6kxETAPBgNV
+BAcMCFZpY3RvcmlhMSAwHgYDVQQKDBdJbnRlckNsb3VkIFZlbnR1cmVzIEluYzEw
+MC4GA1UEAwwnSW50ZXJDbG91ZCBDbGllbnQgQ2VydGlmaWNhdGUgQ0EgRUNDIFIz
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAErlQZYgv0U/8lMXg1NoYKHm2j7T/CkFg6
+iqlp6yVzm94TCoFom9fAgBcEKXv5Vdag8VbZO9ul1TWxFIC6ZN79ewheh9m5oPIE
+gtPjENxmVs7ga+yrlMCARprQkX1UpBK/o4IBXTCCAVkwEgYDVR0TAQH/BAgwBgEB
+/wIBATAfBgNVHSMEGDAWgBSC0YVzMOc1BNOOApL75aTRxCHozTB4BggrBgEFBQcB
+AQRsMGowRgYIKwYBBQUHMAKGOmh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5
+L1NTTGNvbS1Sb290Q0EtRUNDLTM4NC1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6
+Ly9vY3Nwcy5zc2wuY29tMBEGA1UdIAQKMAgwBgYEVR0gADApBgNVHSUEIjAgBggr
+BgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwwwOwYDVR0fBDQwMjAwoC6gLIYq
+aHR0cDovL2NybHMuc3NsLmNvbS9zc2wuY29tLWVjYy1Sb290Q0EuY3JsMB0GA1Ud
+DgQWBBQhbQw9QT3QUZSPU+OAL1h7jISWRzAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZI
+zj0EAwMDaQAwZgIxAJ6Y9Emo6GxDO1g99eB5pIIO8QkCKROOJrQc7X4krd+/NOSc
+gtdnWhZPJpyEV+lGbwIxALwYtAsTf6bWAg3NDRLCyWMobW1UsZ1IcgPOqcY6kAro
+rrfCxspa1VYQHgS5FFp2OA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjDCCAxKgAwIBAgIQcetBW+6jOSy8e7tQnpyhZjAKBggqhkjOPQQDAzB8MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTAzMDcxOTMwMzdaFw0yOTAz
+MDQxOTMwMzdaMIGBMQswCQYDVQQGEwJTQzEOMAwGA1UECAwFTWFow6kxETAPBgNV
+BAcMCFZpY3RvcmlhMSAwHgYDVQQKDBdJbnRlckNsb3VkIFZlbnR1cmVzIEluYzEt
+MCsGA1UEAwwkSW50ZXJDbG91ZCBTU0wgQ2VydGlmaWNhdGUgQ0EgRUNDIFIyMHYw
+EAYHKoZIzj0CAQYFK4EEACIDYgAEZvf9klX/Oeqlb5IFPGzWBWfNfRHiXWlX8unY
+HZKiGx/X7tGQe4vsQw5vQLrX3C2HssvOOXbvabWue4quF6MN/wrMyu75KolhLU47
+F1wg9+HHNqROEqO2g7Vdum1xN2LOo4IBUTCCAU0wEgYDVR0TAQH/BAgwBgEB/wIB
+ATAfBgNVHSMEGDAWgBSC0YVzMOc1BNOOApL75aTRxCHozTB4BggrBgEFBQcBAQRs
+MGowRgYIKwYBBQUHMAKGOmh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NT
+TGNvbS1Sb290Q0EtRUNDLTM4NC1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9v
+Y3Nwcy5zc2wuY29tMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggrBgEF
+BQcDAgYIKwYBBQUHAwEwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybHMuc3Ns
+LmNvbS9zc2wuY29tLWVjYy1Sb290Q0EuY3JsMB0GA1UdDgQWBBRhP7oNOe9LgqOS
+Q8PEIWSa/v4PvTAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDaAAwZQIwakjo
+LqEHHWv9J1C2Qlku12DgD1hzocn0Hxnr+FotB1w3K/20v5ZVrsjBL3qs374MAjEA
+9E2lHTxabo0uvFbO1iKfbsgd8OdqOG3FJLSePmMPfRFXudJi39J2hB3JPe3gFwYG
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkzCCAxqgAwIBAgIQJ6uF/gMxCfH9tQMtV30gODAKBggqhkjOPQQDAzB8MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTAzMDcxOTM0MDRaFw0zNDAz
+MDMxOTM0MDRaMH4xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UE
+BwwHSG91c3RvbjERMA8GA1UECgwIU1NMIENvcnAxOjA4BgNVBAMMMVNTTC5jb20g
+Q2xpZW50IENlcnRpZmljYXRlIEludGVybWVkaWF0ZSBDQSBFQ0MgUjIwdjAQBgcq
+hkjOPQIBBgUrgQQAIgNiAASef3xFPNLLdSgcAUk1vIep1NKM7aEZo8N5C2Efwn8+
+m5wcI39ei9+9+6mMNqoElAVZojJZ519XV9rrwSesZNrgtVVNFMpPmIBPfk5ACQwi
+OugouQ7UkRAThBQjfo0vgGyjggFdMIIBWTASBgNVHRMBAf8ECDAGAQH/AgEAMB8G
+A1UdIwQYMBaAFILRhXMw5zUE044CkvvlpNHEIejNMHgGCCsGAQUFBwEBBGwwajBG
+BggrBgEFBQcwAoY6aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29t
+LVJvb3RDQS1FQ0MtMzg0LVIxLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3Bz
+LnNzbC5jb20wEQYDVR0gBAowCDAGBgRVHSAAMCkGA1UdJQQiMCAGCCsGAQUFBwMC
+BggrBgEFBQcDBAYKKwYBBAGCNwoDDDA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v
+Y3Jscy5zc2wuY29tL3NzbC5jb20tZWNjLVJvb3RDQS5jcmwwHQYDVR0OBBYEFHco
+NRRSZVUP2CFnn6aiSjWRgSVUMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAwNn
+ADBkAjBP+Mnn2uq5z3DmuZFIewdGXDNHQnFdbDc0C1mFtd+HMgaq/HhTjWmbVOyL
+7+hL6PoCMGmfO1R5xV9sCpAU8JZekqD/2UwDW8QE5LYnF0/FnVzHKm21Q2TNM5FE
+dXjc6hcemQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhTCCAwqgAwIBAgIQPH075n+j7W0w69DwtN+DnDAKBggqhkjOPQQDAzB/MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNvbSBFViBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTAzMDcxOTM5MzVaFw0z
+NDAzMDMxOTM5MzVaMHIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjERMA8GA1UECgwIU1NMIENvcnAxLjAsBgNVBAMMJVNTTC5j
+b20gRVYgU1NMIEludGVybWVkaWF0ZSBDQSBFQ0MgUjIwdjAQBgcqhkjOPQIBBgUr
+gQQAIgNiAAT1t4leMOvsxnX7aOOmLIoNVAm6ml1dgCWh1gA0A1jMIeOm3cI6vRUs
+j1mNq+Fi+gFmG4N/fJm8jGgakxhO7+rkDUE1fFF74YMMBmZ0ku1AeRTXgnLmSWCD
+C3nmK1X8MI+jggFWMIIBUjASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaA
+FFvKXuXe0oGqzagtZFG22XKbl+ZPMHsGCCsGAQUFBwEBBG8wbTBJBggrBgEFBQcw
+AoY9aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVJvb3RDQS1F
+Vi1FQ0MtMzg0LVIxLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5j
+b20wEQYDVR0gBAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDATA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5j
+b20tRVZlY2MtUm9vdENBLmNybDAdBgNVHQ4EFgQUhO74eT4IZHZIZDn1sb+LAl4L
+vCcwDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMDA2kAMGYCMQCx1zLVSyEBp5fv
+Db5CaW0hZG1M8rXEn0o8bVvThDQ3oGhDQqn30letMq7wqm8Wlw0CMQCC9kSf1oa0
+nvHk8EwWQqToAbE4Em09b9qsReLgy0Bz6OldYKedC1Ocuy5/nktf4aI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDejCCAv+gAwIBAgIQHNcSEt4VENkSgtozEEoQLzAKBggqhkjOPQQDAzB8MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTAzMDcxOTQyNDJaFw0zNDAz
+MDMxOTQyNDJaMG8xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4GA1UE
+BwwHSG91c3RvbjERMA8GA1UECgwIU1NMIENvcnAxKzApBgNVBAMMIlNTTC5jb20g
+U1NMIEludGVybWVkaWF0ZSBDQSBFQ0MgUjIwdjAQBgcqhkjOPQIBBgUrgQQAIgNi
+AASEOWn30uEYKDLFu4sCjFQ1VupFaeMtQjqVWyWSA7+KFljnsVaFQ2hgs4cQk1f/
+RQ2INSwdVCYU0i5qsbom20rigUhDh9dM/r6bEZ75eFE899kSCI14xqThYVLPdLEl
++dyjggFRMIIBTTASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFILRhXMw
+5zUE044CkvvlpNHEIejNMHgGCCsGAQUFBwEBBGwwajBGBggrBgEFBQcwAoY6aHR0
+cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVJvb3RDQS1FQ0MtMzg0
+LVIxLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20wEQYDVR0g
+BAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATA7BgNV
+HR8ENDAyMDCgLqAshipodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5jb20tZWNjLVJv
+b3RDQS5jcmwwHQYDVR0OBBYEFA10Zgpen+Is7NXCXSUEf3Uyuv99MA4GA1UdDwEB
+/wQEAwIBhjAKBggqhkjOPQQDAwNpADBmAjEAxYt6Ylk/N8Fch/3fgKYKwI5A011Q
+MKW0h3F9JW/NX/F7oYtWrxljheH8n2BrkDybAjEAlCxkLE0vQTYcFzrR24oogyw6
+VkgTm92+jiqJTO5SSA9QUa092S5cTKiHkH2cOM6m
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFgTCCBGmgAwIBAgIQOXJEOvkit1HX02wQ3TE1lTANBgkqhkiG9w0BAQwFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE5MDMxMjAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5
+MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBO
+ZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAgBJlFzYOw9sI
+s9CsVw127c0n00ytUINh4qogTQktZAnczomfzD2p7PbPwdzx07HWezcoEStH2jnG
+vDoZtF+mvX2do2NCtnbyqTsrkfjib9DsFiCQCT7i6HTJGLSR1GJk23+jBvGIGGqQ
+Ijy8/hPwhxR79uQfjtTkUcYRZ0YIUcuGFFQ/vDP+fmyc/xadGL1RjjWmp2bIcmfb
+IWax1Jt4A8BQOujM8Ny8nkz+rwWWNR9XWrf/zvk9tyy29lTdyOcSOk2uTIq3XJq0
+tyA9yn8iNK5+O2hmAUTnAU5GU5szYPeUvlM3kHND8zLDU+/bqv50TmnHa4xgk97E
+xwzf4TKuzJM7UXiVZ4vuPVb+DNBpDxsP8yUmazNt925H+nND5X4OpWaxKXwyhGNV
+icQNwZNUMBkTrNN9N6frXTpsNVzbQdcS2qlJC9/YgIoJk2KOtWbPJYjNhLixP6Q5
+D9kCnusSTJV882sFqV4Wg8y4Z+LoE53MW4LTTLPtW//e5XOsIzstAL81VXQJSdhJ
+WBp/kjbmUZIO8yZ9HE0XvMnsQybQv0FfQKlERPSZ51eHnlAfV1SoPv10Yy+xUGUJ
+5lhCLkMaTLTwJUdZ+gQek9QmRkpQgbLevni3/GcV4clXhB4PY9bpYrrWX1Uu6lzG
+KAgEJTm4Diup8kyXHAc/DVL17e8vgg8CAwEAAaOB8jCB7zAfBgNVHSMEGDAWgBSg
+EQojPpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rID
+ZsswDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAG
+BgRVHSAAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29t
+L0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggr
+BgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBDAUA
+A4IBAQAYh1HcdCE9nIrgJ7cz0C7M7PDmy14R3iJvm3WOnnL+5Nb+qh+cli3vA0p+
+rvSNb3I8QzvAP+u431yqqcau8vzY7qN7Q/aGNnwU4M309z/+3ri0ivCRlv79Q2R+
+/czSAaF9ffgZGclCKxO/WIu6pKJmBHaIkU4MiRTOok3JMrO66BQavHHxW/BBC5gA
+CiIDEOUMsfnNkjcZ7Tvx5Dq2+UUTJnWvu6rvP3t3O9LEApE9GQDTF1w52z97GA1F
+zZOFli9d31kWTz9RvdVFGD/tSo7oBmF0Ixa1DVBzJ0RHfxBdiSprhTEUxOipakyA
+vGp4z7h/jnZymQyd/teRCBaho1+V
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID0zCCArugAwIBAgIQVmcdBOpPmUxvEIFHWdJ1lDANBgkqhkiG9w0BAQwFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE5MDMxMjAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5
+MRQwEgYDVQQHEwtKZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBO
+ZXR3b3JrMS4wLAYDVQQDEyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEGqxUWqn5aCPnetUkb1PGWthL
+q8bVttHmc3Gu3ZzWDGH926CJA7gFFOxXzu5dP+Ihs8731Ip54KODfi2X0GHE8Znc
+JZFjq38wo7Rw4sehM5zzvy5cU7Ffs30yf4o043l5o4HyMIHvMB8GA1UdIwQYMBaA
+FKARCiM+lvEH7OKvKe+CpX/QMKS0MB0GA1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1
+xmNjmjAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zARBgNVHSAECjAI
+MAYGBFUdIAAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5j
+b20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYIKwYBBQUHAQEEKDAmMCQG
+CCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQEM
+BQADggEBABns652JLCALBIAdGN5CmXKZFjK9Dpx1WywV4ilAbe7/ctvbq5AfjJXy
+ij0IckKJUAfiORVsAYfZFhr1wHUrxeZWEQff2Ji8fJ8ZOd+LygBkc7xGEJuTI42+
+FsMuCIKchjN0djsoTI0DQoWz4rIjQtUfenVqGtF8qmchxDM6OW1TyaLtYiKou+JV
+bJlsQ2uRl9EMC5MCHdK8aXdJ5htN978UeAOwproLtOGFfy/cQjutdAFI3tZs4RmY
+CV4Ks2dH/hzg1cEo70qLRDEmBDeNiXQ2Lu+lIg+DdEmSx/cQwgwp+7e9un/jX9Wf
+8qn0dNW44bOwgeThpWOjzOoEeJBuv/c=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHDTCCBPWgAwIBAgIQQNuabltugn1IBLpOCqC9DzANBgkqhkiG9w0BAQsFADCB
+pjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVu
+aWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRo
+b3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJ
+bnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMTkwMzE0MTMyNjUzWhcNMzQwMzEw
+MTMyNjUzWjCBhjELMAkGA1UEBhMCR1IxDzANBgNVBAcMBkF0aGVuczFEMEIGA1UE
+Cgw7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBD
+ZXJ0LiBBdXRob3JpdHkxIDAeBgNVBAMMF0hBUklDQSBTU0wgUlNBIFN1YkNBIFIz
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAiNlhfmU+e8wXjAFYqW7t
+MYNrrX809EIbHl3XF52YmKRnTjK41nvNHeQQfXFMzNayHpmusY0Ntph39i+P/HMC
+WGd8Shznp+gGqyejxTceEkG4KLkDsUUOyywh4V4QFW7aObwwesv7BDo+rJG5xBK/
+SrTtO1XbIUD3EompU9tST0qqZe68QmhyozTNp09K1vhBdfGXbnSayuVXMCWPVDD3
+flmnk2c9u01NWQXNpCPlmoUfWNFLVh5byoNA+VvydShI9lioCS/jivQldvpO1tFS
+P2k0owp7XLfpiySk3JRGm4dLBZ292U+RDhy+bAYxTDerHYzcb9XVFhTzfq2FhAZJ
+LlSQTmP2voX3Ac974VOKIk2INSIMdJC7NXS/rXzle4Vkvg7VsLIom34ZX0rIlQqc
+tcjsBt4yXzrNxZ3NtAVK/9+AJC5QEGOjf5nJKRXSZYqY4q+Tiv1kR20Y7lv5ufg0
+3n2CivIsXd3lkkDg/XQjhIllqrMDcZBQRaVAEbkGnVWGEWaH6OYy6C+g6t9uOe5B
+BHpPM8MMIVRUiuncUvQpiPeYEJ007gijp0UbVY0MLE9V0uSaNo11W3mn9KxNqA+w
+/6de2mmnHz+hoxpSwnVliC9Y1EcDXA4ziC5dgVd/gByQEpiI13PCJBx1BL3hUpGv
+aJE0VHF+V/aRTQ26/T9bHykCAwEAAaOCAVMwggFPMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHwYDVR0jBBgwFoAUcRVnyMjJvXVdctA4GGqd83EkVAswbwYIKwYBBQUHAQEE
+YzBhMDwGCCsGAQUFBzAChjBodHRwOi8vcmVwby5oYXJpY2EuZ3IvY2VydHMvSGFy
+aWNhUm9vdENBMjAxNS5jcnQwIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3NwLmhhcmlj
+YS5ncjARBgNVHSAECjAIMAYGBFUdIAAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
+AQUFBwMBMEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly9jcmx2MS5oYXJpY2EuZ3Iv
+SGFyaWNhUm9vdENBMjAxNS9jcmx2MS5kZXIuY3JsMB0GA1UdDgQWBBQ9aYUZUX+V
+z1FeOJLIw4DSH+IgWDAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIB
+AIdmkaM3cucTuq+LBKsi797TuqKXICXkVDvTqT7r6QtdcHT6BQbEHKrULV9z/Xeh
+E/awmcbakoJ5p7pN3iToCN/+IbRfWjL2JrliAMOZoEQOIQcO9RQ1//dW4tB2IK5X
+1tR23KjnF7CgeoiThAT8GfZi9cQnfIneL5DZW6J0psSIPS3yqThzEWNvoybQFr7a
+wHrqFPjjPUo7U6aqGfzKy+3SQrDO0hQ4Ia2CrFf5AcJNXLFeFfZaZF0igcBZtfHD
+2Om2No34t8O/ygs1bMMUQvzEVPwFgWeN6+Vt5o9pZ8pnAmeIdQoWmLTWSlTJ16vA
+wDGVprvwnTfv5HmOJ9LCnuqwvcWYY9vBeoeuQeUXBTHXLlETNNNHKMVf2WrnE+WE
+P9d00rb6D3q+ELqV/XoK5Sf87vD5rlDztZJ0a9JrFQPQeNeIiVeYVgmzL6jgGRMw
+NWaoNmSLOZyNBUQrtmhAt9fOr4UvU9UGjlEF4n2AMYkiOer6F6nUpY6Zq2eNzm3m
+r2og47z45XYCY6TEnjtNHInizr1NtgECMqrEOdgu1mcnA8TRkmR3U/C/XWzBNWJV
+xAm2648LewDDCUJUOXgeLgObaxwbv3koQf2oU+bGs9Pt9vig/B5RulWfGx6ow/SZ
+3KUDnZzbCdLzg/83frHflBXYWj09nAp6IdKGcaG9E5Nj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHKjCCBRKgAwIBAgIQJ2tclvFbijeMbnnDqQHr7jANBgkqhkiG9w0BAQsFADCB
+pjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVu
+aWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRo
+b3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJ
+bnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMTkwMzE0MTM0NjUxWhcNMzQwMzEw
+MTM0NjUxWjCBlzELMAkGA1UEBhMCR1IxDzANBgNVBAcMBkF0aGVuczFEMEIGA1UE
+Cgw7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBD
+ZXJ0LiBBdXRob3JpdHkxMTAvBgNVBAMMKEhBUklDQSBRdWFsaWZpZWQgTGVnYWwg
+RW50aXRpZXMgU3ViQ0EgUjMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQC3xHnml3k2XafPrjLX5Dscb/Q0g8RpDakdkbA8jc9+qfVRHsEjuAdXJYOkl3sF
+BQXMrH6B/p5jprz1qqcblAK1AHJRTdW9r4cuf0zzZFTP0UKG9ffUgkUQyfQumsMy
+tCVavF71TGKx0Af+e58lFU+Ym8Ko8NRT2FzkOzeL4g72hbvBHksSUQrKzg710atI
+psXjQihNPtCpKdcmKzQcWGLEDu5Z+53RyLci5apmt1cUUSPiCWP8cjpJzt6gdUyB
+bW1e4yee88vfzno+7Iir5wBF/q+Z97COiQAJMUllkPlOhiqRXSW0CwhdbasSxBaF
+0pL0BPOZzbU3oEQplqD5fdHgkttfLQj5qq/kgErndsWOgZqqdckR2YFvALFMqpqy
+RvR1sX/4UNb9y2h8Eh1xwp8F/OudI+/zX7QDp+rHh2OjqkL4NWPJb3OCFDZ4EXFR
+xerEdZIxI4lOGLHneBUEYv7w168Vat3qug7CPghxGSGZGV4RD6m9xQNNgKFoELIa
+StUexQGaaAzTEe/Sd5zQ6pHhQQl83h512CKZApZOcHUnkIUif3/CvaUWO6K9Lt23
+Nl3D3FF1FpffhMebzcKBPiXornmU/XKDXzZFqhau4xyVYrMtjRBXwkw9yGof+py/
+p+qSsY45MekdrlZxKuSFUYcXXNs6iEhRjvw/3seoSc8CxwIDAQABo4IBXzCCAVsw
+EgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRxFWfIyMm9dV1y0DgYap3z
+cSRUCzBvBggrBgEFBQcBAQRjMGEwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yZXBvLmhh
+cmljYS5nci9jZXJ0cy9IYXJpY2FSb290Q0EyMDE1LmNydDAhBggrBgEFBQcwAYYV
+aHR0cDovL29jc3AuaGFyaWNhLmdyMBEGA1UdIAQKMAgwBgYEVR0gADApBgNVHSUE
+IjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwwwRgYDVR0fBD8wPTA7
+oDmgN4Y1aHR0cDovL2NybHYxLmhhcmljYS5nci9IYXJpY2FSb290Q0EyMDE1L2Ny
+bHYxLmRlci5jcmwwHQYDVR0OBBYEFPXcw7QFx/jnYMAAdfAKmotsDKHJMA4GA1Ud
+DwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAAb5bIgaB78Rr8EI2NE4uZrzn
+eE/4F9q3MU6pcJQI0GVkm8+JZlFIYCwBKajTI91+mHiyY4JekCRNQUu1pMb2NieS
+QArIttnFzU1ji5p2kjTPlt8dEz/X0TwizHNN4CXjAzGOyTmsb2fz6t80ZVxVJeup
+HFiw4DC9Z+xVazKDlMbv3A1lKwZOi9sjHTGSuKdTWsMd5rfVmBAOADW5y8fEjHwS
+aVh0K/cfMpVtqS8T80GazCRgkyV6FsrjBpy6ELhvNUc0nBJ/Y93c5E+7CsXl+NwC
+K/rESoTfA9JgTKzQ54qZeU/LoEBV2xrVX/wKlv6fPfGZl3W+EhlysYkpHkVJmw7Q
+gJIsml6nJePfScPdAYsdcIHJp2taYHivUPOiTubqUvAFUN1PJgT0hdcRUYK+fzAi
+UlhLJnPgh5eTzZr6+aiHM8owzKp0refhpmZUVArFLZKmlP7/sGyyNh2KAQ3vL1e3
+buQBtvfDsscXtHE+UX209Aps44QM6B+EyD9UHlovW/4l85I2UGdgtY+sHPP+f9l0
+F2XVoB12t0fx7QIDtllMT22pAH8QGoXm2maUBGqNBluiG4uemh0RiUce2x9Mw7c3
+4695TcL0/rkNVJ6x2mo51OqJcNCincx+8cZFojU7bD8pClma/B60yeJ1TqTmsdhj
+9RvodwtkOyZEMClE+1A=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHLDCCBRSgAwIBAgIQf86qjaECbfp3FNE/3hX4+jANBgkqhkiG9w0BAQsFADCB
+pjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVu
+aWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRo
+b3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJ
+bnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMTkwMzE0MTM1MTE1WhcNMzQwMzEw
+MTM1MTE1WjCBmTELMAkGA1UEBhMCR1IxDzANBgNVBAcMBkF0aGVuczFEMEIGA1UE
+Cgw7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBD
+ZXJ0LiBBdXRob3JpdHkxMzAxBgNVBAMMKkhBUklDQSBRdWFsaWZpZWQgTmF0dXJh
+bCBFbnRpdGllcyBTdWJDQSBSMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBAIILSyhk5t2dqyZHZTRQPHXmyaoUsDaiVfqqWzc7uT0DPT6kVPQ4uryaBQpN
+UhyD3sJWqK5GBVwFbzXamm2TjufYWTukGDAKtR+0jlJnOmD//0nfSc8M5fYg7WQ9
+UNeeau4BjgS6m604zevqD2DCky8Wohx++hW9WR8OuOV9oF9KieUAGJXNjrxMarc5
+F61Ic/zg6xWBfsJfyx4YzzjU/y/xV6nuljWFxUuyZ41xo/eKgyF5c8aXPDA3iHnP
+0oE6EB8W80u+kx15a7Xu7Mp+Tdsc8TEYUKZifsLogBd+TUY20Ou2KUgqIDLLrC7E
+4f6O4y3kxAR6FNZH6RZhjr8QS0WWoVq+41rR6XoHFljmZoG7Yxmf0UHJM4Ibl2qZ
+SSQSVr7lcf/yoxDan2YHz2bTtCNtkO5IThb2aug2UNVYC1mtZitL+gv58VCCNQzk
+HhwJSWCLk7W/3pF7ewDIKaWgMUn8VgFQ5FdkwAaLXGTp5LB6AqMgs/WSTITi4znf
+rRd1WaRrnDFGKNQIZcLbZw0VR2gxkE2d9NrM+Cg5lMfT5CFeLdlnbWNcgKJ4ZFWT
++SV3SDdfHIfHp2RCr5UlwVe1PXy0VOm1FUZYUH/ZtZ3i8sumT/bg/75rSSV/s2xS
+HnCZccrI4rFRHBxqS5vR7WddXy1AxSCm3FYXPlvfEi8hAm3jAgMBAAGjggFfMIIB
+WzASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFHEVZ8jIyb11XXLQOBhq
+nfNxJFQLMG8GCCsGAQUFBwEBBGMwYTA8BggrBgEFBQcwAoYwaHR0cDovL3JlcG8u
+aGFyaWNhLmdyL2NlcnRzL0hhcmljYVJvb3RDQTIwMTUuY3J0MCEGCCsGAQUFBzAB
+hhVodHRwOi8vb2NzcC5oYXJpY2EuZ3IwEQYDVR0gBAowCDAGBgRVHSAAMCkGA1Ud
+JQQiMCAGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDDBGBgNVHR8EPzA9
+MDugOaA3hjVodHRwOi8vY3JsdjEuaGFyaWNhLmdyL0hhcmljYVJvb3RDQTIwMTUv
+Y3JsdjEuZGVyLmNybDAdBgNVHQ4EFgQUDdDvrDVq/UnU3xC/ZfhZmH5lnqgwDgYD
+VR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQAtgHRMU+hBTyZNI4X1cn/R
+hRi7iTZeplU/mixtbiJf9LPOBe46pl0NeUhXUpGNdDHquLdYGHE91DpdWfS6wA1X
+L+qIYYlW+ROdRETZq2qc2bKk+CHpzSzb1piqPdoNGO1jo/ONi2i2UCCRClbc6umZ
+dqAqMfgPQb46I1iS8S1UzYxW1c02GWZuPbOC+0sl6LiKBWlhMW59wN+QTx6YFMnt
+1CQ0Q6aEWaenxlDGOK+rJJkqvdVCLi8e0sOM+jbsynTu7lFXKTRiWyPauOZieoHz
+YY0lmL2x6f7WAe8MTZ/ltTcXWtZWaiSQid0aPlq+bR1q55Mz1vV3UyJ9D1xbcb4a
+EQgE3VnOZnfAv2hBdBqJjJr7MBgyGa1j/X+OqMgkf+TCnFa1n2D3Y0zMZnCfyxfu
+PGTPjuIzjbOUqKXsTLjTxzZbvpDjbeUBOngWftLeqbtY1wuntbehGKKCeU7yTC4L
+P4dLQ4ppZPoUXNtqVp0NEC/ntwh3DxrUdlJHou4vjQKFc0gsNJ4BryazK4x66qNh
+sxDab6YxogddwTyJAujNf3FTY0AewY18aGZTokKMgw47WVTT1h9KrM5oMtmTPr56
+DUHYAzgxLyZ/I2YBNp17yFcjxwEbTYWZ1xg+a952nSPbJoDHCYr+cmi9orfDAuhv
+PfrsnwC+DLuvnR3RIwfHVQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHQzCCBSugAwIBAgIQQlgke6pLBzMD51YBu8IQHzANBgkqhkiG9w0BAQsFADCB
+pjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVu
+aWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRo
+b3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJ
+bnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMTkwMzE0MTQwMTI4WhcNMzQwMzEw
+MTQwMTI4WjCBiTELMAkGA1UEBhMCR1IxDzANBgNVBAcMBkF0aGVuczFEMEIGA1UE
+Cgw7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBD
+ZXJ0LiBBdXRob3JpdHkxIzAhBgNVBAMMGkhBUklDQSBTL01JTUUgUlNBIFN1YkNB
+IFIzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAm4ST/yTO/5kqsfvL
+BiDTZnolmnYFHPnZA9677nuXKgXVqNxCQNvYIaXTzyVaHtyFnan1uhcnxSPNVRF5
+enwvwGx9AOp+tshQkSINCS/WjI8px+QKRoMx3bt9gOFAMC8pUuh1CXvqJ1pJ4rFD
+xsNu3z40Z+vKfPuyCP2JzUYFmj3QTLNwFS/JOYeVUaz8l7sJH9qbR2tNTmlajL8a
+WRirZxDkPnGVHUbOq/qQiHPtM5jvsep0KTSomBb/PNQ1ozaq6V/jmXzl9yRJPonT
+eTnj41C8b3qGtpF2qq5ICTMXnAMT5Y0oykGd4i1hotmCYpXOPM9Jo+UO3VNfqleY
+mIVGkJf3XbNS57ge0Lll0RJ0C77KJwz9D5shr7MpkR5V7WlVfvzDx4FOd17bqwZc
+h93beLcHC6YGN3CcCd70tAVay1Ec3wRusR3Ie83SL2TRsx9w3E5MmxOyvG6uMOth
+Yi1PJKW2F7+aLj2kjbscJaWv3EkVJfXd1/BKYqtXugM//yqEA/S7KPdcMYs1Yekn
+Zijv6tvxLi2rNb+6aNNDaiDEsTxFS8Rm1eSPRyGNVK6vuRNTzPK825nDhimxyw9A
+Y+i4C9Pp7/QpnXfxC86gGlnPtruXAOQzpFyy0I4lbdvVNN6NTLDwrB0K4zwzj6Cp
+ABdyIKTiNtbD1z78ltpKJtx0DxcCAwEAAaOCAYYwggGCMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHwYDVR0jBBgwFoAUcRVnyMjJvXVdctA4GGqd83EkVAswbwYIKwYBBQUH
+AQEEYzBhMDwGCCsGAQUFBzAChjBodHRwOi8vcmVwby5oYXJpY2EuZ3IvY2VydHMv
+SGFyaWNhUm9vdENBMjAxNS5jcnQwIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3NwLmhh
+cmljYS5ncjBEBgNVHSAEPTA7MDkGBFUdIAAwMTAvBggrBgEFBQcCARYjaHR0cDov
+L3JlcG8uaGFyaWNhLmdyL2RvY3VtZW50cy9DUFMwHQYDVR0lBBYwFAYIKwYBBQUH
+AwIGCCsGAQUFBwMEMEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly9jcmx2MS5oYXJp
+Y2EuZ3IvSGFyaWNhUm9vdENBMjAxNS9jcmx2MS5kZXIuY3JsMB0GA1UdDgQWBBQx
+eqJ3TmpVqMS6iq1NGZwaiA1bMTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
+BQADggIBAFoyF1VqFJ4dVXk/5cFXr3PmFRI6ICIcvh9RP/+c7tlzqB0y+52kADfN
+elT9d9uaHYwnt0JmEAkrY+5Hf0t3An2zDk8eMyxg6EXgnsUrBoMTTOXXVVBk71fP
+CQWt8duQ5CKbrSPaRAKeSUeF5IL1+ow4EabTUKIEeVkhf7iL7F8cqusFjQupRQDn
+W2a5Jjo2E9nTTY1hC0I1v6PB805YNe9JbFtCgpH7qtMJ6Xy19bl0sJr7kec04ciB
+mhsn8eVCz68clmkBLQzIYLNUd+4xS602t4SEEBXhioBlZBygD/nkMSZ475w549Cg
+vnvmGNXaddEwwtC/GncEH7jwuQTQ+HgPtpXCSVAcDcdcQxqpjwGV1NjfAVD26vsm
+ULep1ce1fvLAesb/3BEebOKgsC2riifrbF6eSNGY1Z1k6TwT5FijX4U7in46Os9/
+S5OWkZMjBNJXR46d5I9mGXGX6VIDjQ0hiDxm8NCd5L0TcwuLLPqbITPkVYz2SiYh
+qeT9Q/w1U+RsSwaz9nu3DNJjOqmWEUqpN9rMskRa7Q+C6hzEqNbrjpdsNh5Y7azf
+mSuMrOY9VM9LVA/0hK8P+XsMCD5hWwy7HbcFOWEirTO84TttOn9fRZZO6I/sg1bx
+C6CVt31cmgwDLJCjtVAARyMbfyqWDH6TMm6IeqBQ/lYLeSW4yBoS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpzCCA4+gAwIBAgIQYrTD66U5GBd/EnqDe1dPljANBgkqhkiG9w0BAQsFADBE
+MQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHzAdBgNVBAMMFkFm
+ZmlybVRydXN0IENvbW1lcmNpYWwwHhcNMTkwMzIxMjAyMTM3WhcNMzAxMjAyMDQw
+MDAwWjCBgjELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYD
+VQQLEyJTZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTAwLgYDVQQD
+EydBZmZpcm1UcnVzdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBEVjEwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZLT2Didbswle+ODgIPHb/DXnMZDfd
+pOotUIbYHMhW1HiAh7GkD1MgrTI1AzP6lj6DMTxiVUi4N8OK9EI4XZdMi3sWq5Op
+kBoV49lmnuSF/Li5dnyas2ItuBFmzqiEkxj43Fas627qIWPwX4MHyDN814K54pmU
+/ohAglEH665b+1ArDz1vxEEpFER6I8L/fTXYBGs/wCJIV5XnBKXjkOl96LR/RDVq
+k+kV6c9E4/Ths4IVYeLizFuke7fNoiZyvWQ+H/tUIZWGoyqZ2ZCIXpPKNI6kt5oF
+LJXfHcu7lDQM5UxjVlzVDbJFeTD5LHHD7UwlRECJY8GC39dQ1wk1JOKFAgMBAAGj
+ggFUMIIBUDA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3Nw
+LmFmZmlybXRydXN0LmNvbTAdBgNVHQ4EFgQUM996PgJ5luu2DMBj+nW/kiLNkfow
+EgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBSdk8ZTi17Krz+fHg/lmZW8
+JPaUjzBHBgNVHSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93
+d3cuYWZmaXJtdHJ1c3QuY29tL3JlcG9zaXRvcnkwSQYDVR0fBEIwQDA+oDygOoY4
+aHR0cDovL2NybC5hZmZpcm10cnVzdC5jb20vY3JsL0FmZmlybVRydXN0Q29tbWVy
+Y2lhbC5jcmwwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAkXyr+SWj5byHGkFMF1D3gLvqjvrU
+3U89UbUdSYv6G9WHD78PLWgb3GgJW/BFmDWtcRagIY/WgxnUPHb5gyq7/vdNYnVX
+L6J175VB03ub4pcz//DSn/9gWiFAWIKee7H+j5GBvTw5X9xR1qfQc84bcYTVA+ox
+aRpSe1Gcl9QHjXmThXDTyg8FvNK7ewjQ1quE8aeLuU9Coq2Wn/wHLg8YmsHf2/Hm
+Fo2b8Lus/aw4UImSFhwAO1KqaNKiLNkYQRCGOHrmPvZpx3XstTXCuo02iaB+u2bM
+PXYBpSAzqDc2jyfie+p3i2weJIUpbjLPlVPr6BVAAch/mrhjXcfdIzs8Yw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpzCCA4+gAwIBAgIQU/amEQkuUo7ZY/GRSVMiBDANBgkqhkiG9w0BAQsFADBE
+MQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHzAdBgNVBAMMFkFm
+ZmlybVRydXN0IENvbW1lcmNpYWwwHhcNMTkwMzIxMjAyNTMyWhcNMzAxMjAyMDQw
+MDAwWjCBgjELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYD
+VQQLEyJTZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTAwLgYDVQQD
+EydBZmZpcm1UcnVzdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBPVjEwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCvco7Deeb/p8vGva+AiXD+Y+Cu0Hi
+A4apJ4GQNNbLSFkQ9PdoNvjFlCPH9gIVJfc28Jrt871d4IPhrxowey3qa+HPHMmN
+oiwAcjXxissCBq7NrZgkSXRMhia6Fu3NvFgFqZNl7zb1GTpCSilYiHIE/W/tHtbc
+ln1bnLIk7AMy2ZS2EgsmJyU7yVbmEo8Y20f3A3WDIcZVzjOQGJb8dYxhcBs1MWwD
+eohavBhMCFi2IDXfBZjbD2B6Biq7+jZJtPo06yyDsC2feL5/el7z1D6gTUcoCBlT
+5Y6zPnsBB90V1vVHVTeopdnhP4uccqVln40IgAAKsa35cQstxqZhLNhJAgMBAAGj
+ggFUMIIBUDA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3Nw
+LmFmZmlybXRydXN0LmNvbTAdBgNVHQ4EFgQU/mDDDaSinSFPenhMYsXbFPw5eMQw
+EgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBSdk8ZTi17Krz+fHg/lmZW8
+JPaUjzBHBgNVHSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93
+d3cuYWZmaXJtdHJ1c3QuY29tL3JlcG9zaXRvcnkwSQYDVR0fBEIwQDA+oDygOoY4
+aHR0cDovL2NybC5hZmZpcm10cnVzdC5jb20vY3JsL0FmZmlybVRydXN0Q29tbWVy
+Y2lhbC5jcmwwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAOk54qHPMeJwOtPt/KP0vGZ1Kx/G7
+zkfvY9fRw+1ATGeLyuBvDPFDGC7ZHXegy9cH5txHJpzYt2Ns5l90TwqKSLDcgWHt
+fegtWnzYROHl7w3llLrMSy+MjhjUlH7hTTRrk6Vd0Hrcrz4oB9ebHmG/UFFWoD4h
+sg7KAgqTjtlS1Vs3ZWCnUaLAhOcf6J56IRo1AGTfOh/D8zodg5QHthZi+Ucl4kwD
+8zzUdXdzcYktuVws/5ZNp1Nv2FvSmmNKnpWFfkJ1OTVGMKnrwU/F8KsE7thIUfz1
+x/BL/kNRp7PMiXRKi4N7KEiiQPled9EM3FeF7O0q2fbn5S4Z5yduCEYrqg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqDCCA5CgAwIBAgIQFylVHtaOf7Ht9XMA811/1TANBgkqhkiG9w0BAQsFADBE
+MQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHzAdBgNVBAMMFkFm
+ZmlybVRydXN0IENvbW1lcmNpYWwwHhcNMTkwMzIxMjAyNzU0WhcNMzAxMjAyMDQw
+MDAwWjCBgzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYD
+VQQLEyJTZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQD
+EyhBZmZpcm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYxMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPBMIa9VuXJGAw0MHvieGciPFA11
+b9T49YJ7T+zVpoMMQO+ueUKVHb2l26oeCiwIhXMQ5LquOVcx+rofouzcKXY3wKDZ
+zHIOnAkU+23Ucn/3dRH7aHJULsBufZq+NvwgYSgJJEDKfqvIV/c5HiRyZ2H+nAI5
+10Q2xC0UxgSBsufccQ+Fwkg6BAGDlTXrvi8wi75UaGue6jv/qcKLybeVUrgqKE64
+d9oa9PG5/g89QwSdsIQEdVSFzFvFpOG9YhJbJ177Zg6DGCxU0lWwFrVpyH/2vnXl
+jhMQScn8UxzCJdDg3EDqjgaV0JH2yoLug+QVYgURPu5BEb5ut9vAdP7cLwIDAQAB
+o4IBVDCCAVAwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2Nz
+cC5hZmZpcm10cnVzdC5jb20wHQYDVR0OBBYEFNvvZTcL5UfLNdGQHwPBvIjHp+qA
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUnZPGU4teyq8/nx4P5ZmV
+vCT2lI8wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
+d3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MEkGA1UdHwRCMEAwPqA8oDqG
+OGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1UcnVzdENvbW1l
+cmNpYWwuY3JsMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAATH11fMrINGmQGQqQW0ATteVnUG
+LrmRSN2OlmRm+dkUwKXhcQQEfYYlEggPqgvxSUpw13fXSOqVHqAcj3BIqF957kh+
+m3DmC0RX9KaEKD165pf77P5nZcRmZpBl9cctvzIxN19uzcminchusYwLyeWhBtTZ
+xpER9LbrfMNaQ7GnrgalMx54QvdjOhw/GJs9/SqEzYmPshL+DzgZX/oAzY63rQIh
+rBblf6/2talZqci96oFzNst8rGfPy/xQ7lgkki1hwIYbORMfloBhP+vAZJo0mxdM
+ipu3Z0ToK+KU2iqnBxXVr2/kod+CpkHnjUHa1wnQuSaefng3XwZ/vqtSL9c=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqDCCA5CgAwIBAgIQNCSh7Pjwo1/nRrcBHEPoRDANBgkqhkiG9w0BAQsFADBE
+MQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHzAdBgNVBAMMFkFm
+ZmlybVRydXN0IE5ldHdvcmtpbmcwHhcNMTkwMzIxMjAzODU5WhcNMzAxMjAyMDQw
+MDAwWjCBgzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYD
+VQQLEyJTZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQD
+EyhBZmZpcm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYzMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHDl/3xr1qiHoe0Rzb3AGLw56e9J
+l2a3X59+PAfI5wGBHuK9Dl7XsyoH65X6QIC/rXyVpuNgKbbwIGHB+rCSplyHzGyC
+WeM3LXa2q1US7VteeFDS959nxJVRFfwATR9xAK6YTUWQ/yWdw0dZSm0lQNmEMBwS
+qi0ufWokiWXZUzWHOu7A6driCohu9sFDwe1INJUPH6uIlovmzGvG3UYbUSymJcjs
+Ka0fXXX9zukco8exlOIKWRJSNLxKtSSPDVASrGLQ1xi3qkiLTKci3+jKMNDFf1vw
+foZN99HhUcWKXfr2KlWfANdjTMlsTKCfuhfWl1OBVNHGRrACAQCXI/ji0wIDAQAB
+o4IBVDCCAVAwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2Nz
+cC5hZmZpcm10cnVzdC5jb20wHQYDVR0OBBYEFHkesckXxx6ssccU18Pof7y5UJsV
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUBx/S55zawm6iQLSwelAQ
+UHTEyL0wRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
+d3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MEkGA1UdHwRCMEAwPqA8oDqG
+OGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1UcnVzdE5ldHdv
+cmtpbmcuY3JsMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAAhmE4I56hNpnWXQ2Si8a/TgQUZr
+X5Jlv1LDvl3rkDyfEIHNZ8dth17SakJYJBWHExph/iIYjCJ9YmeyhghV5rPqT+wF
+4yyE2ngenIusfnWT2bTpT9u2VZbCNeACE5XnN2UHSA0J9idPjfLuthViWEvSZZUh
+DJ53bX+exO366nDY4AI7owIyhz8hdsWyhZ/0ST+eD+kbgd8osd+GdxzRmyKcfl84
+D1K1uff01T9w2dyUaZglQsFljkaO6xmeXZJsPnhwCp/HlMHWzhAneUQ7I9FZSOW+
+WiYbt4RitmBpysadBReikWM4knECzJQ/fMT9vC0k9BLlqUYRwCH9vr0UnZo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFojCCA4qgAwIBAgIQU3HI6weE/VEI5dTz4yPsRjANBgkqhkiG9w0BAQsFADBB
+MQswCQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxHDAaBgNVBAMME0Fm
+ZmlybVRydXN0IFByZW1pdW0wHhcNMTkwMzIxMjA0NjM1WhcNMzAxMjAyMDQwMDAw
+WjCBgzELMAkGA1UEBhMCQ0ExFDASBgNVBAoTC0FmZmlybVRydXN0MSswKQYDVQQL
+EyJTZWUgd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MTEwLwYDVQQDEyhB
+ZmZpcm1UcnVzdCBFeHRlbmRlZCBWYWxpZGF0aW9uIENBIC0gRVYyMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDDZHfxkB1nAGFKdw0VCgV+B/eBtW1o+
+bXzwRcpeFh5saDI+tv1RAMrYFq+AJkXCCJopgMF2Wqfv5myE3JMgxEHuuKUpJz7H
+FprrFckVOGCtJKH8Iy9AWPjBwt8lKmxGJF7EZst+QoVt4hMe0qhL0WEKbATFPe41
+DcM7UsyQv6Bvpn424uePy3/1ATIsVL3YmvAbUNR0aqVxYAJzTefvyIet/761bKGc
+NyqdOVWFFeTDtr8iL1TBXToAgl0GJ39bFQZsP19VcCpfk9Zj3YHTPRPq5wZOZuUN
+F7jiBUEi6DaVOi3Wy4vdySHtWPeBHRYif1I6fcUfdCNORMc4ee6KewIDAQABo4IB
+UTCCAU0wNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5h
+ZmZpcm10cnVzdC5jb20wHQYDVR0OBBYEFHN8mjhoPFF8QQj+oR8qHrRh2808MBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUncBnpgwi2Sb1RaumZVIRJ9hF
+rGMwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3
+LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5MEYGA1UdHwQ/MD0wO6A5oDeGNWh0
+dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2NybC9BZmZpcm1UcnVzdFByZW1pdW0u
+Y3JsMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwDQYJKoZIhvcNAQELBQADggIBABi64UEwl3l0yIiuSACyVQQIBI60BUmhseac
+4BzCAsJrR5tE/2U9QAa2y6JpR1nqm76DJvw1QQgvFcNe+fkwpvoViCaSTbZkGGwD
+mQe2xRSYJcDSMQUc/GgzLcX2c1CrexQXE1vwV/q33af1en5s1GzLl915aNS/k1ch
+G7EMruJ/D4cuH9j4j2i+b+llmVBzavBwelN5rc693o+Ot9id/1sTWNugwAu3uXGb
+VlhETMnjXGIciegOLdWYhWBln0izYlt9IwlDEpjMVaZ0HZlj2JBGaSe4PfEFpJPO
+beuPcQpLQGw2XpW2ZMG5JcRYaoKWjixXAGktRA3H9nvVW92jvzx/RX484w2ZM5Rt
+E+I1ikAuQLAyWG7clht387e2RuC3NZTtefSyjE3L9gQDOPC+Z9ycwr0WJHRsxFvh
+FJQi3JnxgFZf5mc5n2mh3qAgALTNOUHuDiHrerjTOWbpF/1/NJmo/c/YZ63vZIhc
+EaER4HuhbBqlpf6z3WOIQdZm1ChwXYHrEcLDgfwm9cXoaVK2HZapkMwQbPffPlT1
+E+AxRFB4YmT1y2WzdaHfhFA9nH6ByUdL5+FfrDoIIUO2e8OLOAcrJsf5+unhAhc0
+v7N48JWdmpstjkXCaCIaidrZLJxS+pikNgHB1dXF/TxokLTiPB9jcYKdGaYs3XHb
+YKLdwubu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDXDCCAuKgAwIBAgIQAgKlhME0Bk3J8y0gfqNymDAKBggqhkjOPQQDAzBFMQsw
+CQYDVQQGEwJVUzEUMBIGA1UECgwLQWZmaXJtVHJ1c3QxIDAeBgNVBAMMF0FmZmly
+bVRydXN0IFByZW1pdW0gRUNDMB4XDTE5MDMyMTIwNTUwN1oXDTMwMTIwMjA0MDAw
+MFowgYUxCzAJBgNVBAYTAkNBMRQwEgYDVQQKEwtBZmZpcm1UcnVzdDErMCkGA1UE
+CxMiU2VlIHd3dy5hZmZpcm10cnVzdC5jb20vcmVwb3NpdG9yeTEzMDEGA1UEAxMq
+QWZmaXJtVHJ1c3QgRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQSAtIEVWRUMxMHYwEAYH
+KoZIzj0CAQYFK4EEACIDYgAEu9f5NkumdaVlmaNaxpDB+rBk/S6lhqcUU1zTLcRz
+4G0dr4290hezjrvZJxGJ/X15aexpdD2V9cwaPD/yuEJcaaz+rg/qDoqQF3+AFqVc
+41jw1E0S59+57XVKLtXI7Xh6o4IBVDCCAVAwNwYIKwYBBQUHAQEEKzApMCcGCCsG
+AQUFBzABhhtodHRwOi8vb2NzcC5hZmZpcm10cnVzdC5jb20wHQYDVR0OBBYEFMaQ
+jAKD113jvjucLtVlfSoQYO7lMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgw
+FoAUmq8pesARNTUmUTAAw2r+QNWu1jwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYI
+KwYBBQUHAgEWJmh0dHBzOi8vd3d3LmFmZmlybXRydXN0LmNvbS9yZXBvc2l0b3J5
+MEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuYWZmaXJtdHJ1c3QuY29tL2Ny
+bC9BZmZpcm1UcnVzdFByZW1pdW1FQ0MuY3JsMA4GA1UdDwEB/wQEAwIBhjAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwCgYIKoZIzj0EAwMDaAAwZQIwHJ5g
+a6sHvQ51DGr0bWq34awuwlWbybC2grHoNp5uYapcXr/qTJusb/6n+dczqFdaAjEA
+7VQY06fE9ifMnTgT9824jc3+H6kfhMk4PoIj9ouWdYfc1DyTBS/low9Hb8liQyFr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFKTCCAxGgAwIBAgIJG+Dcaj5/IgR1MA0GCSqGSIb3DQEBCwUAME4xCzAJBgNV
+BAYTAk5PMR0wGwYDVQQKDBRCdXlwYXNzIEFTLTk4MzE2MzMyNzEgMB4GA1UEAwwX
+QnV5cGFzcyBDbGFzcyAzIFJvb3QgQ0EwHhcNMTkwMzI1MTIxMjE2WhcNMzAxMDI2
+MDgxNjE3WjBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMx
+NjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMyBDQSAyMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvU4V2hRFFe4K7BMEmm4IoMTwS7NyDQB4JEar
+dV1qBsKHIIQJDm9hbCakcLIWXVv6vYrJZ1AEF0b6awBwhhlqXlyNnOtNa9uR+IAP
+86d4yOGpgHSlNAhdtOOk9Qw6MUzzBo1lyoYmoL0f5n02SMrlMcArSg458o08eDUx
+4iZs4dXDR9Hjxac2s+mdAO35Js8VK/D50AIMDJvHVeCMw+rumZkNZuRqM7PjIK+u
+BmbqO8A95PeqQEWHvM5nchlV1+ZGNVqHHSJenlMnVKytGv+4KJp7U741H/9cMbd2
+X2PXsewWWFhGXoS8R9VXQ5xb3hF6324FQXvcA1mXRv6DAJedXQIDAQABo4IBCzCC
+AQcwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRHuM3/5W/u+LLsL04O+SWw
+jjxrwzAdBgNVHQ4EFgQUIjAu0vv2S8rAuDvSBMTpcuaXmwwwDgYDVR0PAQH/BAQD
+AgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjARBgNVHSAECjAIMAYG
+BFUdIAAwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5idXlwYXNzLm5vL2Ny
+bC9CUENsYXNzM1Jvb3RDQS5jcmwwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAB
+hhdodHRwOi8vb2NzcC5idXlwYXNzLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEAo42Y
+fp96nUiZbZsqvYBID3Sqtx3jJfU8gNHFeXgkS0pxYHHYUwsVSVRjw+BGVEGUswpF
+MaYMCZD37ZL0JpvvXWrCDaMb/GqDJAQHLLTyVKPGGGIWCZH/FrhnNvcpt2XXA8lU
+Ujzp5nZPuqvenzQ/aXHI4sH5sN/QjyKVMSa/6RbWBeQmvIdgyM+0jIR5/r6UGiKM
+ar55trZgnlIbvQJ/w8QTmI/NwvA5CtRaOslQBxeKoAR0BuA/lRWnocXa/BM5uO6P
+ULL7ct/uI1bS+YThHXHmFybI6kDf+RhRzWY9165ZP96PBph6smQkxPDAz2b8v+mh
+LThH+5hkqnoetYfK2MdBYinceGPP3gZ+uBSDDI2o6vdVvdg7G96GP1OEtgTEqZa3
+glVafckpn/8F5CisypdQuZ5zyy/6SXZCKkPcikR87ysSKnjtteXbxMWVtwkeBALT
+K7DbJA+5aOCYRNj6CJGULQKiGlC01/ipORKewf5J3yus81lLHzBmgQMA5l9RL8rV
+6dI246mPpQ+8WDLsDrK3ydSDv5izgdVHzhL0tT2u4vwSq2WUqCgi4xLIA1N/fA2H
+xEW7zh0X/3YVz++g/6bd7iqRD9nRRZxACekRbza7AqU5xN1UjvVtCJQ9VC74K9KP
+pBoLWE2Bz5ksL9VUc4kS+WGORvZrSE1EpBq6cHc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFKTCCAxGgAwIBAgIJG3gcbV40zh93MA0GCSqGSIb3DQEBCwUAME4xCzAJBgNV
+BAYTAk5PMR0wGwYDVQQKDBRCdXlwYXNzIEFTLTk4MzE2MzMyNzEgMB4GA1UEAwwX
+QnV5cGFzcyBDbGFzcyAyIFJvb3QgQ0EwHhcNMTkwMzI1MTIxNzEwWhcNMzAxMDI2
+MDkxNjE3WjBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwUQnV5cGFzcyBBUy05ODMx
+NjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMiBDQSAyMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKtnxpZLDQ+R0uzKzDMr83L8Dn+5ToSpD31z
+qiYMykj7I2geNQ7javKsBOzhgeVr7GP4yJ5bK/P0dhoKesYvQITihfwztbMP6DyH
+q1QJLQBqQnF0Lk8GhxSSNAZnlkCgX3aazoL32p9BeEfHuUE/8BlPywJY/RyE5/39
+w3EKmWylhUkeRCMo3dUZr4khJq8JwGp/feKFs9n5FouM5PGhpFpZO+WQXEeqxpnc
+CxbvWpInBoTnmX3+ofjm+fmY+sdAnyHkuOBBw3koGbFQygDaJP9VItOGByCX4iSV
+ty/2uzppowIkf7Mpu5v5HJGKObLMP1gGv5lNqjAe8mz0bn25kwIDAQABo4IBCzCC
+AQcwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTJgHfgYpKC9Uac87r3TMPe
+uKOtOTAdBgNVHQ4EFgQUkq1libIAD8tRDcEj7JROj8EEP3cwDgYDVR0PAQH/BAQD
+AgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjARBgNVHSAECjAIMAYG
+BFUdIAAwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybC5idXlwYXNzLm5vL2Ny
+bC9CUENsYXNzMlJvb3RDQS5jcmwwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAB
+hhdodHRwOi8vb2NzcC5idXlwYXNzLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEApNka
+48a+qhJXXS9R24p34CWnirlyxPMhxFfQyvPFXnwBQGHvrm7H5KY3/9/etShFXdY/
+N05Aq6UnE8my8jR4iHMm2e9iEf4v+O2E2JGH/5/H8wup160GBAsp4zAmJIT8KEgh
+YAA1j+NaClVryZfEaaDfAdF6LbU3cW0ZgooILPMeeCEXso23KsdCD1Q+SMvD6nQJ
+86iTvzWPY2GFJyEmvG/N2f29nBaHxWwZBwCfWB4Hqsw9wdKfY5M9SE/AGSLZ7LRM
+BmkkF9nqkWxxISadx12nbxn0LsU2k8Xyt830DqhHGSoYHEC/iGxbU4Bub8NC0uw/
+QNBj5Gd5cXLFhRUWLLBTq4p6P6kLc7JudpM4FNQ+stWK/eDZylbDLN3iCBRnHH4p
+qg6HAlWuieiAKVsidBMxPUyDLJ/8Dt+aW8Z3vCNcYC2n7wqrLZz5e4FG+Wn9teFW
+Rt5pO6ZUZAkDS59ZVojbbjOdQzNw3QHtZl0IMHeNYXJlPIUlHi4hGL3maGZ9sBF+
+AMfMLDu56+J2DewIuTXPzCeJeSTam/ybNt5FxTznxCSCIDqwmZMy3AQEz9nGSbE8
+zfwB5VT2ijLB0PpPX4YbLf33Vodf0NAkBUv6N5It30XiTUPhdk+caBYPoljz/J9U
+15T5+EGHs8ccHQWyYQ6gqYk8o4JgP4rSJqO1sMI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuTCCA6GgAwIBAgIQCLT17zQGjf1LFRbkw1rAHTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDMyNTEyNDUzMVoXDTI5MDMyNTEyNDUzMVowajEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTEpMCcGA1UEAxMgRGlnaUNlcnQgU2VjdXJlIFNpdGUgS29y
+ZWEgRVYgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0l9xY4fSU
+3afHAuWko+LhYrN4nuDyhJPpZ8Ua1E9QE06lYqTR/yA+H7k51egdMR6MYUcizEVt
+QzqbEiP5UHJGYadtD7Y/yhJ+N6cpQJ3BuYyBnE9HahTyQ6ZY6ZDJxheloLm9jARS
+AvXUWZ+OLss9xLL/UFd6ssPzMmQ9xdBJmnew2RgusyXNV10qvW5+uwwSxMMcaazS
+HLGffOCLEmPoha/rFpKrsV+SbXQPxN5KFAaAQ35T1QIbY64fg1NtguftfqVC7/rO
+pPw4zU5ZCbr7M9fgaggDkPrBk0GVM9xDfkFOVCi6SHjrOwi1XEmw4k5YUi65CLC2
+lWXYWN6BNLPhAgMBAAGjggFXMIIBUzAdBgNVHQ4EFgQURdgmlvaR/XCtuftoNEAz
++lF/46cwHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8E
+CDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29j
+c3AuZGlnaWNlcnQuY29tMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwzLmRp
+Z2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwSwYD
+VR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cu
+ZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATANBgkqhkiG9w0BAQsFAAOCAQEAPgw2
+w6ZCAn5rRWZ638fA4tBJRGiZOON0B40mLeXVpF6Uo3PO8zvcTgP8vcXYETxsstnr
+Dp9Ssn7aSCBpfiJ0gF0NYbdxKP8TCiTGx1MKoazbvgvmfahXuknx6yypQOyuZRvY
+t2NKnBAWdi0OsJuGfIMkS6bS0u1bc/r1R2N1AurXGOq+RNEdxZVu6l+lYjwF9abr
+zm/yoVwtU/uk5mt5Hdx4vHTdSj8DZpUa7DV59x8U6rqXIfZDy62TFG3b8EN25752
+vT/Xb/rjYqYI6H/kZY8HICb+qQFiOJG/Hy+ZoljyGEAwR1OhmBjseM/CKBR6tkpc
+CorDzmAUPphVeBmnAw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5jCCAs6gAwIBAgIQDWGMrbYaqU9oEYIzz9SkXTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTAzMjUxMjQ2NDVaFw0yOTAzMjUxMjQ2NDVaMGsxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xKjAoBgNVBAMTIURpZ2lDZXJ0IFNlY3VyZSBTaXRlIEtvcmVhIEVDQyBDQTBZ
+MBMGByqGSM49AgEGCCqGSM49AwEHA0IABF43Dg9MDmLVpFLAck1R1v2sYHpZbFwV
+3m1ABBJx33nLdZd/IzHNT+GYkkIndvLAj3b/Xh04d0w4UZ8n2lAdNQSjggFZMIIB
+VTAdBgNVHQ4EFgQU8fSWo5rehOCxWDc1idnynf+lLZswHwYDVR0jBBgwFoAUA95Q
+NVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEB
+BCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEIGA1Ud
+HwQ7MDkwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEds
+b2JhbFJvb3RDQS5jcmwwVgYDVR0gBE8wTTA3BglghkgBhv1sAQEwKjAoBggrBgEF
+BQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgIwCAYG
+Z4EMAQIDMA0GCSqGSIb3DQEBCwUAA4IBAQDcmthudDWFvbXRrLcocxBzSFossXwA
+s9h7+lF10+DDPiVVlOf01K4AJkjlua9ZhwPgy8mECeqWDEB8cRbjhW3oyN6W8d2r
+l+kqcGiEa5jah8iLGkHY304z+xibVEK7NYgFeqZzduuAooHQPfH4nGeCVXMaGGOb
+UY/WZKhnfNH8hHeofY4dPeiGGJRCAffz4GRZSxcwW0RLxxmxQqrWqgBlPnJbN2+j
+yB6acN07vjPrTrTYEv5Tx0RrWISyiqdveCZIMv7046q55DVCARO3uo97C8apzrwo
+QKH1/rSLkYBs5xTMLaQAXYIjwpFS1JeLojTUz0sXWi0FyEAZls5vocLR
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID8jCCAtqgAwIBAgIQAtyF17jzCZRQia49J52UPTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDMyNTEyNDY1NVoXDTI5MDMyNTEyNDY1NVowbjEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTEtMCsGA1UEAxMkRGlnaUNlcnQgU2VjdXJlIFNpdGUgS29y
+ZWEgRVYgRUNDIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAErNrfvbWaoOdV
+uYDCU+IIWfHag+ezD9W9xN//gaajDv2IgcikKUwk5COncaqVTvja3WPZ7m2RyUB1
+DscawEcPX6OCAVcwggFTMB0GA1UdDgQWBBRVmi8UPp6fpoTP51p8WG1aBEK2fjAf
+BgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAOBgNVHQ8BAf8EBAMCAYYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
+Y2VydC5jb20wSwYDVR0fBEQwQjBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNlcnQu
+Y29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDBLBgNVHSAERDBC
+MDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2Vy
+dC5jb20vQ1BTMAcGBWeBDAEBMA0GCSqGSIb3DQEBCwUAA4IBAQBOb9ku3v3X+KUw
+Z+BRTsGvw/l8erKjEcATPTqeu0leXz+sOq0Fl5f2Stq36yVOuNAVgnYPJgOK7Txj
+76Z213RdKzl7zGFDI58s0sDzDyy/+coYImChb3r2p2p6F0iFQ5QJmtUjbXp3amTD
+fGoJsHRdsW7D/BHzn6k/wnYLUsPgVvD0bHBNc4tLlt77lK1OqHN3lGzbM2UC6+G0
+ZBXyFzCGIrLK9BnTS4P8W1RM//6we+O5MWR9+WetzrywqglT39FUFXg5gSvtAj6i
+ebt9e+A9D6/g5gxJZmb1J89MdSK1/aUFBwL+WginEEidBHKZCD1lnIBaOQUmaMmn
+w4MYa1gY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG9jCCBN6gAwIBAgIQEwgRH7aT5ho8d3Ge2qnLgDANBgkqhkiG9w0BAQsFADB8
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTAeFw0xOTAzMjYxNzE0NTRaFw0y
+OTAzMjMxNzE0NTRaMIGEMQswCQYDVQQGEwJTQzEOMAwGA1UECAwFTWFow6kxETAP
+BgNVBAcMCFZpY3RvcmlhMSAwHgYDVQQKDBdJbnRlckNsb3VkIFZlbnR1cmVzIElu
+YzEwMC4GA1UEAwwnSW50ZXJDbG91ZCBDbGllbnQgQ2VydGlmaWNhdGUgQ0EgUlNB
+IFIzMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsTin2eZcqn09L9he
+xcA58zeRb2T3XHIBT1BCNeKWPW8HHJhkJnPCW//QtxJrBeXiXwF3OMrUMbll1wb+
+0YRfVSiZHKCfWmwaZrGxMiYSetzu38rLx8HPYp8UOXNO8qXxmysVAV7h44A7bTb9
+Gy3A/IR0/OOquDkyTCSWRIjCD2rf1nKq9VjN1ZSnA6iMingczj34ABCYFv5KqMev
+I5bv4T/K5E49BncyyYqi4LxbCh2MhF3Py9x/BRwt4ynr8YbWjdXI4eM3D1pWwbZN
+85gUa08ufdLOhM4pHnt4ssvABRQ4NWEY8h95YHvO0MCtARtTXfEZ8Qc7URTjHw6Q
+5fT6WXpUz0FLoA1Iytlnt+daYV3WkTTlxmobv+6DmcYjDk1iUIqUBlvzgo+V88Il
+/ESnnubwc9UI11SOkypOLMsny2Na9cP6UP0zy4TQgwWTvLtuRMitaV0kpe2ii0DI
+yGny3e0hiP41yX3zVdJBI+lCJ7SpcYFR53hzF+8fdFfh01lLX+ewc/dP/BRs3P3Z
+nzcMuwT7nwBnwpaSAM0eWuY3326EkOVquO/HKo+oGwjB3ajANc3PI5NV/2CfzwKh
+p66o22LDNXut1pxbrtVllwGT/Rh9IrGEBc51Zg7+DRcrS6hQu2TF/XyB+raLtphd
+asBmgkLnEpYo92XjRSB+JXeGOcUCAwEAAaOCAWkwggFlMBIGA1UdEwEB/wQIMAYB
+Af8CAQEwHwYDVR0jBBgwFoAU3QQJB6L1en1SUxKSle44gCUNplkwgYMGCCsGAQUF
+BwEBBHcwdTBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRv
+cnkvU1NMY29tUm9vdENlcnRpZmljYXRpb25BdXRob3JpdHlSU0EuY3J0MCAGCCsG
+AQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTARBgNVHSAECjAIMAYGBFUdIAAw
+KQYDVR0lBCIwIAYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMMDsGA1Ud
+HwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmxzLnNzbC5jb20vc3NsLmNvbS1yc2EtUm9v
+dENBLmNybDAdBgNVHQ4EFgQUuM3OdrhlfljRRmOspL+WTby4xEkwDgYDVR0PAQH/
+BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDt6eM7at/SOGuGt2bI/2OIXFKH+riB
+DOi902O0AYDBndfQDyD35Eusgi/DE6PCivS0D0+bOyzeX+3Zl2vhNL+cIRGb6wa4
+5LDgqOyKjV8WcwlEtxXDXw1YBJgjeG+qN4e+Ox5RZHjBaJQz6dV92mQUthvZvy/C
+fxo6jH0RHdHHj/KbJxQzG163y16iA/UxqZCbvg7mRTKg5eNErmKSx10vtDZfuWDw
+YNjdWOnoGbgGYGXmlwnFirNDESgHfkgutvVIfBUeYykgmp8fC0vP0f0wXrCiQHoX
+wsb+fg6ipsziQ8CC+8mvASe7nyVULN5WAhynm9LhKEkRoXVfM+GUQfVRUYMtntxp
+xPh4abpyge4aNgdGR8pP6nnDyxTIjx6x3KfOGpYnQaGq+rqfTxDkeBAltXADKT2r
+E75ziCgYkJO10pVtwnLAqvcpdbWDqbURWJu++dA4zjAEI9SLjd24ZSDLuIzxzZpU
+PsjZ2minNxT3KCDVFowZSSjG5jqzqUXOXmg7UhXltvxdnCgiFcVAuFKDyXv8EOVe
+Sb0y0/gFt1zH18YgUQxs1blk3PX3L7oP92iFZc9Ht2lv/jvIIgA5q4XLXK0GUlMs
+fmE5kb/bPfti3USxOzGngI59iVRWGDjvL8zpGMJ6fTinVdQxoQ019TG/5L/MZMoo
+/g+Gm1gWiXqvJw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG8zCCBNugAwIBAgIQRtNp7fstuGGz2s6j3yzzMjANBgkqhkiG9w0BAQsFADCB
+gjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9u
+MRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xNzA1BgNVBAMMLlNTTC5jb20gRVYg
+Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EgUjIwHhcNMTkwMzI2MTcy
+MjA2WhcNMjkwMzIzMTcyMjA2WjCBhDELMAkGA1UEBhMCU0MxDjAMBgNVBAgMBU1h
+aMOpMREwDwYDVQQHDAhWaWN0b3JpYTEgMB4GA1UECgwXSW50ZXJDbG91ZCBWZW50
+dXJlcyBJbmMxMDAuBgNVBAMMJ0ludGVyQ2xvdWQgRVYgU1NMIENlcnRpZmljYXRl
+IENBIFJTQSBSMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJwX9ks6
+3x3i1XuhsL1S2jcWm+DvmL+LtiBfab8Gh/eNXXU3xYMVI57Nj2R8xsQFMFHDMks1
++DPr0C/23Wwbep4TxgP2ZQ4jgS3YdskibZgsFknFZ/7w5ZFoPZ6wCiKvgqeO8vK1
+ZP9RxqW8Uz+VjiRil86y39grOOjBdl3ZMLCeh0qcNHcYZ5xj7rLejsCSDqqsVf7o
+0yZ0StdZx8LMo5xf5ItppVSX4hxI2+4AZvyOIg7w/hkhG4GlHa46MVXRiZVrTzrr
+ck92/PST2Mgx8RHa7O/RlIxbCIQo+8pmp0Vg79ElNRZA1S67XYh8PI5eA6nREi92
+53P8zjjZH1H8B9JO6hcXNr8l0XaXmlcrTTnAKS+XVk+rHybZxX7E1WAio82feJYb
+5ByDbI4n8Cazb0K6XA7VaNk/TNtLumFrl0rzGV/8C/ert0reovJUhYR6xqGthbIv
+XpbUIHapWWgrGQM6gzaUuo5eu+AQeapArowDKsnbA/rgYvvWqeZC+/oe50WehKx6
+myfDpsoS23F7zk84illtwg7pzy5z9HDwSpjl+XA+lUy2vWB6l/+P77IhkdrG63tb
+qRCgNvEZyzLi4VcOMp2HYJrNnNPB2uqNd5fxdDgOZhD9ZZRLT4TgvFDnFvZc9mTt
+uCEJ+KuKy8Lgq9A/MQH59xgndFT26olgDak1AgMBAAGjggFfMIIBWzASBgNVHRMB
+Af8ECDAGAQH/AgEBMB8GA1UdIwQYMBaAFPlgu9Tj1TT2uPUGgCWnc9tGaaieMHwG
+CCsGAQUFBwEBBHAwbjBKBggrBgEFBQcwAoY+aHR0cDovL3d3dy5zc2wuY29tL3Jl
+cG9zaXRvcnkvU1NMY29tLVJvb3RDQS1FVi1SU0EtNDA5Ni1SMi5jcnQwIAYIKwYB
+BQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29tMBEGA1UdIAQKMAgwBgYEVR0gADAd
+BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwRQYDVR0fBD4wPDA6oDigNoY0
+aHR0cDovL2NybHMuc3NsLmNvbS9TU0xjb20tUm9vdENBLUVWLVJTQS00MDk2LVIy
+LmNybDAdBgNVHQ4EFgQUfYC0rAPVDQ5CW7hjOW4X8g92jSUwDgYDVR0PAQH/BAQD
+AgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBpnQplL4g3M/3QIFJsOegvufL4nzUAgztH
+Fq7ryPKovWpVCL+UYkl8Kdn7KvwlxgvmuRi682CVxz97yqqbhcy/jC/knP7ALz8B
+sgCJjoBqFPWUgmYRGXXU49k22DM1k7bYjy+b6PG70gs0a8r8fsqk0ayFUCmgeFI8
+FW83mfv+xDfb3Nms5DYJbaILEo+QvQwa0juvHiWJo4YedfwDVi1kZiSziv4kpzuW
+U5cdVO8/M5gdPs23aBo4r2Dc8NrGgQB2Lm3wNXUB9ZRfj7ACqxbKZvgps2NxLVSY
++wDf6BLmwL9aQGhUeOUBiC10HU1wqvpXb/hf4DXmHnaNm3jDGKUMmb+J6FVjc112
+oMYUqJyNo1BzZLtaYxjQH31gUMez/hgVdBo9KhQGRLIcvN7XKwkXhW1O+NaL3Ugt
+6TR3HMkuN/yE1z0sNb3KaKb5jFGvgJr50wDdcNSKgp2G7Gzwp4JGl4qZ4lY5Seor
+ZdESev8LZR/mm9xaB+/OQrn5QBkANj6nGyUEKFDQIhRZG0UiHtLVoTRgSL+0+UR+
+xJYrMA96IvY81tJV/twPGeiSnhtCUNoVInQmM/4z4SQ7R/CpKn0kyu9zX6AQhvHq
+vqvP/oAlaP8WjhHKryslOQuRtrvWLeOlj4e1vK90gj/efgPDcnxkBEia3Y6wE07z
+4gozrT30aw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG5zCCBM+gAwIBAgIQOXQnZqWVgle5u3wWTzhUJjANBgkqhkiG9w0BAQsFADB8
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTAeFw0xOTAzMjYxNzI1NTVaFw0y
+OTAzMjMxNzI1NTVaMIGBMQswCQYDVQQGEwJTQzEOMAwGA1UECAwFTWFow6kxETAP
+BgNVBAcMCFZpY3RvcmlhMSAwHgYDVQQKDBdJbnRlckNsb3VkIFZlbnR1cmVzIElu
+YzEtMCsGA1UEAwwkSW50ZXJDbG91ZCBTU0wgQ2VydGlmaWNhdGUgQ0EgUlNBIFIy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAl2AAGuJKNScL4pBdPVPS
+Co/npDIJwPMuPh8lsu0OPndyN9oLNfYeph+p9m9hREKDS+gKj/u0fJda6Is+KpAW
+5pfeOmt7AlbC3YYZXFsYsFfrR2G/Md51k6/2T8CtM3ek/gc/noZvYSwQf1gq5t+M
+C03UNFGZVW0bahWmPv5SwHa9ToDaptB7j2Zoa8KjFyzkLqmcRGXWasxZuPQwy7hO
+hYHVbTx31ouhMViJt+MNpG5uMzcmzXRdPrRwApf0zL1hMkHMn7NM3KNcp1Sk7jIP
+MOqz5a79PIXwr6+4WQV73afvG15smTGFk+TyRSkJKDsQtTMBLCmwRWTVdeWSu4Lm
+8dwyWRg2mrPRcigoIBf1E2wv2zSiEuhfJqHV0DVtd2eIyTzP6itl6FlEW4AjZo0p
+9AHDPjezghACHJV4K71RbLV+aumCd1hLMZNZL/CAZLpALk+iGBVvTmyaqQmSBwV3
+4XMMMXPnOuz8/bevNQjAgvCBlBlNdSm6rt6CQkmwN19JeWlsxI0+65z5AiReJMZw
+YFausP1W/Cjnjat5euf/MOMhDAalIP2LEVqEPyQkrIQFM4R7i+TfwSkUBaqh96R7
+XMSy+qbBScSfm2bNxep/4cQja198O3Ggz/QtUMQ7a6a4pKS3QjdmJcyBtKCO6lM+
+b2/XoxN+lfRyALXOuZfdI3UCAwEAAaOCAV0wggFZMBIGA1UdEwEB/wQIMAYBAf8C
+AQEwHwYDVR0jBBgwFoAU3QQJB6L1en1SUxKSle44gCUNplkwgYMGCCsGAQUFBwEB
+BHcwdTBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkv
+U1NMY29tUm9vdENlcnRpZmljYXRpb25BdXRob3JpdHlSU0EuY3J0MCAGCCsGAQUF
+BzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTARBgNVHSAECjAIMAYGBFUdIAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMDsGA1UdHwQ0MDIwMKAuoCyGKmh0
+dHA6Ly9jcmxzLnNzbC5jb20vc3NsLmNvbS1yc2EtUm9vdENBLmNybDAdBgNVHQ4E
+FgQUBi+mUBS0mhHndHWKhO/NgUMTjh4wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3
+DQEBCwUAA4ICAQCqrRL0AfHQa1Hf44N6YJ8iX3xC1rAUhinie9QL2OWxDodWy1BE
+EU+08SMqKcBqeZi4pha5AlkWCa+wlZsIUNjiSmh5B3Z9tWOzWeISlNRoJyjkZRwI
+bGTE/h082bnQGuB7iW8Jw6XA+jn3SIbNDVOK8LR37X6PjEMGO1RshAViNXjfNAGe
+/dYHGM0c+59f8jSGhqjdbSoK26WJjZs5m0/sOwVmZm4DUdifZhmarQ5LBn/IK+HG
+AKdqv7qmkvDsQrJHlk+1UX8VyMybkXhZWG5Qrjmsg7NSAQcwN729dHYy9KRMnO6W
+WHIw0UrSabRXbo6n5tpTuGHveMYk+6Sk1B0U57HECrbMvFPUnNH3E7BByjIpC1eK
+xZNdUqtORz250H6iVrflHPOFozKTsvKSmYCudauNXhrIcYonIvEFSEugxYGKB1df
+DtIrkg2u4/pbOi9k5CHAFlh7xSR2dKuZtgaXYzFFFy+3fwlEPJrxuM9szDosQjHL
+Q048LQjsozim5oWea3A8g9frDGs4lVjxgeOQdcA6v09nLi6Ze91B/QgdZXlQp+Xm
+S6uaXcVAUxYCa9T6jZGDrKwxAxbwCFa5pzVNgoOwdWan1FD1nS2Se0C9urYuydcL
+K7JyCRGR7qBI6ZKSoQkS65ZuqMsrXAt/kPie+4DIlYiNqBJZJjj0EOcSqw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG+DCCBOCgAwIBAgIQOPGlF04hyCbJUte/nd8v8jANBgkqhkiG9w0BAQsFADB8
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTAeFw0xOTAzMjYxNzI4NTVaFw0z
+NDAzMjIxNzI4NTVaMIGJMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAO
+BgNVBAcMB0hvdXN0b24xETAPBgNVBAoMCFNTTCBDb3JwMUUwQwYDVQQDDDxTU0wu
+Y29tIENsaWVudCBDZXJ0aWZpY2F0ZSBFbnRlcnByaXNlIEludGVybWVkaWF0ZSBD
+QSBSU0EgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCf2C1jWf9G
+xmJ8y+JvLXfi4sGjqnsGJb9OQn6If0WuoLZFYw97rKz7YpbTlC6q9frJjLgNH5C3
+mEb5innmaIKGWiv6Jxnl4ru8V5HkqulIhdH9V59OAAklc9E3OXZ1HSoZ9N2Hy2h+
+17bV2Z9jbw2nkmv0EXtxRtlgtqneWxL3uIyEFGE1h2FtM+CGZM/w/+ZQJT+pW9B1
+nU+mMZuvJpL7ZWw3RqafoGgg3Ga7ITNWM64pvw3HKxr7zDWYaY+8MmvULla/3JYq
+fEgi48UGJi4CeMI0iFkpdTPmpRrUBsnSNsnVEwSXRuutofbvwfrUn8LCIV8eBx7Z
+6Z2J1y7wT6W335qFRZXH6sf7l5Cww9OuhCQ5T9kkRCnEspPFNZb6T0YGJw0RKHYb
++sJevSMdzY+C03yqwvWJMXpzRtII/9CING9NtViFum86s29r/JvgDE+jTzYZNnVb
+DtvNuNKm9lb+jMMAOJ/w1/SgyBcAO6cSFPOoMw3kwoG9V74nqe/vXvADrX/tZmog
+xtbR+b7nOiKRbp9TgbPAplQSv+LWXARL0Y7v0nz4C2bHZ9+OynGxhwIPutSAAvR0
+l1ar1vB1yTdVGrO8Chh4hwEryIwEBxHgzXkUnAMat063mTqlvTFAubF8nZrNo8Bp
+Zk3TVC49G9yosblzJyZkXhpUB14CX+6iBQIDAQABo4IBZjCCAWIwDwYDVR0TAQH/
+BAUwAwEB/zAfBgNVHSMEGDAWgBTdBAkHovV6fVJTEpKV7jiAJQ2mWTCBgwYIKwYB
+BQUHAQEEdzB1MFEGCCsGAQUFBzAChkVodHRwOi8vd3d3LnNzbC5jb20vcmVwb3Np
+dG9yeS9TU0xjb21Sb290Q2VydGlmaWNhdGlvbkF1dGhvcml0eVJTQS5jcnQwIAYI
+KwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29tMBEGA1UdIAQKMAgwBgYEVR0g
+ADApBgNVHSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwwwOwYD
+VR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybHMuc3NsLmNvbS9zc2wuY29tLXJzYS1S
+b290Q0EuY3JsMB0GA1UdDgQWBBQXtg8ECVIq8CZv82JwIhDdtSvxsjAOBgNVHQ8B
+Af8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAM12+GA0GffuCNeElQbrj6Rb21a/
+WnekHXj8p6CtzI8204J/mq9GhsoKchQTUIo9irokJf2Bs5Qlu6BkoDCSYLBaEDuj
+BbDwDa6ZomeDqUF9DohALCfqHxcuiu84yMM483zk/FAWjKQBVN/UCe6dgGOB5YJl
+E/GNxnX2OW66RoFzyXXt9t3VRJcsUEN1nWzlbTSswRVjibTwMbmRbsJaSIy8Drbd
+7Wil3rvu+Z85qNBzqmJ8gr8jMes/QbQzJBf0SfIK407JT64aPQSkMFGUC7gtGPDa
+rhndPSotZGLDbH4FyRjIUiKGMHcBdZ0uXrNLjGSx29G0kL6NURvanUaQtzlL9u7e
+a+AXbte2m148S/2+aynCvra5s777NEj0UtE6SPGqz+DSlpsrqAqiQfSW/UL+g1w0
+oIoSYi3NyAFpp81hGDnQE7nk0Yu8vlIju3QTUm4lbstd7cv8h2yyRg0oIflZdhZ4
+E0j4/EhsNvNAnGn/1ANtFqUZGmSGMX2M1CG7jRjagJL4eJtOFq101KM5bN4PzKWE
+cDVmWq6/9yJCUhl2H5xemGthdMuzLrN0pr67wjusQP8Gvpyonk+1fLLS6cE8Hyf/
+BIravyDZtkzUFVY9r5okqW46O3S6JhC379YcEXWQdychyP5zyFAOM2HhlgKX2gvt
+9TuCYtYbdrNv1n9G
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG6DCCBNCgAwIBAgIQcutu88UZpyQI0VqiTeto8DANBgkqhkiG9w0BAQsFADCB
+gjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9u
+MRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xNzA1BgNVBAMMLlNTTC5jb20gRVYg
+Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EgUjIwHhcNMTkwMzI2MTcz
+NjAxWhcNMzQwMzIyMTczNjAxWjB9MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4
+YXMxEDAOBgNVBAcMB0hvdXN0b24xETAPBgNVBAoMCFNTTCBDb3JwMTkwNwYDVQQD
+DDBTU0wuY29tIEVWIFNTTCBFbnRlcnByaXNlIEludGVybWVkaWF0ZSBDQSBSU0Eg
+UjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCl0OPcu8wMH/C11EdB
+QG0ve5Pqy4uN2KGyqiaqvKJjX8Rv6uRZoLuIm0w2qXcH4zwRpnC/QhJGs519x/XL
+XwZ7nfcginBRFXdq8gPVab0dUXzmQoP4rfu6H4iz4L4Fb8KHnmzrSHf0KQcS2b2j
+UCNj12J4WhIzpIspcQFkWgTfQXNp8J/OKElqo8RM3zi1ggRCc/ehAGOiRnKJeHiC
+fWwsZAIa4Zz9vl4s87ktXNfcqopJFshGsN0PrLgaIdK0ZWtvl1WSA8BxJ0Bba2FV
+77nXZz3MtlVPvJUMaTkMamgSTQPv6Pwsod//4RzBaFIcLYEdAgfGRhMSK2jqj5Wj
+NtzUANZhS4qBFSv2g+7VfMAv+6oHocm38fdf9gTjCW5ki7O1fexgtiyUWSE3T6py
+5fsZY3ORCYlA7Xz3B3/Mk3j8TIxXzHydoS+rW7tj3mOzqzF/L6hnNSqfdfGXxbQh
+2kn6vMVXEzEaqsLqjcy7Iufs26X5GHw0GLsets2SRPLBWg0dr7kqPrMa4I+l5rI0
+YJLGHPzDPZ5qMSS0eF6Adwgcxy9frCNR76wWfKXf2p+z9WSfZaZq2sxoW01drinD
+0BVqKsCM2SFXERYieWWd9LXlsmlIgzFNg0YzIiSFktjXQuaz9//1D53iXlDi1jjv
+1VDY17JACgzcj9gLXOlK0aN7TwIDAQABo4IBXDCCAVgwDwYDVR0TAQH/BAUwAwEB
+/zAfBgNVHSMEGDAWgBT5YLvU49U09rj1BoAlp3PbRmmonjB8BggrBgEFBQcBAQRw
+MG4wSgYIKwYBBQUHMAKGPmh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NT
+TGNvbS1Sb290Q0EtRVYtUlNBLTQwOTYtUjIuY3J0MCAGCCsGAQUFBzABhhRodHRw
+Oi8vb2NzcHMuc3NsLmNvbTARBgNVHSAECjAIMAYGBFUdIAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwIGCCsGAQUFBwMBMEUGA1UdHwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmxz
+LnNzbC5jb20vU1NMY29tLVJvb3RDQS1FVi1SU0EtNDA5Ni1SMi5jcmwwHQYDVR0O
+BBYEFKjLRoac0KHKwZRDlDAKcgP0EcruMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG
+9w0BAQsFAAOCAgEAW1b+mzu8pjzEoPEMRdTa0dCYHM9xTvJEDXEkprbInhXRULVT
+HLRo7Y6RdZ+1M+aP29KyXagmxo0i0051vKHNE/RVZHeoZR4YkN+tRvDUR8DoSZbX
+fhrqdKjrTtNl4/EjrGmnoU6TeBtVEx2dxXiUMHf7zjHYFqnzEbkGX8Y/M+ocnCSF
+9m9Sc1QumpDo9Nfqg8c5H69RR89CrIo5IPp7DTF0ynqMfnt0AXfZ+zEyyu2xL5qr
+kWujcrIb3m9x/g3sMu8RModmBq/Q+p4sc8sw22r7QVcGkpi97heS2RHBeo6k5dFl
+F3j1/YOOvsLOPs1cvV6qjNhao0b7D84V04TF8brm4N4T63PJzTn5V8sdxehAIgk9
+/XwSmcwWP2SGOt/b/UhRaWKKUoQjXIPZmyHjaGbzI8qWdOAGjKTqsAjQaxxjiQfx
+hIt4cGo7JRq2Qf1RUvLJBH+pcJPPAROg5lyYlTWUMOHJKu7j7lN+NHdaKoJqaAK6
+9hjdOe5du84nPjQUh2eZejyP0vpWzZUgDLTMBP/H0/Zvo6YSul6q0hEh//M+kmGg
+7Sy7hh7gLaJdA4NRjyIW3dwYLGCwJwIq3s3PNiBt+2Gqgd/FgcJqzZs+NZ4o18fp
+jQDzplshWKrRsFFybc6cfUuMlQNfv9/sZnxMQ/+UiHvzui0blorRuqcl2qM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG3DCCBMSgAwIBAgIQekYJPiN8u6jQIc4ccKrwDDANBgkqhkiG9w0BAQsFADB8
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTAeFw0xOTAzMjYxNzM4MTNaFw0z
+NDAzMjIxNzM4MTNaMHoxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjERMA8GA1UECgwIU1NMIENvcnAxNjA0BgNVBAMMLVNTTC5j
+b20gU1NMIEVudGVycHJpc2UgSW50ZXJtZWRpYXRlIENBIFJTQSBSMTCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAINSlaA4gvtnAWSxT5bXGvlOCmJmS0E2
+RlRky8QPENT0ZyXGUsnluHz5MoIOvQ0JOQN/KuRvOsjhDQ80Ljdv4wETn3CXpWHn
+i+URsf1wBFwfdqQOMkXPk+maMnfiyjPinzVNVlbbiLyi3lPsbePCW+8R+Zje5qqH
+y4DEI0IzuuD6EUoBTAtiEyEfh0xP5M2yeUl+g1BlmvO6PUqB+TDkn9KCc95OK3pI
+m7spAsUlxhK0P2MZiB6s74QNCWB4IuzDMY/8/lMnMbtkZUYneBRKj6Jt3zipQ6LE
+d982dwOttO6MQg3m+A+Zs9fZTBj0eojn1OAUA0bxzBqu9pVsGxgrQ5HHTosGOuW7
+1sFLq9ChO7lv/bZxTAzO4G5ym3/t74j/OdPgbRKc5W6CxhsoqMuy6g8LBzf6svP7
+3h5l8EZ4zwZ1v8xFy7iTe7+3FQZBG15l6GL7d/BBMOC9Nxo+IU4hEe6N6rcee9kw
+LwcpT7aB3d9SqSw59wL1Wa+k+l1uSX2QkfBLBVg0uSF5Hi+NyvKrvpNvSF7IEUQ2
+ii818dArblAmI+C6x1hV37ev3HJhpj6hzbdc3JAEZysezYCLjL6XmmAfPHShRU6N
+Ug83906voZMgqBiJcpoW/vv9FI42Y35TIbESPvKk2w3Aznt5PhooqYOHslzIDASE
+PoPdiAhNEhRZAgMBAAGjggFaMIIBVjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQY
+MBaAFN0ECQei9Xp9UlMSkpXuOIAlDaZZMIGDBggrBgEFBQcBAQR3MHUwUQYIKwYB
+BQUHMAKGRWh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTGNvbVJvb3RD
+ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5UlNBLmNydDAgBggrBgEFBQcwAYYUaHR0cDov
+L29jc3BzLnNzbC5jb20wEQYDVR0gBAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMCBggrBgEFBQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Jscy5z
+c2wuY29tL3NzbC5jb20tcnNhLVJvb3RDQS5jcmwwHQYDVR0OBBYEFNA96qKYB11E
+hc8D+8q/NAqfEMRoMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEA
+JOmE8VLUTIykvmLBD67jxXzMjHEw9YZSbg4HEjBentc6mNxJ+I7BAHJqx+pbIXbr
+3Ik/yTIZyyRFfdBB5Txf7Fdf/3emA0/Cchu9mVy8rcMrf78zNS1RnTuztnyw1G0C
+zT2n3YgJRBKfTmrhIWekF1nsZ6Vj/XvJaDSwQr1UQwp+5JcWZt0IgUr2idntxp9P
+pv/rpwEHot+xs2RufVbfZCjlknBr/i1m+WgOKLe5TZBf6yjNBb/gOo1u2HOLnQw/
+54iTPHvjBck0eRnwTUCcBEIC4+kjUPbjUUtxU20WowsUqlOb4rEzjuevTMXCZdxe
+GsxvKvfEdlxUHOA/lcGEf/2uoov8uV4v6aFT9n/ZFJwoIzjB7R/tn/uHoATpin4b
+gds1Ffo12dl/PoaCBS5OgWAnJ3+cyBOdJ2/XPFb5kNWTfuBMjsNeNvWqWLJfbYP9
+GlTruPqC+Uh/tTETkHSxUPpywSnbNer1M6eL9CQVIYZ+g6nESXFvOpaWfdAa/MlZ
+CB5yejdUfxihUkHf5/bbho8hQ8KS6CKJ0rB7VoQyGktTFf5N5jogSox37MSYoR5d
+9HKwvZmHPgBYLwGD5F/EUQhiMEHI9FLwvgeKt2yoaGFKxWilOm1g5NWNOSaoI+bF
+yHnQZqUZ5+CL0njjIjweuPfE3EgZQr0k9tL8fkkgDFQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG7zCCBNegAwIBAgIQB5/ciUBIivHZb9J0CmRVZjANBgkqhkiG9w0BAQsFADB8
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTAeFw0xOTAzMjYxNzQxMDZaFw0z
+NDAzMjIxNzQxMDZaMH4xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEQMA4G
+A1UEBwwHSG91c3RvbjERMA8GA1UECgwIU1NMIENvcnAxOjA4BgNVBAMMMVNTTC5j
+b20gQ2xpZW50IENlcnRpZmljYXRlIEludGVybWVkaWF0ZSBDQSBSU0EgUjIwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDmQ+3UxwVE9dAx75DUrLZwgASW
+LLr/ID8bbGCfpcrSHIRsrR4ut5n49JGViu5DYE6addkpajbiMA2Jaw1Ap4RncDjZ
++0fzSWbqGKEE+vNPVLoKy7OVIrxf/9HzGUT6YaELSNrGTR0cYNcR+W5bE3JTxTMQ
+iLMAwBbMXH4qKXQUT+oyIXD11CIMUtM8ECoo2o7qdpw1zaZWwVvhXy9mkAaRgrkw
+2NpddZUVbJKF/spsJa3lNVdSi3wcJpDDQAl6jxtBF/3ctkY1OjBQz32yRlArFyms
+Pc+we9ffHAgvfqbHVfXvgWG8urVith8/6MjmojHMCKqFoJueLbtTPoN8QhvVh49u
+oRYYAUUH0HOAYCOzGBGrdJvMIYZqQsX90XlU7Qxp1En7vMkQswkQTvGmBPWrK/Ew
+SAJc15BZm+i8QBxPqVKFORfLETLEC4ZrwomtW/oPxBP8zXPvQ0K1dQzAkw+JXxKv
+/KiwDryFFhU5xMMB3yKxO5NRYXlnqW9nwfhdBTJScthzAtGO9KZQ2GPmq0NMVMuX
+e1XdCOmnPxOptKkMldBItkaYgrkTzqP1nzIAhVfU4sNnHIxKPftwrZ9VMSc5Wkz8
+8bOtAJyz3KQRY0qcAtR4LaeRkiZaEmprQA8EOpdJxtv03pBZtaUnnTY6DsEwGQ0+
+P2mmB5IHB74SknyNswIDAQABo4IBaTCCAWUwEgYDVR0TAQH/BAgwBgEB/wIBADAf
+BgNVHSMEGDAWgBTdBAkHovV6fVJTEpKV7jiAJQ2mWTCBgwYIKwYBBQUHAQEEdzB1
+MFEGCCsGAQUFBzAChkVodHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xj
+b21Sb290Q2VydGlmaWNhdGlvbkF1dGhvcml0eVJTQS5jcnQwIAYIKwYBBQUHMAGG
+FGh0dHA6Ly9vY3Nwcy5zc2wuY29tMBEGA1UdIAQKMAgwBgYEVR0gADApBgNVHSUE
+IjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwwwOwYDVR0fBDQwMjAw
+oC6gLIYqaHR0cDovL2NybHMuc3NsLmNvbS9zc2wuY29tLXJzYS1Sb290Q0EuY3Js
+MB0GA1UdDgQWBBRmj6a8t5Msnfm6SeVP3OqQUBFqnTAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAMJr11ncGIPKbaZxuuU2P1TGyXF+gy+xH2TBNWNl
+iJVL613nH1J7L2WcJQzqXYl77rKTzGeQexnKeYZ13MFwuE80vISif/gwK569WLoy
+CvNVvGEZ2bZ+JL5K49mVhrv1gqO+MgMvc8iEENl1xoWRpJGD4EClk8t4u7NUCgBv
+hYORiyzHCZcILHcEMvfEwmmFshMN6TqcAJdRjFT0Ru0hJcs5d7EFdM9dCa5ckXWr
+KK49cSNq4qOaxqpG99EfDw6U2c70YcJ1/IhC1wL6z8qlGvhYQ0vJvqGJqW/DdeuW
+cMmrB+qZL9WbORQ1nvlNggB6smEk0pXXYBr8HYjxT67XwtBBmkBXFpa7G6y4P0BO
+3kxWGBfvRBJHfyaiwREgVWa36V/WjXtPmV8VHcv04Rqgk64E4OlSUxgi9k9VC6ki
+vTXJN+Gg2uJJBQdf+ptVhJqkkrtB0gABF+kQP0xsagKkrS3NVrVKo6peWMx0h7l5
+2bGqT8ucu4Qe200KQi2xp/r8jpP60EE9U4M8D1grH3Kh9OxVOL4wykdoC/yGJNLK
+Il0BfsCVWB/GeSq5hxe/84K51OEJqpjDnOMrkRevfVzqGBFFAeg7Kg7uSysVR05w
+R+ltp3ytaIbjGJtKad8raIbM1qiNFErG7YB7v4baI3BP1s/rTDtPLototahwHP7I
+qOHO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG4DCCBMigAwIBAgIQA6P00GAwUqM3zjgKiDAxjDANBgkqhkiG9w0BAQsFADCB
+gjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9u
+MRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xNzA1BgNVBAMMLlNTTC5jb20gRVYg
+Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EgUjIwHhcNMTkwMzI2MTc0
+NjUzWhcNMzQwMzIyMTc0NjUzWjByMQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4
+YXMxEDAOBgNVBAcMB0hvdXN0b24xETAPBgNVBAoMCFNTTCBDb3JwMS4wLAYDVQQD
+DCVTU0wuY29tIEVWIFNTTCBJbnRlcm1lZGlhdGUgQ0EgUlNBIFIzMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkby+CNUTyO0wakMc6VeJxQLGcTtfwJG6
+W9MYhMBWW22YUMtfCL7at/ey89eCc0cNy9uekJqitJe78Ion5qHBLfSpahYWttzr
+LflXkdlPz6xsZuw7F/tp6oYrcUpRIX92ci0EhORtb5xoX7rwzrBnG2Jv7fPn8JGj
+wmvYPS0meVkuKGtdR/s3dkl0tDraq2xti8cN7W9VawzLDL9yNyEw2GWAp3M5Uqex
+Yjh9HY5w/4bgk7K0KSw+2njaXCEa2MugM6txHDKjocVFBe7G8JPMKkCcbbrgZo/q
+ygTnIY8q7B1XQG2wrdsu4LTo9ijIYmoZHBAKN/XCdPecQYF9cHrv6NjVUcMrNmHT
+B43NrIvrXmm3lZJU4PZNUhb7YrDtpN+rV6zSaKAu/EArGDzYv8iHKT2E+wjhwqOC
+WnXv1qSa//xvN6RSoDMpj7q7iTxfdrQqRFsr70hyPrUmnoJLrBBg1+IqFTkaNtuk
+misP4Bd0zeqkEuxYCmhKcCTM2iS9RMCIot5HI5qeAcVs63WzM+ax0zbHK1F9AIOG
+gwrVRrdwXRSXO4TlvamsL6klJMnjSCs7E1l8xeE403nZPp4RGr5ZQFrhfdG9nL7w
+66osGX+dGHGZkFjASS3Bw0RCiz4oCJxFGE+FAD7pJaV8GP6XTkaZp9n1ooYzCC48
+vq0OtfRS62MCAwEAAaOCAV8wggFbMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j
+BBgwFoAU+WC71OPVNPa49QaAJadz20ZpqJ4wfAYIKwYBBQUHAQEEcDBuMEoGCCsG
+AQUFBzAChj5odHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb20tUm9v
+dENBLUVWLVJTQS00MDk2LVIyLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29jc3Bz
+LnNzbC5jb20wEQYDVR0gBAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMC
+BggrBgEFBQcDATBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY3Jscy5zc2wuY29t
+L1NTTGNvbS1Sb290Q0EtRVYtUlNBLTQwOTYtUjIuY3JsMB0GA1UdDgQWBBS/wVqH
+/yj6QT39t0/kHa+gYVgpvTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQAD
+ggIBAAoTAGRea1Lg+Rlvnhj6lHbvhn9mjUlXZuI1b4d4jDDk5X29gNKhW7Rg97Qt
+oBoJaLb9gZkJ2MkUbCE1x2jIghjLmmFvaIq+nAZEMtWWEi0ycqQm8rVUHioZ2Mfn
+2SoFtQeY+5MFLO9l8IeDaNZ+LV3su8YTsh/453vExhiNhPVEqLyGlkkW0B2gNW8z
+bsRy6L5QW0cZ4gZrY86MvHB0Gl299mTJ4jcgic+Oalbz9SZJ+EiW/aUDSpZ2zawi
+ackPWmAbk0y0gouOymrwOJZTuq+AJEJ6M+WSVdknwE7YwDpVMszHXS38BS1A5N1i
+rzW3BcARHbtCb00vEy2mzW5JPM2LjkzfgJ0lBiyDCE3ZeBeUtKmcdFUFrHwHl3gV
+aRipD+xMa1hGOTh33eMzwWoRxvk6o7y73Sy6XBfycN+8LhXUZT0X8STmWtBtLSMp
+blWMjuuFyUVQvIj05N7hORY/LhdQhEx8kVwS5RkLVSpRnohdk+nI69yIA7EwZKlw
+kKEsDqlVOeDYWVWQANDC55kJ7nOyJbqtGJqImwWXdQcf37fi80cf+mKOYs5vNmkx
+D9bwFWsKnP71x0liSlv8z79vRAo8FJwTgXRNO1c0ACf0rXEJy3GRAXRWiTvuGahR
+JVM3Jnn0G6o3+vTfwa7CKR/9Jc4t25iRU3xmSgiusg4u8i5x
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYDCCBEigAwIBAgIJPZ+eG7IbOqovMA0GCSqGSIb3DQEBCwUAMDwxHjAcBgNV
+BAMMFUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UE
+BhMCREUwHhcNMTkwMzI4MTEyNDExWhcNMjkwMzI1MTEyNDExWjBGMSgwJgYDVQQD
+DB9BdG9zIFRydXN0ZWRSb290IFNlcnZlci1DQSAyMDE5MQ0wCwYDVQQKDARBdG9z
+MQswCQYDVQQGEwJERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKYv
+WizVegVZyhz5Ah4q5hHgpIvfTt1Kq5uydMxplt9n4x5NQmY6L+cSuEoOmkLIKSzI
+or0mLfa3Fpaqjcm7ZCe+3HmEw8q4S9VHMDKhgpfeYVcR446C0vpgM+4dWBwDkVzJ
+sxMBmpbco3pqhoJtSZZJ9X+71RNtOiz5TMJ1c957vJCIEYwXakL7USnIcsyfoGpP
+C5vNtCpZzbwI89Katke1r90uBxmnVTckgHmHoheolFFQGqVbGNQV7mhOoS6auKv0
+7d2qA+5CQHaEYUfa0t6qDqPPNx+3P+o1X5oZyKE6agRUQRevS4L8+UT/MF3O8ZoH
+rDxXUgmR5IeGY9wbz3ECAwEAAaOCAlkwggJVMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HwYDVR0jBBgwFoAUp6UGsSymCWDu0ZfpcK68Oxls2yEwdgYIKwYBBQUHAQEEajBo
+MEAGCCsGAQUFBzAChjRodHRwOi8vcGtpLmF0b3MubmV0L0Rvd25sb2FkL0F0b3NU
+cnVzdGVkUm9vdDIwMTEuY2VyMCQGCCsGAQUFBzABhhhodHRwOi8vcGtpLW9jc3Au
+YXRvcy5uZXQwRAYDVR0gBD0wOzA5BgsrBgEEAbAtBQEBATAqMCgGCCsGAQUFBwIB
+FhxodHRwOi8vcGtpLmF0b3MubmV0L0Rvd25sb2FkMB0GA1UdJQQWMBQGCCsGAQUF
+BwMCBggrBgEFBQcDATCCARAGA1UdHwSCAQcwggEDMIHAoHygeoZ4bGRhcDovL3Br
+aS1sZGFwLmF0b3MubmV0L2NuPUF0b3MlMjBUcnVzdGVkUm9vdCUyMDIwMTEsb3U9
+Q0Esb3U9QXRvcyUyMFRDLG89QXRvcyxkYz1hdG9zLGRjPW5ldD9jZXJ0aWZpY2F0
+ZVJldm9jYXRpb25MaXN0okCkPjA8MR4wHAYDVQQDDBVBdG9zIFRydXN0ZWRSb290
+IDIwMTExDTALBgNVBAoMBEF0b3MxCzAJBgNVBAYTAkRFMD6gPKA6hjhodHRwOi8v
+cGtpLWNybC5hdG9zLm5ldC9jcmwvQXRvc19UcnVzdGVkUm9vdF9DQV8yMDExLmNy
+bDAdBgNVHQ4EFgQU+2PNFiFqc99azvQrqf2qJv6rSaMwDgYDVR0PAQH/BAQDAgEG
+MA0GCSqGSIb3DQEBCwUAA4IBAQB0oStqRU0DSDKF79wtjcEZK6jchvZLhyVYX8i0
+8oUeDHGqGn8v2GMLnK97aeVNx1/7RcZbgay57WJ8SpuPHWRRiDL3Ec71HIGsc+N5
+VPkScYlkxHVamBWkicxrJ7oTgZkH6uDMNjXTXXzRgKS4luy2FYJMH18Yb5XdEJ3S
+QRU91Lq40p9Px4DcTkSccffJd3ZLWfbNpRF4PKIIo6VK9N023RThjVqe8BHpv+UC
+lfe5MOjZlfCmJAFl372i0ElNb9qf51ZVKakP29Va/zx45iUMDwKxjFVlZKS84ciC
+t9EwI6Fld/+formkXgesy8SlRSBTSZ9ljytlnL4EjXS9N9Wg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3TCCBMWgAwIBAgIQBxLie1GKhe7lMdhK2rbD/jANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwNDAxMTI1NjM3WhcNMjkwNDAxMTI1NjM3WjCBqzELMAkGA1UE
+BhMCVVMxKzApBgNVBAoTIkhld2xldHQgUGFja2FyZCBFbnRlcnByaXNlIENvbXBh
+bnkxNTAzBgNVBAsTLENsYXNzIDIgTWFuYWdlZCBQS0kgSW5kaXZpZHVhbCBTdWJz
+Y3JpYmVyIENBMTgwNgYDVQQDEy9IZXdsZXR0IFBhY2thcmQgRW50ZXJwcmlzZSBD
+b2xsYWJvcmF0aW9uIENBIEcyMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAKaiBWd16x714O2CIYxPoA36aOfV9+HMAOCKLPnpBOEIzYxIL/GIljicAbyA
+qBvN6znNVPJ5W9lRY22CeKTnr3sMAlyhLToUPqfszZ50gwaIIC3OQEDVJmu3HAzc
+QITF0gwdWsyqFKKQ1i80hrmiHRxd1TDGjSDYwopUx7Gb9MqvvPFEFFAS41FFaWja
+2xjDe1rXGrHFkd2DycewpO9mndr0mpCNfDWAEPBiT3vztvAso4SaiT2V0IG6Y+sd
+AjSkGk0QfACD9Vlfm24pm7ameu5Q+0cnkYGF8H6gf3z18DWnO5W36UtusFf6hN10
+WwFs1cZQrFXf+XNFIn/+OAOJVQ0CAwEAAaOCAkAwggI8MB0GA1UdDgQWBBQUmVKS
+CWHQ0ZQzESg+fK1zvcxOcTAfBgNVHSMEGDAWgBTOw0q5mVXyuNtgv6l+vVa1lzan
+1jAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwME
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAB
+hhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0
+dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5j
+cmwwOqA4oDaGNGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3Vy
+ZWRJRFJvb3RHMi5jcmwwgdMGA1UdIASByzCByDCBxQYJYIZIAYb9bAUCMIG3MCgG
+CCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEF
+BQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMg
+YWNjZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRl
+ZCBhdCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMCcGA1UdEQQgMB6k
+HDAaMRgwFgYDVQQDEw9EaWdpQ2VydFBLSS0zLTEwDQYJKoZIhvcNAQELBQADggEB
+AF9Z3q65dQV2bBTGZWt4bI31GyE0tSSar+VagEYAY3Ypw6rkYGrhmZe3QsKntpk5
+rKa4tIPWZGCPbkXHNgcaetlSARVT40JkRYnU4vGwxj83cJn7kEddVDwL5WQk+g+9
+6Flk7rHyJGnQOkwSVSBglxFpzGahMkq/bS2/jRo8FXvSNUPDQKz0nKlFjP/DDPlv
+rHzKKnj9tRZeieC1PTxxqzighHOGhzEv3F1WVPXOQVQofBLt1XLZ/uUHCtwl8V1n
+d+bYnmJmYy2Hp8MyQ/4Rm3RRzjULd1pfe1ZGQCL4ieGr/iGW7v3A2uoYFSmOXPd1
++fP89StbnOp/C7aXunRvZsg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHVTCCBT2gAwIBAgIUe3SFufBRSlUh5S05Ghqu25Ntj4wwDQYJKoZIhvcNAQEL
+BQAwajELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRl
+bjE7MDkGA1UEAwwyU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFNl
+cnZpY2VzIENBIC0gRzMwHhcNMTkwNDE2MDg0MDE2WhcNMjgxMTEyMDAwMDAwWjBx
+MQswCQYDVQQGEwJOTDERMA8GA1UECgwIS1BOIEIuVi4xFzAVBgNVBGEMDk5UUk5M
+LTI3MTI0NzAxMTYwNAYDVQQDDC1LUE4gQlYgUEtJb3ZlcmhlaWQgT3JnYW5pc2F0
+aWUgU2VydmVyIENBIC0gRzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC
+AQDNZfwvQT6bhd9JwjU5SOrZd0Fe3Fmcftf2KIGrbBgIjJZKkiRximQqWZtfwyzh
+by/Pyli8HAQVsXNPKHPqrJ/iv1YtTlDntuRk+w8IaZzWo0Rf4IO5VmrnjFUGkmvS
+QcTyCN1LdNBoHI185aa3Br7lGUltBv86Q+nlymHJmMKjC0y6C0+Xpt7SuWr0nO15
+wqiBZdUlFF05XcxXbTOG9UouVhlSKU9ujnkfNSKw7N3x4gqJNQ9C0W5O2zVO2jWy
+BaK20vnbN955FQM84O2prhMFQrCi3e6lVvtTamxlnzVOiVUpH+59Rh0PeOw8OwCn
+k8GLXwkvIrxPgi3MFIpVy30q52eGHwzEkvExTHkuTm4pUSKI3N8zypfKBkfPUCnF
+k6PluFkQZYvZSVWMNbLst6DOuStKSgsWtH3lQGz3qNgyLgtWjFBS6S7+lgb06On9
+SadJ7MgLTyvaPXGOieDwEq3BhjTnioNswPjIJCKjGad6EtnFaK+kG0wzE2v+gger
+4shh72Vj7GM4305UPBCEIlvmafyCHSD8r2lMBX1bqnbp2aw9ocdDbkCTzJ+N2Dkm
+KkAp87NFRsFXgfnqgOjG50owXLNaEsXhOwI3lBOCCz8FG7u0jD44k67lU8n3LvKh
+BenixXYylak9vulc1q13uICa04NbMKegL0uW7Wb2anw1+QIDAQABo4IB6jCCAeYw
+gZkGCCsGAQUFBwEBBIGMMIGJMEYGCCsGAQUFBzAChjpodHRwOi8vY2VydC5wa2lv
+dmVyaGVpZC5ubC9Eb21PcmdhbmlzYXRpZVNlcnZpY2VzQ0EtRzMuY2VyMD8GCCsG
+AQUFBzABhjNodHRwOi8vZG9tb3JnYW5pc2F0aWVzZXJ2aWNlc29jc3AtZzMucGtp
+b3ZlcmhlaWQubmwwHQYDVR0OBBYEFMOapntedCuCtsZy/XROhdKXzf0YMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUQ+tNANOVk86mfEANbRG+OdEyruIw
+JQYIKwYBBQUHAQMEGTAXMBUGCCsGAQUFBwsCMAkGBwQAi+xJAQIwQQYDVR0gBDow
+ODA2BgpghBABh2sBAgUGMCgwJgYIKwYBBQUHAgEWGmh0dHBzOi8vY3BzLnBraW92
+ZXJoZWlkLm5sMFEGA1UdHwRKMEgwRqBEoEKGQGh0dHA6Ly9jcmwucGtpb3Zlcmhl
+aWQubmwvRG9tT3JnYW5pc2F0aWVTZXJ2aWNlc0xhdGVzdENSTC1HMy5jcmwwDgYD
+VR0PAQH/BAQDAgEGMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDCQYIKwYB
+BQUHAwEwDQYJKoZIhvcNAQELBQADggIBALuwQ/7/bwHCXqLJS1ZACMmTm2GpkvQm
+plXC3HHpRV8DTQ4u/jMhtkSLzLsf6AcLGKTGQLrYv2lGBglFxtlZWTGOirTmWFyR
+OUbSSzkbSd5H8jvt/zswWffiSPRdMMncrc+yMMjD44lDfIytwZXrKYroI4ftYt5j
+aJ8wwMTOJTk9apzFajhIgGtMybXfmgVJDr9xPP53aMOjhHmlqlQ4yNdZTlNOO9LK
+KRxw+injitKp6jqoVSCL0TBvrbKu4pw0TqtK9NfaMwWGt55lZV8ZSWZaqNX97Umm
+xHqlqjvX7z0gE7s6wzvcgYyoR1Qo+2A60tLm4A1mr2mB9+aTnupdaGsBzCdkqKIR
+JcnEEeb+cffgKt0upfAAnqXAwkxTiG0NMjJp3RBkBFItOByy8ARduxiH6w7ZFHhs
+B8W1kL9/26hbYY1RTyAe86hfb6NuibTg16blnqNF/xCjVqCiTGXop1CQLBDlx4Hp
+wIrKEDvIGGBZRIzPqDI9I2KMlJEywa7k8Rm+HaILymBz5jU9NUD2CIBCCp94RqBr
+4XFcJnXvSIjfS0+2tIzljXImImIxxZkYLNiWElB6ytiHi0fKBvQ+cgDAOmbfLvhE
+Nankk8qgo22on1buVddUW7vYjA0qiXIQYr0N5mrJqbLGdrSCVceMgVOVSI/b1a31
+cVXLiGvOxK8W
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFLjCCBBagAwIBAgIQbmFmmHK8nDAAAAAAUdOTHjANBgkqhkiG9w0BAQsFADCB
+vjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT
+H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy
+MDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEyMDAG
+A1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIw
+HhcNMTkwNDE2MTUzNTUyWhcNMzAxMTE2MTYwNTUyWjCBtzELMAkGA1UEBhMCVVMx
+FjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVz
+dC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDE1IEVudHJ1c3QsIElu
+Yy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTErMCkGA1UEAxMiRW50cnVzdCBD
+bGFzcyAxIENsaWVudCBDQSAtIFNIQTI1NjCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANg5rV49ZcGTl2ll7xEbTkj+0DCPk7PNkUHNnrag3mMHLSC16pML
+EK2QemIymtQUJwZix8Z93FsSibagk+2T/eWFcXNDF4z+Ynz/cQ/3+fY5WHf+0jyM
+UFI19fr7FemmOLU8z4mjrt1R1Rmw+9LIt1nVLyYd+uwjDlNqNJl4vTMFtXwcDByv
+fTSoKcKa+EIck9mmfqLP4RhkC1GJrHuQ37Iau/XnpV8hQtRSK7zNAIQJPk9zShT5
+nJCsMpN9I5BTBJUp3k0e4GpzkzHk9ThKlaJsibDMyboFWjM7kreL4SRUrf110TD3
+D0/TxMd/V+/DTZFnk05C9RoavTtlngErUDcCAwEAAaOCASswggEnMA4GA1UdDwEB
+/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMC
+BggrBgEFBQcDBDA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0
+cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUF
+BzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAwBgNVHR8EKTAnMCWgI6Ahhh9o
+dHRwOi8vY3JsLmVudHJ1c3QubmV0L2cyY2EuY3JsMB0GA1UdDgQWBBTiSbnsJd63
+DN7lUBhbSMwMjhXypjAfBgNVHSMEGDAWgBRqciZ60B7vfec7aVHUbI2fkBJmqzAN
+BgkqhkiG9w0BAQsFAAOCAQEAVbmgsDea/OXEKYXMlHvkV6mmMlJlRKk1hv2vfFCX
+V+OL5AoM3Q//gp+KOsG0bp+wJNJHQkd6nxQNe/+UDkPAyzskeV9+2LcW8tuJUyyi
+noTZXN42qTPF0EBWiaizKtzF1xWIVpRZOFB8F2C3A0e18gN4WLmi+h1Pdofrhkgx
+HAXlfp165OBUYBHxr4pR33fvKMwY0lSjhei9fn7iTZGhVmLyeEIuuJ5Zlw7JOivX
++j+BU/IVwNgp+rUBgKgs/Lem5+5Y7WsQjCddCxPqJomQ31l7+D65L4FpzamRM0MP
+hNPR8BHOw41ff3xqlIS0dgCpI2BP+/K5cpmD7zn+25qUmA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFJzCCBA+gAwIBAgIRALPSJ9szCF4XAAAAAFHTkx8wDQYJKoZIhvcNAQELBQAw
+gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
+Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
+MjAwOSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw
+BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MB4XDTE5MDQxNjE1NDU0M1oXDTMwMTExNjE2MTU0M1owgbkxCzAJBgNVBAYTAlVT
+MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1
+c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxOCBFbnRydXN0LCBJ
+bmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxLTArBgNVBAMTJEVudHJ1c3Qg
+Q2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gVk1DMTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAOrOE7nPsgxnWadbz0f0D+btzyoxflXpbrILq358XJUn6MRq
+k1m9BmK35G7bf0myFreyx60Rxcj+SvNRsraMd6FUzDuOccfK3PzbUktMKPxMBFh7
+R4/ZSNBMTko2fn7jhRPdFW9k0N+sSKtHwhu0xw8qzGg8oFRJgJgpxZv1zzrny43E
+IuRiozQgg2J3ZzY4ova0s/BM/SLqdsGo+Jc68S7jsI6K7zKvw0FB3T6SWYxrBc1p
+GsYvlmbCrDs3AP0Jcuske1GlLzFUpUkrvx4na9i4t7XhxVcwz3AuMRbU4nHDIc0w
+tLG9Fm24xB31kSqybtpxEGC/oNybhCWjQDqYW58CAwEAAaOCASEwggEdMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMBMGA1UdJQQMMAoGCCsGAQUF
+BwMfMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3
+LmVudHJ1c3QubmV0L3JwYTAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0
+dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDAGA1UdHwQpMCcwJaAjoCGGH2h0dHA6Ly9j
+cmwuZW50cnVzdC5uZXQvZzJjYS5jcmwwHQYDVR0OBBYEFIu2OXbQNJCmP2LhZOo+
+vPR8RqFzMB8GA1UdIwQYMBaAFGpyJnrQHu995ztpUdRsjZ+QEmarMA0GCSqGSIb3
+DQEBCwUAA4IBAQBphKvXT6JDtmuQAhgH8nZ5Xo9LlymnCw5fiGpQJ13rsr2A2Jnl
+1Z8poTwskM71kIImRctlYs2Q52Sgvd0egxvcPELQSL7BMGPU42BijWCEvnD8GZvU
+/1x5pOg0F2SiEQ5ycmC9ADr2EskcbqMh2QMOOlNV4JfFjtUY1JCTviOWJ7O29wsE
+aVMiY6EdrsN1hjqmwaxfzTVikM5m+jgUKWqK3U+56outMWziOfxcpo+Ur67hTglc
+fTUKIRMTGhDMVFbwW5O2jINlBjGt5yAbhI/LnRwPvB99LFkISKX50c2NDEkOzEPp
+mDaPrsUl15evEah6amsBfpQiWRbKpDLKs1kF
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHZzCCBU+gAwIBAgIUdMrZyGVrP13Igm3fEdGqSGNOtzcwDQYJKoZIhvcNAQEL
+BQAwajELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRl
+bjE7MDkGA1UEAwwyU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFNl
+cnZpY2VzIENBIC0gRzMwHhcNMTkwNDE3MDgwNzQzWhcNMjgxMTEyMDAwMDAwWjCB
+gjELMAkGA1UEBhMCTkwxIDAeBgNVBAoMF1F1b1ZhZGlzIFRydXN0bGluayBCLlYu
+MRcwFQYDVQRhDA5OVFJOTC0zMDIzNzQ1OTE4MDYGA1UEAwwvUXVvVmFkaXMgUEtJ
+b3ZlcmhlaWQgT3JnYW5pc2F0aWUgU2VydmVyIENBIC0gRzMwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQCif59yx1tCrQUccIYzyvfDNVoASBFIeaftj+3n
+Gru7Uxv88hTN57qqNogGzIvQ7gX/nm450qQ1FK6yS41AZbXJeW/xwpxwvurF4Pat
+K02OEyGC4Gema4maPwXKKVr56KOBxO+fxDw1UzkxL5e3cYj9Qju1R4rj58I4/pyG
+sz087iBPiNPVBpR4edVj5M+NQZ4i2+242uyTyaZOwRftR58I/qKGBdhFb9J0RH8c
+T9ucRAsgzD+LK5h0dJ8F7j0z95lgh3addM0mjAMqlDyU3JfRJ7BblD3p9PulX/Pw
+wB/idRUpMKEc2ZV0J5kICLu/5UiS6nQJzrXkEGpXrLH5iwf3uPK0X/XFCW4Cs1vx
+HJ1zonw/rmVDRVYap0lK4Bw5vIbMYPfNATu02198knQpFV+PoUvQnx3gNCAADzM/
+LLryDrb5x1wIV9wx7nPktCnRu0MnhtafwwEyTioyP+v/5QryJDaiQR2FdR6eHXEy
+6mCoDDUKHoYfzkWpYRd0iQwrDNbx0mF/+mU4rvtqwJusv6IYFMftN8OVR6Ju7oVX
+FMa53fmcnBxiWtPN3FZQBWhctYKVtv31PQDRD/qa5TkkkvAAflc51VqsaJAq2hJQ
+UZw6vQVNyO3i41+63ZbOSNykBJEONkBfqBuxMFBDqCYS7f2v5bzgsGxt+XZLTlg+
+wzoV3QIDAQABo4IB6jCCAeYwgZkGCCsGAQUFBwEBBIGMMIGJMEYGCCsGAQUFBzAC
+hjpodHRwOi8vY2VydC5wa2lvdmVyaGVpZC5ubC9Eb21PcmdhbmlzYXRpZVNlcnZp
+Y2VzQ0EtRzMuY2VyMD8GCCsGAQUFBzABhjNodHRwOi8vZG9tb3JnYW5pc2F0aWVz
+ZXJ2aWNlc29jc3AtZzMucGtpb3ZlcmhlaWQubmwwHQYDVR0OBBYEFLfp0On/Zw7Z
+nAwHLpfUfkt5ePQgMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUQ+tN
+ANOVk86mfEANbRG+OdEyruIwJQYIKwYBBQUHAQMEGTAXMBUGCCsGAQUFBwsCMAkG
+BwQAi+xJAQIwQQYDVR0gBDowODA2BgpghBABh2sBAgUGMCgwJgYIKwYBBQUHAgEW
+Gmh0dHBzOi8vY3BzLnBraW92ZXJoZWlkLm5sMFEGA1UdHwRKMEgwRqBEoEKGQGh0
+dHA6Ly9jcmwucGtpb3ZlcmhlaWQubmwvRG9tT3JnYW5pc2F0aWVTZXJ2aWNlc0xh
+dGVzdENSTC1HMy5jcmwwDgYDVR0PAQH/BAQDAgEGMCcGA1UdJQQgMB4GCCsGAQUF
+BwMCBggrBgEFBQcDCQYIKwYBBQUHAwEwDQYJKoZIhvcNAQELBQADggIBAG15Bl65
+SEHVk3Y6/Yy4hTpcUkBaIr42+cGNuhmXsdT1pjNpcMwQO/VwCnnMP/WGlXKpc6v+
+ODH5cbxDXjc9lceZg04kYjq1bWdsz9SyGPWrtlOUtA/F+uA7nBRywgRNv0SZeQKk
+gDF66SocHTIzVz+qBxFwjjkIx2JMBiHQI+F+ttnohidsrOM52vwjkWw6M1yAcero
+Ke8XpKrmu2MUjwfU0jpM6oueToA9keNCya4dKOZuRpKArImqAKJ/VPaSKgjvDHV8
+5dUmFjLjQ/vt7JEUxju8bnSsXqjLljIo1ieZNvynj4syu7tui9V//CkBhi0Pb3xs
+RVJ22fOy7rubq1EDG+vyRwilsfIkiWepgbfrH5r8WAahaXXfLPPF7H8oGnPBLixu
+LpDXqXmGNuRMSat1aB8XpxaemVD5N6JGyFUB++ixhw/zDGSEzC8ZmcSUQBfdEehs
+8oZs0/pZm716whoSOs8DIG2JTEnxv+ATSbhOFS37mXK5gMBIPqkeHx6eRx2yesCX
+dY6dfhWiKddMdbA9ubeMhEQLAIwxQarJJ/8C9J3pFmqdK8laGZ69V0aFTf7uAtvK
+LuSTRdw9ZyiWb+7Fh48r6e6MZMLUNNAXDtEfvLm4rDNjP+zfgsLb7kDUtKhx+F9v
+XBdHmxsrwN8L8sCqpWv8rZDtb0Rm5t5MSt+P
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHZjCCBU6gAwIBAgIUVVo/86zdtyOCeYoMPDTgJPNILkgwDQYJKoZIhvcNAQEL
+BQAwajELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRl
+bjE7MDkGA1UEAwwyU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFNl
+cnZpY2VzIENBIC0gRzMwHhcNMTkwNDE3MDgyNDAwWhcNMjgxMTEyMDAwMDAwWjCB
+gTELMAkGA1UEBhMCTkwxGTAXBgNVBAoMEERpZ2lkZW50aXR5IEIuVi4xFzAVBgNV
+BGEMDk5UUk5MLTI3MzIyNjMxMT4wPAYDVQQDDDVEaWdpZGVudGl0eSBCViBQS0lv
+dmVyaGVpZCBPcmdhbmlzYXRpZSBTZXJ2ZXIgQ0EgLSBHMzCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAL+smIBJEbwtr7PT83fssJvDlLaYAOYxrIqTL1le
+DVliLiIJFCfFWwC1V5UiGFHckvIFir7bH7zcb8fmfRozrZriAoqWXns2NbNyBLol
+Vml4R59aI5ojkPFwI/rrQiwuyRlfx8TRJnUsLCyyT6IZgfjCNjbdzLy6WyQdsnle
+iLNu+LiMFxOa9yVELXK5uPx5yThzUfDN4yCadY+s0c76x+I9yp/aiIHoy585l3IG
+5DsRbwEL6LotGUR8fYR3ibu0Cw1nRp+FaCekeuRX/WYkQG8kAtP9z8600km8lT9o
++i6rER0FffhXUxB7VkufhO1oj2HXPW11pubU9mWjCaQa4UTHTElv2fdUu4vPnpQB
+EYlxbV8c20oruytBqlOpu8n4muuC+LQO/La4Jg7l/rukk5Z0e50FhX+9QNQD46m2
+QSRiEEWyYAejdCZSfmEBpi6zJMH10luhiLBd7yOu1x3bkpqvAHCfwrAaawBV5LrL
+/ul20zRmxwbMMw+146iNw1iEgr3u1CcGGDbovTbM2gXUnadRfQeWmQixXEdFMhcN
+vOYmSlSkE+4DJKLkHj5DwUsATiECflOyTQlQVCo3KCiQUQ01DWo296ic2vnk58ot
+/jx1vFVvNskBGjezjo2c+q0YzGkO2qip+HF3Kare8DFKtPEiNqdjKEPOc2oVl3CD
+/Is5AgMBAAGjggHqMIIB5jCBmQYIKwYBBQUHAQEEgYwwgYkwRgYIKwYBBQUHMAKG
+Omh0dHA6Ly9jZXJ0LnBraW92ZXJoZWlkLm5sL0RvbU9yZ2FuaXNhdGllU2Vydmlj
+ZXNDQS1HMy5jZXIwPwYIKwYBBQUHMAGGM2h0dHA6Ly9kb21vcmdhbmlzYXRpZXNl
+cnZpY2Vzb2NzcC1nMy5wa2lvdmVyaGVpZC5ubDAdBgNVHQ4EFgQUFNpISXBRtDQS
+eOaKwBV72Br3H+owEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRD600A
+05WTzqZ8QA1tEb450TKu4jAlBggrBgEFBQcBAwQZMBcwFQYIKwYBBQUHCwIwCQYH
+BACL7EkBAjBBBgNVHSAEOjA4MDYGCmCEEAGHawECBQYwKDAmBggrBgEFBQcCARYa
+aHR0cHM6Ly9jcHMucGtpb3ZlcmhlaWQubmwwUQYDVR0fBEowSDBGoESgQoZAaHR0
+cDovL2NybC5wa2lvdmVyaGVpZC5ubC9Eb21PcmdhbmlzYXRpZVNlcnZpY2VzTGF0
+ZXN0Q1JMLUczLmNybDAOBgNVHQ8BAf8EBAMCAQYwJwYDVR0lBCAwHgYIKwYBBQUH
+AwIGCCsGAQUFBwMJBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAgEAnR7uLrmc
+EtVWGnKUmae2MaJP74/HFSdk1Xlh3srLCUJOrvdsR0xRR96mgITrUUMRz3Dg3+z+
++HD18qCGsIfhhYVcV/b+RtuAvioO5dBGTugQm17Cj4dZr9h91/+JJfxk/h7TTG5t
+nmk2D0YWFMd2VL26Q9cZOe+kX/chrpkoA6g9nEPlJ06ZmqxhkJee6b/Oi5FIzIff
+BSb1rJi+9Kr0HoeDFqIVPDnqNhlezSAFnaf05mRokaAbgw8fXNw4J4l9s05fXpLs
+1/F6PWFyzr0mlSWlnh7El+fl7PUo1DPdJ1Dg2DryxE0a6JLgmJJbEcMdNwvpugOP
+ZZazKX+CHs4uNmHmfT+G26bfijg4AwARd6fMHIaccEqoyssMvJfOGYNzgk3UXTKL
+MsGO1hz4G19UBox2tDg7cy+9O1kqekY3pwfBkYXXXmcZhKqAR0O633IgspcGj/yW
+EkdLXsGNA2Q93gDehPAvIUDJsyd+CR+MxsF0VBtPKLFvOQd1NhYidVe20gHrFQOL
+GeBeq1SzkIFgVbEHda3bRosgezxPA4TniR8GI5fQG1Gfyj/nPFNW7+6uFqHMwQol
+xeeDbOTbbZUZfco/ztC4nC18MeNRemMnUyLdWXDcRtFEAI0eYpSzgxFRRaLEwjEe
+2Dm+mylLYugMreMmQq5rDfIxHSTqlD5Gt4g=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHVDCCBTygAwIBAgIUTCAvTLEaU7ToLOG4iPY+q8IbmI8wDQYJKoZIhvcNAQEL
+BQAwaTELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRl
+bjE6MDgGA1UEAwwxU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFBl
+cnNvb24gQ0EgLSBHMzAeFw0xOTA0MTcwODQyMDRaFw0yODExMTIwMDAwMDBaMIGC
+MQswCQYDVQQGEwJOTDEZMBcGA1UECgwQRGlnaWRlbnRpdHkgQi5WLjEXMBUGA1UE
+YQwOTlRSTkwtMjczMjI2MzExPzA9BgNVBAMMNkRpZ2lkZW50aXR5IEJWIFBLSW92
+ZXJoZWlkIE9yZ2FuaXNhdGllIFBlcnNvb24gQ0EgLSBHMzCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAL/MtUDP+XQNHP9/3GDw2B0iFojRaaEHGHi1bpyX
+i5dsElWMEBZ6XJKY93YaRcslKlEpeQJ4pPo78Zl+rY8Spp2Ox5bXewrLa/85Wmda
+HnrfG1hxCkyR0LM03Ayo3xo0eVu6TZp1cQLnUXb4rH+8qfzdz52EhbUUJdI7lEoV
+O4xLC3ydmzFtRmAsSb37xT/vTR3vs7IFlRxFBFwjQTtc1D6PBTijf8mv8aGqtMrj
+WqU7thdh1e19kxXFlsl9VkWVpGmfDdGsr35huXPPMS2rrGKWdtIgKDmintYcVPyG
+wsr9OL2Xxk4w5rFrE+YooOj2rqmwl5pT+InAjbZuuCpd6zxg/XqI1n+GFXtQvPP9
+CAs/CaeghW+BQeXiMTnzOByUFsbk2Rpr8emw47fAsufxqisXE2bQnpVv+oEvUhZi
+2eQPA6rTizcdINICZpC8i+mWmvhnKB8uhcSIhB1tbB3jKPYW3z+QCV1trNAMIRO8
+MiHyWjkyDRnS5O6GyuLU1wOjhCklqDyI4pXW1Mpf+rbFaQieIfcvoBZNOCD3aQJj
+g+/cOHLS/tbfUEu9nlwag1gUmG6fQNJvj6FMcWU1KkcC8EgfGRHYZTeFhx1Qp/bN
+Ncw9t91XPVDaqWdi13ohrPg/7qlSpMu61veUFUsWiymb8Qse4drr0bfx8RH/dpFu
+Z/n/AgMBAAGjggHYMIIB1DBVBggrBgEFBQcBAQRJMEcwRQYIKwYBBQUHMAKGOWh0
+dHA6Ly9jZXJ0LnBraW92ZXJoZWlkLm5sL0RvbU9yZ2FuaXNhdGllUGVyc29vbkNB
+LUczLmNlcjAdBgNVHQ4EFgQUZG1d46hMpTbuJjYv9VdUT7hSff8wEgYDVR0TAQH/
+BAgwBgEB/wIBADAfBgNVHSMEGDAWgBTurG1A6tUEaocsVXv1Py3a7tus4jAlBggr
+BgEFBQcBAwQZMBcwFQYIKwYBBQUHCwIwCQYHBACL7EkBAjBdBgNVHSAEVjBUMAwG
+CmCEEAGHawECBQEwNgYKYIQQAYdrAQIFAjAoMCYGCCsGAQUFBwIBFhpodHRwczov
+L2Nwcy5wa2lvdmVyaGVpZC5ubDAMBgpghBABh2sBAgUDMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwucGtpb3ZlcmhlaWQubmwvRG9tT3JnYW5pc2F0aWVQZXJz
+b29uTGF0ZXN0Q1JMLUczLmNybDAOBgNVHQ8BAf8EBAMCAQYwPwYDVR0lBDgwNgYI
+KwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMBgorBgEEAYI3CgMEBggrBgEF
+BQcDCTANBgkqhkiG9w0BAQsFAAOCAgEAPihRUdJik1NSvghFQT3PWGumPGO+/Yjd
+gQ+AkdZgDd/PB/NuJD6K0tNIJ+siKf1RuFnniZIx9hM6W7YrbamCi/MRLh5Ikpig
+00wm3M0l9WwCr9UFeIv1wi1kR7HEEg7h7ltkZnH0ueigBse5QhVxUhQLZHd6WsUJ
+oHE1MPxCkX59VKsagx0yRwOWhV83OJfZHCrx9rnMO74mdfpwfjZ96CzJIyjWlumd
++HUMxI+FsceM1f6SZ3XYLEfmNu3SM6zMF2bsSYsnH7X3o1L8gdyRHYZa3vJ6/EzV
+Et4fHO7K+qZhtX+O8/n0bV18QtjZchLhiCKiGK2NjHGSL55dLLzFlNM7OnViw7v5
++9hCORZBCeKwVsuJxYIMM1hXARyiSJmrJWlzYBQ3/e1Z52Ev2QzI0YeTlTgqzK8Y
+ydGPmOufdIDZhdM76hw2xo+4qeNirh47O1Op4Lt/wfJxkf00Czu+xWluFnYfpuoL
+ldHRYYRFFb3JYkerG+wDzcVyd/582OYUTo86O0XqzRYkrcL3jqYgMDCk/ynHePiq
+PToBvYEjFt68rGNFTvhNdFeQk3D0fyQqulW6ANLwyvpmN3ghfjjCKZIPYUv4nOKi
+FPj+UNisBIvRvgzfcc8thGKZVdMtrQNGNtdCXeT50p89Q97SrslO6SigoL11oXRG
+Uh4MClcBULE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHIjCCBQqgAwIBAgIUd5bVXiltAcz1DO2zcHsN2EJpVTUwDQYJKoZIhvcNAQEL
+BQAwXDELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRl
+bjEtMCsGA1UEAwwkU3RhYXQgZGVyIE5lZGVybGFuZGVuIEJ1cmdlciBDQSAtIEcz
+MB4XDTE5MDQxNzA5NDY0M1oXDTI4MTExMjAwMDAwMFowdjELMAkGA1UEBhMCTkwx
+GzAZBgNVBAoMEkNsZXZlcmJhc2UgSUQgQi5WLjEXMBUGA1UEYQwOTlRSTkwtNjc0
+MTk5MjUxMTAvBgNVBAMMKENsZXZlcmJhc2UgSUQgUEtJb3ZlcmhlaWQgQnVyZ2Vy
+IENBIC0gRzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC1eMhxwuN0
+wuOHZ4BKXo/1Jar/1cepiIFcOYt1Gs5s5KLyUDnM+dYABhUz0WIf7vauVvPcjxs8
+Nd++Zimfg7siGwu+1bImvRYGpIs2iFtGomnQK2n/mN3Wiuzwbc9KqVOBvkQPC7X/
+TaNrKzmIJetBsbQtmILsCgv91vObjRoQZlKul250jZiAaWAuycC4FcPYDd0tTk1y
+Ux0q/1+uR1fNBVMRa9TeR+uovy2XHZmrxND0M1w4KZ2EoaTT/XP6bNxK9K3907LP
+ytkdUQ8zCyOV6/mJYLyoytLPTT4lUqtpY/ij7yvEN0DtQmeukmVSuwnaVLYPHETD
+KlpzbfZXy+Y1PT1xzz99Yi0LiX49uUZj+G3t9SrocL3NJIca2KoYxLM7JQOaqEkZ
+eTWwD3ieHMp6OvEkj4w+7qUN0hTZ7zzkW6mSdO8gKRmSOfCvyC+0N3vGQcSgrgS8
+rOB+FuoLgqMWmrswZhxCxi3f+Vjt7u5kcjb/RTkpJf4RkBKMVeEB52EaBZcpUOhn
+IkeO8XZh+sywZV2bWsc3mpuXAnk7fkg+UQLzXjLycQIpRWvj/M0PYMxenBWf7NAY
+CMsFkBsoz9QVguxAjFHONpue0Z9y+/8/Phtnb9w8XB9mEiemeS5wqorCViKfV999
+I3AgVZHxenrebsFs6cmZPEuSvEWfIhkytwIDAQABo4IBwDCCAbwwSQYIKwYBBQUH
+AQEEPTA7MDkGCCsGAQUFBzAChi1odHRwOi8vY2VydC5wa2lvdmVyaGVpZC5ubC9E
+b21CdXJnZXJDQS1HMy5jZXIwHQYDVR0OBBYEFPGOaY4+TmFUGs7WkpTSgoV9+rlA
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU/2h1Qn36b8dakzifNUTQ
+qi0AsokwJQYIKwYBBQUHAQMEGTAXMBUGCCsGAQUFBwsCMAkGBwQAi+xJAQIwXQYD
+VR0gBFYwVDAMBgpghBABh2sBAgMBMAwGCmCEEAGHawECAwIwNgYKYIQQAYdrAQID
+AzAoMCYGCCsGAQUFBwIBFhpodHRwczovL2Nwcy5wa2lvdmVyaGVpZC5ubDBEBgNV
+HR8EPTA7MDmgN6A1hjNodHRwOi8vY3JsLnBraW92ZXJoZWlkLm5sL0RvbUJ1cmdl
+ckxhdGVzdENSTC1HMy5jcmwwDgYDVR0PAQH/BAQDAgEGMD8GA1UdJQQ4MDYGCCsG
+AQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDAYKKwYBBAGCNwoDBAYIKwYBBQUH
+AwkwDQYJKoZIhvcNAQELBQADggIBAAft+b1uQd1yGQPJrrWR4zbjoxlepwFVmHW4
+4QAjdxQgCBnByobANcqfHszNA15tEduznUXkHlgUUV9hT2LUkz/ozsuaJB4x9635
+pjq0d2hlE7PwU0JW8EFqsc7nqdQXIJ2SYqRSzxbJ851XwSwX+wG+/od6uVxdW1pa
+qk+WX6xKQzpM2bQpR6WudxBBOb0AO257mVB52+on/rIGS06GqwGEg6ltQW57t8fk
+MG6eG5RpRKTd4ild0Y1fnYcqg8ORLKUNVDZk8A0Jt2NmqFeB+02wXFxNnaRaXHMz
+b5J+LrVxJ/p/x+2lFmPdNaxK9cnpZfDlBToYlpojej1KXmR/d6ghW1OFJHLhTW4h
+guSOiAGOM4AeQEMVOhVJdqPyw2FLLqB2YCaffObG5WCG3xcgHxj+7Aibii3AMyVT
+hP08Ssqm4hlG+Z2MD731wNaIV/7d0hLqq6zX7SgsrR1QWc5vz2LFX8qP9tPDaotq
+ugj6r5WPChUHoCHcu6vK8eiC+ZTOmWhXJT1YsBYEH1/7OMhb3azuprdqQpLkuTxM
+zqN2xQc8dUnSjjnfTVF4h/+w0Mz3ALhnOUUawLeS39OMmcI7dsjEDT4VsRoRqUmf
+T4ghnrWHIXhSJv7CKTf6GwAOj23yY3fjhstx+pHyy54p4dq3hLUPPKH5dzv2u4w7
+fH+M9yjW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIEjCCBfqgAwIBAgIQQAFqLJVqNXYKqgYC2wj8GzANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
+VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTkwNDE3MTgzNTUwWhcNMjcw
+NDE3MTgzNTUwWjBIMQswCQYDVQQGEwJVUzETMBEGA1UEChMKSElEIEdsb2JhbDEk
+MCIGA1UEAxMbVHJ1c3RJRCBISUQgRW50ZXJwcmlzZSBDQSAxMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAoEyKBz3/fM/JAX9I1QNhOtPQkzBdiQr/12dX
+vupJ+j7J2UfdfpiPVu9u0w//clPwSBtLAgNqevtXrgS9LXPFBIY0QZLiyY7B4q/v
+9h0SeE4N5hggOO9a0PsV3kHAlBdPWmO9McVEq8PGIU7fXTKDCsMGK0RYAHVYQtox
+u2PY33UM55IQJYq6EQeqXZVucVg9MhAGZnoXiBYZDw4ttIX3q4GTGkA0mrY5JDfE
+K1hdj2AFrne6MO/dGRyc48zJvDBC/l4Aaj4ltBS1+XDT6kF2C9GesZXVdLJvQEHo
+jlVKyJ5/cmkeDZrmzsHd4dxAkZxRpio82GxMRUTf54VsPuReBJfE0rakweNV1Ouo
+ULlZ4EhrAUKeN8uQEPoCkTifDedrVbu3Bh0tAQufdqGw7agvp/ycIWnOzNMtWhC2
+vd/OEPDnbfTBrrLQNcbVQnDCwnRWNoMOSCGWjAej6RPhCyJ77N0X+4FXP8Xbq7ap
+op70bf/JzcdF5zJFyGIJH1DaK6o7jrmhf7PE15Hl7mapxWTARVO0449XiJMvUqVs
+2GuWm6+U5jHHZE7/0Q/U1c6c0GeHLZrpesugZFQSLQ1RCukym/GwDxWHdemgKE6Q
+url4/CZEjePXbc7MsaVu7/pKyOrL16qnKIu5EArWZa2Z37Bvfba2k6nrLjN7NkR5
+5IOFzbECAwEAAaOCAvQwggLwMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/
+BAQDAgGGMIGKBggrBgEFBQcBAQR+MHwwMQYIKwYBBQUHMAGGJWh0dHA6Ly90cnVz
+dGlkY2Fhcy5vY3NwLmlkZW50cnVzdC5jb20wRwYIKwYBBQUHMAKGO2h0dHA6Ly92
+YWxpZGF0aW9uLmlkZW50cnVzdC5jb20vcm9vdHMvY29tbWVyY2lhbHJvb3RjYTEu
+cDdjMB8GA1UdIwQYMBaAFO1EGcDT8AaL7qR7vkLnJlTIjjZ2MIIBWAYDVR0gBIIB
+TzCCAUswDQYLYIZIAYb5LwAGCgIwDQYLYIZIAYb5LwAGCmQwDQYLYIZIAYb5LwAG
+CwEwggEaBgtghkgBhvkvAAYLAjCCAQkwSgYIKwYBBQUHAgEWPmh0dHBzOi8vc2Vj
+dXJlLmlkZW50cnVzdC5jb20vY2VydGlmaWNhdGVzL3BvbGljeS90cy9pbmRleC5o
+dG1sMIG6BggrBgEFBQcCAjCBrQyBqlRoaXMgVHJ1c3RJRCBDZXJ0aWZpY2F0ZSBo
+YXMgYmVlbiBpc3N1ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIElkZW5UcnVzdCdzIFRy
+dXN0SUQgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vc2VjdXJl
+LmlkZW50cnVzdC5jb20vY2VydGlmaWNhdGVzL3BvbGljeS90cy9pbmRleC5odG1s
+MEoGA1UdHwRDMEEwP6A9oDuGOWh0dHA6Ly92YWxpZGF0aW9uLmlkZW50cnVzdC5j
+b20vY3JsL2NvbW1lcmNpYWxyb290Y2ExLmNybDAdBgNVHQ4EFgQUKCJY7wV5HKmj
+63uoQ3BQn9AXq4MwVQYDVR0lBE4wTAYKKwYBBAGCNwoDBAYKKwYBBAGCNwoDDAYK
+KwYBBAGCNxQCAgYIKwYBBQUHAwIGCCsGAQUFBwMEBghghkgBZQMGCAYIYIZIAWUD
+CAcwDQYJKoZIhvcNAQELBQADggIBAEKl3MRGwB6NB9GlpzBmT9EP8ekOKWkhVLGA
+8Tqwk/zOaFQbbht9Ss6IXivM9Dc7/86RIAmZkSM1fQra/cqYnccipeCkl6NK2Csq
+8lbQcXK3FdyLOqRlXEf9Ku1Ge7UonDp3fVOgM/4tc3ROtlv+VJ+b3MmztqmZcXXv
+bLn5u3Kp9dF0h2+e9946aH3zZzCs9OH9TynVYpKOYydQ0ZxCSipbSVKB2Ol3Bm1h
+th/amLwk9Ecx4ZD+eJpiXsqRo/bSncETssu9OU48Ol/Ot7uUGPlsPM9A/9AMeceo
+QnOBxEmlQlrExaQ6+mgmkPDdSI952T2azDyjDf9NrqYJoTvtWwJIAL0hrJcCiYtr
++Ep/koXntyNe7c/D6IZLQacgXMToO6svWAprVFZZz88JPXe3zNjZphuTUMQq2/tj
+73rZnUIyhNDmElZD+lD8kmesDhTuIe5BPYALvAm6MjTU8SUlFm/HgVrkOTwS9hhM
+AOxnM341ontR+Lx4h/u60Fxbsm7Y5QC6Nnz+nTjw84zH4o/3jd06E4nuTHOWQiJL
+NUXjnhtfchXCjVtSYs1kKgXjnXnWDCbmeZ+fS2kSbHX6JEt0dGLD5RTjWArvwsqH
+gxIadfw/UNdXqCzJTHaDSrGdZAQzbGB5dHtBl911GamQy5ynyfBRLPO98gtUOsZ1
+hWmgZv15
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHNjCCBR6gAwIBAgIUJO8e7W/0SPlK0tGWvdPRZNzK+JswDQYJKoZIhvcNAQEL
+BQAwaTELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRl
+bjE6MDgGA1UEAwwxU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFBl
+cnNvb24gQ0EgLSBHMzAeFw0xOTA0MTgwODE1MTRaFw0yODExMTIwMDAwMDBaMGUx
+CzAJBgNVBAYTAk5MMQ0wCwYDVQQKDARDSUJHMRcwFQYDVQRhDA5OVFJOTC01MDAw
+MDUzNTEuMCwGA1UEAwwlVVpJLXJlZ2lzdGVyIE1lZGV3ZXJrZXIgb3AgbmFhbSBD
+QSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANEmRf9a6VvvUfEd
+Qycq0IJzCoixl2o/BK5t4BsQfe/Gk3EMUFPoTI6MStZ0JtdE/D/90GMkX6BduLC5
++eHGuYhCPQE06vKLtxjwRg/n9s24nTRwgE0bcsyDaIQvK0CC8Mm+CY6uQXAIFr1S
+/Djm+RCl5AxJdUKOQyfCYO6mTtxRR+3/7rllCBCr1HehIASROlFE+C8SSSJd/tBI
+no6oRfS48KuekzIWy9uuUD7VyE/xLmOG40dEZLDi7jFE06VYny1MYxGzlpnllgYJ
+CvqpUpEJLZi+Zj+4PfiXLIBCkyOJXX310N9Db+Zy5knYQyD/6X5U3poxuudHeHbB
+QJQUW1IzwnjBTKWfAO2TdXhmGAse4Cjmqw5HJBmflh0k6kJ96j+FurnFCyXLfEDL
+vDSaghtOBQeDG3yrW1mgu2Ts7aFmDUZ2SesdhdJ3HYGlKXiSbLl3Q/qBji6TXa84
+disSpnnLQBWJ8URqcD6P6oQfav8wmKxnmxObGQYVP/OPlpowoBJ0hw5e45nT4B2J
+KY+4ObW2Iu673MToOi/2jftxSixKf2ALOGLS/DWtcove9eMztdsDl1G0cNSm2JO0
+ui+HmDp1BFgY2EdIHlJBdhATMiXLSz61RBVd4M0J8dovRXi8qvt3LyQ2F9UkaOhc
+kSFNAz9KvsC9LSTDAVFitjUPmXyfAgMBAAGjggHYMIIB1DBVBggrBgEFBQcBAQRJ
+MEcwRQYIKwYBBQUHMAKGOWh0dHA6Ly9jZXJ0LnBraW92ZXJoZWlkLm5sL0RvbU9y
+Z2FuaXNhdGllUGVyc29vbkNBLUczLmNlcjAdBgNVHQ4EFgQUoNJNB+c0pkpaSwmr
+1Fgb7UkbgdQwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBTurG1A6tUE
+aocsVXv1Py3a7tus4jAlBggrBgEFBQcBAwQZMBcwFQYIKwYBBQUHCwIwCQYHBACL
+7EkBAjBdBgNVHSAEVjBUMAwGCmCEEAGHawECBQEwNgYKYIQQAYdrAQIFAjAoMCYG
+CCsGAQUFBwIBFhpodHRwczovL2Nwcy5wa2lvdmVyaGVpZC5ubDAMBgpghBABh2sB
+AgUDMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwucGtpb3ZlcmhlaWQubmwv
+RG9tT3JnYW5pc2F0aWVQZXJzb29uTGF0ZXN0Q1JMLUczLmNybDAOBgNVHQ8BAf8E
+BAMCAQYwPwYDVR0lBDgwNgYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMM
+BgorBgEEAYI3CgMEBggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAgEACzsRK/Ux
+cqxyVFA/k3i9N9bssx9O+1ocQmRzZqBKftPXK20d21ceWArgFtM2I5cn0tiouU3V
+OVRFrQSIPvcyKdA9nENXKis3ZzUSvJNzTzgulqbT1Bs2sd3Ilfuv5nIERG0kn3ca
+RoZdMgS6fM9ewngFsnrCgCTeppnbNgNP88kBo7orRrtz12fbfy7Wz3ZyY52Z4A99
+FFJoung4iYWU4LflMHXKHLnLZaz3s7RXAARH1qH7Pl+DPYAaYzbtOs8jtQd4fw9l
+3l+YrI1UlAYR/gFG4+mPM9C+Ehg1kYYwcLiM9wgsafUzBifqkBO+4ArtWla+QWcB
+koK35JKWGuNi9io792CCGfwerjPLDhePK4wi2OaDqsi/SbRDqwwyBGrAbr4XWBY2
+0B1ftfXZONGoNk3+BcxEto/DepG5XHnaKMPMsp2I+654rPa6xeHK8RBaH5vlgYqL
+h72LPte1yd5zdTgvJgli+El0YK7A6o3HHB7tt++ZeuF7k/eRXumOs4AKHrnkwBci
+ojyL/Nhr4oaW9QFWBveqKPrRhugH2AhTEvEbjzYVEpo6JmIO6AZZ5xI5z/q6DLx4
+Cb5954sbjfc8GetO2+dppRa8hlhFLchO/AOdOb2FyWcbDZ73vrbT6SOF/CTLa2m8
+/DIr5TNOSqSBJu69R+13rvJiQCzk+pzoWBk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHMDCCBRigAwIBAgIUYbb9nTP+qnDwLif7mLdvgoK6QSgwDQYJKoZIhvcNAQEL
+BQAwaTELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRl
+bjE6MDgGA1UEAwwxU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFBl
+cnNvb24gQ0EgLSBHMzAeFw0xOTA0MTgwODMzNTNaFw0yODExMTIwMDAwMDBaMF8x
+CzAJBgNVBAYTAk5MMQ0wCwYDVQQKDARDSUJHMRcwFQYDVQRhDA5OVFJOTC01MDAw
+MDUzNTEoMCYGA1UEAwwfVVpJLXJlZ2lzdGVyIFpvcmd2ZXJsZW5lciBDQSBHMzCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANOTYjTlxWK4W34n65zmWrFl
+i9i13cE1lXd7oLUQhydE7Y+zZOe2KfXPMq4pGJfa0/EELppt4Flny7GBTnc/N+E5
+zcHV8Rawhi8qmoHSm+LY3J6cJzKWGYKnezV8CIOD3x7DxNBV3BxkyegXF+gwgdAk
+FeAO/1ddVTXq0BjWQvEOkfJuQ3Vo7bsG5+YmyBBjXroHN2xLGWtdWZJIjem7OvC6
+kYMJkdtz/AsfLFFqC4KoKYysSZ1VD3IxSjulc878vDpAuQZRLBTUyQL+blMggFDw
+WZp6MUsHFUaNeWWW0pNfS9VTfmBYdSUxEwRCewUm0EFBrKUxnSORkD18q5MhdVt7
+tB33zvw/SlQYpF8QZp/TR4uXc4EobYiRz912URkTmcD1v7cETFOHiSQyGrh9BU3r
+agEdzBh6CGQarLcLFhA9XOSxkN2xF8R9jBPdxIHDJBMv941XqK6wfrKn73WNAfSH
+o7pniPn242lmivqelTBiSCicr68jYkHmTpSYWPoXCW6LMHM+cJKwSv86uzuFuIMj
+SkeVuyiiNB4nlvKW3EqgE1gxolOxQE8aglzpENXYgGSnyl4kSp80kpiiUakDH0dY
+LnbhMGL8vhr07ze9mU1H7vgpumBP/j+0idWURA9BpVNfuDZ1AenirsOuiYHcxfGp
+OZ/XnWndAi7YkQuN4tR/AgMBAAGjggHYMIIB1DBVBggrBgEFBQcBAQRJMEcwRQYI
+KwYBBQUHMAKGOWh0dHA6Ly9jZXJ0LnBraW92ZXJoZWlkLm5sL0RvbU9yZ2FuaXNh
+dGllUGVyc29vbkNBLUczLmNlcjAdBgNVHQ4EFgQUxPx31QhImBKHt/ZRE8XLrvs1
+g0owEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBTurG1A6tUEaocsVXv1
+Py3a7tus4jAlBggrBgEFBQcBAwQZMBcwFQYIKwYBBQUHCwIwCQYHBACL7EkBAjBd
+BgNVHSAEVjBUMAwGCmCEEAGHawECBQEwNgYKYIQQAYdrAQIFAjAoMCYGCCsGAQUF
+BwIBFhpodHRwczovL2Nwcy5wa2lvdmVyaGVpZC5ubDAMBgpghBABh2sBAgUDMFAG
+A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwucGtpb3ZlcmhlaWQubmwvRG9tT3Jn
+YW5pc2F0aWVQZXJzb29uTGF0ZXN0Q1JMLUczLmNybDAOBgNVHQ8BAf8EBAMCAQYw
+PwYDVR0lBDgwNgYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMBgorBgEE
+AYI3CgMEBggrBgEFBQcDCTANBgkqhkiG9w0BAQsFAAOCAgEArJGT+jDqhDCBTp82
+1oDcEc8PNptFJ/XzSfShTX51jVC5x8+W4I6h9tDnIYNoZOIoY0hOmnJnCvgJ9RCo
+vp+jDxJ5DGzOD4eXw1OUHiIVPKFlsm0aNN3maXi3RaAWCQ7ajF/X3PQAV50BHAXH
+deJYeYJNPcVWdec2hY0QPn6x6IYaGbu0MrhVtsnpFuk9FaOs/gRWW65dpMRqrw0e
+XmggE5hdueY7IqbrE5j+RP8YrdoUQO8J5DdgD8vvICz6k96x6Z0Mja+X+2z2kkdp
++zcwesnKExOxqBwrNO3N5CY7QCM0XZ26PXGmhUqtMUfA1qnWEOXSRzsa2SOMwfS4
+vgJxyuVZgxhpJPaofLLkfiSTSw46fVYwPEljGuAHo1gYjaMsy19V0lcCOCiD9yRq
+5k/ZU/X8PY407Zv5vT0/7ODSmULeyzW9MROF2IVI2XpDNuPx/95DypgHjjAp1834
+p89ONzwjNJdrR73WdR/SfKQLfXjRtfJMyEniEc7ackPyy1EdeXvPhAq6sBte6pGd
+UrRJbPSSDEtlsYVh53CQQinxZPMKHYNKYjQpY1Tfg875Izsy0KOZAcaA/28uRa7f
+3lrUJt+NI/Hmk1gMBIKoXS8rLzplvVxt1KfwJUPCu+wZzACTSN2aMo1k/GnEzq8O
+j812qDDKUNYZ1rLWPc9355Ar6mI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHdDCCBVygAwIBAgIUJMtQVVRw63mVx6l1jYxCvSQq8NgwDQYJKoZIhvcNAQEL
+BQAwajELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRl
+bjE7MDkGA1UEAwwyU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFNl
+cnZpY2VzIENBIC0gRzMwHhcNMTkwNDE4MDkxMjU4WhcNMjgxMTEyMDAwMDAwWjBq
+MQswCQYDVQQGEwJOTDENMAsGA1UECgwEQ0lCRzEXMBUGA1UEYQwOTlRSTkwtNTAw
+MDA1MzUxMzAxBgNVBAMMKlVaSS1yZWdpc3RlciBNZWRld2Vya2VyIG5pZXQgb3Ag
+bmFhbSBDQSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAO2QTjta
+47kdkgQdFCE75qNEPJDvB1xQ+PP9v7Hez8VmrOUW+r3Sjp1K4z9c0k4KTUNRZpeW
+o+Jkqrg8P5OzQ1V6a1vqIZEdCcERI+nR9/0ZRqpc6ZVUHQGZ1pm8wxTj2hbfbIEk
+bHfDaaXrlE8UWbMYqlD7/shhiiUhm03yEPI5VFhZXk1W8dT11fagYBJLWr5A0jXS
+AQ9OOBuGY+bv6hWpoON61ANgwoTDzN7a5/mYvYZ+ICV/iGaOXJAoDplaYW2ycrTL
+S/HlCIPHfqtqTbkPrqdY4/PN1RNYr/+JcoFVHkk75JrcIRZ1Afyyk8l9JX+DpIIb
+LS7LQVzFlzwQ3A94wJ8Q3hrfnEWQ32rvzE2+8aTBf+8adsTnnIUFWy2cHi/b1vUK
+7E2P06KHcbkRmD837qwRkBDDCMQHO0ochfpxfen5eRFRT6JNmxskClk9A+JguJeY
+GxyNM+kRCqN2YLGbIoUmaVC3U/L14bkHzZtgNwRN4trB9yGkI1VfzBEpqxQyr9/F
+7uu9T1iFjhP1KWSKaTDUU5BafeCVbWaq/95/BubTGsQi2XNyoAPIE+0EhmgLpNdL
+lCfbI0F0Hj5JchrzEoYJxk9ohi0ZuNDm5xmOR6OZpPM8iwf+M17VeP9lFb/7Tkw8
+O1e4UcYfjF/RuXUOPDh5GNH24iTSnjfjC3WhAgMBAAGjggIQMIICDDCBmQYIKwYB
+BQUHAQEEgYwwgYkwRgYIKwYBBQUHMAKGOmh0dHA6Ly9jZXJ0LnBraW92ZXJoZWlk
+Lm5sL0RvbU9yZ2FuaXNhdGllU2VydmljZXNDQS1HMy5jZXIwPwYIKwYBBQUHMAGG
+M2h0dHA6Ly9kb21vcmdhbmlzYXRpZXNlcnZpY2Vzb2NzcC1nMy5wa2lvdmVyaGVp
+ZC5ubDAdBgNVHQ4EFgQUQ+41v2d0P5/MZRXi2cVXJdhBiNIwEgYDVR0TAQH/BAgw
+BgEB/wIBADAfBgNVHSMEGDAWgBRD600A05WTzqZ8QA1tEb450TKu4jAlBggrBgEF
+BQcBAwQZMBcwFQYIKwYBBQUHCwIwCQYHBACL7EkBAjBPBgNVHSAESDBGMDYGCmCE
+EAGHawECBQQwKDAmBggrBgEFBQcCARYaaHR0cHM6Ly9jcHMucGtpb3ZlcmhlaWQu
+bmwwDAYKYIQQAYdrAQIFBTBRBgNVHR8ESjBIMEagRKBChkBodHRwOi8vY3JsLnBr
+aW92ZXJoZWlkLm5sL0RvbU9yZ2FuaXNhdGllU2VydmljZXNMYXRlc3RDUkwtRzMu
+Y3JsMA4GA1UdDwEB/wQEAwIBBjA/BgNVHSUEODA2BggrBgEFBQcDAgYIKwYBBQUH
+AwQGCisGAQQBgjcKAwwGCisGAQQBgjcKAwQGCCsGAQUFBwMJMA0GCSqGSIb3DQEB
+CwUAA4ICAQBvtfYjrP0TJTbTHtDVeKfVUxJpWGL1OsqjWgyU/n0Afi51vTMUR5kF
+QXFMOTMOsns9vGMelQXOUM0aG95ubaESaATdLFnAfMfAt2lyxX54d7iNyIqlgVK/
+N1StPt9jEELbkwCgcyDdYqw0dDfRoHWeZXyZ8J+676CR7SFOMUghh4z5hzkPGiJq
+lK1TGEu+g9rIVldlMSzHYk7f8qYFsNG0o58uBoQpAfXAKm/aHRmGXB/35g6Ak+Tb
+KLtj+U31qzLb4sOnQ14kHJbldU7xiCw1+e5LiIAc9HyqGy7sBl4XYtgdFZqHBclx
+YZhAbe6tzZD/r2mRh2OdFYrVKQ2FGWgSmGIML1Q4XnhgdZCXBen7bCIdR2ncRWnp
+KDLQJvDwmoDzu0gCU1Rq5LLENX6RzT7FR64APaO9BSsBt+95zAhnTsPE7qSYL3Hv
+cAHjiMOmZzL4zHbgx/v5cvXlQoRQnpEMCRmy9KDV2ued0TJ4851v0MsRgmMi8Jtx
+3L6kofhG2tq8+eXVGRRDXxDSzd//fZQHfzy6VpQC/zv01S9sobjXRYejDQFrkbfq
+umRKzeCBiWZqnrYuXBdd0g+7SlDpq1GzqFqvpS7yXzy9O8+RPY/LWi9x4w1rxl2u
+6Nc9U3EvmE86vuR9CKq7iJw1gJlN8LKArk2YaPr9j0+uJYfORf37PA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGJTCCBA2gAwIBAgIQWv173AAGcMbgDjGP9VFEgjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NDI0MDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBgDELMAkGA1UEBhMCR0IxGzAZBgNV
+BAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UE
+ChMPU2VjdGlnbyBMaW1pdGVkMSgwJgYDVQQDEx9TZWN0aWdvIFJTQSBEb2N1bWVu
+dCBTaWduaW5nIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj51+
+TjRZu+DrIrTE/lMeFUqx/Xur6S+EIkUXptdm9bZNjlYai5e9yfbHhG6fyEijlT5e
+jCJ3eNGb/XHrq8CdtXR7xpzFtPptVC8/4vuNgZowMHNpcLQKEMHNNBAqQ5Df7K5X
+9VjpJCBeIGvtfZ6mL7oq0wQc7plhl8rZi4HFzOrPCKM1svKIWcrJE89mJr4ZxvNL
+BOJ7emiyyaqcGX23U4fzqQkMwpKDr4ad32DT2+nvm0k7utjFCa7Qj5XGxlpnyAbX
+YPcksl/2speB/PPIlt9+5sI2fEcTm0z/19rmO0sOSt4yJv6yY/HA97X+An8d08cR
+0GHzFSa/icB/EviTEQIDAQABo4IBjzCCAYswHwYDVR0jBBgwFoAUU3m/WqorSs9U
+gOHYm8Cd8rIDZsswHQYDVR0OBBYEFMxrzya9+kwtT+sMXyju49mHA+4KMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMEgGA1UdJQRBMD8GCCsGAQUF
+BwMCBggrBgEFBQcDAwYIKwYBBQUHAwQGCCsGAQUFBwMIBgorBgEEAYI3CgMMBgkq
+hkiG9y8BAQUwEQYDVR0gBAowCDAGBgRVHSAAMFAGA1UdHwRJMEcwRaBDoEGGP2h0
+dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9u
+QXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6
+Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAl
+BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0B
+AQwFAAOCAgEAP8IBFyNqtKm/M0rsGCxVvCM7q78CGaZ2F8K9PJJFhYLvksy/9hsF
+3D3KBdjwFEvVyZiZxxByaByRb5XkpmAnbBEfkIV9TLyhoAeykoRoVqGjbTXxrz+q
+qmSUUw506OjaL25IDshoy7s+gY4/NMALSNj5NTYJvX6EqEh6EYETPxmeG9xvhIM5
+VO7+6eD7IpSju4sDUGyb+7veAeVOUZQw7nAIeQDm4l9MDeUXJb46hWPg0zlCyAqL
+dMz362ADqbC27p6ck9Xfdv5CcufoQ3ZftDQrKemTSBFdl5/yNK5tI2DQFqwI8ajd
+ckzgsJzEqHCzoo0Rtp2wLtknY9OuDrBPOJFFZgFDg+vMrNeLN8i3yBCaJXDssdwJ
+Eh4OVad6JCnTcQGsD2pibiQX6HHQtOSUcNgZ4vSugHjqre5jVyNk7w3b0p1pDtYS
+iWWhfwuIRhtpJa6/UJCXP7lWhuXpD5VgPnSxmiaJHKcQNI5GF9KoDfAeN3aJEHgi
+aEtECAOiIRVRlgOpkGxD3wpDat95l0VVu7cZG5VWDcCkja8DXjZ+jmNJSeUZmLp0
+80nnOpSsH5SKbMXcc9qAWaNNlbOp9KakN9G8KjmRmpHVJrharDLuuVlNEHnNOTkw
+Q4rf6cuhVzsdT3mgxCRrio6sqwW+jX8JiI8c8Ejz7bWrvptX5NVJ6LM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvzCCA6egAwIBAgIQDq4EhhYgr+B6uMqiqIQTXjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA1MDcxMjI4NDZaFw0yOTA1MDcxMjI4NDZaMGIxCzAJBgNVBAYTAk5M
+MRMwEQYDVQQKEwpTdXByZW1lU1NMMRswGQYDVQQLExJ3d3cuc3VwcmVtZXNzbC5j
+b20xITAfBgNVBAMTGEdlb1RydXN0IFN1cHJlbWVTU0wgMSBDQTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMyU0ZIguVyV7JnNRyG+sqrwhe4EQfhzmPgh
+pNlnb2Wk67tdfPblp6YGBIht/rM8K3d9k9dJCWlDrEmWPNvi2C0R2C3Z6BFhtQ8o
+P/dmhDu4fW5qUXeHBpGxl3ySmxC9ir/bcE8R2nVlkIZDKmeL4Nf9dsIUmHAbRUf8
+DkDqvTzbemEEhWFKX7qdGxp6mEEEodFDn9IQoBqTt4x0wD/LXd9NkVpal018rUWx
+AA8JdhIKTcXi8AmX5xbwIudJpMkcXv6RYN0TmSeB9w9EKmYU95K54UKi7h3ayQGo
+y1oQF58sNkSE8Eza9it5PU7wZBuKMNdpTSmSPL4I0zbD90owCaUCAwEAAaOCAXAw
+ggFsMB0GA1UdDgQWBBTxL7V3HPSA65eF9GgQ6MSnnkeyVTAfBgNVHSMEGDAWgBQD
+3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUH
+AQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYD
+VR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
+R2xvYmFsUm9vdENBLmNybDBtBgNVHSAEZjBkMDcGCWCGSAGG/WwBATAqMCgGCCsG
+AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAsGCWCGSAGG/WwB
+AjAIBgZngQwBAgEwCAYGZ4EMAQICMAgGBmeBDAECAzANBgkqhkiG9w0BAQsFAAOC
+AQEAGAEOvzJ/m576RHn+moWtxuNvJwDz5RS4WcjLbBlz9vKhVD3sCEyR4AvdMo4U
+tEUbwDPuqxxjItE+yq96rScNTTRxzrH2rn0EGsQO830bO/OKExyabXqZg4OovlX9
+ZJ5rA6juZ9hz/9XZklhxXVZzClcY9MRf2xrSZsV4cfGFE5V6x/mHtnF7lrxfjmLp
+3DdDmj24XLZxefp9dufoAxgM1b7PIeBB1qITnAjIvhiPVWJVktjc6fk+j4T0qDbe
+HMWT2NvORdQjJUwEj5zKwaubilKgHYf0vXhRwCseKr5Fs5YuFaagyf0eZr6vpcOq
+pypkRF+GZD7aVBj7oI/q6bO69Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtDCCA5ygAwIBAgIQDz+C15Nfgv4UjN75z4+5UTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDUwNzEyMjkxOVoXDTI5MDUwNzEyMjkxOVowZTEL
+MAkGA1UEBhMCTkwxEzARBgNVBAoTClN1cHJlbWVTU0wxGzAZBgNVBAsTEnd3dy5z
+dXByZW1lc3NsLmNvbTEkMCIGA1UEAxMbR2VvVHJ1c3QgU3VwcmVtZVNTTCBFViAx
+IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3AaofIIPmTqsLbpN
+eOVz6+kV35EIliPib9K3HlMDELx/B9QTw4xnJBiey5J6berhTfP+2ekl6BGHAvf+
+Kr6E119aNAtZTZ66EjNhZGvo1rij9nezhLpdma9e98t2nmwIlR5DRRn8mPZCPS5C
+a4Tu0O653ztyA4CrGIGOy/PTYdf2OPed/eiZRiucvp+e7tuFNsIJVxQJIqtN385j
+OcOvp6nq/Au/ByeHPIA859e/SyWxuaOaFHxKvHyoFMkyECFpc0676G4UEYUd9wCq
+xkpTfvg7kIIKJUsStPJRhdD0Lm97Qjpr37TU8U2UBSc/j2ir5JI2Gbyjj9NdYPbX
+xrD62wIDAQABo4IBVzCCAVMwHQYDVR0OBBYEFC1z6GjzAB9yD5c2wEAaUpHh91VG
+MB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9jZCvDMA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB
+/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
+Z2ljZXJ0LmNvbTBLBgNVHR8ERDBCMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2Vy
+dC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMEsGA1UdIARE
+MEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj
+ZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwDQYJKoZIhvcNAQELBQADggEBAHQCpooZfTUM
+tm92hD7/X7XiQeV1NbDL7oCJXHdpECoBnGk63Sa4SSg6U5y+Iq9LC84J9rz8/QnN
+TgmP5WU/G+E6qhOLkhq7Z4w4h8q0qNyl01fPTyYaXZahDH0Vik5okzrBiRwzJEd4
+Umr8nID4e0JzGCE1/XJShQU3op0hDpPEpZdQnOxMJRCFChi3UypPqjIjM0fjHxK4
+A6LJ5QWS5rAtQJq4nLPIKCNDAVx+HGZeZQVuLt7Lby1WAf1M6d3t/HRFR2Dv34td
+dwKgvv33mEqTm0XuiXcuRQn724MLH7a+lr1FuclIh3nFSfc43EpFbrtUK7XELDAk
+6ZcIy2P3yG8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID+DCCAuCgAwIBAgIQA88eZXjGXrL3zaF3t/3DZTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA1MDcxMjI5MjlaFw0yOTA1MDcxMjI5MjlaMGYxCzAJBgNVBAYTAk5M
+MRMwEQYDVQQKEwpTdXByZW1lU1NMMRswGQYDVQQLExJ3d3cuc3VwcmVtZXNzbC5j
+b20xJTAjBgNVBAMTHEdlb1RydXN0IFN1cHJlbWVTU0wgMSBFQ0MgQ0EwWTATBgcq
+hkjOPQIBBggqhkjOPQMBBwNCAAQtt5UJijO4BHsBI0D0YZisWv/zL6mtZ7bFDHav
+HWECnEBly0fYlJhwFwScbR8EgMCDXH22KI5O6jq8wCpP3VR9o4IBcDCCAWwwHQYD
+VR0OBBYEFMm3Q54z67acrowgVgjQKHy0vamhMB8GA1UdIwQYMBaAFAPeUDVW0Uy7
+ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYw
+JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBCBgNVHR8EOzA5
+MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxS
+b290Q0EuY3JsMG0GA1UdIARmMGQwNwYJYIZIAYb9bAEBMCowKAYIKwYBBQUHAgEW
+HGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwCwYJYIZIAYb9bAECMAgGBmeB
+DAECATAIBgZngQwBAgIwCAYGZ4EMAQIDMA0GCSqGSIb3DQEBCwUAA4IBAQDJN676
+Tgdp7RJJsK6W4pp+EU2V9LYx7AOL+YWlQozsHJtNWFwaHZESXz4ONIFRS3Zn/OyR
+tv0d23eXn+8IVuWTvOo/FR21Ua1qq8/g9dRP67CiTEZDIpA6VK7vfUqVmknYuu0L
+dUbnXKWCjeoQaKpkc5E779m45hcviwXEsqOBdWIgt1sqA2fbUbJJsg1XsOLS8SqH
+unkfclzHlRizZ7CDLM6hoDS0cisBHlHydaeSUU0vz9lxpGyYmy1jKMJ+UjiChOXA
+R1xHduaZzku4MpNJx6Gi1HkrSJ6/r1JsSlkkogRL+CGBICYoFUmLZsapIcNfYGqb
+Wwcd1f7oZkB6+2kS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID7TCCAtWgAwIBAgIQCvJ9uaYFXvn1SRvcPvki1jANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDUwNzEyMjkzN1oXDTI5MDUwNzEyMjkzN1owaTEL
+MAkGA1UEBhMCTkwxEzARBgNVBAoTClN1cHJlbWVTU0wxGzAZBgNVBAsTEnd3dy5z
+dXByZW1lc3NsLmNvbTEoMCYGA1UEAxMfR2VvVHJ1c3QgU3VwcmVtZVNTTCBFViAx
+IEVDQyBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGB+fE2dRGT8EZXrgam7
+yoixdqJPmDM6doueDLOkVuFnxAA2SyfW9LYuvQ0A3DQm8ynr7imuS4NBzSGOpYPz
+4KOjggFXMIIBUzAdBgNVHQ4EFgQUq9SIVzuXBMIcz3dHg9sJK72DPYYwHwYDVR0j
+BBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDgYDVR0PAQH/BAQDAgGGMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDQG
+CCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQu
+Y29tMEsGA1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9E
+aWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwSwYDVR0gBEQwQjA3Bglg
+hkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t
+L0NQUzAHBgVngQwBATANBgkqhkiG9w0BAQsFAAOCAQEATuwqW2pXN+kFyR40FIOU
+8M3qc9bSmZu7t3T4cqkP3pAv7VmWg34n7PYTa2oBSMcSiCdoNpkKSsfE/v4oXkn1
+dHOzJFiu8OtKlazI18nGg3CynRxBOxD8Z2tX8Nxf6dVWhvqOKRrJcawPXwxG3CNK
+QdeyRTUtTqf4K2My7w/SftUf5VrHfxAgHzLlwe1wBRt9jttOhfqvI/c9kqoce7P5
+tFTjj22/Y5XaPW/Uz/ysUIAKsCJuakG7+7VyBuHq3pG4ZpNAzAUSPRXYqejd2NPX
+8sXsJtoh0DXtCGavqWkkdIcaMhI5dK2mjCiGUdR79f3RRNh5f51MqXU2N++GxAyX
+uw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFZTCCBE2gAwIBAgIJbV2+lpv37LNTMA0GCSqGSIb3DQEBCwUAMDwxHjAcBgNV
+BAMMFUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UE
+BhMCREUwHhcNMTkwNTA4MDkxMzE2WhcNMjkwNTA1MDkxMzE2WjBLMS0wKwYDVQQD
+DCRBdG9zIFRydXN0ZWRSb290IE1haWxnYXRld2F5IENBIDIwMTkxDTALBgNVBAoM
+BEF0b3MxCzAJBgNVBAYTAkRFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAh63RpvKi3N3jX7Bh2WeknfUt8fwr3KnzMiEr0eVSg+Mveyj0mk7InFnh9GMm
+qZDhP+01mRIw59XDmZnDaDS0MTaIGHtJJ4JoWFihOwAaiDucyrXHm+u3ufSxWw1t
+Sm8TOMAFphUmkK8WLEbdE7UxoMsgW3G9qJgdE3ctzm/4Mn9QngynwI+FwX9mUa1F
+v5LJTV48g1jD2FEZw9+wYn4IKu2prrC/3lFpej0+pc1dUUnod17+bzD8s2+fEmlC
+WFVkcGxwSbQiG9trT8RysxzRRGLzA4SbLWJS14R/enkTztB2PoLV6QvrKSYLrjNc
+gKFYsbfbjDrgZNi/YVL6BZISbwIDAQABo4ICWTCCAlUwEgYDVR0TAQH/BAgwBgEB
+/wIBADAfBgNVHSMEGDAWgBSnpQaxLKYJYO7Rl+lwrrw7GWzbITB2BggrBgEFBQcB
+AQRqMGgwQAYIKwYBBQUHMAKGNGh0dHA6Ly9wa2kuYXRvcy5uZXQvRG93bmxvYWQv
+QXRvc1RydXN0ZWRSb290MjAxMS5jZXIwJAYIKwYBBQUHMAGGGGh0dHA6Ly9wa2kt
+b2NzcC5hdG9zLm5ldDBEBgNVHSAEPTA7MDkGCysGAQQBsC0FAQEBMCowKAYIKwYB
+BQUHAgEWHGh0dHA6Ly9wa2kuYXRvcy5uZXQvRG93bmxvYWQwHQYDVR0lBBYwFAYI
+KwYBBQUHAwIGCCsGAQUFBwMEMIIBEAYDVR0fBIIBBzCCAQMwgcCgfKB6hnhsZGFw
+Oi8vcGtpLWxkYXAuYXRvcy5uZXQvY249QXRvcyUyMFRydXN0ZWRSb290JTIwMjAx
+MSxvdT1DQSxvdT1BdG9zJTIwVEMsbz1BdG9zLGRjPWF0b3MsZGM9bmV0P2NlcnRp
+ZmljYXRlUmV2b2NhdGlvbkxpc3SiQKQ+MDwxHjAcBgNVBAMMFUF0b3MgVHJ1c3Rl
+ZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UEBhMCREUwPqA8oDqGOGh0
+dHA6Ly9wa2ktY3JsLmF0b3MubmV0L2NybC9BdG9zX1RydXN0ZWRSb290X0NBXzIw
+MTEuY3JsMB0GA1UdDgQWBBTM4mc4rdlU1jc3JhvGt087SNaZXDAOBgNVHQ8BAf8E
+BAMCAQYwDQYJKoZIhvcNAQELBQADggEBAD/I1QDV2wurHe92UyIhI7HQ68qd3ZfR
+xphtVybVTLTzT4zHOJRzeV60nUUAZdWvlGNlJkGRrhTttHStGVEQ1kwR2ahmCSQc
+KWL6WkinAqiwTbm0+I2ejmLe7R2uQNMxhv23579dcV0GAWwpDovpP2olhNpFhDbc
+ke2hvCfEPFqDzmTl+fIZgLOleJgWCNPwRI8YZ9UzFRdvj5YZnjC77E03mVHxGNsO
+J/CkWEci9jeIOhhmqlfdSRHwReLwk01rVKmZu14gUCX2yWrP7uAOBEvG9pbVezW6
+8XgG7JvBVfQLKofUaNXSTfiSelFwbhCrmJDHEGdSdbfzc+6ye6ngOWI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFezCCBGOgAwIBAgIJEq8M0hh9sUDEMA0GCSqGSIb3DQEBCwUAMDwxHjAcBgNV
+BAMMFUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsGA1UECgwEQXRvczELMAkGA1UE
+BhMCREUwHhcNMTkwNTA4MDkyMzM5WhcNMjkwNTA1MDkyMzM5WjBhMUMwQQYDVQQD
+DDpBdG9zIFRydXN0ZWRSb290IENsaWVudC1DQSBmb3IgZXF1ZW5zV29ybGRsaW5l
+UGFydG5lciAyMDE5MQ0wCwYDVQQKDARBdG9zMQswCQYDVQQGEwJERTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBALTUkWEF7nfCRLNM0ARzu/zc3eah6qU0
+Zo8Ri8rAyDVbckgRQqsB6EQ8PXap8Nt7pCsp/cjOo6oaVWVHjWm3SnoHHna3UBJX
+zrIWMQxZ6C70Jg9RuH0volKiByZVC2xZGNojx2/y6uLG40s3AsGIZv0xL8XbvxZ9
+BjULQLm7I1A/okQ5WklwhjKSt+PgzikXAJ7jDmW2Adf9OKJOPIkhnf2//uxJngsI
+5T8aH1MqkmLvyUTDG1abOLu3BxnqzmGZb1G7YV0SsfNLB7bx+diWgYQQhw34/aOG
+BP/b7Acg88DFcaYCwT3gKReXdUp89oybFlYK9J4ZQb3toUXZSYHbyAUCAwEAAaOC
+AlkwggJVMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUp6UGsSymCWDu
+0ZfpcK68Oxls2yEwdgYIKwYBBQUHAQEEajBoMEAGCCsGAQUFBzAChjRodHRwOi8v
+cGtpLmF0b3MubmV0L0Rvd25sb2FkL0F0b3NUcnVzdGVkUm9vdDIwMTEuY2VyMCQG
+CCsGAQUFBzABhhhodHRwOi8vcGtpLW9jc3AuYXRvcy5uZXQwRAYDVR0gBD0wOzA5
+BgsrBgEEAbAtBQEBATAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcGtpLmF0b3MubmV0
+L0Rvd25sb2FkMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDCCARAGA1Ud
+HwSCAQcwggEDMIHAoHygeoZ4bGRhcDovL3BraS1sZGFwLmF0b3MubmV0L2NuPUF0
+b3MlMjBUcnVzdGVkUm9vdCUyMDIwMTEsb3U9Q0Esb3U9QXRvcyUyMFRDLG89QXRv
+cyxkYz1hdG9zLGRjPW5ldD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0okCkPjA8
+MR4wHAYDVQQDDBVBdG9zIFRydXN0ZWRSb290IDIwMTExDTALBgNVBAoMBEF0b3Mx
+CzAJBgNVBAYTAkRFMD6gPKA6hjhodHRwOi8vcGtpLWNybC5hdG9zLm5ldC9jcmwv
+QXRvc19UcnVzdGVkUm9vdF9DQV8yMDExLmNybDAdBgNVHQ4EFgQUy0VDuZaMYGm+
+HQAzPQ5uWyk4Ls4wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAw
+PpzZw391HM65BX96L10//ZnFkwCb2VN6sUpnVUmgXpclKrY+zDkeL3/rN4H8L1Jz
+oR1vdQsdXMnfQZ+uH5QOmOlWc2znpP5QGcZaUcwz7VQZ7x4gIcvolxjOofVuFRNR
+hLC3+AbrMOg6Ouaqc2MtbIxeeyivqE3vdF1OREZemG7y86kzZ6lpanaNFrLU34Yz
+/+vJA4ESRZhUaaXCLoMG3SqUvJvK6+BtmOtnUnZYceu8pUAIY1fRZCs4cE9WIsTA
+bXyQ3ttVI8lFwxQAIue70qrqlktWa1GDaY7+jeDH1R2yaUAdNviKzSDqi6tGLmTd
+qg/wlaEdGZ691b+8ZoTH
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWzCCBEOgAwIBAgIQfGrcmTRUBXFrq03rqZKwpjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE0MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjCBujELMAkGA1UEBhMCVVMxEDAOBgNV
+BAgTB0FyaXpvbmExEDAOBgNVBAcTB1Bob2VuaXgxIzAhBgNVBAoTGlNTTHMuY29t
+IChOYW1lY2hlYXAsIEluYy4pMTcwNQYDVQQLEy5Db250cm9sbGVkIGJ5IFNlY3Rp
+Z28gZXhjbHVzaXZlbHkgZm9yIFNTTHMuY29tMSkwJwYDVQQDEyBTU0xzLmNvbSBS
+U0EgRVYgU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAJibUY5PjHm4reOu2/cghfMj9UCyNclteWaeLPsPqzbwR8DBTfcGmg1R
+/v+Id0zDYNUpRJzzQWqSI7hlm/qXF7oo4jFLuFyzYw4McFgFHxIvt7W5/W2P9fim
++8IE8bs4l84Y2dikj/mFuA2fPr1G0jrW7wxJJ8DdxUnb24j49joSP5sFH9f336oM
+b5p5Ua45Q1sQ0wEMnDWQUcv4D4/GKCYozjb37gK+IDfVyuaz82iYutej2za6WOaQ
+X2qqqb2+0K4G3K6nbji4oxJOni9VHhchxkacpV5jbTGMu/t1uKrforlfPgDcn97Z
+iNYj2A3iatS51lhelu19QOQVw5uQxGsCAwEAAaOCAYswggGHMB8GA1UdIwQYMBaA
+FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBT+IhedWWJjx32y4Hu3bJtA
+cB3avzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYI
+KwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZp
+Y2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKG
+M2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENB
+LmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkq
+hkiG9w0BAQwFAAOCAgEACquVVtH8DYadSfz0NHvhyOxo2kCpH0njmjrDcGUXTLJa
+B1yBvLrJG6HIBAqObgEwm/iYIsWUqQ0+tWNIG810cEcSL/bQn4xyoEwvbI7+v/e0
+RZsM/WZxdyzpxU4/+ZAivbyAYJcI62Bb5J800BcNFUCHO+icwsFKL+QTxsXLBwdi
+0XPqOudcQ8U31+kguCoZAlHQalujVTzOjkZS4yYYG5BZkeRCzOXaLR+8qWm6FigU
+2CboVx84MGQZJgRS4SE2FUo7HdCMxIekR3qNsfq0ZSvZ5OCGBHsvv4bvD+LUnUKf
+DW/Wr3DLjW3qFWDFmNSkyh9VNGAayn5apORSaHN9EzObNqFVaadKWelZ7FvQ8l3c
+N9O9O7++neiI1H5ZGXBDOXS3UISyESl6i7whKG7aFPMTtae/Kg++vPWrZQL/QyeR
+2dYTYYyv4lCndiQ8GzqYaNbVM7Fo9ryet9VV00KnXPTZl1RLVB5ShCJwPvyqasuP
+XSy2vkccznj18SzWoZZ3Pyb3Q1T2v5BpMLUVIiKCslC8jbTM9ksGyrB3yuyUGrHH
+dFumZ9rG6XVriXuNQ0XqZYhEj1aJGNUcuZVP/NPWC4NighIW4kpIi0oUyCBQJsxH
+VAdB0vs6KSqQi4pouaNJboKQduNpRnWWVo5aMRLg389gImoCyki+D4ERklaaB6Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDsDCCAzWgAwIBAgIRAMuIwpyXg2f0Wl/9CVl1toEwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDUx
+NDAwMDAwMFoXDTI5MDUxMzIzNTk1OVowgY8xCzAJBgNVBAYTAk1BMRIwEAYDVQQI
+EwlNYXJyYWtlY2gxEjAQBgNVBAcTCU1hcnJha2VjaDEfMB0GA1UEChMWR2VuaW91
+cyBDb21tdW5pY2F0aW9uczE3MDUGA1UEAxMuR0VOSU9VUyBFQ0MgRG9tYWluIFZh
+bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABEKn1KzqFEYHIcPCMr7tcFF/FHKVCX2XuT2UTe4uXIdZ6WTxm6550AfLXobM
+MuozK7PKOVO6zG5FWbfQrIlRUWejggF1MIIBcTAfBgNVHSMEGDAWgBQ64QmG1M8Z
+wpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUCiofYImrVycfM/5F86UZ7Rie9hUwDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAkMwCAYGZ4EM
+AQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcB
+AQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VS
+VHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3Au
+dXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNpADBmAjEA1Y+Ubw1tOZbnBDp2FxoN
+blqg5ydztwKNgi88cWLy1eBOjPcK2o8URIRUeeWs+evQAjEA+ZbqqNYu8MlKeYNb
+NRSSa2+lAXt9w1v1xWx2O9jylDtMIQkzOkSZMzhx8zSg0UNC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDtTCCAzugAwIBAgIRAK3ArXFhq4k9s+bgVOsWnckwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDUx
+NDAwMDAwMFoXDTI5MDUxMzIzNTk1OVowgZUxCzAJBgNVBAYTAklOMRIwEAYDVQQI
+EwlLYXJuYXRha2ExEjAQBgNVBAcTCUJlbmdhbHVydTElMCMGA1UEChMcZU11ZGhy
+YSBUZWNobm9sb2dpZXMgTGltaXRlZDE3MDUGA1UEAxMuZU11ZGhyYSBFQ0MgRG9t
+YWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTBZMBMGByqGSM49AgEGCCqG
+SM49AwEHA0IABIND0n0KjXwPz23GWU8r10+PCOkMWy68+tWWBIXJ+ZgJEt9rNvUe
+9R7ta/9bmar3fBBBQ8bDJv1oY2PD8Tx0PgijggF1MIIBcTAfBgNVHSMEGDAWgBQ6
+4QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQURKlJvyGIsOOTtIA6GYFFlUf4
+umQwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAkQw
+CAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2Bggr
+BgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNv
+bS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
+L29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjABeiGZ0Am/0f14
+COHktALxJMSYCb+K8i7B4y9C6wmaYFJi8zWhj0AzkgN48/0CMxgCMQDGpOo6fUPX
+WEnrmCuYIfHRSFXCTulRFJFseqHB1SxBfnKnyLasYNOoPKXy1t79oDM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+TCCA+GgAwIBAgIQOly1wtzRaBq2ZZIu681rNjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE0MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjBvMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHQXJpem9uYTEQMA4GA1UEBxMHUGhvZW5peDERMA8GA1UEChMIU1NMcy5jb20x
+KTAnBgNVBAMTIFNTTHMuY29tIFJTQSBPViBTZWN1cmUgU2VydmVyIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjmmbw2lC35tLRmhMOVA6T21n7OS
+96DHc18Hr7sIeOOnYslkil4wX/+0e0ExyAGmpINuyc9NKxvb6iMGBSpGfmwBWtH/
+ZCokuOJpxsj3hU4rdrTzOskm2DX3b5pvW+/vaKDzGqP887xmIT4W/FPRY29zI+eR
+hkFly+SG/LqgGHS18dGhu2T8UmC+NPRBl0ecjkLnxWmTJ1YPQaj3OXRJVAZaRkb8
+SUWJTufKvnTncGKElW/emiRFDo2KWT7Ek55ZlQwpiEeio8Lgr2rv53zTVIFAUHUR
+8FfLVqUJPRv+aPyFvn9pux+eIqCyiLPO7Z1q8Z0ov7wNfJmbauLjcsR5GwIDAQAB
+o4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFJqa52DKwxsxIfeDdk5BMrdPNj1mMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV
+HSAEGzAZMA0GCysGAQQBsjEBAgJCMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBAFdhc6XE60bJGk442p5AoqSB55ShLnxNFm86AyGO4TBW/ZHy
+vBEuXTT/hXbWzstCtJQcR1w8E5pR+AibG3DWuYcfqsyzvYCU9XD2f9n94qKZZNIS
+Gf/jitYYdTDcvq0PNzHBMqZWdn0yIxcKnfONBHodOUZ2SvkX+D/cWcfViqjAXHqZ
+CTO6oyitvJOZUsr879f6JMRh3xIHZbCSh8W2uaUMCGkXH4zIXLEp8OQj4YGUAQDb
+O4P9h7mhgw18NKUTJvKgPXi7WqtJA9jFzaM5LTEhTfnrwdccp1MU2uNADoKPE0Ma
+ZxVyK9Zv9QoFTNjF5sr+3bOlA8kM548n1QOvSFfC0X4v5EHteONqa3XAYqSJ+LAc
+poIwa46/w8B23OjkDwI32EAen9FzqZUlvANkMjH82IJ0dGcQ/zM9MKPRp2LGgoeE
+tWW4XulPnaVG9NRCK6lu7VRocPNaQV+Vp9Dc+Wg8OcmxHK9ElSi4DpkKTZRcwOsF
+ZsiasRVXc0afh1bCFykO02svmmjuYURiwc4jyNKahbQo7JUJyd5upf9rdUDunTt4
+8o1l5RLsaJJY1WS8+/YoV2bBcJId3i+RePjiQqPkfrWOiq4noZwyLcSm9pJgF6Jk
+NtUJXxms1/Zz6lKUp/ku1ZL0EBjGA+245X7GRnNjn6AP30P1gyJeX8AmbwRx
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGHjCCBAagAwIBAgIRAIz5UOB4ZW1aeHa8vGDi7w0wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDUxNDAwMDAwMFoXDTI5MDUxMzIzNTk1OVowgZwxCzAJBgNVBAYTAklOMRIwEAYD
+VQQIEwlLYXJuYXRha2ExEjAQBgNVBAcTCUJlbmdhbHVydTElMCMGA1UEChMcZU11
+ZGhyYSBUZWNobm9sb2dpZXMgTGltaXRlZDE+MDwGA1UEAxM1ZU11ZGhyYSBSU0Eg
+Q2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEsmiyBNG2Snww7+vZtJQw33IjJwSK
+uPTKnH0W7SI6L7rxFxOxsFom2gcLmMc7hKLvCCpjc8uBf676WdRQPYaLVfKamAeZ
+OAKdTXevqpbtuAxTe3dNvknus1sOB5wcGw0ljQ4JUGvMLwdvDMHy1DPcO/jKGGzW
++ojqKpnNyclFWk6fUO4clG7L4AC68XrpKc/ROOawrBIebHjjVjPtkX0OdnBXM8ZY
+GdH0sEt7SeTBNuy2oUXDEehdjByWG6mmZUWYFCM7SX6Btrrj2/wKV7+hN+dU/vMz
+pcgBSqXrGdcupE8O8NxpYOXiTe9oYUeCQDybNwlGcLfxSU1LQQazTtP7AgMBAAGj
+ggFrMIIBZzAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4E
+FgQUKw+7S/xr9vxO3/HrHc0q/sx0X8owDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBgGA1Ud
+IAQRMA8wDQYLKwYBBAGyMQECAkQwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2Ny
+bC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3Jp
+dHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51
+c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4IC
+AQA3t7uHrFTk7CWXr9ADDOw9ac+Jy7sDEBoDTJuTZXVjRAS7orDgY0mECPfUtS6z
+GOGF1+qc7MPjecpEQvNRl4qX9+gdcAhZ6YFSDUf00d8vNpg6UB0a8IJsyWGrLfkR
+zdwlOdVZCFDZ9RRohkAmsPntcKKfovGEJwrazUy/bJ0WR/ghKrLoqWXwVGqmNbIA
+J+YMO2wnfaw+h0tJnuBaAFin/z5e2BGOV3rw7x+TzkKmzW2/cZ8uRQDagadeTSxK
+wpI9c/ny7QzctE7G6J43bNNmM3FlC1N3pRcNVq7W8yf6dCjZy8xCVSDD7eM1JT27
+m+YV92o+mPLDopXMHLD2/uNI7ftjnfIT7S8Ql8S94Op+/69JjgQekzPOcMcPp0mX
+hWA0DoT6QVccGYTjt8ElqJDdW6PaMfnet+oJpQgKgfeW1VctxiIZYXTw2J4j3zQJ
+mJ85KxYqT5vklP7LJz0vAkH1T9TzB9O8t/YXI6cSWZ1ODiMIMZ7MfhRgl8+kR8UJ
+XVGEFJmNGPhJMk77lwA+U/2MSRBkreeLRcnqkHST8YPQSihkLHsiizYHIJin8u95
+ZBS4TaPArwtV6MK0rIVCEjA3VwgOpL0TGlXX8W35lw0pILqVXD9LOBdracWjFbHY
+8aUJmvNc3nJEw+EiPTdHAJgJrLeAP6JeNQcjE/LC7MuqXw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID7jCCA3WgAwIBAgIQKIBjf65//GUfCnWVUULbLTAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwNTE0
+MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjCBujELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
+B0FyaXpvbmExEDAOBgNVBAcTB1Bob2VuaXgxIzAhBgNVBAoTGlNTTHMuY29tIChO
+YW1lY2hlYXAsIEluYy4pMTcwNQYDVQQLEy5Db250cm9sbGVkIGJ5IFNlY3RpZ28g
+ZXhjbHVzaXZlbHkgZm9yIFNTTHMuY29tMSkwJwYDVQQDEyBTU0xzLmNvbSBFQ0Mg
+RVYgU2VjdXJlIFNlcnZlciBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBZP
+PtSFX6jmkcabG3nr44Wz58ABrDNANKgkao3OXoO1XKt9rz772vdZ53u7V5OCrRsy
+mnuSrqEiC2SiB7/X7PejggGLMIIBhzAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl2
+3OA1xmNjmjAdBgNVHQ4EFgQUcCe+tvjCSE/vDei0nzqpKAL0uWwwDgYDVR0PAQH/
+BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRw
+czovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3Js
+LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0
+eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVz
+ZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUH
+MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDZwAwZAIw
+ENqPaOnFzbb0v0K3bspErkkGKCwSZS0rq2atMKweF/fK3UFyB/Q/zqIOa7utCjWO
+AjA94cGDlw3d2qBx0oPuwLWQYzXOTHXt8kPv+M9wO7IOD72Ad1YgA6QYr6N7fsud
+MNo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjTCCAxSgAwIBAgIRAPBC9pWUwz2C8aEhZefD3gkwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDUx
+NDAwMDAwMFoXDTI5MDUxMzIzNTk1OVowbzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
+B0FyaXpvbmExEDAOBgNVBAcTB1Bob2VuaXgxETAPBgNVBAoTCFNTTHMuY29tMSkw
+JwYDVQQDEyBTU0xzLmNvbSBFQ0MgT1YgU2VjdXJlIFNlcnZlciBDQTBZMBMGByqG
+SM49AgEGCCqGSM49AwEHA0IABNABUIPdtvWoTGHsYeKUfVhnXL5eaXW8bDSuL6c3
+7O5ZqqRKEjUA5UQSnxP6Uffd+7gfspUpiYgdQeuN752D9UWjggF1MIIBcTAfBgNV
+HSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQU1i/V8G9z2NUf
+3JD5koUIDRpBDbUwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYB
+BAGyMQECAkIwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwu
+dXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5
+LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcw
+AYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNnADBkAjBI
+hTCIsf/U/GItWmwhHj+vEiy3vCW5BDnsziw8a2uvTb6nofHIHU5RY7i/KRvT3d8C
+MGgv1umC0k23Vo6dmUfgWVWJMhZHxrBw+gNxDc/e8SzPaXTABXYrPgkgNtJjt3kD
+mw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGgjCCBGqgAwIBAgIQRg+obTrrnzwP9vfsJyy4CzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE0MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjCB4TELMAkGA1UEBhMCSU4xEjAQBgNV
+BAgTCUthcm5hdGFrYTESMBAGA1UEBxMJQmVuZ2FsdXJ1MSUwIwYDVQQKExxlTXVk
+aHJhIFRlY2hub2xvZ2llcyBMaW1pdGVkMUgwRgYDVQQLEz9Db250cm9sbGVkIGJ5
+IFNlY3RpZ28gZXhjbHVzaXZlbHkgZm9yIGVNdWRocmEgVGVjaG5vbG9naWVzIEx0
+ZC4xOTA3BgNVBAMTMGVNdWRocmEgUlNBIEV4dGVuZGVkIFZhbGlkYXRpb24gU2Vj
+dXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0y
+SmZmqlCEDCu6mRA7oMQDLjld+rfr64b2HfFFvzHzGzsUWs0fJBQvnpPt9Ia/INPk
+9EzW4I+/y3KicJl3b38yhmJlQA0o0ZhfRCHPl0GOjmUQnhkAxPLS6/XLUc1I8uKJ
+5P5SWttDTn5z8Xgxm0BCsh+RJyhwyDkrG4ebe7X+FM88elnqQotr2fRw2Qef3QLL
+a3z5h5pvEPNAWkSZ9TnKr4N1hBPyfCMtlT158e3FViWSTuwaAKR9dcVfzJvx5MpI
+SuL46utA1N2IwR9guxb9NmA/WB1WHjEqH0gWfwDv00JaBeIwdXpp3g3pJq0dWTUu
+OII9FAldrAwFkYKWXbECAwEAAaOCAYswggGHMB8GA1UdIwQYMBaAFFN5v1qqK0rP
+VIDh2JvAnfKyA2bLMB0GA1UdDgQWBBRfte7ROKAfMw+xwWpUW4j3vsYRTzAOBgNV
+HQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEW
+F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6
+Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0
+aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9j
+cnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggr
+BgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwF
+AAOCAgEAfxV9Agv0mnC0zmnxceMNXNXNA7TcVEs05D2HPGJKpdjJ0aYQPS/F7qqt
+b2y8m2BfsfvSM42vYgslVF7tLu4BAwJDkIte7z111p6GqZzaiqEByFMMw+YWyJ1P
+RJEQdWX0yo/bcUF7hb+LVAsqtXs0XLyX1gGOXi2IdQp4qLIgjmMdsUEctPVlwjNZ
+8o8vg1iSzkF/CIDjvgQtRIylyTCxXubYwzpt0JXhfq5PdPpdPF6DnVh7K1t5SwZC
+hCd/Eno7IG+X2zLn/NtxG66B1JiKzO4Se+slwwF6zZwkh9TMjsSY/i8gRROGoGUr
+V48qpg9OuXLuvg4bgimhn6mc+wNHtXeMiKNN5k6EBJKf+soHndqmVc4c0K4ZSscn
+0rGUvr7vHXn4RsZB0+NMKG73KhzbVZGcv9kVp/WBQEHSjW9NmHWRfgECBQcXk8p3
+Rji65Fn9UXv0rAcEIg5dxdMbRgvldpRyJ1I03+fL4XXrPAcJo0ovyC2g1QA3amSx
++DL8i5Sc9rtFL+l4bsx5u0biEZa8IBcsghRcbN8EuMPoUEdoy0kGNnrDTKX1orfW
+aZ8q1FWBOMgXARB1bCfSM0PtZWAg0vONB4YxB2DqJ7b+gtyjb41Vl45PPqIsuv9Y
+HPLMt8/11wCzaj/GR/1jluePMpkrIi9Gy1VX/g1qbKNyL6LVl6U=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGITCCBAmgAwIBAgIRAMhZ0MPThi9M/t4T5ZkofcEwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDUxNDAwMDAwMFoXDTI5MDUxMzIzNTk1OVowgZUxCzAJBgNVBAYTAklOMRIwEAYD
+VQQIEwlLYXJuYXRha2ExEjAQBgNVBAcTCUJlbmdhbHVydTElMCMGA1UEChMcZU11
+ZGhyYSBUZWNobm9sb2dpZXMgTGltaXRlZDE3MDUGA1UEAxMuZU11ZGhyYSBSU0Eg
+RG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAJ5Q3+baibM43SsvMwraU0BPANsORz3RtLNSw4hG
+FQUgrrPYhmYVwmVmfCIodJLuvhS8tKinwXFF+J5ppNbXCMloKgfdpCGKdg1lZuu/
+wAbfzlWwfYLfFThN91NyXNsvVWh2PVIpMSpFO2zxUdrMkdT4PMCuAB6Ro6Lr/h4W
+SSL7dz6OcnCKcNAEIIzZfOCkPMdlgJt8xldvKfbK90JEH75wgvIMuCreBYBkbr+k
+hOVSfUoEhBuWI15jQFbgMmE/6ydsTjo/s5CkwnXaiQJiLZRE+2oduyqefvc/liNr
+AobmCX6YsR3bgi5w84548rMDNMxAaxXdcrZaP4Mgx3k8iskCAwEAAaOCAXUwggFx
+MB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTqFxwA
+Ef4yQ6LAUzqjA4rKsAQSiTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTAN
+BgsrBgEEAbIxAQICRDAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov
+L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRo
+b3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2Ny
+dC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsG
+AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUA
+A4ICAQByPjPgwX/+uJPwlZgOiRqIoGUgwhP2hS+PmMBYGRXZfJo7Wxl91c9WBtJS
+1a0GT4rYZX1n6LPE6Tr1H7KnNvgoCMy6UX/Wd8RLbGbQ6mo/3XVjD5K5t0ISgxIR
+GKHoxrIWX5dcTl3RkWcacQL4tMfQMDe8BqENR4ILmn6t41FXg3VR3+gUW8n7HAPL
+K2LRVDkApzOA0YPjzuWFoMSU75sHHUeivjcxjjgMI9RYx5NByEudiZB6hOfxPE2W
+ea1OpEno6fEmpsmIKotEpR+oE3FisBk/8QxMCf2m5GWD/pQ211JSQP4JdH0M70Ly
+k+vWhqS/HRnvhNGmwq6ixW+k12VKPkymRI/DbpJkt7JpXEDdmZR8NxIpfE7MXvLH
+hclk5bu9wbtCNwv/Uq6QisS1JPJTGR2yPIA6cDdNCI34wrVVIzcE4oSU0AOhuc98
+RFkFk6OUnRZS2yOScFu4Wp7MH718R6o+DbRq90pGZRAldFRnZ9holWweXv96IClR
+xwpp3gfSRMrMDsmx+LMJtJkZuQa0iMI7Gt/fXPC/ESCCgahsdv0P9kwz21rzGkn3
+47YuytCXW+R0gq2secYCxQV1yej2G80Nr4+55tg/YNLyQw53Pxchkg3j4uX4O+6h
+tMay3VHE11WT0helc0vwdEwj21QYyzojzj66nn2u1h5pqgegRw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGJjCCBA6gAwIBAgIQdP5LjXnvPRqOhThLV2tzqjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE0MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjCBmzELMAkGA1UEBhMCSU4xEjAQBgNV
+BAgTCUthcm5hdGFrYTESMBAGA1UEBxMJQmVuZ2FsdXJ1MSUwIwYDVQQKExxlTXVk
+aHJhIFRlY2hub2xvZ2llcyBMaW1pdGVkMT0wOwYDVQQDEzRlTXVkaHJhIFJTQSBP
+cmdhbml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozwI5ZvXh7jtCPeVITk8cetIU969ZG7R
+SkEjpV7wvo9Sb5Yl0H7iYqNsUBepgj6SexoH6OdOaG6OPF5/lOvPZRvQFQAJt4S1
+D9iUFA1ByTjGTTA0r2fH4ANgLkFwjp4PTcNMUdE74Wv21Pi6bjv74vAhYKIDqCmt
+d/vuZf4Q9N0lEjRGEqU0/dvvXJhb/cONAKoiqZj1K6+SYm5drSVnoMPsbuN+ajS5
+Zoks8pFf+q1CeCRybcf8fyrAiecjR8Yyuh7uPPjfV4vJmtog4HHIKjtiXp4yrcrr
+tvHWL1rlSi6NKlc1Do8+Qdfb6o3aknWINouDKPZYwvLxiou/L6eH9wIDAQABo4IB
+dTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYE
+FDI/V/IFSwlukRHDgdjlyK8NorUrMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAE
+GzAZMA0GCysGAQQBsjEBAgJEMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BBhj9o
+dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlv
+bkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRw
+Oi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQw
+JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN
+AQEMBQADggIBAGdFrqpDqCnK+7W9bEDZczvr4Q9iV9ow46FYAA47oaBAPKIHyPA4
+bQ5T1zeqNdEYaHQLTea80q1i06s2I4/fL0SjqveaU2xRvqusNvrrZPnEDLFAykUI
+jWqP50PuyxtZ6VrfIze76VhyubSkUVV3rcLAKzLddb6Ubo8Xk/oRcCJ70S0PlOoG
+O5e+Vxi8goCQ989XrvuDZ93PKAknwkmkjKh2996DA8dETbYqqGJ14536h19hr0H8
+XaMVU+k0O8QM+W/hdUPcS9ydVFRdElzAsspCPZ0ga5I4vPX5ezr/J4evhFbslaAA
+0T6Kuby1yoNAz6YyxnSreS8mjWAGyksDTAhoVO9rXtEVP7NdPYbsP7m8+ck3XFX0
+uZQJviyjpW79EPzUluldCHStl1/rDst9guDdaFFdx90JDEUttVMkNiOFIXst3wCh
+2NF57GsaTULblfNCvwODaio+HFofXUEIn+YO26kiWA83Tf7r9Ic/ld5wd1iNOMul
+p22li5jjaM+f8oq8O1rfVNY2zlPrnELf2MIzws3+M+EC5hzIyTuqPQLnVYufqiHn
+1EVX8UR2kmzuDDlkB/DoimBBSgeQWHMHhLEEVgXygLSmYKoNQu9urohxBup/szf4
+llerzaQlH2dtqftG0LcsGaxTHCtCK18wRSHHg6goJQ8/sNf64fu3ulWD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGITCCBAmgAwIBAgIRAKmACTC3v27Hsi7W7gwvye0wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDUxNDAwMDAwMFoXDTI5MDUxMzIzNTk1OVowgZUxCzAJBgNVBAYTAk1BMRIwEAYD
+VQQIEwlNYXJyYWtlY2gxEjAQBgNVBAcTCU1hcnJha2VjaDEfMB0GA1UEChMWR2Vu
+aW91cyBDb21tdW5pY2F0aW9uczE9MDsGA1UEAxM0R0VOSU9VUyBSU0EgT3JnYW5p
+emF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMewZg78IGm7S7/LWbMLjHvpC+yXdfqytljtxTad
+gxCCsyNvlL6sM/m1vGUer/1EUgdOUoFAQMkaKtSqzjE7sVMGPprUsk4vkkO04evf
+IS0k19uUTVOZcnsik2UVAgAmfWpdIk9cL285okCUsmyVPbtaJtBA0VU70hBunfwR
+HCn+yBzcd5zQBuZVRETsBjvs1A1zQ00CZplh+p7BlA6ghGhE1w0WbQDVfYuPnfGh
++6+qkMhZApJVb63MopGfqz5DaUiuZ4CismUH2V7bPPfxrVdnyWYZ49/R1qh7AdR+
+rErXzXEn/IEYCeXSl7CCmH0ndg5gb4IrdeVYkE+Id8pyoXcCAwEAAaOCAXUwggFx
+MB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBT2N1IE
+J08rxBTHCv7+f2ImdiDjJDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTAN
+BgsrBgEEAbIxAQICQzAIBgZngQwBAgIwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov
+L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRo
+b3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2Ny
+dC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsG
+AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUA
+A4ICAQBwLjbs92ghbaaoHxs8sa2TGxUUwbs3773zsoH9gQh5iavC4ErWw6nJ9Xi8
+OgpCxLkzwinXsibLfrjPNZ6bX0D+2lOvAz9APrNZRy+gaynxBxCj3rB9xqqtr5tD
+i8BlHpS6G8aBA8AH5l1aEfhbu+uJNpI5HvzPk14wdiCF6QV1Pjv3oSK47+5br2Zk
+LeMN5P/VBWB6eEUkHEmRDRRTjfO1cmMQiSPS0t+dfJynezWnsbw9roFuLRSOcl+H
+d0cv7V53ivk/yhiSHAsK9YQLTNcVYDzjEeCKf9vEQ6TzAS8JNbgqlOzxYgf8jFzC
+pbHxwluio7dfXf8XMkIWV2d+jq1RamqyG380irimKFkTPdUwZAQNBk9yW9OLQYjE
+vuHVTuIfLtTeOZpZp3Ak2rbZ7LvCJDQc9ydFznOAaElCkODGhI3zeTWBzFPfTFD2
+hjdH4DU7oAalKzuxnnS3CWN1ji1ffikossHss9s+q6TN6Jpc+Z7rKUtSpG/PW9Um
+AJtpwQeqP8IReeUJsgYW6Mo48dDLeHMAn4QeQcHtZM7FzPJlr01zm6pxCN+9uydd
+fia9KG3z6PC7FqKKjiG+TTuJePvrz3gJrcxM4x4nKN0TIdqUeBpm9eryO1s7Ay7k
+1qCizfLztXU5Nx80TtHDr0FWWPqXU7qOV2bU+DKPI/aa9+Ct3w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEFTCCA5ygAwIBAgIQc7eBuodoQq4ZLBCoebdtOzAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwNTE0
+MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjCB4TELMAkGA1UEBhMCSU4xEjAQBgNVBAgT
+CUthcm5hdGFrYTESMBAGA1UEBxMJQmVuZ2FsdXJ1MSUwIwYDVQQKExxlTXVkaHJh
+IFRlY2hub2xvZ2llcyBMaW1pdGVkMUgwRgYDVQQLEz9Db250cm9sbGVkIGJ5IFNl
+Y3RpZ28gZXhjbHVzaXZlbHkgZm9yIGVNdWRocmEgVGVjaG5vbG9naWVzIEx0ZC4x
+OTA3BgNVBAMTMGVNdWRocmEgRUNDIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VjdXJl
+IFNlcnZlciBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMnEGRJJ5H0EtRZo
+K4Z11VnnVUkp5fWhA2KTTP4uartBlUhexc4CQBtuQuzmzC3AaKYdneEFyNEfKoV2
+1RC0PLSjggGLMIIBhzAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAd
+BgNVHQ4EFgQUZ8OvqmQ3XSmUlZ9sr/r/Fbgt4hUwDgYDVR0PAQH/BAQDAgGGMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3Rp
+Z28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVz
+dC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYI
+KwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5j
+b20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
+Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDZwAwZAIwSBDMIR5EixwE
+ldTPg/2tVWHfnHgbWbuUdNkwe9M48rmCTikcF1cZZwSTVVddEPxSAjB6Mcw+YUfr
+8ovpmo7gheUEqeTRxStFzM2eEc1xTdjJtpUzu+5jAchK05SNGPWP990=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGGzCCBAOgAwIBAgIRAOYHB6hw5U5b67oi5v8ZeUUwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDUxNDAwMDAwMFoXDTI5MDUxMzIzNTk1OVowgY8xCzAJBgNVBAYTAk1BMRIwEAYD
+VQQIEwlNYXJyYWtlY2gxEjAQBgNVBAcTCU1hcnJha2VjaDEfMB0GA1UEChMWR2Vu
+aW91cyBDb21tdW5pY2F0aW9uczE3MDUGA1UEAxMuR0VOSU9VUyBSU0EgRG9tYWlu
+IFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAJjZ6C5IvizOoKSf/r/vny0F/OLL0trYx+StVh6EoLfRw3Gp
+3n8kTDnc1lBXhNVoSLOnsEk2+rII4GDV81r1dglG+6nHvnAflV2n9Xm0GIIrXK/x
+j1kbviEm0fXyF9MI4v+UGND3zjocZ4oiMHo7phiL1lkOZ+uKnQHNq6GrKxJkKFFs
+LCY6VStfcQwWA0IGiKfmGNtbbVjp9ar8sJS2Cr3Ns0NmRUFJEwjAXUy61YU9q6k9
+TDCNgLaMttfn3MQt8Axjgt/5+2FwH4mlTst3fzLloOmACjzZLyH8589nb6hzC9+F
+aZzJ5uyLlaDa59calgSW1ESXW/PwBMt953yDHAECAwEAAaOCAXUwggFxMB8GA1Ud
+IwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTGLIQsbLlWLNtG
+lCBKqz//TZU/zzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEE
+AbIxAQICQzAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51
+c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHku
+Y3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2Vy
+dHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzAB
+hhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBz
+AokQeJrfaKuwqDW1sIE1D7NiHSKCi3d/z4BmFkp7HaI/BhJleQARfT+R8/K4KJ0K
+KI14DvPsplBC2beAJZh+iu5UVHkycSDDez3wRXNlY8TvC2Xwqd1ITi3x2lw/qoiB
+/6Ky1uXCOe6xmMXOFEN9b8Re6Bx8FNa3gZSO3UWpqMAl7vqpzG6qri/Bfn6TsoT3
+kHs8duNz7LjxA4bD6YfxHSzyqUtUHc/XhR3qkCdzwuwNrMI0kqIdOu2eStMS0vpw
+SBuOjD3CCbnixMOqNIGKpULsyWU5g0rFo5fXyRxxeQ9kQWyoYmce1r18bcd3hDzA
+kR4eTM9WD3qQA5LAb7QJBb2q1rk3nwJP+hjhiBH79hOq7kzW9aAY0hO6RFc396eO
+YkyycPMp4o0XzgTGAhPULUfiSfii0+STx16UNVZTrW0bAhhMDZ/xBweqdXHUPgT4
+4NODSxscYQrfsYfVeP24vlJz3NLTqEtZxYFVZVZ0KC/haRWe9HfuGf1a6iWJvTyD
+F+lsvsuwXVdE5ami2JYXmJ5GrBylXUDR1GA1XLfX7/17bazBN0chfjmtxw1EVs0T
+hCVQUCtEUJ0i505tQZDI4Fs6qg5YruhryXhxikrmkrqoVFJ9/o+7AtswBlF6kTXj
+bY5oA7WUYU2KE0201GADsEQRdByZpw9d2BrUf1qinw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDtjCCAzugAwIBAgIRAPuIGDnQA+BV/SKHCuqBSS0wCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDUx
+NDAwMDAwMFoXDTI5MDUxMzIzNTk1OVowgZUxCzAJBgNVBAYTAk1BMRIwEAYDVQQI
+EwlNYXJyYWtlY2gxEjAQBgNVBAcTCU1hcnJha2VjaDEfMB0GA1UEChMWR2VuaW91
+cyBDb21tdW5pY2F0aW9uczE9MDsGA1UEAxM0R0VOSU9VUyBFQ0MgT3JnYW5pemF0
+aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTBZMBMGByqGSM49AgEGCCqG
+SM49AwEHA0IABMlpgvJccswExPp7T4yxYnrABWSzhDMp+cN/TPhVyepOiVPtSFzv
+xQBkkC98i1LwhK9NI4AlYeflJft8FwYp07mjggF1MIIBcTAfBgNVHSMEGDAWgBQ6
+4QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUtlex3NhwQFAgiuBxUc6Z8/dm
+uewwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAkMw
+CAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2Bggr
+BgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNv
+bS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDov
+L29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNpADBmAjEAvXqlnMtBRehp
+TKLJh7CMkwRUIYQa7Xbk4EmcwEbQ+b6jQFiQlZ5iAXtLTXmZKxdRAjEAu3pWR6fL
+I/+Sbi7IljvzS3LCIkWna7HdfJML5V+RrebSLmNdckpRbvR/bgqTdIbh
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+TCCA+GgAwIBAgIQWzEQA7DgZglnbSWDE/U7GTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE0MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjBvMQswCQYDVQQGEwJVUzEQMA4GA1UE
+CBMHQXJpem9uYTEQMA4GA1UEBxMHUGhvZW5peDERMA8GA1UEChMIU1NMcy5jb20x
+KTAnBgNVBAMTIFNTTHMuY29tIFJTQSBEViBTZWN1cmUgU2VydmVyIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSF+WlVtLRrE7jj8BUgZbPv6wSec
+te0alHaKXWHrWq2z1xJbeN/+b0sqy2MLZiRdF9XWfANHSULAe0mGfbb1WQR1wgoU
+bRKJXEWiFqeNd3kmWqS/r72/z9maOh7hc6B53Nw09I2FDuXpzqVWtyZRmviCDPlT
+RJAMcoO8Es6Vd4XsnWTDQFjWFhIslPQ1DIvkgs55xVc1giO+tUsPNsoSz+ZD4Xtz
+TPh+ajgVX66xH1hyd4f24VvKoUocA8rpsx04Ju3y+HurjFFuUjesz5HCpW7+JJFF
+p/IUBi/99gF++7lt8pqvSpearw0SKJD9g6CZ24M4TLti1yows6/SVjx4LwIDAQAB
+o4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFK8mzOFowxVer/9SPBYqEPfLVa+kMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV
+HSAEGzAZMA0GCysGAQQBsjEBAgJCMAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBAAksnMBFmGGMcfCTH8NxwwU1p1uv3sg4RZhqsHSXoJspLAOY
+h+P0jSVbDF9vLe0Wrh9DulpfecJ4xzzNSglCADf+mNZ3TSvR4/b+914udNgtrSH0
+7jUbgEKOhNafx+PgWluZ98MfX+o2IBrFqbxMmyID6X5IiSynaAHfsj99zkHYtVBp
+DhES1g4CyUcTZixNIhs7hxPyJMpI97EFwVM2La8zQqpyzexJsy/gChQJGK0scr8X
+wDxZP2C73cpN4aLrZFDpY2GQCu8GGWhRsc6w7qoGrevbAaUsJu3Fr5PZH4B3FrGZ
+4MN27W6SWDcE1speK/Bd1gpe0xtguXNiUca4PmNqU2FrWLGRtYn71Kwo4oEG+qYE
+NgVcTeeu0kHV0RuJj64b4zFTGRSxILUsTMmuY+kLjl/Vf5EunryP0lXULipUss7A
+j7Sbua68kDNOAO7Rqd6+fJzLb2vHR0pMymB06kp5cQlaeMMBmW/1DegDKuG59AOz
+43ak7KjQhVXhpvtf+NTwOxSY188T/lNr/u6sLbH6F/H/r+29ovxjnAyQnbQpBX9+
+DhqYb1XpF7ZUB5ABp4vrlU8Ln6WLFLBnqKTq+ldedCvPsbAkGkGhEkd9hEmOE3qG
+O8Pm/A+MNAR8FQoL0IlL7Xih9R4JlvKv1lzW1KIliUvtUM7hELsUiULzRG7E
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDujCCA0CgAwIBAgIQCAo74kqt6NzbaBGi+KaqoTAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwNTE0
+MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjCBmzELMAkGA1UEBhMCSU4xEjAQBgNVBAgT
+CUthcm5hdGFrYTESMBAGA1UEBxMJQmVuZ2FsdXJ1MSUwIwYDVQQKExxlTXVkaHJh
+IFRlY2hub2xvZ2llcyBMaW1pdGVkMT0wOwYDVQQDEzRlTXVkaHJhIEVDQyBPcmdh
+bml6YXRpb24gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMFkwEwYHKoZIzj0C
+AQYIKoZIzj0DAQcDQgAEMLtSZLCWoiDKYPu2P8R3STfg4UnZ7vXHr3LnhOQ06Q/h
+UGteTs2KL3fqUmtt376Mxz+TiSO6g3/8JZ4MRpjA+6OCAXUwggFxMB8GA1UdIwQY
+MBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBRr/uyjxSPPY0bNHZOp
+7rjcVSc7bDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIx
+AQICRDAIBgZngQwBAgIwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2Vy
+dHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3Js
+MHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1
+c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlo
+dHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMQCQSs62
+GiWqChUtLtHozN7ZXgsYStzsOvBuhDxpFzdDAsuQJzXkDvjkSc4O9RV4yZ8CMDy1
+2ONYXNfqE1B2sbVa61vvAT+z0/COSG0mPpJ8FslfUsj3UdQDbeK+4aTOXIaxpg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjzCCAxSgAwIBAgIRAIQ4lT4lti2S//qNhbDsxvIwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDUx
+NDAwMDAwMFoXDTI5MDUxMzIzNTk1OVowbzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT
+B0FyaXpvbmExEDAOBgNVBAcTB1Bob2VuaXgxETAPBgNVBAoTCFNTTHMuY29tMSkw
+JwYDVQQDEyBTU0xzLmNvbSBFQ0MgRFYgU2VjdXJlIFNlcnZlciBDQTBZMBMGByqG
+SM49AgEGCCqGSM49AwEHA0IABBwm2tZSQMkM+4J9nfhs7FLPHdDz+Vg3FtyD+B68
+qSaQeAH0r1lSSV+IWM2XPY8PtkxFL4M/t+gPnaN+rQv5znCjggF1MIIBcTAfBgNV
+HSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQU8NqW/s4CW+76
+eUfgX3P+2EvWqzEwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYB
+BAGyMQECAkIwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwu
+dXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5
+LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcw
+AYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNpADBmAjEA
+kWzoJoHBbGC5Fy1kJ3Udaz+elBS+vzqg9ThyXM6vglE/OX5VlIOtpftnz2SxGYzB
+AjEAwUsZAV1/uCzNKWlzOZUrh+r7B0sS2qGPSnYbKY6Djy0eCu3uc9Fwo6UsauhS
+mNQV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEDTCCA5OgAwIBAgIQYRVw1+ci1szB4xBy7K5f0zAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwNTE0
+MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjCB2DELMAkGA1UEBhMCTUExEjAQBgNVBAgT
+CU1hcnJha2VjaDESMBAGA1UEBxMJTWFycmFrZWNoMR8wHQYDVQQKExZHZW5pb3Vz
+IENvbW11bmljYXRpb25zMUUwQwYDVQQLEzxDb250cm9sbGVkIGJ5IFNlY3RpZ28g
+ZXhjbHVzaXZlbHkgZm9yIEdlbmlvdXMgQ29tbXVuaWNhdGlvbnMxOTA3BgNVBAMT
+MEdFTklPVVMgRUNDIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
+QTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJuQbMcVOFUySZLwVH2RVHhMyaji
+duf01i2lPnRSRo8EeB3PA/iTCxNrAbSSV3vM2q+E8mg23lnZvfQgQxWlZdijggGL
+MIIBhzAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQU
+8ykCoFiwfZtOc6vyQAYJ8MV2B0IwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQx
+MC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQ
+UzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEE
+ajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy
+dXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz
+ZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaAAwZQIxAMbfoPENSVeJasuRzqRCN8eo
+ARUgP60iUWJpoAdCPVn0iV6jKOXiJdN6/FfIBudPygIwdz4Ct19E6OR2iIng+YIL
+fhEgPJMjpNV8nMYCS8qWUXenHrFZqbOyqMLvLEDufXnr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGeTCCBGGgAwIBAgIQGysB1r5py5MpaFWHaudIuTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE0MDAwMDAwWhcNMjkwNTEzMjM1OTU5WjCB2DELMAkGA1UEBhMCTUExEjAQBgNV
+BAgTCU1hcnJha2VjaDESMBAGA1UEBxMJTWFycmFrZWNoMR8wHQYDVQQKExZHZW5p
+b3VzIENvbW11bmljYXRpb25zMUUwQwYDVQQLEzxDb250cm9sbGVkIGJ5IFNlY3Rp
+Z28gZXhjbHVzaXZlbHkgZm9yIEdlbmlvdXMgQ29tbXVuaWNhdGlvbnMxOTA3BgNV
+BAMTMEdFTklPVVMgUlNBIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZl
+ciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJPhsQNus1z8pzKH
+QQchsctyMcS0gPykwXR7a4Y97u8Tl0j4FjzIJJOJgBTtnblcQ2H+X9/xk6QsByHS
+s5eXNbvG6ktqt5/zKkCh67H2DPxqprBuz50LdpDt7kgXd8/23pOCRFuUmy5Cdk/r
+OKVMb3PM/qNzucEtk2BQZ+a7Xi0iSxaXfYtBEKBEPCAwqkv4z+HGPYD+U75AZxQ+
+en9g1UW7b258DsY1oXR1Xct4bW380EUrG/59fpkGwamd/YLEctsEW0Yb7QQ/Oa2w
+VYvR/Ufp0GqL909j4cD918UFm1Uqrzx0lqmnRJdHEojEwWdfgEd60RTbt8yGC7sq
+pZw5T1ECAwEAAaOCAYswggGHMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKy
+A2bLMB0GA1UdDgQWBBS6L20V6WSrFXhsfGMgz6i1xn/b/TAOBgNVHQ8BAf8EBAMC
+AYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
+BQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8v
+c2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy
+bDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZ
+aHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEARnA6
+0lEzu1CzC75sciuUb07huIup2MH9utg8+AtrDDlam8RFqdI4QXJxMIYr4WNZluKY
+EScZ3edXfdktLyxt1Jn+RXZx5d/n01TzimiqIczwV4Yh+mP5Q6p7217UXf1txZ+t
+b4fcY0kU+O6waiytesh56INrmv/zGlT4r/rGIfct+sTUt/naBwvyY8WLg32RGnTI
+l1+dypktHH8Ru6fxWGrzqoJ1s28AqLiDGfY8jlTnoGGP50oaRKVxjpyIWgLLDkYL
+0qL9CRyQYQFZZqheUm64RwERlQVY99AbhGLXnYAL62aqWUAvz9U/rqxchuT27pu7
+FTmPX3rEjamSrSa3OvH7wssHUSm//gi/teSjfaMudd/xWOrPXqYUa26DcBUY8WYS
+NpFO/3FQlEdsa22x91JC122w5YoOOTYX3Mq07ECm8CnQWN5UbFChq7rekDhiFUhc
+5A88KOggH/SSljMMleEgwuxPa1SohKn8BN4OBkIHVjCzDfn0vZ/J6nhf3oV3ZfDU
+PeIPlWDAS9STeFa04QbySSORBtcNPNoAf0WMVUeCgL64GVOvjqyVUtqYHAEquhlP
+3wxlRlYaKtqrKkdHRmztipq8wI8qXMQc9xeZweqkDdF6JbfnoRDLN46cVhSqRpV4
+TkjKPAip9O/6B5MzvqkX4pdiJRZ8csg47HA27gQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID8jCCA3mgAwIBAgIRAKU5F5+erP55mwM4vMCN0BcwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDUx
+NTAwMDAwMFoXDTI5MDUxNDIzNTk1OVowgb0xCzAJBgNVBAYTAkpQMQ4wDAYDVQQI
+EwVUb2t5bzETMBEGA1UEBxMKU2hpYnV5YS1rdTEUMBIGA1UEChMLTmlqaW1vIEsu
+Sy4xOjA4BgNVBAsTMUNvbnRyb2xsZWQgYnkgU2VjdGlnbyBleGNsdXNpdmVseSBm
+b3IgTmlqaW1vIEsuSy4xNzA1BgNVBAMTLkZ1amlTU0wgRUNDIEV4dGVuZGVkIFZh
+bGlkYXRpb24gU2VjdXJlIFNpdGUgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
+AATdax7xXNc7pEJ8AHpy9CjyHI922ZKU4CjaweRR/CERsCawni5Epsm90nwvpUVe
+ObQgl0klGZ+t5e6NlLBNDocbo4IBizCCAYcwHwYDVR0jBBgwFoAUOuEJhtTPGcKW
+dnRJdtzgNcZjY5owHQYDVR0OBBYEFDPvSikW3VMnUVHdDhFP8xLjEefqMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYX
+aHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov
+L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRo
+b3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2Ny
+dC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsG
+AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2cA
+MGQCMCmt2SfVntwP0c0iH8UCZm+6SFoaeKknv+ibXG0onw2E33FhFnjKg69wDlqh
+iOgi5gIwZI1tbO0u5tk6UQ2jaBYx6Qg4uSl424ClDziMtQ/0uaQdq5+Wj3rZeijN
+aYaNtj3L
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGATCCA+mgAwIBAgIQQ1Y2Hui1hl/YHBDQI9jXBjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE1MDAwMDAwWhcNMjkwNTE0MjM1OTU5WjB3MQswCQYDVQQGEwJKUDEOMAwGA1UE
+CBMFVG9reW8xEzARBgNVBAcTClNoaWJ1eWEta3UxFDASBgNVBAoTC05pamltbyBL
+LksuMS0wKwYDVQQDEyRGdWppU1NMIFNIQTIgQnVzaW5lc3MgU2VjdXJlIFNpdGUg
+Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5GZdVPaJBmLwQmzIL
+kJBKaf+ELa+bw3n2MFmBjWfAu/Byi2+YFSdSTRCw5s7aT9cxkCo0olYzBqQ8el2y
+qCkSs3UL83l2CM3j4sZdkzXKVxMSt/QD+zp7wHvKwAwuas8lYFaIvsMnDkgOfdzz
+DnIJUqy4CzISkBGWW3H/9tpk+mPDuN3ms7L9E41bcj1D+PjEzjYdx+Nuu6cZ1ql8
+dzYhZbDKaSPiukRYfOAssWoH/5iH+J8E/Wq2cxylDkzN9Sq9p38FhjwSqHqh68mw
+WI3W8as29LfPdw71MSKE3Brb5rHRFw6cGdasdfdjHXch+nOn8Dh8gOh+71aR84sH
+Jy4dAgMBAAGjggF1MIIBcTAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNm
+yzAdBgNVHQ4EFgQUatIg7ZOCCXFZePYMohe32a2IQsUwDgYDVR0PAQH/BAQDAgGG
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAkUwCAYGZ4EMAQICMFAGA1UdHwRJ
+MEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FD
+ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYB
+BQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRU
+cnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNv
+bTANBgkqhkiG9w0BAQwFAAOCAgEAYEcvy3r2pdzsbBV4t2JCKYA88IU4FBd6C4+m
+J7Aoiij8roq/U/pneFFHU4YMca9JMpXJA364EquizZiu9cZrXNsWg8fe3PaqJ79h
+ONE1xlm9WgPxcU7HljnskmS4eWbkwTCMwVnYLIYNpnCurKkjcPq3jtOVBzwM4erb
+ihunZwq5yzkuB1lq8PrkfITpVPsuH77OR/upWQXH1xja8B/l/O81uGFv7otZFuNg
+zjvpe7D73Ld8ZogvKnJIaLDSlCq40gGg4vxq1MxI1LvR2NTFczyM8PGM0jezzSDp
+t9wMs7PqIpwyXRfwN6WRaq4hGJ1zHQoiS81+Ev4lqGaGGTOLyRck0vNqCuA388bL
+d9duZjFN3AIO2bcWT/uOrMxqOaCcSZxU+MDZ6WR5RsOluWFmrqq67GgrMMjM/G/Y
+DYPB0Sy1ZzxTC/lmiCVnNoSaGvvdLkpjdap69PEg1mTWNfDj45cACp6LUvOtg21/
+M/2nD0f86Yx774cJMFLWPAmZNn2FYQen4ObjNjjIOZKH3h9cgngo4zjjEy3WEp8u
+8zWJ/oJXxO59ItE8/HS8SRNIQMfWqVWKOlj0DqBA2UQj0S6oA1dcb26bdePmHhuM
+Ah83vqIulSmKxf4WcML8vVb5D6TJ+M3V1487mzRX5duH9ibi1/8dLZNp0yNdHCzj
+R3M45NM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDlTCCAxugAwIBAgIRAM6v1roElFdoBhudWGtNQOwwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDUx
+NTAwMDAwMFoXDTI5MDUxNDIzNTk1OVowdjELMAkGA1UEBhMCSlAxDjAMBgNVBAgT
+BVRva3lvMRMwEQYDVQQHEwpTaGlidXlhLWt1MRQwEgYDVQQKEwtOaWppbW8gSy5L
+LjEsMCoGA1UEAxMjRnVqaVNTTCBFQ0MgQnVzaW5lc3MgU2VjdXJlIFNpdGUgQ0Ew
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASCmnDOA/tAbxvjWlg/RvpT1Rn+Jq2N
+F+pmNsaZQ/dCuCm4MLpJ7JkOwGgtM4JPjDPxxOjCZLyCHRDB6Q+yIVZfo4IBdTCC
+AXEwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFEmD
+W5ahM4vGvN++5U5jZ6M6T5igMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAG
+AQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZ
+MA0GCysGAQQBsjEBAgJFMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRw
+Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1
+dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8v
+Y3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYI
+KwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMD
+aAAwZQIwF1FaGTAqj6WSUNbknVT97ouNkVH3Sw6thEX6peEBAYVxlAa/VaSSRIR/
+7BX/lXy2AjEA2VLy9cCrER1UTfucPlUDL1D8SlGHICYdpm3ESXuJn9JbMgCcbGmp
+iM+/J4RZ59EA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFaDCCBFCgAwIBAgIQdR4+54VB4tfq7ONxbGDjnjANBgkqhkiG9w0BAQsFADBj
+MQswCQYDVQQGEwJCRTEVMBMGA1UECxMMVHJ1c3RlZCBSb290MRkwFwYDVQQKExBH
+bG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlUcnVzdGVkIFJvb3QgQ0EgU0hBMjU2
+IEcyMB4XDTE5MDUxNTAwMDAwMFoXDTI2MDUxNTAwMDAwMFowgbwxCzAJBgNVBAYT
+AkJSMTEwLwYDVQQKEyhSZWRlIE5hY2lvbmFsIGRlIEVuc2lubyBlIFBlc3F1aXNh
+IC0gUk5QMSQwIgYDVQQLExtHZXJlbmNpYSBkZSBTZXJ2aWNvcyAoR1NlcikxFzAV
+BgNVBAcTDlJpbyBkZSBKYW5laXJvMRcwFQYDVQQIEw5SaW8gZGUgSmFuZWlybzEi
+MCAGA1UEAxMZUk5QIElDUEVkdSBPViBTU0wgQ0EgMjAxOTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKXy0aVSFMG4AXgSL5oDnUPqls7zPa1Fuik4KqTf
+STaz1Q7ucOLl++mgy+a0QsNCgunY3fXTwWmKMZABj4+K5OCzyNIuaAZdG7VN4+eu
+IWrHS6MDycpR31R/oz7Rle0bxv7mvEUBXoP/UIicYuM3jerIVCg6MsfvA9Zf96wW
++Ay5wEmmGwhmNLSTULwKFLYzrxNoirAfgSFqOveSE4tjrpFuIuZYj/E587tpT14s
+PklK8iuQmbfe32JdsZ9kUKgAOjTnaFH3S1xaKAYsHHlOAlcond2TDneTAdU1B6fv
+fKHc8lWcGL1luzagXy8otoMTjLLAIMusMeGLKchPwUvHyrcCAwEAAaOCAbwwggG4
+MA4GA1UdDwEB/wQEAwIBhjAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIG
+CCsGAQUFBwMJMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFKswxwcoS8t6
+jlv+YWn31HqyhZtIMB8GA1UdIwQYMBaAFMhjmwhpVMKYyNnN4zO3UF74yQGbMIGN
+BggrBgEFBQcBAQSBgDB+MDcGCCsGAQUFBzABhitodHRwOi8vb2NzcDIuZ2xvYmFs
+c2lnbi5jb20vdHJ1c3Ryb290c2hhMmcyMEMGCCsGAQUFBzAChjdodHRwOi8vc2Vj
+dXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC90cnVzdHJvb3RzaGEyZzIuY3J0MEEG
+A1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vZ3MvdHJ1
+c3Ryb290c2hhMmcyLmNybDBWBgNVHSAETzBNMEEGCSsGAQQBoDIBFDA0MDIGCCsG
+AQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAI
+BgZngQwBAgIwDQYJKoZIhvcNAQELBQADggEBALoshiuq7NiX6GqigqN8pLfvz/ft
+29m6mEpkxzYZlyPIcsK5Vek4VNrucAhhttPl3HF85pNMDWICjpev4DwlQSs6q+H7
+fJG8we0PPIJyhVtYMTFbSZz8G7NQcuCeSeLlOjEkAWWLR0F/lhOTktURLoA3q6//
+lkkwEjOoQekpqI3RmmIMinWinIryzFim9P91ACY6O1oBi+kknw9V9vXHFyjnir6K
+729SJNjPshaIQ9OU8oTV7d88cXX5mPUDq6bac8Lql5jx+z7t2k/89x7E9IO9IpQY
+iSJjL2nmcKMip1/pHy1UOgI5UDQkouw8VCpi/TwwxybTPJIFOWPHt7GdN7o=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF/zCCA+egAwIBAgIQCqWJe6uP9goE9nLhzV6r4DANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE1MDAwMDAwWhcNMjkwNTE0MjM1OTU5WjB1MQswCQYDVQQGEwJKUDEOMAwGA1UE
+CBMFVG9reW8xEzARBgNVBAcTClNoaWJ1eWEta3UxFDASBgNVBAoTC05pamltbyBL
+LksuMSswKQYDVQQDEyJGdWppU1NMIFNIQTIgRG9tYWluIFNlY3VyZSBTaXRlIENB
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVQzLtT3QQenCP1eqeK5
+H7VX6xX5sGGQI3ZG7J3q1zPV8NJHUfsfTiZHC2LRGiTGQ5G5dvHo287z7iCX7U1o
+ohC0JiAeTAC0FRWUVcprY6ElkOcfX+KYO60BOABXWMFBN4cVCYq/U6VT6Zbwi60b
+MCcYtO7SL6AgyjBH1U5VyKA9GhCb/rmoxv86UgO+c72E1tCPqBa+Kb+XJKIjWTvi
+y+kuN+o8imkTT0B/cO2mNDLbXewsbIfF2idJ6N5LVIbceeKoC4MIauCUOPPYm/3Y
+tPayYxMFRkNkZRgpBOMibb+e3X97GuSCt6Y5DGsF6suai2L9NgOQCiVj6zt2Xqj4
+dwIDAQABo4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZssw
+HQYDVR0OBBYEFOYiQE+kUKl6LZM5Ua+ynXM288GwMA4GA1UdDwEB/wQEAwIBhjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgJFMAgGBmeBDAECATBQBgNVHR8ESTBH
+MEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2Vy
+dGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUF
+BzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1
+c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20w
+DQYJKoZIhvcNAQEMBQADggIBAH7zVueZ1KdPuTOLaoHEFpFcjguA3OtB17UpSJ7e
+jQfbTshawJVUNNAOLgFVjmvjps9X5gxYof40KboVt4pC+FFaAXMUJez0tcQAjMs9
+VCPSmSjJiPtCFHTI/bE5pZDbJmDU7pnadn3PKvtQJXQokw8x68hjoJUX44BFXwLk
+Du+VCRln3ScPBDZcZ5FgZJ8ZUnSsxKLd5LCgwfrM85GrcJ7JCe4c3vr9FqFxI5W0
+HFr37UlMzu8ydDXGgwr9QpKE9inQ9BXlcrMdSyW0vyXdOfN0COHEFZN4A+lidfcZ
+Wj4VHbUVapT6CPHcDLZGwLHFE08RcgZ0Io7Az2DbrBtdqi1N+eFWXRiqxjnxwrzU
+uBN0XzBg1vhE/pgOQ5nYnxC49II6h6Vi4/NZFnpQP4Yd1osyAaQ5VgHCt8epBKd9
+BGDiAbfjLyokC7IMLUdeiOp+icjMEhjA4TuXP45Cg1RKd+47bNdFwa4mRtT8VAQC
+c7HYoUiDxtRV6EN927lo3kYcJzm0+J0OCxNIPe/x1qWkfwR4y2f+U61BGpeJi/75
+ei5NG3QpGzLTYOG7cNxw7ox5boPV0UVONFYkTSqjb09W/xU2pYT1UAEcKEMC3KZk
+YtSc5tWkjyr+3uBglBvzE5yJ7sC9t5XCOrww6HuH0EBvAjEjkTrMB+08p+IfnwMT
+zxT/
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCTCCA/GgAwIBAgIQMszoFbZBZn8ZU14z48d3EDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE1MDAwMDAwWhcNMjkwNTE0MjM1OTU5WjCBiDELMAkGA1UEBhMCSlAxDjAMBgNV
+BAgTBVRva3lvMRMwEQYDVQQHEwpTaGlidXlhLWt1MRQwEgYDVQQKEwtOaWppbW8g
+Sy5LLjE+MDwGA1UEAxM1RnVqaVNTTCBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9u
+IGFuZCBTZWN1cmUgRW1haWwgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCO6xMIpQRMk7n0vuGh+5gFjvfcc8ZfjBcAHrnhszDCIIA7OZ9c6Tar8ZCr
+r7Ubk/zd1R0M7KNxSd15QplSP6x/CP/FPkJrXmeowpfyS4tg7FrjCyEEj5voaWH3
+2k4/ggDJ3O31KNYr0KQiOLsKoG0oDMVGbYwbK7DGGN4TnOK11ci/LNbsxg057YZ7
+vz6sSrmsMtuKkgUCwM0eDT7+7g0g9/iuFJrLTwcw+0Fphv4ucpxQKRlthaUD9oiK
+xmgQZ4IW83EK+xKi4V3ng86VMvbrlleKBmXO1xz2HCEsnlKleAALQZ90Z/aCCPhq
+69wonfLpUMVcVY6QOLB27RriD/XlAgMBAAGjggFrMIIBZzAfBgNVHSMEGDAWgBRT
+eb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUj1oRO7CxZmG222LF5F3o8EGZ
+haswDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwIGCCsGAQUFBwMEMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAkUw
+UAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJU
+cnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGow
+aDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2Vy
+dHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBM+ibRuxYRElYP1vcsPaHJK0FA
+i5g8Q1uv9ClnSAjK6HzMZH2qQlidLIrR/MyFLlqwkeV60CVd27dvQik4ELmmvf89
+E57P/y4467TfI7Kzpe7Hg9ghZiV4qYChH4xILGOIS7Slu+LX0rjlhu8l31lb/LsL
+wirfSsy0A8Wz1ZaQquVMzeRR2GpO9Kt+UUpPiKqpLxtgl2QPgOLlmWQ95W0PpdQL
+62XQMl0ViISDgaRp8jyDqjMb3/RSZbpBYUV7uacuDtNGIealqE8C/uG1Qb3z5/Mu
+EPCyHdLhDB/pCSX8l/30C/Liv+TCHb8bQrkk109uP6hP/e4ugTr91G3oPOAJqoGz
+3dWWQfOjTAGYCY62Q3Hrx5AAQ86HwXNZ4F6lGWmTIF48TFE07To/Y+cz960s0NrN
+LjPV4de6bZz5VpM4OOYfaEubcq8XVm5UoBmscrzsnKlIKm5DrqW2MmQQiJVC+uSi
+DPPzQN+xiXzQdQyu58KaznnDhZ08fZMaNFv6jtWt3HB+eVBrgBE8Ou/mJHIthmUN
+HlEIVWSeM/oDZCptGn6VM1skHLqDD96UIvlKFIktwJMNxYC4qdzGCDT5/vCnn4bx
+7h40gDzWZix6fq7OpRzbjzY0m+tafAF8tyl7n9KI7M01wGquXVgFXyOosOOqiHnB
+u3QatcH2DryuND1qmw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkjCCAxmgAwIBAgIRAPDq184Xoxf/lmrpG+5K274wCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDUx
+NTAwMDAwMFoXDTI5MDUxNDIzNTk1OVowdDELMAkGA1UEBhMCSlAxDjAMBgNVBAgT
+BVRva3lvMRMwEQYDVQQHEwpTaGlidXlhLWt1MRQwEgYDVQQKEwtOaWppbW8gSy5L
+LjEqMCgGA1UEAxMhRnVqaVNTTCBFQ0MgRG9tYWluIFNlY3VyZSBTaXRlIENBMFkw
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEBHCK9noHaZ50RXhISD0Oyw3FuY+OY9cM
+2C2yir/Bh/kmPYPA2qNurA5kYooHFflnxeoGpKrnoDB8LWRG76txeaOCAXUwggFx
+MB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBQgLLH1
+c/2S/Cd3zXlXeNNEiZRedDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTAN
+BgsrBgEEAbIxAQICRTAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov
+L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRo
+b3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2Ny
+dC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsG
+AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2cA
+MGQCMCCQ0Rxpg5g4tVxZXcfDNkmvplAOybPWNipnju16Z24THGFeB96itKIbFxM/
+8dxNywIwfvtaRlCpZKyjY9CoP05ojtprukElfgQ/GATw782+5ThmNFDt/K2IWtiy
+K24bi4cV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGXzCCBEegAwIBAgIQcgahe04phWx47sHkChlOAzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NTE1MDAwMDAwWhcNMjkwNTE0MjM1OTU5WjCBvjELMAkGA1UEBhMCSlAxDjAMBgNV
+BAgTBVRva3lvMRMwEQYDVQQHEwpTaGlidXlhLWt1MRQwEgYDVQQKEwtOaWppbW8g
+Sy5LLjE6MDgGA1UECxMxQ29udHJvbGxlZCBieSBTZWN0aWdvIGV4Y2x1c2l2ZWx5
+IGZvciBOaWppbW8gSy5LLjE4MDYGA1UEAxMvRnVqaVNTTCBTSEEyIEV4dGVuZGVk
+IFZhbGlkYXRpb24gU2VjdXJlIFNpdGUgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCRuGAl2r7Ywgq/W8FSsyq4QtH8XdnPvBvk7UdZ/D34eF/llnTb
+mqJI89KqhI8tUNBg+iw7fErnHoU1Tya//85h/BhlfwjGjO72U8dTYjPJ4Y45GmPB
+wxdF3C8J1yUqJVGwMn7FgGn+mvuSliUneOaHqlvKw7MTKh1FO/YKYwo/hf8jiFcu
+UebC1lVwQqCt4ovAGQ40kqT/xrEAH/BPkj+FJfFoTULu4yI/55tZzMdoUgllBMkw
+CO3ZDS4NO6Iqu7kr+w0Z2lLGoM6rlqDS+SRmJjfdDbeSVUTd90qDLEcT8MkmRr05
+BQo26gXZ91iDDwl6HRSjff8cuoPP3CU31GVPAgMBAAGjggGLMIIBhzAfBgNVHSME
+GDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUuWMIGYeiC0YxOf5f
++ATPyh8aE34wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAl
+MCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBH
+MEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2Vy
+dGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUF
+BzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1
+c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20w
+DQYJKoZIhvcNAQEMBQADggIBADnS+9BkrgKK5zNCQ0a2L+oYmKCOb2ija0oXJrkR
+XHDxp8zHmQKuztLQjV2RFkLlxqBfohTk3oJI0JcI/6ivtLAyaiv1bVFj4Ns0e2Xu
+e5nn1oHHXKFEgbEV27VxCtbvbPohMISrIm8TCYCjMBdLsthSsjd+0cm4yN0CFqoA
+eEmwyzmDz0HKoJGsQ2VBpAfhkNWI6YGhojYe7ZNfe7ZAmWBR1Wt91MR8R6XInXCo
+GXORSwzAZ9XWJhxSK3SEPzhECYYopBlGjNKvrYI23jHhb3QGKzslCYejyY//ZVyW
+kvmW+/Nnr3jVP9llmAB4sgpxT0iVthNN1DD5JeAyWhah7GO2fK/wXrGPmwDO7zL7
+fluvzSJ5z7vmOhmf0PkxpS03MUCY1nbv78pIhvMpv5PCoIiAQxipE7QW/mf+d2E+
+mvQ1+lPPj/jSc/vtjcl8kPNidcBSoj1d+0FlXFaTBp/6s8MZF+y+ja3QaGRe0HNr
+zPR0wllMgYc4si3T5b2UKhuRscLUPfS6x+9i7skktsl17kHbutjrnEeQO6aT2wGn
+qFtdp6AUPT70lNAgZlHwZpoFo27btlG1pZhpsgyyb/4KCDbtaxRnEgzxDE2YkS0S
+LCrIPTiiUq1W5VVP3sNpWyxMEVLLdin3K/t0SsZPBLTS+ge/Oy9UnSjmE8TtJFTG
+PBLF
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFezCCBGOgAwIBAgIQdR4/Pels1yiyZmLFUjJYezANBgkqhkiG9w0BAQwFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xOTA1MTUwMDAwMDBaFw0y
+ODA1MTUwMDAwMDBaMFExCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMScwJQYDVQQDEx5HbG9iYWxTaWduIFJTQSBFViBRV0FDIENBIDIwMTkw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDERtVIA51JWfdcIKACzqJc
+FKtZ9l3yKtnILRI7rpVa6HkWsAfQlzrFMA+O7bCeiXN4WVN0Lm25VbKbsDtD/yuw
+4CNEWOljgas3QPIl8HqM7U2PVO6eal9gaaWL0ZBKzOi6yX3TWMerwah8AAfczXAb
+frz4RJ9RNniC3NlbeYfkiPh7HQ6Tdm1ouhUzFdO2hoOgOrsg9VVxCkJOSutm3pHC
+US+pSQcbz8Y+TluTAgSPY08qvPHJzfNfaD13LUXPmta8z74SGnd5b4yYd+1nNv1Q
+QPTiyyVvv6sKnUJc+RgchszudFW7BKifHDUDzgb2JWZm6rjPvWCfNXCdcTYp6dFM
+4qdx1DnooL/w7lPZ1o6/r03qNMdEoL8qRcw0NqnJwPu1fVwtNpCIvzlLMLhZiCFb
+mfK86fiBoVAQckYOJ2uj+Lk48FGU0dzjjaqK3011Q6xczxt7eNarZ+DMDENcgO8N
+ggu8mffq+GPxT7ycMSNcmvWhOPOy1hg3c/zYG6+cVdkVZvkWcFjGsozfmycNFLWn
+rSS0ikDrKeucA4MWhptIiha92dEaut4NlcyqxZjs7WQYq3+iNmf+WuMYGq/PMCY2
+bX4CSV2v39AjEtgy/PYhXOKreFQT1qsSQtvR975D9BVqMTC3dBpe9YgXnb3EL90X
+gz5BrJpMimF3hZKxXk88/QIDAQABo4IBUjCCAU4wDgYDVR0PAQH/BAQDAgEGMCcG
+A1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwkwEgYDVR0TAQH/
+BAgwBgEB/wIBADAdBgNVHQ4EFgQUUo+qWrOrcu7dyfmRocm5BhLSBN0wHwYDVR0j
+BBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7wwPgYIKwYBBQUHAQEEMjAwMC4GCCsG
+AQUFBzABhiJodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vcm9vdHIzMDYGA1Ud
+HwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC1yMy5j
+cmwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3
+Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBDAUAA4IBAQCq
+RGVh8nPOW7WlILMsE7ZtvimOJRpEZ0kd/Xz2AuV/nj+rLIPi74iaqDbqguhHOey9
+lINqPcwKvRnCvDu55d9SHcQce4/Th6CdBWW6Gdia6EqmbclWKXvPldWwNNEmFGbU
+yGvbegtnN7oYP48Z9TUgxVmGq2BRTz9PqqxZ9HYHTg755QiiCQo/llMfMHedcGrh
+qDIMvz0zy1L75MGHjcLX0801YLWUN6A2hWERL+MxBlzgk4el9hi5JTJZe6MEepx5
+Y+8uTIO2QbRc7F7PQEU05/lAPVPZOzjRt632xNMaNCx8Fx7/PZWrCbAlcbHQMNEs
+Z1SvsHdUqryEOgyXBpms
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF8TCCBNmgAwIBAgIQDp+h1MRZs9AaHaJ2K4NQnDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMTkwNTE3MTIxNzM1WhcNMjkwNTE3MTIxNzM1WjCBhDELMAkGA1UE
+BhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEzMDEGA1UECxMqRGlnaUNlcnQg
+T3JnYW5pemF0aW9uYWwgRS1NYWlsIENlcnRpZmljYXRlMSkwJwYDVQQDEyBEaWdp
+Q2VydCBTSEEyIEFzc3VyZWQgSUQgQ0EgLSBHMTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAJi7H/6cAevzLfCNBKHGw3j4zhT25y1PQQPkme0pTCZExYu0
+Ar++Xfo52bYR8g56WtwEPyh2bz29tmncGaoThBIs3cT4oj4+O4pz1c2v2DriqJea
+Oe3qFRMReum2oyA4HzyKGfQ5/4ux1U/ZTSSpmXrw5u7wEgVw0cybimTY80OPgXIF
+PXTS0Dz8LuSR7j+OkWHcokDZKClVt0rfvtIsGMA4AFkTi4i450tRGWOoH8KmqmQH
+rSuVkWgVBm5hyQ7Y9ty6sLZt6StEoGXq4JBWPpHhPF0wHuI/1gG1NyrwRdR2ck7y
+fPaPkuSh3kHgm/PAMry36LLC8dEepsE6+P/J7GkCAwEAAaOCAnswggJ3MB0GA1Ud
+DgQWBBSxFa2XXc2rHzitNLW/JxqloS0wozAfBgNVHSMEGDAWgBRF66Kv9JLLgjEt
+UYunpyGd823IDzAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0lBAwwCgYIKwYBBQUHAwQw
+EgYDVR0TAQH/BAgwBgEB/wIBADB6BggrBgEFBQcBAQRuMGwwJQYIKwYBBQUHMAGG
+GWh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbS8wQwYIKwYBBQUHMAKGN2h0dHA6Ly9j
+YWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcnQw
+gYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdp
+Q2VydEFzc3VyZWRJRFJvb3RDQS5jcmwwOqA4oDaGNGh0dHA6Ly9jcmw0LmRpZ2lj
+ZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcmwwgdMGA1UdIASByzCB
+yDCBxQYJYIZIAYb9bAUDMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdp
+Y2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2Vy
+dGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQ
+YXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2VydC5j
+b20vcnBhLXVhMCYGA1UdEQQfMB2kGzAZMRcwFQYDVQQDEw5DM0NvbW0xLTIwNDgt
+ODANBgkqhkiG9w0BAQsFAAOCAQEAmFolJIDFG2tegigHneOhzY0stJUnKrQZ3koZ
+WLXB4i43wip4d2tHnlKeqeVv9dAB/DlW7IoYil0R/whIUz2frEmELnQtjf4ejdC5
+vVMtScnC9GquGP8gU4RcLRGczeYgLtM4M20rEzBqIU7wOot97xfnDexyLOPAk9tK
+OCL0W2M0/AUGTQ5yavmtrd0Bm0UsMlVHA2dTC57qbu/yEmU125oZwPagjgjg5hJI
+Ja/bvuFjM120o0Te9cBAi0HWJ733sg3OWUamv5jOneuNnAFIHpkxX+TYmiL2BrbR
+VgVIZIhEFUDX1KTbS+/STWgpKISOgQJRDFzbxI/s8gnp8vGw2w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGBDCCBOygAwIBAgIOSUEs5ABcxl+EFyHWQKEwDQYJKoZIhvcNAQELBQAwgacx
+CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
+ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
+YXRpb24gU2VydmljZXMpMTUwMwYDVQQDDCxOZXRMb2NrIEFyYW55IChDbGFzcyBH
+b2xkKSBGxZF0YW7DunPDrXR2w6FueTAeFw0xOTA1MjcyMTExNDVaFw0yODA5MTYy
+MTExNDVaME0xCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UE
+CgwMTkVUTE9DSyBMdGQuMRQwEgYDVQQDDAtNS0IgU3ViQ0EgNTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALcBXbJEUXFl1/F6rPW0Sfulxyb2PUGGocIc
+PIWVCyud045B/zDO5KDyP317KRfetMsPDUWDCLmKXCFcVD6KXzmlLDNkyfaqESNz
+8CCiTR+gvAKPqyZ0qUAH6qO4NPDF2NzEh778Y/Dg+5mkYY3aY2KSOG7EnUkba6Ga
+pNzHO3C10C7R7hZrZbgZ9YPJkQveAysFFoWs5bNRgKevn4J7x2+uQjylGVEw6xTM
+SiuPHfaz5DMAu8bDk131rg5ATfCmvBx+uAaOQWnz41Hz56JJf1d1Q3mTYi2+12bY
+2aOvOLonR7pES3jfPEszle7Bypjkq/ySUR0iJmq1m/aEVJfyWAkCAwEAAaOCAoUw
+ggKBMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaA
+FMz6Z5PwtrjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBTe7bJVc1AbOmR2hxt3VRLe
+wSrwcDCCAT4GCCsGAQUFBwEBBIIBMDCCASwwLAYIKwYBBQUHMAGGIGh0dHA6Ly9v
+Y3NwMS5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRwOi8vb2Nz
+cDIubmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYgaHR0cDovL29jc3Az
+Lm5ldGxvY2suaHUvZ29sZC5jZ2kwNAYIKwYBBQUHMAKGKGh0dHA6Ly9haWExLm5l
+dGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0dHA6Ly9h
+aWEyLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0
+dHA6Ly9haWEzLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwgZ4GA1UdHwSB
+ljCBkzAvoC2gK4YpaHR0cDovL2NybDEubmV0bG9jay5odS9pbmRleC5jZ2k/Y3Js
+PWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwyLm5ldGxvY2suaHUvaW5kZXguY2dpP2Ny
+bD1nb2xkMC+gLaArhilodHRwOi8vY3JsMy5uZXRsb2NrLmh1L2luZGV4LmNnaT9j
+cmw9Z29sZDA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDov
+L3d3dy5uZXRsb2NrLmh1L2RvY3MwDQYJKoZIhvcNAQELBQADggEBADLCzBdvqlNb
+q0EY096S6IFFYcSOdS4mMnozpU7pToK9kC5UBTqgVJ+BGvczUrR6dPsQfk5tD0C1
+y1ZmStdTix3ivzjpxiTdiF6atfYaSkg4dadaKxaS/YTw+19AfkadTOCxuxv5RViu
+OJdnSgww48zQwcwPVeBtocBsdKavfoPc+NhUYwmSsl/aMWZdblJorHI48AGZwePf
+wrlwp//0U8mTfLdrvP3yt+Jk711qWNmxiBwZSmPzVHJrohPSK3SRXsqafITkPgO7
+ScHCv71AWAwg/+gEBoZVe1oL/aiSwPpf+F5hQ+ZaJ1CcGkP67i0g+rkL63dAbK4C
+vqsz2t/c9jg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+TCCBOGgAwIBAgIQBQLgLidYQLf5ffP9kBAAoTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwNTI5MTIyNzI4WhcNMjkwNTI5MTIyNzI4WjBrMQswCQYDVQQG
+EwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xQzBBBgNVBAMTOkRpZ2lDZXJ0
+IFBLSSBQbGF0Zm9ybSBDbGFzcyAzIFNoYXJlZCBTTUlNRSBPcmdhbml6YXRpb24g
+Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQkBECVnBOF7pzAfLg
+DpTHWk3+wHknb1xumm/2ELQDJPLbE2r3S/6e4zvG6FZvbZAoHnqeyPZjaPiUGkfn
+321OjgXvSLQjvW4nvzRSZqfnwJYR0nVpjyGIMp8btxQr4uSlxnaQvEixu+Rb/Xlk
+twfqpp1jT1Z8Ocbj7RbUJNVAuVUqX8q7J8zb74wQOiAzajgRpcw7un5MjMsG68AS
+7xCxD6v74Tx7Nl3FJhftLwhizhXsHm1vEf8DEVmfK6CBMoGHeQk9+OtKFU/ZpJ0p
+wZv8egqJ1xHI8z8hb888gA3GO8rQgBODQ4zzt8N5NPlG7aPiox5QZfN5VX6mX2Cg
+MmQ/AgMBAAGjggKdMIICmTAdBgNVHQ4EFgQUBjF2UHQQopewmD/2j3J00ov98WUw
+HwYDVR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGG
+MCoGA1UdJQQjMCEGCCsGAQUFBwMEBgorBgEEAYI3CgMMBgkqhkiG9y8BAQUwEgYD
+VR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0
+dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTCBgQYDVR0fBHoweDA6oDigNoY0aHR0cDov
+L2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNybDA6
+oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElE
+Um9vdEcyLmNybDCCASIGA1UdIASCARkwggEVMIIBEQYJYIZIAYb9bAUDMIIBAjAo
+BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCB1QYIKwYB
+BQUHAgIwgcgMgcVBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0
+ZXMgYWNjZXB0YW5jZSBvZiB0aGUgRGlnaUNlcnQgQ1AvQ1BTIGFuZCBSZWx5aW5n
+IFBhcnR5IEFncmVlbWVudCB3aGljaCBsaW1pdCBsaWFiaWxpdHkgYW5kIGFyZSBp
+bmNvcnBvcmF0ZWQgaGVyZWluIGJ5IHJlZmVyZW5jZS4gaHR0cHM6Ly93d3cuZGln
+aWNlcnQuY29tL3JwYS11YTAnBgNVHREEIDAepBwwGjEYMBYGA1UEAxMPRGlnaUNl
+cnRQS0ktMy00MA0GCSqGSIb3DQEBCwUAA4IBAQAf99w9uHX9H7GkLtcqtkb1RNUn
+ReGdLi1ROLtjOt7M7vUWGNGPEQm2hjta+y+L1opJCJIOew7DYKMfpo1c2su+XEtC
+XjXPjGW+2jCv9K3dSoz1P5D2Qdx/ZiQ2Tu/GXVuCTSLvQPeSvn3+3APFjC1p+mXb
+AOocbqMH+zHft1uG2NJHw8OnRxE/bZ3wJ6TH7k56aKvw8h7EgIW9elHP36uAjOmx
+k0/XjwqpdxSbIrgj7Lv49Lv4hBaLw6anHKV7ObqWVyC65jTDm1n1EKi+kEBQDUm2
+sW4km0fuxFPLs0k1JrET0pI06UfxwnPcwJCVaFI0+gqeNhnvvQwpz/Wvc3AS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGHzCCBQegAwIBAgIQA7gNA3OmuuKEHbLRsCd0qzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwNjA0MTIzNjIwWhcNMjkwNjA0MTIzNjIwWjBvMQswCQYDVQQG
+EwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xRzBFBgNVBAMTPkRpZ2lDZXJ0
+IFBLSSBQbGF0Zm9ybSBDMiBTaGFyZWQgU01JTUUgSW5kaXZpZHVhbCBTdWJzY3Jp
+YmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmsvCMgojDJd
+5YC6OgUq3SwSr8dFNSmUf/D870v67GQwUCS7lYJjk2gcVKzaqPVrXoyPZnuR4oWx
+yhPQbcnXMgvH/vHDkDl94To7NEma9j/XlwEfEln9Kf0P9TZGEaK44z6OM9EaLxJ1
+/3JdKH+wp8tH1uubTAbf3sWsUE7KOhGtYkRfVPG3+mbBZHr7DbdVikmPV/0L1lIX
+6GW+H7KGvCVGZCTM29dsEv3C51oWjuRu3KmfhNiqobqpTwq5VBhTVbmj3BrLmUct
+l9QcjIAOFSCMDTRtEZT2vikqqYsTukSu5Fk5beQRoYLSsOzJ7g3C7TNgXEsmjyBK
+mZ2qZ+an+wIDAQABo4ICvzCCArswHQYDVR0OBBYEFNy3HyAxdEuUGnatg4Kt+Maj
+8ERfMB8GA1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWXNqfWMA4GA1UdDwEB/wQE
+AwIBhjBMBgNVHSUERTBDBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwQG
+CisGAQQBgjcUAgIGCisGAQQBgjcKAwwGCSqGSIb3LwEBBTASBgNVHRMBAf8ECDAG
+AQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
+ZGlnaWNlcnQuY29tMIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdp
+Y2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMDqgOKA2hjRodHRw
+Oi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3Js
+MIIBIgYDVR0gBIIBGTCCARUwggERBglghkgBhv1sBQIwggECMCgGCCsGAQUFBwIB
+FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIHVBggrBgEFBQcCAjCByAyB
+xUFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRh
+bmNlIG9mIHRoZSBEaWdpQ2VydCBDUC9DUFMgYW5kIFJlbHlpbmcgUGFydHkgQWdy
+ZWVtZW50IHdoaWNoIGxpbWl0IGxpYWJpbGl0eSBhbmQgYXJlIGluY29ycG9yYXRl
+ZCBoZXJlaW4gYnkgcmVmZXJlbmNlLiBodHRwczovL3d3dy5kaWdpY2VydC5jb20v
+cnBhLXVhMCcGA1UdEQQgMB6kHDAaMRgwFgYDVQQDEw9EaWdpQ2VydFBLSS0zLTIw
+DQYJKoZIhvcNAQELBQADggEBABU3M2Y7bTJ04TzMUMnnrmf1XkBwjTasQs3uuODt
+fcVxNFrd6gcdVUVP0HS+JD7QFr4PbDB4ULS76fckp2uLhefn3xUHh1G19dsga35o
+AE3Shz9p6D3slQl53LpUqrBfxf/OeHQVvWdY3zLb8af6m0zzn/XeXdZsbfpieLA3
+73dMJd1NsFQiTFG0l47PGpR3lOnpmrSMF4qLObJ9nEHCKTLZv8ko2L4YeBtQzFK0
+HaSWUwaL7l4fMgN1K6vGYJgXeps3puOdCwePH2uk0MkVGSX69uinvBDqwRCi6L4v
+okwjEG0LEfuExLCZSQT3ppMKqXHyOFdxlWEI6utxAgtn7QE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEAjCCA4egAwIBAgIRAOpIk61orHAPef2Hvc1iyL0wCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDYw
+NzAwMDAwMFoXDTI5MDYwNjIzNTk1OVowgcsxCzAJBgNVBAYTAkNOMRAwDgYDVQQI
+EwdTaWNodWFuMRAwDgYDVQQHEwdDaGVuZ2R1MScwJQYDVQQKDB7miJDpg73mlbDo
+r4Hnp5HmioDmnInpmZDlhazlj7gxNjA0BgNVBAsTLUNvbnRyb2xsZWQgYnkgU2Vj
+dGlnbyBleGNsdXNpdmVseSBmb3IgQml0Q2VydDE3MDUGA1UEAxMuQml0Q2VydCBF
+Q0MgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2l0ZSBDQTBZMBMGByqGSM49
+AgEGCCqGSM49AwEHA0IABKedESfG0lalS2WFqpIkG6B/bj1mVcd1Uz6bAPL6WlOg
+XHePqEJPZv8cLLCmz4+rWDrKUODh+1f5DjQHKr5djDejggGLMIIBhzAfBgNVHSME
+GDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQU1ck/T2D/TUUBJW+w
+MMAbC2TZ7fEwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAl
+MCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBH
+MEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2Vy
+dGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUF
+BzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQWRkVHJ1
+c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20w
+CgYIKoZIzj0EAwMDaQAwZgIxAKMZCjYp22VIGOgX/r4fE5BWkXGbL/CKoORIF2+/
+sK9Mti84fcKOiOfpTCYWUJ7P5QIxAM5hatqf4w5F0YBcDClnhVab7KGjk/XDiobp
+e/y6bZe33FmFTZIqW8lyz2Sf94lBvQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjzCCAxWgAwIBAgIQYCaE3KLvXvXpBrvuaFjAVjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwNjA3
+MDAwMDAwWhcNMjkwNjA2MjM1OTU5WjBxMQswCQYDVQQGEwJDTjEQMA4GA1UECBMH
+U2ljaHVhbjEQMA4GA1UEBxMHQ2hlbmdkdTEQMA4GA1UEChMHQml0Q2VydDEsMCoG
+A1UEAxMjQml0Q2VydCBFQ0MgQnVzaW5lc3MgU2VjdXJlIFNpdGUgQ0EwWTATBgcq
+hkjOPQIBBggqhkjOPQMBBwNCAAQVcZpDdpMoNpqcCecn5OajxwMJvYaPbi8rVrpw
+wE51MXFG1ius11Sljp2Wmo3NU/FZCjrMU7H24HdkQF1IIpLyo4IBdTCCAXEwHwYD
+VR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFI0Xfdtmrnge
+EFVICnyIJIght52gMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysG
+AQQBsjEBAgJGMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3Js
+LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0
+eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVz
+ZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUH
+MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaAAwZQIw
+DAg1WfHGopjBoIVFsWht8Rjtru813wxFp6n4HmaTijzo5G0s+NhOijho70U9xlEs
+AjEAm9lW5qzmg9oegFE/vNyTNHR6/0XqqaVS/vH4ZNEpnoQJNf2jIcGLM/obN12m
+VOKr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+TCCA+GgAwIBAgIQR/MRXCxMd87EIlwE8gPGmDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NjA3MDAwMDAwWhcNMjkwNjA2MjM1OTU5WjBvMQswCQYDVQQGEwJDTjEQMA4GA1UE
+CBMHU2ljaHVhbjEQMA4GA1UEBxMHQ2hlbmdkdTEQMA4GA1UEChMHQml0Q2VydDEq
+MCgGA1UEAxMhQml0Q2VydCBSU0EgRG9tYWluIFNlY3VyZSBTaXRlIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfgx4yEcy8y6ALS6kL5hFXNeh/Hn
+Is4Mbm0pyAgobTFZ38fSewyUe9D5IWnprySLkISAER5Yg/6K3XNgBRhsYBanh+J+
+eQBFhmfBxPQ1U9MTK6XkhJfk+5VU4jR63zto0Du6mpiacrsjIdR/TlUicdRamITI
+BIjiAMAzXP6vQMvSJct++ON7LXmc1EV4Hy7gWXKmtcpgyabIZ93AXp+qxNoekw7e
+KYIkzAMLUE2W//1I2xzr99MZUpD6uJO8Yc1DCebQYjMJgq/9a9QEf0kQmWqU4Yc9
+D8d/6vagsIERlVWJEWmlHlqXmXGiAJntIpkdmW3BREU5735/LbedJECtIwIDAQAB
+o4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFEU+vFx4YU3+ZPWWrInkE/GhdTdzMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV
+HSAEGzAZMA0GCysGAQQBsjEBAgJGMAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBAFNW7wVmdBf7ziKMnYhEA+ak6nJCMRUEpS4+hy9qDBU7zKzM
+VjGJZZRyJQplssncT6BpVAqfeOV3BD1GEVuu94Qmukk/JKVeChnS9nlRO1XKDa8m
+lUh19q5irebvgQSgNLbpgWdlc3+osBAuhZe2OiUzLcpuYN0NZvOeYJtpMYst8ils
+k78glaKJRq/jRxpsgoFkChAq/G8oqYgzDFYhkIII4XYO9s0Sw/tU99kVgAx3uU2q
+7DfAoE2xtS/lH8+i20sHmNi9ArFfgLPk4M827BQ+N1YHBy39gphpoLgYGqGJleTx
+7crBElsDgQ1tczCtkz6IdvApQxkPtWeb5nMtFdFuBoBuZAHUg8pleN4XojQFpfRO
+FxWaox/Gmn8AOnHE6Mzg4j8P541AbLS48VoYkHLYb4E6Nik2vIPaG35GWC8565TC
+wBvOmEFiw/IFRfaAwI8jpMkmiiCgvm/vGtK4I9Nj0KrIU4+0n1OHK3oZFr3PXIYj
+dW7VeGN4/BswbSrQBgZIE1Um5PQrrbxSsZAr5ZDNjPXIIVTud6L8SLCxtPKVk9Ly
+Bsk+Elki2oIijxo8FQx6Rao2hRL58YFw9SHBB+wAxgkTwzRI4PrAeAR9IbRADmkf
+ZeUs+KS3hM9uUDdNrY2mpXiAHHSN0dqEkFivlVDubxvSBsv129GkrwOrzTzM
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF/DCCA+SgAwIBAgIRANEnjaFHQ6zb6K9cZ5Nsj9cwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDYwNzAwMDAwMFoXDTI5MDYwNjIzNTk1OVowcTELMAkGA1UEBhMCQ04xEDAOBgNV
+BAgTB1NpY2h1YW4xEDAOBgNVBAcTB0NoZW5nZHUxEDAOBgNVBAoTB0JpdENlcnQx
+LDAqBgNVBAMTI0JpdENlcnQgUlNBIEJ1c2luZXNzIFNlY3VyZSBTaXRlIENBMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LwaFwg4a/gg/CnqYXJ8zMQC
+oZyYR1W2vowofV2hkjP7ye9+LOxoNUJMPtAe86ieFaFvwOvncNNQ5O1cBqpd80BL
+Xo6KeeCUsxuwFGqt2lniWjlMEIf/5+YKg0Jc9cOk4pbcQ5jXjibxo5dafaLHhbPq
+Y8MbQcok/nw0al2Oh8ANOLfnhN0nh6kcieHb67CfnJ8OZ/gCtT2PKJs0Be4aOVN6
+YZmjzxbQ/GdvJfHMaa/nX8w855DAnFN7Zio/za5CCo5xCeuoK9IuNmtv/WYgWxUi
+nChGHFTc6OnDspZXVmM2T3pWxAkMcL5/1a81gg7uQsrY2HJt7IqfrCgcI4s9lQID
+AQABo4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYD
+VR0OBBYEFLbYuV62++gTnv+JhUTyPgEHouVCMA4GA1UdDwEB/wQEAwIBhjASBgNV
+HRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAi
+BgNVHSAEGzAZMA0GCysGAQQBsjEBAgJGMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWg
+Q6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlm
+aWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAC
+hjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RD
+QS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJ
+KoZIhvcNAQEMBQADggIBADFoqJOunOEFTgpwawxzkkBiQVw5TkWrYjwhh1jxu5lq
+GRWw5D2xnVQjsRhR824csP5n7v7G6UyMuQ5TsrSiYs7KBCmF5IVugglMJgdllRg+
+Xd6FIouzAkAOan+g+b2Wjf1IwdRTysVNZdP8uBG9ItVoNsZudm7uRLExJA137vwz
+MtObbRLSz4ZGbDvFNb6V9bEtEsb+bGXe9sEqkIa49T0pcnTRVF6j1/hu8lK76Br1
+A3iuTh9edFOdvEFxBiChmg2rrW0D9ZkzynG+ZyRYAoSl3RKSLVgVvUgzbgFoz95O
+pW8Rspg1iaiVFeR+cd0n5aEB5yXZgFNCLF2FdtRGHovt2Mrfy6AKeqc16iSfzY/z
+5CAvrv7wNeVDHXbm+DvEJsrTkLTp9BdPMzZSlkxpP8IQMPr2QlTXqanDNcHtChdW
+FO/Bak+C1Yx4JILq/4Adt+Os4eAXWwVK4ni6PQKtFnxs/aypzEBzyxhbOANMEQwo
+hg1Bfr30oox6xf6V4iARudIhzgMCyC6WOvhOka0upNWw0hlQWNTnV0GehjdvJA6x
+PDS03UogK3ZQTWvTUw/uxTuO3KLL2T/i9LqPeKmAtOxbWYsno6z3fB1ym0+3Ygs1
+oLAvMO6su4rbwcxsaaoYrSZTIze4fIb4OsKFx0EIcU6+JExrRLHCj9NoUaPaq6x8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGbTCCBFWgAwIBAgIRAL0Vx/BRSgtL42nPtEwKrC0wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDYwNzAwMDAwMFoXDTI5MDYwNjIzNTk1OVowgcsxCzAJBgNVBAYTAkNOMRAwDgYD
+VQQIEwdTaWNodWFuMRAwDgYDVQQHEwdDaGVuZ2R1MScwJQYDVQQKDB7miJDpg73m
+lbDor4Hnp5HmioDmnInpmZDlhazlj7gxNjA0BgNVBAsTLUNvbnRyb2xsZWQgYnkg
+U2VjdGlnbyBleGNsdXNpdmVseSBmb3IgQml0Q2VydDE3MDUGA1UEAxMuQml0Q2Vy
+dCBSU0EgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2l0ZSBDQTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBANt0sOukla6L0cMyqo73Lqqnb4XdWxBu
+THls9Kb6cwKFkfQc6HdFw6I2XQ77J2op0Fkd7ZDnO1K2doZT9Nlh8GrWw8zlnWLT
+wvO1nPHJBvNXljwPOZHAYexApcu2zqIYBO0+A7VltpZ1ZUVrinWV1AF4vK75QZ0p
+Xg4ol++4b2WUahF+3xZGXl1DXDAGI1HXrEaeR6wub8ykPmMDHVOn0TVOeiKiI/Xq
+jnSL7C8Pe8oYxgtkvB2JirpX5Spk/WkOQGBg4akacI6s48nT7Umjs4A2WYXbWfJ7
+nnKfkc0c23krOv03W3DVb837q9iXVbwGqld/YlV9ihVYnGlE4MzD+e8CAwEAAaOC
+AYswggGHMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQW
+BBSHRjeuKMGSJn6TwsutzAqNi8xB8DAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/
+BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0g
+BDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20v
+Q1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcB
+AQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VS
+VHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3Au
+dXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAV/XmKlkXgMyV36a9v8sN
+KpuK/oI/JV5WcpzWZ+F5WzAPBKePpw3VwN657wWPqWQBgmzJheocoTYw8IFJerZw
+yNyMCp56wfEbqXsG/XnFtXriVhPWZy+K7vAK3jtc/XZnPlGJiM9fhFJkoQ61hGE3
+/yHVynIlbCYjLzSGW6BusMdT0BwpBM/5l34SFik3Cw8TVE+4UZmkKQWRYJ+P5uPH
+fnslyn9LSbYD5BURBDV5l2HiIU0FSDVa6tmCNTodbb3UdQLmI/shZmqZCYBHbgY5
+Dynnsb9K5eC1fPMk82jxl7ARDjGB0dghpFxBKywzADAQAWwRj0revBdVmzlNdMHL
+JWsrCEixmqKQMakaY4KuYH7G6xInX9S7dDLcjdDoSvNHz7cc/wksDw93oFQeg6w7
+aIm1TvB/fP9/STtqZlZePGhrSHFLh00zWPGVmLHDXfFCyTAJObXygdOiZhNRQWVR
+fR7zvoC3WW5WvaV0hAPEkKqIXubp6wdjuX8mbg3nj9Hc8Zs7OlVjL+WRcfjh2JoF
+we1ds4L1W57Zo4SjTg5ztRsJr6RHTymLjVce7R48niWinoerOFAho2uhLPZyGrai
+Ar63JmRtqpIPksXpEkCN4Uw3FmDhElxbOv8V0txOLv/55lUkgbH+L2RHx+5OY+8n
+IaHxnaUds9ylSrXKeU8mDs4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjDCCAxOgAwIBAgIQdL/Q1Wcmd0a3xAfXXsaVVDAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwNjA3
+MDAwMDAwWhcNMjkwNjA2MjM1OTU5WjBvMQswCQYDVQQGEwJDTjEQMA4GA1UECBMH
+U2ljaHVhbjEQMA4GA1UEBxMHQ2hlbmdkdTEQMA4GA1UEChMHQml0Q2VydDEqMCgG
+A1UEAxMhQml0Q2VydCBFQ0MgRG9tYWluIFNlY3VyZSBTaXRlIENBMFkwEwYHKoZI
+zj0CAQYIKoZIzj0DAQcDQgAEzK2z6gVEhgl+VHFko8+i18F0L/qMHrbMMr5LdTh4
+y8mPZPLUZ/njLgCj6NLhY2upbLT7ga3rypl4vwXbY0nlPqOCAXUwggFxMB8GA1Ud
+IwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBTK7DxP4yI8LU6V
+ApowMlVcaPWbKzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEE
+AbIxAQICRjAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51
+c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHku
+Y3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2Vy
+dHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzAB
+hhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2cAMGQCME+J
+5TYDyjvmfCghX1ibMK2/2CZt5/mzyHAYZfBLzE20sNnrY/RwoS4JttTkPriwaAIw
+R1DTS3xOiIXa2WBusVDqfLn4siLjfEOOF7bbjexa5SExk8Qhyi9bZpYicDAVangI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF6DCCA9CgAwIBAgIQGJyrYyrMApEs9N5xV5SnRzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NjA3MDAwMDAwWhcNMjkwNjA2MjM1OTU5WjBoMQswCQYDVQQGEwJDTjEQMA4GA1UE
+CBMHU2ljaHVhbjEQMA4GA1UEBxMHQ2hlbmdkdTEQMA4GA1UEChMHQml0Q2VydDEj
+MCEGA1UEAxMaQml0Q2VydCBTSEEyIEFzc3VyZWQgSUQgQ0EwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQC0I7JtgKAziXn/Zcpr0huZLxozVqc8KuLRcEcd
+1nHUd2A26jekCyvMWGGmyxmi0y7RDQF0Pdrq8lRk7cmsIn0mA5zNC1A/3t3EPjna
+eXtbCCOMo7SoaVbia3THy2zR/dAkeJa4NONB6CrPjIOhfKNXL1RUQ64W+6LGvH+J
+NFZU4aZ2cmfZ3tfbsHhLcTY+9HcnVFsnIHZtV67/eeo1ReJP6JE7lYYgHPiW2xWU
+Yi5Gw82mBOkZy/LTOuHXwDxCCEkWOuxvRkZK49adojWTesMh/OPfOPYQ8Mhd88JJ
+noeSf2lGI2ZsraBIhTcrN5NXCUfFlMBp3SubV3L2IN9IRqp5AgMBAAGjggFrMIIB
+ZzAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUWQV1
+uJ2qfivB2k4F/z/Q+COqY3YwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBgGA1UdIAQRMA8w
+DQYLKwYBBAGyMQECAkYwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2Vy
+dHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3Js
+MHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1
+c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlo
+dHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBJHuCm
+Yxy8ZOHCk1WGfb9LVQw0iQ1jH0PuYY+QRwbTNb7d1cwepjjweBLszCA7vfXTkord
+7xG7Vox91wBdSFNOZryra+chBo9fzJ4XbsqerBZZMAKnB6LzJ6gl4izudSA12Rag
+331LMTVYt1BAXaePW/qUByGUDzjBLdxZKwfrPjhHlOj7blFox/zPWXHtQOi36AEm
+RUF2aaPmBdX7CwfQnkP90AIgAKAl50IP0ktBes6fafdGqs6KEGzVP9kN69C2ZO4D
+4EU+ss6ob8we1AoFOABUf88ioQPVIzEPOVFwsRPKFni3XAbczN7Xza82lHUeoukb
+eTEtq6u8wTWGNda+xt2CddkbLBmj388ncRjpDCUE04o0He1MXXzWTaGYuMqvQ6ic
+kRIjhy4cCwljgbo49n97aq/nrq7/85xf675GbNPysdGWCYMCpYl99+VBR2cZX0w8
+gAYimN1m0ur8YlTVKCbffK4yQnbQMt3+sy/RtBcONwRgryGK7gIVR6ZMP6Qtv3vq
+4Y6pHKVV/Y1uC7m3R/XBXk4nSKaOZt6ar7O9tF0xetA9dms9//qyNJDu5IyVyxi/
+Nw+biuiv/ghSaUKFSi3ntsqBocfuRIolrymLbNgUEuFyPOwlm34JMJCfhj8BBevX
+m6xwBSgunIlw9L15u4sMTvrRYat4fmKBqWpgww==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCTCCA/GgAwIBAgIQTmXWVteLFxnxgmt3QBAbdzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NjEwMDAwMDAwWhcNMjkwNjA5MjM1OTU5WjB/MQswCQYDVQQGEwJTRzESMBAGA1UE
+CBMJU2luZ2Fwb3JlMRIwEAYDVQQHEwlTaW5nYXBvcmUxGzAZBgNVBAoTEk9uZSBT
+aWduIFB0ZS4gTHRkLjErMCkGA1UEAxMiT25lU2lnblNTTCBSU0EgRFYgU2VjdXJl
+IFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANcYlGvF
+8gmKpfzbkxPePQHedEZGDD9NHFx+fp5UxRs712j3sR4DQl4I7V978Tu8dGGmVE2p
+yFk5j0946qsP22fftjwgYUhXQXvRtqqLc6IdqsnJEdaOKKAw9+mna5aUyqehoLmX
+UXbEs8WzhVHWm6VgWuwpLnwAI1AH/TxLcl+Ge47XDKv2dpd8uHkKikvlwN4/2KzP
+mroq/hbbUu2sEeApyhaLDd4aYDQZDzmWmNg1SXN+G0wcl3CBh2qARC7V55jMzy6G
+UTHTgu9Tu5L3cuoMB83EcpO+Ie4s4QIfKMYch+4SoJpHwtWDKE5R0XzXHs0VE+Zh
+doX287rxev8jXrUCAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh
+2JvAnfKyA2bLMB0GA1UdDgQWBBTZ2/swDqfXirFbcGBz/O1+g5UCUjAOBgNVHQ8B
+Af8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICRzAIBgZngQwBAgEw
+UAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJU
+cnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGow
+aDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2Vy
+dHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBNu4WihYSXiTPgUjwaVNWDujZ6
+EFSYCYvPDLZKw1cNVfoDITMFOy+r5TTGxHkzAwxY9Kg/Xs0zpBCWZHms7ukZRPM0
+ctWkAr2TOumA1Vf/3X9N2ydU4ZWLXeudsRS8k4T2eZ7v53aRGUQSlPeD/ErCKCbk
+ywl6jISh1fvwdxiQmX0fody9photk6G6jcrcblxQIU9LJG1ksK4d+wBPZwR31t1z
+gszdqEH98LM2K7Rx2ULBeGZGA4D+iRgz/eHExpF5AVMOisiTn65JRtKGLN8XYERB
+wk9Xirmeuzy1Hb0julx5Fj0jyydCcRlm8Tu6YKEm5HspMY1tYnmyfqQm7xCdbumb
+2x4x/f6ceq9rTpBeubRApsnUtYHBttQ0feIFlK7d0MNO+f84EQDTji9Gw7Lqpko0
+vIyHo11NR9C3QnoZpnTnlE4vdRQd7MtcgX3/y5XbQ7sUAEzjxwkrFd4AiJNs28FI
+oWFU/Yp/pD2ww4uIdWipMbp4cvxqBrW1fRQKYsuF6R76KhDHBTpolO5bGTXY4iSM
+7Q6WWWGOn+iVmMLg7UCm2sf48n8rOo0KemrlfvAs2mKPSjD0YBJUpPUh60o5idWI
+CdvAUmnWSs12NSSUJReiMG3zQes11hQGg7SIvJlyBk5+LOPAEhPMuAqYl3o58rEO
+Nd89rmzgEYorEU2nNA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGFDCCA/ygAwIBAgIRANYHrK4VPXl6KqkLIf8AmDUwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDYxMDAwMDAwMFoXDTI5MDYwOTIzNTk1OVowgZIxCzAJBgNVBAYTAlNHMRIwEAYD
+VQQIEwlTaW5nYXBvcmUxEjAQBgNVBAcTCVNpbmdhcG9yZTEbMBkGA1UEChMST25l
+IFNpZ24gUHRlLiBMdGQuMT4wPAYDVQQDEzVPbmVTaWduIFJTQSBDbGllbnQgQXV0
+aGVudGljYXRpb24gYW5kIFNlY3VyZSBFbWFpbCBDQTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJW5P9BcuzSOIQuwHFGlPioJFlUviXlY99IhZ6iNGjth
+ZSxrgwbSFk8f2Wxoxm2jIdZllVan8G4b7GXDcc/ZfCklB9TnDe7o1FYd8p1rMc7f
+BkYhuv93iNjNTIVkP3+Fyn8tGsYEkFW3K1fW6OftD5TOII/QXV9jz7zpOYuJKxck
+JT8isQaY1RuWD26urYi27bfB9EUcNIwo73UIqHyPAG3Ks6kuyv6fl/wlaqACPUOk
+y7w3qKRPG0IHnUR5/tSPbSoALhIzKbAkN3UpFfly/Kid88cqfiXc88CGUvD5s/bc
+il1O+EqLWmUb0wIlORF502EebYhgcjsU2CPlq/2AhfkCAwEAAaOCAWswggFnMB8G
+A1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBQ8KhGVlQJ5
+NunCXOOKzbu8nioi+TAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwGAYDVR0gBBEwDzANBgsr
+BgEEAbIxAQICRzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVz
+dC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYI
+KwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5j
+b20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
+Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBACg27qQ1eUaq
+JfY/zOf4R6Dx1tpiWJkdLsPHaBptXefXYthiSHaNPtZKM/7xBPy9pYORVqu5uwXa
+OvESN9U8tWYPOouphepX9+CX0edQZZI9Na4LPs0MpAbfiOiSCK5mqSHRNvN5iasa
+QoFB4o7BUJFEX0fkdgSiqxsSANuSANaYQGwlC1Nc2XjOf9/+n+9Y9MR9z3asVEEo
+VIu3y10YmqjBAG9AQZO1obSSvVkFJf2gmwfAmX1DmyoWAN33SRnOf5cRDiqPITAf
+Kh9FZHMw3+SF9OzErYroVXqbbm2HXuAgVm+ZKsu1Ov9oHJZ5LlCW3Dv/CexxYFj3
+LPU+E9hGtVDY5tZf3Jj7VkuYw5Y4crXAvweQ27+wjeTQWaixYFtuID9PKJpVPbQ/
+ofsHZTLCfdayykIaHiKSJ4cjPTYoTc4x9p4/4voOx8KZNb2IlJHlzQMIbfr3snBv
+oMdx03NWF5qjrOYwY3e2gRfm1bKm7rIW+/u93F3Ud2ukESTTQv7HBGAxnjuDQE1C
+mMFS/wPipf0LVpAnRkZE+/W8w/OUSB5pMHDYDehtj8ZPHvlmSpGLQaaPdRgk96uF
+/0y8smv/rFR1Xy8DdDxZJlcRBXikVpEIiPr2Jx0nT3hxqMOP4yyVto3z9Seda96H
+MvzMmNTSBBnoxO7l6hu9F5rPeh8CsWg2
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDnTCCAyOgAwIBAgIQRB/KBH9VgbnLpOJqZoTyozAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwNjEw
+MDAwMDAwWhcNMjkwNjA5MjM1OTU5WjB/MQswCQYDVQQGEwJTRzESMBAGA1UECBMJ
+U2luZ2Fwb3JlMRIwEAYDVQQHEwlTaW5nYXBvcmUxGzAZBgNVBAoTEk9uZSBTaWdu
+IFB0ZS4gTHRkLjErMCkGA1UEAxMiT25lU2lnblNTTCBFQ0MgRFYgU2VjdXJlIFNl
+cnZlciBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABF806+/XDCxx1OhI4IDN
+SBiEUL3WJEnRKD9puaABAO+lkn62PWKTWRyQh/DMyV/jquIh4NBxXXB1mYEwKUbL
+JX2jggF1MIIBcTAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNV
+HQ4EFgQUe/Z7cKzVTTZ2CT3yiDHq7pNvJDYwDgYDVR0PAQH/BAQDAgGGMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIG
+A1UdIAQbMBkwDQYLKwYBBAGyMQECAkcwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZp
+Y2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKG
+M2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENB
+LmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggq
+hkjOPQQDAwNoADBlAjEA44r6o6Z0fk9LkBM/rWHJHRnnAUp9Xk9SOV2f6UhmKgeD
+j7Z2L7Yo5uXkNXbSSlPMAjBNuD1eZPsa01x5O1s95Ah1n1cqQWEx2RlOQjPAusSl
+hqLPAfRaBwH+DT3+WIe4CFo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDnDCCAyOgAwIBAgIQYzZ5NUTvDA50idDA9enfsjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwNjEw
+MDAwMDAwWhcNMjkwNjA5MjM1OTU5WjB/MQswCQYDVQQGEwJTRzESMBAGA1UECBMJ
+U2luZ2Fwb3JlMRIwEAYDVQQHEwlTaW5nYXBvcmUxGzAZBgNVBAoTEk9uZSBTaWdu
+IFB0ZS4gTHRkLjErMCkGA1UEAxMiT25lU2lnblNTTCBFQ0MgT1YgU2VjdXJlIFNl
+cnZlciBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABMCLKH/oZ9jYxeRxy2Qa
+XmAS5xOONO9Ai3YZq7nDdaYRPvgSnluO2YiZJLNfWjW2zQHMcesa1n86TRAH2osd
+FQmjggF1MIIBcTAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNV
+HQ4EFgQUzbnM1P7AYzxO6CKim9pC9TX5FOMwDgYDVR0PAQH/BAQDAgGGMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIG
+A1UdIAQbMBkwDQYLKwYBBAGyMQECAkcwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZp
+Y2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKG
+M2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENB
+LmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggq
+hkjOPQQDAwNnADBkAjBOwLFrlbXq0KZKtu8RYOX78QVYJQRxxf8fFHl6rQaIjgj/
+EVwKteSri+f7LOUoEBsCMCuoR9jhJV1p7u+ZJA4DzbZ5lD/iggQFV0d+higVRuAA
+CYhHWFgfkB2wDTlyotARvA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGYzCCBEugAwIBAgIQfIlUE7QV1z23hAUnk4IoTDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NjEwMDAwMDAwWhcNMjkwNjA5MjM1OTU5WjCBwjELMAkGA1UEBhMCU0cxEjAQBgNV
+BAgTCVNpbmdhcG9yZTESMBAGA1UEBxMJU2luZ2Fwb3JlMRswGQYDVQQKExJPbmUg
+U2lnbiBQdGUuIEx0ZC4xQTA/BgNVBAsTOENvbnRyb2xsZWQgYnkgU2VjdGlnbyBl
+eGNsdXNpdmVseSBmb3IgT25lIFNpZ24gUHRlLiBMdGQuMSswKQYDVQQDEyJPbmVT
+aWduU1NMIFJTQSBFViBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAvhKNlELkq0uYGXo5lDhn9Djmz3n0GZ/wVYomfc5PzNk3
+A2Fl7KTnHQJPgpJl3aOhid/9GhYdMLo9PfhouFIoLYSG+8i0diAdyL5YjKuD9++W
+QWEJvVOPbRGj708kFbWfy2+nfiVQ2G/5sxcMhlPuXZicLNHCpYn3vDfzAxxQZAtU
+LnlRGuiHlD7ooV62ZHi84Ysy98brq3a/rF7HAMYq8uGDseg0+1O/sxmonlsOtH9Q
+lA7t6j9XF06uHomZUufLoYxMnEYw8388efwyZghr7KaEwlCsQMLmYhH0J+DQF21v
+XdlPje/vXDgZDUn+xCqxv4wFX0MQ7Gv/fnMPvpbvFwIDAQABo4IBizCCAYcwHwYD
+VR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFGwtg2HsMHRg
+C1l4SzLYRAwmVjm4MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUd
+IAAwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0f
+BEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT
+QUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/Bggr
+BgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFk
+ZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu
+Y29tMA0GCSqGSIb3DQEBDAUAA4ICAQBfWWEEQ8R+AZKKCNrF/p9kGX/pBEU24QUx
+yKHx6jrJK4yaVAF1Q01uq3/QYpfV86yucqq4dQ+9+/iRI5yCogtcuEtorshTcC9a
+Ya7jwaxWWjZzdwrS+8zxhYI05k0AiASDFlXP+RJaF3tX7s+d7gEjnmi5nQL72YbN
+mMZ9goFVDTTUEduM5tmKEjx2LiNneUKGx8bkkJnVeNiEr++AzSZAoCwBv/J0O7NA
+oQpmjRQhHWjRtxcz1zAf6DQsKr65hfsLpuDEiPKm/UpGTu83VmqZYjBr/tr6eNUo
+SanyBQFQTbQSpMv/WoNteZ5k5ovKUwckVAQoXcC68tZ/GQDplu7iRK3M8Bzm7E+S
+Cp3uqf2Q+uw6EsSfkVjLxZh5PQJVnUJ+MbPXA9adg9xCoEiEwMvvl/9McTZJ82Xl
+b320mQppNVxRouu3pPB5pMIb9x3W+W2GxUt63poaJRT4Jzo9MhwtA8Ccafkzpp9i
+yVz7fvHGSTA+/o0elks/Dxhw0T1iXsF3P3yMIJg+dUOZ2+9etEbKxipMrfM2vRFs
+IH3DoNIL9AoDsgVKjbTWpxWbeQHz+q31psF2DfvJ9c7ryPYLjjvrf/mYohDciJvZ
+bw+GdKhmDo6JqtSDHIWp/uT3c0Q14TTCA5Qbw2P3h/Th9TXKA/ZRa52sAJmgnFfe
+6c0bqXjsvg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID+DCCA36gAwIBAgIRAMY69krIIEy3g9QM90onyCswCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDYx
+MDAwMDAwMFoXDTI5MDYwOTIzNTk1OVowgcIxCzAJBgNVBAYTAlNHMRIwEAYDVQQI
+EwlTaW5nYXBvcmUxEjAQBgNVBAcTCVNpbmdhcG9yZTEbMBkGA1UEChMST25lIFNp
+Z24gUHRlLiBMdGQuMUEwPwYDVQQLEzhDb250cm9sbGVkIGJ5IFNlY3RpZ28gZXhj
+bHVzaXZlbHkgZm9yIE9uZSBTaWduIFB0ZS4gTHRkLjErMCkGA1UEAxMiT25lU2ln
+blNTTCBFQ0MgRVYgU2VjdXJlIFNlcnZlciBDQTBZMBMGByqGSM49AgEGCCqGSM49
+AwEHA0IABFbx24iujAMGtIKjy/Me7PKK0m+iytEwU0W3QXMjVs3JQ07P9TjkKl+G
+dj/s2D5RnLvTkASnp3o11DRIHfzE7VijggGLMIIBhzAfBgNVHSMEGDAWgBQ64QmG
+1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQU575pjHsGxyO2vgtW+rM2RInN6AQw
+DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUF
+BwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9o
+dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlv
+bkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRw
+Oi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQw
+JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0E
+AwMDaAAwZQIxAKkVCKRWtGfp5J4nXQQpKM/3KduAcTHZSVANOFGnX7qXS1gcrUYB
+3prbGOU1NkTB/QIwBNg7rp/l1wrA6ey6cylHCVTWNJ8nSlIitafOfVbAuXVvW1P9
+/A+HpB3vZvl90+Hj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGCTCCA/GgAwIBAgIQWapRhJsNopDxPcmcnDyxdTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NjEwMDAwMDAwWhcNMjkwNjA5MjM1OTU5WjB/MQswCQYDVQQGEwJTRzESMBAGA1UE
+CBMJU2luZ2Fwb3JlMRIwEAYDVQQHEwlTaW5nYXBvcmUxGzAZBgNVBAoTEk9uZSBT
+aWduIFB0ZS4gTHRkLjErMCkGA1UEAxMiT25lU2lnblNTTCBSU0EgT1YgU2VjdXJl
+IFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALCqUy0m
+mVb/GJOLCKt21hOVG6w6Pl/lXKAVG8eJ2XxvPKg1ExtxMpxZrEOTPpnqrJ5rfXwA
+ejYqHw5bhIXb9EVD8Wg2Rft/i2iAx8CHIiV6YSpinnlx4vW+zCLNHIxYRMUxrS9A
+UDqE+tZuEH5ymXLnO4fJpyf7jleBODgHZkRG8jOhfSmSPrbxX/x9lLjQatGzTD1d
+MoqofS4jpgxXoZe3Fjoak1igo485zu3wUg+98xcn81JqR9QFU9Jy/2vm2WYAPKNj
+9A4p6dBF5XlkUJKPurden1T/kAmr4IOpJ9JfRQiZ6nMME0RSREdEWZO3Ox5/HE9T
+i17EFJp3+psal1kCAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh
+2JvAnfKyA2bLMB0GA1UdDgQWBBRUACDlSFFUEyfuGI1wviuQV9pycTAOBgNVHQ8B
+Af8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICRzAIBgZngQwBAgIw
+UAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJU
+cnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGow
+aDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2Vy
+dHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAQDdqQog8/ApA2RcwXepFGjoS7
+Prg+yeIWFaviL46oroTQ29J7idbSidfvafaadqTmaLiJeq+hHxLgWk1XPoDAnSLq
+1IanfzX54fWDiTbjivlxGuXhEWG4uQwxUHMKCwSbxfsBYGDXKOMy5KoUFAHcj6Uo
+bVNUTkFpGeOlxh7FcUx2v19LKHZtOzuLR1mzZoW49daapczg06zCMFwWbJXJL1qG
+tZDYaNEHaChtuLnm1JEyDKVux7TCGWV9w1kmKbjNr5gTSj4skHOQ/l11weMklTeW
+q7Mvfl/kq9/K/Zxtrf4MnvyoXkJE8SjaPXw2fC6Qe/FHxwER5CHhqKUV6jJFyr97
+Cf9tJ6FZb9QF/2AlI9vGK34d55tOTAGfc6GIGJ9MV8gcWrG+Sb8g3JRqWZqJ5w2m
+b0N/PFeFMwXIwmPwwCmW6DhSVpiMcVEYKc+Cm1KNubfBTEGpAMRD6Zw11UqnmJLu
+VHLrhbLPLPj3BTTmgKSYlB8gqAHMLRdp+Mr3Nks6h2O1YgFVBUnbrcvsGlBd39i0
++1Imj7n3kAwDGtPhv7RIRcsWqQrQypsYhHK0ojvCzqgiiXXDzR0lVko24+vJGnUC
+7nAOX9DcmT35nSIki5ymQXwi7odtGuu5DHa91ryOKp8qM9A5FyuC6sK/HJtqxC36
+d//1naGE/rfgl5DWcA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8zCCA9ugAwIBAgIQacBXDW4hRjGa0eWDTgSdzDANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE5MDYxMjA4
+MTAwN1oXDTI3MDUyMTA4MTAwN1owdzELMAkGA1UEBhMCQ04xMTAvBgNVBAoMKEtp
+bmduZXQgSW5mb3JtYXRpb24gVGVjaG5vbG9neSBDby4sIEx0ZC4xFDASBgNVBAsM
+C0tpbmduZXR0ZWNoMR8wHQYDVQQDDBZPS0NFUlQgUjQgRFYgU1NMIENBIEcyMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9JK8vwFAT3g1JubBXTXIcO3
+FfD209QVmBsAZo1m1S9XAT34fvRa/vUHdfoeHio+bZmHKs8bFlcKSPB4x3LqIVWO
+IskAnJewGe4mxOCjL+sIWh3X6TVRTgY/XdekbDNKJ5q1UdSaxt3WmcFMSmBaZcvq
+00/2CBZVRx/AQZm56dGtmmP8cliJHgkM4m9JGfaMpgHhnnDvjEQnYoH2Ku7J0NUU
+4ut0Oty8hJTclLX1eItoltmKx3kHNgr6SuG4uadUnXITlWAErvFyh16MyPUIY0CM
+jRnGbmN3iVKwZmnTJy6aj0m8xIj/LJAwLaH/WotUnWsz5qmYIEF9KSxVNtjd5QID
+AQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUut7yQf4d
+M1qCR5XtKBoYVvpvtNIwHwYDVR0jBBgwFoAUVJndm//opw6jGZ1bvkJX3zD8jzIw
+DgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4
+BgNVHR8EMTAvMC2gK6AphidodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9nc2Nh
+c2hhMi5jcmwwbgYIKwYBBQUHAQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8vc3Vi
+Y2Eub2NzcC1jZXJ0dW0uY29tMDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9y
+eS5jZXJ0dW0ucGwvZ3NjYXNoYTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQG
+CCsGAQUFBwIBFhhodHRwOi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQEL
+BQADggEBACyLFhxwH6ygdyWEeRxSHolkOF3/UTBfab5t0vbQ0iCCerR73Zq0TJwx
+sA6LApBDPp8TEfevV0HSIVzVPnDihwMCJpY6Y0uwWxycByhWgx3IkgNBzDBM1IA0
+Ulfinh36U7mQCeHKy3B7/RAqlnB6lYa/YFIaxQ8QCUg4WRy/De06yxndblbLiEYe
+O1F2KYo2cpVXQsAnm1ZXocm+m7+DDd2WtSNP5EKqwqQ5E1NPQhe6OJC5B7wcT6b2
+w9ydywvxIziCm7+JHZEHuctzAVuURjw9HR8F+3YpVpXPqJ2w1x95cv/rD5cHHCOx
+WkrtRrKz1lX8hTiUIaFXWgQpbuyQjQ4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8zCCA9ugAwIBAgIQExCcvNQp6uiB8J4hXy3tODANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE5MDYxMjA4
+MTIwOVoXDTI3MDUyMTA4MTIwOVowdzELMAkGA1UEBhMCQ04xMTAvBgNVBAoMKEtp
+bmduZXQgSW5mb3JtYXRpb24gVGVjaG5vbG9neSBDby4sIEx0ZC4xFDASBgNVBAsM
+C0tpbmduZXR0ZWNoMR8wHQYDVQQDDBZPS0NFUlQgUjQgRVYgU1NMIENBIEcyMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogiPK5lB9HtHQ1bRZySHal0Z
+3Jupl2OA3JhLnnrprEspoG5mF4dtaxdnU9I1zLCZgVZwCzkVQEp96klBgz7L0Y4T
+Y9rGBDpSnTila3k4C7P/tu7Id1ZMrU8S/BbFOCD1GEd6uZkNEJNfKqu5bX2P4WgZ
+fxaK6/EVzo//sBLWyZhS0NeP2bVSNPFht4ttg88B0k6vsoje0oU7JcKco8zZdfl5
+ofo70NNXw8vPluSe6IjyZgQSLhg0j5OySnO0vypl3s6ahviWyU6emmyrXm5PX7JR
+/EczIxhCu7/kfFBpQlu4rGEt/C0jd7QwlCBpZQCgclgQ0yTAUTu4wIP603qgOwID
+AQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUNDo5si9z
+Mg0jLHpv+oD7Ap9EfTowHwYDVR0jBBgwFoAUVJndm//opw6jGZ1bvkJX3zD8jzIw
+DgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4
+BgNVHR8EMTAvMC2gK6AphidodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9nc2Nh
+c2hhMi5jcmwwbgYIKwYBBQUHAQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8vc3Vi
+Y2Eub2NzcC1jZXJ0dW0uY29tMDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9y
+eS5jZXJ0dW0ucGwvZ3NjYXNoYTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQG
+CCsGAQUFBwIBFhhodHRwOi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQEL
+BQADggEBAMTxakL3WBnjhNd0O4FyI42h0pPjouN6/eUVzBYdqUTDH+EhLDkBmH0g
+Lb/SawcPsA1tdWgDMLHdw0XtLhgs1PF66y5gF53QAqxMHNdD5d5jrR7hwk29s1a2
+y15JEkMUjgOoXKRgYwVTlFecx8tBDrcgrGAdwX5Gxkn/Mc/y5Dw5Y7O8LC7JIFyY
+xyibmW2PgkuHHvB0kk95XMkq+dufwR6Pp73KP6vjEvzbdXyPbs/5mM1dgcGUhQPK
+rhlg/eVPO7PL5Z+ZVjIaRZU2YC0TQSSsgyESnMXRwidw6tNPKGUurQbRc2D9Qq9M
+JRp2JmYPabWLkUxvJGxhD6MKKscOOJw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE9DCCA9ygAwIBAgIRAOxODrarKieKZs87DWGanYIwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xOTA2MTIw
+ODEyNTFaFw0yNzA1MjEwODEyNTFaMHcxCzAJBgNVBAYTAkNOMTEwLwYDVQQKDChL
+aW5nbmV0IEluZm9ybWF0aW9uIFRlY2hub2xvZ3kgQ28uLCBMdGQuMRQwEgYDVQQL
+DAtLaW5nbmV0dGVjaDEfMB0GA1UEAwwWT0tDRVJUIFI0IE9WIFNTTCBDQSBHMjCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOcmEzMfF3hka1d27dSMcqko
+hhzMJRzT0Vgef5vvMcmgA5DBBTYvDhcCNZlK9Io1ReYsvp/Kd+ALrgCXWa2o76NJ
+pALpPTOcDHaYk6eKLCBWfKwlRU3M9XsquyLqHAdvmmOUUchRvKdAgCmsxSQLVq9i
+ScwaoNh+/tmMYHJysPmmJq4Ld/Xgneeb9m+yQAIx3vUa6v+AyqDQE8JJfkHyaBMG
+DLVJUim9J3oj/U5Ub40A9qziM9s7mjG8rMBNSVAXwB75A30TZKjovAXqZTppTW56
+ZI4DKyOz4bKJ5az3LD/nZi9lfkIE/zY2trN4ovk69VHrkvqfLP6NR1GcBp/4f3UC
+AwEAAaOCAWwwggFoMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFIUyGP93
+msmRgNgbkRe6FEACMWpCMB8GA1UdIwQYMBaAFFSZ3Zv/6KcOoxmdW75CV98w/I8y
+MA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+OAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL3N1YmNhLmNybC5jZXJ0dW0ucGwvZ3Nj
+YXNoYTIuY3JsMG4GCCsGAQUFBwEBBGIwYDAoBggrBgEFBQcwAYYcaHR0cDovL3N1
+YmNhLm9jc3AtY2VydHVtLmNvbTA0BggrBgEFBQcwAoYoaHR0cDovL3JlcG9zaXRv
+cnkuY2VydHVtLnBsL2dzY2FzaGEyLmNlcjA5BgNVHSAEMjAwMC4GBFUdIAAwJjAk
+BggrBgEFBQcCARYYaHR0cDovL3d3dy5jZXJ0dW0ucGwvQ1BTMA0GCSqGSIb3DQEB
+CwUAA4IBAQBmeKFhY8giBe6Vq+hl2bw+5Okv5p1mdpKHnvKrZwCqpfAQpxdo1wnd
+PCri8C6weusrPZEQWVatamiie/HghzcYlEzMGh4dWb3J28uSWeXFL2yRW7qRgKtT
+7JP6ZDB6hYcwCWMevaMxRPanP9yxV2a3Z75HarDemTBGhK7u4gvSpaKK16XAvYCM
+5tArdy0jMF+AlrHPQwCikdozqoYhhlaXsjjEtTbYRpHUAmcQEzbrd+j3BTtkixgp
+LO8aSAPgwUTqmPufx6+h1dgjkoAH8ddAOZiYeoFTUKZUVtbAhOzVa+ejMFa5Az14
+Sb9LjsnZUGkGzS64rlbE15mihoYGHWb3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF9jCCA96gAwIBAgIQFPAkFSJhqpbMfp4uhCXglTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NjEzMDAwMDAwWhcNMjkwNjEyMjM1OTU5WjB3MQswCQYDVQQGEwJJTTEUMBIGA1UE
+CBMLSXNsZSBvZiBNYW4xEDAOBgNVBAcTB0RvdWdsYXMxGjAYBgNVBAoTEVRCUyBJ
+TlRFUk5FVCBMdGQuMSQwIgYDVQQDExtUQlMgWDUwOSBDQSBQZXJzb25hIDMgKFJT
+QSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjFjcmfhptTJKaBUKW
+lTWc0zRWUbPWd/h00y3XzpqTx8rf38AKSonIKAQ1ePC9qMzLZGJdJb245P5GiFmi
+ogjXWfieLTKq72Ohd7qfDvtvAVTo5HbNA3hE+0psrQKMCAqOphde1OszzdPZo0Tf
+fht0mo5lUDNnU3xkcnF/KXKWWrcqsCjcqOmw51hdDWTL+JUDXyLzbv07UhXlNn3e
+bB6xNXp1lMwWMiPekGI+yY6JApiWWc/j1k6IcOs08prmOkokLEZL+KA0xzexWSwV
+Nt2USLjt3zLOMn5YY0crhRTR8IZNQyaeyD+9PIc0KlNP5OL2TMQGC3SgqZFN6NkP
+feiHAgMBAAGjggFqMIIBZjAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNm
+yzAdBgNVHQ4EFgQUCvCYnPwjUIRazgoGYsd0mFlnapIwDgYDVR0PAQH/BAQDAgGG
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF
+BwMEMBcGA1UdIAQQMA4wDAYKKwYBBAHlNwIGATBQBgNVHR8ESTBHMEWgQ6BBhj9o
+dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlv
+bkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRw
+Oi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQw
+JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN
+AQEMBQADggIBADoiun7R++b1XOSHDCq+csIwDTfJJCT6J0DJFeWCKX8CjjL0MmaY
+A6a+PsJeShc8lbw30jN1Lm9wn4w4hOIM7yvs8enfzVJLKC9UbHp3BBJlkhERsOTw
+DtZ72kaZxwj2J3afHVh0UAlV5qpy411kw/3prw94QqQ4uxvkplWTQ2FG+FwUPe91
+x+cwhumO3Dhmt3fpjbOQV2Sm6jo+6MmPi/idGKIOpvhGts0dByctb9BVG7uKEryP
+N+RefvbuDhuNhrofV0VIbQNtrWZPCM+H86TlCc0Jw88A1991VsCxJpBMUA1j5GPd
+IrG7QTrb7SyeiIjSbxl06ObnG5JBk/mTKvSA9OjgO5Ui4MDH2htXIj46gjR5ND5Z
+qC116+4CiHYG6EEhTnEuiF4z6/IGWw+rJnBDEZvDhY99A8If4bV5NzVfx2ndkgmj
+lqs/HGz148yN0qsO57cFR/JMAmX34IiCV/EWODhDgKwau0xje3yvcZuNj+AzETks
+wnn4UF4Ef830a0iK7cr38ygQw0Kh5SshoXxmsuYrk9eexGzFUGLY4xVmQBlTSt8a
+dJugRjRe3gZ6tbyC641AWOTPYIG494OHZJmMs6FSt+xAF1LFNjcDV3cgrwUMPewK
+GxtdtoTLdRJeRoG3zBKL716dKloBz1feGW8iuc5ubvZf43VCWqGv376e
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDijCCAxCgAwIBAgIQMgZCPebGLJaMjsGc924E4zAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwNjEz
+MDAwMDAwWhcNMjkwNjEyMjM1OTU5WjB3MQswCQYDVQQGEwJJTTEUMBIGA1UECBML
+SXNsZSBvZiBNYW4xEDAOBgNVBAcTB0RvdWdsYXMxGjAYBgNVBAoTEVRCUyBJTlRF
+Uk5FVCBMdGQuMSQwIgYDVQQDExtUQlMgWDUwOSBDQSBQZXJzb25hIDMgKEVDQykw
+WTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARXciwprCDGn3G53tefvMM/a5x0CNr2
+DPQZNSm4Bgzai5QJJDLiuja++u0zKQbFBhcnijYol0ayyvCHhyaP7Fygo4IBajCC
+AWYwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFLiY
+Sa4L6oKbCdmffuRRrvzzlvGrMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAG
+AQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAXBgNVHSAEEDAO
+MAwGCisGAQQB5TcCBgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2Vy
+dHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3Js
+MHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1
+c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlo
+dHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMQC4a4Ij
+DmxB0h75ms1HsgFDPvDcMsH5k6wY3edCfsrVGMzdl8ewF8HhcrOBsUaXiP8CMBBE
+WdKbwSAwtCHeW0B2LMNetdBVX/i3ExYWWCGHR6nrb4bkMiMGZgWXqvqr+WReRw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkDCCA3igAwIBAgIQCuSPIwEwZEGSWeHCmumNGDANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE5MDYxOTAwMDAwMFoXDTI4
+MTIwNjIzNTk1OVowZDErMCkGA1UEAxMiQXBwbGUgUHVibGljIFNlcnZlciBSU0Eg
+Q0EgMTIgLSBHMTETMBEGA1UEChMKQXBwbGUgSW5jLjETMBEGA1UECBMKQ2FsaWZv
+cm5pYTELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQC9vhI3XrifeRWYC+x6U5sPCaYAPncBLBBsyQdt7ztiyROEG6fEKZG1tToZMES3
+jtgqV+7RcBV9xX2jVeU+EwAnHkIpwoDWcte0gLfALL3hkVcwXJoJaojVF8mMHlJt
+QYTr3FYkZ6FqALt/LFUxeis3/Zgtug7EoqBsZeF5g79lSZtZqcNLm+3NuvZUdAHB
+GIzD++wVlOhy9IxahD/Z7eIkpuJTedYVpLmnX/fHq92gYoNHezlNN8vdILlsPV4k
+IdrwTKso7II25Kha0/l3hx2xEBtUIQLMGxKF+fD9AjcYhSMqhTM5/2tyud4QJxIy
+409Dj4OhNooHAxurBDHwV8ZlAgMBAAGjggElMIIBITAfBgNVHSMEGDAWgBSgEQoj
+PpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQUHlwXkQVXAvx3XONwQ+xr/d3S2Gkw
+DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAh
+BgNVHSAEGjAYMAwGCiqGSIb3Y2QFCwQwCAYGZ4EMAQICMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
+QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYIKwYBBQUHAQEEKDAmMCQGCCsG
+AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQELBQAD
+ggEBAGa7XPTd+1lgnT/dDf2agLAIIXpbTn6XtEGMq9jovXbK076zHlQSWapd6Zd/
+p/uWydwuTbd+cobkUTFZhKGMkY0e8gXgI2s09kQ0EfotFUOdQ7qf1U+UM7JIEZmD
+gsTn9vBLNwbtwH9t6cvYxH//VhWyL07pPkfTFBVqvAprGZ9MgraZD2S9qYu9usfS
+vuH4lr4b3NuZ7mh3zOs4aD3Omgx30DU8DV82LikGN4/MF+uDOGgHtPv0ozlvPrFc
+8bsE+lTnjP199w5X+kPtpzrkjYPNrGxTg4nhugo6y+GPOCl00S+T/794oTq/HFlj
+6IoOvOR7UaKo39qnYwA6Fs0F0to=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGHjCCBAagAwIBAgIQTkGDlLJAp8yo52qunYSXkzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NjE5MDAwMDAwWhcNMzAxMjA0MjM1OTU5WjBkMSswKQYDVQQDEyJBcHBsZSBQdWJs
+aWMgQ2xpZW50IFJTQSBDQSAxMSAtIEcxMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRMw
+EQYDVQQIEwpDYWxpZm9ybmlhMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANXQleBp2ymgmzpKNQxChEbgw8KXA1YbskpjRfjnXb7d
+bgEKqqrmlsTk/Vat2lmr+wPGJto+w/uNkiXHXyy/MjoAxc+M4Ad39cQcEmdTyp4Q
+cyHkqqkNSHg6bhExrCi6gQM4881sWc0Pw7B+4ZMWw43/x+d3005vtMXy5pwoJDDf
+3Dx39nVfwnPwt1QyTwpiu+aWNGJdiDAC9btsO9j7/SKsqb8PMCNPNpE38UibH5jI
+SkH4hJAwIhZxE9iA/+iGzvSgHCG5UBotniscZfZTVV4+AB0745hict1QqNZDWZkc
+VCosDohqfRbgvVPkCWI1am4rDvohKlSk0PmTU4dW1TkCAwEAAaOCAaUwggGhMB8G
+A1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBRf9paPjrWI
+HXPcIHt4Mdxftrc9GDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH
+AwIGCCsGAQUFBwMEMIGSBgNVHSAEgYowgYcwDQYLKoZIhvdjZAULBQEwDQYLKoZI
+hvdjZAULBQIwDQYLKoZIhvdjZAULBQMwDQYLKoZIhvdjZAULBQQwDQYLKoZIhvdj
+ZAULBQUwDQYLKoZIhvdjZAULBQYwDQYLKoZIhvdjZAULBQcwDQYLKoZIhvdjZAUL
+BQgwDQYLKoZIhvdjZAULBQkwEgYDVR0TAQH/BAgwBgEB/wIBADBQBgNVHR8ESTBH
+MEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2Vy
+dGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwNQYIKwYBBQUHAQEEKTAnMCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4IC
+AQBrLVtXy+yZ1ezqBAm5pzrTPwSJqjRz9/rIE7nE6gdWyS7hw4jtCjN50y8KnHyh
+sDbKTb1/4Q03PJX6Q4D3SSR4q6674hsb6bMtzufBULC+2Y5+R3WTj6oTxlinJpUt
+MKcTyNeQG3/1XuZJKq81GHrNvAb22O+QSZ4PKjThHCTZI3g1ZjvkOnBdQ/++3I0/
+/IKtv1O00PkD1PXLcca7YPUMTnGl7NvMsS+v2SyFlQFgFPNk/7dSHsFbQ5aojaKS
+upqddkv79uRKrMDjB27Fj0KS4K96BNEncuyEGRfYvpjCKbjNaew6A/w9Udm+mV5P
+h+FMMRS7pJ+CDcZW1iJTZ/q4VVLV/h1J5JFjrw1myfLFMa+gwONvKXBMIAwKmhrs
+VTbGI+EvbGUig5YZtAXJrB8v9iQUX5qURHEZHKV7tIqRsMaUKTNXbIMFRdAmbkYO
+j3bBnrKBkZlyJ9CoCG9ms+F8dcgCWcANOUPwRCLZwlbPebxBID5CjMh5HPJQoQRl
+clZwB9XFiaMMDDXprhp9Pmekr5i7KySKmynTggYeubuMwqA2y9K+vu9pSOs1F/60
+d0OZ8zzsUaeNQ9RZM8wOcpIr9ZK5vAyesbiQMY42ZHQyXGvBXSqUrzmUf1srCoR/
+eEoQmCb6b7pQeYVdf0Z9zA7AkfbjnWEbF6Q1k2wlA0HIwA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFrDCCA5SgAwIBAgIQXfq7lXfPq2cfx93+0c8gWzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NjE5MDAwMDAwWhcNMzAxMjA0MjM1OTU5WjBkMSswKQYDVQQDEyJBcHBsZSBQdWJs
+aWMgU2VydmVyIFJTQSBDQSAxMSAtIEcxMRMwEQYDVQQKEwpBcHBsZSBJbmMuMRMw
+EQYDVQQIEwpDYWxpZm9ybmlhMQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAPiPPrsGoduNR8nbfQ0MXTV/7CPf3ys1hKdt74O7ykg8
+SV3Yd8a+SnXPeHPlNxlupRGtZOoHSCTUY0AxF1Z19i466OI/clzBzO/rLmd9WI6s
+zgG3tzCvnVIDwT+ChVp99lmHxkmSkoTiU+U5UO7QF8wOQR/OaShX26295YUwP52W
+uVnhKkzTLvAdMjvZv7OtbcKh6LQwnnOwVbiM5K1o9gelleEwvra8+HXQZGkdzO7/
+pv+26ZRLQNlevVAMJMxgo8/zwP7vgTU+hPKVkLZQOFCWLGquaesFf8GGIVlIn6AF
+hscYhu47HJIcl51WtrbGoWvQ/IqkX87BFBxy3SXWOpUCAwEAAaOCATMwggEvMB8G
+A1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBRQArgTLBWD
+0UHDEYqLQjsBI0OpVjAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMCEGA1UdIAQaMBgwDAYKKoZIhvdjZAULBDAIBgZngQwBAgIw
+EgYDVR0TAQH/BAgwBgEB/wIBADBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3Js
+LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0
+eS5jcmwwNQYIKwYBBQUHAQEEKTAnMCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51
+c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAnd7qlXd+K82A2HSfIHt3P
+BzcS+q1OPkj+f/9Ft3nYg4NYlx2h2r8zax6l1A/osslr8g+B+MXCfclPmOhN69GK
+Pk/1YrergoBtI5iJKJBcDkUKZ++0aG0yNimNZuLfRn24nfVtjkI+hNdP36Cz0HAM
+FFuySnF2UQKljvUs8GJ5DwxefrNy3a6zNWyiWMx44fHfncWnQQ1lSvsfPVFvlqX3
+vXJ79GmxZIsJWoFy5adUER2eYo7hXVlHjjD/DqrqYxwLROPh7TEbld10ashDDJ/5
+6HClJNVME3S8A3FWyk1nvqwuLZnHxaBnvi2mhy8UeX8nA1CcvTB4gHr0wVP2Xbuc
+NkYUOZgB2TaYBlRfF7QGgYlxtLjq0Oqv5RRI6A3ZVDkYtmSxOrCc6Ymwwf3B1tdn
+vKj8dv82zfUGUy0sshcSU3Vb0pwE5mNt+9QT0S5fCix0dco2SanGDTgJTkR/yRFR
+cq0V6ip8wcr7pCwg8IwF16W0UzfyA3c1Tnkcc2rIYJ8UodBgRLgCUsaqk9KyehAm
+CiBSTYraMMSOZgVhXnWYmxVPBG9wCpt27xiM+VCmI1CqNOEcWXvFY8edfG4RbBhj
+5dXwWbO9rOaD7aog62ItxjM3a8DuKgeP82IXvj5f2/ZVUGU/HzQsa8NjiPjZ26Ho
+46TkVtBBCemE2Gq3DbkcFg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDxTCCAq2gAwIBAgIQcmYYdTrWySLFbJ3h84R4sDANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTE5MDYxOTAwMDAwMFoXDTI4
+MTIwNjIzNTk1OVowZDErMCkGA1UEAxMiQXBwbGUgUHVibGljIFNlcnZlciBFQ0Mg
+Q0EgMTIgLSBHMTETMBEGA1UEChMKQXBwbGUgSW5jLjETMBEGA1UECBMKQ2FsaWZv
+cm5pYTELMAkGA1UEBhMCVVMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASXeXEn
+8c9E2Yz/wRm1h1nu0bXLeJE5jE1KoRg9EMpqvAp/dJXkt55PMshirJY11V2e8n6F
+Eob4GkhYnzFGbrAwo4IBJTCCASEwHwYDVR0jBBgwFoAUoBEKIz6W8Qfs4q8p74Kl
+f9AwpLQwHQYDVR0OBBYEFF/jLoqUl97TXOG31LyYjjEpyZA6MA4GA1UdDwEB/wQE
+AwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIQYDVR0gBBowGDAM
+BgoqhkiG92NkBQsEMAgGBmeBDAECAjASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1Ud
+HwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmlj
+YXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0
+cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQCj3G3o0UlY
+2Mhej3oddvVnuieM19jahBV0OBTA4WPEqWyycEubm8+s9zWzALPqYdnQU3/DWCS0
+PUlxsE16N7VV4C9kYkdDIfyZzWzPoEuuCN4s5oDUQ0UmXzJPvfuJX87HZxLiBtzk
+HQHowsXqhkFmfSIadhOW61Q/xDia/LWNPIkncB7Xs8+TTCMhf8oorfM4P9hqSLzb
+Pq4nJ+1kWaNEPCIPC3zczBl9joB8WDXB6fuWyadAJI0lVqB/jADhQYu/qJGo5tsQ
++6qvg7X6ZGXQp4O6g+mLcQ2BKReqzZtQUIGpXCFYNHdi8A89c8QqPKeazcrBrqH9
+z6X8AMunwFlY
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDOTCCAr+gAwIBAgIRAJjBcnaqg2kI3NxbTvi9QXQwCgYIKoZIzj0EAwMwgYUx
+CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV
+BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYDVQQD
+EyJDT01PRE8gRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDYxOTAw
+MDAwMFoXDTMwMTIwNDIzNTk1OVowZDErMCkGA1UEAxMiQXBwbGUgUHVibGljIFNl
+cnZlciBFQ0MgQ0EgMTEgLSBHMTETMBEGA1UEChMKQXBwbGUgSW5jLjETMBEGA1UE
+CBMKQ2FsaWZvcm5pYTELMAkGA1UEBhMCVVMwWTATBgcqhkjOPQIBBggqhkjOPQMB
+BwNCAAQMOys00wbS//d8upMzBGqcAE0yvE7lx9Xi3Jy46buB1jfqZM77BniCdgV7
+BebQfCtf2RfbSHjOfnCpkmuw2dhNo4IBLjCCASowHwYDVR0jBBgwFoAUdXGnGUgZ
+vJ2d6kFH35TESHeZ03kwHQYDVR0OBBYEFIW1lNhxgs7OVoCzrzWYq3ZLbawpMA4G
+A1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIQYD
+VR0gBBowGDAMBgoqhkiG92NkBQsEMAgGBmeBDAECAjASBgNVHRMBAf8ECDAGAQH/
+AgEAMEwGA1UdHwRFMEMwQaA/oD2GO2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NP
+TU9ET0VDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMDQGCCsGAQUFBwEBBCgw
+JjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMAoGCCqGSM49
+BAMDA2gAMGUCMD4Ri/A8513J9YSUzSCjyNtqqfvZbOqOAOevCqaiLWFiQ73penOt
+d/5zmgZTyJbItgIxALCSbL7oEpk1DzLHiJ72sDnHiQWdeRSCI1H6gycotKQL3x8Q
+pNEd45fb6rj1ghL0GA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFUTCCBDmgAwIBAgIQdR4/VknnTLv2nQAmtnyqjDANBgkqhkiG9w0BAQwFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE
+CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTE5MDYx
+OTAwMDAwMFoXDTI4MDEyODEyMDAwMFowTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBS
+b290IENBIC0gUjYxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh
+bFNpZ24wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCVB+hzymb57BTK
+ezz3DQjxtEULLIK0SMbrWzyug7hBkjMUpG9/6SrMxrCIa8W2idHGsv8UzlEUIexK
+3RtaxtaH7k06FQbtZGYLkoDKRN5zlE7zp4l/T3hjCMgSUG1CZi9NuXkoTVIaihqA
+txmBDn7EirxkTCEcQ2jXPTyKxbJm1ZCatzEGxb7ibTIGph75ueuqo7i/voJjUNDw
+GInf5A959eqiHyrScC5757yTu21T4kh8jBAHOP9msndhfuDqjDyqtKT285VKEgdt
+/Yyyic/QoGF3yFh0sNQjOvddOsqi250J3l1ELZDxgc1Xkvp+vFAEYzTfa5MYvms2
+sjnkrCQ2t/DvthwTV5O23rL44oW3c6K4NapF8uCdNqFvVIrxclZuLojFUUJEFZTu
+o8U4lptOTloLR/MGNkl3MLxxN+Wm7CEIdfzmYRY/d9XZkZeECmzUAk10wBTt/Tn7
+g/JeFKEEsAvp/u6P4W4LsgizYWYJarEGOmWWWcDwNf3J2iiNGhGHcIEKqJp1HZ46
+hgUAntuA1iX53AWeJ1lMdjlb6vmlodiDD9H/3zAR+YXPM0j1ym1kFCx6WE/TSwhJ
+xZVkGmMOeT31s4zKWK2cQkV5bg6HGVxUsWW2v4yb3BPpDW+4LtxnbsmLEbWEFIoA
+GXCDeZGXkdQaJ783HjIH2BRjPChMrwIDAQABo4IBIjCCAR4wDgYDVR0PAQH/BAQD
+AgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFK5sBaOTE+Ki5+LXHNbH8H/I
+Z1OgMB8GA1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMD0GCCsGAQUFBwEB
+BDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vcm9v
+dHIxMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20v
+cm9vdC5jcmwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBz
+Oi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBDAUA
+A4IBAQDHrE3fEsZgYRw59I03e5wt03B45il4hAHmquLc33pbkGZn6r3GgoKVzvwC
+aBgtl6Jp93gZD8G5UjAFLj840jWDhOP7KSX6Q7rGjOsWNFFDJJLDUKQeJpB1PTRu
+HqVI15zxiCl/VCP7mbTW7X/pILaFOPO+T0Qj+TUOU37WOjk6wdeyyOFiDhKSwH2Y
+VE4YlAo0R10Jo3uNnSCFBgPw7gy1xt1+ajCbnzZYpQNXFy/0Lp9h3JOClE7TGvli
+FUazCjxvhHm5YWqulA51wFT2K9LRiiEWw3UJAgTTmxASitVHHLb3erkETk6SCwGv
+OG1eD0qLwuSeARZmhw3xFOCvMHeQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFAzCCA+ugAwIBAgIRAMt5UT/fWkG366O1ASxmV2IwDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0xOTA2MTkwMDAwMDBaFw0y
+ODEyMDYyMzU5NTlaMGQxKzApBgNVBAMTIkFwcGxlIFB1YmxpYyBDbGllbnQgUlNB
+IENBIDEyIC0gRzExEzARBgNVBAoTCkFwcGxlIEluYy4xEzARBgNVBAgTCkNhbGlm
+b3JuaWExCzAJBgNVBAYTAlVTMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAm39I57iRs4aa5rTkT8v25aMpY3wlYJoEQ+S2f/FWHuTVAGD3cZVQinVLEPno
+c8b3P+hfrFzx0jDl6HCy7Qa0a6epruXfORXQD0/Q2Y0MdGYaIwJqN2ClPsa9qICt
+J6RKFFjnS9iMzDoq80fJ0sCnY8HFBlTJ1+BJCsL2FH7kqIDVPuRGodcE8qv/eIR+
+USwHEY0ih6vWWHs1/+wXF35wdwDa/mDosthxr9y3nK/28BnHL+B/KHVk8dRrim1c
+5ioO/g8st6y9fz3Hgep+sEpMh51NkUFXwoVlsu3aZOlj90MvynPq+XZD+bfuc6SJ
+wBH8Rk1MxQBl5aPMrkHInUP12wIDAQABo4IBlzCCAZMwHwYDVR0jBBgwFoAUoBEK
+Iz6W8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFMoG8JISPXsAWukoR6glG/DQgELM
+MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+gZIGA1UdIASBijCBhzANBgsqhkiG92NkBQsFATANBgsqhkiG92NkBQsFAjANBgsq
+hkiG92NkBQsFAzANBgsqhkiG92NkBQsFBDANBgsqhkiG92NkBQsFBTANBgsqhkiG
+92NkBQsFBjANBgsqhkiG92NkBQsFBzANBgsqhkiG92NkBQsFCDANBgsqhkiG92Nk
+BQsFCTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6
+Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDQG
+CCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2Eu
+Y29tMA0GCSqGSIb3DQEBCwUAA4IBAQBVuyW5n/2AUXteIehTcfA/AENKMJwZpvfi
+tTwIOPin2iyywoxY/eulT7lEp8eJo3pqsLN8daxqOjdC+c/swMKN6/dcPVKtUfgh
+t3xgKzfuzOwlQ3AVJAtCta5shCo5Sg4zxKdguQ5oaUvy6JgNrQzLAo4+p03YfNpJ
+dD7ienJQ1gfMP1gXVimRNAA7QhRqZhCwLVdisu3e9A7kRYafrjK4P5/t/GzMu1Ym
+EoMDgZzj1yhmewNvqOqformfj9+Ly+Tw+KmbWCy/ty6Z6bDwdxYcoGwgCC5vv10H
+nwusiqf7tIbbvSrwkPldhZZ8xEDfILwOLUHxdznoK0mZe0lC+arK
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDpzCCAo+gAwIBAgIQdR4/U+MYWTPpXwjs7q0ClzANBgkqhkiG9w0BAQwFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE
+CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTE5MDYx
+OTAwMDAwMFoXDTI4MDEyODEyMDAwMFowUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBF
+Q0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpH
+bG9iYWxTaWduMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8L
+ttV7HpI6SFkc8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWd
+TaRvQZU4f8kehOvRnkmSh5SHDDqFSmafnVmTTZdhBoZKo4IBIjCCAR4wDgYDVR0P
+AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFD3mKUib6gfKIURK
+Jt5u3tKD0J9ZMB8GA1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMD0GCCsG
+AQUFBwEBBDEwLzAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5j
+b20vcm9vdHIxMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2ln
+bi5jb20vcm9vdC5jcmwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEW
+Jmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3
+DQEBDAUAA4IBAQBQ11FVSLT8GKzvaFvpSX0w+HxmfvrzTyL4O3FkaxnrNVtzxu/M
+VkQBDYlswOnpMjaphFtnWBvNWrPRA60hNYGyGuNYe5dGDoky/9mPlnWXCNydRQJ3
+7Nph4umG4yvqrxhnrsjW6NKca9ccoAw0rJEUDd1cYSakNgtPSf+tD/9bkN7E5fsu
+QWUkqgT+sB7Mlx1rxBULK6rPidx2fbgKwTzNXfTTGc8JuEX+YN3jG2dkMhaOdk7y
+CsAqHmzJ/BIXWwWrGgLozflb7j9n8CSOqwO3ISlr5Ztjqx2YJ4LWb25rHp/pATLl
+iBujmo+JS32LF0qcFLpp2+dCHc1T9qcvjmZy
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFHjCCBAagAwIBAgIRAIZmsCrBy1RAAAAAAFHTWJwwDQYJKoZIhvcNAQELBQAw
+gbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTkwNwYDVQQL
+EzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVu
+Y2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNVBAMTJEVu
+dHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xOTA2MTkxNjUy
+MDhaFw0yNjExMTkxNzIyMDhaMIGxMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50
+cnVzdCwgSW5jLjE5MDcGA1UECxMwd3d3LmVudHJ1c3QubmV0L3JwYSBpcyBpbmNv
+cnBvcmF0ZWQgYnkgcmVmZXJlbmNlMR8wHQYDVQQLExYoYykgMjAwOSBFbnRydXN0
+LCBJbmMuMS4wLAYDVQQDEyVFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+IC0gTDFFMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlsEVHfdDiRm
+3Cqh24DMXcdf/VIWWNpflAapuLa5YwxHIILsx5VOi7h3Umo9tYep1uHMdOWmyMDU
+Vk+NLtYIPgxMQz7wQZNeRu8559llKgx2UCe9Ww0zMwfg96KpnOERM61m/NIseqqj
+cxa+k4V1D9c3jPojt2T440xu7bMFveI223zedkTagnJ2tm7/lKHQhvcQzUpai7B1
+jGZSgE5ITEmDpkDXd4ETTV5yfkhGIqoP4j5llDjhcnH+SnEJujV/VYk9gdW4KAEQ
+dzZaEIXSvWCEK0lhlAzeTEBqKsR5YIQkgjJpSphL4lYQugNFUSDTz9qOVBtFtnq6
+l5pa2MbRXwIDAQABo4IBLjCCASowDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDMGCCsGAQUF
+BwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5uZXQwMwYD
+VR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9yb290Y2ExLmNy
+bDA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5l
+bnRydXN0Lm5ldC9ycGEwHQYDVR0OBBYEFFtBirLEQ8G9v8hUQVWd4Jat/7mhMB8G
+A1UdIwQYMBaAFGiQ5GekplOAx4ZmpPH3S0P7hL1tMA0GCSqGSIb3DQEBCwUAA4IB
+AQAPUNBX97sqIXZl/zLu53iv7a0HK7prvD0cVaZM0yRfVptvARgjIZZzTtv32v6X
+wSr4fDeRmpLaTWtipBGSqh3fNkTSVT8GGBq6+h1lrPEYv6jnStDf7VLQxVliKt2w
+h34JjgRUx9rdia30tk/EpPavkxxPks8vjoLN3f4dbkIY/sfljyZbseqVLx9kl/we
+OvqL6jZgaQOapFQLZJze7VwLiPVuUnW8ddK3JIE1a5YCZs0irIW5+96ttznIgPK2
+aUOmHQp/zasi7SFl49HrKGKWtZuyDB9U56e01H6PDTpSSSTPyLsSVg3JALHBPDzS
+bBraAU3wuAyc3BQ4OIOmwwnT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFjCCA/6gAwIBAgIQCH4Y+4+qkn7odgoNiYL1EjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA2MjAxMjIxMzVaFw0yOTA2MjAxMjIxMzVaMFsxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xGjAYBgNVBAMTEVNlY3VyZSBTaXRlIENBIEcyMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAx7s903fR6SgpA08UdhKEUIZHa2Ig7KPNkTtwMS1+08YS
+5QSEDM4DQxy48jP8dZkyyU9J/0WCm8Nlv5ga7HOAxhdJcv+CPP4oadx8EbdrmjAH
+rGOv64oHvt7Ina7uzLd3krqxd0doeuxRpTHvFAyjaUhxjSfZx0wh1f6W7prPm7V5
+0VcTudj4rI+xtHXUcFAuFz4bcapTcru5aaZ1v6F2usMCMVM+xJxEZcsUM4uTxdIf
+W5FUTI0dbP8NyZkr/WVzL59aGwBE4ZU0JKBlgEmtkFpLPR7JCzYunafu7nMk5YY2
+6WDOmezpWDjzDxJ8xakizykWYT5gdJYE3ULlUe31WQIDAQABo4IBzjCCAcowHQYD
+VR0OBBYEFMQRfohAhsJBv2XzGuG0U0Cjq+x9MB8GA1UdIwQYMBaAFAPeUDVW0Uy7
+ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAxBggrBgEFBQcBAQQlMCMwIQYI
+KwYBBQUHMAGGFWh0dHA6Ly9vY3NwLmRjb2NzcC5jbjBEBgNVHR8EPTA7MDmgN6A1
+hjNodHRwOi8vY3JsLmRpZ2ljZXJ0LWNuLmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RD
+QS5jcmwwgc4GA1UdIASBxjCBwzCBwAYEVR0gADCBtzAoBggrBgEFBQcCARYcaHR0
+cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBigYIKwYBBQUHAgIwfgx8QW55IHVz
+ZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2Yg
+dGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93
+d3cuZGlnaWNlcnQuY29tL3JwYS11YTANBgkqhkiG9w0BAQsFAAOCAQEAE+8lW5Yw
+IuiRsHn4gYRRVbLmIypWwYH74lIXnQiALeUsUkWfW7KA0ARF1el3YaTAg8/r6zyX
+eZTdlhndxKOKvO5N+rnHWJB6a3fJURn6e0I+rDzKV1Zacv2Vx/ZHLZmza/bp4Azi
+BrDOiPlW/Ktj6ALQzAgq70Oytk9htLupBWPuplJDdyhGqb9RfQvWc1Fa1HwXdBQi
+oJPibfMaYkHMY3pTbOv2rzMKEoZwHDHqyC73RI9JgqqiXHw0rIL8A1uL3IrymXEr
+mycTqbSozQwiiEfb+cxzY82YaNzaLpJyIst0T2QmdDDngmyd2LEmm4NKeXRrcFRh
+XDDFfpIn93B7JA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFGjCCBAKgAwIBAgIQB9V/HxVbveTPhDeOF/eblDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA2MjAxMjIxNTZaFw0yOTA2MjAxMjIxNTZaMF8xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xHjAcBgNVBAMTFVNlY3VyZSBTaXRlIFBybyBDQSBHMjCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAJ/5VnZVJh4MqHMX9J60c7O4Gm16uxwK8OKj+o0p
+hxSIgI++7rY1y6DOs3TCS7ZQMtsNHaHFcwywzhj/2ElWkW7rS9DTmI7TiyFdhejT
+WF8VIihNem1sv3faxeRbGpV7KDU+yjJ8FmYSD/6nPF5Juq0ei25yhzxNEsNS0/h5
+BqwZGskmMSTworFkr6k8eSNvKXUw1mdpxcUAfIMn4YgyG+HKmgGJPWk4Y0Vchjv3
+RFvzsdktrNJOl2l86LQC/bhmL0petbpnDtSJADfb8xp0UThqMC1UhyJn7seERANw
+2Ss5c/wYrsr/xllMLnJLFQnQaz50r+Vie6S8gduxI4KusbsCAwEAAaOCAc4wggHK
+MB0GA1UdDgQWBBRFQeOTVHC46aW3lrwmsVh1Qpc+8zAfBgNVHSMEGDAWgBQD3lA1
+VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMBAf8wMQYIKwYBBQUHAQEEJTAj
+MCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5kY29jc3AuY24wRAYDVR0fBD0wOzA5
+oDegNYYzaHR0cDovL2NybC5kaWdpY2VydC1jbi5jb20vRGlnaUNlcnRHbG9iYWxS
+b290Q0EuY3JsMIHOBgNVHSAEgcYwgcMwgcAGBFUdIAAwgbcwKAYIKwYBBQUHAgEW
+HGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFu
+eSB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNl
+IG9mIHRoZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBz
+Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwDQYJKoZIhvcNAQELBQADggEBAN53
+jp3wazRfQxcoek8gVcZveTm4irJBTfYjwtGwg+vXc4O1KDpokoEWW1Kr/AzwdR7J
+uAu0mHyK44+cla8frJld8TMPnMcpo5b+rWdoWgoYaxo50TXKU2o4CvqQaKQENb2P
+S9XrToukrGvQWMq+syA5VBD3QHKkeeLTxC9jdrWHD8dsz/sibc/UbdDDeEYQrP3j
+CPOtH+PWhaaNYzpWDFMyA6r+R6uaI2+K8P/9r4Z7x38zsv8NRA0kSEx1tFMTszOC
+uad+dOaQLuHlK9yVNmEBc8osrqIF+nz9axXsS2VLfTac6SgkHFyHCVaSnBpdFfdN
+aR0B7R5Snw4QzFKtU4c=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEujCCA6KgAwIBAgIQBahUCVpSbEJ4x1tHRh4J0zANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDYyMDEyMjE1OVoXDTI5MDYyMDEyMjE1OVowbzEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTEuMCwGA1UEAxMlU2VjdXJlIFNpdGUgRXh0ZW5kZWQgVmFs
+aWRhdGlvbiBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALfi
+6MdegU/YaWxmXJ9mYcvY5hbiqRZ221Nq+paGg9wQLnVzw7tpbisbCKQ5s4tnhdh2
+8JlqrgqB9gneUqmITQI2mzeFyH02cjmKDjBxj8Misg0ld0GVV8cNVGPKaJ2/APCm
+HqSfbTwybDWmf3Zq65ZYGTJVHbBeu7X8foqA19D2Jm9CO0CstO8fz92pmebbtRxH
+8L/5wLvHIra+0xXJ+znyT2Tom2hNsYv4PkZYTYAbwx1hOZnaFXPP48X02zE3oVJA
+H+Q458SPmzH62ybCoh86knzcTJlI/62ZRWfkFe4W+Vp5BunaqZC65RuRDgTViScH
+IDqFwVgscAiPF/DA2AUCAwEAAaOCAVMwggFPMB0GA1UdDgQWBBSpO7p6WJVINf7W
+B50riyX+auHboDAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAOBgNV
+HQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA8GA1Ud
+EwEB/wQFMAMBAf8wMQYIKwYBBQUHAQEEJTAjMCEGCCsGAQUFBzABhhVodHRwOi8v
+b2NzcC5kY29jc3AuY24wTQYDVR0fBEYwRDBCoECgPoY8aHR0cDovL2NybC5kaWdp
+Y2VydC1jbi5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMEsG
+A1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3
+LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwDQYJKoZIhvcNAQELBQADggEBAHBP
+Iu2CItLIdTCbcrRNcu/cMGQL0aSomsFpDuf7urBxdi0QNwwaYRA4X4gLOP/3+W3D
+ERoh6sGbizx+4Cdfxb2jtvS87eNOG8paP2bFfzek6W9iUcNQLU2m0GQw0XhMobKC
+zLRTQdH1upW5iLlaZVPGqqQwWXeruHBJBZjGpk/7W8S7t3P9CNMUM+lxwIxOhUtX
+5ZQOEYcLQge7ZKG0jkv06+XMhog2BlHbg1ntaSTOGkf4iYoLG7yk9i/Jxl9I1487
+3ZmXwZOEotZt0Fbrx5/XQOo20H0dHYhoA+3MdadzBB5d+5oce5cMSz+aQX+S/J6i
+F4Uy4hvWLWGuTMm9sUs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvjCCA6agAwIBAgIQB3BLtxcv3UeoIkLdQ1DlYTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDYyMDEyMjIwM1oXDTI5MDYyMDEyMjIwM1owczEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTEyMDAGA1UEAxMpU2VjdXJlIFNpdGUgUHJvIEV4dGVuZGVk
+IFZhbGlkYXRpb24gQ0EgRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCjVtaFuJxO2puJ4igP/DfH2KIMWR1FjTz5JBxX19aq078bo6cry5oRDgkhCDor
+QXoXMKs2v7es+1IkpmklsfK+8sP/LDXa+5UCuMthgjtze3gQ3+jP3OxtGyby9ETN
+q3vBKkyzDZuc6LW0KGI4SuPAmPfDT8xAz3pEeK/d+uAusgB0yuga4Xa6MjfERsnY
+8tSjNhYUbfsyTwmZrWG6l6y2w2+sts7/2kuqUAJ36oMPU9tMnxKGiik7GMiLOLKI
+KelNOfrBr5fNkp0F/AdeYYGMGXI8PZ2vwrjGsKevEVDFy7j+7d9aG4M7gyIekAb8
+dosAZH7q/pfwWB1MWMBpFDpbAgMBAAGjggFTMIIBTzAdBgNVHQ4EFgQUsZUUqNW6
+dIhxzZaLFzWI3/DBXfMwHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8Mw
+DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAP
+BgNVHRMBAf8EBTADAQH/MDEGCCsGAQUFBwEBBCUwIzAhBggrBgEFBQcwAYYVaHR0
+cDovL29jc3AuZGNvY3NwLmNuME0GA1UdHwRGMEQwQqBAoD6GPGh0dHA6Ly9jcmwu
+ZGlnaWNlcnQtY24uY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNy
+bDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczov
+L3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMA0GCSqGSIb3DQEBCwUAA4IB
+AQB+euHcvpJFk5LXYpVHr2c4aKwPUTCoQZadA9BZ0uELT41zfTGKoLBmf1tLeNlF
+Etyhp9B+l/NoIhJ9ALfaniGjw+V9N76ix+i74esrIjTuMTqCuWQDvl18IUHWC/dK
+5yv2EEjSYgySdprzb87Jm9ePLGq22VvHo6Hc33Mzedsahmuh0/wjjKkaXpn6gO3N
+TrixcDWBbMKE3+i8+QWRC95AIDkg5sW1vnof0d8io6TXezkx5L0DY3571VJ+WUbu
+267V8j0szr5evh0AtvoaOML8nRY018gA2CTaX19ppC9RtAeacoh4Ad3Gh8B57+AH
+j30OcGp0TZ8qrRjnMGegV5Sb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID2jCCAsKgAwIBAgIQDPXy0UPwx4Kzm1dhOBV4PjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA2MjAxMjI0NDJaFw0yOTA2MjAxMjI0NDJaMGMxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xIjAgBgNVBAMTGVNlY3VyZSBTaXRlIFBybyBFQ0MgQ0EgRzIwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAQ5oekkW5+KzW4+SaPO1J6FjKyGB9Y6x0xa0yq+KqiG
+iMg6WjuCtnhNzzbbOluDZfv/7PBF0Z4Py7nelDgJmjYco4IBVTCCAVEwHQYDVR0O
+BBYEFIbdzFj/9thyV3eQ7FDvwh5yBIq1MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj
+4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAxBggrBgEFBQcBAQQlMCMwIQYIKwYB
+BQUHMAGGFWh0dHA6Ly9vY3NwLmRjb2NzcC5jbjBEBgNVHR8EPTA7MDmgN6A1hjNo
+dHRwOi8vY3JsLmRpZ2ljZXJ0LWNuLmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5j
+cmwwVgYDVR0gBE8wTTA3BglghkgBhv1sAQIwKjAoBggrBgEFBQcCARYcaHR0cHM6
+Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwBAgEwCAYGZ4EMAQICMA0GCSqG
+SIb3DQEBCwUAA4IBAQBWG8UTMnwHSYmqhr4W/r4roBSZzoVQT0yk/2+FKOD6fXHp
+Q7c6BM8ndOby2bgU1MwJzZNBpD0s9frxOXhTp/EsqPYUeRvH9xwg4nu/mPFIBbRK
+bsRtJXOWuMalmXBbZuJNsCXFiT33Io6JdwijJi7c08lh3Qj3HqlIIdM9YsWnqJP2
+PPVrNPUtiQvRcN94SKRd8r4s+12CHL49wVoXgHhvrgAoFVo0dJ3oeIMvR9y3h9L4
+4nUVRV7TbD2BDiTfytsWFzD/MaDXbU32pbkMsHXXxeJ/Khte74idRDUSEY96Abjm
+T27g0531T6FxZu4BZN4xLMR2rCeaUwDvp1EuuGDE
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID9zCCAt+gAwIBAgIQDhLlFAPolZxuQjDi7Zw+EjANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDYyMDEyMjQ0N1oXDTI5MDYyMDEyMjQ0N1owdzEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTE2MDQGA1UEAxMtU2VjdXJlIFNpdGUgUHJvIEV4dGVuZGVk
+IFZhbGlkYXRpb24gRUNDIENBIEcyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+tZDt0Z7XYoJHWefhTBA7+bBk/xPnwsKMvVS3p+9U9c2foMBgeGufiNVeIQRigRXQ
+m4jQ6fsIN69f71A7DaMt2qOCAVMwggFPMB0GA1UdDgQWBBRdyFqr4GMPcCpf+fTn
+CM2170BZrTAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAOBgNVHQ8B
+Af8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA8GA1UdEwEB
+/wQFMAMBAf8wMQYIKwYBBQUHAQEEJTAjMCEGCCsGAQUFBzABhhVodHRwOi8vb2Nz
+cC5kY29jc3AuY24wTQYDVR0fBEYwRDBCoECgPoY8aHR0cDovL2NybC5kaWdpY2Vy
+dC1jbi5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMEsGA1Ud
+IAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRp
+Z2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwDQYJKoZIhvcNAQELBQADggEBABlLd+O/
+ruAPDH+oLLxi3xpo/KDDTmSLi4XBNr0F3zsBfP3a5M6E+5Svu9COM7GYYak2qQnt
+Aiml/ES74IFNrX6cPSZ6GARq0gETTx+6E468hyLWPZcpG64K+lBm0gH4oMmNTEgf
+v5aZJcAfoocJn+4bvMsLD9irIm5wJkT1VJ1CKGq0C1sJV0vf1sLuQHC40X+GcIKr
+Y/4LtAAIL4k/tHQ+EM1DZVx9soPeFptq3FR/i8/50dnbDV2a/8kyljLM+zE8vVQh
+u4ODf/FenpoY2rd4JSDD4C2iHx3kS3UanC0CBP+/Amg3SpY7AmSur714lgxucINf
+wbRNt6I80i/gN+Y=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFGjCCBAKgAwIBAgIQC1D+aUyDyVziJBXGCVz+QDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA2MjAxMjI3MzRaFw0yOTA2MjAxMjI3MzRaMF8xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xHjAcBgNVBAMTFURpZ2lDZXJ0IENOIFJTQSBDQSBHMTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALv4mF6rORUUXZuwg/FR9YFOM5tZj3RE5JTMFWrD
+darbvnxdgu5BHqmPyt/Q7xNS7wOyHRJ4eRpYh0hJPRbtVQI/0VggjVpXLdNhxpVd
+/RhQ44rej5/YVSUkgSPagM5zppdCo6lSBIa3pznzXTVsHgE6umt6RzaxCQs0RrU1
+StqME9YlRHO2cY0skyA5eYYbxrlr5xJZ4m1j89r3OyHYM0Mc4y0bio7gUhWPZl17
+BvDuGbk9DXDxowd+5vnpKpN051Ltm84N6BECzeE/vbHOLGVU6cY01V750zDJ7STp
+dNz8FrV0CMP6K9rfBGRVYYEy6+rMSOvLthP+RqId3b/IbnkCAwEAAaOCAc4wggHK
+MB0GA1UdDgQWBBTvRQt4FZGlttFzpJJvY1pZ018+nTAfBgNVHSMEGDAWgBQD3lA1
+VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMBAf8wMQYIKwYBBQUHAQEEJTAj
+MCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5kY29jc3AuY24wRAYDVR0fBD0wOzA5
+oDegNYYzaHR0cDovL2NybC5kaWdpY2VydC1jbi5jb20vRGlnaUNlcnRHbG9iYWxS
+b290Q0EuY3JsMIHOBgNVHSAEgcYwgcMwgcAGBFUdIAAwgbcwKAYIKwYBBQUHAgEW
+HGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFu
+eSB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNl
+IG9mIHRoZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBz
+Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwDQYJKoZIhvcNAQELBQADggEBAL9c
+8lmaFkBmO0ch6w5mi1RKS7c7U3pq3wWOXzUFKKJZCnyJYHcMUIyNCDg71clCFz4F
+t/yYLoXkzqNULAaEUtZ5ikf4I8hJHv60kg25GLCsfm2O1isbE0Wxpeb4qf7OGPKK
+MLCmmcdbZkuO+Ax38jo8/BO4TnVoeb+bYKgTuvev6wGCTezIDNGB5+/pD2NXwpkq
+cgX4ofIK4CdKlD1Hi5nwJbKYOLRpNrXp83n5oacxlezxp4ikt64EhDsG1mWaQD0t
+qCcBpGHbb8GSyBs2KohCp/lcysTVLZtUZkZGtIBd+Nli3jVPpuZjlGi51P30TReJ
+rgH4+ePTzmDxnYSkUhI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIErTCCA5WgAwIBAgIQB+NyoS4T59KdlHEzrr+dwjANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDYyMDEyMjc0NFoXDTI5MDYyMDEyMjc0NFowYjEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTEhMB8GA1UEAxMYRGlnaUNlcnQgQ04gUlNBIEVWIENBIEcx
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzujxiw/ym9or9BoGS7wW
+AnweJdMvuOqWTZD9oVyefbvxRZgpdMbCLQFzdk9PxjAFxq5b4FT5o6Rt3hHER/5r
+1ibLoeE8t2NX8tExtDBgX/FbevvU6swM/ixQbKOopjHcDxGV0pWJF93GAOr4z+1y
+p4D2D8U0hXX9Ajxi8qEWfLqoFUm+Xm8u9amLtD4PCgbHbLzg5OGhxjacFLD02Ibn
+erL6PQFnweQmsvF9e9KSaqV9xv6A15mW5ZXi+PkBJQBCWfYJCnpGIy26sVj1DhIN
+MP+PjrpgsxHKscZj+t5pEP5zCPCylxfXiih2oBMAunF5lnfPec1SK8s/lTrTti+o
+PwIDAQABo4IBUzCCAU8wHQYDVR0OBBYEFI+fSb/ovSTmoiXbaQb7d6CINsyGMB8G
+A1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9jZCvDMA4GA1UdDwEB/wQEAwIBhjAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAx
+BggrBgEFBQcBAQQlMCMwIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3NwLmRjb2NzcC5j
+bjBNBgNVHR8ERjBEMEKgQKA+hjxodHRwOi8vY3JsLmRpZ2ljZXJ0LWNuLmNvbS9E
+aWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwSwYDVR0gBEQwQjA3Bglg
+hkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t
+L0NQUzAHBgVngQwBATANBgkqhkiG9w0BAQsFAAOCAQEAD9Wk8/gLXvgo//h0LXrX
+Qn8suHSyXJDeHfrqorbDInqaTOp4A7W29MwCatA8ETSXXE8z0rcFJOeRMe2i013W
+lMvYJVks61giDWx2Z//4rlQusygv7ZH7JbidLdCrKNW3YUQDqDxSOs+43i6MtkH/
+NDK9jVr73UbHO8BjuDbjFYZ0eJeGVNfCedOaJhfWmF5wpBuY3983BPZFvl7TKPRe
+bW6H50KQ1be+jONHnf21mHtZGdBglgxonb1opxABBj9ynW0AQLSEpB/ss5XXkvid
+xfucc1sLRCb8TiUpUIA5qvDz2HROPOScfPqDKcO4+PGNI+Z7n2dGtsLsAH0MEUIg
+ZQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFGjCCBAKgAwIBAgIQCgRw0Ja8ihLIkKbfgm7sSzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA2MjAxMjI3NThaFw0yOTA2MjAxMjI3NThaMF8xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xHjAcBgNVBAMTFUdlb1RydXN0IENOIFJTQSBDQSBHMTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALFJ+j1KeZVG4jzgQob23lQ8PJUNhY31ufZihuUx
+hYc6HSU4Lw0fxfA43a9DpJl74M3E6F1ZRBOfJ+dWnaiyYD0PxRIQd4wJisti4Uad
+vz61IYY/oQ/Elxk/X7GFDquYuxCSyBdHtTVMXCxFSvQ2C/7jWZFDfGGKKNoQSiJy
+wDe8iiHbUOakLMmXmOTZyWJnFdR/TH5YNTiMKCNUPHAleG4IigGxDyL/gbwrdDNi
+bDA4lUNhD0xNvPjQ8BNKqm5HWDvirUuHdC+4hpi0GJO34O3iiRV16YmWTuVFNboU
+LDZ0+PQtctJnatpuZKPGyKX6jCpPvzzPw/EhNDlpEdrYHZMCAwEAAaOCAc4wggHK
+MB0GA1UdDgQWBBSRn14xFa4Qn61gwffBzKpINC8MJjAfBgNVHSMEGDAWgBQD3lA1
+VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMBAf8wMQYIKwYBBQUHAQEEJTAj
+MCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5kY29jc3AuY24wRAYDVR0fBD0wOzA5
+oDegNYYzaHR0cDovL2NybC5kaWdpY2VydC1jbi5jb20vRGlnaUNlcnRHbG9iYWxS
+b290Q0EuY3JsMIHOBgNVHSAEgcYwgcMwgcAGBFUdIAAwgbcwKAYIKwYBBQUHAgEW
+HGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFu
+eSB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNl
+IG9mIHRoZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBz
+Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwDQYJKoZIhvcNAQELBQADggEBABfg
+eXrxIrtlixBv+KMDeqKxtNJbZiLDzJBkGCd4HI63X5eS6BElJBn6mI9eYVrr7qOL
+Tp7WiO02Sf1Yrpaz/ePSjZ684o89UAGpxOfbgVSMvo/a07n/220jUWLxzaJhQNLu
+lACXwwWsxYf8twP8glkoIHnUUNTlhsyyl1ZzvVC4bDpI4hC6QkJGync1MNqYSMj8
+tZbhQNw3HdSmcTO0Nc/J/pK2VZc6fFbKBgspmzdHc6jMKG2t4lisXEysS3wPcg0a
+Nfr1Odl5+myh3MnMK08f6pTXvduLz+QZiIh8IYL+Z6QWgTZ9e2jnV8juumX1I8Ge
+7cZdtNnTCB8hFfwGLUA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqjCCA5KgAwIBAgIQB57DjKLa0ApYKfjg++qjvjANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDYyMDEyMjgwMloXDTI5MDYyMDEyMjgwMlowXzEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTEeMBwGA1UEAxMVR2VvVHJ1c3QgRVYgQ04gUlNBIEcxMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3SoM+KgtMsQUZpTYGVvR0WM
+l2YNIQeixGsoss05Yoa0b31gFfQHoNeccyIc4t9iw2VcXQizlwOOs/jwyG2X5UJN
+TxQAQiAKWLMzE8kAeEcnhyz5BAl7aMwnyHpS7iMQ1FbischX9CodNVM6UoBOSeRl
+mw7CfAUK0v+ggG+pQaClUYhzS4dvKhjQqChYtG8VW6ebEIEOJV2Qk2p90wFuZf/e
+DKEyR7vNrlq8ft/NZm2wlsmKHG/4cFN/O92VwpSPhoAZCIDe+VbT39QJoq3xK3+K
+NUnz8FrxWB5/Tko2YMyOKfhgfCJ7aqgqq/Tl7Xqktrk69UUQ/j/iodgupKDQ4wID
+AQABo4IBUzCCAU8wHQYDVR0OBBYEFO/FYo2VG1pKphtQhAgaWDjzaKFgMB8GA1Ud
+IwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9jZCvDMA4GA1UdDwEB/wQEAwIBhjAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAxBggr
+BgEFBQcBAQQlMCMwIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3NwLmRjb2NzcC5jbjBN
+BgNVHR8ERjBEMEKgQKA+hjxodHRwOi8vY3JsLmRpZ2ljZXJ0LWNuLmNvbS9EaWdp
+Q2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwSwYDVR0gBEQwQjA3BglghkgB
+hv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
+UzAHBgVngQwBATANBgkqhkiG9w0BAQsFAAOCAQEApSBmV5Ps1+C/vGSHxbHprhNw
+A+1KTV+OSl+jknV39V3fGhAx8IcdDXwsbyhvmUjOHY8GcqD8SCUk72LoBgj3idyQ
+hTgUVL3igaP303F/J+hIrZIgTiJp5TrBi6NXq0YNww7LnA9qOBJFFB2AgCFCfkUw
+naQumPV82iTDP31BMNi9yZvWeGrlBFBcAx9GJ2TS7hxrCdhO6Nf94uBx0nOjzXjc
+RfrYXR/ATawEyh/xPCDZ+lBNFIcI64OFRbnMNKByl2YuJmHJ/4dO5m9+4VB8p5ta
+zOQAMrcqnE3KD3bFqYkJyPeH04YHEgiaJqoXmg6ml+kGxWhSotuKUtgbibIKdQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFGDCCBACgAwIBAgIQDzfM84E9heVerQl8ZHkjTTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA2MjAxMjI4MDZaFw0yOTA2MjAxMjI4MDZaMF0xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xHDAaBgNVBAMTE1RoYXd0ZSBDTiBSU0EgQ0EgRzEwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCzgci89PrLo0hbutmkcXbgRF8G7sREiMqZ2DbuSY7v
+B3XxEh0+rYoL97eG49JQy+OMtcneZaV+11TfGH/WAMjZK/jMg2kZCw0VThxE86dq
+Ph41dp7PM5BT+ImF/iDFYrLZR3lu46bxTnVVlpJ7C91Q9+ZQb9D+J0LGnUnFY9t9
+b75+wC+rz4r41rUKkJMZrY6jBDIagPKsMNXyWz251bPrbyDXnRD/7re5sWGwzuTf
+a2n+t6AUQCtASoQn5bOHobmHho+/J3Q8wlBNtbGrz2DdmZIwNXyX0uEkAWBBwii/
+fJF1MjI5dPHBNSUkso/3RW6dzXsSkYmfgrUua8CJh/YrAgMBAAGjggHOMIIByjAd
+BgNVHQ4EFgQUd921A1Hu2AvElJsl9tbymKAj6vowHwYDVR0jBBgwFoAUA95QNVbR
+TLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAPBgNVHRMBAf8EBTADAQH/MDEGCCsGAQUFBwEBBCUwIzAh
+BggrBgEFBQcwAYYVaHR0cDovL29jc3AuZGNvY3NwLmNuMEQGA1UdHwQ9MDswOaA3
+oDWGM2h0dHA6Ly9jcmwuZGlnaWNlcnQtY24uY29tL0RpZ2lDZXJ0R2xvYmFsUm9v
+dENBLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsGAQUFBwIBFhxo
+dHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkg
+dXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBv
+ZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczov
+L3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUAA4IBAQDUAdjb
++rRkzI79bUzsLBfeYnY0s9m++3QwlAE1/HzNT3i/odV7/UMglF6oHRWT3bPHr9LP
+/RjxXdJy3VEi1xqVusLqCyLvWSp3hBrrlfLH2LKxiq1AM6a5AxtktLS34yFACGbV
+CsVfilJth8bXWwvVJ8jV1MQsxjvMgjr0XKGYykUOIP5sHQnaJ2biBP9tq+Vfr7e+
+mr9J8vlubppZQPaIqiMN87v30T1b37eXuoNbmTFph+rj4aaN+Yz28iCqmGqs4qHU
+cICRmH09esI+SD0Y+Or4gxM2aGDmh79aeLuxYYIsJRWox3EM09V2rRk7KrjW9wrR
+BEBEtYxDXhI3Zy7+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqzCCA5OgAwIBAgIQAiNKBjFb5COpdzQhXd/JPjANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDYyMDEyMjgxNloXDTI5MDYyMDEyMjgxNlowYDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZMBcGA1UECxMQd3d3
+LmRpZ2ljZXJ0LmNvbTEfMB0GA1UEAxMWVGhhd3RlIENOIFJTQSBFViBDQSBHMTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANMD5Iie6O9Ifldi4gUVFuk1
+E0DuIg6kcySD5KXF21rCUp74e93QBFIjpB6620n+HZPJ28oP1BfSOhasTLpjR5pQ
+zNHiRZJHj4y85iMaVKs2yPN9ZQ2dnn4/jg0TQwwSmpEqa0Nx97YqxMJAdNDVCyvf
+kref4toGeVIkdwg/c66beG1RM0IMHuNhbNkWs2vCB3OkHFWFJEuf7BePWWAn7ASm
+1LviYLC2uPUESXASXnpjtN/iRpoOpPJ9v3wHhwJlT+8d7QMGQCCe8TZR2E42faX3
+z8Hd10Q7lEV/lHqMFVhawgdnYIGHw5xJdWOUWvsB9NYkQ4qNwmIdioSKI9VJTccC
+AwEAAaOCAVMwggFPMB0GA1UdDgQWBBQx8x3+kyDcMotj3+3i+sWjed94uDAfBgNV
+HSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAOBgNVHQ8BAf8EBAMCAYYwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMBAf8wMQYI
+KwYBBQUHAQEEJTAjMCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5kY29jc3AuY24w
+TQYDVR0fBEYwRDBCoECgPoY8aHR0cDovL2NybC5kaWdpY2VydC1jbi5jb20vRGln
+aUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMEsGA1UdIAREMEIwNwYJYIZI
+AYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D
+UFMwBwYFZ4EMAQEwDQYJKoZIhvcNAQELBQADggEBAJ1+lMkRXnwKXLtc/GcexDtL
+PXD1nYAKciTk16su9+Aif+zEC7Wje+zZ6TifDMAhgOreuFFTA6AmS9KH5BIwcMZE
+0rU+z5rVstVs6iRvB39/y4lFXSfFz0M8gwN85+BxNGKX8Bh+0VydDtOuWcKUXdEF
+ApLMSfvQT/D5QcQT5tqjvGQEQ66MRu1bwL5G3c0NePSyzq6P3A3JAiF3Ra0CtXu1
+iwVW28EgbKEfxIgToT4bXuJ1JCRPljlNx1ghD/wHIvrJNQ0nlJ01QfGLgpiNzih8
+WEYsicyR6MtZhxmlNLdsGxWKu/Q2m+CZSLUKScysFVjUnmjWThXbPGtOKjmo7IU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID3TCCAsWgAwIBAgIQD6mSTOo/FQoxQHBMUXxnszANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDYyMDEyMjgxOVoXDTI5MDYyMDEyMjgxOVowXTEL
+MAkGA1UEBhMCQ04xJTAjBgNVBAoTHFRydXN0QXNpYSBUZWNobm9sb2dpZXMsIElu
+Yy4xJzAlBgNVBAMTHlRydXN0QXNpYSBFQ0MgRVYgVExTIFBybyBDQSBHMjBZMBMG
+ByqGSM49AgEGCCqGSM49AwEHA0IABGPg7/Z2mPo/Dl5FOkJGSfYQM7h5RLPmA2xe
+TyEfQ9rsZYckDXU4FGWIfouhvDSkTLuPRvxj69gG53DoUT1xKwGjggFTMIIBTzAd
+BgNVHQ4EFgQUby0NYcws4YBlcDCOCD/4iK4qj/wwHwYDVR0jBBgwFoAUsT7DaQP4
+v0cB1JgmGggC72NkK8MwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAPBgNVHRMBAf8EBTADAQH/MDEGCCsGAQUFBwEBBCUwIzAh
+BggrBgEFBQcwAYYVaHR0cDovL29jc3AuZGNvY3NwLmNuME0GA1UdHwRGMEQwQqBA
+oD6GPGh0dHA6Ly9jcmwuZGlnaWNlcnQtY24uY29tL0RpZ2lDZXJ0SGlnaEFzc3Vy
+YW5jZUVWUm9vdENBLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsG
+AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMA0G
+CSqGSIb3DQEBCwUAA4IBAQCDJXNyw3Q/vvrAKVVFL8d3BIux7pY2AQuN7Cq20DGK
+sQ6bdZQ2x0oXcxlluwgvSWJlLbmsxiq7UOhxqjTHuUoVIBPJwRZPq0vLvKFyUlfe
+dHnxa9H48Vk/01Y8x85BtkLy7vLqAvRa2JPr0kNlTaSdnqhlu/ZlxGRnUGVeCj1d
+EzHP2YetcOOpklaCURolkx94HlCgzY3F78QnQqXULuXgwyEePD3ujEy+gNqjmKzk
+GxYJHHvJn6YeyxERarGC7dikI2KQTo5f2LZrMgqAvyILqbMj1PsHugJQB8lG+PEE
+ONe8ouVDQXlO9ZoXa6ZgKzwfAbiVc0Vk9tNA/V+kQKcd
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID4TCCAsmgAwIBAgIQArxeKxjrTx0R8U/latSHaTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA2MjAxMjI4MjJaFw0yOTA2MjAxMjI4MjJaMF0xCzAJBgNVBAYTAkNO
+MSUwIwYDVQQKExxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMScwJQYDVQQD
+Ex5UcnVzdEFzaWEgRUNDIE9WIFRMUyBQcm8gQ0EgRzIwWTATBgcqhkjOPQIBBggq
+hkjOPQMBBwNCAAR6iMBXCZLP/2ZD27izsSQvs8pj1oYxFapXxHdhOfQ/S60lZ0Ao
+c9mPPkMo8rumEAcyFV8drD9OABIC3aDNjB0Oo4IBYjCCAV4wHQYDVR0OBBYEFBSo
+R/Qt4BHV4uumaXHhQNA+zbWLMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5ey
+PdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwDwYDVR0TAQH/BAUwAwEB/zAxBggrBgEFBQcBAQQlMCMwIQYIKwYBBQUHMAGG
+FWh0dHA6Ly9vY3NwLmRjb2NzcC5jbjBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8v
+Y3JsLmRpZ2ljZXJ0LWNuLmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwYwYD
+VR0gBFwwWjA3BglghkgBhv1sAQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cu
+ZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAEC
+AjANBgkqhkiG9w0BAQsFAAOCAQEAHWjCgWLijPxcWNwXS33xLQj8CcTcjcwlzbUq
+UMfivsDJT+KyIEeaRUQKIT2ZQfwS09GDOm8BvlJLyOhcJ3AST4lFKTiNh4XiD7df
+LwSAI5DqFNkRj7v6lOb+lD5WQop59bMu+L+3kjl6c2unsuCzlQNPnT222rxJkhDA
+0q342jq4/wl3tQRj551CYxQOXXRiG307FQUNuP39LWx+tkLMRoAGWAcRvCKwBx3Z
+ccq8ANsliCrXNR5ntZxLvcaob7lSq3y8pQ3EgGSUmSh8zCDPgOPBHcFNVONkTG8g
+N3kp58QK2k6cVAIKujEj84bWs+zgMfb1I1Wb739tPVDo/TNZRg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpDCCA4ygAwIBAgIQB9jigpEp1PkiYfXiuRtdOTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MDYyMDEyMjgyNVoXDTI5MDYyMDEyMjgyNVowWTEL
+MAkGA1UEBhMCQ04xJTAjBgNVBAoTHFRydXN0QXNpYSBUZWNobm9sb2dpZXMsIElu
+Yy4xIzAhBgNVBAMTGlRydXN0QXNpYSBFViBUTFMgUHJvIENBIEcyMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15dnkGxf4PwDxrIdAl4GmOY3xP9Fj13d
+DMGS76H2OvxqoSsic4mpOIUrfmS5uzsjFRcM48ktD3Efc+6337AKYOa0nLn4yMUx
+dpTOgMFzzcf4XMAO2OAuhihW/O52OwD2VeJTAClI4wXoLOAVkEBd8i59UUn3cNwk
+y3oGL8NlfVA9oR4+m5bTo4LuqQxZC+FFt16SCvmzMmjDyShtbeiu5giPtHUvOG8W
+XxL9ndj6aDba2w6bec043wvGOj0Drf/XMbVNbTpfGiHNiFd8vd+jLKzw6PmriIAq
+Eu7NwALO6Pl+Sc+Q0UCa0hzGOTQUrvltxKNI95UiYZfoL0tkjUTwhwIDAQABo4IB
+UzCCAU8wHQYDVR0OBBYEFGebMX+NrCFQfdIgwzjhhb8uqdm8MB8GA1UdIwQYMBaA
+FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAxBggrBgEFBQcB
+AQQlMCMwIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3NwLmRjb2NzcC5jbjBNBgNVHR8E
+RjBEMEKgQKA+hjxodHRwOi8vY3JsLmRpZ2ljZXJ0LWNuLmNvbS9EaWdpQ2VydEhp
+Z2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEw
+KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVn
+gQwBATANBgkqhkiG9w0BAQsFAAOCAQEAVaA3ZsgU83K5uAJ/tEQC76OD6uIYiUCA
+dIXyu4m1YOEsB2JAPYL5pswH4MeVV2l9mtnh+9/y+z4tkv10wlMwPuTYQXwSrJyM
+dZy+A3hpdzUS0oWjgeLLmV6hq8k7FigJIJyelwM+1CUrelewKLWwcPKn9HIRoW/M
+HhIIN6vgfqvd3JhacVDAvaZyzheDKh+xn6AJrJol6PYXsUDrEyxmaxLXwpvMygS4
+FgU9Fu1+AHxGmflCg72kRfrHkn4Y8GE4CfqC/hnhTvKOzdyFvaesgivPRD+du/1s
+RgvgAEI6J/SiizVGQbyy1sSmI93gwMzQANxH969/2TZecw8SjfYr7Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFDCCA/ygAwIBAgIQAfbmZXRWPiCVTeVM4Te6WzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA2MjAxMjI4MjdaFw0yOTA2MjAxMjI4MjdaMFkxCzAJBgNVBAYTAkNO
+MSUwIwYDVQQKExxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMSMwIQYDVQQD
+ExpUcnVzdEFzaWEgT1YgVExTIFBybyBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBANi3V94eezo83efo/Dt5k4znCiM/hKssy0J3Ws4d3F8hM4z5
+OhtIY8YBlKfl1gqmBmqOgd3HwyCmXbx2Reud3nT++GVp9T5diT6AKSnKTwpTBjip
+cJ6GRsCy4dqs2DOx6zBI4Dj2LlYhShW1pH8VzDmmtSfUEF5lOTV7iJ8PPiBws37T
+lPw7Bb36llnwtXGlYr5zVxrYI3WatYLJHXywPtixs4EgtG7a/OpsDWtGqmkDf3us
+e13BtwoBorvFtUdCPaPHGgiRX3seDm2KauZcH/ejITrl+8jEEghd01o3kPgiMud/
+wpGSqb+dGsRyX20h0+/jgFNPSCv/eqW3V1Nqo5UCAwEAAaOCAc4wggHKMB0GA1Ud
+DgQWBBRPhfybWdPGU5ePvB6D8x6CJRS8eTAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw
+o+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMBAf8wMQYIKwYBBQUHAQEEJTAjMCEGCCsG
+AQUFBzABhhVodHRwOi8vb2NzcC5kY29jc3AuY24wRAYDVR0fBD0wOzA5oDegNYYz
+aHR0cDovL2NybC5kaWdpY2VydC1jbi5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0Eu
+Y3JsMIHOBgNVHSAEgcYwgcMwgcAGBFUdIAAwgbcwKAYIKwYBBQUHAgEWHGh0dHBz
+Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ug
+b2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
+ZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3
+LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwDQYJKoZIhvcNAQELBQADggEBALTfGthgCvXQ
+a29I2oKevgfQx5y/R1Mbd/39etZMR+PtNaFOf5tfkTbqpNBbXhPIgGfXplXuPPn0
+s44KesbD3t2W7K9MAvaYGG7MYyFTaZ99wwU1cqkw1lIw9UZCRJlAXQBsuKl0H4/H
+Uxc5ZbIocBsqmLcFTpbmbDB7kDZ7v41faH6YgVFAWgUdGarBLBC9cNJGuxH0k3Ol
+q0vsT7tcj0M16Ak2q9wQH6vB3MzrgBBh9TBHzn3PXaaeyRlebKgHFfFMVs44dTE5
+355KWwcAfP4/SCN+LjeJvzHzQfMMoMfAwA+UJTZHRV6ab/62B8chGbB0Z7TU/8gX
+J6purZLIU0Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF9zCCA9+gAwIBAgIRAMF+meA4drMEPrcTO+wgQmcwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDYyNjAwMDAwMFoXDTI5MDYyNTIzNTk1OVowbDELMAkGA1UEBhMCR0IxGDAWBgNV
+BAgTD0J1Y2tpbmdoYW1zaGlyZTEWMBQGA1UEBxMNTWlsdG9uIEtleW5lczERMA8G
+A1UEChMISVRTTyBMVEQxGDAWBgNVBAMTD0lUU08gTHRkIFJTQSBEVjCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpzrjU6wQQIkYxsubPWgx6f3wOK2Y6O
+OT+U+48TlqNVImVmF0YYlQ7UKbZKe4nZUTg6TUtw4wobtKmAgQrV8ryFfyyzhh83
+avHhngN5On8Nlp0aT42mc1IlADXo7qianYBuAcbsEpm7eioRPhFB7bta6AG2ueqI
+i+D5vfCXZ2cDcR2m0V/vyNQa2p11zZVxPe5SPNfUwImCQzpqlTO0hoF1yVu+P8fB
+scnqYORB4n3pXXLP85//Ejt3D2H/IP4PdStw6XjGx3qHTlo1IMqQQR1BunmExIzN
++tp6y9/C3HJieSzxFmp5a8KKS7pTmeB5Vu5AjrjS3QDOgbUJA4Ch0X8CAwEAAaOC
+AXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQW
+BBTq3ziiyuwx5N4jqdO49rfhGumpQDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/
+BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0g
+BBswGTANBgsrBgEEAbIxAQICSDAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/
+aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRp
+b25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0
+cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0
+MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3
+DQEBDAUAA4ICAQBqM/f3zjfJmFfZ9TnBQYzZx3Ck+DhAy3RrLzrqfgkPVmQdQE6P
+T7Pi/z3vEKQxw9DhvqTI+ZMBbrZbF2dYkzMLS7h7GksLJAsAmFDOxdN4TDZKh/vM
+T5Ot69u6emSfzaGrYXpvIBK2Fu/f4diFcFCWx1hPXp4yqPTFNPPKOROlAJqedJay
+6erfW1Y37XzHjvvVkF6bp6SpYnb37qT4/A85SwHeGgznhH7EATCKMiaFz6KEvzq4
+nTN1XbfAgcGmYOPfKqkH5Iw9UX8fh7sKsZZAwfuoYx7A8F1UERv4v110prGtY9NC
+N4sli36hjd9zAeF4BDy5pymozYA9APcIU22oaNS6V3m7s75t+oT5I2q83uj2gCxL
+tty6Uh6larWteNoRA5I0EN6Ws70ny4bPHQB6r77BDmbixxn8WvEpTnZ38awPKhg8
+e9vt17ph/2cpQ2MIOSdpjIyCyohy64VENcMnsFrq8/bnCDYKs4WLER4MoI0pNgXK
+XQCSRCvez7EiC3T8c7W1JYqvA3bSA1mTLMvFOarTFw1jVtbdhbt/bWcxa/thsolf
+edy3Ob7zgI97V8rrAJiQyCEhXb0+e/JbH28cCDUGUncuzQz8C/KmLU88bnE3vLAO
+8SFRoF82MfkWF+0TvHNJerej1SvgxFBuReUa94yp1ZfP3DlaOi/HyZiShw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHZDCCBUygAwIBAgIUKkEld3SgrCNJd/46d7nmfnn1fU0wDQYJKoZIhvcNAQEL
+BQAwaTELMAkGA1UEBhMCTkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRl
+bjE6MDgGA1UEAwwxU3RhYXQgZGVyIE5lZGVybGFuZGVuIE9yZ2FuaXNhdGllIFBl
+cnNvb24gQ0EgLSBHMzAeFw0xOTA2MjcwODQ5MDZaFw0yODExMTIwMDAwMDBaMIGS
+MQswCQYDVQQGEwJOTDEgMB4GA1UECgwXTWluaXN0ZXJpZSB2YW4gRGVmZW5zaWUx
+FzAVBgNVBGEMDk5UUk5MLTI3MzcwOTg1MUgwRgYDVQQDDD9NaW5pc3RlcmllIHZh
+biBEZWZlbnNpZSBQS0lvdmVyaGVpZCBPcmdhbmlzYXRpZSBQZXJzb29uIENBIC0g
+RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDI4VPNwCeJdEeTJCaG
+S/4xz51pbs/e4cBCwY40B/+QzdMz4vHLb4Rcw4Bx9ajmf22yA6YI7fBmGgKfgNfD
+XJx2YXcuX9RW4sigkJuml66khWJkT3z8cMKkLoVToXLGoepr8U5HutbpYmftOBjG
+oX+vEsTq/3SqbujcIqomh6rhjpQOpZYjV3aBSUSpJYQUI7ncavDH+gKKl45OcdNw
+SW+h39bHfug4znwKL+Wb4Gnw3543uqGEeZAeuyAq2Pl9YW42lqEupo7hFeOOhBiG
+pOSoACT9mZjgb6TWwIbKRGcd328KRiW/qTTHHHWFWDszfLeEmEV6ub3ibBjT5Gve
+GbMRjY5t3WQeAity4TDGxQKYLFxBvHhJiWryuaiUdx2ZGMEq2iTTWef6c+8I37C2
+oo8gq7r+giKnWnfmpDJsCPaqPgtYwq5yJiTjk65+wsGT09Ezoj/1ODB6bhmg83LW
+f5r1PAtjVRUfK89Gy0tIAIi8ektywyD+TGh10kVyFNxsYzio3V89u5qlOgwJrNo5
+utv88YBFzVBRaj3iHLGIgRzqB0IpxOq9Fa55RH10X1cA65WGcnext7pUkSPKNuna
+GnlEu2nNfnZMjWenS8sl6x0isEZl/xSO16JBC/Ah7TMTsmD4RjlmWc/PSQzt1vGE
+VW1GNVXimZ7vA5Va3GHwZ5eBlQIDAQABo4IB2DCCAdQwVQYIKwYBBQUHAQEESTBH
+MEUGCCsGAQUFBzAChjlodHRwOi8vY2VydC5wa2lvdmVyaGVpZC5ubC9Eb21Pcmdh
+bmlzYXRpZVBlcnNvb25DQS1HMy5jZXIwHQYDVR0OBBYEFCO7+d+AiROjdyfpxmlD
+M41JB8JqMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU7qxtQOrVBGqH
+LFV79T8t2u7brOIwJQYIKwYBBQUHAQMEGTAXMBUGCCsGAQUFBwsCMAkGBwQAi+xJ
+AQIwXQYDVR0gBFYwVDAMBgpghBABh2sBAgUBMDYGCmCEEAGHawECBQIwKDAmBggr
+BgEFBQcCARYaaHR0cHM6Ly9jcHMucGtpb3ZlcmhlaWQubmwwDAYKYIQQAYdrAQIF
+AzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnBraW92ZXJoZWlkLm5sL0Rv
+bU9yZ2FuaXNhdGllUGVyc29vbkxhdGVzdENSTC1HMy5jcmwwDgYDVR0PAQH/BAQD
+AgEGMD8GA1UdJQQ4MDYGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDAYK
+KwYBBAGCNwoDBAYIKwYBBQUHAwkwDQYJKoZIhvcNAQELBQADggIBAIWaXw5qH3+k
+jOciAYr4onkeu67O8GVWS8wWxJYozsfjDgTqOqRyHejMjUj+CeMepsL2XKXrpWT9
+NAIteTZpWbpwRENQQ8yVnAdiQhP03wR7j5WoQ83PQQ2v5dK0uESlMwDidELELGEL
+zNSsfbWaXXd2dE2XjS6Nzq/WB8+2U2AHhfZ13lPzbuSmOjCWF22QFJruMNwCuRA+
+JnfCTRZpmjL8x5eFn9SiZvN1lDsCh06AL4wSrTj+RsJ73fPjqgWn3hVV8OCmWfjU
+WBaFb8OIWByitiJpjVQ5WTRW0xaWcNPNGXMCGPcgp50I591jrcQ/XAI6RmXzTMWp
+7nq4u4Ro6umTd5lPoBtzT0QKgwQXK+0e/J/bDMhQuVrztvSannr/rqep9cTv61KJ
+kwHx0rnuZAwIot+Vz/b7OYrnN0EO/EF2MQNpRIp+81uNIx6hjmGX8QbvT9m/1JRw
+mBV1lFd/JKkEe3eN0jUsvUG6moimrE46UendVvSXAlG0jMmw4CKGkFoeb7ZuOdzd
+i/4xSrlRUH4lqWaBUlKE3ofJJRpK3lZDj4DCGUiGv3gSFAt+c9mzIcJ8k9HQy7ak
+E+/kOcMjdRgDESXvhLF2EU8vHOsqp0zt0Bk0d2flaxKJm61y8W0rNnknloveFC4Q
+2WimmV7I1bTwzvT4/gMzr/LPT4W7fHED
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvjCCBKagAwIBAgIQB4HsLXbbEi4NQUs+Gec5ezANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwNzAyMTIyNDQxWhcNMjkwNzAyMTIyNDQxWjCBizELMAkGA1UE
+BhMCVVMxGjAYBgNVBAoTEUFsY29uIFZpc2lvbiwgTExDMT8wPQYDVQQLEzZDbGFz
+cyAyIERpZ2lDZXJ0IFBLSSBQbGF0Zm9ybSBJbmRpdmlkdWFsIFN1YnNjcmliZXIg
+Q0ExHzAdBgNVBAMTFkFsY29uIFB1YmxpYyBPbmxpbmUgQ0EwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDSUCOvBD0XCHhBlCZIwMVfq1wh2cjYAJrsm5Xj
+SWe4Rrbns+MsMXWRCiO65CxGNEQu1mZp/OnQCrbWWW1JrjZsjjG+U/TjzJdpFp9U
+0iOmDtx+EFuSLZtMyIJmfU9ORrQQx20EFpngZuIm7dFmtqsdEgzrb1IaWyrf+jgD
++Iu16oWADaQ2gXKZ38Fjzslm0X76WsSF+xz8FDrnYA2RZH8EXUGkpB53u7FgIEfX
+2t/l0i+TDBSRIWIXCuFWU3fEvrMnJX1SvTwp3yfwMVXJF0lKb5qBuPWbxNFSsr9J
+/PuXLxBeg6MwO5acAKRaOxZSNdjwDsPFXVn7ldIqQrf73PLXAgMBAAGjggJBMIIC
+PTAdBgNVHQ4EFgQU35Wbp20Ejucn0jfu9cX5uSP6fkEwHwYDVR0jBBgwFoAUzsNK
+uZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsG
+AQUFBwMCBggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEB
+BCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMIGBBgNV
+HR8EejB4MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRB
+c3N1cmVkSURSb290RzIuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5j
+b20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMIHTBgNVHSAEgcswgcgwgcUG
+CWCGSAGG/WwFAjCBtzAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQu
+Y29tL0NQUzCBigYIKwYBBQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmlj
+YXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkg
+QWdyZWVtZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3Jw
+YS11YTAoBgNVHREEITAfpB0wGzEZMBcGA1UEAxMQRGlnaUNlcnRQS0ktMy0yMDAN
+BgkqhkiG9w0BAQsFAAOCAQEABZJb8bt5xXfuuegUSHSpMBAl4wWKqUXGQf9F5VcB
+jCRIGzGUs+1u7U0Vr0xf23PwkkPzJHaP23Znh1diQYUfr1vHBlj/MvsM384VwLkC
+j9YwV6K7qMixTInJO13ouLnSE8W/UPJwoRF7ghH1H8fyepZX6G81UpuziU1Gi6wi
+hbzIE+qxl2sXbMYwjF/Duc/YQLSaklUovHkbvqItl3n0RC0vFItvXRYQucuAOz2Y
+kVptb06xu7UzjRsn6KRejB5d0ykxVZtt7FkzLvEiqefggTK0ri/KCsM8U08UDksJ
+X033C0MVzLmaggBRIeiW3vficc9RydAm2NLDqoenqYTIpQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFujCCBKKgAwIBAgIQDExu/tFklO8JaPo2ZOG7QDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwNzAyMTIyNTEyWhcNMjkwNzAyMTIyNTEyWjCBhzELMAkGA1UE
+BhMCVVMxFDASBgNVBAoTC1NvbGVuaXMgTExDMT8wPQYDVQQLEzZDbGFzcyAyIERp
+Z2lDZXJ0IFBLSSBQbGF0Zm9ybSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0ExITAf
+BgNVBAMTGFNvbGVuaXMgUHVibGljIE9ubGluZSBDQTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALuKuaDt6F3yEK2Dcy4SoRgPjd01PlOLLAanwe92CC6I
+vYF9dQ7LxyFJVEo9vpn///EoMLxjkoSqAQARscjkqArZOpldemuupr8sqLuHrnIL
+mk7vCJ176q+j4k+LiE6umIpknG2xE52pbCoeGtq05euKf18NDKtd+ZBpUJ2jxrK1
+9hkfX3pSW64h/LSDtwEFCdWy2/9zVh1jPGUlvRZCUeSuIQCEp6hPPJbly6mpZ3rB
+wZhgYFs50Yap9JjkC8O6L78LRizESDpuWmUxaKkxp+OyFtRFIne++uwxCQym6vt+
+YTKwHmZ2HqTE/HZfnzsgMs6E5d4oIhqddkGYpDkkkvkCAwEAAaOCAkEwggI9MB0G
+A1UdDgQWBBRaUFvYvCRnkHjt39OKm6Ji6VRKXzAfBgNVHSMEGDAWgBTOw0q5mVXy
+uNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH
+AwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAm
+MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgYEGA1UdHwR6
+MHgwOqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3Vy
+ZWRJRFJvb3RHMi5jcmwwOqA4oDaGNGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9E
+aWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwgdMGA1UdIASByzCByDCBxQYJYIZI
+AYb9bAUCMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20v
+Q1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUg
+Y29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3Jl
+ZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVh
+MCgGA1UdEQQhMB+kHTAbMRkwFwYDVQQDExBEaWdpQ2VydFBLSS0zLTE4MA0GCSqG
+SIb3DQEBCwUAA4IBAQB7z7ZGCwRh9qMI34hlQ+1Hi5epRSHDjHMqjmX/2hW71hDc
+M1L5VB+MqHdXBEjbJc+ZrwRP2okhLsQS1VFS+FrSwMVlwX7AD0cOeYyuWO+iOzCB
+yMyJu8UBNw66kX37Lx7grj8S9mULBnrpzOysDcQXXuPAyI/gb7ilHNtnvYsDwhEx
+Q217sBJfwyb7MNBOj7azcX0bNWA/KQkZg2UBGqk3cOWIM6/oIQOfybSe0d/HFvLu
+bEUxWEZO1lGrKR638cUHEAqL0MsuuT4zRq7Mxitp9vZwBIh00UNUA0BgAHeQoJ7o
+NkK1cYO2+Zjt1+w/bIeH+G9G3YX92lHTNKHgmC0k
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFyjCCBLKgAwIBAgIQCEQc0xzwgpwY59okSfd8PDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwNzAyMTIyNTE4WhcNMjkwNzAyMTIyNTE4WjCBlzELMAkGA1UE
+BhMCU0ExHjAcBgNVBAoTFVNhdWRpIFRlbGVjb20gQ29tcGFueTE/MD0GA1UECxM2
+Q2xhc3MgMiBEaWdpQ2VydCBQS0kgUGxhdGZvcm0gSW5kaXZpZHVhbCBTdWJzY3Jp
+YmVyIENBMScwJQYDVQQDEx5TYXVkaSBUZWxlY29tIENvbXBhbnkgRW1haWwgQ0Ew
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmXsAM/5L440vxJ+DYKygJ
+adh3LD+/TDDY7W352s4q9fv2bDiapPHS5poZe/Js7Y5APkGctCGppRreZCRLZgZv
+9C0FjYzz17dptez05dl0Mrc/gTfWkTzGMzqzu7RAbQt4CZ7OKRVxTfZrtoRm1P0u
+TejHnaB5vUdGkyqblmyIucxoveGN9TSal4cf8miTQkz0ajgHENsFdKLjtPUM65VD
+kvJCny1zQenxwp3DilCCIcBzRhBhcWpUXQlZzzQYI/Vcv3q2iJzsrraMC6bsE7/W
+Z7bMMNkQKDb6GFTjL2t5YXG9FeKukVM1rMV80qdICErmnbeMzWn9hIa4ctGSTGKF
+AgMBAAGjggJBMIICPTAdBgNVHQ4EFgQUxJhIhTrZYQhfVLGYNcp+30OkpfEwHwYD
+VR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0G
+A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/AgEA
+MDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl
+cnQuY29tMIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5j
+b20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMDqgOKA2hjRodHRwOi8vY3Js
+NC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMIHTBgNV
+HSAEgcswgcgwgcUGCWCGSAGG/WwFAjCBtzAoBggrBgEFBQcCARYcaHR0cHM6Ly93
+d3cuZGlnaWNlcnQuY29tL0NQUzCBigYIKwYBBQUHAgIwfgx8QW55IHVzZSBvZiB0
+aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJl
+bHlpbmcgUGFydHkgQWdyZWVtZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93d3cuZGln
+aWNlcnQuY29tL3JwYS11YTAoBgNVHREEITAfpB0wGzEZMBcGA1UEAxMQRGlnaUNl
+cnRQS0ktMy0xNzANBgkqhkiG9w0BAQsFAAOCAQEAIBR3CphZ+shUnnj/eZtqW2uu
+qiClAsmgnPA8fS1aXqkHe2fA0pXof87HXE1sQf4HoofNJO/7RRbfiLGa5HjERSa2
+8JGRgPfAoyD29DyDbV1uUvOpUB3c1TLBZQ0OP3wyysThQaMTshtis22NuTaKwpB/
+fCFdsuFt97+6jSKb1Zsoa5hYU9Cz/LU6LW6PncYkVrfl2iZNOmjRSeBfMB+qsAu9
+zyJ1YYYQa7988vS4oAsbLIWnWXck3a8ChGZs1alsAv9iTh6qRloSXl2JWsmT8lxq
+PJx4kWHEk/qiJxVn0X8EpZPmneQ/FldsRvSQzh4rnTtt2PuqXS75NrmMTd0/pw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFBjCCA+6gAwIBAgIQIrmxXEoSYXSKUE0XIUepzDANBgkqhkiG9w0BAQsFADBd
+MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
+TFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4X
+DTE5MDcxMTA0MzUwNFoXDTI5MDUyOTA1MDAzOVowbzELMAkGA1UEBhMCSlAxKjAo
+BgNVBAoTIUphcGFuIFJlZ2lzdHJ5IFNlcnZpY2VzIENvLiwgTHRkLjE0MDIGA1UE
+AxMrSlBSUyBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBHMzCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALoBFHBZu+3cHAAWGCbPpfLm
+5KadFEuMwgzniL7x7G/2fkag/NJDCz5Vk4wde1ICk+KBu8EBqFlncaFweLHefHCo
+X9fphQUR//Zsg/XtIZaCt4lp/Cn336b8sCw/IjTmIrDmiWluRw55sES3jTbEbbht
+IzwIIUOMLtkpdJE7bO/7t500Bg3TZZ4X4WIpEdpkglSxBZ3VGa3qFKtquZ7jwM8U
+/eNwrerAHaKwvBfgdRmTZP0N68Ak2LiG/95dcAdY2LoGUImB/I6zfh90NZ3IJWuZ
+YauzKMNlZrFIKO1Lfz7qh37NHlSvKMa2ve0cUuHS+pziTVrqVyc7BQjI1POy3+8C
+AwEAAaOCAa4wggGqMB0GA1UdDgQWBBShEBXYG/6eTppOHfK2X0ETgh1BUzAfBgNV
+HSMEGDAWgBQKhal3ZQWYfECB+A+XLDjxCuw8zzASBgNVHRMBAf8ECDAGAQH/AgEA
+MA4GA1UdDwEB/wQEAwIBBjBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vcmVwb3Np
+dG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290Mi9TQ1Jvb3QyQ1JMLmNybDBSBgNV
+HSAESzBJMEcGCiqDCIybG2SHBQQwOTA3BggrBgEFBQcCARYraHR0cHM6Ly9yZXBv
+c2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJvb3QyLzCBhQYIKwYBBQUHAQEEeTB3
+MDAGCCsGAQUFBzABhiRodHRwOi8vc2Nyb290Y2EyLm9jc3Auc2Vjb210cnVzdC5u
+ZXQwQwYIKwYBBQUHMAKGN2h0dHA6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0
+L1NDLVJvb3QyL1NDUm9vdDJjYS5jZXIwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMJMA0GCSqGSIb3DQEBCwUAA4IBAQDL7q6WCUUM1bh3HcRj2uMuko1t151J
++L9RfGGvpRstb+YG3vEA1OQps3r4hHq7y46hkl13mpOspP40gZ4G0NtMnyP5a/8t
+/x2KMAgG7yG2gIOygW2Y/znxFvXeGiB0uquEAiD+Ph9F7FInMMQfJn/WV37fCnP/
+ksgapgTgHxp7piRhBHB21N+gAdX9uD8REtfotzhdO3F+6jL2coowQXTRpiEs2lJr
+O92ijJGnMETaSP2Pst6VhJe7mTXdMCle/1A08phy6gO4Z4Gh80CYYemyyhy+16CN
+8HYTAzI6ksWO7A5Rf2S/zNqVVMhCMLQaKvJncC3CDyF5QEEfm07fjONs
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE5DCCA8ygAwIBAgIRANs66Z/PZAfY2u75jMd/jBMwDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0xOTA3MTYw
+OTUwNTJaFw0yNzA1MjEwOTUwNTJaMGcxCzAJBgNVBAYTAkNOMT8wPQYDVQQKDDZT
+aGVuemhlbiBEaWdpdGFsIENlcnRpZmljYXRlIEF1dGhvcml0eSBDZW50ZXIgQ28u
+LCBMdGQxFzAVBgNVBAMMDlNaQ0EgRFYgU1NMIENBMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAuqv0ecv+COJ6TzZ5AdqGadw5MSRnRk0s8Y4t4357Dnoy
+jOL/6gkcvP/fn/m1gb/aHSL2qnR753PFHLkpiRmupUPReNwyx9rK2ICTC+YUDZlp
+dX957377nmfAGgUOvuPeJ4Y30ylopjngk7lZrEB3GB/rnVhRO5Q4eqoxDtkMsnQr
+UNcGl26dry2TSptvei4irIi8dSzt/C0e+V8ezfx+o5X7WhHF84YuQLKaeFmV/gzd
+pf1y4oR1GQNCWiFtuFTgwx6qMMv0A9AaY43R90s89MGutTWIwrJfF0lHESzkqUDs
+2OS4mt0W78SjiCUz9NBq7v6c8NnjXRdit7agREzFdQIDAQABo4IBbDCCAWgwEgYD
+VR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUdrOwy/VOkSG2lVd7gw/8FbIKHDAw
+HwYDVR0jBBgwFoAUVJndm//opw6jGZ1bvkJX3zD8jzIwDgYDVR0PAQH/BAQDAgEG
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNVHR8EMTAvMC2gK6Ap
+hidodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9nc2Nhc2hhMi5jcmwwbgYIKwYB
+BQUHAQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eub2NzcC1jZXJ0dW0u
+Y29tMDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9yeS5jZXJ0dW0ucGwvZ3Nj
+YXNoYTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsGAQUFBwIBFhhodHRw
+Oi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQADggEBALf+JxGUAsZb
+6hx1YR1ddqd8cGvtjptESJjZv6uezImzc0EqIzssfAGbpi0R3oCeodDO1du+/xd6
+xbfdUqqOg6yEY3Gu0r9NtSG+ZT9oGRDMhQSCtdnBkI5v8l08OUF+8tORLEnr632H
+8/Fzk7TENwERzZl53pkn5IvyenKJR+2OO+ABmppyPgeivnUebXZSaWcePR+fVNaw
+ogXIgKm5A64DjU3wYZRRsU6wDjkV7bwEfEbCdPn6osS9ugD7AUTagBkI3AqcLfuE
+CxDf/V5hUymQ9RXnkq1MrxDUL9CWWoVcJ6utoUr1J0hB/lrJcX3DiTZOf+GqqHSQ
+hGY4s4hr9tI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4zCCA8ugAwIBAgIQIDaUPL6gi2kqKW1mJEBkojANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE5MDcxNjA5
+NTIzMFoXDTI3MDUyMTA5NTIzMFowZzELMAkGA1UEBhMCQ04xPzA9BgNVBAoMNlNo
+ZW56aGVuIERpZ2l0YWwgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IENlbnRlciBDby4s
+IEx0ZDEXMBUGA1UEAwwOU1pDQSBPViBTU0wgQ0EwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDPTuxeyLsB5kuuWtudMsATk4FhEgG9U6ft2ocVM9OdQMld
+FbRm9CmxRxiGY+UG7VvSmBN3vzL/xtTX1JUe1Sy5+D0TcCBdGBZy87L8hDK3YCDb
+7ntQ22ZSh5jmw75GiM/ajadxWRQvhhgZfQcdQIa86FYrPwEc3WfM+zpfaclq4rZA
+EAnt31sSBR61kvPHqQ/qADLdvsrYSFBj4kVR62p91pP9Pr1e2PNvcwkKsuLaRn75
+9Dc7DJwky7L/G6WyZ3TFv5CqFNMHPqRbnG5fMwuoCqunHsaSyVFzbcLCbpvLxKdN
+Vs0mIlEu4V/GjnMFIFhCZAs9pLiBQIOcuJEcFPQXAgMBAAGjggFsMIIBaDASBgNV
+HRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQsxhCn9BTshBk/slPsmMs8yfdXZDAf
+BgNVHSMEGDAWgBRUmd2b/+inDqMZnVu+QlffMPyPMjAOBgNVHQ8BAf8EBAMCAQYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdHwQxMC8wLaAroCmG
+J2h0dHA6Ly9zdWJjYS5jcmwuY2VydHVtLnBsL2dzY2FzaGEyLmNybDBuBggrBgEF
+BQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5j
+b20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9nc2Nh
+c2hhMi5jZXIwOQYDVR0gBDIwMDAuBgRVHSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6
+Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAFxHL1t1rDDwD
+2FFgy5kTWRYD/tVaRrDxgeNtiYcIIUwfZ+h+/UwXeystEH5v6BPr9yJanXPtPIor
+DgrW+l9r6ZAFTqjAa2mFGMktBzeGk7P7Yz9Z5v0LNbOm3JVO8Z9fsVsAM1M9E3V0
+y8FvuPmvB9FW8ajXXEnRT7vkLs/mvi3kR89VJdtbzsdmodUK9GC9gzoy7WzUeUIn
+XZ+caJoEuGBXZcuqf4SA0dhiffDgP9Rs9xBq9Dt5u75zPuNXMv2A3CxA5VTZ1jFt
+DL5VgS41Uh3hFbckOhnXG0O7256eTR2Y6FLOB/k5UyUt7u58htIthSBmyI9tKR00
+O2AXQndmLQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4zCCA8ugAwIBAgIQTg1Z4ToaCOsNronpG2dQ2jANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTE5MDcxNjA5
+NTMxNFoXDTI3MDUyMTA5NTMxNFowZzELMAkGA1UEBhMCQ04xPzA9BgNVBAoMNlNo
+ZW56aGVuIERpZ2l0YWwgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IENlbnRlciBDby4s
+IEx0ZDEXMBUGA1UEAwwOU1pDQSBFViBTU0wgQ0EwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDMy9OpY4P/7zkTlnQMdIQ3BA46BQQUQUnrhQLaTutJzfW8
+8dqWSAZ4McLOAskQBaYGUN/fXc76oHsUR7bZXdF2lxq+13C8kgQXCs1sabReEbpM
+vuc6/5YR9O9xzyE8jZ/O85tcy8ZVDyh59oJ4Ep6P8jI6hKgSdOGfGtFV2um9awgE
+kjUsgdv8X08P040gWtE6HKU1S+7kgnONdplmIZdkGEr8Y6LalJqtEHIbeCw69iua
+x85yxfz/K3h03wAfmGskYSG7rkOFyoQn5tgLiG6eo2OG2iW97tVKmQZrtCfOGiIG
+E85YOxSXzIRh5eyNbRB14hGSBrAo5Sh2OkuW7HeFAgMBAAGjggFsMIIBaDASBgNV
+HRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSz/tvkSZXQoQD7hWndntIMlDewyjAf
+BgNVHSMEGDAWgBRUmd2b/+inDqMZnVu+QlffMPyPMjAOBgNVHQ8BAf8EBAMCAQYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdHwQxMC8wLaAroCmG
+J2h0dHA6Ly9zdWJjYS5jcmwuY2VydHVtLnBsL2dzY2FzaGEyLmNybDBuBggrBgEF
+BQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1bS5j
+b20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0b3J5LmNlcnR1bS5wbC9nc2Nh
+c2hhMi5jZXIwOQYDVR0gBDIwMDAuBgRVHSAAMCYwJAYIKwYBBQUHAgEWGGh0dHA6
+Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAdGQGgh8Ar89p
+cGr8XkoqawS/Z2HY6DvkO0OX8r6b/gnVNIYDGx/Fo+T/pxQNC39BfLzLU4SO5LLb
+6nSv/gDc87b6z/ZE5RgifCO8LZ4nyKUBIAl4LDV7ufxNMJctmclcU0Glw9oaP8Ul
+dANh/00WlE7x6XMKXYh0sA5/J27DbYXv6gZL16tMu2l/i+DZ5nlJ/ZywyD8uq2wt
+Kb515nHKfnj/qBfLLkc7zIfkQ9QGbCHnIwzkRSN80xSYi/AnkN2znn3SygEnqfer
+CTiIUpoCLcgsCkYYM4PhOKDr7httEx7cqswp0MMHKxjUBcL0dgbIhyvHN+huLjUx
+xybOLcOYHA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID3jCCAsagAwIBAgIQDR78aP6XDkXNe5w102dnIjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0xOTA3MjMxMjU2MjBaFw0yOTA3MjMxMjU2MjBaMG0xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xLDAqBgNVBAMTI0VuY3J5cHRpb24gRXZlcnl3aGVyZSBFQ0MgRFYgVExTIENB
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEkIijFPTilcgNvSmM409/5dss/YFs
+lTVxgl1Q+sFLNTHojm2+wLzKqXfX7OyxQTHg5SBBDo2+l4Pd6hdU+NZusaOCAU8w
+ggFLMB0GA1UdDgQWBBTV3oXeSkaGzWFcz6oo9CWnfCnhpTAfBgNVHSMEGDAWgBQD
+3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUH
+AQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYD
+VR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
+R2xvYmFsUm9vdENBLmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwBAjAqMCgGCCsG
+AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgGBmeBDAECATAN
+BgkqhkiG9w0BAQsFAAOCAQEAyHON5AldUWErtS01Zd9+kpUviNA83cMP3BGO816c
+SrhWxqZuM6yd+g7m1n0e0IcVi+ozEjeMoZcvWQKJsHLZ6b/l4z03yi2nd1oPzroq
+2vmtwqR/3ckzd3Be87pg9t2ozXRUKgCq7Y//M/13O0VSH9Agag76sJd0ZnDSNDfF
+ODaT0PLptAI4SwdSYl3vNLVviM5FvzCXD0qbQqQhl/roiRWUPSowQhOosz61/Itk
+7dh/UZzqwaFTXPH079kFKQzeTKukimY01KKPlg/w2w5Fstcbfidp82N3D7vIjJYS
+1U86mCqPWZd1J35qbJPhbo7/+IqzK85lpcSAorkUfR3AWQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE+DCCA+CgAwIBAgIRAJxs9pVwDGAAAAAAAFHTk6YwDQYJKoZIhvcNAQELBQAw
+gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
+Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
+MjAwOSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw
+BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MB4XDTE5MDcyNjE4MzE0NVoXDTMwMTEyNjE5MDE0NVowgYAxMDAuBgNVBAMMJ0Vu
+dHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBRVFNQMTEYMBYGA1UEYQwP
+VkFURVMtQjgxMTg4MDQ3MSUwIwYDVQQKDBxFbnRydXN0IERhdGFjYXJkIEV1cm9w
+ZSBTLkwuMQswCQYDVQQGEwJFUzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBANzuQL7uN0KUXjcfIOAhX+kmgFVcPgBSjqzmrEp523IM1KICgVTQsJQyDvdM
+t0qAgAqvUhy6Q45JhRISFu8YUyueXfMXoabf92LKHLfChYEy4Ixgei1I6VCpMv12
+udvpEDPtx3eLQJrWrnWVLtl40sGcBTmI37AmTw+z3oiudEUIALI0SbTLIcQv3YPp
+pb74mox2rFfzGhz+mzAKxE9dWznp/L8QeX1bQtbid5oImDwhFlnvS5KAvrxyEX5l
+Wl8x57BT4fSYhV5iP1/FY9y7Y0BemU/xZ5niTJhibQveJx9uNBnea7j4WQsAmaVB
+DO1hFe7g9KJWZ94p5dvW+iOytKUCAwEAAaOCASswggEnMA4GA1UdDwEB/wQEAwIB
+hjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3
+dy5lbnRydXN0Lm5ldC9ycGEwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdo
+dHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8v
+Y3JsLmVudHJ1c3QubmV0L2cyY2EuY3JsMB0GA1UdDgQWBBQcrT+c1y0iGaGcS+na
+8Soz9/u6DTAfBgNVHSMEGDAWgBRqciZ60B7vfec7aVHUbI2fkBJmqzANBgkqhkiG
+9w0BAQsFAAOCAQEAJhhuoOOrp7VZX+7gzDsbRLV7sbkiDZTkfBg23+trxG/lj93N
+sjQkpRRoUCH5HsmeaqhzfZWAv47ez53VrT/HzqECST4Yae2HDFysNaXGkBnV2HhC
+bjWEDxMB9HWlR1FM0K0l1wtY724NU+BqsDQL92JXxRlIGYQFvUjSyddUEcKFyNWi
+ah7BakLELC/P/V8C927byrCARGEOkeMYoA6YnMDWpQX12eRJCMuXzrSRzl7THoRp
+tTZGX2RaPIpqjnCfEzU8xJcFaaCfkXruhdfAv5ew6aECJ0liFkEgGW1ixPIjibwn
+6A/BaOe0xsAudqAjLTQh/9xQnaAdrK6bxqxGRQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGBjCCA+6gAwIBAgIRAN/taPn0qYs3uaR/m7ZGGIEwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDczMDAwMDAwMFoXDTI5MDcyOTIzNTk1OVowezELMAkGA1UEBhMCSVQxDTALBgNV
+BAgTBFJvbWExEDAOBgNVBAcTB1BvbWV6aWExJTAjBgNVBAoTHFRJIFRydXN0IFRl
+Y2hub2xvZ2llcyBTLlIuTC4xJDAiBgNVBAMTG1RJIFRydXN0IFRlY2hub2xvZ2ll
+cyBPViBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/P5VGAQQhE
+suVfPA7oCgVSFNi4kIytdOOxb4hqGoBtTxexnHwyT0bGwxOSuvsKhfmhSxAn0plO
+nCzUoQW3AOddLODQt8IbSdKGMSniTiG522TZUoyFDeEfPn2ASeivHMlhCg7a1qEr
+LBSeriiuZpfEADqSZBW6EOg54KprewjMjabY+SWqH+WObgYa5K+9tuEjfjYqf1Zt
+BKXxys84GprQn0zl93PAVEZ3Yo1OF4zuF5QzSuD6l933gGebq0EX/JWmikUcQwsf
+0RnlkwH+4Yq3m4uzV0BXulqEDMQuURINVDK9/0GsijMjO8j53cHEgIOgOx11SsUh
+0ppkQpRXo6cCAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvA
+nfKyA2bLMB0GA1UdDgQWBBRj5T/4zyexMRkqK1zN/y5x+yk43zAOBgNVHQ8BAf8E
+BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICSTAIBgZngQwBAgIwUAYD
+VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
+BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT
+QUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBHwDEaXKg/u+srk31kfi1GJOYs3fQD
+QTT1FIj0IQ02M9zbmNipVMhamFYfH0RoD5/v4tc0Eyg81zMbmWpgn5R+ixXpAvjL
+WYzzSeE/pAlf1BuVNPXjnNNCf6tl6Ik6MsW5jGrJ7ivyUbiBQqWce0+gJfnzgEUT
+1j4APOwuolLtqEKzqz099vqwuhJA5JYQEtSPaBEoRSlNS6kSraar9BaL6oSqhPrV
+mQSIx962dqJCxbm8Bk5tN9NzH93np4YJuIuGE2mx7K44lqdXYERWdm8EpFzo9Nak
+cq5MsVs1yiLdRdaZAiMSOvxpOECxxcuh/Pno0VYG2GRpQcgm3Fwi30O2OzLJ7eOI
+cQBItHxOo3JCu1cNfy8X36SFP8prZPXTqHSRI09Z9nMDzB0KF2iTHsG+doTUvCIj
+rTcwLehnYCeivpFiHvWmCiue451NeWf43PFH8mWwSdvhSJI6KMsO2AmoiqQh3VBv
+WNIrGWIrzvBNCWrDp8DBY7wq8CgNU56mKCjT0Es17AA7mlcc0qL7zaib0DMJodiD
+rarDI5LTPf8ifIU+kkWKEAuSxiBnnXvRmdw/X9G7KuHJ/43G3Lpu55srP6jsKA2m
+0fRZDZkytVB5a2yijWm76QDk1+ZP8n1rYVKqivlYZM6vwVVVp3E67vB42PeiNwnh
+n6nkJcD6enyN6Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGADCCA+igAwIBAgIRAPbOoBhRRn9q0a7gMWh80OQwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDczMDAwMDAwMFoXDTI5MDcyOTIzNTk1OVowfzELMAkGA1UEBhMCSVQxDTALBgNV
+BAgTBFJvbWExEDAOBgNVBAcTB1BvbWV6aWExJTAjBgNVBAoTHFRJIFRydXN0IFRl
+Y2hub2xvZ2llcyBTLlIuTC4xKDAmBgNVBAMTH1RJIFRydXN0IFRlY2hub2xvZ2ll
+cyBDbGllbnQgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCKylM2
+NjH1L1H5KKRNLsR9I/JOFKK8zz7FoNojewte3Jbi2DmzXHDKWeac76AqmUoIO2x1
+yAK77jmdVH7WL/g/EqkX2bwwKNc/CqEsEBV69xAYBn9DtiKccCkfW9LlhPbgEt6K
+/9P07XILsJfbQR7LzE+TEzuPj44QIic+ogn55WoXXvAZ4iAMeno+U2koaVxPyi79
+BBr8YMgRUq16i4tE+pNAu2gm2ueEq+LO92C7IEGXvzNC8keZnwCwrkp56DFFPAL7
+t2fNrnBXBY2MA4rNvug+N0EjFjCk824HWu3XyVOGRGulaav6LIFTMmljEMbrpc18
+zcSOTBBzqjEsiqKPAgMBAAGjggFrMIIBZzAfBgNVHSMEGDAWgBRTeb9aqitKz1SA
+4dibwJ3ysgNmyzAdBgNVHQ4EFgQURnJ0x3lPfQtVjILfZDlOa1I3ce8wDgYDVR0P
+AQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwIGCCsGAQUFBwMEMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAkkwUAYDVR0fBEkw
+RzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNl
+cnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEF
+BQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRy
+dXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29t
+MA0GCSqGSIb3DQEBDAUAA4ICAQByyNVZbNyFWDGhjaFOVUdJj0FhGGQmFI47tRWi
+pzuH/Xcx9I9zv73FklJtQXJ2OerE3DkephxxUxHt6T0I+h+cnHehD2abMT8qII9T
+20b2mVAiR1r1GSUwBuOlISGWbCjo6obFZ2a/38UmD3tVm8yLa6CJZBM99LXSb6sU
+UUrWbpOkRVExs4x0J/4pX3GNAHDS7n7FXjX+qAvaiAIgokr3DnWTfMI/PPzWEIQ2
+skIUSy0Wjuz3ia3fh6HZGoObjwXQwfT9rHmPQ6S/9CmCeOibT2RYx1HRHUFLS4kD
+kTDuRdnWd/36MoCiNJ0aZkjs8f25E3fP4AzQ7oY7csumdRWWK7g+aKLQdQHEZLA3
+8CbTJlgQNylLtxV71saNu0A66/+F1JQWQeFgGoLqDHjdebvtx4xG5W3o9kFZki8N
+/n2FFuTfHjqYugCkKUzPJwpArW9AgLM/8R74y7CeQVrmZnMD9FRuDkb0VTtjL1Mu
+DGD9V7vBAEZ3+yOrWh0zwkpLzdM91zVps99+fj9+jdCtSC47JEnOOHsCWNCoHk6D
+qnUbLYE19FnltSyguXBYDy+IypErebIffHYTic1bcyS45S6tY17h15Npz3TWQIY1
+Fn8qyR7M3ScltpoexG4sIiLYLMFDWU/jR3vzG5+2uE7DLHz0C84zxzaKtO+gnYt0
+Ud/6Pg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGbjCCBFagAwIBAgIQIK89Sa6AQyfcsl+9j9wM3DANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkw
+NzMwMDAwMDAwWhcNMjkwNzI5MjM1OTU5WjCBzTELMAkGA1UEBhMCSVQxDTALBgNV
+BAgTBFJvbWExEDAOBgNVBAcTB1BvbWV6aWExMTAvBgNVBAoTKFRlbGVjb20gSXRh
+bGlhIFRydXN0IFRlY2hub2xvZ2llcyBTLlIuTC4xRDBCBgNVBAsTO0NvbnRyb2xs
+ZWQgYnkgU2VjdGlnbyBleGNsdXNpdmVseSBmb3IgVEkgVHJ1c3QgVGVjaG5vbG9n
+aWVzMSQwIgYDVQQDExtUSSBUcnVzdCBUZWNobm9sb2dpZXMgRVYgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc9GUNkbWTns4Zyf6ngSEbcOlG6IK7
+7W0DU3j1Z+Zz37BBBpvs8lbGnjzSEUcPBNCT3wDbqjJQllGQchOe1req1TwVpP4m
+tFJ9DbrnONXTORz48XyBHIe/Y+Vb5oP2Ea8rozwcxsbmG7gMPb649Z8N/Ptswomw
+axOwDtVYPQyIe810t33rhif39npAZdl48bM2EutkD4K6X9XokXELUXuMn3gD2V/6
+OOoehJ27CV6rL736xJmbBKHjXbhqr/yk27qaC4m8XGFp8GCtzFo+d/mxuGavKq4x
+e5ISbKBYAdR2G5Gpr+kuw2WGSTcaBDn3uyeHKPI0goaQoCMECyqTGZeVAgMBAAGj
+ggGLMIIBhzAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4E
+FgQUqIvDFcbat7O3PMH5JoaizPZ3Vi4wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1Ud
+IAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29t
+L0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20v
+VVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUH
+AQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3Nw
+LnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAHJ3tjJyMAJR/xNlNFP6
+9bOcxT+cfBRyfFiTtwYoftsyLR+yqQG9RQnh6bt62JS9Jf1qZrDHeGZPBTuwdtp/
+2VWhblqWKsfGPgGoopkBSaLu1jeRbplc3qjqEGakzPVQ5RIAQqwzn0JVtzEzeLLo
+4I7aFnKkBI2tVV1yIn683adAb26HR2Pt2kVZg8tjvUbh+VtQtTaytM6RrFa0+k9G
+639zNj/lRy+F5iQx/BIKMKlXnOtLwORYrpVmX0jjNLc32D/FTuPfw/cBNWY4Tu5M
+eRgu4j7QIjCIZoNDCmB6blqL3M5ZO4dOlA9zySIJlfKCOPKsGEMf3Tt2uSaOZHGn
+93rZn7sYyACuijWw/M7OPj7SlUutBDslwqMnLDjWp8K3hpNnxXkOsT3WgZYiIUb8
+5jYXUputfwy3LWR5x7SiNg6RbNJAb4mQtXs2DMoK8FFjCp0G39jWH8/uZwtbaxLc
+QHJEPi8KdMEAJ7wWEtzjek3a0WXE9j/5uYVWBdLVL1afxjyB5M7cWyJur/MFYSuM
+SmFYenRKujOnhG3pM1g7ZasMyVNwg8SKwsleUOV29VsyP0x29rA7IK7XbJXWz4gt
+e2EsBcWAlpo55b3GoJaDbgB8OtpZTGt49SSDb15JROlTuEhlwIkOtOuQkKSEpg4e
+ZEwaYSjGTFZTc7tzBu+utl8i
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGBjCCA+6gAwIBAgIRALMcXS7T8KrJaCn0VoiLO44wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MDczMDAwMDAwMFoXDTI5MDcyOTIzNTk1OVowezELMAkGA1UEBhMCSVQxDTALBgNV
+BAgTBFJvbWExEDAOBgNVBAcTB1BvbWV6aWExJTAjBgNVBAoTHFRJIFRydXN0IFRl
+Y2hub2xvZ2llcyBTLlIuTC4xJDAiBgNVBAMTG1RJIFRydXN0IFRlY2hub2xvZ2ll
+cyBEViBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKRYvlj4gqxr
+SMQPfD5tXRBiK9tifjCoeFZ6BnPwT+G6XthhxODxX1ZVrqXjREjtef6uQc1K9ao/
+gXJ5jA4soV72lRLvxyVZ9uHcw83WZft+6oqpQaSOdo8Bvag3HEegoSb3zElSmPhv
+NArENCdK6uiHmXvOW6uzPPdXG4uMeqyTdZVlR1u27UVJ5xB2Um6ryNfHqAA4eN22
+djopHRIeVAu5sQoeAurLTBOfq4QEpecDm0xa+ySe642X+HVNzQGye7diI0sD/ngf
+Ir9x7h1HxyqxC24rXT4XZlK+ZA/d5bpuvoMQMDEV4CKo6T9J7oo+Oq3u+HFwBo94
+BClLlXBc9aMCAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvA
+nfKyA2bLMB0GA1UdDgQWBBTWUeJ5s8ZXr95WY+CywoVtRjQVpjAOBgNVHQ8BAf8E
+BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICSTAIBgZngQwBAgEwUAYD
+VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
+BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT
+QUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQA0MXhgkf6J+NnG0SAwIkNrC0zv27vT
+IwtAkVcp3TaIIdnIT11XJ1mVmt7MwidqMC7cYXqe81zlIlVB65+NwZWuhEiM+1ce
+vu8MFA6xcaFHFTTFYFIsBGHw7Fgbo54rP5cIHKehyCcCxvFFdQ2tvbMVjGWMubZO
+5sD0rAWb1gGkVQ8uNgwR2RJrrfllPDqbNz/PNyxAAJWtY7dpTd1duEvA8u+uJ2wk
+0DHKtPX8MvmojNwL89KZMUbXE+Ecg4Dc120SWjk6tcExkkceRP91MQv9oSABGw03
+mSO2F02LguHJbfrS3kP1Twx68B33SIzR7OUcP93aAU+eKjCiY+jMqfr/knaqmaY1
+U5AEANMHIFLoM7SOYvQhBa0sqNAxiwIZPT2lGxN8/znPAf9wEk7zHOpsJ2Qd+Tb1
+Or6F+Y0Q2SsVGCxEB+HiFG9Az/rBk0sZhMuCyvd81XYPO7aTJjf/ppwtiBxdlTJK
++/hjAlzEHGZzeVDbAJ2/K1XJgxsqYpfET8qfyOrDjbCfiz4zuIy49aJuU0M8NMcQ
++qBBcLfHP9K+wpAJ88ERGlFx0uPip8Trd4L2asW2K+We0S3epfCC9/zmMfi4uVQ+
+HiODkiJQstTt0nS88Vuq0uYIynnu52G3ueKVtNkCb45AxT8MO2UIH8Dm5cvHV84G
+BTbqpLm41FxfJQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvTCCBKWgAwIBAgIQClC8/rpytrSp14MSu9+E2DANBgkqhkiG9w0BAQwFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwODA1MTIzMzQ3WhcNMjkwODA1MTIzMzQ3WjCBijELMAkGA1UE
+BhMCSUwxFDASBgNVBAoTC0lUc01pbmUgTFREMT8wPQYDVQQLEzZDbGFzcyAyIERp
+Z2lDZXJ0IFBLSSBQbGF0Zm9ybSBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0ExJDAi
+BgNVBAMTG0lUc01pbmUgRG9jdW1lbnQgU2lnbmluZyBDQTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBANhCW8bztQiJLYpG8lLlcLXN0QjHEXTBFu0rCku7
+aIMcGifoXeP1aM318hG5RxfN8l3nrDRf/mF/LpD+DiPPZ328KAbwprBdmZXcucZ+
+1cUuBTdC7cfGRYcaUEaKszWOfggi7nwfQB4ZDbQNatUCc/WY53pP1iiSn8WG0O9o
+hjaP4v5xd+OvKENi/RwRA21NXaZrArtKIxUij6Ye/U5yXq4N5U6mGO2UTKmR4zzY
+HGO/kOAbAw/ikuA9fqqjt2BRTUwpL0kXAKcyStfihtV10/UQSkBfNhlGdGez32Q2
+hFtxSWWbDwtaOq34Ei3iTzT9GHPy3QBdrMN8pymgaOwXpd0CAwEAAaOCAkEwggI9
+MB0GA1UdDgQWBBSeisNMzCQGVOU9/b826k0BVILoWDAfBgNVHSMEGDAWgBTOw0q5
+mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB
+BQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEE
+KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgYEGA1Ud
+HwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFz
+c3VyZWRJRFJvb3RHMi5jcmwwOqA4oDaGNGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNv
+bS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwgdMGA1UdIASByzCByDCBxQYJ
+YIZIAYb9bAUCMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
+b20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNh
+dGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBB
+Z3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBh
+LXVhMCgGA1UdEQQhMB+kHTAbMRkwFwYDVQQDExBEaWdpQ2VydFBLSS0zLTMxMA0G
+CSqGSIb3DQEBDAUAA4IBAQC6Mgy6pQJyFT6FABhc6zBCV27hkRDzaX1e4BZzsjIN
+W1WXL72pGh6VLuyXS1YV236A0k6+Z1HDcebhAgVGbudpGyv0gts4JzPuaquvJNls
+7IieJIyjp/Tx0d/lMbEKbs0VxAvWkaiTeVqsX2g1stcOgc5nFyGkT07RqBe789ST
+bOOq8KYBDMv9DDb+WveQJ5gj4hX/E4sANbIGe7One/UM32aZqD/1iiEpqs1+NgrG
+4B9mVNsglVXKRfrQJonq4awsfpXu9D+8uYJMH9opCRZVMWaTheSSUqUvLySsX733
+PKUXIeBSCxMhy8UOsFxLzQPHIW+msUgG1iUHV087C1ZF
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGyzCCBLOgAwIBAgIUcsmHQXZHIx0hpaHhMjTIDzP8NaUwDQYJKoZIhvcNAQEL
+BQAwVDELMAkGA1UEBhMCQk0xGTAXBgNVBAoMEFF1b1ZhZGlzIExpbWl0ZWQxKjAo
+BgNVBAMMIVF1b1ZhZGlzIEVudGVycHJpc2UgVHJ1c3QgQ0EgMyBHMzAeFw0xOTA4
+MDYxOTMzMjlaFw0zMTA2MDYxNDQzNTlaMGQxLDAqBgNVBAMMI0JUIENsYXNzIDIg
+RGlnaUNlcnQgUEtJIFBsYXRmb3JtIENBMScwJQYDVQQKDB5Ccml0aXNoIFRlbGVj
+b21tdW5pY2F0aW9ucyBwbGMxCzAJBgNVBAYTAkdCMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA2GpGW8pDGBA9V5T8IupMxwE4inSXJERuiiGstka3Tx4v
+XYotysM+irPC1xnnKNj17uUJRYD95CMnJN59DsYhL30jFeH1cvNLQDidopVqFRkC
+PQDSPYY9Gd3ua2ecJ49GJ7XZfXIsXYNqh0DMOA9WesYCTobHZMtOXnfl5U60g2FA
+5fSbAbS3lgdvA2hR+g09xUTMJp9FzIF4oAgF4HQ+fVFBWPRkKq2A1LMjB+33kmH1
+VLCpnOk8cl0TyLMA8THjOx7sTkbogKh+Ml7F/oax2PxKrP/elLSOoCgX0c2Ov8H2
+N0YJyUiJC20CO73GHUKPPHx5OI75oZYohP/7zXQ656Vr522v3FF4iIhiJTHvh4Ra
+YK/4h5hgPN3rqU/Z25QNWDUC85Vm+gbPi7u2re5BARu4keD4wfk87byZI670bi9k
+ndLJvJkeRG86Ygiko/iblPSi1zMb4+MmpbxlzC3iVfNwU79D66EaOouGIiPUaWn0
+ZWKK5Dl/GtkcOotjAXxqbZI6EqyfhRLPGpditYZAA4YPoofBtipm5bK7pmzG/f4+
+F827l6mAAFSwM5EyrCZKoaHDA33polzY9YkqPJr+/SsXRuHyrYtqTkiLGDt5swH6
+8dXH0zrQFE/HBc/j0Qj6Cz2ZoNkG6O0c9cnCXjOakorFuAAGGUtUX0KfLRQLUs0C
+AwEAAaOCAYMwggF/MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU8BZgIpg1
+iS+G/M3ZhxwNY1VtOkcwOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRw
+Oi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20wJwYDVR0RBCAwHqQcMBoxGDAWBgNV
+BAMMD01QS0ktNDA5Ni0xLTI1NDBPBgNVHSAESDBGMEQGCSsGAQQBvlgAAzA3MDUG
+CCsGAQUFBwIBFilodHRwczovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3Np
+dG9yeTAnBgNVHSUEIDAeBggrBgEFBQcDAgYIKwYBBQUHAwQGCCsGAQUFBwMIMD0G
+A1UdHwQ2MDQwMqAwoC6GLGh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2
+ZW50Y2EzZzMuY3JsMB0GA1UdDgQWBBTUqHQyW9PB/VLtWvdNQO4FfSVmZTAOBgNV
+HQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAC+FFOiiklphYtWWcSXsmcW7
+x7Cmc1bSKJln3cnMdfhDp71tPJxZmlKmwodadlTZf0x01BOWRttr6bA5K088dpJe
+K8RRTX/RzJk8XTejpIFiBdEmCDxVO8gQ8M0PJ1sFlvqNefo2ZGOtV1SbWAHCXAYK
+s1ryzJ0vOb056gwCF9qAVm4Xo42LDiPlshtAMZ54cOtKJ82Ac1A++6Fr/2T2S/0v
+Ml9uKLpsUHHlTH5GWM0ORN9c+Lek6d6t1WcnP1SCD8snX3VahakEjEsEhE4dz3Wm
+ntWWr8Q42NpdTrQZbRbiAUwmw90j2DZ84WoormyQ1fVskDJCC7ppfZpP/F0Vj46F
+XSyVGuiLDCg77xy35B1JMFtwPjQ52EYDi6X4s4POQe3Aga6qHMTmLjV2S+CrrkMT
+btsOcYZa/SCE4D41FfKxh8DMKRgT/+72bmpyW7nbUEDhvxMBqz5WMtf/5IzWVGaJ
+aPiSydgygzOVuJzh3UPFoGQ10xpt9m7RywyATVAUw852Vlrq72sAu8P9sowntjhn
+r4zQkcELQL2yh2+ufPUuCudMCnIGV8KAwmKzVFSjUAElbVDfNfGHcNFbj2P51lRN
+HobmYzJ3+812YLTlZDdLZTY525Ifu6p8pAfVUUC3ikIqEkq7cyN8V78JBxdjD8Wq
+mdj8G9sjoeeF4EEEoNoL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGaDCCBFCgAwIBAgIQFu99tiLhTZqnh+g/m3eLNTANBgkqhkiG9w0BAQsFADBk
+MSwwKgYDVQQDDCNCVCBDbGFzcyAyIERpZ2lDZXJ0IFBLSSBQbGF0Zm9ybSBDQTEn
+MCUGA1UECgweQnJpdGlzaCBUZWxlY29tbXVuaWNhdGlvbnMgcGxjMQswCQYDVQQG
+EwJHQjAeFw0xOTA4MDgwMDAwMDBaFw0yOTA4MDcyMzU5NTlaMIGkMQswCQYDVQQG
+EwJQVDEsMCoGA1UEChMjRGlnaXRhbFNpZ24gLSBDZXJ0aWZpY2Fkb3JhIERpZ2l0
+YWwxPzA9BgNVBAsTNkNsYXNzIDIgRGlnaUNlcnQgUEtJIFBsYXRmb3JtIEluZGl2
+aWR1YWwgU3Vic2NyaWJlciBDQTEmMCQGA1UEAxMdRGlnaXRhbFNpZ24gUXVhbGlm
+aWVkIENBIC0gRzQwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDkqehv
+trINU5kMuOB0eRNyzgxd/f3COAwEyJbqsUKg4UeTjFtWR/S22GU1g9x2YkeDQr3i
+FSuyqRElznsA0fMBKajILKh3vHdtZ4qp2oyJ4yuikUpO7BNn58c1IqScWPY3HTZI
+VUkqrGWbfk5XHPn2siKoqVYmvRTFVig6EXRRExlnm8/JY04ReyumnUz07VDi5v0n
+iTvIokClNGQXOBiqOja8kEj+uep9uRVCOHb9CnSRcvQmPJ3MP7oN5kbiCoaNPOqx
+NjldFrcV6lH/6foMPNQC+p+p3RBbJ9P78yMvusdEO04rHv/nkKGH+6eMjaZKZF1k
+Lzbkna4dMLG+h8CG6vTy/HsJJrEHFPm7PaBAaxEnj7We/n/peIPWGo03656/sKZy
+MyaVQjG5aWB+EixOECpCiT0h2nkfloa4CQuSYb9fEzatH2NIwjpXbEiAtuSpkock
+gFEvEOjDFChJpBgf0n9yNhjrKocYa8T8rTzj0HLvZJ9WbHTbmyViNkUMX+0CAwEA
+AaOCAVMwggFPMBIGA1UdEwEB/wQIMAYBAf8CAQAwQwYDVR0gBDwwOjA4BgkrBgEE
+Ab5YAAMwKzApBggrBgEFBQcCARYdaHR0cHM6Ly93d3cudHJ1c3R3aXNlLmNvbS9j
+cHMwUQYDVR0fBEowSDBGoESgQoZAaHR0cDovL29uc2l0ZWNybC50cnVzdHdpc2Uu
+Y29tL0JUQ2xhc3MyRGlnaUNlcnRQS0lQbGF0Zm9ybUNBLmNybDAnBgNVHSUEIDAe
+BggrBgEFBQcDAgYIKwYBBQUHAwQGCCsGAQUFBwMIMA4GA1UdDwEB/wQEAwIBBjAo
+BgNVHREEITAfpB0wGzEZMBcGA1UEAxMQQlRQdWJSUzMwNzJ2RjYyMTAdBgNVHQ4E
+FgQU1t8PehwdXyxSL9ixvtjpeR8E+X4wHwYDVR0jBBgwFoAU1Kh0MlvTwf1S7Vr3
+TUDuBX0lZmUwDQYJKoZIhvcNAQELBQADggIBAD+c6pCBku90dgZLUZK6EQdDgxqF
+rJHnKoIhpVbwRhe68AyUvZHN6HWsvJTJnZEBBYyEKEVlEsJ65YgWF5Wmk1DvmvYx
+m6xrkvyHv6QQYlbx4CZCXlwcLAcbxUTi+PKLwOwj+jXii/S0UrTC9qHS9E97eQ/V
+oOOLcdX4PhwzIKI+mv6fa1v+bdVfVvdsvEhVBQf7E0dwZBZKwIlKvjE3tOibbW1t
+9vUYcd/37iNa3bb9sczWsp5pdp7Mr3483gNOArTb77HknUvpLUTTIfiSRfJR/05k
+SdYZxfjbbcLINwGbxq7mw7Rcc4ng8wSbB2MFAQfXi2wK2HeD8UYafhWo5d7kbSpl
+4ICPeO593dOc9Vw1vax1JoOkNsr9iSWryk8O7TujAqi1viMF3j6sZL4HArRnQff3
+Df/XOaTvLaVcANn+e1e+ikiUxNKGJtySTZ6fIDZk9kXAr1umXZ00Js784L2wizTx
+FJvc5IWWi+NG+MmDnD3QZc6rRyGsAnuhV5EqXxwenyB5lJ1/Gf6hvxnYuwqpEYN3
+L5/Lpue8+S0omLibtwEdzUvyrtl0Sq44m+KJZ30wbqxzq9F3PhW+iPdeY6EhpeIB
+jyap+tLO59nia73U2gi4yusJZ0lKTxfUd93HtShthxkfIryzcU7upa6c/IEXju/g
+/HrGQwThYjf6S/I6
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhTCCAwugAwIBAgIQPLTWlkfKJt1jQIE1gZUBPzAKBggqhkjOPQQDAzB/MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNvbSBFViBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTA4MjIxNzUwNTlaFw0y
+OTA4MTkxNzUwNTlaMHMxCzAJBgNVBAYTAlNDMQ4wDAYDVQQIDAVNYWjDqTERMA8G
+A1UEBwwIVmljdG9yaWExGjAYBgNVBAoMEVNTTCBYIFkgJiBaIENvcnAuMSUwIwYD
+VQQDDBxTU0wgWCBZICYgWiBFViBUTFMgQ0EgRUNDIFIxMHYwEAYHKoZIzj0CAQYF
+K4EEACIDYgAEln291HoOA4SpNadE7bspL7HQE9Nj7yw0k0ZHx5SAbfPzAmk/Cwrc
+kTK7pw7W4sWwRLzWhSqrYHi6CHv081Gv4f0Nv9AF7oSuK/QZ4Gv6QfVxDU29wYeE
+MMNzdx8Iviejo4IBVjCCAVIwEgYDVR0TAQH/BAgwBgEB/wIBATAfBgNVHSMEGDAW
+gBRbyl7l3tKBqs2oLWRRttlym5fmTzB7BggrBgEFBQcBAQRvMG0wSQYIKwYBBQUH
+MAKGPWh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTGNvbS1Sb290Q0Et
+RVYtRUNDLTM4NC1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wu
+Y29tMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
+BQUHAwEwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybHMuc3NsLmNvbS9zc2wu
+Y29tLUVWZWNjLVJvb3RDQS5jcmwwHQYDVR0OBBYEFHpgi6RpBncesspO95MbmWmR
+18WEMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAwNoADBlAjBOWe3TcXmp5N+h
+tYYEohAc1Giy2j2LgxpmuHmLkiID2D0gSM82PCSsT6+HCS5N29gCMQDj541NUp0A
+//4GeZyu8sj/hlB5PlJQhBud/a+76Z3k2W4no+46o/DVmk2970Wek74=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG4TCCBMmgAwIBAgIQKHpJphmDZxRIPBZGR/82CDANBgkqhkiG9w0BAQsFADCB
+gjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9u
+MRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xNzA1BgNVBAMMLlNTTC5jb20gRVYg
+Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EgUjIwHhcNMTkwODIyMTc1
+MjU1WhcNMjkwODE5MTc1MjU1WjBzMQswCQYDVQQGEwJTQzEOMAwGA1UECAwFTWFo
+w6kxETAPBgNVBAcMCFZpY3RvcmlhMRowGAYDVQQKDBFTU0wgWCBZICYgWiBDb3Jw
+LjElMCMGA1UEAwwcU1NMIFggWSAmIFogRVYgVExTIENBIFJTQSBSMTCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAJO/DIsVtcF9GCdqiuM44ihD85A98/hv
+JtV9yd5S+jxlj5OJIZq/nId5CgB3vr94WrWLXDn9sn8rpW4vldMbQogIVHQKyEJ3
+VRIfRZYA9EKiHuzKWsuxr7Apg0nNDL3aV9JXCjz5diev2ulnyHv4BJNPKLx7tmhu
+UeZ4iypHJyzqLkN4eQnkS3cGm2fpS8zPCr3wwkH4a7YMpb6rMMdcFZrMBYUpGwcY
+JrrKl7Xm7x0mbE8n/j964GhqgOVNi/ohuH9k7FL9978sNTQDfjHhpyyx74bQPZN6
+1vdVYPrZAIDWnJTACTeboxgcte5xHYN0CPaqSZgFaDEGgSY41GzcKkWsIvRCJPh4
+By8vkFvEHygWS8K6fwJFY1t/rNRyRXcCWhAeLiWFi1kkZKBsWTtR6u4CkQkEh4O+
+q8psfXBbDyWoAFquiBRiD6YLDRGQfE8cIag6OS8xYZjI8j1zTThIDQ0GLmNf5sZi
+NIHhbik0DO+adkK5mLjNFMOMxuH8lyUjVkdVCsk42+3sa++qHVOPYeQAL5myLrj3
+UG1vfRe7TxP6fW7T1FUVMVCEK0SxFa/EtrskFrRY8hiJfgALfPJCYjKFk6rdivkJ
+1UhnD+ns9uIpGHX8S3oaw5d7lg6HFaEWGdHJvZE0bq9JBLK0elf/q7486jWzzt1O
+757LW0BNsbOPAgMBAAGjggFfMIIBWzASBgNVHRMBAf8ECDAGAQH/AgEBMB8GA1Ud
+IwQYMBaAFPlgu9Tj1TT2uPUGgCWnc9tGaaieMHwGCCsGAQUFBwEBBHAwbjBKBggr
+BgEFBQcwAoY+aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVJv
+b3RDQS1FVi1SU0EtNDA5Ni1SMi5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nw
+cy5zc2wuY29tMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwEwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL2NybHMuc3NsLmNv
+bS9TU0xjb20tUm9vdENBLUVWLVJTQS00MDk2LVIyLmNybDAdBgNVHQ4EFgQUey9x
+PfXRNOTvG8F0Kc9I8TTyc9kwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUA
+A4ICAQAt5fcYgRgPo+cqxBohstEip+nznvhl+lqMztRjiUksotxBF7+lXLBceEmD
+U/G1iXouSGwQPzD7h4CHvjZfRmckHidZXl9PMq8oiHUnL0VnlXc27HseCIPv7AQz
+Bjmp/8OALteBmXWGXbQrdZqf0WQOjWRGi9isGurCpycYgzu0NAXcxsGCqLhsENvb
+C14xQyPBiiWepTWTWOaGBPu2djXx4vt0DNztO+pFLdzAxS7Aa3icY8B1g4aIzijn
+jgHLGrq/C25mi9SsTYU6/7PjFnfUeAwMDKUUNjTuOfeZoMy0OtOCIPdXJezCcSvJ
+s8BrP6CQC1+bTHPF/LU1Adi185355nHH8cGeYqFc3AedwPl4vJfibgyZ3+pm+Inh
+KdWvtbJIvNqthMMMsr+MJXGeL8M00/XUuxiMh+d4UKcDvB8K6OeDwK0w+4MOQ3kz
+DjYg2H9J9xdixORs5gk3Mfh3uoVpa/M0M4fGCoygpQpgQ7Oc3U10N0LDfZ57b7zH
+BXFruguw53kxjuwcb9WhrG94F/df90VhKAJFIwP2oMI0IbHomeJToSIb/j5FS3fx
+0evj8mzauSSkHg3x3GANp1BrUfE+5oLRR8Yn9qKeUqZQiDofKRLvn92RlC9S3a53
+FRxwWvzqidy7bVSjMa+E20fdJ+UQnmfYeqArlJx8iQtHM1T+fQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG1zCCBL+gAwIBAgIQWvZzZUDx/Gn4HYHpZWV2mzANBgkqhkiG9w0BAQsFADB8
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTAeFw0xOTA4MjIxNzU0MzhaFw0y
+OTA4MTkxNzU0MzhaMHIxCzAJBgNVBAYTAlNDMQ4wDAYDVQQIDAVNYWjDqTERMA8G
+A1UEBwwIVmljdG9yaWExGjAYBgNVBAoMEVNTTCBYIFkgJiBaIENvcnAuMSQwIgYD
+VQQDDBtTU0wgWCBZICYgWiBTTUlNRSBDQSBSU0EgUjEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDHEjtBZz9/b0R1dxsHgmL/HsaGgbVoc/m1CuuCxJkP
+No+fDDrsB8h692u1KIYlj3b0yiknaiHDUV4QPFkSzkvb4tuSu3TOzN0XyNG3LEus
+qn8mLNtEskIOKKiLCh1p69M6ilUWnXAgH+gvaOt2qn2dqmNxvgGdF7cizpfUnvqo
+Ib6WIC6tKi356h7tFoCDKPvR455ac+D+3sLSkWZJ3Ix4LYkCDhdo2xjI60hFkFRl
+O6Ov0C1GeYvj9DkgsbCQRM11pZj5uD8Kd4BxkQIluqmIkvPR3Bl6v+5tDY20c5Yc
+1jkHNHF4SV0bC3JvpTQ23OSSxM55UBeO1bPTA0p4arMsB0I9eTD7tTUilu1nDSCA
+Fgy9oCuvmTTmFgdHMfm4WZZHxfXaM5fHQV8Lo5SO28I0y91zernWrQ1qS3hS1mbD
+LYGaPQ9Leu3lPB9bt2/AtwJGDb9NBeE67H699th1InKTgQDT7eiuLfQmKWrJh+yH
+lZ0L647l/974vrAYLGiwmB8d/hZMjqs4FtnNdiUImiSBXnoAqlc4CXCojCBY95v4
+fD7LU3Zs2/BVpuVrDUK93xZTqmXt//yAxmZB2+y6j/ZQZuRRFP4z8YzSE11MwnVf
+ayrRdtiSdjuR59gY212k2h46gWh8Ira6lxSBAPPm8EyIUMXV0uizc4gi7RdLAvu8
+7wIDAQABo4IBXTCCAVkwEgYDVR0TAQH/BAgwBgEB/wIBATAfBgNVHSMEGDAWgBTd
+BAkHovV6fVJTEpKV7jiAJQ2mWTCBgwYIKwYBBQUHAQEEdzB1MFEGCCsGAQUFBzAC
+hkVodHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb21Sb290Q2VydGlm
+aWNhdGlvbkF1dGhvcml0eVJTQS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nw
+cy5zc2wuY29tMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwQwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybHMuc3NsLmNv
+bS9zc2wuY29tLXJzYS1Sb290Q0EuY3JsMB0GA1UdDgQWBBT4gS7fm9A0gT8lGwsb
+oYybKmFj9jAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAG9vdR+R
+5kgg8+afbU5n56WuUmT7CsOSn5FvhKdNy9XVVoUQWBbyp8oep9kGZ45Ch5I3HSqb
+XluDSkT1BbtRb2JO/mQUdLq1j/ZDYDUjNYy/uD6GYuenXDx4n63M23NKOEOJt7GA
+lvbSkRkOoEUbzpkUORReKdWCSy2SVnag4SOBFmCN9g24RarydS/1sTNFWR9gK6vL
+1ZIyIPd+QJl9VMwKhyme0DLWJ8wkS/bWpt8g7P7U8YHriswbJbZAgdFtLa7bIKVc
+yWHi7BWfys+Hq0kd0Z4jyU2yhCe3JFjKBbb+RUiAhg59S6uIKEtmuQnYtdvEArvu
+uqr2sUoXFx7c6GLAtnLnL60QOHdOUodDY2DLq8pU1+8OTgKZmVUeu4DwwDxLttsJ
+/w/mTVzDT30wv6JOTABBPlTHv71QnDEesYWUDU+wyStODvl6Cgvd6KwTfpuPv/eO
+9qtehyInvix8W7jSmG1n5rFbQmQZOi1NJo58mYAYMr3nsY4Xw/bv6UYcgrXl0II3
+YbzZN4s004mYZG45zjMalcLT4ryTA8+VsCtkIOEquEXQVod4NEJkHO6jQ2X3P6xH
+XfTR1PDRN29FP4/Mho1kQn/6/OWNj3Mvh6xLZBzqXqF0gwoiM7Ix4l3HVqKKfm2M
+QIkZme3WbNafh5/ZcwOevvGN3oTdnCciesG6
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDezCCAwCgAwIBAgIQPcAH56XNTxuCv3DL7xgR4jAKBggqhkjOPQQDAzB8MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTA4MjIxNzU2MTBaFw0yOTA4
+MTkxNzU2MTBaMHAxCzAJBgNVBAYTAlNDMQ4wDAYDVQQIDAVNYWjDqTERMA8GA1UE
+BwwIVmljdG9yaWExGjAYBgNVBAoMEVNTTCBYIFkgJiBaIENvcnAuMSIwIAYDVQQD
+DBlTU0wgWCBZICYgWiBUTFMgQ0EgRUNDIFIxMHYwEAYHKoZIzj0CAQYFK4EEACID
+YgAEUFkKxdALH5VvVS7iWZv79rLQIAZDvkyNfMXeBiE+csb+/0vARptrSnEklTXa
+bWtzFRRn0FsOeZJBqEwyQZWeH7eSx5wKMv6yOsFWr3RTRylIvmt4lnHbop7Hf7Lc
+KyKyo4IBUTCCAU0wEgYDVR0TAQH/BAgwBgEB/wIBATAfBgNVHSMEGDAWgBSC0YVz
+MOc1BNOOApL75aTRxCHozTB4BggrBgEFBQcBAQRsMGowRgYIKwYBBQUHMAKGOmh0
+dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTGNvbS1Sb290Q0EtRUNDLTM4
+NC1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29tMBEGA1Ud
+IAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwOwYD
+VR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybHMuc3NsLmNvbS9zc2wuY29tLWVjYy1S
+b290Q0EuY3JsMB0GA1UdDgQWBBS/IgFt4rawvc5eluZy/iYAjxIx+zAOBgNVHQ8B
+Af8EBAMCAYYwCgYIKoZIzj0EAwMDaQAwZgIxAPhhEfH4DgzsgfO7+w1ooiVALU2y
+ALpG7Rtd2hteufplV4hs7H/yfmj2kZXBzPpIwAIxAMGzBpqNkZbOVqz8izwA6WfJ
+0ppdv+mBa9cNkeWfCV3QntT1kw+F7Hfc6KZoqWSSBg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG1TCCBL2gAwIBAgIQKeKCeAGZ2nV6Gzfgc0Z7NTANBgkqhkiG9w0BAQsFADB8
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTAeFw0xOTA4MjIxNzU4MDJaFw0y
+OTA4MTkxNzU4MDJaMHAxCzAJBgNVBAYTAlNDMQ4wDAYDVQQIDAVNYWjDqTERMA8G
+A1UEBwwIVmljdG9yaWExGjAYBgNVBAoMEVNTTCBYIFkgJiBaIENvcnAuMSIwIAYD
+VQQDDBlTU0wgWCBZICYgWiBUTFMgQ0EgUlNBIFIxMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAp73icH11v+Ryv9IRAEo15dXST0shw8wEg/Fps4aZjdUC
+zKt0o95Tl98CXM9ShazXawrIXwPbqTKXbmza/7xIVALzhtpla2ssG7ardEFAYRgd
+ozXh24pLnFXF8t9IQd65dVMfu+B4irpb2dxvXnzV3RdJyKtsr9Z9WKLxtuVFO2OQ
+c5H0o3VDaBihsq5SEXOAyztX7p65wn87E/IoGVHT2LRz3LuFKgTqIjrY3dB2o5rq
+lbK3nhsmeg8iU7nUR4c51PFJ07To+ki7bKJu+gtkFAiOf2Bqp0rIUQ8BixNFNL/6
+huuBAnEO2Rovo535g15SQakpWcIjMy3f+RAOuhZ19TC1LtWcLby0YLli3Q52/1do
+jDoAorRSsqkdwkRyMUd2Xci1QgilJnp211ognXcQKio8MQcWyEj+UWeETjrPpiJZ
+pflGewf2gceQOxLxRaJPQJYdE8vq8WyjCwE8WCE3Y3OcmQrR14rMP+VE4wvRprFX
+L3zsplDsrrFME4F78mEK/kLN3E94Sbf6OyQ/jz0N2g0o+twQH+ZWc2zBF3D1D2gj
+mGHgMsVnnw3dwylJKHKLofhAbLgu5t4PlG26gX/UqzHMjI0qTwZr+4ryO8E9/JPY
+bnBdRXQDujuGdoIa1cYiqdtWIe27Stt+atq3HrP1n35gq7J3il/5AKIt1AlsO00C
+AwEAAaOCAV0wggFZMBIGA1UdEwEB/wQIMAYBAf8CAQEwHwYDVR0jBBgwFoAU3QQJ
+B6L1en1SUxKSle44gCUNplkwgYMGCCsGAQUFBwEBBHcwdTBRBggrBgEFBQcwAoZF
+aHR0cDovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tUm9vdENlcnRpZmlj
+YXRpb25BdXRob3JpdHlSU0EuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMu
+c3NsLmNvbTARBgNVHSAECjAIMAYGBFUdIAAwHQYDVR0lBBYwFAYIKwYBBQUHAwIG
+CCsGAQUFBwMBMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmxzLnNzbC5jb20v
+c3NsLmNvbS1yc2EtUm9vdENBLmNybDAdBgNVHQ4EFgQUlVK3WHS6D4gXrL1fuCEZ
+a7LyQh8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQDzp8APpwaF
+Zl/4309HDyUrY0vmzoW5TC/OrR5Xz4pchQxYKT4GQQFrSTN1uR+4ffwei1GC3MPn
+J3b8UUercrSGB6cZtNH92dhV6GBEBXVWUGKhFISZ9DkCVs/+0NtvsFJWNWeoWlWw
+4QtWH1Ii2Pkizqbn8VAFCMHB5EPTShu8Ob61F606HGHmY51GLGiH1bVyGDEiXu69
+Bm4wG0Q4Heq30IJVHqGP19BLSMgml298t89tnm+CjxWoLacmGn4EvQG/owL/HQOR
+l+q4WRPj3zkq1Wke0LZbbMV6rrn0uX5Q3IndWsWYJRl8ElKq12+QRlp5MYXQU8wm
+t6/w9WBxe9biseEGBzeCVSLtHO/WN3axz8gQi79x/Ybo+FPnp/mA6+LTInnf0Xee
+CUYP1l20dyIWuOlFx4hjW4P0XK7Ae6rQ/2zWIu2mCFuEfFWi2Dm9fUP5e8YWv3ay
+7GTXe2sqkNETOg4aMJl3muuOSUdIeiJChVjH3x40SJYUyX2uixJNjE6Y/Ro9gQUq
+61tZQ3dzG/op4UCfiQITyBBSDFrCmT7c1K3jsH/7jBSZ+joqsdM6Qc9QK6i6HUU4
+9iFR+hK5U9SnSlIe1l+39HZqV7pM0VLzlfdEsu738u5v7pFl2MZMx2jPQrHYsXVU
+avqNcLyWUx9JTwTcDZYs+VFW4pkqO2r/UQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDmDCCAx2gAwIBAgIQdryJRFXKoqnDjF2wM0LKdDAKBggqhkjOPQQDAzBzMQsw
+CQYDVQQGEwJTQzEOMAwGA1UECAwFTWFow6kxETAPBgNVBAcMCFZpY3RvcmlhMRow
+GAYDVQQKDBFTU0wgWCBZICYgWiBDb3JwLjElMCMGA1UEAwwcU1NMIFggWSAmIFog
+RVYgVExTIENBIEVDQyBSMTAeFw0xOTA4MjMxNjQ1MDRaFw0yOTA4MTkxNzUwNTla
+MHUxCzAJBgNVBAYTAk1VMRgwFgYDVQQIDA9QbGFpbmVzIFdpbGhlbXMxDjAMBgNV
+BAcMBUViZW5lMRYwFAYDVQQKDA1Eb2RvIFNpZ24gTHRkMSQwIgYDVQQDDBtEb2Rv
+IFNpZ24gRVYgVExTIElDQSBFQ0MgUjEwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAT0
+WtwCjq1z47UMJY2mOmm5L2sFmFoiWdmTNciVi2Mp1P20CHaBFXRscpg6GqldT/Bi
++elmrtg9UArxAMHG21sYWexJV5Eb63CMgM5Sn0Bls/V6ojCe7ERYGBZQB59wSRyj
+ggFyMIIBbjASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFHpgi6RpBnce
+sspO95MbmWmR18WEMIGFBggrBgEFBQcBAQR5MHcwUwYIKwYBBQUHMAKGR2h0dHA6
+Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTFhZWi1JbnRlcm1lZGlhdGUtRVYt
+U1NMLUVDQy0zODQtUjEuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3Ns
+LmNvbTARBgNVHSAECjAIMAYGBFUdIAAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsG
+AQUFBwMBME4GA1UdHwRHMEUwQ6BBoD+GPWh0dHA6Ly9jcmxzLnNzbC5jb20vU1NM
+WFlaLUludGVybWVkaWF0ZS1FVi1TU0wtRUNDLTM4NC1SMS5jcmwwHQYDVR0OBBYE
+FCE5ZcQExVijGfhoNr/YJ+EY4GIwMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQD
+AwNpADBmAjEA5aZhDA7hDMbRZBtXLJeaGMWpG96AXEH44OQM7MtwWXnj/4xQNtj+
+KMiJH50gd7rvAjEAyt6rOLT0lPlUX0EnbEIe3/60DyDFqO3fBmgDlf64kZlYamJP
+1CfNbFO7uJdTf3pi
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG6DCCBNCgAwIBAgIQPlQaAYTNj91pdis2KgzX+jANBgkqhkiG9w0BAQsFADBz
+MQswCQYDVQQGEwJTQzEOMAwGA1UECAwFTWFow6kxETAPBgNVBAcMCFZpY3Rvcmlh
+MRowGAYDVQQKDBFTU0wgWCBZICYgWiBDb3JwLjElMCMGA1UEAwwcU1NMIFggWSAm
+IFogRVYgVExTIENBIFJTQSBSMTAeFw0xOTA4MjMxNjQ4MzBaFw0yOTA4MTkxNzUy
+NTVaMHUxCzAJBgNVBAYTAk1VMRgwFgYDVQQIDA9QbGFpbmVzIFdpbGhlbXMxDjAM
+BgNVBAcMBUViZW5lMRYwFAYDVQQKDA1Eb2RvIFNpZ24gTHRkMSQwIgYDVQQDDBtE
+b2RvIFNpZ24gRVYgVExTIElDQSBSU0EgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQCGI5ReQgKxf+3/jAAU9Z8+NF7BUjYm9NsFSgHaULZSluKm5SCN
+2bmfBkp3rGNCx0s2ndUNQGnb3UxPMjHPTcpGt9dVxflREuI/QURHozJl6yz9b2B+
+xuAVNYZGuNOnWCK3I7YZqr2awZ3DaqaFt6oGNwkOsSBaG0tIhDBp05OJCwIBTYyn
+GTp8hgyAWkfpEuZRpKXCuuOtb1p1hJTkGZQiRmQ747Nns9Nmu72CwP4zA4d0P0dE
+2NwAD4XPaFl00LVy8M5LxMHJfhlH76WM+dX7pxrJXOef95Wy26y+eAky/FbR1cWy
+j4erobCa5EN2HF29HCbPm7URlxYdMPu6fS6nmyib8lRmyShJ4HuwhBVQ8vIFFunw
+dnk48vyriMClOU0KxyUj6oD1VH/Mo4n/O/KCSAwQFas58s6ruXLKUD/IS3f0FwER
+wl5318/cVuv7Sgjw8iARY/NE0mRTemxtozHwgqjKBKCNuQB0ETvC93yhF6WQ1+vp
++w1yOj60ldEVRI11jp04vlnP04OGxIKOAooF0DrjpfLp7kjSP6Bx/ZSgQBy8SnDb
+c7oQpn5xNprA0AcNs6P/VBVZbC+NoVTf/xG96oC0dHQpyivsUcfpXsGL/Xr0dm0t
+djbuhEKs424JyprBRJqusX1KqrpM7e/y6ACE4xMvT7NVJfhzQzcngzUU9wIDAQAB
+o4IBdDCCAXAwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBR7L3E99dE0
+5O8bwXQpz0jxNPJz2TCBhgYIKwYBBQUHAQEEejB4MFQGCCsGAQUFBzAChkhodHRw
+Oi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xYWVotSW50ZXJtZWRpYXRlLUVW
+LVNTTC1SU0EtNDA5Ni1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5z
+c2wuY29tMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
+KwYBBQUHAwEwTwYDVR0fBEgwRjBEoEKgQIY+aHR0cDovL2NybHMuc3NsLmNvbS9T
+U0xYWVotSW50ZXJtZWRpYXRlLUVWLVNTTC1SU0EtNDA5Ni1SMS5jcmwwHQYDVR0O
+BBYEFB+6L7iQRzAZd3c4kYBHq/NanD9UMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG
+9w0BAQsFAAOCAgEAQ5HhQExzB+hd1bIDh2/wHXkc3C3F2VT/GeX5/bUB28k5fQDx
+VWO5bhi+P339Jowd/76zBxjD2sw5RPw7UepBAsZ1/Dt9Srbrrla0/HNoueDZgnoR
+Eh7MolpVc+PGFBzV0OkRXLw4BK1/Xlj3H674DJ7/Zp6csbsthdvHqx5KDcAEA8OC
+RV3pQwu/veQ2Hu/me5/sxPIH87181wdXZ9obkzeySjloqIBPFoHvtr+zYVZUptqh
+QJgYBCMP/RVEKWmMUpEnrt21YzgA6qotRequtnLtG7WIZoaf8T2/V/UqDOzo94nE
+y89vw5TxaJ/sQCIOPA6NFzHrJ9dCPflqOPnbQiBTNv4e1SGm9R8dBNwboKVJgT22
+7t40Ygl4o9yRQbQxaHeTbhwmOse0WoSD77tppwIySdVrDl3Q81sliX173UYRgI0B
+kltywboe2eR0kLI2bdNHtUYqHlgNM6pV9Tye8FOFjkLpi6LeAeLCUr0eufrbBjAB
+E1GKWn0cM77+BpjWADA5LWE+DzTElDiW0EL994lvOkB/qHEZ+yD0AVETjWh+BRi+
+v8t0TcisjXHLrLD50HgRbQyBIpHwXqwSEYPaq6wAPtKkNgieQjA6iK9MHI86TAei
+YUUM6vs1ucyGTxPcoNPJQfCQpEUqepRC0ESMpu+1+om1xkzUe0b9O+VdY/w=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG5DCCBMygAwIBAgIQNnfTOwg6tAYHZn3EGE7+TDANBgkqhkiG9w0BAQsFADBy
+MQswCQYDVQQGEwJTQzEOMAwGA1UECAwFTWFow6kxETAPBgNVBAcMCFZpY3Rvcmlh
+MRowGAYDVQQKDBFTU0wgWCBZICYgWiBDb3JwLjEkMCIGA1UEAwwbU1NMIFggWSAm
+IFogU01JTUUgQ0EgUlNBIFIxMB4XDTE5MDgyMzE2NTE0NloXDTI5MDgxOTE3NTQz
+OFowdDELMAkGA1UEBhMCTVUxGDAWBgNVBAgMD1BsYWluZXMgV2lsaGVtczEOMAwG
+A1UEBwwFRWJlbmUxFjAUBgNVBAoMDURvZG8gU2lnbiBMdGQxIzAhBgNVBAMMGkRv
+ZG8gU2lnbiBTTUlNRSBJQ0EgUlNBIFIxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
+MIICCgKCAgEAnAY9K76OpTgu/wjxhGuLHx39MLlxvOeqq534Q7loMTMlMGDj7Os9
+j7tHcB2dUx1fnfzNW2IsJ0/zis0qPDQdjE6zpyYMuMdJJc8LWFGHvLw4Nok+aK+q
+TYFVlPEBVZ3PfQ4kVU29fC/q6uci0sqrZczpdlynNmMuQMhMJjmiq/rdEO4R10zj
+M+/jDI/ihbv1kycFIGMD7Op8kmTkPj9yvkrzQW/7/dGLvyn/k+g6ay/qotfoCihj
+GNfowJ4y7QUyEI9n+/7mMQ4ZHE+ysC6B1f78ZG5TnK3tNR77HQfY8vP+geuD/re2
+JcQcbkhCLrrxxO2XOYFO1NsvJ1ezkc5VXMipk9PmYJ/IW+MTqVM7lD3U66+jJKVO
+M2K5YxePIlP3zAr8R6cF6hcorvHhR2askupiwZm/nP5Bsr2f08UqMRHJ2kUBo66p
+FhXu27taTt4j5nSgVdYXS6lrtPwiqxELCVVesCkTIQcrgJGDXjF616UG41F4k0yE
+9Gxw46Hjqgck1XLRJRe/TfXDQmE7xwkPMc2s58cHPx9nFAKx4qrd2b/S/QGVJDtS
+iOGXmpt/4zuox9zV0GVtKG5/oIbexCWReRUgA1rEfKz0REQdkBs794+mDRVpNsO5
+MrGaRDiKMQWd5OcTAuKR6mtLS71jxOEidg3TLbQe7PEMi1o7UlfO64kCAwEAAaOC
+AXIwggFuMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU+IEu35vQNIE/
+JRsLG6GMmyphY/YwgYUGCCsGAQUFBwEBBHkwdzBTBggrBgEFBQcwAoZHaHR0cDov
+L3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMWFlaLUludGVybWVkaWF0ZS1TTUlN
+RS1SU0EtNDA5Ni1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wu
+Y29tMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYB
+BQUHAwQwTgYDVR0fBEcwRTBDoEGgP4Y9aHR0cDovL2NybHMuc3NsLmNvbS9TU0xY
+WVotSW50ZXJtZWRpYXRlLVNNSU1FLVJTQS00MDk2LVIxLmNybDAdBgNVHQ4EFgQU
++KRqKcUSlYfK1U6J/EcaIfN5i2owDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB
+CwUAA4ICAQABCusqNrQgaqhCqgrwaMpgl92zMckr6mhI5xiX2UAY8RSEteMVZYuU
+w9E3sSd3xU5MmSMNL+ijgFVbzfFzVWGmjRfnflHsbUOBQ8o0PBs3sdtDJ0X2lAhB
+vv/pJSQX9fj+BwW7WpSyEetcNShZxjBp2tRai30EeDtzEopPZyKJ8elDVlL/Bf/z
++2UTgD9Rpbs8dNMiYj8HUpyzFeDMyf/ehKB4ZuzC+EsQoEnOy7BvJsOdBVNgHOdp
+VXXKZtnzJgQybRtcCEQTyqaoIDRCLKwqus5lcvWsIqxuQCUit1aVSqHLyIFsXxLa
+IyI6OfzgiD98Yh21iqVMgUFstO2p37QptCkfbyEE+VTLq+F5iNuW4msubmG+wID1
+Srg9ORToMMmJodcw1NJz4lFkjUy5xFpBMgPbXgHyKwGnIYgDoJdzI6x0ycddO2xE
+yDqZcVUxWByDBrxCWBxwH9HwXOYmeD/eZKfeIwye+p38Qux0LJNRiXPYZYmU/e18
+FzcJsLyUpIrLHCkVk9axWa97+Q7GOcHeLgbdwThC+EY/lHhdl7c23Ut79AaLrbbf
+2HAzMyNmYwJGokJUihbcASXJq+aOFY3ioA6OZIr48razeczRfgZZn++J+CAKTCx2
+y2CXMa7n83/8JgGo9BZdT9ATAQ5YsE1NHNklDYEn4Oiku80V014X/w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDijCCAxGgAwIBAgIQHqBhcachemjDo9LjK5YybjAKBggqhkjOPQQDAzBwMQsw
+CQYDVQQGEwJTQzEOMAwGA1UECAwFTWFow6kxETAPBgNVBAcMCFZpY3RvcmlhMRow
+GAYDVQQKDBFTU0wgWCBZICYgWiBDb3JwLjEiMCAGA1UEAwwZU1NMIFggWSAmIFog
+VExTIENBIEVDQyBSMTAeFw0xOTA4MjMxNjUzNDhaFw0yOTA4MTkxNzU2MTBaMHIx
+CzAJBgNVBAYTAk1VMRgwFgYDVQQIDA9QbGFpbmVzIFdpbGhlbXMxDjAMBgNVBAcM
+BUViZW5lMRYwFAYDVQQKDA1Eb2RvIFNpZ24gTHRkMSEwHwYDVQQDDBhEb2RvIFNp
+Z24gVExTIElDQSBFQ0MgUjEwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATQlO+0Gm7H
+epsjUfCZUUAcKnqjQlkRCbBLRkHrsYEQCVoKcGPow6oMVxxacjv3a3QbfmMwOv6y
+NSPYzrdYT8xVVX10eqSgoifOF+Dc35eXCERfPeiFyI62fe/ohRdnG5KjggFsMIIB
+aDASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFL8iAW3itrC9zl6W5nL+
+JgCPEjH7MIGCBggrBgEFBQcBAQR2MHQwUAYIKwYBBQUHMAKGRGh0dHA6Ly93d3cu
+c3NsLmNvbS9yZXBvc2l0b3J5L1NTTFhZWi1JbnRlcm1lZGlhdGUtU1NMLUVDQy0z
+ODQtUjEuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTARBgNV
+HSAECjAIMAYGBFUdIAAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEsG
+A1UdHwREMEIwQKA+oDyGOmh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMWFlaLUludGVy
+bWVkaWF0ZS1TU0wtRUNDLTM4NC1SMS5jcmwwHQYDVR0OBBYEFC9xQzyNSj5okcfK
+rSxHcI72jtAHMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQDAwNnADBkAjBhKtmQ
+55sO+b2BlhtKpg4UEtKOC5u/AXIjaWml0X1x21RX1C7SbKy/8T2nhBOdYTgCMBAM
+j9NCW6aEPI6ohyXgyg7Tij2bXyPEzyO4bRYBigYfvvMfa5G7TKcpUJ7rnUEnkw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG3DCCBMSgAwIBAgIQENxpdkmEj5PYSRkDGI+BezANBgkqhkiG9w0BAQsFADBw
+MQswCQYDVQQGEwJTQzEOMAwGA1UECAwFTWFow6kxETAPBgNVBAcMCFZpY3Rvcmlh
+MRowGAYDVQQKDBFTU0wgWCBZICYgWiBDb3JwLjEiMCAGA1UEAwwZU1NMIFggWSAm
+IFogVExTIENBIFJTQSBSMTAeFw0xOTA4MjMxNjU2MzFaFw0yOTA4MTkxNzU4MDJa
+MHIxCzAJBgNVBAYTAk1VMRgwFgYDVQQIDA9QbGFpbmVzIFdpbGhlbXMxDjAMBgNV
+BAcMBUViZW5lMRYwFAYDVQQKDA1Eb2RvIFNpZ24gTHRkMSEwHwYDVQQDDBhEb2Rv
+IFNpZ24gVExTIElDQSBSU0EgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCJTB1raY2E4uFRGRjv8+jrLV3iuMxWoskHnn/MeZW+pdX0nuDgObYUgLiH
+3okw2zRl6V8aDdUsTmMYEvHcsxNgPaHVZTTuNSuzPndFLO1DPlLn41ZI4/wcFf47
+mPGaHKvQTYKArP2eWbEsTO/4SW/neVF1FsVrHLH3sgWBs23DT3UccheIdGm/XPG9
+gahsi751qquuntKhDqOgMu+OYbODi8MFqzRuXvvn081HQSJzbtxQ72JHwzeWvKtI
+8qpDezwWJAHnmQPVY4HO3IMXpW6S+PcDUlH5YNJaxZqKLoCQAKQpp14cQRzgz064
+DK2hjwKjoQA+luPD3IH8IuGDL4nU+eAGopySZPR81YbAm7qCsjmf7+T9F4dafmG0
+AQmFbRS+fJgXPJsMfMQRiD1bKGiwoY+0hC3htfFlldO0fTz+q+1aTlb7IfCC0fXT
+bZyxqPbj1V8lyyPH4OQunKglJ4qetjHoFqghIbfMnTNguGb1uH5eEua4gs4TjOdi
+PM5qzQSlkCE/DDJtFcKs6DEVGPDMf921CfJtT0CvMQK1UnzxiLvSwPwhaObqomwE
+A5fHz/U1RsVu8MMtFP1baAzxX+SqbqsQNuI5QLz+C9z2800+qlqONfPZKi6aaR8L
+HrXSiBPpzZJB3c/9DmA7mkwNTItKepfeiX1NIP5d6SFXdGfmHQIDAQABo4IBbjCC
+AWowEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBSVUrdYdLoPiBesvV+4
+IRlrsvJCHzCBgwYIKwYBBQUHAQEEdzB1MFEGCCsGAQUFBzAChkVodHRwOi8vd3d3
+LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xYWVotSW50ZXJtZWRpYXRlLVNTTC1SU0Et
+NDA5Ni1SMS5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29tMBEG
+A1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEw
+TAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL2NybHMuc3NsLmNvbS9TU0xYWVotSW50
+ZXJtZWRpYXRlLVNTTC1SU0EtNDA5Ni1SMS5jcmwwHQYDVR0OBBYEFPpzVVzum19m
+UXtHEqUiJlCeFv7vMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEA
+mKD5+iBvviSgA+AACz+9qcY7elrEXq4msuAp2emcDm9GXvnOajj6jZ6EI7c+nnXt
+kL7SDHBpwgz/q5MZT6rTg0juXfBgP+dgUvSy5x8hbruDPTsIa7Slb7Ph9hFie9Fx
+fGpdO/q4tco3jDIAEl7/WKtWIkhGvW6J/9weQPdNtfXYPQ05/k0oOu4pNywfPFao
++fUutj4HZbvAewGoTxSL4pSL52x8ahq41LBCgoRjuJppVo6fBGDwVGu+ZCFTfu3q
+Uv2f2KHsXIJUbU9e9DGcHRDPP4Bb/b4buTwVpo6E1S1p59V1MzeZt3n+RbdRNTmm
+5QDhPxtgqIaiignWmub7gG4heAwMCyxPMt8sLdxp4Yoj5YKhDm26zRgmouG0PTv5
+eakByC6+qGhi6ysGwRO5xBO/ROWQsGaHBagyKzsNRbclKQUXAR/Wi5OHbJOAZzP6
+Xpo1CKOBRBPwU+72P7N5KmGA53T4TfGgw8Dxch7PYndu6wmA23syKt+YgL3hv6LI
+uiB+DTPMOfAkhPHRfW+YUTxSfLancutHXlD8H18OIMncqaJ0iL7+TihntX0YJz6/
+VRI6uRwGgawfQmeO9Yoi0/mE8FjaA+NF5/lOksBPjtwX76b7G1zyu6j1XfI6kt8n
+OVWivmRvu2HCAhYl6vLEn8ykekrKl2SFCVnAZnONH4Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGpTCCBI2gAwIBAgIPAW0aTZSVG6MpSgwm0GJQMA0GCSqGSIb3DQEBCwUAMEQx
+CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE
+AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0xOTA5MTAwODMwNDFaFw00MzExMjkxMTU1
+NTRaMFAxCzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEl
+MCMGA1UEAwwcVGVsaWEgRG9jdW1lbnQgU2lnbmluZyBDQSB2MzCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBAM44Pcw/C+8y524K1KID6MyFIGZXSiDGg9HJ
+PeVusVlIBkxiQHb5DlL+oly8J5jLehYawMR9GXREXh6NY+et8ak5E04BRku3t66Y
+v5ato7CLdPfKuHfpK1cu5ZHjETt8K9Dq4bpYIq4597MBpO+EuVSmuDM/VdFz3WTw
+xuqyJ/mwQZvtZRGQJClLsf9oZTygFEsZ9rXAsQZGJm8K5jQRtIfGmobXP0V/Arud
+lkKJvW9+QjQmZC7tuHlBOPCRJeP3j1EVda0omlKEAR+D08muv/5AD3Jr+oZ6BMH0
+FeOy0oEhEX8YigTEXM/Fx/NHc8C8OqIBDJYEN9Oo+Oe/sHCsU+NdGYETkeqtB3GH
+OlXSCIvdyzKuHeTNnWt7rfANiiJc3kBvfy8jJsEl4fKs2mGznBtWUmVXMt0w6NI2
+Hyj1VBiC080pKr+7s45tgVtys/W4ZgSTVKUO7C632AJ0w8XqQM7YJx2/CRDWnv07
+IjfkpcKL3U1BWKxt5u2MemzZBj8b7tYBOKu18JBDtOW2mB9meJCDi0AJyexkz1/I
+8rgQnjrmoU403+s/TklHWgcsuGSBM7Z6bA/CQSGAKrd41sqXrFOaUTY42D73FWlV
+maNaAViGL5LyuZ2wa1gsZdUAQ95VmF6sNYbUpDTghq83xInp7giTy4CakuBfUVQR
+opOdRspxAgMBAAGjggGGMIIBgjAfBgNVHSMEGDAWgBRyrOQzeapFh/b9rB2e1scv
+htgkOTAdBgNVHQ4EFgQUNhcQjp6GnyZ/1XVC+tN7wpBZ3lQwDgYDVR0PAQH/BAQD
+AgEGMEQGA1UdIAQ9MDswOQYMKwYBBAGCDwIDAQEUMCkwJwYIKwYBBQUHAgEWG2h0
+dHBzOi8vY3BzLnRydXN0LnRlbGlhLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMEEG
+A1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9odHRwY3JsLnRydXN0LnRlbGlhLmNvbS90
+ZWxpYXJvb3RjYXYyLmNybDAgBgNVHSUEGTAXBgkqhkiG9y8BAQUGCisGAQQBgjcK
+AwwwcQYIKwYBBQUHAQEEZTBjMDgGCCsGAQUFBzAChixodHRwOi8vY3BzLnRydXN0
+LnRlbGlhLmNvbS90ZWxpYXJvb3RjYXYyLmNlcjAnBggrBgEFBQcwAYYbaHR0cDov
+L29jc3AudHJ1c3QudGVsaWEuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQArKLVX3/8M
+Ih+MSkuKrMchHvg4wpex2jSuZnRtO0H/xEQqMm6BJQgkW/6rNx/Z2+Pt2JHGXnjS
+yE7kcyj7051ZQCGzm3P4GaIJekBkyZCUQOqTdx8lmcGix7guXQ7bnaeLSyI/+cCG
+kKv2E6n1r6QN22GcGzUJDQPNK9As2wwwB2RReOofYmclw/OaCp6QY9Qb5BLWfbhm
+gixCm41+RpZcq82ECYpO5P4g212AP5q8eS6TrDtLHAPi5LE42m0pUXF1hWoxt5lQ
+DXb7luToFBh6V6eEvbG07Tse7gcX/1SeHpUyRfu0hD0kMLcUPJQQfssy0MN3/c0C
+ZdkpknU3TIfNdRReuz3G16AV/h4vkP3UVGz2b1qwh7x3u7eP5/rJAjv6IH4DKEIP
+QbPZmK0xsvVGa7QJRfDPaF2vpK8NqImGlmul+i150Za8vWUZO3hbMqzjnjCkFKqa
+LbHTm3Qcxi5OjZYfOyRKCsORqoUOVqxSUMho/5IGVu2KaRea9TBDamNGJTod2fbH
+UspE/eXKu+UGHKQZt/itRinHLZt+2QRxFIw9H0L1irO349/t0JMHyiDFWqVzENRV
+7AbMq3yMZgSYO5dKCqwv+QIjSBjUpVpWhgs0mq2gcd79hTZ+9Ua+7QwcyRAW5unV
+2TdDodkBldkQwuPkhMM9SF6y0ZsVvHqdHA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDcjCCAvigAwIBAgIRAOfd9mwFGtjasIJizHRQhlswCgYIKoZIzj0EAwMwgYUx
+CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV
+BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYDVQQD
+EyJDT01PRE8gRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDkyMzAw
+MDAwMFoXDTI5MDkyMjIzNTk1OVowXzELMAkGA1UEBhMCU0cxEjAQBgNVBAcTCVNp
+bmdhcG9yZTEPMA0GA1UEChMGV2ViTklDMSswKQYDVQQDEyJXZWJOSUMgRUNDIEJ1
+c2luZXNzIFNlY3VyZSBTaXRlIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+SwgzCUUkIkVw4H4giDhCokjj8mjYb/KPvEaHZhf2T8B+GNbfnYzbqXTQYpU7ptq+
+3KDOsuVP3Mx0BpwMD3I5JaOCAWwwggFoMB8GA1UdIwQYMBaAFHVxpxlIGbydnepB
+R9+UxEh3mdN5MB0GA1UdDgQWBBR4fKgayZipkmHEn21OXXhPsO2bYTAOBgNVHQ8B
+Af8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICSjAIBgZngQwBAgIw
+TAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RP
+RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDsG
+CCsGAQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9FQ0NBZGRU
+cnVzdENBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29t
+MAoGCCqGSM49BAMDA2gAMGUCMExm7Wsd8zytcqlXtWwl2g2guSPFVc4rqNNUx6S7
+waBhMZYX33rUTzdY2vloM/xuQQIxALGtE4aNbeRoyOX96W7PIAOMhS6i8bVJvfvU
+HqSJ8y8+em2eRoxZFO0Wh/RJz8cVzw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGazCCBFOgAwIBAgIRAKhuXfOU7lgWChRYNgaGGN0wDQYJKoZIhvcNAQEMBQAw
+gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
+VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDky
+MzAwMDAwMFoXDTI5MDkyMjIzNTk1OVowgdUxCzAJBgNVBAYTAlNHMRIwEAYDVQQH
+EwlTaW5nYXBvcmUxQzBBBgNVBAoTOldlYk5JQyAoV2ViIENvbW1lcmNlIENvbW11
+bmljYXRpb25zIChTaW5nYXBvcmUpIFB0ZS4gTHRkLikxNTAzBgNVBAsTLENvbnRy
+b2xsZWQgYnkgU2VjdGlnbyBleGNsdXNpdmVseSBmb3IgV2ViTklDMTYwNAYDVQQD
+Ey1XZWJOSUMgUlNBIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VjdXJlIFNpdGUgQ0Ew
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCBMZ2lvxfBjrkQW6Q2aLZc
+uHmkfHuDZNRgQMp0G2bSa/grhEv9pH0cB2IU9tfU8piHTa+ClyBL+vRGkauWJbLg
+ZVs4gsx9AtBWVf/7kjlE4jUzfN+XxxsDFq6JPN/LBSkyHKiPclftX7kDhyy9+u8c
+TbxSt+YN2sNtVnznjTkBREnn9gk9lHSuGSUOM7wEnk6AbC4XieFeKGQKaA4Ldj9y
+CKZc/nnO9F6C9ki5aYNY1ECwMiThbIaNp8OM72QfulpHNrJdNS7TKByoxzzUGLQK
+4Ps6v3It4ZoZ4QTSCErOxj6GFGBuEMfNH2b+3QgeGV9CK1lIO3rojWZSbuZxrzbd
+AgMBAAGjggGCMIIBfjAfBgNVHSMEGDAWgBS7r34CPfqm8TyEjq3uOJjs2TIy1DAd
+BgNVHQ4EFgQUPMFMp1pckwhuT7xx3NsvgNw6bfQwDgYDVR0PAQH/BAQDAgGGMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3Rp
+Z28uY29tL0NQUzBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2Nh
+LmNvbS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEF
+BQcBAQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NP
+TU9ET1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5j
+b21vZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBADt2L6XMH5/jUT3mYy9u3fMs
+iiIV1H09knFKKjX2QaQTD6HBaDRtom2hxb6m3QJJeN6F8WQJ7E8hsNnLEg4dssVe
+ESoLOISK4ndQNvmt0uHkUCHWljOUkoeE6YTQsL2ESCsqi2/8MgFQrwem73Vg0KxK
+Gl+KLRhqUS/5AMMj95sVQ9+RAEkBIqviTTh9SO2pcYuDMSsrok+k6uUBgxeoidgj
+uY9QrwX/U1HYL0GwLY2BpyOs/WokS8kDWAmGnt68HPs3feGE/jfiWtHxSxYOo7YK
+PdaY1ZkLr1qwvRo1F0oocGdofYtMMFt0cf7v9O3CH+VOlDFMWneV/MSlkg6plQEW
+6WcLJ2B+WMsD6u6glz9mdqLzAXj7iQeqwSzdWLFhizfuTUo9r/0FTacU8rXJwh3t
+ouzEMEOpIoXktoSf0xZxdOT6/Buadf5XxFww7UF96oAdx9anzWj3plewa4Sx03Kv
+VysE/BfEXH7ruMDy7VQmK+vrjG9cPwXr4hzAEugmsUHYTcLpqN2NuUexKVtTLCPT
+WAvF3B/7js/G43m9fWOx0+YBUQLe362QDPMVMVKkqyQ0RZeu/LKK2xL3cs/BKuZV
+6Q/ZHUzAiVqY25JrILk15N7JXL9rtQXJ8y4VN3v1LwSiuL51Qs98j7Xht3UMBQq+
+iggOw3Yj1hY29J4L6zIL
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDcDCCAvagAwIBAgIRAIjvLsnJlRQjR3kPY0twPDowCgYIKoZIzj0EAwMwgYUx
+CzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNV
+BAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYDVQQD
+EyJDT01PRE8gRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDkyMzAw
+MDAwMFoXDTI5MDkyMjIzNTk1OVowXTELMAkGA1UEBhMCU0cxEjAQBgNVBAcTCVNp
+bmdhcG9yZTEPMA0GA1UEChMGV2ViTklDMSkwJwYDVQQDEyBXZWJOSUMgRUNDIERv
+bWFpbiBTZWN1cmUgU2l0ZSBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIqm
+HsRVKTsFQPaSIqKqLOoC6Em6oGK2PTxCnK/f6B1S1xjlHaoMoCj+jmHptG1AiS8S
+E2RLsLkJTdJAIAbz6W2jggFsMIIBaDAfBgNVHSMEGDAWgBR1cacZSBm8nZ3qQUff
+lMRId5nTeTAdBgNVHQ4EFgQUtv/4f7o8j7wfhNJgPnpBfFnDB4kwDgYDVR0PAQH/
+BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAkowCAYGZ4EMAQIBMEwG
+A1UdHwRFMEMwQaA/oD2GO2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET0VD
+Q0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA7Bggr
+BgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPRUNDQWRkVHJ1
+c3RDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAK
+BggqhkjOPQQDAwNoADBlAjEAxcFDeNb27HrIGb51OBYozmngJQ/qqaVEl5DFpWHN
+SCCaW5XnxAaLLKtMHl5wP1DsAjBkb+BEvhNjXW+I1HyGivkb08CaLWoteL8v74zt
+zk0DQL+SPzCh09YD8c0MaK4WXBY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3TCCA8WgAwIBAgIQe8CDweXQVGTPZFkOmc61wTANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwOTIz
+MDAwMDAwWhcNMjkwOTIyMjM1OTU5WjBfMQswCQYDVQQGEwJTRzESMBAGA1UEBxMJ
+U2luZ2Fwb3JlMQ8wDQYDVQQKEwZXZWJOSUMxKzApBgNVBAMTIldlYk5JQyBSU0Eg
+QnVzaW5lc3MgU2VjdXJlIFNpdGUgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDS7qdc0xqeMBMWZveI7imMMdvQArd7+PNNHdLFaoDkT4ShQCXxQKGM
+q+TWG0LOpH/+asT+dKKLwSHb7ra/XbfSfg4UbESgq4pUfhznl03SmEyprDRRW33j
+uP1DIIzPxUXAsxcqRP0tl8s7UxIiq3ibYUkz3d2YT1HmcklcVQeh5QQdVUp0uxOS
+wB6k3lwRj42e09wDXLZQea+9tBgfo/rjrSrCFuFj2lv4g8+rZlzlA5UZNG44sRwG
+cjt3JEw88P75jJ4B5/THbHQooaveOnGUsujQDQIiqUwqHXdcQfk6RpyqZyE2VbyC
+IuX4efHx7GEIPkw2e1tTkz0/4iUt1FddAgMBAAGjggFsMIIBaDAfBgNVHSMEGDAW
+gBS7r34CPfqm8TyEjq3uOJjs2TIy1DAdBgNVHQ4EFgQUSYKybJvpj1NJFcTe6xHt
+Ca8Rz2QwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQEC
+AkowCAYGZ4EMAQICMEwGA1UdHwRFMEMwQaA/oD2GO2h0dHA6Ly9jcmwuY29tb2Rv
+Y2EuY29tL0NPTU9ET1JTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHEGCCsG
+AQUFBwEBBGUwYzA7BggrBgEFBQcwAoYvaHR0cDovL2NydC5jb21vZG9jYS5jb20v
+Q09NT0RPUlNBQWRkVHJ1c3RDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw
+LmNvbW9kb2NhLmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAL+lYWlucfi0D5yUnmr04
+eKjG5JuQtG/pPlj22fPfjP3VJMgL04JgvpjXMME7wF75aCMTAGQAuNbhrdOPLCO5
+HUUQF9vPUTv5gYarO1JSnTg6rpzaBABQN5j61++PbbB9wZmYptgKSST9XYpRw1SO
+93JPn8ZwhPNWthaPGvi20a6fl70HPq6GMGaZYWZBGxGfszwGZtA9H6y+vyUyrdgv
+Ltaa2yeO7f1vv3XHI6iT657LWB06MQHTmG57n0Ikj552H+0mtgHVKMlknz07yIMl
+E8eWtd78oS7GAOioph+rl33hYISAVNEJksRjMQsDQZZ00PRhKb5V6odfHmct+K3O
+Mo6W64Fd791g88aPyvnzfyvg7CXJ+G3y25vs5sUOfGuVpH2sZtGTVWkYahQGiWgW
+V8PyGr3WNcVKqGy+b7p93V5lI4eOrmZZr0GxnYUqeLhWr9l00p5HhV0f3AwrWekX
+S72ifC8C3038dnR5FPHtbIf9V1LOcZvoQqXeirQ/DLpJut0oqq6gzPcBMi6Du3en
+SGZsFWriy0ojOkjNanx/YGQznIyy5TKiv2woyc9nYodT3XLGh61hcBwnvBMAGOgB
+dosdCK+hrWaATGG/FSUPR8mPSl0q9h1Jji5MW78Hx6hBEAWE+qetPWaPqDEWL/rP
+ONAmbF3hifrDFvxPGS/68Tg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID/jCCA4SgAwIBAgIQL/Iwi2myrWzCwkckT1fSmjAKBggqhkjOPQQDAzCBhTEL
+MAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UE
+BxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMT
+IkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwOTIzMDAw
+MDAwWhcNMjkwOTIyMjM1OTU5WjCB1TELMAkGA1UEBhMCU0cxEjAQBgNVBAcTCVNp
+bmdhcG9yZTFDMEEGA1UEChM6V2ViTklDIChXZWIgQ29tbWVyY2UgQ29tbXVuaWNh
+dGlvbnMgKFNpbmdhcG9yZSkgUHRlLiBMdGQuKTE1MDMGA1UECxMsQ29udHJvbGxl
+ZCBieSBTZWN0aWdvIGV4Y2x1c2l2ZWx5IGZvciBXZWJOSUMxNjA0BgNVBAMTLVdl
+Yk5JQyBFQ0MgRXh0ZW5kZWQgVmFsaWRhdGlvbiBTZWN1cmUgU2l0ZSBDQTBZMBMG
+ByqGSM49AgEGCCqGSM49AwEHA0IABJGOVMVenSkUdt7ch0h4OHAIqwC74ktgF/ho
+fPeBZftSC71HS2sC/mjTBsvBpn+oGW+o2EJ//RGskBtnz5u0he+jggGCMIIBfjAf
+BgNVHSMEGDAWgBR1cacZSBm8nZ3qQUfflMRId5nTeTAdBgNVHQ4EFgQUic6uOH4y
+RmMRrYSu5BpegCtY5l8wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYE
+VR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBMBgNV
+HR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9FQ0ND
+ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOwYIKwYB
+BQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET0VDQ0FkZFRydXN0
+Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wCgYI
+KoZIzj0EAwMDaAAwZQIxAIq2HCnhuBf6lKSiTJEQpH3dNTgXHlc+RNO8pTe0OzLe
+UBfP8d9LG6Ia/VYWHn2hxwIwV+9Dpkl1txkgo1iHUD2w0/gHo/efbJuMA87LcbEP
+1rINu18vpx0AebuvgQsYRdQS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3DCCA8SgAwIBAgIRAIPowM/8RHJ58/JqUUDj/MswDQYJKoZIhvcNAQEMBQAw
+gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
+VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MDky
+MzAwMDAwMFoXDTI5MDkyMjIzNTk1OVowXTELMAkGA1UEBhMCU0cxEjAQBgNVBAcT
+CVNpbmdhcG9yZTEPMA0GA1UEChMGV2ViTklDMSkwJwYDVQQDEyBXZWJOSUMgUlNB
+IERvbWFpbiBTZWN1cmUgU2l0ZSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALmpHGa4NzTB/tBpTHovbIhi1DVUQZaC7RXrBtW5msz8gCi4YPpPPhkP
+WGvBPP+JRdNn85PDY3PzSCKfg+hTaQmMts8O1PE9/e0D8DHIK5TKrIRFDcDAqXAP
+Z0iZNVe2Pgc2DX7gWD+JMRGNBbsNszVfImcIXqFTuh75UeSdVWAlZcheLRMpJukJ
+SvPIRz+3MidswGNGGVodPHHVNyaojLyPPBKr+odcOFpYTV31D+Q9qlGoOC6DfYDD
+NTC6fQFhbzHEVc4OXk3P/Vs6JA8qf87Pg4q6BabK+jejyIXqAjTt0ySKZF1Fx0/v
+lTBCqWgdVFb/0nLzpPeyYapobixQoM8CAwEAAaOCAWwwggFoMB8GA1UdIwQYMBaA
+FLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSUDEktfh0+D4td6c3EF5pF
+HSi7NTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQIC
+SjAIBgZngQwBAgEwTAYDVR0fBEUwQzBBoD+gPYY7aHR0cDovL2NybC5jb21vZG9j
+YS5jb20vQ09NT0RPUlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYB
+BQUHAQEEZTBjMDsGCCsGAQUFBzAChi9odHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9D
+T01PRE9SU0FBZGRUcnVzdENBLmNydDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
+Y29tb2RvY2EuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQB1Q3JA4GuS9XziGgBVRg+q
+dBRyK2hYfhvh49eoiYas1VgKHAKsuWPkpHkRgMgAeQ8PLRZEvMdABnVkb5YFevNw
+6pz/U0IkOWhjmwkMU9Oj4+sjEECAEy3iX2tarQIcatrzWJjEk7Y6nb+mZivECxaR
+LcXGmNHgmujDRYvlYj1Z5QJSJju+UMnFg5EIZyWy623fRUOp/f7Y31kfDAEl0drd
+942fyI+dquFTqC8vLi/XBmUlWZ0tG59pIopUA/Z9175oNX4/khG4N0/dNEGZTuEV
+7VugcnGDYzjAPYgLw2a1XhSbTVfc+oqsFHlYJAl3iZ3Cw51GCcnpdqRm3rKSL7PD
+TR/kVEEVRXhBbdguBxbVtcyY8YZsIwiodtTRdZ4X15wtve+N4czzqxKrdedsFAyG
+rWu8cd7mpy5sSq9VLiRP4BuZD7pXICX1gaLqCfRf+Y1kHu3AII6T2KVkH6YYSHSm
+znqkfO76KEc/4CJTAF/pzZx1rwdJ/f41fPX6Sc1X/zI6lTJ76nIO2ngqGgR8WPGc
+EZhCgPFX2aV2A5cpKVgS4GFcGhHTQKOZMkF2kGD01+kTl6ZorDyQtYCT+2h2g+5Y
+tTlVTmoYbOvDouUKO4kun2Wg8sjC7xZGnWx/h8BvGFZccspnWPmjO1QEZur4J3eB
+wRQc9e0RYX3TBFBJurFDqg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFxTCCA62gAwIBAgIQetNp5Giwe1YACpLSeenFUTANBgkqhkiG9w0BAQwFADCB
+hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
+BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkwOTIz
+MDAwMDAwWhcNMjkwOTIyMjM1OTU5WjBRMQswCQYDVQQGEwJTRzESMBAGA1UEBxMJ
+U2luZ2Fwb3JlMQ8wDQYDVQQKEwZXZWJOSUMxHTAbBgNVBAMTFFdlYk5JQyBBc3N1
+cmVkIElEIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNnL3Gju
+eEvgrB0ECDR+93uHyP58vcrPxEqklsl92S7dHTJCxjIrQuVb8EVfc+oZvuSOcAHH
+jPTcJMIHRWL4+NuY2D/TZIJWF97lilOO5q0+xqv8uah1br3g1ZygYYIRlBplwdeR
+6EKiZ1sph3c44kCzXFth8gOiiq/mAozuFyyIuvbNBOiedm1f2J54CuVra5wCQ1NT
+gKFpSbwuTU68WGzP1WoBX0rbAESaxQwupOM9fD0glCYZ6gw0aw4T4E8eovWwNX7u
+klJU4v9kOI7Y5jn2DJ0a3LQziJ817mM6fm5oOZxapd+T0qhCnQUaY0i6vJlJK2iT
+Xea4FS/fOT5kmwIDAQABo4IBYjCCAV4wHwYDVR0jBBgwFoAUu69+Aj36pvE8hI6t
+7jiY7NkyMtQwHQYDVR0OBBYEFEedTRnEL7751fkpCf0WsvxXeKXyMA4GA1UdDwEB
+/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMC
+BggrBgEFBQcDBDAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgJKMEwGA1UdHwRFMEMw
+QaA/oD2GO2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JTQUNlcnRpZmlj
+YXRpb25BdXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA7BggrBgEFBQcwAoYv
+aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQWRkVHJ1c3RDQS5jcnQw
+JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG9w0B
+AQwFAAOCAgEAGLq9syLRmGltU6GPeWbfSgU8yIquNHgIRSQwSYwgwS7bG5C9xiLt
+Uzp/T5XFQqNNwm5dLpGfo95tG4qk82KWibd+fbgHJyu6oMVs7gYzjWpW1foiIbZC
+5GaS/PVctNyk0RAxsOx6blz+f6pdQnKDmixNWE5l4jRzCxdLFSbCzK7/nKhvgR1+
+JFIAMaSci0bHrUolqnLar8z5aWvqeoyoeGxhXJ2/5nfMRQWNS+RI74PDw91ekRQz
+7gb5iQ/FQltJRYVcRJbex/zMSg+HyF5XrnIENVQXXVPpID/BzkFd6gbIGMVXT/yx
+5vmoLqEVa0qj5BEe9eI/KbRaEv0f3dbaCAeINteq96KDjxJX9sBPBBtYMXZZW4Fx
+HVZHRQHjOkNUvoa3123/t9R21hq8UVAtyLoJoJzguQVwmqtkQqN9N/IzyG+2cTb1
+DLlFdLIM6U61JKJK7b+aCeinNyNqHmrDQB1Xb+JBbytTLWOTM2uS5pdCkXcnDhUL
+vc24uAKwzxTE0Kx17Rx1z6NmfWMO96L6Qs4Pjm9aDFV8e/LwRsQN4BphPjeMLAk5
+zXlBnvX0okIPIENuxiYDyapH43U4xsgDublndmWhgQXNGX+IJbyFzJDyDZIEpO0H
+2JMzoA6Shmgsh9hrSvlLK9iMIsmiavIZhmDgSIDVwMHVHH7wk7fyHDw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvjCCBKagAwIBAgIQAkpFkjTIh3XYqhmyjtBMVDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwOTIzMTIyMjI1WhcNMjkwOTIzMTIyMjI1WjCBizELMAkGA1UE
+BhMCVVMxGjAYBgNVBAoTEUZlZEV4IENvcnBvcmF0aW9uMT8wPQYDVQQLEzZDbGFz
+cyAyIERpZ2lDZXJ0IFBLSSBQbGF0Zm9ybSBJbmRpdmlkdWFsIFN1YnNjcmliZXIg
+Q0ExHzAdBgNVBAMTFkZlZEV4IFB1YmxpYyBPbmxpbmUgQ0EwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQC/Mv8Ve/0st75deBgVMifjz1O1Bv8hyx4LjYav
+Wi/2u0xKBzo9qRHy5rOhb9vFXKkS2EuqBuErr9HuN0TJ6Z0K15MZg6RQU86aBWOk
+SljVflFfkzuJGbz2ezIBvIasmZ/d71gLHdowuoi4htlqs+Ie/PynEQatP+LaV5WA
+QK0HMUPEpBkdzxrm+g+lQZCNS8rSPTPhzCQHjBoMlfKWFgsgFZLQ6N/fS2YJvDzq
+n6zjiYHT/nTeO+7rpeXfYnjghopzqJg/0CTiGR/qmDWQJGLm93Ysumz3ZgXOzXUn
+OEAikYoTYvlIstauzOYBlgThUhNfzwwxJzayk67PxDvLzPXHAgMBAAGjggJBMIIC
+PTAdBgNVHQ4EFgQUn72Xk7IYiNgHihALbNm0CvYsUB8wHwYDVR0jBBgwFoAUzsNK
+uZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsG
+AQUFBwMCBggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEB
+BCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMIGBBgNV
+HR8EejB4MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRB
+c3N1cmVkSURSb290RzIuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5j
+b20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMIHTBgNVHSAEgcswgcgwgcUG
+CWCGSAGG/WwFAjCBtzAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQu
+Y29tL0NQUzCBigYIKwYBBQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmlj
+YXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkg
+QWdyZWVtZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3Jw
+YS11YTAoBgNVHREEITAfpB0wGzEZMBcGA1UEAxMQRGlnaUNlcnRQS0ktMy00NDAN
+BgkqhkiG9w0BAQsFAAOCAQEAopE4NGFAqlqMJqMy7IY3rRgphR60KMixmGKf/Tzh
+JJYaIuZKowHfhq+GCa+PeIxbJG9JMsHWvZYWGTzlb8keOIc33tctRuZsgIfGS20W
+1LcnMFJJdbKwiTYml1UaASEc8WX9q0LWdDLPThlydApCyX/o8A5lt+pw+RGDA1Lr
+niIKO3JOeheQIxG2al7qMUaz8+BCzq9QkbEAzIu3xhFhv68OHortR02NilP7gscl
+i479Vo3i7JGRcMI6HWB+OeZu1/XnpYFHeuu/JPKprpO8h1vptzB46qsT6SgNu25W
+T7VLR++j+3QIF2iF4Kh/herxh4KnFiwLO5UTCZRual+WGA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzDCCBLSgAwIBAgIQDupGQ4unmskENRwmlEWcUTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwOTIzMTIyNDE4WhcNMjkwOTIzMTIyNDE4WjCBmTELMAkGA1UE
+BhMCVVMxHTAbBgNVBAoTFFN5bWFudGVjIENvcnBvcmF0aW9uMT8wPQYDVQQLEzZD
+bGFzcyAyIERpZ2lDZXJ0IFBLSSBQbGF0Zm9ybSBJbmRpdmlkdWFsIFN1YnNjcmli
+ZXIgQ0ExKjAoBgNVBAMTIVN5bWFudGVjIENsYXNzIDIgRW1wbG95ZWUgQ0EgLSBH
+NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMxx3whpFdnm9mAQ4Fsr
+bcbpcE9A4mhoOxab+ixvyo6+yHsq3qq05yrdFO77EGxckZo2uOLrt7gdw0V13azw
+rNcrJNBTFbVqXzWCjAdpZa2sa2Ed9b3kWR1RtmW0Wvsi4GcIjhbokfDx2/UsdHwc
+b8Qxw90gTMxwp4bDqwgjlEfigbq/Ocr/+DT4gjfGwhLrezfAOEn2by0KlUy7KGTO
+B/YW8ibqfrsvJGqlxZ+iHt7rHLcQIFichnzQwgAhcci1MH7sv3m1xeYovIGIUw1c
+/zErqemBKcvbwSUVa2CFDU04aKKGKPqmM0S8s6QpzJGG+u6Ky2c0Gyryfu0dRKtu
+s2UCAwEAAaOCAkEwggI9MB0GA1UdDgQWBBRpdZ9OVkK5DOOslAfX3SBDP/uozTAf
+BgNVHSMEGDAWgBTOw0q5mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMCAYYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
+Y2VydC5jb20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0
+LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwOqA4oDaGNGh0dHA6Ly9j
+cmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwgdMG
+A1UdIASByzCByDCBxQYJYIZIAYb9bAUCMIG3MCgGCCsGAQUFBwIBFhxodHRwczov
+L3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9m
+IHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUg
+UmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5k
+aWdpY2VydC5jb20vcnBhLXVhMCgGA1UdEQQhMB+kHTAbMRkwFwYDVQQDExBEaWdp
+Q2VydFBLSS0zLTUzMA0GCSqGSIb3DQEBCwUAA4IBAQCasgCZfEwQcB/KbGF61k1h
+ThX6cjQBbBFAOvywuS4EJejVmecZV0nCYgmkxDXE617u/QM9qvF8GGU9XsVaqNiS
+pFruHqlVDnE14Dl3VIyrQbzX1x6L2pup8M/yInZyIAaKIn4ngtkQ6N98u3uPGh9K
+5Lg1q0GbkFJUDWpZBhnySwC7YzB751nbXPIN5xZhZXpCWgVFLVbwzPyNKFhgSKH+
+sdqJEzclGLx+5f8GlR4M1mOMGK7N5nuj6EMW4sQ9NBI1rzMqAtDHY8pdscDcM23B
+IHNnnPhEVaashis+HE2k/hZt2DbwhC2VT1yduqEYxUiqFv3uqyqVoT0qC40jUjbZ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCBMigAwIBAgIQBUPpDSCWP5x9VLwJlUnkqjANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwOTIzMTIyNDIyWhcNMjkwOTIzMTIyNDIyWjCBrTELMAkGA1UE
+BhMCVVMxNDAyBgNVBAoTK0ludGVybmF0aW9uYWwgQnVzaW5lc3MgTWFjaGluZXMg
+Q29ycG9yYXRpb24xPzA9BgNVBAsTNkNsYXNzIDIgRGlnaUNlcnQgUEtJIFBsYXRm
+b3JtIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQTEnMCUGA1UEAxMeSUJNIENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5IEc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAzVgxf4qQBwBfrSwwIxhP0ktWHX/SHveA7p/oxPd2N4IJBvCbfsMXfrfS
+ViQt1UQLaVjgqG8QlJnJBnMsLsFVTTcpT/1kkDmi2aZQfoDQ9nn8w2l9G+pshy/x
+9o1x+T4xT8xBrv6C3+gzcsPxUHcQMWggH5lu83bOiJN+w+5J3gvxRB2pbIBKDlJv
+0prHnxuifRxUU+fxLPtBFcuUZscd/yIURY7vl12kct9zk82CMtKJe6G3xwmU3+ap
+m2QQ2v5Abh0JvKsHzT8KKbdjV+PAOlboGw2gO3QcN8af2NLReaxHWZcu2Pj4/S8z
+ZfCLFSrkPMJwPDGyus+KhckedxaReQIDAQABo4ICQTCCAj0wHQYDVR0OBBYEFOcG
+7LN0cIZsMSRNpk331DJtYCaFMB8GA1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWX
+NqfWMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwQwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUH
+MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTCBgQYDVR0fBHoweDA6oDigNoY0
+aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcy
+LmNybDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNz
+dXJlZElEUm9vdEcyLmNybDCB0wYDVR0gBIHLMIHIMIHFBglghkgBhv1sBQIwgbcw
+KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsG
+AQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRl
+cyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBsb2Nh
+dGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwKAYDVR0RBCEw
+H6QdMBsxGTAXBgNVBAMTEERpZ2lDZXJ0UEtJLTMtNDgwDQYJKoZIhvcNAQELBQAD
+ggEBAJQkB9tihpEuaP+KP49Zl4LZ4sAEfM3T153RZQ2ebyFYyOL2cG6Vz6oT4Bkj
+dZ62zilQXS3Q3nO9FAaWoKFcBKUuO3UPzx/tdrw1ENLHLeadDl85kxBGhfL1lqLy
+EJ83qCb8CPcRRzd1xb3uEJmTMVRm1V0PurTBu5U6NMOOtW/dk64zrkNELAH/jvAS
+FwCGIZC+DNi96hCqYDg+8QchO9HkvoDHpcxbI7EqI+vk5LacMFCKqvd1YGaA5MjG
+hy6ntl6OBYKUiMaThiRnJZhHmkK9/52NYyfE4NpHZjhzqt17QTcc/Upp6l3s1tr5
+D+4Lno/6dbNVim/aXfj0WCUjajs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFVDCCBDygAwIBAgIQA0dFPOGoknDYQ/5vMDnqUDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0xOTA5MjMxMjI1MTNaFw0zNDA5MjMxMjI1MTNaMGYxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
+b20xJTAjBgNVBAMTHERpZ2lDZXJ0IEdsb2JhbCBDbGllbnQgQ0EgRzIwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDt6T+fxRJiR2DwV9BtBw5ZkASfiHjN
+gWDhJTmO79QQMvXZvy5+Q5NWIo7s0ELdBr7RoVCBhSZinHRixX4Q/oNFw+GClP0w
+8G02kLbJ+q7afCrvvjlcXDCuvGaSNXM4Hd+7NRtSJAH1s95aeGWqnVS/7qHIOtnZ
+PBlZ40fYc1HdKPgfBvukY8V4atKczYe9dtQuCf4nXgtabW46CexjgxWikvXbXKX4
+i778EAji47pWuj5822mXO6oIo/7TvnjHQPE02RoAXHSFWFDueHYsKDQzeSA1pvOy
+OPSIczipGzyfDCE/Yr5TAP1JSuPP3kHyAv1QgHEwvAHweDijUcW64L7hAgMBAAGj
+ggIBMIIB/TAdBgNVHQ4EFgQU2QoTWN1g6RtSyIte7UETGHYeaJQwHwYDVR0jBBgw
+FoAUTiJUIBiV5uNu5g/6+rkS7QYXjzkwDgYDVR0PAQH/BAQDAgGGMEwGA1UdJQRF
+MEMGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDBAYKKwYBBAGCNxQCAgYK
+KwYBBAGCNwoDDAYJKoZIhvcvAQEFMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYB
+BQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20w
+QgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lD
+ZXJ0R2xvYmFsUm9vdEcyLmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgG
+CCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEF
+BQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMg
+YWNjZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRl
+ZCBhdCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEB
+CwUAA4IBAQBammrjws2hExFUcT15azzFf1b7lL72zLXu+Zw/CYiTrluLEQa39VNq
+1hCAlDJ0anfy4CSDwkkzDFxHV40o1L/qxZ9Gh9+NOiUt1HvZlLRruJRLLkNdqZp4
+6WyLPPi4jOI1qEdQO6gH9yesIuAEP+95XIyMVUPB0X+Lk1mriy5jc9CXPjKl8zvX
+OfNj4l7G5bA+1VVNA1YH++ERkJ8sf4EcOe5BMJOdNYZgsuOONG+IMn6VbpDbU1rr
+KxgkBUT+5DrWvq+ITL+lv415hDksee1BmvhBHzrfqemv1/lo2cC3hnYGXaDbpeZy
+EAd8aJueE14fBzplc8lPVAzqfDixgILP
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEBDCCA4ugAwIBAgIQBQoq0cg5XPL3GFYHHjIjzDAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0xOTA5MjMxMjI1MjdaFw0zNDA5MjMxMjI1MjdaMGYxCzAJBgNVBAYTAlVTMRUw
+EwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20x
+JTAjBgNVBAMTHERpZ2lDZXJ0IEdsb2JhbCBDbGllbnQgQ0EgRzMwdjAQBgcqhkjO
+PQIBBgUrgQQAIgNiAAQqB2CHin7dL0qO7Tz9PLe9oCtqFBz3RkzOSFpwzipQLZqF
+X8IiQGogBfaaoPPi9mWChGMKv++Qenrq6J/zAatNAocnI8AXVxTkDe9kgKwomU3Q
+Rd3Gj8ysYp4HUi7zxU6jggIBMIIB/TAdBgNVHQ4EFgQUSRCU+VF02fQWF3ieb9kV
+MLcek4gwHwYDVR0jBBgwFoAUs9tIpPmhxdiuNkHMEWNpYim8S8YwDgYDVR0PAQH/
+BAQDAgGGMEwGA1UdJQRFMEMGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoD
+BAYKKwYBBAGCNxQCAgYKKwYBBAGCNwoDDAYJKoZIhvcvAQEFMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
+cC5kaWdpY2VydC5jb20wQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGln
+aWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEczLmNybDCBzgYDVR0gBIHGMIHD
+MIHABgRVHSAAMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
+b20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNh
+dGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBB
+Z3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBh
+LXVhMAoGCCqGSM49BAMDA2cAMGQCMFvUgkhHjggl0tGE90Q+eA9AIRnfwJPA6pGj
+L11jr0/HRiTa5alVNZoO0epKtGKmBAIwS13OF7TV3qPChVKUITidKPx9NYzfsVJB
+X9PAzhh38bwxZHJdLraOWW0oKR9SoaWj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFXzCCBEegAwIBAgIQD/rh8xorQzw9muFtZDtYizANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkwOTIzMTIyNTMyWhcNMzQwOTIzMTIyNTMyWjBqMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNl
+cnQuY29tMSkwJwYDVQQDEyBEaWdpQ2VydCBBc3N1cmVkIElEIENsaWVudCBDQSBH
+MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOqxRa06rLwKBvrDb/qQ
+8RtXfeKA9o0A42oZbLF4GYr4Xdt9JE8r3PJRIOUZD1U3mEln4S/aZoS54Q+5Ecs3
+q2GGT/Z82VeAPLeGvJoT0LS5t/zXeUcbMuDFWgyj33kiesnuusnOWvpISoxN+oBH
+4oo0+oUiHI65mMjMAlb93x6sabh9kKvHQvHC4x2u7wYv5+NXjnbOhJS/1NjGq+ug
+LMXeldFMz0O5qFIDpn3aQGU0htyJQ2SZyxEqlUrgunsrYj9wgfW7XuhAi2j0y5d9
+oMT0SuVeKFFnQhTEk5B3fq+OBOW0AU2JdW1r929UtRbAr8RpLt05WI2G2RNVVlHY
+aU0CAwEAAaOCAgQwggIAMB0GA1UdDgQWBBSlYiBQ3LtbV5etI4814lRsqX75TjAf
+BgNVHSMEGDAWgBTOw0q5mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMCAYYw
+TAYDVR0lBEUwQwYIKwYBBQUHAwIGCCsGAQUFBwMEBgorBgEEAYI3CgMEBgorBgEE
+AYI3FAICBgorBgEEAYI3CgMMBgkqhkiG9y8BAQUwEgYDVR0TAQH/BAgwBgEB/wIB
+ADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj
+ZXJ0LmNvbTBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5j
+b20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMIHOBgNVHSAEgcYwgcMwgcAG
+BFUdIAAwgbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9D
+UFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBj
+b25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5IEFncmVl
+bWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEw
+DQYJKoZIhvcNAQELBQADggEBAHZrbCQCo3MAIqR0kekGYrC70EAGRDRq11COufNE
+Xhcpv3YH6BMhUoVinPPNgfo5HPrZAFrLK/KPXYdJdgkASGsINabAfY2ljUaJwKlp
+IewwjS6KuGEn59MgidaAUPh6lbetIoRsLhCqCzAnX1aL99fjCMf4NMWLUC8Tqotn
+nrKNuw4JSjx4fcQs+U5T1bbgnyDx+8ybONuIEDvinHdKDu2VjoECzez2y/1IVTPl
+h57zBfjHJQFqLWzHdou8M+ucdJtr2swXII6s3nkq4pfEn7KnbzMS9quFSuyOGILc
+g/3qVwaHNLM5R+8nB5gPI5+u5Uh56w1i+9Ds1pjYAiTHdeU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEETCCA5agAwIBAgIQDOwH7GElSJtbxN0K7NXWITAKBggqhkjOPQQDAzBlMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3Qg
+RzMwHhcNMTkwOTIzMTIyNTM3WhcNMzQwOTIzMTIyNTM3WjBqMQswCQYDVQQGEwJV
+UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQu
+Y29tMSkwJwYDVQQDEyBEaWdpQ2VydCBBc3N1cmVkIElEIENsaWVudCBDQSBHMzB2
+MBAGByqGSM49AgEGBSuBBAAiA2IABFnQ3NFrfbELIPn74kx/x6S1TgZN7WkaAmag
+88BtHnXpaHSb1Z27g/Dqf49BQHFdrwLdCBd2KW/YhVaEYWa90OW5Ua7jdCLRHfD1
+lISPFruSym40fb7GbFgKdRM3tkVA0KOCAgQwggIAMB0GA1UdDgQWBBQJUzoRW+50
+mlqVaEsjGd7pjYnFJzAfBgNVHSMEGDAWgBTL0L2p4ZgFUaFNN6KDec6NHSrkhDAO
+BgNVHQ8BAf8EBAMCAYYwTAYDVR0lBEUwQwYIKwYBBQUHAwIGCCsGAQUFBwMEBgor
+BgEEAYI3CgMEBgorBgEEAYI3FAICBgorBgEEAYI3CgMMBgkqhkiG9y8BAQUwEgYD
+VR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0
+dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBFBgNVHR8EPjA8MDqgOKA2hjRodHRwOi8v
+Y3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzMuY3JsMIHO
+BgNVHSAEgcYwgcMwgcAGBFUdIAAwgbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3
+LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhp
+cyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5
+aW5nIFBhcnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2lj
+ZXJ0LmNvbS9ycGEtdWEwCgYIKoZIzj0EAwMDaQAwZgIxAK+rHstpAe3q1HqKFtco
+B0n+J5fk4nF6R0zA0UaWm7i/Zk2VQMUXRetAgCp6e7q1UAIxAIliXLJpauVTwmA2
+y2TVhRljFGU3ZRP8owIfNVwc/hBcdtVqtUtBFgAl8cGZi22pHg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE7jCCA9agAwIBAgIJIrmxYwzstDwuMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTkwOTI3
+MDE1NDIzWhcNMjkwNTI5MDUwMDM5WjBeMQswCQYDVQQGEwJKUDEjMCEGA1UEChMa
+Q3liZXJ0cnVzdCBKYXBhbiBDby4sIEx0ZC4xKjAoBgNVBAMTIUN5YmVydHJ1c3Qg
+SmFwYW4gU3VyZVNlcnZlciBDQSBHNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAMtunFmosT8IxBkVFP+OnkGkcVmbui+hdVBlGZhniniVluAhigm2WUxx
+p4X5V3B/QKJLZmeAswmzxGKXaDCzcomYxXTygNXcTLI+IMyRisEO7V1NXFHUjSEl
+KaY1LzCA9/emldnmRjX6B9Zt5xXK5q12WOIWkJECEwwKku77tvtKZPRKaCNCGsZ5
+Hja7PBs07jLoE0rMuZLQZNQEB0W63attKGCGzEk50lDj+wQ0UlUbQk3zAEsvdE6X
+o1qZy9l783Va40vSx3VqhGYb4jWQrg2CrAtJcKQNSJ0m9yxJVVQDwpQQwGxHO5Em
+Qv1LGJExASegOXzhzqCr5yiwECfSrOsCAwEAAaOCAa4wggGqMB0GA1UdDgQWBBRi
+p9La3oW2kvGFvPbolZ11oPpOHzAfBgNVHSMEGDAWgBQKhal3ZQWYfECB+A+XLDjx
+Cuw8zzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjBJBgNVHR8E
+QjBAMD6gPKA6hjhodHRwOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1S
+b290Mi9TQ1Jvb3QyQ1JMLmNybDBSBgNVHSAESzBJMEcGCiqDCIybG2SHBQQwOTA3
+BggrBgEFBQcCARYraHR0cHM6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1ND
+LVJvb3QyLzCBhQYIKwYBBQUHAQEEeTB3MDAGCCsGAQUFBzABhiRodHRwOi8vc2Ny
+b290Y2EyLm9jc3Auc2Vjb210cnVzdC5uZXQwQwYIKwYBBQUHMAKGN2h0dHA6Ly9y
+ZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJvb3QyL1NDUm9vdDJjYS5jZXIw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IB
+AQDFUXkuQAZKY5Pb/JvgufizJ8uZKpN++fiI8kOTgkrSriNYNjO9iEdTwVV3sW3P
+abr3lAdCGrJ+wgArLLUnBZ7VGM//UlDhTRe4A19c0TmV1udTSbxabwQJbN1zIGbG
+3KQsumg9/70PaIkawnihx9/TxGCrJkAH5W+9pkX7OWefsahylwiPkKRkJRv2em/v
+rMRyb3LxRU5t84k1xQqCnMxTEWOAiWoOtatExZ38a8kn8kqiE1NEvtPOzSrVjSvD
+7pH56AlvO7hzGzng60kyWnAz6O5rQ0tsFIgW9xloWTQQVcfEtzvjc8ptuP9onkbA
+jMRDJaqLXrIVtB7GMek7S6AO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8TCCA9mgAwIBAgIJIrmxZIi85pX8MA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTkwOTI3
+MDIwNDIwWhcNMjkwNTI5MDUwMDM5WjBhMQswCQYDVQQGEwJKUDEjMCEGA1UEChMa
+Q3liZXJ0cnVzdCBKYXBhbiBDby4sIEx0ZC4xLTArBgNVBAMTJEN5YmVydHJ1c3Qg
+SmFwYW4gU3VyZVNlcnZlciBFViBDQSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANiYyzYgvqFeBvvMTpr9WNeiuq78UMqr9XVjnuCz9DX1Q3Saa434
+tn4LXE8z0xxFDioD0pNvPkQQbDVc4RyqBcdHM3NR0UlkR42d8RtrZmCO1s93cshb
+LAO6GH2mJhA65UjYNEs3G/meG/EM76fxhPn52cvWN0d4ISP+60sT0IqIjw+84MOQ
+4Ked9xveiIsI8QTOiAOXORoSstvOuzT+a3CcmtHJHWdBz2eUPUXLqq1e+UdDiyOW
+fPsrjW14QRstE6Ix1oUO3kbIq8nSG6O2hHVHHSIH8YLziHsca6kr8GICsLpNEm9l
+jDrgVk3TcIx/hwZboIs+LCicdnrYGQN1w0cCAwEAAaOCAa4wggGqMB0GA1UdDgQW
+BBSCbHVdU/VFabwlLaRMieayt0GHozAfBgNVHSMEGDAWgBQKhal3ZQWYfECB+A+X
+LDjxCuw8zzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjBJBgNV
+HR8EQjBAMD6gPKA6hjhodHRwOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9T
+Qy1Sb290Mi9TQ1Jvb3QyQ1JMLmNybDBSBgNVHSAESzBJMEcGCiqDCIybG2SFUQEw
+OTA3BggrBgEFBQcCARYraHR0cHM6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0
+L1NDLVJvb3QyLzCBhQYIKwYBBQUHAQEEeTB3MDAGCCsGAQUFBzABhiRodHRwOi8v
+c2Nyb290Y2EyLm9jc3Auc2Vjb210cnVzdC5uZXQwQwYIKwYBBQUHMAKGN2h0dHA6
+Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJvb3QyL1NDUm9vdDJjYS5j
+ZXIwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUA
+A4IBAQCewKVTadoA0v+ZQuCBrFC+7KwIirXey6k2WGLu38uW9vpET/1XTtF+PbN3
+HBnuUidqfu92vHaBnLv1dt6VAJsQPxcrBju9jNMFvDk34pEYXk3dGfi3Yg2YF4j8
+cCYsRGq2JKNjuq05GViO//RbV6jgaiUhJ9ekyzj5jQpmggo5W74FVyqo3p15GUdC
+J4RHVMAn8LtNIoqd6fFZizrletoHDWbpx32A17u0Nu6rKUJGxcPKxOQnomvXyEt3
+A2bXBaKZFgEz8eWXNcub5IXhhgCd+hSOqzeitkEAGlhtMKKdnoqwVon+83JI7t0w
+qTRHfLanusz41LYNnI1YnYO5iAEq
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE7DCCA9SgAwIBAgIJIrmxZVyOaZFbMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMTkwOTI3
+MDIxNDA5WhcNMjkwNTI5MDUwMDM5WjBcMQswCQYDVQQGEwJKUDEjMCEGA1UEChMa
+Q3liZXJ0cnVzdCBKYXBhbiBDby4sIEx0ZC4xKDAmBgNVBAMTH0N5YmVydHJ1c3Qg
+SmFwYW4gU3VyZU1haWwgQ0EgRzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDEm/hTq7JKziKCyicxmRpgcORiXZaGAoAsVBJNWsp8Bv/m4It/+cZqPtkr
+WrfGRwWL0CnF2kV2ZlMzYxp+UxAxaAFnVlUqdaqnAXTZZq/DvWhJsWx/nS8Xzfqk
+9YbvMA7SEThBO/BNanHv8OBVO2a0yeeEsgFi4GLL7fKXiGZjRsN43bhnXC2rKHMA
+4msS28Mtq9VjGY4g7i7hNjUD687F+Op1Lsur+Mrd8ZCcbjeVqFH7V7JG8LHNxMyc
+SjkgqwFjWq+4GSF3TvigYY/ESWNJU8dE4H35fOflq9sP6cxn2/dxaNB7s+gAgyd3
+mvtuYxdqhZ7jRunMK/EUv7dnDRg/AgMBAAGjggGuMIIBqjAdBgNVHQ4EFgQU/Mba
+/set1VrOSN7P/egoxaO6jxEwHwYDVR0jBBgwFoAUCoWpd2UFmHxAgfgPlyw48Qrs
+PM8wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwSQYDVR0fBEIw
+QDA+oDygOoY4aHR0cDovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9v
+dDIvU0NSb290MkNSTC5jcmwwUgYDVR0gBEswSTBHBgoqgwiMmxtkhwUEMDkwNwYI
+KwYBBQUHAgEWK2h0dHBzOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1S
+b290Mi8wgYUGCCsGAQUFBwEBBHkwdzAwBggrBgEFBQcwAYYkaHR0cDovL3Njcm9v
+dGNhMi5vY3NwLnNlY29tdHJ1c3QubmV0MEMGCCsGAQUFBzAChjdodHRwOi8vcmVw
+b3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290Mi9TQ1Jvb3QyY2EuY2VyMB0G
+A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAQEA
+OIOKWjUNrNgVaVrpN6xaQlT4bD01tQwQ6mU76mR9y7zMoev6E7l99gGjdtikGQle
+27ExcAJpGrvElf3QEwCNDYtYl6WEx1xY+sYHJT6NX3M+uI/RWKT+iu2Qs8bSpYZx
+k9Z5OerHFNiSgcgB5tJnuu8x1ppfErnUcGqKOpbbeyVk5W68LCEJeEc4Pzwc659+
+G+PmJmPfHljH4DdDBvySJFgCA7c/eOAtcgKbvMdjXY9BJZh/TaUKIWPNgiU+jZFh
+s81RITedHQsZTZE/k84avQHqfXvD4tYu3J1cJqiXbhU4Q+UUgqckXVX5Q+oTkvdI
+Vx9dMFTT3+ABGMfr7WgjyA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG3DCCBMSgAwIBAgIQQNs3BJZDXn31Fo709X782jANBgkqhkiG9w0BAQsFADB9
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+ETAPBgNVBAoMCFNTTCBDb3JwMTkwNwYDVQQDDDBTU0wuY29tIEVWIFNTTCBFbnRl
+cnByaXNlIEludGVybWVkaWF0ZSBDQSBSU0EgUjIwHhcNMTkxMDAxMTU1NTU1WhcN
+MjkwOTI4MTU1NTU1WjBNMQswCQYDVQQGEwJOWjEXMBUGA1UECgwOU2FmZVRvT3Bl
+biBMdGQxJTAjBgNVBAMMHFNhZmVUb09wZW4gRVYgVExTIElDQSBSU0EgUjEwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC8Jv4YEz+OPhuZVHk9YAI5JbIs
+xYVueZfQlgjL/u/Op5L3Ubn5hnsk/qnIwUDAzDyh0UPo2yvL1oZjKFQ9zVW08drb
+hDxlgJ/DsbP3xCIFolYVk2lLeHZDJJbldUBIYDBAFLtA55NLAv+TEmxMRf38MDFE
+k4L4Tz8DXWCgMll/4/uiapensGXqW3vh7T+mk5ps8ywTBTmumyAffxNpgEpxOEtw
+TBowKXofmcyKE97YF4SLUJXMpUe4Bsoc75v9+YnOyetajegnX/eM0K08kHDmks+p
+bBNz9qvT+oTCCG3B5LGB6EJKXbUs8/PlJc38Eqeb8SkO0bDp9QGtSvpMRuCXFYzQ
+EfuF5CnxzeGbZtu8M9HJdooCCZMd0EBxAVl4AondgtmhhEewg3+lDhO1YSdG8p0j
+vgFlcDhITRs11509QSSzWDQss4C6D4hrtvkbGi/76hQV79Io+FNWHw+6vC4tDSA0
+dYaoOUPN21Fq8roG7nAacm0fuedYpbUsUKUZkeuewNY9MYEq3fcAb31bj+8daZBY
+bxqOQP+AHVOQV1FzEkryyK6EMvQk8susm7SR9opEKly9dWg05naMhxgsegaxJgX9
+NSJpOELoyvepio+0bD0RXijcwg/k1ke+tekTK3cKZ4iZgFJGDC6iVXeGy6uV41I0
+HrO911F4kJQOBhCvbQIDAQABo4IBhjCCAYIwEgYDVR0TAQH/BAgwBgEB/wIBADAf
+BgNVHSMEGDAWgBSoy0aGnNChysGUQ5QwCnID9BHK7jCBkAYIKwYBBQUHAQEEgYMw
+gYAwXAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NT
+TC5jb20tRW50ZXJwcmlzZS1JbnRlcm1lZGlhdGUtRVYtUlNBLTQwOTYtUjIuY3J0
+MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTARBgNVHSAECjAIMAYG
+BFUdIAAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMFcGA1UdHwRQME4w
+TKBKoEiGRmh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMLmNvbS1FbnRlcnByaXNlLUlu
+dGVybWVkaWF0ZS1FVi1SU0EtNDA5Ni1SMi5jcmwwHQYDVR0OBBYEFKKZQd1e4YU4
+uJ3DGdZiH51DXDMgMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEA
+XLJgPm6c4x0Jus4JZH6h4PplC1m2Xq7Gfl9Knhszu2N6VDpAMCuGv1QYafLNSSoM
+Ac3EvYAuLZ/QAthlOxkH3FVUe0sk+DVBTzCiVJKOundLgwcZTx+z1lXzauF60b8v
+wtTDcm8Ssb+e+NfZeE+uHb0gijqrvzWJ5gpOTIJ+0GJO4RbkZWHIx3ltvtby5d5l
+y/tJp50IKawzh9g9hwc3OtOr25PN+O+22PvawBtkrHQQVBlVdK5P8z8vdF0ddt1a
+crSi3wTck18AKEFXlXrMAil+qVC4+2c4woI7ngjzEcmE5Sg9nqyADKtdDxKaN+Du
+B/KZmR+/C2XcXdy07KHc3As2bZh2WEXGnCX9AXrkXQ35pUf2KsUmIJBz29HrJadq
+838O44eWi/IDd2lCT5x8ym4D/8N5hTfBp+/uCIfqQ2du51aLgN3rHeGqmLvIfyYa
+1xtGicaN+lzEQMGRX2DuklBTWcjkTNpDnsXQmU69YFRV95XqMqOPljBU/OTxv1+H
+am5jb9GUjd/Y/kkKnZ2JuJFcEl8rpotM2ZL+2ZthePSaxFIqnVwGj7+8kr/VOe74
+mfomSRqdg2j9bil9ctur0DxhO3K+Mp8o2kEQ6giDvqj5wb5Wlor5pErujTGTdLo/
+crhAizuWkxKffAeP9gnjFgSXTQmIDqpUcDUf5p/Sm3A=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG2DCCBMCgAwIBAgIQcE1xYPQf5ocV1JCN5O4WOTANBgkqhkiG9w0BAQsFADB6
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+ETAPBgNVBAoMCFNTTCBDb3JwMTYwNAYDVQQDDC1TU0wuY29tIFNTTCBFbnRlcnBy
+aXNlIEludGVybWVkaWF0ZSBDQSBSU0EgUjEwHhcNMTkxMDAxMTU1OTQ5WhcNMjkw
+OTI4MTU1OTQ5WjBKMQswCQYDVQQGEwJOWjEXMBUGA1UECgwOU2FmZVRvT3BlbiBM
+dGQxIjAgBgNVBAMMGVNhZmVUb09wZW4gVExTIElDQSBSU0EgUjEwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQCD6CgGNfi4CIAcv/j7GGYbKpalqoxYbRJY
+iTb+87pgwVWJI59Z/AplsIXXThJfKN1Mx17RDbMesnwAuqFBJDGWpgA4Vh490lgR
+TX02GAZyI/7L5elnMYGYxGPKxNvnMA1H4jHZIY8aSZyrP36EZ3lWbe+fPXjaQ2/h
+aX9fGvYjR+3TZJIsutwCf5O0TRtKqG/C6bPuj+NMbqzbGovdEriZEX8GrJt5YTtF
+34op2sRtpzb5/XtXEujc9FrbdXwbNTj+nP8a7WTqVVctQleFzEbVJ4SUM6r7HdHS
+SucP9G+IwNB/g2+x7vkg6UnbEk4fhdEdbfiSSW48I7HUazZS0oHQ8iOcc5nYWRNh
+Jv7I5FuNVe28ODN+0VjLycwWUNZmL/1esdlr59LnJJNes6jknxYSzmDldc2RwFmZ
+ZTyfPga5VOvYBUXBmwW+4y1r1TrAXG4V8KnYClTZmOv3eBo6lEjBM2U4QcDREy39
+NSTFc4l/nol3t3G6WuYlQoqmnnfmh0ULjNHHC20TYnz+c/uSSxzl2bIgi2s0qXm0
+sfhbMkD/h+PR/cObF38VFZpLA53SrOmYgOK80y9dyZhZBD7P+wRjaqO98W6Ys0Ud
+kA9H1MvL+Vz51Ajyd8FYWn+tr7D2+jn9DdEd/7Xb+OYzKjPBj4mE37BsP/gr4TNa
+jD787jW+3wIDAQABo4IBiDCCAYQwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSME
+GDAWgBTQPeqimAddRIXPA/vKvzQKnxDEaDCBkQYIKwYBBQUHAQEEgYQwgYEwXQYI
+KwYBBQUHMAKGUWh0dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTC5jb20t
+RW50ZXJwcmlzZS1JbnRlcm1lZGlhdGUtU1NMLVJTQS00MDk2LVIxLmNydDAgBggr
+BgEFBQcwAYYUaHR0cDovL29jc3BzLnNzbC5jb20wEQYDVR0gBAowCDAGBgRVHSAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBYBgNVHR8EUTBPME2gS6BJ
+hkdodHRwOi8vY3Jscy5zc2wuY29tL1NTTC5jb20tRW50ZXJwcmlzZS1JbnRlcm1l
+ZGlhdGUtU1NMLVJTQS00MDk2LVIxLmNybDAdBgNVHQ4EFgQUkvs7fmjTOsMAdjhm
+DIpcvJXS/VcwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQBl9IdA
+AWG6kViz2iTYMGUtsGv057hpqhjJOpyKPhiFBRVnh0S60L5U1z3230NkSx9yFO92
+896KgYLHZrE7WeZ1nTWbYN5THPqg4ukAQD1D6pvJfkfumfHvip9SQwB1NuBXxLQS
+18+/0V8NimAAhWNU6F3ZLJ4GkGqWdl2/Lciy1GikMBaIavsYpr44Px0tiyibPxLN
+Hmu9ODyyLEqRBKv3h98W2syrVeLKMX3g2yR0wFtdr+8FtXy79M6pL95AHqcRcAT6
+fRCyKAmIFAvOxX/eF8Al4/ZArgq2CNJXt6S4ByQZuMKEA/0iuk+scP7IOXj8LeVf
+GkQauKHpO2YfSWqnEuTXsxFachT/bd90Sp1INW1KiV2tDHNe+wnEGcJQUyH3fGF+
+w6Y7tOtUZcr4NV2u9p3Ifq4YXWoMbDiZanvmIlRMzIz8GG01H+44zw+s3qXudxmQ
+XPU9XTc0kN/duFP6LKwbqQqKW1fZ8ALW3nhDlpnjgqdmy2Mmphw5D1JP5N7jRQOk
+kYNBxmQEAwhBtgCXnzblIvXfaqRinYydog6+t+zmoSxHGO9VJKvvV88i6Z1FU44J
+kaRovsCbo4g5a16j5muSV+t7nCPmqVELGumyaRPUTJZqGorzDbNHNiANTaG3e+gw
+aOmGp1RdIT/spf9DlqTMEHbYrcaJqFuFe/0lGQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG/TCCBOWgAwIBAgIQKO74lnD+yX328C2++3jr9DANBgkqhkiG9w0BAQsFADCB
+iTELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9u
+MREwDwYDVQQKDAhTU0wgQ29ycDFFMEMGA1UEAww8U1NMLmNvbSBDbGllbnQgQ2Vy
+dGlmaWNhdGUgRW50ZXJwcmlzZSBJbnRlcm1lZGlhdGUgQ0EgUlNBIFIxMB4XDTE5
+MTAwMTE2MDMxMloXDTI5MDkyODE2MDMxMlowUTELMAkGA1UEBhMCTloxFzAVBgNV
+BAoMDlNhZmVUb09wZW4gTHRkMSkwJwYDVQQDDCBTYWZlVG9PcGVuIENsaWVudENl
+cnQgSUNBIFJTQSBSMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJUC
+XLaULVYuLsIHgywpaVDUn1LU1ExEZ0L1ywicgOweoIkboeHdyReXsROdUfZ7ev5A
+npkY9SxG2WJYuzvW97Tn9M/Ft3ZxZm3PV5/uI+AdB5sWA0U0b4du1jCa18ukRGSi
+aEUMynOq5oVqXn+oCa4LUNFDZ4L0rdMB+fHrGw7H9KuseN8Bya37HOmMp3wHXSzW
+QRm0mc5v1AU2xSLSuQjb+bZEz/ziCSew30sCVGMroJy2roD4HV9mDI2GSyc45H8g
+nw7b8HHyWGoZGav9AZZG10iyFusY97ZJ7JEkmqrMrwZ7Kt8ck8mttQ8ovBVYoXeG
+dX4YQMW/RFp+xTfgngjBZkxb17A1ch6yMpbxt+Ijto0prfovdAz9Xhs+cFeffxtW
+TSGKKNxNsAon9V++d3ZTBYk0BJyJteCRxGRl+/oVkjJ+gAIcbVzqdGXMbK0KDygf
+acDYQmgC8RTq2OfJwlplPCTYeHgKkO+HRm7Xqg1BmLXwCT27gjKlfM94qW4Xm6zc
+WVyqjaqpnYgOkHe8C8gFtZdcRrdxvZLvK7cdB5DaSMj8gbNsdzdrTAXnHrwaFoFE
+fW3Q7BPzc619tK9aT7y9b1OnKcNlU95jnoClCs3wkAVE8KHvm66oo4MfaMOYbwdV
+43eZC7PZdK43r3qj/iNjEqmUwelnjYceqQnuHcG3AgMBAAGjggGWMIIBkjASBgNV
+HRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFBe2DwQJUirwJm/zYnAiEN21K/Gy
+MIGYBggrBgEFBQcBAQSBizCBiDBkBggrBgEFBQcwAoZYaHR0cDovL3d3dy5zc2wu
+Y29tL3JlcG9zaXRvcnkvU1NMLmNvbS1FbnRlcnByaXNlLUludGVybWVkaWF0ZS1j
+bGllbnRDZXJ0LVJTQS00MDk2LVIxLmNydDAgBggrBgEFBQcwAYYUaHR0cDovL29j
+c3BzLnNzbC5jb20wEQYDVR0gBAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMCBggrBgEFBQcDBDBfBgNVHR8EWDBWMFSgUqBQhk5odHRwOi8vY3Jscy5zc2wu
+Y29tL1NTTC5jb20tRW50ZXJwcmlzZS1JbnRlcm1lZGlhdGUtY2xpZW50Q2VydC1S
+U0EtNDA5Ni1SMS5jcmwwHQYDVR0OBBYEFIU1y+hKK8Rf6933kdspxgtie72VMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAHf0ib+DzS16ieUa4571s
+977D3EC3WCjED7ctPfr7SueY8Pw9oB0N/Y7jsnh6aTOVVfdhczRzYvEeGsrqjt66
+1yuVlONOzQNMU0LSTGV8cBQDQSIhj44t8e9SX7MeDVEcfFvpKyO3EzMegcM/YnVZ
+9AEJ5v09OljTLSP6W6qVKhOtLGy++X57+9BEFyFV8PuPwcmDhGmZvCcWmtyoUPRS
+9fdVqitciiLpi1Ma7CficZzp6jhJry1QqwGBxJ17U3O9kveAnzeAlDLj+gfBOYyi
+H4qj4LIif2rXn822thn8o0ND/jjL3R7lbdHZ1Ti1O6FN40Fu94U+V3hUYIEuOCaG
+YszA0xESf2NqY3A3B355Nw1x5JpTbxXLH8Giq2e6PwpL34rYVGdSrirTE8i9DF1s
+k0D6BaWHn7J5MFRzi6ZxmvbUQA5i7I/CQ0G9ypF0VZ9fsSItzVa+KtUZRxx82kwX
+8Ghj2fcQG6bB9+OOQnsr2Hqa1v/hMNeVNxdOtf1SZR38csEXXeZ5G6Hd3rtXLJs2
+GIK/tJqB0Ia8bVcDdsrWClv6fKLyX/vkV869sxFXMweR8OE791joo5esHK5ROZLN
+7bFk00t9QjIrSKCGi1L6rRfmTaZxq6xhwL7/aKuglCW1hFvGy1DI8uMXAgH1K7dL
+XOaKb/60iOj/vADI/q2Sn4M=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG1TCCBL2gAwIBAgIUMw40/E7Jm8RtKO337qLy4Xh7WAAwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0xOTEwMDcxODMxMTBaFw0y
+OTEwMDQxODMxMTBaMGExCzAJBgNVBAYTAlVTMTAwLgYDVQQKDCdIeWRyYW50SUQg
+KEF2YWxhbmNoZSBDbG91ZCBDb3Jwb3JhdGlvbikxIDAeBgNVBAMMF0h5ZHJhbnRJ
+RCBDbGllbnQgSUNBIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+oPnnyh2HHcBnusXKkXZLihCGmzNGJWpqH0GFbktSU6AJdngnMSVFV7+mA4wmYGVf
+Hg+HvMi9z9u32Rr9YKzRBk2eg56nfjj+8CvTTId6A2casQdrEvOzzwfKXCD18VJd
+I0hjaSwnZSHylKoq4SQVnePBM2E+rCFo72CbzV5q+IXegfzD7O+J/bXtJs4YzvtA
+rbDwUla5UGV2xaIzSWgRY7UcTdpQjtCtpgmTQbpcoYjWa8hVkmuYDJh/Dg92v+u1
+CR0xy+Fo3SKdVttNWHUP0BkIraHuTWecnGIWcKisDvjQx3wvCIIRC3hHVDAG1ATi
+NAgq83qGuk2xNat63hSamYW0H0zT3SBwzmblRFg57VXfczevaSbK/KGzTf3dj0BB
+NhTti1Jwkeon1otDFHPY86YAJaHpAtayWEKCmkUAF3Ya9Ryu2Zjr+1N2Gz13nbCr
+gwaAzzIbD9ZTN7VQJoN1EmO6/XCe/Ho7tmR25buByosTBUAvGlko/xdIGzaa4EdF
+15au0FLRZpKOLpXZmPTFOaEwKGiKh91QxdmfWNByi83izlovw8QHQM0Gej2BqUXU
+10HlRp0ppbpV0px9uetBdZHN7ce7qlRgnqMqli32KAa0wdFipeCemn27/PWOQpgj
+qqHdzuISwUPaykVGsTY/7oGEKetOe2UnvDo9Wq78IncCAwEAAaOCAZwwggGYMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUxhfQvKjqAkPyGwaZXSuQILnX
+nOQwdAYIKwYBBQUHAQEEaDBmMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVv
+dmFkaXNnbG9iYWwuY29tL3F2cmNhM2czLmNydDAqBggrBgEFBQcwAYYeaHR0cDov
+L29jc3AucXVvdmFkaXNnbG9iYWwuY29tMFQGA1UdIARNMEswSQYMKwYBBAG+WAAD
+hwQAMDkwNwYIKwYBBQUHAgEWK2h0dHA6Ly93d3cuaHlkcmFudGlkLmNvbS9zdXBw
+b3J0L3JlcG9zaXRvcnkwKQYDVR0lBCIwIAYIKwYBBQUHAwIGCCsGAQUFBwMEBgor
+BgEEAYI3CgMMMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNn
+bG9iYWwuY29tL3F2cmNhM2czLmNybDAdBgNVHQ4EFgQUJ3GSDxfyCZeYbh1rzLJZ
+TzHQhE0wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQBW+GFb4bCU
+glQVizlIgbsYY/ce0SLNglPhdb+SofpUENHIZwtki8qx5KSseefbyq9SCRr/MKQ5
+1bDiwtWSNzDR1eZ5dmESic4WwtRbe1FGmibiV/XEXYvNfr0Qudog5oJ1aC2KilyV
+ihBi6tpGZM+6NqWXugGD+YOYTdDahowZjb6SzZ4YW0unai9O8j3QjRlw7LY//+0F
+ayhFJZozWSBCwXu+yxvLSZY/67KJ+MRWOyzOR1lUTok8wH8nOxud8rqPVrjfkAQr
+OydGy5/KdWELDQgQ/iMOIZtdPUzCrRhJZeqXDwa6RyjnTjB29LFkmoRiw5+PgqYz
+OrHroTYA14boyRiBB0z52HSXLiv8FFOq/hR5vz9XuEChTs2WDquCnch2JcU7LlEe
+9erffxv/C2eT7rrf/ZQlpy7BWKvcJm9padyk7g/NgCgDGHVT/yqtCFxHYYaFpXZU
+72TailcQakOZjd/7BBp41KXR4m6xyK9ZTcrbkFQJmvAJfYlcQg4OLr8EalS57uFe
+Cpkdi2qoELMSRwKKuxL9iT8Atnx1woBGDQSWnPkijO9t8M10gqWzs5QvQ8y66ri2
+VXzMCOQ+5Eu56VaPZXi+ggTQu8L/XmUB0ArsdDvF/dZWPYj1BK0QUBfQOsDYn7N6
+hv13OKvEOolJtG0oZ4XP7NrF9Lpbq33F/Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGsjCCBJqgAwIBAgIUYb6CkufoyzrfmOLKevNBVCmN0GgwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xOTEwMDcxODQyMTBaFw0y
+OTEwMDQxODQyMTBaMEkxCzAJBgNVBAYTAkJNMRkwFwYDVQQKDBBRdW9WYWRpcyBM
+aW1pdGVkMR8wHQYDVQQDDBZRdW9WYWRpcyBJc3N1aW5nIENBIEc1MIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArpE0+roCCjyHjR1iaa4zGTNN8KrCteDo
+cRNuAluIKrTnQuKSqtykU7/H3COSW701Y20nuGsJhctHgzNu8k4bTwesDLv2XIxw
+qfpQQAexpi8vZb9SmHEXjHMGjgDq7/hv8Yp6qOwmv3FzBMkCmANgf1poB+cMCyz9
+hatvYZ/va32QvyMP5JVcT5+H2aaezEREak+UdOq/q06O+xNMGOlbkLJOurpLdzeF
+tyUgceOP4zTsXKZtvgdFOM9w1J6Nikx7l6eNcn8ZNbCLgPdqyWKC8st5ULHKGv+a
+pGqqg8mXmGvuqjnNSvClVJOlA7dl+gY/dKxm7ucAD01SUEzZQonG6NC7HzSEn4Ks
+LN7zQV7QwVllzc9KRT0SFhAOZ153lFg2QEzHuJnuaGTf4EMGrbr2oppy9WKunsOf
+mseQMmitYB63M/Gq+Rbi+LWJeCMtw6KYFZoowu+Tp0/GMpCe4kLv5udh4jBYGDan
+dorDl+sEW8wSXL21Gjnyw7FnaaCY1HitiUKJkBKrOrJKVDPsCx75bD8pTQGTAjcX
+Z3ErR4zK+gx1mTN6ZIKgXpJKFiP+BsdBmq5n6BkfQ0x2G4KhdOe3QGYfPLDL//kt
+Uhs+LFaaACII0mIzgDbgebtLKjhaJ4j3yE2LdyhwRiekEobmIZf6MNHeSlqbHLVA
+l0dRQhiHr80CAwEAAaOCAZEwggGNMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j
+BBgwFoAUo5fW816iEOGrRZ88F2Q87gFwnMwwdAYIKwYBBQUHAQEEaDBmMDgGCCsG
+AQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMWcz
+LmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t
+MEkGA1UdIARCMEAwPgYEVR0gADA2MDQGCCsGAQUFBwIBFihodHRwOi8vd3d3LnF1
+b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MCkGA1UdJQQiMCAGCCsGAQUFBwMC
+BggrBgEFBQcDBAYKKwYBBAGCNwoDDDA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v
+Y3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTFnMy5jcmwwHQYDVR0OBBYEFDdC
+HU5iaqadD/m1LNdzQsT7pj0tMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF
+AAOCAgEABi0xKQp/AIwS/Tjk7LlayzTIGT3e+7BoNmwYqiIFkGf2FlRWKm/UP20O
+pod0tvgBepCO/TF4QTyooPTXRl3QlN1TKFZohUz3IADIIg5dXXWC9hCoG6gNEKb6
+EXBnx9Fdork3bj8rWupIi7RdWUZM8PZN10UUNBchUDgBWkmrRXUH8jzrLyONqKY3
+SLKJv3lj6SsLdiZ/Z8MkvZRR87rCTngiDK+HJrWmbh3qWE84m7BevycpBypZoA//
+5LurQKZB7YxmOVcAWENrayo8zV4+SbpPjo77c3Usueh7ZkO8m7sa92VV7P28tGZS
+ABsd+S/QYO359CdvsZb/xxH9WSa254fPSv2xRFBIayasb9TV/5AEXa4xVi7jfDWv
+XWW/E/rW/5eadlTKng+X9VS9v6tpJyRzcd4QjUE/URmuI6Kc2oJP0I2W2VOfUfem
+9hgRKIVh/GmNrUvn8nZnd4rAbz5QJVTnx6Oa/vBprN08gTJjPDcYxSx7cznnVQ9f
+hd5+4w+iRjsqNBjxUph+LICb0bfFkJncio1B7QAjjUOXucZgRCV4Usk1Yfe1Wy5/
+3t/1L2KiaGdlg+7fVq5lQ4Gfw6f9lFbW+Ag9u5egLNZo0Hzjltg7RmDJ5J2Qd6Qv
+UEE0o9OXtqt/hLLO/aGouvV5WAyojiuiOGNKXQBaKF+AA/fdX5U=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwzCCBKugAwIBAgIUEn+LMgYmKMDKP41Evvny+l2xRAwwDQYJKoZIhvcNAQEL
+BQAwVDELMAkGA1UEBhMCQk0xGTAXBgNVBAoMEFF1b1ZhZGlzIExpbWl0ZWQxKjAo
+BgNVBAMMIVF1b1ZhZGlzIEVudGVycHJpc2UgVHJ1c3QgQ0EgMSBHMzAeFw0xOTEw
+MDcyMDM3NTRaFw0yOTEwMDYyMDM3NTRaMIGBMQswCQYDVQQGEwJOTDEXMBUGA1UE
+YQwOTlRSTkwtMzAyMzc0NTkxIDAeBgNVBAoMF1F1b1ZhZGlzIFRydXN0bGluayBC
+LlYuMTcwNQYDVQQDDC5RdW9WYWRpcyBFVSBJc3N1aW5nIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5IEc0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAru4h
+XCjP1D4tYgpQHnWXZNrXRDcey6U5NqdpJcEUb8NVF+EkF76NQt/y6A6pp1uoRw5N
+MQ8eJfrdJ/t9GKGe6PfQQnxwObARoOAJq1elfquM7bfeIkCgV2DA09hCEufT/9UJ
+V8pQhmOZEpuuoBmfFQoseoVkZd502xNK5T5R7iGAJIrnXs63rTCJj8rGOg0HC73H
+WKALgC8oApsysNKWBFxahgS8UYdLLYWascCxwCnRfq10BXRqZefQd4udihJTcKqC
+BBO2r1OPFl6J0lMN1pcURwqwZSeNlmJ9wt+sl/AdDHgNEzdW4sbnxvQv4QREvq+1
+I/3I6aK7nDHW4D5ADWdo/+733k6RM3CIye4UekJMihC9wEgamkoVtUBd38s+jsWB
+DL18OWVZ61If8fZu5dHeQgYizR2qjatHQrhaN1xICu2JZ8fabO4AlD2egJcDkfHA
++/u4fCfcfGz1yV+k9cqOArK84/D2iLs/qsoHlFLKv576If+Aq6bhNi7Sjq94o9z9
+6TVgprA7s+/vHHmlX/jCl9Lf+VFsquwZ9j4t9HsLV1pBaaoDbkcMWogskFXhD4ir
+QXN3947IVsuxAjDnc3Nohy/Qn3IzaOI6Ve7iQXfgWvjSi2GbsOQVUBDcOUnDOVFv
+WusypPB0DrTx53iRVX8YOl2TTCNKMAJ3MWIiUGkCAwEAAaOCAV0wggFZMBIGA1Ud
+EwEB/wQIMAYBAf8CAQEwHwYDVR0jBBgwFoAUbCa9YFUpKU5mMgeg/2OLg1pLNMYw
+dgYIKwYBBQUHAQEEajBoMDoGCCsGAQUFBzAChi5odHRwOi8vdHJ1c3QucXVvdmFk
+aXNnbG9iYWwuY29tL3F2ZW50Y2ExZzMuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8v
+b2NzcC5xdW92YWRpc2dsb2JhbC5jb20wEQYDVR0gBAowCDAGBgRVHSAAMCkGA1Ud
+JQQiMCAGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDDA9BgNVHR8ENjA0
+MDKgMKAuhixodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdmVudGNhMWcz
+LmNybDAdBgNVHQ4EFgQU8uDtLAOcY2w4ZSrH5F9KOktnjYgwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBCwUAA4ICAQCJTt+cVr9QccgOQzy/Q4JiGT4FXrFzmeBv
+uoVZGrjljCJYeQPsjqKIYfwB4LtdSB/oIbpiDEDEcP3QqzflRz03D63tJRAyGT9M
+i+YEI9f4YTY+WJMpZIyPyhdlWx4VgRJD7bkF6ctD0HCQuss25DFAnYtWzvsg3qFO
+txxPT652UZ+E4OI9uGJtbQRa8fVaB+wZjpt/6Squtokntpbv0oQXQwG1TUzo2szE
+3hItaM45SiEdwmjFgInlmTkSuiXDEyr2XT4tEM8MqlKAo/jtacGnzp71dXPMUdj4
+DGlCNxQvLG7eSeStTmDYicAaTa2tsi1HzKCu2ZG1r8uvvkOPso/LgT5FSvVU2h4G
+lPnDze0iE9pPXov2p64H1xQiH6WMJZ9rEQKd1i39tWJdsZ+/ZW5Ejhm1rqJMvmPR
+Cs2l/NEM6/B/kEet/QJlgrHE845WL/N4ejSGrjcFh9CRisd9nrODoGSfAqpajCgJ
+oFMYq/1vtR5EbepQUjdOZcF4vkcwiO/xnqJxVEge+MKF5r5shtgodU0bFVvAgCYV
+d3MjkFpnCxbyCmcgYcCIhfy+IXLT115ZfYtN8xuAJZ+1ak1wGlQ2bUnz/VVfptOl
+hFApe1oMGkSzsDwHWjNl2+CTxjL0ieXR+P6Nbn3JkcMNXu3IPBFkT/VMh8XXxbmw
+yuu0SGQTZA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHiTCCBXGgAwIBAgILYK6GLFegRUxeXWIwDQYJKoZIhvcNAQELBQAwgawxCzAJ
+BgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3Mg
+YXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMy
+ODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEnMCUGA1UEAxMeR2xvYmFs
+IENoYW1iZXJzaWduIFJvb3QgLSAyMDA4MB4XDTE5MTAxNzE0NDQxNloXDTM4MDUz
+MDE0NDQxNlowgaoxCzAJBgNVBAYTAkFEMR4wHAYDVQQKDBVNLkkuIEdvdmVybiBk
+J0FuZG9ycmExEzARBgNVBAUTCkQtMDU5ODg4LU4xGTAXBgNVBAcMEEFuZG9ycmEg
+bGEgVmVsbGExSzBJBgNVBAMMQkVudGl0YXQgZGUgQ2VydGlmaWNhY2nDsyBkZSBs
+J0FkbWluaXN0cmFjacOzIFDDumJsaWNhIEFuZG9ycmFuYS0xOTCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBAM0sDzyDqobny8Y1c0FUJyDsRL+MMRJZoTaR
+dUBWgNEmDVAfICQqWy4BYSe3rNGoAiMJNCPLA8EYo3XIUmfAQ/hBkxmVbcp/kkZ2
+q58I4EC7f7L7sYAdhdmDrvcWhQe+ZvQXyCXKBnKiiFnkDyLwkp+W6MqcxC9YOFxz
+jslUD6R2ju7Vv/9jq2wikRWA1/bPxQsuzsLJcyDUHOCMRv15MOugNYq4IjXHc7i/
+kU6wobOOKm8UD6Sls4O9p//Pul4ueMnXMqcEU1kyU5iT3kotrerBa5FnoYdmaTHg
+Y2kzwTpHemVBYDfQT/LXtED8mJG95SLRymIEEclGdqW8Docj54Vr80VwWcL7ySvP
+i5tBAEqpAKn/YAIyAwuHVTVDc/UiW78yat3BKbeUcx6Bf8JHqvR1k3ERzgU/g1c1
+ICJWqXnX81elGPS/nB6uYnYE3q5G71P/crlrE4JdfbVTcZwaN06DYq+SEyjU24Qi
+phGt4RwIvn6YyXnyrjtFdwPaBkvcKM/wdPweCt7KDXNMQXZxP8AHZHBymtF83QrC
+jCpCPiwBoesCixXP9XU0GfiSF7ERMXqb05xrd8Z8RdTGkxqTa6cB8aI0wyNpYkkL
+Pdq0miD2F/II9Fijt6Ly23ZvMvEgnEhGp2AUTx271UF71BnQIVE4WsJIEhsyOFhQ
+REFxHh7JAgMBAAGjggGqMIIBpjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQW
+BBTAwXRNxsXBB3sDFFhdWEDJeDO4ajAfBgNVHSMEGDAWgBS5CcqcHtvTbDprru1U
+8VuTBjUuXjBVBggrBgEFBQcBAQRJMEcwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cu
+Y2FtZXJmaXJtYS5jb20vY2VydHMvcm9vdF9jaGFtYmVyc2lnbi0yMDA4LmNydDAO
+BgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMEoG
+A1UdIARDMEEwNQYGZ4EMAQICMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vcG9saWN5
+LmNhbWVyZmlybWEuY29tMAgGBmeBDAECAzB+BgNVHR8EdzB1MDigNqA0hjJodHRw
+Oi8vY3JsLmNhbWVyZmlybWEuY29tL2NoYW1iZXJzaWducm9vdC0yMDA4LmNybDA5
+oDegNYYzaHR0cDovL2NybDEuY2FtZXJmaXJtYS5jb20vY2hhbWJlcnNpZ25yb290
+LTIwMDguY3JsMA0GCSqGSIb3DQEBCwUAA4ICAQCVu/0Dsxhev5ia+yEOYHkm9acE
+CsTG/706jqsuXA0NW83tp/9MA5XlnmegDhQaHpeJFclE+hVd2VJspwWi0tT93rVD
+QT+LwYEgYZsC+fNsr+8f0Qgt+OLgOZEB3I2fqKhrmea7kwduRsg01qTZ14MFX/+Q
+jKYcXhyEwB6vpC7e9mvLOdF5ng4LxB96KdL99Is53mcx4XkG7HNL6wIbOOkI9Gs9
+SZX8ySNMRdPMUeWj0W+YEernESmutSiR2SHci5MEmFlFc8GOK3bgGdAdVKsU+qX0
+wWhtfZnHCyXwgcHPPR27CEMDL94HRSmYE7wZWOBvkvpdluZ668/ADqb5tdH9K9bx
+XR18zq8G21+RnEvuqlB1JeqryKaCw/GW/iGQBfSpHPvnWSX0JPUvHz7ndHLIPQHT
+WqcegOYLumiy7QzkckANkl+FTQW3/V+CVIa8Oawujt0W2M2fIPCigWRl3PlGrlmj
+KVlBcASETSETlSRxJxH95bXbkw70XoeK92K5Oz92ipkTpidFyYaS/TCMc+gp7sZG
+vsQmwGotqAQx/vTd+ipQEbklWgLdWfsegY9J8ePu1uI8nWc+eMB56eEHMUnPpK8j
+W/rk9jtaPhgmMSAfG403OB4umETT5yht99rxd0YoyKgEJ3mjCB3yx4WWGr/73e1I
+NNCbXlAfZAt1Spu36w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQblezuJGJgnx6ojSIEJkjhDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDExMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAvEYh5NbXwXHEPqEz50uto6ysN+wBc94JkHpSUJmTOOiV
+ahDk7sFIEiNjPb3ltr9B1+SQ+GwUBcqhbTp4re39BPTzWbV30UAZjJXNOUEqMajZ
+a1xAuudeK9QXeaLb0jVMrRCz8tIIIsjbw0f8z+5yjIW5tMkjsCba6c4zU1J1rZ+z
+gVB+mB4NX5QO+ihInbxUTjXTyuE34n0NAujiAMtrdhHoWr4OIILl5z7ab0nK6K4Q
+OyKzIiP+XZicM/H7Oh8LZUAbluuW7GsRDlhFs+QjEWrVPhs5je4hpmt5L+QimgGP
+2YaAD9EdIRK+56Q9kSALwsdgVoIaRA2oMg8xbeQdC0zdiEKfwrNQfn6P519LuCsE
+VxHGHV/IzHaqOVrU8VAxuYd76Gs6UHt4OwNJy761/KhylSOiE3kqF5O987mge0J9
+GQFOOH/3F0QZ44v4zgoB+1XlAPe2Fg0WXNVtUQ6dDlubcc9wvsdn7o5WaZuJ2fJ0
+mS97ZjakFOqIXDu5AP8KpDqnViQ8M/kGDBhec/lX5pZX6FQsljzXD+UQmTHmBBK/
+ZTIFyPm13XS/ZbjiSV+sWeaSSrN9n/6sIu6/fXwa6r+C0Ar/2Jond6d40O3jeZXv
+JgK+RoAocL+PWdlgOUBnCJwR35EHExShS2atEDMvYn1BYhU+z4QpdUSOFRgaxNkC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRxQYuC
+wdk+IIzf7KsErgvk8eXg+TAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAG/AYjSYm9bbE2e3pkbtPwuZm7Te2eIgGEqQn8dg
+AKXer+R7hOXZaQSCOA0c7WWQw17Jq6mwGDT4x8juON0hlCBcawHXtirZEENynhhC
+vng7qg/E1KppdDhZRPIw4AHHpkH6dqnb3Qr/xu7gTE+Ycc2DTtOvY4pkbFt8RYIz
+q9aQLWVgU0iwDyiak62Q+vB5E+NutOX1khXx1sfuqeDynOuSvqt5NOBBEqvtVqKE
+dsekaEi+yR+mFhyuIEBNnn8Oyh4ElUstpNn/n3+DeED0IkRttcKln+r8Mm/KbSMp
+CH1M/xsLam87POciSr6y//sKIoiezJy+0OGOzgszKQl94c+yrAKhaIkXvoMZ7lRZ
+7i+kV0KThHGPGm29Y+gUmIFQrMn8OmL5L+pqmUnWBaaEYTVoP1qRs+/u+JCUckdS
+PLIUHqMM/FApGzxlyqZ59zNy1DsRF/WBLSpLreDLkiWV9ic2UF4U6WUBzFHWunY/
+DsJpzS+PnD9BUufgnLF1GodEbUo2YSW7NDd9Di3Xhu0a79hOT9TsnTYcqNRPG92/
+YpVlrYKvBnhIxHbs34HUqLW9pZ8ax0ZQ2yV+C43W7VTtpooOj1lt98FgPwZTy3eV
+FPXzTISgl7VdfbNEZbwknsPJ9C+dSrQRg2VT4uZhOBYSAgw0k9leNupulEO6qN1d
+Bs+l
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQD6Eyl+qtc60bqAddkWjZ/DANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDA3MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAh7EvsAjhCUny6T4B7/6W+E8y+HU382gD+AUokCgGsneW
+h7MdAyk1qE6C42XePnp9XobAJtqVlnCw3KFLEjvAv4MocZL31OUY5CvWzW2V5Z99
+b2ancDEgAD5U6s66JaYfw35nwomYrjCJyKnhNzsE2X3R2VJTT6KzEjbvMAvWPDEY
+YX22vRZiCwWkeYT+XIZg+jTVtwYDMw7ClPKeUxQnfmruNk1IEtofI1HDfBiqNqft
+1byF6urdAKvGf0sqGGSn4vOJRxCIARwkgx0Al+QH4JxntEc7UTQMWxH/66a0yYFS
+iKj5fckfL795N9PG8vyL+oD4ezu4K3MBkdO7+VBIB8CU1VRs1mA2sFXVMdwvewlV
+HqQilAgxrv52ZR3xKbJIAg7RSUkYOQugA3U3d/+mz6GbhrkjUa//Fb5CRHBt3sNH
+pWbULfAx8BlSGnWK/w+wS0KjG8feNIY7yYp7+OBA7wqcqRBHXCYlY3PTKZs6ZTSV
+VpMuwuYvclvqhrE66kGTbtziUgV1JatXxgIvd2Ee2Coy2XLXDBLKQPOpWRezPD5A
+CE3bZ2mFfYiFAWHkXiGgL1feXw3Vwnx+1eZgHQE4GY665GPDX/MaVKUhrDBvjjZB
+iXtan3wBfz0JgI+V5GvVBPvclYfnmrV7Ld1FiApeVQcma8ghHVwrSmAVdEcAGK8C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBQ1Wnoy
+AF1mQL5vTQ545UNVYplRLTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAGZx4vuq4nhIU9O6eDzwWYLOEU67bjShEB3WVFIQ
++C7rGk1gBct042rbGZ5igw+Km8M3ij7evRyc6u8FAR2O8Lje+FejYdS6RzspzFfi
+kQSqAtzkOVzqaX8Qj81vv9EvxF9VN3pKraAWsEEwFvi2+O7jqJkPBdWQmXs5Jchd
+7PnXuJVsL8O+THD9Dl+NytyUSYIME9/22+s1gEG0efwtw8DoH31g6CiTDrb3z7tq
+DoJX429HOkDj8NuCflqaKL1akYRz0HPuvK6vgLINvehSY6N26ErRTcLcmYxVpRVg
+eqE+LpxTVnRf4o7f5+UfmLf0ouA53+gU0To8nWzNb/GALZPsJ6jNtGod154CRZj6
+v+ph4HEu69Q5rKOEWNBonilKUT+SosaS3QL3Na1Zt46sOdhnANMdjbH7KrBHofsa
+PBaKSH146JIIdUM27YugJJkFN48WvanYilliGvPOe2Jslx9P4XOCc6RXSU8zcq6U
+EBUy0wvD5jWsl/n7QnqINC7LDGI2XobO3iVrv9nwAMevthVgEAu31Ae5tDXvbzVt
+6jBoYjAHcuYtzuuPQsp8MSQAgQ6ZDEFTuDzfUlf0wuxhaTkz9Y8mgmsrfoU6itoo
+33ZnnLkmwmhUjUGgrH/1OR6+XBw781r/desUYMZhy2uotOKhiSQ5O7gkxn0yQKnI
+9ex7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQCMLP5JBkZYrJvB8W15UqQzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDEzMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAnu2WNqPvv8ewWInjsa42GszGnYbslxCX1Oo1y/RVF30a
+HYU2urebqaGCl2hJhuS9QEUR6/1zDa5efNZdyuxPNhXACMdN1eoIEbOLqoygEAiq
+2sEHmPeY5xHuxy/MKdiqTLvwXE1qUnhJOCO5os3Hnxpge/sMVb4dDZFcZAopdDak
+8SSFSbSgV4lar5bXEjY6jhxztSB21Z9hmwuP+ZzDBLxciWcr3ZLHSFmLbwRT6SUe
+NEJwnZ7il69uNTeQHZrdPPfnwcgr8PBv0SmRLiBaLYSyF0Y3IeI+Pfb0NYBlWbaC
+0jHcSTi4FMKcPdS458lh/tQceDMe2GW2y/3SgnqjYZzYvoOyV7P0puu2mj/GstDK
+oFt+Fz4/mIOR7eufOU2Fsv7TPIWGYxy63i2ZJJ9psOopqu7Y2Df+mBYZBEl86QiB
+s6Exj9tO4GYwwLe9/SYbxsZfVgieZJod2ffI8WwIgiKe0CatAmhee/+xuD/rY+ky
+pLLBGjuaiIV1ctW+3/u5PFi0fIor5EdiawOSVSzvzhF4GlimY2eCD/c6H+Q9GKbl
+kSK5F+w8kI414sMuZLLb7X9lyvw8/9Or9ZZ+DGe1roZu5w52N5sI+g4Woz8f/TnR
+4yqVv65k7ALDe9v8h7IyPM+qx0itgOM1DqImIS8mk40annsxZUHcrGMIUZC4UKEC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRtB5dt
+0m18QpF+Z1epVMBhqgNCSzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAGOjADqtGz9cxCBX6XjkRn4F8VSn9dSc3/ciegEZ
+TN8NUyHhwDgHwErrB6i0rxhFNZPwvWF8TbtogCn5TigYNUO5pHB/8DsYJhZetw1l
+PT5bTlMfp1bF3EZNJqCnc+BknE+ZZ6y3dGwjDhHvfMesArNjtkZBCVLYjxlWzk2R
+BJTfB8cB4zYa/3I1s5TzQ55mRhBnxM9MyC6cmEGGcLJ4/vC8Ku1Tvu/VDHPsVT1f
+A76gpfU4tKhyLZPDclzocbx44eGrPweuV0sgWXrZda1SlVHwAuvCMu3cC7cROf5r
+2qTNTQXwqtaUOdfzKOcg9LVDmrC0W43zRnI/3wIl5nFGlYH8CDN6+VbM39Jh48qM
+HacgkCcPM/qN1c3u+1zFX53ibqZk+CWPcjloLs7PmTED99CBbJsN9oOpQ0Qq95xr
+hMUUmlvcVn849bkJHuFQSQBYr88MjBcLMjhu4loGmNJfRiwLOsrUeOctUczphHeG
+jwuBeXUVW2UbSmYPiq0Pts6VdMUMO/voz014s1Pwkfh2E6kfexHkJdbSVlcv1i7P
+gEAW02+jc1m2JWMcDlNnzXJ1IUHxmvJHvVqfq6TnDYcsXPNXU60FmNF2ZtbaP1Pa
+CtAsfIe8lT4NKP8068ES105Tm+eDxdvU123fntTXWAihY7nX6smiQWqR2Y+3fzVI
+hdan
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQAquMn2kjUdDPANMA7ekYPDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDA4MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAngj2Zr0BpWtATeuoH79QbbOF7lOopDnRs8WU4FIUe3yK
+Z+iqvCCzxz6SMP4gxWIddrxm5VeQKSFP+rfwY7b8LlbFCNvZ4GbE2tBamfWZ1Q//
+h7T0xCm2z99AwGf8ni+1r2JbkV15d8KYM8FR+Sc4uR4LKJxFYZBHevCyNd/lBcHM
+uPzu9sAhWk8psXosZ9T/wgOrJ3fxFchHDthPbMSD+Cu59yEqsIpL7AW7y7I8Tk00
+xD0urirZadsVnni1gF9HF+qwbJevVXGNkAh8WyNqMYGE9v52cjgo8eI93cZPkpxv
+xN0xskfrVdHFunQ5PXFQ0oEQwQxJyQzvJQy9OTUcYK02Q8MpvcJ6KZORyFwrFCzR
+zPUcNIh5uGkI+POlTmxmnjTZ2Hc4dWPSzjVjJKdyOQKz7bT1Euw2M7JfsfIX1wAB
+D0nkrtA5/wTKgGMc5OPvlyEfH6CKw/a+hC9SmTz/EDmMMfaXbNlR6KzshHK5mcIJ
+HAcSP/a48LYXthx3I1hSEnA+fxBvqfwhuss7ZgULd1dqF+TOlthdfERn3TsWartM
+ILhi07FqPQZojeic7ACNcBDOTO6IFS3Et7Q0DISucUG1MMhYnuIoUx9c4WLYV4s3
+baaOZ4nfpSHNmKyeej+as31lI44xOwims+ArE5VtS3LX5bBUYGpSElDbjHHNzMsC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSFy2OP
+WO51gHEsoqztVoLeLsolizAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAJaMA/WqFANuglRv6W6rDbgTPTIVaTNJeUgEMyjm
+oo/9YNlLOvT+ISJqkak97tNyaIsSXxoiqf9rvTG1eGrp1A6qGv9ZpuVMq1ykyVBN
+xORPwcp1VD208MeLZ7OWxaPM5n3YWgNNeMG/xAoX+7O/MNAnEnpzI+WdHGHYZDMK
+wymX8lNrN6vL9CICMUtM4tNaUYxBrh9iPZEEDd8kIv2tM8QVWeBqvHMKtpyfgvfv
+Lh9kULs0+Luch6FhhnGMvGLa9Mly2JjW9QMvtF0td8KKvpYHni4u6FMmTKNnCPau
+OmxupwFacbwYf4VB4aLVzyn5izylg488wbLgOCPz5GX+xI+UkTFVp1aFMGUayhGI
+ouWQd4rUXmiB5HB2n/JvHVGkRNA82tDXSB246ZpCjS1VjaPw4gfiksO1WxOUx6CI
+Z3YH/IZQG3aHhmlmywWVYmBN913ZhM6xAUl0Bn0k2xKKAMjwyfk6mUCKiySMHcl+
+mf/GbOo+U3uwLnGafFyM3OIpG4Lbw3+qB88Xg8MM5V0f02PAcJ0qsh9btWYedPVl
+X2V8jBQsi3GC8UOJB3ZY9nH7tqP/VjTzBKh9XgoSdfZ2v4dvMwfwD+hzqQPsJM4z
+P44Sgdf+Rb3/k4DKV9G7kYX3uJUmJk375RnVG8B7GH7ZuPHCQHor0twn0NTmwCgm
+EE04
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQQNvpY13xDyhGNvCOmHmbtjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDA5MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA5iO3TbMw4Ix49zrHquYAbYCgl8vxbgWMaYZxjCsnFMC5
+f2idLqhfvcIOoaMGz0NFZv4+CM0aNy1yItjK73lnmT4QfhRLdFTcJZhhU7HpIWiz
+rc7SDH67zYTVpT5EgS8HwDMeZE6q4QGTDz/IuGrsNg316zrQRR9iQOKPmiCISkg/
+VjlD+NTOtUVIHN+750EyeHcFKHff3Vn+S2aBh5tqb00ZIsSVi7FhEezzlBHfZUwt
+BmfKgfMkB1M76HAom0+jHV6WBFvUSTbXinkx2KpFON+896QeXX384mw6nXUZyLnt
+ZUbi2crEoaXQpk27cT1NiDX+XUuYZWxkbiix8WQL2ihSRX2PS5uwn4sw+atd+afL
+gFHCUsdOR40czchHVunGLnohDX0MheZw1Pz0a/MM8RL31p/VqebVJOXu2qU/Z+AW
+hWxywYbQNVfNzjtXbaeRdlbv1v03Ar84y6ogM43BiHmZpTUhS9DMmgPHkApPgjbe
+vyKB7ar851W5CChm4CZMM06F56i99c5S+PmvFE9i6RHXApP+f8Cg1XH1pTOivpTS
+UbEZ6NvZ71q5yaeSjV6eTCpyLi2pG9LY8xpTXuZi0tPtlwTICvRy6KgglBevpZD1
+aCCN0u6RDrhOE//jGhoIzJV3MCRwp9rol3VgwNvULNw08z3tYLFZw0o8UKuAz1kC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRS8NUc
+eS4mTIXEEHsLfI4oew/PHzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAIVgniFibv6RG1CeyTY+ZYMnDyKm04tNhiGOKVfq
+lyg7YN67trsdt9ZV13fY4gK/zyjrXo2n3ARgRF4XpAfTtBChy519/3kEhLpFjJq9
+ZNyzG1KlXA67Xt7G80GvhD2xO9FbSZsrdMbmG0dfxzibhx2Crn+R3szhl8q2OeDU
+vp82kWIQc06xsBzhc5tHvzVxzPURtgaU4imvZvK2uuF8RB6obb3KitmBaQhqSXez
+UiNkGbUwH2p7MGSPpXKukk2ufhA7Sk0ufzlBFRHGFJ55k0/WL5Q+nlFeMf7wdNU/
+tiG6l636hDvVkoLu8FHWnKcdzI10n+D5P1bFdBwpNQ0vi/d0C3rftXgu0OtxSTC0
+5qbG9u9iu/gFi8HlOY+rUjjILMylpaWBhPWxKN7nQM/ckH9icF4IIGFKl76Z6ajr
+d9hFhSB4jzdohJSj9tD5CMcQt4d7vd1c0v4JDbjL8uwNPFLK3jHOPeHpW4TrxW+y
+D+6QBiCJgGGo5OP5vVV0cexSUy7feeQ7MOlet9iEbc/eoRle9aniHy0/IA0YwyF0
+Vjoh81rfrShX9XOWnIVAv5bxoLN/5VlfW5NpuLWemAQErEgEPTlf/X+Bhf/kaFEa
+oEMz9TEM41EVZtOP9+A1DfrXlZunLBcKhC0WK4egKh6N91rPl0XsNU6kG6LQ5at2
+s1tv
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQDTJp30WNYJ2r5PdCEREYujANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDE0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAnNaSeRcqntpXA79CJjI718O+OHG45zJLtXVoZ36epC51
+H9JnWCUM8UJ3W1wjl1B+Q94cKaI8gMIe7Z2p2Mdjk849YGKGw6g7PUMbRUmOD1eG
+8VIPscjOmmth+8Uj1X+/LzMMDiKXDpubmealiTyNWt+u4FZ7e8GXXzM0xjg9l49Y
+K9YyG8NqXleIOdZAzfFMimC4LAyMpU9b3V5j/O6xL2hHVWVkOogyzX2JClhFOu03
+xC/Vaazay+xX4g9jyeem2r9W3jDWRPZwWZLyB2jR3i/KufxhVGfton7RBDAk9Hpf
+OKXpeOrw3VxD8DNU3VgYVrZ/1YJqsFQL+JL9+ZsjMu5SuY5MNBFSG3Je5EFt9jHA
+JNLw75/okeY3PLNEkSipbE/r6hnYr0qvA7v+m+/g1dgTOcN7qPn+5gYLxj7hvzEo
+RfUU42L3xx8m0eiccf2wBvHdT2nLzqFYuL6ngrIdJLOcPoqfHCbMYqXeHuNrWMU+
+P9OAkAvrxemVbr5UAUCE9K8RLj7/XPaHeJn4lVGMaGLXv0ExEfYjNGjF8p9dQqJI
+YVaopsv2i17i3WBQhNrkvDibJNCJba1lQPRCUJs6Z1uBlklTTCdjKOXvMlcfpwMa
+/2kbLN8GE5UDr8751eF4YHyliNFK4XBr3bYqXYlvvGz5pYhj/oO4t0C0XCvGv68C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSYpzkm
+25WmeGuTmu+d442JXAvvyTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAGJkY8rLeldY4MF+HGlRGdvzyP29sTglS58uDZwc
+ulLL6ptpHafwWqeoSGF+D+1w1G2JPH0Il/b4aXj/N8s9FycQ4GT+jbacRYZGN/Pp
+KDuM1DWVOdV3j2isQxBLj3F7dl7J/uM+TX/xlI4nhnBvs14oQBrEvqpMo7qQNfYq
+tPUvEBqhaWEvzak86ePHMDEHt88fZ+I9eA15wOUwofasgs2lFBDjqPvr2wboEh/w
+4luRV5hAaVYohY+FrsHINuk2zLuR/i/63CNkQ2+GN/UuZlLzGydHaFm7Fiyy6Zsv
+TOXatdYsA+gHcyBdAp7J2XEGm1vsbNJAMlPaKYvWXkV4K3NVWaAdDCj+9P9ibLsa
+oE13UgNlV2hzqA9w2ANKmM4njlgjM3kwW6lLjB4mB+TLu1Yo5qEeaXARHM/jpNAO
+O/dZ6PH7kgDls/l4fX6WPKzpyiMaxNdSybprLIdKrBC5r8vC79OKrfXXyeKZqTjT
+D6s5sDR8gYLJwIkpYxGkE1msDU54P3Y8QOQpMFJtGoZEPvr8Sgo2peFj8TaLKUDV
+QQx2GNqtGAAqxLJldGoFxb7rCSrvaV4/tFtLmnNMymIO/MG7LvN8QUCs7sAWxiHF
+jTifgCsAw0gQEeG7SJLVBtvkcGV9hcm8vXRh6mQiw/wVOzECYDiFupJDE15pMmEE
+Dkl3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQTayWnuF3dpvHngbHBJFLcDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDIwMDQwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCfeRFwGKzmuKMYll1R02Y+hYTpFtPQGnBBaeRIvuFR
+QaXomsKOQafjjigc6L9zOf+8tTf0/XYNbluqF5wcCnNQROmBuIR8o/p769i1RwEP
+htxfy2ETO43Ln5HfCw2WiNmiYIFrt1nPtL+p50m5GH6NC79Y/0bMhaHf7BHexKgx
+IQ9zhA8E6NSJ6Pozvra2OV/B8zxVu9CWJy0D7pnx5p2qk6sGxz+3WEageafGLypU
++8kTlCn/C3LSmRs1j2mcnuzML6rH5FAgmV1EDCyd+iRqthuzqtl1tviq68Um4Daf
+8VyzNZjfX+yan8hG9iKzRdkV37EGDDtyUAaCaB2S89sglHWDOXdqFrRfTP0oWHKX
+9Rn969M+smmc4UIGJX0+Gck+Gnxr3TyZ31bV2VdgnFN3JUsM+FmXQTbVPJawUQ6t
+dFB8pE292oI+3YtFYIcv173fFn4LSC59QGYlgJl4QCGblmJ7VqLrnwbbWmmrnC4H
+qAhb+l1SJGuO2YS2KjUz7j0t+yka19FrKnO/X0RZ4EF+5Mka2PuWjvqwfODJs1PV
+V12rKyOWoLBa0TBDXiSsUewb0Nbl2szJNQXYxb7G/Rt96TkS8OaNHmCsw2n6NiyN
+b8IWZTyuyA/KgA+WxDowGN4VOAPhUkglx4Z5NTceb9Po2y64jhXSWkvXnaTuGFw7
+FQIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFDhC
+6X52oVhdImqnv94exS4qUE1NMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAcmSL/0AIT2i5OWzaIv7t5QKeoqhVIQN69VzU
+6XbbiWPeT0ntuqk5Rk61akuCtphumJyvhwkpz/1+zplnE4gewU7GE5rljtPnTYB8
+RL3aXFqgcmghi1mTXrfTuN0Z9rywhMo62CWJe7n+fCLIXxsu4B4vERB+W5AlkfwX
+KVx0QHvgSdQC2xlB9XM4NURDmyBViySG8GwiY0skEUZ1NppiFldH0soKuVJI/pqI
+Uk5OD+cAUpSkIiqm+qCWO/gYbnxnesQAsKaYSLWbJ+f8Sr2EtPFalDx1emdRLTnk
+pb2BPrf8n166LqMJf02R7w4kqRjQiSxtpB0jkiGuVlxRG0qlMgKWvsTxklB3yu4Q
+Oq5HbG9QaZ7vjVC8SfTZfg1LG16L33q95fNfiPcgMQ+qDvUqQ5QV+mFcigOEi9ly
+0l0EQnZjHN4nfQlDX0towPJOpButAPd/e34UT5Kkqvf9O0+98bddzNxZgwSaYoxt
+8sYvNWNjbE/Yp2HvtzFdnSMBrdq7CyDyoFkILBM+uXQIrp8xVUUaGMmvGtuQMryu
+iZYVGkwqK7QyVxTX1AZGqMMtUcZkZ1ZpFaBCM5+5A3yaPWDuR+rb0Y4AkhKjzyV0
+ZDUdM5X6iT9HokjhY8zLAJf1tsNZehkcCC7UipB/RFzGWDI+LbHYaXVmpftEdO9v
+4ZmcCHw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQFVmnUEV0Xu5GJAQ9WVVDmjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDE4MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAqSAe63H3azguY6ZBFb/9IbvSVTyisuTckXTSXXZXMy3u
+6qIVGaxlusc6BnJ137SR1K04pWx/vuOOtwXx0g4t0OlQOopC/PTeRcg11WKIjedd
+lipIuCOz2QD53uN1ADOvxKPz7EnZIJun2tqwZ69myS9Du2ov4lQUfCb6C1ZwCbgH
+FShPBcT4pTEK7SscSRYNiyZou+mqAFdm4sD+RUbYR852xUBED/IMX0M0549oKkq5
+7KMwLqDWhp3HUSs2/+l2epYHpQ4Nh67HtjC9ntbxD6uFNZTnMGEIY0PzpAN32CJE
+okqOwpeEeXFz4y1X7P3LDaLkGuYTMfKBfVnOOaW3NcvfxZWFKL3RoW8n5BcDuXuH
+G0FWcrZEM10KbAsrE7gH1KiewD6jaynDFIrsvNtdevwFf9jaSbVaTvzMYp513rZY
+c85J61pUv+0gtV5+UE+LtyPB7rY9rm40tOuTSIlmypZhA+x+3lQzfMN8ZQMgJ3sa
+rY+oFAx8S5S2eaQh2P86jW8niCQG0EhnYPlNkELkbZH3keoWKGQiZ64h7NwhKHW9
+ZgshA0sb83kSyjzQjevemVDbNWsP6GFv13UCb67u4N2NAroOCqPm634XNYp7QZyY
+5MCiTiuQlNjav0jXrDIDu8u939SYM+qmv8m4bBeoSChR+Ec6OCph+AyCclGoM2MC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSg/RGn
+yV7XY6MXqWUaiQFHZYucwDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAHQwGFR912OIEMoBoNjhOilGZCQ7LRL3jScMCzlS
+1h30NI2kE8+42Dy0QiRzJqtfjYZfSS4maG/6ALK74L51vvDEw50vvN+0o/NIu9qy
+2tYKo184WrvyH0iHhlkjiMbWFP38MbK9J9OFCKKTpMiNtDEQ1CTHaIdyLoQfKgtD
+Vm7E7hrdylSqH53+5TMiRcWF/EJZRPwUGXE2Riwr9MceFfpW8Y1qBuQA2Bt4FZ/j
+BwDgy+okOt0xaldEcxRGnYSJp56E03LPDof96xBtxy1rb5OauRQ/u6OEjgVx2mTT
+BHjwso33DGKm2DE5u7rO4uqCdPbJ34msYai/tILq1LTn5Fac+cq9NLfTwwpu9qfI
+raUbkCwEYXm/fA1Eyh/iVdXfg1LK5uJVuZuLPJBxQUzfGVqOdwdaNKXn8wQpedXs
+fAM89PwhxsdNqBB16xmNLtVj+vdvSR9yCJdSgjGALzVfURmyPq0BMDIWuSGGkkoE
+hIHNdPn3d2lmsWw1B4VlAyTaPkYFYxZfz9Ry+Q8XJFTdQktunum+5SZYOulpQ7s/
+8LQTkO4MHTcOc1d6EYFLMcwIhBHVwsK3siwBK6aM9zX5+uLwNn0QXVUXuQz8zBKu
+kLL6/4FyV3WvUHITIfInEsJxNrp3z95qKaN6kejdAcvM0mfW1ToSactvSAxsoBR7
+Crjd
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQD7y/F2GqKvb12iErWsqIHjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDE5MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAhrne4/M64UPo5tEfGBkx0JN7atJuHGzOP5RWwVYVBLPB
+HQGM5AaWjji6pj6+djBR0P6jdYBaj1Ld7UpHN39S/LCQinxwaQtdIjN9eFkil23A
+jc005GlkuTZRZ25BFonhyeEfPlminzriUfiNu/TqsCHHJtUZmQ2XBAdebXov2I64
+cYIae8RfGdRxkAYWSlbUzh/pWGKbYdX23TP7BdwBPlYBSuB8OpUN6ZVNVl4CISGe
+8gPb/EnvcVyJYOEgtIvrmq+gEQUXCG8t0zo89QT56IRdF+JnuKEIOjD6l96pj0/2
+pJHdwTATbDxm8G9tZcSCdIG4EMFeIAIgg2EkyWbEb8pDA8yYfg7XFsxaL6lWRA/5
+9EDIbkFm6WQkMNC0ThdK3L7icI8NFdtZ7AblGfqntVrSgh+dtCVJuKFoiN8yhfh6
+Zurcfty3UnHKGVT5m663CUhiCGMUUY8/8D83UKqNc9vTWSe7m5GHPaAmptZCDJV8
+S7PA68ENtSY761ksZd7Qg2iD/LEZfcIcNQu29k9ANattAV33tkDhx3RaVz16SGFU
+5xEEFhXmBhemktEUG+klE9//VMEnljPBS0N5l15oWNHY7vTKI+7EqceiaAbzL+J7
+esQcaqnYGGV9vXjKp1wA4rl4AG/rviGG4fvQ2SF1QY3J/YKv6v1npT+L8fjtNPMC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSCQeYN
+v8ryW955JjfiuVVQqqJ7+jAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBADujU7pC8gBhNKNz0gZOuLfaQIms3aJUXfH0qzBz
+Oxsy6yT8ClO41c09FNqtZZHyj18YeMLbbdfmDgpq/q3/6GQBeA0XMd9oteI6ldj2
+NbG1fmbwY3ytEBnkJo/b4ziJabrD4H8dlXZNKf9vRSbDt32bZG6Ff9GjEdgq4kLp
+Hnicfp8sEA6QPSCaA8KG7Xj3TYM1k0cdUcq9fr9d9PJsbEvDmwGqymLLb9uqX+FC
+bTh/oRZYLbw1W7JrrFZyGsGjOsfKtU7BFx0/YlKsK9qQRgHyC28Us3E6NNvpgzjq
+pFMBi5wplQa0GoF5BA2zJEtamwpjCAbPM4SllVL1lI+0y0BWKArcSdWMHUEohnzs
+49DckXqLb3+7ozw8ylt+FY2wQQb4t0CIXrM3GLMaRqzohQPlio9P54A+SCDlh6/d
+Dm4ACBpT+xATCcmfyn2LtH+RKQzZ3jS4PfWvrBw8T/3KGITmj3NsJN66oo8pxi2S
+9/hOxvrwwQjmarTtqWoFI5fk1lPCTm+SgIfh7PYzTjbo/xqlgbGZ3zQS6q19fWl5
+xuSmfJczVDN+mAQjxbesSU4FjRkZfZ9iUSXe7XzmxQ1Pxy4ZCFfoyKOWpaboMlHp
+Nin6/pymNJKMRFfaZla473G59kviRrC/8kkBwvILED4+RnIDMIN8M6ZFVJy8z53U
+mx1L
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQf8LTW9Y6JGCDHTNtrx1OzjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDAxMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAnA2MflXHv3y6HobfK45jLcEh9tMcKuERrSZ/t9jEJeyY
+TLfQrLuJ/lX9fn8qk7XfrKtycvIlXKNXwQE5Li7mdp7hnx9/NcB8exhx08/+plZ7
+cGoYpAu0rVhjSuwAsaUj4pJ6QwBJUC7m5drKj28SVzFvtWwk4RJoZNtvGmoKtjOm
+I2igK5uJHaPN/KXOFmg2jjrORh9MsQKki/94p1ZPygLQrl198prpAQM2+zNBGDKD
+tfiSAzcUPWk5ivEv40hKt5bNNHXh5o9RRA3p7oU01GyeQtwsNgZsUtx3D1StBKX7
+WJk4OXckL4gHvQ+OQvvxONNf4EetkMDR0P22OcRjNZqIEeQ0x8b/983EwkBHhsX8
+W7KjuoXU7n3QwOZWZJB7ehmpRIYSKCDHAyw3xhbcVJnp1jOImpFzi9q2mPmyNccs
+NcXBkV4W9b90wwy7ud0uERTXutCdXqFgdEY0TkHu7edh6cHsSkQ2CsLR/odDjM5j
+JmpS+s29yl0JucA1i2sKKdR6IzyrrPYp+W1CBTN+vbgJTDmFJ5JfZH62qjPZAtaP
+oUcv5y8oA91rMQYsnnMiHQaexDXnlUivbk7rfdK5dXaKC+O/IknzyQ4Eyrl2zA2c
+NG+hGcYbmCKzfGFyJHrFzag1O+efrC/F2khAO4ztJM7488faUHhqCcluK2rhfNsC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTUDPuj
+Pr6nVh5j+iuuTkr+cMmR+zAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBABVfH3hBQB5nOFvSU9H0PtnMNNc2+FclTgZv/I5W
+2qb2Eu7n2jXkH4KJXTjUMDoDzkrl9S3OKBZedcteM42z+OtXlSSKERI61dL3taHP
+f8fSK5knc8eS6zyX19FpqyJjnHDGO1LhJsfe693OL2yMzn3Fg0IcdNWS69ecHiCP
+6j24lKe8lU58IUaseShf70JFw2FAR23TQA/3HbdTIHJbGKn71sbROTj22LZxOII4
+2fDRWj8Oof8QsCgTAFKy6w3FQeWXO/9zyFPkYybydLkS6tpgDgBfHxNUdtX19nHO
+CwOF9xDVsLFlQXdQNGWvn/JQ0jnRPcb/2jTnsm0Es7nyQlIhh5/Dj+RLtNL8tjij
+FoYAnAwY55fL/j5MMa3WpDgnFl6ZVDh7ipJuZGZWs6wjTG5kaB0Lq5VmAs4OED+b
+1CvewKPR6vRq9+YiPlRcFUrKcJag5ZPEw90dzgFcGpjIYt8pWsxryhqx8i+ZbIlC
+AJQFFRjScfHiLX5aLObTUijfHyllrDnRGb3J9RQNKa4/5XK1QyjY69a1P2ivcE9L
+cL82ZKkOhX69wnCMzPOLC29o6TcLHTOpq/LGjzeCvlVV6sCzF5LK/8SDDiWw4pCQ
+3yH9STwghrzEiK8Jwf1iWdPvJriMh4ctCoI3ZXSm6xceU1NCEF/rS1I6vjBeQWj5
+srFw
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQVYW8Ke2CeVscfic7L/x5kjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDIwMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAnOTE81JUOF5/+HTxL1cYrYZYVE9v30AxC0MxahLq4Rym
+4CqkbNVceVGoYD9zPG2+QW8jdVp3hL1t+0vqt6uXQb37wKicvahX8WtoLrVChS6c
+rwiaNf8mKjoaKK2JnMOK1iqqosX31JB1wAlBmIEDlFckc+vhq2Xf2jcgEAFLR7WP
+J/PjDR22az7vWk7RHl28vydO5ds6ZLVY2yOS66oCq/nuczZoN+94btNRCkpAOIzp
+URNPXIn57kiRJ6KAcTIKZn8yDysZvi7+tWOUi0uSI5d5HPAapQWfJ/wJGwlL3glE
++VTI+g5tmbv3dzG00VoUvTVRLEhEUWCEjGkB7awWL99OaoqI4uF12J/+mjBOx6xA
+gBpkHN7wCDNQHxklG3NrRUFmh4qoCh1tzMyVqmiWNByGzHoUXiixl+IGM9fPQiXX
+y0v9suq8Z7D/7beGv7dRU20Rtqz9xf+N46h5CoV9LL7S0mmqMOt7AKjMDUjnOa4z
+RneKAGoErsIK1Fvf3JCSrn7uLheQkXaiZnI23haUH2Vr8njFwA1IVi6bMYpjHPXw
+VlcvhO/Cmp0nDiGd/VjDQdTb+/Ep2GVwloOQ3u5zHiwiotR2BWhomDU62FXyBxy9
+OAxFYSsoSIuJsuJyXDZSGV13HKbFDQ4zyKmA4QMcuqzPVPzCpu2FPb81BuDfDyUC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRmCgLS
+A6DvOsJOkww/Tv+Gahv9WjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAB3E3SDn+90c9Dn6dznHqIZx1Sp5A9SJbQRj/Ygm
+KsJ/giiVcm7zI8nkztAtCINRVcAPMlUG5XMWb2vs6d9zBjFDPSCtr1rodWMRRjD1
+mUg8oPM6ZcL37d8cR2+pM8+A9cOheYv0SEY1dWRwihUq9tkv3EyOQuGHOjQxv7oC
+V6qqmAA6lekevRTXZpoVaAVHc3wHSOdUyK0lt5T1b71B+MUx9RlZszZsjPMTZWsX
+78i00n506hWJjDhAiFs9vOozyL0GMWR+scr8uoH3BzI0RrtuZQ4QEkyZ7PfT8iJJ
+TkfM5DceaHJS9RaWeLH5IrwYwM06IFsU20nHNmewvj2u0UmlS7VHgBs33LOpcap7
+r87JetHggGmVyBi/V0kLDdW4lF7jsLv7AbPC/hC7hh6Yt2IBG1xgrVc7WrwJrBXF
+7Rvp70P7B8p1MNcjRH4YlxV1lJpUQKQ/9lL239UDxTavgLn0Juk3jCVbW6iZhYEU
+K582CgVwj/iPKsXu3wEXUE8jpXlYnj68yXkF3PxfDxC3OxabDXTrLQd4yZYBAa+0
+pFRR5YH5GruFNpu2RenhTHgZckpgeIE51lE9CijWxT6+d3rbcHoQqXI+zzbiIbV+
+2T2GTIgnDFYDtgXEoaASYfp89iABQicGk5oAFj9kgQLbKnh5m1XGJxXTwH2I2gfz
+e+Jw
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQA4psWB1Y2esAy85Gc0D29TANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDIwMDUwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDERJyMVwH1LpItJji286j6WabNc0GUvVju56Leveb6
+zm6zQTPu/+Wt6urADaErxSlqxxedUg+U6mNUAxrlnp4pdJAATOYLptuMtuY8ArIy
+gwyaN4+Mckxe+cK8ujwbG/7Jw1PkFitWN8TN1bdwTdj9o6G56AtyIlIX5/jfsHTW
+zaaX1MzOkUWoMC9oecQjELA3NonbbducLlvgC9MnNSThr7v89+EJr4GLrtl02gEP
+lz+NQYKTkTgtTKizuxFSKhAgPMomnuuhQ9f0ip5jw4rBfbYHbxXDARiEtnkpZ3+r
+55WzuYCeLuIhSET8J/k7vTmj5Uq9KTCdpL8hRXqTMsR9kEPUOQ4qyrHJrBOgtjXv
+I4NdwXFv4OgApPTcED/LZhaRqm49VG8rfmE0GoVjiSbvANpWZvx19z/7sBT4QSmg
+zCAZOKbBfpUhRUjGqoZMs7xATl6ToY7vhq/CGdoC00ra8JtGCDw64LNFxlmfjZgS
+CZ5Q9b3uVeVsz6GPJMmAoOS9zCAXL51GhKz25Vh7r6B3tbVWruD6JQ5dQAPzGPzN
+RxP9aTvNDqptUZVGemTweCoKXc4HXDkiOzev71lq+kDbqCoUmTyE4geYZp2Cjbk0
+1rEfjMVKZm7xVB5PGNMZfryVQpyuwtzyxLxNK4VfBNxybqBixJ81IzDtNAmzazaf
+vwIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFAFD
+MVI7U2mc3ROLnjttYjlSJO3TMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAeHijIfGttEQjIv65TiaY1prtav5c/Xop96kn
+c9tlQ2JtRuGrTGdJyN8fNOYmHMV8QNpNlA+h8OWuREIzvHrRIpaA++pUEMWwy0rz
+FRMO4WzRmc82/JF2twRGXVZGTmdx3lvbgM9OI+ydrYF08O0imsHrxQhogRlX0Xg6
+VnNAAgsXOvXIrv0i3S5ZOvdzRsZmkKcRuZvhs1CqZfnGXCQcDjCLLyE/m+0+2pGM
+8HiRt78Z9fzeNwmXuuMnVMsNYVnenRIsVa9dHMqCWHoVHb+IuJpMSwzcp2WwYqap
+4zf1k1afZEli+lI+oJ43+JpTATPI4O2YHx51gIs0v5CDp7ry+bkZEUvktqh3l30o
+1xeYvDkymBBgtII0xVUblDpnRgLHjITFLFku2Ql78QipkP6CzP9rz60LR6htD8OE
+aYxnAbawpbku4o3W5/xOozYuWgAcoCVCliiXYWNrLxJyupebr9jsLwIEWdPX46BQ
+ov3IiBT8oim7bGOiyK4axHbnzPTdoxi2FDnRyZdRMZjkGnT5A9rxbSiawLDsxGZV
+LhnJ5IOxXkUhdImyupQV4llKtaNrHkv3HJC6n8sE32b5/HL5xP+qaODQuVh2CBZD
+6aGozBTRWcif0e+5olknVGV/Wm1uWjCbiG8jTSbL7QE7vKPA3yisKHyxDa/moJZi
+DZVf6Z4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQTyw9k2ZXM2Ojr6w//2Gw9jANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDIwMDIwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDJmvDca3GrBeozT6sddrqF9Aby3swCruVt8xAogcNq
+QB7zj21SMv7XgsXBZx6z8oGBCP/Mw8Kw6Jg1ex3wFJnx24Uf29EJqWGQXSbriYDk
+8UuF15EqfCbUKUp2qhp37ia/o8xBvGIk6fuS0lPtkbHW0HdMGymc7Yrzu9xfjPS/
+hUSNzHRGNl2bwGErytlTuJL/k2vU8/3HKEHWrdOHxemQZRY6P+/bUoI5x8nNGZy8
+gqy35LBgTVw28JPgLQVyUwWAyFuXVeZugsvIn6En1k40lG8oAGOkYWfRw8q99M+8
+OdmbpOoFR96ir834obsoV2D3p7ipPytcV92Otmz3veiob8HRGd/TQe9VMxYQTtqd
+C7QXFwO02vjXTDHC9Z0MTThIxaFPpkmiDeLvL/NY8Xck2opU1g3l+hPdHNjD89d5
+jNKCNBAV8O/Ccp3c2oWxbDjmugf/mGwfD4Ijjuf0cD/DRjmohKAO6ad8jvIHPrGK
+U3bvSpU0sRDUvwyKeD7zoFbu0AfOKkVQIGD3yLBf0CJXaCin/1z/KCOoj8xUX/aV
+rU031M2LI2+iIVk38JJxb9IdykwRWfsMzvDofNo///isemVVahHakh6AdX/PqzSW
+YMkZnDTlengaja3g47GsyFWpiilqhwNovGZ8m775/R2n8wfH8Wf5JBrNgqQxpaxG
+NwIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFGq+
+OSADnE7G+mzaHju3dGvyQ/k/MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAEp0ISHoqT2aDC7M24+gFJ53BxeXVxe3Llr2a
+cjrHvs83dfjOgv3pSSlSXLmjaADH//cOjaDCgM4zX8/evdWpiti6UdZBDoRfvw8o
+ZN6kjtTCv8wKdNgn7W3O2By4UpZURlv0dGWjuNa0d038JpWLz+n5iIh5Pzcji7+8
+ahgthJGDE7HWpdjQd1gt46Amw5fVMURTfpF75Vyqjq9SOVRKMB9O3eLwtZHK1QrP
+S9UMCcCEST3jznjN5+C25kvBKEexVe+zmT0vfT7BdiMv6zF5DC0gLehFJQKbToQI
+3uoCaVgt6FhRze8QSGQaWe1KZvG99eRQ3ZzMqkNCy2a7KvAhbIRuDRPCIcinHuKF
+rmN6U0hwo4/dwlo533QqrziZF4ywX1Xe0QzBWwGOf21OsCmFge2pzuusExna1Tzk
+9iVy0espWmNso+M3uskL2iy2P37dQsgg/ZhOlokvkU4isNmozHF+MBlZaf6fCG8n
+++McHWCAb6fc3z4r7JkZxa0uindBG59nN/q6XlYY7UHpPNL1XImfxuOFN58m+nUL
+3IPN6wlaQ1hffvtfBn0/5HIEGX1sGz0SSV7zAu8a7Vre9O95znIncc5am/bSSasg
+TzZNvaodgIst0UCTRq6nLnkRd0J17RWuBR9h6sIYCNMC7Xv/th6y/SOfyD49r2jD
+Km0J3I4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQSapGBqhuAUr7IVmKDs1iSjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDIwMDEwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDsKpbx0OXArCGwWAT7ObWJKTYtjoT047T8E/o+Em3l
+CojOI/tw1gYY28V3KRwwDNJ9BREYnP574VLmyfuCY5WQpWdWgdwLj8IPtjO48V/W
+YIX9ATNv0NVZZ0FSfaUmYV6HeAo1zuW/K9W89bnmvp/0HJhLFo2xHNzCwqmuREv1
++HI//Q8IJ5xWhUD7tsv6meN/dVNhsoc4m4YXDw1Kbf+cBPc95cigeNLRBqVxB7Cs
+t6Ko9FiLZa1u6T9iWMfVqw9WVV3cxB7umYfXiIBovcZGLyn7mbzEaeokBIDIn0+k
+6S7GvE3vp64CMiUWQzGNkwBb7oTMpCaMS4vKJiIDZZBKohCK95FBm226VlilkVFg
+EZjYRvpbkalh/uzTe+5Nhi7MpeKYStD64/3MIci9w/CxxXJhZgase5Vp/6sHJWbL
+XQvH3gyGzPfPbHPAT20SEKnbq65nXOuPU//r9FGy9RJrVzXmB9nsgKL3C7QSR15e
+TZjSrXFFIs50KQSPVbZLFpmqbwexniffH1l9rl5vOhk3YNGnX2bUWHccopMppVg7
+gCNfqeAs1vmWlXZ5CVN37mYDbw9fjnTufhT5xEraH4GGypqbdhWHB4cAqfig/9SX
+LOm65eWTPH97NpVoxj3x0zBIFRK+YZOjYigzNQEDjlYBgh1cov8TDffh+/GPMT1T
+lwIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFEX2
+ip8uICsFKu3RqziKeEt4cIqwMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAIhTF4xT0mdWw+L0+CSQM3YQ+JRih3mmMFQFm
+CBR4xnzK0Ukj2bsYVHJeZ7oJEAdJ5DNbZFHGkB5IOzMFGHH/wWg1WFKbYb3n3lYD
+GxEtizvZunHKSx1rHfTOCWYW/5X7e7ZxYuYKwmLg1PsUBcvqFwB7Z3O/HjXf3RyX
+vB5NifEDskAxSJ0VVl8OXMMAXVpAffJmMY02sbLkGt8OYA+NNEaQPvGz3iJFqQNd
+hOo7sHCEIArnShKILn3c174O+80fpHr3AT/tZmKQ+/dP+UzCUKqLnWu7Ip/6LpQK
+UWK2zvkSNRvIbzFTzD3tiBa/DZ+Q397+MTJMA6v/VAFuFrtGq+rOOb3vZAc2hPcB
+REvvEpRr8LPZJ5bN7uWD7skGWuMj6l1/IC8E9eqaMeZiX6zndORm6QJ+VcL7q0ac
+UK/VLjscMOXit00YxOkDhLTcLpMUjlr54cvIXL7OYSPJl8RjHjzLgW9n3lXRCICc
+60ZP3srqc5t9MlTQ71QMAQ8APNIvTCWxdu9nHxI970zqJYxsq3SIykm68VrLPDlH
+Ylv7TVdNuoqhTpzpixTs+EKZjMyGWOu/S8+uhX9Vv0A/OryZPUtFbeTMnSkt7LDM
+w1I0OGL5EeiZ7KcLPuY35z63S5CgeuliUDxZTOS4Od+khdLz177/b7gbEZGb7/n+
+IbCH8Nk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQBNxfEbr9KweAM31yzbNYPDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDEyMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAvfqZM8YQb5H/XFzXHBf+GyzKhr+QaByd2a+GA6SIxwim
+uHawysbScnX4EHinVo1fNcKfSL9RgMcEyYMhPW4jkAQ8N3wHpCNoz7g60dKSBC0B
+kWbHltg4yLvlLskaBu7YCDJJ9NnHfgI1UpvWSKZm+aSClz5Jv27DDcmAxQ+noxyJ
+m0BgdksABqc4Aupu1XVxnSm7rhbWe3zZE82aM7FCDvgf6SO6Y0LlEFbd5I8D+xNt
++xtq8UHOSXS4hMZWm0ZV2x5sBJ614h7BTKMoJkdUSbti6+KKrrVRXYs0XudSvueV
+6k0k7kwUQgjBc8mFnMy9BYEahw6xx1rKIZ9boNg7MGE0LSFeD0NOaP5PqbYMZqtE
+Jmi98qG79ywZHbycydYIzM9p2x86XwANyW1Nk+2dTM+vpnHRCmUZDWYCKmP2AAQs
+Xo+h8+y7dXgmRAnbH6SHPnPZmmmF2p5ipaY+GQyH4hluUwEMqH+WxrTV58DTTQFN
+kJeG7zktGdJrQ04tKmyNufBjg8TDBcUoKAW2CZvUGwRdnHjBEXBNIkMQTwFVSTrK
+EHeu2TYFOnXYiJps3Sxj/GnlWYTBFXNCj7CVOoHeLTin+8wzVwpvlK12A4miH2aR
+FpkIYzf08MJ1OgKPeiZENMMaFKdAqe4OBxAahSPz+yj8XDL3nNhY+zO+hp+OtPUC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBR0RhOh
+SExS2HAfOb0qnc3rnfp4oTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBADStDMTLbNe6nZ+sQmEdStFCvk0hH4aviyX+r8DF
+T0XZ0KvQ/e1Y7yWI7GlmjJuxvqbHFN1boRuoP3O/UTdzsucrOstcwHfxJDk0Yrs+
+feDZ/rGym+LJNOxliInIrqR/9K1Jd9/kWpGT6hsyBMhUPU0SbY+glhn3rNb5717w
+yhQdKSxGvlQo9dNAWCP/6eJ5lzgYfxZtQCcOji15VmOag6KA4rzXr/oOwAc5kT+S
+aSsRF72896C+/UVCkvkp5r5vKl4zGOBnoEWyCj58BCr9zsMgnRYSewuYj4npzSFW
+B1EumMG1bAHJXZmTsSYrLh/L9zZvvalPDXyDSKDBbFNeYOnvGoJdkcMxGyWEsuMt
+CsnlPww9BnScpMPLRbq812oRnKM/MM7VBJFjUxLVio5W8lVnhJe2C/kgAYId1/qd
+I3gplUttVgF/JibdPU3DmZjJYRHEBg+1z0Qn7l1BldhMSpZMFFdXrGeIr/9BgHLX
+F+4VjxAqTyaxpko+KvDmx05bI2pDQSbVR6j9vPukYAj2o5jj5onGSBqGDukpUeAy
+33rHK8HnlFgxUKvqXxWwOjoNZwJXww1m5UD7nUY6dDlu3vp7otdyWPsfGVwPWvI0
+lbKo9LwRSFPGRrLjubIrzR2ga5vjdPY2h37KnLNrMtd/SQ7W4/tFrMMKiT1PFQwO
+DZrG
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQO0v1MnBxAUB5EZBZJghh2zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDAzMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAoxv98lDiLMT+BOwocOkzM2h3nAoQujQsOzozFfQsldO6
+WQhW+9uDl5/QSNx1ya6pZwvZc7bZUa3LQIe46LhwyE70cpP/7mQi4Oy92GdMPz3O
+qu5tg3WZEX+H4De+n9eAOi9wDl0i13xIx9SSOjHpm8tKnZlOCYUbdG9XOxkfUfWn
+BqXbAdZVkFzOaD97TWIUdGyrD50v6coOO6ebpJiiON+n7IitB4AWGMDEV0dUOmWn
+tZhkeeiIa+zJTwSryskm3Bsp8HJH24i/pu0vwwTa7tc45yA5pKQyuRi96IlhwIoF
+MZsDFYpoFz2t5tzoxxCdI2aOHAJkSR+kLFetITK+g6P0BZm1IKCXrbacHP3s/3bG
+cGUDJ1K9+N+fFjGuRMpRIOm7NqrYJfliOfC5m5IDjYkQcSEbm0mkr0Ry6jalFIm6
+SajCiihYFTDsHG47E2Q+GTI+63xuwx10x52jnbv2c5lkQ8INJXyn6245HjIFC8jk
+njKK56rrniMxwdFygRRwc09fkMYU6YhfedZUaRGQzY3K3wjv33X2HDqC8LsU4DPj
+i7lHaytZkAvjWhNndMHKBIIEis77kL9UhXJ3ml/5RKydZ3ZcvajHOc1SDnvaXWM8
+RXKfPUKiJ1FofXDbF15WgiY+OfRL0swlsTtRTV1i89+DRKwzTG540MmFgsg2JicC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTpZZRw
+L9LzpAv4TNi/tXymU7VXNDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBABB8UzWDgfykwZoWKqKLAI9GXTOnBw/71Q+LU9zR
+bYS6W6THgxcFUUariBLfrLgzwB3PUAcAA1TjpEK+3M183s3u34QVQIlf8CnTLLgm
+4EY/5fGm5dkCEvBUVkG9FX8M+Iv3L3xlnlkQXMqpjw/860AXUixoRlywrpDOhN0p
+BIS5en8UT8Fav7eJuJl/RmWU+X7A3PY955GilsykkiG7PVpneNSZTXY/VZ6cwHYd
+LYlF/FnyuU+VrSm4dxWZsgv4oHqtik3UDVAtyGZCSiTSNQUmiR7la3Qtc0AYl/Nb
+QtNEAF0qaV95t+4wIPEX5R6Pc04qGRnUslG9L7eXWxtnt1jojJ4UAR+NeXE1zjD5
+nzXa6r720VKjaS7+hm7QijxxaeGyFY7VbuK2dNVv6Wtmf7Og9EPXYxg6eCpBbNEg
+kzkl8J8zYYenRIkMFCDYYd2UCUKft+cC7xVSoIc7SL/UqDdx3ZOX6oPjLRP+OkfT
+JAnUKxuy4zzWb/qvx6jS8NDn+7+UsZauT/8SFZn6W+1bJrc7vls8QKBeKBGkvTMG
+u3tvgL9ToPzJU51cHCKbPERFKrY8ZmGc1On8nJcVq0YDEZI3zz3i7coxPvNkzvVI
++EyodEvNoKKMuOvePLCTa2PiZlRTpDmV6P6mYa8Z2WdMp6aK1PKk75t2MxXWR8V1
+Ww51
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQVkcXXZpFYn8HcvaHL58MsTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDE3MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAsnmjVjRhHwS0rAkzjNYMBbHrzRy2ciwIho/S+n2I6rOD
+tlbnvvD5sFEf01QRq32yeV0kQddT7OBM55GxwOUrcEIyRvBof7ajcIXooQliadv7
+99cGmuE7KMHhd/SoEr/Ps5g8Y5JnlmFK88PeX4j5a4aS10z1UCj+I/qFjnrfCyY8
+MniWlTadrSMH+TAxtRW9lAgIrraFq6gTE8K/07biioMMWeOVtLn8AsXvgBuiP7T9
+AiwhwYxQbduCzgFjFfYHMiyqAGaCMjGNzsBtrRGfEKWubEcrwEcDHnYkxQsznHRT
+kyx5Vyms6uYQG2S9eWWNhAzJpQGqgYiL2fzse+UOiJ27re9Ee68AcnmD1c66b5+e
+Ovc86fZTGNXlWzZQhg0POcWL+PXuga47+OK/n3TCSfmxqv+fuI2cFNy1CLlvOG/Z
+LJ6HX5iAGeKRU+DXAF8I3mPAfJgqt9hfeL0Cr+1XGgtYDLdBkq/31pVchvJRaR+Y
+8s78FHm37z3NzGXh9XEt/PkpOlvvNC7N5Kmzfq2XZKIKvVdaand4X0gyPpSd6be0
+jftxJiyzP3WC1EC/Nb9FbgJDxQbohD+uThNJ6eW3VElyasTV7h1y35oKRrS/KkVs
+T8loaSJq98+5oL3ng4XQt+qt9yqHAG6kUm4/gkFVGLBUTvZEbgkXAuTRMb7IXf8C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSiIVMe
+XiNO0nvLOxW9uLIl7yABhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBACNYRJpLnQ2DFIA/GWDEawooMTHcSqRHOl3rYXFX
+1owVNN9xX6GDJEezpZU8bCdC+sAsp/Gcvxpu+8+a+qcquZypYFKkA/CadVkijxdk
+I8nxzjTc6hxwN17WFqFLHyONEEK9CLlXTrheychORB31BIQ3oPP0a6nX5QZAWoj8
+/Eq74QzVy95zB1+9kk/YxubjPWCNthgK3q2RAMmdxxk0cFIjt7jr6OhpP6E7KjrP
+g/MaILCz1EihkZEtv66uc9XlDj8WQuj7yu3+Ax3de5QP6vEeYsW7euDQnc3Xuogy
+dONB2LGZ1PndV+NNgLLucV06vG9kDYhezdz7IF+psP1NvqbUI/8V3s5NqJfdiu/L
+aBYydO2ljvcxfsQseKAL4A368uIWzfqATwDnd0A5tkbl8Qe6sfqXgZTEhZwBvkDa
+uon7RqEgVRvC+lsjyC9V9Vh5EZUSAqtHQnoa2SenwmJv9hPrM6E6ixWFXd+UVLkJ
+S0DqHKUBpPocLq3ymbxr1rP/L8MGYyK8D3EC7jqci4fTNwca8PRMbTJJiVz9CfBC
+657LYog6jgnoUgiHJNYWqh/huEgNd8YNVmHyErAna8f17AHmHOo8cgJZ4P9gvy9x
+2c1go0BuiOjCQGkaq9SwcMnX91J2WpUOpvN1zrFEtQw5V4wvHpJki2vdHJCzUI24
+FO72
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQL8kr2nlQ7yyWnpNoRb5pRDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDE1MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAtMLnQN15eoN2dmFfj7InfsmfQCsiHFEa/Cs5+oRhtKnp
+RhMomVJG8ObLCbbyWexJ+4Y2lqRh64YkI3J31/HAatncMWPN9cveCanZg+WElcWc
+E5FJM8Lf8UkHvPq6ElmXBANUZin5GfQOqYVXIBN5QLcAgg83sdWfCZMSQKs3QMFw
+a0YQtFV9aGqEf6FSELjNxC+iXR72sGpPhHySzHh2B3vZo+YqCQ3Q0CCn2X3Iyf+z
+e2DfaiN3tHU7z/oCWK3Sdx45SKv75nar25VgmhQXIBPjhuPffRn0LwaLN74orK1d
+d+TpJQD+4nH8dzCLoQTedfUhKn418TXT8gas/mWhWNdJp90WBKuRevfzTLSWeAL0
+gpRtNm2vnsqLCf/T07yELrdwhMsY6CdyJTcH0PkOhJGMH4BraiSjqxsPMC0BnliK
+m3hkKK06egFN/8P40S9M+056mW59sNt9kBgfFLuXTRNRb/Vu7HMyuEW7cMRkhbnt
+SzxGvD1WfJeXLM93t8FgsQ9J7krzM4jyjqcMXiKQvXW+IeCoBZ8wtCkRYJsRpHzZ
+9tNPKAOKP6X8k2sjszX7tTO7HHcBwrELFAXnqVcY5iIuDT+GiUK8J3X0RuDDzNWr
+BpodWrfQP4Qp7smwcs8tMOQf5qJNi8gH5Yx9QE7QfA/+GqAMKNYHNhPKBckuylcC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBS8s51h
+iOkfzYmKcyvJw5HLc70a2TAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAHfHEQleFJCgeM1f0Iu9AYdpfXkLDOakpesF05SA
+o/uUOsV1EYyOntp+pohA6axETKKtNfY5qmTq8D0clWHJajE9GZa21DjT0BajuUcY
+600KtgsXnaD7ypkoyfX4RlYHUf2/7TRkGXgXDeE9gSYiJF89ECL3YViG/ORV5E5l
+leBHQBint9NMo5PO43uyNbr7EysW3I7JUVYaNHXo/BrN3ZKFAgM5JmDeN+Yn1YWn
+zuyb4io2uFLnLaJqsz0wcoQ6Tt1HiIAc0scZt4P2faMvSb7Y6THfEW5XnTm2QKv1
+KQCnOlYn6okvGxwQCq8xCJbOEFkCMI8u0gYub00ReJSUxY7t3IYOUu+KQquKAlJd
+9ZasD+VYP8XW+WTVSrtQvmCT1JUlKsu+XpYZDvuGG1i/2HPq2xEOFBAjeZdF5pE/
+2lMkpBQdo/+lQopCxZ7gxISEsQtXukAfkwXMhmCF7+we0c2Rmsr/oCBxhPiU+grl
+SQVxB7BSF6yYmia18nDw4y9qwEbur9LJZEX3RsFLiWGLAK4gh0hP4MjZQZZcuMYn
+CsHmYPTKYmOfOGFPJc5ctf7TBREbq7C0oyf8kHUXFyTvoJmwWSoZGRNjiP1zu0N2
+ElT1xR5cyhXEAayKuGTwIEkKcbUu15ODlNE02EgchIapdtodyo6e5p/PpV/k/L/T
+t8zW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQH0YSYclzBNuITt7E0tIY4DANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDEwMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAqp/48dWzNMU493jLFOL2Tsh2wfCuKngRtxaXb0ekoZz+
+RRoXAMMtrsWQEy9e3UBmFfOJFZFbEWxJClABov01Bp1cAvQw+Dd9Wi8/ReOFKRJr
+ZyzKMjde+Atq+q8YRbqWwB8MQNCfWg+bEFSrbBgoambnTnPeIJbs7wWEY1au8gnD
+YzltFDrqvWd4kSrAUIV45tFCJJRythtJkUQPjiuCbEKhN+g3vJxh4LLuI7poczjb
+80COmWgtNutpGU2vIvh4jXPJmyyndb1IF2FD3VvhFHzNZ/z9DpkFotS9AyKSRO6h
+a9apDrZQfsByLarN6gioL67Mx+8whr6uOmb/0nQVo9iAUqb/dwgZwpPE4Mcqb0sY
+FzY04zafUc9bYx6qhk4iY5n3AycA+LIQjQi7MhHuUPLtwX5gns4WMFmTPgiE1Ty5
+BjBEP+vLnxIUxBrzUbBie/uZKIBcBzHPu7DDwhaDc06njyiKUwbBUghcJs69Xqsb
+hIY4UZKiJSbW9T2DV8rxafpVa327EZjXTNSLfVbDxKEBRj9+AfWqakITx0V916Jh
+1BggIlNsQjtrUiLxYVw4vKmJCdATfjJBMjkYH6j9O8tIFDQ5VNOP0fAJj65UMArZ
+l4E6fpnpHmrlKt8LLBrMN3FwfzLTv5aIh3ai+OgqgntAtm9ECmEqTSP3zB9Yz6EC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBT7bJzM
+dqnSt2ci9gcsGjW67+wNqTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAAf3PGc2w/9JBRPqGU9C7lF9mKu7bckmUDJvac0Q
+jLxKOmz7AN9x2+AXFtCMNyLxP2epTZgp42Tg+uArsi9oKKFmplI8AET4V1PVPwDy
+O3NqmCsQiMquhbWC0JmzIyRoAzHzTVAVedyYLrn6zgGXoevfGAJsZJCIQf3H9pAe
+G3QIE2K+ndrW4BtphEiGc9bD5d5+5/AduFZ4EXCQ8xICV5dcz9TdQksLNgqCjsBx
+2PDjzg83XceR3e+slywIVq7gg2RYipeO1swCRjxdvNfgHZlRotIxEGDuZmnFVHaE
+k9SsaHIT8gmOkxuUmCFsLDITGokswk5BhVT2WCW5tER5cqZiV6dYtBZgE12X7lPX
+g4FlgKT5IfgwPVw1LHz6tf3415fzHcjclzAAAXYyEMePBba4WKwlKmefXixHDbHt
+gxuHg29s3rAeUIxcoY6kCBn9AUUD8hlvdZOTPVC/UWPpZukyXVBa7h/KeMPJ35lq
+LPA+GnIc7UKSeuL4ueOd20rcqspVe4JQgVH/DgOuSjzxpjFB3k5Y1NV7Cy7E6waF
+HxfV9f1EnzEMqbltvAS2MeuXLFzFMbew4b1hNYAamCOFZMAI4XnO6F3GYrrmwF6c
+RtXTjllTER5B0EmwjTokGYLT5ck/n48zOz4rUBTZwbh7nbmYrY8yACyT4ZD3irBX
+37SA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQSxRd48Csa3X6EsG7rl1AnzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDAyMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA2L+b++I276+PWekm7e4hYqv6YiN3CgHjXfHmQckhMhEs
+iRVEIk6Af4MnTegnmY9HNuXB1hQNzK7SMxrlAezWv1O8ovQUOqTI3DujTQidoyP+
+ro27ryke0YybM03pM7aTMWQL7r6fJo4sASxvD27AtSYosj1O5hCA82txKJ7H7KOE
+xcHA1D75BsxfI2mksrcnrN2A4gICp3XaphStQ55Ns3fVevqUfj9HvaZ5SXJmb8CB
+Av3JScBeFVPQpGbqusBL+Sky2z6wudCvH//dQBEP831mpM1H9DjwWnnRBYZRN9L1
+PhxxDhwR4+BSWYMIzZNJDhMq2P/ng21OCTD9guWLKIu+QPBXehxWICPmFun77UVI
+7JbdNWlE0/cXR//kucIx+8YMXwIzIR9RI4Y1Cfl2rQDKNVAtCXQp7PZUWgJ48iB4
+v6tMpgjhLlrHtRi5ot1cv5JGOidax+/wQkr15MspOujyD15FxePt1d0X0lf3+KTv
+L3fblSO2cLI7L1dsR1Db/+TBWRD+04WJ5ZjbyTeJJvuYsC36rp2U2btKrZw/y0hb
+RfIB1j2o9IuQQXRG9bk19PKF8/hJUQ4IT6iUmCcm0Idq8zrcw7C95QF+JKfhUqEe
+oVVrgJ5EKUXwb0kU7Z69lzfrAeJjNAFLWvsiDQO/Ssu1CPT76j6J43j4Nvu+2PcC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSSrEa8
+5+nQJH6gwvokutB/Grm4CTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAD2heT6NKvXdOhUdGOdX6PXmg06G8/spqMVbmav8
+hdlCfqgbXB29Z052tLz9UC/Vxmw8pjkeNcjy/wZDq8THtp0Mgy/+JR9RKttcg+p0
+EHugKF1gxgV5uognN2Y5zv8cgzaYUFj75ktuscXhTcpKbTBYyEk6YdiCO7/IzF+E
+yTLL5jNvZE15XDDBXNaIY9i2SezC2LrgsMJV8eX7wNG4wL/DeeMKk8SD0Cw04rKF
+MGRWghZs930YTsBbhOwVXsQl/pHp+dRPQH1YtzhcRy++FV8+13s0ELpE/y/o35Xo
+NWO3SANnrb8bslaIBVbJFVeRW/C5OljBL7uU/B4yGyyMf0FcqFGi91mhYf1bFxaw
+FJZgIcfRXDqnzkRBsx/4/CixxqGFfrtEuZ3HTp6KJVlT2RRPd2yW3rKh1CbDK6P1
+2R4FIzfLJyArDsmgp75TxZsWYLfpJvOi29xZQIBosFFu7jNNGPCsYHmebzqDLgxo
+iFSrtARK2FdTQ2Q7e+nR5e5MqsqfxMkjdOmbTSg2L7XUeBEYTvJ/5yYJW44fB+QD
+1wCS9jxSq0JVEAt1/9rO4diVkTjH3Y0yTYjl5TOflxhfkREw950BmEDpZYBvca+N
+Km8055v86gvwvXwBTNHFwQ7KsjBxycpfjJoEUpIZD9u4nvgy00o8AIS4ECiyNQom
+3G96
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQRZKy3MWMDZhiQnFQEqIStjANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDE2MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAqI2a5sJp78m68O22fOyHr9o6VF9yA8E07bcbEb8re9cO
+mMT6+pUss4DcMOyJLws1o2gjrYUsG3gDUB9rPlVe1+kCCR5h4Kr/MGq1jkGD7NLc
+G0paBKyiStes1JMrqFsD/KoJEj0hdc7VsjZDf+x0F4Fs8qfPw0V+m3jorcXBSaKV
+5vokRUjmvxGVfwd2M79MQdhjO2J3uu5aVfoAkaEvfMaUGxerfZoZsAa/nFa5UtWT
+kCS8x4y0hxdDwg4PV5ogSPqqj0eqpJ6x1SFEAVS+OEZk9KnZgC6TBYmKDyIfOnud
+xTLl5NOw8sAEISb1oCV1okAdeTFMgdDU9k/P/A5Nbc2uyG/vZX5fJ5chyyhlNV5m
+pCa23JTEswC8fjeG1wXwq4PUjPhgL6k/8Di3uHCCIMxl75yi/bga2Ez1kbpAoEfg
+wS1NXEwMVE8S/DRRF472cCFvurxVv4ikrxVaU7RlYW/IhzQ5crSDMnj4lCpdA/sM
+e/9inOsyMGGJzqX8d147swxLXyieE5LGHbww3C18qmgkN//eB8j+dfDEDJHv9a1H
+Fni8DKijtu9Tw73uvTKobi2j4SAKEqpnhP2V0ruLmr7AQ/D85BKloNJJVgJTvidR
+QNL+UXMlpELXkibYUsCyjV02KhonRJC4i5m0iVykfbX1AXA4BfED8RoazZRmDpcC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSAipgI
+rGZ7mwgmjSHxmGXJeTNshDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAI64K2LwYEH1sIyzMj1cJoVzLIDdyX52orgFNg6L
+kcpdH7/QtMFHCs+5+r2GCXVg93dxM5ieegl0lGkZxRMJhRoYtdr2JBLTwUFCzQQh
+iugXi/4FJPh5JuP2ZWFXslpAZIaxgTPiGMuJYa8L+X5gc9S3Un4C/iZyfAYAyEM0
+xCi/nRHOrFzpvoWHIFX7IoYhVax9VYIBwKVejcggEtB8KN4W2tkRggPaUN9SuV6V
+Ea2aXhVGARHvu9lvLyqbFOIoT58vxIZ5GTb8uQ6JM32dzCT5foIReOyEOGA2uaUw
+SHDAthrMeUR30h73Bgu+czNwXX0WYoXPjdSaMQT9iL73U2ZA/NMjkPjodijosKya
+aIzN+/15NlO9QKxNfuq25Uvc+Gaih6vd1mUO47NMj8K1xGDErArOS8w9tJmsMAkA
+D+maK1OmzBqUxOOIewj/PxGwOb3aJwu4IlRbUQSIdVLX1vCDaJReNz9N/qpWKb/s
+WRZ4INBFWWDbqQN2eqWkKYzTkLI4Fx1Ooi8KtO1TWi5WNd1lX7Y6UcXpS1qvml+s
+Q2QPb6B/KgaGkjJrFeBJ4G6/XyQzItPkFsOBmtWjHwXKOfCLO4niJaGFLl5RqvBK
+tDxx//6eoGI10wm+6+6UKuFxQTmnzMKH+gG9mVK2RS2bGPRN0hlkHVTiCqXdXinZ
+ELlW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGkTCCBHmgAwIBAgIQIR/jjdv219LQnnnED8fVqTANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGYxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjEVMBMGA1UE
+AxMMRm9yZWlnbmVyIENBMQ8wDQYDVQQFEwYyMDIwMDMwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQDWamcEdahf8i/06MD097uSUe2TIvU4of0tCKXGtDpF
+EKqQetvc+ZcXiEhvzMSWobr/oIfTTGYUVe1Napmah6UdoBSvHF0P7qiZd8PnWkpk
+91bFYFvBevKn0Mv3HKSoTfAFqdhe/vHxNQl8EjTpzbTwP0GM8Bjz755ShpRGOm82
+n9hahGnG0hTnaxB4Phm9B+PUlqD2JpZz1IPVhqe4lWDGsLInX1z3dyoYm9bzipxf
+hl8M8f+JuFLSSc8RPLSSJs2taDfhCndTT5GjVJfiVMWUsPpgcWCQz4FMT2RlbRVa
+hmFdCQ+8SQOz3VrQAlOq9gzUYqrngcceO1VQX6/WUUqtlNOID8/KFZtugEgSmhjE
+tb6E/RSiRh1OvI8tTh+jcG3RpHuqmBAupgXtfTw9RZJy++5Qiskk4aHrqHmcMAZK
+inlP5eIyoR1KKk7hHYltvFwKJTdQZ8ap1P941TKe4yczxpZMy1M75Y5PJFKproxo
+1+GLjzRZOIB3iSF/whGep230VvrHGLr7Q8g8EfIXB3MLZzF7hlpGaKKVdTw7305H
+KKreeyxV5YcccIIvNhCSwsSrIncsoctgXJ6rrNay83dL6Y9SnQ4/a94UobmJ0pum
+uQVaGGOffSpVdL270T7gsf9ae63LXN23RMxPEMQ9ZAoKMgfl06CsfAfyO2/+0wWk
+5QIDAQABo4IBdzCCAXMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwcAYIKwYBBQUHAQEEZDBiMDYGCCsGAQUFBzAChipodHRwOi8vY2VydHMuZWlk
+LmJlbGdpdW0uYmUvYmVsZ2l1bXJzNC5jcnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9v
+Y3NwLmVpZC5iZWxnaXVtLmJlLzIwHwYDVR0jBBgwFoAUZ+jxTk+ztfMHbwicDIPZ
+etlb50kwQwYDVR0gBDwwOjA4BgZgOAwBAQcwLjAsBggrBgEFBQcCARYgaHR0cDov
+L3JlcG9zaXRvcnkuZWlkLmJlbGdpdW0uYmUwNwYDVR0fBDAwLjAsoCqgKIYmaHR0
+cDovL2NybC5laWQuYmVsZ2l1bS5iZS9iZWxnaXVtNC5jcmwwHQYDVR0OBBYEFNpm
+QDV/3OTi2bD3EiyMJG312UlAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEAgLa4rMRIrEg7qzmdG17fr+Kka+Ozy1o16jiA
+Z+d7S1vkJa5tNCpOTbxeLzbn6mdIVzcpUdnk17Wp0TIwGQL6N0YasXqPZKLTaIpb
+KBHiitLiqJutaFk0N3ZAa1nShmf5R4mCb/U75043KRxBParEUELi1YssVsDzQxRu
+U5olY09jDN0p7VGHdLWB6+FDmE6XSx8eq6yZSbWZMJOs0ozsSpe15ASmHev5RDoU
+nPiyT7BaMQRfU39u1FgFlUp3+wZdwS0tZNQYz45A6Qwy+1cJ7XLMS75jEyepW2HJ
+6d2SMB53ieDsGPRXgXgCbjEMzaP/nypyGX4nJgPOIWiFH9CTtrr/CnU1j5vE2xHd
+vZPu2RROfKYrgk8BCxI2NEbAYR9lg6kjw1vXfHGtyH9xL8z/vwd+FxxXPfyr4Cd5
+PsBL4BFBNhMfx/MMa4XkIwxZ8x9ae5bybqBiIvgHpvUb/2m/whSHaeEAR1364hAB
+RuZCkUU8xTGErO385xu/mejsqttUHpQBFEpS0EpIJOz7/W3F/amhyMBGRu6b3bHP
+wX2Izg+OZF2U6h2x+9fX/CHBQtif3GdpZvakYM68BvD1XQlsssCfWFV50ttUQjIY
+t5j5dBFgtD623NMKqtx70zBNn9naWjNXFiNSmBkZqz+RKmcBlItsxJfwkbcyL5o1
+8Q2kKYI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQOFn8fExkdfLOyHp7iL//wzANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDA1MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA6gSk5wUdUrIfPBvLNQbxvQ7zVp1REUj87KQqlhZoG4oM
+iQLRAKTEKQV40WLEq1M7vsnq7QQusgrKYFvvXQ2fBc3yOTay+iZe5/JayZE8BpB6
+MKLdLPftl1YuPJk/4ACxg5FzEcHCy8juitkSM81XBOjEMs3Kzl14sXOsBUAz8iCu
+bF1uRiQZ4CB7OsE9vknXl9025CuObFUreFcQb9K5iCzAJKfUWGc3p8UrL21GMzs/
+XuE/yCdcoi0xctBAzobyFzHFzBhTpoTD+z7FrmBaym0tIz3i0/T0RLMNRAl+LIvH
+LaBThTg5uv62TYnHV/ks3uXU9aUWqqVTF+qsmQsnK3gL/7kBud7MMdOzaJSffKks
+7gvfPGp+SA7Lahf0AT1HDJV9Ue2ChI8oQGHLP+NCy99YKY2o6rhmBw1qySFCWhip
+NJZTMnmHD4M0I47yORznZKBISaN+fAIxBa9EjVrfuonFfzXJP3L49KoRTee7QKXH
+VbEYrRsEx13sWi9Uk6VHQzUcha0jy+9ju2bj15QMCEha2FKLipgvRW7A9KVKj2yy
+rkr88+DTCNxBVVlCXAWFniEcmiNuOdT+wK87uv1sr3DBzeME76q48mDoqdL35Ijq
+dKJSLM4C6119FNNEuqUpj4Z/XsCrSiv7OPF/LTWxUPs2InubhHwO6a4N8VnWF6cC
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBSzD9I1
+5V5Huk+NEFqUTr8+eXrD5DAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAG8/fVD3zJ0t/5SaAzyQixQgsfyQzKAWNHO4G7rT
+1tHQuTbCOotyMcmq/donUmdEXVw8U91Q0lxD3YF5GGsHlhIULAEVJpJ81OeLwoxY
+ctj7oqnpIraIKypoxFnZTStJ3HEviskRjyAtqkyebZm7A0dMmzhtm749uiFTSxcn
+7XP8Fna1kKl81llpd2DF+1k7e9ZJD0sSNR+z/czzvR7z0BKW8t+nkghGbHTPjinF
+GbySCA//Ybtwp5EmKJlzOCSejYoRMrqtNDjoWW4bmAI2WfdRD0pdMXHQ78t/w5Ul
+wMx/mnOiRg6AKbodle4XnfAmA4m7Lg78qlu+zB1FaUC9QCC9xp58qgRIm+KuLmcb
+6bas8ponYDNe2hi/2VI0xW9iW7Zoj2Ben0OEldE0xzJlqiGEShZ+t+zoLAX7D15G
+bjIzhYCt50CKCkYKosUtflIyLfshaEew2MJKJLWXHil/DEjiWpkxymftpR4a5mrL
+7Xn6V3RfjGqAzbry2XNDN3b81npYRdqWYh05FfmvlNmoJJ6wjJ0Pkt7oR6vYCibZ
+xszpqPKYuT0DKuf+VJl2Jfj1tvhU+ubNNn0aGxo4sVR5tKErNZppsqGZavGzciuF
+6rF85bX050f5mZ0AmmfSZoCBOv42EP95Xi/48QeLhaEznmUi74XMJzZ0+YsV5wVc
+Jrn2
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQBK8o4Zq4H/CKw20VnxW4GDANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDA2MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAkyTbjPYRRCHuil8UF9K8DtESH3xrjKQl6hzR4D3xRh1R
+wgOflJgNCPWV/icq2Iuo6c8GML6fnzRsq8qjWwGrrV0qkKGLL8cwoDap3msmeWxH
+Q8C3SIY/Vwha3sNqd33xi4ZxG/l2xqq/Afs++TnvxCfyKtKpQrUbujtGsGUzjcu8
+obykXP2e54TSIWm5OOGnd5AKhD1+0wN1GReNGuY+BxAh/Co66Z1u0m7PXMU2/iMN
+B17HZLV5ktbLOPGiXEef+J8hlKwk6HwlY9ZXK23sx4+OFVwwEu6LLkreA2TZ/J+K
+8yABk8KeUMhQJYGLiKkz6gTrt0HrifyL+9ZVfo+tmvZj1mlKMSUkcbuGLyGmTJ7H
+Coj44clonIJ9aGTWXGozQy5h3gjSprk3Wraag58hgi6s6t7PrLezywmqCs76jXAA
+NZqkiP6a0SfsaqpzbkRiY16P/qh1zyeSAd/SgmmLTh+Kpy8jxT37z2ZYoLGmbLpd
+7pd6P9zpUrTqaB8DzaOxv8NV8DJJkcZqoSG2htihbBRcPxHLCCWs8NBYHKgveXV8
+GqW/K9oG0CghEM0PmKp0wjgY63H+JRXoLmQcLQywGTllvroDx5AhvBgfvy92tzPo
+wbW/RNkprKRb9UzBxSVvfZVknRZfk7jTZ+31NQ6PMqCRpPSg/qbWs5OIrdFqlF8C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBTYhHVY
+ZJhASNQI1im99V6FtTjF4jAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBAC2M1seWUZg44WHe3rBGhVEYRpSqNfkV8cnKRPrF
+HmAUhGPcyoYGmFWEiBwDSxZ7E2TJKh6rwZLosh+kEarFKVpQFyXNi9XgEyPtPenI
+K4ewwfWjbkN+ZbxncA6PXv9u5Cqmaqt7paxxyuRIxAjYJhc6r/JZ7V7zkuFqNrI8
+rzJxMHc+I8ipl/W6ey+my+AYtOB+LIE9pEfScQw6IlkYqaqN/cMagjv93kYzMirt
++S5le4q5o4UvFVzIYrKLuNL+4bTMeNOo4ppqdcAmCu8Y5bciKzQ07sqZz0pEVGDz
+tiQ0MJ3TTU1WxatWU1QYNV3PQT9VP7UhKkViHdKrRco9F1NfhMLIdnzmUIH8Im89
+IOgEwKMD0aaMNdcGrDKRJwjjn89bjLIZ8DN7JL6saHsZO4JL/6fIrJJquhgVu4P4
+2EjJ64S4TrnaqvxQX78r9wxJ5IovrGpjgQRCZXeQu03h0MIvec2PjGJXHoktpYqR
+FgLCaHJQ6K1q22A7+IBND4nLgpAi1TvpCHu+RYi0w0ek9Az6ScOgOoPpgo8eJxrS
+IsMSn7qRtoG9k3hvOkl9kv27TPefuYztF06OajIdLsmctv3vCbFuxCQK3bH/t//C
+LzjONUs0ugg8+UZi/mYsNrNE05uYal83u0roT0bvrFOmoOJtalKs/gIkViOK7NVq
+jJiC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGjzCCBHegAwIBAgIQCnTiezqAGRfQr/kDt+bc/zANBgkqhkiG9w0BAQsFADAo
+MQswCQYDVQQGEwJCRTEZMBcGA1UEAxMQQmVsZ2l1bSBSb290IENBNDAeFw0xOTEw
+MjIxMDAwMDBaFw0zMTA2MjIxMDAwMDBaMGQxCzAJBgNVBAYTAkJFMREwDwYDVQQH
+EwhCcnVzc2VsczEcMBoGA1UEChMTQ2VydGlwb3N0IE4uVi4vUy5BLjETMBEGA1UE
+AxMKQ2l0aXplbiBDQTEPMA0GA1UEBRMGMjAyMDA0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAv5/PEMGeP3KmX9rGKACSvf+7qAHh2w/+Kq/SZZIDR+Y2
+gHWvVu5mIvH4hQ3hhhXbK7Lk0sQzR4XYg6nwRxeO7FEshSm0u7a5/1j+PtI7Hzpx
+1I+CG8kKj0mEV8m1UbMPpL0aZ4vDXwOl7kpobBxIjeW9z1s/oFycrFyfUNgxp5S2
+ZMDcHnXx46scjdZOtOamYGiHcm7Fi2iRTI0J+gyL/EHgnpl+jNjyhUbdiZpyr7II
+3Tf5s9gJXyLplMEj/CRckM6Bd7OHOJt/j054D4BUjJwhR+BjW0RzGoreb6VZt5Ik
+/aNaS/AAlMCiiUhP8WhUZuLWjjSwTAVtf0oWttjOw1t4se4fGsT2hBtd753S3PQi
+UoqFAQC5RHYwGNinZGzrX2fI+dJ4zfa2ceA15EiaY2fFs3LRC1J4she52i5Z6lOz
+AeKEbHYreOMOOgvaUURsEootQJUyJxoQHw816bVtQEEycUHTiKZ8dlAFGiLFI+Wt
+mh8MTGonUb8BQO8QWcKhKghFlyknMGMleeTjmlHk3qYoBLF86unB6b7aHxppXxHh
+Iz1zjFvnWWnAyr6F0cYmTGQ6NOUbUBozXifmGIgt9MRh2KM/GpCuegJWnoGdHb4B
+J8rv4EjVwqnxlFzcsPC+AkCD3935ls+gbEhWt7rQTGKtnqjtLKiauVCH/rMF5S0C
+AwEAAaOCAXcwggFzMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEA
+MHAGCCsGAQUFBwEBBGQwYjA2BggrBgEFBQcwAoYqaHR0cDovL2NlcnRzLmVpZC5i
+ZWxnaXVtLmJlL2JlbGdpdW1yczQuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2Nz
+cC5laWQuYmVsZ2l1bS5iZS8yMB8GA1UdIwQYMBaAFGfo8U5Ps7XzB28InAyD2XrZ
+W+dJMEMGA1UdIAQ8MDowOAYGYDgMAQECMC4wLAYIKwYBBQUHAgEWIGh0dHA6Ly9y
+ZXBvc2l0b3J5LmVpZC5iZWxnaXVtLmJlMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6
+Ly9jcmwuZWlkLmJlbGdpdW0uYmUvYmVsZ2l1bTQuY3JsMB0GA1UdDgQWBBRkU0hv
+z68XTbske0wvyEa8I39XFjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+DQYJKoZIhvcNAQELBQADggIBACgvtg+QeHUz6LKbzKda0Z9Y8Nh759W6I6uL98Da
+OWzThhT4s7TiFUXoAT8scvDKFUJnCCYiVN4xbgByvs/aegA+1KTZe9regm53158C
+Oa7ML/oG2vUXoKNzgt6zZ7qktMA/ydxtEQpXf7LXzR6cXiiZWC+a6cqrd6QZeUyW
+RF6Y1zDN+Sv8DDNCdr9HwjJ6wbEjpTYZwl/owGCBNygtdoOQm3U3avKGKaHs+pZN
+DFyaTMHmjXBXTQIuu7wRvvl+pad+173pPtuTshQ7tk71NawNX9ynvTkmjjKrt2HC
+/oSK92EHhgz0o8P8gb17qxwZ6cc5Pu3yHcPwGSo9WwU9qF5jttbXMvjxvSpzjzWt
+NVqroGwG8MhIZYaVU+ginVv3m3aUkCONtds8uUlNh8D24THkYHydPqAfFO+I0I+n
+nWls7qNgSwzfhqS/ELVFg03P2fiHtp46mTh/BNp5w1PdZMWX2laZRLETYWkpYWxe
+qWDKnkm60JA4dmimRJbl4p+GN9VAOX3tmWxaoBzfByv0K5e4CDhaG7W8n+ARLAFx
+U6gdNXNLT959JXXluuODayOJaO9wWRN0wKxmYlxaphNeDCtjyRg63Wka5SPmnww1
+aoN1r7DokElwmWUxrI8bTGgB/R14BDhsi3YoUmzg6JwhJNENvLA8o4lkSp8TOSvp
+H9as
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0DCCBLigAwIBAgIQBQsM8L3hav3F7JEA4fX7dDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkxMDMxMTI1MjE1WhcNMjkxMDMxMTI1MjE1WjCBnDELMAkGA1UE
+BhMCVVMxLDAqBgNVBAoTI0NvbW1vbiBTZWN1cml0aXphdGlvbiBTb2x1dGlvbnMg
+TExDMT8wPQYDVQQLEzZDbGFzcyAyIERpZ2lDZXJ0IFBLSSBQbGF0Zm9ybSBJbmRp
+dmlkdWFsIFN1YnNjcmliZXIgQ0ExHjAcBgNVBAMTFUNTUyBQdWJsaWMgSXNzdWlu
+ZyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKqd4dacLbt3BzeL
+1Uof0UrwVBTiAxHB/G8ixOnRnlmui+AU4euoHzJsnAicWeBjmLdgSeqhkmNybUeM
+8+VkoKXVHzagwGwLwLIsnnLsuXRPB9tUi9yQiOSFdbUh0dA5P1UVtKQfNCmaCjbs
+lKttpcoLopu6YKUFzEJGAawR8c2JZ28vWj07Xzgdf+9Y0UbUVEQQT1O4BcxdSoPm
+oewvwbJb+cZqnPYKfgrvLfWwyErp9UFf15vo70n1gr6nfxz7yyIrUSzkhdL3nVlN
+5yKWf7NClZIm7d1o/9rtyeja5reSGh2IVmsazpeAxXk0K7RQhe5UcH2HYpM2sw0/
+71DxDiUCAwEAAaOCAkIwggI+MB0GA1UdDgQWBBSMpMZnsDKtR2cX3hZ1ZJF3ByQv
+1TAfBgNVHSMEGDAWgBTOw0q5mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5k
+aWdpY2VydC5jb20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2lj
+ZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwOqA4oDaGNGh0dHA6
+Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmww
+gdQGA1UdIASBzDCByTCBxgYKYIZIAQGG/WwFAjCBtzAoBggrBgEFBQcCARYcaHR0
+cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBigYIKwYBBQUHAgIwfgx8QW55IHVz
+ZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2Yg
+dGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93
+d3cuZGlnaWNlcnQuY29tL3JwYS11YTAoBgNVHREEITAfpB0wGzEZMBcGA1UEAxMQ
+RGlnaUNlcnRQS0ktMy04NTANBgkqhkiG9w0BAQsFAAOCAQEAp/vmseuNBvPhWnhx
+7RtuvcmydhcNJayBeRzDW4WnH8WI0tWJ80bAyllNVrQ8PycX0hBHy7SVBrRECwr6
+ehoOGUWVxIqR+RNzlgDKFq75n/RTwvJgbT7oXV+L9KzdVj9GDYLQ9eVhP0VYI2Sk
+DgY286eXulCptTNL7XiVqAAsnnIZFGeNsyQaGo6m0u42oV+CJxT46CssD5/0iJoH
+4jTLWrweNi/FOwGOKHPJuKMS63I/TsUAMeucuEYRB2r77gzk30seSDvyCCiMvVup
+YL9RlqNKw8JLUzublOzIir1nN05p2DUMJXIZQ+cyAI8QKx9fL2EWxjFdzLxuszsb
++g8+3Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIH5jCCBc6gAwIBAgIQAM6m80pTVeoL0yP3WDrKGDANBgkqhkiG9w0BAQsFADBJ
+MQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dpc3NTaWduIEFHMSMwIQYDVQQDExpT
+d2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjAeFw0xOTExMTIwOTMxMzVaFw0zNDEx
+MTIwOTMxMzVaMHgxCzAJBgNVBAYTAkNIMRUwEwYDVQQKEwxTd2lzc1NpZ24gQUcx
+MjAwBgNVBAMTKVN3aXNzU2lnbiBBZHZhbmNlZCBQbGF0aW51bSBDQSAyMDE5IC0g
+RzIyMR4wHAYDVQRhExVOVFJDSC1DSEUtMTA5LjM1Ny4wMTIwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQDKF9pp9NAgsc68LWfMMofsa7jXyUXg1MsfQYUt
+ogSPPM1nZi1bE3f3y7NYzpndmwAt4pcCcqsu2pzGMZHm9SQWJBoxG9bOfl3r8y5V
+kNu4zXUZOm+6vewk5YXdLMd/GFwouIe/y7IlYNoseRIP+FL036PEVQxN8DLqZIiK
+LmIsOFoUI2w5MMcrsSaDOsoMeqTVjRxLIA3mhc/mDK4eT/qJVSAjpk4OOVDqv9fd
+T0kriRQg92S1oNvjgUrVu1W7iS4l2ymNLmfm/y0PuyIJr2f7SnTOgBsZMg80vSg5
+f1hHTv4ougOebZ+9mhzIes6iQ7H2Kj5ffYDjPjR95Fg6GmqJXKTfcIEilROms4Xi
+kzxU+EEnyF8KLVhkEm+qbYttTIlbClbQp0FI5zRc8M63qTEHTOPCdqul+RJhqvMt
+ZLVNY0TyJPBkRJm7d4jYDezUKpL0Qiqt7r6E/OokANPA8hDinFijIIhY/9PEBVpI
+busu5m6RAo3xrM26VkprKwrPqaX0AHvqCJsa/XwaejNLrfKDe6jtICCB/Uuq3O6A
+oKer3593143xNpqobbwCnSS/OYJPJbgVdjeL9Sdck33hoTFUpmNz2IAm6YbJsJ5K
+Cj+ttZpIGqPlcutwA4XqW+zjlOSHmUcdrKnCtCwC/1c7mTsffxEIw57tYFTEU7VO
+L0nZYwIDAQABo4ICmTCCApUwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFDKlfjHYQtu6LLL+5mkJnbfakNIQMB8GA1UdIwQYMBaA
+FFCvzAeHFUdvOMW0ZdHelarp35zMMIH/BgNVHR8EgfcwgfQwR6BFoEOGQWh0dHA6
+Ly9jcmwuc3dpc3NzaWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURF
+OTVBQUU5REY5Q0NDMIGooIGloIGihoGfbGRhcDovL2RpcmVjdG9yeS5zd2lzc3Np
+Z24ubmV0L0NOPTUwQUZDQzA3ODcxNTQ3NkYzOEM1QjQ2NUQxREU5NUFBRTlERjlD
+Q0MlMkNPPVN3aXNzU2lnbiUyQ0M9Q0g/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlz
+dD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50MGQGA1UdIARd
+MFswWQYKYIV0AVkBAQEBCjBLMEkGCCsGAQUFBwIBFj1odHRwOi8vcmVwb3NpdG9y
+eS5zd2lzc3NpZ24uY29tL1N3aXNzU2lnbi1QbGF0aW51bS1DUC1DUFMucGRmMIHG
+BggrBgEFBQcBAQSBuTCBtjBkBggrBgEFBQcwAoZYaHR0cDovL3N3aXNzc2lnbi5u
+ZXQvY2dpLWJpbi9hdXRob3JpdHkvZG93bmxvYWQvNTBBRkNDMDc4NzE1NDc2RjM4
+QzVCNDY1RDFERTk1QUFFOURGOUNDQzBOBggrBgEFBQcwAYZCaHR0cDovL29jc3Au
+c3dpc3NzaWduLm5ldC81MEFGQ0MwNzg3MTU0NzZGMzhDNUI0NjVEMURFOTVBQUU5
+REY5Q0NDMA0GCSqGSIb3DQEBCwUAA4ICAQBAoZC6vwyjeHq6F/b+r8csNmOXuzQL
+pYz2DU+/uHQ1HuBxateeGWZoTpznruX91ksJqgjjmrx9tc6Bbqp3tV3j2cyjOO27
+Uhq0RaNku82AdS35pplzliSWtl/gwDCqVQ8FBWD9h5qDnDZHrU4jyoV91ZRgJ249
+sTQ4b3opF6bOBa40MNWSnS26oWFth5QfrepRxDF+nXOrqxDdmXEO8Uese++Bg6WF
+gNzgrCXYPZ008Rv9rTYdbTcPn4pL/2HzOiPJay4Hr4SJr0krC9MrIVARGDGSuxQm
+zEc1SwZ6MzFeHR6qOWTE7sKM/TmrblgNeUuZdRxIlynO4KSFLOkqMM17Jpb1Tf/q
+glhRDc/8TWYJPhRJuepu4n6HCV9ovtB4FRgiJZ6H1iR/rNZEQstQuSur7o5VmSXK
+v4IDmRXTJSm1XndxyIkW3kIng7T431e62ws6X9ijeo3gVvUz79TMaA1qomwyy71a
+w0j6VHIh/u3v2O4BGkdLMH0UqQbXtCdQ23RkQrRTc866CbcHM58yBgHzktJZ1sla
+evwZrM3J4pDTzn9hE15x6E8ETNzmYVk7jceoo0mc81gJBSLxM7lFukQM9yQ5eD5P
+9OqSYod+HJM1nwUBIGewoYN8nsjcgltBP8WojvGSl9HCOM1+LzbBGhcbQAa1DCHh
+OaJ221j2KtEASA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDPzCCAsWgAwIBAgIQDTFNGf3m/wBjpIYrjTLF2DAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0xOTExMTIxMjA5NTdaFw0yOTExMTIxMjA5NTdaMHAxCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5EaWdpQ2VydCwgSW5jLjEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNv
+bTEtMCsGA1UEAxMkRGlnaUNlcnQgRXh0ZW5kZWQgVmFsaWRhdGlvbiBDQS0zIEcz
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEilq1Ybn+90fYdtUNMIqE+btMHKAc
+1mVMUpatXMEa8hhmsry7fz35IerYYI4+y1sdADNPMgOeW1vT7DGIGfjszKOCAU4w
+ggFKMB0GA1UdDgQWBBSu6u3GrJIrcgFQ3xwjxkT5qbGg8TAfBgNVHSMEGDAWgBSz
+20ik+aHF2K42QcwRY2liKbxLxjAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUH
+AQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQgYD
+VR0fBDswOTA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
+R2xvYmFsUm9vdEczLmNybDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsG
+AQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMAoG
+CCqGSM49BAMDA2gAMGUCMQDCCJ+1Yo7tQTSqpdEh7R/aiWc19Y2eSkicX7B0wqUd
+R61ECydw54o44QPCXOQeQ/sCME3zAaszP0umatUgsZ+uk5CdnnGeqTtuTSYc3lKM
+n9XxQE5QkyBKTueGGLZxxvZBTw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEnjCCA4agAwIBAgIQCAw6MQadDVbsfa+CftTtFDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0xOTExMTIxMjEwMTVaFw0yOTExMTIxMjEwMTVaMGMxCzAJBgNVBAYTAlVT
+MRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjEZMBcGA1UECxMQd3d3LmRpZ2ljZXJ0
+LmNvbTEgMB4GA1UEAxMXRGlnaUNlcnQgR2xvYmFsIENBLTMgRzIwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTiZbCGjKzGNH+yQB5DC21ZsPJ+DGLTAaE
+QEAAg290a5XE+6pQBLOdMMscEBTRoJp29tX6ca5D9nYyN6ZXOlo2BMFUvw2sUTPd
+x3RHPYvFte3dgiL1JUsf6Dp3XbethACtKohyu8hA6izu2XBNAx3Hft8YJ44ATRFT
+jXnxfv6hOmpMOKZw32ZFcc7lF9CfbDx578g4K6zEJimkJ2psHiku/Ea4dMnAHQDQ
+KgULoW/x6McmCDC9U02cJO9vaYRcilErDdR8pxwJFysoXhx0xFW2ysnT4gpZNhO7
+I+gHvU8dE58kT4GpcChdATTEIrOfRleBcZ8YoTqANtNSSbOB8WWTAgMBAAGjggFO
+MIIBSjAdBgNVHQ4EFgQUm2b1dH/LXQ6vGq5QagErxYSmVMYwHwYDVR0jBBgwFoAU
+TiJUIBiV5uNu5g/6+rkS7QYXjzkwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUF
+BwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEIG
+A1UdHwQ7MDkwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy
+dEdsb2JhbFJvb3RHMi5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggr
+BgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATAN
+BgkqhkiG9w0BAQsFAAOCAQEAb1fvuWDSJohDY8tqQtNK6H987rkNnvMBBuzjh6oc
+Lsxbg9Y5Lz8EHogBHctlATEQk5q2D4NkahK/6tv3YiM6EJgEgAz35pVU2xEPMkhM
+PHqesa75knjyjYNi0CrWxxoBVMOlWYO6EvtrATjAd25SIcg55kuB/i5InNRh89H2
+yBiBD1zkEGWBy8+iQ6hF5RboH5bw+BlCkxxnGALfBOqOLLITcO6h4gPuoWnZBnKl
+clF/tfI9e5dfSjMABqg7EXee0ytQgnzqUrHgwTWbUqfFipw+O7RVhSH1F+R62VfL
+kWHWBEh35MaC993nOCL/DyjcIHSnibtY14neAJ7ecv0tpw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEyDCCA7CgAwIBAgIQCBFAVkurzpTL7gkKKGj0nTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTE5MTExMjEyMTAyOFoXDTI5MTExMjEyMTAyOFoweTEL
+MAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMTYwNAYDVQQDEy1EaWdpQ2VydCBTSEEyIEV4dGVuZGVk
+IFZhbGlkYXRpb24gU2VydmVyIENBLTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQCs6JQle1NsmGguPJ2r5gMXbK5yFkgIgkSYxPo9vgJiHI91zcbYVkrt
+XLat4sxnIhhGEFLHjhTLAcfDFfXTu5l6JlqOVPG06jCgVdt11tJCTjeBN4Oea/Dn
+zjU8lWzy3gR2BPsce5Kr44hyJSd6TTgRJ4zAnV8051DDT7wDEYfC/BNZQ1zxyjPb
+P+pqDN4LLuDRc/jD5qOopLcMS9c4SU1O97fa6azCbpeR8mQZdBs/33a1X/QZrtUX
+F4ykaL0LrMVtqR+gtPDDODyxFuPKqBVjWQhTN6Ww0Gbguxc9m6Qyffsis0WRMTNq
+IkgEjVNdGG4BjZuu8VJMEY9nm55l6wbLAgMBAAGjggFXMIIBUzAdBgNVHQ4EFgQU
+z4XxvDgYeDpVM/RWysBprXduu5MwHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC
+72NkK8MwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEF
+BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEsGA1UdHwREMEIwQKA+oDyG
+Omh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VF
+VlJvb3RDQS5jcmwwSwYDVR0gBEQwQjA3BglghkgBhv1sAgEwKjAoBggrBgEFBQcC
+ARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAHBgVngQwBATANBgkqhkiG
+9w0BAQsFAAOCAQEAwhggyoNeVzDHTEjIOaC8C12fqUT1gSjttDNgvZMf6OpYNG7l
+E6Uc7NJ3wheIIbjHcwKk2M8WOfaRFf2aYtRwBxdWmBN1Fasn/K+QXYqqVdgE89Xb
+gkASgCT8rhXbTtMcpRDmKd2/2eFC/rkA8Pc0tZ5A7E49EQ0/7J02WHx2ZpqHmYhJ
+k8bQpg/De8lx69EW/7qsNLnBgtP419cKUBajRpxIVW5a35zf+zCxfBH2+vT1HqKF
+sT7xaGiiu7eAuyrVQMc6TMj6i2VOco/HypOkSs+6i7FVvC4FxTJjNA2zh+z3oL3/
+lj8HPrJLpq6OUOdPU51ysAxxeWA0az3Zn+aH+w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC+DCCAn+gAwIBAgIQdai61XOlIHXSkEohAa7VYDAKBggqhkjOPQQDAzBQMSQw
+IgYDVQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjUxEzARBgNVBAoTCkds
+b2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMTkxMTIwMDAwMDAwWhcN
+MzgwMTE5MDAwMDAwWjBGMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2ln
+biBudi1zYTEcMBoGA1UEAxMTR2xvYmFsU2lnbiBSb290IEU0NjB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABJwOsc+36J5Sd3U0+qVGp60yGTK0B6knypS7DNIKEMfaibCX
+DHATCQGO2OpH6r6ygCvN/CgN26y8pIY37XAIAHXqkwt7LlKcI2gjBkPski9ThNv7
+RxQH6F+UZ13JeoE8IKOCASYwggEiMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8E
+BTADAQH/MB0GA1UdDgQWBBQxCpCPtsad0kRLgLWi5h+xEk8blTAfBgNVHSMEGDAW
+gBQ95ilIm+oHyiFESibebt7Sg9CfWTA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUH
+MAGGImh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjUwNgYDVR0fBC8w
+LTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXI1LmNybDBH
+BgNVHSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xv
+YmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCgYIKoZIzj0EAwMDZwAwZAIwdcO2G9mq
+2xNIKGBzXe9VuAQRDjgxz+n/YyUHZsLrTXi3eljceYiw7PSPzqk+Q3m1AjAv/kua
+GEx9TzT1Y58y0bahUa1yexla9zlt47OuPWuSUMVZ3XSxpHdSBDH1wrZUdNg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDljCCAn6gAwIBAgIQdai62k/fRIL6M8Tw85T4SzANBgkqhkiG9w0BAQwFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xOTExMjAwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMEYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMRwwGgYDVQQDExNHbG9iYWxTaWduIFJvb3QgRTQ2MHYwEAYHKoZIzj0C
+AQYFK4EEACIDYgAEnA6xz7fonlJ3dTT6pUanrTIZMrQHqSfKlLsM0goQx9qJsJcM
+cBMJAY7Y6kfqvrKAK838KA3brLykhjftcAgAdeqTC3suUpwjaCMGQ+ySL1OE2/tH
+FAfoX5RnXcl6gTwgo4IBJjCCASIwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFDEKkI+2xp3SREuAtaLmH7ESTxuVMB8GA1UdIwQYMBaA
+FI/wS3+oLkUkrk1Q+mOai97i3Ru8MD4GCCsGAQUFBwEBBDIwMDAuBggrBgEFBQcw
+AYYiaHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzA2BgNVHR8ELzAt
+MCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjMuY3JsMEcG
+A1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9i
+YWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQwFAAOCAQEALXK19TDy
+ISTVZWVAZjviCiw4i6EN1bNTWOdahPRh8fQjOzEkqVn21I4MY9UddgqxQZ6KBnkd
+RU/HvNqHjGDJSJ78j5Sp9EKJkbGqJ08ZxI5udFriM3Nx8JwOF2froazeE4cU9P7T
+kyOrarBxbAg+yrF6Hnx++ZBh21Xbwc5qumYfhe1CM2O+mow++3tckL5j+Bcx9z9U
+7O8Oi/KT7kLS+Rv0buYrJ5os95NvZawiS+zssgBZbRfKzJA8MT3BI/o2+Wzr4Z9n
+Z92uJFFHzi8XCsUL/3c+XQdCwWbTwvzI6LQbKRtxuab/6G8FdFpT0wGeOL4UbAxF
+sNSxECO1uDy3Bw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDnTCCAoWgAwIBAgIQdai60w2Y1LKLm37oUtJIqTANBgkqhkiG9w0BAQwFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE
+CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTE5MTEy
+MDAwMDAwMFoXDTI4MDEyODAwMDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoT
+EEdsb2JhbFNpZ24gbnYtc2ExHDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBFNDYw
+djAQBgcqhkjOPQIBBgUrgQQAIgNiAAScDrHPt+ieUnd1NPqlRqetMhkytAepJ8qU
+uwzSChDH2omwlwxwEwkBjtjqR+q+soArzfwoDdusvKSGN+1wCAB16pMLey5SnCNo
+IwZD7JIvU4Tb+0cUB+hflGddyXqBPCCjggEiMIIBHjAOBgNVHQ8BAf8EBAMCAYYw
+DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUMQqQj7bGndJES4C1ouYfsRJPG5Uw
+HwYDVR0jBBgwFoAUYHtmGkUNl8qJUC99BM00qP/8/UswPQYIKwYBBQUHAQEEMTAv
+MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjEw
+MwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290
+LmNybDBHBgNVHSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93
+d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEMBQADggEB
+AMUa3r9xUlvWlZge0FPK39GCTIy6IdffTGlyEBinrM+G6EXSNDGdlimXJOaTas0Y
+1ofMcL0YYc8mji0iMmFvFzeohothhUUhONoDKbRwWi1uajLEYCsBcvUDNmB7nKhY
+fANARzhocnZE3IUzUkvPB29HXokNvac3yD8UrB9U+2ImMK0E0ZbLewWj5T6S5MvG
+c4+k6T1ZDccHzxnmYCUXVXfsfAT11HgegXpwLvG+0Wg5tX/JKvI45mmSq6ZF7DTu
+sqcpmMxCNqXx2g2CtwA6KjirD6uJWlqSKpnPtiLQhAvCm/AAKZFWD0xUjuVhM2Vm
+W6oPV/EM0svKrLcMOtXu3AY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGRDCCBCygAwIBAgIQdai62b4c2Z/P4Yu08NRPGTANBgkqhkiG9w0BAQwFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xOTExMjAwMDAwMDBaFw0z
+NDEyMTAwMDAwMDBaMEYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMRwwGgYDVQQDExNHbG9iYWxTaWduIFJvb3QgUjQ2MIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEArKx0MuizZeW67UMmHaaJDUW6KYiypB1j3dPB
+LAlXiTmhVelnNHcMbuRVHVIl0hNrXuEdqbd9iTJfDZ6fLHpjYEAfprC2eI+ZVJYI
+WK7kBrxiBQIWv6+oIwO2lA+8bmzCy9Wmuwzp9sEC+yHeZt0Xq3RC7/B0LyX06mtV
+W5Dbnd9ehwpA+60Za/v3ymCI3trBj9au1X/UPIPu1xZMg0UzayfQhtAcLWvzq33x
+han1KNKt7/OESxyH/BOjOnKiWhEr1idxJ+2BLW1mgZKHtBtYesw/CvpGT014XPgr
+SOMEhMtd9rRqs2X8Qp5RJiMgyz0U+YHtZRYATxpkl2YIz4x74yvAnfkU8hvxVmoW
+vyyFhc14OJrrQmoCNBiDF06UVvi2grXzlt09875/IHc+exkjayzUcnNDV33g+Ndp
+Txc2BPnAkGA3Rd7mDNh0ja6com10XUK+BvXZZG4CEKyJsEw7B01AfiTFipiCeY6k
+p4IgjSP6J3HJ38ZBdKBN9pEW3EaMXyljMVlxDNhvwrYyffvmXVOmfhX8u3V8Xez4
+9hcc7MdrGcvze/ArB6XZbHlUdmydHKZuDul5DKgjaqPfGzAxn7FUe/5qy2aq3GXQ
+op5Kmgcha4GP28RZ+t4iwASc46pbNpPoPb16oZ0LdrELx539z5ioBsL4KqOhg6C3
+JXKlAuMCAwEAAaOCASYwggEiMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBQDXKtzgYeozLCm1ZTiNpZJ/wWZLDAfBgNVHSMEGDAWgBSu
+bAWjkxPioufi1xzWx/B/yGdToDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGG
+Imh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjYwNgYDVR0fBC8wLTAr
+oCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXI2LmNybDBHBgNV
+HSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFs
+c2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEMBQADggIBAI15/CxkZDtS
+B0D7B4iARQRQ6d6OMGN/CB3V8gSshpq5rMxYMKVPP8AJKnEZ8HqhHqPAf4nkQcuE
+i5r2ICC+fT3DrPlYroLw63H/ybaIiZr5aOEPcUWwbs19W0HarQVtaNlQm/qPXsBv
+/dPdI6jhcVWF+TkhvhSbBoaqv4HBxpoY5jgozanf1qjRtjyViPdDHnCaeI96fMfs
+sNt3wIsrjHX0yIR8bvnwCYvEkIZrq1+fRpMCNfIyg0hXqrPCiDaCtUK7KFqC4SLn
+Ky3zPIzC1cMC/b/ZfVpShS/b8HFpK3nn4twHs5cpfWMoPUNFsvf1CYCLiIIB64db
+1cYKPfweYFZ9Tt9viwlsd7nqZHLatA6ruDb9a3uzkDFyxS9qiRCx43+vI86DEkF9
+w5fM4E+VTo359zYeEHmy02lenXOo6UlkEuLiQti1/OS4bSexYAilA9oK86iPzFI4
+xlhsfWwGxdHY4CXc9uCaKPTCv8NN12zmYd6bQefBrQtsqZI1Wyh33sZOac9ICPxl
+KnnfKGHYbm3UNwZxN2fq+4E9e8CVbKC5RQlKS/r44c248gXB0LGzYiB33djbJXwt
+ctg/lprhnMQjbs+ERRX7Rtg+QsJD/9//tifsaQpj/YE7pIkoO8S7DviKDPFWNCAh
+l0GGkqW4xBLGp7v7dmDqT2b5vlNnqjVB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFSzCCBDOgAwIBAgIQdai61oMhNQtbC6w04c44nzANBgkqhkiG9w0BAQwFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE
+CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTE5MTEy
+MDAwMDAwMFoXDTI4MDEyODAwMDAwMFowRjELMAkGA1UEBhMCQkUxGTAXBgNVBAoT
+EEdsb2JhbFNpZ24gbnYtc2ExHDAaBgNVBAMTE0dsb2JhbFNpZ24gUm9vdCBSNDYw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCsrHQy6LNl5brtQyYdpokN
+RbopiLKkHWPd08EsCVeJOaFV6Wc0dwxu5FUdUiXSE2te4R2pt32JMl8Nnp8semNg
+QB+msLZ4j5lUlghYruQGvGIFAha/r6gjA7aUD7xubMLL1aa7DOn2wQL7Id5m3Rer
+dELv8HQvJfTqa1VbkNud316HCkD7rRlr+/fKYIje2sGP1q7Vf9Q8g+7XFkyDRTNr
+J9CG0Bwta/OrffGFqfUo0q3v84RLHIf8E6M6cqJaESvWJ3En7YEtbWaBkoe0G1h6
+zD8K+kZPTXhc+CtI4wSEy132tGqzZfxCnlEmIyDLPRT5ge1lFgBPGmSXZgjPjHvj
+K8Cd+RTyG/FWaha/LIWFzXg4mutCagI0GIMXTpRW+LaCtfOW3T3zvn8gdz57GSNr
+LNRyc0NXfeD412lPFzYE+cCQYDdF3uYM2HSNrpyibXRdQr4G9dlkbgIQrImwTDsH
+TUB+JMWKmIJ5jqSngiCNI/onccnfxkF0oE32kRbcRoxfKWMxWXEM2G/CtjJ9++Zd
+U6Z+Ffy7dXxd7Pj2Fxzsx2sZy/N78CsHpdlseVR2bJ0cpm4O6XkMqCNqo98bMDGf
+sVR7/mrLZqrcZdCinkqaByFrgY/bxFn63iLABJzjqls2k+g9vXqhnQt2sQvHnf3P
+mKgGwvgqo6GDoLclcqUC4wIDAQABo4IBIjCCAR4wDgYDVR0PAQH/BAQDAgGGMA8G
+A1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFANcq3OBh6jMsKbVlOI2lkn/BZksMB8G
+A1UdIwQYMBaAFGB7ZhpFDZfKiVAvfQTNNKj//P1LMD0GCCsGAQUFBwEBBDEwLzAt
+BggrBgEFBQcwAYYhaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIxMDMG
+A1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC5j
+cmwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3
+Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBDAUAA4IBAQCZ
+W2NlJdAwd4jzvspgWN18R5MjvsAnYX6iOzqWXMSFh/fwst/J0GEjZgE3vA1HEHJs
+R5b+M6yo27J3vhUl/kUnFJvfwBT0GadngKXUV8AgllpOyaVZrBI1uLW3/Ll7/G56
+4meSrMUHzR9ecHYRqMu9REt6x7rCFyVaLraxuNKFisu9FMTh3f/RQHJAT26pviBX
+mWW4R/nl8MERkyhbXcW+IvqcIIkcM5wlCe68xllqXBn5mJbwIso6lTJmLGrIj0KI
+DuSOCd9xwg+aupwM7cR2lV1Bosu/G4AqG9K64v98V29Tdc+Xl3Q8dgzbZsc6WjCr
+QY9qNfNSmbTJqUEw7lXm
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFRDCCBCygAwIBAgIQdai62Hj4rzBfct0cEUDfOjANBgkqhkiG9w0BAQwFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0xOTExMjAwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMEYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMRwwGgYDVQQDExNHbG9iYWxTaWduIFJvb3QgUjQ2MIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEArKx0MuizZeW67UMmHaaJDUW6KYiypB1j3dPB
+LAlXiTmhVelnNHcMbuRVHVIl0hNrXuEdqbd9iTJfDZ6fLHpjYEAfprC2eI+ZVJYI
+WK7kBrxiBQIWv6+oIwO2lA+8bmzCy9Wmuwzp9sEC+yHeZt0Xq3RC7/B0LyX06mtV
+W5Dbnd9ehwpA+60Za/v3ymCI3trBj9au1X/UPIPu1xZMg0UzayfQhtAcLWvzq33x
+han1KNKt7/OESxyH/BOjOnKiWhEr1idxJ+2BLW1mgZKHtBtYesw/CvpGT014XPgr
+SOMEhMtd9rRqs2X8Qp5RJiMgyz0U+YHtZRYATxpkl2YIz4x74yvAnfkU8hvxVmoW
+vyyFhc14OJrrQmoCNBiDF06UVvi2grXzlt09875/IHc+exkjayzUcnNDV33g+Ndp
+Txc2BPnAkGA3Rd7mDNh0ja6com10XUK+BvXZZG4CEKyJsEw7B01AfiTFipiCeY6k
+p4IgjSP6J3HJ38ZBdKBN9pEW3EaMXyljMVlxDNhvwrYyffvmXVOmfhX8u3V8Xez4
+9hcc7MdrGcvze/ArB6XZbHlUdmydHKZuDul5DKgjaqPfGzAxn7FUe/5qy2aq3GXQ
+op5Kmgcha4GP28RZ+t4iwASc46pbNpPoPb16oZ0LdrELx539z5ioBsL4KqOhg6C3
+JXKlAuMCAwEAAaOCASYwggEiMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTAD
+AQH/MB0GA1UdDgQWBBQDXKtzgYeozLCm1ZTiNpZJ/wWZLDAfBgNVHSMEGDAWgBSP
+8Et/qC5FJK5NUPpjmove4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGG
+Imh0dHA6Ly9vY3NwMi5nbG9iYWxzaWduLmNvbS9yb290cjMwNgYDVR0fBC8wLTAr
+oCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBHBgNV
+HSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFs
+c2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQEMBQADggEBAGBD9cJLVP2v
+gPSlomstHU38guKTe4ELEFOnM9OnuzK2HlzmgVSPdf4Go7r8FZt4+d8lVs7JPt2z
+THYK/cA1f/DYT56clWZO972GbvjOwmHop4LqAe902mRBxEo966EFsaBqwk8zzexW
+nPZ29CXHc3doU0wXhIPzch5d18Mp4y1RRjybOODc89QJSBataMU9rIHNTF6rePxw
+gL4/k/zrGiCRCRJ+iblTL/WIhm0ENfNJMTxlbMHxPYH4aiHarVBXpXPkiZ/85knD
+XNcnTUTZKEtY6xJExiC+5IHDjdnWz/V2d8MkQx+o7TPbwgF/SVcYcp0GPJG6RkLD
+rkNz7Wn9gck=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHljCCBX6gAwIBAgILMbMURP3WwqePCpwwDQYJKoZIhvcNAQELBQAwgaUxCzAJ
+BgNVBAYTAkVTMUMwQQYDVQQHDDpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3Mg
+YXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRswGQYDVQQKDBJBQyBDYW1l
+cmZpcm1hIFMuQS4xEjAQBgNVBAUTCUE4Mjc0MzI4NzEgMB4GA1UEAwwXR0xPQkFM
+IENPUlBPUkFURSBTRVJWRVIwHhcNMTkxMTIyMTA1NTAwWhcNMzExMTE0MTA1NTAw
+WjCBlzELMAkGA1UEBhMCSVQxGDAWBgNVBAoMD0luZm9DZXJ0IFMucC5BLjEjMCEG
+A1UECwwaV1NBIFRydXN0IFNlcnZpY2UgUHJvdmlkZXIxFDASBgNVBAUTCzA3OTQ1
+MjExMDA2MTMwMQYDVQQDDCpJbmZvQ2VydCBPcmdhbml6YXRpb24gVmFsaWRhdGlv
+biAyMDE5IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCioWue
+YMmC+ffZgLNI6krCAcDHDrQe7y3WE5ITq6cy+iC5eebwWVzZwKsMOi0UQSIwZPUT
+/fcIr1LpbJfwSSc9LcEBbCw2va9kd/nUWIKz0flJZ5bjXksZmMj1nUsm28Bxly3U
+jkQpGMi16KEyCndLrFcu4VY4vyG55oHUwm0S9yZsZg/KcNUnjvlykxZxKDqQPjLj
+xA8Uahao+4Pb1XxzhM8HMOxcEWSVHfiISvsIEUdw/uW2MrOM1czlTIBB9DvicZ3e
+Gcb+VrJ68vQtZva8mECdbhrOy5p9xI+PeyCYy6C7CQnKJZ2MEbS0VsYc/RFc82sK
+4349WhAcTCJdUt6MMp8+EM5Rep7U+hzEdpWy3AbmVwxWVC3qf7Xw3DfUIcQ+aJbh
+zdYHd5WCpfScoaMf0NShepYPWvFzX3Tb2KLtcempd39iUObFb6PkkRIxztB94DT6
+tvcxas3qD7O/0b4vKPDsm3TaosISyI267d8Ei/2O1W6SM2fc+ri+Jox8fmOopzPY
+8Mge1QuP0pDcZsfsIk693Y2QQjYoBVAHdx0wQpEc+a0x70YPlL8r/8T/Dh5ul3h7
+QVGuMA7S6qUmDYS5CpQ/oRL9hIQPDHGXR/I+uxIf9b9VW8ljl1zWI9s5WauMFPD+
+gTOGrO17rW413dl8hQ8NhMyf+XCrLgTFN5vDGwIDAQABo4IB0TCCAc0wEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUiDK/CftCOfRyQyBouM+sipJ4XQwwHwYD
+VR0jBBgwFoAUWxvuA3ui2+dGwMJUq6FQKV/xVtcwfwYIKwYBBQUHAQEEczBxMEcG
+CCsGAQUFBzAChjtodHRwOi8vd3d3LmNhbWVyZmlybWEuY29tL2NlcnRzL0dMT0JB
+TF9DT1JQT1JBVEVfU0VSVkVSLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3Au
+Y2FtZXJmaXJtYS5jb20wDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUF
+BwMCBggrBgEFBQcDATBABgNVHSAEOTA3MDUGBmeBDAECAjArMCkGCCsGAQUFBwIB
+Fh1odHRwczovL3BvbGljeS5jYW1lcmZpcm1hLmNvbTCBhAYDVR0fBH0wezA7oDmg
+N4Y1aHR0cDovL2NybC5jYW1lcmZpcm1hLmNvbS9HTE9CQUxfQ09SUE9SQVRFX1NF
+UlZFUi5jcmwwPKA6oDiGNmh0dHA6Ly9jcmwxLmNhbWVyZmlybWEuY29tL0dMT0JB
+TF9DT1JQT1JBVEVfU0VSVkVSLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAqUqvjxL9
+oJD7cp8EacdYPoX2K7HydNdqqGlF63NrciMoacRW+21UlhJKNFjw0kN7mt3j2yG6
+aWxilEwRxGf4kDtVboL5p6AbLuSXhZwxWwGXNO6R0Sh4SR/3KXQz4mLlP4bn+fiX
+aXgH3t1MEMph/yaLnA1EXZTNmbknhJMblxwiJ6nNpTyWQGLWg9Yv7i8G9dc2WZb6
+p8f7j5S9RhbRqH58xZkdC7qHgzzy9yz91aDC+O7TTrTG8AtOVHTGpOe0XrxXReyz
+crGaQ4zS7RrzKtFDb0JAEZuuNH57PZlvbdOMGc9vMEI4XB7Oq19p29FDy+LOafvU
+VQZNgTyE20URKwwLbOl+P/8z13vQus6r/cmbB4TFPQOHI6I8pd7CBFr3S8MJ/NvJ
+IUIPAqalmU80Sq3+n+oBUwTMfrH79uzaNG3DHNPvAnIrZJdqAv/x5xUSBolJ1F76
+0antfyn4EQcObrk3bOX8EB/RQ0pLmxPDlHNnBsatbOWOCYO/Qy+pLp4PfJ4oIkVE
+GSMuqF8nbJNCvoAwfiXzNlqJ9HuTbm06czecflj5gVnT21jUUxGbT0SV3RhCtXGG
+u83rBIgCzVhqkV9MsHSPMcKwKMYvXjOr3MuPiIiF2L4eX+veAG8Y2rRRI0wTyvmm
+1y7qaOpSZPW5y44UfOu7RaJrafSYqUxuDQI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHojCCBYqgAwIBAgILcvJ358Jb7tncxn4wDQYJKoZIhvcNAQELBQAwgaUxCzAJ
+BgNVBAYTAkVTMUMwQQYDVQQHDDpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3Mg
+YXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRswGQYDVQQKDBJBQyBDYW1l
+cmZpcm1hIFMuQS4xEjAQBgNVBAUTCUE4Mjc0MzI4NzEgMB4GA1UEAwwXR0xPQkFM
+IENPUlBPUkFURSBTRVJWRVIwHhcNMTkxMTIyMTEwMDA5WhcNMzExMTE0MTEwMDA5
+WjCBozELMAkGA1UEBhMCSVQxHzAdBgNVBAoMFkludGVzYSBTYW5wYW9sbyBTLnAu
+QS4xIzAhBgNVBAsMGldTQSBUcnVzdCBTZXJ2aWNlIFByb3ZpZGVyMRQwEgYDVQQF
+EwsxMDgxMDcwMDE1MjE4MDYGA1UEAwwvSW50ZXNhIFNhbnBhb2xvIE9yZ2FuaXph
+dGlvbiBWYWxpZGF0aW9uIDIwMTkgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
+ggIKAoICAQCvzUTRyQWIqeGsAN7dZNGRONRvCHJ95vgjKFSCwUvv1MvWf8axM19g
+HJ7B4ciULgH+W3xtWoK2UjmtYsyzJ7GYDNiZGLuwCakdxFxApy9ebzvUDBTjOu0t
+UsuuUEXX8Lg8dhDadk8on63cVOlyNSYHDxGp4cnEl4/I+LmFUxBj0sjTjTr+pXwD
+PNLiwx48N/+OF3dF+MWhdJz3Q8HZfz3sL1zL5VY7Hkgbv5QgFzTKVsfHlzcnyFhX
+t4/7nOuoZEmTHgKn+hyz8NnX3J7Knn1k3Dg3VaYNXePYMsZ6FiT/R6UAsULU9PnE
+obkkI9LeDLU5x+2BHCTLTl+MN19pOSmBUAI1VeU3TEF4N6NPPOPy/7oiI1M93DYZ
+J7raHva8UMa+dlPj9hU1dq7aFMiUE0lEr1jhFyiBFzENkyJW0EMs+LgeXrKh0oFh
+eN34Dq5R3oErmdqPn7e6k6PpXn2lowUj52E8eqa5dJsyNm4fgGZr+Aqxw3QARBBI
+qjPJEEpIASLaNdBC+Y2Kk04RT3sxGju3zcDN3+HTxHCKvipGWguezJjBPT5cVT7w
+rmVkfh1b3+JMJHJqiXs14S3gOBqNkGdcTlw/Z3feRAFJT5Kp74eRsDVVBKcK9l36
+q4wX6YscOaQhkqyDsAEsx+70gHaRWNUeQWVZc0qjqOj6KYWI91zU/wIDAQABo4IB
+0TCCAc0wEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUy9kwnXBUNui+KELg
+0MYO+2EoN5AwHwYDVR0jBBgwFoAUWxvuA3ui2+dGwMJUq6FQKV/xVtcwfwYIKwYB
+BQUHAQEEczBxMEcGCCsGAQUFBzAChjtodHRwOi8vd3d3LmNhbWVyZmlybWEuY29t
+L2NlcnRzL0dMT0JBTF9DT1JQT1JBVEVfU0VSVkVSLmNydDAmBggrBgEFBQcwAYYa
+aHR0cDovL29jc3AuY2FtZXJmaXJtYS5jb20wDgYDVR0PAQH/BAQDAgEGMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBABgNVHSAEOTA3MDUGBmeBDAECAjAr
+MCkGCCsGAQUFBwIBFh1odHRwczovL3BvbGljeS5jYW1lcmZpcm1hLmNvbTCBhAYD
+VR0fBH0wezA7oDmgN4Y1aHR0cDovL2NybC5jYW1lcmZpcm1hLmNvbS9HTE9CQUxf
+Q09SUE9SQVRFX1NFUlZFUi5jcmwwPKA6oDiGNmh0dHA6Ly9jcmwxLmNhbWVyZmly
+bWEuY29tL0dMT0JBTF9DT1JQT1JBVEVfU0VSVkVSLmNybDANBgkqhkiG9w0BAQsF
+AAOCAgEAr91vlqdxI0dR3kookln/T7KjNZq3l/Eu21rXJxrJbkVPfowHfq8hp4mw
+9FfxZvikt1kFuVOAJ82qsP/GvMcnbTnE/92Vrg/ti8dxVin5dgZsUQyjJdbBs7GP
+GfCV+3/gRY3kLL9DFVkOT3Tdwdxg+36LUBNYCfetIWjm3Mqwe6NlIjJsyoQqo9f0
+3iVU0Rw4gO8tFoI9qWye2RsejEYz7BQ6+ULklVojSi9Q7Y7dIFWp0lkQrFl48bOq
+1h/QCmRmK/UjT/ux58q8kaUQtV7bKu6nzK2U97XQCmVLHej8OkwpCc+lrekYHtw6
+yD0qjZ+cpRkzzdDSvCk+d1awcb7mKxnHEQjJ85rRY7rn60b+UKF1SvGiILtaPmVm
+LBntDzBZT+aDl855TQowp4osnIfAOmSih3AVZVYEZgphmdyDo5+AUJfvNlglvyW2
+11yZwltIhoLRH68YeUK7JZZkFIIlQFXvQOfqVkC8Cqw2L1T8MJU0Cq5fZ/V3SAKG
+QQgwpCQGjOth2c1GbP3kOKKEdlbY+9U3q7CiHzTzw0+L1CL7G9k18B3D8L3pU/F3
+jGViEQhkXmlRHhW0QEjqI56+auU80oC5BEHoVp5nEZ2ZsdDkIpCf/7+3xoeTfVKl
+1tnv6n8IDCfKE7DC8o9+JFTE1l7n3f8OwHCf5L2Ssl3SIirLcRA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4DCCBMigAwIBAgIQAw9hzRKvkOlHxrdzZwNVHTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkxMTI2MTIyNjA3WhcNMjkxMTI2MTIyNjA3WjCBoDELMAkGA1UE
+BhMCVVMxEjAQBgNVBAoTCUF2YXlhIEluYzERMA8GA1UECxMIQXZheWEgSVQxPzA9
+BgNVBAsTNkNsYXNzIDIgRGlnaUNlcnQgUEtJIFBsYXRmb3JtIEluZGl2aWR1YWwg
+U3Vic2NyaWJlciBDQTEpMCcGA1UEAxMgQXZheWEgQ2xpZW50IFNlcnZpY2VzIFVz
+ZXJzIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFIeROjE4l
+deg/rDbLUlhaKImSL/D1+3I20CuWp7Oln6orDy+K57Yw0J0L0SsawTbxkf4HK+Fe
+dl/WGKBhjBD8AxmGsGwvTxuaIP9tAFQSo4GCsBdqorSejlg6zYfQHs2wYlRIh8rI
+hHNG4On7IWIU5vQGmpuuoczUdUAbvOcHEmRQmGnJwDjwpkBgNsqtLh5/zun6lK60
+ar1IQpjlO4YIwoQ+FpUsiJUBqZtHtV6HhsMzZLdOcki/g32XTaOerJPBXj3WoYdw
++yAYQX1l5bLCtRzaSQGAKdM73fxBTDHBvV0PblLlhSnhIeLU7m5key1U7+rkiB2X
+SK7j6HOXNNlZAgMBAAGjggJOMIICSjAdBgNVHQ4EFgQUoyUy6xqzDKRfpTaDO8SW
+zQiO73wwHwYDVR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/
+BAQDAgGGMCkGA1UdJQQiMCAGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNxQC
+AjASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcw
+AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMIGBBgNVHR8EejB4MDqgOKA2hjRo
+dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIu
+Y3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1
+cmVkSURSb290RzIuY3JsMIHTBgNVHSAEgcswgcgwgcUGCWCGSAGG/WwFAjCBtzAo
+BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBigYIKwYB
+BQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVz
+IGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50IGxvY2F0
+ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTApBgNVHREEIjAg
+pB4wHDEaMBgGA1UEAxMRRGlnaUNlcnRQS0ktMy0xMDMwDQYJKoZIhvcNAQELBQAD
+ggEBAHS8g151vb8l08bScOcp7MPlu/XB/8KPZtDH6leonJBB5YbUWHOGiaZyfiqU
+FJLhxQgAZ9fJf8EPn9THmnrAMiNG6leF8Dt/BFOvJddktnV8S1ycl9nIHOMgGrne
+6kdVqN3ymmOb9DzUpu3+ez0G01L6mcdRpG6Z3rEKlYHrOrXCvdkFAoTElw8FNKIk
+RQ01dAltZOq68DFJ9JceVrzrEaz4zyx3PLOScTEBecCQTBKsl9T+s1haO6DoAkKR
+LFAD4x3oOKiAoiyoxtVtoFqoTYNphm2fRMTJAJaF5RXdkNrtpUlUGmDDMdakKaTF
+71cDYqqYHdirbqjo+KOV4ay40tY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvjCCBKagAwIBAgIQDw5QP3lfdboN2xS9OtW/DDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkxMTI2MTIyNjQ5WhcNMjkxMTI2MTIyNjQ5WjCBijELMAkGA1UE
+BhMCR0IxHDAaBgNVBAoTE0thaW5vcyBTb2Z0d2FyZSBMdGQxPzA9BgNVBAsTNkNs
+YXNzIDIgRGlnaUNlcnQgUEtJIFBsYXRmb3JtIEluZGl2aWR1YWwgU3Vic2NyaWJl
+ciBDQTEcMBoGA1UEAxMTS0FJTk9TLVBVQkxJQy1UUlVTVDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMxq/552okNn5iinzn4yJ5LurzKku7w8A/bTEAHN
+qH3xL9najSF+O4ZThTDgZLxjSP9Mmn9pMp06LlxeSLrvYhuRpNkZ9p3VAAA9Mg8w
+JOrjIeKHb2aVwteQUEQ0EaMTcmcNt7KwhaJL0CwHF/2tkM9FACg28YnCBcydWovm
+3oZ2woWvgQl6yJVLPK32jJV0FRGzs1az7O8aXdQCSBT/vzDu9DI3XQL527NIYP9j
+DTHu6GxHiTvWqbN9utZRgSxdKZ2PtXJkWzcjJJRn9HJV398H2tGb6iRXvIh9I+v7
+qmYA0kL/hXfd+qwkS8/1JCOoq7Jupb2TgFLjfVzTdb+EYUcCAwEAAaOCAkIwggI+
+MB0GA1UdDgQWBBT7iu/JNiJ2M2G3yknEjY1+BeXDUjAfBgNVHSMEGDAWgBTOw0q5
+mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB
+BQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEE
+KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgYEGA1Ud
+HwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFz
+c3VyZWRJRFJvb3RHMi5jcmwwOqA4oDaGNGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNv
+bS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwgdMGA1UdIASByzCByDCBxQYJ
+YIZIAYb9bAUCMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5j
+b20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNh
+dGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBB
+Z3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBh
+LXVhMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFEaWdpQ2VydFBLSS0zLTEwNDAN
+BgkqhkiG9w0BAQsFAAOCAQEAyWzWv8V99yqsxSkfXNiZiHLV1XY1biMKXST3X0ds
+Knr58dBf94O89vMj9/LQHxg0ryr5RYyMeSUvMfjeyXe+enw3OjmMqb4NaI54dqpM
+F0/+SGN9EPkPJ4ccKsBfi9twlse2Kde3W4bvqHtO67X//HuUeKte/hSC4EXpmf2l
+ohdzlAmMTbp8+PJLEBft2XbGhkvTHP+Re9a8C3qQss6kEVThD3Xah1S/oPF0HazC
+HKx+HTJUTNxQpsyzAQfblZUDLr3frSCjUm9WjGtFTFwIupeadPZVf+MA4e5Mbyoz
+fq/F14/uxXkIAgrFkMslkIDEGiBYNkopnxrICvLcbnMcoQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzzCCBLegAwIBAgIQCWinmmAsofddL9nmj2a4OzANBgkqhkiG9w0BAQwFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMTkxMTI2MTI1MjI5WhcNMjkxMTI2MTI1MjI5WjCBmzELMAkGA1UE
+BhMCREUxHzAdBgNVBAoTFk9TUkFNIENvbnRpbmVudGFsIEdtYkgxPzA9BgNVBAsT
+NkNsYXNzIDIgRGlnaUNlcnQgUEtJIFBsYXRmb3JtIEluZGl2aWR1YWwgU3Vic2Ny
+aWJlciBDQTEqMCgGA1UEAxMhT1NSQU0gQ29udGluZW50YWwgU2VjdXJlIEVtYWls
+IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IKfCJ8DffzzcFoW
++AotbKqITr7LjLlqHGPHCMrC+RIFGySREWgNc0KCqUcleoAh1xO/ndFqMfPn6sQh
+YSLPX567rjNv2xSp+6K9nKi76wU0qZeMXVMKyu5mXjsQNjpkOrcr2a9uWsjtQRmk
+x6h2v9qhBY2QhfPJ/o7yzrujkvc2nnCp0qNba/i3gk+S4zYKt0c4LC37X+shKQwG
+eWa8ZwKhY3WMwQaDxX7MQA8HValOoUfE4tRmiLpkQz9OWHnjKEBXweFAMhsr+ttA
+okDg/X3ZJ73SmhLNdTqUPcmYx74uG08znNLLCNz2xeS5JTOvxo1+gJea4Abw3tPZ
++8ufuQIDAQABo4ICQjCCAj4wHQYDVR0OBBYEFKgSIGeea1P1+tuyeqtfvBbCIy2c
+MB8GA1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWXNqfWMA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwEgYDVR0TAQH/BAgwBgEB
+/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
+Z2ljZXJ0LmNvbTCBgQYDVR0fBHoweDA6oDigNoY0aHR0cDovL2NybDMuZGlnaWNl
+cnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNybDA6oDigNoY0aHR0cDov
+L2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNybDCB
+0wYDVR0gBIHLMIHIMIHFBglfhkgBhv1sBQIwgbcwKAYIKwYBBQUHAgEWHGh0dHBz
+Oi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ug
+b2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRo
+ZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3
+LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEURp
+Z2lDZXJ0UEtJLTMtMTA1MA0GCSqGSIb3DQEBDAUAA4IBAQC7xg/pfSY4Gd4PH1S3
+e+XVTjXZdhnSXo0mmB/Z5sMp83QLx/Xo9eJ+gK84gOxYfI3lss5k0r/fLklhZ0tD
+tbRmold4YlN+OcTHWspVMNRY9a5nmOVadWaiD6vcH2CdH7V/iI3S2PSbl29U7e8f
+D/aa6P+8CC8MxLJVHrbH55itEEqp1JgN5aKPyOMqxIQjUr+53r3qU621JwCALd6Y
+pKESNbV6bm3MZ0JaoVxTioOZS6xX5hbCNhP9DRqzmd9rHS40ASy8MCIcs1/Z1wUh
++QtM87l9/Ej6/y+nItLSA6hIpc2YhcKu41lahijWaGViMAeKjXVH1YUrRMJxu/1v
+HlGx
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHODCCBSCgAwIBAgIUUf1UroiXyi5xvfKGVabVFa//FcMwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0xOTExMjcxMzA5NThaFw0y
+OTExMjQxMzA5NThaMH8xCzAJBgNVBAYTAkNIMSYwJAYDVQQKDB1RdW9WYWRpcyBU
+cnVzdGxpbmsgU2Nod2VpeiBBRzEeMBwGA1UEYQwVTlRSQ0gtQ0hFLTExMi4yMTAu
+MzQ5MSgwJgYDVQQDDB9RdW9WYWRpcyBTd2lzcyBSZWd1bGF0ZWQgQ0EgRzJ4MIIC
+IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1gkLU4uhYaBadBKWR5tY6eUI
+TBdIe1nbkJOxO18eyZJE0jnczAg2//Ut4JydaKi9FTwI8wq2mKLX/htSx4p0AgRp
+SrEXU2RcWNbxq9Cfu0cOUR9f8KCVPvEcRv7+4BFgFsqFvJ/Tw5DNkRzm+SRO/H98
+1yCfEZC16n5I7kdaFuQcY3dBWnrsIRt1bHwCzsYzgO3lSP/DDLgi2pHjgNm8fJ4q
+Yzj0TYotzotAsAqlnSDSnNL9JppewHy/D/8JnU4OIvNXIr+gW08y6SFPgvI7lCd3
+ErA46e/GJ06j1lXd/mYZJN3fWuxpBtI409DVQvT0NFXZvcwdwciZ+c6z6dWmYvIg
+culwWDaCa79HuJvfRHUtFyJr2DdPFo0rKKGQYx8GiUp+PmYDu6AnvwCxuhd9G4Tt
+YIDZUv0rEo+EUC+JN3idd2ZZtMVQ6paKIPpKkwdhNkGkKEm+cny3b0Ht52ZwIlPb
+Y7wC7DXhDn0dCA08tqCdBcvom6v6pYmwqDnhwAkpKQZkiPbwUP6w1M0onqvZbiOu
+0gNSLGIRKHu1XT+aQpA1PYA5tjZ5oWLFVU5lr/1kF08zLio0Q6q3jDpfNokpvf/5
+Bdow3e9hfvf81dX+Efd4qArGJBG0um3StdCM6W+zF2GwnstuMC8onEpb6dh9dad5
+6sc54Hx+7OSaM0b0th8CAwEAAaOCAeEwggHdMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HwYDVR0jBBgwFoAUo5fW816iEOGrRZ88F2Q87gFwnMwwdAYIKwYBBQUHAQEEaDBm
+MDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2
+cmNhMWczLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9i
+YWwuY29tMIGYBgNVHSAEgZAwgY0wbwYKKwYBBAG+WAGCLDBhMDoGCCsGAQUFBwIB
+Fi5odHRwczovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeS5hc3B4
+MCMGCCsGAQUFBwICMBcMFXJlZ3VsYXRlZCBjZXJ0aWZpY2F0ZTAMBgorBgEEAb5Y
+AYMQMAwGCisGAQQBvlgBgxowKQYDVR0lBCIwIAYIKwYBBQUHAwIGCCsGAQUFBwME
+BgorBgEEAYI3CgMMMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFk
+aXNnbG9iYWwuY29tL3F2cmNhMWczLmNybDAdBgNVHQ4EFgQUQnGpos/WTsHNLV4D
+ejE6wo1aeTUwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQCBVVdb
+XHCElr0X1ekUb1XCV1LWMnhwE3HmjCoRgiYAjCY0DGBorkRZHaRPl3x7UQ37mMST
+uFsgq0WstL3j7Dp8RhmLE0Z5b64aI+C9x1MnENo/dYEXUcdfQsoZQfPZXS57JER3
+Yiu+RPsj/uAsG01o5sSg1rqdhlprl7/B3HJwHBtFzVuljbGZeULtssk8emCdrY8N
+enAvIJmxXkj9gLzVCo8uQ9/fd8n+3d95z8Jm6/7tGBwEzoz3/0BaJ0NBeqXLkDmQ
+MAXBd2VQV2sj5lX2iU17A3KUVn/VAGmTSIC5+zdezlX+ctIOpknN2/tZHSNSo2oK
+yqkzyf6y8jDT2i4FJ9tkvz5S7VC2fnXAwBw+09sRbIiPs1a/C79IX9vOCx1A+2MO
+7RdtSSdwHADJ08Y6uHKLJTXBTdvp8fO+j06jkSe2UXS6SvwMe80ZaZ0KUaLHpX9F
+cvoWiBV/Co1hHWk+uL7bvUQkQorGU1mMhX6H9Hl0LGBgEvhEmA/xZbC2zGOkczIn
+mYFggfPWZTaQq03wRgjHdSeOynAmJmiVV77Wemy07mWO5lNfoVrYqjU8jf54tTNm
+ayEo9vA3Tw1bxMgDYFs3rL6qDusK2XwY4GXX/pTZ4ytMEyGy3hKBYNBG0HTvDDx/
+srzV3vtDzxuHfbAF+9Zw5wYxjuHjCVJ4SoEF6g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIH8zCCBdugAwIBAgIQNIFgxR9e28td34nKtFczkjANBgkqhkiG9w0BAQsFADA7
+MQswCQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xGTAXBgNVBAsMEEFDIFJB
+SVogRk5NVC1SQ00wHhcNMTkxMTI4MDg0ODA5WhcNMjkxMTI4MDg0ODA5WjBnMQsw
+CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNlcmVzMRgw
+FgYDVQRhDA9WQVRFUy1RMjgyNjAwNEoxGzAZBgNVBAMMEkFDIFNlY3RvciBQw7pi
+bGljbzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAIiXtTkI+RwQtLvj
+xKUjJI6Gnfhgr+3HPWQQjB36laMkldEfQGsVxg6pZdQfW9YQqNEW5OqJ/XxMkExF
+Vt6y9/GJOJfTOPFyys7tObuPMw6wk0Yy+UKZg56Ea/dxJC1Dyb6pI/k4+tBvyAFM
+XzwbvWfT0PjZSTnvf51d1K2+IEDjQ8LMFOnHQWUBGaOub8lemZnMeGROBYXEWArm
+jy3wEjVwNxWvaTfYxRw9SbHqfgOHoLkALkMshNM62CGQnHldGBH9w8r4vspF0/XH
+b3nvq2GWkBhq5fxwu0OzgaBpSiBL4Mc6xDJaoelPxB/ma3icD+aANiBr92z3zCli
+TUxe4c33L8qPmnV2GKctADAR3YEcOOPCJXjn5QOdNDQmjPBLCbi8GL5u5eJ4NZXU
+iF50LNyooA9z45BtL5xY2es+ZCOIsYr8L9X5klTvrAP5lKLleoRrYbUnfLq1LVkp
+GaOO2wzMyoOtp9YEJeaA8punnPI5jSK5n3JIsVesfY0fvq0Dia4V3NLv9jPnOmat
+buV1CadT+wuKG0ZVyoM05zzE5G4B+DH4VWfZy0r6WziOc4XfQcTifMk9hcZEWPJQ
+5WxlGiUuWEfOvVizrYIzjJd3nXRSN76+xcHVly6sdy9I17DMODMLLhqn8vR1LJaw
+XM7vNbmNhs5Gcex2heeOh6yBpNohAgMBAAGjggLFMIICwTAOBgNVHQ8BAf8EBAMC
+AQYwEgYDVR0TAQH/BAgwBgEB/wIBADCBlQYIKwYBBQUHAQEEgYgwgYUwSQYIKwYB
+BQUHMAGGPWh0dHA6Ly9vY3NwZm5tdHJjbWNhLmNlcnQuZm5tdC5lcy9vY3NwZm5t
+dHJjbWNhL09jc3BSZXNwb25kZXIwOAYIKwYBBQUHMAKGLGh0dHA6Ly93d3cuY2Vy
+dC5mbm10LmVzL2NlcnRzL0FDUkFJWkZOTVQuY3J0MB0GA1UdDgQWBBTnBO5wkRGS
+RPkOko9WQx4HHb8EnDAfBgNVHSMEGDAWgBT3fcX9xOiaG3dkp/UdoMy/h2CabTCB
+6wYDVR0gBIHjMIHgMIHdBgRVHSAAMIHUMCkGCCsGAQUFBwIBFh1odHRwOi8vd3d3
+LmNlcnQuZm5tdC5lcy9kcGNzLzCBpgYIKwYBBQUHAgIwgZkMgZZTdWpldG8gYSBs
+YXMgY29uZGljaW9uZXMgZGUgdXNvIGV4cHVlc3RhcyBlbiBsYSBEZWNsYXJhY2nD
+s24gZGUgUHLDoWN0aWNhcyBkZSBDZXJ0aWZpY2FjacOzbiBkZSBsYSBGTk1ULVJD
+TSAoIEMvIEpvcmdlIEp1YW4sIDEwNi0yODAwOS1NYWRyaWQtRXNwYcOxYSkwgdQG
+A1UdHwSBzDCByTCBxqCBw6CBwIaBkGxkYXA6Ly9sZGFwZm5tdC5jZXJ0LmZubXQu
+ZXMvQ049Q1JMLE9VPUFDJTIwUkFJWiUyMEZOTVQtUkNNLE89Rk5NVC1SQ00sQz1F
+Uz9hdXRob3JpdHlSZXZvY2F0aW9uTGlzdDtiaW5hcnk/YmFzZT9vYmplY3RjbGFz
+cz1jUkxEaXN0cmlidXRpb25Qb2ludIYraHR0cDovL3d3dy5jZXJ0LmZubXQuZXMv
+Y3Jscy9BUkxGTk1UUkNNLmNybDANBgkqhkiG9w0BAQsFAAOCAgEAoiOeh9gNG+m2
+D5sGhF42Yikr03aD2jNwMEzfOy8j3GY9/zIYu749MeNwAq9KVx/NnxNiHHUUOqJz
+uChPM/wMNaS6GeTYerDsU90C0fsbPmAOIfWQ1RdZWM5DVlOK7IhtRN1pDm0SCIiC
+vWt4UtFRnu04Vef1p5Wdi71JisT/5TwtALk/bsMP56KaZP6NHgvh/CaXu30UxSSa
+oJ+HPHyDLE2MRpKF8YyfGNEtqslSYZLsicGEdvqegDWxnJ8lR0dOMV6T2Aldct0o
+cAxK+fRUpNx3Dzw9u7zQXwQqR5C7pjpv2Zfz+aSG1Wuc/c+XyJRsZXBurxMwE4tf
+rKSvAWSBEOM9CaHwMVbhuPyDZqbyi2AdLGkpv6TL3QX0eBcsqZrGP79UYNdi3iYo
+e8B5btv8qTXnXc4AFYUOgpGFffOBbX6CwkN7tdVng0qy3lfELEB3NYdCJl1omVsT
+i6UbZW4l7wa04JNK3PX3Rm5KgRYy4mxkH3wDAFzMV2021avyPf4SSkwAmQfYtpUO
+QQGcyoSS4Jp2CGTa3+UIgPyOsyPyu98QrAnqt1jI1T50xJMgy4lYQDOiL9UmzOYZ
+G/0raweJ2iSvCkMHTlknvisXo8cXg7+J1bC0+hBEoNq+dtWyT+r7PTOGChpQzOHP
+byc75wBp7Iq75dVxe4asXI8YdytrFxI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIIATCCBemgAwIBAgIQLO0aXgKAW7xd34o67KqYWjANBgkqhkiG9w0BAQsFADA7
+MQswCQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xGTAXBgNVBAsMEEFDIFJB
+SVogRk5NVC1SQ00wHhcNMTkxMTI4MDg1MDAyWhcNMjkxMTI4MDg1MDAyWjB1MQsw
+CQYDVQQGEwJFUzERMA8GA1UECgwIRk5NVC1SQ00xDjAMBgNVBAsMBUNlcmVzMRgw
+FgYDVQRhDA9WQVRFUy1RMjgyNjAwNEoxKTAnBgNVBAMMIEFDIFVuaWRhZGVzIGRl
+IFNlbGxhZG8gZGUgVGllbXBvMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEAyEa0GCFLd4/kGN0f8LgsXBGWyCEmOsrmTQbKO9PvNHF6Q1lg0Hc/zuzQxSC3
+gf7IIGVbbgDSojOPcqnKv5JOT4ARax/qUhjSqCgKeTKbCKLW38kQQtPw9N1IYGwM
+NhQYal3ENuj7kGO1edaXisJATXj+R6aI4e2h6zghcMnDnvFCv++9dx//y+0BbYi5
+o/PFeTZCHZ4aWtC428s5b8f3fI7CduVqO2BHYI+E4ok2y/15YM5oYNmVQ9g0eLhn
+a60m8t2GRAEyHBmthz9juvWN51GbiJXnTiCgd1tYUqEau4WQV4f9mucgEp7MITCM
+0ffMzAjfqKO/JuSfGZDZfPLPxLQMKlv8lS9GOWFp3Zy/Vcfo86PETK776zRkVYti
+kWm4pp41V4oghUOvkHXAyxsKkg9Vdtq8wE+sM0xvS+HdbjGHttpdixu6M4hrAbRg
+ZygFYVAfLixl3qhJ1W0w1xxy4AOLBAdaAMA/fYh8OO11k8aibjeKB9xcmuEK7yrk
+57iz+WmwuiGIlmjg5EqBz6fwDi5lwx5ZeYkjlg0k1Cni2G0PmUWE+XUyk9tW6Yab
+U8Y0/BDEQbvl6jeVy1jX9AMrAN4m5Cqdko/iFEuH+St4SkJzpf602UYhj/2KJSPF
+CGJwhNSd2RMQIAxo6CZ/4bUXjXNbRnZmv5UzSA4iPjsczqMCAwEAAaOCAsUwggLB
+MA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMIGVBggrBgEFBQcB
+AQSBiDCBhTBJBggrBgEFBQcwAYY9aHR0cDovL29jc3Bmbm10cmNtY2EuY2VydC5m
+bm10LmVzL29jc3Bmbm10cmNtY2EvT2NzcFJlc3BvbmRlcjA4BggrBgEFBQcwAoYs
+aHR0cDovL3d3dy5jZXJ0LmZubXQuZXMvY2VydHMvQUNSQUlaRk5NVC5jcnQwHQYD
+VR0OBBYEFEC5VQSoT39gkO0RlSXDJfpa9IXVMB8GA1UdIwQYMBaAFPd9xf3E6Job
+d2Sn9R2gzL+HYJptMIHrBgNVHSAEgeMwgeAwgd0GBFUdIAAwgdQwKQYIKwYBBQUH
+AgEWHWh0dHA6Ly93d3cuY2VydC5mbm10LmVzL2RwY3MvMIGmBggrBgEFBQcCAjCB
+mQyBllN1amV0byBhIGxhcyBjb25kaWNpb25lcyBkZSB1c28gZXhwdWVzdGFzIGVu
+IGxhIERlY2xhcmFjacOzbiBkZSBQcsOhY3RpY2FzIGRlIENlcnRpZmljYWNpw7Nu
+IGRlIGxhIEZOTVQtUkNNICggQy8gSm9yZ2UgSnVhbiwgMTA2LTI4MDA5LU1hZHJp
+ZC1Fc3Bhw7FhKTCB1AYDVR0fBIHMMIHJMIHGoIHDoIHAhoGQbGRhcDovL2xkYXBm
+bm10LmNlcnQuZm5tdC5lcy9DTj1DUkwsT1U9QUMlMjBSQUlaJTIwRk5NVC1SQ00s
+Tz1GTk1ULVJDTSxDPUVTP2F1dGhvcml0eVJldm9jYXRpb25MaXN0O2JpbmFyeT9i
+YXNlP29iamVjdGNsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50hitodHRwOi8vd3d3
+LmNlcnQuZm5tdC5lcy9jcmxzL0FSTEZOTVRSQ00uY3JsMA0GCSqGSIb3DQEBCwUA
+A4ICAQBNFM9IPXNDhmKVlxo4vK6CdL45Gt0+nROnf1KnW83CESo+KiylEo1quLaG
+1oe44jWspRJbN1ZEJQJbNS5ibsuRJthF8RN4Bsy1TSNrXETXddKMtqhbihaMrmaW
+0Ptn1YO+oIAAgfLuHopSiJj2N2rqq34LerBz/BLB0dhTLy1eK9TRRJlc4vIJsGck
+aHzC1D9fdh7+1amkVmG8GvNLMxvINKPmIG6dFwXO9xzeAvzhIfDCfDjjysdicMOn
+7n10GPrloQwaILFlCqxXVdFIglSv4/o1qp6wFGv4zPuE50ko6dylPdoBdRxmGdk5
+oaBT7ZuFBgUyPMhuWaH5G3M/5wXI6LGVGHNmbxtieBv5HJ8XB0ciIBb+6LSSR/Fr
+sQVnqU0QCNIKJYhqW1ghc3wnDazD74KCeqOfskeINwWZnUocQOpjOAVkPIyOFnvY
+up9KsNfHdK75Oi4LGESKqmRfAUQ7U0fl5k7A5wJi2z5kvrHQmkSmYtqBlRBu5zX+
+15jw3Kgar3r4A8F7zt337CEsxYGo7Kxd2mZelD9cQ1q7WgCb6Aj+1KCbQYL77ezT
+MYRggfUtsq5YYaxNYilOF/4Rn0+heh55ulc8RbAw+Rl0wkeah4BQ+vSBUBmGoJPh
+C7Z8GRfFCy/2m3ZbozAqHmwkiYktWbmH1TlM+7UEsIfXWCmwfg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGBDCCA+ygAwIBAgIQCNO7HB1sjEGMTCY4N8GhfjANBgkqhkiG9w0BAQsFADB8
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTAeFw0xOTEyMDUxNzQxMTFaFw0y
+OTEyMDIxNzQxMTFaMHExCzAJBgNVBAYTAlNDMQ4wDAYDVQQIDAVNYWjDqTERMA8G
+A1UEBwwIVmljdG9yaWExJjAkBgNVBAoMHVB1YmxpYyBLZXkgSW5mcmFzdHJ1Y3R1
+cmUgTHRkMRcwFQYDVQQDDA5UTFMgUlNBIElDQSBSMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAIeJs7WMogRnuPRWu1ElJi9so9wpQL+qJlt1UHVp+m2O
+P4Kd0dN8ez4vCu13vTSHD6+W35CItDVTmTSTRBEBbZU6/FUvJ7sHqEJdg9TO2UV7
+S6rQLojf3KSJC34XLh7YtuOKWXskws2C06F5nCWYCxd4gatbdQgnhz1qaLb9sa2d
+ng0Q3bK5xDHq9mBR+VCzXud5VzAXoEWQ25DKrzypXIcqtHqzesvF9NHd1peQReBl
+u0Rmc7L+kepl3djwFzr0kVsoonqK87O/X9hPqpmBhY69diMtq+LpNyuG8lSLizxG
+eNshcZkdkMLJrz4oL3OG7y4m3sG8NbQmhib0e98XLV8CAwEAAaOCAYswggGHMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU3QQJB6L1en1SUxKSle44gCUN
+plkwgYMGCCsGAQUFBwEBBHcwdTBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5zc2wu
+Y29tL3JlcG9zaXRvcnkvU1NMY29tUm9vdENlcnRpZmljYXRpb25BdXRob3JpdHlS
+U0EuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTA/BgNVHSAE
+ODA2MDQGBFUdIAAwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cuc3NsLmNvbS9y
+ZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATA7BgNVHR8E
+NDAyMDCgLqAshipodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5jb20tcnNhLVJvb3RD
+QS5jcmwwHQYDVR0OBBYEFPSuWo6U5h2QB7V7IQYUnr1d41o8MA4GA1UdDwEB/wQE
+AwIBhjANBgkqhkiG9w0BAQsFAAOCAgEANySLZKzXHW0Qgt/drZlLzHo6XVbRRoWE
+yaE0FhFQqu8sHlybQxnvrjhn1sZykNxsmHvzktUxBRHD/S29mTfLXeV9JMfJcnGq
+JMm1UxbgN+J3pnPVfYYI6jugLH9y92uhldImpn+GN0zPAyzEDR0FkiH7EluRLHZd
+mj5HwtRYYqBEWOQNvGvZNWYlt99vGgYz9g1Uy1IodCkg1DyLCm7nFKG/Vxsqscaf
+tlJ/ZYEtos612ddrtEIc292lWpLsnWekDtp+50k2BtsBMRNFzkIB/VSd/pidUbzw
+/az2rxdwLaIjZ9yBBUOMckOO3z7qbKyqRbqsXdPdDS3xRBtV/pY8RE8IMxe1v9V/
+U4vUnD7yjDxK+b1dAdmmnX95cS+IVS5iPOfqImUGIALgIiFH8LgrBw/U5v51b4hn
+SPSsPXNadtgMizB/Uxgw+gp5/ddp5Xpm3pm1eI/cbBqgpaJo/2S5A+EMbRJqkkaa
+a5frQKI8YQUXH72CxedzFUZM8mzNxzo/c7h0lU/CdjLHWOvbiSzso1ygyueO9kuy
+SCZb83eVbE7pMsepBi+gi7XNTgFcovr01uBge7j+YtsLeP0zwqmQsQHzgR/y01Fb
+27prtVKjn7UTkI3D05Py811gaoC0/b3A77uNtn/mVhBIPekQxYaI7Q0I7ympa8Ux
+P1zufJy0lxs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGBzCCA++gAwIBAgIQfQUIIK66EoIui/OPGAP+dzANBgkqhkiG9w0BAQsFADB8
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+GDAWBgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFJTQTAeFw0xOTEyMDUxNzQ3MDRaFw0y
+OTEyMDIxNzQ3MDRaMHQxCzAJBgNVBAYTAlNDMQ4wDAYDVQQIDAVNYWjDqTERMA8G
+A1UEBwwIVmljdG9yaWExJjAkBgNVBAoMHVB1YmxpYyBLZXkgSW5mcmFzdHJ1Y3R1
+cmUgTHRkMRowGAYDVQQDDBFTL01JTUUgUlNBIElDQSBSMTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAJok5Rn2YmZrbHu0VTsbqoabC8vLbdvEDzjjJZEJ
+D6FrjcYVMRfp1N69N8aCIwHxukyscz2zWd3y5UWzAz8dAH/w/gIvBoW1LC3rsKdP
+bZCmW6Sy0Nv35ao+5kfXtBDvLtLvXW3ll0vMJo9bjSa5FrId9YE+VG1m3tRiH69y
+eDiQM/MfIgyY81BQ1em+vogww+6N00ZEBWs5WH5cPdFycsReoG1GWZdagb0FfE2j
+zYRVhNFaXwj0iS7Bk7rXTL0hhcO/hU+t7lWP2xRa7d5i6bVd/SwtzlIx1i8y1SQU
+sxMyck+bJtZUt1pba2AHgITOdXdeNC9NOMH1draJvrAeZhkCAwEAAaOCAYswggGH
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU3QQJB6L1en1SUxKSle44
+gCUNplkwgYMGCCsGAQUFBwEBBHcwdTBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5z
+c2wuY29tL3JlcG9zaXRvcnkvU1NMY29tUm9vdENlcnRpZmljYXRpb25BdXRob3Jp
+dHlSU0EuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTA/BgNV
+HSAEODA2MDQGBFUdIAAwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cuc3NsLmNv
+bS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA7BgNV
+HR8ENDAyMDCgLqAshipodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5jb20tcnNhLVJv
+b3RDQS5jcmwwHQYDVR0OBBYEFJNoxdD0YIa8YPYbS5OfB9SN9JmbMA4GA1UdDwEB
+/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAjQtJpGnMr1MaGm4vBMO/GXOpgD/D
+Hz2KJAkYuhiqJfUnbV5DPOdpAMYEWQNcYO+Q0cNuCNfDor9f+9GK+15aCJuK7N9A
+bfFbFRJnrQRBGIKJRkM4XDcChFW5l7UUqswYwl4ybVsLNcorRd1uqQ5nCMSHo2Hq
+bbrTqqKVrWE38HTsByE1UYHf5csrJ5epHdcnQy9UyTf0/fxKCGhBbMgdA0hXzN/I
+F3pCgnO2XEjk3b4eICoAPkB5BQHRVuDVFuNo7cZJHIo5HSrid9US90KEwGMc5VEl
+gU1w/ACyE2gzjVM/egJbFrxJ+pCoNUaorGF27X/QpJCD8EiyESs8KcAW6YLb1ClW
+e0ESJo+NkVjoEvahWgqhZg6m8EFag3mxc9tipSNaVzm6cAaER5dXNvUaQc7KaShv
+XzJeNNSzy7VKxoycMHZrL7F+/mRU1DkIlCtlCF0QKBovUMJ86pZv5RHBy6UBMqEV
+KNcAAjQyr12jl7gRLupek63LUSSWyohk1Itac3fB3yiaLVa766oms0WvuMtsGNZf
+gjN40mX/I+RVncPyQEWMkF92qFi8Jx9cp2IP368gOFxyaQeEKqCsVonsoSQg0p6H
+XNw68ZxQcVOHyH9OnKBqProAR+ssJkKfR2tbkaMvGmnw6YoWrkOprcPENLDix0hw
+cz4ds6Yt8PytLnY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGEDCCA/igAwIBAgIQXkXCVpudK72cE8vm41R9ATANBgkqhkiG9w0BAQsFADCB
+gjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVRleGFzMRAwDgYDVQQHDAdIb3VzdG9u
+MRgwFgYDVQQKDA9TU0wgQ29ycG9yYXRpb24xNzA1BgNVBAMMLlNTTC5jb20gRVYg
+Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSBSU0EgUjIwHhcNMTkxMjA1MTc1
+MDQ4WhcNMjkxMjAyMTc1MDQ4WjB0MQswCQYDVQQGEwJTQzEOMAwGA1UECAwFTWFo
+w6kxETAPBgNVBAcMCFZpY3RvcmlhMSYwJAYDVQQKDB1QdWJsaWMgS2V5IEluZnJh
+c3RydWN0dXJlIEx0ZDEaMBgGA1UEAwwRRVYgVExTIFJTQSBJQ0EgUjEwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLjF5efmMUn7kuyKaKLSgI8FWGj7JD
+jEHuTfe6X/HhPz7nssX/Ug4pb37olMpmDZK2uDwvt6b8I7p1yHZRu4dh4SJTYsoa
+6O+73y+Ts55KaDnQjN4p+4NhK+mNDj6BAJu1/0dvsMnQHnOKVqiYDEv0rKsv6tzm
+d6OO7DtxTXFxteoddFe7RNQP8XU05iXzYh9+AyuVwK3w8lj7Bk1lkwNl28j+umju
+bOA63Iepg6U+kZ/ngY77CTQtBB6GAANQzGFWZSZv3UNzw4npOxd+ogGyAiwBoDhl
+BADnCjisJAD2dG4k0eGL74Px/xT40ygr1mOp2gLR3qvfYQM5AMzWVUt9AgMBAAGj
+ggGNMIIBiTASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFPlgu9Tj1TT2
+uPUGgCWnc9tGaaieMHwGCCsGAQUFBwEBBHAwbjBKBggrBgEFBQcwAoY+aHR0cDov
+L3d3dy5zc2wuY29tL3JlcG9zaXRvcnkvU1NMY29tLVJvb3RDQS1FVi1SU0EtNDA5
+Ni1SMi5jcnQwIAYIKwYBBQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29tMD8GA1Ud
+IAQ4MDYwNAYEVR0gADAsMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29t
+L3JlcG9zaXRvcnkwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMEUGA1Ud
+HwQ+MDwwOqA4oDaGNGh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMY29tLVJvb3RDQS1F
+Vi1SU0EtNDA5Ni1SMi5jcmwwHQYDVR0OBBYEFAE9DdBxG2Z47mWNMabUkoNAtxKe
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAKZ6CPOBJ5aQS2vZ2
+KQiZ4poCbqh/NnuOqqdElNqRyrdTiOJ2/lXWCyxhYYMkNIfp25X8k9VSwg7JJfqK
+0bpKVKSqOT3beMaaPn353uREqf+G8xQa4v4zuT0ufsh6kTBjZH7IILNcvWWs5OZz
+mP0ql33ySRHSBRa8KCDpOvNEWuQPPDjdiTp8jaEQ5An3l7dj9oc4HFarwcAKWJLE
+LHpl6IiTc5TxD7sUz6J9thNITGwWQBO0wUlQOZXxOYAUbU7FAPyDLk6l3ssmJxEK
+Ptr5bi4ddolXtMDtjaZuSvXvwlRo/BX23PkWCpv+BdJ6+mG+v+03+eFwR++f1zFQ
+yTOqV5NGb+R4W+cjQQYzvY/qBKcPzvjGxvNmf4K7qdcASMMu4O6SJgNukKtn4Tv1
+zJUvIf+OHRZyEEXrlNmKOvz8PorXjAxwiqJXGF/GMsGsHEFlUG+/qCHiuJM4f7ig
+ale3yWADlYTzjXKXXmWUvRA2RnbX6fZFFvFANXgu3XcmFlHSgfyrT335RfcWP6p2
+5uyuyDGUaFIb8i3OduFOQB7XdD79OnV/KLdHTXdNtvuxn4+ot4EpS98jN6v61kcb
+btkPo9nA/tmuF+x2gHKaUJMnuh13AE+EKKMJvpMHrs2hGhIyoR7SSpX7RGPj6f2v
+0yEwgtlGE+H/4tT6VQihtx2OhKg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDqDCCAy+gAwIBAgIQT9L6yA/FobXp6H4lKG9bgTAKBggqhkjOPQQDAzB8MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTEyMDUxNzUyNDNaFw0yOTEy
+MDIxNzUyNDNaMHExCzAJBgNVBAYTAlNDMQ4wDAYDVQQIDAVNYWjDqTERMA8GA1UE
+BwwIVmljdG9yaWExJjAkBgNVBAoMHVB1YmxpYyBLZXkgSW5mcmFzdHJ1Y3R1cmUg
+THRkMRcwFQYDVQQDDA5UTFMgRUNDIElDQSBSMTB2MBAGByqGSM49AgEGBSuBBAAi
+A2IABIcDHLjPPRAljxCUUkxJDc5iKWoaDbcp692vUqhdHDF6fdaU/BzyvVgV/GZB
+sQDIAI/fzsVtD79pi3RAqqiZHJQNIbjLJAva+7q58ewJsmXx6aJbM9Ibu+1SAqjo
+T6HNmKOCAX8wggF7MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUgtGF
+czDnNQTTjgKS++Wk0cQh6M0weAYIKwYBBQUHAQEEbDBqMEYGCCsGAQUFBzAChjpo
+dHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb20tUm9vdENBLUVDQy0z
+ODQtUjEuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTA/BgNV
+HSAEODA2MDQGBFUdIAAwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cuc3NsLmNv
+bS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATA7BgNV
+HR8ENDAyMDCgLqAshipodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5jb20tZWNjLVJv
+b3RDQS5jcmwwHQYDVR0OBBYEFNynJba37KVQ8jP2Z9XMo7dX3xhGMA4GA1UdDwEB
+/wQEAwIBhjAKBggqhkjOPQQDAwNnADBkAjBa7dpJkw1g2KbZvCLhRJZzrzJNm1Oh
+kIyTiGClTA2VMDAmqs+aVlqAOJ4EwAByc+sCMHaCizB/MsoyGjuBK8gvySoZqI/c
+IWvZLqC2/J2geFCTklrtYlvjD4RnlEhHN4JAQw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDrTCCAzKgAwIBAgIQCpW3UYwc8/NSAWzkfr9aPDAKBggqhkjOPQQDAzB8MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjExMC8GA1UEAwwoU1NMLmNvbSBSb290IENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTEyMDUxNzU1NTFaFw0yOTEy
+MDIxNzU1NTFaMHQxCzAJBgNVBAYTAlNDMQ4wDAYDVQQIDAVNYWjDqTERMA8GA1UE
+BwwIVmljdG9yaWExJjAkBgNVBAoMHVB1YmxpYyBLZXkgSW5mcmFzdHJ1Y3R1cmUg
+THRkMRowGAYDVQQDDBFTL01JTUUgRUNDIElDQSBSMTB2MBAGByqGSM49AgEGBSuB
+BAAiA2IABOI2esZ3NlAATKU19rYs2kCRg2k/F239UEpFTlx19Gm4CA5ZzGk1cOQz
+q+b+BLHAIf9htnaPulI/1T3OCoXhFZe/gMbMXPg4NJ2a9kAv80vnKpyTDzLqwXNM
+vy76+bPcLqOCAX8wggF7MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU
+gtGFczDnNQTTjgKS++Wk0cQh6M0weAYIKwYBBQUHAQEEbDBqMEYGCCsGAQUFBzAC
+hjpodHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb20tUm9vdENBLUVD
+Qy0zODQtUjEuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3NsLmNvbTA/
+BgNVHSAEODA2MDQGBFUdIAAwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93d3cuc3Ns
+LmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA7
+BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5jb20tZWNj
+LVJvb3RDQS5jcmwwHQYDVR0OBBYEFHkMwls5jakutov+4+7Nc8eQLNSCMA4GA1Ud
+DwEB/wQEAwIBhjAKBggqhkjOPQQDAwNpADBmAjEA3Y2PpoE8yG9drpwil9unEXYl
+6AE2Ye7gBVp/H65O6zoNXvj9AV92mBeF5Ls+qQAkAjEAxuK+2VBWH/eVgpNcS0tR
+NXh9lwjlNgjs09wE6GBW88JcTlEg6/AnNFuUHGmDSZdl
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDszCCAzqgAwIBAgIQDTVetRXgI5CCmvFrSBGi+zAKBggqhkjOPQQDAzB/MQsw
+CQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24xGDAW
+BgNVBAoMD1NTTCBDb3Jwb3JhdGlvbjE0MDIGA1UEAwwrU1NMLmNvbSBFViBSb290
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEVDQzAeFw0xOTEyMDUxNzU5MDBaFw0y
+OTEyMDIxNzU5MDBaMHQxCzAJBgNVBAYTAlNDMQ4wDAYDVQQIDAVNYWjDqTERMA8G
+A1UEBwwIVmljdG9yaWExJjAkBgNVBAoMHVB1YmxpYyBLZXkgSW5mcmFzdHJ1Y3R1
+cmUgTHRkMRowGAYDVQQDDBFFViBUTFMgRUNDIElDQSBSMTB2MBAGByqGSM49AgEG
+BSuBBAAiA2IABBJ8yzo3vPihqmhMHao1XJQ+n4HaSKjqejVF7mczZNY6NtbbY1R5
+NOTcKspp36i0I17y70mqBSrGr5P90evkTlBDMRuBGmtqLAvE2caC7mp4nsSYtnG8
+JhErVe4iWyP1IKOCAYQwggGAMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgw
+FoAUW8pe5d7SgarNqC1kUbbZcpuX5k8wewYIKwYBBQUHAQEEbzBtMEkGCCsGAQUF
+BzAChj1odHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0xjb20tUm9vdENB
+LUVWLUVDQy0zODQtUjEuY3J0MCAGCCsGAQUFBzABhhRodHRwOi8vb2NzcHMuc3Ns
+LmNvbTA/BgNVHSAEODA2MDQGBFUdIAAwLDAqBggrBgEFBQcCARYeaHR0cHM6Ly93
+d3cuc3NsLmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDATA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3Jscy5zc2wuY29tL3NzbC5j
+b20tRVZlY2MtUm9vdENBLmNybDAdBgNVHQ4EFgQUrzTS2j3OAubJHUMavJhbJ4DS
+2vgwDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMDA2cAMGQCMFFTufheGNEGHpN8
+mWf0HZzqHDJkgszY13UJZysdkacFd58CMJ7Et3TXVTf2UAwvNgIwMX7FkvuN6Vot
+BdcOUkFUL726ethqcoT0/U3Yyryev2xhEEA/wjy/79IoVDhAvQeC
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGvTCCBKWgAwIBAgIQQAFu+vSEq6LjsbaVYwMsczANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
+VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTkxMjEyMTYzMjM5WhcNMjkx
+MjEyMTYzMjM5WjBZMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MRcw
+FQYDVQQLEw5UcnVzdElEIFNlcnZlcjEdMBsGA1UEAxMUVHJ1c3RJRCBTZXJ2ZXIg
+Q0EgTzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7g55cFrCoIeDK
+1sq2+V5Am2l1vbqjhalYhRH6x0BhmP6XLx0jhqwcVm7HfhQ6pJQEVxo8kB0Qp9Ry
+mSOvvVNCtW2UnmPxuoNxGFlZvjNaYf/jhMzUMGGQZ0ZXb2hKe5NMYDHwuVvnSHnT
+MvSYAzu9rPOruXOlfURxYIu+3o3huWivZyBP+Ze+xMqmbRmYgnAcXSoOVI3UhwKF
+/r5+o+CFOBvSkgB1ov8vLhE0rLQkHCXdk/qCmxFbwhYO+SsBrGKUfXOK8ze7AXLD
+n6e01EyvUscRZu8NlFParxMWW7STjwZ+kh+QFB2HLj8o2V8irmubZMBsVkKWyG+W
+HoEuL7m/AgMBAAGjggKOMIICijASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB
+/wQEAwIBhjCBiQYIKwYBBQUHAQEEfTB7MDAGCCsGAQUFBzABhiRodHRwOi8vY29t
+bWVyY2lhbC5vY3NwLmlkZW50cnVzdC5jb20wRwYIKwYBBQUHMAKGO2h0dHA6Ly92
+YWxpZGF0aW9uLmlkZW50cnVzdC5jb20vcm9vdHMvY29tbWVyY2lhbHJvb3RjYTEu
+cDdjMB8GA1UdIwQYMBaAFO1EGcDT8AaL7qR7vkLnJlTIjjZ2MIIBKwYDVR0gBIIB
+IjCCAR4wggEaBgRVHSAAMIIBEDBKBggrBgEFBQcCARY+aHR0cHM6Ly9zZWN1cmUu
+aWRlbnRydXN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L3RzL2luZGV4Lmh0bWww
+gcEGCCsGAQUFBwICMIG0DIGxVGhpcyBUcnVzdElEIFNlcnZlciBDZXJ0aWZpY2F0
+ZSBoYXMgYmVlbiBpc3N1ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIElkZW5UcnVzdCdz
+IFRydXN0SUQgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vc2Vj
+dXJlLmlkZW50cnVzdC5jb20vY2VydGlmaWNhdGVzL3BvbGljeS90cy9pbmRleC5o
+dG1sMEoGA1UdHwRDMEEwP6A9oDuGOWh0dHA6Ly92YWxpZGF0aW9uLmlkZW50cnVz
+dC5jb20vY3JsL2NvbW1lcmNpYWxyb290Y2ExLmNybDAdBgNVHQ4EFgQUThcZFloO
+TNxO9HLs5DoBwRmU/TUwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0G
+CSqGSIb3DQEBCwUAA4ICAQCbLpB+BNTA1WvOU48YNwB9OzfX5UIqLOtw+3FoFuvs
+MY0b5V4u8+lDj9n8hQW67qtbcb1eN+ZTD9hqkG39BnfkjnJeAdagfDBl08Utfmhq
+gZpH0SI/6ug18pVTPU4MBAWHgyILWXsuSydFrt/Sw6pq+G53ACWWs8zYMvmfZB9y
+4ABsr1k0YtM2wwist+XlxRQqH+NOqc9sUPeTfPmITxyvotAXR6sHrjEj12sQIE65
+/IfFFvsYFlfmHpy9bX5Y3hQ05sscd35ONefXYzNDxe0spVpwbKmRc20Nd/TtjtDO
+yINrxW1e92karKJUf2cO4GowOElP6c5MRSXzmmIDnahoJ/CSXcf5c5lv/YhdJU7M
+b8ZYTBJqeaZYQemukOLyn8bXMlZdx4lSdQotO7wwnmXNxDaLt3AsoynM93yti0pJ
+NuhNdFwG/ml5gDVcK6Vfq/f2mOcNf3YCkl7vJuLvvR+Qc1/+cpSpmnGxMC8qPp1m
+cg9cX8n5eTzA6ypwRli4S+V+fJsi00SYpQGY72UEFwN/MmSJTL8vQevba2IHC8eR
+Qj37A6623FIQRfV4CnPupuZ8i/ErZMgUM423EeuAg68TEgP+w22IijHD9ZLXlm7O
+LfwZqbN9zHTd8TIoBYNBEzCv94oduRyUa0//S1mfW1QH9sHDoA0CNud3OBtTdpwL
+iQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGvTCCBKWgAwIBAgIQQAFu+vTv3OApPm6UEHkE2zANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
+VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTkxMjEyMTYzMzA2WhcNMjkx
+MjEyMTYzMzA2WjBZMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MRcw
+FQYDVQQLEw5UcnVzdElEIFNlcnZlcjEdMBsGA1UEAxMUVHJ1c3RJRCBTZXJ2ZXIg
+Q0EgRTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw2noNf5d9aI48
+9lAsvHo3VBSkbc9PMkna5BPiT0+ohCr6wOm+qEt1Lni5TwYnlthG4uPplcmjUkPJ
+L9Ct9E9bd9XjWqHThf6CNo4VVYo0OqTqQoGJL3cuPyLKI5YRxiQDz4WPrn5I1KIR
+7hJtOg6q1n4diNYmIk2j3lGAw1fhdAypgz649D3r8ri16IYh7k29VabMAZF5FaVd
+MKdUQLIWtDi4xoU20BNWa6IWhYi7UZIeC9qywH0vAvZIGHaZAbN5pQQB4DPKDTLX
+3Fec/y7HSl4a42r1QD49pDbjq6AP4LIZbjJPwN20e5miS96THTtlXfreA3sdcSaM
+5ct7ykb5AgMBAAGjggKOMIICijASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB
+/wQEAwIBhjCBiQYIKwYBBQUHAQEEfTB7MDAGCCsGAQUFBzABhiRodHRwOi8vY29t
+bWVyY2lhbC5vY3NwLmlkZW50cnVzdC5jb20wRwYIKwYBBQUHMAKGO2h0dHA6Ly92
+YWxpZGF0aW9uLmlkZW50cnVzdC5jb20vcm9vdHMvY29tbWVyY2lhbHJvb3RjYTEu
+cDdjMB8GA1UdIwQYMBaAFO1EGcDT8AaL7qR7vkLnJlTIjjZ2MIIBKwYDVR0gBIIB
+IjCCAR4wggEaBgRVHSAAMIIBEDBKBggrBgEFBQcCARY+aHR0cHM6Ly9zZWN1cmUu
+aWRlbnRydXN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L3RzL2luZGV4Lmh0bWww
+gcEGCCsGAQUFBwICMIG0DIGxVGhpcyBUcnVzdElEIFNlcnZlciBDZXJ0aWZpY2F0
+ZSBoYXMgYmVlbiBpc3N1ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIElkZW5UcnVzdCdz
+IFRydXN0SUQgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8vc2Vj
+dXJlLmlkZW50cnVzdC5jb20vY2VydGlmaWNhdGVzL3BvbGljeS90cy9pbmRleC5o
+dG1sMEoGA1UdHwRDMEEwP6A9oDuGOWh0dHA6Ly92YWxpZGF0aW9uLmlkZW50cnVz
+dC5jb20vY3JsL2NvbW1lcmNpYWxyb290Y2ExLmNybDAdBgNVHQ4EFgQUw1Vj5cKI
+jTEdZOP0abicXFDZOI8wHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0G
+CSqGSIb3DQEBCwUAA4ICAQCb1autJtX9K/9MgtPlxzEfe8yRRiGE+UY6Jqwvtvxk
+RR9ov7jRBlO/9S/rjuXZvcF/NtGDtVoLlIEU7otk8mE8D1712oWnczgu161L1eCZ
+AC/GNA5sZy1hmz2y5qpmTUB0qONN4hHJWITU20h3g5fEyaDfralsjeq0f1NRZ5uh
+mKehxp657heq9o7QRMw7dYkED0rS9ECIllKiG3jWdPeLTftVZ6fBTp9SN3SeXlgO
+4CzsUQFuaPrw2WwLNtzqjmvbXs6WDLWotilqbT93r/PfoIlx1zyd+tPchVkpIZug
+zxMT3zVEuKHW7dVU9q/izK9SvY12KoXA4eYcN9M7Y5E0P34sjKr17rcF9lDPNoNk
+b1l4XSIFWfVI/D2HwmChODtcUakRTW5kzzjr9Ra4SfbA/Cc2d5fM//mXk/lE+3rp
+dNCXC7WgfQNrmQzo8FNJIMsxh/L2nbYTeAX7dxsZGzWil9fYKhSwwJbHFsfx2i1M
+dY68DusAaTHFJCQLgqiQk4XF7YvAnLHUDUcBJ5Y1wb3bca21nk9QINqfe9eHnhKW
+uRYdG3705yinnF3Y6vIuie+C0RjMYeqz80265qEIFjlfiow+1JReIZcX1zkVCw33
+t1gANR4bEEB5p9QZzxWRnHbAubjKIFWNjaMrPWouCuVtRxWDdYE8OiJE98aMdUys
+yg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG1jCCBL6gAwIBAgIQQAFu+wogXPrr4Y9x1zq7eDANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
+VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMTkxMjEyMTY1NjE1WhcNMjkx
+MjEyMTY1NjE1WjByMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MS4w
+LAYDVQQLEyVIeWRyYW50SUQgVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlMR8w
+HQYDVQQDExZIeWRyYW50SUQgU2VydmVyIENBIE8xMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA6huZbDVWMGj7XbFZQWl+uhh0SIeWhO8rl79MV4+7ZSj2
+Lxos5e8za0H1JVVzTNPaup2Go438C5zeaqaGtyUshV8D0xwUiWyamspTao7PjjuC
+h81+tp9z76rp1irjNMh5o/zeJ0h3Kag5zQG9sfI7J7ihLnTFbArjNZIRaZnszOnu
+Ga18jh/9epnGmEYL5BV119LNVo5luWshvG/kifk9mHjtkA8LzVdsOkvCrmHBpzpD
+o4qyPk2lDypq04IU48JUqhFrG4kvlPz+VO7sse0uxYXj81FdNb2qoJnvAjqV+Zj4
+Nii8PIcuNGqghDjzrs2PW/gEhkaWDikhhSY7DjOLiQIDAQABo4ICjjCCAoowEgYD
+VR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwgYkGCCsGAQUFBwEBBH0w
+ezAwBggrBgEFBQcwAYYkaHR0cDovL2NvbW1lcmNpYWwub2NzcC5pZGVudHJ1c3Qu
+Y29tMEcGCCsGAQUFBzAChjtodHRwOi8vdmFsaWRhdGlvbi5pZGVudHJ1c3QuY29t
+L3Jvb3RzL2NvbW1lcmNpYWxyb290Y2ExLnA3YzAfBgNVHSMEGDAWgBTtRBnA0/AG
+i+6ke75C5yZUyI42djCCASsGA1UdIASCASIwggEeMIIBGgYEVR0gADCCARAwSgYI
+KwYBBQUHAgEWPmh0dHBzOi8vc2VjdXJlLmlkZW50cnVzdC5jb20vY2VydGlmaWNh
+dGVzL3BvbGljeS90cy9pbmRleC5odG1sMIHBBggrBgEFBQcCAjCBtAyBsVRoaXMg
+VHJ1c3RJRCBTZXJ2ZXIgQ2VydGlmaWNhdGUgaGFzIGJlZW4gaXNzdWVkIGluIGFj
+Y29yZGFuY2Ugd2l0aCBJZGVuVHJ1c3QncyBUcnVzdElEIENlcnRpZmljYXRlIFBv
+bGljeSBmb3VuZCBhdCBodHRwczovL3NlY3VyZS5pZGVudHJ1c3QuY29tL2NlcnRp
+ZmljYXRlcy9wb2xpY3kvdHMvaW5kZXguaHRtbDBKBgNVHR8EQzBBMD+gPaA7hjlo
+dHRwOi8vdmFsaWRhdGlvbi5pZGVudHJ1c3QuY29tL2NybC9jb21tZXJjaWFscm9v
+dGNhMS5jcmwwHQYDVR0OBBYEFIm4m7ae7fuwxr0N7GdOPKOSnS35MB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAgEAdMrY9RYw
+NyVgzeOqqcbdIxy5gHRQFbh3RTuIi0fsnbEh3v7BN+I3zmXJq71gyLOzG9wvqCul
+XtLQNAZnrlSacXichYDV5zdcnbBrFH/CXt47oW4L+9yD5LPMKaSU5DP9DEu88ws+
+QAjzL6/q+hP+CLQh0/vr62HoEGS1+NyLfnJIN0RVcVDxBAwVqNF8MU5An98ZmHj4
+XaSPA6s2s+3794ULe6r2TzVXiLtun0JJ0kBZL3Mx0plhONvhq7jCsa6bYCF71DNs
+7VhrNUh+BZNdQvLqAdfQJtFY5EiWpExhiPC/ZdtVYN5RfrOMCWgBbjnl5e2n5WYa
+7LM4HR+z7U+6JCBqaRjlbaNNLed/qg+OMdpBJe16qJJT9E5Uzdc4PsUbL2a+9IUb
+uxx8nmrbQswe8p4yvcy9RLje07a4Y09otZ/Aai3Gijup67jTCez1hd7VYIAuznqP
+os6SLponh2vVcHu9vQoT18OCL9janJ2Ilh3lJHUxv1kHD9IxZNpn0j/QPzGFv2Ez
+UXZVAECEQLS80qWh6zCXhXl6dVAeM84sSysIiY4Kv8oaXEF5Atyg0LcUuB6Iwgg3
+K/QUY3QusnjrDcgGRyoWn0Zt53meMCi3C0hoQ+FrQ3zF4/7wtxKnGGBH5hKBU23M
+2XrKEZL5RmGZidpWP6ZBbvEs2MqSD7zcFvY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDmTCCAyCgAwIBAgIRAINZ/Bf3bmH+SkpsTtPScaIwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MTIx
+OTAwMDAwMFoXDTI5MTIxODIzNTk1OVowXjELMAkGA1UEBhMCVVMxFzAVBgNVBAoT
+DkRORW5jcnlwdCwgSW5jMTYwNAYDVQQDDC1ETkVuY3J5cHQgRUNDIERWIFNTTC9U
+TFMgIFtSdW4gYnkgdGhlIElzc3Vlcl0wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARs
+2uAfos6NKHRUNtdx2q1XNWB7hbzYR+i2044/4bFqpGuGteWmF2YtVrL9iry06uaf
+0ka0S0lcwcyX+1rWizrtgtaG1+IgKwjaHmfCAFpMDhpRAP0WHugGAY3ugzs97pyj
+ggF1MIIBcTAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4E
+FgQUFSbBBMIFB3ijpKfInb+reCnBYdkwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1Ud
+IAQbMBkwDQYLKwYBBAGyMQECAkwwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGG
+P2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0
+aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0
+dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNy
+dDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjO
+PQQDAwNnADBkAjAatPO5rS+fADHuQkmSbBv205oJSbRORz0mqf425Dx/ZNekhR4K
+3eYGpHTb+pwQuwsCME4tejkxzlmeaC9uiOIBzDwyr8Q9/93szcwu4wV3Hw+cb95K
+SbKt77NS6V7EbzmtWA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG/zCCBOegAwIBAgIQWglratfwwcS48AB7AxQa2TANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkx
+MjE5MDAwMDAwWhcNMjkxMjE4MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEXMBUGA1UE
+ChMORE5FbmNyeXB0LCBJbmMxNzA1BgNVBAMMLkRORW5jcnlwdCBTSEEyIEVWIFNT
+TC9UTFMgIFtSdW4gYnkgdGhlIElzc3Vlcl0wggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQCPKs3bMDhvPFceCFvWNSQ2I3vgmqrpwyCGik8fgO91kilFj5pu
+hKWpKLBI5bUejVZGVOGbcYjAC9Nqnfo7S+Thfv4HAKSaaMRjB42MgY1UDaOCfr6+
+MdrOo0CClvJmGVSBeR1jhKj6ctn8QNAI6TvAgt/OvFqCnG1az8WH837shaLG3abh
+qaOKVjHy9uAnpK8XczF6hVz7LiIDPOmLwLhuTQ2TwBB4hR0VGcvJYcmnccgQFMBV
+JqFAKVQDGcAV4MDhVqzaTuwB+d8K4ti8ydfAxWGLXF3Y418ucg9W9q2w/jMzeN8b
+lhcdsIzSwN8JKtRzdZCti0PjKGxA8SMnWrrUZ21ka0Uk6AC2guCpjupTLCX+TR4c
+5E9n1GUgnf/71geG4jYWnGRp96zLd7dInbz2o/ZTtI+9aWwoe+6eR1f5rpMWjET4
+WVFcg/Ag65+0+Z0R8KMxSqha7XA8/e7TLwo7BC8UffK2GADVb4MmHNX08AdTjIrK
+Hmm5/zREdfi5WZjj4AKra/M0ZnRrCBo/OIQvi4/Vk0Cs4B2urxK9Z8GnriQyjQbi
+AFiKnNftrwpIwzvbD/SkbYy5vSl2sbFQ6ruP0P5mi/5Odp+SfpAv+x3tWpuuinsQ
+WB/lrSSYyVxr03ZZ08/ULQjuT8NfDYvDciDKL2qLGxqRi32/ix6qiAFQYwIDAQAB
+o4IBizCCAYcwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFA12Jokk/NTTkxBuLvR30EpzmKPWMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNV
+HSAEMTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNv
+bS9DUFMwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29t
+L1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUF
+BwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VT
+RVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz
+cC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBiIYfk3K2eJPqq3PCS
+z+mIt7kAcvs+LyFdaE73Egc+VoIKz/6gjl95/V6zHn54a5AMKZSSU+1yygeVEHDf
+M3uoDbzNZyZMgDgWUBSGU4iYp+MlJgmqpEshKAEW1/YrzUvFaP7a9zwcT5H+4zNe
+dRAxHppc3VUESTzCYCrP4l1+M3MgxuJxWy+JXYtwcoxk43v2lxLD+9uQL/Q0quYm
+FXd/v2bfZZX3Qs5hstg+GYfWxcPll2DO9KWvbpgtj5e89do6RVwfwKSS2SH9zG1P
+uLs2vOvfMkpusFM3GfqlTisANPJ5Vf+xZcl9+NmJQZhRZcxOmlTlxJEVHl2ZGZUV
+mRIYPwMlFtgBpQ9zcn2oaU+6CJO3Yc2xan1rfy7oQn8oLB+rWZiorYGlykLJvo9Z
+LO6YyVGk1o8VqlsQnhv3SAH1suFsgKhNOHLYsYMb6k5EwPkPc3Q2Isis3KRaawnk
+v4eZJg0j2ybRK9lJ9sVswZMMnA/BIDRt0mqybBPJz1feH+3WMreUcdTPNKGFqvsK
+fJSBKYau2dK08iBm8sS3+WNs7H5fux8qlPeEQlC2NTOeb+EVc/HzsKp42sgxZNHs
+Yb4pbW45GxFtsVwxKVlvT9wwmrgkufn8MWBdVmNyTjiDF5BHkoqz+HLE+h5Dm5ic
+EuaN+DVMBCmTZ/0hNUhJpz1U6A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG6jCCBNKgAwIBAgIRAOiXg0mXjM9DJmX7ghLddUMwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5
+MTIxOTAwMDAwMFoXDTI5MTIxODIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDkRORW5jcnlwdCwgSW5jMTcwNQYDVQQDDC5ETkVuY3J5cHQgU0hBMiBEViBT
+U0wvVExTICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMIICIjANBgkqhkiG9w0BAQEFAAOC
+Ag8AMIICCgKCAgEA2sBUIktXYjvvjMSfViCinvEl2PhI3w89SRjNtNh/YAtDxZUO
+5yoBxmpMhsk++L+wY85BGtxhoMcSXyNKFZTGXASPBVMCz/VieM/xBiFF4i63hG3w
+tywPJ3NXmaMBGD9Bf6UGOgJ7nnGC93bpElsegBS52cooKmf3uphJttlZzWb7kRKD
+fM7/EtJRYNflyyUOheEVFSEqbEOyClkJ3YWuWnpUGNKJjOXtP6tGFCd5f8tl/3G9
+VuEEMVyDawyhVv7Jt+PRhQxQyx4n65cAWITy6rf7RkYlA/zCC1KuNrhvlQ6Ap9cn
+uRsQcnqTTwxNe+tGqQUIslamz1ruCK75RuQywqNEwl+6o+eOeSLyFnGcqgq3odgc
+NqHVdy/SUak+u5LcxOm2+fUxOe+OHt/TcQlURC1ia1ai6mQzbnOQfrOClkfcx0SE
+yxCnZVwpq5avc2s9UIP7Tlr/bVYAH+8YOYJDpu6jpeLqwsmlZuRfUyj8ieSyJddN
+r4nz9PvCBOGaK6c6uMmb/m8tYiOLeJ+8FNMOvzPKFKw8U2TIkoqzaf4NFN+aX1fc
+m4EEg4wIlmaS0ErAdbIA1Tlxi0+1WzqPXFZFNB7dGPfpeD++SC/usi6ricah2sGn
+p+qJi5N9bGUDL2eZpcc9GEoFFWtS9VdHxJND8kozYmoItlwLklvTC5U07nECAwEA
+AaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1Ud
+DgQWBBQ9MRS9SSdax4UdNSYmZy7a/tjwGTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYD
+VR0gBBswGTANBgsrBgEEAbIxAQICTDAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOg
+QYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmlj
+YXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYz
+aHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0Eu
+Y3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqG
+SIb3DQEBDAUAA4ICAQBQn/JoBj+Z9hMgpx2t1ParSyWXrgtwa1bMHG5/VXWY9pdt
+X0h8tp2eFu1irdfy+Y2nBXkTAe0EZCuHtvXcqEUQodm2z94A3j8Hpdg3Ht9LgdTf
+RgqOYXkyqJpBlpjHMVW7A2mCGBAVNKDF+XZbkBf/4kdykulxAvgt75wqwvBVhk6t
+FliJXcJ+7tD/y1lTqocvWO1FRi0qjRtqgUNWFkDxTx0hYEBcwvO/6nQux0Nptxa8
+xIr8bhkgQSckVR1NXK9n7/bZd5gOVJdjlxCB6ieWabVmP14+uYGrAe3aoMTlZ2dP
+HUH7i9GqD/UboNvyjcgh8sLnD4lV1kivFfT+9Ef92FBV9fTu49mN/AmVR4lOjEa+
+yNegwVdR2abyiT63xGlyw5zw7FwjB8TWft2yS2lTAScoUc7TV9z0Q0IylxzsYx1s
+YYSHevXoJYbh32ph0rTP1lm44GIjcDnEJY/SfVfufTt/Xr72wlokNRBaL/cTvWAf
+jgKqmj1DE7TsdfPPFJvSxLoEBapGlsy0RgTocd1i1U6FxcFbuISp4SGDE/QHTKgc
+uvMn4JXQHv3s+zDxMuTgSsYUfxK381OcSETXJ+aA+4T7UnKuyx14tzP4vuShXKhX
+WZ2rsHUCZN4AjMWKUPj7/7R7MKXyibqH3YpQ0jULJlNw5D0VlJ8qtys/PkqbOw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG6TCCBNGgAwIBAgIQBaj31bYBy7OAbYTPMvI4djANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTkx
+MjE5MDAwMDAwWhcNMjkxMjE4MjM1OTU5WjBfMQswCQYDVQQGEwJVUzEXMBUGA1UE
+ChMORE5FbmNyeXB0LCBJbmMxNzA1BgNVBAMMLkRORW5jcnlwdCBTSEEyIE9WIFNT
+TC9UTFMgIFtSdW4gYnkgdGhlIElzc3Vlcl0wggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQDZdzyUNoUv0Z3TldjhqbKmImZDEUt1ne4SEByZuL7Oy1KHYDnw
+F14Iwc/KAFG/lx2VLkxGgA/yQrZugVDjj4zrsW8z/ujJa5eBfp7cVjNsxXyJ/g2G
+5yIYD+3YWEsy9UyrAjFXwrUrNC/wKk312UWSu7uK1qFygqFLYwg4fWOQH41lymUM
+1Xozt+MGkEcVa0W+q3Fr9bDvrjCq7Qfba/JX9yednq5JoD48qqJ745z6EmvfE+0I
+F8nGnedC6+yVKp0g6kugieOippjfKTvlZS+lbnnv1l96uafIryCSZ4mAu3IsN1o5
+VNJhXO5doPff0J7YdfxTHoMd67FlXoyrDqFAlVJR2Ej1mV+0AFv2D1Xe1ykxN8GG
+OXKbIYK2xzkMgV2M9FKwCQ+aOevD0167EDfCQFatqnJsrvyc/1LPzdYNwzVAI7bL
+RowodubvyeGXjQM+orAmvhnz5umpuddkqXgygPJ/WiJuX9PWQUHIZly0QrMD2Who
+TiES61gVihbGsFp+ohuJJ2dhSI5QrgotM933JvWFcr1y3qrgTcIDdGM9sfwM+wCX
+kugsDSYWMINUU/KtkdC5i217ig7EtcZoYZEXYVkQKMBX59fpvjSc3RbwbXqvqNDA
+d7KIwHbvSn0gXsdJtjd1e1Pqv/NLE02IDRcixJcHzZBbRV9gayUgpiSneQIDAQAB
+o4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFDo7IYZIhe9id2WHxEslawlZx31GMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV
+HSAEGzAZMA0GCysGAQQBsjEBAgJMMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBABsCBsjKmkOSSGwuHOj+AQ4pImFIarYB3oJxknS+ry1jytnD
+zxQkQusmCYqnTfqUBk3lwn713tsU3wSaZQgJB0WZYISDObDsazCFdFOMsu/mJsYF
+TBuppkE6SRdqwNl5wHdanBvgLLTlQxYkxc8TMNtTlzAidt5G1AhSfv68y+rxFds5
+bMU/iSVlte2NKQHF0a8UGVOLuVkTeageFYpqvIC7ZYCiHgVBNcYCbe+1kuiF4ktQ
+pWTS3ReypN6aa5B+f+th9a+NYv2VYFPsL42t08wFByrOOoaI7JC9NJTMv8YC9xV2
+x5f99wY7SIwk+S/lSfn0r8hpGEOoumogsuF5ZKPKntXjIb3eC3fjaR5iMgi3E8/o
+TwU0PUtCWRgfwuVtjKA05KAI0FP+wTNs35On7K6xlN6qIefLQ9bUE/kZEvq1G8dM
+GxCZUZcAeFvZpeEBWDjz4mvFBbiS3wXdV5da9int054T6xrumnNS45cwAkXoouSc
+eLuolHbcRdGi6U5zfGib0Z6m0m+5OeN4O4PnUWdy0JvUT6U98UMyGLSJjSMOKry5
+kA5YzC/udSyCUZtsM4tQlJNjfNY1PRhsZyyNAFy1kC/gLxEjTFUoWWjucF2gcEch
+yHgGZRXdynlc06+Oq9vAdy92gCuyFqqjZbEkNu1gV2GmLmpx6KLbXSpikuVQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDmjCCAyCgAwIBAgIRAN6DPC0lGDfq+m3lBnViLOcwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MTIx
+OTAwMDAwMFoXDTI5MTIxODIzNTk1OVowXjELMAkGA1UEBhMCVVMxFzAVBgNVBAoT
+DkRORW5jcnlwdCwgSW5jMTYwNAYDVQQDDC1ETkVuY3J5cHQgRUNDIE9WIFNTTC9U
+TFMgIFtSdW4gYnkgdGhlIElzc3Vlcl0wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATi
+Cjh0/9DbcQIQ9VdPDWfA3BfBxL2vNaEkmHePbVo1aq/T75a2LdHErlWBsG82JzaT
+sgbxJBXgSpIf23wKznphQ1jca3tdlRD/mwURjx3r4I2OzdiuTPF3yfjHgBxjt52j
+ggF1MIIBcTAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4E
+FgQUvT2LqioMAfyTGitAkxBkSiczSDMwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1Ud
+IAQbMBkwDQYLKwYBBAGyMQECAkwwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGG
+P2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0
+aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0
+dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNy
+dDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjO
+PQQDAwNoADBlAjAa8UP6mOOLh6nRVbqfiMGGgA+O8RmB4PGYDM9X4hKJvQ7rMsDr
+wAoJzAqwrayPVY4CMQDCXrwgqM2a32Z/nZu7/iuQVZC+2VSBXVZ/cLJkGyUpWsW5
+HOtCKFR3GZI972q1jGA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDsTCCAzagAwIBAgIRANutns8AqNuP6X8HIetgX50wCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTE5MTIx
+OTAwMDAwMFoXDTI5MTIxODIzNTk1OVowXjELMAkGA1UEBhMCVVMxFzAVBgNVBAoT
+DkRORW5jcnlwdCwgSW5jMTYwNAYDVQQDDC1ETkVuY3J5cHQgRUNDIEVWIFNTTC9U
+TFMgIFtSdW4gYnkgdGhlIElzc3Vlcl0wdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQS
+EdBLmqSfV+63O/id/XpCf4F1n6G7FbczHOqEvfURL6EMX33O1uu6ny2zsvWeJ6Qu
+VyO5TskrqJ8XGC4syJiEusLWypx2lkBoH0CkrrrEclyNETv7rkKg36+cxCzX3T6j
+ggGLMIIBhzAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4E
+FgQU7GZi/KvBwabkRp5P+FpENrzO6O4wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1Ud
+IAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29t
+L0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20v
+VVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUH
+AQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3Nw
+LnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaQAwZgIxAIartq+m4GuWu53BTIuw
+QChV3Dh2jfnEYdsCDvkZ4VuqXevXcLx9mVnwgTyr2w5xdAIxANsrmNaahRluOZyi
+yZ5b3dZbrGS+ysR9IhDzR/R13AHpKdUDWQ9H9+0/enzPJLDNww==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2zCCA8OgAwIBAgIRAKoXOjiYUiY5IzVvGi/nX/8wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDEwODAwMDAwMFoXDTMwMDEwNzIzNTk1OVowUDELMAkGA1UEBhMCVFcxHDAaBgNV
+BAoTE0dsb2JhbCBEaWdpdGFsIEluYy4xIzAhBgNVBAMTGkdsb2JhbCBUcnVzdCBD
+QSAtIERWIChSU0EpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6oH
+NQMYZgyxCSQOZOF6OjMBaKIXnyWOG9W2SA6tHENZU5sYLYpTntLQugBxHI1soJQk
+fv14T7EF9Xnl68yOSbftT2+5281xgxwqWUzlprEmHgEOUXYZK5lbIGaZCkHy2W5a
+viBcNtbnF2Qak6SgLrdO8OECGDx7aTg41S7EaGAZvy2pAPEMkU7WfAWzk2HgNhMC
++Uq0U4NVE6YUqvdCvRzmKQ+2IpVEH6kHiYNvZCKwfqewNXFBZhWaKLalw53eBqo+
+5AyFDEkRNdrxJJ7QHleXtCdmPWCK6aR8Q7Jpv2kzvs0c7EtWZabDfSiPhJKYDSUm
+a9rFgKvPPAFhq8scTQIDAQABo4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9U
+gOHYm8Cd8rIDZsswHQYDVR0OBBYEFN0D9jfnwuE7auPfVTgrIN275Z4RMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgJLMAgGBmeBDAEC
+ATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEE
+ajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy
+dXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz
+ZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAH2PiEeWGUCgsnxVURUH8Acz
+GZwkT1JgbHrHdWtT0lyk8ARiNDGAofufKe6vjwMffGwU7bCALZwHal5Xu3hekjXm
+570TtGd1HcXXYLs+lOfgrYOReyECZ2ebcUu4TQzn3A3F1msZgTTPBt39atPvsxHN
+RXvfgr44+8jyCovLNcj8Z99s/awVXGA3UhXSnAbcmpOBzwh7KMUMbqe1QUHCeEHf
+fitHXV44wTn7cvJ2v1Ojk1J8K9CPnud1ZX0WoI7ROC7XyikZcSFXL3bweSaWE3s0
+5Hj5ilQR28yEJxAPAqRDoz6pevewCfwo4IZlDcrZ7r8kEHfo1p+XRjkmdUyMOBXC
+3OPZHmwJVSg/x7lO2dZgpd1GvzC3UbK2HJZZacYp55cHMlCzQPVUqNMo53CNbXio
+F4OXvqIIR3RvBUEwYWiRtBmOJxt2yIP5QhvKhjifkc7Ojv6GDUjaWTbk4vllS61Q
+kiUD8vwJmrMnndLp7R+3NuQVkSHMxrS1ZyuA0rJH+CdyH81HYwUF2ukoLiY1V3hT
+manh/mjxcDlZ2D4frue4Mpj9awJ7UtJke+oaNUpmQEsuHi9BB2oq101kwIY2TcLt
+gAAezwzFx9up6c23V/QxS3/aLR6QacHVEnXzwNWGFN+k7FGzmGqpwOtNDdT2NCn1
+BCgVeKDqhdnH1miTAVMM
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4TCCA8mgAwIBAgIQHQgpVDhMv3SvabmRFpvwLTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTA4MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBcMQswCQYDVQQGEwJDTjEaMBgGA1UE
+ChMRV29UcnVzIENBIExpbWl0ZWQxMTAvBgNVBAMMKFdvVHJ1cyBPViBTZXJ2ZXIg
+Q0EgIFtSdW4gYnkgdGhlIElzc3Vlcl0wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQCARFLq6kqQRZ4SdFMPdd3XJTcOdVVT5bvZZx0VVDrkw3TmSAloQVFf
+RhqDOSXg4CsIaa64qFSrC3a5sc8LgRhx7AUdvoUdfvdxIY1uoyxRWpoWO8oTUkSn
+EXjEPf+zrcU5cWTOi32xWL9vklYds7iOQwgsKAHDzt4an8MLGvcLxAHciyiKcDEh
+HZOGUHO5bKaCq+kP2rJCfVSlNvdyl1B8q+aGWXoi0gXGVL7WX4pcWj+DGuITbLB2
+MzMytse4MjLJ84zaXh0UD4STlyD8tu/fakdxIwQ7K3/pP3RoGj1R9CvMWXUU+fZm
+KNLW5565hd9Bh3Wkz8b4ApgMD9o3RUjTAgMBAAGjggFwMIIBbDAfBgNVHSMEGDAW
+gBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUDUmPFTN7wE+2+zo4Cfw0
+Fdpg3RQwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQEC
+AhYwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBx
+BggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RSU0FBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
+Y3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAA5G7XA+fNKyj7Fy
+uotoII38/32eZ4UrC1vGFPEtDyd0yzOrr7SvQUoO2GLxFzIQ0SsgMNXJ4UAhMkTD
+yz1OA0tx0g0GjOQXBGA/yfRR7SgitRJAdbqkPfppMn+dtKXCHHx35ohTL0PklRdb
+mXacvR7rXUIiJMdsvZZqYwc+DpGJ+Zv0sRJZEL7pm1oZv6EV+UzjAlOnLe6yrnyD
+c99Kk1H/RFPUzduUWjiVR2aMDT1oMiwYeB2Zq60Sb201jqZPNQj5E+TkDD5BPFVc
+kLeRi3LyXBUuBvXPsdLtBNlr+LExtCDd66kjeUe2/YbTHF4ai5PZPraQxgbOJJyc
+gizGl/JOgrIQPUOLSQvXlxpKEqS+0z6KqV52bco2PNrC0f8ILKuw0nsfhgcGy46d
+Su8fmU9+FT6e61i2nteKvt8qkkSkAJKQxRUWYduN24mG/OOIkoeOPdYHi+qEfbyI
+qxiiqcH9cZgLK9AVuJoKtt7vg21OyrWi7S5T/WbTfTz9XL7QGe8ZODZZx6d50uo/
+lDOmXm3p/kdGApvUF1UrL+og22jBLi0Ns6xzCfzrI3SpC9abvU8E9EnxQABuu/gM
+/B63dbaZzSsMVFxeECD9nMWv7IH+/rqyGmjqEJzgKdPGvXhqpebQ1HhWrV+j+ipc
+jplXB1j3GCozDFsninXG102N6wC8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDvzCCA0SgAwIBAgIQEMFptNNjqsvo/WT77yeWyTAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMTA4
+MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBtMQswCQYDVQQGEwJBRTEdMBsGA1UEChMU
+RGlnaXRhbCBUcnVzdCBMLkwuQy4xPzA9BgNVBAMMNkRpZ2l0YWxUcnVzdCBIaWdo
+IEFzc3VyYW5jZSBDQSBHMyAgW1J1biBieSB0aGUgSXNzdWVyXTB2MBAGByqGSM49
+AgEGBSuBBAAiA2IABFzW2EymJUYBT/cXLOHO2GzzAAGKBVIIEKv+iBt/i4Yv8JUW
+oXbclI6VS60Z/zV5bpGTBAN50ury2MvohHEpJdSJcdoGRABGNeN1X/WaHbhHLm34
+5Yd/UWZB57i4BBcxcqOCAYswggGHMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc
+4DXGY2OaMB0GA1UdDgQWBBSSTufGXknGbh/yzqisvlcUhTEDXTAOBgNVHQ8BAf8E
+BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBz
+Oi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwu
+dXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5
+LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcw
+AYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNpADBmAjEA
+mmKVm6UOpjalsYEwz/RY2IPr9zZRUNz9UZSd1KKxvXWdoCfG7BkO9WyBLHWb9upw
+AjEAgIEzJxp1Mgpahw2AA95buYzft7Dw6ufo8HDwJxOwuP2uNqNLmv+gaEGCjuHq
+GViN
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2jCCA8KgAwIBAgIQLKRb2KpPITfMCmRjPhvo6jANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTA4MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBQMQswCQYDVQQGEwJUVzEcMBoGA1UE
+ChMTR2xvYmFsIERpZ2l0YWwgSW5jLjEjMCEGA1UEAxMaR2xvYmFsIFRydXN0IENB
+IC0gT1YgKFJTQSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIgNCL
+tpncmv1QLoqVktAmQ5m9oMU71G0DB2QfjybMPnjTblC90usF6Bedb7XtsJcPU8nr
+c1gOfrgbfnSLSogscdR9fi40T2/yLhM7HbigmVxnJubaCTjwhgUroalRbknGfD9w
++4Cm6U9ExLWUxbrpdFj+EbVW6LePw9T+yGzXtqCEPtNSEo901g2q4RyuLToRl8R/
+c0Upcz3BTw7HMA0zN8K25y3QRxrN/SHBQqSMMhZkYq41AOPQ0WY8s/ZZNwOkyypO
+5dv8UVqw0JJcz4BVLIW1O+WnY7iDbRxrw7dLZrZNYDd/dY4tvMvzGxRwu1bnT2eo
+J4As9xwos7KPHsexAgMBAAGjggF1MIIBcTAfBgNVHSMEGDAWgBRTeb9aqitKz1SA
+4dibwJ3ysgNmyzAdBgNVHQ4EFgQUI9y3gbEnEdnyB/CCeu2bunnmfjgwDgYDVR0P
+AQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAkswCAYGZ4EMAQIC
+MFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VS
+VHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRq
+MGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1
+c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNl
+cnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAbEo5Nw5PYXtkRMIl92pcoMuv
+c8jKPunmMDiltl4ZooJw3NSyEB5wHVJerOQIxaMPJkML2P81Y/G+788PWZ/P/oA2
+Of+POzHe11Iz8QCSRzPY+HvPYctI6p/Cf3K2AbVMWJiMzn/mGsomRhoffIt1CP0f
+28AYYmmX/vltmHz5aC1kV3BoAlbdRKmyyeNTSTvBF9oL9g0o4m8cwGsWHdvDZR3E
+Wd+kpEGs0oT6ErwgGKgp3MrQMfucy6EzkYEwMRm/obOuROuuyXvarfxO1v/ba/OC
+zpoHxT/oC/AhzkMmnF1HAp1roWhpp0q1jlnL3q8qgE8zwg0OW0sEFTJpSWgd1r5H
+5lNaJIRd9tijxufJWT5zlTq+lfBvKUc9bQokt7rOw/vtCr8dQd9ic2FKF/4S5gR0
+nH1HYiCmC5FfWHjhFdSnLXmsfhVFwOhRrRYFN6bH6RspcwTNCohdMOFTtgwyerjW
+nUvmBnepvTCBXUqrhDuZa/+CQCG6CMDLCE5NQQclY19P1OLD/J4CxUo4+Nw4qXi3
+n/vOOnnuO59ZQxh2fXr8WhfkTyrf1dHm/i2xyoCGi0Ph29mBd5HpYWAAOdZ/0bDR
+3k31Kzs3MY9EODZsM9Zg3fkstL/zZ5Rk4JQynR+h0dPzwwZB4Rp7SnVLZnSv+Cs7
+APEle2tLXqk33eL8SLQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+DCCA+CgAwIBAgIRAOJ5tkZZMaCL5kOD6VvpLSUwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDEwODAwMDAwMFoXDTMwMDEwNzIzNTk1OVowXDELMAkGA1UEBhMCQ04xGjAYBgNV
+BAoTEVdvVHJ1cyBDQSBMaW1pdGVkMTEwLwYDVQQDDChXb1RydXMgRVYgU2VydmVy
+IENBICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAqFxCoYt6Ll1p6zbrR0TNp06jb3bNRbVty6PxvZ8J2j0HEylCcZcW
+WW0BZrwelLPoNnvUDAZ20/2P1uLWvp3Wtak+njw4LM6lyA5wZRft7Zmudb/cQLCO
+2nZBbVBqITnkPA8qKCrxFbegsPUppVD7CeaYSyMXxcpDSbTBGg3EVT76fW2qi3Z0
+dewsWYBrgrmzoWAPzwaV2uKdY+JLA1QVatXExT2ZKWEZKvX5Gb74bB4WOJraH5Ds
+Aw99bNQ7wvKbpJAgpNvWkfAQcjiI0TD3DM07RTVmMDOtv02HhcdndY5hGIQjctFs
+6d5XABwDB/i8wRrZOGaN5I16yh/AzDIdwQIDAQABo4IBhjCCAYIwHwYDVR0jBBgw
+FoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFMTyUvmZmtga2s+TRoPm
+MgvfA1gbMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAj
+BggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkwRzBF
+oEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRp
+ZmljYXRpb25BdXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA6BggrBgEFBQcw
+AoYuaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFBQUNBLmNy
+dDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG
+9w0BAQwFAAOCAgEAOaN8eJFZnVqo8b3j8Wb+q+4QN+NX/+X48UVMS+P3j98qCXaY
+Z3dTRztiQhNGEUoF5gU+qaJ2s0hXYtwqDr5/+sPISRvdMsNt3JsbJbMZrVZ25Qj1
++t2lqt+DVjjxjyOwqqqNAaFYBFqbQ06oLknVCGhzgw3bhxoo8UKqOhTBsqEqTSje
+lCaJOCVj/wtaqZbhpw6SBI0J+3jAzfJIz8HqXrApFrBs93IZQNqMQCV+hurQJ8CR
+IuZajL8ITi2I76hhzJ5Pz9jxVjfPM6fEjMRil0qFK9KiI8MglySZlwo85hUaUcfh
+Q5f4box9u6+2fOzGsGwksUJ3+++hy4bbT5H8hKjuWHZOlP3M1sLQ3VVX7wXHKKa1
+n21qDq/1CzTfUmz7q3qOhdOWPFHhnDuRdKmAD9HVYdQ5ZkYdtW6cwt+f1+pc7cCw
+00Iu3zoQt5rFvWn1xV6KcFhpikvrtjwkWarzanuYxhoWsEzhhv7pETogoXiRyNib
+VDnmPMH9oMCtkR+H6Mw+607kf4QE5yGbXuk9jjscpugkb8dei+j5ZZ/VCGA1I5qp
+RO4qULckExygAjyuepCyUKW6Ch24WZgCf9QNcTi3iRHDi0jrB4v57bJ8O55xEYu7
+Zy9c/lezjJujwkUlyDv1zSxkjt4DhA8XX4cNU2nhS+Gm7MmSLD3sPaNWwEs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhDCCAwqgAwIBAgIQDZz+3TN6EBnfuv7W+kvaJzAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMTA4
+MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBQMQswCQYDVQQGEwJUVzEcMBoGA1UEChMT
+R2xvYmFsIERpZ2l0YWwgSW5jLjEjMCEGA1UEAxMaR2xvYmFsIFRydXN0IENBIC0g
+RVYgKEVDQykwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATEkgxztTgk0WRHpkZE
+3pkSHQmSjIaQw/3a63FcWAZGdPI7iGzjk3BZu4bzwX8gNibRVGArkv58YBnsVFsD
+HE/Ho4IBizCCAYcwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYD
+VR0OBBYEFDNJtb2TE1HdIurZtOZNzGsvXOJfMA4GA1UdDwEB/wQEAwIBhjASBgNV
+HRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4
+BgNVHSAEMTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdv
+LmNvbS9DUFMwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3Qu
+Y29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsG
+AQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29t
+L1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8v
+b2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMQCSdbVtIZdj/6tR
+jOIm3EstsiEnXyQmNTniRgmx6h961LWUwjv7m3lcVY0cVowMZGMCMD07R37yHspi
+k5cevdONRzj7LJjPr4hMM/cwYZXESXahUSoraOGJj1UxNdwlPBf0rw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzjCCA7agAwIBAgIQOX5cl88TYGdArdjSOSKrWDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTA4MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBOMQswCQYDVQQGEwJUVzEcMBoGA1UE
+ChMTR2xvYmFsIERpZ2l0YWwgSW5jLjEhMB8GA1UEAxMYR2xvYmFsIFRydXN0IENB
+IC0gQ2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRIS3MeI
+CEJEwvgPfrAt2Z4woMYoPjIrPQvMfIeWmdbyFnRmN3UhX0PS/Q7VjQrTsP6vzAMH
+YBeNsqhLlPXiTRuvF5TmhOgfLmH2ZBnMsoaiEw9JtA5Bia6kQK6kC4F45ZDuU/yb
+kWzb/fSpy3Jp34DNfqBPhmhl+BTBuOF7lRY3nDva5nezflwRiYWYSlaiaVOmGuCK
+tq8kQa+l04Mvfr6ds5XoSp0rkg3HRs8Q5ZlRcPG1GR/09xOUSCZ/itu4ir+TLIzY
+UTvJ59C82AJ6Kh1IffCemAgVGLeAQ2+he3dJDb68vR/4duP1K+4XMh3VuZMNzOb/
+n25SCTPmHVaoAQIDAQABo4IBazCCAWcwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHY
+m8Cd8rIDZsswHQYDVR0OBBYEFD8V7RWydRKA2sXKvTL4W4x4uHxqMA4GA1UdDwEB
+/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMC
+BggrBgEFBQcDBDAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgJLMFAGA1UdHwRJMEcw
+RaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0
+aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUH
+MAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVz
+dENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAN
+BgkqhkiG9w0BAQwFAAOCAgEACOOuPNYw/ONEp9NEJbAbhKLw2yM85Up41S4QCKSJ
+ldh1K0A6Ma+/RtCIhDrw3AnsGsPDtIcSjcxUWgB/Iv8DUd7BFNTyUVEs8lIyWrrl
+89vBaEqV58qrCamr7SJk7yAS4lyMKm8QU+/qJtTEWaBllPCyh6SGDazBtRbS9Ziw
+z0Z9G04IK5xYItkZ5LbsRROMJgMiD4V2wmaqgw51HDCQKGsAiuuATzvUTmGfLRDr
+/JPiduBHA1IFwYx3L2pniQI3bTgrTb/M/EVlJgvYaJG/Uq2xxNfMQAG3KoTeD3g1
+6ICtrAWL5uvDsxciLvq/rKvFoM62Wwk7/mE6NE/R1HP+L3RXwEBuwtnp51+2E3Rk
+fHhOCf7kyvzamWrnjwZHmL6dN2VFlgnuzcR2C9o3zMpxjnbvwiLvrFj/ll9IlfL1
+/02mmlejTr9I5OXBBsu3I059KXxB85x4qn890B+FSDmJPrtR1bJ70nGKmGXKCyNm
+qi8Ct2p9sGMVYH5oiiwJrW19cklKFVLuR9KspRm/WwQLPusqp/GwaC4ViwDtfZTf
+EhgAMb08zcEdwjeqzwzogEiPBbyRWGGZNMVfc0AKUaAsDXeKgNvYDlZDdoim2zyq
+gIWfFoziWu/QY6ehY5Rkx2YPN3n8G/jy3MF5H6cmoQgmJ0lrRFeHS8Dr1z2OP2S+
+z68=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDlzCCAx2gAwIBAgIQfSwM8UyX1Ildwpvq0G3ByzAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMTA4
+MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBmMQswCQYDVQQGEwJBRTEdMBsGA1UEChMU
+RGlnaXRhbCBUcnVzdCBMLkwuQy4xODA2BgNVBAMML0RpZ2l0YWxUcnVzdCBBc3N1
+cmVkIENBIEczICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMHYwEAYHKoZIzj0CAQYFK4EE
+ACIDYgAEyoFvEC4e9QtFEQFPxw6SbN475Y1vO9YRCumJ7aeoE2XKnK9PfIHhi4qt
+0KO+76Tg1sOE3QGWA+KOEXrz84RnOmhyWUG4oedCxuyLrk5K/ZLg8KPhmzpFumKE
+N/QLiPdvo4IBazCCAWcwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5ow
+HQYDVR0OBBYEFBogJWwzkpn9Fe6LANo0cw8zJ6ESMA4GA1UdDwEB/wQEAwIBhjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgJNMFAGA1UdHwRJMEcwRaBDoEGGP2h0
+dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9u
+QXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6
+Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAl
+BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQD
+AwNoADBlAjAa9OvKn0T7pwpsAYDTOZqY6MeqjkbZXC2Cvxho1sEx1hk5KaEFT3iA
+TKRHTYkEybgCMQDZKsEXjBl4HyAzv6c/QGIDpoIircxxHbcjYFZL4WjjZN6tgPX+
+mL/rDXWCkTMgjgA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG5jCCBM6gAwIBAgIQD7vzxof2pKmV4hEWmOefkjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTA4MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBmMQswCQYDVQQGEwJBRTEdMBsGA1UE
+ChMURGlnaXRhbCBUcnVzdCBMLkwuQy4xODA2BgNVBAMML0RpZ2l0YWxUcnVzdCBB
+c3N1cmVkIENBIEc0ICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMIICIjANBgkqhkiG9w0B
+AQEFAAOCAg8AMIICCgKCAgEAxTUra2nGJcCFOPYx9NVeaNqIYfex7ScCOmnXa1go
+KyI1G3n+HKh63Eycl1Nch6EZ2JoqXtSvBc4lCohnd/funAmKzTbIzcrD87rOoT1l
+eb+ADC2kZatInnOXdwQs+k5DgjWhjiDLLOLnLnxzCumjcpbdu0AjO4BuO7voGTRl
+xdOKJ6n7j9lxr98AQS2171rHBch/FfGoKMlVeHGIn3UZOrcoPACcF3SXm7H+sA9i
+GFsWn+keUCr0da+vsjX/dnf2dyvR8+AmjfFiHACL0XzF2GcBCPfARgDzpqlP6QQS
+/5xMfRyyyqT2sLmhTfDlHr2mjgcqepX8ayggVeaBYC8DCEXvSVF6oAUgnoOE+8Pg
+oS9zzZXFkih80UIAHgG199HMeBCjSVmU3VYsniLSElRtkpdAuTI4qZ/cmRill0KA
+mimH6A4O6Pa65a1Xe1vio1fwrODvOa0enpV84Bs5RSuLFeefS9X/K2RBT8j7x+lR
+gdpUWeCIaEEduUnc6+yeiCpCnvWTpKxb7/hYLt6zWRy5VVl94SZQXn3K1oAUTwWa
+L6GcmebHXiPuTw3oBkkHcLY6fjaMVyQV338EhqMTR2utOMOwgWskDXldzpiWeS+a
+LUPeNeSUNDSCmxH9TJRYX6sJuoK1vSa+Fz/+doHgkTzkUV5YGDdeCaTnMs6AtOw3
+5f0CAwEAAaOCAWswggFnMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bL
+MB0GA1UdDgQWBBT2immucNhZ7T0tOUSfq7cAGcuPGDAOBgNVHQ8BAf8EBAMCAYYw
+EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwQwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQICTTBQBgNVHR8ESTBHMEWgQ6BBhj9o
+dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlv
+bkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRw
+Oi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQw
+JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN
+AQEMBQADggIBAGejRbEqIJv8jjFtBYucMqARa4aoqhSSXdPhfZRkBPxgYqloR9JD
+R0eWxeGkvJiT4MQUeRUQ4vjQfOUK/81vWPY/YbPWXhnVpfwQQ8ces0aGo8kaDbnv
+k5xCS8xyCfu+VurRfwIP3I57YXxXcGbYkoFJO5RqohszqIjxpaYNS/cGVTCfD7C0
+PLHHbpunjnvAm245TyFtqHjMvFtcICp7WlO2aay7cKEaAO6WYu1zReyYJe1wmDhZ
+R3G6dlNLEbKPu1S7cgHwG1mnCJsVtyBR8xHFhOh3bCTzqt+Vdx+Vflq6QuwZpJjj
+uB8tnM6vKoV+XlqHuffnxEifOtquP6MgB8oyqDqd+cSIKw1597ykoQQbEydJHoAs
+rG/fWoIvvc0OLRFIrC04P+eSFzXwOJmae5uShnWOYvMmR+yJUgZPQd5dD3cCxUOM
+LVLP4vCkkkjZs1PlDrS4ULcfL42FUWHBVQYOIhmySXNOI+XL/DVMmra3rN/n+SRW
++jp6dw2aNgkpJKArrjrUwxNaKTeCak/yv266sMAgGgCIxiV59uN8sNl21K+YKpYa
+yzq3oFuvlVCi8ZIBF+uzG2uo87HYRq5QP7Q2NGX0M6o/UQsSug7IzGT+9/BABD20
+IUAFf4nbbiCaqsp5uMgBOrLgUZTiZyOI5GZDxnklTFa0aes9/Y5ExHKS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHDjCCBPagAwIBAgIRAPdjgozTITow9O94rrPEV2owDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDEwODAwMDAwMFoXDTMwMDEwNzIzNTk1OVowbTELMAkGA1UEBhMCQUUxHTAbBgNV
+BAoTFERpZ2l0YWwgVHJ1c3QgTC5MLkMuMT8wPQYDVQQDDDZEaWdpdGFsVHJ1c3Qg
+SGlnaCBBc3N1cmFuY2UgQ0EgRzQgIFtSdW4gYnkgdGhlIElzc3Vlcl0wggIiMA0G
+CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDIHNShluX4pbdAt/kRedTMAPLz0u9k
+BtXHw7UTpew/l5nxLtsrE5zs4QcJT3TGMNstHMiW8x4EwG33Bl2unchFtKCWkgEZ
+iX1qkBgkohj9vaf1ZoUQ/iOtez/Pe/P0NfetqC1ChvtXT/zfFbhszPUqoyiYPfX6
+rCI/kT/6uZAgAESWu/eWzr//wPz3v78HS1yeG+QEIqtU44TxP4N5rlNT0X1SKPSu
+jcsKOWhqc3d9uKfFIRrN4OtxdO5Feu3mpjJ22LWRcS9oJYEMuf08J7O2gSkigCDD
+2RLoyyG7lbquNEhruThiSnofeQBqoABu9L+TqNvkwg7KdYLtk7FaRbE8o72csRWE
+yO8fkmElFPHkd3B7jJ/DcXNAO4cdJEWDVtmNtZQJ1YVFaxtAt6w7NcxaFZmGWnmE
+8pMAE2m0dlnvWqdQmuukUlim7RsYm/Mx0V+NGFQjHMZf4VYFw57NpAusbJxPFfVQ
+s6ZijWt3j2NMEBk/WfDLidq0HH5B6vfUfTH9b+6a3CYMNzQLMsT46qH6DnR+n/sX
+H9yK3stjFaihlHjiAvD5BIOUQwPYeBbyBnPF8rDypKbbBBEWmxouvWQYtsGxmjFB
+/Ess3oQ9EyZgBBtwuR0qWS/Vec7IyGsFTIuU0tkBA6YnJXULLnnqkBw9B32Tgcrq
+DYbF3bcHhKsMIQIDAQABo4IBizCCAYcwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHY
+m8Cd8rIDZsswHQYDVR0OBBYEFNN5DlFuCkPe3W/DtKC1vedovsjGMA4GA1UdDwEB
+/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYXaHR0
+cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2Ny
+bC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3Jp
+dHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51
+c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4IC
+AQAhgxz+gKwNY/BD5FTUSviD/+LgMviUewBNfYk122eIR52A1qGg7d8qMAxIKHTF
+twQddh93Ejm1Swd2GjfFC+768aQR3ZVSVt+O08gn8ny+Oq4ZGrWUBC+Ofuz53XKC
+eit+SARz1m80OFpYqgLlVtmn9GY6mLg+7Y2Dmb62jMv+eLbhJfIXvbA4GHYQhG0R
+l7GLcbog4dtdjDbIHGjIhBRmVYAHUMB6xl/QKVAfYGxt1NFrnL7yrsCpT235BqsN
+MuU8ux9Iqtt2Hi2XG99tfImhENIWwkliHb33uUH94qI8Dqn8LE5TsMR4M4mdirmx
+gS/cTSTpphVvH5OaMSbfiClURtN8bYLsLzheTs0jIYB+veGvXIaCFilC/FTnKKaV
+nuWFD0uIL08WW0U0mJ3F01YnH3tjJz83tZUGm17OpR1PZRnEWPvg79pMoaIPKrA+
+3l2716QIgMNUsLqldo1j5TFNSmYFVjhmAO7u9aEQzLrehRg7T7VMZlkpLpNylLhI
+5qoo3vmyqR+4bN6czcKW8jeOIqScoLAwm1m43Nq3Ce6dpbZMvko3lsUshK+3fMGe
+DLFCHj6ZncIvRD+NQIzRqVRMwPV2rx8ih/VwCvCgWHI1Fqr8qoTgB38BXS4HzQY1
+h1+196UZHM7iFcyoh4cxs1mIJFQHu1lp5POxgVuGV3YVxQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG8DCCBNigAwIBAgIRAI78pzR7Ou0QC8BJljBJzPQwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDEwODAwMDAwMFoXDTMwMDEwNzIzNTk1OVowZTELMAkGA1UEBhMCQUUxHTAbBgNV
+BAoTFERpZ2l0YWwgVHJ1c3QgTC5MLkMuMTcwNQYDVQQDDC5EaWdpdGFsVHJ1c3Qg
+U2VjdXJlIENBIEc0ICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMIICIjANBgkqhkiG9w0B
+AQEFAAOCAg8AMIICCgKCAgEAmzC4Y2Bmbm51NctZcYd3Z00oUW+VrBdvAkIKoUDy
+KvkFnGED7P+Pctgk+usIp3Yd+WMdF17KGwOvs/Z8lPls4lxkz1iKfaGFvnEZA+aN
+PsPMxNaGZL81aKK5eGs64afrtkuKQthcDwmRaNavODIAECHCfXO0Mv39J59etlNw
+gdbgPJpy7ZM7DmHbjxIxrXh1n6oqoJ/dw3JT9jQ66ZT6QUCfA6DRRhTU1Kg7QdEY
+neVOvH3N7Itw9lrosTsDLDMBTKeZB1MvSqb6SVTaz/sYAeLcsNWq9gemBrJEv5Rh
+BYdnOFjlu3MHwFahvEDj9T8XGqWLBhwAivyfgrTGcbE0AdHJCvKDjwFDxzYxlLdi
+qYKoL0+LZavOgHGGDSkYyKHTysWiVn4k1smgSHogiyS9u0twnfrpjHtyKrC9cL2/
+mRxgS9l/WXIH1KdC+vbkWlya5pizAn8yqIN6hiUmPg69pb5w3YemHIXgQkQmGVHu
+I64WB0gGy7c2rR19de37skS1PY/YkqAA7RPwP1ZgDwn6p3U6F6+1YSyG3R0AHNGb
+QddMZbtBP42gl5AMAVlyY2A7u5Z9PK9JHThNWPfFszCWBy8SvkctW/xtsUSFRKg6
+GGDsgK2/s/lVVWx4qs77oIOOHN9rd1jPe4qgOYCk1w10ZliO9hy/9xsep3rNcmIX
+2yMCAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bL
+MB0GA1UdDgQWBBQbfnu16d6gxZRFUYmNQ071SE61uTAOBgNVHQ8BAf8EBAMCAYYw
+EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICTTAIBgZngQwBAgIwUAYDVR0fBEkw
+RzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNl
+cnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEF
+BQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRy
+dXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29t
+MA0GCSqGSIb3DQEBDAUAA4ICAQB5zEyZWjq5oi6BGaT4ipV9VI5WPW+hhRv6+ZBf
+MoXpZyXhmGTkd3+ItRPmo1zyvxl7XXRECJVABGpYC/dMEgt7y6YqmJnhMLQrjZ3F
+GLz/6wN18cKp83e9qvvpLZy9RTNAVIl+PI9WtJRrVf6NyGb/HXd+atrFA81So++U
+2Q//Cp0MyxOMrd/16ZeVFrIZX0tEn/pNqbPB5HQRCPPJV85G7+cmENEMJcPCbivu
+rFYwgG3RbsLZ27u1SevPugr7bFEVCA/Ysmdm/XgUwm3QmJHsa/CRPtINSn6NJ0xT
+ZbrRIFUCSY/IVpXBPIdR9ClQ/V+xOW0h8BoOzIxsE4+S6ye5EpeWfUyBzyWtenN8
+0TYWd9ruw/WEbCR5AGpSKEouubbBkJxK/GMO+ZG5GSwG1Q5POnEuYUqvW0qhw1PL
+46sE++8mqyvXeTLUJVmtr/Aa0aOxGpo1b3LvYZE9FBCDT0r+x5+6PeNN/BoXcmj+
+HY3zqbMhHKjz7kKfyUyW8ZBWbSCX3rb+YZULdXrBTTmFFwBNNnB8UE1FWkkUZwX6
+2xsPwMpe6a67ZUszTFVgbRqQBA/mD7a57o1sYG1Zx+G0c93MG3IjMB7EAy8vb9JN
+QbvJ4THP8OFWN7k/FJl8qrVHcwXlowOBBccvxmdeDjMd78lxWw34JCvNWWTnsywe
+IsvufQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG6TCCBNGgAwIBAgIRAPKgIzEqgw+8k5VSK7gNTW4wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDEwODAwMDAwMFoXDTMwMDEwNzIzNTk1OVowXjELMAkGA1UEBhMCQUUxHTAbBgNV
+BAoTFERpZ2l0YWwgVHJ1c3QgTC5MLkMuMTAwLgYDVQQDDCdEaWdpdGFsVHJ1c3Qg
+Q0EgRzQgIFtSdW4gYnkgdGhlIElzc3Vlcl0wggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQCkUOHDJE3JR2hNtQoQSXVUjbINjoOzQrH01ANGaQPi9yxaibBS
+60xltVH9YrFPZqjqgx2sexel1RGiJAMreMzlfwY4nbYpjAbkWFhw13f7X2Tu9Bwy
+ED/ezhoTYeGqtU4EkzpqPiFSj7H2Q5mmzx1+q/SAAef60k+C0TwR5NQMF7rPo6Ob
+PdQt7frVpr5gQ11WotOz9isNB0CyNzOyn9Km8osGiq9Z/RX3/YwGarvkiw3eJ96Q
+CNScw+sN8tsiO8OOYCkDWliKh5aekGzLqzYjistRlGcnfUu+Pe47v3Z5kh74d6yy
+ibo+4Ynmly/dHRfaYAYATdTTqM0/Q5byKnVPnYIuRVNiUsDR6tp5mZAehjBR8rqk
+I2O2kLw0Ehe5NdDltqfATtGAGviVSD7aRznSWJlWXXLQMteIj2zseEH6MCH+8l24
+IgINZXrwRF1+60A5pXWlRaegiUoMQHHFfzKg98+L0KixX5aghMqN95Y5+2r3hC5z
+xZVHBIZlT5o7ujf1hTI546Zn+SmeFxb/3ByJtq/EjQ8vrjyy4XQbXDZ+PgQU3DJ9
+0gcC6mxk8DKaiikMizwmWLZGsfymKqiubF/3x/5sWFQl4dJZbLMuM8cdRQ3xOZyG
+PQphRsGK70bTsTVFvbKLQB5Q/K/Y+CKNMIehs5oMfqoCvTbvKrcWs8uVFQIDAQAB
+o4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFPuezvRC033VvHroIvctZJ+x9f67MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV
+HSAEGzAZMA0GCysGAQQBsjEBAgJNMAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBAFCBcJe+NiVfoeCXxzQD39lZueO9Zx031mujeA+NuJY4aRKM
+NpOxVMn28yVKRpa/ojO4jeMRJEu8JYLvXqRGXglZhsJOpb5pmz/gZeqnWpZGgiUg
+ZvZzTY541zkf2NKUQzFadZq0DNd+0G8YIueSU8Hs+K4tZBoUgHK+ih6Nw7/N4Sew
+BXBOaWIVVTnX4Jrv1L4r4qD9weausS6v6eRm/lteihSZ97S+hl1stSR8GlFHaQCK
+QquOZxrHLbIp+RYAFbBTuh0DvlEHyUW/hZG61fRcR0ch5ogDvpHRCQl/fJoh20Tq
+52Rl1yafWrGMcOPw/0DvAeiuEs9qmDn684xngLtltNMy8IKfLpeBR9tJfirSmVHz
+8uzzblDotpajfvwHLFksMyhSaPBl/JsqzIm23g/28aj6aXTDytgetw+ztxMyaSYy
+cfDfQqLwxXTXR8bEXQ6Yyugm3OfNrLzXXIfk+wr+BC//oNsj+M4kX2XjrY0Dm9UJ
++LEFBbvwEESzuVhtj45uXjpU5cjoa/s7BimwjlDsfPwSvtwmfySc7vJIMF438Ty7
+KZzk6egr4mcYrRd8noIEcsvynWdqBUpOAY54FF7TNS+xv4OmQFVzWrB1ENIw02zp
+/r2Z9xo66+AJ+z9Lm97SuUXL6QsfWLM0NJnMmmp22TpV5bRr0oxpc+/Zh3Iu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDnzCCAyagAwIBAgIQDgv8b44L7KxhYOJ7kf//yDAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMTA4
+MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBlMQswCQYDVQQGEwJBRTEdMBsGA1UEChMU
+RGlnaXRhbCBUcnVzdCBMLkwuQy4xNzA1BgNVBAMMLkRpZ2l0YWxUcnVzdCBTZWN1
+cmUgQ0EgRzMgIFtSdW4gYnkgdGhlIElzc3Vlcl0wdjAQBgcqhkjOPQIBBgUrgQQA
+IgNiAAQT+b3P1XVw7E/Nu7ZDqgzIRmZUabwcSjSuh4IgLPsNlFjZGfVrl+iS565b
+85fQz9g18JOBPmyKeXBJlXpzzV/9N+DDsEymmcBmiANtwE/Amp35b3ZHfA0YkLBj
+0XSmym6jggF1MIIBcTAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAd
+BgNVHQ4EFgQUH79TBvFNMYaAY5Ug8EXBNZdlqEYwDgYDVR0PAQH/BAQDAgGGMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAk0wCAYGZ4EMAQICMFAGA1UdHwRJMEcw
+RaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0
+aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUH
+MAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVz
+dENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAK
+BggqhkjOPQQDAwNnADBkAjAVzoTHg15j0TWe7Fw1LUyhZNgKD3SAsIJ9Z0SpT6JI
+UMV2x4E0l2pwnTNWRtQvPScCMBqm4oSrm83Gaejw7BYDgE1UFPTxf75/42Yd2qfQ
+dzZEKK+8z66O9skt5Pg9HFL/mA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDmTCCAx+gAwIBAgIQZEDSLrJJtouzuTzOroSH4jAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMTA4
+MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBeMQswCQYDVQQGEwJBRTEdMBsGA1UEChMU
+RGlnaXRhbCBUcnVzdCBMLkwuQy4xMDAuBgNVBAMMJ0RpZ2l0YWxUcnVzdCBDQSBH
+MyAgW1J1biBieSB0aGUgSXNzdWVyXTB2MBAGByqGSM49AgEGBSuBBAAiA2IABA5y
+eLjmrWm2wRV9+p/CUqQfBSLBWi48LiXsFDGxq71FLIcbvMXeBycXDKorztI7yg3c
+5RBBvEo5P3PVILG0XPypQu359PB8bNKmasepI/oOq20zu6skRwZy4jWpJhsGqqOC
+AXUwggFxMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQW
+BBS6CSpEmLf4cQjfD4NGaJ9TGtJ63zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/
+BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0g
+BBswGTANBgsrBgEEAbIxAQICTTAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/
+aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRp
+b25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0
+cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0
+MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49
+BAMDA2gAMGUCMQCKKRHjbLzHkwrCd6bPJFcEOkay9+uxyisUqOWcqG9B9nCCJ+s3
+pOvVOzfumTnGAloCMF7lyVnJ4fzTav7EBKXjnesx544909Rphlms04PxwhvDkjoe
+EsPQB2UIF5P8ZFnLlg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDbzCCAvWgAwIBAgIRAKyCLFg9TYMzfw1zYD7UXxIwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDEw
+ODAwMDAwMFoXDTMwMDEwNzIzNTk1OVowUDELMAkGA1UEBhMCVFcxHDAaBgNVBAoT
+E0dsb2JhbCBEaWdpdGFsIEluYy4xIzAhBgNVBAMTGkdsb2JhbCBUcnVzdCBDQSAt
+IE9WIChFQ0MpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXFGrZoovfAvwItBK
+cpYqR5Oj4qlX6OVhYO9TxH9nn4360UoR2stVIT5KTnBLWdfCJHs6F8XqUw/o0Ejx
+0HmBu6OCAXUwggFxMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0G
+A1UdDgQWBBQuYtJcsnUL6FsQscCo9/QRAhlJ+TAOBgNVHQ8BAf8EBAMCAYYwEgYD
+VR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+IgYDVR0gBBswGTANBgsrBgEEAbIxAQICSzAIBgZngQwBAgIwUAYDVR0fBEkwRzBF
+oEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRp
+ZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcw
+AoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0
+Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoG
+CCqGSM49BAMDA2gAMGUCMQDNsA5yNTqtqjd1lmfq3eIdzCBSZ9trRyQs2zph0fbV
+Km32HeTciVs+jKmAtYcmcD4CMFTQZbFoxwotQtdugK5brq43xYUeM3BJoEGow2Xj
+IZi+LYPfxjkjEi95E3P1392Qpw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF8DCCA9igAwIBAgIQNrzFqmr2AWd5v85Zh9XfTzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTA4MDAwMDAwWhcNMzAwMTA3MjM1OTU5WjBQMQswCQYDVQQGEwJUVzEcMBoGA1UE
+ChMTR2xvYmFsIERpZ2l0YWwgSW5jLjEjMCEGA1UEAxMaR2xvYmFsIFRydXN0IENB
+IC0gRVYgKFJTQSkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCe0pSY
+uR4RXNpg/ejgvR8aZJvIEke5S3YHluwq71IUDZH8H25Yvkf5qO2smnV95lsNdfLt
+ggvtgBjs7s7547WCyswZ5zb07yJs+dagYROeD1zHpuhfrXn9KPSpVRf4yGsNm6NK
+k7QqKcRdjflShRJVMrq2GTl4HL5N46u4lzTu2FDjLjlfZTDavLbMsBshRBiGwpa7
+FvCF8PR4I3aV+b20F7EAKWboMfpb84kooI6mz2qt8sfiQwikzQ/MY4YjUNGF6Ufo
+pNGyLWFIhbhKncmupPoV7O5TImYCHGp2Ez49LFXfeFKb5H01id4wPNOyFI6/QNu/
+EzqUuaeENluayPb1AgMBAAGjggGLMIIBhzAfBgNVHSMEGDAWgBRTeb9aqitKz1SA
+4dibwJ3ysgNmyzAdBgNVHQ4EFgQUQxupjGGnhGh87fufibIzmPvwRMMwDgYDVR0P
+AQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdo
+dHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8v
+Y3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhv
+cml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0
+LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYB
+BQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQAD
+ggIBAA5oMizJ0TvRwzOxjSyG30VNNGLAcJqYmjtetfU7E7jzNbo09oE0JdbuDrRZ
+jb8XgdF2LrRCferd2tr60gvSe1zfD40Ddlbzr3PZ2hRxJBmRlcuqtoGm1N3TPvuK
+9GB1fO5Xh9lcaYkwNTkky6JL82vXO9udf5cE4vtC0gAjtqzTiR/iurYya3Defel7
+5bRyyGyuh1ms1RZqr1yMsl0w/zL6ZZILv3+k3vjZSOcfU0+zTE/NeURZou0RCxTE
+9XgMFB2qjCFTa0pff9BK1u/cAOUaevB+ZdlFwFI2HBvr9kfA7x63nb1rG84Q0t84
+qaJXbZgLu9lED8XHgfM+ZtSk2o7IdBtmrlqX4vJaTtT/FnTKWXfN/FO2yWAkPzff
+Uh7vreR5VO9SVsCeZItv2iSuta9emxF1s7/lyMADG+O7aRboRg2r989pjZ9U1lLh
+B0BNEpDCqK62sapbJIdz9ffSaF5zknpd08N4ME9keXqNtq5kOEnJB8fJrKJLFo4y
+74EEHrustGLnAD55/JWlUjgecmC724AfjCYYl4bgE3n7ErAshalAGz53CpBhjG5K
+jxSrY6Bc1RlpBfx7o/TzLsZwPlpRjTFQdGJPR4EP4zsT8SIhchTm7H5sY/RxIb37
+RazWpQCviXe2+UP1gUFUHFDWndzDONa1tUfUYnvs7Evrabno
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDbzCCAvWgAwIBAgIRALNpJnuYv3Kkcbzhb4iK0fQwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDEw
+ODAwMDAwMFoXDTMwMDEwNzIzNTk1OVowUDELMAkGA1UEBhMCVFcxHDAaBgNVBAoT
+E0dsb2JhbCBEaWdpdGFsIEluYy4xIzAhBgNVBAMTGkdsb2JhbCBUcnVzdCBDQSAt
+IERWIChFQ0MpMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEG4yDqklp3H5Shy3t
+Vk3AUcGMSAGeUlPL0fztxdqZjJLVaeGBu7Jjc+/fq2ptNlWRNdGym72xkw50wk/b
+guD0JqOCAXUwggFxMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0G
+A1UdDgQWBBTsnHbwn9fzIGKbKyhXN+dxqHjBfDAOBgNVHQ8BAf8EBAMCAYYwEgYD
+VR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+IgYDVR0gBBswGTANBgsrBgEEAbIxAQICSzAIBgZngQwBAgEwUAYDVR0fBEkwRzBF
+oEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRp
+ZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcw
+AoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0
+Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoG
+CCqGSM49BAMDA2gAMGUCMQCR7l6vmfMW8QLgKSydVJSJDbzF2s8f1nNbh4bb9zJe
+6x7Ly+KKpI5PKWlKpIeUwPUCMFLAeu/HsQANDEEwqOf2yONlo/tqV9kh887Iogzq
+H5Lm+xzC7i6IiKmhRVUjPZeO/A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF4jCCA8qgAwIBAgIRANVuJGyU7WOrsUbvwZa2T7AwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDEwODAwMDAwMFoXDTMwMDEwNzIzNTk1OVowXDELMAkGA1UEBhMCQ04xGjAYBgNV
+BAoTEVdvVHJ1cyBDQSBMaW1pdGVkMTEwLwYDVQQDDChXb1RydXMgRFYgU2VydmVy
+IENBICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEA7IE0rmVTVdRdNOzK1jsR/VppyukZ/XbQgakJHOhg6XGDsiHe/l5B
+3PxyXw18jEdN+7YxP0qsGz+HlQbsQh6XlwIyjpz/2gFMiqa7y1v+dHOgj6xNOF5a
+oaPm/Qhb0N+JYQidgaC+1Zp6W+YeC736rzCMr9vL1Usa3QLzRoQEo0DzbG4sPeP1
+US0Ia/i8o6szArH+DAcvrzCZ2kkpTScQ9QfOsvkMBP1W2otICdKUyZHaBc+ztTAd
+ovSlOR+GPf29dYfGQkZAp0tffIRw/na3WB86WGZPpNFfo2QxxsHYoL3oSWKfSWTY
+FgW22J8eA03TFHYowm/NqYuJ7GW553HppQIDAQABo4IBcDCCAWwwHwYDVR0jBBgw
+FoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFJmbLfaL8KPbidSe++V0
+L2jSkE/kMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEB
+AgIWMAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0
+cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmww
+cQYIKwYBBQUHAQEEZTBjMDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnVzZXJ0cnVz
+dC5jb20vVVNFUlRydXN0UlNBQUFBQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8v
+b2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQB5t8v3uYzHa4EL
+0rOb9g/YAmptUbILcBMKk1x188ucsGVPaG1DG9bpVamxbmCtFA1MlrA7iUC8SGop
+KBnuWFsNKiC7jCbRoahT1/FSwFsSuDlDmOjr1MqDXE+or08UkXsJB57XxXxdVOPl
+DcZHII4qHi1XKK4iurMqb+kbdpAWadyfidRRCGPopYCVYLLYhRJgpFGtfr6Gk8N0
+j81jq/7QbN0dRSDzMNdadKTc7c3+i9fIrXj79lV5Wvva+OL7nh8MxQhG1Ekek7Rv
+en++jSZvaEhCrMsSedFTA/aIy7oJg85tfglF2ybK61HsobjYzdDNICKJlIm4chlA
+XIDDqw2mw0Kz2snrkp9dpvMBqahF/Uy1kHzPcrq1/w5OqZWAuDKxZ68PuZ/ME2hI
+YbIDG9dWT6Y7eqtjQ2TmAQbOqdAG2LeikPMl2DMrPEa4lcKJzsFbHfHAW3hVgPSQ
+hRfS4TtbNnxijbsp8GguMHxP2R7dpAAYybwfZdXP7WYAnwEr1mzIf0Y3J0m7GDyX
+JhaflN3G2wIm2HzRd39NvnDRmFEraqui/YYO9ym0pwq1d0S+bGG6876QCto0u3Cg
+ItFh3Za2ZeIY+g5mWrejSaDs9LT7eu44iCyebfgekdMRqFeCuGAsJdsun3LOHHJo
+tCVPRjyFg9NDeJeMa4Z8QuXAXLd9cw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG6zCCBNOgAwIBAgIQeSmaexvS3f0QpnfHL1JU9TANBgkqhkiG9w0BAQwFADBS
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEoMCYGA1UE
+AxMfR2xvYmFsU2lnbiBTZWN1cmUgTWFpbCBSb290IFI0NTAeFw0yMDAxMjAwMDAw
+MDBaFw0yNzAxMjAwMDAwMDBaMGIxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9i
+YWxTaWduIG52LXNhMTgwNgYDVQQDEy9HbG9iYWxTaWduIENvcnBvcmF0ZSBJVCBB
+dGxhcyBSNDUgU01JTUUgQ0EgMjAyMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
+AgoCggIBALmLoYT/vTd8M9b57KT3WrbFnqNQBWS3nXQH0dWsXx9g9vXycWHQncs3
+zvw1wf0NrhHeZgkwL4b1sjNWJBNxo/DYz6LdgLWZR1h6cFqfl4YZPN7iqelISBRO
+MfFg4JlQgSIFpEz4Ab1ptdAcnNYDVOgMtqvuBO30uGZwJQa+ObwgJGO/ihUrhfCC
+FB55gz3PgGnEUP2boSEwjqzFUxzClL9etbbDUIa3tlpO4T8evAEcQ3KfG5bdbyDR
+yqlwEvRZapRwmvQeD4kd/zAxFRHwwP8w9pys600/MXk2YJzB7/WiYidRXukwDA2b
+BgeT2YklWhcfyhoB3B9w4VWn2PJ2YtE+3PqR1lp9Q+9I2GCAFZX4vOl2qSAUIi5p
+iI9zU/RleNl+EV9lxCIWR0qcWDw3kM/kGusHfs6r6BBQIon14lsTIPi0t2Q98EUV
+gEALMkzdWvR1w6v9ub66qMLgAUe+mWweyd6gN9/sTBy9uKNJtxkZXxEWf4eoHjSG
+YFgWiPYXA3h6HLJEqDzndgX6oUECCK0X2PqoevYqDdrYc/Y7ke1TkpHG43mQKRcx
+gywV0z7XOPsGnXzlZiKanzB+QftBzg1FgtTEEofYNcT9bbTQ1xiUCT69ooEq9ndJ
+MuXkXhiJyXXUZPAOjT4pYu+6oBq9bBX5rq3nECQqTvXs0Lj46cdTAgMBAAGjggGr
+MIIBpzAOBgNVHQ8BAf8EBAMCAYYwKQYDVR0lBCIwIAYIKwYBBQUHAwQGCSsGAQQB
+gjcVBQYJKwYBBAGCNxUGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFGJ9
+uWbj1bWXMpYxQ3KGjEPSeJ72MB8GA1UdIwQYMBaAFKCTFShu7o8IsjXGnmJ5dKex
+Dit7MIGJBggrBgEFBQcBAQR9MHswMwYIKwYBBQUHMAGGJ2h0dHA6Ly9vY3NwLmds
+b2JhbHNpZ24uY29tL3NtaW1lcm9vdHI0NTBEBggrBgEFBQcwAoY4aHR0cDovL3Nl
+Y3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvcjNzbXI0NWNyb3NzMjAyMC5jcnQw
+OwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9zbWlt
+ZXJvb3RyNDUuY3JsME0GA1UdIARGMEQwQgYKKwYBBAGgMgoDAjA0MDIGCCsGAQUF
+BwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkq
+hkiG9w0BAQwFAAOCAgEA2h3dySyXP4DIgt1ahFv5+hSG9COBnCaa8wLBQP7Qj6Ou
+RrMkCtcLFH1j8MZNO/kp49nYPQKcLlQFmtmXVDyr35Pox8hOwpw46EGS80ZHPS+g
+50Aas2KomwwKy/gqT5hZEbetzJN4+gsM5NOOD7yb2B/dv6LChBXQnIU0h62JqbPp
+Ze9HZXiIcqHWtTWJXojBVYGUKk9NYPLHaiM/4uDqAScS3gIcxxb6/qhVXBacdiF2
+ljuwDlzOxq41CyOnmedclj5O6uBZIaJ68yYre4UqZyqi/qWnFyJVne89r+pfNy7f
+tXYwYKX79ENbc6kb6WG67knv+DSwidSu9Gj6RNLFso9V/SXdrviNNnriHg15faC/
+ZVkCEMKg6fhZTYKTbSuego7Ls+Ykl1i43mrwlMvQDJc3+xb14vGmEQJG36vPSFoK
+86z22xb71nnXlWD03/Z/o+F5XketBAUoLJ/J9IWCdG1/+OaE5aLTiWmhkj7KR7Q1
+SUOPJAbbvOFYb2b7Bc0njQb/vTJ8hlUERkobTOm5gslJEWAuFtsjxlJPEppvbYq+
+ip32s+vyPKvVmeLk/2cy1NAxxGzU8U4kch9xzA6vo3UCUQy2T34bDQErxyG2Yt0S
+MFypCRlWKvREcPOVSRCzHsfpJ58ow5eZCOs9dw+5g7OQt48zvoK6hHSJqSOPIAQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFlTCCBH2gAwIBAgIQdlP+LqCXJIG0he/zt/QyYDANBgkqhkiG9w0BAQwFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDAxMjIwMDAwMDBaFw0y
+NjAxMjIwMDAwMDBaMFQxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNHTU8gR2xvYmFs
+U2lnbiBJbmMuMScwJQYDVQQDEx5OQUVTQiBJc3N1aW5nIENBIC0gU0hBMzg0IC0g
+RzQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCzKjsiyxlOQbhX8Rp1
+0DaoIh+cIovFWFL46xFDa0tEeKoVizZbbZAswCyBtrPXfeebCn024Lmr2iRlP5my
+oejf8kJrGt+XICavL/fePZyPWZFw2O8dgwbb8WGiHmBIEu4Axe4zgvtrUOFGCy5P
+r+Tg7f0f3bKRJKx+Bp0/M83zzl4xiZWGPnoTxhEgj8DKjS9ONeCIdk/Z27m6smC2
+0hSLOG6ES23MopbUbvA0YkiiEzyzy44VtienyJyxHnrQPi7keyla9t3SuYBy+zV0
+u1gkXdvm2eDVZToavma2l25okALOkGHzvDeVL06Nb6PlystzFeHHDmUlvjpC0jbu
+Qn2M8ymRffETlhjknl16mvFDZAR0DzXim5MC4HnhuIZrvxg5N++WriFhaMK+AN2p
+2ipaNrIUDiO6d+FI3Vn9/ct5ZW7DVfxONB4k0kNWmIorHdckbhvto5RqTOl/wvXU
+KQ7PNLaqsOxSv9k1V0aEapUdYfqFQ/l2FlTjvyKg6+xsBjBx0eh+bG3HWUKOm0/T
+YipK57sjeJTk0CQavFwDwMjMmtYkAV6d+uJmae0TwIQQqZuYsMvORQHrouJws52q
+rJGaq04hAGoSgaQt3HNaOaQV6ApTyQY/Ns0vTw0VzSKIBr7U3kNredbbsuI6s6SC
+Xw4B6Rp3eFroVqM/r530W+Ua2wIDAQABo4IBaTCCAWUwDgYDVR0PAQH/BAQDAgGG
+MD4GA1UdJQQ3MDUGCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwkGCisGAQQB
+gjcKAwQGCSqGSIb3LwEBBTASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRS
+wK4pojmXF8u9PslJVeRBDj5l4TAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove
+4t0bvDA+BggrBgEFBQcBAQQyMDAwLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5n
+bG9iYWxzaWduLmNvbS9yb290cjMwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2Ny
+bC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBHBgNVHSAEQDA+MDwGBFUdIAAw
+NDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3Np
+dG9yeS8wDQYJKoZIhvcNAQEMBQADggEBAISTcJYEYPJUY1NfYznp/okWeAajZj7a
+pwvTsG8O2ZpigK5k64780XztL8S8BLq48Sq1mNiI2yFSVtdHbybzq8cySIeYprS7
+caeHecHI17ZJZyy0SUbp3m3YDouiUdYWzDmzydk1W7LZhKnU2SF4TxqjrHXHfMMD
+OEmi5jB0OTUvwT/mKsFH2wk8gr/blGieHwLVZbl+8GaXu9dyDxUvGJzPmZxNypr+
+1E2ZsTeVE0pXxFBtrt7PKV/b6CTwXwinpl6M+oFM/txpEQbtJmxyuF1l8xAqiIb5
+jLvH7MlP9ERIP5T27e8iluZ4ZOnD1aDmCxLGGd8iOCMrRMJv2hhuxwY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFgDCCBGigAwIBAgIQBG6lDwhK7cZI+mGDCmb06DANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwMTI3MTI0ODUzWhcNMzAwMTI3MTI0ODUzWjBNMQswCQYDVQQG
+EwJVUzEaMBgGA1UEChMRU1JJIEludGVybmF0aW9uYWwxIjAgBgNVBAMTGVNSSSBJ
+bnRlcm5hdGlvbmFsIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQC5eRKUjMENdDOH3OfxucwLgQrmy+ZT2SMGcxj9GcyT436M8CcZZFmzrUEE
+872qkTM+4hT/4tYB7OrpT9B+04ED/f2eRQHW28BDPW35bZDilpUjFvXXxRseZb+1
+pq8GdkK4bXY5TjB/mLpcfz06he8w2rs0oGrD+TmuBP1CnfINaUNEaPr4dKtvvPea
+jhoYmyRwwjNIfNO4VNSyb0cVQdF1+t1GSRsM/mwF16HKh/5n8m7lYD7YL3IMKm4/
+6pGwinIrWXk9cMSaxpej86Hb9Zz2FJrSBDrBEqBC4jyUZ7tN30xRX2oIryCywCxZ
+i94QiDGN90otj5yu5g6qkC3FNU+1AgMBAAGjggJCMIICPjAdBgNVHQ4EFgQUJ1Yq
+DgZgzUHL6n9tNFEGmttVs8AwHwYDVR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1WtZc2
+p9YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcw
+AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMIGBBgNVHR8EejB4MDqgOKA2hjRo
+dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIu
+Y3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1
+cmVkSURSb290RzIuY3JsMIHTBgNVHSAEgcswgcgwgcUGCWCGSAGG/WwFAjCBtzAo
+BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBigYIKwYB
+BQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVz
+IGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50IGxvY2F0
+ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTApBgNVHREEIjAg
+pB4wHDEaMBgGA1UEAxMRRGlnaUNlcnRQS0ktMy0xMzUwDQYJKoZIhvcNAQELBQAD
+ggEBACB4IF51FveALn8/7u+hRiI+T0coDoFFiCdtFYF+kqI8KzIY39UmQ3yScayc
+5B4o2xkr0Yk/CEj2xS03B3DG4SLRVZNHt7XNBjcj9VfB0pkybizxsx/be7gM0rMk
+zu0sr2Zko/HBldGs5iGsVFb0KaB87f4qQ4qScPuDcCRpYX0XpOMBgMLRXhpylXgT
+7k9hsmmdY1AHGEjZxQWaYKNN1T1XJdTrHngTnN7KysWZc7VkvEYb40fdFBKHJcoX
+bUVTBB0k5+V19+U+Ny7maV+Lv0wVi0/ajBRgTWy/kkIaFlFy9C8G/AbVmgWdyp+h
+SWKIeLLiAH4OrXYVhoZbArH1V9w=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGtDCCBJygAwIBAgIUHN/ZC09ycZhg4wHHbDaMYdkfEngwDQYJKoZIhvcNAQEL
+BQAwVDELMAkGA1UEBhMCQk0xGTAXBgNVBAoMEFF1b1ZhZGlzIExpbWl0ZWQxKjAo
+BgNVBAMMIVF1b1ZhZGlzIEVudGVycHJpc2UgVHJ1c3QgQ0EgMSBHMzAeFw0yMDAx
+MjgxOTAzMzNaFw0zMDAxMjcxOTAzMzNaMHMxCzAJBgNVBAYTAkJFMRkwFwYDVQRh
+DBBOVFJCRS0wNTM3Njk4MzE4MSAwHgYDVQQKDBdRdW9WYWRpcyBUcnVzdGxpbmsg
+QlZCQTEnMCUGA1UEAwweUXVvVmFkaXMgQmVsZ2l1bSBJc3N1aW5nIENBIEcyMIIC
+IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAmLsm3G2sWV/LTr0gC5iOXSSL
+DXGEdSFvK7dsEU4wgvy3kv2sL1bpx4g9UjmoQuUiLVfvuIWOSmcunFA9CoTf+vK4
+uTxqvYjOVdd6dAjUx4D+xgGGdQdONKFNv+V6PPZ7KziNO/QfJWZhw31sRv/3vybb
+ZdVFcaEoGhisYw6GpJ+nQfzyTuvwnjyFdNsS5qA4YgNXrmHcH91PMrM3pesCa0iA
+hB24snUAJjyggJWXLR3rUm7QXgOulkfQtFEPwvq66kmVt6To45h8CvmCcwqDLPp/
+H1N2oMuTfEnxqDFwUP4pRHcCzUt9CWNdk8wUyyUWnWd5/YMFI2rMK5tdycfuwzxv
+LJn4LOUEqn0hvxtV4w1Q15MV7ipM1AiPpaWXE1WU7BNFcKO2aPWygQnkJOEKW7fg
+Aq0QG0FdqqGb12v1c06EQvRi5D5SJQNq15A5cpqy8XdaeXkANP/IlAMI1cnsPMBS
+IySuQ00zQVqHiIv+q3kls3oz7PV1aglrZ3pJXp9BZGPdcZjhJh5JkVaF8zQ6qrLP
+a+YO8/ud2Bklt6I0E4EY/637VhcPYTlfxmvZIPfHjM8HWdjBg2c/i+sd5CsIfeeU
+OWlUZV3jZbtgQijhe3meejHpbYzggZKM0jUU8/p6vsvzBKRhqj2bgABByUcFaLHH
+LTBX3BKrSpS+hjgan7kCAwEAAaOCAV0wggFZMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HwYDVR0jBBgwFoAUbCa9YFUpKU5mMgeg/2OLg1pLNMYwdgYIKwYBBQUHAQEEajBo
+MDoGCCsGAQUFBzAChi5odHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2
+ZW50Y2ExZzMuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2ds
+b2JhbC5jb20wEQYDVR0gBAowCDAGBgRVHSAAMCkGA1UdJQQiMCAGCCsGAQUFBwMC
+BggrBgEFBQcDBAYKKwYBBAGCNwoDDDA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8v
+Y3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdmVudGNhMWczLmNybDAdBgNVHQ4EFgQU
+h8m8MZcSenO7fsA9RVG0ASWVUaswDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB
+CwUAA4ICAQDHIQoeUvLVsFvHnBcPOctpcR7L6CHNblDN2FuSuc+f0FNOPA6V42r1
+kKAI8gz+h27FL46tHmQ42FCWLdhvLBnRA/MKr/8dRx2AMcsDrj4XdEeWNQkWTaxl
+Eb9kSPXWOSRoHZjJW+lyxE9BcMLhZ69mBIL2jmLwhf1OPOolp1T8M4chAgfDMmNm
+RRIJZdUli7N6xY6eE7mAGNoFKkbryrHwpU8KEcJz4/4h6AC5jBmWuOGHiqeBF2x1
+cwBoGnjpHO55tK1Wz2BK+z3yb85YPGseSSq0t28vRCfxOyyucizBff+e2YqgDL1g
+4FVthrMPa0FjfjbanPfD+azwCJHRSTKrxMeNEF87rt7BnR6myI6sQ43yjvWAeScY
+8aekoJuxapoN1un+1EIjWQjKVy4GWP2pb2pZtdYaaje+V6uQaLc0Y/gO/L2/KyPj
+EXgXoEKCImGvDczkR7koSMflqwjzPUL2Yg9jsFqpGRdQs3aHomnTSikpnXchYaR1
+43pAl1ILFFN/UZM8Br9jaeR3ZkV+PsEPrvV8OEkjPMSG9eJSTjGkz0Aj4bAyIBRu
+iKDRBV5dKJhMPIKke6Vo3+buovXMT6qY/MV3MrSASvDDWWsUHENSpihCZlPg+jeV
+T5SU8jeTuDpHQQpE4yU8VVK84KnQBtxutSuhm0flD6X1EjmIjKnOPQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDgjCCAwegAwIBAgIRAO9kCADxUMyMns2lqg7MekswCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDEy
+OTAwMDAwMFoXDTMwMDEyODIzNTk1OVowYjELMAkGA1UEBhMCVVMxGzAZBgNVBAoT
+ElRydXN0T2NlYW4gTGltaXRlZDE2MDQGA1UEAxMtVHJ1c3RPY2VhbiBPcmdhbml6
+YXRpb24gVmFsaWRhdGlvbiBQcm8gU1NMIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0D
+AQcDQgAEbag3C3VGu3FZIxFneS4m6LSlKA/wIEcL97sX2vlNViD7wx+ISWpBPkz3
+r7hqKFS+aofuB+wkpE1h+5BAZti5i6OCAXUwggFxMB8GA1UdIwQYMBaAFDrhCYbU
+zxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBT7uGqkdDdtH64tyTLP3lkbeFJiOjAO
+BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICPzAIBgZn
+gQwBAgIwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29t
+L1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUF
+BwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VT
+RVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz
+cC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2kAMGYCMQCe7xYIGkTd8VPfBXHt
+nFSrQTsCJGhxaWx2TvAcihPSHzCKypEjOVsvuKGj9tDC1EoCMQCNlL56ITy+ytza
+qlUdjrE0OS/QOVucZROkJrjsteR8eWqXd5ozVuaNwk0tlMSh/3E=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF5TCCA82gAwIBAgIRALcp4lNC8JQrJz7078ThsNowDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDEyOTAwMDAwMFoXDTMwMDEyODIzNTk1OVowZDELMAkGA1UEBhMCVVMxGzAZBgNV
+BAoTElRydXN0T2NlYW4gTGltaXRlZDE4MDYGA1UEAxMvVHJ1c3RPY2VhbiBPcmdh
+bml6YXRpb24gQ2xpZW50IENlcnRpZmljYXRpb24gQ0EwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCC2q6/4h3BE+nPe56TEn22EiCz46b2AjFuY4z7qVAf
+1rFCWXRg85uWAgJhrqlEtHCfsgrroIcIl7NJEaja2Uiv6YE7FUqmF2mosz/NJC0J
+8vF+x3rgEbVCB2HixJUCNm7QgQb06kP4vTYeNmwJ+HOtxM3IO5BwHRRpNwra26MC
+naUo65yUSjVkdbIeJMLbdQS/5cn1mjMkuM4/YhYGwG9WLDqiUYom5/ywVluICsK9
+kDoEbSPCCCKq/I5ppoKd0fqsLKCHnjCyzNAr1ChtEKwuBMkLN1YMFF9sJZynp/lr
+uZnmLRwIHuV/7VTdSSggD70Izt0z6juVerC1ClskQIOLAgMBAAGjggFrMIIBZzAf
+BgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQU2IqBMe+y
++r+xMf0GokRcRlSeLHYwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBgGA1UdIAQRMA8wDQYL
+KwYBBAGyMQECAj8wUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1
+c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYG
+CCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu
+Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
+Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBQ4Sczbviy
++S2cQnotegi65gnTbjmaSTsZg7C/Uuf7tJmVOdmOsL0DL1diJ6/2fVKGzoeqOqOb
+1roXQWr3FmSNZyPXK/XnyNf6vUNmXt1EgGIvbCp/kDZlxaqia+eI0VlDA0eXuK0a
+lP4pEkLbeRLySrHu8YWMgmlksJAy5d24lmxHSp5FmF89YqTqX0y1GKEiI3dHb7QR
+vyphwt6LLq3o1X5i1vkLyks/QfMS6r+NCzYeN9ETRiypQIRqvuMQqCc1FRna3BY9
+L8XivJ6guAlBJiPr7dzm4mwpobrO0C/Tmu9OjL/jDD7edHR16eiJ6O0vwR/DEKHc
+0VvaNqLEx7szuxJRhqD02QmlXPsKca/TOE7RyfW21+fEFXij7G2YfBILmqwokk4Y
+RTWNEJogN1sOV4JZYRSbUIdSPAFVNk9N5s/buzShoaZa+HaMFpk2ZToRxTSxGlmp
+ZiIxn9Lsmkwe3IaHauupXrIuK1dmEd+rEpiDS7Cu+3MVjgJVJy0De+G6KPQYkK7b
+VcrhZbEgGIjkfBrQwOCK1B+mY77K2f8Yv7r7ZH3yZvT7WtYd1emUnDkxkmSUwzzO
+RyMOqgXCfyjSXnpd5klIebO+9WRsYgD0UzOrDKHqWYp7TR1zxOtUixu/ndzhq3qU
+Kp0Hlq+btDzsLB5HaUr0iEADIoFortfBuw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzjCCA7agAwIBAgIQVGFdl5j7DGyBksFR1YNATDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTI5MDAwMDAwWhcNMzAwMTI4MjM1OTU5WjBEMQswCQYDVQQGEwJVUzEbMBkGA1UE
+ChMSVHJ1c3RPY2VhbiBMaW1pdGVkMRgwFgYDVQQDEw9DcmF6eVNTTCBSU0EgQ0Ew
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChW6aqHblaacSQUKJXIDU3
+4Lh7opPq9GBkU4MonOoDZdPJXAYAYB1MeOhvVXJs8776QFVPaHkMcKCHwrx+OH+I
+59HNIVxNBtCnljfaEhFtrL2I2LHkPtjmAFs2EmboWMj8VDCI5X5Ff07fihfDRnOr
+Fmr8Zta64StgOfOjpLnAdb7Oq7XBy5OjhzGAR2s1tpbaTk6AOJXYqaK/KPx3mfSI
+vLuIPn9ipHU5DHFOlErc0W0Z4axLXYdk+dFKF6G/UTXFvN32KuhV7kXW4F3MKGqo
+315pahSEcVjKd3alJAYrIU2icRuWR0ISU6yR8RxpzHSYIVxG4Pd3xxv8KY+5LEGr
+AgMBAAGjggF1MIIBcTAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAd
+BgNVHQ4EFgQUusN971engNMgVpf3BA34pTz1ickwDgYDVR0PAQH/BAQDAgGGMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAj8wCAYGZ4EMAQIBMFAGA1UdHwRJMEcw
+RaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0
+aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUH
+MAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVz
+dENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAN
+BgkqhkiG9w0BAQwFAAOCAgEAElXkLKGZDlmmgCFlTZsJtbia/FOGo7AbmSoxwp54
+k34jyjmF/k7R+FZuTz7o5iasNYfGhJ/eKsXTUh9RZND0c62++Mw8iLFI5KuqWiZI
+fGZWCADpMUKbsoQaSN1Oafrkc6OuyJJVtojezzv8Ah5/ubzmUCYXp45r/8Z0+5lO
+SrKkkKC5/+fhbi1ZPKlGqtY2Y6AEeHhTAss43fmDsVWVv2wnAIuZg4rm0Bk2iHL1
+UaS05FWXHu7CJQ8Yz4KVnxrBrJ/Y46nkA8ijUDcWXL5ScUANYiBmkasmkbb0BEEu
+cJih79ofggHedBtIygbCYWin2NxJf1FaVnaX5X84C8tDzelkPCx7H7tw4v8ven7h
+LrkWwVOq7HENZDiuOVN7t3fOqrlFruwKCQnk5XXb9MJQ4TxJ4X/YiJPBaxa+dSIY
+Dh1zCSAVPs+rr2RE2dCSK3VZnpNloR0fkZSQ0KHwTYBJf41EwwlnJTzwV+D0VFEz
+5xU3m2fbkBwJb+purTG1jPQvE1V1KvamAXwj9mt3ybm84bPOUEw0iMg+zmn2H0NT
+6In60aT3E6Iy1UH0x0C1IYe4FvKLyR/FKz12kZbZntdZhj+wCC0bofhO5WXFtZPJ
+y8Gvo0i3EH99vrDzdwQyJyi9v1MGpaHNkDLYNdJKpCDVbFOrDNs1NNghZz5p8ZT4
+DO8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3jCCA8agAwIBAgIQWAE9mhEYoCYAhMiVAzSf2zANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTI5MDAwMDAwWhcNMzAwMTI4MjM1OTU5WjBUMQswCQYDVQQGEwJVUzEbMBkGA1UE
+ChMSVHJ1c3RPY2VhbiBMaW1pdGVkMSgwJgYDVQQDEx9UcnVzdE9jZWFuIEVuY3J5
+cHRpb24zNjUgU1NMIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+8M/70kllIlWZl7Y6EkDO8ohq0wnnlYqh9YhKSmcFnEFMORW8MYYCPdMQW6BiNgbj
+NBb2txv1gI3RYx4/vMbGXVw2eDahZeCPXiZFvdAKTTCdUtenG/tJHYCLHoPqS/KD
+RgTrcvwMk7tCr8wmb3/Eha0fDgt3uMb6DAQyp8PHy04mXy8P4e3A39t9G+YKfpAa
+nqRHJ19buK6mI2I5AYv8HbSylfXOBHGqbq1Yo3P1MVX1e4AoTulb8wQxrjA9nSf4
+GmboMKSg0LGUn4RWL69Wx4NOxfz3vPhA1JRZaTlqw+xi2y0ulYPf8t3jF7uzhv5V
+0x1+tlQK4ryT28uE5BBaeQIDAQABo4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/Wqor
+Ss9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFDYOoj4y64YfqpcUPYDaRuLEIklHMA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgI/MAgGBmeB
+DAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20v
+VVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUH
+AQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3Nw
+LnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBACAiONLPcKqPlGuMLfIN
+5zx4rVfp/ylVR1xmCOYt0wxA0D+aAL5p4Sin5XDi9PnHOiKQeQmjwPig+MV2lJXq
+DKKR64r6LdG0f7elrrGcO0bjo+VyphdPqdxZc/Pki7IJC/CjRhwaO7yKyyLWEYDs
+rZRzjUl3qQ3VQvEq5Hp4BM218P4y3dmdf/XhKR09Q55FV1HIbP+nx9zwdaH144xN
+YHVkHn9+Ni6oSr3kpIEmC0SO1xoZI/vApD/ymZ1IRCqzxXgxMk68JMsFM+YuoCea
+NL6+flLdyM9Y40M/X5joe275AKb1BAoaUFea+2omf39T0F8FovYstezbIS33gSTi
+ch66LU+Olr2oyTCiQNERWio1oJFUwKbVoDsN9xF2ZCg+qTEi6jNoztIVcVg9q32G
+0Np7VbFoxFEhoS5ZF3HTtNvWR0E74nsYZYtGnT05hTn5yR6DEzbVD+mEcanIWxPU
+qSEAH/ZnPebjHlSt595FB8YxSF971eJgyWoVtErkxpnF18aLc9B2BfPiIGrRA5sH
+lvX7rl5bprruF+u1AuhvkTOCXl9zJErotr0f7Hi305U0yr1I4jXPBWNr4ZapSLbm
+kq7KjVa0gGx8516IVdUwQq+xPnPH6FcoFeFoqcsX4EZ/9VUjohiWUCap9MfQ0cYq
+APTjHw8xAdafvrvfGIHKKS3R
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF6DCCA9CgAwIBAgIQBw1L/czFd0GTl4v2bxUqqzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTI5MDAwMDAwWhcNMzAwMTI4MjM1OTU5WjBeMQswCQYDVQQGEwJVUzEbMBkGA1UE
+ChMSVHJ1c3RPY2VhbiBMaW1pdGVkMTIwMAYDVQQDEylUcnVzdE9jZWFuIE9yZ2Fu
+aXphdGlvbiBWYWxpZGF0aW9uIFNTTCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAII1rRFRR4lrRuxz51ibnGoeutWQLLXQQQh0Bb/LOO+JguZbZ3JY
+MP21tdGBFitmtw1lse6n/NG9+oUTOyBVpY0dLKEnI9djXejm5BnFOSvaNwlzXBWn
+iNLByEWCasvD4flXfA3moLNe7u6bVqaBXhYdPpc+NIXWG7z2vZk6KGDmb58apNvY
+61AaShGOxp7HOKE34KI+qrsDMA4ZMImKotxeij6Wvc6kImyG7G1IFAnBZJJO7M4Z
+fTXWpwiNxnAmF8bvxdbBKxWL+dgl1+F4oKOw9GMW/rby/Z/bH/9ggXnJqMJH93RC
+89ONZSGCUThJI41G+WPJd+NEUycDZFcSfGcCAwEAAaOCAXUwggFxMB8GA1UdIwQY
+MBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTDV6YJmAibJ2S7t7E9
++aG3BMtiBzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIx
+AQICPzAIBgZngQwBAgIwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2Vy
+dHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3Js
+MHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1
+c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlo
+dHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBl7b5y
+LeFlE3k3C+IWKOosclifAzQh/gv0Scd+h1jQpOWWbQA6lgMlBvQJZlhyetDbWgeY
+5lxqQews+ANz2mPnBcoiHibBhYrVfT/IS3XrZ2xFqY1bAzm3SQ6JJxd2i/lUu3cz
+kSBJ8WDfGHNsVMIMgnWph+4HMRYoD2FeCry7MHeTKEw/8c1F7lO5XQm4/m16XSJB
+786njnAKUYQm/4QnbDX5s+CyEEB9fJ8enBEKaW/snioDIhKZWn76HDEhhXD0WQdH
+zBetJpYZAzKXOquxo2bl8kZDXYUtdtp17GUPThDEIj7FkYYlhnrnaiWIZ8c8Jhlh
+InH0qjBfW+r3SGhJg/lOzWRNWH38KXJi60YwKU/sHoCLMbVwF838so1PSWLuobuR
+X1fSLuz/NMBJsWjU3qVPXSRakelGEgn6Kr8kxVCmfqjLCoa5m13SMc/14RE3xblZ
+K7OskzdFWi/17ZFixShFix443uRV4EucNZSzbkUZvBr/ca9vIUg+37tkhDPbYCmU
+fooN3XpEv0uQhzS7BAV/f26JIX+QVL8IqNSKi573cT1fpaKTvZvSo6RIGlPf2KS0
+dA9KLgiTM+7azslAAX5i9FfVnWmuMsfWHlSn8XCyQXqnrP+o1Lzba3Sj2Qt/FN8l
+1i09K9sZ2x2g1pJZyD4M/RHFUdlL2HghvummDw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDYjCCAumgAwIBAgIRAMPUKMN4jsXBS0QHU7GpitYwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDEy
+OTAwMDAwMFoXDTMwMDEyODIzNTk1OVowRDELMAkGA1UEBhMCVVMxGzAZBgNVBAoT
+ElRydXN0T2NlYW4gTGltaXRlZDEYMBYGA1UEAxMPQ3JhenlTU0wgRUNDIENBMFkw
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE7rbVFW3RhTnDGmzrrjT4Sn+KBZACr0UT
++jGII6ube6Ss3KmBv79QNXoe+aFG6ppeeeBd1srJ8hyKJRSSVry1TqOCAXUwggFx
+MB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBQzk4Zz
+YNPn/S14gk4rAPAZduGgNzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTAN
+BgsrBgEEAbIxAQICPzAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDov
+L2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRo
+b3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2Ny
+dC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsG
+AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2cA
+MGQCMFX96n1UmUFvakg4PC9ZpE0PdOXggtpVfbWiV0bLuSDy2+sblJkxaQoGEsC4
+UiCzDAIwY/v8pWtuO2AG6PGY3G1WdtFw+91CqMU6FuNBXM/NqEKrJDZxveTf5yli
+M4wb3Yxm
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdjCCAvygAwIBAgIQJGSVSBLLB3o3k9sPvSI4mzAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMTI5
+MDAwMDAwWhcNMzAwMTI4MjM1OTU5WjBYMQswCQYDVQQGEwJVUzEbMBkGA1UEChMS
+VHJ1c3RPY2VhbiBMaW1pdGVkMSwwKgYDVQQDEyNUcnVzdE9jZWFuIEVuY3J5cHRp
+b24zNjUgUHJvIFNTTCBDQTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABI5NMoh+
+VS4FSC2Rsa1fRwqmBmp2QUgl0DPBUS6jmag1BBa7f9wmPGy4si2GPVfoMz0m+lnS
+PkmEEq3FBOvyvrijggF1MIIBcTAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1
+xmNjmjAdBgNVHQ4EFgQUDHjMvC/J5+3pyZPimmekbDiBBNcwDgYDVR0PAQH/BAQD
+AgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAj8wCAYGZ4EMAQIBMFAGA1Ud
+HwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RF
+Q0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYI
+KwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NB
+ZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0
+LmNvbTAKBggqhkjOPQQDAwNoADBlAjEAvnvLZ7hjnfCa2Srvy1HJbnBgXIIiGgTt
+mkZhWTGVgTZn71gP/GIzPiqHS6sG7axkAjAwkjEP40PKftR/OBbGBKJGVeVsrBQs
+kI7B7gS5/SCkJjou+bHS7cvQkk56GvfQdBA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG1TCCBL2gAwIBAgIQbFWr29AHksedBwzYEZ7WvzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTMwMDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBLMQswCQYDVQQGEwJBVDEQMA4GA1UE
+ChMHWmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBSU0EgRG9tYWluIFNlY3VyZSBT
+aXRlIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAhmlzfqO1Mdgj
+4W3dpBPTVBX1AuvcAyG1fl0dUnw/MeueCWzRWTheZ35LVo91kLI3DDVaZKW+TBAs
+JBjEbYmMwcWSTWYCg5334SF0+ctDAsFxsX+rTDh9kSrG/4mp6OShubLaEIUJiZo4
+t873TuSd0Wj5DWt3DtpAG8T35l/v+xrN8ub8PSSoX5Vkgw+jWf4KQtNvUFLDq8mF
+WhUnPL6jHAADXpvs4lTNYwOtx9yQtbpxwSt7QJY1+ICrmRJB6BuKRt/jfDJF9Jsc
+RQVlHIxQdKAJl7oaVnXgDkqtk2qddd3kCDXd74gv813G91z7CjsGyJ93oJIlNS3U
+gFbD6V54JMgZ3rSmotYbz98oZxX7MKbtCm1aJ/q+hTv2YK1yMxrnfcieKmOYBbFD
+hnW5O6RMA703dBK92j6XRN2EttLkQuujZgy+jXRKtaWMIlkNkWJmOiHmErQngHvt
+iNkIcjJumq1ddFX4iaTI40a6zgvIBtxFeDs2RfcaH73er7ctNUUqgQT5rFgJhMmF
+x76rQgB5OZUkodb5k2ex7P+Gu4J86bS15094UuYcV09hVeknmTh5Ex9CBKipLS2W
+2wKBakf+aVYnNCU6S0nASqt2xrZpGC1v7v6DhuepyyJtn3qSV2PoBiU5Sql+aARp
+wUibQMGm44gjyNDqDlVp+ShLQlUH9x8CAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaA
+FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTI2XhootkZaNU9ct5fCj7c
+tYaGpjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQIC
+TjAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1
+c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYG
+CCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3Qu
+Y29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRw
+Oi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAVDwoIzQDV
+ercT0eYqZjBNJ8VNWwVFlQOtZERqn5iWnEVaLZZdzxlbvz2Fx0ExUNuUEgYkIVM4
+YocKkCQ7hO5noicoq/DrEYH5IuNcuW1I8JJZ9DLuB1fYvIHlZ2JG46iNbVKA3ygA
+Ez86RvDQlt2C494qqPVItRjrz9YlJEGT0DrttyApq0YLFDzf+Z1pkMhh7c+7fXeJ
+qmIhfJpduKc8HEQkYQQShen426S3H0JrIAbKcBCiyYFuOhfyvuwVCFDfFvrjADjd
+4jX1uQXd161IyFRbm89s2Oj5oU1wDYz5sx+hoCuh6lSs+/uPuWomIq3y1GDFNafW
++LsHBU16lQo5Q2yh25laQsKRgyPmMpHJ98edm6y2sHUabASmRHxvGiuwwE25aDU0
+2SAeepyImJ2CzB80YG7WxlynHqNhpE7xfC7PzQlLgmfEHdU+tHFeQazRQnrFkW2W
+kqRGIq7cKRnyypvjPMkjeiV9lRdAM9fSJvsB3svUuu1coIG1xxI1yegoGM4r5QP4
+RGIVvYaiI76C0djoSbQ/dkIUUXQuB8AL5jyH34g3BZaaXyvpmnV4ilppMXVAnAYG
+ON51WhJ6W0xNdNJwzYASZYH+tmCWI+N60Gv2NNMGHwMZ7e9bXgzUCZH5FaBFDGR5
+S9VWqHB73Q+OyIVvIbKYcSc2w/aSuFKGSA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG1zCCBL+gAwIBAgIQB1YA00tK0LoAYM/wc0eNjDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MTMwMDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBNMQswCQYDVQQGEwJBVDEQMA4GA1UE
+ChMHWmVyb1NTTDEsMCoGA1UEAxMjWmVyb1NTTCBSU0EgQnVzaW5lc3MgU2VjdXJl
+IFNpdGUgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCWNEBLoW0h
+Vdjte1dL5NiPbPPNpQasf1VzX2N61yh1/rJaL/WEc3+0hQoVCQdwQZSIoN9RnCQd
+LbuHmpyRFr+CbSrF/VH+YrkhV3wvDh04Ov0HCdj/RcOLY4UGRF0HM5SrMnPXaw7z
+D4NGN6tPonlwUA2rVLd9Ha5IPgvQQBMlKjZw7b08uUebhxuXG2DQcAlKcIwatJlt
+RT5vkUPxPjBepe++GHpg4HyytApieRN8qsgWwa8RyTfLSezLx+tX4qK/B2QB4x9G
+UQsGGKyqTj/Vy5oQo39JVMMqPT21xBVfpdIkv27R32Tu2Lb9QJoIaXg2DwHyaEOi
+A+j+YbbMGCSI3gzNvCZuMGxbk7ne7SzSDCGhBC4JeZhYmdBDKCfVMQLx9gAA+uy7
+wOdpJfh+ALgsU4LMtgIdM+OiZTqo7w+jSYu9Jg/J49DPclQCzqCm9eaNrfUptBsv
+Ar6rCtk94dYzuHh/ig0UGj5+s5niDlsQdPFuSnufB8eueSrRTrLPt8OQ5LCAzdlw
+C50pXmfxvUjiMva6n/grGrd/9ZzBhqg/sdqSlW/YY+176L0n/9ETql4zS4r8r7Ub
+sNU4jMmwHHB0wHaZSPMT+soPY4J0DWNbCotYyCpf63+JqX6gAxIE2TojYhZ4kfCV
+jR0emLTs0I0W/pnuXIQV9XymDUvLCtEa9QIDAQABo4IBdTCCAXEwHwYDVR0jBBgw
+FoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFK9VXvzalyhTvfw0JGGe
+efu8g3zTMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEB
+AgJOMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0
+cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmww
+dgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVz
+dC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0
+dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBADo9leXl
+JLa+wW9HIxU1WVraEGaLISYIyhWosUaxDbKc8MP5UQoQM01MrRiMf3zn46J4AQqt
+Qn6TrH1hoBKOSF2DmaehlzhpUxHuVntyr/Ga7HtudFKFnvnO5c3FZVsjlycu9i/T
+gzuKZEhacn7GBnNJlSr8AdoXL1Xk1CcjlO+RDH1HPy+OcFg5kSMuC03j0bDfYHkc
+GMsMze4cY6BUJdbI6zHQFlMACx3sCeOYyvTCTMInpM0pIavRGOk36MsTgkdHRrsw
+DyBeRQMWUaLexiuaEK8lrXSFiOp0Rr0fLOOyfiy4XDtyicFL3dbYwtjjdeuWCVsu
+d1wP6HZFzNZ5E0ZhMQNLyo9xGvByOPRvfnOsSLHDJJrfHS2gEcVmZOOAyFzX3QEO
+MWA92C/DSwdKA/xYMq1Dlyhkh4MIPkwIWrVVx1a2g5CX7q7r207YxPqI3EI0Xb5G
+wxPb7S6r4/1KdcyM+yApf+lINtx3Dv1qSgrOzfAYGrBMrkbQCQWliTZPpgKijskI
+RomgeX6Xxm2RN1ifRNeCdhaR/kGT9d9xTFmp8nSIO4tfY/NdlSsBYSw9R0+DoD3F
+3Q53KDRIgZwe4XBgJ48AdXwOm4cCIv94tXkNpcyb/I+18hEAne3nPCCcQCsPbSCh
+GodI+HGUp6NRYGZrD2yq8r+FhD4BLK79CumB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG6DCCBNCgAwIBAgIRAP4S3e34ur2sFTfWXr8OPYgwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDEzMDAwMDAwMFoXDTMwMDEyOTIzNTk1OVowRzELMAkGA1UEBhMCQVQxEDAOBgNV
+BAoTB1plcm9TU0wxJjAkBgNVBAMTHVplcm9TU0wgUlNBIEVWIFNlY3VyZSBTaXRl
+IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAj9Xc6J1FDp+kBN/j
+gVUSn3PFDEfUO5w9a6YGBiSxpS+1MGFTEuP1fzC5bQPitw/+vBZkMIetQdLMygIr
+NSrdSSJiTwnd/Kx+iL3xSbzFehlHmn2jSlINMY7d/fUvF2CymKfP4G6A7+kxtGTt
+fdBM5gjUm43Lnbd+T4WUGC3Gc0zht/Fh/vYZOe5o+z9260cwgIxWdlgsyNO2NdRi
+R9Urh7J8W/md7EuB0zxC2L3cpr4o4Isq7VtJm5yrPKDzzED0jS4/2OOurXwlF0Yy
+fuenkCSz8RlczR8KEw9eqNZdLEO4g5A1l/qDoM9j0AY7WXX8j3j8LuagKyqlixno
+tp08BwS1PdEpCnkkuXk8q0yHtbevsmTCYnZcDtqpHxY16Zo8vzmE1PnA5ons1R2F
+oOYzyObxhQZ4gbtoNf5tGJ5RtO4MkONN1D7G6CdK+sWSER1qzFwfhIg6mS9RqQpx
++VQnBLLdLo3siPmPb+oCuDE16YgpSqZjJWHmUiO6txhq/8G9OATffMgDVuHEH824
+MJk50aYMqdctrAOcQsJxvX7Rk/B8IpUrsbF37ehTM5gv0pf5/0noSiPNUIhmi6UV
+B/SPNuUJV25dP4qb4rs1h72JSYTeqD2LxxQumU2TXmTDoMG5rlaCsUqTKPLUx2VS
+TCLZed8yw5z9nX4Hy+yKntrAuVkCAwEAAaOCAYswggGHMB8GA1UdIwQYMBaAFFN5
+v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTov2yT2Blo3TA4urSRtMfS8X7H
+gzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYB
+BQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGG
+P2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0
+aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0
+dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNy
+dDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG
+9w0BAQwFAAOCAgEAKa20C8B403IwSNG78JX5Qjsgc5QCy3qB1V07MZaD2m828j22
+DmFpn2KSdQiXnWNe/UNuCwFa+fbZnLn6Ev4PIb8N+NUkmR+MhTrmf1zJnUvzHAnC
+4O1HcLgZFuHBahXIKP3Fsvc08JsAmu8WHB0gBjzbIVVAKxiVZsn9ZFupKrlLmYTm
+x6DKGc4gUqIvf3jqI7+6ZzWaLZedEHQ/vEQZ/ao3fwI/0PEDvwFk6Hk1fSKzT2IF
+ypdztzQPUJD+LrnVANsBR9n2Mcdk80o2OinGtV7BE74bBwFF050Y2QU9Ifr6UPl/
+e39CSwLFUMFnh+KHxSrOXVRq7XcEULMCJsddC7I5Bdln6a+/8IGhuVn8gYcQjLGa
+q40betervr0SXBXxNgfLY3fPBt1Yma3UDkwu8kN8egnkvIE5hUKJ0sC1+zX6RFzE
+czRGqQQVUZvwZWg+mYWy2UGcucjbqE23W5UhA5SejxRvJ2Gfn8l/CW1vVj+qhZ4k
+Ph5HBXVMA+UG7rFD8tIlaAoGEwpTAcs8s9kTRkFsZSOiqQZ3zHAidX64uoLED/XX
+7o4tr6LMWgUL0PnLgqAgmbRXE0eZ/lHXymmaYErcxgYi78td6RdZEl7E8/35SmY6
+8kycjoCyp7FcWe2IlBM9FVwnH2HJ+HQ072lnN4PpTi7gUcaMyWUPilFaTTs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhTCCAwygAwIBAgIQI7dt48G7KxpRlh4I6rdk6DAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMTMw
+MDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBLMQswCQYDVQQGEwJBVDEQMA4GA1UEChMH
+WmVyb1NTTDEqMCgGA1UEAxMhWmVyb1NTTCBFQ0MgRG9tYWluIFNlY3VyZSBTaXRl
+IENBMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAENkFhFytTJe2qypTk1tpIV+9QuoRk
+gte7BRvWHwYk9qUznYzn8QtVaGOCMBBfjWXsqqivl8q1hs4wAYl03uNOXgFu7iZ7
+zFP6I6T3RB0+TR5fZqathfby47yOCZiAJI4go4IBdTCCAXEwHwYDVR0jBBgwFoAU
+OuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFA9r5kvOOUeu9n6QHnnwMJGS
+yF+jMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgJO
+MAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVz
+dC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYI
+KwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5j
+b20vVVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
+Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDZwAwZAIwJHBUDwHJQN3I
+VNltVMrICMqYQ3TYP/TXqV9t8mG5cAomG2MwqIsxnL937Gewf6WIAjAlrauksO6N
+UuDdDXyd330druJcZJx0+H5j5cFOYBaGsKdeGW7sCMaR2PsDFKGllas=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDiDCCAw6gAwIBAgIQMH4Ub8vZMwFxECZP9TIeFjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMTMw
+MDAwMDAwWhcNMzAwMTI5MjM1OTU5WjBNMQswCQYDVQQGEwJBVDEQMA4GA1UEChMH
+WmVyb1NTTDEsMCoGA1UEAxMjWmVyb1NTTCBFQ0MgQnVzaW5lc3MgU2VjdXJlIFNp
+dGUgQ0EwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATeUQs3vD8M4pK4SZde/LhAtIuA
+5HFyUKgw4MnhuSA/DxSX3yBN+llcPLQglpe33jf+iXMclxM8wPGYvdbu0+s1Ouct
+7PTxCA40nC9/cXKZkiKJOMeDOH9YiqF/JuFJ60mjggF1MIIBcTAfBgNVHSMEGDAW
+gBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUSM22PoVW55obm3wgEryT
+ErJPBUowDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQEC
+Ak4wCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2
+BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0
+cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjEAzZDsD2qb
+dqzbBvL7Uk9xVHJxElsnNWGwpog/RVQM6TLxRp11vaWsapzdT4Kb3l5EAjAJvEI8
+X0HTatQ1vI/krwCd5B6ujVUkB4tF3O3BUsTu5QuRiJ94bhC67uMqjco23mo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDmTCCAx+gAwIBAgIRAJYwaDTXq4V3OQgle50Y11kwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDEz
+MDAwMDAwMFoXDTMwMDEyOTIzNTk1OVowRzELMAkGA1UEBhMCQVQxEDAOBgNVBAoT
+B1plcm9TU0wxJjAkBgNVBAMTHVplcm9TU0wgRUNDIEVWIFNlY3VyZSBTaXRlIENB
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEm9DZyPnlQJGjqhivZY8Y+skpPNRacTuO
+bsP9z0frAqEDcJhqJ190yLzDMf8NGZGfu8SsJdUDXg/J3iJ0NdhGnITABj04DN+k
+JZxrAM4mnUBw4i8EGwETp8tNv/JLdySZo4IBizCCAYcwHwYDVR0jBBgwFoAUOuEJ
+htTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFDvjtdnD8al22mzMv77c+qs1GnJY
+MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAjBggrBgEF
+BQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkwRzBFoEOgQYY/
+aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRp
+b25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0
+cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0
+MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49
+BAMDA2gAMGUCMCVFz2ZgF1pzEwi8Pv24OcGXzzI6kkcVoTcbEY8OKO0mhgYd4xWa
+e8YZaQaYwaIYKwIxAKYx1ReoZ0+ChsvoFFqJwqSit6JBL7jhV7sN3jF932Cg9mrl
+Nimp6l92VjCtWCTHcA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC5zCCAm2gAwIBAgINAf6lgMJYpzHLw7OeqzAKBggqhkjOPQQDAzBHMQswCQYD
+VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG
+A1UEAxMLR1RTIFJvb3QgUjMwHhcNMjAwMTMwMDAwMDQyWhcNMzAwMTMwMDAwMDQy
+WjBCMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz
+IExMQzEPMA0GA1UEAxMGR1RTIFkzMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+8rfkbjTwx1dixmkxk3b8dhsNCYRCnpKv6jT9gnu5BtJlK3kG/l57HRM9E1/GwErn
+pBxDBnkLeee+Qb3VxGWHs6OCAUEwggE9MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
+HQ4EFgQUqmPVghc9NFM8RUBMjCXah7zRnh4wHwYDVR0jBBgwFoAUwfEmuqAtroWB
+z9PxKhK9uApn/bwwYwYIKwYBBQUHAQEEVzBVMCYGCCsGAQUFBzABhhpodHRwOi8v
+b2NzcC5wa2kuZ29vZy9ndHNyMzArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29n
+L2d0c3IzL2d0c3IzLmNydDA0BgNVHR8ELTArMCmgJ6AlhiNodHRwOi8vY3JsLnBr
+aS5nb29nL2d0c3IzL2d0c3IzLmNybDAdBgNVHSAEFjAUMAgGBmeBDAECATAIBgZn
+gQwBAgIwCgYIKoZIzj0EAwMDaAAwZQIwU7aBuHn0ga9DpI+pVPx0hwo1NWeNsjfF
+8MOu9Hl/pR4Quyri//In9uZfC7Q0DNztAjEA4NOsow/XOOUPqK40g8LFYMdVq6cZ
+dZd4327Q9Qu24pmWG7ucs8wTKkrtPKu966DP
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC6DCCAm2gAwIBAgINAf6lgUR+O/07uBwkmDAKBggqhkjOPQQDAzBHMQswCQYD
+VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG
+A1UEAxMLR1RTIFJvb3QgUjQwHhcNMjAwMTMwMDAwMDQyWhcNMzAwMTMwMDAwMDQy
+WjBCMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz
+IExMQzEPMA0GA1UEAxMGR1RTIFk0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+qPJbOoggUvyliF5Us9hq047KDrKP9uViYwR13jjZCM4rgkOdciVuN0w8zuxzFnQW
+aY0r085HwQKAr8rGsbJYdqOCAUEwggE9MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
+HQ4EFgQUtKeZiviRSayOWLmzXk/McJjNImcwHwYDVR0jBBgwFoAUgEzW63T/STaj
+1dj8tT7FavCUHYwwYwYIKwYBBQUHAQEEVzBVMCYGCCsGAQUFBzABhhpodHRwOi8v
+b2NzcC5wa2kuZ29vZy9ndHNyNDArBggrBgEFBQcwAoYfaHR0cDovL3BraS5nb29n
+L2d0c3I0L2d0c3I0LmNydDA0BgNVHR8ELTArMCmgJ6AlhiNodHRwOi8vY3JsLnBr
+aS5nb29nL2d0c3I0L2d0c3I0LmNybDAdBgNVHSAEFjAUMAgGBmeBDAECATAIBgZn
+gQwBAgIwCgYIKoZIzj0EAwMDaQAwZgIxAOhvO8qdXxFs2wSJAm77pG35iMG5jRNG
+MK0GjO9MtzB2JLeHTAEub7vCDoytztbfLQIxAOmhOSYnPWPr9Zjs9I7yLckfXtEa
+XraMLPrXQeXfVmKJMMbZlihKfi17khRqOAWHRw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIExTCCA62gAwIBAgIRAMPgD58ALsVZugLEpfJgDF4wDQYJKoZIhvcNAQELBQAw
+gYMxCzAJBgNVBAYTAlBMMSIwIAYDVQQKExlVbml6ZXRvIFRlY2hub2xvZ2llcyBT
+LkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxJzAl
+BgNVBAMTHkNlcnR1bSBHbG9iYWwgU2VydmljZXMgQ0EgU0hBMjAeFw0yMDAxMzAx
+MjIzMTRaFw0yNzA1MjAxMjIzMTRaMEgxCzAJBgNVBAYTAlVTMRswGQYDVQQKDBJS
+b290IE5ldHdvcmtzLCBMTEMxHDAaBgNVBAMME1Jvb3QgR2xvYmFsIENBIC0gRzIw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbkYqr0vNYKfrb4HxEOVZ2
+8K/ect1UFZJqUfvJe1gBWj0iTNkrlK5ZWpRlbEYdLxEIugwN1ElB7yX/i9p1RZ02
+vbl9xeJE3W+fihNhgF5netuF61IMDkzHBAkNU6IoTOgtaWAYOVSP2eMTKXCrUX/r
+8aX7/k3JZo6Q2flXUEnYcntMfAkXEsFYTD8BF+3LUuF+x2lckP2dAysr6FbTTCH7
+nmXzw0obMOtVuYdjfFnW/j3kAk1IDK2tM59wfuxHBvBamKMfNIfB246DlZwCyjov
+rvrZv6wo4KGqjgwjcADR2jd6ieDEAGkpUkQ3GKKLv8l9HTkX+2DlGELIIn2PEK0J
+AgMBAAGjggFsMIIBaDASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSxwEZx
+76iODUHKX5uVKgLuLGIRSzAfBgNVHSMEGDAWgBRUmd2b/+inDqMZnVu+QlffMPyP
+MjAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MDgGA1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9zdWJjYS5jcmwuY2VydHVtLnBsL2dz
+Y2FzaGEyLmNybDBuBggrBgEFBQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9z
+dWJjYS5vY3NwLWNlcnR1bS5jb20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0
+b3J5LmNlcnR1bS5wbC9nc2Nhc2hhMi5jZXIwOQYDVR0gBDIwMDAuBgRVHSAAMCYw
+JAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0B
+AQsFAAOCAQEArPzcDkmtVrPvJyOPoFtW+YTfr6kvUd6V19OGHCBXajT08ejepxHC
+pFJ1riE4nWjYgVb0XMzmjj03wBXPWSPEf6PaAPKJACkUzkU8DBqkDImiPRJ0PEI3
+0n4v+EePESwf6p3C1Oip8aPtwpDktjpEyBOzv9WHEvadtKQvuR6imd1SQuMnHRxr
+KpDf0OB33oSiJCjr2Fnf8oZ7BMG0J9Xd2UNc6ewaqZKgFj3qJgQf/MIzQaTOVxhv
+ZoFnOzqwVvjnKPXWGV3lPZ8ipZgWnaffKmGvqHVOWAJPTs1+RkOWD1bwaqFu88Zr
+AaJrGIy9xXc/OP8fOpZXHN28p+y5fj0p0g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdjCCBF6gAwIBAgIQD8F7JOWbM97N/zvWMOqKwzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwMjA1MTIyNTQwWhcNMzAwMjA1MTIyNTQwWjBDMQswCQYDVQQG
+EwJVUzESMBAGA1UEChMJQWRvYmUgSW5jMSAwHgYDVQQDExdBZG9iZSBQdWJsaWMg
+SXNzdWluZyBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJqcd62M
+maCIFhpshqSZu25dTVsthyLGlMwgo91z+Om+QUTayHBq955tupzHErqGZ23Rhu0f
+DiUnbJbREKaXL5/Ww9j/GQ1p6tUQ0NJm9RX+AhY2K6vXIDSpKBXNVOpCPQxUaUI0
+SkwO20isSHbbstXXf4u+smZ6oAgW8aYSSrHKq6o6on0+wu2NHzIyaG7Q68cCbRHc
+aSgmmzChWdBW8iU/vunpvY8aGi3yUnbjyfT+I+ZZvWhVlos0tQi0PqS9cEWcQEOC
+FnXoepbeC7P+sD7BHDHZpw9N6/isao5zwbU+yuaXvNHIDSvYw7dfXS4ZzuvIBLG2
+WpoWG/B8Lhq+eLsCAwEAAaOCAkIwggI+MB0GA1UdDgQWBBR7KELkLEG2RDl10VBd
+BHQRluHmrzAfBgNVHSMEGDAWgBTOw0q5mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8B
+Af8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v
+b2NzcC5kaWdpY2VydC5jb20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwz
+LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwOqA4oDaG
+NGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RH
+Mi5jcmwwgdMGA1UdIASByzCByDCBxQYJYIZIAYb9bAUCMIG3MCgGCCsGAQUFBwIB
+FhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxB
+bnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5j
+ZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRw
+czovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMCkGA1UdEQQiMCCkHjAcMRowGAYD
+VQQDExFEaWdpQ2VydFBLSS0zLTEzOTANBgkqhkiG9w0BAQsFAAOCAQEAe2XCuNtw
+/7JdKTxxhQZZSDlAw+m4/Go9YEnHMgrXUSpiCxZghqRH7uLQWT+saKQAp9qcBKO8
+yo2gZ31kCjCOiMNsJYQYPR9HeU9UzYz3/X8XXDbJI78TpQOLhYpJOTuGS3aeRiLu
+Z9XPsUd4M5PSMfY9bmJ516isqGEe+iPpShN5fOa9l9H/2+6xV/X/38okGtABidTe
+W4lqSSy+ZlnQd+SwGMYSoiH68hvJ79CWnF2pVgvmA4MFrABQUw24q3X2r9Vfi3ch
+wp/ENsmUhyWV1sEqVDZXs58zcR3g4A8Xi+w8JhnXUV40/f12/yOrXK5r0JSPhoF4
+6HIrpwB5M6IpzQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFhjCCBG6gAwIBAgIQA3dkg5X+rkBw0ajVnPFjMTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwMjA1MTIyNjQyWhcNMzAwMjA1MTIyNjQyWjBTMQswCQYDVQQG
+EwJTRTEhMB8GA1UEChMYVm9sdm8gQ2FyIENvcnBvcmF0aW9uIEFCMSEwHwYDVQQD
+ExhWb2x2byBDYXIgQ29ycG9yYXRpb24gQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCtVuM8Lgh1f7qdFwmCSq2G22c5AE4GBJh4QtrT/nXdrZBDQyvz
+DJEC7AOde82mxjnxRoxkyE1LCwlyxgFUWTTMHdsNwtBlG9LN+cdaTe/+ssGpV6wS
+W+viFRrFfGVCgbqqy0dxkU9nV5gnkWG72Mt09D/3SOwhF4xZlFRoUtjaSwVV2vJH
+QV025eWUlIa0hGqGZKgMXtrNh4UfmBhH7Y60GKCXmdd2KU3JZkREgEo0WcK5Rt+d
+gb592ufCwLbVB+n4W4eMDARHsABbphLGpNiXTqaxhMaQ2Ar+dTHRccYoUjZPgppb
+9Juzola+W1jEVPcmmP/1uiQHGtp3h3lTrZkVAgMBAAGjggJCMIICPjAdBgNVHQ4E
+FgQUjjH+02KNSjhOePkn6pvMSC6OAG4wHwYDVR0jBBgwFoAUzsNKuZlV8rjbYL+p
+fr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
+BgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggr
+BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMIGBBgNVHR8EejB4MDqg
+OKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURS
+b290RzIuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNl
+cnRBc3N1cmVkSURSb290RzIuY3JsMIHTBgNVHSAEgcswgcgwgcUGCWCGSAGG/WwF
+AjCBtzAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCB
+igYIKwYBBQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0
+aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50
+IGxvY2F0ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTApBgNV
+HREEIjAgpB4wHDEaMBgGA1UEAxMRRGlnaUNlcnRQS0ktMy0xMzcwDQYJKoZIhvcN
+AQELBQADggEBAD00Yy36gcGMioD+g2WpfrBu3YIuEMRf1BPvHCE5Yyq9rkZU4YoL
+kmha3IKwTHWT0/1ZTiotCpchJ+cUaurwcMt90kOogW7azp6T2+BJZVYTmmxwZAoo
+pV9aBGse59qhmyaWJtUl7rNk+fguB3gTGew7HK37otwjoGjuJX9P1NsNhblc/Bdy
+SjbENIKfjFbu574t+bvO5H897rXuytZM7WhfnMFaPzR/HR/Tt9ivZCFkzh2LM9tK
+tR/bUlK2WdTtd+YeuyS62ws1HwvNunZWF/wQxuU0bGLCw6xLcQp6bZ1w+yQIDm3e
+5BvdQ13QQDRwSaAkfuSzFwijZEUMM7Jnpfk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGNzCCBR+gAwIBAgIOSUEs5ABoqa4TNDQoI7MwDQYJKoZIhvcNAQELBQAwgacx
+CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
+ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
+YXRpb24gU2VydmljZXMpMTUwMwYDVQQDDCxOZXRMb2NrIEFyYW55IChDbGFzcyBH
+b2xkKSBGxZF0YW7DunPDrXR2w6FueTAeFw0yMDAyMTAxNjMyMjZaFw0yODExMTQx
+NjMyMjZaMGExCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UE
+CgwMTkVUTE9DSyBMdGQuMSgwJgYDVQQDDB9ORVRMT0NLIFRydXN0IFF1YWxpZmll
+ZCBFViBDQSAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/uyvAd0
+Yuw+PoYO/2EqxdSEdXnmPGc7w4q14+Mhew/ASTmeeN1f5z5zjCHKyQpEtcEmdYx9
++wTFW66XW+GSVdgM1mhGl84ihGh44XzDPHXDoG3TaydQzNw1JejfgoIzMfGEI5Qa
+hSGkhnePRt8Leku07kiNXzSkibTuyUemh16wG8jpHjO0FNJHqq/u8zS6djVAG6IM
+Chwwf7c+b8eOrsgZUvYecQacFLqeps2OGfbOO95sUOb5E+nHmyaxhCmGApPGJCiw
+K/yZk1hcf8z784EjHPC3HwFDA0FjY9Zr2OVe4+ps3k4wDB12nqyuSLY0qPEyWEyw
+piOivkGrEtjmGwIDAWdPo4ICpDCCAqAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B
+Af8EBAMCAQYwHwYDVR0jBBgwFoAUzPpnk/C2uNClwB7zU/2MU9+D15YwHQYDVR0O
+BBYEFLDcla6YCMiPFzbgi7zkSbOPSzpXMIIBPgYIKwYBBQUHAQEEggEwMIIBLDAs
+BggrBgEFBQcwAYYgaHR0cDovL29jc3AxLm5ldGxvY2suaHUvZ29sZC5jZ2kwLAYI
+KwYBBQUHMAGGIGh0dHA6Ly9vY3NwMi5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsG
+AQUFBzABhiBodHRwOi8vb2NzcDMubmV0bG9jay5odS9nb2xkLmNnaTA0BggrBgEF
+BQcwAoYoaHR0cDovL2FpYTEubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0
+BggrBgEFBQcwAoYoaHR0cDovL2FpYTIubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9
+Z29sZDA0BggrBgEFBQcwAoYoaHR0cDovL2FpYTMubmV0bG9jay5odS9pbmRleC5j
+Z2k/Y2E9Z29sZDCBngYDVR0fBIGWMIGTMC+gLaArhilodHRwOi8vY3JsMS5uZXRs
+b2NrLmh1L2luZGV4LmNnaT9jcmw9Z29sZDAvoC2gK4YpaHR0cDovL2NybDIubmV0
+bG9jay5odS9pbmRleC5jZ2k/Y3JsPWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwzLm5l
+dGxvY2suaHUvaW5kZXguY2dpP2NybD1nb2xkMDsGA1UdIAQ0MDIwMAYEVR0gADAo
+MCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3Lm5ldGxvY2suaHUvZG9jczAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEBAKNUbRRH
+bw1HtuynqiWW19XB3Kct6OnRhqIE+EjhK3cxP4LRp6ORAURzKmYhazRYSreixjTX
+OHXtJdA1/sGOma5GyVfBACBGo2YYO4cq24XKZxhiCXhcMsKKga3g34Nh8q9HEvQu
+eAcKAsmw+l7o5nTMTHDA1rNhcEXyC2J88Xklu+mNSxrfm+wMkuuET28QQL+yF2Uc
+Sl3y3qE2wNuzwwN1Mi3cY6ACVMPy18E9xTZfnH6jvdKUgi2djk+tAXU7FfC4XFXi
+WHLG0PE3c6TybpEpUoZBPUqg7Z3sUxaUOOLgAbR8fXWZ7HDUq7K4ksz0u46rk87q
+aNQXbv2uB8mA1+0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGLTCCBRWgAwIBAgIOSUEs5ABpEcvCPMeYjPgwDQYJKoZIhvcNAQELBQAwgacx
+CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
+ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
+YXRpb24gU2VydmljZXMpMTUwMwYDVQQDDCxOZXRMb2NrIEFyYW55IChDbGFzcyBH
+b2xkKSBGxZF0YW7DunPDrXR2w6FueTAeFw0yMDAyMTAxNjQzMTBaFw0yODExMTQx
+NjQzMTBaMFcxCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UE
+CgwMTkVUTE9DSyBMdGQuMR4wHAYDVQQDDBVORVRMT0NLIFRydXN0IEVWIENBIDMw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDlmVAR2SYwaYcXcU8XBr7Y
+KABcKYYngUBnBHYNCeQu5Eb65YyEdX2r2Jpb+E/xcWMFvOb5HW24smL3FM+Oc8gp
+nNXw4S6Ifs25TPEFuaDV4wZC0UZdraCX1XSFmgA2gvT44NgMow8EEiWmF+RPTcAh
+c2Gj1qgCKWNiiS75lnBwQHTPPX9DYPOWjiu/+/Ln8vX7mIAd1+/Rx2V2HU0TRT/b
+wnCt7h90CaPjPe2OYIWwh+1wOgu38EK/ea+YTlbWeXSuRFVv4T57iewgC0H2Y2Ro
+bFAcuXLnGSm6J/XfFphGPW4h3vD9d7CHO/OP6CuK/MmqxcSTHeZz3eR5u1CQsGwz
+AgMB+eujggKkMIICoDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAf
+BgNVHSMEGDAWgBTM+meT8La40KXAHvNT/YxT34PXljAdBgNVHQ4EFgQUaQLXT+xW
+P9AMG+uKHWs5kbjAD1IwggE+BggrBgEFBQcBAQSCATAwggEsMCwGCCsGAQUFBzAB
+hiBodHRwOi8vb2NzcDEubmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYg
+aHR0cDovL29jc3AyLm5ldGxvY2suaHUvZ29sZC5jZ2kwLAYIKwYBBQUHMAGGIGh0
+dHA6Ly9vY3NwMy5uZXRsb2NrLmh1L2dvbGQuY2dpMDQGCCsGAQUFBzAChihodHRw
+Oi8vYWlhMS5uZXRsb2NrLmh1L2luZGV4LmNnaT9jYT1nb2xkMDQGCCsGAQUFBzAC
+hihodHRwOi8vYWlhMi5uZXRsb2NrLmh1L2luZGV4LmNnaT9jYT1nb2xkMDQGCCsG
+AQUFBzAChihodHRwOi8vYWlhMy5uZXRsb2NrLmh1L2luZGV4LmNnaT9jYT1nb2xk
+MIGeBgNVHR8EgZYwgZMwL6AtoCuGKWh0dHA6Ly9jcmwxLm5ldGxvY2suaHUvaW5k
+ZXguY2dpP2NybD1nb2xkMC+gLaArhilodHRwOi8vY3JsMi5uZXRsb2NrLmh1L2lu
+ZGV4LmNnaT9jcmw9Z29sZDAvoC2gK4YpaHR0cDovL2NybDMubmV0bG9jay5odS9p
+bmRleC5jZ2k/Y3JsPWdvbGQwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUH
+AgEWGmh0dHA6Ly93d3cubmV0bG9jay5odS9kb2NzMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQsFAAOCAQEAuMMpNc9hJBq1KN5/VrLz
+P+cUfReJD+wFXsY1HT+FloF3xkaoif5DPsarWg6o0e+RQRqSE66NkVIxUlESsf65
+rf7OTNhWnEIE0v15nISu58k2hWQRZW0SP2kvx10q30Fmb3vHNXCehrxmTmslsWQ9
+6rZetkT0Ut4FA2JIfUC/4KcEjFQomF4xYD2QI/EKxTsIksCVaCSLDwhj2xo+G9R9
+O9glDujZMkhnjFCZ6/4qf5s5klgbt1wVOxXNNxmE7SI5nKhv01npck6ndU65fVxX
+9iyMVYA7Ju0KO04GwgrrHLJ2YBjE6CwiVUou/yyMuS5BOkqCkque/QoflubvBWGL
+eg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGlzCCBH+gAwIBAgIQQAFwOzq6gYzJPK6eDrjUEjANBgkqhkiG9w0BAQsFADBK
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVu
+VHJ1c3QgQ29tbWVyY2lhbCBSb290IENBIDEwHhcNMjAwMjEyMjEwNzQ5WhcNMzAw
+MjEyMjEwNzQ5WjA6MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MRcw
+FQYDVQQDEw5UcnVzdElEIENBIEExMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALurFDtNUgw/fTzPkHWZDcSsSTbdDYEBPmbeosWjT9CSko03fkhuS8Ks
+QVo5zoCP93ZcILUjXje+wIErPqwOGyuBie+XFGWQDVF0SsP3rfKX/UJ+oqoAetzn
+R8QTf9eSmzNx0fj8oh10KFFSHrwilvJ55Vp52Wm09RXozoUUSlVIORwAhjk35wjj
+ja5cZYPptVY4J6NbjajbizP45A9c+qYTWfxvSH2RiNKaR1+QAP21YlnHl9uPFZnn
+zYUkdeAA2SbZQAFjotrp9N26qwTxwPZw8l8SPK4Fi31D+aw8vI8doRCLYPefjkRe
+cH5BlKu/OxwY7KRPOgnGnbi5GvwZNlcCAwEAAaOCAocwggKDMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMIGJBggrBgEFBQcBAQR9MHswMAYIKwYB
+BQUHMAGGJGh0dHA6Ly9jb21tZXJjaWFsLm9jc3AuaWRlbnRydXN0LmNvbTBHBggr
+BgEFBQcwAoY7aHR0cDovL3ZhbGlkYXRpb24uaWRlbnRydXN0LmNvbS9yb290cy9j
+b21tZXJjaWFscm9vdGNhMS5wN2MwHwYDVR0jBBgwFoAU7UQZwNPwBovupHu+Qucm
+VMiONnYwggEkBgNVHSAEggEbMIIBFzCCARMGBFUdIAAwggEJMEoGCCsGAQUFBwIB
+Fj5odHRwczovL3NlY3VyZS5pZGVudHJ1c3QuY29tL2NlcnRpZmljYXRlcy9wb2xp
+Y3kvdHMvaW5kZXguaHRtbDCBugYIKwYBBQUHAgIwga0MgapUaGlzIFRydXN0SUQg
+Q2VydGlmaWNhdGUgaGFzIGJlZW4gaXNzdWVkIGluIGFjY29yZGFuY2Ugd2l0aCBJ
+ZGVuVHJ1c3QncyBUcnVzdElEIENlcnRpZmljYXRlIFBvbGljeSBmb3VuZCBhdCBo
+dHRwczovL3NlY3VyZS5pZGVudHJ1c3QuY29tL2NlcnRpZmljYXRlcy9wb2xpY3kv
+dHMvaW5kZXguaHRtbDBKBgNVHR8EQzBBMD+gPaA7hjlodHRwOi8vdmFsaWRhdGlv
+bi5pZGVudHJ1c3QuY29tL2NybC9jb21tZXJjaWFscm9vdGNhMS5jcmwwHQYDVR0O
+BBYEFC233htZfiqYLs3h1BvjxRASXukUMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
+BgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAgEAf+wSnMoC1+jZeGtN3Ax7e0y3T8Qs
+xbwxdm5FWAhU0V+O1H3qJhdYATxQ3ntx/yD5S0Zrkz6DbdKo3aX0M5g1jfeY1Fy3
+Sz0U6DccmqAebNIToXFeh9PLtxRwAgYn+eYtA0w81Umgb9AGfYdV3rhseBYodVZt
+18c9uBgaqlbnbz0S8jCe7uobwakyCied7grN3ckC2U/Q156fpCb/Mu2UgGPkFayP
+3crE/Gr7Z/He5O2szQZH520avtHvPEKAZ3pervn6cG3eTS0R8sF3h/qYW81Cwmvm
+yz0TKiWltpW4b0lqzB0Q8t/3fB74JywgRStrOEqZ7OGAjeMVXG6pRls4KJRwilB9
+/b6XLA6NcpmRayfEEeooSJ/BZieaCsAJ53fxugA1xQvW7nW/fud9qYUgFzma63nC
+EJ/r7T9+ujwvmgpQD7CCAyQ7KLUuc+F9iVBbDSLhIFxqoYihO0rmW6xRvbHXC6a0
+pSTe07EQ3NFtm/Z6sA/q4/+TDdAvnisIWvvMnb9Pqs08sTz/dCkYGnoBqMAuHVLG
+ck5Np+GdzLgB1+ZwGS/1Yf0sg4/2o6K1eOMqmQc0NwoSoV231EsHtsTJsoANmeQ0
+cDESZ6fwbHIs2HTZNllyTE5x/sFSzfLCxMBLUEeHky6BZkL6ytgDAUvZFubAZDMy
+Dbf2W23GdxfngDA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDeTCCAv+gAwIBAgIRAOuOgRlxKfSvZO+BSi9QzukwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDIx
+ODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowRDELMAkGA1UEBhMCTkwxGTAXBgNVBAoT
+EEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNVBAMTEUdFQU5UIE9WIEVDQyBDQSA0MFkw
+EwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEXYkvGrfrMs2IwdI5+IwpEwPh+igW/BOW
+etmOwP/ZIXC8fNeC3/ZYPAAMyRpFS0v3/c55FDTE2xbOUZ5zeVZYQqOCAYswggGH
+MB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBTttKAz
+ahsIkba9+kGSvZqrq2P0UzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAt
+BgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAG
+A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1
+c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgw
+PwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RF
+Q0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
+dXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjAfs9nsM0qaJGVu6DpWVy4qojiOpwV1
+h/MWZ5GJxy6CKv3+RMB3STkaFh0+Hifbk24CMQDRf/ujXAQ1b4nFpZGaSIKldygc
+dCDAxbAd9tlxcN/+J534CJDblzd/40REzGWwS5k=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG5jCCBM6gAwIBAgIQMQJw1DW+mySa+FbQ4eKFSTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MjE4MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBGMQswCQYDVQQGEwJOTDEZMBcGA1UE
+ChMQR0VBTlQgVmVyZW5pZ2luZzEcMBoGA1UEAxMTR0VBTlQgUGVyc29uYWwgQ0Eg
+NDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALNK4iJeJ1vpBFsUBDUy
+IBSutNIxQMbNUMAeoUTKr55KYX8tkN5imzNqLaRCypYBPP9wED2AaO6e8njkbjzJ
+wLgPqDBkW9sG3kmi3GW6cF4Hwr5ysZqve/5EJDhV+9OhfTu/4dMnoR4Q41HcjMk9
+MzLOADAQ0awBZ/29r0d49AUmIKELNeqEqmnTN6fndL7x/2K0TLToZLxqS7sy/Jvi
+0wEFr0CfdjcAsioh7KaD+Jizyb1aRKQzJ6Q20VEHX7UqWc1SkzTkbz6xj0S5ydBB
+FQh0fNiy+qM/deVpK4HgmPSJrrpQZ+LlbHfWabmwoDPxF71QZVYiqrrAoUrGRJ+4
+7iLBiIg8miIYS7Hd2ppvAUt24CugMXUjETjQ+oYh09fNi5n/AvoER8UBvTHLxt+b
+lL0bvL+2z2YiUWk+2Qtn+dD+JU5Z2y71qV7+cr+4YXjvGzF5bYsi8HiwflTb4Php
+3y+k1twKtchdcq2QGc0eDG6Y01nRHUiyr8/PtMAsLHEPNZ2wzsA7fb8mftHiV20Z
+FmYqknJ8AIOfwdTVA+E62JayOJ+sxadqcmFDorsz/mrPwGZ8+txr4xSuvVjg0dlv
+0yuA+1YpBDIYNfL4bkX+IcZ1mTstL4Xw0f4N2iW3bBmnPnYmoYxMM8gflCiTgss7
+3nBvG2f7v1PD7BDGYNO4iD4vAgMBAAGjggGLMIIBhzAfBgNVHSMEGDAWgBRTeb9a
+qitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUaQChxyFY+ODFGyCwCt2nUb8T2eQw
+DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwIGCCsGAQUFBwMEMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUF
+BwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9o
+dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlv
+bkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRw
+Oi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQw
+JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN
+AQEMBQADggIBAAoFTnsNjx8TOQD9b+xixsPt7Req4wHMeNw/R5dddEPgQAQAYJZK
+z5BEv1cjGbH7nbPH3AxrxhN6OVH40p6OLIo9MXSrrfMzGs7/P+FTCjwgNxFEtLQ1
+KC9NboA3asJcl7mIs3l8h9iAgEH1zLUvq2s+5n++NQmbzudDsTFDMapY3kX1TwyU
+CTRzmItqcbsYIyg2MeIXWfRtqPqC5R4bufmpzA5BPINLX340Sp/CNQ9QZqw3Vkfy
+HWwTo+vO9Gm2L6srNamJT6Lb+TeXZvl8UPL5a72O/pH0GgGHjt6z9QzPARnaRKsh
+VWviNK6ST4WmZHllu3CJg0BXqx1vWyswawgvNeWt1qxITacYe9mSWTbNR2CftvTU
+werruDSY2jMaZPoNqbjUpuG/blYwWzzvVerBUhviAahPXJF/9V48ybWPBq6qKOEo
+kW+s3B4ad5sY96KlovEijaIQDip1HO0SD+rLNYaiBcr9MV2aK+DfbZ8w9BaNCQyF
+EYwzxIKOVk3bYvzHRk5ihUDascmbk/bkiNl74c/KfuKQmJImaqWoWZR6jBcXcPV0
+WUIKz/nILTpFhGojZEQW77by3aezAi9jrEIUBHRG1LwzPbJc2V3SOzYyaJFQatzu
+KZbN1Q9s9y/2x1QXtKwREY8jNgvx0iIfOK35gKgYJJcyDql4XfuEc2nV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG6jCCBNKgAwIBAgIQN9uaOAbXCsc+ONHf725RKjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MjE4MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBKMQswCQYDVQQGEwJOTDEZMBcGA1UE
+ChMQR0VBTlQgVmVyZW5pZ2luZzEgMB4GA1UEAxMXR0VBTlQgZVNjaWVuY2UgU1NM
+IENBIDQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCUtBhby5HZ4dxN
+stR0OaxF/QrC0FENJm59Na5LZzPwXqwTdaq1NJUZwMIrHTXavExQpGqzdqwIKNS0
+liyLkTT54vTs5VPh5SYRFtVAX9NLkY+fUIu2icOEGfwlPR6VlYp+kiR2Vj4OwYhy
+aM0tj66uaTCaAj3Rz99dN1s64Z1jw/wjckCLat/MGHL4crKuQErYyPfoK1s39BR/
+gXis0E2anvfmuyAZ3YDOsAyGKpPhEj3Dxuiz5+qpqJIePs3Vgylyx/ZIoJEH/jAq
+v7GbdVTsSfqyMlnyceF0pyGQ6Yzp1DkLw4Dg26zoOSckLYeICtRziSwzrMu3YLYW
+VB6h1r0Nw/hnuXMYt6WgLYekfxuwapwbntbw5gAJpK63geBp3Hj7bWnrPb8aLjBz
+eutA2St+Y6YodQ8PjbhUpaWVMGzz+c2YJK/xbxTAjWUPOdd8cNrM7ilaOrvbSaLz
+e7aPBFWZMpg1kOva5J91qSdOmS45DHyyfT4Xk2X/3HhFRLkKA/cdJaEYE1I/p0P5
+A2qFlMdr+QDx7Uar5Zvsbvrm0gn+MER1uq3xugoweC3iegHwQQh4YupAEamo1vPy
+n04r3WPn86rLjpe0OLFvlM8CQtvTWV6wOXy3HTnIh8gFGxe/0Wu3XYBtPcJXlBMO
+aV7NDi69LE9ZiYNF+wBZ6iUgVw3ZRQIDAQABo4IBizCCAYcwHwYDVR0jBBgwFoAU
+U3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFJoriiLWjQzAKqVvZDM/lmBn
+FR2yMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAjBggr
+BgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkwRzBFoEOg
+QYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmlj
+YXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYz
+aHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0Eu
+Y3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqG
+SIb3DQEBDAUAA4ICAQAmpZcT3x9evRVo7pAAsdyTx3mmtbOGWIAQFQRiW4po1Jx9
+9szSmymPrzDq0s1Lh7EL+sworQnNKEApLYpcFZ/ZeyjWPt+7D/SKGdjhFE9owf71
+hNiwWBWzMHZWE/1lYpISw2gbclDk6Mp1GkDQhRVXQL5O6uXeouxNiKpAXZj8QFx7
+Sk1kkuXewca4dFRTs9Oadec8ARnR+YzxhTE0p3m2rBkWL3zpNCtl+7zpPJm58eCc
+8Oxt7ib/XwoZKE/tKKZ6rcA+kBL6X6xeim+DwVqToJW24yiqVAI2JYQw1741fqm8
+lklFlkAoOTJTprMd3jIK2DKYvAXkZiAeY8eD85AVCJgC+DpD/0Oc3OpsP5kljGzF
+2rUYGLutL1a9Uxd2YCGkqnAym2f2LsBo5u2+Znk5YzfD5xPSWBrs9K5UtE2G+5B0
+iygvf+yl/+hcv4aN3zetNXbfsSArAR0ecdNkNtehXeVaFE7rIZUXFahzHn2cSOLO
+n4vjBWKRHJc4lvlqhfz1jaPrcxS0BxaJq0VNrX3skPeajbVSsPAjXXVDh9I5qjdG
+yMvAe5TUyUf752JKBN56Zi5mvz5ufbvULGcV4Frnwl2c2ySICF7KGIB+KGhGbgbf
+tN6PKXHwC3gvRw9yzFSq6Rdwh7U+3AkmDel0rhdZnMTx2JryjQF/AeBKwkfrUQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG5TCCBM2gAwIBAgIRANpDvROb0li7TdYcrMTz2+AwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDIxODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowRDELMAkGA1UEBhMCTkwxGTAXBgNV
+BAoTEEdFQU5UIFZlcmVuaWdpbmcxGjAYBgNVBAMTEUdFQU5UIE9WIFJTQSBDQSA0
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEApYhi1aEiPsg9ZKRMAw9Q
+r8Mthsr6R20VSfFeh7TgwtLQi6RSRLOh4or4EMG/1th8lijv7xnBMVZkTysFiPmT
+PiLOfvz+QwO1NwjvgY+Jrs7fSoVA/TQkXzcxu4Tl3WHi+qJmKLJVu/JOuHud6mOp
+LWkIbhODSzOxANJ24IGPx9h4OXDyy6/342eE6UPXCtJ8AzeumTG6Dfv5KVx24lCF
+TGUzHUB+j+g0lSKg/Sf1OzgCajJV9enmZ/84ydh48wPp6vbWf1H0O3Rd3LhpMSVn
+TqFTLKZSbQeLcx/l9DOKZfBCC9ghWxsgTqW9gQ7v3T3aIfSaVC9rnwVxO0VjmDdP
+FNbdoxnh0zYwf45nV1QQgpRwZJ93yWedhp4ch1a6Ajwqs+wv4mZzmBSjovtV0mKw
+d+CQbSToalEUP4QeJq4Udz5WNmNMI4OYP6cgrnlJ50aa0DZPlJqrKQPGL69KQQz1
+2WgxvhCuVU70y6ZWAPopBa1ykbsttpLxADZre5cH573lIuLHdjx7NjpYIXRx2+QJ
+URnX2qx37eZIxYXz8ggM+wXH6RDbU3V2o5DP67hXPHSAbA+p0orjAocpk2osxHKo
+NSE3LCjNx8WVdxnXvuQ28tKdaK69knfm3bB7xpdfsNNTPH9ElcjscWZxpeZ5Iij8
+lyrCG1z0vSWtSBsgSnUyG/sCAwEAAaOCAYswggGHMB8GA1UdIwQYMBaAFFN5v1qq
+K0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBRvHTVJEGwy+lmgnryK6B+VvnF6DDAO
+BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUH
+AgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0
+dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9u
+QXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6
+Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAl
+BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0B
+AQwFAAOCAgEAUtlC3e0xj/1BMfPhdQhUXeLjb0xp8UE28kzWE5xDzGKbfGgnrT2R
+lw5gLIx+/cNVrad//+MrpTppMlxq59AsXYZW3xRasrvkjGfNR3vt/1RAl8iI31lG
+hIg6dfIX5N4esLkrQeN8HiyHKH6khm4966IkVVtnxz5CgUPqEYn4eQ+4eeESrWBh
+AqXaiv7HRvpsdwLYekAhnrlGpioZ/CJIT2PTTxf+GHM6cuUnNqdUzfvrQgA8kt1/
+ASXx2od/M+c8nlJqrGz29lrJveJOSEMX0c/ts02WhsfMhkYa6XujUZLmvR1Eq08r
+48/EZ4l+t5L4wt0DV8VaPbsEBF1EOFpz/YS2H6mSwcFaNJbnYqqJHIvm3PLJHkFm
+EoLXRVrQXdCT+3wgBfgU6heCV5CYBz/YkrdWES7tiiT8sVUDqXmVlTsbiRNiyLs2
+bmEWWFUl76jViIJog5fongEqN3jLIGTG/mXrJT1UyymIcobnIGrbwwRVz/mpFQo0
+vBYIi1k2ThVh0Dx88BbF9YiP84dd8Fkn5wbE6FxXYJ287qfRTgmhePecPc73Yrzt
+apdRcsKVGkOpaTIJP/l+lAHRLZxk/dUtyN95G++bOSQqnOCpVPabUGl2E/OEyFrp
+Ipwgu2L/WJclvd6g+ZA/iWkLSMcpnFb+uX6QBqvD6+RNxul1FaB5iHY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDiDCCAw6gAwIBAgIRAPFVZjGnycu/NlCaWpIPalkwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDIx
+ODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowUzELMAkGA1UEBhMCTkwxGTAXBgNVBAoT
+EEdFQU5UIFZlcmVuaWdpbmcxKTAnBgNVBAMTIEdFQU5UIGVTY2llbmNlIFBlcnNv
+bmFsIEVDQyBDQSA0MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3Oad56Xl15SY
+nK3MmKcZUEu17k4jApQvPwTnGUqFxMbgDvAtxJtWqbKk8qvCOcZ/oCyrHkloS6Nf
+AiTDTV5bZ6OCAYswggGHMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2Oa
+MB0GA1UdDgQWBBTt5lFk6mex24xLv7WAJ5g/2CMeZTAOBgNVHQ8BAf8EBAMCAYYw
+EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwQwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj
+dGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2
+BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0
+cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjA8KoDpeqid
+slDXmfwHD7kr0XTY8rOdQBWMzT5uU7nPROEYLK00Dc9w/J4M8CGaLX8CMQDoaX4P
+os4y0yfmvRAPaFZxyJi1ZHaZh+G0dX7ggOEyMHmT0P57T6TjdfcBr1G/J/M=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAv6gAwIBAgIQCtLIkeyu89lwFWPsFKwUJDAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMjE4
+MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBEMQswCQYDVQQGEwJOTDEZMBcGA1UEChMQ
+R0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UEAxMRR0VBTlQgRVYgRUNDIENBIDQwWTAT
+BgcqhkjOPQIBBggqhkjOPQMBBwNCAASIz58YxU6CmakIJXWXxv9WntB33X8riZAA
+3Q+34HkXxg+3QALt3WNZfL2vLg5PR9+MmsWh74Af3rh5ar4Dr1fJo4IBizCCAYcw
+HwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFJFVkhfA
+cvrHAv4gYdMYh1Ib5znjMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0G
+BFUdIAAwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYD
+VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
+BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVD
+Q0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMFjk8QWPWP2ZiBtppqumXYpc5cjTjE9Z
+hEuCl85m7FFv64DiFpN20kHID/nrkwNNVwIxALa1+3QL5kM8o3VFXtiBOy51mg0Q
+wA1Inu3wBZYNCJfJZhJMNUtlolJgEElAycJcoA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfjCCAwSgAwIBAgIQdpAhff5d1sLEUCfF3NFaJjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMjE4
+MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBKMQswCQYDVQQGEwJOTDEZMBcGA1UEChMQ
+R0VBTlQgVmVyZW5pZ2luZzEgMB4GA1UEAxMXR0VBTlQgUGVyc29uYWwgRUNDIENB
+IDQwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQYZ2cR4O5tfdskg2NNo346Noyo
+enQjWhWQElTQQ+brmMxr5leW1AfpAJ9bsaUadsCJJnA5ycFITYjXfl/XvfPko4IB
+izCCAYcwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYE
+FKgtbYEyZI3msk+s/hHyZZmFE6luMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA4BgNVHSAE
+MTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9D
+UFMwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VT
+RVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEB
+BGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJU
+cnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51
+c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2gAMGUCMQCCX6P32oo7RiAIk1DIekZM
+nFGZwY+xJoZ5HyChGc1Ncuupnh7Ezukr1EnL+MyAhNcCMD6DlSMWE5I++OBvznnX
+1npjvntLcKogArAPjLglGGeymFt4U6pdy7/C0/miHCPuDA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDgjCCAwmgAwIBAgIRAKZyxVx1Z7iXm9Gpc3bygYswCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDIx
+ODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowTjELMAkGA1UEBhMCTkwxGTAXBgNVBAoT
+EEdFQU5UIFZlcmVuaWdpbmcxJDAiBgNVBAMTG0dFQU5UIGVTY2llbmNlIFNTTCBF
+Q0MgQ0EgNDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIluIR/57Gi+A/PBU/HJ
+Du+ib62ojbmgrFplMIet9FpKgUwqGkcPXoLXPsQqLGA7YjUgDDa7DVdchYDP7UPr
+bCWjggGLMIIBhzAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNV
+HQ4EFgQU5uJP1y+hutmLqFhNiCUY45Ku4HEwDgYDVR0PAQH/BAQDAgGGMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgG
+A1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28u
+Y29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5j
+b20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYB
+BQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20v
+VVNFUlRydXN0RUNDQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
+Y3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDZwAwZAIwOT7r0xcx8SFLchKn
+/QsiSWlCYaWoEOsaIK+dNrekDE1IvWGWzgAynhka7g08CiULAjBA518/JC2WTcmC
+lOsIDSQpVv/vs0CVFDGFdL27Dy9z3uBLs9blu8Du5L6IM6mggG4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG8DCCBNigAwIBAgIRAKoycu7aGxmmN/byVir07vEwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDIxODAwMDAwMFoXDTMzMDUwMTIzNTk1OVowTzELMAkGA1UEBhMCTkwxGTAXBgNV
+BAoTEEdFQU5UIFZlcmVuaWdpbmcxJTAjBgNVBAMTHEdFQU5UIGVTY2llbmNlIFBl
+cnNvbmFsIENBIDQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCVokk9
+uR1UAJRcNg1NTatsuxEwya7FpTRm5wcbSJqSLeUd5gjI2zHzwjaevHwCjN716blp
+iyvEVr96aGw2y+FrVo/0yr0+/XoK8WdkB64j3KmOdUttTTXERY1T1vXxvkZhchHl
+JvD/VVDIt/V/xg2iDpAa2N3SW0SNSyuAGqtVaCTM4eOEgVT1Nyg5VtQJVLujMrvv
+cW6+1W1rLR2O05FxQtINVnrblTKWotAitEv8yMe9qQr1Fz4sdyVj2cBwEk/zQLok
+JRCSw981Hoh5kwt4AVMSxjfeSRjx0Wt0C6ioRJ8WAfSWGNDZwnUWZ4nJrW2UWtdJ
+Z59t2VByBR3e8MlVTVE4pirg3R5lCCIzPhNLQm25Rap/a4m3+e9A+Jnjgfi3XzSB
+fd+gcMh1xBXK+YOOfbnZW4H8T1Ty9I/HKsUp/isLV8TJsFOLZCyuV14qVfi8jmRU
+0wYIK4vQRj2M7VxCyH4MPn6lgnyecIieL0b4gFNWhE2waH2gfigvpQWH6bQuSWIh
+l0PaRDWFavo1SNTFKdAVQDK7w3Iw3XzOhQnjHgU/idvqd5eaqa2G4VN1vV1pNirC
+LXJccKK49zDSS1IFMX9iQC4YFxc/BbWRndI3smg05dcYn7Di73B0EzFFO6dyg0WD
+r2N9G/8fgjv89biSARMNzjtg2XR2cLxdT8PAYwIDAQABo4IBizCCAYcwHwYDVR0j
+BBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFLYvVVqwyWAZ788J
+WtHxE51sjMkEMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA4BgNVHSAEMTAvMC0GBFUdIAAw
+JTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkw
+RzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNl
+cnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEF
+BQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRy
+dXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29t
+MA0GCSqGSIb3DQEBDAUAA4ICAQB7IGXk1vGM4J73d8UD3f71UqLxom42Icu/IP0V
+nrIRzbAmz+C++7Bir4mqkKWt89dd9ZlIK8Ez5Y97tDEEd2eICo6dTvy5JOxiYsWK
+iubpyqmW/K0xjUqutANMxxGXQOJn13RnI9OHSxNXng5OoM66O5Eq08vXdcQbXF3i
+qPf95g94OJVoyFwlmYiIMuV6cOCVNShbGKvFPpNB4p+7vr2FJ7ZeHEmiZKMXO8ex
+3Uq5j1riVT/4tCemFz7dSpaCkHJ0xj5Ayknj14+t/lwF7IcOdP9/15uDp8HkgNh9
+xXkFqF3wtLkidVvmmbvDmOQiLJL6Hj6MxwEwI7Cf4ZN/UH0eIra7tEgMP+mkdNtR
+K3tB4lQNLquWBr25PbzMiK5LfXPGL+odDAb/7mE1ClQtg28gohf+Ms9hQ4y2rZSG
+sYUgh+U++Yn+HlYKI26tl7qB6lFcQb6Prc1SELAEFob8yMFkZ3UnXXLRUkLeM50K
+WV9s5wu4Rn6Rzp722wdTQoBeaSxZ5bjmT3QerGV2GaRmuYjLxdYGZ5Co07DI+qEJ
+Tj4mbpHx/OiqD7tR9i3rHpPyTjpD6MhJ3U4EjZfd6UMWGMz3Zcw0tvJe1cLpNRX8
+yjTdSxF1/H7ni7/IHkK4trIBuc58YPbZXAfYTcPugPwQE6N7RcfQHA4McFX91SZa
+DskXUg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG5DCCBMygAwIBAgIQBHuLbQmxZWdCqKfBhpyfqjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MjE4MDAwMDAwWhcNMzMwNTAxMjM1OTU5WjBEMQswCQYDVQQGEwJOTDEZMBcGA1UE
+ChMQR0VBTlQgVmVyZW5pZ2luZzEaMBgGA1UEAxMRR0VBTlQgRVYgUlNBIENBIDQw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCfQj5WwXIGcoT7zvITdpnR
+8P7auxwyAmBFjTtOksiLjlXP62wum102dz70U1cvdWnrK3e32SyVHIvVVJRIeUIl
+q9cRj38gd/4t/e2etn+tpHUtL9wK5AIXs9tpIjEnw4UlcpLsVpLEiyc1Sc2XtwbC
+or7MMrOB4qVucNPF+GQHWi/Vnss5zLVzXlfuJ7A5Efx1lSeWvMkNDdHxxuv62yYs
+j+FEiY1IXjV1WyWxTlseJcazDUciw7LMK30Tp9smdONuPX6rwEVSTUiC3QzbwNaP
+4C1Um2yAEbdve4Ru/qURloHud5LkBaJTm2+MDJz+yHZf4g7lvKpbcKrf59Jg8h02
+sRipT6GA3cjpgB5RU5bnXFkn4kpT2+/P25HQFeg0lyKw8dFm864sn8a37GrWviOC
+TOCWtrrSxtvLvCy9axxgc9btrA596rMKrw2tpp42KPPRXHjaVqfLf6Wj2SCynFWx
++insGBIikpbxxOdrt4qGEDgVdSOCN9f3b6CgyTs7PD5KlUiei05Cg7sbX/Zi9DE0
+8782f4SGsZtyn4G/rMIqxyZ8SfyQZV17c+zNkttdy93iQv+IlNJGalCM56Mmkv5n
+gRtWJXzk0stw30tVWdRSGlRVxxScfcwEF1GcfVjuyosTSnEju61Qi9N5WvhqitIX
+J/wLzkppJc77xbQX+5tinwIDAQABo4IBizCCAYcwHwYDVR0jBBgwFoAUU3m/Wqor
+Ss9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFLYgDq6jy+lVAwYTZtSsvieQVGDzMA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAjBggrBgEFBQcC
+ARYXaHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwUAYDVR0fBEkwRzBFoEOgQYY/aHR0
+cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25B
+dXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDov
+L2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUG
+CCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEB
+DAUAA4ICAQAmUg8HhUdEzgbJQrk3G7JLuFyKJHWQ74FRHMFCorKd+h9TXoxSBOAo
+PZU5iIKv/mPXyhT+sh75NvlXr/N+d52Tx2HIY3IYWx82I0uaa0/tPKImL6ByJuqu
+mcvb2c4MqCfTGAi8kILbQt3WHK/idEiG2APMlq1YNoR3aBh7tc1rloxmQ5joEmrj
+wSoNA60AV2w9zEmi4KTYVZzsTjRgK8vh8WGQ4un3ZQhRYIVTdiI1J63kohIcpFTe
+fJyz9ip3C1Rjr5kink4bGlcxpRb1WjEs3OWhzCJSo7/ZZIIZu0pRsDKltkpNmoUQ
+5/4aIAEG9a9azLTKxTktcKOEJCOzdVIhNC/b6jrCFD7vR9v/dTI8zX9Ol1cK2nms
+k/uD5CZcvMZ6Rh/D7AS7B8dWODbN3nQPzucgdION4KHvJJe1G2SxDe+5MQO4CbwI
+WI5U+OnxKTP3vlJv2CxvP/+4Drf3hkp7YvVSZnmc9KlOeDvdC3Om9jNSw3njrEde
+foNq1eeeV89hCWKKdn05kpyitOiy7pTJJuDgVs64YGaSdQZG0E4m1bMSo13cQxYg
+J6EY3nagUJyiLzdMNuhbKlj2oXxjGLgUXYJJgSnnjqK7ldTbJDXK/qVX0gQSOr1b
+72T77sRtDcLsmkh7hYi6a+QwKARgmMLZjDirRS6ovWtH60yG2rkxBw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3DCCBMSgAwIBAgIRALsCK/mrS/IL9O0gFtqEn74wDQYJKoZIhvcNAQELBQAw
+fjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAG
+A1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAeFw0yMDAyMjEwOTE1NTBa
+Fw0yNTAyMjEwOTE1NTBaMD0xCzAJBgNVBAYTAkNOMREwDwYDVQQKDAhVbmlUcnVz
+dDEbMBkGA1UEAwwSVUNBIEdsb2JhbCBHMiBSb290MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAxeYrb3zvJgUno4Ek2m/LAfmZmqkywiKHYUGRO8vDaBsG
+xUypK8FnFyIdK+35KYmToni9kmugow2ifsqTs6bRjDXVdfkX9s9FxeV67HeToI8j
+rg4aA3++1NDtLnurRiNb/yzmVHqUwCoV8MmNsHo7JOHXaOIxPAYzRrZUEaalLyJU
+KlgNAQLx+hVRZ2zA+te2G3/RVogvGjqNO7uCEeBHANBSh6v7hn4PJGtAnTRnvI3H
+LYZveT6OqTwXS3+wmeOwcWDcC/Vkw85DvG1xudLeJ1uK6NjGruFZfc8oLTW4lVYa
+8bJYS7cSN8h8s+1LgOGN+jIjtm+3SJUIsUROhYw6AlQgL9+/V087OpAh18EmNVQg
+7Mc/R+zvWr9LesGtOxdQXGLYD0tK3Cv6brxzks3sx1DoQZbXqX5t2Okdj4q1uViS
+ukqSKwxW/YDrCPBeKW4bHAyvj5OJrdu9o54hyokZ7N+1wxrrFv54NkzWbtA+FxyQ
+F2smuvt6L78RHBgOLXMDj6DlNaBa4kx1HXHhOThTeEDMg5PXCp6dW4+K5OXgSORI
+skfNTip1KnvyIvbJvgmRlld6iIis7nCs+dwp4wwcOxJORNanTrAmyPPZGpeRaOrv
+jUYG0lZFWJo8DA+DuAUlwznPO6Q0ibd5Ei9Hxeepl2n8pndntd978XplFeRhVmUC
+AwEAAaOCAZQwggGQMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0OBBYEFIHEjMz1
+5DD/pQwIX4wVZyF0Ad/fMB8GA1UdIwQYMBaAFAh2zcsH/yT2xc3tu5C84oQ3RnX3
+MA4GA1UdDwEB/wQEAwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+YgYDVR0fBFswWTAroCmgJ4YlaHR0cDovL2NlcnR1bS5jcmwuc2hlY2EuY29tL2N0
+bmNhLmNybDAqoCigJoYkaHR0cDovL3N1YmNhLmNybC5jZXJ0dW0ucGwvY3RuY2Eu
+Y3JsMGsGCCsGAQUFBwEBBF8wXTAoBggrBgEFBQcwAYYcaHR0cDovL3N1YmNhLm9j
+c3AtY2VydHVtLmNvbTAxBggrBgEFBQcwAoYlaHR0cDovL3JlcG9zaXRvcnkuY2Vy
+dHVtLnBsL2N0bmNhLmNlcjA6BgNVHSAEMzAxMC8GBFUdIAAwJzAlBggrBgEFBQcC
+ARYZaHR0cHM6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEA
+fX+K2i5wcz2rPgZCHNYphv6XnpINfGC1bscZffzmBwq3nF5BZGwVbJQWTunvsC/E
+2HSZpjYBjqo1PWUYa0aHu1RVtRBimhLGq9ZtTc0sUIROGp+l4qnmVUVjudEdfQyT
+r+K9jLHr0DkAJBL9oVm4vZrA+W8/OF9UqeW/eiayX8/oooxFCWmlhj4fgeQKL//y
+wp2HRZkKSPWHLv1CChLC2me3yqySYIWiFZQzsO/eYO/xDGQOSyOh3sIXCoqHmsFk
+aMn5NVe4A+4r41A8lXd3dMlbf+vAhBd6YE7fcbExyz2nKxkFNtlnt1W8rLz6GK+h
+4uDPocrh1HrVpMZVPb4iSg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFLDCCBBSgAwIBAgIQB5JfJHDgvxS7XDqvLrTBaTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDIyMTEyMzAxMVoXDTMxMTEwOTIzNTk1OVowTDEL
+MAkGA1UEBhMCVVMxGjAYBgNVBAoTEUNyb3dkU3RyaWtlLCBJbmMuMSEwHwYDVQQD
+ExhDcm93ZFN0cmlrZSBHbG9iYWwgRVYgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDyY6CgLu4Z2dZJ6UFO0pIYoaIR2rBJ5IZWvpA60zGZqA12xDLs
+Sj4qC2QrvOOlCCmrek7dFdSan6CisCOVoxMRmULbaT/uW6qG0sqO1Z3zoW/7+yIw
+cOgqEmM5MRiPYw9rF4TZvsCVN+CA7yTxnpVahB79ZEq3mdHnRNpv2Q/oDVR8bcgc
+FFPIltFannIxt6G6ZKbuPUe4xD1/RPzFi5cTIC3/oIB2rNQPNU15wUQXTO5KMsdv
+NiIjWICBlSQeCbtYzOKC1M5cRR11TgtqUFxLkTL56fUXPd2ZwAJyrge/YCnuzkyO
+sgmfGdGId2pCR4Cxbh6FhjKvYk5qagejGNuVAgMBAAGjggHoMIIB5DAdBgNVHQ4E
+FgQU+jfnyb6nUW83iHdpLrOzArRnrLEwHwYDVR0jBBgwFoAUsT7DaQP4v0cB1Jgm
+GggC72NkK8MwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMH8GCCsGAQUFBwEBBHMwcTAkBggr
+BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1o
+dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNl
+RVZSb290Q0EuY3J0MIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRp
+Z2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwQKA+
+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFu
+Y2VFVlJvb3RDQS5jcmwwTAYDVR0gBEUwQzA4BgpghkgBhv1sAAIEMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwDQYJ
+KoZIhvcNAQELBQADggEBAI50mJcLH2XeRZ3FAyer1ANpP0EcJFvCBgdTPwR7HU5k
+RVc+Ra5eLUGhi+xE05Yoa+xB8M+JBP0YJNbpGhh3ARnypL23OkDyURFh3c7u4U+D
+m9n7oUcPCr1ktai5lKNcbt+ohL2sPZ7rBlq5P3l6smut44Y3Ds0izRXjIm7A48j0
+QZmHWDvuRfqE8ursaoo/Q4IzZ0F0JSeo100yi+h+4ojq7sRTW+eAHYq2ce6JmN6C
+zT8XMb15uqYPWmo3uaWCR4TUYrApTCPlXIoUJlPE+DDjgHSo5yf2Kur2CEkqujtJ
+WOwOa+tjsJq/tn272HNWX4pBEuFjvXIjxqJ6JAKbmRk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE5TCCA82gAwIBAgIQD38DVGa3gW6iDl6C+WqgGzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0yMDAyMjExMjMwNDFaFw0zMDAyMjExMjMwNDFaMFoxCzAJBgNVBAYTAk5M
+MRwwGgYDVQQKExNUcnVzdCBQcm92aWRlciBCLlYuMS0wKwYDVQQDEyRUcnVzdCBQ
+cm92aWRlciBCLlYuIFRMUyBSU0EgRVYgQ0EgRzIwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDXpD3oKXtheObTAQUn6vsu06w9kFI82Yhp8rQ9jMi/ca3y
+732TP1IB8+O/33QrnSTI8TZisZhU0uuUgtp7P9fMtWHggpincRVojrsFoBLiFYJJ
+HoaUi9GIJXp/5tc/Be41RMyjFHdQh3kRybrgE07lbKEI9r3aQzHKQ8JeR/UCWJJ+
+Y8bm3S6BdxkXNOvUG1y9CrNO0z4j4Hj5NyTPfP4Y1GrH07Mr4v5xDIXKlkUmKArj
+Xg/dF1AlN2/xCFBXWu4beAJdijc+oayBqBEPsEWXqvIFdXTZF8To4ti4JdYzBanv
+62SCBchQTmNoMfMBj3iIxkQimu2fEAwYYZKGfguvAgMBAAGjggGeMIIBmjAdBgNV
+HQ4EFgQUUlMS8cr0dJRxavWQz65Bnt5E8TEwHwYDVR0jBBgwFoAUTiJUIBiV5uNu
+5g/6+rkS7QYXjzkwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAk
+BggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIw
+N6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJv
+b3RHMi5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2Vy
+dEdsb2JhbFJvb3RHMi5jcmwwYgYDVR0gBFswWTA3BglghkgBhv1sAgEwKjAoBggr
+BgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgBhv1s
+AQEwCAYGZ4EMAQICMAcGBWeBDAEBMA0GCSqGSIb3DQEBCwUAA4IBAQCZ02A93DwB
+TWrsqBYbnAViXVBFVPJLj+KShLHiucI5zWbLJfWJNlKj9b++aOmIM3aKKbIPvMrI
+sJRBWoN/epPWL+Axpp5Ka7GK70HzOQfz+g82TXNAuH86Mhi01LqgHv+uMGHEZn1H
+YUkcxEvjSiCsUgzVKMrDaScytDGUip9jIRcjV7u1wz9+2zhX0WuEuG5bgTUyFICX
+DzkXoJCD5xpp8GtmE44KXugRjdzIaiFE8Afr/+4+EGPcK5ccT0o2qAJJ5molgNsB
+Q4r29hdh5XxuF3T3p0tnxD1BVcb8nf5TaqRCh5P2wSxWa+xun09bPQXh5MBiiX8m
+/KtGtJyc6oBm
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG9jCCBN6gAwIBAgIQcosJSKjKkO5firQBCPribjANBgkqhkiG9w0BAQsFADCB
+pjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVu
+aWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRo
+b3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJ
+bnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMjAwMjI3MTIwOTU2WhcNMzUwMjIz
+MTIwOTU2WjB8MQswCQYDVQQGEwJHUjEPMA0GA1UEBwwGQXRoZW5zMTcwNQYDVQQK
+DC5IZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIENB
+MSMwIQYDVQQDDBpIQVJJQ0EgRVYgVExTIFJTQSBTdWJDQSBSMTCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBAJByih+OKxQJ9CuSTiqX4O9ztuaBH/lqhYNU
+LXfLIBCA6NzHXNFEas3DJ08tdc/6/XVXO0Jhu23or0MarLHfUOqn8k2tnhG9zlSy
+tt8dJgGPyZ52bQgXHem2JfDt7pDGhyTkjh/17qIOO/bnAzPSzP5Ynfd6FhSnBQF6
+4sY90uLBKMRfOBu1Sfpmp9BfMg+R+bq3z+fxFjuJI/G2/Q3nqFiL3TptPyxhpPJQ
+Q6+lTjLYjCXHXedZWBcawqsiTJf6TwlV3HR1DmLSyVn5sD/WfNQr/Vav/9uKQnUU
+BBYd0NJ0W1WEolD6+ICGTWZ56ddcLWe1BXZfsz5CfvrR72MDCSObyG/1OB1TWi/M
+8NEcPCHjcqwrFY1ZAQ9fM9rvK6VjkI6b0m/HUlIM8BvjVlLsrqs6ArESl3t2sYS8
+iXMGGYQCKWBV3wLO/1fjJm0sxkZ1lANT4DIOXmkb3ZRDSl01zgDcijopSWyruweI
+Bi/n9iNF1reum5kKnerXxe6aJAOHea7a4UVlQ/nIo23IO2x4Vr2Qp4Jox2RIjRM3
+klc/nMe79qkbxIYiXeCKqrke9KcFHOewEwAiv5wQphImM7JOiU50hV73vJqu7xlw
+u4/oXgCeKWABJj8dXBILBbK90OIQsDTkk9hwHWAr4m14Vfzg2LXmpEiX8OJ7Naed
+HqTv5rTxAgMBAAGjggFHMIIBQzASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQY
+MBaAFHEVZ8jIyb11XXLQOBhqnfNxJFQLMG8GCCsGAQUFBwEBBGMwYTA8BggrBgEF
+BQcwAoYwaHR0cDovL3JlcG8uaGFyaWNhLmdyL2NlcnRzL0hhcmljYVJvb3RDQTIw
+MTUuY3J0MCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5oYXJpY2EuZ3IwEQYDVR0g
+BAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATA6BgNV
+HR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmhhcmljYS5nci9IYXJpY2FSb290Q0Ey
+MDE1LmNybDAdBgNVHQ4EFgQUDGqt6XtOhSb1+WZdFUymYtQ6Fc0wDgYDVR0PAQH/
+BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQB0XFon6y9ebx/ZW+CQkwRiVN0a+FF7
+gCjnQ5RkAqF3ZVasBt+OL0kC6AaLWKtqIdV59mE2Hn4eimgIDmtFRzu0YnfF5dFg
+1rK3n/VsSffVKq6Qme6pnruNBm/mFL2jc08ZN9I46DiP7LNT+Q7eHhcdwFvOlZbj
+4blcQq1i5ljgE83QejG13X1jnbsVV9JTTtbEwnkkH71aFO7ysUDtU0j/yLtf0v4D
+GZ2Vyi00k8mBYvg9qkbUIxv6IO++pfMj4jKEKWVdYxw09EzuWTd0YXbPX+X/kNDq
+ELLLJB8B/4E5aX7OHg6tuHPh+HE0BBaPtJWHOBvMUXQfWAgrPNVXcrH54dpgjwgA
+GLP5oWtsRJt3Wkt0lqAgpagSB7EhDtSXbbr6K7SUAtfTSmXcR6GotjYHnCfUcjfO
+YuJrOacZGq4d7g4QJHBjkzuvOm2ndxPkZQubN3FOhNi04U7obZzRtgG0XIfCBsvG
+wU/JPON9awKDVg9CUlJWTIhqBrcMATeB2hSeaMMaA4odWJCqCKU7pY/AJOyzeexL
+MhOQOutEf/iB4XVvTJ/2X722G/Aa3yhHAGfYcyvAtvtunaZHnbzXFW+2p3SDVsQ/
+Nyi8XVPByuphAx5okMM/IAlm2eUsv8G8DWDAytOoF/LaTdU1UyhprpFNf06nlvLH
+n8Edlh2T11YDUg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHPDCCBSSgAwIBAgIQIXB43OywqNsKFVzMlnhg7DANBgkqhkiG9w0BAQsFADCB
+pjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVu
+aWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRo
+b3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJ
+bnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMjAwMjI3MTIxOTE3WhcNMzUwMjIz
+MTIxOTE3WjCBwTELMAkGA1UEBhMCR1IxDzANBgNVBAcMBkF0aGVuczErMCkGA1UE
+CgwiR3JlZWsgVW5pdmVyc2l0aWVzIE5ldHdvcmsgKEdVbmV0KTEYMBYGA1UEYQwP
+VkFUR1ItMDk5MDI4MjIwMTcwNQYDVQQLDC5IZWxsZW5pYyBBY2FkZW1pYyBhbmQg
+UmVzZWFyY2ggSW5zdGl0dXRpb25zIENBMSEwHwYDVQQDDBhIQVJJQ0EgUVdBQyBS
+U0EgU3ViQ0EgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCWcf8M
+w2GfnFBZsYU0tB1nPreeMRWcvryKcn8bQ5BE37yem9z7Yp6NMXMBH99ZJM2zZErJ
+0EGjKLXiWwEt8CjmmtCATowryoyrsSbS8IukoNXYOol+IZNZQPpeejJwpu4iyCa/
+0Y/gHYHjhU2mdb7gr3lr6Y7Et2LkJhmAL/Q9VlBQ6k93MqkyrvRU2+jXvOA4htR+
+6pdnyjcvuYueFF937zADdydkqNeq/PWJtNwNLriq2nTw+YUcqSJWxLwiHASi7kWq
+wz3GmpOyEcnf9A+U1t73br+0TVtJJy5Bp78CUafs/cBq8r+AxkCBk4ApKQdDmQ5u
+LaeWXY7G2BkRIFDhmjaDwvK+biReQSQfQAGB6AX7cao6pTmS+MtpPIlLaA35Vbkl
+CE0GzbdQP9CXJnQn0goq1KIsmQRG8G+3mFzijSUpg43xd2FMKDm0Ff1pOsSNmOij
+v3zigLeYi0cWuL05DUu1NFfxY/OipZhn1w8UdBzFn6M7H25BbZXhzkIQSA1UslHr
+93W9eBECeIMEp8hgcGVLrpQHd8WVgEzyWCDfIBbY846o3aLvDQuLujbrMTEDIkc4
+CasGo76Ty9ZngrsfYo+jH70VPeabnbBiQ0YSyK02e33paDFkO8QkJePXC9T8h85Y
+bZC9j67QnCAPc5bt3+jxTUVousDItDRvBBA+4wIDAQABo4IBRzCCAUMwEgYDVR0T
+AQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRxFWfIyMm9dV1y0DgYap3zcSRUCzBv
+BggrBgEFBQcBAQRjMGEwPAYIKwYBBQUHMAKGMGh0dHA6Ly9yZXBvLmhhcmljYS5n
+ci9jZXJ0cy9IYXJpY2FSb290Q0EyMDE1LmNydDAhBggrBgEFBQcwAYYVaHR0cDov
+L29jc3AuaGFyaWNhLmdyMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggr
+BgEFBQcDAgYIKwYBBQUHAwEwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5o
+YXJpY2EuZ3IvSGFyaWNhUm9vdENBMjAxNS5jcmwwHQYDVR0OBBYEFEgyx6h+Ykqe
+BQDezpf6Uxvgo0z8MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEA
+hcFWjGkd0/UjpintV+sgJZmZ8KN9LP2PTTzfO2YnWL0gjECuf+V7C/MewyYo7pYF
+dvpN51CCk5K9R+xCm3L1l7mB99SE/OT/zRW99tBIXHJEwXQkdqVt+8hq44zNTJ8Y
+p2ROZsb1tVhBJ9+grbf5naeqhypDicDmh0Kium3Q8Nk2tx3QLEYfsqgu3t3O+jO9
+g8LZvPNMScrQoc6Q4nnRZwElGaQL4B/6iNGj9UO4M+1RNZvNAytiYHx48TGU1Hrz
+LhzjIYzMhGzZK2HhX3AohGW2WCrvhkv3JCRghanRHPzeja5xw8jDDdxw4Q5zbxRQ
+CyBu9IwE9NkBbOwQShEnrFXiQkUKTdxlyKCjIZQKl0p7kRuimIA/5fQ1V6aFq/KQ
+XBS5LicU5Dx7anSHm+ZEmUqYgK2H5EY+vgpnpGSVPkiN1LKYnuZk3CDxElfDvt1c
+AufCOjMo/gfBk2gYFA5rTYF9POCeoBk09P6QZP/XuJxLM+0zeSWYRuFLLe+Of+zu
+EJwEKSVzHxmykV9uAAluT6Ti5PeL1LBBu2vzVtz4BOHHreZBfPcbGxIy5fcizRWt
+6jrraAeVMeCc65y4VNbfeqh2QEr4ICmqMViZjeLkVZ0nmeHR0La47FF8GAlYm2h1
+XQCaeW+pD0kKjLOx1+steu72g1x7Jo4h6ww8ry6EMis=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDsDCCAzegAwIBAgIQLeNMWLAomwTlgs/tqNK8ijAKBggqhkjOPQQDAzCBqjEL
+MAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg
+QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3Jp
+dHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0
+aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTIwMDIyNzEyMjMyNVoXDTM1MDIy
+MzEyMjMyNVowfDELMAkGA1UEBhMCR1IxDzANBgNVBAcMBkF0aGVuczE3MDUGA1UE
+CgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBD
+QTEjMCEGA1UEAwwaSEFSSUNBIEVWIFRMUyBFQ0MgU3ViQ0EgUjEwdjAQBgcqhkjO
+PQIBBgUrgQQAIgNiAAQlVxVllvJS5BEjt2fXKNi8OrgYJX44J1w+6bpRDyCmPeif
+QBFSorxK/J9Kfkw+tnkHS6+9nnr8mcOOuW0iEbWmasFTO+nI34QBG9rGAahm9d3l
+vwRZf9Ah9v0BBhycgHOjggFNMIIBSTASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1Ud
+IwQYMBaAFLQiC4KZJAEOnLvkDv2/+5cgk5kqMHIGCCsGAQUFBwEBBGYwZDA/Bggr
+BgEFBQcwAoYzaHR0cDovL3JlcG8uaGFyaWNhLmdyL2NlcnRzL0hhcmljYUVDQ1Jv
+b3RDQTIwMTUuY3J0MCEGCCsGAQUFBzABhhVodHRwOi8vb2NzcC5oYXJpY2EuZ3Iw
+EQYDVR0gBAowCDAGBgRVHSAAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+ATA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLmhhcmljYS5nci9IYXJpY2FF
+Q0NSb290Q0EyMDE1LmNybDAdBgNVHQ4EFgQUwX1XA/N7RYLruyLDCpwXxqka0lYw
+DgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMDA2cAMGQCMByJDtYdR9ugu++vNzId
+LGstg42xyoRAV9cN7WqwZXqYsfeXVmq4Tl/HU3lWIqDOLgIwHOv8z3jhWTi+/Wxq
+xBOU9d6DyxvbdByGfMaXgLSk0RdvhHj8RdMUQkaHO7vEknwG
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID9zCCA32gAwIBAgIQAW2KnjaPE8IetCn0slsJVTAKBggqhkjOPQQDAzCBqjEL
+MAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg
+QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3Jp
+dHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0
+aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTIwMDIyNzEyMjc1OVoXDTM1MDIy
+MzEyMjc1OVowgcExCzAJBgNVBAYTAkdSMQ8wDQYDVQQHDAZBdGhlbnMxKzApBgNV
+BAoMIkdyZWVrIFVuaXZlcnNpdGllcyBOZXR3b3JrIChHVW5ldCkxGDAWBgNVBGEM
+D1ZBVEdSLTA5OTAyODIyMDE3MDUGA1UECwwuSGVsbGVuaWMgQWNhZGVtaWMgYW5k
+IFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDQTEhMB8GA1UEAwwYSEFSSUNBIFFXQUMg
+RUNDIFN1YkNBIFIxMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEmkQwIgXUIt7xz+Nd
+WVR6jSFpYqh2pXkJ+JBWPbB+JwowXBcRRdJBCe1gzRWVC72ELpiB2B5Op1NJQBKI
+97gHXks4DT3OtnvKRkXDwIh3MRxDvKu25tLkPziJ211Manqzo4IBTTCCAUkwEgYD
+VR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBS0IguCmSQBDpy75A79v/uXIJOZ
+KjByBggrBgEFBQcBAQRmMGQwPwYIKwYBBQUHMAKGM2h0dHA6Ly9yZXBvLmhhcmlj
+YS5nci9jZXJ0cy9IYXJpY2FFQ0NSb290Q0EyMDE1LmNydDAhBggrBgEFBQcwAYYV
+aHR0cDovL29jc3AuaGFyaWNhLmdyMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUE
+FjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDov
+L2NybC5oYXJpY2EuZ3IvSGFyaWNhRUNDUm9vdENBMjAxNS5jcmwwHQYDVR0OBBYE
+FLMy4iGg4FMbZtzQKnbMYznZVrwbMA4GA1UdDwEB/wQEAwIBhjAKBggqhkjOPQQD
+AwNoADBlAjBZ3AY2Aph/WnuR6qh/qpoYJaIatIVhukWyj+KRNxS3/9hYIcjG5ia4
+SbkZt9n0yp8CMQCkBFol/kAkxfYEM3hxWRPRTTeHuzVPGYz7C0uj0Os7dLAX33tj
+R0Ppetn49er+5dg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFTCCA/2gAwIBAgIQAvfh+YK60Amv9H3JV0Gy9jANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMDQxMjA0MDdaFw0zMDAzMDQxMjA0MDdaMEoxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJDAiBgNVBAMTG0RpZ2lDZXJ0IEJhc2lj
+IFJTQSBDTiBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL49
+9vplPYX4qjNjUI5QT6Ugcc8RjkWJFdcC2hMwvPbNQ6RLbjmvEBGHinnDlpBwb8FZ
+kBGWVv+Djnfe9825hBwEH2iaI0D6QpjEd6Rb5EhHVGjIS4IcumpKkd3Q9tQaWPce
+WB8TyC4H5XXPFRTR42t2K3qaZbdGPRp4PG3rsJLXgCG8M1cDVmi7cD9wMmji4kiy
+0iL5/8VWajm09SHrHC0GFk5wwiGO7njyJqTU3afYaf5oXh1eBa1iK0FeHab7Cujx
+E1afj/69v82GCigrUHyxNqnmypxpGz3vQ77HCY/jKvbYJKskqScBF/RGDE+SKuxz
+w/+N2E42Iy//QT8bjLMCAwEAAaOCAd4wggHaMB0GA1UdDgQWBBQGvaabYHlQMb7V
+qQJKoNCVU4svNDAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNV
+HQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRw
+Oi8vb2NzcC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3Js
+LmRpZ2ljZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDCB3QYDVR0gBIHV
+MIHSMIHFBglghkgBhv1sAQEwgbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRp
+Z2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBD
+ZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5n
+IFBhcnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0
+LmNvbS9ycGEtdWEwCAYGZ4EMAQICMA0GCSqGSIb3DQEBCwUAA4IBAQANZCJXBl6U
+B2ISUsgfnEc7dgLQM5X8vAOq1xlO5p2d70I1TCdnGM/+RAsrlHvQH5hyHq+7yqJ4
+YsnpvM8GHn+2WIXVgFzeUf9o0gcIN1h5SWDooMXGjdS42MUosuAsTH2reeBuNL4U
+MDJoTw5mIwTRG2Qi3z74VVTJvXRPJYJL+SrY9HdRH382YEAXK5go4aRMaqvXY/Ob
+TfGIL0tKLy1Mg5oaWa1SlNTgmar+gEsSGLuB8LY1yR7vIpLMCbJEF83TnCcqw8hA
+NRJiGhVFyRB75UDuSHQi5rveZupfzfAf6OayAEk5NjemjOuD5AgeXvnyl83rPOJ3
+wAx1cXMDxcLU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIQA9AT517bpcP1M+1TBmlVUDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMDQxMjA0MjhaFw0zMDAzMDQxMjA0MjhaMEoxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJDAiBgNVBAMTG0RpZ2lDZXJ0IEJhc2lj
+IEVDQyBDTiBDQSBHMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGObQczdhMoF
+VZP616qU3e+S3NkF/VYBFzCpYy+QfduSRn1Sfx8Sz7cWEWpzF74mHOe5Sg4GHfr0
+abz0ej5OEcSjggFjMIIBXzAdBgNVHQ4EFgQUNWxfJbq68Z65g8HIOERSDqlJv9Ew
+HwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGG
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/
+AgEAMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZGln
+aWNlcnQuY24wQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2NybC5kaWdpY2VydC5j
+bi9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwYwYDVR0gBFwwWjA3BglghkgBhv1s
+AQEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAL
+BglghkgBhv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAECAjANBgkqhkiG9w0BAQsFAAOC
+AQEAbDZlZ2oSJua2h7IJe9rbETBI7oZAAWclb/slcyht63nSbHPmrz+8EFamKKzL
+YzfGxrzEXkskisAKI+FLpUwHfqzkMY7lncw4eW77Hlw4XHqRa3ko66RrFEkx46mA
+Rs0B/FazL6JELL6/zVWAfDV/qjjemvuLbIUv9zSrxGdV3ypww9mjQWWzP9J3mh2M
+rQ5PRzXCDQQGK4RCxyKcWkVua/D+AbBZUlMXmPkPR19ArKp071F5/hSyLo/sAToP
+yL7TOMEBh6S186z7xWd88tTupnwio2JdM9Vu37lZ4cNKrQLfTOkE1fUV9u5Mg+uX
+sLcOYNmrGtWISXBAQXFngIV+ng==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEmTCCA4GgAwIBAgIQA+t8nxUtCnWuoXPYH+IVdzANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMwNDEyMDQzMloXDTMwMDMwNDEyMDQzMlowTTEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEnMCUGA1UEAxMeRGln
+aUNlcnQgQmFzaWMgRVYgUlNBIENOIENBIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAvS/qtI85q+CcUfzwTqOEVrGqPmwaCUu9qe9Lx2vlwoM4pkE+
+modVmAwJsB79UZy5W/rOLy7BKukhaTZSgOrSAQPEA539iMvl6z3eEeh+Gpkg3iZ1
+9lDp2b9FrH7DnaRgg/w1LDhcQUP5kLQkX25ivBMQFzcmjz1dKVRTypNu+TRi2zNZ
+ZXGJhuYPiStKAnvDElZvRAPk51etVJ7twoJdqQd5msKH2DR3QCnNkfhKjWdZorDg
+z6UeFp8HMbA2sATFM+u6nMnJ6rWeMeWpg7qonCZctuRBTnlf3qwnTV4Ds2D4Dw5E
+k1GcJsQnMUL6Zz83MlfTRaRy78CUriKv1t1eJQIDAQABo4IBVDCCAVAwHQYDVR0O
+BBYEFDGOZrFLmTYr0fUAGptJZTM12oAFMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY
+JhoIAu9jZCvDMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAzBggrBgEFBQcBAQQnMCUwIwYI
+KwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMEkGA1UdHwRCMEAwPqA8
+oDqGOGh0dHA6Ly9jcmwuZGlnaWNlcnQuY24vRGlnaUNlcnRIaWdoQXNzdXJhbmNl
+RVZSb290Q0EuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUH
+AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwDQYJKoZI
+hvcNAQELBQADggEBADjCvP2PaS45zeAE7RArKp6CdAHxp+Ox1hz3qXzi+7pPUTec
+/755leBD2JeUQD1AS54sxLdxjgscM2lEJcd6iCFk2yhg5H0mn0px+AbX/1Jw13fS
+/dnMJ1LYATOr39+4DjQ3A8SPiM2j4HW/jvl4+dIci1JFn8ougp0PNxm37fqDc075
+0FmZsTUc4FLv8huq9leEjct5L7xd6dO/d2iOmfqoRYPJUOv0VM0XJouD9mzPuzu5
+kvi0HNoY4nGs2OMgUoBE/dxMu1QZ6dCojf/EFbpxYL1wGqgf/rsy/Ps4Iah2q2HJ
+4jrkgratZWepUyAmyhyGjKlpc5udEwSfwOoLnB8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDzjCCAragAwIBAgIQAk4VX0UF7zVGGRpydmwtRzANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMwNDEyMDQzNloXDTMwMDMwNDEyMDQzNlowTTEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEnMCUGA1UEAxMeRGln
+aUNlcnQgQmFzaWMgRVYgRUNDIENOIENBIEcyMFkwEwYHKoZIzj0CAQYIKoZIzj0D
+AQcDQgAE1Gg3W5g+aSnGZYWYLxmKzeBL6dyM8wbMflIYxWT7gCewMMKU9KFEr7LI
+m3i8SsBAMCPvEfxUl318XZrpTlJ+BaOCAVQwggFQMB0GA1UdDgQWBBRs6jTu+TU+
+2tiO3pZn3SZ7hLNWfzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAO
+BgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdo
+dHRwOi8vb2NzcC5kaWdpY2VydC5jbjBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8v
+Y3JsLmRpZ2ljZXJ0LmNuL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNy
+bDBLBgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczov
+L3d3dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMA0GCSqGSIb3DQEBCwUAA4IB
+AQAEkeBuba2LijNZNpyARoyCou5mchmhuu4GGPANkDnqAl3gH3fat8W7fW8rPMHg
+kU8dYXrpw2xJt7nKmd1/R67+zsCy/Bevkaf1MT+cNcE8xBebgauj+YQYIEjKOj1V
+9rQN0l01BFmv4Ov6zflw0aQ0XBHHpFY9gFuloz9P/OKLrI0pDo/A9vIdFom+2ekK
+lsIEk99KCpfs04kvFNwn0AL8CFjAUq+GXPVJozGjOaDSKYzHIZVQAtV284t6La3L
+GqBY6W1jWdFybLhUq+7Z0xqBXIruuyrnpQBzx3qYVYtRLt38zLGnU6wQLo1vG7Ca
+IF1Vyoqbmgp1UVy3h1lqiA3B
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFDzCCA/egAwIBAgIQCxNitu5qnT6WiTDxbiB9OTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMDQxMjA0NDBaFw0zMDAzMDQxMjA0NDBaMEQxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IFJTQSBD
+TiBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANA1OZJJtZUI
+7zj4qFHT79g+Otks4TEfmUEDhrNKBEEjb/i29GBfnpvFdT36azCg2VODJRSjIzFn
+4qADcc84EmfKiDEM97HFsQPp9RRkqxH5cB51EU2eBE9Ua95x+wQp/KSdCqITCQ/v
+yvm3J4Upjl0wlW8wRCPCWcYw3pKClGRkNzVtI1KXnfpn7fG3N84n7wlBb9IGKJFa
+c/6+hxvZx2qnfLsxdIKR0Q/biGoU6Z8Iy/R/p7GoPO8vamV090+QHEL5AdSzKtEh
+U9vdvcuWjjLxVnaJLfj/6WoGZj8UWn3zFbEoTVaAfp2xqdzW7yRvi2r148m9ev7l
+jDqHo8UX69sCAwEAAaOCAd4wggHaMB0GA1UdDgQWBBQkb5E/iYeHDjLCQBjfxUzr
+T8hJMjAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz
+cC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmRpZ2lj
+ZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDCB3QYDVR0gBIHVMIHSMIHF
+BglghkgBhv1sAQEwgbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0
+LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZp
+Y2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5
+IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9y
+cGEtdWEwCAYGZ4EMAQICMA0GCSqGSIb3DQEBCwUAA4IBAQCzkcXq0TN0oSn4UeXp
+FBW7U8zrHBIhH9MXHNBp+Yy/yN19133UY05uuHXHaU2Uv0hxefckjPdkaX7ARso+
+O3Ar6nf7YfBwCqSpqsNckKT7KKtf3Ot95wYFpKDa64jcRUfxzRWnmq12IVzczqHI
+sIvUZQINw/UHSQcWekdUnMg58bQSHyTjwkj9jcX2RURxaVZkr15wxo/Z3Ydo2PVK
+3afEr0/vcuFvE7QeGXiI2DJdVt3JefatZ3rj4VTW2aUZwHGUiWWIUudBfQKR0JEp
+lJ8MFaKDh4/A2VEJnXILu1iwvc1m3jCaPuzZKdoHM/1234bznJI2aAfhfIhoHw90
+tPO+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDyTCCArGgAwIBAgIQCkyNTJEX18cfrd2TMrWvtzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMDQxMjA0NDVaFw0zMDAzMDQxMjA0NDVaMEQxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IEVDQyBD
+TiBDQSBHMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJ+FAVlySDcdoZHiLKor
+DvccWaxxN8lRH8/28VTZauCcYCKqg3sPBlZJz5V/f/3tj9wwf48397sda1UHDBDH
+rcmjggFjMIIBXzAdBgNVHQ4EFgQU+vAiHsE+mBhhh9tn/c5Go0JygggwHwYDVR0j
+BBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGGMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDMG
+CCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZGlnaWNlcnQu
+Y24wQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2NybC5kaWdpY2VydC5jbi9EaWdp
+Q2VydEdsb2JhbFJvb3RDQS5jcmwwYwYDVR0gBFwwWjA3BglghkgBhv1sAQEwKjAo
+BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzALBglghkgB
+hv1sAQIwCAYGZ4EMAQIBMAgGBmeBDAECAjANBgkqhkiG9w0BAQsFAAOCAQEAdbYb
++WqLYJOt64OqSthU+fdu+ysPZqk3FMpwyUwQwwHs489Z6xzTlMzrDH6U8RQaiTo5
+t+E23Yqfe5pKqLZP/LCmqy/jhU7XA2zMvLiDJ6jwweetaUiZFvnXBZNINFNJVr2U
+ljDyfXPg+Y5zUUD56x9LdhIZx81E/tWeglNXyaxZpxt86kTlBLaoqO1HCJK5pJKn
+q+DxwHEMWo7LDfQ7kw+8awM1LuE2oSDmgGIjDnFDS7shuyu5xF6IaW2qrpyAcZHx
+GapBNuPebxXH7FjZ5ZSIJrLBgO6hZIVRKWwnM+yh82wzu9f4/jc9csVdFbu9hN02
+UuCYg6Nc8ZgZWvzH3Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkzCCA3ugAwIBAgIQDTVsDF5hwKF0v0cky4GLhDANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMwNDEyMDQ0OVoXDTMwMDMwNDEyMDQ0OVowRzEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEhMB8GA1UEAxMYR2Vv
+VHJ1c3QgRVYgUlNBIENOIENBIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAtLVdJ1rPVPZqKcI8bAhz5+1N1I0c7hXh3gCfY0eJLzJD7H8tCMHN/8G3
+J6apZ8xulTdIrDQ/ibawzDghUSUcPEJlN4+9mq6ZYITPgboItpz1r0Ykkrlbm3t9
+Or+PZeDuYTLsQtSp9eTv0ahBifbM8BgTnAvU1vAHyizxCzGLqFWUfXFNz0Pp1m5W
+dopyQ/poKxuX6v+Xr3yg/U9b2NWMftAJDssWTLZAfj0jgPPrnCyXWlq+HOLsQkob
+QWEUd3x/RhtIHpkO8ZR/8tbfEA6iqtATKiBdNFi8x3xwVp8kWQ81d+yTp5wyOxM/
+oxPYp9tGj6TqnBzJlSPgWQ9RtYas0wIDAQABo4IBVDCCAVAwHQYDVR0OBBYEFLrR
+rCQKcw0OGhOyK90rFFjVRJ8zMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9j
+ZCvDMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwEgYDVR0TAQH/BAgwBgEB/wIBADAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUH
+MAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMEkGA1UdHwRCMEAwPqA8oDqGOGh0
+dHA6Ly9jcmwuZGlnaWNlcnQuY24vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290
+Q0EuY3JsMEsGA1UdIAREMEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0
+dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwDQYJKoZIhvcNAQEL
+BQADggEBAAmjaPTIm4xq9BxZL8W7eOLtO6FHgUbMcuvjSPpYVsG7IyUM+SnPAalS
+m4SyCJIBveJHLFWgwRIkNrw+fbH0Vq06mZyKBpkBwkE7BL9ySvqu0pA9a1T7a3XZ
+zM2dhajTKdZdu+cQD69zxpzzEKOMJQJxNWmSqrqqh2RkwETJMIR5SYpSwXI66964
+7hVueO7Kyzg2e5sTp2sXTviEYrcbjssasv9V7hvqxCTX2Ms+/cTimlp4+TiIegX7
+PuqFxT/IIH3gGJmgZ59DXGSXMH7dsZ+Qwe1zhyBbmL87UGs++7k0HRe8c3fwgdR2
+IrOj1iajz2ozplAWO0Gr81rG5avhKwM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDyDCCArCgAwIBAgIQDXXOldk6nIwv83/6D6A7ojANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMwNDEyMDQ1NFoXDTMwMDMwNDEyMDQ1NFowRzEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEhMB8GA1UEAxMYR2Vv
+VHJ1c3QgRVYgRUNDIENOIENBIEcyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE
+V6MkUMYY5mvvLvzZ2TvfKicjKILuyjq8sW3cyKbha/G/rPUQmZXRnGd/0JSvO2dD
+ipuKXc+UQbOOsp2yirJPKaOCAVQwggFQMB0GA1UdDgQWBBSvktn0tvk4DKY7AuzY
+bHa5VHeGYzAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2QrwzAOBgNVHQ8B
+Af8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8v
+b2NzcC5kaWdpY2VydC5jbjBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmRp
+Z2ljZXJ0LmNuL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDBLBgNV
+HSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k
+aWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMA0GCSqGSIb3DQEBCwUAA4IBAQCUpWxX
+Rxk4IamCa0/1e9dCUTWnF1YVrGLq9jEO7J3SfLmr2Cn9B2huup3xTkvQOzrOcemV
+9tWwm+HcIYUT+qrp1tdDLibwKR5Qogg8Reo2P+RPluUSnyRYIyjXJPyIC6oFxCqb
+nIbsHTTsj1TyTPAlrk6Tfs+uKjZvfxogZmqH3ReNDXJGWQxWU0bETK+7rhJRKP+5
+VyAlMFv5eTpP84tsSqK/1+IDRSaTMJT9ni//Dt6o8ItTEMgYP2gtH2eIBoBEz+xm
+qtNnd6NUMJLXB+OqOJvmHIzZmz79u8pfzuGbyC9s2vvGg7tRO1kmynCJcC41lmXJ
+8feUOvNoe9exM1/v
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFKDCCBBCgAwIBAgIQCYb4gC9/81s8m2BXYGyIajANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMDQxMjA0NThaFw0zMDAzMDQxMjA0NThaMEgxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxIjAgBgNVBAMTGURpZ2lDZXJ0IFRydXN0
+IFNlcnZpY2UgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkurxx
+yvCFnAGKxcOg7wCa2vG5vExnuA2EARGZKbc9howpqzCScELA6BIEyQQDFlhP2rgm
+3ayU8LNoOfw5GWpUS7vihvBXcQoNVEw9e5e4KN57d8YllX0RNOFLWCthhjECJU0K
+A2FbO5ry9VCqGX4ge6TNO3kGxHOkbI8QmqQQVEOII+T4icfjd9+YC4HF1Hyg+zu2
+XiY0WGfUBpSoRDVPuigRxb8S3dy/Zh4S2ckdv1FBM5bOe2+je+sQ8EQbNI2z66O6
+3j3c2nbptigey8FNGebSZiwpNvT/lIrbVC2rJDg55BrMahpLi4pQUKyyr0/flozt
+oH//0GNzGTPYJN8jAgMBAAGjggHzMIIB7zAdBgNVHQ4EFgQUhypi/tyf1LUxmgni
+B3pOw3dHYhUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0P
+AQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAPBgNVHRMB
+Af8EBTADAQH/MD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAYYjaHR0cDovL29j
+c3AuZGlnaWNlcnQtdmFsaWRhdGlvbi5jb20wTAYDVR0fBEUwQzBBoD+gPYY7aHR0
+cDovL2NybC5kaWdpY2VydC12YWxpZGF0aW9uLmNvbS9EaWdpQ2VydEdsb2JhbFJv
+b3RDQS5jcmwwgd0GA1UdIASB1TCB0jCBxQYJYIZIAYb9bAEBMIG3MCgGCCsGAQUF
+BwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+
+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0
+YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBo
+dHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMAgGBmeBDAECAjANBgkqhkiG
+9w0BAQsFAAOCAQEAdojUWZXS9qgDpPIR88iNEYEgggTV9ufeo1xC/mca4BVbOcPX
+gyaQjVfTSnt2zwArzod+lguBMDKXYuHPJAP25tfxadz2biVl5SSCPvph+VXtbgOe
+nKNHeG07r+4zIck+/RKk0Oix2I/twIloayZdwFmubfdUZYTZ5oSA/ZjRtIICgISI
+CctoEqzC8V2ALn2GvfIqeClTr5SywcKaDUi/ICQCLCMR2rllBVUDufQ6rK90d6qT
+vOHaLsfsKIrjtPHnSVkCTiPPHOpAkYv5a81nqN1KUdGoGxtFRY6GMlX82HkevNZO
+mZyWNDZjRba9Y1EfZW6WbXhnmZrZGDRAGa0BCw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID5jCCAs6gAwIBAgIQCLbeQXOBPZB2s9n9Qt0P8zANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMDQxMjA1MDNaFw0zMDAzMDQxMjA1MDNaMEwxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IFRydXN0
+IFNlcnZpY2UgRUNDIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEbtA1qwL9
+dWmA/a8HaeUJZURwAZ6DsiEeRwuVHGPWB8di5SurtGaZE8FzvojNshY9SsCiZNup
+fUFNa5JiUNmd66OCAXgwggF0MB0GA1UdDgQWBBRFaCUEGaasSPMN1aM9OIvyr6Kl
+ZzAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMB
+Af8wPwYIKwYBBQUHAQEEMzAxMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5kaWdp
+Y2VydC12YWxpZGF0aW9uLmNvbTBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3Js
+LmRpZ2ljZXJ0LXZhbGlkYXRpb24uY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNy
+bDBjBgNVHSAEXDBaMDcGCWCGSAGG/WwBATAqMCgGCCsGAQUFBwIBFhxodHRwczov
+L3d3dy5kaWdpY2VydC5jb20vQ1BTMAsGCWCGSAGG/WwBAjAIBgZngQwBAgEwCAYG
+Z4EMAQICMA0GCSqGSIb3DQEBCwUAA4IBAQC2ui/HFWOwuffGEFd+pftOJb2Tk0gP
+OQKwGvx6mcyylu9E/C/t66LnmBebPhZPoR00ZqSkmCfLBhr+df+QadLq1PRU5W8Q
+zvc658967W+aFCAZLYjjSKEz09D7vpTn7he3LbSR/6ZFczgXjIZVVOHXtEmLT+XX
+lY5/Hka4shXzMgjK16/1D0Gc7Inuh4Uad+roD9NHRn66tZCMUXRa7BWnb53s97lM
+nBDbUpJoLFNhL8EJNFMNMJccVd3ZoxXLSq98tHzWFMovmkw2L+Ru8FrSq2aPzCPY
+KZgU1KSKhF5cEmlog4aBbj+c18CTCttXwxYGt4neQA4CSWYiv+JmCw8S
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuzCCA6OgAwIBAgIQCnGMig0JdIKjmIXYK2V7CDANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMwNDEyMDUwN1oXDTMwMDMwNDEyMDUwN1owWjEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzE0MDIGA1UEAxMrRGln
+aUNlcnQgSGlnaCBBc3N1cmFuY2UgVHJ1c3QgU2VydmljZSBFViBDQTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBALWhYO0PraF9FEfCnWwhoZ3nO1OHOpqy
+WvILwzAYr+cB6NRJ9WUgjUABgZjFV//TuaoYUmAYnLc4lHfb865mO7HvPbtuZR8C
+3kyViT29ilNTmAuXe2iHw1uZbmk6MKJB24t60LSVnTPLLbFYHGgNp+wo+rHR4LJi
+8txpupRmAWzsdKx0YeNbg7gh/h02hP+t17JU/rmeiCDyJDsvqszkVKXD0Cd5oKwJ
+7zk9Vwc4H+aujr+GXvCTwmRF75/lj0e9ehK1DIZeLXiTFjpeWxtlB2m9Qzs1uDdX
+e4+2dvUklNuUbEh2W/E6TxHwOe79tae9S6tY2o4YBZSJofzPfK3cwQECAwEAAaOC
+AWkwggFlMB0GA1UdDgQWBBRqNxzsIaDsK20/PSnJJNhZyb/1ADAfBgNVHSMEGDAW
+gBSxPsNpA/i/RwHUmCYaCALvY2QrwzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMA8GA1UdEwEB/wQFMAMBAf8wPwYIKwYBBQUH
+AQEEMzAxMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5kaWdpY2VydC12YWxpZGF0
+aW9uLmNvbTBVBgNVHR8ETjBMMEqgSKBGhkRodHRwOi8vY3JsLmRpZ2ljZXJ0LXZh
+bGlkYXRpb24uY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNybDBL
+BgNVHSAERDBCMDcGCWCGSAGG/WwCATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3
+dy5kaWdpY2VydC5jb20vQ1BTMAcGBWeBDAEBMA0GCSqGSIb3DQEBCwUAA4IBAQB6
+RGkNFzRuygjlzLhJ25z+8fw+nwHO1LETgdi76vSgh6xut490ePhkmBkeLiHGgUsQ
+Sv9Fa+Sg0YDv8AU5WiQy8oX9fP2HAAT3+KdC1d7KIAigBBacZn83ctLKl/ywEvnn
+vsZ46Wza2g2ndc6Hh38rpF38mSoA08VQWyXCC46XbvUPI7JevHuW6kexYKKllOCQ
+GZKGPeatQmtoT778X9tcjhYx3NhbwhMX6MUYTIsZfTnk5dBx0Z1fDyhrf/Z/+E0x
+jywp0kKbqRhxmybLUPGA5xpxovVYI608mTQhtLE4VPr6O+QET0PzrkSTHTV2c12B
+h6X5kzIzTT3NXgfDiTKx
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID9DCCAtygAwIBAgIQA4DMmh0GJbgI/mcjT/pAnDANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMwNDEyMDUxMVoXDTMwMDMwNDEyMDUxMVowXjEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzE4MDYGA1UEAxMvRGln
+aUNlcnQgSGlnaCBBc3N1cmFuY2UgVHJ1c3QgU2VydmljZSBFQ0MgRVYgQ0EwWTAT
+BgcqhkjOPQIBBggqhkjOPQMBBwNCAAT1Sz+8wRBSH2RvQd4ti/u4igA/OGAFavLu
+1U9PrLbqud9N7nKpSdM3kq++8G3tG7zveBn4ANKnXZLKPie6nsRZo4IBaTCCAWUw
+HQYDVR0OBBYEFEPN+FFzFvD0yMAwMrecApmIWD30MB8GA1UdIwQYMBaAFLE+w2kD
++L9HAdSYJhoIAu9jZCvDMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zA/BggrBgEFBQcBAQQzMDEw
+LwYIKwYBBQUHMAGGI2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LXZhbGlkYXRpb24uY29t
+MFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly9jcmwuZGlnaWNlcnQtdmFsaWRhdGlv
+bi5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMEsGA1UdIARE
+MEIwNwYJYIZIAYb9bAIBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj
+ZXJ0LmNvbS9DUFMwBwYFZ4EMAQEwDQYJKoZIhvcNAQELBQADggEBAFCcubCzQSnY
+Ps1UMy3l+k/86S/63jH+XuYZIvHIrtFUSbBEd+SQ3qoKAE2yk9cJRwaqtyjZZ+XF
+eDniGpXiA4gUH0SrOTf85vfW/AAlN4vQybZY6VYDwvaG+Y1U3tf1ebsGojyJPLCG
+QKTQUXyKlFQl/Gr5pfr7l0TrWOkfJ7uLiJQIHBQtfS9QFVyVrZKXBWYWjAp5TvZj
+Ps4Z6vh1LZp7m4rbuTdmVGzNV6wezGkHI6prrfEDGm/ZG3RJ4HVh4MhezGUNe/ja
+qUhoz518opfc21CTqVDUhQjOiX88Vio+lkvNBAGDHII/VH6cG647kUrqK/3Upglb
+53ZqxfDVcLE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF7DCCA9SgAwIBAgIQNuiS1whuAwLW0pVNFhTiYTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MzA1MDAwMDAwWhcNMzAwMzA1MjM1OTU5WjBMMQswCQYDVQQGEwJMVTEkMCIGA1UE
+CgwbQ2VudHJhbE5pYyBMdXhlbWJvdXJnIFPDoHJsMRcwFQYDVQQDEw5HbG9iZVNT
+TCBFViBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMLRzEEEZA0V
+es4gougGSzeCPjPj43MM6+KfP09nis1RNyAFBj1op+eo/Ru6rpl38KIwO8/8g4X7
+2/65oDxHd6Yqp3E2t/THSHaVxyiEw1sO7G4CsVe7ea9DD+l/Q82ZKxaaobouR9Gt
+yTEAf/jnF4mExxa5jqaND2sHWkphGY0iCLxz/r+bY12fpnKMuMaeU2Vi1cmtqXeo
+elGmfeml3uSb0BbaCIdJw/2zgEU+hrpkbfiz2bwwN9i8s+oipzDTdYNBVUowh0vo
+igaDaNs4fuJqdUEUpDf2BtcUC7rxdd7AXrgnPDJR4x+t1GLKhmrndWbbdOeDinxA
+SZiflL6Oul0CAwEAAaOCAYswggGHMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvA
+nfKyA2bLMB0GA1UdDgQWBBSfLizQ/vjIUuVkNJ/9NWDKYTfoKzAOBgNVHQ8BAf8E
+BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBz
+Oi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwu
+dXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5
+LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcw
+AYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEA
+d1dl73D527K491wnx6fgtamqUw3gkBHh2zEw2PUqJLsh6io06QlwY1Osyw1+UYyd
+WuSqUElwaakFRkQSAf0iG/AW/wLggub09/UXGItGHh+zbUImUZ8TcU2FvJSIoe6o
+p5J4xQ+OtvJ2rik+g9REVza/f1oTdH+uBR6EnZgSrv074CJ6Nh1YM0YTfDJI5me5
+yqnHEum//pFQS9w5/RRPm36PKbPckb79K++yL1oZG37dNEFOQBEB/nJVb1wOkX5f
+OnH0HItDT4hRZ3ZG8P4nmh2I9OEdM1/XBrsdbdOdZ4S5DMh/DzBtzi+MoGeUkwVq
+6wKklwrTjjjIbwzvlDqwv/l0ujMRVrp0v+6DVXxmHX/3dkrBjDZeqQZb9DeCvIeN
+AGBQ5KOLDBnwXLyuL/nrBSr7j+NRE/BNEm/ZK1AHuIf+GUFKgw1DbXjoT/hzdVpZ
+7LlPMTO9r0Jp6nCArDWLJ/mLlTaJjICyVY+HUGDFWOhPmgJaf6VjpLvoag6vOFJU
+PZJQUHfD1/TZkAfQ1Aj6ascO05v/uYPZ2SHtLVkxTxWg5NJPZFLCjStmPzaxvia0
+dbjYzuoORBn0/nSyQNRh1EnnHrG2IHA29YOshdqDaTAjAZvD3eHzgR+B06lovMWc
+DBIg6LPUpBzXP64Z1FM/nCQqsAJUeMpBRUmo0stBpRM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF1zCCA7+gAwIBAgIRAPbOzfYzVQu5OuiqxUzioa4wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDMwNTAwMDAwMFoXDTMwMDMwNTIzNTk1OVowTDELMAkGA1UEBhMCTFUxJDAiBgNV
+BAoMG0NlbnRyYWxOaWMgTHV4ZW1ib3VyZyBTw6BybDEXMBUGA1UEAxMOR2xvYmVT
+U0wgRFYgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV65DbSyKx
+OEqEGlDPgbDN/N8R9zUn1gO5MAj9IeZnf+quUcdtgA2gAsh48SBaTfJQmpW9nU7l
+LHwIzMREt3bdNcdBj5LLQtpBY9B9S1uWB9EvtskWLI+YIEAPCooo06vxDdo4iXhG
+u2KyFnwt2/glZ4O7XVcdqL/gEMCl58Vr47TZ26CgfAFfVCLVZVXnlmIFDmS1rEil
+DXNIvPuoUQAXcrYlM2Kw58VuqMz0zgCocEF+GXnGfpcseZ9SHMgpX59hRRxI1i/k
+6qF1WWbEWhwRU6YkLclTETo0GxmFdUc9h27MaX7F4IwXOnB74Jkj7SCBbDL0tKi8
+9CB6ZpUnda1TAgMBAAGjggF1MIIBcTAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dib
+wJ3ysgNmyzAdBgNVHQ4EFgQU/Z4i+HrI6Hl+U31DmmHev9sPHQkwDgYDVR0PAQH/
+BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAhswCAYGZ4EMAQIBMFAG
+A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1
+c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgw
+PwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS
+U0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
+dXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAZmz4QCTho//gO6nGU0VxANXt8RnQ
+EMyYDw4Ym4L9gPjWF8d89+3OPRCfJHhR0KNwr8QKTWpp/EVwzfJWq0PSzJRrZIXS
+n57tDco1IVZHEn5sWHGo32xX/ttjvhg/8APwivmpZGPX7u7uySd3yWagVh0l7/sR
+IeKuuGa+lu9jCIkPFjy0Y5pmYT0SDbcyN1vpaBuYUYCEPGvwO9ARrqgCbj53uG9/
+pZtVLYO5RTZa7Yagay+ujD9OHuqtcHNWNW83QYuid1XZokwVTID4wHYcY0tBKIIj
+QEyQYARBgzgKnm8zLSUwIPhyTFs4CoXRBo7qR+HvSRY85V8d4s0hfXJEErsD+0vz
+ijmvut0RHYDn/BkwVXxCBvHBo985Z4IuyK9DQ6gV/B09bEQhxllAWnbWBRM3hAdW
+MsE4778KI6TDbRryjJLbQ6AvS/h2w0HODT3uSIObsnhDqWFbP7Y+iW4GkxVLrga4
+RnqYkcij1PYnO3OYQzR8bVEaSOqv7ON4Giy18oIcX0K9e+Qa+MW6+QkN8A0hPCc7
+JTKXyBZES+gRoWbrp0+AnnF5UdN7oBRCfkRDUZieuhA53hjWvI46qNu1Reu95ekG
+Q34PGG/Dyf1LmKdzL2d3bfpMBDi+LRXUkQRudLbFHqU+EPOxeCGnM5ByYyc8ml3A
+AKhKahHLhIzy2M8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDiDCCAw6gAwIBAgIQdCGSYf65zMt/wR6GHPrFZjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMzA1
+MDAwMDAwWhcNMzAwMzA1MjM1OTU5WjB0MQswCQYDVQQGEwJCUjEtMCsGA1UEChMk
+Q0VSVERBVEEgU0VSVklDT1MgREUgSU5GT1JNQUNBTyBMVERBMTYwNAYDVQQDDC1D
+RVJUREFUQSBTTUlNRSBPViBFQ0MgQ0EgIFtSdW4gYnkgdGhlIElzc3Vlcl0wWTAT
+BgcqhkjOPQIBBggqhkjOPQMBBwNCAATjAVqOncXxZtecTtCtzyeEYvHoR2mdvKhU
+R1in9GeR2XRTLS3V71Xj/Fz6bRP3htjlQ6Poj7VHytdwriAsiTCUo4IBazCCAWcw
+HwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYEFAKxT/In
+8Yp/pH553vxgZrzu374yMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAYBgNVHSAEETAPMA0G
+CysGAQQBsjEBAgJQMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2
+BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RFQ0NBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0
+cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggqhkjOPQQDAwNoADBlAjA1svvX2gUC
+ORzoUUdQW2nd/9JaHTBkjywzctAITFiu6T9rB/FVXhoYZwQRJZT9+VgCMQDr8oy3
+KWPjFG4rczMRfIYz7av2R/SB+ywEQqdjIJIV654jx5uM9pqwC8cAimWCzyI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF8DCCA9igAwIBAgIQA3eFCc1xJkPTTUzn3h60vTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MzA1MDAwMDAwWhcNMzAwMzA1MjM1OTU5WjBwMQswCQYDVQQGEwJCUjEtMCsGA1UE
+ChMkQ0VSVERBVEEgU0VSVklDT1MgREUgSU5GT1JNQUNBTyBMVERBMTIwMAYDVQQD
+DClDRVJUREFUQSBTTUlNRSBPViBDQSAgW1J1biBieSB0aGUgSXNzdWVyXTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZrZZ2xx/vy+ynpBYKESSxaJEI2
+7lAh9qsvlZlhbvQfZ0eoJd6esb3kC7/iIxVv0omPLKQTuxAQ7gsxN9pBJMZ1lJzU
+yhHxFR23/PzaYtw5LUks+zW3vqFvc3l4J1VBMI4Lardi9omASWufX/iKi2mP60oz
+tF94fRwC3Shza6WHWo4zQvQ7XONqQHeCwv0WA2OnTjQrlsXN0zxHE47gkUNhMKJS
+0NrudgUdBe7l85MQRAzPslWQ+opjiVrcsZX0tWr9Yfcntpha36P7ASVMzrWFVJiW
+3AeXSd6BSvtYZDi1jGTmo4q00Jp2Vsso3FjUo2QVGD2Wom+ozpHFxSBbmDsCAwEA
+AaOCAWswggFnMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1Ud
+DgQWBBSb2jn/cHhaO+cfqiEIbOrF//57PjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwGAYD
+VR0gBBEwDzANBgsrBgEEAbIxAQICUDBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8v
+Y3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhv
+cml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0
+LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYB
+BQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQAD
+ggIBADytOwwMGCS8ID8khjrItes0Ev1v5BObVWDySU/vw7/WkF+ylnF88AK5s2zz
+xRlFlIFmBxVqvzwJED1QP3w6m5btVnMuLXShQnvnVHNfn9HrKnhj58+Dmv9U+HGa
+OMVTy3WsvJim6syr6I2iGnuYan3JUNSnVxzx4hNyPHrldv09vmXkcvphDwRZWPeQ
+jREkE08SbQE6atxs3Ece2C1odoviA1MQ/UO21LCS+3bRTawRH/ly0jAFF0YeMzZ4
+aY/uw15pLkUsIBsGWCinajthJc8htUlz5HftEpxb+/akxWn4E/GiYmO5vEDLAV6o
+HouYOnxxsuxdOIBHc2Wmu36J+yp0JLCWwRw1QMgI/6cHN8pEODEa+10tGfBQkBce
+mG4sVYMh0FY9se9EZ+gSaCzZl3xk5eTNtriyRdOy/zY81AMb8E5tFowXL+ECWhGc
+A1BkAij/Og+2M/kejeGQ50qP9XGtohfyzKBD/v+XSa5CpnIe9ZDygTQ6ZZalPdOF
+6V5SLfpeKaHys+zbs5RF1g9Y6Q4ZsWDb+MvOcBkHrLs7dr0ziC3X3M9Zz/qPIXZG
+6n6z9PWeiFpsxNVBP5W6jW10rThjcjp22Ng3zZxB7gzgAMmSDJgACk0WGD7Btru0
+/tg9ii0C66DC4XdyW4mxZ3pTo3WNY3cgkVWlJ2W8Q8kyd97l
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+TCCA+GgAwIBAgIRAIvZZLBXSMLn5+v5b24HbBEwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDMwNTAwMDAwMFoXDTMwMDMwNTIzNTk1OVowbjELMAkGA1UEBhMCQlIxLTArBgNV
+BAoTJENFUlREQVRBIFNFUlZJQ09TIERFIElORk9STUFDQU8gTFREQTEwMC4GA1UE
+AwwnQ0VSVERBVEEgU1NMIE9WIENBICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQs8c2QfHYQuELtQaPTSPu4GdspT
+nFWcvYG8QaFRg/JOB5AUNLEHZ5YHuMVTK+EyRmVhKC1pXkiWS6N5Gc2OqXQwT5ka
+2P87b3JC+x/+iuKqZFYw1r4h8mbdhhnKoom0NloT2mBCajrxSyBqlfJQiSiikDPp
+9uXVqQoTpAji1Hd16ksX0h1VbRTj37eZdDedalXGdj+qTU54MseHQKAHjA0BUXM5
+igXOLIZNiI8BWOk4MZUv0LM+nBmI41I20Xuxi0TzySRAUB4ruXRnZhetJ5I7RLAn
+FCkJ3tLdqZVL6gaM2RbhrYQsqcpPC60YACPtBBQL+ORC4QthDiqqGNdJrQIDAQAB
+o4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFE2GLx9CyQxYVpZ43Nao2JdAspfKMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV
+HSAEGzAZMA0GCysGAQQBsjEBAgJQMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBABvvE1Ea8SepuFrIQWeKusHEGS9Il61mxZGaqPQt+eXFTBCt
+gCbKV7OIjqheJxW2SXtYRCULUFBgJWhAscwAfEZBKc+qqzheD9IfhEU/+mjPLNwV
+sGSmBcTg0u/u36d+SpOgyoeezYuKSYriQAa65mwOxQakOGeyPatENCICyezvuPX3
+aspim6ud2JlcTcYOqhSWmt7F46LDHWKaSiEzhvsEbszdnbWf5jaIQ6PPJee1BXKa
+U6NCL2mrrqqKzlS8X6TkWL0ZQN5x0y+MCJXbWBpm67z/C2TE2R9JHvsOlitH0vwH
+tgP/lmbm1Qxx9bldTzkx7jXiURzvz3sQdrt/snbC4kNrmW/IJPajKnbXoQPO8KX2
+MdD2KLbnbLSmHrmDSiV55e9boD5qRDTSE7nt4S/es3XbFPoH0b3n8SFr0tp1DEXZ
+4LE2BSccFLHNmqvsVWyZ9L/xOMOxokO3RG28YvZp2cYJctpxHpO/P40Ln4yhCVfL
+om5VEfFhfjgVGx+W/oWi55G3vw5SQ7RQZzpCIwWJFiS2WlNT1t8B4H9wWaJ74TlM
+Aplo8GM30Ko0SnfRdwktiJRaN8HISysaBMZyQLaaBWiIq8GqvugSqMsEuOZYAqUS
+HnYUqV9ZeDZpB6vcOB+BzbT1wvapn738axoqqWp9cSPOIREgpKxe/RKvJdZ8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF+TCCA+GgAwIBAgIRAILC4+1cI419GZH4pWlHDm4wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDMwNTAwMDAwMFoXDTMwMDMwNTIzNTk1OVowbjELMAkGA1UEBhMCQlIxLTArBgNV
+BAoTJENFUlREQVRBIFNFUlZJQ09TIERFIElORk9STUFDQU8gTFREQTEwMC4GA1UE
+AwwnQ0VSVERBVEEgU1NMIERWIENBICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36bZuv7VFIn964VeA9SyDE0H1Y6g
+YUpcIozT0baX8QCOUTqair9gm+R00TW+Xh7LDF4KgbBUklnz0Qo55gJmJwdbSw6i
+dTKAOIyfOJjAX+P49dnO5nuEOG0dcbLLMct6nSrSZceeWEpN6KvTuggp8SAiH7xS
+4yAdYs0MtJJgOfoXW6QmG9zIxIYMKxcc7fA+XjiloTjG2JXGkc8SPx/kyC8RQnhn
+VUL+ydSucsoGlgFBESZlCvdphmn3OPZ2kggDnwGnwH6YTIZTmBZqQTM/nVwgQh84
+LwHhwejwEwZSfb+nK1f548iWRvlmeQcKar+6/ulg+YdIEGMRhAs/YqQ2sQIDAQAB
+o4IBdTCCAXEwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFAPmL0/6jAxxYOfetGr9EE6ivDZjMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV
+HSAEGzAZMA0GCysGAQQBsjEBAgJQMAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNo
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBAE0jBwKn0yFlDeg16DlqgLRXEZ66tMl0LWVgCh6HDax27bLA
+b8DjlXFGlFHGg7prxNS/L4TKnz5DM7oXyvZK9l6XYH1l8GU+o/N/I12dpcgc7Q3a
+qSSnMXnO6LljOMLwAVbJ/NBrxYQlJO0ymoU548kz5C8p2BpuEK5X7wgYGc5Pw5HV
+U4Ajoi3ophj+qnLQj9iQV0/NImKd80a10gnkhFEB3lsEaN06rUnEhnuJzXBBSrd5
+/NCksHY8NScK09rhUn5ZOoSvXYag/M6rOs7iSGvcNHu1/6ipnH/scOT9q9Pbkl3h
+YY1mHdwWqG/erf4PVTIU40pPPghlO7QRHDT/vN1IFKDNFURvWls1LnuqDjglyqSu
+FyqN6BeJagW+Wj4HMy3jSN40mlItGQLXMUyFowEtolHH3L2awu2teUi1kR3nZpUE
+nVvE9ZlLX7ebZ7d2DNs4jjkDe3xl7qMWX0QjH/6guUpUTHh/y7iP135xfd7qbTqV
+B3AigDu10R+lxyxrpuXgBU2e1zeqb44wb3VaAuXNS69hcc5eHRS1t32KoO+3dDfz
+Co4pnjJArxFoIDAenNmf8zXgXYvSanIe7xFTjX/FnD8d465ndFQHWBKSdVfs2O3k
+eLCw10+my0t7pIPeTBOaI7/ek3/xSRTIIiF6zBX+5GJGOkR+6vXAFH5PYhyd
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjzCCAxagAwIBAgIQRpgPJDoqr328hGfxCO/KzDAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMzA1
+MDAwMDAwWhcNMzAwMzA1MjM1OTU5WjByMQswCQYDVQQGEwJCUjEtMCsGA1UEChMk
+Q0VSVERBVEEgU0VSVklDT1MgREUgSU5GT1JNQUNBTyBMVERBMTQwMgYDVQQDDCtD
+RVJUREFUQSBTU0wgRFYgRUNDIENBICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMFkwEwYH
+KoZIzj0CAQYIKoZIzj0DAQcDQgAEYmyFvdwZgaQY12ATxdd+zV58oiVc1IAM9bqN
+CK4xV1ZKAPQTpjXoMtxMRUU9He3WCVa8I/Mq9aQKy547XhCIr6OCAXUwggFxMB8G
+A1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBS8/ls4inTB
+L0pstFMDOfgMfohyvzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsr
+BgEEAbIxAQICUDAIBgZngQwBAgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2Ny
+bC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3Jp
+dHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51
+c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2cAMGQC
+MGY4bjYmlJ1Qnk6YNz83drEfzswokcPj/46H0LnpWm+U5NtclzObAjCjCgemaHqb
+BQIwRTyxDxX0KCO5Trw7cxZQx/9F7qwHTtzSfspT8vU1QcQJ0xepwKOQtuX17vEJ
+sJjs
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDjCCA/agAwIBAgIQE8GB/p6VMU6Y8XD171I6qzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MzA1MDAwMDAwWhcNMzAwMzA1MjM1OTU5WjBuMQswCQYDVQQGEwJCUjEtMCsGA1UE
+ChMkQ0VSVERBVEEgU0VSVklDT1MgREUgSU5GT1JNQUNBTyBMVERBMTAwLgYDVQQD
+DCdDRVJUREFUQSBTU0wgRVYgQ0EgIFtSdW4gYnkgdGhlIElzc3Vlcl0wggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR5e7/geqsKG45H07K6F2ET8MD1YfO
+7/zkND7rffxtL+C4+Fw+LHwAawMfd44jrFeFNZ2WEl7rlzukAgHUMZmx20tR1jJI
+yi+SE/ut3p6MKe3SFlFTRy3iI2HG4ON6TNSs7cc/2Pqdg65imY3WmPatLnDnRdMv
+ZiQhEAvpdGift689K7e3a1Uiow0WZIvO4R+flXhLBWqGhZomJe4zg1o51AvQpK+G
+sTlnI6EF9QdWWWNe7Y9rmUZQHB0WRRYYHEP+l15XN+c/4fDwnUk/AYKiwHjOvByQ
+0LzhXnP/isuMTRaAJflE/AFg+I0ALufqNi/xymNIHwkerqG4Uk5ITEpJAgMBAAGj
+ggGLMIIBhzAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4E
+FgQUOUgkhp/TN7VJcarIqEA0+GuHzNkwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1Ud
+IAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29t
+L0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20v
+VVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUH
+AQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3Nw
+LnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBACXwgw62CgUxbXeA2JKQ
+j7bGjH/mBhGQaBGua/oQSwf12ZiXV1n2Ede4RYIU4yc91LNSaSWMU3gdDdhSj0Gj
+KNe91qR3I9MkyUTLPgJp+e6sgtoqqVxwhFK5+gBFxGcfK+3JH3qcSYXEQUeYGp+n
+g9dzxrYQ/CAPf1yvosgfqMgKSQCEjOOFaRZA/BB9ckIdPuRPTamSyCkpRp5NfsBN
+kP9FGzB3kid5R9cYydFAo/pOWFVg11gYdQhOA1e25bh79/NVGK2TbclGPAmEViLW
+5iZ6WSlszcShibn13kSONzdrLNB5Ufx0uqBpjZ+xqfnazoSs6ZwhTx9kkcwGMaSD
+aIt/boAr46lEXwcCSU0qxhnCSPkyEwqG62cXG9S2KNHVysPpP4bPkKIi9Uxq9rMG
+f/45multA6r7yi0hNZO13HHsX1Qs9a3HIdyxkBSXfEgiZkmDmQHBEzH56zQq7NSX
+MqXfrYlOoLyYBDiz4asF3Ls8vO2KvwiIeKayjNxuln2ovvfx6s/+Y5E1IDrzFgNM
+oBNhPt7vYnkX53YDUJgr79JR7BPFQbsEPT8Tk4p+CSBVYBTyPzvdnAbYG0bBvGYo
+fIQ8B2HPceQR1Etsj5Y4PtMn/Jsv9j/wvdcYjR5GeaxkQi8wBD2bEYKh2nTkc8QO
+CRc9BafdXCWawjzdINqGWTQ7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDkTCCAxagAwIBAgIQIPEMUZavRenaqX5S1o0zDDAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMzA1
+MDAwMDAwWhcNMzAwMzA1MjM1OTU5WjByMQswCQYDVQQGEwJCUjEtMCsGA1UEChMk
+Q0VSVERBVEEgU0VSVklDT1MgREUgSU5GT1JNQUNBTyBMVERBMTQwMgYDVQQDDCtD
+RVJUREFUQSBTU0wgT1YgRUNDIENBICBbUnVuIGJ5IHRoZSBJc3N1ZXJdMFkwEwYH
+KoZIzj0CAQYIKoZIzj0DAQcDQgAEXnDAuJqX534THqMS0OSX4WCUp2IAQgkfI1GL
+S4X0tDLanStMGX4HSaOmERqVXWuagRX8hRWSKfxHRP3Ux9M0QKOCAXUwggFxMB8G
+A1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBQrPO8DdoBt
+tKIv6st0xxrVoWPHuTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsr
+BgEEAbIxAQICUDAIBgZngQwBAgIwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2Ny
+bC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3Jp
+dHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51
+c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FkZFRydXN0Q0EuY3J0MCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2kAMGYC
+MQCHb8U966XlqN56ZoHs4ROU3qR8xUwKluLfpPFp3RddfXXpyeGe0di+bAVTYV+e
+UXECMQDJvR3Gev0QwLxa0i+p31gedvAYTevJDwtxpvfFib1XVBFxtsUpxsjUvCyX
+EqDXka4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDpzCCAy2gAwIBAgIRAKaGCEpPZGzIv8x9UTU8mBwwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDMw
+NTAwMDAwMFoXDTMwMDMwNTIzNTk1OVowcjELMAkGA1UEBhMCQlIxLTArBgNVBAoT
+JENFUlREQVRBIFNFUlZJQ09TIERFIElORk9STUFDQU8gTFREQTE0MDIGA1UEAwwr
+Q0VSVERBVEEgU1NMIEVWIEVDQyBDQSAgW1J1biBieSB0aGUgSXNzdWVyXTBZMBMG
+ByqGSM49AgEGCCqGSM49AwEHA0IABNs9D3PQfMRxW7k1yV2doZqFN8Fgo+TezDRN
+g3UxfGYF/Zpo/J/Xe0DwMuBPVhVaMqyjBkX1loKEVV+lj+l8x/OjggGLMIIBhzAf
+BgNVHSMEGDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQU9fGWKEvm
+dS1YHEsiJDN3Ub1UiGswDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYE
+VR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNV
+HR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0
+RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8G
+CCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUND
+QWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVz
+dC5jb20wCgYIKoZIzj0EAwMDaAAwZQIxAODYW8bEwHWEEFDWBbe6wYZn92s/mL1u
+A/QUcEio7mwlUlvGJI9kDT4izSBrfVgmewIwJwFdlIHjwOMTbwvVfvrr28UJr+LP
+OFvELMSehplSO8u5B6h/Z6XWFQKVH8+ohiLn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF1jCCA76gAwIBAgIQXTuyjLLuLTnF7/EBRS217zANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+MzA1MDAwMDAwWhcNMzAwMzA1MjM1OTU5WjBMMQswCQYDVQQGEwJMVTEkMCIGA1UE
+CgwbQ2VudHJhbE5pYyBMdXhlbWJvdXJnIFPDoHJsMRcwFQYDVQQDEw5HbG9iZVNT
+TCBPViBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAIShIeqBiC85
+sZQE02CGWAnqg62JRTimY1xlLJmSIeS91i2YHRSnAgrLBei9Vx40KoFHaXY7O309
+O+9/JumBB1qUwufLhG7BB66GwkDZlK/noygHFfBTFhcP9l88dZVqGSWX4UR8qe07
+p8ZkJpND3S1eSNLyyiZYdf2lGp7QjfR3VII/SC2/Ve3l5kS0EgXKcKGTf8vDBayr
+kjbdeUGVbnS+hfaY+S64jbjajuoJmnLl6wAIEO1TTQF2ZF2sJ/k1YTzIx5yL3kHB
+oDcFYNtrEyj/0JuFPLWC6saIp/7/gFGDz9/mryppHTIrtWSAaWB9OhRjAlR20EIZ
+oNzbrn8ADUsCAwEAAaOCAXUwggFxMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvA
+nfKyA2bLMB0GA1UdDgQWBBQfshQpo2wlxu9u86N0nTqAG7B8oDAOBgNVHQ8BAf8E
+BAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICGzAIBgZngQwBAgIwUAYD
+VR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVz
+dFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUFBwEBBGowaDA/
+BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJT
+QUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAtazxqE5YoAUVEs0+tT4KNa/BSkBUL
+xsbOAnq3DuSY4z0PQjPY+JFoKLg+4AgLErlRih1k8PAyHW0lsuKKk1bSmnspLVyK
+bimSk4LNFSBQVh2mXB+m9yYtahL4+qGkvxMoC5viJxqJW6iWgKRhkgz27wblmwwE
+a6JlNcRy1p8J3JwM6five7+IrPkPRQElq566CTEF2mMj3EQqzzYHoUAj5MWI8r4M
+xWSxzrog7xKhN34QdDdOq1c4+3HJ+i0P8cRmkp9kxyMETEYwyIcANgF4fAKIo1am
++YXcHoUR+RLjkIyBfbgFpTWYOi7bhslPIxTljC1BkJb5MmPyrqvyJgZxrL2qYVuW
+KAeSUM/Olh7XlMC8AmBWxcqVa5mY7u6nMwCTqGKCAxlVwE0ri6n5J4oaOgCLBPml
+WioU4kzPPilD3BFoWUPR1X3EMXYF5SXfcrExl2vkAwIyl/fZK6/ZKcAQ/tTtb2Bn
+VljLKCoNYRntAQqp35xQegYZx6uduBbwgBkWnVPP945zIL/ypHuZSsUMBPx2ipFs
+ysXKRW3CCdzC5gdCI0qe3vNTn+nGHZDM/HC0VistV3r0p6dtWvu6b0ucC27m1hrw
+DhgoGjTCNsVs7N+QxlbeylUYe8FT4AJ8ov3TGXfBrk2X2JC8fFE+u+3V3oVnYx42
+29YkaTUgdvzwMA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFATCCA+mgAwIBAgIUXV2dyqOY67+42nvzko6YpHzL908wDQYJKoZIhvcNAQEL
+BQAwgaQxCzAJBgNVBAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1Bh
+bmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4x
+JzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UE
+AwwWVHJ1c3RDb3IgUm9vdENlcnQgQ0EtMTAeFw0yMDAzMDUyMTEyMDlaFw0yOTEy
+MzAyMzU5NTlaMFcxCzAJBgNVBAYTAlBBMSQwIgYDVQQKDBtUcnVzdENvciBTeXN0
+ZW1zIFMuIGRlIFIuTC4xIjAgBgNVBAMMGVRydXN0Q29yIElWIEVtYWlsIENBIC0g
+RzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjwcci4DrPCr5nqqOJ
+gEc6NVJQvCzJoPDSoG017s4FPpiJvcP4qUDPnVIV6aAYuSPjc6KuQJKKW8SWRXlv
+7kX2EyJZiW0YkP+Nd02FNWndX6Mcld1HyHAD4TzXUcx7SrETKDlVky+5pJCshoTY
+fr3OjRzAkotdEuAKxtULQkwXgvTCztwhSzeH9oOScQjnNUA43ZmPqK/JD58Gcz3V
+EEmKIml5kX+EYJpSTbFYMVjb3EWfMETr2OIkNW/OaiLGq2lQrCCXnM8hy44/xdrl
+rgYBE1PL2I3C55M7BoxOfOb0Y8+yEfGuTNYHpV/nOxfkA++Xhr1SVEG8EZO61+6A
+mEEtAgMBAAGjggF1MIIBcTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQSLtcp
++k2/5f8nTlVXhHOE/1CULjAfBgNVHSMEGDAWgBTua0k8ej8N47EJt4rIqxmfczNQ
+5zAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0lBAwwCgYIKwYBBQUHAwQwTQYDVR0gBEYw
+RDBCBgsrBgEEAYLXfwEBCTAzMDEGCCsGAQUFBwIBFiVodHRwOi8vdHJ1c3Rjb3Iu
+Y29tL3Jlc291cmNlcy9jcHMucGRmMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9j
+cmwudHJ1c3Rjb3IuY2Evcm9vdC9jYTEuY3JsMHQGCCsGAQUFBwEBBGgwZjAjBggr
+BgEFBQcwAYYXaHR0cDovL29jc3AudHJ1c3Rjb3IuY2EwPwYIKwYBBQUHMAKGM2h0
+dHA6Ly90cnVzdGNvci5jb20vY2VydHMvVHJ1c3RDb3JfUm9vdENlcnRfQ0ExLnBl
+bTANBgkqhkiG9w0BAQsFAAOCAQEASAX+NfVVoMY58O+QoAS+KJ1VCrgwiKlau615
+SA0Hq1Zd91fNzu+dIajjKNEkTBe7rXuzEHK0uYXwwV5Ka34KFvFzpCp2uOa7nuEN
+4cM7YmdSw4eLMzu+mYj/Ow7mlUcREG9F+Av5BL+wcerBe9ZeP07fh3S5fcVvptpc
+8udYn+mRBjxzHhC8PNXnvuzgYk0u2NtM8HF1vu+8VrRHq4IPIIXc0dYU8G6/DbVX
+sQTTJXPgj0m+Rsx2g0Sz4dDOvMg0IwXzLYhBBGPtDpvz4KLSQVaZey6ZL5gtw8o+
+TedpfbDnIrJwj1sn9gUzKks/n5efNsMST6RZTF4PmoH20K3uRA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHATCCBOmgAwIBAgIUOokaVU3hQpO4oQv6Q5usW9dMZrgwDQYJKoZIhvcNAQEN
+BQAwgaQxCzAJBgNVBAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1Bh
+bmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4x
+JzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UE
+AwwWVHJ1c3RDb3IgUm9vdENlcnQgQ0EtMjAeFw0yMDAzMDUyMTM1MTNaFw0yOTEy
+MzAyMzU5NTlaMFcxCzAJBgNVBAYTAlBBMSQwIgYDVQQKDBtUcnVzdENvciBTeXN0
+ZW1zIFMuIGRlIFIuTC4xIjAgBgNVBAMMGVRydXN0Q29yIE9WIEVtYWlsIENBIC0g
+RzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDruMVlXXT0z7J0/EUV
+NG3rSbDBAeo1wHtJGmH6/wzi1m5K6QePnUcTQ2uSE38nH58VucBmPrntrM21SDqj
+u/LA0w5Jz9oecAKX2Vg7isBJmOSRyj+j0kBpXU4XGgV7IXesFcr8Q2rXj0KVO3kc
+yMU3DJr4vExn9h2wRZRzMqjBHg/bW8fxRbzGZK6t+uSm/HelPFKpF7G16BV1Wg+x
+A4i3ntmUqsmfVo+ZnhuxAlRI4tll7OwfRvTnw4WwdINxgKqVE219gvHz/ugjO9jQ
+AfnxrRQItqn9Z5Gk8Wi4DK+HmXiuIQ+PfopjsmvgudJxTDxBFnOs2SGPG0Qpjhq5
+qYz/jK1+zitOId93sp8D12s4/5tIIQWB6OF0hHxSylFENsznGGkQEVt73ZvYy2tM
+lwwHxSfe7yccOM22cVLz/yTQNmEqGD+HTD/zttzh4M7F1it3wrKoKdLmuG6NcXbQ
+RTfDwVOlCAr+y6uIW1fx8uD9ACVeJ7KSM/zYGnGAArsRSAHKTuv7zbmL0fExKl/K
+6TN/r4IYqR3r/lbdp/wvy3tXhKB2ZrYdKgzhcpE5B1V/n4uMpBMldvXMxwtm2+8P
+M/GViL6zr/wRKQnc83tnkS9NoAFupOo/4Q9Q/XQRtVVmEbrCaLdrXlQmCWSSX4YR
+2K0vQfxqb2cuodZk6LelomE6hwIDAQABo4IBdTCCAXEwDwYDVR0TAQH/BAUwAwEB
+/zAdBgNVHQ4EFgQUyFAxysd52n/Dcefs9WmYoNoYVy8wHwYDVR0jBBgwFoAU2f4h
+QG6UnrybPZx9mCAZ5YwwYrIwDgYDVR0PAQH/BAQDAgGGMBMGA1UdJQQMMAoGCCsG
+AQUFBwMEME0GA1UdIARGMEQwQgYLKwYBBAGC138BAQkwMzAxBggrBgEFBQcCARYl
+aHR0cDovL3RydXN0Y29yLmNvbS9yZXNvdXJjZXMvY3BzLnBkZjA0BgNVHR8ELTAr
+MCmgJ6AlhiNodHRwOi8vY3JsLnRydXN0Y29yLmNhL3Jvb3QvY2EyLmNybDB0Bggr
+BgEFBQcBAQRoMGYwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLnRydXN0Y29yLmNh
+MD8GCCsGAQUFBzAChjNodHRwOi8vdHJ1c3Rjb3IuY29tL2NlcnRzL1RydXN0Q29y
+X1Jvb3RDZXJ0X0NBMi5wZW0wDQYJKoZIhvcNAQENBQADggIBABSCTEENpDqTqd+N
+4MxNjZvBUq25/4czSxcEclgnpoRBwe3SRXt+BwbwBZzi1BtmhWRUkZZ5rRxANGyK
+6/QKBYnizeBkP6KY9kE+BfOXrOKGbDW0pyZHm7UTF5rb42+526BJNxh38JMcTi/U
+gYwsNUarMTbN7qC5gU/eyF7H/FTwEFCyOsDJBi4ZfwlYzmd4RQORQyKtLXcXxjKm
+9sw8c0Fjv3PXOMhZkIbT/LlpGO5/w3DosrL8pm0tyKyZgTk84YIji9qQudAoFu7m
+YsXJdm7OuOZJbeySq3XKounjyJKM5JsQjCNNjd2ttBEO8x5/lp6fUcof+r89GWaF
+IhBenlimIvGNkiaqEfe1QOfQHq6MRdvX/9g18NU9wNTS4C4mmmkwVny0MfBP/Ktu
+zw80iv/6YpPcnc4FCATjuht6m/K/Q7GRdiHmKp13IkZmyVQOhMkDWI8uxXhjNiCP
+JKllQPox+x7DHNM3PYG+eL3IAN8gL77u6Xo6C+RCWJMcrSi6fHFwTbyZDIi5TiBf
+GIFv0XRA6qkuE1dcuPjpQGE/Ts8zjV7CMDOSNSCXqP0XdiTnsulmwhQ0wNq7aaJ9
+w1rrMV9daRhXJx1/GJ64bb+T5opIdDYSPK1KOnyhFEDxDkY1W3BQnO76N6oBr2dL
+uHZMrja1LQn96AJDhptSViwMLAO8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFCTCCA/GgAwIBAgIUKovf56gGbRis1wiRs49luaW2zVkwDQYJKoZIhvcNAQEL
+BQAwgaQxCzAJBgNVBAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1Bh
+bmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4x
+JzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UE
+AwwWVHJ1c3RDb3IgUm9vdENlcnQgQ0EtMTAeFw0yMDAzMDUyMTM5NDJaFw0yOTEy
+MzAyMzU5NTlaMFUxCzAJBgNVBAYTAlBBMSQwIgYDVQQKDBtUcnVzdENvciBTeXN0
+ZW1zIFMuIGRlIFIuTC4xIDAeBgNVBAMMF1RydXN0Q29yIERWIFNTTCBDQSAtIEcy
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+0aFtH0MDAbePMJkMSs
+TZt5ylgaiDcpcWJZZ9+63SEcJU+4uxQ7T21eppaxKMORlPfptBmrrTVEFKiqHSpu
+EvrzYYGiiwIu4VYnbOeADDvXKjVjRR+zyxabA23sMDzFB5SJmTjs9nKq15J/KJBm
+EonWBNFsp9uOMym+t+Y6Rrh/mashRirINkam/AiDdidizvoqEsWxJUWOeX/hQo8V
+KliK/TVReDhtIvDao3oRr6mEfEAmD8/Q2pMMGza+77F83uK8nW5ALpH97tvfKDpA
+In2hqH1+wRWp8ABG8S/U0OSJFsjA/Ja6M7zfhXnyZsPgW6/9gMzz/M95DIzztv6q
+IwIDAQABo4IBfzCCAXswDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUbnfmkaQ2
+RWuAssFeuiPz166OLJUwHwYDVR0jBBgwFoAU7mtJPHo/DeOxCbeKyKsZn3MzUOcw
+DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBN
+BgNVHSAERjBEMEIGCysGAQQBgtd/AQEJMDMwMQYIKwYBBQUHAgEWJWh0dHA6Ly90
+cnVzdGNvci5jb20vcmVzb3VyY2VzL2Nwcy5wZGYwNAYDVR0fBC0wKzApoCegJYYj
+aHR0cDovL2NybC50cnVzdGNvci5jYS9yb290L2NhMS5jcmwwdAYIKwYBBQUHAQEE
+aDBmMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC50cnVzdGNvci5jYTA/BggrBgEF
+BQcwAoYzaHR0cDovL3RydXN0Y29yLmNvbS9jZXJ0cy9UcnVzdENvcl9Sb290Q2Vy
+dF9DQTEucGVtMA0GCSqGSIb3DQEBCwUAA4IBAQBHcFle2YZwKDHesvAd7mL3tgdD
+nMgxtIvzn0CoTbsaHj9VlHuz8WTcVRo0km2ITLS/Rh+ecsVSdxW+519o9bJewjBU
+h6p3ggPmMn7n1L95g0gLDWd3ppo5nKdRuaqRX87Ig2MWdk67yZnvQ44PklnDq9O/
+z1ey9g2GxE++d6spHuYVHJwx2EkwTt6JUxus5+x42l1AXXLyfoslT8WG9WjRflBG
+9S2DPZW+yfCrEMvDYcF9XHGxpEubNzF+4IJ4ChIyDtHBjh5nulL6kXJdsKlZdyPo
+KY7M6rjyDMloL84kNMun9P3ZpBqk30UoEDxyWiym0ZERw+FR6T8ZU4HBjEQO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHCTCCBPGgAwIBAgIUU9wiyeK+6p9NvhHmhL70TYz3QogwDQYJKoZIhvcNAQEN
+BQAwgaQxCzAJBgNVBAYTAlBBMQ8wDQYDVQQIDAZQYW5hbWExFDASBgNVBAcMC1Bh
+bmFtYSBDaXR5MSQwIgYDVQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4x
+JzAlBgNVBAsMHlRydXN0Q29yIENlcnRpZmljYXRlIEF1dGhvcml0eTEfMB0GA1UE
+AwwWVHJ1c3RDb3IgUm9vdENlcnQgQ0EtMjAeFw0yMDAzMDUyMTQzMDJaFw0yOTEy
+MzAyMzU5NTlaMFUxCzAJBgNVBAYTAlBBMSQwIgYDVQQKDBtUcnVzdENvciBTeXN0
+ZW1zIFMuIGRlIFIuTC4xIDAeBgNVBAMMF1RydXN0Q29yIE9WIFNTTCBDQSAtIEcy
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtF/7DobnSBuk9jzr10wP
+VLCLfLoc5jqXsNQatCWPlGEEzDvI6sFdzbtO0RSe5RX9Yma7a4jCfmBFlLJ8qcqf
+ZLoXrW+0lfJ9zpZ5Rn35dM6RIQcE+6MWy9jbQTHNt6XUKZIFvDwHRvx5yPx2bxwb
+PGU1NjC2TsJAAuFcRHMB0cvqZ75gc9IBpqYDpEHn9v5LztSDrORzTONvJBbpj21H
++RZG/h00cqx369hfWnuFqQGCutZ1f24rhridB347iYyUKXmIeqnVtVsHdCcLQI72
+vuazjmZ0uYkJxbWFjombU3pbBXPpDv85BcvxuwMfRX86pa+yaw8t8jTSqjt64wpP
+VLPRKTRnxwKgJk5FImKbKAb4qegfsqhH63s6joE770R7yv0suJkzfeZRhSiSIi/k
+p96dJyfnSLSr2EQbHCb4uocABJcD3AtktLJJFDjRVgrFElEWaA4ImibxSj+E3FTR
+037j81hP0Tav4Q1bzdArp5CvmqBCjoImvh5RxIZlXkMCn+IPDbwyJMI/QnYMdKpd
+bPAqCxHpna8AfyDAYJ5czfqZ3tXtO/9uDG2A2eq5FdfzHvMFUePj/AzHrhRr+2fj
+Iz0c1Puz+/vqAuT+hO11yKnwqeTgIsMVXKT+8U3kAqdVthE63cgKr1vZ9bGVbmst
+D+sQ83AgRbKREh32ghvVjEkCAwEAAaOCAX8wggF7MA8GA1UdEwEB/wQFMAMBAf8w
+HQYDVR0OBBYEFH6ETY6gPUahM0lv9FDLc7pGHptEMB8GA1UdIwQYMBaAFNn+IUBu
+lJ68mz2cfZggGeWMMGKyMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwTQYDVR0gBEYwRDBCBgsrBgEEAYLXfwEBCTAzMDEGCCsG
+AQUFBwIBFiVodHRwOi8vdHJ1c3Rjb3IuY29tL3Jlc291cmNlcy9jcHMucGRmMDQG
+A1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwudHJ1c3Rjb3IuY2Evcm9vdC9jYTIu
+Y3JsMHQGCCsGAQUFBwEBBGgwZjAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AudHJ1
+c3Rjb3IuY2EwPwYIKwYBBQUHMAKGM2h0dHA6Ly90cnVzdGNvci5jb20vY2VydHMv
+VHJ1c3RDb3JfUm9vdENlcnRfQ0EyLnBlbTANBgkqhkiG9w0BAQ0FAAOCAgEATaCI
+L3lvYGA79q7+RBxeX/EZWN2sKXSU1qzHNAXv6LpBGxaFF9aOxRlYCeMIAX3gSdnf
+YBnBBP4j/+dm5z/c7NNbDzGoWqNM4BDuFKRphJX1VUK3xS7wyfm+TlUxRMwFREPp
+47StOZZBhru5us/OQuo06+e0+mKxfY33T7oaX+6KTg7XlxTFMWY88b8UPcnQf05V
+/4eqc7xu25/o2R1lpsH+Qijn3xyyAiZIZ+yW0lpPSpwuKjkoS8nC6YUnE1blHq7d
+tLbdrj2PQ3Bdkv7xoy7MxJdk36jS8IueoruRSg/HV0Eo7UpuXUhCtGAxraSKhBQM
+6n6C+i9IBVgAkUi5BlQynMg+CkcNjAPMziXCcJbg9oZra9tGCYf+uH2kKm/x5lb+
+P397HlOZmUSQOCHriH3Wc3LavxdfuoXYawi9u0q13/Q6tq9di/7E4VarhriN1KLE
+xSMOFsCC8Ghka4wdqWA6c5eBueH/crZN+026VMwrHGq0J01CmYpDo9ja7ZrIZTZa
+5n6zzNr9LOXZ48zFEjxKtevHrQ/PvTERzCwBG04004sULVDVSVOGnDkiKVQDhxJK
+k3I/PhJCRBYLncf72TKC/fiOZgle47yY+mvagAk68PCfKEGleG2nWQS/XBCoXNH8
+JOAZi14KMG1GuOroMo2O+ymQxTZmCmBRVDBAICk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtDCCA5ygAwIBAgIUAyceQb0WUHBWvCALxSnJ527lUS8wDQYJKoZIhvcNAQEL
+BQAwVzELMAkGA1UEBhMCUEExJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4g
+ZGUgUi5MLjEiMCAGA1UEAwwZVHJ1c3RDb3IgSVYgRW1haWwgQ0EgLSBHMjAeFw0y
+MDAzMDUyMTUwMjBaFw0yOTEyMzAyMjU5NTlaMF0xCzAJBgNVBAYTAlBBMSQwIgYD
+VQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xKDAmBgNVBAMMH1RydXN0
+Q29yIElWIEVtYWlsIENBIC0gRzIgLSBSU0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCml6/q3ABFnT4I21VCIKvikFJLQeSzUL4JDO6mnZKqq2jYPLov
+Sj39U9NgBX9s6VQsv+Qdc3d84XB5e86fFHX9Bd426F6An9j674hD62BOiCM47X/+
+vYeXwB4NxgTXysi8GKkZ6pK1ers9HESfNmVPQQ6tD2czJCsXc0qZBOICQBuf7XVq
+Q+8jTUIlt5FeQioZD8zkkahG4qlOwEyKsvEGqRTSkCS8eYEDMHn4XHSDwZhG0cbH
+YIhj1td2CORXRE9BJpQJns45Y2nvgrU0JzXahmFWkQFxQcoSeDyKl1l9cFw3AAG3
+L9xYAVKPJHFcVj4gQIhvlKeutIdtrc03lb0LAgMBAAGjggFwMIIBbDAPBgNVHRMB
+Af8EBTADAQH/MB0GA1UdDgQWBBTPIaxxkH5F86mRh+HxloFb21MGiDAfBgNVHSME
+GDAWgBQSLtcp+k2/5f8nTlVXhHOE/1CULjAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0l
+BAwwCgYIKwYBBQUHAwQwTQYDVR0gBEYwRDBCBgsrBgEEAYLXfwEBCTAzMDEGCCsG
+AQUFBwIBFiVodHRwOi8vdHJ1c3Rjb3IuY29tL3Jlc291cmNlcy9jcHMucGRmMDgG
+A1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9jcmwudHJ1c3Rjb3IuY2Evc3ViL2l2LWVt
+YWlsLmNybDBrBggrBgEFBQcBAQRfMF0wIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3Nw
+LnRydXN0Y29yLmNhMDYGCCsGAQUFBzAChipodHRwOi8vdHJ1c3Rjb3IuY29tL2Nl
+cnRzL3N1Yi9pdi1lbWFpbC5wZW0wDQYJKoZIhvcNAQELBQADggEBAHkbBjWJd5DO
+Epxt2DCalJbcLmQ4rcXXU2R5UpFcJOIwbKKzQK4MPS3A5OJMJsf+XojO2m8Sy6hO
+jTQ+SoeNQnhLRtrPqxUydEU/b+VMtueRyakMrNVVQ4pQtEsg9aakd0RsLRNyCHCm
+Ypz/8e4XBXMpKTV6aHtqFi0sUD0ilZyjvZfnbDjui0LdiDrbgRHOmtgQjqbg6nbB
+2zaRzEGp4L3+F2Zj4BFOvw8Ke5Jmm8QzJgSSRMGeZdDqadSDmmUj56pt0G6XAOkz
+w/HWg/0IYyKGVZz7JRK7+9nlyrc/9UCvratN+2HdINZ4WCfuuXvo1eQ3kGUhzei3
+XPK4J184aMI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGtDCCBJygAwIBAgIUKd8+ev91BJb+Sq7jUZ78U5Jxs8cwDQYJKoZIhvcNAQEN
+BQAwVzELMAkGA1UEBhMCUEExJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4g
+ZGUgUi5MLjEiMCAGA1UEAwwZVHJ1c3RDb3IgT1YgRW1haWwgQ0EgLSBHMjAeFw0y
+MDAzMDUyMTUxNDVaFw0yOTEyMzAyMjU5NTlaMF0xCzAJBgNVBAYTAlBBMSQwIgYD
+VQQKDBtUcnVzdENvciBTeXN0ZW1zIFMuIGRlIFIuTC4xKDAmBgNVBAMMH1RydXN0
+Q29yIE9WIEVtYWlsIENBIC0gRzIgLSBSU0EwggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQDUU7/pB/FBhxHxIV+Q0YSI835tId8kERvHCPj0AV5UdrPKt1J3
+gXh4XFLxg5HkLKOBCpF+FfcNgr0H2nhvkFtl3vm9VYF28rcL79fbhGrQYn+Z5tPu
+PT0ETjk/D/OZaJzomtq45VjWoeXMWAmlYbFkQXPLn8Cc0B0TaGN548D3elfQrjp1
+4u3CGJVk53VJaW/hT7bg7Vsq79d276OldS2eLx+S2v6YfiPQhCzjyKRqCSCe0x6H
+WMEYZAh/YVuWpv9wpwAX5tvp99MlcpjQdqQ0u1SygrzY8eQ3e8j/opzPqyiS7/R0
+q6QZxGzx6j9cjkEH5h4yhBDjS1NS/JvDWpnyzo43OaZzQkXQLL2qQ+IxgkSieWAj
+n0jIGwlwXePhv7JdVuIUYNRFSzqiZsseD9UtB9+ThpCdUR386ELacqhOlLTiQk1i
+KQavWfHfTHtLzvYL6+tf7F+Q2l5H/yn3o+MXHoVInwsRGmWiwMyl86UKCsBvrcFG
+/9P6CiO7WvUqmNiR3uM1tzIk4e3aqvEvB+PLWXQuwnKohfu5FknEhDaYLLCxMgSx
+oWoBWl/UFbU3aVGFJUxXLYRhXT0rS63K0zOxiF7SyXslMmEcQFje1c4r6EEaPcEY
+A1tXzwwS/2mdAZli51QtY3po75bAIJmjscgOxlImwW9rWVrIsv4JogWKZwIDAQAB
+o4IBcDCCAWwwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUG4mXQQQjqKMc8/5x
+VtxbV+1cDYEwHwYDVR0jBBgwFoAUyFAxysd52n/Dcefs9WmYoNoYVy8wDgYDVR0P
+AQH/BAQDAgGGMBMGA1UdJQQMMAoGCCsGAQUFBwMEME0GA1UdIARGMEQwQgYLKwYB
+BAGC138BAQkwMzAxBggrBgEFBQcCARYlaHR0cDovL3RydXN0Y29yLmNvbS9yZXNv
+dXJjZXMvY3BzLnBkZjA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vY3JsLnRydXN0
+Y29yLmNhL3N1Yi9vdi1lbWFpbC5jcmwwawYIKwYBBQUHAQEEXzBdMCMGCCsGAQUF
+BzABhhdodHRwOi8vb2NzcC50cnVzdGNvci5jYTA2BggrBgEFBQcwAoYqaHR0cDov
+L3RydXN0Y29yLmNvbS9jZXJ0cy9zdWIvb3YtZW1haWwucGVtMA0GCSqGSIb3DQEB
+DQUAA4ICAQBdBLd8jQGkQiO0VsRenHA6psdLwCLF45wm8/yRzt1vksBByy5RATfj
+OdzZEXC3rMe6Ll2jl4HQ4BrmcZ7aRsei7FwHfGU2ekdgtSehO+NwaMaNY0j9Sg/e
+FKQABrtY6gmC7X0/jbZuH9a7lvpVGLGvdMk1+NSlTlQqERjxsFVetGpiP4pzC9bQ
+gD9JycO9dQRCy/gfA0PO0XNsqEArjndhU1+IxwTFSbxizdFYrgh7y5nHAxnnQzFd
+xQ5cFz13bL4e4zhmfYTDVTTF6vCG5rxDZYr+WYUJkOFr/xZweundGzoDgW0aMG1V
+L9xzCIbIVuSPUDC0Ym4a4WU6wb/wSvcN/ITPKZBFIr4KNoUQNdJZGTIQwRQO+ua+
+Mnk2KYtJUGa/28MEw8tBKgEyYkptzFT0gojMeO7op3UpTLuNECrecmGYVfIo69X0
+Ln19AFE2L4Jvmi4P4pwF2xEbtQyTtzh7j9aw66VXP1dfHO7PTZBHjAzBimLkE1zT
+cO8sr56i8cM/cJErVWSomEgiNsyWqDBrfVY+fSg84VTST28yY0wkB/O2ock8VlQ5
+yJn/iVzBEm1GdnklpGASffsHBPIKWaKWS4d95WCG0cJ+8RRxTazdiWILWgbbKYjk
+KCqkp4JGEbkmC2L753wYoSFCbiTF9OPaUD0b6ax9kscLxTZ9+ocvoA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtjCCA56gAwIBAgIUIkYvfVtKEOOpNHBTTXF6pfTWoj8wDQYJKoZIhvcNAQEL
+BQAwVTELMAkGA1UEBhMCUEExJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4g
+ZGUgUi5MLjEgMB4GA1UEAwwXVHJ1c3RDb3IgRFYgU1NMIENBIC0gRzIwHhcNMjAw
+MzA1MjE1NDAxWhcNMjkxMjMwMjI1OTU5WjBbMQswCQYDVQQGEwJQQTEkMCIGA1UE
+CgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMSYwJAYDVQQDDB1UcnVzdENv
+ciBEViBTU0wgQ0EgLSBHMiAtIFJTQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALEVKy+loaptP8EfBgK6wq3gxIFeDA1d319wdoSPapIKLD5Ls/V3yAsA
+zdK/MTGOcgHCwRB8B0G3LPhglCE0kdDSlwU25uBm4KayyAiWd2fouMJScXAy2T/n
+WlpUPNoVjioy7pGoliNs8taeZZ5fdg0cwkszmitHlRItZHHwi8giOekkO2pcFFmq
+gKrd9xXCNZjxg6GXFqlexpIVMgG0wNMSPkGy8z+8kXND9wCQ7uTBwB6rgoz4nNoq
+IjTjZ0iHqOwSyTR4VRZPemkQJtEXEtUeEAIRQxH4L0i8B8KdMA+2f5ue3K/RZsOy
+cOy3OILEDfSfPeOHSbBGg4EiSWdOHaMCAwEAAaOCAXYwggFyMA8GA1UdEwEB/wQF
+MAMBAf8wHQYDVR0OBBYEFBLsHpy0/8MkF4ue8Lxw1R4vYHRXMB8GA1UdIwQYMBaA
+FG535pGkNkVrgLLBXroj89eujiyVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwTQYDVR0gBEYwRDBCBgsrBgEEAYLXfwEBCTAz
+MDEGCCsGAQUFBwIBFiVodHRwOi8vdHJ1c3Rjb3IuY29tL3Jlc291cmNlcy9jcHMu
+cGRmMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudHJ1c3Rjb3IuY2Evc3Vi
+L2R2LXNzbC5jcmwwaQYIKwYBBQUHAQEEXTBbMCMGCCsGAQUFBzABhhdodHRwOi8v
+b2NzcC50cnVzdGNvci5jYTA0BggrBgEFBQcwAoYoaHR0cDovL3RydXN0Y29yLmNv
+bS9jZXJ0cy9zdWIvZHYtc3NsLnBlbTANBgkqhkiG9w0BAQsFAAOCAQEAjm3KMK6T
+3q5XdoWxBUIB46oe3uCX+nHkTTA4lM8oVEv9Yc/wQDF43EleANUXOTd7VVzsxCQX
+qGgy8gharCsO9KyM6PalIG22dT3+cUgVA6uOVhROEwVzMc16DpJ+S9bNNSfB1KuZ
+f/6KxFKokWbEclDpKwEXnE478LE5jixUYlbJ99q5R+oHoxoNYONsgsjg4CcLxOFS
+UmDxsoCqXk3xaUmGhB8Ch4U2bAqOiGv0NpfR8LxyM0GjwrDNHuw8qagj1F1yOfpF
+b4E4xsgQxzp+nLQjdIKWsy831fXctkMqeRGVKMQoQepnb+oYM3dOGYmnNX7zATbw
+hwbcIuwalcXUqA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGtjCCBJ6gAwIBAgIUNgrXLJtc9UZZSWnVyPezpsnQOQowDQYJKoZIhvcNAQEN
+BQAwVTELMAkGA1UEBhMCUEExJDAiBgNVBAoMG1RydXN0Q29yIFN5c3RlbXMgUy4g
+ZGUgUi5MLjEgMB4GA1UEAwwXVHJ1c3RDb3IgT1YgU1NMIENBIC0gRzIwHhcNMjAw
+MzA1MjE1NTUzWhcNMjkxMjMwMjI1OTU5WjBbMQswCQYDVQQGEwJQQTEkMCIGA1UE
+CgwbVHJ1c3RDb3IgU3lzdGVtcyBTLiBkZSBSLkwuMSYwJAYDVQQDDB1UcnVzdENv
+ciBPViBTU0wgQ0EgLSBHMiAtIFJTQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
+AgoCggIBALyc5Csh4FoAYBR3LvWCdkZTv0ES2r5fFkskSN9xOkinkV8CezabuFQu
+oEnu4QLXcCK3Uef/QJ3vsc+Wavcvsg3ylPPgKxuHJ2dDLGqhGQXzwRiAwdiNopXU
+No6QQkhNGLDc3276WFooMLxNQ+mgesq2sNy/TDj0G5RjCYhpkDkShDMnBM9wwpz3
+hOJK0yWgRgSodhy4ece1kxnMktr4YJQEr/Ad0P+cv7+DVKfEPKWDgy565i6RMzDW
+W67eepsRofO8Lr5WZuDW28iaSQ5U9zr49pQkLs4FJXyIKGJgv6xgXULsKJtbfy28
+G51hayDS1ifiyCKgD/Jea/Z7U98i+SasoFyjKhVzAHIsd31fIKFi1xR/zCuB1bTO
+vybz9Nu3zJDSIVJMOoFtckHAwmEI6ALgdmZcJweecnnScdZ8WEY0iRDGdEWziLlX
+DRdlYvnkj/RrUzSuCoI0LxInL1Smkbv8FbCM4nsqAcYJ4NIqZmKM3J0Hyi5Ge3WX
+IGxIZJ3jbEOVH/3zZd2RNAXkTQC+tDdRJM2IJ5unOfGbhX1vdpeCcPBCDtL8Xak6
+wPKDSQAxGl88B5vx1Hol0chPD6ZMAOzrj/5eWitRVuXns9rl+ObEY7gbTblCwvvL
+wlmJGlWmFSJx9VCxl21dM7UJclQFdWy6BJ4rkQHz8tJjY5Re1NdBAgMBAAGjggF2
+MIIBcjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSZw8EjOKrFIHsKcXsDkNSD
+YlixVjAfBgNVHSMEGDAWgBR+hE2OoD1GoTNJb/RQy3O6Rh6bRDAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCME0GA1UdIARGMEQw
+QgYLKwYBBAGC138BAQkwMzAxBggrBgEFBQcCARYlaHR0cDovL3RydXN0Y29yLmNv
+bS9yZXNvdXJjZXMvY3BzLnBkZjA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3Js
+LnRydXN0Y29yLmNhL3N1Yi9vdi1zc2wuY3JsMGkGCCsGAQUFBwEBBF0wWzAjBggr
+BgEFBQcwAYYXaHR0cDovL29jc3AudHJ1c3Rjb3IuY2EwNAYIKwYBBQUHMAKGKGh0
+dHA6Ly90cnVzdGNvci5jb20vY2VydHMvc3ViL292LXNzbC5wZW0wDQYJKoZIhvcN
+AQENBQADggIBAHVjh8acqMTiAHurxq8z6Cm/N36dXmB1uskpU0PhNa1RlCozfBhg
+2JB50fQ+R213CM655QidbsSpZ6EYsN6zyu8NDPS09diXHsolMxd+HSimXvJDMEKI
+1GAJwigf6R4KOyZ8Aa/Dy2lL0dxFmnyZcpDGsdQeaHZABfHlRq/7xv/khhFPFaBp
+I/M9NH6g0KYEQYxDzp9oJAbeEOWA7g5OfSG+ISPnuYiXO68/lOwuqkrFi3/GMnYz
+jOcomCQqr53sSG0hUOfu5Kk5kYjNiokAghz9ppXGFGt3yzxDOjw48RpJ0MN/GDay
+VFytNy/2F4o0OCXR0Uu2dXXLefXowUOOWuCPNDTXjdJ9rpbR+1f63acJN88umT++
+a0b77XJB6syOB5h8sTi1ASXe2XqS4WhxOS3Yy8yMwhWoC3gcAcJbyp2xpvqCbFLo
+rW5JrBk9bPgIJVfzmz6V4XVX8EVOAmsJ0UT55LggeJsn0PLiBlVDL/T3Cwsv+k28
+4AR1Jdw1S7RgljPduQBwCPrqWURUygwwu3dUySF+KF3YpxpMYOi/LOj1TBex5049
+U3Vnm32xSpcQGVgtOo40TSvofhkfrPFEk83L+b3xgtvtMMtz0dNCvGn4KjtxfOoI
+CQOgzrDvFDWE+G4ko4yOED5vj0RyF/TSxnlJ6zfD7YZtTlkWnu+gwiad
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFCDCCA/CgAwIBAgIQBsk1GubwrG6wBvsMKqcyQTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMTMxMjAwMDBaFw0zMDAzMTMxMjAwMDBaMEwxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJjAkBgNVBAMTHURpZ2lDZXJ0IFNlY3Vy
+ZSBTaXRlIENOIENBIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+8FvLH8zXOPwMrB5ZEdaUtfupXVj3ADIIt9uabxZnmnOJVeER4gBDBmuZ/5zvatiK
+LqzE05lw03rvSXjiWjAwGSZQWbxz4qUIxGxOpvypsW5tbvcnKkPG9vs2tj+u+KSK
+CCMA792c4rroXOBHjlQHl+ET+xnWc3nxobw7yL1vThEcBkCsLiu4BE5eETMzEplu
+Z5hVT31EISTkU+L2qoVPqvl2vCLKmb4iKJYHpGIm1qVGRgf54kxfhRl9rEu4k2rQ
+eUaJh4r5dKz1y0TFBwLIAM4nwGVc61H5S874Mt1Zw5i2kxnRymMNg5FFuCkQFIrj
+UlFvlDohMoBNRvbtzHQAHQIDAQABo4IBzzCCAcswHQYDVR0OBBYEFETZyEozjtNS
+jaeSlGEfmsilt+zLMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA4G
+A1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYD
+VR0TAQH/BAgwBgEB/wIBADAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0
+dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMEAGA1UdHwQ5MDcwNaAzoDGGL2h0dHA6Ly9j
+cmwuZGlnaWNlcnQuY24vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMIHOBgNVHSAE
+gcYwgcMwgcAGBFUdIAAwgbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2lj
+ZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0
+aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBh
+cnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNv
+bS9ycGEtdWEwDQYJKoZIhvcNAQELBQADggEBAIEbzergTPhY7dFwqeIB+fRlzYgI
+fo40x1uqb+sH3imvCC5V57mSVVPXwEe2hDHCpo2+zGGqot60EkVtLF0+bUpCXffc
+3mzVx6ti7GX+znUK5Vh41aoNy1AUara/iWQbcUXo32BrRPmXE+kMzt3VWxQE6ybP
+r/l4SAcusEOmuwCTzzkTRttvWCa9VLgY5SsZ0jIj+/eRvQJRxv8x24/HrTI95OMo
++cTFs6iaigj+k85GmxtbpYEJJ4M8E6AtrBQ/i6/jhVY5RssEcxn0sUEvl8Lpxnlr
+vyedD9l6digYDmB5jATBq8i8aaLiD7gyah3GHeziwuKmebv3CeTy44o+ORM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEjTCCA3WgAwIBAgIQAUNxaCjUej51B0V9WT7W2DANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMxMzEyMDAzNVoXDTMwMDMxMzEyMDAzNVowTzEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEpMCcGA1UEAxMgRGln
+aUNlcnQgU2VjdXJlIFNpdGUgRVYgQ04gQ0EgRzMwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDlRbx619l0dI7GEcikCjtz++LQ1+lqW1bkwZHjOwO/MZKG
+Cvgu9/IgRQOIwJaR2mP6CGz2uVqKjchxSyKFlLi8dTE1vXyBKFB75beO5pOD+N99
+CZ++jDrj0ewOX6MjFm0YB7Wpq/9u7S84Vi3v0OT9JEyzGtCSCeIsA0vA2ZmCu7Ax
+ZNgZa9AneiClLWwQ9SRrqauvh8YCCXXiBG7/tP61DOJbZndiGZfVCk9QurYJDNy3
+njZFAxQJ14klpvu0hGEuDqHcTIjB6Gxypm8xA6VRiLkUYYveOEhK6zzCnZkL9TCx
+FZHhxiWmNSl9jJ+XlHVOIwH34yGuQSrFDSkvjODxAgMBAAGjggFGMIIBQjAdBgNV
+HQ4EFgQUfods1gw6MxgUm8sePK+NEdPbSKIwHwYDVR0jBBgwFoAUsT7DaQP4v0cB
+1JgmGggC72NkK8MwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDMGCCsGAQUFBwEBBCcwJTAj
+BggrBgEFBQcwAYYXaHR0cDovL29jc3AuZGlnaWNlcnQuY24wSQYDVR0fBEIwQDA+
+oDygOoY4aHR0cDovL2NybC5kaWdpY2VydC5jbi9EaWdpQ2VydEhpZ2hBc3N1cmFu
+Y2VFVlJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEW
+HGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQELBQADggEB
+ALK3PoMjykZ2Vo0AlCwLu3G1RMjqhH97EObR04DtfMUipEkrLmQ3Mur/aPHrAq84
+7HfztoK7GqBn+xN073Gwtr/vsbKXgpqRMB9sLFfsa57MP0KSavBZDLEUp4vT73X2
+pE3hfLIk4jtCjckUOawvakwECtdUxXcCnArXtNxg+dKYV8O1Xy8lvs0cMQnJ4fQp
++WtZ/5lDCELdsroB+FEXu7LwUsH49LC7UvG+4UwzxVbGqWXaK90SCzJJsdZjC/ws
+f+B7eocYInosraC1cfDzlzaAPdXBtPxuxKLbtpA7PBvS5yDTDlSPzHJDcCDKPVj3
+npRkOI3dm+zOs+AiqOkHhd8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDxjCCAq6gAwIBAgIQD/qSztoqMWdgQPxaBiDAJzANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMxMzEyMDA0M1oXDTMwMDMxMzEyMDA0M1owUzEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEtMCsGA1UEAxMkRGln
+aUNlcnQgU2VjdXJlIFNpdGUgRVYgRUNDIENOIENBIEczMFkwEwYHKoZIzj0CAQYI
+KoZIzj0DAQcDQgAErE19AEs2dzWefVxA5vXMNIeQL3Kksyfo06w6O04l16AEB9QH
+jEcOnO+/fcq+lbhh+0rTKC6QA2qP6RT6URh4/aOCAUYwggFCMB0GA1UdDgQWBBRy
+SmaWanRK1XGzavjksJBQeC7ypTAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALv
+Y2QrwzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUF
+BzABhhdodHRwOi8vb2NzcC5kaWdpY2VydC5jbjBJBgNVHR8EQjBAMD6gPKA6hjho
+dHRwOi8vY3JsLmRpZ2ljZXJ0LmNuL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9v
+dENBLmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6
+Ly93d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAAe2E8e9x
+q04yhub22uF0DPrM4krlKEoeZG3tKbmXcIrOBSH40VXGj212nrp0095/seKyi5dI
+HeTvouo0FHemtpdnRuY2fWOxpeg2nfJnZkdv1f1TJmeB4qPv3ZJ/Jorjd9D0nIVj
+V4Xd29M8i2BoWQZq/KwliXIzG80ee0oYGM6i0Mxb1cgX7puoi94GllBgdrTHYrgr
+/EDBRkXMbppVEQwDr86uH8C7+OVZXYh/SjJ9yOspckFTRb/4YvWltH0jJYFVYC6W
+m998ZrVQxrcM2J6cfru9a0s9Hu1ZXczAiE+3EtN5oj+KPkO8ZF2yGxRtX28CD3ch
+AooDaTD//zQ8dQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFDDCCA/SgAwIBAgIQBR8Mft3IjbrwDFDihfQiZTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMTMxMjAwNDhaFw0zMDAzMTMxMjAwNDhaMFAxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKjAoBgNVBAMTIURpZ2lDZXJ0IFNlY3Vy
+ZSBTaXRlIFBybyBDTiBDQSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBALqD6tXbzIpRYNzoznLbHwz+chdbruBQJ80/GqdVld/xtIvi2yIE0aPZ/awW
+D7yc353pX9eNysCtYMr+uLlqHxSU3DgMh+HdZG3wam+rGbO2I6l5tjxJKP5BSysG
+oxnL2ZnONKTiDOu5RL5JrD35R64w6FWGFx+DsKW/e3WnR80NDH+JWFFzwi/bzHFh
+HJ6gsaeAiWqMunCyxbejtHnPcmDs7Mca0d8tb7vqs8KbHwEjMMTfE8lLGYL2rHy3
+q/uSfMUminrjr4TTgVoHhhjABA0y5f0FF8S4SNBDB9GbUrToL4nuX9AtuC65j+u/
+cQ6I/T1Tdyks5seRKiFamCtMxo0CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBR7o/r/
+9dUJXR75Kv+FU+2vR6jXejAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3R
+VTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAB
+hhdodHRwOi8vb2NzcC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWgM6Axhi9odHRw
+Oi8vY3JsLmRpZ2ljZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDCBzgYD
+VR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k
+aWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMg
+Q2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWlu
+ZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2Vy
+dC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUAA4IBAQCFMP6Exs4uwBILlV3yCOg1
+9T0GhyY1XFLHJkG/zgYmdoFZc4N0I7NIuMKEZkcaOc13Wt6QkS6GpMO3aZkXYTfl
+9zpDtwdqSpL43nkCxd+nxB1A3N+9D/ZswoOUeBi0FI/fhKTh4B8sdRoVBYRJEhef
+5J0LRssXrSRiYxmITdX2N2zCcIL6/17YXds2BTxvfCHDWGWnnAys4i0W5ccgQ5bt
+nPHVW3hEZCO9nbrAOl4swdyFTV1Q0UUG/wZRYZEkFKdpfBOjCWDDrKo1SGV1Qys8
+6y96+AgqbDB91mdnxIr1MuTtHGn/Q1YE2x9OSTb2f2k0ArhFxFdcjKTfLLewG1xD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDszCCApugAwIBAgIQAm7tbyg79F8Er3c2unM51TANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMTMxMjAwNTNaFw0zMDAzMTMxMjAwNTNaMFQxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxLjAsBgNVBAMTJURpZ2lDZXJ0IFNlY3Vy
+ZSBTaXRlIFBybyBFQ0MgQ04gQ0EgRzMwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNC
+AAQOpzOStVJjgRYLXcyjWglb72/AIGofkgEYo3zxDHcb7mhCpg3D/ILIDs1Xg3sN
+BlgQuQGvc52CspMJLHN8Y6p/o4IBPTCCATkwHQYDVR0OBBYEFJ0AS7KU5w1e3w/9
+tBc0yLHsCZn2MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA4GA1Ud
+DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T
+AQH/BAgwBgEB/wIBADAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6
+Ly9vY3NwLmRpZ2ljZXJ0LmNuMEAGA1UdHwQ5MDcwNaAzoDGGL2h0dHA6Ly9jcmwu
+ZGlnaWNlcnQuY24vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMD0GA1UdIAQ2MDQw
+MgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20v
+Q1BTMA0GCSqGSIb3DQEBCwUAA4IBAQB15MfIfjZSg9xPlf0251ejUXl5JnuMrwOT
+8cWX1kOxvIdzY1LkJXe4N+oANypSxl0GjXhmzL2+Euh/6gW28K8fKa88rBm5eCkj
+t1SrA7QKU7o43FOktyXcpUrHuxKhQ3d8SvIsSA1raLiJivUQTtVgPL1VQ0pZkYSW
+zlfxUXT7fdOZsLoWfNFqlcEUUbJh5o4dQuQC6B9VbsItRYcuEt/aXusVJNM5Mm+l
+zM8ndeVWedlkhqys7joyTzy/+NE9Vg59hTWGjb7fEkBnxpW0IDuLAgH8nnFh/Hp8
+836UYCrVb5mNAwDvbSdCWpK1b5gKrT2tqBtJTPsB6r0BJ1mH+zVe
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEkTCCA3mgAwIBAgIQCf6w1wx1BN5oUOvhiYeJ+jANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMxMzEyMDEwMFoXDTMwMDMxMzEyMDEwMFowUzEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEtMCsGA1UEAxMkRGln
+aUNlcnQgU2VjdXJlIFNpdGUgUHJvIEVWIENOIENBIEczMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAveLmWDpLSC5abHASt6q94wj2s//wE7PlV+h4kgqR
+lgbzHqtJsbDkPwXtwixrIAsMckJt+VG2v1PMj/AGTFHwuR89kBL8znwq+1h9cFmo
+jcuNbS+oeBEI41cSPeS5frgg+RFGIpEcHXIn0WUPYE+TiNCjYA2sVBEoGlEVE7YV
+/Z0tOZpeEQvuA5tMg0J4WOPmqWfcsN3F65BvHzCT8J9QdZ5h/k9vv6XhS+HIX9o/
+8F3wAT3J/YbptGphsfjrdIwseNjgl6MFpsmqRVMoOJKyP+z6nsq39ou8EQihlHts
+q2mBOjMcsZD5ZMSu1wHoIxW/HCNvhombdRI98lRj6UpDdwIDAQABo4IBRjCCAUIw
+HQYDVR0OBBYEFBZeaGe8liBi7jZM1GTD6aIo1mPCMB8GA1UdIwQYMBaAFLE+w2kD
++L9HAdSYJhoIAu9jZCvDMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAzBggrBgEFBQcBAQQn
+MCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMEkGA1UdHwRC
+MEAwPqA8oDqGOGh0dHA6Ly9jcmwuZGlnaWNlcnQuY24vRGlnaUNlcnRIaWdoQXNz
+dXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUF
+BwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUA
+A4IBAQAFF+g/iZ5Gp3StW3F1QLQtr1uSVle8uHD8UNda+97OqfzSUnymRKSBO1gr
+rYUqHGxohIKJlIVQfWpomgqIAM/cgO75AeVgzyUF5y1uhS4NRzYDrUhiDXaave1+
+DkPXfnN/veof1Wu9HB7hVywXU5RtB7zrq+ED64AbNzxzjCQfhzIstHwpqmCH+iT0
+GCcCwdNlF7WnMmNehqGjsNGz4Ow+EcmGSGhnfwIAt7XUKwbq8bAtVDGsLW90v3aC
+2yRQOElRvfbwsmgZxKxOQIvmiHUTMk4sMklz+G6+qftEz3HU2pjDuZGtx45d3beE
+vxZMPvPk++pLe0RY2RBqoZj0UJrQ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDyjCCArKgAwIBAgIQB5WZAz3ntiAVatgizPGmsjANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMxMzEyMDEwN1oXDTMwMDMxMzEyMDEwN1owVzEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzExMC8GA1UEAxMoRGln
+aUNlcnQgU2VjdXJlIFNpdGUgUHJvIEVWIEVDQyBDTiBDQSBHMzBZMBMGByqGSM49
+AgEGCCqGSM49AwEHA0IABFyr4n71tYLBZ4yfbR3C4BecHss9+urw1qt0W1DGSNRw
+YsTHs1YymDGYJtcapH7sfVIOEGjHK4oRBl+zh5IqHs6jggFGMIIBQjAdBgNVHQ4E
+FgQU2z1NHIzVactlRHaf6bmvJEdWJu0wHwYDVR0jBBgwFoAUsT7DaQP4v0cB1Jgm
+GggC72NkK8MwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDMGCCsGAQUFBwEBBCcwJTAjBggr
+BgEFBQcwAYYXaHR0cDovL29jc3AuZGlnaWNlcnQuY24wSQYDVR0fBEIwQDA+oDyg
+OoY4aHR0cDovL2NybC5kaWdpY2VydC5jbi9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VF
+VlJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0
+dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQELBQADggEBALw1
+MqA721+QRK5BcSFoYr9bduynchpuyP3Zc87sGUrYW7BsCTY3dHwcZr8gDryFk39x
+bCKKnBVEfyMzBrVwMkAhTk8DsS3VdJ8Y5p8m2ZEvHzRxqKmrDWPr9kTtcSM6Q9Ks
+p2Beviqx6nhDPchcJn8ccXN91Uhf0fe0ZmFckZjt7yP/T1o7FcnZg/8X9mcuOOJX
+dugOQKG1+cJZfNhILczK0CysFJQqLg/C31oEcQIjGf1afDF7COHmzObr8QE4suzU
+DPPAU/4tkImnwtsYUmbKz7mlg8DfffTT95B1otbQC19aA803yIGhLnJ+3MBIFuqr
+bfEYxgo4ZOuulPHeuVc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE/jCCA+agAwIBAgIQClM80TYUE3dN68AmBPfI6TANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMTMxMjAxMTJaFw0zMDAzMTMxMjAxMTJaMEIxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHDAaBgNVBAMTE1RoYXd0ZSBSU0EgQ04g
+Q0EgRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyxZ3VUnJ5+DbQ
+eXPgvKXtiTyXNfbW2IIuyUTH5x7+8YNi4zIpJ9nCAher46uQwUKbQzcCLz8RYrX0
++mjfIPg8ZSCvem1Tx9Si0/BGGHyaYlB+3HGNxR4T1MLQXJ2+pRsRWPEVDZyJ9LDt
+djZhOOrbLwFbLGVoaNgdpZIbjneGuTqUYbO/CUomCE3MOQqEqGR0fzrShXHBm3Ni
+ipoqjmra0YcmcXd0IoYOA0xpF/f12E2V586QqXX7UFVA+alf6a102BYyFFa/aH2+
+3AwA3/SAhO6htn/Sn6YMnWyV5g85lkc/5o+XUVFopFtivcCoii+a/LC+VDRrd5HZ
+JQGzRCeRAgMBAAGjggHPMIIByzAdBgNVHQ4EFgQU/2dd3IjNPLphj0vTKvBOkA0z
+cG0wHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQD
+AgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAG
+AQH/AgEAMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Au
+ZGlnaWNlcnQuY24wQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2NybC5kaWdpY2Vy
+dC5jbi9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwgc4GA1UdIASBxjCBwzCBwAYE
+VR0gADCBtzAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
+UzCBigYIKwYBBQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNv
+bnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVt
+ZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTAN
+BgkqhkiG9w0BAQsFAAOCAQEAWRivCd1UrRlTWr3lSEVugjRCD6y8RVC7tD+wqdPD
+hk23AwbjNDzfuwf0tgn+sD7OeAcCQzJMr9RpgEPJGCky0OE0VW77+YsDKj3YjlYq
+KRg2UdtNKheKyCG4zl6mpF6FAHpGWy0AMz0mhwzFmcUXqWMP23vbbH2PCbSyM8Jw
+dK6xz+ljlNa+kEOgZv6FqIYFqD6ZExferSBFqhQzU8VOukZd7cktlW8+TtYTc9KL
+VcW0lHK8AMX07CUvCS07u3gEtivg9vZQl7Njk+83vvET/Em+poZle2wjoXO0ofDn
+88EHxRz7HRtnfJgNdILqAN93w0KTdnUy0XNvFkeo2mtUrg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDoTCCAomgAwIBAgIQAs4VS4Y6TvS9eF4z+Vq5njANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMTMxMjAxMTlaFw0zMDAzMTMxMjAxMTlaMEIxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHDAaBgNVBAMTE1RoYXd0ZSBFQ0MgQ04g
+Q0EgRzIwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQOZOUenKHK6osgKV3RJQTH
+UY3ClV0wNaPg/DGcBXSo4xFtOjcB4kpVKUsVQ88x6mu3PZhYwgZ03z5LTi9eCZ5J
+o4IBPTCCATkwHQYDVR0OBBYEFGJN/s/Hk0iW5JEiBnCbpl0ktWBXMB8GA1UdIwQY
+MBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAzBggr
+BgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNu
+MEAGA1UdHwQ5MDcwNaAzoDGGL2h0dHA6Ly9jcmwuZGlnaWNlcnQuY24vRGlnaUNl
+cnRHbG9iYWxSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUF
+BwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUA
+A4IBAQBsAFUjekwwDFML01JqQjzuISUguM7okr/IIDRiODEs9RU8y8XgpercPGU9
+BYX562S4qgkSMnIejRWZWUS7+0T7bVmk2yVxcjNhqiqx8iBOF3V3TuLAyUsUw0Qt
+0Gm3h7TE7mrrkwgU+MMmjmVpEYD21bMUva8sWqHCUiCly1PEsCNCpeD9cLHPKBkK
+QMDdodVF9Bh7gAOIbJC1P28yrZMDlU2OTqvVC1cu+oMH0OWj/5sdis66OtzrmqgI
+hg4ioDFc0kwNDQn9OlAwm36pQZkPpeO7HaswLsireRySL/MLVVYktxev7tXwIiU7
+wzkx/HDfJdt47kbO1mWgPP1Z0C/l
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEgzCCA2ugAwIBAgIQBTr4fojD0b9ZW0LcEhiNpzANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMxMzEyMDEyNVoXDTMwMDMxMzEyMDEyNVowRTEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEfMB0GA1UEAxMWVGhh
+d3RlIEVWIFJTQSBDTiBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMdMqP4p7kEjIsTjJXYnwHgh8wmN8kPwqqx+yVPLa0y6IxXS/lZ5ZVY0qJX9
+Hh1GZpDsoD7r65vP3HPvDq6eq2HHO5M512+Y3d3cJDmwj8hnMFsQpI05okzbdR1F
+JFcX4sLGvNRNApuHz/0dz9QRjFWuQjf6E6QGnmJlxa+CxbhATF+M5tJRALqDer9q
+YBKrEmwoLhRu2baG0Ymw9rShx4kYRqLXiCkYT2t/bUIXSfaasMRSqdULXT8OiSRr
+ykSm+qWRGn/Ou8SvUkExJL8H0hHscET4e3ldtS1SNLIkBPlqqszLgePokjuOER2N
+X2/Df+3rOI7LnIf/kam1IU66N5sCAwEAAaOCAUYwggFCMB0GA1UdDgQWBBRD2sOo
+peBrukaEZ06zNKNe2cyx7zAfBgNVHSMEGDAWgBSxPsNpA/i/RwHUmCYaCALvY2Qr
+wzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzAB
+hhdodHRwOi8vb2NzcC5kaWdpY2VydC5jbjBJBgNVHR8EQjBAMD6gPKA6hjhodHRw
+Oi8vY3JsLmRpZ2ljZXJ0LmNuL0RpZ2lDZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENB
+LmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93
+d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEAaGfrSgxDcAUu
+BEgHZEFBaWLodkHxRT+kvU+BOf/11lcfp8hbZTUucNHEQLSozTW0oKpIwwcHTDD/
+kE67nLmk0rjKPyhmJKzR3LQVFiwvTho6w1I4YuUBxi2x606Zqsa8BuUu2zWJ46R+
+0f+Xm43p78VZKCVV7j+2SkugqB2As/NW3JRyznNUGNsuiY6GMMLSsH3F/FJA/1Cx
+h+QqRdpCUPh9SPAx+bJv5UdMd1LdpOJmtz4lpOjdy/7SKR696PX+P03nmdVWsftD
+S2muLt3QcQbhCIwB+FlGjinWW79HA2YjfzMdgHNRYUZPJl13h+QoiMuRIYtR/A34
+vK49nk/hQg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDuDCCAqCgAwIBAgIQA7fGFnyirY496hbH2lGmAjANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMxMzEyMDEzMVoXDTMwMDMxMzEyMDEzMVowRTEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEfMB0GA1UEAxMWVGhh
+d3RlIEVWIEVDQyBDTiBDQSBHMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABPDZ
+AhPaMm/aeEtym/GJUpNwKQXJPMBgQIeKb0o53tq1P8IlwemwZueQLB5zDsB5T7Sp
+3uyHgb2bJwQdGh00q3CjggFGMIIBQjAdBgNVHQ4EFgQUNH4tvv7Tg10Nb7SvoVi1
+4f4iuyowHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8E
+CDAGAQH/AgEAMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29j
+c3AuZGlnaWNlcnQuY24wSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5kaWdp
+Y2VydC5jbi9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwPQYDVR0g
+BDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0
+LmNvbS9DUFMwDQYJKoZIhvcNAQELBQADggEBACdVKkXtzGTX+xUQP5z6oS3a62Is
+bVcXi3AH3DV6xe3RukovoX4TbNrbJgFIOgaorLhK7J/aJPqlCdz2zImauRhYCxqq
+XQo6Wx/w9uzLZ/eiHz3oey6ylDLWdwgqqe5SrKVZMmgwd8tQmhK2AZZpU0z04XbF
+fR1xKlJnxRG2KsDDqU+s3Jj2+qDsiYK7ObKbQCdmKi+AiaM4BSYXCxrAk9XPtqmD
+yO++DhzgVc7GT9GfTUuTmkk4ikkx/C4efZSvHHynvk/1rP4aumjmGp5FuyETVcgg
+vMVpQm8deJl3zaG1IZlRWQMkian82e9sminnY7ZZ6Q15LjsOLr+hON0iseI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFTCCA/2gAwIBAgIQA2eKFk1ifRDufW4CDsceeTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMTMxMjAxMzlaFw0zMDAzMTMxMjAxMzlaMFkxCzAJBgNVBAYTAkNO
+MSUwIwYDVQQKExxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMSMwIQYDVQQD
+ExpUcnVzdEFzaWEgT1YgVExTIFBybyBDQSBHMzCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBANIdr+aGJ7xGU+BAfTfOUHsO0kLHBXDi/Z2olNgF62fOlJGp
+TLXMkequ82wMpQf8nUi8PBEimKStocB7pjqJ7twveLDo18h/8S54zoHCsfZu5n52
+ukwtxEmMVSULZfRW0pVPXfijRsFfC8zivC/AfNmqdgTnojfKvlmm9I0VgsN5O5fl
+9rZOcyO0W70rbsi6GTFsMZDRDFvK+EzfrgFNFnS+qrSekesCJrOPprOsq5XHx1vc
+eLJ4gzgwC+OmEowmv9QWv0/+MWJkQyRJesFfUlxcugsmMD3pl0zRz2KInrjK3pKJ
+OdjY6ccX2t/IXl3L4IQuc5V7HOpuazis3ZpdSuUCAwEAAaOCAc8wggHLMB0GA1Ud
+DgQWBBSa2Q0QycRfTDLS5/AbrUqmLSU71DAfBgNVHSMEGDAWgBQD3lA1VtFMu2bw
+o+IbG8OXsj3RVTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMG
+CCsGAQUFBzABhhdodHRwOi8vb2NzcC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWg
+M6Axhi9odHRwOi8vY3JsLmRpZ2ljZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUm9vdENB
+LmNybDCBzgYDVR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsGAQUFBwIBFhxodHRw
+czovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNl
+IG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0
+aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3
+dy5kaWdpY2VydC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUAA4IBAQA6MKUuIRRC
+njqOPc/jhrB5VDcrzHRabp5haEvpZV+SR2M+wQwjOZ/tf7KhEYXbBB7eUQpPUQ3I
+TRg1CdjGT3li2VC2xsVLESbBGka34nyvLrICPQ6Mm7vNqi+GjRtuZ1CT3YU7NpaJ
+Ku34y7zkAtWKlefLL1w3nn0g+XkxC2uV5PD7Ua/Q/kcYgxjj83klxKts0YCqhaVJ
+0QYbsDS14J48CGoR7Xf1JwbZ9coUtB5FII6zUFuvH9p0PogH7LgAlOM+9zNyUZo+
+WmIUJ04rZbJ/hHuXgOteHENYtzqr6PGRYRuAFdUPOZSsM8S6Dgp04VKe7OcD281Q
+H/Na2A0CL0NW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDvDCCAqSgAwIBAgIQDxmszflM/X/yG0I7qFVpMjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMTMxMjAxNDZaFw0zMDAzMTMxMjAxNDZaMF0xCzAJBgNVBAYTAkNO
+MSUwIwYDVQQKExxUcnVzdEFzaWEgVGVjaG5vbG9naWVzLCBJbmMuMScwJQYDVQQD
+Ex5UcnVzdEFzaWEgRUNDIE9WIFRMUyBQcm8gQ0EgRzMwWTATBgcqhkjOPQIBBggq
+hkjOPQMBBwNCAAQP3jr+1TqhWdA8vJGOg4G1/sQ50Zgst6j6LvJViMu1dG/Nn4AS
+/KG/3z/gZGqeeVWe2leql4S3ZAp+3PgSF3dAo4IBPTCCATkwHQYDVR0OBBYEFFu2
+CfG9fE6qMJeYs/8nQkL5ENV5MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5ey
+PdFVMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwEgYDVR0TAQH/BAgwBgEB/wIBADAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUH
+MAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMEAGA1UdHwQ5MDcwNaAzoDGGL2h0
+dHA6Ly9jcmwuZGlnaWNlcnQuY24vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3JsMD0G
+A1UdIAQ2MDQwMgYEVR0gADAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdp
+Y2VydC5jb20vQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQCepMQamuUSUPdxbebn2MiD
+crxoa9949Y5eB99rbsF3yctyYpgMNd8wlDidbLVNIZ8Q/DgLjB5uD432K45N3aLF
+CsQgaJS2tE5WrL82KdKFLWEFkgWWg3S31eoHcnrX0l2QQynst8nyeZu3AL847SP2
+GWvSXB5GMhJeCg+iA1plBoGK5u7UWXeytgs09IBcqxma5Nuj7VOPas8dEY7uPzw6
++/1iHZ2faxQ9EO88fpBRLzqNoKspCaZAYhegGzZh/HrMzo/S9H0wCUONM7eT8mgm
+fD2ikPvHRCDvoM23ZPJE8yH+gBYvoiWonIVdko6oX73unaHYM1Ott9dPCOfBi+4L
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIElzCCA3+gAwIBAgIQCcxeird29+KxR6+87sF+sTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMxMzEyMDE1MVoXDTMwMDMxMzEyMDE1MVowWTEL
+MAkGA1UEBhMCQ04xJTAjBgNVBAoTHFRydXN0QXNpYSBUZWNobm9sb2dpZXMsIElu
+Yy4xIzAhBgNVBAMTGlRydXN0QXNpYSBFViBUTFMgUHJvIENBIEczMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGZKVEgqko3R3EsjuqKpH4qJ/M+uAf56
+Cb2HgtE7cM93vmTWvVfTXT9BZcg7OatP+LZVpJOgJdIIwOgVSAwAguHT3xLRImGB
+vdl7BKE1bIcZ7PofYqj0MhcTC77LAiUtgDffXe8M3xNM7oybG4uKo1yNbqB3nWEH
+Sfxw3oZEIy5gOIF/sBYz5YQN0Wn7eu/DG3pyB659h972CmYPTyOA1mL7U7noXcgy
+fGjvmQVRuRRX+4sxqG+2GURQUbn8le+tYwUnjXSr4feH/hMmvtJ+j8oiOkWE08mn
+4FOlV2HXHCj6BFd2UO34/Wv6oMtTkUrdU2IuAJGFeToT719CtjcqYQIDAQABo4IB
+RjCCAUIwHQYDVR0OBBYEFKU2WjxmE3oGNnIsHYRtfEMPh1ADMB8GA1UdIwQYMBaA
+FLE+w2kD+L9HAdSYJhoIAu9jZCvDMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAzBggrBgEF
+BQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNuMEkG
+A1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuZGlnaWNlcnQuY24vRGlnaUNlcnRI
+aWdoQXNzdXJhbmNlRVZSb290Q0EuY3JsMD0GA1UdIAQ2MDQwMgYEVR0gADAqMCgG
+CCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMA0GCSqGSIb3
+DQEBCwUAA4IBAQAKYIfUik5lg2D2JQbnzFMsHulGj7360VwfBwyFbNdy1EL4PbDe
+JxjJzhOFOd5NmUxFi+t6g+7urU+qAxuBSZMqIIOUTdNi6xxfE0flY6dhHtG4VsUA
+heGpyjVOgTFjISBLSk5qzQbOEyX9HVPG5CrlpVghfexDI5fXYSmMJrZqUo+mt+aV
+3co939KuRBcE/RoRNmRl7rOBROgpuLFSpCrbfaxIiTlTl75lqq4vbulCOSl34spO
+tRZfbG74YmMhzUCNLIztINON0/s01PaxrcIgaroQHLuVVnsEV68sR8ncr6SKlf/f
+dZgHOCq2uEQgEm0TuKYVflSJ5FtK/lVEmR+J
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID0DCCArigAwIBAgIQCN4LodXTTTRzZ9sm7AooQTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDMxMzEyMDE1N1oXDTMwMDMxMzEyMDE1N1owXTEL
+MAkGA1UEBhMCQ04xJTAjBgNVBAoTHFRydXN0QXNpYSBUZWNobm9sb2dpZXMsIElu
+Yy4xJzAlBgNVBAMTHlRydXN0QXNpYSBFQ0MgRVYgVExTIFBybyBDQSBHMzBZMBMG
+ByqGSM49AgEGCCqGSM49AwEHA0IABAX+UXlU7qCTdzvO2S4v8OvP+SI7VixP+yCg
+pThqxJao4e9xIMLbIiGAXSTiBWYLPdxUdEOvJnQN6Fxl4a1BbgWjggFGMIIBQjAd
+BgNVHQ4EFgQUyGi0kdsF1zMrIYlWf9suYMJhwVAwHwYDVR0jBBgwFoAUsT7DaQP4
+v0cB1JgmGggC72NkK8MwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDMGCCsGAQUFBwEBBCcw
+JTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZGlnaWNlcnQuY24wSQYDVR0fBEIw
+QDA+oDygOoY4aHR0cDovL2NybC5kaWdpY2VydC5jbi9EaWdpQ2VydEhpZ2hBc3N1
+cmFuY2VFVlJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUH
+AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQELBQAD
+ggEBAFWP3d5sQ6WQ/wNNnxkK+zl5OD54yNTKrMrnDjHvuxt1UjZWGZs7s9luCN54
+/iB+r9v6ToxH8If5SggzdEhgw41rRNZZdGqabkPc7YxQ/dG5+qaO/t1braD7Y6nf
+Bek+xEIdXrA8OO8KRA2oakroIYbhXNwx5xC3mFF4AejGDW/UY4XMNoWJf0b0tfB7
+3Z8hQn31jIA0jV5e+KuYonv6PK9iAO5coJ4n6qwZ1DYw3LPGRpSHO6t06i94ij+1
+/8sVnBrMmClpkN0v03qd/SgleCazj/f/O0ErgAtx65E97ZKNDj6LXbr14aSHNTOH
+HNssrRZKpOebHRRepIgmA8De6nE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDrzCCApegAwIBAgIQBfFKs8nt70Spz7EYtFBxJTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDAzMTMxMjE0MTlaFw0zMDAzMTMxMjE0MTlaMFAxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKjAoBgNVBAMTIURpZ2lDZXJ0IFNlY3Vy
+ZSBTaXRlIEVDQyBDTiBDQSBHMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABBmu
+6gqnrcj0xWh8JUkXSuqi1ca9xiWR1u1QH0VLUL5SLYSfOD+1zWZmfGBVe16719OE
+QxNy6Mr6WVQz6F10fjCjggE9MIIBOTAdBgNVHQ4EFgQUGrVojGwJUfdHATvhk+3l
+ABbPu5UwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/
+BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8E
+CDAGAQH/AgEAMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29j
+c3AuZGlnaWNlcnQuY24wQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2NybC5kaWdp
+Y2VydC5jbi9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRV
+HSAAMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMw
+DQYJKoZIhvcNAQELBQADggEBAAqotWRWfzzjRoIYMNXRxFxo0YgTM076s/nj+BRA
+Ogf06eWQCOVu89vV4J+d2EdtmavD9PgPM2dalCe7k1TUYw9NQD/E6iCWbEmgRRC8
+MWH27i7d3qWWlcSqN0a1PNHxGdfOVf57ao4/M0T5hWdQnjUegKBDra03q/4LtP2l
+TTD2KYPpZmsluNKpCdQcR7IVqg2XQTAJdRquiyxY23nZHybvhBJmbeSLJc0EMUbG
+2BRRuEbSW2Lu1IELnhp83EqAHEEt+w5Q9B3sKWqbdlPTNvTtyNMiTrHDO2nhN4f2
+BCyB5j5fwrWTkKA8wqQzAXykhgRDVRlfgQDXZ8oVIy/KP2I=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFbzCCA1egAwIBAgIUZem81T55HfIt/+tezCvHpViNCIMwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0yMDAzMTYxOTM5NDJaFw0z
+MDAzMTQxOTM5NDJaMEoxCzAJBgNVBAYTAlVTMRcwFQYDVQQKDA5EaWdpQ2VydCwg
+SW5jLjEiMCAGA1UEAwwZRGlnaUNlcnQgUVYgRVYgVExTIElDQSBHMTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMhwn6I+pGrJsnisnzP7EU5cFN9UT5XF
+auA13F3jHeUUZmBOcMSOJEhx/e7oeVScTnmKpe7t7uey7lIIC9DWFmP8klbtLBgL
+0jY4MPlCkVyxUIhZ73EHCPqDCX9bo+rMB6C758/tKZOPcoWRixQypPwoC4cXNOOk
+ntqFPRxFSZoBdTDNlAmkAQJCRsXGCEC5pZ0JqzGcAA0/Pw1fB8lSPAti3trubYmd
+aaPFAKzGK7vsexxpuSUKO0opNkFWbLdHZ8jkr86R80oo1vhURJXWNeMS74ws5nbt
+Ll9sJTDW33MQPS0/JO3xYI7bQcW3K1sPSERa4BahqgOJvEXMk1eWRcUCAwEAAaOC
+AU0wggFJMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU7edvdlq/YOxJ
+W8ald7tyFnGbxD0wOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRwOi8v
+b2NzcC5xdW92YWRpc2dsb2JhbC5jb20wSwYDVR0gBEQwQjAHBgVngQwBATA3Bglg
+hkgBhv1sAgEwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t
+L0NQUzAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwOwYDVR0fBDQwMjAw
+oC6gLIYqaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EyZzMuY3Js
+MB0GA1UdDgQWBBQTL6fobnFR9uIMmEeDnn+deHk08zAOBgNVHQ8BAf8EBAMCAYYw
+DQYJKoZIhvcNAQELBQADggIBAEoOxze3kgnR39LX8M63EjiNxx0LThZHROqYqev6
+5ox/c5NNitk8/ODA8osdPpvnUBAlmE0+gqBvnTBRPVrJFd9bOr5BK8z6Os9/U0ed
+c3UINkWLS05B7ChC9s6Zw1Vd/WlW08TQJ80GpvAIbEKcg8EO/DXPniHxC4cMtv1T
+jtNeh98XiVgQXHL1FY+u/l413J8C4utKi4ZOQeCJDqvlSDzRsOi+tHsXrCJxnMWN
+2QBgMGgdPW37zwf0EffoH0Gee3pTgg7I5SzmvBq0t5xRDfv4N0OdM/sN1mc5f3o7
+0YCd9WXhyDCV5W2O8QIbrd42CK5k1rlM6gXwOyDmYY5CVAl1QeXEeRfDk/zNjU/1
++LnH/Dv88VcZhODYq+VGbyM8bpNr0v95PY3yaH4kzpWGqWAN5i9LosfcaqRPmyL4
+PcKTQwcA9AVTjITExFua/QtGrXLPvMVxR248G9IQpJMxP3JEGkjlKCenmc29r2u1
+KE4TeCs2xxjR1PusTfX91bBW3YAoAPDTRQKZjolegLUY44j3uKSzAdhMEbZQhovH
+Lraqx1WjTayTuq1Vuakcia5shmgFVSNcE+NVgLEIe32oTOm/G6Kd1lcm9C4Ph1Cg
+nfDuqohZrk76kJTk8poAY5aFCQHhVzbpSw3zooMGjjvWnkG+/DC6SZM8rKoOdKiB
+cy+N
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFbTCCA1WgAwIBAgIUcVIORg5UrvMi45+sFsDpelG9lXIwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0yMDAzMTYxOTQyMjJaFw0z
+MDAzMTQxOTQyMjJaMEcxCzAJBgNVBAYTAlVTMRcwFQYDVQQKDA5EaWdpQ2VydCwg
+SW5jLjEfMB0GA1UEAwwWRGlnaUNlcnQgUVYgVExTIElDQSBHMTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAOiCO+RS/VMMfgdhTV/n0zjv0bdaASpcpHq9
+RYMcrQpwC+uXp3lGW8VnzkhmN/4hcNtThu0QLfG945sLlkhJGjrrDtA6HYBsfb2z
+Y/6E38cVXeFDIWi4bQc3lJJ33kkAxq6NLHyfqkde6vPvyiyJz+InxFQXnVH3tdnp
+GXtjXlgYciTDG0+atl9maYtNEKtZgsNlmsFuEQgrppt8FptTZ11rfvb7hpgjUxsr
+oSCw6zE8oBlCrAcR8LztpEupk8/C7Mt6bVqnJNE1p+6lYzViSLMztNbjPkatvhYe
+04KkeaMEtHvIk1NhmFWHZgBf1mJDPY3/U3uPM3rVcScNrqiO9ocCAwEAAaOCAU4w
+ggFKMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU7edvdlq/YOxJW8al
+d7tyFnGbxD0wOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2Nz
+cC5xdW92YWRpc2dsb2JhbC5jb20wTAYDVR0gBEUwQzA3BglghkgBhv1sAQEwKjAo
+BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzAIBgZngQwB
+AgIwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMDsGA1UdHwQ0MDIwMKAu
+oCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMmczLmNybDAd
+BgNVHQ4EFgQUyGA9Ed0GVhDgqaHI+LFwKudMTGkwDgYDVR0PAQH/BAQDAgGGMA0G
+CSqGSIb3DQEBCwUAA4ICAQBZgHP9sZEa0Ju495m8z2/7mecXaPm/lLp4BiluRfNP
+UL+S7AS6wa9Y4CIqq8e9qrxvamlG7fDysfPPXD63cxD5vzexhHB+nBYYyQhZR13N
+GW9oxxQT0EXfJCjakagQ9/OwWwZa3XDzpT7ZTtax2bzPcfMDjxSzknfipfsrdFsd
+qFNPmor5KR4hg1LY1MyAcc0qKrlSAuieius+COIIIohvEuUZi7eJdHAiXwAXfcio
+mzGOGxClcthjnf663bdmknCdcOrd/hD4diCAZ3BzpbT+S9oUKMpPRvWS4am1jDnr
+JjjDHEnB0jN+8qn7I6N7hsMCQMr3AlOt/z2iDbc0Ha8HbcetVRkyGOLrHd3UsPi3
+iGaoLZTbpoUmJxWVVRexMO1nJKcVY6+dbkAq1mEWNuAbWGBlndGpZ6b4fXTQ1a8H
+d8XtnPryadjQ0nfEO6yppXuaXGUkNrc1QjVag1D4byZ0T1uaTQq1wJL6QDQc0z6A
+gXGljtphIh4UHU4BhfiV9mhaJPnUnzNzqCS9JP3GvVRJRIIgC2DLHF7QRrskPtyT
+r88pIpd3XmzrbBZ+qMFz92urVSiWM0puULGgCngPPGw2qUDgoTcu7sbQnpdn2nqJ
+kpLSfmEQvk/Uy2QdSbvzcu6Y+VutQikwLpCdErACFvAQbVM9ZebjwCox5Pt7QwDf
+nQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGVTCCBD2gAwIBAgIRAJ9bB84uVlF/Q6X4MOWX/PMwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDMyMDAwMDAwMFoXDTM4MDExODIzNTk1OVowYDELMAkGA1UEBhMCR0IxGDAWBgNV
+BAoTD1NlY3RpZ28gTGltaXRlZDE3MDUGA1UEAxMuU2VjdGlnbyBQYXJ0bmVycyAt
+IFNlcnZlciBBdXRoZW50aWNhdGlvbiAtIFJTQTCCAaIwDQYJKoZIhvcNAQEBBQAD
+ggGPADCCAYoCggGBAJQ+UeGSUt5O1oBImyuPeKfuZJD0bjRijTXqpfHbxc8DsxY8
+RbrE+/hw1k7kN+cBxYyuNKBdjgfUEawRVNMvcHFX4nPF3niUVVDbjwI2LaTuahmT
+k8oNwnabkZ31763aXvD9mYWyGIwXHY+8ysUEuytcm/sxXbS3sOVGIOMyZK/NyRDl
+Wolema6u/AOPuOS+f1GGJsvMf4eODambohYFyUxQI/cRsNeExkHW+fdmR8bPv5qx
+LaqLErKw9lU9yDYvUzOnI4WCDi7jfzMTpFAdGF1R6b24YqCPM/nCZyrtXEhh08uZ
+Q1FX4s9LSnlMMUBoZF5JFXSSYCiSrbUXQ585uBKExelW3Lw+xH+ufApmxOXRZU8D
+1pVbJ5HPvBeJ1Lo8ZzrD+2LEdTHnAhRp/Qci2oonZKfW4PT6n7Pqsf2q/F/IQHKM
+0Xh4HpLlb3F0PszlnIxINvwzXIyjXh1vqZHhlYkfbQRrqOMlFDj/ieZZI6JmR8Ea
+a07YIVxtgyaRvtTsNQIDAQABo4IBXzCCAVswHwYDVR0jBBgwFoAUU3m/WqorSs9U
+gOHYm8Cd8rIDZsswHQYDVR0OBBYEFNY6En8H2HXyLCOW8rSWunrvJIZyMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEBMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjARBgNVHSAECjAIMAYGBFUdIAAwUAYDVR0fBEkwRzBFoEOg
+QYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmlj
+YXRpb25BdXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA6BggrBgEFBQcwAoYu
+aHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFBQUNBLmNydDAl
+BggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0B
+AQwFAAOCAgEAWfUARrkY5hZF1Uhze0pO7Uyr/+33IxtRWSAUsa3mC3gqsEncs15r
+WTHuhUEq5F2CDh4SIYRETlsqQzge9zYnC9TB1q7jo6H/5J11928vDY8RqBHzr5mr
+OS8SO8899HNdI+9UqADUlaDSpQEnujfJ3soQV9swUpr96FbZ7l8UCxH8h/g5r0BQ
+g1LkwvB/WYggCNJD9DwrIP0/gfSSF+SV4/RCNPgPZ8/vcM6azjeJvOfnSdmFh5I5
+McJ8hlADMhwSmP7UjXoeFd5thmk+zzEl/LlRaVGR9Y5TDNBYea5VbvGcgR9qLYFo
+tiILipoSiB5gVylPj+0DoTcZ+KzfgKEOk1vbQVe36IYOg24DWEwoqaDLR74vePpc
+8/BRJxfluPS7q4hUy+sZLr+A2upqetQ2S5FOv+mNbiZwKX6aZRDe0rEvrX/3O5kk
+q3SVBiOsWIH2ujR56sg8HZr8llk+EFbM7/g0U9k6m+7rstIFn2td7Wh5w5n6343F
+961baLzO6y0MOOtRkl98L3ot2MMFzRqiXMV+wIqJQCl3+ImqjGTmh2m4uhgBSeiJ
+z+Q/Hez7YUX14DUKtPeIlzGJWxCqCM1ZK/txDIP4yL40fEAw+ILl7TyRTwqEyC8h
+gK1LkFenz+SH3M1exJIsNY1aSzIirfq3w0AesyFxrUo0t8PE6+g2+Ek=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhTCCAwygAwIBAgIRAMB4zx9FIUBtUTa3E38vWKowCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDMy
+MDAwMDAwMFoXDTM4MDExODIzNTk1OVowYDELMAkGA1UEBhMCR0IxGDAWBgNVBAoT
+D1NlY3RpZ28gTGltaXRlZDE3MDUGA1UEAxMuU2VjdGlnbyBQYXJ0bmVycyAtIFNl
+cnZlciBBdXRoZW50aWNhdGlvbiAtIEVDQzB2MBAGByqGSM49AgEGBSuBBAAiA2IA
+BGEFYWQ2Dtc+3FHJR8KCZW60rUnjoC1LWFip+JX5nkrcX3fXC8wiMrnb+nkXAq5E
+Sjg2I39ftvEg4Bd/kbuHgFPsnbh1UEwOewtT/gtmYnJbCo4QZj2j1xijqKOT7K9r
+nKOCAV8wggFbMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1Ud
+DgQWBBTTupl7PH0N45BBsBb6xiEjdlr7SjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0T
+AQH/BAgwBgEB/wIBATAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEQYD
+VR0gBAowCDAGBgRVHSAAMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy
+bDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RFQ0NBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
+Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDZwAwZAIwSz2AjDCpljmd
+rAs+Vfp9Wzdvd5ccYhmwScKzOoOQtWcjaX92tkbixA5Vyt2gWAPIAjBSzyudq9sz
+tR+FzzjBP1wEeLieizVZtlxhbZLbZanFWbhpwlK7tO2gKsm1CJUX8hw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDlTCCAxygAwIBAgIQY/EmOxR5MZsYGXoQxhBgADAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwMzIw
+MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjBxMQswCQYDVQQGEwJHQjEYMBYGA1UEChMP
+U2VjdGlnbyBMaW1pdGVkMUgwRgYDVQQDEz9TZWN0aWdvIFBhcnRuZXJzIC0gQ2xp
+ZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgLSBFQ0MwdjAQBgcq
+hkjOPQIBBgUrgQQAIgNiAASxsdH8tMxgx68JxSUQ5VCZLkZp8JyKhf/OAKF8pOJd
+t2inBHp6yYUrHGGvbvdC+zwPuCYfQfv/pdl3KMfyWARKaUFreqcbp98WP5HumQQZ
+fVR7RvBk6LF4aKrUq7wXew2jggFfMIIBWzAfBgNVHSMEGDAWgBQ64QmG1M8ZwpZ2
+dEl23OA1xmNjmjAdBgNVHQ4EFgQUpnTuy4EUW6TrG3cuI62/ycSWuaQwDgYDVR0P
+AQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0lBBYwFAYIKwYBBQUH
+AwIGCCsGAQUFBwMEMBEGA1UdIAQKMAgwBgYEVR0gADBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDoGCCsGAQUFBzAChi5o
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQUFBQ0EuY3J0MCUG
+CCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMD
+A2cAMGQCMFkQAkxh3LUjcMVgXoehdsC4IbPRmlO7ir9ibEDMyKDXjEUAJqhEm89p
+wLM93ndXbAIwKny/Zl824atSh6b/pEScK3qGg1DIMD0MI/fK0wvsZL6VqOcPAbwr
+/8/zXIAVlY8o
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGZjCCBE6gAwIBAgIRAO6oLzpx2hTEy7KSDuhPO5owDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDMyMDAwMDAwMFoXDTM4MDExODIzNTk1OVowcTELMAkGA1UEBhMCR0IxGDAWBgNV
+BAoTD1NlY3RpZ28gTGltaXRlZDFIMEYGA1UEAxM/U2VjdGlnbyBQYXJ0bmVycyAt
+IENsaWVudCBBdXRoZW50aWNhdGlvbiBhbmQgU2VjdXJlIEVtYWlsIC0gUlNBMIIB
+ojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAy4IQgzC0EDTDY2vyUgBuKiXT
+fjbxhZPCa9g2gO/gYrBlaRv6OX6MKroBFJhan/17ywuvRAGhmxV0nive63SMxwCi
+ZRulW7thln1glXz6iwsNBkYdTV2mEOf5k7HgMc2B8ziycO9fdV70/D0N4Ydkx0q1
+sj2YiRWqbrwTP+OOCEE0qJh6z4tuJ7NUGSV2oSwLf51Vw2G6jo7+sivylJ9jT1xY
+4hudPsgLxw0wPMltsGArJ3felwm6W3UALnjnsLSqFDm/GAnzcVeQvBRTVqUny248
+3cc4OCPwPU+1M6f6/XJ1OQnz1BRGA+k8x3WpPjJCsutb2liA0R8gsWkVBYAA8kGS
+IWhal+c+n8mwsZjbRpF80XE9LFeE8g6PX/jAxtlffFAg49VkvVkbe/7GkguWcwnk
+wc0gldmdkv9sek1ruAdd27A5wUkx0Jq2Y/l8hHh61/ryviY8zEaXCiM/dzrM/51+
+DSXfmnbwJZjZ0H9UY8MOFyFwexqwDKAIIUhaqGKbAgMBAAGjggFfMIIBWzAfBgNV
+HSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUT85OsK0GOArc
+bRSmrGjH3mmJf1MwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQEw
+HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBEGA1UdIAQKMAgwBgYEVR0g
+ADBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEE
+ZTBjMDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy
+dXN0UlNBQUFBQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBRb/VgRRxwDr4v9umcCRnmeOwZGGUB
+ow89wOAQ0ypHHXFw1UMdwbhoUFLBWBBVfGRAnR6ltOAXmNW1mvOpo7Fs/wWJwNoH
+Xx3Wpy1EW55CCd0kbWDwX71WQqU4hbUUyxQNkHijcEX/rPOPn6R91uYMoO9rh8it
+GVNaRjCSzp6bR67NjYYMODHAzetgFTTuLTfbS0GgGxtL1HtVx8dc4zeS8r/Xvqp9
+Lm1TsM7tZtWwQak7j5D9fEr73SkPkT6yuvXtPP+8PqrEJ/kwJmSH5PxvwdXAbn1r
+FbRTDVN85kYOyVuEoVZVCd2N82Gbr3kjiClgV9YNlSgef7gSX/e6LQHieRMEUba8
+GWtTpw63hdH7hnMipEAhcDcM2kAomG9jBmrkJBM1JmqXT2AH//mFNh0gj6JTfxVD
+CTz6xZlEpGN7kl5KnPI5Gcsjt0pRn9eQBoR0eK9kQ9mvE44CDIyKGb334qMgXHxC
+GFn3Dly2v3dc3okuRVdoxdji4xVxzZRgL8HtAZM+uP0B5i1BI2A573Oi+AP+CNn6
+StXysq9C8/c4GUkR0aLGCOV6dvys0JjRIzxdby27fd9U7MhvgyoYuLx5JWm5LhgT
+OoHiqjXzOTbs536cKW9sYej7dy6OVkk5w+3q1C660vvTICmzdASoqXR7VNXzNM65
+Vbxs+wWdc6xmsQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFeDCCBGCgAwIBAgIQDm0uI4Rl7wmY/8qVcvvvXTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwMzI1MTIwMzI2WhcNMjUwMzI1MTIwMzI2WjBFMQswCQYDVQQG
+EwJKUDEbMBkGA1UEChMSWklQQUlSIFRva3lvLCBLLksuMRkwFwYDVQQDExBaSVBB
+SVItUHVibGljLUNBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOat
++etF6essm9U1oSL7cPoOWDsNYWkGwoqrQ32+k/fad1bWOCI39vM1vlYnwCSbrnCL
+wxLeDPQoDuCPApWsXGbiBOgeHtWXuAK2dRvOSd913Z3AdXnuGbZs21AMcXEI01JM
+N6RvtvI38HppUjguTX3oOyNsXpcTN80H3VOR8P+NnmcVetSDoD62lMbuuBekmENp
+xpXIJpEYKM0DD5qwnSXj9Um6ZpjmBV/EBQlr5qZb2mc6o7GGR4kl8xxG3ieo8vc+
++2WpMwNr8HdxflW+EXPSukvoI8rCnqXkU7Pv8QI65lEkEv5fxUa1m18USB7ZeIlc
+6rSR/QL3OfwdLB1WRQIDAQABo4ICQjCCAj4wHQYDVR0OBBYEFMzJbGiNjGuBsBJj
+vQUlFdP/37HyMB8GA1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWXNqfWMA4GA1Ud
+DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwEgYDVR0T
+AQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6
+Ly9vY3NwLmRpZ2ljZXJ0LmNvbTCBgQYDVR0fBHoweDA6oDigNoY0aHR0cDovL2Ny
+bDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNybDA6oDig
+NoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9v
+dEcyLmNybDCB0wYDVR0gBIHLMIHIMIHFBglghkgBhv1sBQIwgbcwKAYIKwYBBQUH
+AgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4M
+fEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRh
+bmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0
+dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwKQYDVR0RBCIwIKQeMBwxGjAY
+BgNVBAMTEURpZ2lDZXJ0UEtJLTMtMTYyMA0GCSqGSIb3DQEBCwUAA4IBAQAHExeA
+QET1JLI7hBgf/HzsZX4EyHIy9n5YqtCvqy7gW4wnmo9NXL/ppUy6i7l7Xtgrr2Ny
+BHBHfhwfIM2KTePV/3XH8XJTg2GkGw4S5dIPZbONidrL4IBVTCa84GRrVmVQTo+6
+w0LQlWIfpQwPa89vZ7hxqsYE2WN9iML5/yGkjrEgMg+Pwd69PmskMMO1K5hW/Un6
+4b6engEOqBaH02sFp2sA+mHnHoRelzFLghWJLIeYTmbmdKYSBgN2vfjm/vIT/FEV
+QeQFc3MXHiMoLZ35D6RdMabdIF7djkNzbO5dLw/RgyrH5/O3vSqEoz9y8RsIrF61
+K1NAZLzVgbdfmpz+
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFojCCBIqgAwIBAgIQCdsXKYjK2TzSdDTgNMqemDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwMzI1MTIwMzI5WhcNMzAwMzI1MTIwMzI5WjBvMQswCQYDVQQG
+EwJVUzEtMCsGA1UEChMkVGhvbXNvbiBSZXV0ZXJzIFNwZWNpYWwgU2VydmljZXMg
+TExDMTEwLwYDVQQDEyhUaG9tc29uIFJldXRlcnMgU3BlY2lhbCBTZXJ2aWNlcyBD
+QSAtIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9gaqdzY2wM5
+WOcNb2iuLwS5KyaVFAIQfAPV5Vq3SUGVejSPUO+W1bzZeAQ8lOSFPvpxEMT+FUA7
+dZ/gUWejIGiP0LwTmw1FDaa78beG/z/PL78E5oouwnlwovw4f7V5FftP/ZdJntz9
+GRMzfHVkxgZzK1kBL+whzpC5Qyq3HFqBYuysPwqHckmwas85sXr16DyMHuPZN4BS
+JfSeJfmoQw0jtDGCApZHsLmPSHt+zZoprkoeCOoYNLmgxagvfxg1cNE5Old4SoFV
+dsDU4W/DIy6U2oJCSuE4m2t5VgfCFLtcUFEPYHM/kXw2N7RTSkZ1bp2ryN6n2y/b
+RtkkqPmsnQIDAQABo4ICQjCCAj4wHQYDVR0OBBYEFNc9XVzt3o149Ju5W3K8fEWH
+tRnWMB8GA1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWXNqfWMA4GA1UdDwEB/wQE
+AwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwEgYDVR0TAQH/BAgw
+BgEB/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw
+LmRpZ2ljZXJ0LmNvbTCBgQYDVR0fBHoweDA6oDigNoY0aHR0cDovL2NybDMuZGln
+aWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNybDA6oDigNoY0aHR0
+cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNy
+bDCB0wYDVR0gBIHLMIHIMIHFBglghkgBhv1sBQIwgbcwKAYIKwYBBQUHAgEWHGh0
+dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUFBwICMH4MfEFueSB1
+c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBhY2NlcHRhbmNlIG9m
+IHRoZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBsb2NhdGVkIGF0IGh0dHBzOi8v
+d3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMT
+EURpZ2lDZXJ0UEtJLTMtMTY0MA0GCSqGSIb3DQEBCwUAA4IBAQCM1zF5+k6nNKf7
+XE6q+LkdDoZWbx32RwgShn/HKYXegI+OIsAtOD4FzSDR/lmXo4+x5nd4sPVY/HeL
+ZsfVnxsihE08g3ShggnBs26iPj9+BtXqqbJ//Rb6HE6cbKmBdjJeb1J9zYUuVYPW
+acanaQOOcQpebvXEKW6sdUYbsrEnumt9V40OGW3OOCtUs+gWqFqwd1LcQtLiw52T
+M/CWGkICAs2WiAKNZPIDyaKfiSOJcshydr0IZ6MO69cy16f6XsPCkgiaKoS1Xt4l
+kVYQ6pUsyrc0HpUw8k4sa5eBhIyDBm6kl9JeiVIkQhaq3po+PE/T1b/sO9YcKo3Z
+8kQPmsa3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFXTCCBEWgAwIBAgIQAU05p3K1/6qTdSe9iTGzJDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwMzI1MTIzNTE0WhcNMzAwMzI1MTIzNTE0WjBMMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSYwJAYDVQQDEx1EaWdpQ2VydCBB
+c3N1cmVkIElEIFRMUyBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMsmaq8lNtgD32xrD/O5iyTS41E6DNbjOroPrpldPbLcej26k5F435sOvy7V
+o/Nj41o/01b7JE3K3lzlCiGcFCEUWhpeAOJVS8MZzungyHCigG4idbvVS2wlNwBU
+vTXRzELysP9L4y/V9mKEIXelGGhnejPv1emYkboEBbv5tXfMR8Q98LOgxZ9d+ART
+0lGPbKehn/otZgGGr+kFKhlAfnyzKWBwbSmTi9YuMO2YQ2qqDnERXMSSuMwoDawC
+kCAOX7PwxrYQGvkaq185ZbXuoVPmbU4wpuxYIzLDW0BNg6n86cxAE41rHL61LCQu
+34hhwzU9mnQEb6q2/FnaC75heW8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQA70HD
+Tsm9Lmt1hd9gGLxDPAoR6DAfBgNVHSMEGDAWgBTOw0q5mVXyuNtgv6l+vVa1lzan
+1jAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAB
+hhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0
+dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5j
+cmwwOqA4oDaGNGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3Vy
+ZWRJRFJvb3RHMi5jcmwwgdwGA1UdIASB1DCB0TCBxQYJYIZIAYb9bAIBMIG3MCgG
+CCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEF
+BQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMg
+YWNjZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRl
+ZCBhdCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVhMAcGBWeBDAEBMA0G
+CSqGSIb3DQEBCwUAA4IBAQBWtVBKtsdRNmvKabfUzrvOuaDrP8eI089v+NxIjf3m
+oW1lr/8y1vc2USHEBfcREmq7G8MoCb6MiaLtE8KHIwB8lt+L3pqujVVrpAquN+Rm
+ErCAlUG69/l7jrImug86kNAhRHOY+UNUIYPs3Fz4pneUceNOma/MWpFz1q+eiBss
+ELD+fxAGLnHjGGitbM3XsLgQSRb+VtolXGmig8HlBC4d0xmwOp4iGmwMEP1dtZq7
+XQ4/tZEDIqTiPJDpCor/nAUJUFEAmjrKYG0JcVDj34xwRdhsVmXaQXAMF+eBYkWx
+3YoLlZcZqJEPZP+mjQjJQiRjCo3Nb+DKWJWGH7kJWoIK
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwzCCA6ugAwIBAgIRAJrwahLNLOB6BLBEUu8LVIEwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDQwMTAwMDAwMFoXDTMwMDQwMTIzNTk1OVowPzELMAkGA1UEBhMCQ04xFDASBgNV
+BAoTC0JhaWR1LCBJbmMuMRowGAYDVQQDExFCYWlkdSwgSW5jLiBPViBDQTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKhq7CvNLkZvJYki92h8FQNKzcDN
+LTOLUMER05FwwE3t3xtKE7aMzPFL0QGhQsofWdZRgjsbSikhkbdH8SsmCtYrBXKA
+2dr1OyCdUkc/EJBJseB2lcGpK9MAxVzuQ3aMwC9HEFuK+a0qEiyJAcQ9QPIwCXfF
+h4zTjDb3DBPKVOxVzay7Nsf8/PPGIixonns+NqRrxwpuYWdD42s7Qq95ZCZNxtco
+kTGGUIj6MVzKAHpwWQzueE4dczzHUqOqmUOK96O4x1LRgb7gW+M6rSEIW3/Klu6W
+4ysZb1u6s8zxAxX4kBOXYppkFO6reapz/tAv5jFZT3jAto6M0jtGjJEgFc8CAwEA
+AaOCAW4wggFqMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1Ud
+DgQWBBQ3gXHH6PSDAlDMx7cTjMDlhJV32DAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYD
+VR0gBBQwEjAGBgRVHSAAMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRw
+Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1
+dGhvcml0eS5jcmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8v
+Y3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYI
+KwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEM
+BQADggIBACpDyWxqbXnIT+meN6nVfE1lIlUf0GErrKJFuWaAISFv+/DMox/v0R1g
+6QvC8DGpo5hUAdO4Hb4E+q0fLg8iJgBldImIMXCPo9aDmpCZfiHDCDRvBOPcsufd
+nZzhWUhis4YnaI5uxKws0UDIJpl8/rwtNRx8/7aDi2rwNYKpkDp2E3qa4RDesp0+
+AdPsgT/yjwABbksqh98jpNy2911LpG8LAyEoqsCzO7GZ2JguKoDxpnq9t08KwWAr
+VQ214WMSCEP60W9NdFZXS7zyWB0HcL7p+fs2/e3pleQm0WX8OYHpLzg3jioAh8DG
+vBbHKcr+m0yP2utw31M26G1EQBLZJRJMkXWcyZowELNMD72dSQGj11hRW9LtgRaT
+P0mnbZ1g33OmwV8LvWBo7U6GYbwWgxqmeIu3WUGusfA8o/z8rJ3dlxmH4kEQ6Vff
+vJpFDgi/1Rru2rn9Uhbi0cQoe9lFEgJAeKsKqQM2U60ClmAwqtqqDHo7TIlIPjSl
+tTV1ZmpKliFf4mmn/rZkHy9Y0nJRZRSGKEVxVE7aoBtchdM9C37XvBjL+xNGDOVC
+WtPFoUquRC+aoV43ZvpgjlOPBfjDhR9aY8Q3zbKRPQFDmtmZ9C8SaVmfSO81IaBX
+3d4zpdzi/nXE6VlRpH9FcuslcbSXi8XiOCCFUM5Y/WIFrcoyhFuP
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEfDCCA2SgAwIBAgIRAMgg4L6eNeCxmyCeeRyzYhswDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yMDA0MDEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFUxCzAJBgNVBAYTAkdCMRgwFgYDVQQKEw9TZWN0aWdvIExp
+bWl0ZWQxLDAqBgNVBAMTI1NlY3RpZ28gU0hBLTI1NiBEViBTZWN1cmUgU2VydmVy
+IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkLSwI1+KQBSTZjn
+rGq4hFW3nrB403nU1+Ywh3d7LJlRs+zGdWiL/qI5dLnreHxNI6IDrN++ANqtHDk9
+2k8ETW2UASZAblUXHe1Rpf4LppPKXmfrO1lovP/yR1KyuGjo3G/pWTGzEinzRoBB
+X0EsOgoo9umn7fhbh+71/SiPcFX2v//qsVgvT83TV/6CTj7cDXum0U1WZR0G3oF5
+RHZmrVHC7lVfS0jYNM9azcQ7TzX4HMk8ssw+zW7IhIwTlcx6bnB6x3H+8GftAGql
+byS7wM24IomEeLswQgsobA9WRYQcbvINJiz+XeVdHw+5xWJWkVIpjkokQjY2oWm4
+HBG8fwIDAQABo4IBHzCCARswHwYDVR0jBBgwFoAUoBEKIz6W8Qfs4q8p74Klf9Aw
+pLQwHQYDVR0OBBYEFGZSuGUuqrTyQXsKdP+YwgNo586AMA4GA1UdDwEB/wQEAwIB
+hjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIBMEMGA1UdHwQ8MDowOKA2
+oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmljYXRlU2Vydmlj
+ZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
+Y29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBqUWCzcno0B+RcHhp+RJ85
+/rET65L8RtDmYjTeJwfrs6g1BW3D2iUadhabWS8npNhcZQDubjbr6FNVplp4WOgR
+iN5jGss1Nh3Q0I1LYr5Z6ZgvFeNE/OqZXpe96xCdBGl4wcNWFEdzAizQDs0BSZmk
++1XWycJ4lE3p5hJVR7wfUG+Sy0OVHBH+E4C97sCcZ+hMZb7Yi6QjElFyx/aIfhH1
+1dCG5TajVtkhg/6q5v5k3/Re0v1mJm2q2C0qJDx8Z+3eZ1wK2pdLppqHwL+l5hRO
+84A6Ezt8uB0vIXdUd5onnMYyc1GZV0eTzSOWcjNOezXCJeZ4ScSObJJc1GHfcWKb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqDCCA5CgAwIBAgIRANK3WrigvXoSZbq1sLZSg+IwDQYJKoZIhvcNAQELBQAw
+gYExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMScwJQYD
+VQQDEx5DT01PRE8gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwNDAxMDAw
+MDAwWhcNMzAxMjMxMjM1OTU5WjBXMQswCQYDVQQGEwJHQjEYMBYGA1UEChMPU2Vj
+dGlnbyBMaW1pdGVkMS4wLAYDVQQDEyVTZWN0aWdvIFNIQS0yNTYgRVYgU2VjdXJl
+IFNlcnZlciBDQSAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhJOi
+9mDOLI5TSxgy2ihEPeKXm9QtT9H9DRriLeXp7zVt3fDZgOnV5qlJnS8NFEZz6SQl
+tr8xtktrNsVAabB1HjR1+CkUKxvYaythc/RhZQa5K+h2SceX+tdqs8FuHLubV7+q
+cf2ZZTzr8WisBiB1Rl+FVRiQm6WRPyiKjbNF/qgVkDPO0dEyQrz02b3MIrTWHeZU
+FcvI0C6PcG8H+Y+Fd+kaWRfv2TiTqZvPsgcq7eP8adem/VwLGZaGY7kLZUdXnJOU
+7p/jboTPgh5R6BRcW+E/z+oCGipl6ct7dkVbcXrWwl4g3420UiTtGxeChVqMOyB0
+dA+S5uB/syiwUvfCfQIDAQABo4IBQjCCAT4wHwYDVR0jBBgwFoAUC1jli8ZMFTek
+QKkwqSG+RzZaVv8wHQYDVR0OBBYEFOLlVQe8wbyvEPbp5MnbAnocF4Y5MA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYX
+aHR0cHM6Ly9zZWN0aWdvLmNvbS9DUFMwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDov
+L2NybC5jb21vZG9jYS5jb20vQ09NT0RPQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
+cmwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
+ZG9jYS5jb20wDQYJKoZIhvcNAQELBQADggEBADP27KFhy56aOOiSFPzdMDHM61Ca
+QB9X5v/8Tc2ef8C1LvyJSOTO5dGukoNqxUYh8jsPnUB3ZyyMWZ/UPQegsS5XIRRo
+HrtBGY5o6OMKkUxhHgfselKLv/eCNEX4pAK30n+XrULoiW2aYazhoUS1Aawe7Z9e
+yzfLFkYN73wJZWwWoiIyW9cm2nRFVyZL1Vcr/sHsCECJKYaF/Wyf3G3PRxiUVMvs
+J5dviPleBsZ24r8+WwWG5/dU3XUFBKfaG4DwYqNhgk2hKbM9A1MrPp04WNSnwyNd
+Q2LUGiRq8fP2Y259IXrhrUvcGFOeFA10BV/ObLVzvBD2NSXsR74SBxQMBrM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEfDCCA2SgAwIBAgIRAONaE0BUjAMEn7ijP6lKhlkwDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yMDA0MDEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFUxCzAJBgNVBAYTAkdCMRgwFgYDVQQKEw9TZWN0aWdvIExp
+bWl0ZWQxLDAqBgNVBAMTI1NlY3RpZ28gU0hBLTI1NiBPViBTZWN1cmUgU2VydmVy
+IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9dODoyvqLHqOEKa
+wSaFcZSx5GgQevkRrBqO4pG7ltn9o2EGVPYBpptGyyL7RgG9YHsn0Tx4mII5/zYe
+zr4+53e7r6OER4SGnbewxrv6JOqPHgAc9IMsq33U4WXc94i84Gji1cgCOLURvs8M
+YeARz9Aii5vbzZ8NOoWI3B/ChCWXhfRbMEbVKZyYHGUMrdrA+Z98TX68oGrTnMud
+ClRFed0clGXMVIciR6x9q9diGGE3R9DjAMQtNVHLbFVXipE15UQZ9oXc05UCuZVH
+/V7lMHPIggJDfytAGfdiT0j6ECcckgjh3NixqKK0fHvh9B+mmxq65RF5i6bWR+2a
+i4bB9wIDAQABo4IBHzCCARswHwYDVR0jBBgwFoAUoBEKIz6W8Qfs4q8p74Klf9Aw
+pLQwHQYDVR0OBBYEFGIVH4kWOBheNOv63IYHEIrU7VZqMA4GA1UdDwEB/wQEAwIB
+hjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQICMEMGA1UdHwQ8MDowOKA2
+oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmljYXRlU2Vydmlj
+ZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
+Y29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBAtvap35qabbNChxinBt6s
+g5LK9P+jkQ3YR0HMQMHhVzF3tSy20wNPEjID9A+QkihaH5yPychlVHHna0zC9/rq
+ad4NSMIZwgt54S4zLUETFVZd19qME7jjXgXm/BYgxbJwD9f5G20cl0wKNYxSuid7
+TUZLOY/jGhI4mJz8y9ZKgIbrdeNu/okqENE5Gbvi7GjeQr2ntVWOrwpOYD29s+nT
+PuVM+2ztJlmerETMQlOChGtDv3ruE/fbDFpQQxR3zpbg+9Dk+RllyF3e87X7Wt2X
+qSfL95/8DfmzvZuiSsWScoa4Hdm/fc1GOxmV5CiNuRlsXhynP3rimEGdlAKJJQvE
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEmTCCA4GgAwIBAgIRAOevSvR8tqm/q00QCVq7xrkwDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yMDA0MDEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFUxCzAJBgNVBAYTAkdCMRgwFgYDVQQKEw9TZWN0aWdvIExp
+bWl0ZWQxLDAqBgNVBAMTI1NlY3RpZ28gU0hBLTI1NiBFViBTZWN1cmUgU2VydmVy
+IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBGkUq59/askCsp2
+SA7hF4NIwwAegIMr1WzPHrdC1kFEGb24eUnvI+AVsjc8KzoewphkH8r5tbVLkgmV
+LVxMPEeXFqaZry9mh0doOxOKN9PPKIUqUr4LjQhlWrwhrSlGXXnwVvsivVV/yWAh
+KlFuk1oYk1y6qXkP39HmX+bmo+QocMJelemCrEMXeM1945PY/s6oTy6tSP8LuK3w
+bEvEFaFwjVGK7zRDbvgLwrCRgNS9NyeelC6+pnWMxsyT+VjWuziMXFuJhafs18vv
+l71flWJDoyCXcrVsK5veEccIEwV5SG3cvuVAe94FcpgeHjEr1BM5m4TDmmQlmTfS
+IEAWzQIDAQABo4IBPDCCATgwHwYDVR0jBBgwFoAUoBEKIz6W8Qfs4q8p74Klf9Aw
+pLQwHQYDVR0OBBYEFAHblKhitGAIU5X21Kge+/YEo0aqMA4GA1UdDwEB/wQEAwIB
+hjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjA4BgNVHSAEMTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9z
+ZWN0aWdvLmNvbS9DUFMwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5jb21v
+ZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYIKwYBBQUHAQEE
+KDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZI
+hvcNAQELBQADggEBAKGQtIOP+c8LC3Sw6wWKQKXbgDB8BOpdO1sHugBSWlgB9NrC
+Au07YHkVahqwdeCHgoZ0StjeFuQOvqOTQoVE9h5MdlmUiLvWUeSDa4y9/puC5hU1
+6Twy/UWOwQidmVL/MI6eV9BhcwFjLvNhjFQMDP3VvAyT9XGVJhNP/TV+ffCh3Ppi
+hM2xyohIU7oTT/843EEmcOnx9aQF9Rvrpu0Z4dwYbCHpYEy8LFQCgy5U6VVcxshi
+VBZYF3Sx7e+8ZX6JHBHP4QATiEqNoo6YbJkShr1tXv+ckRBTN+gL8DqncUtDRpsK
+Q5UXGuMaRl5UmH9M16MyhD7QBEDxdlzkd40wuBY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEijCCA3KgAwIBAgIQPXLCWcdPRWSkgGXiMC8syDANBgkqhkiG9w0BAQsFADCB
+gTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNV
+BAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0yMDA0MDEwMDAw
+MDBaFw0zMDEyMzEyMzU5NTlaMFcxCzAJBgNVBAYTAkdCMRgwFgYDVQQKEw9TZWN0
+aWdvIExpbWl0ZWQxLjAsBgNVBAMTJVNlY3RpZ28gU0hBLTI1NiBPViBTZWN1cmUg
+U2VydmVyIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY/P2S
+JGjrFxNghY8LKNmjtgwcZ76/0/t5f47nSl24GwWWptIW4WOlby/Ess/ArF8cIOl1
+2vNXblRWEzlGXbiHWDlPDihXI3idqkTxQW71VkWg8LFypui9kwZPl8by6Ulh79kl
+vg1fnJONX2VEZmpSEx/xXT5vxX7+dCzdLgdcqXAimlKF6PJIfZLJg/Hsk8xhQwl7
+8ENgeuaOCr/BJCX7uv4IfYw8StQhAsqlwS5jxlz3ogBDMYVtmSAtBbEYRG3Hbqvp
+/chQNqL2wYs9N0CUT7DnBp6B03tDWta+7nOTWt00ynOi4FOCCuplkl585Tk2KzGf
+n640nGbYcfalJx2LAgMBAAGjggElMIIBITAfBgNVHSMEGDAWgBQLWOWLxkwVN6RA
+qTCpIb5HNlpW/zAdBgNVHQ4EFgQUA/chrsFvGa20c1IEGLqfPzO1bqYwDgYDVR0P
+AQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMBsGA1UdIAQUMBIwBgYEVR0gADAIBgZngQwBAgIwSQYDVR0f
+BEIwQDA+oDygOoY4aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPQ2VydGlm
+aWNhdGlvbkF1dGhvcml0eS5jcmwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAB
+hhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQELBQADggEBALzj
+X3LdXUiIE3vjOKMAI/WlihwUCYShRPWRiBWSNNx74ZzGXSf9F0CE/PG+t1pqlLGn
+sEfoBZ7i//IMBazAZRQrDbrH7pFyVzXyPRHHiISy58OgkSFyPYLeFOpnOZ1Jjby8
+TzFw8qCwmTT6k7moB/2vSUbadujgaMdlON+VFQ6U/qAhjZyKOatuEcDTo8vpYoLs
+d7qyaCMPTk6PQ4BtzeB48aZ5I3qsof46UhDz4TX9mPGN0Ww2KkfZ6wy1wNjwsRhU
+SrV0/CMvRbD2Otdw7HWwgviaTz6B4ltazeFdaWlytzX9VshinbYLahlX5IfnDsLi
+12rLf2TvGIVViSPEKaA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF3zCCA8egAwIBAgIQK0iO2JjLvnCPoVuzATCqMzANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+NDAxMDAwMDAwWhcNMzAwNDAxMjM1OTU5WjA/MQswCQYDVQQGEwJDTjEUMBIGA1UE
+ChMLQmFpZHUsIEluYy4xGjAYBgNVBAMTEUJhaWR1LCBJbmMuIEVWIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilOL9CnmSZqn5RCw7u4xDOcAgx3x
+CsDRCtUrhphJddSVzihJ2rN2bii0332/NywxAyemMOKiKfcmKV21A+7wvx/bIQ67
+RTTHHDYCpKtVIusMd6M6+YTHeQRd8Ia33XzVlJ2Ot8DqqcupGPMPxnCi8fI6T3n/
+nx0uvpgt8JWa3FAlo8+RUAj1OiAf+hDrSBGzg4rU5iFOz4GYjl/zZQpQqsTaL45G
+FRMWfulagfNchHTdi/MVUl/X/DwxsBaPZ+Mrkx1zoYeFGHmo2nr3wCKCL6lLWev7
+xNnyWzKihgzzloghYfgeo2mBmjQoLEE8ZwMeT8/CKgobqmBUs9jPMbGCCwIDAQAB
+o4IBizCCAYcwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFIUahTNItySfI6RVWGsy4uO93Ub2MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNV
+HSAEMTAvMC0GBFUdIAAwJTAjBggrBgEFBQcCARYXaHR0cHM6Ly9zZWN0aWdvLmNv
+bS9DUFMwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29t
+L1VTRVJUcnVzdFJTQUNlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHYGCCsGAQUF
+BwEBBGowaDA/BggrBgEFBQcwAoYzaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VT
+RVJUcnVzdFJTQUFkZFRydXN0Q0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2Nz
+cC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBT2CsjI+brJsAVXEB/
+lvSfQWIsSVU77TRMQNPoxFtVmWBUpOMAvJv1plZX4bkX4ixZKcgF3osxoBqZRLOd
+KAjZhjll3tMm+cVXke6fj7GSmn97XpH/ZMn4Hu+ldm7tzjll+Z4yPnBUMblC37/L
+yEgDkAEBPu0gEq1V3DKQP/yhgg28HxSlwPfH16yORIDLrGy0qCbn/wJ3Ax6NLbzk
+13xZBf+WMsKBYYn+A6aXFK4vQz29d+tGQ9kk5nTorQAI8AKi3TNTooDYWevc/MhU
+c6qXNckuDlb4DonRZfZw6NbykI+wYxPWbVCEAEG83gVBD+ymh4TaoQfsylVzlh3/
+8+q8wqok+FdohfPNnqGlGqmua7VQlbym0+OabQWjsck4ID2OGNtIUL/ZT+q+4X6C
+zPS+ociaq0w2h+dsosZJa653tTCerDBH5iHG9jMja7aE5ncId73HcdKn+2E7YZOr
+kJZ9zuNXxDUwCJ8B9D6xJGGSYdLYtasSvW2WeO0cv0LvU6kzZMRUAyeZ8Z5xTTYA
+Jxn8ZLIkpRDga86Qr49ve2SjnirlALGmK62Hs6wyHKkEcShohtKCR74+7Fi9AG2r
+zrt6iFDy+WGZExGnlAC65ZGlKX3okLbQRL172C60jjimysQguSSeWa5vrZYhVZIc
+iESJ8q8BOmhJo6nvO8e5sINrYw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwjCCA6qgAwIBAgIQR0LTUZ6/FDR8L12t5TfdEjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+NDAxMDAwMDAwWhcNMzAwNDAxMjM1OTU5WjA/MQswCQYDVQQGEwJDTjEUMBIGA1UE
+ChMLQmFpZHUsIEluYy4xGjAYBgNVBAMTEUJhaWR1LCBJbmMuIERWIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlMpUY9l4tMZQl4gonqZdwqqtz+u
+8fblX1F44zjaP25ttZ0suqg9akJ7WXHndl2M0ICkFJ5R4qqdx6TVZ6+1XvBF3Zr4
+FjIiMKIqxFMMGb96vHN+sshhGcJKUyAO7AmdIR2FRwhUTz3pQnne/uLUzJnYmYhx
+8Ti7M1iJ1scXQgV5Tx/rnFAufnFHMNon1Ia3Jor2aWfncHdMCGA+Mj3vjY7DCa4V
+p+j65xckWgmmOjWtp/zAl8Z7g3Fccr1Ki/MgMqeBY4ZukbTYVr9K85FoV7bNnkyg
+rnVTaJChmo1ZGg1XL8Y0pqxqEsAYywOaBdbRSaG8Vo5ae82MOc5itI7K+QIDAQAB
+o4IBbjCCAWowHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0O
+BBYEFN89SAdm+eCRW3ixqtc8WTAXO02FMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNV
+HSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6
+Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0
+aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9j
+cnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggr
+BgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwF
+AAOCAgEAaCp581xitsN4IWCA1WE/vUpve/v59Ik8cusF9YjOjrnalqIZd/r3lgPk
+cRwH1TJsLUCKg88X3e6nacp1nPl8p8Hg+pXVeyX2cbyagcFT6pJD8ph0xsFZBzc+
+YiNeePfSTu+4LdfStir4gstY/j/qz1IzhMt7rtASC5nPHktneU365PIb/cErc8ls
+XFogAesi/vHY680PlmXY/ve8njJq1ZigKeWQoHevFc/L16a2cahZP5KU3DudpKjM
+RlajM2Rmvn211740s/G+fxDZV97OkP8p/80cSnLIIK9SnOem0W8DwzhvQdnIIPZh
+Y+XxMIk9sIr0IpP8PdRHu0IrTsTE/8AE2NfwZwngLtAofnQFg6U6+FqrwYE7zDFx
+0UvUFurX9y5Wy9eZjcP8Os+futiqlWwlrW8xscTN/vSOmCcaW4B1cvHFbn4hdJn4
+ERE4D+2dVaY/yxMAd8de24dpIbTxu+/yJOBijPFv5ahISRTWyV/n2C4yMdmANEi2
+/igiLvlx3rH2Jx6dEdxf9xjlguvXugXHr2dW3tMruSWjr/v93gojRIwZ+bOJKctc
+FrhpYYv0mJKhB9oa8EXROpAsAlhllaAsuGAgpku2IN2G9nbdn5QokiE+Th3u/k80
+IhGYkrKef0RI4xtz0m9ZbUr9Rpi0B+G3PuZoym2EzdKTVZIyEsk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEizCCA3OgAwIBAgIRANTyYjaVwp7MRvGOgusBIEcwDQYJKoZIhvcNAQELBQAw
+gYExCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
+BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMScwJQYD
+VQQDEx5DT01PRE8gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwNDAxMDAw
+MDAwWhcNMzAxMjMxMjM1OTU5WjBXMQswCQYDVQQGEwJHQjEYMBYGA1UEChMPU2Vj
+dGlnbyBMaW1pdGVkMS4wLAYDVQQDEyVTZWN0aWdvIFNIQS0yNTYgRFYgU2VjdXJl
+IFNlcnZlciBDQSAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgq7X
+NvVu+Su1Vy+7sRvOsO5y7hQtaF6ai2BGpNpHHDzfBz5nnBf4xFbiYFttV/GljF2m
+YCUslYY8SYTsgrdQz12jS2+cOnR+l/AoPNYB/gJoR4oanUwV1NvCs+NzjJM2BoqT
+t8UD7orQEU8GdfiIT2Y5n1JmW/8K+fU/3DNmg18zeyWBfAZF83ygMITvBjPN0Ck6
+mEb7qk4BcTrnupgkV4JWAk3trMetKf07x3o30fDLkhlDle9j793XMcZI07YubW4g
+4YgY/82iXdFHTkNcWghhGeZ+0BZjyTt52M7xu0g8ctWhpyQ65sxiz20pbGKX1Qpr
+Skl+6VgJB8cUHlmSXQIDAQABo4IBJTCCASEwHwYDVR0jBBgwFoAUC1jli8ZMFTek
+QKkwqSG+RzZaVv8wHQYDVR0OBBYEFDRS6q8JOsN3UZGZh5VAI8WeAlHSMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIBMEkGA1Ud
+HwRCMEAwPqA8oDqGOGh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET0NlcnRp
+ZmljYXRpb25BdXRob3JpdHkuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcw
+AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAF
+Q53AnA5nC2Ja+b8KjLjinod3LaiBWHm8PFM8lZ5kI8GbCgM96wwr03ODiXZ/1eUU
+Hx6C1fKHR8e6FlIOmBa7Pq39PLp4r2Z3N7kW6s9IzIoLtOkK4xGMDLjroLf7OQvM
+s/K0bEtRyLSrHnqdRSeJ/Ap8/UspkWG/7+wrSXY1XQ822ZxhJgd4Ad/lQMImT4VO
+3ksjJkHgyFUdvTyjznFroyvNR/D7tTY78EbBqITIhY0LxyAW78ANrjvhsVKnaIRp
+8Vz5AHWn9pN2PzBoD0KvKT1/l+aKrhK3Yd0YrK+OqeqOP14c5fYTYVDanJJPQ86T
+OWpvRBGFtLA7B1Ng/10W
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF6jCCA9KgAwIBAgIRAPhHOM8WO4I7nSzRr+A6OAMwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDQwMTAwMDAwMFoXDTMwMDQwMTIzNTk1OVowaTELMAkGA1UEBhMCQ04xIzAhBgNV
+BAoTGk1lU2luY2UgVGVjaG5vbG9neSBMaW1pdGVkMTUwMwYDVQQDDCxNZVNpbmNl
+IFNlY3VyZSBFbWFpbCBDQSAgW1J1biBieSB0aGUgSXNzdWVyXTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAKeqMVUZJZiPJnCcyNeATG3/bvWmSIyU0i4J
+Nka0IqIQ4qAQlIQuTEWYYFs8kQECg1SO7QwTyMkdRQ0wx3bAS3uxrrXjtYbpB99/
+MEucZ6DtgyQqhH7M0k2dDPvDiw0Ol4n/vncHxRi7757rqIUW3xHlq1yn2eoSIoYK
+ODu9XJGNacPx6J3XOMO2+y9kr8MtUC/wX7s8I6YB9FZxouXw813n4DULlYeN3rxQ
+ynJLUTD1JorMjFcB9OaEq52fz7XuNKxO/CBltamMYJbHeB9qMsA6VaK8PFkqnip+
+Fov8TTkHsOH8VrPTcBMfAoOmNEdKEcj85iMVSm2beGeU5Dna0msCAwEAAaOCAWsw
+ggFnMB8GA1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBSC
+tWxv1jJAKkYpdUxA2rAw8vb3PjAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgw
+BgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwGAYDVR0gBBEw
+DzANBgsrBgEEAbIxAQICUTBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVz
+ZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5j
+cmwwdgYIKwYBBQUHAQEEajBoMD8GCCsGAQUFBzAChjNodHRwOi8vY3J0LnVzZXJ0
+cnVzdC5jb20vVVNFUlRydXN0UlNBQWRkVHJ1c3RDQS5jcnQwJQYIKwYBBQUHMAGG
+GWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAFCx
+Ome08VjWYD7DYJMZSMtl4GXeHV04ywVUca3ef+BhkhtltAmnDVisDWsHuM0+m3sU
+auKJxTCDhWmEbeZab1mGSr9WUdftMmzvxn/urbiyZylAFGOPTr9OykOuKbCY+isu
+mi7N5SdrQolSR0zcqHh9c+jQoN+76Qg9XnkFc+6Yr9fYnk/uOIrK4TEZat61GhVL
+L0FsSGE5Aqh+0DG+iQvo4vCXWgG/Zohtmt7jAeLsNU/4XoYUBb7A9CuyvHp7Psx3
+z017M4yo6OtPYAfZ2z9ecwejVbu7i4a2PS1rJZOU/y+EPQbALZvbjqaoSKo2TKqf
+RCacI5cEf9/iyK+zsKsF+FtS0C90a5arcOTB19LjZqcNpJmyxEt+USaCdKhlzzrE
+u/qsraB4xr4lU0yw4DZKyzRTEIAlxKeJh2BGH8CuMIunSzS8+LUD3J8qUdMvtI+8
+iD0UxBj5Uw+HHwOs8Tvg3zmcJ8dcB8ULWnpiM+rNxPzgvsq7diRfhPJTFTQmgyh9
+WF7jh3lmbKA2TaQ3sCUvRvvb9L0t1POEkewcwVNgx0w02im86UOFwq7rtscX3cs8
+qiEnguhkdbcLiT9AzI6TdQ2Ajc4MsfoLcEpbyPxWUBvGRi7FPJsTTZKc6JNAe6DW
+LT+rne/7nhkj1LOm4t9ld9p+7jnhMkC8hYgpmSKq
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFWzCCBEOgAwIBAgIQVkZ/t7GwD1w/oStGyIXRMzANBgkqhkiG9w0BAQwFADBN
+MQswCQYDVQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMScwJQYDVQQDDB5E
+LVRSVVNUIFJvb3QgQ2xhc3MgMyBDQSAyIDIwMDkwHhcNMjAwNDIxMDgxNjE0WhcN
+MjkxMTA1MDgzNTU4WjBEMQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBH
+bWJIMR4wHAYDVQQDExVELVRSVVNUIFNTTCBDQSAyIDIwMjAwdjAQBgcqhkjOPQIB
+BgUrgQQAIgNiAAQ240HUj+j2VbYhATCfG5KDIKISlLfcOqdG2pL1Ia2sf5weNeF/
+M0pJszvsvGtZoVTx6v9ukNBsljpZxMRB4vdgAPStBtRKmgOz1cUCagPtX0yGY7Qx
+nzk+5K5d4QrdzTSjggLsMIIC6DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwHwYDVR0jBBgwFoAU/doUxJ8w3iG9HkI5/KtjI0ng8YQwggEaBggrBgEFBQcB
+AQSCAQwwggEIMDQGCCsGAQUFBzABhihodHRwOi8vcm9vdC1jMy1jYTItMjAwOS5v
+Y3NwLmQtdHJ1c3QubmV0ME0GCCsGAQUFBzAChkFodHRwOi8vd3d3LmQtdHJ1c3Qu
+bmV0L2NnaS1iaW4vRC1UUlVTVF9Sb290X0NsYXNzXzNfQ0FfMl8yMDA5LmNydDCB
+gAYIKwYBBQUHMAKGdGxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQvQ049RC1U
+UlVTVCUyMFJvb3QlMjBDbGFzcyUyMDMlMjBDQSUyMDIlMjAyMDA5LE89RC1UcnVz
+dCUyMEdtYkgsQz1ERT9jQUNlcnRpZmljYXRlP2Jhc2U/MG8GA1UdIARoMGYwCAYG
+BACPegEGMFoGCysGAQQBpTQCgUoDMEswSQYIKwYBBQUHAgEWPWh0dHA6Ly93d3cu
+ZC10cnVzdC5uZXQvaW50ZXJuZXQvZmlsZXMvRC1UUlVTVF9DU01fUEtJX0NQUy5w
+ZGYwgdMGA1UdHwSByzCByDBDoEGgP4Y9aHR0cDovL2NybC5kLXRydXN0Lm5ldC9j
+cmwvZC10cnVzdF9yb290X2NsYXNzXzNfY2FfMl8yMDA5LmNybDCBgKB+oHyGemxk
+YXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQvQ049RC1UUlVTVCUyMFJvb3QlMjBD
+bGFzcyUyMDMlMjBDQSUyMDIlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9j
+ZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MB0GA1UdDgQWBBS5E/JxvGv1jzeTwkyl
+h+/KSx/xPDAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkq
+hkiG9w0BAQwFAAOCAQEAweAbWPSi9cPL9tsSA/6oilFfWzzVVlxlHFjUF8i94mnA
+UhYuw6Q+CdQBOTisxgDa92OEnrMD2jUGbKc5h+kUTB9Uyg0WidvhV1zmmhQxyLIS
+0mrfe9Wa/qGnDx/faDLHB/9Fgow3Er8SCj5krJBS6dx0/4z1MSfoN2xcWOaL99wR
+8TfcxtujYpg+WUcjvl3F7MplyqQYSgMlGvg/EPVx7OWBEJNgYptzUjN+ZQtnuegZ
+FrDzWXoanmzbAXFK/B9Zi0ubXGMx2WxodbIkQ5buk6x4xSwgew7VMhUxI5clUHXA
+LS8zbwVIDWbfjkf8w/sjfQoV1P7XNjvGYscUqW9vNg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHMjCCBhqgAwIBAgIQShA9s+HZJmJlKzvcauXC8zANBgkqhkiG9w0BAQsFADBQ
+MQswCQYDVQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMSowKAYDVQQDDCFE
+LVRSVVNUIFJvb3QgQ2xhc3MgMyBDQSAyIEVWIDIwMDkwHhcNMjAwNDIxMDgyNzA4
+WhcNMjkxMTA1MDg1MDQ2WjBGMQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVz
+dCBHbWJIMSAwHgYDVQQDExdWUiBJREVOVCBFViBTU0wgQ0EgMjAyMDCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBANdLSzouA2XHyRDMJUYzFPpd/c3/NoVw
+fUdsYDU55ecboYNG3xBkWQU/0LgIMdjaWdlwkKIj4sBUEZT+GdXTcP/lOHDJWLy1
+mZf59xDX5b5ur/9DFHTn0iZnh3RGd1mb0ewbUAwkjYvLSGOLkSIp0eSFDZB+DsiX
+1YfAjMw1PtH/QCyz1KYAC4ApdaeNximJqOpvBDBMK4ObQ5VGsVECDEEzVJPOVdAi
+bynRwKTwmimm2oojj/PDxviwuLPJMinL2Ju04x215lvLFdnAxC0C+h6nQJ+C29k3
+Elv5CwZeW9zj6UCmN5wAdTA6am0vm95QfsAkRyzE/HsyPLVhW6/ZHmtExEVAL1FP
+rCSnIMqZqswfpUYUcbXwfAxFdYmun7EWZSMIJmoNpFSYJIA3rrwpX13TEMIQI23t
+srEAgZNYPEPob8+IbwJ6mg7PxJLn//UXcCD/1QFv5lhb8M/TbPr1v3sCDui/ribW
+/c/gSMdC8Bxa9zdG0AOehl864APAeyq9/suWUctb3n4R9pxknQs/VGMJfBCPJivY
+z8n6yl3SJXCkOenGiy+v2wFeV8kikfttJtDPJPCAQ/I2nIHI6GsUv3ijwvgYvyZP
+G3vMywjwzi4nT4+MeplprZoRu1DYcqNm+n095bWeGZjgAyLhXvipnokqOBMJ4oMj
+eqe6uGB2pBI1AgMBAAGjggMQMIIDDDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
+BQUHAwIwHwYDVR0jBBgwFoAU05SKTGITKhkuzK9yin0215oc3GcwggElBggrBgEF
+BQcBAQSCARcwggETMDcGCCsGAQUFBzABhitodHRwOi8vcm9vdC1jMy1jYTItZXYt
+MjAwOS5vY3NwLmQtdHJ1c3QubmV0MFAGCCsGAQUFBzAChkRodHRwOi8vd3d3LmQt
+dHJ1c3QubmV0L2NnaS1iaW4vRC1UUlVTVF9Sb290X0NsYXNzXzNfQ0FfMl9FVl8y
+MDA5LmNydDCBhQYIKwYBBQUHMAKGeWxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5u
+ZXQvQ049RC1UUlVTVCUyMFJvb3QlMjBDbGFzcyUyMDMlMjBDQSUyMDIlMjBFViUy
+MDIwMDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NBQ2VydGlmaWNhdGU/YmFzZT8w
+fgYDVR0gBHcwdTBaBgsrBgEEAaU0AoFmATBLMEkGCCsGAQUFBwIBFj1odHRwOi8v
+d3d3LmQtdHJ1c3QubmV0L2ludGVybmV0L2ZpbGVzL0QtVFJVU1RfQ1NNX1BLSV9D
+UFMucGRmMAgGBgQAj3oBBDANBgsrBgEEAaU0AoFKATCB3QYDVR0fBIHVMIHSMEag
+RKBChkBodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xh
+c3NfM19jYV8yX2V2XzIwMDkuY3JsMIGHoIGEoIGBhn9sZGFwOi8vZGlyZWN0b3J5
+LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xhc3MlMjAzJTIwQ0El
+MjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9jZXJ0aWZpY2F0
+ZXJldm9jYXRpb25saXN0MB0GA1UdDgQWBBQMcBtUmtKzmvhxtBqd9HILKZpT/TAO
+BgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADANBgkqhkiG9w0BAQsF
+AAOCAQEAlFzEOJ6MYH1OzOfVMisiGwL/B6xQx4mut03nURiq7X78J6DWUI0OAGsV
+lLgyn3qI9G+s/3wI+HZBb6cc6+mxdde/M33VEB+jSC2CjCfuJzy5aoGAmxxN2+iM
+pj6/mXPGYXmegd1b61o387rdh4D0e7cwW8EOj1Z/DmJkjG9P40KrGRJGQBxodHQU
+LxGH5wyGSmbzIqaf4Nu3y23Z/c07u1+QoAX3lrXKePfbeGvpCNWw+wZStCWmBnb7
+/y27mA6voU0zXUtHEQ2juGrsiU2lk5Xenh4L9hXrNxgLQyu4n2YS+Kl3GK6zxH4j
+qGJEGhh8z78sifxVayF82R9io0BBvQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHFzCCBf+gAwIBAgIQYDQ5U886jKQrtEpEKSy69DANBgkqhkiG9w0BAQsFADBN
+MQswCQYDVQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMScwJQYDVQQDDB5E
+LVRSVVNUIFJvb3QgQ2xhc3MgMyBDQSAyIDIwMDkwHhcNMjAwNDIxMDgzNzQ4WhcN
+MjkxMTA1MDgzNTU4WjBDMQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBH
+bWJIMR0wGwYDVQQDExRWUiBJREVOVCBTU0wgQ0EgMjAyMDCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBANOviIAGpYX3kNsqLlWkHt8BMYSGH1EQa2LNUaGS
+ifCZKk/JyDqO1U65Ej0t09S6ehFsuIKbU71c8QYUDs5MPfQr8jEXOOcm7tl8yRHG
+0QuOIX35P1JANDaAtJXnj5Vx77n1nTbvw/LMSQUqH/+XP7K+I3WOHN2Kzm1IWWSC
+PzJ20x7cG4tKV5oPpuQdRcL+rFMInoHiGsrt5Fy6zJRA3GMixUgBCG6J3Cc9k3zo
+ohDYqcjLt0fArLErGkBabVGXXAKi62IemihSJIeIAY1GdsSHBH8rzhz/kedlz17l
+oAHrvuaskxi13UTZIKM66xkQP4zOKqTM3zVejgBGdvxgVlNn8xeSiCbVOeOy2HjQ
+aLcJ5pd7X4V+J+iLpohwpoxg4sqTSD+lgWanwpczmK7D5oRTBTqC2XbXhNwm0Ngl
+CG3laSs6afQz8XwI4xUIl8ZUXJK4Xa7dUwaWd9VfqxxKlRRPIHQsbN9tcNaPjwMm
+D0QYaSp9E7sQXA7MuxB5DCfSKVlv6Fgu1SVoImm5ilcvkcNZOaHbkt+N1/evYJi7
+H5ZwuaAKu6afT89zkKUr9RaTj+Y3jA5BhRYj19SdwBl/6DYqSpQCuIDe1ftYG4ws
+FRW1e5zd6GJek1eln8h5qktnhga0tXs39qrqeUec0CF9XbkbTuVDwxTuEfz4t1QS
+X/iJAgMBAAGjggL7MIIC9zAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+HwYDVR0jBBgwFoAU/doUxJ8w3iG9HkI5/KtjI0ng8YQwggEaBggrBgEFBQcBAQSC
+AQwwggEIMDQGCCsGAQUFBzABhihodHRwOi8vcm9vdC1jMy1jYTItMjAwOS5vY3Nw
+LmQtdHJ1c3QubmV0ME0GCCsGAQUFBzAChkFodHRwOi8vd3d3LmQtdHJ1c3QubmV0
+L2NnaS1iaW4vRC1UUlVTVF9Sb290X0NsYXNzXzNfQ0FfMl8yMDA5LmNydDCBgAYI
+KwYBBQUHMAKGdGxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQvQ049RC1UUlVT
+VCUyMFJvb3QlMjBDbGFzcyUyMDMlMjBDQSUyMDIlMjAyMDA5LE89RC1UcnVzdCUy
+MEdtYkgsQz1ERT9jQUNlcnRpZmljYXRlP2Jhc2U/MH4GA1UdIAR3MHUwWgYLKwYB
+BAGlNAKBZgIwSzBJBggrBgEFBQcCARY9aHR0cDovL3d3dy5kLXRydXN0Lm5ldC9p
+bnRlcm5ldC9maWxlcy9ELVRSVVNUX0NTTV9QS0lfQ1BTLnBkZjAIBgYEAI96AQcw
+DQYLKwYBBAGlNAKBSgIwgdMGA1UdHwSByzCByDBDoEGgP4Y9aHR0cDovL3d3dy5k
+LXRydXN0Lm5ldC9jcmwvZC10cnVzdF9yb290X2NsYXNzXzNfY2FfMl8yMDA5LmNy
+bDCBgKB+oHyGemxkYXA6Ly9kaXJlY3RvcnkuZC10cnVzdC5uZXQvQ049RC1UUlVT
+VCUyMFJvb3QlMjBDbGFzcyUyMDMlMjBDQSUyMDIlMjAyMDA5LE89RC1UcnVzdCUy
+MEdtYkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0MB0GA1UdDgQWBBTJ
+HGRorGwYyiHVTVR7U1aikJOqkTAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgw
+BgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAT3GcFJCtNwOtYjQjq3GzDG8jFJ8d
+nD6d54N5Eeb/G0ivNsR1VIL+SylECekP3QqkpLgx7CLLHIREtc4igME+RXZC3HCs
+V1criKLjzQ+PbrMVtr6Skk28g4rs14Sbr6Q5AA2HOTdKXYCCHE53nvb2hT7SOWrE
+VbjL5leB2Ji52MGEp79Vp3XfjH0URqct1Jd3HrLR/MBRT+Qfxb35VAmu/lJkiArv
+gxD6iK5iFkw4ZabiuKyG7HJgGD828S2zsft4/xHeccIMputW6683k/+2gmD1NWXW
+X4HZNqlEGZy+lW+HlX4NOGPbaKdX5WUMHnriOEPM9YuATFzd+qdicjKwSA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFRzCCBC+gAwIBAgIQdpnSyNIP34Vzu82bf2ifoTANBgkqhkiG9w0BAQsFADBF
+MQswCQYDVQQGEwJERTEVMBMGA1UECgwMRC1UcnVzdCBHbWJIMR8wHQYDVQQDDBZE
+LVRSVVNUIFJvb3QgQ0EgMyAyMDEzMB4XDTIwMDQyMTA4NTY1OVoXDTI4MDkyMDA4
+MjU1MVowRTELMAkGA1UEBhMCREUxFTATBgNVBAoTDEQtVHJ1c3QgR21iSDEfMB0G
+A1UEAxMWVW5pcGVyIEdyb3VwIENBIDMgMjAyMDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAOJdBL2A1iUTESnuK1xZ5PqV+Da+lNysjzBIIJshJmt2rlYX
+3lYnfpndxraCnzNypE2siwV/B2Zw5Nk2VrqK+Fi2yTGxrtASsskz3HFb9MsN2rBf
+X+sjNGFANtCm/O9MU5THyR7Rt4rXW4P6SYQ5Xg8YnxC68I4u6W6PjsJXx0TyiMPo
+5pT/7vfsO8T2W0rWzG8vEAurceG2j6nbyaVW6Rf8JccW5gpXuIU1ZkEMBmmbONKM
+YhcA8MoWRbPBDiabcEb7aITdtian4aNMf9PLDfXX/TTbgPxy1V8hNwHijSNYxega
+8U7vxVrdV8tr715mShdIG2w7t3jo+29jIl0fTQsCAwEAAaOCAjEwggItMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAfBgNVHSMEGDAWgBQ/kMh9xxVv8ySP
+qcMvS6IPIbIv5zCB1QYIKwYBBQUHAQEEgcgwgcUwMgYIKwYBBQUHMAGGJmh0dHA6
+Ly9yb290LWNhLTMtMjAxMy5vY3NwLmQtdHJ1c3QubmV0MEgGCCsGAQUFBzAChjxo
+dHRwOi8vcGtpY2RwLnVuaXBlcmFwcHMuY29tL2NlcnQvRC1UUlVTVF9Sb290X0NB
+XzNfMjAxMy5jcnQwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuZC10cnVzdC5uZXQv
+Y2dpLWJpbi9ELVRSVVNUX1Jvb3RfQ0FfM18yMDEzLmNydDBFBgNVHSAEPjA8MDoG
+CysGAQQBpTQCgVQBMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vd3d3LnVuaXBlci5l
+bmVyZ3kvcGtpMIGLBgNVHR8EgYMwgYAwQaA/oD2GO2h0dHA6Ly9wa2ljZHAudW5p
+cGVyYXBwcy5jb20vY3JsL2QtdHJ1c3Rfcm9vdF9jYV8zXzIwMTMuY3JsMDugOaA3
+hjVodHRwOi8vY3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2FfM18y
+MDEzLmNybDAdBgNVHQ4EFgQUjMYeZSv9Y9uA+NTdPdrwUdCdXyIwDgYDVR0PAQH/
+BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJVKgR+8
+2oJM4yx8k2Eq/TOmBmHwp4wKf5H3oYQWTQvqay+k3qlEfrzxYwSYLYJucLkrEZjw
+IE9psgECNYj61NdZ7g4Jst8J2ftMcLvwNZrjM4CO+T6tZ/gUyUywiYEJRgRvYJYW
+A6L+cZWibUbK3T0vfrcKjXnZjl8yO9nnUHjmLM2V/sc6J0XocWqBI0kf/B3Y6pRc
+nQWAg7FXOnSITSaymLLHCpLDdr4nNYC5nfZGOjNFIJI0vV7y4kIOHPmpz2m8Ur0i
+FQI4425EjV76j3qdAQOxqdlGEGeIaa/VRB5r8X2Go8Gl7RKoCoRRw2LbffXbONxr
+DFGAzetf1fhNtRA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFZTCCBE2gAwIBAgIQZSQXICOUuCCnq7jaeMEdpDANBgkqhkiG9w0BAQsFADBF
+MQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMR8wHQYDVQQDExZV
+bmlwZXIgR3JvdXAgQ0EgMyAyMDIwMB4XDTIwMDQyMTEwNDMxOVoXDTI4MDkyMDA4
+MjU1MVowWDELMAkGA1UEBhMCREUxHDAaBgNVBAoTE1VuaXBlciBIb2xkaW5nIEdt
+YkgxCzAJBgNVBAsTAkNBMR4wHAYDVQQDExVVbmlwZXIgQ0EgMyAyMDIwIFhYWEkw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1bi0llXLOJESMYwWXxfZI
+Rgk8aVMu3VqZRhZgIDUEcWwqwMPz/Vj4hvyHXDeHG6CG6mIPbSYK3DCZYkF2sfbU
+0JtZWkNZCn/yyYcA7EZKUclFjWd3Y9TvoHtis6dPKgJ0j+/EMCSGkbwXOUL/srxp
+aBHu4aCWLszdUYSYfr4kYMflto0/9amfxsKX1vYJ44wZdZsFR8/d/UQErTrVVVPC
+uSb7rzBBquOrQCuLPxywE70/gVl1az58a1bVox9KMv6UhXbOkkUka3IGLG9kEZoK
+YUMz9MO12v8+89KNjiVlJu/zJqOB/omHyWVFJutaQLkNtjgTMmiDTU23HVLkzfUz
+AgMBAAGjggI8MIICODAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwHwYD
+VR0jBBgwFoAUjMYeZSv9Y9uA+NTdPdrwUdCdXyIwgd0GCCsGAQUFBwEBBIHQMIHN
+MDoGCCsGAQUFBzABhi5odHRwOi8vdW5pcGVyLWdyb3VwLWNhLTMtMjAyMC5vY3Nw
+LmQtdHJ1c3QubmV0MEgGCCsGAQUFBzAChjxodHRwOi8vcGtpY2RwLnVuaXBlcmFw
+cHMuY29tL2NlcnQvVW5pcGVyX0dyb3VwX0NBXzNfMjAyMC5jcnQwRQYIKwYBBQUH
+MAKGOWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY2dpLWJpbi9VbmlwZXJfR3JvdXBf
+Q0FfM18yMDIwLmNydDBFBgNVHSAEPjA8MDoGCysGAQQBpTQCgVQBMCswKQYIKwYB
+BQUHAgEWHWh0dHBzOi8vd3d3LnVuaXBlci5lbmVyZ3kvcGtpMIGLBgNVHR8EgYMw
+gYAwQaA/oD2GO2h0dHA6Ly9wa2ljZHAudW5pcGVyYXBwcy5jb20vY3JsL3VuaXBl
+cl9ncm91cF9jYV8zXzIwMjAuY3JsMDugOaA3hjVodHRwOi8vY3JsLmQtdHJ1c3Qu
+bmV0L2NybC91bmlwZXJfZ3JvdXBfY2FfM18yMDIwLmNybDAdBgNVHQ4EFgQU0KiN
+4f2YnMuCyiDZ7V3/cd3bLf8wDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwDQYJKoZIhvcNAQELBQADggEBAGpBUVGZ+Gxko/WYWt5sErs7qAxWSAQu
+/GhSqRNO9jTKjL1GWCRJGgc6WAV4ZV8yW+Tw0x8Z5/sU0tCUfFacsma2IJfzsKa8
+fE/Fmz82DXqHTuSiy0V+XRN3cy3HbvxRIc4TmPMshR0z1L/4odRMNJpu1E6LAepO
+CkZ9XIiARjtprp37BzPKpaxgeE6o/bzeVopcSzZP7qDJTowYURjdiDsjI3PqvGDe
+3CXOVg3SE466ArfTJaiAWRr0+R03sJCbyRVGVYEV8LT7w4kM7Iz0lmCsYIkhla0F
+x/QsCplEgKt9Ab+Z9lUpGKHdGdl25c1jjH3u+XbiABK98wODDKuPKm8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFZjCCBE6gAwIBAgIQekkzCo/qVhZKzl4Mr5SfgjANBgkqhkiG9w0BAQsFADBF
+MQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMR8wHQYDVQQDExZV
+bmlwZXIgR3JvdXAgQ0EgMyAyMDIwMB4XDTIwMDQyMTEwNTQwMVoXDTI4MDkyMDA4
+MjU1MVowWTELMAkGA1UEBhMCREUxHDAaBgNVBAoTE1VuaXBlciBIb2xkaW5nIEdt
+YkgxCzAJBgNVBAsTAkNBMR8wHQYDVQQDExZVbmlwZXIgQ0EgMyAyMDIwIFhYWElJ
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw86c71zOC/JlnF2NrEot
+uqnIVCmPHiTSDMG9RAU3DtAVJPFNyLpuXV1jEwHagJxCZ1liFYm0t1k3TUQWd8zg
+PCw312vyj8YtR5IN5ybVv8DZtakc4Iq/h8TDZGnBxWX7DVRGETUAjqpPneNMuFHW
+6atApN9T37lRzPl2EGTykU0zz+OYYkjNOBRKDSGG4OYedI/TG3pTCXTQr8nf2hdY
+RPRSuVrsZS+Zwdwh43nJJqMT4jbhP5JHEEYEh4JD4LMOoOD7/vNq4zfwBDqxdRmu
+e3HUf68gRroZPSI+AheoDYo2e+EnLdUq/1AXBNb34o/Zlh6kBiEIjmob5kq4bszS
+9QIDAQABo4ICPDCCAjgwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB8G
+A1UdIwQYMBaAFIzGHmUr/WPbgPjU3T3a8FHQnV8iMIHdBggrBgEFBQcBAQSB0DCB
+zTA6BggrBgEFBQcwAYYuaHR0cDovL3VuaXBlci1ncm91cC1jYS0zLTIwMjAub2Nz
+cC5kLXRydXN0Lm5ldDBIBggrBgEFBQcwAoY8aHR0cDovL3BraWNkcC51bmlwZXJh
+cHBzLmNvbS9jZXJ0L1VuaXBlcl9Hcm91cF9DQV8zXzIwMjAuY3J0MEUGCCsGAQUF
+BzAChjlodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NnaS1iaW4vVW5pcGVyX0dyb3Vw
+X0NBXzNfMjAyMC5jcnQwRQYDVR0gBD4wPDA6BgsrBgEEAaU0AoFUATArMCkGCCsG
+AQUFBwIBFh1odHRwczovL3d3dy51bmlwZXIuZW5lcmd5L3BraTCBiwYDVR0fBIGD
+MIGAMEGgP6A9hjtodHRwOi8vcGtpY2RwLnVuaXBlcmFwcHMuY29tL2NybC91bmlw
+ZXJfZ3JvdXBfY2FfM18yMDIwLmNybDA7oDmgN4Y1aHR0cDovL2NybC5kLXRydXN0
+Lm5ldC9jcmwvdW5pcGVyX2dyb3VwX2NhXzNfMjAyMC5jcmwwHQYDVR0OBBYEFFbt
+0t9dQGsVHWxXIA14kU8gnJ1XMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAG
+AQH/AgEAMA0GCSqGSIb3DQEBCwUAA4IBAQDCEorVJ/XSH6TsagjLY9L25XO/r2aC
+1e0JnWjJF750GI/gHePuqFN/8fbADAWlqY+qXd7JMn2eW7pDyuDBb4tW/GgqYeIO
+EcFE/4rxOz7gyVleSWw0xj3hgu8Ij/s7RVlNnTYI6kEN6Mipm0bP/ZdjRIfqgNC0
+EpGZqlrIlgjz9/mBIy4HzdUD+xV691kXTWEv9D+6gyHvFuDOgppvPRJ/Zb8nzgE4
+M3xlfnxIUoK7Em5QoIuj7BGv7LqwQ633wLtpATJOvWgaQFtd8UhVtMniWxddQ8Mc
+J2PYDhqcoLWUA815ZsMZzDv+HaSNzd5FvQSp5Yc6QGyPbJXERLHKhcih
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFZzCCBE+gAwIBAgIQdwxMdQ+cNM2PV1ZVVft9gDANBgkqhkiG9w0BAQsFADBF
+MQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMR8wHQYDVQQDExZV
+bmlwZXIgR3JvdXAgQ0EgMyAyMDIwMB4XDTIwMDQyMTExMDMyNloXDTI4MDkyMDA4
+MjU1MVowWjELMAkGA1UEBhMCREUxHDAaBgNVBAoTE1VuaXBlciBIb2xkaW5nIEdt
+YkgxCzAJBgNVBAsTAkNBMSAwHgYDVQQDExdVbmlwZXIgQ0EgMyAyMDIwIFhYWElJ
+STCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK8qJEuJizvmOI/hZytt
+pp05hrHXu3Yw17BBx4LmywLsizQSCkEmX61yHuo6Qgj7cn4T0u8pmqczui3YQjbV
+lMqld/DeUuGdDalVIaCY/o6Ngb1PYwEKkIL4mm10h0C98Lq1OkMAUKFZ3Dot6DEH
+t8jpjlLLcGpV8rkAAJ8F4My2PRGTKM9eaY1rGGx98QoV3NeVb50oQis3a3ojjsN4
+cp6CYjeMfzygDclyCOrzNTfmvi2ieFUh1NUSxBrhRtPTzD9SnKgfXdllmspMb8Hs
+A/uwC49dQTf0luhRTwLOXBi9+2r1U0CzYSjvJI6zADOs+Ir2zvgaU8E85zyoZ9Hs
+eRsCAwEAAaOCAjwwggI4MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAf
+BgNVHSMEGDAWgBSMxh5lK/1j24D41N092vBR0J1fIjCB3QYIKwYBBQUHAQEEgdAw
+gc0wOgYIKwYBBQUHMAGGLmh0dHA6Ly91bmlwZXItZ3JvdXAtY2EtMy0yMDIwLm9j
+c3AuZC10cnVzdC5uZXQwSAYIKwYBBQUHMAKGPGh0dHA6Ly9wa2ljZHAudW5pcGVy
+YXBwcy5jb20vY2VydC9VbmlwZXJfR3JvdXBfQ0FfM18yMDIwLmNydDBFBggrBgEF
+BQcwAoY5aHR0cDovL3d3dy5kLXRydXN0Lm5ldC9jZ2ktYmluL1VuaXBlcl9Hcm91
+cF9DQV8zXzIwMjAuY3J0MEUGA1UdIAQ+MDwwOgYLKwYBBAGlNAKBVAEwKzApBggr
+BgEFBQcCARYdaHR0cHM6Ly93d3cudW5pcGVyLmVuZXJneS9wa2kwgYsGA1UdHwSB
+gzCBgDBBoD+gPYY7aHR0cDovL3BraWNkcC51bmlwZXJhcHBzLmNvbS9jcmwvdW5p
+cGVyX2dyb3VwX2NhXzNfMjAyMC5jcmwwO6A5oDeGNWh0dHA6Ly9jcmwuZC10cnVz
+dC5uZXQvY3JsL3VuaXBlcl9ncm91cF9jYV8zXzIwMjAuY3JsMB0GA1UdDgQWBBQ+
+08eWNJIc0KgCvLh4qETUXwZWqzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgw
+BgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAPWc9gST5H8dCdkWdCxeg9JA8ima2
+Ybzj720K783ceRrc7F+20ec/J8L600UMRwa3cwkvFlHuP7MUYdVfQ8K4OhuFnP4D
+wDFYoNPKrGkHH2vsW134P3ZDK5+w9/+rkrploD1LG3MDfzjgFtknzHpB4lK1JB7Z
+1RzmpOce/2iLbd8/ErdVDo2ODPAKMnvR5VSI3Cwdho4THnNS/Vg5qIyJa8cZtxP2
+7d09xoYmR3IFjUU/2y9PVWtPscHrf4wJ6PC8VULXvMQOvuyMSVTFY1vTfMs8kFMg
+8JgAAMTWdvv9jvxZCQntGZSSiyfogVb5w2pNMPvCnOPgK+5pQcovwjJ5uQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDsjCCAzigAwIBAgIQDKuq0c7E6XzCZliB0CE49zAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0yMDA0MjkxMjM0NTJaFw0zMDA0MTAyMzU5NTlaMFExCzAJBgNVBAYTAlVTMRMw
+EQYDVQQKEwpBcHBsZSBJbmMuMS0wKwYDVQQDEyRBcHBsZSBQdWJsaWMgRVYgU2Vy
+dmVyIEVDQyBDQSAxIC0gRzEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQp+OFa
+uYdEBJj/FpCG+eDhQmVfhv0DGPzGz40TW8BeWxipYTOa4FLieAYoU+3t2tg9FZKt
+A4BDTO43YprLZm6zo4IB4DCCAdwwHQYDVR0OBBYEFOCFSH0TptMQGZ9cy2t4JJL4
+rhuuMB8GA1UdIwQYMBaAFLPbSKT5ocXYrjZBzBFjaWIpvEvGMA4GA1UdDwEB/wQE
+AwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgw
+BgEB/wIBADA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw
+LmRpZ2ljZXJ0LmNvbTBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdp
+Y2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290RzMuY3JsMIHcBgNVHSAEgdQwgdEw
+gcUGCWCGSAGG/WwCATCBtzAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNl
+cnQuY29tL0NQUzCBigYIKwYBBQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRp
+ZmljYXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFy
+dHkgQWdyZWVtZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29t
+L3JwYS11YTAHBgVngQwBATAKBggqhkjOPQQDAwNoADBlAjEAyHLAT/4iBuxi4/NH
+hZde4PZO8CnG2/A3oGO0Nsjpoe2SV94Hr+JpYHrBzT8hyeKSAjBnRXyRac9sM8KN
+Fdg3+7LWIiW9sUjtJC6kGmRyGm6vV4oAhEDd9jdk4q+7b5zlid4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFMjCCBBqgAwIBAgIQBxd5EQBdImf2iJL2j4tQWDANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDQyOTEyNTQ1MFoXDTMwMDQxMDIzNTk1OVowUTEL
+MAkGA1UEBhMCVVMxEzARBgNVBAoTCkFwcGxlIEluYy4xLTArBgNVBAMTJEFwcGxl
+IFB1YmxpYyBFViBTZXJ2ZXIgUlNBIENBIDIgLSBHMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAOIA/aXfX7k4cUnrupPYw00z3FwU6nAvwepTO8ueUcBU
+smQGppcx5BeEyngvZ8PSieH0GHHK7RnHbgLChyon2H9EpgYo7NQ1yrcC5THvo3Vr
+lAP6U746ORSDxUbbv4z15kAsyvABUCFi8S7IXkzDIjhOICNrA8fXUpUKbIccI2Jv
+Mz7Rvw5GeG7caa2u+vSI3TmBnwMcjVqlsScqY6tbE/ji7C/XDw7wUpMHyaQMVGPO
+7mJfi0/QbiUPWwnCJPYAqPpvBVjeBh0avUCGaP2ZtZc2Jns1C8h9ebJG+Z3awdgB
+qQPYD2I+fy/aBtnTOkhnBJti8jxh1ThNV65S9SucZecCAwEAAaOCAekwggHlMB0G
+A1UdDgQWBBRQVatDoa+pSCtawaKHiQTkeg7K2jAfBgNVHSMEGDAWgBSxPsNpA/i/
+RwHUmCYaCALvY2QrwzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAm
+MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wSwYDVR0fBEQw
+QjBAoD6gPIY6aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFz
+c3VyYW5jZUVWUm9vdENBLmNybDCB3AYDVR0gBIHUMIHRMIHFBglghkgBhv1sAgEw
+gbcwKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoG
+CCsGAQUFBwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0
+dXRlcyBhY2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBs
+b2NhdGVkIGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwBwYFZ4EM
+AQEwDQYJKoZIhvcNAQELBQADggEBAKZebFC2ZVwrTj+u6nDo3O03e0/g/hN+6U5i
+A7X9dBGmQx3C7NkPNAV0mUoaklsceIBIQ/bC7utdgwnSKTnm5HdVipASyLloU7TP
+2jAtDQdAxBavmLnFwcwXBp6n17uLp+uPU4DZgubM96LyUQilUlYERbgu66rCK18j
+RmobDvFT8E71oU13o1Oe/1WUHFbTynRkKW73JDd2rZ21Pim7LEJVY3OcRmtYNHaM
+/lunYx1ZQ+0fw7Hc5J/xR7vlRiuyP+fJ9ucuDYupLg333Di5R7JZIfnX42ecX0Dd
+0wIeuFj0HBjH6c25FUov/Fa5Zjr0VPjmmgN6PnoMArUZXDkQe3M=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFHjCCBAagAwIBAgIQBPIuzCH8tDgqwouPLWQfwDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0yMDA0MjkxMjU1MzRaFw0zMDA0MTAyMzU5NTlaMFExCzAJBgNVBAYTAlVT
+MRMwEQYDVQQKEwpBcHBsZSBJbmMuMS0wKwYDVQQDEyRBcHBsZSBQdWJsaWMgRVYg
+U2VydmVyIFJTQSBDQSAxIC0gRzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDfn5fdV0A4cCNFu0EvUgduZVPyPZity4q8Re1TcE9qGyWoVpzHm9OluDlq
+wcvudbLwBe25PWA2Z9xFpVKK9jGW6Vt79N7if7dfi9w2+2zG+/wJu1Z6TA8RENTV
+uJTaMwqQXw1dTkZEOgjCEKa75uyzXl+mIa0s4GdxkCBclGI9WDsUFlLj3A6eBIze
+TomTl7LhIV+nQUEWTqkwG5Pcxckiv7Xn1mu7EVWUukZWY8uL+KhcTJQZYtxNj3Pe
+M73WZ3fraixPA+RBkVnG5NgObRnrk5VHwjntbit9892kp7EISZK4Izfm99QgP4V2
+IqHFsKxfCnZqfwUHikxftIVkjXIdAgMBAAGjggHgMIIB3DAdBgNVHQ4EFgQU073B
+PKDPNbk0xdTb2hAOTN5q/lgwHwYDVR0jBBgwFoAUTiJUIBiV5uNu5g/6+rkS7QYX
+jzkwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcw
+AYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEIGA1UdHwQ7MDkwN6A1oDOGMWh0
+dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmww
+gdwGA1UdIASB1DCB0TCBxQYJYIZIAYb9bAIBMIG3MCgGCCsGAQUFBwIBFhxodHRw
+czovL3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNl
+IG9mIHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0
+aGUgUmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3
+dy5kaWdpY2VydC5jb20vcnBhLXVhMAcGBWeBDAEBMA0GCSqGSIb3DQEBCwUAA4IB
+AQBD9c6SmtMxGjRwc/A1bPiM+r1qj5xbDzGn6s6m6oggm9UeBLCSUNJthKffNPqq
+wtULeeUddssewaOZX+uHjG9bY/O9J1VQtGtXI2hndyAPiloqNjf5iBW16h3ZIUFQ
+L319hISioItFVJZnVe4gjNEWio1ZRwO5A4e/H69/lPAX294yGtYGllAdv2NexhUM
+fjODhCajoTJmkXbyIpYzTNkgDXvQptTecrvr0rPzEMWfTtGSppbOC+s/5jG3aJ6G
+Jn49Ram1ZLEGHTx9PWUoHth9Lj7vwFBD9667x9m9nUhuET9a3XvNep+N7w96ZqH2
+fAqUBW1kl6u3u67D6mvDsCQr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFnTCCBIWgAwIBAgIQCOpLrdu2g4Q1w9NLKOlvhjANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwNDI5MTI1NTU4WhcNMzAwNDI5MTI1NTU4WjBqMQswCQYDVQQG
+EwJDSDEuMCwGA1UEChMlU1RNaWNyb2VsZWN0cm9uaWNzIEludGVybmF0aW9uYWwg
+Ti5WLjErMCkGA1UEAxMiU1RNaWNyb2VsZWN0cm9uaWNzIFB1YmxpYyBVc2VyIENB
+MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3fLbDCu99j+T6lH8R3
+jscukSJxadqhYX/xqWJdJiSTE0yuWOzRJ0ucZyOI0eSnEW66AtCWmjl0X+sfGLv0
+Vy3e+HvVkIL383ObkZQDqWFr+m+AQTVs2E18vWBoYHf3Go3k0iPgpg9VdoTKeTAU
+vppSsdjh7Q2ipzHEtAPVSWI+BMvnU1W8WLv/hNPCcFJeXBH2fGclDpvG1wdFYWK6
+uM6bYgLWqGNArKxCFlFw0L2swlfz92s4qd2FNATcFkP4LoSPxsL1O+IIxQ7zdxro
+bALiOgmvwLGVVNpFj961u7XorocmALMYDjwc5zgtFNQ/aGzrQR90tYD9+XzQBPmT
+g9cCAwEAAaOCAkIwggI+MB0GA1UdDgQWBBQV10oBDEhicl8jJOWgQBRbAAHWHzAf
+BgNVHSMEGDAWgBTOw0q5mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMCAYYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
+Y2VydC5jb20wgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0
+LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwOqA4oDaGNGh0dHA6Ly9j
+cmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwgdMG
+A1UdIASByzCByDCBxQYJYIZIAYb9bAUCMIG3MCgGCCsGAQUFBwIBFhxodHRwczov
+L3d3dy5kaWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9m
+IHRoaXMgQ2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUg
+UmVseWluZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5k
+aWdpY2VydC5jb20vcnBhLXVhMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFEaWdp
+Q2VydFBLSS0zLTE4MTANBgkqhkiG9w0BAQsFAAOCAQEAQFZU+N+hh0rSlk32GULm
+pPEG6VjJHBUxJa1Tv2M/jocGqKzPjPpebmHOB6T734WrZ/pEECzXowYbXan8DgEA
+CoKfdsQPSpvdeXxmfSFBhr2zk/mevrPxvZK3dgbJeLKfJnirKqRhAlGDnxPlwUEV
+FLy5v8O9yWgjQLX3BmUpN+iumhJB5vB5+UL7gKlL/O6SonlOg5gKD82sgg2VwtLp
+6M7vmIIrMgmRMWnnFHvJE0DqIcbLM9fi7J+nMw4kuX143Vg93SSLE5ez2Deg1MFx
+XdgRzBbz4Hk2MKedhGXrUcTcV4hJzERLxBQnfF8ads2GIkE2rstrwL0c/MJwkfd+
+hw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8DCCA9igAwIBAgIQVoFL4pfjDOsuZZiFR69QSjANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTIwMDUxODEx
+MjYyMVoXDTI1MDUxODExMjYyMVowdDELMAkGA1UEBhMCQ04xNjA0BgNVBAoMLUJl
+aWppbmcgWGluY2hhY2hhIENyZWRpdCBNYW5hZ2VtZW50IENvLiwgTHRkLjEtMCsG
+A1UEAwwkWGluQ2hhQ2hhIFRydXN0IFNTTCBEb21haW4gVmFsaWRhdGVkMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzpwHSZxkvnO/av5GP0B1bKmSVIX
+4+gp/QMFfbGMlB0LIgsb2ZNu3U8ayiTarALhA7jpeOuLfZ7Pu01PLhNawa286WDZ
+cQqGZDqZpwxCBzJ2Upz37iYSJg/z/QIgiPupCP7iwH+qJhXd1qn1tPdBXsZGK6eZ
+qjrna2tqTofneOlzGH1qg61JEXQ+sbspRs37d7ClhK8vkL5qIvCDQkiPsksFw1rH
+LL+VTbTWeZE+mItJNQOlr5yxGqImv4gTC2bTyecb7GlYcIflaYb17l7waRp1Gm9U
+RnZv3CLt86rvyEWjE0rVoBoTs4tLLX5uj8IfuoP5kHQLC/lLUszR6n1EDQIDAQAB
+o4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUeGwFw28BrVzX
+0s6Klw9y6QbyVU0wHwYDVR0jBBgwFoAUVJndm//opw6jGZ1bvkJX3zD8jzIwDgYD
+VR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjA4BgNV
+HR8EMTAvMC2gK6AphidodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9nc2Nhc2hh
+Mi5jcmwwbgYIKwYBBQUHAQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8vc3ViY2Eu
+b2NzcC1jZXJ0dW0uY29tMDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3NpdG9yeS5j
+ZXJ0dW0ucGwvZ3NjYXNoYTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAmMCQGCCsG
+AQUFBwIBFhhodHRwOi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcNAQELBQAD
+ggEBAFGf4E2o9UexwsHiM5q0vLs7PxrFZuRCfYygUUOQSn+JKBBqv+sQ3xTolCW6
+rY8sheADWxFoaGFSYgkLT7vCJLnwCFaLC7KpaFKnnLOmlHXOZR9S5+JUrAdd06uk
+L4ma7vJuV/hOyr+UkJETNJXi36OznnT7mninM0WaBeHF02trhGhClSGArNaVgJ8X
+YaHSFW70op9zirU4vTTnzKUykQg4wI+5Ney8EZdSqSS1OojTNucjUFn5HR+0uUDs
+E0wSDj7RXyHS2TCYEATtP9T526JVvdIeTajRDtagGqslXkTNQ0+0iiQkhapp3xnQ
+sOs3XnWBrVdMZ+obz+3CEYpqFeg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8jCCA9qgAwIBAgIQQr5QsaZ1PDZAmgN4iKYOqzANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTIwMDUxODEx
+MjczM1oXDTI1MDUxODExMjczM1owdjELMAkGA1UEBhMCQ04xNjA0BgNVBAoMLUJl
+aWppbmcgWGluY2hhY2hhIENyZWRpdCBNYW5hZ2VtZW50IENvLiwgTHRkLjEvMC0G
+A1UEAwwmWGluQ2hhQ2hhIFRydXN0IFNTTCBFeHRlbmRlZCBWYWxpZGF0ZWQwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrvccbCf574JaAfs2cTOGuea/C
+LXEsAqajfaC9G3ORQhML1Fdqfdakn/ACQiNHqB+E/J/NvQHxCGwwwCGeTxzn7Zig
+UW6TJTOT3kGbVgWa0a89nTrQZWqAkTa8Mrl79pWVuPCc8jJo49ezEuDDLHXVQMhA
++bXtVku9yX7Pb1uibT1aJbAzHX/ISkCvARaEMpE0GWN3xt400baMoX4XGaOm2p2X
+6Kr/GaylvlriCjTzD4dL66lV/bcW+NIyomuvRIKCyez/I0kTqOL20KZlIp8nvFeB
+laXGcGAHNqSRRzZuIxuhVa+PS1cuDrRA1wv1WSJmmOlQlsCIgInvossBGRA5AgMB
+AAGjggFsMIIBaDASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQepLL9GAau
+Pz/P/I44G2cJdNx9ATAfBgNVHSMEGDAWgBRUmd2b/+inDqMZnVu+QlffMPyPMjAO
+BgNVHQ8BAf8EBAMCAQYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgG
+A1UdHwQxMC8wLaAroCmGJ2h0dHA6Ly9zdWJjYS5jcmwuY2VydHVtLnBsL2dzY2Fz
+aGEyLmNybDBuBggrBgEFBQcBAQRiMGAwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJj
+YS5vY3NwLWNlcnR1bS5jb20wNAYIKwYBBQUHMAKGKGh0dHA6Ly9yZXBvc2l0b3J5
+LmNlcnR1bS5wbC9nc2Nhc2hhMi5jZXIwOQYDVR0gBDIwMDAuBgRVHSAAMCYwJAYI
+KwYBBQUHAgEWGGh0dHA6Ly93d3cuY2VydHVtLnBsL0NQUzANBgkqhkiG9w0BAQsF
+AAOCAQEAcMYkt6pgMkikUiWZXyTvQMwfU0Gmz2bTc4eMVL+oTLn1CFzdiE68OXB1
+wk2+pI2JUd36iPJAqiG4epTBU0Jc5pV0QgfYvs8gxtlFfSECFfekzSRy60vhnM+0
+jVOnJvrp4fmQjk0FxIhhntbSgfvuAEOSBLeUvxmQIiDeaVtHPKsqyNeDR7YGwUe1
+lsKHzFWIc+95B65zXKuZBvB2rKMF5bh7G2bYq5vLfXXIfvx0eq472nspV3K+WnXA
+2kErRrbgKXuKIbDSSMHsffM4q5k7ZwRdDJosQn1Ryx71OoNGrnvDk0T96pTanhe2
+h49kiHqZugx5/dwo+ImwcV7bSoZO8Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE9jCCA96gAwIBAgIQCgVHG6hV0WnPhPM2bOsJ7DANBgkqhkiG9w0BAQsFADCB
+gzELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEnMCUG
+A1UEAxMeQ2VydHVtIEdsb2JhbCBTZXJ2aWNlcyBDQSBTSEEyMB4XDTIwMDUxODEx
+MjgwNVoXDTI1MDUxODExMjgwNVowejELMAkGA1UEBhMCQ04xNjA0BgNVBAoMLUJl
+aWppbmcgWGluY2hhY2hhIENyZWRpdCBNYW5hZ2VtZW50IENvLiwgTHRkLjEzMDEG
+A1UEAwwqWGluQ2hhQ2hhIFRydXN0IFNTTCBPcmdhbml6YXRpb24gVmFsaWRhdGVk
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxY+53qCwebnymntpBZG
+EbSP11AqRd4HAv/2pVVrHxubPtI28x1RHE1wn0IGsM0wFPjfQCi7lhfvkXiUCdAp
+PWasmNm+yyimHTaNAhavBnDYTyUSawvWUBQhOOiuYYFSRPmbXOBMi07kahqNjNi1
+x9wn8/oCFZyVLhoPHovJomQUGBY3tQsekxWI9rFrY6FWbqhysAt3WFnCSbSW57Ze
+uSjAi6okDAfmkc+wlTgVm4u7g+JfC/5hK8dSK8kK3H894ofQ6vR5Ro7syTfgvkvL
+7ERDUE7RN1Q4EhHAAMtsXF+PpWw4nM+qnmm5j+Zt2fP5w35ceMCHimhArRv1/MN7
+UwIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUIDKD
+v5dUeRF1jP+kZzBVD0Dn08QwHwYDVR0jBBgwFoAUVJndm//opw6jGZ1bvkJX3zD8
+jzIwDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vc3ViY2EuY3JsLmNlcnR1bS5wbC9n
+c2Nhc2hhMi5jcmwwbgYIKwYBBQUHAQEEYjBgMCgGCCsGAQUFBzABhhxodHRwOi8v
+c3ViY2Eub2NzcC1jZXJ0dW0uY29tMDQGCCsGAQUFBzAChihodHRwOi8vcmVwb3Np
+dG9yeS5jZXJ0dW0ucGwvZ3NjYXNoYTIuY2VyMDkGA1UdIAQyMDAwLgYEVR0gADAm
+MCQGCCsGAQUFBwIBFhhodHRwOi8vd3d3LmNlcnR1bS5wbC9DUFMwDQYJKoZIhvcN
+AQELBQADggEBAEccg1oH9hTCYSZ87wNeAu4hQZObAaj2FLr0JmxapBCApcLEJxMK
+oNl/DDRa6oOcC4ODGBlYY2YUtOyKVZv9vya8NCecgp4z83xnqOT5+I+PRMRfRSaj
+RNLBeIsx0POPijyltz530RdgGwiuYJpHuKdKvNjdp2+vYzShrZeZk5YkeO9flGl8
+AociaFbGG1CGep4k2KLr2S1jiLVIvU2ZW3fLEWsACSisII8rckvVar+X+g8fl8il
+/ZU2zP/8cUUGO/5DVpee38M9nVboh4g7Gox7KCy309iU+vdzDBTrxX5veOD1+bis
+ene523ArTgW2mf9UD7RfHUOeAICeei+GZcE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFADCCA+igAwIBAgIQd46aQSDCIUIeIgZGpD416TANBgkqhkiG9w0BAQsFADBj
+MQswCQYDVQQGEwJCRTEVMBMGA1UECxMMVHJ1c3RlZCBSb290MRkwFwYDVQQKExBH
+bG9iYWxTaWduIG52LXNhMSIwIAYDVQQDExlUcnVzdGVkIFJvb3QgQ0EgU0hBMjU2
+IEcyMB4XDTIwMDUyMDAwMDAwMFoXDTI3MDQyNTAwMDAwMFowVTELMAkGA1UEBhMC
+VVMxGTAXBgNVBAoTEENyb3dkU3RyaWtlIEluYy4xKzApBgNVBAMTIkNyb3dkU3Ry
+aWtlIE9WIFNTTCBJc3N1aW5nIENBIDIwMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCn33G1MvS6JmBns3IhBhnjUchwq0Qar4x2k8VG64ALRJ+tsLkQ
+B6fJefGhDCNl8pHNbPr6rFBTLqZ4OrbkWJkeBIhS7YIYvnVCYlqGPU+yArYRuBRm
+eP1FYIzFPOwqtR9kln1jeU+dW4b+PlBSKqalMRVE6LZZn5twFSZT6OdEPuF31XNU
+turYZhBWpqFNGmvHxhddv0afAqMmhVAkFNmY949eGh+dDLJ/zHe6zk0o+TgG3V3t
+nKCg2JW+5kJ9OUXIzx8hAOQlof9BPlEUmiY4D53LSp/QLyOu107zNN8PvOJwMiUM
+JgBEs9iU2x88VG71APhe2Ecxs3W2yvb4bBb9AgMBAAGjggG8MIIBuDAOBgNVHQ8B
+Af8EBAMCAYYwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcD
+CTASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBS42MF1b7sF80bB8demnJp2
+PqUoHjAfBgNVHSMEGDAWgBTIY5sIaVTCmMjZzeMzt1Be+MkBmzCBjQYIKwYBBQUH
+AQEEgYAwfjA3BggrBgEFBQcwAYYraHR0cDovL29jc3AyLmdsb2JhbHNpZ24uY29t
+L3RydXN0cm9vdHNoYTJnMjBDBggrBgEFBQcwAoY3aHR0cDovL3NlY3VyZS5nbG9i
+YWxzaWduLmNvbS9jYWNlcnQvdHJ1c3Ryb290c2hhMmcyLmNydDBBBgNVHR8EOjA4
+MDagNKAyhjBodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzL3RydXN0cm9vdHNo
+YTJnMi5jcmwwVgYDVR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcCARYm
+aHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQIC
+MA0GCSqGSIb3DQEBCwUAA4IBAQAlVwIesHz27/v9/Zf0tnThURWGJVfTaHvPvQnj
+rz13npLa0CE5az5s9E17t4nvGwPRhD5uUVAao3VzOkBkoPRnml93/uvwy1MjF85Z
+cgQeC7yXFmS+234FQ/YG0vVcGzNohH9LzhzEnv7MT96uOh+s40XqmLEQC2K+syVM
+eZo9qwGABcE2iFl+wR45ESPYUx+NLZr33zmL0nzHfbB2yDFdExAafyVVJmPIUaV4
+Cff0iqlAR4PaIVBFTGBdvq0YGEyt5lCmF1pQVlPKGKFY3A9vn+4R7EBnhcboWIaJ
+N0AXFB9jkAt9vLjcw4T+U+hb0b4XVCasecKDc/3jrMFwHTBl
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFHTCCBAWgAwIBAgIJIrmxbafm87u6MA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMjAwNTIw
+MDcxMDM1WhcNMjkwNTI5MDUwMDM5WjCBjDELMAkGA1UEBhMCSlAxJTAjBgNVBAoT
+HFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNFQ09NIFBh
+c3Nwb3J0IGZvciBNZW1iZXIgMi4wIFBVQjEqMCgGA1UEAxMhU0VDT00gUGFzc3Bv
+cnQgZm9yIE1lbWJlciBQVUIgQ0E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEA1wdiK3zK1kAesoeWXMKKbNwI+XUgENS5nLKgJJuLcwCp38AGQjikW1ab
+jHOl/JFk9qgHTBAjpJRwWJ6oGqVd+v2/0g9xRKNU0PlUoC4z6gh6nkmmYSdloKzt
+ViGy7y9Y3IRiprjhHKi39SK/SgHKloZv5Wg6cRv7XozDJGKtv+OJnN1PsmDMXkmN
+BQoD+wuIj/4hXdzZutebEUzHxxku4nJ3pPgE5d8ReMkCpTDCNC+eRTkYWdaMJMLh
+5O3vcgttWWUPJqIvP5HGDkMqIBLJXSTq7zH5W4tp6TmqQEHUlDAM8DQE0+OSpdRT
+QpVu/jc0jg+5Vb1hFhWW9nbm0AOLcwIDAQABo4IBrjCCAaowHQYDVR0OBBYEFIk5
+QWSR6UakFlkH8iuvUn99S9qSMB8GA1UdIwQYMBaAFAqFqXdlBZh8QIH4D5csOPEK
+7DzPMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMEkGA1UdHwRC
+MEAwPqA8oDqGOGh0dHA6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJv
+b3QyL1NDUm9vdDJDUkwuY3JsMFIGA1UdIARLMEkwRwYKKoMIjJsbZIcFBDA5MDcG
+CCsGAQUFBwIBFitodHRwczovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0Mt
+Um9vdDIvMIGFBggrBgEFBQcBAQR5MHcwMAYIKwYBBQUHMAGGJGh0dHA6Ly9zY3Jv
+b3RjYTIub2NzcC5zZWNvbXRydXN0Lm5ldDBDBggrBgEFBQcwAoY3aHR0cDovL3Jl
+cG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9vdDIvU0NSb290MmNhLmNlcjAd
+BgNVHSUEFjAUBggrBgEFBQcDBAYIKwYBBQUHAwIwDQYJKoZIhvcNAQELBQADggEB
+AH8X3JR4dnFhjqSyVbz7Ac2aEnqEmnnnlVbLPMdgFwFyF5yD538Fa2tVGGuBjkeE
+bLT38cHChGXZEf2+NhyNgC87VlW1PYslZ9S6nGQh+bBuqqlVQcrM2C7yfC730yJ+
+JSjqm4kjxXM0n5JiBHgKZNhgY51cZ+Fr2WoJQu1+USWfxL8S9AjRUyP+TRp6eP8X
+Gn/RsR4pC6rzg9qI2DeVB8dtK/sllKfvaVQekIg5gdoM6PqiW48oLrdSJ/lfr2YT
+OSPpWjSE+g+CAbYQgwqRLE/cIlwl+XE/MLYjgrNfLphvD2fP80yPG8ugFO5js1iv
+GY8AxrZy+aiSokSoJ2fdtBc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEWzCCA0OgAwIBAgIQQAm3l56tCrIb/S1vLGJmkTANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTIwMDUyNzAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowNTELMAkGA1UEBhMCS1IxDTALBgNVBAoTBEtJQ0ExFzAVBgNV
+BAMTDktJQ0EgUlNBIE9WIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEA1Rm7lc2N04hcIY+7xL9eVeAJyuwXX988Y0SHkGviT5Lgyv59ctK+tfuIygWC
+E4LDTJWJxx04Zrzh01fNhiFVfi6Qw0NcMkew6rS7NU6BUWZFuXy69ByfjEi2bjp8
+AGpvErpX8YZZT9IEh8Rb3qyksaKA1ZLbRbGQ/UzjJKHNJlBYuRytSr4IfgUh9g5A
+a4EmKsQxTkngF1rUKKUeKW4EiA0wfFLbgnWVqaDdMZIqK0Qiu/4w9kVfQx1gGvgP
+XtPxm+92x4yqG8BoDonre6HvMEHYXU5p3FVYYwbgrg7qIZJaRvxwHU6lrCLL2EKL
+rARCgIJKYHd7sxo9CLrqxQr5ZwIDAQABo4IBHzCCARswHwYDVR0jBBgwFoAUoBEK
+Iz6W8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFABZzaC70pLwvu5vUoupzjd0wSBI
+MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIC
+MEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNl
+cnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcw
+AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQCb
+wCmqK+MxNjFhMx/zmY+y/Jd3Bqt1bRyXJmiS+cwOzqeSQ96PvXSQHJOLwmmQgTiI
+ldnX0l5UYz6MpKLRlsmNnFQdQkP75sPHfW31ThNSoaC8/2BqeHuAHGTs1Bke7v8a
+BMAFBBvfypAq77x9MdHNGc0Whr/gBMB5U9SJyEsQHrMzaDK6nfUUfqCZyYVpPtDj
+634xdrF1xFx8iqYMN6Scz48XgiBRMVut8mPvwmzhoaK5vwZKKnXftSK5X1r82HCU
+wlbUt33hKbiU+Pdi8P53xM5qPMvuo686iGP8J+1PEKeaa2ECFozDnnyrSlVwFBH6
+P4rDDpwYU04Zr1UzEn9j
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEWzCCA0OgAwIBAgIQT7cxHGT9kPGYHf/B5LCYvTANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTIwMDUyNzAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowNTELMAkGA1UEBhMCS1IxDTALBgNVBAoTBEtJQ0ExFzAVBgNV
+BAMTDktJQ0EgUlNBIERWIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEA1fQXd166CHH5+6RLOKOGCN9WKQeYoPWc7ogxpGpQh+rfyOQvvsW4sz1VpLA3
+UdWWffG3G+/MOhgX4WOPTkWGHm+owoD/YOPPeK+gHN93QLtBroqiwBxMf1WbCyKM
+BCNtgHsHTRNhfWsUdhOWk8xPztekazIAVVAnEZza2TENiDGWUIvOVSyDogtSCgDg
+4KxFBmCNtaj/Y+PLaXH6A6wdKpQ+G9VMaLDlHP92dxLBZnjIzH3dPMCzQlWcw3hb
+SXeH0vHUgjkdU5t8pRZnGqziV1CV6p2tMlSpV9D4GRQNi16/HwbYyoIx2lskw5an
+z5U4PTVrCnqa1EwWdYywvRhr8wIDAQABo4IBHzCCARswHwYDVR0jBBgwFoAUoBEK
+Iz6W8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFACyhYjxpuX174IlBE75Zc5GwREL
+MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIB
+MEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNl
+cnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcw
+AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQAc
+PXWNpDa5gyl9Rv+dc77EzmD9pQZE6JByb4f53riITW07+D9JXDRilTlRU2H2dFrW
+nIBzaJwY7R/1m70kBkfd0uPgOiw6DV/5U4HS/IiAKnqXgH4UzAbA1oMAxrXtp2BM
+8PpwafDjoI+8TYjXK2f5qVXWmPIpUBIHEKkx1jUCeIm7ol5c/3LNVLobpfJ4hwvS
+ixfdO0AZMHghA7qsh8ukzHdqz07bU+/Y3YF9RTP0u/JdrQuu4s1Mo88gpe5F0d04
+e2l1eehJwxfcl+26MaBwpPIlI+vIl/cdwQNdFVzfGQH80b12VocjgU/xClJ/kPtl
+aiB+4GkaQn9In82v+AuH
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFvTCCBKWgAwIBAgIQB0eWToV4BAJ742fDL795iTANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDUyODEyMTMwMFoXDTMxMTEwOTA0NTk1OVowTDEL
+MAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEmMCQGA1UEAxMdRGln
+aUNlcnQgSGlnaCBBc3N1cmFuY2UgQ0EtM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDeGpVQq5XTXhSGOeAlfuEKIbg9Ail4aN2CM7+lyr+fcmTFjCNh
++naWzgR0w6+MPLs7/XEMj1q5T1B83TAlok792M3jvHdWq9rJbV7Dxt8Kl9FDKJfq
+NBeLwsIMCK8FhwIa8AGXsakVsQ/uOl3Hzf7KzAXguOobVr5Vvlo/EEaCCR/bCdvP
+Kciwou2bLS63vkIiIc133FgOAWq38NFZz/KF9YgDJA/vtoxG0N9RPaY+gmAF3iey
+R6zPQMFuWHgMgmhU4QdUsTlcbZzGoX5+Xex0HvlDRBb6WONj6XNqKa+XqGGI+eg0
+gROy0hUkq6hmmUxFLN9Y61rWfIUMPzEsIunrAgMBAAGjggJ5MIICdTAdBgNVHQ4E
+FgQUMRaRonVMwWo1VdlLIWJ3H6nme+YwHwYDVR0jBBgwFoAUsT7DaQP4v0cB1Jgm
+GggC72NkK8MwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMH8GCCsGAQUFBwEBBHMwcTAkBggr
+BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1o
+dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNl
+RVZSb290Q0EuY3J0MIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRp
+Z2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwQKA+
+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFu
+Y2VFVlJvb3RDQS5jcmwwgdwGA1UdIASB1DCB0TCBxgYKYIZIAYb9bAACBDCBtzAo
+BggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBigYIKwYB
+BQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVz
+IGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50IGxvY2F0
+ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTAGBgRVHSAAMA0G
+CSqGSIb3DQEBCwUAA4IBAQBfv3Ea6UPoVpMXl9e9qg4Oy1v9miRr1J7VZM/maYaf
+vgjEsBzq8bbUxVgWZlNtYVzRNFXp2V0KZvRSyXh1Oz0RMJHsnlFkwJu4T3Vr3O4P
+is4gwQA0YdZPf9qvpbyDIHaI0UY5/JSa9QmkTIUWAfogcnyySB5OWDCyHvyroaUn
+cjltfVqdbn+aYJzdJWx9ciOucHpP4QoJH7tSv2OOA52WKl1s7Gayn+58pPQJUtug
+GbasC1VJT6AZ5AEIfmCg82BZceXi5Rp9677564UHKCFRKwDuLEt/dSKog3xYiYon
+LYLN2Hw7ifA/NMACfSOdF7HnJ0u00e/T8MjQqgRPbXDX
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHpDCCBYygAwIBAgILbItGbUoEQ1rR+8wwDQYJKoZIhvcNAQELBQAwgawxCzAJ
+BgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3Mg
+YXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMy
+ODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEnMCUGA1UEAxMeR2xvYmFs
+IENoYW1iZXJzaWduIFJvb3QgLSAyMDA4MB4XDTIwMDYwNDA4MDkyOFoXDTMwMDYw
+MjA4MDkyOFowgacxCzAJBgNVBAYTAlBUMUIwQAYDVQQKDDlNVUxUSUNFUlQgLSBT
+ZXJ2acOnb3MgZGUgQ2VydGlmaWNhw6fDo28gRWxlY3Ryw7NuaWNhIFMuQS4xIDAe
+BgNVBAsMF0NlcnRpZmljYXRpb24gQXV0aG9yaXR5MTIwMAYDVQQDDClNVUxUSUNF
+UlQgU1NMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IDAwNTCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBAL/5JeQouzz6qT84UE5iwdM8qkbYQrKfj8riRiTA
+ejpQn/FgtYfDkv9w7eM0LX5araOxNqmW76oeJfjD0sK+nSKVALK7CNDsfDj5CqWe
+lF8Qjohnctv0N8ZCndvWnfQdBt7A2H/lq9IplE9KanFI1IFqu+rlxG37eMRXikyh
+j7H+m5ghl3BT+UetpKpFf7QyWHh08tJiUI1HP06pRIRlCp2pv8OIkscWV4svYwVG
+QJDnmS2lthirsdnszEVv0pcElVlpeVH5Y32YWQ/Oilr4OuHdUSpVGCXuhHoSMRXY
+QohRQTo2hzK2yo8DuPiL+6B97hgHlJgCoH61XjRnK80tAdGskUOLWAFJlabJneAP
+UAhAnp5c9kU/MkgQo55yERg7TQgLVd6E69pgKBHsHTouLV4AF07xv2PBIVovAaYg
+2qJdM9oANbZaWLf3dQAaSo2qiSqjGTkssNYMlKCMJAK4bOtjPUHaU6mB9YQ0uuPl
+Tc5ZRd5yQ+tZaNMroLYNSFV5Z1KjRq8nbOlhGDSBeScmn8h71x19fXFWRqF8O50R
+Z2wS1ER7gYwORwhkgbgWJvDzoL8w16hbxsnQ36rfFb0O/3mB6o6Mx9uofYZNxXIB
+y1WCnYyPbfGb4D0e7Eh2AkQCAKRiA3IXjC2UyJ7H981Ur/zgdUBozgIynKxjfgIV
+dCM7AgMBAAGjggHIMIIBxDASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBQl
+oAEyqsp3o3q+54o6RIsZtU1ILTAfBgNVHSMEGDAWgBS5CcqcHtvTbDprru1U8VuT
+BjUuXjB9BggrBgEFBQcBAQRxMG8wRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuY2Ft
+ZXJmaXJtYS5jb20vY2VydHMvcm9vdF9jaGFtYmVyc2lnbi0yMDA4LmNydDAmBggr
+BgEFBQcwAYYaaHR0cDovL29jc3AuY2FtZXJmaXJtYS5jb20wDgYDVR0PAQH/BAQD
+AgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBABgNVHSAEOTA3MDUG
+BmeBDAECAjArMCkGCCsGAQUFBwIBFh1odHRwczovL3BvbGljeS5jYW1lcmZpcm1h
+LmNvbTB+BgNVHR8EdzB1MDigNqA0hjJodHRwOi8vY3JsLmNhbWVyZmlybWEuY29t
+L2NoYW1iZXJzaWducm9vdC0yMDA4LmNybDA5oDegNYYzaHR0cDovL2NybDEuY2Ft
+ZXJmaXJtYS5jb20vY2hhbWJlcnNpZ25yb290LTIwMDguY3JsMA0GCSqGSIb3DQEB
+CwUAA4ICAQCL8R+fQd2tTXZvoOzsLz3uZznUjI50muBlkR1aRLcN9EH4FEmNziKQ
+EGgKSEFwkJNVRsh/u19C3NcTQNKTQOxX7cyX6F9kxtijAjf5VcE69yn7i8QWyUsy
+yzETF2QMAmWJ4K3PwSHguoq5r/vOTmYJlJuNOKlfGC5SuhJaIVz+sqDBtung8Xzs
+MMolbexKj8qlfmGSwTk7mxSQdZEt4JuRHT8eD6BE0IxTzphQkhgxhgBSR9gLRL0K
+Ub3j/lOYsOyswwdajiyollFNplieTKmPnmSTj6jNDpCylEQ6vG7C3lR8VApyTWkS
+jaANf69OBqHs0CK2TXuMYGoZGFAMpYhSSHXY7ny9MDeqqDrBfA+IWO+sJu3K+Fd0
+dX9l0ZyBA7zNNBwLX50RvRGV2OAMG62JnUpclmDLrqmmoP0FIvQnR25RvZs4KGHh
+OOAngsFqZz4c2OKUjMY7QnKQGjnDXxmMxdECQjb15gFzIchrL+0ar/5n3HBBYxSW
+i3UsfJ2zZc5YvBC4gMx1HorC6gS0aQsqEk4eDhnQVQ11n67rfdK3nY+oZEca755i
+ECBYeuQZCAe7OfPDRmoTT5N4PbVOni12L3GrNLQchyy3VuhZryXf3y3iK8YgMHM5
+Mr07d/42P73iXUcPW7ROfvrZFVBs8APpVXQ8TKKxQ1oVfpnsicBYHg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF9jCCA96gAwIBAgIQLKBTi7rBj09mERFTTwE4rjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+NjA5MDAwMDAwWhcNMzAwNjA5MjM1OTU5WjBxMQswCQYDVQQGEwJDTjEtMCsGA1UE
+Cgwk5LiK5rW36ZSQ5oiQ5L+h5oGv56eR5oqA5pyJ6ZmQ5YWs5Y+4MTMwMQYDVQQD
+DCrkuIrmtbfplJDmiJDkv6Hmga/np5HmioDmnInpmZDlhazlj7ggT1YgQ0EwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXS/F9OWsmfpE9Y4MHqqNYWhY9
+95xpc/kUEM4bqR69Rln+7bHZLys5tOIIzZo6npbS9zU/5rG5RvGtMWOVuEJDsBbC
+bsvdJQq3WqQ5oWNm8BlnPrJlW5B+DWtZJooiH1BSqoJCM1IbrY/wOmllrUetVW4u
+Ns4MG1DIqiVToMXMVssrBoT6tPzM75V07aHW9EiyYDn6u8mnDOh8M0WZtv3ubotj
+igoZBnn8vEnQMgmdGX6Pl7JlHmwpvaWzcKzAxmSTTgDkxqkDkwbl8RJ2XaETTm0p
+0YHnvBJaoKrhXRes9wweKxw2DaFJIAlveSRYgK99Kfp1rgeVQf3bOYK/+hXDAgMB
+AAGjggFwMIIBbDAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNV
+HQ4EFgQU6I2cdDR8/GtNhYqj+l7cDTgwNqwwDgYDVR0PAQH/BAQDAgGGMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIG
+A1UdIAQbMBkwDQYLKwYBBAGyMQECAlQwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZp
+Y2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKG
+Lmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBQUFDQS5jcnQw
+JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN
+AQEMBQADggIBABH5mbpI4fMZOSrkr37xb9DnZS4n7ayskAx7l3S5p8t4BWoj73CK
+FFTOFbKMburdqCrhgEu3y3BEsLE8I5Zv9uoT4OKMQF9lJggRYAnI3iP49Gyghf4u
+oyEjj/hBDYkk+ZshsrMjw64f+pHgDLoCEzW6Z08vjgcp7OieSmpcXsYs7p4FrkiC
+jCv17Q8ECKUNJczz0U6GK5s3EXbaoV8MF1BsEUY1Yg36tsvyD3gPGuDMUfCkFRyu
+EqOrTUmkFp2h3AtOegDkku537GzzcKtsCz3LLlCYVc0j92tDabcb/FlDfaYdg8zX
+aPVuEd+/huw1edRQDbVNCH53DpH/IcdEDPuUg6ViZ2f5Ji1ld6+W80BhnoRmSr71
+RwpkmvBDRHINKDZXM/0yPryMsJEwdA3MlqdHmqZ8mzRQ7mJGfKbFsZKVsgicKYIX
+BqEuKhQc4ZAPHk1xnueL6qGHun2BKSofPiOFycNoMgCJ7rOk+aYGGSyepi31x+d+
+Uu18ELAnuGKFfUpO4q27n8zumK4ehsHfD+COxJx+qhE3zHv4QQBLrw92wWjM0+Cs
+O/8nZuXrNl2MASvNIoiwVLor4brfqGuH42bId2zu/qRw6o7B/+RkWxwPJ9deQclb
+xDJKGdT7C5fVlN6y/qauX46mMv9rCdkZOG4aB0BXjBztA/fkHdAUV8Uj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGDDCCA/SgAwIBAgIQf2D5FE6hHhvlz3UHR0hbzTANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+NjA5MDAwMDAwWhcNMzAwNjA5MjM1OTU5WjBxMQswCQYDVQQGEwJDTjEtMCsGA1UE
+Cgwk5LiK5rW36ZSQ5oiQ5L+h5oGv56eR5oqA5pyJ6ZmQ5YWs5Y+4MTMwMQYDVQQD
+DCrkuIrmtbfplJDmiJDkv6Hmga/np5HmioDmnInpmZDlhazlj7ggRVYgQ0EwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJO0nF1oZhDxBlYvRz/HPf+wwj
+xFeNe+FYrZced3uagb/DsdI31Y0rdk0rr08Y46jYDvKA6mFyU3BqIpMBUBxYE9bp
+rKGFl15MFUFyk1It1X2Wocp7D4V1lo6mPLXEYXp6tKgFum69x4F0Rn0jdJYokLic
+TRY998EX2ct15e532mL6hezxEOWOiOiWHvyMVwk1WiQmzTSxu92meiX/6bAu9GqM
+gFYheYQSe1Z2GQfOKAM1yovx8F9vrtYJs3bNb0eNMMSy37SexUGJzPwRye54mdFJ
+9eVqGNokuHVmotbtZLQWdoUF+sh32QhoRdriWoQBNsuNloJr8VtHQrCOO0CRAgMB
+AAGjggGGMIIBgjAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNV
+HQ4EFgQUul2vcDF0NefYqwuSC1nE1DIxqKIwDgYDVR0PAQH/BAQDAgGGMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDgG
+A1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28u
+Y29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5j
+b20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYB
+BQUHAQEEZTBjMDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20v
+VVNFUlRydXN0UlNBQUFBQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51
+c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBnqgc/935yMNwMMihvHae1
+llMNn6hvXQ5auDpsO1DixqjcIMUyWv/719LKW/yLyed5P6UAk1uiXpoEp262emaT
+7u7B3JFWu+oewI63OCIoyOXwxjAi1+oeec09JX+ixzGbbpgIU4qnR8MPgZNOZwcn
+crGGPzqaeY+YsOxTrMs9APpD1V8KOc3RoIus5qw4lP7REIBU/HYfHOg1E9BGzqrN
+lZF1qdjqU6NES8/rxHDsqCk/2S+wgUek3k9K1ZB5v4d3ugYQ4USG6LQs41GqqifH
+xHlcArYC4EOwK4jekXSCBzJsKXTPre9kEVTzPejdjyb1RDdAhwm+Q/y3sjNEYR+9
+bt+9YHt2h/tre+9zRph5/h9H1QGBXkaglJzU8CCnUpUrJkW4/OqimKM8MDyYDrcO
+ugBNddsgaMQ+bBZVBj6kdrXJBR5lrl/T8zH71xttbmexzJGIltrCL7URFwxdTn5k
+AWVhab0VCoYVISR6y7I51Ap9uF1uCOq+dmwvEFanPxoUXyVDKtGZE4RPCJmj0Msw
+7RMuMnHw0d0vO5JzzqHJL1T63HxGCLxWVSpm1ISAlEyDSm2CXVX7fNR9ny4kXtCF
+d+i5jRUMJHL0OPxnDjduQJ0QKkMjFV/KeYmW5XitEtFQp9xtuqbGR4/eQ0voJ07L
+OHmi6GFJfzipZDpfAV6fFw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF9jCCA96gAwIBAgIQKxD7EhRcgCQj++wKwddc1zANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+NjA5MDAwMDAwWhcNMzAwNjA5MjM1OTU5WjB7MQswCQYDVQQGEwJDTjEtMCsGA1UE
+Cgwk5LiK5rW36ZSQ5oiQ5L+h5oGv56eR5oqA5pyJ6ZmQ5YWs5Y+4MT0wOwYDVQQD
+DDTkuIrmtbfplJDmiJDkv6Hmga/np5HmioDmnInpmZDlhazlj7ggU2VjdXJlIEVt
+YWlsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsBtrkuQB5J8
+1bb8H/C2i6GGYyBNUjsyglAQ2tWfXE43nGBLeWgA7By5ZJHtHXFYuPEj+X9dZG9h
+F280NtMnWGKCM7W+22Iu7Sp2TpSzoq121chmB9f730afItGVH0JOapf1L9eEz52i
+HJYMrcxDzf1H8hAqiiP2VHzRjzfO83YVeOlvk1wRo/Mqm3pW/cs+u/zZF8+thpa2
+aGftI7tAh9aKJ/gfjygiOq78b5gwo6B4OftwoLqCfVE66gzuEd+j5ZlcRMi9uA5P
+mHmT4Gje4aKae76PrCGujl1nFXpMcK6iFwOqTvCo3HdHW/SaUXHoARCF1TTt8/sP
+0iTI7yGCBwIDAQABo4IBZjCCAWIwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd
+8rIDZsswHQYDVR0OBBYEFCv24JBSXgKXjqthjIibPUVdDjHEMA4GA1UdDwEB/wQE
+AwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
+BgEFBQcDBDAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgJUMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZp
+Y2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKG
+Lmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBQUFDQS5jcnQw
+JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN
+AQEMBQADggIBAAwEYnm3JK0Qgv9dH0Tzw7FKXnrcjfx99NL10vUyESKaH/7PGUxW
+4ZZKBUUWu59dDqid6pEih2lCYpAvy/NOMbqL6F+aNE1bDA1ZDS5dkGvca+LB5Oqn
+K9DuPIFU7UDe1A9ZqYR0bYLdoc4jBtLPf6ofIoir5d5RAczfsMvLSR1nD8OLkwhp
+JOUNeyEbam5TwxSEAdMBZvYfqZaFQTuQhxx74cIry8OIjNBb/kvYXhstsGFlNKRf
+l+x3760cNokSFRnB2FC4j6xJX+Z0dMoBUX2mHFqNSudjFEKewG6xcnTTHYfAIUWc
+iRzg8A/G2deojBdRDwzvXPbOAEKvguBfpUDVB3r66gBm1sn09UWddbcWVa+bdeDG
+GgQ9HKznF/i8FVxvfiWF9WKL5OEeUWXzMm+4sJLKyeJttzKDTIBHvU7sBlICyjfg
+5UWlfyhxaK+5PsBLgEo8rjJz8TyCNGDrSiCgZwgD3hagn1ZEIEuiMNGf/jFVFDJY
+CognuYHqXPDQB1oBuJgCU3kZCxd0Ps8T3AchzDqI/BVZe4Kz3Yl8866PflwAOFcj
+L2GdZsRkbI3SaruyiX0OR3vCYiNYMf6b8X3ZZ2YJ17B13ASLapfYX78Yw9+xn61Y
+jiw5qlGDA8eo8RgXbm+cLxBDoXkbq+y1Fsqk7M0mpIqaK83+sAcVtFuj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF9jCCA96gAwIBAgIQC4BruOGpKB2Qlx9HCMmv/TANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+NjA5MDAwMDAwWhcNMzAwNjA5MjM1OTU5WjBxMQswCQYDVQQGEwJDTjEtMCsGA1UE
+Cgwk5LiK5rW36ZSQ5oiQ5L+h5oGv56eR5oqA5pyJ6ZmQ5YWs5Y+4MTMwMQYDVQQD
+DCrkuIrmtbfplJDmiJDkv6Hmga/np5HmioDmnInpmZDlhazlj7ggRFYgQ0EwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPXDYZzbcqm0YfHlUyNK9hHNuY
+kLy8wgpx2/5mYtLR8S3hJbe1V1wPGpvwlzbI+vbFPwMJ9nyi/Cuq1idC3w9q6RLj
+0nBYsVk9FRIWtPr/+LnFR07hfgF3wK1ZUDV0zRmjIsfPGbIjegad01hhZhpz6HcI
+cu6omAa/gcvvRak3Ywsj9mfnnou/BaSCJuJtlh4XH0Eak52fhHluKhuTY0x5I7Un
+C/jG39K7uXGsdRqopiajK0g5NdtTwiS+3uF6ywsBgcg9bRkwoFD60dEfKh94UKhi
+p5f/iz+EEaLsHtapk/E+RVqjqetlojEI1q1ILOYwF7YaSsAQklfCg+EjHbv7AgMB
+AAGjggFwMIIBbDAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNV
+HQ4EFgQUWVA5MpiLt8cTdszwEGixvXQHpi0wDgYDVR0PAQH/BAQDAgGGMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIG
+A1UdIAQbMBkwDQYLKwYBBAGyMQECAlQwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBD
+oEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZp
+Y2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKG
+Lmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBQUFDQS5jcnQw
+JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcN
+AQEMBQADggIBAARABbXPNlFOB89JgihpucRWtPZ/oqo2+gD253F96ejik70JDUq4
+E2VEg+4JJCIXJdxJYhVhYOTwzsbdzFn6tiecj7yB2RVQnsjA0DfkRjgJb9ZksSY2
+rR9bwwyZDprQCyqKZ5O9TAP9OyvTGix7973K0chqpnmLpqhWg8LeyuW4KMaY8WHk
+YLb0VIEvaSQcOjpZLJeOXSzwMkmWqlCiF1sDMyIvBr1/u3kGetOaTbamT6DeB9Uu
+8FxKJyR8S9vqdWQJEVtfpQArV8OXxMFpvSGcfELcFZGdZg3l70hqGXY4Cunc9o5v
+qqD4rdaSzNHu/9fdWfZ+GGrABFxN+HEhyV2RXIOZWFor1PSgfQlviXQTGGa5C2L7
+9TTUvJvNcK2rzm17FFZc+/QJNksoSm48Out1Yim7HWUvUke/cBY6gUWvKC+CJ3/k
+wjee6AjtZ0cejlauQB7eOUGbMVrnLpW/dvLZy4kbjcNlvKstTWochF79t3LGoLqp
+KPm/K8XuITo3gH/rHodLW3tHDazCp8qTXwAEdY3ZuykEDUU2TiBttNEGidTUDHdC
+inLfbWsqSNwrwGfJJ1a+K+1xJaMNr6YAOvFiqzb26s9vUrpjgFv5KCUYik5OeA7S
+auzBC4NVKFgxjZP1Z8SBEH6OpXy/LRypMkXVG3cwi4X/EhrVLUsziN+T
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFiTCCBHGgAwIBAgIQBNu9QFVDvD/toNREACqasjANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwNjA5MTI1NDAzWhcNMzAwNjA5MTI1NDAzWjBWMQswCQYDVQQG
+EwJBVTEXMBUGA1UEChMOTkJOIENvIExpbWl0ZWQxLjAsBgNVBAMTJU5CTiBDTyBM
+aW1pdGVkIFB1YmxpYyBJc3N1aW5nIENBIC0gRzMwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDMVZXJwRWqDSrfP3/gXy99eQN73EgjdwJxrwKe4UoDQ3W8
+53vUgDYQGyLVga9tLuEV17XOUnamlpuh9+NGhP+IS1ihhJNr9V7c0vX3dcAVdvAm
+qss5Xe5R+hjEObbQNFykqKiznekYRqdA7UFBQcybdoe3QpvBRZ+KNlDAfzjPPwAv
+2dHC2swL0pg2SXLKnCEuzKsyXdvPMAcYLmXSLjs35jUe3ds2pzd+h3DDlo+A5CQd
+OSSUMX6DSuhJZ1t2s2Hmf9Nd+3pks0fx/Lzce3XZtzQFJAYpVntubwJbFTjKqrXJ
+LYD9ZN6j8FDboRY/l9G25GTryciHeeoLBhvcKWW3AgMBAAGjggJCMIICPjAdBgNV
+HQ4EFgQU3vjrSMgLXYCCfYB4IBV5uLLDCJ4wHwYDVR0jBBgwFoAUzsNKuZlV8rjb
+YL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMC
+BggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAk
+BggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMIGBBgNVHR8EejB4
+MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVk
+SURSb290RzIuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGln
+aUNlcnRBc3N1cmVkSURSb290RzIuY3JsMIHTBgNVHSAEgcswgcgwgcUGCWCGSAGG
+/WwFAjCBtzAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQ
+UzCBigYIKwYBBQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNv
+bnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVt
+ZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTAp
+BgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRRGlnaUNlcnRQS0ktMy0xOTYwDQYJKoZI
+hvcNAQELBQADggEBAAakQjzsnGTxNBTqp7weVZ431B/zVqi3Hi9GXIoM21EFD1RL
+7W4R54xNX0baTiGupxtcod+R6MaGq/2SVNwHyEwA8o2H31U6aswXO0G1V0y2ESNa
+hWm73au/CrJx3P6r4IOgxdvF1D2T4AkQH5JJwf86takSosnKLVUUYRgDpwHAsexQ
+/gy8172A/BrPP7BUdxY9nP9MmGpECUmhNqnjA9LKH/nWItLrSaCPYz5vsvWWoUHW
+vugR+bBBzURC0YxQiphyBz1r4vFWWOXnMjkYyLx80vCtBlab+4Y3i53OVpNPYXeu
+v1+fatrNKCnsmKjVf2lnC4U2U1o1bb+KN6RuJ8A=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFADCCA+igAwIBAgIQBaqk8rvBAqYMJoom/W4eUzANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDA2MDkxMjU0MzJaFw0zMDA2MDkxMjU0MzJaMEQxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IFJTQSBD
+TiBDQSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANv66EW9JqB2
+v9PiD5IJhMyhq2eyfd6jry6jZ1LZlhO5BLFgSw++pHLnWd580jHYHUST6/rd3t4f
+vlbgKXO5zcDtDs7oyQlsumJz5+I4xk/g+hfIcHEcJXPliAXbWUrhWMHgfnVa6dum
+p0QVSLiLpIE2EAkCPFIbpEA0xdNPyrBa6sep9l25E3cpx38sfWd1pQjdflNmDxAm
+Pup+lB6d7p6JKTiwoSHUW+hzLqEgF/dFNbVddV6K1Dsz5oi8Vwpo7/ZbAQMPVOFr
+mtnRwmDi3ks0vJdZFOXRqln+ruj9dpkTmXKt70AgfpqF/pRDbJO9Ph965PDnl2k3
+N3vhp1CYta8CAwEAAaOCAc8wggHLMB0GA1UdDgQWBBRHFCZczI0niilBbEMwlRtF
+L8R1yDAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2Nz
+cC5kaWdpY2VydC5jbjBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLmRpZ2lj
+ZXJ0LmNuL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDCBzgYDVR0gBIHGMIHDMIHA
+BgRVHSAAMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20v
+Q1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMgQ2VydGlmaWNhdGUg
+Y29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWluZyBQYXJ0eSBBZ3Jl
+ZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2VydC5jb20vcnBhLXVh
+MA0GCSqGSIb3DQEBCwUAA4IBAQCxMnN/9QbsmupckpJnA0U55GCuZlzkEegalVg+
+fT8OaCslKOKnbNV9dDzsZwuxx89CXj2pVHEUPjIGdbB0fGnfreDS3za94jOi0L9M
+29N9380NTixcUZRRJ4X+gzFNX5doNWCBIUuvnRI+o74RKUlrcZcT6rAUw9xGH+CA
+K1WTjaRt8ysYGI/x1uQnwFe6GkcrnZ7QcOdha8sbNcfyQNAAHmD4eL0hJjnebCT8
+Vt8OlJIo6ett6BndhsOK3GQgtGeX+2U6m6rE0sR6Z9TdwmBWucfwpMH9pdddwgI9
+q7mXJLtKZPoQSo+9eEKVwogdrkaM6h+KajLfCCIft5CsWtEb
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDozCCAougAwIBAgIQD1GIO1682ob2anzIe5cQxDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDA2MDkxMjU0NDNaFw0zMDA2MDkxMjU0NDNaMEQxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IEVDQyBD
+TiBDQSBHMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABJgnRydCw9b+bQ8DBBQh
+j6+16m0Qr172AMXCGnIXGGiaaOLHOWIIbHsrXiYtlvLDMxFvm0CseFdn80IE2InG
+U5ajggE9MIIBOTAdBgNVHQ4EFgQU9/ze19+gtwn8gAv4hnIBtngxD+swHwYDVR0j
+BBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGGMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMDMG
+CCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZGlnaWNlcnQu
+Y24wQAYDVR0fBDkwNzA1oDOgMYYvaHR0cDovL2NybC5kaWdpY2VydC5jbi9EaWdp
+Q2VydEdsb2JhbFJvb3RDQS5jcmwwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYB
+BQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwDQYJKoZIhvcNAQEL
+BQADggEBALhHNFzIF/V0kfVruGl2sjHobWuHxwXZ30/XAYG2TkU87u7wIuHEiGwq
+CXzwbnHy4mGVEQj3+nj/ObFEQsWhI7YV9Enwt7nlYxcvvhDFh/L9VTdPOfh9UdL1
+AJRS2yX5RSemC2A4owYv0xVxGQgPbvjk3hGgVwadpJFzuJK9k0kfc4MopUI5yDB+
+hcUIMffJO84rstzg0kHykudc/o6DFxBo1VXDZG6hL2sQmDZTopBpkfcP4ZcDT5tC
+rwlXEL4NrAo4pNv27rhgQI61CzouO+bZPeCoaHOUAiRH3pN0IEzu6KtjrCUPeqyd
+ScpWRe7jG4COQDWehOKM3w78lfxfMA0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFHDCCBASgAwIBAgIQBg1bPA4gYzI0+zXlAjzBaDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDA2MDkxMjU1MzhaFw0zMDA2MDkxMjU1MzhaMEsxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJTAjBgNVBAMTHERpZ2lDZXJ0IFRydXN0
+IFNlcnZpY2UgQ0EgRzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI
+kwhLLm8Lh0DZ0Gw9PvUiWqk4ryzA2zdvu1+ynTNAnpZlPKIIRSWnPQY1ecUzUyO8
+/g8s3mEoNWsFphrl45qLmU2GaV4NBJiYEBFzegmi1unZYkjmpxtlXiOdiV9EpQ0q
+hG3VwlFatMhB9rL2rLWx6A4Zg5whb+sxPlC+90lTaEESRnRYhUbo9e0RsuSH9WD9
+Q6yFSybuKwGwI1CvGYxObkvcO3hBVCnqVcmRktUNfDp3vxwF3HS6Z96CCA246SZY
+dyhGwuq2F0c7dKZ1MvtxfXc3/kbIRa6aBzwsuALdmcr6XqDwvnHS5vJcAAgplCkc
+h7P8QTBQSGktxV1DA0vHAgMBAAGjggHkMIIB4DAdBgNVHQ4EFgQUu+fGIAov3JYb
+577Kg2Div6Bq3EcwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYD
+VR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAPBgNV
+HRMBAf8EBTADAQH/MD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAYYjaHR0cDov
+L29jc3AuZGlnaWNlcnQtdmFsaWRhdGlvbi5jb20wTAYDVR0fBEUwQzBBoD+gPYY7
+aHR0cDovL2NybC5kaWdpY2VydC12YWxpZGF0aW9uLmNvbS9EaWdpQ2VydEdsb2Jh
+bFJvb3RDQS5jcmwwgc4GA1UdIASBxjCBwzCBwAYEVR0gADCBtzAoBggrBgEFBQcC
+ARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBigYIKwYBBQUHAgIwfgx8
+QW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFu
+Y2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50IGxvY2F0ZWQgYXQgaHR0
+cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTANBgkqhkiG9w0BAQsFAAOCAQEA
+aN9N4B6lCvTi5S4vUFLSLLY/WQyT8YNi2e2v6D2BH6yiANADnsJ4PWNjh6BSXLd8
+4KpbcZ7UgQt6ex2C48szfSQjpqt7Of8MXTNnt1dqGFc/noEVksaCgnhZx5wt2vyT
+Vav5ypnEE+9Q8Bi20IK7cYr95hiKi15sX+39NUskbMVsVMVJXJE/4SydeoCMg5dh
+5xprJ9g/0Bl6m/NdKsgrTqDwP952daWcFLvQMvYgPP3GfT7oBNuFDjWnDh67NzEC
+8UKjieKwA+1Afj/RGbXfwA/dZHi5KhMvJw+615+ZXJcdBC2M2MhJhrlBDxk8g3FM
+gX3bPJWD13jb5PCM7Oqlcg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDwzCCAqugAwIBAgIQDaLXyI4fEuNfySxqGup6YjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDA2MTIxMjQ0MjdaFw0zMDA2MTIxMjQ0MjdaME8xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRydXN0
+IFNlcnZpY2UgRUNDIENBIEcyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEN7wG
+kNoeVd8Cxok+U2HpUrCARp7mEDj2+9WFbEt7m5h/cFrKN/+9x4vVcVCRm4JtURM/
+6gShF4JjOVMidGksP6OCAVIwggFOMB0GA1UdDgQWBBQu05Kw1wrvgYxSrV73plOC
+jqde1jAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA8GA1UdEwEB/wQF
+MAMBAf8wPwYIKwYBBQUHAQEEMzAxMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5k
+aWdpY2VydC12YWxpZGF0aW9uLmNvbTBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8v
+Y3JsLmRpZ2ljZXJ0LXZhbGlkYXRpb24uY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENB
+LmNybDA9BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93
+d3cuZGlnaWNlcnQuY29tL0NQUzANBgkqhkiG9w0BAQsFAAOCAQEA4Gj2ZFZ3Yslj
+rnveii9ouDFql7owz1+Ycb8uuX5L5qjmFNEowPYuqmorPYanVk4Hzs8C3b1hJ7dU
+b7GgmCmZXQ2q65+4vnW/qmiJJYhqBdGYGFOuqd6nX3ZFYqq0Y+Q+6KPX+kRV6vG5
+GqXsvM9BecJvI0064M17bLQ99GVPh0vYs8p8kCMaVxrsOG+sr0Xo2UjDLZv3LOiv
+4Ctc+5qEsTGKGyWBvgLNEtQXh7IR0HK9HKrO6GCDSQZfrxr8b+4z7eDHhCk5yt7z
+NbxgXRHAjtqway7EP5OaQMrn5lb9agqBvHb4SW4IZscBtYb6tgkjZdhuY+VHwCbq
+2wa6XsscYQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGJTCCBQ2gAwIBAgIOSUEs5ABrfCJra1ao+20wDQYJKoZIhvcNAQELBQAwgacx
+CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
+ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
+YXRpb24gU2VydmljZXMpMTUwMwYDVQQDDCxOZXRMb2NrIEFyYW55IChDbGFzcyBH
+b2xkKSBGxZF0YW7DunPDrXR2w6FueTAeFw0yMDA2MTcxMDA5MzNaFw0yODA5MTcx
+MDA5MzNaME0xCzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UE
+CgwMTkVUTE9DSyBMdGQuMRQwEgYDVQQDDAtNS0IgU3ViQ0EgNTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALcBXbJEUXFl1/F6rPW0Sfulxyb2PUGGocIc
+PIWVCyud045B/zDO5KDyP317KRfetMsPDUWDCLmKXCFcVD6KXzmlLDNkyfaqESNz
+8CCiTR+gvAKPqyZ0qUAH6qO4NPDF2NzEh778Y/Dg+5mkYY3aY2KSOG7EnUkba6Ga
+pNzHO3C10C7R7hZrZbgZ9YPJkQveAysFFoWs5bNRgKevn4J7x2+uQjylGVEw6xTM
+SiuPHfaz5DMAu8bDk131rg5ATfCmvBx+uAaOQWnz41Hz56JJf1d1Q3mTYi2+12bY
+2aOvOLonR7pES3jfPEszle7Bypjkq/ySUR0iJmq1m/aEVJfyWAkCAwEAAaOCAqYw
+ggKiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaA
+FMz6Z5PwtrjQpcAe81P9jFPfg9eWMB0GA1UdDgQWBBTe7bJVc1AbOmR2hxt3VRLe
+wSrwcDCCAT4GCCsGAQUFBwEBBIIBMDCCASwwLAYIKwYBBQUHMAGGIGh0dHA6Ly9v
+Y3NwMS5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRwOi8vb2Nz
+cDIubmV0bG9jay5odS9nb2xkLmNnaTAsBggrBgEFBQcwAYYgaHR0cDovL29jc3Az
+Lm5ldGxvY2suaHUvZ29sZC5jZ2kwNAYIKwYBBQUHMAKGKGh0dHA6Ly9haWExLm5l
+dGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0dHA6Ly9h
+aWEyLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwNAYIKwYBBQUHMAKGKGh0
+dHA6Ly9haWEzLm5ldGxvY2suaHUvaW5kZXguY2dpP2NhPWdvbGQwgZ4GA1UdHwSB
+ljCBkzAvoC2gK4YpaHR0cDovL2NybDEubmV0bG9jay5odS9pbmRleC5jZ2k/Y3Js
+PWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwyLm5ldGxvY2suaHUvaW5kZXguY2dpP2Ny
+bD1nb2xkMC+gLaArhilodHRwOi8vY3JsMy5uZXRsb2NrLmh1L2luZGV4LmNnaT9j
+cmw9Z29sZDA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDov
+L3d3dy5uZXRsb2NrLmh1L2RvY3MwHwYDVR0lBBgwFgYKKwYBBAGCNwoDDAYIKwYB
+BQUHAwQwDQYJKoZIhvcNAQELBQADggEBAL+8wgsjxxeyL6UoFWOc1ucpK5booX7w
+iVLEadCHBU+Ql2Ye7LtS+c65tqcvrXrRdwSiD6QUswYQJyd5IZtHvCQ2xA/pJW0m
+Re4kfBltKkTwS5+QN6SxeRiCYc94/+AfZVsAa3eyQCXBfUkkJ1K/l0cmq6FAsi/n
+kjLP/bUYiqPsFH8R1+MzYFr/Yt8YAiiZc2oohrW6NdM5Vd9kJ3DFPAFWJLDmBVMB
+OvnnTTdNAZ2DuHRbiNwIqiP+QIYuQmDKIkrKkanhetRpY9Kzbni4imhYlZ2wNGJq
+MlUiqjvEzhxmmJ6JAUmjmpIfTL4xad8AkEG+E2NgrovPKGpARapHK50=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFYjCCBEqgAwIBAgIQd70NbNs2+RrqIQ/E8FjTDTANBgkqhkiG9w0BAQsFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE
+CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIwMDYx
+OTAwMDA0MloXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT
+GUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFIx
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAthECix7joXebO9y/lD63
+ladAPKH9gvl9MgaCcfb2jH/76Nu8ai6Xl6OMS/kr9rH5zoQdsfnFl97vufKj6bwS
+iV6nqlKr+CMny6SxnGPb15l+8Ape62im9MZaRw1NEDPjTrETo8gYbEvs/AmQ351k
+KSUjB6G00j0uYODP0gmHu81I8E3CwnqIiru6z1kZ1q+PsAewnjHxgsHA3y6mbWwZ
+DrXYfiYaRQM9sHmklCitD38m5agI/pboPGiUU+6DOogrFZYJsuB6jC511pzrp1Zk
+j5ZPaK49l8KEj8C8QMALXL32h7M1bKwYUH+E4EzNktMg6TO8UpmvMrUpsyUqtEj5
+cuHKZPfmghCN6J3Cioj6OGaK/GP5Afl4/Xtcd/p2h/rs37EOeZVXtL0m79YB0esW
+CruOC7XFxYpVq9Os6pFLKcwZpDIlTirxZUTQAs6qzkm06p98g7BAe+dDq6dso499
+iYH6TKX/1Y7DzkvgtdizjkXPdsDtQCv9Uw+wp9U7DbGKogPeMa3Md+pvez7W35Ei
+Eua++tgy/BBjFFFy3l3WFpO9KWgz7zpm7AeKJt8T11dleCfeXkkUAKIAf5qoIbap
+sZWwpbkNFhHax2xIPEDgfg1azVY80ZcFuctL7TlLnMQ/0lUTbiSw1nH69MG6zO0b
+9f6BQdgAmD06yK56mDcYBZUCAwEAAaOCATgwggE0MA4GA1UdDwEB/wQEAwIBhjAP
+BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTkrysmcRorSCeFL1JmLO/wiRNxPjAf
+BgNVHSMEGDAWgBRge2YaRQ2XyolQL30EzTSo//z9SzBgBggrBgEFBQcBAQRUMFIw
+JQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnBraS5nb29nL2dzcjEwKQYIKwYBBQUH
+MAKGHWh0dHA6Ly9wa2kuZ29vZy9nc3IxL2dzcjEuY3J0MDIGA1UdHwQrMCkwJ6Al
+oCOGIWh0dHA6Ly9jcmwucGtpLmdvb2cvZ3NyMS9nc3IxLmNybDA7BgNVHSAENDAy
+MAgGBmeBDAECATAIBgZngQwBAgIwDQYLKwYBBAHWeQIFAwIwDQYLKwYBBAHWeQIF
+AwMwDQYJKoZIhvcNAQELBQADggEBADSkHrEoo9C0dhemMXoh6dFSPsjbdBZBiLg9
+NR3t5P+T4Vxfq7vqfM/b5A3Ri1fyJm9bvhdGaJQ3b2t6yMAYN/olUazsaL+yyEn9
+WprKASOshIArAoyZl+tJaox118fessmXn1hIVw41oeQa1v1vg4Fv74zPl6/AhSrw
+9U5pCZEt4Wi4wStz6dTZ/CLANx8LZh1J7QJVj2fhMtfTJr9w4z30Z209fOU0iOMy
++qduBmpvvYuR7hZL6Dupszfnw0Skfths18dG9ZKb59UhvmaSGZRVbNQpsg3BZlvi
+d0lIKO2d1xozclOzgjXPYovJJIultzkMu34qQb9Sz/yilrbCgj8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFUzCCBDugAwIBAgIQC3ITqfbjiPK/YCLdc2Oe0DANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0yMDA3MDIxMjQyMTVaFw0zMDA3MDIxMjQyMTVaMFsxCzAJBgNVBAYTAkRF
+MSEwHwYDVQQKExhMZWdhY3kgVGVjaG5vbG9naWVzIEdtYkgxKTAnBgNVBAMTIExl
+Z2FjeSBUZWNobm9sb2dpZXMgSW50ZXJtZWRpYXRlMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAtKyHxVHwLzxaKUfUkDGEaPL2EeBRkPM8XOo3AIaLHhtG
+jUQ4dnweBSFtmTf8xXwMcN+MFLLuG6FY9+g/n7RZwplpcnaITSn1xg5OL65RypRp
+AnGZ7DVS/DLYdbifu77N2liM6TJZtqUCuCS6rn3SdWNlyyZJ6L8ifHHclIwArZKu
+XKYzlFLkLOvxtstcL1uCy0ct1qnwrSukQTjvlymmK7mY2BBCZeR5+D+U366WCkyD
+rFfsR419d7MFKXSjVocVN1DM7nZHxsX19ms/J1b+SatzyBjXx9dIb3nsUcO54iV+
+zh5QRf6qIoJRnK0RF64LxRfzirKiCcYvsGZ8mprGIQIDAQABo4ICCzCCAgcwHQYD
+VR0OBBYEFO9UC2XGNdXx4nGuntnFJ+oXYancMB8GA1UdIwQYMBaAFE4iVCAYlebj
+buYP+vq5Eu0GF485MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADA0BggrBgEFBQcBAQQoMCYw
+JAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTB7BgNVHR8EdDBy
+MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxS
+b290RzIuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNl
+cnRHbG9iYWxSb290RzIuY3JsMIHOBgNVHSAEgcYwgcMwgcAGBFUdIAAwgbcwKAYI
+KwYBBQUHAgEWHGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9DUFMwgYoGCCsGAQUF
+BwICMH4MfEFueSB1c2Ugb2YgdGhpcyBDZXJ0aWZpY2F0ZSBjb25zdGl0dXRlcyBh
+Y2NlcHRhbmNlIG9mIHRoZSBSZWx5aW5nIFBhcnR5IEFncmVlbWVudCBsb2NhdGVk
+IGF0IGh0dHBzOi8vd3d3LmRpZ2ljZXJ0LmNvbS9ycGEtdWEwDQYJKoZIhvcNAQEL
+BQADggEBAGZxjeLaWCcmYQVQ2IzVogI84UumqHvVvbMERwOYxIPcaTnZim3+8sJb
+PjipkfDP2YEhok+b4MTNXfKLJVfCdhMLXAq2l13l7X0v6S4zcXvp5SPcMTQCzwUY
+AXEC1rbHP/SJzqe8cAq0fj9hmpEw5U/VfP9u6CAyUM6/vGpoZYwja1apA/J84KDD
+V4ubiWgj+8KvEjHVNLzWts2fyuEYGAyNq2Y6f2JDc5yFmBcM1cAkbVy9SHAmnH8p
+f/YIE7vWn5g5LFfpUbt0tnIi+6LlZKclXx06QcbPHjtV1sBn3KNBXJPB23IViHNG
+wj/QoKrz2KMrOJPN/ru+79Ep8G12UnI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFPDCCBCSgAwIBAgIQAWePH++IIlXYsKcOa3uyIDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0yMDA3MDIxMjQyNTBaFw0zMDA3MDIxMjQyNTBaMEQxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFURpZ2lDZXJ0IEVWIFJT
+QSBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0eZsx/neTr
+f4MXJz0R2fJTIDfN8AwUAu7hy4gI0vp7O8LAAHx2h3bbf8wl+pGMSxaJK9ffDDCD
+63FqqFBqE9eTmo3RkgQhlu55a04LsXRLcK6crkBOO0djdonybmhrfGrtBqYvbRat
+xenkv0Sg4frhRl4wYh4dnW0LOVRGhbt1G5Q19zm9CqMlq7LlUdAE+6d3a5++ppfG
+cnWLmbEVEcLHPAnbl+/iKauQpQlU1Mi+wEBnjE5tK8Q778naXnF+DsedQJ7NEi+b
+QoonTHEz9ryeEcUHuQTv7nApa/zCqes5lXn1pMs4LZJ3SVgbkTLj+RbBov/uiwTX
+tkBEWawvZH8CAwEAAaOCAgswggIHMB0GA1UdDgQWBBRqTlC/mGidW3sgddRZAXlI
+ZpIyBjAfBgNVHSMEGDAWgBROIlQgGJXm427mD/r6uRLtBhePOTAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
+cC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3oDWgM4YxaHR0cDovL2NybDMuZGln
+aWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDA3oDWgM4YxaHR0cDov
+L2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDCBzgYD
+VR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k
+aWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMg
+Q2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWlu
+ZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2Vy
+dC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUAA4IBAQBSMgrCdY2+O9spnYNvwHiG
++9lCJbyELR0UsoLwpzGpSdkHD7pVDDFJm3//B8Es+17T1o5Hat+HRDsvRr7d3MEy
+o9iXkkxLhKEgApA2Ft2eZfPrTolc95PwSWnn3FZ8BhdGO4brTA4+zkPSKoMXi/X+
+WLBNN29Z/nbCS7H/qLGt7gViEvTIdU8x+H4l/XigZMUDaVmJ+B5d7cwSK7yOoQdf
+oIBGmA5Mp4LhMzo52rf//kXPfE3wYIZVHqVuxxlnTkFYmffCX9/Lon7SWaGdg6Rc
+k4RHhHLWtmz2lTZ5CEo2ljDsGzCFGJP7oT4q6Q8oFC38irvdKIJ95cUxYzj4tnOI
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFPDCCBCSgAwIBAgIQDWASYsinchpuqwNh5WGVgDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0yMDA3MDIxMjQyNTdaFw0zMDA3MDIxMjQyNTdaMEQxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHjAcBgNVBAMTFUdlb1RydXN0IEVWIFJT
+QSBDQSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANDSvFMMGIOI
+D2N+rpyaGTPfyItp3atCyimRJCPtAakU984EB19Zugrb82ui0iy0zLKMDrOuN+Ku
+H6jF4F4ZCoHjN7tFdMtSsCUAbrpFVO/5BLY+VTIg7YUN5LwRHUb2QVSGwKyIeYS+
+SqPV8mzTMkG9GnWjG1IQT0F1+Xu7+uAGRFVnIdYCSBgl7iG4qOWZjcPKnW+3OJRO
+dZtwGE39E7WoasoW8Nvpu5FFp2WIsvY6B/0whr3w+xKeBYb2WNKI1ZXvk4y+AmUa
+BdRTY0HPBZ4+6Ipcq2Rl+QLQXQuGXH95YujYNYpbnV7ASU5/dVmqVPY0LHnp2sNK
+IN65/n+DbcsCAwEAAaOCAgswggIHMB0GA1UdDgQWBBQo0s/uCYR13bWytb881aDG
+c4hdHzAfBgNVHSMEGDAWgBROIlQgGJXm427mD/r6uRLtBhePOTAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2Nz
+cC5kaWdpY2VydC5jb20wewYDVR0fBHQwcjA3oDWgM4YxaHR0cDovL2NybDMuZGln
+aWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDA3oDWgM4YxaHR0cDov
+L2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDCBzgYD
+VR0gBIHGMIHDMIHABgRVHSAAMIG3MCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5k
+aWdpY2VydC5jb20vQ1BTMIGKBggrBgEFBQcCAjB+DHxBbnkgdXNlIG9mIHRoaXMg
+Q2VydGlmaWNhdGUgY29uc3RpdHV0ZXMgYWNjZXB0YW5jZSBvZiB0aGUgUmVseWlu
+ZyBQYXJ0eSBBZ3JlZW1lbnQgbG9jYXRlZCBhdCBodHRwczovL3d3dy5kaWdpY2Vy
+dC5jb20vcnBhLXVhMA0GCSqGSIb3DQEBCwUAA4IBAQBVbQs8KD6qRnOf/dtOHNAy
+ieoRcA1Zk3lGMLwqNfuLpTb9gDQFpvxGN/3X7i0mAEtRhN/r9fDv8oiVLn6gfpm0
+UUN47vFJCzf5dqkV/N7LkMTqlhDA0Ve/GBJ3A2E5yFT7TgAGN4wJ9cCZrKbqKHVU
+RatwJ+T58jmhbvtEM7t2ucB7u+Dmu4KoOTEx8LR8+qn8OyLh1VLq75vzDTsnhTN5
+3AgPdMVFk6F8sjT2P2xbvAb0kAlyAtldAtpGvBzXhacmRs7rTqz/oTDwYZLkrm+q
+EltdmGwUOWvFPjwucH6tS+gQgiUYiNJqijzI1jr8TZ01VGOSTW7rRUKgkN5WJqDA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFOjCCBCKgAwIBAgIQB8LG0yxvDgqrrA3Q+fzVszANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0yMDA3MDIxMjQzMDJaFw0zMDA3MDIxMjQzMDJaMEIxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxHDAaBgNVBAMTE1RoYXd0ZSBFViBSU0Eg
+Q0EgRzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ6jsIHs3bmIoe
+7DvnuSvGX375jpWKv25Gf7uz8GZQT3DFVHeRS0NKn5WosqMVNYJKKEImR1Gb2dxl
+90/GDypngguJeBVxdTtgGWPpGnuKPXfc6Qy8yKS1SRQsEs2q2EHl0tEU+/vyNro0
+DDZcox947My8htb1dLx0Q/y9KjEuagQ5AXeLidtiaiAyKnThZRslD8EK/EcHRvkP
+AVMSfGyCVmho3VLBP7LAlLA/RyrAX282OfK8lPZqsASNsOQhmsZPT3IuQhXz7RXc
+nCpBM+GfZoFSP6+uO5j8TZMkqLTAuVAsSyGY8zNbzYupA7QmPcIfAwqG1oD9dGah
+2GgKoeTnAgMBAAGjggILMIICBzAdBgNVHQ4EFgQUbC7kYbTDub3wyq2mwWh6uNTM
+HaAwHwYDVR0jBBgwFoAUTiJUIBiV5uNu5g/6+rkS7QYXjzkwDgYDVR0PAQH/BAQD
+AgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAG
+AQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au
+ZGlnaWNlcnQuY29tMHsGA1UdHwR0MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2lj
+ZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwN6A1oDOGMWh0dHA6Ly9j
+cmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmwwgc4GA1Ud
+IASBxjCBwzCBwAYEVR0gADCBtzAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGln
+aWNlcnQuY29tL0NQUzCBigYIKwYBBQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENl
+cnRpZmljYXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcg
+UGFydHkgQWdyZWVtZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQu
+Y29tL3JwYS11YTANBgkqhkiG9w0BAQsFAAOCAQEADf6H4Rxu128yUZjIR/vkWEv0
+PnYKWUQkGXwbqaioq/zjVC/+LrIwBKwEH2aBQyBO/uvMwF+4PSThZKinw51Pfp8w
+PcaBMeuQR1PEIYjQN3+NjRpMIFb2CUtbnMsHybKqKSW3rsTT2r2EIBtDrZ3EfeEg
+5bfneV6PKvGqcQRZq5BBNTH11tedhcLJB+7F7GRVz8cKCTz0INpQk8gthjBND1+7
+CR+ZHTWPqdXGRqiFJ09NTVmohj4dgL3VyOIArpmPbigODbp80fxzoQJepkHFef6q
+mniWnIl7HApTrTIV/UN22gbCcL5dosGv69wnOVQomQsalcOkujetA5BruTiB9A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGbjCCBVagAwIBAgIQAf0pjz0zJHWvKD7zSGgdczANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwNzAyMTI0MzE4WhcNMzAwNzAyMTI0MzE4WjBAMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMVk13YXJlLCBJbmMuMRowGAYDVQQDExFWTXdhcmUgSXNz
+dWluZyBTTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMeJ/piY0bC1
+3OibGu9qMIAHARH9ossB6+zihswhLxRHGfu7kAHZ28w6RLTD1fB/Q3gLhMuvchUA
+GjzbTPKd0RtwRoVvE5G3XQeeHRpefxKmo1sjM/z9ew+a5dp0L/3cFwdpkiETYlS+
+qRzLV0qHmFiDGB2dR8+96b1AlyyLyBmr13osxg3FcHgi6e6Wxq4ZKmC3eJVOxTgn
+iDu/o+141oj+ElwZ/0+h/DRPKHkKAqe37gDkOmy+NQzc+pTQX4nCgmHH3RV/cKxF
+dZHD53ffXhGp0u/IjdPwXXhadWKSW/7472q6E6bGw0c8euQuofdEt0/Jcn0TfK99
+TaI8b1L0iu3YW7RNv61ZULgDgqTPJ41dPUvJYfjlXiv+qT7uGx7TumEzthq8q48b
+lSrzcYhk/4hV+2upHM6L94IC0aXBtFkNbM+IgAfXgTSAwRKvuZ3qnszIBori5IsO
+5hY4ZLnAzEzPWdyqFTTjNNwPR9Uehq8LG3tMEDo6//Qe+zbkAW9Op5FBWPO/1kvg
+vQiAfM+020XI7pEzXqcs/ZA6MxPE5KsiaYHbh7ooBxsiRcSinmI5pBPMcBI+dA65
+xHNEu+DCK62S4L417R+PA/sZ+/X7z/OwV3/DMkLxsZQ0+SPqXTv+t95C4uFLQBib
+fFUO5hNBuFMAKqQmzRJMS2zFG1bSLOvRAgMBAAGjggI9MIICOTAdBgNVHQ4EFgQU
+BwydF+g3CZjn7wJgu0tgu0XYvnwwHwYDVR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1W
+tZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEF
+BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMIGBBgNVHR8EejB4MDqgOKA2
+hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290
+RzIuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRB
+c3N1cmVkSURSb290RzIuY3JsMIHTBgNVHSAEgcswgcgwgcUGCWCGSAGG/WwFAjCB
+tzAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBigYI
+KwYBBQUHAgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1
+dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50IGxv
+Y2F0ZWQgYXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTAkBgNVHREE
+HTAbpBkwFzEVMBMGA1UEAxMMU1lNQy00MDk2LTc3MA0GCSqGSIb3DQEBCwUAA4IB
+AQCjQRprV4Do/ROak60N1coo5r0nBqtdiiQf7De4PHSLMA1BA8f6WlXD6Vt76ECL
+h1DDa/7JgaEs6yRm6/leqp2VMWFTfH3HLhl98DCiJgYB1XsAvkldfLAkhVWW3FuD
+JdA/O2Isq0dL7ZVUxRS0Z5QYJQEbTHpdAbPHesQXljLPZ7SCl7PybZatfGAVFeTN
+mrHQl35IjAqwEOBD7t4qJsSjeUDZL0rGktaAgw2xXNOfAK+foU88iiQpuo3y0xV8
+/o7OtItb4x0sYWLaBoJElEh6u78nRB7kEDLh4XupJdhfb5wEs6HYOyCS0qBpiqpf
+t18BLRONE6bdOPrB1sw26arD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE1jCCA76gAwIBAgITMwAAABuBYchfBitbzgAAAAAAGzANBgkqhkiG9w0BAQsF
+ADBtMQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lT
+VEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBH
+bG9iYWwgUm9vdCBHQiBDQTAeFw0yMDA3MDQxNTEyMjFaFw0zOTEyMDExNTEwMzFa
+MEwxCzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSswKQYDVQQDEyJXSVNl
+S2V5IENlcnRpZnlJRCBQZXJzb25hbCBHQiBDQSAzMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA4cA6tdKsNDPOBN92GLKvgHtRfihS0BdiIzr/6GXWz5+0
+/Um1Ytk/ePBZEJNAdWms/doTRsNUTqKK2Ao6mpVy0Ng3Icmv3rVYcJyEhDxIXYvf
+C5xDK9VPL014+682tRsHPbrKqV1yA1/nltcn2HInkc3QjxFYzanMac+NV52TeceM
+CwIMNXImPXUrnOFGsuLd625UqxJxJCR91yiyXyd+edvuK5JbKGTKFrAwkJtx2NO+
+CzFQk3WpT4R9Ra3hdMuJUq3QMRPRLkJ/d7mK/yMVuSbjbUEii8/eqSoqNWvlPZIe
++8GSWIeiymrcmBG4eYc29EsPKehJhLwiyqGGYa4KqwIDAQABo4IBjjCCAYowHQYD
+VR0OBBYEFOWndkBVsAF/9AD6TMosb+qcELA2MB8GA1UdIwQYMBaAFDUPyDZjXuKj
+7Pk7ZhXOUVLjkZo9MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9wdWJsaWMud2lz
+ZWtleS5jb20vY3JsL293Z3JnYmNhLmNybDBsBggrBgEFBQcBAQRgMF4wNgYIKwYB
+BQUHMAKGKmh0dHA6Ly9wdWJsaWMud2lzZWtleS5jb20vY3J0L293Z3JnYmNhLmNy
+dDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Aud2lzZWtleS5jb20vMEIGA1UdIAQ7
+MDkwNwYEVR0gADAvMC0GCCsGAQUFBwIBFiFodHRwOi8vd3d3Lndpc2VrZXkuY29t
+L3JlcG9zaXRvcnkwNQYDVR0lBC4wLAYIKwYBBQUHAwQGCCsGAQUFBwMCBgorBgEE
+AYI3FAICBgorBgEEAYI3CgMMMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/
+BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IBAQAd57kZoN16RGmIhbBwX15BKYrRMQ3N
+Sjo7j3p4WiMNtBRqr+/3tC/3PFLJvUuZC77qFoNZyCgQMv6xIYOon5tb7Qwz4eMz
+/PtdysDoBKG1RyIMf2c+S8sPRbs65znIx6ID8yNJxywx6A2/yDxCXhD+LX1yjdwj
+kWZlQpaPCXBufFDFHjCIeb1XvXqiSDuIVKM9jcB+1TDZHO8Aec5vAaScMxIjuAK/
+ODRewFwTIazaA2jCE9xcgEn0agNCpbSJ8JW1rkIwht/A1JrV3dsEq5++L214ESFj
+ra6U3DTjtY8LniJgH6MMBcPI6EJ1hAo1VPk9djPH3doyS94zc5HWgIwg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvjCCA6agAwIBAgITMwAAABzNh2vJdU6nywAAAAAAHDANBgkqhkiG9w0BAQsF
+ADBtMQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lT
+VEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBH
+bG9iYWwgUm9vdCBHQiBDQTAeFw0yMDA3MDQxNTIwMjZaFw0zNTA3MDQxNTMwMjZa
+MEwxCzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSswKQYDVQQDEyJXSVNl
+S2V5IENlcnRpZnlJRCBQZXJzb25hbCBHQiBDQSA0MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAsL4uMagNTJAAQIqfngQ+idSu0CnOKSs01xdVCJd4J/L6
+FE26lvJJQKvr8Kw44571K9WsPDP4vyvbAhMnCAq5z9ukb9PqGwQu7zaM/YKRLspw
+SFaG7H3F5xqAQOzOClsW8gVYxrOUe6Uzq8s29wdMgZu3lPG92WzxyGHnVaV1sa4b
+uzWiOqTsgkBZuBXOmIDpgEJtsX70RpHoLTKS5vgI0KqljhfJpoYwdNO1zc37GpX5
+b/f5YYazfa52lK/i7qO0p6fu8VPvDtNObdZhD+5sMga96F/XO/c7su5/WTGa+AgT
+yv3k5aHJKspZU0uuMpfQClhdLgs/ScFjeNl5EGKfKwIDAQABo4IBdjCCAXIwHQYD
+VR0OBBYEFNtoLANXesw9bGmhOaCbv7CKGVexMB8GA1UdIwQYMBaAFDUPyDZjXuKj
+7Pk7ZhXOUVLjkZo9MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9wdWJsaWMud2lz
+ZWtleS5jb20vY3JsL293Z3JnYmNhLmNybDBsBggrBgEFBQcBAQRgMF4wNgYIKwYB
+BQUHMAKGKmh0dHA6Ly9wdWJsaWMud2lzZWtleS5jb20vY3J0L293Z3JnYmNhLmNy
+dDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Aud2lzZWtleS5jb20vMEIGA1UdIAQ7
+MDkwNwYEVR0gADAvMC0GCCsGAQUFBwIBFiFodHRwOi8vd3d3Lndpc2VrZXkuY29t
+L3JlcG9zaXRvcnkwHQYDVR0lBBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4IB
+AQC+kC2vXY3///B9YT1zK7D2d5gOpeSjqVNceddRnrfDk+ks+FtRyW7La8b9oK/h
+piakkqLmuOzesbgok+Ta740l7tOxt94UjWpMLqmLJMwA/lCyj7ZVVMFOdxGhWlG5
+saSSqagXqoxrSdRwsmQs/YYMZf6OEA2P4Tss1flpdlsydmFpJ2qZtYusF0WiAvOY
+VYasXHCUI3Zb5BmU0rbya3RRQKuFYAIL9F/MfNj4T31HaCEfX+t3axRc6g+E9/yx
+8uSHF8aaeJhpkSwitCibz03dD+Jb7C3f30XkmyNCpGB47/r40TxmSxafVdhI6Ysc
+LiV7qbjs2n3zZHCMzjBXDJ/h
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEuTCCA6GgAwIBAgITMwAAAB1sHJ4B1ms5uQAAAAAAHTANBgkqhkiG9w0BAQsF
+ADBtMQswCQYDVQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lT
+VEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBH
+bG9iYWwgUm9vdCBHQiBDQTAeFw0yMDA3MDQxNTI1MjZaFw0zNTA3MDQxNTM1MjZa
+MEcxCzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSYwJAYDVQQDEx1XSVNl
+S2V5IENlcnRpZnlJRCBTU0wgR0IgQ0EgMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAPskiJ2KuwQyuDILa9u+q2DamhpomWIrrCxyjq2w2rY95wJyqf74
+cLEwHEJ89L9F0z5MFpF0FgW2CVZCLTLwHiDEtaRz0I5xLQA4x6W1cbonXiK857hS
+ASEGsZoXdljjkH1lo1B3f2VvVdQ0frgF3nU4swwHE9kg+LI6Ed9n36/iYuMQY9Rp
+YqYFBJcIdcEgyyI11g93mNnGg3CZifiqBjVq4jIaKSAkIa3bXQr2gylcaERQPaiD
+o0KRxTP+xQu04uirsJhzpqB/ps63IiIJHb7pXvZf/n97JU1rlanOtZFUzjjjye5G
+Q0oslh0gCH8INBMH2ta/a+xI7/ULBfcqFXsCAwEAAaOCAXYwggFyMB0GA1UdDgQW
+BBRfG8UKezh9PsO3Mb+k+xQjUuGNGzAfBgNVHSMEGDAWgBQ1D8g2Y17io+z5O2YV
+zlFS45GaPTA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vcHVibGljLndpc2VrZXku
+Y29tL2NybC9vd2dyZ2JjYS5jcmwwbAYIKwYBBQUHAQEEYDBeMDYGCCsGAQUFBzAC
+hipodHRwOi8vcHVibGljLndpc2VrZXkuY29tL2NydC9vd2dyZ2JjYS5jcnQwJAYI
+KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLndpc2VrZXkuY29tLzBCBgNVHSAEOzA5MDcG
+BFUdIAAwLzAtBggrBgEFBQcCARYhaHR0cDovL3d3dy53aXNla2V5LmNvbS9yZXBv
+c2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8E
+CDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEABRDe
+syjqWXCR4JmGdGqDaXZ2yxVF6GMUTzbyCMbwSGr/NzQcuHeUGCapHMxSX9HRG1he
+/+pIW3+FVckuQG+4ZNQ9b8+QTo1GH3fbbsm7I/PHofp8mv4f8beEDXS7AW/lfKNZ
+T1SMJoFifazqARMHZ3fe+e1S3IcAfbj0ZiIXGEnbj5ZfFpgmVBcUxp07CI+xMw2W
+Vd4P4HjapTeZ7wEL8eWj+NFqwHtJwCdrScEFlvOWGJxV9NoPlhRyuisC2OUQvFM6
+u5hVMJ/InGvaY4vr0cYLkcRl/rcEUN9iwn9J/3z8JypI2xrHwI8mttJBkgSZYHPU
+4qNBNzctN63j7u1OgQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8jCCA9qgAwIBAgIQd70NkN5DlZmaBhVLShIamjANBgkqhkiG9w0BAQsFADBQ
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEmMCQGA1UE
+AxMdVHJ1c3RlZCBSb290IFRMUyBDQSBTSEEyNTYgRzMwHhcNMjAwNzA1MDAwMDAw
+WhcNMjYwMjI0MDAwMDAwWjBfMQswCQYDVQQGEwJCUjE3MDUGA1UEChMuU09MVVRJ
+IC0gU09MVUNPRVMgRU0gTkVHT0NJT1MgSU5URUxJR0VOVEVTIFMvQTEXMBUGA1UE
+AxMOU29sdXRpIENBIC0gRVYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDRrAkXiaEMqbWuTbA14L9TBdVppjMF9fKPfMs1sd7mUgL7Bbrf2rs1oeXVM6Uy
+jvsNxe4BfLp+z3fkHEXiyRYu22P4iyT23suaGMp47BErHGh4bBn4cBIMXrAW7wrh
+zhBLUEVuMfkhU2sZyK9Ci6PLnHH4jE1Phu1Ql+HZkswE4cn4bUImSb+9L9449gg9
+Jvyok4xvEcnKg9RCtlWxXCG34Cz3o/417Ud0cWMK289AA9SPZbf7s5EbfJBe39XV
+vCwEhZM6i7FyYOQ31V/PjZ2bVM18UuHC6qdtNBV30TC9G0ZNga9bNTUsGQqgv3vN
+Scm0Afg7hh21jAMBU40z0UFnAgMBAAGjggG3MIIBszAOBgNVHQ8BAf8EBAMCAQYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0OBBYEFCQIvAqAXDm6uBZ3fpKRSjLyuskqMB8GA1UdIwQYMBaAFN5P
+190nrtV/WIHhLEesI7fGe1fvMIGTBggrBgEFBQcBAQSBhjCBgzA5BggrBgEFBQcw
+AYYtaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290dGxzc2hhMmcz
+MEYGCCsGAQUFBzAChjpodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2Vy
+dC90cnVzdHJvb3R0bHNzaGEyZzMuY3J0MEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6
+Ly9jcmwuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290dGxzc2hhMmczLmNybDBVBgNV
+HSAETjBMMEEGCSsGAQQBoDIBATA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5n
+bG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAHBgVngQwBATANBgkqhkiG9w0BAQsF
+AAOCAQEAZ2tltks5szTM9wFCPnDhKVLlIPD04L+oSP2kUyMXrTy44xWEOef7b6Wc
+Xg0ttTkR2J4EgVSjNTUJG1kQYvFN+2hnOayOyY+H19em0TZ3BL7asLQRARdp2YxS
+biOkOgtB46x7WnT+gt7TlMeXZ1+0L53HELPQZl/+MfzC8qoZex/RH68LnTSOvkBa
+fpahn/cdnMwvtK7JvaQQXeOIIJJPJShsGTfdLzmkoIPJLvEE5gtf/t6XyoMcNuaa
+YkvFj3pWYOKbVO03zetR59nl09HV8RBqEirvd9I4MfC7pJrKDOUErlqLGuwtl39t
+Ei2qOsK+mDBK7RY0FyUNDaE3NtWP5g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFLTCCBBWgAwIBAgIQd70NdUhoHC9yKezCm/Dn2jANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MDUwMDAwMDBaFw0y
+NzA0MjUxMTAwMDBaMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMSkwJwYDVQQDEyBUcnVzdGVkIFJvb3Qgbm9uVExTIENBIFNIQTI1NiBH
+MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKa6/NHEy+nGQa9NlAbK
+Wbd8BDpdSjHZVQq9zCx6gBSberLXiphVpx6sHY7SuzRaZTQi7EkaOO8sy6EEb+BW
+qdAZb+D2qgE3D+LHNC/+xZGh3Zc1YXtGLsOHInVDC+moikLloie4uO7Xt3qLdngs
+tBR7UWt7RsJ1NLUBOTI3KKHs2xA4ci31bMBSfA4gM8+SnBGK3bYy48c3sFwP21ag
+jr2dNUvP4JgC8KWHWyiatpvzHMCjrn+Dj7O/GodveV7hUY6NIb6/Fe2MVwxY74pb
+nUVrie7pqNeibRiVckd6nYVvgfn2mPRrh02v+UHWkFhk3Sgc7AfELfAf3PjJURo4
+0s8CAwEAAaOCAgIwggH+MA4GA1UdDwEB/wQEAwIBhjCBnQYDVR0lBIGVMIGSBggr
+BgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwQGCysGAQQBgjcKAwQBBgorBgEE
+AYI3CgMLBgorBgEEAYI3FAIBBgorBgEEAYI3FAICBgkrBgEEAYI3FRMGCSsGAQQB
+gjcVBQYJKwYBBAGCNxUGBgorBgEEAYI3CgMMBggrBgEFBQcDBwYIKwYBBQUHAw4w
+DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUKfFcg2Jb9z8c1hIFK0mgmyars5kw
+HwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7wwegYIKwYBBQUHAQEEbjBs
+MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjMw
+OwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0
+L3Jvb3QtcjMuY3J0MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs
+c2lnbi5jb20vcm9vdC1yMy5jcmwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYB
+BQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0G
+CSqGSIb3DQEBCwUAA4IBAQAmhCUxriNrFpmD9yB54aZN2r0+OtlzOICoss8Lqo0m
+uP0QmzwFIVwzUelILF+vhgi9YXnr6nzkNsA2WB/vmieprUg7xvGVs2m5KdCV79qw
+7iaLyQsui3ZuLfkd/+RHmFbWrLYyUG0/akTvJYtaBAVJd1LE2sBnmDF8KytCPpck
+YHUpSiEP1WlIklZQjeCHRvS4W5SNmb1O9qNGpjB2xfn/1yLo41CJ96F5OkcMKX9+
+7ALLu/Zqw+Uy6eaxi9A4hwci/6U6XLyp9pGqfi/88PYHoDp9kpSeWKNoCCyyalHK
+vT7+Btn3hCaPtJMx9fDnDIuNgqG+kTCRcrazkqAtJark
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE5DCCA8ygAwIBAgIQd70Nh+gxFRq///agUzKcozANBgkqhkiG9w0BAQsFADBQ
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEmMCQGA1UE
+AxMdVHJ1c3RlZCBSb290IFRMUyBDQSBTSEEyNTYgRzMwHhcNMjAwNzA1MDAwMDAw
+WhcNMjYwMjI0MDAwMDAwWjBfMQswCQYDVQQGEwJCUjE3MDUGA1UEChMuU09MVVRJ
+IC0gU09MVUNPRVMgRU0gTkVHT0NJT1MgSU5URUxJR0VOVEVTIFMvQTEXMBUGA1UE
+AxMOU29sdXRpIENBIC0gRFYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDfSHqaA6r8TlKODVnmmc0FmtGbOikRqwkjm5ILI5uyI3tAyKCQR0ED7liWcDdH
+CwaGjFIpJcFVCYXkMMvlm81y5iuKWnI04ocrgePKc+Ar4HtAPqYst8utGH0qoeEo
+gTHI2u6bO1lkv5P6A/GAwG9xLsR+31vuCXXidDM6+A0DS0NsDJelHOGdobdlp88Y
+r4cz692zZ2ZmU1CP7wAadzVuYZWhky9xfVoa32vU/OrYmpGIY3Ye8poEoDFbYR9V
+/9xgj+HmCkJZV6WR4RQd6nqctkCn+nVLhzdCb2XCNZWoH6Cvvarla8pDUICTLVEv
+lgK0vN5oUpqGUiAVBnOpZ8/NAgMBAAGjggGpMIIBpTAOBgNVHQ8BAf8EBAMCAQYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0OBBYEFIfhAyBlC/oDSaT2czPJoGa/14dSMB8GA1UdIwQYMBaAFN5P
+190nrtV/WIHhLEesI7fGe1fvMIGTBggrBgEFBQcBAQSBhjCBgzA5BggrBgEFBQcw
+AYYtaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290dGxzc2hhMmcz
+MEYGCCsGAQUFBzAChjpodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2Vy
+dC90cnVzdHJvb3R0bHNzaGEyZzMuY3J0MEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6
+Ly9jcmwuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290dGxzc2hhMmczLmNybDBHBgNV
+HSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFs
+c2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAKCrYW+Jgmfl
+84efiAdj89JydKfaO6KzcPiz/C73URDyQI7viTsduqsJ9CznTcwOphjrclGH3fmw
+1LGPlTE90+erhxnJN2GQw5ZH4FDpoR1cr97qGp0Lo59jybe0scgKGBp0zqsTuIac
+DuQdmwK+ul58pbVw6MjtwkwMA9Q4rWmvhfWRuqkuetKbirp7QJEwLN3upSmbftv/
+nEmBTudQ+OIWvBl1d6HVUiQbRQoHm7alW83mxyx+N8M8SUf/8Dl17p67ecjv4OoG
+PExbZSvCuBBqBuTkx+cvaoVn6VwoP1sLVhP4fM/GUqdUzgOIlDPxBc2ons/03Ztl
+/ipzdvhwF1w=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE+DCCA+CgAwIBAgIQd70NrbPiwI2vSwhjGuic4DANBgkqhkiG9w0BAQsFADBQ
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEmMCQGA1UE
+AxMdVHJ1c3RlZCBSb290IFRMUyBDQSBTSEEyNTYgRzMwHhcNMjAwNzA1MDAwMDAw
+WhcNMjYwNTE1MDAwMDAwWjBkMQswCQYDVQQGEwJCUjExMC8GA1UEChMoUmVkZSBO
+YWNpb25hbCBkZSBFbnNpbm8gZSBQZXNxdWlzYSAtIFJOUDEiMCAGA1UEAxMZUk5Q
+IElDUEVkdSBPViBTU0wgQ0EgMjAxOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAKXy0aVSFMG4AXgSL5oDnUPqls7zPa1Fuik4KqTfSTaz1Q7ucOLl++mg
+y+a0QsNCgunY3fXTwWmKMZABj4+K5OCzyNIuaAZdG7VN4+euIWrHS6MDycpR31R/
+oz7Rle0bxv7mvEUBXoP/UIicYuM3jerIVCg6MsfvA9Zf96wW+Ay5wEmmGwhmNLST
+ULwKFLYzrxNoirAfgSFqOveSE4tjrpFuIuZYj/E587tpT14sPklK8iuQmbfe32Jd
+sZ9kUKgAOjTnaFH3S1xaKAYsHHlOAlcond2TDneTAdU1B6fvfKHc8lWcGL1luzag
+Xy8otoMTjLLAIMusMeGLKchPwUvHyrcCAwEAAaOCAbgwggG0MA4GA1UdDwEB/wQE
+AwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgw
+BgEB/wIBADAdBgNVHQ4EFgQUqzDHByhLy3qOW/5haffUerKFm0gwHwYDVR0jBBgw
+FoAU3k/X3Seu1X9YgeEsR6wjt8Z7V+8wgZMGCCsGAQUFBwEBBIGGMIGDMDkGCCsG
+AQUFBzABhi1odHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS90cnVzdHJvb3R0bHNz
+aGEyZzMwRgYIKwYBBQUHMAKGOmh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20v
+Y2FjZXJ0L3RydXN0cm9vdHRsc3NoYTJnMy5jcnQwQQYDVR0fBDowODA2oDSgMoYw
+aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS90cnVzdHJvb3R0bHNzaGEyZzMuY3Js
+MFYGA1UdIARPME0wQQYJKwYBBAGgMgEUMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8v
+d3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAgGBmeBDAECAjANBgkqhkiG
+9w0BAQsFAAOCAQEAof/6KIQsQwsczUZDJrQQD1RpJMQdfh2QqWQ7SXdR1zxKiSgM
+QvvJan2LhxfHW8v4gViMDQayixxTF6P6rrj58NU8lBHVWSoRtWCvnlDit1908xyY
+vecmxAuBTJhpFlDycyGBn41Dsg7cAUKuYQSySESaOm10P1aHKA1LyL95FUNbCyx7
+PACfMdbvIqGvzspH/WV4N8he97btZqBsPCjlINMhtNV1fjMB80wVbGRBtDCEURg7
+VOACkZGeJejOO/HWsONdW76g4YhIEsnmQXJRSND6mTWpaQv2fRVlK4Z0x4Xtoxy9
+iHifx41Q834r5XErkk8cOU6H4mRQy1hLr+0bog==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEqTCCA5GgAwIBAgIQd70NdT8uGWAb1U4KAkRGdjANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MDUwMDAwMDBaFw0y
+NzA0MjUxMTAwMDBaMFAxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMSYwJAYDVQQDEx1UcnVzdGVkIFJvb3QgVExTIENBIFNIQTI1NiBHMzCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKXRe6ZnoR+4xcoJL/S5vx1D
+qMMe4LCFB+zMMOCi5stfYUfK6bBgilYKilk42F85z5o1eLKUfj4ycGfnaUVLdSsj
+waP1HMlobr2xBMiH9+q1KgyWui1v8KRv+IhdPaxRojgLLM4jlPLlHvqvorcmGHQl
+x0wi2VM8Grqf+cdkhYXHGTBRvBLhAofAhgoWTVzrwTZ6MtAPaCATJ+gcSVQHw9LL
+XM7xVQukmUwMMpp1mixfKbmIv+DETaMk9O+kt5R4nPLt7M8lUS1CaezdivbKvvnL
+4Wnc7nXzRC/NNLtuWs+6i154Yj4a9JB19oGBrInMm673GanbB1r8IuZoROKdGakC
+AwEAAaOCAYEwggF9MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU3k/X3Seu1X9Y
+geEsR6wjt8Z7V+8wHwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7wwegYI
+KwYBBQUHAQEEbjBsMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWdu
+LmNvbS9yb290cjMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2ln
+bi5jb20vY2FjZXJ0L3Jvb3QtcjMuY3J0MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6
+Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC1yMy5jcmwwRwYDVR0gBEAwPjA8BgRV
+HSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3Jl
+cG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAW8OVBjtYaLZ+QvyJta++B4k8B
+DklbV6XCiJaapjYbZoHssAMd4o+GDr24R0MOmm83sWLdo4gOuNlEwhSVyezr42EJ
+2QBLZEJSZwHnMpfPddc2mlZ5gMN6PECZrz4W+t2xmSgOYQi1uIHIiDAoSm4/eppe
+8/SLClJTYk/mgF5FfnmNDeOhDE+e836s83RyaVzLxTbl3ZfDSCw2WWglSbrXheWg
+ydDeEOmWtqeQjlrTmVX/UwFutWPc4W+v8xZ9KT3vcpG4PZd3ZH0GnckeNjBcFiAi
+dXm4Aymp9y9XHFAsTfHPH3UMmR7WIVc+iboT/14tlK9n2oASLiJjPaACGnpU
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdDCCBFygAwIBAgIQd70NfGZ3X/lwu9Bpg6ZrWDANBgkqhkiG9w0BAQsFADBT
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEpMCcGA1UE
+AxMgVHJ1c3RlZCBSb290IG5vblRMUyBDQSBTSEEyNTYgRzMwHhcNMjAwNzA1MDAw
+MDAwWhcNMjcwMjIyMDAwMDAwWjBcMQswCQYDVQQGEwJKUDEPMA0GA1UEChMGSklQ
+REVDMR0wGwYDVQQLExRKQ0FOIFB1YmxpYyBDQTEgLSBHNDEdMBsGA1UEAxMUSkNB
+TiBQdWJsaWMgQ0ExIC0gRzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDK6tyYGw/vkFz+af4YD0dMc/Jq6nP5BFOhC1yssDJsKP/rq5EHyT6UdI5qWV9t
+Mqgb8J41uRECvx8r98JfFCywAG1USCWKlNUgYZmoBL2qME8TuRremNb1SWPvmdF8
+WQjfISYSTAbzD04QBo3srBTh0UoOs2ySVxUq4+xEtpUnPHXsj6SG7hOMUHlEpRv6
+bUDt/B3/hux0MPE+6SHNwb7sPlR8eRgeL0u69e/whgpA0HN/G81JmIke+lXmStOp
+BQmqA92fYuBWuId3vqhX8OS59VJA3klnnvP5h1xGFP1+LuVpgS/IRmEMqITnLJrv
+8XAmFZ6gYnYhwcKNFc6do5DtAgMBAAGjggI5MIICNTAOBgNVHQ8BAf8EBAMCAQYw
+gZ0GA1UdJQSBlTCBkgYIKwYBBQUHAwQGCCsGAQUFBwMCBgorBgEEAYI3CgMEBgsr
+BgEEAYI3CgMEAQYKKwYBBAGCNwoDCwYKKwYBBAGCNxQCAQYKKwYBBAGCNxQCAgYJ
+KwYBBAGCNxUTBgkrBgEEAYI3FQUGCSsGAQQBgjcVBgYKKwYBBAGCNwoDDAYIKwYB
+BQUHAwcGCCsGAQUFBwMOMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFLmO
+zfHsei6cuetvCxzE1KwZrqFUMB8GA1UdIwQYMBaAFCnxXINiW/c/HNYSBStJoJsm
+q7OZMIGZBggrBgEFBQcBAQSBjDCBiTA8BggrBgEFBQcwAYYwaHR0cDovL29jc3Au
+Z2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290bm9udGxzc2hhMmczMEkGCCsGAQUFBzAC
+hj1odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC90cnVzdHJvb3Ru
+b250bHNzaGEyZzMuY3J0MEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwuZ2xv
+YmFsc2lnbi5jb20vdHJ1c3Ryb290bm9udGxzc2hhMmczLmNybDBNBgNVHSAERjBE
+MEIGCisGAQQBoDIBKBQwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFs
+c2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAGEIpRAK2/K8
+LaDv/F2xLakQtYpbqsQWgf95sJQ5eDQDEjmKLvuQP7yJ0EHwfXVWsOk2vO5yMRBz
+KOffnz6YWcX68gNR4vCLfo0GVyZXGKc5U6ORhPLGhymA0j3x1IdzB5XabJuBLuM2
+/SIFyWvOtns79j2klKQEHnBAsrt9X7aQF5QYZDtESzSaadmZn5c2OUXzBKerfXQZ
+2Uj0mnu68oEKxZ4MoxKudfZ7jnYKLkPTXDScvtRK/CPc2EWTQ12RVVxrYerxLmog
+3VOGpWnxG5mj2Ai3kiF/3r6lgmPKZ4JE0OkbJJETtfB4WydLONb8ABsmqsXH6uHc
+SEV5wqqcCsM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8zCCA9ugAwIBAgIQd70Ni9g5PmbUkvijnd/wBDANBgkqhkiG9w0BAQsFADBQ
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEmMCQGA1UE
+AxMdVHJ1c3RlZCBSb290IFRMUyBDQSBTSEEyNTYgRzMwHhcNMjAwNzA1MDAwMDAw
+WhcNMjYwMjI0MDAwMDAwWjBfMQswCQYDVQQGEwJCUjE3MDUGA1UEChMuU09MVVRJ
+IC0gU09MVUNPRVMgRU0gTkVHT0NJT1MgSU5URUxJR0VOVEVTIFMvQTEXMBUGA1UE
+AxMOU29sdXRpIENBIC0gT1YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDeVNxdmst2nKvut2N5tLzCGgcCVLEm3S6Qja9jC5N3XmwBjdu53tDRFplNeI1P
+3Di6682foY9VmP2pkGGCONV6QvLiX290N9DPnPesEE+GAClYrT1NdkB4XfniD3H4
+XZt8nJVarvnfD7/MwWklTutbFhLyVg38ttJ1GLJz6riyYaShwlZRKJuUzx5qlUd+
+hHdMvYg6oI3UpW2UPHi4ge41Bqv2apntVI1cxNR4pH/CDhDGYZXitqpnCukcwB9J
+2EtdDe4EprjS8tlKsHMIgaKWFsgoF90WdWgZk0Sa64b2N6TfFZCncXaaoMikntyP
+gi7xjlhP+8Wr7QTmYuhBn0FvAgMBAAGjggG4MIIBtDAOBgNVHQ8BAf8EBAMCAQYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0OBBYEFIl0C7uxUXURk+5LSyDvYW64oQfmMB8GA1UdIwQYMBaAFN5P
+190nrtV/WIHhLEesI7fGe1fvMIGTBggrBgEFBQcBAQSBhjCBgzA5BggrBgEFBQcw
+AYYtaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290dGxzc2hhMmcz
+MEYGCCsGAQUFBzAChjpodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2Vy
+dC90cnVzdHJvb3R0bHNzaGEyZzMuY3J0MEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6
+Ly9jcmwuZ2xvYmFsc2lnbi5jb20vdHJ1c3Ryb290dGxzc2hhMmczLmNybDBWBgNV
+HSAETzBNMEEGCSsGAQQBoDIBFDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5n
+bG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgIwDQYJKoZIhvcNAQEL
+BQADggEBABGKFQiY6Z2vCsRHBuTD3jRPnBV+0YrWKYIkpOqVG74Go8L1tnOYSHz0
+5vAKhZhhGflfQRBA77ylnIj27vNvwav7NHkUPxEfkUlqjJKPBCsAAwa53QzF9icU
+oxR715PRWKDwVC4tYla40lI2IFK3ee100eiUdrgwF/NNmqhFmCg85dfCV69J1NVf
+1H+nWkVvboSLHSxGJGFLURGTICvnn1XlGbIdXmCZjQ3/krGowK1y5qI2mDW8P2Ha
+irCFjLWMAaeYuGrZTbeh7WyT2fOd19SKQPx74V1zIyksk8gpNXTV07S0eXTqozjM
+/+mUs7WvVhPXdx+GA+fzXuc+Q2geAiY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHcDCCBVigAwIBAgIQEnN3l6MViG3+t2x+aloDVDANBgkqhkiG9w0BAQsFADBr
+MQswCQYDVQQGEwJJVDEOMAwGA1UEBwwFTWlsYW4xIzAhBgNVBAoMGkFjdGFsaXMg
+Uy5wLkEuLzAzMzU4NTIwOTY3MScwJQYDVQQDDB5BY3RhbGlzIEF1dGhlbnRpY2F0
+aW9uIFJvb3QgQ0EwHhcNMjAwNzA2MDYzNjUwWhcNMzAwOTIyMTEyMjAyWjCBhDEL
+MAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNh
+biBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMS8wLQYDVQQDDCZBY3Rh
+bGlzIERvbWFpbiBWYWxpZGF0aW9uIFNlcnZlciBDQSBHMzCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBALVGM4gsi80jpqFUmuK3Z0QKmhrCyEytbycoy44/
+0IN9lOxS8RHPHgqOOCwrK+WaFlELgfpv2Yx9HI4bMvZUeKKSBNgOTpxceBzUIIv7
+T9eoeN9lrzSlbcdLq0TZFl2iNuBFKzMVhu3W+bb+UKR3JvrxFmjfHv9KuUJK6LgI
+xlfQaLCpXf25FMk1lSCqmgSVmRc59rIa2PNwHTnRcGqOHCX7kPQJ88JHjNGLHbVj
+8QuOCLdZB7rADR2jsJ1p7rZAMksbNJ9gWdlmA3H0s9Z/4SJIU7R4RIcOpVzNqHo8
+Jv4OhDo4ZoBysdaxDN7sRvTJos/2QAVB7/aPFanIQlaZpFBnZIzufAQ58FkbcBJY
+ZQf9lysjemiHJbqYrokqseaQ0NXOh36D2cEk6CIFK4j6D388K1gi1scikGz3GTei
+QXAxCaHwuco8e7cjzHRV5C+a/DBhEcErKNp0i1w20gYOdKpQTiu8IETYu8epjmIH
+2BSJKWDwlDIDpiJAvtNmrKj2xYL+1F8nOJyEcx/M4mMrK5wdN2oWWSIiUwA0zUhg
+0K21w2is0J2QuCBnDE+fL9FTud5V7Uq9w4ZaKgsQtzAjq9+vhIzfEbAZZnnr1odI
+VTSCcPVSd4mm6RDBWpbKIYCPpctov0kIYyowjUzZ4H26AsjVuOHk1Y0KszIQIvWz
+gDIpAgMBAAGjggH0MIIB8DAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFFLY
+iDrIn3hm7YnzezhwlMkCAjbQMEEGCCsGAQUFBwEBBDUwMzAxBggrBgEFBQcwAYYl
+aHR0cDovL29jc3AwNS5hY3RhbGlzLml0L1ZBL0FVVEgtUk9PVDBFBgNVHSAEPjA8
+MDoGBFUdIAAwMjAwBggrBgEFBQcCARYkaHR0cHM6Ly93d3cuYWN0YWxpcy5pdC9h
+cmVhLWRvd25sb2FkMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATCB4wYD
+VR0fBIHbMIHYMIGWoIGToIGQhoGNbGRhcDovL2xkYXAwNS5hY3RhbGlzLml0L2Nu
+JTNkQWN0YWxpcyUyMEF1dGhlbnRpY2F0aW9uJTIwUm9vdCUyMENBLG8lM2RBY3Rh
+bGlzJTIwUy5wLkEuJTJmMDMzNTg1MjA5NjcsYyUzZElUP2NlcnRpZmljYXRlUmV2
+b2NhdGlvbkxpc3Q7YmluYXJ5MD2gO6A5hjdodHRwOi8vY3JsMDUuYWN0YWxpcy5p
+dC9SZXBvc2l0b3J5L0FVVEgtUk9PVC9nZXRMYXN0Q1JMMB0GA1UdDgQWBBRCg22A
+fAmEZ/2AV6vxJvV3yCKCcTAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQAD
+ggIBACeAFKdmcRaIJbdy6mSR+NXzZulMEx3D3gsmOtd8Or0xcK351UH+uKZuAOQJ
+T/9vODD7/kVD46Ln2M9soJigiyxSRc+Pano2cpT/viqyYZEwIC1JKQWy1dsZNI4k
+c3gJMuN+KOu9gSjlXgyn+pTcjiFC7iWbpO4tt3HNtKjRkCBXGtp9mE4pQr7eyn3l
+14Rf+E++3eMVsp39YZ7yUjUJzFiMGoPuwPaEsqnj0FYytJ7vqLzsHXGhvr3C3K8S
+Xzs5yQdgmGUDrkSHI1Bg0mlSQ1I9g4L3NKzZVJFbBW4p5AvbjmWQFMek0MOSVFNA
+0J6NduiOMRCMtdCrEySiK8rai+UwVHXMDJwy016aodBsjmlydSgbSq9CWlKNQaUs
+tB3NHgzbZRexvXMP0BaPB0QyzWLZ2cMQ9DtaTtsvWFQn7J00FYPV9ZG3MMkBId+5
+qk/q8c6UZ3u5kdehslZ31p40ptT1cNK0U/mRnMg2OzAR/l62Uq5v+Z6ZTiD469iR
+2Tb24vQGa7G4NB8nMyC/MxPtmKlwLd1PTIlLpnkqvX266b3HAPGDyJj2B7NzEtIm
+9WSR5HM+J+GFzssAyI/feJxA1cdLiOIyHtdMMRMjlsUxaMWsNzf55bifWl7Zttxm
+M14ovZrkI+kjvfoT83bXDOgsB5E5TZFg6q5azRdkx6AHC8ah
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHdTCCBV2gAwIBAgIQXDs/N638KP4Pz9Or+D+FUTANBgkqhkiG9w0BAQsFADBr
+MQswCQYDVQQGEwJJVDEOMAwGA1UEBwwFTWlsYW4xIzAhBgNVBAoMGkFjdGFsaXMg
+Uy5wLkEuLzAzMzU4NTIwOTY3MScwJQYDVQQDDB5BY3RhbGlzIEF1dGhlbnRpY2F0
+aW9uIFJvb3QgQ0EwHhcNMjAwNzA2MDcyMDU1WhcNMzAwOTIyMTEyMjAyWjCBiTEL
+MAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNh
+biBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMTQwMgYDVQQDDCtBY3Rh
+bGlzIE9yZ2FuaXphdGlvbiBWYWxpZGF0ZWQgU2VydmVyIENBIEczMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAs73Ch+t2owm3ayTkyqy0OPuCTiybxTyS
+4cU4y0t2RGSwCNjLh/rcutO0yoriZxVtPrNMcIRQ544BQhHFt/ypW7e+t8wWKrHa
+r3BkKwSUbqNwpDWP1bXs7IJTVhHXWGAm7Ak1FhrrBmtXk8QtdzTzDDuxfFBK7sCL
+N0Jdqoqb1V1z3wsWqAvr4KlSCFW05Nh4baWm/kXOmb8U+XR6kUmuoVvia3iBhotR
+TzAHTO9SWWkgjTcir/nhBvyL2RoqkgYyP/k50bznaVOGFnFWzfl0XnrM/salfCBh
+O0/1vNaoU8elR6AtbdCFAupgQy95GuFIRVS8n/cF0QupfPjUl+kGSLzvGAc+6oNE
+alpAhKIS/+P0uODzRrS9Eq0WX1iSj6KHtQMNN4ZKsS4nsuvYCahnAc0QwQyoduAW
+iU/ynhU9WTIEe1VIoEDE79NPOI2/80RqbZqdpAKUaf0FvuqVXhEcjiJJu+d0w9YN
+b7gurd6xkaSXemW/fP4idBiNkd8aCVAdshGQYn6yh+na0Lu5IG88Z2kSIFcXDtwy
+zjcxkW86pwkO6GekEomVBNKcv0Cey2Smf8uhpZk15TSCeyFDrZBWH9OsDst/Tnhz
+pN156Huw3M3RRdEegt33fcyPykgt0HThxrEv9DwOzhs6lCQ5RNQJO7ZvZF1ZiqgT
+FOJ6vs1xMqECAwEAAaOCAfQwggHwMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgw
+FoAUUtiIOsifeGbtifN7OHCUyQICNtAwQQYIKwYBBQUHAQEENTAzMDEGCCsGAQUF
+BzABhiVodHRwOi8vb2NzcDA1LmFjdGFsaXMuaXQvVkEvQVVUSC1ST09UMEUGA1Ud
+IAQ+MDwwOgYEVR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hY3RhbGlz
+Lml0L2FyZWEtZG93bmxvYWQwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB
+MIHjBgNVHR8EgdswgdgwgZaggZOggZCGgY1sZGFwOi8vbGRhcDA1LmFjdGFsaXMu
+aXQvY24lM2RBY3RhbGlzJTIwQXV0aGVudGljYXRpb24lMjBSb290JTIwQ0EsbyUz
+ZEFjdGFsaXMlMjBTLnAuQS4lMmYwMzM1ODUyMDk2NyxjJTNkSVQ/Y2VydGlmaWNh
+dGVSZXZvY2F0aW9uTGlzdDtiaW5hcnkwPaA7oDmGN2h0dHA6Ly9jcmwwNS5hY3Rh
+bGlzLml0L1JlcG9zaXRvcnkvQVVUSC1ST09UL2dldExhc3RDUkwwHQYDVR0OBBYE
+FJ+KsbXxsd6C9Cd8vojN3qlDgaNLMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0B
+AQsFAAOCAgEAJbygMnKJ5M6byr5Ectq05ODqwNMtky8TEF3O55g6RHhxblf6OegZ
+4ui4+ElHNOIXjycbeuUGuFA4LScCC9fnI1Rnn8TI2Q7OP5YWifEfnrdp99t/tJzQ
+hfdi7ZTdRRZZGV9x+grfR/RtjT2C3Lt9X4lcbuSxTea3PHAwwi0A3bYRR1L5ciPm
+eAnYtG9kpat8/RuC22oxiZZ5FdjU6wrRWkASRLiIwNcFIYfvpUbMWElaCUhqaB2y
+YvWF8o02pnaYb4bvTCg4cVabVnojUuuXH81LeQhhsSXLwcdwSdew0NL4zCiNCn2Q
+iDZpz2biCWDggibmWxsUUF6AbqMHnwsdS8vsKXiFQJHeAdNAhA+kwpqYAdhUiCdj
+RTUdtRNUucLvZEN1OAvVYyog9xYCfhtkqgXQROMANP+Z/+yaZahaP/Vgak/V00se
+Hdh7F+B6h5HVdwdh+17E2jl+aMTfyvBFcg2H/9Qjyl4TY8NW/6v0DPK52sVt8a35
+I+7xLGLPohAl4z6pEf2OxgjMNfXXCXS33smRgz1dLQFo8UpAb3rf84zkXaqEI6Qi
+2P+5pibVFQigRbn4RcE+K2a/nm2M/o+WZTSio+E+YXacnNk71VcO82biOof+jBKT
+iC3Xi7rAlypmme+QFBw9F1J89ig3smV/HaN8tO0lfTpvm7Zvzd5TkMs=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHcjCCBVqgAwIBAgIQA6ihwkJqJUS5KwuYph1/xTANBgkqhkiG9w0BAQsFADBr
+MQswCQYDVQQGEwJJVDEOMAwGA1UEBwwFTWlsYW4xIzAhBgNVBAoMGkFjdGFsaXMg
+Uy5wLkEuLzAzMzU4NTIwOTY3MScwJQYDVQQDDB5BY3RhbGlzIEF1dGhlbnRpY2F0
+aW9uIFJvb3QgQ0EwHhcNMjAwNzA2MDczNjE0WhcNMzAwOTIyMTEyMjAyWjCBhjEL
+MAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNh
+biBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMTEwLwYDVQQDDChBY3Rh
+bGlzIEV4dGVuZGVkIFZhbGlkYXRpb24gU2VydmVyIENBIEczMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAw0vN0YzE9FFYNLnaBhFZn/fUXY7gk0Uqb9o2
+SkY/8NqSSjkms9dlP81zvv1RButC+GZ0wwap8gouorbgGpTWbrkK6dOBUe/M+2g7
+4EVJGIxktFhtmMpZFE5/xU4+jk9AHsJjU9+ZYW2JwVCbCeUrlyQHwINf9mP32fCq
+2DshelzaKisIYH0HJmp3PWq1RySvfGMbZJ16yDVkrdGz3/NtExpU2Y/rH/GaCCfQ
+7o8HDj5/YdcVCAXTMLolFaqnFzI/bazfy+mhRSEkrFsGNV/4mVkraanJb7FY9bvl
+Qwj9DUlw1ehDIpbWDPl9QOFNiOlKXUe+MkCVV9eVzWn8GFu2cEm5cqrONKQhJinJ
+SEfWC6h7CwDEKCt5lJYMc3vcxWOPK4c2n8OBD0U2yZCXm486OzXkHN8D0kvyoXTV
+jbtVuZbB6b7duBuydtx/k1xkQnLbBFv3MIPg+5FFmk2rcyOtSFaFUCHVfKnQec5/
+50Lz5A4Dg97pvFZIgfJFq4KM0gm0clr3JKop7393WrOlSVC0a0cfB854j79Y0VDJ
+ZSXNTDC1yJ72DWuDGycE2b2kN2zSVlfIxMPeoNN3LVZO5QTJ+ts54YfWT5dbZ6JF
+QoAfi65OhTtjaCkafIdKk5ewnURQ1ZeocOEvhsRdeKoV669eOQBQMz8N/kKdJCVq
+ffS9xLECAwEAAaOCAfQwggHwMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU
+UtiIOsifeGbtifN7OHCUyQICNtAwQQYIKwYBBQUHAQEENTAzMDEGCCsGAQUFBzAB
+hiVodHRwOi8vb2NzcDA1LmFjdGFsaXMuaXQvVkEvQVVUSC1ST09UMEUGA1UdIAQ+
+MDwwOgYEVR0gADAyMDAGCCsGAQUFBwIBFiRodHRwczovL3d3dy5hY3RhbGlzLml0
+L2FyZWEtZG93bmxvYWQwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMIHj
+BgNVHR8EgdswgdgwgZaggZOggZCGgY1sZGFwOi8vbGRhcDA1LmFjdGFsaXMuaXQv
+Y24lM2RBY3RhbGlzJTIwQXV0aGVudGljYXRpb24lMjBSb290JTIwQ0EsbyUzZEFj
+dGFsaXMlMjBTLnAuQS4lMmYwMzM1ODUyMDk2NyxjJTNkSVQ/Y2VydGlmaWNhdGVS
+ZXZvY2F0aW9uTGlzdDtiaW5hcnkwPaA7oDmGN2h0dHA6Ly9jcmwwNS5hY3RhbGlz
+Lml0L1JlcG9zaXRvcnkvQVVUSC1ST09UL2dldExhc3RDUkwwHQYDVR0OBBYEFKtB
+c/BvUNBp/XMXq4mza2LtvXxLMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF
+AAOCAgEAnWMeR4BLRiemkhxXVt1Xc06ip2isGdixlsVsmsNUPzzrgNOpJrb4G9vR
+WehI5KXRBROYEnvUSL9/59nDj6fS0Qnh6s8zL8ATeEGzsYiKS2wgTeP7kNfEPlbZ
+qEATY1VK8Yn8+MBO+o3xjnLxddV3GdDOgitmHAEjc5QdO0Di0hCCfH/5/FT5f56o
+cisJtQOm2Sohnd7v8wlS+pBG0tffqKIlI9dyEp1X5Ko80UY7MROIhc4eAu8Acycj
++R9FiFLXSk8KRszRVE8gmBd5P7Ug3nflv3MACOelxkbDu/CREsAv9IXQcwGDzhpx
+UMvWAKfqHUwFcAigG6mhqFZ5TXTE/eIW6p0IkojsamuAc5BaroO9uDF0esxaFG1O
+o1LP1UR1uUMcCwGtJm7JZBmUcSp5+pQmLav4EkIBhIULbhtnxO36TeYyRZRySw9h
+0N1XnROIncQdaUlAMeNsJYEFr4OTDJCfy8nhguiV9+7fTdK4VSB2wTEBY0ZBGAOT
+yHmaCz0iX+ZNBf058Fy2xsyMMBJ01Ae1aKcTJO2c/4fP+82p2uk40ak+ZT5kQVtG
+TkFoHkGquXTAx9zgeXihddz2LrxyeePZ6Va8Z2ZLBcBRE/cpGIQvtRMeXB/F/uOO
+Hjdno388OrB6CiPlz8C6KBTPdHjuUHkvGQxImgYIfC2MxdE50IU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHbTCCBVWgAwIBAgIQFxA+3j2KHLXKBlGT58pDazANBgkqhkiG9w0BAQsFADBr
+MQswCQYDVQQGEwJJVDEOMAwGA1UEBwwFTWlsYW4xIzAhBgNVBAoMGkFjdGFsaXMg
+Uy5wLkEuLzAzMzU4NTIwOTY3MScwJQYDVQQDDB5BY3RhbGlzIEF1dGhlbnRpY2F0
+aW9uIFJvb3QgQ0EwHhcNMjAwNzA2MDg0NTQ3WhcNMzAwOTIyMTEyMjAyWjCBgTEL
+MAkGA1UEBhMCSVQxEDAOBgNVBAgMB0JlcmdhbW8xGTAXBgNVBAcMEFBvbnRlIFNh
+biBQaWV0cm8xFzAVBgNVBAoMDkFjdGFsaXMgUy5wLkEuMSwwKgYDVQQDDCNBY3Rh
+bGlzIENsaWVudCBBdXRoZW50aWNhdGlvbiBDQSBHMzCCAiIwDQYJKoZIhvcNAQEB
+BQADggIPADCCAgoCggIBAO3mh5ahwaS27cJCVfc/Dw8iYF8T4KZDiIZJkXkcGy8a
+UA/cRgHu9ro6hsxRYe/ED4AIcSlarRh82HqtFSVQs4ZwikQW1V/icCIS91C2IVAG
+a1YlKfedqgweqky+bBniUvRevVT0keZOqRTcO5hw007dL6FhYNmlZBt5IaJs1V6I
+niRjokOHR++qWgrUGy5LefY6ACs9gZ8Bi0OMK9PZ37pibeQCsdmMRytl4Ej7JVWe
+M/BtNIIprHwO1LY0/8InpGOmdG+5LC6xHLzg53B0HvVUqzUQNePUhNwJZFmmTP46
+FXovxmH4/SuY5IkXop0eJqjN+dxRHHizngYUk1EaTHUOcLFy4vQ0kxgbjb+GsNg6
+M2/6gZZIRk78JPdpotIwHnBNtkp9wPVH61NqdcP7kbPkyLXkNMTtAfydpmNnGqqH
+LEvUrK4iBpUPG9C09KOjm9OyhrT2uf5SLzJsee9g79r/rw4hAgcsZtR3YI6fCbRO
+JncmD+hgbHCck+9TWcNc1x5xZMgm8UXmoPamkkfceAlVV49QQ5jUTgqneTQHyF1F
+2ExXmf47pEIoJMVxloRIXywQuB2uqcIs8/X6tfsMDynFmhfT/0mTrgQ6xt9DIsgm
+WuuhvZhLReWS7oeKxnyqscuGeTMXnLs7fjGZq0inyhnlznhA/4rl+WdNjNaO4jEv
+AgMBAAGjggH0MIIB8DAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFFLYiDrI
+n3hm7YnzezhwlMkCAjbQMEEGCCsGAQUFBwEBBDUwMzAxBggrBgEFBQcwAYYlaHR0
+cDovL29jc3AwNS5hY3RhbGlzLml0L1ZBL0FVVEgtUk9PVDBFBgNVHSAEPjA8MDoG
+BFUdIAAwMjAwBggrBgEFBQcCARYkaHR0cHM6Ly93d3cuYWN0YWxpcy5pdC9hcmVh
+LWRvd25sb2FkMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDCB4wYDVR0f
+BIHbMIHYMIGWoIGToIGQhoGNbGRhcDovL2xkYXAwNS5hY3RhbGlzLml0L2NuJTNk
+QWN0YWxpcyUyMEF1dGhlbnRpY2F0aW9uJTIwUm9vdCUyMENBLG8lM2RBY3RhbGlz
+JTIwUy5wLkEuJTJmMDMzNTg1MjA5NjcsYyUzZElUP2NlcnRpZmljYXRlUmV2b2Nh
+dGlvbkxpc3Q7YmluYXJ5MD2gO6A5hjdodHRwOi8vY3JsMDUuYWN0YWxpcy5pdC9S
+ZXBvc2l0b3J5L0FVVEgtUk9PVC9nZXRMYXN0Q1JMMB0GA1UdDgQWBBS+l6mqhL+A
+vxBTfQky+eEuMhvPdzAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIB
+ACab5xtZDXSzEgPp51X3hICFzULDO2EcV8em5hLfSCKxZR9amCnjcODVfMbaKfdU
+ZXtevMIIZmHgkz9dBan7ijGbJXjZCPP29zwZGSyCjpfadg5s9hnNCN1r3DGwIHfy
+LgbcfffDyV/2wW+XTGbhldnazZsX892q+srRmC8XnX4ygg+eWL/AkHDenvbFuTlJ
+vUyd5I7e1nb3dYXMObPu24ZTQ9/K1hSQbs7pqecaptTUjoIDpBUpSp4Us+h1I4MA
+WonemKYoPS9f0y65JrRCKcfsKSI+1kwPSanDDMiydKzeo46XrS0hlA5NzQjqUJ7U
+suGvPtDvknqc0v03nNXBnUjejYtvwO3sEDXdUW5m9kjNqlQZXzdHumZJVqPUGKTW
+cn9Hf3d7qbCmmxPXjQoNUuHg56fLCanZWkEO4SP1GAgIA7SyJu/yffv0ts7sBFrS
+TD3L2mCAXM3Y8BfblvvDSf2bvySm/fPe9brmuzrCXsTxUQc1+/z5ydvzV3E3cLnU
+oSXP6XfXNyEVO6sPkcUSnISHM798xLkCTB5EkjPCjPE2zs4v9L9JVOkkskvW6RnW
+WccdfR3fELNHL/kep8re6IbbYs8Hn5GM0Ohs8CMDPYEox+QX/6/SnOfyaqqSilBo
+nMQBstsymBBgdEKO+tTHHCMnJQVvZn7jRQ20wXgxMrvN
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFjTCCBHWgAwIBAgIQa4crboHY9a08fWQW63QGgTANBgkqhkiG9w0BAQsFADA8
+MR4wHAYDVQQDDBVBdG9zIFRydXN0ZWRSb290IDIwMTExDTALBgNVBAoMBEF0b3Mx
+CzAJBgNVBAYTAkRFMB4XDTIwMDcwNzA2MTk0MVoXDTMwMDcwNTA2MTk0MVowRjEo
+MCYGA1UEAwwfQXRvcyBUcnVzdGVkUm9vdCBDbGllbnQtQ0EgMjAyMDENMAsGA1UE
+CgwEQXRvczELMAkGA1UEBhMCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCf4V1Zyni09kfp2I3ulSLam+dujxBVVPe24vlcX3mdk+oSSusS0KSzreRm
+RDH0VzaS9hic85CemVTH+jfyNNFBxhXa2kKLydt1yxtJ3TRFAMRUEWK5aVkKkV7g
+101n6O82bW5M7PaxnlLwb6C7+XwlpKHzMaSmiBFOiBMCxJP0AGB0hgU+F0XhvNwQ
+P+Wx4rq6v7m5DJqx8qoe0nyA+dOEDJJiOF7o330he2QkbkAzgxd0MoQ+T9igaLaj
+SwywwxGpuKE/Vt/y/YC025hWYS6htwFeJqtcjWStKiINuqOLBQeI+orAg3nGyQaP
+hp6h5gIlKO4saEye6KaFYBYWiuLHAgMBAAGjggJ/MIICezASBgNVHRMBAf8ECDAG
+AQH/AgEAMB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZbNshMHYGCCsGAQUF
+BwEBBGowaDBABggrBgEFBQcwAoY0aHR0cDovL3BraS5hdG9zLm5ldC9Eb3dubG9h
+ZC9BdG9zVHJ1c3RlZFJvb3QyMDExLmNlcjAkBggrBgEFBQcwAYYYaHR0cDovL3Br
+aS1vY3NwLmF0b3MubmV0MEUGA1UdIAQ+MDwwOgYMKwYBBAGwLQUBAQEBMCowKAYI
+KwYBBQUHAgEWHGh0dHA6Ly9wa2kuYXRvcy5uZXQvRG93bmxvYWQwQgYDVR0lBDsw
+OQYIKwYBBQUHAwIGCCsGAQUFBwMEBgsrBgEEAYI3CgMEAQYKKwYBBAGCNwoDBAYK
+KwYBBAGCNxQCAjCCARAGA1UdHwSCAQcwggEDMIHAoHygeoZ4bGRhcDovL3BraS1s
+ZGFwLmF0b3MubmV0L2NuPUF0b3MlMjBUcnVzdGVkUm9vdCUyMDIwMTEsb3U9Q0Es
+b3U9QXRvcyUyMFRDLG89QXRvcyxkYz1hdG9zLGRjPW5ldD9jZXJ0aWZpY2F0ZVJl
+dm9jYXRpb25MaXN0okCkPjA8MR4wHAYDVQQDDBVBdG9zIFRydXN0ZWRSb290IDIw
+MTExDTALBgNVBAoMBEF0b3MxCzAJBgNVBAYTAkRFMD6gPKA6hjhodHRwOi8vcGtp
+LWNybC5hdG9zLm5ldC9jcmwvQXRvc19UcnVzdGVkUm9vdF9DQV8yMDExLmNybDAd
+BgNVHQ4EFgQUic/rfY3vSDFHRv5Ls216VKPjrQMwDgYDVR0PAQH/BAQDAgGGMA0G
+CSqGSIb3DQEBCwUAA4IBAQBC9Zgk2914Z1W+KQdVj7z6Mc3UtR5lDfJysKKiXUkH
+Ua0v31hRcyrdXspXxddBdaRAdQIl8/S6AR9yJ0vMszqqpE7Cv0xewklx/jaV6Zpo
+lezUex0dx2xUW7uAcLSX3ixXfuIBO4zzhJPVRzViK4GmeuqVncuDcGF++PB1x1rP
+wzc93BpkW51x0e/g5zTrOR5BMt/OPv1dlOExDunoT1V7C+Lx++qffftVlu7NmGz7
+ooM8CovTmdBou8nL1Mmqt1sbXbvKCWkg8KSKpGMkOJ+ZIagYyFKjbcQrYBwmXuGM
+kWHfSxUu3WoGhIrtJ6fWM3ZyN78aG07Fx7kiJDyV1902
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHQzCCBSugAwIBAgIQb0MAHcMhZr/fKa/XOYax9TANBgkqhkiG9w0BAQsFADCB
+pjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVu
+aWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRo
+b3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJ
+bnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMjAwNzA4MDgxNzAzWhcNMzUwNzA1
+MDgxNzAzWjCBvDELMAkGA1UEBhMCR1IxKzApBgNVBAoMIkdyZWVrIFVuaXZlcnNp
+dGllcyBOZXR3b3JrIChHVW5ldCkxGDAWBgNVBGEMD1ZBVEdSLTA5OTAyODIyMDE3
+MDUGA1UECwwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0
+aW9ucyBDQTEtMCsGA1UEAwwkSEFSSUNBIEluc3RpdHV0aW9uYWwgQ2xpZW50IFN1
+YkNBIFIxMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAhqPiZy8PBAk0
+eEhA93m++nJ5mMFETtgYJrwAJPL3VZkDtO/+wySSLGoe/S3foj6dAMu6y+2u71Y3
+ec40rESoe/iLbfnc0oO0lOmiu6nwNhN+B/+tmRN2biR32eRW36aQ9MmXnYUauZR1
+SQ/LRYdFc905dhSlr0SbPeaMb7ISlUp4TkdwLVxfx6NsRi9F6cvG+uPa9wmkr6aF
+/0kld4pC8Z9iqDKugoUMaI3nLFU3Wy6aejGSe1Lo6g7ZRMmiSZ2UtPdM0Zi8TD0t
++7WkOv4U4nmPHUO3WEqgjdB1LaEoJ3VW8Oi1woOYsrRY9DVev6/uVM3VJVyEP5M9
+VQb59gx0Z/piOuaYXQxKYzmoc2i3q4FiIuvuMpob95BB6OQK3ltjvvJsN5e2ajMP
+tMxHM6l52UiCwa7HQw2ovXqtu4aFZJHK6UGJdJG1NSjbe/GsWAI4OEggUk7bzW44
+CQhAkXQij7/k5nYxeMdWCufB/Gpq9KHOIh42oEDUUD+tZjJObyBhL3+shx6osfZ1
+je5UhdrTWHQSE+49b+0FHuGgQHg8mYaJJctljAbsO36vQ0n8UlVnbUFq8HM9L8xi
+xLAlH0tkX/3EfPGg94zkJKnoLFTO+XsO0+OI+8M93y5czCD0a4JIyFt1/9XXl3+T
+8q7Vhb6Y6K/4ZPcigHS3kN4aRqd79OsCAwEAAaOCAVMwggFPMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHwYDVR0jBBgwFoAUcRVnyMjJvXVdctA4GGqd83EkVAswbwYIKwYB
+BQUHAQEEYzBhMDwGCCsGAQUFBzAChjBodHRwOi8vcmVwby5oYXJpY2EuZ3IvY2Vy
+dHMvSGFyaWNhUm9vdENBMjAxNS5jcnQwIQYIKwYBBQUHMAGGFWh0dHA6Ly9vY3Nw
+LmhhcmljYS5ncjARBgNVHSAECjAIMAYGBFUdIAAwKQYDVR0lBCIwIAYIKwYBBQUH
+AwIGCCsGAQUFBwMEBgorBgEEAYI3CgMMMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6
+Ly9jcmwuaGFyaWNhLmdyL0hhcmljYVJvb3RDQTIwMTUuY3JsMB0GA1UdDgQWBBTN
+6UtrXSizepINisRf5E4w9athaTAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL
+BQADggIBAF94rSwsHZHLww/rgO/TmQMLrkEPumpGpgGNjwvPBroJ3/A6lW/O9fOC
+CdFguWBs5GMKPoQeKtskumhiKq3jOuLXK0SH3oNYfiU6DJ/fIz03rE7STuX2hNYW
+UIcInzfSO4DnWLOcOX/9dq4uYfpVh3WFSSk8xlPycXsv0QGCJjyquQaY23wJDrQ/
+drpP7ZhZ2qpa1BhI4trwuijGMCFuHRXVPhcRkquI//MPUoRXf0vPjgqbP4S9etC8
+y5mV5rfVvvX26jIjpN8UnJEJetRhUQmt762fNseHEdLCzHVuX9wBU17rsD/VUL2b
+HWUXgASLB4mgXAGkGiAohDU8u51QsZg8Rej6V6PsyVw5nbtm/Bw5YoKX2rX6x5lq
+5tvK6XA1ybTkG6Caf+1xgMWoCOUJsHOyrfHw4vP/LPfW5e1i/mp99K15qIDX7ZXN
+OJhQ9bQ03tG/nQ3L8SS1tMCTfryhiHOeDSzYGhHrUDKZds9MlVHqUos92ndbGYmE
+NqA4XU0uygWvnEcgGRbfXADQy0sU/S71kkfAzKESTU8YLKr5PXnC28i5pgdpszXl
+NB0svDtr/hMcYk1KQQglzTypOalWKUG3IW0dRjGoNjoYG1b+cL5xAPKeRPkM2z3h
+fDn6pi2iEH4PDy68HRuwOERrUZ4Mb+tYvFpClafMNcOo70N71C7b
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFfjCCBGagAwIBAgIQYLhZ8Y/3NW90Cn5tPWQvdTANBgkqhkiG9w0BAQsFADA8
+MR4wHAYDVQQDDBVBdG9zIFRydXN0ZWRSb290IDIwMTExDTALBgNVBAoMBEF0b3Mx
+CzAJBgNVBAYTAkRFMB4XDTIwMDcwODA5MTMwNVoXDTMwMDcwNjA5MTMwNVowXDE+
+MDwGA1UEAww1QXRvcyBUcnVzdGVkUm9vdCBDbGllbnQtQ0EgZm9yIFdpbnRlcnNo
+YWxsIERlYSAyIDIwMjAxDTALBgNVBAoMBEF0b3MxCzAJBgNVBAYTAkRFMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVfSFeOnxMJyckTrmOMZjAybEXwv
+dWfWz5aIzDPGTw5Cvw43TrgdUL18HVoabvkc3bEiI3fkwlhTGaeeARQVK0tMefrJ
+INCJ5da/u5A353q7S8McMA0+7yiqeE8B3fJQh0BMdU1mZD/FOVfK1unZk92R5lPW
+ct5wLUiVVL6MuiwNXWtbDLaYlhcNoaywXbkGj2j/DV4hlE6Q1Pjkljz1GdOkLEe5
+SBi0/jDyxT9skVuyWOeKOP6rJNYtcnmwNwMuSdWZDftQRdIrb31DzU2DN4l7FWDt
+nELojRAbGkLvYVH1ZzzIgNaRCgtGyYepK7EK9UME8jo6UgH1DJ85GqVgnwIDAQAB
+o4ICWjCCAlYwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBSnpQaxLKYJ
+YO7Rl+lwrrw7GWzbITB2BggrBgEFBQcBAQRqMGgwQAYIKwYBBQUHMAKGNGh0dHA6
+Ly9wa2kuYXRvcy5uZXQvRG93bmxvYWQvQXRvc1RydXN0ZWRSb290MjAxMS5jZXIw
+JAYIKwYBBQUHMAGGGGh0dHA6Ly9wa2ktb2NzcC5hdG9zLm5ldDBFBgNVHSAEPjA8
+MDoGDCsGAQQBsC0FAQEBATAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcGtpLmF0b3Mu
+bmV0L0Rvd25sb2FkMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDCCARAG
+A1UdHwSCAQcwggEDMIHAoHygeoZ4bGRhcDovL3BraS1sZGFwLmF0b3MubmV0L2Nu
+PUF0b3MlMjBUcnVzdGVkUm9vdCUyMDIwMTEsb3U9Q0Esb3U9QXRvcyUyMFRDLG89
+QXRvcyxkYz1hdG9zLGRjPW5ldD9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0okCk
+PjA8MR4wHAYDVQQDDBVBdG9zIFRydXN0ZWRSb290IDIwMTExDTALBgNVBAoMBEF0
+b3MxCzAJBgNVBAYTAkRFMD6gPKA6hjhodHRwOi8vcGtpLWNybC5hdG9zLm5ldC9j
+cmwvQXRvc19UcnVzdGVkUm9vdF9DQV8yMDExLmNybDAdBgNVHQ4EFgQU8aa9Ba8D
+p+V5duEQIMG19gnSmw8wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IB
+AQAd+NLOZxxrb7uuOOZRbQsnDsKebgLDGlf9fMfrGPCKaW4L3QgkSN3UY890GNAe
+jYAITGQoYmCRuO/7p7Eou+k2oe36ggkZ3dQWGKD5QxaOsBPrgcuyqBICBfte9dl4
+bGvQHjKl/I6R6e0UqHJU/jjTcqiqAOFEzcGLx/OZa6MZQsaVi5KXznp41WuD2dVO
+1Dd42Zpm6MUKecmQyNQYp0D7vTDRL5uSnz64nIQFjcn5Wa2tFXGc6Ku9KZ9bcSeI
+76zFLlJlbw+ZkDcOQT1xipuuYu6H2iws5qtPnjNb5wHTwfTfStnXy6zaMGZD2LUx
+jyEQNE5dW4yFZoBdddYz96tf
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFnTCCBIWgAwIBAgIQcBgKxB6x9gstwDBDop0uCjANBgkqhkiG9w0BAQsFADA8
+MR4wHAYDVQQDDBVBdG9zIFRydXN0ZWRSb290IDIwMTExDTALBgNVBAoMBEF0b3Mx
+CzAJBgNVBAYTAkRFMB4XDTIwMDcwODA5MTcxM1oXDTMwMDcwNjA5MTcxM1owVjE4
+MDYGA1UEAwwvQXRvcyBUcnVzdGVkUm9vdCBDbGllbnQtQ0EgZm9yIFdvcmxkbGlu
+ZSAyIDIwMjAxDTALBgNVBAoMBEF0b3MxCzAJBgNVBAYTAkRFMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVRv6NeAzm+yAMyO7/gqTyCm63JgqAOcQ9VA
+dE2w0N+cOSFngg9G52zfmYB6H2GxTrL1etIh1aFzqjxXBBm218yOpA5dfAY3Wnbc
+taNuguM1ry1Xin562xyyjIKKXym0Ca0mcA+CvGXlLJICRwyh+xHzRePG9+u5L4Hg
+75S0qlWciRLcGnxpZNPmr8rNFWWkL/CVCA9FbBx4SSxZVUH7cWRiH2klSguNWNUm
+3Fgp3WmeHu/0pKRa+lXHdiQRQFLrgpEafiedP3D/4+F1oXkphcAgOs+szg1YoIyX
+bunsgsXlLZEmb1sEMrdnDGy8RbQyi1+9/zBAkybHHXUSi33nSwIDAQABo4ICfzCC
+AnswEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBSnpQaxLKYJYO7Rl+lw
+rrw7GWzbITB2BggrBgEFBQcBAQRqMGgwQAYIKwYBBQUHMAKGNGh0dHA6Ly9wa2ku
+YXRvcy5uZXQvRG93bmxvYWQvQXRvc1RydXN0ZWRSb290MjAxMS5jZXIwJAYIKwYB
+BQUHMAGGGGh0dHA6Ly9wa2ktb2NzcC5hdG9zLm5ldDBFBgNVHSAEPjA8MDoGDCsG
+AQQBsC0FAQEBATAqMCgGCCsGAQUFBwIBFhxodHRwOi8vcGtpLmF0b3MubmV0L0Rv
+d25sb2FkMEIGA1UdJQQ7MDkGCCsGAQUFBwMCBggrBgEFBQcDBAYLKwYBBAGCNwoD
+BAEGCisGAQQBgjcKAwQGCisGAQQBgjcUAgIwggEQBgNVHR8EggEHMIIBAzCBwKB8
+oHqGeGxkYXA6Ly9wa2ktbGRhcC5hdG9zLm5ldC9jbj1BdG9zJTIwVHJ1c3RlZFJv
+b3QlMjAyMDExLG91PUNBLG91PUF0b3MlMjBUQyxvPUF0b3MsZGM9YXRvcyxkYz1u
+ZXQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdKJApD4wPDEeMBwGA1UEAwwVQXRv
+cyBUcnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQGEwJERTA+
+oDygOoY4aHR0cDovL3BraS1jcmwuYXRvcy5uZXQvY3JsL0F0b3NfVHJ1c3RlZFJv
+b3RfQ0FfMjAxMS5jcmwwHQYDVR0OBBYEFD5N2tgdJ2Jin1r28IJmoQvu60HCMA4G
+A1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAQEAapIPWZLTM94lZYnEqP0k
+Br8ElWwBYItbdiGIQHAuKA/E0wHHUv1mCJQbYfCXUGAVtrcKfbo0Ys0iJFtcS7CP
+tVQer8idXBSFgOrP4sN3ZZ1aEKXGjqKrnbYtLpcYLGAyXEddCMZsosMdzkupxhci
+FeaaKtHcjRw4/y9r7zfWvO/JihuIO2wIYBpjZEd5nVz/yEwRktUzSGDPE+WYZCsh
+sJxIeNRFQwTkZfERLRR9eAft1U6QAuG4pZvSaSBszZmvYDax9fYwDOsOqhQWKkTG
+LqO/2O4BqG5eFRd61UAL6hNblkmZDI7Ga+4KAxjhgSg9o1V2odXCsKQZJWEHZ6rk
+Tw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGdTCCBV2gAwIBAgIQOexs/CYaz76Jj6FFcFybCjANBgkqhkiG9w0BAQsFADCB
+gjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lzdGVtcyBFbnRlcnByaXNlIFNl
+cnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBDZW50ZXIxJTAj
+BgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwHhcNMjAwNzA5MDgy
+MjA2WhcNMzAwNzA5MjM1OTU5WjBdMQswCQYDVQQGEwJERTEcMBoGA1UECgwTRGV1
+dHNjaGUgVGVsZWtvbSBBRzEwMC4GA1UEAwwnRGV1dHNjaGUgVGVsZWtvbSBBRyBz
+ZWN1cmUgZW1haWwgQ0EgRTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAy5M9+EQVHsqVmNXrXC5cl6buFoT7jSwBAF225pQcqKS4rZjsQhcCHcKdrr8E
+5m+WTYVv4FypgnHMIV70jLnn/8JVoeQM3goNz+jJSYDKmTLB57SOvX+XpEgH50u5
+CiATD7QbNoB2U6XHPSlZn1dyZBFdvwlPe7XfHeNkCfeyxjE5LNrG5m5SHNKIGUD8
+jTq2f2FQGVDkGoJsF78fjIGNseFOo9GWqOvOe7GfONnhyMccBditlJs2O3qUtrWM
+HTL+BZuSOvcJ8K5UD8//TH2CcbAjhvftTVUkFmLlPMxd0JzxyACIDk+IfokcAQin
+xJTmGbdhBIhXUo+sc7xlGkmHHwIDAQABo4IDCTCCAwUwDgYDVR0PAQH/BAQDAgGG
+MB4GA1UdJQQXMBUGCCsGAQUFBwMEBgkrBgEEAYI3FQUwHQYDVR0OBBYEFAdHrRAe
+BvSndBFgpb2hKzeK8/NdMB8GA1UdIwQYMBaAFL9ZIDYAeaCgImuM1fJh0rgsy4JK
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwUgYDVR0gBEswSTBHBgkrBgEEAb1HDRowOjA4
+BggrBgEFBQcCARYsaHR0cDovL2NvcnBvcmF0ZS1wa2kudGVsZWtvbS5kZS9jcHMv
+Y3BraS5odG0wgfoGA1UdHwSB8jCB7zA6oDigNoY0aHR0cDovL2NybC1jcGtpLnRl
+bGVrb20uZGUvcmwvR2xvYmFsUm9vdF9DbGFzc18yLmNybDCBsKCBraCBqoaBp2xk
+YXA6Ly9sZGFwLWNwa2kudGVsZWtvbS5kZS9DTj1ULVRlbGVTZWMlMjBHbG9iYWxS
+b290JTIwQ2xhc3MlMjAyLE9VPVQtVGVsZVNlYyUyMFRydXN0JTIwQ2VudGVyLE89
+VC1TeXN0ZW1zJTIwRW50ZXJwcmlzZSUyMFNlcnZpY2VzJTIwR21iSCxDPURFP2F1
+dGhvcml0eVJldm9jYXRpb25MaXN0MIIBLAYIKwYBBQUHAQEEggEeMIIBGjAoBggr
+BgEFBQcwAYYcaHR0cDovL29jc3AudGVsZWtvbS5kZS9vY3NwcjBBBggrBgEFBQcw
+AoY1aHR0cDovL2NydC1jcGtpLnRlbGVrb20uZGUvY3J0L0dsb2JhbFJvb3RfQ2xh
+c3NfMi5jZXIwgaoGCCsGAQUFBzAChoGdbGRhcDovL2xkYXAtY3BraS50ZWxla29t
+LmRlL0NOPVQtVGVsZVNlYyUyMEdsb2JhbFJvb3QlMjBDbGFzcyUyMDIsT1U9VC1U
+ZWxlU2VjJTIwVHJ1c3QlMjBDZW50ZXIsTz1ULVN5c3RlbXMlMjBFbnRlcnByaXNl
+JTIwU2VydmljZXMlMjBHbWJILEM9REU/Y0FDZXJ0aWZpY2F0ZTANBgkqhkiG9w0B
+AQsFAAOCAQEAeVnaV3f2BmqczOBf8OLdFKrEHZoKP0BIOY3LMd+nPYddYhx5QyE0
+RSJH10voeykK0djL8XP33WysjjcQgj5yWiDeqmtskwRN1RhdEOek3PkOVjeICC9+
+Gw6gvFFtxv6dpaZImzDxCRhLz4LbL6i2619RAMQDWZr12CXoSBwFwjZ/NTOVVdpl
+pGo7z1v8FjGcoF2Y+YghJirrOKLkL2J1jb8+mwsLOjVJ2nvkI4Pc8TdIPLpbi/9X
+3Aw4sge3BVyPP2ZLkd3RGVc7CozSYgJGpNshVECs5foMvYnnYRoTaxxTcoVtfTSD
+GOfYyqspsbEI+GmJDJZT8P6c2cQM1PSd/w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE9TCCA92gAwIBAgIJIrmxcvqTGlt0MA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNV
+BAYTAkpQMSUwIwYDVQQKExxTRUNPTSBUcnVzdCBTeXN0ZW1zIENPLixMVEQuMScw
+JQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTIwHhcNMjAwNzEw
+MDQ0ODU2WhcNMjkwNTI5MDUwMDM5WjBvMQswCQYDVQQGEwJKUDEqMCgGA1UEChMh
+SmFwYW4gUmVnaXN0cnkgU2VydmljZXMgQ28uLCBMdGQuMTQwMgYDVQQDEytKUFJT
+IE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIEF1dGhvcml0eSAtIEczMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugEUcFm77dwcABYYJs+l8ubkpp0US4zC
+DOeIvvHsb/Z+RqD80kMLPlWTjB17UgKT4oG7wQGoWWdxoXB4sd58cKhf1+mFBRH/
+9myD9e0hloK3iWn8KfffpvywLD8iNOYisOaJaW5HDnmwRLeNNsRtuG0jPAghQ4wu
+2Sl0kTts7/u3nTQGDdNlnhfhYikR2mSCVLEFndUZreoUq2q5nuPAzxT943Ct6sAd
+orC8F+B1GZNk/Q3rwCTYuIb/3l1wB1jYugZQiYH8jrN+H3Q1ncgla5lhq7Mow2Vm
+sUgo7Ut/PuqHfs0eVK8oxra97RxS4dL6nOJNWupXJzsFCMjU87Lf7wIDAQABo4IB
+pDCCAaAwHQYDVR0OBBYEFKEQFdgb/p5Omk4d8rZfQROCHUFTMB8GA1UdIwQYMBaA
+FAqFqXdlBZh8QIH4D5csOPEK7DzPMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0P
+AQH/BAQDAgEGMEkGA1UdHwRCMEAwPqA8oDqGOGh0dHA6Ly9yZXBvc2l0b3J5LnNl
+Y29tdHJ1c3QubmV0L1NDLVJvb3QyL1NDUm9vdDJDUkwuY3JsMFIGA1UdIARLMEkw
+RwYKKoMIjJsbZIcFBDA5MDcGCCsGAQUFBwIBFitodHRwczovL3JlcG9zaXRvcnku
+c2Vjb210cnVzdC5uZXQvU0MtUm9vdDIvMIGFBggrBgEFBQcBAQR5MHcwMAYIKwYB
+BQUHMAGGJGh0dHA6Ly9zY3Jvb3RjYTIub2NzcC5zZWNvbXRydXN0Lm5ldDBDBggr
+BgEFBQcwAoY3aHR0cDovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9v
+dDIvU0NSb290MmNhLmNlcjATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0B
+AQsFAAOCAQEAjxg0fHoBxx3WPV4ITiCeWZWcbnN2t1mJZpIzozaJHJW5jT77U7OE
+mHOsujQUqSUgxVU5/zpVzCvAGNZSVTkK8QKQnhP6H27GKeUqldt5cX/eb31VpChb
+7+w5hTsEZtG0d5V5mq9b6KcorGXHWda26Pny2FQO4+3rFYFjdflr9WtLxiMSZdg/
+8n4xRLvz7zJmoVgH+yvFxwkeVuzYGaNpvf/omzAuWEzrdfzaHhATl34w/yuAsIky
+5on53pY6O5uLRX7xXj0mrSWW0tcpjeRkkN4OZsdK7YJSwVNK3HRA8uJ9wR9txR38
+SUDJGJto605NrIE8kN13Bw1GTjbrSpa70w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE/DCCA+SgAwIBAgIQIrmxdeNaJz67b17uAq2d2DANBgkqhkiG9w0BAQsFADBd
+MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
+TFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4X
+DTIwMDcxMDEyNDc0MVoXDTI5MDUyOTA1MDAzOVowbzELMAkGA1UEBhMCSlAxKjAo
+BgNVBAoTIUphcGFuIFJlZ2lzdHJ5IFNlcnZpY2VzIENvLiwgTHRkLjE0MDIGA1UE
+AxMrSlBSUyBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBHMzCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALoBFHBZu+3cHAAWGCbPpfLm
+5KadFEuMwgzniL7x7G/2fkag/NJDCz5Vk4wde1ICk+KBu8EBqFlncaFweLHefHCo
+X9fphQUR//Zsg/XtIZaCt4lp/Cn336b8sCw/IjTmIrDmiWluRw55sES3jTbEbbht
+IzwIIUOMLtkpdJE7bO/7t500Bg3TZZ4X4WIpEdpkglSxBZ3VGa3qFKtquZ7jwM8U
+/eNwrerAHaKwvBfgdRmTZP0N68Ak2LiG/95dcAdY2LoGUImB/I6zfh90NZ3IJWuZ
+YauzKMNlZrFIKO1Lfz7qh37NHlSvKMa2ve0cUuHS+pziTVrqVyc7BQjI1POy3+8C
+AwEAAaOCAaQwggGgMB0GA1UdDgQWBBShEBXYG/6eTppOHfK2X0ETgh1BUzAfBgNV
+HSMEGDAWgBQKhal3ZQWYfECB+A+XLDjxCuw8zzASBgNVHRMBAf8ECDAGAQH/AgEA
+MA4GA1UdDwEB/wQEAwIBBjBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vcmVwb3Np
+dG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290Mi9TQ1Jvb3QyQ1JMLmNybDBSBgNV
+HSAESzBJMEcGCiqDCIybG2SHBQQwOTA3BggrBgEFBQcCARYraHR0cHM6Ly9yZXBv
+c2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJvb3QyLzCBhQYIKwYBBQUHAQEEeTB3
+MDAGCCsGAQUFBzABhiRodHRwOi8vc2Nyb290Y2EyLm9jc3Auc2Vjb210cnVzdC5u
+ZXQwQwYIKwYBBQUHMAKGN2h0dHA6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0
+L1NDLVJvb3QyL1NDUm9vdDJjYS5jZXIwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJ
+KoZIhvcNAQELBQADggEBAI9f6Zp4RGKZH24do0uY4rIMfcN7b4ReMu+PzVcU83VI
+TWz8t9emVs9NsJPdohMpgSRmqoHU6HuSlKbx73L/owf+8aBPG7bPhZ0xAYOQwI8g
+LT/V6gfBrICukGspfASqcVmDCeTN/zXHxXkfi7ob0F/oQcAPwBBjVKFCoIvyPK0Q
+IBfSra4M84LG95QcshK36DD6UCQOjtewQXHRJHUSTNr/Kg7OUWlUss5biWidAhjx
+UFQwbq++nNqn0RWJkQOuPo06AVoSsrcomMAAacuYcKJDByJkQMS2TomSaNOrvgLL
+JE2HY8DmuGjgr5SECorLEfpfAHZ+gBdpqXEIZ1YW77w=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtjCCA56gAwIBAgIQd70N32OE/7HRSj7dg4PIaTANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MTEwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMEsxCzAJBgNVBAYTAkRFMRkwFwYDVQQKExBEZXV0c2NoZSBQ
+b3N0IEFHMSEwHwYDVQQDExhEUERITCBHbG9iYWwgVExTIENBIC0gSTUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq/LPe8xgyLgwimOeFnrqppaa6Srlj
+91063O+bA0Ppi6XQFWsL+jcJlZtNXqAfuZQuvW0Qiat4lx2/4xAyQEP+Q8ekMcSb
+Tc8ExKew/83H+mKHdOPB8J4QOhMvOPQbQa5WoI+lCLdWJcYdYnAc59TQWYZ7vMz4
+qcjw66LXL26oalzp445gGkTw2xqAvP57FfmlCpZ9BtVpqXTgWM9eXECIcA+PHazY
+HnbXION18s+T/rtnCtgyKrDHTr2KigsQwT9V4Seh5p1U96ZmA+68iO1YMjvddWOs
+vbskCfWWjfx8LQ2fyr0250dotq50BUtiG04DEimwfas0otGaPMpSNdLZAgMBAAGj
+ggGTMIIBjzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFO9b9EuG+db5OlOJ
+CbwgjrwayiJgMB8GA1UdIwQYMBaAFI/wS3+oLkUkrk1Q+mOai97i3Ru8MHoGCCsG
+AQUFBwEBBG4wbDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5j
+b20vcm9vdHIzMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24u
+Y29tL2NhY2VydC9yb290LXIzLmNydDA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8v
+Y3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjMuY3JsMFYGA1UdIARPME0wCAYGZ4EM
+AQICMEEGCSsGAQQBoDIBFDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9i
+YWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAwaGX1W8P
+hVIMRwVxEjdRip4vb5UUw9RlFZ7qej9/irzpFGdoa+6YqRpDc1kxpRxx9COzE3m3
+QVyYw4XfHIknJCNqCfAdFzgtk1DdRRCO4PV3DGHqu8NQPWnvvx6kw8a+tJs4Eoif
+10EN1hw4JEE+7106updRbPIJz3RErtc/3iee1BHaK4hiV9rOM5LsJ0qWRXXAVjmn
+tnLVdTR805UFnI1KiSCURz5JTSIuYhtsdlo+iK51WXxYfaEOB0XvwIxpJ2Pq35VN
+heh/whbOI5vUAVzXY9aVlOdXETchFy4UopYOZhKEbig1oeVXavNoqmMcRyELaPuq
+1/x47/8wT0zxIA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFrTCCBJWgAwIBAgIQCDlejq4ufZybNuIz+VhRpDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwNzE2MTI0MzQwWhcNMzAwNzE2MTI0MzQwWjB6MQswCQYDVQQG
+EwJTQTEzMDEGA1UEChMqU2F1ZGkgQmFzaWMgSW5kdXN0cmllcyBDb3Jwb3JhdGlv
+biAoU0FCSUMpMTYwNAYDVQQDEy1TYXVkaSBCYXNpYyBJbmR1c3RyaWVzIENvcnBv
+cmF0aW9uIElzc3VpbmcgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDek8ODhuJVuSlT3nk5h+37G0VtAvrjp4eXv5Tc1/+7+6rtFpOtbrqQq6IZyJo1
+5tsXfKpF56+Mno7oAxU7ZWP4SVVwv1gLHnUlb3KbEua8S+8f0j3/6l/aQ29dHmJR
+7aYAkEGyXNneYzrUOLqVTR0MLcNQUiCZpKKe21dI94GMg40eVZ8+Bc1BmXdtO9Hc
+DquxIIM6jS21OXlcOUwHbzNVWDM4MZQD/skcLD07x2MkdHfOS7F14SKP0eDOmhEx
+3/8ccjzIF6yu1qiibpSZnYvUiqiaA7WKndfqWA3Ff8VK4Sa5/Wk0rnS/uRuwCiqS
+SRXQq7vsyIjNQDrLRFWn/ORrAgMBAAGjggJCMIICPjAdBgNVHQ4EFgQUZwHFXOAh
+1rM+Fgvl1BYEi881EFwwHwYDVR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1WtZc2p9Yw
+DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAS
+BgNVHRMBAf8ECDAGAQH/AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYY
+aHR0cDovL29jc3AuZGlnaWNlcnQuY29tMIGBBgNVHR8EejB4MDqgOKA2hjRodHRw
+Oi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3Js
+MDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVk
+SURSb290RzIuY3JsMIHTBgNVHSAEgcswgcgwgcUGCWCGSAGG/WwFAjCBtzAoBggr
+BgEFBQcCARYcaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBigYIKwYBBQUH
+AgIwfgx8QW55IHVzZSBvZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVzIGFj
+Y2VwdGFuY2Ugb2YgdGhlIFJlbHlpbmcgUGFydHkgQWdyZWVtZW50IGxvY2F0ZWQg
+YXQgaHR0cHM6Ly93d3cuZGlnaWNlcnQuY29tL3JwYS11YTApBgNVHREEIjAgpB4w
+HDEaMBgGA1UEAxMRRGlnaUNlcnRQS0ktMy0yMTMwDQYJKoZIhvcNAQELBQADggEB
+AMQ4Xh1Tno0jKP/MIYaWeaMbF3+/TS8dDxZp+HxtpUfXFYBZIFu9MavyDXHsBP9u
+nVx564BeFi/Rlzb0fxr3ePimGQp6lh7dhMstnCca+NmN/UYnON1XUmD4RHF9JPv9
+D+8omaVtCuxAO26VNpzZ8v1oibuKvr5fGTEmk3OrNim7VcaVQCshjzM6WWPF67ab
+YMzRJg5f8hIM9ErUsEtFS91UNn9AH1m+YFmAp8WTkfGuPEnl+O7yjgnhbR1TZUfZ
+bYQ6TtDgqDzFp/ojc4cpfukO8aiPV7g+ROUdi3tQ0iWbvrdTuhLUk7gpC0qz2JH9
+gCcBb5sv0UxADGVS21Df/hA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFnjCCBIagAwIBAgIQBvNpsuMhAtgw3DIzPu010zANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwNzE2MTI0NDIyWhcNMzAwNzE2MTI0NDIyWjBrMQswCQYDVQQG
+EwJTRzEpMCcGA1UEChMgTmF0aW9uYWwgVW5pdmVyc2l0eSBvZiBTaW5nYXBvcmUx
+MTAvBgNVBAMTKE5hdGlvbmFsIFVuaXZlcnNpdHkgb2YgU2luZ2Fwb3JlIENBIC0g
+RzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyPXKoYynclY8uYRtR
+acGIS0RiEAmSeZPNhYutjpn358+PUhLMC7BTNWdmDdTJKUkoej1yqzmykU2suYW2
+VZ4IjGiRDSyMNodZIb22jluWe8FhBCZYeXRRwiDus6gwfxnk4MafT+wNkKDegzCF
+SGdWGy1zFnCL8j7o6Y9WT3kykmz1KBmIKLVtYaSFlIGQ5no9EFufkrCNWITXEaMb
+4JjWcN4ZB/o78ogGLxSAEPICvCG547gGh7o6jc4WD/rVbDgw3mhKA+KeI1HafRIs
+pkln4jO+9mE3PR9eeiSucpRQaqBLq/jDpedMDsDBrPKnHx2ZG6A9/Ru36tzbQ1gv
+IjtXAgMBAAGjggJCMIICPjAdBgNVHQ4EFgQULrDioVT2MW0/Rl/J8AyygSNUWlEw
+HwYDVR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGG
+MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/
+AgEAMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln
+aWNlcnQuY29tMIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2Vy
+dC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMDqgOKA2hjRodHRwOi8v
+Y3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMIHT
+BgNVHSAEgcswgcgwgcUGCWCGSAGG/WwFAjCBtzAoBggrBgEFBQcCARYcaHR0cHM6
+Ly93d3cuZGlnaWNlcnQuY29tL0NQUzCBigYIKwYBBQUHAgIwfgx8QW55IHVzZSBv
+ZiB0aGlzIENlcnRpZmljYXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhl
+IFJlbHlpbmcgUGFydHkgQWdyZWVtZW50IGxvY2F0ZWQgYXQgaHR0cHM6Ly93d3cu
+ZGlnaWNlcnQuY29tL3JwYS11YTApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRRGln
+aUNlcnRQS0ktMy0yMDgwDQYJKoZIhvcNAQELBQADggEBADh2ANvwVs17bPgXRwXO
+H+IfXjm4q5j49ZOPd5+qKxwTlFv+zanXdld7MFk1m04q/R/Vgur8NafhSMgQjof1
+f1shUIf8CBmV6wZwvCntUyZEBTBedV//Pwnv68ZVT1IRDXrHwE3TVNyeVBRoKVfv
+ZH5IiaY5iUaCZGgaYx5SUZWntErCQvQTyGFhgmCkfAPqvO/mKhCVheTyMqYXQmaM
+SWLL2UC3Ykj22nvVkPYQjGdWWVeTT8gJIwKThp4V1bXH6zeynZMUYpqfg4ADxcgH
+45WwgEWNrKKtPMUDy2NBoLDMbTj9TfNlhfi4gf47dC3wqbSP9q0975To45XTqg29
+E08=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIUKKIwimvEDTefdvWRnf4zoYu8/FwwDQYJKoZIhvcNAQEL
+BQAwVDELMAkGA1UEBhMCQk0xGTAXBgNVBAoMEFF1b1ZhZGlzIExpbWl0ZWQxKjAo
+BgNVBAMMIVF1b1ZhZGlzIEVudGVycHJpc2UgVHJ1c3QgQ0EgMyBHMzAeFw0yMDA3
+MTYxNzMzMTlaFw0zMTA2MDYwMDAwMDBaMDwxCzAJBgNVBAYTAk5MMREwDwYDVQQK
+DAhLUE4gQi5WLjEaMBgGA1UEAwwRS1BOIENsYXNzIDIgQ0EgRzIwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQDC1Cv7jAp9b4ODT/UOTxF6EHkuizBO3khT
+kzHIdajGCLoZ2+x2vn99W/PXkuwlPvTAxZYnwkZ0y/t/4tWoAbfLUdNyueB87NIP
+G8YAUhK5QFMIYh0UDyKbWo4ndYX/3yhDDj36majS6bkykbqZs5VK6j+EK/IIDoHY
+1ujAczl8Um1fNVf6GCas4Rsy7SLL/sgb8yGwrR/NKUytKw1lVMYNsBlfcPG78lrp
+x5KcQsV/9YAWk5EBqc2/+UOzFuioCcA1fmNU9GyKd9zsJvg9SLKhhwFprxJnym+F
+wkP1EH1u4iAAi2t7t4N0KmYeOQPn/CnzMJlpvqVgArkPZ5ZEnW5o4QgsTHNeY2PK
+EqHRRg341TXDyHNU3IHk2/VU9DboZSnLpFLXYp7YgOUKb9iiWoJdYmBu5OuOCMpR
+aZvsaVHbEsEMEDZpIWldvEwhzOFj8Y+UvtNy3bQYg23ozsm0RF46kyqDNRz/YkBt
+c8bEt/EETPTDmH6wfvpwo0pbRp3V7dKKyWRLrsfldANWjn5JvTsRUYD6xGaroMqS
+Gaut26Lzzwz8Zp2DNfm+Q9fxMlrfsluh9+QiNQAWQJH9g8urB55ynXyGT59tQhTd
+hifKYe3fahk1RuMvCggRWKEluDMqUYYVGhu3IIs2mMfQmR1whveR8g7iI7BEWShq
+/hsvPayT2QIDAQABo4IBoDCCAZwwEgYDVR0TAQH/BAgwBgEB/wIBATAfBgNVHSME
+GDAWgBTwFmAimDWJL4b8zdmHHA1jVW06RzA6BggrBgEFBQcBAQQuMCwwKgYIKwYB
+BQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNvbTAnBgNVHREEIDAe
+pBwwGjEYMBYGA1UEAwwPTVBLSS00MDk2LTEtMjgxME8GA1UdIARIMEYwRAYJKwYB
+BAG+WAADMDcwNQYIKwYBBQUHAgEWKWh0dHBzOi8vd3d3LnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9yZXBvc2l0b3J5MEEGA1UdJQQ6MDgGCCsGAQUFBwMCBggrBgEFBQcDBAYK
+KwYBBAGCNwoDDAYKKwYBBAGCNwoDBAYKKwYBBAGCNxQCAjA9BgNVHR8ENjA0MDKg
+MKAuhixodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdmVudGNhM2czLmNy
+bDAdBgNVHQ4EFgQUUL0zBvqEQv2+CTbdqOL0bZsUe88wDgYDVR0PAQH/BAQDAgEG
+MA0GCSqGSIb3DQEBCwUAA4ICAQBzeftADuDOBjOAVFYVPG3DV7xLDhk5JcoBiXVm
+8b4OLuZGdauX4/JI8UVxqPWzLppZqPS02jrbnfvlvQhA/7A8l5xyKaBLCyTdu9p/
+j3wPnvnyuOl0uJ/CywAs+g4ffEBt1da0fO+ywJ8SwterhhAn/DTEvRGpoWbPoudW
+pp2kSjY1WoxlwIMZ1XJp1CrpY0pwcFHhC1PASt00SgqpXJ77mCF0xRjalLByL9sG
+yQvsfCshrxoCDG7dQsPXvXWguoufhqMO4cKCdWNZIFY2lRnsn924sHczyBMY3kTv
+/Ad9t8QJhet6YmLR5C+fZx/6JfjX8Lm6TMPTgrzw6Vs+7LQKjXQRGQNbmV3bGp0L
+gCcrT+YgurAjdczQgOaQZMwZKI05EJYHhJAytsve++xdiT1VFlZ4fwL7AyTWkLU9
+myPNPtASs1ok9ZHVl+igbgQWOW4sbl/K+8dPB1W8yvdIMNTmMwkhEHblj7WTrTn+
+pEaivt89GJC1bjKqhBPYz0DdKZBqgXEPWZXUJXXn5yZVRpgOMyHHcEYutOukWDlC
+uaXAph2k4jkEMpKmX4Uivoir6Kp1oqxrl7COthLygRJk6FYM3BsH2eek4IAAZ2vu
+Q8yoN07GHUFyvp7lPORZgpT1CfdoYJwF30NC+zKkF6wsRVbA/9+tswDcMx7qlaSs
+Df8kOA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG3DCCBMSgAwIBAgIRAMcn9R+PkisCAAAAAFVl2K0wDQYJKoZIhvcNAQENBQAw
+gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
+Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
+MjAxNSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw
+BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEc0
+MB4XDTIwMDcyMDE1NDYyMVoXDTM3MTIyMDE2MTYyMVowVzEwMC4GA1UEAwwnRW50
+cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEFBVEwxMRYwFAYDVQQKDA1F
+bnRydXN0LCBJbmMuMQswCQYDVQQGEwJVUzCCAiIwDQYJKoZIhvcNAQEBBQADggIP
+ADCCAgoCggIBAKKEHAlgvl7w7LCEr9hxW+TSTVDqBRbE1BTzVmB8BARbqT+0Rzvo
+ZPBfQLvrwnJXMoc6+iNbuh0D59VNtWVO30XGiyBNWMVtnf0MxJt2a9dQnIskEsKc
+AW6QWwiEWvZs2Jot5Q3HuHlqFAA3dIZ3IMY2FNRNF3uQbc3LR8FPcAoa1G/OW79d
+MZPob2hBEWPyfOzoV328vxhRoVnfT7YlNss2CQjhY3ZDlP0O1TighoMzbcSOxGED
+YaMRYQotrFHEd+Ezpnj8WwDK6s+Em5DV58BSX/NwdUSwCEGcL13v/mUdEk0LOzXR
+mVrwdFtBg2bsiDHe8m/XLJqGd36uQ/BiW/td4GI666S/OdK8yDwV8zrSQYUB41qp
+I7LqaR+jAI4DBKYZDg1gaNLM0w8T9a23GaWsrchTHytJqO0f+rK8ugEKURCdwvJk
+b7AFla0tknD0ORJb2X/nkmYBGlumg1k8XQNUAi5Iw7Lcqmgtv/P9+F+6laIIy8en
+5h/vHqUH8rh14mN83ZPPntuJR5DeZfTG1xEmpI4Z8zsO67xU/7SBdeYrO3k+hfD7
+b+IZNaMjTRfEqT0V+L9WSD+auKcoiuteSGidiyQvtHE25ovZOgrHrMkaYntqkDkH
+cTLnAPDP4RqA+L8nfiUQ/tDK7tbsR8yvguqkn/kWACyRfImWyjSx3As7AgMBAAGj
+ggE5MIIBNTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBATAqBgNV
+HSUEIzAhBgorBgEEAYI3CgMMBgkqhkiG9y8BAQUGCCsGAQUFBwMEMDsGA1UdIAQ0
+MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8vd3d3LmVudHJ1c3QubmV0
+L3JwYTAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVu
+dHJ1c3QubmV0MDEGA1UdHwQqMCgwJqAkoCKGICBodHRwOi8vY3JsLmVudHJ1c3Qu
+bmV0L2c0Y2EuY3JsMB0GA1UdDgQWBBRj8YTdA76jn2T6dnpHxFZ+wG2gIDAfBgNV
+HSMEGDAWgBSfOMRWI8M56KBxbOhUTOToOrG/ZzANBgkqhkiG9w0BAQ0FAAOCAgEA
+fZvwnjoK7QkDKArcYjdJvs9l5ecWAdEtrH2ChzLadgjmPobcPm4+nsuicJeO3/Bi
+ezQibkwUr+uLyKaUzGCg6R2zNWOcw9WDpb0/11zwJI7fzJookmMWnqnlBY2PRj6N
+OisEFr2rSI6SLBpzNIeemBoYg7xe80h1K3/qWBQVj59jkuYJbXBe3mWnqNssZJjU
+T62+xOtJuoBdJmEIfu8rVh5pyE71+UHbz/aVG7Cc1rdoUoj3R4u7E3HRNRRvi8AZ
+uQaOoHMVRhCkJwK2G+QLkaRWLJZW+y/shKDj63RGOHl3QbhrQ+n2QXPm5UJTCseG
+u2O4uIJge4Nk7B90zc5238clvxdiJBESeuGJcFrDRE7BH94QdA0BF5QS3tScHl3Z
+ZD/j0M6r2CwscoCZTVhVC9w+cbYWCHIg74g+RVMLwgh/8gRSeQ0FarZsbVvXGXiz
+RyTGpL760Zquvv4bwZPeAvOd5o17JH7vClHMrPWdhhbt+HUP3iOMTlN0IITf068C
+bhxX8tQwxwHBmfzII4BNRLTEwz8l8E9jXsFj8BW1HBjonsuFVGBHAA3FH2IlOaRy
+T53C5ZUm0GEgt1G+XZBY4+QLG+4YamG5Vyfp4swoUIVHfwwdkpsR8KBASN8xKpCI
+HdAXsdCGIJo/0EU9FiKURWL3iah8q5QVJzTg9wcjl6U=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGtDCCBJygAwIBAgIUOgIDIraBbBi3Ksu1kr73TdeGqLgwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0yMDA3MjAxODAzMTBaFw0z
+MDA3MTgxODAzMTBaMFYxCzAJBgNVBAYTAk5MMSAwHgYDVQQKDBdRdW9WYWRpcyBU
+cnVzdGxpbmsgQi5WLjElMCMGA1UEAwwcUXVvVmFkaXMgRXVyb3BlIEVWIFNTTCBD
+QSBHMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKrPG2c5Ys5v+NBI
+iWlMBF8GmvdKOYCvS5U+T7AiZPKXVSD62aps1emdYaB0zOWLcVg0EBRtuCbq11Bb
+WCsX07/PQAs2HB46FZ0QaGr8nUjMQKc6chtdKVio3x2w/LcyjvSHOb55hYKzH5ul
+7cfxBZLNtkltNKhD2Jct8wxSb8nWG+BRstfwTr/74DNnEnIFO5kCZwO+UzIntbrY
+jcDiyT51ZPbS5v3DFed6NDF5tCkWSsSxuSWpukMqNEIkh7claOeNoZ9q29bnXT4n
+OsrxlmvXbW22jg2rnSeqPr8SB1fVHcyKElzNvYdkDkfG0ynW/XDSV+XnsGtEI5KS
+VmdE5IL2ZvyuJUQ9L/7HUktHYWfXsgZjvScdixB8XHr8CyS7TWjd4K2Ckl5hNjNL
+FZu/Pb4gLPcQ7dwby0gnpcpaeUPQjo5YfHs3uUIurIW5vWnMM2g9gMew0e1Zru2D
+Dl3NI0TbDOsX22r3T895pSC2rj57hkbXwgUdxkfZq77tIr4/LLoqBw59MaNFurMf
+/sUfMzULsEqy+zU2B+yQtdiFPaF2QzWY9u5x1f3Wp2lqiZOZ2tw26/m+RxSuoV6K
+FgfxtOSaEsDow8GVVx8J37vZ6FWsYoQyYlokl+k9WtoUukzZ1JDvZHCxwrfKmgEn
+H7xPq8Hgdm1l4pEVIarBqbR1Z41PAgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAG
+AQH/AgEAMB8GA1UdIwQYMBaAFO3nb3Zav2DsSVvGpXe7chZxm8Q9MHQGCCsGAQUF
+BwEBBGgwZjA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9xdnJjYTJnMy5jcnQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3Zh
+ZGlzZ2xvYmFsLmNvbTBKBgNVHSAEQzBBMD8GBFUdIAAwNzA1BggrBgEFBQcCARYp
+aHR0cHM6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL3JlcG9zaXRvcnkwHQYDVR0l
+BBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6
+Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMmczLmNybDAdBgNVHQ4EFgQU
+ST0O3HnFy9sSo9UNq/LPqa/jZqkwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB
+CwUAA4ICAQBLq8aTwO+Wvdtt+j5DIlt1wXU6uy48p27SJbcQLhHEbXWGpn9xIQBA
+mGuIxzh2dcAPRo34cnBjOOIluG8xw9oDW5ZEhP9/qFVMgkNZYELs4UQ/oNncIdzt
+/AJDjaoDICa5SZuVcng3WGl1tNV6HR7Z7B6Me5C3oglpxz/qnsjW0WFzkk3H7pc1
+0TtOpkcDdw4jHKXi534RhoHJUbyasFMaIWwt3oIV7ouio1mU+UjfkezfqnN0uTde
+ypS71ItW+Cpfi/dMsypgshd34SeLYKAfaZx8/i52dIF1P8FfO9mjIisQSchdDiB3
+LmEhje1B+LI5h3syzXJ90JJSHt7j3fG2eWpULSwqiVZbpAV6BnkNIcnhziCZbhPR
+5LMl84do9ql5tGmyROe8Y6NPXppBuDB9MhTo6mPjSsIQzNgilBPmi0ywADtMK2y+
+uVNVdUoi2i8d8NHmGnQs7R0fXWxOEfOvtCIangPT6h98rxV+c/2afHO5ykH2IAB/
+16TPO99YkPDmmlWVH+Ut1dtpIcKVOSctwtULLTnR+/ow4CezaBfxySVjd+LjgV+s
+wJymghxkcN/lNw6cKKWkD57w3zP5OOJstLcEbTwpWTih/mySRHe637bIk2qqmgcC
+cby5saCrgucuk5exvOqwqkkCSqWyL5UBE44jIMJ/dRrD2/CaYBAUtQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGtzCCBJ+gAwIBAgIUPB6WE37kIFeXPOSYy1DarkwePEgwDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
+BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0yMDA3MjExODAzMDdaFw0zMDA3
+MTkxODAzMDdaMGAxCzAJBgNVBAYTAlVTMTAwLgYDVQQKDCdIeWRyYW50SUQgKEF2
+YWxhbmNoZSBDbG91ZCBDb3Jwb3JhdGlvbikxHzAdBgNVBAMMFkh5ZHJhbnRJRCBF
+ViBTU0wgQ0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDT8S4Q
+fbSeKHgGGhoE8fP2oTI7sLfg6pE6PFNikH735pFuiE9GFyFkO9RLhiC+9Q5rGqmp
+MZZefazVZ0a9YZE6Eoxa36csvFYAXaNFYjTds4kPkNDBQgCzZ8yuy7K6AWTjgBWb
+ur+9rhGWBBX036M9GTe+932MB0h36xOlOTbacsRZka3MWcvTr1rAH+jdq7eDhbYJ
+Euao8WiP+94hqh2cghyFNnL6Ag5Vm0VolL4E1dVliQMRyCm4+xZE88yE//e/Ira0
+NldWLpEGa+92DbFEQPAmvkly0EcbOYHwV1khqSTF0NrqiaZJ8jd4ZWTd/0w3K3W7
++I6lkCstOkzJKnZoOlt9e5L7RrPx4aySN7CIIkOlL43r8AhRSnQIOCELnntv724m
+9CRaRNTUIGurcxiBT80VTtO89MBpoz/WCk217HD3aCGf2lCgKBWoYw/VUShovAzk
+nH+zyJdQENhiytzxWC+2KnY7rSLn/eavGXDlhlXdb053POq00mMjbhJY4uzF6W8M
+ZtaiUE5XtEA4f9o3HEFvpDKaVO6owPs3C7UFyF8kIZBmTL8686VLDR06lWKjtntZ
+VI/l3j4TY1WibMFeloP645sbocUyWdu2bYcn7iB/yrS/hR2E5HfOTgXM1ZPsG3D+
+CBZpmN13Bejfqi6axP04HQr5CEhwPf3/PMBgHQIDAQABo4IBgjCCAX4wEgYDVR0T
+AQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBQahGK8SEwzJQTU7tD2A8QZRtGUazBy
+BggrBgEFBQcBAQRmMGQwNgYIKwYBBQUHMAKGKmh0dHA6Ly90cnVzdC5xdW92YWRp
+c2dsb2JhbC5jb20vcXZyY2EyLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3Au
+cXVvdmFkaXNnbG9iYWwuY29tMEoGA1UdIARDMEEwPwYEVR0gADA3MDUGCCsGAQUF
+BwIBFilodHRwczovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAd
+BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwOQYDVR0fBDIwMDAuoCygKoYo
+aHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EyLmNybDAdBgNVHQ4E
+FgQUtoWFXyB8D8FScaKE9a6DsBXg0EIwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3
+DQEBCwUAA4ICAQBKoYxV593DTOkLKTV7kjgzvHkprbfaxLfVIAgIw9uKw7bZFC+H
+mAlKGqlCQGPfKJjG6JSVshArAN7fZCyMCjaSZV4+0xnhmnqwxP+37/v9y6mGNu2n
+nSnVrQuEF6dW3J+5uYGDNVHbJGw71M85zdC4Wnp7FVqEToIa/0Otyo+3gAz+P/eM
+VTM44uwhHnLszO0Zpe0MQZWHhqUSOGvKnuV309852zc5AgfuZs/ouasXBTw9tjVZ
+bk8506psprpsb51aQg3Mdm5v5aLmfivmQQuXFUQPYGaD0mVzq8Bx+HToPndv2FEG
+B7shSkZhxIracf5S1fIUPR9ikA94xE0MxKztsnUFD0fE0UIhIm3FOICyqMLMy+TP
+mL3L/Uy3dSNq4M9++Il7RAi/eoRkxYYhAbLeuWNlBSyx+6dM1RSMJojOCjyv9H8X
+0Q0y/3CKN+hmdPWC8YYoojF82nk4lsAHYvxBnw+9CxQ3tDyDtA/1/D5f0D7E02TD
+bEuoDHwY7IIrqc8py1NFKvzO9aIzajSXUt1kYW9zcmFw7EubSkOJFlNcDdT7oVSF
+BP9zdIRyTfFPJGfidwJy8u8UryXBvOpn4wTt2TsTJC/H6nY5F3tIh/qPA0MluQnc
+pDtK9BDeTIR2UbzPwjLz7doQz+c+LrUZ7cKkhmXPXOzEA34VoRGfu4/mEg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE+zCCA+OgAwIBAgIQIrmxfns7F+n+5DAoDCwvWTANBgkqhkiG9w0BAQsFADBd
+MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
+TFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4X
+DTIwMDcyMjEwMjMyOFoXDTI5MDUyOTA1MDAzOVowbzELMAkGA1UEBhMCSlAxKjAo
+BgNVBAoTIUphcGFuIFJlZ2lzdHJ5IFNlcnZpY2VzIENvLiwgTHRkLjE0MDIGA1UE
+AxMrSlBSUyBPcmdhbml6YXRpb24gVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBHNDCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN5quYp5pdUNBPOSehxFlAks
+Ucr5fmD5qGc/yKxNdIiTHHhyWX71SGIny4EoNGy+DmtQXESK+q3WixU+saNeIkuR
+VjPj2mVkYyDtaqM3OsmpYM82K3n/EbprzvXQtYDOPUwnuCvLq3z3kmVscc+bOkax
+J19qSIeDZl5Ooq9Cb5LWNArhd+zVAaqexxAt/bMqklnA2rPL+zSV5i/LfTCEeIye
+eHX20seBAWSLLWEt+wKone3G1GvO1hqZ4iEjiolNuL3xlLjw/YrQTj58BIWqgWqP
+Pe6aatV53SBJOMtEhze/fS8WIWkxmYEMI3G4t/M4FwPID6ZiiDyK1xdjDD7dwH8C
+AwEAAaOCAaMwggGfMB0GA1UdDgQWBBTVNa7E1DJugCkVKtQAHLTtI7krODAfBgNV
+HSMEGDAWgBQKhal3ZQWYfECB+A+XLDjxCuw8zzASBgNVHRMBAf8ECDAGAQH/AgEA
+MA4GA1UdDwEB/wQEAwIBBjBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vcmVwb3Np
+dG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290Mi9TQ1Jvb3QyQ1JMLmNybDBRBgNV
+HSAESjBIMEYGCiqDCIybG2SHBQQwODA2BggrBgEFBQcCARYqaHR0cDovL3JlcG9z
+aXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9vdDIvMIGFBggrBgEFBQcBAQR5MHcw
+MAYIKwYBBQUHMAGGJGh0dHA6Ly9zY3Jvb3RjYTIub2NzcC5zZWNvbXRydXN0Lm5l
+dDBDBggrBgEFBQcwAoY3aHR0cDovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQv
+U0MtUm9vdDIvU0NSb290MmNhLmNlcjATBgNVHSUEDDAKBggrBgEFBQcDATANBgkq
+hkiG9w0BAQsFAAOCAQEAjX311G7z8o0GMlkpBEh+8upL/z70B1r96U9dfaObFMOy
+pv03Wp/wQ5Dfqw1XyJ59FDFbGpD/1oAhzIWwFF6aYgSKk37eJdRJx2mKDM4NVNPg
+houBNNZfmdMIAjd8U6vXHxrxEZPqSX5n2w+WJUIUndT4w1DBRsdUVAK9npDlVsM/
+86zb6makPLj5U5eHoKjrtZTsLGuJLIjYFFmjke3zqvkc+/SYtcbey2YpUVijDOh7
+i0fpJlA5Jyt0Rpxg5uB/Z3dmW5XqSy8sGE/03VOB9uuLTqpGEzkVsAieGp2ixktn
+KJas83uFo7lT0LyRKyLaesoKqW2KYQH/9DQm5WOYUA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE9TCCA92gAwIBAgIQIrmxfwXkilXm9e8ZiAL/uTANBgkqhkiG9w0BAQsFADBd
+MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
+TFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4X
+DTIwMDcyMjEwNDA1M1oXDTI5MDUyOTA1MDAzOVowaTELMAkGA1UEBhMCSlAxKjAo
+BgNVBAoTIUphcGFuIFJlZ2lzdHJ5IFNlcnZpY2VzIENvLiwgTHRkLjEuMCwGA1UE
+AxMlSlBSUyBEb21haW4gVmFsaWRhdGlvbiBBdXRob3JpdHkgLSBHNDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0FlRqq+G11zNB0er6dCpx39+QETwtz
+SeS58nBeRxWpBtjCz+TkunHZ4Lq/Am6bPJnXMu5Xq29NE/uNqxOn7qX7Bau6vL8p
+1g5KX69nsGET2Zsq1MADrXs0GkXTUUQEELlZzIuA7JroNjm5cWdkl734A/M1gjoV
+fAuzu0FKFgQ0duiOm2KeepZvBbyZn00R20umulucE83dIe8i/rDBhgU2fTrKAqQz
+WwI+zebmJysyEVUASxSygu6e+tj4KX+cuC0Jt+X/QV0SVJddUGvsIT5m/rS+Bn9r
+rvo/9EY7DuOmBtdFB12sIlMrbPhJ2MaghswSJ0tiOKAVMVwxxGqTDhMCAwEAAaOC
+AaMwggGfMB0GA1UdDgQWBBR8JM4NpDgtx7NjXqd4eo0dTC7HFTAfBgNVHSMEGDAW
+gBQKhal3ZQWYfECB+A+XLDjxCuw8zzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1Ud
+DwEB/wQEAwIBBjBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vcmVwb3NpdG9yeS5z
+ZWNvbXRydXN0Lm5ldC9TQy1Sb290Mi9TQ1Jvb3QyQ1JMLmNybDBRBgNVHSAESjBI
+MEYGCiqDCIybG2SHBQQwODA2BggrBgEFBQcCARYqaHR0cDovL3JlcG9zaXRvcnku
+c2Vjb210cnVzdC5uZXQvU0MtUm9vdDIvMIGFBggrBgEFBQcBAQR5MHcwMAYIKwYB
+BQUHMAGGJGh0dHA6Ly9zY3Jvb3RjYTIub2NzcC5zZWNvbXRydXN0Lm5ldDBDBggr
+BgEFBQcwAoY3aHR0cDovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9v
+dDIvU0NSb290MmNhLmNlcjATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0B
+AQsFAAOCAQEAgfEcL6hdF7gGJ5ZmormGBwuaUVG/8HZUxi2kDSiRWJWHNeN90Md9
+Haz7MH/cmip64h8afXNMKWNvEs6Fns/CB6dlsItSMQgpzQQuD3KQNCFB8F4cHkQk
+5+Hz+4T0OfVgv8F1WpcHzfHCyBwBbYW3+AOANl7KvhSonSZWUe9QUNvvQUuOR0b/
+Ynp0ehKPOeIPdZlfIlsamRD36c189P5mgQFwujxGPmtD3aOhpsRPRmzr6d4lnDqC
+Pc6o+1Tr3k4IrZAHCuec81WDKXp/zqs+vuL+5bREDP2hI4SMt7m7KrljH7C0dFlv
+Z9ccuremd0sxBZslpqcxY/jQnG/BQQ1eFw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGtTCCBJ2gAwIBAgIUU72Nwg1KRr2WL11oWtoPBlkgf/0wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0yMDA3MjIxODIzNDBaFw0z
+MDA3MjAxODIzNDBaMFcxCzAJBgNVBAYTAk5MMSAwHgYDVQQKDBdRdW9WYWRpcyBU
+cnVzdGxpbmsgQi5WLjEmMCQGA1UEAwwdUXVvVmFkaXMgUXVhbGlmaWVkIFdlYiBJ
+Q0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCu0uHRUnf7r/GY
+0XEc6ETNuC8ctNkayL47kvnmZjfxCvmZ+NpaQ61Lscr5Q+YhcOYEIB0M4GbgyJzF
+JUynIrsrzpLPAOAnFDjuLRIhC96jtliUPVqVRfcyRVj/dyzgXF1LrjWX2LLnDK4S
+Ubrq6J7epNUSaNmWXBjYjHbpWT8wgeQGwliPxLoZuN+v9fSQrLKEQBsD0cWy2xDN
+UNtME988lcmY4aeAUgTTJj5CMMJfLro4L8B2+FPGwjH4H6T8mnZndQEt+fFJYOLO
+k32xhT1gNbvTaBnhAP1f3Pakzf7wS2usHuONr/xGQIiJibkqBH1uHWHIT9eYV8eP
+AORs76hYJtg5D5kpnBdpuAkiKeynWEJyo90XIkxdpgRe0gWhGQ6sBh375jnmJAUc
+d23sotpvb8JP4XOQx07PxKLQYlmROtfOHHdPStxqmk+IcGRwciYiuBS5ffO5kWas
+3U6UsLsc3yq40ipFfDKrCM4lSF3pTWrs9nEl6kF7KRlb2Xedl1VE0RsOSkJhTcMP
+MxIXCIOsb1ORrT7AuqTFsC+MCX30xiT3T58gb5TAvvfykNOk1GR70GuoIdOZvjvt
+pUBArWam2IUaHh/Rmlq3Cs6XwBQ7XJXbzMrFpFnm0bXWClsLa7n582KaNOnSLsa2
+WDh+kZ13OCjf4qwyzITqlsgtpion7wIDAQABo4IBhjCCAYIwEgYDVR0TAQH/BAgw
+BgEB/wIBATAfBgNVHSMEGDAWgBTt5292Wr9g7ElbxqV3u3IWcZvEPTB0BggrBgEF
+BQcBAQRoMGYwOAYIKwYBBQUHMAKGLGh0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2Jh
+bC5jb20vcXZyY2EyZzMuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92
+YWRpc2dsb2JhbC5jb20wSgYDVR0gBEMwQTA/BgRVHSAAMDcwNQYIKwYBBQUHAgEW
+KWh0dHBzOi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MB0GA1Ud
+JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRw
+Oi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTJnMy5jcmwwHQYDVR0OBBYE
+FLzrXvvYDeiCroZGvTt8sm/RLH8KMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0B
+AQsFAAOCAgEAKkbd+r1vZdmFSfcIGR44ukg18YFbuMdWfwqCFbMnQHjZpxgY7+Mm
+qbPpyX40BkS81JfqIieKwKintYx2Foen20zhoYNRTQljm/on8FslZJl6QxlYAdi8
+EmAvtcQ/C/DJBkEcUPAXUemlPe5WulBIc2nr/W2Y2dMVuk3YqwSNNkmcdHHwzp/O
+aOK2NwW+ZNHIsS/1STpWRq2u8nGQDnlAenL63V9wYyGweO3aCaRhRHxy6bYJgxxh
+2VDJMxigMDz0PpCCe59ITdqpaCe/pBv+FbOTG1ufBYQ0Hh4+9wmpf67Sd7ZolVJH
+cX1IgqVBG2uy9ogHbKUaR/hoAmlNwpy/ix8P/rt/7l6zMjKiepMInBjmaWKOqC8f
+zTapWZ3DcXc0wvRLbcNDzKSbg5L/Lgr4Gb0BX3WBvSMeUqmvKySryrWoibXAl8qt
+Wcuhenk4tXqSxwL9tgXWgx3gSa5bPrMYQmQTM9WioJnlFPmprI9r12V0n4RHXYb5
+xmpvRPTm+5dSKtUzLYDU6hjONzCeuIVukh5/ZDwDyPv/zqiVH7lQFoBjJVi4UnLE
+wZPiR0TPN/Phr4vpAQ2jfoh9zABFeEIXeLwg6qps9bmJMGyOZrHAm7YMwUUk00Kt
+YoITfE0j48hd7+sydAHv3meZoX/GaKkdL/jCezlyMSmLPC7hZf2/rK4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGuzCCBKOgAwIBAgIUe9y7b81NAhnIfUh59PTXFba4NK4wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMDA3MjIxODI1NDZaFw0z
+MDA3MjAxODI1NDZaMF0xCzAJBgNVBAYTAkNIMSYwJAYDVQQKDB1RdW9WYWRpcyBU
+cnVzdGxpbmsgU2Nod2VpeiBBRzEmMCQGA1UEAwwdUXVvVmFkaXMgU3dpc3MgQWR2
+YW5jZWQgQ0EgRzQwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCWCCLm
+qkNcSCawQpAXws7CAKPEDqs7Y52TBE2P0FkVYaNtnFyG+te4kWJ8l782VXyo3ZvK
+jwnUYbHLrrA3Y3KlUXvGwFDvGpVJbTnVHnfm37EOxpoKu89i5P4A50lIN1oNnGzF
+kbWSzLggZ8W34Kz7AO8b2A+j72OSigH90mE6ZCgHz5x+cUBmirtKtodkdwgNUMjO
+HdKQl6f7etm65MfxXtRFHZ+AHh3+55jQrGWKRZLi1S7rcxY1daRbSADNymRt2rC/
+ftFpnOZuF8Q5nJFIMZjIzIw+M9Jo3fe73LTVoKzPx+5tk8UJXZ5ussaPMWmL5Vnw
+pA0NfzS+peQCNb6P0jpG2BS9YKZboFDb1+zU0jl0NdA6pmSR+14wiKUdfhaTQVmU
+OANm4psQkT0nvBM4JInxSa8g9uOkf6V1tNETi1Ptt3ogHn/PWUSuLg0GkWz3Sx8G
+6C/S3xEU5i/vzHexhBakUNwi0YQ6dK/wCnPNUr/DwMAwO4yStadLp83/Been3Zrv
+CB+C47/oEIoRQPoNv+dQUmdo+FFYSgP9CaltMZxVumIMqe4WNHzEbmApuguc6oXh
+2VvczcIH1vtW4iBGpEz/duLd6gKzfHUMYB4964WqkwE7uBc8T298yl8wgmK3pGAr
+xaeTM+hHGxBywBO3yfEHSifAFr93opQpJ23JWwIDAQABo4IBhjCCAYIwEgYDVR0T
+AQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBSjl9bzXqIQ4atFnzwXZDzuAXCczDB0
+BggrBgEFBQcBAQRoMGYwOAYIKwYBBQUHMAKGLGh0dHA6Ly90cnVzdC5xdW92YWRp
+c2dsb2JhbC5jb20vcXZyY2ExZzMuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2Nz
+cC5xdW92YWRpc2dsb2JhbC5jb20wSgYDVR0gBEMwQTA/BgRVHSAAMDcwNQYIKwYB
+BQUHAgEWKWh0dHBzOi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5
+MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDA7BgNVHR8ENDAyMDCgLqAs
+hipodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTFnMy5jcmwwHQYD
+VR0OBBYEFJUB41nXVXPkwjYNqDuSS9nmHhB+MA4GA1UdDwEB/wQEAwIBBjANBgkq
+hkiG9w0BAQsFAAOCAgEANws58UnY0ZPPISiTcEEWLDwavD9hJiBJ5slRMsK5i4/b
+WeFivV9lJzrqVhRV8+o0sgbuY+TAJeKoS6w5uzAeZIE+U3QPJo9WJ3Q1zZ8ednrn
+vsFdEANprlh7OMWWVWHRndrEqchaDQyTEGKASsDhyolIths0xZD8xj3GjvQp4CWE
+gxLhtibCEaSpE38c1JJG4UNQTlV7wahAsll7XZa/yQKLlzHKQw7T06wk6kgKT0GY
+Y60BBtDbAkvK7vPczbYbEBiHCONWEbG23IqLJtc50PROf0QXJc7oKhuWxfSoccWD
+aQnk2m8U5ujkgIu2R4a5Ow01VZ/n4i1mpZAwubZxnjdGCV7Wpz7GXCwcwTUmXKxb
+vy+IXih58X8B+PWaHiRdMBrUKi2s7KxL9cxX5Eq7AKuS5VtwCnCE/u2nH0aUcr9T
+W0eCb3/PmGbsQP2GQjAi31lOVCgCm8rqUlRPPOsz6OokU+BYs5Qbuf+u5sRlqjqT
+Q1c+brsIyVyxlOOqORd5jnlNlM38tCab5OUplFaZlyzA1Y5/AeRgq850YARn7El4
+D0OMFbfA4qm6n/mlnLAolpiRC763/WWB/JZEj8oAHoeY2Ra0AJuvDUvw8cbmLrwq
+bRNhWOzHt5lHnWLFqrUIzneAViFjyVe9TiOEB+qm+lkQLy0nG3Ef71avF28+Im8=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwjCCBKqgAwIBAgIUCr4SlJWYEinfIhk3QB6SFAram90wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMDA3MjIxODI3NTZaFw0z
+MDA3MjAxODI3NTZaMGQxCzAJBgNVBAYTAkRFMSwwKgYDVQQKDCNRdW9WYWRpcyBU
+cnVzdGxpbmsgRGV1dHNjaGxhbmQgR21iSDEnMCUGA1UEAwweUXVvVmFkaXMgRXVy
+b3BlIEFkdmFuY2VkIENBIEcyMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEAy/Fh1th2UcVD0Eex/qf31/UI8dyabT+o/dbc21i6B27HHxU8MqXEFMqeh4rW
+tGZoa/Iny09/PkEmkAS6Ov2dJgM5uCaWSOqql9r3aOqW6q5BoH4I1Kg4E5bdrBHC
+OOKBG6MoYnWXAhxcMJovorWXkCyAlUMgh5WtDqqFLPdxK2PKBC/U78Q3JqBNfPE2
+Ys7h+fH7pjHwC+mdhlc30ol6oIyy9mxHVpj+amXS1sSh1DIjmf49Z17tJsrHVRyl
+0XDaq9n3ZIl0tYHG9eI+Jqdo96AB4x4l9NqQ5qhmjTLVF2iSsY31dlvywc/WUyUK
+eh4ereYu/egTAxbNCUTXFPBc+7FirvLIakQQIybn7P25+UPBIWW8Lz/+UGGLqpgu
+l/jAnHMF8tMS63Mi0LpDfkzZ6hLKC8CH3seHUhUfaoXXTaQexWE1O0H9j9ZJtNbW
+krkhPEzfFXyFzo9tXwDxFf5plxy+tv3H6WAjvfwjoCVDdINkS6LrpUUVZc3lcmCP
+g9P6kIwxiLVp4yESjb2eNsUlf83HPH6qTmkFm/evfnSwKcVMhdYTfF47rqmAWcH0
+To2tZEpUCkJMgqHH7abQkeXYRSBToX6b2tEKFIomWIk7rSMEVOUfc4tC6BF7Fegc
+TsvTLoAPOZGTzD/SFJbvsSH/PrQqXCRxJRocZaJNRz1a5TUCAwEAAaOCAYYwggGC
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUo5fW816iEOGrRZ88F2Q8
+7gFwnMwwdAYIKwYBBQUHAQEEaDBmMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3Qu
+cXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMWczLmNydDAqBggrBgEFBQcwAYYeaHR0
+cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29tMEoGA1UdIARDMEEwPwYEVR0gADA3
+MDUGCCsGAQUFBwIBFilodHRwczovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVw
+b3NpdG9yeTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwOwYDVR0fBDQw
+MjAwoC6gLIYqaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2ExZzMu
+Y3JsMB0GA1UdDgQWBBTcCJCyHua7YOzqO0e1Rolx6nP8rDAOBgNVHQ8BAf8EBAMC
+AQYwDQYJKoZIhvcNAQELBQADggIBAAgyRX4RPNi9wEtSQr/B8/wegwn/hOhEjKkw
+kc0+0N6WGxWDzrtYYIfgWSEPCE0QfRomOjFkTf7mB6P+ode9kT4odS5Xq4HCGiqJ
+e7X8fudRoTwpKKlXWuyv8tJnvZp+KCe4kcsZQjPS6Kkb4boANvyISySsdg9Y2e1Z
+r8o+E1mpqWFvGqugeYurEUZwPCPqnpwDsFaV0UMoiIEMss9QLpsE8mukm1pDV4zP
++NDXKQYyGHsBGuMtzTXduAjOYm1WycJthq/rJyyVg9TILC10nbwjkGL+xe8Ll27a
+wEBRMwtenjdNWmuaO4scqUgbWz2UfOV2Ymi8MggtMs0mAruoDNVCotgEhE8WqjKk
+jqnnoZ0Nq6t7I/NkjsSXd7GCBAXUziu3Xp5oMQSBz0cTRPkpuI/V3y96yMQ2anOJ
+ger2a1JQziZxm7EYfruR2tqzGoX0YwussvsrRLwFX03WF+9dGJe5h6/jxGlga0pQ
+Dip3PCl4ABmidy8OdnoGMynv2/cdQgglNevDpuKBeci2zpFH4Qefe826yypd7b7S
+N7T1Sq0cozct3RvH2D9ugzU1mr0/6fOBYcV4Bzu3zrGDNKn6WSGA64gsE/YPNqsL
+CrkE16xW3mCmD/zwPjLw/RK7IuA6Dq6WyWjcsX2VL7eoICtjYoTmfE2AAP5qGFUE
+Vjm88frm
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGoTCCBImgAwIBAgIUA1/hN80FUeTB8bAL66Wu5T+VJzQwDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
+BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0yMDA3MjIxODMxMTdaFw0zMDA3
+MjAxODMxMTdaMEoxCzAJBgNVBAYTAkRFMRwwGgYDVQQKDBNGaWR1Y2lhICYgR0FE
+IElUIEFHMR0wGwYDVQQDDBRWUiBJREVOVCBTU0wgQ0EgMjAyMDCCAiIwDQYJKoZI
+hvcNAQEBBQADggIPADCCAgoCggIBAKkXPXrwVCL6BNlH/zrPL+ZH8nVv9tG10em9
+jN9rK/cY3zHfJlSjjnXKApuvs5YMQfElulRZNtRWpghLpOV2TbxnRMctccs6R3dm
+dkiGaQaoA3Y+j1mm2p4PJ47edWGMDUnBP7bx4sAxQVCPdyMaDUznl9DksP7DhfMh
+5hw1s1p0CcFNDFdXGJKtnlS/LdGrNg+U5sTvN4PgyHZ79DhwdiRhSjZzZ5BAJXu0
+/m9V7gtTUU2CWIjxBXQO0Y+AjPloAYWazgQKxdeAboipZOjXbz+Kp4GqrAokVTcA
+6JphTCSRhDdJn40Dr/2SyLRo1UJfxp7w8+/SFrRXCCthxUbKE27WyheW9VVAlzvK
+57wSz4VIO6nrDCrSS0n1yVQzKZRapr1248VQ1s19hjXseW46UxZKQkO7mlJDO7Mp
+XK0SatL/HW/CytilCSDR8qZHyyi4Tl3jlykCUc9RAPh8R/Bn40oiJGNTgMMku615
+IniliSUNQEka4MG8WRrjcLCgGNh3W+KgvsunIpj6IUerfeDc4LuSP0pNzf25azeA
+aDrd/V5KaoztNR4HJuIBhnuuV+jXpO6Fn5IeWohLaRkczw+IOU6us/jZNoJknpM6
+vTMGIxdPgcuYF07ihFuNNwgVtALtTfcM4jZYhQEZQibnaHoQ70XaXOUTe2AlvzmS
+eiHKPa7hAgMBAAGjggGCMIIBfjASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQY
+MBaAFBqEYrxITDMlBNTu0PYDxBlG0ZRrMHIGCCsGAQUFBwEBBGYwZDA2BggrBgEF
+BQcwAoYqaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTIuY3J0
+MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20wSgYD
+VR0gBEMwQTA/BgRVHSAAMDcwNQYIKwYBBQUHAgEWKWh0dHBzOi8vd3d3LnF1b3Zh
+ZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggr
+BgEFBQcDATA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnF1b3ZhZGlzZ2xv
+YmFsLmNvbS9xdnJjYTIuY3JsMB0GA1UdDgQWBBTHd2LrwybB/QHCfpRwUEdM2Ygp
+xjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAH0wwAhyVpiki+9B
+YnxhjlCvSFOtYAb0fdthBbiLJVLqzF0R245P5HP6xlx+LfhWbCy+nn1JJyZqMEbo
+GZF8cLpG/ro+eFI8bAzXIIH4IADpehwJAzZmftQih84ZbEBZngmgeiFByR4mrvD+
+upvJHesYyAKv8ZIYI59AZfg9NPWjLHi842OQz3Amsnlt8ini/dvVAJxUyovo1SZj
+SMMny9APUuPOxfW3BGMUVFqO5vS047XJhOTn2RVVM5mueSqIxmXIhsGFinLDNGX1
+ZDpHbnT7a/JLvvJ/mLyLZZbAReKTYGxwMq/kvhGxvyeFXL/7v2x4x5TlG0wxdO/6
+n2+1N5YtEUGIoDSs/334aYtNeVtfsXbk0P7CtW3cOqVyqtdxGdXXkSY+9vQtIxHM
+ISbm6LBI0PrcBwsaeiTCyO9hw0uHp2Y1PzqCEqbEg8nA+0u8nD7qq4edCojhYkOm
+ceJbdhwr90l197VkUEufl3NRiYGZDKIWx8kpc/jRo5l4QdGEIqb/Hz9NJUookXe/
+qQeoXru2XVV95adf96/X04rRkIYcLGm0l06RTxEHkpmz0Tuwg2V0r0+nwbIkw1xT
+Um69LUNV/NJ5PbPJVQsWGze9FV5/rw09za9piYMJ4ebHFxUcvWhulNLYK/6/GwoI
+qwLcTRdgn1OSjsY8p+5FQ/2B3It1
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGsTCCBJmgAwIBAgIUcaqqYoSEEUxZH9dLn+n/3lsp+n4wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0yMDA3MjIxODMzMTFaFw0z
+MDA3MjAxODMzMTFaMFMxCzAJBgNVBAYTAk5MMSAwHgYDVQQKDBdRdW9WYWRpcyBU
+cnVzdGxpbmsgQi5WLjEiMCAGA1UEAwwZUXVvVmFkaXMgRXVyb3BlIFNTTCBDQSBH
+MjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJsBv9jg+xGq241BLjp9
+5MtUcVBamKCWYvyYc0qHqhz2VX/ey/El++cglIUUmLHETvxR/gwh3R9noj1bBcCC
+xElQ4+j/0/f3OqRk7dJWQm5Bd86wgWeonbn8lGo5WTQUdutikZpJe1VlNXJYYmQ1
+UcwIRTYIzbZiEQI0EqdA4erbr0OJSePZXiR6taFruZ0RHOxJjWVer/TWP9IwyP8S
+KEloQEAAKZqy9ZEem6LcE99FBzOvRTTF4GCyV+AO4rVYr3hGp2CFxC8r6bpO56hu
+PMic9rYlUrKMLdmelxDa0GNqxC0n7qYWKp6khaa0/MRMiCo2z5gZ6kOR7ARmOgDs
+PL623JzCNhAohziRpB1+Fb113TCAPylNKc8mF3OKI6PTm1SRyjqjUecmysDpoR4o
+WmeETcl+TvIpUxxFWnWBc7F3mEFGIjvj7WrT4jjuYvb21UNnomipKbk9BzspLjyW
+serJAQpFkmbPfqKpkQqDHOMj9wWec8H1YcFgUFLTa+IjKAs6urga/NsyViOJd0t6
+3g2WRENeZBkVguUqJeju1/HhKneBlbDFYQLkpl+VtNOUVd1OvQDWaYV0kWw3g837
+qn8DLrxaLXrqjK0Wz3K6x7tf1xZ7Nfb3OdB1UFmGDpB4D2wIadAnWpBD50VfAr1k
+0VDRbvjjSlqWpLKl5paFPuobAgMBAAGjggGGMIIBgjASBgNVHRMBAf8ECDAGAQH/
+AgEAMB8GA1UdIwQYMBaAFO3nb3Zav2DsSVvGpXe7chZxm8Q9MHQGCCsGAQUFBwEB
+BGgwZjA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNv
+bS9xdnJjYTJnMy5jcnQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlz
+Z2xvYmFsLmNvbTBKBgNVHSAEQzBBMD8GBFUdIAAwNzA1BggrBgEFBQcCARYpaHR0
+cHM6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL3JlcG9zaXRvcnkwHQYDVR0lBBYw
+FAYIKwYBBQUHAwIGCCsGAQUFBwMBMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9j
+cmwucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMmczLmNybDAdBgNVHQ4EFgQUL61k
+qs8pDTDay0Q+P9ZPuhqf8XgwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUA
+A4ICAQAsJWaVoCRLhoMhkjI3ah4Nm6vXxT/8MrnB1Y6r9+bydBjhHHm9UyGVP4am
+iJ58pWc1gMn8fPrTwHfuFPr+dB55QbMEJRDyfuNkHlkP2WGj+lHTHzrK2QBmdgE0
+vcav9kWX2eHSYGDoqEbhqscwkZGEAhQjupgjEbj586z6KeoyIIbI5XZYGtdAsbIE
+y+Z3jKs1f71ViyVrIzmQeXuoXazPzQxaBWDM+netGUtPN988VhgsiWU5QWbu7n2B
+epJ2k/+NK8N9gs6R15E/blUTGTExP0+z4XVT54oxe5WhKvqMjr5Cx/77oNtQf583
+rCMxp7enclMpn8xpbNFb5xC+PF/W9oPvGdpTJjPeLmOZijT3NzBQkE0O2Yq4KEuw
++O2+5malqZgVPxBndhAJX39X4Stm+Hm/WyuHPl1da+sVmSqOHCLkK09mYkO0fBsp
+X3QxHCFCZISdJiDimt/8tShz+z/Hu8Sc3k0iaoGJkUkNeyxkmk5AYff23pPFbI3F
+62eKKGsVKytW9hb+TbhaCiZTBf75K47XkBxp8ucJbT9pIQq7EJuYRKlUCRPG8P5X
+XSrgWF5v+Za310A+w4D6zZosZtsTVys1VRtdYJzFFUPiffilQYwhuDcmQ6YeofLR
+tSsvR4GuztTNRiLsUGWilt8pL+qLcYcuHELoLU2ZhfajFC1UlQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGpDCCBIygAwIBAgIUdUFRzBHsibZGSbIwrYCQILseZqUwDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
+BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0yMDA3MjIxODM1MjVaFw0zMDA3
+MjAxODM1MjVaME0xCzAJBgNVBAYTAkRFMRwwGgYDVQQKDBNGaWR1Y2lhICYgR0FE
+IElUIEFHMSAwHgYDVQQDDBdWUiBJREVOVCBFViBTU0wgQ0EgMjAyMDCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBALLkG5A2CoVB1AFi2GtDhr3CIJRfr2P8
+4Un6RetLJf0emmppFPBk7v2PZrjpjJiXQWBj7ZglJ7uv7ZGxMoimWwraPjSydy9j
+pvtMDLNsAdnAvgQgdS2W1gCkBfycKxYaCRwDESRFm1u0WyRNka16V1P98p1x2fD8
+xtrY224/HZ9c9K0xxMJKSZyclTSvhXHA71UgtFq5tiyUfS2yN7sylNP1r3ltohVF
+67jzAmtjopwcDmjDA4z3dayH4F6BgcBQ4/LJz6GqyOJQV46FcuLIVQPBFrt/6Cnq
+vm5oJ1aarPefgPu68DJ9wmYTE1RLyUfCtXgl8hXgte2dJW2e1wo7gluDSh7VqwNT
+hw0zZil0uXSHFbY5Ca6KEcSkOWQ36jmmy4lgtyU1wQME3/gBky41n03Yiu+RhQiP
+xReTzLh6KavZs4Z2LgM2anXyLbq01QeG/UfyBS8pMkdbqLa9O4TjyrE9n1s8OOQv
+0HZrUgRMnpFWqLTm59hpFx4Z2rJzv4uR17NlME2KCVjuxoypC/5a0lTtZWP+PtR6
+1hig1O8/fASEbQS2Gr8P0CRQDYm8TLTQLwfucos3tL5a67b6OHXG8Ky1cs88/ydQ
+lshmZlSOUmtAoJdp+aqHmqvvYo7w32dGACuWmMAgMRxPQibeMVQ7z6IA1bxALZse
+V50P18HuTHWLAgMBAAGjggGCMIIBfjASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1Ud
+IwQYMBaAFBqEYrxITDMlBNTu0PYDxBlG0ZRrMHIGCCsGAQUFBwEBBGYwZDA2Bggr
+BgEFBQcwAoYqaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTIu
+Y3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20w
+SgYDVR0gBEMwQTA/BgRVHSAAMDcwNQYIKwYBBQUHAgEWKWh0dHBzOi8vd3d3LnF1
+b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMC
+BggrBgEFBQcDATA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnF1b3ZhZGlz
+Z2xvYmFsLmNvbS9xdnJjYTIuY3JsMB0GA1UdDgQWBBQra7Aj2PQyEqo0TD0B7PDN
+ml3qwjAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAFjju/rMzVtF
+9DRc7ndTjL1Lw/mWE2wIHOrqPOUtVjA05WdeFRKUYqQtZtUqVkNni9otzdhnyenj
+xyxOD4Og4tJC8RA2H4HhgGediF73HmmnF8eJDkO85kIGrrY8lnHYvH25EeMIjWrx
+aM0aGzoVpIBJzCva+vo7giQaLfJ3nNkornW3nqhgztAaFnE9rYLCdONihryPzP81
+HNA9tgwtK1hcnk+x3sT1AH/wA7P4kJK/nUskCqj+jWLRI7SAKJbTdw/4FZaZCmZC
+Zd3pQaTOBpFNj8ddu/5OSCxnwrFuGLNr4LR7XBhYOr1T3e5e14eY+4qw/Hv8YrnJ
+BcUjYtRE5/PEE43FeH9qyTzTY/SDIS9KNPvaS+otkMxcyj5SAbKVV9inAQUzCKdP
+jJI6Et3sflw2ROPEfKlRO7CN5bALwCPJBA6PH5FaRHppe/MDhk9xPKP5CTs/kCHM
+aHBWS9xY60cnuCuN5PWlx6ub9RmADsSNKOBm7YkK2R0fvGk03eM5Rm1wNSyGI3T/
+7B35aZaATtLdJc3J7an/4N7QA1vUjzpBTZ5QBu6fGCJDO4WQ6FxrqsMT4Perz8vZ
+JrUmZatoZ9DcdHuVvtQHB4MYMI0Lf53pDGetOERRcXH//cmzUIyXj1DLLky9Fqnq
+yX5l9RmoSoTWunQAe2JgTN0l63C5ZVXe
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwjCCBKqgAwIBAgIUZATFT9lJXNOKXnLfCnBb3dm1oqMwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMDA3MjMxOTU0MzFaFw0z
+NTA3MjAxOTU0MzFaMFsxCzAJBgNVBAYTAk5MMSAwHgYDVQQKDBdRdW9WYWRpcyBU
+cnVzdGxpbmsgQi5WLjEqMCgGA1UEAwwhUXVvVmFkaXMgRW50ZXJwcmlzZSBUcnVz
+dCBDQSAxIEc0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAuWFBTtvT
+4eNAyfAC8Kp9ga6yv0iZ4zHm0ecAgdViUn8WW/Kg2JHh56iGV89utJVudmov0sRm
+5CXMAWR2S1reSLry4z73pPJb/md5fjniG46uJWgKfBJqh9SH+UbZq7CMr+FqYHD7
+/NjRd87D6qfELb3tNB2lPD6PnmmMd4P76A2CLdwCFrjjW/RWsuKz7L1raESQRm5A
+HHmBSRt6yo73wUXwgkTs8+QEpLwsV9ym6uH+bUUny9m4lBZA2pJitURlUJJ20MJ6
+73Zgajmchg/Sasm438ZVDrUIHQF5iEBtJ4vRYNPuj0ugUf4wSt8qE/VixQnpsP9E
+36XZ+S7XjmOpmXeLBlpeVf668OnljockPegRfoyevPJuSWNbz8kMXmqvxG3Mhzjh
+9VaKe3MOgtJOrEJi262tFmpZTAsGodwvrwxjPrG4f3yrcUY1F2qFwmZgzK7cY/8o
+dssC972abUK9oMI9RYr3DSkb1fL3dmGZ0X8BY9Y8riHV3eM6zMOGNrc/BnhuIiTO
+nv9sZju0qx6k0bhGSVG0T3WNznogbl1LYKfC3hgpu2M2SE56Jv4KT8Ru+LdUHxUQ
+PPUVNEwXQP1HtVRAEL2at2tx8vX+QMpzoM3boKo9KwlVnA941CgK9ZEm7EHAMcpA
+bCD9sqP90hCK5ye6X3dGSJ100G98dLVMmIMCAwEAAaOCAY8wggGLMA8GA1UdEwEB
+/wQFMAMBAf8wHwYDVR0jBBgwFoAUo5fW816iEOGrRZ88F2Q87gFwnMwwdAYIKwYB
+BQUHAQEEaDBmMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9i
+YWwuY29tL3F2cmNhMWczLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVv
+dmFkaXNnbG9iYWwuY29tMEoGA1UdIARDMEEwPwYEVR0gADA3MDUGCCsGAQUFBwIB
+FilodHRwczovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTApBgNV
+HSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwwwOwYDVR0fBDQw
+MjAwoC6gLIYqaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2ExZzMu
+Y3JsMB0GA1UdDgQWBBScUqwY05aHiQ+owa41tB7MfCqLcTAOBgNVHQ8BAf8EBAMC
+AQYwDQYJKoZIhvcNAQELBQADggIBAAAa+L/KdIj+lNW44LGg9MxkA5LRa5Ga+Pm+
+nylSlqRa9qi3hKZj1GY+jo7kkzenJ0fbGwow0PTjUXjFTl4E0x41bMXJ17FgjA7o
+O5lJUM4j+kO5gKSl3Tzq8SHTnKUw9UEt7pmTvc1KRGIsYmGgTsldA3t8fsMWJ3F2
+J8lYIZPoH6TGY10BLaJw+/5cGKGj+XrDXRjtaY/hDV3WdIGcMPnXY9nw/rn8nZ08
+QNmNzVug727BLFl1rOgooW5nlaa8qRIVg+N5bdbmjx19nMId+RaJF0lAhT4N5BGP
+Jhh7baTTEu0jMH52S7WiuYQcS8KGx5AhHjFjmnJw/nKdZlVSQVPysxFMoAjPeA4Y
+i7mRTXMtF7vYX6FwKqdUkL6RCX11UQv82AAhBtFkG4gJ4ZMyAm5qQxHjDoDh0HNB
+5QMHpDJZIEbLuqvGaTdBSBwFiOGONsa36jXJB+VEFL3ow0Gv2rjfUFNHpfaj/P3q
+mauQ0AF5Kqk5nuFi0+St81AS+S96RUZThpcQMa4Wp/Uv9AlDubQ0rCS0jcrt+xsH
+4ObkPn++jERvfoUk3w4KTNKJ6biBd3+J6f1hHoA12ybh5HB8TotOb7dRxOYKiEzA
+mlwqRimqD0TJgjSUmNCThX8uKpJMjg0jtyzsbwZCy+xk+sfAuKk+shsZm9vSDF9C
+jwLsGTS5
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGtjCCBJ6gAwIBAgIUQdJlG/V9ruxZQibPVWOcTDKFwkwwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0yMDA3MjMxOTU1NDJaFw0z
+NTA3MjAxOTU1NDJaMFsxCzAJBgNVBAYTAk5MMSAwHgYDVQQKDBdRdW9WYWRpcyBU
+cnVzdGxpbmsgQi5WLjEqMCgGA1UEAwwhUXVvVmFkaXMgRW50ZXJwcmlzZSBUcnVz
+dCBDQSAyIEc0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxdAMllFt
+va5rm4RxE8R/cGzxaUnqMtNkIJp70+uAeSm+Rp4mJdyffaiDW6ZeboLl/gmytgOr
+WzzrvVnvyTROYV5R3SeKKJACRuzJpw65N0T+/HRZfJyHVniZYYC5T7lt3oBfYg5S
+kZEI/hQFv+1/VJ44Z2l9XuUF25FZgpasKwkQhUzw5GPlJq+1HEdc0aRkf7Y9hHh8
+OhqRSUoPbwQxIRX4levpMmqNJXdR4qfPnbSUIGHipl/sLUZBqsvVFRptubuf1b+9
+vwXqAnx14oHTeFqXKun3IDoLpSVMIZ3pq1BI/ZtMC//KeUdPaP3gLWb/rM+4L9i0
+MycKMXU6SqEVLRVDbat90qwGhsKch7U/J0QCXpT4pa5GQhbDyxk455ZEXLEuuypd
+O+0OGjCBTchkgdUhlFa/haPppe8dLM7HeWND8H8QjNMafW2IbCb8FzgpINoag1Iq
+9E3O2aGY2MQGHUCsdZMYCX5nA/IB+mfMz+EWlbdPSOO2b49jw6bVqnmjkW1jPMDj
+x6iiuIahdt3v5gMmvmeMoHf+95m3Mish4BFB/qcPojiiHaqVrlQkyRiyOicUMVSo
+rtV144ZKHAerNKe4jQyXL1hQHr7r6u2HZzkwirjXBIdFXxkIBZK26ooNX7BtSAtk
+E7QJZINWraNgn0sINf+apt0aCBuVeLrbUCcCAwEAAaOCAYMwggF/MA8GA1UdEwEB
+/wQFMAMBAf8wHwYDVR0jBBgwFoAU7edvdlq/YOxJW8ald7tyFnGbxD0wdAYIKwYB
+BQUHAQEEaDBmMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9i
+YWwuY29tL3F2cmNhMmczLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVv
+dmFkaXNnbG9iYWwuY29tMEoGA1UdIARDMEEwPwYEVR0gADA3MDUGCCsGAQUFBwIB
+FilodHRwczovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAdBgNV
+HSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwOwYDVR0fBDQwMjAwoC6gLIYqaHR0
+cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EyZzMuY3JsMB0GA1UdDgQW
+BBQ3cXmZ6YXu59LABexGqwDktRg6rDAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcN
+AQELBQADggIBACnqZJd3oVFuq9VPZlz4JY6aELlQre3HFSjPMduJ7NjJhixbHOjY
+S5LQGsOMJ1npU9tWmEjhi6a5rqHRbBsvteoZsRrAm5GQWdmoP1eZzM3SaN09NU+G
+W/ov2Dr5Q2tTBAMcj3hvYpdtmLrNbVS/8Um3AFIxUZgK9o1exT5XPG/bVXi2eUDV
+WVa/kFwpon3GYgWIoqK1LgPUwFsxmW4ub6aZow5frAFfRUxHMEOBtD661BpDKAlY
+MQV4M4yz3RoubrZpjp9g7V01ivgKSnt3L2irqm3BT35NjBgCoiUkn+3BVhTp3RJa
+YkIYh9iazjnT81KtlUnLkJJNI/39X+p/zlyUQZG/DIL/hlsFowJEvXeEylPpIHlh
+NKtZn87cXGT45vyi4lZ7p8YUI6TQAIgTNrBabASP17JCcMPhackzanveyNpDRCGF
+FfudX7jGoi1OoDn/ogFPK34mrDavbw+4v/OWVbrByOgUcF+Q6CaaF4J148rwMcYF
+dwM7mE2g0KCVRlcqWt9cA/e6gKDUegdUaBwTVgsPoelC/UGE4rAAt8OItFSFB3nJ
+TPHo3KtnX2Ycz33WGDhP63DyN7VH9vjm+gnhkLB/2WPpmorO6bJ6703me5kGWGe+
+rvHbUztLGX+2hbGBQnx9Xb/eT9tirNBT5ep1vl4AuyTC2hV59CU3hmK5
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG8zCCBNugAwIBAgIURpsucQw1FB8mFccmruku5LQrNCAwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0yMDA3MjMxOTU2NDVaFw0z
+NTA3MjAxOTU2NDVaMFsxCzAJBgNVBAYTAk5MMSAwHgYDVQQKDBdRdW9WYWRpcyBU
+cnVzdGxpbmsgQi5WLjEqMCgGA1UEAwwhUXVvVmFkaXMgRW50ZXJwcmlzZSBUcnVz
+dCBDQSAzIEc0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvNHpZsqV
+IdBhi2xM5oFrCdUcuAPKzGVvFSuMnLhz5636DuULjTc/fxC05PzzOF5oz48yvYg/
+5KTeTh5EM7PdXt+a6+jWJaCO2T2YsLzEZt6A5QtVG73ZMrpv4dnqGdNKWBIyqSoy
+LWrRXwaGslc9/Re7YbeYFs8GlYKUwjVGitWKH1Yfn9njZRuxLtuGO1oYf320+wy9
+xY+O5v9sEG6xidJH8hC/VRM1+j7BXiyRH8fk087iM3452a7qvaOW6pgVXAJ0F4RV
+NCSz+fBBAs5+dTxg9MvFAhNYgAzr0K9Imj7nRkWeJ9cWsZcFN3ib/WWH0hFltnqb
+sFKse1Bs/xCQNZBzWOPIrPSiu7nCjsptq08XV68FD7AP9WhPrmM5mk+UTBB2tPGU
+YfzCc+hmWS4BAGS5IITmersym3eIUlWvo2NimTDyZnNKyUMPTW037ruJwWCmacfw
+7u0M1KsgUOEEHYf7We4ptsfDcM8cE3ks5+QNqy0sjANF9k3pyCnDV/6rP2DohO3B
+WRafmZV/r8VK6eUwIUN2kvgx6v8fnmJMcdX1ef3WHKyPvf+QLmT3caZQwVrGX4Cn
+qG1CjxQeSobW2x8ubOHqAqnNYkuTa7EtgBpKrOzzFY4X+GnYVcJx4O5nCfeea28V
+i5gPAZ20iV10nz43VPwTzBIgBm+lI8w2BcUCAwEAAaOCAcAwggG8MA8GA1UdEwEB
+/wQFMAMBAf8wHwYDVR0jBBgwFoAUxhfQvKjqAkPyGwaZXSuQILnXnOQwdAYIKwYB
+BQUHAQEEaDBmMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9i
+YWwuY29tL3F2cmNhM2czLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVv
+dmFkaXNnbG9iYWwuY29tMEoGA1UdIARDMEEwPwYEVR0gADA3MDUGCCsGAQUFBwIB
+FilodHRwczovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTBaBgNV
+HSUEUzBRBggrBgEFBQcDAgYKKwYBBAGCN0MBAQYIKwYBBQUHAwQGCisGAQQBgjcK
+AwwGCysGAQQBgjcKAwQBBgorBgEEAYI3CgMEBgorBgEEAYI3FAICMDsGA1UdHwQ0
+MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhM2cz
+LmNybDAdBgNVHQ4EFgQUrwCU1mtcTB86HLeJ+tBpyYb4w3QwDgYDVR0PAQH/BAQD
+AgEGMA0GCSqGSIb3DQEBCwUAA4ICAQCyS1vRisq2F8kPBc/hUuAueoy0VvzJKmZ6
+cEEZZLoPU6mScTaPmor9zZeYJvkmufaGgraRkL19igGIfam8Vd9G72lijA3clSil
+LyHghvceymtTGplC4Fq76KpSKMnm5p3p7f6SCQ85X1HIvHeA4Nbtqry2r0sNzxlw
+yfUGlz4X9sfqMf67s083vnY0bflfSYwVgYXXiX+9KU5nVLW1U4+Dd0XHDdTQtTo4
+ZvBrAjG8C6WYEKSqxg0vQPXb96BS2ZDBnc+tcLXgaUzoMR6R3vtk8I2vTtdMBK7z
+QK914bG94lN3JAq6Vm9+JZ7oapuA0yWXKB4qjbmLxyH49BxqcVjwlgaZ18JiEu3B
+nunjyAXrjw17mSkzEjH0tR7YSmXFEFP7dpOp2rJU174O8sJnqoELlkHmexxjUGU6
+QN2TdvVu6ajf1zDwoPP4G6M6y8B+inrMJRTGDpNH9qrZ/qAeFbmn80+bQzKvV+p0
+3ZYdtyN86+M0eewUfBwu6fWskNOPUhBREcgqHtJVla1uKjiH+9KQMrYpmN10Sfui
+ybLiyr6DjNUGU6LoM0dO418mJusQrKS8Z1ywclm66T96SEQkm7EJVdKpPH5YBh+y
+PLy1ymHTwht5haRMJy+77NyIt82TyBmv6GlAmbSjmuyb2dRekMWPlbw64aOCV5+A
+mSeodOMDfw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGpDCCBIygAwIBAgIQE+40jkkvjda1xJzwc/cUqzANBgkqhkiG9w0BAQ0FADBX
+MTAwLgYDVQQDDCdFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gQUFU
+TDExFjAUBgNVBAoMDUVudHJ1c3QsIEluYy4xCzAJBgNVBAYTAlVTMB4XDTIwMDcy
+NzE0MzkwN1oXDTM3MTIxOTIzNTkwMFowgYUxNDAyBgNVBAMTK0VudHJ1c3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgLSBFUyBRU2VhbDExGDAWBgNVBGETD1ZBVEVT
+LUI4MTE4ODA0NzEmMCQGA1UEChMdRW50cnVzdCBEYXRhY2FyZCBFdXJvcGUsIFMu
+TC4xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA
+2dFdff4pYlZXfbteFzTcnigA/dvDoFrfkMw5IWSAUUfRCGU6MVF9ZBN9T61qyp/q
+KInm8f2ePPOIaFFrkAdiXg71eJ/pxiABrMh9ioUZFdqtPTQlwfmYJUZRooiNbQVE
+Khqki+ETXuYYH8jtI81mRkxsRkeHf7PLcglEcwGsDxr4k5fdneMG9lIJdmbGt3lI
+zeb7ThwrM0rcvX/qZnuL26+6dRrfGPqmUcFpp3w0jMXgx4MlLMMblqqW47zAsl4d
+VbvIHYlrUeeZJ13kGm/dFRVqf7knmJYz+O+oBYbQqfCif8kFg3DeUhyXOdqVU9vT
+NtOE6OyysCrhs1LfAXaEDSUhxoKKtdAi3wgurDIBEMkKUX7an8u+x7nB4s7K24rc
+JwlsrA51i7Sk/O4kfOnIOJTjTSGbgrwahEco/Ndtn6M1y9AHSpaNZq5l3hkgBJoK
+3Yu1DILUnMSNO+aqGnzJR1HWQEWfLT19eiEh70vo96y5KLOPhsBlpV6txLehL8Da
+QvF6HK+RD7ev+TZo3VXrwpXiS2HvHZR2LmIudY9uVxY4HHD0KXWIKJzpN4Oq9vBm
+XYpCdbHqWA8pU60sMc2+Snc9qO2uTsLBSnT61eqwXUK+hnHj3RqtsL14vlT28Tes
+eq2OUETDL0iUO7KgFgsBf1cpA0rwiuEljc4ysWE/j8sCAwEAAaOCATswggE3MA4G
+A1UdDwEB/wQEAwIBhjAqBgNVHSUEIzAhBggrBgEFBQcDBAYKKwYBBAGCNwoDDAYJ
+KoZIhvcvAQEFMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFFaAFSOVcX/n
+LZDQzQY6T2djfT11MB8GA1UdIwQYMBaAFGPxhN0DvqOfZPp2ekfEVn7AbaAgMDMG
+CCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVzdC5u
+ZXQwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9hYXRs
+MWNhLmNybDA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDov
+L3d3dy5lbnRydXN0Lm5ldC9ycGEwDQYJKoZIhvcNAQENBQADggIBAEa5J5j6+v8u
+s3u+jNXuF+URtl+RLUD4jFlj4fRnyUqGeIUjfQFLyJe/NUBOOm+LZQx5/pr/p+Bo
+2O5HPUcIdQLLWoOd8AZIbO1XYnIGLNMHiJwEmKLkxiLvCAIgvVerymDlRXQTh0Ly
+u8q+R73Mlx+714RioW8UHzs2H9bXxqVDYqBfi86dXI/iC9MGEsfCvOh6+LaqiCci
+ECdxQbfzEOmU+SLSxNAoKrGRhkf5XHolZdiWYT4nhP74P/i6nQdRW7iPJE1ZFx00
+dEhb070FJs4Nx+X+bbSWIARoNiZqPZUghBWYw3jf8l7866ULNHjd9N0VccjqWQhK
+0/e4sHnbDcLYAIqJ/ox+vT1lsxXxaX1VN+v2NK8auqsuLZeE+sfRAg8Y0S7HPCcR
+bFqM14sGR8SL6ffmuITtbSW34jtP1goRE2hFHtTBgys29JvWislnqaNvt1h7zWZp
+/Rj/E9uxgdcQf0MTQhAv0A/IhViDInJATxH74qHEAgMagbmFqOLe2rtTeu03dLuH
+XLjgen22G4ySg8Yaz4NQmdymeO64eVPxX1hKjMUHHwf+IZNmhboGQk7W7D+qMUd1
+nyOGL6j347c6kbPinRLfO6htRNaWtROtzDoWFX6WWvCIZfLEXiepal8yjaO3yN6r
+Ek96pgOZU7IitxSm0o2L4BryuD4fqORf
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGqDCCBJCgAwIBAgIQF5zFbcgtve1Vc8eZmZf2RjANBgkqhkiG9w0BAQ0FADBX
+MTAwLgYDVQQDDCdFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gQUFU
+TDExFjAUBgNVBAoMDUVudHJ1c3QsIEluYy4xCzAJBgNVBAYTAlVTMB4XDTIwMDcy
+NzE0NDI1OFoXDTM3MTIxOTIzNTkwMFowgYkxNDAyBgNVBAMTK0VudHJ1c3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgLSBERSBRU2VhbDExGDAWBgNVBGETD1ZBVERF
+LTExOTI2NDMxNjEqMCgGA1UEChMhRW50cnVzdCBEYXRhY2FyZCBEZXV0c2NobGFu
+ZCBHbWJIMQswCQYDVQQGEwJERTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
+ggIBANJXTkdjPtUxcGugQsLRIZB4C+SOlSniqbPRIjwlkVb9kqhxcMy+wEGImp5X
+T21TAXlnSaCoQcYfSIbW5uaw3CaReGjS8EDNSKcWzRoYNEJh79h41MYs6CnnBi+H
+NlDasV/AI8rJTWgvjxPnE+/OxASrYJlbf7GV5ok3FuRw4sDIrbkMf2zgzRbDhl+J
+4SXfFgPbBNJlnuhy5XEVuNIWHHra6XB0R0k+UcMpYqHNCqYqNeO2GtG/8z9mgX1w
+SU+3u0M2AsMgXp0tVVDrwJ5aRet1bcM4a6UemyMA01Wvu3s/bgksQzSJthXk1ZjZ
+PLXIB+iZm1nfrkNGaFHPCMv+dQ014KGb/uA86CBRcb6Gdpx5nUPgq6zbKS++WJli
+S8lrEm8K3C0Z5osV0y2mQKWmpuAs6hujNsh6ilisUV+9h+G0XRYtbeBcFPZo+r+k
+weRQnymFbgGjQzQvm3RJxN+UCD0eUvAgy3lB3Genb8i3XXxf1BniHViTdRzWjeqs
+yYW+Cv84AEH3dDXhwTcooV6oqIp1x0LWawuzLIB6L1oZns6D2ttdSWklk043iyRo
+c3tZs4q1JBZqETdxD42D9x/KBU4ixbF6Ju1ZX3Fu91d+F4v4DSYBJYt4Djhqjerh
+oAOGBlq8v/XN6NPtbTsKsxJP0UqJVRG0564aAs7W+H6cqOMFAgMBAAGjggE7MIIB
+NzAOBgNVHQ8BAf8EBAMCAYYwKgYDVR0lBCMwIQYIKwYBBQUHAwQGCisGAQQBgjcK
+AwwGCSqGSIb3LwEBBTASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRthmWE
+jFJshi+K9/AuW5tFcmaMfDAfBgNVHSMEGDAWgBRj8YTdA76jn2T6dnpHxFZ+wG2g
+IDAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1
+c3QubmV0MDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZW50cnVzdC5uZXQv
+YWF0bDFjYS5jcmwwOwYDVR0gBDQwMjAwBgRVHSAAMCgwJgYIKwYBBQUHAgEWGmh0
+dHA6Ly93d3cuZW50cnVzdC5uZXQvcnBhMA0GCSqGSIb3DQEBDQUAA4ICAQA1cG3z
+qD6EU8prP04Yp7HhK+n6T/DlntApxLyoY1OFrV2BL64hGMKX+LlFyNCvrlTE/qhE
+qIBEjvyosL8saG79BOQy9coMbLfu/hTg+r8kLGZdSZ9gU+tT50uG1YWeRbPstuY2
++MGzGBJNY8spQKHzqpoKVa7YCRHy1B7cp8eakH9tXbCBEzNucN9p8WtR3kdkacj4
+ob2vFCZ7fhcVNcFTl56b4YxA6yhh+DwyYJa6tWWv2x6dXg9PrEoYkId1GpZh4+pd
+kazyn5QWma7aKXJM+S5Kc04JvCtGS0m0/YirtmYeZb5z6A/Cu1XFGRURhiJKw5gE
+hXh9AimFvEzpyslsjpT6z+sodYiukiJvOL8JYvdOhXiXroO75paBXM2URf1kzzBm
+iNwprhVGSnbNdCisjQ9r4zJl6Fl+WtkZH8LBGFp9/92tV4q5eVhD5qLEr0otr0hP
+T3JMS1Z54C2zO47BfIr8AS9krLloGEPLKptIBzLaotGlMgnlK6D0E9XoObmVpH07
+MDKZPZl6FPQVlcqpwYAttKuGddnrHxoQlgwQgR/KuQj1dX/7AHBtrhZwFez38/SZ
+SOdO3mz6zERyhKqNJ11IM/3b2nce+zhaVNbEo65d77XuG0HOxmC9XjSbMiQqyD4Y
+ZPWnye6QizoRPpaBKEuEG45VtejhWKiMJtbzrw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG4TCCBMmgAwIBAgIUYMHuaNuSHaJgja6hN4Wz0kjyrJ8wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMDA3MjcxOTAzNTFaFw0y
+ODA3MjUxOTAzNTFaMF4xCzAJBgNVBAYTAkNIMSYwJAYDVQQKDB1RdW9WYWRpcyBU
+cnVzdExpbmsgU2Nod2VpeiBBRzEnMCUGA1UEAwweUXVvVmFkaXMgU3dpc3MgUmVn
+dWxhdGVkIENBIEczMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAwFkm
+YZHtvtSoHi54gbTbJ9npukWmLom2kjyOI/OK2oBpKKW7AQlT5O21DqWAD2l+8c2e
+dJ3sbDETrpr5oCRNI8OtY4+M1gNtQO2QIe/4VIr3nRx7iVZTKSIeaZ5kSNK3RGRS
+yImW7WAX3/rTgjBoRhnZi2psYuEmJ9bHtRw3K4Pb/2DXK4FfLxAa1JDQBL59MAcl
+Rb7BBnWHRkEVaG3bH6P2f+D3+SeUnOPQVdC5leu9JPiVivBabgy6HxmZJbFKrBU5
+VP8ylP1Na79OXG8DhnZ77etb/32u22DWuqlqhrXBMXtvnox0n8E7zt251v+jRizJ
+BA9zx6KlfjoNJ71d34VXlEUe9qD4lN6hsPHIYgII6k1/g1lZkIVD3nvdEhqEX8k+
+4f3bmFlpNoO0uK4s4SRHlGcoII0+yJ1/+TwFJdxYriQRU/FLIubzgiWPxt6+ehk/
+byjihV+dhJCEB0qSDhIJHA6m/aDmpJY0kl4UETXs52zvCNXow7SZtJKb2JWGb2hu
+8scy/zZjHmLlON3FWmr/qI+SdNpvbe8Fh9+JlJIl6LvsXcKpr2MtQ1o5eG1chUQU
+gJ6AD7KTmf5+RFBS4Mp+haHjAW8IUbrXk9bPnKLHwbugrf5J0IooVL3YswNrk1vr
+wu6XvZfX9D0vr/qmzg7WiQ44YQnRxqgeCdAzSWUCAwEAAaOCAaswggGnMBIGA1Ud
+EwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUo5fW816iEOGrRZ88F2Q87gFwnMww
+dAYIKwYBBQUHAQEEaDBmMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFk
+aXNnbG9iYWwuY29tL3F2cmNhMWczLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29j
+c3AucXVvdmFkaXNnbG9iYWwuY29tMG8GA1UdIARoMGYwZAYEVR0gADBcMDUGCCsG
+AQUFBwIBFilodHRwczovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9y
+eTAjBggrBgEFBQcCAjAXDBVyZWd1bGF0ZWQgY2VydGlmaWNhdGUwHQYDVR0lBBYw
+FAYIKwYBBQUHAwIGCCsGAQUFBwMEMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9j
+cmwucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMWczLmNybDAdBgNVHQ4EFgQUcQEa
+i0YM4DVFTtZ+7NDtOY1G1mkwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUA
+A4ICAQA0jIzaNsKk823ENpLEFp4cnlFKGuT9KyyZGLN/+ziHHfNyAiu9jC7uXwZX
+Te+X4I9EiUEnLiZuLogeTqozeuBA7rzkZwLkdLvxjX5xg1gLVRKJ8ZRwHFaocgc3
+ictvH2vVyILdq0hIVuuyNwrsCgPMfsZxaaneLQ8AnxacUTr+Ddn4DlEgVgZJj3cC
+aloTmGylmKtKtCt/a7JVnLghSEFYnO16/tdndWy8KHDxkxHw9ygOo2iI8Kb6MHic
+0x0XHNcBAO3240AmqVoveo1sUpTCht6MO2RSdVS2+lWU7J6JV7ACvG3wTG4zS5iD
+EuYL+DiQRK8/TbpsThLGSjgB7A3I1ETMjjnQVvMFAscV5HMz24OE6eHcnOKiJf6j
+ggb1QnEBr6+z5hrsQn59Umg6aNdnwK9+3ulJE6/FkvFPrBOORTn7pIMWy7KHbEEa
+Sh1noapHhi2Gworp/pUX/dSfNbpZ8xKTNNCOCGUDAbnoXW+oKJLToaisob+4XLW9
+BY4PizDO3k1lI/S4FD0qUXKM0/dLG9VYfLaFyzMRe4vIZ/+QBMwJ1/nuZ5t+WcL2
+AEJEtWDaPcnI6MGt78BpoEiAOq7/0hmbJCejM86WrO7y6wJnHIDdiaS9BjImIQ5/
+W4PfKAlQAb1Gq4xMYMxTo0wBMjZsCQHBFInCHNfykQ0u1XmxWw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEpDCCA4ygAwIBAgIQeAMYWGakf/vHAnBwTN6H/zANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMEMxCzAJBgNVBAYTAkRFMRkwFwYDVQQKExBEZXV0c2NoZSBQ
+b3N0IEFHMRkwFwYDVQQDExBEUERITCBVc2VyIENBIEk1MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAsEkP5rc6MYY06GDnqt5R1OVrmw+XWslTJhBT6InH
+Xl9mJB5IkILkE19JeCeEpmfHcronCPWUPrKB0ij+DM6LnVt07IcKfDqvQdd6hlV9
+bqGeA80laqacrtoNiJMo6XdtrQYEsPzAYMWwWZvBJAtfpST+wN9zVuUsNK7Kk+m1
+zaYePK/a30p3tKRNK1F0mMckDem+EAnKDB4ll6R/pVJz6I0G2++yHpyfQ8OeOdMF
+6cFWKAy0bW/BCFkJgJ8hDxd1RjAEj2NFKFvdzn5Au+MsHVpsC1P8vGYJ74FtIia8
+6J2lZFmkRrrl1OQuQuv756aDCnENoTeW1O8RHyzkgYP9awIDAQABo4IBiTCCAYUw
+DgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAS
+BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTTtA8bB9x/fg7gAtrUVlIORpzJ
+JzAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDB6BggrBgEFBQcBAQRu
+MGwwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3Ry
+MzA7BggrBgEFBQcwAoYvaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNl
+cnQvcm9vdC1yMy5jcnQwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9i
+YWxzaWduLmNvbS9yb290LXIzLmNybDBMBgNVHSAERTBDMEEGCSsGAQQBoDIBKDA0
+MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0
+b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAlLVpOzNL7eG3Sm6u05CJxvNdPzcVBVOR
+mJ4BB+PKGsYvT6/jV+Z9mzZypoG8LfqTCFTILXWBvyuvBkTFnqw9yfX/BT1U5ub7
+in/n0Yjvey5tagYpIIVy1/JRI0kgeLUKSHsb6MqgvmSGc0fzDCxv/ZswlNUnhQPN
+P4C+XfWIHkatx4kS8TgoLwX3KCZ/nTn1mjZHIzup31HQkEbO5166dEQl9QRxh+QS
+k+4dzLQf6v8mE75Onzo6LlFxPg92kBaUt3HbH3ICXbJmrTMqIYHoZwZKF3Vxbcqx
+wc862flXphovvp2NvYM3XNYHL3fofbJeWev0+JT+Bt2HKYn3VibObA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEtjCCA56gAwIBAgIQeAMYYHb81ngUVR0WyMTzqzANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFQxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMSowKAYDVQQDEyFHbG9iYWxTaWduIEF0bGFzIFIzIFNNSU1FIENBIDIw
+MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvLe9xPU9WdpiHLAvX
+7kFnaFZPuJLey7LYaMO8P/xSngB9IN73mVc7YiLov12Fekdtn5kL8PjmDBEvTYmW
+suQS6VBo3vdlqqXZ0M9eMkjcKqijrmDRleudEoPDzTumwQ18VB/3I+vbN039HIaR
+Q5x+NHGiPHVfk6Rxc6KAbYceyeqqfuJEcq23vhTdium/Bf5hHqYUhuJwnBQ+dAUc
+FndUKMJrth6lHeoifkbw2bv81zxJI9cvIy516+oUekqiSFGfzAqByv41OrgLV4fL
+GCDH3yRh1tj7EtV3l2TngqtrDLUs5R+sWIItPa/4AJXB1Q3nGNl2tNjVpcSn0uJ7
+aFPbAgMBAAGjggGKMIIBhjAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB
+BQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFHzM
+CmjXouseLHIb0c1dlW+N+/JjMB8GA1UdIwQYMBaAFI/wS3+oLkUkrk1Q+mOai97i
+3Ru8MHsGCCsGAQUFBwEBBG8wbTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AyLmds
+b2JhbHNpZ24uY29tL3Jvb3RyMzA7BggrBgEFBQcwAoYvaHR0cDovL3NlY3VyZS5n
+bG9iYWxzaWduLmNvbS9jYWNlcnQvcm9vdC1yMy5jcnQwNgYDVR0fBC8wLTAroCmg
+J4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBMBgNVHSAE
+RTBDMEEGCSsGAQQBoDIBKDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9i
+YWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEANyYcO+9J
+ZYyqQt41TMwvFWAw3vLoLOQIfIn48/yea/ekOcParTb0mbhsvVSZ6sGn+txYAZb3
+3wIb1f4wK4xQ7+RUYBfITuTPL7olF9hDpojC2F6Eu8nuEf1XD9qNI8zFd4kfjg4r
+b+AME0L81WaCL/WhP2kDCnRU4jm6TryBCHhZqtxkIvXGPGHjwJJazJBnX5NayIce
+4fGuUEJ7HkuCthVZ3Rws0UyHSAXesT/0tXATND4mNr1XEl6adiSQy619ybVERnRi
+5aDe1PTwE+qNiotEEaeujz1a/+yYaaTY+k+qJcVxi7tbyQ0hi0UB3myMA/z2HmGE
+wO8hx7hDjKmKbA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFtzCCBJ+gAwIBAgIQeAMYPf5Y0M7aTbTlFPQHljANBgkqhkiG9w0BAQwFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFIxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMSgwJgYDVQQDEx9HbG9iYWxTaWduIFNlY3VyZSBNYWlsIFJvb3QgUjQ1
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3HnMbQb5bbvgVgRsf+B1
+zC0FSehL3FTsW3eVcr9/Yp2FqYokUF9T5dt0b6QpWxMqCa2axS/C93Y7oUVGqkPm
+JP4rsG8ycBlGWnkmL/w9fV9ky1fMYWGo2ZVu45Wgbn9HEhjW7wPJ+4r6mr2CFalV
+d0sRT1nga8Nx8wzYVNWBaD4TuRUuh4o8RCc2YiRu+CwFcjBhvUKRI8SdJafZVJoU
+ozGtgHkMp2NsmKOsV0czH2WW4dDSNdr5cfehpiW1QV3fPmDY0fafpfK4zBOqj/my
+buGDLZPdPoUa3eixXCYBy0mF/PzS1H+FYoZ0+cvsNSKiDDCPO6t561by+kLz7fkf
+RYlAKa3qknTqUv1WtCvaou11wm6rzlKQS/be8EmPmkjUiBltRebMjLndZGBgAkD4
+uc+8WOs9hbnGCtOcB2aPxxg5I0bhPB6jL1Bhkgs9K2zxo0c4V5GrDY/GnU0E0iZS
+XOWl/SotFioBaeepfeE2t7Eqxdmxjb25i87Mi6E+C0jNUJU0xNgIWdhrJvS+9dQi
+FwBXya6bBDAznwv731aiyW5Udtqxl2InWQ8RiiIbZJY/qPG3JEqNPFN8bYN2PbIm
+SHP1RBYBLQkqjhaWUNBzBl27IkiCTApGWj+A/1zy8pqsLAjg1urwEjiBT6YQ7Uar
+zBacC89kppkChURnRq39TecCAwEAAaOCAY0wggGJMA4GA1UdDwEB/wQEAwIBhjAp
+BgNVHSUEIjAgBggrBgEFBQcDBAYJKwYBBAGCNxUFBgkrBgEEAYI3FQYwDwYDVR0T
+AQH/BAUwAwEB/zAdBgNVHQ4EFgQUoJMVKG7ujwiyNcaeYnl0p7EOK3swHwYDVR0j
+BBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7wwegYIKwYBBQUHAQEEbjBsMC0GCCsG
+AQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjMwOwYIKwYB
+BQUHMAKGL2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jvb3Qt
+cjMuY3J0MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5j
+b20vcm9vdC1yMy5jcmwwRwYDVR0gBEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEW
+Jmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3
+DQEBDAUAA4IBAQA6+XNA7Y97PasCLIcUOE37MgTcgAco6pb3l2DHIn1XdTE9IF5l
+ddmQpBjaQ70N6i+YtWIwWZ/xH+d7yjzCdrOeJuafAleT2rlucQUDXnZnJyBWd5Gd
+jMs4FbCFiWSgJDyxmKBXS4X2sJanx4lVu4XjdhWj7uFFR1J4DhU4EGL+vNMnkRD3
+dzyN27mtfLGEZ+Xc1BaldK521Ootr01tUMDHpNU/PXOrT5V/Cfj8U592FEM88YWE
+c6nZg5FWuRaVBxJboOvpjuo+xskVwkUTWouEEkne+HLoTHol6B/magRuSXRMxFzC
+aUim5YQ9PCiJBhhUveY2RQcfecyi6zqK18CW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAvOgAwIBAgIQeAMYPGVP0dRzzH4eRopRzzAKBggqhkjOPQQDAzBQMSQw
+IgYDVQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjUxEzARBgNVBAoTCkds
+b2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMjAwNzI4MDAwMDAwWhcN
+MzcwNzI4MDAwMDAwWjBSMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2ln
+biBudi1zYTEoMCYGA1UEAxMfR2xvYmFsU2lnbiBTZWN1cmUgTWFpbCBSb290IEU0
+NTB2MBAGByqGSM49AgEGBSuBBAAiA2IABPl5i4FHN4mWP0VJUH8aJguTMn4uwMCn
+CJrDbo+bPgsi7DdTt2+KsLwnN0ttqUY72R//paFEuy1zv55BB1xTm1EIOlq7bzjH
+FpF4wkoTaR2C31ovAIiWoi4cdPmdfmY3iqOCAY4wggGKMA4GA1UdDwEB/wQEAwIB
+hjApBgNVHSUEIjAgBggrBgEFBQcDBAYJKwYBBAGCNxUFBgkrBgEEAYI3FQYwDwYD
+VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU3xNei1/CQAL9VreUTLYe1aaxFJYwHwYD
+VR0jBBgwFoAUPeYpSJvqB8ohREom3m7e0oPQn1kwewYIKwYBBQUHAQEEbzBtMC4G
+CCsGAQUFBzABhiJodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vcm9vdHI1MDsG
+CCsGAQUFBzAChi9odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9y
+b290LXI1LmNydDA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNp
+Z24uY29tL3Jvb3QtcjUuY3JsMEcGA1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUF
+BwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAKBggq
+hkjOPQQDAwNnADBkAjAVvY6WHb5D2P4Q1rKMjYEcyS7NZs/GHIkXKH3mdSOQw1P8
+2k25bFnu9eKZvxOz6isCMBKZPTaOgQ8DMAdtPBbwG9l+gX5tJZH/QTIXe5Kb0YCx
+idTYGZiZU1Qonq9vWTvspg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEsDCCA5igAwIBAgIQd70OB0LV2enQSdd00CpvmjANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFMxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMSkwJwYDVQQDEyBHbG9iYWxTaWduIEdDQyBSMyBEViBUTFMgQ0EgMjAy
+MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxnlJV/de+OpwyvCXAJ
+IcxPCqkFPh1lttW2oljS3oUqPKq8qX6m7K0OVKaKG3GXi4CJ4fHVUgZYE6HRdjqj
+hhnuHY6EBCBegcUFgPG0scB12Wi8BHm9zKjWxo3Y2bwhO8Fvr8R42pW0eINc6OTb
+QXC0VWFCMVzpcqgz6X49KMZowAMFV6XqtItcG0cMS//9dOJs4oBlpuqX9INxMTGp
+6EASAF9cnlAGy/RXkVS9nOLCCa7pCYV+WgDKLTF+OK2Vxw3RUJ/p8009lQeUARv2
+UCcNNPCifYX1xIspvarkdjzLwzOdLahDdQbJON58zN4V+lMj0msg+c0KnywPIRp3
+BMkCAwEAAaOCAYUwggGBMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUDZjA
+c3+rvb3ZR0tJrQpKDKw+x3wwHwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLd
+G7wwewYIKwYBBQUHAQEEbzBtMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcDIuZ2xv
+YmFsc2lnbi5jb20vcm9vdHIzMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJlLmds
+b2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIzLmNydDA2BgNVHR8ELzAtMCugKaAn
+hiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjMuY3JsMEcGA1UdIARA
+MD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWdu
+LmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAy8j/c550ea86oCkf
+r2W+ptTCYe6iVzvo7H0V1vUEADJOWelTv07Obf+YkEatdN1Jg09ctgSNv2h+LMTk
+KRZdAXmsE3N5ve+z1Oa9kuiu7284LjeS09zHJQB4DJJJkvtIbjL/ylMK1fbMHhAW
+i0O194TWvH3XWZGXZ6ByxTUIv1+kAIql/Mt29PmKraTT5jrzcVzQ5A9jw16yysuR
+XRrLODlkS1hyBjsfyTNZrmL1h117IFgntBA5SQNVl9ckedq5r4RSAU85jV8XK5UL
+REjRZt2I6M9Po9QL7guFLu4sPFJpwR1sPJvubS2THeo7SxYoNDtdyBHs7euaGcMa
+D/fayQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEsjCCA5qgAwIBAgIQeAMYIM8CNvOmhRi677f3ATANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFUxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMSswKQYDVQQDEyJHbG9iYWxTaWduIEF0bGFzIFIzIERWIFRMUyBDQSAy
+MDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiadP0GINVgdrVQ2m
+H8m0i+g3Wi/SjCBCpz9LZ989eWRrag4zjUc5s2WJ9PWv1XObF0bhLtNnrz0bCoaw
+tQun6dNl5mHYB1fbFIiSIU++I9V9bGHs49abmgAPWLSF4UfpKoJhJ/bdj9DX3/LP
+CZ+70/sRXXG/qsLYI05WGWEtqnVn4wXEL+hWoCn8yQjsbwUwACq0MjIgRypabmT3
+OROLGE6/2fHuQ5P0IHjLUpovkFzIiTdoX33LGFGts3Hc7+DaIW8MsU1bt2UJrknl
+LhGZl39APhnalmf5AqFwscOlCkq05pmvYRycvi5Voov+BSc5qYE2LcS4qk39EC56
+Qn/vBQIDAQABo4IBhTCCAYEwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRC
+bVctTx8md3SmJ2T2gPqPSGj+fDAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove
+4t0bvDB7BggrBgEFBQcBAQRvMG0wLgYIKwYBBQUHMAGGImh0dHA6Ly9vY3NwMi5n
+bG9iYWxzaWduLmNvbS9yb290cjMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUu
+Z2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jvb3QtcjMuY3J0MDYGA1UdHwQvMC0wK6Ap
+oCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC1yMy5jcmwwRwYDVR0g
+BEAwPjA8BgRVHSAAMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNp
+Z24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQAi5uFmB7bAY7Ey
+yc8XLXoMO6x3qoj1IXhR+XMQF4XI4nMtMCOnu68TTuG10JnKjTVgG1nEx6THkhWp
+9gABl4W9qxQjSpWBfnqffokXOjN513rN3/wJ2ZQ+G0xZmqfQuuICpYaXebK7wqZv
+Cj5cT1LK+FwY0rWUbvoCkZsWgcte4sXdoGVjKBpJpB5tZelIABdSiPjD43/x0utk
+zw4BBcD8J2uQKdkK+NTX47klgcddkRduQnfLApsKlS/PlgRTn1fgcgsWfkw2Fhuq
+JwGNLMwQmK3FBOE4o9ZhkkA6wTNFJVuRYnTIRqV7j1nWGmDwAVmWqheoEPn39qqM
+K6oYIXfj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwDCCBKigAwIBAgIQeAMYKvvs2J6xkwm7SiW9qjANBgkqhkiG9w0BAQwFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSNjETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0z
+MDA3MjgwMDAwMDBaMFUxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMSswKQYDVQQDEyJHbG9iYWxTaWduIEF0bGFzIFI2IEVWIFRMUyBDQSAy
+MDIwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtQ8IiN2Ukq/Clynv
+HhqugFQg5SXIyVO4ZRnxo0hNnaek78LRn4Bkaqcwv6Ls0Ftn4bK2zvBaS1zsfUTA
+vfup/s86zHCRvOqAL8zO/WiMV1G5ikHSlD6RtpIOHRX4y0oIGW59ADY0ANwDeDWL
+x/RgSltuQIqeGXwZnyZFwWtxVkSE4p5tn2Lb6USzwcD22taiXmeYsPMWfJfmWPRj
+ZuYBgxn6tvUVRO+ZzAUKEEaJK/LVLieAVEmfR6anEJ/gWczxz12Lwu6qF5ov0OQt
+AP0rfruyje/EJt6xHjpJ2OgDzCWYstXOpRPDHYS3klpaRbowAlpJdYMRAqY5CNiP
+RAx3wvsWCVI5UkzKVD6RuHHVpfzfdKAfsjHa/aSunHtTpE+NUf3Q/3qHXW5cyDnP
+Jt6VTVVVevjTquwH1xrUigukDbeopV1owsqIA5aw2io7RbBorwPBA0veinHN4vP9
+X8jbTiIiLjlfJOnHZe7pIhb3T9WCqhwwsBNPQpKizGHCj5kL2UJe7N5u4RywFOZE
+l5mbTX4zO6Vj3WM9ZVbZgXVNwEjS5mYq/rvC1yr9obNUJ8br6JAd2ZBnzhA5Zn4s
+bIP99TlUBZWczw+vPM7g1S4e4cyd+8CULVhVs87QlyvwWnRbH7fXZo8xLzhzMCjB
+8Y0cNdL1S6QKrrhC6Pf6tV/JU20CAwEAAaOCAZMwggGPMA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUhNwhC8eoXXKXhId+8tW2+nFWTvswHwYDVR0jBBgwFoAU
+rmwFo5MT4qLn4tcc1sfwf8hnU6AwewYIKwYBBQUHAQEEbzBtMC4GCCsGAQUFBzAB
+hiJodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vcm9vdHI2MDsGCCsGAQUFBzAC
+hi9odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXI2LmNy
+dDA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jv
+b3QtcjYuY3JsMFUGA1UdIAROMEwwQQYJKwYBBAGgMgEBMDQwMgYIKwYBBQUHAgEW
+Jmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMAcGBWeBDAEB
+MA0GCSqGSIb3DQEBDAUAA4ICAQBD+97H2N1BgiliKQFrb+jcWjkmPP8cdF/eiBW1
+cEzOOhsuVqxbyIk8qdw3UueHSDjqWUjHYoo8TV3DLqUXmIy1Ks3MkESsFKeLpEbk
+VMZga0lbDnqqRc5a2yzrXmwVYDeWVeD20s5vPoKCnFzmcR+2v9TKD4bI6XWVl84q
+GzfFRVdY9f8KN+7891+47ZhptvxtNqJKVI2O+EAP/PvTpwes983LkFzsev4/+Qxs
+EszD7/pE+Byj3t9CMat2XoX0jfJjbEXgewFb/gCwHvqNKLNWrYfE9qN8b6qm4xQk
+qGQKTrFKsBJx4TU+h10qXDhpmOBswiJqoG16XCV32oSn0JUYvXVAvP6YjueOv/jr
+0ZMTWGh8wCz6v3XBaXR0rxDAz9GImpU+xPx2XjuHac7OnYbN+i8p7cJPUxABjHiA
+LWXIZtCn5ziCfvYC6+SCp8x9TPJzAIfJ4NKv/8SpvvzuchVkAQqlQaGFBEdkX84R
+I/WYYG+2BliFIpbQnfljYWCURbfsYz7+Zxb94+4yzva49p8T6lALoK3s2kqIVLKN
+s6qAnk/qX6JihkaR3W+iViHMC5tqQX/pd8QIXccF3PA2OdeNGU4iUNZqUbYB4VZd
+AaOaeaUl0LwAta6DB5w344eUIqDgaitSwQZBnxppmwL3tGzP1ero2e2RvBmphbxI
+atIdxA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFsDCCBJigAwIBAgIQeAMYJwLPmxq6uGBGoPaorjANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFQxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMSowKAYDVQQDEyFHbG9iYWxTaWduIEdDQyBSMyBFViBRV0FDIENBIDIw
+MjAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDH0k91xenVHxRcK0fD
+ZRY76vkldwhOkbWrHfzF+3XZBfFi+uJg3KhJnxT1vuVn3Qm50ZsN66DwO9utuFVz
+YAwOp+al1i4hQRxlzf89V2PN94XfF2bOoIhvb6L3F6NjWQ38M1ZYNmWY/OpzNTPw
+64qzDImVGyjYgny9xegBWp/6pecFnpFm+vIy2PzWJSK8ws93nLTOgi5FCtxvk9uv
+Ac1qPDAil8CWI1zjM/dxa8lAGOflhJSJOIbJ7w3S17CuOSykGgTeH3IZy1ayMH0T
+R/GphmRWIi9I3UfBJ6BhtnDEST6j22a9T7USTP3RRYAMg5ELTHkzuqj7bG0C0vSo
+oEjdH+8f8ZxAizNV2rsGO9wbweMLG07yQWkUV1RBUlsVqS6wZKpXWmAak+kKgeNj
+MqzNpzJPv9NaQcSnpRpLvdumQ3vv/oB50H245jpYaXJAkFbCyTEtjIdFyvyqwrG1
+4YaKMdGQosEx4LioZAkMf2uBjtpf1Hws9HSPTQE94l3vC+BM0QJLJ/htneuSOYuw
+U2N/4XbRcvJVqAy9csRW+d/QE5Q/0j+KFfGNVbv6oSXQKZRQdm8AM+kpCRob137o
+P480/sWS9e36GIemHCtjnvJy8eYskXe0yx2GJDr/yveXA3TA4LglLHqUlS/9pgei
+aSGWlyl5ejIMPn2mMzlIsuc9cwIDAQABo4IBhDCCAYAwDgYDVR0PAQH/BAQDAgGG
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdDgQWBBTcvd5Zrf2bVRfncEwGV58hIrB3ADAfBgNVHSMEGDAWgBSP
+8Et/qC5FJK5NUPpjmove4t0bvDB6BggrBgEFBQcBAQRuMGwwLQYIKwYBBQUHMAGG
+IWh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzA7BggrBgEFBQcwAoYv
+aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvcm9vdC1yMy5jcnQw
+NgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290
+LXIzLmNybDBHBgNVHSAEQDA+MDwGBFUdIAAwNDAyBggrBgEFBQcCARYmaHR0cHM6
+Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQAD
+ggEBADyP8nlvL/TafTGLBcYloz3NDFCCsDOTGOcmO24u5eeLvbVe9S0JvNpUV2df
+xN/J9wqDHIXq0EvuF50sS/2RUOmixlvA24u3C2+DjSVCTVLzntRrXm+kkXO2kxed
+GpEiohvItrwWMQU6IME5emWBpEOkcdREyj+aHzbi1SM4afSNc6V8SZLE8KHaKdVt
+pKmAGr6zaJkLBx0BVQMH2KQu7fP2CsMMigcPt6s9CL0u2yoOJGesrbPe5QKt1g3s
+CJ24KUpV54+EFZ3ShSzODN9T7bg5JuLWOFqQaW6Cxdf5UHTsFicR51WHQY6x7rvW
+F1V3nxtv8BDjEhQwt5ot7ouvP7g=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEujCCA6KgAwIBAgIQeAMYO0c63yZRQcr/8WGjcTANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA3MjgwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaME4xCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBBVFQgU2Vydmlj
+ZXMgSW5jMSQwIgYDVQQDExtBVFQgQXRsYXMgUjMgT1YgVExTIENBIDIwMjAwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaJuOf1WrE0WFYWfQYfB7wTtgy
+clDtkWBLB4gKVjkqlfjAHrEr50uGemRxHWWeDVfnnVCpBx6iSnYqu5uFI2clk3z9
+nKr90y60dUpl6EkROTwcEdVvICDMTIG7i1IWfJEV0bH7oJbD97TtNthmW20V0aWt
+0mpTl6X8zRXy33FezKkDJfJgex+4oygAc/igkfR/1RC+rlLZTZ0CCmDE9ReHbgsS
+pVOCmGzWJQnFs7zIhMS01b2NQKHbBl6p9VTvElJvefq/G65uNTWt24mOHrtiCHlW
+JVFr5PICPEU5mx9PQ6xHciiqQslqwUCWOuFtZT1EK4hTNIKG99NkyL692fa9AgMB
+AAGjggGUMIIBkDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFNAjaKwnvVAp
+BWNOFPIcN2fnhirwMB8GA1UdIwQYMBaAFI/wS3+oLkUkrk1Q+mOai97i3Ru8MHsG
+CCsGAQUFBwEBBG8wbTAuBggrBgEFBQcwAYYiaHR0cDovL29jc3AyLmdsb2JhbHNp
+Z24uY29tL3Jvb3RyMzA7BggrBgEFBQcwAoYvaHR0cDovL3NlY3VyZS5nbG9iYWxz
+aWduLmNvbS9jYWNlcnQvcm9vdC1yMy5jcnQwNgYDVR0fBC8wLTAroCmgJ4YlaHR0
+cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBWBgNVHSAETzBNMAgG
+BmeBDAECAjBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cu
+Z2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBAB/N
+0PPEvmprw9mYuEYFJELxRYh2yNvL3jdknzDd8r8Way33mRbHYKW6T1fKSw1l+JK3
+rG9gDPloMH4CmAH4FWMMMd8EAyS7Dytkeifqmjiv2KTN1rs+VsHPMvFPdXwJse39
+ikXt2UIh0XeB1CbBvCN4djBB+kXSvgIMZIfbgoHffI1rtEWU+BOFWFMROyPFNLdS
+supTYW4+cUm+1P5ihLN7M7KF0/0zBz/wWgk7MV1Eln+RYaKscFVCM+6DUOZ5lmoA
+nQdJGi2zfqDDj3RZEMF/95x9JiBuJg6kM/QwwBmRXPPIJgDq3Qsb8Y5LREXOX6G+
+uBF+cdm2Vg5J87oTRLo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFTCCA/2gAwIBAgIRAK8cBLKsjP+bAAAAAFHOGOMwDQYJKoZIhvcNAQELBQAw
+gbQxFDASBgNVBAoTC0VudHJ1c3QubmV0MUAwPgYDVQQLFDd3d3cuZW50cnVzdC5u
+ZXQvQ1BTXzIwNDggaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYD
+VQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1pdGVkMTMwMQYDVQQDEypFbnRy
+dXN0Lm5ldCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAoMjA0OCkwHhcNMjAwNzI5
+MTU0ODMwWhcNMjkwNjI5MTYxODMwWjCBpTELMAkGA1UEBhMCVVMxFjAUBgNVBAoT
+DUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0Lm5ldC9DUFMgaXMg
+aW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMWKGMpIDIwMTAgRW50
+cnVzdCwgSW5jLjEiMCAGA1UEAxMZRW50cnVzdCBDbGFzcyAyIENsaWVudCBDQTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMQyjULQnhmdW5BaEEy1EAAh
+uQdI3q5ugNb/FFAG6HWva0aO56VPrcOMsPp74BmR/fBjrXFJ86gcH6s0GSBOS1Tp
+AJO+cAgx3olTrFe8JO8qj0LU9+qVJV0UdtLNpxL6G7K0XGFAvV/dV5tEVdjFiRk8
+ZT256NSlLcIs0+qDMaIIPF5ZrhIuKgqMXvOzMa4KrX7ssEkJ/KcuIh5oZDSdFuOm
+PQMxQBb3lPZLGTTJl+YinEjeZKCDC1gFmMQiRokF/aO+9klMYQMWpPgKmRziwMZ+
+aQIyV5ADrwCUobnczq/v9HwYzjALyof41V8fWVHYiwu5OMZYwlN82ibU2/K9kM0C
+AwEAAaOCAS0wggEpMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcD
+BAYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAzBggrBgEFBQcBAQQnMCUw
+IwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDIGA1UdHwQrMCkw
+J6AloCOGIWh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvMjA0OGNhLmNybDA7BgNVHSAE
+NDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0Lm5l
+dC9ycGEwHQYDVR0OBBYEFAmRpbrp8i4qdd/Nfv53yvLea5skMB8GA1UdIwQYMBaA
+FFXkgdERgL7YibkIozH5oSQJFrlwMA0GCSqGSIb3DQEBCwUAA4IBAQA/vekQdfNC
+p9FsgSahRiBXEiQVWrIMCH/dR7k/QpOkCq9MEe7MazD0tCyE3goXkPl4NK6uJkV2
+BTUkg8CTc5lPpXJxY7QJiBHLbG7vlJXVSTfPoQDwDUsUUUb0aHGy/mChNw8l/O8g
+WjPGqYfJ6lL212lIls5azxCb9rcBwzohpchDwISdA/jFNAiHy4sKg1yqIyvp/7je
+p0kObTIVgTDIJ/TA/s8adcyHu7oRoYJlUAWf80WSh6BFuBnnX/hGClvM2F1rFpFM
+FZVq4+T83gZ09mxU3cQl8GkW1uoOP1m+AWL5YJ8dQLMx9xCcL/mKRGbYYAJOMRCx
+9peO/iCDvU1K
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGpzCCBI+gAwIBAgIQW7jdZymYotXG883URqrDojANBgkqhkiG9w0BAQ0FADBX
+MTAwLgYDVQQDDCdFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gQUFU
+TDExFjAUBgNVBAoMDUVudHJ1c3QsIEluYy4xCzAJBgNVBAYTAlVTMB4XDTIwMDcy
+OTE2MzEwM1oXDTM3MTIxOTIzNTkwMFowgYgxMzAxBgNVBAMTKkVudHJ1c3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgLSBERSBRU2lnMTEYMBYGA1UEYRMPVkFUREUt
+MTE5MjY0MzE2MSowKAYDVQQKEyFFbnRydXN0IERhdGFjYXJkIERldXRzY2hsYW5k
+IEdtYkgxCzAJBgNVBAYTAkRFMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKC
+AgEAshIYhD7/9ZY2nzyq/D2n8zla6P8AvHoaV/V2CL9n6AgEMXOCct2nvndGg1o1
+A5zKo6mkhG27TeorkTtoa1bH9K/zEMXti/4Bhu0ISBZrRmsiiqLDCt6Qn72IgwgS
+Jq96vHgz5ouzZEAbHGFMe3TUItS4jR8GmTrU14jKkNlDcXisZz8PY4XXzQqzFsNd
+kzEI/opMl9Zh7HpcxN36jLaZj7+lrykoW0omWujYlrc67GmNzUMTv/i9joRJVyw/
+vCm6NtsgFpodj/MWzLj2R9LFGoQsEU7QdkrVZthccx/vzBjv/1J3fDISIX8sx/Nk
+/5mzgS9XxM4/uuyPaVXRs7sBnkyojH0g0E70G9PgMfD74/ExG/00aq5wjUy+thAO
+F0OG4nX+55MILKyKaRq84zgsohDnWMavfIEeqs3heMFxZKpN5yoxIQh/lNT72jMf
+FZddcoNiq9v2WYswtBbaKLd95pMjbl6kI7XSQaJOM5Ssnjt9V6XZ7+DP4pAwVgNG
+F2f/4lgJGFl40HFYEyW4I+pDOKAh4tLLSvo5Jp2KzlVXKbLDL+fz/pUfUk6wT2Y5
+/Bv7waT1GLhBOSH8zfvPhYWcAcuXF0LcWW1lWSf0faoevNPgFn/lD1BUEU6xHsAN
+pwlZ8UOXpzuBVLczo7BsYZQQUfrizSHr3OejAEdlIEyrLF0CAwEAAaOCATswggE3
+MA4GA1UdDwEB/wQEAwIBhjAqBgNVHSUEIzAhBggrBgEFBQcDBAYKKwYBBAGCNwoD
+DAYJKoZIhvcvAQEFMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFDHsBxMw
+x+LRLV4R+DelfaljX1NkMB8GA1UdIwQYMBaAFGPxhN0DvqOfZPp2ekfEVn7AbaAg
+MDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZW50cnVz
+dC5uZXQwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5lbnRydXN0Lm5ldC9h
+YXRsMWNhLmNybDA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0
+cDovL3d3dy5lbnRydXN0Lm5ldC9ycGEwDQYJKoZIhvcNAQENBQADggIBAAvcdUL6
+ZtAlD1Vq0J6124djuLz770UDa/dz0GmI7U2pSzqZcsGHk27/XqbGngq9vF5TNJlV
+l8FbTKPdXnsrHl00kAH1okx+AITvoKx0dpBj0xmlB9emoiyR6/M0za9BzULYLHlE
+ziuW+kx0f+/Omsq7O0TJT+VSSuJ31jKDxkrd65FP0o9xn7NSmos/3XrVDzISK0Sn
+0klfD2PTIq/cJL+E2pWTaBsUF8AZF4iiKSh45kA7RFF8anWMQuctDpHNoQWl/89E
+x078uyL2jdAJ7e52tpJMHKWREy+F+ei49nRbZHqpzJOu+r84mFYm9QfVIc3qqsAv
+Q3z93xd4AynNs2AcsUOj9w9wB8rSOwlu3hqYNca79uXGgSEZoz+mLKtGHFSzBaFg
+f0SOs7bIUrCL+DWwG7ceygvQrUbAeF5l6LzU6/yKkxeyxLcPI6fPBx5XY72Z9oP8
+uAaNwAylTGxScahsgCkRIyfCprsezDWm92bqZZTqcbmsdmCCOnjfHWvoUFzEgc0N
+5Jb6gsQOZTUzSEYFX/FeUHjZjvDd4aKlu8EJasFVI7CsGKpnBtrKkye5jYfRnScG
+RYbEV2todpjxdTk6CPj/YVkIO/0wKNhxiQlsA5swyt57Z80U8R2g+5BkWMySB9I5
+YseOSa7f5taNWaO3dYmUQ+BS2oltZaQrJItD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGozCCBIugAwIBAgIQRJHKWCW+eYQrKbDDcoYhXzANBgkqhkiG9w0BAQ0FADBX
+MTAwLgYDVQQDDCdFbnRydXN0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gQUFU
+TDExFjAUBgNVBAoMDUVudHJ1c3QsIEluYy4xCzAJBgNVBAYTAlVTMB4XDTIwMDcy
+OTE2MzMwMFoXDTM3MTIxOTIzNTkwMFowgYQxMzAxBgNVBAMTKkVudHJ1c3QgQ2Vy
+dGlmaWNhdGlvbiBBdXRob3JpdHkgLSBFUyBRU2lnMTEYMBYGA1UEYRMPVkFURVMt
+QjgxMTg4MDQ3MSYwJAYDVQQKEx1FbnRydXN0IERhdGFjYXJkIEV1cm9wZSwgUy5M
+LjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC0
+G/GJ++yxCAnevmBeXKlPJL7y+cgA+DUFjNLKkkfGuYQkr5SQVcIx5+TEoOYN+Hy7
+Sz/y6FG6gy0keJj0n094/FPyTJHS8D5sD38LDgRgkUzplEpt3zYTCBCgbDZDpb0T
+qPIX+6RLO+Jo/BtyFMKVwVElMwmZx0sKCPl4mPyTLUIpGuU9OV1irqMOCOtVI41f
+7FuySw3vaeDtX+rQKCPQx2J5Wzg4mSUXGbAr86dMncjxpwm5A29TmfF3VUEzmAeQ
+AOX/Q+qQmnAI2Dp9Nj/pk78RmwXLmq09l+jlfzRJbC7ov2EtUMmJApPUDQT2Vv8z
+c/JG92UHQlTbd5ehIAT+At2dmVaykMWfiZ8s7TauoeEpDPNr321uddC1zS+SxKAN
+Ldq22Pz3I4K6zpq5IYBj8Iswz4p6cCBRFofpr9wDSVFj4pTeKlsI6LDhSKUExwvt
+vXCUXUqJenCXn7VP2qNwxeERX0OaCjzivpu1+x68vFfajkV5QQyAHowZatPJ4iDP
+ar4a9bFLLo0sLrlCs0ukDRyS1cnjbE8nB/rnQVC975qP/VtzceatzOxJFlxpViSq
+Xrq005zMkbKUFgZ9lcU8UMcvJyMt34NSi25xmgOoMUMLVVz/kxb5IY+hPks6OYar
+7WoHh8TKB0VkNHQOc2jH4zfdRsRNd2sJ2LFtL9XtWwIDAQABo4IBOzCCATcwDgYD
+VR0PAQH/BAQDAgGGMCoGA1UdJQQjMCEGCCsGAQUFBwMEBgorBgEEAYI3CgMMBgkq
+hkiG9y8BAQUwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUWlMIimEwqQ3q
+1UOX05g7lR4ubQIwHwYDVR0jBBgwFoAUY/GE3QO+o59k+nZ6R8RWfsBtoCAwMwYI
+KwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5lbnRydXN0Lm5l
+dDAzBgNVHR8ELDAqMCigJqAkhiJodHRwOi8vY3JsLmVudHJ1c3QubmV0L2FhdGwx
+Y2EuY3JsMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8v
+d3d3LmVudHJ1c3QubmV0L3JwYTANBgkqhkiG9w0BAQ0FAAOCAgEAaPxyjsaegc83
+/3wCW7HMXmPSMPdB6bEYO5kOdPLbdbaBNJM2LuGSbv+DoxqbuIsnK/jS1+rVpTn/
+xAawEotfE0pF2UIiLpzPgrH5Mew/f1yf8+JoPP98wuWQ3eHyVCSNpTdyE5tr7s2Q
+NV6o6Yrie7HlUI9vE6qZvzl4Xh3fN/eOW6z/Wbo5NImZODy/nNCih+xT4VxEl9SD
+do0acoCLKe7exfGz3taeegvEOisn+wRDkXP8G5cxwbWWh9VsoRUsmDahckJsFxJ0
+Cqno8Qt1muk/a7MMWwDfz0OAQPyW7+jdW3Wma7qJnG3v7mDetHxQ7B3IMUAurDJs
+IZNcJ8KUl0wWlBpriiGXoLsb8fVIQvbxcsfxTreCXf6Xqr6/aogMwiqTg4FnIk5i
+boRU0r2Jt1Zei9eP3saspCTgHn8IzBNVx6+SYNSlHPkEg3FPmHPhKLYkeTJh4fUQ
+9F+dLlNPKtLnHvVFMbecS7qsTM8l9ltSXsrKrt4rqUiQ1SEBQrwitaXDzYkGGw/4
+v+ezab9HVb0VQ7X89iyY+KIVRPFJ9aDtmaHSzMQiduSAy7bGBT6LFN8dUE3qqDVd
+ZFwU5VW6U9y76lhoile/tOVH+gLBfh5SqKmmIlUvd6eYlGG59743qOeiP8Yct67a
+pk9HadUSQ8STL7Vj3zzD2yZfrh00jmA=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFADCCA+igAwIBAgIRAOyKJpsJ606dAAAAAFHTlCMwDQYJKoZIhvcNAQELBQAw
+gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
+Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
+MjAwOSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw
+BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MB4XDTIwMDcyOTE5MTYwOFoXDTMwMTEyOTE5NDYwOFowgYgxMzAxBgNVBAMMKkVu
+dHJ1c3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBERSBRV0FDMTEYMBYGA1UE
+YQwPVkFUREUtMTE5MjY0MzE2MSowKAYDVQQKDCFFbnRydXN0IERhdGFjYXJkIERl
+dXRzY2hsYW5kIEdtYkgxCzAJBgNVBAYTAkRFMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA69NU+CcX7vuD3CjdzDZqOQrskUpvuZs1y0JXS4MapSjCTKCz
+JAHZjMdkpAiRZS4SZ8ptx1o3Hh/SXHqEwAQzTPbvA/5RPNp+XD6vsACs84jEEyM5
+qAcKbTias6tSw30N3FM41NUknS2wwOC1FlX0QQByIBcHfIT/qujfnm5uBVATkTC7
+MaZ1vuRJ6Z0k3VWCuaQSNHkPhlR9UUuGIGUCUC7Fhhu6/d94o3VGKMTTCsXNKe3M
+p4oTwAJ0+x4j8iOaua7mhQcl/R8M0FmIWdfw2Cr3Xh5BkWEDKo92u+6JE+v1vHTZ
+RCHzbAEKCZiFwiA46+TfsxLe2AR1KXaeGsUs8wIDAQABo4IBKzCCAScwDgYDVR0P
+AQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpo
+dHRwOi8vd3d3LmVudHJ1c3QubmV0L3JwYTAzBggrBgEFBQcBAQQnMCUwIwYIKwYB
+BQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDAGA1UdHwQpMCcwJaAjoCGG
+H2h0dHA6Ly9jcmwuZW50cnVzdC5uZXQvZzJjYS5jcmwwHQYDVR0OBBYEFBkjOudG
+6+TYlOL32vGz+KqVNA5jMB8GA1UdIwQYMBaAFGpyJnrQHu995ztpUdRsjZ+QEmar
+MA0GCSqGSIb3DQEBCwUAA4IBAQCgSwDNw/VBrUrX9hI2vqbVy24xRKsYFO381pbV
+6ZDUhvAyq7mEIGXGev2aHP1KdHz6RZjqfVEI22JgZyOFFRQO32r1pO0IJdl75+Vw
+ZY5dh+cYGBRRG/NFd3aqTgAbE0SwKApKw+9+VM+Omv7bzYaQWbHNPtjTqKMp1iSg
+XWZID49S8DZCuMfmX4g8VmqYVEowKNYgTne2kAzLmWUOmcdXaifLL4bHxyPaWH+v
+bK2UvK2ImsIrsk5aEXWMdm2WI/USKzOvqc6K/fjK+f+Q33TrAw0JZZm995O+yXxC
+JpkBZtqJZpzyjh+csjDHCPnYHsgO0OohSowxlsa13p7TmNFF
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG8TCCBNmgAwIBAgIQVHsoVDwxEslytvKRXyMYdTANBgkqhkiG9w0BAQsFADBR
+MQswCQYDVQQGEwJFUzFCMEAGA1UEAww5QXV0b3JpZGFkIGRlIENlcnRpZmljYWNp
+b24gRmlybWFwcm9mZXNpb25hbCBDSUYgQTYyNjM0MDY4MB4XDTIwMDczMDA5MjYw
+NFoXDTMwMTIzMTA0MDI1NVowgZMxCzAJBgNVBAYTAkVTMRMwEQYDVQQKDApTSUdO
+RSBTLkEuMRgwFgYDVQRhDA9WQVRFUy1BMTEwMjkyNzkxIzAhBgNVBAsMGkF1dG9y
+aWRhZCBkZSBDZXJ0aWZpY2FjaW9uMTAwLgYDVQQDDCdTSUdORSBBdXRvcmlkYWQg
+ZGUgQ2VydGlmaWNhY2lvbiAtIDIwMjAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw
+ggIKAoICAQDP/y8ZpE+Ak9SxmXjllE1E5lIRo1sc4xuD9GEzpyj8XsoySviv4E2y
+4mji9SpeeJ/JUm1DnQkWN9MuknbGoBv7os6JyWr5hCL8SrmOE3vjug+Ccwd7fCS2
+4AmrTIsAI7WHDcF7lI4VXEfKlLmTI52LqSrxI9jHYnqZeRcwz3Tgjwtt2sUlRd1N
+SbNDP11L3bg0DE05McZ49EEA4i5EFp8M5JdNdxfPCrGHv+EyZdKN84Y5qZ4Zfn/I
+iqOyM7V1YOeTq3sjUgjItWVI+8l9tbmKyiTROIBh9okawRrlQOHXqUvltFb+oDnW
+TJRib1+S0SRjY2M31IOqk33n4v1nb4DaURRwZNYTFiuDpGdJ3+eQqGK6EqCLkXrv
+a/FySshF+Cyb0Zy4aKZPIBjmDij7ws5uhO0sSKXwxKiJ8n02rgrsT7RbHmhdnt98
+aPSRTAjRVVYvAAACYtKQLgWWs2wc/aZEaefGNA6YIKy4uuSpk9ijsy0DSXWpjUPg
+VDyEvt2XwMFgFi8Bm3k9HwXRVq6agMGpjkhIJbOFyIyWld8b2fAK/aOSQ91kVwjm
+A6XitbuKUkxNDqi3XRyebVTtB46du41dn3cfL5i88hkecalBDKRTqWeA+3xsQ7Mk
+riXpbsJGePbZejo9VspMUirJe6HLxyK3KN1j7GhcDT8Mri3tqcQM1wIDAQABo4IB
+gDCCAXwwdAYIKwYBBQUHAQEEaDBmMDYGCCsGAQUFBzAChipodHRwOi8vY3JsLmZp
+cm1hcHJvZmVzaW9uYWwuY29tL2Nhcm9vdC5jcnQwLAYIKwYBBQUHMAGGIGh0dHA6
+Ly9vY3NwLmZpcm1hcHJvZmVzaW9uYWwuY29tMB0GA1UdDgQWBBQiOoLmqD+p4+oj
+oKv2jQRLSHtozDASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFGXN66s1
+HgA+ftV0wBy0c0cOGmQvMEQGA1UdIAQ9MDswOQYEVR0gADAxMC8GCCsGAQUFBwIB
+FiNodHRwOi8vd3d3LmZpcm1hcHJvZmVzaW9uYWwuY29tL2NwczA7BgNVHR8ENDAy
+MDCgLqAshipodHRwOi8vY3JsLmZpcm1hcHJvZmVzaW9uYWwuY29tL2Zwcm9vdC5j
+cmwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+BDANBgkqhkiG9w0BAQsFAAOCAgEABc2EBUX4WVdXlpqLyMdbwU/+wiOipbEYanb3
+P5OIFlSb8P6p84yvBLKJXIB/u02UD6OpI8RQHgdIJM7OJOTvFjLPyR1RBDw5hxCA
+0RflOfc59U+NQ7xFTnGoqsB9xxLv4KhXnJvYJPT2BzEndceAgX+qd3iVJTNJgJGV
+0gqmD/nqR19uLbY/5zMeyUZlQ6r+vq5Uz4kO00IHZrs1VXf+VfTLPOSNIjxubfuT
+NdPhUfysWo5N3UskCClb0gtt5+efq7kpIprCCorlcMoaI2yCCVsNuKUB7GR4lR1u
+21s2Mpp98SosWDXXrjDbYtOyCmVNoJiU0jlzzGc1IAnqdpxaWl8rAGoJEA8wl46I
+fIKeaLwUcq/diDn3id7/5NUMspQQFfmKQJbvctKt5ClP8kjnXc+yVWt+38qQnUMo
+789NAzXGIMX5Qt0dkK/JF2xgZ/qcik++uJjj1Y+moxnkWO+jZ3MKNndHSzULE+JF
+wjp0w67vxvHLjpYeuSiFy1J1gi/wc1/0c7RWdudBTsna2uFR5KD7mm9hRma1mUD5
+75HkvzQF0CSPjfeZ4FW60wXn1ldywF7DJQPzgu2qe+ILDrq+KQ3q4fRlevUF+rzf
+g1c/tjNQ1IzvxUthnujATYi+f3/urkX9EJRBPnSHiGwHtxhdwhVX864IbIQkc1x2
+KCqOoIQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEyDCCA7CgAwIBAgIRAPq7J93/gNCaAAAAAFHTlEAwDQYJKoZIhvcNAQELBQAw
+gb4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQL
+Ex9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2FsLXRlcm1zMTkwNwYDVQQLEzAoYykg
+MjAwOSBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxMjAw
+BgNVBAMTKUVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcy
+MB4XDTIwMDgxMDE0MTE0OFoXDTMwMTExMDE0NDE0OFowUTEwMC4GA1UEAwwnU2ll
+bWVucyBJc3N1aW5nIENBIEludGVybmV0IFNlcnZlciAyMDIwMRAwDgYDVQQKDAdT
+aWVtZW5zMQswCQYDVQQGEwJERTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAKaObolX8HfJIwgopTC1irrqYKnjpjiX2a4rzCH5RI3tGW/KI6k+enrvztSM
+SZY2J1wVBwdyMFzhQZA0sf7LVs96FW3UyMrxyGUUzm18/+Qn4O93gFjaleZCL/Xe
+9lwp8hk7EZrmgPTJ+SAaHAobFbjdZffWd1EbbvMoB2pvkRzthCNRkYiiq3S1BU27
+rA2VBh4s449VW28AK7nBX4HNOSx6TF/IRYiAmyohvO/DGvAsBJPiXrqtCRdVoAYc
+P35oV/FJdZdRaLC6Upm2VooXMQK2FDhA7uilx99OJ8jfFsd45sxeLjt6ySC/QPCL
+6uobSnyDd1/iIk2WatcU9jVQIwsCAwEAAaOCASswggEnMA4GA1UdDwEB/wQEAwIB
+hjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjA7BgNVHSAENDAyMDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3
+dy5lbnRydXN0Lm5ldC9ycGEwMwYIKwYBBQUHAQEEJzAlMCMGCCsGAQUFBzABhhdo
+dHRwOi8vb2NzcC5lbnRydXN0Lm5ldDAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8v
+Y3JsLmVudHJ1c3QubmV0L2cyY2EuY3JsMB0GA1UdDgQWBBTJp1fLhslhB8bCtIZl
+qR7ByuECmzAfBgNVHSMEGDAWgBRqciZ60B7vfec7aVHUbI2fkBJmqzANBgkqhkiG
+9w0BAQsFAAOCAQEAZfy1vyfxE6cHBwi5qTk1GTDarGfFEYVpTHeeQjpAzYdjDDwi
+Nk7Tth2NwlAUqtaI143Koo/1xhls2scU6Z9RD/DLq4VXCkxgKOqZYno98rMS2xqI
+dLTeionXSLxWeI64HwqTFlvwDB+BBCQOy5O6g+XKKa+U6Xy5NAEFpyYrxdGLHGQ4
+oWSW23NophBqs7w7+71OsKzL97a3BRlxBWDq2i4Cdt63jsQ+1NOC3SSi/ZcRxknb
+h+Is9n+O184HAfI7HVeYhalK+ZaFKxEaVrxJBSPPDMbJiTn6g31lG9da4h12geiX
+aKGvQEbW1PvXjbAvLFAEGxfp4Sgnen4c+zHz2w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG7DCCBNSgAwIBAgIUMpkuGUziLq6U6WyLtHU3mhHixM8wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMDA4MTIxODI2NDRaFw0y
+OTA4MTAxODI2NDRaMIGBMQswCQYDVQQGEwJOTDEgMB4GA1UECgwXUXVvVmFkaXMg
+VHJ1c3RsaW5rIEIuVi4xFzAVBgNVBGEMDk5UUk5MLTMwMjM3NDU5MTcwNQYDVQQD
+DC5RdW9WYWRpcyBFVSBJc3N1aW5nIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IEc2
+MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxOgePhJvHWFxWe/U8aod
++3zwBJBdzS67u8JRls4SyEuYDpZDIexZ0S+Xp2CRQRfxtWfA8qc3Ey4wwxYPPdMP
+6+GPpvWoTJ7p6MWYJs1fzxkEUfZZT/L8R2Ny7kDWoyVGRQlphPMa0MttROazrc2h
+RBzwDlnIDYo7Su5lkBaX6TCZ9BZYmVUoiUjn6O3xMBVNOawvBN0zIsGbI0o8TxYo
+9gjFZ2Ro68tCgYwQUcGDsQbvIqbtCwEf90QhKty9jEMibWBHTaIS7iifdPEyrR13
+/L09VvUQkYbxobnicpuPASPNbpK6freTgLhF1m/rTXfIf9HEKlcaem/ymFV0r5F6
+4mdzblp1SrnmnGHmOyFf2oKWMK8AU3TcUeV45h/hX5s9K72RVVf5g1G7ZXPIXaUq
+62BksJ6QvFf+NMiZAbjVx3hLO1I5xKKGStJG7B/Nme8Ao/uMkIj/TkVKIwB9SuQw
+OyyW4OfNJfM39gAS42kR4MytrJV6FRiUITk8iOtFUBn5BLQHhXReK087wpi2pTw0
+LUhV9c2glJRdCe40FLvlxQprxaJca2sWlSI7jt8g9788r52ngXCOjQmvpR6Ckrmp
+hNqlCKk/1FR8FhNmyc1Csy48PM0Hr5q+qw99KXPCjj26tHrAGlRdJzB3Mfceobds
+kZP5MO1rtwkgPZjQCNMhKbsCAwEAAaOCAZIwggGOMBIGA1UdEwEB/wQIMAYBAf8C
+AQEwHwYDVR0jBBgwFoAUo5fW816iEOGrRZ88F2Q87gFwnMwwdAYIKwYBBQUHAQEE
+aDBmMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29t
+L3F2cmNhMWczLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNn
+bG9iYWwuY29tMEoGA1UdIARDMEEwPwYEVR0gADA3MDUGCCsGAQUFBwIBFilodHRw
+czovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTApBgNVHSUEIjAg
+BggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwwwOwYDVR0fBDQwMjAwoC6g
+LIYqaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2ExZzMuY3JsMB0G
+A1UdDgQWBBSsPz1Uci/fH+D2GYWsmpFegMwArTAOBgNVHQ8BAf8EBAMCAQYwDQYJ
+KoZIhvcNAQELBQADggIBAJ2a13SxHHdSS+1zKPD/dbuNtcmm36nvmBeKxykkjB34
+TYa3m8JrX4ueXkPsrZ7mf2n0d6KzSFj7sOZUO/Q0UgbEPUZxHI9atDKgppJpWcnn
+OMsQ1yEwbZRmCP3py6RzBtECkSBUbBpzh/P2pnxyvJOM4uGEBh0fPx6KnF4pJ23e
+QmfQJ6NG7x0SemO8VBCxCHdl9035hHJrtllthjDKaQTQCR80kgyMW51c1PYoRC2n
+BhZusNcqq/pxH3mBbKvsVY36FtJcNhMUtbg7v/dP2mwW/r9UZ3E/G7nvLGOQtJLp
+pZQMWIjOn0dQPjTmQ9e/f333GRfwj/mfAty9ankCyRDPaYMFgUZWw+y/PA/CCwba
+T+QyATixqA3KVvjaXNr3STJLPLsPbdF2pxzE7JYsUREJrMRzi893sSVKX14Q6QRq
+UkkjzWXwwb0lwuIdx6vzerk3j38TfKfIAj+zJbkqTn+Zuad1lyUCXEN4TCTLg1bq
+PeZMxXQOjJ4ozmErKyH5YHvXojrJdMDbzUMu07UHPCR1SnR0jRhhulgjyGgH0UEG
+ACjORxobmD4S1Ok9iOngBUavJJwZS3z1YI+NakLE55PuflTlr2UwBD8G0EyaogQg
+luGJZHdkk1KN/vF8FyDxOarVF6WdGL8ZUW7htpEW5wkt3FfOt9Jw3lTLvUMavTkg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG4jCCBMqgAwIBAgIUW/OexkUzYOApf0zF19iIKKypFMIwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMDA4MTIxODI4MzBaFw0y
+OTA4MTAxODI4MzBaMHgxCzAJBgNVBAYTAkJFMSUwIwYDVQQKDBxEaWdpQ2VydCBF
+dXJvcGUgQmVsZ2l1bSBCLlYuMRkwFwYDVQRhDBBOVFJCRS0wNTM3Njk4MzE4MScw
+JQYDVQQDDB5RdW9WYWRpcyBCZWxnaXVtIElzc3VpbmcgQ0EgRzQwggIiMA0GCSqG
+SIb3DQEBAQUAA4ICDwAwggIKAoICAQDitrWoACAEeXc6YxEl4NvH5sFzpeMn5t9D
+PshimDKScLHXt58Xt2KhQG8dDtqm3EUYCTwXZ850M8fIdWLGuvJY3LConAb8TMeU
+oJvnQCOf3hyq2otQXccWFJraK3j3OHbucmbHxhR2cWzVj89bb/NjFheevj7KWZ5c
+aUu/2Sbc3WDHdS3mJKdonzbG5xlvDOclRyialixIJAfim8049el5rCuaLbZheJxJ
+v4ehFAB+nYLTewqSc2iXjBzryJWKlH9mcWxOnb52NDH428suH0pGhoYb7/6KlhNm
+xCuLfqfjVWRzOJIU+yMaS0GO5uat0PFQeD1nXjmjwLpoGj5UsrgviM1cKP3I0e/S
+okMEe0/CJfZEI2REHfgqNjfLOwdlC8Qyl73Y/+VOVWIJgJgO5mNx5AF/ilxoI9gP
+KObkFJV4H62jfsIt5tf3IrKMlXtQ/G5ldlSiX5Q7l6NMx5pn6xLxuy5T0G/1pGwe
+zWwL8JwU6w+Bp7kguDUisU76P9eV7gkRpHBoexGm/ZgIdhKlCq1ppj1RV+NpPyoq
+KApu4uMusegHdRcm+Nmq8zW/GX0W6SiK9q9OJsDOU42fY+0hQ4rRwoZW1oLbYpDP
+e1HFsB3HWZDi6WtYFjYIsvuPIIukcXgMmtMQVJBgnEPyYKpwJR5uU/ABeb8z1tQq
+1PBcOA7XRQIDAQABo4IBkjCCAY4wEgYDVR0TAQH/BAgwBgEB/wIBATAfBgNVHSME
+GDAWgBSjl9bzXqIQ4atFnzwXZDzuAXCczDB0BggrBgEFBQcBAQRoMGYwOAYIKwYB
+BQUHMAKGLGh0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2ExZzMu
+Y3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20w
+SgYDVR0gBEMwQTA/BgRVHSAAMDcwNQYIKwYBBQUHAgEWKWh0dHBzOi8vd3d3LnF1
+b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MCkGA1UdJQQiMCAGCCsGAQUFBwMC
+BggrBgEFBQcDBAYKKwYBBAGCNwoDDDA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8v
+Y3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTFnMy5jcmwwHQYDVR0OBBYEFMb+
+Ruky4eIJ2XuvbJsgXqerADCOMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF
+AAOCAgEAi/eIFYaiEW0fvPHchUpj1dY0ZEkYDRnIRCnHixYCqIZgL0y6UrhwbDi9
+fGjPxwvEVkNqe8Gf0r7ooYT0hnrL1x80Qs06Jasf1cI4Fm1wwov6iMY1Jf4g9x/C
+/Z6AlQ8lvb/cQQnnW9OEXMJNKOTYED3IJPLGaLWXbjG/3LOSZd1rFMFvxZrqs1Ql
+6eqDfGefWswO1tVHrfHU3Fm8lPYhtRa+UjJTelkwkJ1CRsJRUg1HqOgaYYvcERSi
+UEF7rxKaap4w5JBgq87fOtT0ApFTUZlORmyjwskTLAw+5XUwXHwRaPzCJKx6BGwt
+TF8lEcfmeDG6ff9Z7gyFdYa5KI6TgQBHCCNwqoaXtK5lML1560qh1cIHjpsA/rZm
+eVXz9GpOX+qE1AdjCIKqVlQtduHHEbYnG/G9englAsp5ePKUvVFW11HuDkE9F/GX
+8pOAcFBNsniDX38cSJYNw35zktGdOqolIAqJhNmA414qU5s4BFkQbCspWop8POgP
+HhTpWHNe98wv7zsQf56ddsGbfrtKz6M7x+pooTLTR4WzLR76PzbuXI6Gxs653R6P
+apwwShzZMTHuBHNbBw3ONwT3/ybii6QxVtcgc1rSCh5vF+AcArcIaVFzLCv0c9I1
+g6ySWCjr3JM5CmcIccTKWja/SgvxjP2B9ZHyIHpPBFdEc+c0l84=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGvDCCBKSgAwIBAgIQQAFz5DrTFUD8HSw8GTqeEDANBgkqhkiG9w0BAQsFADBN
+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVu
+VHJ1c3QgUHVibGljIFNlY3RvciBSb290IENBIDEwHhcNMjAwODEyMTk1MjA3WhcN
+MjgwODEyMTk1MjA3WjBoMQswCQYDVQQGEwJVUzESMBAGA1UEChMJSWRlblRydXN0
+MRcwFQYDVQQLEw5UcnVzdElEIFNlcnZlcjEsMCoGA1UEAxMjSWRlblRydXN0IFB1
+YmxpYyBTZWN0b3IgU2VydmVyIENBIDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQD5T0OgoLBlfZ8v+YC6TZc3mK7gwdGMkZvWG1SjjEnU78XwpmD+4pq+
+io7GSee6w/74kIbIYaJBWL4ivKB1eaOLHAzanZP/woymKQAy1mz0t5I1lBLc7Xmk
+ClORH+roXXgCCNaahfgX3nDzLSYE7zmMbAbTIFEsJgHaQXvKtcl1U1ycn0TWIDa+
+ikd2IHG+vgg0xwKTuucyAOIe51qoyjToIFLRtQbawP6Lu9Du1LW52zaQmxXWCYPe
+ao2eQCOIQxm8+6Ov7gNk1HrDbbl9+6pi8t4EJgO2oXovGi2kpa9ktubt/8OEavBr
+kJnyHdgpXg0pHRAxKlumM0wDis16R1GtAgMBAAGjggJ7MIICdzASBgNVHRMBAf8E
+CDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjCBgQYIKwYBBQUHAQEEdTBzMCwGCCsG
+AQUFBzABhiBodHRwOi8vcHVibGljLm9jc3AuaWRlbnRydXN0LmNvbTBDBggrBgEF
+BQcwAoY3aHR0cDovL3ZhbGlkYXRpb24uaWRlbnRydXN0LmNvbS9yb290cy9wdWJs
+aWNyb290Y2ExLnA3YzAfBgNVHSMEGDAWgBTjceCe2KdC2dtxkWuUk+vDo9EUozCC
+ASQGA1UdIASCARswggEXMIIBEwYEVR0gADCCAQkwSgYIKwYBBQUHAgEWPmh0dHBz
+Oi8vc2VjdXJlLmlkZW50cnVzdC5jb20vY2VydGlmaWNhdGVzL3BvbGljeS90cy9p
+bmRleC5odG1sMIG6BggrBgEFBQcCAjCBrQyBqlRoaXMgVHJ1c3RJRCBDZXJ0aWZp
+Y2F0ZSBoYXMgYmVlbiBpc3N1ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIElkZW5UcnVz
+dCdzIFRydXN0SUQgQ2VydGlmaWNhdGUgUG9saWN5IGZvdW5kIGF0IGh0dHBzOi8v
+c2VjdXJlLmlkZW50cnVzdC5jb20vY2VydGlmaWNhdGVzL3BvbGljeS90cy9pbmRl
+eC5odG1sMEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly92YWxpZGF0aW9uLmlkZW50
+cnVzdC5jb20vY3JsL3B1YmxpY3Jvb3RjYTEuY3JsMB0GA1UdDgQWBBRflx7JLykP
+kp4mjoIPuFgLi9JEBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDQYJ
+KoZIhvcNAQELBQADggIBACwOy4GDh4qkc4mCBFUc4lAfMpyQvfqRC3ydapHfk6wu
+Upe+0kCI63BPwdT+nsgZnC1IRyEUSUGpaqAAEz3FFF7X1n7Ri57Xh8wH5CTlcCRp
+IPlT1BwhlTQ0wSGRqqPSao+iCp2kLTwrptW1M1a4cNTi9XNf10V5SFoNhyyo2lbL
+NnJ+1N2sBqXkb9yEMC+MKu4eFxS5+DVhLoz6xMh6Sl3/5YlhOukfvQpoMO+f56EM
+a5+so74xaFWYjscBCsVSZmjIARA4NO0kLidpN9LA8jgZdIb/u7PfdvjFgB3KfRPR
+9ljj4vZ6N5hdTZaYV4vr9VCQObW4yTic5oSb5kFdz3Qm+3DRkrw56z4W5PivhSGU
+x5nIu0m7ieB3A9ZP0NZInAQ/0fuVaFjnb24PvyLyEnRQBPii7099PVaHWEDkX8BY
+DH9JyIchTliAvsLrXfO67ycd0nMjftBgLMoVENK7nBdnYzNUl852KWfLqGGCHGXM
+AnduWiQaqbi57QJyDiaPc4BWwV7iftEBL72okBifsXyUTht+FHry22xHSL1oF5Qz
+SxX7i6xN0SVXqBBNbGfMg1SopPBtj0VIznILYLpKvE/HaMGhXmg4LGCs6Uv6obgS
+EJud9QgW6oEwJZjGWtjTgjgS26XYmpV+95mKG77PWuTPltFqukZ8AW9/qastsDH3
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDFjCCAp2gAwIBAgINAgCOsljntZQMH/kARDAKBggqhkjOPQQDAzBHMQswCQYD
+VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG
+A1UEAxMLR1RTIFJvb3QgUjQwHhcNMjAwODEzMDAwMDQyWhcNMjUwOTMwMDAwMDQy
+WjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz
+IExMQzETMBEGA1UEAxMKR1RTIENBIDJBMTBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABADfm7MZo8aDj2QQNzCIfwnQ/yd9f+b0YdzHZXrVztMw/k63A+MGTzK1XTLF
++LYj7csyP62BImmiRSAXwF6iiIijggFtMIIBaTAOBgNVHQ8BAf8EBAMCAYYwEwYD
+VR0lBAwwCgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU
+kxhjkRd2mlrmO38uM4OEhmse1PkwHwYDVR0jBBgwFoAUgEzW63T/STaj1dj8tT7F
+avCUHYwwaAYIKwYBBQUHAQEEXDBaMCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC5w
+a2kuZ29vZy9ndHNyNDAwBggrBgEFBQcwAoYkaHR0cDovL3BraS5nb29nL3JlcG8v
+Y2VydHMvZ3RzcjQuZGVyMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwucGtp
+Lmdvb2cvZ3RzcjQvZ3RzcjQuY3JsME4GA1UdIARHMEUwCAYGZ4EMAQIBMDkGCysG
+AQQB1nkCBQMBMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vcGtpLmdvb2cvcmVwb3Np
+dG9yeS8wCgYIKoZIzj0EAwMDZwAwZAIwGwr6MqSiPwW7UNI4MBn9y49+F3u1aDRB
+aUe+j3DUewN1wLSsjcooVET/QQ+zv4CpAjBXUKDTWCX9qnQAmahU9GbEFKQAipFT
+p9OeLCFphFg0RfJpdmbc2RsvyvmB+K3BbXI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFljCCA36gAwIBAgINAgO8U1lrNMcY9QFQZjANBgkqhkiG9w0BAQsFADBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw
+MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFDMzCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAPWI3+dijB43+DdCkH9sh9D7ZYIl/ejLa6T/belaI+KZ9hzp
+kgOZE3wJCor6QtZeViSqejOEH9Hpabu5dOxXTGZok3c3VVP+ORBNtzS7XyV3NzsX
+lOo85Z3VvMO0Q+sup0fvsEQRY9i0QYXdQTBIkxu/t/bgRQIh4JZCF8/ZK2VWNAcm
+BA2o/X3KLu/qSHw3TT8An4Pf73WELnlXXPxXbhqW//yMmqaZviXZf5YsBvcRKgKA
+gOtjGDxQSYflispfGStZloEAoPtR28p3CwvJlk/vcEnHXG0g/Zm0tOLKLnf9LdwL
+tmsTDIwZKxeWmLnwi/agJ7u2441Rj72ux5uxiZ0CAwEAAaOCAYAwggF8MA4GA1Ud
+DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUinR/r4XN7pXNPZzQ4kYU83E1HScwHwYD
+VR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG
+CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw
+AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt
+MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsMFcG
+A1UdIARQME4wOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br
+aS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATAIBgZngQwBAgIwDQYJKoZIhvcN
+AQELBQADggIBAIl9rCBcDDy+mqhXlRu0rvqrpXJxtDaV/d9AEQNMwkYUuxQkq/BQ
+cSLbrcRuf8/xam/IgxvYzolfh2yHuKkMo5uhYpSTld9brmYZCwKWnvy15xBpPnrL
+RklfRuFBsdeYTWU0AIAaP0+fbH9JAIFTQaSSIYKCGvGjRFsqUBITTcFTNvNCCK9U
++o53UxtkOCcXCb1YyRt8OS1b887U7ZfbFAO/CVMkH8IMBHmYJvJh8VNS/UKMG2Yr
+PxWhu//2m+OBmgEGcYk1KCTd4b3rGS3hSMs9WYNRtHTGnXzGsYZbr8w0xNPM1IER
+lQCh9BIiAfq0g3GvjLeMcySsN1PCAJA/Ef5c7TaUEDu9Ka7ixzpiO2xj2YC/WXGs
+Yye5TBeg2vZzFb8q3o/zpWwygTMD0IZRcZk0upONXbVRWPeyk+gB9lm+cZv9TSjO
+z23HFtz30dZGm6fKa+l3D/2gthsjgx0QGtkJAITgRNOidSOzNIb2ILCkXhAd4FJG
+AJ2xDx8hcFH1mt0G/FX0Kw4zd8NLQsLxdxP8c4CU6x+7Nz/OAipmsHMdMqUybDKw
+juDEI/9bfU1lcKwrmz3O2+BtjjKAvpafkmO8l7tdufThcV4q5O8DIrGKZTqPwJNl
+1IXNDw9bg1kWRxYtnCQ6yICmJhSFm/Y3m6xv+cXDBlHz4n/FsRC6UfTd
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFjDCCA3SgAwIBAgINAgCOsgIzNmWLZM3bmzANBgkqhkiG9w0BAQsFADBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw
+MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFENDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAKvAqqPCE27l0w9zC8dTPIE89bA+xTmDaG7y7VfQ4c+mOWhl
+UebUQpK0yv2r678RJExK0HWDjeq+nLIHN1Em5j6rARZixmyRSjhIR0KOQPGBMUld
+saztIIJ7O0g/82qj/vGDl//3t4tTqxiRhLQnTLXJdeB+2DhkdU6IIgx6wN7E5NcU
+H3Rcsejcqj8p5Sj19vBm6i1FhqLGymhMFroWVUGO3xtIH91dsgy4eFKcfKVLWK3o
+2190Q0Lm/SiKmLbRJ5Au4y1euFJm2JM9eB84Fkqa3ivrXWUeVtye0CQdKvsY2Fka
+zvxtxvusLJzLWYHk55zcRAacDA2SeEtBbQfD1qsCAwEAAaOCAXYwggFyMA4GA1Ud
+DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUJeIYDrJXkZQq5dRdhpCD3lOzuJIwHwYD
+VR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG
+CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw
+AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt
+MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsME0G
+A1UdIARGMEQwCAYGZ4EMAQIBMDgGCisGAQQB1nkCBQMwKjAoBggrBgEFBQcCARYc
+aHR0cHM6Ly9wa2kuZ29vZy9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAgEA
+IVToy24jwXUr0rAPc924vuSVbKQuYw3nLflLfLh5AYWEeVl/Du18QAWUMdcJ6o/q
+FZbhXkBH0PNcw97thaf2BeoDYY9Ck/b+UGluhx06zd4EBf7H9P84nnrwpR+4GBDZ
+K+Xh3I0tqJy2rgOqNDflr5IMQ8ZTWA3yltakzSBKZ6XpF0PpqyCRvp/NCGv2KX2T
+uPCJvscp1/m2pVTtyBjYPRQ+QuCQGAJKjtN7R5DFrfTqMWvYgVlpCJBkwlu7+7KY
+3cTIfzE7cmALskMKNLuDz+RzCcsYTsVaU7Vp3xL60OYhqFkuAOOxDZ6pHOj9+OJm
+YgPmOT4X3+7L51fXJyRH9KfLRP6nT31D5nmsGAOgZ26/8T9hsBW1uo9ju5fZLZXV
+VS5H0HyIBMEKyGMIPhFWrlt/hFS28N1zaKI0ZBGD3gYgDLbiDT9fGXstpk+Fmc4o
+lVlWPzXe81vdoEnFbr5M272HdgJWo+WhT9BYM0Ji+wdVmnRffXgloEoluTNcWzc4
+1dFpgJu8fF3LG0gl2ibSYiCi9a6hvU0TppjJyIWXhkJTcMJlPrWx1VytEUGrX2l0
+JDwRjW/656r0KVB02xHRKvm2ZKI03TglLIpmVCK3kBKkKNpBNkFt8rhafcCKOb9J
+x/9tpNFlQTl7B39rJlJWkR17QnZqVptFePFORoZmFzM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFjDCCA3SgAwIBAgINAgO8UKMnU/CRgCLt8TANBgkqhkiG9w0BAQsFADBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjAwODEzMDAwMDQyWhcNMjcwOTMwMDAw
+MDQyWjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzIExMQzETMBEGA1UEAxMKR1RTIENBIDFQNTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBALOC8CSMvy2Hr7LZp676yrpE1ls+/rL3smUW3N4Q6E8tEFha
+KIaHoe5qs6DZdU9/oVIBi1WoSlsGSMg2EiWrifnyI1+dYGX5XNq+OuhcbX2c0IQY
+hTDNTpvsPNiz4ZbU88ULZduPsHTL9h7zePGslcXdc8MxiIGvdKpv/QzjBZXwxRBP
+ZWP6oK/GGD3Fod+XedcFibMwsHSuPZIQa4wVd90LBFf7gQPd6iI01eVWsvDEjUGx
+wwLbYuyA0P921IbkBBq2tgwrYnF92a/Z8V76wB7KoBlcVfCA0SoMB4aQnzXjKCtb
+7yPIox2kozru/oPcgkwlsE3FUa2em9NbhMIaWukCAwEAAaOCAXYwggFyMA4GA1Ud
+DwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU1fyeDd8eyt0Il5duK8VfxSv17LgwHwYD
+VR0jBBgwFoAU5K8rJnEaK0gnhS9SZizv8IkTcT4waAYIKwYBBQUHAQEEXDBaMCYG
+CCsGAQUFBzABhhpodHRwOi8vb2NzcC5wa2kuZ29vZy9ndHNyMTAwBggrBgEFBQcw
+AoYkaHR0cDovL3BraS5nb29nL3JlcG8vY2VydHMvZ3RzcjEuZGVyMDQGA1UdHwQt
+MCswKaAnoCWGI2h0dHA6Ly9jcmwucGtpLmdvb2cvZ3RzcjEvZ3RzcjEuY3JsME0G
+A1UdIARGMEQwOAYKKwYBBAHWeQIFAzAqMCgGCCsGAQUFBwIBFhxodHRwczovL3Br
+aS5nb29nL3JlcG9zaXRvcnkvMAgGBmeBDAECATANBgkqhkiG9w0BAQsFAAOCAgEA
+bGMn7iPf5VJoTYFmkYXffWXlWzcxCCayB12avrHKAbmtv5139lEd15jFC0mhe6HX
+02jlRA+LujbdQoJ30o3d9T/768gHmJPuWtC1Pd5LHC2MTex+jHv+TkD98LSzWQIQ
+UVzjwCv9twZIUX4JXj8P3Kf+l+d5xQ5EiXjFaVkpoJo6SDYpppSTVS24R7XplrWf
+B82mqz4yisCGg8XBQcifLzWODcAHeuGsyWW1y4qn3XHYYWU5hKwyPvd6NvFWn1ep
+QW1akKfbOup1gAxjC2l0bwdMFfM3KKUZpG719iDNY7J+xCsJdYna0Twuck82GqGe
+RNDNm6YjCD+XoaeeWqX3CZStXXZdKFbRGmZRUQd73j2wyO8weiQtvrizhvZL9/C1
+T//Oxvn2PyonCA8JPiNax+NCLXo25D2YlmA5mOrR22Mq63gJsU4hs463zj6S8ZVc
+pDnQwCvIUxX10i+CzQZ0Z5mQdzcKly3FHB700FvpFePqAgnIE9cTcGW/+4ibWiW+
+dwnhp2pOEXW5Hk3xABtqZnmOw27YbaIiom0F+yzy8VDloNHYnzV9/HCrWSoC8b6w
+0/H4zRK5aiWQW+OFIOb12stAHBk0IANhd7p/SA9JCynr52Fkx2PRR+sc4e6URu85
+c8zuTyuN3PtYp7NlIJmVuftVb9eWbpQ99HqSjmMd320=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDYjCCAumgAwIBAgIQDpoltJgUr83lkFY/75UkaDAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwODE4
+MDAwMDAwWhcNMzAwODE3MjM1OTU5WjBKMQswCQYDVQQGEwJTRzEcMBoGA1UEChMT
+Q2VydENsb3VkIFB0ZS4gTHRkLjEdMBsGA1UEAxMUQ2VydENsb3VkIEVDQyBUTFMg
+Q0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAASQfmimvw0mE+EXv2+E6tl80/+p
+iLnHZz/FfDkWF+7YjNZxJemUNpqPENUHB0DHi78sv1774TyMd5/OT5CYjAdvo4IB
+cDCCAWwwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0OBBYE
+FA6zrONuAPtxjhLQbrS01pqPjHUxMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNVHSAE
+GzAZMA0GCysGAQQBsjEBAgJVMAgGBmeBDAECATBQBgNVHR8ESTBHMEWgQ6BBhj9o
+dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlv
+bkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDoGCCsGAQUFBzAChi5odHRw
+Oi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQUFBQ0EuY3J0MCUGCCsG
+AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2cA
+MGQCMHfmuXJECeB2Lu5KMREt+SHR2In6YQWqBFR19JK0UTiprcew+E/nQhWlfyO4
+Z/fnzgIwAnasdx/lP6AFYaTjgy/GwQQGEyGIFldYeiPDJ8vLIYOrG3YtMvBkCJLK
+5IyzJh7C
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDfjCCAwOgAwIBAgIRAJ7JDmFGaAFg9VNXYQqCA4YwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDgx
+ODAwMDAwMFoXDTMwMDgxNzIzNTk1OVowTTELMAkGA1UEBhMCU0cxHDAaBgNVBAoT
+E0NlcnRDbG91ZCBQdGUuIEx0ZC4xIDAeBgNVBAMTF0NlcnRDbG91ZCBFQ0MgRVYg
+VExTIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE1pQVCJf5QjRlTsqaUINz
+MEr030mUn91UVBDdz09vxxcrpm1V0W/1nUlXzJLwRwWgVKqbX2/prxfaUUTiQwcA
+QKOCAYYwggGCMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2OaMB0GA1Ud
+DgQWBBR6zo6a5CxsVGx46z88cYhD4H73eDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOAYD
+VR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5j
+b20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNv
+bS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEF
+BQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RFQ0NBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVz
+ZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaQAwZgIxAJrwEhcANH9VTvdochJUGFkY
+7ZlMpCHouISux8pUNAAPcZJA9JmHjhbRNsAIgGYJIgIxAMVYg1nGlk8KTQMHW7m0
+zP2fFGWhWvan4q58EIeLCGxykppkUj7HW7Uorfx9eNWKsg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF6DCCA9CgAwIBAgIQZXHZuD2hrM0yoWbcJYWAxDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+ODE4MDAwMDAwWhcNMzAwODE3MjM1OTU5WjBNMQswCQYDVQQGEwJTRzEcMBoGA1UE
+ChMTQ2VydENsb3VkIFB0ZS4gTHRkLjEgMB4GA1UEAxMXQ2VydENsb3VkIFJTQSBF
+ViBUTFMgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfxjTCHbpO
+9LYyKjrhzqd7jdkMbtwPI6x6NPq4LJLm8vpkEu+bRtTENv/st5Nq0utXl0E+XXiY
+Xbx8sXnjJlS+v6JJHsgzHhbg98pZClF/JFD6cd8VDXHPWjrJg8EGibYlRfdPnLHC
++E4mkC+4hluJcKTIe5/vzaWNb553EXk5wghvpjYlQ6e16NjKT8GTL4738i/Hgt6y
++JFFKoI70Qz6JZsgCGcRgvUVUI/+WbYTTkSG0HKWujlbLkIr8fH52icLs6C+XA0C
+sdyvTAQUHUIFMiTlZ9mn15RD5BXdzdn02jlzue6SQFQM4k5ng9nLgZomwjFTI8aN
+6WKz9A1YtipbAgMBAAGjggGGMIIBgjAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dib
+wJ3ysgNmyzAdBgNVHQ4EFgQUnbHHlQZa0CLaflngIayPVYGu1gowDgYDVR0PAQH/
+BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIBFhdodHRw
+czovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3Js
+LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0
+eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnVz
+ZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQUFBQ0EuY3J0MCUGCCsGAQUFBzABhhlo
+dHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAsthx9
+jWF9WObf+BgbBW6iVdS9tcyEXWR72TlgoekiwHNvMZqNU87Ogtt9hwGdF8zGqpOX
+quIeLv+WIqscgUKMBMkWmOsBAzg2b8a7jjDLHA33SvPLSSeRqxvd1S/RbpyJQq1i
+/HIOW10iwd1UUzNcCfEaaOR33LO4X25LaYS9TqQKmFt2rOc19Y07D6Vz+VV9X6IW
+WpF2iQPLB3WXRQwbPWchrLbwQ9D9mBKktRkgMbav+lpEMy8nwiOfsn+yNvWZnatQ
+YrX7PYZ6yLjhofqk9ltzi0FfKAK7c8Y51MIceMIHgxee9NpTW5vb6ZgSA4brbqbE
+nXoiuaOtwmLtJQMd0MhWE2Z5gtxxIPcOKq1zydFvrLC4mVAK46cO9tEt+ZdC84ap
+3UM3SJX6VAM7GaI43QoibqtGBzqcGKYISey9Lp7YLYe3Ns7V5jLurS5/4ft+tNYj
+bkg1ComgkTKdXIEajNn+4gmDR66lhD2Iwqlagy5Xr3F4d0yUFKxzESYNOVjtAkBG
+NdPLoVciABBOLJuqY/sLyinYxgC13q1x16USa6r91nflBQmU3aR8HqkUnjw0a4kL
+NTXzNAVlfEe/uzrh7kC1XpI+A3lvdAcqzJn2AM3tgLgqvqy0gyhZTLpxPZnbzAHh
+lyaht9NWx3t2Af6Uz+hJTQZGdQq+XuNM8xm7Ug==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF0zCCA7ugAwIBAgIRAJrBCAXEkf9f72li/xI6BfkwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDgxODAwMDAwMFoXDTMwMDgxNzIzNTk1OVowTTELMAkGA1UEBhMCU0cxHDAaBgNV
+BAoTE0NlcnRDbG91ZCBQdGUuIEx0ZC4xIDAeBgNVBAMTF0NlcnRDbG91ZCBSU0Eg
+T1YgVExTIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPwsIstz
+EDS9Py1d5DPqAG/DhonCpyK+C9A53R/4c37BO00DG/I0y46mE6Pna5JpRQVv+xOb
+8fuNIKETm3EVP4zBUubCPJb8Rw8DJsuIL0cfLqBEnbV7yjHxKzmEkVAHskTt7uhi
+U9yZZfTTVv6Yl+uuktKPPdOtnpAVcMHy/XqtwWCKNlkBht3pD8LZ6aXLxYokQvwW
+ZfZb4rNfGWgsKumP22LlwfP5NpKyrxtw9knMZNxSMFxjv8s7AFbh98Yj0hs6bqRb
+NtDzh7QGS6dOvO31tTbdwA2gTx9YsRScvlM9sun8nS7btVg8vTGDkb5uSuGOrOBh
+wPyTKg4HO9XxcQIDAQABo4IBcDCCAWwwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHY
+m8Cd8rIDZsswHQYDVR0OBBYEFNUmyuz2qmus6E5RPIoUiDVMpgizMA4GA1UdDwEB
+/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgJVMAgGBmeBDAECAjBQ
+BgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRy
+dXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBj
+MDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0
+UlNBQUFBQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu
+Y29tMA0GCSqGSIb3DQEBDAUAA4ICAQAfbzMZtLliee3L+g2sIS6/8c485jAe5ydD
+mktJBp/ys8nhwbkuQCMWtooHaAExGCJAPNqVmMUtF27pKmJFZx1nuKFRmg24Ytvr
+dBQS772EbwVGVVMZyfKBtxMgNWXJTlr8GTVxVvLDdcFCs2DjoGQC+U5Vib/Ml4Ad
+UVA8b+bFL5dmOBO8ArHjD1qfJ45+kq3MDCjqGGuwa3F+alHBi85R0vaR2azXoUMs
+8FPSkkE/VJHE/7JZs1HOhz7yVzAkBICYX05ZDh3EDoYSbcOS56w2AvZYKwKmGzis
+dWCFnjt/AMIEpwbBKqe6i3sIweQoX/hv4iANt0xrsH0Jya8ErjDB7RrQ3fXGMKA2
+wHzRRYOcJqBaSZOrIheavVLWQDpECLCKgN63Hw6cp4Qfx5tRvF2McKXctzF2ThGl
+du80EW6cRJhFDJ3SkgwSGu2i337/nQSfHnsbRa7qIT9jMUSV5SohPMqc6eAw2/bi
+Wv6HhvvoWiyTj8QdwYoPRXZfHJ1YzeGWKTc2htZgd5Ks1h3AUKaHrWX1shFtcYme
+vMaAMujjoxt0/AFNsltRDBX88nXBgxgoLhQxSR94SF9XmdfMPwPORn2WS67VxspO
+bYZcpO0V9D02n30yBM/anotXdhzeggMDL7Y8Mx68PJjDJmdqfcFePnd/EOuEP/la
+DDF0cyPQ3w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzzCCA7egAwIBAgIQCoH0DEPa6Jmzl+SdkdkF6DANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+ODE4MDAwMDAwWhcNMzAwODE3MjM1OTU5WjBKMQswCQYDVQQGEwJTRzEcMBoGA1UE
+ChMTQ2VydENsb3VkIFB0ZS4gTHRkLjEdMBsGA1UEAxMUQ2VydENsb3VkIFJTQSBU
+TFMgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6YTyUcvcodqTp
+9K2nDpy7MEEB1+b9OdRxHVuz5NL0oh/Uc5vY98oI7jsb/6Ps8m243jadrTMi/Bsn
+9TSpoDvcGUOKKEormXPK3GNlrYfYdaKUOQXBQxntB6CSrbf0sjtJszxDR2pBnyjE
+udxIUwM841+8BiE7/vTZR7u1e+jaj6BvEeHnwAHoBemLQAwY6XOKfbWUkg9XKQA8
+4urUl5OUQlER3pRdO6HSxSZJELW/wfPEd7HGN5KxzeX/V0wqjX0XuM+IuCDZyOuy
+2JTne7qRIFkHqerANTgMTEHWBwBC0dsb7X2yK6tzahRJ2yfA7u+wqn4WsMtrN1sY
+xk3CeOvfAgMBAAGjggFwMIIBbDAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3y
+sgNmyzAdBgNVHQ4EFgQULiXODJvkyIMz7/ZPPeMqMx/ybqcwDgYDVR0PAQH/BAQD
+AgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAlUwCAYGZ4EMAQIBMFAGA1Ud
+HwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS
+U0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYI
+KwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FB
+QUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20w
+DQYJKoZIhvcNAQEMBQADggIBABd1TLX6r4fs2l0iLBTMtK4NuLX/8i5/UnvzenUN
++9WrqOSVRX2GkjSDuzoVhOT25RGXRj2G9+gtdvuAl2VmfMmgYIh0xAjAxX79Qb6J
+zThroP5EwYtod+xmjBWYruVPcPDgDOome+SK6sKuhy8jmMqa/FiMK+L6lP8IDHnd
+5Lpzoxds0XPxH0Zyn351hlFJyG4mxaIdS/AQHx7m7Hlq4QAI9h5SGu4an036d50z
+YtV0VEcDcOBVdXLcVESBn0uwKJuGyb2x0/aHbV6NuluyRJqaq9MUFIukNyakaHzh
+9sLRvVuzt09DTTWrSWqMCwiMiv65e8VFu2eSLtWy96fgiR5IhfVzX/11mReE0jhf
+MK8d+nbkLgpOST+6mp8E6xZd6dlJxBDPtM3j0SQmKYMgSkzT9Sa9jUoK3MIvuVh1
+FdcGm7TbMq5LE6JznYlFt2y+23RIiRd8EFEgtk6855GF2X3pfqUeFy7SCOAYCfzw
+4sDRl0uYJ+yHbM5AfghAnaNihhtGHpyozFOZQWi15BV2ZRZ5S3Th6paCYMHx/I04
+Ys0ApXpGyAXhsPp9I1b20r54OX4sJLzuPNvZ+RthFTlAeK++i1D17KGPy7yAdcT6
+Rgod8isK+eLPZafcrlPHIJUXSCGbXR8xPezYAHDBNd/R7RsxcFxoSeEdZW6OCptN
+jWdS
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDZjCCAuygAwIBAgIQU4Vt3W/rXizP2fnWEZakFDAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwODE4
+MDAwMDAwWhcNMzAwODE3MjM1OTU5WjBNMQswCQYDVQQGEwJTRzEcMBoGA1UEChMT
+Q2VydENsb3VkIFB0ZS4gTHRkLjEgMB4GA1UEAxMXQ2VydENsb3VkIEVDQyBPViBU
+TFMgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR8yrV151j2tW67GR6EnEtd
+KmJAxTxI90rD7GUjh6HuEsOZcrIr6KPoj63DKr4B2Arbk2PX+SaoWHFkn/zfkKaH
+o4IBcDCCAWwwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5owHQYDVR0O
+BBYEFHuHci5Ay7+7PmzSyteizqmJeDc1MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMB
+Af8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAiBgNV
+HSAEGzAZMA0GCysGAQQBsjEBAgJVMAgGBmeBDAECAjBQBgNVHR8ESTBHMEWgQ6BB
+hj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNh
+dGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDoGCCsGAQUFBzAChi5o
+dHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQUFBQ0EuY3J0MCUG
+CCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMD
+A2gAMGUCMCUmcWOl7ljZw1DDG+6UaT3efv2hEli2njdKuu480nLEKN/oM7Dgs0RW
+EWO7JFfDDwIxAKUdVgBVOHik0qzuymjSn2M9jCLE6tSuQ4ov5EqmEB/tK5QW3Qpa
+u7FcWdjTaeFOGg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF1jCCA76gAwIBAgIRAN7Pp4Hxh4doloy3fLGv2+owDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MDgxODAwMDAwMFoXDTMwMDgxNzIzNTk1OVowWjELMAkGA1UEBhMCU0cxHDAaBgNV
+BAoTE0NlcnRDbG91ZCBQdGUuIEx0ZC4xLTArBgNVBAMTJENlcnRDbG91ZCBTZWN1
+cmUgQ2xpZW50IGFuZCBFbWFpbCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAILVrYhkkEcRnuFHI8zz/Njvfg6nHN5X41GQX7lo1YBqa1hmYEaamUsh
+QkBu20UK3uXICEUN3xsSj6yxtFmc9J4+OKzcmXKlKTPsUnbw+45TEl5qJN32Uacl
+XE0OJ5/8zv1fSmMG+QDv6xIT/N4fb0b0zNcUnoZvcaLeg2Oc8ZjHQLbSt9COUnl1
+pv2Tz5tLXmg1YduDiZpQKz+7YWiK8jV9AMRYTmVNLRS0sNL0A6xWGtjkxRt0I7Em
+6kZybYGP6a/ZWNDRIcwfs3i4UW7ZBXPT1BmjGkS3ZvFV6Oicy7Vi+tnAm4jPudOu
+XKs/OsF/l4uqS4SCp7iPJB5YY3NPF4sCAwEAAaOCAWYwggFiMB8GA1UdIwQYMBaA
+FFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBQqy5xLH9NlxFFJ+prjsWpO
+OPB/bTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUE
+FjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQIC
+VTBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEE
+ZTBjMDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRy
+dXN0UlNBQUFBQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1
+c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBb0aeillMHbXt0rXVbWkLn2y/kiFDl
+T6wg9aDWRg1GNj3F32k73dbJEUZFPVdAMJO1EiLESKqqB4kKqZwSCqm7AGuWv6DX
+93YmOlotmXo9V/5yVVSHd//vgIUXpt60yu2WAWMWv7unlP28h5PJLvEZD7s3ujnc
+ruSaWwMk6ReKV50V5ppczSjrVMw+Uzv2CCMu7gUkg2wGW3XaUin81DLcccn+2x8V
+Wp6G3npQSlzjPEHOXXpR/taeAaB5WJNLWZWnHday8O2dofo4ZBG+tvz4gqyvKtpG
+SYaSNsPE1LU4SB5jIQiAL3MalrIRQA8m9qzEJaZ+7u9rea9rZPHMsxtPpmtNLjAt
+zDUWhGbz9JMeqIIfso/sFzgwBzH0PJDZnEFASvd+8CSQZ+T4zo+eRHOSX3ePQavk
+JBMqIPjOav6iTMoU+EJ0xXQOKNRVqmXhtkkSoUYznXmLKAzfw64fb24QXfi4wYXm
+7kB7MbOczOHS0GScPAyKwyjZUgMfymAW9Q3QBw1dX4KbmsItAu2ifyKwzX/pJc1h
+k4sNKWsE3pW6j2rN0WTOh75fK/qmSMOjShvihPBrKoRBI2kJfwDSLBoHZXgjan/b
+Sl5usJ4ayF+CcPbY5eBE8LTGVl/O09P80Jpl3ZucCJiJfPZUru3KLJEwGcNauLsG
+wHUmeHkgp4gDgQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIExjCCA66gAwIBAgIQeAMaoOu10y3VvjItu3VWmzANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaME8xCzAJBgNVBAYTAkdCMRowGAYDVQQKDBFFcm5zdCAmIFlv
+dW5nIExMUDEkMCIGA1UEAxMbRVkgTExQIEdDQyBSMyBTTUlNRSBDQSAyMDIwMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSRStF0TsXVBtuytWGle9DO0
+ziMsVXkxhfShLVxHcAZQBOzUq/JLlq+u/S4bQyyWLDSUalQuoyNk3SDCiDjowVKw
+YsLxnEzr1QfBfJZpKwmtz60bNiGQ1xjg387VPCMpZiZqKmjkrXpOdEYi9zlk7k0s
+oSSK63/ZspS60egiUBQLyqasyv6opqgHX9akpsWYykJtJD/zZxPhhTvW72EwAkoE
+lC2Wg9juhChQz9eI5qGOuyMvw+rX8EPV/42sBjF2bvR0bijIwjyLQaDfru+6GLkM
+hDW0OIawmKe1KMckDQGoySQxE2iXBCoS3j6RZircYvB4Sy1MuQvkZjypZMJqQQID
+AQABo4IBnzCCAZswDgYDVR0PAQH/BAQDAgGGMDMGA1UdJQQsMCoGCCsGAQUFBwMC
+BggrBgEFBQcDBAYJKwYBBAGCNxUFBgkrBgEEAYI3FQYwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUV2K9aJRpNxwG7NM+jNC39ygr24swHwYDVR0jBBgwFoAU
+j/BLf6guRSSuTVD6Y5qL3uLdG7wwegYIKwYBBQUHAQEEbjBsMC0GCCsGAQUFBzAB
+hiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjMwOwYIKwYBBQUHMAKG
+L2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jvb3QtcjMuY3J0
+MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9v
+dC1yMy5jcmwwTAYDVR0gBEUwQzBBBgkrBgEEAaAyASgwNDAyBggrBgEFBQcCARYm
+aHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcN
+AQELBQADggEBADfGWtSLuHua7cMATPJqHFnoJmeErQDwveRVxspXN8ini+k9K1t6
+FEA2Fvzl7AK54dHfaF8WrFhO5z9N3WPVGiiN3sLlKVKcLbYJN8gEhMuHMYdJzK6a
+G+DwIKVDJf+iLqj0iL/+1d32sHeS8thip+cD9dbF/xAz7Vs84z2C9Z6zas5kqOYq
+UFwxi4jzeRiHuCMRbpNJwba2GVO4FjHKLS+uHXu/+Ztr1RVAWJvffBi6ks2cW6Up
+IE5pKR6ZRT6MJOrjEn5XU5O9tosDTRBF0vH1SRK3NnF0kEFt9ZSnbpEcWmvvAXz1
+6ajl2e82O4oVsjkM2rcS0eRGaKR3O8i9HGU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGxzCCBK+gAwIBAgIQeAMalP7ZKBZ89k2M+9DgPzANBgkqhkiG9w0BAQwFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEtMCsGA1UE
+AxMkR2xvYmFsU2lnbiBDQSBmb3IgQUFUTCAtIFNIQTM4NCAtIEc0MB4XDTIwMDgx
+OTAwMDAwMFoXDTMwMDgxOTAwMDAwMFowTDELMAkGA1UEBhMCVVMxFTATBgNVBAoT
+DEFiYlZpZSwgSW5jLjEmMCQGA1UEAxMdQWJiVmllIEF0bGFzIFI2IEFBVEwgSUNB
+IDIwMjAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCxIWHFMrBgfPnr
+Z4t/PAmzXXqGGUjBANdoh09kL3SRvZXPQ7XmepY9acff1oPYDTDXyxjKFh0auOvf
+pXGTytem9fB6eWg4AuCdvn/NzNkvlJkQVRltJkbPcirWDKvczVvf0b/CJJNBV/4g
+hkMcvDgL/JBjl41JIuHs/bH0h0zbtXrWKchVgcXRSOEnCjRSv5/9hGDhJ1NP3RK+
+aN9xWAR+z7JlMxIQxVTvtIMVs0A/oM7ubOyJHBE/S+fcu5dbrEHfek3CXRwgjmPA
+I/k6HK8csVMk88GIWwAZXaOT3pRWYCd9xXL6SoKYT+eplV9p+QBTBQpZF0W6a2gh
+wuG4biE+dnzatPH/6Qv5Wuz+vEZkjUJVSXXxw+lYG1ZGbZ1PAk60Xp1l9Pv2FTel
+N5npoxBzFJtwLEQHk4qyIkejIel8A9iAAeIDKUEfMpfog/ivDKK4jCw+xImrS5Ow
+PjAIMYTmJA5ynKCg2dQhHxhOgxoMdImGRKlau8pnzF0HLyNpnonxATXjpHG/Vq/e
+0Wg8wkO8Eo4kGZSAYhlGDtUwjbYjL+F+MeW69VCsHkdHywGpUdJffzah3MPsU2tu
+tRE3+lxuK+wDZFU1RvoJILPq91ucsBN4aPeOTpksmUvzl5k29kX6py/Bxj3/JDRL
+8C0IM8EXDd3Yesqh3obonnlUGHRcwQIDAQABo4IBmDCCAZQwDgYDVR0PAQH/BAQD
+AgGGMBQGA1UdJQQNMAsGCSqGSIb3LwEBBTASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
+A1UdDgQWBBTJ+ecxI+MBoaNo3IEzCjT4kwFpZDAfBgNVHSMEGDAWgBSJ73Vxel9H
+G5cj3JBKy//AJjYI1TCBiAYIKwYBBQUHAQEEfDB6MDYGCCsGAQUFBzABhipodHRw
+Oi8vb2NzcC5nbG9iYWxzaWduLmNvbS9jYS9nc2FhdGxzaGEyZzQwQAYIKwYBBQUH
+MAKGNGh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzYWF0bHNo
+YTJnNC5jcnQwPgYDVR0fBDcwNTAzoDGgL4YtaHR0cDovL2NybC5nbG9iYWxzaWdu
+LmNvbS9jYS9nc2FhdGxzaGEyZzQuY3JsME0GA1UdIARGMEQwQgYKKwYBBAGgMgEo
+HjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBv
+c2l0b3J5LzANBgkqhkiG9w0BAQwFAAOCAgEAHgMQYSgAZ8Y4ZzxTuu1AeLip6RXU
+2fbXCQMOkZuMy6wlBkyIqxFjboaBaalCsSc8Om2uvehl1RjOqHMUwfix53a7oRz4
+8mCFnXp4DsOzW5R6ERigNdFLuXJYery7oWP2ZfZVrU4RoG3X40eew+3MM6QgqJgC
++HmDxtLEkU7cLCKGTeSI4+wL7cma0gjVGKSOh0AYC3S0G1TzsrOORrfQSQnNuE7q
+eRFl3IT7UyYpTn7OKCYrkSHWTtQ+xEK8DboCCpmwznzUdRZq0Pumj5uUBTO29nZu
+6e0DoE/VGv1qHEORmDHhgiICU/7EQs8Y3+m4/japrdDyP6QSzc/j5oxLfuxWaSSb
++Va37X0gxeLUB1QYy60Ivr41/JRHhnYR511MSVsQIEzJe8RYV9x/XXc1jmYJ9oUR
+13eqri39cS5+LllSlINdeMrWM69ggs7KZEGO13T0wqHJjxDXQxYdDD3md/bw4efw
+ijVoYZ/WfLt7YwdHw7mGdfkwUMp+ZCpPIf6EQy1gAw8qu0pIOx4UwFvtBYrIBSZZ
+t9X5RJ7xR68B3apcGVKfMxNkk2Fs6XpfmaSE6B55LBmniRExizS990uiWPi7inqI
+yHREhPLruMlrvcVf0JbT0fkb17WhQgSA6yyICuSvOuJlbp5xIo9lVa8pGU4UvZEU
+VD1GWg8pHLG0EN4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDajCCAvCgAwIBAgIQeAMapQq7bryFyqrojWQvYDAKBggqhkjOPQQDAzBQMSQw
+IgYDVQQLExtHbG9iYWxTaWduIEVDQyBSb290IENBIC0gUjUxEzARBgNVBAoTCkds
+b2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wHhcNMjAwODE5MDAwMDAwWhcN
+MzAwODE5MDAwMDAwWjBYMQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2ln
+biBudi1zYTEuMCwGA1UEAxMlR2xvYmFsU2lnbiBBdGxhcyBFQ0NSNSBEViBUTFMg
+Q0EgMjAyMDB2MBAGByqGSM49AgEGBSuBBAAiA2IABJk4+mZIkW1K/u9RhYzrZUwu
+PXKbE/GVfh5MUfipeVqutoArFF7lQtNVyb5bQiLKmSy0hjp8gUydFTeptXaWhNYU
+/ALTyvKM2FWNTBTdQDOYnGY+ii5oNYEFQ7JzuNUHg6OCAYUwggGBMA4GA1UdDwEB
+/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/
+BAgwBgEB/wIBADAdBgNVHQ4EFgQUQNhmyJ7rexKy6jBIM0OJIOEXsBMwHwYDVR0j
+BBgwFoAUPeYpSJvqB8ohREom3m7e0oPQn1kwewYIKwYBBQUHAQEEbzBtMC4GCCsG
+AQUFBzABhiJodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vcm9vdHI1MDsGCCsG
+AQUFBzAChi9odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290
+LXI1LmNydDA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24u
+Y29tL3Jvb3QtcjUuY3JsMEcGA1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIB
+FiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAKBggqhkjO
+PQQDAwNoADBlAjABqlr39Lb2vqOuFA8xzFpdHA1RmZhQzw7F/4xEkzofLYVFc/HD
+OCxQhc0mojFKbToCMQDPptflhZ4Ah2IeDY0B8wZR72797QgqNcveYkreiADibVtK
+mZiWcDioi0FZvnHeBdI=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvzCCA6egAwIBAgIQeAMao0/80Rin2RzNXuxThDANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFQxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBDcm93ZFN0cmlr
+ZSBJbmMuMSowKAYDVQQDEyFDcm93ZFN0cmlrZSBHQ0MgUjMgVExTIE9WIENBIDIw
+MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzmwrOeDyjzgMzG5pc
+DyFTbM3rYIbsNBkFBTp8zrAJZGeNnqEzQEWVCwQmuuY4NUyjjbJfVPl1ZxAy84Ap
+dS8yc55V2hfUpoZjeokMC+hSoji0dJm5sAQDiMHyTKIqZlNhU8hVrF+wglLm5Vkj
+3Pcc0MAYQDC1BwhXIA5s1tm8utYekKqcJjpCjvbdyrCv/CA6TwTOSKddqMIYQutX
+qvlNLDL/BASfaYBxmVt/x7taCl+wxSwt3miQYWC42EfjXfuSXBe8gD+59jwChM73
+/0iknZPbi212SPj0hq1m5BK5lBpS35OzVD8QdxBvQ7X2S0icCN5zEXFtBwu1aqeu
+QrpfAgMBAAGjggGTMIIBjzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFDRG
+WsSWhGsR1OcJMK8ByqadP32WMB8GA1UdIwQYMBaAFI/wS3+oLkUkrk1Q+mOai97i
+3Ru8MHoGCCsGAQUFBwEBBG4wbDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3AuZ2xv
+YmFsc2lnbi5jb20vcm9vdHIzMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJlLmds
+b2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIzLmNydDA2BgNVHR8ELzAtMCugKaAn
+hiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjMuY3JsMFYGA1UdIARP
+ME0wCAYGZ4EMAQICMEEGCSsGAQQBoDIBFDA0MDIGCCsGAQUFBwIBFiZodHRwczov
+L3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOC
+AQEASGRtet9bF7dXw406NrUZhXL3lky7JmYddzw1RHVbDVjVTSqWEs86Y21lEm2t
+I96RuvxeNHfd+/EkzK5WS+F5eH4UNPmwwjdgpumte8Xf6zbW7hWVQ6yjuS+GbNI+
+Xm90WmzbVDe2PaCtzpszIaaJo3fOtm7M1aLJAhNnkDm2TWBSkOyhWIW6LhZgJamN
+hzXW6sHHTmzT9xTK3u9zxkVuK9fCc9APDMnscIDcxDfFnq4w74Pn8wzj+Kvbpe0+
+ORcslO4rjST0Vn3o+LO/lSCvLuowzkmpxG5wjSUmZPwEzrPEW+CNC1qIWV+cRPK3
+Mh2y+WTQyPxrFHO2q+VuBxpK8g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFAjCCA+qgAwIBAgIQeAMam0ZVkCw8TMHuMnEpEDANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMIGKMQswCQYDVQQGEwJNWDE1MDMGA1UECgwsUXXDoWxpdGFz
+IENvbXBhw7HDrWEgZGUgU2VndXJvcyBTLkEuIGRlIEMuVi4xRDBCBgNVBAMMO1F1
+w6FsaXRhcyBDb21wYcOxw61hIGRlIFNlZ3Vyb3MgUy5BLiBkZSBDLlYuIEdDQyBS
+MyBDQSAyMDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPPxd8l8
+CyRv+3UYSKo3ugherNZhB4E3JNdxWcVvY3pqhspL8nZQAGApnhtRk/jYw4Xol26g
+7o0TJfaoX6vpmWC3TCaq2dgE3qCrIa6UKHNsxPGveuodYNrDIiPakvB2gUqj0BfA
+2B+BzTpj/IxnpXAGvM0V8FuookNt/rZpR/Bn1m6bKAAfkfqy4Cl+enhBF8SYlVSN
+6mNKEya4AOO6LXQTAFo6/Ae4jKRDUpSgfkBV4Sffg7fTEW3JaHXSIQ+u9uecQSeu
+UzYf3lNhA8P17xPaQJU320tXHlaBZGrKqWr+oQr5nSBVQX9UZUg0PDXL/KC2xVfA
+/XWdGwSz8KneVQIDAQABo4IBnzCCAZswDgYDVR0PAQH/BAQDAgGGMDMGA1UdJQQs
+MCoGCCsGAQUFBwMCBggrBgEFBQcDBAYJKwYBBAGCNxUFBgkrBgEEAYI3FQYwEgYD
+VR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUteYTA7fp6bpPJvofCbzFnI+0sfYw
+HwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7wwegYIKwYBBQUHAQEEbjBs
+MC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjMw
+OwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0
+L3Jvb3QtcjMuY3J0MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs
+c2lnbi5jb20vcm9vdC1yMy5jcmwwTAYDVR0gBEUwQzBBBgkrBgEEAaAyASgwNDAy
+BggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9y
+eS8wDQYJKoZIhvcNAQELBQADggEBACZP4x3UIAa3R5KUMejfH9JeC8HcODVKYo4J
+buzB2NoLvTGCwcYZ7MAwgX+BO3NNNLDVObsdImdtid3lbkR52hQbf0uOBtqOkSTN
+TFszJQrjjSk9FWCkiueyDDI+Z+PiDEhATf/Vd97dQFFk52zY1aUAIHzIr/h4m/vV
+Nc4mdkdSRtuI7EtDVpWtMBf3QA2RQJpzdbHIV4ncFLRJmF/BzNXJtaM/5M9U7ClF
+SgcVL9KIZZXTo532/oqutZs+TkYl9/gbjT6JVUmJKQH+bI6LJ/neiUc+YBf0F3kb
+RZgsPy9Ywhl5qdXRxgZEBaTPSXJ82qrq4CkZujPyrry/+gaNEms=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIExzCCA6+gAwIBAgIQeAMamkAzrmyfmYCZ9Tf2VjANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9DUkIgR3JvdXAs
+IEluYy4xJzAlBgNVBAMTHkNSQiBHcm91cCBHQ0MgUjMgU01JTUUgQ0EgMjAyMDCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANvTrTlQ7U1WE6LVnrhxd2EO
+KwVlQQZjfT2l/tc5QnYl8QgvC4KlR3lok32MmD8gGUUNEdN+ZeZOkVYaH6vRYPPt
+lIARSiT93OXttC1neITOV3mzuJzAT1MOJYNYTzZooAXVuv+ah69qg09TRHKh1HW6
+kPnLkWZV+GIx9bUMtJiGUfjH9Qq5MxALc5j6kJYrWhHvlD0ELxn/zzgZ7JyblhXW
+x/z9s1XV8lWBzCL8V3sGE7kPfvdmKs1MS/LEF8Lkur7NPDBsxLWS+KMTZsVOGqk5
+6DwbvZ3+6Ctnp9+155tW1+namC+DJ3W9yNSzTAwVLiNFSP/ZJaqlBHO7U1i+NTMC
+AwEAAaOCAZ8wggGbMA4GA1UdDwEB/wQEAwIBhjAzBgNVHSUELDAqBggrBgEFBQcD
+AgYIKwYBBQUHAwQGCSsGAQQBgjcVBQYJKwYBBAGCNxUGMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFMklSeKU9mnaj1ILes75tnjVygRrMB8GA1UdIwQYMBaA
+FI/wS3+oLkUkrk1Q+mOai97i3Ru8MHoGCCsGAQUFBwEBBG4wbDAtBggrBgEFBQcw
+AYYhaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIzMDsGCCsGAQUFBzAC
+hi9odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIzLmNy
+dDA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jv
+b3QtcjMuY3JsMEwGA1UdIARFMEMwQQYJKwYBBAGgMgEoMDQwMgYIKwYBBQUHAgEW
+Jmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3
+DQEBCwUAA4IBAQBh+QRFc1B5TfSLrM+hzowWmbD20aUNGqdqNF8kkCPZudSANHyY
+YJ6cljxNGn8WrWUmvXIfpT2vRVimuX6NbpoSR6xpMqE3Zd2iy4A25ISb478yhOXP
+wD0dEfjwkIxvLYdzvr5LpJdooY/2Ww6XYKkpMleQ9pECmXdOFJMk2Ff/w1Jt9aXQ
+/jLeZFTdcQAT0iYBnLFhY7KFc+9bUuNAfC4ctFeLictJjsEjsscA3DiUQmuemFcY
+LyA/5LWmjeJ6l8Rr1utM1nq3idH0BIelvPVvyYx5gUoeZCjovhYMhn7Xr0f6u1+c
+T2Dm4zcG653Hcn4DafzOpuvNP873b9pwXOKg
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEzTCCA7WgAwIBAgIQeAMaoyuD6cHweXqsrLyBNTANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFYxCzAJBgNVBAYTAkdCMR8wHQYDVQQKExZIeXBlcmlvbiBT
+ZXJ2aWNlcyBMdGQuMSYwJAYDVQQDEx1IeXBlcmlvbiBHQ0MgUjMgU01JTUUgQ0Eg
+MjAyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ0ON2bZOY7AEIH/
+z0p/BbVUllkvNXLNv1oqRzARtu1WGhOfqi9yGp7wKulBNtC9NQvqIK8ghno/BAwD
+VrZ4tT90AwqkB604TbNwsFjAjMC8MNu4U0TIWR/tXgkpMXIagyaqSr5QwVK70cp+
+U21jX6rcZMSaw1Ir/JiEuipuqOAjJ2NJjQeS8HmWtudwVlyb+IOKIIVrRdzRYwJL
+E99TR9tjwlOL65RoUrE4AOBHN4REWUqe5sZXvv4vyMfLl2GtBhnpVKA5Vd0mz3TT
+xBAiPk7tlNxm99Q5CzRIsWRVWSkunsva+T9qk4X6aYl6gtOXGaVSJbaD7lNAbUp3
+ehbFzmsCAwEAAaOCAZ8wggGbMA4GA1UdDwEB/wQEAwIBhjAzBgNVHSUELDAqBggr
+BgEFBQcDAgYIKwYBBQUHAwQGCSsGAQQBgjcVBQYJKwYBBAGCNxUGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0OBBYEFI+VCR7L0yMuN5WHM2mH1mtMOLVeMB8GA1Ud
+IwQYMBaAFI/wS3+oLkUkrk1Q+mOai97i3Ru8MHoGCCsGAQUFBwEBBG4wbDAtBggr
+BgEFBQcwAYYhaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIzMDsGCCsG
+AQUFBzAChi9odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290
+LXIzLmNydDA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24u
+Y29tL3Jvb3QtcjMuY3JsMEwGA1UdIARFMEMwQQYJKwYBBAGgMgEoMDQwMgYIKwYB
+BQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0G
+CSqGSIb3DQEBCwUAA4IBAQA5BOjPldyEcDf8xqWtz7hZEPMF3r9c7xIAzaM2xzls
+4UMGEeD3mFD1MGL/yyHtJzQV7hRideBK/+hAsKyXwIrxTAX+/Qzz40pnWkXwgIzg
+RlwTaS5u+/hCpXtTNhxChZ3SSyWnNwHHltXttPBT1lDlAouG0A7yzXCUahB3UGr1
+5zeGNNw1CftxJdYy570763STg5oGqnFxKuLrw5mvF6FIxkwyRIOTB3sk+hE8uw5e
+yCOpsSkQehsEceuu1RZ2ApKD8xK/RmNsns/kX6Kt2rWYqBzxE5J5kvi6JSjRkJTr
+ZRNi2eJzg59s3hC9PxFpyfygyhehh8MVmVYGiapZGHC/
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE6DCCA9CgAwIBAgIQeAMana3bxAYDWC8GMaR5azANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMHExCzAJBgNVBAYTAlVTMScwJQYDVQQKEx5BY2NlbnR1cmUg
+RmVkZXJhbCBTZXJ2aWNlcyBMTEMxOTA3BgNVBAMTMEFjY2VudHVyZSBGZWRlcmFs
+IFNlcnZpY2VzIEdDQyBSMyBHbG9iYWwgQ0EgMjAyMDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALOwpdavYjAymz3OyGjYFjLF+NlpvBmRblQJ213cTntE
+whpIhBB7e8SBUQ8MWgoxQOwTbFWP7qeeLFogy0YTdIIhGe7ArHhVirN1c90Fu+E0
+dYENWKdWWhuipQ79FzjWQMe1Y7zUeYotTRyNy2A829ZzAhpL9S1nsT3TqeDPWDC5
+rjZvNRwi6c894VwnHZ5nVOtqpVkHU34efxFy7zVIf2z5AvYWWKCHclfzkbNMrzPY
+Kf9OGoIjv2jkTmv/jamm5eEdSLeOOqnjOiYhuIAi3vbqp/QoiB4opG0kqnN4lbjn
+7Uw5wXbyxNRUEx+DTDuj+UoLd2Ov2x8OQZ2f80ZYmQUCAwEAAaOCAZ8wggGbMA4G
+A1UdDwEB/wQEAwIBhjAzBgNVHSUELDAqBggrBgEFBQcDAgYIKwYBBQUHAwQGCSsG
+AQQBgjcVBQYJKwYBBAGCNxUGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYE
+FJrwxX1guvQPVoKicPRAW8u09T+rMB8GA1UdIwQYMBaAFI/wS3+oLkUkrk1Q+mOa
+i97i3Ru8MHoGCCsGAQUFBwEBBG4wbDAtBggrBgEFBQcwAYYhaHR0cDovL29jc3Au
+Z2xvYmFsc2lnbi5jb20vcm9vdHIzMDsGCCsGAQUFBzAChi9odHRwOi8vc2VjdXJl
+Lmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIzLmNydDA2BgNVHR8ELzAtMCug
+KaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Jvb3QtcjMuY3JsMEwGA1Ud
+IARFMEMwQQYJKwYBBAGgMgEoMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmds
+b2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMA0GCSqGSIb3DQEBCwUAA4IBAQBmGVQP
+58vdVnpwviN5BeTuMPjalbPyT1xmMHQBpGgmRoW0Byc44qrV4lEBrcxk07Le6ZRm
+xbNZMd6BQSKOH+xSWvsRzEh2yPMzBxlofqjCwHYebAmLY3GWr6aInkjcT73OZd9/
+fwtK9c43eGhVE9vM2NbdiMk2fKm91NzboNeV3Z/fbeshUeqTaw0GZongw90dcSI0
+xLvUL/HHbQZQG+3s6pEZKZMU/zlV40C7q3vmZMaQz/ULf7AyzDC42JkjR70daMoh
+a8ASxA00wkUR4sIhYTYMEOBY8Hj4et7KaylWKneBqJGG6NfCNCwJgdsuyVIHzFAk
+hFX6XA0C/2JcB8st
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4zCCA8ugAwIBAgIQeAMaoK5k/3VXqdvkqsuh+DANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMGwxCzAJBgNVBAYTAkRFMSMwIQYDVQQKExpHUk9CLVdFUktF
+IEdtYkggdW5kIENvLiBLRzE4MDYGA1UEAxMvR1JPQi1XRVJLRSBHbWJIIHVuZCBD
+by4gS0cgR0NDIFIzIFNNSU1FIENBIDIwMjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCV3/Jp9K05DK7k3b07yUXEImDNzd+i8P/V4RN42Fxxk4BT/qAi
+QnrLZIF3guGQB2xsdOAcS8hx7LBpV0N7l6EaCrmefafZhXafL8sTqGRKh/Js/wgs
+hftl4Dbd2yPFK5XskJ87t9pwk+cpkp8KQe/pTox9//qg2JrHnfYRnLdQGCPnKn7O
+TPVgfcgj5HFP9c6whmm9NkvrDiE8aJyyv45a0rOkivcLPpkf9ehHfRBVi7PSBw0X
+z3FU7IUciaL+UbkNMMqTa5Fj4nY9f0ozJ9cn9yzDae4+dF71S/9rxLjCRme04UBE
+MIb4mOQOM/XFnR9aHbYyi5iE6n6z7pyZocizAgMBAAGjggGfMIIBmzAOBgNVHQ8B
+Af8EBAMCAYYwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBgkrBgEEAYI3
+FQUGCSsGAQQBgjcVBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRaGKJ8
+RX491diPptZQDOgsZtzpQjAfBgNVHSMEGDAWgBSP8Et/qC5FJK5NUPpjmove4t0b
+vDB6BggrBgEFBQcBAQRuMGwwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLmdsb2Jh
+bHNpZ24uY29tL3Jvb3RyMzA7BggrBgEFBQcwAoYvaHR0cDovL3NlY3VyZS5nbG9i
+YWxzaWduLmNvbS9jYWNlcnQvcm9vdC1yMy5jcnQwNgYDVR0fBC8wLTAroCmgJ4Yl
+aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBMBgNVHSAERTBD
+MEEGCSsGAQQBoDIBKDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxz
+aWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEADao2+TIcMoFe
+skk9rfsGyQVC77MPzZbRxUjMBGQiErAA8nbE8Ca0AtT04+tQ64bmeYqwWFSjyz6d
+Q11UFYQojE1E+Xx0HfyLtWj1gTQ3nB3DNk1r1OVCOWxRBcumL//MdJjkLQcc9rg6
+V67lRqxI3vpNmYT6KXCLcVToFt7kjXzfXUTOwlQlWLVjl0lN8a5skUFXHn56TVWC
+y2HaYnReM1iaCqs7vcA4IOPh1qxqnUVXn1sWKcoaGpJ0PxqcF7xNVXai9fIieFoa
+1iDA/6trxYNkqOrrxm7rw2e5yVnZ8blIncII2Cw3h3NcaM6JmLpzTdA9ClgjS0iQ
+V8ND8NXNGw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEzDCCA7SgAwIBAgIQeAMamolAXWpzEV8D8xda7DANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFUxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFEZXhLbyBHbG9i
+YWwgSW5jLjEqMCgGA1UEAxMhRGV4S28gR2xvYmFsIEdDQyBSMyBTTUlNRSBDQSAy
+MDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LflneX8SBzuy5+e
+NXko+VrWcPnRWhbb5V4EJ4EWFQc12NYFYz0pKaRCVExWIirvrWlki+9zCYDp+tNZ
+F9o+wWTK1ahFJ/1oHWa2fIGrje/K31HJf0qobAE4NuMj3UZp2/Jl8Hwavd8nHgr3
+jXYYsO9OVfsD3QD5MCDkHbMFCZe3D8mPx+NJNNdlZjjlmogmcq8JZttc4l0GXsJ4
+1DqxtH6WEVgT/HA04BZKpTuwz7yxyp2PeTtcWMKPNnOWEnY7aQd8/sWOVlHjS2Oi
+Aeu/tg+c3xgK6KGk9DLGxF6JwVFurq2AnJ0qZ1uG1l81qRm6nAbA2wK1kDkojKID
+T7qoqQIDAQABo4IBnzCCAZswDgYDVR0PAQH/BAQDAgGGMDMGA1UdJQQsMCoGCCsG
+AQUFBwMCBggrBgEFBQcDBAYJKwYBBAGCNxUFBgkrBgEEAYI3FQYwEgYDVR0TAQH/
+BAgwBgEB/wIBADAdBgNVHQ4EFgQUPe9B8J3l16rrtSI0O954zXCAgA0wHwYDVR0j
+BBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7wwegYIKwYBBQUHAQEEbjBsMC0GCCsG
+AQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjMwOwYIKwYB
+BQUHMAKGL2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jvb3Qt
+cjMuY3J0MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5j
+b20vcm9vdC1yMy5jcmwwTAYDVR0gBEUwQzBBBgkrBgEEAaAyASgwNDAyBggrBgEF
+BQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJ
+KoZIhvcNAQELBQADggEBAHx6cMhuXqfIoyunzsuyjauZKUd39WyZfMcuS/uu67WP
+oKVgkbRO9l2p21G8iN/yFItsd5OCLfbs1SnYQ5N2Umlv/kuzeFsSRruFqD8gAvWa
+lnYIOsJ8uFMZEmtUkmK3cAA2hYh6imddvjPeyTrAUYRrrEFSxEWEkZcatN0dc1fc
+bmkZeK2VkUsuDuFaJe9bj4YCaAkQTM1GFJsK8oL4rpn1JvL15r9ScCn8cZVvZj52
+gvElFQ5bkQ8fXKdqVpxzFWy7ELdh8vfsSJMN8lKIWIP1+fmjGpqWkHeBCipcsN1l
+He2xheXgwwMgaAbhtgxa3YY07+8Ac63Tr4ccNMRWrbw=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEyzCCA7OgAwIBAgIQeAManMpO0yK0Jr0oTnz4mjANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFQxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRMaW5RdWVzdCBD
+b3Jwb3JhdGlvbjEmMCQGA1UEAxMdTGluUXVlc3QgR0NDIFIzIFNNSU1FIENBIDIw
+MjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVqObgQOQ0WGs2H5pG
+5yUpEZkLMkifZrZOvDBj+LgwJnRw1YcK/iYKw6W7L5MtOZfWBCurM5yv/ILtIZ8Y
+eMZauVu6Qy5RiHXMh9BpGu0+4tmDng/nrt8vMyLjKYXWRzHmO+dN1xHrmBGW5mXD
+j7crzhkYzgfiXWeA6HEnJMvfIB6I8NJlaONGPQUO37brATvSHZ5YsTu94KN7fuiS
+r1OkD2qveQpOmEZ4+yaXDyeftD/tc0TI/WqFwxFYXEpVrolOuVPU0V3xLPb3nUx5
+DdJWFg7TB90gzHchxj7JR19GCATsNqkbj8PMNqUssoV5btmV9MiLuIvWie2iwcWC
+EE/jAgMBAAGjggGfMIIBmzAOBgNVHQ8BAf8EBAMCAYYwMwYDVR0lBCwwKgYIKwYB
+BQUHAwIGCCsGAQUFBwMEBgkrBgEEAYI3FQUGCSsGAQQBgjcVBjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdDgQWBBTT6yEhmsm+0opNURq6jwM1mR2uSTAfBgNVHSME
+GDAWgBSP8Et/qC5FJK5NUPpjmove4t0bvDB6BggrBgEFBQcBAQRuMGwwLQYIKwYB
+BQUHMAGGIWh0dHA6Ly9vY3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzA7BggrBgEF
+BQcwAoYvaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvcm9vdC1y
+My5jcnQwNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNv
+bS9yb290LXIzLmNybDBMBgNVHSAERTBDMEEGCSsGAQQBoDIBKDA0MDIGCCsGAQUF
+BwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkq
+hkiG9w0BAQsFAAOCAQEAbppZtuVMfQXPp11rPj7JmnP1LeItTIdNI3kpJZ+90vDn
+elT2HmG3E9plQ171Vptl3jPwdVfP+ii7nl18ktWNs9b1F7c7hsw234xr5aBOAkmc
+3Q7dnT0rzY6PlL0VEYN0TiHFHLlWBGvKo19OY1+jbDmLTScS3VtzRPKIQj//46dU
+/Ay9i2d7Y3wWu+vVbUSbwPuKswxAad7scix/2fpAoGLfOHA4b6jWVX4srz72GAQ8
+yK5vTfIS07OSstl6Jdxhc/XHDp5SIIybi2Dfb65ylgFBKcTliznqUnzKFS2VGhZa
+/WjhxMLgJWrk51briY/qSUPe5VLVyucz4Uhtd6Tv0g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4TCCA8mgAwIBAgIQeAManmHI3Fl9YHmRyej4lTANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA4MTkwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMGoxCzAJBgNVBAYTAkJSMTcwNQYDVQQKEy5DT01QQU5ISUEg
+QlJBU0lMRUlSQSBERSBNRVRBTFVSR0lBIEUgTUlORVJBQ0FPMSIwIAYDVQQDExlD
+Qk1NIEdDQyBSMyBTTUlNRSBDQSAyMDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAooAdMIJKgM0zid2ryYerPNXDTTudkIU9rhGvJdToO4xo2co2HMfQ
+bMoeXL5rUHMSvE7TBHYy7MP6zI+hjSFAFzHh0orGhVbawUhEReL3j6g2QxXddJ5Q
+ryz2iFQKSMneXcT0WyBjg448Nz/PB0LsD1un+vwXMSsFwlbD05M9OJLH+lemdd53
+TEPLGAjY5WEZ+ZkV2aYALuop39doqdxXQ7Zv4zWdYYxodrPGGS2ntl8ATbT23rL0
+zGjMUXsz5tyieVbZeEy/rgaEPZbwdSpP1oAwplsfNxRE0WyuLLF2pKUED5jRpeyD
+JK2+98aKR/91OzcY+LHOKpmNe3SchrpoowIDAQABo4IBnzCCAZswDgYDVR0PAQH/
+BAQDAgGGMDMGA1UdJQQsMCoGCCsGAQUFBwMCBggrBgEFBQcDBAYJKwYBBAGCNxUF
+BgkrBgEEAYI3FQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUR0n8nXzc
+OukuGEka8F+EAcb4WHIwHwYDVR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7ww
+egYIKwYBBQUHAQEEbjBsMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxz
+aWduLmNvbS9yb290cjMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUuZ2xvYmFs
+c2lnbi5jb20vY2FjZXJ0L3Jvb3QtcjMuY3J0MDYGA1UdHwQvMC0wK6ApoCeGJWh0
+dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9vdC1yMy5jcmwwTAYDVR0gBEUwQzBB
+BgkrBgEEAaAyASgwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2ln
+bi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcNAQELBQADggEBABEGA1jHY4pm1L4X
+ns61voRjoWERjBok6S5FhOLOqAOJDS4nKoZ5K5WmYrq5H+2L9lT0qiEAn9ODeK0b
+ydtN5WsLMIRLRNCohnjcYH+2X39AQ761pUEphAz0/Hc7p6ya0wRNh/ISZh1FBxvL
+yGymyQPm2ZpcafJcy4QTOGyp1tgITzLo572cjdC5WyqYCUWpE8u7ZO2SVsNCQtNs
+LR4Oduxlt4VmfwK64yKRO0pbTVed6WAqHnclxMrJLvhDAQBEPVFCOS5fllFWhkli
+XQ8hRyebn+ZwOcLd2i7hTbWoFgT6dR8B6Wn8YMjLE3vUPj30FbOgZnsNx+3KAvn8
+wgXnF0Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGtTCCBJ2gAwIBAgIULKjNxbjtdQeAxy4zksmUHA/7iCYwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0yMDA4MjgwMDU4NThaFw0z
+MDA4MjYwMDU4NThaMFcxCzAJBgNVBAYTAk5MMSAwHgYDVQQKDBdRdW9WYWRpcyBU
+cnVzdGxpbmsgQi5WLjEmMCQGA1UEAwwdUXVvVmFkaXMgUXVhbGlmaWVkIFdlYiBJ
+Q0EgRzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQChfGr6wcVF3h+E
+Zo0Kh0Q+HzJw2vZN3y/epYSzh9DQaHss99SnALka1hM0G61WO/P7stWZRP4rVmjZ
+l3jPV330JzvWw+rBOoesI0N6xIMLbbnUVozUapF/XBYmGbwYnshQX6RTFPcpiRMO
+gp814sWBADWAcpcoVBMfmxGxumSjai58JYPAh6fcYIcH/agrzRaxHsCa8uKKU6PH
+GR+v6w/ytfsbmLsYIQMIHyKiIlMo5vrOGiSCT/0e78sgvEX3OSYTl4yYp3AKbJG3
+EI/+Bb/W2tJCFsnP7rOT9Whjcm3D9FIjmzzxWjbL86UPZfGuJi9Jx6k0xOWr1+bJ
+Uq/9kazBi4sJaMZ4j+o3v8gQWu2G7o0O9840LyOnYnHnGQoFBiQzaIEOR7XNITHs
+tmzmUmdO6/Ko8b9l54tECNXh6dN/k/vlDC1gOaB1+qHqkFO3tk6LBVKprwrt9I16
+vbkA0sq7xGHtY9d/hj0PGaUnfgOT9wlhYq2wYLwI0CH/NrTWULH24Uhhstt+jR2N
+yJmO2BtJWA603CeYYnfWwHHm3bJMmGwzp1fDQm/PZlLo1WWaN5+/zVBLXfLVgDSa
+mv/vExynEESG248O9K/2TM9WdjX/qZwGcXDbZZjnxkcDxWA6CtX+SP4wO2fLY8lT
+XzrzFYWGp0ZCNeC4jDaUTgXFqrzNtQIDAQABo4IBhjCCAYIwEgYDVR0TAQH/BAgw
+BgEB/wIBATAfBgNVHSMEGDAWgBTt5292Wr9g7ElbxqV3u3IWcZvEPTB0BggrBgEF
+BQcBAQRoMGYwOAYIKwYBBQUHMAKGLGh0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2Jh
+bC5jb20vcXZyY2EyZzMuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92
+YWRpc2dsb2JhbC5jb20wSgYDVR0gBEMwQTA/BgRVHSAAMDcwNQYIKwYBBQUHAgEW
+KWh0dHBzOi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MB0GA1Ud
+JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRw
+Oi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTJnMy5jcmwwHQYDVR0OBBYE
+FNL0fkOhZHZhby2JB8fjYA733MuCMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0B
+AQsFAAOCAgEACbVTsbKH5DcJ02cc3bO7sB2BUAl/HMv/QcCXPbQRsog+1N7E0c9u
+EXPIJU+dmGjT3XVE67QseWW6ybua5z6b19PLMwAzwE+tiTGECbe2RGAptnt2qTdt
+Ndn5DoGEVL83bg0vqqp5MXzJm4vjUdA0LPaL9Cts70yPd0d3IWDyQvxeBkDRRnXW
+rvMP25xVgsaScEpELUo4L2boFSBjwxMnca8UIxERK3mFKU2uS2S7F7TQl2XLkKIo
+Ho1JEvEJONKlgDry+OxL4z5yoVI6AvGdx74fYRhoHeX77Xxa5n2DhO8ZdL7i4x65
+27s+nr0xuzjD9ZBV9en/vGLnZNVpbPSy7VT+QVAKnQfJAeW18UUidK7G7f60O9D6
+irXR2IqZyPUsxtp0PghMIsOpIAXoZCH/DvCAbphRGv9jiTY2OmnIs9kAVWv4N/bP
+gwrzhC2fuMBkbjajwzWgGJxVyyxSBk9TuRfKIo+AxuKbykgrYd7jBJo6G7vKkyOS
+KMkrepmLcytAuNwUkUaXK2YT57LoVUwBCwviDxheuucr2eMwYqnYfIN0Ob4DQet6
+Gyudnk3kVWJpLd1TvcqdeEwXbArsSl7gOnNSxz7UMkb+fralgOQJNkerckUZnyYm
+HdK7ln8hVWLLLobTGGzeiaciuYN0cDLCWOSF07GWHqYCyTgV2T2shY0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwTCCBKmgAwIBAgIUTagCu/I0w0cHRqxOR/zemut8w78wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMDA4MzExOTA0MDhaFw0z
+MDA4MjkxOTA0MDhaMFcxCzAJBgNVBAYTAkJFMSUwIwYDVQQKDBxEaWdpQ2VydCBF
+dXJvcGUgQmVsZ2l1bSBCLlYuMSEwHwYDVQQDDBhpdHNtZSBTaWduIElzc3Vpbmcg
+Q0EgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDArbBnvS/CdlET
+szG+s0WUdzWgFm+ebYVEf1BHa2Fq5s7i/M4VuPNprEzlezIKoxxmootA+oHSwdmK
+k7ZGLczc2grUSpccYcNKK58hBH/dbiVyI00AyKHobGqDcXwM83xrBOjQvE8hfQ4/
+vtuB3g0YdOzfudZW8qf0aubuMA14cqW9XsyrPz/A7SSAptwK+70o/eNwP1DB0be2
+cfTDcpb8TIxX73y5vad10qCBaShp7aWqS1d5+76uVJ25lk+lsRT65Ob7Eqa+cBA2
+KEN31NdwnpMhZhhQNKHDL9HzQERrZcMJLxOALg4+FzHpK8QUbGRHw5rKJirOhf9W
+SsTXkFBYIphg6ffXxtZZq5NHdCk974l/vYlsl9vDz/DKt3spa72XR3NO2bdGM8Qw
+TGxJtELQWeUjfNS7sSW+MA71dQA2HLtqf3mnXj5gZZnx201urhSGcyK0HZ6tKAS7
+OBwYOXlTIa+SXhDT+1GceUcSNbsNQSzyDZubASitVNQsgkzQ9MCaYDMzdF0wxoNn
+RcUp3W2pAg9/JWIlFcTFOBobSdApT5XftWq5Y+5ZTOFhkPDgV+DJvW5gjxP8fkOO
+EFsfdufuK0w6WKGWI7yXiPF06yazEUyX/LrHo7pTmIOjrI4MSdI2aGWZK+Pf8xnK
+cjshjqXk22onzUGWmPJsPc83/oJPbwIDAQABo4IBkjCCAY4wEgYDVR0TAQH/BAgw
+BgEB/wIBADAfBgNVHSMEGDAWgBSjl9bzXqIQ4atFnzwXZDzuAXCczDB0BggrBgEF
+BQcBAQRoMGYwOAYIKwYBBQUHMAKGLGh0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2Jh
+bC5jb20vcXZyY2ExZzMuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92
+YWRpc2dsb2JhbC5jb20wSgYDVR0gBEMwQTA/BgRVHSAAMDcwNQYIKwYBBQUHAgEW
+KWh0dHBzOi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MCkGA1Ud
+JQQiMCAGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNwoDDDA7BgNVHR8ENDAy
+MDCgLqAshipodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTFnMy5j
+cmwwHQYDVR0OBBYEFOHztE/RydsTY15P3GYUOtGgK3ytMA4GA1UdDwEB/wQEAwIB
+BjANBgkqhkiG9w0BAQsFAAOCAgEAShR70+dqY13xJ4T20iJcym64HZmae7k6NTXm
+tSi+dVANmzooCpb+z/QLzCDfvR5wNllw0x8fjLc1S4gtfdKcBRieY6pn/6Q2h8P1
+WMjrhOHjNTXprIor0b+NiUOlqKIoUQs8huCsBcPyqStmGnT3VOOyiIz24WB0U7UF
+e2Q+5lPwraiF2gOyMPo4fxQASNg2E7gWyOoi+umsHas1WRUq2AgCVh3F+vSKi7nc
+izHbT7vXhA8jXv66+HcU8yZGL+EgAJy1Ruu6ADCyxT8sdfvf2tqqUHJ8BrAyePMj
+/mH0wP0HF69YL4u+w2fI1dOJm1YkdyHjQ+SgbCWUmDpO3rcosqzWSfi/Wm+qL0E8
+iy/tDJ3eXofXuX8P34WdlYyd5xWW/cZ7YCvEmg9EFeVseBfaP+OhBKVI0jbXb2JA
+WA7yMi+BsufWRad3gYlHpMhqzRWbDofYY7Voyctujz06wFxEbI7ffyoICY18V405
+HM1L/ODuPaQG7gCK5VlgnOPWwlVwpfys5atoBdigVXFOqnTT7EYLFVJQtoKbx9ml
+8k6Xy0PP7PoA9kVl7sKMlqMjOeRJ1kqFdqnMPPWPLx2ukhM9776KtdBEp4WLFv05
+G31bexe41A7aP8T7nBFyymdFMn3u7aC0DJlAhOQmb86uy5vDuI2GHjNMA2klr2QC
+w0vQ74M=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICxjCCAk2gAwIBAgIRALO93/inhFu86QOgQTWzSkUwCgYIKoZIzj0EAwMwTzEL
+MAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNo
+IEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDIwHhcNMjAwOTA0MDAwMDAwWhcN
+MjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3MgRW5j
+cnlwdDELMAkGA1UEAxMCRTEwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQkXC2iKv0c
+S6Zdl3MnMayyoGli72XoprDwrEuf/xwLcA/TmC9N/A8AmzfwdAVXMpcuBe8qQyWj
++240JxP2T35p0wKZXuskR5LBJJvmsSGPwSSB/GjMH2m6WPUZIvd0xhajggEIMIIB
+BDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFFrz7Sv8NsI3eblSMOpUb89V
+yy6sMB8GA1UdIwQYMBaAFHxClq7eS0g7+pL4nozPbYupcjeVMDIGCCsGAQUFBwEB
+BCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gyLmkubGVuY3Iub3JnLzAnBgNVHR8E
+IDAeMBygGqAYhhZodHRwOi8veDIuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYG
+Z4EMAQIBMA0GCysGAQQBgt8TAQEBMAoGCCqGSM49BAMDA2cAMGQCMHt01VITjWH+
+Dbo/AwCd89eYhNlXLr3pD5xcSAQh8suzYHKOl9YST8pE9kLJ03uGqQIwWrGxtO3q
+YJkgsTgDyj2gJrjubi1K9sZmHzOa25JK1fUpE8ZwYii6I4zPPS/Lgul/
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICGzCCAaGgAwIBAgIQQdKd0XLq7qeAwSxs6S+HUjAKBggqhkjOPQQDAzBPMQsw
+CQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2gg
+R3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMjAeFw0yMDA5MDQwMDAwMDBaFw00
+MDA5MTcxNjAwMDBaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5ldCBT
+ZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgyMHYw
+EAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0HttwW
++1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7AlF9
+ItgKbppbd9/w+kHsOdx1ymgHDB/qo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0T
+AQH/BAUwAwEB/zAdBgNVHQ4EFgQUfEKWrt5LSDv6kviejM9ti6lyN5UwCgYIKoZI
+zj0EAwMDaAAwZQIwe3lORlCEwkSHRhtFcP9Ymd70/aTSVaYgLXTWNLxBo1BfASdW
+tL4ndQavEi51mI38AjEAi/V3bNTIZargCyzuFJ0nN6T5U6VR5CmD1/iQMVtCnwr1
+/q4AaOeMSQ+2b1tbFfLn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEYDCCAkigAwIBAgIQB55JKIY3b9QISMI/xjHkYzANBgkqhkiG9w0BAQsFADBP
+MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy
+Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yMDA5MDQwMDAwMDBa
+Fw0yNTA5MTUxNjAwMDBaME8xCzAJBgNVBAYTAlVTMSkwJwYDVQQKEyBJbnRlcm5l
+dCBTZWN1cml0eSBSZXNlYXJjaCBHcm91cDEVMBMGA1UEAxMMSVNSRyBSb290IFgy
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEzZvVn4CDCuwJSvMWSj5cz3es3mcFDR0H
+ttwW+1qLFNvicWDEukWVEYmO6gbf9yoWHKS5xcUy4APgHoIYOIvXRdgKam7mAHf7
+AlF9ItgKbppbd9/w+kHsOdx1ymgHDB/qo4HlMIHiMA4GA1UdDwEB/wQEAwIBBjAP
+BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR8Qpau3ktIO/qS+J6Mz22LqXI3lTAf
+BgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcBAQQmMCQw
+IgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wJwYDVR0fBCAwHjAc
+oBqgGIYWaHR0cDovL3gxLmMubGVuY3Iub3JnLzAiBgNVHSAEGzAZMAgGBmeBDAEC
+ATANBgsrBgEEAYLfEwEBATANBgkqhkiG9w0BAQsFAAOCAgEAG38lK5B6CHYAdxjh
+wy6KNkxBfr8XS+Mw11sMfpyWmG97sGjAJETM4vL80erb0p8B+RdNDJ1V/aWtbdIv
+P0tywC6uc8clFlfCPhWt4DHRCoSEbGJ4QjEiRhrtekC/lxaBRHfKbHtdIVwH8hGR
+Ib/hL8Lvbv0FIOS093nzLbs3KvDGsaysUfUfs1oeZs5YBxg4f3GpPIO617yCnpp2
+D56wKf3L84kHSBv+q5MuFCENX6+Ot1SrXQ7UW0xx0JLqPaM2m3wf4DtVudhTU8yD
+ZrtK3IEGABiL9LPXSLETQbnEtp7PLHeOQiALgH6fxatI27xvBI1sRikCDXCKHfES
+c7ZGJEKeKhcY46zHmMJyzG0tdm3dLCsmlqXPIQgb5dovy++fc5Ou+DZfR4+XKM6r
+4pgmmIv97igyIintTJUJxCD6B+GGLET2gUfA5GIy7R3YPEiIlsNekbave1mk7uOG
+nMeIWMooKmZVm4WAuR3YQCvJHBM8qevemcIWQPb1pK4qJWxSuscETLQyu/w4XKAM
+YXtX7HdOUM+vBqIPN4zhDtLTLxq9nHE+zOH40aijvQT2GcD5hq/1DhqqlWvvykdx
+S2McTZbbVSMKnQ+BdaDmQPVkRgNuzvpqfQbspDQGdNpT2Lm4xiN9qfgqLaSCpi4t
+EcrmzTFYeYXmchynn9NM0GbQp7s=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICxjCCAkygAwIBAgIQTtI99q9+x/mwxHJv+VEqdzAKBggqhkjOPQQDAzBPMQsw
+CQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2gg
+R3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMjAeFw0yMDA5MDQwMDAwMDBaFw0y
+NTA5MTUxNjAwMDBaMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNy
+eXB0MQswCQYDVQQDEwJFMjB2MBAGByqGSM49AgEGBSuBBAAiA2IABCOaLO3lixmN
+YVWex+ZVYOiTLgi0SgNWtU4hufk50VU4Zp/LbBVDxCsnsI7vuf4xp4Cu+ETNggGE
+yBqJ3j8iUwe5Yt/qfSrRf1/D5R58duaJ+IvLRXeASRqEL+VkDXrW3qOCAQgwggEE
+MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEw
+EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUbZkq9U0C6+MRwWC6km+NPS7x
+6kQwHwYDVR0jBBgwFoAUfEKWrt5LSDv6kviejM9ti6lyN5UwMgYIKwYBBQUHAQEE
+JjAkMCIGCCsGAQUFBzAChhZodHRwOi8veDIuaS5sZW5jci5vcmcvMCcGA1UdHwQg
+MB4wHKAaoBiGFmh0dHA6Ly94Mi5jLmxlbmNyLm9yZy8wIgYDVR0gBBswGTAIBgZn
+gQwBAgEwDQYLKwYBBAGC3xMBAQEwCgYIKoZIzj0EAwMDaAAwZQIxAPJCN9qpyDmZ
+tX8K3m8UYQvK51BrXclM6WfrdeZlUBKyhTXUmFAtJw4X6A0x9mQFPAIwJa/No+KQ
+UAM1u34E36neL/Zba7ombkIOchSgx1iVxzqtFWGddgoG+tppRPWhuhhn
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
+WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cP
+R5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdx
+sxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8Zutm
+NHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxg
+Z3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG
+/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaA
+FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
+AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
+Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
+gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6W
+PTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wl
+ikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQz
+CkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BIm
+lJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4
+avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2
+yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1O
+yK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90Ids
+hCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+
+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6Zv
+MldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqX
+nLRbwHOoq7hHwg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFFjCCAv6gAwIBAgIRAIp5IlCr5SxSbO7Pf8lC3WIwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAw
+WhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCUjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCzKNx3KdPnkb7ztwoAx/vyVQslImNTNq/pCCDfDa8oPs3Gq1e2naQlGaXS
+Mm1Jpgi5xy+hm5PFIEBrhDEgoo4wYCVg79kaiT8faXGy2uo/c0HEkG9m/X2eWNh3
+z81ZdUTJoQp7nz8bDjpmb7Z1z4vLr53AcMX/0oIKr13N4uichZSk5gA16H5OOYHH
+IYlgd+odlvKLg3tHxG0ywFJ+Ix5FtXHuo+8XwgOpk4nd9Z/buvHa4H6Xh3GBHhqC
+VuQ+fBiiCOUWX6j6qOBIUU0YFKAMo+W2yrO1VRJrcsdafzuM+efZ0Y4STTMzAyrx
+E+FCPMIuWWAubeAHRzNl39Jnyk2FAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMC
+AYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFDadPuCxQPYnLHy/jZ0xivZUpkYmMB8GA1UdIwQYMBaA
+FHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcw
+AoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRw
+Oi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQB
+gt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCJbu5CalWO+H+Az0lmIG14DXmlYHQE
+k26umjuCyioWs2icOlZznPTcZvbfq02YPHGTCu3ctggVDULJ+fwOxKekzIqeyLNk
+p8dyFwSAr23DYBIVeXDpxHhShvv0MLJzqqDFBTHYe1X5X2Y7oogy+UDJxV2N24/g
+Z8lxG4Vr2/VEfUOrw4Tosl5Z+1uzOdvTyBcxD/E5rGgTLczmulctHy3IMTmdTFr0
+FnU0/HMQoquWQuODhFqzMqNcsdbjANUBwOEQrKI8Sy6+b84kHP7PtO+S4Ik8R2k7
+ZeMlE1JmxBi/PZU860YlwT8/qOYToCHVyDjhv8qutbf2QnUl3SV86th2I1QQE14s
+0y7CdAHcHkw3sAEeYGkwCA74MO+VFtnYbf9B2JBOhyyWb5087rGzitu5MTAW41X9
+DwTeXEg+a24tAeht+Y1MionHUwa4j7FB/trN3Fnb/r90+4P66ZETVIEcjseUSMHO
+w6yqv10/H/dw/8r2EDUincBBX3o9DL3SadqragkKy96HtMiLcqMMGAPm0gti1b6f
+bnvOdr0mrIVIKX5nzOeGZORaYLoSD4C8qvFT7U+Um6DMo36cVDNsPmkF575/s3C2
+CxGiCPQqVxPgfNSh+2CPd2Xv04lNeuw6gG89DlOhHuoFKRlmPnom+gwqhz3ZXMfz
+TfmvjrBokzCICA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIErDCCA5SgAwIBAgIRAMPgD58ALsVZugLEpfJgDF8wDQYJKoZIhvcNAQELBQAw
+fjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu
+QS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAG
+A1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAeFw0yMDA5MDkwODAyNTRa
+Fw0yODA5MDkwODAyNTRaMEExCzAJBgNVBAYTAlVTMRswGQYDVQQKDBJSb290IE5l
+dHdvcmtzLCBMTEMxFTATBgNVBAMMDFJvb3QgQ0EgLSBHMzCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAMUiL5hGHyQbL7wgWfsagEWVVZhxCnBnbnQsft5E
+KUPSjZ1a0BrK0QNWmzH6DObUQSdMuBC/bCuYqfAePBFiMA0hHn7FOBeVTJ/lspN6
+Xu2vi3TzBEAQnabcAgJP6eDlZ7HA2CT9KARwL8mNPeYk/UOasuCWkI7hyiJhsS3u
+m0V+EE7MfVLE2cL+/JVc8WOnKABK/r5fTZEZrIg78l3HTmx1AAQCxCDAM0nQfvw2
+JfYW2qHU9aqFgDN1CkHAIvwQP2K+QdnDbLKRCNxYWh32T1lyc1L5b3hz2RFZQpDA
+nde4ChTpf6rnk9XyooSS03Dr82BWda76yVvHpb6+jI5Ghb0CAwEAAaOCAWAwggFc
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFJdR8YjL3V0fYHEMujcLD/5o
+M7SzMB8GA1UdIwQYMBaAFAh2zcsH/yT2xc3tu5C84oQ3RnX3MA4GA1UdDwEB/wQE
+AwIBBjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwLwYDVR0fBCgwJjAk
+oCKgIIYeaHR0cDovL2NybC5jZXJ0dW0ucGwvY3RuY2EuY3JsMGsGCCsGAQUFBwEB
+BF8wXTAoBggrBgEFBQcwAYYcaHR0cDovL3N1YmNhLm9jc3AtY2VydHVtLmNvbTAx
+BggrBgEFBQcwAoYlaHR0cDovL3JlcG9zaXRvcnkuY2VydHVtLnBsL2N0bmNhLmNl
+cjA5BgNVHSAEMjAwMC4GBFUdIAAwJjAkBggrBgEFBQcCARYYaHR0cDovL3d3dy5j
+ZXJ0dW0ucGwvQ1BTMA0GCSqGSIb3DQEBCwUAA4IBAQC+khmGmE6GRVOgXBWDLQbm
+CGXB07CggWngBF1TNqJIbHH1HbKa5KIoeOLCAosFoHqxSQ/Jvj8FzrINN0yiTDB8
+kucNC1OSJph0Co8vNg3ceHA/cRGDsSRvSnwaRIZ95r202Tnjfqzibd/zmvVCaITS
+zQChOiaqqUbmSXkDGSgDTRNe8vWNxd8rzhZgr5/mY/ki4N0Md7t8SJGYsN/lNE1m
+SblJt84HmQDI578hplp3ePNjWJovf9syXCYuxtTbgHJ0vOo6XMQJhDzr3RkN2mmN
+qnG9t0ln8Lb8CXLLuKfQE3R9X2tYrFzjH949FRrJpbGiLKtdADkRD2OktgnEiUQf
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvDCCA6SgAwIBAgIQeEqpEhjRpCYIUTzTZlVDozANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA5MTYwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIEdDQyBSMyBQZXJzb25hbFNpZ24g
+MSBDQSAyMDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxvJBqEa
+paux2/z3J7fFslROWjKVJ5rCMfWGsg17dmD7NSnG7Spoa8d3htXsls1IMxoO8Pyo
+uQajNQqYmlYoxinlqenMNv7CJyEKMOAtglBmD6C/QC7kT+dSx4HfSTs8xmv8veJO
+ldMzF8S/BEn/tD4w/Dvpg+oXOqDyOiHPTacRFK0QHoq5eEbBmVS8W0rwcaRotO9f
+GTA+NjF0My7GLRNK0eMPGh2hcPZURQhXy7wRQ8XFIfEA6kaQHHN22ncnVtwqiTmA
+wTR+4GNNVinG3KjNZLAVSnGrdCvT2I4Zo19hKy5PX6o7wrVXvMR4zV5VBFwV6ZDM
++xewao7Mup+SbwIDAQABo4IBiTCCAYUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQW
+MBQGCCsGAQUFBwMCBggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1Ud
+DgQWBBSFu/DMxDa1CmJ2o5kuj7s6aq3FUTAfBgNVHSMEGDAWgBSP8Et/qC5FJK5N
+UPpjmove4t0bvDB6BggrBgEFBQcBAQRuMGwwLQYIKwYBBQUHMAGGIWh0dHA6Ly9v
+Y3NwLmdsb2JhbHNpZ24uY29tL3Jvb3RyMzA7BggrBgEFBQcwAoYvaHR0cDovL3Nl
+Y3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvcm9vdC1yMy5jcnQwNgYDVR0fBC8w
+LTAroCmgJ4YlaHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9yb290LXIzLmNybDBM
+BgNVHSAERTBDMEEGCSsGAQQBoDIBKDA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3
+dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEA
+WWtqju12g524FdD2HwUXU1rSxeM5aSU1cUC1V/xBjXW0IjA7/3/vG2cietPPP/g3
+lpoQePVJpQAKZml81fHwPPivFK9Ja41jJkgqGzkORSC0xYkh2gGeQg1JVaCzcrRz
+JElRjT442m6FpbLHCebxIHLu0WBNjLZreB6MYMaqdPL6ItbXtD/BU4k517cEuUbc
+zoBFZArajq7oUBWXuroln5AMnRwVNwgJN4Np0s4kkJ94KepzbFOLzcbnfUB0+xT4
+foXmbM0GmmcPGOy0qvqEHJsBwDZXDxIk8oqCnnLngi7N94Sn4eTcmpZ9NH2dDN1O
+TEPVXgRG5X1pBcNtMWG6MA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzDCCA7SgAwIBAgIQeEqpCvuP+7xUW0sot/yjUzANBgkqhkiG9w0BAQwFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEtMCsGA1UE
+AxMkR2xvYmFsU2lnbiBDQSBmb3IgQUFUTCAtIFNIQTM4NCAtIEc0MB4XDTIwMDkx
+NjAwMDAwMFoXDTMwMDkxNjAwMDAwMFowUTELMAkGA1UEBhMCQkUxGTAXBgNVBAoT
+EEdsb2JhbFNpZ24gbnYtc2ExJzAlBgNVBAMTHkdsb2JhbFNpZ24gR0NDIFI2IEFB
+VEwgQ0EgMjAyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMI1Jp14
+T95zBiOIXrtDdbwE5o+oW08OJI5x1s+ZfuF+jcpfhbOJPPK95Ih9hTqWQJEluM3g
+VPSTur6lSBMAnvIoUpOege7AcUiG3Df8uabQaPs4b8AYMPlPIyX5jCkteOUCGqkD
+ZlDJDI5nYBK1qK326XUKFV/NH80hxwV+HohoQBLhtFfQ68gKrMDvwF7S57q4adaP
+wO2gE47MHUJvQ2SbtjGjx7DCN80qtHpXGMDJIR9Bpounp2CNQMG4lNpy+R/JYcZs
+5DsvjzkLC+zn8L7hzTzjpvh+lW83/UXqHmXwj8vwS/1WbW6Rj6GbkJhE01yBpvRf
+CDYDP2a4Q0TQPY0CAwEAAaOCAZgwggGUMA4GA1UdDwEB/wQEAwIBhjAUBgNVHSUE
+DTALBgkqhkiG9y8BAQUwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUdyLZ
+awqinL/F1uwRVjQEPK4K028wHwYDVR0jBBgwFoAUie91cXpfRxuXI9yQSsv/wCY2
+CNUwgYgGCCsGAQUFBwEBBHwwejA2BggrBgEFBQcwAYYqaHR0cDovL29jc3AuZ2xv
+YmFsc2lnbi5jb20vY2EvZ3NhYXRsc2hhMmc0MEAGCCsGAQUFBzAChjRodHRwOi8v
+c2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9nc2FhdGxzaGEyZzQuY3J0MD4G
+A1UdHwQ3MDUwM6AxoC+GLWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vY2EvZ3Nh
+YXRsc2hhMmc0LmNybDBNBgNVHSAERjBEMEIGCisGAQQBoDIBKB4wNDAyBggrBgEF
+BQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJ
+KoZIhvcNAQEMBQADggIBAC/n7wJw4n2q266yVLD2Gk71VEtE9wjh5xovU4sUbHpz
+3aSQlC/HVqGKE/eDDAyYFSx8Vll1PlvSz41jWhma8YXrYRoTn3dRRssnDnbPARlW
+TmTv3EY+9YcY7kdHpo7rxFUBH+Th9AdGjrqe5vdd4uJ9NG/MEeL2ZMliRzeoLIIu
+VOSsQzA2xalLzVfJfmnTPv5a0innAfuPQAKNAqArVhVO48bmCwsmkF8aSeGVNnbQ
+goHeXmBAiW/SB+PukKJ2U8AGGeIYdA1uUngyuhwPrD7/EKasZUONxvrEbCJPgUo5
+GO5Lr5T2Gc2eZvxIPk7LHzCPewN4r1rds1Vs3BNAy6/V285MBxcgbvaHhvpAaGaH
+ZOb8W194gWoIkq3sP6VBMww1GGHE7ggon3JFHVgEk6gv3VaZoRCGk3KmkR945xdZ
+AGOcurSO2u1Hkavik0WgIvumMP78OqEOJN7nhxpM9b7eXBC3G+E4immDwekYB2nU
+XmXGqBhVbXITrgI4WtIBDDPPvE+RRft9//DpMk77qj/mJG6iR+ydBDuv0TdJPc/J
+qW7p70tRpEwv6aUAHIV/lj8/XOrhqvKslvb18xQImESPlW1sqKZUG+JVwmk29p8H
+8zXemuwcBayISKAIqncGmOGMBHtwlWlVPeqZzl2VWjB8j+u08j8+9P/1r/A/ZlYF
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFtTCCBJ2gAwIBAgIQeEqpJrbnW++td7NIAblS0DANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA5MTYwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFkxCzAJBgNVBAYTAkdCMRswGQYDVQQKExJHTU8gR2xvYmFs
+U2lnbiBMdGQxLTArBgNVBAMTJEdsb2JhbFNpZ24gR0NDIFIzIFVLIEVWIFFXQUMg
+Q0EgMjAyMDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANb8rtddi5/y
+jm2toox7VSaHcs1oda93dEOEaLfEtyxwg72oNvwgR48PxufwfoKwCLq8RYmGzGDF
+Famw1Ff3+7eBsj9Y1yt4/2HqBPBzkTZk96gvUpQ90EHwMbat0Nsxagess1WrDXUv
+9U4NYwBeZo52MqFYvny2uuu+T41RPmNqbfzMNgBSamqvqEIDGr3XZ5xRviLG+d6H
+nYyy+zIENDoBpzSNV5ni4y0KTs7A5r7bsZAveiAu2mO69jKDHxegisLutWzbOElf
+KWQ0w+xuh46gb/d5/6CF/uGCohWOJZKB+cb8JYMUENH8fNu3ZcLJNihynxONLlmM
+dT30wW6vUe/1vKpoZJhVLpi+yJ9Bt5Y3zQRLVge52qvaRuVqccydyTTR8N0VuvyD
+f7WJXJ2lE4cmwoXMB4O4YxCnQZLfrCtQRXkjh6UVzWmIkTzFIWRi8b/tM7Q8/h7z
+coFMdNR8iH2msYN5dHFai5w4a4isbnSxX8QU4lgROh5SQTyWKSEwY4N0LFUA9YWo
+U9v76ucTr9Nq/gJJG02ue2ZN6mYzY34qSQyBrwW4lp3z7wReFKZ54SKzzuWbXnd2
+MG9i18n5W36PjXZlYtG86Dlhiwyr5MUihtA3k0PLdlIeBfxL/puxjJB/lH3TpPdg
+kSxwUGo0Jl65tUGGtdKwRUvw488Nx0PJAgMBAAGjggGEMIIBgDAOBgNVHQ8BAf8E
+BAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHQYDVR0OBBYEFAeUNkpRlUn97ioGeTZ/wjc7Ttu/MB8GA1UdIwQY
+MBaAFI/wS3+oLkUkrk1Q+mOai97i3Ru8MHoGCCsGAQUFBwEBBG4wbDAtBggrBgEF
+BQcwAYYhaHR0cDovL29jc3AuZ2xvYmFsc2lnbi5jb20vcm9vdHIzMDsGCCsGAQUF
+BzAChi9odHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9yb290LXIz
+LmNydDA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29t
+L3Jvb3QtcjMuY3JsMEcGA1UdIARAMD4wPAYEVR0gADA0MDIGCCsGAQUFBwIBFiZo
+dHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzANBgkqhkiG9w0B
+AQsFAAOCAQEAYTUdDFCkY6pGCgQWAI7Y/n1Dpk5BqieG7dYxX8e3uKMAVEObEpbo
+NixYe4tnICApgFay9FERbc4QIJjCfLKpcgJGn5oWg0WRUSiuuwx5oATplUn012wx
+SfBPRUzEYTQVzihSGiDa1u/4Y55WE7hzf34DRfPi8a4pQfHc+TMdL10lMbIZdUTO
+p84lkKnHza4bze+p+TCwJxJmrMvI+9m5Ml9+dStsbEG+wXkPLNxPYEAlFT/IrvUj
+6uMLhsUMlogMUC07e6kz7G/XuXVIYTFsvkwPvwO2VGPL2ScSfeb5dS93QzWHYWyt
+34qNN2lYl2srnoCe5T0AAE3EL7SQuqEubw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFDTCCA/WgAwIBAgIQeEqpED+lv77edQixNJMdADANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDA5MTYwMDAwMDBaFw0y
+ODA5MTYwMDAwMDBaMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWdu
+IG52LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIEdDQyBSMyBQZXJzb25hbFNpZ24g
+MiBDQSAyMDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbCmXCcs
+bZ/a0fRIQMBxp4gJnnyeneFYpEtNydrZZ+GeKSMdHiDgXD1UnRSIudKo+moQ6YlC
+Ou4trVWO/EiXfYnK7zeop26ry1RpKtogB7/O115zultAz64ydQYLe+a1e/czkALg
+3sgTcOOcFZTXk38eaqsXsipoX1vsNurqPtnC27TWsA7pk4uKXscFjkeUE8JZu9BD
+KaswZygxBOPBQBwrA5+20Wxlk6k1e6EKaaNaNZUy30q3ArEf30ZDpXyfCtiXnupj
+SK8WU2cK4qsEtj09JS4+mhi0CTCrCnXAzum3tgcHcHRg0prcSzzEUDQWoFxyuqwi
+whHu3sPQNmFOMwIDAQABo4IB2jCCAdYwDgYDVR0PAQH/BAQDAgGGMGAGA1UdJQRZ
+MFcGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNxQCAgYKKwYBBAGCNwoDBAYJ
+KwYBBAGCNxUGBgorBgEEAYI3CgMMBggrBgEFBQcDBwYIKwYBBQUHAxEwEgYDVR0T
+AQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUljPR5lgXWzR1ioFWZNW+SN6hj88wHwYD
+VR0jBBgwFoAUj/BLf6guRSSuTVD6Y5qL3uLdG7wwegYIKwYBBQUHAQEEbjBsMC0G
+CCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjMwOwYI
+KwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jv
+b3QtcjMuY3J0MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2ln
+bi5jb20vcm9vdC1yMy5jcmwwWgYDVR0gBFMwUTALBgkrBgEEAaAyASgwQgYKKwYB
+BAGgMgEoCjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNv
+bS9yZXBvc2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAdAXk/XCnDeAOd9nNEUvW
+PxblOQ/5o/q6OIeTYvoEvUUi2qHUOtbfjBGdTptFsXXe4RgjVF9b6DuizgYfy+cI
+Lmvi5hfk3Iq8MAZsgtW+A/otQsJvK2wRatLE61RbzkX89/OXEZ1zT7t/q2RiJqzp
+vV8NChxIj+P7WTtepPm9AIj0Keue+gS2qvzAZAY34ZZeRHgA7g5O4TPJ/oTd+4rg
+iU++wLDlcZYd/slFkaT3xg4qWDepEMjT4T1qFOQIL+ijUArYS4owpPg9NISTKa1q
+qKWJjFoyms0d0GwOniIIbBvhI2MJ7BSY9MYtWVT5jJO3tsVHwj4cp92CSFuGwunF
+Mw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGnjCCBIagAwIBAgIUK6/F8KjSE0CdpC52H2GayRmEvNQwDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
+BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0yMDA5MjIxOTIxMTJaFw0yNjA1
+MjMxNTI3MDJaMEcxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
+dGVkMR0wGwYDVQQDExRRdW9WYWRpcyBHcmlkIElDQSBHMjCCAiIwDQYJKoZIhvcN
+AQEBBQADggIPADCCAgoCggIBANg3D8Nowe7J1akat//nm17yKAxum/gkmx4MI0/G
+eFhxAh9hgQoaOyVfr5B+oCefTXWVmqgocA9wJoXbaLCvnpt+AKZpK1YXq7AK1sUW
+UgFKHiSb5FBoLMUVBQrppaXctxosBu1XCMwIYVpzFCihQ9sDKTcTqs0I+9C5Z8Gi
+D8aGvF12xR2Xfh125ZLnP6WYR1+721gHnI7sxyNy71PPNECy4h7dTK3i4V7px7gj
+772eFLz0UnGSkwVkkuFLv7shoUuJxNxy8qsxzZ1RXgW344avJqRttOZM0LN+CoVO
+OiNvbZg4mxYqhLrF3ZjnwpuyA8pUxAq/DqDlMUatzQ91z7XC2OoAxuEbmiTPQFwS
+xkWi9k2QsKwZU/KkupoP96y2i86aFZGY1C/i1l5C2kDim0VTDbl6E4cRW8Dy8F4w
+07OkyUzpMn98jQTAslDVzG0P3NiO0QaRJED5cww9F3mXXIEBFtBQsqz3ymt4mkeW
+w5cVQi6GcHuenyHKyQPzZJLVioTg8kD2tfBaWt8Mi+MEXz3aSolxIiYmNC2zsnQE
+C42jHLBN8yK+ArpRMGLm6LkwaELcEcSVkqvHE1WYzqnvtGolRYTbuA7fPQCrcQUW
+1K4tJHk0q7uVyZO8Ss0Tot6kC6e9ip9lbw6QLCp2cw8KCjxrL+CfygTLiZ1Dmlk0
+iQ9pAgMBAAGjggGCMIIBfjASBgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaA
+FBqEYrxITDMlBNTu0PYDxBlG0ZRrMHIGCCsGAQUFBwEBBGYwZDA2BggrBgEFBQcw
+AoYqaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTIuY3J0MCoG
+CCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20wSgYDVR0g
+BEMwQTA/BgRVHSAAMDcwNQYIKwYBBQUHAgEWKWh0dHBzOi8vd3d3LnF1b3ZhZGlz
+Z2xvYmFsLmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDATA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9xdnJjYTIuY3JsMB0GA1UdDgQWBBS3XXWClyyy+27+HBlQ4Ctv5N+6MDAO
+BgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBABARGZGT6tt5pnZl3I3i
+AHM1O0gnrgEUXaiBIV1sEMjqdOn0jd3KeDISIOwZjfwotJCus2LqXWzfS1D+XJ9b
+tU67TXr2H3OP13Cxiw4oIFq/faWxVrJZIgIYBo4PqHQL2Y+FC6nsZQYoxcht/cej
+WQYbQaqXc2Ue9NTB49sgoCnWPLfiAgBcIYsPEm5SeEqbLIAZBF9pNQLd+4Xq4LcS
+bCtJ/88JBgkq2ueeuALTg1lMnMoOGmVlwIPF8tEUmdDkTvEgnQfF/qNwTeXEWePm
+XVSlBud1+H1FSJR741CuWePMP5DgAUFknEAtJ8elESVsZBIKLKwkNuf9bDCXj408
+nLDEyc4rqQxdMtv49PiEVgUq1MHKty4oRdyc0besH8xf5R4wlsBgAL8zUxDKo3fQ
+9cj0melQeLHJ8GmoVPMl94JJyCK7ScYR+kTdwxjfSM2VSFtsooAYHrG6zqjCyAx3
+kygSH+BEubs+ztu7LHyoN7d1Erc3+a/JqVepPSM6Myh2NRznxRhYXFTzPqy2bxrN
+H4UfpKHEpG9sqapzHroNGEGGNrrxSlkSX2p0IjNC8f+TBDPYPryDG1ZVqW9BE7JU
+Q485ggSVfjuoi7YHRrqU5YZ/eGy0Mcg0GMGUt/p0sT4CJDo4Qi0gNrv7pzXQD6h0
+uhfq/saaCAxSoOO0gqsHaZBu
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGrzCCBJegAwIBAgIUMahPJ4u+SmluTLL0FaLkRzvcyjgwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMiBHMzAeFw0yMDA5MjIxOTI4NTlaFw0z
+MTA2MDYxNDE2NDBaMFQxCzAJBgNVBAYTAkJNMRkwFwYDVQQKDBBRdW9WYWRpcyBM
+aW1pdGVkMSowKAYDVQQDDCFRdW9WYWRpcyBFbnRlcnByaXNlIFRydXN0IENBIDIg
+RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC8uNEaRwSSvuZABUo+
+RKza7R61thEWOwCPJF/TjUr2+3p290tjYCfOrBxLcBRhaGgd/edePwXUkjYZy4uO
+5IWeR92VqUaJtK5nkOe9OS1GxD6I+DCs2xL+VRf3RQvPVUP79v9lVVrsGfUq6j4K
+UXgE+heAokZScee6vC2pyVJ63QK+KOVT8dTKj1Ee0FlYhoxxrIuRB/3Suf22X9wQ
+o85pDkC+AGwIeqqLGYsIDFxtPX0Byphd1BLjur9SimTb/ePsSgAONCno+mNu7h9S
+VYqIF4/5nxu91MfQeF9mG+BS+gCTTygmJXCHNR4QYJg10DzmOhYC4wt5re5eyxvj
+CF8vbczE0OFqPrtX1OZdqHqDLCajgLiVrwtqj4TzUqPhOMvZE/aqQtQ0UoC3Hods
+fv73pRdZTt2mQjY5DA4uyZRNa8y67nHl75noop59MszWHBJU8GPdcF36Vkxz4z0N
+GykiIEAqZQR7lH1gjhGA3odGTmW08HlXJHcWoMbV2pjpKR3TV6FhQveBR9mqpEOn
+gYmMqDMbV0KsAiWWGv9T/yM683J2hdXmJrbtGPb33/D/mkT4QBCK1ge8UOvGewFF
+bcEI5A53aX4+krPeY6Dun4+XUpRDSBEac8De/FEq2MifDKjF0SDopSkm8AHVtTnw
+2wuXnylA3Q/mvaHm1VzQmwrAqwIDAQABo4IBgzCCAX8wDwYDVR0TAQH/BAUwAwEB
+/zAfBgNVHSMEGDAWgBTt5292Wr9g7ElbxqV3u3IWcZvEPTB0BggrBgEFBQcBAQRo
+MGYwOAYIKwYBBQUHMAKGLGh0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2JhbC5jb20v
+cXZyY2EyZzMuY3J0MCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2ds
+b2JhbC5jb20wSgYDVR0gBEMwQTA/BgRVHSAAMDcwNQYIKwYBBQUHAgEWKWh0dHBz
+Oi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQG
+CCsGAQUFBwMCBggrBgEFBQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3Js
+LnF1b3ZhZGlzZ2xvYmFsLmNvbS9xdnJjYTJnMy5jcmwwHQYDVR0OBBYEFGTjBYsm
+vvM19Z8xEgj45BacKqhiMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOC
+AgEATvNnN5+pH6CsD8szdS/SDclJuY0VcpFv08LOMboSYOj0psFdOHRhfu4uez42
+rwp6ruDh2CYTb71i0Y4EZgie6RC6kR71zX117U8PGySFNW/yLJhmXUUWiIGEu39a
+heGAqVs/6kGcdM+BXgflqvUFrhaVoUGCnHFLih26ZidCx9dt8SiK+u2zK4Blgw5X
+gLwvJfA+4HvJS1NW+CNBkCFvi6M90GDaDbBVxkFE59uGJHt8IKnaEZlI2awIJ3wI
+ydhnHX0Sy5nAUf6Rhc15AF7JmiQNNi8+TBldyY6XiNncIkvEkrzpuY59Nr0ejFPP
+rPxarHYlrpqMbhaP42eGmIq4Jf5AXPTL2/bynbp21kf5mXEf94tPmtaD+tQKm0nA
+826RS087rhLflGUOr1+8/BDO9TgL2c3+jSl0o5MhkDaWa6JsyYn6e95ZKTGCZ5CN
+9/9CgXay3i8H7mOW8agCem5u2yPrwdV+1flb4F+o/HLcsaQ+BzwZu3rtl2OQTShT
+GJePq809UMc6pTDMl1lEiCFpgV+hSEmBZa2D7tyhxXi2dHcJmGDkqo05HyebYoZF
+e2IYyDTBdoXlVVD2GBKXrzXQfmAb9/ZFaXVcDyJ80v7mVPOjnE32oG9IWwHLaWPV
+Xi20kSqokwRho+R5YkdGjzomZ5q1ui2DGfdxF+OcbuL3N9Q=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE6DCCA9CgAwIBAgIQAnQuqhfKjiHHF7sf/P0MoDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDA5MjMwMDAwMDBaFw0zMDA5MjIyMzU5NTlaME0xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJzAlBgNVBAMTHkRpZ2lDZXJ0IFNIQTIg
+U2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+ANyuWJBNwcQwFZA1W248ghX1LFy949v/cUP6ZCWA1O4Yok3wZtAKc24RmDYXZK83
+nf36QYSvx6+M/hpzTc8zl5CilodTgyu5pnVILR1WN3vaMTIa16yrBvSqXUu3R0bd
+KpPDkC55gIDvEwRqFDu1m5K+wgdlTvza/P96rtxcflUxDOg5B6TXvi/TC2rSsd9f
+/ld0Uzs1gN2ujkSYs58O09rg1/RrKatEp0tYhG2SS4HD2nOLEpdIkARFdRrdNzGX
+kujNVA075ME/OV4uuPNcfhCOhkEAjUVmR7ChZc6gqikJTvOX6+guqw9ypzAO+sf0
+/RR3w6RbKFfCs/mC/bdFWJsCAwEAAaOCAa4wggGqMB0GA1UdDgQWBBQPgGEcgjFh
+1S8o541GOLQs4cbZ4jAfBgNVHSMEGDAWgBQD3lA1VtFMu2bwo+IbG8OXsj3RVTAO
+BgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIG
+A1UdEwEB/wQIMAYBAf8CAQAwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhho
+dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQAYIKwYBBQUHMAKGNGh0dHA6Ly9jYWNl
+cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RDQS5jcnQwewYDVR0f
+BHQwcjA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xv
+YmFsUm9vdENBLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0Rp
+Z2lDZXJ0R2xvYmFsUm9vdENBLmNybDAwBgNVHSAEKTAnMAcGBWeBDAEBMAgGBmeB
+DAECATAIBgZngQwBAgIwCAYGZ4EMAQIDMA0GCSqGSIb3DQEBCwUAA4IBAQB3MR8I
+l9cSm2PSEWUIpvZlubj6kgPLoX7hyA2MPrQbkb4CCF6fWXF7Ef3gwOOPWdegUqHQ
+S1TSSJZI73fpKQbLQxCgLzwWji3+HlU87MOY7hgNI+gH9bMtxKtXc1r2G1O6+x/6
+vYzTUVEgR17vf5irF0LKhVyfIjc0RXbyQ14AniKDrN+v0ebHExfppGlkTIBn6rak
+f4994VH6npdn6mkus5CkHBXIrMtPKex6XF2firjUDLuU7tC8y7WlHgjPxEEDDb0G
+w6D0yDdVSvG/5XlCNatBmO/8EznDu1vr72N8gJzISUZwa6CCUD7QBLbKJcXBBVVf
+8nwvV9GvlW+sbXlr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4DCCA8igAwIBAgIQCoH9k4LCpNdG8PhoHyo7QDANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIw
+MDkyNDAwMDAwMFoXDTI1MDUxMTIzNTk1OVowWTELMAkGA1UEBhMCVVMxFTATBgNV
+BAoTDERpZ2lDZXJ0IEluYzEzMDEGA1UEAxMqRGlnaUNlcnQgQmFsdGltb3JlIFRM
+UyBSU0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAwE3UchUD1ZcHyHkf6x3jYwPoFAW9IiMoSSa94t00CDxv+1WJsedR0V1N
+4DepZkhEDvrTQBp34C7/JIsb2aJV4uC6Qrto81NsnnQhsr36tgTvdiHjU5VY9C02
+BTroFSU9awUWpHoPGNK8+M6iDClttvuKbWMdFV7HJ6CE3dvZ2Xv4GozSot1XvZ1p
+0Bi9U22PD7laFEakIrkup97EIeguFnBk7xqv1Fu3pumQbhQ5+yHBjFPofh4f32GK
+1+B2lhSZmOG8+ja3YGyhQ1Qi+0/HwcLnoRT9ukaxBCVrAR6zkb0XrYReKCZ+8LBf
+X1icjT//DS8xsN4WCknPz6rnYj9nPQIDAQABo4IBoTCCAZ0wHQYDVR0OBBYEFPJW
+mweGB5lTfhIs+H0v5tUm2JNUMB8GA1UdIwQYMBaAFOWdWTCCR1jMrPoIVDaGezq1
+BE3wMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwEgYDVR0TAQH/BAgwBgEB/wIBADB5BggrBgEFBQcBAQRtMGswJAYIKwYBBQUH
+MAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBDBggrBgEFBQcwAoY3aHR0cDov
+L2NhY2VydHMuZGlnaWNlcnQuY29tL0JhbHRpbW9yZUN5YmVyVHJ1c3RSb290LmNy
+dDBrBgNVHR8EZDBiMC+gLaArhilodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vT21u
+aXJvb3QyMDI1LmNybDAvoC2gK4YpaHR0cDovL2NybDQuZGlnaWNlcnQuY29tL09t
+bmlyb290MjAyNS5jcmwwMAYDVR0gBCkwJzAHBgVngQwBATAIBgZngQwBAgEwCAYG
+Z4EMAQICMAgGBmeBDAECAzANBgkqhkiG9w0BAQsFAAOCAQEAM3lQOKAwEZj1SmvC
+tY+MQlC6mHgxaW+gLuOkDXLD6EW2NedYWRl5AVwc+FzraYzRt3jd0LjmyXlPpCGV
+bNEDlMNtypjcP/m7Qmhkd2efXIFFWOwKa5c3aBcbWJQ75R5F1Hh1FYlKQ/BMnZxA
+P0kyeyDh9l1ADbs0e02NXOojAiQSFsSg+Sg9Rq6qeibScMuqIL4BiWaVesshmgbW
+PdxG5YjBQGiZQpR/00AN/M45UloKVg/MAbudpQe3VbAhp7wc1yWKFIltotHPdU2A
+GSjU2aua+DN/CGEW+ytD0mUPtOZWierV7wD54Dc3b3f5e70o4Bc65mu1CyLVj6fe
+xOFpmA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE9DCCA9ygAwIBAgIQCF+UwC2Fe+jMFP9T7aI+KjANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0yMDA5MjQwMDAwMDBaFw0zMDA5MjMyMzU5NTlaMFkxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKkRpZ2lDZXJ0IEdsb2Jh
+bCBHMiBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMz3EGJPprtjb+2QUlbFbSd7ehJWivH0+dbn4Y+9lavyYEEV
+cNsSAPonCrVXOFt9slGTcZUOakGUWzUb+nv6u8W+JDD+Vu/E832X4xT1FE3LpxDy
+FuqrIvAxIhFhaZAmunjZlx/jfWardUSVc8is/+9dCopZQ+GssjoP80j812s3wWPc
+3kbW20X+fSP9kOhRBx5Ro1/tSUZUfyyIxfQTnJcVPAPooTncaQwywa8WV0yUR0J8
+osicfebUTVSvQpmowQTCd5zWSOTOEeAqgJnwQ3DPP3Zr0UxJqyRewg2C/Uaoq2yT
+zGJSQnWS+Jr6Xl6ysGHlHx+5fwmY6D36g39HaaECAwEAAaOCAa4wggGqMB0GA1Ud
+DgQWBBR0hYDAZsffN97PvSk3qgMdvu3NFzAfBgNVHSMEGDAWgBROIlQgGJXm427m
+D/r6uRLtBhePOTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAwdgYIKwYBBQUHAQEEajBoMCQG
+CCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQAYIKwYBBQUHMAKG
+NGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RH
+Mi5jcnQwewYDVR0fBHQwcjA3oDWgM4YxaHR0cDovL2NybDMuZGlnaWNlcnQuY29t
+L0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDA3oDWgM4YxaHR0cDovL2NybDQuZGln
+aWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEcyLmNybDAwBgNVHSAEKTAnMAcG
+BWeBDAEBMAgGBmeBDAECATAIBgZngQwBAgIwCAYGZ4EMAQIDMA0GCSqGSIb3DQEB
+CwUAA4IBAQB1i8A8W+//cFxrivUh76wx5kM9gK/XVakew44YbHnT96xC34+IxZ20
+dfPJCP2K/lHz8p0gGgQ1zvi2QXmv/8yWXpTTmh1wLqIxi/ulzH9W3xc3l7/BjUOG
+q4xmfrnti/EPjLXUVa9ciZ7gpyptsqNjMhg7y961n4OzEQGsIA2QlxK3KZw1tdeR
+Du9Ab21cO72h2fviyy52QNI6uyy/FgvqvQNbTpg6Ku0FUAcVkzxzOZGUWkgOxtNK
+Aa9mObm9QjQc2wgD80D8EuiuPKuK1ftyeWSm4w5VsTuVP61gM2eKrLanXPDtWlIb
+1GHhJRLmB7WqlLLwKPZhJl5VHPgB63dx
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG+TCCBOGgAwIBAgIQDwUv1kqXXvH7DpFh+zsqqjANBgkqhkiG9w0BAQwFADBi
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3Qg
+RzQwHhcNMjAwOTI0MDAwMDAwWhcNMzAwOTIzMjM1OTU5WjBaMQswCQYDVQQGEwJV
+UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTQwMgYDVQQDEytEaWdpQ2VydCBUcnVz
+dGVkIEc0IFRMUyBSU0EgU0hBMzg0IDIwMjAgQ0ExMIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEA8H+0pAPB49e6lFDVDHeV8Q+TLQQUhbPh3vAOcTpY8ARz
+ugXJflej7vfGTk6Ba4fkFcLPE7I7hfT+Nx4l6uqZAZBqLLMNwVHBY5w2jzFu9N89
+1nxbGEzqxRbuDdWVlzJXdM7jzI47wBxkirqRr20sy7lmDZiaMGDIlRbydtbh7NOU
+J7oFDHcVQYpCAybsk7o78yXmbCyCkAAf9MPT1HTP8C6Kz3mP/TVgFYcCXR05nnDc
+l/RtPwwcY6fc6hNIdspeCUZGVFhP6U8N3rMVXae9FyCFH3x/Yh6mnRIwJbdRVvSN
+qXeXaG9LAKJiuG4nLXKcfEaVMqAhIrVdSTrIYZHEq0NsR4Zv6W7doGDGNeF3s7yx
+0rVb3LHsKqfcMwnRPBvPUw38E6maUGH7J6CCvjOD1lW8wGvshKKQczmPQUUxy0mM
+lhSLDebBt56WB3nIHLlesftP9Lh6mXYxPujPm4v69f/cgzjI+csbDLwc9kTgUoYd
+NtrSlbuntJWXntQicwAcBmhyjeI1QjlahOR4ft0CeC4vnlonSyOq1ZHTK4zuJX14
+yLMOMqdj8wb/ibOXfC0zSYuGjpc820DPBfdkOYHDHETPp+YNyKvbdkW0nbvMJcqz
+nKsoovU53OteAvDjKmjc08A7NJeVkX65VkRVXzs4etMHIplGhWJtU1pnKpLlh5UC
+AwEAAaOCAbEwggGtMB0GA1UdDgQWBBS2bDknVs6XWn4YnAoTssGhbLgauzAfBgNV
+HSMEGDAWgBTs1+OC0nFdZEzfLmc/57qYrhwPTzAOBgNVHQ8BAf8EBAMCAYYwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+dwYIKwYBBQUHAQEEazBpMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
+dC5jb20wQQYIKwYBBQUHMAKGNWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9E
+aWdpQ2VydFRydXN0ZWRSb290RzQuY3J0MH0GA1UdHwR2MHQwOKA2oDSGMmh0dHA6
+Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRydXN0ZWRSb290RzQuY3JsMDig
+NqA0hjJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUcnVzdGVkUm9v
+dEc0LmNybDAwBgNVHSAEKTAnMAcGBWeBDAEBMAgGBmeBDAECATAIBgZngQwBAgIw
+CAYGZ4EMAQIDMA0GCSqGSIb3DQEBDAUAA4ICAQCI9leyFDgwWKUZECI9A0Ttsvlk
+fo/R4Do6eo8yuJA0FGtHKUdvpaHMLD3oDFKPJjuRHhfNO7lBpwTHTE9WDFG7Wdh3
+UuiSpbJBLABJMBwj7XbLI6ciGgzd7zNBgqresB8kArJ2qTJXHPxtRbMjOOv4TaSE
+cjbkAyIOLBo0dL13vOhEzPxi+2Dqqi7DC8kw/+LZm+d8CHH2jnqwhBeMG5K6k3tP
+nZmrlnQAj2qKTv22KVqXKyxx9bn/QdMUcXNJ5OMAJi9rOMQvqh2TW+QpOcBVGxxZ
+pMFYndoFiJBthqbTpLMZFaCN3F2rzJEjRk24UZYbsxN6gcq9uXziFhjwt26cTPwx
++csvHm4g22lG7KDNQUe2yulJjrz5Qwo7N1qmAvpkBafaivtigMbwsaNTxxhJRBbK
+i2CDI2GgfCvxrkEbISL0kxZuLTl76hjlcQDNrd4AWFa5mchZ5p3U/U0J+S0TvIWR
+pZw2cxR+g8gmGIyLLrN4v4KJetAs/5EnPkOMvi8JOjO2DM8flYanxsVEQvRpv3fV
++sEKQ7l/bnYplNPvp9wFdK1x+GFA0A756En4RkfOO6ebSGgM1k4gObZPo8WZbas+
+oZ2V7tMc5wN4YPVqbt2kEgUG4YW27OgseUJncJqu0oQwDaQO5bPmKKT5Zcv3HdgL
+p7NpKJOLg+y/3BOqYA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE2jCCA8KgAwIBAgIQCuhT5kpmdr7njBXR9vj4rTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBH
+MjAeFw0yMDA5MjQwMDAwMDBaFw0zMDA5MjMyMzU5NTlaMD8xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxCbG9vbWJlcmcgTFAxGTAXBgNVBAMTEEJsb29tYmVyZyBUTFMg
+Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJcDijY9lVPNHXr40U
+fWUUv4cMQkBeohKE9pni9BQBfQMaaYCv9wtpBI0vJU+w0HuvpbcNMcB730hm0999
+WkAJiDWjrezjiv8CgBbRwZf0V1xP6JXzkLwfF0Qa3+kfNlAkl5F07AjUUVawB+mX
+EK5opgeZrn/7BID0nwCTcjcNIqJEonyqHDuDnGcJt2cJKDg3uCXtZGf2dFk19VOH
+9fTljK75cB6NG7YSMRkAGdKNElwOAOrJHlikHvheos0749M/tfPTpc2diDjxVVb3
+YIsfyOfJwDq2Hml2OzxfWBSh6i1Z56vcdYwgCrOJu7LDHOPsTTRJoORvC14tVo/h
++S+XAgMBAAGjggGuMIIBqjAdBgNVHQ4EFgQUYSm11Fct0Af3RKwqrtH9e0Ay7qEw
+HwYDVR0jBBgwFoAUTiJUIBiV5uNu5g/6+rkS7QYXjzkwDgYDVR0PAQH/BAQDAgGG
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/
+AgEAMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGln
+aWNlcnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5j
+b20vRGlnaUNlcnRHbG9iYWxSb290RzIuY3J0MHsGA1UdHwR0MHIwN6A1oDOGMWh0
+dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJvb3RHMi5jcmww
+N6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2JhbFJv
+b3RHMi5jcmwwMAYDVR0gBCkwJzAHBgVngQwBATAIBgZngQwBAgEwCAYGZ4EMAQIC
+MAgGBmeBDAECAzANBgkqhkiG9w0BAQsFAAOCAQEAsoSMFjdqiXkJD91uX518TfU5
+WFrcVOxi3pBB007sHVOsvkrdhMU6zGe3E4czk1dNfLXyTJd4t2V1/D5u3KFuHlzD
+KU0ldfxB56m28b3z+mSC1tRIb30I3gy3r16vDBDhxsZxkTeYzXQNTtsdieh/jWR8
+mGJzl0QnI1q8Tm7Pt6VArACMUrXCbnvHXcOhp9Ls2aU8pO5dcuEKeyT/ss9ZDLOw
+t2nYIF+/lZY29HkBLb7Kci1yR3veu5cYINB60dR4f1N8S2YBEGC0u5KWxD2JPqrM
+RbTOABfjM6l0hjAU0E90EcDVorxFGU5Uaj8XjXhabrN1LIoVHrfU8xVSWO+brQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE4TCCA8mgAwIBAgIQDCGuyojk9pVYqb7P9qDRmTANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDA5MjQwMDAwMDBaFw0yNjA3MTIxMjI4MjhaMEYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNDaXNjbyBTeXN0ZW1zLCBJbmMuMRkwFwYDVQQDExBDaXNjbyBN
+ZXJha2kgQ0EyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGfNdt1y
+yX9WfnM6bYw/xZIgfUNWt+6xuWtVZxhu0DkYNtrphYla0oTIJiBYHYNNG4SBzBec
+/5fmimEo+YVbw3U7t0g/lMAoRk0YJ1oNKVOK19E8wHlQGcPjb4y9RytyKKLCcDvo
+mnYJcNCRq4hwzVA1CZDLg5glszPb/bTlfmBGY6MqBOOQratjsVnPE7QaQr9h78kJ
+P6dcbYfJyOLJctJvnYWf+QXi3QP9TTai/ikz6AMxt+4PHBqfRcQp/Z/RZuPKG0de
+n9iJgvUX+JQMn+I/JxXRQmAzgCydDsgFv84quOzOdhY3eRymrA2F3Wb7Cq9Ddcpm
+WzRmTrVT5GxzawIDAQABo4IBrjCCAaowHQYDVR0OBBYEFCNO2cJ3aEC3EM6upNLQ
+Z0t56DBbMB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA4GA1UdDwEB
+/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/
+BAgwBgEB/wIBADB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v
+Y3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2NhY2VydHMuZGln
+aWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDB7BgNVHR8EdDByMDeg
+NaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290
+Q0EuY3JsMDegNaAzhjFodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRH
+bG9iYWxSb290Q0EuY3JsMDAGA1UdIAQpMCcwBwYFZ4EMAQEwCAYGZ4EMAQIBMAgG
+BmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQADggEBAH90J3BWXtMBsVJ/
+6+0xBW0mhjsmi+laauAOKGyBolvD7B53CqIMImApPkk5CJxvBBgjJtRwCqMwShBp
+NbvHueYXrzFWkt9TzuGTzdBq87Sw1QLun5TWUT7NpuO2Qs24sSU0Cog5u9pHURR7
+vS5m8Azek4d03mOCZBEN6K4S4mU4V510P/u3Rzr4yekPPw/AzkkkcoaNGyuSleAk
+FWLOuqVn+/9y8g7NVxerX6nSvqez7WsZIZ7RdkxGvDmUA4AGJWJX2IdXCQr3BEAe
+qx18/6pG8pFuEqRvD5AX5WsBj3zc5DgOu0oSobMA9jslKNBlkDxc1T1EHZLK4HcE
+6VwZWG0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE1TCCA72gAwIBAgIQCysJJAQBl9qEk/bL8ArZ1TANBgkqhkiG9w0BAQsFADBa
+MQswCQYDVQQGEwJJRTESMBAGA1UEChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJl
+clRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3liZXJUcnVzdCBSb290MB4XDTIw
+MDkyNDAwMDAwMFoXDTI1MDUxMTIzNTk1OVowWzELMAkGA1UEBhMCVVMxFTATBgNV
+BAoTDERpZ2lDZXJ0IEluYzE1MDMGA1UEAxMsRGlnaUNlcnQgQmFsdGltb3JlIFNN
+SU1FIFJTQSBTSEEyNTYgMjAyMCBDQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQCzAc+Sre+znybM+vw7GsxfKZC4vk//qw6+Ri9l33MBoiY2KqWY6KWr
+PaHnCK/oa0xqmgaDckTcNSdrvPSRsteP0OrF9sTzoPK16oWEhYvagyEwbYjobAU5
+0fRpGY8DCzkU0LN1fi765PYlbauwJ2Zp9Hyhrtb+/KVWrjOHaPIvHekcqDcRY8Mf
+zraSua3B4raeMlXoZ2f7Q31ap3eoi6hNAb1GVYsAG1rqV+f3U3zC1lpDSUSV5iXz
+fa8pIqLbj975t0ArWbn0ta3ZLSn6syyEIN9a1ITVUhBgWIwj1aHoKZD04mKLlIby
+TYpQkN+dihqxeLboYqknGoTB536vrM9fAgMBAAGjggGUMIIBkDAdBgNVHQ4EFgQU
+g5pV3UIHHTsE8sJISmWe4/4sIrUwHwYDVR0jBBgwFoAU5Z1ZMIJHWMys+ghUNoZ7
+OrUETfAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMHkGCCsGAQUFBwEBBG0wazAkBggrBgEF
+BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEMGCCsGAQUFBzAChjdodHRw
+Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vQmFsdGltb3JlQ3liZXJUcnVzdFJvb3Qu
+Y3J0MGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9P
+bW5pcm9vdDIwMjUuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdpY2VydC5jb20v
+T21uaXJvb3QyMDI1LmNybDAjBgNVHSAEHDAaMAsGCWCGSAGG/WwEATALBglghkgB
+hv1sBAIwDQYJKoZIhvcNAQELBQADggEBAAwdtDt76nSCMj+iYFI6Vc3Q40l97V98
+rSV+XWMzjN5UkToYii9A/dedtywtMzbTKMdAc+na41CRpmQxNrF7MOexa3wn5YlD
+7VsjDqyjOrHnHcyEJmofkKBCkZp+58Bh5WR0sE5IEFVwUTUI4ysPabrVH5ktYZhE
+BsVda5D+gm8efODq+nlpo3wnBaW8npGvXnNqxFj1VAUnijbSN2OvtzyPYoACPwEy
+MffP2mlhQkwO4GV39eFaS8AFhxCjLiNs7G7OvwQoBhIML39InIMWO6KnfxCQOHHj
+sEcpCSu5LC6Jv4VQjvvPXaNVFCuBd8DD2zADIbkxqlPPgQJrpHckh/E=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFEDCCA/igAwIBAgIQBiBJfLntFNoOiPWuKG+WqDANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMDkyNDAwMDAwMFoXDTI1MDUxOTIzNTk1OVowTDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAoTClBsZXgsIEluYy4xKDAmBgNVBAMTH1BsZXgg
+RGV2aWNlcyBIaWdoIEFzc3VyYW5jZSBDQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQDINYhtcvGtW+6h+j5YDn3nTkalb0NF+IZKn331NZDsqAD3X8Ax
+Wo6/a2ANgYtIQJvcL3m1luU0rmIWVCIuigTKlGEXSS+y12v7C9t2vwpoJsnQ0B/3
+MSY4XHFY23iI6itHmTg/i0BjpzcKHzrPtL5a1er8ykMhDOJJqBqJ6gBZbdSukr68
+Bwno4V1WseRzv4tyJJPyJSNE/DtaFWKEjYmF1mFxyocTdcb+d9XrBYxGcJn7ap6U
+4Sp1NDZXJVpI2tu/VLnW2b8e1bR/H1xoVfwpaY7+aTmiCGLFnpwnU3BXq0yEDx3U
+LZcyttiLLpqSGjq1ar2HJeAYW0AIWp9+HK2XAgMBAAGjggHMMIIByDAdBgNVHQ4E
+FgQU8D+toY17ddQeuPWGYv9VaL3hjV4wHwYDVR0jBBgwFoAUsT7DaQP4v0cB1Jgm
+GggC72NkK8MwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr
+BgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/AgEAMH8GCCsGAQUFBwEBBHMwcTAkBggr
+BgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEkGCCsGAQUFBzAChj1o
+dHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNl
+RVZSb290Q0EuY3J0MIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwzLmRp
+Z2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcmwwQKA+
+oDyGOmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEhpZ2hBc3N1cmFu
+Y2VFVlJvb3RDQS5jcmwwMAYDVR0gBCkwJzAHBgVngQwBATAIBgZngQwBAgEwCAYG
+Z4EMAQICMAgGBmeBDAECAzANBgkqhkiG9w0BAQsFAAOCAQEAs/lybvFmxpIgHmK4
+Bump8Ucli2C+Nzob/HAsHQ9p+GWYn3gSqEse2IkIfxdTVXm4bas/i5VXqPmUSEWw
+NvCO0gouBTRs8ai0c9Z1mR/ytxSfZc7W2DyvqSrmkQXQIxpDzEfJR8WyZElx22Ue
+fNV8o4J0Vx2nRutWYyMU+Gst/2CnHTf6PczYoNNzdrm9Amgq+22BHQwaJJvpwuk1
+vof0ZjjsI/ILnbEGUN79gn8UvkeWpqeX43iY9OQnLB9g+6f1Rd+ca+alXAK1/rbQ
+fMUrXFCdP2AjSMu3GJZK90APWW6pdwVhfVTjUANseMltj+HiNHuHeXY0vFgVWHyO
+r1/aew==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF7jCCA9agAwIBAgIQEVTFPTSIGxR3ay7Ox+7xoDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+OTI1MDAwMDAwWhcNMzAwOTI1MjM1OTU5WjBTMQswCQYDVQQGEwJVUzEoMCYGA1UE
+ChMfSU5URUdSSVRZIFNlY3VyaXR5IFNlcnZpY2VzIExMQzEaMBgGA1UEAxMRSVNT
+QXV0aCBSU0EgRVYgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD
+l8mMTBYN1meCFb0vNyq+Czz2h2eda8PKf2TGarVbkaPp+HJ91LADvSqSIEn+IAxd
+jlZsfj6sO8y+yXW3gGEe64dMNWFfzjn5EeXpzHXS7i5TW+zJsURa9XrP16h2oCpp
+D5HlZCEF6nf4ssqLgmE13kl7bTsZjtvI+ZE1uZgPW+4cLNgL69LtiZBXIO6cAY0q
+mjFWUJUEqCJ/hu2dwEydui+8afuXyq6ZXQ7rtwWp9xw5nYTMHwh81HJw+3QnLREp
+dL+Volot54KEx75nOl330QArY5DqEUkbJg1anO8VnbGolGqzlTgGChPB103Q0s3n
+cGedl+ibewH1MX6hMr5XAgMBAAGjggGGMIIBgjAfBgNVHSMEGDAWgBRTeb9aqitK
+z1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUcATo5D+MKMhDtiYoN3jOCS27MaEwDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIB
+FhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRw
+Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1
+dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDoGCCsGAQUFBzAChi5odHRwOi8v
+Y3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQUFBQ0EuY3J0MCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4IC
+AQAl8UQVTNcAXUqq8/naxOaLZmR33sIiDCB/+9ELHNZMn9IgjWP6mVNdBKSVguOg
+QEVphTIWvtvzLH9okhxjmSkD2CpRg5pD12gFNwcv8irKr1WF8VvlhwNsJA2REkTH
+eRJoCqyRuuBqO4NcknV47uLu72RAuZk3bD8vZ6Xu6DWPNmfrI2H6a+kNYWsNXyhA
++fw+pHOEbbLwv3FYAJygarAJAK04QAWFZ0s4GU7eueMliMWQ0V85JEXNDK7JoP2/
+drY1ozl2iPCqtp1t7eweNFSZ/Al2xdCAoK3HA5Rex/488AOABKlv0olcZWWJFUSI
+5Az6oFZ5OEpVpnHRWff+xCNOQ2HQXbua1LyDVZh8Lo1aI4/gdr8kA1qqICteNj27
+TQt4711R46CUKu/RcescyGEB81ilfdWL2YvrLhZW1MHdHM0ALO1eMqT93fpfuhyv
+71hCS2diRSLBqut1i3oZy5JjXx4cVFt7ESxRp49ZalTQMJoECR+TGQq19wSUHvbx
+Emi8DvvzkfdaiyZ6Y8LxTM8JVmH//wqSWmk7bsX3ToHDKK7TsswAhv5mrnJHugJj
+dyUQs2JFanV16jXoBT9vRbjghm7CWZF6uYGV+fQLfaSOm0PJA05G/Hz0yHAmp0Kh
+skr9TK2vQhCsJ3tKAyS5ppHt7Frw0q3Psus/3cQ3ZvKZkQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFBTCCA+2gAwIBAgIQAenf+vK0K/oftv6tA+j3LDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwOTI1MDAwMDAwWhcNMzAwOTI0MjM1OTU5WjBLMQswCQYDVQQG
+EwJVUzETMBEGA1UEChMKRmFubmllIE1hZTEnMCUGA1UEAxMeRmFubmllIE1hZSBT
+aGFyZWQgT25saW5lIENBIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAzM/f/A2T+HQIP9XJ0BTWP9UvTveLTh9qgXLR/Eqfgnle96hnOKbQl1dh8EKo
+Iv918NQFIExgZ6CX1YRXXu3gYyRA1bY7N1zTI1HFgVx8esyMFePFwXJLDzrqJ99I
+cEwokt1oC2uuRAXRxxS9Vw7tynZfr06FNRZZKa68qBKdGqicyXAC/Vl0Atf4uvbp
+mhGoT9WX7sUEdp4WxnZcDHHZSFEwFcDZBT03J25JQoD4YisNTTJ/PLZXkRqkNDgB
+ZqWLNMZXwaXMGZi3gbcMIgRtw3S6QF8gSlcFKCGNUthJike7BmceZJMZkooY5cp3
+virSdZdN7ha3GZQzigx6qxgOlQIDAQABo4IByTCCAcUwHQYDVR0OBBYEFP8tLpE0
+/PLPxtGc0fkpN62qysFSMB8GA1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWXNqfW
+MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQw
+EgYDVR0TAQH/BAgwBgEB/wIBADB5BggrBgEFBQcBAQRtMGswJAYIKwYBBQUHMAGG
+GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBDBggrBgEFBQcwAoY3aHR0cDovL2Nh
+Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNydDCB
+gQYDVR0fBHoweDA6oDigNoY0aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lD
+ZXJ0QXNzdXJlZElEUm9vdEcyLmNybDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNl
+cnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNybDAWBgNVHSAEDzANMAsG
+CWCGSAGG/WwEAjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRRGlnaUNlcnRQS0kt
+My0yMzgwDQYJKoZIhvcNAQELBQADggEBAEzaEH9zLxs6KK3byoHA0uFcORmBD+5q
+nmR228ZbDhU7LfnTH0tg1b/XiR7fRxdrp7iCzySpkCgiV9PSjadQSRe45+FKRNEV
+Nos+gxfGAMd6BB0qmIcgXEbgLcvZCMu+geZs+tfzKVjLER4gnw2rz1yglnV03nwD
+GCHMi94wvBCg/UjyFnO8nq5t2UH8jeKnlXdecFk4AcaRtANRkyECvfvtdXYa/VJ8
+zehP4g87ahN+tXIybnG7ZstVIPmXfwXzVs/Nht1zHNW+JrbhnkvBXk1yC7XnzQdP
+gPBLVb3iYahaDY3YSP4TpdVbldDdjMBiRHxHG36lEXABP/ScuRZ04pg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDhDCCAwmgAwIBAgIRAKcjdcSRMbRQ+7bdSWoKyHYwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDky
+NTAwMDAwMFoXDTMwMDkyNTIzNTk1OVowUzELMAkGA1UEBhMCVVMxKDAmBgNVBAoT
+H0lOVEVHUklUWSBTZWN1cml0eSBTZXJ2aWNlcyBMTEMxGjAYBgNVBAMTEUlTU0F1
+dGggRUNDIEVWIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEmfj63qeyii9l
+yEii1MoIMhsLgr19J4JX7srE9r+Wk5EbC+tS8c9MHJa4lyCvdG34DMu3C20L6zuv
+2pI8EYs/7KOCAYYwggGCMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2Oa
+MB0GA1UdDgQWBBTYFOMkVbt+KKkT/ttnmQvOdsiPnjAOBgNVHQ8BAf8EBAMCAYYw
+EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2Vj
+dGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBx
+BggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0
+LmNvbS9VU0VSVHJ1c3RFQ0NBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9v
+Y3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaQAwZgIxAKF0oRaMchuAPyqk
+IwJQcEci/+LhrPwnOYX0Q5Oj3M/2Vt/uHd+JfUvKq5GoFfHE8gIxANrPMe4cPUpd
+iz0DHKAyt6cE5zSp38rvkaO4Sr7O/Szu2lF/fihR/GCxjumd3vDECw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE5jCCA86gAwIBAgIQDxcaSMbyI4CSGM0u1t3A6DANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMDA5MjUwMDAwMDBaFw0zMDA5MjQyMzU5NTlaMEsxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxJTAjBgNVBAMTHERpZ2lDZXJ0IENsb3Vk
+IFNlcnZpY2VzIENBLTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR
+rfaHFHlUJ1fHLwVoPJs8zWfsRRAshPKkR8TZU0JFCbvk/jPB17xGL9GL5re1Z3h8
+anC+/bjltlTPTF6suCJ0c1UpCHPIZPfQlQkOeYNQv1/11MybQmGOgAS5QarOThKZ
+m6zWxb5bAnO1FqSrcWLUmOpAOYWm9rsv6OeHwov2nDLN7Pg+v4nndCOCS9rqv3Om
+JTz9v6nlaP/4MKJgxzsuo/PFfzs7/Q8xoXx0D9C/FMS9aPGl52un35sAfkYlTubo
+E/P2BsfUbwsnIEJdYbw/YNJ8lnLJfLCL//lIBVME+iKvt81RXW3dkHQD8DNP9MfA
+PlZGR69zIIvcej6j8l3/AgMBAAGjggGuMIIBqjAdBgNVHQ4EFgQU3VHQojFzqXOu
+j7QBfl2MV8uf8PcwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDgYD
+VR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNV
+HRMBAf8ECDAGAQH/AgEAMHYGCCsGAQUFBwEBBGowaDAkBggrBgEFBQcwAYYYaHR0
+cDovL29jc3AuZGlnaWNlcnQuY29tMEAGCCsGAQUFBzAChjRodHRwOi8vY2FjZXJ0
+cy5kaWdpY2VydC5jb20vRGlnaUNlcnRHbG9iYWxSb290Q0EuY3J0MHsGA1UdHwR0
+MHIwN6A1oDOGMWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEdsb2Jh
+bFJvb3RDQS5jcmwwN6A1oDOGMWh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdp
+Q2VydEdsb2JhbFJvb3RDQS5jcmwwMAYDVR0gBCkwJzAHBgVngQwBATAIBgZngQwB
+AgEwCAYGZ4EMAQICMAgGBmeBDAECAzANBgkqhkiG9w0BAQsFAAOCAQEANJE52TD/
+zFvmYQGp0P3ntVzclyqsN7Aga/s2SmhGoow32hcBWc6OVgQILYjXndBwRdTn6/97
+nb+5a0sEfMoc7mto2ALmLim+XgZ6bg2nQX1A2lWYUoFou0YDHzGsKUNcLQOjoJU4
+t9UMxv6+Je7RB77+j3mVmsNxBF13Q+LEHWiY+IJSazVqv7w73izbAFo6cF9sK0hp
+qdmSKdB/MNfnT9YF4/WYlyCwFhpaK3mPuU2XiOzGswPhMMRwgawnk4XTNemtHPSq
+fP/JzQHsefL75Tx5c8tHJAcp3C/QD+JcUUHocUPuW62x79wO9pNl5N5U4jIVFa4k
+x6pNQytYvwMPeg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2DCCA8CgAwIBAgIQBwBn96SGf7kziQ3aF1/EqjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+OTI1MDAwMDAwWhcNMzAwOTI1MjM1OTU5WjBTMQswCQYDVQQGEwJVUzEoMCYGA1UE
+ChMfSU5URUdSSVRZIFNlY3VyaXR5IFNlcnZpY2VzIExMQzEaMBgGA1UEAxMRSVNT
+QXV0aCBSU0EgRFYgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCE
+jt5e9I4KAXffZq9fgK+RQtonSvTlHwbsJGKgnpx/QkFl2GM4GMtsuGidTH18xhZS
+jRl5G/9x47tB4b8r5kXysnVuK5Z064ZQPM5SoN4k5HmQsOX8nCvRjdBAtsYUn7jn
+P/+ZMl5ngith0QLqsmNnLT18cpvuJrMGhkktZ814sD4paKi3hsXFgnVA5NwlCNWo
+bgWGDIl/2Mdw4AnUzRvE3j7JxgbZNtwSdXW4B8qu4714X20B5jYlyYXwdDG4Ue6f
+kWFTnGs/aE4csx/bUjDyBg7ZEGhvsw1PEnye+DPLcOGJhFDUY1ijXW1ARZLQ9DzQ
+63Oigzns+cW82XANNZa/AgMBAAGjggFwMIIBbDAfBgNVHSMEGDAWgBRTeb9aqitK
+z1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUSydKq9e+76j+Y4QOrVGhnVXDHG8wDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAlYwCAYGZ4EM
+AQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
+AQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VS
+VHJ1c3RSU0FBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0
+cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAFPVZXT7eqyYw3fhh8CejhJquTv7
+fdZ0mrcQNccUnkzBXB1qz3mOV1Zmx7WHj9R41l8y+JZq66B4tDI4KJCEG/s6leL8
+8EhEiZkXM7LN/H4uq32E+b04EW96XS4qPgzbHJ2S4DaiIQPb7o4RhBxBwHhbDcL1
+bjrpfjNsAe/wBrIUWEZJ7mnAlY0zFzXo21z+AyeH5lFeF10JQmJS4R96SjMdrvVL
+X3aC3ARt1eCbM0sAJ6NlNjRC5ml/bgkzsCm8XVDiA3ahQnTPl5DDBhyzM33nwmkH
+Q/EMy4MqyP583wH0vbPSBou+uE9ea0Q4Fo3dYNahg+K54o00nP0N48xBmGp81f3m
+k/KY5X3sYufYX3PEnrukLGbzJb1lHgDPw5FHNPid9siijZ4RIYm16UVCbGFTNcxS
+IHXiOSTmNtrgxd6i7R6QXHpU9fpv3Mn8fli91cks4fx8xsLa62bwSQstIyDvaG/T
+Gap9o72fh9bdChS8xGQia9DEcrfd9Nh6l/g05PzS5QzaPTVWMM4q/LTtvytst/9D
+IPAV6+wAQrI/DUBpZU8xtlvBKW8YOltV9rhSr9n52sfDPXZ0ZKtIX677gp1HNkJ9
+KlIH/LwZAIFBaxnYITnWMCge4hVqiIAFjj6GUZaQhFUwZYI9t1DCqXtBATEq5vv5
+G1z6mNT4uET4WMSM
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAvKgAwIBAgIQA8K3gYaTSmChwcXJ7lTTmjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAwOTI1
+MDAwMDAwWhcNMzAwOTI1MjM1OTU5WjBTMQswCQYDVQQGEwJVUzEoMCYGA1UEChMf
+SU5URUdSSVRZIFNlY3VyaXR5IFNlcnZpY2VzIExMQzEaMBgGA1UEAxMRSVNTQXV0
+aCBFQ0MgRFYgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQmNgLnSddakVhi
+2gyfVILdnHEu038kVVUf1dlWYI7puHkPKNn4BPGMBSAr/T1q5CgD0sta2mwSYKo8
+vwO6FQgEo4IBcDCCAWwwHwYDVR0jBBgwFoAUOuEJhtTPGcKWdnRJdtzgNcZjY5ow
+HQYDVR0OBBYEFCAvDl2owfjtP1XhSCaILbg4BRqMMA4GA1UdDwEB/wQEAwIBhjAS
+BgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgJWMAgGBmeBDAECATBQBgNVHR8ESTBH
+MEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2Vy
+dGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDoGCCsGAQUF
+BzAChi5odHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQUFBQ0Eu
+Y3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqG
+SM49BAMDA2gAMGUCMA6w8fsyHnuld0rXW1unoww4ngXTje5bFu0vJi4ocuAP+QgE
+RWPIX78Z3WTp+DvKTQIxAPacRdzcirqQgyYAt5w11joVz3qJsy0pijclFfo6RrXx
+5UcQJniWGn9/C9ta8tOfcg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF2DCCA8CgAwIBAgIQcJdvE3juyOY39YqHZcA/BjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+OTI1MDAwMDAwWhcNMzAwOTI1MjM1OTU5WjBTMQswCQYDVQQGEwJVUzEoMCYGA1UE
+ChMfSU5URUdSSVRZIFNlY3VyaXR5IFNlcnZpY2VzIExMQzEaMBgGA1UEAxMRSVNT
+QXV0aCBSU0EgT1YgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDq
+Kq8ZoiQhNuT3s5oIRg/AcFEjyORN3ndO8mlqXvDCjgL/7X8VuJVabWRaSAgttoQ6
+nvmlmXEZLthBw9mJIE8XPShR53SX35PQHRDycueQK9mbJNIWTCdZXyX5KQmyg6J4
+fsZd45Ds27sADf8xA5l62Kk14RDVhL+R4IYZlFNxV4QIBT0yZD3rRUMUGfzMsKaC
+7PsVohUuIyUrZfd6JHcveQG/zI/RUJ7FpdKvjRbGOajMEFueIBe6tZrMjkoYdOVJ
+EHwxgXnjY0sE45sX7aEIFHRJ3YQsKG11QoIJ6THzjTwXeaS4zsRl7Yyb/EJUNXZh
+CWuFg/Ypnpc1/adZ/jv7AgMBAAGjggFwMIIBbDAfBgNVHSMEGDAWgBRTeb9aqitK
+z1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQUgDr+FzBsS9PKFFihRtp5M823QScwDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAlYwCAYGZ4EM
+AQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
+AQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VS
+VHJ1c3RSU0FBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0
+cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggIBAHKBSc5Q90rinhHsb6S2boH0Ag+g
+yftuumXaO/LpgIAr6XIbwQBUZ6d8nRJuB5+USvb7M9RHUIIdZ4sg8GNWXonI8H6S
+KdtZ8k5TvCG0VfIjWoSNfHyzXlPErij4sRa69m/RYpkVFiKqZ1HAoeLXz/BQkNPz
+9MWVUMomg1tmSp/frNF5V34dLGMUIxu9ImozX+iZUM8JY4BIPB5znRquQW3if35x
+tQz/wIRy6tBWrQsFUka7naRo6zAXqqMplY5GQeh/QNU57CmfHqXN2323UcAUU7dI
+dgZNFZiblH6GToLl9vW/pVtwxwE/y7uLs79pzEmejA0jis5QLoMycApRifaRWWqG
+oqfNqFH8C79lDmi2/y3A+KrUxoqq3N+3OWFXRa27VqbTOlCLYgPabTGHOMEfVRRA
+Vk3PVBHVrbUZ/XSVajfE32uFW2nF3fYVey+iIfnthKvvN4AyZCLzFQ/nXe0Jw9jE
+ehyl5AEIjmjCpEv1P8ykhDf6eRstOl0QB/WnTFlZRFf99mRB3oSfWGixmUph+rOJ
+IL0jRByzci6oWSPPSDJ+Bzi5EgJnE6CfwrmKXCf7+hyiBX4ioRB0sB1g/JEmgEF3
+zhqizcRT6K7SP8gk4V5dLsmUo8sKnK3GG/lIeV0S3obsSS3msajVED3QeWt8TtxM
+MHLos6xuDHZDbE9Z
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFIjCCBAqgAwIBAgIQBbZnenLiGNMIJX5oMgDneTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwOTI1MDAwMDAwWhcNMzAwOTI0MjM1OTU5WjBoMQswCQYDVQQG
+EwJBVTEuMCwGA1UEChMlRnVqaSBYZXJveCBCdXNpbmVzc2ZvcmNlIFB0eS4gTGlt
+aXRlZDEpMCcGA1UEAxMgRnVqaSBYZXJveCBCdXNpbmVzc2ZvcmNlIENBIC0gRzIw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtvR5yv/E7+OrMhRShuAKj
+Iwt9vUyXo6UB4sy7hd1py6x5iAwXLBuWE0gERvIxTrYaViCS+3SM3ASb38iLaKR1
+t/ITCnLq/wVQCr42qVyw4+CnbuzsHe3AyoyP0NZIigmf+WYSbkPslir98zJW+Y0l
+b9OEk+Ndxm+/004bClboPvk/dTHr0RbW73yuDUMCr4gUA9sF1grp7l226GR9C/R4
+3I7RNwrEtKI23iy+u2elJeBXhDANUFoe19sXS3ylAvSllbXR8K8Sd1hvaaOCBfN/
+60k73QBJE24mpUESccsUJ4XU5CjSo1mcLeDTBBKBYQOZwxXpybhF/KXKZ+zdFQMx
+AgMBAAGjggHJMIIBxTAdBgNVHQ4EFgQUBNC9Wg8qL7URLgEXK7i/Udl47eAwHwYD
+VR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0G
+A1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/AgEA
+MHkGCCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNl
+cnQuY29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20v
+RGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3J0MIGBBgNVHR8EejB4MDqgOKA2hjRo
+dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIu
+Y3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1
+cmVkSURSb290RzIuY3JsMBYGA1UdIAQPMA0wCwYJYIZIAYb9bAQCMCkGA1UdEQQi
+MCCkHjAcMRowGAYDVQQDExFEaWdpQ2VydFBLSS0zLTIzNTANBgkqhkiG9w0BAQsF
+AAOCAQEAr9stwxJ0fxPWs4xqq59fQp7hoZ8ViVKUlZty7/+O8eNg9GkK7EqaDXdW
+LzojfnDyQbx1yFwy5fcFab/YsYzcgDjdvpfe3f/TZ+1yvxYLOTp1ouB3y02T5SCP
+k3det9dsOZeJGBQ21xkOqQz1ve+bYNnuN1Hjopp+piFGagaam7qTOlHcoFCTbDda
+l72HJTKZmhc+j8vBDBXEYefywXofBCtXdRjuCrjsYKMab3cr5CUZo5P5rn0AlnLT
+/57AJK6Dpsx+43JLjTXss6lr2SrfLWTwSWbp9lqQvayTjeAmPYWk4onKHxpU2stU
+3ttX10B43u+Gdt+l88HkG2z1PE/LxQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFHDCCBASgAwIBAgIQBQ4ubkXGxYu0PqWEb82BqTANBgkqhkiG9w0BAQwFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwOTI1MDAwMDAwWhcNMzAwOTI0MjM1OTU5WjBiMQswCQYDVQQG
+EwJERTEjMCEGA1UEChMaRGFpaWNoaSBTYW5reW8gRXVyb3BlIEdtYkgxLjAsBgNV
+BAMTJURhaWljaGkgU2Fua3lvIEV1cm9wZSBHbWJIIElzc3VpbmcgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkJVrdYiOKBjjGy77AckEUouqFrBFh
+c+qXiePsbHDweul2/mKowBlWuoinfgpNPdnTz8wGVTZInzK7EyHPbcPXSqxEvL6a
+d0GmMOrVhem/WE4k6HXNxV2+DvaQtGLGImcUXS/u25myu4qYeNpeC3i7yL8TvcVy
+P5IRXtRMsW5FnZKgO9Hr0cM5qNcX03BvFJjiKt/v5SeAGOfJ7Id0a7b2v+yai8oD
+8qszTc/IOKiCmdIIwHYnoirTiqAUJk1IzOhJ+xuimtlJa3dbOFZVIdrv1TeywB4r
+maP5383L5MrcMvPITLwd786ttxOWIdIQuLyv7+jUh7SvjIAfLRnHKfsnAgMBAAGj
+ggHJMIIBxTAdBgNVHQ4EFgQUvmgni//d+RHvRrfNE/ii0YmFZR8wHwYDVR0jBBgw
+FoAUzsNKuZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQW
+MBQGCCsGAQUFBwMCBggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMHkGCCsG
+AQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29t
+MEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl
+cnRBc3N1cmVkSURSb290RzIuY3J0MIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8v
+Y3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMDqg
+OKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURS
+b290RzIuY3JsMBYGA1UdIAQPMA0wCwYJYIZIAYb9bAQCMCkGA1UdEQQiMCCkHjAc
+MRowGAYDVQQDExFEaWdpQ2VydFBLSS0zLTIzMzANBgkqhkiG9w0BAQwFAAOCAQEA
+XzsvwdJgI6IukyF+lN40HHCLnJWJ9EZVLEF/wqr9ncGvXdt8a9Gtf/hwaLFplklP
+EvwjcFGCH83Tl//vQJrfLGq9ske63jm8s+cETiQ1fP3pyILejqFWFJTNJqRH6w1u
+GgHgIcu04HoYF+r0vLSReyXsfniz9/5wPENvewWus6nsc6GbUACet7FCS2ObD4zE
+CBRW/LvD9TKpgQtrtEq50p+0NBooRfVT65BE9AtLIDwI/JeezMid4Mzg8dkHrNfP
+qfT7A7xgUc//TodhCKqokKYt0+ClTU9Na3Fk6P9Zxsmk8ihajhD77XFxHjMOZqvz
+DZykz3vqebzu5N1E6Kfaag==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFGTCCBAGgAwIBAgIQB6hTFlGn93i7ASjKbVF3rTANBgkqhkiG9w0BAQwFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwOTI1MDAwMDAwWhcNMzAwOTI0MjM1OTU5WjBfMQswCQYDVQQG
+EwJERTEfMB0GA1UEChMWT1NSQU0gQ29udGluZW50YWwgR21iSDEvMC0GA1UEAxMm
+T1NSQU0gQ29udGluZW50YWwgU2VjdXJlIEVtYWlsIENBIC0gRzIwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJpoC8dNec3LhIoBmFD34534lzKijfzBn+
+YvcH079zhMFT9O3rLWOuwGzlDPuYrHZbFTDLlsbUwoFXyqADnWirWQQrTW9Srb6v
+NAAlwwbjJBtivhcMuxseHB6hxwiumqv+WkYsGo3fRkSmyxLYr125mNdDZvGSajRd
+s15PEUR/RaLc+FndoR6mbHLObZ5BaCYoDoA9130RV4KUdvK58mPGMcTP8C9hrk2A
+VS9iueVQvdkh3UWYqNr7y1JsNDTmFEDbCtUE6CFoZdM7QCvKaZfMYku0FG1BwD/9
+w5VNo7U+tosOfcN23Trgdk1aBfexjqIfR5A2Jid9/0pqc/9Jjud5AgMBAAGjggHJ
+MIIBxTAdBgNVHQ4EFgQUr6Ru6XdRRlyyhUToXCoZE1/FZ2UwHwYDVR0jBBgwFoAU
+zsNKuZlV8rjbYL+pfr1WtZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQG
+CCsGAQUFBwMCBggrBgEFBQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMHkGCCsGAQUF
+BwEBBG0wazAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEMG
+CCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRB
+c3N1cmVkSURSb290RzIuY3J0MIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8vY3Js
+My5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMDqgOKA2
+hjRodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290
+RzIuY3JsMBYGA1UdIAQPMA0wCwYJYIZIAYb9bAQCMCkGA1UdEQQiMCCkHjAcMRow
+GAYDVQQDExFEaWdpQ2VydFBLSS0zLTIzMTANBgkqhkiG9w0BAQwFAAOCAQEAsPH7
+WUHo2APrfRpu4cpgUjNRCtnJfB+w1x0BOKle3l5F3PohxtEyHLHIeDI6F0cuzDns
+6EBA0nabA+0WVvvgVkaTzJh1FMZ/m4LG1PL5OwHlHYhHG2ynG71sXhofezwzCXkL
+0fYCw8WGFr07vr+PpfmYKrGhIci9o7TfhrPucTVYoSNcUf+No6WN92E452B9hLY1
+aZlud8KsoCjmk6O6aOT+9ZL3u/sBn4k4S+ZxawovI0nOU9QJ/YXw3xK+HAwvQuw+
+Jfw70vTW/HpJF+DWXlxAgx8CJ7ZcDblmyBCrso/z3LWhVpuwcAYhOMWr7lyDdNn+
+TMx/9QixlQcH/LkSGw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFIzCCBAugAwIBAgIQA5e1gY21ChdhRg3kGfhJjzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwOTI1MDAwMDAwWhcNMzAwOTI0MjM1OTU5WjBpMQswCQYDVQQG
+EwJVUzElMCMGA1UEChMcSG9uZXl3ZWxsIEludGVybmF0aW9uYWwgSW5jLjEzMDEG
+A1UEAxMqSG9uZXl3ZWxsIEludGVybmF0aW9uYWwgQ28tYnJhbmRlZCBDQSAtIEcy
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ2/IMA+u1kKfGXq8wLK
+eEyH7cxhITehZ6oNWcibV1sKHLHZPcThItC3wp+dFLdO0kB+vgZKyt+wSjbOdA6+
+nPuCCT8nKggT8kVp+rLWIt5Hys85rWy6MqqCcCvxdIRv0KoVwPv0k7edZs1QPHL6
+XSZQrMjRXj3BdXbnuwwkdnCA+ksGgMucYNXapzK9fRtTbxzyquQ9mmovskzULLAf
+QLmVTALE4bVFkZA2k42eD5mHV+NmQeZg0Iw+TR65rGtI7j68QB78FayW7WdueRvp
+bXZdATik546VKuKz7cHQB4KPi4L91AwG6f4G8+71PCngjcG0E8e9ghF/H1i1JrpZ
+BwIDAQABo4IByTCCAcUwHQYDVR0OBBYEFEWZtL9DBSlo6Z1zN9bOD6Yq/s8EMB8G
+A1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWXNqfWMA4GA1UdDwEB/wQEAwIBhjAd
+BgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwEgYDVR0TAQH/BAgwBgEB/wIB
+ADB5BggrBgEFBQcBAQRtMGswJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2lj
+ZXJ0LmNvbTBDBggrBgEFBQcwAoY3aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29t
+L0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNydDCBgQYDVR0fBHoweDA6oDigNoY0
+aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcy
+LmNybDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNz
+dXJlZElEUm9vdEcyLmNybDAWBgNVHSAEDzANMAsGCWCGSAGG/WwEAjApBgNVHREE
+IjAgpB4wHDEaMBgGA1UEAxMRRGlnaUNlcnRQS0ktMy0yMzkwDQYJKoZIhvcNAQEL
+BQADggEBACsX73EZ2n+j92wr/qoPkdnTjCg1mUfa7BR1qZ91jFqZvY/q6bg/szcm
+3IVKRZzVB2DlOkcK3EqTeq6vYYMrS9DlDO+ukNzwHxP+CFlYagKH8B+V1ZncDG2L
+wdeR9fPG23tSAoVDwLzRMmGwmaA1b9ZnymMw5t+toYo2iFCyU5bg47gMcCuDC6Xd
+bqttOahP6NjLY1ARdHei4Y3td3kagC7FBWddo+3uyuAjHfm0kDy/bGTExK/4RqCv
+U4yYkT5yOmeQlWIaDcM+V4AGPQJwnpz4Muqx/6hqSJL+VLAmq3+tm1NDbgxLhJ1f
+FKORMxzUQFaqp3k2OtMz4BLNPAZvbWc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF8jCCA9qgAwIBAgIQEAylgF2UktNyaT9N8tSsiDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAw
+OTI1MDAwMDAwWhcNMzAwOTI1MjM1OTU5WjB3MQswCQYDVQQGEwJVUzEoMCYGA1UE
+ChMfSU5URUdSSVRZIFNlY3VyaXR5IFNlcnZpY2VzIExMQzE+MDwGA1UEAxM1SVNT
+QXV0aCBSU0EgQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwg
+Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHf31FAS9pwJNndqzu
+Tp6C6Mf7YS+0D4g0RidOnQGNhfPxa+Q2FgxAvcLa7t1NEftUB+VPlOWXM3Aj/+Xz
+SinM/pHMgh282h2xw7vcNbWZt2cuFfb5vKdLTVz/xRf2P4TVOoy05hEa77VKswsy
+O6dBZT1ff2S1LTmwibdNre0dErJIx1vIyaec/AIDw2wlDTuV5i5r7H8Lb01lyr9S
+ei5T7fimVjnolyIaQl//zotb6Ip6rHcvW2QZQ9OHfmabk43rtB4pf3d01aRvCIZU
+kzvW691FbI6K5Sih0KiY892siCHqs2LHXmUmhG+MbUf8/gDPw/JYhoPdZEiDBf4h
+KLWPAgMBAAGjggFmMIIBYjAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNm
+yzAdBgNVHQ4EFgQUFBs7AdII5sDhmPvMCKSYl6aFuk8wDgYDVR0PAQH/BAQDAgGG
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUF
+BwMEMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAlYwUAYDVR0fBEkwRzBFoEOgQYY/
+aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUNlcnRpZmljYXRp
+b25BdXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA6BggrBgEFBQcwAoYuaHR0
+cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdFJTQUFBQUNBLmNydDAlBggr
+BgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwF
+AAOCAgEAa0Gn/7+hikV1B0d0uPnRSKDTmk6+Yz6Z0J+y2Yna53EFGn2F3ueE0ckh
+7ipG7EFIMPzTewkZYX+y3v05Z52Nq565WWwIAYKLItP2/+Et9k0O+o01lYEV0X+K
+ecm4iOsS0x6JnpWT6sR95UV9ZFZ0GDv/FKYuFw6/vBbd5ATzyd12sBSQIBBsL/Zl
+B7XiLrmaJHIyCtFVpT9JSt+srs/cYLmMZWyojV42W/zJMcEPFmxv3wvwoOwaG9cY
+ZfMSKCtaMQNIDEmPqHlR3SV7+Q7g2ABrk1pTDHCmyitOuWwdilhK8UYCMa7RoYze
+PHLcGr0mNZGSApCK7ZBfUxqK5m1KZytOgbUE1uhHpFdDvJJE5O8+TN7oPBIPaCYU
+J9gTlQ0ksqXX2l2F+e+GuTbq2qJkHmSGqygVP9swwU6zRBfx0muoR5TEOPoomSDG
+hqZttHZBPtUKoMAIBsUUQ3RZVpRwkxE6zatOXWpT64t94IHm/2e3Tm+a6T6v6R4/
+olOE8IDPgjFJnweLJ1zSU8AUn0MxUfkdVnpUk94DbZB4HyDtehwtWrbpY6IsY749
+eaUmFsLeJDGVDT5+wIkHYO7vjRcKxphl63RF3eiNEJbqYGqwHAi0rOl8ffZBWBMc
+qDTmrU+BzTcJH7ehC6mNKMaOVBPgG4CxB/oiubhULTFM/66mYpE=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFCjCCA/KgAwIBAgIQDkRPRcgzPCq2SNnSu5IKOTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwOTI1MDAwMDAwWhcNMzAwOTI0MjM1OTU5WjBQMQswCQYDVQQG
+EwJVUzEhMB8GA1UEChMYR2VuZXJhbCBFbGVjdHJpYyBDb21wYW55MR4wHAYDVQQD
+ExVHRSBTTUlNRSBJc3N1aW5nIENBIDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDGVWm8DdPWpEw59b0p8L1zyBqgioeaU/YVpbCg6ykbfNSL5hKVSGtJ
+Xkuc27jqteWVDinBstD1PeHH227wukI3bEYlvrMMiYfFZ+q7PnxD+RBUR36VoNcf
+bff5nJWAicbuoY6DvyqPl+JRqZgFj0v/hHGq25TEJhpW2OmPIPZPF258oYgsCswB
+0OxMQKI6QBNoLNzeebsnBwt7YbWMwiCTWaqSqpoQVdK1jJjyQas7vxFU5AVhsGuI
+SsyvGBKfnZAu+alo7Tfjy7huXZ73vv8p4fUzjefLMYp7y+c6CeKaOkL8dE+CFVMQ
+RB4zhEaDxSICMu658aJeRg7C+ToKb8H7AgMBAAGjggHJMIIBxTAdBgNVHQ4EFgQU
+6l22f92/7zCajVFWsMAXE3dqM5kwHwYDVR0jBBgwFoAUzsNKuZlV8rjbYL+pfr1W
+tZc2p9YwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDBDASBgNVHRMBAf8ECDAGAQH/AgEAMHkGCCsGAQUFBwEBBG0wazAkBggrBgEF
+BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEMGCCsGAQUFBzAChjdodHRw
+Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIu
+Y3J0MIGBBgNVHR8EejB4MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20v
+RGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5k
+aWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290RzIuY3JsMBYGA1UdIAQP
+MA0wCwYJYIZIAYb9bAQCMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFEaWdpQ2Vy
+dFBLSS0zLTIzNDANBgkqhkiG9w0BAQsFAAOCAQEAXIR6NgNxzF/YkwUloQB1Ytxc
+usDtCnmiNS5I36sH2zjiGssT2iW57kUWTsMzKF3lAYXRXE0mGAkvvOJEY5zX4nsO
+zAbpbzThAaPBgJH957B/0rDA9WhCZ4Ap/Pxmy7eYvVl0355SSwgrb6+YQSgHr37X
+byTc1hnsYGsN3H2/pgBAaDGrv5O39Tkk9XH5XgfIvrINDZguSQMQQz3m5jD6aoNW
+pC3qZ6/nMffgl4q+YD8kbZwE0WWGkiXA5syrcTVym1XxdfrptwOXSWrdZ7S1Ye6/
+7mXrBuTYjdJuDw2/niLqh2IeyHA0n7MXgrTySpoGW9zT+bTzkCH4AkXpf0mTeg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFGDCCBACgAwIBAgIQDs4EFJGIIQWkdw3RGaWQBDANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAwOTI1MDAwMDAwWhcNMzAwOTI0MjM1OTU5WjBeMQswCQYDVQQG
+EwJVUzEsMCoGA1UEChMjQ29tbW9uIFNlY3VyaXRpemF0aW9uIFNvbHV0aW9ucyBM
+TEMxITAfBgNVBAMTGENTUyBQdWJsaWMgSXNzdWluZyBDQSBHMjCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAKeJqEpnnc6MPDia9sC5lnPP91l4utq5q6V/
+sm/UZjKe1IWZid2eX/3gvBSulbusQ4hStYx3uo9RkZ6igBtzA2vyN6brQp8+/LCB
+EiwBuBVqDaimXWC7iTHmHp0OyhEBhlnTr4PWZs3U2nQcBO3TEmzFB6T9HCwXSMyZ
+aUwNoh4/4poascC9ySWxHGNygqNgjItLhW0jxMc8b9oEGjXOcgTNBJrp41l5N1Kp
+XyTf3PRY4CxSwEgeUfTyLto7E6pdC3f7hq88y9g8oVTC14Xm16pC0ETrBYy6kwGd
+f0Qy6cbeb4Ri1vmnRE8Qdhg1CU749JjNCtcknK76mrKpdVdxrusCAwEAAaOCAckw
+ggHFMB0GA1UdDgQWBBQjebS6O0v/F5HlVzyQruvXgXoqwzAfBgNVHSMEGDAWgBTO
+w0q5mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI
+KwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8CAQAweQYIKwYBBQUH
+AQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQwYI
+KwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFz
+c3VyZWRJRFJvb3RHMi5jcnQwgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwz
+LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwOqA4oDaG
+NGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RH
+Mi5jcmwwFgYDVR0gBA8wDTALBglghkgBhv1sBAIwKQYDVR0RBCIwIKQeMBwxGjAY
+BgNVBAMTEURpZ2lDZXJ0UEtJLTMtMjMyMA0GCSqGSIb3DQEBCwUAA4IBAQCOxm3L
+XrDEew+kbixvOmOLh6v8GdovYTLmaM+R+U+W4oVYaYpq5hL33lnAw8vsJWWVJp0X
+pB4OyVSk7g/QqZBO+Y4DV/yppBb1XDMuN1Xo4KjoIiO0AIoWmE0mfTLOstj2GPzP
+se/w4A+VdGRNgPkj6HNLqIE6DWFZy4NF+8mTv/4fZ3DJrmgfzY64m+K3bYXluICO
+BLcMnTupBkemtw5L/dmPt+wYDHQ3gaVMboUhXA/DIks252b+VEkXHLqB1zofAEa1
+d89iYFXfpUuClPoGaQzkrc2biCJn1UwxxbiLMmCS8AZP0dDmNd+gK85Q5dGPs9yN
+65+xkqbKO7IwxzDj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDbDCCAvOgAwIBAgIRAP/W2AxlInm3+tncBdKhGLQwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMDky
+NTAwMDAwMFoXDTMwMDkyNTIzNTk1OVowUzELMAkGA1UEBhMCVVMxKDAmBgNVBAoT
+H0lOVEVHUklUWSBTZWN1cml0eSBTZXJ2aWNlcyBMTEMxGjAYBgNVBAMTEUlTU0F1
+dGggRUNDIE9WIENBMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAET7WFoVKv4g1o
+zT8QFyZ3o3lL4g1FtdZEKTgwYIB/HDNvqF6W52ibgDOlU0KdwPj7ytsP7d39+KJJ
+Au9d4J13p6OCAXAwggFsMB8GA1UdIwQYMBaAFDrhCYbUzxnClnZ0SXbc4DXGY2Oa
+MB0GA1UdDgQWBBQvMLxuZxF8e+ghCmzv9xzh+bilCTAOBgNVHQ8BAf8EBAMCAYYw
+EgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICVjAIBgZngQwBAgIwUAYDVR0fBEkw
+RzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0Nl
+cnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHEGCCsGAQUFBwEBBGUwYzA6BggrBgEF
+BQcwAoYuaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJUcnVzdEVDQ0FBQUNB
+LmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTAKBggq
+hkjOPQQDAwNnADBkAjBxabnQHJ68VrsI649pVjUNo0VN1XgtAVAs4ffPh3roWHYp
+ax4jAEK+XwSPcZzVU1ACMAGH7QmYqKkOoavmdAF9vx8x2LVoI3in0UPL6jVekE2h
+4oUzJIfTgYi56vrBNjr1ew==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGyTCCBLGgAwIBAgIUcjtv5cJSdU0hibCRVVIaMYeRbbgwDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
+BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0yMDA5MjkxOTM1NDJaFw0zMDA5
+MjcxOTM1NDJaMF0xCzAJBgNVBAYTAlVTMTAwLgYDVQQKDCdIeWRyYW50SUQgKEF2
+YWxhbmNoZSBDbG91ZCBDb3Jwb3JhdGlvbikxHDAaBgNVBAMME0h5ZHJhbnRJRCBT
+U0wgQ0EgRzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC5att6aX7K
+datB6wOwa1A6gkR/d5lIHnnsxy8ZEFT/VOo/TVVMfBWjAz1yq0+bMre+ijgZ3JQ3
+R1sc16SeyvSDhnpH8WwNYCa9gg/2N4kq7xpvJs3rqgmQWNejYBSOfqCGSrbyts/U
+J1iiSQyDTIHHqvLg00Beugm7fiV4RplMumC2KK0B3pZbj5U/qc5wp2e1Mz5/q+S+
+XqwS/uYH/Dl7IplBu458m8DjrteuS9wCGpnWW4du07yUIKlFQqD6n1optsEbr0zQ
+WOa/QGEnGOXVPiRXfMFbuzfNuSJ88JuRnkstp+jsEFQtC4AyXcTAEassmdk6rb6n
+0Jdwze1oxiQsZn9q+4IsbMRPE2w+3CQVd4h6E8doXdzgu5d/BTnal2SuR0jMIsyS
+sOsxoEyuf7kfAQWBV/mPYDudteB5cVlbjNT5krHKeIeqJroYy+3q30x2eRgji77r
+8eDwxGfHSPsinHhQoYiNWC2X0cN8LZw8Ba3+RkekrknBCeQ13JV2x0lVdQtTxTp+
+cLhueUZ3orRzrsj0+lu1r06DFp+FYLQ2GSYtQivz8sMJ0fzTYlq/Vy15nIkRhJE3
+xOjpfptTf3xr5yGUisMQ5LQSHR2lK/hqeRoo5mc3URwxuB1HMnjaN77JRG5jhLgq
+/sbxHyrdT/NVPhuX6dLzXVd1qKrgIN7dWwIDAQABo4IBlzCCAZMwEgYDVR0TAQH/
+BAgwBgEB/wIBADAfBgNVHSMEGDAWgBQahGK8SEwzJQTU7tD2A8QZRtGUazByBggr
+BgEFBQcBAQRmMGQwNgYIKwYBBQUHMAKGKmh0dHA6Ly90cnVzdC5xdW92YWRpc2ds
+b2JhbC5jb20vcXZyY2EyLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVv
+dmFkaXNnbG9iYWwuY29tMF8GA1UdIARYMFYwCAYGZ4EMAQICMEoGDCsGAQQBvlgA
+A4cEADA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5oeWRyYW50aWQuY29tL3N1
+cHBvcnQvcmVwb3NpdG9yeTAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEw
+OQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20v
+cXZyY2EyLmNybDAdBgNVHQ4EFgQUzKLzOK32xVQnMkbFOV9JchMTgHkwDgYDVR0P
+AQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQAKlx95q0w2rX6l/dWONsKj7yr2
+SmafArwYZcC5FlHG0HcDeXABVD0yfOdFQw7CC1WjMbY4efAndKZ9f9ucSBP7u7wo
+ddpT4MFpWAqohtCZPQqE++Jn/q1eL7+Ed43PwBkoFNm0o1p+nBVbkC4C5rkToCq8
+ppXcv8P5SL1Bpv8nATnzdHeZR2zreuGF6gfBCXe3QuczzjV+mXdfFbN+BovWxZii
+J8vUFq+Dc3uLo33UrSdJmzllc2Dr8VzTQUoQz0AXy6fYlg+Loc0cjEhOset/vwgW
+6smNbKHJ65z2KUE6m2Bu/17z6KtaD2GzjI3LL8TjJgQyJAu8rCIR9TTArGwr1hFt
+Txz7dUk+dVw6PQivMGYiqf0gspKzGOqdV70kIvz4nnHsYQrl1u9hAnWROuASSCti
+tX4z++r4owzuL8bnauvDdReisTUhcovHWtRFvuHg1wqtbxEJTchIM9XKXobNfeM3
+uJGJ1an8v5dbzSDhFHidq7xCN2O4giLpa7n6cpvC02TBuMXc1wf0pidqzxeENEM+
+r+ZeiZkpt1s8jhzwTTwMaSPFjale/eKx07ppDalxltGJEZExYbHx0XJ6I4qOK/xL
+l69NrgFZk2uhcMvMplpSZb5SjXdZnpnF0J0AgcZAn/LpwSOAMUHyhL0B4Rag5xT4
+aXiEWbYkhYIp9/UEqA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGWTCCBEGgAwIBAgIQJ2I3gEihs2KNUH4pIg3iIDANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAx
+MDA1MDAwMDAwWhcNMzUxMDA0MjM1OTU5WjBlMQswCQYDVQQGEwJFUzEcMBoGA1UE
+ChMTU2VjdGlnbyAoRXVyb3BlKSBTTDE4MDYGA1UEAxMvU2VjdGlnbyBRdWFsaWZp
+ZWQgV2Vic2l0ZSBBdXRoZW50aWNhdGlvbiBDQSBSMzUwggGiMA0GCSqGSIb3DQEB
+AQUAA4IBjwAwggGKAoIBgQDM22r2ErDUlj/oI7CQ6ex30UeqGqLXS9PBwLUcE7mj
+g7BLPEcXb1axVekRweC5IxEXsJrzrTc5Jqsk+idax7butIvU7TBP8YWxEPcZPj/w
+M07LEY4I51c/dJNBokyjJZttCejrQ/jYfHPaYsCP6NpHxnupjZoOKyFHIABxriY3
+Mb77rEpP4gvxEC7OtBdV+AFQp4XBxIc29540tUs6lDbVc6NsjEgEWEnNMpQp07Mu
+wjDCypQrEtKaepo/iGUWwkecV662K8mifLTDRSDf+kF3m+kWZe2eylEPzH9hnOOG
+7LF0ivpmjujwUJP0zs96KH98yWp1jDJdP1Y/k2h6tVPjV+RV/qd7HKr8E2RWwT+H
+vX+3OHjdn8B20+M2JEVsR7cJpTtcWznYGm4ZmbZ46o0kbVIFILTDBRLH64IIQcsY
+ObED5hjMJfqYaoLIPZI2DvFBdDLn2K6iYsgjowbGM+ZO5dDYtRZN9Mke14QPmNnM
+FvEhckY/h7h5ZP2qDdPuuWECAwEAAaOCAV8wggFbMB8GA1UdIwQYMBaAFFN5v1qq
+K0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTrNSUqBjbo1gHlaZOE0vMsO6zerzAO
+BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwEQYDVR0gBAowCDAGBgRVHSAAMFAGA1UdHwRJMEcw
+RaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0
+aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUH
+MAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBQUFDQS5j
+cnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZI
+hvcNAQEMBQADggIBAGBpLCiwnPEtnVgL81NkkYC/ZmwWOvc1vPPkia7EJALzPqnd
++4EO/xMhkgY0zMz6YOxZYRM35Q1R2b4KQ+UnK7OZu6anT1sudlwAa8r56Y3UpfTd
+za6mQcyCn6rBdiYWHhE5QkSQmVa6eM1rQGK/N6Afl3oKLU83R+vwDdbUopEjlPws
+0ZIqxjonmhox+MSCQVD303cPMNxwDIznQrAfQF5swgYepHQqXBihDrafYHQmrU2k
+LSLVMPFsx2FY936YypA6Wht8lOtC30NsZcp8cc31JoaIJHC9PYuU7iJqEBLR30sY
+uc7RrPIL/vcCAHjV5eVnV+yyFg0Sy+zDHs7kEkBRXIrv/AaHXKaZ87YugRyGWk3v
+d4w6ogGilUtMn673/5DbeeDmReXhHjZnfCd2v2eOGI8GYuEAlu6pp8Qfz+vDh+CQ
+sCeMs+QS31jLveOsnI93bAE8JU3rWFIlIB31jx2ecVerffb/8PfC1cSYGE/y8Yxq
+JBlkjZ2d4NV1kPOEYE332NnkGi0K3+Llnhbun/Qg/OasbYdwCII89G6tK/XhbklE
+O/Da2WbWbDzLuEOgXvTi01H8T5qAP6XY+ShBHmysuv36J6bkDHlkxCiyNB7PEzLM
+swjjSYsb3V6WCDopz9jbhfrXzDy+Tu/QO5y4nlWplvX/ZdOM6NMmf1pYg12r
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDbjCCAvSgAwIBAgIRAJ5WjSHe2JMHw0CA/y2ZWQEwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMTAw
+NTAwMDAwMFoXDTM1MTAwNDIzNTk1OVowZTELMAkGA1UEBhMCRVMxHDAaBgNVBAoT
+E1NlY3RpZ28gKEV1cm9wZSkgU0wxODA2BgNVBAMTL1NlY3RpZ28gUXVhbGlmaWVk
+IFdlYnNpdGUgQXV0aGVudGljYXRpb24gQ0EgRTM1MFkwEwYHKoZIzj0CAQYIKoZI
+zj0DAQcDQgAEoZ/maiXB18YoY6sIFi0kuyZTQltgwxwjnljRZ8u/VLF3L4b1NgZA
+lNTwGR1QLIYgGOBZx2k8c8r+E4wS3gARlaOCAV8wggFbMB8GA1UdIwQYMBaAFDrh
+CYbUzxnClnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBQBELB9TETSoLJg+ejaffuKr56v
+WTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwEQYDVR0gBAowCDAGBgRVHSAAMFAGA1UdHwRJ
+MEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0ND
+ZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYIKwYB
+BQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBQUFD
+QS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYI
+KoZIzj0EAwMDaAAwZQIxAPdGdzU3wUj6nUMuGR88wpKNe8anlEp+iIkEqq9E4Trb
+/Vsl+0Kza3bZxD1+TpLXIwIwSn26MmiP43/g/EVOPLSG/jw9EEodK6gdSA8irfkW
+i7SmhFPLMduOCbAGR7MVbVBV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGwjCCBKqgAwIBAgIUSTmVZkbGVrI7R9bguTzB/P0h4y4wDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMDEwMDUxMzQ2MjBaFw0z
+MDEwMDMxMzQ2MjBaMFgxCzAJBgNVBAYTAkJFMSUwIwYDVQQKDBxEaWdpQ2VydCBF
+dXJvcGUgQmVsZ2l1bSBCLlYuMSIwIAYDVQQDDBlpdHNtZSBTaWduIElzc3Vpbmcg
+Q0EgRzJ4MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlu2TxSZoibW8
+vdeIWPSVR5RYmp0lEnYq6h4VaHl4MSvIJokk8cpi7ZrFJaIxJ/PfxJfjuiXKRxMM
+JSvplbAsWKrGWrjbKK1jUH2/Aw9nL1P59Tm0Blm0bJy1O4H7ZKsMQog9t5SD0Xh2
+IxVJ6gtgPiM3COXTJTuBio0Max7zSa9JYoRuW0OVHaOImbarJdvBAHl1wSp84rsC
+qu5rub/F86X83KbJOZkGy1B7B7L4wZFi9FUbkUJtY1vxA3C02KRdiJ34vCiPnvfY
+DuEpZBDHs7V0gmvIOAfwfk7LrPE48M1FwSMV48yF1AUJVYffN5ngyFV39qpl3U/i
+xfM+Qrebbvzcqyei/u+bHm+n3u0dpgQ1nvmOYpoXSSNEZ1etRl97k1vCI3PRjson
+qBv829LaWPmk1or7xTZNUrCVEAwf04OkuxF4N5QeMBBY3TuwZ+4BQhIpBTQrl01S
+kYXlGhyGyQrUQ/Hm+HtNas3gPjCDqwTnUTiCRt3lPRiT28wIru0+vY3YLakAhuPY
+7XfDHOxhdzVv0fzaanfU1chEaxNjw61mSFbGmm2dVVFWpG5pgfE8eHirEdDVdXSs
+Ek0FwtoupYwLzBCxJpFcQt4wxcCbGi25Khiz25FTRs5oQngBarALybiMG/QBWRqM
+Ut1u7OYZDfl8JNE1BRLD2kL5CWsklr0CAwEAAaOCAZIwggGOMBIGA1UdEwEB/wQI
+MAYBAf8CAQAwHwYDVR0jBBgwFoAUo5fW816iEOGrRZ88F2Q87gFwnMwwdAYIKwYB
+BQUHAQEEaDBmMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9i
+YWwuY29tL3F2cmNhMWczLmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVv
+dmFkaXNnbG9iYWwuY29tMEoGA1UdIARDMEEwPwYEVR0gADA3MDUGCCsGAQUFBwIB
+FilodHRwczovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTApBgNV
+HSUEIjAgBggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwwwOwYDVR0fBDQw
+MjAwoC6gLIYqaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2ExZzMu
+Y3JsMB0GA1UdDgQWBBQdO4P0uaVK8ck8pstGGhle3WtuijAOBgNVHQ8BAf8EBAMC
+AQYwDQYJKoZIhvcNAQELBQADggIBAH/52/7ZtE3AwoEt+5orHTxxJHNaUNU1fbBk
+SSGgcCxPfQsGEvmHGnb7OlAvCGujBvmtfrL7uuowHZx5H9BlNAaWRYQzkNjHwGfg
+THEulNPuXSd8pHsiZ8GL6PQnWnP0KJvWw2+4ISIGkrdrptV3i5PrlNNaDHu9Jrzo
+lGrPbOb8LQ9T+Jn7g5S89dvFNBTY/FqPZKnT6tEdOkMIiBz6ZORcq1gcZ0Rcebnf
+wSljmK64URSy57WW5kgs+apNGAv2e830gb5nUwwHYkehDrIva4563nBAKV+0AtLq
+ipvxiO/uUyho5b2/qn6Mn8VT+1gtGwZ1H0Z2XOP1RsvU5aagUSkHS0gtPdcudTZK
+Zx5seNtoj0pE7Q1Wgf8M84oAREUiMDiTGvxiFV0VR6hECXS2BJRHyzWZ8oMwizpC
+N1uBIk5eCOC4dB83CWDkpMXWgLGxuuSQqybUlVQfCirYh9JX8rZ/Rk4BZQrHUzYG
+wDuSH2wqoadTAvq4lse2dd3sIOHqAOudoNveS98XrPA6ODIHaLaV6d+cCVLOFFYb
+jm44b7oGiXQte2LaJxKOPgdiB1QGZwNBUmODOmeq4I78dSud7p1R1Vjh4j2G0lkY
+UdzOfYZdjSoP7ZW4WLuaGPzhHmnzX5vZg6RHljt1doDs87aVxB4RnynZrEGVW41L
+YLm1saaB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDeTCCAwCgAwIBAgIRALH9J5w/JzJRc1vki2qBYhUwCgYIKoZIzj0EAwMwgYgx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtKZXJz
+ZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYDVQQD
+EyVVU0VSVHJ1c3QgRUNDIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIwMTAw
+NjAwMDAwMFoXDTMwMTAwNTIzNTk1OVowQzELMAkGA1UEBhMCQ1oxFjAUBgNVBAoT
+DUFscGlybyBzLnIuby4xHDAaBgNVBAMTE0FscGlyb1NTTCBFQ0MgT1YgQ0EwdjAQ
+BgcqhkjOPQIBBgUrgQQAIgNiAAQnYDEKjn3+/ntFRpiB28WqZYBDCielVDYg6DL9
+US0UvSzFHDBUEfgjItAAEkryY4JyVhHlA14LVVx+L2J3pAn4zHSss6YwOsnD2xs8
+E456uQ643bKRyrv0nDI9XBXraaijggFwMIIBbDAfBgNVHSMEGDAWgBQ64QmG1M8Z
+wpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUfhRVXuIXlACjeufDmxtt/QK2DX8wDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGyMQECAlcwCAYGZ4EM
+AQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9V
+U0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
+AQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VS
+VHJ1c3RFQ0NBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0
+cnVzdC5jb20wCgYIKoZIzj0EAwMDZwAwZAIwTLsepbhOBIyFfQg7S2QwSqAu2LKB
+cODA+dbhuqAZWAuskrBd7DYsKaQG856m4POiAjBti4lxOvE+zfeytds8XhIl6VTR
+vi2EqhwzeQbO/RlQZv6IklLHhczX11efJqclSlM=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGyTCCBLGgAwIBAgIRAOi9aInk33lJILgXLp0lgCIwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MTAwNjAwMDAwMFoXDTMwMTAwNTIzNTk1OVowQzELMAkGA1UEBhMCQ1oxFjAUBgNV
+BAoTDUFscGlybyBzLnIuby4xHDAaBgNVBAMTE0FscGlyb1NTTCBSU0EgT1YgQ0Ew
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDZZxvWFwcj1gRBZ33vi5gQ
+cLrX8AhGSt5QpoBN1atdKXX0mspU62S+rf1Dq+IHk6o1VrZqICgi+0W5wkpoxNwW
+1mRR9R8HHUyuOxUZMl9pQqiJPsJ2EMXVyaloN5ebvrqRWs3gRpdQt8iL97iaOPnV
+/J/MLNdM5byASOPgPrRtI+IS179kItbE5tp05C3ckxkNbTjcWKuBOYwvAg6JNuZN
+iCQS92SUfzlo77pvLCpy7sHjpeUowT1+yDiJ1CUg4Jswpj8BbmAVSRbkanK7nKOE
+81mBmsGJzGA1EHb882sg2+igP5x9VZza57WRjG+RJ0o/xloj3UgQocndNa5titTO
++2sb5px9SCkbthHcDXKKtYMYB6b6ZrHvX6CjWCOSHzCMHMDkLXnnWzy8iubCMd85
+D10fcGB619E9BpxUylEwwY/qdRuDwVGhn/hGpTuP+XGSf0UNUh9xmwwoboBtHadW
+R4mNix1e0uBMpccGRo4l9Ev72ZQh/CjKIQkkW6797Q/Pt1L6gHEo09ytQg8nepoi
+L63Ddym6fu+6h43YhuI+/xOho6/eDKXRJFUwjurWnKTt7/xdSOgS1jFwr8cPNsP8
+9RFKVA4U/l8/riWw6l87esSsMW1Igk/lnghheIalgEH0RYheYNm9siYDtTfgPnWZ
+9LpSMbCzRobQz1XqQXTCJwIDAQABo4IBcDCCAWwwHwYDVR0jBBgwFoAUU3m/Wqor
+Ss9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFIbm/csESJm2MWNcdgg7gUHSCir4MA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgJXMAgGBmeB
+DAECAjBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20v
+VVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUH
+AQEEZTBjMDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQUFBQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2Vy
+dHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQAsC8KMqwcRV2ax8DJQc11w+Hts
+n5x457tLsJEP7xZ/6/M+i2A2yrPj7lC8HNVrkmnBF+KOFjALk/Fa/lFvIS8JM0sd
+Du8Yu4grAZ1Qt7RLoVMyEgmSRphBTSSekP4dxXR8zIVICVblBzcCC8hK7pPcsQIU
+ralau0Y8V4Xu1+SfyvYxFC6bI7JyoltsTI9QqQfMv7uZgzy84MZs+ffMR7UP8cxB
+UMsMNgbq9+ju6JXCKH5iVZlcqzXvNPaGBJJKoEPVE5BvUIxDyNMPcmFFcFBlAfp4
+sxhadeEJhSbyfDqXk0jwsPC0WBO9mBRHPKdX8IBRFBIeRFYRrB8u2Cnx0thMVqjr
+bWO4MEp/sSO2LqKu3XGVLo9H5hCImdshH/r1BZ/qVDVRXI6L9SnmzWe5zGhsCWxY
+n7Shi8weKsbem2fxLYa0Q5v1oHjiFGJF5/9+lILYe5tMPqaFs9g9GBHZyrZ0133+
++kC1gWnH0RP/6pNDJgskm4+m2XufxqzMi5OYq0+29+KcIA/TikKeHNetqsab8pG7
+c5Z4Isew++fDSgtxlvKh9GBi3BrGQkf9rafkTZbcvdWSGY3YPMEgw7pCFSLljSMN
+FJ4+ENjObA7W4k5eWi+huvnriB8T5Ka4TerVvN2QuFrWpeH9FGsMxeBw32ZsLYxK
+nyWxFKSlbcy/uzDrzg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG3jCCBMagAwIBAgIQJ5y2QRm8YdwkTl0BmX+6EjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAx
+MDA2MDAwMDAwWhcNMzAxMDA1MjM1OTU5WjBDMQswCQYDVQQGEwJDWjEWMBQGA1UE
+ChMNQWxwaXJvIHMuci5vLjEcMBoGA1UEAxMTQWxwaXJvU1NMIFJTQSBFViBDQTCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJBBrAmLd66N83+iuCvkd0cJ
+K1ip02oIAjgtBcW+xeQe8sae4MnR09BG/MAstSR2BJRQetrl2bUjsLd8Qmsa1/vp
+A+WPMrmzGihF70bxQMN60QEzMDu+VKg0691u2AQyVeHJusiDn+musB6IpRkG7rjH
+qkaYuLH/DXCVAKYjHG814rsW8MSSXxYXVh4x5PgvDkBP9WmuRoPOEYiEnA3KyJii
+2liznvHJlK48CF91p1hdtbQSEUfrgWhK4Y6ghk6Zfw8kC5qjymNhOkw0hj9BXE33
+zDjbiGVVMeHpVjfWxIGjMpZaOQHYgTP9wbWKP6GLHtAHOnTMikuVWjKDxZp3BFv1
+CvN824GWhvJPPeILaNDvpVagpOsvGMcgA+yUfITnO0cxqYyO+aX7u755RY9zk0fX
+Z+KOim6C6yKgMjjNPYczkfmtEP3hNiBhoMbnrjd2JVyI2XTpnwOAAa6tEOf7GMdy
+seSRYu2hefANlyOlfuS+aNm/a4neqRKG4Cm6MVNcxAJhN7z7AbIbxfQ6kKXtbt5t
+8UWy2KfP5YZUV9rTQ6+VUxdV7a8piNk4+E1T2bPVWQzPWtTOBqz9KaX5bpSEZlxb
+t2odKew0XM29S7ablXP4rMinutUVnBLlHyCN/c3VCm8vgZqHrwuHuMD+8DIQ39jr
+9AGWnUIwwfv2XF7z0wwZAgMBAAGjggGGMIIBgjAfBgNVHSMEGDAWgBRTeb9aqitK
+z1SA4dibwJ3ysgNmyzAdBgNVHQ4EFgQU6DVyISrU0KVHqRynz4xrFUPRXHwwDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUFBwIB
+FhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9odHRw
+Oi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1
+dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDoGCCsGAQUFBzAChi5odHRwOi8v
+Y3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0UlNBQUFBQ0EuY3J0MCUGCCsGAQUF
+BzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4IC
+AQBwj+VGYMeFgYDwxDaHB08ySimZS4DPSx1DL3udlMEu5vIXjhW+0Squj+K1kCQh
+IPV5FUObb7TArL6NbxyFAQ8cLLUuv+SIZQ1OWdvh8y2lBF059Zhqu5B5wLxpML61
+9dKaiCjEutzVxtaOjIUu6om08x3A7FGtydJS75W+dbwGZFwPL4dxdymW3hN4kitb
+A86a8In6aFyIJLNHSK94eFw24Mm/fU3j8fkgfZ5jT7/dJdHLV2IMwyQU25MOSmf2
+6ipW5U+pNzsOv0tsrDLl2qi4yrERO8iu6fY5cjZ5mlz1ze3wv9Jj8Tuwp2SB4PAU
+i4RsQKSchAAYUQ3iOJ21+zsVO5xwDftsJn+X700BCDyP1agXg44buYV9aFthqGYd
+Tc7NapZHrtFXB+Z6aB3bViGOj0bkxMgGpIRMsMGorhRGCrZdNtbDSxNdLFob52A/
+RzMiUMOJisKkFfQDdbAh6oillWsfHMNyp5ZiqihEoCatMaG+OZreUBfXWsTqWQO6
+aj9CWEYiHv+CgBZ7go5YHcKMO67dLFb6dLX9qhbICrCaKwD/yBMEsRhsR24wZYQ3
+5Be/sJuITOH5G6m6eRtrn4bDAPJUgkhQ5yCd12AWQ9lJDLYf3yS9g28BZw3oegaO
+3cRW8J4It2b5EUGeJTOoc8u+wlHTrbnCtkynEcC4CU4ymg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGyTCCBLGgAwIBAgIRAKVq9kV4o/TSh6FnapN1/7cwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MTAwNjAwMDAwMFoXDTMwMTAwNTIzNTk1OVowQzELMAkGA1UEBhMCQ1oxFjAUBgNV
+BAoTDUFscGlybyBzLnIuby4xHDAaBgNVBAMTE0FscGlyb1NTTCBSU0EgRFYgQ0Ew
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCmXKMIyP50AvoSosyxkEiR
+pxo/zc9hEcvPBzWbFBVK/L13aBPiHfOhVa/JlZGZz7WBEDjdS/hwemGZaa5shXkO
+v2JtuwIwbvTC68DdcIsk+WnR+pPpuD1vXb2SkW/fneyLpAr99AQu3Sby7N4mFy5h
+BqUux3aRkH2YkTLa6dCzBvCBeBPU98ih4ZbnnCOLHXiEMME254KhmUNlmr4FSttO
+UbMrVpsI/27B6Gt3Qq/H7ws/tBrjsI+XAcTe6gSTLQPAw3PBkpmbqaMEqKYQN1ZS
+Nr46memNoY68wGN1szhpbp4vSUHU3WiebafcBFrD52cRYgXsxjaWVtILhEucCeVF
+1myr2tsZ05C4usQiIxInKc6PV1n9DEUWxSRHG/n4PIIWyObHH3BjkPE9HpykNsyQ
+DQNngVYD932pQJbK7pIsqVLBdBWYnKqB6915vre03F3DXkhzTAYD2YUEFKTHsVZB
+CNMzrjzUDDIwelUTFyVW6CvTu1ZYJOz8zbrFQUtowwVJKjaNQON2qxofwQ0f/GMH
+g2jBhxSiBDwBD7b5EpBHo8n6oqp7193sr5D1+juoxmkxHFYVaohLuT94JA7qOuii
+tt+u2uvCeqnIrtodGt/OcU3dZLh3DqdpQFYZbKZHhlxP6biVEsuBecqF+q8ledli
+TJqmPMRNSeakeDrRchMT1QIDAQABo4IBcDCCAWwwHwYDVR0jBBgwFoAUU3m/Wqor
+Ss9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFBOcIjqoZEAXLLUmmNoFyTUlK79bMA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAiBgNVHSAEGzAZMA0GCysGAQQBsjEBAgJXMAgGBmeB
+DAECATBQBgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20v
+VVNFUlRydXN0UlNBQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUH
+AQEEZTBjMDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNF
+UlRydXN0UlNBQUFBQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2Vy
+dHJ1c3QuY29tMA0GCSqGSIb3DQEBDAUAA4ICAQBszc4i4JVdf3fiReOOFUlEi7Cs
+vpTveNDO5DrYMDsRIf8GjmEX0MeWcLDcE4oEPzPjk5yvrmf8GqZIiDVSCjgoNavP
+kQYGr4C3zglQy6+iGlIAOzQNq8SC8CDPtC3xyzNDl6mWjqDiqocXcaiuO+u5itDA
+VS4Utd6pX/ixFTdMM4chBUN1lapTOmrQkfEKsVwKlpT1mpRHR1fhSxzWmk2wfVlS
+M2qXZQLS1Sm1+48LjJ77O+7ANWPdQvwMB2CcVejR05yBJDJd5b3dyT06ZeURSJGW
+YV2gIoFqsImJs7M9d2hSUIDJ5kmtcrpI3SSzvPENoxfw7NblWY8jG7ec2EWNZ1pu
+zlxDo5qLlu3M5qOE753nvY49tx96n4MzYjAmak7tQN85pksWEz/HYXecT1G4CqCG
+hjW7sXKzcybByTicCpIcps0qDzG6znuMjK3pcIy8AovgXw+tMuHzE3d8m2IYQy4N
+B66IjJqu/C6+S5SImDsoRH7+KVNy5RbTN6ewfq4QV6BbobFeT4qu9cJD68RENI7+
+5GPDdKEtA4a9QJoArMYhrO8G/6sY8kBzJ2jjxdDjfDhdln2MuYxOjhQupm2Fx8gw
+AlwJmEsZt1a8srqSbgjN0jxktv0+jCm31r6sXRGNLhF6ADnnkJyDr4ogDeTYZQLe
+DNDNeO4vhlJw5jxOQA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG4zCCBMugAwIBAgIRAJP5mMntp3K8vhdXOD2S+7kwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MTAwNjAwMDAwMFoXDTMwMTAwNTIzNTk1OVowZzELMAkGA1UEBhMCQ1oxFjAUBgNV
+BAoTDUFscGlybyBzLnIuby4xQDA+BgNVBAMTN0FscGlyb1NTTCBSU0EgQ2xpZW50
+IEF1dGhlbnRpY2F0aW9uIGFuZCBTZWN1cmUgRW1haWwgQ0EwggIiMA0GCSqGSIb3
+DQEBAQUAA4ICDwAwggIKAoICAQDeC0+nfb95e9KNDAMK30HDVsPhc8sWheZrnjdo
+2C6rXjC5os//q25bSgoS7S2h4TkX0RloAzlp55XFx55m+WsMwI40jNrSJnSiStgK
+ZhvX7CshMoye7dnOiIvPvcrLlHgLZTcT4zirCKpiafN3N4dZygB9+hceiOZXXu20
+DX2I2GXSLe+H6AAoIO9QqBjXEIzVv1O21wlGJQM5SEeI2MAQP5xBJrjjTFeCeb3n
+pNzsETeDzgkDoW+65LNyuZV6VT1AqE4JxhRayHlF3f1bNEWfGcP2+Lilk8rIBbaU
+aNgohPo6UdslrX47k8+5wn3sLqBFbu6yFsO7cjBn0L7Rvm2Hb8CkkOEgHapnVpdH
+MQ9SWt7AMukNRAavmMFoLf76Nd/ZI5oNjEQIxqJlxHO63kXq3znd+9X3a8+qoJYO
+4yR+m77zEhltjX4GsOvnMXNcEOcv/RWRS2cNBLPFWqx6N5RUa37ekCI1dJkuzp5p
+qwQPCzmJ/4aSgybLD2XmnazX/GO4sGXgpxjDq/4lZIH/lw78HBysWXghWAi/Pn3p
+uHg7y5Wkxn39dhvivjD/WzzRkoLAoLloJOXPHA1ml/bMI6f/1hTf9dIWTmZd1Qo4
+xWTVELrWdfBGU8MIkSCNO6sZs+ktJBBzVngok+kuLIM64qsUUTOWlQWea7MWJolo
+9hLB1QIDAQABo4IBZjCCAWIwHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rID
+ZsswHQYDVR0OBBYEFBqmErIw5CDQOgTmHx6XqFTKZ46DMA4GA1UdDwEB/wQEAwIB
+hjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDBDAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgJXMFAGA1UdHwRJMEcwRaBDoEGG
+P2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0
+aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0
+dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBQUFDQS5jcnQwJQYI
+KwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEM
+BQADggIBAFYJ8O1llKBvVn7nJvDPInyCGaq6zA6GTy0pdsq25B3ZpngEU4pQwt5y
+ytI/VX8bn+2DeP8NI2vcLgW0mMW649sG+rtcH7CEJ9oq3QrJ4CyG5nN5jVXx2hAL
+Z1i+PsPLoOeSVvQxkKCueWEwLbZ3MEtcaVp/Jq0tvzQdJdNoB9fFH5yFgtYWuPGg
+Oev3PlrcBEmFWJdcTxoptJ9BmHe6e1Ky92bD8slniiIeF/UF5aHQnonu9N9UEo+w
+6QqwbCKmUi0RvSLB9rB5klPRxy5G7+icVx+YCskPTY1Vpw8HiwQqV//6zp6MWj7C
+sNBXzf1XpSSH6FsphXXu/0wL+VwreCdGU4hd/br8uH1FEg7C3zq0Vqq8mUAhHMa/
+t/3hijmW8XSWwI6JcApW1Kx7KaQsfYJ5S1impAo4ROGkYfAcIJ7Zb6SR0N6XGOcu
+5NoEbu3IRpOfE9v6WaUE60xBl81E8uaeALdF5f0ZAavXSj5zJoSe3O159wGNoTwd
+cJRK52Z21zcSAufs9hEDatQ9UIIjmUOrG6vQYXCJFWc8DD7S8f0Tt9qZ2ruYLwEe
+qauBQYx6AbbTwDfqcfSs6chaqKS+S91imHN81cXbP5YfBUZvAnVHZcQk3Th3TBeY
+WHJ9VN77/yVhEoXDCy0Q+NGKhxAPoGJ/ObGx5ktvQoxLMxfL7Eoz
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAv+gAwIBAgIQMgDrw8WpnjUR7l2xImSYkzAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAxMDA2
+MDAwMDAwWhcNMzAxMDA1MjM1OTU5WjBDMQswCQYDVQQGEwJDWjEWMBQGA1UEChMN
+QWxwaXJvIHMuci5vLjEcMBoGA1UEAxMTQWxwaXJvU1NMIEVDQyBEViBDQTB2MBAG
+ByqGSM49AgEGBSuBBAAiA2IABCi2Ugy57n6Mjm4yf8ppR765FbebABXsWaW6fPMj
+zmOCLj9L/PZ8LZ+Xmej/z3qSbj7mtrfyCbAEb8DA0N4I8WJroR6wrMtSeZgbxY3o
+OJrRpfPYsd7QAqU59rANALLOnqOCAXAwggFsMB8GA1UdIwQYMBaAFDrhCYbUzxnC
+lnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBRAYAlol8GyYta8ZBNZtqQSQqcW2jAOBgNV
+HQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwIgYDVR0gBBswGTANBgsrBgEEAbIxAQICVzAIBgZngQwB
+AgEwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VT
+RVJUcnVzdEVDQ0NlcnRpZmljYXRpb25BdXRob3JpdHkuY3JsMHEGCCsGAQUFBwEB
+BGUwYzA6BggrBgEFBQcwAoYuaHR0cDovL2NydC51c2VydHJ1c3QuY29tL1VTRVJU
+cnVzdEVDQ0FBQUNBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRy
+dXN0LmNvbTAKBggqhkjOPQQDAwNnADBkAjAwapZG4ZJ3fiDHFXCS1rX/dwMMJbw8
+vyA0SOxdV3LXUoWzwvCW2ZCjJH50Zgbq0zgCMA9b2jdn+H1FIGCCelBYOm3MNVWZ
+2rRmYxG4Eu7iRLcllGLm5+bqB2KfYPMVRaol3w==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDjzCCAxWgAwIBAgIQK+hz3P1g4I3jLRl0NDtUYzAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAxMDA2
+MDAwMDAwWhcNMzAxMDA1MjM1OTU5WjBDMQswCQYDVQQGEwJDWjEWMBQGA1UEChMN
+QWxwaXJvIHMuci5vLjEcMBoGA1UEAxMTQWxwaXJvU1NMIEVDQyBFViBDQTB2MBAG
+ByqGSM49AgEGBSuBBAAiA2IABD8rNZrJBsx2oJoXuQj4ONZxI9oDppOSH/3d2xwT
+a7vNtyPoVWPzHHYqX0t0sIA3z+H3iJ6K5UvpSG7z97ggUqfyCLktmS2ARxGFvL25
+iXFstM1RBCrV5Kx2Q8mIjrdHgKOCAYYwggGCMB8GA1UdIwQYMBaAFDrhCYbUzxnC
+lnZ0SXbc4DXGY2OaMB0GA1UdDgQWBBTmr0PkpmSss2TYz1d2UaHkjo7XJzAOBgNV
+HQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRVHSAAMCUwIwYIKwYBBQUHAgEW
+F2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6
+Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0
+aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9j
+cnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NBQUFDQS5jcnQwJQYIKwYBBQUH
+MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaAAwZQIx
+ANLAzbCsmZrE/3ZCBpjt9z7DL6Y65/cf/AuNT8fCRRXvtuvAHf8XMnjixJm5Rz2l
+9gIwaaFF3uHAqtiRgQWE/vbec8JbYK69q3hIflwBaik6dN7tPrZ2sjMMQQSNu08b
+FJTs
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHKjCCBRKgAwIBAgIQQr9s0Yh7vujevXmAHqLX0DANBgkqhkiG9w0BAQsFADB6
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+ETAPBgNVBAoMCFNTTCBDb3JwMTYwNAYDVQQDDC1TU0wuY29tIFNTTCBFbnRlcnBy
+aXNlIEludGVybWVkaWF0ZSBDQSBSU0EgUjEwHhcNMjAxMDA2MTY1MjU5WhcNMzAx
+MDA0MTY1MjU5WjBuMQswCQYDVQQGEwJDSDEPMA0GA1UECAwGTHV6ZXJuMQ8wDQYD
+VQQHDAZMdXplcm4xFTATBgNVBAoMDHN3aXNzbnMgR21iSDEmMCQGA1UEAwwdU3dp
+c3NOUyBUTFMgSXNzdWluZyBSU0EgQ0EgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4IC
+DwAwggIKAoICAQCEqPgvDoXMujspvDS4HkhIMLvqKuPyC8ISwoZZosYuOIexpcxs
+e/BF8N0WJw6s5twuGJkC2NtD7lNJFMRES9eoyEqjRvdouzuVQtSLHkqKSjtRkO4n
+mW85JpaXXLeW46vSF9Lkid7Woj/N43JgOAhKZdlpvGshrniMLIFUS5nAY46xYHbA
+8RH/ikDqAy0ZwTR+ADPhwgkxfZTxKAyvzDQKSqdRq0I0wQcoDogTTgGIbq0eIwwM
+V2dzTSUiPcRmYTTeCuk0JiLITIEJIyuHVdPkPL9n7gmL0sq1hRMAa/O1hPH8TuA5
+oedXHHiu7t0PCIjUcffqoH2KCfOzSF9eXnvfpL0DhPKkjoGesR/vfNb0t4XR7DNZ
+MIFr+3VaAQ5QRS6rGiX4qKLwFiCCokOtVBJeFCKZPJg1kilNFq9g0cyj1tSrdOIS
+cLndjVxfYdNJLfPzC/gmVk6i/BoClYO+GmgeMuI8qRrzAsVntf+lQeVxDe4qkAGK
+hBiHPWmIDddI175LjMVaQ7iEtqneR9uLv9YAcxxk/eacYMxQYaNn2Ju7QyUtoR0v
+/N+FDkler+dQff1lWz4q4i3sY6xhz/ZwQeQDDtHmxftntXvu1PzCBlqqOkGwzFF6
+5DUNS+DZOHXc5NobvLp9HtoDQwvNED2v/atVXg3MnXUFKCLd3WZIqtqMjQIDAQAB
+o4IBtjCCAbIwEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAWgBTQPeqimAdd
+RIXPA/vKvzQKnxDEaDCBkQYIKwYBBQUHAQEEgYQwgYEwXQYIKwYBBQUHMAKGUWh0
+dHA6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5L1NTTC5jb20tRW50ZXJwcmlzZS1J
+bnRlcm1lZGlhdGUtU1NMLVJTQS00MDk2LVIxLmNydDAgBggrBgEFBQcwAYYUaHR0
+cDovL29jc3BzLnNzbC5jb20wPwYDVR0gBDgwNjA0BgRVHSAAMCwwKgYIKwYBBQUH
+AgEWHmh0dHBzOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeTAdBgNVHSUEFjAUBggr
+BgEFBQcDAgYIKwYBBQUHAwEwWAYDVR0fBFEwTzBNoEugSYZHaHR0cDovL2NybHMu
+c3NsLmNvbS9TU0wuY29tLUVudGVycHJpc2UtSW50ZXJtZWRpYXRlLVNTTC1SU0Et
+NDA5Ni1SMS5jcmwwHQYDVR0OBBYEFIoJ2UdR4lwOqLqxkNTAWfEL2tUMMA4GA1Ud
+DwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAJmiC4qCPw/idcTGdU6OnjWQe
+chjowRn1N1gFOGroljKI1h4O6q6s/3V7Kb3q7hkU280o19/86r7tXyrqr8u1kCzC
+miveGuz26cOvSJmZwBSRbHeBqcEwk3eJTxjNm0SM89rlKb7u7a2Vr3XZZQFHG8Lk
+1AsQ92EfNeVfz4k9e7La0xVFwwkEbmNH0M5fPn7GBQcQ+AxLtRUC++PsXmodeAAN
+umbNK7ntQneliK8WsOot8drWCw3bkljExTtT1x2Otpt1tDhatiwgdDJPfSTVnhq5
+xe2WdWOTR1bT/FPmPAPQHkHDAcA2uo6SVoFtSTA66Y4iwkT9gTGG2ClIqcp3siN4
+8nfxx8kW3WhvCMZqqpRNJ5hJR1eiureOotAYVXN0nXAG17lIU2i4eSsMHzh3oJ/+
+thiNqL8RECwPq702bskFSBcNBklPqmz0gzgRCXu2h1uBwGYMWdLOtBRgth0J6YRG
+RAwEhkHK48qgRzkYyS8lhra7b1wQB3OeM/eAeGttY5/XCEi62TrLKlHFLJG7+kG/
++fVcGl+v3GiGbYRol4DaQMiLoEYSj8BWZoYt6jZjOWEBsoQAfwzs/XSnUx3iaexj
+WqHc3spg/mFjhLHY8G3UMz5vcmi3nteZuB2hiLzrIwMsQSTP0iNNwnuIKhXmapjo
+dzT2uBtJpxi/vacae6g=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIHNDCCBRygAwIBAgIQMWgk5Za8obEUrABKpVpPkDANBgkqhkiG9w0BAQsFADB6
+MQswCQYDVQQGEwJVUzEOMAwGA1UECAwFVGV4YXMxEDAOBgNVBAcMB0hvdXN0b24x
+ETAPBgNVBAoMCFNTTCBDb3JwMTYwNAYDVQQDDC1TU0wuY29tIFNTTCBFbnRlcnBy
+aXNlIEludGVybWVkaWF0ZSBDQSBSU0EgUjEwHhcNMjAxMDA2MTY1NzQ3WhcNMzAx
+MDA0MTY1NzQ3WjB4MQswCQYDVQQGEwJHQjEPMA0GA1UECAwGTG9uZG9uMQ8wDQYD
+VQQHDAZMb25kb24xHjAcBgNVBAoMFUFuc29uIE5ldHdvcmsgTGltaXRlZDEnMCUG
+A1UEAwweQW5zb25OZXQgVExTIElzc3VpbmcgUlNBIENBIFIxMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEA46VRNuI6C9YTcXQ65wbEjfzh5ke6hfBAA4Iz
+GZNrXugOmVUEKsZm3B4hlGfyVQ0jHjk63Qo7nHSiaSa2Rd67Zg4lvqNK8xs8Ww3X
+zk48cETKydXXRSdd09arWx/VGBP5p7SaSpsVs248pllv6yS5SDMxxKONDJ3xymuH
+HirLU4WCCAQrodyQm8ZSQDkZm/YOYjoKgiSu42YQW+ouqiWINzaC3LThhwf2ERyq
+BaYCbGf0po57zuNRvvIs3/a016pKfoh5whJ1V34bnCrbuQ2hu9otqSFWVf6MHawn
+AnYkR5ufrc5bi499xnaJFp21QOUbsEKwWaS+eux6AR5NArdDiyHdNHvrY6ePp7te
+P474Q4ZRlC+YOg0FjfozjpxF9hAy+4GINxK04OkY8w2d9mdjdUR2EbFhEelWwaLb
+rjzQOnJX/WNMzP3VxELantb4y4uIku9zv9yRkFNQeXCDiwxW1Hnlc8lCZ/cMUi21
+hkFLlWjb9eaCPR6r00LyhJ6oRztuHnHjoHoRO9eCO7d6gS59A9QXjIHP5z2dESL5
+JWAYbtUYDNUt1xIXZVNfvErTg39gd+d46Y8Zmv9gZMhQKpnZwdI755LIslu3P+8w
+UiADnoXIOeGfm77/uRR6Bda5tDXOFx5Eu17bD94z94TFNR0VuklXDVwsUueNm8xD
+MN6jMecCAwEAAaOCAbYwggGyMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgw
+FoAU0D3qopgHXUSFzwP7yr80Cp8QxGgwgZEGCCsGAQUFBwEBBIGEMIGBMF0GCCsG
+AQUFBzAChlFodHRwOi8vd3d3LnNzbC5jb20vcmVwb3NpdG9yeS9TU0wuY29tLUVu
+dGVycHJpc2UtSW50ZXJtZWRpYXRlLVNTTC1SU0EtNDA5Ni1SMS5jcnQwIAYIKwYB
+BQUHMAGGFGh0dHA6Ly9vY3Nwcy5zc2wuY29tMD8GA1UdIAQ4MDYwNAYEVR0gADAs
+MCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkwHQYD
+VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMFgGA1UdHwRRME8wTaBLoEmGR2h0
+dHA6Ly9jcmxzLnNzbC5jb20vU1NMLmNvbS1FbnRlcnByaXNlLUludGVybWVkaWF0
+ZS1TU0wtUlNBLTQwOTYtUjEuY3JsMB0GA1UdDgQWBBScvtjLr0DJHdsvnRCvmTRZ
+bBJO1jAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADggIBAH4A0Uw1fYgQ
+LtOjQd02oIT9KuPTvg0EXQgrH9gUpc0ZQ/gQIPEwvom6ffcW9Kve2Ebf5khCvgZ1
+/xaBMkq8+m9dnjW3VWCIDAbSs6DENnPHBXAs0J7AmIJI+fKp5HOYSg+4WjRaGcmN
+57XZOIwHD6lCqCWH88QppDq8TZXsXiNJiatVP2vqq9wTgkq+08o84q+q7HEBAat6
+pIkEr6DkhJyWYOF4+E5KsgYvchbKVCoTEtZI2pJfuoUI+0SzaXuMx/gC+dbqs2oS
+kOx8LPtk9ysvShUqJbVPpakGN1Uvnjb5SgdEuYrn+dtYH91aBMWucnGXY6MLsmPf
+7swD2ri0kplpti1gvlENvyMcQdBhMGh7o0zlribVmbbVcQvzaaV5pr5gCnKgRvcH
+VPSXbxVdpc1BLndzHrqn/ET4sffjCTt5dvmEE0qBd8BTROFWmnRRfa9lJolJ5SF/
+2zl8woWcq2b/WmTmneGl4wSdz9/c3BO5hqklggTGfR6E0Szw2Zz3cQ/8h/09XwIX
+LluTUIpj179jDuJYFRnDI0NYvmooOvLHS48Q4wdhm4110FCSxbw0/ETv5x5RA+nX
+FzFdtbPvBo1Ucqo1aIwNNe1gZbF3FqBaacyGfwtIS8pW8JXsk3KT/Ro5G5UUFoGC
+i0Bf3FM7bX4wy9KK9MdaCGV4ihct0rwO
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIG2zCCBMOgAwIBAgITBy8w6cJRgYKNrE9ffeSvyHrRMjANBgkqhkiG9w0BAQsF
+ADCBiDELMAkGA1UEBhMCVVMxETAPBgNVBAgMCElsbGlub2lzMRAwDgYDVQQHDAdD
+aGljYWdvMSEwHwYDVQQKDBhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xMTAvBgNV
+BAMMKFRydXN0d2F2ZSBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcN
+MjAxMDA4MDY0OTQwWhcNMzAxMDA4MDY0ODQwWjBWMQswCQYDVQQGEwJVUzEUMBIG
+A1UEChMLU2VjdXJlVHJ1c3QxMTAvBgNVBAMTKFNlY3VyZVRydXN0IFRXRyBTZWN1
+cmUgRW1haWwgQ0EsIExldmVsIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK
+AoICAQCcD5Wc7H480gOv3ae6SELBls0oNOvpw1ZFjK55nLw+W6PhgqTGNEHlO/Ga
+Wt13yS1iO1/WzRaUc2XsFRGcjv3QIfDZb+6UzhL1LL9ZE8zcs0B6fepn4smQg1yK
+gtAWGoD70Z9kEBtypkG23sO5xIiRACJWgRWVZ/891pQBBz+ElCxUnIyDGghHlWCD
+zn5dLoBIVic69Pfpi384uNoNfHV/WATUQEEnwY+5yMMUALAWrRD6Jeh5R4m9qKxG
+UlrO9ObDebK9mFEJvrCPtkTIWT1He4ZD58Lt0NIkaItQ7KsKF9wgwH7BTsRGwQXb
+P6/0LvfO8UDRKNE/4C39u9dwUw/Zpu2iNXTadVWBtaSDsrPFVb5rBu+pvn4l4Hw5
+jtySyHAOWn4mhuxDXMuKBtaoTi/qF94d7N0CbqPdN9WSN79Cy2O0BexTGHSJVndX
+EbKyn96b5STPshKVpG9DmUekfnDtnHR9dmH74a05X/A8k/XeSJWXphM6NvyZap2A
+WiIkrS7MsfwnCdZlX+9WGY2qHxnm4Y6JdNah0qxozBbQHkqHsSN4k8O7zr2lfZhC
+uarm0Q1t6tjsmp7PUh26u6PCe0m+MctIrD6ZckUzZeuPduRb55K2p8MxjQSVNH1S
+J2aaHp77qOYV+rvHXIL7le4OR5lDWyzYtXLc8u17/kLbUtgnmQIDAQABo4IBbTCC
+AWkwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0lBAww
+CgYIKwYBBQUHAwQwHQYDVR0OBBYEFKpD9MNsQCriSoEcg6nez7XhG7bOMB8GA1Ud
+IwQYMBaAFJngGWcNYtt2s9o9uFvo/ULSMQ6HMEEGA1UdIAQ6MDgwNgYEVR0gADAu
+MCwGCCsGAQUFBwIBFiBodHRwczovL2NlcnRzLnNlY3VyZXRydXN0LmNvbS9DQTA1
+BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vY3JsLnNlY3VyZXRydXN0LmNvbS9UV0dD
+QS5jcmwwdAYIKwYBBQUHAQEEaDBmMCgGCCsGAQUFBzABhhxodHRwOi8vb2NzcC5z
+ZWN1cmV0cnVzdC5jb20vMDoGCCsGAQUFBzAChi5odHRwOi8vY2VydHMuc2VjdXJl
+dHJ1c3QuY29tL2lzc3VlcnMvVFdHQ0EuY3J0MA0GCSqGSIb3DQEBCwUAA4ICAQBb
+tCXryLFewOafyNENB3NzgAQVVztwaWSyvF5FYSqav95JKcoHZzy3wG7aKlTPtGnq
+1QzJst03qPmZJ3j63obz2AvfEEzLEMlsPmOTy3B9oIrNzd2QhpGW1oF6pIgGB/VP
+5zh7U2ibUC+zRLmihwt+j2+7NBbuLbPozgxDTWh2f9O4rJb5bv98Q8RdbGrypBb9
+hOhDvmNCCfjSe+Q8myqsvawEG5p7s8gsIK/V3xbyqDihXjsGc7xeEWNftlU91jBL
+KPRbrLmXhhWnHJjYs4y5IHu735HA3aAT4TqURS9dGHOMVDRumkFpLqR2W7ptpDki
+OtIFZjO5smU29OD4AlcNUXqQuKEFasyTtkRlORnWhU37c36HB8dc57xWQKOf8pMq
+7lK+ublO9G4mO1Aqr9mioTN4oMONFJG4W5dWwG9baNg682ZACkvPaw45MqSztL3A
+Kb4s2cDTWu/D34hV3oafkTwu8B7B2mFZnWRJ9q4akPmZF45uw4RZx2ALaYGGGs67
++r5qS300As9ONg8hxfVkFQSHOc00IiBkgi3OpoCofEKTgDwZwHVqOJyyPjk6H9Sh
+ZANmUOT2mGDLwl86Ar5bTu8ipzlsyDYQMFjho7WaVs8I5OXyVdONXDYLIOtpITGT
+1fRcXFzxYHhrNuFwrdj2zBVyvVD4O6xV97/9nv2Eng==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDqjCCAy+gAwIBAgITBy8w6cWNkd75in+esmZs/nvh7jAKBggqhkjOPQQDAzCB
+kTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdDaGlj
+YWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xOjA4BgNVBAMT
+MVRydXN0d2F2ZSBHbG9iYWwgRUNDIFAzODQgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkwHhcNMjAxMDA4MDY0OTQxWhcNMzAxMDA4MDY0ODQxWjBiMQswCQYDVQQGEwJV
+UzEUMBIGA1UEChMLU2VjdXJlVHJ1c3QxPTA7BgNVBAMTNFNlY3VyZVRydXN0IFRX
+RyBFQ0RTQSBQLTM4NCBTZWN1cmUgRW1haWwgQ0EsIExldmVsIDIwdjAQBgcqhkjO
+PQIBBgUrgQQAIgNiAAR4nTJ6MvtPBb7+L3tklhdDw0tr5FNY5Q1hsp6NR5OzZVeG
+x/X3VrCvkOsae1OEZHNqWCnnI1s/ix9qn/2+q0pPpXrT6wkN/HOQzpQaJWzCF7yX
+IfIB0o+x1Pr17UOX2qGjggF1MIIBcTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1Ud
+DwEB/wQEAwIBhjATBgNVHSUEDDAKBggrBgEFBQcDBDAdBgNVHQ4EFgQUJd3xyUp6
+6EP6L9hCmkRrWAcU2mwwHwYDVR0jBBgwFoAUVamEidLBMr0Yy2ymB07I552+gpAw
+QQYDVR0gBDowODA2BgRVHSAAMC4wLAYIKwYBBQUHAgEWIGh0dHBzOi8vY2VydHMu
+c2VjdXJldHJ1c3QuY29tL0NBMDkGA1UdHwQyMDAwLqAsoCqGKGh0dHA6Ly9jcmwu
+c2VjdXJldHJ1c3QuY29tL1RXR1AzODRDQS5jcmwweAYIKwYBBQUHAQEEbDBqMCgG
+CCsGAQUFBzABhhxodHRwOi8vb2NzcC5zZWN1cmV0cnVzdC5jb20vMD4GCCsGAQUF
+BzAChjJodHRwOi8vY2VydHMuc2VjdXJldHJ1c3QuY29tL2lzc3VlcnMvVFdHUDM4
+NENBLmNydDAKBggqhkjOPQQDAwNpADBmAjEA8X5zwZHtdHjLIn60rwG3Z3NAa6cU
+6gOFxyF+ksTCXvWCUP0oFUqsRPMKMYE2mtdQAjEA2diuEHTPUgCQ0ynhLjged8BO
+FyzL3UlFieGGp90v58gUpfjoFq0BReAw7MPYo/Qa
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDbTCCAxKgAwIBAgITBy8w6cRicAHez+v2v107EGbX4zAKBggqhkjOPQQDAjCB
+kTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYDVQQHEwdDaGlj
+YWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIEluYy4xOjA4BgNVBAMT
+MVRydXN0d2F2ZSBHbG9iYWwgRUNDIFAyNTYgQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHkwHhcNMjAxMDA4MDY0OTQxWhcNMzAxMDA4MDY0ODQxWjBiMQswCQYDVQQGEwJV
+UzEUMBIGA1UEChMLU2VjdXJlVHJ1c3QxPTA7BgNVBAMTNFNlY3VyZVRydXN0IFRX
+RyBFQ0RTQSBQLTI1NiBTZWN1cmUgRW1haWwgQ0EsIExldmVsIDIwWTATBgcqhkjO
+PQIBBggqhkjOPQMBBwNCAAT4KazLm94aiykBGkNQVkBrjmK77RlP627D2n3EwK3s
+49ljRkN6wiTWXHx3jPD5BBE/7mWhGWnphzGu1Deb6yzco4IBdTCCAXEwEgYDVR0T
+AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwEwYDVR0lBAwwCgYIKwYBBQUH
+AwQwHQYDVR0OBBYEFHMQ2nwjQr8tFHfBImxM7ct8lbBYMB8GA1UdIwQYMBaAFKNB
+BqyQbdFK63WlShCZs7Ghi0r3MEEGA1UdIAQ6MDgwNgYEVR0gADAuMCwGCCsGAQUF
+BwIBFiBodHRwczovL2NlcnRzLnNlY3VyZXRydXN0LmNvbS9DQTA5BgNVHR8EMjAw
+MC6gLKAqhihodHRwOi8vY3JsLnNlY3VyZXRydXN0LmNvbS9UV0dQMjU2Q0EuY3Js
+MHgGCCsGAQUFBwEBBGwwajAoBggrBgEFBQcwAYYcaHR0cDovL29jc3Auc2VjdXJl
+dHJ1c3QuY29tLzA+BggrBgEFBQcwAoYyaHR0cDovL2NlcnRzLnNlY3VyZXRydXN0
+LmNvbS9pc3N1ZXJzL1RXR1AyNTZDQS5jcnQwCgYIKoZIzj0EAwIDSQAwRgIhAN8G
+PwKUpMgV3LZjq7fuKS96f15BrwBjmTlKhOwgX83BAiEA9WpWhzRRoKeJGAqqXrMk
+Z8RE9xRtOFBqYdv9H5CeTVk=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIElDCCA3ygAwIBAgITBy8w6cgfifMK28S5F2SkECtSUzANBgkqhkiG9w0BAQsF
+ADCBgjELMAkGA1UEBhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNv
+bTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQD
+EyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAxMDA4
+MDY0OTQxWhcNMzAxMDA4MDY0ODQxWjBSMQswCQYDVQQGEwJVUzEUMBIGA1UEChML
+U2VjdXJlVHJ1c3QxLTArBgNVBAMTJFNlY3VyZVRydXN0IFNlY3VyZSBFbWFpbCBD
+QSwgTGV2ZWwgMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM+bRTPK
+iAumsw0ohPsXoRsd1wkbjmRea7tQAKkwM0oUe27kcCv6LFgZ6+L8p+fd/TUvcv+R
+OUG25tDW9ASQKMtB3i1kMZQzWIVjAnKfyF/iCGdktuGS89j9aq1n/ph+t8Xj/mXu
+9Mb7le0dD08kGwNYRYHpfPZgdcz8iBQDBjamDkilLMF3J0hi0AwlDp8uLcaWfl63
+Hcz0KChg+n+bavQCsvVj/YTZuBWRB3lxMvx2Srl/uW7q9DFnLtt1a/5Mb2mJcjvB
+lt0AP7CHSedtTBA3aN1K+bbY8d+P8VLZ4Glvr8TeEP4T7E+64qAE4RwS87jYwFSF
+gvWuIPzNvzOaOp0CAwEAAaOCATAwggEsMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYD
+VR0PAQH/BAQDAgGGMBMGA1UdJQQMMAoGCCsGAQUFBwMEMB0GA1UdDgQWBBTzycMh
+tpZns6y9uaBiKBzuW4fCvzAfBgNVHSMEGDAWgBTGT6I9BmOECZzOYuQErI1ctem2
+GzBBBgNVHSAEOjA4MDYGBFUdIAAwLjAsBggrBgEFBQcCARYgaHR0cHM6Ly9jZXJ0
+cy5zZWN1cmV0cnVzdC5jb20vQ0EwNAYDVR0fBC0wKzApoCegJYYjaHR0cDovL2Ny
+bC5zZWN1cmV0cnVzdC5jb20vWEdDQS5jcmwwOAYIKwYBBQUHAQEELDAqMCgGCCsG
+AQUFBzABhhxodHRwOi8vb2NzcC5zZWN1cmV0cnVzdC5jb20vMA0GCSqGSIb3DQEB
+CwUAA4IBAQAHLROENBGb+ZkmDHXvUAB1QQwKvA/3y90+RyAQ3W0ZOh50n7B77Ifw
+8x8kmX/ztv0G7jwjnY2mCQX3paJH+Zb6F0Ftw1NTbGHE6xEfs2u8xBdHhcISqU4d
+J3DNL7u/dfQmlnXpWevwtefg6lURu0QiEa+nfE5eJYLGeMEhnn/SUQJhjbMkP6aM
+HSxARt7EUhgjL/459s+tPXg++XdYxS7ZA8HPwBE2GVGvLw4JjvBlOfcDAVVLBne5
+mC/XFb04E2glxwVNxrCN0HiprEkhLiNYTb7nPVX2DXqViBCwx0NF3cdn3odrP1ki
+xBaVG/s8WF6dFgIghWQYL59xI/vCcOOD
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE/TCCA+WgAwIBAgIQCFYPogq2pABFB5JiA0FS7jANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMjAxMDA5MDAwMDAwWhcNMjUwODI1MTIwMDAwWjBUMQswCQYDVQQG
+EwJVUzEaMBgGA1UEChMRRnJlc2VuaXVzIEthYmkgQUcxKTAnBgNVBAMTIERhdGEg
+TWFuYWdlbWVudCBJbnRlcm1lZGlhdGUgQ0EyMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEArbKTH7vQfsKnQB02dJdoI/b3GiUofX7UhgXb9qkUp9vHQGzs
+2lAhXCXdgA98HFAjp61vmomDJpyvVIUvZic7bA+nNOCOUtN8MmGNBoGMPH870hed
+MTvSihtXvt2qmw3pyAlOToNmi+M6pUqd2paLm7u+jPbrlhhUlSQ8tCfe04i9eOvZ
+RoP/lcwhFKXLJ4jCLjrlwIkVgDn8pK7own99jLVbMznN+LKOy4Km+jytItdZaluw
+hfo15yEbY8n3FOWPs6LWtkOyIee4hJq2y3QW0/KEvUaWTyHqAD36n98zEQ7rAWf7
+qEPw1w0Jn+kaU+U73sYEP3a5xUaIS/2njEElpQIDAQABo4IBuDCCAbQwHQYDVR0O
+BBYEFHboRKcLNUy90SQMvErb9jFs7HI0MB8GA1UdIwQYMBaAFEXroq/0ksuCMS1R
+i6enIZ3zbcgPMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADB5BggrBgEFBQcBAQRtMGswJAYI
+KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBDBggrBgEFBQcwAoY3
+aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9v
+dENBLmNydDCBgQYDVR0fBHoweDA6oDigNoY0aHR0cDovL2NybDMuZGlnaWNlcnQu
+Y29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNybDA6oDigNoY0aHR0cDovL2Ny
+bDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNybDAwBgNV
+HSAEKTAnMAcGBWeBDAEBMAgGBmeBDAECATAIBgZngQwBAgIwCAYGZ4EMAQIDMA0G
+CSqGSIb3DQEBCwUAA4IBAQBvAR+zrnsFSvz9DFT/do43O702e9KCpjVfT1qn23dO
+EF6CSxgNkLUGMg9PaksLbTMN/wWbD2Fb+86BQEnhpBmrEwdk/3rEblS+4tNF4hQF
+avZYjsvgDvWkMewE2FKtZ3sxyxxtDeFz95uwMknt9rXn80hATAacrRHN1CNjX1Mi
+Vul35nL4OBz5CvA7doByyh46JhJt0AVSSnJUslpHAj5xolclyak3mbvzyX2h1NX+
+hSqC1ZOeX0hpowexLoOzDsfAgj62Ugkz2ZdEt676ybdmMOphyuNprn9+47Hjy3DI
+g5Ypn3fX4loB7vDcAVNOUZuDsusWFZ16tuhe6EzQsxj1
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8DCCA9igAwIBAgIQBxUbVYkBIPVxreWVvtLPxTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMjAxMDA5MDAwMDAwWhcNMzAxMDA4MjM1OTU5WjBHMQswCQYDVQQG
+EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSEwHwYDVQQDExhEaWdpQ2VydCBT
+ZWN1cmUgQXV0aCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq
+dau2gm5M55n/H9eb/eOxO05l0dcESbsMfyEfRPW1KtgOKKqMvbWr9pKrRFjzLl5i
+T1IqQqyMzbBKrc93kKCDuxtBFO2rRM9bbBjAsr1/I+y0Dv8QCr20sG4ZV6aZuPTT
+aCiAMxkgOYB+ACFkG42Uyjb2VTkFMsrkT8V8WQ60rFm3EQPVrJrlRVkDcpF8Gbb9
+MWUmyQ5qecd2CWKv+sEC/I1Eg/2XanHH3byGHMhNDGzI2D0/LMXy6ycVhAxsdNDk
+YdWWuFNAgyJRIJAiXYR/eI5SbEkJ5459OQjZOARHCSOcPFOw7IrfBZNeROvuW3bm
+njcdgtjbEOa9DE6PX2GXAgMBAAGjggG4MIIBtDAdBgNVHQ4EFgQUR+AvqI6aQbxo
+PYjcxUoc3c/WnuswHwYDVR0jBBgwFoAUReuir/SSy4IxLVGLp6chnfNtyA8wDgYD
+VR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNV
+HRMBAf8ECDAGAQH/AgEAMHkGCCsGAQUFBwEBBG0wazAkBggrBgEFBQcwAYYYaHR0
+cDovL29jc3AuZGlnaWNlcnQuY29tMEMGCCsGAQUFBzAChjdodHRwOi8vY2FjZXJ0
+cy5kaWdpY2VydC5jb20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3J0MIGBBgNV
+HR8EejB4MDqgOKA2hjRodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRB
+c3N1cmVkSURSb290Q0EuY3JsMDqgOKA2hjRodHRwOi8vY3JsNC5kaWdpY2VydC5j
+b20vRGlnaUNlcnRBc3N1cmVkSURSb290Q0EuY3JsMDAGA1UdIAQpMCcwBwYFZ4EM
+AQEwCAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQELBQAD
+ggEBAEZgwFuCG7VFpARoxlrf0bnQ4Bfzj4S6F2Zl7NfesuVhwBNAVWM+V7C5nR6d
+DCRT+AP7CEAC0sXsd6ArDjzmZKnvATfWo6jAQmc5AFVBFDtiGkP+g2xIf8nlVcls
+Ljbo0UXPjc4aKocA2bMMXsgL1/Z3885zPHelZdqZeqJGORWCTLMghkIu3A9krPf0
+WOq3v43X2DqOhX/DFtl+Fnm0B+5aJsEb+2ZLxbcDlwMjsZmD5ffee2YLLWDK/v+5
+zX2Lx09UUHOEB0KVoHsHHSsEtAWQ+BsRUWAVo+eqWUWF2SDqIvs1q7eJx43zQdgQ
+HrqVXUBVjeGFhXgh3HGmLvnuBlo=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFGDCCBACgAwIBAgIQCaGtSAX+0pT13k71h9TIOzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAxMDIxMDAwMDAwWhcNMzAxMDIwMjM1OTU5WjBeMQswCQYDVQQG
+EwJVUzEZMBcGA1UEChMQQ2l0eSBvZiBOZXcgWW9yazE0MDIGA1UEAxMrQ2l0eSBv
+ZiBOZXcgWW9yayBPZmZpY2Ugb2YgdGhlIEFjdHVhcnkgLSBHMzCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMIkRfQaSAXhHHBmvPvkGGlZE2mqfHxFir8X
+3OXUhDpbvkt0MM0HMbooCCP0HAVlbyk1+aJAza6llEoWVq8+Gs0ORhCOPxiZJaVo
+u6iAVGs62qJCPJiwQxre6UpKLxEeaqHgiHAWnNzGjjdmNgjT01ExcSYdL6GoRX8Y
+/EH7LeF/IGo03JTmt17XDf/kl3f2uF4OQymV/Q9DO9gV06nsl1ZwwFah4GTIKWLq
+Xx01UXm8SRsDKaRhwdrtQ/plswzH06OEa2ua9NO3j6FuJxfJWziky7ywxQkxCBzv
+Mbyndo/e9Y9GU2KEegOhfZJxHM2qSbkyaGEzFExBkQSimtAdncsCAwEAAaOCAckw
+ggHFMB0GA1UdDgQWBBTF8wvK1FfyKxnMbNPowH4wW6DYMDAfBgNVHSMEGDAWgBTO
+w0q5mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYI
+KwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8CAQAweQYIKwYBBQUH
+AQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQwYI
+KwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFz
+c3VyZWRJRFJvb3RHMi5jcnQwgYEGA1UdHwR6MHgwOqA4oDaGNGh0dHA6Ly9jcmwz
+LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcmwwOqA4oDaG
+NGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RH
+Mi5jcmwwFgYDVR0gBA8wDTALBglghkgBhv1sBAIwKQYDVR0RBCIwIKQeMBwxGjAY
+BgNVBAMTEURpZ2lDZXJ0UEtJLTMtMjQ0MA0GCSqGSIb3DQEBCwUAA4IBAQASJB3l
+Ri1cQVumpXGICFE/pksQU9/86r8XqkeBY5lHinnDAChDhGO1LIaXKMpLrNrT/2oz
+L7PCuXxMsLOxaqNpMbQ4JK/CrceM0IvqLdUwdXP5ZKCHYQi/LDNRIXaE18C6DyfP
+0Z2nRGmt/rJ6RhR9G3ZM2JsLmTe9FNcz/nznXYYVowmH0VGkESGyDzx0EP2Mry29
+jzjiG2cbZh4Hx9RM5P0vVQSrbQ9RX99VBh8EcCUaYfl/maIUlG1fhGE1DM+cOQRZ
+cx8Lm3eZ48L2vZ5F4O+wN44lczmedimJDCfty4N6HZ7rglWXa8Jjx/2MhawY+iLZ
+e/bzWNRdAGBmXdyk
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIExjCCA66gAwIBAgIQeEqqEgu2t8okwy1177jkrjANBgkqhkiG9w0BAQsFADBM
+MSAwHgYDVQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xv
+YmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2lnbjAeFw0yMDEwMjEwMDAwMDBaFw0y
+OTAzMTgwMDAwMDBaMFkxCzAJBgNVBAYTAkdUMSMwIQYDVQQKDBpEU0lHTkVSLCBT
+T0NJRURBRCBBTsOTTklNQTElMCMGA1UEAxMcRFNpZ25lciBHQ0MgUjMgU01JTUUg
+Q0EgMjAyMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALO60kUNezaj
+hduMbSfaGV9WQ6uC+nlcoMWrtpjbFCSmTxuQh0fBLy0HPzn/8Pl3NCibb2MlLwGB
+uUAfBwqdxH3WHG0sSxuiyvE4dMEsH82PaL+hoIrmZkum2q+SqJvD0LzlWNvKAdSo
+iW/7pLmQiFO3XdRWMMiq6z5veZ4aYpL3quudziA7eT3cliEph2GOzAr9CpU5QmjR
+bulNk5ZCE163U6WOn8xwZ9eQOWPmX7Q0ze3i5Alpt/hOWlB1h0p/yG0ETtHBzxON
+zdVSCS+UqjeMjy9HWyNT9EmCrHDnLLoSjU4dkJAZcxlVuwEq+NXzv5HNzYb9xYnH
+/Ii+ILohvgcCAwEAAaOCAZUwggGRMA4GA1UdDwEB/wQEAwIBhjApBgNVHSUEIjAg
+BggrBgEFBQcDAgYIKwYBBQUHAwQGCisGAQQBgjcKAwwwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUzfOlZr8gThaSTlHvLfP5WFRRhZYwHwYDVR0jBBgwFoAU
+j/BLf6guRSSuTVD6Y5qL3uLdG7wwegYIKwYBBQUHAQEEbjBsMC0GCCsGAQUFBzAB
+hiFodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9yb290cjMwOwYIKwYBBQUHMAKG
+L2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L3Jvb3QtcjMuY3J0
+MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5jb20vcm9v
+dC1yMy5jcmwwTAYDVR0gBEUwQzBBBgkrBgEEAaAyASgwNDAyBggrBgEFBQcCARYm
+aHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJKoZIhvcN
+AQELBQADggEBAAxJjp1Q0XY/VlMA266JIaEXw3JSBldeMAD0j2xlfJ6RNuqnKWY8
+u/uaABpEXgVzGAn2dDaASGbDdIjbyw2TLnUkK3grXFD41NTk94dNu2p//gFILsY/
+K5hXqLpkwnDvC6Onq8P8OiuB9N4nS8+0lC5O8Y4IUGNTnV27nXv/Nc2Ma/BBNqL8
+JQ4U3uR9xAW7QnTfXtZCQijhafdxKMsayUT6FrpC7AINT50cZdFsM8CDHBTu1jaO
+1voz/Nl5nlnzLkatpUhp04RSF17LCccaniro0/Fv5kpinHshEDNf/SCHQGGlRALZ
+IcGfNWLpVaWPNN9IJJTv+nWkEBoXENPP+EQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFJjCCBA6gAwIBAgIQCYOYgd2HFpgysxPXmaOTJjANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAxMDIxMDAwMDAwWhcNMzAxMDIwMjM1OTU5WjBsMQswCQYDVQQG
+EwJVUzElMCMGA1UEChMcSG9uZXl3ZWxsIEludGVybmF0aW9uYWwgSW5jLjE2MDQG
+A1UEAxMtSG9uZXl3ZWxsIEludGVybmF0aW9uYWwgQ28tYnJhbmRlZCBRQSBDQSAt
+IEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMtz9F4xNHLu5i7T
+wtF+otpBHhQDP98rQEWTvcrnARqrEeNU1MfMF5k2IMsFvNrOowO1737MlfpP1wp+
+8mq69LkQVhHs7uV3Ulv59kDKH3MsZS87ZMI2as3xcjjiazq9uF+4KkDIeQHQafgK
+fap9nbluzS1E+vtQNINgB2snr+uv5zx8OA48ixpRuZlupp6O2lxN7YN6xC++rrgT
+9vJSh+vkH7RB3t62jsgrklJus4laU14+hG5Je8pHCplKGQ2ln0ieT8x2T2Q81Gpb
+CZC2+/cHfLR2aTo4QOOdoV0j2qUJ5fFKjhuvqGoG1HX2nDUl7IMOi3L5GQDt//Qk
+7hv2RQIDAQABo4IByTCCAcUwHQYDVR0OBBYEFOpc5decUj7A7uByQ5ijpDGKld61
+MB8GA1UdIwQYMBaAFM7DSrmZVfK422C/qX69VrWXNqfWMA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwEgYDVR0TAQH/BAgwBgEB
+/wIBADB5BggrBgEFBQcBAQRtMGswJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp
+Z2ljZXJ0LmNvbTBDBggrBgEFBQcwAoY3aHR0cDovL2NhY2VydHMuZGlnaWNlcnQu
+Y29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdEcyLmNydDCBgQYDVR0fBHoweDA6oDig
+NoY0aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9v
+dEcyLmNybDA6oDigNoY0aHR0cDovL2NybDQuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
+QXNzdXJlZElEUm9vdEcyLmNybDAWBgNVHSAEDzANMAsGCWCGSAGG/WwEAjApBgNV
+HREEIjAgpB4wHDEaMBgGA1UEAxMRRGlnaUNlcnRQS0ktMy0yNDYwDQYJKoZIhvcN
+AQELBQADggEBAFaIBUYcidPNlnkpu6bCFchGlSvIM6NRagHhWuIrfinv9s8bimD1
+iJXG6khG2Nf/fXd+zodwvYUPO8XLV1zAmqdmqIP6YWXdu/vB2M8G5nY1Ga8duhPC
+OnMJwxoVqu4Q5GK9wumrKE6Iw03BCga7ifVGj4H0PivITHduukhj4w6NjowZpqQj
+AoKicMKaywOFtAQ57N2Ea9qQEBirluKNisM+4+KZa14YEe1bOg8x7Dhd/CJE8jvV
+N3SiJE6UUow/0z5g9hU6Gaq2BvUyDPWfDUYIZYGNVtIMiD80C/r8yWryz9r00hwA
+IG1tC4VdawIW31wvx0ft78Sfw6ROn8nEaZc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGqTCCBJGgAwIBAgIUcjSPT7WWfoQJ5rDM7W+imbHM1JEwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMDEwMjExODQ2NTVaFw0z
+MDEwMTkxODQ2NTVaMEkxCzAJBgNVBAYTAkJNMRkwFwYDVQQKDBBRdW9WYWRpcyBM
+aW1pdGVkMR8wHQYDVQQDDBZRdW9WYWRpcyBSQ0ExRzMgVExTIENBMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEArqaHzuglBCy/xJrtRK6eArGv+EfQt4aF
+NTXAdG9huBYc3GJcvZQ79cb/Jj118MecLPNF7acIa4Syehy0h+Zhgaq6ajSrwz+B
+Z87fuGbPNj5L8A/ZHy5N9kf/x3UkUSqM5bn2bbPwyTF2EnhIvSyfY+uJfS53QnS0
+F9qGfk96uINDjGd1cf1JelfrGlc4X7qopY7W3ze+gYqehrO9B4I+15gbknkPnRdF
+SX1759PT847lFjdIIOuzr9Ynsf1zgYAKt2GjbumIFUVK1J/CMS2LTNhyRq+nRmPn
+k8Sf3qq9Isv+q8Cjua/fR4MHdYDQ4ilIxEMRXnCTKTeqKbzpuqelBgmbJRiafxYF
+slLqpQUzoAXGdDnNMMQ2mFhEkgsrc4Xb/+hr7Nbo4KbtL5f2RVRGb9YziFtlq4op
+FIERSgN1Y6UQSoZT8PDryYreW6+Q/3wlGNf7xCGBrUHVvTZCLMxi7jfASanyeFIz
+V7+nwpRzwA/Qjbz82DrwGgYNHuuQswAv1XUbYnZQ7uTvAkwFF/R4Avs0AmDpERZ6
+XYGoKv904jiPIl1EfanYjcBnpD8KaUgZTunOqTUs0r9ifMDsCrGzvy8F8oD+R9qF
+FzdKKnEm5XwRwY5h4+dEDmYr3Ejcc9FC8iruv2+gF+WMDn9ouzUYhOp5n3zDD0KF
+Bnnjg2I+X30CAwEAAaOCAYgwggGEMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j
+BBgwFoAUo5fW816iEOGrRZ88F2Q87gFwnMwwdAYIKwYBBQUHAQEEaDBmMDgGCCsG
+AQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMWcz
+LmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t
+MEwGA1UdIARFMEMwQQYGZ4EMAQICMDcwNQYIKwYBBQUHAgEWKWh0dHBzOi8vd3d3
+LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUF
+BwMCBggrBgEFBQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnF1b3Zh
+ZGlzZ2xvYmFsLmNvbS9xdnJjYTFnMy5jcmwwHQYDVR0OBBYEFBZGoedojh0lKEtQ
+0IhHOeMuPzGbMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEAaXHL
+eIZgQ0bF+Su+i5T/Gts2L+DsmmJHQwwvgbBtUJYD04vAJIGI1ht+IZFOmsAmkSFF
+LaUiACDBNJxZf9fTy1XZirmeVLpR2DAFhm2hPs6Bi9zUxMtdBjgtiBiJ65+G52L1
+C2IjuiCPM9y2debuqf1bF1a5Sh3poCmNbPn3iXVLu6ltOjY3C0aWPc4X6QCyuc8A
+VYUdi09q3IDgIU88yxFaQBpNMl4JDacLRBy9FIW0AkAThVHJ9+prjwJh1dWd225R
+aJnHTLwyNx9AmDTXbPAFLTPvr8kCapbPORJ9N7h4LAposmOr8e3euEo+aWtw0XP3
+gtdg2yp2RiUlnITMnrT7de02/+V/3nfCaCrSYgaTG9q5JME5JSTvtJHAp+Ofn2di
+FSmpBrlcAeZgKouXkPTG3dpgoD7GudYN/8pGBZTbJoBPzW93alA5G4+h7bMQR2As
+R5RlYhOiHlJX794HP5C2z/c+wYcWG+Kdw0ZnGeoJXaohB5GrLV8AeAPR2qsDYRyi
+NAoe14H11TC1GkYvYlogUDEGGCzds4TA3KznHg+zxd4etLgtgWfnuebuyKncM7IH
+XA/jf4F1WByOaejOpxWHZSv/2XlMYdCv+Zoi+xVNYZu1zq1+eD1MbwFTubY1x/Z6
+k35ejgf52jXMQJT/iJlH2mcpA9Nqn+ShBoEwQrQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGqTCCBJGgAwIBAgIUGNrgUaiXcV6wiZ3c+zOxzwgQ7sAwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0yMDEwMjExODU1NTJaFw0z
+MDEwMTkxODU1NTJaMEkxCzAJBgNVBAYTAkJNMRkwFwYDVQQKDBBRdW9WYWRpcyBM
+aW1pdGVkMR8wHQYDVQQDDBZRdW9WYWRpcyBSQ0EzRzMgVExTIENBMIICIjANBgkq
+hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA641uLRjmybfeGYjvT19lXOUsJVgkCXPf
+oqREVTD/4TEEyRzbrVfqkkqUcvPG7Y1lO5PjgBmzeN9V8ONUz0XrPde50XRQHjYh
+j6gLqsL7DtJ0o/rrAjkQN/P2nReeDISyM0Y9/JLFIVzfV3I9QRuPU7wf2uXcQEB8
+9uvQGkpTr+r3mzZQCB4C1QNAutPn/MRdK3QOdRDJEUKplUh9PaQ6dft/WLceZMDC
+Pfp3+OC8NOoF0qZqSmSaP30Bjp1H4I98v1V6Dbtu3e1/INYDgcjgxX3gVmTx9K5R
+k//+gXlYCW6cG2reE+u/rdpaTHCQI1/ldmPNSeAmeW4SlYJqjfh4Kj2mkxCqoVG+
+AvAMjECMfj5awF/s3jnIBVZREeeRQ+E8xkHcem35rIo+1OAuL1ZnVQyOQ8TPTNuK
+sWOtEbYaE/ZHZ8KNQizBIDqb+qv8QCLqvgOFY31DO0rEVaJYq8P93WHdLDtds0kn
+4SJgDF6OsUDb1VwvjjpYW9lT2cqe1bxEL7Qtxg8fqhmSGNyRBYRREShb36zS/7Ic
+0ABM/B6AaOx05psvo6m2GliHci3EitfMLQkN0085lb6cV5YHULgvGbN5PHotlZEK
+y5H6BDFnVP80LV7mUhKF/sdiS9qY7FxsAHZ7IE9HHIyskQ8UsnakZTobfGcOyklQ
+TK0iPbmSEZ0CAwEAAaOCAYgwggGEMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j
+BBgwFoAUxhfQvKjqAkPyGwaZXSuQILnXnOQwdAYIKwYBBQUHAQEEaDBmMDgGCCsG
+AQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhM2cz
+LmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t
+MEwGA1UdIARFMEMwQQYGZ4EMAQICMDcwNQYIKwYBBQUHAgEWKWh0dHBzOi8vd3d3
+LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsGAQUF
+BwMCBggrBgEFBQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnF1b3Zh
+ZGlzZ2xvYmFsLmNvbS9xdnJjYTNnMy5jcmwwHQYDVR0OBBYEFLcBPfNeG5atYTkT
++Kov9dawk8YrMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAgEATpkO
+0mP56xBQXwc42YKpJZblRuaCcYnw6SxD/SfviILrdD4mKsgD82oAamWCP7+bZBtU
+sicyb2B3Vb/F30yOjt/4ReECqKKEg2FUlH+nPSoq42BHyRlDne8S1lFQwRfIcwXG
+rMaqzi/cLDccKzAfY3sq0Si6fVRIYrfeR8WjGsgYn2xYSrO9RmmMRVvH+Ys03Fhv
+F6RFkS7mHWJzJcJT5GPvJhYvTKr4J6BCLO8Nao/RXyPjyWJ1cUErKmOFS9Em8HFB
+8aBJF2tBmxLPZHrBspvv5hVRJmEaKJVNoprg7jO1Grnxxm7kvC0FEyvgOjqeyWQc
+4Mcd8/97/hYyUZ1Y79UEN+89y997x2WNyOlcS3FQ85sVhHjHMYNKXXuRUZw0KCNa
+3txAN71/UkQVU4E8s1LhdG1s17raIx4/d4WQi837BSlfLVYg8/RKo6Mq0L3EMqGa
+ZKGLwO8+sR2RT15NhgFy7VldRhyKVSIjowjFInHXa58Di1uSVTJNYfFBRNbTq2Lk
+dHWlIIdPoZb9GLE+ESoKdnrf7w50P2zjWXTkpKSznUBMlMtykitUKadrU5fl5v+I
+0cLVHmZgoQA7GbQNSYXEOvQDcUNltLMfMwJ7Neq2LaPWgDvHT7A8Ks20SHPZK9TE
+g87xdX6vthFdS/GSJ3yZytSwOz9bpnSa6Rx1rQ4=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGojCCBIqgAwIBAgIUKwfBZBU5bVPNBfelQsykhn4Fxo0wDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
+BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMzAeFw0yMDEwMjExOTA4NTFaFw0zMDEw
+MTkxOTA4NTFaMEkxCzAJBgNVBAYTAkJNMRkwFwYDVQQKDBBRdW9WYWRpcyBMaW1p
+dGVkMR8wHQYDVQQDDBZRdW9WYWRpcyBSQ0EzRzEgVExTIENBMIICIjANBgkqhkiG
+9w0BAQEFAAOCAg8AMIICCgKCAgEAy2wAgqwk913++pLm1lpzIc4+42rvY8w1J1FI
+HcpwHHGQKoV34nN2NfrvtO7KI8v6EXy2AU2kCqKcfhFk0qm75IPlS6ImxIuq64Kt
+vmd3i6wNpe8Xty+RpmyFf1+ZJSGG4WJCJ+cwxKpTD60yPGsLs1THrub/7j2jf5fA
+D+gHQ0llvpXrt0bLaqPgg0jMW1BnGKE4qu2K//k4eZcF+hgYwiyGYv3qoSvDOCUg
+D/cxy0XMXLKTgQNc/Z6MnZxdHAt4Zxrm74b+JSe7EccBK3tk5x3qt4HAEYU449aZ
+9HVnRvWPvpowDlwGr+gkLnYnG8egQJxa2TtYsZtRWiqeEYNr8+I0656ieBhwmlci
+EA8gq09kFL/7QJ7FjuqX++dRCyrDB37WFov5z+pQhGYDxMembufPsdgNTzhysTmm
+RreFzwj6xnWzLFJxuFbUxt0Rr1XSxDKjMlbLwf4aB+msHe3lGbg/TIKsiAvmZz1O
+EQ9pVMRG9KBlPpE6xdZ0B+eSkZ3RJeivPQu8y9Dz+gxoBtTi3c5qwUHKUOZ1JCBQ
+ODnYrmb1/lVTyTZis63gfp/ZEw6gonYkixd5vj7m8Sfm0YAq7tuCNJ4afeU2rILj
+vs6oM85JiB/qlLNP6MRDtXxb7NVKjQ+MG0/elbtZDcRj7i3HyqYe17Oya00hT/QN
+bwqbvGUCAwEAAaOCAYQwggGAMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgw
+FoAU8sAT4IJDPvvuL2cyljVc27jLAtAwcgYIKwYBBQUHAQEEZjBkMDYGCCsGAQUF
+BzAChipodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMy5jcnQw
+KgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNvbTBMBgNV
+HSAERTBDMEEGBmeBDAECAjA3MDUGCCsGAQUFBwIBFilodHRwczovL3d3dy5xdW92
+YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAdBgNVHSUEFjAUBggrBgEFBQcDAgYI
+KwYBBQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5xdW92YWRpc2ds
+b2JhbC5jb20vcXZyY2EzLmNybDAdBgNVHQ4EFgQUL1iluJzmUsPetc81IV/ypLxR
+rGYwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQDBNFD84g7RQDL1
+aVS8KWP5tOxstEj8OlyBE6FszXPb0VRVzAnJv6Xme9+07mDGJfxH0cI3R3qIZs9F
+sw1p2bscUHGRia1XEoitiD8/xsMuOlQt0C+tqdIzRdmXoOvP+JmKIanrbsQ0qF3a
+xV4dknRKGbqxFMFaGCgS07Pc3LvwxvsXqHUzZtTcwoKNov1HfVOF6Cix2XIAF8Hr
+e249ETqIVspQINKBdWpNfqoOk5ipMKI7Re/VhoQ87pqzJ8jUB9HqNzRIOGLoYv/w
+WbKcnfBL6WkDntrUM7d/6MWSc1boU12hRpjdHX4m6JO828etb91KKhdwR2aDhqF7
+riAEkgOhRZt28sozIevhsyAXP9zBysvTd5n3kD5j61oGsWSEmoZU/ULOWUxptcrJ
+tydvPOUqOPo2gttknH443Js4Vzv3mLetz8rZ12fe6sDIxaSTjOQvyC1hb1TBeaWC
+FXJMxgJDKh7EcG0me8gAJk7X2vZJWlForswLCPD79PZCxv0J/wtU/WY3KDefoHaZ
+pCO1JPMUnMN5IQbXO8SIedmzmzmRInYV+gjTbjZ5tNHPeXDgXzsYd2TV6zvAHt5N
+t3SIJl02jEiyhybZL4yKg3srsVmmA464gvw7HAqJ097gL5u9dMZzkAbqO8v5V5P7
+rDexaByRZVSNAjuhJIzl+0hko2c5sg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFJDCCBAygAwIBAgIQDAA71vU6dIlkedcx3GPLfzANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAxMDI4MDAwMDAwWhcNMzAxMDI3MjM1OTU5WjBqMQswCQYDVQQG
+EwJBVTElMCMGA1UEChMcQXR0b3JuZXkgR2VuZXJhbHMgRGVwYXJ0bWVudDE0MDIG
+A1UEAxMrQXR0b3JuZXkgR2VuZXJhbHMgRGVwYXJ0bWVudCBQdWJsaWMgQ0EgLSBH
+MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM2gNvTU3ZTjivKD+39A
+lt2uY8te3VGQcVcGtW5UaYgsjUJLujAwo0OwY7l6TyvLY6+TzVaQjCbsu/0VC9DR
+CwddcdbWTiceQMPGo4W2C0i4fSO1jEHyXiXAyUyZTXodXjdGs/1NKh8Pr5iXfZQH
+cIFclqaTW4Qc+kefRzWzshPSPZpI8MYTElJ6RxSxjd5gXtrA6ep2Bcgd8Rt4JMvt
+QxRDkA1ySh1XMMxVUbQUtvOswRvFilSZx2ighpZAIdeXCNKA51PznljbF6enejrX
+MZgIKIqPRIo3cf8OWEesBy1lpl1C4rJjOzxYg9tU1Q28PvvOLOLZaoOS4mDsXej6
+hWsCAwEAAaOCAckwggHFMB0GA1UdDgQWBBS4IPuG8TpFOFrMdwMOcdFnFuHxOTAf
+BgNVHSMEGDAWgBTOw0q5mVXyuNtgv6l+vVa1lzan1jAOBgNVHQ8BAf8EBAMCAYYw
+HQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMBIGA1UdEwEB/wQIMAYBAf8C
+AQAweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp
+Y2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv
+bS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcnQwgYEGA1UdHwR6MHgwOqA4oDaG
+NGh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RH
+Mi5jcmwwOqA4oDaGNGh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFz
+c3VyZWRJRFJvb3RHMi5jcmwwFgYDVR0gBA8wDTALBglghkgBhv1sBAIwKQYDVR0R
+BCIwIKQeMBwxGjAYBgNVBAMTEURpZ2lDZXJ0UEtJLTMtMjQ1MA0GCSqGSIb3DQEB
+CwUAA4IBAQDZ2qka/ZM7u3dWoKLzCe3vqUxM+rtNlRdgNjHIDASikJi3n7km/hrE
+I84PoPs6KqSrSvt/wJW/QnwyuPZ3tFG7ey9K4YNy5jmdv/+Vul7+mQdQC/YzV8vL
+MltqgidElh6RkYBB866gzgbU5cAiVJ5UTr9VQcaFkPALHtpT/3SsIJW+kLNaTQq2
+P8TVZGICiq+NdpL4Ha6S7DUaVS5z7lgE6lSdY4rUKF+Y2Q4Hu7xJFHAiiqro9m5r
+AigvLtqsRrr54kugRpgKVzFL2fq+BMYNyLU8GzU2CDUltc0ZL5MJt7GjhW+/ncdt
+64nZtdtnK4GUceWKpeyNn67aA+532yrV
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGmzCCBIOgAwIBAgIPAXW7sd1S8GyCqFhfsY0kMA0GCSqGSIb3DQEBCwUAMEQx
+CzAJBgNVBAYTAkZJMRowGAYDVQQKDBFUZWxpYSBGaW5sYW5kIE95ajEZMBcGA1UE
+AwwQVGVsaWEgUm9vdCBDQSB2MjAeFw0yMDExMTIwODU4MTZaFw00MzExMjUwODU4
+MTZaMEYxCzAJBgNVBAYTAlNFMRkwFwYDVQQKDBBUZWxpYSBDb21wYW55IEFCMRww
+GgYDVQQDDBNUZWxpYSBDbGFzcyAzIENBIHYxMIICIjANBgkqhkiG9w0BAQEFAAOC
+Ag8AMIICCgKCAgEAyf0I1AekLycOW8jJRyZ4zN3B8a2+E6DoYRF+9rIZ1ptMzlCI
+QbdOAyiwAfsyRtVotv7U8IP5Jto5PbrN2wUifR9vL7YbGDCkaoeqLcj0EjkAD/Vy
++y7/UAt2el5hHgRGAPdJbzDL9nEuXxwZYyr9b4v1+TvxUWxx9FNWhrvivcx3wK+W
+iWkFyaxp8MvaTUtytWwLBhZyZJYVoGyVlQy3SrLqqhDrqpPy/Z7jUYWtmeQ5VCUm
+Iey+EzsYlotombG6+VTQ524A8wNbDlWhTZH0UxlSO4dEppaAG1a+8Yvi4TidHZIK
+eMG3VPwY+Z7Mo2nLhbuVIDY0oP+du0IQEDO9t7YcqPpLGz2gAxREIx1iiAWxsoJg
+j36F9+7TrOBbO9PNIPOjwdGuYry6hLIBgp5i7ZHWDvdk1d3GOG8AP4VnxeQkUfnN
+Evyhct98m5B3SzYMneyKEbngWhxmn/E07p6Ly1Yvek7HuylFeAd0x5zbHt3zdujE
+1Bux3shB4jul+U/rc9rmr3doHwJP10Eod4uGi3lJA42BB9T3ZS/HFC/sMzeknK0W
+a+RjvHHz318JYDbS10l4OWPA5XA6MGTusqiexWochXS6Q7ZMXiQDcnrbfGpjIs3H
+ev2CiNRA7Nh3Zk9EhhQBt2zacbPFoM6q69ufN205n0GqB5Jm/dqzK7Gs7rsCAwEA
+AaOCAYYwggGCMB8GA1UdIwQYMBaAFHKs5DN5qkWH9v2sHZ7Wxy+G2CQ5MB0GA1Ud
+DgQWBBQZvmGKXzS//5GHt1/e1SVjCQtQxDAOBgNVHQ8BAf8EBAMCAQYwRAYDVR0g
+BD0wOzA5BgwrBgEEAYIPAgMBAQ0wKTAnBggrBgEFBQcCARYbaHR0cHM6Ly9jcHMu
+dHJ1c3QudGVsaWEuY29tMBIGA1UdEwEB/wQIMAYBAf8CAQAwQQYDVR0fBDowODA2
+oDSgMoYwaHR0cDovL2h0dHBjcmwudHJ1c3QudGVsaWEuY29tL3RlbGlhcm9vdGNh
+djIuY3JsMCAGA1UdJQQZMBcGCSqGSIb3LwEBBQYKKwYBBAGCNwoDDDBxBggrBgEF
+BQcBAQRlMGMwJwYIKwYBBQUHMAGGG2h0dHA6Ly9vY3NwLnRydXN0LnRlbGlhLmNv
+bTA4BggrBgEFBQcwAoYsaHR0cDovL2Nwcy50cnVzdC50ZWxpYS5jb20vdGVsaWFy
+b290Y2F2Mi5jZXIwDQYJKoZIhvcNAQELBQADggIBACWIwFPJnFT9AGswgmSDLNKX
+1Ie9wXRNo35hImR5fvp1is8SG8Hsu/btBEyjMQCugHcAqofdK1DbQWrWXPOf+q6H
+loqrnOCc+F/O9XBtnNkplDf8t8F/i4l1AGoKZKzP9fxVXljlFPUJ/fLA33uvpd+W
+QmBaxbcojYlTs4VrhcJ4hpWAT0F8BRNBYJs3l/OVrDikAAVzJdco7ftWnDoGdRnQ
+66XahbcrBfapFXVxy90Yoie/SAZTZentDc4AzAEfZqnpAsDZI2pIW4NBZskwbVaA
+2eiKWdWcSdPtvWUp0zmD6rkHHOX2B+rg6OZIeCjES7PfgobMwJCPO7/thNYL3Ue6
+KX8M0qd3DJ70sGv0zGyKqxgwa06R4Ju3asWzc1cqqBH2DmAWQ0hMy8g98wMqwN73
+8V2uiedLfK+mkBuZLfAxscWcAvuxBc4pq15iZ+eD/JuZQRBk6xgr38m8UJMaX2of
+d3HN0o2TfWhkyJ1RCxDHI7fG41G/t1X1jwJMaaYxNS6GWAdVOIzqOsb9JVu6G5y4
++WMGeHbmtQO0fU0xVgfsbPxazbW5aluKl8u3l+L7fxZdU6ySSaDTExGvJ62nCfo1
+V8EyuOVZfkIkDuR5SFlWOS3KogL4lxa3BnPn3H/HY5EZPA6Z/xX4seZs8QbRbBND
+UW0lNG6KcgIy+WUBWM4f
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGYjCCBEqgAwIBAgIRAIY4Cy0+ZbmAEDBIHg50Ni4wDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIw
+MTExNzAwMDAwMFoXDTM1MTExNjIzNTk1OVowbTELMAkGA1UEBhMCRVMxHDAaBgNV
+BAoTE1NlY3RpZ28gKEV1cm9wZSkgU0wxQDA+BgNVBAMTN1NlY3RpZ28gUXVhbGlm
+aWVkIFdlYnNpdGUgQXV0aGVudGljYXRpb24gQ0EgTmF0dXJhbCBSMzUwggGiMA0G
+CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCS4LLVDvbssJS2PweSixvfCBGazQ7T
+znTNK92y/ugYCMD5rfZVeBbaAg8p3arP5nGGN2iIJVdNoKpWcqSWKu4qV8DM8t6T
+/tFT/9MbbZj6uG+pNqtwv5WGiOnozxRZfaR0T+9OBs6S8iSrllbPWprnBcypp2eH
+K4qWlXMv+qqDNEJm+mlSEkMihzcI/iGvvGh8p6sBpGADS61/fvQUzBM3IVTlX4ES
+j4DZpzX+1p/tyPmefCn639KidHzILG0lGW1KYkCXifbHZYQR3uBTF3sd6sfyv7Tf
+widIj8m436eBpjGYMjlCQ2n25Ycf2g975wD1t/h3ZlWpXanchPxIRqE6npza2mXF
+uaOAqqf2HQsJ1wDN4wV5MU5SWS009bU1y91tZ6yF9MX038eLxoqm2UGzWzx0A5nC
+q4ZLGd0ngtYOD13MEgPeigtxKBj3g8HEqsUHPIfO2ARBw1rvAQVeLv5VQKckk58u
+cAaLzGOd5qm2dkqVhXgvQcldThcnXeloebcCAwEAAaOCAV8wggFbMB8GA1UdIwQY
+MBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBTl1tBBwkfAxHKBpT4t
+GVjpWyUpODAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwEQYDVR0gBAowCDAGBgRVHSAAMFAG
+A1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1
+c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMw
+OgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS
+U0FBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5j
+b20wDQYJKoZIhvcNAQEMBQADggIBADPLTHB1IB0tREzMLGQGvNWYeFUjVkHv+X6H
+uGkFj2RZCAdb47dDs9BOxkKExJuIdSdbynz7WHngZxWS6M7JfvRgUY/gIGN1LaQe
+R/yrcASXaQfVnB93oOB0QMpghrQ7FS6ZruY8QrMp7hmb6HHK7b/AD3kgccoT8Noe
+n8RUvydRManKJlvPkGI4TnnCZ7UvozUqux/IZ7NvQ6G6vHIvOSssJZhZ/MnFnuyk
+uSGYgp4CWvd97f0uTX6e1FNROGRLPtpx34O+BGc2lvR2ivqBO6xx2nBt9qSJLk5k
+lUJ6c+YbO1bAxIK57ciUrSOXArsy/54AET0B7e0r/hAL+e8E9gdiZhMGdmEPIi3V
+jn0RU4QfpOZv4TKEDuh8ToXofXFk6zm1TWuiDUSwId6g7oS2srPHOKZOvi3d091g
+117yup4PqsCf+uiPxODAeZNxsdBB2kOoc3r7qTrsoFcxzGP/i1XzDVbwWlrUiNTi
+XD1TWKzZGfcswT4dStLM3Pw59gp+EpYrV3oB0H1GqM//MFOyxHFityo1ehvaNB4l
+HYGe8D0mgfzNTdky2lQ4EENvbhYBpsWzze79R7QvJwaZ+W1S/LLxlkEnsUp0zuzT
+2XocVIMDHJ8AIfjdGp9dfaR8QKFR+qbhrSW5SasYkfxjjgVlX96c0ekGNRUewsKF
+KEzk16QT
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDdDCCAvugAwIBAgIQaGbVc3fydlfagmignj+utTAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjAxMTE3
+MDAwMDAwWhcNMzUxMTE2MjM1OTU5WjBtMQswCQYDVQQGEwJFUzEcMBoGA1UEChMT
+U2VjdGlnbyAoRXVyb3BlKSBTTDFAMD4GA1UEAxM3U2VjdGlnbyBRdWFsaWZpZWQg
+V2Vic2l0ZSBBdXRoZW50aWNhdGlvbiBDQSBOYXR1cmFsIEUzNTBZMBMGByqGSM49
+AgEGCCqGSM49AwEHA0IABCQzEZK6e64f9fcv4Vm51++8RKtzZt9TApgcW+zVNLBM
+5N3YBvmjb41s708BiVNb+5RVj0SOOFAAZ1+HSpcW6NGjggFfMIIBWzAfBgNVHSME
+GDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUVy25bdRf++aTI2b1
+N+s/HmAHHaAwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBEGA1UdIAQKMAgwBgYEVR0gADBQ
+BgNVHR8ESTBHMEWgQ6BBhj9odHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRy
+dXN0RUNDQ2VydGlmaWNhdGlvbkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBj
+MDoGCCsGAQUFBzAChi5odHRwOi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0
+RUNDQUFBQ0EuY3J0MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3Qu
+Y29tMAoGCCqGSM49BAMDA2cAMGQCMEQ4GfdC+xyjCQVSCDuZ3cgsYEEpyBZsNjmd
+LtpvNhSISieNy1dLkaaE1UoVPIEjbgIwbuRK+OThKs5/A13n7j9/Ra5KmQn+92zV
+Z3oxcX0ytAjOMiZxEAFMvfMaRVGum/G8
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGJzCCBQ+gAwIBAgIOSUEs5ABwTS+LFt3dRBUwDQYJKoZIhvcNAQELBQAwgacx
+CzAJBgNVBAYTAkhVMREwDwYDVQQHDAhCdWRhcGVzdDEVMBMGA1UECgwMTmV0TG9j
+ayBLZnQuMTcwNQYDVQQLDC5UYW7DunPDrXR2w6FueWtpYWTDs2sgKENlcnRpZmlj
+YXRpb24gU2VydmljZXMpMTUwMwYDVQQDDCxOZXRMb2NrIEFyYW55IChDbGFzcyBH
+b2xkKSBGxZF0YW7DunPDrXR2w6FueTAeFw0yMDExMjMxMDAyNDNaFw0yODA3MjQx
+MDAyNDNaME8xCzAJBgNVBAYTAkhVMRUwEwYDVQQKDAxORVRMT0NLIEtmdC4xKTAn
+BgNVBAMMIE5FVExPQ0sgVHJ1c3QgUXVhbGlmaWVkIFJRU0NEIENBMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+WBDX982j1vay9xPYwP58B7C+tXQDub
+iyvSFOzaWNbmWazLO1Wum9gs2D/nrpqOa6sHaS372ln2YfU9fwrti6EvCCSwxI0L
+IIafWcaFYTYaq0MwmfKUbEh6XDSehYAsXTSWZw3VRhoafGsyDs4Um3crRuhovh24
+l9uOWH6jei0f3T6aPFDpX0KG6jmHimA2Nu5u/byMlcYRWtQAdALX5WRayG0916vJ
+4mYQwrZJi9EyFJYSxqvp3VshlyvbhoVUwwvhJB4w9bBEJBxeVcJcK+p2wiL/ot6c
+BXdDSfJLacQ2H6fw2mcuE097vEzvACkeConxu18bqoZ+zcoUDtG76QIDAYilo4IC
+pjCCAqIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgw
+FoAUzPpnk/C2uNClwB7zU/2MU9+D15YwHQYDVR0OBBYEFFZ9hZmKpeLNXf9qxRE6
+wEPX7ChJMIIBPgYIKwYBBQUHAQEEggEwMIIBLDAsBggrBgEFBQcwAYYgaHR0cDov
+L29jc3AxLm5ldGxvY2suaHUvZ29sZC5jZ2kwLAYIKwYBBQUHMAGGIGh0dHA6Ly9v
+Y3NwMi5uZXRsb2NrLmh1L2dvbGQuY2dpMCwGCCsGAQUFBzABhiBodHRwOi8vb2Nz
+cDMubmV0bG9jay5odS9nb2xkLmNnaTA0BggrBgEFBQcwAoYoaHR0cDovL2FpYTEu
+bmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEFBQcwAoYoaHR0cDov
+L2FpYTIubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDA0BggrBgEFBQcwAoYo
+aHR0cDovL2FpYTMubmV0bG9jay5odS9pbmRleC5jZ2k/Y2E9Z29sZDCBngYDVR0f
+BIGWMIGTMC+gLaArhilodHRwOi8vY3JsMS5uZXRsb2NrLmh1L2luZGV4LmNnaT9j
+cmw9Z29sZDAvoC2gK4YpaHR0cDovL2NybDIubmV0bG9jay5odS9pbmRleC5jZ2k/
+Y3JsPWdvbGQwL6AtoCuGKWh0dHA6Ly9jcmwzLm5ldGxvY2suaHUvaW5kZXguY2dp
+P2NybD1nb2xkMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpodHRw
+Oi8vd3d3Lm5ldGxvY2suaHUvZG9jczAfBgNVHSUEGDAWBgorBgEEAYI3CgMMBggr
+BgEFBQcDBDANBgkqhkiG9w0BAQsFAAOCAQEAWW2WgPAfEdMI72E2DHWT0uQ0uQnS
+jZtC+UfB4HuBsk8lkw10O1/PazW4ii+aWVKqxDgHOTdL9x8ZDem2yLGfY0Ctm5LX
+Upwi/h21xSXIC8thiLr307mJLcTeEMucJmDj7xyEv44XHh+uA/UlfP8fOzgyl4ma
+OUxzZRGrwm9nMhOa2Lq4xuPs5kVtlDmTtlfglkxvjlN4yKruIL41qltpBLUGrGxO
+WjckHTvOo7Zq0hYPjUd7a+Go3maEwzm+pIIg2S0Rleupph/+Qkct/9CqCnzmgO9Y
+Gm3L/eLzyfbnNERCmn7p7SxhN9mBckWKFatUdOUm7TYGOIRy7d/g89R0Tw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEsDCCA5igAwIBAgIQBxnDcO2NwmMwV7G9KPsgGTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgQ0EwHhcNMjAxMjA4MDAwMDAwWhcNMzAxMjA3MjM1OTU5WjBeMQswCQYDVQQG
+EwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xNjA0BgNVBAMTLURpZ2lDZXJ0
+IEFzc3VyZWQgSUQgU01JTUUgUlNBIFNIQTI1NiAyMDIwIENBMTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAOat+TJAurhrR2jdr1POY6GzD2LPaPPUjk4b
+niByo7bxz0+a+rXCeXLR9hBevGE2I3SmeOkTvESS0tZvMuGWEHilu0XwcIgvayHg
+FurkqnZlhO8ZK0DAOoR4Wu8GRjZGLSHYInQANdCX3ObhjGmaEHCNtEfjR8ga+osD
+16hjN3L2bIaD7BiOV26bCvQy15Mugim9w34VzNTXS2Sn/k5QgAopQoBDThnE6pPf
+v6TY1oKxe4+lXcvmaohqBRAcA5qLFJbdU9ITY99fXhGNmWrNxELbLKl2+f6XPdJE
+LAL29xvsxHHbp0fMCBWIPkbjuIx3z5NSanwS7iEBXQjAgUch4AECAwEAAaOCAWEw
+ggFdMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFPjdkvPLSs9OLvHo5bwh
+rrpkeIH7MB8GA1UdIwQYMBaAFEXroq/0ksuCMS1Ri6enIZ3zbcgPMA4GA1UdDwEB
+/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDBAYIKwYBBQUHAwIweQYIKwYBBQUH
+AQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQwYI
+KwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFz
+c3VyZWRJRFJvb3RDQS5jcnQwRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL2NybDMu
+ZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENBLmNybDAWBgNVHSAE
+DzANMAsGCWCGSAGG/WwEAjANBgkqhkiG9w0BAQsFAAOCAQEABSOaZn3fxha7aPt9
+7pH1v354C9h7GW6gmFsyxwf8/2j5azwU8yQgjaYDcEuEBpqflmAekyO8S+orpKoH
+yUhAERJ7o1SU0P5DRsovdxVhT/880f5MrRDL0DEGSCG2GdDxin21rs4LQIOMA1M9
++dXimBrR7WzJpjpCutjwf7KPbvRDeLeJmjFxhZZ3tvr00tYeiyKe0c+ivIiqtWrf
+wFbvUYpDdU0KSSROwgOV5QKpfco8Df6zgBELbWN0cPaLDxL5U4fjz2MuJ/8m/1WB
+14rW2x4mKmaBEkjj9xPlXzyHKLr/rV4KWkkJHoQKvh1AT+nr3M8MK0CCNcKd/ajW
+9IO35A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE8DCCA9igAwIBAgIQIrmxhYemmUO17DaPTK9o9zANBgkqhkiG9w0BAQsFADBd
+MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
+TFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4X
+DTIwMTIxNTA4NDYyMloXDTI5MDUyOTA1MDAzOVowWjELMAkGA1UEBhMCSlAxJTAj
+BgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xJDAiBgNVBAMTG05J
+SSBPcGVuIERvbWFpbiBDQSAtIEc3IFJTQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAOHaJ3DQzdvvkszIkKU0AeCvy8Zl53Q3zUYTXgzxMLH1G4PITOkt
+tDEtBEoj9zpFEBR+IPArMCQbJtDmfqTi5fbxgaoIp3tnbA3fATXkHKrrBJ/xfvF5
+QvmoD8KwFn8O4YWqs1YHAJnErOkiG2NUKQ3eCC5/mX3FRjssLDwwm0K3zTITeFxa
+PUqvp3n/aFI4y3wsE6ZlTIhZGi4wlff79w9j+GxyiLGKcCe8N2ApDNuGC5Bme4NN
+VeQaA+P0z3U6lfuHTk5hAZ+P3YO3wmMyr+4qafzmgA9z9AJk4FaVKwPA5jAwRSAl
++1IRoxgBC2PINe/RbSo1p4mcLmeFbzg5v4ECAwEAAaOCAa0wggGpMB0GA1UdDgQW
+BBSwLuVR7fxKz6OH8ROQdi2djpSh4zAfBgNVHSMEGDAWgBQKhal3ZQWYfECB+A+X
+LDjxCuw8zzASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBBjAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0fBEIwQDA+oDygOoY4aHR0
+cDovL3JlcG9zaXRvcnkuc2Vjb210cnVzdC5uZXQvU0MtUm9vdDIvU0NSb290MkNS
+TC5jcmwwUQYDVR0gBEowSDBGBgoqgwiMmxtkhwUEMDgwNgYIKwYBBQUHAgEWKmh0
+dHA6Ly9yZXBvc2l0b3J5LnNlY29tdHJ1c3QubmV0L1NDLVJvb3QyLzCBhQYIKwYB
+BQUHAQEEeTB3MDAGCCsGAQUFBzABhiRodHRwOi8vc2Nyb290Y2EyLm9jc3Auc2Vj
+b210cnVzdC5uZXQwQwYIKwYBBQUHMAKGN2h0dHA6Ly9yZXBvc2l0b3J5LnNlY29t
+dHJ1c3QubmV0L1NDLVJvb3QyL1NDUm9vdDJjYS5jZXIwDQYJKoZIhvcNAQELBQAD
+ggEBADt1vNOq90svOLWKA8nfTq/sIAoaStQD6GgQJmlb/nep45X+/HMk2y381g8r
+sWEXozVZmAJcIcwBjInCJLeqsZxQ2s5LLFLIrIch0OLNZD0aZbH+NwHd7B7NTp75
+YT1cp1t7wHXdHdOUFlIzZF4+Ei3K2IXWe0JaotITWKlxicb8oR2zwYYf6QD1SCk0
+3CAbmsh4O529JOfB2GM0T7o6w1oa7kGy4/MCJszfiRb8D4ZJlYDt9Zy20n9Zec4F
+7pksJIrHt+V3GFFnco6++2BYKsgZdCkSE8T72HQBEohIzV1Bt8N8QbnBncDIpvqb
++mQ7E4SSevEUAvASheCe1pd/S4c=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEmzCCA4OgAwIBAgIQCFpOGSecTFArUyfCgdxJZTANBgkqhkiG9w0BAQsFADBl
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJv
+b3QgRzIwHhcNMjAxMjE3MDAwMDAwWhcNMzAxMjE2MjM1OTU5WjBJMQswCQYDVQQG
+EwJVUzEkMCIGA1UEChMbVW5pdGVkIExhdW5jaCBBbGxpYW5jZSwgTExDMRQwEgYD
+VQQDEwtVTEEgQ0EgLSBHNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+ALGIsTLw26Dg46ITkcr1DHWbsPW2dPfpuMk7E1GH4R6fWYN9WV1Ox86G8BvFbTRY
+w2jtBgM1ldYgIFbsD5aOMp9immc6HEZ6jDvF7YHXeW2yePJqoxgeakgPtve31oY4
+W2Celh/ygxOsJo+UdQ4ZxnDhUsxzKwWCI8RvaHWlxTm+oM4RdE3X7Tk1FTmXEke3
+VRmNulEVd0DkcUEfMRb3uDxBPjr2qU/eOQOOTW8s0t2HZxFRtXDu0TdLJsTPKP+7
+MW5EIuXZX6QtwKd7mUW01qq66j0Sfanx7Ji+9l1On3sgd69uZieGCONYsLLGrcIM
+Fja30d7OiJrytjduH46IplcCAwEAAaOCAWEwggFdMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0OBBYEFB9NgPDU9i09W5QMF7OrOMfmju1CMB8GA1UdIwQYMBaAFM7D
+SrmZVfK422C/qX69VrWXNqfWMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggr
+BgEFBQcDBAYIKwYBBQUHAwIweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUFBzABhhho
+dHRwOi8vb2NzcC5kaWdpY2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYWNl
+cnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RHMi5jcnQwRQYD
+VR0fBD4wPDA6oDigNoY0aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0
+QXNzdXJlZElEUm9vdEcyLmNybDAWBgNVHSAEDzANMAsGCWCGSAGG/WwEAjANBgkq
+hkiG9w0BAQsFAAOCAQEABBWSg7/VqOPpL/XaJKkJpb095BCr6bEutei4jggnQsUt
+6I/w5jMPN0pijji7yPtlNdEazn7dysTuGOtGMecA3P5MrVM3GL6LycWg3e0lC6wh
+6N+zIg1Y9nmRJHDsD3wr6HCQJhN/PPoOXrWIjU2MO3eAmRmq0Il6SX1a9MmWBYsG
+qv6TeJE5GbC5REZOEZNCEcIsCd/vJOmDC64r21L74dAGNhRwBeyYeQaYi60SKeOZ
+rtm73kJAHmqxh4kSLjQY1bN+4D+/nqc6VKVbOg3YrtpunA29NZXfM9lDWXST9may
+PB8K4Bp67jyOrIYUfVeR6Fu46wQut6bmJnzr5u8crA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEGzCCAwOgAwIBAgIQBmcDW7sU/WOvwNaoU07+FjANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMTIxNzAwMDAwMFoXDTMwMTIxNjIzNTk1OVowZzEL
+MAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMT8wPQYDVQQDEzZE
+aWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBUTFMgSHlicmlkIEVDQyBTSEEyNTYgMjAy
+MCBDQTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARnvW/xPOudvtC252wTq9ef
+6fbdFeWPkOscfpRTkciuHj7UcumQSH3lzkPEIx0KpesWa8epsks7QwkZ4fU/Tkf9
+o4IBhzCCAYMwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQUUGGmoNI1xBEq
+II0fD6xC8M0pz0swHwYDVR0jBBgwFoAUsT7DaQP4v0cB1JgmGggC72NkK8MwDgYD
+VR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjB/Bggr
+BgEFBQcBAQRzMHEwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNv
+bTBJBggrBgEFBQcwAoY9aHR0cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lD
+ZXJ0SGlnaEFzc3VyYW5jZUVWUm9vdENBLmNydDBLBgNVHR8ERDBCMECgPqA8hjpo
+dHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRIaWdoQXNzdXJhbmNlRVZS
+b290Q0EuY3JsMDAGA1UdIAQpMCcwCAYGZ4EMAQICMAgGBmeBDAECAzAHBgVngQwB
+ATAIBgZngQwBAgEwDQYJKoZIhvcNAQELBQADggEBAHMQH8hhiBfNbxwEwxbbTAnu
+jPyUh/oi0JrfZI3u9JuiLqca720D6foS/AB5+4EIxpm7CMG4MdN/l7oAiDipaCPv
+mOmpYUpnT7A63Cr0q4g84rI1ZmdqA40lVUUf6qC6E34tC73qDQF8TJSrfscWFdCl
+RXR9J4QGrkZ2VNMSDzlDRzWCaA95MfO8x01l+ZdopdE8FvM78gGd4zxeWb8v991+
+mBxTDepqKuy/jF5Rm6Bhfxr33ADRs60s1t16dtZ3pOYLALBTPD5KhZ6a+/dk5dnh
+6c4PaeZQYBUAh+GuxfaBlU4qQ8EtjBMCQHreMIwXHYHW5FRYGjgR4NMuaIw2jD0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE3zCCA8egAwIBAgIQCXcYScMZgFRc/uqdk2sJATANBgkqhkiG9w0BAQsFADBs
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSswKQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5j
+ZSBFViBSb290IENBMB4XDTIwMTIxNzAwMDAwMFoXDTMwMTIxNjIzNTk1OVowYDEL
+MAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMTgwNgYDVQQDEy9E
+aWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMv2zJsE9TrhfFy3Ar8D2i7U
++GP1kACyx4gQo3TUa+3u7lz5SUZ8VvHHp76EjL44U9PHNth46zihIdn0Zo90zSEw
+mS6bjuTUFYOwRWUOAWQejlDXSX2d9ghJ0EVF8NJTBipQ/EdBjD/13G8UeYjRzLXk
+U7UZ67wEqV3bP9fauDIJ1sVXo6qfVrb9gh9grcyrBLzyhRQ17JR6oJKtE4vHxoyr
+QVBOckTj6ZTpszOxbvtEozCorxUHROi1gVfStYfJNRzCtEQ2UT/SFLUBQkC7D8DM
+O+ed4r4yAFw7TTZ1Z8xxzMED8Sr7UyYZ5NPeHM7TcgoqXWjIueVqEOul35n1KikC
+AwEAAaOCAYcwggGDMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFImW3npk
+HMvdTna3b6s32yr5gMXTMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSYJhoIAu9jZCvD
+MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+fwYIKwYBBQUHAQEEczBxMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2Vy
+dC5jb20wSQYIKwYBBQUHMAKGPWh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9E
+aWdpQ2VydEhpZ2hBc3N1cmFuY2VFVlJvb3RDQS5jcnQwSwYDVR0fBEQwQjBAoD6g
+PIY6aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0SGlnaEFzc3VyYW5j
+ZUVWUm9vdENBLmNybDAwBgNVHSAEKTAnMAgGBmeBDAECAjAIBgZngQwBAgMwBwYF
+Z4EMAQEwCAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IBAQBSZGQYUhWxmJVt7vLV
+7nEN1t0X4cstxLSzPqbX7SBa+elm3W1t6auSR8dxZWs714zICvkKuLFqQs1kl64E
+uR1LGfy6+rCCJLNZe9CxsJp/ZIGqxJQOZOUqqpPdl5Q4MaPeKjSIVpC4SCqBYseL
+Au3kkMigDeQVwV+QfkOL5EASVhKbmIPr2vLya4ueWQ06GUYy/aSzAsE/JeALrB9N
++akxiAlF4RUiEVWk6yY+fRSthZ8a6rs2WjoePCnidf+lT+1rTYbzz9tooIbGB1XZ
+mahmYeLkdcFWxFjaL9EhljuMMRzTRCPGxX4QJ2cMcZrDemLEkV8WaK6LWALDBE0Y
+8erf
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFzDCCA7SgAwIBAgIQeEqqkOCsDApLaTiaECTYZTANBgkqhkiG9w0BAQsFADBS
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEoMCYGA1UE
+AxMfR2xvYmFsU2lnbiBTZWN1cmUgTWFpbCBSb290IFI0NTAeFw0yMDEyMTcwMDAw
+MDBaFw0zMDEyMTcwMDAwMDBaMEQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQKEwZSV0Ug
+QUcxJDAiBgNVBAMTG1JXRSBBdGxhcyBSNDUgU01JTUUgQ0EgMjAyMDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMHaLPBBFJtqnBq/8YMHJVgBUtnw+Oh0
+YVNMfjZgn9e4+FdvZWiTRa/tR+A/HNwQ6n47M1hMX58Pvf47ca82cYTfLWAR5uec
+A9H7mbWKWTP7GGRxrwZiD0ejHy42Zctdw8Lvxn4owaY4JaQj7+o0mWJ9d+oSQ0+H
+purs9TMgqm3A+s5xlVhk/sWCoP6oqqqkFVpR5fiM1pPHbjUT+3yXEAybfMH+eauC
+H5DNFcIiRSTXjwGe/zRaOTO04z83dJMnzG9wIBEN7OqgTjujnyHnGbKD+rAMVl0K
+IGou8HGyb21S7kVF8KIya5T7vusJw9uXt4hdm0h5qR24oJv9DmQhHr0CAwEAAaOC
+AaowggGmMA4GA1UdDwEB/wQEAwIBhjApBgNVHSUEIjAgBggrBgEFBQcDBAYJKwYB
+BAGCNxUFBgkrBgEEAYI3FQYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU
+r/1e+9ChJWr9NCMRStKbVu9tPKcwHwYDVR0jBBgwFoAUoJMVKG7ujwiyNcaeYnl0
+p7EOK3swgYkGCCsGAQUFBwEBBH0wezAzBggrBgEFBQcwAYYnaHR0cDovL29jc3Au
+Z2xvYmFsc2lnbi5jb20vc21pbWVyb290cjQ1MEQGCCsGAQUFBzAChjhodHRwOi8v
+c2VjdXJlLmdsb2JhbHNpZ24uY29tL2NhY2VydC9yM3NtcjQ1Y3Jvc3MyMDIwLmNy
+dDA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL3Nt
+aW1lcm9vdHI0NS5jcmwwTAYDVR0gBEUwQzBBBgkrBgEEAaAyASgwNDAyBggrBgEF
+BQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wDQYJ
+KoZIhvcNAQELBQADggIBANKou23AtUxPNNmqUwgd0GOT+zlmUBU9HNOjadQKlwQG
+tAaKoupzSoqI2T4Ify423lQW4FGd896QlxLGCuHyA/GPrFAIG8dX2rxkUUu+c4kO
+M8MUZY2qEJHZNvGaFSE642SaiTWEnyhvo4BgwHZyKm8sw3TsafJsa9RUro8//iDp
+OK1cVfry+ScbYlwkB+8yxGUf1tVdytqlI+eAc1MTGdJCwk7xOAKrOn7JlohnOSVg
+Ma6HUlClYkSmGS5mFXnc4MRk0wh5+yVfD3gmp5ijrmNN1MWxjicL5EEVpCccZWUS
+Rj94PjL08qX3tDCI2iElBZpHZqwaci/eOCq0dS+JFkA8e0fVdiUTXEfWnd8Sv2jS
+eawuUgjPyaH4sEdAINUkKITaGEBs5ip3ozNvILq2Ho6QKEKvzQmN/9Tgqy6FRIYi
+AmIqR5yy1A4Q/FE2o9252UjHUajj1JhuVH6pLZehZh3CQ/C4gw8Gzth7+cr3YrDI
+3KDDhqnE2UBPelhG8gDfVIkWqCx/Zw0IICtqiVDlSwWDVVTXtXV9NFjx0HE9b1HW
+E29ORa7mmqOui0rx03DbT8hEbn/xL6D8+/xxvg4suevPd9scwiZmdrxAk07/NrZ5
+ryHVUmMS43n2SCOgiexzay285uxTecF1gmxfGmQC74rnwf7vfUXO1c2umUYYy7GB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDlDCCAxmgAwIBAgIQKJfNs9RoQEKB9YnkWWFQXjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjEwMTAx
+MDAwMDAwWhcNMzAxMjMxMjM1OTU5WjBkMQswCQYDVQQGEwJDTjE3MDUGA1UECgwu
+c3NsVHJ1cyAo5LiK5rW36ZSQ5oiQ5L+h5oGv56eR5oqA5pyJ6ZmQ5YWs5Y+4KTEc
+MBoGA1UEAxMTc3NsVHJ1cyAoRUNDKSBFViBDQTBZMBMGByqGSM49AgEGCCqGSM49
+AwEHA0IABKLfmrJP/3JUIL6x4NeI1RO6wwMvtE7lUGTSICh4LKqTPPwciLXZFqZ9
+S35nSaffgumGE0arHjMQNOwZ6I26NLSjggGGMIIBgjAfBgNVHSMEGDAWgBQ64QmG
+1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUFGwSyCx0DHSgUiiXuhMENVKL0VUw
+DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMDgGA1UdIAQxMC8wLQYEVR0gADAlMCMGCCsGAQUF
+BwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzBQBgNVHR8ESTBHMEWgQ6BBhj9o
+dHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQ2VydGlmaWNhdGlv
+bkF1dGhvcml0eS5jcmwwcQYIKwYBBQUHAQEEZTBjMDoGCCsGAQUFBzAChi5odHRw
+Oi8vY3J0LnVzZXJ0cnVzdC5jb20vVVNFUlRydXN0RUNDQUFBQ0EuY3J0MCUGCCsG
+AQUFBzABhhlodHRwOi8vb2NzcC51c2VydHJ1c3QuY29tMAoGCCqGSM49BAMDA2kA
+MGYCMQCPXlLgOj8i3GxpIaoGCUkIgu2SY9QDAVQT/74gVQIvxTEU8yNZxCSl41U5
+LnHBNPgCMQDN3P0h3gDyYEeUvCrByslgfPFoS4pzD69ei/DNQgOhkyUBLkkbDnqB
+HbfX2BWCEZU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwzCCA6ugAwIBAgIRANdtqqL1lP2wjo1HSeoxrfEwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIx
+MDEwMTAwMDAwMFoXDTMwMTIzMTIzNTk1OVowPTELMAkGA1UEBhMCQ04xEDAOBgNV
+BAoTB3NzbFRydXMxHDAaBgNVBAMTE3NzbFRydXMgKFJTQSkgRFYgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCJ11mItxCppn7NUZiwO9TjQM59M8Yc
+BjmWe2cOfuIkhVC3tc6YXZmmz01onVQ8t4uWW8caeNceESWe8O+TJQslOThMvR/S
+89q/D0BQKIKgaWq4U/ifb/Md8PJdmO1s/dMhsvbl8BJ4K2lNtA5nf6RT5yfAijbc
+a2mFbvKIMwzLN3WuwV8rA1hJ+lWdABaSUxHKcnPwwD0wxVCXkGx2Ss7AttfJG0DF
+/jskdy60IRkQy4nOSEX+KzTvfyMkX0e5+FOv3zD7ckfD4eNQkC55JR9JAqn+XNWM
+VU6ehZScTRP8LSmz7XxXnQ+SpwwrrB7x1D76H77G4w0g0wt4Z53gVYZXAgMBAAGj
+ggFwMIIBbDAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4E
+FgQUM2pQsuzMQCwNrLVVQi/RH9O5ybAwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1Ud
+IAQbMBkwDQYLKwYBBAGyMQECAlQwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGG
+P2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0
+aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0
+dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBQUFDQS5jcnQwJQYI
+KwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEM
+BQADggIBAA9CNeMQAVbcJkMjQtiT1Kyg1Y20jFnBjbI0sWmssOXXdHoYJHje9214
+nGu0Jyi5/HQZLpCoUDC4HJC+OHFKeXNq6m2u6YVPKu51eJmmtUna9qb9CJOM01uL
+mLi7FcPOKPAAM4RTMbkmEGs0sqPKKMZ8+m8hB2sYYUsjk+ocymDhVK7PkYMi8lyA
+nWq+E4ZyETEjST0+qmar0DgY/piyCatFYVTPG/jHTXXIbZoJ3+w7rdXYmA3xdK5X
++xIL7IZ9dz8sBN3Fvi6OcIIrvB8PcDt6qxbaQvNVPCcHmO4WqlkD/VcstWHP9THv
+zxu2aBK95BsprNYhUX5w2IHOzpOpws0OCN8evNt0/4io2v3etlECy4gqgVZLPj92
+il3Dhy/KmUz3tWx1X2WMXObc15flmT2Vfajp8VzaJFuSdCDc1PkSIJ6kAH0wPjDp
+pOWgtYLdS9vuw75FNGbEm1l38DCuCt1r9xwK1koXYIKgvS7NqGGovUFnWvYQcZ/W
+VmrnEru8oSoePBOtHIYXb+Oyn1XMgwiUcm91l2NZupaRsjdJJvPpT4iyrXRE5rSY
+T9Aqacw088vDh8NGWXE8H8QNC5/um/ZR2uYjaOej5OdiOGAQLg5nbNuQJwONosiZ
+q5s17afjuqnHUNhopzhl+leQdg1oww0v9xEfQ5WP5Q82mbmwe0XJ
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDVzCCAtygAwIBAgIQSEXjPpLlMB2X65WI50iYXjAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjEwMTAx
+MDAwMDAwWhcNMzAxMjMxMjM1OTU5WjA9MQswCQYDVQQGEwJDTjEQMA4GA1UEChMH
+c3NsVHJ1czEcMBoGA1UEAxMTc3NsVHJ1cyAoRUNDKSBEViBDQTBZMBMGByqGSM49
+AgEGCCqGSM49AwEHA0IABPnhVNUG3MK3i1NJ+B4rAT2vMmy604yDo725ASwI/77D
+PPPeOtGWob7IUnBfNLXbrIFx09Bx6tVUAI8Zbz862C+jggFwMIIBbDAfBgNVHSME
+GDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQU/bt2a7Th/LpQZu6T
+R8wdiTUh+kMwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGy
+MQECAlQwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy
+bDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RFQ0NBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
+Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaQAwZgIxANznrqp45oCQ
+ldqj+PTbb/gzS0M7mdYRCoCIaNZIlW1sr5y1GMwlevCU0eL8LXYwPwIxAMYox2hp
+KooQxzvxwXr6l3xddEZuAqcvXGKi4lJBPFt27zg/V4kh3tdYi72YlvhYmg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFwzCCA6ugAwIBAgIRAIW9PkwvxiLY3p4Ygdwck7IwDQYJKoZIhvcNAQEMBQAw
+gYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpOZXcgSmVyc2V5MRQwEgYDVQQHEwtK
+ZXJzZXkgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMS4wLAYD
+VQQDEyVVU0VSVHJ1c3QgUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTIx
+MDEwMTAwMDAwMFoXDTMwMTIzMTIzNTk1OVowPTELMAkGA1UEBhMCQ04xEDAOBgNV
+BAoTB3NzbFRydXMxHDAaBgNVBAMTE3NzbFRydXMgKFJTQSkgT1YgQ0EwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+stDLnpmqDpXIK6ojHoxKqdshnOa1
+8xfKLKN7FMXaU06skYL5clBwpDDRp58WUgQbz2SX+0+bugBiilMGi8M2TDtIU8yU
+ZoxPWW3cvkT4U/cY/xoi7Cyl6CPjZetpEcp39EPNEH8jnWe63i/UkrCzjQy69w5R
+i5Y/gSMSNiMvihcZ2dMfnZYyOlf62NGcEc2vtiP5JiZuTnN8w0bAaieMgGZaTHdB
+p1O4sTCc6b6qnxRq7tqlRW8zvSqgM5me53BOaLufBp8nGZGYNH1BRFLcgmxhKG7x
+8G/w2J1wGmrsF+pUH49rDInENfqG+j4YnBgzsfr2nayzqSJJw7tkdfFxAgMBAAGj
+ggFwMIIBbDAfBgNVHSMEGDAWgBRTeb9aqitKz1SA4dibwJ3ysgNmyzAdBgNVHQ4E
+FgQUxlReWmSYhsP71A9IiStbK/OxIK8wDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB
+/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1Ud
+IAQbMBkwDQYLKwYBBAGyMQECAlQwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGG
+P2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0
+aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0
+dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBQUFDQS5jcnQwJQYI
+KwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEM
+BQADggIBAHtxRs/J+gexVvIo6Wf5zaYdAyNU4jP61bdP+3rlJ2sSw5yxEwqrC/Ja
+6kD0TZvRv4wksUB0vIP2Dg34XsncX3SA8pq/BiPHsqSIkUGMUl1AOYIZwZtWoqz/
+cTlhSGvxd9YRgJ57QHQ7HQ9SLVFULpNrzFD36gdeu4cIUsS3od4Xohj2+M3CkfYv
+qnIcXw2BJ+Uc0c6+7OHPXgjvSRhJXGU8xQ8VkrQP0RCWSE2JXlYlvaZfzfsb3kfr
+qAO2AS9GoNgfl6D+5ZXp5A/DxebheUCQPjQGac4xooI5im2AnSQ8oITyXbE43CAr
+oxXjoKpDeEHUguO3IxpGnqBHF6ivd/vLbxwPcOWzOvCCvAShoBGaomvgmL4pqtpd
+PDm3pp7vCauw6E8MneKJnbYffv92LZK68dvZ7IwvOsFE7pXZEH8EpinTvIjECTDa
+Sketwk3r7X/rFvxICpGYzBVy1R//NlGBGOjfwQbAEODhImpyUiTUngXOHs6wkZDR
+AyKnKNy4NvGmQNt9MdfN56HBsENjTdfrXtUgKlVFHgkuSqMW0pn3lRtH/AbhS3zR
+LBocG7H8P+qW5PEdWKHK+tt7I8xHxsa6JkMwYvNk8sCaQbtFDUejEzu1JEe7vJHA
+DkxxLfZ5M7TOcaTwYt+DMw0ot2GLLl4W5DytSZUSzu9gihgu2c3q
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIF/zCCA+egAwIBAgIQIPqMANyfHxYpF9tPDcf/zjANBgkqhkiG9w0BAQwFADCB
+iDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0pl
+cnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNV
+BAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjEw
+MTAxMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjBkMQswCQYDVQQGEwJDTjE3MDUGA1UE
+Cgwuc3NsVHJ1cyAo5LiK5rW36ZSQ5oiQ5L+h5oGv56eR5oqA5pyJ6ZmQ5YWs5Y+4
+KTEcMBoGA1UEAxMTc3NsVHJ1cyAoUlNBKSBFViBDQTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALEl5/pWczUsGs5mp2hlzBC70yn/BeOabkdNgTuFk4wQ
+ZZYWLBOJs2W5LD/wlSvow34JdCtIRXn2vViXCyJL9nenPOj6F/RAp0oWKp+4z9eK
+v9yCIgxAtLi7SRfltF6FdXpfJhbCXUhXZW0rSobDoZegMnyP0KuMMVuqhVlgMHz7
+gPrdhoUlVvYsZ5vXK5dekfg1+cPotsKkgXnGbTuEP33vBn9xH+7/9o5UXO/oOW6j
+D+bm1lWBntN1JcSei2Xzt39+kZ13O4ZHv10h+WfKbTyC6or5xKV0feRwSucfjVX8
+mI7sgU2GDu5ZWlFFC1WD0MY1e5Y7FiFRU0yLY4LBY0ECAwEAAaOCAYYwggGCMB8G
+A1UdIwQYMBaAFFN5v1qqK0rPVIDh2JvAnfKyA2bLMB0GA1UdDgQWBBSBO1B95Ywd
+Evo9F+/zYcezGuMSFTAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwOAYDVR0gBDEwLzAtBgRV
+HSAAMCUwIwYIKwYBBQUHAgEWF2h0dHBzOi8vc2VjdGlnby5jb20vQ1BTMFAGA1Ud
+HwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RS
+U0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcBAQRlMGMwOgYI
+KwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FB
+QUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20w
+DQYJKoZIhvcNAQEMBQADggIBADpJuD5iUwhf3wAujsi2qjfzuR2xTleNJT6D9ugT
+l/gSRbjXcuXX6cEf4dHez6iljoz4STdCFQJhi3iDM+FiKDaufHc6kCyJNR8p3Yva
+/qotW7vLALYqi3y6qCVkC40yZxjjOiuFqp9vBBmP0mVtDb+XxZIC8XCm/dlOwzdr
+AwabfL1OgxfuW+9F8Muv/8nPSbEyHnUMsI2q8W/MPcBcHC/QPQtbWlJ+B8EM6+8p
+9VxHtoLe96nL2oj6nNdKh/g42DPglYXwJdQG69l4rage3Qsgj9uL1qYbchRN5g69
+ARpVx2d4PKDQkK84MWyLY9qccMnWQkEjRNWha9sbmlIkzR+VRylZ9WRqsE5YZjps
+p+FZ4CHJKdqpHa09Nf5Hdzl4KvPl2mdfx4XWoSYlGDf6jxib/FcP+HWntI3Tkm17
+VVwnZM1Tqh+foTkSyDOQ8JslTnZrm+lDJ/kNsZvkpmAD+LSNAiRbokJ8l5bqyhjo
+jVB8XTY9kLqccJ4+jt55XnWkIi297D1stHY1bbQGh1R9h6h94uRT+oXMZkAUVkMC
+eg4R1zN/+w7KKCkqf/1LHI4+cVAWfPbt9OwCJ1WfMOaZCgPjUfZIuxCDPh7JYsEj
+99oQdBqjspcmYjEyBNBcdqr8LgRjUXILrOqDbp7iHjSS2gwN5nbG0rpeJeymdhX0
+9LGr
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDVjCCAtygAwIBAgIQRGjtk17oimTIUBCCyKO68DAKBggqhkjOPQQDAzCBiDEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNl
+eSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMT
+JVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMjEwMTAx
+MDAwMDAwWhcNMzAxMjMxMjM1OTU5WjA9MQswCQYDVQQGEwJDTjEQMA4GA1UEChMH
+c3NsVHJ1czEcMBoGA1UEAxMTc3NsVHJ1cyAoRUNDKSBPViBDQTBZMBMGByqGSM49
+AgEGCCqGSM49AwEHA0IABHl5lR0qY1Kqmo0N+1d5OWsKVPV8gTcyhBbzO8gnDH3V
+nIbuU830D3qhoQZ8rGMtfPA/fQfuUzMHRa0nn/SSSwWjggFwMIIBbDAfBgNVHSME
+GDAWgBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAdBgNVHQ4EFgQUDEyxM6ooYMhsp8BO
+toMZ1ZuAR8kwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdIAQbMBkwDQYLKwYBBAGy
+MQECAlQwCAYGZ4EMAQICMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNl
+cnRydXN0LmNvbS9VU0VSVHJ1c3RFQ0NDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNy
+bDBxBggrBgEFBQcBAQRlMGMwOgYIKwYBBQUHMAKGLmh0dHA6Ly9jcnQudXNlcnRy
+dXN0LmNvbS9VU0VSVHJ1c3RFQ0NBQUFDQS5jcnQwJQYIKwYBBQUHMAGGGWh0dHA6
+Ly9vY3NwLnVzZXJ0cnVzdC5jb20wCgYIKoZIzj0EAwMDaAAwZQIxAKGOzgTunk+/
+jJnqQ0MZqT4Hw4NxVSNxWOXCGZECmc5ngb/l+NQXOXyk9ZfVA+xonwIwPBsz4EpG
+YZFPwSqYHf21y33UZ3cT0vw8HUO5gp1MJa391vgSP9W6W2HbBU5p/Dja
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFgDCCA2igAwIBAgIUKDfVw8K1cpS+z5mv6Lvc0bsLIPEwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMSBHMzAeFw0yMTAxMDYyMDUwNTFaFw0z
+MTAxMDQyMDUwNTFaMFkxCzAJBgNVBAYTAlVTMRYwFAYDVQQKDA1EaWdpQ2VydCwg
+SW5jMTIwMAYDVQQDDClEaWdpQ2VydCBRdW9WYWRpcyBUTFMgSUNBIFFWIFJvb3Qg
+Q0EgMSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALMrbkb9kz/4
+y00r7tfK+uDRomMNd5iCDVMWOvSx1VygKoBn3aavw7gq9Vfb2fIMIWkWG0GMxWbG
+cx3wDHLWemd7yl9MxRUTGXkvH6/dNEavAQhUTL9TSf/N2e8f7q2dRDNYT7lXi/vR
+fTBiYlY7BLNha8C3sPHsKduaJN32cjdjVFH51rFDRdhUXlo2hhOjgB6bqoqs75A3
+Y3w88AdbMkapT63oGsCDO6N/uX2Mo9GSWREvlxHiXSMFf5qFw41vn5QIa5ADL1MP
+CzlLmJSHXE138H1+cG5IutD7tIieKjo/t+66PGMo8xicj3yUd8rHEmBqClG4Ty3d
+fF+bETFjLIUCAwEAAaOCAU8wggFLMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j
+BBgwFoAUo5fW816iEOGrRZ88F2Q87gFwnMwwdAYIKwYBBQUHAQEEaDBmMDgGCCsG
+AQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMWcz
+LmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t
+MBMGA1UdIAQMMAowCAYGZ4EMAQICMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9xdnJjYTFnMy5jcmwwHQYDVR0OBBYEFJkRfemwrS1iWnDTPI2HIK3a2i5B
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAb6tTptzzi4ssb+jA
+n2O2vAjAo7ydlfN9v+QH0ZuGHlUc9bm8dpNpBo9yt6fWHIprGLJjVOF7HwVDQcJD
+DhX4638Q7ETDrbTVQ4/edX6Yesq6C1G8Pza1LwStXD/jCQHFvWbPud86V0ikS4rS
+qlmu3fzUrGZ2/Q+n5jrnRqM5IS8TXYcnzLD3azH1+aZjkwQt9HP4IuvAe/Bg9aWE
+XeDmksbg0SqQInrWn+BVYtD+hCZNz8K0GnKKpx3Q9VxzRv+BMbO5e9iqK1Hcj5Wv
+ZXvU45j2r5y9WML4fc8CvphzbF6ezr1e51i+yabNmfld33gRX48V5oNk16wX32ed
+kQ83sKNomQm1dXURWK8aSDcZFAvJQ8vKTLIE9wiQmtjfSGoJzQhKLaN+egrp4L9y
+fjpFIeK4zgAH39P4s4kaPWTdfXe2n6P5o7Xolp4R22SVkI76d8d+5Iv7Rtqd+mqI
+y1hkwyTBbOBLtyF7yMtJQewkkZ0MWxkPvWg193RbYVRx8w1EycnxMgNwy2sJw7MR
+XM6Mihkw910BkvlbsFUXw4uSvRkkRWSBWVrkM5hvZGtbIJkqrdnj55RSk4DLOOT/
+LUyji/KpgD7YCi7emFA4tH6OpkNrjUJ3gdRnD4GwQj/87tYeoQWZ6uCl0MHDUCmw
+73bpxSkjPrYbmKo9mGEAMhW1ZxY=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFhTCCA22gAwIBAgIUD3xNgeLm+YKMdFKtYwTMeUhkIrswDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
+BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0yMTAxMDYyMDUyNTZaFw0zMTAx
+MDQyMDUyNTZaMFwxCzAJBgNVBAYTAlVTMRYwFAYDVQQKDA1EaWdpQ2VydCwgSW5j
+MTUwMwYDVQQDDCxEaWdpQ2VydCBRdW9WYWRpcyBUTFMgSUNBIFF1b1ZhZGlzIFJv
+b3QgQ0EgMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMAnbPqFlNP/
+J+CE+VEOIq3IglQP2PSZtUy8xbly85F3LhidGEtQd4B0aCDvJBLYzybE/UC4AIdx
+T6K3Ny5QsjDm/U1SFZ/X9qdAIE+8ayue88+qygTAqs/0zAeCcQ230sO9Q2HGfiv/
+bWCpm2ftTUR6E3HDdcuP6wgND24Tayhf9e7s1PS7dDoch8a7tONEnTMEqM0KyNEx
+JSr723lCJig52k6AedJoxnwuy+aP008Ly4wED1P3sYLe7z59T9alxcqod+5TDT/F
+/ufN1i1gMANdf0b1jVRDSadDXZp8M1LzO+POydeiI8m7Aj++Uo+0IUbBaFy46JmW
+GXybOfATGZkCAwEAAaOCAVQwggFQMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j
+BBgwFoAUGoRivEhMMyUE1O7Q9gPEGUbRlGswcgYIKwYBBQUHAQEEZjBkMDYGCCsG
+AQUFBzAChipodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMi5j
+cnQwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNvbTAc
+BgNVHSAEFTATMAcGBWeBDAEBMAgGBmeBDAECAjAdBgNVHSUEFjAUBggrBgEFBQcD
+AgYIKwYBBQUHAwEwOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5xdW92YWRp
+c2dsb2JhbC5jb20vcXZyY2EyLmNybDAdBgNVHQ4EFgQUz5LTMFSrg1pTz+1GGrYM
+qzz+w2AwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQA1p3fuWQ84
+FbVgpsvav/rV+7NbEqhfNPJFZhNX2X6OjYMlQCLY58I3/8JxOVPfDrVxJwBZ88JZ
+ns6BIuiyyJ7edd2l8sQdIeBY81hzdEH1lDMiOz4cAwd9BWz5zGioJu3JuJ3Uip1P
+CSprl64JuGmDOew2+RvrCCE1Rjk3m8sfKjU49RSrjtQOpeUOQyNjieZVze8aHg08
+oqCZcq5j3nk4GZLdUz9dId+Uf8obdFTFWVu6nvqHbewzMWI242I6gJmkvH9CF/07
+bAECg6anrCPo5/5inKCBvcfii3+6Afau49wXum7FDH6ISRR0nOkje7nKOEx5Nks4
+SZpshBHo8TKwlBL0jmOMpZ5exD0oXmEjP5X1qHZIkt1KP29KR23OgFTcxnpXx+//
+0CpTDacSkgbPLVl0M2cTXjI4g385FYUSQpVfxbhRd4bxbTS2hyGJtOPgEAXF+UNs
+tDQXId3TO+JOqpIPi9fz8GtI+cHeV0YK1G9m5Gplx0nPeG0K+tvAgS6ubaiBpqPn
+28iqw9jzRDrk8WFOTJ9PgPnCbjXV1nmU8/B9tI7BjzabKC57DZF488ptx0vU+dCx
+E4Xb4K3VRlqKB+vdWQpxRffZ3rFDZjYgLVlJaFC/3zQn+X8rCYmm7sD410RM5eac
+0LVGCuV+/A4lnBYic3a8h3SiVQENch+eyQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFdjCCA16gAwIBAgIUSBCJadJnyw4+QrXgR+5WgKeRFNswDQYJKoZIhvcNAQEL
+BQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZ
+BgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMzAeFw0yMTAxMDYyMDU0MjVaFw0zMTAx
+MDQyMDU0MjVaMFYxCzAJBgNVBAYTAlVTMRYwFAYDVQQKDA1EaWdpQ2VydCwgSW5j
+MS8wLQYDVQQDDCZEaWdpQ2VydCBRdW9WYWRpcyBUTFMgSUNBIFFWIFJvb3QgQ0Eg
+MzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6Mm0E5fD+Yy2zb2Z9N
+wzhhgOUWXwUH4bQLDMG5sPtjVdJRSuv6eZU0Mavvm5TLXbZ/lgcPjhxyNxyoRASS
+lb/2gHLDbD2xAJpU135pFDQtGgsoXKaxW4AiGM4N3LRtInkszh/lPTssApFVjt1H
+PKxO+5Fyie8SYk03ZDN6PEXeWAPqXebmdY7Bl456d9pbVAoPm4desg5Pkzl44R1J
+70Iuv08Ar4Fsh9ojYsJIJOr4yPkk0cTcHl2GxyfUsbvLTnCtOZdve4Ut4VP9JBnh
+FaFnI7NeAmloVs26vqPF7ibqJuRaS7eX1pmoHwXMJTmYbmiE8JOW6NRAzJMzRPrl
+KH8CAwEAAaOCAUswggFHMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAU
+8sAT4IJDPvvuL2cyljVc27jLAtAwcgYIKwYBBQUHAQEEZjBkMDYGCCsGAQUFBzAC
+hipodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhMy5jcnQwKgYI
+KwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xvYmFsLmNvbTATBgNVHSAE
+DDAKMAgGBmeBDAECAjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwOQYD
+VR0fBDIwMDAuoCygKoYoaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20vcXZy
+Y2EzLmNybDAdBgNVHQ4EFgQUIzlUcvrV+WRljx07Zw9C2c7mSJEwDgYDVR0PAQH/
+BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQAzzWXDfIDGoy7ztsGxScDNgKniQAFn
+HzimEjPEAnJvlHUy4IpffiHVyjP9usRsh2edVJ+7Hq3m5hoXh5dwAM1/X7K6UZGp
+23m132EaizIRELLD0m6hys5MH81CA7T1cnM6jN1ghktZDmXO40PGjRJMSa26bJsh
+HLKSjAZRkarN1A2YxVX3P0N+BHlOluuKC4zoO5aS/n0a0pvDcf1TCyC1QMMkvb6j
+q52oKJwpN02Vv6rejDLTsiU2F5IZUOyrxiz4WfFevQ5E8nCEq4ufhE6oSXz/ddH8
+gpGKFTFmeLgVsgMBAAOJKXOVacfa/maV6yI10HfI8kf/LQAuJ49FfGmqnRJwdsNk
+XKFSkSo9aQd0V2QYHO//+EY/wp3VRbRWZfXuSK8HyEbjB6QW+zJXRYat7STb5Yrj
+mk0RzYjCWgekxpt0Jf1is2PmgzoYWRimtQi6Eay/9GgDZOMzWp2vngLLS8jI9ERU
+MMOKVB/5xUMekEazeTDHKNgZ44v/We3AUtCk7qQiajcXGwA+/FuRw2EsTUpgWyZB
+mfwYx+uAfSB9mGcB/4xHbo259vvQ9nUHx3d5/q2CnFgxih1HkKbj+RQYS3kAb0bZ
+wRQOSr0NUuU9kCMys9WMX7MBmBLJwFFkX4rqQMUA/ujfiUUt5LFxSlPkS617pv0P
+ezhK137tL+CGkQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFgDCCA2igAwIBAgIUQn3TOo/1HYFS6BPH3sk7p2MSp9gwDQYJKoZIhvcNAQEL
+BQAwSDELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAc
+BgNVBAMTFVF1b1ZhZGlzIFJvb3QgQ0EgMyBHMzAeFw0yMTAxMDYyMDU1NDBaFw0z
+MTAxMDQyMDU1NDBaMFkxCzAJBgNVBAYTAlVTMRYwFAYDVQQKDA1EaWdpQ2VydCwg
+SW5jMTIwMAYDVQQDDClEaWdpQ2VydCBRdW9WYWRpcyBUTFMgSUNBIFFWIFJvb3Qg
+Q0EgMyBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxNTdqnFD+A
+MhketYfVfVUWQKPkVEuyYj7Y2uwXBMRP4RStO4CoQih+hX/h94vRlObOIsqcNnyC
+ElwBnLbmusaWYLYnDEWoROL8uN0pkWk0asfhhEsXTkAJ6FLHUD85WBkED4gIVWPi
+Sp4AOwiA+/zpbwgVAgdjJTO3jjMsp4F1lBrdViYSwoPRACH1ZMjJG572oXTpZkQX
+uWmEKLUOnik1i5cbqGLnwXiDvTAhxit7aBlj/C5IDvONWVQL34ZTYppvo8S3Hhy9
+xX0S4HCpTpeBe3mas7VOrjsXNlEoFvejrxcQ+fB/gUf6fLUPxUhcPtm8keBPQuxc
+qP12/+KG0WECAwEAAaOCAU8wggFLMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0j
+BBgwFoAUxhfQvKjqAkPyGwaZXSuQILnXnOQwdAYIKwYBBQUHAQEEaDBmMDgGCCsG
+AQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3F2cmNhM2cz
+LmNydDAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9iYWwuY29t
+MBMGA1UdIAQMMAowCAYGZ4EMAQICMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEF
+BQcDATA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vY3JsLnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9xdnJjYTNnMy5jcmwwHQYDVR0OBBYEFDNm+y+RBcyzYlLvzTz1fhzOpxeW
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAY0ZuDgyM4I4MO9ll
+D8qFUPQ8xtcGOuJgSRhDS2onIJ0M8yOGOYJCobIEGIgqyx94kI/n/1Xw+Wvsnhwb
+OYOtVedx6VGDu6IuSKTVgPPhzwKP5ZA7wtmgKR8+W4E3DM1VerA9Po9ycDK9qCdl
+K4tuF37grKEzlQKovG+kn0z+Zi0D/E1kN1Q8YmX35HHRenJWKEnAL9QROh0X9jFi
+SlsHPrxWC3adOdAW+B+kVG0cM2nurd0Ic2YkiLKOOaSd5hbCQY/fCZwohtest+ZU
+Ajyd+FVzSNvEFrwPzZwKfcdemvD4kew8lx5sG6BUL4GkFWnotxSr+F9Huwgj4pC+
+cxE2841a/9r/gliuwDM/8jkt16epFAdw0fXemyM8FdHJDnB++3d8SyjOOQ8j+VHW
+31NWx27sORa5CgRchlldXWDzIIEwbc82a1OAfGUmNAsdEHjMl1HMcZHbjCmdSdsw
+fmyldZrj2YmvOI5ZlE9z4vzi35KyqlxWCtu9O/SJq/rBvYS0TPmm8HbhJQbeMe6p
+vJGrxcb1muSBANn9T9wvukjiNNw32ciSDCjZ0h4N+CGxbzoZtgIAQ29IunYdnJix
+ZiP+ED6xvwgVRBkDSgWD2W/hex/+z4fNmGQJDcri51/tZCqHHv2Y7XReuf4Fk+nP
+l8Sd/Kpqwde/sJkoqwDcBSJygh0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDajCCAu+gAwIBAgIQBBxdKC6zcQ5rcsLavSZxbzAKBggqhkjOPQQDAzBOMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xJjAkBgNVBAMTHURp
+Z2lDZXJ0IFRMUyBFQ0MgUDM4NCBSb290IEc1MB4XDTIxMDQxNDAwMDAwMFoXDTMx
+MDQxMzIzNTk1OVowVDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJ
+bmMuMSwwKgYDVQQDEyNEaWdpQ2VydCBHNSBUTFMgRUNDIFNIQTM4NCAyMDIxIENB
+MTB2MBAGByqGSM49AgEGBSuBBAAiA2IABLzRK0f/iJs+T+i9//yOWT++GUuwRjML
+dbsA+9YQsrHFyayUZeqYRATordp1DcodGY/1DxRAwDDEi0cmkfHX08nLQ0ujF1Vh
+dlBxYUPol2HLYjN3EzVAcDC8V5uiQc5zCqOCAYowggGGMBIGA1UdEwEB/wQIMAYB
+Af8CAQAwHQYDVR0OBBYEFJtY3I2mZZjnvAb+GqQVoG/L5qmQMB8GA1UdIwQYMBaA
+FMFRRVBZqz7nLFr6ICISB4CIfBFqMA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwegYIKwYBBQUHAQEEbjBsMCQGCCsGAQUFBzAB
+hhhodHRwOi8vb2NzcC5kaWdpY2VydC5jb20wRAYIKwYBBQUHMAKGOGh0dHA6Ly9j
+YWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdpQ2VydFRMU0VDQ1AzODRSb290RzUuY3J0
+MEYGA1UdHwQ/MD0wO6A5oDeGNWh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9EaWdp
+Q2VydFRMU0VDQ1AzODRSb290RzUuY3JsMD0GA1UdIAQ2MDQwCwYJYIZIAYb9bAIB
+MAcGBWeBDAEBMAgGBmeBDAECATAIBgZngQwBAgIwCAYGZ4EMAQIDMAoGCCqGSM49
+BAMDA2kAMGYCMQDt1p2aebRUXBPN1FXg+V6oG+mRLdRC49k8dSxwRG77lsj1YqTO
+IvZuhDckSAkMNGICMQD4lvGyMGMQirgiqAaMdybUTpcDTLtRQPKiGVZOoSaRtq8o
+gRocsHZfwG69pfWn10Y=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDXDCCAuGgAwIBAgIQBg5FPpv3aMZZM2pbArRxEzAKBggqhkjOPQQDAzBKMQsw
+CQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xIjAgBgNVBAMTGURp
+Z2lDZXJ0IEVDQyBQMzg0IFJvb3QgRzUwHhcNMjEwNDE0MDAwMDAwWhcNMzEwNDEz
+MjM1OTU5WjBQMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4x
+KDAmBgNVBAMTH0RpZ2lDZXJ0IEc1IEVDQyBTSEEzODQgMjAyMSBDQTEwdjAQBgcq
+hkjOPQIBBgUrgQQAIgNiAASAxkIHzJgR7AbL24XhUsAhWIBGyDctd7SLM4KKnZjo
+jBl8rgSnIBPNJq4C1D8NSoDrShtZRCIDKhxRcu8qKte/ZadbMdMAXIRjGLbOJ1nT
+H+wcnqBZdW0/BIFOH4Ghe92jggGEMIIBgDASBgNVHRMBAf8ECDAGAQH/AgEAMB0G
+A1UdDgQWBBTPlXaPLdRfmzWC7vLInLgKENEH4TAfBgNVHSMEGDAWgBSSlvfmutUR
+uvkiLnt+WtnwJeUFGzAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMHcGCCsGAQUFBwEBBGswaTAkBggrBgEFBQcwAYYYaHR0cDov
+L29jc3AuZGlnaWNlcnQuY29tMEEGCCsGAQUFBzAChjVodHRwOi8vY2FjZXJ0cy5k
+aWdpY2VydC5jb20vRGlnaUNlcnRFQ0NQMzg0Um9vdEc1LmNydDBDBgNVHR8EPDA6
+MDigNqA0hjJodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRFQ0NQMzg0
+Um9vdEc1LmNybDA9BgNVHSAENjA0MAsGCWCGSAGG/WwCATAHBgVngQwBATAIBgZn
+gQwBAgEwCAYGZ4EMAQICMAgGBmeBDAECAzAKBggqhkjOPQQDAwNpADBmAjEAz4Pf
+c3Y8KN849HGh0kHVomh/HqNeph/fcdn5JoBxwXqV0U78wWol1G11rM3qAAooAjEA
+3aIUxc8+gI9fbOz+dE1Ia/XFWhKYvbuMrXdrO93Z6oshtDxJzWsIJmUBtLQ0MwqB
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEvjCCA6agAwIBAgIQBtjZBNVYQ0b2ii+nVCJ+xDANBgkqhkiG9w0BAQsFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMTA0MTQwMDAwMDBaFw0zMTA0MTMyMzU5NTlaME8xCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRMUyBS
+U0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAwUuzZUdwvN1PWNvsnO3DZuUfMRNUrUpmRh8sCuxkB+Uu3Ny5CiDt3+PE0J6a
+qXodgojlEVbbHp9YwlHnLDQNLtKS4VbL8Xlfs7uHyiUDe5pSQWYQYE9XE0nw6Ddn
+g9/n00tnTCJRpt8OmRDtV1F0JuJ9x8piLhMbfyOIJVNvwTRYAIuE//i+p1hJInuW
+raKImxW8oHzf6VGo1bDtN+I2tIJLYrVJmuzHZ9bjPvXj1hJeRPG/cUJ9WIQDgLGB
+Afr5yjK7tI4nhyfFK3TUqNaX3sNk+crOU6JWvHgXjkkDKa77SU+kFbnO8lwZV21r
+eacroicgE7XQPUDTITAHk+qZ9QIDAQABo4IBgjCCAX4wEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUt2ui6qiqhIx56rTaD5iyxZV2ufQwHwYDVR0jBBgwFoAU
+A95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG
+GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh
+Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDBCBgNV
+HR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH
+bG9iYWxSb290Q0EuY3JsMD0GA1UdIAQ2MDQwCwYJYIZIAYb9bAIBMAcGBWeBDAEB
+MAgGBmeBDAECATAIBgZngQwBAgIwCAYGZ4EMAQIDMA0GCSqGSIb3DQEBCwUAA4IB
+AQCAMs5eC91uWg0Kr+HWhMvAjvqFcO3aXbMM9yt1QP6FCvrzMXi3cEsaiVi6gL3z
+ax3pfs8LulicWdSQ0/1s/dCYbbdxglvPbQtaCdB73sRD2Cqk3p5BJl+7j5nL3a7h
+qG+fh/50tx8bIKuxT8b1Z11dmzzp/2n3YWzW2fP9NsarA4h20ksudYbj/NhVfSbC
+EXffPgK2fPOre3qGNm+499iTcc+G33Mw+nur7SpZyEKEOxEXGlLzyQ4UfaJbcme6
+ce1XR2bFuAJKZTRei9AqPCCcUZlM51Ke92sRKw2Sfh3oius2FkOH6ipjv3U/697E
+A7sKPPcw7+uvTPyLNhBzPvOk
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEFzCCAv+gAwIBAgIQB/LzXIeod6967+lHmTUlvTANBgkqhkiG9w0BAQwFADBh
+MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
+d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
+QTAeFw0yMTA0MTQwMDAwMDBaFw0zMTA0MTMyMzU5NTlaMFYxCzAJBgNVBAYTAlVT
+MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxMDAuBgNVBAMTJ0RpZ2lDZXJ0IFRMUyBI
+eWJyaWQgRUNDIFNIQTM4NCAyMDIwIENBMTB2MBAGByqGSM49AgEGBSuBBAAiA2IA
+BMEbxppbmNmkKaDp1AS12+umsmxVwP/tmMZJLwYnUcu/cMEFesOxnYeJuq20ExfJ
+qLSDyLiQ0cx0NTY8g3KwtdD3ImnI8YDEe0CPz2iHJlw5ifFNkU3aiYvkA8ND5b8v
+c6OCAYIwggF+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFAq8CCkXjKU5
+bXoOzjPHLrPt+8N6MB8GA1UdIwQYMBaAFAPeUDVW0Uy7ZvCj4hsbw5eyPdFVMA4G
+A1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdgYI
+KwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j
+b20wQAYIKwYBBQUHMAKGNGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdp
+Q2VydEdsb2JhbFJvb3RDQS5jcnQwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2Ny
+bDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNybDA9BgNVHSAE
+NjA0MAsGCWCGSAGG/WwCATAHBgVngQwBATAIBgZngQwBAgEwCAYGZ4EMAQICMAgG
+BmeBDAECAzANBgkqhkiG9w0BAQwFAAOCAQEAR1mBf9QbH7Bx9phdGLqYR5iwfnYr
+6v8ai6wms0KNMeZK6BnQ79oU59cUkqGS8qcuLa/7Hfb7U7CKP/zYFgrpsC62pQsY
+kDUmotr2qLcy/JUjS8ZFucTP5Hzu5sn4kL1y45nDHQsFfGqXbbKrAjbYwrwsAZI/
+BKOLdRHHuSm8EdCGupK8JvllyDfNJvaGEwwEqonleLHBTnm8dqMLUeTF0J5q/hos
+Vq4GNiejcxwIfZMy0MJEGdqN9A57HSgDKwmKdsp33Id6rHtSJlWncg+d0ohP/rEh
+xRqhqjn1VtvChMQ1H3Dau0bwhr9kAMQ+959GG50jBbl9s08PqUU643QwmA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDeTCCAv+gAwIBAgIQCwDpLU1tcx/KMFnHyx4YhjAKBggqhkjOPQQDAzBhMQsw
+CQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cu
+ZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAe
+Fw0yMTA0MTQwMDAwMDBaFw0zMTA0MTMyMzU5NTlaMFkxCzAJBgNVBAYTAlVTMRUw
+EwYDVQQKEwxEaWdpQ2VydCBJbmMxMzAxBgNVBAMTKkRpZ2lDZXJ0IEdsb2JhbCBH
+MyBUTFMgRUNDIFNIQTM4NCAyMDIwIENBMTB2MBAGByqGSM49AgEGBSuBBAAiA2IA
+BHipnHWuiF1jpK1dhtgQSdavklljQyOF9EhlMM1KNJWmDj7ZfAjXVwUoSJ4Lq+vC
+05ae7UXSi4rOAUsXQ+Fzz21zSDTcAEYJtVZUyV96xxMH0GwYF2zK28cLJlYujQf1
+Z6OCAYIwggF+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFIoj655r1/k3
+XfltITl2mqFn3hCoMB8GA1UdIwQYMBaAFLPbSKT5ocXYrjZBzBFjaWIpvEvGMA4G
+A1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwdgYI
+KwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdpY2VydC5j
+b20wQAYIKwYBBQUHMAKGNGh0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNvbS9EaWdp
+Q2VydEdsb2JhbFJvb3RHMy5jcnQwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2Ny
+bDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdEczLmNybDA9BgNVHSAE
+NjA0MAsGCWCGSAGG/WwCATAHBgVngQwBATAIBgZngQwBAgEwCAYGZ4EMAQICMAgG
+BmeBDAECAzAKBggqhkjOPQQDAwNoADBlAjB+Jlhu7ojsDN0VQe56uJmZcNFiZU+g
+IJ5HsVvBsmcxHcxyeq8ickBCbmWE/odLDxkCMQDmv9auNIdbP2fHHahv1RJ4teaH
+MUSpXca4eMzP79QyWBH/OoUGPB2Eb9P1+dozHKQ=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGuzCCBKOgAwIBAgIQDmRY51TsnMe6yDIx1flNWDANBgkqhkiG9w0BAQwFADBN
+MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xJTAjBgNVBAMT
+HERpZ2lDZXJ0IFRMUyBSU0E0MDk2IFJvb3QgRzUwHhcNMjEwNDE0MDAwMDAwWhcN
+MzEwNDEzMjM1OTU5WjBYMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQs
+IEluYy4xMDAuBgNVBAMTJ0RpZ2lDZXJ0IEc1IFRMUyBSU0E0MDk2IFNIQTM4NCAy
+MDIxIENBMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMnB9AAUezLy
+ZIJWqclXdCRODlmfOnlRYNvE3OR/WaHipH5TnngNfRz4nT97RDaZx9Mc5Sdo9c/R
+7N7juzv/5XSQIRYp488dRYQOuej2QkdfDKHDBunwqa7shUpm+2NXouQbQqNi3Tkf
+NURyVFntX+tL014KdjNr0w5KZXAzCsHTie0ZPb9JMn4MQfzKcfHcLDtytiHxCE5M
+OjEpm6O4YDQgEoPvBXTvjD/SQu4JM+f4jRhPWFzdssuTEcyGy9po/0h2xoCP/exh
+e8EabVWhqSgz5UWAG1Wn1gLsFzQwR3fYy882OiRJ+uqisbi+QIsD5Dhgmxfo4Voo
+vUcvairFFdDwQp7nTwPL1p5iZ6u2OuZS/HI0d1Yj5p9aYpi6nZR+S+iJD0hBqtSw
+EHmmAFzGgTwDBJqHKzanwvsyiUeGP7lmd323M8ZcRKGvRBjH8Caa4vZpkcYaKGAV
+K/gDUr5vEUAfs30r0NC8cQpPLaLfkA/+tJOvSpRPiPkHk/I7xMq1bJ4zcdlqZ6CC
+5hw76litkmt2mFFCg0/JtApRQavIfoaEvwrqxwTxg29ZjvE2tWo8YhwPRf4mogjQ
+XsbgXLksXThVv5oVjhzKrrydwU1KNbzmmZNRWesFGYhq/aUCEmpROkhvcHqj7233
+6gjU8xeBTxbB1KZM3oT9R9JoH3CGYZmrAgMBAAGjggGKMIIBhjASBgNVHRMBAf8E
+CDAGAQH/AgEAMB0GA1UdDgQWBBSuupQzuu83TQvXGO9K5KENvAe2czAfBgNVHSME
+GDAWgBRRMxztNkCvF9MlzWlo8q9OIz6zQTAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMHoGCCsGAQUFBwEBBG4wbDAkBggrBgEF
+BQcwAYYYaHR0cDovL29jc3AuZGlnaWNlcnQuY29tMEQGCCsGAQUFBzAChjhodHRw
+Oi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0E0MDk2Um9vdEc1
+LmNydDBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3JsMy5kaWdpY2VydC5jb20v
+RGlnaUNlcnRUTFNSU0E0MDk2Um9vdEc1LmNybDA9BgNVHSAENjA0MAsGCWCGSAGG
+/WwCATAHBgVngQwBATAIBgZngQwBAgEwCAYGZ4EMAQICMAgGBmeBDAECAzANBgkq
+hkiG9w0BAQwFAAOCAgEAm5n6ds96TsvAgH4+P/HASmAPv4gJGTkgXjflouTbHJqx
+FAOsExKNfs0G7BlrdqcFnIOcNR20t0hDvikyZvLT9yBAJYB3uAoYZP/7HIkdkjQB
+1EfX2A9VLzEhAitWYnv4A1vwIVgI7nKaSTz2wGd0Be6cAu+4xxjKieCYAQduI14t
+ebbHEapLulqRuvemZc/dAIeAVVrC01GKhPkGrb2iAXCRmZzo9IYh59l4u8K9LoHb
+7Hf4Ff2uDUgIa1Zabg4wXjwYvoAhxPhRa/5lSn/tGCRg/JSpi3dF0Hry1EIueLL3
+q3QfX4kjs6qTqWSHGL98sLjWDowRQWDAbgjylkGAVZBG4aqvlgEhKCLNtgzdN250
+4XWLJbcCj1F1Bi+WoXSGlpm3x+1otDJgkSnCjXs0uRxrHsB8kWzMR+WpTROqsDVQ
+/9+NAbtkLNFc6RdRHPBnvNrah8Z8tfKcGJrzjncmyBae1BdFhZ09keXQ+Zj5Fu/o
+P8gHuJhmwIPsIE5tEs33q1BUXaP6vQU+v/lmvb6Vy2xj3U091m9cYSYt1xObnOLS
+HeL48nhq1fIhJQfXWX2neiOmZxeVi+g0nZ9Ws7MpARDSTBsR8NBsWBBVcmTUKJhv
+g/cqkTWFeprxB41VkxJc79K3VL8yo01JYIUfAiTwNecb6/mvBAV/yOzGCYSqff0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGrTCCBJWgAwIBAgIQDo0oQK5IJZBWGLOoqeF6RzANBgkqhkiG9w0BAQwFADBJ
+MQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xITAfBgNVBAMT
+GERpZ2lDZXJ0IFJTQTQwOTYgUm9vdCBHNTAeFw0yMTA0MTQwMDAwMDBaFw0zMTA0
+MTMyMzU5NTlaMFQxCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5j
+LjEsMCoGA1UEAxMjRGlnaUNlcnQgRzUgUlNBNDA5NiBTSEEzODQgMjAyMSBDQTEw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDCwLlUmeGwUTj93uzejg2I
+tHjaSqm+knZ8az09cBAZFLFU9sKDzBHgf43/GpIWIHGLDUGXXZkKtkjJhl6POqda
+XWt/4avSsQgkELz2uefSxhzELBl4o1U50EULTlri3zUBQ11Jr/hfJLxdMAJqKv21
+iVD8GfFDs12Hy08h7IxuA5ROVdBQS2OiU/6Vd4A3uVpzyjaxQsfAvkwz9+3jsozf
+G+kWW+6Fxa3Vt4EbX+3afaBLeIyBlQvPd3pUY8irY3T6MHlglEblraxyGZ3ifvFu
+Vt7S98D5+U4CMFzzGSzCCqMxTkgasTMhP8+PjXRN+mL56xyfw/uVmN9vRPqgbRUD
+g95zx+CRFXgpUQ8yslpl+ECSqCe0cYxm+jWz00VFWtUZAwpE4REGOVdmNGrfNR16
+h7dggpFVfeFy7qCwd9up/sWkBmkZB1zL9ENjg68EH5aEbh+jlbF6HuLv4+jibVlD
+/r+ZW/vJgnMXmUYW1gDl3L//vQ/V4ElqRYzxsSVsq3dwW0SYzI31PKFEb8sqI5IN
+P10MtFtZ1DgISF9I8LJ35dBDqguoonGC0/d+iq2S7ipcpFIo/u3tK/Nu0QvKMEN6
+Dlx6Yhssscj2PhiADKjhRnweWUj/2eKuX8Cb6UmXvh+R4Dm0iEIGop1/r37GUo0z
+nqNszrYZz1zd4GWG6puFWQIDAQABo4IBhDCCAYAwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAdBgNVHQ4EFgQUbYE39zhEfkdCe1al7Lt3ZyEJ9DwwHwYDVR0jBBgwFoAUYm23
+kU/E6qNiYI+g0L61jwZ8aAAwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjB3BggrBgEFBQcBAQRrMGkwJAYIKwYBBQUHMAGGGGh0
+dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBBBggrBgEFBQcwAoY1aHR0cDovL2NhY2Vy
+dHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0UlNBNDA5NlJvb3RHNS5jcnQwQwYDVR0f
+BDwwOjA4oDagNIYyaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0UlNB
+NDA5NlJvb3RHNS5jcmwwPQYDVR0gBDYwNDALBglghkgBhv1sAgEwBwYFZ4EMAQEw
+CAYGZ4EMAQIBMAgGBmeBDAECAjAIBgZngQwBAgMwDQYJKoZIhvcNAQEMBQADggIB
+AGHJE9aY60MSsfdEfqIcrdE0c1dXxis9E1l9at6g18Jpyc1C6PsUHdmo6rJWq8Xe
+NNPkD/4fKhJsrd9TRlUlpIgKiJZW1ituKHV6Ghm7DIRSyx0aMpP9NJ3heV3CIgZr
+MLtJEFuG5WfolWIfu7sle2lYjA3HxA/xQo803jGOhxbEDX/BTzHo/1X7YGvwpRqJ
++7J1B+2l+TA1r9vAlLfIDQRazVYRNxHpJDOwU0ffKaEPbRrgPtogO+8hLSml9Zoe
+Y8w94f31XbvBFxSbSVpX+/QctNdwx2VuIoRcT8WZ0lZ9aenna5q5AE1C8oTtbw2T
+qoz4NCaM5XPgjvb0DGPBeH8jWveNo1BmClQA2qYXL55f00m8AZ4Hf6oYANt/zbuM
+QPhAoSHWwW4V4Pug3XPXM70LlY50y9kPD/57eHryhO2oXQLLx+l6mg8xzL6vKsHT
+E30whFM32vVTpjejLZ9hJBAJURFaUrH2TZyAmoVbCNy50yuHYQ6FooYpbsbnpYPi
+KW/E9bc201rqm/GQOWJ4zOJ8a5Etn3zY+rlPaxjJvxc3pSMfgtwwrm9KGXHsI1Gf
+ULMwUbXclKV2qR8d6ECtUOIRxoQKutN85lmwB05yddu6uQQg0hHeaGFUk7EU90SV
+ib/FA/op9sXfS3CkOnHQISY0JbWxrzC6eHaKeQi6lR1I
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDITCCAqagAwIBAgINAhZoJeFwBEBhJJH1QDAKBggqhkjOPQQDAzBHMQswCQYD
+VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEUMBIG
+A1UEAxMLR1RTIFJvb3QgUjQwHhcNMjIxMDA1MDAwMDQyWhcNMjcwOTMwMDAwMDQy
+WjBGMQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2Vz
+IExMQzETMBEGA1UEAxMKR1RTIENBIDJQMjBZMBMGByqGSM49AgEGCCqGSM49AwEH
+A0IABKdQkzjAHqOUsb/TkH7cz5lRtD374tNZ8rYrCUb1mxypE+VmCb1Jgzq+93tR
+dE78GRzPI4+q6raha1TEyWgoniOjggF2MIIBcjAOBgNVHQ8BAf8EBAMCAYYwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0OBBYEFIcjqVBIDgeJVApxMPYz0gpH9p2sMB8GA1UdIwQYMBaAFIBM1ut0
+/0k2o9XY/LU+xWrwlB2MMGgGCCsGAQUFBwEBBFwwWjAmBggrBgEFBQcwAYYaaHR0
+cDovL29jc3AucGtpLmdvb2cvZ3RzcjQwMAYIKwYBBQUHMAKGJGh0dHA6Ly9wa2ku
+Z29vZy9yZXBvL2NlcnRzL2d0c3I0LmRlcjA0BgNVHR8ELTArMCmgJ6AlhiNodHRw
+Oi8vY3JsLnBraS5nb29nL2d0c3I0L2d0c3I0LmNybDBNBgNVHSAERjBEMAgGBmeB
+DAECATA4BgorBgEEAdZ5AgUDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vcGtpLmdv
+b2cvcmVwb3NpdG9yeS8wCgYIKoZIzj0EAwMDaQAwZgIxAMnbIiQb5fsdexUuVGoB
+MVwsDPGd7VC13Y0OBezt7FqFHDwqm8nnVdV/FkNyXNv9/AIxAN51NGqMcbexMOYK
+pLC0zXfjNwvqBsZhmzCCQIM6MVyBID0rjjxPu7laIaHqAu6T5Q==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDNDCCArmgAwIBAgIQYE2K+NALqHSLlVhTFyxfLjAKBggqhkjOPQQDAzBOMQsw
+CQYDVQQGEwJVUzEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMSUwIwYDVQQDDBxT
+U0wuY29tIFRMUyBFQ0MgUm9vdCBDQSAyMDIyMB4XDTIyMTAyMTE3MDIyM1oXDTM3
+MTAxNzE3MDIyMlowTzELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjEmMCQGA1UEAwwdU1NMLmNvbSBUTFMgVHJhbnNpdCBFQ0MgQ0EgUjIwdjAQ
+BgcqhkjOPQIBBgUrgQQAIgNiAARk532ZA1NckR7q+NgjraG/LOJjie8oaPbt1/Ds
+q2iudyvkdpcbUOvbWSgtb7g2uauNl8pMIp7uidkCP/16czqQjSvMLzo3g9oNtC1F
+G3NyCWVfeCE954tmP0f9CSnWFA+jggFZMIIBVTASBgNVHRMBAf8ECDAGAQH/AgEB
+MB8GA1UdIwQYMBaAFImPL6PoK6AUVHvzVrgmX2c4C5zQMEwGCCsGAQUFBwEBBEAw
+PjA8BggrBgEFBQcwAoYwaHR0cDovL2NlcnQuc3NsLmNvbS9TU0xjb20tVExTLVJv
+b3QtMjAyMi1FQ0MuY2VyMD8GA1UdIAQ4MDYwNAYEVR0gADAsMCoGCCsGAQUFBwIB
+Fh5odHRwczovL3d3dy5zc2wuY29tL3JlcG9zaXRvcnkwHQYDVR0lBBYwFAYIKwYB
+BQUHAwIGCCsGAQUFBwMBMEEGA1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9jcmxzLnNz
+bC5jb20vU1NMY29tLVRMUy1Sb290LTIwMjItRUNDLmNybDAdBgNVHQ4EFgQUMqLH
+2FiL/3/APPJVaTPszswfvJcwDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMDA2kA
+MGYCMQC4SkI+e2cts1nTN9MCRil97z624WxLAp94hT7tNZGPZLe9YiLIyzgKqW/b
+E0b2h9ACMQCvV5XMRcunAylQaCQc4J/GwR1p7yrPC0DRWWeyLAkQWi5Ylta9DxlX
+74QFFksFCP0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIGgjCCBGqgAwIBAgIQICgd04YXHr8FIEWzN/K9hjANBgkqhkiG9w0BAQsFADBO
+MQswCQYDVQQGEwJVUzEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMSUwIwYDVQQD
+DBxTU0wuY29tIFRMUyBSU0EgUm9vdCBDQSAyMDIyMB4XDTIyMTAyMTE3MDIzNloX
+DTM3MTAxNzE3MDIzNVowTzELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jw
+b3JhdGlvbjEmMCQGA1UEAwwdU1NMLmNvbSBUTFMgVHJhbnNpdCBSU0EgQ0EgUjIw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC6lZ8Z2WYAqAXZr43sbFCd
+az+5MU8liFkrqzD5CcOL8AOaKtB1Ggx5t8GjUibUAYvuCNXeUzd4awBM4ARRoWp8
+xzRI+AG9YxUH5lWtsmyhfyW4E7VvpRpi5s3tOyQVv8rCpdNB0R/HYM4+wPxigadb
+L2Cc46fTcbeV2MBPOc9lyVJASewIXQQhI0+CsKOVA4AD3Cj27QhnpvJONchn+hVg
+vTTDVSkmlrvaFjH3KPzEJsRIiv6Wyc1bpkDyV6+bPzkzXtntXhdXb/RrAcky7ldx
+N5I0xZd2ESfMUU6yQbqkIfAaBj1Uxd7y780ir5beWijPQU1VsU4NcEpxwQ8CkcFK
+7GosXIAOS1XhFbbO7QpfF6Nxe8QGAcC5Dx38f5vubR3PMheivltQSxlGJOhMlidq
+xehxbaxH47wRQoT2p/3MXHBDydUetOwJLlRxct6ms9px9qD8ubnUX4TmUc88tfWz
+FM8tWrKNrhQjo/GB/585rBv+MZ+8JwjySCjY0Tiy4WcwBo3sacCyXXWGoJH2hoq2
+QbVHW0QpQLSQ2wXClnyo6juVXRW++ZwtCu2MOx5xnadnqD2u/2fH+EAHsCplAtIC
+VR8j/GeFQGWbdPSXTUrSy0OKm9BiQjJ9GCw4eUZa8zYbOKnsFH+2NtZN4pYLP3M7
+wS8IWceGUEkSP5Izm+qWZwIDAQABo4IBWTCCAVUwEgYDVR0TAQH/BAgwBgEB/wIB
+ATAfBgNVHSMEGDAWgBT7Ljfu44R6Jy7NGTWxM3z/1ERCuTBMBggrBgEFBQcBAQRA
+MD4wPAYIKwYBBQUHMAKGMGh0dHA6Ly9jZXJ0LnNzbC5jb20vU1NMY29tLVRMUy1S
+b290LTIwMjItUlNBLmNlcjA/BgNVHSAEODA2MDQGBFUdIAAwLDAqBggrBgEFBQcC
+ARYeaHR0cHM6Ly93d3cuc3NsLmNvbS9yZXBvc2l0b3J5MB0GA1UdJQQWMBQGCCsG
+AQUFBwMCBggrBgEFBQcDATBBBgNVHR8EOjA4MDagNKAyhjBodHRwOi8vY3Jscy5z
+c2wuY29tL1NTTGNvbS1UTFMtUm9vdC0yMDIyLVJTQS5jcmwwHQYDVR0OBBYEFCFB
+NGOOHZEMw922JLCoh3uNZWAIMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsF
+AAOCAgEASMJp5E+woUa2Uu9yVvrR1tGxKKSGHsD7yw1vBNLsYeE1yi2yiBJ6FZ3D
+Q0RMyNIQ+9/ibKRXw6gdml7W19cWhcH+pegCWMKnmoDp7L2fgIcJ2a5nH23QMbXQ
+5D0qwZyxetXDLU+ejrhIvAemFVD/cyWmE4+D9olNeeTAXNB6XnMbjLKOHyDn7EqM
+x6rCOVgCHkM96hRlTpbsbXCMudpWKyxcKv2TbIIwhGITogPF/DDffWij1T//wJq5
+BzDac7SR4nHv1qn273hbF61asQT3IJNk32GQ1O7SrspLetSOMat1mxn6oZ0p7EBI
+b5iulITa70zlFnCExOAbxDU1wht31cMfvonZpJW9FVDc7y4qEDiH1LiMEEbruf4O
+3E2z184nnN7RGHfs1lUcfaMjlCQ77TjYALeErR+wuJPLsOw4ALABnY8vcLlCgFOL
+0DnWh3e5+Ya10HN7Z9igUcNYjlAFsfF/2O8OKNmaj+a7WwEhiP0xK8GhvCpWaUjn
+hWy1In/eZLpcKwP/UFuAwRQrOh4d2jgycI8nD6m9E/xwNCeD5ERAfsPq6U0oQ/VQ
+u/eC/UQzY34gcA2Y0o55QDUmNaHuTWX/C+uqG2KEwanQ5MYmKtMkhEtoL+RPXUuj
+LqqH8ax8mFQAxyKw0yLLnJTS676AI8rvB3PCmbSBfYA28zYw0ec=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIC5DCCAmqgAwIBAgIQLD+iaS9BE707f+W2BLSdTTAKBggqhkjOPQQDAzBPMQsw
+CQYDVQQGEwJVUzEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMSYwJAYDVQQDDB1T
+U0wuY29tIFRMUyBUcmFuc2l0IEVDQyBDQSBSMjAeFw0yMzEwMzExNzE3NDlaFw0z
+MzEwMjgxNzE3NDhaMFIxCzAJBgNVBAYTAlVTMRkwFwYDVQQKDBBDTE9VREZMQVJF
+LCBJTkMuMSgwJgYDVQQDDB9DbG91ZGZsYXJlIFRMUyBJc3N1aW5nIEVDQyBDQSAx
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEByHHIHytNSzTS+F3JA7hHMDGd2cp
+cY9i3MLTKmE6DJTKc6JwvW50pwKodvd2Qj4RAAy2jSejsVgw5jeh6syt3KOCASMw
+ggEfMBIGA1UdEwEB/wQIMAYBAf8CAQAwHwYDVR0jBBgwFoAUMqLH2FiL/3/APPJV
+aTPszswfvJcwSAYIKwYBBQUHAQEEPDA6MDgGCCsGAQUFBzAChixodHRwOi8vY2Vy
+dC5zc2wuY29tL1NTTC5jb20tVExTLVQtRUNDLVIyLmNlcjARBgNVHSAECjAIMAYG
+BFUdIAAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMD0GA1UdHwQ2MDQw
+MqAwoC6GLGh0dHA6Ly9jcmxzLnNzbC5jb20vU1NMLmNvbS1UTFMtVC1FQ0MtUjIu
+Y3JsMB0GA1UdDgQWBBScxAlyRxgXe6caibOSNdXhA4z+kjAOBgNVHQ8BAf8EBAMC
+AYYwCgYIKoZIzj0EAwMDaAAwZQIxAL0Sk3RweR6uG1aSHF3JgHQptubP9xoZyUmz
+HSa+SSdY5wTGSx5qAowrLPCpLio2PAIwXQGgYzf5QzD/1Bsu87WrUcIVtLixr5KQ
+wKBaFAyIJ7OOiWgW0HV/NA1UeuSe0zmN
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFUDCCAzigAwIBAgIQVd+QyTw1kJUIhgZviwCzbDANBgkqhkiG9w0BAQsFADBP
+MQswCQYDVQQGEwJVUzEYMBYGA1UECgwPU1NMIENvcnBvcmF0aW9uMSYwJAYDVQQD
+DB1TU0wuY29tIFRMUyBUcmFuc2l0IFJTQSBDQSBSMjAeFw0yMzEwMzExNzE4NTZa
+Fw0zMzEwMjgxNzE4NTVaMFIxCzAJBgNVBAYTAlVTMRkwFwYDVQQKDBBDTE9VREZM
+QVJFLCBJTkMuMSgwJgYDVQQDDB9DbG91ZGZsYXJlIFRMUyBJc3N1aW5nIFJTQSBD
+QSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4EBjvfL2f3hibzS
+R3cEvMRR1omxX/mrrPIEFhA7ybTrvBk/QCe29KDCQBlvxjAMdYuo3WawooMtAxZW
+5OEt+50/moVOgfDpGI57L0X5qL1Ci1FYDtNYXlH3HX9u31YWoyaIfPEic/SNuY4q
+lif+psVIWBn+DYpt3/yZNCfFAuETaSXy6pjV+0o7mWdZF5mpeGe/LA2aAz2i9BPa
+1PQy7HTCc0yLEkqIL9XDPZ32d0x/GuHeWSCRP+ODv39iwzT7o7GdR1g0CV8VnPZZ
+RkO6oAuRCsmQO+MgYXEFudj5MAutuTdX2Wq9BuE+dnTre1MVDZPUg+rSPrA44YI2
+2jUnhwIDAQABo4IBIzCCAR8wEgYDVR0TAQH/BAgwBgEB/wIBADAfBgNVHSMEGDAW
+gBQhQTRjjh2RDMPdtiSwqId7jWVgCDBIBggrBgEFBQcBAQQ8MDowOAYIKwYBBQUH
+MAKGLGh0dHA6Ly9jZXJ0LnNzbC5jb20vU1NMLmNvbS1UTFMtVC1SU0EtUjIuY2Vy
+MBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH
+AwEwPQYDVR0fBDYwNDAyoDCgLoYsaHR0cDovL2NybHMuc3NsLmNvbS9TU0wuY29t
+LVRMUy1ULVJTQS1SMi5jcmwwHQYDVR0OBBYEFAVttNnJWBfh0AGn9S8gakg9mvQX
+MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEANR6LWA13F8P6Nm2/
+8UpyUrnSm7Meh/QYCWKGW/c23q9/MtRh+GanyEWf94zNdDIZATOvyAZzIbRDuNV0
+//bHiRn0qjzsikap63YK6qVwAg/25iYKh1DeWWAkFs3XtpudhvZQ5YYlQEz7mD7+
+vXgQGl3DldryfZjMV9yKuEPo9obfdjuSU0vQOlct/UQU2seYhQXMfd0DqnFN4rZW
+yDSvGrflVFcK4kvxBCTEaAeWmevtEwMlTyu4L1EQvFT2gsnFEjqBr15VwTu3Jb5Y
+cB4d+H/DszM9PA3b2FvT9U6nd6ZwLfv9GHwnZr7hempe8ZJOUh9Owd1K3HEsszuP
+e+CyTuNeCHfE3ktu0nOEW5FYNaa88z8xGaIgmba95L35vFRahkzbFyGY9942tsDN
+Ktd1UmJuDCoz2NpB9QgK+viAoARxYniuWj4i0b/EWKy7+nTQWNH+MYp+iZuGyuL9
+o7nk0kM9SFB2U0d25LD0BVNI/6JpjX1TRAXDTcSh28AYiJg0ioJICOWXrQENYY6H
+2hfT2Abo1QP+NFfr3Tu0KtZTgkGx/5vO+T2akhQOKXFr6aMVNQ44BLhUgu7FaJsi
+H80kFZYIm9CzfnR0oQGZr+/jF2ttPm5hvApPGmbkfR/eweYpYZSz/52cwc50rdQy
+0kNwcFYebGYXu73qou65FGzSSx0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDejCCAmKgAwIBAgIQf+UwvzMTQ77dghYQST2KGzANBgkqhkiG9w0BAQsFADBX
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEQMA4GA1UE
+CxMHUm9vdCBDQTEbMBkGA1UEAxMSR2xvYmFsU2lnbiBSb290IENBMB4XDTIzMTEx
+NTAzNDMyMVoXDTI4MDEyODAwMDA0MlowRzELMAkGA1UEBhMCVVMxIjAgBgNVBAoT
+GUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBMTEMxFDASBgNVBAMTC0dUUyBSb290IFI0
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE83Rzp2iLYK5DuDXFgTB7S0md+8Fhzube
+Rr1r1WEYNa5A3XP3iZEwWus87oV8okB2O6nGuEfYKueSkWpz6bFyOZ8pn6KY019e
+WIZlD6GEZQbR3IvJx3PIjGov5cSr0R2Ko4H/MIH8MA4GA1UdDwEB/wQEAwIBhjAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDwYDVR0TAQH/BAUwAwEB/zAd
+BgNVHQ4EFgQUgEzW63T/STaj1dj8tT7FavCUHYwwHwYDVR0jBBgwFoAUYHtmGkUN
+l8qJUC99BM00qP/8/UswNgYIKwYBBQUHAQEEKjAoMCYGCCsGAQUFBzAChhpodHRw
+Oi8vaS5wa2kuZ29vZy9nc3IxLmNydDAtBgNVHR8EJjAkMCKgIKAehhxodHRwOi8v
+Yy5wa2kuZ29vZy9yL2dzcjEuY3JsMBMGA1UdIAQMMAowCAYGZ4EMAQIBMA0GCSqG
+SIb3DQEBCwUAA4IBAQAYQrsPBtYDh5bjP2OBDwmkoWhIDDkic574y04tfzHpn+cJ
+odI2D4SseesQ6bDrarZ7C30ddLibZatoKiws3UL9xnELz4ct92vID24FfVbiI1hY
++SW6FoVHkNeWIP0GCbaM4C6uVdF5dTUsMVs/ZbzNnIdCp5Gxmx5ejvEau8otR/Cs
+kGN+hr/W5GvT1tMBjgWKZ1i4//emhA1JG1BbPzoLJQvyEotc03lXjTaCzv8mEbep
+8RqZ7a2CPsgRbuvTPBwcOMBBmuFeU88+FSBX6+7iP0il8b4Z0QFqIwwMHfs/L6K1
+vepuoxtGzi4CZ68zJpiq1UvSqTbFJjtbD4seiMHl
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFATCCA+mgAwIBAgIQIrmxoS2R8YGtenttvrOOpzANBgkqhkiG9w0BAQsFADBd
+MQswCQYDVQQGEwJKUDElMCMGA1UEChMcU0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4s
+TFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNhdGlvbiBSb290Q0EyMB4X
+DTIzMTIxMzA2Mjg0NVoXDTI5MDUyOTA1MDAzOVowYTELMAkGA1UEBhMCSlAxIzAh
+BgNVBAoTGkN5YmVydHJ1c3QgSmFwYW4gQ28uLCBMdGQuMS0wKwYDVQQDEyRDeWJl
+cnRydXN0IEphcGFuIFN1cmVTZXJ2ZXIgRVYgQ0EgRzMwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDYmMs2IL6hXgb7zE6a/VjXorqu/FDKq/V1Y57gs/Q1
+9UN0mmuN+LZ+C1xPM9McRQ4qA9KTbz5EEGw1XOEcqgXHRzNzUdFJZEeNnfEba2Zg
+jtbPd3LIWywDuhh9piYQOuVI2DRLNxv5nhvxDO+n8YT5+dnL1jdHeCEj/utLE9CK
+iI8PvODDkOCnnfcb3oiLCPEEzogDlzkaErLbzrs0/mtwnJrRyR1nQc9nlD1Fy6qt
+XvlHQ4sjlnz7K41teEEbLROiMdaFDt5GyKvJ0hujtoR1Rx0iB/GC84h7HGupK/Bi
+ArC6TRJvZYw64FZN03CMf4cGW6CLPiwonHZ62BkDdcNHAgMBAAGjggG3MIIBszAd
+BgNVHQ4EFgQUgmx1XVP1RWm8JS2kTInmsrdBh6MwHwYDVR0jBBgwFoAUCoWpd2UF
+mHxAgfgPlyw48QrsPM8wEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMC
+AQYwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL3JlcG9zaXRvcnkuc2Vjb210cnVz
+dC5uZXQvU0MtUm9vdDIvU0NSb290MkNSTC5jcmwwWwYDVR0gBFQwUjAHBgVngQwB
+ATBHBgoqgwiMmxtkhVEBMDkwNwYIKwYBBQUHAgEWK2h0dHBzOi8vcmVwb3NpdG9y
+eS5zZWNvbXRydXN0Lm5ldC9TQy1Sb290Mi8wgYUGCCsGAQUFBwEBBHkwdzAwBggr
+BgEFBQcwAYYkaHR0cDovL3Njcm9vdGNhMi5vY3NwLnNlY29tdHJ1c3QubmV0MEMG
+CCsGAQUFBzAChjdodHRwOi8vcmVwb3NpdG9yeS5zZWNvbXRydXN0Lm5ldC9TQy1S
+b290Mi9TQ1Jvb3QyY2EuY2VyMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjANBgkqhkiG9w0BAQsFAAOCAQEAcr/yh9/+76PwMDluBP8hvn954FbK34U31c+j
+67e1MMK8hgrh+s2CIeSi5CbTR5N1IAdiTyvs/P8Zp7sXa/hxr3UJz91Wwn5xrqBF
+/1fK3pC1g+7yqCGW1/TpPcBKFF+hm4VuqBAkS0H2zrmb//UzP6I0a/qPEnhaO6d7
+7dLNs3bos/KGbxrsgKTPuPiJgsWy2rpQQDOfiQUfpLOQAR33Y5EDGN727r+bLvw8
+IX37KQG9dWpzel8uDnRyMcCHk/zFkAd0IOljbl/L6nx/jUbICZp5j1rV6K2G6XZZ
+Udpigo0bZ2KtHph3ZEmjZeT9Xr1hW2nO1wGbZVixtBGFMNc3Qw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICnzCCAiWgAwIBAgIQf/MZd5csIkp2FV0TttaF4zAKBggqhkjOPQQDAzBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjQwHhcNMjMxMjEzMDkwMDAwWhcNMjkwMjIwMTQw
+MDAwWjA7MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzMQwwCgYDVQQDEwNXRTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARvzTr+
+Z1dHTCEDhUDCR127WEcPQMFcF4XGGTfn1XzthkubgdnXGhOlCgP4mMTG6J7/EFmP
+LCaY9eYmJbsPAvpWo4H+MIH7MA4GA1UdDwEB/wQEAwIBhjAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU
+kHeSNWfE/6jMqeZ72YB5e8yT+TgwHwYDVR0jBBgwFoAUgEzW63T/STaj1dj8tT7F
+avCUHYwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzAChhhodHRwOi8vaS5wa2ku
+Z29vZy9yNC5jcnQwKwYDVR0fBCQwIjAgoB6gHIYaaHR0cDovL2MucGtpLmdvb2cv
+ci9yNC5jcmwwEwYDVR0gBAwwCjAIBgZngQwBAgEwCgYIKoZIzj0EAwMDaAAwZQIx
+AOcCq1HW90OVznX+0RGU1cxAQXomvtgM8zItPZCuFQ8jSBJSjz5keROv9aYsAm5V
+sQIwJonMaAFi54mrfhfoFNZEfuNMSQ6/bIBiNLiyoX46FohQvKeIoJ99cx7sUkFN
+7uJW
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFCzCCAvOgAwIBAgIQf9niwtIEigR0tieibQhopzANBgkqhkiG9w0BAQsFADBH
+MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM
+QzEUMBIGA1UEAxMLR1RTIFJvb3QgUjEwHhcNMjMxMjEzMDkwMDAwWhcNMjkwMjIw
+MTQwMDAwWjA7MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNl
+cnZpY2VzMQwwCgYDVQQDEwNXUjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDPbjYWircr7kaYAx1TcA937qNLoHK+jyMtwkfGj1yN+T3mGo7uMyINyRFI
+uLBizvRpDXICfd7VJg/DbpvPfg7XIM/GkDujggbaOp3/bFa/3OlhlEXkabxPD8kT
+wK1hRHIggdAPK55oamJqj4oiV3lpK+IkM352YyxdvFFpfiMHsf92gfHuuFi1azUV
+76HmSCg5lzHZBx+Vp56uz5i8no2KA+Gwl01Qb5NMSh/4233xkJkVf+OW7e4xgepy
+PVId3yVkpQtwqp7oqLlHyKdaECVgb0Lh1z/njwzwwoNGMyDmS3cEdqFop10VGO/Y
+KHc1rQ6tRuRibuKq+MzvN34PJrMHAgMBAAGjgf4wgfswDgYDVR0PAQH/BAQDAgGG
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdDgQWBBRmaUnU3iqckQPPiQ4kuA4wA26ILjAfBgNVHSMEGDAWgBTk
+rysmcRorSCeFL1JmLO/wiRNxPjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAKG
+GGh0dHA6Ly9pLnBraS5nb29nL3IxLmNydDArBgNVHR8EJDAiMCCgHqAchhpodHRw
+Oi8vYy5wa2kuZ29vZy9yL3IxLmNybDATBgNVHSAEDDAKMAgGBmeBDAECATANBgkq
+hkiG9w0BAQsFAAOCAgEATuazCBEgkWAn+VGQTQIY7rjBidUihJfm1t/mTjo7KQR+
+3iDx4o2L06oeF0Q3wpKYpQgI/TeMqUlYMWQmZbWPE0PX8pfsVAE5E5tVOjh34bNA
+JwDPVnsZVJwzN3nw5BGQ7sxRspFzIcM/qbbTpNeXf9II4Wsk2+Tv6FSVFZUL3/0u
+HradbruDWjRQ4IZ7mYqKiEqk08dpOZ+TmBzwykEGy1/IXberb6Ap1SSnn2+RI7t6
+N/fqPCrwwFjp8kg1G6etRATGBaPYCx+GjJMFPX+k97Alvoj3/98SvqdegLPYEPjv
+xUclHpiKLD63NMmVarVQddIL6kOvTe5k0pnxRnR+mndGHIQc77TLbcZFeja56Pyn
+lSqmer578c7CBrPqo1BVmPyWUK+v6sGuzs7Mq7QQaxVs4710cI/MpPp1ovxMVt17
+ENKxLk34LpEKAKVmqwnzbHHRjhXNeCC984XDOwLEp0K4MzHl8ZOWJQAakCdVlFC+
+PyA3GP2JX/QLoqWNHGuN9c9vLObDhHVs/L+65De+OdnnjpFGI9xxtsNyRsyaHdFA
+f5z7ulOoXDXkHCCej/Ehs5docReNt16W2xbH/EBuirJrOzFE2rtALxksl1TdEjOf
+IKXOJfUqQeVI5+hA7V+n1+A/n7Npg0S+5ODytWh5XW54ccN1drJnMK54ttozh0c=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICljCCAhugAwIBAgIQf/Tlzjamofpe4ZFsCNObfDAKBggqhkjOPQQDAzBHMQsw
+CQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzEU
+MBIGA1UEAxMLR1RTIFJvb3QgUjQwHhcNMjMxMjEzMDkwMDAwWhcNMjkwMjIwMTQw
+MDAwWjA7MQswCQYDVQQGEwJVUzEeMBwGA1UEChMVR29vZ2xlIFRydXN0IFNlcnZp
+Y2VzMQwwCgYDVQQDEwNBRTEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR9Clzb
+GcDZDNJ5v+Jo/EXiF/q+TVkbiR3KwDlvjO3AR6EviCv1zDSG9ZtRjQwwV/HYAWTb
+lGC54Faji+ZJgGqqo4H0MIHxMA4GA1UdDwEB/wQEAwIBhjATBgNVHSUEDDAKBggr
+BgEFBQcDATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBRIiWD5o30M6gAk
+otyfB85GiKgyOjAfBgNVHSMEGDAWgBSATNbrdP9JNqPV2Py1PsVq8JQdjDA0Bggr
+BgEFBQcBAQQoMCYwJAYIKwYBBQUHMAKGGGh0dHA6Ly9pLnBraS5nb29nL3I0LmNy
+dDArBgNVHR8EJDAiMCCgHqAchhpodHRwOi8vYy5wa2kuZ29vZy9yL3I0LmNybDAT
+BgNVHSAEDDAKMAgGBmeBDAECATAKBggqhkjOPQQDAwNpADBmAjEAmdMod3458+nB
+HDNg8KNDbxBK27go5UPnjRbgl/QweOAgXHA8hFzoCYMp8QlSzjwrAjEA+Vf20EHl
+KBYnP1hBSz11CIZ1MTXazV+wEL1Ep45WDR1/Pb3+QzLbviujkatk3MMe
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEVzCCAj+gAwIBAgIRAIOPbGPOsTmMYgZigxXJ/d4wDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCRTUwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNCzqK
+a2GOtu/cX1jnxkJFVKtj9mZhSAouWXW0gQI3ULc/FnncmOyhKJdyIBwsz9V8UiBO
+VHhbhBRrwJCuhezAUUE8Wod/Bk3U/mDR+mwt4X2VEIiiCFQPmRpM5uoKrNijgfgw
+gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSfK1/PPCFPnQS37SssxMZw
+i9LXDTAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
+AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
+BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
+Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAH3KdNEVCQdqk0LKyuNImTKdRJY1C
+2uw2SJajuhqkyGPY8C+zzsufZ+mgnhnq1A2KVQOSykOEnUbx1cy637rBAihx97r+
+bcwbZM6sTDIaEriR/PLk6LKs9Be0uoVxgOKDcpG9svD33J+G9Lcfv1K9luDmSTgG
+6XNFIN5vfI5gs/lMPyojEMdIzK9blcl2/1vKxO8WGCcjvsQ1nJ/Pwt8LQZBfOFyV
+XP8ubAp/au3dc4EKWG9MO5zcx1qT9+NXRGdVWxGvmBFRAajciMfXME1ZuGmk3/GO
+koAM7ZkjZmleyokP1LGzmfJcUd9s7eeu1/9/eg5XlXd/55GtYjAM+C4DG5i7eaNq
+cm2F+yxYIPt6cbbtYVNJCGfHWqHEQ4FYStUyFnv8sjyqU8ypgZaNJ9aVcWSICLOI
+E1/Qv/7oKsnZCWJ926wU6RqG1OYPGOi1zuABhLw61cuPVDT28nQS/e6z95cJXq0e
+K1BcaJ6fJZsmbjRgD5p3mvEf5vdQM7MCEvU0tHbsx2I5mHHJoABHb8KVBgWp/lcX
+GWiWaeOyB7RP+OfDtvi2OsapxXiV7vNVs7fMlrRjY1joKaqmmycnBvAq14AEbtyL
+sVfOS66B8apkeFX2NY4XPEYV4ZSCe8VHPrdrERk2wILG3T/EGmSIkCYVUMSnjmJd
+VQD9F6Na/+zmXCc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEVzCCAj+gAwIBAgIRALBXPpFzlydw27SHyzpFKzgwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCRTYwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAATZ8Z5G
+h/ghcWCoJuuj+rnq2h25EqfUJtlRFLFhfHWWvyILOR/VvtEKRqotPEoJhC6+QJVV
+6RlAN2Z17TJOdwRJ+HB7wxjnzvdxEP6sdNgA1O1tHHMWMxCcOrLqbGL0vbijgfgw
+gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSTJ0aYA6lRaI6Y1sRCSNsj
+v1iU0jAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
+AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
+BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
+Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAfYt7SiA1sgWGCIpunk46r4AExIRc
+MxkKgUhNlrrv1B21hOaXN/5miE+LOTbrcmU/M9yvC6MVY730GNFoL8IhJ8j8vrOL
+pMY22OP6baS1k9YMrtDTlwJHoGby04ThTUeBDksS9RiuHvicZqBedQdIF65pZuhp
+eDcGBcLiYasQr/EO5gxxtLyTmgsHSOVSBcFOn9lgv7LECPq9i7mfH3mpxgrRKSxH
+pOoZ0KXMcB+hHuvlklHntvcI0mMMQ0mhYj6qtMFStkF1RpCG3IPdIwpVCQqu8GV7
+s8ubknRzs+3C/Bm19RFOoiPpDkwvyNfvmQ14XkyqqKK5oZ8zhD32kFRQkxa8uZSu
+h4aTImFxknu39waBxIRXE4jKxlAmQc4QjFZoq1KmQqQg0J/1JF8RlFvJas1VcjLv
+YlvUB2t6npO6oQjB3l+PNf0DpQH7iUx3Wz5AjQCi6L25FjyE06q6BZ/QlmtYdl/8
+ZYao4SRqPEs/6cAiF+Qf5zg2UkaWtDphl1LKMuTNLotvsX99HP69V2faNyegodQ0
+LyTApr/vT01YPE46vNsDLgK+4cL6TrzC/a4WcmF5SRJ938zrv/duJHLXQIku5v0+
+EwOy59Hdm0PT/Er/84dDV0CSjdR/2XuZM3kpysSKLgD1cKiDA+IRguODCxfO9cyY
+Ig46v9mFmBvyH04=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEVzCCAj+gAwIBAgIRAKp18eYrjwoiCWbTi7/UuqEwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDELMAkGA1UEAxMCRTcwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARB6AST
+CFh/vjcwDMCgQer+VtqEkz7JANurZxLP+U9TCeioL6sp5Z8VRvRbYk4P1INBmbef
+QHJFHCxcSjKmwtvGBWpl/9ra8HW0QDsUaJW2qOJqceJ0ZVFT3hbUHifBM/2jgfgw
+gfUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcD
+ATASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBSuSJ7chx1EoG/aouVgdAR4
+wpwAgDAfBgNVHSMEGDAWgBR5tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcB
+AQQmMCQwIgYIKwYBBQUHMAKGFmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0g
+BAwwCjAIBgZngQwBAgEwJwYDVR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVu
+Y3Iub3JnLzANBgkqhkiG9w0BAQsFAAOCAgEAjx66fDdLk5ywFn3CzA1w1qfylHUD
+aEf0QZpXcJseddJGSfbUUOvbNR9N/QQ16K1lXl4VFyhmGXDT5Kdfcr0RvIIVrNxF
+h4lqHtRRCP6RBRstqbZ2zURgqakn/Xip0iaQL0IdfHBZr396FgknniRYFckKORPG
+yM3QKnd66gtMst8I5nkRQlAg/Jb+Gc3egIvuGKWboE1G89NTsN9LTDD3PLj0dUMr
+OIuqVjLB8pEC6yk9enrlrqjXQgkLEYhXzq7dLafv5Vkig6Gl0nuuqjqfp0Q1bi1o
+yVNAlXe6aUXw92CcghC9bNsKEO1+M52YY5+ofIXlS/SEQbvVYYBLZ5yeiglV6t3S
+M6H+vTG0aP9YHzLn/KVOHzGQfXDP7qM5tkf+7diZe7o2fw6O7IvN6fsQXEQQj8TJ
+UXJxv2/uJhcuy/tSDgXwHM8Uk34WNbRT7zGTGkQRX0gsbjAea/jYAoWv0ZvQRwpq
+Pe79D/i7Cep8qWnA+7AE/3B3S/3dEEYmc0lpe1366A/6GEgk3ktr9PEoQrLChs6I
+tu3wnNLB2euC8IKGLQFpGtOO/2/hiAKjyajaBP25w1jF0Wl8Bbqne3uZ2q1GyPFJ
+YRmT7/OXpmOH/FVLtwS+8ng1cAmpCujPwteJZNcDG0sF2n/sc0+SQf49fdyUK0ty
++VUwFj9tmWxyR/M=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEVjCCAj6gAwIBAgIQY5WTY8JOcIJxWRi/w9ftVjANBgkqhkiG9w0BAQsFADBP
+MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy
+Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa
+Fw0yNzAzMTIyMzU5NTlaMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF
+bmNyeXB0MQswCQYDVQQDEwJFODB2MBAGByqGSM49AgEGBSuBBAAiA2IABNFl8l7c
+S7QMApzSsvru6WyrOq44ofTUOTIzxULUzDMMNMchIJBwXOhiLxxxs0LXeb5GDcHb
+R6EToMffgSZjO9SNHfY9gjMy9vQr5/WWOrQTZxh7az6NSNnq3u2ubT6HTKOB+DCB
+9TAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFI8NE6L2Ln7RUGwzGDhdWY4j
+cpHKMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEB
+BCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzATBgNVHSAE
+DDAKMAgGBmeBDAECATAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5j
+ci5vcmcvMA0GCSqGSIb3DQEBCwUAA4ICAQBnE0hGINKsCYWi0Xx1ygxD5qihEjZ0
+RI3tTZz1wuATH3ZwYPIp97kWEayanD1j0cDhIYzy4CkDo2jB8D5t0a6zZWzlr98d
+AQFNh8uKJkIHdLShy+nUyeZxc5bNeMp1Lu0gSzE4McqfmNMvIpeiwWSYO9w82Ob8
+otvXcO2JUYi3svHIWRm3+707DUbL51XMcY2iZdlCq4Wa9nbuk3WTU4gr6LY8MzVA
+aDQG2+4U3eJ6qUF10bBnR1uuVyDYs9RhrwucRVnfuDj29CMLTsplM5f5wSV5hUpm
+Uwp/vV7M4w4aGunt74koX71n4EdagCsL/Yk5+mAQU0+tue0JOfAV/R6t1k+Xk9s2
+HMQFeoxppfzAVC04FdG9M+AC2JWxmFSt6BCuh3CEey3fE52Qrj9YM75rtvIjsm/1
+Hl+u//Wqxnu1ZQ4jpa+VpuZiGOlWrqSP9eogdOhCGisnyewWJwRQOqK16wiGyZeR
+xs/Bekw65vwSIaVkBruPiTfMOo0Zh4gVa8/qJgMbJbyrwwG97z/PRgmLKCDl8z3d
+tA0Z7qq7fta0Gl24uyuB05dqI5J1LvAzKuWdIjT1tP8qCoxSE/xpix8hX2dt3h+/
+jujUgFPFZ0EVZ0xSyBNRF3MboGZnYXFUxpNjTWPKpagDHJQmqrAcDmWJnMsFY3jS
+u1igv3OefnWjSQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEVjCCAj6gAwIBAgIQPxMQ4JDWqro5xbc4i97cEzANBgkqhkiG9w0BAQsFADBP
+MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy
+Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa
+Fw0yNzAzMTIyMzU5NTlaMDIxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF
+bmNyeXB0MQswCQYDVQQDEwJFOTB2MBAGByqGSM49AgEGBSuBBAAiA2IABKBc3EWf
+O6zmAqlYSV0MFToiAnzppo1ZSJfbXGjprjBkydFbYBekcgrlJEmt5787R4P1grbP
+tgd3oUBlfoMzWHihpjXWkojvlceMmUYqvVbQc39pCD3RiYjDCr7WpuIqc6OB+DCB
+9TAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFF130U2sTSJ4WbKGWY5DHLdk
+WRNBMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEB
+BCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzATBgNVHSAE
+DDAKMAgGBmeBDAECATAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5j
+ci5vcmcvMA0GCSqGSIb3DQEBCwUAA4ICAQBXnLSlc0Gensx9lwlwHOuj6gafwSHI
+Ex4AhPjD6aMOCfuMP5iEn3Mb1QadTZafQ075SWQo1npjZyaH5M1N8cewGo2/2fjc
+z+2joCAeXBxTAbIiOIbaJwjgeUXQAFtpb7OffZdj7fmN5dAplWuau3ssY7vhmMfI
+zxMW7ILj0Uwj99AGtg6YQmo5UVFJbLu41sTpLXFP4eeI5L+cbsHxgMnXaHB7G1Wl
+Htlyp2iDlfzHdR28GBf05Ztex/S/kwFP3TUD5udUpaGZ/wAM8Vz0PnES0YN9Pwkg
+fz1kxBO37E1nmGtF8mBVzBvGAiVL2AfgDn6eaKuerWrbtXEBCp0JawPcJRYRRu3e
+lp1fqkvihMKBwXwA4xjM4BOvbGDPr9zkFN8NTwvL2sOuLDRlX6ZV6ILJ3uEMuJ17
+8b+fUymtArsbbSsbcCW8yb95gy9corS6RLCND8GU5+ampNzgNx0+PP7QFP4/eqLC
+68CJNOctb5eDwbGsmF1vrfltenYU375le6FZILjP8O69hD3BPrNIie8VlrqBSiDg
+M+ZF/E4uwcNxU62tYmKs9/WZyMJAR084fkEwXOw322x6OCwzyemZVq3kYKFg0y/m
+E9NYU8ijBkUBB3uW1AC4btGCOSo9cnEz9TlRO1HOo7DMZkuuz5K0Rcal0LGLL11d
+KsApwwSJLRbh7A==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFBTCCAu2gAwIBAgIQS6hSk/eaL6JzBkuoBI110DANBgkqhkiG9w0BAQsFADBP
+MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy
+Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa
+Fw0yNzAzMTIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF
+bmNyeXB0MQwwCgYDVQQDEwNSMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDPV+XmxFQS7bRH/sknWHZGUCiMHT6I3wWd1bUYKb3dtVq/+vbOo76vACFL
+YlpaPAEvxVgD9on/jhFD68G14BQHlo9vH9fnuoE5CXVlt8KvGFs3Jijno/QHK20a
+/6tYvJWuQP/py1fEtVt/eA0YYbwX51TGu0mRzW4Y0YCF7qZlNrx06rxQTOr8IfM4
+FpOUurDTazgGzRYSespSdcitdrLCnF2YRVxvYXvGLe48E1KGAdlX5jgc3421H5KR
+mudKHMxFqHJV8LDmowfs/acbZp4/SItxhHFYyTr6717yW0QrPHTnj7JHwQdqzZq3
+DZb3EoEmUVQK7GH29/Xi8orIlQ2NAgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgGG
+MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdDgQWBBS7vMNHpeS8qcbDpHIMEI2iNeHI6DAfBgNVHSMEGDAWgBR5
+tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKG
+Fmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0gBAwwCjAIBgZngQwBAgEwJwYD
+VR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0B
+AQsFAAOCAgEAkrHnQTfreZ2B5s3iJeE6IOmQRJWjgVzPw139vaBw1bGWKCIL0vIo
+zwzn1OZDjCQiHcFCktEJr59L9MhwTyAWsVrdAfYf+B9haxQnsHKNY67u4s5Lzzfd
+u6PUzeetUK29v+PsPmI2cJkxp+iN3epi4hKu9ZzUPSwMqtCceb7qPVxEbpYxY1p9
+1n5PJKBLBX9eb9LU6l8zSxPWV7bK3lG4XaMJgnT9x3ies7msFtpKK5bDtotij/l0
+GaKeA97pb5uwD9KgWvaFXMIEt8jVTjLEvwRdvCn294GPDF08U8lAkIv7tghluaQh
+1QnlE4SEN4LOECj8dsIGJXpGUk3aU3KkJz9icKy+aUgA+2cP21uh6NcDIS3XyfaZ
+QjmDQ993ChII8SXWupQZVBiIpcWO4RqZk3lr7Bz5MUCwzDIA359e57SSq5CCkY0N
+4B6Vulk7LktfwrdGNVI5BsC9qqxSwSKgRJeZ9wygIaehbHFHFhcBaMDKpiZlBHyz
+rsnnlFXCb5s8HKn5LsUgGvB24L7sGNZP2CX7dhHov+YhD+jozLW2p9W4959Bz2Ei
+RmqDtmiXLnzqTpXbI+suyCsohKRg6Un0RC47+cpiVwHiXZAW+cn8eiNIjqbVgXLx
+KPpdzvvtTnOPlC7SQZSYmdunr3Bf9b77AiC/ZidstK36dRILKz7OA54=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFBjCCAu6gAwIBAgIRAIp9PhPWLzDvI4a9KQdrNPgwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAzMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDEMMAoGA1UEAxMDUjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAuoe8XBsAOcvKCs3UZxD5ATylTqVhyybKUvsVAbe5KPUoHu0nsyQYOWcJ
+DAjs4DqwO3cOvfPlOVRBDE6uQdaZdN5R2+97/1i9qLcT9t4x1fJyyXJqC4N0lZxG
+AGQUmfOx2SLZzaiSqhwmej/+71gFewiVgdtxD4774zEJuwm+UE1fj5F2PVqdnoPy
+6cRms+EGZkNIGIBloDcYmpuEMpexsr3E+BUAnSeI++JjF5ZsmydnS8TbKF5pwnnw
+SVzgJFDhxLyhBax7QG0AtMJBP6dYuC/FXJuluwme8f7rsIU5/agK70XEeOtlKsLP
+Xzze41xNG/cLJyuqC0J3U095ah2H2QIDAQABo4H4MIH1MA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUxc9GpOr0w8B6bJXELbBeki8m47kwHwYDVR0jBBgwFoAU
+ebRZ5nu25eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAC
+hhZodHRwOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcG
+A1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcN
+AQELBQADggIBAE7iiV0KAxyQOND1H/lxXPjDj7I3iHpvsCUf7b632IYGjukJhM1y
+v4Hz/MrPU0jtvfZpQtSlET41yBOykh0FX+ou1Nj4ScOt9ZmWnO8m2OG0JAtIIE38
+01S0qcYhyOE2G/93ZCkXufBL713qzXnQv5C/viOykNpKqUgxdKlEC+Hi9i2DcaR1
+e9KUwQUZRhy5j/PEdEglKg3l9dtD4tuTm7kZtB8v32oOjzHTYw+7KdzdZiw/sBtn
+UfhBPORNuay4pJxmY/WrhSMdzFO2q3Gu3MUBcdo27goYKjL9CTF8j/Zz55yctUoV
+aneCWs/ajUX+HypkBTA+c8LGDLnWO2NKq0YD/pnARkAnYGPfUDoHR9gVSp/qRx+Z
+WghiDLZsMwhN1zjtSC0uBWiugF3vTNzYIEFfaPG7Ws3jDrAMMYebQ95JQ+HIBD/R
+PBuHRTBpqKlyDnkSHDHYPiNX3adPoPAcgdF3H2/W0rmoswMWgTlLn1Wu0mrks7/q
+pdWfS6PJ1jty80r2VKsM/Dj3YIDfbjXKdaFU5C+8bhfJGqU3taKauuz0wHVGT3eo
+6FlWkWYtbt4pgdamlwVeZEW+LM7qZEJEsMNPrfC03APKmZsJgpWCDWOKZvkZcvjV
+uYkQ4omYCTX5ohy+knMjdOmdH9c7SpqEWBDC86fiNex+O0XOMEZSa8DA
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFBjCCAu6gAwIBAgIRAMISMktwqbSRcdxA9+KFJjwwDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAzMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDEMMAoGA1UEAxMDUjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEA2pgodK2+lP474B7i5Ut1qywSf+2nAzJ+Npfs6DGPpRONC5kuHs0BUT1M
+5ShuCVUxqqUiXXL0LQfCTUA83wEjuXg39RplMjTmhnGdBO+ECFu9AhqZ66YBAJpz
+kG2Pogeg0JfT2kVhgTU9FPnEwF9q3AuWGrCf4yrqvSrWmMebcas7dA8827JgvlpL
+Thjp2ypzXIlhZZ7+7Tymy05v5J75AEaz/xlNKmOzjmbGGIVwx1Blbzt05UiDDwhY
+XS0jnV6j/ujbAKHS9OMZTfLuevYnnuXNnC2i8n+cF63vEzc50bTILEHWhsDp7CH4
+WRt/uTp8n1wBnWIEwii9Cq08yhDsGwIDAQABo4H4MIH1MA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQUALUp8i2ObzHom0yteD763OkM0dIwHwYDVR0jBBgwFoAU
+ebRZ5nu25eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAC
+hhZodHRwOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcG
+A1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcN
+AQELBQADggIBAI910AnPanZIZTKS3rVEyIV29BWEjAK/duuz8eL5boSoVpHhkkv3
+4eoAeEiPdZLj5EZ7G2ArIK+gzhTlRQ1q4FKGpPPaFBSpqV/xbUb5UlAXQOnkHn3m
+FVj+qYv87/WeY+Bm4sN3Ox8BhyaU7UAQ3LeZ7N1X01xxQe4wIAAE3JVLUCiHmZL+
+qoCUtgYIFPgcg350QMUIWgxPXNGEncT921ne7nluI02V8pLUmClqXOsCwULw+PVO
+ZCB7qOMxxMBoCUeL2Ll4oMpOSr5pJCpLN3tRA2s6P1KLs9TSrVhOk+7LX28NMUlI
+usQ/nxLJID0RhAeFtPjyOCOscQBA53+NRjSCak7P4A5jX7ppmkcJECL+S0i3kXVU
+y5Me5BbrU8973jZNv/ax6+ZK6TM8jWmimL6of6OrX7ZU6E2WqazzsFrLG3o2kySb
+zlhSgJ81Cl4tv3SbYiYXnJExKQvzf83DYotox3f0fwv7xln1A2ZLplCb0O+l/AK0
+YE0DS2FPxSAHi0iwMfW2nNHJrXcY3LLHD77gRgje4Eveubi2xxa+Nmk/hmhLdIET
+iVDFanoCrMVIpQ59XWHkzdFmoHXHBV7oibVjGSO7ULSQ7MJ1Nz51phuDJSgAIU7A
+0zrLnOrAj/dfrlEWRhCvAgbuwLZX1A2sjNjXoPOHbsPiy+lO1KF8/XY7
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFBTCCAu2gAwIBAgIQWgDyEtjUtIDzkkFX6imDBTANBgkqhkiG9w0BAQsFADBP
+MQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFy
+Y2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBYMTAeFw0yNDAzMTMwMDAwMDBa
+Fw0yNzAzMTIyMzU5NTlaMDMxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBF
+bmNyeXB0MQwwCgYDVQQDEwNSMTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQClZ3CN0FaBZBUXYc25BtStGZCMJlA3mBZjklTb2cyEBZPs0+wIG6BgUUNI
+fSvHSJaetC3ancgnO1ehn6vw1g7UDjDKb5ux0daknTI+WE41b0VYaHEX/D7YXYKg
+L7JRbLAaXbhZzjVlyIuhrxA3/+OcXcJJFzT/jCuLjfC8cSyTDB0FxLrHzarJXnzR
+yQH3nAP2/Apd9Np75tt2QnDr9E0i2gB3b9bJXxf92nUupVcM9upctuBzpWjPoXTi
+dYJ+EJ/B9aLrAek4sQpEzNPCifVJNYIKNLMc6YjCR06CDgo28EdPivEpBHXazeGa
+XP9enZiVuppD0EqiFwUBBDDTMrOPAgMBAAGjgfgwgfUwDgYDVR0PAQH/BAQDAgGG
+MB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATASBgNVHRMBAf8ECDAGAQH/
+AgEAMB0GA1UdDgQWBBTnq58PLDOgU9NeT3jIsoQOO9aSMzAfBgNVHSMEGDAWgBR5
+tFnme7bl5AFzgAiIyBpY9umbbjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUHMAKG
+Fmh0dHA6Ly94MS5pLmxlbmNyLm9yZy8wEwYDVR0gBAwwCjAIBgZngQwBAgEwJwYD
+VR0fBCAwHjAcoBqgGIYWaHR0cDovL3gxLmMubGVuY3Iub3JnLzANBgkqhkiG9w0B
+AQsFAAOCAgEAUTdYUqEimzW7TbrOypLqCfL7VOwYf/Q79OH5cHLCZeggfQhDconl
+k7Kgh8b0vi+/XuWu7CN8n/UPeg1vo3G+taXirrytthQinAHGwc/UdbOygJa9zuBc
+VyqoH3CXTXDInT+8a+c3aEVMJ2St+pSn4ed+WkDp8ijsijvEyFwE47hulW0Ltzjg
+9fOV5Pmrg/zxWbRuL+k0DBDHEJennCsAen7c35Pmx7jpmJ/HtgRhcnz0yjSBvyIw
+6L1QIupkCv2SBODT/xDD3gfQQyKv6roV4G2EhfEyAsWpmojxjCUCGiyg97FvDtm/
+NK2LSc9lybKxB73I2+P2G3CaWpvvpAiHCVu30jW8GCxKdfhsXtnIy2imskQqVZ2m
+0Pmxobb28Tucr7xBK7CtwvPrb79os7u2XP3O5f9b/H66GNyRrglRXlrYjI1oGYL/
+f4I1n/Sgusda6WvA6C190kxjU15Y12mHU4+BxyR9cx2hhGS9fAjMZKJss28qxvz6
+Axu4CaDmRNZpK/pQrXF17yXCXkmEWgvSOEZy6Z9pcbLIVEGckV/iVeq0AOo2pkg9
+p4QRIy0tK2diRENLSF2KysFwbY6B26BFeFs3v1sYVRhFW9nLkOrQVporCS0KyZmf
+wVD89qSTlnctLcZnIavjKsKUu1nA1iU0yYMdYepKR7lWbnwhdx3ewok=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFBjCCAu6gAwIBAgIRAL7zc3iocCqewKR6uSGlBqswDQYJKoZIhvcNAQELBQAw
+TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
+cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjQwMzEzMDAwMDAw
+WhcNMjcwMzEyMjM1OTU5WjAzMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3Mg
+RW5jcnlwdDEMMAoGA1UEAxMDUjE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAzWhUbJkv1MTfFF7ihLylp5jaitXVng6yEeruE71/c0TLq/bZ438PLiPN
+r3I1qp66HaqOANbQ6ETg0SjuBbWng7VLHG4M1vQnx40EyXb4MnqeiwIucbyfEras
+GfTsS7E0ulC7uJ3G80OeAGQl76Rvq/qOYOR8n9VofZfbSKiQkHjUE4yP18YKub7E
+y8L0i7+WibZd7OYLtcGDxZwgr56r5iSYSVFl6c4ihop2I81g2BkBGPYLygDSktVW
+Vz1/cnjHH+u7ubt5hhlw/GwsOaJfIjrFhw3KafQJyvJxanpfCSSTShzR9whLTSKV
+lH2A1761dHaceWkBRqcV3HkuFIGIlQIDAQABo4H4MIH1MA4GA1UdDwEB/wQEAwIB
+hjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwEgYDVR0TAQH/BAgwBgEB
+/wIBADAdBgNVHQ4EFgQU5RCV2LYMUdencjVjClRobgZT+PswHwYDVR0jBBgwFoAU
+ebRZ5nu25eQBc4AIiMgaWPbpm24wMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzAC
+hhZodHRwOi8veDEuaS5sZW5jci5vcmcvMBMGA1UdIAQMMAowCAYGZ4EMAQIBMCcG
+A1UdHwQgMB4wHKAaoBiGFmh0dHA6Ly94MS5jLmxlbmNyLm9yZy8wDQYJKoZIhvcN
+AQELBQADggIBACA3LtFXH8eQXLovPGzp7c2XE0/jmEp7tokiecuSdHfIUoMMYLjI
+TpCNbi92Czp+qraLmp0eLy6QEE5wnvMe5f9fgE24yk8EpsLw0JEr9L8tqWUXC1Kp
+jsT3ydhbWR70i4gElBvXnjGJc6HnU80veqABHEOU8TuAVwerBqH479ZLZSX+ezAf
+n9QcYiU9r8kVMbeSoSiQY39L6QK/3w4lmMZ9XoGM+9YhJldIbpBNgikoNgcOp3ya
+QxsfsE6ixjBZ/G6OSdi7KY41a/QdzeIiSy4dDV8R4pYF9FEhogpU/T/fD9tE7gEO
+81vGLOyhUSlI2EzsJeH0lAt9NIN5CPtcooj9ZV3gkuYwhQMdhiBM/giI1CX+3JUh
+w6zKwXr3EjiY4Emw12U6ACaMSJxFxakt1zjmBn/DNgx0rP4WyeSJrewrQsYjW9Us
+bpO7GGrbADy72exibqrULU3Hp/PWHdXn+j3dKweU5ZL5li67ckqf1ixqQtoQuyjb
+F4+flbcU7AdHYnNHNUHMz5TWXYKWP6fFk9PSggS8DmYtYozN3npRSCHTC56Rxa81
+ApdD9Ab0dF7fOvlnmniGxfqCRSh/RMGGEaTxdAfhp/m/yaR4xtm8VTAn8d65h/3D
+fKOGZ34UnvZmJ/bHqnU4zkLWc51iC1i9OIQWzoePK6qNPUq7k+oKUMSj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID4jCCAsqgAwIBAgIRAKXNs7ZFMh9j9U+my0V4kbwwDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yNDA2MjEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFIxCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9TU0wgQ29ycG9y
+YXRpb24xKTAnBgNVBAMMIFNTTC5jb20gRVYgVExTIElzc3VpbmcgRUNDIENBIFIx
+MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEM/pGFcs8jVjOroleCuLfLMeOz2TSKqWR
+BvJZ4oJ96u+/B5AA0TIL9WCiaBtSIBstmdcY5xFDnQ12GjcUfgyIHsPAwAtuz3H5
+es9VTnm7TUBBAkTICUy2PMJvvLWcIkLYo4IBNjCCATIwHwYDVR0jBBgwFoAUoBEK
+Iz6W8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFJuJcI6nVx1hlSmdqanuV5Rb9upa
+MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAyBgNVHSAEKzApMAcGBWeBDAEBMA4GDCsGAQQB
+gqkwAQMBBDAOBgwrBgEEAYKpMAEDAQYwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDov
+L2NybC5jb21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYI
+KwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5j
+b20wDQYJKoZIhvcNAQELBQADggEBAA+LXHuzWKyZDQbcXE+rcGA4C+39XIpxqLoD
+AiZoSj0od2JNmuOoQI2TAI9tqYTNYlYdoHhM7QbWpBrMQ+PabkoZL5HeGSk8tK52
+xHu9YZytDLleqLd9snJ8hTdHwD96p5RJXu/JqxPxOhh5fDj2vP5SHbpoV/mjLGTW
+AXxdJIrO1QF9lMt6vnA2alTvh/x0iAShlYxlIQtX/fg4cNwbUySWP1NW8lcRuCKa
+41UYBhUjhI0BQweV5q2dZxJpb9oDcntbzFYVFLkR8ttFll0cv4rkpOyb8r2358O4
+StkXdeM0fSVkASS2EIqJMynizJqYq8kfmU9Kaa1kFtaaAeUtPu0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFEDCCA/igAwIBAgIRAK5qlGpMiN4PtQMiv0DZk9IwDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yNDA2MjEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFIxCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9TU0wgQ29ycG9y
+YXRpb24xKTAnBgNVBAMMIFNTTC5jb20gRVYgVExTIElzc3VpbmcgUlNBIENBIFIx
+MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAmnX1X20hDNR3MyjSi48k
+cUysud1DwBCj6DvZnDgXHfd7AHYllKCNHw05rcudx64UobX5r+bv9txPT9AYoJpk
+qytioJGHq8BBQRIZJAYKLK0MOZ42WU72hj09UPsc0DtMrGIKGN4GOCBT8xNvULnx
+7WkkdrCqJkAT8rbdRzWZHVMkopikFcH7vszZT3Rc+bwgiIpMoXO9rs+8rgfCZo+W
+4rkzom+D9tFwjaZJcTGoRKYATg9rYxvZKr1d//nm1ds73/as8zhZBmPfAwK9L0af
+wTKrJ2AjdZEY2gD/1MNy9D28bk1FwtBhrPunM4dID4rSAlCWKyA4LDvrJ0uLK1mh
+gDNv/LSJcQRnTppc5gGX3d8ZWydrZH+2Yod+NPZ8G5lfAuvqctfozbfNo7f3a4oI
+pjbWR9oATC3CZ6UtEYTcpqJ6i5jgn4Hyb5N9RltzPPLmn7k6s10g/sGOIfgMaiFa
+8i4SHaYt0MMbYLqqYuHGUsFiTH0Y2u7km37fMbD9MlcfAgMBAAGjggE2MIIBMjAf
+BgNVHSMEGDAWgBSgEQojPpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQU13x58JsI
+sWuQbz0MORUe8rYfl5IwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8C
+AQAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMDIGA1UdIAQrMCkwBwYF
+Z4EMAQEwDgYMKwYBBAGCqTABAwEEMA4GDCsGAQQBgqkwAQMBBjBDBgNVHR8EPDA6
+MDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9BQUFDZXJ0aWZpY2F0ZVNl
+cnZpY2VzLmNybDA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9v
+Y3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAT93zZUez4Orbsos/
+JdvhkOOBw8G68AR9X1KMNqSlEdw5hC0pMkr6EJXDrp0lq1dcgza+2zVNjy8G3LKe
++j+zeNFTAY0WCsY5sawbIMlVDvboo3eSwFxjhwZ7C3soyYZRg6o6bpZFsyuhgN/4
+VUEktIq4KIlkMhq45gijJlwRd0Y4f0B/jEf+Q9FwEN1YNgHlc5hatRpGdaJjX5vH
+e1ROI+/I0T2jDqnIKm1OHNJQ3t26uOVFgoT/TxhVo0t4yT3dz0GxP2komfA+33+3
+btzKq74YQnBaEmjtiV++3rapRN2GTN2tAPrHM0BHPskolSwwzfs/VeIn/+vQoLbq
+niidWA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID4TCCAsmgAwIBAgIQdeCi5PcGhffHR+OwfQy4pjANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTI0MDYyMTAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowUjELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjEpMCcGA1UEAwwgU1NMLmNvbSBFViBUTFMgVHJhbnNpdCBFQ0MgQ0EgUjIw
+djAQBgcqhkjOPQIBBgUrgQQAIgNiAARoZ0k39KG8pepJcSTmu2rzyo/qWlHOqs6F
+g0HV4Nk9gQzD/ZothSUrXdmB5U1d9ZhWm9p4YFpqQAZD2N3CB7TkY/YgRKBzACzu
+fL7Igvd13FFBf024ED7x62XdXURWlQKjggE2MIIBMjAfBgNVHSMEGDAWgBSgEQoj
+PpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQUNzAeZC0ZaPP9brFyDe9s+wpATJAw
+DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMDIGA1UdIAQrMCkwBwYFZ4EMAQEwDgYMKwYBBAGC
+qTABAwEEMA4GDCsGAQQBgqkwAQMBBjBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8v
+Y3JsLmNvbW9kb2NhLmNvbS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA0Bggr
+BgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNv
+bTANBgkqhkiG9w0BAQsFAAOCAQEAgCf00xq8APKgadawUmy0AmwnC3yfFNOfgqqc
+Uu2sFwv5Ib2OwoCH5XkYZMj+wFZmUdRTXpovHtyZ4L5C1c+ouC3TmKzZ6/2yOAea
+PxC/N6oe/fkISBFp8y/2UktB10iekBStkk1THmoBZqZWHArpbu+IsD8/13eBQSBu
+oPNUlgWTIH86Wfq8Ik0/t7luIy+0FZt9VqTGpqzy78FpNpwfH1m9IDHReVOE9+B/
+Fb5zIzLwkn3ExgkNgNHpiMgsgU0QGntPPJuIYu6DrT4lg/A1EoCTIj46lHGtxeK/
+c6MOzu4krYeNwIMxeTi51lAcarIvmPVGOUY2IG4rpTw6y1s66g==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFjzCCBHegAwIBAgIQWCo1JB/IwtZeGvdM+e0L8TANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTI0MDYyMTAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowUjELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjEpMCcGA1UEAwwgU1NMLmNvbSBFViBUTFMgVHJhbnNpdCBSU0EgQ0EgUjIw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDhfU+kKz4OXLTlrJFsTk2y
+gohkGnwF/e5d73sCZo2ToDHAN2N6wctCCIjOGuQkJHtxtuljQOfMwmWG+BTyoy/v
+GH5N5hucCT3LzpM54pKsx2QcMy29f5luNW77US9Wd4XE5V7aBFXjF/nEuCdUrrA7
+HYx+XAOs1pSbPgfNmSMLMZkyGsV3o1eyxQNsr/xCJfBJjaFkE8y+AJ2FifhTWjnl
+yeFn/0GDzya+aao6lWXucc7z4IxKdpuFWteq296i9MWCLamH4rq10IEPGFhHQN4B
+2CwZYCuIdh2eMhJsMSWzOdIOBDanETAesDuR5MVQ1YxnkaXEunt5wr6eLbX6FJ0M
+QKxBuXpirRXCiYk9h0cX/9QJmVQr3vE/pdkA2bB0Dn2196yiKSUfMqrWJXT0MF/t
+wCf/WlVCY+kzWiST6KaFlSQadYWPaoowP0e0jOUIHQm9H7ZG9+IUTV93DbeEq6Xp
+kgcUMOlQwKOTFoW1jVZQbsbz4O04ehvzpWBOtM611krW8Sn8H5hZBWPPXho78/zX
+fvLSVVeymUHfbpCxchmuXZuDpytJm8jQRb0zZzaPTahWVsMDrW86yZA4yMormeuq
+ZsfdcGtrb2taigJcQA23XKj2kQ8LL00MiNDUnQeVi2vDpOhdpJZ0iiRjTjgPnuyJ
+L7k70xDgX5PyCffzOmJFtwIDAQABo4IBNjCCATIwHwYDVR0jBBgwFoAUoBEKIz6W
+8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFG8NL6X6dfU68d/uYwvTLCfKA091MA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEBMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAyBgNVHSAEKzApMAcGBWeBDAEBMA4GDCsGAQQBgqkw
+AQMBBDAOBgwrBgEEAYKpMAEDAQYwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2Ny
+bC5jb21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYIKwYB
+BQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20w
+DQYJKoZIhvcNAQELBQADggEBAFqqliERmsstMGUuOqLehV1dyqringyyRAGsz8nk
+X/KA5vecTQ1kiRM4NdxJHeFdkvoyB3hW+QnrXHP9uKPHtreOUMROfCEiyCieFpwU
+cCp5/f30ZCz+bf0BfQqR3AG9gfstfghqW6qGMAghjv/kKsdis6aXs6WWwfJX2VKG
+ly/J6VNMHnhu6Xi2D0t75yGOAgRZXKnKJPX8AdHvIyukKjwWqWHC6t3UxeE7+1gw
+0n16IP3NcqJAMNF0OHY8TmFWZ2BqeZkis/q3X69vatmafaK5zePcYPBjUL5HB8rk
+GFLLBPw7z3yIZDn0YgPCSRuYwk/OXs8NvJHjNvrE0zRoFRc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID0jCCArqgAwIBAgIRAM5Qt7RdOf6f5NfHPsazUT4wDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yNDA2MjEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFExCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9TU0wgQ29ycG9y
+YXRpb24xKDAmBgNVBAMMH1NTTC5jb20gSVYgVExTIElzc3VpbmcgRUNDIENBIDEw
+djAQBgcqhkjOPQIBBgUrgQQAIgNiAAQxZ3TZKQJ5/orM2Y+/uP0rDgI7y2l9Lvtk
+F7jKnh0Pj4fbhgGalYwWwYq3DE86VDgNJaDNILt8uhJvra0TqRABR8B37Ku7W6wC
+VM3v10ViDJ57zsdbksOZhIP4QimBSe6jggEnMIIBIzAfBgNVHSMEGDAWgBSgEQoj
+PpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQUJpEvtoqAvnFzEwoBt4x9d79bJhQw
+DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMCMGA1UdIAQcMBowCAYGZ4EMAQIDMA4GDCsGAQQB
+gqkwAQMBAzBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNv
+bS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA0BggrBgEFBQcBAQQoMCYwJAYI
+KwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG9w0BAQsF
+AAOCAQEAVae+QPlPd9+40OtrbTKuMrNoO9Q6+QJTUmKjYFhgRMMenZ853UBH7yUp
+vCBIsxHcsZYU7ZxmpCi6oWKIygqfx2Nu0g5Q9jVnehwJwlZOpIszPDzqqgTTouNs
+6Cz6cm96Nkhy7zuZx+8QMGSSv8ADBgPSyLdtdpp99M/pflWzf/d4Jg++gWx7/ij7
+rrab81IuNK6Tg1DC4GtIPrcfKqv09L61m45pQ1ExixY+1EjLB1h0LbCmODiFdFiu
+bFdxYRLvepKufIliRJkiqt7rw6mu2nPkp8ZOUgEmmSgZU5A49L+ebuvCBTCcM/pK
+HkNEQXDKYCouTwVAZA38N5Vnmd4iBg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFADCCA+igAwIBAgIRAPr6WIYeTsXvlnMIFqoWMf0wDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yNDA2MjEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFExCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9TU0wgQ29ycG9y
+YXRpb24xKDAmBgNVBAMMH1NTTC5jb20gSVYgVExTIElzc3VpbmcgUlNBIENBIDEw
+ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCdKCtakRaln+iha5zvcbzZ
+sVHEHAoBUuGcAK8ZwEmZtKUw2p6tEHQUBtm30KTSpgCdzQn0g0QRXQj3l3ykDK2f
+9GfuuyVbTbcd1teEEtUFrqMzRU8kiDVhPY7GWLGAtt0eXrJd24UvHlEsfa5IlOUE
+PHXYhT2PEHIg81gXWbxnrGetUThh52uwmWKlbUW30Grwz2UjYUm2JGS7UOrmyRml
+66/GO3cW3UeuyAEWrszBUlNFdVKFNXdJ1V5sNYKqz2dWrjxPOq3WZdpnQhuEXJI8
+CuhnK0kppO1LovdRQkm1/xg28zQNmmOosEjrJzkuqoM+mr7koTcBInJD5rsy79ub
+0hKqyMIJbFoapijhuTN8hUGRBR0PfZ642oOlMnVz61c5JSkDRi/Mj5Y6F5ZsI7iu
+uLfu6mb/rDSkYMvkPSbcMpfv8cZS9+egnbZfiaKt9yEWMblkxWYc9jepIhkWvlQq
+HH/OrAOZUnnkDZI9MhvUoWfbB4mS31a5obGcOm/GmpUCAwEAAaOCAScwggEjMB8G
+A1UdIwQYMBaAFKARCiM+lvEH7OKvKe+CpX/QMKS0MB0GA1UdDgQWBBSufRb79DIn
+8JVWhSSGFFi0XdGaFzAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIB
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwIwYDVR0gBBwwGjAIBgZn
+gQwBAgMwDgYMKwYBBAGCqTABAwEDMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9j
+cmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsG
+AQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29t
+MA0GCSqGSIb3DQEBCwUAA4IBAQCQEqFRWOhmUjYXj9awUjQkejDpPQcUCFo6Wrvz
+4J8OgOtYTedIxxFkV1CgVpYrqN3QkkVSzWU6WwX+d+y2Js4nxkGHhZWwc1/poUqr
+ZJ83cF2qNRDUF/fODq6ASsr1ry24QKzDwx62VgMQopKCowPTGQo2n/C1DuSMKWKM
+x+I/kEyWZGUhqJPe2fqp6ixubaDwZbZYs28K3UDaUTZAyzp9kKb+KAnKJmLWmQGH
+fGZY1wtv6LRE4mKt/kXoIMoRrvfTH10Dg1FX7vcAlCneSq/xdY8v4sfbHjFLCBpT
+X1WwydtixLvK/yIJP25G7YyttzDjCpIvGXGE/aqet808B5Tj
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID0TCCArmgAwIBAgIQCkQaR7Uo2NfBKeMRNU046zANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTI0MDYyMTAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjEoMCYGA1UEAwwfU1NMLmNvbSBJViBUTFMgVHJhbnNpdCBFQ0MgQ0EgMTB2
+MBAGByqGSM49AgEGBSuBBAAiA2IABLFhlniSt1UT1EMVninNreIHv2yFBrxdCK4L
+BPRpxOYkp1ujy0iEKvpk93QuhQAOwQIEAJ2+so8NFhluiqlWy2Y1rJpPNGmqdzbs
+4So8q30xOAavHUHeRSwo8vA8Rp3xuqOCAScwggEjMB8GA1UdIwQYMBaAFKARCiM+
+lvEH7OKvKe+CpX/QMKS0MB0GA1UdDgQWBBSzOfOcAkLY0j3ZwdXqQWWTvNgKCzAO
+BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBATAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwIwYDVR0gBBwwGjAIBgZngQwBAgMwDgYMKwYBBAGC
+qTABAwEDMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29t
+L0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggr
+BgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUA
+A4IBAQCPmXl4BgAjwMtY89V5mTL37dyVN9bSIfvmCkio8ki9I1jZamG/I+HvKlyM
+RRWy8vDREM/ZzrO5AEpO+uHBW6ArTLtpQnMBHXsdc/VbECHROFItqTI6Ny0kaciV
+st9+VjyObGkxYhGZR4RERRu4dos5H5dAQcyLavABlOp5OQ+MzJ6SebY0Ww90tffp
+9ZVLnSvNVntjhxK3KXNbOC7ELsXiN5Ju5PuVXiS5d4iCc5befmZKtnRUMhTncWVG
+nANQFtw6Z8ZKQIF/cBwLWYqm1HNZLq0oE4FOIwIAiOoe9x+GWvcb0g/ZyqikM82f
+tDixVW5Y3qZVDDp4Z66gI/q03muH
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFfzCCBGegAwIBAgIQenz30vS2/AcnvyWN2uu6yDANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTI0MDYyMTAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjEoMCYGA1UEAwwfU1NMLmNvbSBJViBUTFMgVHJhbnNpdCBSU0EgQ0EgMTCC
+AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAM3Ew9BDEqfJWTBEJnlrpS0k
+3JYd4pKpYDrv1XjpIO0aG0ag/BZUDQAjpAd5RsqqcBIWCf9+09fOFg+5uDhOJlDH
+vXVnqPBMQ8zF/+QDlBU5GQ3U465adlTtnE4ZAgd4YeNK0b3koEm5sfsUsa6RaCzE
+msVGBtwewlk9Zlv/T3KMg3qGtmLqMem1flIhbfIV2sXavVi+HozQtZq3x3eZ9N0b
+rjKxVMMKrSnDP4RaqI9J/Y8+JCYp5dXML671yV94YgkAbhhodSxk/t5rlzDqiQB/
+EBFYNSVLXYskbPsdzt4bvhT6qiN0nH3z4w0xmQ10EWymWw9iEBRdjit9aRR91YAL
+pEzRsvtDZVioqX37nxGKuPRQrGU3aQpLjrWQBL116ElPflWy3PRZc8Pb/RHiS16B
+XBhAJ8LIYndu2ZUh8k6cRHk1idhQrVO++kXh9j9HW51/g8e7TWNatzg+UCZ4AA9G
+jM+dodIrZ+7ZikKfVyAnFrNd6ha2WNtYtEwn8nJyyTwH6AQpSNANzBXJl8k94nBS
+avvy0+GslEL0P82VH2adyebxEPsZYNMqBUclMPToZyRnwVhcKbU6Tq6P/Qn/HY6A
+TFadi/ZUaHsgYBdjOLzZF4k7eX16L8Nysj0o5uufjBQ8eouaJPwK0RId+e3pT3l3
++56NkPG3mN6ahd60mbc7AgMBAAGjggEnMIIBIzAfBgNVHSMEGDAWgBSgEQojPpbx
+B+zirynvgqV/0DCktDAdBgNVHQ4EFgQUrtsRjGGL8M5FA87qmt0f7NeLmH8wDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMCMGA1UdIAQcMBowCAYGZ4EMAQIDMA4GDCsGAQQBgqkw
+AQMBAzBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9B
+QUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA0BggrBgEFBQcBAQQoMCYwJAYIKwYB
+BQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG9w0BAQsFAAOC
+AQEASrFcB1n6PP4V5mH1sBvsP8QV5iuH6EomhPCVcaVQbEEWJSlNZrF8dh7qGqAQ
+cagWoH0tNpnU/9g4YbzpjdI9GyDjS9/SHmn8NygnCgtT9Bp2yeRJ24sLqjPVggaI
+VIepCkVWrXBqGqq9WartbVLL3qMmO4QT8buvVdbFnTdp93EnVQciSXh3+bBmm83X
++nif1MlpevOHTxWkKgq8/alK1Ihp0tna8D7IaifbBg9P+mIeMcIByWTKVHoLfYET
++YKX1t6w031I/jFj/4eX6V1V3w/UxjPdKLhmTpxbGxUP0ovB/7mEkTUjSzkfoupm
+XbMvTXAhS5fZrwyP9ki5v4FZOg==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID4TCCAsmgAwIBAgIQP0O2nX9rP+O1A05zifFePjANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTI0MDYyMTAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjEoMCYGA1UEAwwfU1NMLmNvbSBPViBUTFMgSXNzdWluZyBFQ0MgQ0EgMTB2
+MBAGByqGSM49AgEGBSuBBAAiA2IABANxF9T40/FfOUt6rB28nAoStiQL6ceFMTS5
+UfdsS0Zd67V0R5mUC2SG1gijEeuxg7fu064cRRywqf0zmzehyNl7iuEfn/2kmy3/
+mLLGmrv8vgD51NZd8qU343eapnFOuqOCATcwggEzMB8GA1UdIwQYMBaAFKARCiM+
+lvEH7OKvKe+CpX/QMKS0MB0GA1UdDgQWBBTVr76GWmRW63QEVM5oWhWLAB5quTAO
+BgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwMwYDVR0gBCwwKjAIBgZngQwBAgIwDgYMKwYBBAGC
+qTABAwECMA4GDCsGAQQBgqkwAQMBBTBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8v
+Y3JsLmNvbW9kb2NhLmNvbS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA0Bggr
+BgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNv
+bTANBgkqhkiG9w0BAQsFAAOCAQEAVb5T7FT+0BjHgTELK0+VxRKtt3q7E/gtZxRc
+ipPbyt0/Nt0daKX4I262nNWtWqK1xazIVJfOzPjID4Ht3prfuWMiXUs6izbItG39
+jZk008yrHUqzwJVhzQZrGkcLGFUREH+7/b/vSz2AL8ME/Mk93o6xP4diuRC53BhB
+M9BSBdN/tv3BhZke9qOZl/GWfqO9b4XPdd5GHOs7FAdxkkZA0rXw1R7B8Xwnneed
+B4p0u01cYmFe7QQmc/lvf+SdtQxwlevA4iDZ4vduVtLQcqrqJ4XCoGn1wIlECmv3
+3GU95pKvZhUJZlRWDc7iN+rpipMBGfgDhZ+Uwv7UOFXWrptLhw==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFDzCCA/egAwIBAgIQNmN4kk0lL3cFlCFGSz3axDANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTI0MDYyMTAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowUTELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjEoMCYGA1UEAwwfU1NMLmNvbSBPViBUTFMgSXNzdWluZyBSU0EgQ0EgMTCC
+AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAMlOeGZZVJUlUuNGU/lKqpxS
+qrPgskDpW1WwmOqiGYSuAPZOxSdLDmA4mDCwrvilegbiHygCUVGgo2fmf7j4VMmY
+/TFufPoQA0zuddvHct/bdil0lG+KoqBT5Oh+DrzqYp/RHlfZ/OAyQD6bJCkFZ+FH
+FMiOc4VROppyjkr5aR1+rmoUUvfumkGL2UmX0MFCD+lHOw48wnsPO36CLH+doomA
+2TzL9LDN6Jys0sIcBPA65yM16ofgBohJHhXJrtAvYbUvxz+lZhQvtb1zicj/Iulo
+sLr1d8yiQlzvm/r85PlILq4Jj0X7h8UzTKE/uk5H0UZXaFRM+xsHW+N6qZHl2JPY
+NOsZIulzIGKvxsXvuzd5wnowwTUf4Y+DL2xQVevj2JBR7Xck1ajAvcMA/ULB86HS
+poHsIwvfCl8lBwCFZfnm2DmAhtwb3uvCJque/dzPLcfL84Db1wyA/HwbQLoHB9gP
+NYylslCoy9IE+Y3BUlSD1YkYRbzeVMavLDJEmNBw+QIDAQABo4IBNzCCATMwHwYD
+VR0jBBgwFoAUoBEKIz6W8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFEWiFIXTFUqZ
+cPkCRtzNGOroJgI6MA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAzBgNVHSAELDAqMAgGBmeB
+DAECAjAOBgwrBgEEAYKpMAEDAQIwDgYMKwYBBAGCqTABAwEFMEMGA1UdHwQ8MDow
+OKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmljYXRlU2Vy
+dmljZXMuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29j
+c3AuY29tb2RvY2EuY29tMA0GCSqGSIb3DQEBCwUAA4IBAQBd0nv8ziYaAjwwleKt
+YhxtegIKDsAgfhwyFFAJnrFiqR+yuuwVFapLVz7aTrOefz9DUdwQ4f9Hmemy38ft
+9k0SQKoJRp173bnPPUTMQv7v0SKcvoZTvlbQMoeaw5xgExi0D8e1uUYqAtf/jpWB
+LHN1nZh/JDyYmRkQJ7RqWiy8CwIEioKoAUKS04ta9/NhJUZVlCeen1lSx9OogInB
+TK6Ga32y8yrwNP+dUdK0LH/ALA444ZI3JJNlhpM1yRUS2r9B6AXdcNu38tOpegUN
+ewBdi/V2I1bIQBwiQ9Vg6V7K7PoItbUN/Q/oKUtyk6Wx2RXr516KRAK6SU4XqYwv
+f8wk
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID4jCCAsqgAwIBAgIRAITWGBJ/92drg0qg8GC3e0owDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yNDA2MjEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFExCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9TU0wgQ29ycG9y
+YXRpb24xKDAmBgNVBAMMH1NTTC5jb20gT1YgVExTIFRyYW5zaXQgRUNDIENBIDEw
+djAQBgcqhkjOPQIBBgUrgQQAIgNiAAQgX3EMKj4exPnwYlTTzrzvvKIARs7H5ZfS
+kUr8rsrKGjjJlJH3LorYwcv3grNUjIUN0Rg0EaGO0zu6dRSGPs+8VrmHwIyIAZKm
+r7lLPyMQ4uaeC17bCvvYoezVF2Ct6xCjggE3MIIBMzAfBgNVHSMEGDAWgBSgEQoj
+PpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQUseDZv51LfKEvymlDVihWT2mcF20w
+DgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMDMGA1UdIAQsMCowCAYGZ4EMAQICMA4GDCsGAQQB
+gqkwAQMBAjAOBgwrBgEEAYKpMAEDAQUwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDov
+L2NybC5jb21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYI
+KwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5j
+b20wDQYJKoZIhvcNAQELBQADggEBAAQ8UEAptET6LwOKj6txjkPgBS7diGYbMsPD
+jYKrvRIsF7S3k3KTyTHxIBU/NUuDfB9nMeiPLgY23rxWSdodarpVb5QLITnn2GHa
+kYdoH6MPyFa2btooajYu4ER6T2fPnL7Vw9CZiq1XEG4ML+uZM6rlQBhY2nE3/P/d
+DG0ppmewG/uLweD2Pn7TgtQxkJLYTpEdQzbttx784PhZp09BUwQLUpQLaH65waPr
+a4tUiw3pBUIGyPIDZOg/Rx5IoUfW/mJ7358CslcOBLIfm/pivCvHD24Tcu+yMoBf
+rn+YO74zTxVdiQbD0bN6GG+aUl4N2pptulQ4ZSi739GVk6kOl/A=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFkDCCBHigAwIBAgIRAJB+gsmzjFpFvICEw35Q9Q8wDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yNDA2MjEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaMFExCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9TU0wgQ29ycG9y
+YXRpb24xKDAmBgNVBAMMH1NTTC5jb20gT1YgVExTIFRyYW5zaXQgUlNBIENBIDEw
+ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCBUbLecMYFpK+0dc/Kbwp1
+iJN3zb+0Qkx7deHQxpE9jEAUOJmx1ICJN8WbrbOtHRtFuSuoIEgOmhcgmhf86572
+Q2QUMO3k5DugOSM9Zu5c5K7ksnPiq+V1C826CZwVh/htpzF8mlIHRQZ6EBIx1uYD
+HNkhZXUhaL3ZdPPPNlP965qm9VUWeClrOWrIZOEEdQics6UVpDN16czcHaN1DhXW
+LcukXEIGjR8LawohmU792m/yN8nPTGzcnYvfXIEeCuoUpzavktnbY9TqFMijJqyM
+V4BY/Zm/g/SYhz4Y9UWfDJYM0/rBBoM9q5AV1Hzl32nUlPPo8SvZo0gDAMLUZQ/8
+rYzi70Gvd7MrQ83D1Ro8nd7jmTDrhBCt90tshw7bve6y05UaD3V4C1s3DM3szd08
+M3JZyyCauqs6PX7VCv/gXF42QihxXXeuDTdJjWTzrJK9EqUGbIYpcJuMr/dykUUo
+SQ/FeZoIwOISc5TcBeH/vEPXCNv30N2a4dhZT6jKY98SgK2TVO3xPFFSktCq23gD
+LzlBT6Dg/o31gsIawByBgGXT858moqMyYJ8Sn2sGvfOcSiQVfQ6XzHX4kh7WeOCo
+5YQS+w7sQjmngtnyvGmtVYsJTDDczxGwrw3cKJO9DvoS5w1IamvgBUH9Ms31ofES
+ZA48QaIv5wbVGrIjtHLBzwIDAQABo4IBNzCCATMwHwYDVR0jBBgwFoAUoBEKIz6W
+8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFOSr63Uz3YRbSO7NZm6xUxnrCIuWMA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEBMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAzBgNVHSAELDAqMAgGBmeBDAECAjAOBgwrBgEEAYKp
+MAEDAQIwDgYMKwYBBAGCqTABAwEFMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9j
+cmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmljYXRlU2VydmljZXMuY3JsMDQGCCsG
+AQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29t
+MA0GCSqGSIb3DQEBCwUAA4IBAQCUXpsgr/wbjgSySnnEJ5rZ2RJy8MEpbRj53EGj
+zvCvyT7oeNKOX5QsVYn7pS4koqvvHyF65GMBBBDCA/RUxxVm2vrdmYCdy3mjs20F
+H3RC+BkKZtm069nmwqAu2JZcJTdrVNtEGRDT4tku6CehyOZw/vdgI7j+WVBXOR/M
+qgGhyf6YzGOnFNaTrgAUWlVAR2A606WUFh0ozFXpHnjf62S1BLvjDAUfSmtWPIby
+iYUPLM+/70Rje5INRSjMgNoOghq8OIp7AsNLjqtZsXR8UIHjJByPKLZl0Ntrhftt
+W8H9zR7Xe5jsw5T1QyaCX6d6qNsPcEckH6qKQDqqbFXJvoq2
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDzzCCAregAwIBAgIQc4MRQp9zCJcSzUr9bRb63TANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTI0MDYyMTAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowTzELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjEmMCQGA1UEAwwdU1NMLmNvbSBUTFMgSXNzdWluZyBFQ0MgQ0EgUjIwdjAQ
+BgcqhkjOPQIBBgUrgQQAIgNiAATW47D5Jj9R0bn6C9WsOHGBS8DYaqCkMWxUiekw
+mabE+rDw7gGw4vRhyj/MFuC+qO4fj3zn6CKTaynRLe7hFUfc2/Fnql2gPOO2na5q
+RxcAt45CH4r36BYtDsEuaKMMMbWjggEnMIIBIzAfBgNVHSMEGDAWgBSgEQojPpbx
+B+zirynvgqV/0DCktDAdBgNVHQ4EFgQUTrlSWrGPftYwU0Plyl2iBIxMFPQwDgYD
+VR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMCMGA1UdIAQcMBowCAYGZ4EMAQIBMA4GDCsGAQQBgqkw
+AQMBATBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9B
+QUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA0BggrBgEFBQcBAQQoMCYwJAYIKwYB
+BQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTANBgkqhkiG9w0BAQsFAAOC
+AQEAVpdsOkUivRCeDLnK10taQR321En5G/H3wYrmMqLP8ESiUHKQC6m2I+X69Ndo
+JUSYfz90J0Ow/ZvFLTZrvoAu6qMRd1WHqjOuVXaqsVx+nfDviDr7e25t9scMRqaQ
+1dkFuNiLPVOEM3idQGLY8s12NnmsvD6AjI28KlOCoLGcEM1DEt6Hu5PfRgziJWQK
+HWXtStDSCYl5zxTl7Th49D56T6do39mPOxhsQqVqWX5eZQ4uhuqFd2GQBxhCGe0u
+IS38bYHVspzrz3RKuNK6dlCSBP+UXzZj8Fp08o3l0KPe4k2H5K7e00cyMPXEHeP0
+Z2cFax+utXCEfhHER20vx6DwKA==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIE/jCCA+agAwIBAgIRAMT4RcgnYpHswrPdHceMh00wDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yNDA2MjEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaME8xCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9TU0wgQ29ycG9y
+YXRpb24xJjAkBgNVBAMMHVNTTC5jb20gVExTIElzc3VpbmcgUlNBIENBIFIxMIIB
+ojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEArBsCFEDaO9kp5LVy+Q61qs0c
+eyTudkfMpnOW86WVgjxn1Ol3GVEEJeGnAJacW6Me3/DElI3p/oAiH+RozfSaV1xq
+zXYaFLr5xwzP3DjUiV8ez41QLh14JZLR+WV6VcNfYY0X1BtmvgmbjhICpycy/9DR
+ibURLan6zcuisqA89B/2vVYnQG+ACJh4mTi7kWggWT5/vVII/U1kxUxH3b3F9KK/
+LxZxmhcNZbeqU655LLUB/WqmAcfneAg41ZDWiE2qCS2xvByaNZZmUvkWdlWWUxp9
+vFoOQ3TcqZVscwVTHL/s4btRCiJakhrrx516K9ohURYwctW1XYu7EflaLuD1GsPx
+EB+Ly0WBxzNq1L/2eah3Iw8Xxfglx63oxEtD2mGgPxCybn0nDfyMYpGiDkVrgSFK
+69+KXC4/mxU5cq+QlhhWyRSXlrM+QkBcUdySWtZpM3xx2YhNSWYKI82i2Mysc7R9
+iG4rz5zJjJVIS7biFu4dSTRjXgQ/W+6RnfiFz84bAgMBAAGjggEnMIIBIzAfBgNV
+HSMEGDAWgBSgEQojPpbxB+zirynvgqV/0DCktDAdBgNVHQ4EFgQUebqUd6ANGd00
+5jmk/Eyl0lpt9YwwDgYDVR0PAQH/BAQDAgGGMBIGA1UdEwEB/wQIMAYBAf8CAQAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCMGA1UdIAQcMBowCAYGZ4EM
+AQIBMA4GDCsGAQQBgqkwAQMBATBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3Js
+LmNvbW9kb2NhLmNvbS9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2VzLmNybDA0BggrBgEF
+BQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAN
+BgkqhkiG9w0BAQsFAAOCAQEAFTEjMQzlG8JU3bIPbc+vWUtusUzRXSoVmY7Y4Ybx
+phiK7+coZgU0MOHYdSjmSGp16wly0l0L3acKwBanu5WqUnaeXyPqkgUOOD6w0JHc
+FBcLXCCqPD7hnhYAjQuaU8t50OCEkCEYK4R5nh75paChmYPFci0XJRCFQHOK7xCo
+boWSRjszDM/0/YYu/GV0fMAPxbMvKbr7WrCgGHsCl96mhPoRvUH8+cP4wLkoN81V
+mv+BjERE6JwxadQFa9pxLacnCBNA7KfGteVkI2xN1MbiuATZujRQ7MxEBv+aZ7Sb
+LZwAQqijFKgzcvRBeETD8JmmeKO7Ksf/XkPOvOA99wK5dQ==
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIID0DCCArigAwIBAgIRAK2NLfZGgaDTZEfqqU+ic8EwDQYJKoZIhvcNAQELBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0yNDA2MjEwMDAwMDBaFw0y
+ODEyMzEyMzU5NTlaME8xCzAJBgNVBAYTAlVTMRgwFgYDVQQKDA9TU0wgQ29ycG9y
+YXRpb24xJjAkBgNVBAMMHVNTTC5jb20gVExTIFRyYW5zaXQgRUNDIENBIFIyMHYw
+EAYHKoZIzj0CAQYFK4EEACIDYgAEZOd9mQNTXJEe6vjYI62hvyziY4nvKGj27dfw
+7Ktorncr5HaXG1Dr21koLW+4NrmrjZfKTCKe7onZAj/9enM6kI0rzC86N4PaDbQt
+RRtzcgllX3ghPeeLZj9H/Qkp1hQPo4IBJzCCASMwHwYDVR0jBBgwFoAUoBEKIz6W
+8Qfs4q8p74Klf9AwpLQwHQYDVR0OBBYEFDKix9hYi/9/wDzyVWkz7M7MH7yXMA4G
+A1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEBMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAjBgNVHSAEHDAaMAgGBmeBDAECATAOBgwrBgEEAYKp
+MAEDAQEwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20v
+QUFBQ2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYIKwYBBQUHAQEEKDAmMCQGCCsG
+AQUFBzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQELBQAD
+ggEBAB4oL4ChKaKGZVZK8uAXjj8wvFdm45uvhU/t14QeH5bwETeKiQQXBga4/Nyz
+zvpfuoEycantX+tHl/muwpmuHT0Z6IKYoICaMxOIktcTF4qHvxQW2WItHjOglrTj
+qlXJXVL+3HCO60TEloSX8eUGsqfLQkc//z3Lb4gz117+fkDbnPt8+2REq3SCvaAG
+hlh/lWWfHqTAiHed/qqzBSYqqvfjNlhIfXnPnhfAv/PpOUO1PmxCEAEYrg+VoS+O
++EBd1zkT0V7CfrPpj30cAMs2h+k4pPMwcLuB3Ku4TncBTRyt5K0gbJ3pQ0Rk9Hmu
+wOz5QAZ+2n1q4TlApJzBfwFrCDg=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIFfTCCBGWgAwIBAgIQUl2fDZZ6EH1gqmdbOsHpyDANBgkqhkiG9w0BAQsFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTI0MDYyMTAwMDAwMFoXDTI4
+MTIzMTIzNTk1OVowTzELMAkGA1UEBhMCVVMxGDAWBgNVBAoMD1NTTCBDb3Jwb3Jh
+dGlvbjEmMCQGA1UEAwwdU1NMLmNvbSBUTFMgVHJhbnNpdCBSU0EgQ0EgUjIwggIi
+MA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC6lZ8Z2WYAqAXZr43sbFCdaz+5
+MU8liFkrqzD5CcOL8AOaKtB1Ggx5t8GjUibUAYvuCNXeUzd4awBM4ARRoWp8xzRI
++AG9YxUH5lWtsmyhfyW4E7VvpRpi5s3tOyQVv8rCpdNB0R/HYM4+wPxigadbL2Cc
+46fTcbeV2MBPOc9lyVJASewIXQQhI0+CsKOVA4AD3Cj27QhnpvJONchn+hVgvTTD
+VSkmlrvaFjH3KPzEJsRIiv6Wyc1bpkDyV6+bPzkzXtntXhdXb/RrAcky7ldxN5I0
+xZd2ESfMUU6yQbqkIfAaBj1Uxd7y780ir5beWijPQU1VsU4NcEpxwQ8CkcFK7Gos
+XIAOS1XhFbbO7QpfF6Nxe8QGAcC5Dx38f5vubR3PMheivltQSxlGJOhMlidqxehx
+baxH47wRQoT2p/3MXHBDydUetOwJLlRxct6ms9px9qD8ubnUX4TmUc88tfWzFM8t
+WrKNrhQjo/GB/585rBv+MZ+8JwjySCjY0Tiy4WcwBo3sacCyXXWGoJH2hoq2QbVH
+W0QpQLSQ2wXClnyo6juVXRW++ZwtCu2MOx5xnadnqD2u/2fH+EAHsCplAtICVR8j
+/GeFQGWbdPSXTUrSy0OKm9BiQjJ9GCw4eUZa8zYbOKnsFH+2NtZN4pYLP3M7wS8I
+WceGUEkSP5Izm+qWZwIDAQABo4IBJzCCASMwHwYDVR0jBBgwFoAUoBEKIz6W8Qfs
+4q8p74Klf9AwpLQwHQYDVR0OBBYEFCFBNGOOHZEMw922JLCoh3uNZWAIMA4GA1Ud
+DwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEBMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAjBgNVHSAEHDAaMAgGBmeBDAECATAOBgwrBgEEAYKpMAED
+AQEwQwYDVR0fBDwwOjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20vQUFB
+Q2VydGlmaWNhdGVTZXJ2aWNlcy5jcmwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUF
+BzABhhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wDQYJKoZIhvcNAQELBQADggEB
+ACZcAf5T5xGRWOoV+HvXXdj8P61F5OxDxY/lC/6feUgFY8qUO9yPipfxlDOgelM0
+YgFkHK4GLCuIKgfP+QpREuKMkJP6k4tylKAEdr+DdFgwHJEWwbPFg/sZHYWzUPEN
+c1ypStXWHXOXlk/fbIylocSSbqN9oRM50+YKeLFy6+1jK12QJVJKMiLYKxiRvhCa
+WyqLhFsVGeNNgbOdrkjRBNTYSv8s2qJA2xZSYF1bkeo3bK94qx/FTbwCOigSsK6y
+eLeb585rLBNiO5MhPTY85Cbb8aZfkUryrqJoy993BoyKp9YDiM8QA3Mome64gxVZ
+FNKy3ieVQFNDMoHK9DZgfLk=
 -----END CERTIFICATE-----
\ No newline at end of file
diff --git a/signer/remote/remote_test.go b/signer/remote/remote_test.go
index a8a4b7418..5893d262b 100644
--- a/signer/remote/remote_test.go
+++ b/signer/remote/remote_test.go
@@ -99,7 +99,6 @@ func TestRemoteMutualTLSInfo(t *testing.T) {
 }
 
 func remoteTLSInfo(t *testing.T, isMutual bool) {
-	t.Skip("expired cert https://github.com/cloudflare/cfssl/issues/1237")
 	certPool, err := helpers.LoadPEMCertPool(testCaFile)
 	if err != nil {
 		t.Fatal(err)
@@ -160,7 +159,6 @@ func TestRemoteMutualTLSSign(t *testing.T) {
 }
 
 func remoteTLSSign(t *testing.T, isMutual bool) {
-	t.Skip("expired cert https://github.com/cloudflare/cfssl/issues/1237")
 	certPool, err := helpers.LoadPEMCertPool(testCaFile)
 	if err != nil {
 		t.Fatal(err)
diff --git a/signer/remote/testdata/ca.pem b/signer/remote/testdata/ca.pem
index 1a1f5a93b..c52fc046f 100644
--- a/signer/remote/testdata/ca.pem
+++ b/signer/remote/testdata/ca.pem
@@ -1,27 +1,22 @@
 -----BEGIN CERTIFICATE-----
-MIIEmzCCA4OgAwIBAgIMAMSvNBgypwaaSQ5iMA0GCSqGSIb3DQEBBQUAMIGMMQsw
-CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy
-YW5jaXNjbzETMBEGA1UEChMKQ0ZTU0wgVEVTVDEbMBkGA1UEAxMSQ0ZTU0wgVEVT
-VCBSb290IENBMR4wHAYJKoZIhvcNAQkBFg90ZXN0QHRlc3QubG9jYWwwHhcNMTIx
-MjEyMDIxMDMxWhcNMjIxMDIxMDIxMDMxWjCBjDELMAkGA1UEBhMCVVMxEzARBgNV
-BAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xEzARBgNVBAoT
-CkNGU1NMIFRFU1QxGzAZBgNVBAMTEkNGU1NMIFRFU1QgUm9vdCBDQTEeMBwGCSqG
-SIb3DQEJARYPdGVzdEB0ZXN0LmxvY2FsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAsRp1xSfIDoD/40Bo4Hls3sFn4dav5NgxbZGpVyGF7dJI9u0eEnL4
-BUGssPaUFLWC83CZxujUEiEfE0oKX+uOhhGv3+j5xSTNM764m2eSiN53cdZtK05d
-hwq9uS8LtjKOQeN1mQ5qmiqxBMdjkKgMsVw5lMCgoYKo57kaKFyXzdpNVDzqw+pt
-HWmuNtDQjK3qT5Ma06mYPmIGYhIZYLY7oJGg9ZEaNR0GIw4zIT5JRsNiaSb5wTLw
-aa0n/4vLJyVjLJcYmJBvZWj8g+taK+C4INu/jGux+bmsC9hq14tbOaTNAn/NE0qN
-8oHwcRBEqfOdEYdZkxI5NWPiKNW/Q+AeXQIDAQABo4H6MIH3MB0GA1UdDgQWBBS3
-0veEuqg51fusEM4p/YuWpBPsvTCBxAYDVR0jBIG8MIG5gBS30veEuqg51fusEM4p
-/YuWpBPsvaGBkqSBjzCBjDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju
-aWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xEzARBgNVBAoTCkNGU1NMIFRFU1Qx
-GzAZBgNVBAMTEkNGU1NMIFRFU1QgUm9vdCBDQTEeMBwGCSqGSIb3DQEJARYPdGVz
-dEB0ZXN0LmxvY2FsggwAxK80GDKnBppJDmIwDwYDVR0TBAgwBgEB/wIBADANBgkq
-hkiG9w0BAQUFAAOCAQEAJ7r1EZYDwed6rS0+YKHdkRGRQ5Rz6A9DIVBPXrSMAGj3
-F5EF2m/GJbhpVbnNJTVlgP9DDyabOZNxzdrCr4cHMkYYnocDdgAodnkw6GZ/GJTc
-depbVTR4TpihFNzeDEGJePrEwM1DouGswpu97jyuCYZ3z1a60+a+3C1GwWaJ7Aet
-Uqm+yLTUrMISsfnDPqJdM1NeqW3jiZ4IgcqJkieCCSpag9Xuzrp9q6rjmePvlQkv
-qz020JGg6VijJ+c6Tf5y0XqbAhkBTqYtVamu9gEth9utn12EhdNjTZMPKMjjgFUd
-H0N6yOEuQMl4ky7RxZBM0iPyeob6i4z2LEQilgv9MQ==
+MIIDuTCCAqGgAwIBAgIUcOn8GUmkTPcEdhSLwG3YR8P9FBYwDQYJKoZIhvcNAQEL
+BQAwbDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNGU1NMIFRFU1QxGzAZBgNVBAMMEkNG
+U1NMIFRFU1QgUm9vdCBDQTAeFw0yNTAyMDgyMTM4MTNaFw0zNTAyMDYyMTM4MTNa
+MGwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1T
+YW4gRnJhbmNpc2NvMRMwEQYDVQQKDApDRlNTTCBURVNUMRswGQYDVQQDDBJDRlNT
+TCBURVNUIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx
+GnXFJ8gOgP/jQGjgeWzewWfh1q/k2DFtkalXIYXt0kj27R4ScvgFQayw9pQUtYLz
+cJnG6NQSIR8TSgpf646GEa/f6PnFJM0zvribZ5KI3ndx1m0rTl2HCr25Lwu2Mo5B
+43WZDmqaKrEEx2OQqAyxXDmUwKChgqjnuRooXJfN2k1UPOrD6m0daa420NCMrepP
+kxrTqZg+YgZiEhlgtjugkaD1kRo1HQYjDjMhPklGw2JpJvnBMvBprSf/i8snJWMs
+lxiYkG9laPyD61or4Lgg27+Ma7H5uawL2GrXi1s5pM0Cf80TSo3ygfBxEESp850R
+h1mTEjk1Y+Io1b9D4B5dAgMBAAGjUzBRMB0GA1UdDgQWBBS30veEuqg51fusEM4p
+/YuWpBPsvTAfBgNVHSMEGDAWgBS30veEuqg51fusEM4p/YuWpBPsvTAPBgNVHRMB
+Af8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBxK+nimCu++fe6S+LL2KSGjiNZ
+mMZd2B2RH8Ou9FWC+ZxDzY8sUj6uTl1qlwRSKG5mL/c/lhAHgViLu5fe88ZOkCS5
+Gf2FlL7owhzmv8SkMr03YpNkOamB/tks28ikYdtxRaC1aQnEvwFzhTIsI27RnVUI
+YckIoAmDrPpmWtjUeoEugI32qQGWQh69gSwH5ycwhk+W/dNhR8xILvNz2PFKl7wN
+w2EX+I9saTT9Y/f/0AMu+AiS+KVK665BNHWK2AVS9wBDorAZ4fNPtq1Ar6f0ThmG
+5Fhgxrhw6J3sWFlLFccSmVn3vMHiC3PyBfL0fAo5up+rxHginFuoPOKL7Aly
 -----END CERTIFICATE-----
diff --git a/signer/remote/testdata/client-key.pem b/signer/remote/testdata/client-key.pem
index fc1fef2af..1480a6353 100644
--- a/signer/remote/testdata/client-key.pem
+++ b/signer/remote/testdata/client-key.pem
@@ -1,27 +1,27 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIEpAIBAAKCAQEAyJBFJntZKH0muebXv7hPtZX/gzDnSSQP9zvCG03JHRScghde
-BEuo6b3Y48PeCWsa8RMDM8Oxsmma6MMLG85x9RS6bEgOUV8cjDQmNJon10DpCXqv
-oOwPhWwVSeYSI48zXdzvNc7SLTMOOZ0N3EHAnGQE+G8HoQIuesgRGvX/zdaOmZBM
-W0sp6v8tgWvz8WEabIaq7vygaLpdkBcao38I9IllPhwMnBjLC+xdS461vB19N7kO
-U+RM5x+hiNC0QgpgoqFIeue3aYXQj+u7ToW+Zm25/xbff/R9vDVcTF/kQ5U8KXqP
-9AR8a3TxVXdqy95cPbjh4JKvy1xqbcJakN4yqwIDAQABAoIBAQCysD67s0fTF/Wp
-yS5NRJPXr6UvKCHX+0YyOk6M7veQbi2mhdUgtJvwbFFRU899yqv9PrgqpV6rGwWF
-/UfnZT4IYYhaMrR28OtJSqkDUpjOYal95Y2WLNsDPzGUXmOoxMu6A74nzXVaCdPR
-psiThQ1rCH2ZLaq5W203vQnoYGWg58R4qlkugozaanH5Qmu4Oz3Yk73503KIz8Xg
-wIFVErl5ETPy0InBNk3tdoElJKqd/jWjgd3TRssgMBd5zz5gTXGChHKlpMXY0JEU
-vB2gAPqNzzQdzfrWJ5LiWwK6nJUQNNOzZMo8sEpi2HFPkXE40G/4QJt379x6gUZw
-nOhCvv9BAoGBANf/DXK3R8yEa+iNvzRlaUVcCu5Kxs60Wfrc2yAYM1p8xL8A/tBY
-USzCAhrYq9nbGEOs6R5vYFQo7VQBHvs3ktxzyrQz2/WmeIiSruAor+TOGBUIlSxT
-d/2GWMSWT/OrGmC+NIioxj9Sro1pNNV7VYgGWa3QsTeCgOSOe2IUsK3LAoGBAO21
-gs+17c4i93opfc3/zKVOWU7pMB0NtQFuIVoYTToQMnuLIdqjghpt5nXD43gpduMi
-ztgKe0nu4TlOKL2W6Imz/OOm7j5QvqSuv1+QhbtLpNcD2i/q83rSge6QK8g4gZML
-hDEkC1ylb4WSsUkbwbjDOzewnqVFbPUrm57dhfKhAoGANxerCnONMLEmBO8Csg6b
-x0Eu2JDiHJ8LxFzI12rUzmO8mytZ0zJzogLqHobdbnffvINCAq1N2KmHv0F58YG/
-R9ORBF2l4QZRACTJzgsSsj2PDu5dfizcEiJOSfY89l3SIJLjO2gxCL3CH/eRrlID
-Aur7vMXaLdpvndxpxB6a4fkCgYEAv8AFr4wwMnKec1r48q1/5XEYNcGBYE5oTqkK
-GmU0FrxuHJ6VRotTLgKtPx4vZgT8tCil9jwuS+t4nwNfdeA/4KTiQLmtwXLc9ndI
-RMyONBHG/PNMlA7RLaiVy11dE/wQ+g72KbXLvIZvOa6leDX9xQ8nu7qrnuIsDHGK
-7VIA9UECgYA9tLJbBAz7zT/GnqzxnjzOeNwy6Q+AoSSauLYp/G1hWNf6PjnCTr7n
-KypyEAEhlwlgG37XkXyqkO2gj0RYm9L6VWOyZ5+Ef1upC855/iRoZObRT+/QNEuV
-ulolgerpTGi0v9JbFtQ90tvE1Z6itU+aH75pvemKsyZphw8IjFDQqw==
+MIIEpAIBAAKCAQEA7hbVh/h56cdQwhH8YW/l4NnI3dQ5GrMmU/kwbYv1wCfC6ybj
+FohoHHMspUZmMRtfHmshMfsYpYLd2sGUAKbL4qxgzv+R843AcW0H4gp5z03TO9St
+YbGYYxFJKccKQuhYeOEUa2QQ30yX+R2qD4kd1rd7AswtEoRhy5sdk9SdyGnJ9+u/
+n30PkitchkioolLhg41YwLtCHpMeAOGiz2M7jtt12XOM2jLn3rrWQyAKmB5Mh1T8
+O5e+PWa+sy9GMrewVQvISNem363TntqpG2JfycgEqxOT9aEn5Imftug02mu3Dg3C
+a7AUDPuNqtOvNiwWXaUoUqhV7sR6vwpkY3HW6QIDAQABAoIBAQCKd8c6K/2jQ+Mo
+61LvzCdSrPaQZNPNPnHFFsDehS6o0bcgEd6yhSSfnzBQ8u+OEdAxHbcRnWpJICIt
+DrYn5tne+8fVu3dDwaYxkWqrQNJ1CVsXiepITgRFYZE+dd726LBDpQu+JVVWuPIN
+1P3JyUIMVWt6RgrUoR9LTexWxKn7GsRJR8/jkS51miE4whjk9IF4NKCKIsV39lPH
+XjzhKcX5+JIE3IHrZ7IbkHHwQaOQ4IxqisVTG7iw0jAAwaKpo+hYnWENxBsvZ3hC
+wWJHsPyDYuZSPQSS1Mlb/K+GXWrcCY8F+2TvfL0voO+Brh8zdl8gYOQPRdDe/MnP
+iMpEmZcBAoGBAPTlBwl9SbGoIQumEeci1W73FgnW3QrbA6VYtdmdyEqSccbfPe9q
+TDqN49IiYXWIA2MES7yU7sPQsyReAvh9koYkGGCEjldIQY6rfqrjT8i5/BhJm6i1
+gRmU5u/E4zijt9duubaN3dZGajQw6YpUG/WoEp7BRtvf3AeewYGkhlNJAoGBAPji
+zXAGKKI4/uYmseKmfzKW2WC4eroOcN2rLFd6/7p7sZ/J1xu95VZEmvy8Kt+08Osk
+s49qy6ME2gQLWPjnLDQs15Z3OFGFvZvM5XCIm8svowWRFhSqYMnUvIP8RqatASj5
+/eMvcwKRLWgnho8gsM9LGGosfil8/L3dhnUVJcahAoGADgFbGavUnxhia2wf8fwI
+AMSYug9TrN9Boh8kp0FixwEBCMKTpDGMEn0y3j2hHTueFfeU7UAHN6Oj2xyVRujH
+jGxcCIkMKumy9hnQsK03Tt90D1+GS2u16mSdoHC+HesfBG8Mp+gNG8gDIuD5OjP9
+NVtbVUDwcHqo9raZknR6SiECgYBavK0zOzuTMP5VQCQ4QoU7F1328irkLCGf3ykS
+V6hl/3SZkceXuJqk4ewzWhKzbk8rGz1Pexr0uu8U7GIqlHU8LGEI3TwuFHk1FPVN
+GrDZ2eswO132eMtCqgl0gQPs/kPfAY07R3BBrlYEk+xtv/hWCsXC56ezTnsCaYH8
+q5ITIQKBgQDFnr8j+2boqWG/6qm4cOfTwfT53NA3RL3h1wHew4Rx/1V90GF6FhgR
+ya31hw9UKQO+xYNrq1daVEyT3mSOy03PnkSS+p9SizK3O20V//bu+jy00BhbqHKN
+Fce/OXGzfSC0tRTfDQ8by/5bpfDzCIxBUa0xciS90t64du0wD+dk8Q==
 -----END RSA PRIVATE KEY-----
diff --git a/signer/remote/testdata/client.pem b/signer/remote/testdata/client.pem
index 1de1fd977..e9b1956a1 100644
--- a/signer/remote/testdata/client.pem
+++ b/signer/remote/testdata/client.pem
@@ -1,25 +1,24 @@
 -----BEGIN CERTIFICATE-----
-MIIEJDCCAwygAwIBAgIUYRe+hYgCfPCwveQUVzIBwS24tegwDQYJKoZIhvcNAQEL
-BQAwgYwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
-Ew1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKEwpDRlNTTCBURVNUMRswGQYDVQQDExJD
-RlNTTCBURVNUIFJvb3QgQ0ExHjAcBgkqhkiG9w0BCQEWD3Rlc3RAdGVzdC5sb2Nh
-bDAeFw0xNjA1MjAyMTQ5MDBaFw0yMTA1MTkyMTQ5MDBaMIGEMQswCQYDVQQGEwJV
-UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzET
-MBEGA1UEChMKQ2xvdWRGbGFyZTEcMBoGA1UECxMTU3lzdGVtcyBFbmdpbmVlcmlu
-ZzEVMBMGA1UEAxMMY2Zzc2wtY2xpZW50MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAyJBFJntZKH0muebXv7hPtZX/gzDnSSQP9zvCG03JHRScghdeBEuo
-6b3Y48PeCWsa8RMDM8Oxsmma6MMLG85x9RS6bEgOUV8cjDQmNJon10DpCXqvoOwP
-hWwVSeYSI48zXdzvNc7SLTMOOZ0N3EHAnGQE+G8HoQIuesgRGvX/zdaOmZBMW0sp
-6v8tgWvz8WEabIaq7vygaLpdkBcao38I9IllPhwMnBjLC+xdS461vB19N7kOU+RM
-5x+hiNC0QgpgoqFIeue3aYXQj+u7ToW+Zm25/xbff/R9vDVcTF/kQ5U8KXqP9AR8
-a3TxVXdqy95cPbjh4JKvy1xqbcJakN4yqwIDAQABo4GDMIGAMA4GA1UdDwEB/wQE
-AwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMB0GA1UdDgQW
-BBRMi8eLJlU4K+Iik9ohf5JgggF+IjAfBgNVHSMEGDAWgBS30veEuqg51fusEM4p
-/YuWpBPsvTALBgNVHREEBDACggAwDQYJKoZIhvcNAQELBQADggEBAA9LWqAYfpJj
-ELOQhoBeMDMClIbXC05kK8mXqVNwGxGAD2CZdR6/czbOwVgGNalubT4XXxjLpmg/
-+XIbTc3LAH1CVp7YnZUXP7/DZTHNjP6dmdDDBsH51x/Wx2dPXWeI+lbyesC+6zqN
-4I60pFBNzWWtYhwwtMVCpQqzYGbm+6PYQrmxC4L64OBooj8C7tHibEjYV8D0f5qb
-clvl3Zx4wPWiIk0NPQ9gZn9OUfUb4WAWVvrKrWK1XFrkGTq48C5SStDO63WRLUsu
-u6WNjAWD+5CG6XyCX85E/yvCHvWR2e/DIoQvkvagMClNDaAUAs+mdtG3cQ4oz+0F
-YHEznRlwemo=
+MIIEAzCCAuugAwIBAgIUdTh1VcpCV698YecqTUUrD1SXL8kwDQYJKoZIhvcNAQEL
+BQAwbDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNGU1NMIFRFU1QxGzAZBgNVBAMMEkNG
+U1NMIFRFU1QgUm9vdCBDQTAeFw0yNTAyMDgyMTQyMDBaFw0zMDAyMDcyMTQyMDBa
+MIGEMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN
+U2FuIEZyYW5jaXNjbzETMBEGA1UEChMKQ2xvdWRGbGFyZTEcMBoGA1UECxMTU3lz
+dGVtcyBFbmdpbmVlcmluZzEVMBMGA1UEAxMMY2Zzc2wtY2xpZW50MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7hbVh/h56cdQwhH8YW/l4NnI3dQ5GrMm
+U/kwbYv1wCfC6ybjFohoHHMspUZmMRtfHmshMfsYpYLd2sGUAKbL4qxgzv+R843A
+cW0H4gp5z03TO9StYbGYYxFJKccKQuhYeOEUa2QQ30yX+R2qD4kd1rd7AswtEoRh
+y5sdk9SdyGnJ9+u/n30PkitchkioolLhg41YwLtCHpMeAOGiz2M7jtt12XOM2jLn
+3rrWQyAKmB5Mh1T8O5e+PWa+sy9GMrewVQvISNem363TntqpG2JfycgEqxOT9aEn
+5Imftug02mu3Dg3Ca7AUDPuNqtOvNiwWXaUoUqhV7sR6vwpkY3HW6QIDAQABo4GD
+MIGAMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDAjAMBgNVHRMB
+Af8EAjAAMB0GA1UdDgQWBBRAKewk7YKPCXMsb/Qfn04HmabtkTAfBgNVHSMEGDAW
+gBS30veEuqg51fusEM4p/YuWpBPsvTALBgNVHREEBDACggAwDQYJKoZIhvcNAQEL
+BQADggEBAKxlLcJqT/gMicxga0OIAHAZ+DgxtKLrV8HjSeBSMQL6bhOvoftjiDlb
+Q0ECyfax3ErWGDJNqz0208DOCBtGR5EcrQafQa18Hw9bxGwDxFydUJVQTkFSuMbv
+Jl7fcjEo0akyqjTzo5SbsOtgl2q2ZPcFgODed6qa7fKEiaNZcrj2qmxrIBuXC/AI
+6R53vdyZYbve70RudD73GGRow8aHtJk0MSRi5N5stZGS4miYSvJsZCWIZ6wHvilv
+PkV760GaTfqxL5UXHTr6G9cgyNt+s6sLMkMQb6WqA+M/KxM28bq9MR80rmmkZ8TG
+I1QS3kdMEIkcxUDQV9yWRvd70Mc57yM=
 -----END CERTIFICATE-----
diff --git a/signer/remote/testdata/server-key.pem b/signer/remote/testdata/server-key.pem
index 883badd64..ee8951db0 100644
--- a/signer/remote/testdata/server-key.pem
+++ b/signer/remote/testdata/server-key.pem
@@ -1,27 +1,27 @@
 -----BEGIN RSA PRIVATE KEY-----
-MIIEogIBAAKCAQEAr4iTE5JBbR1eRUgomoJ2wSbg7D29GBdj9LTKybjvNUHEO9t/
-uwDTN2/LRT087C4PZDJv6Pg4mwEBd673VfuQ+0lmqQtLalZK8K41FBUyZ3bGKIrv
-S7NMebrN90gAk3gx/TX7B6N8SDuXucEHVzWqbtJWCKNFOcZNZJjqo9xVKcWjlTIT
-ZCkBZHHLsE6jsRc4/SqSIAP3bxT3YqdOapJDtFUBB4nf/4jqsXdaxqge9vS4KtWK
-+M53/npivw4OW4jpVKokjYYiKU/S+DcJA0eBG+JssMHt3N+rW90kZ4NRjbtUff79
-yCf8v04B95rTqYFUWuQ0y/4sGB3EmfX32Si07QIDAQABAoIBACvYX3R6CeGpfkyr
-84h0ohkpDvGzkjIcVZlgN28fxJB29v9EmqkpUZj9UbbfzwHnl2ydtJpqtijxnV45
-1AokJli+Quhiq9nJ6DoqKZP0n3x8jI6/9XnhNW8KnDvyPkKXuVTYUPXdfkPErud1
-MdI003ePDnJl5frCb756+9EmThd6nmzrepilG0NytqXt/zcibNeLgIN/k+5wAYeM
-99cv7F7yE+y52jv8uuCWDrTYiPx5Fk86bOkeosjl7gocJ0p0AKuVyLUepOG/LyFD
-wUKWZTQU8yIn+2/M9FZqpgNHJRUyE7W01drig9BeeBDbhqjvQ8SMPTyPQin+KLuX
-nAoff/kCgYEAxQ/ORU8ZGLr1zCz9oIXIg8fggJuFTjsj1+EGC8d3fb4cqkRjTXOB
-b/C+RyX3P7Bb2bO4eOXc6a32yID/AD2SazP0FjNrvCeHzrS5DKoQYRfcUc5lKObv
-pJqFkXrSAkrK/96rq4DZihryeud439SMoW4FhXrh9XrkQ/C0kFOSRFMCgYEA5Ahw
-2t9dWfgNRuhciRwU0KNoyABpZtVcryrUSDu1GX0EB9aru9WzvPnx2uCp5mwgyREr
-1L9ZFVfqXPh/EQQrrUSsGwFBjpEXGg522LALf0714nmZY9mQQUCneq+vVWLqr8Qh
-MREpH66spxHT9LNNo5JC1hZlY7oWhhtxA2jB+b8CgYBvMPrvqrD7fkrA+UXm9HXu
-vbJUfuxZ9w7DecoCjXtD7SiZflsV0a3gbtO+q5J2UlmRXlIhjXn4NNvByN+Z0CQ0
-7yyz9jG9CgUcQmcD2VXCo0cCtdXonV3s3++r5cRn3LHsbEUrUVnuDkRxyvguO+1a
-DQ16gprK+5ufJkuMAEvQ1wKBgEl6ptMActZQ5gZZTago0lRAs7zu1Qf77LfNN0Zn
-Zv3lmOzlscT/IcHdUJ/VESpc4VupGtSdLBmCkNSQhnF3RJO6szKofvVvr2AIFSfR
-4oKNcRIfWNwh+Sftq4oPHpKHI1SsAH4NJ5E7+gqD5ibNuFDjCoJuCRHPnv5rzUjp
-8seFAoGACLJNr+edISc0SBOAWLv/CF54veQSgcsiR6dTWVgo1H7cI0pUO53bqHZ1
-KGPLPdQUrkgfN0EC/vJby8kTRnSCBHNMcJAOjgfaLCQHnKXhg9sCUX9HSm+95Ptq
-B/pQESVbHtsDMyp6kfHpzd86qM7CF7GggvqcncWqLHCYyqrEdsw=
+MIIEowIBAAKCAQEAuGKO/P24lXG0MRi/zuY7Cp8IwQaziqMl4ti+w7aHIY115JF5
+SZOCwIzBtr7knxwmQC0CgoFWQn2f51GQsN/vO0g9CvnxFzcYRR4ARdlPNBUfvf9F
++qhJVORMZ6j1ffwg88sJ6zu1scloDXbi7kkrsqVMnseNemvVHBeWuL3HCtR+ebOU
+0Ixmey0OX2C5VsBqeyimadwgwiWQKR9TqxJ1KXrqYTvG9xbkxWierhXw3g0P8Bep
+M5VWvB55ypGWkyjE2D/RfNJQNEzNu51pBxVHPaFlMVLK/sCiEhpTUSEEQJP7SRtR
+IhW9iV46tfapdWyzfY6BkDuS0UAE787nss85BwIDAQABAoIBAAfa6wyMIpj7Rxnw
+W/uMg2dobw8KIgv991c6tKXR2N/tDuC18dzYk/FwDbCjYUoGAPsq77hvmiUrBOzt
+5KQkZiS4ZyFYlJTQnBAVvx06rM0jOT726RxMnxMmxrqD0DGV1DGOrNWArbTtR6mL
+Lw/HvjzWHfWFutlETsfrmVg1fY1Qfa/THU1IoLQN0TOPQ3d3p6EjeCTknGRUtfP6
+TB9lQj+aO3qJNR+ocrSrwyLImzaGAaoxojDPrlvvd05c375Z0/Id9zl6f48ei8Nw
+LHjpG6zM7AGN3hhthrYQVJxoYgaRlPFBhMRi+3hw4a2GcMhVgZPgVN492jb8rv1/
+xhexRgECgYEA2F45OExSBmt4ITAs5buOFzuiqujJBe/er/fOCLUaKrjz1qdYgC9M
+ITUafunh0miJPHC5qyUbofLgGzCsM4aok4ZDIlJX2SdTGD5/4oH9V4GMP4eBKHQs
+mN///bgjk8RYCCGG2HyER8D1ZsnfTeKpGyF/Y1vD5rWprUQd430b9KECgYEA2iib
+oioxweyiG0UqYUr0yr1nylMo/iCpsS8YEZc39OeuZ6TrYF/ar0oG/WySMZxHqO9L
+QJVFs7iSbXiBEVT5v0MkK+qA+Lx2JM1xJ8u701Gqtk6wqJDZEO9wpR4Ilf28umm8
+/xLi5Pb0vJh1Z2wLTiWaa1sYRbRC5/mO8eusJKcCgYBYpcol0cctkCyI1HcgrMZb
+qHhOM8/g2dVQHWRR1vlglaR5xtiQtFAprtsrMmHuVhwcIkc/4pU+tgaxvTBgcARz
+ZOfukPQjKWR3I2w7/mwwxQgUI018qJR5EhWM+zvAWAqFUk8wNVvxFhK1SXJvM7V7
+Qy8xIzDRPo7FSYpBYUnp4QKBgEhoYf+Y8Zrj54oVktNoBYelBeXpZBm0zZ25e8ua
+3T+0Bfbwjg8WwYack2VZu8wrir1PbzKoWNIl2LPs4ynVgm8w4biRxOzJ4Iymg4Ap
+5tVkrbyEsa3BJcqxLjoflcnyxck5fzlKE3TbYq+WCqGhAr+VS4OGYLAB/JLyCbfR
++PjRAoGBANATNIlYL0qL72m4AccXFnU0G6/Idi7Zx0cX0lcTOKe3HBtbjnhUkUaG
+pllJwbVWGWAOsfj4mKsaIWoDaHswenlSg6YUt4aK6rdfmDC7W2sfpdLocJ3pdVfV
+GIaSCDrlULpZLUHlmXdbZgEI9WlMfmZ80/DDwTFYheT+0ZJbQB6n
 -----END RSA PRIVATE KEY-----
diff --git a/signer/remote/testdata/server.pem b/signer/remote/testdata/server.pem
index edcef4319..3e838a795 100644
--- a/signer/remote/testdata/server.pem
+++ b/signer/remote/testdata/server.pem
@@ -1,26 +1,25 @@
 -----BEGIN CERTIFICATE-----
-MIIEUTCCAzmgAwIBAgIUXR5U9pE7jlP18swTYs/jyx2Ml+swDQYJKoZIhvcNAQEL
-BQAwgYwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
-Ew1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKEwpDRlNTTCBURVNUMRswGQYDVQQDExJD
-RlNTTCBURVNUIFJvb3QgQ0ExHjAcBgkqhkiG9w0BCQEWD3Rlc3RAdGVzdC5sb2Nh
-bDAeFw0xNjA1MjAyMjM5MDBaFw0yMTA1MTkyMjM5MDBaMIGJMQswCQYDVQQGEwJV
-UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzET
-MBEGA1UEChMKQ2xvdWRGbGFyZTEcMBoGA1UECxMTU3lzdGVtcyBFbmdpbmVlcmlu
-ZzEaMBgGA1UEAxMRQ2xvdWRGbGFyZSBzZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUA
-A4IBDwAwggEKAoIBAQCviJMTkkFtHV5FSCiagnbBJuDsPb0YF2P0tMrJuO81QcQ7
-23+7ANM3b8tFPTzsLg9kMm/o+DibAQF3rvdV+5D7SWapC0tqVkrwrjUUFTJndsYo
-iu9Ls0x5us33SACTeDH9NfsHo3xIO5e5wQdXNapu0lYIo0U5xk1kmOqj3FUpxaOV
-MhNkKQFkccuwTqOxFzj9KpIgA/dvFPdip05qkkO0VQEHid//iOqxd1rGqB729Lgq
-1Yr4znf+emK/Dg5biOlUqiSNhiIpT9L4NwkDR4Eb4mywwe3c36tb3SRng1GNu1R9
-/v3IJ/y/TgH3mtOpgVRa5DTL/iwYHcSZ9ffZKLTtAgMBAAGjgaswgagwDgYDVR0P
-AQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYD
-VR0OBBYEFA4TXS/5eNPNhIrbwBXPlGjvo1RvMB8GA1UdIwQYMBaAFLfS94S6qDnV
-+6wQzin9i5akE+y9MDMGA1UdEQQsMCqCDmNsb3VkZmxhcmUuY29tghJ3d3cuY2xv
-dWRmbGFyZS5jb22HBH8AAAEwDQYJKoZIhvcNAQELBQADggEBAFLGyH1mdZuIgh75
-Qp5XN957iwjZx5TJbD2hxInrovv8tDiJZex4EsMAlGTNs9yoDWlteBRDNX/x//eZ
-BVeKesJBv2Sq8qz4whZUVhsxyOysHULPPk5RY3P7aMNdHmtnEq50zQ4tEa9b3IT5
-hlH5S2g9/KsmdY5sUoX/KPNkgTvx4WqvjUgaY1bcCZnbIR6g9B5kHes4d9eJYRIo
-2sjaB+FsPs9bZ1BiM45IjEcPU1ecE3FCQ76Ov+5aGMtSli2T8O+t+ob5aLObe7uX
-KPcaKXj+n2lTRBsDEQuX9OWvBND6e3YBaR5KOxZQC68ICfAhdrjFGN+IodCUWlgl
-gape5pc=
+MIIEMDCCAxigAwIBAgIUd6tO8qVnZO/2pxWUxglf3XV3MpAwDQYJKoZIhvcNAQEL
+BQAwbDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNGU1NMIFRFU1QxGzAZBgNVBAMMEkNG
+U1NMIFRFU1QgUm9vdCBDQTAeFw0yNTAyMDgyMTQzMDBaFw0zMDAyMDcyMTQzMDBa
+MIGJMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMN
+U2FuIEZyYW5jaXNjbzETMBEGA1UEChMKQ2xvdWRGbGFyZTEcMBoGA1UECxMTU3lz
+dGVtcyBFbmdpbmVlcmluZzEaMBgGA1UEAxMRQ2xvdWRGbGFyZSBzZXJ2ZXIwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Yo78/biVcbQxGL/O5jsKnwjB
+BrOKoyXi2L7DtochjXXkkXlJk4LAjMG2vuSfHCZALQKCgVZCfZ/nUZCw3+87SD0K
++fEXNxhFHgBF2U80FR+9/0X6qElU5ExnqPV9/CDzywnrO7WxyWgNduLuSSuypUye
+x416a9UcF5a4vccK1H55s5TQjGZ7LQ5fYLlWwGp7KKZp3CDCJZApH1OrEnUpeuph
+O8b3FuTFaJ6uFfDeDQ/wF6kzlVa8HnnKkZaTKMTYP9F80lA0TM27nWkHFUc9oWUx
+Usr+wKISGlNRIQRAk/tJG1EiFb2JXjq19ql1bLN9joGQO5LRQATvzueyzzkHAgMB
+AAGjgaswgagwDgYDVR0PAQH/BAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwG
+A1UdEwEB/wQCMAAwHQYDVR0OBBYEFOCNRPyWGduIgabJFh4dhIAafM/DMB8GA1Ud
+IwQYMBaAFLfS94S6qDnV+6wQzin9i5akE+y9MDMGA1UdEQQsMCqCDmNsb3VkZmxh
+cmUuY29tghJ3d3cuY2xvdWRmbGFyZS5jb22HBH8AAAEwDQYJKoZIhvcNAQELBQAD
+ggEBAC3ePC0REiDDGiCa+YiiK5ymNAn5/MTqkKNaOUnDSYZnjfkNyj+DuVDTmbYA
+3rTiHiMmz8LCIrh7x3sSt6pzCb1TxDE1stQhLcrNhGWA1gTbBNyWTYDh1JUaXJ8Z
+R8h7tHCNK2aIxSa3hFwAcdvIEkfw8E+MuncC97prPRt4UxtCAp/Bg0kQ93QCo4se
+D0Vcz8JyJWy+KqpQgFafAY73l15PG/7Gi13pBqwyUxSmVAlY+ggmrGz/8EqIrNgb
+5SJ5rcSS3dChkBwOfGJwpba8PUEfVOSeTm2LntgJDoG0KSIhKk13HLF5e3VPnvw3
+N3b8EndBKVvNb+wKuHBSs4MAwzs=
 -----END CERTIFICATE-----
diff --git a/ubiquity/testdata/godzilla.pem b/ubiquity/testdata/godzilla.pem
index c21f0a3b8..f27997f69 100644
--- a/ubiquity/testdata/godzilla.pem
+++ b/ubiquity/testdata/godzilla.pem
@@ -1,19 +1,20 @@
 -----BEGIN CERTIFICATE-----
-MIICyDCCAjGgAwIBAgIJAPCgd7rafQZGMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp
-c2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQLDAtERVZfVEVTVElORzEW
-MBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTAeFw0xNDA0MTExNjQyMjBaFw0yNDA0MDgx
-NjQyMjBaMH0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYD
-VQQHDA1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQL
-DAtERVZfVEVTVElORzEWMBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTCBnzANBgkqhkiG
-9w0BAQEFAAOBjQAwgYkCgYEAm6f+jkP2t5q/vM0YAUZZkhq/EAYD+L1CMS59jJOL
-omfDnKUWOGKi/k7URBg1HNL3vm7/ESDazZWFy9l/nibWxNkSUPkQIrvrGsNivkRU
-zXkwgNX8IN8LOYAQ3BWxAqitXTpLjf4FeCTB6G59v9eYlAX3kicXRdY+cqhEvLFb
-u3MCAwEAAaNQME4wHQYDVR0OBBYEFLhe765nULfW8wflar5Vs2c6DZI+MB8GA1Ud
-IwQYMBaAFLhe765nULfW8wflar5Vs2c6DZI+MAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADgYEABYqqOUq3ZrtMYaTAoeA7Cr/OBMjBV+/TiOe8fRNoPZ7+aKSg
-E1baohCGqougm+/XOtBXeLv5tVQihz/2iKdwHmX4HjkxzevAXyazjxeW4IDA21Jl
-fKd7xUJHM0Du/opoDkXWr/vRVztOB33ndlAK7ruSLfTR3E9HoUe3aRH7ceQ=
+MIIC1jCCAj+gAwIBAgIUJhxh1ENJRZoFuCN+XB0xlP1zgeYwDQYJKoZIhvcNAQEL
+BQAwfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxhcmUxFDASBgNVBAsMC0RF
+Vl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NBMB4XDTI1MDIwODIwMTYy
+N1oXDTM1MDIwNjIwMTYyN1owfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlm
+b3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxh
+cmUxFDASBgNVBAsMC0RFVl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NB
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbp/6OQ/a3mr+8zRgBRlmSGr8Q
+BgP4vUIxLn2Mk4uiZ8OcpRY4YqL+TtREGDUc0ve+bv8RINrNlYXL2X+eJtbE2RJQ
++RAiu+saw2K+RFTNeTCA1fwg3ws5gBDcFbECqK1dOkuN/gV4JMHobn2/15iUBfeS
+JxdF1j5yqES8sVu7cwIDAQABo1MwUTAdBgNVHQ4EFgQUuF7vrmdQt9bzB+VqvlWz
+ZzoNkj4wHwYDVR0jBBgwFoAUuF7vrmdQt9bzB+VqvlWzZzoNkj4wDwYDVR0TAQH/
+BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQALmrNPUPlCyhabvgC8RsMZPhJjtxr9
+TotLuoa49zsHH18djRZLrm8mNzBwUVVNJ1hgwSpRnyrc7T4HQTTvjpCnyXEVRil/
+9HQbpVPBSw5W6oK3koLG0rFnZXHocqK+Qri4FkbwsTK5qlea35OJWkODiUY/ykVM
+E4sm6QDE79e0Iw==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIDfDCCAwKgAwIBAgIIUYJhG37C300wCgYIKoZIzj0EAwMwgYwxCzAJBgNVBAYT
diff --git a/ubiquity/testdata/macrosoft.pem b/ubiquity/testdata/macrosoft.pem
index 547e921f9..79ba2c1c5 100644
--- a/ubiquity/testdata/macrosoft.pem
+++ b/ubiquity/testdata/macrosoft.pem
@@ -1,19 +1,20 @@
 -----BEGIN CERTIFICATE-----
-MIICyDCCAjGgAwIBAgIJAPCgd7rafQZGMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp
-c2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQLDAtERVZfVEVTVElORzEW
-MBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTAeFw0xNDA0MTExNjQyMjBaFw0yNDA0MDgx
-NjQyMjBaMH0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYD
-VQQHDA1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQL
-DAtERVZfVEVTVElORzEWMBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTCBnzANBgkqhkiG
-9w0BAQEFAAOBjQAwgYkCgYEAm6f+jkP2t5q/vM0YAUZZkhq/EAYD+L1CMS59jJOL
-omfDnKUWOGKi/k7URBg1HNL3vm7/ESDazZWFy9l/nibWxNkSUPkQIrvrGsNivkRU
-zXkwgNX8IN8LOYAQ3BWxAqitXTpLjf4FeCTB6G59v9eYlAX3kicXRdY+cqhEvLFb
-u3MCAwEAAaNQME4wHQYDVR0OBBYEFLhe765nULfW8wflar5Vs2c6DZI+MB8GA1Ud
-IwQYMBaAFLhe765nULfW8wflar5Vs2c6DZI+MAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADgYEABYqqOUq3ZrtMYaTAoeA7Cr/OBMjBV+/TiOe8fRNoPZ7+aKSg
-E1baohCGqougm+/XOtBXeLv5tVQihz/2iKdwHmX4HjkxzevAXyazjxeW4IDA21Jl
-fKd7xUJHM0Du/opoDkXWr/vRVztOB33ndlAK7ruSLfTR3E9HoUe3aRH7ceQ=
+MIIC1jCCAj+gAwIBAgIUJhxh1ENJRZoFuCN+XB0xlP1zgeYwDQYJKoZIhvcNAQEL
+BQAwfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxhcmUxFDASBgNVBAsMC0RF
+Vl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NBMB4XDTI1MDIwODIwMTYy
+N1oXDTM1MDIwNjIwMTYyN1owfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlm
+b3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxh
+cmUxFDASBgNVBAsMC0RFVl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NB
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbp/6OQ/a3mr+8zRgBRlmSGr8Q
+BgP4vUIxLn2Mk4uiZ8OcpRY4YqL+TtREGDUc0ve+bv8RINrNlYXL2X+eJtbE2RJQ
++RAiu+saw2K+RFTNeTCA1fwg3ws5gBDcFbECqK1dOkuN/gV4JMHobn2/15iUBfeS
+JxdF1j5yqES8sVu7cwIDAQABo1MwUTAdBgNVHQ4EFgQUuF7vrmdQt9bzB+VqvlWz
+ZzoNkj4wHwYDVR0jBBgwFoAUuF7vrmdQt9bzB+VqvlWzZzoNkj4wDwYDVR0TAQH/
+BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQALmrNPUPlCyhabvgC8RsMZPhJjtxr9
+TotLuoa49zsHH18djRZLrm8mNzBwUVVNJ1hgwSpRnyrc7T4HQTTvjpCnyXEVRil/
+9HQbpVPBSw5W6oK3koLG0rFnZXHocqK+Qri4FkbwsTK5qlea35OJWkODiUY/ykVM
+E4sm6QDE79e0Iw==
 -----END CERTIFICATE-----
 -----BEGIN CERTIFICATE-----
 MIIDfDCCAwKgAwIBAgIIUYJhG37C300wCgYIKoZIzj0EAwMwgYwxCzAJBgNVBAYT
diff --git a/ubiquity/testdata/pineapple.pem b/ubiquity/testdata/pineapple.pem
index b03e14bd6..ffe3b4556 100644
--- a/ubiquity/testdata/pineapple.pem
+++ b/ubiquity/testdata/pineapple.pem
@@ -1,17 +1,18 @@
 -----BEGIN CERTIFICATE-----
-MIICyDCCAjGgAwIBAgIJAPCgd7rafQZGMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNV
-BAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNp
-c2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQLDAtERVZfVEVTVElORzEW
-MBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTAeFw0xNDA0MTExNjQyMjBaFw0yNDA0MDgx
-NjQyMjBaMH0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYD
-VQQHDA1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKDApDbG91ZEZsYXJlMRQwEgYDVQQL
-DAtERVZfVEVTVElORzEWMBQGA1UEAwwNQ0ZTU0xfVEVTVF9DQTCBnzANBgkqhkiG
-9w0BAQEFAAOBjQAwgYkCgYEAm6f+jkP2t5q/vM0YAUZZkhq/EAYD+L1CMS59jJOL
-omfDnKUWOGKi/k7URBg1HNL3vm7/ESDazZWFy9l/nibWxNkSUPkQIrvrGsNivkRU
-zXkwgNX8IN8LOYAQ3BWxAqitXTpLjf4FeCTB6G59v9eYlAX3kicXRdY+cqhEvLFb
-u3MCAwEAAaNQME4wHQYDVR0OBBYEFLhe765nULfW8wflar5Vs2c6DZI+MB8GA1Ud
-IwQYMBaAFLhe765nULfW8wflar5Vs2c6DZI+MAwGA1UdEwQFMAMBAf8wDQYJKoZI
-hvcNAQEFBQADgYEABYqqOUq3ZrtMYaTAoeA7Cr/OBMjBV+/TiOe8fRNoPZ7+aKSg
-E1baohCGqougm+/XOtBXeLv5tVQihz/2iKdwHmX4HjkxzevAXyazjxeW4IDA21Jl
-fKd7xUJHM0Du/opoDkXWr/vRVztOB33ndlAK7ruSLfTR3E9HoUe3aRH7ceQ=
+MIIC1jCCAj+gAwIBAgIUJhxh1ENJRZoFuCN+XB0xlP1zgeYwDQYJKoZIhvcNAQEL
+BQAwfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcM
+DVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxhcmUxFDASBgNVBAsMC0RF
+Vl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NBMB4XDTI1MDIwODIwMTYy
+N1oXDTM1MDIwNjIwMTYyN1owfTELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlm
+b3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28xEzARBgNVBAoMCkNsb3VkRmxh
+cmUxFDASBgNVBAsMC0RFVl9URVNUSU5HMRYwFAYDVQQDDA1DRlNTTF9URVNUX0NB
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbp/6OQ/a3mr+8zRgBRlmSGr8Q
+BgP4vUIxLn2Mk4uiZ8OcpRY4YqL+TtREGDUc0ve+bv8RINrNlYXL2X+eJtbE2RJQ
++RAiu+saw2K+RFTNeTCA1fwg3ws5gBDcFbECqK1dOkuN/gV4JMHobn2/15iUBfeS
+JxdF1j5yqES8sVu7cwIDAQABo1MwUTAdBgNVHQ4EFgQUuF7vrmdQt9bzB+VqvlWz
+ZzoNkj4wHwYDVR0jBBgwFoAUuF7vrmdQt9bzB+VqvlWzZzoNkj4wDwYDVR0TAQH/
+BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQALmrNPUPlCyhabvgC8RsMZPhJjtxr9
+TotLuoa49zsHH18djRZLrm8mNzBwUVVNJ1hgwSpRnyrc7T4HQTTvjpCnyXEVRil/
+9HQbpVPBSw5W6oK3koLG0rFnZXHocqK+Qri4FkbwsTK5qlea35OJWkODiUY/ykVM
+E4sm6QDE79e0Iw==
 -----END CERTIFICATE-----
diff --git a/ubiquity/ubiquity_crypto.go b/ubiquity/ubiquity_crypto.go
index 172f0e03f..2b71572ca 100644
--- a/ubiquity/ubiquity_crypto.go
+++ b/ubiquity/ubiquity_crypto.go
@@ -6,8 +6,9 @@ import (
 	"crypto/elliptic"
 	"crypto/rsa"
 	"crypto/x509"
-	"github.com/cloudflare/cfssl/helpers"
 	"math"
+
+	"github.com/cloudflare/cfssl/helpers"
 )
 
 // HashUbiquity represents a score for how ubiquitous a given hash
@@ -132,9 +133,9 @@ func CompareChainKeyAlgoUbiquity(chain1, chain2 []*x509.Certificate) int {
 	return int(kau1) - int(kau2)
 }
 
-// CompareExpiryUbiquity ranks two certificate chains based on the exiry dates of intermediates and roots.
+// CompareExpiryUbiquity ranks two certificate chains based on the expiry dates of intermediates and roots.
 // Certs expire later are ranked higher than ones expire earlier. The ranking between chains are determined by
-// the first pair of intermediates, scanned from the root level,  that ar ranked differently.
+// the first pair of intermediates, scanned from the root level, that are ranked differently.
 func CompareExpiryUbiquity(chain1, chain2 []*x509.Certificate) int {
 	for i := 0; ; i++ {
 		if i >= len(chain1) || i >= len(chain2) {
diff --git a/ubiquity/ubiquity_test.go b/ubiquity/ubiquity_test.go
index a925c93ed..2de8ada6f 100644
--- a/ubiquity/ubiquity_test.go
+++ b/ubiquity/ubiquity_test.go
@@ -186,15 +186,15 @@ func TestChainExpiryUbiquity(t *testing.T) {
 	chain1 := []*x509.Certificate{ecdsa256Cert, rsa2048Cert}
 	chain2 := []*x509.Certificate{ecdsa256Cert, rsa1024Cert}
 
-	// CompareExpiryUbiquity should return > 0 because chain1
-	// has a better expiry ubiquity than chain2.
-	if CompareExpiryUbiquity(chain1, chain2) <= 0 {
+	// CompareExpiryUbiquity should return < 0 because chain1
+	// has a worse expiry ubiquity than chain2.
+	if CompareExpiryUbiquity(chain1, chain2) < 0 {
 		t.Fatal("Incorrect chain expiry ubiquity")
 	}
 
-	// CompareExpiryUbiquity should return < 0 because chain1 has
-	// a better expiry ubiquity than chain2.
-	if CompareExpiryUbiquity(chain2, chain1) >= 0 {
+	// CompareExpiryUbiquity should return > 0 because chain2 has
+	// a better expiry ubiquity than chain1.
+	if CompareExpiryUbiquity(chain2, chain1) > 0 {
 		t.Fatal("Incorrect chain expiry ubiquity")
 	}
 

From dd8f9ef9972b61f6bf26299e45cab04326b4f7e4 Mon Sep 17 00:00:00 2001
From: Andrew Mitchell 
Date: Wed, 12 Feb 2025 22:21:36 -0500
Subject: [PATCH 71/73] Github actions linter uses golangci-lint@v1.57

---
 .github/workflows/go.yml | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 61734bcec..491ad397f 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -10,7 +10,10 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        go: [stable, oldstable]
+        # starting with go 1.24 the GODEBUG=x509sha1=1 flag has been removed. 
+        # many tests rely on sha1 certificates. After resolving #1413 we can
+        # run these on stable and old stable again.
+        go: ['1.23', '1.22']
     services:
       # Label used to access the service container
       postgres:
@@ -76,4 +79,9 @@ jobs:
           go-version: 1.18
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v6
-
+        with:
+          # There is a breaking change in 1.58 that causes the linter not to recognize 
+          # internal imports or standard library imports and results in linting errors
+          # that cannot be ignored.
+          # e.g certdb/certdb.go:5:2: could not import encoding/json (Config.Importer.Import(encoding/json) returned nil but no error) (typecheck)
+          version: v1.57

From a40f86c2accf3b46c04b7b3ed02135f98eb9210d Mon Sep 17 00:00:00 2001
From: Andrew Mitchell 
Date: Thu, 13 Feb 2025 20:59:15 -0500
Subject: [PATCH 72/73] Update repository to reflect required min go version of
 1.20

Resolves #1414
---
 .github/workflows/go.yml |  9 +++++----
 Dockerfile.alpine        |  2 +-
 README.md                | 29 +++--------------------------
 go.mod                   |  2 +-
 4 files changed, 10 insertions(+), 32 deletions(-)

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
index 491ad397f..e8effc22c 100644
--- a/.github/workflows/go.yml
+++ b/.github/workflows/go.yml
@@ -10,10 +10,11 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        # starting with go 1.24 the GODEBUG=x509sha1=1 flag has been removed. 
+        # starting with go 1.24 the GODEBUG=x509sha1=1 flag has been removed.
         # many tests rely on sha1 certificates. After resolving #1413 we can
-        # run these on stable and old stable again.
-        go: ['1.23', '1.22']
+        # run these on stable and oldstable again. Min version (1.20) can
+        # always be run.
+        go: ['1.23', '1.22', '1.20']
     services:
       # Label used to access the service container
       postgres:
@@ -76,7 +77,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-go@v5
         with:
-          go-version: 1.18
+          go-version: "1.20"
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v6
         with:
diff --git a/Dockerfile.alpine b/Dockerfile.alpine
index 76bf0afac..590166780 100644
--- a/Dockerfile.alpine
+++ b/Dockerfile.alpine
@@ -1,4 +1,4 @@
-FROM golang:1.16.15-alpine3.15@sha256:9743f230f26d1e300545f0330fd4a514f554c535d967563ee77bf634906502b6 as builder
+FROM golang:1.20-alpine AS builder
 
 WORKDIR /workdir
 COPY . /workdir
diff --git a/README.md b/README.md
index eedbf072b..8bd8e4502 100644
--- a/README.md
+++ b/README.md
@@ -8,7 +8,7 @@
 
 CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line
 tool and an HTTP API server for signing, verifying, and bundling TLS
-certificates. It requires Go 1.16+ to build.
+certificates. It requires Go 1.20+ to build.
 
 Note that certain linux distributions have certain algorithms removed
 (RHEL-based distributions in particular), so the golang from the
@@ -30,7 +30,7 @@ CFSSL consists of:
 ### Building
 
 Building cfssl requires a
-[working Go 1.16+ installation](http://golang.org/doc/install).
+[working Go 1.20+ installation](http://golang.org/doc/install).
 
 ```
 $ git clone git@github.com:cloudflare/cfssl.git
@@ -61,32 +61,9 @@ You can set the `GOOS` and `GOARCH` environment variables to have Go cross compi
 
 ### Installation
 
-Installation requires a [working Go 1.16+ installation](http://golang.org/doc/install).
+Installation requires a [working Go 1.20+ installation](http://golang.org/doc/install).
 Alternatively, [prebuilt binaries are available](https://github.com/cloudflare/cfssl/releases)
 
-```
-$ go get github.com/cloudflare/cfssl/cmd/cfssl
-```
-
-will download, build, and install the CFSSL tool.
-
-To install any of the other utility programs that are
-in this repo (for instance `cfssljson` in this case):
-
-```
-$ go get github.com/cloudflare/cfssl/cmd/cfssljson
-```
-
-This will download, build, and install the CFSSLJSON tool.
-
-And to simply install __all__ of the programs in this repo:
-
-```
-$ go get github.com/cloudflare/cfssl/cmd/...
-```
-
-if you are above go 1.18:
-
 ```
 $ go install github.com/cloudflare/cfssl/cmd/...@latest
 ```
diff --git a/go.mod b/go.mod
index db76ddb5f..a7c8e3441 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/cloudflare/cfssl
 
-go 1.18
+go 1.20
 
 require (
 	bitbucket.org/liamstask/goose v0.0.0-20150115234039-8488cc47d90c

From cd8a4ded61b2df01b3d520361d966c4e581bc02e Mon Sep 17 00:00:00 2001
From: Martin Schwarzl 
Date: Wed, 26 Feb 2025 11:23:57 +0100
Subject: [PATCH 73/73] ignore .git to .dockerignore

---
 .dockerignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.dockerignore b/.dockerignore
index 3f63ce68d..9cf07a9f0 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -2,3 +2,4 @@ cfssl_*
 *-amd64
 *-386
 dist/*
+.git